Management Guide FXC9012F Management Guide FXC9012F Management Guide FXC9012F
Transcript of Management Guide FXC9012F Management Guide FXC9012F Management Guide FXC9012F
Management GuideFXC9012F
Management GuideFXC9012F
Management GuideFXC9012F
Management GuideFXC9012F
Management GuideFXC9012F
Management GuideFXC9012F
Management GuideFXC9012F
Management GuideFXC9012F
Management GuideFXC9012F
Management GuideFXC9012F
Management GuideFXC9012F
Management GuideFXC9012F
Management GuideFXC9012F
Management Guide2008幎8æ Ver.1.0
FXC9012FManagement Guide
æ¬ããã¥ã¢ã«ã«ã€ããŠ
æ¬ããã¥ã¢ã«ã§ã¯ãFXC9012Fã®åçš®èšå®ããã³ã·ã¹ãã ã®ç£èŠæé ã«ã€ããŠèª¬æããŸããæ¬è£œåã®èšå®ããã³ç£èŠã¯ãRS-232Cã·ãªã¢ã«ããŒããŸãã¯ãã€ãŒãµãããããŒãã«èšå®ãç£èŠçšã®ç«¯æ«æ¥ç¶ããŠãCLI ïŒã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ïŒãŸãã¯Webãã©ãŠã¶ã§è¡ããŸãã
FXC9012F
FXC9012F
補ååãæ±ãæã®ã泚æ
ãã®åºŠã¯ããè²·ãäžãããã ããŸããŠããããšãããããŸãã補åãå®å šã«ã䜿ãããã ããããå¿ ãæåã«ãèªã¿ãã ããã
äžèšäºé ã¯ãå®å šã®ããã«å¿ ããå®ããã ããã
å®å šã®ããã®æ³šæäºé ãå®ã
泚æäºé ããããèªã¿ãã ããã補åå šè¬ã®æ³šæäºé ãèšèŒãããŠããŸãã
æ éããã䜿ããªã
ããã«è²©å£²åºãŸã§ä¿®çããäŸé Œãã ããã
äžäžç°åžžãèµ·ããã
ç ãåºãã
ç°åžžãªé³ãã«ãããããã
å éšã«æ°Žã»ç°ç©ãå ¥ã£ãã
補åãé«æããèœãšããããç Žæãããšã
â é»æºãåãïŒé»æºã³ãŒããæãïŒâ¡æ¥ç¶ã±ãŒãã«ãæãâ¢è²©å£²åºã«ä¿®çãäŸé Œãã
PL-1 FXC9012F
補ååãæ±ãæã®ã泚æ
äžèšã®æ³šæäºé ãå®ããªããšãç«çœã»æé»ãªã©ã«ããæ»äº¡ã倧ããã®åå ãšãªããŸãã
é»æºã±ãŒãã«ãæ¥ç¶ã±ãŒãã«ãå·ã€ããªã
é»æºã±ãŒãã«ãå·ã€ãããšç«çœãæé»ã®åå ãšãªããŸãã
éããã®ãã®ããããåŒã£åŒµã£ããããªãã
å å·¥ããããå·ã€ãããããªãã
ç±åšå ·ã®è¿ãã«é ç·ããããå ç±ãããããªãã
é»æºã±ãŒãã«ãæããšãã¯ãå¿ ããã©ã°ãæã£ãŠæãã
å éšã«æ°Žãç°ç©ãå ¥ããªã
ç«çœãæé»ã®åå ãšãªããŸãã
äžäžãæ°Žãç°ç©ãå ¥ã£ããšãã¯ãããã«é»æºãåãïŒé»æºã±ãŒãã«ãæãïŒã販売åºã«ç¹æ€ã»ä¿®çããäŸé Œãã ããã
å éšãããã¿ã«éããªã
æ¬äœåã³ä»å±ã®æ©åšïŒã±ãŒãã«å«ãïŒãããã¿ã«éãããæ¹é ããããããšãç«çœãæé»ã®åå ãšãªããŸãã
èœé·ãçºçãããããããªã
æé»ã®åå ãšãªããŸãããŸããèœé·ã®æãããããšãã¯ãé»æºã±ãŒãã«ãæ¥ç¶ã±ãŒãã«ãäºåã«æããŠãã ãããæ¬æ©ãç Žå£ãããåå ãšãªããŸãã
æ²¹ç ã湯æ°ã湿æ°ãã»ããã®å€ãå Žæã«ã¯èšçœ®ããªã
æ¬æžã«èšèŒãããŠãã䜿çšæ¡ä»¶ä»¥å€ã®ç°å¢ã§ã®ã䜿çšã¯ãç«çœãæé»ã®åå ãšãªããŸãã
PL-2FXC9012F
補ååãæ±ãæã®ã泚æ
äžèšã®æ³šæäºé ãå®ããªããšããããããåšèŸºã®ç©åã«æ害ãäžããåå ãšãªããŸãã
ã¬ããæã§é»æºãã©ã°ãã³ãã¯ã¿ã«è§Šããªã
æé»ã®åå ãšãªããŸãã
æå®ãããé»æºã³ãŒããæ¥ç¶ã±ãŒãã«ã䜿ã
ããã¥ã¢ã«ã«èšèŒãããŠããé»æºã±ãŒãã«ãæ¥ç¶ã±ãŒãã«ã䜿ããªããšãç«çœãæé»ã®åå ãšãªããŸãã
æå®ã®é»å§ã§äœ¿ã
ããã¥ã¢ã«ã«èšãããŠããé»å§ã®ç¯å²ã§äœ¿ããªããšãç«çœãæé»ã®åå ãšãªããŸãã
ã³ã³ã»ã³ããé ç·åšå ·ã®å®æ Œãè¶ ãããããªæ¥ç¶ã¯ããªã
çºç±ã«ããç«çœã®åå ãšãªããŸãã
é颚åããµãããªã
é颚åããµããã§ããŸããšãå éšã«ç±ãããããç«çœãæ éã®åå ãšãªããŸãããŸãã颚éããããããããã«æ¬¡ã®äºé ããå®ããã ãããæ¯è¶³ã®é·ããžã¥ãŠã¿ã³ãªã©ã®äžã«çŽæ¥èšçœ®ããªãã
åžãªã©ã§ãããŸãªãã
移åããããšãã¯ãé»æºã±ãŒãã«ãæ¥ç¶ã±ãŒãã«ãæã
æ¥ç¶ãããŸãŸç§»åããããšãé»æºã±ãŒãã«ãå·ã€ããç«çœãæé»ã®åå ãšãªããŸãã
PL-3 FXC9012F
補ååãæ±ãæã®ã泚æ
PL-4FXC9012F
ç®æ¬¡
ç®æ¬¡
1. æ¬æ©ã®ç®¡ç...........................................................................................................1
1.1 æ¬æ©ãžã®æ¥ç¶ .............................................................................................................. 11.1.1 èšå®æ¹æ³ ........................................................................................................................... 1
1.1.2 æ¥ç¶æé ........................................................................................................................... 1
1.1.3 ãªã¢ãŒãæ¥ç¶ .................................................................................................................... 2
1.2 åºæ¬èšå® ..................................................................................................................... 31.2.1 ã³ã³ãœãŒã«æ¥ç¶ ................................................................................................................ 3
1.2.2 ãã¹ã¯ãŒãã®èšå® ............................................................................................................. 3
1.2.3 IPã¢ãã¬ã¹ã®èšå® ............................................................................................................ 4æåèšå® ...................................................................................................................................... 4
åçèšå® ...................................................................................................................................... 5
1.2.4 SNMP管çã¢ã¯ã»ã¹ãæå¹ã«ãã ................................................................................... 6ã³ãã¥ããã£åïŒCommunity StringsïŒ........................................................................................ 6
ãã©ããã»ã¬ã·ãŒãïŒTrap ReceiversïŒ...................................................................................... 7
SNMPv3ã¢ã¯ã»ã¹ã®èšå® ............................................................................................................ 7
1.2.5 èšå®æ å ±ã®ä¿å ................................................................................................................ 8
1.3 ã·ã¹ãã ãã¡ã€ã«ã®ç®¡ç............................................................................................ 9
2. Webã€ã³ã¿ãã§ãŒã¹ .........................................................................................10
2.1 Webã€ã³ã¿ãã§ãŒã¹ãžã®æ¥ç¶ ................................................................................. 10
2.2 Webã€ã³ã¿ãã§ãŒã¹ã®æäœæ¹æ³.............................................................................. 112.2.1 ããŒã ããŒãž .................................................................................................................. 11
2.2.2 èšå®ãªãã·ã§ã³ .............................................................................................................. 11
2.2.3 ããã«ã®è¡šç€º .................................................................................................................. 12
2.2.4 ã¡ã€ã³ã¡ãã¥ãŒ .............................................................................................................. 12
2.3 åºæ¬èšå® ................................................................................................................... 132.3.1 ã·ã¹ãã æ å ±ã®è¡šç€º ....................................................................................................... 13
2.3.2 ããŒããŠã§ã¢åã³ãœãããŠã§ã¢ããŒãžã§ã³ã®è¡šç€º ........................................................ 14
2.3.3 ããªããžæ¡åŒµæ©èœã®è¡šç€º ................................................................................................ 15
2.3.4 IPã¢ãã¬ã¹ã®èšå® .......................................................................................................... 16æåã§ã® IPã¢ãã¬ã¹ã®èšå® ...................................................................................................... 17
DHCPå㯠BOOTPã«ãã IPã¢ãã¬ã¹ã®èšå®......................................................................... 18
DHCPã®æŽæ°............................................................................................................................. 19
2.3.5 ãã¡ãŒã ãŠã§ã¢ã®ç®¡ç.................................................................................................... 20ã·ã¹ãã ãœãããŠã§ã¢ã®ããŠã³ããŒã ..................................................................................... 20
2.3.6 èšå®æ å ±ãã¡ã€ã«ã®ä¿åã»åŸ©å ..................................................................................... 21èšå®æ å ±ãã¡ã€ã«ã®ããŠã³ããŒã............................................................................................. 22
i FXC9012F
ç®æ¬¡
2.3.7 Event Loggingã®èšå® ..................................................................................................... 23ãã°ã¡ãã»ãŒãžã®è¡šç€º............................................................................................................... 23
syslogã®èšå®............................................................................................................................. 23
ãªã¢ãŒããã°ã®èšå® .................................................................................................................. 25
2.3.8 åèµ·å ............................................................................................................................. 26
2.3.9 ã·ã¹ãã ã¯ããã¯èšå®.................................................................................................... 26SNTPèšå® ................................................................................................................................. 26
ã¿ã€ã ãŸãŒã³ã®èšå® .................................................................................................................. 27
2.4 SNMP....................................................................................................................... 28
2.4.1 ã³ãã¥ããã£åã®èšå®.................................................................................................... 28
2.4.2 ãã©ãããããŒãžã£ã»ãã©ããã¿ã€ãã®æå®................................................................ 29
2.4.3 SNMPãšãŒãžã§ã³ããæå¹ã«ãã ................................................................................. 31
2.4.4 SNMPv3ãããŒãžã¡ã³ãã¢ã¯ã»ã¹ã®èšå® ...................................................................... 31ããŒã«ã«ãšã³ãžã³ IDã®èšå®...................................................................................................... 31
ãªã¢ãŒããšã³ãžã³ IDã®èšå®...................................................................................................... 32
SNMPv3ãŠãŒã¶ãŒã®èšå® .......................................................................................................... 34
SNMPv3ã°ã«ãŒãã®èšå® .......................................................................................................... 35
SNMPv3ãã¥ãŒã®èšå® .............................................................................................................. 37
2.5 ãŠãŒã¶èªèšŒ ............................................................................................................... 392.5.1 ãŠãŒã¶ã¢ã«ãŠã³ãã®èšå® ................................................................................................ 39
2.5.2 ããŒã«ã« /ãªã¢ãŒãèªèšŒãã°ãªã³èšå® ........................................................................... 41
2.5.3 HTTPSèšå® .................................................................................................................... 44ãµã€ã蚌ææžã®èšå®å€æŽ ........................................................................................................... 45
2.5.4 Secure Shellèšå® ........................................................................................................... 45SSHãµãŒãèšå® ........................................................................................................................ 47
ãã¹ãããŒãã¢ã®çæ............................................................................................................... 48
2.5.5 ããŒãã»ãã¥ãªãã£ã®èšå® ............................................................................................ 49
2.5.6 802.1xããŒãèªèšŒ .......................................................................................................... 51802.1xã°ããŒãã«ã»ããã£ã³ã°ã®è¡šç€º..................................................................................... 52
802.1xã°ããŒãã«ã»ããã£ã³ã° ............................................................................................... 53
802.1XèªèšŒããŒãèšå® ............................................................................................................. 54
IEEE802.1xçµ±èšæ å ±ã®è¡šç€º...................................................................................................... 56
2.5.7 管çã¢ãã¬ã¹ã®ã¢ãã¬ã¹ãã£ã«ã¿ãªã³ã° ....................................................................... 57
2.6 ACL ïŒAccess Control ListsïŒ................................................................................ 592.6.1 ACLã®èšå® ..................................................................................................................... 59
ACLåããã³ã¿ã€ãã®èšå®....................................................................................................... 60
Standard IP ACLã®èšå® ............................................................................................................ 61
Extended IP ACLã®èšå® ........................................................................................................... 62
MAC ACLã®èšå® ....................................................................................................................... 63
2.6.2 ãã¹ã¯ã®èšå® .................................................................................................................. 65ACLãã¹ã¯ã®èšå® ..................................................................................................................... 65
IP ACLãã¹ã¯ã®èšå®................................................................................................................. 66
MAC ACLãã¹ã¯ã®èšå® ............................................................................................................ 68
iiFXC9012F
ç®æ¬¡
2.6.3 ACLãžã®ããŒãã®ãã€ã³ã............................................................................................ 69
2.7 ããŒãèšå® ............................................................................................................... 702.7.1 æ¥ç¶ç¶æ³ã®è¡šç€º .............................................................................................................. 70
2.7.2 ã€ã³ã¿ãã§ãŒã¹æ¥ç¶ã®èšå® ............................................................................................ 72
2.7.3 ãã©ã³ã¯ã°ã«ãŒãã®èšå® ................................................................................................ 74éçãã©ã³ã¯ã®èšå® .................................................................................................................. 75
LACPèšå® ................................................................................................................................. 76
2.7.4 ãããŒããã£ã¹ãã¹ããŒã ãããå€ã®èšå® ................................................................... 77
2.7.5 ããŒããã©ãŒãªã³ã°ã®èšå® ............................................................................................ 78
2.7.6 垯åå¶åŸ¡ ......................................................................................................................... 79
2.7.7 ããŒãçµ±èšæ å ±è¡šç€º ....................................................................................................... 80
2.8 ã¢ãã¬ã¹ããŒãã«..................................................................................................... 832.8.1 åçã¢ãã¬ã¹ããŒãã«ã®èšå® ......................................................................................... 83
2.8.2 ã¢ãã¬ã¹ããŒãã«ã®è¡šç€º ................................................................................................ 84
2.8.3 ãšãŒãžã³ã°ã¿ã€ã ã®å€æŽ ................................................................................................ 85
2.9 ã¹ããã³ã°ããªãŒã¢ã«ãŽãªãºã ............................................................................... 862.9.1 ã°ããŒãã«èšå®ã®è¡šç€º.................................................................................................... 87
2.9.2 ã°ããŒãã«èšå® .............................................................................................................. 88
2.9.3 ã€ã³ã¿ãã§ãŒã¹èšå®ã®è¡šç€º ............................................................................................ 91
2.9.4 ã€ã³ã¿ãã§ãŒã¹èšå® ....................................................................................................... 93
2.9.5 MSTPèšå® ..................................................................................................................... 95
2.9.6 MSTPã€ã³ã¿ãã§ãŒã¹èšå®ã®è¡šç€º ................................................................................. 97
2.9.7 MSTPã€ã³ã¿ãã§ãŒã¹ã®èšå®......................................................................................... 98
2.10 VLAN...................................................................................................................... 100VLANãžããŒãã®å²ãåœãŠ ...................................................................................................... 100
ã¿ã°ä»ã»ã¿ã°ãªããã¬ãŒã ã®éä¿¡........................................................................................... 101
2.10.1 GVRPã®æå¹ã»ç¡å¹ïŒGlobal SettingïŒ......................................................................... 102
2.10.2 VLANåºæ¬æ å ±ã®è¡šç€º .................................................................................................. 102
2.10.3 çŸåšã® VLAN衚瀺 ........................................................................................................ 103
2.10.4 VLANã®äœæ ................................................................................................................ 104
2.10.5 VLANãžã®éçã¡ã³ããŒã®è¿œå ïŒVLAN IndexïŒ........................................................... 105
2.10.6 VLANãžã®éçã¡ã³ããŒã®è¿œå ïŒPort IndexïŒ.............................................................. 107
2.10.7 ã€ã³ã¿ãã§ãŒã¹ã® VLANåäœã®èšå®............................................................................ 108
2.10.8 ãã©ã€ããŒã VLANã®èšå® .......................................................................................... 109ãã©ã€ããŒã VLANã®æå¹å ................................................................................................. 109
ã¢ãããªã³ã¯ã»ããŠã³ãªã³ã¯ããŒãã®èšå® ............................................................................ 110
2.10.9 ãããã³ã« VLAN ......................................................................................................... 111ãããã³ã« VLANã°ã«ãŒãèšå®.............................................................................................. 111
ãããã³ã« VLANã€ã³ã¿ãã§ãŒã¹èšå® ................................................................................... 112
2.11 Class of ServiceïŒCoSïŒ....................................................................................... 1132.11.1 ã¬ã€ã€ 2ãã¥ãŒèšå® ..................................................................................................... 113
iii FXC9012F
ç®æ¬¡
ã€ã³ã¿ãã§ãŒã¹ãžã®ããã©ã«ããã©ã€ãªãªãã£ã®èšå® .......................................................... 113
Egressãã¥ãŒãžã® CoSå€ã®ãããã³ã°................................................................................. 114
CoSã®æå¹ /ç¡å¹ .................................................................................................................... 115
ãã¥ãŒã¢ãŒãã®éžæ ................................................................................................................ 115
ãã©ããã¯ã¯ã©ã¹ã®ãµãŒãã¹ãŠã§ã€ãèšå® ............................................................................ 116
2.11.2 ã¬ã€ã€ 3/4ãã©ã€ãªãªãã£ã®èšå® ................................................................................ 117CoSå€ãžã®ã¬ã€ã€ 3/4ãã©ã€ãªãªãã£ã®ãããã³ã° ............................................................. 117
IP Precedence/DSCPãã©ã€ãªãªãã£ã®éžæ ......................................................................... 117
IP Precedenceã®ãããã³ã°................................................................................................... 118
DSCPãã©ã€ãªãªãã£ã®ãããã³ã° ....................................................................................... 119
IP ããŒããã©ã€ãªãªãã£ã®ãããã³ã°................................................................................... 120
ACLãžã® CoSå€ã®ãããã³ã°................................................................................................ 121
2.11.3 ACLã«ãŒã«ã«åºã¥ããã©ã€ãªãªãã£ã®å€æŽ ................................................................ 122
2.12 ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã° ............................................................................. 1242.12.1 ã¬ã€ã€ 2ãIGMPïŒSnooping and QueryïŒ..................................................................... 124
IGMP Snooping Queryãã©ã¡ãŒã¿ã®èšå®............................................................................... 124
ãã«ããã£ã¹ãã«ãŒã¿ã«æ¥ç¶ãããã€ã³ã¿ãã§ãŒã¹ã®è¡šç€º ................................................... 126
ãã«ããã£ã¹ãã«ãŒã¿ã«æ¥ç¶ããã€ã³ã¿ãã§ãŒã¹ã®èšå®....................................................... 127
ãã«ããã£ã¹ããµãŒãã¹ã®ããŒãã¡ã³ããŒè¡šç€º ..................................................................... 128
ãã«ããã£ã¹ããµãŒãã¹ãžã®ããŒãã®æå® ............................................................................ 129
2.12.2 ã¬ã€ã€ 3 IGMP.............................................................................................................. 130IGMPã€ã³ã¿ãã§ãŒã¹ãã©ã¡ãŒã¿ã®èšå®................................................................................. 130
ãã«ããã£ã¹ãã°ã«ãŒãæ å ±ã®è¡šç€º ....................................................................................... 131
2.13 DNSïŒDomain Name ServiceïŒ............................................................................. 1332.13.1 DNSãµãŒãã¹ã®äžè¬èšå®............................................................................................. 133
2.13.2 éç DNSãã¹ãã®ã¢ãã¬ã¹ãšã³ã㪠.......................................................................... 134
2.13.3 DNSãã£ãã·ã¥ã®è¡šç€º ................................................................................................ 135
2.14 DHCPãµãŒã ......................................................................................................... 1362.14.1 DHCPãªã¬ãŒãµãŒãã¹ã®èšå® ...................................................................................... 136
2.14.2 DHCPãµãŒãã®èšå® ..................................................................................................... 137
2.14.3 ã¢ãã¬ã¹ããŒã«ã®èšå®.................................................................................................. 138
2.14.4 ã¢ãã¬ã¹ãã€ã³ãã£ã³ã°ã®è¡šç€º ................................................................................... 139
2.15 ã«ãŒã¿åé· ............................................................................................................. 1402.15.1 VRRP............................................................................................................................ 140
VRRPã°ã«ãŒãã®èšå®............................................................................................................. 140
2.15.2 VRRP............................................................................................................................ 142
VRRPã°ããŒãã«æ å ±ã®è¡šç€º.................................................................................................. 142
VRRPã°ã«ãŒãæ å ±ã®è¡šç€º ..................................................................................................... 142
2.16 IPã«ãŒãã£ã³ã° ..................................................................................................... 1432.16.1 IPã¹ã€ããã³ã°............................................................................................................ 143
ã«ãŒãã£ã³ã°ãã¹ã®ç®¡ç ......................................................................................................... 144
ã«ãŒãã£ã³ã°ãããã³ã« ......................................................................................................... 144
ivFXC9012F
ç®æ¬¡
IPã€ã³ã¿ãã§ãŒã¹ã®åºæ¬çãªèšå® .......................................................................................... 144
IPã«ãŒãã£ã³ã°ã€ã³ã¿ãã§ãŒã¹ã®èšå® ................................................................................... 146
2.16.2 ARP .............................................................................................................................. 148
ARPã®åºæ¬çãªèšå® ............................................................................................................... 149
éç㪠ARPã¢ãã¬ã¹ã®èšå® ................................................................................................... 150
åçã«åŠç¿ããã ARPãšã³ããªã®è¡šç€º ................................................................................. 151
ããŒã«ã«ãª ARPãšã³ããªã®è¡šç€º ............................................................................................ 152
ARPã®çµ±èšæ å ± ...................................................................................................................... 152
2.16.3 IPãããã³ã«ã®çµ±èšæ å ±ã®è¡šç€º .................................................................................. 153IPã®çµ±èšæ å ± .......................................................................................................................... 153
ICMPã®çµ±èšæ å ±..................................................................................................................... 155
UDPã®çµ±èšæ å ± ...................................................................................................................... 156
TCPã®çµ±èšæ å ±....................................................................................................................... 156
2.16.4 éçãªçµè·¯ã®èšå® ......................................................................................................... 157
ã«ãŒãã£ã³ã°ããŒãã«ã®è¡šç€º.................................................................................................. 158
2.16.5 RIPã®èšå® .................................................................................................................... 159RIPã®èšå® ............................................................................................................................... 160
RIPããµããŒãããããããã¯ãŒã¯ã€ã³ã¿ãã§ãŒã¹ã®æå® ................................................... 161
åãããã¯ãŒã¯ã€ã³ã¿ãã§ãŒã¹ãžã® RIPã®èšå® .................................................................... 162
ãããã³ã«ã¡ãã»ãŒãžã®èªèšŒ.................................................................................................. 163
RIPã®æ å ±ãšçµ±èšæ å ±ã®è¡šç€º .................................................................................................. 165
2.16.6 OSPFã®èšå® ................................................................................................................ 166OSPFã®èšå® ........................................................................................................................... 166
OSPFãšãªã¢ã®èšå® ................................................................................................................ 167
OSPFãšãªã¢ã¬ã³ãžã®èšå®...................................................................................................... 168
OSPFã€ã³ã¿ãã§ãŒã¹ã®èšå® .................................................................................................. 169
ããŒãã£ã«ãªã³ã¯ã®èšå® ......................................................................................................... 170
ãããã¯ãŒã¯ãšãªã¢ã¢ãã¬ã¹ã®èšå® ....................................................................................... 171
ãµããªã¢ãã¬ã¹ã®èšå®............................................................................................................. 172
å€éšã«ãŒãã®åé åž ................................................................................................................ 173
NSSAã®èšå® ........................................................................................................................... 174
ãªã³ã¯ã¹ããŒãããŒã¿ããŒã¹æ å ±ã®è¡šç€º................................................................................ 175
ããŒããŒã«ãŒã¿æ å ±ã®è¡šç€º ..................................................................................................... 176
é£æ¥ã«ãŒã¿æ å ±ã®è¡šç€º............................................................................................................. 177
2.17 ãã«ããã£ã¹ãã«ãŒãã£ã³ã°................................................................................. 1782.17.1 ãã«ããã£ã¹ãã«ãŒãã£ã³ã°ã®ã°ããŒãã«èšå® .......................................................... 178
ãã«ããã£ã¹ãã«ãŒãã£ã³ã°ããŒãã«ã®è¡šç€º......................................................................... 178
2.17.2 DVMRPã®èšå® ............................................................................................................. 179ã°ããŒãã« DVMRPã®èšå® ..................................................................................................... 179
DVMRPã€ã³ã¿ãã§ãŒã¹ã®èšå® ............................................................................................... 180
é£æ¥ã«ãŒã¿æ å ±ã®è¡šç€º............................................................................................................. 181
ã«ãŒãã£ã³ã°ããŒãã«ã®è¡šç€º.................................................................................................. 182
2.17.3 PIM-DMã®èšå®............................................................................................................. 183PIM-DMã°ããŒãã«èšå® ......................................................................................................... 183
PIM-DMã€ã³ã¿ãã§ãŒã¹èšå® .................................................................................................. 183
v FXC9012F
ç®æ¬¡
ã€ã³ã¿ãã§ãŒã¹æ å ±ã®è¡šç€º ..................................................................................................... 184
é£æ¥ã«ãŒã¿æ å ±ã®è¡šç€º............................................................................................................. 184
3. ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ ......................................................................186
3.1 ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã®å©çš .................................................................. 1863.1.1 ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãžã®ã¢ã¯ã»ã¹.............................................................. 186
3.1.2 ã³ã³ãœãŒã«æ¥ç¶ ............................................................................................................ 186
3.1.3 Telnetæ¥ç¶ ................................................................................................................... 187
3.2 ã³ãã³ãå ¥å .......................................................................................................... 1883.2.1 ããŒã¯ãŒããšåŒæ° ......................................................................................................... 188
3.2.2 ã³ãã³ãã®çç¥ ............................................................................................................ 188
3.2.3 ã³ãã³ãã®è£å® ............................................................................................................ 188
3.2.4 ã³ãã³ãäžã§ã®ãã«ãã®è¡šç€º ....................................................................................... 189ã³ãã³ãã®è¡šç€º ....................................................................................................................... 189
3.2.5 ããŒã¯ãŒãã®æ€çŽ¢ ......................................................................................................... 190
3.2.6 ã³ãã³ãã®ãã£ã³ã»ã«.................................................................................................. 190
3.2.7 ã³ãã³ãå ¥åå±¥æŽã®å©çš .............................................................................................. 190
3.2.8 ã³ãã³ãã¢ãŒã ............................................................................................................ 191
3.2.9 Execã³ãã³ã .............................................................................................................. 191
3.2.10 Configuration ã³ãã³ã ................................................................................................. 192
3.2.11 ã³ãã³ãã©ã€ã³ããã»ã¹ .............................................................................................. 193
3.3 ã³ãã³ãã°ã«ãŒã................................................................................................... 194
3.4 Line ïŒã©ã€ã³ã³ãã³ãïŒ........................................................................................ 195Line.......................................................................................................................................... 196
login ......................................................................................................................................... 197
password ................................................................................................................................. 198
timeout login response ............................................................................................................ 199
exec-timeout ............................................................................................................................ 200
password-thresh ...................................................................................................................... 201
silent-time ................................................................................................................................ 202
databits .................................................................................................................................... 203
parity........................................................................................................................................ 204
speed....................................................................................................................................... 205
stopbits .................................................................................................................................... 206
disconnect ............................................................................................................................... 206
show line.................................................................................................................................. 207
3.5 GeneralïŒäžè¬ã³ãã³ãïŒ....................................................................................... 208enable...................................................................................................................................... 208
disable ..................................................................................................................................... 209
configure.................................................................................................................................. 209
show history............................................................................................................................. 210
reload....................................................................................................................................... 211
viFXC9012F
ç®æ¬¡
end........................................................................................................................................... 211
exit ........................................................................................................................................... 212
quit ........................................................................................................................................... 212
3.6 ã·ã¹ãã 管ç .......................................................................................................... 2133.6.1 Device Designationã³ãã³ã ....................................................................................... 213
prompt ..................................................................................................................................... 214
hostname................................................................................................................................. 214
3.6.2 ãŠãŒã¶ãŒã¢ã¯ã»ã¹ã³ãã³ã .......................................................................................... 215username................................................................................................................................. 215
enable password ..................................................................................................................... 216
3.6.3 IPãã£ã«ã¿ãŒã³ãã³ã ................................................................................................. 217management............................................................................................................................ 217
show management .................................................................................................................. 218
3.6.4 Web ãµãŒããŒã³ãã³ã ................................................................................................ 219ip http port................................................................................................................................ 219
ip http server............................................................................................................................ 220
ip http secure-server................................................................................................................ 221
ip http secure-port.................................................................................................................... 222
3.6.5 Telnet ãµãŒããŒã³ãã³ã.............................................................................................. 223ip telnet port............................................................................................................................. 223
ip telnet server ......................................................................................................................... 224
3.6.6 Secure Shellã³ãã³ã .................................................................................................. 225ip ssh server ............................................................................................................................ 228
ip ssh timeout .......................................................................................................................... 229
ip ssh authentication-retries..................................................................................................... 230
ip ssh server-key size .............................................................................................................. 230
delete public-key...................................................................................................................... 231
ip ssh crypto host-key generate............................................................................................... 232
ip ssh crypto zeroize................................................................................................................ 233
ip ssh save host-key ................................................................................................................ 233
show ip ssh.............................................................................................................................. 234
show ssh.................................................................................................................................. 234
show public-key ....................................................................................................................... 235
3.6.7 Event Loggingã³ãã³ã ............................................................................................... 236logging on ................................................................................................................................ 236
logging history ......................................................................................................................... 237
logging host ............................................................................................................................. 238
logging facility .......................................................................................................................... 238
logging trap.............................................................................................................................. 239
clear logging ............................................................................................................................ 240
show logging............................................................................................................................ 241
show log .................................................................................................................................. 243
3.6.8 SMTPã¢ã©ãŒãã³ãã³ã .............................................................................................. 244logging sendmail host.............................................................................................................. 244
logging sendmail level ............................................................................................................. 245
vii FXC9012F
ç®æ¬¡
logging sendmail source-email ................................................................................................ 245
logging sendmail destination-email ......................................................................................... 246
logging sendmail...................................................................................................................... 246
show logging sendmail ............................................................................................................ 247
3.6.9 Timeã³ãã³ã .............................................................................................................. 248sntp client ................................................................................................................................ 248
sntp server............................................................................................................................... 249
sntp poll ................................................................................................................................... 250
show sntp ................................................................................................................................ 250
clock timezone......................................................................................................................... 251
calendar set ............................................................................................................................. 252
show calendar ......................................................................................................................... 252
3.6.10 ã·ã¹ãã æ å ±ã®è¡šç€º ..................................................................................................... 253show startup-config ................................................................................................................. 253
show running-config ................................................................................................................ 255
show system............................................................................................................................ 257
show users .............................................................................................................................. 258
show version............................................................................................................................ 259
3.6.11 ãã¬ãŒã ãµã€ãºã³ãã³ã .............................................................................................. 260jumbo frame............................................................................................................................. 260
3.7 ãã¡ã€ã«ç®¡çïŒ Flash/File ïŒ.................................................................................. 261copy ......................................................................................................................................... 262
delete....................................................................................................................................... 265
dir............................................................................................................................................. 266
whichboot ................................................................................................................................ 267
boot system ............................................................................................................................. 268
3.8 ãŠãŒã¶èªèšŒ ............................................................................................................. 2693.8.1 èªèšŒã³ãã³ã ................................................................................................................ 270
Authentication login ................................................................................................................. 270
3.8.2 authentication enableã³ãã³ã .................................................................................... 271
3.8.3 Radiusã¯ã©ã€ã¢ã³ãã³ãã³ã ..................................................................................... 272radius-server host .................................................................................................................... 273
radius-server port .................................................................................................................... 274
radius-server key ..................................................................................................................... 274
radius-server retransmit........................................................................................................... 275
radius-server timeout............................................................................................................... 275
show radius-server .................................................................................................................. 276
3.8.4 TACACS+ã¯ã©ã€ã¢ã³ãã³ãã³ã ................................................................................ 277tacacs-server host ................................................................................................................... 277
tacacs-server port .................................................................................................................... 278
tacacs-server key .................................................................................................................... 278
show tacacs-server.................................................................................................................. 279
3.8.5 ããŒãã»ãã¥ãªãã£ã³ãã³ã ....................................................................................... 280port security ............................................................................................................................. 280
viiiFXC9012F
ç®æ¬¡
3.8.6 802.1x ããŒãèªèšŒã³ãã³ã ......................................................................................... 282authentication dot1x default..................................................................................................... 282
dot1x default ............................................................................................................................ 283
dot1x max-req.......................................................................................................................... 283
dot1x port-control..................................................................................................................... 284
dot1x operation-mode.............................................................................................................. 285
dot1x re-authenticate............................................................................................................... 286
dot1x re-authentication ............................................................................................................ 286
dot1x timeout quiet-period ....................................................................................................... 287
dot1x timeout re-authperiod..................................................................................................... 287
dot1x timeout tx-period ............................................................................................................ 288
show dot1x .............................................................................................................................. 289
3.9 ACLïŒAccess Control ListsïŒ............................................................................... 2913.9.1 IP ACLã³ãã³ã ........................................................................................................... 292
access-list ip ............................................................................................................................ 293
permit,denyïŒStandard ACLïŒ.................................................................................................. 294
permit,denyïŒExtended ACLïŒ................................................................................................. 295show ip access-list................................................................................................................... 296
access-list ip mask-precedence .............................................................................................. 297
mask ........................................................................................................................................ 298
show access-list ip mask-precedence ..................................................................................... 302
ip access-group ....................................................................................................................... 303
show ip access-group.............................................................................................................. 303
map access-list ip .................................................................................................................... 304
show map access-list ip........................................................................................................... 305
match access-list ip ................................................................................................................. 306
show marking .......................................................................................................................... 307
3.9.2 MAC ACLã³ãã³ã ...................................................................................................... 308access-list mac ........................................................................................................................ 308
permit,denyïŒMAC ACLïŒ........................................................................................................ 309
show mac access-list............................................................................................................... 311
mac access-group ................................................................................................................... 311
show mac access-group.......................................................................................................... 312
3.9.3 ACLæ å ±ã®è¡šç€º............................................................................................................ 313show access-list ...................................................................................................................... 313
show access-group.................................................................................................................. 313
3.10 SNMP..................................................................................................................... 314snmp-server............................................................................................................................. 314
show snmp .............................................................................................................................. 315
snmp-server community .......................................................................................................... 316
snmp-server contact ................................................................................................................ 317
snmp-server location ............................................................................................................... 317
snmp-server host ..................................................................................................................... 318
snmp-server enable traps........................................................................................................ 320
ix FXC9012F
ç®æ¬¡
snmp-server engine-id............................................................................................................. 321
show snmp engine-id............................................................................................................... 322
snmp-server view .................................................................................................................... 323
show snmp view ...................................................................................................................... 324
snmp-server group .................................................................................................................. 325
show snmp group .................................................................................................................... 326
snmp-server user..................................................................................................................... 328
show snmp user ...................................................................................................................... 329
3.11 DHCP ..................................................................................................................... 3303.11.1 DHCP Client ................................................................................................................. 330
ip dhcp client-identifier ............................................................................................................. 330
ip dhcp restart client ................................................................................................................ 331
3.11.2 DHCP Relay ................................................................................................................. 332
ip dhcp restart relay ................................................................................................................. 332
ip dhcp relay server ................................................................................................................. 333
3.11.3 DHCP Server ................................................................................................................ 334
service dhcp ............................................................................................................................ 335
ip dhcp excluded-address........................................................................................................ 335
ip dhcp pool ............................................................................................................................. 336
netowork .................................................................................................................................. 336
default-router ........................................................................................................................... 337
domain-name........................................................................................................................... 337
dns-server................................................................................................................................ 338
next-server............................................................................................................................... 338
bootfile ..................................................................................................................................... 339
netbios-name-server................................................................................................................ 340
netbios-node-type.................................................................................................................... 341
lease ........................................................................................................................................ 342
host.......................................................................................................................................... 343
client-identifier ......................................................................................................................... 344
hardware-address.................................................................................................................... 345
clear ip dhcp binding................................................................................................................ 346
show ip dhcp binding ............................................................................................................... 346
3.12 DNSïŒDomain Name Server) ............................................................................... 347ip host ...................................................................................................................................... 348
clear host ................................................................................................................................. 349
ip domain-name....................................................................................................................... 350
ip domain-list ........................................................................................................................... 351
ip name-server......................................................................................................................... 352
ip domain-lookup ..................................................................................................................... 353
show hosts............................................................................................................................... 354
show dns ................................................................................................................................. 354
show dns cache....................................................................................................................... 355
clear dns cache ....................................................................................................................... 355
xFXC9012F
ç®æ¬¡
3.13 ã€ã³ã¿ãã§ãŒã¹ ...................................................................................................... 356interface................................................................................................................................... 357
description ............................................................................................................................... 358
speed-duplex ........................................................................................................................... 359
negotiation ............................................................................................................................... 360
capabilities............................................................................................................................... 361
flow control .............................................................................................................................. 362
shutdown ................................................................................................................................. 363
switchport broadcast packet-rate............................................................................................. 364
clear counters .......................................................................................................................... 365
show interfaces status ............................................................................................................. 366
show interfaces counters......................................................................................................... 367
show interfaces switchport ...................................................................................................... 368
3.14 ããŒããã©ãŒãªã³ã° ............................................................................................... 370port monitor ............................................................................................................................. 370
show port monitor .................................................................................................................... 371
3.15 垯åå¶åŸ¡ ................................................................................................................. 372rate-limit ................................................................................................................................... 372
3.16 ãªã³ã¯ã¢ã°ãªã²ãŒã·ã§ã³........................................................................................ 373channel-group.......................................................................................................................... 374
lacp .......................................................................................................................................... 375
3.17 ã¢ãã¬ã¹ããŒãã«................................................................................................... 377mac-address-table static ......................................................................................................... 377
clear mac-address-table dynamic............................................................................................ 378
show mac-address-table ......................................................................................................... 380
mac-address-table aging-time ................................................................................................. 381
show mac-address-table aging-time........................................................................................ 381
3.18 ã¹ããã³ã°ããªãŒ................................................................................................... 382spanning-tree........................................................................................................................... 383
spanning-tree mode................................................................................................................. 384
spanning-tree forward-time...................................................................................................... 385
spanning-tree hello-time .......................................................................................................... 386
spanning-tree max-age............................................................................................................ 387
spanning-tree priority............................................................................................................... 388
spanning-tree pathcost method ............................................................................................... 389
spanning-tree transmission-limit .............................................................................................. 390
spanning-tree mst-configuration .............................................................................................. 390
mst vlan ................................................................................................................................... 391
mst priority ............................................................................................................................... 392
name........................................................................................................................................ 393
revision .................................................................................................................................... 394
max-hops................................................................................................................................. 395
spanning-tree spanning-disabled ............................................................................................ 395
xi FXC9012F
ç®æ¬¡
spanning-tree cost ................................................................................................................... 396
spanning-tree port-priority ....................................................................................................... 397
spanning-tree edge-port .......................................................................................................... 398
spanning-tree portfast.............................................................................................................. 399
spanning-tree link-type ............................................................................................................ 400
spanning-tree mst cost ............................................................................................................ 401
spanning-tree mst port-priority................................................................................................. 402
spanning-tree protocol-migration............................................................................................. 403
show spanning-tree ................................................................................................................. 404
show spanning-tree mst configuration..................................................................................... 406
3.19 VLAN...................................................................................................................... 407
3.19.1 GVRPã®èšå®................................................................................................................ 407bridge-ext gvrp......................................................................................................................... 408
show bridge-ext ....................................................................................................................... 409
switchport gvrp ........................................................................................................................ 409
show gvrp configuration........................................................................................................... 410
garp timer ................................................................................................................................ 411
show garp timer ....................................................................................................................... 412
3.19.2 VLANã°ã«ãŒãã®èšå® .................................................................................................. 413vlan database .......................................................................................................................... 413
vlan .......................................................................................................................................... 414
3.19.3 VLANã€ã³ã¿ãã§ãŒã¹ã®èšå® ....................................................................................... 415interface vlan ........................................................................................................................... 415
switchport mode ...................................................................................................................... 416
switchport acceptable-frame-types.......................................................................................... 417
switchport ingress-filtering ....................................................................................................... 418
switchport native vlan .............................................................................................................. 419
switchport allowed vlan............................................................................................................ 420
switchport forbidden vlan......................................................................................................... 421
3.19.4 VLANæ å ±ã®è¡šç€º ......................................................................................................... 422show vlan................................................................................................................................. 422
3.19.5 ãã©ã€ããŒã VLANã®èšå® .......................................................................................... 423pvlan ........................................................................................................................................ 423
show pvlan............................................................................................................................... 424
3.19.6 ãããã³ã« VLANã®èšå®.............................................................................................. 425protocol-vlan protocol-group (Configuring Groups) ................................................................. 426
protocol-vlan protocol-group (Configuring Interfaces) ............................................................. 427
show protocol-vlan protocol-group .......................................................................................... 428
show interfaces protocol-vlan protocol-group.......................................................................... 428
3.20 ãã©ã€ãªãªã㣠...................................................................................................... 4293.20.1 ãã©ã€ãªãªãã£ã³ãã³ãïŒLayer 2ïŒ............................................................................. 429
queue mode............................................................................................................................. 430
switchport priority default ......................................................................................................... 431
queue bandwidth ..................................................................................................................... 432
xiiFXC9012F
ç®æ¬¡
queue cos-map........................................................................................................................ 433
show queue mode ................................................................................................................... 434
show queue bandwidth............................................................................................................ 434
show queue cos-map .............................................................................................................. 435
3.20.2 ãã©ã€ãªãªãã£ã³ãã³ãïŒLayer 3 and 4ïŒ................................................................... 436map ip port............................................................................................................................... 436
map ip precedence .................................................................................................................. 437
map ip dscpïŒGlobal ConfigurationïŒ....................................................................................... 437
map ip dscpïŒinterface ConfigurationïŒ.................................................................................... 439show map ip port ..................................................................................................................... 440
show map ip precedence......................................................................................................... 440
show map ip dscp.................................................................................................................... 441
3.21 ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã° ............................................................................. 4433.21.1 IGMP Snooping ã³ãã³ã ............................................................................................. 443
ip igmp snooping ..................................................................................................................... 444
ip igmp snooping vlan static .................................................................................................... 445
ip igmp snooping version......................................................................................................... 446
show ip igmp snooping ............................................................................................................ 446
show mac-address-table multicast .......................................................................................... 448
3.21.2 IGMP Queryã³ãã³ãïŒLayer2ïŒ.................................................................................. 449ip igmp snooping querier ......................................................................................................... 449
ip igmp snooping query-coount ............................................................................................... 450
ip igmp snooping query-interval............................................................................................... 451
ip igmp snooping query-max-response-time ........................................................................... 452
ip igmp snooping router-port-expiretime.................................................................................. 453
3.21.3 éçãã«ããã£ã¹ãã«ãŒãã£ã³ã°ã³ãã³ã ................................................................. 454ip igmp snooping vlan mrouter ................................................................................................ 454
show ip igmp snooping mrouter............................................................................................... 455
3.21.4 IGMP Snooping ïŒã¬ã€ã€ 3ïŒã³ãã³ã ........................................................................ 456ip igmp ..................................................................................................................................... 457
ip igmp robustval ..................................................................................................................... 458
ip igmp query-interval .............................................................................................................. 459
ip igmp max-resp-interval ........................................................................................................ 460
ip igmp last-memb-query-interval ............................................................................................ 461
ip igmp version ........................................................................................................................ 462
show ip igmp interface............................................................................................................. 463
clear ip igmp group .................................................................................................................. 464
show ip igmp groups................................................................................................................ 465
3.22 IP ã€ã³ã¿ãã§ãŒã¹ .................................................................................................. 4663.22.1 åºæ¬ IPèšå® .................................................................................................................. 466
ip address ................................................................................................................................ 467
ip default-gateway ................................................................................................................... 468
ip dhcp restart .......................................................................................................................... 469
show ip interface...................................................................................................................... 470
show ip redirects...................................................................................................................... 470
ping.......................................................................................................................................... 471
xiii FXC9012F
ç®æ¬¡
3.23 IPã«ãŒãã£ã³ã° ..................................................................................................... 4723.23.1 ã°ããŒãã«ã«ãŒãã£ã³ã° .............................................................................................. 472
IP routing ................................................................................................................................. 473
ip route..................................................................................................................................... 474
clear ip route............................................................................................................................ 475
show ip route ........................................................................................................................... 476
show ip host-route ................................................................................................................... 477
show ip traffic........................................................................................................................... 478
3.23.2 RIP................................................................................................................................ 479router rip .................................................................................................................................. 479
timers basic ............................................................................................................................. 480
network .................................................................................................................................... 481
neighbor................................................................................................................................... 482
version ..................................................................................................................................... 482
redistribute............................................................................................................................... 483
ip rip receive version................................................................................................................ 484
ip rip send version ................................................................................................................... 485
ip split-horizon ......................................................................................................................... 486
ip rip authentication key........................................................................................................... 486
ip rip authentication mode ....................................................................................................... 487
show rip globals....................................................................................................................... 488
show ip rip ............................................................................................................................... 489
3.23.3 OSPF............................................................................................................................ 491
router ospf ............................................................................................................................... 493
router-id ................................................................................................................................... 494
compatible rfc1583 .................................................................................................................. 495
default-information originate .................................................................................................... 496
timers spf ................................................................................................................................. 497
area range ............................................................................................................................... 498
area default-cost...................................................................................................................... 499
summary-address.................................................................................................................... 500
redistribute............................................................................................................................... 501
network area............................................................................................................................ 502
area stub.................................................................................................................................. 503
area nssa................................................................................................................................. 504
area virtual-link ........................................................................................................................ 506
ip ospf authentication............................................................................................................... 508
ip ospf authentication-key ........................................................................................................ 509
ip ospf message-digest-key ..................................................................................................... 510
ip ospf cost .............................................................................................................................. 511
ip ospf dead-interval ................................................................................................................ 512
ip ospf hello-interval................................................................................................................. 513
ip ospf priority .......................................................................................................................... 513
ip ospf retransmit-interval ........................................................................................................ 514
ip ospf transmit-delay .............................................................................................................. 515
show ip ospf............................................................................................................................. 516
xivFXC9012F
ç®æ¬¡
show ip ospf border-routers ..................................................................................................... 517
show ip ospf database............................................................................................................. 518
show ip ospf interface .............................................................................................................. 525
show ip ospf neighbor.............................................................................................................. 526
show ip ospf summary-address ............................................................................................... 527
show ip ospf virtual-links.......................................................................................................... 527
3.24 ãã«ããã£ã¹ãã«ãŒãã£ã³ã°................................................................................. 5283.24.1 éçãã«ããã£ã¹ãã«ãŒãã£ã³ã°................................................................................ 529
ip igmp snooping vlan mrouter ................................................................................................ 529
show ip igmp snooping mrouter............................................................................................... 530
3.24.2 äžè¬ãã«ããã£ã¹ãã«ãŒãã£ã³ã°................................................................................ 531ip multicast-routing .................................................................................................................. 531
show ip mroute ........................................................................................................................ 532
3.24.3 DVMRP......................................................................................................................... 534
router dvmrp ............................................................................................................................ 535
probe-interval........................................................................................................................... 536
nbr-timeout .............................................................................................................................. 537
report-interval .......................................................................................................................... 537
flash-update-interval ................................................................................................................ 538
prune-lifetime........................................................................................................................... 538
default-gateway ....................................................................................................................... 539
ip dvmrp................................................................................................................................... 540
ip dvmrp metric ........................................................................................................................ 541
clear ip dvmrp route................................................................................................................. 541
show router dvmrp................................................................................................................... 542
show ip dvmrp route ................................................................................................................ 543
show ip dvmrp neighbor .......................................................................................................... 544
show ip dvmrp interface........................................................................................................... 544
3.24.4 PIM-DM ........................................................................................................................ 545
router pim ................................................................................................................................ 545
ip pim dense-mode .................................................................................................................. 546
ip pim hello-interval.................................................................................................................. 547
ip pim hello-holdtime................................................................................................................ 548
ip pim trigger-hello-interval ...................................................................................................... 549
ip pim join-prune-holdtime ....................................................................................................... 550
ip pim graft-retry-interval.......................................................................................................... 551
ip pim max-graft-retries............................................................................................................ 551
show router pim ....................................................................................................................... 552
show ip pim interface............................................................................................................... 552
show ip pim neighbor............................................................................................................... 553
3.25 VRRP .................................................................................................................... 554
3.25.1 ä»®æ³ã«ãŒã¿åé·æ§ãããã³ã«ïŒVRRPïŒã³ãã³ã ....................................................... 554vrrp ip....................................................................................................................................... 555
vrrp authentication key ............................................................................................................ 556
vrrp priority............................................................................................................................... 557
vrrp timers advertise ................................................................................................................ 558
xv FXC9012F
ç®æ¬¡
vrrp preempt ............................................................................................................................ 559
show vrrp ................................................................................................................................. 560
show vrrp interface ................................................................................................................. 562
show vrrp router counters........................................................................................................ 562
show vrrp interface counters ................................................................................................... 563
clear vrrp router counters ........................................................................................................ 564
clear vrrp interface counters .................................................................................................... 564
xviFXC9012F
æ¬æ©ã®ç®¡çæ¬æ©ãžã®æ¥ç¶
1.1 æ¬æ©ãžã®æ¥ç¶
1.1.1 èšå®æ¹æ³
FXC9012Fã¯ããããã¯ãŒã¯ç®¡çãšãŒãžã§ã³ããæèŒã SNMPãRMONãåã³Webã€ã³ã¿ãã§ãŒã¹ã«ãããããã¯ãŒã¯çµç±ã§ã®ç®¡çãè¡ãããšãã§ããŸãããŸããPCããæ¬æ©ã«çŽæ¥æ¥ç¶ãã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ (Command Line Interface/CLI)ãå©çšããèšå®åã³ç£èŠãè¡ãããšãå¯èœã§ãã
[泚æ ]ã åæèšå®ç¶æ ã§ã¯ãDHCPãµãŒããŒãã IP ã¢ãã¬ã¹ã®ååŸãè¡ãããèšå®ãããŠããŸãããã®èšå®ã®å€æŽãè¡ãã«ã¯ 1.2.3é ãIPã¢ãã¬ã¹ã®èšå®ããåç §ããŠäžããã
æ¬æ©ã«ã¯ç®¡ççšã®WebãµãŒããæèŒãããŠããŸããWebãã©ãŠã¶ããèšå®ãè¡ã£ããããããã¯ãŒã¯ã®ç¶æ ãç£èŠããããã®çµ±èšæ å ±ã確èªãããããããšãã§ããŸãããããã¯ãŒã¯ã«æ¥ç¶ããã PCäžã§åäœãããInternet Explorer 5.0以äžãããWebã€ã³ã¿ãã§ãŒã¹ã«ã¢ã¯ã»ã¹ããããšãã§ããŸãã
æ¬æ©ã® CLIãžã¯æ¬äœã®ã³ã³ãœãŒã«ããŒããžã®æ¥ç¶åã³ãããã¯ãŒã¯çµç±ã§ã® Telnetã«ããæ¥ç¶ã«ããã¢ã¯ã»ã¹ããããšãã§ããŸãã
æ¬æ©ã«ã¯ SNMP (Simple Network Management Protocol)ã«å¯Ÿå¿ãã管çãšãŒãžã§ã³ããæèŒãããŠããŸãããããã¯ãŒã¯ã«æ¥ç¶ãããã·ã¹ãã ã§åäœãããSNMPã«å¯Ÿå¿ãã管çãœãããããæ¬æ©ã® SNMPãšãŒãžã§ã³ãã«ã¢ã¯ã»ã¹ãèšå®ãªã©ãè¡ãããšãå¯èœã§ãã
1.1.2 æ¥ç¶æé
æ¬æ©ã®ã·ãªã¢ã«ããŒããš PCã RS-232Cã±ãŒãã«ãçšããŠæ¥ç¶ããæ¬æ©ã®èšå®åã³ç£èŠãè¡ãããšãã§ããŸãã
PCåŽã§ã¯ VT100æºæ ã®ã¿ãŒããã«ãœãããŠã§ã¢ãå©çšããŠäžãããPCãæ¥ç¶ããããã®RS-232Cã±ãŒãã«ã¯ãæ¬æ©ã«å梱ãããŠããã±ãŒãã«ã䜿çšããŠäžããã
æé :
ïŒ1ïŒRS-232Cã±ãŒãã«ã®äžæ¹ã PCã®ã·ãªã¢ã«ããŒãã«æ¥ç¶ããã³ãã¯ã¿éšåã®ãããå€ããªãããã«æ¢ããŸãã
ïŒ2ïŒRS-232Cã±ãŒãã«ã®ããäžæ¹ãæ¬æ©ã®ã³ã³ãœãŒã«ããŒãã«æ¥ç¶ããŸãã
ïŒ3ïŒããœã³ã³ã®ã¿ãŒããã«ãœãããŠã§ã¢ã®èšå®ã以äžã®éãè¡ã£ãŠãã ããã
éä¿¡ããŒã ----------- RS-232Cã±ãŒãã«ãæ¥ç¶ãããŠããããŒã
ããããããããããïŒCOMããŒã 1å㯠COMããŒã 2ïŒ
éä¿¡é床 -------------- 9600ã㌠(baud)
1. æ¬æ©ã®ç®¡ç
1 FXC9012F
æ¬æ©ã®ç®¡çæ¬æ©ãžã®æ¥ç¶
ããŒã¿ããã -------- 8bit
ã¹ãããããã ----- 1bit
ããªã㣠-------------- ãªã
ãããŒå¶åŸ¡ ----------- ãªã
ãšãã¥ã¬ãŒã·ã§ã³ -- VT100
ïŒ4ïŒäžèšã®æé ãæ£ããå®äºãããšãã³ã³ãœãŒã«ãã°ã€ã³ç»é¢ã衚瀺ãããŸãã
[ 泚æ ]ãã³ã³ãœãŒã«æ¥ç¶ã«é¢ããèšå®ã®è©³çŽ°ã¯ P195 ãLine ïŒã©ã€ã³ã³ãã³ãïŒããåç §ããŠäžãããCLIã®äœ¿ãæ¹ã¯ P186 ãã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ããåç §ããŠäžããããŸããCLI ã®å šã³ãã³ããšåã³ãã³ãã®äœ¿ãæ¹ã¯ P194 ãã³ãã³ãã°ã«ãŒãããåç §ããŠäžããã
1.1.3 ãªã¢ãŒãæ¥ç¶
ãããã¯ãŒã¯ãçµç±ããŠæ¬æ©ã«ã¢ã¯ã»ã¹ããå Žåã¯ãäºåã«ã³ã³ãœãŒã«æ¥ç¶å㯠DHCPãBOOTPã«ããæ¬æ©ã® IPã¢ãã¬ã¹ããµãããããã¹ã¯ãããã©ã«ãã²ãŒããŠã§ã€ãèšå®ããå¿ èŠããããŸãã
åæèšå®ã§ã¯æ¬æ©ã¯ DHCPãBOOTPãçšããŠèªåçã« IPã¢ãã¬ã¹ãååŸããŸããæåã§IPã¢ãã¬ã¹ã®èšå®ãè¡ãå Žåã®èšå®æ¹æ³ã¯ P4 ãIPã¢ãã¬ã¹ã®èšå®ããåç §ããŠäžããã
[ 泚æ ]ãæ¬æ©ã¯åæã«æ倧 4ã»ãã·ã§ã³ãŸã§ã® Telnet æ¥ç¶ãè¡ããŸããIP ã¢ãã¬ã¹ã®èšå®ãå®äºãããšããããã¯ãŒã¯äžã®ã©ã® PCãããæ¬æ©ã«ã¢ã¯ã»ã¹ããããšãã§ããŸããPCäžãã㯠TelnetãWebãã©ãŠã¶ããããã¯ãŒã¯ç®¡çãœããã䜿ãããšã«ããæ¬æ©ã«ã¢ã¯ã»ã¹ããããšãã§ããŸã(察å¿Webãã©ãŠã¶ã¯ Internet Explorer 5.0ãå㯠Netscape Navigator 6.2以äžã§ã )ã
[泚æ ]ãæ¬æ©ã«æèŒããã管çãšãŒãžã§ã³ãã§ã¯SNMP管çæ©èœã®èšå®é ç®ã«å¶éããããŸãããã¹ãŠã® SNMP 管çæ©èœãå©çšããå Žå㯠SNMPã«å¯Ÿå¿ãããããã¯ãŒã¯ç®¡çãœãããŠã§ã¢ã䜿çšããŠäžããã
2FXC9012F
æ¬æ©ã®ç®¡çåºæ¬èšå®
1.2 åºæ¬èšå®
1.2.1 ã³ã³ãœãŒã«æ¥ç¶
CLIã§ã¯ã²ã¹ãã¢ãŒã (normal access level/Normal Exec)ãšç®¡çè ã¢ãŒã (privileged access level/Privileged Exec)ã® 2ã€ã®ç°ãªãã³ãã³ãã¬ãã«ããããŸããã²ã¹ãã¢ãŒã (Normal Exec)ãå©çšããå Žåãå©çšã§ããæ©èœã¯æ¬æ©ã®èšå®æ å ±ãªã©ã®è¡šç€ºãšäžéšã®èšå®ã®ã¿ã«å¶éãããŸããæ¬æ©ã®ãã¹ãŠã®èšå®ãè¡ãããã«ã¯ç®¡çè ã¢ãŒã (Privileged Exec)ãå©çšãCLIã«ã¢ã¯ã»ã¹ããå¿ èŠããããŸãã
2ã€ã®ç°ãªãã³ãã³ãã¬ãã«ã¯ããŠãŒã¶åãšãã¹ã¯ãŒãã«ãã£ãŠåºå¥ãããŠããŸããåæèšå®ã§ã¯ããããã«ç°ãªããŠãŒã¶åãšãã¹ã¯ãŒããèšå®ãããŠããŸãã
管çè ã¢ãŒã (Privileged Exec)ã®åæèšå®ã®ãŠãŒã¶åãšãã¹ã¯ãŒããå©çšããæ¥ç¶æ¹æ³ã¯ä»¥äžã®éãã§ãã
ïŒ1ïŒã³ã³ãœãŒã«æ¥ç¶ãåæåãã<Enter>ããŒãæŒããŸãããŠãŒã¶èªèšŒãéå§ãããŸãã
ïŒ2ïŒãŠãŒã¶åå ¥åç»é¢ã§ "admin"ãšå ¥åããŸãã
ïŒ3ïŒãã¹ã¯ãŒãå ¥åç»é¢ã§ "admin"ãšå ¥åããŸãã(å ¥åãããã¹ã¯ãŒãã¯ç»é¢ã«è¡šç€ºãããŸãã )
ïŒ4ïŒç®¡çè ã¢ãŒã (Privileged Exec)ã§ã®ã¢ã¯ã»ã¹ãèš±å¯ãããç»é¢äžã« "Console#"ãšè¡šç€ºãè¡ãããŸãã
1.2.2 ãã¹ã¯ãŒãã®èšå®
[泚æ ]ãå®å šã®ãããæåã« CLIã«ãã°ã€ã³ããéã« "username"ã³ãã³ããçšããŠäž¡æ¹ã®ã¢ã¯ã»ã¹ã¬ãã«ã®ãã¹ã¯ãŒããå€æŽããããã«ããŠãã ããã
ãã¹ã¯ãŒãã¯æ倧 8æåã®è±æ°åã§ãã倧æåãšå°æåã¯åºå¥ãããŸãã
ãã¹ã¯ãŒãã®èšå®æ¹æ³ã¯ä»¥äžã®éãã§ãã
ïŒ1ïŒã³ã³ãœãŒã«ã«ã¢ã¯ã»ã¹ããåæèšå®ã®ãŠãŒã¶åãšãã¹ã¯ãŒã "admin"ãå ¥åããŠç®¡çè ã¢ãŒã (Privileged Exec)ã§ãã°ã€ã³ããŸãã
ïŒ2ïŒ"configure"ãšå ¥åã <Enter>ããŒãæŒããŸãã
ïŒ3ïŒ"username guest password 0 password" ãšå ¥åãã<Enter>ããŒãæŒããŸããPasswordéšåã«ã¯æ°ãããã¹ã¯ãŒããå ¥åããŸãã
ïŒ4ïŒ"username admin password 0 password" ãšå ¥åãã<Enter>ããŒãæŒããŸããPasswordéšåã«ã¯æ°ãããã¹ã¯ãŒããå ¥åããŸãã
[泚æ ]ã"0"ã¯å¹³æãã¹ã¯ãŒãã"7"ã¯æå·åããããã¹ã¯ãŒããå ¥åããŸãã
3 FXC9012F
æ¬æ©ã®ç®¡çåºæ¬èšå®
1.2.3 IPã¢ãã¬ã¹ã®èšå®
æ¬æ©ã®ç®¡çæ©èœã«ãããã¯ãŒã¯çµç±ã§ã¢ã¯ã»ã¹ããããã«ã¯ãIPã¢ãã¬ã¹ãèšå®ããå¿ èŠããããŸãã
IPã¢ãã¬ã¹ã®èšå®ã¯äžèšã®ã©ã¡ããã®æ¹æ³ã§è¡ãããšãã§ããŸãã
æåèšå®
IPã¢ãã¬ã¹ãšãµãããããã¹ã¯ãæåã§å ¥åããèšå®ãè¡ããŸããæ¬æ©ã«æ¥ç¶ãã PCãåããµããããäžã«ãªãå Žåã«ã¯ãããã©ã«ãã²ãŒããŠã§ã€ã®èšå®ãè¡ãå¿ èŠããããŸãã
åçèšå®
ãããã¯ãŒã¯äžã® BOOTPå㯠DHCPãµãŒãã«å¯ŸããIPã¢ãã¬ã¹ã®ãªã¯ãšã¹ããè¡ãèªåçã« IPã¢ãã¬ã¹ãååŸããŸãã
æåèšå®
IPã¢ãã¬ã¹ãæåã§èšå®ããŸããã»ã°ã¡ã³ãã®ç°ãªã PCããæ¬æ©ã«ã¢ã¯ã»ã¹ããããã«ã¯ããã©ã«ãã²ãŒããŠã§ã€ã®èšå®ãå¿ èŠãšãªããŸãã
[泚æ ]ãIPã¢ãã¬ã¹ã®èšå®ãè¡ãåã«ãå¿ èŠãªäžèšã®æ å ±ããããã¯ãŒã¯ç®¡çè ããååŸããŠäžãã
ã»ïŒæ¬æ©ã«èšå®ããïŒIPã¢ãã¬ã¹ã»ããã©ã«ãã²ãŒããŠã§ã€ã»ãµãããããã¹ã¯
IPã¢ãã¬ã¹ãèšå®ããããã®æé ã¯ä»¥äžã®éãã§ãã
ïŒ1ïŒinterfaceã¢ãŒãã«ã¢ã¯ã»ã¹ããããã«ã管çè ã¢ãŒã (Privileged Exec)㧠"interface
vlan 1"ãšå ¥åãã<Enter>ããŒãæŒããŸãã
ïŒ2ïŒ"ip address ip-address netmask"ãšå ¥åãã<Enter>ããŒãæŒããŸãã"ip-address" ã«ã¯æ¬æ©ã® IPã¢ãã¬ã¹ãã"netmask"ã«ã¯ãããã¯ãŒã¯ã®ãµãããããã¹ã¯ãå ¥åããŸãã
Username: adminPassword:
ãããCLI session with the SMC8612XL3 is opened.
ãããTo end the CLI session, enter [Exit].
Console#configureConsole(config)#username guest password 0 [password]Console(config)#username admin password 0 [password]Console(config)#
4FXC9012F
æ¬æ©ã®ç®¡çåºæ¬èšå®
ïŒ3ïŒGlobal Configurationã¢ãŒãã«æ»ãããã«ã"exit"ãšå ¥åãã<Enter>ããŒãæŒããŸãã
ïŒ4ïŒæ¬æ©ã®æå±ãããããã¯ãŒã¯ã®ããã©ã«ãã²ãŒããŠã§ã€ã® IPã¢ãã¬ã¹ãèšå®ããããã«ã"ip default-gateway gateway"ãšå ¥åãã<Enter>ããŒãæŒããŸãã "gateway"ã«ã¯ããã©ã«ãã²ãŒããŠã§ã€ã® IPã¢ãã¬ã¹ãå ¥åããŸãã
åçèšå®
"bootp"å㯠"dhcp" ãéžæããå ŽåãBOOTPå㯠DHCPããã®å¿çãåãåããŸã§ IPã¢ãã¬ã¹ã¯æå¹ã«ãªããŸãããIPã¢ãã¬ã¹ãååŸããããã«ã¯ "ip dhcp restart client"ã³ãã³ãã䜿çšããŠãããŒããã£ã¹ããµãŒãã¹ãªã¯ãšã¹ããè¡ãå¿ èŠããããŸãããªã¯ãšã¹ãã¯IPã¢ãã¬ã¹ãååŸããããã«åšæçã«éä¿¡ãããŸãïŒBOOTPãš DHCPããååŸããå€ã«ã¯ IPã¢ãã¬ã¹ããµãããããã¹ã¯ããã³ããã©ã«ãã²ãŒããŠã§ã€ãå«ãŸããŸãïŒ
IPã¢ãã¬ã¹ã®ååŸæ¹æ³ãšã㊠"bootp"å㯠"dhcp"ãèµ·åãã¡ã€ã«ã«èšå®ãããŠããå Žåãæ¬æ©ã¯é»æºæå ¥æã«èªåçã«ãããŒããã£ã¹ããªã¯ãšã¹ããéä¿¡ããŸãã
"BOOTP"å㯠"DHCP"ãµãŒããçšããŠåçã« IPã¢ãã¬ã¹ã®ååŸãè¡ãå Žåã¯ãäžèšã®æé ã§èšå®ãè¡ããŸãã
ïŒ1ïŒinterface configurationã¢ãŒãã«ã¢ã¯ã»ã¹ããããã«ãglobal configurationã¢ãŒãã§"interface vlan 1"ãšå ¥åã <Enter>ããŒãæŒããŸãã
ïŒ2ïŒinterface configurationã¢ãŒãã§ãäžèšã®ã³ãã³ããå ¥åããŸãã
⢠DHCP㧠IPã¢ãã¬ã¹ãååŸããå Žå : "ip address dhcp"ãšå ¥åã <Enter>ããŒãæŒããŸãã
⢠BOOTP㧠IPã¢ãã¬ã¹ãååŸããå Žå : "ip address bootp"ãšå ¥åã <Enter>ããŒãæŒããŸãã
ïŒ3ïŒglobal configurationã¢ãŒãã«æ»ãããã«ã"end"ãšå ¥åãã<Enter>ããŒãæŒããŸãã
ïŒ4ïŒãããŒããã£ã¹ããµãŒãã¹ã®ãªã¯ãšã¹ããéä¿¡ããããã«ã"ip dhcp restart client"
ãšå ¥åãã<Enter>ããŒãæŒããŸãã
ïŒ5ïŒæ°ååŸ ã£ãåŸãIPèšå®ã確èªããããã«ã"show ip interface"ãšå ¥åãã<Enter>
ããŒãæŒããŸãã
Console(config)#interface vlan 1Console(config-if)#ip address 192.168.1.5 255.255.255.0Console(config-if)#exitConsole(config)#ip default-gateway 192.168.1.254Console(config)#
5 FXC9012F
æ¬æ©ã®ç®¡çåºæ¬èšå®
ïŒ6ïŒèšå®ãä¿åããããã«ã"copy running-config startup-config"ãšå ¥åãã<Enter>
ããŒãæŒããŸããèµ·åãã¡ã€ã«åãå ¥åãã<Enter>ããŒãæŒããŸãã
1.2.4 SNMP管çã¢ã¯ã»ã¹ãæå¹ã«ãã
æ¬æ©ã¯ãSNMP(Simple Network Management Protocol)ãœãããŠã§ã¢çµç±ã§ã®ç®¡çã³ãã³ãã«ããèšå®ãè¡ããŸãã
æ¬æ©ã§ã¯ (1)SNMPãªã¯ãšã¹ããžã®å¿çãåã³ (2)SNMPãã©ããã®çæããå¯èœã§ãã
SNMPãœãããŠã§ã¢ãæ¬æ©ã«å¯Ÿãæ å ±ã®ååŸãèšå®ã®ãªã¯ãšã¹ããåºããå Žåãæ¬æ©ã¯ãªã¯ãšã¹ãã«å¿ããŠæ å ±ã®æäŸãèšå®ãè¡ããŸãããŸãããããããèšå®ããããšã«ãããªã¯ãšã¹ãããªããŠã決ããããåºæ¥äºãçºçããå Žåã«ãã©ããæ å ±ã SNMPãœãããŠã§ã¢ã«éãããšãå¯èœã§ãã
ã³ãã¥ããã£åïŒCommunity StringsïŒ
ã³ãã¥ããã£å (Community Strings)ã¯ãæ¬æ©ãããã©ããæ å ±ãåãåã SNMPãœãããŠã§ã¢ã®èªèšŒãšãSNMPãœãããŠã§ã¢ããã®ã¢ã¯ã»ã¹ãã³ã³ãããŒã«ããããã«äœ¿çšãããŸããæå®ããããŠãŒã¶ãããã¯ãŠãŒã¶ã°ã«ãŒãã«ã³ãã¥ããã£åãèšå®ããã¢ã¯ã»ã¹ã¬ãã«ã決å®ããããšãã§ããŸãã
åæèšå®ã§ã®ã³ãã¥ããã£åã¯ä»¥äžã®ãšããã§ãã
⢠public â èªã¿åãå°çšã®ã¢ã¯ã»ã¹ãå¯èœã§ããpublicã«èšå®ããã SNMP管çãœãããŠã§ã¢ãã㯠MIBãªããžã§ã¯ãã®é²èŠ§ã®ã¿ãè¡ããŸãã
⢠private â èªã¿æžãå¯èœãªã¢ã¯ã»ã¹ãã§ããŸããprivateã«èšå®ããã SNMP管çãœãããŠã§ã¢ããã¯MIBãªããžã§ã¯ãã®é²èŠ§åã³å€æŽãããããšãå¯èœã§ãã
[泚æ ]ãSNMPãå©çšããªãå Žåã«ã¯ãåæèšå®ã®ã³ãã¥ããã£åãåé€ããŠäžãããã³ãã¥ããã£åãèšå®ãããŠããªãå Žåã«ã¯ãSNMP管çã¢ã¯ã»ã¹æ©èœã¯ç¡å¹ãšãªããŸãã
SNMPçµç±ã§ã®äžæ£ãªã¢ã¯ã»ã¹ãé²ããããã³ãã¥ããã£åã¯åæèšå®ããå€æŽããŠäžãããã³ãã¥ããã£åã®å€æŽã¯ä»¥äžã®æé ã§è¡ããŸãã
ïŒ1ïŒç®¡çè ã¢ãŒã (Privileged Exec)ã® global configurationã¢ãŒããã "snmp-server
community string mode"ãšå ¥åã <Enter>ããŒãæŒããŸãã"string"ã«ã¯ã³ãã¥ããã£å "mode"ã«ã¯ rwïŒread/wirteãèªã¿æžãå¯èœïŒãroïŒread
Console(config)#interface vlan 1Console(config-if)#ip address dhcpConsole(config-if)#endConsole#ip dhcp restart clientConsole#show ip interfaceIP address and netmask: 192.168.1.54 255.255.255.0 on VLAN 1,and address mode: User specified.Console#copy running-config startup-configStartup configuration file name []: startup\Write to FLASH Programming.
\Write to FLASH finish.Success.
6FXC9012F
æ¬æ©ã®ç®¡çåºæ¬èšå®
onlyãèªã¿åãå°çšïŒã®ãããããå ¥åããŸãïŒåæèšå®ã§ã¯ read onlyãšãªããŸãïŒ
ïŒ2ïŒïŒåæèšå®ãªã©ã®ïŒç»é²æžã¿ã®ã³ãã¥ããã£åãåé€ããããã«ã"no snmp-server
community string"ãšå ¥åã <Enter>ããŒãæŒããŸãã"string"ã«ã¯åé€ããã³ãã¥ããã£åãå ¥åããŸãã
ãã©ããã»ã¬ã·ãŒãïŒTrap ReceiversïŒ
æ¬æ©ããã®ãã©ãããåãã SNMPã¹ããŒã·ã§ã³ïŒãã©ããã»ã¬ã·ãŒãïŒãèšå®ããããšãã§ããŸãã
ãã©ããã»ã¬ã·ãŒãã®èšå®ã¯ä»¥äžã®æé ã§è¡ããŸã
ïŒ1ïŒç®¡çè ã¢ãŒã (Privileged Exec)ã® global configurationã¢ãŒããã "snmp-server host
host-address community-string"ãšå ¥åã <Enter>ããŒãæŒããŸãã"host-address"
ã«ã¯ãã©ããã»ã¬ã·ãŒãã® IPã¢ãã¬ã¹ãã"community-string"ã«ã¯ãã¹ãã®ã³ãã¥ããã£åãå ¥åããŸãã
ïŒ2ïŒSNMPã«æ å ±ãéä¿¡ããããã«ã¯ 1ã€ä»¥äžã®ãã©ããã³ãã³ããèšå®ããå¿ èŠããããŸãã"snmp-server enable traps type"ãšå ¥åãã<Enter>ããŒãæŒããŸãã"type"ã«ã¯ "authentication"ã "link-up-down"ã®ã©ã¡ãããå ¥åããŸãã
SNMPv3ã¢ã¯ã»ã¹ã®èšå®
SNMPv3ã¯ã©ã€ã¢ã³ãã®ãããŒãžã¡ã³ãã¢ã¯ã»ã¹ãèšå®ããããã«ããŸã MIBãå®çŸ©ããããã®ãã¥ãŒãäœæãããã¥ãŒãã°ã«ãŒãã«å²ãåœãŠãŸãããããŠããŠãŒã¶ãŒãã°ã«ãŒãã«ã¢ãµã€ã³ããŸããäžã®äŸã¯å šãŠã®MIB-2ããªãŒãã©ã³ããå«ã "mib-2"ãšãããã¥ãŒãšIEEE 802.1d bridge MIBãå«ããã¥ãŒãäœæããŸãããr&dããšããååã®ã°ã«ãŒãã«ããããã® readããã³ read/writeãã¥ãŒãå²ãåœãŠãMD5ãŸã㯠SHAã«ããã°ã«ãŒãèªèšŒãæå®ããŸããèªèšŒã®ããã®ãã¹ã¯ãŒã㯠"greenpeace"ãæå·åã®ããã®ãã¹ã¯ãŒãã¯"einstien"ãšæå®ããŠããŸãã
SNMPv3ã¯ã©ã€ã¢ã³ãããã®ã¢ã¯ã»ã¹ã®èšå®ã«ã€ããŠãããã«è©³ããæ¹æ³ã¯ P28 ãSNMPããåç §ããããCLIã³ãã³ãã«ã€ããŠèª¬æãããŠãã P314 ãSNMPããã芧ãã ããã
Console(config)#snmp-server community admin rwConsole(config)#snmp-server community privateConsole(config)#
Console(config)#snmp-server enable traps link-up-downConsole(config)#
Console(config)#snmp-server view mib-2 1.3.6.1.2.1 includedConsole(config)#snmp-server view 802.1d 1.3.6.1.2.1.17 includedConsole(config)#snmp-server group r&d v3 auth mib-2 802.1dConsole(config)#snmp-server user steve group r&d v3 auth md5greenpeace priv des56 einstienConsole(config)#
7 FXC9012F
æ¬æ©ã®ç®¡çåºæ¬èšå®
1.2.5 èšå®æ å ±ã®ä¿å
configuration commandã䜿çšããŠã®èšå®å€æŽã¯ãå®è¡äžã®èšå®ãã¡ã€ã«ãå€æŽãããã ããšãªããŸããæ¬æ©ã®åèµ·åãè¡ã£ãå Žåã«ã¯èšå®æ å ±ãä¿åãããŸããã
å€æŽããèšå®ãä¿åããããã«ã¯ "copy"ã³ãã³ãã䜿ããå®è¡äžã®èšå®ãã¡ã€ã«ãèµ·åèšå®ãã¡ã€ã«ã«ã³ããŒããå¿ èŠããããŸãã
èšå®ãã¡ã€ã«ã®ä¿åã¯ä»¥äžã®æé ã§è¡ããŸã :
ïŒ1ïŒç®¡çè ã¢ãŒã (Privileged Exec)㧠"copy running-config startup-config"ãšå ¥åãã<Enter>ããŒãæŒããŸãã
ïŒ2ïŒèµ·åèšå®ãã¡ã€ã«ååãå ¥åãã<Enter>ããŒãæŒããŸãã
Console#copy running-config startup-configStartup configuration file name []: startup\Write to FLASH Programming.
\Write to FLASH finish.Success.
Console#
8FXC9012F
æ¬æ©ã®ç®¡çã·ã¹ãã ãã¡ã€ã«ã®ç®¡ç
1.3 ã·ã¹ãã ãã¡ã€ã«ã®ç®¡ç
æ¬æ©ã®ãã©ãã·ã¥ã¡ã¢ãªäžã« CLIãWebã€ã³ã¿ãã§ãŒã¹ãSNMPãã管çå¯èœãª 3çš®é¡ã®ã·ã¹ãã ãã¡ã€ã«ããããŸãããããã®ãã¡ã€ã«ã¯ãã¡ã€ã«ã®ã¢ããããŒããããŠã³ããŒããã³ããŒãåé€ãåã³èµ·åãã¡ã€ã«ãžã®èšå®ãè¡ãããšãã§ããŸãã
3çš®é¡ã®ãã¡ã€ã«ã¯ä»¥äžã®éãã§ãã
⢠Configuration(èšå®ãã¡ã€ã« ) â ãã®ãã¡ã€ã«ã¯ã·ã¹ãã ã®èšå®æ å ±ãä¿åãããŠãããèšå®æ å ±ãä¿åããéã«çæãããŸããä¿åãããã·ã¹ãã èµ·åãã¡ã€ã«ã«èšå®ããããšãã§ããä»ããµãŒãã« TFTPçµç±ã§ã¢ããããŒããããã¯ã¢ãããåãããšãã§ããŸãã"Factory_Default_Config.cfg"ãšãããã¡ã€ã«ã¯ã·ã¹ãã ã®åæèšå®ãå«ãŸããŠãããåé€ããããšã¯ã§ããŸããã詳现ã«é¢ããŠã¯ 2.3.6é ãèšå®æ å ±ãã¡ã€ã«ã®ä¿åã»åŸ©å ããåç §ããŠäžããã
⢠Operation Code(ãªãã¬ãŒã·ã§ã³ã³ãŒã ) â èµ·ååŸã«å®è¡ãããã·ã¹ãã ãœãããŠã§ã¢ã§ã©ã³ã¿ã€ã ã³ãŒããšãåŒã°ããŸãããªãã¬ãŒã·ã§ã³ã³ãŒãã¯æ¬æ©ã®ãªãã¬ãŒã·ã§ã³ãè¡ãªãä»ãCLIãWebã€ã³ã¿ãã§ãŒã¹ãæäŸããŸãã詳现ã«é¢ããŠã¯ 2.3.5é ããã¡ãŒã ãŠã§ã¢ã®ç®¡çããåç §ããŠäžããã
⢠Diagnostic Code(蚺æã³ãŒã ) â POST(ãã¯ãŒã»ãªã³ã»ã»ã«ããã¹ã )ãšããŠç¥ãããŠãããœãããŠã§ã¢ (ã·ã¹ãã ã»ããŒãã¢ããæã®å®è¡ããã°ã©ã )ã
æ¬æ©ã¯ãªãã¬ãŒã·ã§ã³ã³ãŒãã 2ã€ãŸã§ä¿åããããšãã§ããŸãã蚺æã³ãŒããšèšå®ãã¡ã€ã«ã«é¢ããŠã¯ããã©ãã·ã¥ã¡ã¢ãªã®å®¹éã®ç¯å²å ã§ç¡å¶éã«ä¿åããããšãã§ããŸãã
ãã©ãã·ã¥ã¡ã¢ãªã§ã¯ãåçš®é¡ã®ãããã 1ã€ã®ãã¡ã€ã«ãèµ·åãã¡ã€ã«ãšãªããŸãã
ã·ã¹ãã èµ·åæã«ã¯èšºæã³ãŒããã¡ã€ã«ãšãªãã¬ãŒã·ã§ã³ã³ãŒããã¡ã€ã«ãå®è¡ãããŸãããã®åŸèšå®ãã¡ã€ã«ãããŒããããŸããèšå®ãã¡ã€ã«ã¯ããã¡ã€ã«åãæå®ããŠããŠã³ããŒããããŸãã
å®è¡äžã®èšå®ãã¡ã€ã«ãããŠã³ããŒãããå Žåãæ¬æ©ã¯åèµ·åãããŸããå®è¡äžã®èšå®ãã¡ã€ã«ãä¿åçšãã¡ã€ã«ã«ä¿åããŠããå¿ èŠããããŸãã
9 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹Webã€ã³ã¿ãã§ãŒã¹ãžã®æ¥ç¶
2.1 Webã€ã³ã¿ãã§ãŒã¹ãžã®æ¥ç¶
æ¬æ©ã«ã¯ç®¡ççšã®WebãµãŒããæèŒãããŠããŸããWebãã©ãŠã¶ããèšå®ãè¡ã£ããããããã¯ãŒã¯ã®ç¶æ ãç£èŠããããã®çµ±èšæ å ±ã確èªãããããããšãã§ããŸãã
ãããã¯ãŒã¯ã«æ¥ç¶ããã PCäžã§åäœãããInternet Explorer 5.0ãå㯠Netscape Navigator 6.2以äžãããWebã€ã³ã¿ãã§ãŒã¹ã«ã¢ã¯ã»ã¹ããããšãã§ããŸãã
[ 泚æ ]ãWeb ã€ã³ã¿ãã§ãŒã¹ä»¥å€ã«ããããã¯ãŒã¯çµç±ã§ã® Telnet åã³ã·ãªã¢ã«ããŒãçµç±ã®ã³ã³ãœãŒã«æ¥ç¶ã§ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ (CLI) ã䜿çšãæ¬æ©ã®èšå®ãè¡ãããšãã§ããŸããCLIã®äœ¿çšã«é¢ãã詳现㯠4ç« ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãåç §ããŠäžããã
[泚æ ]ãäžéšãWebã€ã³ã¿ãã§ãŒã¹ã§ã¯èšå®ã§ãããCLIçµç±ã§ã®ã¿èšå®ã§ããé ç®ããããŸããWeb ã€ã³ã¿ãã§ãŒã¹ã§èšå®ã§ããªãå 容ã«é¢ããŠã¯ CLI ãå©çšããèšå®ãè¡ã£ãŠäžããã
Webã€ã³ã¿ãã§ãŒã¹ã䜿çšããå Žåã¯ãäºåã«äžèšã®èšå®ãè¡ã£ãŠäžããã
ïŒ1ïŒã³ã³ãœãŒã«æ¥ç¶ãBOOTPå㯠DHCPãããã³ã«ã䜿çšããŠæ¬æ©ã« IPã¢ãã¬ã¹ããµãããããã¹ã¯ãããã©ã«ãã²ãŒããŠã§ã€ãèšå®ããŸãïŒè©³çŽ°ã¯ P3-13ãIPã¢ãã¬ã¹ã®èšå®ããåç §ããŠäžããïŒ
ïŒ2ïŒã³ã³ãœãŒã«æ¥ç¶ã§ããŠãŒã¶åãšãã¹ã¯ãŒããèšå®ããŸããWebã€ã³ã¿ãã§ãŒã¹ãžã®æ¥ç¶ã¯ã³ã³ãœãŒã«æ¥ç¶ã®å ŽåãšåããŠãŒã¶åãšãã¹ã¯ãŒã䜿çšããŸãã
ïŒ3ïŒWebãã©ãŠã¶ãããŠãŒã¶åãšãã¹ã¯ãŒããå ¥åãããšãã¢ã¯ã»ã¹ãèš±å¯ãããæ¬æ©ã®ããŒã ããŒãžã衚瀺ãããŸãã
[泚æ ]ããã¹ã¯ãŒã㯠3åãŸã§åå ¥åããããšãã§ããŸãã3å倱æãããšæ¥ç¶ã¯åæãããŸãã
[泚æ ]ã ã²ã¹ãã¢ãŒã (Normal Exec)ã§Webã€ã³ã¿ãã§ãŒã¹ã«ãã°ã€ã³ããå ŽåãããŒãžæ å ±ã®é²èŠ§ãšãã²ã¹ãã¢ãŒãã®ãã¹ã¯ãŒãã®å€æŽã®ã¿è¡ããŸãã管çè ã¢ãŒã(Privileged Exec)ã§ãã°ã€ã³ããå Žåã¯å šãŠã®èšå®å€æŽãè¡ããŸãã
[泚æ ]ã 管ççšPCãšæ¬æ©ã®éã§ã¹ããã³ã°ããªãŒã¢ã«ãŽãªãºã (STA)ã䜿çšãããŠããªãå Žåã管ççš PCã«æ¥ç¶ãããããŒãããã¡ã¹ããã©ã¯ãŒãã£ã³ã°ã«ããïŒAdminEdge Portã®æå¹åïŒããšã«ãããWebã€ã³ã¿ãã§ãŒã¹ããã®èšå®ã«å¯Ÿããæ¬æ©ã®å¿çé床ãåäžãããããšãã§ããŸãïŒè©³çŽ°ã¯ P93 ãã€ã³ã¿ãã§ãŒã¹èšå®ããåç §ããŠäžããïŒ
2. Web ã€ã³ã¿ã ã§ãŒã¹
10FXC9012F
Webã€ã³ã¿ãã§ãŒã¹Webã€ã³ã¿ãã§ãŒã¹ã®æäœæ¹æ³
2.2 Webã€ã³ã¿ãã§ãŒã¹ã®æäœæ¹æ³
Webã€ã³ã¿ãã§ãŒã¹ãžã¢ã¯ã»ã¹ããéã¯ãåãã«ãŠãŒã¶åãšãã¹ã¯ãŒããå ¥åããå¿ èŠããããŸãã管çè ã¢ãŒã (Privileged Exec)ã§ã¯å šãŠã®èšå®ãã©ã¡ãŒã¿ã®è¡šç€º /å€æŽãšçµ±èšæ å ±ã®è¡šç€ºãå¯èœã§ãã管çè ã¢ãŒã (Privileged Exec)ã®åæèšå®ã®ãŠãŒã¶åãšãã¹ã¯ãŒãã¯"admin"ã§ã
2.2.1 ããŒã ããŒãž
Webã€ã³ã¿ãã§ãŒã¹ã«ã¢ã¯ã»ã¹ããéã®æ¬æ©ã®ç®¡çç»é¢ã®ããŒã ããŒãžã¯ä»¥äžã®éã衚瀺ãããŸããç»é¢ã®å·ŠåŽã«ã¡ã€ã³ã¡ãã¥ãŒãå³åŽã«ã¯ã·ã¹ãã æ å ±ã衚瀺ãããŸããã¡ã€ã³ã¡ãã¥ãŒããã¯ãä»ã®ã¡ãã¥ãŒãèšå®ãã©ã¡ãŒã¿ãçµ±èšæ å ±ã®è¡šç€ºãããããŒãžãžãªã³ã¯ããŠããŸãã
2.2.2 èšå®ãªãã·ã§ã³
èšå®ãã©ã¡ãŒã¿ã«ã¯ãã€ã¢ãã°ããã¯ã¹ãšããããããŠã³ãªã¹ãããããŸãã
ããŒãžäžã§èšå®å€æŽãè¡ã£ãéã¯ãå¿ ãæ°ããèšå®ãåæ ãããããã«ã[Apply]ãã¿ã³ãã¯ãªãã¯ããŠãã ããã
次ã®è¡šã¯WebããŒãžã«è¡šç€ºãããèšå®ãã¿ã³ã®å 容ã解説ããŠããŸãã
ãã¿ã³ æäœRevert å ¥åããå€ããã£ã³ã»ã«ãã[Apply]å㯠[Apply Changes]
ãã¯ãªãã¯ããåã«è¡šç€ºãããŠããå ã®å€ã«æ»ãApply å ¥åããå€ãæ¬æ©ã«åæ ãããHelp Webãã«ãã«ãªã³ã¯ããŠããŸã
11 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹Webã€ã³ã¿ãã§ãŒã¹ã®æäœæ¹æ³
[泚æ ]ãããŒãžå 容ã®æŽæ°ã確å®ã«è¡ããã Internet Explorer 5.xã§ã¯ãã¡ãã¥ãŒãã [ããŒã« ]â [ã€ã³ã¿ãŒããããªãã·ã§ã³ ] â [å šè¬ ]â [ ã€ã³ã¿ãŒãããäžæãã¡ã€ã« ]ãéžæãã[èšå®ã§ä¿åããŠããããŒãžã®æ°ããããŒãžã§ã³ã®ç¢ºèª ]ã® [ããŒãžã衚瀺ããããšã«ç¢ºèªãã ]ããã§ãã¯ããŠäžããã
[ 泚æ ]ãInternet Explorer5.0 ã䜿çšããå Žåã¯ãèšå®ã®å€æŽåŸã«ãã©ãŠã¶ã®æŽæ°ãã¿ã³ã䜿çšããç»é¢äžã«è¡šç€ºãããŠããæ å ±ã®æŽæ°ãæåã§è¡ãå¿ èŠããããŸãã
2.2.3 ããã«ã®è¡šç€º
Webã€ã³ã¿ãã§ãŒã¹ã§ã¯ããŒãã®ç¶æ ãç»åã§è¡šç€ºãããŸããåããŒãã®ãªã³ã¯ç¶æ ãDuplexããããŒã³ã³ãããŒã«ãªã©ã®ç¶æ ã確èªããããšãã§ããŸãããŸããåããŒããã¯ãªãã¯ããããšã§ P72 ãã€ã³ã¿ãã§ãŒã¹æ¥ç¶ã®èšå®ãã§è§£èª¬ããŠããåããŒãã®èšå®ããŒãžã衚瀺ãããŸãã
2.2.4 ã¡ã€ã³ã¡ãã¥ãŒ
Webã€ã³ã¿ãã§ãŒã¹ã䜿çšããããšã§ãã·ã¹ãã ãã©ã¡ãŒã¿ã®èšå®ãæ¬æ©å šäœãåããŒãã®ç®¡çãåã¯ãããã¯ãŒã¯ç¶æ³ã®ç£èŠãè¡ãããšãã§ããŸãã
12FXC9012F
Webã€ã³ã¿ãã§ãŒã¹åºæ¬èšå®
2.3 åºæ¬èšå®
2.3.1 ã·ã¹ãã æ å ±ã®è¡šç€º
æ¬æ©ã«ååãèšçœ®å Žæåã³ã³ã³ã¿ã¯ãæ å ±ãèšå®ããããšã«ããã管çããéã«æ¬æ©ã®èå¥ã容æã«è¡ãããšãã§ããŸãã
èšå®ã»è¡šç€ºé ç®
System Name
æ¬æ©ã«èšå®ããåå
Object ID
æ¬æ©ã®ãããã¯ãŒã¯ç®¡çãµãã·ã¹ãã ã®MIBIIãªããžã§ã¯ã ID
Location
æ¬æ©ã®èšçœ®å Žæ
Contact
管çè ã®ã³ã³ã¿ã¯ãæ å ±
System Up Time
管çã·ã¹ãã ãèµ·åããŠããã®æé
èšå®æ¹æ³
[System]â [System Information]ãã¯ãªãã¯ããŸããsystem nameïŒã·ã¹ãã åïŒãlocationïŒèšçœ®å ŽæïŒåã³ ContactïŒç®¡çè ã®ã³ã³ã¿ã¯ãæ å ±ïŒãå ¥åãã[Apply]ãã¿ã³ãã¯ãªãã¯ããŸãã
ïŒãã®ããŒãžã¯ Telnetãå©çšã CLIã«ã¢ã¯ã»ã¹ããããã® [Telnet]ãã¿ã³ããããŸãïŒ
13 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹åºæ¬èšå®
2.3.2 ããŒããŠã§ã¢åã³ãœãããŠã§ã¢ããŒãžã§ã³ã®è¡šç€º
èšå®ã»è¡šç€ºé ç®
[Main Board](ããŒããŠã§ã¢æ¬äœ )
Serial Number
æ¬æ©ã®ã·ãªã¢ã«ãã³ããŒNumber of Ports
æèŒããã RJïŒ 45ããŒãã®æ°
Hardware Version
ããŒããŠã§ã¢ã®ããŒãžã§ã³Internal Power Status
å èµé»æºã®ã¹ããŒã¿ã¹
[Management Software](管çãœãããŠã§ã¢ )
EPLD Version
Electronically Programmable Logic Device Codeã®ããŒãžã§ã³
Loader Version
Loader Codeã®ããŒãžã§ã³
Boot-ROM Version
Power-On Self-Test (POST)åã³ boot codeã®ããŒãžã§ã³æ°
Operation Code Version
runtime codeã®ããŒãžã§ã³
èšå®æ¹æ³
[System]â [Switch Information]ãã¯ãªãã¯ãããšè¡šç€ºãããŸãã
14FXC9012F
Webã€ã³ã¿ãã§ãŒã¹åºæ¬èšå®
2.3.3 ããªããžæ¡åŒµæ©èœã®è¡šç€º
ããªããž MIBã«ã¯ããã©ãã£ãã¯ã¯ã©ã¹ããã«ããã£ã¹ããã£ã«ã¿ãªã³ã°ãVLANã«å¯Ÿå¿ãã管çè£ çœ®çšã®æ¡åŒµæ å ±ãå«ãŸããŸãã
å€æ°ã®è¡šç€ºãè¡ãããã«ãããªããž MIBæ¡åŒµèšå®ã«ã¢ã¯ã»ã¹ããããšãã§ããŸãã
èšå®ã»è¡šç€ºé ç®
Extended Multicast Filtering Services
GARP Multicast Registration Protocol(GMRP)ã䜿çšããåã ã®ãã«ããã£ã¹ãã¢ãã¬ã¹ã®ãã£ã«ã¿ãªã³ã°ãè¡ãããªãããšãè¡šããŸãïŒçŸåšã®ãã¡ãŒã ãŠã§ã¢ã§ã¯äœ¿çšã§ããŸããïŒ
Traffic Classes
ãŠãŒã¶ãã©ã€ãªãªãã£ãè€æ°ã®ãã©ãã£ãã¯ã¯ã©ã¹ã«ãããã³ã°ãããŠããããšãè¡šããŸãã(詳现ã¯ãP113 ãClass of ServiceïŒCoSïŒããåç §ããŠäžãã )
Static Entry Individual Port
ãŠããã£ã¹ãåã³ãã«ããã£ã¹ãã¢ãã¬ã¹ã®éçãã£ã«ã¿ãªã³ã°ãè¡ãªãããŠããããšãè¡šããŸããVLAN Learning
æ¬æ©ã¯åããŒããç¬èªã®ãã£ã«ã¿ãªã³ã°ããŒã¿ããŒã¹ãä¿æãã Independent VLAN Learning(IVL)ã䜿çšããŠããããšãè¡šããŠããŸãã
Configurable PVID Tagging
æ¬æ©ã¯åããŒãã«å¯ŸããŠåæããŒã VLAN IDïŒãã¬ãŒã ã¿ã°ã§äœ¿çšããã PVIDïŒãšããã®åºå圢åŒïŒã¿ã°ä»åã¯ã¿ã°ãªã VLANïŒãèšå®å¯èœã§ããããšãè¡šããŠããŸãïŒP100 ãVLANããåç §ããŠäžããïŒLocal VLAN Capable
æ¬æ©ã¯è€æ°ã®ããŒã«ã«ããªããž (ãã«ããã«ã¹ããã³ã°ããªãŒ )ããµããŒãããŠããããšãè¡šããŠããŸãGMRP
GMRPã䜿çšããããšã§ããã«ããã£ã¹ãã°ã«ãŒãå ã®çµç«¯ç«¯æ«ããããã¯ãŒã¯æ©åšã«ç»é²ããããšãã§ããŸããæ¬æ©ã§ã¯ GMRPã«å¯Ÿå¿ããŠããŸãããæ¬æ©ã¯èªåçãªãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°ãè¡ã Internet Group Management Protocol (IGMP)ã䜿çšããŠããŸãã
èšå®æ¹æ³
[System]â [Bridge Extension Configuration]ãã¯ãªãã¯ãããšè¡šç€ºãããŸãã
15 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹åºæ¬èšå®
2.3.4 IPã¢ãã¬ã¹ã®èšå®
ãããã¯ãŒã¯çµç±ã§ã®ç®¡çã¢ã¯ã»ã¹ãè¡ãããã« IPã¢ãã¬ã¹ãå¿ èŠãšãªããŸããåæèšå®ã§ã¯ãIPã¢ãã¬ã¹ã¯èšå®ãããŠããŸããã
æå㧠IPã¢ãã¬ã¹ã®èšå®ãè¡ãéã¯ã䜿çšãããããã¯ãŒã¯ã§å©çšå¯èœãª IPã¢ãã¬ã¹ãèšå®ããŠäžãããïŒæåèšå®æã®åæèšå®ã¯ãIPã¢ãã¬ã¹ :0.0.0.0ããµãããããã¹ã¯ 255.0.0.0ïŒ
ãŸããä»ã®ãããã¯ãŒã¯ã»ã°ã¡ã³ãäžã®ç®¡ççš PCããã¢ã¯ã»ã¹ããå Žåã«ã¯ããã©ã«ãã²ãŒããŠã§ã€ã®èšå®ãè¡ãå¿ èŠããããŸãã
æ¬æ©ã§ã¯ãæåã§ã® IPã¢ãã¬ã¹ã®èšå®åã³ BOOTPå㯠DHCPãµãŒããçšã㊠IPã¢ãã¬ã¹ã®ååŸãè¡ãããšãã§ããŸãã
èšå®ã»è¡šç€ºé ç®
VLAN
VLANã® ID(1-4094)ãåæèšå®ã§ã¯ãã¹ãŠã®ããŒãã VLAN 1ã«æå±ããŠããŸããããããIPã¢ãã¬ã¹ãå²ãåœãŠã VLANãèšå®ããããšã«ããã管ç端æ«ã IPã¢ãã¬ã¹ãå²ãåœãŠãä»»æã®ããŒãã«æ¥ç¶ããããšãã§ããŸãã
IP Address Mode
IPã¢ãã¬ã¹ãèšå®ããæ¹æ³ã StaticïŒæåèšå®ïŒãDHCPãBOOTPããéžæããŸããDHCPå㯠BOOTPãéžæããå ŽåããµãŒãããã®å¿çããããŸã§ IPã¢ãã¬ã¹ã®ååŸãã§ããŸãããIPã¢ãã¬ã¹ãååŸããããã®ãµãŒããžã®ãªã¯ãšã¹ãã¯åšæçã«éä¿¡ãããŸãïŒDHCPå㯠BOOTPããååŸããæ å ±ã«ã¯ IPã¢ãã¬ã¹ããµãããããã¹ã¯åã³ããã©ã«ãã²ãŒããŠã§ã€ã®æ å ±ãå«ã¿ãŸãïŒ
IP Address
管çã¢ã¯ã»ã¹ãè¡ãããšãã§ãã VLANã€ã³ã¿ãã§ãŒã¹ã® IPã¢ãã¬ã¹ãèšå®ããŸãã
æå¹ãª IPã¢ãã¬ã¹ã¯ã0-255ãŸã§ã®åé²æ° 4æ¡ã«ãã£ãŠè¡šçŸãããããããããªãªãã§åºåãããŸãïŒåæèšå®ïŒ0.0.0.0ïŒ
Subnet Mask
ãµãããããã¹ã¯ãèšå®ããŸããã«ãŒãã£ã³ã°ã«äœ¿çšããããã¹ãã¢ãã¬ã¹ã®ãããæ°ã®èå¥ã«å©çšãããŸãïŒåæèšå®ïŒ255.0.0.0ïŒ
Default Gateway
管ç端æ«ãžã®ã²ãŒããŠã§ã€ã® IPã¢ãã¬ã¹ãèšå®ããŸãã
管ç端æ«ãç°ãªã£ãã»ã°ã¡ã³ãã«ããå Žåã«ã¯ãèšå®ãå¿ èŠãšãªããŸãïŒåæèšå®ïŒ0.0.0.0ïŒ
16FXC9012F
Webã€ã³ã¿ãã§ãŒã¹åºæ¬èšå®
æåã§ã® IPã¢ãã¬ã¹ã®èšå®
èšå®æ¹æ³
[IP]â [General]â [Routing Interface]ãã¯ãªãã¯ããŸãã
[IP]â Global Setting]ãã¯ãªãã¯ããŸããã¹ã€ãããšãããŒãžã¡ã³ãã¹ããŒã·ã§ã³ãç°ãªããããã¯ãŒã¯ã«ååšããå Žåãããã©ã«ãã²ãŒããŠã§ã€ãæå®ããŸãã
17 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹åºæ¬èšå®
DHCPå㯠BOOTPã«ãã IPã¢ãã¬ã¹ã®èšå®
DHCPå㯠BOOTPãµãŒãã¹ãå©çšå¯èœãªç°å¢ã§ã¯ããããã®ãµãŒãã¹ãå©çšãåçã« IPã¢ãã¬ã¹ã®èšå®ãè¡ãããšãã§ããŸãã
èšå®æ¹æ³
[System]â [IP Configuration]ãã¯ãªãã¯ããŸãã管ç端æ«ãæ¥ç¶ãã VLANãéžæãã"IP Address Mode"ã DHCPå㯠BOOTPã«ã [Apply]ãã¯ãªãã¯ããŸãããã®åŸ [Restart DHCP]ãã¿ã³ãã¯ãªãã¯ããããšã§ãçŽã¡ã«æ°ãã IPã¢ãã¬ã¹ã®ãªã¯ãšã¹ããéä¿¡ããŸãããŸã次å以éãæ¬æ©ãåèµ·åããéã« IPã¢ãã¬ã¹ã®ãªã¯ãšã¹ããéä¿¡ããŸãã
[泚æ ]ãIPã¢ãã¬ã¹ã®èšå®ãå€æŽãã管çã¢ã¯ã»ã¹ãåæãããå Žåã«ã¯ãã³ã³ãœãŒã«æ¥ç¶ãè¡ãªã "show ip interface"ã³ãã³ãã䜿çšããããšã§ãæ°ãã IPã¢ãã¬ã¹ã確èªããããšãã§ããŸãã
18FXC9012F
Webã€ã³ã¿ãã§ãŒã¹åºæ¬èšå®
DHCPã®æŽæ°
DHCPã¯ãæ°žä¹ åã¯äžå®æéã¯ã©ã€ã¢ã³ãã« IPã¢ãã¬ã¹ã貞ãåºããŸããæå®ãããæéãéããå Žåããæ¬æ©ãä»ã®ãããã¯ãŒã¯ã»ã°ã¡ã³ããžç§»åããå Žåãæ¬æ©ãžã®ç®¡çã¢ã¯ã»ã¹ãè¡ããªããªããŸãããã®å Žåã«ã¯ãæ¬æ©ã®åèµ·åãè¡ãããã³ã³ãœãŒã«çµç±ã§ IPã¢ãã¬ã¹ã®åååŸãè¡ããªã¯ãšã¹ããéä¿¡ããŠäžããã
èšå®æ¹æ³
DHCPãµãŒãã¹ãå©çšã㊠IPã¢ãã¬ã¹ãå²ãåœãŠããããã§ã« IPã¢ãã¬ã¹ãå©çšã§ããªããªã£ãŠããå Žåã«ã¯ãWebã€ã³ã¿ãã§ãŒã¹ããã® IPã¢ãã¬ã¹ã®æŽæ°ã¯ã§ããŸããã以åã®IPã¢ãã¬ã¹ãå©çšå¯èœãªå Žåã¯ãWebã€ã³ã¿ãã§ãŒã¹ã䜿ã [Restart DHCP]ãã¿ã³ãã IPã¢ãã¬ã¹ã®ãªã¯ãšã¹ããè¡ãããšãã§ããŸãã
19 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹åºæ¬èšå®
2.3.5 ãã¡ãŒã ãŠã§ã¢ã®ç®¡ç
TFTPãµãŒãã䜿çšãããã¡ãŒã ãŠã§ã¢ã®ããŠã³ããŒãåã³ã¢ããããŒããè¡ãããšãã§ããŸããTFTPãµãŒãäžã« runtime codeãä¿åããããšã«ãããåŸã§æ¬æ©ã®åŸ©å ãè¡ãéã«ããŠã³ããŒãããããšãã§ããŸãããŸãã以åã®ããŒãžã§ã³ã®ãã¡ãŒã ãŠã§ã¢ãäžæžãããããšãªããæ°ãããã¡ãŒã ãŠã§ã¢ã䜿çšããããšãã§ããŸãã
èšå®ã»è¡šç€ºé ç®
File Transfer Method
ãã¡ãŒã ãŠã§ã¢ã³ããŒã®æäœæ¹æ³ãäžèšã®ãªãã·ã§ã³ããããŸãã
ïŒ file to file â æ¬æ©ã®ãã£ã¬ã¯ããªã«æ°ããªãã¡ã€ã«åãä»ããŠããã¡ãŒã ãŠã§ã¢ãã³ããŒããŸãã
ïŒ file to tftp â æ¬æ©ãã TFTPãµãŒããžãã¡ã€ã«ãã³ããŒããŸãã
ïŒ tftp to file â TFTPãµãŒãããæ¬æ©ãžãã¡ã€ã«ãã³ããŒããŸãã
TFTP Server IP Address
TFTPãµãŒãã® IPã¢ãã¬ã¹
File Name
ãã¡ã€ã«åã¯å€§æåãšå°æåãåºå¥ãããã¹ã©ãã·ã¥åã³ããã¯ã¹ã©ãã·ã¥ã䜿çšããããšã¯ã§ããŸããããŸãããã¡ã€ã«åã®é æåã«ã¯ããªãªã (.)ã¯äœ¿çšã§ããŸãããTFTPãµãŒãäžã®ãã¡ã€ã«åã¯æé· 127æåãæ¬æ©å ã§ã¯æé· 31æåã§ãïŒå©çšã§ããæå :A-Z, a-z,0-9, ".", "-", "_"ïŒ
[泚æ ]ãã·ã¹ãã ãœãããŠã§ã¢ãã¡ã€ã«ã¯æ倧 2ã€ãŸã§ããä¿åã§ããŸãããèµ·åãã¡ã€ã«ã«æå®ãããŠãããã¡ã€ã«ã¯åé€ããããšãã§ããŸããã
ã·ã¹ãã ãœãããŠã§ã¢ã®ããŠã³ããŒã
runtime codeãããŠã³ããŒãããå ŽåãçŸåšã®ã€ã¡ãŒãžãšçœ®ãæããããã«çŸåšã®ãã¡ã€ã«ã Destination File NameãšããŠæå®ããããšãã§ããŸãããŸããçŸåšã® runtime codeãã¡ã€ã«ãšç°ãªããã¡ã€ã«åã䜿çšãæ¬äœã«ããŠã³ããŒããããã®åŸããŠã³ããŒããããã¡ã€ã«ãèµ·åãã¡ã€ã«ã«èšå®ããããšãã§ããŸãã
èšå®æ¹æ³
[System] â [File Management]â [Copy Operation]ãã¯ãªãã¯ããŸãã
20FXC9012F
Webã€ã³ã¿ãã§ãŒã¹åºæ¬èšå®
çŸåšã® runtime codeãã¡ã€ã«ãšç°ãªãååã§ããŠã³ããŒããè¡ã£ãå Žåã«ã¯ãæ°ããããŠã³ããŒããããã¡ã€ã«ããèµ·åãã¡ã€ã«ãšããŠäœ¿çšããã Operation Codeã«ããå¿ èŠããããŸããããããããŠã³ããã¯ã¹ããæ°ãããã¡ã€ã«åãéžæããŸãããã®åŸã[Apply Changes]ãã¯ãªãã¯ããŸããæ°ãããã¡ãŒã ãŠã§ã¢ã䜿çšããããã«ã¯æ¬æ©ã®åèµ·åãè¡ããŸãã
ãã¡ã€ã«ãåé€ããã«ã¯ã[System]â [File]â [Delete]ãã¯ãªãã¯ããŸãããã§ãã¯ããã¯ã¹ãã¯ãªãã¯ããŠåé€ãããã¡ã€ã«åããªã¹ãããéžæãã[Apply]ãã¯ãªãã¯ããŸããèµ·åãã¡ã€ã«ãšããŠæå®ãããŠãããã¡ã€ã«ã¯åé€ã§ããªãããšã«æ³šæããŠäžããã
2.3.6 èšå®æ å ±ãã¡ã€ã«ã®ä¿åã»åŸ©å
TFTPãµãŒãã䜿çšããèšå®æ å ±ãã¡ã€ã«ãããŠã³ããŒãåã¯ã¢ããããŒãããäºãã§ããŸããã¢ããããŒãããèšå®æ å ±ãã¡ã€ã«ã¯åŸããããŠã³ããŒãããæ¬æ©ã®èšå®ã埩å ããããã«äœ¿çšããããšãã§ããŸãã
èšå®ã»è¡šç€ºé ç®
TFTP Server IP Address
TFTPãµãŒãã® IPã¢ãã¬ã¹
File Name
ãã¡ã€ã«åã¯å€§æåãšå°æåãåºå¥ãããã¹ã©ãã·ã¥åã³ããã¯ã¹ã©ãã·ã¥ã䜿çšããããšã¯ã§ããŸããããŸãããã¡ã€ã«åã®é æåã«ã¯ããªãªã (.)ã¯äœ¿çšã§ããŸãããTFTPãµãŒãäžã®ãã¡ã€ã«åã¯æé· 127æåãæ¬æ©å ã§ã¯æé· 31æåã§ãïŒå©çšã§ããæå :A-Z, a-z,0-9, ".", "-", "_"ïŒ
[泚æ ]ãæ¬æ©å ã«ä¿åå¯èœãªèšå®ãã¡ã€ã«ã®æ倧æ°ã¯ãã©ãã·ã¥ã¡ã¢ãªã®å®¹éã«äŸåããŸãã
21 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹åºæ¬èšå®
èšå®æ å ±ãã¡ã€ã«ã®ããŠã³ããŒã
èšå®ãã¡ã€ã«ã¯æ°ãããã¡ã€ã«åã§ä¿åããèµ·åãã¡ã€ã«ãšããŠèšå®ã§ããä»ã«ãçŸåšã®èµ·åèšå®ãã¡ã€ã«ãä¿åå ã«æå®ããããšã§çŽæ¥èµ·åèšå®ãã¡ã€ã«ã眮ãæããããšãã§ããŸããäœãã"Factory_Default_Config.cfg"ãã¡ã€ã«ã¯ TFTPãµãŒããžã³ããŒããããšã¯ã§ããŸãããèšå®ãã¡ã€ã«ãããŠã³ããŒãããéã«ãããŠã³ããŒãå ã®ãã¡ã€ã«åãšããŠæå®ããæ°ãããã¡ã€ã«ã«çœ®ãæããããšã¯ã§ããŸããã
èšå®æ¹æ³
[System] â [file Management]â [Copy Operation]ãã¯ãªãã¯ããŸãã
çŸåšã®èµ·åèšå®ãã¡ã€ã«ãšç°ãªãååã§ããŠã³ããŒããè¡ã£ãå Žåã«ã¯ãæ°ããããŠã³ããŒããããã¡ã€ã«ããèµ·åãã¡ã€ã«ãšããŠäœ¿çšãããèšå®ãã¡ã€ã«ã«ããå¿ èŠããããŸããããããããŠã³ããã¯ã¹ããæ°ãããã¡ã€ã«åãéžæããŸãããã®åŸã[Apply]ãã¯ãªãã¯ããŸããæ°ããèšå®ã䜿çšããããã«ã¯æ¬æ©ã®åèµ·åãè¡ããŸãã
22FXC9012F
Webã€ã³ã¿ãã§ãŒã¹åºæ¬èšå®
2.3.7 Event Loggingã®èšå®
ãšã©ãŒã¡ãã»ãŒãžã®ãã°ã«é¢ããèšå®ãè¡ãããšãã§ããŸããã¹ã€ããæ¬äœãžä¿åããã€ãã³ãã¡ãã»ãŒãžã®çš®é¡ãsyslogãµãŒããžã®ãã°ã®ä¿åãåã³ææ°ã®ã€ãã³ãã¡ãã»ãŒãžã®äžèŠ§è¡šç€ºãªã©ãå¯èœã§ãã
ãã°ã¡ãã»ãŒãžã®è¡šç€º
Logsç»é¢ã§ã¯ãä¿åãããŠããã·ã¹ãã /ã€ãã³ãã¡ãã»ãŒãžã衚瀺ã§ããŸããæ¬äœã®RAM (é»æºæå ¥æã«ã¯æ¶å»ãããŸã )ã«äžæçã«ä¿åãããã¡ãã»ãŒãžã¯ 2048ãšã³ããªã§ãããã©ãã·ã¥ã¡ã¢ãªã«æ°žä¹ çã«ä¿åãããã¡ãã»ãŒãžã¯ 4096ãšã³ããªã§ãã
èšå®æ¹æ³
[System]â [Log]â [Logs]ãã¯ãªãã¯ããŸãã
syslogã®èšå®
æ¬æ©ã¯ãã€ãã³ãã¡ãã»ãŒãžã®ä¿å /éä¿åãRAM/ãã©ãã·ã¥ã¡ã¢ãªã«ä¿åããã¡ãã»ãŒãžã¬ãã«ã®æå®ãå¯èœã§ãã
ãã©ãã·ã¥ã¡ã¢ãªã®ã¡ãã»ãŒãžã¯æ¬æ©ã«æ°žä¹ çã«ä¿åããããããã¯ãŒã¯ã§é害ãèµ·ãã£ãéã®ãã©ãã«è§£æ±ºã«åœ¹ç«ã¡ãŸãããã©ãã·ã¥ã¡ã¢ãªã«ã¯ 4096件ãŸã§ä¿åããããšãã§ããä¿åå¯èœãªãã°ã¡ã¢ãª (256KB)ãè¶ ããå Žåã¯æãå€ããšã³ããªããäžæžããããŸãã
System Logsç»é¢ã§ã¯ããã©ãã·ã¥ã¡ã¢ãª /RAMã«ä¿åããã·ã¹ãã ã¡ãã»ãŒãžã®å¶éãèšå®ã§ããŸããåæèšå®ã§ã¯ããã©ãã·ã¥ã¡ã¢ãªã«ã¯ 0-3ã®ã¬ãã«ãå RAMã«ã¯ 0-6ã®ã¬ãã«ã®ã€ãã³ãã«é¢ããŠããããä¿åãããŸãã
èšå®ã»è¡šç€ºé ç®
System Log Status
ãããã°åã¯ãšã©ãŒã¡ãã»ãŒãžã®ãã°ä¿åã®æå¹ /ç¡å¹ïŒåæèšå®ïŒæå¹ïŒ
Flash Level
ã¹ã€ããæ¬äœã®ãã©ãã·ã¥ã¡ã¢ãªã«æ°žä¹ çã«ä¿åãããã°ã¡ãã»ãŒãžãæå®ããã¬ãã«ããäžã®ã¬ãã«ã®ã¡ãã»ãŒãžããã¹ãŠä¿åããŸããäŸãã° "3"ãæå®ãããšã0-3ã®ã¬ãã«ã®ã¡ãã»ãŒãžããã¹ãŠãã©ãã·ã¥ã¡ã¢ãªã«ä¿åãããŸãïŒç¯å²ïŒ0-7ãåæèšå®ïŒ3ïŒ
23 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹åºæ¬èšå®
â» çŸåšã®ãã¡ãŒã ãŠã§ã¢ã§ã¯ Level 2, 5, 6ã®ã¿ãµããŒãããŠããŸãã
RAM Level
ã¹ã€ããæ¬äœã® RAMã«äžæçã«ä¿åãããã°ã¡ãã»ãŒãžãæå®ããã¬ãã«ããäžã®ã¬ãã«ã®ã¡ãã»ãŒãžããã¹ãŠä¿åããŸããäŸãã° "7"ãæå®ãããšã0-7ã®ã¬ãã«ã®ã¡ãã»ãŒãžããã¹ãŠãã©ãã·ã¥ã¡ã¢ãªã«ä¿åãããŸãïŒç¯å²ïŒ0-7ãåæèšå®ïŒ6ïŒ
[泚æ]ããã©ãã·ã¥ã¡ã¢ãªã®ã¬ãã«ã¯RAMã¬ãã«ãšåããããããäžã®ã¬ãã«ã«ããŠäžãã
èšå®æ¹æ³
[System]â [Log]â [System Logs]ãã¯ãªãã¯ããŸãã"System Log Status"ã«ãã§ãã¯ãå ¥ããRAM/ãã©ãã·ã¥ã¡ã¢ãªã«ä¿åããã€ãã³ãã¡ãã»ãŒãžãèšå®ããŸãããã®åŸã[Apply]ãã¯ãªãã¯ããŸãã
ã¬ãã« åå 解説7 Debug ãããã°ã¡ãã»ãŒãž6 Informational æ å ±ã¡ãã»ãŒãž5 Notice éèŠãªã¡ãã»ãŒãž4 Warning èŠåã¡ãã»ãŒãž3 Error ãšã©ãŒç¶æ ã瀺ãã¡ãã»ãŒãž2 Critical é倧ãªç¶æ ã瀺ããšã©ãŒã¡ãã»ãŒãž1 Alert è¿ éãªå¯Ÿå¿ãå¿ èŠãªã¡ãã»ãŒãž0 Emergency ã·ã¹ãã äžå®å®ç¶æ ã瀺ãã¡ãã»ãŒãž
24FXC9012F
Webã€ã³ã¿ãã§ãŒã¹åºæ¬èšå®
ãªã¢ãŒããã°ã®èšå®
Remote Logsç»é¢ã§ã¯ãä»ã®ç®¡çã¹ããŒã·ã§ã³ãã syslogãµãŒããžéä¿¡ããã€ãã³ãã¡ãã»ãŒãžã®ãã°ã«é¢ããèšå®ãè¡ããŸããæå®ããã¬ãã«ããäžã®ãšã©ãŒã¡ãã»ãŒãžã ãéä¿¡ããããå¶éããããšãã§ããŸãã
èšå®ã»è¡šç€ºé ç®
Remote Log Status
ãããã°åã¯ãšã©ãŒã¡ãã»ãŒãžã®ãªã¢ãŒããã°ä¿åã®æå¹ /ç¡å¹ïŒåæèšå®ïŒæå¹ïŒ
Logging Facility
éä¿¡ãã syslogã¡ãã»ãŒãžã®ãã¡ã·ãªãã£ã¿ã€ãã8ã€ã®ãã¡ã·ãªãã£ã¿ã€ãã 16-23ã®å€ã§æå®ããŸããsyslogãµãŒãã¯ã€ãã³ãã¡ãã»ãŒãžãé©åãªãµãŒãã¹ãžéä¿¡ããããã«ãã¡ã·ãªãã£ã¿ã€ãã䜿çšããŸãã
æ¬å±æ§ã§ã¯ syslogã¡ãã»ãŒãžãšããŠéä¿¡ãããã¡ã·ãªãã£ã¿ã€ãã¿ã°ãæå®ããŸã (詳现ïŒRFC3164)ãã¿ã€ãã®èšå®ã¯ãæ¬æ©ã«ããå ±åããã¡ãã»ãŒãžã®çš®é¡ã«åœ±é¿ããŸãããsyslogãµãŒãã«ãããŠãœãŒããããŒã¿ããŒã¹ãžã®ä¿åã®éã«äœ¿çšãããŸãïŒç¯å²ïŒ16-23ãåæèšå®ïŒ23ïŒ
Logging Trap
syslogãµãŒãã«éä¿¡ããã¡ãã»ãŒãžã®çš®é¡ãæå®ããã¬ãã«ããäžã®ã¬ãã«ã®ã¡ãã»ãŒãžããã¹ãŠä¿åããŸããäŸãã° "3"ãæå®ãããšã0-3ã®ã¬ãã«ã®ã¡ãã»ãŒãžããã¹ãŠãªã¢ãŒããµãŒãã«ä¿åãããŸãïŒç¯å²ïŒ0-7ãåæèšå®ïŒ6ïŒ
Host IP List
syslogã¡ãã»ãŒãžãåãåããªã¢ãŒã syslogãµãŒãã® IPã¢ãã¬ã¹ã®ãªã¹ãã衚瀺ããŸããHost IPã¢ãã¬ã¹ã®äžé㯠5ã€ã§ãã
Host IP Address
Host IP Listã«è¿œå ãããªã¢ãŒã syslogãµãŒãã® IPã¢ãã¬ã¹ã
èšå®æ¹æ³
[System]â [Log]â [Remote Logs]ãã¯ãªãã¯ããŸãã"Host IP List"ã« IPã¢ãã¬ã¹ãæå®ããã«ã¯ã"Host IP Address"ã«è¿œå ãã IPã¢ãã¬ã¹ãå ¥åãã[Add]ãã¯ãªãã¯ããŸããIPã¢ãã¬ã¹ãåé€ããã«ã¯ã"Host IP List"ããåé€ãã IPã¢ãã¬ã¹ãã¯ãªãã¯ãããã®åŸ[Remove]ãã¯ãªãã¯ããŸãã
25 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹åºæ¬èšå®
2.3.8 åèµ·å
èšå®æ¹æ³
[System]â [Reset]ãã¯ãªãã¯ããŸãã[Reset]ãã¿ã³ãæŒããŠãæ¬æ©ã®åèµ·åãè¡ããŸããåèµ·åã®ç¢ºèªãä¿ãããã³ããã衚瀺ããããã確èªããŠå®è¡ããŸãã
[泚æ ]ã åèµ·åæã«ã¯ Power-On Self-Testãå®è¡ãããŸãã
2.3.9 ã·ã¹ãã ã¯ããã¯èšå®
SNTP(Simple Network Time Protocol)æ©èœã¯ãã¿ã€ã ãµãŒã (SNTP/NTP)ããã®åšæçãªã¢ããããŒãã«ããæ¬æ©å éšã®æå»èšå®ãè¡ãããšãã§ããŸããæ¬æ©ã®å éšæå»ã®èšå®ãæ£ç¢ºã«ä¿ã€ããšã«ãããã·ã¹ãã ãã°ã®ä¿åã®éã«æ¥æãæ£ç¢ºã«èšé²ããããšãã§ããŸãã
ãŸããCLIããæåã§æå»ã®èšå®ãè¡ãããšãã§ããŸãïŒè©³çŽ°ã¯ P4-61ãCalendar Setããåç §ïŒ
æå»ã®èšå®ããããŠããªãå Žåãåæèšå®ã®æå»ãèšé²ããæ¬æ©èµ·åæããã®æéãšãªããŸãã
æ¬æ©ã¯ SNTPã¯ã©ã€ã¢ã³ããšããŠæå¹ãªå Žåãèšå®ããŠããã¿ã€ã ãµãŒãã«å¯ŸããŠæå»ã®ååŸãèŠæ±ããŸããæ倧 3ã€ã®ã¿ã€ã ãµãŒãã® IPã¢ãã¬ã¹ãèšå®ããããšãã§ããŸããåãµãŒãã«å¯ŸããŠæå»ã®ååŸãèŠæ±ããŸãã
SNTPèšå®
æ¬æ©ã§ã¯ãç¹å®ã®ã¿ã€ã ãµãŒãã«å¯ŸããŠæéã®åæãªã¯ãšã¹ããéä¿¡ããŸãã
[泚æ ]ãSNTPèšå®ã¯ CLIããã®ã¿å¯èœã§ããèšå®æ¹æ³ã«ã€ããŠã¯ P248 ãTimeã³ãã³ãããåç §ãã ããã
èšå®æ¹æ³
[SNTP]â [Configuration]ãã¯ãªãã¯ããŸããåé ç®ãå ¥åãã[Apply]ãã¯ãªãã¯ããŸãã
26FXC9012F
Webã€ã³ã¿ãã§ãŒã¹åºæ¬èšå®
ã¿ã€ã ãŸãŒã³ã®èšå®
SNTPã§ã¯ UTC(Coordinated Universal Time:åå®äžçæéãå¥åïŒGMT/Greenwich Mean Time)ã䜿çšããŸãã
æ¬æ©ãèšçœ®ããŠããçŸå°æéã«å¯Ÿå¿ããããã« UTCããã®æå·®ïŒã¿ã€ã ãŸãŒã³ïŒã®èšå®ãè¡ãå¿ èŠããããŸãã
èšå®ã»è¡šç€ºé ç®
Current Time
çŸåšæå»ã®è¡šç€º
Name
ã¿ã€ã ãŸãŒã³ã«å¯Ÿããå称ãèšå®ããŸããïŒèšå®ç¯å²ïŒ1-29æåïŒ
Hours (0-12)
UTCããã®æéã®å·®ãèšå®ããŸãã
Minutes (0-59)
UTCããã®æéïŒåæ°ïŒã®å·®ãèšå®ããŸãã
Direction
UTCããã®ã¿ã€ã ãŸãŒã³ã®å·®ããã©ã¹ããã€ãã¹ããèšå®ããŸãã
èšå®æ¹æ³
[SNTP]â [Clock Time Zone]ãã¯ãªãã¯ããŸããUTCãšã®æå·®ãèšå®ã [Apply]ãã¯ãªãã¯ããŸãã
27 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹SNMP
2.4 SNMP
Simple Network Management Protocol (SNMP)ã¯ãããã¯ãŒã¯äžã®æ©åšã®ç®¡ççšã®éä¿¡ãããã³ã«ã§ããSNMPã¯äžè¬çã«ãããã¯ãŒã¯æ©åšãã³ã³ãã¥ãŒã¿ãªã©ã®ç£èŠãèšå®ããããã¯ãŒã¯çµç±ã§è¡ãéã«äœ¿çšãããŸãã
æ¬æ©ã¯ SNMPãšãŒãžã§ã³ããæèŒããããŒãã®éä¿¡ãããŒããŠã§ã¢ã®ç¶æ ãç£èŠããããšãã§ããŸããSNMP察å¿ã®ãããã¯ãŒã¯ç®¡çãœãããŠã§ã¢ã䜿çšããããšã§ããããã®æ å ±ã«ã¢ã¯ã»ã¹ããããšãå¯èœã§ããæ¬æ©ã®å èµãšãŒãžã§ã³ããžã®ã¢ã¯ã»ã¹æš©ã¯ã³ãã¥ããã£å (Community Strings)ã«ããèšå®ãããŸãããã®ãããæ¬æ©ã«ã¢ã¯ã»ã¹ããããã«ã¯ãäºåã«ç®¡çãœãããŠã§ã¢ã®ã³ãã¥ããã£åãé©åãªå€ã«èšå®ããå¿ èŠããããŸãã
æ¬æ©ã¯ãSNMPããŒãžã§ã³ 1,2c,3ããµããŒããããšãŒãžã§ã³ããæèŒããããŒãã®éä¿¡ãããŒããŠã§ã¢ã®ç¶æ ãç£èŠããããšãã§ããŸãããããã¯ãŒã¯äžã®ãããŒãžã¡ã³ãã¹ããŒã·ã§ã³ã¯ããããã¯ãŒã¯ç®¡çãœãããŠã§ã¢ã䜿çšãããããã®æ å ±ã«ã¢ã¯ã»ã¹ããããšãå¯èœã§ãã
SNMPv1,v2cã䜿çšæã®ã¢ã¯ã»ã¹èªèšŒã¯ã³ãã¥ããã£åã«ãã£ãŠã®ã¿è¡ãããŸãããSNMPv3ã§ã¯ãããŒãžã£ãšãšãŒãžã§ã³ãéã亀æããã¡ãã»ãŒãžãèªèšŒãæå·åããããšã«ãã£ãŠãæ©åšãžã®ã»ãã¥ã¢ãªã¢ã¯ã»ã¹ãæäŸããŠããŸãã
SNMPv3ã§ã¯ãã»ãã¥ãªãã£ã¢ãã«ããã³ã»ãã¥ãªãã£ã¬ãã«ãå®çŸ©ãããŸããã»ãã¥ãªãã£ã¢ãã«ã¯ããŠãŒã¶ãŒããã³ããŠãŒã¶ãŒãå±ããã°ã«ãŒããèšå®ããããã»ã¹ã§ããã»ãã¥ãªãã£ã¬ãã«ã¯ãã»ãã¥ãªãã£ã¢ãã«ã§èš±å¯ãããã»ãã¥ãªãã£ã®ã¬ãã«ã§ããã»ãã¥ãªãã£ã¢ãã«ãšã»ãã¥ãªãã£ã¬ãã«ã®çµã¿åããã«ãã£ãŠãSNMPãã±ããã®åãæ±ãã«éããŠäœ¿çšãããããã»ã¹ã決å®ãããŸããã»ãã¥ãªãã£ã¢ãã«ã«ã¯ SNMPv1ãSNMPv2cããã³ SNMPv3ã® 3çš®é¡ãå®çŸ©ãããŠããŸãã
2.4.1 ã³ãã¥ããã£åã®èšå®
管çã¢ã¯ã»ã¹ã®èªèšŒã®ããã®ã³ãã¥ããã£åãæ倧 5ã€èšå®ããããšãã§ããŸããIPãã©ãããããŒãžã£ã§äœ¿çšãããã³ãã¥ããã£åããã¹ãŠããã«ãªã¹ããããŠããŸãã
ã»ãã¥ãªãã£ã®ãããåæèšå®ã®ã³ãã¥ããã£åãåé€ããããšãæšå¥šããŸãã
èšå®ã»è¡šç€ºé ç®
SNMP Community Capability
æ¬æ©ãæ倧 5ã€ã®ã³ãã¥ããã£åããµããŒãããŠããããšãè¡šããŠããŸã
Current
çŸåšèšå®ãããŠããã³ãã¥ããã£åã®ãªã¹ã
Community String
SNMPã§ã®ã¢ã¯ã»ã¹ãè¡ãéã«ãã¹ã¯ãŒãã®åœ¹å²ãæããã³ãã¥ããã£å
ïŒåæèšå®ïŒ"public"ïŒRead-Onlyã¢ã¯ã»ã¹ïŒ, "private"ïŒRead/Writeã¢ã¯ã»ã¹ïŒãèšå®ç¯å²ïŒ1-32æå , 倧æåå°æåã¯åºå¥ãããŸãïŒ
Access Mode
ã³ãã¥ããã£åãžã®ã¢ã¯ã»ã¹æš©ãèšå®ããŸã :
ïŒ Read-Only â èªã¿åãå°çšã¢ã¯ã»ã¹ãšãªããŸãã管çãœãããŠã§ã¢ããã¯MIBãªããžã§ã¯ãã®ååŸã®ã¿ãã§ããŸãã
ïŒ Read/Write â èªã¿æžãå¯èœãªã¢ã¯ã»ã¹ãšãªããŸããèªå¯ããã管çã¹ããŒã·ã§ã³ã¯MIBãªããžã§ã¯ãã®ååŸãšå€æŽã®äž¡æ¹ãå¯èœã§ãã
28FXC9012F
Webã€ã³ã¿ãã§ãŒã¹SNMP
èšå®æ¹æ³
[SNMP]â [Configuration]ãã¯ãªãã¯ããŸããã³ãã¥ããã£åã®è¿œå ãè¡ãå Žåã¯[Community String]æ¬ã«æ°ããã³ãã¥ããã£åãå ¥åããAccess ModeããŠã³ãªã¹ãããã¢ã¯ã»ã¹æš©ãéžæãã[Add]ãã¯ãªãã¯ããŸãã
2.4.2 ãã©ãããããŒãžã£ã»ãã©ããã¿ã€ãã®æå®
æ¬æ©ã®ç¶æ ã«å€æŽããã£ãå Žåã«æ¬æ©ãããã©ãããããŒãžã£ã«å¯ŸããŠãã©ãããåºãããŸãããã©ãããæå¹ã«ããããã«ã¯ãã©ãããåãåããã©ãããããŒãžã£ãæå®ããå¿ èŠããããŸãã
èªèšŒå€±æã¡ãã»ãŒãžåã³ä»ã®ãã©ããã¡ãã»ãŒãžãåä¿¡ãã管ç端æ«ãæ倧 5ã€ãŸã§æå®ããããšãã§ããŸãã
èšå®ã»è¡šç€ºé ç®
Trap Manager Capability
æ¬æ©ãæ倧 5ã€ã®ãã©ãããããŒãžã£ããµããŒãããŠããããšãè¡šããŠããŸã
Current
ç»é²ãããŠãããã©ãããããŒãžã£ã®ãªã¹ã
Trap Manager IP Address
ãã©ãããåä¿¡ãããã¹ãã® IPã¢ãã¬ã¹
Trap Manager Community String
ãã©ããéä¿¡æã®ã³ãã¥ããã£åïŒèšå®ç¯å²ïŒ1-32æåã倧æåå°æåã¯åºå¥ãããŸãïŒ
Trap UDP Port
ãã©ããããŒãžã£ã䜿çšãã UDPããŒããæå®ããŸãïŒåæèšå®ïŒ162ïŒ
Trap Version
éä¿¡ãããã©ããã®ããŒãžã§ã³ïŒSNMP v1å㯠SNMP v2ãv3ãåæèšå®ïŒSNMP v1ïŒ
Trap Security Level
ãã©ããã»ãã¥ãªãã£ã¬ãã«ãæå®ããŸã
Enable Authentication Traps
29 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹SNMP
èªèšŒæã«äžæ£ãªãã¹ã¯ãŒããéä¿¡ãããå Žåã«ãã©ãããçºè¡ãããŸãïŒåæèšå®ïŒæå¹ïŒ
Enable Link-up and Link-down Traps
Link-upå㯠Link-downæã«ãã©ãããçºè¡ãããŸãïŒåæèšå®ïŒæå¹ïŒ
èšå®æ¹æ³
[SNMP]â [Configuration]ãã¯ãªãã¯ããŸãã[Trap Managers]ã§ããã©ãããåä¿¡ãããã©ãããããŒãžã£ã® IPã¢ãã¬ã¹ (Trap Manager IP Address)ãã³ãã¥ããã£å (Trap Manager Community String)ãå ¥åããŸããSNMPããŒãžã§ã³ (SNMP Version)ãæå®ããŸãã[Add]ãã¯ãªãã¯ãããšãå·ŠåŽã®ïŒCurrentïŒãªã¹ãã«æ°ãããããŒãžã£ãè¿œå ãããŸãããã©ããã®çš®é¡ (èªèšŒæãLink-up/down)ã®å€æŽãè¡ãå Žåã¯ãã§ãã¯ããã¯ã¹ã§éžæããŸããèšå®å®äºåŸã[Apply]ãã¯ãªãã¯ããŸãããã©ãããããŒãžã£ãåé€ããå Žåã¯ããªã¹ããããããŒãžã£ãéžæã [Remove]ãã¯ãªãã¯ããŸãã
30FXC9012F
Webã€ã³ã¿ãã§ãŒã¹SNMP
2.4.3 SNMPãšãŒãžã§ã³ããæå¹ã«ãã
SNMPv3ãµãŒãã¹ãæå¹ã«ããŸã
èšå®ã»è¡šç€ºé ç®
SNMP Agent Status
ãã§ãã¯ãå ¥ããããšã§ãSNMPãšãŒãžã§ã³ããæå¹ã«ãªããŸã
èšå®æ¹æ³
[SNMP]â [Agent Status]ãã¯ãªãã¯ããŸãã[Enable]ãã§ãã¯ããã¯ã¹ã«ãã§ãã¯ãå ¥ãã
[Apply]ãã¯ãªãã¯ããŸãã
2.4.4 SNMPv3ãããŒãžã¡ã³ãã¢ã¯ã»ã¹ã®èšå®
ã¹ã€ãããž SNMPv3ãããŒãžã¡ã³ãã¢ã¯ã»ã¹ãè¡ãéã«ã¯ä»¥äžã®æé ã§èšå®ããŸãã
ïŒ1ïŒãšã³ãžã³ IDã®èšå®ãè¡ããŸãããšã³ãžã³ IDã®èšå®ã¯å¿ ãäžçªæåã«è¡ã£ãŠãã ããã
ïŒ2ïŒãã¥ãŒã®èšå®ãè¡ããŸãããã¥ãŒãåºã«ãèªã¿èŸŒã¿å°çšã»æžã蟌ã¿èš±å¯ãªã©ã®ã¢ã¯ã»ã¹å¶åŸ¡ãè¡ãããŸãã
ïŒ3ïŒã°ã«ãŒããèšå®ããŸããã»ãã¥ãªãã£ã¢ãã«ã®éžæããã³ (2)ã§èšå®ãããã¥ãŒã䜿çšããã°ã«ãŒãã«æå±ããå šãŠãŒã¶ãŒã®ã¢ã¯ã»ã¹å¶éãå®çŸ©ããŸãã
ïŒ4ïŒãŠãŒã¶ãŒãäœæããæå±ããã°ã«ãŒãã決å®ããŸãã
ããŒã«ã«ãšã³ãžã³ IDã®èšå®
SNMPãšã³ãžã³ã¯ãã¹ã€ããäžã®ç¬ç«ãã SNMPãšãŒãžã§ã³ãã§ãããã®ãšã³ãžã³ã¯ã¡ãã»ãŒãžã®åéãé 延ããã³ãªãã€ã¬ã¯ã·ã§ã³ãé²æ¢ããŸãããšã³ãžã³ IDã¯ããŠãŒã¶ãŒãã¹ã¯ãŒããšçµã¿åãããŠãSNMPv3ãã±ããã®èªèšŒãšæå·åãè¡ãããã®ã»ãã¥ãªãã£ããŒãçæããŸãã
ããŒã«ã«ãšã³ãžã³ IDã¯ã¹ã€ããã«ããããŠåºæã«ãªãããã«èªåçã«çæãããŸãããããããã©ã«ããšã³ãžã³ IDãšãã³ãŸãã
ããŒã«ã«ãšã³ãžã³ IDãåé€ãŸãã¯å€æŽãããå Žåãå šãŠã® SNMPãŠãŒã¶ãŒã¯ã¯ãªã¢ãããŸãããã®ããæ¢åã®ãŠãŒã¶ãŒã®åæ§æãè¡ãå¿ èŠããããŸãã
31 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹SNMP
ãšã³ãžã³ IDã¯ã1ãã 26æåã® 16é²æ°ãæå®ã§ããŸãããã 26æå以äžãå ¥åããå ŽåãåŸã« 0ãå ããããŸããäŸãã°ãâ1234âã¯ãâ1234âã®åŸã« 22åã® 0ãè¿œå ãããå€ãšçãããªããŸãã
èšå®ã»è¡šç€ºé ç®
Engine ID
ãšã³ãžã³ IDãèšå®ããŸãã
èšå®æ¹æ³
[SNMP]â [SNMPv3 Engine ID]ãã¯ãªãã¯ããŸããEngine IDãå ¥åãã[Save]ãã¯ãªãã¯ããŸããããã©ã«ãå€ã䜿çšããå Žåã«ã¯ [Default]ãã¿ã³ãã¯ãªãã¯ããŸãã
ãªã¢ãŒããšã³ãžã³ IDã®èšå®
ãªã¢ãŒãããã€ã¹äžã® SNMPv3ãŠãŒã¶ãŒãžã€ã³ãã©ãŒã ã¡ãã»ãŒãžãéãå Žåãæåã«ãªã¢ãŒããšã³ãžã³ IDãèšå®ããŸãããªã¢ãŒããšã³ãžã³ IDã¯ããªã¢ãŒããã¹ãã§èªèšŒãšæå·åãã±ããã®ã»ãã¥ãªãã£ãã€ãžã§ã¹ããèšç®ããããã«äœ¿çšãããŸããSNMPãã¹ã¯ãŒãã¯ãä¿¡é Œã§ãããšãŒãžã§ã³ãã®ãšã³ãžã³ IDã䜿çšããŠããŒã«ã©ã€ãºãããŸããã€ã³ãã©ãŒã ã®ä¿¡é Œã§ãã SNMPãšãŒãžã§ã³ãã¯ãªã¢ãŒããšãŒãžã§ã³ãã§ãããã®ããããããã·ãªã¯ãšã¹ããŸãã¯ã€ã³ãã©ãŒã ãéä¿¡ããåã«ãªã¢ãŒããšãŒãžã§ã³ãã® SNMPãšã³ãžã³ IDãèšå®ããå¿ èŠããããŸããïŒè©³ãã㯠P29 ããã©ãããããŒãžã£ã»ãã©ããã¿ã€ãã®æå®ãããã³ P31 ãSNMPv3ãããŒãžã¡ã³ãã¢ã¯ã»ã¹ã®èšå®ããåç §ããŠãã ããïŒããšã³ãžã³ IDã¯ã1ãã 26æåã® 16é²æ°ãæå®ã§ããŸãããã 26æå以äžãå ¥åããå ŽåãåŸã«0ãå ããããŸããäŸãã°ãâ1234âã¯ãâ1234âã®åŸã« 22åã® 0ãè¿œå ãããå€ãšçãããªããŸã
èšå®ã»è¡šç€ºé ç®
Remote Engine ID
ãªã¢ãŒããšã³ãžã³ IDãèšå®ããŸãã
Remote IP Host
ãªã¢ãŒãããã€ã¹ã® IPã¢ãã¬ã¹ãèšå®ããŸãã
èšå®æ¹æ³
[SNMP]â [SNMPv3 Remote Engine ID]ãã¯ãªãã¯ããŸããEngine IDãRemote IP Hostãå ¥åãã[Add]ãã¯ãªãã¯ããŸããIDãåé€ããå Žåã«ã¯ [Remove]ãã¯ãªãã¯ããŸãã
32FXC9012F
Webã€ã³ã¿ãã§ãŒã¹SNMP
33 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹SNMP
SNMPv3ãŠãŒã¶ãŒã®èšå®
ããããã® SNMPv3ãŠãŒã¶ãŒã¯åºæã®ååãæã¡ãŸãã
ããã§ã¯ãåãŠãŒã¶ãŒã®æå±ã°ã«ãŒããã»ãã¥ãªãã£ã¬ãã«çãèšå®ããŸããSNMP v3ã§ã¯ããŠãŒã¶ãŒãæå±ããã°ã«ãŒãã«ãã£ãŠã¢ã¯ã»ã¹å¶éãå®çŸ©ãããŸãã
èšå®ã»è¡šç€ºé ç®
User Name
SNMPv3ãŠãŒã¶ãŒåïŒ1-32æåïŒ
Group Name
æ¢åã®ã°ã«ãŒãããéžæãŸãã¯æ°èŠã°ã«ãŒããäœæããŸãïŒ1-32æåïŒ
Model
ã»ãã¥ãªãã£ã¢ãã«ãéžæããŸãïŒv1,v2c,v3ãåæèšå®ïŒv1ïŒ
Level
ã»ãã¥ãªãã£ã¬ãã«
ïŒ noAuthNoPrivïŒ èªèšŒãæå·åãè¡ããŸããïŒv3ã»ãã¥ãªãã£ã¢ãã«ã®åæèšå®å€ïŒ
ïŒ AuthNoPrivïŒ èªèšŒãè¡ããŸããæå·åã¯è¡ããŸããïŒv3ã»ãã¥ãªãã£ã¢ãã«ã§ã®ã¿èšå®å¯ïŒ
ïŒ AuthPrivïŒ èªèšŒãšæå·åãè¡ããŸãïŒv3ã»ãã¥ãªãã£ã¢ãã«ã§ã®ã¿èšå®å¯ïŒ
Authentication
èªèšŒçšãããã³ã«ã®éžæãMD5ãŸã㯠SHAïŒåæèšå®ïŒMD5ïŒ
Authentication Password
èªèšŒçšãã¹ã¯ãŒãïŒæå° 8æåïŒ
Privacy
æå·åãããã³ã«ãDES56bitã®ã¿äœ¿çšå¯
Actions
ãŠãŒã¶ãå¥ã® SNMPv3ã°ã«ãŒããžã¢ãµã€ã³ããããšãã§ããŸãã
34FXC9012F
Webã€ã³ã¿ãã§ãŒã¹SNMP
èšå®æ¹æ³
[SNMP]â [SNMPv3 Users]ãã¯ãªãã¯ããŸããæ°ãããŠãŒã¶ãŒãç»é²ããå Žåã[New...]ãã¯ãªãã¯ããŸãã[SNMPv3 Users--New]ã®ããŒãžã衚瀺ãããŸãã(User Name)(Group Name)(Security Model)(Security Lebel)(User Authentication)(Data Privacy)ã®èšå®ãè¡ãã[Add]ãã¯ãªãã¯ããŸãã[SNMPv3 Users]ã®ããŒãžã«æ»ããç»é²ãããŠãŒã¶ãŒããªã¹ãã«è¿œå ãããŸããå€æŽãè¡ãå Žåã«ã¯ [Change Group]ãã¯ãªãã¯ãããš [SNMPv3 Users--Edit]ã®ããŒãžãžç§»åããŸãããŠãŒã¶ãŒãåé€ããå Žåã«ã¯ãåé€ããããŠãŒã¶ãŒåã®ãã§ãã¯ããã¯ã¹ãžãã§ãã¯ãå ¥ãã[Delete]ãã¯ãªãã¯ããŸãã
SNMPv3ã°ã«ãŒãã®èšå®
35 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹SNMP
SNMPv3ã°ã«ãŒãã¯ãç¹å®ã®ã»ãã¥ãªãã£ã¢ãã«ã«å±ãããŠãŒã¶ãŒã®éåã§ããã°ã«ãŒãã¯ãã®ã°ã«ãŒãã«å±ããå šãŠãŒã¶ãŒã®ã¢ã¯ã»ã¹ããªã·ãŒãå®çŸ©ããŸããã¢ã¯ã»ã¹ããªã·ãŒã«ãã£ãŠãèªã¿åããæžã蟌ã¿ããŸãã¯åä¿¡ã§ãããã©ããéç¥ã®å¶éãè¡ãããŸãã
èšå®ã»è¡šç€ºé ç®
Group Name
ã°ã«ãŒãåïŒ1-32æåïŒ
Model
ã»ãã¥ãªãã£ã¢ãã«ïŒ1,v2c,v3ïŒ
Lebel
ïŒ noAuthNoPrivïŒ èªèšŒãæå·åãè¡ããŸããïŒ AuthNoPrivïŒ èªèšŒãè¡ããŸããæå·åã¯è¡ããŸããïŒv3ã»ãã¥ãªãã£ã¢ãã«ã§ã®ã¿
èšå®å¯ïŒïŒ AuthPrivïŒ èªèšŒãšæå·åãè¡ããŸãïŒv3ã»ãã¥ãªãã£ã¢ãã«ã§ã®ã¿èšå®å¯ïŒ
Read View
Readã¢ã¯ã»ã¹ã®ãã¥ãŒãèšå®ããŸã
Write View
Witeã¢ã¯ã»ã¹ã®ãã¥ãŒãèšå®ããŸã
Notify View
éç¥ãã¥ãŒãèšå®ããŸããäžè¡šã«ãŠãµããŒãããéç¥ã¡ãã»ãŒãžã瀺ããŸãã
èšå®æ¹æ³
Object Label Object ID
RFC1493Traps
newRoot 1.3.6.1.2.1.17.0.1
topologyChange 1.3.6.1.2.1.17.0.2
SNMPv2 Traps
coldStart 1.3.6.1.6.3.1.1.5.1
warmStart 1.3.6.1.6.3.1.1.5.2
linkDown 1.3.6.1.6.3.1.1.5.3
linkUp 1.3.6.1.6.3.1.1.5.4
authenticationFailure
1.3.6.1.6.3.1.1.5.5
RMON Events(V2)
risingAlarm 1.3.6.1.2.1.16.0.1
fallingAlarm 1.3.6.1.2.1.16.0.2
Private Traps
swPowerStatus Change Trap 1.3.6.1.4.1.202.20.56.63.2.1.0.1
swIpFilterRejectTrap
1.3.6.1.4.1.202.20.56.63.2.1.0.40
pethPsePortOnOff Notification 1.3.6.1.4.1.202.20.56.63.2.1.0.43
pethPsePortPowerMaintenanceStatus Notification
1.3.6.1.4.1.202.20.56.63.2.1.0.44
pethMainPower Usage OnNotification 1.3.6.1.4.1.202.20.56.63.2.1.0.45
pethMainPower Usage OffNotification 1.3.6.1.4.1.202.20.56.63.2.1.0.46
36FXC9012F
Webã€ã³ã¿ãã§ãŒã¹SNMP
[SNMP]â [SNMPv3 Groups]ãã¯ãªãã¯ããŸããæ°ããã°ã«ãŒããç»é²ããå Žåã[New...]ãã¯ãªãã¯ããŸãã(Group Name)(Security Model)(Security Lebel)(Read View)(Write View)(Notify View)ã®èšå®ãè¡ãã[Add]ãã¯ãªãã¯ããŸãã[SNMPv3 Groups]ã®ããŒãžã«æ»ããç»é²ããã°ã«ãŒãããªã¹ãã«è¿œå ãããŸããã°ã«ãŒããåé€ããå Žåã«ã¯ãåé€ãããã°ã«ãŒãåã®ãã§ãã¯ããã¯ã¹ãžãã§ãã¯ãå ¥ãã[Delete]ãã¯ãªãã¯ããŸãã
SNMPv3ãã¥ãŒã®èšå®
SNMPãã¥ãŒãšã¯ãSNMPãªããžã§ã¯ããšããããã®ãªããžã§ã¯ãã«ã€ããŠäœ¿çšå¯èœãªã¢ã¯ã»ã¹æš©éãšå¯Ÿå¿é¢ä¿ã瀺ããç©ã§ãã
äºåã«å®çŸ©ãããŠãããã¥ãŒïŒããã©ã«ããã¥ãŒïŒã«ã¯å šäœã® MIBããªãŒãžã®ã¢ã¯ã»ã¹ãå«ãŸããŸãã
èšå®ã»è¡šç€ºé ç®
View Name
SNMPãã¥ãŒåïŒ1-64æåïŒ
View OID Subtrees
ãã¥ãŒã®å 容ã衚瀺ãããŸã
Edit OID Subtrees
37 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹SNMP
æ¢åã®ãã¥ãŒã®ç·šéãã§ããŸã
OID Subtrees
åç §å¯èœã«ãã MIBããªãŒã® OIDãã¯ã€ã«ãã«ãŒãã䜿çšããŠãã¹ã¯ãèšå®ããããšãå¯èœã§ã
Type
[OID Subtrees]ã§æå®ãã OIDããåç §å¯èœãªç¯å²ã«å«ãïŒincludedïŒãå«ãŸãªãïŒexcludedïŒããéžæããŸã
èšå®æ¹æ³
[SNMP]â [SNMPv3 Views]ãã¯ãªãã¯ããŸããæ°ãããã¥ãŒãç»é²ããå Žåã[New...]ãã¯ãªãã¯ããŸãã(View Name)(OID Subtree)(Type)ã®èšå®ãè¡ãã[Add]ãã¯ãªãã¯ããŸããèšå®åŸã¯ [Back]㧠[SNMPv3 Views]ã®ããŒãžã«æ»ããŸããã°ã«ãŒããåé€ããå Žåã«ã¯ãåé€ãããã°ã«ãŒãåã®ãã§ãã¯ããã¯ã¹ãžãã§ãã¯ãå ¥ãã[Delete]ãã¯ãªãã¯ããŸãã(OID Subtree)ãã¯ãªãã¯ãããš Viewã®æ å ±ã衚瀺ãããŸããç·šéãè¡ãå Žåã«ã¯ (Edit OID Subtree)ãã¯ãªãã¯ããŸãã
38FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ãŠãŒã¶èªèšŒ
2.5 ãŠãŒã¶èªèšŒ
æ¬æ©ã®ç®¡çã¢ã¯ã»ã¹ãžã¯ä»¥äžã®æ¹æ³ã«ããå¶éãè¡ããŸãã
⢠ãã¹ã¯ãŒã - æ¬æ©å éšã«ãããŠåãŠãŒã¶ã®ã¢ã¯ã»ã¹æš©ã®èšå®ãè¡ãããšãã§ããŸãã
⢠èªèšŒèšå® -ãªã¢ãŒãèªèšŒãµãŒããå©çšããŠãŒã¶ã®ã¢ã¯ã»ã¹æš©ã®èšå®ãè¡ããŸãã
⢠HTTPS - HTTPSãå©çšããã»ãã¥ãªãã£ã確ä¿ããWebã¢ã¯ã»ã¹ãè¡ããŸãã
⢠SSH - secure shell ãå©çšããã»ãã¥ãªãã£ã確ä¿ãã Telnetã¢ã¯ã»ã¹ãè¡ããŸãã
⢠ããŒãã»ãã¥ãªã㣠- åããŒãã« MACã¢ãã¬ã¹ã«ããã»ãã¥ãªãã£ãæäŸããŸãã
⢠IEEE802.1x - IEEE802.1xããŒãèªèšŒã«ããåããŒãã®ã¢ã¯ã»ã¹ãã³ã³ãããŒã«ããŸãã
⢠IPãã£ã«ã¿ - WebãSNMPãTelnetãžã®ç®¡çã¢ã¯ã»ã¹ããã£ã«ã¿ãªã³ã°ããŸãã
2.5.1 ãŠãŒã¶ã¢ã«ãŠã³ãã®èšå®
ã²ã¹ãã¢ãŒãã§ã¯ã»ãšãã©ã®èšå®ãã©ã¡ãŒã¿ã«ãããŠã衚瀺ããè¡ãããšãã§ããŸããã管çè ã¢ãŒãã§ã¯èšå®ãã©ã¡ãŒã¿ã®å€æŽãè¡ãããšãã§ããŸãã
å®å šã®ããã管çè çšãã¹ã¯ãŒãã¯åæèšå®ããã®å€æŽãè¡ãªãããã¹ã¯ãŒãã¯å®å šãªå Žæã«ä¿ç®¡ããŠäžããã
åæèšå®ã§ã¯ãã²ã¹ãã¢ãŒãã®ãŠãŒã¶åã»ãã¹ã¯ãŒãã¯å ±ã«ãguestãã管çè ã¢ãŒãã®ãŠãŒã¶åã»ãã¹ã¯ãŒãã¯ãadminãã§ãã
ãŠãŒã¶å㯠CLIã䜿çšããå Žåã®ã¿å©çšãå€æŽå¯èœã§ãã
èšå®ã»è¡šç€ºé ç®
Accout List
ç»é²ãããŠãããŠãŒã¶ã¢ã«ãŠã³ããšãåã¢ã«ãŠã³ãã«é¢é£ä»ããããŠããã¢ã¯ã»ã¹ã¬ãã«ã®ãªã¹ãïŒåæèšå®ïŒadminåã³ guest)
New Account
æ°ãã«è¿œå ãããŠãŒã¶ã¢ã«ãŠã³ãæ å ±
ïŒ User Name â ãŠãŒã¶å (æ倧æåæ°ïŒ8æåãæ倧ãŠãŒã¶æ°ïŒ16人 )
ïŒ Access Level â ãŠãŒã¶ã®ã¢ã¯ã»ã¹ã¬ãã« (ãªãã·ã§ã³ïŒNormal, Privileged)
ïŒ Password â ãŠãŒã¶ã®ãã¹ã¯ãŒãïŒç¯å²ïŒ0-8æåã倧æåãšå°æåã¯åºå¥ãããŸãïŒ
Change Password
æ¢åãŠãŒã¶ã¢ã«ãŠã³ãã®ãã¹ã¯ãŒããå€æŽããŸãã
Add/Remove
ãŠãŒã¶ã¢ã«ãŠã³ãã®ãªã¹ããžã®è¿œå ãåã¯ãªã¹ãããã®åé€ãè¡ããŸãã
39 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ãŠãŒã¶èªèšŒ
èšå®æ¹æ³
[Security]â [User Accounts]ãã¯ãªãã¯ããŸããæ°èŠã®ãŠãŒã¶ã¢ã«ãŠã³ããèšå®ããã«ã¯ããŠãŒã¶å (User Name)ããŠãŒã¶ã®ã¢ã¯ã»ã¹ã¬ãã« (Access Level)ãèšå®ããŸãããã¹ã¯ãŒã(Password)ãå ¥åããå確èªã®ããã«ãã¹ã¯ãŒã (Confirm Password)ãååºŠå ¥åããŸãã[Add]ãã¯ãªãã¯ãããšãæ°èŠã®ãŠãŒã¶ã¢ã«ãŠã³ãã¯ä¿åãã [Account List]æ¬ã«è¿œå ãããŸããæ¢åãŠãŒã¶ã¢ã«ãŠã³ãã®ãã¹ã¯ãŒããå€æŽããå Žåã¯ã[Change Password]æ¬ã«ãŠãŒã¶å (User Name)åã³æ°ããªãã¹ã¯ãŒã (New Password)ãå ¥åããå確èªã®ããã«ãã¹ã¯ãŒã (Confirm Password)ãååºŠå ¥åã㊠[Change]ãã¯ãªãã¯ããŸãã
40FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ãŠãŒã¶èªèšŒ
2.5.2 ããŒã«ã« /ãªã¢ãŒãèªèšŒãã°ãªã³èšå®
æ¬æ©ã§ã¯ãŠãŒã¶åãšãã¹ã¯ãŒãããŒã¹ã«ãã管çã¢ã¯ã»ã¹ã®å¶éãè¡ãããšãã§ããŸããæ¬æ©å éšã§ã®ã¢ã¯ã»ã¹æš©ã®èšå®ãè¡ããä»ãRADIUSåã³ TACACS+ã«ãããªã¢ãŒãèªèšŒãµãŒãã§ã®èªèšŒãè¡ãããšãã§ããŸãã
RADIUSåã³ TACACS+ã¯ããããã¯ãŒã¯äžã® RADIUS察å¿åã³ TACACS+察å¿ã®ããã€ã¹ã®ã¢ã¯ã»ã¹ã³ã³ãããŒã«ãèªèšŒãµãŒãã«ããéäžçã«è¡ãããšãã§ããŸããèªèšŒãµãŒãã¯è€æ°ã®ãŠãŒã¶å /ãã¹ã¯ãŒããšåãŠãŒã¶ã®æ¬æ©ãžã®ã¢ã¯ã»ã¹ã¬ãã«ã管çããããŒã¿ããŒã¹ãä¿æããŠããŸãã
RADIUSã§ã¯ãã¹ããšãã©ãŒãåã® UDPã䜿çšããŸãããTACACS+ã§ã¯æ¥ç¶ç¢ºç«åéä¿¡ã® TCPã䜿çšããŸãããŸããRADIUSã§ã¯ãµãŒããžã®ã¢ã¯ã»ã¹èŠæ±ãã±ããã®ãã¹ã¯ãŒãã®ã¿ãæå·åãããŸãããTACACS+ã¯å šãŠã®ãã±ãããæå·åãããŸãã
æ©èœè§£èª¬
⢠åæèšå®ã§ã¯ã管çã¢ã¯ã»ã¹ã¯æ¬æ©å éšã®èªèšŒããŒã¿ããŒã¹ã䜿çšããŸããå€éšã®èªèšŒãµãŒãã䜿çšããå ŽåãèªèšŒæé ãšãªã¢ãŒãèªèšŒãããã³ã«ã®å¯Ÿå¿ãããã©ã¡ãŒã¿ã®èšå®ãè¡ãå¿ èŠããããŸããããŒã«ã«ãRADIUSåã³ TACACS+èªèšŒã§ã¯ãã³ã³ãœãŒã«æ¥ç¶ãWebã€ã³ã¿ãã§ãŒã¹åã³ Telnetçµç±ã®ã¢ã¯ã»ã¹ç®¡çãè¡ããŸãã
⢠RADIUSåã³ TACACS+èªèšŒã§ã¯ãåãŠãŒã¶åãšãã¹ã¯ãŒãã«å¯Ÿããã¢ã¯ã»ã¹ã¬ãã«(Pribilege Level)ãèšå®ããŸãããŠãŒã¶åããã¹ã¯ãŒãåã³ã¢ã¯ã»ã¹ã¬ãã« (Pribilege Level)ã¯èªèšŒãµãŒãåŽã§èšå®ãè¡ããŸãã
⢠æ倧 3ã€ã®èªèšŒæ¹æ³ãå©çšããããšãã§ããŸããäŸãã° (1) RADIUSã(2) TACACSã(3) Localãšèšå®ããå Žåãåãã« RADIUSãµãŒãã§ãŠãŒã¶åãšãã¹ã¯ãŒãã®èªèšŒãè¡ããŸããRADIUSãµãŒãã䜿çšã§ããªãå Žåã«ã¯ã次㫠TACACS+ãµãŒãã䜿çšãããã®åŸæ¬äœå éšã®ãŠãŒã¶åãšãã¹ã¯ãŒãã«ããèªèšŒãè¡ããŸãã
èšå®ã»è¡šç€ºé ç®
Authentication
èªèšŒæ¹åŒãéžæããŸãã
ïŒ Local â æ¬æ©å éšã«ãããŠãŠãŒã¶èªèšŒãè¡ããŸãã
ïŒ RADIUS â RADIUSãµãŒãã«ãããŠãŒã¶èªèšŒãè¡ããŸãã
ïŒ TACACS â TACACS+ãµãŒãã«ãããŠãŒã¶èªèšŒãè¡ããŸãã
ïŒ [authentication sequence] â 衚瀺ãããæ倧 3ã€ã®èªèšŒæ¹æ³ãå©çšããŸãã
RADIUSèšå®
Global
RADIUSãµãŒãã®èšå®ãã°ããŒãã«ã«é©çšããŸãã
ServerIndex
WebTelnet
RADIUS/TACACS+server
console
1.
41 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ãŠãŒã¶èªèšŒ
èšå®ãã RADIUSãµãŒããã5ã€ã®ãã¡ 1ã€æå®ããŸããæ¬æ©ã¯ã衚瀺ããããµãŒãã®é ã«èªèšŒããã»ã¹ãå®è¡ããŸããèªèšŒããã»ã¹ã¯ããµãŒãããã®ãŠãŒã¶ã®ã¢ã¯ã»ã¹ãèš±å¯ãŸãã¯æåŠããæç¹ã§çµäºããŸããServer Port Number
RADIUSãµãŒãã§äœ¿çšããã UDPããŒãçªå·ïŒ1-65535ãåæèšå® :1812ïŒ
Secret Text String
ãã°ã€ã³ã¢ã¯ã»ã¹èªèšŒã«äœ¿çšãããæå·ããŒãéã«ã¹ããŒã¹ãå ¥ããªãã§äžããïŒæ倧æåæ°:20æåïŒ
Number of Server Transmits
RADIUSãµãŒãã«å¯ŸãèªèšŒãªã¯ãšã¹ããéä¿¡ããåæ°ïŒç¯å² :1-30ãåæèšå® :2ïŒ
Timeout for a reply
èªèšŒãªã¯ãšã¹ããåéä¿¡ããåã« RADIUSãµãŒãããã®å¿çãåŸ ã€åŸ æ©æéïŒç§ïŒïŒç¯å² :1-65535ãåæèšå® :5ïŒ
TACACS+èšå®
Server IP Address
TACACS+ãµãŒãã® IPã¢ãã¬ã¹ïŒåæèšå® : 10.11.12.13ïŒ
Server Port Number
TACACS+ãµãŒãã§äœ¿çšããã TCPããŒãçªå·ïŒ1-65535ãåæèšå® :49ïŒ
Secret Text String
ãã°ã€ã³ã¢ã¯ã»ã¹èªèšŒã«äœ¿çšãããæå·ããŒãéã«ã¹ããŒã¹ãå ¥ããªãã§äžããïŒæ倧æåæ°:20æåïŒ
[泚æ ]ãæ¬æ©å éšã®èªèšŒããŒã¿ããŒã¹ã¯ CLIã䜿çšãããŠãŒã¶åãšãã¹ã¯ãŒããå ¥åããããšã§èšå®ãè¡ããŸãã
èšå®æ¹æ³
[Security]â [Authentication Settings]ãã¯ãªãã¯ããŸããAuthenticationïŒèªèšŒæ¹åŒïŒãéžæãã RADIUS åã³ TACACS+ãéžæããå Žåã«ã¯ãããããã®èªèšŒã«å¿ èŠãªãã©ã¡ãŒã¿ãå ¥åãã[Apply]ãã¯ãªãã¯ããŸãã
42FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ãŠãŒã¶èªèšŒ
43 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ãŠãŒã¶èªèšŒ
2.5.3 HTTPSèšå®
Secure Socket Layer(SSL)ã䜿ã£ã Secure Hypertext Transfer Protocol(HTTPS)ã«ãã£ãŠæ¬æ©ã®Webã€ã³ã¿ãã§ãŒã¹ã«æå·åãããå®å šãªæ¥ç¶ãè¡ãããšãã§ããŸãã
æ©èœè§£èª¬â¢ HTTPåã³ HTTPSãµãŒãã¹ã¯å ±ã«äœ¿çšããããšã¯ã§ããŸããäœããHTTPåã³
HTTPSãµãŒãã¹ã§åã UDPããŒãçªå·ãèšå®ããããšã¯ã§ããŸããã
⢠HTTPSã䜿çšããå ŽåãURL㯠HTTPS:ããå§ãŸã衚瀺ããããŸããäŸ :[https://device:ããŒãçªå· ]
⢠HTTPSã®ã»ãã·ã§ã³ãéå§ããããšä»¥äžã®æé ã§æ¥ç¶ã確ç«ãããŸãã
ïŒã¯ã©ã€ã¢ã³ãã¯ãµãŒãã®ããžã¿ã«èšŒææžã䜿çšãããµãŒãã確èªããŸãã
ïŒã¯ã©ã€ã¢ã³ããšãµãŒããæ¥ç¶çšã®ã»ãã¥ãªãã£ãããã³ã«ã®èª¿æŽãè¡ããŸãã
ïŒã¯ã©ã€ã¢ã³ããšãµãŒãã¯ãããŒã¿ãæå·åã解èªããããã®ã»ãã·ã§ã³ã»ããŒãçæããŸãã
⢠HTTPSã䜿çšããå Žåãã¯ã©ã€ã¢ã³ããšãµãŒãã¯å®å šãªæå·åãããæ¥ç¶ãè¡ããŸããInternet Explorer 5.xå㯠NetscapeNavigator 4.x ã®ã¹ããŒã¿ã¹ããŒã«ã¯éµããŒã¯ã衚瀺ãããŸãã
⢠"HTTPããµããŒãããŠããWebãã©ãŠã¶åã³ OSã¯ä»¥äžã®éãã§ãã
â» å®å šãªãµã€ãã®èšŒæãæå®ããããã«ã¯ãP45 ããµã€ã蚌ææžã®èšå®å€æŽããåç §ããŠäžããã
èšå®ã»è¡šç€ºé ç®
HTTPS Status
HTTPSãµãŒãæ©èœãæå¹ãŸãã¯ç¡å¹ã«èšå®ããŸãïŒåæèšå® :æå¹ (Enabled)ïŒ
Change HTTPS Port Number
HTTPSæ¥ç¶ã«äœ¿çšããã UDPããŒããæå®ããŸãïŒåæèšå®ïŒ443ïŒ
èšå®æ¹æ³
[Security]â [HTTPS Settings]ãã¯ãªãã¯ããŸããHTTPSãæå¹ã«ããããã«ã¯ãHTTPS Status㧠EnabledãéžæããŸããããŒãçªå·ãæå®ãã[Apply]ãã¯ãªãã¯ããŸãã
Webãã©ãŠã¶ OS
Internet Explorer 5.0ä»¥äž Windows 98ãWindows NT (ãµãŒãã¹ãã㯠6A)ãWindows 2000ãWindows XP
Netscape Navigator 4.76 ä»¥äž Windows 98ãWindows NT (ãµãŒãã¹ãã㯠6A)ãWindows 2000ãWindows XPãSolaris 2.6
44FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ãŠãŒã¶èªèšŒ
ãµã€ã蚌ææžã®èšå®å€æŽ
HTTPSã䜿çšããŠWebã€ã³ã¿ãã§ãŒã¹ã«ãã°ã€ã³ããéã«ãSSLã䜿çšããŸããåæèšå®ã§ã¯èªèšŒæ©é¢ã«ããèªèšŒãåããŠããªããããNetscapeåã³ Internet Explorerç»é¢ã§å®å šãªãµã€ããšããŠèªèšŒãããŠããªããšããèŠåã衚瀺ãããŸãããã®èŠåã衚瀺ãããªãããã«ããããã«ã¯ãèªèšŒæ©é¢ããåå¥ã®èšŒææžãå ¥æããèšå®ãè¡ãå¿ èŠããããŸãã
[泚æ ]ãåæèšå®ã®èšŒææžã¯åã ã®ããŒããŠã§ã¢ã§åºæã®èªèšŒããŒã§ã¯ãããŸãããããé«åºŠãªã»ãã¥ãªãã£ç°å¢ãå®çŸããããã«ã¯ãã§ããã ãæ©ãã§ç¬èªã® SSL 蚌ææžãååŸãèšå®ãè¡ãäºãæšå¥šããŸãã
åå¥ã®èšŒææžãååŸããå Žåã«ã¯ãTFTPãµãŒãã䜿çšããŠã³ã³ãœãŒã«æ¥ç¶ã® CLIã«ããæ¢åã®èšŒææžãšçœ®ãæããŸãã蚌ææžã®èšå®ãè¡ã CLIã®æé ã¯ä»¥äžã®éãã§ãã
[泚æ ]ã蚌ææžã®å€æŽãè¡ã£ãåŸã«æ¬æ©ã®åèµ·åãè¡ããªããšãæ°ãã蚌ææžã¯æå¹ã«ãªããŸãããåèµ·å㯠CLIã䜿çšã以äžã®æé ã§è¡ããŸãã
2.5.4 Secure Shellèšå®
Secure Shell (SSH)ã¯ããã以åãããã£ãããŒã¯ã¬ãŒãªã¢ãŒãã¢ã¯ã»ã¹ããŒã«ã®ã»ãã¥ãªãã£é¢ã確ä¿ãã代æ¿ãšããŠãµãŒã /ã¯ã©ã€ã¢ã³ãã¢ããªã±ãŒã·ã§ã³ãå«ãã§ããŸãããŸããSSHã¯Telnetã«ä»£ããæ¬æ©ãžã®ã»ãã¥ã¢ãªãªã¢ãŒã管çã¢ã¯ã»ã¹ãæäŸããŸãã
ã¯ã©ã€ã¢ã³ãã SSHãããã³ã«ã«ãã£ãŠæ¬æ©ãšæ¥ç¶ããå Žåãæ¬æ©ã¯ã¢ã¯ã»ã¹èªèšŒã®ããã«ããŒã«ã«ã®ãŠãŒã¶åããã³ãã¹ã¯ãŒããšå ±ã«ã¯ã©ã€ã¢ã³ãã䜿çšããå ¬éæå·ããŒãçæããŸããããã«ãSSHã§ã¯æ¬æ©ãš SSHãå©çšãã管ç端æ«ã®éã®éä¿¡ããã¹ãŠæå·åãããããã¯ãŒã¯äžã®ããŒã¿ã®ä¿è·ãè¡ãªããŸãã
[泚æ ]ãSSHçµç±ã§ã®ç®¡çã¢ã¯ã»ã¹ãè¡ãªãããã«ã¯ãã¯ã©ã€ã¢ã³ãã« SSHã¯ã©ã€ã¢ã³ããã€ã³ã¹ããŒã«ããå¿ èŠããããŸãã
[泚æ ]ã æ¬æ©ã§ã¯ SSH Version1.5ãš 2.0ããµããŒãããŠããŸãã
æ©èœè§£èª¬
æ¬æ©ã® SSHãµãŒãã¯ãã¹ã¯ãŒãåã³ãããªãã¯ããŒèªèšŒããµããŒãããŠããŸããSSHã¯ã©ã€ã¢ã³ãã«ãããã¹ã¯ãŒãèªèšŒãéžæããå ŽåãèªèšŒèšå®ããŒãžã§èšå®ãããã¹ã¯ãŒãã«ããæ¬æ©å ãRADIUSãTACACS+ã®ããããã®èªèšŒæ¹åŒãçšããŸããã¯ã©ã€ã¢ã³ãããããªãã¯ããŒèªèšŒãéžæããå Žåã«ã¯ãã¯ã©ã€ã¢ã³ãåã³æ¬æ©ã«å¯ŸããŠèªèšŒããŒã®èšå®ãè¡ãªãå¿ èŠããããŸãã
å ¬éæå·ããŒåã¯ãã¹ã¯ãŒãèªèšŒã®ã©ã¡ããã䜿çšããã«é¢ããããæ¬æ©äžã®èªèšŒããŒïŒSSHãã¹ãããŒïŒãçæããSSHãµãŒããæå¹ã«ããå¿ èŠããããŸãã
SSHãµãŒãã䜿çšããã«ã¯ä»¥äžã®æé ã§èšå®ãè¡ãªããŸãã
ïŒ1ïŒãã¹ãããŒãã¢ã®çæ â SSHãã¹ãããŒèšå®ããŒãžã§ãã¹ã ãããªã㯠/ãã©ã€ããŒãããŒã®ãã¢ãçæããŸãã
Console#copy tftp https-certificate 3-21TFTP server ip address: <server ip-address>Source certificate file name: <certificate file name>Source private file name: <private key file name>Private password: <password for private key>
Console#reload
45 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ãŠãŒã¶èªèšŒ
ïŒ2ïŒãã¹ãå ¬éããŒã®ã¯ã©ã€ã¢ã³ããžã®æäŸ â å€ãã® SSHã¯ã©ã€ã¢ã³ãã¯ãæ¬æ©ãšã®èªåçã«åææ¥ç¶èšå®äžã«èªåçã«ãã¹ãããŒãåãåããŸããããã§ãªãå Žåã«ã¯ãæåã§ç®¡ç端æ«ã®ãã¹ããã¡ã€ã«ãäœæãããã¹ãå ¬éããŒã眮ãå¿ èŠããããŸãããã¹ããã¡ã€ã«äžã®å ¬éæå·ããŒã¯ä»¥äžã®äŸã®ããã«è¡šç€ºãããŸãã
10.1.0.54 1024 35 1568499540186766925933394677505461732531367489083654725415020245593199868544358361651999923329781766065830956 1082591321289023376546801726272571413428762941301196195566782 595664104869574278881462065194174677298486546861571773939016477935594230357741309802273708779454524083971752646358058176716709574804776117
ïŒ3ïŒã¯ã©ã€ã¢ã³ãå ¬éããŒã®æ¬æ©ãžã®åã蟌㿠â P4-91ãcopy tftp public-keyãã³ãã³ãã䜿çšããSSHã¯ã©ã€ã¢ã³ãã®æ¬æ©ã®ç®¡çã¢ã¯ã»ã¹ã«æäŸãããå ¬éããŒãå«ããã¡ã€ã«ãã³ããŒããŸããã¯ã©ã€ã¢ã³ããžã¯ãããã®ããŒã䜿çšããèªèšŒãè¡ãªãããŸããçŸåšã®ãã¡ãŒã ãŠã§ã¢ã§ã¯ä»¥äžã®ãã㪠UNIXæšæºãã©ãŒãããã®ãã¡ã€ã«ã®ã¿åãå ¥ããããšãå¯èœã§ãã
1024 35134108168560989392104094492015542534763164192187295892114317388005553616163105177594083868631109291232226828519254374603100937187721199696317813662774141689851320491172048303392543241016379975923714490119380060902539484084827178194372288402533115952134861022902978982721353267131629432532818915045306393916643 ã[email protected]
ïŒ4ïŒãªãã·ã§ã³ãã©ã¡ãŒã¿ã®èšå® â SSHèšå®ããŒãžã§ãèªèšŒã¿ã€ã ã¢ãŠãããªãã©ã€åæ°ããµãŒãããŒãµã€ãºãªã©ã®èšå®ãè¡ãªã£ãŠãã ããã
ïŒ5ïŒSSHã®æå¹å â SSHèšå®ããŒãžã§æ¬æ©ã® SSHãµãŒããæå¹ã«ããŠäžããã
ïŒ6ïŒChallenge/ResponseèªèšŒ â SSHã¯ã©ã€ã¢ã³ããæ¬æ©ãšæ¥ç¶ããããšããå ŽåãSSHãµãŒãã¯ã»ãã·ã§ã³ããŒãšæå·åæ¹åŒã調æŽããããã«ãã¹ãããŒãã¢ã䜿çšããŸããæ¬æ©äžã«ä¿åãããå ¬éããŒã«å¯Ÿå¿ãããã©ã€ããŒãããŒãæã€ã¯ã©ã€ã¢ã³ãã®ã¿ã¢ã¯ã»ã¹ããããšãã§ããŸãã
以äžã®ãããªæé ã§èªèšŒããã»ã¹ãè¡ãªãããŸãã
ïœ.ã¯ã©ã€ã¢ã³ããå ¬éããŒãæ¬æ©ã«éããŸãã
ïœ.æ¬æ©ã¯ã¯ã©ã€ã¢ã³ãã®å ¬éããŒãšã¡ã¢ãªã«ä¿åãããŠããæ å ±ãæ¯èŒããŸãã
ïœ.äžèŽããå Žåãå ¬éããŒãå©çšãæ¬æ©ã¯ãã€ãã®ä»»æã®ã·ãŒã±ã³ã¹ãæå·åãããã®å€ãã¯ã©ã€ã¢ã³ãã«éä¿¡ããŸãã
ïœ.ã¯ã©ã€ã¢ã³ãã¯ãã©ã€ããŒãããŒã䜿çšããŠãã€ãã解èªãã解èªãããã€ããæ¬æ©ã«éä¿¡ããŸãã
ïœ .æ¬æ©ã¯ãå ã®ãã€ããšè§£èªããããã€ããæ¯èŒããŸãã2ã€ã®ãã€ããäžèŽããå Žåãã¯ã©ã€ã¢ã³ãã®ãã©ã€ããŒãããŒãèš±å¯ãããå ¬éããŒã«å¯Ÿå¿ããŠããããšãæå³ããã¯ã©ã€ã¢ã³ããèªèšŒãããŸãã
[ 泚æ ]ããã¹ã¯ãŒãèªèšŒãšå ±ã« SSH ã䜿çšããå Žåã«ãããã¹ãå ¬éããŒã¯åææ¥ç¶æåã¯æåã«ããã¯ã©ã€ã¢ã³ãã®ãã¹ããã¡ã€ã«ã«äžããããŸããäœããã¯ã©ã€ã¢ã³ãããŒã®èšå®ãè¡ãªãå¿ èŠã¯ãããŸããã
[泚æ ]ã SSHãµãŒã㯠TelnetãšããããŠæ倧 4ã¯ã©ã€ã¢ã³ãã®åæã»ãã·ã§ã³ããµããŒãããŸãã
46FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ãŠãŒã¶èªèšŒ
SSHãµãŒãèšå®
èªèšŒçšã® SSHãµãŒãã®èšå®
èšå®ã»è¡šç€ºé ç®
SSH Server Status
SSHãµãŒãæ©èœãæå¹ãŸãã¯ç¡å¹ã«ããŸãïŒåæèšå® :ç¡å¹ (Disabled)ïŒ
Version
Secure Shellã®ããŒãžã§ã³ãã³ããŒãVersion 2.0ãšè¡šç€ºãããŠããŸãããVersion1.5ãš 2.0ã®äž¡æ¹ããµããŒãããŠããŸãã
SSH authentication timeout
SSHãµãŒãã®èªèšŒæã«èªèšŒç«¯æ«ããã®å¿çãåŸ ã€åŸ æ©æéïŒ1-120ïŒç§ïŒãåæèšå® :120ïŒç§ïŒïŒ
SSH authentication Retries
èªèšŒã«å€±æããå Žåã«ãèªèšŒããã»ã¹ãå床è¡ãããšãã§ããåæ°ãèšå®ããåæ°ãè¶ ãããšèªèšŒãšã©ãŒãšãªããèªèšŒç«¯æ«ã®åèµ·åãè¡ãå¿ èŠããããŸãïŒ1-5ãåæèšå® :3åïŒ
SSH Server-Key Size
SSHãµãŒãã®ããŒãµã€ãºïŒèšå®ç¯å²ïŒ512-896ããããåæèšå® :768ãããïŒ
ïŒ ãµãŒãããŒã¯ãã©ã€ããŒãããŒã§ãæ¬æ©ä»¥å€ãšã¯å ±æããŸããã
ïŒ SSHã¯ã©ã€ã¢ã³ããšå ±æããããã¹ãããŒã¯ã1024ãããåºå®ã§ãã
èšå®æ¹æ³
[Security]â [SSH Settings]ãã¯ãªãã¯ããŸããSSHãæå¹ã«ããå¿ èŠã«å¿ããŠåé ç®ã®èšå®ãè¡ãã[Apply]ãã¯ãªãã¯ããŸããSSHãµãŒããæå¹ã«ããéã¯ãäºåã« SSH Host-Key Settings page㧠host key pairãçæããå¿ èŠããããŸãã
47 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ãŠãŒã¶èªèšŒ
ãã¹ãããŒãã¢ã®çæ
ãã¹ãå ¬é /ãã©ã€ããŒãããŒãã¢ã¯æ¬æ©ãš SSHã¯ã©ã€ã¢ã³ãéã®ã»ãã¥ã¢ãªæ¥ç¶ã®ããã«äœ¿çšãããŸããããŒãã¢ãçæãããåŸããã¹ãå ¬éããŒã SSHã¯ã©ã€ã¢ã³ãã«æäŸããäžèšã®æ©èœè§£èª¬ã®éãã«ã¯ã©ã€ã¢ã³ãã®å ¬éããŒãæ¬æ©ã«åã蟌ãå¿ èŠããããŸãã
èšå®ã»è¡šç€ºé ç®
Public-Key of Host-Key
ãã¹ããžã®ãããªãã¯ããŒ
ïŒ RSA: æåã®ãã£ãŒã«ãã¯ãã¹ãããŒã®ãµã€ãº (1024)ãè¡šããŠããŸãã2çªç®ã®ãã£ãŒã«ãã¯ãšã³ã³ãŒãããããããªãã¯ææ° (65537)ãæåŸã®å€ã¯ãšã³ã³ãŒããããä¿æ°ãè¡šããŠããŸãã
ïŒDSA: æåã®ãã£ãŒã«ãã¯ããžã¿ã«çœ²åæšæº(DSS)ã«åºã¥ãSSHã«ãã£ãŠç§çšãããæå·åæ¹æ³ã衚瀺ããŸããæåŸã®å€ã¯ãšã³ã³ãŒããããä¿æ°ãè¡šããŸãã
Host-Key Type
ããŒã¿ã€ãã¯ïŒå ¬éããŒããã©ã€ããŒãããŒã®ïŒãã¹ãããŒãã¢ãçæããããã«äœ¿çšãããŸãïŒèšå®ç¯å²ïŒRSA, DSA, Bothãåæèšå®ïŒRSAïŒã¯ã©ã€ã¢ã³ããæ¬æ©ãšæåã«æ¥ç¶ã確ç«ããå ŽåãSSHãµãŒãã¯ããŒäº€æã®ããã« RSAåã¯DSAã䜿çšããŸãããã®åŸãããŒã¿æå·åã« DES(56-bit)å㯠3DES(168 -bit)ã®ãããããçšããããã¯ã©ã€ã¢ã³ããšèª¿æŽãè¡ãªããŸãã
Save Host-Key from Memory to Flash
ãã¹ãããŒã RAMãããã©ãã·ã¥ã¡ã¢ãªã«ä¿åããŸãããã¹ãããŒãã¢ã¯åæèšå®ã§ã¯ RAMã«ä¿åãããŠããŸãããã¹ãããŒãã¢ãçæããã«ã¯ãäºåã«ãã®ã¢ã€ãã ãéžæããå¿ èŠããããŸãã
Generate
ãã¹ãããŒãã¢ãçæããŸããSSHãµãŒãèšå®ããŒãžã§ SSHãµãŒããæå¹ã«ããåã«ããã¹ãããŒãã¢ãçæããå¿ èŠããããŸãã
Clear
RAMåã³ãã©ãã·ã¥ã¡ã¢ãªã®äž¡æ¹ã«ä¿åãããŠãããã¹ãããŒãåé€ããŸãã
èšå®æ¹æ³
[Security]â [SSH Host-Key Settings]ãã¯ãªãã¯ããŸããããããããŠã³ããã¯ã¹ãããã¹ãããŒã¿ã€ã (host-key type)ãéžæããå¿ èŠã«å¿ã㊠save the host key from memory to flashã«ãã§ãã¯ãå ¥ããŸãããã®åŸã[Generate]ãã¯ãªãã¯ããããŒã®çæãè¡ãªããŸãã
48FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ãŠãŒã¶èªèšŒ
2.5.5 ããŒãã»ãã¥ãªãã£ã®èšå®
ããŒãã»ãã¥ãªãã£ã¯ãããŒãã«å¯Ÿããã®ããŒãã䜿çšããããã¯ãŒã¯ã«ã¢ã¯ã»ã¹ããäºãã§ããããã€ã¹ã® MACã¢ãã¬ã¹ãèšå®ãããã®ä»ã® MACã¢ãã¬ã¹ã®ããã€ã¹ã§ã¯ãããã¯ãŒã¯ãžã®ã¢ã¯ã»ã¹ãè¡ããªãããæ©èœã§ãã
ããŒãã»ãã¥ãªãã£ãæå¹ã«ããå Žåãæ¬æ©ã¯æå¹ã«ããããŒãã«ãã㊠MACã¢ãã¬ã¹ã®åŠç¿ãåæ¢ããŸããæ¬æ©ã«å ¥ã£ãŠæ¥ãéä¿¡ã®ãã¡ããœãŒã¹ã¢ãã¬ã¹ãåçã»éçãªã¢ãã¬ã¹ããŒãã«ã«ç»é²æžã¿ã® MACã¢ãã¬ã¹ã®å Žåã«ã®ã¿ããã®ããŒããå©çšãããããã¯ãŒã¯ãžã®ã¢ã¯ã»ã¹ãè¡ãããšãã§ããŸããç»é²ãããŠããªãäžæ£ãª MACã¢ãã¬ã¹ã®ããã€ã¹ãããŒãã䜿çšããå ŽåãäŸµå ¥ã¯æ€ç¥ãããèªåçã«ããŒããç¡å¹ã«ãããã©ããã¡ãã»ãŒãžã®éä¿¡ãè¡ããŸãã
ããŒãã»ãã¥ãªãã£ã䜿çšããå ŽåãããŒãã«èš±å¯ãã MACã¢ãã¬ã¹ã®æ倧æ°ãèšå®ããåçã« <ãœãŒã¹ MACã¢ãã¬ã¹ãVLAN>ã®ãã¢ãããŒãã§åä¿¡ãããã¬ãŒã ããåŠç¿ããŸããStatic Address Table (P3-76)ã䜿çšããå ¥åã«ãã MACã¢ãã¬ã¹ãèšå®ããããšãã§ããŸããããŒãã«èšå®ãããæ倧 MACã¢ãã¬ã¹æ°ã«éãããšãããŒãã¯åŠç¿ãçµäºããŸããã¢ãã¬ã¹ããŒãã«ã«ä¿åããã MACã¢ãã¬ã¹ã¯ä¿æãããæéã®çµéã«ããæ¶å»ãããããšã¯ãããŸããããã以å€ã®ããã€ã¹ãããŒããå©çšããããšããŠããã¹ã€ããã«ã¢ã¯ã»ã¹ããããšã¯ã§ããŸããã
æ©èœè§£èª¬
⢠ã»ãã¥ãªãã£ããŒãã«èšå®ã§ããããŒãã¯ã以äžã®å¶éããããŸãã
ïŒããŒãã¢ãã¿ãªã³ã°ã«äœ¿çšã§ããŸããã
ïŒãã«ã VLANããŒãã«ã¯ã§ããŸããã
ïŒ LACPåã¯éçãã©ã³ã¯ããŒãã«èšå®ã§ããŸããã
ïŒ HUBãªã©ãããã¯ãŒã¯æ¥ç¶ããã€ã¹ã¯æ¥ç¶ããªãã§äžããã
⢠åæèšå®ã§ã¯ãã»ãã¥ãªãã£ããŒããžã®ã¢ã¯ã»ã¹ãèš±å¯ããŠããæ倧 MACã¢ãã¬ã¹æ°ã¯ "0"ã§ããã»ãã¥ãªãã£ããŒããžã®ã¢ã¯ã»ã¹ãèš±å¯ããããã«ã¯ãæ倧MACã¢ãã¬ã¹æ°ã 1-1024ã®ããããã«èšå®ããå¿ èŠããããŸãã
⢠ã»ãã¥ãªãã£éåã«ããããŒãã Disabledãšãªã£ãïŒã·ã£ããããŠã³ããïŒå ŽåãP70 ãããŒãèšå®ãããããŒãã®æå¹åãè¡ãªã£ãŠãã ããã
èšå®ã»è¡šç€ºé ç®
Port
ããŒãçªå·
Name
ããŒã説æ
Action
ïŒ None â åäœãè¡ãªãããŸãã (åæèšå®ã§ã¯ãã®èšå®ã«ãªã£ãŠããŸã )
ïŒ Trap â SNMPãã©ããã¡ãã»ãŒãžãéä¿¡ããŸãã
ïŒ Shutdown â ããŒããç¡å¹ã«ããŸãã
ïŒ Trap and Shutdown â ããŒããç¡å¹ã«ããSNMPãã©ããã¡ãã»ãŒãžãéä¿¡ããŸããSecurity Status
ããŒãã»ãã¥ãªãã£ã®æå¹ /ç¡å¹
49 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ãŠãŒã¶èªèšŒ
åæèšå®ïŒç¡å¹ (Disabled)
Max MAC Count
ããŒããåŠç¿å¯èœãªMACã¢ãã¬ã¹æ°ïŒèšå®ç¯å²ïŒ0-20ã0ã¯åŠç¿ã®ç¡å¹ïŒ
Trunk
ããŒãããã©ã³ã¯ãããŠããå Žåã®ãã©ã³ã¯çªå·
èšå®æ¹æ³
[Security]â [Port Security]ãã¯ãªãã¯ããŸããããŒãã®ã»ãã¥ãªãã£ãæå¹ã«ããã«ã¯ãèšå®ãè¡ãããŒãçªå·ã® ActionãéžæããSecurity Statusãã§ãã¯ããã¯ã¹ããªã³ã«ããæ倧 MACã¢ãã¬ã¹æ°ãèšå®ãã[Apply]ãã¯ãªãã¯ããŸãã
50FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ãŠãŒã¶èªèšŒ
2.5.6 802.1xããŒãèªèšŒ
ã¹ã€ããã¯ãã¯ã©ã€ã¢ã³ã PCãã容æã«ãããã¯ãŒã¯ãªãœãŒã¹ã«ã¢ã¯ã»ã¹ããããšãã§ããŸããããããããã«ããã¯å¥œãŸãããªãã¢ã¯ã»ã¹ã蚱容ãããããã¯ãŒã¯äžã®æ©å¯ã®ããŒã¿ãžã®ã¢ã¯ã»ã¹ãè¡ããå¯èœæ§ããããŸãã
IEEE802.1x(dot1x)èŠæ Œã§ã¯ããŠãŒã¶ IDåã³ãã¹ã¯ãŒãã«ããèªèšŒãè¡ãããšã«ããç¡èš±å¯ã®ã¢ã¯ã»ã¹ãé²ãããŒãããŒã¹ã®ã¢ã¯ã»ã¹ã³ã³ãããŒã«ãæäŸããŸãã
ãããã¯ãŒã¯äžã®ãã¹ãŠã®ããŒããžã®ã¢ã¯ã»ã¹ã¯ã»ã³ãã©ã«ãµãŒãã«ããèªèšŒãè¡ãããšã§ãã©ã®ããŒãããã§ã 1ã€ã®èªèšŒçšã®ãŠãŒã¶ IDåã³ãã¹ã¯ãŒãã«ãããŠãŒã¶ã®èªèšŒãè¡ããŸãã
æ¬æ©ã§ã¯ Extensible Authentication Protocol over LAN (EAPOL)ã«ããã¯ã©ã€ã¢ã³ãã®èªèšŒãããã³ã«ã¡ãã»ãŒãžã®äº€æãè¡ããŸããRADIUSãµãŒãã«ãããŠãŒã¶ IDãšã¢ã¯ã»ã¹æš©ã®ç¢ºèªãè¡ããŸãã
ã¯ã©ã€ã¢ã³ãïŒãµããªã«ã³ãïŒãããŒãã«æ¥ç¶ããããšãæ¬æ©ã§ã¯ EAPOLã® IDã®ãªã¯ãšã¹ããè¿ããŸããã¯ã©ã€ã¢ã³ã㯠IDãã¹ã€ããã«éä¿¡ããRADIUSãµãŒãã«è»¢éãããŸãã
RADIUSãµãŒãã¯ã¯ã©ã€ã¢ã³ãã® IDã確èªããã¯ã©ã€ã¢ã³ãã«å¯Ÿã㊠access challenge backãéããŸãã
RADIUSãµãŒãããã® EAPãã±ããã«ã¯ Challengeåã³èªèšŒã¢ãŒããå«ãŸããŸããã¯ã©ã€ã¢ã³ããœããåã³ RADIUSãµãŒãã®èšå®ã«ãã£ãŠã¯ãã¯ã©ã€ã¢ã³ãã¯èªèšŒã¢ãŒããæåŠããä»ã®èªèšŒã¢ãŒããèŠæ±ããããšãã§ããŸããèªèšŒã¢ãŒãã«ã¯ãMD5, TLS (Transport Layer Security),TTLS (Tunneled Transport Layer Security)çããããŸãã
ã¯ã©ã€ã¢ã³ãã¯ããã¹ã¯ãŒãã蚌ææžãªã©ãšå ±ã«ãé©åãªæ¹æ³ã«ããå¿çããŸãã
RADIUSãµãŒãã¯ã¯ã©ã€ã¢ã³ãã®èšŒææžã確èªããèš±å¯ãŸãã¯äžèš±å¯ã®ãã±ãããè¿ããŸããèªèšŒãæåããå Žåãã¯ã©ã€ã¢ã³ãã«å¯ŸããŠãããã¯ãŒã¯ãžã®ã¢ã¯ã»ã¹ãèš±å¯ããŸããããã§ãªãå Žåã¯ãã¢ã¯ã»ã¹ã¯åŠå®ãããããŒãã¯ãããã¯ãããŸãã
IEEE802.1xèªèšŒã䜿çšããã«ã¯æ¬æ©ã«ä»¥äžã®èšå®ãè¡ããŸãã
⢠ã¹ã€ããã® IPã¢ãã¬ã¹ã®èšå®ãè¡ããŸãã
⢠RADIUSèªèšŒãæå¹ã«ããRADIUSãµãŒãã® IPã¢ãã¬ã¹ãèšå®ããŸãã
⢠èªèšŒãè¡ãåããŒã㧠dot1x"Auto"ã¢ãŒãã«èšå®ããŸãã
⢠æ¥ç¶ãããã¯ã©ã€ã¢ã³ãåŽã« dot1xã¯ã©ã€ã¢ã³ããœãããã€ã³ã¹ããŒã«ãããé©åãªèšå®ãè¡ããŸãã
⢠RADIUSãµãŒãåã³ IEEE802.1xã¯ã©ã€ã¢ã³ã㯠EAPããµããŒãããå¿ èŠããããŸãïŒæ¬æ©ã§ã¯ EAPãã±ããããµãŒãããã¯ã©ã€ã¢ã³ãã«ãã¹ããããã®EAPOLã®ã¿ããµããŒãããŠããŸãïŒ
⢠RADIUSãµãŒããšã¯ã©ã€ã¢ã³ãã¯MD5ãTLSãTTLSãPEAPçã®åã EAPèªèšŒã¿ã€ãããµããŒãããŠããå¿ èŠããããŸãïŒäžéšã¯Windowsã§ãµããŒããããŠããŸããããã以å€ã«é¢ããŠã¯ IEEE802.1xã¯ã©ã€ã¢ã³ãã«ãããµããŒããããŠããå¿ èŠããããŸãïŒ
WebTelnet
RADIUS/TACACS+server
console
1.
51 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ãŠãŒã¶èªèšŒ
802.1xã°ããŒãã«ã»ããã£ã³ã°ã®è¡šç€º
802.1Xãããã³ã«ã¯ã¯ã©ã€ã¢ã³ãã®èªèšŒãå¯èœã«ããŸãã
èšå®ã»è¡šç€ºé ç®
802.1X System Authentication Control
ã¹ã€ããã«å¯Ÿãã 802.1Xã®èšå®
èšå®æ¹æ³
[Security]â [802.1x Information]ãã¯ãªãã¯ããŸãã
52FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ãŠãŒã¶èªèšŒ
802.1xã°ããŒãã«ã»ããã£ã³ã°
dot1Xãããã³ã«ã¯ããŒãèªèšŒãå¯èœã«ããŸããããŒããã¢ã¯ãã£ãã«èšå®ããåã«ãã¹ã€ããã«å¯Ÿã 802.1Xãããã³ã«ãæå¹ã«èšå®ããå¿ èŠããããŸãã
èšå®ã»è¡šç€ºé ç®
802.1X System Authentication Control
802.1Xã®èšå®ïŒåæèšå®ïŒç¡å¹ )
èšå®æ¹æ³
[Security]â [802.1X]â [Configuration]ãã¯ãªãã¯ããŸããã¹ã€ããã«å¯Ÿãã 802.1Xãæå¹ã«èšå®ãã[Apply]ãã¯ãªãã¯ããŸãã
53 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ãŠãŒã¶èªèšŒ
802.1XèªèšŒããŒãèšå®
802.1Xãæå¹ã«ããå Žåãã¯ã©ã€ã¢ã³ããšã¹ã€ããéåã³ã¹ã€ãããšèªèšŒãµãŒãéã®ã¯ã©ã€ã¢ã³ãèªèšŒããã»ã¹ã«é¢ãããã©ã¡ãŒã¿ãèšå®ããå¿ èŠããããŸãããããã®ãã©ã¡ãŒã¿ã«ã€ããŠè§£èª¬ããŸãã
èšå®ã»è¡šç€ºé ç®
Port
ããŒãçªå·Status
ããŒãã®èªèšŒã®æå¹ /ç¡å¹
Operation Mode
1å°åã¯è€æ°ã®ã¯ã©ã€ã¢ã³ãã IEEE802.1xèªèšŒããŒãã«ã¢ã¯ã»ã¹ããããšãèšå®ããŸãïŒèšå®ç¯å²ïŒSingle-HostãMulti-Hostãåæèšå®ïŒSingle-HostïŒ
Max Count
Multi-Hostèšå®æã®æ倧æ¥ç¶å¯èœã¯ã©ã€ã¢ã³ãæ°ïŒèšå®ç¯å²ïŒ1-1024ãåæèšå®ïŒ5ïŒ
Mode
èªèšŒã¢ãŒãã以äžã®ãªãã·ã§ã³ã®äžããèšå®ããŸãã
ïŒAuto â dot1x察å¿ã¯ã©ã€ã¢ã³ãã«å¯ŸããŠRADIUSãµãŒãã«ããèªèšŒãèŠæ±ããŸããdot1xé察å¿ã¯ã©ã€ã¢ã³ãããã®ã¢ã¯ã»ã¹ã¯èš±å¯ããŸããã
ïŒ Force-Authorized â dot1x察å¿ã¯ã©ã€ã¢ã³ããå«ãããã¹ãŠã®ã¯ã©ã€ã¢ã³ãã®ã¢ã¯ã»ã¹ãèš±å¯ããŸãã
ïŒ Force-Unauthorized â dot1x察å¿ã¯ã©ã€ã¢ã³ããå«ãããã¹ãŠã®ã¯ã©ã€ã¢ã³ãã®ã¢ã¯ã»ã¹ãçŠæ¢ããŸãã
Re-authen
Re-authentication Periodã§èšå®ããæéçµéåŸã«ã¯ã©ã€ã¢ã³ããåèªèšŒãããã©ãããåèªèšŒã«ãããæ°ããªæ©åšãã¹ã€ããããŒãã«æ¥ç¶ãããŠããªãããæ€åºã§ããŸãïŒåæèšå®ïŒç¡å¹ )
Max-Req
èªèšŒã»ãã·ã§ã³ãã¿ã€ã ã¢ãŠãã«ãªãåã«ãEAPãªã¯ãšã¹ããã±ãããã¹ã€ããããŒãããã¯ã©ã€ã¢ã³ããžåéä¿¡ããå Žåã®æ倧åæ°ïŒç¯å²ïŒ1-10åãåæèšå®ïŒ2åïŒ
Quiet Period
EAPãªã¯ãšã¹ããã±ããã®æ倧éä¿¡åæ°ãéããåŸãæ°ããã¯ã©ã€ã¢ã³ãã®æ¥ç¶åŸ æ©ç¶æ ã«ç§»è¡ãããŸã§ã®æéïŒç¯å²ïŒ1-65535ç§ãåæèšå®ïŒ60ç§ïŒ
Re-authen Period
æ¥ç¶æžã¿ã®ã¯ã©ã€ã¢ã³ãã®åèªèšŒãè¡ãééïŒç¯å²ïŒ1-65535ç§ãåæèšå®ïŒ3600ç§ïŒ
TX Period
èªèšŒæã« EAPãã±ããã®åéä¿¡ãè¡ãééïŒç¯å²ïŒ1-65535ç§ãåæèšå®ïŒ30ç§ïŒ
Authorized
ïŒ Yes â æ¥ç¶ãããã¯ã©ã€ã¢ã³ãã¯èªèšŒãããŠããŸãã
ïŒ No âæ¥ç¶ãããã¯ã©ã€ã¢ã³ãã¯èªèšŒãããŠããŸãããïŒ Blank â IEEE802.1xãããŒãã§ç¡å¹åãããŠããå Žåã¯ç©ºæ¬ãšãªããŸãã
Supplicant
æ¥ç¶ãããã¯ã©ã€ã¢ã³ãã® MACã¢ãã¬ã¹
Trunk
ãã©ã³ã¯èšå®ããããŠããå Žåã«è¡šç€º
54FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ãŠãŒã¶èªèšŒ
èšå®æ¹æ³
[Security]â [802.1x]â [Port Configuration]ãã¯ãªãã¯ããŸããå¿ èŠã«å¿ããŠãã©ã¡ãŒã¿ãå€æŽãã[Apply]ãã¯ãªãã¯ããŸãã
55 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ãŠãŒã¶èªèšŒ
IEEE802.1xçµ±èšæ å ±ã®è¡šç€º
dot1xãããã³ã«ã®åããŒãã®çµ±èšæ å ±ã衚瀺ããŸãã
èšå®æ¹æ³
[Security]â [802.1x statistics]ãã¯ãªãã¯ããŸããããŒããéžæãã[Query]ãã¯ãªãã¯ããŸãã[Refresh]ãã¯ãªãã¯ãããšææ°ã®æ å ±ã«æŽæ°ãããŸãã
æ©èœè§£èª¬
ãã©ã¡ãŒã¿ 解説Rx EXPOL Start EAPOLã¹ã¿ãŒããã¬ãŒã ã®åä¿¡æ°
Rx EAPOL Logoff EAPOLãã°ãªããã¬ãŒã ã®åä¿¡æ°
Rx EAPOL Invalid å š EAPOLãã¬ãŒã ã®åä¿¡æ°
Rx EAPOL Total æå¹ãª EAPOLãã¬ãŒã ã®åä¿¡æ°
Rx EAP Resp/Id EAP Resp/Idãã¬ãŒã ã®åä¿¡æ°
Rx EAP Resp/Oth Resp/Id frames以å€ã®æå¹ãª EAPå¿çãã¬ãŒã ã®åä¿¡æ°
Rx EAP LenError ãã±ããé·ãäžæ£ãªç¡å¹ EAPOLãã¬ãŒã ã®åä¿¡æ°
Rx Last EAPOLVer çŽè¿ã®åä¿¡ EAPOLãã¬ãŒã ã®ãããã³ã«ããŒãžã§ã³
Rx Last EAPOLSrc çŽè¿ã®åä¿¡ EAPOLãã¬ãŒã ã®ãœãŒã¹ MACã¢ãã¬ã¹
Tx EAPOL Total å š EAPOLãã¬ãŒã ã®éä¿¡æ°
Tx EAP Req/Id EAP Resp/Idãã¬ãŒã ã®éä¿¡æ°
Tx EAP Req/Oth Resp/Id frames以å€ã®æå¹ãª EAPå¿çãã¬ãŒã ã®éä¿¡æ°
56FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ãŠãŒã¶èªèšŒ
2.5.7 管çã¢ãã¬ã¹ã®ã¢ãã¬ã¹ãã£ã«ã¿ãªã³ã°
Webã€ã³ã¿ãã§ãŒã¹ãSNMPãTelnetã«ãã管çã¢ã¯ã»ã¹ãå¯èœãª IPã¢ãã¬ã¹å㯠IPã¢ãã¬ã¹ã°ã«ãŒããæ倧 16åäœæã§ããŸãã
æ©èœè§£èª¬
⢠管çã€ã³ã¿ãã§ãŒã¹ã¯ãåæèšå®ã§ã¯ãã¹ãŠã® IPã¢ãã¬ã¹ã«å¯ŸããŠæ¥ç¶å¯èœãªç¶æ ã«ãªã£ãŠããŸãããã£ã«ã¿ãªã¹ãã« 1ã€ã§ã IPã¢ãã¬ã¹ãæå®ãããšããã®ã€ã³ã¿ãã§ãŒã¹ã¯æå®ããã¢ãã¬ã¹ããã®æ¥ç¶ã®ã¿ãèš±å¯ããŸãã
⢠èšå®ä»¥å€ã®ç¡å¹ãª IPã¢ãã¬ã¹ãã管çã¢ã¯ã»ã¹ã«æ¥ç¶ãããå Žåãæ¬æ©ã¯æ¥ç¶ãæåŠããã€ãã³ãã¡ãã»ãŒãžãã·ã¹ãã ãã°ã«ä¿åãããã©ããã¡ãã»ãŒãžã®éä¿¡ãè¡ããŸãã
⢠SNMPãWebãTelnetã¢ã¯ã»ã¹ãžã® IPã¢ãã¬ã¹å㯠IPã¢ãã¬ã¹ç¯å²ã®èšå®ã¯åèšã§æ倧 5ã€ãŸã§èšå®å¯èœã§ãã
⢠SNMPãWebãTelnetã®åäžã°ã«ãŒãã«å¯Ÿã㊠IPã¢ãã¬ã¹ç¯å²ãéè€ããŠèšå®ããããšã¯ã§ããŸãããç°ãªãã°ã«ãŒãã®å Žåã«ã¯ IPã¢ãã¬ã¹ç¯å²ãéè€ããŠèšå®ããããšã¯å¯èœã§ãã
⢠èšå®ãã IPã¢ãã¬ã¹ç¯å²ããç¹å®ã® IPã¢ãã¬ã¹ã®ã¿ãåé€ããããšã¯ã§ããŸãããIPã¢ãã¬ã¹ç¯å²ããã¹ãŠåé€ãããã®åŸèšå®ããçŽããŠäžããã
⢠IPã¢ãã¬ã¹ç¯å²ã®åé€ã¯ IPã¢ãã¬ã¹ç¯å²ã®æåã®ã¢ãã¬ã¹ã ããå ¥åããŠãåé€ãããšãã§ããŸãããŸããæåã®ã¢ãã¬ã¹ãšæåŸã®ã¢ãã¬ã¹ã®äž¡æ¹ãå ¥åããŠåé€ããããšãå¯èœã§ãã
èšå®ã»è¡šç€ºé ç®
Web IP Filter
Webã°ã«ãŒãã® IPã¢ãã¬ã¹
SNMP IP Filter
SNMPã°ã«ãŒãã® IPã¢ãã¬ã¹
Telnet IP Filter
Telnetã°ã«ãŒãã® IPã¢ãã¬ã¹
IP Filter List
ãã®ã€ã³ã¿ãã§ãŒã¹ã«æ¥ç¶ãèš±å¯ãããŠãã IPã¢ãã¬ã¹
Start IP Address
IPã¢ãã¬ã¹ãå㯠IPã¢ãã¬ã¹ãç¯å²ã§æå®ããŠããå Žåã®æåã® IPã¢ãã¬ã¹
End IP Address
IPã¢ãã¬ã¹ãç¯å²ã§æå®ããŠããå Žåã®æåŸã® IPã¢ãã¬ã¹
Add/Remove Filtering Entry
IPã¢ãã¬ã¹ããªã¹ããžè¿œå ãŸãã¯åé€
57 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ãŠãŒã¶èªèšŒ
èšå®æ¹æ³
[Security]â [IP Filter]ãã¯ãªãã¯ããŸãããããŒãžã¡ã³ãã¢ã¯ã»ã¹ãèš±å¯ãã IPã¢ãã¬ã¹ãå ¥åãã[Add Web IP Filtering Entry]ãã¯ãªãã¯ããŸãã
58FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ACL ïŒAccess Control ListsïŒ
2.6 ACL ïŒAccess Control ListsïŒ
Access Control Lists (ACL)㯠IPã¢ãã¬ã¹ããããã³ã«ãTCP/UDPããŒãçªå·ã«ãããã±ãããã£ã«ã¿ãªã³ã°ãæäŸããŸãã
å ¥åããããã±ããã®ãã£ã«ã¿ãªã³ã°ãè¡ãã«ã¯ãåãã«ã¢ã¯ã»ã¹ãªã¹ããäœæããå¿ èŠãªã«ãŒã«ãè¿œå ããŸãããã®åŸããªã¹ãã«ç¹å®ã®ããŒãããã€ã³ãããŸãã
2.6.1 ACLã®èšå®
ACL㯠IPã¢ãã¬ã¹ãåã¯ä»ã®æ¡ä»¶ãšäžèŽãããã±ããã«å¯ŸããŠèš±å¯ (Permit)åã¯æåŠ(Deny)ããããã®ãªã¹ãã§ãã
æ¬æ©ã§ã¯å ¥ååã³åºåãã±ããã«å¯Ÿã㊠ACLãšäžèŽãããã©ããïŒåãã€ç¢ºèªãè¡ãªããŸãããã±ãããèš±å¯ã«ãŒã«ãšäžèŽããå Žåã«ã¯çŽã¡ã«éä¿¡ãèš±å¯ããæåŠã«ãŒã«ãšäžèŽããå Žåã«ã¯ãã±ãããèœãšããŸãããªã¹ãäžã®èš±å¯ã«ãŒã«ã«äžèŽããªãå Žåããã±ããã¯èœãšããããªã¹ãäžã®æåŠã«ãŒã«ã«äžèŽããªãå Žåããã±ããã¯éä¿¡ãèš±å¯ãããŸãã
æ©èœè§£èª¬
ACLã¯ä»¥äžã®å¶éããããŸãã
⢠å ACLã¯æ倧 32ã«ãŒã«ãŸã§èšå®å¯èœã§ãã
⢠æ倧 ACL èšå®æ°ã¯ 32 åã§ãã
⢠ACL ãåºåãã£ã«ã¿ãšããŠã€ã³ã¿ãã§ãŒã¹ã«èšå®ãããå ŽåãACL ã«ãŒã«ã¯æåŠã«ãŒã« (deny)ã«ããå¿ èŠããããŸããããã§ãªãå Žåã«ã¯èšå®ããšã©ãŒãšãªããŸãã
⢠æ¬æ©ã§ã¯åºå IP ACL ã«ãã㊠"deny any any"ã«ãŒã«ããµããŒãããŠããŸããããã®ãããªèšå®ã ACL ã«å«ãŸããŠããŠãããŒãã®åºåãã£ã«ã¿ã«èšå®ãããå Žåã«ã¯ãšã©ãŒãšãªããŸãã
æå¹ãª ACLã¯ä»¥äžã®é çªã§å®è¡ãããŸãã
ïŒ1ïŒ åºåããŒãã®åºå IP ACLã®ãŠãŒã¶ã«å®çŸ©ãããã«ãŒã«
ïŒ2ïŒ å ¥åããŒãã®å ¥å IP ACLã®ãŠãŒã¶ã«å®çŸ©ãããã«ãŒã«
ïŒ3ïŒ å ¥åããŒãã®å ¥å IP ACLã®ããã©ã«ãã«ãŒã« (permit any any)
ïŒ4ïŒ æ確ãªã«ãŒã«ã«äžèŽããªãå Žåãæé»ã®ããã©ã«ãã«ãŒã« (permit all)
59 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ACL ïŒAccess Control ListsïŒ
ACLåããã³ã¿ã€ãã®èšå®
ACL ConfigurationããŒãžã§ã¯ãACLã®åååã³ã¿ã€ããèšå®ããããšãã§ããŸãã
èšå®ã»è¡šç€ºé ç®
Name
ACLåïŒ4æåä»¥äž 15æå以å ïŒ
Type
ïŒ Standard â ãœãŒã¹ IPã¢ãã¬ã¹ã«åºã¥ããã£ã«ã¿ãªã³ã°ãè¡ãªã IP ACLã¢ãŒã
ïŒ Extended â ãœãŒã¹åã¯ãã£ã¹ãã£ããŒã·ã§ã³ IPã¢ãã¬ã¹ããããã³ã«ã¿ã€ããTCP/UDPããŒãçªå·ãTCPã³ã³ãããŒã«ã³ãŒãã«åºã¥ããã£ã«ã¿ãªã³ã°ãè¡ãªã IP ACLã¢ãŒã
ïŒ MAC â ãœãŒã¹åã¯ãã£ã¹ãã£ããŒã·ã§ã³ MACã¢ãã¬ã¹ãã€ãŒãµããããã¬ãŒã ã¿ã€ã(RFC 1060)ã«åºã¥ããã£ã«ã¿ãªã³ã°ãè¡ãªã MAC ACLã¢ãŒã
èšå®æ¹æ³
[Security]â [ACL]â [Configuration]ãã¯ãªãã¯ããŸãã[Neme]ã« ACLåãå ¥åãã[Type]ããªã¹ãããéžæããŸã (IP Standard, IP Extended, MAC)ããã®åŸã[Add]ãã¯ãªãã¯ããæ°èŠãªã¹ãã®èšå®ããŒãžãéããŸãã
60FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ACL ïŒAccess Control ListsïŒ
Standard IP ACLã®èšå®
èšå®ã»è¡šç€ºé ç®
Action
ACLã®ã«ãŒã«ããpermitïŒèš±å¯ïŒãããdeny(æåŠ )ããéžæããŸãïŒåæèšå®ïŒPermitã«ãŒã«ïŒ
Address Type
ãœãŒã¹ IPã¢ãã¬ã¹ã®æå®ãè¡ãªããŸãã"any"ã§ã¯ãã¹ãŠã® IPã¢ãã¬ã¹ã察象ãšãªããŸãã"host"ã§ã¯ã¢ãã¬ã¹ãã£ãŒã«ãã®ãã¹ãã察象ãšãªããŸãã"IP"ã§ã¯ãIPã¢ãã¬ã¹ãšãµãããããã¹ã¯ã«ããèšå®ãã IPã¢ãã¬ã¹ã®ç¯å²ã察象ãšãªããŸãã
ïŒãªãã·ã§ã³ïŒAny, Host, IPãåæèšå®ïŒ AnyïŒ
IP Address
ãœãŒã¹ IPã¢ãã¬ã¹
SubnetMask
ãµãããããã¹ã¯
èšå®æ¹æ³
ãèš±å¯ãåã¯ãæåŠãã®åäœãèšå®ãããã®åŸã¢ãã¬ã¹ã¿ã€ãã Any, Host, IPããéžæããŸãã"Host"ãéžæããå Žåã«ã¯ç¹å®ã® IPã¢ãã¬ã¹ãæå®ããŸãã"IP"ãéžæããå Žåã«ã¯IPã¢ãã¬ã¹ã®ç¯å²ãæå®ããããã«ãµããããã¢ãã¬ã¹ãšãã¹ã¯ãèšå®ããŸãããã®åŸ[Add]ãã¯ãªãã¯ããŸãã
61 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ACL ïŒAccess Control ListsïŒ
Extended IP ACLã®èšå®
èšå®ã»è¡šç€ºé ç®
Action
ACLã®ã«ãŒã«ããpermitïŒèš±å¯ïŒãããdeny(æåŠ )ããéžæããŸãïŒåæèšå®ïŒPermitã«ãŒ
Source/Destination Address Type
ãœãŒã¹åã¯ãã£ã¹ãã£ããŒã·ã§ã³ IPã¢ãã¬ã¹ã®èšå®ãè¡ããŸãã"any"ã§ã¯ãã¹ãŠã® IPã¢ãã¬ã¹ã察象ãšãªããŸãã"host"ã§ã¯ã¢ãã¬ã¹ãã£ãŒã«ãã®ãã¹ãã察象ãšãªããŸãã"IP"ã§ã¯ãIPã¢ãã¬ã¹ãšãµãããããã¹ã¯ã«ããèšå®ãã IPã¢ãã¬ã¹ã®ç¯å²ã察象ãšãªããŸãïŒãªãã·ã§ã³ïŒAny, Host, IPãåæèšå®ïŒAnyïŒ
Source/Destination IP Address
ãœãŒã¹åã¯ãã£ã¹ãã£ããŒã·ã§ã³ IPã¢ãã¬ã¹
Source/Destination Subnet Mask
ãœãŒã¹åã¯ãã£ã¹ãã£ããŒã·ã§ã³ IPã¢ãã¬ã¹ã®ãµãããããã¹ã¯
Service Type
ïŒ Precedence â IP precedenceã¬ãã«ïŒç¯å²ïŒ0-7ïŒ
ïŒ ToS â ToS(Type of Service)ã¬ãã«ïŒç¯å²ïŒ0-15ïŒ
ïŒ DSCP â DSCPãã©ã€ãªãªãã£ã¬ãã«ïŒç¯å²ïŒ0-63ïŒProtocol
TCPãUDPã®ãããã³ã«ã¿ã€ãã®æå®åã¯ããŒãçªå· (0-255)
ïŒãªãã·ã§ã³ïŒTCP, UDP, Others;ãåæèšå®ïŒTCPïŒ
Source/Destination Port
ãããã³ã«ã¿ã€ãã«å¿ãããœãŒã¹ /ãã£ã¹ãã£ããŒã·ã§ã³ããŒãçªå·ïŒç¯å²ïŒ0-65535ïŒ
Control Code
TCPãããã®ãã€ã 14å ã®ãã©ã°ã»ããããæå®ïŒç¯å² :0-63ïŒ
Control Bit Mask
äžèŽããã³ãŒããããã®å€
â»ã³ã³ãããŒã«ããããã¹ã¯ã¯ãã³ã³ãããŒã«ã³ãŒãã«äœ¿çšããã 10é²æ°ã®å€ã§ãã10é²æ°ã®å€ãå ¥åããç䟡㪠2é²æ°ã®ãããã "1"ã®å ŽåãäžèŽãããããã§ããã"0"ã®å ŽåãæåŠããããããšãªããŸãã以äžã®ããããæå®ãããŸãã
ïŒ 1 (fin) â Finish
ïŒ 2 (syn) â Synchronize
ïŒ 4 (rst) â Reset
ïŒ 8 (psh) â PushïŒ 16 (ack) â Acknowledgement
ïŒ 32 (urg) â Urgent pointer
äŸãã°ãã³ãŒãå€åã³ã³ãŒããã¹ã¯ãå©çšãããã±ãããã€ããã«ã¯ä»¥äžã®ãã©ãã°ãã»ããããŸããïŒæå¹ãª SYN flag â ã³ã³ãããŒã«ã³ãŒãïŒ2ãã³ã³ãããŒã«ããããã¹ã¯ïŒ2ïŒæå¹ãª SYNåã³ ACK â ã³ã³ãããŒã«ã³ãŒãïŒ18ãã³ã³ãããŒã«ããããã¹ã¯ïŒ18ïŒæå¹ãª SYNåã³ç¡å¹ãª ACK â ã³ã³ãããŒã«ã³ãŒãïŒ2ãã³ã³ãããŒã«ããããã¹ã¯ïŒ18
62FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ACL ïŒAccess Control ListsïŒ
èšå®æ¹æ³
ïŒpermit/denyã®ïŒåäœãæå®ããŸãããœãŒã¹åã³ /åã¯ãã£ã¹ãã£ããŒã·ã§ã³ã¢ãã¬ã¹ãæå®ããã¢ãã¬ã¹ã¿ã€ã ((Any, Host, IP)ãéžæããŸãã"Host"ãéžæããå Žåãç¹å®ã®ã¢ãã¬ã¹ãå ¥åããŸãã"IP"ãéžæããå Žåãã¢ãã¬ã¹ç¯å²ãæå®ããããã«ãµããããã¢ãã¬ã¹ãšãã¹ã¯ãæå®ããŸãããããã³ã«ã¿ã€ãçã®ãã®ä»ã®å¿ èŠé ç®ãèšå®ãã[Add]ãã¯ãªãã¯ããŸãã
MAC ACLã®èšå®
èšå®ã»è¡šç€ºé ç®
Action
ACLã®ã«ãŒã«ããpermitïŒèš±å¯ïŒãããdeny(æåŠ )ããéžæããŸãïŒåæèšå®ïŒPermitã«ãŒã«ïŒ
Source/Destination MAC
"any"ã§ã¯ãã¹ãŠã® IPã¢ãã¬ã¹ã察象ãšãªããŸãã"host"ã§ã¯ã¢ãã¬ã¹ãã£ãŒã«ãã®ãã¹ãã察象ãšãªããŸãã"MAC"ã§ã¯ãMACã¢ãã¬ã¹ãšããããã¹ã¯ã«ããèšå®ãã MACã¢ãã¬ã¹ã®ç¯å²ã察象ãšãªããŸãïŒãªãã·ã§ã³ïŒAny, Host, MACãåæèšå®ïŒ AnyïŒ
Source/Destination MAC Address
ãœãŒã¹åã¯ãã£ã¹ãã£ããŒã·ã§ã³MACã¢ãã¬ã¹
Source/Destination MAC Bitmask
ãœãŒã¹åã¯ãã£ã¹ãã£ããŒã·ã§ã³MACã¢ãã¬ã¹ã® 16é²æ°ã®ãã¹ã¯
VID
VLAN IDïŒç¯å²ïŒ1-4093ïŒ
VID Mask .
VLAN ããããã¹ã¯ (ç¯å²ïŒ1-4095)
Ethernet Type
63 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ACL ïŒAccess Control ListsïŒ
ãã®é ç®ã¯ã€ãŒãµããã IIãã©ãŒãããã®ãã±ããã®ãã£ã«ã¿ãªã³ã°ã«äœ¿çšããŸãïŒç¯å²ïŒ600-fff hexïŒã€ãŒãµããããããã³ã«ã¿ã€ãã®ãªã¹ã㯠RFC 1060ã§å®çŸ©ãããŠããŸãããäžè¬çãªã¿ã€ããšããŠã¯ã0800(IP)ã0806(ARP)ã8137(IPX)çããããŸãã
Ethernet Type Mask
ãããã³ã«ããããã¹ã¯ïŒç¯å²ïŒ600-fff hexïŒ
Packet Format
æ¬å±æ§ã¯æ¬¡ã®ãã±ããã»ã¿ã€ãããéžæã§ããŸãã
ãïŒ Any â ãã¹ãŠã®ã€ãŒãµããããã±ããã¿ã€ã
ãïŒ Untagged-eth2 â ã¿ã°ãªãã€ãŒãµããã IIãã±ãã
ãïŒ Untagged-802.3 â ã¿ã°ãªãã€ãŒãµããã IEEE802.3ãã±ãã
ãïŒ Tagged-eth2 â ã¿ã°ä»ã€ãŒãµããã IIãã±ãã
ãïŒ Tagged-802.3 â ã¿ã°ä»ã€ãŒãµããã IEEE802.3ãã±ãã
æ©èœè§£èª¬
ACLã¯ä»¥äžã®å¶éããããŸãã
⢠åºå MAC ACL㯠destination-mac-known ãã±ããã®ã¿ã«æ©èœãããã«ããã£ã¹ããã±ããããããŒããã£ã¹ããã±ããåã³ destination-mac-unknown ãã±ããã«ã¯æ©èœããŸããã
èšå®æ¹æ³
ïŒpermit/denyã®ïŒåäœãæå®ããŸãããœãŒã¹åã³ /åã¯ãã£ã¹ãã£ããŒã·ã§ã³ã¢ãã¬ã¹ãæå®ããã¢ãã¬ã¹ã¿ã€ã ((Any, Host, MAC)ãéžæããŸãã"Host"ãéžæããå Žåãç¹å®ã®ã¢ãã¬ã¹ãå ¥åããŸãã"MAC"ãéžæããå Žåãã¢ãã¬ã¹ç¯å²ãæå®ããããã«ããŒã¹ã¢ãã¬ã¹ãšããããã¹ã¯ãæå®ããŸãããã®ä»ã®å¿ èŠé ç®ãèšå®ãã[Add]ãã¯ãªãã¯ããŸãã
64FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ACL ïŒAccess Control ListsïŒ
2.6.2 ãã¹ã¯ã®èšå®
ãã§ãã¯ããã ACLã«ãŒã«ãã³ã³ãããŒã«ããããã«ãã¹ã¯ã®èšå®ãè¡ãªããŸãã
æ¬æ©ã§ã¯å ¥åãã£ã«ã¿ã«å¯Ÿã㊠2çš®é¡ã®ããã©ã«ããã¹ã¯ãpass/filterãã±ãããããã³ã°ãpermit/denyã«ãŒã«ãæã£ãŠããŸãããŸããæ倧 7åã®ãŠãŒã¶å®çŸ©ãã¹ã¯ãå ¥å /åºå ACLã«èšå®ããããšãã§ããŸãããã¹ã¯ã¯ 1ã€ã®åºæ¬ ACLã¿ã€ã (Ingress IP ACL, Egress IP ACL, Ingress MAC ACL, Egress MAC ACL)ã«çµåãããŸãããåãã¿ã€ãã® ACLã§ããã°æ倧 4ã€ã® ACLã«çµåå¯èœã§ãã
æ©èœè§£èª¬
⢠ACLãã¹ã¯ã«ã¯æ倧 7åã®ãšã³ããªãæå®ããããšãã§ããŸãã
⢠ããŒãã暪æãããã±ãã㯠ACLå ã®ãã¹ãŠã®ã«ãŒã«ã«ãããã§ãã¯ãããŸãããããã®ãã±ããã®ãã§ãã¯ã¯ ACL ã«ãŒã«ã§ã¯ãªãããã¹ã¯ã«ãã決å®ãããŸãã
⢠ã€ã³ã¿ãã§ãŒã¹ã ACL ã«ãããã³ã°ããåã« ACL ãšå ¥ååã¯åºåãã¹ã¯ãäœæããŠäžããã
⢠ããŒãã®ãã€ã³ããããã¥ãŒããã¬ãŒã ãã©ã€ãªãªãã£ã®ã«ãŒã«ãžã®é¢é£ä»ããè¡ãªãåã«ãACL ã«ãŒã«ãžã®ãã¹ã¯ã®èšå®ãè¡ãªã£ãŠãã ããã
ACLãã¹ã¯ã®èšå®
ACLãã¹ã¯èšå®ããŒãžã§ã¯ãå ¥å IP ACLãåºå IP ACLãå ¥å MAC ACLãåºå MAC ACLã®ããã®ãã¹ã¯ã®ç·šéãè¡ãªããŸãã
èšå®æ¹æ³
[Security]â [ACL]â [ACL Mask Configuration]ãã¯ãªãã¯ããŸããããŒã·ãã¯ãã¹ã¯ã¿ã€ãã® 1ã€ã® "Edit"ãã¯ãªãã¯ããèšå®ããŒãžãéããŸãã
65 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ACL ïŒAccess Control ListsïŒ
IP ACLãã¹ã¯ã®èšå®
æ¬ãã¹ã¯ã¯ãIPãããããã§ãã¯ããããã®ãã£ãŒã«ããå®çŸ©ããŸãã
æ©èœè§£èª¬
⢠ã¬ã€ã€ 4 ãããã³ã«ãœãŒã¹åã¯ãã£ã¹ãã£ããŒã·ã§ã³ããŒããžã®ãšã³ããªãå«ãã§ãããã¹ã¯ã¯ããããé·ã 5 ãã€ãã®ãã±ããã«ã®ã¿å¯Ÿå¿ããããšãå¯èœã§ãã
èšå®ã»è¡šç€ºé ç®
Src/Dst IP
ãœãŒã¹åã¯ãã£ã¹ãã£ããŒã·ã§ã³ IPã¢ãã¬ã¹ãæå®ããŸãã"Any"ã®å Žåã«ã¯ãã¹ãŠã®ã¢ãã¬ã¹ã«ããããã"Host"ã®å Žåã«ã¯ãã¹ãã¢ãã¬ã¹ãæå®ãã"IP"ã®å Žåã«ã¯ã¢ãã¬ã¹ç¯å²ãæå®ããŸãïŒéžæè¢ïŒAny, Host, IPãåæèšå®ïŒAnyïŒ
Src/Dst IP Bitmask
ã«ãŒã«ã®ãœãŒã¹åã¯ãã£ã¹ãã£ããŒã·ã§ã³ã¢ãã¬ã¹ã¯ãã®ããããã¹ã¯ã«äžèŽããå¿ èŠããããŸãã
Protocol Bitmask
ãããã³ã«ãã£ãŒã«ãã®ãã§ãã¯
Service Type
ãã©ã€ãªãªãã£ã¿ã€ããžã®ã«ãŒã«ã®ãã§ãã¯ïŒéžæè¢ïŒPrecedence,TOS, DSCPãåæèšå®ïŒTOSïŒ
Src/Dst Port Bitmask
ã«ãŒã«ã®ãããã³ã«ããŒãã¯æ¬ããããã¹ã¯ã«äžèŽããå¿ èŠããããŸãïŒç¯å²ïŒ0-65535ïŒ
Control Bitmask
ã«ãŒã«ã®ã³ã³ãããŒã«ãã©ã°ã¯æ¬ããããã¹ã¯ã«äžèŽããå¿ èŠããããŸãïŒç¯å²ïŒ0-63ïŒ
66FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ACL ïŒAccess Control ListsïŒ
èšå®æ¹æ³
å ¥å /åºå IP ACLã®ã«ãŒã«ãšäžèŽãããã¹ã¯ã®èšå®ãè¡ãªããŸããä»»æã®ãœãŒã¹åã¯ãã£ã¹ãã£ããŒã·ã§ã³ã¢ãã¬ã¹ããã§ãã¯ãããã¹ã¯ã®èšå®ããããã¹ãã¢ãã¬ã¹åã¯ã¢ãã¬ã¹ç¯å²ã®æå®ãè¡ãªããŸãããŸãããããã³ã«ã¿ã€ããä»ã®ãµãŒãã¹ã¿ã€ããªã©ã«ãŒã«å ã®é ç®ã®æ€çŽ¢èšå®ããç¹å®ã®ãããã³ã«ããŒãå㯠TCPã³ã³ãããŒã«ã³ãŒãã®ç¹å®ãè¡ã [Add]ãã¯ãªãã¯ããŸãã
67 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ACL ïŒAccess Control ListsïŒ
MAC ACLãã¹ã¯ã®èšå®
æ¬ãã¹ã¯ã¯ããã±ãããããããã§ãã¯ããããã®ãã£ãŒã«ããå®çŸ©ããŸãã
æ©èœè§£èª¬
⢠ACLã«ãŒã«ãžã®ãã¹ã¯ã¯ããŒãããã€ã³ãããåã«èšå®ããå¿ èŠããããŸãã
èšå®ã»è¡šç€ºé ç®
Source/Destination MAC
"Any"ã®å Žåã«ã¯ãã¹ãŠã®ã¢ãã¬ã¹ã«ããããã"Host"ã®å Žåã«ã¯ãã¹ãã¢ãã¬ã¹ãæå®ãã"MAC"ã®å Žåã«ã¯ã¢ãã¬ã¹ç¯å²ãæå®ããŸãïŒéžæè¢ïŒAny, Host, MACãåæèšå®ïŒAnyïŒ
Source/Destination MAC Bitmask
æ¬ããããã¹ã¯ãäžèŽããã«ãŒã«å ã®ã¢ãã¬ã¹
VID Bitmask
æ¬ããããã¹ã¯ãäžèŽããã«ãŒã«å ã® VLAN ID
Ethernet Type Bitmask
æ¬ããããã¹ã¯ãäžèŽããã«ãŒã«å ã®ã€ãŒãµãããã¿ã€ã
Packet Format Bitmask
ã«ãŒã«å ã®ãã±ãããã©ãŒããã
èšå®æ¹æ³
å ¥å /åºå MAC ACLã®ã«ãŒã«ãšäžèŽãããã¹ã¯ã®èšå®ãè¡ãªããŸããä»»æã®ãœãŒã¹åã¯ãã£ã¹ãã£ããŒã·ã§ã³ã¢ãã¬ã¹ããã§ãã¯ãããã¹ã¯ã®èšå®ããããã¹ãã¢ãã¬ã¹åã¯ã¢ãã¬ã¹ç¯å²ã®æå®ãè¡ãªããŸãããŸããããããã¹ã¯ã䜿çšããç¹å®ã® VLAN IDãã€ãŒãµãããã¿ã€ãã®æ€çŽ¢èšå®ãããã±ãããã©ãŒãããã®ã«ãŒã«ã®ãã§ãã¯ãè¡ãªãã [Add]ãã¯ãªãã¯ããŸãã
68FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ACL ïŒAccess Control ListsïŒ
2.6.3 ACLãžã®ããŒãã®ãã€ã³ã
ACLã®èšå®ãå®äºåŸããã£ã«ã¿ãªã³ã°ãæ©èœãããããã«ã¯ããŒãããã€ã³ãããå¿ èŠããããŸãã ACL㯠1ã€ãä»»æã®ããŒãã«æå®ã§ããŸãã
æ©èœè§£èª¬
æ¬æ©ã§ã¯ ingressïŒå ¥åïŒACLããµããŒãããŸãã
èšå®ã»è¡šç€ºé ç®
Port
ããŒãåã¯æ¡åŒµã¢ãžã¥ãŒã«ã¹ãããïŒç¯å²ïŒ1-12ïŒ
IP
ããŒãã«ãã€ã³ããã IP ACLã«ãŒã«
MAC
ããŒãã«ãã€ã³ããã MAC ACLã«ãŒã«
IN
å ¥å (ingress)ãã±ããã«å¯Ÿãã ACL
OUT
åºå (egress)ãã±ããã«å¯Ÿãã ACL
èšå®æ¹æ³
[Security]â [ACL]â [Port Binding]ãã¯ãªãã¯ããŸããACLããã€ã³ãããããŒãã«å¯ŸããŠ"Enable"ãã£ãŒã«ãã«ãã§ãã¯ãå ¥ããããããããŠã³ãªã¹ããã ACLãéžæããŸãããã®åŸã[Apply]ãã¯ãªãã¯ããŸãã
69 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ããŒãèšå®
2.7 ããŒãèšå®
2.7.1 æ¥ç¶ç¶æ³ã®è¡šç€º
æ¥ç¶ç¶æ ã®æ å ±ã»é床åã³éä¿¡æ¹åŒã»ãããŒå¶åŸ¡ãããŠããªãŒãããŽã·ãšãŒã·ã§ã³ãå«ãçŸåšã®æ¥ç¶æ å ±ã衚瀺ããããã« Port Informationåã³ Trunk Informationç»é¢ã䜿çšããããšãã§ããŸãã
èšå®ã»è¡šç€ºé ç®
Name
ã€ã³ã¿ãã§ãŒã¹ã©ãã«ã®è¡šç€ºType
ããŒãã®çš®é¡ (100Base-TXå㯠1000BASE-T, SFP)ã®è¡šç€º
Admin Status
ã€ã³ã¿ãã§ãŒã¹ã®æå¹ /ç¡å¹ã®è¡šç€º
Oper Status
ãªã³ã¯ã¢ãã /ãªã³ã¯ããŠã³ã®è¡šç€º
Speed/Duplex Status
éä¿¡é床åã³éä¿¡æ¹åŒã®è¡šç€º (Auto, Fixed)
Flow Control Status
䜿çšäžã®ãããŒå¶åŸ¡ã®çš®é¡ã®è¡šç€º (IEEE 802.3x, Back-Pressure, None)
Autonegotiation
ãªãŒãããŽã·ãšãŒã·ã§ã³ã®æå¹ /ç¡å¹ã®è¡šç€º
Media TypeïŒPort InformationããŒãžã®ã¿ïŒ
ã¡ãã£ã¢ã¿ã€ãTrunk Member
ããŒãã®ãã©ã³ã¯ç¶æ ã®è¡šç€ºïŒPort InformationããŒãžã®ã¿ïŒ
Creation
ãã©ã³ã¯ã LACPã䜿çšããŠåçã«èšå®ãããŠããããæåã§èšå®ãããŠãããã®è¡šç€ºïŒTrunk InformationããŒãžã®ã¿ïŒ
70FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ããŒãèšå®
èšå®æ¹æ³
[Port]â [Port Information]å㯠[Trunk Information]ãã¯ãªãã¯ããŸããå¿ èŠãªã€ã³ã¿ãã§ãŒã¹ã®èšå®ã®å€æŽãã[Apply]ãã¯ãªãã¯ããŸãã
71 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ããŒãèšå®
2.7.2 ã€ã³ã¿ãã§ãŒã¹æ¥ç¶ã®èšå®
Trunk ConfigurationïŒãã©ã³ã¯èšå®ïŒããŒãžåã³ Port ConfigurationïŒããŒãèšå®ïŒããŒãžãããã€ã³ã¿ãã§ãŒã¹ã®æå¹ /ç¡å¹ãæåã§ã®éä¿¡é床åã³éä¿¡æ¹åŒããããŒã³ã³ãããŒã«ããªãŒãããŽã·ãšãŒã·ã§ã³ã®èšå®åã³ã€ã³ã¿ãã§ãŒã¹ã®å¯Ÿå¿æ©èœãèšå®ããããšãã§ããŸãã
èšå®ã»è¡šç€ºé ç®
Name
åã€ã³ã¿ãã§ãŒã¹ã«ç®¡çèå¥çšã«ååãã€ããããšãã§ããŸã (1-64æå )
Admin
ã³ãªãžã§ã³ã®å€çºãªã©ã®å Žåã«ã€ã³ã¿ãã§ãŒã¹ãæåã§ç¡å¹ã«ããããšãã§ããŸããåé¡ã解決ããåŸã«ãå床ã€ã³ã¿ãã§ãŒã¹ãæå¹ã«ããããšãã§ããŸãããŸããã»ãã¥ãªãã£ã®ããã«ã€ã³ã¿ãã§ãŒã¹ãç¡å¹ã«ããããšãã§ããŸãã
Speed/Duplex
ãªãŒãããŽã·ãšãŒã·ã§ã³ãç¡å¹ã«ããå Žåã«ãããŒãã®éä¿¡é床åã³éä¿¡æ¹åŒãæåã§èšå®ã§ããŸãã
Flow Control
ãããŒã³ã³ãããŒã«ãèªåèšå®åã¯æåèšå®ã§è¡ãããšãã§ããŸãã
Autonegotiation(Port Capabilities)
ãªãŒãããŽã·ãšãŒã·ã§ã³ãæå¹åã¯ç¡å¹ã«ããŸãããŸãããªãŒãããŽã·ãšãŒã·ã§ã³æã®ããŒãã®å¯Ÿå¿æ©èœãéç¥ããèšå®ãè¡ããŸãã以äžã®æ©èœããµããŒããããŠããŸãã
ïŒ 10half â 10 Mbps half-duplexã§åäœããŸãã
ïŒ 10full â 10 Mbps full-duplexã§åäœããŸãã
ïŒ 100half â 100 Mbps half-duplexã§åäœããŸãã
ïŒ 100full â 100 Mbps full-duplexã§åäœããŸãã
ïŒ 1000full ïŒã³ã³ãããŒãã®ã¿ïŒâ 1000 Mbps full-duplexã§åäœããŸãã
Media Type
ã¡ãã£ã¢ã¿ã€ãïŒ9-12ããŒãïŒ
Trunk
ããŒãããã©ã³ã¯ã¡ã³ããŒã®å Žåã«è¡šç€ºãããŸãããã©ã³ã¯ã®èšå®åã³ããŒãã¡ã³ããŒã®éžæã¯ãP74 ããã©ã³ã¯ã°ã«ãŒãã®èšå®ããåç §ããŠäžããã
[泚æ ]ãããŒãã®èšå®ãæåã§è¡ãªããSpeed/Duplex Modeåã³ Flow Controlã®èšå®ãåæ ãããããã«ã¯ãAutonegotiationïŒãªãŒãããŽã·ãšãŒã·ã§ã³ïŒã¯ DisabledïŒç¡å¹ïŒã«ããå¿ èŠããããŸãã
72FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ããŒãèšå®
èšå®æ¹æ³
[Port]â [Port Configuration]å㯠[Trunk Configuration]ãã¯ãªãã¯ããŸããå¿ èŠãªã€ã³ã¿ãã§ãŒã¹ã®èšå®ãå€æŽã [Apply]ãã¯ãªãã¯ããŸãã
73 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ããŒãèšå®
2.7.3 ãã©ã³ã¯ã°ã«ãŒãã®èšå®
ãããã¯ãŒã¯æ¥ç¶ã«ããããã³ãå¹ ã®æ¡å€§ã«ããããã«ããã¯ã®è§£æ¶ãé害ã®åé¿ã®ããã«è€æ°ã®ããŒãã¯æãããã©ã³ã¯æ©èœãå©çšããããšãã§ããŸããæ倧 32ã®ãã©ã³ã¯ãåæã«èšå®ããããšãã§ããŸãã
æ¬æ©ã¯ãéçãã©ã³ã¯åã³åç㪠Link Aggregation Control Protocol (LACP)ã®äž¡æ¹ããµããŒãããŠããŸããéçãã©ã³ã¯ã§ã¯ãæ¥ç¶ã®äž¡ç«¯ã«ãããŠæåã§èšå®ããå¿ èŠãããããŸãCisco EtherChannelã«æºæ ããŠããå¿ èŠããããŸããäžæ¹ LACPã§ã¯ LACPã«èšå®ããããŒããã察åã® LACPèšå®ããŒããšé£æºããèªåçã«ãã©ã³ã¯ã®èšå®ãè¡ãªããŸããéçãã©ã³ã¯ããŒããšããŠèšå®ããŠããªãå Žåã«ã¯ããã¹ãŠã®ããŒãã LACPããŒãã«èšå®ããããšãã§ããŸããããã8ã€ä»¥äžã®ããŒãã«ãã LACPãã©ã³ã¯ã圢æããŠããå Žåã8ã€ã®ããŒã以å€ã¯ã¹ã¿ã³ãã€ã¢ãŒããšãªããŸãããã©ã³ã¯ããŠãã 1ã€ã®ããŒãã«é害ãçºçããå Žåã«ã¯ãã¹ã¿ã³ãã€ã¢ãŒãã®ããŒãã® 1ã€ãèªåçã«é害ããŒããšçœ®ãæãããŸãã
æ©èœè§£èª¬
ãã©ã³ã¯å ã®åããŒãã§éä¿¡ãåæ£ããããšåã³ããã©ã³ã¯å ã®ããŒãã§é害ãçºçããå Žåã«ä»ã®ããŒãã䜿çšãéä¿¡ãç¶ç¶ãããæ©èœãæäŸããŸãã
ãªããèšå®ãè¡ãªãå Žåã«ã¯ãããã€ã¹éã®ã±ãŒãã«æ¥ç¶ãè¡ãªãåã«äž¡ç«¯ã®ããã€ã¹ã«ãããŠãã©ã³ã¯ã®èšå®ãè¡ãªã£ãŠäžããã
ãã©ã³ã¯ã®èšå®ãè¡ãªãå Žåã«ã¯ä»¥äžã®ç¹ã«æ³šæããŠäžãã :
⢠ã«ãŒããåé¿ãããããã¹ã€ããéã®ãããã¯ãŒã¯ã±ãŒãã«ãæ¥ç¶ããåã«ããŒããã©ã³ã¯ã®èšå®ãè¡ãªã£ãŠäžããã
⢠1ãã©ã³ã¯æ倧 8ããŒããæ倧 6ãã©ã³ã¯ãäœæããããšãã§ããŸãã
⢠䞡端ã®ããã€ã¹ã®ããŒãããã©ã³ã¯ããŒããšããŠèšå®ããå¿ èŠããããŸãã
⢠ç°ãªãæ©åšå士ã§éçãã©ã³ã¯ãè¡ãªãå Žåã«ã¯ãCisco EtherChannelãšäºææ§ããªããã°ãªããŸããã
⢠ãã©ã³ã¯ã®äž¡ç«¯ã®ããŒãã¯éä¿¡é床ãéä¿¡æ¹åŒãåã³ãããŒå¶åŸ¡ã®éä¿¡ã¢ãŒããVLANèšå®ãåã³ CoSèšå®çã«é¢ããŠåãèšå®ãè¡ãªãå¿ èŠããããŸãã
⢠ãã©ã³ã¯ã®å šãŠã®ããŒã㯠VLANã®ç§»åãè¿œå åã³åé€ãè¡ãªãéã« 1ã€ã®ã€ã³ã¿ãã§ãŒã¹ãšããŠèšå®ããå¿ èŠããããŸãã
⢠STPãVLANåã³ IGMPã®èšå®ã¯ãã©ã³ã¯å šäœãžã®èšå®ã®ã¿ãå¯èœã§ãã
74FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ããŒãèšå®
éçãã©ã³ã¯ã®èšå®
æ©èœè§£èª¬
⢠ã¡ãŒã«ãŒç¬èªã®æ©èœã®å®è£ ã«ãããç°ãªãæ©çš®éã§ã¯ãã©ã³ã¯æ¥ç¶ãã§ããªãå¯èœæ§ããããŸãã æ¬æ©ã®éçãã©ã³ã¯ã¯ Cisco EtherChannelã«å¯Ÿå¿ããŠããŸãã
⢠ãããã¯ãŒã¯ã®ã«ãŒããåé¿ãããããããŒãæ¥ç¶åéçãã©ã³ã¯ãèšå®ããéçãã©ã³ã¯ã解é€ããåã«ããŒãã®åæãè¡ãªã£ãŠäžããã
èšå®æ¹æ³
[Port]â [Trunk Membership]ãã¯ãªãã¯ããŸãã1ãã 25ã®ãã©ã³ã¯ IDã Trunkã«å ¥åããã¹ã¯ããŒã«ããŠã³ãªã¹ãããããŒãçªå·ãéžæã [Add]ãã¯ãªãã¯ããŸããMember Listãžã®ããŒãã®è¿œå ãå®äºããåŸã[Apply]ãã¯ãªãã¯ããŸãã
75 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ããŒãèšå®
LACPèšå®
æ©èœè§£èª¬
⢠ãããã¯ãŒã¯ã®ã«ãŒããåé¿ãããããããŒãæ¥ç¶åã« LACPãæå¹ã«ããLACPãç¡å¹ã«ããåã«ããŒãã®åæãè¡ã£ãŠäžããã
⢠察åã®ã¹ã€ããã®ããŒãã LACPãæå¹ã«èšå®ããŠããå Žåããã©ã³ã¯ã¯èªåçã«ã¢ã¯ãã£ãã«ãªããŸãã
⢠LACPã«ãã察åã®ã¹ã€ãããšæ§æããããã©ã³ã¯ã«ã¯ãèªåçã«æ¬¡ã®çªå·ã®ãã©ã³ã¯ IDãå²ãåœãŠãããŸãã
⢠8ã€ä»¥äžã®ããŒãã«ãã LACPãã©ã³ã¯ãæå¹ã«ããå Žåã8ã€ã®ããŒã以å€ã¯ã¹ã¿ã³ãã€ã¢ãŒããšãªããŸãããã©ã³ã¯ããŠãã 1ã€ã®ããŒãã«é害ãçºçããå Žåã«ã¯ãã¹ã¿ã³ãã€ã¢ãŒãã®ããŒãã® 1ã€ãèªåçã«é害ããŒããšçœ®ãæãããŸãã
⢠LACPãã©ã³ã¯ã®äž¡ç«¯ã®ããŒãã¯åºå®åã¯ãªãŒãããŽã·ãšãŒã·ã§ã³ã«ãã full duplexã«èšå®ããå¿ èŠããããŸãã
⢠LACPã«ããåçãªãã©ã³ã¯ã°ã«ãŒãã«èšå®ããããã©ã³ã¯æ å ±ã¯ãMember Listç»é¢å㯠Trunk Membershipç»é¢ã§ã確èªã§ããŸã (P74)
èšå®æ¹æ³
[Port]â [LACP]â [Configuration]ãã¯ãªãã¯ããŸãã ã¹ã¯ããŒã«ããŠã³ãªã¹ãããããŒããéžæãã[Add]ãã¯ãªãã¯ããŸããMember Listãžã®ããŒãã®è¿œå ãå®äºããåŸã[Apply]ãã¯ãªãã¯ããŸãã
76FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ããŒãèšå®
2.7.4 ãããŒããã£ã¹ãã¹ããŒã ãããå€ã®èšå®
ãããŒããã£ã¹ãã¹ããŒã ã¯ãããã¯ãŒã¯äžã®ããã€ã¹ã誀äœåããå Žåããã¢ããªã±ãŒã·ã§ã³ããã°ã©ã ã®èšèšãæ£ãããªãå Žåãé©åã«æ§æãããŠããªãæã«èµ·ãããŸãããããã¯ãŒã¯äžã§é床ã®ãããŒããã£ã¹ããã©ãã£ãã¯ãçºçããå Žåããããã¯ãŒã¯ã®æ§èœã¯å€§å¹ ã«äœäžããéä¿¡ãå®å šã«äžæãããããšããããŸãã
åããŒãã®ãããŒããã£ã¹ããã©ãã£ãã¯ã®ãããå€ãèšå®ããããšã«ãããããŒããã£ã¹ãã¹ããŒã ãããããã¯ãŒã¯ãä¿è·ããããšãã§ããŸããæå®ããããããå€ãè¶ ãããããŒããã£ã¹ããã±ããã¯ãããããããŸãã
æ©èœè§£èª¬
⢠ãããŒããã£ã¹ãã¹ããŒã ã¯åæèšå®ã§æå¹ã«ãªã£ãŠããŸãã
⢠ãããŒããã£ã¹ãã³ã³ãããŒã«ã¯ IPãã«ããã£ã¹ããã©ãã£ãã¯ã«åœ±é¿ãäžããŸããã
èšå®ã»è¡šç€ºé ç®
Protect Status
ãããŒããã£ã¹ãã¹ããŒã ã³ã³ãããŒã«ã®æå¹ /ç¡å¹ïŒåæèšå®ïŒæå¹ïŒ
Threshold
ããŒããééãããããŒããã£ã¹ããã±ããã®æ¯ç§åœããã®ãã±ããæ°ããããå€ã§èšå®ã§ããŸãïŒç¯å² :500-262143ãã±ãã /ç§ãåæèšå®ïŒ500ãã±ãã /ç§ïŒ
èšå®æ¹æ³
[Port]â [Port Broadcast Control]ãã¯ãªãã¯ããŸããThresholdïŒãããå€ïŒãèšå®ãã[Apply]ãã¯ãªãã¯ããŸãã
77 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ããŒãèšå®
2.7.5 ããŒããã©ãŒãªã³ã°ã®èšå®
ãªã¢ã«ã¿ã€ã ã§éä¿¡ã®è§£æãè¡ãããã«ããœãŒã¹ããŒãããã¿ãŒã²ããããŒããžéä¿¡ã®ãã©ãŒãªã³ã°ãããäºãã§ããŸããããã«ãããã¿ãŒã²ããããŒãã«ãããã¯ãŒã¯è§£æè£ çœ®ïŒSnifferçïŒå㯠RMONãããŒããæ¥ç¶ããéä¿¡ã«åœ±é¿ãäžããã«ãœãŒã¹ããŒãã®ãã©ãã£ãã¯ã解æããããšãã§ããŸãã
æ©èœè§£èª¬
⢠ãœãŒã¹ããŒããšã¿ãŒã²ããããŒãã®éä¿¡é床ã¯åãã§ãªããã°ãããŸãããéä¿¡é床ãç°ãªãå Žåã«ã¯ãéä¿¡ãã¿ãŒã²ããããŒãåŽã§èœãšãããŸãã
â¢ å šãŠã®ãã©ãŒã»ãã·ã§ã³ã¯ãåãããŒãã¿ãŒã²ããããŒããå ±æããŸãã⢠ãœãŒã¹ããŒããšã¿ãŒã²ããããŒãã¯åã VLANå ã«æå±ããå¿ èŠããããŸãã
èšå®ã»è¡šç€ºé ç®
Mirror Sessions
çŸåšã®ãã©ãŒã»ãã·ã§ã³ã®äžèŠ§ã衚瀺ããŸãã
Source Port
éä¿¡ãã¢ãã¿ãŒããããœãŒã¹ããŒã
Type
ã¢ãã¿ãŒãè¡ãéä¿¡ã®çš®é¡ã
RxïŒåä¿¡ïŒãTxïŒéä¿¡ïŒãïŒåæèšå®ïŒRxïŒ
Target Port
ãœãŒã¹ããŒãã®éä¿¡ã®ãã©ãŒãªã³ã°ããããã¿ãŒã²ããããŒã
èšå®æ¹æ³
[Port]â [Mirror]ãã¯ãªãã¯ããŸããSource PortïŒãœãŒã¹ããŒãïŒåã³ TypeïŒãã©ãŒãªã³ã°ãããã©ãã£ãã¯ã¿ã€ãïŒãã㊠Target PortïŒã¿ãŒã²ããããŒãïŒãæå®ãã[Add]ãã¯ãªãã¯ããŸãã
Singletargetport
Singlesourceport (s)
78FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ããŒãèšå®
2.7.6 垯åå¶åŸ¡
垯åå¶åŸ¡æ©èœã§ã¯åã€ã³ã¿ãã§ãŒã¹ã®éä¿¡åã³åä¿¡ã®æ倧é床ãèšå®ããããšãã§ããŸãã垯åå¶åŸ¡ã¯åããŒã /ãã©ã³ã¯æ¯ã«èšå®å¯èœã§ãã
垯åå¶åŸ¡ãæå¹ã«ãããšãéä¿¡ã¯ããŒããŠã§ã¢ã«ããç£èŠãããèšå®ãè¶ ããéä¿¡ã¯ãããããããŸããèšå®ç¯å²å ã®éä¿¡ã¯ãã®ãŸãŸè»¢éãããŸãã
æ©èœè§£èª¬
⢠åã€ã³ã¿ãã§ãŒã¹ã«å¯Ÿããå ¥ååã³åºåã®åž¯åå¶åŸ¡ã®æå¹ /ç¡å¹ãèšå®ã§ããŸãã
èšå®ã»è¡šç€ºé ç®
Rate Limit
ã€ã³ã¿ãã§ãŒã¹ã®åºåã¬ãŒããèšå®ããŸãã
ïŒåæã¹ããŒã¿ã¹ïŒç¡å¹
ïŒåæã¬ãŒãïŒ1000Mbps
ïŒç¯å²ïŒ1-1000Mbps
èšå®æ¹æ³
[Port]â [Rate Limit]â [Input Port/Trunk Configuration]ãã¯ãªãã¯ããŸããåã€ã³ã¿ãã§ãŒã¹ã«å¯Ÿã㊠[Rate Limit Status]ãéžæãã[Rate Limit Level]ãèšå®ããrate limitïŒåž¯åå¶åŸ¡ïŒã®å€ãèšå®ãã [Apply]ãã¯ãªãã¯ããŸãã
79 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ããŒãèšå®
2.7.7 ããŒãçµ±èšæ å ±è¡šç€º
RMON MIBãããŒã¹ãšããéä¿¡ã®è©³çŽ°æ å ±ã®ä»ãEthernet-like MIBãã€ã³ã¿ãã§ãŒã¹ã°ã«ãŒãããã®ãããã¯ãŒã¯éä¿¡ã®æšæºçãªçµ±èšæ å ±ã®è¡šç€ºãè¡ãããšãã§ããŸãã
ã€ã³ã¿ãã§ãŒã¹åã³ Ethernet-likeçµ±èšæ å ±ã¯åããŒãã®éä¿¡ãšã©ãŒæ å ±ã衚瀺ããŸãããããã®æ å ±ã¯ããŒãäžè¯ããéè² è·ãªã©ã®åé¡ç¹ãæ確ã«ããããšãã§ããŸãã
RMONçµ±èšæ å ±ã¯åããŒãã®ãã¬ãŒã ã¿ã€ãæ¯ã®éä¿¡éãå«ãå¹ åºãçµ±èšæ å ±ãæäŸããŸãããã¹ãŠã®å€ã¯ã·ã¹ãã ãåèµ·åãããæããã®çŽ¯ç©æ°ãšãªããæ¯ç§åäœ (per second)ã§è¡šç€ºãããŸããåæèšå®ã§ã¯çµ±èšæ å ±ã¯ 60ç§ããšã«æŽæ°ãããŸãã
[泚æ]ã RMONã°ã«ãŒã2ã3ã9ã¯ãSNMP管çãœãããŠã§ã¢ã䜿çšããªããšå©çšã§ããŸããã
çµ±èšå€
ãã©ã¡ãŒã¿ 解説
Interface Statistics
Received Octets ãã¬ãŒã æåãå«ãã€ã³ã¿ãã§ãŒã¹ã§åä¿¡ããããªã¯ãããã®æ°
Received Unicast Packets å±€äœãããã³ã«ã§åä¿¡ãããµããããã¯ãŒã¯ãŠããã£ã¹ããã±ããã®æ°
Received Multicast Packets
ãã®ãµãã¬ã€ã€ããéä¿¡ãããé«å±€ã®ã¬ã€ã€ã§åä¿¡ããããã±ããã§ããã®ãµãã¬ã€ã€ã®ãã«ããã£ã¹ãã¢ãã¬ã¹å®ãŠã®ãã±ããã®æ°
Received Broadcast Packets
ãã®ãµãã¬ã€ã€ããéä¿¡ãããé«å±€ã®ã¬ã€ã€ã§åä¿¡ããããã±ããã§ããã®ãµãã¬ã€ã€ã®ãããŒããã£ã¹ãã¢ãã¬ã¹å®ãŠã®ãã±ããã®æ°
Received Discarded Packets
ã©ãŒä»¥å€ã®çç±ã§åé€ãããåä¿¡ãã±ããã®æ°ããã±ãããåé€ãããçç±ã¯ããããã¡ã¹ããŒã¹ã空ããããã§ã
Received Unknown Packets
ã€ã³ã¿ãã§ãŒã¹ããåä¿¡ãããã±ããã§ãæªç¥åã¯æªå¯Ÿå¿ãããã³ã«ã®ããã«åé€ããããã±ããã®æ°ã
Received Errors åä¿¡ãã±ããã§ãäžå±€äœãããã³ã«ãžå±ããããšã劚ãããšã©ãŒãå«ãã§ãããã±ããã®æ°ã
Transmit Octets ãã¬ãŒã æååãå«ãã€ã³ã¿ãã§ãŒã¹ããéä¿¡ããããªã¯ãããã®æ°ã
Transmit Unicast Packet äžå±€äœãããã³ã«ããµããããã¯ãŒã¯ãŠããã£ã¹ãã¢ãã¬ã¹ã«éä¿¡ããããèŠæ±ãããã±ããã®æ°ãïŒåé€ããããã±ããåã³éä¿¡ãããªãã£ããã±ãããå«ãïŒ
Transmit Multicast Packets äžå±€äœãããã³ã«ãèŠæ±ãããã±ããã§ããã®ãµãã¬ã€ã€ã®ãã«ããã£ã¹ãã¢ãã¬ã¹ã«å®ãŠããããã±ããã®æ°ãïŒåé€ããããã±ããåã³éä¿¡ãããªãã£ããã±ãããå«ãïŒ
Transmit Broadcast Packets
äžå±€äœãããã³ã«ãèŠæ±ãããã±ããã§ããã®ãµãã¬ã€ã€ã®ãããŒããã£ã¹ãã¢ãã¬ã¹ã«å®ãŠããããã±ããã®æ°ãïŒåé€ããããã±ããåã³éä¿¡ãããªãã£ããã±ãããå«ãïŒ
Transmit Discarded Packets
ãšã©ãŒä»¥å€ã®çç±ã§åé€ãããã¢ãŠãããŠã³ããã±ããã®æ°ããã±ãããåé€ãããçç±ã¯ããããã¡ã¹ããŒã¹ã空ããããã§ãã
Transmit Errors ãšã©ãŒã«ããéä¿¡ãããªãã£ãã¢ãŠãããŠã³ããã±ããã®æ°
Etherlike Statistics
Alignment Errors æŽåæ§ãšã©ãŒæ° (åæãã¹ããŒã¿ãã±ãã )
Late Collisions 512ãããã¿ã€ã ããåŸã«ã³ãªãžã§ã³ãæ€åºãããåæ°
FCS Errors ç¹å®ã®ã€ã³ã¿ãã§ãŒã¹ã§åä¿¡ãããã¬ãŒã ã§ãå®å šãªãªã¯ãããã®é·ãã§ãFCSãã§ãã¯ã«ãã¹ããªãã£ããã¬ãŒã ã®æ°ãframe-too-long frame-too-shortãšã©ãŒãšå ±ã«åä¿¡ãããã¬ãŒã ã¯é€ããŸãã
80FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ããŒãèšå®
Excessive Collisions ç¹å®ã®ã€ã³ã¿ãã§ãŒã¹ã§ã³ãªãžã§ã³ã®å€çºã«ãããšã©ãŒãèµ·ããããã±ããæ°ãfull-duplexã¢ãŒãã§ã¯åäœããŸããã
Single Collision 1ã€ã®ã³ãªãžã§ã³ã§è»¢éã劚ãããããã¬ãŒã ã§ãéä¿¡ã«æåãããã¬ãŒã æ°
Internal MAC Transmit Errors
å éšã® MACãµãã¬ã€ã€ãŒãšã©ãŒã«ããç¹å®ã®ã€ã³ã¿ãã§ãŒã¹ãžã®éä¿¡ã«å€±æãããã¬ãŒã æ°
Multiple Collision Frames 2ã€ä»¥äžã®ã³ãªãžã§ã³ã§è»¢éã劚ãããããã¬ãŒã ã§ãéä¿¡ã«æåãããã¬ãŒã æ°
Carrier Sense Errors ã¬ãŒã ãéä¿¡ããããšããéããã£ãªã¢ã»ã³ã¹ã®ç¶æ³ã倱ãããããæ©èœããªãã£ãåæ°
SQE Test Errors ç¹å®ã®ã€ã³ã¿ãã§ãŒã¹ã® PLSãµãã¬ã€ã€ã§ SQE TEST ERRORã¡ãã»ãŒãžãçæãããåæ°
Frames Too Long ç¹å®ã®ã€ã³ã¿ãã§ãŒã¹ã§åä¿¡ãããã¬ãŒã ã§èš±å®¹æ倧ãã¬ãŒã ãµã€ãºãè¶ ãããã¬ãŒã ã®æ°
Deferred Transmissions ã¡ãã£ã¢ã䜿çšäžã®ãããç¹å®ã®ã€ã³ã¿ãã§ãŒã¹äžã§æåã®éä¿¡è©Šã¿ãé 延ãããã¬ãŒã æ°
Internal MAC Receive Errors
å éšã® MACãµãã¬ã€ã€ãŒãšã©ãŒã«ããç¹å®ã®ã€ã³ã¿ãã§ãŒã¹ãžã®åä¿¡ã«å€±æãããã¬ãŒã æ°
RMON Statistics
Drop Events ãœãŒã¹ã®äžè¶³ã«ãããã±ãããããããããæ°
Jabbers ãã¬ãŒãã³ã°ããããé€ããFCSãªã¯ãããã¯å«ã )1518 ãªã¯ãããããé·ããã¬ãŒã ã§ãFCS åã¯é åãšã©ãŒãå«ãåä¿¡ãã¬ãŒã æ°ã§
Received Bytes ãããã¯ãŒã¯ããåä¿¡ããç·ãã€ãæ°ãæ¬çµ±èšæ å ±ã¯å®¹æãªã€ãŒãµãããå©çšç¶æ³ã®ç®å®ãšãªããŸãã
Collisions æ¬ Ethernetã»ã°ã¡ã³ãäžã®ã³ãªãžã§ã³ã®ç·æ°ã®æè¯æšå®æ°
Received Frames åä¿¡ãããã¹ãŠã®ãã¬ãŒã æ° (äžè¯ãã¬ãŒã ããããŒããã£ã¹ããã¬ãŒã ããã«ããã£ã¹ããã¬ãŒã )
Broadcast Frames åä¿¡ããæ£åžžãªãã¬ãŒã ã®ãã¡ãããŒããã£ã¹ãã¢ãã¬ã¹ã«è»¢éãããã¬ãŒã æ°ããã«ããã£ã¹ããã±ããã¯å«ãŸãªãã
Multicast Frames ä¿¡ããæ£åžžãªãã¬ãŒã ã®ãã¡ããã®ãã«ããã£ã¹ãã¢ãã¬ã¹ã«è»¢éãããã¬ãŒã æ°
CRC/Alignment Errors CRC/é åãšã©ãŒæ° (FCSåã¯é åãšã©ãŒ )
Undersize Frames ãã¬ãŒãã³ã°ããããé€ããFCSãªã¯ãããã¯å«ã )64ãªã¯ãããããçãé·ãã®åä¿¡ãã¬ãŒã æ°ã§ããã®ä»ã®ç¹ã§ã¯æ£åžžãªåä¿¡ãã¬ãŒã æ°
Oversize Frames ãã¬ãŒãã³ã°ããããé€ããFCSãªã¯ãããã¯å«ã )1518ãªã¯ããããããé·ãåä¿¡ãã¬ãŒã ã§ããã®ä»ã®ç¹ã§ã¯æ£åžžãªåä¿¡ãã¬ãŒã æ°
Fragments ãã¬ãŒãã³ã°ããããé€ããFCSãªã¯ãããã¯å«ã )64ãªã¯ããããããå°ããé·ã㧠FCSãããã¯é åãšã©ãŒããã£ãåä¿¡ãã¬ãŒã æ°
64 Bytes Frames äžè¯ãã±ãããå«ãéåä¿¡ããŒã¿ã«ãã¬ãŒã æ° (ãã¬ãŒãã³ã°ããããé€ããFCSãªã¯ãããã¯å«ã¿ãŸãã)
65-127 Byte Frames128-255 Byte Frames256-511 Byte Frames512-1023 Byte Frames1024-1518 Byte Frames1519-1536 Byte Frames
äžè¯ãã±ãããå«ãéåä¿¡ããŒã¿ã«ãã¬ãŒã æ°ã§ãåãªã¯ãããæ°ã®ç¯å²ã«å«ãŸãããã® (ãã¬ãŒãã³ã°ããããé€ããFCSãªã¯ãããã¯å«ã¿ãŸãã)
81 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ããŒãèšå®
èšå®æ¹æ³
[Port]â [Port Statistics]ãã¯ãªãã¯ããŸãã衚瀺ããã€ã³ã¿ãã§ãŒã¹ãéžæã [Query]ãã¯ãªãã¯ããŸãã
ããŒãžäžéšã® Refreshãã¿ã³ã䜿çšããããšã§ã衚瀺ãããŠããå 容ãææ°ã®æ å ±ã«æŽæ°ããããšãã§ããŸãã
82FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ã¢ãã¬ã¹ããŒãã«
2.8 ã¢ãã¬ã¹ããŒãã«
æ¬æ©ã«ã¯èªç¥ãããããã€ã¹ã® MACã¢ãã¬ã¹ãä¿åãããŠããŸãããã®æ å ±ã¯åéä¿¡ããŒãéã§ã®éä¿¡ã®éä¿¡ã«äœ¿çšãããŸããéä¿¡ã®ç£èŠã«ããåŠç¿ãããå šãŠã®MACã¢ãã¬ã¹ã¯åçã¢ãã¬ã¹ããŒãã«ã«ä¿åãããŸãããŸããæåã§ç¹å®ã®ããŒãã«éä¿¡ããéçãªã¢ãã¬ã¹ãèšå®ããããšãã§ããŸãã
2.8.1 åçã¢ãã¬ã¹ããŒãã«ã®èšå®
éçã¢ãã¬ã¹ã¯æ¬æ©ã®æå®ãããã€ã³ã¿ãã§ãŒã¹ã«å²ãåœãŠãããšãã§ããŸããéçã¢ãã¬ã¹ã¯æå®ããã€ã³ã¿ãã§ãŒã¹ã«éä¿¡ãããä»ãžã¯éãããŸãããéçã¢ãã¬ã¹ãä»ã®ã€ã³ã¿ãã§ãŒã¹ã§èŠã€ãã£ãå Žåã¯ãã¢ãã¬ã¹ã¯ç¡èŠããã¢ãã¬ã¹ããŒãã«ã«ã¯ç»é²ãããŸããã
èšå®ã»è¡šç€ºé ç®
Static Address Counts
æåèšå®ããéçã¢ãã¬ã¹æ°Current Static Address Table
éçã¢ãã¬ã¹ã®äžèŠ§Interface
éçã¢ãã¬ã¹ãšé¢é£ããããŒãåã¯ãã©ã³ã¯MAC Address
ã€ã³ã¿ãã§ãŒã¹ã® MACã¢ãã¬ã¹
VLAN
VLAN ID(1-4094)
èšå®æ¹æ³
[Address Table]â [Static Addresses]ãã¯ãªãã¯ããŸããã€ã³ã¿ãã§ãŒã¹ãMACã¢ãã¬ã¹åã³VLANãèšå®ãã[Add Static Address]ãã¯ãªãã¯ããŸãã
83 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ã¢ãã¬ã¹ããŒãã«
2.8.2 ã¢ãã¬ã¹ããŒãã«ã®è¡šç€º
åçã¢ãã¬ã¹ããŒãã«ã«ã¯ãå ¥åãããéä¿¡ã®éä¿¡å ã¢ãã¬ã¹ã®ç£èŠã«ããåŠç¿ãã MACã¢ãã¬ã¹ãä¿åãããŠããŸããå ¥åãããéä¿¡ã®éä¿¡å ã¢ãã¬ã¹ãã¢ãã¬ã¹ããŒãã«å ã§çºèŠãããå Žåããã±ããã¯ã¢ãã¬ã¹ããŒãã«ã«ç»é²ãããé¢é£ããããŒããžçŽæ¥è»¢éãããŸããã¢ãã¬ã¹ããŒãã«ã«èŠã€ãããªãã£ãå Žåã«ã¯å šãŠã®ããŒãã«éä¿¡ãããŸãã
èšå®ã»è¡šç€ºé ç®
Interface
ããŒãåã¯ãã©ã³ã¯
MAC Address
ã€ã³ã¿ãã§ãŒã¹ã® MACã¢ãã¬ã¹
VLAN
VLAN ID (1-4094)
Address Table Sort Key
ãªã¹ãã®äžŠã³ã MACã¢ãã¬ã¹ãVLANãã€ã³ã¿ãã§ãŒã¹ããéžæ
Dynamic Address Counts
åçã«åŠç¿ãã MACã¢ãã¬ã¹æ°
Current Dynamic Address Table
åçã«åŠç¿ããã MACã¢ãã¬ã¹ã®ãªã¹ã
èšå®æ¹æ³
[Address Table]â [Dynamic Addresses]ãã¯ãªãã¯ããŸããQuery ByïŒæ€çŽ¢ãè¡ãçš®é¡ïŒã InterfaceãMAC Addresså㯠VLANããéžæããAddress Table Sort KeyïŒè¡šç€ºããã¢ãã¬ã¹ã®åé¡æ¹æ³ïŒãæå®ãã[Query]ãã¯ãªãã¯ããŸãã
84FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ã¢ãã¬ã¹ããŒãã«
2.8.3 ãšãŒãžã³ã°ã¿ã€ã ã®å€æŽ
åçã¢ãã¬ã¹ããŒãã«ã«åŠç¿ãããã¢ãã¬ã¹ãåé€ããããŸã§ã®æéïŒãšãŒãžã³ã°ã¿ã€ã ïŒãèšå®ããããšãã§ããŸãã
èšå®ã»è¡šç€ºé ç®
Aging Status
ãšãŒãžã³ã°ã¿ã€ã ã®æ©èœã®æå¹ /ç¡å¹
Aging Time
MACã¢ãã¬ã¹ãšãŒãžã³ã°ã¿ã€ã ïŒç¯å²ïŒ10-1000000ç§ãåæèšå®ïŒ300ç§ïŒ
èšå®æ¹æ³
[Address Table]â [Address Aging]ãã¯ãªãã¯ããŸããæ°ãã Aging TimeïŒãšãŒãžã³ã°ã¿ã€ã ïŒãèšå®ãã[Apply]ãã¯ãªãã¯ããŸãã
85 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒã¢ã«ãŽãªãºã
2.9 ã¹ããã³ã°ããªãŒã¢ã«ãŽãªãºã
ã¹ããã³ã°ããªãŒãããã³ã« STPã¯ãããã¯ãŒã¯ã®ã«ãŒããé²ãããŸããã¹ã€ãããããªããžåã³ã«ãŒã¿éã®ããã¯ã¢ãããªã³ã¯ã確ä¿ããããã«äœ¿çšããŸãã
STPæ©èœãæããã¹ã€ãããããªããžåã³ã«ãŒã¿éã§äºãã«é£æºããåæ©åšéã®ãªã³ã¯ã§ 1ã€ã®ã«ãŒããã¢ã¯ãã£ãã«ãªãããã«ããŸãããŸããå¥éããã¯ã¢ããçšã®ãªã³ã¯ãæäŸããã¡ã€ã³ã®ãªã³ã¯ãããŠã³ããå Žåã«ã¯èªåçã«ããã¯ã¢ãããè¡ããŸãã
æ¬æ©ã¯ã以äžã®èŠæ Œã«æºæ ãã STPã«å¯Ÿå¿ããŠããŸãã
⢠STP â Spanning Tree Protocol (IEEE 802.1D)
⢠RSTP â Rapid Spanning Tree Protocol (IEEE 802.1w)
⢠MSTPâ Multiple Spanning Tree Protocol (IEEE 802.1s)
STPã¯ã¹ããã³ã°ããªãŒãããã¯ãŒã¯ã®çµè·¯ãšãªã STP察å¿ã¹ã€ããã»ããªããžåã¯ã«ãŒã¿ãéžæããããã«åæ£ã¢ã«ãŽãªãºã ã䜿çšããŸããããã«ãããããã€ã¹ããã«ãŒãããã€ã¹ã«ãã±ãããéä¿¡ããéã«æå°ã®ãã¹ã³ã¹ããšãªãããã«ã«ãŒãããã€ã¹ãé€ãåããã€ã¹ã®ã«ãŒãããŒãã®èšå®ãè¡ããŸããããã«ãããã«ãŒãããã€ã¹ãã LANã«å¯Ÿãæå°ã®ãã¹ã³ã¹ãã«ããå LANã®æå®ãããããã€ã¹ã«å¯ŸããŠãã±ããã転éãããŸãããã®åŸãæå®ã®ããŒããšããŠåé¢é£ãã LANåã¯ãã¹ãããã€ã¹ãšéä¿¡ããæå®ããªããžäžã®ããŒããéžæããŸãã
æå°ã³ã¹ãã®ã¹ããã³ã°ããªãŒã決å®ããåŸããã¹ãŠã®ã«ãŒãããŒããšæå®ããŒããæå¹ãšãªããä»ã®ããŒãã¯ç¡å¹ãšãªããŸããããã«ãããã±ããã¯ã«ãŒãããŒãããæå®ããŒãã«ã®ã¿éä¿¡ããããããã¯ãŒã¯ã®ã«ãŒããåé¿ãããŸãã
å®å®ãããããã¯ãŒã¯ããããžãŒã確ç«ãããåŸãã«ãŒãããªããžããéä¿¡ããã Hello BPDU(Bridge Protocol Data Units)ããã¹ãŠã®ããªããžãåä¿¡ããŸããå®ããããééïŒæ倧å€ïŒä»¥å ã«ããªããžã Hello BPDUã確èªã§ããªãå Žåãã«ãŒãããªããžãžã®æ¥ç¶ãè¡ã£ãŠãããªã³ã¯ãåæããŸãããããŠããã®ããªããžã¯ãããã¯ãŒã¯ã®åèšå®ãè¡ãªãæå¹ãªãããã¯ãŒã¯ããããžãŒãå埩ããããã«ãä»ã®ããªããžãšããŽã·ãšãŒã·ã§ã³ãéå§ããŸãã
RSTPã¯æ¢åã®é ã STPã«ä»£ããæ©èœãšãããŠããŸããRSTP㯠MSTPã«ãçµã¿èŸŒãŸããŠããŸããRSTPã¯ãããããé害æã®ä»£æ¿ã«ãŒããå®ããããªãŒæ§é ã«é¢é£ã®ãªã転éæ å ±ãåºå¥ããããšã«ãããSTPã«æ¯ã¹çŽ 10åã® 1ã®éãã§ãããã¯ãŒã¯ã®åæ§ç¯ãè¡ããŸãã
STPå㯠RSTPãå©çšããå Žåããã¹ãŠã® VLANã¡ã³ããŒéã§ã®å®å®çãªãã¹ã®æäŸãé£ãããªããŸããããªãŒæ§é ã®é »ç¹ãªå€æŽã«ããäžéšã®ã°ã«ãŒãã¡ã³ããŒãå€ç«ããŠããŸãããšããããŸããïŒRSTPã®æ¡åŒµã§ããïŒMSTPã§ã¯ãVLANã°ã«ãŒãæ¯ã«ç¬ç«ããã¹ããã³ã°ããªãŒãæäŸããããšãã§ããŸããç¹å®ã® VLANã Multiple Spanning Treeã€ã³ã¹ã¿ã³ã¹ (MSTI)ã«å«ãããã«æå®ãããšãMSTIããªãŒãèªåçã«æ§æãããå VLANã®æ¥ç¶ç¶æ³ãç¶æãããŸãã
åã€ã³ã¹ã¿ã³ã¹ã¯ãCommon Spanning Tree (CST)å ã® RSTPããŒããšããŠæ±ãããã®ã§ãMSTPã¯ããããã¯ãŒã¯å šäœãšã®æ¥ç¶ãè¡ãªãããšãã§ããŸãã
DesignatedRoot
DesignatedBridge
DesignatedPort
RootPort
86FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒã¢ã«ãŽãªãºã
2.9.1 ã°ããŒãã«èšå®ã®è¡šç€º
STPæ å ±ããŒãžããçŸåšã® STPã®æ å ±ã確èªããããšãã§ããŸãã
èšå®ã»è¡šç€ºé ç®
Spanning Tree StateSTPãæå¹ã§ STPãããã¯ãŒã¯ã«åå ããŠãããã衚瀺ããŸãã
Bridge ID
STPã§æ¬æ©ãèªèããããã®äžæã® IDã衚瀺ããŸããIDã¯æ¬æ©ã® STPãã©ã€ãªãªãã£ãš MACã¢ãã¬ã¹ããç®åºãããŸããMax Age
æ¬æ©ãåèšå®ãããåã«èšå®ã¡ãã»ãŒãžãåŸ ã¡åããæ倧ã®æéïŒç§ïŒã衚瀺ãããŸãã
æå®ããŒããé€ãå šæ©åšã®ããŒãã§ãéåžžã®ã€ã³ã¿ãŒãã«å ã«èšå®ã¡ãã»ãŒãžãåä¿¡ãããå¿ èŠããããŸããSTPæ å ±ããšãŒãžã¢ãŠããããã¹ãŠã®ããŒãã¯æ¥ç¶ãããŠãã LANã®æå®ããŒãã«å€æŽãããŸããã«ãŒãããŒãã®å Žåããããã¯ãŒã¯ã«æ¥ç¶ãããŠããæ©åšã®ããŒãããæ°ããªã«ãŒãããŒããéžæãããŸããHello Time
ã«ãŒãããã€ã¹ãèšå®ã¡ãã»ãŒãžãéä¿¡ããééïŒç§ïŒã衚瀺ãããŸãã
Forward Delay
æ©åšç¶æ ã®é·ç§»ã«å¯ŸããŠã«ãŒãæ©åšãåŸ æ©ããæ倧ã®æéïŒç§ïŒã§è¡šç€ºãããŸãããã¬ãŒã ã®è»¢éãéå§ãããåã«ãããããžã®å€æŽãæ©åšã«èªèããããããé 延ãèšå®ããå¿ èŠããããŸããããã«åããŒãã§ã¯ãäžæçãªããŒã¿ã®ã«ãŒããé²ããããããŒãããããã¯ç¶æ ã«æ»ã競åæ å ±ã®ãªã¹ãã³ã°ãè¡ãæéãå¿ èŠã«ãªããŸããDesignated Root
ã«ãŒãããã€ã¹ã«èšå®ããããã¹ããã³ã°ããªãŒå ã®æ©åšã®ãã©ã€ãªãªãã£åã³ MACã¢ãã¬ã¹ã衚瀺ãããŸãã
ïŒ Root Port â ã«ãŒãã«æãè¿ãããŒãã®çªå·ã衚瀺ãããŸããã«ãŒãããã€ã¹ãšã®éä¿¡ã¯ããã®ããŒããä»ããŠè¡ãããŸããã«ãŒãããŒããååšããªãå Žåã¯ãæ¬æ©ãã¹ããã³ã°ããªãŒãããã¯ãŒã¯äžã®ã«ãŒãããã€ã¹ãšããŠèšå®ãããããšãè¡šããŸãã
ïŒRoot Path Cost â æ¬æ©ã®ã«ãŒãããŒãããã«ãŒãããã€ã¹ãŸã§ã®ãã¹ã³ã¹ãã衚瀺ãããŸãã
Configuration Changes
ã¹ããã³ã°ããªãŒãåèšå®ãããåæ°ã衚瀺ãããŸãã
Last Topology Change
æåŸã«ã¹ããã³ã°ããªãŒãåèšå®ãããŠããçµéããæéã衚瀺ãããŸãã
èšå®æ¹æ³
[Spanning Tree]â [STA Information] ãã¯ãªãã¯ããŸããçŸåšã® STPæ å ±ã衚瀺ãããŸãã
87 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒã¢ã«ãŽãªãºã
2.9.2 ã°ããŒãã«èšå®
ããã§ã®èšå®ã¯æ¬æ©å šäœã«é©çšãããŸãã
æ©èœè§£èª¬
⢠Spanning Tree Protocolæ¬æ©ã®åæèšå®ã§ã¯ RSTPã«æå®ãããŠããŸãããSTPã«èšå®ã IEEE802.1Dã«æºæ ãã BPDUã®ã¿ãéä¿¡ããããšãã§ããŸãããã®å Žåããããã¯ãŒã¯å šäœã«å¯Ÿã㊠1ã€ã® SpanningTreeã®ã¿ã®èšå®ãè¡ãªããŸãããããããã¯ãŒã¯äžã«è€æ°ã® VLANãèšå®ããå Žåãäžéšã® VLANã¡ã³ããŒéã¯ãããã¯ãŒã¯ã®ã«ãŒããåé¿ããããç¡å¹ãšãªãå ŽåããããŸããè€æ°ã® VLANãæ§æããå Žåã«ã¯ MSTPã䜿çšããããšãæšå¥šããŸãã
⢠Rapid Spanning Tree ProtocolRSTPã¯ã以äžã®ããããã®çä¿¡ãããã³ã«ã¡ãã»ãŒãžãç£èŠãåçã«åãããã³ã«ã¡ãã»ãŒãžã«é©åãããããšã«ãããSTPãš RSTPããŒãã®ã©ã¡ããžã®æ¥ç¶ããµããŒãããŸãã
ïŒ STP Mode â ããŒãã®ç§»åé 延ã¿ã€ããŒãåããåŸã« IEEE802.1D BPDUãåãåããšãæ¬æ©ã¯ IEEE802.1Dããªããžãšæ¥ç¶ããŠãããšå€æããIEEE802.1D BPDUã®ã¿ã䜿çšããŸãã
ïŒ RSTP Mode â RSTPã«ãããŠãããŒã㧠IEEE802.1D BPDUã䜿çšãããŒã移åé 延ã¿ã€ããŒãåããåŸã« RSTP BPDUãåãåããšãRSTPã¯ç§»åé 延ã¿ã€ããŒãåã¹ã¿ãŒããããã®ããŒãã«å¯Ÿã RSTP BPDUã䜿çšããŸãã
⢠Multiple Spanning Tree Protocol
ïŒ ãããã¯ãŒã¯äžã§ MSTPãæå¹ã«ããã«ã¯ãæ¥ç¶ãããé¢é£ããããªããžã«ãããŠãåæ§ã®MSTPã®èšå®ãè¡ãªããã¹ããã³ã°ããªãŒã€ã³ã¹ã¿ã³ã¹ã«åå ããããšãèš±å¯ããå¿ èŠããããŸãã
ïŒ ã¹ããã³ã°ããªãŒã¢ãŒããå€æŽããå Žåãå€æŽåã®ã¢ãŒãã®ã¹ããã³ã°ããªãŒã€ã³ã¹ã¿ã³ã¹ããã¹ãŠæ¢ãããã®åŸæ°ããã¢ãŒãã«ãããŠéä¿¡ãåéããŸããã¹ããã³ã°ããªãŒã®ã¢ãŒãå€æŽæã«ã¯éä¿¡ãäžæçã«é®æãããã®ã§æ³šæããŠäžããã
èšå®ã»è¡šç€ºé ç®
ã°ããŒãã«èšå®ã®åºæ¬èšå®
Spanning Tree State
ã¹ããã³ã°ããªãŒãæå¹åã¯ç¡å¹ã«ããŸãã (åæèšå® :æå¹ )
Spanning Tree Type
䜿çšãããã¹ããã³ã°ããªãŒãããã³ã«ã®çš®é¡ãæå®ããŸãã(åæèšå® :RSTP)
ïŒ STP â Spanning Tree ProtocolïŒIEEE 802.1DãSTPãéžæãããšãæ¬æ©ã¯ RSTPã® STPããã äºæã¢ãŒããšãªããŸãïŒ
ïŒ RSTP â Rapid Spanning Stree Protocol(IEEE 802.1w)
ïŒ MSTP âMultiple Spanning Stree Protocol(IEEE 802.1s)
88FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒã¢ã«ãŽãªãºã
Priority
ã«ãŒãããã€ã¹ãã«ãŒãããŒããæå®ããŒãã®èå¥ã«äœ¿çšããããããã€ã¹ãã©ã€ãªãªãã£ãèšå®ã§ããŸããæäžäœã®ãã©ã€ãªãªãã£ãæã€æ©åšã STPã«ãŒãæ©åšã«ãªããŸãïŒå€ãå°ããã»ã©ãã©ã€ãªãªãã£ãé«ããªããŸãïŒããã¹ãŠã®æ©åšã®ãã©ã€ãªãªãã£ãåãå Žåã¯ãæå°ã® MACã¢ãã¬ã¹ãæã€æ©åšãã«ãŒãæ©åšã«ãªããŸããïŒåæèšå® :32768ãç¯å² : 0-61440ã®å€ã§ 4096ã〠(0ã4096ã8192ã12288ã16384ã20480ã24576ã28672ã32768ã36864ã40960ã45056ã49152ã53248ã57344ã61440)ïŒ
ã«ãŒãæ©åšèšå®
Hello Time
ã«ãŒãããã€ã¹ãèšå®ã¡ãã»ãŒãžãéä¿¡ããééïŒç§ïŒãèšå®ã§ããŸãïŒåæèšå® :2(ç§ )ãæå°å€ :1ãæå€§å€ :10å㯠[(Maximum Age/2)-1]ã®å°ããæ¹ã®å€ïŒ
Maximum Age
æ©åšãåèšå®ãããåã«èšå®ã¡ãã»ãŒãžãåŸ ã¡åãããæ倧ã®æéãç§ã§èšå®ã§ããŸããæå®ããŒããé€ãå šæ©åšã®ããŒãã§ãéåžžã®ã€ã³ã¿ãŒãã«å ã«èšå®ã¡ãã»ãŒãžãåä¿¡ãããå¿ èŠããããŸããSTPæ å ±ããšãŒãžã¢ãŠãããããŒãã¯æ¥ç¶ãããŠãã LANã®æå®ããŒãã«å€æŽãããŸããã«ãŒãããŒãã®å Žåããããã¯ãŒã¯ã«æ¥ç¶ãããŠããæ©åšã®ããŒãããæ°ããªã«ãŒãããŒããéžæãããŸããïŒåæèšå® :20ïŒç§ïŒãæå°å€ :6å㯠[2à (Hello Time+1)]ã®å€§ããæ¹ã®å€ãæå€§å€ :40ããã㯠[2à (Forward Delay-1)]å°ããæ¹ã®å€ïŒ
Forward Delay
æ©åšç¶æ ã®é·ç§»ã«å¯ŸããŠã«ãŒãæ©åšãåŸ æ©ããæ倧ã®æéïŒç§ïŒãèšå®ã§ããŸãããã¬ãŒã ã®è»¢éãéå§ãããåã«ãããããžã®å€æŽãæ©åšã«èªèããããããé 延ãèšå®ããå¿ èŠããããŸããããã«åããŒãã§ã¯ãäžæçãªããŒã¿ã®ã«ãŒããé²ããããããŒãããããã¯ç¶æ ã«æ»ã競åæ å ±ã®ãªã¹ãã³ã°ãè¡ãæéãå¿ èŠã«ãªããŸãïŒåæèšå® :15ïŒç§ïŒãæå°å€ :4å㯠[(Maximum Age/2)+1]ã®å€§ããæ¹ã®å€ãæå€§å€ :30ïŒ
RSTPèšå®
Path Cost Method
ãã¹ã³ã¹ãã¯ããã€ã¹éã®æé©ãªãã¹ã決å®ããããã«äœ¿çšãããŸãããã¹ã³ã¹ãæ¹åŒã¯åã€ã³ã¿ãã§ãŒã¹ã«å²ãåœãŠãããšã®ã§ããå€ã®ç¯å²ã決å®ããã®ã«äœ¿çšãããŸãã
ïŒ Long â 32ãããã® 1-200,000,000ã®å€ (åæå€ïŒ
ïŒ Short â 16ãããã® 1-65535ã®å€
Transmission Limit
ç¶ç¶çãªãããã³ã«ã¡ãã»ãŒãžã®æå°éä¿¡ééã®èšå®ã«ãã BPDUã®æ倧転éã¬ãŒãã®èšå®ãè¡ããŸãïŒç¯å² :1-10ïŒç§ïŒãåæèšå® :3ïŒ
MSTPèšå®
Max Instance Numbers
æ¬æ©ã§èšå®å¯èœãª MSTã€ã³ã¹ã¿ã³ã¹ã®æ倧æ°ïŒåæèšå®ïŒ65ïŒ
Region Revision*
MSTã€ã³ã¹ã¿ã³ã¹ã®ãªããžã§ã³ïŒèšå®ç¯å²ïŒ0-65535ãåæèšå®ïŒ0ïŒ
89 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒã¢ã«ãŽãªãºã
Region Name*
MSTã€ã³ã¹ã¿ã³ã¹åïŒæ倧å€ïŒ32æåïŒ
Maximum Hop Count
BPDUãç Žæ£ãããåã® MSTå ã§ã®æ倧ãããæ°ïŒèšå®ç¯å²ïŒ1-40ãåæèšå®ïŒ20ïŒ
* MST nameåã³ revision number㯠MSTã®ç¹å®ãè¡ãªããããã©ã¡ããå¿ èŠãšãªããŸãã
èšå®æ¹æ³
[Spanning Tree]â [STA Configuration]ãã¯ãªãã¯ããŸããå¿ èŠãªèšå®é ç®ãå€æŽãã[Apply]ãã¯ãªãã¯ããŸãã
90FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒã¢ã«ãŽãªãºã
2.9.3 ã€ã³ã¿ãã§ãŒã¹èšå®ã®è¡šç€º
STA Port Informationåã³ STA Trunk Informationç»é¢ã§ã¯ STAããŒãåã³ STAãã©ã³ã¯ã®çŸåšã®ç¶æ ã衚瀺ããŸãã
èšå®ã»è¡šç€ºé ç®
Spanning Tree
STAã®æå¹ /ç¡å¹ã衚瀺ãããŸãã
STA Status
ã¹ããã³ã°ããªãŒå ã§ã®åããŒãã®çŸåšã®ç¶æ ã衚瀺ããŸã :
ïŒ Discarding â STPèšå®ã¡ãã»ãŒãžãåä¿¡ããŸããããã±ããã®éä¿¡ã¯è¡ã£ãŠããŸããã
ïŒ Learning â ççŸããæ å ±ãåä¿¡ããããšãªããForward Delayã§èšå®ããééã§èšå®ã¡ãã»ãŒãžãéä¿¡ããŠããŸããããŒãã¢ãã¬ã¹ããŒãã«ã¯ã¯ãªã¢ãããã¢ãã¬ã¹ã®åŠç¿ãéå§ãããŠããŸãã
ïŒ Forwarding â ãã±ããã®è»¢éãè¡ãããã¢ãã¬ã¹ã®åŠç¿ãç¶ç¶ãããŠããŸãã
ããŒãç¶æ ã®ã«ãŒã« :
ïŒ STPæºæ ã®ããªããžããã€ã¹ãæ¥ç¶ãããŠããªããããã¯ãŒã¯ã»ã°ã¡ã³ãäžã®ããŒãã¯ãåžžã«è»¢éç¶æ (Forwarding)ã«ãããŸãã
ïŒä»ã® STPæºæ ã®ããªããžããã€ã¹ãæ¥ç¶ãããŠããªãã»ã°ã¡ã³ãäžã«ã2åã®ããŒããååšããå Žåã¯ãIDã®å°ããæ¹ã§ãã±ããã®è»¢éãè¡ãã (Forwarding)ãä»æ¹ã§ã¯ãã±ãããç Žæ£ãããŸã (Discarding)ã
ïŒèµ·åæã«ã¯ãã¹ãŠã®ããŒãã§ãã±ãããç Žæ£ãããŸã (Discarding)ããã®åŸåŠç¿ç¶æ (Learning)ããã©ã¯ãŒãã£ã³ã° (Forwarding)ãžãšé·ç§»ããŸãã
Forward Transitions
ããŒãã転éç¶æ (Forwarding)ã«é·ç§»ããåæ°ã衚瀺ãããŸãã
Designated Cost
ã¹ããã³ã°ããªãŒèšå®ã«ããããæ¬ããŒãããã«ãŒããžã®ã³ã¹ãã衚瀺ãããŸããåªäœãé ãå Žåãã³ã¹ãã¯å¢å ããŸãã
Designated Bridge
ã¹ããã³ã°ããªãŒã®ã«ãŒãã«å°éããéã«ãæ¬ããŒãããéä¿¡ãè¡ãããã€ã¹ã®ãã©ã€ãªãªãã£ãšMACã¢ãã¬ã¹ã衚瀺ãããŸãã
Designated Port
ã¹ããã³ã°ããªãŒã®ã«ãŒãã«å°éããéã«ãæ¬æ©ãšéä¿¡ãè¡ãæå®ããªããžããã€ã¹ã®ããŒãã®ãã©ã€ãªãªãã£ãšçªå·ã衚瀺ãããŸãã
Oper Link Type
ã€ã³ã¿ãã§ãŒã¹ã®å±ãã LANã»ã°ã¡ã³ãã®äœ¿çšäžã® 2ç¹éã®ç¶æ³ããã®é ç®ã¯ STP Port/Trunk ConfigurationããŒãžã® Admin Link Typeã«èšèŒãããŠããããã«æåèšå®åã¯èªåæ€åºã«ãã決å®ãããŸãã
Oper Edge Port
ãã®é ç®ã¯ STP Port/Trunk ConfigurationããŒãžã® Admin Eddge Portã®èšå®ã«ããèšå®ã®ããã«åæåãããŸãããããããã®ããŒããžã®æ¥ç¶ãããä»ã®ããªããžãå«ããBPDUãåä¿¡ããå Žå㯠falseã«èšå®ãããŸãã
91 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒã¢ã«ãŽãªãºã
Port Role
å®è¡äžã®ã¹ããã³ã°ããªãŒããããžã®äžéšã§ããããªããã«åŸã£ãŠåœ¹å²ãå²ãåœãŠãããŠããŸãã
ïŒ RootããŒã â ã«ãŒãããªããžãžã®ããªããžã«æ¥ç¶ããŸãã
ïŒ DesignatedããŒã â ã«ãŒãããªããžãžã®ããªããžãéã㊠LANã«æ¥ç¶ããŸãã
ïŒ MasterããŒã â MSTI regionalã«ãŒã
ïŒ Alternate å㯠BackupããŒã â ä»ã®ããªããžãããªããžããŒãå㯠LANãåæãŸãã¯åé€ãããå Žåã«ãæ¥ç¶ãæäŸããŸãã
ïŒDisabledããŒã â ã¹ããã³ã°ããªãŒå ã§ã®åœ¹å²ããªãå Žåã«ã¯ç¡å¹ (Disabled)ãšãªããŸãã
Trunk Member
ãã©ã³ã¯ã¡ã³ããŒã«èšå®ãããŠãããã©ããã衚瀺ããŸããïŒSTA Port InformationããŒãžã®ã¿ïŒ
èšå®æ¹æ³
[Spanning Tree]â [STA]â [Port Information]å㯠[Trunk Information]ãã¯ãªãã¯ããŸãã
92FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒã¢ã«ãŽãªãºã
2.9.4 ã€ã³ã¿ãã§ãŒã¹èšå®
ããŒããã©ã€ãªãªãã£ããã¹ã³ã¹ãããªã³ã¯ã¿ã€ãåã³ãšããžããŒããå«ãåã€ã³ã¿ãã§ãŒã¹ã® RSTPåã³ MSTPå±æ§ãèšå®ããããšãã§ããŸãã
ãããã¯ãŒã¯ã®ãã¹ãæå®ããããã«åãã¡ãã£ã¢ã¿ã€ãã®ããŒãã«å¯Ÿãç°ãªããã©ã€ãªãªãã£åã¯ãã¹ã³ã¹ããèšå®ããäºç¹éæ¥ç¶ãŸãã¯å ±æã¡ãã£ã¢æ¥ç¶ã瀺ããããªã³ã¯ã¿ã€ããèšå®ããŸãããŸãããã¡ã¹ããã©ã¯ãŒãã£ã³ã°ããµããŒãããæ©åšãæ¥ç¶ããå Žåã«ã¯ãšããžããŒãã®æå®ãè¡ããŸãã(æ¬é ã§ã® "ããŒã "ãšã¯ "ã€ã³ã¿ãã§ãŒã¹ "ãæå³ãããããããŒããšãã©ã³ã¯ã®äž¡æ¹ã瀺ããŸã )
èšå®ã»è¡šç€ºé ç®
以äžã®èšå®ã¯å€æŽããããšã¯ã§ããŸãããSTA Status
ã¹ããã³ã°ããªãŒå ã§ã®åããŒãã®çŸåšã®ç¶æ ã衚瀺ããŸã :
ïŒè©³çŽ°ã¯ P91 ãã€ã³ã¿ãã§ãŒã¹èšå®ã®è¡šç€ºããåç §ããŠäžããïŒ
ïŒ Discarding â STPèšå®ã¡ãã»ãŒãžãåä¿¡ããŸããããã±ããã®éä¿¡ã¯è¡ã£ãŠããŸããã
ïŒ Learning â ççŸããæ å ±ãåä¿¡ããããšãªããForward Delayã§èšå®ããééã§èšå®ã¡ãã»ãŒãžãéä¿¡ããŠããŸããããŒãã¢ãã¬ã¹ããŒãã«ã¯ã¯ãªã¢ãããã¢ãã¬ã¹ã®åŠç¿ãéå§ãããŠããŸãã
ïŒ Forwarding â ãã±ããã®è»¢éãè¡ãããã¢ãã¬ã¹ã®åŠç¿ãç¶ç¶ãããŠããŸããTrunk
ãã©ã³ã¯ã¡ã³ããŒã«èšå®ãããŠãããã©ããã衚瀺ããŸãã
ïŒSTA Port ConfigurationããŒãžã®ã¿ïŒ
以äžã®èšå®ã¯å€æŽããããšãã§ããŸããSpanning Tree
ã€ã³ã¿ãã§ãŒã¹ã® STAã®æå¹ /ç¡å¹ãèšå®ããŸãïŒåæèšå®ïŒæå¹ïŒ
Priority
STPã§ã®åããŒãã®ãã©ã€ãªãªãã£ãèšå®ããŸãã
æ¬æ©ã®å šãŠã®ããŒãã®ãã¹ã³ã¹ããåãå Žåã«ã¯ãæãé«ããã©ã€ãªãªãã£ïŒæãäœãèšå®å€ïŒãã¹ããã³ã°ããªãŒã®ã¢ã¯ãã£ããªãªã³ã¯ãšãªããŸããããã«ãããSTPã«ãããŠãããã¯ãŒã¯ã®ã«ãŒããåé¿ããå Žåã«ãé«ããã©ã€ãªãªãã£ã®ããŒãã䜿çšãããããã«ãªããŸãã2ã€ä»¥äžã®ããŒããæãé«ããã©ã€ãªãªãã£ã®å Žåã«ã¯ãããŒãçªå·ãå°ããããŒããæå¹ã«ãªããŸãïŒåæèšå® : 128ãç¯å² : 0-240ã® 16ãã€ïŒ
Path Cost
ãã®ãã©ã¡ãŒã¿ã¯ STPã«ãããŠããã€ã¹éã§ã®æé©ãªãã¹ã決å®ããããã«èšå®ããŸããäœãå€ãã¹ããŒãã®æ©ãã¡ãã£ã¢ã®ããŒãã«å²ãåœãŠãããããé«ãå€ãããé ãã¡ãã£ã¢ã«å²ãåœãŠãããå¿ èŠããããŸãïŒãã¹ã³ã¹ãã¯ããŒããã©ã€ãªãªãã£ããåªå ãããŸãïŒ
ïŒèšå®ç¯å² :Ethernet: 200,000-20,000,000Fast Ethernet: 20,000-2,000,000Gigabit Ethernet: 2,000-200,000
ïŒåæèšå® :Ethernet â half duplex: 2,000,000ãfull duplex: 1,000,000ããtrunk: 500,000Fast Ethernet â half duplex: 200,000ãfull duplex: 100,000ããtrunk: 50,000Gigabit Ethernet â full duplex: 10,000ãtrunk: 5,000
93 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒã¢ã«ãŽãªãºã
[泚æ ]ã ãã¹ã³ã¹ãæ¹åŒã shortã«èšå®ãããå Žåãæ倧ãã¹ã³ã¹ã㯠65,535ãšãªããŸãã
Admin Link Type
ã€ã³ã¿ãã§ãŒã¹ãžæ¥ç¶ããæ¥ç¶æ¹åŒïŒåæèšå® :AutoïŒ
ïŒ Point-to-Point â ä»ã® 1å°ã®ããªããžãžã®æ¥ç¶
ïŒ Shared â 2å°ä»¥äžã®ããªããžãžã®æ¥ç¶
ïŒ Auto â Point-to-Pointã Sharedã®ã©ã¡ãããèªåçã«å€æããŸãã
Admin Edge Port (Fast Forwarding)
ããªããžå LANã®çµç«¯ããããã¯ããŒãã®çµç«¯ã«ã€ã³ã¿ãã§ãŒã¹ãæ¥ç¶ãããŠããå Žåãæ¬æ©èœãæå¹ã«ããããšãã§ããŸãã
ããŒãã®çµç«¯ã§ã¯ã«ãŒããèµ·ããªããããçŽæ¥ã転éç¶æ ã«ããããšãã§ããŸããEdge Portãæå®ããããšã«ãããã¯ãŒã¯ã¹ããŒã·ã§ã³ããµãŒããªã©ã®ããã€ã¹ãžã®è¿ éãªè»¢éãæäŸãã以åã®è»¢éã¢ãã¬ã¹ããŒãã«ãä¿æããããšã«ãããã¹ããã³ã°ããªãŒåæ§ç¯æã®ã¿ã€ã ã¢ãŠãæéãåæžããŸãã
äœããå¿ ãããŒãã®çµç«¯ããã€ã¹ã«æ¥ç¶ãããŠããããŒãã®ã¿ã§ Edge Portãæå¹ã«ããŠäžããïŒåæèšå®ïŒæå¹ïŒ
Migration
èšå®åã³ããããžå€æŽéç¥ BPDUãå«ã STP BPDUãæ€ç¥ããããšã«ãããèªåçã« STPäºæã¢ãŒãã«å€æŽããããšãã§ããŸãã
ãŸããæ¬æ©èœã®ãã§ãã¯ããã¯ã¹ããã§ãã¯ãæ©èœãæå¹ã«ããããšã«ãããæåã§é©åãªBPDUãã©ãŒãããïŒRSTPå㯠STPäºæïŒã®å確èªãè¡ãããšãã§ããŸãã
èšå®æ¹æ³
[Spanning Tree] â [STA]â [Port Configuration]å㯠[Trunk Configuration]ãã¯ãªãã¯ããŸãã å¿ èŠãªèšå®é ç®ãå€æŽãã[Apply]ãã¯ãªãã¯ããŸãã
94FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒã¢ã«ãŽãªãºã
2.9.5 MSTPèšå®
MSTPã¯åã€ã³ã¹ã¿ã³ã¹ã«å¯Ÿãç¹å®ã®ã¹ããã³ã°ããªãŒãçæããŸããããã«ãããããã¯ãŒã¯äžã«è€æ°ã®ãã¹ãæ§ç¯ããéä¿¡ã®ããŒããã©ã³ã¹ãè¡ããåäžã®ã€ã³ã¹ã¿ã³ã¹ã«äžå ·åãçºçããå Žåã«å€§èŠæš¡ãªãããã¯ãŒã¯ã®é害ãçºçããããšãåé¿ãããšå ±ã«ãäžå ·åã®çºçããã€ã³ã¹ã¿ã³ã¹ã®æ°ããããããžãŒãžã®å€æŽãè¿ éã«è¡ãªããŸãã
åæèšå®ã§ã¯ãã¹ãŠã® VLANã¯ãMSTå ã«æ¥ç¶ãããããªããžããã³ LANã¯ãã¹ãŠå éšã¹ããã³ã°ã»ããªãŒ (MSTã€ã³ã¹ã¿ã³ã¹ 0)ã«å²ãåœãŠãããŸãã
æ¬æ©ã§ã¯æ倧 65ã®ã€ã³ã¹ã¿ã³ã¹ããµããŒãããŠããŸãããããã¯ãŒã¯ã®åäžãšãªã¢ãã«ããŒãã VLANãã°ã«ãŒãåããããã«èšå®ããŠäžããã
äœããåäžã€ã³ã¹ã¿ã³ã¹ã®ã»ããã«ããåäž MSTIå ã®ãã¹ãŠã®ããªããžãåã³åäž VLANã®ã»ããã«ããåäžã€ã³ã¹ã¿ã³ã¹ã圢æããå¿ èŠããããŸããRSTPã¯åäžããŒããšããŠåMSTIãæ±ãããã¹ãŠã® MSTIã Common Spanning TreeãšããŠæ¥ç¶ããç¹ã«æ³šæããŠäžããã
MSTPã䜿çšããã«ã¯ä»¥äžã®æé ã§èšå®ãè¡ãªã£ãŠãã ããã
ïŒ1ïŒã¹ããã³ã°ããªãŒã¿ã€ãã MSTPã«èšå®ããŸã (P88 ãã°ããŒãã«èšå®ãåç § )
ïŒ2ïŒéžæãã MSTã€ã³ã¹ã¿ã³ã¹ã«ã¹ããã³ã°ããªãŒãã©ã€ãªãªãã£ãå ¥åããŸãã
ïŒ3ïŒMSTIãå ±æãã VLANãè¿œå ããŸãã
[泚æ ]ããã¹ãŠã® VLANã¯èªåçã« ISTïŒã€ã³ã¹ã¿ã³ã¹ 0ïŒã«è¿œå ãããŸãã
MSTIããããã¯ãŒã¯äžã§æå¹ã«ããæ¥ç¶ãç¶ç¶ããããã«ã¯ãåæ§ã®èšå®ãé¢é£ããããªããžã«ãããŠè¡ãªãå¿ èŠããããŸãã
èšå®ã»è¡šç€ºé ç®
MST Instance
ã¹ããã³ã°ããªãŒã®ã€ã³ã¹ã¿ã³ã¹ IDïŒåæèšå®ïŒ0ïŒ
Priority
ã¹ããã³ã°ããªãŒã€ã³ã¹ã¿ã³ã¹ã®ãã©ã€ãªãªãã£ïŒç¯å²ïŒ4096é£ã°ãã®å€ã§ 0-61440ãéžæè¢ïŒ0, 4096, 8192, 12288, 16384, 20480, 24576, 28672, 32768, 36864, 40960, 45056, 49152, 53248, 57344, 61440ãåæèšå®ïŒ32768ïŒ
VLANs in MST Instance
ã€ã³ã¹ã¿ã³ã¹ã«æå®ããã VLAN
MST ID
èšå®ã®ããã®ã€ã³ã¹ã¿ã³ã¹ IDïŒèšå®ç¯å²ïŒ0-57ãåæèšå®ïŒ0ïŒ
VLAN ID
MSTã€ã³ã¹ã¿ã³ã¹ã«æå®ãã VLAN IDïŒèšå®ç¯å²ïŒ1-4093ïŒ
ä»ã®é ç®ã¯ãP91 ãã€ã³ã¿ãã§ãŒã¹èšå®ã®è¡šç€ºããåç §ããŠäžããã
95 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒã¢ã«ãŽãªãºã
èšå®æ¹æ³
[Spanning Tree] â [MSTP]â [VLAN Configuration]ãã¯ãªãã¯ããŸãã ãªã¹ããã MSTã€ã³ã¹ã¿ã³ã¹ IDãéžæããã€ã³ã¹ã¿ã³ã¹ãã©ã€ãªãªãã£ãèšå®ãã[Add]ãã¯ãªãã¯ããŸããMSTã€ã³ã¹ã¿ã³ã¹ã« VLANãå ããã«ã¯ãã€ã³ã¹ã¿ã³ã¹ IDãš VLAN IDãå ¥åãã[Add]ãã¯ãªãã¯ããŸãã
96FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒã¢ã«ãŽãªãºã
2.9.6 MSTPã€ã³ã¿ãã§ãŒã¹èšå®ã®è¡šç€º
MSTPããŒã /ãã©ã³ã¯æ å ±ããŒãžã§ã¯ãéžæãã MSTã€ã³ã¹ã¿ã³ã¹ã®çŸåšã®ã¹ããŒã¿ã¹ã衚瀺ããããšãã§ããŸãã
èšå®ã»è¡šç€ºé ç®
MST Instance ID
ã€ã³ã¹ã¿ã³ã¹ IDïŒèšå®ç¯å²ïŒ0-4094ãåæèšå®ïŒ0ïŒ
[泚æ ]ãä»ã®é ç®ã«é¢ããŠã¯ P91 ãã€ã³ã¿ãã§ãŒã¹èšå®ã®è¡šç€ºããåç §ããŠäžããã
èšå®æ¹æ³
[Spanning Tree] â [MSTP]â [Port Information]å㯠[Trunk Information]ãã¯ãªãã¯ããŸãã MSTã€ã³ã¹ã¿ã³ã¹ãéžæããçŸåšã® Spanning Treeã®å€ã衚瀺ããŸãã
97 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒã¢ã«ãŽãªãºã
2.9.7 MSTPã€ã³ã¿ãã§ãŒã¹ã®èšå®
MSTPããŒã /ãã©ã³ã¯èšå®ã«ãã MSTã€ã³ã¹ã¿ã³ã¹ãžã® STAã€ã³ã¿ãã§ãŒã¹ã®èšå®ãè¡ãªãããšãã§ããŸãã
èšå®ã»è¡šç€ºé ç®
以äžã®é ç®ã¯èšå®ãå€æŽã§ããŸããã
STA Status
ã¹ããã³ã°ããªãŒå ã§ã®åããŒãã®çŸåšã®ç¶æ ã衚瀺ããŸã :
ïŒè©³çŽ°ã¯ 2.9.3é ãã€ã³ã¿ãã§ãŒã¹èšå®ã®è¡šç€ºããåç §ããŠäžããïŒ
ïŒ Discarding â STPèšå®ã¡ãã»ãŒãžãåä¿¡ããŸããããã±ããã®éä¿¡ã¯è¡ã£ãŠããŸããã
ïŒ Learning â ççŸããæ å ±ãåä¿¡ããããšãªããForward Delayã§èšå®ããééã§èšå®ã¡ãã»ãŒãžãéä¿¡ããŠããŸããããŒãã¢ãã¬ã¹ããŒãã«ã¯ã¯ãªã¢ãããã¢ãã¬ã¹ã®åŠç¿ãéå§ãããŠããŸãã
ïŒ Forwarding â ãã±ããã®è»¢éãè¡ãããã¢ãã¬ã¹ã®åŠç¿ãç¶ç¶ãããŠããŸãã
Trunk Member
ãã©ã³ã¯ã¡ã³ããŒã«èšå®ãããŠãããã©ããã衚瀺ããŸãã
ïŒSTA Port ConfigurationããŒãžã®ã¿ïŒ
以äžã®é ç®ã¯èšå®ãå€æŽã§ããŸãã
MST Instance ID
èšå®ã®ã€ã³ã¹ã¿ã³ã¹ IDïŒèšå®ç¯å²ïŒ0-4094ãåæèšå®ïŒ0ïŒ
Priority
STPã§ã®åããŒãã®ãã©ã€ãªãªãã£ãèšå®ããŸãã
æ¬æ©ã®å šãŠã®ããŒãã®ãã¹ã³ã¹ããåãå Žåã«ã¯ãæãé«ããã©ã€ãªãªãã£ïŒæãäœãèšå®å€ïŒãã¹ããã³ã°ããªãŒã®ã¢ã¯ãã£ããªãªã³ã¯ãšãªããŸããããã«ãããSTPã«ãããŠãããã¯ãŒã¯ã®ã«ãŒããåé¿ããå Žåã«ãé«ããã©ã€ãªãªãã£ã®ããŒãã䜿çšãããããã«ãªããŸãã2ã€ä»¥äžã®ããŒããæãé«ããã©ã€ãªãªãã£ã®å Žåã«ã¯ãããŒãçªå·ãå°ããããŒããæå¹å°ãªããŸãïŒåæèšå® : 128ãç¯å² : 0-240ã® 16ãã€ïŒ
MST Path Cost
ãã®ãã©ã¡ãŒã¿ã¯ MSTPã«ãããŠããã€ã¹éã§ã®æé©ãªãã¹ã決å®ããããã«èšå®ããŸããäœãå€ãã¹ããŒãã®æ©ãã¡ãã£ã¢ã®ããŒãã«å²ãåœãŠãããããé«ãå€ãããé ãã¡ãã£ã¢ã«å²ãåœãŠãããå¿ èŠããããŸãïŒãã¹ã³ã¹ãã¯ããŒããã©ã€ãªãªãã£ããåªå ãããŸãïŒ
ïŒèšå®ç¯å² :
Ethernet: 200,000-20,000,000
Fast Ethernet: 20,000-2,000,000
Gigabit Ethernet: 2,000-200,000
ïŒåæèšå® :
Ethernet â half duplex: 2,000,000ãfull duplex: 1,000,000ããtrunk: 500,000
Fast Ethernet â half duplex: 200,000ãfull duplex: 100,000ããtrunk: 50,000
Gigabit Ethernet â full duplex: 10,000ãtrunk: 5,000
[泚æ ]ã ãã¹ã³ã¹ãæ¹åŒã shortã«èšå®ãããå Žåãæ倧ãã¹ã³ã¹ã㯠65,535ãšãªããŸãã
98FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒã¢ã«ãŽãªãºã
èšå®æ¹æ³
[Spanning Tree] â [MSTP]â [Port Configuration]å㯠[Trunk Configuration]ãã¯ãªãã¯ããŸãã ã€ã³ã¿ãã§ãŒã¹ã®ãã©ã€ãªãªãã£åã³ãã¹ã³ã¹ããèšå®ãã[Apply]ãã¯ãªãã¯ããŸãã
99 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹VLAN
2.10 VLAN
倧èŠæš¡ãªãããã¯ãŒã¯ã§ã¯ããããŒããã£ã¹ããã©ãã£ãã¯ãåæ£ãããããã«ã«ãŒã¿ã«ããåãµãããããç°ãªããã¡ã€ã³ã«åå²ããŸããæ¬æ©ã§ã¯åæ§ã®ãµãŒãã¹ãã¬ã€ã€ 2ã® VLANæ©èœã«ãããããŒããã£ã¹ããã¡ã€ã³ãåå²ããããããã¯ãŒã¯ã®ã°ã«ãŒããäœæãããããšãã§ããŸããVLANã¯åã°ã«ãŒãã§ãããŒããã£ã¹ããã©ãã£ãã¯ãå¶éãã倧èŠæš¡ãããã¯ãŒã¯ã«ããããããŒããã£ã¹ãã¹ããŒã ãåé¿ããŸãã
ãŸããVLANã«ããå®å šã§å¿«é©ãªãããã¯ãŒã¯ç°å¢ã®æ§ç¯ãè¡ãªãããšãã§ããŸãã
IEEE 802.1Q VLANã¯ããããã¯ãŒã¯äžã©ãã«ã§ãé 眮ããããšãã§ããç©ççã«é¢ããŠããŠãåãç©ççãªã»ã°ã¡ã³ãã«å±ããããã«éä¿¡ãè¡ãããšãã§ããŸãã
VLANã¯ç©ççãªæ¥ç¶ãå€æŽããããšãªãæ°ãã VLANãžããã€ã¹ãè¿œå ããããšãããããã¯ãŒã¯ç®¡çãç°¡åã«è¡ãããšãã§ããŸããVLANã¯ããŒã±ãã£ã³ã°ãR&Dçã®éšéå¥ã®ã°ã«ãŒããe-mailããã«ãã¡ãã£ã¢ã¢ããªã±ãŒã·ã§ã³ãªã©ã®äœ¿çšæ¹æ³ããšã«ã°ã«ãŒãåããè¡ãããšãã§ããŸãã
VLANã¯ãããŒããã£ã¹ãéä¿¡ã軜æžããããšã«ãã巚倧ãªãããã¯ãŒã¯èœåå¹çãå®çŸããIPã¢ãã¬ã¹å㯠IPãµãããããå€æŽããããšãªããããã¯ãŒã¯æ§æã®å€æŽãå¯èœã«ããŸããVLANã¯æ¬è³ªçã«ç°ãªã VLANãžã®éä¿¡ã«ãèšå®ãããã¬ã€ã€ 3ã«ãã転éãå¿ èŠãšãªããããé«æ°Žæºã®ãããã¯ãŒã¯ã»ãã¥ãªãã£ãæäŸããŸãã
æ¬æ©ã§ã¯ä»¥äžã® VLANæ©èœããµããŒãããŠããŸãã
⢠EEE802.1Qæºæ ã®æ倧 255VLANã°ã«ãŒã
⢠GVRPãããã³ã«ãå©çšãããè€æ°ã®ã¹ã€ããéã§ã®åç㪠VLANãããã¯ãŒã¯æ§ç¯
⢠è€æ°ã® VLANã«åå ã§ãããªãŒãã©ããããŒãã®èšå®ãå¯èœãªãã«ããã« VLAN
⢠ãšã³ãã¹ããŒã·ã§ã³ã¯è€æ°ã® VLANãžæå±å¯èœ
⢠VLAN察å¿ãš VLANé察å¿ããã€ã¹éã§ã®éä¿¡ãå¯èœ
⢠ãã©ã€ãªãªãã£ã¿ã®ã³ã°
VLANãžããŒãã®å²ãåœãŠ
VLANãæå¹ã«ããåã«ãåããŒããåå ãã VLANã°ã«ãŒãã«å²ãåœãŠãå¿ èŠããããŸããåæèšå®ã§ã¯å šãŠã®ããŒãã VLAN 1ã«ã¿ã°ãªãããŒããšããŠå²ãåœãŠãããŠããŸãã1ã€åã¯è€æ°ã®VLANã§éä¿¡ãè¡ãå ŽåããVLANã«å¯Ÿå¿ãããããã¯ãŒã¯æ©åšããã¹ããšéä¿¡ãè¡ãå Žåã«ã¯ãã¿ã°ä»ããŒããšããŠèšå®ãè¡ããŸãããã®åŸãæåå㯠GVRPã«ããåçãªèšå®ã«ãããåãVLANäžã§éä¿¡ãè¡ãããä»ã® VLAN察å¿ããã€ã¹äžã§ããŒããå²ãåœãŠãŸãã
ãããã1ã€åã¯è€æ°ã® VLANã«ããŒããåå ããéã«ã察åã®ãããã¯ãŒã¯æ©åšããã¹ããVLANã«å¯Ÿå¿ããŠãªãå Žåã«ã¯ããã®ããŒããã¿ã°ãªãããŒããšããŠèšå®ãè¡ãå¿ èŠããããŸãã
[泚æ ]ã ã¿ã°ä» VLAN ãã¬ãŒã 㯠VLAN察å¿åã³ VLANé察å¿ã®ãããã¯ãŒã¯æ©åšãéãããšãã§ããŸãããVLANã¿ã°ã«å¯Ÿå¿ããŠããªãçµç«¯ããã€ã¹ã«å°éããåã«ã¿ã°ãå€ãå¿ èŠããããŸãã
VLANã®åé¡ â ãã¬ãŒã ãåä¿¡ããéãã¹ã€ãã㯠2çš®é¡ã®ãã¡ 1çš®é¡ã®ãã¬ãŒã ãšããŠèªèããŸããã¿ã°ãªããã¬ãŒã ã®å Žåãåä¿¡ããããŒãã® PVIDã«åºã¥ãã VLANã«ãã¬ãŒã ãå²ãåœãŠãŸããã¿ã°ä»ãã¬ãŒã ã®å ŽåãVLAN IDã¿ã°ã䜿çšããŠãã¬ãŒã ã®ããŒããããŒããã£ã¹ããã¡ã€ã³ãå²ãåœãŠãŸãã
ããŒãã®ãªãŒãã©ãã â ããŒãã®ãªãŒãã©ããã¯ããã¡ã€ã«ãµãŒãåã¯ããªã³ã¿ã®ããã«ç°ãªã£ã VLANã°ã«ãŒãéã§å ±æããããããã¯ãŒã¯ãªãœãŒã¹ãžã®ã¢ã¯ã»ã¹ãèš±å¯ããããã«äœ¿çšããŸãã
ãªãŒãã©ãããè¡ããªã VLANãèšå®ããVLANéã§ã®éä¿¡ãè¡ãå¿ èŠãããå Žåã«ã¯ã¬ã€ã€ 3ã«ãŒã¿åã¯ã¹ã€ããã䜿çšããããšã«ããéä¿¡ãè¡ããŸãã
100FXC9012F
Webã€ã³ã¿ãã§ãŒã¹VLAN
ã¿ã°ãªã VLAN â ã¿ã°ãªãåã¯éç VLANã¯ãããŒããã£ã¹ããã©ãã£ãã¯ã®è»œæžåã³ã»ãã¥ãªãã£ã®ããã䜿çšãããŸãã
VLANã«å²ãåœãŠããããŠãŒã¶ã°ã«ãŒãããä»ã® VLANãšåãããããããŒããã£ã¹ããã¡ã€ã³ãšãªããŸãããã±ããã¯åã VLANå ã®æå®ãããããŒãéã§ã®ã¿éä¿¡ãããŸããã¿ã°ãªãVLANã¯æåã§ã®ãŠãŒã¶ã°ã«ãŒãåã¯ãµããããã®åå²ãè¡ããŸãããŸããGVRPã䜿çšããIEEE802.3ã¿ã° VLANã«ãããå®å šã«èªååãã VLANç»é²ãè¡ãããšãå¯èœãšãªããŸãã
èªå VLANç»é² â GVRP (GARP VLAN Registration Protocol)ã¯åçµç«¯è£ 眮ã VLANãå²ãåœãŠãããå¿ èŠãããå Žåã«ãVLANãèªåçã«åŠç¿ãèšå®ãè¡ããŸããçµç«¯è£ 眮ïŒåã¯ãã®ãããã¯ãŒã¯ã¢ããã¿ïŒã IEEE802.1Q VLANãããã³ã«ã«å¯Ÿå¿ããŠããå Žåãåå ããã VLANã°ã«ãŒããæ瀺ããã¡ãã»ãŒãžããããã¯ãŒã¯ã«éä¿¡ããããã®èšå®ãè¡ãããšãã§ããŸããæ¬æ©ããããã®ã¡ãã»ãŒãžãåä¿¡ããéãæå®ããã VLANã®åä¿¡ããŒããžèªåçã«è¿œå ããã¡ãã»ãŒãžãä»ã®å šãŠã®ããŒããžè»¢éããŸãã
ã¡ãã»ãŒãžãä»ã® GVRP察å¿ã®ã¹ã€ããã«å±ãããšãã«ããåæ§ã«æå®ããã VLANã®åä¿¡ããŒããžè¿œå ãããä»ã®å šãŠã®ããŒããžã¡ãã»ãŒãžãéãããŸããVLANã®èŠæ±ã¯ãããã¯ãŒã¯ãéããŠéãããŸããGVRP察å¿ããã€ã¹ã¯ãçµç«¯è£ 眮ã®èŠæ±ã«åºã¥ãèªåçã« VLANã°ã«ãŒãã®æ§æãè¡ãããšãå¯èœãšãªããŸãã
ãããã¯ãŒã¯ã§ GVRPã䜿çšããããã«ãæåã«èŠæ±ããã VLANãžïŒOSåã¯ã¢ããªã±ãŒã·ã§ã³ã䜿çšããŠïŒãã¹ãããã€ã¹ãè¿œå ããŸãããã®åŸããã® VLANæ å ±ããããã¯ãŒã¯äžãžäŒéãããŸãããã¹ãã«çŽæ¥æ¥ç¶ããããšããžã¹ã€ããããã³ãããã¯ãŒã¯ã®ã³ã¢ã¹ã€ããã«ãããŠGVRPãæå¹ã«ããŸãããŸãããããã¯ãŒã¯ã®ã»ãã¥ãªãã£å¢çç·ã決ããéç¥ã®äŒéãé²ãããããŒãã® GVRPãç¡å¹ã«ããããããŒãã® VLANãžã®åå ãçŠæ¢ããå¿ èŠããããŸãã
[ 泚æ ]ãGVRP ã«å¯Ÿå¿ããŠããªããã¹ãããã€ã¹ã§ã¯ãããã€ã¹ãžæ¥ç¶ããããŒãã§éçVLANãèšå®ããå¿ èŠããããŸãããŸããã³ã¢ã¹ã€ãããšãšããžã¹ã€ããã«ãããŠGVRPãæå¹ã«ããå¿ èŠããããŸãã
ã¿ã°ä»ã»ã¿ã°ãªããã¬ãŒã ã®éä¿¡
1å°ã®ã¹ã€ããã§ããŒãããŒã¹ã® VLANãæ§æããå Žåãåãã¿ã°ãªã VLANã«ããŒããå²ãåœãŠãããšã§æ§æã§ããŸããããããè€æ°ã®ã¹ã€ããéã§ã® VLANã°ã«ãŒãã«åå ããããã«ã¯ãå šãŠã®ããŒããã¿ã°ä»ããŒããšãã VLANãäœæããå¿ èŠããããŸãã
åããŒãã¯è€æ°ã®ã¿ã°ä»åã¯ã¿ã°ãªã VLANã«å²ãåœãŠãããšãã§ããŸãããŸããåããŒãã¯ã¿ã°ä»åã³ã¿ã°ãªããã¬ãŒã ãééãããããšãã§ããŸãã
VLAN察å¿æ©åšã«éããããã¬ãŒã ã¯ãVLANã¿ã°ãä»ããŠéä¿¡ãããŸããVLANæªå¯Ÿå¿æ©åšïŒç®çãã¹ããå«ãïŒã«éããããã¬ãŒã ã¯ãéä¿¡åã«ã¿ã°ãåãé€ããªããã°ãªããŸãããã¿ã°ä»ãã¬ãŒã ãåä¿¡ããå Žåã¯ããã®ãã¬ãŒã ããã¬ãŒã ã¿ã°ã«ããæ瀺ãããVLANãžéããŸããVLANé察å¿æ©åšããã¿ã°ãªããã¬ãŒã ãåä¿¡ããå Žåã¯ããã¬ãŒã ã®è»¢éå ã決ããé²å ¥ããŒãã®ããã©ã«ã VIDã衚瀺ãã VLANã¿ã°ãæ¿å ¥ããŸãã
3 5 7 8
1013
1416
1215
1711
64
18
21
9
Port-based VLAN
101 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹VLAN
2.10.1 GVRPã®æå¹ã»ç¡å¹ïŒGlobal SettingïŒ
GARP VLAN Registration Protocol (GVRP)ã¯ãVLAN æ å ±ã®äº€æãè¡ããããã¯ãŒã¯äžã®VLANã¡ã³ããŒããŒãã®ç»é²ãè¡ãªãæ¹æ³ãå®çŸ©ããŸããVLAN ã¯ãããã¯ãŒã¯äžã®ãã¹ãããã€ã¹ã«ããçºè¡ããã joinã¡ãã»ãŒãžã«ãããèªåçã«èšå®ãããŸããèªåç㪠VLANã®ç»é²ãèš±å¯ããããã«ã¯ãGVRPãæå¹ã«ããå¿ èŠããããŸãïŒåæèšå®ïŒDisabledïŒ
èšå®æ¹æ³
[VLAN] â [802.1Q VLAN]â [GVRP Status]ãã¯ãªãã¯ããŸãã GVRPãæå¹ (Enable)åã¯ç¡å¹ (Disable)ã«èšå®ãã[Apply]ãã¯ãªãã¯ããŸãã
2.10.2 VLANåºæ¬æ å ±ã®è¡šç€º
VLANåºæ¬æ å ±ããŒãžã§ã¯æ¬æ©ã§ãµããŒãããŠãã VLANã®çš®é¡ãªã©ã®åºæ¬çãªæ å ±ã衚瀺ããŸãã
èšå®ã»è¡šç€ºé ç®
VLAN Version Number
æ¬æ©ã§äœ¿çšããŠãã IEEE 802.1Qæšæºã® VLANã®ããŒãžã§ã³
Maximum VLAN ID
æ¬æ©ã§èªèå¯èœãª VLAN IDã®æ倧å€
Maximum Number of Supported VLANs
æ¬æ©ã§èšå®ããããšã®ã§ããæ倧 VLANæ°
èšå®æ¹æ³
[VLAN]â [802.1Q VLAN]â [Basic Information]ãã¯ãªãã¯ããŸãã
102FXC9012F
Webã€ã³ã¿ãã§ãŒã¹VLAN
2.10.3 çŸåšã® VLAN衚瀺
VLAN Current Tableã¯ãçŸåšã®å VLANã®ããŒãã¡ã³ããŒåã³ããŒãã VLANã¿ã®ã³ã°ã«å¯Ÿå¿ããŠãããã衚瀺ããŸããè€æ°ã®ã¹ã€ããéã®å€§ã㪠VLANã°ã«ãŒãã«åå ããããŒã㯠VLANã¿ã®ã³ã°ã䜿ãå¿ èŠããããŸãããããã1å°å㯠2å°çšåºŠã®ã¹ã€ããã«ãã VLANãäœæããå Žåã«ã¯ãVLANã¿ã®ã³ã°ãç¡å¹ã«ããããšãã§ããŸãã
èšå®ã»è¡šç€ºé ç®
VLAN ID
èšå®ãããŠãã VLANã® ID (1-4094)
Up Time at Creation
VLANãäœæãããŠããã®çµéæé
Status
VLANã®èšå®æ¹æ³ :
ïŒ Dynamic GVRP â GVRPã䜿çšããŠã®èªååŠç¿
ïŒ Permanent â éçãªæåèšå®
Egress Ports
ãã¹ãŠã® VLANããŒãã¡ã³ããŒ
Untagged Ports
ã¿ã°ãªã VLANããŒãã¡ã³ããŒ
èšå®æ¹æ³
[VLAN]â [802.1Q VLAN]â [Current Table]ãã¯ãªãã¯ããŸããã¹ã¯ããŒã«ããŠã³ãªã¹ãããVLAN IDãéžæããŸãã
103 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹VLAN
2.10.4 VLANã®äœæ
VLAN Static Listã䜿çšããVLANã°ã«ãŒãã®äœæåã³åé€ãè¡ããŸããå€éšã®ãããã¯ãŒã¯æ©åšãžæ¬æ©ã§äœ¿çšãããŠãã VLANã°ã«ãŒãã«é¢ããæ å ±ãäŒããããããããã® VLANã°ã«ãŒãããããã« VLAN IDãèšå®ããå¿ èŠããããŸãã
èšå®ã»è¡šç€ºé ç®
Current
ãã®ã·ã¹ãã ãäœæããå šãŠã®çŸåšã® VLANã°ã«ãŒãã衚瀺ããŸããæ倧 255åã® VLANã°ã«ãŒããèšå®ããããšãã§ããŸããVLAN 1ã¯ããã©ã«ãã¿ã°ãªã VLANã§ãã
New
æ°ãã VLANã°ã«ãŒãã®åååã³ IDãèšå®ããŸããïŒVLANåã¯æ¬æ©ã§ç®¡ççšã«å©çšãããVLANã¿ã°ã«ã¯èšèŒãããŸããïŒ
VLAN ID
èšå®ãã VLANã® IDïŒ1ãã 4094ïŒ
VLAN Name
VLANå (1ãã 32æå )
Status (Web)
ãã® VLANãæå¹ã«ããŸãã
ïŒ Enable: VLAN ã¯äœ¿çšããããšãã§ããŸãã
ïŒ Disable: VLAN ã¯åæ¢ãããŸããStatus (CLI)
ãã® VLANãæå¹ã«ããŸãã
ïŒ Active: VLAN ã¯äœ¿çšããããšãã§ããŸãã
ïŒ Suspend: VLAN ã¯åæ¢ãããŸããAdd
ãªã¹ãã«æ°ãã VLANã°ã«ãŒããè¿œå ããŸãã
Remove
ãªã¹ããã VLANã°ã«ãŒããåé€ããŸããããŒããã¿ã°ãªãããŒããšããŠãã®ã°ã«ãŒãã«å²ãåœãŠãããŠããå Žåãã¿ã°ãªãããŒããšã㊠VLAN 1ã«å²ãåœãŠãããŸãã
èšå®æ¹æ³
[VLAN]â [802.1Q VLAN]â [Static List]ãã¯ãªãã¯ããŸããVLAN IDãš VLAN Nameãå ¥åã VLANãã¢ã¯ãã£ãã«ããããã« Enableãã§ãã¯ããã¯ã¹ããã§ãã¯ãã[Add]ãã¯ãªãã¯ããŸãã
104FXC9012F
Webã€ã³ã¿ãã§ãŒã¹VLAN
2.10.5 VLANãžã®éçã¡ã³ããŒã®è¿œå ïŒVLAN IndexïŒ
ããŒãã¡ãã¥ãŒãã䜿çšããéžæãã VLANã®ããŒãã¡ã³ããŒã®èšå®ãè¡ãªããŸãã
IEEE802.1Q VLANæºæ ã®æ©åšãšæ¥ç¶ããå Žåã«ã¯ããŒãã¯ã¿ã°ä»ãšããŠèšå®ããVLANé察å¿æ©åšãšæ¥ç¶ããå Žåã«ã¯ã¿ã°ãªããšããŠèšå®ããŸãããŸããGVRPã«ããèªå VLANç»é²ããåé¿ããããããŒãã®èšå®ãè¡ãªããŸãã
[泚æ ]ã P107 ãVLANãžã®éçã¡ã³ããŒã®è¿œå ïŒPort IndexïŒãã§ããããŒãã€ã³ããã¯ã¹ãå ã« VLANã°ã«ãŒãã®èšå®ãè¡ãªãããšãã§ããŸãããã¿ã°ä»ãšããŠããããŒãã®è¿œå ã¯ã§ããŸããã
[泚æ ]ã VLAN 1ã¯æ¬æ©ã®ãã¹ãŠã®ããŒããåå ããããã©ã«ãã¿ã°ãªã VLANã§ããP108ãã€ã³ã¿ãã§ãŒã¹ã® VLANåäœã®èšå®ãã«ããããã©ã«ãããŒã VLAN IDãå€æŽããããšãã§ããŸãã
èšå®ã»è¡šç€ºé ç®
VLAN
èšå®ããã VLAN IDïŒ1ãã 4094ïŒ
Name
VLANåïŒ1ãã 32æåïŒ
Status
ãã® VLANãæå¹ãç¡å¹ãã衚瀺ããŸãã
ïŒ Enable: VLAN ã¯äœ¿çšããããšãã§ããŸãã
ïŒ Disable: VLAN ã¯åæ¢ãããŸãã
Port
ããŒãçªå·
Membership Type
ã©ãžãªãã¿ã³ãããŒã¯ããããšã«ãããåã€ã³ã¿ãã§ãŒã¹ãžã® VLANã¡ã³ããŒã·ãããéžæããŸãã
ïŒ Tagged âã€ã³ã¿ãã§ãŒã¹ã¯ VLANã®ã¡ã³ããŒãšãªããŸããããŒãããéä¿¡ãããå šãŠã®ãã±ããã«ã¿ã°ãã€ããããŸããã¿ã°ã«ãã VLANåã³ CoSæ å ±ãéã°ããŸãã
ïŒ Untagged âã€ã³ã¿ãã§ãŒã¹ã¯ VLANã®ã¡ã³ããŒãšãªããŸããããŒããã転éãããå šãŠã®ãã±ããããã¿ã°ãã¯ããããŸããã¿ã°ã«ãã VLANåã³ CoSæ å ±ã¯éã°ããŸãããåã€ã³ã¿ãã§ãŒã¹ã¯ã¿ã°ãªãããŒããšããŠæäœ 1ã€ã®ã°ã«ãŒãã«å²ãåœãŠãªããã°ãããŸããã
ïŒ Forbidden âGVRPã䜿çšãã VLANãžã®èªåçãªåå ãçŠæ¢ããŸãã詳现㯠P2-97ãGVRPããåç §ããŠäžããã
ïŒ None âã€ã³ã¿ãã§ãŒã¹ã¯ VLANã®ã¡ã³ããŒã§ã¯ãããŸããããã® VLANã«é¢é£ãããã±ããã¯ãã€ã³ã¿ãã§ãŒã¹ããéä¿¡ãããŸããã
ïŒ Trunk Member
ããŒãããã©ã³ã¯ã¡ã³ããŒã®å Žåã«è¡šç€ºãããŸããVLANã§ã®ãã©ã³ã¯ãè¿œå ããããã«ã¯ãããŒãžäžéšã®ããŒãã«ã䜿çšããŸãã
105 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹VLAN
èšå®æ¹æ³
[VLAN]â [802.1QVLAN]â [Static Table]ãã¯ãªãã¯ããŸããã¹ã¯ããŒã«ããŠã³ãªã¹ãããVLAN IDãéžæããŸããVLANã® Nameãš Statusãå¿ èŠã«å¿ããŠå€æŽããŸããåããŒãåã¯ãã©ã³ã¯ã®é©åãªã©ãžãªãã¿ã³ãããŒã¯ãã¡ã³ããŒã·ããã®çš®é¡ãéžæããŠã[Apply]ãã¯ãªãã¯ããŸãã
106FXC9012F
Webã€ã³ã¿ãã§ãŒã¹VLAN
2.10.6 VLANãžã®éçã¡ã³ããŒã®è¿œå ïŒPort IndexïŒ
éç VLANã¡ã³ããŒã·ããã䜿çšããVLANã°ã«ãŒããéžæããã€ã³ã¿ãã§ãŒã¹ã«ã¿ã°ä»ã¡ã³ããŒãšããŠè¿œå ããŸãã
èšå®ã»è¡šç€ºé ç®
Interface
ããŒãåã¯ãã©ã³ã¯çªå·
Member
éžæãããã€ã³ã¿ãã§ãŒã¹ãã¿ã°ä»ã¡ã³ããŒãšããŠç»é²ãããŠãã VLAN
Non-Member
éžæãããã€ã³ã¿ãã§ãŒã¹ãã¿ã°ä»ã¡ã³ããŒãšããŠç»é²ãããŠããªã VLAN
èšå®æ¹æ³
[VLAN]â [802.1Q VLAN]â [Static Membership]ãã¯ãªãã¯ããŸããã¹ã¯ããŒã«ããŠã³ãªã¹ãããã€ã³ã¿ãã§ãŒã¹ãéžæããŸãã[Query]ãã¯ãªãã¯ããã€ã³ã¿ãã§ãŒã¹ã®ã¡ã³ããŒã·ããã€ã³ãã©ã¡ãŒã·ã§ã³ã衚瀺ããŸããVLAN IDãéžæããã€ã³ã¿ãã§ãŒã¹ãã¿ã°ä»ã¡ã³ããŒãšããŠè¿œå ããããã« [Add]ãã¯ãªãã¯ããŸããã€ã³ã¿ãã§ãŒã¹åé€ããå Žåã«ã¯[Remove]ãã¯ãªãã¯ããŸãã
åã€ã³ã¿ãã§ãŒã¹ã® VLANã¡ã³ããŒã·ããã®èšå®åŸã[Apply]ãã¯ãªãã¯ããŸãã
107 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹VLAN
2.10.7 ã€ã³ã¿ãã§ãŒã¹ã® VLANåäœã®èšå®
ããã©ã«ã VLAN IDãå©çšå¯èœãªãã¬ãŒã ã®çš®é¡ãã€ã³ã°ã¬ã¹ãã£ã«ã¿ãªã³ã°ãGVRPã¹ããŒã¿ã¹åã³ GARPã¿ã€ããŒãå«ãåã€ã³ã¿ãã§ãŒã¹ã® VLANã«é¢ããåäœã®èšå®ãè¡ãããšãã§ããŸãã
æ©èœè§£èª¬
⢠GVRP â GARP VLAN ç»é²ãããã³ã«ã¯ãããã¯ãŒã¯ãéãã€ã³ã¿ãã§ãŒã¹ã®VLANã¡ã³ããŒãèªåçã«ç»é²ããããã« VLAN æ å ±ã亀æããããã®ã¹ã€ãããžã®æ¹æ³ã決å®ããŸãã
⢠GARP â ã°ã«ãŒãã¢ãã¬ã¹ç»é²ãããã³ã«ã¯ããªããž LANå ã®ã¯ã©ã€ã¢ã³ããµãŒãã¹ã®ããã«ã¯ã©ã€ã¢ã³ãå±æ§ãç»é²ãŸãã¯ç»é²ã®åãæ¶ãã®ããã® GVRPã«ãã䜿çšãããŸããGARPã¿ã€ããŒã®åæå€ã¯ã¡ãã£ã¢ã¢ã¯ã»ã¹æ¹æ³åã¯ããŒã¿è»¢éé床ã®ç¬ç«ãããã®ã§ãããããã®å€ã¯ GVRPç»é²åã¯ç»é²ã®åãæ¶ãã®åé¡ã«çŽé¢ããªãéãå€æŽãããŸããã
èšå®ã»è¡šç€ºé ç®
PVID
ã¿ã°ãªããã¬ãŒã ãåä¿¡ããéã«ä»ãã VLAN IDïŒåæèšå® : 1ïŒ
ïŒã€ã³ã¿ãã§ãŒã¹ã VLAN 1ã®ã¡ã³ããŒã§ãªãå Žåã«ããã® VLANãž PVID â1âãå²ãåœãŠãå Žåãã€ã³ã¿ãã§ãŒã¹ã¯èªåçã«ã¿ã°ãªãã¡ã³ããŒãšã㊠VLAN 1ã«åå ããŸãããã®ä»ã® VLANã«é¢ããŠã¯ããŸããStatic tableãïŒ105 ããŒãžã®ãVLANãžã®éçã¡ã³ããŒã®è¿œå ïŒVLAN IndexïŒããåç §ïŒã«ãŠãå VLANã«æå±ããŠããããŒãããšã« Tagä»ããTagãªãã®èšå®ãè¡ãå¿ èŠããããŸãã
Acceptable Frame Type(åãå ¥ãå¯èœãªãã¬ãŒã ã®çš®é¡ )
å šãŠã®ãã¬ãŒã åã¯ã¿ã°ä»ãã¬ãŒã ã®ã¿ã®ã©ã¡ããåãå ¥ãå¯èœãªãã¬ãŒã ã®çš®é¡ãèšå®ããŸããå šãŠã®ãã¬ãŒã ãéžæããå Žåã«ã¯ãåä¿¡ããã¿ã°ãªããã¬ãŒã ã¯ããã©ã«ã VLANã«å²ãåœãŠãããŸãã(éžæè¢ :å šãŠåã¯ã¿ã°ä»ããåæèšå® :å šãŠ (all))
Ingress Filtering
å ¥åããŒããã¡ã³ããŒã§ãªã VLANã®ã¿ã°ä»ãã¬ãŒã ãåä¿¡ããå Žåã®åŠçãèšå®ããŸãïŒåæèšå®ïŒæå¹ (Enabled)ïŒ
ïŒã€ã³ã°ã¬ã¹ãã£ã«ã¿ãªã³ã°ã¯ã¿ã°ä»ãã¬ãŒã ã§ã®ã¿æ©èœããŸãã
ïŒã€ã³ã°ã¬ã¹ãã£ã«ã¿ãªã³ã°ãæå¹ã§ãããŒããã¡ã³ããŒã§ãªã VLANã®ã¿ã°ä»ãã¬ãŒã ãåä¿¡ããå Žåãåä¿¡ãã¬ãŒã ãç Žæ£ããŸãã
ïŒã€ã³ã°ã¬ã¹ãã£ã«ã¿ãªã³ã°ã¯GVRPåã¯STPçã®VLANãšé¢é£ããªãBPDUãã¬ãŒã ã«æ©èœããŸãããããããGMRPã®ãã㪠VLANã«é¢é£ãã BPDUãã¬ãŒã ã«ã¯æ©èœããŸãã
Mode
ããŒãã® VLANã¡ã³ããŒã·ããã¢ãŒãã衚瀺ããŸãïŒ(åæèšå® :Hybrid)
ïŒ 1Q Trunk â VLANãã©ã³ã¯ã®çµç«¯ãšãªã£ãŠããããŒããæå®ããŸãããã©ã³ã¯ã¯ 2å°ã®ã¹ã€ããã®çŽæ¥æ¥ç¶ãšãªããããŒãã¯çºä¿¡å VLANã®ã¿ã°ä»ãã¬ãŒã ãéä¿¡ããŸããããããããŒãã®ããã©ã«ã VLANã«å±ãããã¬ãŒã ã¯ã¿ã°ãªããã¬ãŒã ãéä¿¡ãããŸãã
ïŒ Hybrid â ãã€ããªãã VLANã€ã³ã¿ãã§ãŒã¹ãæå®ããŸããããŒãã¯ã¿ã°ä»åã¯ã¿ã°ãªããã¬ãŒã ãéåä¿¡ããŸããTrunk Member
ããŒãããã©ã³ã¯ã¡ã³ããŒã®å Žåã«è¡šç€ºãããŸããVLANã§ã®ãã©ã³ã¯ãè¿œå ããããã«ã¯ãããŒãžäžéšã®ããŒãã«ã䜿çšããŸãã
108FXC9012F
Webã€ã³ã¿ãã§ãŒã¹VLAN
èšå®æ¹æ³
[VLAN]â [802.1Q VLAN]â [Port Configuration]å㯠[VLAN Trunk Configuration]ãã¯ãªãã¯ããŸããåã€ã³ã¿ãã§ãŒã¹ã§å¿ èŠãªé ç®ãèšå®ã [Apply]ãã¯ãªãã¯ããŸãã
2.10.8 ãã©ã€ããŒã VLANã®èšå®
ãã©ã€ããŒã VLANã¯ãããŒãããŒã¹ã®ã»ãã¥ãªãã£ãš VLANå ã®ããŒãéã®ç¬ç«ã確ä¿ããšãã§ããŸããããŠã³ãªã³ã¯ããŒãã¯ã¢ãããªã³ã¯ããŒããšã®ã¿ããŒã¿ã®è»¢éãè¡ãªãããšãã§ããŸãïŒãã©ã€ããŒã VLANãšéåžžã® VLANã¯åäžæ©åšå ã«äž¡æ¹ã®èšå®ãè¡ãããšãå¯èœã§ãïŒ
ãã©ã€ããŒã VLANã®æå¹å
ãã©ã€ããŒã VLANã¹ããŒã¿ã¹ããŒãžã§ãã©ã€ããŒã VLANæ©èœã®æå¹ /ç¡å¹ã®èšå®ãè¡ãªãããšãã§ããŸãã
èšå®æ¹æ³
[VLAN]â [Private VLAN]â [Status]ãã¯ãªãã¯ããŸããã¹ã¯ããŒã«ããŠã³ãªã¹ããã Enable/Disableãéžæãã[Apply]ãã¯ãªãã¯ããŸãã
109 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹VLAN
ã¢ãããªã³ã¯ã»ããŠã³ãªã³ã¯ããŒãã®èšå®
ãã©ã€ããŒã VLANãªã³ã¯ã¹ããŒã¿ã¹ããŒãžã§ã¯åããŒããããŠã³ãªã³ã¯åã¯ã¢ãããªã³ã¯ããŒãã«èšå®ã§ããŸããããŠã³ãªã³ã¯ããŒãã«æå®ããããŒãã¯ã¢ãããªã³ã¯ããŒã以å€ãšã®éä¿¡ã¯ã§ããªããªããŸããã¢ãããªã³ã¯ããŒãã«æå®ããããŒãã¯ããŠã³ãªã³ã¯ããŒããå«ãæ¬æ©ã®ãã¹ãŠã®ããŒããšéä¿¡ãå¯èœã§ãã
èšå®æ¹æ³
[VLAN]â [Private VLAN]â [Link Status]ãã¯ãªãã¯ããŸãããã©ã€ããŒã VLANã®ã¢ãããªã³ã¯åã¯ããŠã³ãªã³ã¯ãšããããŒãããã§ãã¯ãã[Apply]ãã¯ãªãã¯ããŸãã
110FXC9012F
Webã€ã³ã¿ãã§ãŒã¹VLAN
2.10.9 ãããã³ã« VLAN
è€æ°ã®ãããã³ã«ã®ãã©ãã£ãã¯ããç°ãªã£ã VLANãééããããšãå¯èœã«ããŸãã
ããŒãã§ãã±ãããåãåãããéããã®ãã±ããã®ãããã³ã«ã¿ã€ãã«ãã VLANã¡ã³ããŒã·ããã決å®ããŸãã
ãããã³ã« VLANã°ã«ãŒãèšå®
èšå®ã»è¡šç€ºé ç®
Protocol Group ID
ãããã³ã« VLANã°ã«ãŒãã«å²ãåœãŠãããããããã³ã«ã°ã«ãŒã IDïŒç¯å²ïŒ1-2147483647ïŒ
Frame Type
Ethernet, RFC 1042, ãŸã㯠LLCã®ãããããéžæããŠãã ããã
Protocol Type
LLC㯠IPX Rawããã®ä»ãã¬ãŒã ã¿ã€ã㯠IP, ARPãŸã㯠RARPã§ãã
èšå®æ¹æ³
[VLAN]â [Protocol VLAN]â [Configuration]ãã¯ãªãã¯ããŸãã
111 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹VLAN
ãããã³ã« VLANã€ã³ã¿ãã§ãŒã¹èšå®
ããŒãããšã®ãããã³ã« VLANèšå®ãè¡ããŸãã
èšå®ã»è¡šç€ºé ç®
Interface
ããŒããŸãã¯ãã©ã³ã¯ãæå®Protocol Group ID
ãããã³ã« VLANã°ã«ãŒãã«å²ãåœãŠããããããã³ã«ã°ã«ãŒã IDïŒç¯å²ïŒ1-2147483647ïŒ
VLAN ID
äžèŽãããããã³ã«ãã©ãã£ãã¯ããã©ã¯ãŒãããã VLANïŒç¯å²ïŒ1-4094ïŒ
èšå®æ¹æ³
[VLAN]â [Protocol VLAN]â [Port Configuration]ãã¯ãªãã¯ããŸãã
112FXC9012F
Webã€ã³ã¿ãã§ãŒã¹Class of ServiceïŒCoSïŒ
2.11 Class of ServiceïŒCoSïŒ
Class of Service(CoS)ã¯ããããã¯ãŒã¯ã®æ··éç¶æ ã®ããã«éä¿¡ããããã¡ãããå Žåã«ãåªå ããããŒã¿ãã±ãããæå®ããããšãã§ããŸããæ¬æ©ã§ã¯åããŒã㧠4段éã®ãã¥ãŒã® CoSããµããŒãããŠããŸããé«ããã©ã€ãªãªãã£ã®ãã¥ãŒãæã£ãããŒã¿ãã±ããããããäœããã©ã€ãªãªãã£ã®ãã¥ãŒãæã£ãããŒã¿ãã±ãããããå ã«è»¢éããŸããåã€ã³ã¿ãã§ãŒã¹ã«ããã©ã«ããã©ã€ãªãªãã£ãèšå®ããããšãã§ããåæ¬æ©ã®ãã©ã€ãªãªãã£ãã¥ãŒã«å¯Ÿãããã¬ãŒã ãã©ã€ãªãªãã£ã¿ã°ã®ãããã³ã°ãè¡ãããšãã§ããŸãã
2.11.1 ã¬ã€ã€ 2ãã¥ãŒèšå®
ã€ã³ã¿ãã§ãŒã¹ãžã®ããã©ã«ããã©ã€ãªãªãã£ã®èšå®
åã€ã³ã¿ãã§ãŒã¹ã®ããã©ã«ãããŒããã©ã€ãªãªãã£ãæå®ããããšãåºæ¥ãŸããã¹ã€ãããžå ¥ãå šãŠã®ã¿ã°ãªããã±ããã¯æå®ãããããã©ã«ãããŒããã©ã€ãªãªãã£ã«ããã¿ã°ãä»ããããåºåããŒãã§ã®é©åãªãã©ã€ãªãªãã£ãã¥ãŒãèšå®ãããŸãã
æ©èœè§£èª¬
⢠æ¬æ©ã¯åããŒã㧠4ã€ã®ãã©ã€ãªãªãã£ãã¥ãŒãæäŸããŸããhead-of-queue blockageãé²æ¢ããããã«éã¿ä»ãã©ãŠã³ãããã³ (WRR)ã䜿çšããŸãã
⢠ããã©ã«ããã©ã€ãªãªãã£ã¯ã"accept all frame type"ã«èšå®ãããããŒãã§åä¿¡ããã¿ã°ãªããã¬ãŒã ã®å Žåã«é©çšãããŸãããã®ãã©ã€ãªãªãã£ã¯ IEEE 802.1Q VLANã¿ã°ä»ãã¬ãŒã ã«å¯Ÿå¿ããŠããŸãããåä¿¡ãã¬ãŒã ã IEEE 802.1Q VLAN ã¿ã°ä»ãã¬ãŒã ã®å ŽåãIEEE 802.1Q VLAN User Priorityãããã䜿çšãããŸãã
⢠åºåããŒããé¢é£ VLANã®ã¿ã°ãªãã¡ã³ããŒã®å Žåããããã®ãã¬ãŒã ã¯éä¿¡åã«å šãŠã® VLANã¿ã°ãå€ããŸãã
èšå®ã»è¡šç€ºé ç®
Default Priority
åã€ã³ã¿ãã§ãŒã¹ã®åä¿¡ãããã¿ã°ãªããã¬ãŒã ã«å²ãåœãŠããããã©ã€ãªãªãã£
ïŒç¯å² :0 - 7ãåæèšå® :0ïŒ
Number of Egress Traffic Classes
åããŒãã«å²ãåœãŠããããã¥ãŒãããã¡ã®å€
èšå®æ¹æ³
[Priority]â [Default Port Priority]å㯠[Default Trunk Priority]ãã¯ãªãã¯ããŸããã€ã³ã¿ãã§ãŒã¹ã®ããã©ã«ããã©ã€ãªãªãã£ãå€æŽãã[Apply]ãã¯ãªãã¯ããŸãã
113 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹Class of ServiceïŒCoSïŒ
Egressãã¥ãŒãžã® CoSå€ã®ãããã³ã°
æ¬æ©ã¯åããŒãã® 8ã€ã®ãã©ã€ãªãªãã£ãã¥ãŒã䜿çšããããšã«ãã CoSãã©ã€ãªãªãã£ã¿ã°ä»éä¿¡ã®åŠçããéã¿ä»ãã©ãŠã³ãããã³ (Weighted Round Robin/WRR)ã«åºã¥ãããµãŒãã¹ã¹ã±ãžã¥ãŒã«ã«ããè¡ããŸããæ倧 8ã€ã«åããããéä¿¡ãã©ã€ãªãªãã£ã¯ IEEE802.1pã§å®ããããŸããããã©ã«ããã©ã€ãªãªãã£ã¬ãã«ã¯æ¬¡ã®è¡šã«èšèŒãããŠãã IEEE802.1pã®å§åã«åºã¥ããŠå²ãåœãŠãããŠããŸãã
æ§ã ãªãããã¯ãŒã¯ã¢ããªã±ãŒã·ã§ã³ã® IEEE 802.1pæšæºã§æšå¥šããããã©ã€ãªãªãã£ã¬ãã«ã以äžã®è¡šã«èšèŒãããŠããŸããããããã¢ããªã±ãŒã·ã§ã³ã®éä¿¡ã«å¯ŸããŠãèªç±ã«ã¢ãŠãããããã¥ãŒã®ãã©ã€ãªãªãã£ã¬ãã«ãèšå®ããããšãå¯èœã§ãã
èšå®ã»è¡šç€ºé ç®
Priority
CoSå€ïŒç¯å² :0ãã 7ã7ãæé«ãã©ã€ãªãªãã£ïŒ
Traffic Class
ã¢ãŠãããããã¥ãŒãããã¡ (ç¯å² :0ãã 3ã3ãæé« CoSãã©ã€ãªãªãã£ãã¥ãŒ )
èšå®æ¹æ³
[Priority]â [Traffic Classes]ãã¯ãªãã¯ããŸããåã€ã³ã¿ãã§ãŒã¹ã®ã¢ãŠãããããã¥ãŒãžãã©ã€ãªãªã㣠(Traffic Class)ãå²ãåœãŠã[Apply]ãã¯ãªãã¯ããŸãã
ãã¥ãŒ 0 1 2 3 4 5 6 7
ãã©ã€ãªãªã㣠2 0 1 3 4 5 6 7
ãã©ã€ãªãªãã£ã¬ãã« ãã©ãã£ãã¯ã¿ã€ã
1 Background
2 (Spare)
0ïŒåæèšå®ïŒ Best Effort
3 Excellent Effort
4 Controlled Load
5 Video, less than 100 milliseconds latency and jitter
6 Voice, less than 10 milliseconds latency and jitter
7 Network Control
114FXC9012F
Webã€ã³ã¿ãã§ãŒã¹Class of ServiceïŒCoSïŒ
CoSã®æå¹ /ç¡å¹
Class of Service(CoS)ã®æå¹ /ç¡å¹ãèšå®ããŸãã
èšå®æ¹æ³
[Priority]â [Traffic Classes Status]ãã¯ãªãã¯ããŸãã
ãã¥ãŒã¢ãŒãã®éžæ
æ¬æ©ã§ã¯ããã¹ãŠã®é«ãã©ã€ãªãªãã£ãã¥ãŒãäœãã©ã€ãªãªãã£ãã¥ãŒã«åªå ããã strictã«ãŒã«ãåã¯åãã¥ãŒã®éã¿ä»ããè¡ãWeighted Round-Robin (WRR)ãçšããŠãã¥ãŒã€ã³ã°ãè¡ããŸããWRRã§ã¯ããããããèšå®ããéã¿ã«å¿ããŠåãã¥ãŒã®è»¢éæéã®å²åã決å®ããŸããããã«ãããStrictã«ãŒã«ã«ããçãã HOL Blockingãé²ãããšãã§ããŸãïŒåæèšå®ã§ã¯WRRã«èšå®ãããŠããŸãïŒ
èšå®ã»è¡šç€ºé ç®
WRR
Weighted Round-Robinã§ã¯ã€ã³ã°ã¬ã¹ããŒãã®åž¯åã ããããã® 0-3ã®ãã¥ãŒã«å¯Ÿã㊠1, 2, 4, , 8ã®ã¹ã±ãžã¥ãŒãªã³ã°ãŠã§ã€ããèšå®ãå ±æããŸãã
Strict
ã€ã³ã°ã¬ã¹ãã¥ãŒãé 次åŠçããŸãããã¹ãŠã®é«ãã©ã€ãªãªãã£ãã¥ãŒã®ãã©ãã£ãã¯ãäœãã©ã€ãªãªãã£ãã¥ãŒã®ãã©ãã£ãã¯ããåªå çã«åŠçãããŸã
èšå®æ¹æ³
[Priority]â [Queue Mode]ãã¯ãªãã¯ããŸããStrictåã¯WRRãéžæãã [Apply]ãã¯ãªãã¯ããŸãã
115 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹Class of ServiceïŒCoSïŒ
ãã©ããã¯ã¯ã©ã¹ã®ãµãŒãã¹ãŠã§ã€ãèšå®
æ¬æ©ã¯åãã©ã€ãªãªãã£ãã¥ãŒã®æäŸãããæã«éã¿ä»ãã©ãŠã³ãããã³ (WRR)ã¢ã«ãŽãªãºã ã䜿çšããŠããŸããP114 ãEgressãã¥ãŒãžã® CoSå€ã®ãããã³ã°ãã«èšèŒãããŠããããã«ããã©ãã£ãã¯ã¯ã©ã¹ã¯åããŒãã«äŸçµŠããã 8ã€ã® Egressãã¥ãŒã®ãã¡ã®äžã€ã«ãããã³ã°ãããŸãããããã®ãã¥ãŒãšå¯Ÿå¿ããŠãããã©ãã£ãã¯ãã©ã€ãªãªãã£ã®ãããããžã®ãŠã§ã€ããå²ãåœãŠãããšãã§ããŸãããã®ãŠã§ã€ãã¯ãåãã¥ãŒããµãŒãã¹ã«ç»é²ãããããã«ãããç¹å®ã®ãã©ã€ãªãªãã£å€ã«å¿ãããœãããŠã§ã¢ã»ã¢ããªã±ãŒã·ã§ã³æ¯ã®ã¬ã¹ãã³ã¹æéã«åœ±é¿ããé »åºŠãèšå®ãããŸãã
èšå®ã»è¡šç€ºé ç®
WRR Setting Table
åãã©ãã£ãã¯ã¯ã©ã¹ïŒãã¥ãŒïŒã®ãŠã§ã€ãã®å€ãè¡šããŸãã
Weight Value
éžæããããã©ãã£ãã¯ã¯ã©ã¹ã®æ°ãããŠã§ã€ããèšå®ããŸãã( ç¯å² :1-15 )
èšå®æ¹æ³
[Priority]â [Queue Scheduling]ãã¯ãªãã¯ããŸããã€ã³ã¿ãã§ãŒã¹ãéžæãããã©ãã£ãã¯ã¯ã©ã¹ãéžæããŸãããŠã§ã€ãå€ãå ¥ååŸã[Apply]ãã¯ãªãã¯ããŸãã
116FXC9012F
Webã€ã³ã¿ãã§ãŒã¹Class of ServiceïŒCoSïŒ
2.11.2 ã¬ã€ã€ 3/4ãã©ã€ãªãªãã£ã®èšå®
CoSå€ãžã®ã¬ã€ã€ 3/4ãã©ã€ãªãªãã£ã®ãããã³ã°
æ¬æ©ã¯ã¢ããªã±ãŒã·ã§ã³ã®èŠæ±ãæºãããããã¬ã€ã€ 3/4ãã©ã€ãªãªãã£ããµããŒãããŠããŸããéä¿¡ãã©ã€ãªãªãã£ã¯ Type of Service (ToS)ãªã¯ãããã®ãã©ã€ãªãªãã£ããããTCPããŒãçªå·ã䜿çšããã¬ãŒã ã® IPãããã§æå®ããŸãããã©ã€ãªãªãã£ãããã䜿çšããå ŽåãToS ãªã¯ããã㯠Differentiated Services Code Point(DSCP)ãµãŒãã¹ã® 6ãããã䜿çšããŸãããããã®ãµãŒãã¹ãæå¹ãªæããã©ã€ãªãªãã£ã¯ CoSå€ãžãããã³ã°ããã該åœããåºåãã¥ãŒãžéãããŸãã
ç°ãªã£ããã©ã€ãªãªãã£æ å ±ãéä¿¡ã«å«ãŸããŠããå¯èœæ§ããããããæ¬æ©ã¯æ¬¡ã®æ¹æ³ã§åºåãã¥ãŒãžãã©ã€ãªãªãã£å€ããããã³ã°ããŠããŸã :
⢠ãã©ã€ãªãªãã£ãããã³ã°ã®åªå é äœã¯ IPããŒããã©ã€ãªãªãã£ãIP Prece-denceãŸã㯠DSCP ãã©ã€ãªãªãã£ãããã©ã«ãããŒããã©ã€ãªãªãã£ã®é çªãšãªããŸãã
⢠IP Precedenceãš DSCP ãã©ã€ãªãªãã£ãäž¡æ¹å ±æå¹ã«ããããšã¯ã§ããŸãããã©ã¡ããäžæ¹ãæå¹ã«ãããšãããäžæ¹ã¯èªåçã«ç¡å¹ã«ãªããŸãã
IP Precedence/DSCPãã©ã€ãªãªãã£ã®éžæ
IP PrecedenceãŸã㯠DSCPãã©ã€ãªãªãã£ã®ã©ã¡ãããæå¹ã«ããããšãã§ããŸãã
èšå®ã»è¡šç€ºé ç®
Disabled
äž¡æ¹ã®ãµãŒãã¹ãç¡å¹ã«ããŸããïŒåæèšå®ïŒ
IP Precedence
IP Precedenceã䜿çšã L3/L4ãã©ã€ãªãªãã£ããããã³ã°ããŸãã
IP DSCP
DSCPã䜿çšã L3/L4ãã©ã€ãªãªãã£ããããã³ã°ããŸãã
èšå®æ¹æ³
[Priority]â [IP Precedence/DSCP Priority Status]ãã¯ãªãã¯ããŸããDSCP Priority Statusã¡ãã¥ãŒãã Enabledã«ãã§ãã¯ãå ¥ããŸãããã®åŸïŒ»Applyãã¯ãªãã¯ããŸãã
117 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹Class of ServiceïŒCoSïŒ
IP Precedenceã®ãããã³ã°
IPv4ãããäžã® ToSãªã¯ãããã¯ãå è¡ 3ãããã«ããã8段éã®ãã©ã€ãªãªãã£ã¬ãã«ãå®çŸ©ããŸããåæèšå®ã® IP Precedenceå€ã¯ Class of Service å€ã« 1察 1ã§ãããã³ã°ãããŠããŸãïŒPrecedenceå€ 0㯠CoSå€ 0ã«ãããã³ã°ïŒããã©ã€ãªãªãã£ã¬ãã« 6åã³ 7ã¯ããããã¯ãŒã¯å¶åŸ¡ã«äœ¿çšãããä»ã®ã¬ãã«ã¯æ§ã ãªã¢ããªã±ãŒã·ã§ã³åœ¢åŒã«äœ¿çšãããŸããToSãããã¯ä»¥äžã®è¡šã§å®ããããŸã
èšå®ã»è¡šç€ºé ç®
IP Precedence Priority Table
CoSå€ãšå IP Precedenceå€ ã®çžé¢ãããã衚瀺ããŸãã
Class of Service Value
éžæããã IP Precedenceå€ãž CoS å€ããããã³ã°ããŸãã"0"ãäœããã©ã€ãªãªãã£ã"7"ãé«ããã©ã€ãªãªãã£ã瀺ããŸãã
èšå®æ¹æ³
[Priority]â [IP Precedence Priority]ãã¯ãªãã¯ããŸããIP Precedence Priority Tableãã IP Precedenceå€ãéžæããClass of Service Valueå€ãå ¥åãApplyãã¯ãªãã¯ããŸãã
ãã©ã€ãªãªãã£ã¬ãã«
ãã©ãã£ãã¯ã¿ã€ã
ãã©ã€ãªãªãã£ã¬ãã«
ãã©ãã£ãã¯ã¿ã€ã
7 Network Control 3 Flash
6 InternetworkControl
2 Immediate
5 Critical 1 Priority
4 Flash Override 0 Routine
118FXC9012F
Webã€ã³ã¿ãã§ãŒã¹Class of ServiceïŒCoSïŒ
DSCPãã©ã€ãªãªãã£ã®ãããã³ã°
DSCP㯠6ãããã§æ倧 64åã®ç°ãªã£ã転éåäœãå¯èœã§ããDSCP㯠ToSããããšçœ®ãæããããšãã§ãå è¡ 3ãããã䜿çšããŠäžäœäºææ§ãç¶æããã®ã§ãDSCPé察å¿ã§ ToS察å¿ã®ããã€ã¹ã¯ DSCPãããã³ã°ã䜿çšããããšãã§ããŸããDSCPã§ã¯ããããã¯ãŒã¯ããªã·ãŒã«åºã¥ããç°ãªãçš®é¡ã®ãã©ãã£ãã¯ãç°ãªãçš®é¡ã®è»¢éãšããããšãã§ããŸããDSCPåæèšå®å€ã¯æ¬¡ã®è¡šã§å®ããããŸããæå®ãããŠããªãå šãŠã® DSCPå€ã¯ CoSå€ 0ã«ãããã³ã°ãããŸãïŒ
èšå®ã»è¡šç€ºé ç®
DSCP Priority Table
CoSå€ãšå DSCPãã©ã€ãªãªãã£ã®çžé¢ãããã衚瀺ããŸãã
Class of Service Value
éžæããã DSCPãã©ã€ãªãªãã£å€ãž CoS å€ããããã³ã°ããŸãã"0"ãäœããã©ã€ãªãªãã£ã"7"ãé«ããã©ã€ãªãªãã£ã瀺ããŸãã
[泚æ ]ãIP DSCPèšå®ã¯ãã¹ãŠã®ã€ã³ã¿ãã§ãŒã¹ã«å¯ŸããŠæå¹ãšãªããŸãã
èšå®æ¹æ³
[Priority]â [IP DSCP Priority]ãã¯ãªãã¯ããŸããDSCP Priority Tableãã DSCP Priorityå€ãéžæããClass of Service Valueå€ãå ¥åãApplyãã¯ãªãã¯ããŸãã
IP DSCP å€ CoSå€
0 0
8 1
10, 12, 14, 16 2
18, 20, 22, 24 3
26, 28, 30, 32, 34, 36 4
38, 40, 42 5
48 6
46, 56 7
119 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹Class of ServiceïŒCoSïŒ
IP ããŒããã©ã€ãªãªãã£ã®ãããã³ã°
ãã¬ãŒã ãããã® IPããŒãçªå· (TCP/UDPããŒãçªå· )ã«åºã¥ãããããã¯ãŒã¯ã¢ããªã±ãŒã·ã§ã³ãš CoSã®ãããã³ã°ãå¯èœã§ããããç¥ãããŠãã TCP/UDPãŠã§ã«ããŠã³ããŒãçªå·ã«ã¯ãHTTPïŒ80ãFTPïŒ21ãTelnetïŒ23ãPOP3ïŒ110ãªã©ããããŸãã
èšå®ã»è¡šç€ºé ç®
IP Port Priority Status
IPããŒããã©ã€ãªãªãã£ã®æå¹ /ç¡å¹
IP Port Priority Table
CoSå€ãšå IPããŒãçªå·ãšã®çžé¢ãããã衚瀺ããŸã
IP Port Number (TCP/UDP)
IPããŒãçªå·ãèšå®ããŸãã
Class of Service Value
éžæããã IPããŒããã©ã€ãªãªãã£ãž CoSå€ããããã³ã°ããŸããâ0âãäœããã©ã€ãªãªãã£ãâ7âãé«ããã©ã€ãªãªãã£ã瀺ããŸãã
[泚æ ]ãIPããŒããã©ã€ãªãªãã£èšå®ã¯ãã¹ãŠã®ã€ã³ã¿ãã§ãŒã¹ã«å¯ŸããŠæå¹ãšãªããŸãã
èšå®æ¹æ³
[Priority]â [IP Port Status]ãã¯ãªãã¯ããŸãã
[Priority]â [IP Port Priority]ãã¯ãªãã¯ããŸãã
120FXC9012F
Webã€ã³ã¿ãã§ãŒã¹Class of ServiceïŒCoSïŒ
ACLãžã® CoSå€ã®ãããã³ã°
ACL CoSãããã³ã°ããŒãžã§ã¯ãACLã«ãŒã«ã«äžèŽãããã±ããã«å¯Ÿããåºåãã¥ãŒã®èšå®ã以äžã®è¡šã«åºã¥ãèšå®ãè¡ãããšãã§ããŸãã
ACLã®è©³çŽ°ã¯ 59 ããŒãžã®ãACL ïŒAccess Control ListsïŒããåç §ããŠäžããã
æ©èœè§£èª¬
⢠CoSå€ãã«ãŒã«ã«ãããã³ã°ããåã« ACLãã¹ã¯ã®èšå®ãè¡ãªãå¿ èŠããããŸãã
èšå®ã»è¡šç€ºé ç®
Port
ããŒãçªå·
Name
ACLå
Type
ACLã¿ã€ãïŒIPãMACïŒ
CoS Priority
ACLã«ãŒã«ã«ããããããã±ããã«å²ãåœãŠã CoSå€ïŒç¯å²ïŒ0-7ïŒ
èšå®æ¹æ³
[Priority]â [ACL CoS Priority]ãã¯ãªãã¯ããŸãã
121 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹Class of ServiceïŒCoSïŒ
2.11.3 ACLã«ãŒã«ã«åºã¥ããã©ã€ãªãªãã£ã®å€æŽ
ACLã«ãŒã«ã«äžèŽãããã¬ãŒã ã®ãã©ãã£ãã¯ãã©ã€ãªãªãã£ã®å€æŽãè¡ãªãããšãã§ããŸãïŒæ¬æ©èœã¯äžè¬çã« ACLãã±ããããŒãã³ã°ãšåŒã°ããŸãïŒã
æ¬æ©ã§ã¯ãIEEE802.1pãã©ã€ãªãªãã£ãIP Precedence, DSCPãã©ã€ãªãªãã£ã®å€æŽãè¡ãªãããšãã§ããŸãã
æ©èœè§£èª¬
⢠ACL ã«ãŒã«ã«åºã¥ããã©ã€ãªãªãã£ã®å€æŽãè¡ãªãåã«ãACLãã¹ã¯ã®èšå®ãè¡ãªãå¿ èŠããããŸãã
⢠ãã©ãã£ãã¯ãã©ã€ãªãªãã£ã«ã¯ IEEE802.1Q VLANã¿ã°ã®äžéšã§ãããIEEE802.1p ãã©ã€ãªãªãã£ã¿ã°ãå«ãŸããŸããIEEE802.1p ãã©ã€ãªãªãã£ã¯ã¬ã€ã€ 2 å㯠IP ãã±ããã®ããããã«èšå®ãããŸãã
⢠IP ãã±ããã§ã¯ ToS ãªã¯ãããã«ãã©ã€ãªãªã㣠bit ãå«ãã§ããŸããToS ãªã¯ããã㯠3bit ã® IP Precedence å㯠6bit ã® DSCP ãµãŒãã¹ã§ããIP ãã¬ãŒã ãããã«ã¯IP Precedenceå㯠DSCP ã®ãããããå«ãããšãã§ããŸãã
⢠ãã©ã€ãªãªãã£ã®ãããã³ã°ã®åªå 床㯠IP Precedence å㯠DSCP ãã©ã€ãªãªãã£ãIEEE802.1p ãã©ã€ãªãªãã£ã®é ã«ãªããŸãã
èšå®ã»è¡šç€ºé ç®
Port
ããŒãçªå·
Name
ACLå
Type
ACLã¿ã€ãïŒIPãMACïŒ
Precedence
IP Precedenceå€ïŒç¯å²ïŒ0-7ïŒ
DSCP
DSCPå€ïŒç¯å²ïŒ0-63ïŒ
802.1p Priority
IEEE802.1pãã©ã€ãªãªãã£ã¿ã°ã® CoSå€ïŒç¯å²ïŒ0-7ã7ãæé«ã®ãã©ã€ãªãªãã£ïŒ
122FXC9012F
Webã€ã³ã¿ãã§ãŒã¹Class of ServiceïŒCoSïŒ
èšå®æ¹æ³
[Priority]â [ACL Marker]ãã¯ãªãã¯ããŸããããŒãåã³ ACLã«ãŒã«ãéžæããŸããToSãã©ã€ãªãªãã£ãèšå®ããã«ã¯ãPrecedence/DSCPãã§ãã¯ããã¯ã¹ã«ãã§ãã¯ããŸããPrecedenceå㯠DSCPãã¹ã¯ããŒã«ããŠã³ããã¯ã¹ããéžæãããã©ã€ãªãªãã£ãå ¥åããŸãã802.1pãã©ã€ãªãªãã£ãèšå®ããã«ã¯ã802.1pãã©ã€ãªãªãã£ã«ãã§ãã¯ããããã©ã€ãªãªãã£ãå ¥åããŸãããã®åŸã [Apply]ãã¯ãªãã¯ããŸãã
123 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
2.12 ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
ãã«ããã£ã¹ãã¯ãããªã«ã³ãã¡ã¬ã³ã¹ãã¹ããªãŒãã³ã°ãªã©ã®ãªã¢ã«ã¿ã€ã ã¢ããªã±ãŒã·ã§ã³ã®åäœããµããŒãããŸãããã«ããã£ã¹ããµãŒãã¯åã¯ã©ã€ã¢ã³ãã«å¯Ÿãç°ãªãã³ãã¯ã·ã§ã³ã確ç«ããããšãã§ããŸããããããã¯ãŒã¯ã«ãããŒããã£ã¹ããè¡ããµãŒãã¹ãšãªãããã«ããã£ã¹ããå¿ èŠãšãããã¹ãã¯æ¥ç¶ãããŠãããã«ããã£ã¹ããµãŒã /ã«ãŒã¿ãšå ±ã«ç»é²ãããŸãããŸãããã®æ¹æ³ã¯ãã«ããã£ã¹ããµãŒãã«ãããããã¯ãŒã¯ã®ãªãŒãããããåæžããŸãããããŒããã£ã¹ããã©ãã£ãã¯ã¯åãã«ããã£ã¹ãã¹ã€ãã /ã«ãŒã¿ã«ãã£ãŠæ¬ãµãŒãã¹ã«å å ¥ããŠãããã¹ãã«ã®ã¿è»¢éãããããåŠçãããŸããæ¬æ©ã§ã¯æ¥ç¶ããããã¹ãããã«ããã£ã¹ããµãŒãã¹ãå¿ èŠãšããã IGMP (Internet Group Management Protocol)ã®ã¯ãšãªã䜿çšããŸãããµãŒãã¹ã«åå ãèŠæ±ããŠãããã¹ããå«ãããŒããç¹å®ãããã®ããŒãã«ã®ã¿ããŒã¿ãéããŸãããŸãããã«ããã£ã¹ããµãŒãã¹ãåä¿¡ãã€ã¥ããããã«ãµãŒãã¹ãªã¯ãšã¹ããé£æ¥ãããã«ããã£ã¹ãã¹ã€ãã /ã«ãŒã¿ã«åºããŸãããã®æ©èœããã«ããã£ã¹ããã£ã«ã¿ãªã³ã°ãšåŒã³ãŸããIPãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°ã®ç®çã¯ãã¹ã€ããã®ãããã¯ãŒã¯ããã©ãŒãã³ã¹ãæé©åãããã«ããã£ã¹ããã±ããããã«ããã£ã¹ãã°ã«ãŒããã¹ãåã¯ãã«ããã£ã¹ãã«ãŒã¿ /ã¹ã€ããã«æ¥ç¶ãããããŒãã®ã¿ã«è»¢éãããµããããå ã®å šãŠã®ããŒãã«ãã©ããã£ã³ã°ããã®ãé²ããŸãã
2.12.1 ã¬ã€ã€ 2ãIGMPïŒSnooping and QueryïŒ
IGMP Snooping and QueryïŒãã«ããã£ã¹ãã«ãŒãã£ã³ã°ããããã¯ãŒã¯äžã®ä»ã®æ©åšã§ãµããŒããããŠããªãå ŽåãIGMP Snoopingåã³ Queryãå©çšãããã«ããã£ã¹ãã¯ã©ã€ã¢ã³ããšãµãŒãéã§ã® IGMPãµãŒãã¹ãªã¯ãšã¹ãã®ééãç£èŠããåçã«ãã«ããã£ã¹ããã©ãã£ãã¯ã転éããããŒãã®èšå®ãè¡ãªãããšãã§ããŸãã
éç IGMPã«ãŒã¿ã€ã³ã¿ãã§ãŒã¹ïŒ IGMP Snoopingã IGMPã¯ãšãªã¢ãæ€çŽ¢ã§ããªãå Žåãæå㧠IGMPã¯ãšãªã¢ïŒãã«ããã£ã¹ãã«ãŒã¿ /ã¹ã€ããïŒã«æ¥ç¶ãããæ¬æ©ã®ã€ã³ã¿ãã§ãŒã¹ã®æå®ãè¡ãªãããšãã§ããŸãããã®åŸãæå®ããã€ã³ã¿ãã§ãŒã¹ã¯æ¥ç¶ãããã«ãŒã¿ /ã¹ã€ããã®ãã¹ãŠã®ãã«ããã£ã¹ãã°ã«ãŒãã«åå ãããã«ããã£ã¹ããã©ãã£ãã¯ã¯æ¬æ©å ã®é©åãªã€ã³ã¿ãã§ãŒã¹ã«è»¢éãããŸãã
éç IGMPãã¹ãã€ã³ã¿ãã§ãŒã¹ïŒç¢ºå®ã«ã³ã³ãããŒã«ããå¿ èŠã®ãããã«ããã£ã¹ãã¢ããªã±ãŒã·ã§ã³ã«å¯ŸããŠã¯ãç¹å®ã®ããŒãã«å¯ŸããŠæåã§ãã«ããã£ã¹ããµãŒãã¹ãæå®ããããšãã§ããŸããïŒP129åç §ïŒ
IGMP Snooping Queryãã©ã¡ãŒã¿ã®èšå®
ãã«ããã£ã¹ããã©ãã£ãã¯ã®è»¢éèšå®ãè¡ããŸãã
IGMPã¯ãšãªåã³ãªããŒãã¡ãã»ãŒãžã«åºã¥ãããã«ããã£ã¹ããã©ãã£ãã¯ãå¿ èŠãšããããŒãã«ã®ã¿éä¿¡ããŸãããã¹ãŠã®ããŒãã«éä¿¡ããããŒããã£ã¹ããããããã¯ãŒã¯ããã©ãŒãã³ã¹ã®äœäžãæãããšãé²ããŸãã
æ©èœè§£èª¬
⢠IGMP Snooping â æ¬æ©ã¯ãIGMPã¯ãšãªã® snoopãåãããªããŒããã±ããã IPãã«ããã£ã¹ãã«ãŒã¿ /ã¹ã€ããéã§è»¢éããIPãã«ããã£ã¹ããã¹ãã°ã«ãŒãã IPãã«ããã£ã¹ãã°ã«ãŒãã¡ã³ããŒã«èšå®ããŸããIGMPãã±ããã®ééãç£èŠããã°ã«ãŒãç»é²æ å ±ãæ€ç¥ããããã«åŸã£ãŠãã«ããã£ã¹ããã£ã«ã¿ã®èšå®ãè¡ããŸãã
⢠IGMP Query â ã«ãŒã¿åã¯ãã«ããã£ã¹ã察å¿ã¹ã€ããã¯ãå®æçã«ãã¹ãã«å¯Ÿããã«ããã£ã¹ããã©ãã£ãã¯ãå¿ èŠãã©ããã質åããŸãããããã® LANäžã« 2ã€ä»¥äžã® IPãã«ããã£ã¹ãã«ãŒã¿ /ã¹ã€ãããååšããå Žåã1ã€ã®ããã€ã¹ã "ã¯ãšãªã¢ "ãšãªããŸãããã®åŸããã«ããã£ã¹ããµãŒãã¹ãåãç¶ããããã«æ¥ç¶ããããã«ããã£ã¹ãã¹ã€ãã /ã«ãŒã¿ã«å¯ŸããµãŒãã¹ãªã¯ãšã¹ããåºããŸãã
[ 泚æ ]ããã«ããã£ã¹ãã«ãŒã¿ã¯ãããã®æ å ±ããDVMRP ã PIM ãªã©ã®ãã«ããã£ã¹ãã«ãŒãã£ã³ã°ãããã³ã«ãšå ±ã«ãã€ã³ã¿ãŒãããã® IP ãã«ããã£ã¹ãããµããŒãããããã«äœ¿çšããŸãã
124FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
èšå®ã»è¡šç€ºé ç®
IGMP Status
æå¹ã«ããå Žåãæ¬æ©ã¯ãããã¯ãŒã¯ã®éä¿¡ãç£èŠãããã«ããã£ã¹ããã©ãã£ãã¯ãå¿ èŠãšãããã¹ããç¹å®ããŸãããã㯠IGMP SnoopingãšåŒã°ããŸãã
ïŒåæèšå® :æå¹ (Enabled)ïŒ
Act as IGMP Querier
æå¹ã«ããå Žåãæ¬æ©ã¯ã¯ãšãªã¢ãšããŠæ©èœãããã¹ãã«å¯Ÿããã«ããã£ã¹ããã©ãã£ãã¯ãå¿ èŠããèããŸãã
ïŒåæèšå® :æå¹ (Enabled)ïŒ
IGMP Query Count
å¿çãåããŠãã¬ããŒãã®èŠæ±ãéå§ãããŸã§éä¿¡ããã¯ãšãªã®æ倧æ°ãå ¥åããŸãã
ïŒ2-10ãåæèšå® :2ïŒ
IGMP Query Interval
IGMPã¯ãšãªã¡ãã»ãŒãžãéä¿¡ããéé (ç§ )ãæå®ããŸãïŒ60-125ãåæèšå® :125ïŒ
IGMP Report Delay
IPãã«ããã£ã¹ãã¢ãã¬ã¹ã®ã¬ããŒããããŒãã§åä¿¡ããŠãããIGMPã¯ãšãªããã®ããŒãããéä¿¡ããããªã¹ããããšã³ããªãŒãåé€ããããŸã§ã®æéïŒç§ïŒãèšå®ããŸãïŒ5-25ãåæèšå®: 10ïŒ
IGMP Query Timeout
åã®ã¯ãšãªã¢ãåæ¢ããåŸãã¯ãšãªãã±ãããåä¿¡ããŠããã«ãŒã¿ããŒããç¡å¹ãšå€æããããŸã§ã®æéïŒç§ïŒãèšå®ããŸãïŒ300-500ãåæèšå® :300ïŒ
IGMP Version
ãããã¯ãŒã¯äžã®ä»ã®ããã€ã¹ãšäºææ§ã®ãã IGMPããŒãžã§ã³ã®èšå®ãè¡ããŸãïŒ1-2ãåæèšå® :2ïŒ
[泚æ]ããµããããäžã®ãã¹ãŠã®ããã€ã¹ãåãããŒãžã§ã³ããµããŒãããŠããå¿ èŠããããŸãã
[泚æ ]ãIGMP Report Delayåã³ IGMP Query Timeout㯠IGMP v2ã§ã®ã¿ãµããŒããããŸãã
èšå®æ¹æ³
[IGMP Snooping]â [IGMP Configuration]ãã¯ãªãã¯ããŸããå¿ èŠãª IGMPã®èšå®ãè¡ãã[Apply]ãã¯ãªãã¯ããŸããïŒä»¥äžã®ç»é¢ã§ã¯åæèšå®ã衚瀺ããŠããŸããïŒ
125 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
ãã«ããã£ã¹ãã«ãŒã¿ã«æ¥ç¶ãããã€ã³ã¿ãã§ãŒã¹ã®è¡šç€º
ãã«ããã£ã¹ãã«ãŒã¿ã¯ãIGMPããã®æ å ±ã«å ããã€ã³ã¿ãŒãããã§ã® IPãã«ããã£ã¹ãã£ã³ã°ãè¡ããã DVMRPãPIMçã®ãã«ããã£ã¹ãã»ã«ãŒãã£ã³ã°ã»ãããã³ã«ã䜿çšããŸããã«ãŒã¿ã¯ãæ¬æ©ã«ããåçã«èšå®ãããããéçã«ã€ã³ã¿ãã§ãŒã¹ã®è¿œå ãè¡ãããšãã§ããŸããMulticast Router Port InformationããŒãžã§ã¯ãå VLAN IDã§é£æ¥ãããã«ããã£ã¹ãã«ãŒã¿ /ã¹ã€ããã®æ¥ç¶ãããããŒãã衚瀺ããŸãã
èšå®ã»è¡šç€ºé ç®
VLAN ID
ãªã¹ãã衚瀺ããã VLAN IDïŒ1-4094ïŒ
Multicast Router List
åçåã³éçã«èšå®ããããã«ããã£ã¹ãã«ãŒã¿ã®èšå®æ å ±
èšå®æ¹æ³
[IGMP Snooping]â [Multicast Router Port Information]ãã¯ãªãã¯ããŸããã¹ã¯ããŒã«ããŠã³ãªã¹ããã VLAN IDãéžæãããšãé¢é£ãããã«ããã£ã¹ãã«ãŒã¿ã®æ å ±ã衚瀺ãããŸãã
126FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
ãã«ããã£ã¹ãã«ãŒã¿ã«æ¥ç¶ããã€ã³ã¿ãã§ãŒã¹ã®èšå®
ãããã¯ãŒã¯æ¥ç¶ç¶æ³ã«ãããIGMP snoopingã«ãã IGMPã¯ãšãªã¢ãé 眮ãããªãå ŽåããããŸããIGMPã¯ãšãªã¢ãšãªããã«ããã£ã¹ãã«ãŒã¿ /ã¹ã€ãããæ¥ç¶ãããŠããã€ã³ã¿ãã§ãŒã¹ïŒããŒãåã¯ãã©ã³ã¯ïŒãå€æããŠããå Žåãã«ãŒã¿ããµããŒããããã«ããã£ã¹ãã°ã«ãŒããžã®ã€ã³ã¿ãã§ãŒã¹ïŒåã³ VLANïŒã®åå èšå®ãæåã§è¡ããŸããããã«ãããæ¬æ©ã®ãã¹ãŠã®é©åãªã€ã³ã¿ãã§ãŒã¹ãžãã«ããã£ã¹ããã©ãã£ãã¯ãæž¡ãããšãã§ããŸãã
èšå®ã»è¡šç€ºé ç®
Interface
ããŒã (Port)åã¯ãã©ã³ã¯ (Trunk)ãã¹ã¯ããŒã«ããŠã³ãªã¹ãããéžæããŸãã
VLAN ID
ãã«ããã£ã¹ãã«ãŒã¿ /ã¹ã€ããããéããããã«ããã£ã¹ããã©ãã£ãã¯ãåä¿¡ãã転éãã VLANãéžæããŸãã
Portå㯠Trunk
ãã«ããã£ã¹ãã«ãŒã¿ã«æ¥ç¶ãããã€ã³ã¿ãã§ãŒã¹ãæå®ããŸãã
èšå®æ¹æ³
[IGMP Snooping]â [Static Multicast Router Port Configuration]ãã¯ãªãã¯ããŸãããã«ããã£ã¹ãã«ãŒã¿ã«æ¥ç¶ãããã€ã³ã¿ãã§ãŒã¹ãšãã«ããã£ã¹ããã©ãã£ãã¯ãéåä¿¡ãã VLANãæå®ãã[Add]ãã¯ãªãã¯ããŸãããã¹ãŠã®èšå®ãå®äºåŸã[Apply]ãã¯ãªãã¯ããŸãã
127 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
ãã«ããã£ã¹ããµãŒãã¹ã®ããŒãã¡ã³ããŒè¡šç€º
ãã«ããã£ã¹ã IPã¢ãã¬ã¹åã³ VLANãæå®ããé¢é£ããããŒãã¡ã³ããŒã衚瀺ããŸãã
èšå®ã»è¡šç€ºé ç®
VLAN ID
ããŒãã¡ã³ããŒã衚瀺ãã VLANãéžæããŸãã
Multicast IP Address
ãã«ããã£ã¹ããµãŒãã¹ãè¡ã IPã¢ãã¬ã¹ãéžæããŸãã
Multicast Group Port List
VLANã°ã«ãŒãã«æå±ãããã«ããã£ã¹ããµãŒãã¹ãéä¿¡ãããããŒãã衚瀺ãããŸãã
èšå®æ¹æ³
[IGMP Snooping]â [IP Multicast Registration Table]ãã¯ãªãã¯ããŸããVLAN IDãšãã«ããã£ã¹ã IPã¢ãã¬ã¹ãéžæãããšããã«ããã£ã¹ããµãŒãã¹ãéä¿¡ããããã¹ãŠã®ããŒãã衚瀺ãããŸãã
128FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
ãã«ããã£ã¹ããµãŒãã¹ãžã®ããŒãã®æå®
ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°ã¯ãP124 ãIGMP Snooping Queryãã©ã¡ãŒã¿ã®èšå®ãã®éããIGMP snoopingãš IGMPã¯ãšãªã¡ãã»ãŒãžã䜿çšããåçã«èšå®ããããšãã§ããŸããäžéšã®ã¢ããªã±ãŒã·ã§ã³ã§ã¯ããã«çŽ°ããèšå®ãå¿ èŠãªãããéçã«ãã«ããã£ã¹ããµãŒãã¹ã®èšå®ãè¡ãå¿ èŠããããŸããåã VLANã«åå ãããã¹ãã®æ¥ç¶ããããã¹ãŠã®ããŒããå ãããã®åŸVLANã°ã«ãŒãã«ãã«ããã£ã¹ããµãŒãã¹ã®èšå®ãè¡ããŸãã
æ©èœè§£èª¬
⢠éçãã«ããã£ã¹ãã¢ãã¬ã¹ã¯ã¿ã€ã ã¢ãŠããèµ·ãããŸããã⢠ãã«ããã£ã¹ãã¢ãã¬ã¹ãç¹å®ã® VLANã«èšå®ãããå Žåãé¢é£ãããã©ãã£ãã¯ã¯
VLANå ã®ããŒãã«ã®ã¿è»¢éãããŸãã
èšå®ã»è¡šç€ºé ç®
Interface
ããŒã (Port)åã¯ãã©ã³ã¯ (Trunk)ãã¹ã¯ããŒã«ããŠã³ãªã¹ãã§éžæããŸãã
VLAN ID
ãã«ããã£ã¹ãã«ãŒã¿ /ã¹ã€ããããã®ãã«ããã£ã¹ããã©ãã£ãã¯ãåä¿¡ãã転éãã VLANãéžæããŸãã
Multicast IP
ãã«ããã£ã¹ããµãŒãã¹ãè¡ã IPã¢ãã¬ã¹ãå ¥åããŸãã
Portå㯠Trunk
ãã«ããã£ã¹ãã«ãŒã¿ã«æ¥ç¶ãããã€ã³ã¿ãã§ãŒã¹ã®çªå·ãæå®ããŸãã
èšå®æ¹æ³
[IGMP Snooping]â [IGMP Member Port Table]ãã¯ãªãã¯ããŸãããã«ããã£ã¹ããµãŒãã¹ã«åå ãããã€ã³ã¿ãã§ãŒã¹ããã«ããã£ã¹ããµãŒãã¹ã転éãã VLANããã«ããã£ã¹ãIPã¢ãã¬ã¹ãæå®ãã[Add]ãã¯ãªãã¯ããŸãããã¹ãŠã®èšå®ãçµäºåŸã[Apply]ãã¯ãªãã¯ããŸãã
129 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
2.12.2 ã¬ã€ã€ 3 IGMP
IGMPã€ã³ã¿ãã§ãŒã¹ãã©ã¡ãŒã¿ã®èšå®
èšå®ã»è¡šç€ºé ç®
VLAN (Interface)
ãã©ã€ã㪠IPã¢ãã¬ã¹ã«ããŠã³ãããã VLANã€ã³ã¿ãã§ãŒã¹ (ç¯å²ïŒ1-4094)
IGMP Protocol Status (Admin Status)
VLANã€ã³ã¿ãã§ãŒã¹ã§ã® IGMPæå¹å (åæèšå® : ç¡å¹ )
Last Member Query Interval
last member ã¯ãšãªãŒééãæ§æããŸãã
Max Query Response Time
IGMP ã¯ãšãªãŒã§ã¢ããã¿ã€ãºãããæ倧å¿çæéãæ§æããŸãã (ç¯å²ïŒ 0-25 ç§ ; åæèšå® 10ç§ )
Query Interval
ãã¹ã ã¯ãšãªãŒ ã¡ãã»ãŒãžãéä¿¡ãããé »åºŠãæ§æããŸãã
⢠ãã«ããã£ã¹ã ã«ãŒã¿ã¯ãç¹å®ã®ãã«ããã£ã¹ã ãµãŒãã¹ãèŠæ±ããäžæµãã¹ããšã®æ¥ç¶ã€ã³ã¿ãã§ãŒã¹ã決å®ããããããã¹ã ã¯ãšãªãŒ ã¡ãã»ãŒãžãéä¿¡ããŸãããµããããã«å¯Ÿå¿ããæå®ãã«ããã£ã¹ã ã«ãŒã¿ã®ã¿ãããã«ããã£ã¹ã ã¢ãã¬ã¹224.0.0.1 ã«å®ãŠããã¹ã ã¯ãšãªãŒ ã¡ãã»ãŒãžãéä¿¡ããŸãã
⢠IGMP ããŒãžã§ã³ 1 ã®å Žåãæå®ã«ãŒã¿ã¯ãLAN ã§çšŒåãããã«ããã£ã¹ã ã«ãŒãã£ã³ã° ãããã³ã«ã«åŸã£ãŠéžåºãããŸããIGMP ããŒãžã§ã³ 2 ã§ã¯ããµããããäžã§æãå°ãã IP ã¢ãã¬ã¹ãæã€ãã«ããã£ã¹ã ã«ãŒã¿ãæå®ã¯ãšãªã¢ã«ãªããŸãã
Robustness Variable
ãã®ã€ã³ã¿ãã§ãŒã¹ã®å ç¢ãïŒäºæ³ãã±ããæå€±ïŒ ãæå®ããŸãã (RFC2236).(ç¯å²ïŒ1-255; åæèšå®ïŒ 2)
Version
ã€ã³ã¿ãã§ãŒã¹äžã§äœ¿çšããã IGMP ã®ããŒãžã§ã³ãæ§æããŸãã
(ãªãã·ã§ã³ïŒVersion 1 ãŸã㯠2ããåæèšå®ïŒ Version 2)
ãµããããäžã®ãã¹ãŠã®ã«ãŒã¿ã¯åäžããŒãžã§ã³ããµããŒãããŠããå¿ èŠããããŸãããã ãããµããããäžã®ãã«ããã£ã¹ã ãã¹ãã¯ãIGMP ããŒãžã§ã³ 1 ãŸã㯠2ã®ã©ã¡ãããµããŒãããŠããŠãããŸããŸããã
Querier
ãã®ãã«ããã£ã¹ããµãŒãã¹ã®ããã«çŸåš IGMP querier ã®åœ¹ãããŠããæ©åšã
130FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
èšå®æ¹æ³
[IP]â [IGMP]â [Interface Settings]ãã¯ãªãã¯ããŸãã
ãã«ããã£ã¹ãã°ã«ãŒãæ å ±ã®è¡šç€º
èšå®ã»è¡šç€ºé ç®
Group Address
IP ãã«ããã£ã¹ã ã°ã«ãŒã ã¢ãã¬ã¹ã§ããå å ¥è ã¯çŽæ¥æ¥ç¶ãããŠãããããŸãã¯ãã®ã¹ã€ããã®äžæµã«ååšããŸãã
Interface
ãã«ããã£ã¹ã ã°ã«ãŒã ã¢ãã¬ã¹å®ãŠã®ãã©ãã£ãã¯ãåä¿¡ãããã®ã¹ã€ããã®ã€ã³ã¿ãã§ãŒã¹ã§ãã
Last Reporter
ã€ã³ã¿ãã§ãŒã¹äžã®ãã®ãã«ããã£ã¹ã ã°ã«ãŒã ã¢ãã¬ã¹ã§åä¿¡ãããæåŸã®ã¡ã³ããŒã·ãã ã¬ããŒãã®éä¿¡å IP ã¢ãã¬ã¹ã§ããã¡ã³ããŒã·ãã ã¬ããŒããåä¿¡ãããªãã£ãå Žåããã®ãªããžã§ã¯ãã®å€ã¯ 0.0.0.0 ãšãªããŸãã
Up time
ãã®ãšã³ããªãäœæãããŠããã®çµéæéã§ãã
Expire
ãã®ãšã³ããªãçµå¹ŽåŠçã«ããç¡å¹ã«ãªããŸã§ã®æ®ãæéã§ããïŒããã©ã«ãã§ã¯ 260 ç§ïŒã
V1 Timer
ãã®ã€ã³ã¿ãã§ãŒã¹ã«æ¥ç¶ããã IP ãµããããäžã«ã¯ IGMP ããŒãžã§ã³ 1 ã¡ã³ããŒãååšããªããšã¹ã€ãããèŠãªããŸã§ã®æ®ãæéã§ãïŒããã©ã«ãã§ã¯ 400 ç§ïŒã
131 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
èšå®æ¹æ³
[IP]â [IGMP]â [IGMP Group Information]ãã¯ãªãã¯ããŸãã
132FXC9012F
Webã€ã³ã¿ãã§ãŒã¹DNSïŒDomain Name ServiceïŒ
2.13 DNSïŒDomain Name ServiceïŒæ¬æ©ã® DNS(Domain Naming System)ãµãŒãã¹ã¯ããã¡ã€ã³åãš IPã¢ãã¬ã¹ã®ãããã³ã°ãè¡ãªãDNSããŒãã«ã®æåã§ã®èšå®ãè¡ãªããä»ãããã©ã«ããã¡ã€ã³åã®èšå®åã¯ã¢ãã¬ã¹å€æãè¡ãªãããã®è€æ°ã®ããŒã ãµãŒãã®æå®ãè¡ãªãããšãã§ããŸãã
2.13.1 DNSãµãŒãã¹ã®äžè¬èšå®
æ©èœè§£èª¬
⢠ã¹ã€ãã㧠DNSãµãŒãã¹ãæå¹ã«ããããããŸãæåã«äžã€ä»¥äžã®ããŒã ãµãŒããŒãèšå®åŸããã¡ã€ã³ã«ãã¯ã¢ããã¹ããŒã¿ã¹ãæå¹ã«ããŸãã
⢠DNSã¯ã©ã€ã¢ã³ãããåä¿¡ããäžå®å šãªãã¹ãåã«ä»å ããããã©ã«ããã¡ã€ã³åãŸãã¯ãã¡ã€ã³åãªã¹ããæå®ããããšãå¯èœã§ãã
⢠ãã¡ã€ã³ãªã¹ããååšããªãå Žåãããã©ã«ããã¡ã€ã³åã䜿ãããŸãããã¡ã€ã³ãªã¹ããååšããå Žåã®ã¯ããã©ã«ããã¡ã€ã³åã¯äœ¿çšãããŸããã
⢠æ¬æ©ã® DNSãµãŒããäžå®å šãªãã¹ãåãåä¿¡ãããã¡ã€ã³åãªã¹ããæå®ãããå Žåãæ¬æ©ã¯è¿œå ãããªã¹ãå ã®åãã¡ã€ã³åããã¹ãåã«å ããäžèŽããç¹å®ã®ããŒã ãµãŒãã確èªããŠããã¡ã€ã³ãªã¹ãã«ããåäœããŸãã
⢠äžã€ä»¥äžã®ãµãŒããæå®ãããŠããæããµãŒãã¯å¿çãåä¿¡ãããŸã§ãåã¯ãªã¹ãã®æåŸã«å°éãããŸã§ãã«ãªã¯ãšã¹ããéä¿¡ãç¶ããŸãã
⢠ããŒã ãµãŒããåé€ãããå ŽåãDNSæ©èœã¯èªåã§ç¡å¹ã«ãªããŸãã
èšå®ã»è¡šç€ºé ç®
Domain Lookup Status
DNSãã¹ãåã»ã¢ãã¬ã¹å€æãæå¹ã«ããŸã
Default Domain Name
äžå®å šãªãã¹ãåã«ä»å ããããã©ã«ããã¡ã€ã³åãæå®ããŸã
Domain Name List
äžå®å šãªãã¹ãåã«è¿œå ãããã¡ã€ã³åã®ãªã¹ããèšå®ããŸãã
Name Server List
ãã¡ã€ã³å解決ã®ããã« 1ã€åã¯è€æ°ã®ãã¡ã€ã³ããŒã ãµãŒãã®ã¢ãã¬ã¹ãæå®ããŸãã
èšå®æ¹æ³
[DNS]â [GeneralConfiguration]ãã¯ãªãã¯ããŸããã¢ãã¬ã¹ãªãŸã«ãŒã·ã§ã³ã«äœ¿çšãã 1ã€ä»¥äžã®ãµãŒããæå®ãã[Domain Lookup Status]ã® [Enable]ã«ãã§ãã¯ãå ¥ãã[Apply]ãã¯ãªãã¯ããŸãã
133 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹DNSïŒDomain Name ServiceïŒ
2.13.2 éç DNSãã¹ãã®ã¢ãã¬ã¹ãšã³ããª
DNSããŒãã«ã®ãã¹ãåãš IPã¢ãã¬ã¹ã®ãããã³ã°ã®éçèšå®ãè¡ãªããŸãã
æ©èœè§£èª¬
ãµãŒããä»ã®ãããã¯ãŒã¯æ©åšã¯è€æ°ã® IPã¢ãã¬ã¹ã«ããè€æ°æ¥ç¶ããµããŒãããŠããŸãã2ã€ä»¥äžã® IPã¢ãã¬ã¹ãéçããŒãã«ãããŒã ãµãŒãããã®å¿çã«ãããã¹ãåãšé¢é£ä»ãããå ŽåãDNSã¯ã©ã€ã¢ã³ãã¯æ¥ç¶ã確ç«ãããŸã§åã¢ãã¬ã¹ã«æ¥ç¶ãè©Šã¿ãŸãã
èšå®ã»è¡šç€ºé ç®
Host Name
ãã¹ãåïŒèšå®ç¯å²ïŒ1-64æåïŒ
IP Address
IPã¢ãã¬ã¹ïŒèšå®ç¯å²ïŒ1-8ã¢ãã¬ã¹ïŒ
Alias
IPã¢ãã¬ã¹ïŒèšå®ç¯å²ïŒ1-8ã¢ãã¬ã¹ïŒ
以åã«èšå®ããããšã³ããªãšåãã¢ãã¬ã¹ã«ãããããããã¹ãåã衚瀺
èšå®æ¹æ³
[DNS]â [Static Host Table]ãã¯ãªãã¯ããŸãããã¹ãåãšäžã€ä»¥äžã®ã¢ãã¬ã¹ãå ¥åã[Apply]ãã¯ãªãã¯ããŸãã
134FXC9012F
Webã€ã³ã¿ãã§ãŒã¹DNSïŒDomain Name ServiceïŒ
2.13.3 DNSãã£ãã·ã¥ã®è¡šç€º
DNSãã£ãã·ã¥ã®å 容ã衚瀺ããŸãã
èšå®ã»è¡šç€ºé ç®
No
åãªãœãŒã¹ã¬ã³ãŒãã®ãšã³ããªçªå·Flag
ãã£ãã·ã¥ãšã³ããªã®ãã©ã°ã¯åžžã« "4"
Type
æšæºçåã¯ãã©ã€ããªåãæå®ããããCNAMEããæ¢åã®ãšã³ããªãšåã IPã¢ãã¬ã¹ããããã³ã°ãããŠããå€æ°ã®ãã¡ã€ã³åãæå®ããããALIASã
IP
ã¬ã³ãŒãã«é¢é£ãã IPã¢ãã¬ã¹
TTL
ããŒã ãµãŒãã«ããå ±åãããçåå¯èœæéDomain
ã¬ã³ãŒãã«é¢é£ãããã¡ã€ã³å
èšå®æ¹æ³
[DNS]â [Cache]ãã¯ãªãã¯ããŸãã
135 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹DHCPãµãŒã
2.14 DHCPãµãŒã
2.14.1 DHCPãªã¬ãŒãµãŒãã¹ã®èšå®
èšå®ã»è¡šç€ºé ç®
VLAN ID
èšå®ãè¡ã VLANã® ID
VLAN Name
VLANå
Service IP Address
åªå ã®é ã«ã¹ã€ããã® DHCPãªã¬ãŒãšãŒãžã§ã³ãã«ãã£ãŠäœ¿ããã DHCP ãµãŒããŒã®ã¢ãã¬ã¹ã
èšå®æ¹æ³
[DHCP]â [Relay Configuration]ãã¯ãªãã¯ããŸãã
136FXC9012F
Webã€ã³ã¿ãã§ãŒã¹DHCPãµãŒã
2.14.2 DHCPãµãŒãã®èšå®
èšå®ã»è¡šç€ºé ç®
DHCP Server
ã¹ã€ãã㧠DHCPãµãŒããæå¹ /ç¡å¹åïŒåæèšå®ïŒç¡å¹ïŒ
Excluded Addresses
DHCP ãµãŒããŒã DHCP ã¯ã©ã€ã¢ã³ãã«å²ãåœãŠãã¹ãã§ãªã IP ã¢ãã¬ã¹ãæå®ããŸãã äžã€ã®ã¢ãã¬ã¹ãããã¯ã¢ãã¬ã¹ç¯å²ãæå®ã§ããŸããNew (Excluded Addresses)
é€å€ããã¢ãã¬ã¹ãæ°èŠã«ãšã³ããªããŸãã
èšå®æ¹æ³
[DHCP]â [Server]â [General]ãã¯ãªãã¯ããŸãã
137 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹DHCPãµãŒã
2.14.3 ã¢ãã¬ã¹ããŒã«ã®èšå®
èšå®ã»è¡šç€ºé ç®
Pool Name
ããŒã«åïŒç¯å²ïŒ1-8æåïŒ
IP
DHCPã¢ãã¬ã¹ããŒã«ã® IPã¢ãã¬ã¹
Subnet Mask
ã¢ãã¬ã¹ããŒã«ã®ãµãããããã¹ã¯ã
èšå®æ¹æ³
[DHCP]â [Server]â [Pool Configuration]ãã¯ãªãã¯ããŸãã
138FXC9012F
Webã€ã³ã¿ãã§ãŒã¹DHCPãµãŒã
2.14.4 ã¢ãã¬ã¹ãã€ã³ãã£ã³ã°ã®è¡šç€º
èšå®ã»è¡šç€ºé ç®
IP Address
ãã¹ãã«ã¢ãµã€ã³ããã IPã¢ãã¬ã¹
MAC Address
ãã¹ãã® MACã¢ãã¬ã¹
Lease time
ãã¹ãã«ãã£ãŠäœ¿çšãããç¶ç¶æé
Start time
ã¹ã€ããã«ã¢ãµã€ã³ãããæé
Delete
æå®ãããã€ã³ãã£ã³ã°ãåé€ããŸãã
Entry Count
ã¹ã€ããã«ãã£ãŠã¢ãã¬ã¹ãå²ãåœãŠããããã¹ãã®æ°
èšå®æ¹æ³
[DHCP]â [Server]â [IP Binding]ãã¯ãªãã¯ããŸãã
139 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ã«ãŒã¿åé·
2.15 ã«ãŒã¿åé·
ã«ãŒã¿åé·æ§ãããã³ã«ã¯ããã©ã€ã㪠ã«ãŒã¿ããã³è€æ°ã®ããã¯ã¢ãã ã«ãŒã¿ããµããŒãããããã«ãä»®æ³ IP ã¢ãã¬ã¹ã䜿çšããŸãããã¹ã¿ãŒ ã«ãŒã¿ã«é害ãçºçããæã«ã¯ãŒã¯ããŒããåŒãç¶ãããã«ãããã¯ã¢ãã ã«ãŒã¿ãæ§æããããšãã§ããŸãããŸãããã©ãã£ã㯠ããŒããå ±æããããã«æ§æããããšãã§ããŸããã«ãŒã¿åé·æ§ã®äž»ãªç®çã¯ããã©ã€ã㪠ã²ãŒããŠã§ã€ã®é害çºçæã«ãåºå®ã²ãŒããŠã§ã€ã§æ§æããããã¹ã ããã€ã¹ããããã¯ãŒã¯ ã³ãã¯ãã£ããã£ãä¿æã§ããããã«ããããšã§ãã
2.15.1 VRRP
VRRP ãæ§æããã«ã¯ãã°ã«ãŒãå ã§ãã¹ã¿ãŒä»®æ³ã«ãŒã¿ãšããŠæ©èœãã 1 ã€ã®ã«ãŒã¿äžã®ã€ã³ã¿ãã§ãŒã¹ãéžæããŸãããã®ç©çã€ã³ã¿ãã§ãŒã¹ã¯ãã«ãŒã¿ ã°ã«ãŒãã®ä»®æ³ã¢ãã¬ã¹ãšããŠäœ¿çšãããŸããããã§ãããã¯ã¢ãã ã«ãŒã¿ã«åãä»®æ³ã¢ãã¬ã¹ãšãã©ã€ãªãªãã£ãèšå®ããèªèšŒã¹ããªã³ã°ãæ§æããŸãããŸãããªã³ã©ã€ã³ã«ãªã£ãæã«ãã¹ã¿ãŒã«ãŒã¿ãšããŠåŠçãåŒãç¶ãããšãå¯èœã«ããããªãšã³ããæ©èœããã«ãŒã¿ã§æå¹ã«ããããšãã§ããŸãã
VRRPã°ã«ãŒãã®èšå®
èšå®ã»è¡šç€ºé ç®
VLAN ID
èšå®ãè¡ã VLANã® ID (ç¯å²ïŒ1-4094ã åæèšå®ïŒ1)
VRID
VRRP ã°ã«ãŒãèå¥å (ç¯å²ïŒ1-255)
State
VRRPã«ãŒã¿ããŒã« . (å€ïŒ Masterã Backup)
Virtual Address
ãã®ã°ã«ãŒãã®ä»®æ³ IPã¢ãã¬ã¹
Interval
éç¥ééã®æå®Preemption
çŸåšãã¹ã¿ãŒãšããŠåäœããŠããã«ãŒã¿ãããé«ããã©ã€ãªãªãã£ãæã€ã«ãŒã¿ã VRRP ã°ã«ãŒãã«åå ããæããã®ã«ãŒã¿ããã¹ã¿ãŒä»®æ³ã«ãŒã¿ãšããŠåŠçãåŒãç¶ãããã«æ§æããŸãã
Priority
VRRP ã°ã«ãŒãå ã§ã®ãã®ã«ãŒã¿ã®ãã©ã€ãªãªãã£ãèšå®ããŸãã
AuthType
èªèšŒã¢ãŒã
140FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ã«ãŒã¿åé·
èšå®æ¹æ³
[IP]â [VRRP]â [Group Configuration]ãã¯ãªãã¯ããŸãã
141 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ã«ãŒã¿åé·
2.15.2 VRRP
VRRP ãæ§æããã«ã¯ãã°ã«ãŒãå ã§ãã¹ã¿ãŒä»®æ³ã«ãŒã¿ãšããŠæ©èœãã 1 ã€ã®ã«ãŒã¿äžã®ã€ã³ã¿ãã§ãŒã¹ãéžæããŸãããã®ç©çã€ã³ã¿ãã§ãŒã¹ã¯ãã«ãŒã¿ ã°ã«ãŒãã®ä»®æ³ã¢ãã¬ã¹ãšããŠäœ¿çšãããŸããããã§ãããã¯ã¢ãã ã«ãŒã¿ã«åãä»®æ³ã¢ãã¬ã¹ãšãã©ã€ãªãªãã£ãèšå®ããèªèšŒã¹ããªã³ã°ãæ§æããŸãããŸãããªã³ã©ã€ã³ã«ãªã£ãæã«ãã¹ã¿ãŒ ã«ãŒã¿ãšããŠåŠçãåŒãç¶ãããšãå¯èœã«ããããªãšã³ããæ©èœããã«ãŒã¿ã§æå¹ã«ããããšãã§ããŸãã
VRRPã°ããŒãã«æ å ±ã®è¡šç€º
èšå®ã»è¡šç€ºé ç®
VRRP Packets with Invalid Checksum
ç¡å¹ãª VRRPãã§ãã¯ãµã å€ã§å信蚺ããã VRRPãã±ããã®åèšæ°
VRRP Packets with Unknown Error
ãµããŒãå€ã®ããŒãžã§ã³ã§åä¿¡ããã VRRPãã±ããã®åèšæ°
VRRP Packets with Invalid VRID
ç¡å¹ã¯ VRIDã§åä¿¡ããã VRRPãã±ããã®åèšæ°
The total number of VRRP
packets received with an invalid VRID for this virtual router.
èšå®æ¹æ³
[IP]â [VRRP]â [Global Statistics]ãã¯ãªãã¯ããŸãã
VRRPã°ã«ãŒãæ å ±ã®è¡šç€º
èšå®æ¹æ³
[IP]â [VRRP]â [Group Statistics]ãã¯ãªãã¯ããŸãã
142FXC9012F
Webã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
2.16 IPã«ãŒãã£ã³ã°
æŠèŠ
æ¬æ©ã¯ IPã«ãŒãã£ã³ã°æ©èœããµããŒãããŠãããã«ãŒãã£ã³ã°ãã¹ã®ç®¡çã¯ãéçãªçµè·¯ã®èšå®ïŒP157ïŒããŸã㯠RIPïŒP159ïŒãOSPFïŒP166ïŒã®åçãªèšå®ã«ããå¯èœã«ãªããŸããIPã«ãŒãã£ã³ã°æ©èœãæå¹ã«èšå®ããŠãããšãæ¬æ©ã¯ã¯ã€ã€ã¹ããŒããå®çŸããã«ãŒã¿åæ§ã«åäœãããããç°ãªã IPã€ã³ã¿ãã§ãŒã¹ãä»ãã VLANééä¿¡ããå€éš IPãããã¯ãŒã¯ãžã®ãã©ãã£ãã¯ã®ã«ãŒãã£ã³ã°ãè¡ããŸããããããæ¬æ©ã®åæèšå®ã§ã¯ã«ãŒãã£ã³ã°æ©èœã¯èšå®ãããŠããŸãããã«ãŒãã£ã³ã°æ©èœã䜿çšããã«ã¯ãæ¢åã®ã«ãŒã¿è£œåã®ããã«ãæåã«ãããã®èšå®ãè¡ãå¿ èŠããããŸãã
åæèšå®
å·¥å Žåºè·æã®èšå®ã§ã¯ãããŒãã¯ãã¹ãŠåäžã® VLANã«æå±ããã¬ã€ã€ 2æ©èœã®ã¿ã䜿çšããããã«ãªã£ãŠããŸãããã®ããããŸããåãŠãŒã¶ã°ã«ãŒããŸãã¯ãã©ãã£ãã¯ã®ã¢ããªã±ãŒã·ã§ã³å¥ã« VLANãäœæããåãã°ã«ãŒãã«æå±ãããã¹ãŠã®ããŒããå VLANã«å²ãåœãŠãããããå VLANã« IPã€ã³ã¿ãã§ãŒã¹ãèšå®ããå¿ èŠããããŸãããããã¯ãŒã¯ãè€æ°ã®ç°ãªã VLANã«åããããšã«ãã£ãŠãã¬ã€ã€ 2ã¬ãã«ã§åå²ãããŠãããµããããã¯ãŒã¯ã§åããããšãã§ããŸããåäžãµããããå ã§ããåãããããã©ãã£ãã¯ã¯ãã¬ã€ã€ 2ã®ã¹ã€ããã³ã°æ©èœã䜿çšããŠéä¿¡ãããŸãããããŠãå¿ èŠãªå Žåã«ã¯ãã¬ã€ã€ 3ã®ã¹ã€ããã³ã°æ©èœã䜿çšã㊠VLANééä¿¡ãã§ããããšã«ãªããŸãã
å VLANã¯ã¬ã€ã€ 3ã§ã®ä»®æ³çãªã€ã³ã¿ãã§ãŒã¹ã«çžåœããŸãããã®ä»®æ³ã€ã³ã¿ãã§ãŒã¹ã«å¯ŸããŠãããã¯ãŒã¯ã¢ãã¬ã¹ãèšå®ãããããã°ããã©ãã£ãã¯ã¯ãç°ãªããµããããéã§ã¬ã€ã€ 3ã¬ãã«ã§ã«ãŒãã£ã³ã°ãããããã«ãªããŸãã
2.16.1 IPã¹ã€ããã³ã°
IPã¹ã€ããã³ã°ïŒãã±ããã®ãã©ã¯ãŒãã£ã³ã°ïŒã¯ãåŸæ¥ã®ã«ãŒãã£ã³ã°åæ§ãã¬ã€ã€ 2ããã³ã¬ã€ã€ 3ã®äž¡æ¹ã§ããã±ããããã©ã¯ãŒãã£ã³ã°ããã®ã«å¿ èŠãªåŠçã®å šäœã®ããšã瀺ããŠããŸãã
IPã¹ã€ããã³ã°ã«ã¯ãäŸãã°æ¬¡ã®æ©èœãå«ãŸããŸãã
⢠ã¬ã€ã€ 2ã®ãã©ã¯ãŒãã£ã³ã°ïŒã¹ã€ããã³ã°ïŒãã¬ã€ã€ 2ã®ãã£ã¹ãã£ããŒã·ã§ã³ MACã¢ãã¬ã¹ã«åºã¥ãã
⢠ã¬ã€ã€ 3ã®ãã©ã¯ãŒãã£ã³ã°ïŒã«ãŒãã£ã³ã°ïŒã
ïŒ ã¬ã€ã€ 3ã®ãã£ã¹ãã£ããŒã·ã§ã³ã¢ãã¬ã¹ã«åºã¥ãã
ïŒ åãããã§ãã£ã¹ãã£ããŒã·ã§ã³ /ãœãŒã¹ MACã¢ãã¬ã¹ã眮ãæãããïŒ ãããã«ãŠã³ãã 1ã€å¢ããã
ïŒ çåæéã 1ã€æžãããïŒ ã¬ã€ã€ 3ãã§ãã¯ãµã ã®æ€èšŒãšåèšç®ãè¡ãã
ãã£ã¹ãã£ããŒã·ã§ã³ããŒãããœãŒã¹ãšåããµããããã«æå±ããå Žåããã±ããã¯ãã«ãŒã¿ãçµç±ããçŽæ¥éä¿¡ãããŸãããã ãããã±ããã® MACã¢ãã¬ã¹ãã¹ã€ããã§èªèãããŠããªãå Žåããã£ã¹ãã£ããŒã·ã§ã³ IPã¢ãã¬ã¹ãå«ã ARPïŒAddress Resolution ProtocolïŒãã±ããããããŒããã£ã¹ãããããã£ã¹ãã£ããŒã·ã§ã³ããŒããããã£ã¹ãã£ããŒã·ã§ã³ MACã¢ãã¬ã¹ãååŸããŸãããããŠããã±ããã¯çŽæ¥ãã£ã¹ãã£ããŒã·ã§ã³ MACã¢ãã¬ã¹ã§éä¿¡ãããŸãã
ãã£ã¹ãã£ããŒã·ã§ã³ããŒããæ¬æ©ãšã¯å¥ã®ãµããããã«æå±ããå Žåããã±ããã¯ãã£ã¹ãã£ããŒã·ã§ã³ããŒãã«çŽæ¥ã«ãŒãã£ã³ã°ãããŸãããã ãããã±ãããæ¬æ©ãæå±ããŠããªããµããããã®ãã®ã§ããå ŽåãïŒã«ãŒã¿èªäœã® MACã¢ãã¬ã¹ããã£ã¹ãã£ããŒã·ã§ã³ MACã¢ãã¬ã¹ãšããŠããŸããã£ã¹ãã£ããŒã·ã§ã³ããŒãã®ãã£ã¹ãã£ããŒã·ã§ã³ IPã¢ãã¬ã¹ã䜿çšããŠïŒãã±ããã¯ã«ãŒã¿ã«éä¿¡ãããŸããã«ãŒã¿ã¯æ£åœãªãã¹ãçµç±ããŠãã£ã¹ãã£ããŒã·ã§ã³ããŒãå®ãŠã«ãã±ããããã©ã¯ãŒãã£ã³ã°ããŸããã«ãŒã¿ã¯ãå¿ èŠã«å¿ã㊠ARPãããã³ã«ã䜿çšããé£æ¥ã«ãŒã¿ã®ãã£ã¹ãã£ããŒã·ã§ã³ããŒãã® MACã¢ãã¬ã¹ãååŸããããšãã§ããŸãã
143 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
[ 泚æ ]ãIP ã¹ã€ããã³ã°ãå®çŸããããã«ã¯ãæ¬æ©ãä»ã®ãããã¯ãŒã¯ããŒããã IP ã«ãŒã¿ãšããŠèªèãããå¿ èŠããããŸãããã®ããã«ã¯ãæ¬æ©ã«ããã©ã«ãã²ãŒããŠã§ã€ãèšå®ããã ICMPããã»ã¹ã§ä»ã®ã«ãŒã¿ãããªãã€ã¬ã¯ããããããšãå¿ èŠã§ãã
MACã¢ãã¬ã¹ãå«ã IPãã±ãããæ¬æ©ãåä¿¡ãããšããã±ããã¯ã¬ã€ã€ 3ã§ã®ã«ãŒãã£ã³ã°ããã»ã¹ã«ç§»è¡ããŸãããã£ã¹ãã£ããŒã·ã§ã³ IPã¢ãã¬ã¹ã¯ã¬ã€ã€ 3ã®ã¢ãã¬ã¹ããŒãã«ã§ãã§ãã¯ãããŸãããã®ã¢ãã¬ã¹ãã¢ãã¬ã¹ããŒãã«ã«ç»é²ãããŠããªãå Žåãæ¬æ©ã¯ ARPãã±ããããã£ã¹ãã£ããŒã·ã§ã³ VLANã®ãã¹ãŠã®ããŒãã«åããŠãããŒããã£ã¹ããããã£ã¹ãã£ããŒã·ã§ã³ MACã¢ãã¬ã¹ã®ååŸãè©Šã¿ãŸããMACã¢ãã¬ã¹ãååŸã§ãããšããã±ããã®åæ§ç¯ãè¡ããããã£ã¹ãã£ããŒã·ã§ã³ãžéä¿¡ãããŸãããã±ããã®åæ§ç¯ããã»ã¹ã§ã¯ IPãããã® TTLïŒTime-To-LiveïŒãã£ãŒã«ãã®åæžãIPãããã®ãã§ãã¯ãµã ã®åèšç®ãããã³ãã£ã¹ãã£ããŒã·ã§ã³ MACã¢ãã¬ã¹ã®ïŒãã£ã¹ãã£ããŒã·ã§ã³ããŒãã® MACã¢ãã¬ã¹ããé£æ¥ã«ãŒã¿ã® MACã¢ãã¬ã¹ãžã®ïŒçœ®ãæãããããŸãã
åãããŒãå®ã®å¥ã®ãã±ãããåä¿¡ããå Žåãã¬ã€ã€ 3ã®ã¢ãã¬ã¹ããŒãã«ããçŽæ¥ MACã¢ãã¬ã¹ãååŸã§ããããããã±ããã¯ããã«åæ§ç¯ãããŠãã£ã¹ãã£ããŒã·ã§ã³ããŒãã«éä¿¡ãããŸããã¬ã€ã€ 3ã®ã¢ãã¬ã¹ããŒãã«ã«ãã£ã¹ãã£ããŒã·ã§ã³ã¢ãã¬ã¹ããã§ã«ç»é²ãããŠããå ŽåãIPã¹ã€ããã³ã°ã¯ã¯ã€ã€ã¹ããŒãã§åŠçããããšãã§ããŸãã
æ¬æ©ãããã¬ãŒã ã®ã«ãŒãã£ã³ã°ãå¿ èŠãšå€æããå Žåãéä¿¡çµè·¯ã®èšç®ã¯ã»ããã¢ããå ã§ã®ã¿è¡ãããŸãã1床çµè·¯ã決å®ããããšããã®æç¹ã§åŠçäžã®ãã¹ãŠã®ãã±ããã¯éžæããããã¹ãžã¹ã€ããã³ã°ïŒãã©ã¯ãŒãã£ã³ã°ïŒãããã ãã«ãªããŸãããã®æ¹æ³ã¯ã1床ãã¹ã®èšç®ãå®äºããããã©ãã£ãã¯ã¯ã«ãŒãã£ã³ã°ãšã³ãžã³ãè¿åããããšãã§ããããã«ãªããããé 延ãæããé«ãã¹ã«ãŒããããåŸãããããšãå©ç¹ã§ãã
ã«ãŒãã£ã³ã°ãã¹ã®ç®¡ç
ã«ãŒãã£ã³ã°ãã¹ã®ç®¡çã§ã¯ããã±ããã®ãã©ã¯ãŒãã£ã³ã°ã«å¿ èŠãªããã¹ãŠã®ã«ãŒãã£ã³ã°æ å ±ã®æ±ºå®ãšã¢ããããŒããè¡ããŸããããã«ã¯ã以äžãå«ãŸããŸãã
⢠ã«ãŒãã£ã³ã°ãããã³ã«ã®åŠçã
⢠ã«ãŒãã£ã³ã°ããŒãã«ã®ã¢ããããŒãã
⢠ã¬ã€ã€ 3ã®ã¹ã€ããã³ã°ããŒã¿ããŒã¹ã®ã¢ããããŒãã
ã«ãŒãã£ã³ã°ãããã³ã«
æ¬æ©ã¯ãéçãªã«ãŒãã£ã³ã°ãšåçãªã«ãŒãã£ã³ã°ã®äž¡æ¹ããµããŒãããŠããŸãã
⢠éçãªã«ãŒãã£ã³ã°ã«ã¯ãæäœæ¥ã«ããããããã¯æ¬æ©ä»¥å€ã®ã¢ããªã±ãŒã·ã§ã³ã§æ¥ç¶ãèšå®ãããããšã«ãããæ¬æ©å ã«ã«ãŒãã£ã³ã°æ å ±ãä¿åãããå¿ èŠããããŸãã
⢠åçã«ãŒãã£ã³ã°ã«ã¯ã«ãŒãã£ã³ã°ãããã³ã«ãå¿ èŠã§ãããã«ããã«ãŒãã£ã³ã°æ å ±ã®äº€æãã«ãŒãã£ã³ã°ããŒãã«ã®èšç®ãããã³ãããã¯ãŒã¯æ å ±ã®èªã¿èŸŒã¿ãã¹ããŒã¿ã¹ã®å€åãžã®å¯Ÿå¿ãè¡ããŸãã
IPã€ã³ã¿ãã§ãŒã¹ã®åºæ¬çãªèšå®
ç°ãªã IPãµãããããšéä¿¡ããããã«ã¯ãæ¬ã»ã¯ã·ã§ã³ã«ç€ºããããã« IPã«ãŒãã£ã³ã°ãæå¹ã«ããå¿ èŠããããŸããããã«ãæ¬æ©ã«çŽæ¥æ¥ç¶ããå IPãµããããã® VLANãå®çŸ©ããŸããP104 ãVLANã®äœæãã«åŸãããŸã VLANãäœæããããããåãµããããã®èšå®ãè¡ããªããŠã¯ãªããªãããšã«æ³šæãå¿ èŠã§ãããŸããã€ã³ãã³ãã§æ¬æ©ã管çããå Žåã¯ãæäœ 1ã€ã® VLANã« IPãµããããã¢ãã¬ã¹ãå®çŸ©ããªããŠã¯ãªããŸããã
144FXC9012F
Webã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
èšå®ã»è¡šç€ºé ç®
IP Routing Status
æ¬æ©ããã¬ã€ã€ 2ã¹ã€ãããŸãã¯ãã«ãã¬ã€ã€ã«ãŒãã£ã³ã°ã¹ã€ããã®ã©ã¡ãã§åäœããããèšå®ããŸããïŒéžæè¢ïŒç¡å¹ïŒã¬ã€ã€ 2ã®ã¹ã€ããã³ã°ã®ã¿ã«éå®ïŒãæå¹ïŒç¶æ³ã«å¿ããŠãã«ãã¬ã€ã€ïŒã¬ã€ã€ 2ããã³ã¬ã€ã€ 3ïŒã§åäœïŒïŒ
ïŒãã®ã³ãã³ãã¯ãéç /åçäž¡æ¹ã®ãŠããã£ã¹ãã«ãŒãã£ã³ã°ã«åœ±é¿ããŸãã
ïŒ IPã«ãŒãã£ã³ã°ãæå¹ã«ãããšããã¹ãŠã® IPãã±ããã¯éçã«ãŸãã¯RIPã«ããåçã«ã«ãŒãã£ã³ã°ãããé IPãããã³ã«ïŒNetBueiãNetWareãAppleTalkãªã©ïŒã®ãã±ããã¯MACã¢ãã¬ã¹ã§ã¹ã€ããã³ã°ãããŸããIPã«ãŒãã£ã³ã°ãç¡å¹ã«ãããšããã¹ãŠã®ãã±ããã¯ãMACã¢ãã¬ã¹ã®ã¿ã§ãã£ã«ã¿ãªã³ã°ãšãã©ã¯ãŒãã£ã³ã°ãããŠã¹ã€ããã³ã°ãããŸãã
Default Gateway
äŸãã°ãã«ãŒãã£ã³ã°ããŒãã«ã®ãšã³ããªã«ååšããªããã±ãããªã©ããã¹ãŠã®äžæãªãµããããå®ãŠã®ãã±ãããæž¡ãã«ãŒãã£ã³ã°ããã€ã¹ãèšå®ããŸããïŒæå¹ãª IPã¢ãã¬ã¹ã®åœ¢åŒã¯ãããªãªãã§åºåããã 0ïœ 255ã® 4ã€ã®æ°åããæ§æãããŠããŸãïŒ
èšå®æ¹æ³
[IP] â [General] â [Global Settings]ãã¯ãªãã¯ããŸããIP Routing Statusã® Enabledã«ãã§ãã¯ãå ¥ããªãå Žåãã¬ã€ã€ 2ã§ã®åäœã«éå®ããŸããEnabledã«ãã§ãã¯ãå ¥ãããšããã«ãã¬ã€ã€ã§ã®ã¹ã€ããã³ã°ãè¡ããŸããäžæãªãµããããå®ãŠã®ãã±ããããã©ã¯ãŒãã£ã³ã°ããããã©ã«ãã²ãŒããŠã§ã€ïŒDefault GatewayïŒãèšå®ããŸãã[Apply] ãã¯ãªãã¯ããŸãã
145 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
IPã«ãŒãã£ã³ã°ã€ã³ã¿ãã§ãŒã¹ã®èšå®
æ¬æ©ã«æ¥ç¶ããŠãã IPãµããããã¯ãå VLANã® IPã¢ãã¬ã¹ãæäœæ¥ã«ããèšå®ããæ¹æ³ãããŸã㯠RIPã«ããåçãªãããã³ã«ã䜿çšããŠãããã¯ãŒã¯ã®ä»ã®ã«ãŒã¿ãšãããã³ã«ã¡ãã»ãŒãžãããåãããããšã«ãããä»ã®ã€ã³ã¿ãã§ãŒã¹ãžã®çµè·¯ãç¹å®ããæ¹æ³ã®ããããã§èšå®ã§ããŸãã
æ©èœè§£èª¬
⢠æ¬æ©ã«ãšã³ãããŒãã®ããã€ã¹ãçŽæ¥æ¥ç¶ããŠããå ŽåïŒãŸãã¯å ±æã¡ãã£ã¢ãä»ããŠãšã³ãããŒããæ¥ç¶ããŠããå ŽåïŒãããã«ã¯ç¹å®ã®ãµãããããå²ãåœãŠããããããã«ãŒãã£ã³ã°ããµããŒãããããå VLANã«å¯ŸããŠã«ãŒãã£ã³ã°ã€ã³ã¿ãã§ãŒã¹ãäœæããå¿ èŠããããŸããã«ãŒãã£ã³ã°ã€ã³ã¿ãã§ãŒã¹ã¯ IPã¢ãã¬ã¹ãšãµãããããã¹ã¯ããæ§æãããŸãããã®ã€ã³ã¿ãã§ãŒã¹ã®ã¢ãã¬ã¹ã¯ãã«ãŒãã£ã³ã°ã€ã³ã¿ãã§ãŒã¹ãæ¥ç¶ãããããã¯ãŒã¯çªå·ãšãã®ãããã¯ãŒã¯ã«æå±ããã«ãŒã¿ã®ãã¹ãçªå·ã®äž¡æ¹ãå®çŸ©ãããã®ã§ããã€ãŸããã«ãŒãã£ã³ã°ã€ã³ã¿ãã§ãŒã¹ã®ã¢ãã¬ã¹ã¯ãã€ã³ã¿ãã§ãŒã¹ã«æ¥ç¶ããã»ã°ã¡ã³ãã®ãããã¯ãŒã¯çªå·ããã³ãµããããçªå·ã§ãããããã«ããã«ãŒã¿ãš IPãã±ããã®éåä¿¡ãã§ããããã«ãªããŸãã
⢠æ¬æ©ã®ãããã¯ãŒã¯ã€ã³ã¿ãã§ãŒã¹ãèšå®ããåã«ããŸãåãŠãŒã¶ã°ã«ãŒãã«å¯ŸããŠããŸãã¯åãããã¯ãŒã¯ã¢ããªã±ãŒã·ã§ã³ãšããã«é¢äžãããŠãŒã¶ã«å¯ŸããŠãããããã« VLANãäœæããªããŠã¯ãªããŸããã
èšå®ã»è¡šç€ºé ç®
VLAN
èšå®ãã VLANã® IDïŒ1-4094ïŒ
IP Address Mode
ãã®ã€ã³ã¿ãã§ãŒã¹ã® IPã¢ãã¬ã¹ãéçã«èšå®ãããããŸãã¯ãããã¯ãŒã¯ã¢ãã¬ã¹ãµãŒãããååŸããã®ããèšå®ããŸããïŒéžæè¢ïŒStaticãDHCPïŒDynamic Host Configuration ProtocolïŒãBOOTPïŒBoot ProtocolïŒãåæèšå®ïŒStaticïŒ
ïŒ IP Address Modeã§StaticãéžæãããšãIPã¢ãã¬ã¹ããã®VLANã§ãã©ã€ããªãã»ã«ã³ããªãã®èšå®ãå¿ èŠã«ãªããŸãã1ã€ã®ã€ã³ã¿ãã§ãŒã¹ã«ã¯ãã©ã€ã㪠IPã¢ãã¬ã¹ã1ã€ã®ã¿ãã»ã«ã³ã㪠IPã¢ãã¬ã¹ã¯è€æ°èšå®ã§ããŸããã€ãŸãããã®ã€ã³ã¿ãã§ãŒã¹çµç±ã§è€æ°ã® IPãµãããããã¢ã¯ã»ã¹ã§ããããã«ããã«ã¯ãã»ã«ã³ããªã¢ãã¬ã¹ãèšå®ããå¿ èŠããããŸãã
ïŒ DHCPãŸã㯠BOOTPãéžæãããšãã¢ãã¬ã¹ãµãŒãããã®å¿çãåä¿¡ããŠåããŠãIPã¹ã€ããã³ã°æ©èœãåäœããããã«ãªããŸããIPã¢ãã¬ã¹ãèŠæ±ãããªã¯ãšã¹ãã¯æ¬æ©ããåšæçã«ãããŒããã£ã¹ããããŸããïŒDHCP/BOOTPã«ãIPã¢ãã¬ã¹ãšãµãããããã¹ã¯ãå«ãŸããŸãïŒ
IP Address
VLANã€ã³ã¿ãã§ãŒã¹ã® IPã¢ãã¬ã¹ãïŒæå¹ãª IPã¢ãã¬ã¹ã®åœ¢åŒã¯ãããªãªãã§åºåããã 0ïœ 255ã® 4ã€ã®æ°åããæ§æãããŠããŸãïŒ
Subnet Mask
ãµãããããã¹ã¯ã¯ãç¹å®ã®ãµããããã«ã«ãŒãã£ã³ã°ããããã«äœ¿çšãããã¹ãã¢ãã¬ã¹ã®ããããèå¥ããŸãã
146FXC9012F
Webã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
èšå®æ¹æ³
[IP] â [General] â [Routing Interface] ãã¯ãªãã¯ããŸããä»ã®ãµãããããžã®ã«ãŒãã£ã³ã°ããµããŒãããå VLANã«å¯Ÿãã1ã€ã® IPã€ã³ã¿ãã§ãŒã¹ãèšå®ããŸãããŸããã©ã€ããªã® IPã¢ãã¬ã¹ãèšå®ãã[Set IP Configuration] ãã¯ãªãã¯ããŸããè€æ°ã®ã»ã«ã³ã㪠IPã¢ãã¬ã¹ãèšå®ããå Žåã¯ã1床㫠1ã€ãã€å ¥åããŸãããããŠãåã¢ãã¬ã¹ã®å ¥ååŸã« [Set IP Configuration] ãã¿ã³ãã¯ãªãã¯ããŸãã
147 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
2.16.2 ARP
IPã«ãŒãã£ã³ã°æ©èœãæå¹ã«èšå®ãããŠããå ŽåïŒP17-5ïŒãçµè·¯ã®æ±ºå®ã®ããã«ã«ãŒãã£ã³ã°ããŒãã«ã䜿çšãããARPïŒAddress Resolution ProtocolïŒã䜿çšããŠããããã次ã®ããããžãã©ãã£ãã¯ããã©ã¯ãŒãã£ã³ã°ããŸããARP㯠IPã¢ãã¬ã¹ãç©çã¬ã€ã€ã®ã¢ãã¬ã¹ïŒMACã¢ãã¬ã¹ïŒã«ãããã³ã°ãããããã³ã«ã§ããIPã®ãã¬ãŒã ãã«ãŒãã£ã³ã°ã€ã³ã¿ãã§ãŒã¹ïŒãŸãã¯æšæºã«æºæ ããã«ãŒã¿ïŒã§åä¿¡ããããšãARPã®ãã£ãã·ã¥ããããã£ã¹ãã£ããŒã·ã§ã³ IPã¢ãã¬ã¹ã«ããã MACã¢ãã¬ã¹ããŸãæ€çŽ¢ããŸããIPã¢ãã¬ã¹ãèŠã€ãã£ãå Žåãæ¬æ©ã¯ãã¬ãŒã ãããã®é©åãªãã£ãŒã«ãã« MACã¢ãã¬ã¹ãæžã蟌ã¿ããã¯ã¹ãããããžåããŠãã¬ãŒã ããã©ã¯ãŒãã£ã³ã°ããŸãããã®ããã«ãå®å ã«åããŠåã«ãŒãã£ã³ã°ããã€ã¹ã§ãã£ã¹ãã£ããŒã·ã§ã³ IPã¢ãã¬ã¹ãšãã¯ã¹ããããã® MACã¢ãã¬ã¹ã®ãããã³ã°ãè¡ããªãããæçµã®ãã£ã¹ãã£ããŒã·ã§ã³ã«ãã±ãããé éããããŸã§ IPãã±ããã¯ãã¹ã«åŸã£ãŠæž¡ãããŸãã
ARPã®ãã£ãã·ã¥ã« IPã¢ãã¬ã¹ãšã³ããªããªãå Žåãæ¬æ©ã¯ ARPãªã¯ãšã¹ããã±ãããåäžãããã¯ãŒã¯äžã®ãã¹ãŠã®ããã€ã¹ã«åããŠãããŒããã£ã¹ãããŸããARPãªã¯ãšã¹ãã¯æ¬¡ã®äŸã«ç€ºããããªãã£ãŒã«ããå«ã¿ãŸãã
ããã€ã¹ããªã¯ãšã¹ããåä¿¡ããéãããã€ã¹èªèº«ã®ã¢ãã¬ã¹ãšã¡ãã»ãŒãžã®ãã£ã¹ãã£ããŒã·ã§ã³ IPã¢ãã¬ã¹ãšãäžèŽããŠããªãå Žåããã®ãã±ããã¯ç Žæ£ãããŸããããããäžèŽããå Žåã¯ãèªèº«ã®ããŒããŠã§ã¢ã¢ãã¬ã¹ããã£ã¹ãã£ããŒã·ã§ã³ MACã¢ãã¬ã¹ãã£ãŒã«ãã«æžã蟌ã¿ããœãŒã¹ã®ããŒããŠã§ã¢ã¢ãã¬ã¹å®ãŠã«ã¡ãã»ãŒãžãè¿ä¿¡ããŸãããœãŒã¹ããã€ã¹ããã®ãªãã©ã€ãåä¿¡ãããšããã£ã¹ãã£ããŒã·ã§ã³ IPã¢ãã¬ã¹ãšããã«å¯Ÿå¿ãã MACã¢ãã¬ã¹ããã£ãã·ã¥ã«æžã蟌ã¿ããã¯ã¹ããããã« IPãã±ããããã©ã¯ãŒãã£ã³ã°ããŸãããã®ãšã³ããªãã¿ã€ã ã¢ãŠããè¿ããªãéãããã®ãã£ã¹ãã£ããŒã·ã§ã³ã«ã€ããŠã¯ãæ¬æ©ã¯æ°ãã« ARPãªã¯ãšã¹ãããããŒããã£ã¹ãããããšãªãããã¯ã¹ããããã«çŽæ¥ãã©ãã£ãã¯ããã©ã¯ãŒãã£ã³ã°ã§ããŸãã
ãããã· ARP
æ¥ç¶ããŠãããµããããã«æå±ããããŒããã«ãŒãã£ã³ã°ã®èšå®ãŸãã¯ããã©ã«ãã²ãŒããŠã§ã€ã®èšå®ããããŠããªãå Žåããããã· ARPã§ãªã¢ãŒãã®ãµãããããž ARPãªã¯ãšã¹ãããã©ã¯ãŒãã£ã³ã°ã§ããŸããæ¬æ©ã§ãããã· ARPãæå¹ã«èšå®ãããŠããããªã¢ãŒããããã¯ãŒã¯ã® ARPãªã¯ãšã¹ããåä¿¡ãããšãæ¬æ©ã¯ãªã¢ãŒããããã¯ãŒã¯ãžã®æè¯ã®çµè·¯æ å ±ãææããŠãããæ€èšãããªã¯ãšã¹ããéä¿¡ããŠããããŒããžèªèº«ã® MACã¢ãã¬ã¹ãè¿ä¿¡ããããšã«ããARPãªã¯ãšã¹ãã«å¿çããŸããããŒãã¯æ¬æ©ãžããŒã¿ãéä¿¡ããŸãããèšãæãããšæ¬æ©èªèº«ã®ã«ãŒãã£ã³ã°ããŒãã«ã䜿çšããŠãã±ããããªã¢ãŒããã£ã¹ãã£ããŒã·ã§ã³ã«ãã©ã¯ãŒãã£ã³ã°ããããšã«ãªããŸãã
ãã£ã¹ãã£ããŒã·ã§ã³ IPã¢ãã¬ã¹ 10.1.0.19
ãã£ã¹ãã£ããŒã·ã§ã³ MACã¢ãã¬ã¹ ïŒ
ãœãŒã¹ IPã¢ãã¬ã¹ 10.1.0.253
ãœãŒã¹ MACã¢ãã¬ã¹ 00-00-ab-cd-00-00
148FXC9012F
Webã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
ARPã®åºæ¬çãªèšå®
ARPã® Generalèšå®ã¡ãã¥ãŒã䜿çšããARPãã£ãã·ã¥ãšã³ããªã®ã¿ã€ã ã¢ãŠãèšå®ããç¹å®ã® VLANã€ã³ã¿ãã§ãŒã¹ã®ãããã· ARPãæå¹ã«èšå®ããŸãã
æ©èœè§£èª¬
⢠ãšãŒãžã³ã°ã¿ã€ã ã¯åçãªãšã³ããªããã£ãã·ã¥ã«ä¿æãããæéçãªé·ãã決å®ããŸããã¿ã€ã ã¢ãŠããçãããå Žåãæ¬æ©ã¯ããŒãã«ããåé€ãããã°ããã®ã¢ãã¬ã¹ãæ±ããŠäœåºŠã ARPãªã¯ãšã¹ããéä¿¡ããããšã«ãªãã®ã§ããªãœãŒã¹ãæ¶èããå¯èœæ§ããããŸãã
⢠ãããã· ARPã䜿çšãããšã³ãã¹ããŒã·ã§ã³ã¯ããããã¯ãŒã¯å šäœãåäžã®ãããã¯ãŒã¯ãšããŠèªèããŠããå¿ èŠããããŸãããããã£ãŠãåããŒãã¯æ¬æ©ãŸãã¯æ¬æ©ãšåçã®ãããã¯ãŒã¯ããã€ã¹ã䜿çšããŠãããµãããããã¹ã¯ãããå°ããªãµãããããã¹ã¯ã䜿çšããŠããªããŠã¯ãªããŸããã
⢠ãããã· ARPã®äœ¿çšãå€ããšæ¬æ©ã®ããã©ãŒãã³ã¹ãäœäžããŸããå€çšã«ãã ARPãã©ãã£ãã¯ãå¢ããARPã¢ãã¬ã¹ããŒãã«ã®å¢å€§ã«ãšããªã£ãŠæ€çŽ¢ã«æéããããããã«ãªãããã§ãã
èšå®ã»è¡šç€ºé ç®
Timeout
ARPãã£ãã·ã¥ã«ä¿åãããåçãªãšã³ããªã®ãšãŒãžã³ã°ã¿ã€ã ãèšå®ããŸããïŒç¯å²ïŒ300-86400ç§ãåæèšå®ïŒ1200ç§ïŒ
Proxy ARP
éžæãã VLANã€ã³ã¿ãã§ãŒã¹ã®ãããã· ARPã«ã€ããŠãæå¹ãŸãã¯ç¡å¹ãèšå®ããŸãã
èšå®æ¹æ³
[IP] â [ARP] â [General] ãã¯ãªãã¯ããŸããARPãã£ãã·ã¥ã®ã¿ã€ã ã¢ãŠãå€ãé©åã«èšå®ããã«ãŒãã£ã³ã°æ©èœãããã©ã«ãã²ãŒããŠã§ã€ãæããªããµããããã¯ãŒã¯ã®ãããã·ARPãæå¹ã«èšå®ããŸãã [Apply] ãã¯ãªãã¯ããŸãã
149 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
éç㪠ARPã¢ãã¬ã¹ã®èšå®
ARPãªã¯ãšã¹ãã«å¿çããªãããã€ã¹ã¯ãIPã¢ãã¬ã¹ãš MACã¢ãã¬ã¹ãšã®ãããã³ã°ãã§ããªãããããã±ããã¯ç Žæ£ãããŸãããã®ãããªå Žåãæäœæ¥ã§ãARPãã£ãã·ã¥ã«IPã¢ãã¬ã¹ãšããã«å¯Ÿå¿ãã MACã¢ãã¬ã¹ãšã®ãããã³ã°æ å ±ãèšå®ããããšãã§ããŸãã
æ©èœè§£èª¬
⢠ARPãã£ãã·ã¥ã«ã¯æ倧 128ãšã³ããªãéçã«èšå®ã§ããŸãã
⢠éçãªãšã³ããªã¯ãäžå®ã®æéãçµéãããšãèªåçã«æ¶å»ãããããé»æºããªã»ããããå Žåã§ãæ¶å»ãããŸãããéçãªãšã³ããªã¯èšå®ã€ã³ã¿ãã§ãŒã¹ããã®ã¿æ¶å»ã§ããŸãã
èšå®ã»è¡šç€ºé ç®
IP Address
MACã¢ãã¬ã¹ãšã®ãããã³ã°ãè¡ã IPã¢ãã¬ã¹ãïŒæå¹ãª IPã¢ãã¬ã¹ã®åœ¢åŒã¯ãããªãªãã§åºåããã 0ïœ 255ã® 4ã€ã®æ°åããæ§æãããŠããŸãïŒ
MAC Address
IPã¢ãã¬ã¹ã«å¯Ÿå¿ãããéçã«ãããã³ã°ãã MACã¢ãã¬ã¹ãïŒæå¹ãª MACã¢ãã¬ã¹ã¯16é²æ°ã§ã圢åŒã¯ xx-xx-xx-xx-xx-xxã§ãïŒ
Entry Count
ARPãã£ãã·ã¥ã«ä¿åãããŠããéçãªãšã³ããªã®æ°ã
èšå®æ¹æ³
[IP] â [ARP] â [Static Addresses] ãã¯ãªãã¯ããŸããIPã¢ãã¬ã¹ãšããã«å¯Ÿå¿ãã MACã¢ãã¬ã¹ãå ¥åããŸãã[Apply] ãã¯ãªãã¯ããŸãã
150FXC9012F
Webã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
åçã«åŠç¿ããã ARPãšã³ããªã®è¡šç€º
IPã¢ãã¬ã¹ãšãããã«å¯Ÿå¿ãã MACã¢ãã¬ã¹ããããã³ã°ãããåãšã³ããªããARPãã£ãã·ã¥ã«ä¿åãããŠããŸãããšã³ããªã®ã»ãšãã©ã¯ãããŒããã£ã¹ãã¡ãã»ãŒãžããã®å¿çã«ããåçã«åŠç¿ããããã®ã§ããARPãã£ãã·ã¥ã«ä¿åãããŠãããã¹ãŠã®åçãšã³ããªã衚瀺ããããç¹å®ã®åçãšã³ããªãéçãªãšã³ããªã«å€æŽãããããã£ãã·ã¥ãããã¹ãŠã®åçãªãšã³ããªãåé€ãããã§ããŸãã
èšå®ã»è¡šç€ºé ç®
IP Address
ãã£ãã·ã¥ã«ä¿åãããŠããåçãšã³ããªã® IPã¢ãã¬ã¹ã
MAC Address
IPã¢ãã¬ã¹ã«ãããã³ã°ãããŠãã MACã¢ãã¬ã¹ã
Interface
ã¢ãã¬ã¹ãšã³ããªã«é¢é£ä»ããããŠãã VLANã€ã³ã¿ãã§ãŒã¹ã
Dynamic to Static*
éžæããåçãšã³ããªãéçãšã³ããªã«å€æŽããŸãã
Clear All *
ARPãã£ãã·ã¥ãããã¹ãŠã®åçãšã³ããªãåé€ããŸãã
Entry Count
ARPãã£ãã·ã¥ã«ä¿åãããŠããåçãšã³ããªã®æ°ã
*ãããã®ãã¿ã³ãã¯ãªãã¯ãããšãèšå®ã¯ããã«åæ ãããŸããå®è¡ã確èªããããã®ããã³ããã¡ãã»ãŒãžã¯è¡šç€ºãããŸããã
èšå®æ¹æ³
[IP] â [ARP] â [Dynamic Addresses] ãã¯ãªãã¯ããŸãããã£ãã·ã¥ã«ä¿åãããŠããåçãšã³ããªãéçãšã³ããªã«å€æŽããããã®ãã¿ã³ãããã¹ãŠã®åçãšã³ããªãåé€ããããã®ãã¿ã³ã䜿çšã§ããŸãã
151 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
ããŒã«ã«ãª ARPãšã³ããªã®è¡šç€º
ARPãã£ãã·ã¥ã¯ããŒã«ã«ã€ã³ã¿ãã§ãŒã¹ïŒãµããããããã¹ãããããŒããã£ã¹ãã¢ãã¬ã¹ïŒã®ãšã³ããªãä¿åããŠããŸãã
èšå®ã»è¡šç€ºé ç®
IP Address
ãã£ãã·ã¥ã«ä¿åãããŠããåçãšã³ããªã® IPã¢ãã¬ã¹ã
MAC Address
IPã¢ãã¬ã¹ã«ãããã³ã°ãããŠãã MACã¢ãã¬ã¹ã
Interface
ã¢ãã¬ã¹ãšã³ããªã«é¢é£ä»ããããŠãã VLANã€ã³ã¿ãã§ãŒã¹ã
Entry Count
ARPãã£ãã·ã¥ã«ä¿åãããŠããããŒã«ã«ãšã³ããªã®æ°ã
èšå®æ¹æ³
[IP] â [ARP] â [Other Addresses] ãã¯ãªãã¯ããŸãã
ARPã®çµ±èšæ å ±
æ¬æ©ã®ãã¹ãŠã®ã€ã³ã¿ãã§ãŒã¹ãééãã ARPã¡ãã»ãŒãžã«é¢ããçµ±èšæ å ±ã衚瀺ã§ããŸãã
Received Request æ¬æ©ãåä¿¡ãã ARPãªã¯ãšã¹ããã±ããæ°
Received Reply æ¬æ©ãåä¿¡ãã ARPãªãã©ã€ãã±ããæ°
Sent Request æ¬æ©ãéä¿¡ãã ARPãªã¯ãšã¹ããã±ããæ°
Sent Reply æ¬æ©ãéä¿¡ãã ARPãªãã©ã€ãã±ããæ°
152FXC9012F
Webã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
èšå®æ¹æ³
[IP] â [ARP] â [Statistics] ãã¯ãªãã¯ããŸãã
2.16.3 IPãããã³ã«ã®çµ±èšæ å ±ã®è¡šç€º
IPã®çµ±èšæ å ±
IPïŒInternet ProtocolïŒã¯ãœãŒã¹ãããã£ã¹ãã£ããŒã·ã§ã³ãŸã§ãããŒã¿ã®åºãŸãïŒãã±ããããã¬ãŒã ãªã©ãšåŒã°ããŸãïŒãéãå±ããã¡ã«ããºã ãæäŸããŸããããã§ããããã¯ãŒã¯ããã€ã¹ïŒãã¹ãïŒã¯ãåºå®é·ã®ã¢ãã¬ã¹ã§èå¥ãããŸããIPã¯ãŸããå¿ èŠã«å¿ããŠé·ããã±ããã®åå²ãšåæ§ç¯ã®æ©èœãæäŸãããå°ããªãã±ãããã§æ§æããããããã¯ãŒã¯ã§ããŒã¿ãããåããããããã«ããŸãã
æ¬æ©ã®ãã¹ãŠã®ã€ã³ã¿ãã§ãŒã¹ãééãã ARPã¡ãã»ãŒãžã«é¢ããçµ±èšæ å ±ã衚瀺ã§ããŸãã
é ç® å 容
Packets Received ã€ã³ã¿ãã§ãŒã¹ã§åä¿¡ããçä¿¡ããŒã¿ã°ã©ã ã®ç·æ°ïŒãšã©ãŒãå«ãïŒ
Received Address Errors IPãã±ãããããã®ãã£ã¹ãã£ããŒã·ã§ã³ãã£ãŒã«ãã«å«ãŸããŠãã IPã¢ãã¬ã¹ããšã³ãã£ãã£ã«æå¹ã§ãªãã¢ãã¬ã¹ã§ãã£ããããç Žæ£ãããçä¿¡ããŒã¿ã°ã©ã ã®æ°
Received Packets Discarded éä¿¡åŠçç¶ç¶ã®ããã«ã¯åé¡ããªãã£ãããïŒãããã¡å®¹éã®åé¡çã§ïŒç Žæ£ãããçä¿¡ããŒã¿ã°ã©ã ã®æ°
Output Requests éä¿¡ãªã¯ãšã¹ãã«å¯Ÿã㊠IPãããã¯ãŒã¯ã«éä¿¡ãããããŒã«ã«ã®IPãŠãŒã¶ãããã³ã«ïŒICMPãå«ãïŒã®ããŒã¿ã°ã©ã ã®ç·æ°
Output Packet No Route ãã£ã¹ãã£ããŒã·ã§ã³ãžã®éä¿¡çµè·¯ãæ€åºã§ããªãã£ãããã«ãç Žæ£ãããããŒã¿ã°ã©ã ã®æ°ãããã«ã¯ãããã©ã«ãã²ãŒããŠã§ã€ããã¹ãŠããŠã³ããŠãããããã¹ããé éã§ããªãã£ãããŒã¿ã°ã©ã ã®æ°ãå«ãŸããããšã«æ³šæããŠãã ããã
Datagrams Forwarded ãšã³ãã£ãã£ãæçµã® IPãã£ã¹ãã£ããŒã·ã§ã³ã§ãªããæçµã®ãã£ã¹ãã£ããŒã·ã§ã³ã«ãã©ã¯ãŒãã£ã³ã°ããããã«çµè·¯ãæ€åºããçä¿¡ããŒã¿ã°ã©ã ã®æ°
Reassembly Required ãã®ãšã³ãã£ãã£ã§åæ§ç¯ãå¿ èŠã ã£ã IPãã©ã°ã¡ã³ãã®åä¿¡æ°
Reassembly Failures ã¿ã€ã ã¢ãŠãããšã©ãŒãªã©æ§ã ãªçç±ã«ãããIPãã±ããã®åæ§ç¯ã«å€±æãããšæ€åºãããæ°
153 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
èšå®æ¹æ³
[IP] â [Statistics] â [IP] ãã¯ãªãã¯ããŸãã
Datagrams Failing Fragmentation
ãåå²ããªãããã©ã°ãèšå®ãããŠãããªã©ã®çç±ã«ããïŒãã®ãšã³ãã£ãã£ã§åå²ãã¹ãã§ãã£ããã§ãããç Žæ£ãããããŒã¿ã°ã©ã ã®æ°
Received Header Errors ãã§ãã¯ãµã ãšã©ãŒãããŒãžã§ã³çªå·ã®äžäžèŽããã®ä»ã®ãã©ãŒããããšã©ãŒãçåæéã®è¶ éãIPãªãã·ã§ã³åŠçã§ã®ãšã©ãŒæ€åºãªã©ãIPãããã®ãšã©ãŒã®ããã«ç Žæ£ãããçä¿¡ããŒã¿ã°ã©ã ã®æ°
Unknown Protocols Received äžæãŸãã¯ãµããŒãããŠããªããããã³ã«ã®ããŒã¿ã®ãããåä¿¡ã«ã¯æåãããç Žæ£ããããããŒã«ã«ãªã¢ãã¬ã¹ãæã€ããŒã¿ã°ã©ã ã®æ°
Received Packets Delivered IPãŠãŒã¶ãããã³ã«ïŒICMPãå«ãïŒãŸã§æ£ããé éããããçä¿¡ããŒã¿ã°ã©ã ã®ç·æ°
Discarded Output Packets ãã£ã¹ãã£ããŒã·ã§ã³ãžã®éä¿¡ã®ããã«ã¯åé¡ããªãã£ãããïŒãããã¡å®¹éã®åé¡çã§ïŒç Žæ£ãããçºä¿¡ããŒã¿ã°ã©ã ã®æ°
Fragments Created ãã®ãšã³ãã£ãã£ã§åå²ãè¡ã£ãçµæçæããããããŒã¿ã°ã©ã ãã©ã°ã¡ã³ãã®æ°
Routing Discards æå¹ãªãšã³ããªã§ãã£ãã«ãããããããç Žæ£ãããŠããŸã£ãã«ãŒãã£ã³ã°ãšã³ããªã®æ°ããšã³ããªããã®ããã«ç Žæ£ãããçç±ã® 1ã€ã«ãä»ã®ã«ãŒãã£ã³ã°ãšã³ããªã®ããã«ãããã¡å®¹éã空ããå¿ èŠããã£ãããšãèããããã
Reassembly Successful åæ§ç¯ã«æåããããŒã¿ã°ã©ã ã®æ°
Datagrams Successfully Fragmented
ãã®ãšã³ãã£ãã£ã§åå²ã«æåãã IPããŒã¿ã°ã©ã ã®æ°
154FXC9012F
Webã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
ICMPã®çµ±èšæ å ±
ICMPïŒInternet Control Message ProtocolïŒã¯ãããã¯ãŒã¯ã¬ã€ã€ã®ãããã³ã«ã§ãIPãã±ããã®åŠçäžã«çºçãããšã©ãŒãã¬ããŒãããæ å ±ãã±ãããéä¿¡ããŸãããã®ãããICMP㯠IPã®å šäœçãªéšåãã«ããŒããŠããŸããICMPã¡ãã»ãŒãžã¯æ§ã ãªç¶æ³ãã¬ããŒãããã®ã«äœ¿çšãããŸããäŸãã°ãããŒã¿ã°ã©ã ããã£ã¹ãã£ããŒã·ã§ã³ã«å°éããªãå ŽåãããŒã¿ã°ã©ã ããã©ã¯ãŒãã£ã³ã°ã§ããã ãã®ãããã¡å®¹éãã²ãŒããŠã§ã€ã§äžè¶³ããŠããå ŽåããŸãã²ãŒããŠã§ã€ããã¹ãã«ãã©ãã£ãã¯ãããçãçµè·¯ã§éä¿¡ããããæ瀺ããå Žåãªã©ã§ããICMPã¯ãŸããç¹å®ã®ãã£ã¹ãã£ããŒã·ã§ã³ã«é¢ãããããæé©ãªçµè·¯ïŒãã¯ã¹ããããã®ã«ãŒã¿ïŒã«ã€ããŠã®æ å ±ããã£ãŒãããã¯ããéã«ããã«ãŒã¿ã«ãã䜿çšãããŸãã
èšå®æ¹æ³
[IP] â [Statistics] â [ICMP] ãã¯ãªãã¯ããŸã
é ç® å 容
Messages ãã®ãšã³ãã£ãã£ãéåä¿¡ãã ICMPã¡ãã»ãŒãžã®ç·æ°
Errors ãã®ãšã³ãã£ãã£ãéåä¿¡ãã ICMPã¡ãã»ãŒãžã®ãã¡ãICMPã«é¢ãããšã©ãŒïŒICMPãã§ãã¯ãµã ãšã©ãŒããã±ããé·ã®ãšã©ãŒãªã©ïŒãæ€åºããã ICMPã¡ãã»ãŒãžã®æ°
Destination Unreachable éåä¿¡ãã ICMP Destination Unreachableã¡ãã»ãŒãžã®æ°
Time Exceeded éåä¿¡ãã ICMP Time Exceededã¡ãã»ãŒãžã®æ°
Parameter Problems éåä¿¡ãã ICMP Parameter Problemã¡ãã»ãŒãžã®æ°
Source Quenches éåä¿¡ãã ICMP Source Quenchã¡ãã»ãŒãžã®æ°
Redirects éåä¿¡ãã ICMP Redirectã¡ãã»ãŒãžã®æ°
Echos éåä¿¡ãã ICMP EchoïŒãªã¯ãšã¹ãïŒã¡ãã»ãŒãžã®æ°
Echo Replies éåä¿¡ãã ICMP Echo Replyã¡ãã»ãŒãžã®æ°
Timestamps éåä¿¡ãã ICMP TimestampïŒãªã¯ãšã¹ãïŒã¡ãã»ãŒãžã®æ°
Timestamp Replies éåä¿¡ãã ICMP Timestamp Replyã¡ãã»ãŒãžã®æ°
Address Masks éåä¿¡ãã ICMP Address Mask Requestã¡ãã»ãŒãžã®æ°
Address Mask Replies éåä¿¡ãã ICMP Address Mask Replyã¡ãã»ãŒãžã®æ°
155 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
UDPã®çµ±èšæ å ±
UDPïŒUser Datagram ProtocolïŒã¯ããã±ãã亀æã«ããããŒã¿ã°ã©ã ã®éä¿¡ã¢ãŒããæäŸããŸããUDPã¯ãäžäœã®è»¢éã¡ã«ããºã ã« IPã䜿çšããIPã«é¡äŒŒãããµãŒãã¹ãæäŸããŸããUDPãã±ããã¯ãç®çå°ãžã®å°éåã«ç Žæ£ãããå¯èœæ§ã®ããã³ãã¯ã·ã§ã³ã¬ã¹åã®ããŒã¿ã°ã©ã ã§ãIPãã±ããã®ããã«é éãããŸããUDP㯠TCPãè€ééããŠæéãããã£ãããåã«TCPãå¿ èŠã§ãªãå Žåã«æå¹ã§ãã
èšå®æ¹æ³
[IP] â [Statistics] â [UDP] ãã¯ãªãã¯ããŸãã
TCPã®çµ±èšæ å ±
TCPïŒTransmission Control ProtocolïŒã¯ããã±ããé信網ã§ä¿¡é Œæ§ã®é«ããã¹ã -ãã¹ãéã®éä¿¡ãæäŸããŸããTCP㯠IPãšäžç·ã«äœ¿çšãããå€æ§ãªã€ã³ã¿ãŒããããããã³ã«ããµããŒãããŸãã
é ç® å 容
Datagrams Received UDPãŠãŒã¶ã«é éãã UDPããŒã¿ã°ã©ã ã®ç·æ°
Datagrams Sent ãã®ãšã³ãã£ãã£ããéä¿¡ãã UDPããŒã¿ã°ã©ã ã®ç·æ°
Receive Errors ãã£ã¹ãã£ããŒã·ã§ã³ããŒãã«ã¢ããªã±ãŒã·ã§ã³ããªããšããçç±ä»¥å€ã§é éãããåä¿¡ãããUDPããŒã¿ã°ã©ã ã®æ°
No Ports ãã£ã¹ãã£ããŒã·ã§ã³ããŒãã§ã¢ããªã±ãŒã·ã§ã³ããªããšããçç±ã§åä¿¡ãããUDPããŒã¿ã°ã©ã ã®ç·æ°
é ç® å 容
Segments Received ã©ãŒãå«ããåä¿¡ããã»ã°ã¡ã³ãã®ç·æ°ãçŸåšç¢ºç«ããŠããæ¥ç¶ã§åä¿¡ããã»ã°ã¡ã³ãæ°ããã®æ°ã«å«ãŸããŸãã
Segments Sent éä¿¡ããã»ã°ã¡ã³ãã®ç·æ°ãçŸåšç¢ºç«ããŠããæ¥ç¶ã§éä¿¡ããã»ã°ã¡ã³ãæ°ã¯å«ãŸããŸãããåéã®ã¿ã®ã»ã°ã¡ã³ãæ°ã¯å«ãŸããŸããã
Active Opens CLOSEDã¹ããŒããã SYN-SENTã¹ããŒãã«çŽæ¥é·ç§»ãã TCPã³ãã¯ã·ã§ã³ã®åæ°
Failed Connection Attempts SYN-SENTã¹ããŒããŸã㯠SYN-RCVDã¹ããŒããã CLOSEDã¹ããŒãã«çŽæ¥é·ç§»ãã TCPã³ãã¯ã·ã§ã³ã®åæ°ãšãSYN-RCVDã¹ããŒããã LISTENã¹ããŒãã«çŽæ¥é·ç§»ãã TCPã³ãã¯ã·ã§ã³ã®åæ°ãåç®ããæ°
Current Connections çŸåšã®ã¹ããŒãã ESTABLISHEDãŸã㯠CLOSE-WAITã¹ããŒãã®TCPã³ãã¯ã·ã§ã³ã®æ°
Receive Errors TCPãã§ãã¯ãµã ãšã©ãŒãªã©ããšã©ãŒã§åä¿¡ããã»ã°ã¡ã³ãã®ç·æ°
156FXC9012F
Webã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
èšå®æ¹æ³
[IP] â [Statistics] â [TCP] ãã¯ãªãã¯ããŸãã
2.16.4 éçãªçµè·¯ã®èšå®
æ¬æ©ã¯åçãªã«ãŒãã£ã³ã°ãããã³ã«ïŒRIPãOSPFïŒã䜿çšããŠãä»ã®ãããã¯ãŒã¯ã»ã°ã¡ã³ããžåçã«çµè·¯ãèšå®ããããšãã§ããŸãããŸããã«ãŒãã£ã³ã°ããŒãã«ã«ãæäœæ¥ã«ããçµè·¯ãéçã«å ¥åããããšãã§ããŸããéçãªçµè·¯ã¯ãåçãªã«ãŒãã£ã³ã°ããµããŒãããŠããªããããã¯ãŒã¯ã»ã°ã¡ã³ããžã¢ã¯ã»ã¹ããå Žåããç¹å®ã®ãµãããããžã®çµè·¯ãéå®ãããå Žåãªã©ãåçãªã«ãŒãã£ã³ã°ã䜿ããããªãéã«å¿ èŠã§ããéçãªçµè·¯ã¯ãããã¯ãŒã¯ããããžã®å€åã«ãšããªã£ãŠèªåçã«å€æŽãããããšã¯ãªãããããããã¯ãŒã¯ã§ã®ã¢ã¯ã»ã¹ããªãã£ã確ä¿ããããã«ãéçãªçµè·¯ã®èšå®ã¯æå°éã«ãšã©ããæ¹ãè¯ãã§ãããã
èšå®ã»è¡šç€ºé ç®
Interface
IPã€ã³ã¿ãã§ãŒã¹ã®èå¥çªå·ã
IP Address
ãã£ã¹ãã£ããŒã·ã§ã³ãããã¯ãŒã¯ããµããããã¯ãŒã¯ããŸãã¯ãã¹ãã® IPã¢ãã¬ã¹ã
Netmask
IPãµããããã«é¢é£ä»ããããŠããããããã¹ã¯ããã®ãã¹ã¯ã¯ãç¹å®ã®ãµããããã«ã«ãŒãã£ã³ã°ãããéã«äœ¿çšããããã¹ãã¢ãã¬ã¹ã®ããããèå¥ããŸãã
Gateway
ã«ãŒãã£ã³ã°ã«äœ¿çšãããã²ãŒããŠã§ã€ã® IPã¢ãã¬ã¹ã
Metric
ãã®ã€ã³ã¿ãã§ãŒã¹ã®ã³ã¹ãããã®ã³ã¹ã㯠RIPãªã©ã®åçãªã«ãŒãã£ã³ã°ãããã³ã«ã«ãã£ãŠçµè·¯ãèªã¿èŸŒãŸããå Žåã®ã¿ã«äœ¿çšãããŸããïŒç¯å²ïŒ1-5ãåæèšå®ïŒ1ïŒ
Entry Count
ããŒãã«ãšã³ããªã®æ°ã
Segments Retransmitted åéãããã»ã°ã¡ã³ãã®ç·æ°ããã§ã« 1å以äžéä¿¡ãããéšåãå«ã TCPã»ã°ã¡ã³ãã®æ°ã®ããšã§ãã
Passive Opens LISTENã¹ããŒããã SYN-RCVDã¹ããŒãã«çŽæ¥é·ç§»ãã TCPã³ãã¯ã·ã§ã³ã®åæ°
Reset Connections STABLISHEDã¹ããŒããŸã㯠CLOSE-WAITã¹ããŒãããCLOSEDã¹ããŒãã«çŽæ¥é·ç§»ãã TCPã³ãã¯ã·ã§ã³ã®åæ°
157 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
èšå®æ¹æ³
[IP] â [Routing] â [Static Routes] ãã¯ãªãã¯ããŸãã
ã«ãŒãã£ã³ã°ããŒãã«ã®è¡šç€º
ããŒã«ã«ãããã¯ãŒã¯ã€ã³ã¿ãã§ãŒã¹ãéçãªçµè·¯ããŸãã¯åçã«åŠç¿ãããçµè·¯ãä»ããŠã¢ã¯ã»ã¹å¯èœãªãã¹ãŠã®çµè·¯ã衚瀺ã§ããŸãããããã®çµè·¯æ å ±ãéè€ããå Žåãçµè·¯éžæãããéã®åªå é äœã¯ããŒã«ã«ãéçãåçã®é ã«ãªããŸãããŸããããŒã«ã«ã€ã³ã¿ãã§ãŒã¹ã®çµè·¯ã«ã€ããŠã¯ãããšãã«ãŒãã£ã³ã°ããŒãã«ã«è¡šç€ºãããŠããŠããå°ãªããšã 1ã€ã®ã¢ã¯ãã£ããªãªã³ã¯ããã®ã€ã³ã¿ãã§ãŒã¹ã«æ¥ç¶ããªãéãæå¹ãšãªããªãããšã«æ³šæãå¿ èŠã§ãã
èšå®ã»è¡šç€ºé ç®
Interface
IPã€ã³ã¿ãã§ãŒã¹ã®ã€ã³ããã¯ã¹çªå·ã
ãã£ã¹ãã£ããŒã·ã§ã³ãããã¯ãŒã¯ããµããããã¯ãŒã¯ããŸãã¯ãã¹ãã® IPã¢ãã¬ã¹ãIPã¢ãã¬ã¹ 0.0.0.0ã¯æ¬æ©ã®ããã©ã«ãã²ãŒããŠã§ã€ã瀺ãããšã«æ³šæããŠãã ããã
Netmask
IPãµããããã«é¢é£ä»ããããŠããããããã¹ã¯ããã®ãã¹ã¯ã¯ãç¹å®ã®ãµããããã«ã«ãŒãã£ã³ã°ãããéã«äœ¿çšããããã¹ãã¢ãã¬ã¹ã®ããããèå¥ããŸãã
Next Hop
çµè·¯ã®ãã¯ã¹ããããïŒã²ãŒããŠã§ã€ïŒã® IPã¢ãã¬ã¹ã
Protocol
çµè·¯æ å ±ãçæããæ¹æ³ /ãããã³ã«åãïŒè¡šç€ºé ç®ïŒlocalãstaticãRIPïŒ
Metric
ã€ã³ã¿ãã§ãŒã¹ã®ã³ã¹ãã
Entry Count
ããŒãã«ãšã³ããªã®æ°ã
158FXC9012F
Webã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
èšå®æ¹æ³
[IP] â [Routing] â [Routing Table] ãã¯ãªãã¯ããŸãã
2.16.5 RIPã®èšå®
RIPïŒRouting Information ProtocolïŒã¯æãåºã䜿çšãããŠããã«ãŒãã£ã³ã°ãããã³ã«ã§ããRIPã¯ã«ãŒãã£ã³ã°ã«è·é¢ãã¯ãã«åã®ææ³ãæ¡çšããŠããŸããçµè·¯ã¯ãããå°ããªè·é¢ãã¯ãã«ïŒãããæ°ãéä¿¡æã®ã³ã¹ãã®å€§ãŸããªèŠç©ããã®ããã«äœ¿çšãããïŒãéžæããããšã«ãã決å®ãããŸããåã«ãŒã¿ã¯ 30ç§ããšã«ãèªèº«ã®ã«ãŒãã£ã³ã°ããŒãã«ã®æŽæ°æ å ±ãå«ããåºåããããŒããã£ã¹ãããŸããããã«ãããåäžãããã¯ãŒã¯äžã®ãã¹ãŠã®ã«ãŒã¿ã¯ãæ£ãããµããããã«å°ããã¯ã¹ããããã®ãªã³ã¯ã«ã€ããŠãäžè²«æ§ã®ããããŒãã«ãææããããšãã§ããŸãã
æ©èœè§£èª¬
⢠ã¬ã€ã€ 2ã¹ã€ãããã«ãŒããåé¿ããããã« STPïŒSpanning TreeïŒã¢ã«ãŽãªãºã ãæ¡çšããããã«ãã«ãŒã¿ãããŒã¿ãã©ãã£ãã¯ã®ãšã³ãã¬ã¹ãªåéãçºçãããã«ãŒããåé¿ããææ³ã䜿çšããŠããŸããRIPã¯æ¬¡ã® 3ã€ã®æ¹æ³ã䜿çšããŠã«ãŒãã®çºçãåé¿ããŸããéçãªãšã³ããªã¯ãäžå®ã®æéãçµéãããšãèªåçã«æ¶å»ãããããé»æºããªã»ããããå Žåã§ãæ¶å»ãããŸãããéçãªãšã³ããªã¯èšå®ã€ã³ã¿ãã§ãŒã¹ããã®ã¿æ¶å»ã§ããŸãã
ïŒã¹ããªãããã©ã€ãºã³ãã®çµè·¯æ å ±ãéä¿¡ããŠããã€ã³ã¿ãã§ãŒã¹ããŒãã«ã¯çµè·¯æ å ±ãåºåããŸããã
ïŒãã€ãºã³ãªããŒã¹ãã®çµè·¯æ å ±ãéä¿¡ããŠããã€ã³ã¿ãã§ãŒã¹ããŒãã«çµè·¯æ å ±ãåºåããããè·é¢ãã¯ãã«åã®ã¡ããªãã¯ã¯ç¡é倧ã«èšå®ããŸããïŒããã«ããåææéãççž®ã§ããŸãïŒ
ïŒããªã¬ã¢ããããŒãçµè·¯ãå€åããéã¯ãã€ã§ããçãé 延æéãçµãŠã¢ããããŒãã¡ãã»ãŒãžãåºåããŸãããåšæçãªãµã€ã¯ã«ã§åŸ ã€ããšã¯ãããŸããã
⢠RIP v2㯠RIPããã¢ããã°ã¬ãŒãããããã®ã§ãRIP ãšäºææ§ããããŸããRIP v2ã«ã¯å¹³æèªèšŒãè€æ°ã®ç¬ç«ãã RIPãã¡ã€ã³ãå¯å€é·ã®ãµãããããã¹ã¯ãããã³çµè·¯æ å ±ã®åºåã«ãã«ããã£ã¹ãã®è»¢éæ¹æ³ãæ¡çšããšããè¿œå ããããã䜿ããããæ©èœããããŸããïŒRFC1723ïŒ
⢠RIPã«ã¯èæ ®ãã¹ãéèŠãªåé¡ãããã€ããããŸãããŸããRIP v1ã«ã¯ãµããããã®æŠå¿µããããŸãããRIP v1/v2ã¯ãªã³ã¯ãã«ãŒã¿ã«é害ãçºçããããšæ°ããªçµè·¯æ å ±ãåæãããŸã§ã«é·ãæéãå¿ èŠãªããããã®éã«ã«ãŒãã£ã³ã°ã«ãŒããçºçããå¯èœæ§ããããŸããããããããããæ°ã®å¶éãããã 15ã®ããã«å€§èŠæš¡ãããã¯ãŒã¯ã§ã¯äœ¿çšã§ããŸããããŸããRIP v1ã¯çµè·¯æ å ±ããããŒããã£ã¹ãããããã倧åãªãããã¯ãŒã¯åž¯åã浪費ããŸããããã«ããããã¯ãŒã¯å€æ°ãã»ãšãã©èæ ®ããªãããæè¯ã®çµè·¯ã決å®ã§ããŸããã
159 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
RIPã®èšå®
RIPã¯ã«ãŒã¿ãçµè·¯æ å ±ã亀æããæ¹æ³ãå®çŸ©ããã®ã«äœ¿çšãããŸããæ¬æ©ã§ RIPãæå¹ã«èšå®ãããšãæ¬æ©ãšåããããã¯ãŒã¯ã«æå±ãããã¹ãŠã®ããã€ã¹ã«åã㊠RIPã¡ãã»ãŒãžãïŒåæèšå®ã§ïŒ30ç§ããšã«éä¿¡ããä»ã®ã«ãŒã¿ãã RIPã¡ãã»ãŒãžãåä¿¡ãããšæ¬æ©èªèº«ã®ã«ãŒãã£ã³ã°ããŒãã«ãæŽæ°ããŸããRIPã䜿çšããŠä»ã®ã«ãŒã¿ãšæ£ããéä¿¡ããããã«ã¯ãæ¬æ©å šäœã§äœ¿çšãã RIPã®ããŒãžã§ã³ãïŒGlobal RIP VersionïŒãã€ã³ã¿ãã§ãŒã¹ã§äœ¿çšãã RIPã®éåä¿¡ã®ããŒãžã§ã³ïŒReceive or Send VersionïŒãèšå®ããå¿ èŠããããŸãã
æ©èœè§£èª¬
⢠Global RIP Versionãèšå®ããå ŽåãReceive or Send VersionïŒP17-35ïŒã§èšå®ãããŠããªã VLANã€ã³ã¿ãã§ãŒã¹ã«æ¬¡ã®å€ãèšå®ããŸãã
ïŒ RIPv1ïŒæªèšå®ã®ã€ã³ã¿ãã§ãŒã¹ã«å¯Ÿããéä¿¡ã«ã¯ RIP v1äºæãããã³ã«ã¡ãã»ãŒãžã䜿çšããåä¿¡ã«ã¯ RIP v1ãŸã㯠RIP v2ãããã³ã«ã¡ãã»ãŒãžã䜿çšããããèšå®ããŸãã
ïŒ RIPv2ïŒæªèšå®ã®ã€ã³ã¿ãã§ãŒã¹ã«å¯Ÿããéåä¿¡äž¡æ¹ã®ãããã³ã«ã¡ãã»ãŒãžã« RIP v2ã䜿çšããããèšå®ããŸãã
⢠ã¢ããããŒãã¿ã€ããŒã¯ãã¹ãŠã®åºæ¬ç㪠RIPããã»ã¹ãå¶åŸ¡ããã®ã«äœ¿çšããããéèŠãªã¿ã€ããŒã§ãã
ïŒã¢ããããŒãã¿ã€ããŒã®ééãçããããããšãã«ãŒã¿ãã¢ããããŒãã®åŠçã«èšå€§ãªæéãè²»ããããšã«ãªããŸããäžæ¹ãé·ããããããšãããã¯ãŒã¯æ§æã®å€æŽãæ€åºãã«ããã«ãŒãã£ã³ã°ãããã³ã«ã«ãªã£ãŠããŸããŸãã
ïŒã¢ããããŒãã¿ã€ããŒã¯ãåäžãããã¯ãŒã¯ã®ãã¹ãŠã®ã«ãŒã¿ã«åãå€ãèšå®ããªããŠã¯ãªããŸããã
èšå®ã»è¡šç€ºé ç®
Global
RIP Routing Process
æ¬æ©ã® IPã€ã³ã¿ãã§ãŒã¹ã§ RIPã«ããã«ãŒãã£ã³ã°ã䜿çšããïŒEnabledïŒãããªãïŒDisabledïŒããèšå®ããŸããïŒåæèšå®ïŒ DisabledïŒ
Global RIP Version
æ¬æ©ã§ã°ããŒãã«ã«äœ¿çšãã RIPã®ããŒãžã§ã³ãèšå®ããŸããïŒåæèšå®ïŒRIPv1ïŒ
Timer
Update
ã¢ããããŒãæ å ±ã®éä¿¡ééãèšå®ããŸãããã®å€ã 6åããå€ãã¿ã€ã ã¢ãŠãæéãšããŠã4åããå€ãã¬ããŒãžã³ã¬ã¯ã·ã§ã³æéãšããŠèšå®ãããŸããïŒç¯å²ïŒ15-60ç§ãåæèšå®ïŒ30ç§ïŒ
Timeout
çµè·¯ã®é害ãéç¥ããã¢ããããŒãã¡ãã»ãŒãžãéä¿¡ãããªããªã£ãŠããã®çµéæéãèšå®ããŸããçµè·¯ãïŒã¡ããªãã¯ãç¡é倧ãªã©ã®çç±ã«ããïŒã¢ã¯ã»ã¹ã§ããªããšå€æãããå°éäžå¯èœãšåºåãããŸãããã ãããã±ããã¯ãã®çµè·¯ã«ãã©ã¯ãŒãã£ã³ã°ããç¶ããŸããïŒåæèšå®ïŒ180ç§ïŒ
Garbage Collection
ã¿ã€ã ã¢ãŠãæéã®çµéåŸãã«ãŒãã£ã³ã°ããŒãã«ãããšã³ããªãåé€ãããŸã§ã®ã¬ããŒãžã³ã¬ã¯ã·ã§ã³æéãèšå®ããŸããã¬ããŒãžã³ã¬ã¯ã·ã§ã³æéã®èšå®ã«ãããé£æ¥ã«ãŒã¿ãçµè·¯æ å ±ãåé€ããåã«ç¡å¹ãªçµè·¯ãèªèããã®ã«åœ¹ç«ã¡ãŸããïŒåæèšå®ïŒ120ç§ïŒ
160FXC9012F
Webã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
èšå®æ¹æ³
[Routing Protocol] â [RIP] â [General Settings] ãã¯ãªãã¯ããŸããRIPã®æå¹ãŸãã¯ç¡å¹ãèšå®ããæªèšå®ã®ã€ã³ã¿ãã§ãŒã¹ã«å¯Ÿã㊠RIPv1ãŸã㯠RIPv2ãèšå®ããåºæ¬ã®ã¢ããããŒãã¿ã€ããŒïŒUpdateïŒãèšå®ããŸãã[Apply] ãã¯ãªãã¯ããŸãã
RIPããµããŒãããããããã¯ãŒã¯ã€ã³ã¿ãã§ãŒã¹ã®æå®
RIPã®ã«ãŒãã£ã³ã°ããã»ã¹ã«çµã¿èŸŒããããã¯ãŒã¯ã€ã³ã¿ãã§ãŒã¹ãæå®ããŸãã
æ©èœè§£èª¬
⢠ãã®ã³ãã³ãã§èšå®ããã€ã³ã¿ãã§ãŒã¹ã«ã®ã¿ RIPã®ã¢ããããŒãæ å ±ãéä¿¡ãããŸãã
⢠ãµããããã¢ãã¬ã¹ã¯ãèšå®ããã¢ãã¬ã¹ã®æåã®ãã£ãŒã«ãã«åºä»ããã¯ã©ã¹ AãBãCã®ããããã«è§£éãããŸããã€ãŸãããµããããã¢ãã¬ã¹ nnn.xxx.xxx.xxxãå ¥åããå Žåãæåã®ãã£ãŒã«ãïŒnnnïŒãã¯ã©ã¹ã決å®ããŸãã
ã0ïœ 127ã®å Žåã¯ã©ã¹ Aãšãªãããããã¯ãŒã¯ã¢ãã¬ã¹ã®æåã®ãã£ãŒã«ãã®ã¿äœ¿çšãããŸãã
ã128ïœ191ã®å Žåã¯ã¯ã©ã¹Bãšãªãããããã¯ãŒã¯ã¢ãã¬ã¹ã®æåãã2ã€ã®ãã£ãŒã«ãã®ã¿äœ¿çšãããŸãã
ã192ïœ223ã®å Žåã¯ã¯ã©ã¹Cãšãªãããããã¯ãŒã¯ã¢ãã¬ã¹ã®æåãã3ã€ã®ãã£ãŒã«ãã®ã¿äœ¿çšãããŸãã
èšå®ã»è¡šç€ºé ç®
Subnet Address
æ¬æ©ã«çŽæ¥æ¥ç¶ããŠãããããã¯ãŒã¯ã® IPã¢ãã¬ã¹ã
161 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
èšå®æ¹æ³
[Routing Protocol] â [RIP] â [Network Addresses] ãã¯ãªãã¯ããŸããRIPããµããŒããããã€ã³ã¿ãã§ãŒã¹ããã¹ãŠè¿œå ããŸãã[Apply] ãã¯ãªãã¯ããŸãã
åãããã¯ãŒã¯ã€ã³ã¿ãã§ãŒã¹ãžã® RIPã®èšå®
RIPã«ãŒãã£ã³ã°ããã»ã¹ã«çµã¿èŸŒãåã€ã³ã¿ãã§ãŒã¹ã«å¯Ÿããåä¿¡ã«äœ¿çšãããããã³ã«ã¡ãã»ãŒãžã®çš®é¡ïŒRIPã®ããŒãžã§ã³ïŒãšéä¿¡ã«äœ¿çšãããããã³ã«ã¡ãã»ãŒãžã®çš®é¡ïŒRIPããŒãžã§ã³ãŸãã¯äºææ§ã¢ãŒãïŒããããã³ã«ã¡ãã»ãŒãžã®ã«ãŒãããã¯ãåé¿ããæ¹æ³ãããã³èªèšŒæ©èœã®äœ¿çšãŸãã¯äžèŠïŒèªèšŒæ©èœã¯ RIPv2ã¡ãã»ãŒãžã®éåä¿¡æã®ã¿é©çšãããŸãïŒãèšå®ããŸãã
æ©èœè§£èª¬
éä¿¡ /åä¿¡ãããã³ã«ã®çš®é¡ã®èšå®
⢠ããã§åã€ã³ã¿ãã§ãŒã¹ã«èšå®ããåä¿¡ã®ããã® RIPã®ããŒãžã§ã³ïŒReceive VersionïŒãŸãã¯éä¿¡ã®ããã®ããŒãžã§ã³ïŒSend VersionïŒã¯ãRIPïŒGeneral Settingsç»é¢ã® Global RIP Versionãã£ãŒã«ãã§èšå®ããå€ããåªå ãããŸãã
⢠Receive Versionã¯æ¬¡ã®éžæè¢ããèšå®ã§ããŸãã
ïŒããŒã«ã«ãããã¯ãŒã¯ã§ãã¹ãŠã®ã«ãŒã¿ãRIPv1ãŸãã¯RIPv2ã®ã©ã¡ããäžæ¹ã ãã䜿çšããŠããå Žåã¯ãããããâRIPv1âãŸãã¯âRIPv2âãèšå®ããŸãã
ïŒããŒã«ã«ãããã¯ãŒã¯ã§ã«ãŒã¿ã RIPv1ãš RIPv2ã®äž¡æ¹ã䜿çšããŠããå Žåã¯ãâRIPv1 or RIPv2âãèšå®ããŸãã
ïŒç¹å®ã®ã€ã³ã¿ãã§ãŒã¹ã®ã«ãŒãã£ã³ã°ããŒãã«ã«åçã«ä¿åãããããªãå Žåã¯ãâDo Not Receiveâãèšå®ããŸããïŒéçã«ã®ã¿ã«ãŒãã£ã³ã°ããããã€ã³ã¿ãã§ãŒã¹ã®å Žåãªã©ïŒ
⢠Send Versionã¯æ¬¡ã® 3ã€ã®éžæè¢ããèšå®ã§ããŸãã
ïŒããŒã«ã«ãããã¯ãŒã¯ã®ãã¹ãŠã®ã«ãŒã¿ãRIPv1ãŸãã¯RIPv2ã®ã©ã¡ããäžæ¹ã ãã䜿çšããŠããå Žåã¯ãããããâRIPv1âãŸãã¯âRIPv2âãèšå®ããŸãã
ïŒãããã¯ãŒã¯ã®ä»ã®ã«ãŒã¿ã«çµè·¯æ å ±ããããŒããã£ã¹ãããéãRIPv2ã§éåžžèŠæ±ããããã«ããã£ã¹ãã§ã¯ãªããRIPv2ã®åºåãªã¹ãã䜿çšããå Žåã¯âRIPv1 Compatibleâãèšå®ããŸããïŒãã®ã¢ãŒãã䜿çšãããšãRIPv1ã®ã«ãŒã¿ã¯ãããã³ã«ã¡ãã»ãŒãžãåä¿¡ã§ããRIPv2ã®ã«ãŒã¿ã¯ RIPv2ã§æäŸãããè¿œå æ å ±ïŒãµãããããã¹ã¯ããã¯ã¹ãããããããã³èªèšŒæ å ±ïŒãåä¿¡ã§ããŸãã
ïŒãããã¯ãŒã¯ã«æ¥ç¶ããŠããä»ã®ã«ãŒã¿ããåºåãããçµè·¯æ å ±ãååçã«ã¢ãã¿ãªã³ã°ããã ãã®å Žåã¯ãâDo Not Sendâãèšå®ããŸãã
162FXC9012F
Webã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
ã«ãŒãããã¯ã®åé¿
ã¬ã€ã€ 2ã¹ã€ãããã«ãŒãçºçã®åé¿ã«ã¹ããã³ã°ããªãŒã¢ã«ãŽãªãºã ã䜿çšããããã«ãã«ãŒã¿ããéä¿¡ããŒã¿ã®ãšã³ãã¬ã¹ãªåéã®åå ãšãªãã«ãŒããåé¿ããææ³ãæ¡çšããŠããŸãããããã³ã«ãã±ãããã«ãŒãã«åã蟌ãŸãããšããªã³ã¯ã¯èŒ»èŒ³ãããããã³ã«ãã±ããã¯ç Žæ£ãããŸãããããããããã¯ãŒã¯ã¯ãã£ãããšæ°ããªã¹ããŒãã«åæããŠãããŸããRIPã¯æ¬¡ã® 3ã€ã®ææ³ã䜿çšããŠãããã¯ãŒã¯ããããžã®å€åæã«ããé«éã«åæãããããã«ããã»ãšãã©ã®ã«ãŒãã®çºçãåé¿ããŸãã
⢠ã¹ããªãããã©ã€ãºã³ãã®çµè·¯æ å ±ãéä¿¡ããŠããã€ã³ã¿ãã§ãŒã¹ããŒãã«ã¯çµè·¯æ å ±ãåºåããŸããã
⢠ãã€ãºã³ãªããŒã¹ãã®çµè·¯æ å ±ãéä¿¡ããŠããã€ã³ã¿ãã§ãŒã¹ããŒãã«çµè·¯æ å ±ãåºåããããè·é¢ãã¯ãã«åã®ã¡ããªãã¯ã¯ç¡é倧ã«èšå®ããŸããïŒããã«ããåææéãççž®ã§ããŸãïŒ
⢠ããªã¬ã¢ããããŒãçµè·¯ãå€åããéã¯ãã€ã§ããçãé 延æéçµãŠã¢ããããŒãã¡ãã»ãŒãžãåºåããããåšæçãªãµã€ã¯ã«ã§åŸ ã€ããšã¯ãããŸããã
ãããã³ã«ã¡ãã»ãŒãžã®èªèšŒ
RIPv1ã¯ã»ãã¥ã¢ãªãããã³ã«ã§ã¯ãããŸãããUDPããŒã 520çªãããããã³ã«ã¡ãã»ãŒãžãéä¿¡ããããã€ã¹ã¯ãé£æ¥ããããã€ã¹ãããã®ããã€ã¹ãã«ãŒã¿ã§ããããšãç¥ãããŠããŸããŸããèªèšŒæ¹åŒãå°å ¥ããªãå Žåããããã¯ãŒã¯å šäœã«ãæªæã®ããããŸãã¯æãŸããªããããã³ã«ã¡ãã»ãŒãžãç°¡åã«äŒæ¬ããŸããRIPv2ã¯ç°¡åãªãã¹ã¯ãŒãã«ãã£ãŠèªèšŒããµããŒãããŠããŸããã«ãŒã¿ãèªèšŒã¡ãã»ãŒãžã亀æããããèšå®ãããŠããå Žåãéä¿¡åŽã¯è»¢éããããã¹ãŠã®ãããã³ã«ãã±ããã«ãã¹ã¯ãŒããä»å ããåä¿¡åŽã§ã¯åä¿¡ãããã¹ãŠã®ãã±ããã«æ¿èªããããã¹ã¯ãŒããå«ãŸããŠãããããã§ãã¯ããŸããåä¿¡ããã¡ãã»ãŒãžã®ãã¹ã¯ãŒããæ£ãããªãå Žåããã®ã¡ãã»ãŒãžã¯ç Žæ£ãããŸãã
èšå®ã»è¡šç€ºé ç®
VLAN
èšå®ãã VLANã® IDïŒ1-4093ïŒ
Receive Version
ã€ã³ã¿ãã§ãŒã¹ã§åä¿¡ãã RIPã®ããŒãžã§ã³ã
ïŒ RIPv1ïŒRIPv1ãã±ããã®ã¿ãåä¿¡ã
ïŒ RIPv2ïŒRIPv2ãã±ããã®ã¿ãåä¿¡ã
ïŒ RIPv1 or RIPv2ïŒRIPv1ãŸã㯠RIPv2ãã±ãããåä¿¡ãïŒåæèšå®ïŒ
ïŒ Do Not ReceiveïŒRIPãã±ããã®åä¿¡ãæåŠã
ãïŒåæèšå®ã¯ã[RIP] â [General Settings] ã¡ãã¥ãŒã®ç»é¢ã® Global RIP Versionãã£ãŒã«ãã®éžæè¢ã«æºããŸããïŒRIPv1ã®å Žåâ RIPv1 or RIPv2âãRIPv2ã®å ŽåâRIPv2âïŒïŒ
Send Version
ã€ã³ã¿ãã§ãŒã¹ããéä¿¡ãã RIPã®ããŒãžã§ã³ã
ïŒ RIPv1ïŒRIPv1ãã±ããã®ã¿ãéä¿¡ã
ïŒ RIPv2ïŒRIPv2ãã±ããã®ã¿ãéä¿¡ã
ïŒ RIPv1 CompatibleïŒä»ã®ã«ãŒã¿ãžã®çµè·¯æ å ±ã®ãããŒããã£ã¹ãã«ã¯ RIPv2ã䜿çšïŒåæèšå®ïŒ
ïŒ Do Not SendïŒRIPã®ã¢ããããŒãæ å ±ãéä¿¡ããªãã
ãïŒåæèšå®ã¯ã[RIP] â [General Settings] ã¡ãã¥ãŒã®ç»é¢ã® Global RIP Versionãã£ãŒã«ãã®éžæè¢ã«æºãããïŒRIPv1ã®å Žåâ RIPv1 CompatibleâãRIPv2ã®å ŽåâRIPv2âïŒïŒ
163 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
Instability Preventing
ãããã¯ãŒã¯ããããžã®å€åæã«åææéãççž®ããããœãŒã¹ã«ãŒã¿ã« RIPãããã³ã«ã¡ãã»ãŒãžãã«ãŒãããã¯ããããšãåé¿ãããææ³ãèšå®ããŸããïŒåæèšå®ïŒSplit HorizonïŒ
ïŒ NoneïŒææ³ãèšå®ããŸãããã«ãŒããçºçããå Žåãçµè·¯ãå°éäžå¯èœã§ãããšå€æãããåã«ãçµè·¯ã®ãããæ°ãç¡é倧ïŒ16ïŒã«ãªããŸã§åŸã ã« 1ãã€å¢å ããŸãã
ïŒ Split HorizonïŒéä¿¡ããŠããã€ã³ã¿ãã§ãŒã¹ã«ã¯çµè·¯æ å ±ã®äŒæ¬ãè¡ããŸããã
ïŒ Poison ReverseïŒéä¿¡ããŠããã€ã³ã¿ãã§ãŒã¹ã«çµè·¯æ å ±ã®äŒæ¬ãè¡ããŸãããè·é¢ãã¯ãã«åã®ã¡ããªãã¯ãç¡é倧ã«èšå®ããŸããïŒããé«éã«åæããŸãïŒ
Authentication Type
ãããã³ã«ã¡ãã»ãŒãžã®äº€æã«èªèšŒã䜿çšãããåŠããèšå®ããŸããïŒåæèšå®ïŒNo
AuthenticationïŒ
ïŒ No AuthenticationïŒèªèšŒã䜿çšããŸããã
ïŒ Simple PasswordïŒæ¿èªããããã¹ã¯ãŒãã䜿çšããŠãã€ã³ã¿ãã§ãŒã¹ã¯ä»ã®ã«ãŒã¿ãšã®çµè·¯æ å ±ã®äº€æãè¡ããŸããïŒãã®éžæè¢ã¯ RIPv2ã®ã¿ã«é©çšãããããšã«æ³šæããŠãã ããïŒ
Authentication Key
RIPv2ãã±ããèªèšŒã®ããã®ãã¹ã¯ãŒããèšå®ããŸããèªèšŒãæ£ããæ©èœããããã«ã¯ãéåä¿¡åæ¹ã®ã€ã³ã¿ãã§ãŒã¹ãåããã¹ã¯ãŒãã䜿çšããå¿ èŠããããŸããïŒç¯å²ïŒ1-16æ¡ã®åè§æååã倧æåå°æåãèå¥ããŸãïŒ
èšå®æ¹æ³
[Routing Protocol] â [RIP] â [Interface Settings] ãã¯ãªãã¯ããŸããåä¿¡ãéä¿¡ãããããã« RIPãããã³ã«ã¡ãã»ãŒãžã®çš®é¡ãéžæããïŒãããã¯ãŒã¯ããããžã®å®å®æ§ç¢ºä¿ã®ããïŒé«éãªåæãšã«ãŒãããã¯åé¿ãæäŸããææ³ãéžæããèªèšŒã®çš®é¡ãšãã®ãã¹ã¯ãŒããèšå®ããŸãã[Apply] ãã¯ãªãã¯ããŸãã
164FXC9012F
Webã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
RIPã®æ å ±ãšçµ±èšæ å ±ã®è¡šç€º
RIPã®çŸæç¹ã§ã®ã°ããŒãã«ãªèšå®å 容ã«ã€ããŠã®åºæ¬çãªæ å ±ãçµè·¯ã®å€æŽãç §äŒã«ã€ããŠã®çµ±èšæ å ±ãRIPãæå¹ãªã«ãŒã¿ã®ã€ã³ã¿ãã§ãŒã¹æ å ±ãããã³æ¢ç¥ã®ãã¢ã® RIPããã€ã¹ã«ã€ããŠã®æ å ±ã衚瀺ã§ããŸãã
é ç® å 容
Globals
RIP Routing Process RIPã®æå¹ /ç¡å¹ã®è¡šç€º
Update Time in Seconds RIPãçµè·¯æ å ±ãåºåããééïŒåæèšå®ïŒ30ç§ïŒ
Number of Route Changes çµè·¯æ å ±ãå€æŽãããåæ°
Number of Queries æ¬æ©ãã«ãŒãã£ã³ã°ããŒã¿ããŒã¹ã®ç §äŒãåããåæ°
Interface Information
Interface ã€ã³ã¿ãã§ãŒã¹ã® IPã¢ãã¬ã¹
SendMode ãã®ã€ã³ã¿ãã§ãŒã¹ãéä¿¡ãã RIPã®ããŒãžã§ã³ïŒnoneãRIPv1ãRIPv2ã rip1CompatibleïŒ
ReceiveMode ãã®ã€ã³ã¿ãã§ãŒã¹ãåä¿¡ãã RIPã®ããŒãžã§ã³ïŒnoneãRIPv1ãRIPv2ãRIPv1Orv2ïŒ
InstabilityPreventing ã¹ããªãããã©ã€ãºã³ããã€ãºã³ãªããŒã¹ãŸãã¯å®å®æ§ã®ç¢ºä¿æ段ã¯ããããéžæããŠããªããã«ã€ããŠã®è¡šç€º
AuthType åçŽãªãã¹ã¯ãŒãã«ããèªèšŒããèªèšŒèšå®ããŠããªããã«ã€ããŠã®è¡šç€º
RcvBadPackets åä¿¡ãããRIPãšã©ãŒãã±ããæ°
RcvBadRoutes åä¿¡ãããé害ã®ããçµè·¯ã®æ°
SendUpdates çµè·¯ã®å€æŽãçºçããæ°
Peer Information
PeerAddress RIPã®é£æ¥ã«ãŒã¿ã® IPã¢ãã¬ã¹
UpdateTime ãã¢ã®é£æ¥ã«ãŒã¿ããçŽåã«çµè·¯æ å ±ãåä¿¡ããæé
Version ãã¢ã®é£æ¥ã«ãŒã¿ãã RIPv1ãŸã㯠RIPv2ã©ã¡ãã®ãã±ãããåä¿¡ããã
RcvBadPackets ãã¢ã®é£æ¥ã«ãŒã¿ããåä¿¡ãããRIPãšã©ãŒãã±ããæ°
RcvBadRoutes ãã¢ã®é£æ¥ã«ãŒã¿ããåä¿¡ãããé害ã®ããçµè·¯ã®æ°
165 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
èšå®æ¹æ³
[Routing Protocol] â [RIP] â [Statistics] ãã¯ãªãã¯ããŸãã
2.16.6 OSPFã®èšå®
OSPFã®èšå®
èšå®ã»è¡šç€ºé ç®
OSPF Routing Process
å šãŠã® IPã€ã³ã¿ãã§ãŒã¹ã§ãOSPFã«ãŒãã£ã³ã°ãæå¹ /ç¡å¹ïŒåæèšå®ïŒç¡å¹ïŒ
OSPF Router ID
OSPFã«ãŒã¿ IDïŒåæèšå®ïŒäžçªäœãã€ã³ã¿ãã§ãŒã¹ã¢ãã¬ã¹ïŒ
Version Number
æ¬æ©ã¯ OSPFããŒãžã§ã³ 2ã®ã¿ãµããŒã
Area Border Router
ãšãªã¢å¢çã«ãŒã¿
Rfc1583 Compatible
RFC 1583 (OSPFv1) ã䜿çšããŠããµããªãŒ ã«ãŒãã®ã³ã¹ããèšç®ããŸãã (Default:Disabled)
OSPF Hold Time (seconds)
OSPFããŒã«ãã¿ã€ã (ç¯å²ïŒ 0-65535ç§ãåæèšå®ïŒ 10ç§ )
Area Numbers
OSPFãšãªã¢çªå·
166FXC9012F
Webã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
èšå®æ¹æ³
[Routing Protocol] â [OSPF] â [General Configuration] ãã¯ãªãã¯ããŸãã
OSPFãšãªã¢ã®èšå®
èšå®ã»è¡šç€ºé ç®
Area ID
ãšãªã¢ IDïŒstubãŸã㯠NSSAïŒ
Area Type
normal area, stub area, or not-so-stubby area(NSSA)ãæå®ã
ãšãªã¢ ID 0.0.0.0 ã¯ããã¯ããŒã³ã«ããã©ã«ãã§èšå®ãããŸãã (åæèšå®ïŒNormal area)
Default Cost
ããã©ã«ããµããªã«ãŒãã®ã³ã¹ã (ç¯å²ïŒ0-16777215ãåæèšå®ïŒ 1)
Summary
⢠ã¹ã¿ãå ã®ãã¹ãŠã®ã«ãŒã¿ã¯ãåããšãªã¢ ID ã§æ§æãããŠããå¿ èŠããããŸãã
⢠ã«ãŒãã£ã³ã° ããŒãã« ã¹ããŒã¹ã¯ãã¿ã€ã 4 AS ãµããªãŒ LSA ããã³ã¿ã€ã 5 å€éšLSA ããããã¯ããããšã«ãããã¹ã¿ãå ã«ä¿åãããŸãããã®ã³ãã³ãã®ããã©ã«ãèšå®ã§ã¯ãããŒã«ã« ãšãªã¢ãŸãã¯èªåŸã·ã¹ãã å€éšã®å®å ãžã®ããã©ã«ã ã«ãŒããã¢ããã¿ã€ãºããã¿ã€ã 3 ãµããªãŒ LSA ããããã¯ããããšã«ãããã¹ã¿ããå®å šã«åé¢ããŸãã(Default: Summary).
167 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
èšå®æ¹æ³
[Routing Protocol] â [OSPF] â [Area Configuration] ãã¯ãªãã¯ããŸãã
OSPFãšãªã¢ã¬ã³ãžã®èšå®
èšå®ã»è¡šç€ºé ç®
Area ID
ã«ãŒããèŠçŽãããšãªã¢ãèå¥ããŸã
ïŒãšãªã¢ ID ã¯ãIP ã¢ãã¬ã¹ãšåã圢åŒã§ããå¿ èŠããããŸãïŒã
Range Network
èŠçŽããã«ãŒãã®ããŒã¹ ã¢ãã¬ã¹ã§ãã
Range Netmask
ãµããªãŒ ã«ãŒãã®ãããã¯ãŒã¯ ãã¹ã¯ã§ãã
Advertising
æå®ãããã¢ãã¬ã¹ç¯å²ãã¢ããã¿ã€ãºããŸãã (Default: Advertise)
168FXC9012F
Webã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
èšå®æ¹æ³
[Routing Protocol] â [OSPF] â [Area Range Configuration] ãã¯ãªãã¯ããŸãã
OSPFã€ã³ã¿ãã§ãŒã¹ã®èšå®
èšå®ã»è¡šç€ºé ç®
VLAN ID
VLAN IDãæå®
Interface IP
ã€ã³ã¿ãã§ãŒã¹ã® IPã¢ãã¬ã¹ãæå®
Area ID
ãšãªã¢ IDãæå®
Designated Router
ãã®ãšãªã¢ã® Designatedã«ãŒã¿
Backup Designated Router
ãã®ãšãªã¢ã® Designatedããã¯ã¢ããã«ãŒã¿
Entry Count
ãã® VLANã«ã¢ãµã€ã³ãããŠãã IPã€ã³ã¿ãã§ãŒã¹ã®æ°
169 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
èšå®æ¹æ³
[Routing Protocol] â [OSPF] â [Interface Configuration] ãã¯ãªãã¯ããŸãã
ããŒãã£ã«ãªã³ã¯ã®èšå®
èšå®ã»è¡šç€ºé ç®
Area ID
area-id - ä»®æ³ãªã³ã¯ã®ãã©ã³ãžãã ãšãªã¢ã®èå¥åã§ã
ïŒãšãªã¢ ID ã¯ãIP ã¢ãã¬ã¹ãšåã圢åŒã§ããå¿ èŠããããŸãïŒã
Neighbor Router ID
ä»®æ³ãªã³ã¯ã®é£æ¥ã«ãŒã¿ã®ã«ãŒã¿ ID ã§ãããã®ã«ãŒã¿ã¯ãä»®æ³ãªã³ã¯ã®
ä»æ¹ã®ç«¯ã«ããããã¯ããŒã³ãšãã©ã³ãžãã ãšãªã¢äž¡æ¹ã«é£æ¥ãããšãªã¢å¢çã«ãŒ
ã¿ïŒABRïŒ ã§ããå¿ èŠããããŸãã
170FXC9012F
Webã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
èšå®æ¹æ³
[Routing Protocol] â [OSPF] â [Virtual Link Configuration] ãã¯ãªãã¯ããŸãã
ãããã¯ãŒã¯ãšãªã¢ã¢ãã¬ã¹ã®èšå®
èšå®ã»è¡šç€ºé ç®
IP Address
ãšãªã¢ã«è¿œå ããã€ã³ã¿ãã§ãŒã¹ã® IPã¢ãã¬ã¹
Netmask
ãšãªã¢ã«è¿œå ããã€ã³ã¿ãã§ãŒã¹ã®ããããã¹ã¯ .
Area ID
ãšãªã¢ IDãæå® (ãšãªã¢ ID㯠IPã¢ãã¬ã¹ã®ãã©ãŒã ã«ãªããŸã )
171 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
èšå®æ¹æ³
[Routing Protocol] â [OSPF] â [Network Area Address Configuration.] ãã¯ãªãã¯ããŸãã
ãµããªã¢ãã¬ã¹ã®èšå®
èšå®ã»è¡šç€ºé ç®
IP Address
ã¢ãã¬ã¹ç¯å²ãã«ããŒãããµããªãŒ ã¢ãã¬ã¹ã§ãã
Netmask
ãµããªãŒ ã«ãŒãã®ãããã¯ãŒã¯ ãã¹ã¯ã§ãã
èšå®æ¹æ³
[Routing Protocol] â [OSPF] â [Summary Address Configuration] ãã¯ãªãã¯ããŸãã
172FXC9012F
Webã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
å€éšã«ãŒãã®åé åž
èšå®ã»è¡šç€ºé ç®
Redistribute Protocol
å€éšã«ãŒãã£ã³ã°ãããã³ã«ã¿ã€ããæå®ããŸããïŒãªãã·ã§ã³ïŒRIPãStaticãåæèšå®ïŒRIP
Redistribute Metric Type
ã¡ããªãã¯ã¿ã€ããæå®ïŒãªãã·ã§ã³ïŒType 1, Type 2ãåæèšå®ïŒ Type 1)
Redistribute Metric Type
ã¡ããªãã¯ã¿ã€ãã®åé åžïŒç¯å²ïŒ1-65535ãåæèšå®ïŒ 10)
èšå®æ¹æ³
[Routing Protocol] â [OSPF] â [Redistribute Configuration] ãã¯ãªãã¯ããŸãã
173 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
NSSAã®èšå®
èšå®ã»è¡šç€ºé ç®
Area ID
NSSA ã®èå¥åã§ãïŒãšãªã¢ ID ã¯ãIP ã¢ãã¬ã¹ãšåã圢åŒã§ããå¿ èŠããããŸãïŒã.
Default Information Originate
ã«ãŒã¿ã NSSA ãšãªã¢å¢çã«ãŒã¿ïŒABRïŒ ãŸã㯠NSSA èªåŸã·ã¹ãã å¢çã«ãŒã¿ïŒASBRïŒ ã§ããæããã®ãã©ã¡ãŒã¿ãæå®ãããšãNSSA ã«å¯Ÿããã¿ã€ã -7 ããã©ã«ã LSA ãçæãããŸãããã®ããã©ã«ãã¯ãNSSA ABR ã«ã¯ AS å ã®ä»ãšãªã¢ã«å¯Ÿããã«ãŒããããŸã NSSA ASBR ã«ã¯ AS å€éšã®ãšãªã¢ã«å¯Ÿããã«ãŒããæäŸããŸãã
No Redistribution
ã«ãŒã¿ã NSSA ã®ãšãªã¢å¢çã«ãŒã¿ïŒABRïŒ ã§ããããªãã〠redistribute ã³ãã³ãã䜿ã£ãŠïŒNSSA ã«ã§ã¯ãªãïŒ ããŒãã« ãšãªã¢ã«ã®ã¿ã«ãŒããã€ã³ããŒããããå Žåããã®ããŒã¯ãŒãã䜿çšããŸããããªãã¡ããã®ããŒã¯ãŒãã§ã¯ãNSSA ABR ãïŒä»ã®ãšãªã¢ã®ã«ãŒã¿ãä»ããŠåŠç¿ãããïŒ å€éšã«ãŒãã£ã³ã°æ å ±ã NSSA ãžã¢ããã¿ã€ãºããã®ãé²ããŸãã
èšå®æ¹æ³
[Routing Protocol] â [OSPF] â [NSSA Settings] ãã¯ãªãã¯ããŸãã
174FXC9012F
Webã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
ãªã³ã¯ã¹ããŒãããŒã¿ããŒã¹æ å ±ã®è¡šç€º
èšå®ã»è¡šç€ºé ç®
Area ID
ãšãªã¢ IDãæå® (ãšãªã¢ ID㯠IPã¢ãã¬ã¹ã®ãã©ãŒã ã«ãªããŸã )
Link ID
ãªã³ã¯ ID
Self-Originate
LSAã® originatedã衚瀺
LS Type
LSA ã¿ã€ã (ãªãã·ã§ã³ïŒType 1-5, 7)ã
Adv Router
ã¢ããã¿ã€ãžã³ã°ã«ãŒã¿ã® IPã¢ãã¬ã¹ã
èšå®æ¹æ³
[Routing Protocol] â [OSPF] â [Link State Database Information] ãã¯ãªãã¯ããŸãã
175 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
ããŒããŒã«ãŒã¿æ å ±ã®è¡šç€º
èšå®ã»è¡šç€ºé ç®
Destination
å®å ã«ãŒã¿ã®èå¥å
Next Hop
å®å ãžã®ãã¯ã¹ã ãããã® IP ã¢ãã¬ã¹
Cost
ãã®ã«ãŒãã®ãªã³ã¯ ã¡ããªãã¯
Type
å®å ã®ã«ãŒã¿ ã¿ã€ãïŒABRãASBRããŸãã¯äž¡æ¹ïŒ
Rte Type
ã«ãŒã ã¿ã€ããã€ã³ãã© ãšãªã¢ãŸãã¯ãšãªã¢éã«ãŒãïŒINTRA ãŸã㯠INTERïŒ ã®ããããã.
Area
ãã®ã«ãŒããåŠç¿ããããšãªã¢ã
SPF No
ãã®ã«ãŒãã«å¯Ÿã㊠SPF ïŒæçãã¹åªå ïŒ ã¢ã«ãŽãªãºã ãå®è¡ãããåæ°ã
èšå®æ¹æ³
[Routing Protocol] â [OSPF] â [Border Router Information] ãã¯ãªãã¯ããŸãã
176FXC9012F
Webã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
é£æ¥ã«ãŒã¿æ å ±ã®è¡šç€º
èšå®ã»è¡šç€ºé ç®
ID
é£æ¥ã«ãŒã¿ ID
Priority
é£æ¥ã«ãŒã¿ãã©ã€ãªãªãã£
State
OSPF ã®ç¶æ ãšèå¥ãã©ã°ã§ããåç¶æ ã¯ã次ã®ãšããã§ãã
ïŒ Down ïŒæ¥ç¶ãããŠã³ããŠããŸãã
ïŒ AttemptïŒæ¥ç¶ã¯ããŠã³ããŠããããã³ã³ã¿ã¯ããè©Šã¿ãããŠããŸã
ããããããïŒéãããŒããã£ã¹ã ãããã¯ãŒã¯çšïŒ
ïŒ InitïŒ Helloãã±ããã¯åä¿¡ãããããéä¿¡ã¯ãŸã 確ç«ãããŠããŸããã
ïŒ Two-way ïŒåæ¹åéä¿¡ã確ç«ããŠããŸãã
ïŒ ExStartïŒé£æ¥ã«ãŒã¿éã®é£æ¥æ§ãåæåããŠããŸãã
ïŒ ExchangeïŒããŒã¿ããŒã¹èšè¿°ã亀æããŠããŸãã
ïŒ Loading ïŒLSA ããŒã¿ããŒã¹ã亀æããŠããŸãã
ïŒ FullïŒé£æ¥ã«ãŒã¿ã¯å®å šã«é£æ¥é¢ä¿ã«ãããŸãã
åèå¥ãã©ã°ã¯æ¬¡ã®ãšããã§ãã
DïŒãã€ãããã¯é£æ¥ã«ãŒã¿ã§ãã
S ïŒ ã¹ã¿ãã£ãã¯é£æ¥ã«ãŒã¿ã§ãã
DR ïŒ æå®ã«ãŒã¿ã§ãã
BDR ïŒ ããã¯ã¢ããæå®ã«ãŒã¿ã§ãã
Address
ãã®ã€ã³ã¿ãã§ãŒã¹ã® IPã¢ãã¬ã¹ã
èšå®æ¹æ³
[Routing Protocol] â [OSPF] â [Neighbor Information] ãã¯ãªãã¯ããŸãã
177 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ãã«ãŒãã£ã³ã°
2.17 ãã«ããã£ã¹ãã«ãŒãã£ã³ã°
æ¬æ©ã¯ãIGMP ã¹ããŒãã³ã°ããã³ã¯ãšãªãŒã䜿çšããŠãäžæµã®ãã«ããã£ã¹ããã¹ãã«æ¥ç¶ããããŒããå€æãããã®æ å ±ããã«ããã£ã¹ã ããªãŒå šäœã«äŒæããèŠæ±ããããµãŒãã¹ããã«ããã£ã¹ã ãµãŒããšãã®ãã¹ãéã®åäžéããŒããä»ããŠç¢ºå®ã«è»¢éãããããã«ããŸãããŸãããããããµãŒãã¹ãèŠæ±ããŠããªãä»ã®ãã¹ãŠã®ã€ã³ã¿ãã§ãŒã¹ããã®ãã©ãã£ãã¯ããã£ã«ã¿ãªã³ã°ããŸãã
ãã«ããã£ã¹ã ã«ãŒã¿ã§ã¯ãã¹ããŒãã³ã°ããã³ã¯ãšãªãŒã¡ãã»ãŒãžããã«ããã£ã¹ã ã«ãŒãã£ã³ã° ãããã³ã«ãšãšãã«äœ¿çšããããšã«ãããç°ãªããµããããã¯ãŒã¯ã«ãŸããã IP ãã«ããã£ã¹ã ãã±ããã®é ä¿¡ãæäŸããŸããæ¬æ©ã¯ãDVMRP (Distance-Vector Multicast Routing Protocol) ããã³ PIM (Protocol Independent Multicasting) ã®äž¡æ¹ããµããŒãããŠããŸãïŒãã«ããã£ã¹ã ã«ãŒãã£ã³ã°ã䜿çšããã€ã³ã¿ãã§ãŒã¹ã¯ããããã IGMPãæå¹ã«ãªã£ãŠããå¿ èŠãããããšã«æ³šæããŠãã ããïŒã
2.17.1 ãã«ããã£ã¹ãã«ãŒãã£ã³ã°ã®ã°ããŒãã«èšå®
èšå®æ¹æ³
[IP] â [Multicast Routing] â [General Setting]ãã¯ãªãã¯ããŸãã
ãã«ããã£ã¹ãã«ãŒãã£ã³ã°ããŒãã«ã®è¡šç€º
IP ãã«ããã£ã¹ã ã«ãŒãã£ã³ã° ããŒãã«ã衚瀺ããŸãã
èšå®ã»è¡šç€ºé ç®
Group Address
IP ãã«ããã£ã¹ã ã°ã«ãŒã ã¢ãã¬ã¹ã§ããå å ¥è ã¯çŽæ¥æ¥ç¶ãããŠãããããŸãã¯ãã®ã«ãŒã¿ã®äžæµã«ååšããŸãã
Source Address
ãã«ããã£ã¹ãé ä¿¡ããªãŒã®æ ¹ãšãªã IP ãµããããã¯ãŒã¯ã§ãããã®ãµããããã¯ãŒã¯ã¯ãæ¢ç¥ã®ãã«ããã£ã¹ãéä¿¡å ãå«ã¿ãŸãã
Netmask
IPãã«ããã£ã¹ããœãŒã¹ã®ãããã¯ãŒã¯ãã¹ã¯
Interface
ã€ã³ã¿ãã§ãŒã¹
Owner
ãã«ããã£ã¹ããããã³ã«ïŒäŸïŒDVMRPãŸã㯠PIMïŒ
Detail
éžæãããšã³ããªã®è©³çŽ°æ å ±ã衚瀺
178FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ãã«ãŒãã£ã³ã°
èšå®æ¹æ³
[IP] â [Multicast Routing] â [Multicast Routing Table]ãã¯ãªãã¯ããŸãã
2.17.2 DVMRPã®èšå®
ã°ããŒãã« DVMRPã®èšå®
IP ãã«ããã£ã¹ã ã«ãŒãã£ã³ã° ããŒãã«ã衚瀺ããŸãã
èšå®ã»è¡šç€ºé ç®
DVMRP Protocol
ã¹ã€ãã㧠DVMRPã®æå¹ /ç¡å¹ãèšå® (åæèšå®ïŒç¡å¹ )
Probe Interval
ãã¹ãŠã® DVMRP ã«ãŒã¿ã®ãã«ããã£ã¹ã ã°ã«ãŒã ã¢ãã¬ã¹å®ã«é£æ¥ã«ãŒã¿ãžã®ãããŒã ã¡ãã»ãŒãžãéä¿¡ããééãèšå®ããŸãã
Neighbor Timeout Interval
DVMRP é£æ¥ã«ãŒã¿ã䜿çšäžèœã§ãããšå®£èšããåã«ããã®ã«ãŒã¿ããã®ã¡ãã»ãŒãžãåŸ æ©ããééãèšå®ããŸã
Report Interval
ä»ã®é£æ¥ DVMRP ã«ãŒã¿ã«ã«ãŒãã£ã³ã° ããŒãã«å šäœãäŒæããé »åºŠãæå®ããŸã
Flash Update Interval
ãããã¯ãŒã¯ ããããžã®å€æŽãåæ ãããããã®ããªã¬ãŒ ã¢ããããŒãïŒ ãã©ãã·ã¥ ã¢ããããŒãïŒ ãéä¿¡ããé »åºŠãæå®ããŸãã.
Prune Lifetime
ãã«ããã£ã¹ã ããªãŒã®ãã«ãŒã³ç¶æ ãç¶æãããæéãå®çŸ©ããŸãã.
179 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ãã«ãŒãã£ã³ã°
èšå®æ¹æ³
[Routing Protocol] â [DVMRP] â [General Settings]ãã¯ãªãã¯ããŸãã
DVMRPã€ã³ã¿ãã§ãŒã¹ã®èšå®
IP ãã«ããã£ã¹ã ã«ãŒãã£ã³ã° ããŒãã«ã衚瀺ããŸãã
èšå®ã»è¡šç€ºé ç®
VLAN
ã«ãŒã¿äžã® VLANã€ã³ã¿ãã§ãŒã¹ãéžæ
Metric
æçã®ãªããŒã¹ ãã¹ãéžæããããã®ã¡ããªãã¯ã§ãïŒç¯å² : 1 ïœ 31ïŒã
Status
ã€ã³ã¿ãã§ãŒã¹ã§ DVMRPã®æå¹ /ç¡å¹ã
èšå®æ¹æ³
[Routing Protocol] â [DVMRP] â [Interface Settings]ãã¯ãªãã¯ããŸãã
180FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ãã«ãŒãã£ã³ã°
é£æ¥ã«ãŒã¿æ å ±ã®è¡šç€º
èšå®ã»è¡šç€ºé ç®
Neighbor Address
ãã®ãã«ããã£ã¹ãé ä¿¡ããªãŒã®çŽæ¥äžæµã«ãããããã¯ãŒã¯ ããã€ã¹ã® IP ã¢ãã¬ã¹ã§ãã
Interface
äžæµã®é£æ¥ã«ãŒã¿ã«æ¥ç¶ãããã®ã«ãŒã¿äžã® IP ã€ã³ã¿ãã§ãŒã¹ã§ãã
Up time
ãã®ããã€ã¹ã DVMRP é£æ¥ã«ãŒã¿ã«ãªã£ãŠããã®çµéæéã§ãã
Expire
ãã®ãšã³ããªãçµå¹ŽåŠçã«ããç¡å¹ã«ãªããŸã§ã®æ®ãæéã§ãã
Capabilities
é£æ¥ã«ãŒã¿ã®èœåã«ã¯ã次ããããŸãã
ïŒ Leaf ïŒããã 0ïŒ - é£æ¥ã«ãŒã¿ã«ã¯ãé£æ¥ã«ãŒã¿ãæã€ã€ã³ã¿ãã§ãŒã¹ã 1 ã€ãããããŸããã
ïŒ Prune ïŒããã 1ïŒ - é£æ¥ã«ãŒã¿ã¯ããã«ãŒãã³ã°ããµããŒãããŠããŸãã
ïŒ Generation ID ïŒããã 2ïŒ - é£æ¥ã«ãŒã¿ã¯ããããŒã ã¡ãã»ãŒãžã«èªèº«ã® Generation ID ãå«ããŠéä¿¡ããŸãã
ïŒ Mtrace ïŒããã 3ïŒ - é£æ¥ã«ãŒã¿ã¯ããã«ããã£ã¹ããã¬ãŒã¹èŠæ±ãåŠçã§ããŸãã
ïŒ SNMP ïŒããã 4ïŒ - é£æ¥ã«ãŒã¿ã¯ SNMP ããµããŒãããŠããŸãã
ïŒ Netmask - ïŒããã 5ïŒ - é£æ¥ã«ãŒã¿ã¯ããã«ãŒã³ãã°ã©ãããããã³ã°ã©ãã ACKïŒè¯å®å¿çïŒ ã®åã¡ãã»ãŒãžã«ä»ãããããããã¯ãŒã¯ ãã¹ã¯ãåçããŸãã
ïŒ Reserved ïŒããã 6 ããã³ 7ïŒ - å°æ¥äœ¿çšããããã«çä¿ãããŠããŸãã
èšå®æ¹æ³
[Routing Protocol] â [DVMRP] â [Neighbor Information]ãã¯ãªãã¯ããŸãã
181 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ãã«ãŒãã£ã³ã°
ã«ãŒãã£ã³ã°ããŒãã«ã®è¡šç€º
èšå®ã»è¡šç€ºé ç®
IP Address
ãã«ããã£ã¹ãéä¿¡å ãäžæµã«ãŒã¿ããŸãã¯ãã«ããã£ã¹ã ãã¹ãã«æ¥ç¶ãããçºä¿¡ã€ã³ã¿ãã§ãŒã¹ãå«ãŸãã IP ãµããããã¯ãŒã¯ã§ãã
Netmask
éä¿¡å ã¢ãã¬ã¹ã«äœ¿çšããããµãããã ãã¹ã¯ã§ãããã®ãã¹ã¯ã¯ãç¹å®ã®ãµãããããžã®ã«ãŒãã£ã³ã°ã«äœ¿çšããããã¹ã ã¢ãã¬ã¹ ããããèå¥ãããã®ã§ãã
Upstream Neighbor
1 ã€ãŸãã¯è€æ°ã®ãã«ããã£ã¹ã ã°ã«ãŒãã®çŽæ¥äžæµã«ãããããã¯ãŒã¯ ããã€ã¹ã® IP ã¢ãã¬ã¹ã§ãã
Interface
äžæµã®é£æ¥ã«ãŒã¿ã«æ¥ç¶ãããã®ã«ãŒã¿äžã® IP ã€ã³ã¿ãã§ãŒã¹ã§ãã
Metric
è·é¢ãã¯ãã«ã®èšç®ã«äœ¿çšããããã®ã€ã³ã¿ãã§ãŒã¹ã®ã¡ããªãã¯ã§ãã
Up time
ãã®ãšã³ããªãäœæãããŠããã®çµéæéã§ãã
Expire
ãã®ãšã³ããªãçµå¹ŽåŠçã«ããç¡å¹ã«ãªããŸã§ã®æ®ãæéã§ãã
èšå®æ¹æ³
[Routing Protocol] â [DVMRP] â [DVMRP Routing Table]ãã¯ãªãã¯ããŸãã
182FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ãã«ãŒãã£ã³ã°
2.17.3 PIM-DMã®èšå®
PIM-DMã°ããŒãã«èšå®
èšå®æ¹æ³
[Routing Protocol] â [PIM-DM] â [General Settings]ãã¯ãªãã¯ããŸãã
PIM-DMã€ã³ã¿ãã§ãŒã¹èšå®
èšå®ã»è¡šç€ºé ç®
VLAN
VLANã€ã³ã¿ãã§ãŒã¹ãæå®ã
PIM-DM Protocol Status
PIM/DMã®æå¹ /ç¡å¹
Hello Interval
PIM Hello ã¡ãã»ãŒãžãéä¿¡ãããé »åºŠãæ§æããŸãã
Hello Holdtime
é£æ¥ãã PIM ã«ãŒã¿ã䜿çšäžèœã§ãããšå®£èšããåã«ããã®ã«ãŒã¿ããã® Hello ã¡ãã»ãŒãžãåŸ æ©ããééãèšå®ããŸãã
Trigger Hello Interval
ã«ãŒã¿ããªããŒãããåŸããã€ã³ã¿ãã§ãŒã¹ã§ PIM ãæå¹ã«ããåŸã«ãããªã¬ãŒããã PIM Hello ã¡ãã»ãŒãžãéä¿¡ãããŸã§ã®æ倧æéãæ§æããŸãã
Prune Holdtime
ãã«ãŒã³ç¶æ ã®ããŒã«ã ã¿ã€ã ãæ§æããŸãã
Graft Retry Interval
ã°ã©ãããåéä¿¡ããåã«ãã°ã©ãã ACK ïŒè¯å®å¿çïŒ ãåŸ æ©ããæéãèšå®ããŸãã
Max Graft Retries
ã°ã©ãã ã¡ãã»ãŒãžã«å¯Ÿã㊠ACK ïŒè¯å®å¿çïŒ ããªãå Žåã«ãã°ã©ãã ã¡ãã»ãŒãžãåéä¿¡ããæ倧åæ°ãæ§æããŸãã
183 FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ãã«ãŒãã£ã³ã°
èšå®æ¹æ³
[Routing Protocol] â [PIM-DM] â [Interface Settings]ãã¯ãªãã¯ããŸãã
ã€ã³ã¿ãã§ãŒã¹æ å ±ã®è¡šç€º
èšå®æ¹æ³
[Routing Protocol] â [PIM-DM] â [Interface Information]ãã¯ãªãã¯ããŸãã
é£æ¥ã«ãŒã¿æ å ±ã®è¡šç€º
èšå®æ¹æ³
[Routing Protocol] â [PIM-DM] â [Neighbor Information]ãã¯ãªãã¯ããŸãã
184FXC9012F
Webã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ãã«ãŒãã£ã³ã°
185 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã®å©çš
ã
3.1 ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã®å©çš
3.1.1 ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãžã®ã¢ã¯ã»ã¹
ã³ã³ãœãŒã«ããŒããåã¯ãããã¯ãŒã¯ãã Telnetçµç±ã§ç®¡çã€ã³ã¿ãã§ãŒã¹ã«ã¢ã¯ã»ã¹ããå ŽåãUnixã®ã³ãã³ãã«äŒŒãã³ãã³ãããŒãšãã©ã¡ãŒã¿ã®ããã³ããïŒã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ /CLIïŒã«ããæ¬æ©ã®èšå®ãè¡ããŸãã
3.1.2 ã³ã³ãœãŒã«æ¥ç¶
ã³ã³ãœãŒã«ããŒããžã®æ¥ç¶ã¯ä»¥äžã®æé ã§è¡ããŸãã
ïŒ1ïŒã³ã³ãœãŒã«ããã³ããã§ãŠãŒã¶åãšãã¹ã¯ãŒããå ¥åããŸããåæèšå®ã®ãŠãŒã¶å㯠"admin"ãš "guest"ããã¹ã¯ãŒããåãã "admin"ãš "guest"ãšãªã£ãŠããŸãã管çè ãŠãŒã¶åãšãã¹ã¯ãŒãïŒåæèšå®ã§ã¯ã©ã¡ãã "admin"ïŒãå ¥åããå ŽåãCLI
ã«ã¯ "Console#"ãšè¡šç€ºãã Privileged Execã¢ãŒããšãªããŸããäžæ¹ã²ã¹ããŠãŒã¶åãšãã¹ã¯ãŒãïŒåæèšå®ã§ã¯ã©ã¡ãã "guest"ïŒãå ¥åããå ŽåãCLIã«ã¯"Console>"ãšè¡šç€ºãã Normal Execã¢ãŒããšãªããŸãã
ïŒ2ïŒãŠãŒã¶åãšãã¹ã¯ãŒããå ¥ååŸã¯ãå¿ èŠã«å¿ããã³ãã³ããå ¥åããæ¬æ©ã®èšå®ãåã³çµ±èšæ å ±ã®é²èŠ§ãè¡ããŸãã
ïŒ3ïŒçµäºæã«ã¯ "quit"å㯠"exit"ã³ãã³ãã䜿çšãã»ãã·ã§ã³ãçµäºããŸãã
ã³ã³ãœãŒã«ããŒãããã·ã¹ãã ã«æ¥ç¶ãããšä»¥äžã®ãã°ã€ã³ç»é¢ã衚瀺ãããŸãã
3. ã³ãã³ã ã©ã€ã³ã€ã³ã¿ãã§ãŒã¹
User Access Verification
Username: adminPassword:
CLI session with the FXC9012F is opened. To end the CLI session, enter [Exit].
Console#
186FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã®å©çš
3.1.3 Telnetæ¥ç¶
Telnetãå©çšãããšãããã¯ãŒã¯çµç±ã§ã®ç®¡çãå¯èœãšãªããŸããTelnetãè¡ãã«ã¯ç®¡ç端æ«åŽãšæ¬æ©åŽã®ã©ã¡ãã«ã IPã¢ãã¬ã¹ãäºåã«èšå®ããå¿ èŠããããŸãããŸããç°ãªããµããããããã¢ã¯ã»ã¹ããå Žåã«ã¯ããã©ã«ãã²ãŒããŠã§ã€ãããããŠèšå®ããå¿ èŠããããŸãã
[泚æ ]ãå·¥å Žåºè·æã«ã¯ãæ¬æ©ã¯ DHCP ãµãŒããŒçµç±ã§ IP ã¢ãã¬ã¹ãå²ãæ¯ãããèšå®ã«ãªã£ãŠããŸãã
IPã¢ãã¬ã¹ãšããã©ã«ãã²ãŒããŠã§ã€ã®èšå®äŸã¯ä»¥äžã®éãã§ãã
æ¬æ©ãå€éšãšæ¥ç¶ããããããã¯ãŒã¯ã«æ¥ç¶ããå Žåã«ã¯ãç»é²ããã IPã¢ãã¬ã¹ãèšå®ããå¿ èŠããããŸããç¬ç«ãããããã¯ãŒã¯ã®å Žåã«ã¯å éšã§èªç±ã« IPã¢ãã¬ã¹ãå²ãåœãŠãããšãã§ããŸãã
æ¬æ©ã® IPã¢ãã¬ã¹ãèšå®ããåŸã以äžã®æé 㧠Telnetã»ãã·ã§ã³ãéå§ããããšãã§ããŸãã
ïŒ1ïŒãªã¢ãŒããã¹ããã Telnetã³ãã³ããšæ¬æ©ã® IPã¢ãã¬ã¹ãå ¥åããŸãã
ïŒ2ïŒããã³ããäžã§ãŠãŒã¶åãšãã¹ã¯ãŒããå ¥åããŸããPrivileged Execã¢ãŒãã®å Žåã«ã¯ "Vty-0#"ãšè¡šç€ºãããŸããNormal Execã¢ãŒãã®å Žåã«ã¯ "Vty-0>"ãšè¡šç€ºãããŸãã
ïŒ3ïŒãŠãŒã¶åãšãã¹ã¯ãŒããå ¥ååŸã¯ãå¿ èŠã«å¿ããã³ãã³ããå ¥åããæ¬æ©ã®èšå®ãåã³çµ±èšæ å ±ã®é²èŠ§ãè¡ããŸãã
ïŒ4ïŒçµäºæã«ã¯ "quit"å㯠"exit"ã³ãã³ãã䜿çšãã»ãã·ã§ã³ãçµäºããŸãã
[泚æ ]ã åæã«æ倧 4ã»ãã·ã§ã³ãŸã§ã® Telnetæ¥ç¶ãå¯èœã§ãã
Console(config)#interface vlan 1Console(config-if)#ip address 10.1.0.254 255.255.255.0Console(config-if)#exitConsole(config)#ip default-gateway 10.1.0.254
Username: adminPassword:
CLI session with the FXC9012F is opened. To end the CLI session, enter [Exit].
Vty-0#
187 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã³ãã³ãå ¥å
3.2 ã³ãã³ãå ¥å
3.2.1 ããŒã¯ãŒããšåŒæ°
CLIã³ãã³ãã¯ããŒã¯ãŒããšåŒæ°ã®ã°ã«ãŒãããæ§æãããŸããããŒã¯ãŒãã«ããã³ãã³ãã決å®ããåŒæ°ã«ããèšå®ãã©ã¡ãŒã¿ãå ¥åããŸãã
äŸãã°ã"show interfaces status ethernet 1/5"ãšããã³ãã³ãã®å Žåã"show interfaces"ãš"status"ãšããããŒã¯ãŒããã³ãã³ããªãã"ethernet"ãš "1/5"ãããããã€ã³ã¿ãã§ãŒã¹ãšãŠããã /ããŒããæå®ããåŒæ°ãšãªããŸãã
以äžã®æé ã§ã³ãã³ãã®å ¥åãè¡ããŸãã
⢠簡åãªã³ãã³ããå ¥åããå Žåã¯ãã³ãã³ãããŒã¯ãŒããå ¥åããŸãã
⢠è€æ°ã®ã³ãã³ããå ¥åããå Žåã¯ãåã³ãã³ããå¿ èŠãšãããé çªã§å ¥åããŸããäŸãã° Privileged Execã³ãã³ãã¢ãŒããæå¹ã«ããŠãèµ·åèšå®ã衚瀺ããããã«ã¯ã以äžã®ããã«ã³ãã³ããå ¥åããŸãã
⢠ãã©ã¡ãŒã¿ãå¿ èŠãšããã³ãã³ããå ¥åããå Žåã¯ãã³ãã³ãããŒã¯ãŒãã®åŸã«å¿ èŠãªãã©ã¡ãŒã¿ãå ¥åããŸããäŸãã°ã管çè ãã¹ã¯ãŒããèšå®ããå Žåã«ã¯ã以äžã®ããã«ã³ãã³ããå ¥åããŸãã
3.2.2 ã³ãã³ãã®çç¥
CLIã§ã¯ã³ãã³ãã®çç¥ãè¡ãããšãã§ããŸããäŸãã° "configuration"ãšããã³ãã³ãã"con"ãšå ¥åããã ãã§ãã³ãã³ããšããŠèªèãããŸããäœããçç¥ãããã®ãè€æ°ã®ã³ãã³ããšãªãåŸãå Žåã«ã¯ãã·ã¹ãã ããå床ã³ãã³ãã®å ¥åãèŠæ±ãããŸãã
3.2.3 ã³ãã³ãã®è£å®
ã³ãã³ããå ¥åããŠããéäžã§ TabããŒãæŒããšãCLIãèªåçã«ã³ãã³ãã®æ®ããè£å®ããããŒã¯ãŒããå ¥åãããŸããäŸãã° "logging history"ã³ãã³ããå ¥åããéã«ã"log"ãšå ¥åã㊠TabããŒãæŒããš "logging"ãšããŒã¯ãŒãããã¹ãŠå ¥åãããŸãã
Console>enablepassword:Console#show startup-config
Console(config)#username admin password 0 smith
188FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã³ãã³ãå ¥å
3.2.4 ã³ãã³ãäžã§ã®ãã«ãã®è¡šç€º
ã³ãã³ãäžã§ "help"ã³ãã³ããå ¥åããããšã§ãç°¡åãªãã«ãã衚瀺ãããŸãããŸã "?"ãšå ¥åãããšããŒã¯ãŒãããã©ã¡ãŒã¿ã®ã³ãã³ãææ³ã衚瀺ãããŸãã
ã³ãã³ãã®è¡šç€º
ã³ãã³ãäžã§ "?"ãšå ¥åãããšãçŸåšã®ã³ãã³ãã¯ã©ã¹ã®ç¬¬äžéå±€ã«ãããã¹ãŠã®ããŒã¯ãŒãã衚瀺ãããŸãããŸãç¹å®ã®ã³ãã³ãã®ããŒã¯ãŒãã衚瀺ããããšãã§ããŸããäŸãã°"show ?"ãšå ¥åãããšã"show"ã³ãã³ãå ã§äœ¿çšã§ããã³ãã³ãäžèŠ§ã衚瀺ãããŸãã
Console#show ? access-group Access groups access-list Access lists arp Information of ARP cache bridge-ext Bridge extend information calendar Date information dns DNS information dot1x Show 802.1x content garp GARP property gvrp Show GARP information of interface history Information of history hosts Host information interfaces Information of interfaces ip IP information line TTY line information logging Show the contents of logging buffers mac MAC access lists mac-address-table Set configuration of the address table management Show management information map Map priority marking Specify marker port Characteristics of the port protocol-vlan Protocol-VLAN information public-key Show information of public key pvlan Information of private VLAN queue Information of priority queue radius-server RADIUS server information rip RIP router Router running-config The system configuration of running snmp SNMP statistics sntp SNTP spanning-tree Specify spanning-tree ssh Secure shell startup-config The system configuration of starting up system Information of system tacacs-server Login by TACACS server users Display information about terminal lines version System hardware and software status vlan Switch VLAN Virtual Interface vrrp Show vrrpConsole#show
189 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã³ãã³ãå ¥å
"show interfaces ?"ãšå ¥åããå Žåã«ã¯ã以äžã®ãããªæ å ±ã衚瀺ãããŸãã
3.2.5 ããŒã¯ãŒãã®æ€çŽ¢
ããŒã¯ãŒãã®äžéšãšå ±ã« "?"ãå ¥åãããšãå ¥åããæååããå§ãŸããã¹ãŠã®ããŒã¯ãŒãã衚瀺ãããŸãïŒå ¥åããéã«æååãš "?"ã®éã«ã¹ããŒã¹ã空ããªãã§äžããïŒäŸãã°ã"s?"ãšå ¥åãããšã以äžã®ããã« "s"ããå§ãŸããã¹ãŠã®ããŒã¯ãŒãã衚瀺ãããŸãã
3.2.6 ã³ãã³ãã®ãã£ã³ã»ã«
å€ãã®ã³ãã³ãã«ãããŠãã³ãã³ãã®åã« "no"ãšå ¥åããããšã§ã³ãã³ãå®è¡ã®åãæ¶ããåã¯åæèšå®ãžã®ãªã»ãããè¡ãããšãã§ããŸããäŸãã°ã"logging"ã³ãã³ãã§ã¯ãã¹ããµãŒãã«ã·ã¹ãã ã¡ãã»ãŒãžãä¿åããŸãã"no logging"ã³ãã³ãã䜿çšãããšã·ã¹ãã ã¡ãã»ãŒãžã®ä¿åãç¡å¹ãšãªããŸãã
æ¬ããã¥ã¢ã«ã§ã¯ãåã³ãã³ãã®è§£èª¬ã§ "no"ãå©çšããŠã³ãã³ãã®ãã£ã³ã»ã«ãã§ããå Žåã«ã¯ãã®æšã®èšèŒãããŠãããŸãã
3.2.7 ã³ãã³ãå ¥åå±¥æŽã®å©çš
CLIã§ã¯å ¥åãããã³ãã³ãã®å±¥æŽãä¿åãããŠããŸãããâãããŒãæŒãããšã§ã以åå ¥åããå±¥æŽã衚瀺ãããŸãã衚瀺ãããå±¥æŽã¯ãåã³ã³ãã³ããšããŠå©çšããããšãã§ããä»ãå±¥æŽã«è¡šç€ºãããã³ãã³ãã®äžéšãä¿®æ£ããŠå©çšããããšãã§ããŸãã
ãŸãã"show history"ã³ãã³ãã䜿çšãããšæè¿å©çšããã³ãã³ãã®äžèŠ§ã衚瀺ãããŸãã
Console#show interfaces ? counters Interface counters information protocol-vlan Protocol-VLAN information status Interface status information switchport Interface switchport informationConsole#show interfaces
Console#show s?
snmp sntp ããspanning-tree ãssh ãstartup-configsystemConsole#show s
190FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã³ãã³ãå ¥å
3.2.8 ã³ãã³ãã¢ãŒã
ã³ãã³ãã»ãã㯠Execãš Configurationã¯ã©ã¹ã«ãã£ãŠåå²ãããŸããExecã³ãã³ãã¯æ å ±ã®è¡šç€ºãšçµ±èšæ å ±ã®ãªã»ãããäž»ã«è¡ããŸããäžæ¹ã® Configurationã³ãã³ãã§ã¯ãèšå®ãã©ã¡ãŒã¿ã®å€æŽããã¹ã€ããã®åçš®æ©èœã®æå¹åãªã©ãè¡ããŸãã
ãããã®ã¯ã©ã¹ã¯è€æ°ã®ã¢ãŒãã«åããã䜿çšã§ããã³ãã³ãã¯ããããã®ã¢ãŒãæ¯ã«ç°ãªããŸãã"?"ã³ãã³ããå ¥åãããšãçŸåšã®ã¢ãŒãã§äœ¿çšã§ãããã¹ãŠã®ã³ãã³ãã®äžèŠ§ã衚瀺ãããŸããã³ãã³ãã®ã¯ã©ã¹ãšã¢ãŒãã¯ä»¥äžã®è¡šã®éãã§ãã
â» Global Configurationã¢ãŒããžã¯ãPrivileged Execã¢ãŒãã®å Žåã®ã¿ã¢ã¯ã»ã¹å¯èœã§ããä»ã®Configurationã¢ãŒãã䜿çšããå Žåã¯ãGlobal Configurationã¢ãŒãã«ãªãå¿ èŠããããŸãã
3.2.9 Execã³ãã³ã
ã³ã³ãœãŒã«ãžã®æ¥ç¶ã«ãŠãŒã¶å "guest"ã§ãã°ã€ã³ããå ŽåãNormal Execã¢ãŒãïŒã²ã¹ãã¢ãŒãïŒãšãªããŸãããã®å Žåãäžéšã®ã³ãã³ããã䜿çšã§ãããã³ãã³ãã®äœ¿çšã«å¶éããããŸãããã¹ãŠã®ã³ãã³ãã䜿çšããããã«ã¯ãå床ãŠãŒã¶å "admin"ã§ã»ãã·ã§ã³ãéå§ãããã"enable"ã³ãã³ãã䜿çšã㊠Privileged Execã¢ãŒãïŒç®¡çè ã¢ãŒãïŒãžç§»è¡ããŸãïŒç®¡çè ã¢ãŒãçšã®ãã¹ã¯ãŒããèšå®ããŠããå Žåã«ã¯å¥éãã¹ã¯ãŒãã®å ¥åãå¿ èŠã§ãïŒ
Normal Execã¢ãŒãã®å Žåã«ã¯ã³ãã³ãããã³ããã®è¡šç€ºã "Console>"ãšè¡šç€ºãããŸããPrivileged Execã¢ãŒãã®å Žåã«ã¯ "Console#"ãšè¡šç€ºãããŸãã
Privileged Execã¢ãŒãã«ã¢ã¯ã»ã¹ããããã«ã¯ã以äžã®ã³ãã³ããšãã¹ã¯ãŒããå ¥åããŸãã
ã¯ã©ã¹ ã¢ãŒã
Exec NormalPrivileged
Configuration Global(â» ) Access Control ListDHCPInterfaceLineMultiple Spanning TreeRouterVLAN Database
Username: adminPassword:
CLI session with the FXC9012F is opened. To end the CLI session, enter [Exit].
Console#
Username: guestPassword:
CLI session with the FXC9012F is opened. To end the CLI session, enter [Exit].
Console>enablePassword:Console#
191 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã³ãã³ãå ¥å
3.2.10 Configurationã³ãã³ã
Configurationã³ãã³ã㯠Privileged ExecïŒç®¡çè ïŒã¢ãŒãå ã®ã³ãã³ãã§ãæ¬æ©ã®èšå®å€æŽãè¡ãéã«äœ¿çšããŸãããããã®ã³ãã³ãã¯ã©ã³ãã³ã°ã³ã³ãã£ã°ã¬ãŒã·ã§ã³ã®ã¿ãå€æŽãããåèµ·åæã«ã¯ä¿åãããŸããã
é»æºãåã£ãå Žåã«ãã©ã³ãã³ã°ã³ã³ãã£ã°ã¬ãŒã·ã§ã³ãä¿åããããã«ã¯ã"copy running-config startup-config"ã³ãã³ãã䜿çšããŸãã
Configurationã³ãã³ãã¯è€æ°ã®ç°ãªãã¢ãŒãããããŸãã
⢠Global Configuration â "hostname"ã"snmp-server community"ã³ãã³ããªã©ã·ã¹ãã é¢é£ã®èšå®å€æŽãè¡ãããã®ã¢ãŒãã§ãã
⢠Access Control List Configuration â ãã±ãããã£ã«ã¿ãªã³ã°ãè¡ãªãããã®ã¢ãŒãã§ãã
⢠Interface Configuration â "speed-duplex"ã "negotiation"ã³ãã³ããªã©ããŒãèšå®ãè¡ãããã®ã¢ãŒãã§ãã
⢠Line Configuration â "parity"ã "databits"ãªã©ã³ã³ãœãŒã«ããŒãé¢é£ã®èšå®ãè¡ãããã®ã¢ãŒãã§ãã
⢠VLAN Configuration â VLANã°ã«ãŒããèšå®ããããã®ã¢ãŒãã§ãã
Global Configurationã¢ãŒãã«ã¢ã¯ã»ã¹ããããã«ã¯ãPrivileged Execã¢ãŒãã§"configure"ã³ãã³ããå ¥åããŸããç»é¢äžã®ããã³ããã "Console(config)#"ãšå€æŽã«ãªããGlobal Configurationã®ãã¹ãŠã®ã³ãã³ãã䜿çšããããšãã§ããããã«ãªããŸãã
ä»ã®ã¢ãŒããžã¯ã以äžã®è¡šã®ã³ãã³ããå ¥åããããšã«ããå ¥ãããšãã§ããŸããåãããããã®ã¢ãŒããã㯠"exit"å㯠"end"ã³ãã³ãã䜿çšã㊠Privileged Execã¢ãŒãã«æ»ãããšãã§ããŸãã
以äžã®äŸã§ã¯ãInterface Configurationã¢ãŒãã«ã¢ã¯ã»ã¹ãããã®åŸ Privileged Execã¢ãŒãã«æ»ãåäœãè¡ã£ãŠããŸãã
Console#configureConsole(config)#
ã¢ãŒã ã³ãã³ã ããã³ãã ããŒãž
Line Line {console | vty} Console(config-line)# P195
AccessControl List
access-list ip standardaccess-list ip extendedaccess-list ip mask-precedenceaccess-list macaccess-list mac mask-precedence
Console(config-std-acl)Console(config-ext-acl)Console(config-ip-mask-acl)Console(config-mac-acl)Console(config-mac-mask-acl)
P291
DHCP ip dhcp pool Console(config-dhcp) P330
Interface Iinterface {ethernet port | port-channel id | vlan id}
Console(config-if)# P356
VLAN vlan database Console(config-vlan) P407
MSTP spanning-tree mst-configuration Console(config-mstp)# P390
Router
router {rip | ospf | dvmrp | pim}
Console(config-router)
P479P491P534P545
Console(config)#interface ethernet 1/5Console(config-if)#exitConsole(config)#
192FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã³ãã³ãå ¥å
3.2.11 ã³ãã³ãã©ã€ã³ããã»ã¹
CLIã®ã³ãã³ãã§ã¯å€§æåãšå°æåã®åºå¥ã¯ãããŸãããä»ã®ã³ãã³ããšãã©ã¡ãŒã¿ã®åºå¥ãã§ããã°ã³ãã³ããšãã©ã¡ãŒã¿ã®çç¥ãããããšãã§ããŸãããŸããã³ãã³ãã®è£å®ãããããã«ã¿ãã»ããŒã䜿çšããããšããã³ãã³ãã®äžéšãš "?"ã³ãã³ããå©çšããŠé¢é£ããã³ãã³ãã衚瀺ãããããšãã§ããŸãã
ãã®ä»ã«ã以äžã®è¡šã®ããŒå ¥åã䜿çšããããšãã§ããŸãã
ããŒæäœ æ©èœCtrl-A ã«ãŒãœã«ãã³ãã³ãã©ã€ã³ã®äžçªåã«ç§»åããŸããCtrl-B ã«ãŒãœã«ã 1æåå·Šã«ç§»åããŸãã
Ctrl-C çŸåšã®ã¿ã¹ã¯ãçµäºããã³ãã³ãããã³ããã衚瀺ããŸãã
Ctrl-E ã«ãŒãœã«ãã³ãã³ãã©ã€ã³ã®æåŸã«ç§»åããŸããCtrl-F ã«ãŒãœã«ã 1æåå³ã«ç§»åããŸãã
Ctrl-K ã«ãŒãœã«ããè¡ã®æåŸãŸã§ã®æåãåé€ããŸããCtrl-L çŸåšã®ã³ãã³ãè¡ãæ°ããè¡ã§ç¹°ãè¿ããŸããCtrl-N ã³ãã³ãå ¥åå±¥æŽã®æ¬¡ã®ã³ãã³ãã衚瀺ããŸããCtrl-P æåŸã«å ¥åããã³ãã³ãã衚瀺ããŸããCtrl-R çŸåšã®ã³ãã³ãè¡ãæ°ããè¡ã§ç¹°ãè¿ããŸããCtrl-U å ¥åããè¡ãåé€ããŸããCtrl-W å ¥åããæåŸã®ã¯ãŒããåé€ããŸããEsc-B ã«ãŒãœã«ã 1æåæ»ããŸãã
Esc-D ã«ãŒãœã«ããæåã®æåŸãŸã§ãåé€ããŸããEsc-F æåã«ãŒãœã«ãé²ããŸãã
Deleteåã¯backspace ã³ãã³ãå ¥åãééããéã«åé€ããŸãã
193 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã³ãã³ãã°ã«ãŒã
3.3 ã³ãã³ãã°ã«ãŒã
ã·ã¹ãã ã³ãã³ãã¯æ©èœå¥ã«ä»¥äžã®è¡šã®éãåé¡ãããŸã :
æ¬ç« å ã®è¡šã§çšããããã³ãã³ãã¢ãŒãã¯ä»¥äžã®æ¬åŒ§å ã®ã¢ãŒããçç¥ãããã®ã§ãã
ã³ãã³ãã°ã«ãŒã
å 容 ããŒãž
Line ã·ãªã¢ã«ããŒãåã³ Telnetã䜿çšããæ¬æ©ãžã®æ¥ç¶ã«é¢ããèšå®
P195
General Privileged Execã¢ãŒããžã®ã¢ã¯ã»ã¹ãã·ã¹ãã ã®åèµ·åãCLIããã®ãã°ã¢ãŠããªã©åºæ¬çãªã³ãã³ã
P208
SystemManagement
ã·ã¹ãã ãã°ãã·ã¹ãã ãã¹ã¯ãŒãããŠãŒã¶åããžã£ã³ããã¬ãŒã ãµããŒããWeb管çãªãã·ã§ã³ãHTTPSãSSHãªã©ã·ã¹ãã æ å ±ã«é¢é£ããã³ãã³ã
P213
Flash/File ã¹ã€ããã®èšå®ãã¡ã€ã«ã«é¢é£ããã³ãã³ã P261
Authentication IEEE802.1xåã³ããŒãã»ãã¥ãªãã£ã®ãªã¢ãŒãèªèšŒã«é¢é£ããã³ãã³ã
P269
Access ControlList
IPã¢ãã¬ã¹ããããã³ã«ãTCP/UDPããŒãçªå·ãTCPã³ã³ãããŒã«ã³ãŒããªã©ã«ãããã£ã«ã¿ãªã³ã°ã®æäŸ
P291
SNMP èªèšŒãšã©ãŒãã©ãã : ã³ãã¥ããã£ååã³ãã©ãããããŒãžã£ã®èšå®
P314
DHCP DHCPã¯ã©ã€ã¢ã³ãããªã¬ãŒããã³ãµãŒãæ©èœã®èšå® P330
DNS DNSãµãŒãã¹ã®èšå® P347
Interface TrunkãLACPã VLANãªã©ãåããŒãã®èšå® P356
Mirror Port éä¿¡ç£èŠã®ããã®ã®ãã©ãŒãªã³ã°èšå® P370
Rate Limiting éä¿¡ã®æ倧éå信垯åã®ã³ã³ãããŒã« P372
LinkAggregation
è€æ°ããŒããã°ã«ãŒãåããããŒããã©ã³ã¯åã³ Link Aggregation Control Protocol (LACP)ã®èšå®
P373
Address Table ã¢ãã¬ã¹ãã£ã«ã¿ã®èšå®ãã¢ãã¬ã¹ããŒãã«æ å ±ã®è¡šç€ºãšã¯ãªã¢ããšãŒãžã³ã°ã¿ã€ã ã®èšå®
P377
Spanning Tree STAèšå® P382
VLANs åããŒãã® VLANã°ã«ãŒãã®èšå®åã³ãã©ã€ããŒãVLANããããã³ã« VLANã®èšå®
P407
Priority ã¿ã°ãªããã¬ãŒã ã®åããŒãã®ãã©ã€ãªãªãã£ã®èšå®ãIP precedenceãDSCPãTCPãã©ãã£ãã¯ã¿ã€ãã®ãã©ã€ãªãªãã£ã®èšå®
P429
Multicast Filtering IGMPãã«ããã£ã¹ããã£ã«ã¿ãã¯ãšãªã¢ãã¯ãšãªåã³ãåããŒãã«é¢é£ãããã«ããã£ã¹ãã«ãŒã¿ã®èšå®
P443
IP Interface 管çã¢ã¯ã»ã¹çš IPã¢ãã¬ã¹ã®èšå® P466
IP Routing éçã«ãŒãããã³åçãŠããã£ã¹ãã«ãŒãã£ã³ã°ã®èšå® P472
Multicast Routing DVMRPããã³ PIM-DMã®èšå® P528
Router Redundancy ã«ãŒã¿åé·ã®èšå® P554
NE (Normal Exec) VC (VLAN Database Configuration)
PE (Privileged Exec) MST (Multiple Spanning Tree)
GC (Global Configuration) ACL (Access Control List Configuration)
LC (Line Configuration) DC (DHCP Server Configuration)
IC (Interface Configuration) RC (Router Configuration)
194FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹Line ïŒã©ã€ã³ã³ãã³ãïŒ
3.4 Line ïŒã©ã€ã³ã³ãã³ãïŒ
VT100äºæã®ããã€ã¹ã䜿çšããã·ãªã¢ã«ããŒãçµç±ã§æ¬æ©ã®ç®¡çããã°ã©ã ã«ã¢ã¯ã»ã¹ããããšãã§ããŸããæ¬ã³ãã³ãã¯ã·ãªã¢ã«ããŒãæ¥ç¶åã³ Telnet端æ«ãšã®æ¥ç¶ã®èšå®ãè¡ãããã«äœ¿çšãããŸãã
*ã³ã³ãœãŒã«æ¥ç¶ã«ã®ã¿åæ ãããŸãã
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãžline ã³ã³ãœãŒã«æ¥ç¶ã®èšå®åã³ line configurationã¢ãŒ
ãã®éå§GC P196
login ã³ã³ãœãŒã«æ¥ç¶æã®ãã¹ã¯ãŒãã®æå¹å LC P197
password ã³ã³ãœãŒã«æ¥ç¶æã®ãã¹ã¯ãŒãã®èšå® LC P198
timeout loginresponse
CLIã®ãã°ã€ã³å ¥ååŸ ã¡æéã®èšå® LC P199
exec-timeout æ¥ç¶æã®ã¿ã€ã ã¢ãŠããŸã§ã®ã€ã³ã¿ãŒãã«æéã®èšå®
LC P200
password-thresh ãã¹ã¯ãŒãå ¥åæã®ãªãã©ã€æ°ã®èšå® LC P201
silent-time* ãã°ã€ã³ã«å€±æããåŸã®ã³ã³ãœãŒã«ç¡å¹æéã®èšå®
LC P202
databits* åæåãããã®ããŒã¿ãããã®èšå® LC P203
parity* ããªãã£ãããçæã®èšå® LC P203
speed* ããŒã¬ãŒãã®èšå® LC P205
stopbits* 1byteãããã®ã¹ããããããå€ã®èšå® LC P206
disconnect Lineæ¥ç¶ãçµäº PE P206
show line ã¿ãŒããã«æ¥ç¶ã®èšå®æ å ±ã衚瀺 NE,PE P207
195 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹Line ïŒã©ã€ã³ã³ãã³ãïŒ
Line
Lineã®èšå®ãè¡ãããã«äœ¿çšããŸãããŸããæ¬ã³ãã³ãã䜿çšããåŸã詳现ãªèšå®ãè¡ããŸãã
ææ³
line {console | vty}
⢠console â ã³ã³ãœãŒã«æ¥ç¶
⢠vty â ä»®æ³ã¿ãŒããã«ã®ããã®ãªã¢ãŒãã³ã³ãœãŒã«æ¥ç¶
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
Telnetã¯ä»®æ³ã¿ãŒããã«ã®äžéšãšãªã "show users"ã³ãã³ãã䜿çšããå Žåãªã©ã¯ "vty"ãšè¡šç€ºãããŸããäœãã"databits"ãªã©ã®ã·ãªã¢ã«æ¥ç¶ã®ãã©ã¡ãŒã¿ã¯ Telnetæ¥ç¶ã«åœ±é¿ããŸããã
äŸ
æ¬äŸã§ã¯ã³ã³ãœãŒã«ã©ã€ã³ã¢ãŒãã«å ¥ãããã®äŸã瀺ããŠããŸãã
é¢é£ããã³ãã³ã
show line (P207)
show users (P258)
Console(config)#line consoleConsole(config-line)#
196FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹Line ïŒã©ã€ã³ã³ãã³ãïŒ
login
ãã°ã€ã³æã®ãã¹ã¯ãŒããæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§ãã¹ã¯ãŒãã®ç¢ºèªãç¡å¹ã«ãããã¹ã¯ãŒããªãã§ã¢ã¯ã»ã¹ããããšãå¯èœã«ãªããŸãã
ææ³
login [local]
no login
⢠local â ããŒã«ã«æ¥ç¶æã®ãã¹ã¯ãŒããæå¹ãšãªã£ãŠããŸããèªèšŒã¯ "username"ã³ãã³ãã§èšå®ãããŠãŒã¶åãå ã«è¡ããŸãã
åæèšå®
login local
ã³ãã³ãã¢ãŒã
Line Configuration
ã³ãã³ã解説
⢠æ¬æ©ãžã®ãã°ã€ã³ã«ã¯ 3çš®é¡ã®èªèšŒã¢ãŒãããããŸããïŒ loginãéžæããå Žåãã³ã³ãœãŒã«æ¥ç¶çšã®ã³ãã³ã㯠1ã€ã ãã«ãªããŸãããã®å Žå管çã€ã³ã¿ãã§ãŒã¹ã¯ Normal Exec (NE)ã¢ãŒããšãªããŸããïŒ login localãéžæããå Žåã"usaname"ã³ãã³ãã䜿çšããŠæå®ãããŠãŒã¶åãšãã¹ã¯ãŒãã䜿çšããŠãŠãŒã¶èªèšŒãè¡ãªãããŸãããã®å Žåã管çã€ã³ã¿ãã§ãŒã¹ã¯å ¥åãããŠãŒã¶ã®ãŠãŒã¶ã¬ãã«ã«å¿ã㊠Normal Exec (NE)ã¢ãŒãå㯠Privileged Exec (PE)ã¢ãŒãã®ã©ã¡ããã«ãªããŸããïŒ no loginãéžæãããšèªèšŒã¯ãªããªããŸãããã®å Žåã管çã€ã³ã¿ãã§ãŒã¹ã¯Normal Exec(NE)ã¢ãŒããšãªããŸãã
⢠æ¬ã³ãã³ãã¯ãŠãŒã¶èªèšŒãæ¬äœã§è¡ãå Žåã®ãã®ã§ããèªèšŒãµãŒãã䜿çšããŠãŠãŒã¶åãšãã¹ã¯ãŒãã®èšå®ãè¡ãå Žåã«ã¯ RADIUSå㯠TACACS+ãœãããŠã§ã¢ããµãŒãã«ã€ã³ã¹ããŒã«ããå¿ èŠããããŸãã
äŸ
é¢é£ããã³ãã³ã
username (P215)
password (P198)
Console(config-line)#login localConsole(config-line)#
197 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹Line ïŒã©ã€ã³ã³ãã³ãïŒ
password
ã³ã³ãœãŒã«æ¥ç¶ã®ããã®ãã¹ã¯ãŒãã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§ãã¹ã¯ãŒããåé€ããŸãã
ææ³
password {0 | 7} password
no password
⢠{0 | 7} â "0"ã¯å¹³æãã¹ã¯ãŒããã"7"ã¯æå·åããããã¹ã¯ãŒããšãªããŸãã
⢠password â ã³ã³ãœãŒã«æ¥ç¶çšã®ãã¹ã¯ãŒãïŒæ倧 8æåïŒå¹³ææïŒã 32æåïŒæå·åæïŒã倧æåãšå°æåã¯åºå¥ãããŸãïŒã
åæèšå®
ãã¹ã¯ãŒãã¯èšå®ãããŠããŸãã
ã³ãã³ãã¢ãŒã
Line Configuration
ã³ãã³ã解説
⢠ãã¹ã¯ãŒãã®èšå®ãè¡ããšãæ¥ç¶æã«ãã¹ã¯ãŒããèŠæ±ããããã³ããã衚瀺ãããŸããæ£ãããã¹ã¯ãŒããå ¥åãããšãã°ã€ã³ã§ããŸãã"password-thresh"ã³ãã³ãã䜿çšãããã¹ã¯ãŒãå ¥åæã®ãªãã©ã€æ°ãèšå®ããããšãã§ããŸãã
⢠æå·åããããã¹ã¯ãŒãã¯ã·ã¹ãã èµ·åæã«èšå®ãã¡ã€ã«ãèªã¿èŸŒãå Žåã TFTPãµãŒãã«ããŠããŒãããå Žåã®ããã«ããã¹ãïŒå¹³æïŒãã¹ã¯ãŒããšã®äºææ§ããããŸããæå·åããããã¹ã¯ãŒããæåã§çæããå¿ èŠã¯ãããŸããã
äŸ
é¢é£ããã³ãã³ã
login (P197)
password-thresh (P201)
Console(config-line)#password 0 secretConsole(config-line)#
198FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹Line ïŒã©ã€ã³ã³ãã³ãïŒ
timeout login response
CLIããã®ãã°ã€ã³å ¥åã®ã¿ã€ã ã¢ãŠãæéãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
timeout login response [seconds]
no timeout login response
⢠seconds â ã¿ã€ã ã¢ãŠãæéïŒç§ïŒïŒç¯å²ïŒ0-300ç§ã0ïŒã¿ã€ã ã¢ãŠãèšå®ãªãïŒ
åæèšå®
⢠CLIïŒç¡å¹ïŒ0ç§ïŒ
⢠TelnetïŒ600ç§
ã³ãã³ãã¢ãŒã
Line Configuration
ã³ãã³ã解説
⢠èšå®æéå ã«ãã°ã€ã³ãæ€ç¥ãããªãã£ãå Žåãæ¥ç¶ã¯åæãããŸãã
⢠æ¬ã³ãã³ãã¯ã³ã³ãœãŒã«æ¥ç¶ãš Telnetæ¥ç¶ã®äž¡æ¹ã«æå¹ãšãªããŸãã
⢠Telnetã®ã¿ã€ã ã¢ãŠããç¡å¹ã«ããããšã¯ã§ããŸããã
⢠ã¿ã€ã ã¢ãŠããæå®ããã³ãã³ããå®è¡ããå Žåãåæèšå®ã«æ»ããŸãã
äŸ
æ¬äŸã§ã¯ã¿ã€ã ã¢ãŠãæéã 120ç§ïŒ2åïŒã«èšå®ããŠããŸãã
é¢é£ããã³ãã³ã
silent-time (P202)
exec-timeout (P200)
Console(config-line)#timeout login response 120Console(config-line)#
199 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹Line ïŒã©ã€ã³ã³ãã³ãïŒ
exec-timeout
ãŠãŒã¶å ¥åã®ã¿ã€ã ã¢ãŠãæéã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§ã¿ã€ã ã¢ãŠãæéã®èšå®ãåé€ããŸãã
ææ³
exec-timeout seconds
no exec-timeout
⢠seconds â ã¿ã€ã ã¢ãŠãæéïŒç§ïŒïŒ0 - 65535ïŒç§ïŒã0ïŒã¿ã€ã ã¢ãŠãèšå®ãªãïŒ
åæèšå®
CLIïŒã¿ã€ã ã¢ãŠãèšå®ãªã
TelnetïŒ600ç§ïŒ10åïŒ
ã³ãã³ãã¢ãŒã
Line Configuration
ã³ãã³ã解説
⢠èšå®æéå ã«å ¥åãè¡ãªãããå Žåãæ¥ç¶ã¯ç¶æãããŸããèšå®æéå ã«å ¥åããªãã£ãå Žåã«ã¯æ¥ç¶ã¯åæãããã¿ãŒããã«ã¯åŸ æ©ç¶æ ãšãªããŸãã
⢠æ¬ã³ãã³ãã¯ã³ã³ãœãŒã«æ¥ç¶ãš Telnetæ¥ç¶ã®äž¡æ¹ã«æå¹ãšãªããŸãã
⢠Telnetã®ã¿ã€ã ã¢ãŠããç¡å¹ã«ããããšã¯ã§ããŸããã
äŸ
æ¬äŸã§ã¯ã¿ã€ã ã¢ãŠãæéã 120ç§ïŒ2åïŒã«èšå®ããŠããŸãã
Console(config-line)#exec-timeout 120Console(config-line)#
200FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹Line ïŒã©ã€ã³ã³ãã³ãïŒ
password-thresh
ãã°ã€ã³æã®ãã¹ã¯ãŒãå ¥åã®ãªãã©ã€åæ°ã®èšå®ã«äœ¿çšããã³ãã³ãã§ãã"no"ãåã«çœ®ãããšã§æå®ãããªãã©ã€åæ°ã¯åé€ãããŸãã
ææ³
password-thresh threshold
no password-thresh
⢠threshold â ãªãã©ã€å¯èœãªãã¹ã¯ãŒãå ¥ååæ°ïŒèšå®ç¯å²ïŒ1-120ã0ïŒåæ°ã®å¶éããªãããŸãïŒ
åæèšå®
3
ã³ãã³ãã¢ãŒã
Line Configuration
ã³ãã³ã解説
⢠ãªãã©ã€æ°ãèšå®å€ãè¶ ããå Žåãæ¬æ©ã¯äžå®æéããã°ã€ã³ã®ãªã¯ãšã¹ãã«å¿çããªããªããŸãïŒå¿çãããªããªãæéã«é¢ããŠã¯ "silent-time"ã³ãã³ãã§ãã®é·ããæå®ã§ããŸãïŒãTelnetæã«ãªãã©ã€æ°ãå¶éå€ãè¶ ããå Žåã«ã¯ Telnetã€ã³ã¿ãã§ãŒã¹ãçµäºãšãªããŸãã
⢠æ¬ã³ãã³ãã¯ã³ã³ãœãŒã«æ¥ç¶ãš Telnetæ¥ç¶ã®äž¡æ¹ã«æå¹ã§ãã
äŸ
æ¬äŸã§ã¯ãã¹ã¯ãŒãã®ãªãã©ã€åæ°ã 5åã«èšå®ããŠããŸãã
é¢é£ããã³ãã³ã
silent-time (P202)
Console(config-line)#password-thresh 5Console(config-line)#
201 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹Line ïŒã©ã€ã³ã³ãã³ãïŒ
silent-time
ãã°ã€ã³ã«å€±æãã"password-thresh"ã³ãã³ãã§æå®ãããã¹ã¯ãŒãå ¥åã®ãªãã©ã€æ°ãè¶ ããå Žåã«ãã°ã€ã³èŠæ±ã«åå¿ãããªãæéãèšå®ããããã®ã³ãã³ãã§ãã"no"ãåã«çœ®ãããšã§èšå®ãããŠããå€ãåé€ããŸãã
ææ³
silent-time seconds
no silent-time
⢠seconds â ã³ã³ãœãŒã«ã®ç¡å¹æéïŒç§ïŒïŒèšå®ç¯å²ïŒ0-65535ã0ïŒã³ã³ãœãŒã«ãç¡å¹ã«ããªãïŒ
åæèšå®
ã³ã³ãœãŒã«ã®å¿çç¡å¹æéã¯èšå®ãããŠããŸããã
ã³ãã³ãã¢ãŒã
Line Configuration
äŸ
æ¬äŸã§ã¯ã³ã³ãœãŒã«ç¡å¹æéã 60ç§ã«èšå®ããŠããŸãã
é¢é£ããã³ãã³ã
password-thresh (P201)
Console(config-line)#silent-time 60Console(config-line)#
202FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹Line ïŒã©ã€ã³ã³ãã³ãïŒ
databits
ã³ã³ãœãŒã«ããŒãã§çæãããåæåãããã®ããŒã¿ãããã®å€ãèšå®ããããã®ã³ãã³ãã§ãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
databits {7 | 8}
no databits
⢠7 â 7ããŒã¿ããã
⢠8 â 8ããŒã¿ããã
åæèšå®
8ããŒã¿ããã
ã³ãã³ãã¢ãŒã
Line Configuration
ã³ãã³ã解説
ããªãã£ãçæãããŠããå Žå㯠7ããŒã¿ãããããããªãã£ãçæãããŠããªãå Žå (no parity)㯠8ããŒã¿ããããæå®ããŠäžããã
äŸ
æ¬äŸã§ã¯ 7ããŒã¿ãããã«èšå®ããŠããŸãã
é¢é£ããã³ãã³ã
parity (P203)
Console(config-line)#databits 7Console(config-line)#
203 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹Line ïŒã©ã€ã³ã³ãã³ãïŒ
parity
ããªãã£ãããã®èšå®ã®ããã®ã³ãã³ãã§ãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
parity {none | even | odd}
no parity
⢠none â ããªãã£ç¡ã
⢠even â å¶æ°ããªãã£
⢠odd â å¥æ°ããªãã£
åæèšå®
ããªãã£ç¡ã
ã³ãã³ãã¢ãŒã
Line Configuration
ã³ãã³ã解説
æ¥ç¶ããã¿ãŒããã«ãã¢ãã ãªã©ã®æ©åšã«ãã£ãŠã¯åã ã®ããªãã£ãããã®èšå®ãèŠæ±ããå ŽåããããŸãã
äŸ
æ¬äŸã§ã¯ no parityãèšå®ããŠããŸãã
Console(config-line)#parity noneConsole(config-line)#
204FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹Line ïŒã©ã€ã³ã³ãã³ãïŒ
speed
ã¿ãŒããã«æ¥ç¶ã®ããŒã¬ãŒããæå®ããããã®ã³ãã³ãã§ããæ¬èšå®ã§ã¯éåä¿¡äž¡æ¹ã®å€ãæå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
speed bps
no speed
⢠bps â ããŒã¬ãŒãã bpsã§æå®ïŒ9600, 57600, 38400, 19200, 115200 bpsïŒ
åæèšå®
9600bps
ã³ãã³ãã¢ãŒã
Line Configuration
ã³ãã³ã解説
ã·ãªã¢ã«ããŒãã«æ¥ç¶ãããæ©åšã§ãµããŒããããŠããããŒã¬ãŒããæå®ããŠãã ãããäžéšã®ããŒã¬ãŒãã¯æ¬æ©ã§ã¯ãµããŒãããŠããªãå ŽåããããŸãããµããŒããããŠããªãå€ãæå®ããå Žåã«ã¯ã¡ãã»ãŒãžã衚瀺ãããŸãã
äŸ
æ¬äŸã§ã¯ 57600bpsã«èšå®ããŠããŸãã
Console(config-line)#speed 57600Console(config-line)#
205 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹Line ïŒã©ã€ã³ã³ãã³ãïŒ
stopbits
éä¿¡ããã¹ããããããã®å€ãæå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
stopbits {1 | 2}
⢠1 â ã¹ãããããã "1"
⢠2 â ã¹ãããããã "2"
åæèšå®
ã¹ãããããã 1
ã³ãã³ãã¢ãŒã
Line Configuration
äŸ
æ¬äŸã§ã¯ã¹ãããããã "2"ã«èšå®ããŠããŸãã
disconnect
æ¬ã³ãã³ãã䜿çšã SSHãTelnetãã³ã³ãœãŒã«æ¥ç¶ãçµäºããããšãã§ããŸãã
ææ³
disconnect session-id
⢠session-id â SSHãTelnetãã³ã³ãœãŒã«æ¥ç¶ã®ã»ãã·ã§ã³ IDïŒç¯å² :0-4ïŒ
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
ã»ãã·ã§ã³ ID"0"ãæå®ãããšã³ã³ãœãŒã«æ¥ç¶ãçµäºãããŸãããã®ä»ã®ã»ãã·ã§ã³ IDãæå®ããå Žåã«ã¯ SSHå㯠Telnetæ¥ç¶ãçµäºãããŸãã
äŸ
é¢é£ããã³ãã³ã
show ssh (P234)
show users (P258)
Console(config-line)#stopbits 2Console(config-line)#
Console#disconnect 1Console#
206FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹Line ïŒã©ã€ã³ã³ãã³ãïŒ
show line
ã¿ãŒããã«æ¥ç¶ã®èšå®ã衚瀺ããŸãã
ææ³
show line [console | vty]
⢠console â ã³ã³ãœãŒã«æ¥ç¶èšå®
⢠vty â ãªã¢ãŒãæ¥ç¶çšã®ä»®æ³ã¿ãŒããã«èšå®
åæèšå®
ãã¹ãŠã衚瀺
ã³ãã³ãã¢ãŒã
Normal Exec, Privileged Exec
äŸ
æ¬äŸã§ã¯ãã¹ãŠã®æ¥ç¶ã®èšå®ã衚瀺ããŠããŸãã
Console#show line Console Configuration: Password Threshold: 3 times Interactive Timeout: 600 sec Login Timeout: Disabled Silent Time: Disabled Baudrate: auto Databits: 8 Parity: None Stopbits: 1
VTY Configuration: Password Threshold: 3 times Interactive Timeout: 600 sec Login Timeout: 300 secConsole#
207 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹GeneralïŒäžè¬ã³ãã³ãïŒ
3.5 GeneralïŒäžè¬ã³ãã³ãïŒ
enable
Privileged Execã¢ãŒããæå¹ã«ããéã«äœ¿çšããŸããPrivileged Execã¢ãŒãã§ã¯ä»ã®ã³ãã³ãã䜿çšããããšãã§ããã¹ã€ããã®æ å ±ã衚瀺ããããšãã§ããŸãã詳ãã㯠P191 ãã³ãã³ãã¢ãŒãããåç §ããŠäžããã
ææ³
enable [level]
⢠level â Privilege Levelã®èšå®
æ¬æ©ã§ã¯ 2ã€ã®ç°ãªãã¢ãŒããååšããŸãã0: Normal Execã15: Privileged Exec
Privileged Execã¢ãŒãã«ã¢ã¯ã»ã¹ããããã«ã¯ levelã15ããå ¥åããŠäžããã
åæèšå®
Level 15
ã³ãã³ãã¢ãŒã
Normal Exec
ã³ãã³ã解説
⢠"super"ã Normal Execãã Privileged Execã¢ãŒãã«å€æŽããããã®åæèšå®ãã¹ã¯ãŒãã«ãªããŸãïŒãã¹ã¯ãŒãã®èšå®ã»å€æŽãè¡ãå Žåã¯ãP216 ãenable passwordããåç §ããŠäžããïŒ
⢠ããã³ããã®æåŸã« "#"ã衚瀺ãããŠããå Žåã¯ãPrivileged Execã¢ãŒããè¡šããŸãã
äŸ
é¢é£ããã³ãã³ã
disable (P209)
enable password (P216)
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
enable Privilegedã¢ãŒãã®æå¹å NE P208
disable Privilegedã¢ãŒããã Normalã¢ãŒããžã®å€æŽ PE P209
configure Global Configurationã¢ãŒãã®æå¹å PE P209
show history ã³ãã³ãå±¥æŽãããã¡ã®è¡šç€º NE,PE P210
reload æ¬æ©ã®åèµ·å PE P211
end Privileged Execã¢ãŒããžã®å€æŽ GC,IC,LC,VC
P211
exit åã®èšå®ã¢ãŒãã«æ»ããå㯠CLIã»ãã·ã§ã³ãçµäº ãã¹ãŠ P212
quit CLIã»ãã·ã§ã³ãçµäº NE,PE P212
Console>enablePassword: [privileged level password]Console#
208FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹GeneralïŒäžè¬ã³ãã³ãïŒ
disable
Privileged Execãã Normal Execã«å€æŽããéã«äœ¿çšããŸãã
Normal Execã¢ãŒãã§ã¯ãæ¬æ©ã®èšå®åã³çµ±èšæ å ±ã®åºæ¬çãªæ å ±ã®è¡šç€ºããè¡ããŸããããã¹ãŠã®ã³ãã³ãã䜿çšããããã«ã¯ Privileged Execã¢ãŒãã«ããå¿ èŠããããŸãã
詳现㯠P191 ãã³ãã³ãã¢ãŒãããåç §ããŠäžããã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
ããã³ããã®æåŸã« ">"ã衚瀺ãããŠããå Žå㯠Normal Execã¢ãŒããè¡šããŸãã
äŸ
é¢é£ããã³ãã³ã
enable (P208)
configure
Global Configurationã¢ãŒããæå¹ã«ããå Žåã«äœ¿çšããŸããã¹ã€ããã®èšå®ãè¡ãããã«ã¯Global Configurationã¢ãŒãã«ããå¿ èŠããããŸããããã« Interface Configuration, Line Configuration, VLAN Database Configurationãªã©ãè¡ãããã«ã¯ããã®å ã®ã¢ãŒãã«ã¢ã¯ã»ã¹ããŸãã詳现㯠P191 ãã³ãã³ãã¢ãŒãããåç §ããŠäžããã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
é¢é£ããã³ãã³ã
end (P211)
Console#disableConsole>
Console#configureConsole(config)#
209 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹GeneralïŒäžè¬ã³ãã³ãïŒ
show history
ä¿åãããŠããã³ãã³ãã®å±¥æŽã衚瀺ããéã«å©çšããŸãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Normal Exec, Privileged Exec
ã³ãã³ã解説
æ¬æ©ã«ä¿åã§ããã³ãã³ãå±¥æŽã¯ Executionã³ãã³ããš Configurationã³ãã³ããããããæ倧 10ã³ãã³ãã§ãã
äŸ
æ¬äŸã§ã¯ãã³ãã³ãå±¥æŽãšããŠä¿åãããŠããã³ãã³ãã衚瀺ããŠããŸãã
"!"ã³ãã³ããçšãããšãå±¥æŽã®ã³ãã³ããå®è¡ããããšãå¯èœã§ããNormalåã¯Privileged Execã¢ãŒãæã«ã¯ Executionã³ãã³ãããConfigurationã¢ãŒãæã«ã¯Configurationã³ãã³ãã®å®è¡ãè¡ããŸãã
æ¬äŸã§ã¯ã"!2"ã³ãã³ããå ¥åããããšã§ãExecutionã³ãã³ãå±¥æŽå ã® 2çªç®ã®ã³ãã³ãïŒ"config"ã³ãã³ãïŒãå®è¡ããŠããŸãã
Console#show historyExecution command history:2 config1 show historyConfiguration command history:
4 interface vlan 13 exit2 interface vlan 11 end
Console#
Console#!2Console#configConsole(config)#
210FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹GeneralïŒäžè¬ã³ãã³ãïŒ
reload
ã·ã¹ãã ã®åèµ·åãè¡ãéã«å©çšããŸãã
[泚æ ]ãåèµ·åæã«ã¯ Power-On Self-testãå®è¡ãããŸãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
ã·ã¹ãã å šäœã®åèµ·åãè¡ããŸãã
äŸ
æ¬æ©ã®åèµ·åæ¹æ³ã瀺ããŠããŸãã
end
Privilegedã¢ãŒãã«æ»ãéã«å©çšããŸãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
Interface Configuration
Line Configuration
VLAN Database Configuration
äŸ
æ¬äŸã¯ãInterface Configurationãã Privileged Execã¢ãŒããžã®å€æŽã瀺ããŠããŸãã
Console#reloadSystem will be restarted, continue <y/n>? y
Console(config-if)#endConsole#
211 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹GeneralïŒäžè¬ã³ãã³ãïŒ
exit
Privileged Execã¢ãŒãã«æ»ãå ŽåããCLIãçµäºããå Žåã«äœ¿çšããŸãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
ãã¹ãŠ
äŸ
Global Configurationã¢ãŒããã Privileged Execã¢ãŒããžã®å€æŽãšãCLIã®çµäºã瀺ããŠããŸãã
quit
CLIãçµäºããéã«å©çšããŸãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Normal Exec
Privileged Exec
ã³ãã³ã解説
"quit"ã"exit"ã³ãã³ãã¯ã©ã¡ãã Configurationã¢ãŒããçµäºããéã«å©çšã§ããŸãã
äŸ
æ¬äŸã¯ãCLIã»ãã·ã§ã³ã®çµäºã瀺ããŠããŸãã
Console(config)#exitConsole#exit
Press ENTER to start sessionUser Access Verification
Username:
Console#quit
Press ENTER to start session
User Access Verification
Username:
212FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
3.6 ã·ã¹ãã 管ç
ãã®ã³ãã³ãã¯ã·ã¹ãã ãã°ããŠãŒã¶åããã¹ã¯ãŒããWebã€ã³ã¿ãã§ãŒã¹ã®èšå®ã«äœ¿çšãããŸãããŸããä»ã®ã·ã¹ãã æ å ±ã®è¡šç€ºãèšå®ãè¡ããŸãã
3.6.1 Device Designationã³ãã³ã
ã³ãã³ã æ©èœ ããŒãž
DeviceDesignation
æ¬æ©ãç¹å®ããæ å ±èšå® P213
User Access 管çã¢ã¯ã»ã¹ãŠãŒã¶ååã³ãã¹ã¯ãŒãèšå® P215
IP Filter 管çã¢ã¯ã»ã¹ãèš±å¯ãã IPã¢ãã¬ã¹ã®èšå® P217
Web Server Webãã©ãŠã¶çµç±ã§ã®ç®¡çã¢ã¯ã»ã¹ã®æå¹å P219
Telnet Server Telnetçµç±ã§ã®ç®¡çã¢ã¯ã»ã¹ã®æå¹å P223
Secure Shell ã»ãã¥ãªãã£ã確ä¿ãã SSHæ¥ç¶ P225
Event Logging ãšã©ãŒã¡ãã»ãŒãžãã°èšå® P236
TimeïŒSystem ClockïŒ
NTP/SNTPãµãŒãã«ããèªåæå»èšå®åã³æåæå»èšå®
P248
System Status 管çè ãã·ã¹ãã ããŒãžã§ã³ãã·ã¹ãã æ å ±ã®è¡šç€º P253
Frame Size ãžã£ã³ããã¬ãŒã ãµããŒãã®æå¹å P260
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
prompt PE/NEã¢ãŒãã§äœ¿çšããããã³ããã®ã«ã¹ã¿ãã€ãº
GC P214
hostname ãã¹ãåã®èšå® GC P214
snmp-servercontact
ã·ã¹ãã ã³ã³ã¿ã¯ãè ã®èšå® GC P317
snmp-serverlocation
ã·ã¹ãã ãã±ãŒã·ã§ã³ã®èšå® GC P317
213 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
prompt
CLIããã³ããã®ã«ã¹ã¿ãã€ãºãè¡ãªãããšãã§ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
prompt string
no prompt
⢠string â CLIããã³ããã«è¡šç€ºãããå称ïŒæ倧 255æåïŒ
åæèšå®
Console
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
hostname
æ¬æ©ã®ãã¹ãåã®èšå®åã³å€æŽãè¡ãããšãã§ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
hostname name
no hostname
⢠name â ãã¹ãåïŒæ倧 255æåïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
Console(config)#prompt RD2RD2(config)#
Console(config)#hostname RD#1Console(config)#
214FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
3.6.2 ãŠãŒã¶ãŒã¢ã¯ã»ã¹ã³ãã³ã
管çã¢ã¯ã»ã¹ã®ããã®åºæ¬çãªã³ãã³ãã§ãã管çã¢ã¯ã»ã¹ã«é¢ãããã®ä»ã®èšå®ã«é¢ããŠã¯ãP198 ãpasswordãã P270 ãèªèšŒã³ãã³ãããP282 ã802.1x ããŒãèªèšŒã³ãã³ããããããŸãã
username
ãã°ã€ã³ããéã®ãŠãŒã¶ååã³ãã¹ã¯ãŒãã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§ãŠãŒã¶åãåé€ããŸãã
ææ³
username name {access-level level | nopassword |
password {0 | 7} password}
no username name
⢠name â ãŠãŒã¶åïŒæ倧 8æåã倧æåãšå°æåã¯åºå¥ãããŸãïŒãæ倧ãŠãŒã¶æ° : 16ãŠãŒã¶
⢠access-level level â ãŠãŒã¶ã¬ãã«ã®èšå®æ¬æ©ã«ã¯ 2çš®é¡ã®ã¢ã¯ã»ã¹ã¬ãã«ããããŸãïŒ0: Normal Execã15: Privileged Exec
⢠nopassword â ãã°ã€ã³ãã¹ã¯ãŒããå¿ èŠãªãå Žå
⢠{0 | 7} â "0"ã¯å¹³æãã¹ã¯ãŒããã"7"ã¯æå·åããããã¹ã¯ãŒããšãªããŸãã
⢠password password â ãŠãŒã¶çšã®ãã¹ã¯ãŒãïŒæ倧 8æåïŒå¹³ææïŒã32æåïŒæå·åæïŒã倧æåãšå°æåã¯åºå¥ãããŸãïŒ
åæèšå®
⢠åæèšå®ã®ã¢ã¯ã»ã¹ã¬ãã«ã¯ Normal Execã¬ãã«ã§ãã
⢠åæèšå®ã®ãŠãŒã¶åãšãã¹ã¯ãŒãã¯ä»¥äžã®éãã§ãã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
æå·åããããã¹ã¯ãŒãã¯ã·ã¹ãã èµ·åæã«èšå®ãã¡ã€ã«ãèªã¿èŸŒãå Žåã TFTPãµãŒãã«ããŠããŒãããå Žåã®ããã«ããã¹ãïŒå¹³æïŒãã¹ã¯ãŒããšã®äºææ§ããããŸããæå·åããããã¹ã¯ãŒããæåã§çæããå¿ èŠã¯ãããŸããã
äŸ
æ¬äŸã¯ããŠãŒã¶ãžã®ã¢ã¯ã»ã¹ã¬ãã«ãšãã¹ã¯ãŒãã®èšå®ã瀺ããŠããŸãã
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
username ãã°ã€ã³ããããã®ãŠãŒã¶åã®èšå® GC P215
enablepassword
åã¢ã¯ã»ã¹ã¬ãã«ã®ãã¹ã¯ãŒãã®èšå® GC P216
ãŠãŒã¶å ã¢ã¯ã»ã¹ã¬ãã« ãã¹ã¯ãŒã
guestadmin
015
guestadmin
Console(config)#username bob access-level 15Console(config)#username bob password 0 smithConsole(config)#
215 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
enable password
Normal Execã¬ãã«ãã Privileged Execã¬ãã«ã«ç§»è¡ããéã«äœ¿çšããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
å®å šã®ãããã¹ã¯ãŒãã¯åæèšå®ããå€æŽããŠãã ãããå€æŽãããã¹ã¯ãŒãã¯å¿ããªãããã«ããŠäžããã
ææ³
enable password [level level] {0 | 7} password
no enable password [level level]
⢠level level â Privileged Execãžã¯ Level 15ãå ¥åããŸããïŒLevel0-14ã¯äœ¿çšããŸããïŒ
⢠{0 | 7} â "0"ã¯å¹³æãã¹ã¯ãŒããã"7"ã¯æå·åããããã¹ã¯ãŒããšãªããŸãã
⢠password â privileged Execã¬ãã«ãžã®ãã¹ã¯ãŒãïŒæ倧 8æåã倧æåå°æåã¯åºå¥ãããŸãïŒ
åæèšå®
åæèšå®ã¬ãã« 15
åæèšå®ãã¹ã¯ãŒã "super"
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠ãã¹ã¯ãŒãã空æ¬ã«ããããšã¯ã§ããŸãããP208 ãenableãã³ãã³ãã䜿çšã Normal Execãã Privileged Execãžã®ã³ãã³ãã¢ãŒãã®å€æŽãã¹ã¯ãŒããå ¥åããŠäžããã
⢠æå·åããããã¹ã¯ãŒãã¯ã·ã¹ãã èµ·åæã«èšå®ãã¡ã€ã«ãèªã¿èŸŒãå Žåã TFTPãµãŒãã«ããŠã³ããŒãããå Žåã®ããã«ããã¹ãïŒå¹³æïŒãã¹ã¯ãŒããšã®äºææ§ããããŸããæå·åããããã¹ã¯ãŒããæåã§çæããå¿ èŠã¯ãããŸããã
äŸ
é¢é£ããã³ãã³ã
enable (P208)
authentication enabled (P271)
Console(config)#enable password level 15 0 adminConsole(config)#
216FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
3.6.3 IPãã£ã«ã¿ãŒã³ãã³ã
management
æ¬æ©ã§ã¯ç®¡çã¢ã¯ã»ã¹ã«æ¥ç¶ãèš±å¯ããã¯ã©ã€ã¢ã³ãã® IPã¢ãã¬ã¹ã®èšå®ãè¡ãªãããšãã§ããŸãã"no"ãåã«çœ®ãããšã§èšå®ãåé€ããŸãã
ææ³
[no] management {all-client | http-client | snmp-client | telnet-client}
start-address [end-address]
⢠all-client â SNMP/Webãã©ãŠã¶ /Telnetã¯ã©ã€ã¢ã³ãã® IPã¢ãã¬ã¹
⢠http-client â Webãã©ãŠã¶ã¯ã©ã€ã¢ã³ãã® IPã¢ãã¬ã¹
⢠snmp-client â SNMPã¯ã©ã€ã¢ã³ãã® IPã¢ãã¬ã¹ .
⢠telnet-client â Telnetã¯ã©ã€ã¢ã³ãã® IPã¢ãã¬ã¹
⢠start-address â IPã¢ãã¬ã¹å㯠IPã¢ãã¬ã¹ã°ã«ãŒãã®æåã® IPã¢ãã¬ã¹
⢠end-address â IPã¢ãã¬ã¹ã°ã«ãŒãã®æåŸã® IPã¢ãã¬ã¹
åæèšå®
å šã¢ãã¬ã¹
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠èšå®ä»¥å€ã®ç¡å¹ãª IPã¢ãã¬ã¹ãã管çã¢ã¯ã»ã¹ã«æ¥ç¶ãããå Žåãæ¬æ©ã¯æ¥ç¶ãæåŠããã€ãã³ãã¡ãã»ãŒãžãã·ã¹ãã ãã°ã«ä¿åãããã©ããã¡ãã»ãŒãžã®éä¿¡ãè¡ãªããŸãã
⢠SNMPãWebãã©ãŠã¶ãTelnetã¢ã¯ã»ã¹ãžã® IPã¢ãã¬ã¹å㯠IPã¢ãã¬ã¹ç¯å²ã®èšå®ã¯åèšã§æ倧 5ã€ãŸã§èšå®å¯èœã§ãã
⢠SNMPãWebãã©ãŠã¶ãTelnetã®åäžã°ã«ãŒãã«å¯Ÿã㊠IPã¢ãã¬ã¹ç¯å²ãéè€ããŠèšå®ããããšã¯ã§ããŸãããç°ãªãã°ã«ãŒãã®å Žåã«ã¯ IPã¢ãã¬ã¹ç¯å²ãéè€ããŠèšå®ããããšã¯å¯èœã§ãã
⢠èšå®ãã IPã¢ãã¬ã¹ç¯å²ããç¹å®ã® IPã¢ãã¬ã¹ã®ã¿ãåé€ããããšã¯ã§ããŸãããIPã¢ãã¬ã¹ç¯å²ããã¹ãŠåé€ãããã®åŸèšå®ããçŽããŠäžããã
⢠IPã¢ãã¬ã¹ç¯å²ã®åé€ã¯ IPã¢ãã¬ã¹ç¯å²ã®æåã®ã¢ãã¬ã¹ã ããå ¥åããŠãåé€ããããšãã§ããŸãããŸããæåã®ã¢ãã¬ã¹ãšæåŸã®ã¢ãã¬ã¹ã®äž¡æ¹ãå ¥åããŠåé€ããããšãå¯èœã§ãã
äŸ
æ¬äŸã§ã¯ã衚瀺ãããŠãã IPã¢ãã¬ã¹åã³ IPã¢ãã¬ã¹ã°ã«ãŒãããã®æ¥ç¶ãèš±å¯ããèšå®ãè¡ãªã£ãŠããŸãã
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãžmanagement 管çã¢ã¯ã»ã¹ãèš±å¯ãã IPã¢ãã¬ã¹ãèšå® GC P217
showmanagement
æ¬æ©ã®ç®¡çã¢ã¯ã»ã¹ã«æ¥ç¶ãããŠããã¯ã©ã€ã¢ã³ãã®è¡šç€º
PE P218
Console(config)#management all-client 192.168.1.19Console(config)#management all-client 192.168.1.25 192.168.1.30Console#
217 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
show management
管çã¢ã¯ã»ã¹ãžã®æ¥ç¶ãèš±å¯ãããŠãã IPã¢ãã¬ã¹ã衚瀺ããŸãã
ææ³
show management {all-client | http-client | snmp-client |telnet-client}
⢠all-client â SNMP/Webãã©ãŠã¶ /Telnetã¯ã©ã€ã¢ã³ãã® IPã¢ãã¬ã¹
⢠http-client â Webãã©ãŠã¶ã¯ã©ã€ã¢ã³ãã® IPã¢ãã¬ã¹
⢠snmp-client â SNMPã¯ã©ã€ã¢ã³ãã® IPã¢ãã¬ã¹ .
⢠telnet-client â Telnetã¯ã©ã€ã¢ã³ãã® IPã¢ãã¬ã¹
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show management all-clientManagement Ip FilterHttp-Client:Start ip address End ip address-----------------------------------------------1. 192.168.1.19 192.168.1.192. 192.168.1.25 192.168.1.30
Snmp-Client:Start ip address End ip address-----------------------------------------------1. 192.168.1.19 192.168.1.192. 192.168.1.25 192.168.1.30
Telnet-Client:Start ip address End ip address-----------------------------------------------1. 192.168.1.19 192.168.1.192. 192.168.1.25 192.168.1.30
Console#
218FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
3.6.4 Web ãµãŒããŒã³ãã³ã
ip http port
Webã€ã³ã¿ãã§ãŒã¹ã§ã¢ã¯ã»ã¹ããå Žåã® TCPããŒãçªå·ãæå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
ip http port port-number
no ip http port
⢠port-number â Webã€ã³ã¿ãã§ãŒã¹ã«äœ¿çšãã TCPããŒã (1-65535)
åæèšå®
80
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
é¢é£ããã³ãã³ã
ip http server (P220)
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãžip http port Webã€ã³ã¿ãã§ãŒã¹ã«äœ¿çšããããŒãã®èšå® GC P219
ip http server 管ççš Webã€ã³ã¿ãã§ãŒã¹ã®äœ¿çš GC P220
ip httpsecure-server
ã»ãã¥ã¢ HTTPïŒHTTPSïŒãµãŒãã®äœ¿çš GC P221
ip httpsecure-port
HTTPSæ¥ç¶ã«äœ¿çšããããŒãã®èšå® GC P222
Console(config)#ip http port 769Console(config)#
219 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
ip http server
Webãã©ãŠã¶ããæ¬æ©ã®èšå®ãåã³èšå®æ å ±ã®é²èŠ§ãå¯èœã«ããŸãã
"no"ãåã«çœ®ãããšã§æ¬æ©èœã¯ç¡å¹ãšãªããŸãã
ææ³
[no] ip http server
åæèšå®
æå¹
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
é¢é£ããã³ãã³ã
ip http port (P219)
Console(config)#ip http serverConsole(config)#
220FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
ip http secure-server
Webã€ã³ã¿ãã§ãŒã¹ã䜿çšãæ¬æ©ãžã®æå·åãããå®å šãªæ¥ç¶ãè¡ãããã«ãSecure Socket Layer (SSL)ã䜿çšãã Secure hypertext transfer protocol (HTTPS)ã䜿çšããããã®ã³ãã³ãã§ãã"no"ãåã«çœ®ãããšã§æ¬æ©èœãç¡å¹ã«ããŸãã
ææ³
[no] ip http secure-server
åæèšå®
æå¹
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠HTTPåã³ HTTPSãµãŒãã¹ã¯ããããã®ãµãŒãã¹ãåå¥ã«æå¹ã«ããããšãå¯èœã§ãã
⢠HTTPSãæå¹ã«ããå Žåã¯Webãã©ãŠã¶ã®ã¢ãã¬ã¹ããŒã« https://device[:ããŒãçªå· ]ãšå ¥åããŸãã
⢠HTTPSãæå¹ã«ããå Žåã以äžã®æé ã§æ¥ç¶ã確ç«ãããŸãïŒ
âã¯ã©ã€ã¢ã³ãã¯ãµãŒãã®ããžã¿ã«èšŒææžã䜿çšãããµãŒãã確蚌ããŸããâã¯ã©ã€ã¢ã³ãããã³ãµãŒãã¯ãæ¥ç¶ã®ããã«äœ¿çšãã 1ã»ããã®ã»ãã¥ãªãã£ã»ã ããã³ã«ãåå®ããŸãã
âã¯ã©ã€ã¢ã³ãããã³ãµãŒãã¯ãããŒã¿ãæå·åã解èªããããã®ã»ãã·ã§ã³ã»ããŒãçæããŸãã
⢠ã¯ã©ã€ã¢ã³ããšãµãŒãéã®æå·åãããã¢ã¯ã»ã¹ã確ç«ããå ŽåãInternet Explorer 5.xåã³ Netscape Navigator 4.xã®ã¹ããŒã¿ã¹ããŒã«éµããŒã¯ã衚瀺ãããŸãã
⢠以äžã®Webãã©ãŠã¶ãOSç°å¢ã§ HTTPSããµããŒãããŠããŸãã
â»ã»ãã¥ã¢ãµã€ã蚌æã®è©³çŽ°ã¯ P45 ããµã€ã蚌ææžã®èšå®å€æŽããåç §ããŠäžããã
äŸ
é¢é£ããã³ãã³ã
ip http secure-port (P222)
copy tftp https-certificate (P261)
Webãã©ãŠã¶ OS
Internet Explorer 5.0以äž
Windows 98ãWindows NTïŒãµãŒãã¹ãã㯠6aïŒãWindows 2000ãWindows XP
NetscapeNavigator 4.7以äž
Windows 98ãWindows NT ïŒãµãŒãã¹ãã㯠6aïŒãWindows 2000ãWindows XPãSolaris 2.6
Console(config)#ip http secure-serverConsole(config)#
221 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
ip http secure-port
Webã€ã³ã¿ãã§ãŒã¹ããã® HTTPS/SSLæ¥ç¶ã§äœ¿çšãã UDPããŒããèšå®ããããšãã§ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
ip http secure-port port_number
no ip http secure-port
⢠port_number â HTTPS/SSLã«äœ¿çšãã UDPããŒãçªå· (1-65535)
åæèšå®
443
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠HTTPãš HTTPSã§åãããŒãã¯èšå®ã§ããŸããã
⢠HTTPSããŒãçªå·ãèšå®ããå ŽåãHTTPSãµãŒãã«ã¢ã¯ã»ã¹ããããã«ã¯ URLã«ããŒãçªå·ãæå®ããå¿ èŠããããŸããïŒhttps://device:[ããŒãçªå· ]ïŒ
äŸ
é¢é£ããã³ãã³ã
ip http secure-server (P221)
copy tftp https-certificate (P261)
Console(config)#ip http secure-port 1000Console(config)#
222FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
3.6.5 Telnet ãµãŒããŒã³ãã³ã
ip telnet port
Telnetã€ã³ã¿ãã§ãŒã¹ã§ã¢ã¯ã»ã¹ããå Žåã® TCPããŒãçªå·ãæå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
ip telnet port port-number
no ip telnet port
⢠port-number â Telnetã€ã³ã¿ãã§ãŒã¹ã«äœ¿çšãã TCPããŒã(ç¯å²ïŒ1-65535)
åæèšå®
23
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
é¢é£ããã³ãã³ã
ip telnet server (P224)
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãžip telnet port Telnetã€ã³ã¿ãã§ãŒã¹ã«äœ¿çšããããŒãã®èšå® GC P223
ip telnet server 管ççš Telnetã€ã³ã¿ãã§ãŒã¹ã®äœ¿çš GC P224
Console(config)#ip telnet port 123Console(config)#
223 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
ip telnet server
Telnetããæ¬æ©ã®èšå®ãåã³èšå®æ å ±ã®é²èŠ§ãå¯èœã«ããŸãã
"no"ãåã«çœ®ãããšã§æ¬æ©èœã¯ç¡å¹ãšãªããŸãã
ææ³
[no] ip http server
åæèšå®
æå¹
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
é¢é£ããã³ãã³ã
ip telnet port (P223)
Console(config)#ip telnet serverConsole(config)#
224FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
3.6.6 Secure Shellã³ãã³ã
Secure Shell (SSH)ã¯ããã以åãããã£ãããŒã¯ã¬ãŒãªã¢ãŒãã¢ã¯ã»ã¹ããŒã«ã®ã»ãã¥ãªãã£é¢ã確ä¿ãã代æ¿ãšããŠãµãŒã /ã¯ã©ã€ã¢ã³ãã¢ããªã±ãŒã·ã§ã³ãå«ãã§ããŸãããŸããSSHã¯Telnetã«ä»£ããæ¬æ©ãžã®ã»ãã¥ã¢ãªãªã¢ãŒã管çã¢ã¯ã»ã¹ãæäŸããŸãã
ã¯ã©ã€ã¢ã³ãã SSHãããã³ã«ã«ãã£ãŠæ¬æ©ãšæ¥ç¶ããå Žåãæ¬æ©ã¯ã¢ã¯ã»ã¹èªèšŒã®ããã«ããŒã«ã«ã®ãŠãŒã¶åããã³ãã¹ã¯ãŒããšå ±ã«ã¯ã©ã€ã¢ã³ãã䜿çšããå ¬éæå·ããŒãçæããŸããããã«ãSSHã§ã¯æ¬æ©ãš SSHãå©çšãã管ç端æ«ã®éã®éä¿¡ããã¹ãŠæå·åãããããã¯ãŒã¯äžã®ããŒã¿ã®ä¿è·ãè¡ãªããŸãã
ããã§ã¯ãSSHãµãŒããèšå®ããããã®ã³ãã³ãã解説ããŸãã
ãªããSSHçµç±ã§ã®ç®¡çã¢ã¯ã»ã¹ãè¡ãªãããã«ã¯ãã¯ã©ã€ã¢ã³ãã« SSHã¯ã©ã€ã¢ã³ããã€ã³ã¹ããŒã«ããå¿ èŠããããŸãã
[泚æ ]ãæ¬æ©ã§ã¯ SSH Version1.5ãš 2.0ããµããŒãããŠããŸãã
æ¬æ©ã® SSHãµãŒãã¯ãã¹ã¯ãŒãåã³ãããªãã¯ããŒèªèšŒããµããŒãããŠããŸããSSHã¯ã©ã€ã¢ã³ãã«ãããã¹ã¯ãŒãèªèšŒãéžæããå ŽåãèªèšŒèšå®ããŒãžã§èšå®ãããã¹ã¯ãŒãã«ããæ¬æ©å ãRADIUSãTACACS+ã®ããããã®èªèšŒæ¹åŒãçšããŸããã¯ã©ã€ã¢ã³ãããããªãã¯ããŒèªèšŒãéžæããå Žåã«ã¯ãã¯ã©ã€ã¢ã³ãåã³æ¬æ©ã«å¯ŸããŠèªèšŒããŒã®èšå®ãè¡ãªãå¿ èŠããããŸããå ¬éæå·ããŒåã¯ãã¹ã¯ãŒãèªèšŒã®ã©ã¡ããã䜿çšããã«é¢ããããæ¬æ©äžã®èªèšŒããŒïŒSSHãã¹ãããŒïŒãçæããSSHãµãŒããæå¹ã«ããå¿ èŠããããŸãã
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãžip ssh server SSHãµãŒãã®äœ¿çš GC P228
ip ssh timeout SSHãµãŒãã®èªèšŒã¿ã€ã ã¢ãŠãèšå® GC P229
ip sshauthentication-retries
ã¯ã©ã€ã¢ã³ãã«èš±å¯ãããªãã©ã€æ°ã®èšå® GC P230
ip sshserver-key size
SSHãµãŒãããŒãµã€ãºã®èšå® GC P230
copy tftppublic-key
ãŠãŒã¶å ¬éããŒã® TFTPãµãŒãããæ¬æ©ãžã³ã㌠PE P261
deletepublic-key
ç¹å®ãŠãŒã¶ã®å ¬éããŒã®åé€ PE P231
ip ssh cryptohost-keygenerate
ãã¹ãããŒã®çæ PE P232
ip ssh cryptozeroize
RAMããã®ãã¹ãããŒã®åé€ PE P233
ip ssh savehost-key
RAMãããã©ãã·ã¥ã¡ã¢ãªãžã®ãã¹ãããŒã®ä¿å PE P233
disconnect ã©ã€ã³æ¥ç¶ã®çµäº PE P206
show ip ssh SSHãµãŒãã®ç¶æ ã®è¡šç€ºåã³ SSHèªèšŒã¿ã€ã ã¢ãŠãæéãšãªãã©ã€åæ°ã®èšå®
PE P234
show ssh SSHã»ãã·ã§ã³ç¶æ ã®è¡šç€º PE P234
show public-key ç¹å®ã®ãŠãŒã¶åã¯ãã¹ãã®å ¬éããŒã®è¡šç€º PE P235
show users SSHãŠãŒã¶ãã¢ã¯ã»ã¹ã¬ãã«ãå ¬éããŒã¿ã€ãã®è¡šç€º PE P258
225 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
SSHãµãŒãã䜿çšããã«ã¯ä»¥äžã®æé ã§èšå®ãè¡ãªããŸãã
ïŒ1ïŒãã¹ãããŒãã¢ã®çæ â "ip ssh crypto host-key generate"ã³ãã³ãã«ãããã¹ã ãããªã㯠/ãã©ã€ããŒãããŒã®ãã¢ãçæããŸãã
ïŒ2ïŒãã¹ãå ¬éããŒã®ã¯ã©ã€ã¢ã³ããžã®æäŸ â å€ãã® SSHã¯ã©ã€ã¢ã³ãã¯ãæ¬æ©ãšã®èªåçã«åææ¥ç¶èšå®äžã«èªåçã«ãã¹ãããŒãåãåããŸããããã§ãªãå Žåã«ã¯ãæåã§ç®¡ç端æ«ã®ãã¹ããã¡ã€ã«ãäœæãããã¹ãå ¬éããŒã眮ãå¿ èŠããããŸãããã¹ããã¡ã€ã«äžã®å ¬éæå·ããŒã¯ä»¥äžã®äŸã®ããã«è¡šç€ºãããŸãã
10.1.0.54 1024 35 1568499540186766925933394677505461732531367489083654725415020245593199868544358361651999923329781766065830956 1082591321289023376546801726272571413428762941301196195566782 595664104869574278881462065194174677298486546861571773939016477935594230357741309802273708779454524083971752646358058176716709574804776117
ïŒ3ïŒã¯ã©ã€ã¢ã³ãå ¬éããŒã®æ¬æ©ãžã®åã蟌㿠â P4-69"copy tftp public-key"ã³ãã³ãã䜿çšããSSHã¯ã©ã€ã¢ã³ãã®æ¬æ©ã®ç®¡çã¢ã¯ã»ã¹ã«æäŸãããå ¬éããŒãå«ããã¡ã€ã«ãã³ããŒããŸããã¯ã©ã€ã¢ã³ããžã¯ãããã®ããŒã䜿çšããèªèšŒãè¡ãªãããŸããçŸåšã®ãã¡ãŒã ãŠã§ã¢ã§ã¯ä»¥äžã®ãã㪠UNIXæšæºãã©ãŒãããã®ãã¡ã€ã«ã®ã¿åãå ¥ããããšãå¯èœã§ãã
1024 35 134108168560989392104094492015542534763164192187295892114317388005553616163105177594083868631109291232226828519254374603100937187721199696317813662774141689851320491172048303392543241016379975923714490119380060902539484084827178194372288402533115952134861022902978982721353267131629432532818915045306393916643 [email protected]
ïŒ4ïŒãªãã·ã§ã³ãã©ã¡ãŒã¿ã®èšå® â SSHèšå®ããŒãžã§ãèªèšŒã¿ã€ã ã¢ãŠãããªãã©ã€åæ°ããµãŒãããŒãµã€ãºãªã©ã®èšå®ãè¡ãªã£ãŠãã ããã
ïŒ5ïŒSSHã®æå¹å â "ip ssh server"ã³ãã³ãã䜿çšããæ¬æ©ã® SSHãµãŒããæå¹ã«ããŠäžããã
ïŒ6ïŒChallenge/ResponseèªèšŒ â SSHã¯ã©ã€ã¢ã³ããæ¬æ©ãšæ¥ç¶ããããšããå ŽåãSSHãµãŒãã¯ã»ãã·ã§ã³ããŒãšæå·åæ¹åŒã調æŽããããã«ãã¹ãããŒãã¢ã䜿çšããŸããæ¬æ©äžã«ä¿åãããå ¬éããŒã«å¯Ÿå¿ãããã©ã€ããŒãããŒãæã€ã¯ã©ã€ã¢ã³ãã®ã¿ã¢ã¯ã»ã¹ããããšãã§ããŸãã
以äžã®ãããªæé ã§èªèšŒããã»ã¹ãè¡ãªãããŸãã
a. ã¯ã©ã€ã¢ã³ããå ¬éããŒãæ¬æ©ã«éããŸãã
b. æ¬æ©ã¯ã¯ã©ã€ã¢ã³ãã®å ¬éããŒãšã¡ã¢ãªã«ä¿åãããŠããæ å ±ãæ¯èŒããŸãã
c. äžèŽããå Žåãå ¬éããŒãå©çšãæ¬æ©ã¯ãã€ãã®ä»»æã®ã·ãŒã±ã³ã¹ãæå·åãããã®å€ãã¯ã©ã€ã¢ã³ãã«éä¿¡ããŸãã
d. ã¯ã©ã€ã¢ã³ãã¯ãã©ã€ããŒãããŒã䜿çšããŠãã€ãã解èªãã解èªãããã€ããæ¬æ©ã«éä¿¡ããŸãã
e. æ¬æ©ã¯ãå ã®ãã€ããšè§£èªããããã€ããæ¯èŒããŸãã2ã€ã®ãã€ããäžèŽããå Žåãã¯ã©ã€ã¢ã³ãã®ãã©ã€ããŒãããŒãèš±å¯ãããå ¬éããŒã«å¯Ÿå¿ããŠããããšãæå³ããã¯ã©ã€ã¢ã³ããèªèšŒãããŸãã
226FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
[泚æ ]ã ãã¹ã¯ãŒãèªèšŒãšå ±ã« SSHã䜿çšããå Žåã«ãããã¹ãå ¬éããŒã¯åææ¥ç¶æåã¯æåã«ããã¯ã©ã€ã¢ã³ãã®ãã¹ããã¡ã€ã«ã«äžããããŸããäœããã¯ã©ã€ã¢ã³ãããŒã®èšå®ãè¡ãªãå¿ èŠã¯ãããŸããã
227 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
ip ssh server
SSHãµãŒãã®äœ¿çšãæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§èšå®ãç¡å¹ã«ããŸãã
ææ³
[no] ip ssh server
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠æ倧 4ã»ãã·ã§ã³ã®åææ¥ç¶ããµããŒãããŸããæ倧ã»ãã·ã§ã³æ°ã¯ Telnetåã³ SSHã®åèšæ°ã§ãã
⢠SSHãµãŒãã¯ã¯ã©ã€ã¢ã³ããšã®æ¥ç¶ã確ç«ããéã« DASå㯠RASã䜿ã£ãããŒäº€æãè¡ããŸãããã®åŸãDES (56-bit)ãŸã㯠3DES (168-bit) ãçšããŠããŒã¿ã®æå·åãè¡ããŸãã
⢠SSHãµãŒããæå¹ã«ããåã«ããã¹ãããŒãçæããå¿ èŠããããŸãã
äŸ
é¢é£ããã³ãã³ã
ip ssh crypto host-key generate (P232)
show ssh (P234)
Console#ip ssh crypto host-key generate dsaConsole#configureConsole(config)#ip ssh serverConsole(config)#
228FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
ip ssh timeout
SSHãµãŒãã®ã¿ã€ã ã¢ãŠãæéãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
ip ssh timeout seconds
no ip ssh timeout
⢠seconds â SSHæ¥ç¶èª¿æŽæã®ã¯ã©ã€ã¢ã³ãå¿çã®ã¿ã€ã ã¢ãŠãæéïŒèšå®ç¯å²ïŒ1-120ïŒ
åæèšå®
10ç§
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
ã¿ã€ã ã¢ãŠã㯠SSHæ å ±äº€ææã®ã¯ã©ã€ã¢ã³ãããã®å¿çãæ¬æ©ãåŸ ã€æéã®æå®ãè¡ãªããŸããSSHã»ãã·ã§ã³ã確ç«ããåŸã®ãŠãŒã¶å ¥åã®ã¿ã€ã ã¢ãŠã㯠vtyã»ãã·ã§ã³ãžã® "exec-timeout"ã³ãã³ãã䜿çšããŸãã
äŸ
é¢é£ããã³ãã³ã
exec-timeout (P200)
show ip ssh (P234)
Console(config)#ip ssh timeout 60Console(config)#
229 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
ip ssh authentication-retries
SSHãµãŒãããŠãŒã¶ã®åèªèšŒãè¡ãªãåæ°ãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
ip ssh authentication-retries count
no ip ssh authentication-retries
⢠count â ã€ã³ã¿ãã§ãŒã¹ããªã»ããåŸãèªèšŒãè¡ãªãããšãã§ããåæ°ïŒèšå®ç¯å²ïŒ1-5ïŒ
åæèšå®
3
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
é¢é£ããã³ãã³ã
show ip ssh (P234)
ip ssh server-key size
SSHãµãŒãããŒãµã€ãºãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
ip ssh server-key size key-size
no ip ssh server-key size
⢠key-size â ãµãŒãããŒã®ãµã€ãºïŒèšå®ç¯å²ïŒ512-896bitsïŒ
åæèšå®
768 bits
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠ãµãŒãããŒã¯ãã©ã€ããŒãããŒãšãªãæ¬æ©ä»¥å€ãšã®å ±æã¯ããŸããã
⢠SSHã¯ã©ã€ã¢ã³ããšå ±æãããã¹ãããŒãµã€ãºã¯ 1024bitã«åºå®ãããŠããŸãã
äŸ
Console(config)#ip ssh authentication-retries 2Console(config)#
Console(config)#ip ssh server-key size 512Console(config)#
230FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
delete public-key
ç¹å®ã®ãŠãŒã¶ãããªãã¯ããŒãåé€ããŸãã
ææ³
delete public-key username [dsa | rsa]
⢠username â SSHãµãŒãåïŒèšå®ç¯å²ïŒ1-8æåïŒ
⢠dsa â DSAå ¬éããŒã¿ã€ã
⢠rsa â RSAå ¬éããŒã¿ã€ã
åæèšå®
DSAåã³ RSAããŒã®äž¡æ¹ã®åé€
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#delete public-key admin dsaConsole#
231 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
ip ssh crypto host-key generate
ãããªãã¯åã³ãã©ã€ããŒãã®ãã¹ãããŒãã¢ã®çæãè¡ãªããŸãã
ææ³
ip ssh crypto host-key generate [dsa | rsa]
⢠dsa â DSAïŒVersion2ïŒããŒã¿ã€ã
⢠rsa â RSAïŒVersion1ïŒããŒã¿ã€ã
åæèšå®
DSAåã³ RSAããŒãã¢äž¡æ¹ã®çæ
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
⢠æ¬ã³ãã³ãã¯ãã¹ãããŒãã¢ãã¡ã¢ãª (RAM)ã«ä¿åããŸãã" ip ssh save host-key"ã³ãã³ãã䜿çšããŠãã¹ãããŒãã¢ããã©ãã·ã¥ã¡ã¢ãªã«ä¿åã§ããŸãã
⢠å€ãã® SSHã¯ã©ã€ã¢ã³ãã¯æ¥ç¶èšå®æã«èªåçã«ãããªãã¯ããŒããã¹ããã¡ã€ã«ãšããŠä¿åããŸããããã§ãªãå Žåã«ã¯ãæåã§ç®¡ç端æ«ã®ãã¹ããã¡ã€ã«ãäœæãããã¹ãå ¬éããŒã眮ãå¿ èŠããããŸãã
⢠SSHãµãŒãã¯ãæ¥ç¶ããããšããã¯ã©ã€ã¢ã³ããšã»ãã·ã§ã³ããŒåã³æå·åæ¹æ³ãåã決ããããã«ãã¹ãããŒã䜿çšããŸãã
äŸ
é¢é£ããã³ãã³ã
ip ssh crypto zeroize (P233)
ip ssh save host-key (P233)
Console#ip ssh crypto host-key generate dsaConsole#
232FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
ip ssh crypto zeroize
ãã¹ãããŒãã¡ã¢ãª (RAM)ããåé€ããŸãã
ææ³
ip ssh crypto zeroize [dsa | rsa]
⢠dsa â DSAããŒã¿ã€ã
⢠rsa â RSAããŒã¿ã€ã
åæèšå®
DSAåã³ RSAããŒã®äž¡æ¹ãåé€
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
⢠RAMãããã¹ãããŒãåé€ããŸãã" no ip ssh save host-key"ã³ãã³ãã䜿çšããããšã§ãã©ãã·ã¥ã¡ã¢ãªãããã¹ãããŒãåé€ã§ããŸãã
⢠æ¬ã³ãã³ãã䜿çšããéã¯äºåã« SSHãµãŒããç¡å¹ã«ããŠäžããã
äŸ
ip ssh save host-key
ãã¹ãããŒã RAMãããã©ãã·ã¥ã¡ã¢ãªã«ä¿åããŸãã
ææ³
ip ssh save host-key [dsa | rsa]
⢠dsa â DSAããŒã¿ã€ã
⢠rsa â RSAããŒã¿ã€ã
åæèšå®
DSAåã³ RSAããŒã®äž¡æ¹ãä¿å
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
é¢é£ããã³ãã³ã
ip ssh crypto host-key generate (P232)
Console#ip ssh crypto zeroize dsaConsole#
Console#ip ssh save host-key dsaConsole#
233 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
show ip ssh
ãã®ã³ãã³ãã䜿çšããããšã§ SSHãµãŒãã®èšå®ç¶æ³ãé²èŠ§ããããšãã§ããŸãã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
show ssh
çŸåšã® SSHãµãŒããžã®æ¥ç¶ç¶æ³ã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show ip sshSSH Enabled - version 1.99Negotiation timeout: 120 secs; Authentication retries: 3Server key size: 768 bitsConsole#
Console#show sshConnection Version State Username Encryption
0 ãããã 2.0 Session-Started admin ctos aes128-cbc-hmac-md5 stoc aes128-cbc-hmac-md5Console#
é ç® è§£èª¬
Session ã»ãã·ã§ã³çªå· ( 0-3)
Version SSHããŒãžã§ã³çªå·
State èªèšŒæ¥ç¶ç¶æ ïŒå€ïŒ Negotiation-Started, Authentication-Started,Session-StartedïŒ
Username ã¯ã©ã€ã¢ã³ãã®ãŠãŒã¶å
Encryption æå·åæ¹åŒã¯ã¯ã©ã€ã¢ã³ããšãµãŒãã®éã§èªåçã«æ å ±äº€æãè¡ãªãèšå®ããŸããSSH v1.5ã®éžæè¢ïŒDES, 3DESSSH v2.0ã®éžæè¢ã¯ client-to-server (ctos)åã³ server-to-client (stoc)ã® 2çš®é¡ã®æ¹åŒããµããŒãããŸãïŒaes128-cbc-hmac-sha1ãaes192-cbc-hmac-sha1aes256-cbc-hmac-sha1ã3des-cbc-hmac-sha1blowfish-cbc-hmac-sha1ãaes128-cbc-hmac-md5aes192-cbc-hmac-md5ãaes256-cbc-hmac-md53des-cbc-hmac-md5ãblowfish-cbc-hmac-md5çšèªéïŒDES â Data Encryption Standard (56-bit key)3DES â Triple-DES (Uses three iterations of DES, 112-bit key)aes â Advanced Encryption Standard (160 or 224-bit key)blowfish â Blowfish (32-448 bit key)cbc â cypher-block chainingsha1 â Secure Hash Algorithm 1 (160-bit hashes)md5 â Message Digest algorithm number 5 (128-bit hashes)
234FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
show public-key
ç¹å®ã®ãŠãŒã¶åã¯ãã¹ãã®å ¬éããŒã衚瀺ããŸãã
ææ³
show public-key [user [username]| host]
⢠username â SSHãŠãŒã¶åïŒç¯å²ïŒ1-8æåïŒ
åæèšå®
ãã¹ãŠã®å ¬éããŒã®è¡šç€º
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
⢠ãã©ã¡ãŒã¿ãèšå®ããªãå Žåã«ã¯ããã¹ãŠã®ããŒã衚瀺ãããŸããããŒã¯ãŒããå ¥åãããŠãŒã¶åãæå®ããªãå Žåããã¹ãŠã®ãŠãŒã¶ã®å ¬éããŒã衚瀺ãããŸãã
⢠RSAããŒã衚瀺ãããå Žåãæåã®ãã£ãŒã«ãã¯ãã¹ãããŒãµã€ãº (1024)ãšãªãã次ã®ãã£ãŒã«ãã¯ãšã³ã³ãŒããããå ¬éææ° (35)ããã®åŸã®å€ããšã³ã³ãŒããããã¢ãžã¥ãŒã«ãšãªããŸããDSAããŒã衚瀺ãããå Žåãæåã®ãã£ãŒã«ã㯠SSHã§äœ¿çšãããæå·åæ¹åŒã® DSSãšãªãããã®åŸã®å€ããšã³ã³ãŒããããã¢ãžã¥ãŒã«ãšãªããŸãã
äŸ
Console#show public-key hostHost:RSA:1024 35156849954018676692593339467750546173253136748908365472541502024559319986854435836165199992332978176606583095861082591321289023376546801726272571413428762941301196195566782595664104869574278881462065194174677298486546861571773939016477935594230357741309802273708779454524083971752646358058176716709574804776117DSA:ssh-dss AAAB3NzaC1kc3MAAACBAPWKZTPbsRIB8ydEXcxM3dyV/yrDbKStIlnzD/Dg0h2HxcYV44sXZ2JXhamLK6P8bvuiyacWbUW/a4PAtp1KMSdqsKeh3hKoA3vRRSy1N2XFfAKxl5fwFfvJlPdOkFgzLGMinvSNYQwiQXbKTBH0Z4mUZpE85PWxDZMaCNBPjBrRAAAAFQChb4vsdfQGNIjwbvwrNLaQ77isiwAAAIEAsy5YWDC99ebYHNRj5kh47wY4i8cZvH+/p9cnrfwFTMU01VFDly3IR2G395NLy5Qd7ZDxfA9mCOfT/yyEfbobMJZi8oGCstSNOxrZZVnMqWrTYfdrKX7YKBw/Kjw6BmiFq7O+jAhf1Dg45loAc27s6TLdtny1wRq/ow2eTCD5nekAAACBAJ8rMccXTxHLFAczWS7EjOyDbsloBfPuSAb4oAsyjKXKVYNLQkTLZfcFRu41bS2KV5LAwecsigF/+DjKGWtPNIQqabKgYCw2 o/dVzX4Gg+yqdTlYmGA7fHGm8ARGeiG4ssFKy4Z6DmYPXFum1Yg0fhLwuHpOSKdxT3kk475S7 w0WConsole#
235 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
3.6.7 Event Loggingã³ãã³ã
logging on
ãšã©ãŒã¡ãã»ãŒãžã®ãã°ãåãããã®ã³ãã³ãã§ãããããã°åã¯ãšã©ãŒã¡ãã»ãŒãžããã°ãšããŠä¿åããŸãã"no"ãåã«çœ®ãããšã§èšå®ãç¡å¹ã«ããŸãã
ææ³
[no] logging on
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
ãã°ãšããŠä¿åããããšã©ãŒã¡ãã»ãŒãžã¯æ¬äœã®ã¡ã¢ãªåã¯ãªã¢ãŒãã® syslogãµãŒãã«ä¿åãããŸãã"logging history"ã³ãã³ãã䜿çšããŠã¡ã¢ãªã«ä¿åãããã°ã®çš®é¡ãéžæããããšãã§ããŸãã
äŸ
é¢é£ããã³ãã³ã
logging history (P237)
clear logging (P239)
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
logging on ãšã©ãŒã¡ãã»ãŒãžãã°ã®èšå® GC P236
logginghistory
éèŠåºŠã«åºã¥ãã SNMP管ç端æ«ã«éä¿¡ããsyslogã®èšå®
GC P237
logging host syslogãéä¿¡ãããã¹ãã® IPã¢ãã¬ã¹ã®èšå® GC P238
logging facility ãªã¢ãŒã㧠syslogãä¿åããéã®ãã¡ã·ãªãã£ã¿ã€ãã®ç«¶ã£ãŠå°Ÿ
GC P238
logging trap ãªã¢ãŒããµãŒããžã®éèŠåºŠã«ããšã¥ããŠã syslogã¡ãã»ãŒãžã®ä¿å
GC P239
clear logging ãã°ãããã¡ã®ã¯ãªã¢ PE P239
show logging ãã°é¢é£æ å ±ã®è¡šç€º PE P241
show log ãã°ã¡ãã»ãŒãžã®è¡šç€º PE P243
Console(config)#logging onConsole(config)#
236FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
logging history
æ¬äœã®ã¡ã¢ãªã«ä¿åããã¡ãã»ãŒãžã®çš®é¡ãæå®ããããšãã§ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
logging history {flash | ram} level
no logging history {flash | ram}
⢠flash â ãã©ãã·ã¥ã¡ã¢ãªã«ä¿åãããã€ãã³ãå±¥æŽ
⢠ram â RAMã«ä¿åãããã€ãã³ãå±¥æŽ
⢠level â ã¬ãã«ã¯ä»¥äžã®è¡šã®éãã§ããéžæãã Levelãã Level0ãŸã§ã®ã¡ãã»ãŒãžãä¿åãããŸãïŒéžæãã Levelã¯å«ãŸããŸãïŒ
â»çŸåšã®ãã¡ãŒã ãŠã§ã¢ã§ã¯ Level 2,5,6ã®ã¿ãµããŒãããŠããŸãã
åæèšå®
Flash: errors (level 3 - 0)
RAM: warnings (level 6 - 0)
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
ãã©ãã·ã¥ã¡ã¢ãªã«ã¯ãRAMã«èšå®ãã Levelããé«ã Levelãèšå®ããŠäžããã
äŸ
ã¬ãã«åŒæ° ã¬ã㫠解説 syslogå®çŸ©
debugging 7 ãããã°ã¡ãã»ãŒãž LOG_DEBUG
Informational 6 æ å ±ã¡ãã»ãŒãž LOG_INFO
notifications 5 éèŠãªã¡ãã»ãŒãž LOG_NOTICE
warnings 4 èŠåã¡ãã»ãŒãž LOG_WARNING
Errors 3 ãšã©ãŒç¶æ ã瀺ãã¡ãã»ãŒãž LOG_ERR
Critical 2 é倧ãªç¶æ ã瀺ããšã©ãŒã¡ãã»ãŒãž LOG_CRIT
alerts 1 è¿ éãªå¯Ÿå¿ãå¿ èŠãªã¡ãã»ãŒãž LOG_ALERT
emergencies 0 ã·ã¹ãã äžå®å®ç¶æ ã瀺ãã¡ãã»ãŒãž LOG_EMERG
Console(config)#logging history ram 0Console(config)#
237 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
logging host
ãã°ã¡ãã»ãŒãžãåãåã syslogãµãŒãã® IPã¢ãã¬ã¹ãèšå®ããŸãã"no"ãåã«çœ®ãããšã§ syslogãµãŒããåé€ããŸãã
ææ³
[no] logging host host_ip_address
⢠host_ip_address â syslogãµãŒãã® IPã¢ãã¬ã¹
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠ç°ãªã IPã¢ãã¬ã¹ã®ãã¹ããæå®ããã³ãã³ããå ¥åããæ倧 5ã€ã® syslogãµãŒããèšå®ã§ããŸãã
äŸ
logging facility
syslogã¡ãã»ãŒãžãéãéã® facilityã¿ã€ããèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
[no] logging facility type
type â syslogãµãŒãã§äœ¿çšãã facilityã¿ã€ãã®å€ãæå®ããŸãã(16-23)
åæèšå®
23
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
syslogã¡ãã»ãŒãžãšããŠéä¿¡ãããã¡ã·ãªãã£ã¿ã€ãã¿ã°ã®èšå®ãè¡ãªããŸã (詳现ïŒRFC3164)ãã¿ã€ãã®èšå®ã¯ãæ¬æ©ã«ããå ±åããã¡ãã»ãŒãžã®çš®é¡ã«åœ±é¿ããŸãããsyslogãµãŒãã«ãããŠãœãŒããããŒã¿ããŒã¹ãžã®ä¿åã®éã«äœ¿çšãããŸãã
äŸ
Console(config)#logging host 10.1.0.3Console(config)#
Console(config)#logging facility 19Console(config)#
238FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
logging trap
syslogãµãŒãã«éä¿¡ããã¡ãã»ãŒãžã®çš®é¡ãæå®ããããšãã§ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
logging trap level
no logging trap
level â ã¬ãã«ã¯ä»¥äžã®è¡šã®éãã§ããéžæããLevelããLevel0ãŸã§ã®ã¡ãã»ãŒãžãéä¿¡ãããŸ
ãïŒéžæãã Levelã¯å«ãŸããŸãïŒ
åæèšå®
æå¹ïŒã¬ãã«ïŒ6-0ïŒ
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠ã¬ãã«ãæå®ããããšã«ãã£ãŠãsyslogãµãŒããžã®éä¿¡ãæå¹ã«èšå®ããéžæããLevelãã Level0ãŸã§ã®ã¡ãã»ãŒãžãä¿åãããŸãïŒéžæãã Levelã¯å«ãŸããŸãïŒ
⢠ã¬ãã«ãæå®ããªãå ŽåãsyslogãµãŒããžã®éä¿¡ãæå¹ã«èšå®ããä¿åãããã¡ãã»ãŒãžã¬ãã«ãåæèšå®ã«æ»ããŸãã
äŸ
ã¬ãã«åŒæ° ã¬ã㫠解説 syslogå®çŸ©
debugging 7 ãããã°ã¡ãã»ãŒãž LOG_DEBUG
Informational 6 æ å ±ã¡ãã»ãŒãž LOG_INFO
notifications 5 éèŠãªã¡ãã»ãŒãž LOG_NOTICE
warnings 4 èŠåã¡ãã»ãŒãž LOG_WARNING
Errors 3 ãšã©ãŒç¶æ ã瀺ãã¡ãã»ãŒãž
LOG_ERR
Critical 2 é倧ãªç¶æ ã瀺ããšã©ãŒã¡ãã»ãŒãž
LOG_CRIT
alerts 1 è¿ éãªå¯Ÿå¿ãå¿ èŠãªã¡ãã»ãŒãž
LOG_ALERT
emergencies 0 ã·ã¹ãã äžå®å®ç¶æ ã瀺ãã¡ãã»ãŒãž
LOG_EMERG
Console(config)#logging trap 4Console(config)#
239 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
clear logging
ãã°ããããã¡ããåé€ããã³ãã³ãã§ãã
ææ³
clear logging [flash | ram]
⢠flash â ãã©ãã·ã¥ã¡ã¢ãªã«ä¿åãããã€ãã³ãå±¥æŽ
⢠ram â RAMã«ä¿åãããã€ãã³ãå±¥æŽ
åæèšå®
Flash and RAM
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
é¢é£ããã³ãã³ã
show logging (P241)
Console#clear loggingConsole#
240FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
show logging
ã·ã¹ãã ãã€ãã³ãã¡ãã»ãŒãžã«é¢ãããã°ã衚瀺ããŸãã
ææ³
show logging {flash | ram | sendmail | trap}
⢠flash â ãã©ãã·ã¥ã¡ã¢ãªã«ä¿åãããã€ãã³ãå±¥æŽ
⢠ram â RAMã«ä¿åãããã€ãã³ãå±¥æŽ
⢠sendmail â SMTPã€ãã³ããã³ãã©ã®èšå®ã衚瀺 (P4-74)
⢠trap â syslogãµãŒãã«éä¿¡ãããã¡ãã»ãŒãž
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
æ¬äŸã§ã¯ãsyslogãæå¹ã§ããã©ãã·ã¥ã¡ã¢ãªã®ã¡ãã»ãŒãžã¬ãã«ã¯ "errors"ïŒåæå€ 3-0ïŒãRAMãžã®ã¡ãã»ãŒãžã¬ãã«ã¯ "debugging"ïŒåæå€ 7-0ïŒãšèšå®ããŠããã1ã€ã®ãµã³ãã«ãšã©ãŒã衚瀺ãããŠããŸãã
Console#show logging flash
Syslog logging:ããããã EnableHistory logging in FLASH: level errorsConsole#show logging ramSyslog logging: EnableHistory logging in RAM: level debuggingConsole#
é ç® è§£èª¬
Syslog logging logging onã³ãã³ãã«ããã·ã¹ãã ãã°ãæå¹åãããŠãããã衚瀺
History logging in FLASH logging historyã³ãã³ãã«ãããªããŒããããã¡ãã»ãŒãžã¬ãã«
History logging in RAM logging historyã³ãã³ãã«ãããªããŒããããã¡ãã»ãŒãžã¬ãã«
241 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
æ¬äŸã§ã¯ããã©ããæ©èœã®èšå®ã衚瀺ããŠããŸãã
é¢é£ããã³ãã³ã
show logging sendmail (P247)
Console#show logging trapSyslog logging: EnableREMOTELOG status: disableREMOTELOG facility type: local use 7REMOTELOG level type: Debugging messagesREMOTELOG server IP address: 1.2.3.4REMOTELOG server IP address: 0.0.0.0REMOTELOG server IP address: 0.0.0.0REMOTELOG server IP address: 0.0.0.0REMOTELOG server IP address: 0.0.0.0Console#
é ç® è§£èª¬
Syslog logging logging onã³ãã³ãã«ããã·ã¹ãã ãã°ãæå¹åãããŠãããã衚瀺
REMOTELOGstatus
logging trapã³ãã³ãã«ãããªã¢ãŒããã®ã³ã°ãæå¹åãããŠãããã衚瀺
REMOTELOGfacility type
logging facilityã³ãã³ãã«ãããªã¢ãŒããµãŒãã«éä¿¡ããã syslogã¡ãã»ãŒãžã®ãã¡ã·ãªãã£ã¿ã€ã
REMOTELOGlevel type
logging trapã³ãã³ãã«ãããªã¢ãŒããµãŒãã«éä¿¡ããã syslogã¡ãã»ãŒãžã®ãããå€
REMOTELOGserver IP address logging hostã³ãã³ãã«ãã syslogãµãŒãã® IPã¢ãã¬ã¹
242FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
show log
ã¹ã€ããã®ã¡ã¢ãªã«éä¿¡ããããã·ã¹ãã /ã€ãã³ãã¡ãã»ãŒãžã衚瀺ããŸãã
ææ³
show log {flash | ram} [login] [tail]
flash â ãã©ãã·ã¥ã¡ã¢ãª (æä¹ ç )ã«ä¿åãããã€ãã³ãå±¥æŽ
ram â RAM(é»æºæå ¥æã«æ¶å»ããã )ã«ä¿åãããã€ãã³ãå±¥æŽ
tail âææ°ã®å±¥æŽãã衚瀺
login â ãã°ã€ã³ã«é¢ããå±¥æŽã®ã¿è¡šç€º
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
ã¡ã¢ãªã«ä¿åãããã·ã¹ãã /ã€ãã³ãã¡ãã»ãŒãžã衚瀺ããŸããã¿ã€ã ã¹ã¿ã³ããã¡ãã»ãŒãžã¬ãã«ãããã°ã©ã ã¢ãžã¥ãŒã«ãæ©èœãåã³ã€ãã³ãçªå·ã衚瀺ããŸãã
äŸ
æ¬äŸã§ã¯ãRAMã«ä¿åããŠãããµã³ãã«ã¡ãã»ãŒãžã衚瀺ããŠããŸãã
Console#show log ram[5] 00:01:06 2001-01-01 "STA root change notification." level: 6, module: 6, function: 1, and event no.: 1[4] 00:01:00 2001-01-01 "STA root change notification." level: 6, module: 6, function: 1, and event no.: 1[3] 00:00:54 2001-01-01 "STA root change notification." level: 6, module: 6, function: 1, and event no.: 1[2] 00:00:50 2001-01-01 "STA topology change notification." level: 6, module: 6, function: 1, and event no.: 1[1] 00:00:48 2001-01-01 "VLAN 1 link-up notification." level: 6, module: 6, function: 1, and event no.: 1Console#
243 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
3.6.8 SMTPã¢ã©ãŒãã³ãã³ã
SMTPã€ãã³ããã³ãã«åã³ã¢ã©ãŒãã¡ãã»ãŒãžã® SMTPãµãŒãåã³ã¡ãŒã«åä¿¡è ãžã®éä¿¡ã®èšå®ãè¡ããŸãã
logging sendmail host
ã¢ã©ãŒãã¡ãã»ãŒãžãéä¿¡ãã SMTPãµãŒããæå®ããŸãã
"no"ãåã«çœ®ãããšã§ SMTPãµãŒãã®èšå®ãåé€ããŸãã
ææ³
[no] logging sendmail host ip_address
⢠ip_address â ã¢ã©ãŒããéããã SMTPãµãŒãã® IPã¢ãã¬ã¹
åæèšå®
None
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠æ倧 3ã€ã® SMTPãµãŒããæå®ã§ããŸããè€æ°ã®ãµãŒããæå®ããå Žåã¯ããµãŒãæ¯ã«ã³ãã³ããå ¥åããŠäžããã
⢠e-mailã¢ã©ãŒããéä¿¡ããå Žåãæ¬æ©ã¯ãŸãæ¥ç¶ãè¡ãªãããã¹ãŠã® e-mailã¢ã©ãŒããé çªã« 1éãã€éä¿¡ããåŸãæ¥ç¶ãéããŸãã
⢠æ¥ç¶ãè¡ãªãå Žåãæ¬æ©ã¯ååã®æ¥ç¶æã«ã¡ãŒã«ã®éä¿¡ãæåãããµãŒããžã®æ¥ç¶ãè©Šã¿ãŸãããã®ãµãŒãã§ã®æ¥ç¶ã«å€±æããå Žåãæ¬æ©ã¯ãªã¹ãã®æ¬¡ã®ãµãŒãã§ã®ã¡ãŒã«ã®éä¿¡ãè©Šã¿ãŸãããã®æ¥ç¶ã倱æããå Žåã«ã¯ãæ¬æ©ã¯åšæçã«æ¥ç¶ãè©Šã¿ãŸãïŒæ¥ç¶ãè¡ãªããªãã£ãå Žåã«ã¯ããã©ãããçºè¡ãããŸãïŒ
äŸ
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
logging sendmailhost
ã¢ã©ãŒãã¡ãã»ãŒãžãåä¿¡ãã SMTPãµãŒã GC P244
logging sendmaillevel
ã¢ã©ãŒãã¡ãã»ãŒãžã®ãããå€èšå® GC P245
logging sendmailsource-email
ã¡ãŒã«ã®âFromâè¡ã«å ¥åãããã¢ãã¬ã¹ã®èšå® GC P245
logging sendmaildestination-email
ã¡ãŒã«åä¿¡è ã®èšå® GC P246
logging sendmail SMTPã€ãã³ããã³ããªã³ã°ã®æå¹å GC P246
show loggingsendmail
SMTPã€ãã³ããã³ãã©èšå®ã®è¡šç€º NE,PE P247
Console(config)#logging sendmail host 192.168.1.19Console(config)#
244FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
logging sendmail level
ã¢ã©ãŒãã¡ãã»ãŒãžã®ãããå€ã®èšå®ãè¡ãªããŸãã
ææ³
logging sendmail level level
⢠level â ã·ã¹ãã ã¡ãã»ãŒãžã¬ãã« (P239)ãèšå®ããå€ããã¬ãã« 0ãŸã§ã®ã¡ãã»ãŒãžãéä¿¡ãããŸãïŒèšå®ç¯å²ïŒ0-7ãåæèšå®ïŒ7ïŒ
åæèšå®
Level 7
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
ã€ãã³ããããå€ã®ã¬ãã«ãæå®ããŸããèšå®ããã¬ãã«ãšãã以äžã®ã¬ãã«ã®ã€ãã³ããæå®ããã¡ãŒã«åä¿¡è ã«éä¿¡ãããŸãïŒäŸïŒã¬ãã« 7ã«ããå Žåã¯ã¬ãã« 7ãã 0ã®ã€ãã³ããéä¿¡ãããŸãïŒ
äŸ
æ¬äŸã§ã¯ã¬ãã« 3ããã¬ãã« 0ã®ã·ã¹ãã ãšã©ãŒãã¡ãŒã«ã§éä¿¡ãããŸãã
logging sendmail source-email
ã¡ãŒã«ã® "From"è¡ã«å ¥åãããã¡ãŒã«éä¿¡è åãèšå®ããŸãã
ææ³
logging sendmail source-email email-address
⢠email-address â ã¢ã©ãŒãã¡ãã»ãŒãžã®éä¿¡å ã¢ãã¬ã¹ïŒèšå®ç¯å²ïŒ0-41æåïŒ
åæèšå®
None
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
æ¬æ©ãèå¥ããããã®ã¢ãã¬ã¹ïŒæååïŒãæ¬æ©ã®ç®¡çè ã®ã¢ãã¬ã¹ãªã©ã䜿çšããŸãã
äŸ
Console(config)#logging sendmail level 3Console(config)#
Console(config)#logging sendmail source-email [email protected](config)#
245 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
logging sendmail destination-email
ã¢ã©ãŒãã¡ãã»ãŒãžã®ã¡ãŒã«åä¿¡è ãæå®ããŸãã
"no"ãåã«çœ®ãããšã§åä¿¡è ãåé€ããŸãã
ææ³
logging sendmail destination-email email-address
no logging sendmail destination-email email-address
⢠email-address â ã¢ã©ãŒãã¡ãã»ãŒãžã®éä¿¡å ã¢ãã¬ã¹ïŒèšå®ç¯å²ïŒ1-41æåïŒ
åæèšå®
None
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
æ倧 5ã€ã®ã¢ãã¬ã¹ãæå®ããããšãã§ããŸããè€æ°ã®ã¢ãã¬ã¹ãèšå®ããéã¯ã¢ãã¬ã¹æ¯ã«ã³ãã³ããå ¥åããŠäžããã
äŸ
logging sendmail
SMTPã€ãã³ããã³ãã©ãæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§æ©èœãç¡å¹ã«ããŸãã
ææ³
[no] logging sendmail
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
Console(config)#logging sendmail [email protected](config)#
Console(config)#logging sendmailConsole(config)#
246FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
show logging sendmail
SMTPã€ãã³ããã³ãã©ã®èšå®ã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Normal Exec, Privileged Exec
äŸ
Console#show logging sendmailSMTP servers-----------------------------------------------192.168.1.19SMTP minimum severity level: 7
SMTP destination email addresses-----------------------------------------------ted@this-company.com
SMTP source email address: [email protected]
SMTP status: Enable
Console#
247 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
3.6.9 Timeã³ãã³ã
NTPå㯠SNTPã¿ã€ã ãµãŒããæå®ããããšã«ããã·ã¹ãã æå»ã®åçãªèšå®ãè¡ãªãããšãã§ããŸãã
sntp client
"sntp client"ã³ãã³ãã«ããæå®ãã NTPå㯠SNTPã¿ã€ã ãµãŒããžã® SNTPã¯ã©ã€ã¢ã³ããªã¯ãšã¹ããæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§ SNTPã¯ã©ã€ã¢ã³ããªã¯ãšã¹ããç¡å¹ã«ããŸãã
ææ³
[no] sntp client
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠æ¬æ©ã®å éšæå»ã®èšå®ãæ£ç¢ºã«ä¿ã€ããšã«ãããã·ã¹ãã ãã°ã®ä¿åã®éã«æ¥æãæ£ç¢ºã«èšé²ããããšãã§ããŸããæå»ã®èšå®ããããŠããªãå Žåãèµ·åæã®æå»ïŒ00:00:00, Jan. 1, 2001ïŒãåæèšå®ã®æå»ãšãªããããããã®æéçµéãšãªããŸãã
⢠æ¬ã³ãã³ãã«ããã¯ã©ã€ã¢ã³ãæå»ãªã¯ãšã¹ããæå¹ãšãªã "sntp poll"ã³ãã³ãã«ããèšå®ããééã§ã"sntp servers"ã³ãã³ãã«ããæå®ããããµãŒãã«ãªã¯ãšã¹ããè¡ãªããŸãã
äŸ
é¢é£ããã³ãã³ã
sntp server (P249)
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãžsntp client ç¹å®ã®ã¿ã€ã ãµãŒãããã®æå»ã®ååŸ GC P248
sntp server ã¿ã€ã ãµãŒãã®æå® GC P249
sntp poll ãªã¯ãšã¹ãéä¿¡ééã®èšå® GC P250
show sntp SNTPèšå®ã®è¡šç€º NE,PE P250
clock timezone æ¬æ©å éšæå»ã®ã¿ã€ã ãŸãŒã³ã®èšå® GC P251
calendar set ã·ã¹ãã æ¥æã®èšå® PE P252
show calendar çŸåšã®æå»åã³èšå®ã®è¡šç€º NE,PE P252
Console(config)#sntp server 10.1.0.19Console(config)#sntp poll 60Console(config)#sntp clientConsole(config)#endConsole#show sntpCurrent time: Dec 23 02:52:44 2002Poll interval: 60Current mode: unicastSNTP status:EnabledSNTP server:10.1.0.19.0.0.0.0.0.0.0.0Current server:10.1.0.19Console#
248FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
sntp server
SNTPã¿ã€ã ãªã¯ãšã¹ããåãä»ãã IPã¢ãã¬ã¹ãæå®ããŸãã"no"ãåŒæ°ãšããããšã«ãããã¹ãŠã®ã¿ã€ã ãµãŒããåé€ããŸãã
ææ³
sntp server [ip1 [ip2 [ip3]]]
⢠ip â NTP/SNTPã¿ã€ã ãµãŒãã® IPã¢ãã¬ã¹ïŒèšå®å¯èœæ°ïŒ1-3ïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
SNTPã¯ã©ã€ã¢ã³ãã¢ãŒãæã®æå»åæãªã¯ãšã¹ããéä¿¡ããã¿ã€ã ãµãŒãã®æå®ãè¡ãªããŸããæ¬æ©ã¯ã¿ã€ã ãµãŒãã«å¯ŸããŠå¿çãåä¿¡ãããŸã§èŠæ±ãéä¿¡ããŸãã"sntp poll"ã³ãã³ãã«åºã¥ããééã§ãªã¯ãšã¹ããéä¿¡ããŸãã
äŸ
Console(config)#sntp server 10.1.0.19Console#
249 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
sntp poll
SNTPã¯ã©ã€ã¢ã³ãã¢ãŒãæã«æå»åæèŠæ±ã®éä¿¡ééãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
sntp poll hours
no sntp poll
⢠seconds â ãªã¯ãšã¹ãééïŒèšå®ç¯å²ïŒ6-16384ç§ïŒ
åæèšå®
16ç§
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
SNTPã¯ã©ã€ã¢ã³ãã¢ãŒãæã«ã®ã¿æå¹ãšãªããŸãã
äŸ
é¢é£ããã³ãã³ã
sntp client (P248)
show sntp
SNTPã¯ã©ã€ã¢ã³ãã®èšå®åã³çŸåšã®æéã衚瀺ããçŸå°æéãé©åã«æŽæ°ãããŠããã確èªããŸãã
ã³ãã³ãã¢ãŒã
Normal Exec, Privileged Exec
ã³ãã³ã解説
çŸåšæå»ãSNTPã¯ã©ã€ã¢ã³ãã¢ãŒãæã®æå»æŽæ°ãªã¯ãšã¹ãéä¿¡ééãçŸåšã® SNTPã¢ãŒãã衚瀺ããŸãã
äŸ
Console(config)#sntp poll 60Console#
Console#show sntpCurrent time: Dec 23 05:13:28 2002Poll interval: 16Current mode: unicastSNTP status:EnabledSNTP server:137.92.140.80.0.0.0.0.0.0.0.0Current server:137.92.140.80Console#
250FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
clock timezone
æ¬æ©å éšæå»ã®ã¿ã€ã ãŸãŒã³ã®èšå®ãè¡ãªããŸãã
ææ³
clock timezone name hour hours minute minutes {before-utc | after-utc}
⢠name â ã¿ã€ã ãŸãŒã³åïŒç¯å²ïŒ1-29æåïŒ
⢠hours â UTCãšã®æéå·®ïŒæéïŒïŒç¯å²ïŒ1-12æéïŒ
⢠minutes â UTCãšã®æéå·®ïŒåïŒïŒç¯å²ïŒ0-59åïŒ
⢠before-utc â UTCããã®ã¿ã€ã ãŸãŒã³ã®æå·®ããã€ãã¹ã®ïŒUTCããæ©ãïŒå Žå
⢠after-utc â UTCããã®ã¿ã€ã ãŸãŒã³ã®æå·®ããã©ã¹ã®ïŒUTCããé ãïŒå Žå
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
SNTPã§ã¯ UTC(Coordinated Universal Time:åå®äžçæéãå¥åïŒGMT/Greenwich Mean Time)ã䜿çšããŸãã
æ¬æ©ãèšçœ®ããŠããçŸå°æéã«å¯Ÿå¿ãããŠè¡šç€ºããããã« UTCããã®æå·®ïŒã¿ã€ã ãŸãŒã³ïŒã®èšå®ãè¡ãå¿ èŠããããŸãã
äŸ
é¢é£ããã³ãã³ã
show sntp (P250)
Console(config)#clock timezone Japan hours 8 minute 0 after-UTCConsole(config)#
251 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
calendar set
ã·ã¹ãã æå»ã®èšå®ãè¡ãªããŸãã
ææ³
calendar set hour min sec {day month year | month day year}
⢠hour â æéïŒç¯å²ïŒ0 - 23ïŒ
⢠min â åïŒç¯å² 0 - 59ïŒ
⢠sec â ç§ïŒç¯å² 0 - 59ïŒ
⢠day â æ¥ä»ïŒç¯å²ïŒ1-31ïŒ
⢠month â æïŒjanuary | february | march | april | may | june | july | august | september | october | november | december
⢠year â 幎ïŒè¥¿æŠ 4æ¡ãèšå®ç¯å²ïŒ2001-2100ïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
æ¬äŸã§ã¯ã·ã¹ãã æå»ã 15:12:34, February 1st, 2002ã«èšå®ããŠããŸãã
show calendar
ã·ã¹ãã æå»ã衚瀺ããŸãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Normal Exec, Privileged Exec
äŸ
Console#calendar set 15:12:34 1 February 2002Console#
Console#show calendar set15:12:34 February 1 2002Console#
252FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
3.6.10 ã·ã¹ãã æ å ±ã®è¡šç€º
show startup-config
ã·ã¹ãã èµ·åçšã«ä¿åãããŠããèšå®ãã¡ã€ã«ã衚瀺ããããã®ã³ãã³ãã§ãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
⢠å®è¡äžã®èšå®ãã¡ã€ã«ãšãèµ·åçšãã¡ã€ã«ã®å 容ãæ¯èŒããå Žåã«ã¯ "show running-config"ã³ãã³ããäžç·ã«äœ¿çšããŠäžããã
⢠ããŒã³ãã³ãã¢ãŒãã®èšå®ã衚瀺ãããŸããåã¢ãŒãã®ã°ã«ãŒã㯠"!"ã«ãã£ãŠåããã㊠configurationã¢ãŒããšå¯Ÿå¿ããã¢ãŒãã衚瀺ãããŸãããã®ã³ãã³ãã§ã¯ä»¥äžã®æ å ±ã衚瀺ãããŸãïŒ
ïŒ SNMPã³ãã¥ããã£å
ïŒãŠãŒã¶ïŒãŠãŒã¶ååã³ã¢ã¯ã»ã¹ã¬ãã«ïŒ
ïŒ VLANããŒã¿ããŒã¹ïŒVLAN ID, VLANååã³ç¶æ ïŒ
ïŒåã€ã³ã¿ãã§ãŒã¹ã® VLANèšå®ç¶æ
ïŒ VLANã® IPã¢ãã¬ã¹èšå®
ïŒã¹ããã³ã°ããªãŒèšå®
ïŒã³ã³ãœãŒã«åã³ Telnetã«é¢ããèšå®
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
showstartup-config
ãã©ãã·ã¥ã¡ã¢ãªå ã®ã¹ã¿ãŒãã¢ããèšå®ãã¡ã€ã«ã®å 容ã®è¡šç€º
PE P253
showrunning-config
å®è¡äžã®èšå®ãã¡ã€ã«ã®è¡šç€º PE P255
show system ã·ã¹ãã æ å ±ã®è¡šç€º NE,PE P257
show users çŸåšã³ã³ãœãŒã«åã³ Telnetã§æ¥ç¶ãããŠãããŠãŒã¶ã®ãŠãŒã¶åãæ¥ç¶æéãåã³ Telnetã¯ã©ã€ã¢ã³ãã® IPã¢ãã¬ã¹ã®è¡šç€º
NE,PE P258
show version ã·ã¹ãã ããŒãžã§ã³æ å ±ã®è¡šç€º NE,PE P259
253 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
äŸ
é¢é£ããã³ãã³ã
show running-config (P255)
Console#show startup-configbuilding startup-config, please wait.....!!username admin access-level 15username admin password 7 21232f297a57a5a743894a0e4a801fc3!username guest access-level 0username guest password 7 084e0343a0486ff05530df6c705c8bb4!enable password level 15 7 1b3231655cebb7a1f783eddf27d254ca!snmp-server community public rosnmp-server community private rw!vlan database vlan 1 name DefaultVlan media ethernet state active!interface vlan 1 ip address dhcp!line console!line vty!!end
Console#
254FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
show running-config
çŸåšå®è¡äžã®èšå®ãã¡ã€ã«ã衚瀺ããããã®ã³ãã³ãã§ãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
⢠起åçšãã¡ã€ã«ãšãå®è¡äžã®èšå®ãã¡ã€ã«ã®å 容ãæ¯èŒããå Žåã«ã¯ "show startup-config"ã³ãã³ããäžç·ã«äœ¿çšããŠäžããã
⢠ããŒã³ãã³ãã¢ãŒãã®èšå®ã衚瀺ãããŸããåã¢ãŒãã®ã°ã«ãŒã㯠"!"ã«ãã£ãŠåããã㊠configurationã¢ãŒããšå¯Ÿå¿ããã¢ãŒãã衚瀺ãããŸãããã®ã³ãã³ãã§ã¯ä»¥äžã®æ å ±ã衚瀺ãããŸãã
ïŒæ¬æ©ã® MACã¢ãã¬ã¹
ïŒ SNTPãµãŒãã®èšå®
ïŒã¿ã€ã ãŸãŒã³ã®èšå®
ïŒ SNMPã³ãã¥ããã£å
ïŒãŠãŒã¶ïŒãŠãŒã¶ååã³ã¢ã¯ã»ã¹ã¬ãã«ïŒ
ïŒã€ãã³ããã°ã®èšå®
ïŒ VLANããŒã¿ããŒã¹ïŒVLAN ID, VLANååã³ç¶æ ïŒ
ïŒåã€ã³ã¿ãã§ãŒã¹ã® VLANèšå®ç¶æ
ïŒæ¬æ©ã® IPã¢ãã¬ã¹èšå®
ïŒ IP DSCPã®èšå®
ïŒã³ã³ãœãŒã«åã³ Telnetã«é¢ããèšå®
255 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
äŸ
é¢é£ããã³ãã³ã
show startup-config (P253)
Console#show running-configbuilding running-config, please wait.....!SNTP server 0.0.0.0 0.0.0.0 0.0.0.0!!snmp-server community public rosnmp-server community private rw!!username "admin" access-level 15username "admin" password 7 "21232f297a57a5a743894a0e4a801fc3"username "guest" access-level 0username "guest" password 7 "084e0343a0486ff05530df6c705c8bb4"enable password level 15 7 "1b3231655cebb7a1f783eddf27d254ca"!!!!!!!VLAN database VLAN 1 name "DefaultVlan" media ethernet state active!!!!!!spanning-tree MST-configuration!!!!!!!interface ethernet 1/1 switchport allowed VLAN add 1 untagged switchport native VLAN 1!!!!!interface VLAN 1 IP address DHCP
256FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
show system
ã·ã¹ãã æ å ±ã衚瀺ããããã®ã³ãã³ãã§ãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Normal Exec, Privileged Exec
ã³ãã³ã解説
⢠ã³ãã³ãã䜿çšããŠè¡šç€ºãããå 容ã«é¢ããŠã®è©³çŽ°ã¯ P13 ãã·ã¹ãã æ å ±ã®è¡šç€ºããåç §ããŠäžããã
⢠"POST result"ã¯æ£åžžæã«ã¯ãã¹ãŠ "PASS"ãšè¡šç€ºãããŸãã"POST result"ã« "FAIL"ããã£ãå Žåã«ã¯è²©å£²åºãåã¯ãµããŒããŸã§é£çµ¡ããŠäžããã
äŸ
Console#show systemSystem description: 10/100/1000 L3 SwtichSystem OID string: 1.3.6.1.4.1.25574.20.80System information System Up time: 0 days, 0 hours, 17 minutes, and 46.13 seconds System Name : [NONE] System Location : [NONE] System Contact : [NONE] MAC address : 00-04-E2-E9-18-20 Web server : enable Web server port : 80 Web secure server : enable Web secure server port : 443 Telnet server : enable Telnet port : 23 Jumbo Frame : Disabled POST resultDUMMY Test 1.................PASSUART LOOP BACK Test..........PASSDRAM Test....................PASSTimer Test...................PASSPCI Device 1 Test............PASSI2C bus Initialization.......PASSRTC Initialization...........PASSSwitch Int Loopback test.....PASS
Done All Pass.Console#
257 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
show users
ã³ã³ãœãŒã«åã³ Telnetã§æ¥ç¶ãããŠãããŠãŒã¶ã®æ å ±ã衚瀺ããããã®ã³ãã³ãã§ãããŠãŒã¶åãæ¥ç¶æéåã³ Telnetæ¥ç¶æã® IPã¢ãã¬ã¹ã衚瀺ããŸãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Normal Exec, Privileged Exec
ã³ãã³ã解説
ã³ãã³ããå®è¡ãããŠãŒã¶ã¯è¡ã®å é ã« "*"ã衚瀺ãããŠããŸãã
äŸ
Console#show users
ãUsername accounts:
ãUsername Privilege Public-Key-------- --------- ----------
ããadmin ããã15 ãããNone
ããguest ããã0ããããNone
ããsteve ããã15 ãããRSA
ããOnline users:
ããLine ããUsername ãIdle time (h:m:s) ãRemote IP addr.
----------- -------- ã----------------- ã---------------
ã0 console admin ããã0:14:14
* 1 VTY 0 ãadmin ããã0:00:00 ããããããã192.168.1.19
ã2 SSH 1 ãsteve ããã0:00:06ããããããã 192.168.1.19
Web online users:
ããLine ããããRemote IP addr ãUsername ãIdle time (h:m:s).
ãã----------- --------------ã -------- ã------------------
ã1 HTTP ãããã192.168.1.19 ãããadmin ãã0:00:00
Console#
258FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
show version
ããŒããŠã§ã¢ãšãœãããŠã§ã¢ã®ããŒãžã§ã³æ å ±ã衚瀺ããããã®ã³ãã³ãã§ãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Normal Exec, Privileged Exec
ã³ãã³ã解説
衚瀺ãããæ å ±ã«é¢ãã詳现㯠P13 ãã·ã¹ãã æ å ±ã®è¡šç€ºããåç §ããŠäžããã
äŸ
onsole#show versionUnit1 Serial number : A517008154 Hardware version : R01 Number of ports :12 Main power status :up Redundant power status :not present
Agent (master) Unit ID : 1 Loader version : 2.3.0.1 Boot ROM version : 2.2.0.1 Operation code version : 1.0.2.33
Console#
259 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã·ã¹ãã 管ç
3.6.11 ãã¬ãŒã ãµã€ãºã³ãã³ã
jumbo frame
ãžã£ã³ããã¬ãŒã ã®äœ¿çšãæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§ç¡å¹ãšãªããŸãã
ææ³
[no] jumbo frame
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠æ¬æ©ã§æ倧 9216byteãŸã§ã®ãžã£ã³ããã¬ãŒã ã«å¯Ÿå¿ããããšã§å¹ççãªããŒã¿è»¢éãå®çŸããŸããéåžž 1500byteãŸã§ã®ã€ãŒãµããããã¬ãŒã ã«æ¯ã¹ãžã£ã³ããã¬ãŒã ã䜿çšããããšã§åãã±ããã®ãªãŒãããããçž®å°ãããŸãã
⢠ãžã£ã³ããã¬ãŒã ã䜿çšããå Žåã¯ãéä¿¡åŽåã³åä¿¡åŽïŒãµãŒãã PCçïŒãã©ã¡ããæ¬æ©èœããµããŒãããŠããå¿ èŠããããŸãããŸã Full-Duplexæã«ã¯ 2ã€ã®ãšã³ãããŒãéã®ã¹ã€ããã®ãã¹ãŠãæ¬æ©èœã«å¯Ÿå¿ããŠããå¿ èŠããããŸããHalf-Duplexæã«ã¯ã³ãªãžã§ã³ãã¡ã€ã³å ã®å šãŠã®ããã€ã¹ãæ¬æ©èœã«å¯Ÿå¿ããŠããå¿ èŠããããŸãã
⢠ãžã£ã³ããã¬ãŒã ã䜿çšãããšããããŒããã£ã¹ãå¶åŸ¡ã®æ倧ãããå€ãæ¯ç§ 64ãã±ããã«å¶éãããŸããïŒè©³çŽ°ã¯ãP364 ãswitchport broadcast packet-rateãã³ãã³ããåç §ããŠäžããïŒ
⢠ãžã£ã³ããã¬ãŒã ã®çŸåšã®èšå®å 容㯠âshow systemâã³ãã³ãã§ç¢ºèªãã§ããŸãã
äŸ
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãžjumbo frame ãžã£ã³ããã¬ãŒã ã®å©çš GC P260
Console(config)#jumbo frameConsole(config)#
260FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã¡ã€ã«ç®¡çïŒ Flash/File ïŒ
3.7 ãã¡ã€ã«ç®¡çïŒ Flash/File ïŒ
ããã§è§£èª¬ããã³ãã³ãã¯ã·ã¹ãã ã³ãŒããèšå®ãã¡ã€ã«ã®ç®¡çãè¡ãããã®ã³ãã³ãã§ãã
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãžcopy ã³ãŒãã€ã¡ãŒãžãèšå®ãã¡ã€ã«ã®ãã©ãã·ã¥ã¡
ã¢ãªãžã®ã³ããŒã TFTPãµãŒãéã®ã³ããŒPE P261
delete ãã¡ã€ã«ãã³ãŒãã€ã¡ãŒãžã®åé€ PE P265
dir ãã©ãã·ã¥ã¡ã¢ãªå ã®ãã¡ã€ã«ã®äžèŠ§ã®è¡šç€º PE P266
whichboot ããŒããã¡ã€ã«ã®è¡šç€º PE P267
bootsystem
ã·ã¹ãã èµ·åãã¡ã€ã«ãã€ã¡ãŒãžã®èšå® GC P268
261 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã¡ã€ã«ç®¡çïŒ Flash/File ïŒ
copy
ã³ãŒãã€ã¡ãŒãžã®ã¢ããããŒããããŠã³ããŒããèšå®ãã¡ã€ã«ã®æ¬æ©ãTFTPãµãŒãéã®ã¢ããããŒããããŠã³ããŒããè¡ããŸãã
ã³ãŒãã€ã¡ãŒãžãèšå®ãã¡ã€ã«ã TFTPãµãŒãã«çœ®ããŠããå Žåã«ã¯ããããã®ãã¡ã€ã«ãæ¬æ©ã«ããŠã³ããŒããã·ã¹ãã èšå®çã眮ãæããããšãã§ããŸãããã¡ã€ã«è»¢é㯠TFTPãµãŒãã®èšå®ããããã¯ãŒã¯ç°å¢ã«ãã£ãŠã¯å€±æããå ŽåããããŸãã
ææ³
copy file {file | running-config | startup-config | tftp | unit}
copy running-config {file | startup-config | tftp}
copy startup-config {file | running-config | tftp}
copy tftp {file | running-config | startup-config |https-certificate | public-key}
⢠file â ãã¡ã€ã«ã®ã³ããŒãå¯èœã«ããããŒã¯ãŒã
⢠running-config â å®è¡äžã®èšå®ãã³ããŒããããŒã¯ãŒã
⢠startup-config â ã·ã¹ãã ã®åæåã«äœ¿çšããèšå®
⢠tftp â TFTPãµãŒãããã®ã³ããŒãè¡ãããŒã¯ãŒã
⢠https-certificate â TFTPãµãŒãéã® HTTPSèªèšŒãã³ããŒ
⢠public-key â TFTPãµãŒããã SSHããŒãã³ããŒïŒè©³çŽ°ã¯ãP4-38ã® "Secure Shell"ã³ãã³ããåç §ïŒ
⢠unit âãŠãããã®æå®ãâ1â
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
⢠ããŒã¿ãã³ããŒããããã«å®å šãªã³ãã³ãã®å ¥åãå¿ èŠã§ãã
⢠ãã¡ã€ã«åã¯å€§æåãšå°æåãåºå¥ãããŸãããã¡ã€ã«åã«ã¯ã¹ã©ãã·ã¥åã³ããã¯ã¹ã©ãã·ã¥ã¯äœ¿çšã§ããŸããããã¡ã€ã«åã®æåã®æåã«ããªãªã (ïŒ)ã¯äœ¿çšã§ããŸããããã¡ã€ã«åã®é·ã㯠TFTPãµãŒãäžã§ã¯ 137æå以äžãæ¬æ©äžã¯ 31æå以äžãšãªããŸãïŒãã¡ã€ã«åã«äœ¿çšã§ããæå㯠A-Z, a-z, 0-9, "." , "-", "_"ã§ãïŒ
⢠ãã©ãã·ã¥ã¡ã¢ãªå®¹éã®å¶éã«ããããªãã¬ãŒã·ã§ã³ã³ãŒã㯠2ã€ã®ã¿ä¿åå¯èœã§ãã
⢠ãŠãŒã¶èšå®ãã¡ã€ã«æ°ã¯ãã©ãã·ã¥ã¡ã¢ãªã®å®¹éã«äŸåããŸãã
⢠"Factory_Default_Config.cfg"ã䜿çšããå·¥å Žåºè·æèšå®ãã³ããŒå ã«ããããšã¯ã§ããŸããã" Factory_Default_Config.cfg"ãã³ããŒå ã«æå®ããããšã¯ã§ããŸããã
⢠起åæã®èšå®ãå€æŽããããã«ã¯ "startup-config"ãã³ããŒå ã«ããå¿ èŠããããŸãã
262FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã¡ã€ã«ç®¡çïŒ Flash/File ïŒ
⢠ããŒã ROMã€ã¡ãŒãžã¯ TFTPãµãŒãããã®ã¢ããããŒãåã³ããŠã³ããŒãã¯ã§ããŸãããããŒã ROMãŸãã¯èšºæçšã€ã¡ãŒãžã®ããŠã³ããŒããè¡ãããã«ã¯æ°èŠã®ãã¡ãŒã ãŠã§ã¢ã«é¢ãããªãªãŒã¹ããŒãã®è§£èª¬ããåã¯ä»£çåºã®æ瀺ã«åŸãå¿ èŠããããŸãã
⢠"http-certificate"ã®èšå®ã«ã€ããŠã¯ãP3-37ã®ããµã€ã蚌ææžã®èšå®å€æŽããåç §ããŠäžãããHTTPsãçšããé«ã»ãã¥ãªãã£ã確ä¿ããæ¥ç¶ãè¡ãããã®æ¬æ©ã®èšå®ã«ã€ããŠã¯ãP4-35ã® "ip http secure-server"ã³ãã³ãã®è§£èª¬ãåç §ããŠäžããã
äŸ
æ¬äŸã§ã¯ãTFTPãµãŒããå©çšããèšå®ãã¡ã€ã«ã®ã¢ããããŒãã瀺ããŠããŸãã
æ¬äŸã§ã¯å®è¡ãã¡ã€ã«ã®ã¹ã¿ãŒãã¢ãããã¡ã€ã«ãžã®ã³ããŒã瀺ããŠããŸãã
æ¬äŸã§ã¯ãèšå®ãã¡ã€ã«ã®ããŠã³ããŒãæ¹æ³ã瀺ããŠããŸãã
Console#copy file tftpChoose file type:1. config: 2. opcode: <1-2>: 1Source file name: startupTFTP server ip address: 10.1.0.99Destination file name: startup.01TFTP completed.Success.
Console#
Console#copy running-config filedestination file name: startupWrite to FLASH Programming.\Write to FLASH finish.Success.
Console#
Console#copy tftp startup-configTFTP server ip address: 10.1.0.99Source configuration file name: startup.01Startup configuration file name [startup]:Write to FLASH Programming.
\Write to FLASH finish.Success.
Console#
263 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã¡ã€ã«ç®¡çïŒ Flash/File ïŒ
æ¬äŸã§ã¯ãTFTPãµãŒãã®ã»ãã¥ã¢ãµã€ãæ¿èªã瀺ããŠããŸããæ¿èªãå®äºãããããåèµ·åãè¡ã£ãŠããŸãã
æ¬äŸã§ã¯ãTFTPãµãŒããã SSHã§äœ¿çšããããã®å ¬éããŒãã³ããŒããŠããŸããSSHã«ããå ¬éããŒèªèšŒã¯ãæ¬æ©ã«å¯ŸããŠèšå®æžã¿ã®ãŠãŒã¶ã«å¯ŸããŠã®ã¿å¯èœã§ããããšã«æ³šæããŠäžããã
Console#copy tftp https-certificateTFTP server ip address: 10.1.0.19Source certificate file name: SS-certificateSource private file name: SS-privatePrivate password: ********
Success.Console#reloadSystem will be restarted, continue <y/n>? y
Console#copy tftp public-keyTFTP server IP address: 192.168.1.19Choose public key type: 1. RSA: 2. DSA: <1-2>: 1Source file name: steve.pubUsername: steveTFTP DownloadSuccess.Write to FLASH Programming.Success.Console#
264FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã¡ã€ã«ç®¡çïŒ Flash/File ïŒ
delete
ãã¡ã€ã«ãã€ã¡ãŒãžãåé€ããéã«å©çšããŸãã
ææ³
delete [unit:]filename
⢠filename â èšå®ãã¡ã€ã«åã¯ã€ã¡ãŒãžãã¡ã€ã«å
⢠unitâ ãŠãããã®æå®ãâ1â
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
⢠ã¹ã¿ãŒãã¢ãããã¡ã€ã«ã¯åé€ããããšãã§ããŸããã
⢠"Factory_Default_Config.cfg"ã¯åé€ããããšãã§ããŸããã
⢠ãŠãããã®æå®ã®åŸã«ã¯ã³ãã³ïŒ:ïŒãå¿ èŠã§ãã
äŸ
æ¬äŸã§ã¯ãã©ãã·ã¥ã¡ã¢ãªããã®èšå®ãã¡ã€ã« "test2.cfg"ã®åé€ã瀺ããŠããŸãã
é¢é£ããã³ãã³ã
dir (P266)
delete public-key (P231)
Console#delete test2.cfgConsole#
265 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã¡ã€ã«ç®¡çïŒ Flash/File ïŒ
dir
ãã©ãã·ã¥ã¡ã¢ãªå ã®ãã¡ã€ã«ã®äžèŠ§ã衚瀺ãããéã«å©çšããŸãã
ææ³
dir [boot-rom | config | opcode [:filename]]
衚瀺ãããã¡ã€ã«ãã€ã¡ãŒãžã¿ã€ãã¯ä»¥äžã®ãšããã§ã :
⢠boot-rom â ããŒã ROMåã¯ã蚺æã€ã¡ãŒãžãã¡ã€ã«
⢠config â èšå®ãã¡ã€ã«
⢠opcode â Run-time operation codeã€ã¡ãŒãžãã¡ã€ã«
⢠filename â ãã¡ã€ã«åã¯ã€ã¡ãŒãžåããã¡ã€ã«ãååšããŠããã¡ã€ã«å ã«ãšã©ãŒãããå Žåã«ã¯è¡šç€ºã§ããŸããã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
⢠ãã©ã¡ãŒã¿ãå ¥åããã« "dir"ã³ãã³ãã®ã¿ãå ¥åããå Žåã«ã¯ãã¹ãŠã®ãã¡ã€ã«ã衚瀺ãããŸãã
⢠衚瀺ããããã¡ã€ã«ã®æ å ±ã¯ä»¥äžã®è¡šã®éãã§ã
äŸ
æ¬äŸã¯ããã¹ãŠã®ãã¡ã€ã«æ å ±ã®è¡šç€ºã瀺ããŠããŸãã
é ç® å 容
file name ãã¡ã€ã«å
file type ãã¡ã€ã«ã¿ã€ãïŒBoot-RomãOperation CodeãConfig file
startup èµ·åæã«äœ¿çšãããŠãããã©ãã
size ãã¡ã€ã«ãµã€ãº (byte)
Console#dir file name file type startup size (byte) -------------------------------- -------------- ------- ----------- FXC9012F_Diag_V2.2.0.1.bix Boot-Rom image Y 812444 FXC9012F_V1.0.2.33.bix Operation Code Y 2893392 Factory_Default_Config.cfg Config File Y 455 ------------------------------------------------------------------- Total free space: 7864320Console#
266FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã¡ã€ã«ç®¡çïŒ Flash/File ïŒ
whichboot
çŸåšãæ¬æ©ãã©ã®ãã¡ã€ã«ããèµ·åãããŠãããã衚瀺ããŸãã
ææ³
whichboot
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#whichboot file name file type startup size (byte) -------------------------------- -------------- ------- ----------- FXC9012F_Diag_V2.2.0.1.bix Boot-Rom image Y 812444 FXC9012F_V1.0.2.33.bix Operation Code Y 2893392 Factory_Default_Config.cfg Config File Y 455Console##
267 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã¡ã€ã«ç®¡çïŒ Flash/File ïŒ
boot system
ã·ã¹ãã èµ·åã«äœ¿çšãããã¡ã€ã«åã¯ã€ã¡ãŒãžãæå®ããéã«å©çšããŸãã
ææ³
boot system [unit:]{boot-rom| config | opcode}: filename
èšå®ãããã¡ã€ã«ã¿ã€ãã¯ä»¥äžã®éãã§ãã
⢠boot-rom â ããŒã ROM
⢠config â èšå®ãã¡ã€ã«
⢠opcode â Run-time operation code
⢠filename â ãã¡ã€ã«åã¯ã€ã¡ãŒãžå
⢠unitâ ãŠãããã®æå®ãâ1â
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠ãã¡ã€ã«ã¿ã€ãã®åŸã«ã¯ã³ãã³ (:)ãå¿ ãå¿ èŠã§ãã
⢠ãã¡ã€ã«ã«ãšã©ãŒãããå Žåã«ã¯ãèµ·åãã¡ã€ã«ã«èšå®ã§ããŸããã
äŸ
é¢é£ããã³ãã³ã
dir (P266)
Console(config)#boot system config: startupConsole(config)#
268FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãŠãŒã¶èªèšŒ
3.8 ãŠãŒã¶èªèšŒ
ã·ã¹ãã 管çã®ããã®ãŠãŒã¶ãã°ã€ã³ã¯ããŒã«ã«åã³èªèšŒãµãŒããçšãããŠãŒã¶èªèšŒãå©çšå¯èœã§ãã
ãŸããIEEE802.1Xãå©çšããããŒãããŒã¹èªèšŒã«ãããŠãŒã¶ã®ãããã¯ãŒã¯ãžã®ã¢ã¯ã»ã¹ç®¡çãå¯èœã§ãã
ã³ãã³ãã°ã«ãŒã
æ©èœ ããŒãž
AuthenticationSequence ãã°ã€ã³èªèšŒæ¹åŒãšåªå é äœã®èšå® P270
RADIUS Client RADIUSãµãŒãèªèšŒã®èšå® P272
TACACS+Client TACACS+ãµãŒãèªèšŒã®èšå® P277
Port Security ããŒããžã®ã»ãã¥ã¢ã¢ãã¬ã¹ã®èšå® P280
PortAuthentication EEE802.1Xã«ããããŒãèªèšŒã®èšå® P282
269 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãŠãŒã¶èªèšŒ
3.8.1 èªèšŒã³ãã³ã
Authentication login
ãã°ã€ã³èªèšŒæ¹æ³åã³åªå é äœãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
authentication login {[local] [radius] [tacacs]}
no authentication login
⢠local â ããŒã«ã«èªèšŒã䜿çšããŸã
⢠radius â RADIUSãµãŒãèªèšŒã䜿çšããŸã
⢠tacacs â TACACS+ãµãŒãèªèšŒã䜿çšããŸã
åæèšå®
Localã®ã¿
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠RADIUSã§ã¯ UDPãTACACS+ã§ã¯ TCPã䜿çšããŸããUDPã¯ãã¹ããšãã©ãŒãåã®æ¥ç¶ã§ãããTCPã¯æ¥ç¶ç¢ºç«åã®æ¥ç¶ãšãªããŸãããŸããRADIUSæå·åã¯ã¯ã©ã€ã¢ã³ããããµãŒããžã®ã¢ã¯ã»ã¹èŠæ±ãã±ããã®ãã¹ã¯ãŒãã®ã¿ãæå·åãããŸãã
⢠RADIUSåã³ TACACS+ãã°ã€ã³èªèšŒã¯åãŠãŒã¶åãšãã¹ã¯ãŒãã«å¯Ÿãã¢ã¯ã»ã¹ã¬ãã«ãèšå®ããããšãã§ããŸãããŠãŒã¶åãšãã¹ã¯ãŒããã¢ã¯ã»ã¹ã¬ãã«ã¯èªèšŒãµãŒãåŽã§èšå®ããããšãã§ããŸãã
⢠3ã€ã®èªèšŒæ¹åŒã 1ã€ã®ã³ãã³ãã§èšå®ããããšãã§ããŸããäŸãã°ã"authentication login radius tacacs local"ãšããå ŽåããŠãŒã¶åãšãã¹ã¯ãŒãã RADIUSãµãŒãã«å¯Ÿãæåã«ç¢ºèªããŸããRADIUSãµãŒããå©çšã§ããªãå ŽåãTACACS+ãµãŒãã«ã¢ã¯ã»ã¹ããŸããTACACS+ãµãŒããå©çšã§ããªãå Žåã¯ããŒã«ã«ã®ãŠãŒã¶åãšãã¹ã¯ãŒããå©çšããŸãã
äŸ
é¢é£ããã³ãã³ã
username (P215)
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãžAuthenticationlogin
èªèšŒæ¹æ³ãšåªå é äœã®èšå® GC P270
authenticationenable
ã³ãã³ãã¢ãŒãå€æŽæã®èªèšŒæ¹åŒãšåªå é äœã®èšå®
GC P270
Console(config)#authentication login radiusConsole(config)#
270FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãŠãŒã¶èªèšŒ
3.8.2 authentication enableã³ãã³ã
"enable"ã³ãã³ãïŒP208ïŒã§ Execã¢ãŒããã Privileged Execã¢ãŒããžå€æŽããå Žåã®ããã°ã€ã³èªèšŒæ¹æ³åã³åªå é äœãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
authentication enable {[local] [radius] [tacacs]}
no authentication enable
⢠local â ããŒã«ã«èªèšŒã䜿çšããŸã
⢠radius â RADIUSãµãŒãèªèšŒã䜿çšããŸã
⢠tacacs â TACACS+ãµãŒãèªèšŒã䜿çšããŸã
åæèšå®
Localã®ã¿
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠RADIUSã§ã¯ UDPãTACACS+ã§ã¯ TCPã䜿çšããŸããUDPã¯ãã¹ããšãã©ãŒãåã®æ¥ç¶ã§ãããTCPã¯æ¥ç¶ç¢ºç«åã®æ¥ç¶ãšãªããŸãããŸããRADIUSæå·åã¯ã¯ã©ã€ã¢ã³ããããµãŒããžã®ã¢ã¯ã»ã¹èŠæ±ãã±ããã®ãã¹ã¯ãŒãã®ã¿ãæå·åãããŸãã
⢠RADIUSåã³ TACACS+ãã°ã€ã³èªèšŒã¯åãŠãŒã¶åãšãã¹ã¯ãŒãã«å¯Ÿãã¢ã¯ã»ã¹ã¬ãã«ãèšå®ããããšãã§ããŸãããŠãŒã¶åãšãã¹ã¯ãŒããã¢ã¯ã»ã¹ã¬ãã«ã¯èªèšŒãµãŒãåŽã§èšå®ããããšãã§ããŸãã
⢠3ã€ã®èªèšŒæ¹åŒã 1ã€ã®ã³ãã³ãã§èšå®ããããšãã§ããŸããäŸãã°ã"authentication enable radius tacacs local"ãšããå ŽåããŠãŒã¶åãšãã¹ã¯ãŒãã RADIUSãµãŒãã«å¯Ÿãæåã«ç¢ºèªããŸããRADIUSãµãŒããå©çšã§ããªãå ŽåãTACACS+ãµãŒãã«ã¢ã¯ã»ã¹ããŸããTACACS+ãµãŒããå©çšã§ããªãå Žåã¯ããŒã«ã«ã®ãŠãŒã¶åãšãã¹ã¯ãŒããå©çšããŸãã
äŸ
é¢é£ããã³ãã³ã
enable password (P208) â ã³ãã³ãã¢ãŒãå€æŽã®ããã®ãã¹ã¯ãŒãã®èšå®
Console(config)#authentication enable radiusConsole(config)#
271 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãŠãŒã¶èªèšŒ
3.8.3 Radiusã¯ã©ã€ã¢ã³ãã³ãã³ã
RADIUS(Remote Authentication Dial-in User Service)ã¯ããããã¯ãŒã¯äžã® RADIUS察å¿ããã€ã¹ã®ã¢ã¯ã»ã¹ã³ã³ãããŒã«ãèªèšŒãµãŒãã«ããéäžçã«ç®¡çããããšãã§ããŸããèªèšŒãµãŒãã¯è€æ°ã®ãŠãŒã¶å /ãã¹ã¯ãŒããšåãŠãŒã¶ã®æ¬æ©ãžã®ã¢ã¯ã»ã¹ã¬ãã«ã管çããããŒã¿ããŒã¹ãä¿æããŠããŸãã
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
radius-serverhost
RADIUSãµãŒãã®èšå® GC P273
radius-serverport
RADIUSãµãŒãã®ããŒãã®èšå® GC P274
radius-serverkey
RADIUSæå·ããŒã®èšå® GC P274
radius-serverretransmit
ãªãã©ã€åæ°ã®èšå® GC P275
radius-servertimeout
èªèšŒãªã¯ãšã¹ãã®ééã®èšå® GC P275
showradius-server
RADIUSé¢é£èšå®æ å ±ã®è¡šç€º PE P276
272FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãŠãŒã¶èªèšŒ
radius-server host
ãã©ã€ã㪠/ããã¯ã¢ãã RADIUSãµãŒããåã³åãµãŒãã®èªèšŒãã©ã¡ãŒã¿ã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
[no] radius-server index host {host_ip_address | host_alias}
[auth-port auth_port] [timeout timeout] [retransmit retransmit][key key]
⢠index â ãµãŒãã 5ã€ãŸã§èšå®ã§ããŸããæå®ãããµãŒãã®é ã«ããµãŒããå¿çãããã¿ã€ã ã¢ãŠãããããŸã§ãªã¯ãšã¹ããéä¿¡ããŸãã
⢠host_ip_address â RADIUSãµãŒãã® IPã¢ãã¬ã¹
⢠host_alias â RADIUSãµãŒãã®ååïŒæ倧 20æåïŒ
⢠port_number â RADIUSãµãŒãã®èªèšŒçš UDPããŒãçªå·ïŒç¯å²ïŒ1-65535ïŒ
⢠timeout â ãµãŒãããã®å¿çãåŸ ã¡ãåéä¿¡ãè¡ããŸã§ã®æéïŒç§ïŒïŒç¯å²ïŒ1-65535ç§ïŒ
⢠retransmit â RADIUSãµãŒãã«å¯Ÿãããã°ã€ã³ã¢ã¯ã»ã¹ããªãã©ã€ã§ããåæ°ïŒç¯å²ïŒ1-30ïŒ
⢠key â ã¯ã©ã€ã¢ã³ããžã®èªèšŒãã°ã€ã³ã¢ã¯ã»ã¹ã®ããã®æå·ããŒãéã«ã¹ããŒã¹ã¯å ¥ããããŸããïŒæ倧 20æåïŒ
åæèšå®
⢠auth-portïŒ1812
⢠timeoutïŒ5ç§
⢠retransmitïŒ2
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
Console(config)#radius-server 1 host 192.168.1.20 auth-port 181 timeout 10 retransmit 5 key greenConsole(config)#
273 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãŠãŒã¶èªèšŒ
radius-server port
RADIUSãµãŒãã®ããŒãã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
radius-server port port_number
no radius-server port
⢠port_number â RADIUSãµãŒãã®èªèšŒçš UDPããŒãçªå· (ç¯å²ïŒ1-65535)
åæèšå®
1812
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
radius-server key
RADIUSæå·ããŒãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
radius-server key key_string
no radius-server key
ã»key_string â ã¯ã©ã€ã¢ã³ããžã®èªèšŒãã°ã€ã³ã¢ã¯ã»ã¹ã®ããã®æå·ããŒãéã«ã¹ããŒã¹ã¯å ¥ããããŸããïŒæ倧 20æåïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
Console(config)#radius-server port 181Console(config)#
Console(config)#radius-server key greenConsole(config)#
274FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãŠãŒã¶èªèšŒ
radius-server retransmit
ãªãã©ã€æ°ãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
radius-server retransmit number_of_retries
no radius-server retransmit
⢠number_of_retries â RADIUSãµãŒãã«å¯Ÿãããã°ã€ã³ã¢ã¯ã»ã¹ããªãã©ã€ã§ããåæ°ïŒç¯å²ïŒ1-30ïŒ
åæèšå®
2
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
radius-server timeout
RADIUSãµãŒããžã®èªèšŒèŠæ±ãéä¿¡ããééãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
radius-server timeout number_of_seconds
no radius-server timeout
⢠number_of_seconds â ãµãŒãããã®å¿çãåŸ ã¡ãåéä¿¡ãè¡ããŸã§ã®æéïŒç§ïŒ(ç¯å²ïŒ1-65535)
åæèšå®
5
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
Console(config)#radius-server retransmit 5Console(config)#
Console(config)#radius-server timeout 10Console(config)#
275 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãŠãŒã¶èªèšŒ
show radius-server
çŸåšã® RADIUSãµãŒãé¢é£ã®èšå®ã衚瀺ããŸãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show radius-serverServer IP address: 10.1.0.1Communication key with radius server:Server port number: 1812Retransmit times: 2Request timeout: 5Console#
276FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãŠãŒã¶èªèšŒ
3.8.4 TACACS+ã¯ã©ã€ã¢ã³ãã³ãã³ã
TACACS+(Terminal Access Controller Access Control System)ã¯ããããã¯ãŒã¯äžã®TACACS+察å¿ã®ããã€ã¹ã®ã¢ã¯ã»ã¹ã³ã³ãããŒã«ãèªèšŒãµãŒãã«ããéäžçã«è¡ãããšãã§ããŸããèªèšŒãµãŒãã¯è€æ°ã®ãŠãŒã¶å /ãã¹ã¯ãŒããšåãŠãŒã¶ã®æ¬æ©ãžã®ã¢ã¯ã»ã¹ã¬ãã«ã管çããããŒã¿ããŒã¹ãä¿æããŠããŸãã
tacacs-server host
TACACS+ãµãŒãã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
tacacs-server host host_ip_address
no tacacs-server host
⢠host_ip_address â TACACS+ãµãŒãã® IPã¢ãã¬ã¹
åæèšå®
10.11.12.13
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãžtacacs-server host TACACS+ãµãŒãã®èšå® GC P277
tacacs-server port TACACS+ãµãŒãã®ããŒãã®èšå® GC P278
tacacs-server key TACACS+æå·ããŒã®èšå® GC P278
show tacacs-server TACACS+é¢é£èšå®æ å ±ã®è¡šç€º GC P279
Console(config)#tacacs-server host 192.168.1.25Console(config)#
277 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãŠãŒã¶èªèšŒ
tacacs-server port
TACACS+ãµãŒãã®ããŒãã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
tacacs-server port port_number
no tacacs-server port
⢠port_number â TACACS+ãµãŒãã®èªèšŒçš TCPããŒãçªå· (ç¯å²ïŒ1-65535)
åæèšå®
49
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
tacacs-server key
TACACS+æå·ããŒãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
tacacs-server key key_string
no tacacs-server key
⢠key_string â ã¯ã©ã€ã¢ã³ããžã®èªèšŒãã°ã€ã³ã¢ã¯ã»ã¹ã®ããã®æå·ããŒãéã«ã¹ããŒã¹ã¯å ¥ããããŸããïŒæ倧 20æåïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
Console(config)#tacacs-server port 181Console(config)#
Console(config)#tacacs-server key greenConsole(config)#
278FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãŠãŒã¶èªèšŒ
show tacacs-server
çŸåšã® TACACS+ãµãŒãé¢é£ã®èšå®ã衚瀺ããŸãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show tacacs-serverRemote TACACS server configuration: Server IP address: 10.11.12.13 Communication key with TACACS server: ***** Server port number: 49Console#
279 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãŠãŒã¶èªèšŒ
3.8.5 ããŒãã»ãã¥ãªãã£ã³ãã³ã
ããŒããžã®ããŒãã»ãã¥ãªãã£æ©èœã䜿çšã§ããããã«ããŸããããŒãã»ãã¥ãªãã£æ©èœã䜿çšãããšãããŒãã«ãããæ倧åŠç¿æ°ã«éããéã«MACã¢ãã¬ã¹ã®åŠç¿ãæ¢ããŸãããããŠããã®ããŒãã®åç /éçãªã¢ãã¬ã¹ããŒãã«ã«æ¢ã«ç»é²ãããŠãããœãŒã¹ MACã¢ãã¬ã¹ã®åä¿¡ãã¬ãŒã ã®ã¿ãããã¯ãŒã¯ãžã®ã¢ã¯ã»ã¹ãèš±å¯ããŸãããã®ããŒãã§ãä»ã®ããŒããããåŠç¿ãããŠããªãäžæãªãœãŒã¹MACã¢ãã¬ã¹ã®åä¿¡ãã¬ãŒã ã¯ç Žæ£ããŸããåŠç¿ãããŠããªãMACã¢ãã¬ã¹ãéä¿¡ããããã€ã¹ããã£ãå Žåããã®åäœã¯ã¹ã€ããã§æ€ç¥ãããèªåçã«ãã®ããŒããç¡å¹ã«ããSNMPãã©ããã¡ãã»ãŒãžãéä¿¡ããŸãã
port security
ããŒããžã®ããŒãã»ãã¥ãªãã£ãæå¹ã«èšå®ããŸããããŒã¯ãŒãã䜿çšãã "no"ãåã«çœ®ãããšã§ããŒãã»ãã¥ãªãã£ãç¡å¹ã«ããŸããããŒã¯ãŒããšå ±ã« "no"ãåã«çœ®ãããšã§äŸµå ¥åäœåã³æ倧 MACã¢ãã¬ã¹ç»é²æ°ãåæèšå®ã«æ»ããŸãã
ææ³
port security [action {shutdown | trap | trap-and-shutdown}
| max-mac-count address-count]
no port security [action | max-mac-count]
⢠action â ããŒãã»ãã¥ãªãã£ãç Žãããå Žåã®ã¢ã¯ã·ã§ã³
ïŒ shutdown â ããŒããç¡å¹
ïŒ trap â SNMPãã©ããã¡ãã»ãŒãžã®çºè¡
ïŒ trap-and-shutdown â SNMPãã©ããã¡ãã»ãŒãžãçºè¡ãããŒããç¡å¹
⢠max-mac-count
ïŒ address-count â ããŒãã«ãããŠåŠç¿ãã MACã¢ãã¬ã¹ã®æ倧å€ïŒç¯å²ïŒ0-1024ïŒ
åæèšå®
⢠StatusïŒç¡å¹ (Disabled)
⢠ActionïŒãªã
⢠Maximum AddressesïŒ0
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet)
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
port security ããŒãã»ãã¥ãªãã£ã®èšå® IC P280
mac-address-table static
VLANå ã®ããŒããžã®éçã¢ãã¬ã¹ã®ãããã³ã° GC P377
showmac-address-table
ãã©ã¯ãŒãã£ã³ã°ããŒã¿ããŒã¹ã®ãšã³ããªè¡šç€º PE P380
280FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãŠãŒã¶èªèšŒ
ã³ãã³ã解説
⢠ããŒãã»ãã¥ãªãã£ãæå¹ã«ããå Žåãæ¬æ©ã¯èšå®ããæ倧åŠç¿æ°ã«éãããšãæå¹ã«ããããŒã㧠MACã¢ãã¬ã¹ã®åŠç¿ãè¡ããªããªããŸãããã§ã«ã¢ãã¬ã¹ããŒãã«ã«ç»é²æžã¿ã® MACã¢ãã¬ã¹ã®ããŒã¿ã®ã¿ãã¢ã¯ã»ã¹ããããšãã§ããŸãã
⢠ãŸã "port security max-mac-count"ã³ãã³ãã䜿çšããŠåŠç¿ããã¢ãã¬ã¹æ°ãèšå®ãã"port security"ã³ãã³ãã§ããŒãã®ã»ãã¥ãªãã£ãæå¹ã«èšå®ããŸãã
⢠ããŒãã»ãã¥ãªãã£ãç¡å¹ã«èšå®ããæ倧ã¢ãã¬ã¹åŠç¿æ°ãåæèšå®å€ã«æ»ãã«ã¯ã"no port security max-mac-count"ã³ãã³ãã䜿çšããŸãã
⢠æ°ãã VLANã¡ã³ããŒãè¿œå ããå Žåã«ã¯ãMACã¢ãã¬ã¹ã "mac-address-table static"ã³ãã³ãã䜿çšããŸãã
⢠ã»ãã¥ã¢ããŒãã«ã¯ä»¥äžã®å¶éããããŸãïŒ
âãããŒããã©ãŒãªã³ã°ã¯äœ¿çšã§ããŸããã
âãè€æ°ã® VLANã«æå±ã§ããŸããã
âããããã¯ãŒã¯ãçžäºæ¥ç¶ããããã€ã¹ã«ã¯æ¥ç¶ã§ããŸããã
âããã©ã³ã¯ã°ã«ãŒãã«å ããããšã¯ã§ããŸããã
⢠ããŒãã»ãã¥ãªãã£ãæ©èœãããŒããç¡å¹ã«ããå Žåã"no shutdown"ã³ãã³ãã䜿çšããæåã§å床æå¹ã«ããå¿ èŠããããŸãã
äŸ
æ¬äŸã§ã¯ã5çªããŒãã«ããŒãã»ãã¥ãªãã£ãšããŒãã»ãã¥ãªãã£åäœãèšå®ããŠããŸãã
é¢é£ããã³ãã³ã
shutdown (P363)
mac-address-table static (P377)
show mac-address-table (P380)
Console(config)#interface ethernet 1/5Console(config-if)#port security action trap
281 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãŠãŒã¶èªèšŒ
3.8.6 802.1x ããŒãèªèšŒã³ãã³ã
æ¬æ©ã§ã¯ IEEE802.1X (dot1x)ã®ããŒãããŒã¹ã¢ã¯ã»ã¹ã³ã³ãããŒã«ããµããŒãããIDãšãã¹ã¯ãŒãã«ããèªèšŒã«ããèš±å¯ãããªããããã¯ãŒã¯ãžã®ã¢ã¯ã»ã¹ãé²ãããšãã§ããŸããã¯ã©ã€ã¢ã³ãã®èªèšŒã¯ RADIUSãµãŒãã«ãã EAP(Extensible Authentication Protocol)ãçšããŠè¡ãããŸãã
authentication dot1x default
ã¹ã€ãããã802.1XããŒãèªèšŒã䜿çšã§ããããèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
authentication dot1x default radius
no authentication dot1x
åæèšå®
RADIUS
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
authentication dot1xdefault
dot1xãã¹ã€ããå šäœã«æå¹ã«èšå® GC P282
dot1x default dot1xã®èšå®å€ããã¹ãŠåæèšå®ã«æ»ããŸãã GC P283
dot1x max-req èªèšŒããã»ã¹ãåãããããçŽãåã«èªèšŒããã»ã¹ãç¹°ãè¿ãæ倧åæ°
GC P283
dot1x port-control ããŒããžã® dot1xã¢ãŒãã®èšå® IC P284
dot1xoperation-mode
dot1xããŒããžã®æ¥ç¶å¯èœãã¹ãæ°ã®èšå® IC P285
dot1xre-authenticate
ç¹å®ããŒããžã®åèªèšŒã®åŒ·å¶ PE P286
dot1xre-authentication
å šããŒããžã®åèªèšŒã®åŒ·å¶ GC P286
dot1x timeoutquiet-period
max-reqãè¶ ããåŸãã¯ã©ã€ã¢ã³ãã®å¿çãåŸ ã€æé
GC P287
dot1x timeoutre-autheperiod
æ¥ç¶æžã¿ã¯ã©ã€ã¢ã³ãã®åèªèšŒééã®èšå® GC P287
dot1x timeouttx-period
èªèšŒäžã® EAPãã±ããã®åéä¿¡ééã®èšå® GC P288
show dot1x dot1xé¢é£æ å ±ã®è¡šç€º PE P289
Console(config)#authentication dot1x default radiusConsole(config)#
282FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãŠãŒã¶èªèšŒ
dot1x default
ãã¹ãŠã® dot1xã®èšå®ãåæèšå®ã«æ»ããŸãã
ææ³
dot1x default
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
dot1x max-req
ãŠãŒã¶èªèšŒã®ã¿ã€ã ã¢ãŠããŸã§ã®ã¯ã©ã€ã¢ã³ããžã® EAPãªã¯ãšã¹ããã±ããã®æ倧éä¿¡åæ°ã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
dot1x max-req count
no dot1x max-req
⢠count â æ倧éä¿¡åæ°ïŒç¯å²ïŒ1-10ïŒ
åæèšå®
2
ã³ãã³ãã¢ãŒã
Interface Configuration
äŸ
Console(config)#dot1x defaultConsole(config)#
Console(config)#interface eth 1/2Console(config-if)#dot1x max-req 2Console(config-if)#
283 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãŠãŒã¶èªèšŒ
dot1x port-control
ããŒãã«å¯Ÿã㊠dot1xã¢ãŒãã®èšå®ãè¡ããŸãã
ææ³
dot1x port-control {auto | force-authorized | force-unauthorized}
no dot1x port-control
⢠auto â dot1x察å¿ã¯ã©ã€ã¢ã³ãã«å¯Ÿã㊠RADIUSãµãŒãã«ããèªèšŒãèŠæ±ããŸããdot1xé察å¿ã¯ã©ã€ã¢ã³ãããã®ã¢ã¯ã»ã¹ã¯èš±å¯ããŸããã
⢠force-authorized â dot1x察å¿ã¯ã©ã€ã¢ã³ããå«ãããã¹ãŠã®ã¯ã©ã€ã¢ã³ãã®ã¢ã¯ã»ã¹ãèš±å¯ããŸãã
⢠force-unauthorized â dot1x察å¿ã¯ã©ã€ã¢ã³ããå«ãããã¹ãŠã®ã¯ã©ã€ã¢ã³ãã®ã¢ã¯ã»ã¹ãçŠæ¢ããŸãã
åæèšå®
force-authorized
ã³ãã³ãã¢ãŒã
Interface Configuration
äŸ
Console(config)#interface eth 1/2Console(config-if)#dot1x port-control autoConsole(config-if)#
284FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãŠãŒã¶èªèšŒ
dot1x operation-mode
IEEE802.1xèªèšŒããŒãã«å¯Ÿã㊠1å°ãããã¯è€æ°ã®ãã¹ãïŒã¯ã©ã€ã¢ã³ãïŒã®æ¥ç¶ãèš±å¯ããèšå®ãè¡ããŸããããŒã¯ãŒããªã㧠"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã" multi-host max-count"ããŒã¯ãŒããšå ±ã« "no"ãåã«çœ®ãããšã§è€æ°ãã¹ãæã®åæå€ 5ãšãªããŸãã
ææ³
dot1x operation-mode {single-host | multi-host [max-count count]}
no dot1x operation-mode [multi-host max-count]
⢠single-host â ããŒããžã® 1å°ã®ãã¹ãã®æ¥ç¶ã®ã¿ãèš±å¯
⢠multi-host â ããŒããžã®è€æ°ã®ãã¹ãã®æ¥ç¶ãèš±å¯
⢠max-count â æ倧ãã¹ãæ°
ïŒ count â ããŒãã«æ¥ç¶å¯èœãªæ倧ãã¹ãæ°ïŒèšå®ç¯å²ïŒ1-1024ãåæèšå®ïŒ5ïŒ
åæèšå®
Single-host
ã³ãã³ãã¢ãŒã
Interface Configuration
ã³ãã³ã解説
⢠"max-count"ãã©ã¡ãŒã¿ã¯ P284 ãdot1x port-controlã㧠"auto"ã«èšå®ãããŠããå Žåã«ã®ã¿æå¹ã§ãã
⢠"multi-host"ãèšå®ãããšãããŒãã«æ¥ç¶ãããã¹ãã®ãã¡ã® 1å°ã®ã¿ãèªèšŒã®èš±å¯ãåŸãããã°ãä»ã®è€æ°ã®ãã¹ãããããã¯ãŒã¯ãžã®ã¢ã¯ã»ã¹ãå¯èœã«ãªããŸããéã«ãæ¥ç¶ãããã¹ãåèªèšŒã«å€±æããããEAPOLãã°ãªãã¡ãã»ãŒãžãéä¿¡ããå Žåãä»ã®ãã¹ããèªèšŒã«å€±æããããšã«ãªããŸãã
äŸ
Console(config)#interface eth 1/2Console(config-if)#dot1x operation-mode multi-host max-count 10Console(config-if)#
285 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãŠãŒã¶èªèšŒ
dot1x re-authenticate
å šããŒãåã¯ç¹å®ã®ããŒãã§ã®åèªèšŒã匷å¶çã«è¡ããŸãã
ææ³
dot1x re-authenticate [ interface]
⢠interface
ãïŒ ethernet unit/port
ãïŒ unit â ãŠãããçªå·ã"1"
ãïŒ port â ããŒãçªå·ïŒç¯å²ïŒ1-12ïŒ
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
dot1x re-authentication
å šããŒãã§ã®åšæçãªåèªèšŒãæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§åèªèšŒãç¡å¹ã«ããŸãã
ææ³
[no] dot1x re-authentication
ã³ãã³ãã¢ãŒã
Interface Configuration
äŸ
Console#dot1x re-authenticateConsole#
Console(config)#interface eth 1/2Console(config-if)#dot1x re-authenticationConsole(config-if)#
286FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãŠãŒã¶èªèšŒ
dot1x timeout quiet-period
EAPãªã¯ãšã¹ããã±ããã®æ倧éä¿¡åæ°ãéããåŸãæ°ããã¯ã©ã€ã¢ã³ãã®æ¥ç¶åŸ æ©ç¶æ ã«ç§»è¡ãããŸã§ã®æéãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
dot1x timeout quiet-period seconds
no dot1x timeout quiet-period
⢠seconds â ç§æ°ïŒç¯å²ïŒ1-65535ç§ïŒ
åæèšå®
60ç§
ã³ãã³ãã¢ãŒã
Interface Configuration
äŸ
dot1x timeout re-authperiod
æ¥ç¶ãããã¯ã©ã€ã¢ã³ãã«åèªèšŒãèŠæ±ããééãèšå®ããŸãã
ææ³
dot1x timeout re-authperiod seconds
no dot1x timeout re-authperiod
⢠seconds â ç§æ°ïŒç¯å²ïŒ1-65535ç§ïŒ
åæèšå®
3600ç§
ã³ãã³ãã¢ãŒã
Interface Configuration
äŸ
Console(config)#interface eth 1/2Console(config-if)#dot1x timeout quiet-period 350Console(config-if)#
Console(config)#interface eth 1/2Console(config-if)#dot1x timeout re-authperiod 300Console(config-if)#
287 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãŠãŒã¶èªèšŒ
dot1x timeout tx-period
èªèšŒæã« EAPãã±ããã®åéä¿¡ãè¡ãééãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
dot1x timeout tx-period seconds
no dot1x timeout tx-period
⢠seconds â ç§æ°ïŒç¯å²ïŒ1-65535ç§ïŒ
åæèšå®
30ç§
ã³ãã³ãã¢ãŒã
Interface Configuration
äŸ
Console(config)#interface eth 1/2Console(config-if)#dot1x timeout tx-period 300Console(config-if)#
288FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãŠãŒã¶èªèšŒ
show dot1x
æ¬æ©ãŸãã¯ç¹å®ã®ã€ã³ã¿ãã§ãŒã¹ã®ããŒãèªèšŒã«é¢é£ããèšå®ç¶æ ã®è¡šç€ºãè¡ããŸãã
ææ³
show dot1x [statistics] [interface interface]
⢠interface
ïŒ ethernet unit/port
ãunit â ãŠãããçªå·ãâ1â
ãport â ããŒãçªå·ïŒç¯å²ïŒ1-12ïŒ
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
æ¬ã³ãã³ãã§è¡šç€ºãããã®ã¯ä»¥äžã®æ å ±ã§ãã
⢠Global 802.1X Parameters â æ¬æ©å šäœã«å¯Ÿããã802.1XããŒãèªèšŒã®æå¹ /ç¡å¹
⢠802.1X Port Summary â åã€ã³ã¿ãã§ãŒã¹ã®ã¢ã¯ã»ã¹ã³ã³ãããŒã«ã®èšå®å€
ïŒ Status â ããŒãã¢ã¯ã»ã¹ã³ã³ãããŒã«ã®ç®¡çç¶æ ïŒ Operation Mode â P285 ãdot1x operation-modeãã®èšå®å€ïŒ Mode â dot1x port-controlã§èšå®ãã dot1xã¢ãŒã (P284)
ïŒ Authorized â èªèšŒç¶æ (yeså㯠n/a - not authorized)
⢠802.1X Port Details â åã€ã³ã¿ãã§ãŒã¹ã§ã®ããŒãã¢ã¯ã»ã¹ã³ã³ãããŒã«èšå®ã®è©³çŽ°ã衚瀺ããŸãã以äžã®å€ã衚瀺ãããŸãã
ïŒ reauth-enabled - åšæçãªåèªèšŒ (P286)
ïŒ reauth-period - æ¥ç¶ãããã¯ã©ã€ã¢ã³ãã«åèªèšŒãèŠæ±ããéé (P287ïŒ
ïŒ quiet-period - æ倧éä¿¡åæ°è¶ éåŸãæ°ããã¯ã©ã€ã¢ã³ãã®æ¥ç¶åŸ æ©ç¶æ ã«ç§»è¡ãããŸã§ã®æé (P287)
ïŒ tx-period - èªèšŒæã« EAPãã±ããã®åéä¿¡ãè¡ãéé (P288ïŒ
ïŒ supplicant-timeout - ã¯ã©ã€ã¢ã³ãã®ã¿ã€ã ã¢ãŠã
ïŒ server-timeout - ãµãŒãã®ã¿ã€ã ã¢ãŠã
ïŒ reauth-max - åèªèšŒã®æ倧åæ°
ïŒ max-req - ãŠãŒã¶èªèšŒã®ã¿ã€ã ã¢ãŠããŸã§ã®ãããŒãããã¯ã©ã€ã¢ã³ããžã® EAPãªã¯ãšã¹ããã±ããã®æ倧éä¿¡åæ° (P283)
ïŒ Status - èªèšŒã¹ããŒã¿ã¹ (èš±å¯åã¯çŠæ¢ )
ïŒOperation Mode - 802.1XèªèšŒããŒãã«1å°ãããã¯è€æ°ã®ãã¹ã(ã¯ã©ã€ã¢ã³ã)ã®æ¥ç¶ãèš±å¯ãããŠããã
ïŒ Max Count - ããŒãã«æ¥ç¶å¯èœãªæ倧ãã¹ãæ° (P285)
ïŒ Port-control - ããŒãã® dot1xã¢ãŒãã "auto"ã"force-authorized"å㯠"force-unauthorizedã®ãããã«ãªã£ãŠããã (P284)
ïŒ Supplicant - èªèšŒãããã¯ã©ã€ã¢ã³ãã® MACã¢ãã¬ã¹
289 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãŠãŒã¶èªèšŒ
ïŒ Current Identifier - èªèšŒæ©èœã«ãããçŸè¡ã®èªèšŒæ¥ç¶ãèå¥ããããã«äœ¿çšãããæŽæ°å€ (0-255)
⢠Authenticator State Machine â
ïŒ State â çŸåšã®ç¶æ (initialize, disconnected, connecting, authenticating, authenticated, aborting, held, force_authorized, force_unauthorized)
ïŒ Reauth Count â åèªèšŒåæ°
⢠Backend State Machine â
ïŒ State â çŸåšã®ç¶æ (request, response, success, fail, timeout, idle, initialize)
ïŒ Request Count â ã¯ã©ã€ã¢ã³ãããã®å¿çããªãå Žåã«éä¿¡ããã EAPãªã¯ãšã¹ããã±ããã®éä¿¡åæ°
ïŒ Identifier(Server) â çŽè¿ã®EAPã®æå /倱æåã¯èªèšŒãµãŒãããåä¿¡ãããã±ãã
⢠Reauthentication State Machine â
ïŒ State â çŸåšã®ç¶æ (initialize, reauthenticate)
äŸ
Console#show dot1xGlobal 802.1X Parameters reauth-enabled: no reauth-period: 3600 quiet-period: 60 tx-period: 30 supp-timeout: 30 server-timeout: 10 reauth-max: 2 max-req: 2
802.1X Port Summary
Port Name Status Operation Mode Mode Authorized
1/1 disabled Single-Host ForceAuthorized ãn/a
ã»ã»ã» 1/12 disabled Single-Host ForceAuthorized n/a
802.1X Port Details
802.1X is disabled on port 1/1
ã»ã»ã»802.1X is disabled on port 1/12Console#
290FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ACLïŒAccess Control ListsïŒ
3.9 ACLïŒAccess Control ListsïŒ
Access Control Lists (ACL)㯠IPã¢ãã¬ã¹ããããã³ã«ãTCP/UDPããŒãçªå·ãã IPãã±ãããžã®ãã±ãããã£ã«ã¿ãªã³ã°ãæäŸããŸãã
å ¥åããããã±ããã®ãã£ã«ã¿ãªã³ã°ãè¡ãã«ã¯ãåãã«ã¢ã¯ã»ã¹ãªã¹ããäœæããå¿ èŠãªã«ãŒã«ãè¿œå ããŸãããã®åŸããªã¹ãã«ç¹å®ã®ããŒãããã€ã³ãããŸãã
Access Control Lists
ACL㯠IPã¢ãã¬ã¹ãåã¯ä»ã®æ¡ä»¶ãšäžèŽãããã±ããã«å¯ŸããŠèš±å¯ (Permit)åã¯æåŠ(Deny)ããããã®ãªã¹ãã§ãã
æ¬æ©ã§ã¯å ¥åãã±ããã«å¯Ÿã㊠ACLãšäžèŽãããã©ããïŒåãã€ç¢ºèªãè¡ããŸãããã±ãããèš±å¯ã«ãŒã«ãšäžèŽããå Žåã«ã¯çŽã¡ã«éä¿¡ãèš±å¯ããæåŠã«ãŒã«ãšäžèŽããå Žåã«ã¯ãã±ãããèœãšããŸãããªã¹ãäžã®èš±å¯ã«ãŒã«ã«äžèŽããªãå Žåããã±ããã¯èœãšããããªã¹ãäžã®æåŠã«ãŒã«ã«äžèŽããªãå Žåããã±ããã¯éä¿¡ãèš±å¯ãããŸãã
æ¬æ©ã«ã¯ 2ã€ã®ãã£ã«ã¿ãªã³ã°ã¢ãŒãããããŸãã
⢠Standard IP ACL mode (STD-ACL) â ãœãŒã¹ IPã¢ãã¬ã¹ã«åºã¥ããã£ã«ã¿ãªã³ã°ãè¡ã IP ACLã¢ãŒã
⢠Extended IP ACL mode (EXT-ACL) â ãœãŒã¹åã¯ãã£ã¹ãã£ããŒã·ã§ã³ IPã¢ãã¬ã¹ããããã³ã«ã¿ã€ããTCP/UDPããŒãçªå·ã«åºã¥ããã£ã«ã¿ãªã³ã°ãè¡ã IP ACLã¢ãŒã
ACLã¯ä»¥äžã®å¶éããããŸãã
⢠å ACLã¯æ倧 96ã«ãŒã«ãŸã§èšå®å¯èœã§ãã
⢠äœãããªãœãŒã¹ã®å¶éã«ãããããŒãã«çµã³ä»ããããèŠåã®æ°ã®å¹³å㯠20ãè¶ ããªãããã«ããŠäžããã
⢠æ¬æ©ã¯ ingressïŒå ¥åïŒACLã®ã¿ããµããŒãããŠããŸãã1åã® IP ACLãä»»æã®ingressïŒå ¥åïŒããŒãã«ãã€ã³ãã§ããŸãã
æå¹ãª ACLã¯ä»¥äžã®é çªã§å®è¡ãããŸãã
ïŒ1ïŒ å ¥åããŒãã®å ¥å IP ACLã®ãŠãŒã¶ã«å®çŸ©ãããã«ãŒã«
ïŒ2ïŒ å ¥åããŒãã®å ¥å IP ACLã®ããã©ã«ãã«ãŒã« (permit any any)
ïŒ3ïŒ æ確ãªã«ãŒã«ã«äžèŽããªãå Žåãæé»ã®ããã©ã«ãã«ãŒã« (permit all)
ã³ãã³ã æ©èœ ããŒãž
IP ACLsIPã¢ãã¬ã¹ãTCP/UDPããŒãçªå·ãTCPã³ã³ãããŒã«ã³ãŒãã«åºã¥ã ACLã®èšå®
P292
MAC ACLs ããŒããŠã§ã¢ã¢ãã¬ã¹ããã±ãããã©ãŒããããã€ãŒãµãããã¿ã€ãã«åºã¥ã ACLã®èšå®
P308
ACL Information ACLåã³é¢é£ããã«ãŒã«ã®è¡šç€ºãåããŒãã® ACLã®è¡šç€º
P313
291 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ACLïŒAccess Control ListsïŒ
3.9.1 IP ACLã³ãã³ã
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
access-list IP IP ACLã®äœæãš configuration modeãžã®ç§»è¡ GC P293
permit,deny ãœãŒã¹ IPã¢ãã¬ã¹ãäžèŽãããã±ããã®ãã£ã«ã¿ãªã³ã°
STD-ACL
P294
permit,denyãœãŒã¹åã¯ãã£ã¹ãã£ããŒã·ã§ã³ IPã¢ãã¬ã¹ããããã³ã«ã¿ã€ããTCP/UDPããŒãçªå·ã«åºã¥ããã£ã«ã¿ãªã³ã°
EXT-ACL
P295
show ipaccess-list
èšå®æžã¿ IP ACLã®ã«ãŒã«ã®è¡šç€º PE P296
access-listip mask precedence
ã¢ã¯ã»ã¹ã³ã³ãããŒã«ãã¹ã¯èšå®ãžã¢ãŒãã®å€æŽ GC P297
mask ACLã«ãŒã«ã®åªå ãã¹ã¯ã®èšå® IP-Mask
P298
show access-listip mask-precedence
IP ACLãžã®å ¥å /åºåã«ãŒã«ãã¹ã¯ã®è¡šç€º PE P302
ip access-group IP ACLãžã®ããŒãã®è¿œå IC P303
show ip access-group IP ACLã«æå®ããããŒãã®è¡šç€º PE P303
map access-listip
ACLã«ãŒã«ãšäžèŽãããã±ãããžã®åºåãã¥ãŒã®CoSå€ã®èšå®
IC P304
show mapaccess-list ip
ã€ã³ã¿ãã§ãŒã¹ã®ã¢ã¯ã»ã¹ãªã¹ãã«ãããã³ã°ããã CoSå€ã®è¡šç€º
PE P305
match access-list ipãã±ããããŒãã³ã°ïŒã«ãŒã«ã«äžèŽãããã¬ãŒã ã®IEEE802.1p priority, IP Precedence, DSCP Priorityã®å€æŽïŒ
IC P306
show marking ãã±ããããŒãã³ã°ã®èšå®ã®è¡šç€º PE P307
292FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ACLïŒAccess Control ListsïŒ
access-list ip
IP ACLãè¿œå ããã¹ã¿ã³ããŒãåã¯æ¡åŒµ IP ACLã®èšå®ã¢ãŒãã«ç§»è¡ããŸãã"no"ãåã«çœ®ãããšã§ç¹å®ã® ACLãåé€ããŸãã
ææ³
[no] access-list ip {standard | extended} acl_name
⢠standard â ãœãŒã¹ IPã¢ãã¬ã¹ã«åºã¥ããã£ã«ã¿ãªã³ã°ãè¡ã ACL
⢠extended â ãœãŒã¹åã¯ãã£ã¹ãã£ããŒã·ã§ã³ IPã¢ãã¬ã¹ããããã³ã«ã¿ã€ããTCP/UDPããŒãçªå·ã«åºã¥ããã£ã«ã¿ãªã³ã°ãè¡ã ACL
⢠acl_name â ACLåïŒæ倧 16æåïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠æ°ãã ACLãäœæããå Žåããæ¢åã® ACLã®èšå®ã¢ãŒãã«ç§»è¡ããå Žåã"permit"å㯠"deny"ã³ãã³ãã䜿çšããæ°ããã«ãŒã«ãè¿œå ããŸããACLãäœæããã«ã¯ãæäœ1ã€ã®ã«ãŒã«ãèšå®ããå¿ èŠããããŸãã
⢠ã«ãŒã«ãåé€ããã«ã¯ "no permit"å㯠"no deny"ã³ãã³ãã«ç¶ããŠèšå®æžã¿ã®ã«ãŒã«ãå ¥åããŸãã
⢠1ã€ã® ACLã«ã¯æ倧 32åã®ã«ãŒã«ãèšå®å¯èœã§ãã
äŸ
é¢é£ããã³ãã³ã
permit, deny (P294)
ip access-group (P303)
show ip access-list (P296)
Console(config)#access-list ip standard davidConsole(config-std-acl)#
293 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ACLïŒAccess Control ListsïŒ
permit,denyïŒStandard ACLïŒ
ã¹ã¿ã³ããŒã IP ACLã«ãŒã«ãè¿œå ããŸããæ¬ã«ãŒã«ã§ã¯ç¹å®ã®ãœãŒã¹ IPã¢ãã¬ã¹ããã®ãã±ãããžã®ãã£ã«ã¿ãªã³ã°ãè¡ããŸãã"no"ãåã«çœ®ãããšã§ã«ãŒã«ãåé€ããŸãã
ææ³
[no] {permit | deny} {any | source bitmask | host source}
⢠any â ãã¹ãŠã® IPã¢ãã¬ã¹
⢠source â ãœãŒã¹ IPã¢ãã¬ã¹
⢠bitmask â äžèŽããã¢ãã¬ã¹ããããè¡šã 10é²æ°å€
⢠host â ç¹å®ã® IPã¢ãã¬ã¹ãæå®
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Standard ACL
ã³ãã³ã解説
⢠æ°ããã«ãŒã«ã¯ãªã¹ãã®æåŸã«è¿œå ãããŸãã
⢠ã¢ãã¬ã¹ããããã¹ã¯ã¯ãµãããããã¹ã¯ãšäŒŒãŠããã4ã€ã® 0-255ã®å€ã§è¡šç€ºããããããããããªãªã ( . )ã«ããåå²ãããŠããŸãã2é²æ°ã®ãããã "1"ã®å ŽåãäžèŽãããããã§ããã"0"ã®å ŽåãæåŠããããããšãªããŸããããããã¹ã¯ã¯ãããæ¯ã«ç¹å®ã® IPã¢ãã¬ã¹ãšå ±ã«äœ¿çšããACLãæå®ããå ¥å IPãã±ããã®ã¢ãã¬ã¹ãšæ¯èŒãããŸãã
äŸ
æ¬äŸã§ã¯ã10.1.1.21ã®ãœãŒã¹ã¢ãã¬ã¹ãžã®èš±å¯ (permit)ã«ãŒã«ãšããããã¹ã¯ã䜿çšãã168.92.16.x-168.92.31.xãŸã§ã®ãœãŒã¹ã¢ãã¬ã¹ãžã®èš±å¯ (permit)ã«ãŒã«ãèšå®ããŠããŸãã
é¢é£ããã³ãã³ã
access-list ip (P293)
Console(config-std-acl)#permit host 10.1.1.21Console(config-std-acl)#permit 168.92.16.0 255.255.240.0Console(config-std-acl)#
294FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ACLïŒAccess Control ListsïŒ
permit,denyïŒExtended ACLïŒ
æ¡åŒµ IP ACLãžã®ã«ãŒã«ã®è¿œå ãè¡ããŸãããœãŒã¹åã¯ãã£ã¹ãã£ããŒã·ã§ã³ IPã¢ãã¬ã¹ããããã³ã«ã¿ã€ããTCP/UDPããŒãçªå·ãTCPã³ã³ãããŒã«ã³ãŒãã«åºã¥ããã£ã«ã¿ãªã³ã°ãè¡ããŸãã"no"ãåã«çœ®ãããšã§ã«ãŒã«ã®åé€ãè¡ããŸãã
ææ³
[no] {permit | deny} [protocol-number | udp]
{any | source address-bitmask | host source}
{any | destination address-bitmask | host destination}
[source-port sport [end]] [destination-port dport [end]]
[no] {permit | deny} tcp
{any | source address-bitmask | host source}
{any | destination address-bitmask | host destination}
[source-port sport [end]] [destination-port dport [end]]
⢠protocol-number â ç¹å®ã®ãããã³ã«çªå·ïŒç¯å²ïŒ0-255ïŒ
⢠source â ãœãŒã¹ IPã¢ãã¬ã¹
⢠destination â ãã£ã¹ãã£ããŒã·ã§ã³ IPã¢ãã¬ã¹
⢠address-bitmask â ã¢ãã¬ã¹ããããã¹ã¯
⢠host â ç¹å®ã® IPã¢ãã¬ã¹ã®æå®
⢠sport â ãããã³ã« * ãœãŒã¹ããŒãçªå·ïŒç¯å²ïŒ0-65535ïŒ
⢠dscp â DSCPãã©ã€ãªãªãã£ã¬ãã«ïŒç¯å²ïŒ0-63ïŒ
⢠end â ãããã³ã«ããŒãç¯å²ã®äžéïŒç¯å²ïŒ0-65535ïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Extended ACL
ã³ãã³ã解説
⢠æ°ããã«ãŒã«ã¯ãªã¹ãã®æåŸã«è¿œå ãããŸãã
⢠ã¢ãã¬ã¹ããããã¹ã¯ã¯ãµãããããã¹ã¯ãšäŒŒãŠããã4ã€ã® 0-255ã®å€ã§è¡šç€ºããããããããããªãªã ( . )ã«ããåå²ãããŠããŸãã2é²æ°ã®ãããã "1"ã®å ŽåãäžèŽãããããã§ããã"0"ã®å ŽåãæåŠããããããšãªããŸããããããã¹ã¯ã¯ãããæ¯ã«ç¹å®ã® IPã¢ãã¬ã¹ãšå ±ã«äœ¿çšããACLãæå®ããå ¥å IPãã±ããã®ã¢ãã¬ã¹ãšæ¯èŒãããŸãã
äŸ
æ¬äŸã§ã¯ããœãŒã¹ã¢ãã¬ã¹ããµãããã 10.7.1.xå ã®å Žåããã¹ãŠã®å ¥åãã±ãããèš±å¯ããŸãã
é¢é£ããã³ãã³ã
access-list ip (P293)
Console(config-ext-acl)#permit 10.7.1.1 255.255.255.0 anyConsole(config-ext-acl)#
295 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ACLïŒAccess Control ListsïŒ
show ip access-list
èšå®æžã¿ã® IP ACLã®ã«ãŒã«ã衚瀺ããŸãã
ææ³
show ip access-list {standard | extended} [acl_name]
⢠standard â ã¹ã¿ã³ããŒã IP ACL
⢠extended â æ¡åŒµ IP ACL
⢠acl_name â ACLåïŒ4æåä»¥äž 15æå以å ïŒ
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show ip access-list standardIP standard access-list david: permit host 10.1.1.21 permit 168.92.16.0 255.255.240.0Console#
296FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ACLïŒAccess Control ListsïŒ
access-list ip mask-precedence
IPãã¹ã¯ã¢ãŒãã®å€æŽãè¡ãªããŸãã"no"ãåã«çœ®ãããšã§ãã¹ã¯ããŒãã«ã®åé€ãè¡ãªããŸãã
ææ³
access-list ip mask-precedence {in | out}
no access-list ip mask-precedence {in | out}
⢠in â å ¥å ACL ãžã®å ¥åãã¹ã¯
⢠out â åºå ACL ãžã®åºåãã¹ã¯
åæèšå®
åæèšå®ãã¹ã¯ïŒç¹å®ã® IP ACLã«ããå ¥åãã±ããã®ãã£ã«ã¿ãªã³ã°
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠ãã¹ã¯ã¯å ¥å ACL åã¯åºå ACL ã®ã©ã¡ããã«ã®ã¿äœ¿çšå¯èœã§ãã
⢠ãã±ããã«æäŸããã ACL ã«ãŒã«ã®åªå 床ã¯ãã«ãŒã«ã®é çªã§ã¯ãªãããã¹ã¯ã«ãã決å®ãããŸããæåã«ã«ãŒã«ã«äžèŽãããã¹ã¯ããã±ããã«é©çšãããã«ãŒã«ã決å®ããŸãã
⢠ã«ãŒã«ã«é¢é£ããããŒãã®ãã€ã³ãããã¥ãŒã®èšå®ããã¬ãŒã ãã©ã€ãªãªãã£ã®èšå®ãè¡ãªãåã« ACL ã«ãŒã«ãžã®ãã¹ã¯ã®èšå®ãè¡ãªãå¿ èŠããããŸãã
äŸ
Console(config)#access-list ip mask-precedence inConsole(config-ip-mask-acl)#
297 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ACLïŒAccess Control ListsïŒ
mask
IP ACLãžã®ãã¹ã¯ãå®çŸ©ããIPãããã®ãã§ãã¯é ç®ãèšå®ããŸãã"no"ãåã«çœ®ãããšã§ãã¹ã¯ãåé€ããŸãã
ææ³
[no] mask [protocol]
{any | host | source-bitmask}
{any | host | destination-bitmask}
[precedence] [tos] [dscp]
[source-port [port-bitmask]] [destination-port [port-bitmask]]
[control-flag [flag-bitmask]]
⢠protocol â ãããã³ã«ãã£ãŒã«ãã®ãã§ãã¯
⢠any â ãã¹ãŠã®ã¢ãã¬ã¹ãäžèŽ
⢠host âç¹å®ã®ãã¹ãããã€ã¹ã®ã¢ãã¬ã¹
⢠source-bitmask â ãœãŒã¹ã¢ãã¬ã¹ã®ããããã¹ã¯
⢠destination-bitmask â ãã£ã¹ãã£ããŒã·ã§ã³ã¢ãã¬ã¹ã®ããããã¹ã¯
⢠precedence â IP precedence ãã£ãŒã«ãã®ãã§ãã¯
⢠tos â ToSãã£ãŒã«ãã®ãã§ãã¯
⢠dscp â DSCPãã£ãŒã«ãã®ãã§ãã¯
⢠source-port â ãããã³ã«ãœãŒã¹ããŒããã£ãŒã«ãã®ãã§ãã¯
⢠destination-port â ãããã³ã«ãã£ã¹ãã£ããŒã·ã§ã³ããŒããã£ãŒã«ãã®ãã§ãã¯
⢠port-bitmask â ãããã³ã«ããŒãã®ããããã¹ã¯ïŒç¯å²ïŒ0-65535ïŒ
⢠control-flag â ã³ã³ãããŒã«ãã©ãã°ãã£ãŒã«ãã®ãã§ãã¯
⢠flag-bitmask â ã³ã³ãããŒã«ãã©ãã°ã®ããããã¹ã¯ïŒç¯å²ïŒ0-63ïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
IP Mask
298FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ACLïŒAccess Control ListsïŒ
ã³ãã³ã解説
⢠ããŒãã暪æãããã±ãã㯠ACL å ã®ãã¹ãŠã®ã«ãŒã«ã«ãããã§ãã¯ãããŸãããããã®ãã±ããã®ãã§ãã¯ã¯ ACL ã«ãŒã«ã§ã¯ãªãããã¹ã¯ã«ãã決å®ãããŸãã
⢠ã€ã³ã¿ãã§ãŒã¹ã ACL ã«ãããã³ã°ããåã« ACLãšå ¥ååã¯åºåãã¹ã¯ãäœæããŠäžããã
⢠åãã«ãŒã«å 㧠Precedence åã³ ToS ã®äž¡æ¹ãæå®ããããšãã§ããŸããããããDSCP ã䜿çšããå Žåã Precedence åã³ ToS ã¯æå®ããããšãã§ããŸããã
⢠ã¬ã€ã€ 4 ãããã³ã«ãœãŒã¹åã¯ãã£ã¹ãã£ããŒã·ã§ã³ããŒããžã®ãšã³ããªãå«ãã§ãããã¹ã¯ã¯ããããé·ã 5 ãã€ãã®ãã±ããã«ã®ã¿å¯Ÿå¿ããããšãå¯èœã§ãã
äŸ
æ¬äŸã§ã¯ã2ã€ã®ã«ãŒã«ã® IPå ¥åãã¹ã¯ãäœæããŠããŸããåã«ãŒã«ã¯ãACLãšã³ããªã®äžèŽãæ€çŽ¢ããåªå é ã§æ€çŽ¢ãããŸããæåã®ãšã³ããªã®äžèŽã¯å ¥åãã±ããã«é©çšãããŸãã
æ¬äŸã§ã¯ããã¹ã¯ã ACLã®ã«ãŒã«ãç¡å¹ãšããŠããŸãããœãŒã¹ã¢ãã¬ã¹ã 10.1.1.1ã®ãã±ããã "mask host any"ãšã³ããªã«é¢é£ãã "deny 10.1.1.1 255.255.255.255"ã«ãŒã«ãåªå ããç Žæ£ãããŸãã
Console(config)#access-list ip mask-precedence inConsole(config-ip-mask-acl)#mask host anyConsole(config-ip-mask-acl)#mask 255.255.255.0 anyConsole(config-ip-mask-acl)#
Console(config)#access-list ip standard A2Console(config-std-acl)#permit 10.1.1.0 255.255.255.0Console(config-std-acl)#deny 10.1.1.1 255.255.255.255Console(config-std-acl)#exitConsole(config)#access-list ip mask-precedence inConsole(config-ip-mask-acl)#mask host anyConsole(config-ip-mask-acl)#mask 255.255.255.0 anyConsole(config-ip-mask-acl)#
299 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ACLïŒAccess Control ListsïŒ
æ¬äŸã§ã¯ãã¢ã¯ã»ã¹æåŠãè¡ãªãå ¥åãã¹ã¯ "171.69.198.102"ãèšå®ãããã®ä»ã®ã¢ã¯ã»ã¹ãèš±å¯ããã¹ã¿ã³ããŒã ACLã®èšå®ãè¡ãªã£ãŠããŸãã
æ¬äŸã§ã¯ãåºåãã¹ã¯ã«ãã L4ãœãŒã¹ããŒã 23ã® "171.69.198.0"ãžã®ãã±ããã®ç Žæ£ãè¡ãªãæ¡åŒµ ACLã®èšå®ãè¡ãªã£ãŠããŸãã
Console(config)#access-list ip standard A2Console(config-std-acl)#permit anyConsole(config-std-acl)#deny host 171.69.198.102Console(config-std-acl)#endConsole#show access-listIP standard access-list A2:deny host 171.69.198.102permit anyConsole#configureConsole(config)#access-list ip mask-precedence inConsole(config-ip-mask-acl)#mask host anyConsole(config-ip-mask-acl)#exitConsole(config)#interface ethernet 1/1Console(config-if)#ip access-group A2 inConsole(config-if)#endConsole#show access-listIP standard access-list A2:deny host 171.69.198.102permit anyConsole#
Console(config)#access-list ip extended A3Console(config-ext-acl)#deny host 171.69.198.5 anyConsole(config-ext-acl)#deny 171.69.198.0 255.255.255.0 anysource-port 23Console(config-ext-acl)#endConsole#show access-listIP extended access-list A3:deny host 171.69.198.5 anydeny 171.69.198.0 255.255.255.0 any source-port 23Console#configConsole(config)#access-list ip mask-precedence outConsole(config-ip-mask-acl)#mask 255.255.255.0 any source-portConsole(config-ip-mask-acl)#exitConsole(config)#interface ethernet 1/15Console(config-if)#ip access-group A3 outConsole(config-if)#endConsole#show access-listIP extended access-list A3:deny 171.69.198.0 255.255.255.0 any source-port 23deny host 171.69.198.5 anyIP egress mask ACL:mask 255.255.255.0 any source-portConsole#
300FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ACLïŒAccess Control ListsïŒ
æ¬äŸã§ã¯ãACLã®å šäœã®èšå®ãè¡ãªã£ãŠããŸããSYNãããã ONã® TCPãã±ããããã¹ãŠæåŠãããã®ä»ã®ãã±ããããã¹ãŠèš±å¯ããŸãããã®åŸãå ¥åãã¹ã¯ã®æåŠã«ãŒã«ãåãã«ãã§ãã¯ãããã®åŸããŒã 1ã« ACLããã€ã³ãããŠããŸããACLãã€ã³ã¿ãã§ãŒã¹ã«ãã€ã³ãããå Žåãã«ãŒã«ã®é çªã¯é¢é£ãããã¹ã¯ã«ãã決å®ãã衚瀺ãããŸãã
Switch(config)#access-list ip extended 6Switch(config-ext-acl)#permit any anySwitch(config-ext-acl)#deny tcp any any control-flag 2 2Switch(config-ext-acl)#endConsole#show access-listIP extended access-list A6:permit any anydeny tcp any any control-flag 2 2Console#configureSwitch(config)#access-list ip mask-precedence inSwitch(config-ip-mask-acl)#mask protocol any any control-flag 2Switch(config-ip-mask-acl)#endConsole#sh access-listIP extended access-list A6:permit any anydeny tcp any any control-flag 2 2IP ingress mask ACL:mask protocol any any control-flag 2Console#configureConsole(config)#interface ethernet 1/1Console(config-if)#ip access-group A6 inConsole(config-if)#endConsole#show access-listIP extended access-list A6:deny tcp any any control-flag 2 2permit any anyIP ingress mask ACL:mask protocol any any control-flag 2Console#
301 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ACLïŒAccess Control ListsïŒ
show access-list ip mask-precedence
IP ACLã®å ¥å /åºåã«ãŒã«ãã¹ã¯ã衚瀺ããŸãã
ææ³
show access-list ip mask-precedence {in | out}
⢠in â å ¥å ACL ãžã®å ¥åãã¹ã¯
⢠out â åºå ACL ãžã®åºåãã¹ã¯
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show access-list ip mask-precedenceIP ingress mask ACL:mask host anymask 255.255.255.0 anyConsole#
302FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ACLïŒAccess Control ListsïŒ
ip access-group
IP ACLãžã®ããŒãã®ãã€ã³ããè¡ããŸãã"no"ãåã«çœ®ãããšã§ããŒããå€ããŸãã
ææ³
[no] ip access-group acl_name in
⢠acl_name â ïŒ4æåä»¥äž 15æå以å ïŒ
⢠in â å ¥åãã±ãããžã®ãªã¹ã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet)
ã³ãã³ã解説
⢠1ã€ã®ããŒã㯠1ã€ã® ACLã®ã¿èšå®å¯èœã§ãã
⢠ããŒãããã§ã« ACLãèšå®æžã¿ã§ãä»ã® ACLããã€ã³ãããå Žåãæ°ãããã€ã³ããã ACLãæå¹ãšãªããŸãã
äŸ
é¢é£ããã³ãã³ã
show ip access-list (P296)
show ip access-group
IP ACLã®ããŒãã®èšå®ã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
é¢é£ããã³ãã³ã
ip access-group (P303)
Console(config)#int eth 1/25Console(config-if)#ip access-group david inConsole(config-if)#
Console#show ip access-groupInterface ethernet 1/25 IP access-list david inConsole#
303 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ACLïŒAccess Control ListsïŒ
map access-list ip
ACLã«ãŒã«ã«äžèŽãããã±ããã®åºåãã¥ãŒãèšå®ããŸããæå®ããã CoSå€ã¯äžèŽãããã±ããã®åºåãã¥ãŒã«ã®ã¿äœ¿çšããããã±ããã«ã¯å€æŽãå ããããŸããã"no"ãåã«çœ®ãããšã§ CoSãããã³ã°ãåé€ããŸãã
ææ³
[no] map access-list ip acl_name cos cos-value
⢠acl_name â ACL åïŒæ倧æåæ°ïŒ16 æåïŒ
⢠cos-value â CoS å€ïŒç¯å²ïŒ0-7ïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet)
ã³ãã³ã解説
⢠CoS å€ã®ã«ãŒã«ãžã®ãããã³ã°ãè¡ãªãåã« ACL ãã¹ã¯ã®èšå®ãè¡ãªã£ãŠäžããã
⢠æå®ããã ACL ã®ã«ãŒã«ãšäžèŽãããã±ããã¯ãäžã®è¡šã«åºã¥ãåºåãã¥ãŒããããã³ã°ãããŸããCoS å€ã®è©³çŽ°ã¯ 433 ããŒãžã®ãqueue cos-mapããåç §ããŠäžããã
äŸ
Console(config)#interface ethernet 1/2Console(config-if)#map access-list ip bill cos 0Console(config-if)#
304FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ACLïŒAccess Control ListsïŒ
show map access-list ip
ã€ã³ã¿ãã§ãŒã¹ã® IP ACLã«ãããã³ã°ããã CoSå€ã衚瀺ããŸãã
CoSå€ã¯ ACLã«ãŒã«ã«äžèŽãããã±ããã®åºåãã¥ãŒã決å®ããŸãã
ææ³
show map access-list ip [interface]
⢠interface
ïŒ ethernet unit/port
ãïŒ unit â ãŠãããçªå·ã"1"
ãïŒ port â ããŒãçªå·ïŒç¯å²ïŒ1-12ïŒ
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
é¢é£ããã³ãã³ã
map access-list ip (P304)
Console#show map access-list ipAccess-list to COS of Eth 1/4Access-list ALS1 cos 0Console#
305 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ACLïŒAccess Control ListsïŒ
match access-list ip
ACLã«äžèŽãã IEEE802.1pãã©ã€ãªãªãã£ãIP PrecedenceãDSCPãã©ã€ãªãªãã£ã®å€æŽãè¡ãªããŸãïŒé称ïŒACLãã±ããããŒãã³ã°ïŒã"no"ãåã«çœ®ãããšã§ ACLããŒã«ãŒãåé€ããŸãã
ææ³
match access-list ip acl_name
[set priority priority] {set tos tos_value | set dscp dscp_value}
no match access-list ip acl_name
⢠acl_name â ACL åïŒæ倧æåæ°ïŒ16 æåïŒ
⢠priority â IEEE802.1p ãã©ã€ãªãªãã£ã¿ã°ã® CoS å€ïŒç¯å²ïŒ0-7ã7 ãæé«ã®ãã©ã€ãªãªãã£ïŒ
⢠tos_value â IP Precedence å€ïŒç¯å²ïŒ0-7ïŒ
⢠dscp_value â DSCP å€ïŒç¯å²ïŒ0-63ïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet)
ã³ãã³ã解説
⢠ACLã«åºã¥ããã¬ãŒã ãã©ã€ãªãªãã£ã®å€æŽã®èšå®ãè¡ãªãåã« ACL ãã¹ã¯ã®èšå®ãè¡ãªãå¿ èŠããããŸãã
⢠ãã©ãã£ãã¯ãã©ã€ãªãªãã£ã¯ IEEE802.1p ãã©ã€ãªãªãã£ã¿ã°ãå«ã¿ãŸãããã®ã¿ã°ã¯IEEE802.1Q VLAN ã¿ã°ã®äžéšã§ãããã©ã€ãªãªãã£ãèšå®ããã«ã¯ "set priority"ã䜿çšããŠäžããã
⢠IP ãã¬ãŒã ããã㯠ToS ãªã¯ãããå ã«ãã©ã€ãªãªãã£ããããå«ã¿ãŸããToS ãªã¯ãããã¯3 ãããã® IP Precedenceãåã¯ïŒãããã® Differentiated Services Code Point(DSCP)ãµãŒãã¹ã® 6 ããããå«ã¿ãŸããIP precedenceãã©ã€ãªãªãã£ãèšå®ããã«ã¯ "set tos"ããŒã¯ãŒãã䜿çšããŸããDSCPãã©ã€ãªãªãã£ãèšå®ããã«ã¯ "set dscp"ããŒã¯ãŒãã䜿çšããŸããIP ãã¬ãŒã ããã㯠IP Precedenceå㯠DSCP ã®ã©ã¡ãããå«ãããšãã§ããŸãã
⢠æ¬æ©ã®ãã©ã€ãªãªãã£ãããã³ã°ã®åªå é äœã¯ãIP Precedenceå㯠DSCP ãã©ã€ãªãªãã£ããã®æ¬¡ã IEEE802.1p ãã©ã€ãªãªãã£ãšãªããŸãã
äŸ
é¢é£ããã³ãã³ã
show marking (P307)
Console(config)#interface ethernet 1/12Console(config-if)#match access-list ip bill set dscp 0Console(config-if)#
306FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ACLïŒAccess Control ListsïŒ
show marking
çŸåšã®ãã±ããããŒãã³ã°ã®ç¶æ ã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
é¢é£ããã³ãã³ã
match access-list ip (P306)
Console#show markingInterface ethernet 1/12match access-list IP bill set DSCP 0match access-list MAC a set priority 0Console#
307 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ACLïŒAccess Control ListsïŒ
3.9.2 MAC ACLã³ãã³ã
access-list mac
MACã¢ãã¬ã¹ãªã¹ããè¿œå ããMAC ACLèšå®ã¢ãŒãã«ç§»è¡ããŸãã"no"ãåã«çœ®ãããšã§æå®ãã ACLãåé€ããŸãã
ææ³
[no] access-list mac acl_name
⢠acl_name â ACLåïŒæ倧 16æåïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠æ°ãã ACL ãäœæããå Žåããæ¢åã® ACL ã®èšå®ã¢ãŒãã«ç§»è¡ããå Žåã"permit"å㯠"deny"ã³ãã³ãã䜿çšããæ°ããã«ãŒã«ãè¿œå ããŸããACL ãäœæããã«ã¯ãæäœ1 ã€ã®ã«ãŒã«ãèšå®ããå¿ èŠããããŸãã
⢠ã«ãŒã«ãåé€ããã«ã¯ "no permit"å㯠"no deny"ã³ãã³ãã«ç¶ããŠèšå®æžã¿ã®ã«ãŒã«ãå ¥åããŸãã
⢠1ã€ã® ACL ã«ã¯æ倧 32 åã®ã«ãŒã«ãèšå®å¯èœã§ãã
äŸ
é¢é£ããã³ãã³ã
permit, deny (MAC ACL) (P294)
mac access-group (P303)
show mac access-list (P296)
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
access-list mac MAC ACLã®äœæãš configuration modeãžã®ç§»è¡ GC P308
permit,denyãœãŒã¹åã¯ãã£ã¹ãã£ããŒã·ã§ã³ã¢ãã¬ã¹ããã±ãããã©ãŒããããã€ãŒãµãããã¿ã€ãã«åºã¥ããã£ã«ã¿ãªã³ã°
MAC-ACL
P309
show macaccess-list èšå®æžã¿ MAC ACLã®ã«ãŒã«ã®è¡šç€º
PE P311
mac access-group MAC ACLãžã®ããŒãã®è¿œå IC P311
show mac access-group MAC ACLã«æå®ããããŒãã®è¡šç€º
PE P312
Console(config)#access-list mac jerryConsole(config-mac-acl)#
308FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ACLïŒAccess Control ListsïŒ
permit,denyïŒMAC ACLïŒ
MAC ACLãžã®ã«ãŒã«ã®è¿œå ãè¡ããŸããMACãœãŒã¹ /ãã£ã¹ãã£ããŒã·ã§ã³ã¢ãã¬ã¹ãã€ãŒãµããããããã³ã«ã¿ã€ãã«ãããã£ã«ã¿ãªã³ã°ãè¡ããŸãã"no"ãåã«çœ®ãããšã§ã«ãŒã«ãåé€ããŸãã
ææ³
[no] {permit | deny}
{any |host source|source address-bitmask}
{any | host destination | destination address-bitmask}
[ vid vid vid-bitmask] [ ethertype protocol [ protocol-bitmask ] ]
â»åæèšå®ã¯ Ethernet2ãã±ããã§ãã
[no] {permit | deny} tagged-eth2
{any |host source|source address-bitmask}
{any | host destination | destination address-bitmask}
[ vid vid vid-bitmask] [ ethertype protocol [ protocol-bitmask ]
[no] {permit | deny} untagged-eth2
{any |host source|source address-bitmask}
{any | host destination | destination address-bitmask}
[ethertype protocol [ protocol-bitmask ]
[no] {permit | deny} tagged-802.3
{any |host source|source address-bitmask}
{any | host destination | destination address-bitmask}
[ vid vid vid-bitmask]
[no] {permit | deny} untagged-802.3
{any |host source|source address-bitmask}
{any | host destination | destination address-bitmask}
protocol-number â ç¹å®ã®ãããã³ã«çªå·ïŒç¯å²ïŒ0-255ïŒ
⢠tagged-eth2 â ã¿ã°ä»ãã€ãŒãµããã 2ãã±ãã
⢠untagged-eth2 â ã¿ã°ç¡ãã€ãŒãµããã 2ãã±ããå®
⢠tagged-802.3 â ã¿ã°ä»ãã€ãŒãµããã 802.3ãã±ãã
⢠untagged-802.3 â ã¿ã°ç¡ãã€ãŒãµããã 802.3ãã±ãã
⢠any â ãã¹ãŠã® MAC ãœãŒã¹ /ãã£ã¹ãã£ããŒã·ã§ã³ã¢ãã¬ã¹
⢠host â ç¹å®ã® MACã¢ãã¬ã¹
⢠source â ãœãŒã¹ MACã¢ãã¬ã¹
⢠destination â ããããã¹ã¯ãå«ããã£ã¹ãã£ããŒã·ã§ã³ MACã¢ãã¬ã¹ç¯å²
⢠address-bitmask â MACã¢ãã¬ã¹ã®ããããã¹ã¯ïŒ16 é²æ°ïŒ
309 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ACLïŒAccess Control ListsïŒ
⢠vid â VLAN IDïŒç¯å²ïŒ1-4093ïŒ
⢠vid â VLANããããã¹ã¯ïŒç¯å²ïŒ1-4093ïŒ
⢠protocol â ã€ãŒãµããããããã³ã«çªå·ïŒç¯å²ïŒ600-fff 16é²æ°ïŒ
⢠protocol -bitmaskâ ãããã³ã«ããããã¹ã¯ïŒç¯å²ïŒ600-fff 16é²æ°ïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
MAC ACL
ã³ãã³ã解説
⢠æ°ããã«ãŒã«ã¯ãªã¹ãã®æåŸã«è¿œå ãããŸãã
⢠ã€ãŒãµãããã¿ã€ããªãã·ã§ã³ã¯ Ethernet II ã®ãã£ã«ã¿ã«ã®ã¿äœ¿çšããŸãã
⢠ã€ãŒãµããããããã³ã«ã¿ã€ãã®ãªã¹ã㯠RFC 1060 ã§å®çŸ©ãããŠããŸãããäžè¬çãªã¿ã€ãã¯ä»¥äžã®éãã§ãã
â 0800(IP)
â 0806(ARP)
â 8137(IPX)
äŸ
é¢é£ããã³ãã³ã
access-list mac (P308)
Console(config-mac-acl)#permit any host 00-e0-29-94-34-de ethertype 0800Console(config-mac-acl)#
310FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ACLïŒAccess Control ListsïŒ
show mac access-list
MAC ACLã®ã«ãŒã«ã衚瀺ããŸãã
ææ³
show mac access-list [acl_name]
⢠acl_name â ACLåïŒæ倧 16æåïŒ
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
é¢é£ããã³ãã³ã
permit, deny (P309)mac access-group (P311)
mac access-group
MAC ACLãžã®ããŒãã®ãã€ã³ããè¡ããŸãã"no"ãåã«çœ®ãããšã§ããŒããå€ããŸãã
ææ³
[no] mac access-group acl_name in
⢠acl_nameâ ACLåïŒæ倧 16æåïŒ
⢠in â å ¥åãã±ãããžã®ãªã¹ã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
é¢é£ããã³ãã³ã
show mac access-list (P311)
Console#show mac access-listMAC access-list jerry: permit any 00-e0-29-94-34-de ethertype 0800Console#
Console(config)#interface ethernet 1/2Console(config-if)#mac access-group jerry inConsole(config-if)#
311 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ACLïŒAccess Control ListsïŒ
show mac access-group
MAC ACLã«æå®ãããããŒãã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
é¢é£ããã³ãã³ã
mac access-group (P311)
Console#show mac access-groupInterface ethernet 1/5 MAC access-list M5 inConsole#
312FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ACLïŒAccess Control ListsïŒ
3.9.3 ACLæ å ±ã®è¡šç€º
show access-list
ãã¹ãŠã® ACLãšãŠãŒã¶å®çŸ©ãã¹ã¯ãå«ãé¢é£ããã«ãŒã«ã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
⢠ACL ãã€ã³ã¿ãã§ãŒã¹ã«çµåããããšãã«ãŒã«ã衚瀺ãããé åºã¯é¢é£ãããã¹ã¯ã«ãã£ãŠæ±ºå®ãããŸãã
äŸ
show access-group
ACLã®ããŒãã®æå®ã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Privileged Executive
äŸ
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
show access-list å šãŠã® ACLãšé¢é£ããã«ãŒã«ã®è¡šç€º PE P313
show access-group ãœãŒã¹ IPã¢ãã¬ã¹ãäžèŽãããã±ããã®ãã£ã«ã¿ãªã³ã°
PE P313
Console#show access-listIP standard access-list david: permit host 10.1.1.21 permit 168.92.16.0 255.255.240.0IP extended access-list bob: permit 10.7.1.1 255.255.255.0 any permit 192.168.1.0 255.255.255.0 any destination-port 80 80IP access-list jerry: permit any host 00-30-29-94-34-de ethertype 800 800IP extended access-list A6: permit any anyConsole#
Console#show access-groupInterface ethernet 1/1 IP access-list jerry in...Interface ethernet 1/26 IP access-list jerry inConsole#
313 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹SNMP
3.10 SNMP
ãã©ãããããŒãžã£ã§éä¿¡ãããšã©ãŒã¿ã€ããªã©ã® SNMP管ç端æ«ã䜿çšããæ¬æ©ãžã®ã¢ã¯ã»ã¹ã«é¢ããèšå®ãè¡ããŸãã
snmp-server
SNMPv3ãšã³ãžã³ããã³ããã®ä»å šãŠã®ç®¡çã¯ã©ã€ã¢ã³ããµãŒãã¹ãæå¹ã«ããŸãã
"no"ãåã«çœ®ãããšã§ãµãŒãã¹ãç¡å¹ã«ããŸãã
ææ³
[no] snmp-server
åæèšå®
æå¹
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
snmp-server SNMPãµãŒããŒãæå¹å GC P314
show snmp SNMPã®èšå®æ å ±ã衚瀺 NE,PE P315
snmp-servercommunity
SNMPã³ãã³ãã§ã¢ã¯ã»ã¹ããããã®ã³ãã¥ããã£åã®èšå®
GC P316
snmp-server contact ã·ã¹ãã ã³ã³ã¿ã¯ãæ å ±ã®èšå® GC P317
snmp-serverlocation
ã·ã¹ãã èšçœ®æ å ±ã®èšå® GC P317
snmp-server host SNMPã¡ãã»ãŒãžãåä¿¡ãããã¹ãã®èšå® GC P318
snmp-serverenable traps
SNMPã¡ãã»ãŒãžãåä¿¡ãããã¹ãã®æå¹å GC P320
snmp-server engine-id ãšã³ãžã³ IDã®èšå® GC P321
show snmpengine-id
ãšã³ãžã³ IDã®è¡šç€º PE P322
snmp-server view ãã¥ãŒã®èšå® GC P323
show snmp view ãã¥ãŒã®è¡šç€º PE P324
snmp-server group ã°ã«ãŒãã®è¿œå ãšããŠãŒã¶ãŒããã¥ãŒãžãããã³ã° GC P325
show snmp group ã°ã«ãŒãã®è¡šç€º PE P326
snmp-server user SNMP v3ã°ã«ãŒããžãŠãŒã¶ãŒã®è¿œå GC P328
show snmp user SNMP v3ãŠãŒã¶ãŒã®è¡šç€º PE P329
Console(config)#snmp-serverConsole(config)#
314FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹SNMP
show snmp
SNMPã®ã¹ããŒã¿ã¹ã衚瀺ããŸãã
ææ³
show snmp
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Normal Exec, Privileged Exec
ã³ãã³ã解説
æ¬ã³ãã³ãã䜿çšããããšã§ãã³ãã¥ããã£åã«é¢ããæ å ±ãåã³ SNMPã®å ¥åºåããŒã¿ã®æ°ã "snmp-server enable traps"ã³ãã³ããæå¹ã«ãªã£ãŠããªããŠã衚瀺ãããŸãã
äŸ
Console#show snmp
SNMP traps:Authentication: enabledLink-up-down: enabled
SNMP communities:1. private, and the privilege is read-write2. public, and the privilege is read-only
0 SNMP packets input 0 Bad SNMP version errors 0 Unknown community name 0 Illegal operation for community name supplied 0 Encoding errors 0 Number of requested variables 0 Number of altered variables 0 Get-request PDUs 0 Get-next PDUs 0 Set-request PDUs0 SNMP packets output 0 Too big errors 0 No such name errors 0 Bad values errors 0 General errors 0 Response PDUs 0 Trap PDUs
SNMP logging: disabledConsole#
315 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹SNMP
snmp-server community
SNMP䜿çšæã®ã³ãã¥ããã£åãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åã ã®ã³ãã¥ããã£åã®åé€ãè¡ããŸãã
ææ³
snmp-server community string { ro | rw }
no snmp-server community string
⢠string â SNMPãããã³ã«ã«ã¢ã¯ã»ã¹ããããã®ãã¹ã¯ãŒããšãªãã³ãã¥ããã£åïŒæ倧 32æåã倧æåå°æåã¯åºå¥ãããŸããæ倧 5ã€ã®ã³ãã¥ããã£åãèšå®ã§ããŸãïŒ
⢠ro â èªã¿åãã®ã¿å¯èœãªã¢ã¯ã»ã¹ãroã«æå®ããã管ç端æ«ã¯MIBãªããžã§ã¯ãã®ååŸã®ã¿ãè¡ããŸã
⢠rw â èªã¿æžããå¯èœãªã¢ã¯ã»ã¹ãrwã«æå®ããã管ç端æ«ã¯MIBãªããžã§ã¯ãã®ååŸåã³å€æŽãè¡ããŸã
åæèšå®
⢠public â èªã¿åãå°çšã¢ã¯ã»ã¹ (ro)ãMIBãªããžã§ã¯ãã®ååŸã®ã¿ãè¡ããŸã
⢠private â èªã¿æžãå¯èœãªã¢ã¯ã»ã¹ (rw)ã管ç端æ«ã¯ MIBãªããžã§ã¯ãã®ååŸåã³å€æŽãè¡ããŸã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
"snmp-server community"ã³ãã³ã㯠SNMPãæå¹ã«ããŸãã"no snmp-server community"ã³ãã³ã㯠SNMPãç¡å¹ã«ããŸãã
äŸ
Console(config)#snmp-server community alpha rwConsole(config)#
316FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹SNMP
snmp-server contact
ã·ã¹ãã ã³ã³ã¿ã¯ãæ å ±ã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§ã·ã¹ãã ã³ã³ã¿ã¯ãæ å ±ãåé€ããŸãã
ææ³
snmp-server contact text
no snmp-server contact
⢠text â ã·ã¹ãã ã³ã³ã¿ã¯ãæ å ±ã®è§£èª¬ïŒæ倧 255æåïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
snmp-server location
ã·ã¹ãã èšçœ®å Žææ å ±ã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§ã·ã¹ãã èšçœ®å Žææ å ±ãåé€ããŸãã
ææ³
snmp-server location text
no snmp-server location
⢠text â ã·ã¹ãã èšçœ®å Žæã®è§£èª¬ïŒæ倧 255æåïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
Console(config)#snmp-server contact JoeConsole(config)#
Console(config)#snmp-server location Room 23Console(config)#
317 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹SNMP
snmp-server host
SNMPã¡ãã»ãŒãžãåãåããã¹ãã®æå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§ãã¹ããåé€ããŸãã
ææ³
snmp-server host host-addr inform {retry retries | timeout seconds } community-string version [ 1 | 2c | 3 {auth | noauth | priv } ] udp-port port
no snmp-server host host-addr
⢠host-addr â SNMPã¡ãã»ãŒãžãåãåããã¹ãã®ã¢ãã¬ã¹ïŒæ倧 5ã€ã®ãã¹ããèšå®ã§ããŸãïŒ
⢠inform â ã€ã³ãã©ãŒã ã䜿çšïŒversion2cãš 3ã§ã®ã¿äœ¿çšå¯ïŒ
ïŒ retry retriesïŒ åéãè¡ãæ倧åæ°ïŒ0-255åãåæèšå®ïŒ3åïŒ
ïŒ timeout secondsïŒ åéãŸã§ã®åŸ ã¡æéïŒ0-2147483647ã»ã³ãã»ã«ã³ãåæèšå®ïŒ1500ã»ã³ãã»ã«ã³ãïŒ
⢠community-string â ã¡ãã»ãŒãžãšãšãã«éãããã³ãã¥ããã£åãæ¬ã³ãã³ãã§ãã³ãã¥ããã£åã®èšå®ãè¡ããŸããã"snmp-server community"ã³ãã³ããå©çšããŠèšå®ããããšãæšå¥šããŸãïŒæ倧 32æåïŒ
⢠version â ãã©ããããŒãžã§ã³ãæå®ããŸãïŒç¯å²ïŒv1,v2c,v3ïŒ
ïŒ auth | noauth |privïŒ v3䜿çšæã«èšå®ããŸãããããã®èªèšŒ \æå·åãªãã·ã§ã³ã®è©³çŽ°ã«ã€ããŠã¯ P28 ãSNMPããåç §ããŠãã ããã
⢠port â ãã©ãããããŒãžã£ã䜿çšãã UDPããŒããæå®ïŒ1-65535ãåæèšå®ïŒ162ïŒ
åæèšå®
Host AddressïŒãªã
éç¥ïŒãã©ãã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠"snmp-server host"ã³ãã³ãã䜿çšããªãå Žåã¯ãSNMPã¡ãã»ãŒãžã¯éä¿¡ãããŸãããSNMPã¡ãã»ãŒãžã®éä¿¡ãè¡ãããã«ã¯å¿ ã "snmp-server host"ã³ãã³ãã䜿çšãæäœ 1ã€ã®ãã¹ããæå®ããŠäžãããè€æ°ã®ãã¹ããèšå®ããå Žåã«ã¯ããããã« "snmp-server host"ã³ãã³ãã䜿çšããŠãã¹ãã®èšå®ãè¡ã£ãŠäžããã
⢠"snmp-server host"ã³ãã³ã㯠"snmp-server enable traps"ã³ãã³ããšãšãã«äœ¿çšãããŸãã"snmp-server enable traps"ã³ãã³ãã§ã¯ã©ã®ãã㪠SNMPã¡ãã»ãŒãžãéä¿¡ãããæå®ããŸãããã¹ãã SNMPã¡ãã»ãŒãžãåä¿¡ããããã«ã¯æäœ 1ã€ä»¥äžã® "snmp-server enable traps"ã³ãã³ããš "snmp-server host"ã³ãã³ããæå®ãããã¹ããæå¹ã«ãªã£ãŠããå¿ èŠããããŸãã
⢠äžéšã®ã¡ãã»ãŒãžã¿ã€ã㯠"snmp-server enable traps"ã³ãã³ãã§æå®ããããšãã§ãããã¡ãã»ãŒãžã¯åžžã«æå¹ã«ãªããŸãã
318FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹SNMP
⢠ã¹ã€ããã¯åæèšå®ã§ãã©ããã¡ãã»ãŒãžã®éç¥ãè¡ããŸããããã©ããã¡ãã»ãŒãžã®åãåãåŽã¯ã¹ã€ãããžå¿çãéããŸããããã®çºãååãªä¿¡é Œæ§ã¯ç¢ºä¿ã§ããŸãããã€ã³ãã©ãŒã ã䜿çšããããšã«ãããéèŠæ å ±ããã¹ãã«åãåãããã®ãä¿èšŒããããšãå¯èœã§ãã
[泚æ ]ãã€ã³ãã©ãŒã ã䜿çšããå Žåãã¹ã€ããã¯å¿çãåãåããŸã§ã®éãæ å ±ãã¡ã¢ãªå ã«ä¿æããªããŠã¯ãªããªãããå€ãã®ã·ã¹ãã ãªãœãŒã¹ã䜿çšããŸãããŸãã€ã³ãã©ãŒã ã¯ãããã¯ãŒã¯ãã©ãã£ãã¯ã«ã圱é¿ãäžããŸãããããã®åœ±é¿ãèæ ®ããäžã§ããã©ãããŸãã¯ãã©ããéç¥ã®äœ¿çšã決å®ããŠãã ããã
⢠SNMPv3ãã¹ããæå®ããŠããå Žåããã©ãããããŒãžã£ã®ã³ãã¥ããã£åã¯ãSNMPãŠãŒã¶ãŒåãšããŠè§£éãããŸããSNMPv3èªèšŒãŸãã¯æå·åãªãã·ã§ã³ã䜿çšããŠããéã«ã¯ïŒauthNoPrivãŸã㯠authPrivïŒãæåã« P328 ãsnmp-server userãã§ãŠãŒã¶ãŒåãå®çŸ©ããŠãã ããããŠãŒã¶ãŒåãå®çŸ©ãããŠããªãå ŽåãèªèšŒãã¹ã¯ãŒãããã³ãã©ã€ãã·ãŒãã¹ã¯ãŒããååšãããã¹ã€ããã¯ãã¹ãããã®ã¢ã¯ã»ã¹ãèš±å¯ããŸãããå°ãSNMPv3ãã¹ãã no authenticationïŒnoAuthïŒãšããŠèšå®ããŠããå Žåã«ã¯ãSNMPãŠãŒã¶ãŒã¢ã«ãŠã³ãã¯èªåçã«çæãããŸãã®ã§ãã¹ã€ããã¯ãã¹ãããã®ã¢ã¯ã»ã¹ãèš±å¯ããŸãã
äŸ
é¢é£ããã³ãã³ã
snmp-server enable traps (P320)
Console(config)#snmp-server host 10.1.19.23 batmanConsole(config)#
319 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹SNMP
snmp-server enable traps
SNMPã®ãã©ããã¡ãã»ãŒãžã®éä¿¡ãæå¹åããŸãã"no"ãåã«çœ®ãããšã§æ©èœãç¡å¹ã«ããŸãã
ææ³
[no] snmp-server enable traps {authentication | link-up-down}
⢠authentication â èªèšŒæã«äžæ£ãªãã¹ã¯ãŒããéä¿¡ãããå Žåã«ãã©ãããçºè¡ãããŸã
⢠link-up-down â Link-upå㯠Link-downæã«ãã©ãããçºè¡ãããŸã
åæèšå®
authenticationåã³ link-up-downãã©ãããéç¥
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠snmp-server enable traps"ã³ãã³ãã䜿çšããªãå Žåãäžåã®ã¡ãã»ãŒãžã¯éä¿¡ãããŸãããSNMPã¡ãã»ãŒãžãéä¿¡ããããã«ã¯æäœ 1ã€ã® "snmp-server enable traps"ã³ãã³ããå ¥åããå¿ èŠããããŸããããŒã¯ãŒããå ¥åããã«ã³ãã³ããå ¥åããå Žåã«ã¯ãã¹ãŠã®ã¡ãã»ãŒãžãæå¹ãšãªããŸããããŒã¯ãŒããå ¥åããå Žåã«ã¯ãããŒã¯ãŒãã«é¢é£ããã¡ãã»ãŒãžã®ã¿ãæå¹ãšãªããŸãã
⢠"snmp-server host"ã³ãã³ã㯠"snmp-server enable traps"ã³ãã³ããšãšãã«äœ¿çšãããŸãã"snmp-server host"ã³ãã³ãã§ã¯ SNMPã¡ãã»ãŒãžãåãåããã¹ããæå®ããŸãããã¹ãã SNMPã¡ãã»ãŒãžãåä¿¡ããããã«ã¯æäœ 1ã€ä»¥äžã® "snmp-server host"ã³ãã³ããæå®ãããã¹ããæå¹ã«ãªã£ãŠããå¿ èŠããããŸãã
äŸ
é¢é£ããã³ãã³ã
snmp-server host (P318)
Console(config)#snmp-server enable traps link-up-downConsole(config)#
320FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹SNMP
snmp-server engine-id
ãšã³ãžã³ IDã®èšå®ãè¡ããŸãã
ãšã³ãžã³ IDã¯ããã€ã¹å ã®ãšãŒãžã§ã³ããåºæã«èå¥ããããã®ãã®ã§ãã
"no"ãåã«çœ®ãããšã§ãšã³ãžã³ IDãåæèšå®å€ã«æ»ããŸãã
ææ³
[no] snmp-server engine-id { local | remote IP Address } engine-id
⢠local â ã¹ã€ããäžã® SNMPãšã³ãžã³ãæå®
⢠remote â ãªã¢ãŒãããã€ã¹äžã® SNMPãšã³ãžã³ãæå®
⢠IP Address â ãªã¢ãŒãããã€ã¹ã® IPã¢ãã¬ã¹
⢠engine-id â ãšã³ãžã³ ID
åæèšå®
ã¹ã€ããã® MACã¢ãã¬ã¹ãåºã«èªåçã«çæãããŸã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠SNMPãšã³ãžã³ã¯ã¡ãã»ãŒãžåéãé 延ããã³ãã€ã¬ã¯ã·ã§ã³ãé²æ¢ããŸãããšã³ãžã³ IDã¯ãŠãŒã¶ãã¹ã¯ãŒããšçµã¿åãããŠãSNMPv3ãã±ããã®èªèšŒãšæå·åãè¡ãããã®ã»ãã¥ãªãã£ããŒãçæããŸãã
⢠ãªã¢ãŒããšã³ãžã³ ID㯠SNMPv3 ã€ã³ãã©ãŒã ã䜿çšããéã«å¿ èŠã§ããïŒè©³ããã¯P318 ãsnmp-server hostããåç §ããŠãã ããïŒãªã¢ãŒããšã³ãžã³ IDã¯ããªã¢ãŒããã¹ãã§ãŠãŒã¶ã«éãããèªèšŒãšæå·åãã±ããã®ã»ãã¥ãªãã£ãã€ãžã§ã¹ããèšç®ããããã«äœ¿çšãããŸããSNMPãã¹ã¯ãŒãã¯ä¿¡é Œã§ãããšãŒãžã§ã³ãã®ãšã³ãžã³ IDã䜿çšããŠããŒã«ã©ã€ãºãããŸããã€ã³ãã©ãŒã ã®ä¿¡é Œã§ãããšãŒãžã§ã³ãã¯ãªã¢ãŒããšãŒãžã§ã³ãã§ãããããã£ãŠãããã·ãªã¯ãšã¹ããŸãã¯ã€ã³ãã©ãŒã ãéä¿¡ããåã«ããªã¢ãŒããšãŒãžã§ã³ãã® SNMPãšã³ãžã³ IDãå€æŽãè¡ãå¿ èŠããããŸãã
⢠ããŒã«ã«ãšã³ãžã³ IDã¯ã¹ã€ããã«ããããŠåºæã«ãªãããã«èªåçã«çæãããŸãããããããã©ã«ããšã³ãžã³ IDãšãã³ãŸããããŒã«ã«ãšã³ãžã³ IDãåé€ãŸãã¯å€æŽãããå Žåãå šãŠã® SNMPãŠãŒã¶ãŒã¯ã¯ãªã¢ãããŸãããã®ããæ¢åã®ãŠãŒã¶ãŒã®åæ§æãè¡ãå¿ èŠããããŸãã
äŸ
Console(config)#snmp-server engineID local 12345Console(config)#snmp-server engineID remote 54321 192.168.1.19Console(config)#
321 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹SNMP
show snmp engine-id
èšå®äžã® SNMPãšã³ãžã³ IDã衚瀺ããŸã
ææ³
show snmp engine-id
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
äŸ
é¢é£ããã³ãã³ã
snmp-server engine-ID (P321)
Field Description
Local SNMP engineID
ããŒã«ã«ãšã³ãžã³ IDã衚瀺
Local SNMPengineBoots
ååãšã³ãžã³ IDã®èšå®ãè¡ãããŠããããšã³ãžã³ã®ïŒåïŒåæåãè¡ãããåæ°ã衚瀺
Remote SNMPengineID
ãªã¢ãŒãããã€ã¹ã®ãšã³ãžã³ IDã衚瀺
IP address ãªã¢ãŒããšã³ãžã³ã® IPã¢ãã¬ã¹ã衚瀺
Console#show snmp engine-idLocal SNMP engineID: 8000002a8000000000e8666672Local SNMP engineBoots: 1
Remote SNMP engineID ããããããããããããããããã IP address 80000000030004e2b316c54321 ãããããããããããã 192.168.1.19Console#
322FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹SNMP
snmp-server view
ãã®ã³ãã³ãã§ã¯ããã¥ãŒã®è¿œå ãè¡ããŸãã"no"ãåã«çœ®ãããšã§ãã¥ãŒãåé€ããŸãã
ææ³
[no] snmp-server view view-name oid-tree {included | excluded}
⢠view-name â ãã¥ãŒã®ååïŒ1-64æåïŒ
⢠oid-tree â åç §å¯èœã«ãã MIBããªãŒã® OIDãã¹ããªã³ã°ã®ç¹å®ã®éšåã«ãã¯ã€ã«ãã«ãŒãã䜿çšããŠãã¹ã¯ããããããšãã§ããŸã
⢠included â oid-treeã§æå®ãã OIDãåç §å¯èœãªç¯å²ã«å«ã
⢠excluded â oid-treeã§æå®ãã OIDãåç §å¯èœãªç¯å²ã«å«ãŸãªã
åæèšå®
ããã©ã«ããã¥ãŒ
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠äœæããããã¥ãŒã¯ãMIBããªãŒã®æå®ãããç¯å²ãžã®ãŠãŒã¶ã¢ã¯ã»ã¹ãå¶éããããã«äœ¿çšãããŸãã
⢠ããã©ã«ããã¥ãŒã¯å šäœã® MIBããªãŒãžã®ã¢ã¯ã»ã¹ãå«ã¿ãŸãã
äŸ
MIB-2ãå«ã Viewãèšå®
MIB-2ã€ã³ã¿ãã§ãŒã¹ããŒãã«ãifDescrãå«ã Viewãèšå®ãã¯ã€ã«ãã«ãŒãã¯ããã®ããŒ
ãã«å ã®ãã¹ãŠã®ã€ã³ããã¯ã¹å€ãéžæããã®ã«äœ¿çšãããŸãã
MIB-2ã€ã³ã¿ãã§ãŒã¹ããŒãã«ãå«ã Viewãèšå®ããã¹ã¯ã¯ãã¹ãŠã®ã€ã³ããã¯ã¹ãšã³ã
ãªãŒãéžæããŸãã
Console(config)#snmp-server view mib-2 1.3.6.1.2.1 included Console(config)#
Console(config)#snmp-server view ifEntry.2 1.3.6.1.2.1.2.2.1.*.2
ãincludedConsole(config)#
Console(config)#snmp-server view ifEntry.a 1.3.6.1.2.1.2.2.1.1.*
ãincludedConsole(config)#
323 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹SNMP
show snmp view
ãã¥ãŒã衚瀺ããŸãã
ææ³
show snmp view
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
äŸ
Field Description
View Name ãã¥ãŒåSubtree OID åç §å¯èœãª MIBããªãŒã® OID
View Type OIDã§è¡šç€ºããã MIBããŒãããã¥ãŒã«å«ãŸããŠããïŒincludedïŒãå«ãŸããŠããªããïŒexcludedïŒ
Storage Type ãã®ãšã³ããªãŒã®ã¹ãã¬ãŒãžã¿ã€ãRow Status ãã¥ãŒã®ç¶æ
Console#show snmp viewView Name: mib-2Subtree OID: 1.2.2.3.6.2.1View Type: includedStorage Type: nonvolatileRow Status: activeView Name: defaultviewSubtree OID: 1View Type: includedStorage Type: nonvolatileRow Status: activeConsole#
324FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹SNMP
snmp-server group
SNMPã°ã«ãŒãè¿œå ãšãSNMPãŠãŒã¶ãŒã®ãã¥ãŒãžã®ãããã³ã°ãè¡ããŸãã"no"ãåã«çœ®ãããšã§ã°ã«ãŒããåé€ããŸãã
ææ³
[no] snmp-server group groupname [v1 | v2c | v3 { auth | noauth |priv } ] read readview
write writeview notify notify view
⢠groupname â SNMPã°ã«ãŒãå
⢠v1 | v2c | v3 â 䜿çšãã SNMPããŒãžã§ã³ãéžæããŸã
ïŒ auth | noauth |privïŒ v3䜿çšæã«èšå®ããŸãããããã®èªèšŒ \æå·åãªãã·ã§ã³ã®è©³çŽ°ã«ã€ããŠã¯ P28 ãSNMPããåç §ããŠãã ããã
⢠readview â Readã¢ã¯ã»ã¹ã®ãã¥ãŒãèšå®ããŸãïŒ1-64æåïŒ
⢠writeview â writeã¢ã¯ã»ã¹ã®ãã¥ãŒãèšå®ããŸãïŒ1-64æåïŒ
⢠notify view â éç¥ãã¥ãŒãèšå®ããŸãïŒ1-64æåïŒ
åæèšå®
Default groups: public5 (read only), private6 (read/write)
readview - å šãŠã®ãªããžã§ã¯ã㯠Internet OID space (1.3.6.1)ã«å±ããŸã
writeview - ãªã
notifyview - ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠SNMPã°ã«ãŒãã¯ãæå±ãããŠãŒã¶ãŒã®ã¢ã¯ã»ã¹ããªã·ãŒãå®çŸ©ããŸãã
⢠authenticationãæå¹æã¯ããsnmp-server userãã§ãMD5ãŸã㯠SHAã©ã¡ããã®èªèšŒæ¹åŒãéžæããŠãã ããã
⢠privacyãæå¹æã¯ãDES56bitæå·åæ¹åŒã䜿çšãããŸãã
⢠æ¬æ©ããµããŒãããéç¥ã¡ãã»ãŒãžã®è©³ããæ å ±ã«ã€ããŠã¯ P35 ãSNMPv3ã°ã«ãŒãã®èšå®ããåç §ããŠãã ããããŸããauthentication, link-up ããã³ link-downã®ã¬ã¬ã·ãŒãã©ããã«ã€ããŠã¯ P320 ãsnmp-server enable trapsããåç §ããŠãã ããã
äŸ
Console(config)#snmp-server group r&d v3 auth write dailyConsole(config)#
325 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹SNMP
show snmp group
æ¬æ©ã¯ 4ã€ã®ããã©ã«ãã°ã«ãŒããæäŸããŸãã
⢠SNMPv1 read-only access
⢠read/write access
⢠SNMPv2c read-only access
⢠read/write access
ææ³
show snmp group
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
Field Description
groupname ã°ã«ãŒãåsecurity model ã»ãã¥ãªãã£ã¢ãã«readview read ãã¥ãŒ
writeview writeãã¥ãŒ
notifyview éç¥ãã¥ãŒstorage-type ãã®ãšã³ããªãŒã®ã¹ãã¬ãŒãžã¿ã€ãRow Status ãã¥ãŒã®ç¶æ
326FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹SNMP
äŸ
Console#show snmp groupGroup Name: publicSecurity Model: v1Read View: defaultviewWrite View: noneNotify View: noneStorage Type: volatileRow Status: active
Group Name: publicSecurity Model: v2cRead View: defaultviewWrite View: noneNotify View: noneStorage Type: volatileRow Status: active
Group Name: privateSecurity Model: v1Read View: defaultviewWrite View: defaultviewNotify View: noneStorage Type: volatileRow Status: active
Group Name: privateSecurity Model: v2cRead View: defaultviewWrite View: defaultviewNotify View: noneStorage Type: volatileRow Status: active
Console#
327 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹SNMP
snmp-server user
SNMPãŠãŒã¶ãŒãã°ã«ãŒããžè¿œå ããŸãã"no"ãåã«çœ®ãããšã§ãŠãŒã¶ãŒãã°ã«ãŒãããé€ããŸãã
ææ³
snmp-server user username groupname [remote ip-address] { v1 | v2c | v3 }
[auth { md5 | sha } auth-password [priv des56 priv-password] ]
no snmp-server user username { v1 | v2c | v3 | remote }
⢠username â ãŠãŒã¶ãŒåïŒ1-32æåïŒ
⢠groupname â ã°ã«ãŒãåïŒ1-32æåïŒ
⢠remote â ãªã¢ãŒãããã€ã¹äžã® SNMPãšã³ãžã³ãéžæããŸã
⢠ip-address â ãªã¢ãŒãããã€ã¹ã® IPã¢ãã¬ã¹
⢠v1 | v2c | v3 â SNMPããŒãžã§ã³ã®éžæããŸã
⢠auth â èªèšŒã䜿çšããŸã
⢠md5 | sha â MD5ãŸã㯠SHAèªèšŒãéžæããŸã
⢠auth-password â èªèšŒçšãã¹ã¯ãŒã
⢠priv des56 â DES56bitããŒã¿æå·åæ¹åŒã䜿çšããŸã
⢠priv-password â æå·åçšãã¹ã¯ãŒããæå·åãªãã·ã§ã³ã䜿çšãããŠããªãå Žåã¯ãã¬ãŒã³ããã¹ããå ¥åããŠãã ãããæå·åãªãã·ã§ã³ã䜿çšãããŠããå Žåã¯æå·åãã¹ã¯ãŒããå ¥åããŠãã ããã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠ãªã¢ãŒããŠãŒã¶ãŒã®èšå®ãè¡ãåã«ããsnmp-server engine-idãã³ãã³ãã§ããªã¢ãŒããšã³ãžã³ IDã®èšå®ãè¡ã£ãŠãã ããããã®åŸã«ãsnmp-server userãã䜿çšããŠãŒã¶ãŒãšããŠãŒã¶ãŒãæå±ãããªã¢ãŒãããã€ã¹ã® IPã¢ãã¬ã¹ãèšå®ããŠãã ããããªã¢ãŒããšãŒãžã§ã³ãã®ãšã³ãžã³ IDã¯ãŠãŒã¶ãŒã®ãã¹ã¯ãŒãããèªèšŒ /ãã©ã€ãã·ãŒã®ãã€ãžã§ã¹ããèšç®ããã®ã«äœ¿çšãããŸãã
⢠SNMPãã¹ã¯ãŒãã¯ãä¿¡é Œã§ãããšãŒãžã§ã³ãã®ãšã³ãžã³ IDã䜿çšããŠããŒã«ã©ã€ãºãããŸãããã©ããéç¥ã®ä¿¡é Œã§ãã SNMPãšãŒãžã§ã³ãã¯ãªã¢ãŒããšãŒãžã§ã³ãã§ãããã®ããããããã·ãªã¯ãšã¹ããŸãã¯ãã©ããéç¥ãéä¿¡ããåã«ãªã¢ãŒããšãŒãžã§ã³ãã® SNMPãšã³ãžã³ IDãèšå®ããå¿ èŠããããŸããïŒè©³ãã㯠P29 ããã©ãããããŒãžã£ã»ãã©ããã¿ã€ãã®æå®ãããã³ P31 ãSNMPv3ãããŒãžã¡ã³ãã¢ã¯ã»ã¹ã®èšå®ããåç §ããŠãã ããïŒ
äŸ
Console(config)#snmp-server user steve group r&d v3 auth md5 greenpeace priv des56 einstienConsole(config)#snmp-server user mark group r&d remote 192.168.1.19 v3 auth md5 greenpeace priv des56 einstienConsole(config)#
328FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹SNMP
show snmp user
SNMPãŠãŒã¶ãŒæ å ±ã衚瀺ããŸãã
ææ³
show snmp user
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
äŸ
Field Description
EngineId ãšã³ãžã³ ID
User Name ãŠãŒã¶ãŒåAuthentication Protocol èªèšŒãããã³ã«Privacy Protocol æå·åæ¹åŒstorage-type ãã®ãšã³ããªãŒã®ã¹ãã¬ãŒãžã¿ã€ãRow Status ãã¥ãŒã®ç¶æ SNMP remote user ãªã¢ãŒãããã€ã¹äžã® SNMPãšã³ãžã³ã«æå±ãããŠãŒã¶ãŒ
Console#show snmp userEngineId: 01000000000000000000000000User Name: steveAuthentication Protocol: md5Privacy Protocol: des56Storage Type: nonvolatileRow Status: activeSNMP remote userEngineId: 80000000030004e2b316c54321User Name: markAuthentication Protocol: mdtPrivacy Protocol: des56Storage Type: nonvolatileRow Status: activeConsole#
329 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹DHCP
3.11 DHCP
3.11.1 DHCP Client
DHCP (Dynamic Host Configuration Protocol)ã¯ã©ã€ã¢ã³ãã®èšå®ãè¡ãªããŸããä»»æã® VLANã€ã³ã¿ãã§ãŒã¹ã«å¯Ÿã㊠DHCPã䜿çšããIPã¢ãã¬ã¹ãèªåçã«èšå®ããããšãå¯èœã§ãã
ip dhcp client-identifier
ã€ã³ã¿ãã§ãŒã¹ã«å¯Ÿã㊠DHCPã¯ã©ã€ã¢ã³ã IDã®æå®ãããŸãã"no"ãåã«çœ®ãããšã§IDãåé€ããŸãã
ææ³
ip dhcp client-identifier {text text | hex hex}
no ip dhcp client-identifier
⢠text â ããã¹ãïŒç¯å²ïŒ1-15 æåïŒ
⢠hex â 16 é²æ°å€
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Interface Configuration (VLAN)
ã³ãã³ã解説
DHCPãµãŒããšæ¥ç¶ããéã®ã¯ã©ã€ã¢ã³ã IDãšããŠäœ¿çšãããŸããIDã¿ã€ã㯠DHCPãµãŒãã®èŠæ±ã«äŸåããŸãã
äŸ
é¢é£ããã³ãã³ã
ip dhcp restart client (P331)
ã³ãã³ãã°ã«ãŒã
æ©èœ ããŒãž
DHCP Client DHCPã¯ã©ã€ã¢ã³ãã®èšå® P330
DHCP Relay DHCPãªã¬ãŒã®èšå® P332
DHCPãµãŒã DHCPãµãŒãã®èšå® P334
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
ip dhcp client-identifier æ¬æ©ã® DHCPã¯ã©ã€ã¢ã³ã IDã®æå® IC P330
ip dhcp restart client BOOTPå㯠DCHPã¯ã©ã€ã¢ã³ããªã¯ãšã¹ãã®éä¿¡
PE P331
Console(config)#interface vlan 2Console(config-if)#ip dhcp client-identifier hex 00-00-e8-66-65-72Console(config-if)#
330FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹DHCP
ip dhcp restart client
BOOTPå㯠DHCPãªã¯ãšã¹ããéä¿¡ããããã®ã³ãã³ãã§ãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Interface Configuration (VLAN)
ã³ãã³ã解説
⢠ip address ã³ãã³ã㧠BOOTPå㯠DHCP ã¢ãŒããéžæããå Žåã«ãIP ã€ã³ã¿ãã§ãŒã¹ã«å¯Ÿã㊠BOOTP å㯠DHCP ã¯ã©ã€ã¢ã³ããªã¯ãšã¹ããçºè¡ããŸãã
⢠DHCP ã¯ãµãŒãã«å¯Ÿã䜿çšå¯èœã§ããã°æåŸã«ååŸããã¢ãã¬ã¹ã®äœ¿çšãèŠæ±ããŸãã
⢠BOOTPå㯠DHCPãµãŒããä»ã®ãã¡ã€ã³ã«ç§»åããŠããå Žåãæå®ãããã¢ãã¬ã¹ã¯æ°ãããã¡ã€ã³ã«åºã¥ããã¢ãã¬ã¹ãšãªããŸãã
äŸ
æ¬äŸã§ã¯ãæ¬æ©ãå床åãã¢ãã¬ã¹ãååŸããŠããŸãã
é¢é£ããã³ãã³ã
ip address(P467)
Console(config)#interface vlan 1Console(config-if)#ip address dhcpConsole(config-if)#exitConsole#ip dhcp restart clientConsole#show ip interface
ãIP address and netmask: 192.168.1.54 255.255.255.0 on VLAN 1,
ãand address mode: Dhcp.Console#
331 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹DHCP
3.11.2 DHCP Relay
ip dhcp restart relay
æå®ãã VLAN㧠DHCPãªã¬ãŒãæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§ç¡å¹ã«ããŸãã
ææ³
ip dhcp relay
no ip dhcp relay
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Interface Configuration (VLAN)
äŸ
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
ip dhcp restart relay DHCPãªã¬ãŒãšãŒãžã§ã³ããæå¹å IC P330
ip dhcp relay server DHCPãµãŒãã¢ãã¬ã¹ãæå® IC P331
Console(config)#interface vlan 1Console(config-if)#ip dhcp relayConsole(config-if)#endConsole#show ip interface
Vlan 1 is up, addressing mode is Dhcp
ãInterface address is 10.1.0.254, mask is 255.255.255.0, Primary
ãMTU is 1500 bytes
ãProxy ARP is disabled
ãSplit horizon is enabledConsole#
332FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹DHCP
ip dhcp relay server
ã¹ã€ããã®ãªã¬ãŒãšãŒãžã§ã³ãã«äœ¿çšããããDHCPãµãŒãã®ã¢ãã¬ã¹ãæå®ããŸãã"no"ãåã«çœ®ãããšã§å šãŠã®ã¢ãã¬ã¹ãæ¶å»ããŸãã
ææ³
ip dhcp relay server address1 [address2 [address3 ...]]
no ip dhcp relay server
⢠address â DHCPãµãŒãã® IP ã¢ãã¬ã¹ïŒ1-3ã¢ãã¬ã¹ïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Interface Configuration (VLAN)
äŸ
Console(config)#interface vlan 1Console(config-if)#ip dhcp relay server 10.1.0.99Console(config-if)#
333 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹DHCP
3.11.3 DHCP Server
*ãããã®ã³ãã³ãã¯ãããã¥ã¢ã«ã§ã¯ã©ã€ã¢ã³ãã«ã¢ãã¬ã¹ããã€ã³ãããéã«äœ¿çšããŸããservice dhcp
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
service dhcp ã¹ã€ãã㧠DHCPãµãŒãæ©èœãæå¹å GC P335
ip dhcpexcluded-address
DHCPãµãŒããé€å€ãã DHCPã¯ã©ã€ã¢ã³ãã® IPã¢ãã¬ã¹ãæå®
GC P335
ip dhcp pool DHCPãµãŒããŒã® DHCPã¢ãã¬ã¹ããŒã«ãèšå®
GC P336
netowork DHCPã¢ãã¬ã¹ããŒã«ã®ãµããããçªå·ããã³ãã¹ã¯ãèšå®
DC P336
default-router DHCPã¯ã©ã€ã¢ã³ãã®ããã©ã«ãã«ãŒã¿ãªã¹ããæå®
DC P337
domain-name DHCPã¯ã©ã€ã¢ã³ãã®ãã¡ã€ã³ããŒã ãæå®
DC P337
dns-server DHCPã¯ã©ã€ã¢ã³ãã§äœ¿çšå¯èœãª DNSãµãŒããæå®
DC P338
next-server DHCPã¯ã©ã€ã¢ã³ãã®ããŒãšããã»ã¹ã§ã次ã®ãµãŒããèšå®
DC P338
bootfile DHCPã¯ã©ã€ã¢ã³ãã®ããã©ã«ãããŒãã€ã¡ãŒãžãæå®
DC P339
netbios-name-server DHCPã¯ã©ã€ã¢ã³ãã§äœ¿çšå¯èœãª NetBiosããŒã ãµãŒããæå®
DC P340
netbios-node-type DHCPã¯ã©ã€ã¢ã³ãã® NetBIosããŒãã¿ã€ããèšå®
DC P341
lease DHCPã¯ã©ã€ã¢ã³ãã«ã¢ãµã€ã³ããã IPã¢ãã¬ã¹ã®ç¶ç¶æéãèšå®ããŸãã
DC P342
host*IPã¢ãã¬ã¹ããã³ãããã¯ãŒã¯ãã¹ã¯ããããã¥ã¢ã«ã§ DHCPã¯ã©ã€ã¢ã³ãã«ãã€ã³ã
DC P343
client-identifier* DHCPã¯ã©ã€ã¢ã³ãã®ã¯ã©ã€ã¢ã³ãèå¥åãæå®
DC P344
hardware-address* DHCPã¯ã©ã€ã¢ã³ãã®ããŒããŠã§ã¢ã¢ãã¬ã¹ãæå®
DC P345
clear ip dhcp binding DHCPãµãŒãããŒã¿ããŒã¹ããèªåã¢ãã¬ã¹ãåé€
PE P346
show ip dhcpbinding
DHCPãµãŒããŒã®ã¢ãã¬ã¹ãã€ã³ãã£ã³ã°ã衚瀺
PE,NE
P346
334FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹DHCP
service dhcp
ã¹ã€ãã㧠DHCPãµãŒããæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§ DHCPãµãŒããç¡å¹ã«ããŸãã
ææ³
service dhcp
no service dhcp
⢠address â DHCPãµãŒãã® IP ã¢ãã¬ã¹ïŒ1-3ã¢ãã¬ã¹ïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
ip dhcp excluded-address
DHCPãµãŒããé€å€ãã DHCPã¯ã©ã€ã¢ã³ããæå®ããŸãã"no"ãåã«çœ®ãããšã§æå®ããã¢ãã¬ã¹ãåé€ããŸãã
ææ³
ip dhcp excluded-address low-address [high-address]
no ip dhcp excluded-address
⢠low-address â é€å€ãã IPã¢ãã¬ã¹ãŸãã¯ãé€å€ãããã¢ãã¬ã¹ç¯å²ã®æåã®ã¢ãã¬ã¹ã
⢠low-address â é€å€ãããã¢ãã¬ã¹ç¯å²ã®æåŸã®ã¢ãã¬ã¹ã
åæèšå®
å šãŠã® IPããŒã«ã¢ãã¬ã¹ã¯ã¢ãµã€ã³å¯èœ
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
Console(config)#service dhcpConsole(config)#
Console(config)#ip dhcp excluded-address 10.1.0.19Console(config)#
335 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹DHCP
ip dhcp pool
DHCPã¢ãã¬ã¹ããŒã«ã®èšå®ãè¡ããšãšãã«ãDHCPããŒã«èšå®ã¢ãŒããžç§»è¡ããŸãã"no"ãåã«çœ®ãããšã§ã¢ãã¬ã¹ããŒã«ãåé€ããŸãã
ææ³
ip dhcp pool name
no ip dhcp pool
⢠name â ããŒã«åïŒç¯å²ïŒ1-8æåïŒ
åæèšå®
DHCPã¢ãã¬ã¹ããŒã«ã¯èšå®ãããŠããŸãã
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
é¢é£ããã³ãã³ã
network (P336)
host (P343)
netowork
DHCPã¢ãã¬ã¹ããŒã«ã«ããµããããçªå·ããã³ãã¹ã¯ãèšå®ããŸãã"no"ãåã«çœ®ãããšã§èšå®ããå€ãåé€ããŸãã
ææ³
netowork network-number [ mask ]
no network
⢠network-number â DHCPãµã¢ãã¬ã¹ããŒã«ã® IPã¢ãã¬ã¹
⢠mask â DHCPã¢ãã¬ã¹ããŒã«ã®ãµããããçªå·ããã¹ã¯
ã³ãã³ãã¢ãŒã
DHCP Pool Configuration
äŸ
Console(config)#ip dhcp pool R&DConsole(config-dhcp)#
Console(config-dhcp)#network 10.1.0.0 255.255.255.0Console(config-dhcp)#
336FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹DHCP
default-router
DHCPããŒã«ã®ããã©ã«ãã«ãŒã¿ãæå®ããŸãã"no"ãåã«çœ®ãããšã§èšå®ãããå€ãåé€ããŸãã
ææ³
default-router address1 [address2]
no default-router
⢠address1 â ãã©ã€ããªã«ãŒã¿ã® IP ã¢ãã¬ã¹
⢠address2 â 代æ¿ã«ãŒã¿ã® IP ã¢ãã¬ã¹
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
DHCP Pool Configuration
äŸ
domain-name
DHCPã¯ã©ã€ã¢ã³ãã®ãã¡ã€ã³åãæå®ããŸãã"no"ãåã«çœ®ãããšã§èšå®ãããã¡ã€ã³åãåé€ããŸãã
ææ³
domain-name domain
no domain-name
⢠domain â ã¯ã©ã€ã¢ã³ãã®ãã¡ã€ã³åãæå®ããŸããïŒç¯å²ïŒ1-32æåïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
DHCP Pool Configuration
äŸ
Console(config-dhcp)#default-router 10.1.0.54 10.1.0.64Console(config-dhcp)#
Console(config-dhcp)#domain-name sample.comConsole(config-dhcp)#
337 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹DHCP
dns-server
DHCPã¯ã©ã€ã¢ã³ãã§å©çšå¯èœãªãDNSãµãŒããæå®ããŸãã"no"ãåã«çœ®ãããšã§ãµãŒããŒããªã¹ãããåé€ããŸãã
ææ³
dns server address1 [ address2 ]
no dns server
⢠address1 â ãã©ã€ã㪠DNSãµãŒãã®ã¢ãã¬ã¹ãæå®
⢠address2 â ä»£æ¿ DNSãµãŒãã®ã¢ãã¬ã¹ãæå®
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
DHCP Pool Configuration
äŸ
next-server
DHCPã¯ã©ã€ã¢ã³ãã®ããŒãããã»ã¹ã®ã次ã®ãµãŒããèšå®ããŸãã"no"ãåã«çœ®ãããšã§ããŒããµãŒããŒãªã¹ãããåé€ããŸãã
ææ³
next-server address
no next-server address
⢠address â IPã¢ãã¬ã¹ãæå®ããŸãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
DHCP Pool Configuration
äŸ
é¢é£ããã³ãã³ã
bootfile (P339)
Console(config-dhcp)#dns-server 10.1.1.253 192.168.3.19Console(config-dhcp)#
Console(config-dhcp)#next-server 10.1.0.21Console(config-dhcp)#
338FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹DHCP
bootfile
DHCPã¯ã©ã€ã¢ã³ãã®ããã©ã«ãããŒãã€ã¡ãŒãžã®ååãæå®ããŸãããã®ãã¡ã€ã«ã¯next-serverã³ãã³ãã§æå®ããã TFTPãµãŒãã«çœ®ãããŸãã"no"ãåã«çœ®ãããšã§ããŒãã€ã¡ãŒãžãã¡ã€ã«åãåé€ããŸãã
ææ³
bootfile filename
no bootfile
⢠filename â ããã©ã«ãããŒãã€ã¡ãŒãžãã¡ã€ã«å
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
DHCP Pool Configuration
äŸ
é¢é£ããã³ãã³ã
next-server (P338)
Console(config-dhcp)#bootfile wme.batConsole(config-dhcp)#
339 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹DHCP
netbios-name-server
DHCPã¯ã©ã€ã¢ã³ãã§å©çšå¯èœãªãNetBIOS WINSããŒã ãµãŒããèšå®ããŸãã"no"ãåã«çœ®ãããšã§ãµãŒããªã¹ããã NetBIOSåãåé€ããŸãã
ææ³
netbios-name-server address1 [address2]
no netbios-name-server
⢠address1 â ãã©ã€ã㪠NetBIOS WINSããŒã ãµãŒãåãæå®
⢠address2 â ä»£æ¿ NetBIOS WINSããŒã ãµãŒãåãæå®
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
DHCP Pool Configuration
äŸ
é¢é£ããã³ãã³ã
netbios-node-type (P341)
Console(config-dhcp)#netbios-name-server 10.1.0.33 10.1.0.34Console(config-dhcp)#
340FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹DHCP
netbios-node-type
DHCPã¯ã©ã€ã¢ã³ãã®ãNetBIOSããŒãã¿ã€ããæå®ããŸãã"no"ãåã«çœ®ãããšã§èšå®ãã NetBIOSããŒãã¿ã€ããåé€ããŸãã
ææ³
netbios-node-type type
no netbios-node-type
⢠type â NetBIOSããŒãã¿ã€ããæå®
broadcast
hybridïŒæšå¥šïŒ
mixed
peer-to-peer
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
DHCP Pool Configuration
äŸ
é¢é£ããã³ãã³ã
netbios-name-server (P340)
Console(config-dhcp)#netbios-node-type hybridConsole(config-dhcp)#
341 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹DHCP
lease
DHCPã¯ã©ã€ã¢ã³ãã«ã¢ãµã€ã³ããã IPã¢ãã¬ã¹ã®ç¶ç¶æéãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæå€ã«ãã©ããŸãã
ææ³
lease {days [hours][minutes] | infinite}
no lease
⢠days â æ¥æ°ãæå®ïŒç¯å²ïŒ0-364ïŒ
⢠hours â æéãæå®ïŒç¯å²ïŒ0-23ïŒ
⢠minutes â åãæå®ïŒç¯å²ïŒ0-59ïŒ
⢠infinite â æéç¡ãããã®ãªãã·ã§ã³ã¯éåžž hostã³ãã³ãã«ãã£ãŠãBOOTPã¯ã©ã€ã¢ã³ããžæåã§ã¢ãã¬ã¹ãããŠã³ãããéã«äœ¿çšããŸãã
åæèšå®
1æ¥
ã³ãã³ãã¢ãŒã
DHCP Pool Configuration
äŸ
Console(config-dhcp)#lease 7Console(config-dhcp)#
342FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹DHCP
host
DHCPã¯ã©ã€ã¢ã³ããžæåã§ãã€ã³ãããéã«ãIPã¢ãã¬ã¹ããã³ãããã¯ãŒã¯ãã¹ã¯ãæå®ããŸãã"no"ãåã«çœ®ãããšã§èšå®ãã IPã¢ãã¬ã¹ãåé€ããŸãã
ææ³
host address [mask]
no host
⢠address â ã¯ã©ã€ã¢ã³ãã® IPã¢ãã¬ã¹ãæå®ããŸãã
⢠mask â ã¯ã©ã€ã¢ã³ãã®ãããã¯ãŒã¯ãã¹ã¯ãæå®ããŸãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
DHCP Pool Configuration
äŸ
é¢é£ããã³ãã³ã
client-identifier (P344)
hardware-address (P345)
Console(config-dhcp)#host 10.1.0.21 255.255.255.0Console(config-dhcp)#
343 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹DHCP
client-identifier
DHCPã¯ã©ã€ã¢ã³ãã®èå¥åãæå®ããŸãã"no"ãåã«çœ®ãããšã§èšå®ããã¯ã©ã€ã¢ã³ãèå¥åãåé€ããŸãã
ææ³
client-identifier {text text | hex hex}
no client-identifier
⢠text â ã¯ã©ã€ã¢ã³ãèå¥åãæå®ããŸããïŒç¯å²ïŒ1-15æåïŒ
⢠text â 16é²æ°ã®å€
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
DHCP Pool Configuration
äŸ
é¢é£ããã³ãã³ã
host (P343)
Console(config-dhcp)#client-identifier text steveConsole(config-dhcp)#
344FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹DHCP
hardware-address
DHCPã¯ã©ã€ã¢ã³ãã®ããŒããŠã§ã¢ã¢ãã¬ã¹ãæå®ããŸãã"no"ãåã«çœ®ãããšã§èšå®ããããŒããŠã§ã¢ã¢ãã¬ã¹ãåé€ããŸãã
ææ³
hardware-address hardware-address type
no hardware-address
⢠hardware-address â ã¯ã©ã€ã¢ã³ãããã€ã¹ã® MACã¢ãã¬ã¹ãæå®
⢠type â ã¯ã©ã€ã¢ã³ãããã€ã¹ã§äœ¿çšããããããã³ã«
ethernet
ieee802
fddi
åæèšå®
ã¿ã€ããæªæå®ã®å Žåãããã©ã«ããããã³ã«ã¯ Ethernetã«ãªããŸãã
ã³ãã³ãã¢ãŒã
DHCP Pool Configuration
äŸ
é¢é£ããã³ãã³ã
host (P343)
Console(config-dhcp)#hardware-address 00-e0-29-94-34-28 ethernetConsole(config-dhcp)#
345 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹DHCP
clear ip dhcp binding
DHCPãµãŒããŒããŒã¿ããŒã¹ããããã€ã³ããããèªåã¢ãã¬ã¹ãåé€ããŸãã
ææ³
clear ip dhcp binding {address | * }
⢠address â ã¢ãã¬ã¹ãæå®
⢠* â å šãŠã®èªåãã€ã³ãã£ã³ã°ãåé€
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
é¢é£ããã³ãã³ã
show ip dhcp binding (P346)
show ip dhcp binding
DHCPãµãŒãäžã®ãã€ã³ãã£ã³ã°ã¢ãã¬ã¹ã衚瀺ããŸãã
ææ³
show ip dhcp binding [address]
⢠address â IPã¢ãã¬ã¹ãæå®
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Normal Exec, Privileged Exec
äŸ
Console#clear ip dhcp binding *Console#
Console#show ip dhcp binding
ã IP ãããããã MAC ããã LeaseãTime ãã Start
ããããããããããããã (dd/hh/mm/ss)------------- ----------------- ---------------- -----------192.1.3.21 00-00-e8-98-73-21 86400 Dec 25 08:01:57 2002Console#
346FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹DNSïŒDomain Name Server)
3.12 DNSïŒDomain Name Server)
æ¬ã³ãã³ã㯠DNS(Domain Naming System)ãµãŒãã¹ã®èšå®ãè¡ãªããŸãããã¡ã€ã³åãšIPã¢ãã¬ã¹ã®ãããã³ã°ãè¡ãªã DNSããŒãã«ã®æåã§ã®èšå®ãè¡ãªããä»ãããã©ã«ããã¡ã€ã³åã®èšå®åã¯ã¢ãã¬ã¹å€æãè¡ãªãããã®è€æ°ã®ããŒã ãµãŒãã®æå®ãè¡ãªãã
ãšãã§ããŸãã
DNS㯠"ip name-server"ã³ãã³ãã䜿çšãæäœ 1ã€ã®ããŒã ãµãŒããæå®ããªããã°æå¹ã«ããããšã¯ã§ããŸããããŸãããã¡ã€ã³ã«ãã¯ã¢ãã㯠" ip domain-lookup"ã³ãã³ãã«ããæå¹ã«ããŸã
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãžip host éçãã¹ãåïŒã¢ãã¬ã¹ãããã³ã° GC P348
clear host ãã¹ãåïŒã¢ãã¬ã¹ããŒãã«ããã®ãšã³ããªã®åé€
PE P349
ip domain-name äžå®å šãªãã¹ãçšã®ããã©ã«ããã¡ã€ã³åã®èšå®
GC P350
ip domain-list äžå®å šãªãã¹ãçšã®ããã©ã«ããã¡ã€ã³åãªã¹ãã®èšå®
GC P351
ip name-server ãã¹ãåïŒã¢ãã¬ã¹å€æã®ããã® 1ã€åã¯è€æ°ã®ããŒã ãµãŒãã®æå®
GC P352
ipdomain-lookup
DNSã«ãããã¹ãåïŒã¢ãã¬ã¹å€æã®æå¹å
GC P353
show hosts éçãã¹ãåïŒã¢ãã¬ã¹ãããã³ã°ããŒãã«ã®è¡šç€º
PE P354
show dns DNSãµãŒãã¹ã®èšå®ã®è¡šç€º PE P354
show dns cache DNSãã£ãã·ã¥ã®ãšã³ããªã®è¡šç€º PE P355
clear dns cache DNSãã£ãã·ã¥ã®ãšã³ããªã®ã¯ãªã¢ PE P355
347 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹DNSïŒDomain Name Server)
ip host
DNSããŒãã«ã®ãã¹ãåãš IPã¢ãã¬ã¹ã®ãããã³ã°ã®éçèšå®ãè¡
ãªããŸãã"no"ãåã«çœ®ãããšã§ãšã³ããªãåé€ããŸãã
ææ³
ip host name address1 [address2 ⊠address8]
no ip host name address1 [address2 ⊠address8]
⢠name â ãã¹ãåïŒèšå®ç¯å²ïŒ1-64 æåïŒ
⢠address1 â é¢é£ãã IP ã¢ãã¬ã¹
⢠address2 ⊠address8 â é¢é£ãã IP ã¢ãã¬ã¹ïŒè¿œå åïŒ
åæèšå®
éçãšã³ããªãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
ãµãŒããä»ã®ãããã¯ãŒã¯æ©åšã¯è€æ°ã® IPã¢ãã¬ã¹ã«ããè€æ°æ¥ç¶ããµããŒãããŠããŸãã2ã€ä»¥äžã® IPã¢ãã¬ã¹ãéçããŒãã«ãããŒã ãµãŒãããã®å¿çã«ãããã¹ãåãšé¢é£ä»ãããå ŽåãDNSã¯ã©ã€ã¢ã³ãã¯æ¥ç¶ã確ç«ãããŸã§åã¢ãã¬ã¹ã«æ¥ç¶ãè©Šã¿ãŸãã
äŸ
2ã€ã®ã¢ãã¬ã¹ããã¹ãåã«ãããã³ã°ããŠããŸãã
Console(config)#ip host rd5 192.168.1.55 10.1.0.55Console(config)#endConsole#show hosts
Hostname
ãrd5Inet address
ã10.1.0.55 192.168.1.55AliasConsole#
348FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹DNSïŒDomain Name Server)
clear host
DNSããŒãã«ã®ãšã³ããªãåé€ããŸãã
ææ³
clear host {name | *}
⢠name â ãã¹ãåïŒèšå®ç¯å²ïŒ1-64 æåïŒ
⢠* â ãã¹ãŠã®ãšã³ããªãåé€
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
æ¬äŸã§ã¯ãã¹ãŠã® DNSããŒãã«ã®ãšã³ããªãåé€ããŠããŸãã
Console(config)#clear host *Console(config)#
349 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹DNSïŒDomain Name Server)
ip domain-name
äžå®å šãªãã¹ãåã«è¿œå ããããã©ã«ããã¡ã€ã³åãèšå®ããŸãã
"no"ãåã«çœ®ãããšã§ãã¡ã€ã³åãåé€ããŸãã
ææ³
ip domain-name name
no ip domain-name
⢠name â ãã¹ãåããã¡ã€ã³åãšãã¹ãåã®éã®ããã ( . )ã¯å ¥åããªãã§äžããããããïŒèšå®ç¯å²ïŒ1-64 æåïŒ
äŸ
é¢é£ããã³ãã³ã
ip domain-list (4-129)
ip name-server (4-130)
ip domain-lookup (4-131)
Console(config)#ip domain-name sample.comConsole(config)#endConsole#show dnsDomain Lookup Status:
ããDNS disabledDefault Domain Name:
ãã.sample.comDomain Name List:Name Server List:Console#
350FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹DNSïŒDomain Name Server)
ip domain-list
ãã®ã³ãã³ãã¯ãäžå®å šãªãã¹ãåã«è¿œå ãããã¡ã€ã³åã®ãªã¹ããèšå®ããŸãã"no"ãåã«çœ®ãããšã§ãªã¹ããããã¡ã€ã³åãåé€ããŸãã
ææ³
ip domain-list name
no ip domain-list name
⢠name â ãã¹ãåããã¡ã€ã³åãšãã¹ãåã®éã®ããã ( . )ã¯å ¥åããªãã§äžããããããïŒèšå®ç¯å²ïŒ1-64 æåïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠ãã¡ã€ã³åã¯ãªã¹ãã®æåŸã«è¿œå ãããŸãã
⢠æ¬æ©ã® DNS ãµãŒããäžå®å šãªãã¹ãåãåä¿¡ãããã¡ã€ã³åãªã¹ããæå®ãããå Žåãæ¬æ©ã¯è¿œå ãããªã¹ãå ã®åãã¡ã€ã³åããã¹ãåã«å ããäžèŽããç¹å®ã®ããŒã ãµãŒãã確èªããŠããã¡ã€ã³ãªã¹ãã«ããåäœããŸãã
⢠ãã¡ã€ã³ãªã¹ãããªãå Žåãããã©ã«ããã¡ã€ã³åã䜿çšãããŸãããã¡ã€ã³ãªã¹ããããå Žåã«ã¯ãããã©ã«ããã¡ã€ã³åã¯äœ¿çšãããŸããã
[ 泚æ ]ãIP ã¢ãã¬ã¹ã¯ VLAN ã€ã³ã¿ãã§ãŒã¹ 1 ã€ã®ã¿ã«å²ãåœãŠã§ããŸãïŒåæèšå®ã§ã¯VLAN1ã«å²ãåœãŠãããã«ãªã£ãŠããŸãïŒããã§èšå®ããVLANã管ççšã®VLANãšãªãããã® VLAN ãä»ããŠã®ã¿æ¬æ©ãžã®ç®¡çã¢ã¯ã»ã¹ãå¯èœã«ãªããŸããIP ã¢ãã¬ã¹ãä»ã® VLANã«å²ãåœãŠããšãæ°ãã«å²ãåœãŠã IPã¢ãã¬ã¹ãæ¢åã® IPã¢ãã¬ã¹ãäžæžãããæ°ããªç®¡ç VLANãšããŠæ©èœããŸãã
äŸ
æ¬äŸã§ã¯ãçŸåšã®ãªã¹ãã« 2ã€ã®ãã¡ã€ã³åãè¿œå ãããã®åŸãªã¹ãã衚瀺ããŠããŸãã
Console(config)#ip domain-list sample.com.jpConsole(config)#ip domain-list sample.com.ukConsole(config)#endConsole#show dnsDomain Lookup Status:
ããDNS disabledDefault Domain Name:
ãã.sample.comDomain Name List:
ãã.sample.com.jp
ãã.sample.com.ukName Server List:Console#
351 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹DNSïŒDomain Name Server)
ip name-server
ãã¡ã€ã³å解決ã®ããã« 1ã€åã¯è€æ°ã®ãã¡ã€ã³ããŒã ãµãŒãã®ã¢ãã¬ã¹ãæå®ããŸãã"no"ãåã«çœ®ãããšã§ãªã¹ãããããŒã ãµãŒããåé€ããŸãã
ææ³
ip name-server server-address1 [server-address2 ⊠server-address6 ]
no ip name-server server-address1 [ server-address2 ⊠server-address6 ]
⢠server-address1 â ãã¡ã€ã³ããŒã ãµãŒãã® IP ã¢ãã¬ã¹
⢠server-address2 ⊠server-address6 â ãã¡ã€ã³ããŒã ãµãŒãã® IP ã¢ãã¬ã¹ïŒè¿œå åïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
å¿çãåä¿¡ãããŸã§ãåã¯ãªã¹ãã®æåŸã«å°éãããŸã§ããªã¹ãå ã®ããŒã ãµãŒãã«å¯ŸããŠé çªã«ãªã¯ãšã¹ããéä¿¡ããŸãã
äŸ
å¿çãåä¿¡ãããŸã§ãåã¯ãªã¹ãã®æåŸã«å°éãããŸã§ããªã¹ãå ã®ããŒã ãµãŒãã«å¯ŸããŠé çªã«ãªã¯ãšã¹ããéä¿¡ããŸãã
é¢é£ããã³ãã³ã
ip domain-name (4-129)
ip domain-lookup (4-131)
Console(config)#ip domain-server 192.168.1.55 10.1.0.55Console(config)#endConsole#show dnsDomain Lookup Status: DNS disabledDefault Domain Name: .sample.comDomain Name List: .sample.com.jp .sample.com.ukName Server List:192.168.1.5510.1.0.55Console#
352FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹DNSïŒDomain Name Server)
ip domain-lookup
DNSãã¹ãåã»ã¢ãã¬ã¹å€æãæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§ DNSãç¡å¹ã«ããŸãã
ææ³
ip domain-lookup
no ip domain-lookup
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠DNSãæå¹ã«ããåã«æäœ 1ã€ã®ããŒã ãµãŒããæå®ããå¿ èŠããããŸãã
⢠ãã¹ãŠã®ããŒã ãµãŒããåé€ãããå Žåã«ã¯ DNS ã¯èªåçã«ç¡å¹ã«ãªããŸãã
äŸ
æ¬äŸã§ã¯ãDNSãæå¹ã«ããèšå®ã衚瀺ããŠããŸãã
é¢é£ããã³ãã³ã
domain-name (P337)
ip name-server (P338)
Console(config)#ip domain-lookupConsole(config)#endConsole#show dnsDomain Lookup Status:
ããDNS enabledDefault Domain Name:
ãã.sample.comDomain Name List:
ãã.sample.com.jp
ãã.sample.com.ukName Server List:
ãã192.168.1.55
ãã10.1.0.55Console#
353 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹DNSïŒDomain Name Server)
show hosts
éçãã¹ãåïŒã¢ãã¬ã¹ãããã³ã°ããŒãã«ã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
以åã«èšå®ããããšã³ããªãšåãã¢ãã¬ã¹ããããã³ã°ãããå Žåããã¹ãåã¯ãšã€ãªã¢ã¹ãšããŠè¡šç€ºãããŸãã
show dns
DNSãµãŒãã®èšå®ã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show hosts
Hostname
ãrd5Inet address
ã10.1.0.55 192.168.1.55Alias
ã1.rd6Console#
Console#show dnsDomain Lookup Status:
ããDNS enabledDefault Domain Name:
ããsample.comDomain Name List:
ããsample.com.jp
ããsample.com.ukName Server List:
ãã192.168.1.55
ãã10.1.0.55Console#
354FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹DNSïŒDomain Name Server)
show dns cache
DNSãã£ãã·ã¥ã®å 容ã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
clear dns cache
DNSãã£ãã·ã¥ã®ãã¹ãŠã®å€ãã¯ãªã¢ããŸãã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
NO ãFLAG TYPE IP ããããã TTL DOMAIN0 ãã4 ãCNAME 10.2.44.96 893 pttch_pc.accton.com.tw1 ãã4 ãCNAME 10.2.44.3 898 ahten.accton.com.tw2 ãã4 ãCNAME 66.218.71.84 298 www.yahoo.akadns.net3ãã 4 ãCNAME 66.218.71.83 298 www.yahoo.akadns.net4 ãã4 ãCNAME 66.218.71.81 298 www.yahoo.akadns.net5 ãã4 ãCNAME 66.218.71.80 298 www.yahoo.akadns.net6 ãã4 ãCNAME 66.218.71.89 298 www.yahoo.akadns.net7 ãã4 ãCNAME 66.218.71.86 298 www.yahoo.akadns.net8 ãã4 ãALIAS POINTER TO:7 298 www.yahoo.comConsole#
é ç® è§£èª¬NO åãªãœãŒã¹ã¬ã³ãŒãã®ãšã³ããªçªå·
FLAG ãã£ãã·ã¥ãšã³ããªã®ãã©ã°ã¯åžžã« "4"
TYPEæšæºçåã¯ãã©ã€ããªåãæå®ããããCNAMEããæ¢åã®ãšã³ããªãšåã IPã¢ãã¬ã¹ããããã³ã°ãããŠããå€æ°ã®ãã¡ã€ã³åãæå®ããããALIASã
IP ã¬ã³ãŒãã«é¢é£ãã IPã¢ãã¬ã¹
TTL ããŒã ãµãŒãã«ããå ±åãããçåå¯èœæéDOMAIN ã¬ã³ãŒãã«é¢é£ãããã¡ã€ã³å
Console#clear dns cacheConsole#show dns cache
NO ãããFLAG ãããTYPE ããIP ããTTL ããDOMAINConsole#
355 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹
3.13 ã€ã³ã¿ãã§ãŒã¹
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
interface æ¬æ©ã® DHCPã¯ã©ã€ã¢ã³ã IDã®æå® GC P357
descriptionã€ã³ã¿ãã§ãŒã¹ã¿ã€ãã®èšå®åã³ interface configurationã¢ãŒããžã®å€æŽ
IC P358
speed-duplex ã€ã³ã¿ãã§ãŒã¹ã®è§£èª¬ IC P359
negotiation ã€ã³ã¿ãã§ãŒã¹ãžã®ãªãŒãããŽã·ãšãŒã·ã§ã³ã®èšå® IC P360
capabilities ãªãŒãããŽã·ãšãŒã·ã§ã³ç¡å¹æã®éä¿¡é床ãéä¿¡æ¹åŒã®èšå®
IC P361
flowcontrol ã€ã³ã¿ãã§ãŒã¹ãžã®ãããŒã³ã³ãããŒã«èšå® IC P362
shutdown ã€ã³ã¿ãã§ãŒã¹ã®ç¡å¹ IC P363
switchportbroadcastpacket-rate
ããŒããã£ã¹ãã¹ããŒã ã³ã³ãããŒã«ã®èšå® IC P364
clear counters ã€ã³ã¿ãã§ãŒã¹ã®çµ±èšæ å ±ã®ã¯ãªã¢ PE P365
showinterfacesstatus
ã€ã³ã¿ãã§ãŒã¹ã®èšå®ç¶æ³ã衚瀺 NE,PE P366
showinterfacescounters
ã€ã³ã¿ãã§ãŒã¹ã®çµ±èšæ å ±ã®è¡šç€º NE,PE P367
showinterfacesswitchport
ã€ã³ã¿ãã§ãŒã¹ã®ç®¡çãéçšç¶æ³ã®è¡šç€º NE,PE P368
356FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹
interface
ã€ã³ã¿ãã§ãŒã¹ã®èšå®åã³ interface configurationã¢ãŒããžã®å€æŽãè¡ããŸãã"no"ãåã«çœ®ãããšã§ãã©ã³ã¯ã解é€ããããšãã§ããŸãã
ææ³
interface interface
no interface port-channel channel-id
⢠interface
ïŒ ethernet unit/port
ãïŒ unit â ãŠãããçªå·ã"1"
ãïŒ port â ããŒãçªå·ïŒç¯å²ïŒ1-12ïŒ
ïŒ port-channel channel-id â Channel ID (1-6)
ïŒ vlan vlan-id â VLAN ID (1-4094)
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
æ¬äŸã§ã¯ 24çªããŒãã®æå®ãè¡ã£ãŠããŸãã
Console(config)#interface ethernet 1/24Console(config-if)#
357 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹
description
åã€ã³ã¿ãã§ãŒã¹ã®è§£èª¬ãè¡ããŸãã"no"ãåã«çœ®ãããšã§è§£èª¬ãåé€ããŸãã
ææ³
description string
no description
⢠string â èšå®ãç£èŠäœæ¥ãè¡ããããããããã®åããŒãã®æ¥ç¶å ãªã©ã®ã³ã¡ã³ãã解説ïŒç¯å²ïŒ1-64æåïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
äŸ
æ¬äŸã¯ã24çªããŒãã«è§£èª¬ãå ããŠããèšå®ã§ãã
Console(config)#interface ethernet 1/24Console(config-if)#description RD-SW#3Console(config-if)#
358FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹
speed-duplex
ãªãŒãããŽã·ãšãŒã·ã§ã³ãç¡å¹ã«ããå Žåã®éä¿¡é床åã³éä¿¡æ¹åŒã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
speed-duplex {1000full | 100full | 100half | 10full 10half}
no speed-duplex
⢠1000full â 1000 Mbps full-duplexåºå®
⢠100full â 100 Mbps full-duplexåºå®
⢠100half â 100 Mbps half-duplexåºå®
⢠10full â 10 Mbps full-duplexåºå®
⢠10half â 10 Mbps half-duplexåºå®
åæèšå®
⢠åæèšå®ã§ã¯ãªãŒãããŽã·ãšãŒã·ã§ã³ãæå¹ã«ãªã£ãŠããŸãã
⢠ãªãŒãããŽã·ãšãŒã·ã§ã³ãç¡å¹ã®éãåããŒãã®åæèšå®ã¯ 100BASE-TXã®å Žåã¯"100half"ãã®ã¬ãããã€ãŒãµãããã®å Žå㯠"1000full"ãšãªããŸãã
ã³ãã³ãã¢ãŒã
Interface Configuration (EthernetãPort Channel)
ã³ãã³ã解説
⢠éä¿¡é床㚠Duplexãåºå®èšå®ã«ããããã«ã¯ "speed-duplex"ã³ãã³ãã䜿çšããŸããåã"no negotiation"ã³ãã³ãã䜿çšããªãŒãããŽã·ãšãŒã·ã§ã³ãç¡å¹ã«ããŠäžããã
⢠"negotiation"ã³ãã³ãã䜿çšããªãŒãããŽã·ãšãŒã·ã§ã³ãæå¹ã«ãªã£ãŠããå Žåã¯"capabilities"ã³ãã³ãã䜿çšããããšã§æé©ãªæ¥ç¶ãè¡ãããšãã§ããŸãããªãŒãããŽã·ãšãŒã·ã§ã³æã®éä¿¡é床ãéä¿¡æ¹åŒã®èšå®ãè¡ãããã«ã¯ "capabilities"ã³ãã³ãã䜿çšããå¿ èŠããããŸãã
äŸ
æ¬äŸã§ã¯ 5çªããŒãã« 100Mbps half-duplexåºå®ã®èšå®ãè¡ã£ãŠããŸãã
é¢é£ããã³ãã³ã
negotiation (P360)
capabilities (P361)
Console(config)#interface ethernet 1/5Console(config-if)#speed-duplex 100halfConsole(config-if)#no negotiationConsole(config-if)#
359 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹
negotiation
åããŒãã®ãªãŒãããŽã·ãšãŒã·ã§ã³ãæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§ãªãŒãããŽã·ãšãŒã·ã§ã³ãç¡å¹ã«ããŸãã
ææ³
[no] negotiation
åæèšå®
æå¹ (Enabled)
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠ãªãŒãããŽã·ãšãŒã·ã§ã³ãæå¹ã«ãªã£ãŠããå Žåã"capabilities"ã³ãã³ãã«æå®ãããå 容ã«åºã¥ããæé©ãªéä¿¡æ¹æ³ãéžæããŸãããªãŒãããŽã·ãšãŒã·ã§ã³ãç¡å¹ã®å Žåã«ã¯ "speed-duplex"ã³ãã³ããš "flowcontrol"ã³ãã³ãã䜿çšããŠæåã§éä¿¡æ¹åŒãèšå®ããå¿ èŠããããŸãã
⢠ãªãŒãããŽã·ãšãŒã·ã§ã³ãç¡å¹ã®å Žåã«ã¯ RJ-45ããŒãã® MDI-MDI-Xèªåèªèæ©èœãç¡å¹ãšãªããŸãã
äŸ
æ¬äŸã§ã¯ 11çªããŒãããªãŒãããŽã·ãšãŒã·ã§ã³ã®èšå®ã«ããŠããŸãã
é¢é£ããã³ãã³ã
capabilities (P361)
speed-duplex (P359)
Console(config)#interface ethernet 1/11Console(config-if)#negotiationConsole(config-if)#
360FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹
capabilities
ãªãŒãããŽã·ãšãŒã·ã§ã³æã®ããŒãã®éä¿¡æ¹åŒãèšå®ããŸãã
"no"ãåã«çœ®ããã©ã¡ãŒã¿ãèšå®ããããšã§æå®ãããã©ã¡ãŒã¿ã®å€ãåé€ããŸãããã©ã¡ãŒã¿ãèšå®ãã "no"ãåã«çœ®ããå Žåã«ã¯åæèšå®ã«æ»ããŸãã
ææ³
capabilities {1000full | 100full | 100half | 10full | 10half | flowcontrol | symmetric}
no port-capabilities [1000full | 100full | 100half | 10full | 10half | flowcontrol | symmetric]
⢠1000full â 1000Mbps full-duplexéä¿¡
⢠100full â 100Mbps full-duplexéä¿¡
⢠100half â 100Mbps half-duplexéä¿¡
⢠10full â 10Mbps full-duplexéä¿¡
⢠10half â 10Mbps half-duplexéä¿¡
⢠flowcontrol â flow controlãµããŒã
⢠symmetric â ãããŒã³ã³ãããŒã«ããããŒãºãã¬ãŒã ãéåä¿¡ïŒæ¬æ©ã§ã¯symmetric ããŒãºãã¬ãŒã ã®ã¿ããµããŒããããŠããŸãïŒãïŒã®ã¬ãããç°å¢ã®ã¿ïŒ
åæèšå®
⢠100BASE-TXïŒ10half, 10full, 100half, 100full
⢠1000BASE-TïŒ10half, 10full, 100half, 100full, 1000full
⢠SFPïŒ1000full
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
"negotiation"ã³ãã³ãã䜿çšããªãŒãããŽã·ãšãŒã·ã§ã³ãæå¹ã«ãªã£ãŠããå Žåã"capabilites"ã³ãã³ãã§æå®ãããå 容ã«åºã¥ãæé©ãªéä¿¡æ¹åŒã§ãªã³ã¯ãè¡ããŸãããªãŒãããŽã·ãšãŒã·ã§ã³ãç¡å¹ã®å Žåã«ã¯ "speed-duplex"ã³ãã³ããš "flowcontrol"ã³ãã³ãã䜿çšããŠæåã§éä¿¡æ¹åŒãèšå®ããå¿ èŠããããŸãã
äŸ
æ¬äŸã§ã¯ 5çªããŒãã« 100half, 100fullåã³ãããŒã³ã³ãããŒã«ãèšå®ããŠããŸãã
Console(config)#interface ethernet 1/5Console(config-if)#capabilities 100halfConsole(config-if)#capabilities 100fullConsole(config-if)#capabilities flowcontrolConsole(config-if)#
361 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹
flow control
ãããŒã³ã³ãããŒã«ãæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§ãããŒã³ã³ãããŒã«ãç¡å¹ã«ããŸãã
ææ³
[no] flowcontrol
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠ãããŒã³ã³ãããŒã«ã䜿çšãããšã¹ã€ããã®ãããã¡å®¹éããã£ã±ãã«ãªã£ãå Žåã«éä¿¡ã®ãã¹ãçºçããã®ãé²ãããšãã§ããŸãããããŒã³ã³ãããŒã«ãæå¹ã«ããå Žåãfull-duplexã§ã¯ IEEE802.3xæºæ ãhalf-duplexã§ã¯ããã¯ãã¬ãã·ã£ãçšããŠãããŒã³ã³ãããŒã«ãè¡ããŸãã"negotiation"ã³ãã³ãã䜿çšããªãŒãããŽã·ãšãŒã·ã§ã³ãæå¹ã«ããå Žåã"capabilities"ã³ãã³ãã«ãããããŒã³ã³ãããŒã«ã䜿çšããã決å®ãããŸãããªãŒãããŽã·ãšãŒã·ã§ã³æã«ãããŒã³ã³ãããŒã«ãæå¹ã«ããããã«ã¯åããŒãã®æ©èœ(Capabilities)ã« "flowcontrol"ãå«ããå¿ èŠããããŸãã
⢠flowcontrol"ã³ãã³ãå㯠"no flowcontrol"ã³ãã³ãã䜿çšããŠãããŒã³ã³ãããŒã«ãåºå®èšå®ããå Žåã«ã¯ã"no negotiation"ã³ãã³ãã䜿çšããŠãªãŒãããŽã·ãšãŒã·ã§ã³ãç¡å¹ã«ããå¿ èŠããããŸãã
⢠HUBãšæ¥ç¶ãããããŒãã§ã¯ãããŒã³ã³ãããŒã«ã䜿çšããããšã¯é¿ããŠäžããã䜿çšããå Žåã«ã¯ããã¯ãã¬ãã·ã£ã®ãžã£ã ä¿¡å·ãå šäœã®ãããã¯ãŒã¯ããã©ãŒãã³ã¹ãäœäžãããå¯èœæ§ããããŸãã
äŸ
æ¬äŸã§ã¯ 5çªããŒãã§ãããŒã³ã³ãããŒã«ãæå¹ã«ããŠããŸãã
é¢é£ããã³ãã³ã
negotiation (P360)
capabilities (flowcontrol, symmetric) (P361)
Console(config)#interface ethernet 1/5Console(config-if)#flowcontrolConsole(config-if)#no negotiationConsole(config-if)#
362FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹
shutdown
ã€ã³ã¿ãã§ãŒã¹ãç¡å¹ã«ããŸãã"no"ãåã«çœ®ãããšã§ã€ã³ã¿ãã§ãŒã¹ãæå¹ã«ããŸãã
ææ³
[no] shutdown
åæèšå®
ãã¹ãŠã®ã€ã³ã¿ãã§ãŒã¹ãæå¹ã«ãªã£ãŠããŸãã
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
ã³ãªãžã§ã³ã®çºçãªã©ã«ããç°åžžãªåäœãåé¿ãããªã©ã®ç®çããã»ãã¥ãªãã£ã®ç®çã§ããŒããç¡å¹ã«ããããšãã§ããŸããåé¡ã解決ããå ŽåããããŒãã䜿çšããå Žåã«ã¯å床ããŒããæå¹ã«ããããšãã§ããŸãã
äŸ
æ¬äŸã§ã¯ 5çªããŒããç¡å¹ã«ããŠããŸãã
Console(config)#interface ethernet 1/5Console(config-if)#shutdownConsole(config-if)#
363 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹
switchport broadcast packet-rate
ãããŒããã£ã¹ãã¹ããŒã ã³ã³ãããŒã«ã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§æ¬æ©èœãç¡å¹ã«ããŸãã
ææ³
switchport broadcast octet-rate rate
no switchport broadcast
⢠rate â ãããŒããã£ã¹ããã±ããã®ãããå€ (Kbyte/ç§ ) ïŒç¯å²ïŒ500-262143ïŒ
åæèšå®
æå¹ïŒå šããŒãïŒ
ãã±ããã¬ãŒãã®äžéïŒ500ãã±ãã /ç§
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet)
ã³ãã³ã解説
⢠ãããŒããã£ã¹ããã©ãã£ãã¯ãæå®ãããããå€ãè¶ ããå Žåãè¶ ãããã±ããã«é¢ããŠã¯ç Žæ£ãããŸãã
⢠æ¬æ©èœã®æå¹ /ç¡å¹ã®åãæ¿ãã¯ããŒãæ¯ã«è¡ããŸããäœãããããå€ã«é¢ããŠã¯ãã¹ãŠã®ããŒãã§åãèšå®ãšãªããŸãã
äŸ
æ¬äŸã§ã¯ 5çªããŒãã« 600ppsã®ãããå€ãèšå®ããŠããŸãã
Console(config)#interface ethernet 1/5Console(config-if)#switchport broadcast octet-rate 500Console(config-if)#
364FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹
clear counters
ã€ã³ã¿ãã§ãŒã¹ã®çµ±èšæ å ±ãã¯ãªã¢ããŸãã
ææ³
clear counters interface
⢠Interface
ïŒ ethernet unit/port
ãïŒ unit â ãŠãããçªå·ãâ1â
ãïŒ port â ããŒãçªå·ïŒç¯å²ïŒ1-12ïŒ
ïŒ port-channel channel-id (ç¯å²ïŒ1-6)
åæèšå®
ãªã
ã³ãã³ãã¢ãŒãPrivileged Exec
ã³ãã³ã解説
çµ±èšæ å ±ã¯é»æºããªã»ããããå Žåã®ã¿åæåãããŸããæ¬æ©èœã䜿çšããå ŽåãçŸåšã®ç®¡çã»ãã·ã§ã³ã§è¡šç€ºãããŠããçµ±èšæ å ±ã¯ãªã»ãããããŸããäœããäžåºŠãã°ã¢ãŠããå床管çç»é¢ã«ãã°ã€ã³ããå Žåã«ã¯çµ±èšæ å ±ã¯æåŸã«é»æºããªã»ããããæããã®å€ãšãªããŸãã
äŸ
æ¬äŸã§ã¯ 5çªããŒãã®çµ±èšæ å ±ãã¯ãªã¢ããŠããŸãã
Console#clear counters ethernet 1/5Console#
365 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹
show interfaces status
ã€ã³ã¿ãã§ãŒã¹ã®ç¶æ ã衚瀺ããŸãã
ææ³
show interfaces status interface
⢠interface
ïŒ ethernet unit/port
ãïŒ unit â ãŠãããçªå·ã"1"
ãïŒ port â ããŒãçªå·ïŒç¯å²ïŒ1-12ïŒ
ïŒ port-channel channel-id â Channel ID (1-6)
åæèšå®
ãã¹ãŠã®ã€ã³ã¿ãã§ãŒã¹ã®ç¶æ³ã衚瀺ãããŸãã
ã³ãã³ãã¢ãŒã
Normal Exec, Privileged Exec
ã³ãã³ã解説
⢠ããŒããæå®ããªãå Žåã¯ããã¹ãŠã®ããŒãã®ç¶æ³ã衚瀺ãããŸãã
⢠æ¬ã³ãã³ãã䜿çšããéã«è¡šç€ºãããæ å ±ã®è©³çŽ°ã¯ P3-58ãæ¥ç¶ç¶æ³ã®è¡šç€ºããåç §ããŠäžããã
äŸ
Console#show interfaces status ethernet 1/5Information of Eth 1/5 Basic information: Port type: 100TX Mac address: 00-30-F1-D3-26-05 Configuration: Name: Port admin: Up Speed-duplex: Auto Capabilities: 10half, 10full, 100half, 100full, Broadcast storm: Enabled Broadcast storm limit: 500packets/second Flow control: Disabled Lacp: Disabled Port security: Disabled Max MAC count: 0 Port security action: None Current status: Link status: Up Operation speed-duplex: 100full Flow control type: NoneConsole#show interfaces status vlan 1 Information of VLAN 1 MAC address: 00-00-AB-CD-00-00Console#
366FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹
show interfaces counters
ã€ã³ã¿ãã§ãŒã¹ã®çµ±èšæ å ±ã衚瀺ããŸãã
ææ³
show interfaces counters [interface]
⢠interface
ïŒ ethernet unit/port
ãïŒ unit â ãŠãããçªå·ãâ1â
ãïŒ port â ããŒãçªå·ãïŒç¯å²ïŒ1-12ïŒ
ïŒ port-channel channel-idïŒç¯å²ïŒ1-6ïŒ
åæèšå®
ãã¹ãŠã®ããŒãã®ã«ãŠã³ã¿ã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Normal Exec, Privileged Exec
ã³ãã³ã解説
ããŒããæå®ããªãå Žåã¯ããã¹ãŠã®ããŒãã®ç¶æ³ã衚瀺ãããŸãã
äŸ
Console#show interfaces counters ethernet 1/7Ethernet 1/7 Iftable stats: Octets input: 30658, Octets output: 196550 Unicast input: 6, Unicast output: 5 Discard input: 0, Discard output: 0 Error input: 0, Error output: 0 Unknown protos input: 0, QLen output: 0 Extended iftable stats: Multi-cast input: 0, Multi-cast output: 3064 Broadcast input: 262, Broadcast output: 1 Ether-like stats: Alignment errors: 0, FCS errors: 0 Single Collision frames: 0, Multiple collision frames: 0 SQE Test errors: 0, Deferred transmissions: 0 Late collisions: 0, Excessive collisions: 0 Internal mac transmit errors: 0, Internal mac receive errors: 0 Frame too longs: 0, Carrier sense errors: 0 Symbol errors: 0 RMON stats: Drop events: 0, Octets: 227208, Packets: 3338 Broadcast pkts: 263, Multi-cast pkts: 3064 Undersize pkts: 0, Oversize pkts: 0 Fragments: 0, Jabbers: 0 CRC align errors: 0, Collisions: 0 Packet size <= 64 octets: 3150, Packet size 65 to 127 octets: 139 Packet size 128 to 255 octets: 4, Packet size 256 to 511 octets:0 Packet size 512 to 1023ctets:0,Packet size 1024 to 1518 octets: 0Console#
367 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹
show interfaces switchport
æå®ããããŒãã®ç®¡çãéçšç¶æ³ã衚瀺ããŸãã
ææ³
show interfaces switchport [interface]
⢠interface
ïŒ ethernet unit/port
ãïŒ unit â ãŠãããçªå·ã"1"
ãïŒ port â ããŒãçªå·ïŒç¯å²ïŒ1-12ïŒïŒ port-channel channel-idïŒç¯å²ïŒ1-6ïŒ
åæèšå®
ãã¹ãŠã®ã€ã³ã¿ãã§ãŒã¹ã衚瀺
ã³ãã³ãã¢ãŒã
Normal Exec, Privileged Exec
äŸ
æ¬äŸã¯ 24çªããŒãã®æ å ±ã衚瀺ããŠããŸãã
Console#show interfaces switchport ethernet 1/2 Broadcast threshold: Enabled, 600 octets/second LACP status: Enabled Ingress rate limit: disable, 100percent VLAN membership mode: Hybrid Ingress rule: Enabled Acceptable frame type: All frames Native VLAN: 1 Priority for untagged traffic: 0 GVRP status: Disabled Allowed Vlan: 1(u), Forbidden Vlan: Private-VLAN mode: NONE Private-VLAN host-association: NONE Private-VLAN mapping: NONEConsole#
368FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹
ã³ãã³ã解説
é ç® è§£èª¬
Broadcast thresholdãããŒããã£ã¹ãã¹ããŒã å¶åŸ¡æ©èœã®æå¹ /ç¡å¹ã®è¡šç€ºãæå¹æã«ã¯ãããå€ã衚瀺ïŒP364åç §ïŒ
Lacp status LACPã®æå¹ /ç¡å¹ïŒP375åç §ïŒ
Ingress rate limit å ¥å垯åå¶åŸ¡ã®æå¹ /ç¡å¹ãçŸåšã®èšå®ïŒP372åç §ïŒ
Egress rate limit åºå垯åå¶åŸ¡ã®æå¹ /ç¡å¹ãçŸåšã®èšå®ïŒP372åç §ïŒ
VLAN membershipmode ãã©ã³ã¯å㯠Hybridã®ã¡ã³ããŒã¢ãŒãã衚瀺ïŒP416åç §ïŒ
Ingress rule ã€ã³ã°ã¬ã¹ãã£ã«ã¿ã®æå¹ /ç¡å¹ã®è¡šç€ºïŒP418åç §ïŒ
Acceptable frame typeVLANãã¬ãŒã ã¯ãå šãŠã®ãã¬ãŒã ã¿ã€ãããã¿ã°ãã¬ãŒã ã®ã¿åãåãå¯èœãïŒP417åç §ïŒ
Native VLAN ããã©ã«ãããŒã VLAN IDã®è¡šç€ºïŒP419åç §ïŒ
Priority for untagged traffic
ã¿ã°ãªããã¬ãŒã ãžã®åæèšå®ã®ãã©ã€ãªãªãã£ã®è¡šç€ºïŒP429åç §ïŒ
Gvrp status GVRPã®æå¹ /ç¡å¹ïŒP408åç §ïŒ
Allowed Vlanåå ããŠãã VLANã®è¡šç€ºã "(u)"ã¯ã¿ã°ãªãã "(t)"ã¯ã¿ã°ïŒP420åç §ïŒ
Forbidden Vlan GVRPã«ãã£ãŠåçã«åå ã§ããªã VLANã®è¡šç€ºïŒP421åç §ïŒ
369 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ããŒããã©ãŒãªã³ã°
3.14 ããŒããã©ãŒãªã³ã°
ãã©ãŒã»ãã·ã§ã³ã®èšå®æ¹æ³ã解説ããŠããŸãã
port monitor
ãã©ãŒã»ãã·ã§ã³ã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§ãã©ãŒã»ãã·ã§ã³ãã¯ãªã¢ããŸãã
ææ³
port monitor interface [rx | tx]
no port monitor interface
⢠interfaceïŒ ethernet unit/port (source port)
ãïŒ unit â ãŠãããçªå·ã"1"
ãïŒ port â ããŒãçªå·ïŒç¯å²ïŒ1-12ïŒ
⢠rx â åä¿¡ãã±ããã®ãã©ãŒ
⢠tx â éä¿¡ãã±ããã®ãã©ãŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, destination port)
ã³ãã³ã解説
⢠ãœãŒã¹ããŒããããã£ã¹ãã£ããŒã·ã§ã³ããŒãã«éä¿¡ããã©ãŒãããªã¢ã«ã¿ã€ã ã§ã®éä¿¡åæãè¡ããŸãããã£ã¹ãã£ãã€ã·ã§ã³ããŒãã«ãããã¯ãŒã¯è§£æè£ çœ®ïŒSnifferç )åã¯RMONãããŒããæ¥ç¶ããéä¿¡ã«åœ±é¿ãäžããã«ãœãŒã¹ããŒãã®ãã©ãã£ãã¯ã解æããããšãã§ããŸãã
⢠ãã£ã¹ãã£ããŒã·ã§ã³ããŒã㯠Ethernetã€ã³ã¿ãã§ãŒã¹ã«èšå®ããŸãã
⢠ãœãŒã¹åã³ãã£ã¹ãã£ããŒã·ã§ã³ããŒãã®éä¿¡é床ã¯åãå¿ èŠããããŸããåãéä¿¡é床ã§ãªãå Žåã«ã¯éä¿¡ããœãŒã¹ããŒãããèœãšãããŸãã
⢠åäžã®ãã©ãŒã»ãã·ã§ã³ã®ã¿ãäœæããããšãã§ããŸãã
⢠ãã£ã¹ãã£ããŒã·ã§ã³ããŒããšãœãŒã¹ããŒãã¯åäžã® VLANã«æå±ããŠããå¿ èŠããããŸãã
äŸ
æ¬äŸã§ã¯ 6çªãã 11çªããŒããžã®ãã©ãŒãè¡ããŸãã
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãžport monitor ãã©ãŒã»ãã·ã§ã³ã®èšå® IC P370
show port monitor ãã©ãŒããŒãã®èšå®ã®è¡šç€º PE P371
Console(config)#interface ethernet 1/11Console(config-if)#port monitor ethernet 1/6 rxConsole(config-if)#
370FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ããŒããã©ãŒãªã³ã°
show port monitor
ãã©ãŒæ å ±ã®è¡šç€ºãè¡ããŸãã
ææ³
show port monitor [interface]
⢠interface
ïŒ ethernet unit/port
ãïŒ unit â ãŠãããçªå·ã"1"
ãïŒ port â ããŒãçªå·ïŒç¯å²ïŒ1-12ïŒ
åæèšå®
ãã¹ãŠã®ã»ãã·ã§ã³ã衚瀺
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
æ¬ã³ãã³ãã䜿çšããããšã§çŸåšèšå®ãããŠãããœãŒã¹ããŒãããã£ã¹ãã£ããŒã·ã§ã³ããŒãããã©ãŒã¢ãŒã (RX, TX)ã®è¡šç€ºãè¡ããŸãã
äŸ
æ¬äŸã§ã¯ 6çªãã 11çªããŒããžã®ãã©ãŒã®èšå®ã衚瀺ãããŠããŸãã
Console(config)#interface ethernet 1/11Console(config-if)#port monitor ethernet 1/6 rxConsole(config-if)#endConsole#show port monitorPort Mirroring-------------------------------------Destination port(listen port) :Eth1/11Source port(monitored port) :Eth1/6Mode :RXConsole#
371 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹åž¯åå¶åŸ¡
3.15 垯åå¶åŸ¡
垯åå¶åŸ¡æ©èœã§ã¯åã€ã³ã¿ãã§ãŒã¹ã®éä¿¡åã³åä¿¡ã®æ倧é床ãèšå®ããããšãã§ããŸãã垯åå¶åŸ¡ã¯åããŒã /ãã©ã³ã¯æ¯ã«èšå®å¯èœã§ãã
垯åå¶åŸ¡ãæå¹ã«ãããšãéä¿¡ã¯ããŒããŠã§ã¢ã«ããç£èŠãããèšå®ãè¶ ããéä¿¡ã¯ç Žæ£ãããŸããèšå®ç¯å²å ã®éä¿¡ã¯ãã®ãŸãŸè»¢éãããŸãã
rate-limit
ç¹å®ã®ã€ã³ã¿ãã§ãŒã¹ã®åž¯åå¶åŸ¡ã¬ãã«ãèšå®ããŸãã垯åãèšå®ããã«æ¬ã³ãã³ãã䜿çšãããšåæå€ãé©çšãããŸãã"no"ãåã«çœ®ãããšã§æ¬æ©èœãç¡å¹ãšããŸãã
ææ³
rate-limit <input | output> [rate]
no rate-limit <input | output>
⢠input â å ¥å垯åïŒã¬ãŒãïŒ
⢠output â åºå垯åïŒã¬ãŒãïŒ
⢠rate â æ倧å€ïŒ1-1000MbpsïŒ
åæèšå®
Gigabitã€ãŒãµãããïŒ1000Mbps
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
äŸ
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãžrate-limit ããŒãã®å ¥åºåã®æ倧垯åã®èšå® IC P372
rate-limit input 50Console(config-if)#
372FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãªã³ã¯ã¢ã°ãªã²ãŒã·ã§ã³
3.16 ãªã³ã¯ã¢ã°ãªã²ãŒã·ã§ã³
ãã³ãå¹ æ¡åŒµã®ãããåãããã¯ãŒã¯é害æã®åé¿ã®ãããããŒããæããéçã°ã«ãŒããèšå®ããããšãã§ããŸããåãIEEE802.1adæºæ ã® Link Aggregation Control Protocol (LACP)ã䜿çšããæ¬æ©ãšä»ã®ããã€ã¹éã®ãã©ã³ã¯ãèªåçã«è¡ãããšãã§ããŸããéçãã©ã³ã¯ã§ã¯ãæ¬æ©ã¯ Cisco EtherChannelæšæºãšã®äºææ§ããããŸããåçãã©ã³ã¯ã«é¢ããŠã¯ IEEE802.1adæºæ ã® LACPãšãªããŸãã
æ¬æ©ã§ã¯æ倧 25ãã©ã³ã¯ã°ã«ãŒãããµããŒãããŸãã
2ã€ã® 1000MbpsããŒãããã©ã³ã¯ããå Žåãfull duplexæã«ã¯æ倧 4Gpbsã®ãã³ãå¹ ãšãªããŸãã
ãã©ã³ã¯èšå®ã¬ã€ãã©ã€ã³
⢠ã«ãŒããé²ãããããããã¯ãŒã¯ã±ãŒãã«ãæ¥ç¶ããåã«ãã©ã³ã¯ã®èšå®ãå®äºãããŠäžããã
⢠åãã©ã³ã¯ã¯æ倧 8ããŒããŸã§ãã©ã³ã¯å¯èœã§ãã
⢠ãã©ã³ã¯ã®äž¡ç«¯ã®ããŒãã¯ãã©ã³ã¯ããŒããšããŠèšå®ãããå¿ èŠããããŸãã
⢠ãã©ã³ã¯ã«åå ãããã¹ãŠã®ããŒãã¯ãéä¿¡é床ãduplexã¢ãŒãããããŒã³ã³ãããŒã«ãVLANãCoSãªã©ãã¹ãŠåäžã®èšå®ã§ããå¿ èŠããããŸãã
⢠port-channelã䜿çšã VLANããã®ç§»åãè¿œå ãåé€ããå Žåããã©ã³ã¯ããããã¹ãŠã®ããŒãã¯ïŒã€ã®ãã®ãšããŠæ±ãããŸãã
⢠STPãVLANããã³ IGMPã®èšå®ã¯ãæå®ããããŒããã£ã³ãã«ã䜿çšããã¹ãŠã®ãã©ã³ã¯ã«èšå®ããããšãã§ããŸãã
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
Manual Configuration Commands
interfaceport-channel
interface configurationã¢ãŒããžã®ç§»åãšãã©ã³ã¯èšå®
GC P357
channel-group ãã©ã³ã¯ãžã®ããŒãã®è¿œå IC P374
Dynamic Configuration Command
lacp çŸåšã®ã€ã³ã¿ãã§ãŒã¹ã§ã® LACPã®èšå® IC P375
Trunk Status Display Command
show interfacesstatusport-channel
ãã©ã³ã¯æ å ±ã®è¡šç€º NE,PE P366
373 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãªã³ã¯ã¢ã°ãªã²ãŒã·ã§ã³
LACPèšå®ã¬ã€ãã©ã€ã³
ããŒããåäžããŒããã£ã³ãã«ã«èšå®ããã«ã¯ä»¥äžã®æ¡ä»¶ã«äžèŽããå¿ èŠããããŸãã
⢠ããŒãã¯åäžã® LACPã·ã¹ãã ãã©ã€ãªãªãã£ã®å¿ èŠããããŸã
⢠ããŒãã¯åäžã®ããŒãã¢ããã³ããŒã®å¿ èŠããããŸã (Ethernet Interface)
⢠ãã£ã³ãã«ã°ã«ãŒãã圢æãããå Žåã«ãããŒããã£ã³ãã«ã¢ããã³ããŒãã»ããããªããã°ããã®ããŒã¯ãã°ã«ãŒãã®ã€ã³ã¿ãã§ãŒã¹ã®ããŒãã¢ããã³ããŒãšåäžã®å€ã«èšå®ãããŸãã
⢠ããŒããã£ã³ãã«ã¢ããã³ããŒãèšå®ããå Žåã«ã¯ãããŒãã¢ããã³ããŒã¯ãã£ã³ãã«ã°ã«ãŒããžã®åå ãå¯èœãªåãå€ãèšå®ããå¿ èŠããããŸãã
⢠ãªã³ã¯ãèœã¡ãå ŽåãLACPããŒããã©ã€ãªãªãã£ã¯ããã¯ã¢ãããªã³ã¯ãéžæããŸãã
channel-group
ãã©ã³ã¯ã«ããŒããè¿œå ããŸãã"no"ãåã«çœ®ãããšã§ããŒãããã©ã³ã¯ããã¯ãããŸãã
ææ³
channel-group channel-id
no channel-group
⢠channel-id â ãã©ã³ã¯ IDïŒç¯å²ïŒ1-6ïŒ
åæèšå®
çŸåšã®ããŒãããã®ãã©ã³ã¯ã«è¿œå ãããŸãã
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet)
ã³ãã³ã解説
⢠éçãã©ã³ã¯ã®èšå®ãè¡ãå Žåã察åã®ã¹ã€ãã㯠Cisco EtherChannelæšæºãšäºææ§ããªããŠã¯ãããŸããã
⢠" no channel-group"ã³ãã³ãã䜿ãããšã§ããŒãã°ã«ãŒãããã©ã³ã¯ããã¯ãããŸãã
⢠" no interfaces port-channel"ã³ãã³ãã䜿ãããšã§ã¹ã€ãããããã©ã³ã¯ãåé€ããŸãã
äŸ
æ¬äŸã§ã¯ãtrunk 1ãçæãã11çªããŒããã¡ã³ããŒã«å ããŠããŸãã
Console(config)#interface port-channel 1Console(config-if)#exitConsole(config)#interface ethernet 1/11Console(config-if)#channel-group 1Console(config-if)#
374FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãªã³ã¯ã¢ã°ãªã²ãŒã·ã§ã³
lacp
IEEE802.3adæºæ ã® LACPãçŸåšã®ã€ã³ã¿ãã§ãŒã¹ã«å¯ŸããŠèšå®ããŸãã"no"ãåã«çœ®ãããšã§æ¬æ©èœãç¡å¹ã«ããŸãã
ææ³
[no] lacp
åæèšå®
ç¡å¹ (Disabled)
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet)
ã³ãã³ã解説
⢠LACPãã©ã³ã¯ã®äž¡ç«¯ã¯åºå®èšå®ãããã¯ãªãŒãããŽã·ãšãŒã·ã§ã³ã«ãã full duplexã«èšå®ãããŠããå¿ èŠããããŸãã
⢠LACPã䜿çšãããã©ã³ã¯ã¯èªåçã«äœ¿çšå¯èœãªããŒããã£ã³ãã« IDãå²ãåœãŠãããŸãã
⢠察åã®ã¹ã€ãããæ¥ç¶ããããŒã㧠LACPãæå¹ã«ããŠããå Žåããã©ã³ã¯ã¯èªåçã«æå¹ã«ãªããŸãã
⢠8ã€ä»¥äžã®ããŒããåã察åã®ã¹ã€ããã«æ¥ç¶ãããŠãLACPãæå¹ã«ãªã£ãŠããå Žåãè¿œå ãããããŒãã¯ã¹ã¿ã³ãã€ã¢ãŒããšãªããä»ã®ã¢ã¯ãã£ããªãªã³ã¯ãèœã¡ãå Žåã«ã®ã¿æå¹ãšãªããŸãã
375 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãªã³ã¯ã¢ã°ãªã²ãŒã·ã§ã³
äŸ
æ¬äŸã§ã¯ã11ãã 13çªããŒãã® LACPãæå¹ã«ããŠããŸãã"show interfaces status port-channel 1"ã³ãã³ãã䜿çšããTrunk1ã察åã®æ©åšãšç¢ºç«ãããŠããããšã確èªããããšãã§ããŸãã
Console(config)#interface ethernet 1/11Console(config-if)#lacpConsole(config-if)#exitConsole(config)#interface ethernet 1/12Console(config-if)#lacpConsole(config-if)#exitConsole(config)#interface ethernet 1/13Console(config-if)#lacpConsole(config-if)#exitConsole(config)#exitConsole#show interfaces status port-channel 1Information of Trunk 1Basic information:Port type: 100TXMac address: 00-00-e8-00-00-0bConfiguration:Name:Port admin: UpSpeed-duplex: AutoCapabilities: 10half, 10full, 100half, 100full,Flow control status: DisabledPort security: DisabledMax MAC count: 0Current status:Created by: lACPLink status: UpOperation speed-duplex: 100fullFlow control type: NoneMember Ports: Eth1/11, Eth1/12, Eth1/13,Console#
376FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¢ãã¬ã¹ããŒãã«
3.17 ã¢ãã¬ã¹ããŒãã«
MACã¢ãã¬ã¹ããŒãã«ã«å¯Ÿããã¢ãã¬ã¹ãã£ã«ã¿ãªã³ã°ãçŸåšãšã³ããªãŒãããŠããã¢ãã¬ã¹ã®è¡šç€ºãããŒãã«ã®ã¯ãªã¢ããšãŒãžã³ã°ã¿ã€ã ã®èšå®ãè¡ããŸãã
mac-address-table static
VLANã®ããŒãã«éçã« MACã¢ãã¬ã¹ããããã³ã°ããŸãã"no"ãåã«çœ®ãããšã§ MACã¢ãã¬ã¹ãåé€ããŸãã
ææ³
mac-address-table static mac-address interface interface vlan vlan-id [action]
no mac-address-table static mac-address vlan vlan-id
⢠mac-address â MACã¢ãã¬ã¹
⢠interface
é ç® è§£èª¬
LACPDUs Sent ãã£ã³ãã«ã°ã«ãŒãããéä¿¡ãããæå¹ãª LACPDUã®æ°
LACPDUs Received ãã£ã³ãã«ã°ã«ãŒããåä¿¡ããæå¹ãª LACPDUã®æ°
Marker Sentæ¬ãã£ã³ãã«ã°ã«ãŒãããéä¿¡ãããæå¹ãª Marker PDUã®æ°
Marker Received æ¬ãã£ã³ãã«ã°ã«ãŒããåä¿¡ããæå¹ãª Marker PDUã®æ°
LACPDUs UnknownPkts
以äžã®ãã¬ãŒã ã®åä¿¡æ°(1) ã¹ããŒãããã³ã«ã»ã€ãŒãµãããã»ã¿ã€ãå€ãéã³ãæªç¥ã® PDUãå«ãã§ãããã¬ãŒã (2) ã¹ããŒãããã³ã«ã°ã«ãŒã MACã¢ãã¬ã¹ã«å±ããã¹ããŒãããã³ã«ã»ã€ãŒãµãããã»ã¿ã€ãå€ãéãã§ããªããã¬ãŒã
LACPDUs Illegal Pktsäžæ£ãª PDUåã¯ãããã³ã«ãµãã¿ã€ããäžæ£ãªå€ãå«ãã¹ããŒãããã³ã«ã€ãŒãµããããã±ãããéã¶ãã¬ãŒã æ°
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
mac-address-tablestatic
VLANããŒããžã® MACã¢ãã¬ã¹ã®éçãªãããã³ã°
GC P377
clearmac-address-tabledynamic
転éããŒã¿ããŒã¹ã«åŠç¿ãããæ å ±ã®åé€ PE P378
showmac-address-table
転éããŒã¿ããŒã¹ã«ç»é²ãããæ å ±ã®è¡šç€º PE P380
mac-address-tableaging-time
ã¢ãã¬ã¹ããŒãã«ã®ãšãŒãžã³ã°ã¿ã€ã ã®èšå® GCP381
showmac-address-tableaging-time
ã¢ãã¬ã¹ããŒãã«ã®ãšãŒãžã³ã°ã¿ã€ã ã®è¡šç€ºPE
P381
377 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¢ãã¬ã¹ããŒãã«
ïŒ ethernet unit/port
ãïŒ unit â ãŠãããçªå·ã"1"
ãïŒ port â ããŒãçªå·ïŒç¯å²ïŒ1-12ïŒ
⢠port-channel channel-idïŒç¯å²ïŒ1-6ïŒ
⢠vlan vlan-id â VLAN ID (1-4094)
⢠action
ïŒ delete-on-reset â æ¬æ©ãåèµ·åããããŸã§ç»é²ãããŸãã
ïŒ permanent â æ°žä¹ ã«ç»é²ãããŸãã
åæèšå®
mac-addressïŒãªã
actionïŒpermanent
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
éçã¢ãã¬ã¹ã¯ç¹å®ã® VLANã®ç¹å®ã®ããŒãã«å²ãåœãŠãããšãã§ããŸããæ¬ã³ãã³ãã䜿çšããŠéçã¢ãã¬ã¹ã MACã¢ãã¬ã¹ããŒãã«ã«è¿œå ããããšãã§ããŸããéçã¢ãã¬ã¹ã¯ä»¥äžã®ç¹æ§ãæã£ãŠããŸãã
⢠ã€ã³ã¿ãã§ãŒã¹ã®ãªã³ã¯ãããŠã³ããŠããéçã¢ãã¬ã¹ã¯ã¢ãã¬ã¹ããŒãã«ããåé€ãããŸããã
⢠éçã¢ãã¬ã¹ã¯æå®ããã€ã³ã¿ãã§ãŒã¹ã«åºå®ãããä»ã®ã€ã³ã¿ãã§ãŒã¹ã«ç§»åããããšã¯ãããŸãããéçã¢ãã¬ã¹ãä»ã®ã€ã³ã¿ãã§ãŒã¹ã«çŸããå Žåãã¢ãã¬ã¹ã¯æåŠããã¢ãã¬ã¹ããŒãã«ã«èšé²ãããŸããã
⢠éçã¢ãã¬ã¹ã¯ "no"ã³ãã³ãã䜿ã£ãŠåé€ãããŸã§ãä»ã®ããŒãã§åŠç¿ãããŸããã
äŸ
clear mac-address-table dynamic
転éããŒã¿ããŒã¹äžã«ç»é²ããŠãããã¹ãŠã® MACã¢ãã¬ã¹ãåé€ããŸãããŸãããã¹ãŠã®éåä¿¡æ å ±ãåé€ããŸãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Console(config)#mac-address-table static 00-e0-29-94-34-de interface ethernet 1/1 vlan 1 delete-on-resetConsole(config)#
378FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¢ãã¬ã¹ããŒãã«
Privileged Exec
äŸ
Console#clear mac-address-table dynamicConsole#
379 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¢ãã¬ã¹ããŒãã«
show mac-address-table
ããªããžè»¢éããŒã¿ããŒã¹ã«ç»é²ãããŠããæ å ±ã衚瀺ããŸãã
ææ³
show mac-address-table [address mac-address [mask]] [interface interface] [vlan vlan-id] [sort {address | vlan | interface}]
⢠mac-address â MACã¢ãã¬ã¹
⢠mask â ã¢ãã¬ã¹å ã®ãããæ°
⢠interface
ïŒ ethernet unit/port
ãïŒ unit â ãŠãããçªå·ãâ1âãïŒ port â ããŒãçªå·ïŒç¯å²ïŒ1-12ïŒ
⢠port-channel channel-idïŒç¯å²ïŒ1-6ïŒ
⢠vlan-id â VLAN ID (1-4094)
⢠sort â ã¢ãã¬ã¹ãVLANãã€ã³ã¿ãã§ãŒã¹ã«ãã䞊ã³æ¿ã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
äŸ
Console#show mac-address-table Interface Mac Address Vlan Type --------- ----------------- ---- ----------------- Eth 1/1 00-00-E8-49-5E-DC 1 Delete-on-reset Trunk 2 00-E0-29-8F-AA-1B 1 LearnedConsole#
380FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¢ãã¬ã¹ããŒãã«
mac-address-table aging-time
ã¢ãã¬ã¹ããŒãã«ã®ãšãŒãžã³ã°ã¿ã€ã ãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
mac-address-table aging-time seconds
no mac-address-table aging-time
⢠seconds - ç§æ°ãèšå®ããŸã (10-30000ã®å€ã0ã«èšå®ããå Žåã¯ãšãŒãžã³ã°ãç¡å¹ã«ããŸã )
åæèšå®
300ïŒç§ïŒ
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
ãšãŒãžã³ã°ã¿ã€ã ã¯åç転éæ å ±ãæ¬æ©ã«ä¿æããæéãè¡šããŸãã
äŸ
show mac-address-table aging-time
ã¢ãã¬ã¹ããŒãã«ã®ãšãŒãžã³ã°ã¿ã€ã ã衚瀺ããŸãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console(config)#mac-address-table aging-time 100 secConsole(config)#
Console#show mac-address-table aging-time Aging time: 100 sec.Console#
381 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
3.18 ã¹ããã³ã°ããªãŒ
æ¬æ©ãžã®ã¹ããã³ã°ããªãŒã¢ã«ãŽãªãºã (Spanning Tree Algorithm/STA)ã®èšå®ãšãéžæããã€ã³ã¿ãã§ãŒã¹ãžã® STAã®èšå®ãè¡ãã³ãã³ãã§ãã
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
spanning-tree ã¹ããã³ã°ããªãŒãããã³ã«ã®æå¹å GC P383
spanning-tree mode STP/RSTP/MSTPã¢ãŒãã®éžæ GC P384
spanning-treeforward-time
ã¹ããã³ã°ããªãŒããªããžè»¢éæéã®èšå® GCP385
spanning-tree hello-time ã¹ããã³ã°ããªãŒããªããžãããŒæéã®èšå® GC P386
spanning-tree max-age ã¹ããã³ã°ããªãŒããªããžæé·æéã®èšå® GC P387
spanning-tree priority ã¹ããã³ã°ããªãŒããªããžãã©ã€ãªãªãã£ã®èšå® GC P388
spanning-treepath-cost method RSTP/MSTPã®ãã¹ã³ã¹ãæ¹æ³ã®èšå® GC P389
spanning-treetransmission-limit RSTP/MSTPã®éä¿¡ãªãããã®èšå® GC P390
spanning-tree-mst-configuration MSTPèšå®ã¢ãŒãã®å€æŽ GC P390
mst vlan ã¹ããã³ã°ããªãŒã€ã³ã¹ã¿ã³ã¹ãžã® VLANã®è¿œå MST P391
mst priority ã¹ããã³ã°ããªãŒã€ã³ã¹ã¿ã³ã¹ã®ãã©ã€ãªãªãã£ã®èšå® MST P392
name MSTåã®èšå® MST P393
revision MSTãªããžã§ã³ãã³ããŒã®èšå® MST P394
max-hops BPDUãç Žæ£ãããåæ倧ãããæ°ã®èšå® MST P395
spanning-treespanning-disabled ã€ã³ã¿ãã§ãŒã¹ã®ã¹ããã³ã°ããªãŒã®ç¡å¹å IC P395
spanning-tree cost åã€ã³ã¿ãã§ãŒã¹ã®ã¹ããã³ã°ããªãŒã®ãã¹ã³ã¹ãèšå® IC P396
spanning-tree port-priority
åã€ã³ã¿ãã§ãŒã¹ã®ã¹ããã³ã°ããªãŒã®ãã©ã€ãªãªãã£èšå®
IC P397
spanning-tree edge-port ãšããžããŒããžã®ããŒããã¡ã¹ãã®æå¹å IC P398
spanning-tree portfast ã€ã³ã¿ãã§ãŒã¹ã®ããŒããã¡ã¹ãã®èšå® IC P399
spanning-tree link-type RSTP/MSTPã®ãªã³ã¯ã¿ã€ããèšå® IC P400
spanning-tree mst cost MSTã€ã³ã¹ã¿ã³ã¹ã®ãã¹ã³ã¹ãã®èšå® IC P401
spanning-tree mstport-priority MSTã€ã³ã¹ã¿ã³ã¹ãã©ã€ãªãªãã£ã®èšå® IC P402
spanning-treeprotocol-migration é©å㪠BPDUãã©ãŒãããã®åç¢ºèª PE P403
show spanning-tree ã¹ããã³ã°ããªãŒã®èšå®ã衚瀺 PE P404
show spanning-treeãmst configuration
MSTèšå®ã®è¡šç€º PE P406
382FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
spanning-tree
æ¬æ©ã«å¯Ÿã㊠STAãæå¹ã«èšå®ããŸãã"no"ãåã«çœ®ãããšã§æ©èœãç¡å¹ã«ããŸãã
ææ³
[no] spanning-tree
åæèšå®
STAæå¹
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
STAã¯ãããã¯ãŒã¯ã®ã«ãŒããé²ãã€ã€ããªããžãã¹ã€ããåã³ã«ãŒã¿éã®ããã¯ã¢ãããªã³ã¯ãæäŸããŸããSTAæ©èœãæããã¹ã€ãããããªããžåã³ã«ãŒã¿éã§äºãã«é£æºããåæ©åšéã®ãªã³ã¯ã§ 1ã€ã®ã«ãŒããã¢ã¯ãã£ãã«ãªãããã«ããŸãããŸããå¥éããã¯ã¢ããçšã®ãªã³ã¯ãæäŸããã¡ã€ã³ã®ãªã³ã¯ãããŠã³ããå Žåã«ã¯èªåçã«ããã¯ã¢ãããè¡ããŸãã
äŸ
æ¬äŸã§ã¯ STAãæå¹ã«ããŠããŸãã
Console(config)#spanning-treeConsole(config)#
383 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
spanning-tree mode
STPã®ã¢ãŒããèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
spanning-tree mode {stp | rstp}
no spanning-tree mode
⢠stp â Spanning Tree ProtocolïŒIEEE 802.1Dæºæ ïŒ
⢠rstp â Rapid Spanning Tree ProtocolïŒIEEE 802.1wæºæ ïŒ
⢠mstpâ mstp - Multiple Spanning TreeïŒIEEE 802.1sæºæ ïŒ
åæèšå®
rstp
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠Spanning Tree Protocol(STP)ã¹ã€ããå éšã§ã¯ RSTPãçšããŸãããå€éšãžã¯ IEEE802.1Dæºæ ã® BPDUã®éä¿¡ã®ã¿ãè¡ããŸãã
⢠Rapid Spanning Tree Protocol(RSTP)RSTPã¯ä»¥äžã®å ¥ã£ãŠããã¡ãã»ãŒãžã®çš®é¡ãå€æã STPåã³ RSTPã®ãããã«ãèªåçã«å¯Ÿå¿ããããšãã§ããŸãã
ïŒ STP Mode â ããŒãã®ç§»è¡é 延ã¿ã€ããŒãåããåŸã« IEEE802.1D BPDUãåãåããšãæ¬æ©ã¯ IEEE802.1Dããªããžãšæ¥ç¶ããŠãããšå€æããIEEE802.1D BPDUã®ã¿ã䜿çšããŸãã
ïŒ RSTP Mode â IEEE802.1D BPDUã䜿çšããããŒãã®ç§»è¡é 延ã¿ã€ããŒãåããåŸã«RSTP BPDUãåãåããšãRSTPã¯ç§»è¡é 延ã¿ã€ããŒãåã¹ã¿ãŒãããããã®ããŒãã«å¯Ÿã RSTP BPDUã䜿çšããŸãã
⢠Multiple Spanning Tree Protocol(MSTP)
ïŒãããã¯ãŒã¯äžã§ MSTPãæå¹ã«ããã«ã¯ãæ¥ç¶ãããé¢é£ããããªããžã«ãããŠãåæ§ã® MSTPã®èšå®ãè¡ãªããã¹ããã³ã°ããªãŒã€ã³ã¹ã¿ã³ã¹ã«åå ããããšãèš±å¯ããå¿ èŠããããŸãã
ïŒã¹ããã³ã°ããªãŒã€ã³ã¹ã¿ã³ã¹ã¯ãäºææ§ãæ〠VLANã€ã³ã¹ã¿ã³ã¹ãæã€ããªããžã«ã®ã¿èšå®å¯èœã§ãã
ïŒã¹ããã³ã°ããªãŒã¢ãŒããå€æŽããå Žåãå€æŽåã®ã¢ãŒãã®ã¹ããã³ã°ããªãŒã€ã³ã¹ã¿ã³ã¹ããã¹ãŠæ¢ãããã®åŸæ°ããã¢ãŒãã«ãããŠéä¿¡ãåéããŸããã¹ããã³ã°ããªãŒã®ã¢ãŒãå€æŽæã«ã¯éä¿¡ãäžæçã«é®æãããã®ã§æ³šæããŠäžããã
äŸ
æ¬äŸã§ã¯ RSTPã䜿çšããèšå®ãããŠããŸãã
Console(config)#spanning-tree mode rstpConsole(config)#
384FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
spanning-tree forward-time
ã¹ããã³ã°ããªãŒè»¢éé 延æéãæ¬æ©ãã¹ãŠã®ã€ã³ã¿ãã§ãŒã¹ã«èšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
spanning-tree forward-time seconds
no spanning-tree forward-time
⢠seconds â ç§æ°ïŒç¯å²ïŒ4-30ç§ïŒæå°å€ã¯ 4å㯠[(max-age / 2) + 1]ã®ã©ã¡ããå°ããæ¹ãšãªããŸãã
åæèšå®
15ïŒç§ïŒ
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
ã«ãŒãããã€ã¹ãã¹ããŒã¿ã¹ãå€æŽãããŸã§ã®æ倧æéãèšå®ããããšãã§ããŸããåããã€ã¹ããã¬ãŒã ã®è»¢éãã¯ãããåã«ããããžãŒå€æŽãåãåãããã«é 延æéãå¿ èŠã§ãããŸããåããŒãã®ç«¶åããæ å ±ãåä¿¡ããå»æ£ããããã«ãæéãå¿ èŠãšãªããŸããããããªããã°äžæçã«ã§ããããŒã¿ã®ã«ãŒããçºçããŸãã
äŸ
Console(config)#spanning-tree forward-time 20Console(config)#
385 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
spanning-tree hello-time
ã¹ããã³ã°ããªãŒ Helloã¿ã€ã ãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
spanning-tree hello-time time
no spanning-tree hello-time
⢠time â ç§æ°ïŒç¯å²ïŒ1-10ç§ïŒæ倧å€ã¯ 10ãŸã㯠[(max-age / 2) -1]ã®å°ããæ¹ãšãªããŸãã
åæèšå®
2ïŒç§ïŒ
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
èšå®æ å ±ã®éä¿¡ãè¡ãééãèšå®ããããã®ã³ãã³ãã§ãã
äŸ
Console(config)#spanning-tree hello-time 5Console(config)#
386FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
spanning-tree max-age
ã¹ããã³ã°ããªãŒã®æ倧ãšãŒãžã³ã°ã¿ã€ã ãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
spanning-tree max-age seconds
no spanning-tree max-age
⢠seconds â ç§ïŒç¯å²ïŒ6-40ç§ïŒæå°å€ã¯ 6å㯠[2 x (hello-time + 1)]ã®ã©ã¡ãã倧ããå€ã§ããæ倧å€ã¯ 40å㯠[2 x (forward-time - 1)]ã®ã©ã¡ããå°ããå€ã§ãã
åæèšå®
20ïŒç§ïŒ
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
èšå®å€æŽãè¡ãåã«èšå®æ å ±ãåãåããŸã§ã®æå€§åŸ ã¡æéïŒç§ïŒã
æå®ããŒããé€ããã¹ãŠã®ããŒããèšå®æ å ±ãäžå®ã®ééã§åãåããŸããã¿ã€ã ã¢ãŠããã STPããŒãã¯ä»å±ãã LANã®ããã®æå®ããŒãã«ãªããŸãããã®ããŒããã«ãŒãããŒãã®å Žåããããã¯ãŒã¯ã«æ¥ç¶ãããä»ã®ããŒããã«ãŒãããŒããšããŠéžæãããŸãã
äŸ
Console(config)#spanning-tree max-age 40Console(config)#
387 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
spanning-tree priority
æ¬æ©å šäœã«å¯ŸããŠã¹ããã³ã°ããªãŒã®ãã©ã€ãªãªãã£ã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
spanning-tree priority priority
no spanning-tree priority
⢠priority â ããªããžã®åªå é äœ(0, 4096, 8192, 12288, 16384, 20480, 24576, 28672, 32768, 36864, 40960, 45056, 49152, 53248, 57344, 61440)
åæèšå®
32768
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
ãã©ã€ãªãªãã£ã¯ã«ãŒãããã€ã¹ãã«ãŒãããŒããæå®ããŒãã決å®ããéã«äœ¿çšãããŸããäžçªé«ããã©ã€ãªãªãã£ãæã£ãããã€ã¹ã STAã«ãŒãããã€ã¹ãšãªããŸãããã¹ãŠã®ããã€ã¹ãåããã©ã€ãªãªãã£ã®å ŽåãMACã¢ãã¬ã¹ãäžçªå°ããããã€ã¹ãã«ãŒãããã€ã¹ãšãªããŸãã
äŸ
Console(config)#spanning-tree priority 40960Console(config)#
388FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
spanning-tree pathcost method
RSTPã®ãã¹ã³ã¹ããèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
spanning-tree pathcost method {long | short}
no spanning-tree pathcost method
⢠long â 0-200,000,000ãŸã§ã® 32ãããã®å€
⢠short â 0-65535ãŸã§ã® 16ãããã®å€
åæèšå®
long
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
ãã¹ã³ã¹ãã¯ããã€ã¹éã®æé©ãªãã¹ã決å®ããããã«äœ¿çšãããŸããé床ã®éãããŒãã«å¯Ÿãå°ããå€ãèšå®ããé床ã®é ãããŒãã«å¯Ÿã倧ããªå€ãèšå®ããŸããpathcost㯠port priorityãããåªå ãããŸãã
äŸ
Console(config)#spanning-tree pathcost method longConsole(config)#
389 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
spanning-tree transmission-limit
RSTP BPDUã®æå°éä¿¡ééãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
spanning-tree transmission-limit count
no spanning-tree transmission-limit
⢠count â 転éãªãããã®ç§æ°ïŒç¯å²ïŒ1-10ç§ïŒ
åæèšå®
3
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
æ¬ã³ãã³ãã§ã¯ BPDUã®æ倧転éã¬ãŒããå¶éããŸãã
äŸ
spanning-tree mst-configuration
MSTèšå®ã¢ãŒãã«ç§»è¡ããŸãã
åæèšå®
⢠MSTã€ã³ã¹ã¿ã³ã¹ã« VLANããããã³ã°ãããŠããŸãã
⢠ãªãžã§ã³åã¯æ¬æ©ã® MACã¢ãã¬ã¹ã§ã
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
é¢é£ããã³ãã³ã
mst vlan (P391)
mst priority (P392)
name (P393)
revision (P394)
max-hops (P395)
Console(config)#spanning-tree transmission-limit 4Console(config)#
Console(config)#spanning-tree mst-configurationConsole(config-mstp)#
390FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
mst vlan
ã¹ããã³ã°ããªãŒã€ã³ã¹ã¿ã³ã¹ã« VLANãè¿œå ããŸãã"no"ãåã«çœ®ãããšã§ç¹å®ã® VLANãåé€ããŸããVLANãæå®ããªãå Žåã«ã¯ãã¹ãŠã® VLANãåé€ããŸãã
ææ³mst instance_id vlan vlan-range
no mst instance_id vlan vlan-range
⢠instance_id â MSTã€ã³ã¹ã¿ã³ã¹ IDïŒç¯å²ïŒ0-4094ïŒ
⢠vlan-range â VLANç¯å²ïŒç¯å²ïŒ1-4094ïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
MST Configuration
ã³ãã³ã解説
⢠æ¬ã³ãã³ãã«ããã¹ããã³ã°ããªãŒã« VLANãã°ã«ãŒãåããŸããMSTPã¯åã€ã³ã¹ã¿ã³ã¹ã«å¯Ÿãç¹å®ã®ã¹ããã³ã°ããªãŒãçæããŸããããã«ãããããã¯ãŒã¯äžã«è€æ°ã®ãã¹ãæ§ç¯ããéä¿¡ã®ããŒããã©ã³ã¹ãè¡ããåäžã®ã€ã³ã¹ã¿ã³ã¹ã«äžå ·åãçºçããå Žåã«å€§èŠæš¡ãªãããã¯ãŒã¯ã®é害ãçºçããããšãåé¿ãããšå ±ã«ãäžå ·åã®çºçããã€ã³ã¹ã¿ã³ã¹ã®æ°ããããããžãŒãžã®å€æŽãè¿ éã«è¡ãªããŸãã
⢠åæèšå®ã§ã¯ãMSTãªãžã§ã³å ã®ãã¹ãŠã®ããªããžãš LANã«æ¥ç¶ããããã¹ãŠã® VLANãå éšã¹ããã³ã°ããªãŒ (MSTI 0)ã«å²ãåœãŠãããŠããŸããæ¬æ©ã§ã¯æ倧 58ã®ã€ã³ã¹ã¿ã³ã¹ããµããŒãããŠããŸããäœããåäžã€ã³ã¹ã¿ã³ã¹ã®ã»ããã«ããåäž MSTIå ã®ãã¹ãŠã®ããªããžãåã³åäž VLANã®ã»ããã«ããåäžã€ã³ã¹ã¿ã³ã¹ã圢æããå¿ èŠããããŸããRSTPã¯åäžããŒããšããŠå MSTIãæ±ãããã¹ãŠã® MSTIã Common Spanning TreeãšããŠæ¥ç¶ããç¹ã«æ³šæããŠäžããã
[泚æ ]ãMSTã®èšå®ãè¡ãéã«ã¯ãäºåã« spanning-tree modeã mstpã«éžæããŠãã ãããïŒP384 ãspanning-tree modeããåç §ïŒ
äŸ
Console(config-mstp)#mst 1 vlan 2-5Console(config-mstp)#
391 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
mst priority
ã¹ããã³ã°ããªãŒã€ã³ã¹ã¿ã³ã¹ã®ãã©ã€ãªãªãã£ãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
mst instance_id priority priority
no mst instance_id priority
⢠instance_id â MSTã€ã³ã¹ã¿ã³ã¹ IDïŒç¯å²ïŒ0-4094ïŒ
⢠priority â MSTã€ã³ã¹ã¿ã³ã¹ã®ãã©ã€ãªãªãã£(0, 4096, 8192, 12288, 16384, 20480, 24576, 28672, 32768, 36864, 40960, 45056, 49152, 53248, 57344, 61440)
åæèšå®
32768
ã³ãã³ãã¢ãŒã
MST Configuration
ã³ãã³ã解説
⢠MSTãã©ã€ãªãªãã£ã¯ã«ãŒãããã€ã¹ãç¹å®ã®ã€ã³ã¹ã¿ã³ã¹ã®ä»£çããªããžã®æ±ºå®ã«äœ¿çšãããŸããäžçªé«ããã©ã€ãªãªãã£ãæã£ãããã€ã¹ã MSTIã«ãŒãããã€ã¹ãšãªããŸãããã¹ãŠã®ããã€ã¹ãåããã©ã€ãªãªãã£ã®å ŽåãMACã¢ãã¬ã¹ãäžçªå°ããããã€ã¹ãã«ãŒãããã€ã¹ãšãªããŸãã
⢠ãã©ã€ãªãªãã£ã 0ã«èšå®ããããšã«ããæ¬æ©ã MSTIã®ã«ãŒãããã€ã¹ã«ã16384ã«èšå®ããããšã«ãã代çããã€ã¹ã«èšå®ã§ããŸãã
äŸ
Console(config-mstp)#mst 1 priority 4096Console(config-mstp)#
392FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
name
æ¬æ©ã®èšçœ®ãããŠãã MSTãªãžã§ã³åã®èšå®ãè¡ãªããŸãã"no"ãåã«çœ®ãããšã§ååãåé€ããŸãã
ææ³
name name
⢠name â ã¹ããã³ã°ããªãŒå (32æå以å ïŒ
åæèšå®
æ¬æ©ã®MACã¢ãã¬ã¹
ã³ãã³ãã¢ãŒã
MST Configuration
ã³ãã³ã解説
MSTãªãžã§ã³åãšãªããžã§ã³ãã³ããŒã¯å¯äžã® MSTãªãžã§ã³ãæå®ããããã«äœ¿çšãããŸããïŒæ¬æ©ã®ãããªã¹ããã³ã°ããªãŒå¯Ÿå¿æ©åšã§ããïŒããªããžã¯ 1ã€ã® MSTãªãžã§ã³ã«ã®ã¿å±ãããšãã§ããŸããåããªãžã§ã³å ã®ãã¹ãŠã®ããªããžã¯ãã¹ãŠåã MSTã€ã³ã¹ã¿ã³ã¹ã®èšå®ãããå¿ èŠããããŸãã
äŸ
é¢é£ããã³ãã³ã
revision (P394)
Console(config-mstp)#name R&DConsole(config-mstp)#
393 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
revision
æ¬æ©ã®MSTèšå®ã®ãªããžã§ã³ãã³ããŒã®èšå®ãè¡ãªããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
revision number
⢠number â ã¹ããã³ã°ããªãŒã®ãªããžã§ã³ãã³ããŒïŒç¯å²ïŒ0-65535ïŒ
åæèšå®
0
ã³ãã³ãã¢ãŒã
MST Configuration
ã³ãã³ã解説
MSTãªãžã§ã³åãšãªããžã§ã³ãã³ããŒã¯å¯äžã® MSTãªãžã§ã³ãæå®ããããã«äœ¿çšãããŸããïŒæ¬æ©ã®ãããªã¹ããã³ã°ããªãŒå¯Ÿå¿æ©åšã§ããïŒããªããžã¯ 1ã€ã® MSTãªãžã§ã³ã«ã®ã¿å±ãããšãã§ããŸããåããªãžã§ã³å ã®ãã¹ãŠã®ããªããžã¯ãã¹ãŠåã MSTã€ã³ã¹ã¿ã³ã¹ã®èšå®ãããå¿ èŠããããŸãã
äŸ
é¢é£ããã³ãã³ã
name (P393)
Console(config-mstp)#revision 1Console(config-mstp)#
394FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
max-hops
BPDUãç Žæ£ãããåã® MSTå ã§ã®æ倧ãããæ°ãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
max-hops hop-number
⢠hop-number â MSTã®æ倧ãããæ°ïŒèšå®ç¯å²ïŒ1-40ïŒ
åæèšå®
20
ã³ãã³ãã¢ãŒã
MST Configuration
ã³ãã³ã解説
MSTIãªãžã§ã³ã¯ STPãš RSTPãããã³ã«ã§ã¯åäžã®ããŒããšããŠæ±ãããŸããåŸã£ãŠ MSTIãªãžã§ã³å ã® BPDUã®ã¡ãã»ãŒãžãšã€ãžã¯å€æŽãããŸããããããããªãžã§ã³å ã®åã¹ããã³ã°ããªãŒã€ã³ã¹ã¿ã³ã¹åã³ã€ã³ã¹ã¿ã³ã¹ãæ¥ç¶ããå éšã¹ããã³ã°ããªãŒ (IST)ã¯ãBPDUãåºããããããªããžã®æ倧æ°ãæå®ããããã« hopã«ãŠã³ãã䜿çšããŸããåããªããžã¯ BPDUãæž¡ãåã« hopã«ãŠã³ãã 1ã€æžãããŸããhopã«ãŠã³ãã 0ã«ãªã£ãå Žåã«ã¯ã¡ãã»ãŒãžã¯ç Žæ£ãããŸãã
äŸ
spanning-tree spanning-disabled
ç¹å®ã®ããŒãã® STAãç¡å¹ã«ããŸãã"no"ãåã«çœ®ãããšã§åã³ STAãæå¹ã«ããŸãã
ææ³
[no] spanning-tree spanning-disabled
åæèšå®
æå¹
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
äŸ
5çªããŒãã® STAãç¡å¹ã«ããŠããŸãã
Console(config-mstp)#max-hops 30Console(config-mstp)#
Console(config)#interface ethernet 1/5Console(config-if)#spanning-tree spanning-disabledConsole(config-if)#
395 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
spanning-tree cost
åããŒãã® STAãã¹ã³ã¹ããèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
spanning-tree cost cost
no spanning-tree cost
⢠cost â ã€ã³ã¿ãã§ãŒã¹ãžã®ãã¹ã³ã¹ãã®å€ïŒç¯å²ïŒ1-200,000,000)
æšå¥šããå€ã¯ä»¥äžã®éãã§ãã
ïŒ Ethernet (10Mbps): 200,000-20,000,000
ïŒ Fast Ethernet (100Mbps): 20,000-2,000,000
ïŒ Gigabit Ethernet (1Gbps): 2,000-200,000
åæèšå®
⢠Ethernet â half duplex: 2,000,000ãfull duplex: 1,000,000ããã©ã³ã¯ : 500,000
⢠Fast Ethernet â half duplex: 200,000ãfull duplex: 100,000ããã©ã³ã¯ : 50,000
⢠Gigabit Ethernet â full duplex: 10,000ããã©ã³ã¯ : 5,000
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠æ¬ã³ãã³ãã¯ããã€ã¹éã® STAã®ãã¹ãæé©ã«æ±ºå®ããããã®ã³ãã³ãã§ããåŸã£ãŠãé床ã®éãããŒãã«å¯Ÿãå°ããå€ãèšå®ããé床ã®é ãããŒãã«å¯Ÿã倧ããªå€ãèšå®ããŸãã
⢠ãã¹ã³ã¹ãã¯ããŒããã©ã€ãªãªãã£ããåªå ãããŸãã
⢠STPãã¹ã³ã¹ãã "short"ã«èšå®ãããŠããå Žåã«ã¯æ倧å€ã 65,535ãšãªããŸãã
äŸ
Console(config)#interface ethernet 1/5Console(config-if)#spanning-tree cost 5000Console(config-if)#
396FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
spanning-tree port-priority
æå®ããŒãã®ãã©ã€ãªãªãã£ãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
spanning-tree port-priority priority
no spanning-tree port-priority
⢠priority â ããŒãã®åªå é äœïŒç¯å²ïŒ16éé㧠0-240ã®å€ïŒ
åæèšå®
128
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠STPã«äœ¿çšããããŒãã®åªå é äœãæå®ããããã®ã³ãã³ãã§ããããããã¹ãŠã®ããŒãã®ãã¹ã³ã¹ããåãå Žåã«ã¯ãé«ãåªå é äœïŒäœãèšå®å€ïŒã®ããŒãã STPã®ã¢ã¯ãã£ããªã³ã¯ãšãªããŸãã
⢠1ã€ä»¥äžã®ããŒãã«æåªå é äœãå²ãåœãŠãããå ŽåãããŒãçªå·ã®äœãããŒããæå¹ãšãªããŸãã
äŸ
é¢é£ããã³ãã³ã
spanning-tree cost (P396)
Console(config)#interface ethernet 1/5Console(config-if)#spanning-tree port-priority 128Console(config-if)#
397 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
spanning-tree edge-port
ãšããžã«å¯ŸããããŒããæå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
[no] spanning-tree edge-port
åæèšå®
ç¡å¹ (Disabled)
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠æ¬ã³ãã³ãã¯éžæããããŒãã«å¯Ÿããã¡ã¹ãã¹ããã³ã°ããªãŒã¢ãŒãã®èšå®ãè¡ããŸãããã®ã¢ãŒãã§ã¯ãããŒãã¯åŠç¿ã¹ããŒãããã¹ããŠããã©ã¯ãŒãã£ã³ã°ãè¡ããŸãããšã³ãããŒãã§ã¯ã«ãŒããçºçããªããããã¹ããã³ã°ããªãŒã¹ããŒãã®å€æŽãéåžžãããæ©ãè¡ãããšãã§ããŸãããã¡ã¹ããã©ã¯ãŒãã£ã³ã°ã¯ããšã³ãããŒãã®ãµãŒããã¯ãŒã¯ã¹ããŒã·ã§ã³ã«å¯Ÿã STPã«ããã¿ã€ã ã¢ãŠãã軜æžããŸããïŒãã¡ã¹ããã©ã¯ãŒãã£ã³ã°ã¯LANã®ãšã³ãããŒãã®ããã€ã¹å㯠LANã®ãšã³ãã®ããªããžã«æ¥ç¶ãããããŒãã«ã®ã¿æå¹ã«ããŠäžãããïŒ
⢠æ¬ã³ãã³ã㯠"spanning-tree portfast"ã³ãã³ããšåäžã®æ©èœã§ãã
äŸ
é¢é£ããã³ãã³ã
spanning-tree portfast (P399)
Console(config)#interface ethernet ethernet 1/5Console(config-if)#spanning-tree edge-portConsole(config-if)#
398FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
spanning-tree portfast
ããŒããããŒããã¡ã¹ãã«æå®ããŸãã"no"ãåã«çœ®ãããšã§æ¬æ©èœãç¡å¹ã«ããŸãã
ææ³
[no] spanning-tree portfast
åæèšå®
ç¡å¹ (Disabled)
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠æ¬ã³ãã³ãã¯éžæããããŒãã«å¯Ÿããã¡ã¹ãã¹ããã³ã°ããªãŒã¢ãŒãã®èšå®ãè¡ããŸãããã®ã¢ãŒãã§ã¯ãããŒãã¯åŠç¿ã¹ããŒãããã¹ããŠããã©ã¯ãŒãã£ã³ã°ãè¡ããŸãã
⢠ãšã³ãããŒãã§ã¯ã«ãŒããçºçããªããããã¹ããã³ã°ããªãŒã¹ããŒãã®å€æŽãéåžžãããæ©ãè¡ãããšãã§ããŸãããã¡ã¹ããã©ã¯ãŒãã£ã³ã°ã¯ããšã³ãããŒãã®ãµãŒããã¯ãŒã¯ã¹ããŒã·ã§ã³ã«å¯Ÿã STPã«ããã¿ã€ã ã¢ãŠãã軜æžããŸãïŒãã¡ã¹ããã©ã¯ãŒãã£ã³ã°ã¯ LANã®ãšã³ãããŒãã®ããã€ã¹å㯠LANã®ãšã³ãã®ããªããžã«æ¥ç¶ãããããŒãã«ã®ã¿æå¹ã«ããŠäžããïŒ
⢠æ¬ã³ãã³ã㯠"spanning-tree edge-port"ã³ãã³ããšåãæ©èœãæããŸããæ¬ã³ãã³ãã¯æ§è£œåãšã®äºææ§ãä¿ã€ããã«çšæãããŠãããå°æ¥ã®ãã¡ãŒã ãŠã§ã¢ã§ã¯äœ¿çšã§ããªããªãå¯èœæ§ããããŸãã
äŸ
é¢é£ããã³ãã³ã
spanning-tree edge-port (P398)
Console(config)#interface ethernet 1/5Console(config-if)#spanning-tree portfastConsole(config-if)#
399 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
spanning-tree link-type
RSTPã®ãªã³ã¯ã¿ã€ããèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
spanning-tree link-type {auto | point-to-point | shared}
no spanning-tree link-type
⢠auto â duplexã¢ãŒãã®èšå®ããèªåçã«èšå®
⢠point-to-point â point to pointãªã³ã¯
⢠shared â ã·ã§ã¢ãŒãããã£ã¢ã
åæèšå®
auto
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠ããŒãã察åã®ããªããžã«ã®ã¿æ¥ç¶ãããŠããå Žå㯠point-to-pointãªã³ã¯ããè€æ°ã®ããªããžã«æ¥ç¶ãããŠããå Žåã«ã¯ sharedãéžæããŸãã
⢠èªåæ€ç¥ãéžæãããŠããå Žåããªã³ã¯ã¿ã€ã㯠duplexã¢ãŒãããéžæãããŸããFull-duplexã®ããŒãã§ã¯ point-to-pointãªã³ã¯ããhalf-duplexããŒãã§ã¯ãsharedãªã³ã¯ãèªåçã«éžæãããŸãã
⢠RSTP㯠2ã€ã®ããªããžéã® point-to-pointãªã³ã¯ã§ã®ã¿æ©èœããŸããæå®ãããããŒããsharedãªã³ã¯ã®å Žåã«ã¯ RSTPã¯èš±å¯ãããŸããã
äŸ
Console(config)#interface ethernet 1/5Console(config-if)#spanning-tree link-type point-to-point
400FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
spanning-tree mst cost
MSTã®ã€ã³ã¹ã¿ã³ã¹ã®ãã¹ã³ã¹ãã®èšå®ãè¡ãªããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
spanning-tree mst instance_id cost cost
no spanning-tree mst instance_id cost
⢠instance_id â MSTã€ã³ã¹ã¿ã³ã¹ IDïŒç¯å²ïŒ0-4094ïŒ
⢠cost â ã€ã³ã¿ãã§ãŒã¹ãžã®ãã¹ã³ã¹ãã®å€ (1-200,000,000)æšå¥šããå€ã¯ä»¥äžã®éãã§ããïŒ Ethernet (10Mbps): 200,000-20,000,000ïŒ Fast Ethernet (100Mbps): 20,000-2,000,000ïŒ Gigabit Ethernet (1Gbps): 2,000-200,000
åæèšå®
⢠Ethernet â half duplex: 2,000,000ãfull duplex: 1,000,000ããã©ã³ã¯ : 500,000
⢠Fast Ethernet â half duplex: 200,000ãfull duplex: 100,000ããã©ã³ã¯ : 50,000
⢠Gigabit Ethernet â full duplex: 10,000ããã©ã³ã¯ : 5,000
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠åã¹ããã³ã°ããªãŒã€ã³ã¹ã¿ã³ã¹ã¯ VLAN IDã«é¢é£ä»ããããŸãã
⢠æ¬ã³ãã³ãã¯ããã€ã¹éã® MSTAã®ãã¹ãæé©ã«æ±ºå®ããããã®ã³ãã³ãã§ããåŸã£ãŠãé床ã®éãããŒãã«å¯Ÿãå°ããå€ãèšå®ããé床ã®é ãããŒãã«å¯Ÿã倧ããªå€ãèšå®ããŸãã
⢠ãã¹ã³ã¹ãã¯ã€ã³ã¿ãã§ãŒã¹ãã©ã€ãªãªãã£ããåªå ãããŸãã
äŸ
é¢é£ããã³ãã³ã
spanning-tree mst port-priority (P402)
Console(config)#interface ethernet ethernet 1/5Console(config-if)#spanning-tree mst 1 cost 50Console(config-if)#
401 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
spanning-tree mst port-priority
MSTã€ã³ã¹ã¿ã³ã¹ã®ã€ã³ã¿ãã§ãŒã¹ãã©ã€ãªãªãã£ã®èšå®ãè¡ãªããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
spanning-tree mst instance_id port-priority priority
no spanning-tree mst instance_id port-priority
⢠instance_id â MSTã€ã³ã¹ã¿ã³ã¹ IDïŒç¯å²ïŒ0-4094ïŒ
⢠priority â ããŒãã®åªå é äœïŒ16éé㧠0-240ã®å€ïŒ
åæèšå®
128
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠MSTã«äœ¿çšããã€ã³ã¿ãã§ãŒã¹ã®åªå é äœãæå®ããããã®ã³ãã³ãã§ããããããã¹ãŠã®ããŒãã®ãã¹ã³ã¹ããåãå Žåã«ã¯ãé«ãåªå é äœïŒäœãèšå®å€ïŒã®ããŒãã STPã®ã¢ã¯ãã£ããªã³ã¯ãšãªããŸãã
⢠è€æ°ã®ããŒãã«æåªå é äœãå²ãåœãŠãããå ŽåãããŒãçªå·ã®äœãããŒããæå¹ãšãªããŸãã
äŸ
é¢é£ããã³ãã³ã
spanning-tree mst cost (P401)
Console(config)#interface ethernet ethernet 1/5Console(config-if)#spanning-tree mst 1 port-priority 0Console(config-if)#
402FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
spanning-tree protocol-migration
éžæããããŒãã«éä¿¡ããé©å㪠BPDUãã©ãŒããããå確èªããŸãã
ææ³
spanning-tree protocol-migration interface
⢠interface
ïŒ ethernet unit/port
ãïŒ unit â ãŠãããçªå·ãâ1â
ãïŒ port â ããŒãçªå·ïŒç¯å²ïŒ1-12ïŒ
ïŒ port-channel channel-idïŒç¯å²ïŒ1-32ïŒ
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
æ¬æ©ãèšå®ãããããžãŒãã§ã³ãž BPDUãå«ã STP BPDUãæ€ç¥ããå Žåã該åœããããŒãã¯èªåçã« STPäºæã¢ãŒãã«ã»ãããããŸãã"spanning-tree protocol-migration"ã³ãã³ãã䜿çšããæåã§éžæããããŒãã«å¯ŸããŠæé©ãª BPDUãã©ãŒãããïŒRSTPå㯠STPäºæïŒã®å確èªãè¡ãããšãã§ããŸãã
äŸ
Console#spanning-tree protocol-migration ethernet 1/5Console#
403 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
show spanning-tree
STPã®èšå®å 容ã衚瀺ããŸãã
ææ³
show spanning-tree
show spanning-tree ethernet unit / port
show spanning-tree port-channel channel-id
show spanning-tree mst instance-id
⢠ethernet unit / port
ãïŒ unit â ãŠãããçªå·ãâ1â
ãïŒ port â ããŒãçªå·ïŒç¯å²ïŒ1-12ïŒ
⢠port-channel channel-idïŒç¯å²ïŒ1-32ïŒ
⢠mst instance-id ïŒç¯å²ïŒ0-4094ïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
⢠ãã©ã¡ãŒã¿ã䜿ãã "show spanning-tree"ã³ãã³ãã䜿çšããå ŽåãããªãŒå ã®åã€ã³ã¿ãã§ãŒã¹ã®ããã®æ¬æ©ã®ã¹ããã³ã°ããªãŒèšå®ã衚瀺ãããŸãã
⢠"show spanning-tree interface"ã³ãã³ãã䜿çšããå Žåãæå®ããã€ã³ã¿ãã§ãŒã¹ã®ã¹ããã³ã°ããªãŒèšå®ã®ã¿è¡šç€ºãããŸãã
â¢ãSpanning-tree informationãã§è¡šç€ºãããæ å ±ã®è©³çŽ°ã¯ P88 ãã°ããŒãã«èšå®ããåç §ããŠäžãããåã€ã³ã¿ãã§ãŒã¹ã§è¡šç€ºãããå 容㯠P91 ãã€ã³ã¿ãã§ãŒã¹èšå®ã®è¡šç€ºããåç §ããŠäžããã
404FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
äŸ
Console#show spanning-treeSpanning Tree Information--------------------------------------------------------------- Spanning Tree Mode: MSTP Spanning Tree Enabled/Disabled: Enabled Instance: 0 VLANs Configuration: 1-4093 Priority: 32768 Bridge Hello Time (sec.): 2 Bridge Max Age (sec.): 20 Bridge Forward Delay (sec.): 15 Root Hello Time (sec.): 2 Root Max Age (sec.): 20 Root Forward Delay (sec.): 15 Max Hops: 20 Remaining Hops: 20 Designated Root: 32768.0.0013F715B2E0 Current Root Port: 0 Current Root Cost: 0 Number of Topology Changes: 1 Last Topology Change Time (sec.): 18819 Transmission Limit: 3 Path Cost Method: Long---------------------------------------------------------------Eth 1/ 1 Information--------------------------------------------------------------- Admin Status: Enabled Role: Disabled State: Discarding External Admin Path Cost: 10000 Internal Admin Path Cost: 10000 External Oper Path Cost: 10000 Internal Oper Path Cost: 10000 Priority: 128 Designated Cost: 0 Designated Port: 128.1 Designated Root: 32768.0.0013F715B2E0 Designated Bridge: 32768.0.0013F715B2E0 Fast Forwarding: Disabled Forward Transitions: 0 Admin Edge Port: Disabled Oper Edge Port: Disabled Admin Link Type: Auto Oper Link Type: Point-to-point Spanning Tree Status: Enabled..Console#
405 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ã¹ããã³ã°ããªãŒ
show spanning-tree mst configuration
MSTã®èšå®ã衚瀺ããŸãã
ææ³
show spanning-tree mst configuration
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show spanning-tree mst configurationMstp Configuration Information--------------------------------------------------------------Configuration name:XSTP REGION 0Revision level:0
Instance Vlans--------------------------------------------------------------
ãã1 ããã2Console#
406FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
3.19 VLAN
VLANã¯ãããã¯ãŒã¯äžã®ã©ãã«ã§ãäœçœ®ããããšãã§ããŸãããããããããããç©ççãªåäžã»ã°ã¡ã³ãã«å±ãããã®ããã«åäœããéä¿¡ãè¡ãããŒãã®ã°ã«ãŒãã§ãã
ããã§ã¯ VLANé¢é£ã³ãã³ãã䜿çšããæå®ããããŒãã® VLANã°ã«ãŒãã®çæãã¡ã³ããŒããŒãã®è¿œå ãVLANã¿ã°äœ¿çšæ³ã®èšå®ãèªå VLANç»é²ã®æå¹åãè¡ããŸãã
3.19.1 GVRPã®èšå®
GARP VLAN Registration Protocol(GVRP)ã¯ã¹ã€ãããèªåçã«ãããã¯ãŒã¯ãä»ããŠã€ã³ã¿ãã§ãŒã¹ã VLANã¡ã³ããŒãšããŠç»é²ããããã« VLANæ å ±ã亀æããæ¹æ³ãå®çŸ©ããŸããåã€ã³ã¿ãã§ãŒã¹åã¯æ¬æ©å šäœãžã® GVRPã®æå¹åã®æ¹æ³ãšãBridge Extension MIBã®èšå®ã®è¡šç€ºæ¹æ³ã説æããŠããŸãã
ã³ãã³ãã°ã«ãŒã
æ©èœ ããŒãž
GVRP and Bridge Extension GVRPã®èšå® P407
Editing VLAN Groups VLANåãVIDãç¶æ ãå«ã VLANã®èšå® P413
Configuring VLANInterfaces
å ¥åãã£ã«ã¿ãå ¥å /åºåã¿ã°ã¢ãŒããPVIDãGVRPãå«ã VLANã€ã³ã¿ãã§ãŒã¹ãã©ã¡ãŒã¿ã®èšå®
P415
Displaying VLANInformation
ç¶æ ãããŒãã¡ã³ããŒãMACã¢ãã¬ã¹ãå«ã VLANã°ã«ãŒãã®è¡šç€º
P422
Configuring PrivateVLANs
ã¢ãããªã³ã¯ãããŠã³ãªã³ã¯ããŒããå«ããã©ã€ããŒãVLANã®èšå®
P423
Configuring ProtocolVLANs
ãã¬ãŒã ã¿ã€ãããã³ãããã³ã«ãåºã«ãã Protocol-based VLANã®èšå®
P425
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
bridge-ext gvrp æ¬æ©å šäœã«å¯Ÿã GVRPãæå¹å GC P408
show bridge-ext bridge extensionæ å ±ã®è¡šç€º PE P409
switchport gvrp ã€ã³ã¿ãã§ãŒã¹ãžã® GVRPã®æå¹å IC P409
switchport forbidden vlan ã€ã³ã¿ãã§ãŒã¹ãžã®ç»é²çŠæ¢ VLANã®èšå® IC P421
show gvrpconfiguration
éžæããã€ã³ã¿ãã§ãŒã¹ãžã® GVRPã®èšå®ã®è¡šç€º
NE,PE P410
garp timer éžæããæ©èœãžã® GARPã¿ã€ããŒã®èšå® IC P411
show garptimer éžæããæ©èœãžã® GARPã¿ã€ããŒã®è¡šç€º
NE,PEP412
407 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
bridge-ext gvrp
GVRPãæå¹ã«èšå®ããŸãã"no"ãåã«çœ®ãããšã§æ©èœãç¡å¹ã«ããŸãã
ææ³
bridge-ext gvrp
no bridge-ext gvrp
åæèšå®
ç¡å¹ (Disabled)
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
GVRPã¯ãã¹ã€ããããããã¯ãŒã¯ãä»ããŠããŒãã VLANã¡ã³ããŒãšããŠç»é²ããããã« VLANæ å ±ã亀æããæ¹æ³ãå®çŸ©ããŸãããã®æ©èœã«ãã£ãŠèªåçã« VLANç»é²ãè¡ãããšãã§ããããŒã«ã«ã®ã¹ã€ãããè¶ãã VLANã®èšå®ããµããŒãããŸãã
äŸ
Console(config)#bridge-ext gvrpConsole(config)#
408FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
show bridge-ext
bridge extensionã³ãã³ãã®èšå®ã衚瀺ããŸãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
衚瀺ãããå 容㯠P102 ãVLANåºæ¬æ å ±ã®è¡šç€ºãåã³ P15 ãããªããžæ¡åŒµæ©èœã®è¡šç€ºããåç §ããŠäžããã
äŸ
switchport gvrp
ããŒãã® GVRPãæå¹ã«èšå®ããŸãã"no"ãåã«çœ®ãããšã§æ©èœãç¡å¹ã«ããŸãã
ææ³
[no] switchport gvrp
åæèšå®
ç¡å¹ (Disabled)
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
äŸ
Console#show bridge-extMax support vlan numbers: 256Max support vlan ID: 4094Extended multicast filtering services: NoStatic entry individual port: YesVLAN learning: IVLConfigurable PVID tagging: YesLocal VLAN capable: NoTraffic classes: EnabledGlobal GVRP status: EnabledGMRP: DisabledConsole#
Console(config)#interface ethernet 1/6Console(config-if)#switchport gvrpConsole(config-if)#
409 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
show gvrp configuration
GVRPãæå¹ãã©ããã衚瀺ããŸãã
ææ³
show gvrp configuration [interface]
⢠interface
ïŒ ethernet unit/port
ãunit â ãŠãããçªå·ãâ1â
ãport â ããŒãçªå·ïŒç¯å²ïŒ1-12ïŒ
ïŒ port-channel channel-idïŒç¯å²ïŒ1-6ïŒ
åæèšå®
å šäœãšåã€ã³ã¿ãã§ãŒã¹äž¡æ¹ã®èšå®ã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Normal Exec, Privileged Exec
äŸ
Console#show gvrp configuration ethernet 1/6Eth 1/ 6: Gvrp configuration: EnabledConsole#
410FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
garp timer
leaveãleaveallãjoinã¿ã€ããŒã«å€ãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã®å€ã«æ»ããŸãã
ææ³
garp timer {join | leave | leaveall} timer_value
no garp timer {join | leave | leaveall}
⢠{join | leave | leaveall} â èšå®ããã¿ã€ããŒã®çš®é¡
⢠timer_value â ã¿ã€ããŒã®å€
ç¯å²ïŒ
joinïŒ20-1000ã»ã³ãã»ã«ã³ã
leaveïŒ60-3000ã»ã³ãã»ã«ã³ã
leaveallïŒ500-18000ã»ã³ãã»ã«ã³ã
åæèšå®
⢠joinïŒ20ã»ã³ãã»ã«ã³ã
⢠leaveïŒ60ã»ã³ãã»ã«ã³ã
⢠leaveallïŒ1000ã»ã³ãã»ã«ã³ã
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠ããªããžããã LANå ã§ã®ã¯ã©ã€ã¢ã³ããµãŒãã¹ã®ã¯ã©ã€ã¢ã³ãå±æ§ã®ç»é²ãåé€ãè¡ãããã«ãGroup Address Registration Protocol(GARP)㯠GVRPåã³ GMRPã§äœ¿çšãããŸããGARPã¿ã€ããŒã®åæèšå®ã®å€ã¯ãã¡ãã£ã¢ã¢ã¯ã»ã¹æ¹æ³åã¯ããŒã¿ã¬ãŒããšç¬ç«ããŠããŸããGMRPå㯠GVRPç»é² /åé€ã«é¢ããåé¡ããªãå Žåã«ã¯ããããã®å€ã¯å€æŽããªãã§äžããã
⢠ã¿ã€ããŒã®å€ã¯ãã¹ãŠã® VLANã® GVRPã«èšå®ãããŸãã
⢠ã¿ã€ããŒã®å€ã¯ä»¥äžã®å€ã«ã§ããå¿ èŠããããŸã :leave >= (2 x join)leaveall > leave
[泚æ ]ã GVRPã¿ã€ããŒã®å€ã¯åäžãããã¯ãŒã¯å ã®ãã¹ãŠã® L2ã¹ã€ããã§åãã«èšå®ããŠäžãããåãå€ã«èšå®ãããªãå Žå㯠GVRPãæ£åžžã«æ©èœããŸããã
äŸ
é¢é£ããã³ãã³ã
show garp timer (P412)
Console(config)#interface ethernet 1/1Console(config-if)#garp timer join 100Console(config-if)#
411 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
show garp timer
éžæããããŒãã® GARPã¿ã€ããŒã衚瀺ããŸãã
ææ³
show garp timer [interface]
⢠interface
ïŒ ethernet unit/port
ãunit â ãŠãããçªå·ãâ1â
ãport â ããŒãçªå·ïŒç¯å²ïŒ1-12ïŒ
ïŒ port-channel channel-idïŒç¯å²ïŒ1-6ïŒ
åæèšå®
ãã¹ãŠã® GARPã¿ã€ããŒã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Normal Exec, Privileged Exec
äŸ
é¢é£ããã³ãã³ã
garp timer (P411)
Console#show garp timer ethernet 1/1Eth 1/ 1 GARP timer status: Join timer: 100 centiseconds Leave timer: 60 centiseconds Leaveall timer: 1000 centisecondsConsole#
412FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
3.19.2 VLANã°ã«ãŒãã®èšå®
vlan database
VLANããŒã¿ããŒã¹ã¢ãŒãã«å ¥ããŸãããã®ã¢ãŒãã®ã³ãã³ãã¯èšå®åŸçŽã¡ã«æå¹ãšãªããŸãã
åæèšå®ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠VLANããŒã¿ããŒã¹ã³ãã³ãã䜿çšã VLANã®è¿œå ãå€æŽãåé€ãè¡ããŸããVLANã®èšå®çµäºåŸã¯ " show vlan"ã³ãã³ãã䜿çšããšã³ããªãŒæ¯ã« VLANèšå®ã衚瀺ããããšãã§ããŸãã
⢠"interface vlan"ã³ãã³ãã¢ãŒãã䜿çšããããŒãã¡ã³ããŒã®æå®ããVLANããã®ããŒãã®è¿œå ãåé€ãè¡ããŸããã³ãã³ãã䜿çšããçµæã¯ãå®è¡äžã®èšå®ãã¡ã€ã«ã«æžã蟌ãŸã "show running-config"ã³ãã³ãã䜿çšããããšã§ãã¡ã€ã«ã®å 容ã衚瀺ãããããšãã§ããŸãã
äŸ
é¢é£ããã³ãã³ã
show vlan (P422)
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
vlan database VLAN databaseã¢ãŒãã«å ¥ããVLANã®èšå®ãè¡ã
GC P413
VLAN VID,VLANåãã¹ããŒããªã© VLANã®èšå® VC P414
Console(config)#vlan databaseConsole(config-vlan)#
413 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
vlan
VLANãèšå®ããŸãã"no"ãåã«çœ®ãããšã§ VLANã®åé€ããããã¯åæèšå®ã«æ»ããŸãã
ææ³
vlan vlan-id [name vlan-name] media ethernet [state {active
| suspend}]
no vlan vlan-id [name | state]
⢠vlan-id â èšå®ãã VLAN IDïŒç¯å²ïŒ1-4094ïŒ
⢠name â èå¥ããããã® VLANå
⢠vlan-name â 1-32æå
⢠media ethernet â ã€ãŒãµãããã¡ãã£ã¢ã®çš®é¡
⢠state â VLANã®ã¹ããŒãã®èå¥
ïŒ active â VLANã®å®è¡
ïŒ suspend â VLANã®äžæãäžæäžã® VLANã¯ãã±ããã®è»¢éãè¡ããŸããã
åæèšå®
åæèšå®ã§ã¯ VLAN 1ãååšããactiveç¶æ ã§ãã
ã³ãã³ãã¢ãŒã
VLAN Database Configuration
ã³ãã³ã解説
⢠"no vlan vlan-id"ã䜿çšããå ŽåãVLANãåé€ãããŸãã
⢠"no vlan vlan-id name"ã䜿çšããå ŽåãVLANåãåé€ãããŸãã
⢠" no vlan vlan-id state"ã䜿çšããå ŽåãVLANã¯åæèšå®ã®ç¶æ (active)ã«æ»ããŸãã
⢠æ倧 256VLANã®èšå®ãå¯èœã§ãã
äŸ
VLAN IDïŒ105ãVLAN nameïŒRD5ã§æ°ãã VLANãè¿œå ããŠããŸããVLANã¯åæèšå®ã§ activeã«ãªã£ãŠããŸãã
é¢é£ããã³ãã³ã
show vlan (P422)
Console(config)#vlan databaseConsole(config-vlan)#vlan 105 name RD5 media ethernetConsole(config-vlan)#
414FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
3.19.3 VLANã€ã³ã¿ãã§ãŒã¹ã®èšå®
interface vlan
VLANã®èšå®ã®ããã« interfaceèšå®ã¢ãŒãã«å ¥ããåã€ã³ã¿ãã§ãŒã¹ã®èšå®ãè¡ããŸãã
ææ³
interface vlan vlan-id
⢠vlan-id â èšå®ãã VLAN IDïŒç¯å²ïŒ1-4094ïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
æ¬äŸã§ã¯ãVLAN 1ã® interface configurationã¢ãŒãã«åå ããVLANã«å¯Ÿã IPã¢ãã¬ã¹ãèšå®ããŠããŸãã
é¢é£ããã³ãã³ã
show vlan (P422)
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
interface vlan VLANãèšå®ããããã® Interfaceèšå®ã¢ãŒããžã®åå
IC P415
switchport mode ã€ã³ã¿ãã§ãŒã¹ã® VLANã¡ã³ããŒã¢ãŒãã®èšå® IC P416
switchportacceptable frametypes
ã€ã³ã¿ãã§ãŒã¹ã§åãå ¥ãå¯èœãªãã¬ãŒã ã¿ã€ãã®èšå®
IC P417
switchportingress-filtering ã€ã³ã¿ãã§ãŒã¹ãžã®å ¥åãã£ã«ã¿ã®æå¹å IC P418
switchportnative vlan ã€ã³ã¿ãã§ãŒã¹ã® PVID(native VLAN)ã®èšå® IC P419
switchport allowed vlan ã€ã³ã¿ãã§ãŒã¹ã«é¢é£ãã VLANã®èšå® IC P420
switchport gvrp ã€ã³ã¿ãã§ãŒã¹ãžã® GVRPã®æå¹å IC P409
switchportforbidden vlan ã€ã³ã¿ãã§ãŒã¹ã®ç»é²ãçŠæ¢ãã VLANã®èšå® IC P421
switchport priority default
ã¿ã°ãªãåä¿¡ãã¬ãŒã ã®ããŒããã©ã€ãªãªãã£ã®èšå®
IC P431
Console(config)#interface vlan 1Console(config-if)#ip address 192.168.1.254 255.255.255.0Console(config-if)#
415 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
switchport mode
ããŒãã® VLANã¡ã³ããŒã·ããã¢ãŒãã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
switchport mode {trunk | hybrid| private-vlan}
no switchport mode
⢠trunk â VLANãã©ã³ã¯ã«äœ¿çšãããããŒããæå®ããŸãããã©ã³ã¯ã¯ 2ã€ã®ã¹ã€ããéã®çŽæ¥æ¥ç¶ã§ãããŒãã¯ãœãŒã¹ VLANã瀺ãã¿ã°ä»ãã¬ãŒã ãéä¿¡ããŸããããã©ã«ã VLANã«æå±ãããã¬ãŒã ãã¿ã°ä»ãã¬ãŒã ãéä¿¡ããŸãã
⢠hybrid â ãã€ããªãã VLANã€ã³ã¿ãã§ãŒã¹ãæå®ãããŒãã¯ã¿ã°ä»åã³ã¿ã°ãªããã¬ãŒã ãéä¿¡ããŸãã
⢠private-vlan â 詳现ã«ã€ããŠã¯ãP4-174ã® "switchport mode private-vlan"ãåç §ããŠäžããã
åæèšå®
ãã¹ãŠã®ããŒã㯠hybridã«æå®ãããVLAN 1ã PVIDã«èšå®ãããŠããŸãã
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
äŸ
æ¬äŸã§ã¯ã1çªããŒãã® configurationã¢ãŒãã®èšå®ãè¡ããswitchportã¢ãŒãã hybridã«æå®ããŠããŸãã
Console(config)#interface ethernet 1/1Console(config-if)#switchport mode hybridConsole(config-if)#
416FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
switchport acceptable-frame-types
ããŒãã®åãå ¥ãå¯èœãªãã¬ãŒã ã®çš®é¡ãæå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
switchport acceptable-frame-types {all | tagged}
no switchport acceptable-frame-types
⢠all â ã¿ã°ä»ãã¿ã°ãªãã®ãã¹ãŠã®ãã¬ãŒã ãåãå ¥ããŸãã
⢠tagged â ã¿ã°ä»ãã¬ãŒã ã®ã¿ãåãå ¥ããŸãã
åæèšå®
ãã¹ãŠã®ãã¬ãŒã ã¿ã€ã
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
ãã¹ãŠã®ãã¬ãŒã ãèš±å¯ããèšå®ã«ããå Žåãã¿ã°ãªãåä¿¡ãã¬ãŒã ã¯ããã©ã«ã VLANã«æå®ãããŸãã
äŸ
æ¬äŸã§ã¯ 1çªããŒãã«ã¿ã°ä»ãã¬ãŒã ã®ã¿ãèš±å¯ããèšå®ã«ããŠããŸãã
é¢é£ããã³ãã³ã
switchport mode (P416)
Console(config)#interface ethernet 1/1Console(config-if)#switchport acceptable-frame-types taggedConsole(config-if)#
417 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
switchport ingress-filtering
ããŒãã«å¯ŸããŠã€ã³ã°ã¬ã¹ãã£ã«ã¿ãªã³ã°ãæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
[泚æ ]ãæ¬æ©ã® Ingress filteringã¯åžžã«æå¹ã§ããç¡å¹ã«èšå®ããããšã¯ã§ããŸããããIngress filtringã³ãã³ãã¯åžžã«å©çšå¯èœã«ãªã£ãŠãããâno switchport ingress-filtringâã³ãã³ããå ¥åãå¯èœã§ãã䜿çšæã«ã¯âNote:Failed to ingress-filtring on ethernet interface!âã®ãšã©ãŒãåºãŠãèšå®å€æŽäžå¯èœãšãªããŸãã
ææ³
switch port ingress-filtering
åæèšå®
ç¡å¹ (Disabled)
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠ã€ã³ã°ã¬ã¹ãã£ã«ã¿ãªã³ã°ã¯ã¿ã°ä»ãã¬ãŒã ã«ã®ã¿æå¹ã§ãã
⢠ã€ã³ã°ã¬ã¹ãã£ã«ã¿ãªã³ã°ãæå¹ã®å Žåãã¡ã³ããŒã§ãªã VLANãžã®ã¿ã°ãã€ãããã¬ãŒã ãåä¿¡ãããšããã®ãã¬ãŒã ã¯æšãŠãããŸãã
⢠ã€ã³ã°ã¬ã¹ãã£ã«ã¿ãªã³ã°ã¯ GVRPã STPãªã©ã® VLANãšé¢é£ã®ãªã BPDUãã¬ãŒã ã«ã¯åœ±é¿ãäžããŸãããäœããVLANã«é¢é£ãã GMRPãªã©ã® BPDUãã¬ãŒã ã«ã¯åœ±é¿ãäžããŸãã
äŸ
æ¬äŸã§ã¯ã1çªããŒããæå®ããã€ã³ã°ã¬ã¹ãã£ã«ã¿ãªã³ã°ãæå¹ã«ããŠããŸãã
Console(config)#interface ethernet 1/1Console(config-if)#switchport ingress-filteringConsole(config-if)#
418FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
switchport native vlan
ããŒããžã®ããã©ã«ã VLAN IDã§ãã PVIDã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
switchport native vlan vlan-id
no switchport native vlan
⢠vlan-id â ããŒããžã®ããã©ã«ã VLAN IDïŒç¯å²ïŒ1-4094ïŒ
åæèšå®
VLAN 1
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠PVIDãèšå®ããããã«ã¯ã察象ã®ããŒããæå®ãã PVIDãšåã VLANã«æå±ããŠããããŸããã® VLANãã¿ã°ãªãã§ããå¿ èŠããããŸãã
⢠åãå ¥ãå¯èœãªãã¬ãŒã ã¿ã€ãã "all"ã«ããŠããå Žåããswitchportã¢ãŒãã "hybrid"ã«ããŠããå Žåãå ¥åããŒãã«å ¥ããã¹ãŠã®ã¿ã°ãªããã¬ãŒã ã«ã¯ PVIDãæ¿å ¥ãããŸãã
äŸ
æ¬äŸã§ã¯ PVIDã VLAN3 ãšã㊠1çªããŒãã«èšå®ããŠããŸãã
Console(config)#interface ethernet 1/1Console(config-if)#switchport native vlan 3Console(config-if)#
419 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
switchport allowed vlan
éžæããã€ã³ã¿ãã§ãŒã¹ã® VLANã°ã«ãŒãã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
switchport allowed vlan {add vlan-list [tagged | untagged] | remove vlan-list}
no switchport allowed vlan
⢠add vlan-list â è¿œå ãã VLANã® IDã®ãªã¹ã
⢠remove vlan-list â 解é€ãã VLANã® IDã®ãªã¹ã
⢠vlan-list â é£ç¶ããªã VLAN IDãã«ã³ãã§åããŠå ¥åïŒã¹ããŒã¹ã¯å ¥ããªãïŒãé£ç¶ãã IDã¯ãã€ãã³ã§ç¯å²ãæå®ïŒç¯å²ïŒ1-4094ïŒ
åæèšå®
ãã¹ãŠã®ããŒãã VLAN 1ã«åå
ãã¬ãŒã ã¿ã€ãã¯ã¿ã°ãªã
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠switchportã¢ãŒãã " trunk"ã«èšå®ãããŠããå Žåãã€ã³ã¿ãã§ãŒã¹ãã¿ã°ä»ã¡ã³ããŒãšããŠãã VLANã«èšå®ã§ããŸããã
⢠ã€ã³ã¿ãã§ãŒã¹ã® switchport modeã "hybrid"ã«èšå®ãããŠããå Žåãã€ã³ã¿ãã§ãŒã¹ãæäœ 1ã€ã® VLANã«ã¿ã°ãªãã¡ã³ããŒãšããŠèšå®ããå¿ èŠããããŸãã
⢠ã¹ã€ããå ã§ã¯åžžã«ãã¬ãŒã ã¯ã¿ã°ä»ãšãªã£ãŠããŸããã¿ã°ä»åã³ã¿ã°ãªããã©ã¡ãŒã¿ã¯ã€ã³ã¿ãã§ãŒã¹ãž VLANãå ãããšã䜿ãããåºåããŒãã§ãã¬ãŒã ã®ã¿ã°ãã¯ãããä¿æãããã決å®ããŸãã
⢠ãããã¯ãŒã¯ã®éäžã察åã®ããã€ã¹ã VLANããµããŒãããŠããªãå Žåãã€ã³ã¿ãã§ãŒã¹ã¯ãããã® VLANãã¿ã°ãªãã¡ã³ããŒãšããŠå ããŸãã1ã€ã® VLANã«ã¿ã°ãªããšããŠå ãããã® VLANããã€ãã£ã VLANãšãªããŸãã
⢠ã€ã³ã¿ãã§ãŒã¹ã®çŠæ¢ãªã¹ãäžã® VLANãæåã§ã€ã³ã¿ãã§ãŒã¹ã«å ããããå ŽåãVLANã¯èªåçã«ã€ã³ã¿ãã§ãŒã¹ã®çŠæ¢ãªã¹ãããåé€ãããŸãã
⢠ããŒããžã®æ¥ç¶è£ 眮ã«ããããããã¿ã°ãªã VLANãžã¡ã³ããŒãè¿œå ããããšãã§ããŸããåæèšå®ã§ã¯ VLAN1ãšãªããŸããåããŒã㯠1ã€ã®ã¿ã°ç¡ã VLANã«ããæå±ãã§ããªãã®ã§ããã 2ã€ç®ã® VLANãã¿ã°ãªããšå®çŸ©ãããå Žåãããäžæ¹ã® VLANã¯èªåçã«ã¿ã°ã€ãã«å€æŽãããŸãããŸãããŒãã® PVIDããã® VLAN IDãžå€æŽãããŸãã
äŸ
æ¬äŸã§ã¯ã1çªããŒãã®ã¿ã°ä» VLANèš±å¯ãªã¹ãã« VLAN2,5,6ãå ããŠããŸãã
Console(config)#interface ethernet 1/1Console(config-if)#switchport allowed vlan add 1,2,5,6 taggedConsole(config-if)#
420FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
switchport forbidden vlan
çŠæ¢ VLANã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§çŠæ¢ VLANãªã¹ãããåé€ããŸãã
ææ³
switchport forbidden vlan {add vlan-list | remove vlan-list}
no switchport forbidden vlan
⢠add vlan-list â è¿œå ãã VLANã® IDã®ãªã¹ã
⢠remove vlan-list â 解é€ãã VLANã® IDã®ãªã¹ã
⢠vlan-list â é£ç¶ããªã VLAN IDãã«ã³ãã§åããŠå ¥åïŒã¹ããŒã¹ã¯å ¥ããªãïŒãé£ç¶ãã IDã¯ãã€ãã³ã§ç¯å²ãæå®ïŒç¯å²ïŒ1-4094)
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠GVRPã§èªåçã« VLANã«å ããããããšãé²ãããã®ã³ãã³ãã§ãã
⢠ã€ã³ã¿ãã§ãŒã¹äžã§ VLANãèš±å¯ VLANã«ã»ãããããŠããå Žåãåãã€ã³ã¿ãã§ãŒã¹ã®çŠæ¢ VLANãªã¹ãã«å ããããšã¯ã§ããŸããã
äŸ
æ¬äŸã§ã¯ 1çªããŒãã VLAN 3ã«å ããããšãé²ãã§ããŸãã
Console(config)#interface ethernet 1/1Console(config-if)#switchport forbidden vlan add 3Console(config-if)#
421 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
3.19.4 VLANæ å ±ã®è¡šç€º
show vlan
VLANæ å ±ã®è¡šç€ºãè¡ããŸãã
ææ³
show vlan [id vlan-id | name vlan-name | private-lan
private-vlan-type]
⢠id â VLAN IDãç¶ãããŒã¯ãŒã
vlan-id â 衚瀺ãã VLAN IDïŒç¯å²ïŒ1-4093ïŒ
⢠name â VLANåãç¶ãããŒã¯ãŒã
vlan-name â 1-32æåã® VLANå
⢠private-vlan â æ¬ã³ãã³ãã«é¢ãã詳现ã¯ãP424ã® "show vlan private-vlan"ã³ãã³ããåç §ããŠäžããã
private-van-type â ãã©ã€ããŒã VLANã®çš®é¡ïŒãªãã·ã§ã³ïŒCommunityãIsolatedãPrimaryïŒ
åæèšå®
ãã¹ãŠã® VLANã衚瀺
ã³ãã³ãã¢ãŒã
Normal Exec, Privileged Exec
äŸ
æ¬äŸã§ã¯ VLAN 1ã®æ å ±ã衚瀺ããŠããŸãã
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
show vlan VLANæ å ±ã®è¡šç€º NE,PE P422
show interfacesstatus vlan ç¹å® VLANã€ã³ã¿ãã§ãŒã¹ã®ç¶æ ã®è¡šç€º NE,PE P366
show interfacesswitchport ã€ã³ã¿ãã§ãŒã¹ã®ç®¡çãéçšç¶æ ã®è¡šç€º NE,PE P368
Console#show vlan id 1Vlan ID: 1Type: StaticName: DefaultVlanStatus: ActivePorts/Port Channel:Eth1/ 1(S) Eth1/ 2(S) Eth1/ 3(S) Eth1/ 4(S) Eth1/ 5(S) Eth1/ 6(S) Eth1/ 7(S) Eth1/ 8(S) Eth1/ 9(S) Eth1/10(S) Eth1/11(S) Eth1/12(S) Eth1/13(S) Eth1/14(S) Eth1/15(S) Eth1/16(S) Eth1/17(S) Eth1/18(S) Eth1/19(S) Eth1/20(S) Eth1/21(S) Eth1/22(S) Eth1/23(S) Eth1/24(S) Eth1/25(S) Eth1/26(S)Console#
422FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
3.19.5 ãã©ã€ããŒã VLANã®èšå®
ãã©ã€ããŒã VLANã¯ããŒãããŒã¹ã®ã»ãã¥ãªãã£ãš VLANå ã®ããŒãéã®ç¬ç«ãè¡ããŸããããã§ã¯ããã©ã€ããŒã VLANã®èšå®ã®ããã®ã³ãã³ãã®è§£èª¬ãè¡ãªããŸãã
pvlan
ãã©ã€ããŒã VLANã®æå¹åãšèšå®ãè¡ãªããŸãã"no"ãåã«çœ®ãããšã§ãã©ã€ããŒãVLANãç¡å¹ã«ããŸãã
ææ³
pvlan [up-link interface-list down-link interface-list]
no pvlan
⢠up-link â ã¢ãããªã³ã¯ã€ã³ã¿ãã§ãŒã¹ã®æå®
⢠down-link â ããŠã³ãªã³ã¯ã€ã³ã¿ãã§ãŒã¹ã®æå®
åæèšå®
ãã©ã€ããŒã VLANã¯èšå®ãããŠããŸãã
åæèšå®
Global Configuration
ã³ãã³ã解説
⢠ãã©ã€ããŒã VLAN ã¯ããŒãããŒã¹ã®ã»ãã¥ãªãã£ãš VLANå ã®ããŒãéã®ç¬ç«ãè¡ããŸããããŠã³ãªã³ã¯ããŒãã®éä¿¡ã¯ã¢ãããªã³ã¯ããŒããšã®éã§ã®ã¿è¡ãªãããšãã§ããŸãã
⢠ãã©ã€ããŒã VLAN ãšéåžžã® VLAN ã¯äž¡æ¹ãèšå®ãå ±åãããããšãå¯èœã§ãã
⢠ãã©ã¡ãŒã¿ãå ¥åããã« "pvlan"ã³ãã³ãã䜿çšãããšãã©ã€ããŒã VLAN ãæå¹ã«ãªããŸãã"no pvlan"ã³ãã³ãã䜿çšãããšç¡å¹ã«ãªããŸãã
⢠ã¢ãããªã³ã¯ã«ã¯è€æ°ããŒãã®èšå®ã¯äžå¯ã§ãã
äŸ
æ¬äŸã§ã¯ãã©ã€ããŒã VLANãæå¹ã«ãã24çªããŒããã¢ãããªã³ã¯ã«ã1-8çªããŒããããŠã³ãªã³ã¯ã«èšå®ããŠããŸãã
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
pvlan ãã©ã€ããŒã VLANã®èšå®ãšæå¹å GC P423
show pvlan ãã©ã€ããŒã VLANã®èšå®ã®è¡šç€º PE P424
Console(config)#pvlanConsole(config)#pvlan up-link ethernet 1/24 down-link ethernet 1/1-8Console(config)##
423 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
show pvlan
ãã©ã€ããŒã VLANã®èšå®ã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show pvlanPrivate VLAN status: EnabledUp-link port:Ethernet 1/24Down-link port:Ethernet 1/1-8Console#
424FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
3.19.6 ãããã³ã« VLANã®èšå®
éåžžã® VLANã§ã¯ããããã³ã«æ¯ã® VLANã°ã«ãŒãã®åœ¢æã容æã«è¡ãªãããšã¯ã§ããŸããããã®ãããç¹å®ã®ãããã³ã«ã«é¢é£ãããã¹ãŠã®æ©åšãéä¿¡ãè¡ãããããç¹æ®ãªãããã¯ãŒã¯æ©åšã䜿çšããŠç°ãªã VLANéã®éä¿¡ããµããŒãããå¿ èŠããããŸãããããããã®ãããªæ¹æ³ã§ã¯ãã»ãã¥ãªãã£ãšå®¹æãªèšå®ãå¯èœãª VLANã®ã¡ãªããã倱ã£ãŠããŸããŸãã
ãã®ãããªåé¡ãåé¿ãããããæ¬æ©ã§ã¯ç©ççãªãããã¯ãŒã¯ã®æ§æãããããã³ã«ãåºã«ããè«çç VLANã®ãããã¯ãŒã¯æ§æãšããããšãå¯èœãªãããã³ã«ããŒã¹ VLANæ©èœãæäŸããŸããããŒãããã¬ãŒã ãåä¿¡ããéãåä¿¡ãã¬ãŒã ã®ãããã³ã«ã¿ã€ãã«å¿ããŠVLANã¡ã³ããŒã·ããã決å®ãããŸãã
ãããã³ã« VLANã®èšå®ã¯ä»¥äžã®æé ã§è¡ãªããŸãã
ïŒ1ïŒäœ¿çšãããããã³ã«ã®ããã® VLANã°ã«ãŒããäœæããŸããäž»èŠãªãããã³ã«æ¯ã«VLANã®äœæãè¡ãªãããšæšå¥šããŸãããŸãããã®æç¹ã§ã¯ããŒãã¡ã³ããŒã®è¿œå ãè¡ãªããªãã§äžããã
ïŒ2ïŒVLANã«èšå®ãããããã³ã«æ¯ã®ã°ã«ãŒãã "protocol-vlan protocol-group"ã³ãã³ã
(General Configuration mode)ãå©çšããŠçæããŸãã
ïŒ3ïŒé©å㪠VLANã«åã€ã³ã¿ãã§ãŒã¹ã®ãããã³ã«ã "protocol-vlan protocol-group"ã³ãã³ã (Interface Configuration mode)ãå©çšããŠãããã³ã°ããŸãã
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãžprotocol-vlanprotocol-group
ãããã³ã«ã°ã«ãŒãã®äœæåã³ãµããŒããããã³ã«ã®æå®
GC P426
protocol-vlanprotocol-group ãããã³ã«ã°ã«ãŒãã® VLAN ãžã®ãããã³ã° IC P427
showprotocol-vlanprotocol-group
ãããã³ã«ã°ã«ãŒãã®èšå®ã®è¡šç€º PE P428
show interfacesprotocol-vlanprotocol-group
ãããã³ã«ã°ã«ãŒãã«ãããã³ã°ãããã€ã³ã¿ãã§ãŒã¹ãšé¢é£ãã VLAN ã®è¡šç€º
PE P428
425 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
protocol-vlan protocol-group (Configuring Groups)
ãããã³ã«ã°ã«ãŒãã®äœæåã³ç¹å®ã®ãããã³ã«ã®ã°ã«ãŒããžã®è¿œå ãè¡ãªããŸãã"no"ãåã«çœ®ãããšã§ãããã³ã«ã°ã«ãŒããåé€ããŸãã
ææ³
protocol-vlan protocol-group group-id [{add | remove} frame-type frame protocol-type protocol]
no protocol-vlan protocol-group group-id
⢠group-id â ãããã³ã«ã°ã«ãŒã IDïŒèšå®ç¯å²ïŒ1-2147483647ïŒ
⢠frame â ãããã³ã«ã®ãã¬ãŒã ã¿ã€ãïŒéžæè¢ïŒethernet,rfc_1042, snap_8021h, snap_other, llc_otherïŒ
⢠protocol â ãããã³ã«ã¿ã€ãããã¬ãŒã ã¿ã€ãã llc_other ã®ãã¬ãŒã ã®éžæè¢ã¯ipx_raw ã§ãããã®ä»ã®ãã¬ãŒã ã¿ã€ãã®å Žå㯠ip, arp, rarp ã§ãã
åæèšå®
ãããã³ã«ã°ã«ãŒãæªèšå®
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
ãããã³ã«ã°ã«ãŒã "1"ãäœæãããã¬ãŒã ã¿ã€ãã "Ethernet"ããããã³ã«ã¿ã€ãã "IP"åã³ "ARP"ã«èšå®ããŠããŸãã
Console(config)#protocol-vlan protocol-group 1 add frame-typeethernet protocol-type ipConsole(config)#protocol-vlan protocol-group 1 add frame-typeethernet protocol-type arpConsole(config)#
426FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
protocol-vlan protocol-group (Configuring Interfaces)
ã€ã³ã¿ãã§ãŒã¹ã«ãããŠãããã³ã«ã°ã«ãŒãã VLANã«ãããã³ã°ããŸãã"no"ãåã«ããããšã§ã€ã³ã¿ãã§ãŒã¹ã®ãããã³ã«ã®ãããã³ã°ã解é€ããŸãã
ææ³
protocol-vlan protocol-group group-id vlan vlan-id
no protocol-vlan protocol-group group-id vlan
⢠group-id â ãããã³ã«ã°ã«ãŒã IDïŒèšå®ç¯å²ïŒ1-2147483647ïŒ
⢠vlan-id â èŽãããããã³ã«ã®éä¿¡ã転éããã VLANïŒèšå®ç¯å²ïŒ1-4094ïŒ
åæèšå®
ãããã³ã«ã°ã«ãŒãã¯ã€ã³ã¿ãã§ãŒã¹ã«ãããã³ã°ãããŠããŸããã
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠ã€ã³ã¿ãã§ãŒã¹ã®èšå®ãè¡ãªã£ãŠäžãããä»ã® VLAN ã³ãã³ãã䜿çšããå Žåãèšå®ããã€ã³ã¿ãã§ãŒã¹ã¯ãã¹ãŠã®ãããã³ã«ã¿ã€ãã®éä¿¡ãé¢é£ãã VLAN ã«å¯ŸããŠè¡ããŸãã
⢠ãã¬ãŒã ããããã³ã« VLANã«å²ãåœãŠãããããŒãã«å ¥åããå Žåã以äžã®æ¹æ³ã§åŠçãããŸãã
ïŒãã¬ãŒã ã«ã¿ã°ä»ãã¬ãŒã ã®å Žåãã¿ã°ã®æ å ±ã«åºã¥ãåŠçãããŸãã
ïŒãã¬ãŒã ãã¿ã°ãªããã¬ãŒã ã§ããããã³ã«ã¿ã€ããäžèŽããå Žåããã¬ãŒã ã¯é©å㪠VLAN ã«è»¢éãããŸãã
ïŒãã¬ãŒã ãã¿ã°ãªããã¬ãŒã ã§ããããã³ã«ã¿ã€ããäžèŽããªãå Žåããã¬ãŒã ã¯ã€ã³ã¿ãã§ãŒã¹ã®ããã©ã«ã VLAN ã«è»¢éãããŸãã
äŸ
æ¬äŸã§ã¯ã1çªããŒãã«å ¥ã£ãŠããéä¿¡ã§ãããã³ã«ã°ã«ãŒã 1ãšäžèŽããéä¿¡ã VLAN2ã«ãããã³ã°ããŠããŸãã
Console(config)#interface ethernet 1/1Console(config-if)#protocol-vlan protocol-group 1 vlan 2Console(config-if)#
427 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VLAN
show protocol-vlan protocol-group
ãããã³ã«ã°ã«ãŒãã«é¢é£ãããã¬ãŒã åã³ãããã³ã«ã¿ã€ãã®è¡šç€º
ææ³
show protocol-vlan protocol-group [group-id]
⢠group-id â ãããã³ã«ã°ã«ãŒã IDïŒèšå®ç¯å²ïŒ1-2147483647ïŒ
åæèšå®
ãã¹ãŠã®ãããã³ã«ã°ã«ãŒãã衚瀺
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
ãããã³ã«ã°ã«ãŒã 1ã EthernetãIP ã«èšå®ãããŠããããšã衚瀺ããŠããŸãã
show interfaces protocol-vlan protocol-group
éžæããã€ã³ã¿ãã§ãŒã¹ã®ãããã³ã«ã°ã«ãŒããš VLANã®ãããã³ã°æ å ±ã衚瀺ããŸãã
ææ³
show interfaces protocol-vlan protocol-group [interface]
⢠interfaceïŒ ethernet unit/portããïŒ unit â ãŠãããçªå· "1"ããïŒ port â ããŒãçªå·ïŒ1-12ïŒïŒ port-channel channel-id (1-32)
åæèšå®
ãã¹ãŠã®ãããã³ã«ã°ã«ãŒãã衚瀺
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
1çªããŒãã«å ¥ã£ãŠããéä¿¡ã§ãããã³ã«ã°ã«ãŒã 1ãšäžèŽããéä¿¡ã VLAN2ã«ãããã³ã°ãããŠããŸãã
Console#show protocol-vlan protocol-groupProtocolGroup ID Frame Type Protocol Type------------------ ------------- ---------------1 ethernet 08 00Console#
Console#show interfaces protocol-vlan protocol-groupPort ProtocolGroup ID Vlan ID---------- ------------------ -----------Eth 1/1 1 vlan2Console#
428FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã©ã€ãªãªãã£
3.20 ãã©ã€ãªãªãã£
éä¿¡ã®éå¯ã«ãããã±ãããã¹ã€ããã«ãããã¡ãããå Žåãéä¿¡ã®åªå æš©ãæã€ããŒã¿ãã±ãããæ確ã«ããããšãã§ããŸããæ¬æ©ã¯åããŒãã« 4段éã®ãã©ã€ãªãªãã£ãã¥ãŒãæ〠CoSããµããŒãããŸãã
ããŒãã®æé«ãã©ã€ãªãªãã£ãã¥ãŒã®ä»ããããŒã¿ãã±ããã¯ãããäœããã©ã€ãªãªãã£ã®ãã¥ãŒã®ãã±ãããããå ã«éä¿¡ãããŸããåããŒãã«å¯Ÿãããã©ã«ããã©ã€ãªãªãã£ãåãã¥ãŒã®éã¿ã®é¢é£ããã¬ãŒã ãã©ã€ãªãªãã£ã¿ã°ã®ãããã³ã°ãã¹ã€ããã®ãã¥ãŒã«ä»ããããšãã§ããŸãã
3.20.1 ãã©ã€ãªãªãã£ã³ãã³ãïŒLayer 2ïŒ
ã³ãã³ãã°ã«ãŒã
æ©èœ ããŒãž
PriorityïŒLayer 2ïŒ
ã¿ã°ãªããã¬ãŒã ãžã®ããã©ã«ããã©ã€ãªãªãã£ã®èšå®ããã¥ãŒãŠãšã€ãã®èšå®ãCoSã¿ã°ã®ããŒããŠã§ã¢ãã¥ãŒãžã®ãããã³ã°
P429
PriorityïŒLayer 3 and 4 ïŒ
TCPããŒãã IP DSCP ã¿ã°ã® CoSå€ãžã®èšå® P436
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
queue modeãã¥ãŒã¢ãŒãã "strict"å㯠" Weighted Round-Robin (WRR)"ã«èšå®
GC P430
switchportpriority default
å ¥åã¿ã°ãªããã¬ãŒã ã«ããŒããã©ã€ãªãªãã£ãèšå®
IC P431
queue bandwidth ãã©ã€ãªãªãã£ãã¥ãŒã«éã¿ä»ãã©ãŠã³ãããã³ãæå®
GC P432
queue cos map ãã©ã€ãªãªãã£ãã¥ãŒã« Class of Service(CoS)ãæå®
IC P433
show queue mode çŸåšã®ãã¥ãŒã¢ãŒãã衚瀺 PE P434
show queuebandwidth
ãã©ã€ãªãªãã£ãã¥ãŒã®éã¿ä»ãã©ãŠã³ãããã³ã衚瀺
PE P434
show queuecos-map CoSãããã®è¡šç€º PE P435
show interfacesswitchport ã€ã³ã¿ãã§ãŒã¹ã®ç®¡çãéçšã¹ããŒã¿ã¹ã®è¡šç€º PE P368
429 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã©ã€ãªãªãã£
queue mode
ãã¥ãŒã¢ãŒãã®èšå®ãè¡ããŸããCoSã®ãã©ã€ãªãªãã£ãã¥ãŒã strictåã¯Weighted Round-Robin (WRR)ã®ã©ã¡ãã®ã¢ãŒãã§è¡ãããèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
queue mode {strict | wrr}
no queue mode
⢠strict â åºåãã¥ãŒã®é«ããã©ã€ãªãªãã£ã®ãã¥ãŒãåªå ãããäœããã©ã€ãªãªãã£ã®ãã¥ãŒã¯é«ããã©ã€ãªãªãã£ã®ãã¥ãŒããã¹ãŠãªããªã£ãåŸã«éä¿¡ãããŸãã
⢠wrr â WRRã¯ãã¥ãŒ 0-3ã«ããããã¹ã±ãžã¥ãŒãªã³ã°ãŠãšã€ã 1ã2ã4ã6ãèšå®ãããã®å€ã«å¿ããŠåž¯åãå ±æããŸãã
åæèšå®
WRR(Weighted Round Robin)
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
ãã©ã€ãªãªãã£ã¢ãŒãã "strict"ã«èšå®ããå Žåãåºåãã¥ãŒã®é«ããã©ã€ãªãªãã£ã®ãã¥ãŒãåªå ãããäœããã©ã€ãªãªãã£ã®ãã¥ãŒã¯é«ããã©ã€ãªãªãã£ã®ãã¥ãŒããã¹ãŠãªããªã£ãåŸã«éä¿¡ãããŸãã
ãã©ã€ãªãªãã£ã¢ãŒãã "wrr"ã«èšå®ããå ŽåãWRRã¯ãã¥ãŒ 0-3ã«ããããã¹ã±ãžã¥ãŒãªã³ã°ãŠãšã€ã 1ã2ã4ã6ãèšå®ãããã®å€ã«å¿ããŠåãã¥ãŒã®äœ¿çšããæéã®å²åãèšå®ã垯åãå ±æããŸããããã«ãã "strict"ã¢ãŒãæã«çºçãã HOL Blockingãåé¿ããããšãå¯èœãšãªããŸãã
äŸ
æ¬äŸã§ã¯ãã¥ãŒã¢ãŒãã Strictã«èšå®ããŠããŸãã
Console(config)#queue mode strictConsole(config)#
430FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã©ã€ãªãªãã£
switchport priority default
å ¥åãããã¿ã°ãªããã¬ãŒã ã«å¯ŸããŠãã©ã€ãªãªãã£ãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
switchport priority default default-priority-id
no switchport priority default
⢠default-priority-id â å ¥åãããã¿ã°ãªããã¬ãŒã ãžã®ãã©ã€ãªãªãã£çªå·ïŒ0-7ã7ãæé«ã®ãã©ã€ãªãªãã£ïŒ
åæèšå®
ãã©ã€ãªãªãã£ã®èšå®ã¯ããŠãããŸãããã¿ã°ãªããã¬ãŒã ãžã®åæèšå®å€ã¯ 0ã«ãªã£ãŠããŸãã
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠ãã©ã€ãªãªãã£ãããã³ã°ã®åªå é äœã¯ IP DSCPãããã©ã«ããã©ã€ãªãªãã£ã®é çªã§ãã
⢠ããã©ã«ããã©ã€ãªãªãã£ã¯ãã¿ã°ãªããã¬ãŒã ãåä¿¡ããéã«èšå®ãããŸããå ¥åããããã¬ãŒã ã IEEE8021Qã¿ã°ä»ãã¬ãŒã ã®å ŽåãIEEE802.1pã®ãã©ã€ãªãªã㣠bitã䜿çšãããŸãããã®ãã©ã€ãªãªãã£ã¯ IEEE802.1Q VLAN taggingãã¬ãŒã ã«ã¯é©çšãããŸããã
⢠æ¬æ©ã§ã¯ 8段éã®ãã©ã€ãªãªãã£ãã¥ãŒãåããŒãã«æäŸããŸãããããã¯éã¿ä»ãã©ãŠã³ãããã³ã䜿çšãã"show queue bandwidth"ã³ãã³ãã䜿çšã確èªããããšãå¯èœã§ããã¿ã° VLANã§ã¯ãªãå ¥åãã¬ãŒã ã¯å ¥åããŒãã§ã¿ã°ã«ããããã©ã«ããã©ã€ãªãªãã£ãä»ããããé©åãªãã©ã€ãªãªãã£ãã¥ãŒã«ããåºåããŒãã«éãããŸãããã¹ãŠã®ããŒãã®ããã©ã«ããã©ã€ãªãªãã£ã¯ "0"ã«èšå®ãããŠããŸãããããã£ãŠãåæèšå®ã§ã¯ãã©ã€ãªãªãã£ã¿ã°ãæããªããã¹ãŠã®å ¥åãã¬ãŒã ã¯åºåããŒãã® "0"ãã¥ãŒãšãªããŸãïŒåºåããŒããã¿ã°ãªãã«èšå®ãããŠããå Žåãéä¿¡ããããã¬ãŒã ã¯éä¿¡åã«ã¿ã°ãåãå€ãããŸãïŒ
äŸ
æ¬äŸã§ã¯ 3çªããŒãã®ããã©ã«ããã©ã€ãªãªãã£ã 5ã«èšå®ããŠããŸãã
Console(config)#interface ethernet 1/3Console(config-if)#switchport priority default 5
431 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã©ã€ãªãªãã£
queue bandwidth
4ã€ã® CoSã«å¯Ÿãéã¿ä»ãã©ãŠã³ãããã³ (Weighted Round-Robin / WRR)ã«ããéã¿ä»ããè¡ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
queue bandwidth weight1...weight8
no queue bandwidth
⢠weight1...weight4 -ãã¥ãŒ 0ïœ 7ã®WRRã¹ã±ãžã¥ãŒã©ã§äœ¿çšãããéã¿ã®æ¯çïŒç¯å²ïŒ1-15)
åæèšå®
1, 2, 4, 6, 8, 10, 12, 14ããããããã¥ãŒ 0-7ã«å¯Ÿå¿ããŠããŸãã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
WRRã¯ã¹ã±ãžã¥ãŒãªã³ã°ãããéãã§ã®åºåããŒãã§ã®ãã³ãå¹ ã®å ±çšãèš±å¯ããŸãã
äŸ
æ¬äŸã§ã¯WRRã®éã¿ä»ããè¡ã£ãŠããŸãã
é¢é£ããã³ãã³ã
show queue bandwidth (P434)
Console(config)#queue bandwidth 1 3 5 7 9 11 13 15Console(config)#
432FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã©ã€ãªãªãã£
queue cos-map
CoSå€ãããŒããŠã§ã¢åºåãã¥ãŒã®ãã©ã€ãªãªãã£ãã¥ãŒ 0-7ã«å¯Ÿå¿ãããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
queue cos-map queue_id [cos1 ... cosn]
no queue cos-map
⢠queue_id - CoSãã©ã€ãªãªãã£ãã¥ãŒ ID
ïŒ 0-7ã®å€ã§ 7ãæé«ã® CoSãã©ã€ãªãªãã£ãã¥ãŒ
⢠cos1 .. cosn â ãã¥ãŒ IDã«ãããã³ã°ãã CoSå€ãã¹ããŒã¹ã§ãããããæ°åã®ãªã¹ããCoSå€ã¯ 0-7ãŸã§ã®å€ã§ã7ãæé«ã®ãã©ã€ãªãªãã£
åæèšå®
åããŒãã«å¯Ÿãéã¿ä»ãã©ãŠã³ãããã³ãšå ±ã« 4段éã®ãã©ã€ãªãªãã£ãã¥ãŒã® CoSããµããŒãããŸãã8ã€ã«ããããããã©ãã£ãã¯ã¯ã©ã¹ã IEEE802.1pã§å®çŸ©ãããŠããŸããå®çŸ©ããããã©ã€ãªãªãã£ã¬ãã«ã¯ IEEE802.1pæšæºã®æšå¥šããã以äžã®ããŒãã«ã«ããèšå®ãããŸãã
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
â¢ å ¥åããŒãã§æå®ãã CoSå€ã¯åºåããŒãã§äœ¿çšãããŸãã
⢠æ¬ã³ãã³ãã§ã¯å šã€ã³ã¿ãã§ãŒã¹ã® CoSãã©ã€ãªãªãã£ãèšå®ããŸãã
äŸ
ãã©ã€ãªãªã㣠0 1 2 3 4 5 6 7
ãã¥ãŒ 2 0 1 3 4 5 6 7
Console(config)#interface ethernet 1/1Console(config-if)#queue cos-map 0 0Console(config-if)#queue cos-map 1 1Console(config-if)#queue cos-map 2 2Console(config-if)#exitConsole#show queue cos-map ethernet 1/1Information of Eth 1/1 Traffic Class : 0 1 2 3 4 5 6 7 Priority Queue: 0 1 2 3 4 5 6 7Information of Eth 1/2 Traffic Class : 0 1 2 3 4 5 6 7 Priority Queue: 0 1 2 3 4 5 6 7...
433 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã©ã€ãªãªãã£
show queue mode
çŸåšã®ãã¥ãŒã¢ãŒãã衚瀺ããŸãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
show queue bandwidth
ã©ãŠã³ãããã³ (WRR)ãã³ãå¹ ã衚瀺ããŸãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show queue mode
Queue mode: wrrConsole#
Console#show queue bandwidthInformation of Eth 1/1Queue ID Weight-------- ------0 11 22 43 64 85 106 127 14 ... Console#
434FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã©ã€ãªãªãã£
show queue cos-map
CoSãã©ã€ãªãªãã£ãããã衚瀺ããŸãã
ææ³
show queue cos-map [interface]
⢠interface
ïŒ ethernet unit/port
ãunit â ãŠãããçªå·ãâ1â
ãport â ããŒãçªå·ïŒç¯å²ïŒ1-12ïŒ
ïŒ port-channel channel-idïŒç¯å²ïŒ1-6ïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show queue cos-map ethernet 1/1Information of Eth 1/1CoS Value : 0 1 2 3 4 5 6 7Priority Queue: 0 0 0 1 2 2 3 3Console#
435 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã©ã€ãªãªãã£
3.20.2 ãã©ã€ãªãªãã£ã³ãã³ãïŒLayer 3 and 4ïŒ
map ip port
IP ããŒããã©ã€ãªãªãã£ãããã³ã°ãæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§æ©èœãç¡å¹ã«ããŸãã
ææ³
map ip port [port-number cos cos-queue]
no map ip port [port-number]
⢠port-number â 16-bit TCP/UDPããŒãçªå·ïŒç¯å²ïŒ0-65535ïŒ
⢠cos-queue â CoSå€ïŒç¯å²ïŒ0-7ïŒ
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠ãã©ã€ãªãªãã£ãããã³ã°ã®åªå é äœã¯ IPããŒããIP Precedence/DSCP/ToSãããã©ã«ãããŒããã©ã€ãªãªãã£ã§ãã
⢠æ¬ã³ãã³ãã§èšå®ãã IPããŒããã©ã€ãªãªãã£ã¯å šãŠã®ã€ã³ã¿ãã§ãŒã¹ã«é©çšãããŸãã
äŸ
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
map ip port TCPããŒãã® CoSãã¥ãŒãžã®ãããã³ã° IC P436
map ip precedence IP precedenceã® CoSãã¥ãŒãžã®ãããã³ã° IC P437
map ip dscp IP DSCP CoSãããã®æå¹å GC P437
map ip dscpïŒInterfaceïŒ IP DSCP ã® CoSãã¥ãŒãžã®ãããã³ã° IC P439
show map ip port IPããŒããããã®è¡šç€º PE P440
show map ip precedence IP Precedenceãããã®è¡šç€º PE P440
show map ip dscp IPããŒããããã®è¡šç€º PE P441
Console(config)#interface ethernet 1/5Console(config-if)#map ip port 80 cos 0Console(config-if)#
436FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã©ã€ãªãªãã£
map ip precedence
IP precedenceãã©ã€ãªãªãã£ãããã³ã°ãæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§æ©èœãç¡å¹ã«ããŸãã
ææ³
map ip precedence [precedence-value cos cos-queue]
no map ip precedence [precedence-value]
⢠precedence-value â 3-bit precedenceå€ïŒç¯å²ïŒ0-7ïŒ
⢠cos-queue â CoSå€ïŒç¯å²ïŒ0-7ïŒ
åæèšå®
ãªã
以äžã¯ããã©ã«ããã©ã€ãªãªãã£ãããã³ã°å€ã«ãªããŸãã
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠ãã©ã€ãªãªãã£ãããã³ã°ã®åªå é äœã¯ IPããŒããIP Precedence/DSCP/ToSãããã©ã«ãããŒããã©ã€ãªãªãã£ã§ãã
⢠æ¬ã³ãã³ãã§èšå®ãã IP Precedenceãã©ã€ãªãªãã£ã¯å šãŠã®ã€ã³ã¿ãã§ãŒã¹ã«é©çšãããŸãã
äŸ
map ip dscpïŒGlobal ConfigurationïŒ
IP DSCP (Differentiated Services Code Point mapping)ãããã³ã°ãæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§æ©èœãç¡å¹ã«ããŸãã
ææ³
[no] map ip dscp
no map ip dscp
IP Precedence å€ 0 1 2 3 4 5 6 7
CoS Queue 0 1 2 3 4 5 6 7
Console(config)#interface ethernet 1/5Console(config-if)#map ip precedence 1 cos 0Console(config-if)#
437 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã©ã€ãªãªãã£
åæèšå®
ç¡å¹ (Disabled)
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠ãã©ã€ãªãªãã£ãããã³ã°ã®åªå é äœã¯ IP DSCPãããŒããã©ã€ãªãªãã£ã§ãã
äŸ
æ¬äŸã§ã¯æ¬æ©ã« IP DSCPãããã³ã°ãæå¹ã«ããŠããŸãã
Console(config)#map ip dscpConsole(config)#
438FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã©ã€ãªãªãã£
map ip dscpïŒinterface ConfigurationïŒ
IP DSCP (Differentiated Services Code Point)ãã©ã€ãªãªãã£ã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
map ip dscp dscp-value cos cos-value
no map ip dscp
⢠dscp-value â 8-bit DSCPå€ïŒç¯å²ïŒ0-255ïŒ
⢠cos-value â CoSå€ïŒç¯å²ïŒ0-7ïŒ
åæèšå®
äžèšã®è¡šã¯åæèšå®ã®ãããã³ã°ã§ãããããã³ã°ãããªã DSCPå€ã¯ãã¹ãŠ CoSå€ 0ã«èšå®ãããŸãã
ã³ãã³ãã¢ãŒã
Interface Configuration (Ethernet, Port Channel)
ã³ãã³ã解説
⢠ãã©ã€ãªãªãã£ãããã³ã°ã®åªå é äœã¯ IP DSCPãããŒããã©ã€ãªãªãã£ã§ãã
⢠DSCPãã©ã€ãªãªãã£ã¯ IEEE802.1pæšæºã§æšå¥šãããŠãã CoSåæå€ã«ãããã³ã°ããããã®åŸãããã«ç¶ã㊠4ã€ã®ããŒããŠã§ã¢ãã©ã€ãªãªãã£ãã¥ãŒã«ãããã³ã°ãããŸãã
⢠ãã®ã³ãã³ãã¯ããã¹ãŠã®ã€ã³ã¿ãã§ãŒã¹ã® IP DSCPãã©ã€ãªãªãã£ãèšå®ããŸãã
äŸ
æ¬äŸã§ã¯ IP DSCPå€ 1ã CoSå€ 0ã«èšå®ããŠããŸãã
IP DSCP å€ CoSå€
0 0
8 1
10, 12, 14, 16 2
18, 20, 22, 24 3
26, 28, 30, 32, 34, 36 4
38, 40, 42 5
48 6
46, 56 7
Console(config)#interface ethernet 1/5Console(config-if)#map ip dscp 1 cos 0Console(config-if)#
439 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã©ã€ãªãªãã£
show map ip port
IP ããŒããã©ã€ãªãªãã£ãããã衚瀺ããŸãã
ææ³
show map ip port [interface]
⢠interface
ïŒ ethernet unit/port
ãunit â ãŠãããçªå·ãâ1â
ãport â ããŒãçªå·ïŒç¯å²ïŒ1-12ïŒ
ïŒ port-channel channel-idïŒç¯å²ïŒ1-6ïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
show map ip precedence
IP Precedenceãã©ã€ãªãªãã£ãããã衚瀺ããŸãã
ææ³
show map ip precedence
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
Console#show map ip portTCP port mapping status: disabled
Port Port no. COS --------- -------- --- Eth 1/ 5 80 0Console#
440FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã©ã€ãªãªãã£
äŸ
show map ip dscp
IP DSCPãã©ã€ãªãªãã£ãããã®è¡šç€ºãè¡ããŸãã
ææ³
show map ip dscp [interface]
⢠interface
ïŒ ethernet unit/port
ãïŒ unit â ãŠãããçªå·ãâ1â
ãïŒ port â ããŒãçªå·ïŒç¯å²ïŒ1-12ïŒ
ïŒ port-channel channel-idïŒç¯å²ïŒ1-6ïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show map ip precedencePrecedence Mapping Status: EnabledPrecedence COS---------- ---0 01 02 13 14 25 26 37 3Console#
Console#show map ip dscp ethernet 1/1DSCP mapping status: enabled
Port DSCP COS--------- ---- ---Eth 1/ 1 0 0Eth 1/ 1 1 0Eth 1/ 1 2 0Eth 1/ 1 3 0..Eth 1/ 1 61 0Eth 1/ 1 62 0Eth 1/ 1 63 0Console#
441 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã©ã€ãªãªãã£
é¢é£ããã³ãã³ã
map ip dscp (Global Configuration) (P437)
map ip dscp (Interface Configuration) (P439)
442FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
3.21 ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
IGMP (Internet Group Management Protocol)ã䜿çšããç¹å®ã®ãã«ããã£ã¹ããµãŒãã¹ãåããããã¹ãã«å¯ŸããŠã¯ãšãªãå®è¡ããŸãããªã¯ãšã¹ãããŠãããã¹ããæå±ããããŒããç¹å®ãããããã®ããŒãã«ã®ã¿ããŒã¿ãéããŸãããã«ããã£ã¹ããµãŒãã¹ãåãåãç¶ããããã«ãé£æ¥ãããã«ããã£ã¹ãã¹ã€ãã /ã«ãŒã¿ã«ãµãŒãã¹ãªã¯ãšã¹ããäŒæ¬ããŸãã
3.21.1 IGMP Snooping ã³ãã³ã
ã³ãã³ãã°ã«ãŒã
æ©èœ ããŒãž
IGMPSnooping
IGMP snoopingåã¯éçèšå®ã«ãããã«ããã£ã¹ãã°ã«ãŒãã®èšå®ãIGMPããŒãžã§ã³ã®èšå®ãèšå®ç¶æ ããã«ããã£ã¹ããµãŒãã¹ã°ã«ãŒããã¡ã³ããŒã®è¡šç€º
P443
IGMP QueryïŒã¬ã€ã€ 2ïŒ
ã¬ã€ã€ 2ã§ã®ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°ã® IGMP queryãã©ã¡ãŒã¿ã®èšå®
P449
StaticMulticast Routing éçãã«ããã£ã¹ãã«ãŒã¿ããŒãã®èšå® P454
IGMP (Layer 3) ã¬ã€ã€ 3 IGMPã®èšå® P456
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
ip igmp snooping IGMP snoopingã®æå¹å GC P444
ip igmp snoopingvlan static
ã€ã³ã¿ãã§ãŒã¹ã®ãã«ããã£ã¹ãã°ã«ãŒããžã®è¿œå
GC P445
ip igmp snoopingversion Snoopingã® IGMPããŒãžã§ã³ã®èšå® GC
P446
show ip igmpsnooping IGMP snoopingã®èšå®ã®è¡šç€º PE P446
showmac-address-tablemulticast
IGMP snoopingã® MACã¢ãã¬ã¹ãã«ããã£ã¹ããªã¹ãã®è¡šç€º PE P448
443 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
ip igmp snooping
IGMP snoopingãæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§æ©èœãç¡å¹ã«ããŸãã
ææ³
[no] ip igmp snooping
åæèšå®
æå¹ (Enabled)
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
æ¬äŸã§ã¯ IGMP snoopingãæå¹ã«ããŠããŸãã
Console(config)#ip igmp snoopingConsole(config)#
444FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
ip igmp snooping vlan static
ãã«ããã£ã¹ãã°ã«ãŒãã«ããŒããè¿œå ããŸãã"no"ãåã«çœ®ãããšã§ã°ã«ãŒãããããŒããåé€ããŸãã
ææ³
ip igmp snooping vlan vlan-id static ip-address interface
no ip igmp snooping vlan vlan-id static ip-address interface
⢠vlan-id â VLAN IDïŒç¯å²ïŒ1-4094ïŒ
⢠ip-address â ãã«ããã£ã¹ãã°ã«ãŒãã® IPã¢ãã¬ã¹
⢠interface
ïŒ ethernet unit/port
ãïŒ unit â ãŠãããçªå·ãâ1â
ãïŒ port â ããŒãçªå·ïŒç¯å²ïŒ1-12ïŒ
ïŒ port-channel channel-idïŒç¯å²ïŒ1-6ïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
æ¬äŸã§ã¯ããŒãã«ãã«ããã£ã¹ãã°ã«ãŒããéçã«èšå®ããŠããŸãã
Console(config)#ip igmp snooping vlan 1 static 224.0.0.12 ethernet 1/5Console(config)#
445 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
ip igmp snooping version
IGMP snoopingã®ããŒãžã§ã³ãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
ip igmp snooping version {1 | 2}
no ip igmp snooping version
⢠1 â IGMP Version 1
⢠2 â IGMP Version 2
åæèšå®
IGMP Version 2
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠ãµããããäžã®ãã¹ãŠã®ã·ã¹ãã ãåãããŒãžã§ã³ããµããŒãããå¿ èŠããããŸããããæ¢åã®ããã€ã¹ã Version 1ãããµããŒãããŠããªãå Žåãæ¬æ©ã«å¯ŸããŠãVersion 1ãèšå®ããŸãã
⢠"ip igmp query-max-response-time"ã³ãã³ãåã³ "ip igmp router-port-expire-time"ã³ãã³ã㯠Version 2ã§ãã䜿ããŸããã
äŸ
æ¬äŸã§ã¯ IGMP Version 1ã«èšå®ããŠããŸãã
show ip igmp snooping
IGMP snoopingã®èšå®æ å ±ã衚瀺ããŸãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
衚瀺ãããå 容ã«é¢ããŠã¯ãP124 ãIGMP Snooping Queryãã©ã¡ãŒã¿ã®èšå®ããåç §ããŠäžããã
Console(config)#ip igmp snooping version 1Console(config)#
446FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
äŸ
æ¬äŸã§ã¯çŸåšã® IGMP snoopingã®èšå®ã衚瀺ããŠããŸãã
Console#show ip igmp snoopingService status: EnabledQuerier status: EnabledQuery count: 2Query interval: 125 secQuery max response time: 10 secRouter port expire time: 300 secIGMP snooping version: Version 2Console#
447 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
show mac-address-table multicast
ãã«ããã£ã¹ãã¢ãã¬ã¹ãšããŠèªèãããŠãããªã¹ãã衚瀺ããŸãã
ææ³
show mac-address-table multicast [vlan vlan-id]
[user | igmp-snooping]
⢠vlan-id â VLAN IDïŒç¯å²ïŒ1-4094)
⢠user â ãŠãŒã¶èšå®ã®ãã«ããã£ã¹ããšã³ããªã®ã¿è¡šç€º
⢠igmp-snooping â IGMP snoopingã«ãã£ãŠåŠç¿ãããã¢ãã¬ã¹ã®ã¿è¡šç€º
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
ã¡ã³ããŒã®çš®é¡ã¯éžæãããªãã·ã§ã³ã«ãã IGMPå㯠USERãå«ã衚瀺ããããŸãã
äŸ
æ¬äŸã§ã¯ VLAN 1㧠IGMP snoopingã«ããç»é²ããããã«ããã£ã¹ããšã³ããªã衚瀺ããŠããŸãã
Console#show mac-address-table multicast vlan 1 igmp-snoopingVLAN M'cast IP addr. Member ports Type---- --------------- ------------ ------- 1 224.1.2.3 Eth1/11 IGMPConsole#
448FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
3.21.2 IGMP Queryã³ãã³ãïŒLayer2ïŒ
ip igmp snooping querier
IGMP snoopingã¯ãšãªã¢ãšããŠã®æ©èœãæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§æ©èœãç¡å¹ã«ããŸãã
ææ³
[no] ip igmp snooping querier
åæèšå®
æå¹ (Enabled)
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
æå¹ã«ããå Žåãæ¬æ©ã¯ã¯ãšãªã¢ãšããŠæ©èœããŸããã¯ãšãªã¢ã¯ãã«ããã£ã¹ããã©ãã£ãã¯ãåãåãå¿ èŠããããã©ããããã¹ãã«è³ªåããŸãã
äŸ
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
ip igmp snoopingquerier
IGMP snoopingã¯ãšãªã¢ãšããŠã®åäœã®æå¹å
GC P449
ip igmp snoopingquery-count ã¯ãšãªãŒã«ãŠã³ãã®èšå® GC P450
ip igmp snoopingquery-interval ã¯ãšãªãŒééã®èšå® GC P451
ip igmp snoopingquery-maxrsponse-time ã¬ããŒãé 延ã®èšå® GC P452
ip igmp snoopingrouoter-port-expire-time ã¯ãšãªãŒã¿ã€ã ã¢ãŠãã®èšå® GC P453
Console(config)#ip igmp snooping querierConsole(config)#
449 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
ip igmp snooping query-coount
ã¯ãšãªãŒã«ãŠã³ãã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
ip igmp snooping query-count count
no ip igmp snooping query-count
⢠count â ãã«ããã£ã¹ãã°ã«ãŒãããã¯ã©ã€ã¢ã³ããé€å€ããåã«ãã¹ã€ããããã¯ãšãªéä¿¡ããæ倧åæ°ïŒç¯å²ïŒ2-10ïŒ
åæèšå®
2å
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
ã¯ãšãªãŒã«ãŠã³ãã§ã¯ãã«ããã£ã¹ãã¯ã©ã€ã¢ã³ãããã®å¿çãã¯ãšãªã¢ãåŸ ã€åæ°ãå®ããŸããã¯ãšãªã¢ãæ¬ã³ãã³ãã§å®çŸ©ãããæ°ã®ã¯ãšãªãŒãéããã¯ã©ã€ã¢ã³ãããã®å¿çããªãã£ãå Žåã" ip igmp snooping query-max-response-time"ã³ãã³ãã§æå®ããã«ãŠã³ãããŠã³ã¿ã€ããŒãã¹ã¿ãŒãããŸãã
ã«ãŠã³ãããŠã³ãçµãããã¯ã©ã€ã¢ã³ãããã®å¿çããªãå Žåãã¯ã©ã€ã¢ã³ãããã«ããã£ã¹ãã°ã«ãŒãããã¯ããããšå€æãããŸãã
äŸ
æ¬äŸã§ã¯ãã¯ãšãªãŒã«ãŠã³ãã 10ã«èšå®ããŠããŸãã
é¢é£ããã³ãã³ã
ip igmp snooping query-max-response-time (P452)
Console(config)#ip igmp snooping query-count 10Console(config)#
450FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
ip igmp snooping query-interval
ã¯ãšãªã®éä¿¡ééãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
ip igmp snooping query-interval seconds
no ip igmp snooping query-interval
⢠seconds â IGMPã¯ãšãªãéä¿¡ããééïŒç¯å²ïŒ60-125)
åæèšå®
125ïŒç§ïŒ
ã³ãã³ãã¢ãŒã
Global Configuration
äŸ
æ¬äŸã§ã¯ã¯ãšãªééã 100ç§ã«èšå®ããŠããŸãã
Console(config)#ip igmp snooping query-interval 100Console(config)#
451 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
ip igmp snooping query-max-response-time
ã¯ãšãªã®éä¿¡ééãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
ip igmp snooping query-interval seconds
no ip igmp snooping query-interval
⢠seconds â IGMPã¯ãšãªãéä¿¡ããééïŒç¯å²ïŒ5-25)
åæèšå®
10ïŒç§ïŒ
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠æ¬æ©èœãæå¹ã«ããã«ã¯ IGMP v2ã䜿çšããå¿ èŠããããŸãã
⢠ã¯ãšãªåŸã®ãã«ããã£ã¹ãã¯ã©ã€ã¢ã³ãããã®æ£åŒãªåçããããŸã§ã®åŸ ã¡æéãèšå®ããŸããã¯ãšãªã¢ãéä¿¡ããã¯ãšãªæ°ã " ip igmp snooping query-count"ã³ãã³ãã䜿çšããŠèšå®ããŠããå Žåãã¯ã©ã€ã¢ã³ãããã®å¿çããªããšã«ãŠã³ãããŠã³ã¿ã€ããŒãæ¬ã³ãã³ãã§èšå®ããå€ã§ã¹ã¿ãŒãããŸããã«ãŠã³ãããŠã³ãçµãããã¯ã©ã€ã¢ã³ãããã®å¿çããªãå Žåãã¯ã©ã€ã¢ã³ãããã«ããã£ã¹ãã°ã«ãŒãããã¯ããããšå€æãããŸãã
äŸ
æ¬äŸã§ã¯ãæ倧è¿çæéã 20ç§ã«èšå®ããŠããŸãã
Console(config)#ip igmp snooping query-max-response-time 20Console(config)#
452FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
ip igmp snooping router-port-expiretime
ã¯ãšãªãŒã¿ã€ã ã¢ãŠãæéã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
ip igmp snooping router-port-expire-time seconds
no ip igmp snooping router-port-expire-time
⢠seconds â ã¯ãšãªãŒãã±ãããåä¿¡ããŠããã«ãŒã¿ããŒããç¡å¹ã«ãªããšå€æãããåã®åŸ æ©æéïŒç¯å²ïŒ300-500ïŒç§ïŒïŒ
åæèšå®
300ïŒç§ïŒ
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
æ¬æ©èœãæå¹ã«ããã«ã¯ IGMP v2ã䜿çšããå¿ èŠããããŸãã
äŸ
æ¬äŸã§ã¯ãã¿ã€ã ã¢ãŠãæéã 300ïŒç§ïŒã«èšå®ããŠããŸãã
é¢é£ããã³ãã³ã
ip igmp snooping version (P446)
Console(config)#ip igmp snooping router-port-expire-time 300Console(config)#
453 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
3.21.3 éçãã«ããã£ã¹ãã«ãŒãã£ã³ã°ã³ãã³ã
ip igmp snooping vlan mrouter
ãã«ããã£ã¹ãã«ãŒã¿ããŒããéçã«èšå®ããŸãã"no"ãåã«çœ®ãããšã§èšå®ãåé€ããŸãã
ææ³
ip igmp snooping vlan vlan-id mrouter interface
no ip igmp snooping vlan vlan-id mrouter interface
⢠vlan-id - VLAN IDïŒç¯å²ïŒ1-4094ïŒ
⢠interface
ïŒ ethernet unit/port
ãà |unit â ãŠãããçªå·ã"1"
ãà |port â ããŒãçªå·ïŒç¯å²ïŒ1-12ïŒ
ïŒ port-channel channel-idïŒç¯å²ïŒ1-6ïŒ
åæèšå®
éçãã«ããã£ã¹ãã«ãŒã¿ããŒãã¯èšå®ãããŠããŸããã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
ãããã¯ãŒã¯æ¥ç¶ç¶æ³ã«ãããIGMP snoopingã§ã¯åžžã« IGMPã¯ãšãªã¢ãé 眮ãããŸããããããã£ãŠãIGMPã¯ãšãªã¢ãã¹ã€ããã«æ¥ç¶ãããæ¢ç¥ã®ãã«ããã£ã¹ãã«ãŒã¿ /ã¹ã€ããã§ããå Žåãã€ã³ã¿ãã§ãŒã¹ããã¹ãŠã®ãã«ããã£ã¹ãã°ã«ãŒãã«åå ãããèšå®ãæåã§è¡ããŸãã
äŸ
æ¬äŸã§ã¯ 11çªããŒãã VLAN 1ã®ãã«ããã£ã¹ãã«ãŒã¿ããŒãã«èšå®ããŠããŸãã
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãžip igmp snoopingVLAN mrouter ãã«ããã£ã¹ãã«ãŒã¿ããŒãã®è¿œå GC P454
show ip igmpsnooping mrouter ãã«ããã£ã¹ãã«ãŒã¿ããŒãã®è¡šç€º PE P455
Console(config)#ip igmp snooping vlan 1 mrouter ethernet 1/11Console(config)#
454FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
show ip igmp snooping mrouter
éçèšå®åã³åçåŠç¿ã«ãããã«ããã£ã¹ãã«ãŒã¿ããŒãã®æ å ±ã®è¡šç€ºãè¡ããŸãã
ææ³
show ip igmp snooping mrouter [vlan vlan-id]
⢠vlan-id â VLAN IDïŒç¯å²ïŒ1-4094ïŒ
åæèšå®
VLANã«èšå®ããããã¹ãŠã®ãã«ããã£ã¹ãã«ãŒã¿ããŒãã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
ãã«ããã£ã¹ãã«ãŒã¿ããŒããšããŠè¡šç€ºãããã¿ã€ãã«ã¯éçåã³åçã®äž¡æ¹ãå«ãŸããŸãã
äŸ
æ¬äŸã§ã¯ãVLAN 1ã®ãã«ããã£ã¹ãã«ãŒã¿ã«æ¥ç¶ãããããŒãã衚瀺ããŸãã
Console#show ip igmp snooping mrouter vlan 1VLAN M'cast Router Ports Type---- ------------------- ------- 1 Eth 1/11 Static 2 Eth 1/12 StaticConsole#
455 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
3.21.4 IGMP Snooping ïŒã¬ã€ã€ 3ïŒã³ãã³ã
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãžip igmp æå®ã€ã³ã¿ãã§ãŒã¹ã® IGMP ãæå¹ã«ããŸãã IC P457
ip igmp robustval äºæ³ãã±ããæ倱ãæ§æããŸãã IC P458
ip igmp query-interval
ãã¹ã ã¯ãšãªãŒ ã¡ãã»ãŒãžãéä¿¡ããé »åºŠãæ§æããŸãã
IC P459
ip igmpmax-resp-interval
ãã¹ãã®æ倧å¿çæéãæ§æããŸãã IC P460
ip igmplast-memb-query-interval
ã°ã«ãŒãåºæã®ãã¹ã ã¯ãšãªãŒ ã¡ãã»ãŒãžã®éä¿¡é »åºŠãæ§æããŸãã
IC P461
ip igmp version ãã®ã€ã³ã¿ãã§ãŒã¹äžã§äœ¿çšããã IGMP ããŒãžã§ã³ãæ§æããŸãã
IC P462
show ip igmp interface
æå®ã€ã³ã¿ãã§ãŒã¹ã® IGMP ã³ã³ãã£ã®ã¥ã¬ãŒã·ã§ã³ã衚瀺ããŸãã
NE,PE P463
clear ip igmp group IGMP ãã£ãã·ã¥ãããšã³ããªãåé€ããŸãã PE P464
show ip igmp groups IGMP ã°ã«ãŒãã®è©³çŽ°æ å ±ã衚瀺ããŸãã NE,PE P465
456FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
ip igmp
VLAN ã€ã³ã¿ãã§ãŒã¹äžã® IGMP ãæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§ãæå®ã€ã³ã¿ãã§ãŒã¹äžã® IGMP ãç¡å¹ã«ãªããŸãã
ææ³
[no] ip igmp
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Interface Configuration (VLAN)
ã³ãã³ã解説
IGMP ã¯ãšãªãŒã¯ãip igmp snooping ã³ãã³ããä»ããŠã¬ã€ã€ãŒ 2 ã§ã°ããŒãã«ã«æå¹ã«ãããããŸã㯠ip igmp ã³ãã³ããä»ããŠã¬ã€ã€ãŒ 3 ã§ç¹å®ã® VLAN ã€ã³ã¿ãã§ãŒã¹ã«å¯ŸããŠæå¹ã«ããããšãã§ããŸããïŒã¬ã€ã€ãŒ 3 ã¯ãšãªãŒãæå¹ã«ãããšãã¬ã€ã€ãŒ 2 ã¯ãšãªãŒã¯ç¡å¹ã«ãªããŸãïŒ
äŸ
é¢é£ããã³ãã³ã
ip igmp snooping ïŒP444ïŒ
show ip igmp snooping ïŒP446ïŒ
Console(config)#interface vlan 1Console(config-if)#ip igmpConsole(config-if)#endConsole#show ip igmp interfaceVlan 1 is up
ãIGMP is enable, version is 2
ãRobustness variable is 2
ãQuery interval is 125 sec
ãQuery Max Response Time is 10 sec, Last Member Query Interval is 1 sec
ãQuerier is 10.1.0.253
Console#
457 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
ip igmp robustval
ã€ã³ã¿ãã§ãŒã¹ã®å ç¢ãïŒäºæ³ãã±ããæå€±ïŒ ãæå®ããŸãã"no"ãåã«çœ®ãããšã§ãèšå®ãåæå€ã«æ»ããŸãã
ææ³
ip igmp robustval robust-value
no ip igmp robustval
⢠robust-value âãã®ã€ã³ã¿ãã§ãŒã¹ã®å ç¢ãïŒç¯å² : 1 ïœ 255ïŒ
åæèšå®
2
ã³ãã³ãã¢ãŒã
Interface Configuration (VLAN)
ã³ãã³ã解説
å ç¢ãã®å€ã¯ãä»ã® IGMP å€æ°ã®é©åãªç¯å²ãç®åºããã®ã«äœ¿çšãããŸãããã®å€æ°ã«ã¯ãGroup Membership IntervalïŒip igmp last-memb-query-intervalã Other Querier Present Interval ã®ã»ããStartup Query Count ïŒRFC 2236ïŒ ãªã©ããããŸãã
äŸ
Console(config-if)#ip igmp robustval 3Console(config-if)#
458FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
ip igmp query-interval
ãã¹ã ã¯ãšãªãŒ ã¡ãã»ãŒãžãéä¿¡ãããé »åºŠãæ§æããŸãã"no"ãåã«çœ®ãããšã§ãèšå®ãåæå€ã«æ»ããŸãã
ææ³
ip igmp query-interval seconds
no ip igmp query-interval
⢠seconds â ã¹ã€ããã IGMP ãã¹ãã¯ãšãªãŒ ã¡ãã»ãŒãžãéä¿¡ããé »åºŠãããããããããããããããããããããããããïŒç¯å² : 1 ïœ 255ïŒ
åæèšå®
125ç§
ã³ãã³ãã¢ãŒã
Interface Configuration (VLAN)
ã³ãã³ã解説
⢠ãã«ããã£ã¹ã ã«ãŒã¿ã¯ãç¹å®ã®ãã«ããã£ã¹ã ãµãŒãã¹ãèŠæ±ããäžæµãã¹ããšã®æ¥ç¶ã€ã³ã¿ãã§ãŒã¹ã€ã³ã¿ãã§ãŒã¹ã決å®ããããããã¹ã ã¯ãšãªãŒ ã¡ãã»ãŒãžãéä¿¡ããŸãããµããããã«å¯Ÿå¿ããæå®ãã«ããã£ã¹ã ã«ãŒã¿ã®ã¿ãããã«ããã£ã¹ã ã¢ãã¬ã¹224.0.0.1 ã«å®ãŠããã¹ã ã¯ãšãªãŒ ã¡ãã»ãŒãžãéä¿¡ããŸãã
⢠IGMP ããŒãžã§ã³ 1 ã®å Žåãæå®ã«ãŒã¿ã¯ãLAN ã§çšŒåãããã«ããã£ã¹ã ã«ãŒãã£ã³ã° ãããã³ã«ã«åŸã£ãŠéžåºãããŸããIGMP ããŒãžã§ã³ 2 ã§ã¯ããµããããäžã§æãå°ãã IP ã¢ãã¬ã¹ãæã€ãã«ããã£ã¹ã ã«ãŒã¿ãæå®ã¯ãšãªã¢ã«ãªããŸãã
äŸæ¬¡ã®äŸã¯ãã¯ãšãªãŒééã 100 ç§ã«æ§æããæ¹æ³ã瀺ããŠããŸãã
Console(config-if)#ip igmp query-interval 100Console(config-if)#
459 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
ip igmp max-resp-interval
IGMP ã¯ãšãªãŒã§ã¢ããã¿ã€ãºãããæ倧å¿çæéãæ§æããŸãã"no"ãåã«çœ®ãããšã§ãèšå®ãåæå€ã«æ»ããŸãã
ææ³
ip igmp max-resp-interval seconds
no ip igmp max-resp-interval
⢠secondsâ IGMP ã¯ãšãªãŒã§ã¢ããã¿ã€ãºãããã¬ããŒãé 延ã§ãïŒç¯å² : 1 ïœ 255ïŒã
åæèšå®
10 ç§
ã³ãã³ãã¢ãŒã
Interface Configuratio
ã³ãã³ã解説
⢠ãã®ã³ãã³ããæå¹ã«ããã«ã¯ãã¹ã€ããã IGMPv2 ã䜿çšããŠããå¿ èŠããããŸãã
⢠ãã®ã³ãã³ãã¯ãã«ãŒã¿ã«ãã£ãŠã°ã«ãŒããåé€ãããåã«ããŸã ã°ã«ãŒãå ã«ããå¿çè ïŒã¯ã©ã€ã¢ã³ããŸãã¯ã«ãŒã¿ïŒ ãã¯ãšãªãŒ ã¡ãã»ãŒãžã«å¿çãè¿ããªããŠã¯ãªããªãæ倧æéãå®çŸ©ããŸãã
⢠æ倧å¿çæéãå€æŽããããšã«ããããµãããããééãã IGMP ã¡ãã»ãŒãžã®ããŒã¹ãæ§ã調æŽããããšãã§ããŸãããã®æ°å€ã倧ãããããšããã¹ãã®å¿çééãããé·ããªãããããã©ãã£ãã¯ã®ããŒã¹ãæ§ã¯äœäžããŸãã
⢠æ倧å¿çééã§è¡šãããç§æ°ã¯ãã¯ãšãªãŒééïŒ4-244 ããŒãžïŒ ãããå°ãããªããŠã¯ãªããŸããã
äŸ
次ã®äŸã¯ãæ倧å¿çæéã 20 ç§ã«æ§æããæ¹æ³ã瀺ããŠããŸãã
ip igmp version ïŒP446ïŒ
ip igmp query-interval ïŒP451ïŒ
Console(config-if)#ip igmp max-resp-interval 20Console(config-if)#
460FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
ip igmp last-memb-query-interval
last member ã¯ãšãªãŒééãæ§æããŸãã"no"ãåã«çœ®ãããšã§ãèšå®ãåæå€ã«æ»ããŸãã
ææ³
ip igmp last-memb-query-interval seconds
no ip igmp last-memb-query-interval
⢠secondsâ last member ã¯ãšãªãŒã®ã¬ããŒãé 延æéã§ãïŒç¯å² : 1 ïœ 255ïŒã
åæèšå®
1 ç§
ã³ãã³ãã¢ãŒã
Interface Configuration (VLAN)
ã³ãã³ã解説
⢠ãã«ããã£ã¹ã ã¯ã©ã€ã¢ã³ãã¯ãã°ã«ãŒããé¢è±ããæãIGMP ãªãŒã ã¡ãã»ãŒãžãéä¿¡ããŸããã«ãŒã¿ã¯ããããã°ã«ãŒãå ã®æåŸã®ãã¹ãã§ãããã©ããã確èªãããããIGMP ã¯ãšãªãŒãéä¿¡ãããã®ã³ãã³ãã«åºã¥ããŠã¿ã€ããŒãéå§ããŸããå¿çãåä¿¡ãããªããŸãŸã¿ã€ããŒãæºäºãããšããã®ã°ã«ãŒãã¯åé€ãããŸãã
⢠ãã®å€ã調æŽããããšã«ããããããã¯ãŒã¯ã®é¢è±é 延æéãå€æŽããããšãã§ããŸãããã®å€ãå°ããèšå®ãããšãã°ã«ãŒãã®æåŸã®ã¡ã³ããŒã®é¢è±ãæ€ç¥ããæéãççž®ã§ããŸãã
äŸ
次ã®äŸã¯ãæ倧å¿çæéã 10 ç§ã«æ§æããæ¹æ³ã瀺ããŠããŸãã
Console(config-if)#ip igmp last-memb-query-interval 10Console(config-if)#
461 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
ip igmp version
ã€ã³ã¿ãã§ãŒã¹äžã§äœ¿çšããã IGMP ã®ããŒãžã§ã³ãæ§æããŸãã"no"ãåã«çœ®ãããšã§ãèšå®ãåæå€ã«æ»ããŸãã
ææ³
ip igmp version {1 | 2}
no ip igmp version
⢠1â IGMP ããŒãžã§ã³ 1
⢠2â IGMP ããŒãžã§ã³ 2
åæèšå®
IGMP ããŒãžã§ã³ 2
2
ã³ãã³ãã¢ãŒã
Interface Configuration (VLAN)
ã³ãã³ã解説
⢠ãµããããäžã®ãã¹ãŠã®ã«ãŒã¿ã¯åäžããŒãžã§ã³ããµããŒãããŠããå¿ èŠããããŸãããã ãããµããããäžã®ãã«ããã£ã¹ã ãã¹ãã¯ãIGMP ããŒãžã§ã³ 1 ãŸã㯠2ã®ã©ã¡ãããµããŒãããŠããŠãããŸããŸããã
⢠ã¹ã€ããã¯ãããŒãžã§ã³ 2 ã«èšå®ããip igmp max-resp-interval ïŒP460ïŒ ãæå¹ã«ãããŠããå¿ èŠããããŸãã
äŸ
次ã®äŸã§ã¯ãéžæããã€ã³ã¿ãã§ãŒã¹äžã§ IGMP ããŒãžã§ã³ 1 ã䜿çšããããã¹ã€ãããæ§æããŸãã
Console(config-if)#ip igmp version 1Console(config-if)#
462FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
show ip igmp interface
æå®ãã VLAN ã€ã³ã¿ãã§ãŒã¹ãŸãã¯ãã¹ãŠã®ã€ã³ã¿ãã§ãŒã¹ã® IGMP ã³ã³ãã£ã®ã¥ã¬ãŒã·ã§ã³ã衚瀺ããŸãã
ææ³
show ip igmp interface [vlan vlan-id]
⢠vlan-id â VLAN IDïŒç¯å²ïŒ1-4093ïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Normal ExecãPrivileged Exec
äŸ
次ã®äŸã§ã¯ãVLAN 1ãããã³ãã®ãã«ããã£ã¹ã ãµãŒãã¹ã® IGMP ã¯ãšãªã¢ãšããŠçŸåšæ©èœããŠããããã€ã¹ã® IGMP ã³ã³ãã£ã®ã¥ã¬ãŒã·ã§ã³ã衚瀺ããŸãã
Console#show ip igmp interface vlan 1Vlan 1 is up
ãIGMP is enable, version is 2
ãRobustness variable is 2
ãQuery interval is 125 sec
ãQuery Max Response Time is 10 sec, Last Member Query Interval is 1 sec
ãQuerier is 10.1.0.253Console#
463 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
clear ip igmp group
IGMP ãã£ãã·ã¥ãããšã³ããªãåé€ããŸãã
ææ³
clear ip igmp group [group-address | interface vlan vlan-id]
⢠group-address â ãã«ããã£ã¹ã ã°ã«ãŒãã® IP ã¢ãã¬ã¹
⢠vlan-id â VLAN IDïŒç¯å²ïŒ1-4093ïŒ
åæèšå®
ãªãã·ã§ã³ãäœãéžæããªããšããã£ãã·ã¥å ã®ãã¹ãŠã®ãšã³ããªãåé€ãããŸãã
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
æå®ã°ã«ãŒãã®ãã¹ãŠã®ãšã³ããªãåé€ããã«ã¯ããã«ããã£ã¹ã ã°ã«ãŒãã®ã¢ãã¬ã¹ãå ¥åããŸããæå®ã€ã³ã¿ãã§ãŒã¹ã®ãã¹ãŠã®ãã«ããã£ã¹ã ã°ã«ãŒããåé€ããã«ã¯ãã€ã³ã¿ãã§ãŒã¹ ãªãã·ã§ã³ãå ¥åããŸãããªãã·ã§ã³ãäœãå ¥åããªããšããã£ãã·ã¥å ã®ãã¹ãŠã®ãã«ããã£ã¹ã ã°ã«ãŒããåé€ãããŸãã
äŸ
次ã®äŸã§ã¯ãVLAN 1 ã®ãã¹ãŠã®ãã«ããã£ã¹ã ã°ã«ãŒã ãšã³ããªãã¯ãªã¢ããŸãã
Console#clear ip igmp group interface vlan 1Console#
464FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ããã£ã«ã¿ãªã³ã°
show ip igmp groups
ã¹ã€ããäžã§ã¢ã¯ãã£ããªãã«ããã£ã¹ã ã°ã«ãŒãã«é¢ããæ å ±ã衚瀺ããŸãã
ææ³
show ip igmp groups [group-address | interface vlan vlan-id]
⢠group-address â ãã«ããã£ã¹ã ã°ã«ãŒãã® IP ã¢ãã¬ã¹
⢠vlan-id â VLAN IDïŒç¯å²ïŒ1-4093ïŒ
åæèšå®
ãã¹ãŠã®æ¢ç¥ã®ã°ã«ãŒãã«é¢ããæ å ±ã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Normal ExecãPrivileged Exec
ã³ãã³ã解説
⢠ãã®ã³ãã³ãã§ã¯ãã¹ã¿ãã£ã㯠ã°ã«ãŒãã§ã¯ãªããIGMP çµç±ã§åŠç¿ããããã«ããã£ã¹ã ã°ã«ãŒãã«é¢ããæ å ±ã衚瀺ããŸããã¹ã€ãã㯠IGMP ããŒãžã§ã³ 1 ã¡ã³ããŒã·ãã ã¬ããŒããåä¿¡ãããšãã¿ã€ããŒãèšå®ããåä¿¡ããã¬ããŒãã®ã°ã«ãŒãã®ã¡ã³ããŒã§ããããŒãžã§ã³ 1 ãã¹ããååšããŠããããšãèšé²ããŸãã
⢠ç¹å®ã®ã°ã«ãŒãã®ããŒãžã§ã³ 1 ãã¹ããååšããå Žåãã¹ã€ããã¯ãã®ã°ã«ãŒãããåä¿¡ãããªãŒã ã°ã«ãŒã ã¡ãã»ãŒãžããã¹ãŠç¡èŠããŸãã
äŸ
次ã®äŸã§ã¯ãVLAN 1 äžã§çŸåšã¢ã¯ãã£ã㪠IGMP ã°ã«ãŒãã衚瀺ããŸãã
Console#show ip igmp groups vlan 1
ãGroupAddress ãInterfaceVlan ãLastreporter ãUptime ãExpireãV1Timer--------------- --------------- --------------- -------- -------- --
ããã234.5.6.8 ããããããã1 ãããã10.1.5.19 ãã7068 ããã220ãã 0Console#
é ç® è§£èª¬GroupAddress IP ãã«ããã£ã¹ã ã°ã«ãŒã ã¢ãã¬ã¹ã§ããå å ¥è ã¯çŽæ¥
æ¥ç¶ãããŠãããããŸãã¯ãã®ã¹ã€ããã®äžæµã«ååšããŸãã
InterfaceVlan ãã«ããã£ã¹ã ã°ã«ãŒã ã¢ãã¬ã¹å®ãŠã®ãã©ãã£ãã¯ãåä¿¡ãããã®ã¹ã€ããã®ã€ã³ã¿ãã§ãŒã¹ã§ããïŒ
Lastreporter ã€ã³ã¿ãã§ãŒã¹äžã®ãã®ãã«ããã£ã¹ã ã°ã«ãŒã ã¢ãã¬ã¹ã§åä¿¡ãããæåŸã®ã¡ã³ããŒã·ãã ã¬ããŒãã®éä¿¡å IP ã¢ãã¬ã¹ã§ããã¡ã³ããŒã·ãã ã¬ããŒããåä¿¡ãããªãã£ãå Žåããã®ãªããžã§ã¯ãã®å€ã¯ 0.0.0.0 ãšãªããŸãã
Uptime ãã®ãšã³ããªãäœæãããŠããã®çµéæéUptime UptimeExpire ã®ãšã³ããªãçµå¹ŽåŠçã«ããç¡å¹ã«ãªããŸã§ã®æ®ãæé
ã§ãïŒããã©ã«ãã§ã¯ 260 ç§ïŒ
V1Timer ãã®ã€ã³ã¿ãã§ãŒã¹ã«æ¥ç¶ããã IP ãµããããäžã«ã¯ IGMP ããŒãžã§ã³ 1 ã¡ã³ããŒãååšããªããšã¹ã€ãããèŠãªããŸã§ã®æ®ãæéã§ãïŒããã©ã«ãã§ã¯ 400 ç§ïŒ
465 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IP ã€ã³ã¿ãã§ãŒã¹
3.22 IP ã€ã³ã¿ãã§ãŒã¹
IPã¢ãã¬ã¹ã¯æ¬æ©ãžã®ãããã¯ãŒã¯çµç±ã§ã®ç®¡ççšã¢ã¯ã»ã¹ã®éã«äœ¿çšãããŸããåæèšå®ã§ã¯ DHCPã䜿çšã㊠IPã¢ãã¬ã¹ã®ååŸãè¡ãèšå®ã«ãªã£ãŠããŸããIPã¢ãã¬ã¹ã¯æåã§èšå®ããããšããå BOOTP/DHCPãµãŒãããé»æºæå ¥æã«èªåçã«ååŸããããšãã§ããŸãããŸããä»ã®ã»ã°ã¡ã³ãããæ¬æ©ãžã®ã¢ã¯ã»ã¹ãè¡ãããã«ã¯ããã©ã«ãã²ãŒããŠã§ã€ã®èšå®ãå¿ èŠãšãªããŸãã
3.22.1 åºæ¬ IPèšå®
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
ip address æ¬æ©ãžã® IPã¢ãã¬ã¹ã®èšå® IC P467
ipdefault-gateway
æ¬æ©ãšç®¡ç端æ«ãæ¥ç¶ããããã®ã²ãŒããŠã§ã€èšå®ã®è¡šç€º
GC P468
ip dhcp restart BOOTP/DHCPã¯ã©ã€ã¢ã³ããªã¯ãšã¹ãã®éä¿¡
PE P469
show ip interface æ¬æ©ã® IPèšå®ã®è¡šç€º PE P470
show ip redirects æ¬æ©ã®ããã©ã«ãã²ãŒããŠã§ã€èšå®ã®è¡šç€º PE P470
pingãããã¯ãŒã¯äžã®ä»ã®ããŒããžã® ICMP echoãªã¯ãšã¹ããã±ããã®éä¿¡
NE,PE P471
466FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IP ã€ã³ã¿ãã§ãŒã¹
ip address
æ¬æ©ãžã® IPã¢ãã¬ã¹ã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®ã«æ»ããŸãã
ææ³
ip address {ip-address netmask | bootp | dhcp}
no ip address
⢠ip-address â IPã¢ãã¬ã¹
⢠netmask â ãµãããããã¹ã¯
⢠bootp â IPã¢ãã¬ã¹ã BOOTPããååŸããŸãã
⢠dhcp â IPã¢ãã¬ã¹ã DHCPããååŸããŸãã
åæèšå®
DHCP
ã³ãã³ãã¢ãŒã
Interface Configuration (VLAN)
ã³ãã³ã解説
⢠管ççšã«ãããã¯ãŒã¯çµç±ã§æ¬æ©ãžã¢ã¯ã»ã¹ããå ŽåãIPã¢ãã¬ã¹ã®èšå®ãå¿ é ãšãªããŸããæå㧠IPã¢ãã¬ã¹ãå ¥åããæ¹æ³ãšãBOOTPãDHCPã䜿çšããŠèªå㧠IPã¢ãã¬ã¹ãååŸããæ¹æ³ããããŸãã
⢠bootpå㯠dhcpãéžæããå ŽåãBOOTPå㯠DHCPããã®å¿çããããŸã§ IPã¢ãã¬ã¹ã¯èšå®ãããŸãããIPã¢ãã¬ã¹ãååŸããããã®ãªã¯ãšã¹ãã¯åšæçã«ãããŒããã£ã¹ãã§éä¿¡ãããŸãïŒBOOTPåã³ DHCPã«ãã£ãŠååŸã§ããã®ã¯ IPã¢ãã¬ã¹ããµãããããã¹ã¯åã³ããã©ã«ãã²ãŒããŠã§ã€ã®å€ã§ãïŒ
⢠BOOTPå㯠DHCPã«å¯ŸãããããŒããã£ã¹ããªã¯ãšã¹ã㯠"ip dhcp restart"ã³ãã³ãã䜿çšããããæ¬æ©ãåèµ·åãããå Žåã«è¡ãããŸãã
[ 泚æ ]ãIP ã¢ãã¬ã¹ã¯ VLAN ã€ã³ã¿ãã§ãŒã¹ 1 ã€ã®ã¿ã«å²ãåœãŠã§ããŸãïŒåæèšå®ã§ã¯VLAN1ã«å²ãåœãŠãããã«ãªã£ãŠããŸãïŒããã§èšå®ããVLANã管ççšã®VLANãšãªãããã® VLAN ãä»ããŠã®ã¿æ¬æ©ãžã®ç®¡çã¢ã¯ã»ã¹ãå¯èœã«ãªããŸããIP ã¢ãã¬ã¹ãä»ã® VLANã«å²ãåœãŠããšãæ°ãã«å²ãåœãŠã IPã¢ãã¬ã¹ãæ¢åã® IPã¢ãã¬ã¹ãäžæžãããæ°ããªç®¡ç VLANãšããŠæ©èœããŸãã
äŸ
æ¬äŸã§ã¯ãVLAN 1ã«å¯Ÿã㊠IPã¢ãã¬ã¹ãèšå®ããŠããŸãã
é¢é£ããã³ãã³ã
ip dhcp restart (P469)
Console(config)#interface vlan 1Console(config-if)#ip address 192.168.1.5 255.255.255.0Console(config-if)#
467 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IP ã€ã³ã¿ãã§ãŒã¹
ip default-gateway
ã»ã°ã¡ã³ããããããã¹ã€ãããšç®¡ç端æ«ãæ¥ç¶ããããã®ããã©ã«ãã²ãŒããŠã§ã€ã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§ããã©ã«ãã²ãŒããŠã§ã€ãåé€ããŸãã
ææ³
ip default-gateway gateway
no ip default-gateway
⢠gateway â ããã©ã«ãã²ãŒããŠã§ã€ã® IPã¢ãã¬ã¹
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
ç°ãªãã»ã°ã¡ã³ãã«ç®¡ç端æ«ãèšçœ®ãããŠããå Žåã«ã¯å¿ ãèšå®ããå¿ èŠããããŸãã
äŸ
æ¬äŸã§ã¯ããã©ã«ãã²ãŒããŠã§ã€ã®èšå®ãè¡ã£ãŠããŸãã
é¢é£ããã³ãã³ã
show ip redirects (P470)
Console(config)#ip default-gateway 10.1.1.254Console(config)#
468FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IP ã€ã³ã¿ãã§ãŒã¹
ip dhcp restart
BOOTP/DHCPã¯ã©ã€ã¢ã³ããªã¯ãšã¹ããéä¿¡ããŸãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
⢠"ip address"ã³ãã³ã㧠BOOTPå㯠DHCPã«èšå®æžã¿ã® IPã€ã³ã¿ãã§ãŒã¹ã«å¯ŸããBOOTP/DHCPã¯ã©ã€ã¢ã³ããªã¯ãšã¹ããéä¿¡ããŸãã
⢠DHCPã¯ãæå¹ãªå ŽåããµãŒãã«ã¯ã©ã€ã¢ã³ãã®æåŸã® IPã¢ãã¬ã¹ãåä»äžããããèŠæ±ããŸãã
⢠DHCP/BOOTPãµãŒããå¥ã®ãã¡ã€ã³ã«ç§»åããå Žåãã¯ã©ã€ã¢ã³ãã«ä»äžãããŠãã IPã¢ãã¬ã¹ã®ãããã¯ãŒã¯éšã¯æ°ããªãã¡ã€ã³ã® IPã¢ãã¬ã¹ãšãªããŸãã
äŸ
æ¬äŸã§ã¯ããã©ã«ãã²ãŒããŠã§ã€ã®èšå®ãè¡ã£ãŠããŸãã
é¢é£ããã³ãã³ã
ip address (P467)
Console(config)#interface vlan 1Console(config-if)#ip address dhcpConsole(config-if)#endConsole#ip dhcp restartConsole#show ip interface IP address and netmask: 192.168.1.54 255.255.255.0 on VLAN 1, and address mode: DHCP.Console#
469 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IP ã€ã³ã¿ãã§ãŒã¹
show ip interface
IPã€ã³ã¿ãã§ãŒã¹ã®èšå®ã衚瀺ããŸãã
åæèšå®
ãã¹ãŠã®ã€ã³ã¿ãã§ãŒã¹
ã³ãã³ãã¢ãŒãPrivileged Exec
äŸ
é¢é£ããã³ãã³ã
show ip redirects (P470)
show ip redirects
ããã©ã«ãã²ãŒããŠã§ã€ã®èšå®ã衚瀺ããŸãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
é¢é£ããã³ãã³ã
ip default-gateway (P468)
Console#show ip interfaceIP address and netmask: 192.168.1.54 255.255.255.0 on VLAN 1,and address mode: User specified.Console#
Console#show ip redirectsip default gateway 10.1.0.254Console#
470FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IP ã€ã³ã¿ãã§ãŒã¹
ping
ãããã¯ãŒã¯äžã®ä»ã®ããŒãã«å¯Ÿã ICMP echoãªã¯ãšã¹ããã±ãããéä¿¡ããŸãã
ææ³
ping host [count count][size size]
⢠host â ãã¹ãã® IPã¢ãã¬ã¹ /ãšã€ãªã¢ã¹
⢠count â éä¿¡ãããã±ããæ°ïŒç¯å²ïŒ1-16ãåæèšå®ïŒ5ïŒ
⢠size â ãã±ããã®ãµã€ãº (bytes)ïŒç¯å² 32-512ãåæèšå®ïŒ32ïŒãããæ å ±ãä»å ããããããå®éã®ãã±ãããµã€ãºã¯èšå®ããå€ãã 8bytes倧ãããªããŸãã
åæèšå®
èšå®ããããã¹ãã¯ãããŸããã
ã³ãã³ãã¢ãŒã
Normal Exec, Privileged Exec
ã³ãã³ã解説
⢠pingã³ãã³ãã䜿çšããããšã§ãããã¯ãŒã¯ã®ä»ã®å ŽæïŒç«¯æ«ãªã©ïŒã«æ¥ç¶ãããŠããã確èªããããšãã§ããŸãã
⢠pingã³ãã³ãã®çµæã¯ä»¥äžã®ãããªå 容ãšãªããŸãïŒ
ïŒ Normal response â æ£åžžãªã¬ã¹ãã³ã¹ã¯ããããã¯ãŒã¯ã®ç¶æ ã«äŸåããŠã1ïœ 10ç§ã§çããŸã
ïŒDestination does not respond â ãã¹ããå¿çããªãå Žåã"timeout"ã 10ç§ä»¥å ã«è¡šç€ºãããŸã
ïŒ Destination unreachable â ç®çã®ãã¹ãã«å¯Ÿããã²ãŒããŠã§ã€ãèŠã€ãããªãå Žå
ïŒ Network or host unreachable â ã²ãŒããŠã§ã€ãç®çãšãªãã«ãŒãããŒãã«ãèŠã€ããããªãå Žå
⢠<ESC>ããŒãæŒããš PingãäžæãããŸãã
äŸ
é¢é£ããã³ãã³ã
interface (P357)
Console#ping 10.1.0.9Type ESC to abort.PING to 10.1.0.9, by 5 32-byte payload ICMP packets, timeout is 5secondsresponse time: 10 msresponse time: 10 msresponse time: 10 msresponse time: 10 msresponse time: 0 msPing statistics for 10.1.0.9: 5 packets transmitted, 5 packets received (100%), 0 packets lost(0%)Approximate round trip times:Ã @Minimum = 0 ms, Maximum = 10 ms, Average = 8 msConsole#
471 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
3.23 IPã«ãŒãã£ã³ã°
æ¬æ©ã¯ IPã«ãŒãã£ã³ã°æ©èœããµããŒãããŠãããã«ãŒãã£ã³ã°ãã¹ã®ç®¡çã¯ãéçãªçµè·¯ã®èšå®ïŒP472ïŒããŸã㯠RIPïŒP479ïŒããŸã㯠OSPFïŒP491ïŒã«ããåçãªèšå®ïŒP479ïŒã«ããå¯èœã«ãªããŸããIPã«ãŒãã£ã³ã°æ©èœãæå¹ã«èšå®ïŒããŠãããšãæ¬æ©ã¯ã¯ã€ã€ã¹ããŒããå®çŸããã«ãŒã¿åæ§ã«åäœãããããç°ãªã IPã€ã³ã¿ãã§ãŒã¹ãä»ãã VLANééä¿¡ããå€éš IPãããã¯ãŒã¯ãžã®ãã©ãã£ãã¯ã®ã«ãŒãã£ã³ã°ãè¡ããŸããããããæ¬æ©ã®åæèšå®ã§ã¯ã«ãŒãã£ã³ã°æ©èœã¯èšå®ãããŠããŸãããã«ãŒãã£ã³ã°æ©èœã䜿çšããã«ã¯ãæ¢åã®ã«ãŒã¿è£œåã®ããã«ãæåã«ãããã®èšå®ãè¡ãå¿ èŠããããŸãã
å·¥å Žåºè·æã®èšå®ã§ã¯ãããŒãã¯ãã¹ãŠåäžã® VLANã«æå±ããã¬ã€ã€ 2æ©èœã®ã¿ã䜿çšããããã«ãªã£ãŠããŸãããã®ããããŸããåãŠãŒã¶ã°ã«ãŒããŸãã¯ãã©ãã£ãã¯ã®ã¢ããªã±ãŒã·ã§ã³å¥ã« VLANãäœæããåãã°ã«ãŒãã«æå±ãããã¹ãŠã®ããŒããå VLANã«å²ãåœãŠãããããå VLANã« IPã€ã³ã¿ãã§ãŒã¹ãèšå®ããå¿ èŠããããŸãããããã¯ãŒã¯ãè€æ°ã®ç°ãªã VLANã«åããããšã«ãã£ãŠãã¬ã€ã€ 2ã¬ãã«ã§åå²ãããŠãããµããããã¯ãŒã¯ã§åããããšãã§ããŸããåäžãµããããå ã§ããåãããããã©ãã£ãã¯ã¯ãã¬ã€ã€ 2ã®ã¹ã€ããã³ã°æ©èœã䜿çšããŠéä¿¡ãããŸãããããŠãå¿ èŠãªå Žåã«ã¯ãã¬ã€ã€ 3ã®ã¹ã€ããã³ã°æ©èœã䜿çšã㊠VLANééä¿¡ãã§ããããšã«ãªããŸãã
å VLANã¯ã¬ã€ã€ 3ã§ã®ä»®æ³çãªã€ã³ã¿ãã§ãŒã¹ã«çžåœããŸãããã®ä»®æ³ã€ã³ã¿ãã§ãŒã¹ã«å¯ŸããŠãããã¯ãŒã¯ã¢ãã¬ã¹ãèšå®ãããããã°ããã©ãã£ãã¯ã¯ãç°ãªããµããããéã§ã¬ã€ã€ 3ã¬ãã«ã§ã«ãŒãã£ã³ã°ãããããã«ãªããŸãã
3.23.1 ã°ããŒãã«ã«ãŒãã£ã³ã°
ã³ãã³ãã°ã«ãŒã
æ©èœ ããŒãž
Global RoutingConfiguration
éçãŸãã¯åçã«ãŒãã£ã³ã°ã®ããã®ãã°ããŒãã«ãã©ã¡ãŒã¿ã®èšå®ããã³ãã«ãŒãã£ã³ã°ããŒãã«ããæ å ±äº€æã®ããã«ãããããããããã³ã«ã®çµ±èšã®è¡šç€ºã
P472
RoutingInformationProtocol (RIP)
RIPã®èšå® P479
Open ShortestPath First (OSPF) OSPFã®èšå® P491
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãžIP routing éçãŸãã¯åç IPã«ãŒãã£ã³ã°ãæå¹å GC P473
IP route éçã«ãŒãã®èšå® GC P474
clear ip route ã«ãŒãã£ã³ã°ããŒãã«ãããæå®ãããšã³ããªãåé€ PE P475
show ip route ã«ãŒãã£ã³ã°ããŒãã«å ã®æå®ãããšã³ããªã衚瀺 PE P476
show ip host-route åšç¥ã®ã«ãŒããšé¢é£ä»ããããã€ã³ã¿ãã§ãŒã¹ã®è¡šç€º PE P477
show ip traffic IPãICMPãUDPãTCPããã³ ARPãããã³ã«ã®çµ±èšæ å ±ã衚瀺
PE P478
472FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
IP routing
IPã«ãŒãã£ã³ã°ãæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§ ç¡å¹ã«ããŸãã
ææ³
ip routing
no ip routing
åæèšå®
æå¹
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠ãã®ã³ãã³ãã¯ãéç /åçäž¡æ¹ã®ãŠããã£ã¹ãã«ãŒãã£ã³ã°ã«åœ±é¿ããŸãã
⢠IPã«ãŒãã£ã³ã°ãæå¹ã«ãããšããã¹ãŠã® IPãã±ããã¯éçã«ãŸã㯠RIPã«ããåçã«ã«ãŒãã£ã³ã°ãããé IPãããã³ã«ïŒNetBueiãNetWareãAppleTalkãªã©ïŒã®ãã±ãã㯠MACã¢ãã¬ã¹ã§ã¹ã€ããã³ã°ãããŸããIPã«ãŒãã£ã³ã°ãç¡å¹ã«ãããšããã¹ãŠã®ãã±ããã¯ãMACã¢ãã¬ã¹ã®ã¿ã§ãã£ã«ã¿ãªã³ã°ãšãã©ã¯ãŒãã£ã³ã°ãããŠã¹ã€ããã³ã°ãããŸãã
äŸ
Console(config)#ip routingConsole(config)#
473 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
ip route
éçã«ãŒãã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§ãèšå®ãããéçã«ãŒããåé€ããŸãã
ææ³
ip route { destination-ip netmask | default } { gateway } [ metric metric ]
no ip route { destination-ip netmask | default | * }
⢠destination-ip â éä¿¡å ãããã¯ãŒã¯ã® IPã¢ãã¬ã¹ããµãããããã¹ã¯ãŸãã¯ãã¹ã
⢠netmask â IPãµããããã«é¢é£ãããããã¯ãŒã¯ãã¹ã¯ããã®ãã¹ã¯ã¯ãç¹å®ã®ãµããããã«ã«ãŒãã£ã³ã°ããããã«äœ¿çšãããã¹ãã¢ãã¬ã¹ã®ããããèå¥ããŸã
⢠default â ãã®ãšã³ããªãããã©ã«ãã«ãŒãã«ããã
⢠gateway â ãã®ã«ãŒãã®ã²ãŒããŠã§ã€ IPã¢ãã¬ã¹
⢠metric â ãã®ã€ã³ã¿ãã§ãŒã¹ã® RIPã³ã¹ããéžæïŒç¯å²ïŒ1-5åæèšå® 1ïŒ
⢠* â å šãŠã®éçã«ãŒãã£ã³ã°ããŒãã«ã®ãšã³ããªãåé€ã
åæèšå®
éçã«ãŒãã¯èšå®ãããŠããŸããã
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠æ¬æ©ã¯ãæ倧 256ã®éçãšã³ããªãèšå®ããããšãã§ããŸãã
⢠ãããéçããã³åçãã¹ãåãæäœã³ã¹ããææããå Žåãéçãã¹ãåçãã¹ãããåªå ãããŸãã
äŸ
æ¬äŸã§ã¯ããã¹ãŠã®ãã©ãã£ãã¯ããµãããã 192.168.1.10ã§ã«ãŒã¿ 192.168.5.254ãžè»¢éããŸãã
Console(config)#ip route 192.168.1.0 255.255.255.0 192.168.5.254Console(config)#
474FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
clear ip route
IPã«ãŒãã£ã³ã°ããŒãã«ãããåçåŠç¿ãšã³ããªãåé€ããŸãã
ææ³
clear ip route { network [ netmask ] | * }
⢠network â ãããã¯ãŒã¯ãµããããã¢ãã¬ã¹
⢠netmask â IPãµããããã«é¢é£ãããããã¯ãŒã¯ãã¹ã¯ããã®ãã¹ã¯ã¯ãç¹å®ã®ãµããããã«ã«ãŒãã£ã³ã°ããããã«äœ¿çšããããã¹ãã¢ãã¬ã¹ã®ããããèå¥ããŸãã
åæèšå®
å šãŠã®åçã«ãŒãã£ã³ã°ããŒãã«ã®ãšã³ããªãåé€ã
ã³ãã³ãã¢ãŒã
Privileged Exec
ã³ãã³ã解説
⢠æ¬ã³ãã³ãã¯ãåçåŠç¿ã«ãŒãã®ã¿åé€ãè¡ããŸãã
⢠"no ip address"ã³ãã³ãã¯ããŒã«ã«ã€ã³ã¿ãã§ãŒã¹ãåé€ããããã«äœ¿çšããŸãã
⢠"no ip route"ã³ãã³ãã¯éçã«ãŒããåé€ããããã«äœ¿çšããŸãã
äŸ
Console#clear ip route 10.1.5.0Console#
475 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
show ip route
IPã«ãŒãã£ã³ã°ããŒãã«æ å ±ã衚瀺ããŸãã
ææ³
show ip route [config | address [netmask]]
⢠config â å šãŠã®éçã«ãŒãã£ã³ã°ãšã³ããªã衚瀺ããŸãã
⢠address â éä¿¡å ãããã¯ãŒã¯ã® IPã¢ãã¬ã¹ããµããããã¯ãŒã¯ããã¹ã
⢠netmask â IPãµããããã«é¢é£ãããããã¯ãŒã¯ãã¹ã¯ããã®ãã¹ã¯ã¯ãç¹å®ã®ãµããããã«ã«ãŒãã£ã³ã°ããããã«äœ¿çšããããã¹ãã¢ãã¬ã¹ã®ããããèå¥ããŸãã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show ip route
Ip Address Netmask Next Hop Protocol Metric Interface--------------- -------------- ------------- ---------- ------ --------- 0.0.0.0 0.0.0.0 10.2.48.102 static 0 1 10.2.48.2 255.255.252.0 10.2.48.16 local 0 1 10.2.5.6 255.255.255.0 10.2.8.12 RIP 1 2 10.3.9.1 255.255.255.0 10.2.9.254 OSPF-intra 2 3
Total entry: 4Console#
é ç® è§£èª¬IP Address éä¿¡å ãããã¯ãŒã¯ããµããããã¯ãŒã¯ãŸãã¯ãã¹ãã®
IPã¢ãã¬ã¹ãIPã¢ãã¬ã¹ 0.0.0.0ã¯æ¬æ©ã®ããã©ã«ãã²ãŒããŠã§ã€ã瀺ãããšã«æ³šæããŠãã ããã
Netmask IPãµããããã«é¢é£ä»ããããŠããããããã¹ã¯ããã®ãã¹ã¯ã¯ãç¹å®ã®ãµããããã«ã«ãŒãã£ã³ã°ãããéã«äœ¿çšããããã¹ãã¢ãã¬ã¹ã®ããããèå¥ããŸã
Next Hop çµè·¯ã®ãã¯ã¹ããããïŒã²ãŒããŠã§ã€ïŒã® IPã¢ãã¬ã¹
Protocol çµè·¯æ å ±ãçæããæ¹æ³ /ãããã³ã«åãïŒè¡šç€ºé ç®ïŒlocalãstaticãRIPïŒ
Metric ã€ã³ã¿ãã§ãŒã¹ã®ã³ã¹ã
Interface VLANã€ã³ã¿ãã§ãŒã¹
476FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
show ip host-route
æ¢ç¥ã«ãŒã¿ã«é¢é£ä»ããããã€ã³ã¿ãã§ãŒã¹ã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show ip host-routeTotal count: 0 IP address Mac address VLAN Port -------------------- -------------------- ------ ------ 192.168. 1.250 00-00-30-01-01-01 3 1/ 1 10. 2. 48. 2 00-00-30-01-01-02 1 1/ 1 10. 2. 5. 6 00-00-30-01-01-03 1 1/ 2 10. 3. 9. 1 00-00-30-01-01-04 2 1/ 3
Console#
é ç® è§£èª¬IP Address éä¿¡å ãããã¯ãŒã¯ããµããããã¯ãŒã¯ãŸãã¯ãã¹ãã®
IPã¢ãã¬ã¹ã
MACã¢ãã¬ã¹ IPã¢ãã¬ã¹ã«å¯Ÿå¿ãããã£ãžã«ã«ã¬ã€ã€ã¢ãã¬ã¹
VLAN ãã® IPã¢ãã¬ã¹ã«ã€ãªãã VLAN
Port ãã® IPã¢ãã¬ã¹ã«ã€ãªããããŒã
477 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
show ip traffic
UIPãICMPãUDPãTCPããã³ ARPãããã³ã«ã®è§£ææ å ±ã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show ip trafficIP statistics: Rcvd: 5 total, 5 local destination 0 checksum errors 0 unknown protocol, 0 not a gateway Frags: 0 reassembled, 0 timeouts 0 fragmented, 0 couldn't fragment Sent: 9 generated 0 no routeICMP statistics: Rcvd: 0 checksum errors, 0 redirects, 0 unreachable, 0 echo 5 echo reply, 0 mask requests, 0 mask replies, 0 quench 0 parameter, 0 timestamp Sent: 0 redirects, 0 unreachable, 0 echo, 0 echo reply 0 mask requests, 0 mask replies, 0 quench, 0 timestamp 0 time exceeded, 0 parameter problemUDP statistics: Rcvd: 0 total, 0 checksum errors, 0 no port Sent: 0 totalTCP statistics: Rcvd: 0 total, 0 checksum errors Sent: 0 totalARP statistics: Rcvd: 0 requests, 1 replies Sent: 1 requests, 0 repliesConsole#
478FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
3.23.2 RIP
router rip
å šãŠã® IPã€ã³ã¿ãã§ãŒã¹ã§ RIPã«ãŒãã£ã³ã°ãæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§ãç¡å¹ã«ããŸãã
ææ³
router rip
no router rip
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
⢠RIPã¯ã«ãŒã¿ãçµè·¯æ å ±ã亀æããæ¹æ³ãå®çŸ©ããã®ã«äœ¿çšãããŸãã
⢠æ¬ã³ãã³ãã¯ã«ãŒã¿èšå®ã¢ãŒããžã®ç§»è¡ã«ã䜿çšããŸãã
äŸ
é¢é£ããã³ãã³ã
network (P481)
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãžrouter rip RIPã«ãŒãã£ã³ã°ãããã³ã«ã®æå¹å GC P479
timers basic åºæ¬ã¿ã€ããŒãèšå® RC P480
network RIPã«ãŒãã£ã³ã°ã«äœ¿çšããããããã¯ãŒã¯ã€ã³ã¿ãã§ãŒã¹ãæå®
RC P481
neighbor æ å ±ã亀æãããé£æ¥ã«ãŒã¿ãå®çŸ© RC P482
version RIPããŒãžã§ã³ãèšå® RC P482
ip rip receive version
RIPã¬ã·ãŒãããŒãžã§ã³ããããã¯ãŒã¯ã€ã³ã¿ãã§ãŒã¹ã«èšå®
IC P484
ip rip send version RIPã»ã³ãããŒãžã§ã³ãèšå® IC P485
ip split-horizon Split HorizonãŸã㯠Poison Reverseã®æå¹å IC P486
ip rip authenticationkey
RIPv2ãã±ããèªèšŒã®æå¹åããã³ããã¹ã¯ãŒããèšå® IC P486
ip rip authenticationmode
RIPv2ãã±ããèªèšŒã®ã¿ã€ããæå® IC P487
show rip globals ã°ããŒãã«èšå®ããã³ RIPçµ±èšæ å ±ã®è¡šç€º PE P488
show ip rip åãããã¯ãŒã¯ã€ã³ã¿ãã§ãŒã¹ããšã®ãRIPèšå®æ å ±ã®è¡šç€º PE P489
Console(config)#router ripConsole(config-router)#
479 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
timers basic
RIPã¢ããããŒãã¿ã€ããŒãã¿ã€ã ã¢ãŠãã¿ã€ããŒããã³ Garbageã³ã¬ã¯ã·ã§ã³ã¿ã€ããŒã®èšå®ãè¡ããŸãã"no"ãåã«çœ®ãããšã§ãåæèšå®å€ã«ãã©ããŸãã
ææ³
timers basic update-seconds
no timers basic
⢠update-seconds â ã¢ããããŒãæ å ±ã®éä¿¡ééãèšå®ããŸãããã®å€ã 6åããå€ãã¿ã€ã ã¢ãŠãæéãšããŠã4åããå€ãã¬ããŒãžã³ã¬ã¯ã·ã§ã³æéãšããŠèšå®ãããŸããïŒç¯å²ïŒ15-60ç§ïŒ
åæèšå®
Update: 30ç§
Timeout: 180ç§
Garbage collection: 120ç§
ã³ãã³ãã¢ãŒã
Router Configuration
ã³ãã³ã解説
⢠ã¢ããããŒãã¿ã€ããŒã¯ãã¹ãŠã®åºæ¬ç㪠RIPããã»ã¹ãå¶åŸ¡ããã®ã«äœ¿çšããããéèŠãªã¿ã€ããŒã§ãã
⢠ã¢ããããŒãã¿ã€ããŒã®ééãçããããããšãã«ãŒã¿ãã¢ããããŒãã®åŠçã«èšå€§ãªæéãè²»ããããšã«ãªããŸããäžæ¹ãé·ããããããšãããã¯ãŒã¯æ§æã®å€æŽãæ€åºãã«ããã«ãŒãã£ã³ã°ãããã³ã«ã«ãªã£ãŠããŸããŸãã
⢠ã¢ããããŒãã¿ã€ããŒã¯ãåäžãããã¯ãŒã¯ã®ãã¹ãŠã®ã«ãŒã¿ã«åãå€ãèšå®ããªããŠã¯ãªããŸããã
äŸ
Console(config-router)#timers basic 15Console(config-router)#
480FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
network
RIPã«ãŒãã£ã³ã°ããã»ã¹ã«å«ãŸããããããã¯ãŒã¯ã€ã³ã¿ãã§ãŒã¹ãæå®ããŸãã"no"ãåã«çœ®ãããšã§ãšã³ããªãåé€ããŸãã
ææ³
network subnet-address
no network subnet-address
⢠subnet-address â ãµããããã® IPã¢ãã¬ã¹
åæèšå®
ãããã¯ãŒã¯ã¯æå®ãããŠããŸããã
ã³ãã³ãã¢ãŒã
Router Configuration
ã³ãã³ã解説
⢠ãã®ã³ãã³ãã§èšå®ããã€ã³ã¿ãã§ãŒã¹ã«ã®ã¿ RIPã®ã¢ããããŒãæ å ±ãéä¿¡ãããŸã
⢠ãµããããã¢ãã¬ã¹ã¯ãèšå®ããã¢ãã¬ã¹ã®æåã®ãã£ãŒã«ãã«åºä»ããã¯ã©ã¹ AãBãCã®ããããã«è§£éãããŸããã€ãŸãããµããããã¢ãã¬ã¹ nnn.xxx.xxx.xxxãå ¥åããå Žåãæåã®ãã£ãŒã«ãïŒnnnïŒãã¯ã©ã¹ã決å®ããŸãã
ïŒ 0ïœ 127ã®å Žåã¯ã©ã¹ Aãšãªãããããã¯ãŒã¯ã¢ãã¬ã¹ã®æåã®ãã£ãŒã«ãã®ã¿äœ¿çšãããŸãã
ïŒ 128ïœ 191ã®å Žåã¯ã¯ã©ã¹ Bãšãªãããããã¯ãŒã¯ã¢ãã¬ã¹ã®æåãã 2ã€ã®ãã£ãŒã«ãã®ã¿äœ¿çšãããŸãã
ïŒ 192ïœ 223ã®å Žåã¯ã¯ã©ã¹ Cãšãªãããããã¯ãŒã¯ã¢ãã¬ã¹ã®æåãã 3ã€ã®ãã£ãŒã«ãã®ã¿äœ¿çšãããŸãã
äŸ
æ¬äŸã§ã¯ 10.1.0.0ã®ãããã¯ãŒã¯ã€ã³ã¿ãã§ãŒã¹ã RIPã®ã«ãŒãã£ã³ã°ããã»ã¹ã«çµã¿èŸŒã¿ãŸãã
é¢é£ããã³ãã³ã
router rip ïŒP479ïŒ
Console(config-router)#network 10.1.0.0Console(config-rou
481 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
neighbor
é£æ¥ã«ãŒã¿ãå®çŸ©ããŸããã"no"ãåã«çœ®ãããšã§ãšã³ããªãåé€ããŸãã
ææ³
neighbor ip-address
no neighbor ip-address
⢠ip-address â MACã¢ãã¬ã¹ã«ãããããã IPã¢ãã¬ã¹
åæèšå®
é£æ¥ã«ãŒã¿ã¯å®çŸ©ãããŠããŸããã
ã³ãã³ãã¢ãŒã
Router Configuration
äŸ
version
ã«ãŒã¿ã§ã°ããŒãã«ã«äœ¿çšããã RIPããŒãžã§ã³ãæå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®å€ã«ãã©ããŸãã
ææ³
version {1 | 2}
no version
⢠1 â RIPããŒãžã§ã³ 1
⢠2 â RIPããŒãžã§ã³ 2
åæèšå®
RIPããŒãžã§ã³ 1
ã³ãã³ãã¢ãŒã
Router Configuration
äŸ
é¢é£ããã³ãã³ã
ip rip receive version ïŒP484ïŒ
ip rip send version ïŒP485ïŒ
Console(config-router)#neighbor 10.2.0.254Console(config-router)#
Console(config-router)#version 2Console(config-router)#
482FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
redistribute
çµè·¯æ å ±ã®ååé ãèšå®ããŸãã"no"ãåã«çœ®ãããšã§ãã®æ©èœãç¡å¹ã«ããŸãã
ææ³
redistribute (static} [metric <metric-value>]
no redistribute (static} [metric <metric-value>]
⢠static â éçã«ãŒã
⢠metric-value â ã¡ããªãã¯å€ïŒç¯å²ïŒ1-15ïŒ
åæèšå®
ååé ïŒç¡å¹
ã¡ããªãã¯å€ïŒ"default-metric"ã³ãã³ãã§èšå®ãããå€
ã³ãã³ãã¢ãŒã
Router Configuration
ã³ãã³ã解説
⢠çµè·¯ã®ã¡ããªãã¯ã¯ãäºææ§ã®ãªãã¡ããªãã¯ãå«ãå€éšã®çµè·¯æ å ±ãååé ãããšããåé¡ã解決ããããã«äœ¿çšãããªããŠã¯ãªããŸããã
⢠ä»ã®ãããã³ã«ãã RIPãžçµè·¯æ å ±ãååé ããå Žåãå°ããªã¡ããªãã¯ã䜿çšããããšãæšå¥šããŸãã倧ããªã¡ããªãã¯ãèšå®ãããšãRIPãžã®å€éšçµè·¯æ å ±ã®ååé ã®å®çšæ§ãå¶éãããŠããŸããŸããäŸãã°ãçµè·¯æ å ±ã®ååé ã«ã¡ããªã㯠10ãèšå®ããå Žåããããã®çµè·¯æ å ±ã¯ 5ãããå ã®ã«ãŒã¿ãŸã§ïŒããã§ã¡ããªãã¯ãæ倧ã®ãããæ° 15ãè¶ éããããïŒããåºåãããŸãããå°ããªã¡ããªã㯠1ãèšå®ããããšã«ãããRIPã®ãã¡ã€ã³å ã§èš±å¯ãããæ倧ã®ãããæ°ã§èªã¿èŸŒãŸããçµè·¯ã§éä¿¡ããããšãã§ããŸããããããå°ããã¡ããªãã¯ãæ¡çšããå Žåãçµè·¯ã§ã«ãŒããçºçããå¯èœæ§ãé«ããªããŸããããšãã°ãè€æ°ã®ååé ç®æããããã«ãŒã¿ãåãå€éšãããã¯ãŒã¯ã«ã€ããŠãå ã®ãœãŒã¹ããã§ã¯ãªãååé ãã€ã³ããããããè¯ãã¡ããªãã¯ãåŠç¿ãããããªã±ãŒã¹ãçºçããŸãã
äŸ
æ¬äŸã§ã¯éçãªçµè·¯æ å ±ãååé ãããããã®çµè·¯ã®ã¡ããªãã¯å€ããã¹ãŠ 3ã«èšå®ããŠããŸãã
Console(config-router)#redistribute static metric 3Console(config-router)#
483 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
ip rip receive version
RIPã«ãŒãã£ã³ã°ããã»ã¹ã«çµã¿èŸŒãåã€ã³ã¿ãã§ãŒã¹ã«å¯Ÿããåä¿¡ã«äœ¿çšãããããã³ã«ã¡ãã»ãŒãžã®çš®é¡ïŒRIPã®ããŒãžã§ã³ïŒãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®å€ã«ãã©ããŸãã
ææ³
ip rip receive version {none | 1 | 2 | 1 2}
no ip rip receive version
⢠none â RIPãã±ããã¯èš±å¯ããŸãã
⢠1 â RIPïœ1ãã±ããã®ã¿èš±å¯
⢠2 â RIPïœ2ãã±ããã®ã¿èš±å¯
⢠1 2 â RIPïœ1ãŸã㯠RIPïœ2ãã±ãããèš±å¯
â¢
åæèšå®
Global RIPv1 - RIPv1 or RIPv2 packets
Global RIPv2 - RIPv2 packets
ã³ãã³ãã¢ãŒã
Router Configuration
ã³ãã³ã解説
⢠Receive Versionã¯æ¬¡ã®éžæè¢ããèšå®ã§ããŸãã
ïŒ ããŒã«ã«ãããã¯ãŒã¯ã§ãã¹ãŠã®ã«ãŒã¿ãRIPv1ãŸãã¯RIPv2ã®ã©ã¡ããäžæ¹ã ãã䜿çšããŠããå Žåã¯ããããã "RIPv1"ãŸã㯠"RIPv2"ãèšå®ããŸãã
ïŒ ããŒã«ã«ãããã¯ãŒã¯ã§ã«ãŒã¿ãRIPv1ãšRIPv2ã®äž¡æ¹ã䜿çšããŠããå Žåã¯ã"RIPv1 or RIPv2"ãèšå®ããŸãã
ïŒ ç¹å®ã®ã€ã³ã¿ãã§ãŒã¹ã®ã«ãŒãã£ã³ã°ããŒãã«ã«åçã«ä¿åãããããªãå Žåã¯ã"Do Not Receive"ãèšå®ããŸããïŒéçã«ã®ã¿ã«ãŒãã£ã³ã°ããããã€ã³ã¿ãã§ãŒã¹ã®å Žåãªã©ïŒ
äŸ
é¢é£ããã³ãã³ã
version ïŒP482ïŒ
Console(config)#interface vlan 1Console(config-if)#ip rip receive version 1Console(config-if)#
484FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
ip rip send version
RIPã«ãŒãã£ã³ã°ããã»ã¹ã«çµã¿èŸŒãåã€ã³ã¿ãã§ãŒã¹ã«å¯Ÿããéä¿¡ã«äœ¿çšãããããã³ã«ã¡ãã»ãŒãžã®çš®é¡ïŒRIPã®ããŒãžã§ã³ïŒãèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®å€ã«ãã©ããŸãã
ææ³
ip rip send version {none | 1 | 2 | v2-broadcast}
no ip rip send version
⢠none â RIPãã±ããã¯èš±å¯ããŸããã
⢠1 â RIPïœ1ãã±ããã®ã¿èš±å¯ã
⢠2 â RIPïœ2ãã±ããã®ã¿èš±å¯ã
⢠v2-broadcast â ã«ãŒãæ å ±ã¯ãä»ã® RIPv2ã«ãŒã¿ã«ãããŒããã£ã¹ããããŸãã
åæèšå®
Global RIPv1 - ã«ãŒãæ å ±ã¯ãä»ã® RIPv2ã«ãŒã¿ã«ãããŒããã£ã¹ã
Global RIPv2 - RIPv2 packets
ã³ãã³ãã¢ãŒã
Router Configuration
ã³ãã³ã解説
⢠Send Versionã¯æ¬¡ã® 3ã€ã®éžæè¢ããèšå®ã§ããŸã
ïŒ ããŒã«ã«ãããã¯ãŒã¯ã®ãã¹ãŠã®ã«ãŒã¿ãRIPv1ãŸãã¯RIPv2ã®ã©ã¡ããäžæ¹ã ãã䜿çšããŠããå Žåã¯ããããã "RIPv1"ãŸã㯠"RIPv2"ãèšå®ããŸãã
ïŒ ãããã¯ãŒã¯ã®ä»ã®ã«ãŒã¿ã«çµè·¯æ å ±ããããŒããã£ã¹ãããéãRIPv2ã§éåžžèŠæ±ããããã«ããã£ã¹ãã§ã¯ãªããRIPv2ã®åºåãªã¹ãã䜿çšããå Žåã¯"RIPv1 Compatible"ãèšå®ããŸããïŒãã®ã¢ãŒãã䜿çšãããšãRIPv1ã®ã«ãŒã¿ã¯ãããã³ã«ã¡ãã»ãŒãžãåä¿¡ã§ããRIPv2ã®ã«ãŒã¿ã¯ RIPv2ã§æäŸãããè¿œå æ å ±ïŒãµãããããã¹ã¯ããã¯ã¹ãããããããã³èªèšŒæ å ±ïŒãåä¿¡ã§ããŸãã
ïŒ ãããã¯ãŒã¯ã«æ¥ç¶ããŠããä»ã®ã«ãŒã¿ããåºåãããçµè·¯æ å ±ãååçã«ã¢ãã¿ãªã³ã°ããã ãã®å Žåã¯ã"Do Not Send"ãèšå®ããŸãã
äŸ
é¢é£ããã³ãã³ã
version ïŒP482ïŒ
Console(config)#interface vlan 1Console(config-if)#ip rip send version 1Console(config-if)#
485 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
ip split-horizon
ã¹ããªãããã©ã€ãºã³ïŒçµè·¯æ å ±ãéä¿¡ããŠããã€ã³ã¿ãã§ãŒã¹ããŒãã«ã¯çµè·¯æ å ±ãåºåããªãïŒãæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§ç¡å¹ã«ããŸãã
ææ³
ip split-horizon [poison-reverse]
no ip split-horizon
⢠poison-reverse â ãã®çµè·¯æ å ±ãéä¿¡ããŠããã€ã³ã¿ãã§ãŒã¹ããŒãã«çµè·¯æ å ±ãåºåããããè·é¢ãã¯ãã«åã®ã¡ããªãã¯ã¯ç¡é倧ã«èšå®ããŸããïŒããã«ããåææéãççž®ã§ããŸãïŒ
åæèšå®
split-horizon
ã³ãã³ãã¢ãŒã
Interface Configuration(VLAN)
äŸ
ip rip authentication key
ã€ã³ã¿ãã§ãŒã¹ã« RIPv2ãã±ããèªèšŒãæå¹åããã³èªèšŒããŒãæå®ããŸãã"no"ãåã«çœ®ãããšã§èªèšŒãç¡å¹ã«ããŸãã
ææ³
ip rip authentication key key-string
no ip rip authentication
⢠key-string â èªèšŒã«äœ¿çšããããã¹ã¯ãŒãïŒç¯å²ïŒ1-16æåïŒ
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Interface ConfigurationïŒVLANïŒ
äŸ
é¢é£ããã³ãã³ã
ip rip authentication mode (P487)
Console(config)#interface vlan 1Console(config-if)#ip split-horizon poison-reverseConsole(config-if)#
Console(config)#interface vlan 1Console(config-if)#ip rip authentication key smallConsole(config-if)#
486FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
ip rip authentication mode
ã€ã³ã¿ãã§ãŒã¹ã«èªèšŒã¿ã€ããèšå®ããŸãã"no"ãåã«çœ®ãããšã§åæèšå®å€ã«æ»ããŸãã
[泚æ ]ãçŸåšã®ãã¡ãŒã ãŠã§ã¢ããŒãžã§ã³ã§ã¯ãã·ã³ãã«ãã¹ã¯ãŒãã®ã¿ãµããŒãããŠããŸãã
ææ³
ip rip authentication mode {text}
no ip rip authentication mode
⢠text â ã·ã³ãã«ãã¹ã¯ãŒããæå®
åæèšå®
èªèšŒç¡ã
ã³ãã³ãã¢ãŒã
Interface ConfigurationïŒVLANïŒ
ã³ãã³ã解説
⢠æ¬ã³ãã³ãã¯ãåçåŠç¿ã«ãŒãã®ã¿åé€ãè¡ããŸãã
⢠"no ip address"ã³ãã³ãã¯ããŒã«ã«ã€ã³ã¿ãã§ãŒã¹ãåé€ããããã«äœ¿çšããŸãã
⢠"no ip route"ã³ãã³ãã¯éçã«ãŒããåé€ããããã«äœ¿çšããŸãã
äŸ
é¢é£ããã³ãã³ã
ip rip authentication key (P486)
Console(config)#interface vlan 1Console(config-if)#ip rip authentication mode textConsole(config-if)#
487 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
show rip globals
RIPã®ã°ããŒãã«èšå®æ å ±ã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show rip globals
RIP Process: EnabledUpdate Time in Seconds: 30Number of Route Change: 0Number of Queries: 1Console#
é ç® è§£èª¬RIP Process RIPã®æå¹ /ç¡å¹ã®è¡šç€º
Update Time in Seconds RIPãçµè·¯æ å ±ãåºåããééïŒåæèšå®ïŒ30ç§ïŒ
Number of RouteChanges
çµè·¯æ å ±ãå€æŽãããåæ°
Number of Queries æ¬æ©ãã«ãŒãã£ã³ã°ããŒã¿ããŒã¹ã®ç §äŒãåããåæ°
488FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
show ip rip
RIPã€ã³ã¿ãã§ãŒã¹èšå®æ å ±ã衚瀺ããŸãã
ææ³
show ip rip {configuration | status | peer}
⢠configuration â ã·ã€ã³ã¿ãã§ãŒã¹ããšã® RIPèšå®
⢠status â åã€ã³ã¿ãã§ãŒã¹ã®ã«ãŒãã£ã³ã°ã¡ãã»ãŒãžã®ã¹ããŒã¿ã¹ã衚瀺
⢠peer â é£æ¥ã«ãŒã¿ã®æ å ±ã衚瀺
åæèšå®
èªèšŒç¡ã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸ
Console#show ip rip configuration
Interface SendMode ReceiveMode PoisonAuthentication--------------- --------------- ------------- -------------------------------- 10.1.0.253 rip1Compatible RIPv1Orv2 SplitHorizonnoAuthentication 10.1.1.253 rip1Compatible RIPv1Orv2 SplitHorizonnoAuthenticationConsole#show ip rip status
Interface RcvBadPackets RcvBadRoutes SendUpdates--------------- --------------- -------------- --------------- 10.1.0.253 0 0 13 10.1.1.253 0 0 13Console#show ip rip peer
Peer UpdateTime Version RcvBadPackets RcvBadRoutes--------------- ------------ --------- --------------- ------------- 10.1.0.254 1625 2 0 0 10.1.1.254 1625 2 0 0Console#
489 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
é ç® è§£èª¬
show ip rip configuration
Interface ã€ã³ã¿ãã§ãŒã¹ã® IPã¢ãã¬ã¹
SendMode ãã®ã€ã³ã¿ãã§ãŒã¹ãéä¿¡ãã RIPã®ããŒãžã§ã³ïŒnoneãRIPv1ãRIPv2ã rip1CompatibleïŒ
ReceiveMode ãã®ã€ã³ã¿ãã§ãŒã¹ãåä¿¡ãã RIPã®ããŒãžã§ã³ïŒnoneãRIPv1ãRIPv2ãRIPv1Orv2ïŒ
Poison ã¹ããªãããã©ã€ãºã³ããã€ãºã³ãªããŒã¹ãŸãã¯å®å®æ§ã®ç¢ºä¿æ段ã¯ããããéžæããŠããªããã«ã€ããŠã®è¡šç€º
Authentication åçŽãªãã¹ã¯ãŒãã«ããèªèšŒããèªèšŒèšå®ããŠããªããã«ã€ããŠã®è¡šç€º
show ip rip status
Interface ã€ã³ã¿ãã§ãŒã¹ã® IPã¢ãã¬ã¹
RcvBadPackets åä¿¡ãããRIPãšã©ãŒãã±ããæ°
RcvBadRoutes åä¿¡ãããé害ã®ããçµè·¯ã®æ°
SendUpdates çµè·¯ã®å€æŽãçºçããæ°
show ip rip peer
Peer RIPã®é£æ¥ã«ãŒã¿ã® IPã¢ãã¬ã¹
UpdateTime ãã¢ã®é£æ¥ã«ãŒã¿ããçŽåã«çµè·¯æ å ±ãåä¿¡ããæé
Version ãã¢ã®é£æ¥ã«ãŒã¿ãã RIPv1ãŸã㯠RIPv2ã©ã¡ãã®ãã±ãããåä¿¡ããã
RcvBadPackets ãã¢ã®é£æ¥ã«ãŒã¿ããåä¿¡ãããRIPãšã©ãŒãã±ããæ°
RcvBadRoutes ãã¢ã®é£æ¥ã«ãŒã¿ããåä¿¡ãããé害ã®ããçµè·¯ã®æ°
490FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
3.23.3 OSPF
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
General Configuration
router ospf OSPF ãæå¹ãŸãã¯ç¡å¹ã«ããŸãã GC P493
router-id ãã®ããã€ã¹ã®ã«ãŒã¿ ID ãèšå®ããŸãã RC P494
compatible rfc1583 RFC 1583 (OSPFv1) ã䜿çšããŠããµããªãŒ ã«ãŒãã®ã³ã¹ããèšç®ããŸãã
RC P495
default-informationoriginate
èªåŸã·ã¹ãã ïŒAutonomous System; ASïŒ ãžã®ããã©ã«ãã®å€éšã«ãŒããçæããŸãã
RC P496
timers spf é£ç¶ãã SPF èšç®éã®ããŒã«ã ã¿ã€ã ãæ§æããŸãã RC P497
Route Metric and Summaries
area range ABR ã«ãã£ãŠã¢ããã¿ã€ãºãããã«ãŒããèŠçŽããŸãã RC P498
area default-cost ã¹ã¿ããŸã㯠NSSA ãžéä¿¡ãããããã©ã«ããµããªãŒã«ãŒãã®ã³ã¹ããèšå®ããŸãã
RC P499
summary-address ASBR ã«ãã£ãŠã¢ããã¿ã€ãºãããã«ãŒããèŠçŽããŸãã RC P500
redistribute 1 ã€ã®ã«ãŒãã£ã³ã° ãã¡ã€ã³ããå¥ã®ã«ãŒãã£ã³ã° ãã¡ã€ã³ãžã«ãŒããåé åžããŸãã
RC P501
Area Configuration
network area æå®ããã€ã³ã¿ãã§ãŒã¹ãç¹å®ã®ãšãªã¢ã«å²ãåœãŠãŸãã RC P502
area stub LSA ãéä¿¡ãŸãã¯åä¿¡ã§ããªãã¹ã¿ã ãšãªã¢ãå®çŸ©ããŸãã RC P503
area nssa å€éšã«ãŒããã€ã³ããŒãã§ãããæºã¹ã¿ã ãšãªã¢ãå®çŸ©ããŸãã
RC P504
area virtual-link ãšãªã¢å¢çã«ãŒã¿ããããã¯ããŒã³ãžã®ä»®æ³ãªã³ã¯ãå®çŸ©ããŸãã
RC P506
Interface Configuration
ip ospf authentication ã€ã³ã¿ãã§ãŒã¹ã®èªèšŒã¿ã€ããæå®ããŸãã IC P508
ip ospfauthentication-key
é£æ¥ã«ãŒã¿ã«ãã£ãŠäœ¿çšãããã·ã³ãã« ãã¹ã¯ãŒããå²ãåœãŠãŸãã
IC P509
ip ospfmessage-digest-key
MD5 èªèšŒãæå¹ã«ããã€ã³ã¿ãã§ãŒã¹çšã®ããŒãèšå®ããŸãã
IC P510
ip ospf cost ã€ã³ã¿ãã§ãŒã¹äžã§ã®ãã±ããéä¿¡ã³ã¹ããæå®ããŸãã IC P511
ip ospf dead-interval Hello ãã±ãããåä¿¡ãããªããŸãŸæéãçµéãããšãé£æ¥ã«ãŒã¿ã«ãã£ãŠã«ãŒã¿ã®ããŠã³ã宣èšããããŸã§ã®ééãèšå®ããŸãã
IC P512
ip ospf hello-interval Hello ãã±ããã®éä¿¡ééãæå®ããŸãã IC P513
ip ospf priority æå®ã«ãŒã¿ã®æ±ºå®ã«äœ¿çšãããã«ãŒã¿ ãã©ã€ãªãªãã£ãèšå®ããŸãã
IC P513
ip ospfretransmit-interval
ãªã³ã¯ã¹ããŒã ã¢ããã¿ã€ãºã¡ã³ãïŒLSAïŒ ãåéä¿¡ããééãæå®ããŸãã
IC P514
ip ospftransmit-delay
ã€ã³ã¿ãã§ãŒã¹ã§ãªã³ã¯ã¹ããŒã ã¢ããããŒã ãã±ãããéä¿¡ãããŸã§ã®æéãäºæž¬ããŸãã
IC P515
Display Information
show ip ospf ã«ãŒãã£ã³ã° ããã»ã¹ã«é¢ããäžè¬æ å ±ã衚瀺ããŸãã PE P516
show ip ospfborder-routers
ãšãªã¢å¢çã«ãŒã¿ïŒArea Border Router; ABRïŒ ããã³èªåŸã·ã¹ãã å¢çã«ãŒã¿ïŒAutonomous SystemBoundaryRouter; ASBRïŒ ã®ã«ãŒãã£ã³ã° ããŒãã« ãšã³ããªã衚瀺ããŸãã
PE P517
491 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
show ip ospf database
ããŒã¿ããŒã¹å ã®åçš® LSA ã«é¢ããæ å ±ã衚瀺ããŸãã PE P518
show ip ospf interface
ã€ã³ã¿ãã§ãŒã¹æ å ±ã衚瀺ããŸãã PE P525
show ip ospf neighbor
é£æ¥ã«ãŒã¿æ å ±ã衚瀺ããŸãã PE P526
show ip ospfsummary-address
ãã¹ãŠã®ãµããªãŒ ã¢ãã¬ã¹ã®åé åžæ å ±ã衚瀺ããŸãã PE P527
show ip ospfvirtual-links
ä»®æ³ãªã³ã¯ã®ãã©ã¡ãŒã¿ãšé£æ¥ç¶æ ã衚瀺ããŸãã PE P527
492FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
router ospf
ã¹ã€ããäžã®ãã¹ãŠã® IP ã€ã³ã¿ãã§ãŒã¹ã§ Open Shortest Path First(OSPF) ãæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§ãç¡å¹ã«ãªããŸãã
ææ³
[no] router ospf
ã³ãã³ã ã¢ãŒã
Global Configuration
åæèšå®
ç¡å¹
ã³ãã³ã解説
⢠OSPF ã¯ãã«ãŒã¿ãã«ãŒãã£ã³ã° ããŒãã«æ å ±ã亀æããæ¹æ³ãæå®ããã®ã«äœ¿çšãããŸãã
⢠ãŸãããã®ã³ãã³ãã¯ãã«ãŒã¿ ã³ã³ãã£ã®ã¥ã¬ãŒã·ã§ã³ ã¢ãŒãã«å ¥ãã®ã«ã䜿çšãããŸãã
äŸ
é¢é£ããã³ãã³ã
network area ïŒP502ïŒ
Console(config)#router ospfConsole(config-router)#
493 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
router-id
èªåŸã·ã¹ãã å ã®ãã®ããã€ã¹ã«å¯ŸããŠäžæã®ã«ãŒã¿ ID ãå²ãåœãŠãŸãã"no"ãåã«çœ®ãããšã§ãããã©ã«ãã®ã«ãŒã¿èå¥æ¹åŒïŒæãå°ããã€ã³ã¿ãã§ãŒã¹ ã¢ãã¬ã¹ïŒ ã䜿çšãããŸãã
ææ³
router-id ip-address
no router-id
⢠ip-addressâ IP ã¢ãã¬ã¹ãšåã圢åŒã§ã«ãŒã¿ ID ãæå®ããŸãã
ã³ãã³ãã¢ãŒã
Router Configuration
åæèšå®
æãå°ããã€ã³ã¿ãã§ãŒã¹ ã¢ãã¬ã¹
ã³ãã³ã解説
⢠ã«ãŒã¿ ID ã¯ãèªåŸã·ã¹ãã å ã®ãã¹ãŠã®ã«ãŒã¿ã«å¯ŸããŠäžæã§ããå¿ èŠããããŸããæãå°ããã€ã³ã¿ãã§ãŒã¹ ã¢ãã¬ã¹ã«åºã¥ãããã©ã«ãèšå®ã䜿çšããããšã§ãåã«ãŒã¿ ID ãäžæã§ããããšãä¿èšŒã§ããŸãããŸããã«ãŒã¿ ID 㯠0.0.0.0 ãŸãã¯255.255.255.255 ã«ã¯èšå®ã§ããªãããšã«æ³šæããŠãã ããã
⢠ãã®ã«ãŒã¿ãããã§ã«é£æ¥ã«ãŒã¿ãç»é²ããŠããå Žåãã«ãŒã¿ã®ãªããŒãæãŸã㯠norouter ospf ã®åŸã« router ospf ã³ãã³ããå ¥åããŠæåã§åèµ·åããæãæ°èŠã®ã«ãŒã¿ ID ã䜿çšãããŸãã
⢠ãããšãªã¢ã«å¯Ÿããæå®ã«ãŒã¿ãŸãã¯ããã¯ã¢ããæå®ã«ãŒã¿ã®åè£ãšãªãã«ãŒã¿ã®ãã©ã€ãªãªãã£å€ãçããå Žåãæã倧ãã ID ãæã€ã«ãŒã¿ãéžåºãããŸãã
äŸ
é¢é£ããã³ãã³ã
router ospf ïŒP493ïŒ
Console(config-router)#router-id 10.1.1.1Console(config-router)#
494FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
compatible rfc1583
RFC 1583 (OSPFv1) ã䜿çšããŠããµããªãŒ ã«ãŒãã®ã³ã¹ããèšç®ããŸãã"no"ãåã«çœ®ãããšã§ãRFC 2328 (OSPFv2) ã䜿çšããŠã³ã¹ããèšç®ããŸãã
ææ³
[no] compatible rfc1583
ã³ãã³ãã¢ãŒã
Router Configuration
åæèšå®
RFC 1583 äºæ
ã³ãã³ã解説
OSPF ã«ãŒãã£ã³ã° ãã¡ã€ã³å ã®ãã¹ãŠã®ã«ãŒã¿ã¯ããµããªãŒ ã«ãŒãã®èšç®ã«åã
RFC ã䜿çšããå¿ èŠããããŸãã
äŸ
Console(config-router)#compatible rfc1583Console(config-router)#
495 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
default-information originate
èªåŸã·ã¹ãã ïŒAutonomous System; ASïŒ ãžã®ããã©ã«ãã®å€éšã«ãŒããçæããŸãã"no"ãåã«çœ®ãããšã§ããã®æ©èœãç¡å¹ã«ãªããŸãã
ææ³
default-information originate [always] [metric interface-metric] [metric-type metric-type]
no default-information originate
⢠always â ã«ãŒã¿ã«ããã©ã«ã ã«ãŒãããããã©ããã«é¢ããããããŒã«ã« AS ã«å¯ŸãããããŠåžžã«ããã©ã«ã ã«ãŒããã¢ããã¿ã€ãºããŸããïŒP474ã®ãip routeããåç §ïŒãããïŒç¯å²ïŒ1-4093ïŒ
⢠interface-metric â ããã©ã«ã ã«ãŒãã«å²ãåœãŠãããã¡ããªãã¯ã§ãããããããããïŒç¯å² : 1 ïœ 65535ãããã©ã«ã : 10ïŒ
⢠metric-type â ããã©ã«ã ã«ãŒãã®ã¢ããã¿ã€ãºã«äœ¿çšãããå€éšãªã³ã¯ã®ã¿ã€ãã§ããããããããïŒãªãã·ã§ã³ : Type 1ãType 2ãããã©ã«ã : Type 2ïŒ
ã³ãã³ãã¢ãŒã
Router Configuration
åæèšå®
ç¡å¹
ã³ãã³ã解説
⢠ããã©ã«ãã®å€éšã«ãŒãã«å¯Ÿããã¡ããªãã¯ã¯ãASBR ããåºãŠ AS å ã®ä»ã®ã«ãŒã¿ãééãããã©ãã£ãã¯ã®ãã¹ ã³ã¹ããèšç®ããã®ã«äœ¿çšãããŸãã
⢠ãã®ã³ãã³ãã䜿çšããŠã«ãŒãã£ã³ã° ãã¡ã€ã³ïŒããªãã¡èªåŸã·ã¹ãã ; ASïŒ ãžã«ãŒããåé åžãããšããã®ã«ãŒã¿ã¯èªåçã«èªåŸã·ã¹ãã å¢çã«ãŒã¿ïŒASBRïŒ ã«ãªããŸãããã ããããã©ã«ãã§ã¯ãASBR ã¯ãã«ãŒãã£ã³ã° ãã¡ã€ã³ãžã®ããã©ã«ãã«ãŒããçæããŸããã
⢠always ããŒã¯ãŒãã䜿çšãããšãã«ãŒã¿ã¯ãããã©ã«ãã®å€éšã«ãŒããå®éã«ã¯ååšããªãå Žåã§ããèªèº«ã AS ãžã®ããã©ã«ãå€éšã«ãŒããšããŠã¢ããã¿ã€ãºããŸãïŒããã©ã«ã ã«ãŒããå®çŸ©ããã«ã¯ãip route ã³ãã³ãã䜿çšããŸãïŒã
⢠always ããŒã¯ãŒãã䜿çšããªããšãã«ãŒã¿ã AS ãžã®ããã©ã«ãå€éšã«ãŒããšããŠã¢ããã¿ã€ãºã§ããã®ã¯ãredistribute ã³ãã³ãã«ãããRIP ãŸãã¯ã¹ã¿ãã£ã㯠ã«ãŒãã£ã³ã°ãä»ããŠå€éšã«ãŒããã€ã³ããŒããããŠããããã®ãããªã«ãŒããæ¢ç¥ã§ããå Žåã®ã¿ã§ãã
⢠ã¿ã€ã 1 ã«ãŒã ã¢ããã¿ã€ãºã¡ã³ãã§ã¯ãå€éšã«ãŒã ã¡ããªãã¯ã«å éšã³ã¹ããè¿œå ããŸããã¿ã€ã 2 ã«ãŒãã¯ãå éšã³ã¹ã ã¡ããªãã¯ãè¿œå ããŸãããã¿ã€ã 2 ã«ãŒ
⢠ããæ¯èŒããæãè€æ°ã®ã¿ã€ã 2 ã«ãŒããåãã³ã¹ããæã£ãŠããå Žåãå éšã³ã¹ãã¯ã¿ã€ãã¬ãŒã«ãŒãšããŠã®ã¿äœ¿çšãããŸãã
äŸ
ãã®äŸã§ã¯ãèªåŸã·ã¹ãã ã«ã¢ããã¿ã€ãºãããããã©ã«ãå€éšã«ãŒãã«ã¡ããªã㯠20 ãå²ãåœãŠããããã¿ã€ã 2 å€éšã¡ããªãã¯ãšããŠéä¿¡ããŸãã
é¢é£ããã³ãã³ãip route ïŒP474ïŒ
redistribute ïŒP501ïŒ
Console(config-router)#default-information originate metric 20metric-type 2Console(config-router)#
496FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
timers spf
é£ç¶ãã 2 ã€ã® SPF ïŒæçãã¹åªå ïŒ èšç®ã®ããŒã«ã ã¿ã€ã ãæ§æããŸãã"no"ãåã«çœ®ãããšã§ãèšå®ãåæå€ã«æ»ããŸãã
ææ³
timers spf spf-holdtime
no timers spf
⢠spf-holdtime â é£ç¶ãã 2 ã€ã® SPF èšç®ã®æå°ééã§ãïŒç¯å² : 0 ïœ 65535 ç§ïŒã
ã³ãã³ãã¢ãŒã
Router Configuration
åæèšå®
10 ç§
ã³ãã³ã解説
⢠SPF ããŒã«ãã¿ã€ã ã 0 ã«èšå®ãããšãé£ç¶ããèšç®éã«é 延ããŸã£ãããªãããšã«ãªããŸãã
⢠å€ãå°ãããããšãã«ãŒã¿ã¯é«éã«æ°èŠãã¹ãã¹ã€ããã³ã°ã§ããŸãããCPU åŠçæéãããé·ãããããŸãã
äŸ
Console(config-router)#timers spf 20Console(config-router)#
497 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
area range
ãšãªã¢å¢çã«ãŒã¿ïŒABRïŒ ã«ãã£ãŠã¢ããã¿ã€ãºãããã«ãŒããèŠçŽããŸãã"no"ãåã«çœ®ãããšã§ããã®æ©èœãç¡å¹ã«ãªããŸãã
æ§æ
[no] area area-id range ip-address netmask [advertise | not-advertise]
area-id â ã«ãŒããèŠçŽãããšãªã¢ãèå¥ããŸã
â¢ïŒãšãªã¢ ID ã¯ãIP ã¢ãã¬ã¹ãšåã圢åŒã§ããå¿ èŠããããŸãïŒ
⢠ip-address â èŠçŽããã«ãŒãã®ããŒã¹ ã¢ãã¬ã¹ã§ã
⢠netmask â ãµããªãŒ ã«ãŒãã®ãããã¯ãŒã¯ ãã¹ã¯ã§ã
⢠advertise â æå®ãããã¢ãã¬ã¹ç¯å²ãã¢ããã¿ã€ãºããŸã
not-advertise â ãµããªãŒã¯éä¿¡ããããã«ãŒãã¯æ®ãã®ãããã¯ãŒã¯ããé ããããŸãŸã§ã
ã³ãã³ãã¢ãŒã
Router Configuration
åæèšå®
ç¡å¹
ã³ãã³ã解説
⢠ãã®ã³ãã³ãã¯ããšãªã¢éã«ãŒããã¢ããã¿ã€ãºããã®ã«äœ¿çšãããŸãã
⢠ã«ãŒããã¢ããã¿ã€ãºãããããèšå®ãããŠããå Žåãã«ãŒã¿ã¯ããã®ã³ãã³ãã§æå®ãããåã¢ãã¬ã¹ç¯å²ã«å¯ŸããŠãã¿ã€ã 3 ãµããªãŒ LSA ãçºè¡ããŸãã
⢠ãã®ã«ãŒã¿ã¯ãåãšãªã¢ç¯å²ã«ã€ãæ倧 64 ã®ãµããªãŒ ã«ãŒãããµããŒãããŸãã
äŸ
ãã®äŸã§ã¯ã10.2.x.x ã®ç¯å²å ã«ãããã¹ãŠã®ãšãªã¢ ã«ãŒãã®ãµããªãŒ ã¢ãã¬ã¹ãäœæããŸãã
Console(config-router)#area 10.2.0.0 range 10.2.0.0 255.255.0.0advertiseConsole(config-router)#
498FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
area default-cost
ãšãªã¢å¢çã«ãŒã¿ïŒABRïŒ ããã¹ã¿ãã ãšãªã¢ãŸãã¯æºã¹ã¿ã ãšãªã¢ïŒnot-so-stubby area ; NSSAïŒ ãžéä¿¡ãããããã©ã«ã ãµããªãŒ ã«ãŒãã®ã³ã¹ããæå®ããŸãã"no"ãåã«çœ®ãããšã§ãå²ãåœãŠãããããã©ã«ã ã³ã¹ããåé€ãããŸãã
æ§æ
area area-id default-cost cost
no area area-id default-cost
⢠area-id â ã¹ã¿ããŸã㯠NSSA ã®èå¥åã§ããIP ã¢ãã¬ã¹ãšåã圢åŒã§ããå¿ èŠããããŸã
⢠cost â ã¹ã¿ããŸã㯠NSSA ãžéä¿¡ãããããã©ã«ã ãµããªãŒ ã«ãŒãã®ã³ã¹ãã§ã ããããïŒç¯å² : 0 ïœ 65535ïŒ
ã³ãã³ãã¢ãŒã
Router Configuration
åæèšå®
1
ã³ãã³ã解説
⢠ããŒãã« ãšãªã¢ã«å¯ŸããŠãã®ã³ãã³ããå ¥åãããšããã®ãšãªã¢ã¯ã¹ã¿ãã«å€ãããŸãã
⢠ããã©ã«ã ã³ã¹ããã0ãã«èšå®ãããŠããå Žåãã«ãŒã¿ã¯ãæ¥ç¶ãããã¹ã¿ããŸã㯠NSSA ã«å¯ŸããŠããã©ã«ã ã«ãŒããã¢ããã¿ã€ãºããŸããã
äŸ
é¢é£ããã³ãã³ã
area stub ïŒP503ïŒ
Console(config-router)#area 10.3.9.0 default-cost 10Console(config-router)#
499 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
summary-address
ä»ã®ãããã³ã«ããåŠç¿ããã«ãŒããéçŽããŸãã"no"ãåã«çœ®ãããšã§ããµããªãŒ ã¢ãã¬ã¹ãåé€ãããŸãã
ææ³
[no] summary-address summary-address netmask
⢠summary-addressâ ã¢ãã¬ã¹ç¯å²ãã«ããŒãããµããªãŒ ã¢ãã¬ã¹ã§ã
⢠netmaskâ ãµããªãŒ ã«ãŒãã®ãããã¯ãŒã¯ ãã¹ã¯ã§ã
ã³ãã³ãã¢ãŒã
Router Configuration
åæèšå®
ç¡å¹
ã³ãã³ã解説
⢠èªåŸã·ã¹ãã å¢çã«ãŒã¿ïŒASBRïŒ ã¯ãæ¥ç¶ããããã¹ãŠã®èªåŸã·ã¹ãã ã«éçŽã«ãŒããã¢ããã¿ã€ãºããããšã«ãããä»ã®ãããã³ã«ããåŠç¿ããã«ãŒããåé åžããããšãã§ããŸãã
⢠ãã®ã«ãŒã¿ã¯ãæ倧 16 ã®ã¿ã€ã 5 ãµããªãŒ ã«ãŒãããµããŒãããŸãã
äŸ
ãã®äŸã§ã¯ã192.168.x.x ã®ç¯å²å ã«å«ãŸãããã¹ãŠã®ã«ãŒãã®ãµããªãŒ ã¢ãã¬ã¹ãäœæããŸãã
é¢é£ããã³ãã³ã
area range ïŒP498ïŒ
Console(config-router)#summary-address 192.168.0.0 255.255.0.0Console(config-router)#
500FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
redistribute
ä»ã®ã«ãŒãã£ã³ã° ãã¡ã€ã³ïŒãããã³ã«ïŒ ããèªåŸã·ã¹ãã ã«å€éšã«ãŒãã£ã³ã°æ å ±ãã€ã³ããŒãããŸãã"no"ãåã«çœ®ãããšã§ããã®æ©èœãç¡å¹ã«ãªããŸãã
ææ³
[no] redistribute [rip | static] [metric metric-value] [metric-type type-value]
⢠rip â ã«ãŒãã£ã³ã°æ å ±ãããã³ã«ïŒRIPïŒ ãããã®èªåŸã·ã¹ãã ïŒASïŒ ãžãå€éšã«ãŒããã€ã³ããŒãããŸãã
⢠static â ãã®èªåŸã·ã¹ãã ãžã¹ã¿ãã£ã㯠ã«ãŒããã€ã³ããŒãããŸã
⢠metric-value âæå®ãããããã³ã«ã®ãã¹ãŠã®å€éšã«ãŒãã«å²ãåœãŠãããã¡ããªã㯠ããããããã§ãïŒç¯å² : 1 ïœ 65535ãããã©ã«ã : 10ïŒ
⢠type-valueâ 1 - ã¿ã€ã 1 å€éšã«ãŒãã2 - ã¿ã€ã 2 å€éšã«ãŒãïŒããã©ã«ãïŒ
ã³ãã³ãã¢ãŒã
Router Configuration
åæèšå®
åé åž - ãªã
ãããã³ã« - RIP ããã³ã¹ã¿ãã£ãã¯
ã¡ããªãã¯å€ - 0
ã¿ã€ã ã¡ããªã㯠- 2
ã³ãã³ã解説
⢠ãã®ã«ãŒã¿ã§ã¯ãRIP ããã³ã¹ã¿ãã£ãã¯äž¡æ¹ã®ã«ãŒãã®åé åžããµããŒãããŠããŸãã
⢠OSPF èªåŸã·ã¹ãã ïŒASïŒ ã«å€éšã«ãŒããåé åžãããšãã«ãŒã¿ã¯èªåçã«èªåŸã·ã¹ãã å¢çã«ãŒã¿ïŒASBRïŒ ã«ãªããŸããredistribute ã³ãã³ãã default-informationoriginate ã³ãã³ããšçµã¿åãããŠäœ¿çšããããšã«ãã AS ãžã®ãããã©ã«ããå€éšã«ãŒããçæããå Žåããã®ã³ãã³ãã§æå®ãããã¡ããªãã¯å€ã¯ãdefault-information originate ã³ãã³ãã§æå®ãããã¡ããªãã¯ãäžæžãããŸãã
⢠ã¡ããªã㯠ã¿ã€ãã¯ãå€éš LSA ãä»ããŠãAS å€éšã®å®å ãžã®ã«ãŒããã¢ããã¿ã€ãºããæ¹æ³ãæå®ããŸããå€éšã«ãŒã ã¡ããªãã¯ã«å éšã³ã¹ã ã¡ããªãã¯ãè¿œå ããã«ã¯ãã¿ã€ã 1 ãæå®ããŸããããªãã¡ãAS å ã®ä»»æã®ã«ãŒã¿ã®ã«ãŒãã®ã³ã¹ãã¯ãã¢ããã¿ã€ãžã³ã° ASBR ãžã®å°éã³ã¹ããšãå€éšã«ãŒãã®ã³ã¹ããå ãããã®ã«çããããšã«ãªããŸããå€éšã«ãŒã ã¡ããªãã¯ã®ã¿ãã¢ããã¿ã€ãºããã«ã¯ãã¿ã€ã 2 ãæå®ããŸãã
äŸ
é¢é£ããã³ãã³ã
default-information originate ïŒP496ïŒ
Console(config-router)#redistribute rip metric-type 1Console(config-router)#
501 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
network area
ãã®ãšãªã¢å ã§åäœãã OSPF ãšãªã¢ãšã€ã³ã¿ãã§ãŒã¹ãå®çŸ©ããŸãã
"no"ãåã«çœ®ãããšã§ãæå®ã€ã³ã¿ãã§ãŒã¹ã® OSPF ãç¡å¹ã«ãªããŸãã
ææ³
[no] network ip-address netmask area area-id
⢠ip-address âãšãªã¢ã«è¿œå ããã€ã³ã¿ãã§ãŒã¹ã®ã¢ãã¬ã¹
⢠netmask â ãšãªã¢ã«è¿œå ããã¢ãã¬ã¹ç¯å²ã®ãããã¯ãŒã¯ ãã¹ã¯
⢠area-idâ æå®ã¢ãã¬ã¹ãŸãã¯ç¯å²ãå²ãåœãŠããããšãªã¢ãOSPF ãšãªã¢ã¯ãå ±éã®ã«ãŒãã£ã³ã°æ å ±ãå ±æããã«ãŒã¿ã®ã°ã«ãŒããèå¥ããŸãïŒãšãªã¢ ID ã¯ãIP ã¢ãã¬ã¹ãšåã圢åŒã§ããå¿ èŠããããŸãïŒ
ã³ãã³ãã¢ãŒã
Router Configuration
åæèšå®
ç¡å¹
ã³ãã³ã解説
⢠ãšãªã¢ ID ã¯ãOSPF ãããŒããã£ã¹ã ãšãªã¢ãäžæã«å®çŸ©ãããã®ã§ãããšãªã¢ ID0.0.0.0 ã¯ãèªåŸã·ã¹ãã ã® OSPF ããã¯ããŒã³ã瀺ããŸããåã«ãŒã¿ã¯ãçŽæ¥æ¥ç¶ãŸãã¯ä»®æ³ãªã³ã¯ãä»ããŠããã¯ããŒã³ã«æ¥ç¶ãããŠããå¿ èŠããããŸãã
⢠1 ã€ãŸãã¯è€æ°ã®ã€ã³ã¿ãã§ãŒã¹ããšãªã¢ã«è¿œå ããã«ã¯ããããã¯ãŒã¯ ãã¹ã¯ã䜿çšããŠããããã¯ãŒã¯ ã»ã°ã¡ã³ãäžã®ãã¹ãŠã®ã«ãŒã¿ã®ãšãªã¢ ID ãåãå€ã«èšå®ããŸãã
⢠ãããã¯ãŒã¯ ãšãªã¢å ã«ååšããã€ã³ã¿ãã§ãŒã¹ã®ãã©ã€ã㪠ã¢ãã¬ã¹ã確å®ã«å«ããããã«ããŸããããããªããšãOSPF ã¯ããã®ã³ãã³ãã§ã«ããŒãããã»ã«ã³ã㪠ã¢ãã¬ã¹ã«å¯ŸããŠåäœããŸããã
⢠ã€ã³ã¿ãã§ãŒã¹ã¯ã1 ã€ã®ãšãªã¢ã«ã®ã¿å²ãåœãŠãããšãã§ããŸãããã®åŸã®ãããã¯ãŒã¯ ãšãªã¢ ã³ãã³ãã«ããã¢ãã¬ã¹ç¯å²ãéè€ããŠæå®ãããå Žåãã«ãŒã¿ã¯ãæåã®ã³ãã³ãã§æå®ããããšãªã¢ã®ã¢ãã¬ã¹ç¯å²ãå®è£ ããåŸã®ã³ãã³ãã§éè€ãããšãªã¢ãç¡èŠããŸãããã ããããç¹å®æ§ã®é«ãã¢ãã¬ã¹ç¯å²ããšãªã¢ããåé€ãããšããã®ãšãªã¢ãã«ããŒããç¹å®æ§ã®äœãã¢ãã¬ã¹ãæå®ãããå Žåã«ããã®ç¯å²ã«å±ããã€ã³ã¿ãã§ãŒã¹ãã¢ã¯ãã£ãã®ãŸãŸã«ãªããŸãã
⢠ãã®ã«ãŒã¿ã¯ãæ倧 64 ã® OSPF ã«ãŒã¿ ã€ã³ã¿ãã§ãŒã¹ãšãæ倧 16 ã®ãšãªã¢ïŒããŒãã« ãã©ã³ãžãã ãšãªã¢ãã¹ã¿ãããŸã㯠NSSA ã®ããããã®åèšïŒ ããµããŒãããŸãã
äŸ
ãã®äŸã§ã¯ãã¯ã©ã¹ B ã¢ãã¬ã¹ 10.1.x.x ãã«ããŒããããã¯ããŒã³ 0.0.0.0ãããã³ã¯ã©ã¹ Cã¢ãã¬ã¹ 10.2.9.x ãã«ããŒããããŒãã« ãã©ã³ãžãã ãšãªã¢ 10.2.9.0 ãäœæããŸãã
Console(config-router)#network 10.1.0.0 255.255.0.0 area 0.0.0.0Console(config-router)#network 10.2.9.0 255.255.255.0 area 10.1.0.0Console(config-router)#
502FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
area stub
ã¹ã¿ã ãšãªã¢ãå®çŸ©ããŸããã¹ã¿ããåé€ããã«ã¯ããªãã·ã§ã³ ããŒã¯ãŒããæå®ããã« no 圢åŒã䜿çšããŸãããµããªãŒå±æ§ãåé€ããã«ã¯ããµããªãŒ ããŒã¯ãŒããæå®ããã« no 圢åŒã䜿çšããŸãã
ææ³
[no] area area-id stub [summary]
⢠area-id - ã¹ã¿ã ãšãªã¢ã®èå¥åã§ãïŒãšãªã¢ ID ã¯ãIP ã¢ãã¬ã¹ãšåã圢åŒã§ããå¿ èŠããããŸãïŒã
⢠summary - ãšãªã¢å¢çã«ãŒã¿ïŒABRïŒ ã¯ãã¹ã¿ã ãšãªã¢ã«ãµããªãŒ ãªã³ã¯ ã¢ããã¿ã€ãºã¡ã³ããéä¿¡ããŸãïŒããã©ã«ã : no summaryïŒã
ã³ãã³ãã¢ãŒã
Router Configuration
åæèšå®
ã¹ã¿ãã¯æ§æãããŠããŸããã
ã³ãã³ã解説
⢠ã¹ã¿ãå ã®ãã¹ãŠã®ã«ãŒã¿ã¯ãåããšãªã¢ ID ã§æ§æãããŠããå¿ èŠããããŸãã
⢠ã«ãŒãã£ã³ã° ããŒãã« ã¹ããŒã¹ã¯ãã¿ã€ã 4 AS ãµããªãŒ LSA ããã³ã¿ã€ã 5 å€éšLSA ããããã¯ããããšã«ãããã¹ã¿ãå ã«ä¿åãããŸãããã®ã³ãã³ãã®ããã©ã«ãèšå®ã§ã¯ãããŒã«ã« ãšãªã¢ãŸãã¯èªåŸã·ã¹ãã å€éšã®å®å ãžã®ããã©ã«ã ã«ãŒããã¢ããã¿ã€ãºããã¿ã€ã 3 ãµããªãŒ LSA ããããã¯ããããšã«ãããã¹ã¿ããå®å šã«åé¢ããŸãã
⢠ABR ã«ãã£ãŠã¹ã¿ããžéä¿¡ãããããã©ã«ã ãµããªãŒ ã«ãŒãã®ã³ã¹ããæå®ããã«ã¯ãarea default-cost ã³ãã³ãã䜿çšããŸãã
⢠ãã®ã«ãŒã¿ã¯ãæ倧 16 ã®ãšãªã¢ïŒ ããŒãã« ãã©ã³ãžãã ãšãªã¢ãã¹ã¿ãããŸãã¯NSSA ã®ããããã®åèšïŒ ããµããŒãããŸãã
äŸ
ãã®äŸã§ã¯ãã¹ã¿ã ãšãªã¢ 10.2.0.0 ãäœæããã¯ã©ã¹ B ã¢ãã¬ã¹ 10.2.x.x ãæã€ã€ã³ã¿ãŒ
ãã§ãŒã¹ããã¹ãŠã¹ã¿ãã«å²ãåœãŠãŸãã
é¢é£ããã³ãã³ã
area default-cost ïŒP499ïŒ
Console(config-router)#area 10.2.0.0 stubConsole(config-router)#network 10.2.0.0 0.255.255.255 area 10.2.0.0Console(config-router)#
503 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
area nssa
æºã¹ã¿ã ãšãªã¢ïŒNSSAïŒ ãå®çŸ©ããŸããNSSA ãåé€ããã«ã¯ããªãã·ã§ã³ ããŒã¯ãŒããæå®ããã« no 圢åŒã䜿çšããŸãããªãã·ã§ã³å±æ§ãåé€ããã«ã¯ãé¢é£ããããŒã¯ãŒããæå®ããã« no 圢åŒã䜿çšããŸãã
ææ³
[no] area area-id nssa [no-redistribution] [default-information-originate]
⢠area-id - NSSA ã®èå¥åã§ãïŒãšãªã¢ ID ã¯ãIP ã¢ãã¬ã¹ãšåã圢åŒã§ããå¿ èŠããããŸãïŒã
⢠no-redistribution - ã«ãŒã¿ã NSSA ã®ãšãªã¢å¢çã«ãŒã¿ïŒABRïŒ ã§ããããªããã€redistribute ã³ãã³ãã䜿ã£ãŠïŒNSSA ã«ã§ã¯ãªãïŒ ããŒãã« ãšãªã¢ã«ã®ã¿ã«ãŒããã€ã³ããŒããããå Žåããã®ããŒã¯ãŒãã䜿çšããŸããããªãã¡ããã®ããŒã¯ãŒãã§ã¯ãNSSA ABR ãïŒä»ã®ãšãªã¢ã®ã«ãŒã¿ãä»ããŠåŠç¿ãããïŒ å€éšã«ãŒãã£ã³ã°æ å ±ã NSSA ãžã¢ããã¿ã€ãºããã®ãé²ããŸãã
⢠default-information-originate - ã«ãŒã¿ã NSSA ãšãªã¢å¢çã«ãŒã¿ïŒABRïŒ ãŸã㯠NSSA èªåŸã·ã¹ãã å¢çã«ãŒã¿ïŒASBRïŒ ã§ããæããã®ãã©ã¡ãŒã¿ãæå®ãããšãNSSA ã«å¯Ÿããã¿ã€ã -7 ããã©ã«ã LSA ãçæãããŸãããã®ããã©ã«ãã¯ãNSSA ABR ã«ã¯ AS å ã®ä»ãšãªã¢ã«å¯Ÿããã«ãŒããããŸã NSSA ASBR ã«ã¯ AS å€éšã®ãšãªã¢ã«å¯Ÿããã«ãŒããæäŸããŸãã
ã³ãã³ãã¢ãŒã
Router Configuration
åæèšå®
NSSA ã¯æ§æãããŠããŸããã
ã³ãã³ã解説
⢠NSSA å ã®ãã¹ãŠã®ã«ãŒã¿ã¯ãåããšãªã¢ ID ã§æ§æãããŠããå¿ èŠããããŸãã
⢠NSSA ã¯ã¹ã¿ãã«äŒŒãŠããŸãããã®çç±ã¯ãã«ãŒã¿ã ABR ã§ããå Žåãdefault- information-originate ããŒã¯ãŒãã䜿çšããŠãAS å ã®ä»ã®ãšãªã¢ã«å¯Ÿããããã©ã«ã ã«ãŒãã NSSA ã«éä¿¡ã§ããããã§ãããã ããNSSA ãã¹ã¿ããšç°ãªãç¹ã¯ãã«ãŒã¿ã ASBR ã§ããå Žåãdefault-information-originate ããŒã¯ãŒãã䜿çšããŠãããã©ã«ãã®å€éš AS ã«ãŒãïŒNSSA ã«é£æ¥ããŠããã OSPF AS å ã«ã¯ãªãã«ãŒãã£ã³ã° ãããã³ã« ãã¡ã€ã³å®ïŒ ã NSSA ã«ã€ã³ããŒãã§ããããšã§ãã
⢠NSSA ã«ã¢ããã¿ã€ãºãããå€éšã«ãŒãã«ã¯ãOSPF ãä»ããŠåŠç¿ããã AS å€éšã®ãããã¯ãŒã¯å®å ã®ã»ããããã©ã«ã ã«ãŒããã¹ã¿ãã£ã㯠ã«ãŒããä»ã®ã«ãŒãã£ã³ã° ãããã³ã«ïŒRIP ãªã©ïŒ ããã€ã³ããŒããããã«ãŒããOSPF ãå®è¡ããŠããªãã«ãŒã¿ã«çŽæ¥æ¥ç¶ããããããã¯ãŒã¯ãªã©ãå«ããããšãã§ããŸãã
⢠NSSA å€éš LSA ïŒ ã¿ã€ã 7ïŒ ã¯ãNSSA ã«é£æ¥ããä»»æã® ABR ã«ãã£ãŠå€éš LSA ïŒã¿ã€ã 5ïŒ ã«å€æãããAS å ã®ä»ã®ãšãªã¢ãžäŒæãããŸãã
⢠ãŸããã¢ã³ãªã³ã¯ ã¹ã¿ã ãšãªã¢ããã¹ãŠã®ã¿ã€ã 3 ãµããªãŒ LSA ã¯åžžã« NSSA ãžã€ã³ããŒããããå éšã«ãŒããåžžã«ã¿ã€ã 7 NSSA å€éšã«ãŒããããåªå ããŠéžæãããããšãä¿èšŒããŸãã
⢠ãã®ã«ãŒã¿ã¯ãæ倧 16 ã®ãšãªã¢ïŒ ããŒãã« ãã©ã³ãžãã ãšãªã¢ãã¹ã¿ãããŸã㯠NSSA ã®ããããã®åèšïŒ ããµããŒãããŸãã
504FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
äŸ
ãã®äŸã§ã¯ãã¹ã¿ã ãšãªã¢ 10.3.0.0 ãäœæããã¯ã©ã¹ B ã¢ãã¬ã¹ 10.3.x.x ãæã€ã€ã³ã¿ãã§ãŒã¹ããã¹ãŠ NSSA ã«å²ãåœãŠãŸãããŸããã«ãŒã¿ã NSSA ABR ãŸã㯠NSSA ASBRã®å ŽåãNSSA ãžã®å€éš LSA ãçæããããã«æ瀺ããŸãã
Console(config-router)#area 10.3.0.0 nssadefault-information-originateConsole(config-router)#network 10.3.0.0 255.255.0.0 area 10.2.0.0Console(config-router)#
505 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
area virtual-link
ä»®æ³ãªã³ã¯ãå®çŸ©ããŸããä»®æ³ãªã³ã¯ãåé€ããã«ã¯ããªãã·ã§ã³ ããŒã¯ãŒããæå®ããã« no 圢åŒã䜿çšããŸããå±æ§ã®ããã©ã«ãå€ã«æ»ãã«ã¯ãèŠæ±ãããããŒã¯ãŒããæå®ããã« no 圢åŒã䜿çšããŸãã
ææ³
[no] area area-id virtual-link router-id
[authentication [message-digest | null ]] [hello-interval seconds]
[retransmit-interval seconds] [transmit-delay seconds]
[dead-interval seconds] [[authentication-key key] |
[message-digest-key key-id md5 key]]
no area area-id
⢠area-id - ä»®æ³ãªã³ã¯ã®ãã©ã³ãžãã ãšãªã¢ã®èå¥åã§ãïŒãšãªã¢ ID ã¯ãIP ã¢ãã¬ã¹ãšåã圢åŒã§ããå¿ èŠããããŸãïŒã
⢠router-id - ä»®æ³ãªã³ã¯ã®é£æ¥ã«ãŒã¿ã®ã«ãŒã¿ ID ã§ãããã®ã«ãŒã¿ã¯ãä»®æ³ãªã³ã¯ã®ä»æ¹ã®ç«¯ã«ããããã¯ããŒã³ãšãã©ã³ãžãã ãšãªã¢äž¡æ¹ã«é£æ¥ãããšãªã¢å¢çã«ãŒã¿ïŒABRïŒ ã§ããå¿ èŠããããŸãã
⢠authentication - èªèšŒã¢ãŒããæå®ããŸããããŒã¯ãŒãã®åŸã«ãªãã·ã§ã³ ãã©ã¡ãŒã¿ãæå®ããªããšãauthentication-key ã§æå®ããããã¹ã¯ãŒããšãšãã«ãã¬ãŒã³ããã¹ãèªèšŒã䜿çšãããŸããmessage-digest èªèšŒãæå®ããå Žåãmessage-digest-key ããã³ md5 ãã©ã¡ãŒã¿ãåæã«æå®ããå¿ èŠããããŸããnull ãªãã·ã§ã³ãæå®ããå ŽåãOSPF ã«ãŒãã£ã³ã° ãããã³ã« ã¡ãã»ãŒãžã«ã¯èªèšŒã¯å®è¡ãããŸããã
⢠message-digest - ã¡ãã»ãŒãž ãã€ãžã§ã¹ãïŒMD5ïŒ èªèšŒãæå®ããŸãã
⢠null - 䜿çšãããèªèšŒã¯ãªãããšã瀺ããŸãã
⢠hello-interval seconds - Hello ãã±ããéä¿¡éã®äŒéé 延ãæå®ããŸããHello ééãå°ããå€ã«èšå®ãããšãããããžå€æŽãæ€ç¥ããéã®é 延ã¯ççž®ãããŸãããã«ãŒãã£ã³ã° ãã©ãã£ãã¯ã¯å¢å ããŸãããã®å€ã¯ãèªåŸã·ã¹ãã ã«æ¥ç¶ããããã¹ãŠã®ã«ãŒã¿ã§åãã«èšå®ãããå¿ èŠããããŸãïŒç¯å² : 1 ïœ 65535 ç§ãããã©ã«ã : 10 ç§ïŒã
⢠retransmit-interval seconds - ABR ãä»®æ³ãªã³ã¯äžã§ãªã³ã¯ã¹ããŒã ã¢ããã¿ã€ãºã¡ã³ãïŒLSAïŒ ãåéä¿¡ããééãæå®ããŸãããã®éä¿¡ééã¯ãã«ãŒãã£ã³ã°æ å ±ã®é©åãªãããŒãæäŸãã€ã€ããäžå¿ èŠãªãããã³ã« ãã©ãã£ãã¯ãçºçãããªãçšåºŠã®æ§ãããªå€ã«èšå®ããŠãã ããããã ãããã®å€ã¯ãä»®æ³ãªã³ã¯ã®å€ããã¯å€§ããèšå®ããå¿ èŠãããããšã«æ³šæããŠãã ããïŒç¯å² : 1 ïœ 3600 ç§ãããã©ã«ã : 5 ç§ïŒã
⢠transmit-delay seconds - ä»®æ³ãªã³ã¯äžã§ãªã³ã¯ã¹ããŒã ã¢ããããŒã ãã±ãããéä¿¡ããã®ã«å¿ èŠãªæéããäŒéé 延ããã³äŒæé 延ãèæ ®ã«å ¥ããŠäºæž¬ããŸããLSA ã®ãšãŒãžã«ã¯ããã®å€ãéä¿¡åã«å ç®ãããŸãããã®å€ã¯ãèªåŸã·ã¹ãã ã«æ¥ç¶ããããã¹ãŠã®ã«ãŒã¿ã§åãã«èšå®ãããå¿ èŠããããŸãïŒç¯å² : 1 ïœ 3600 ç§ãããã©ã«ã : 1 ç§ïŒã
⢠. dead-interval seconds - ã«ãŒã¿ã®ããŠã³ã宣èšããåã«ãé£æ¥ã«ãŒã¿ã Hello ãã±ãããåŸ æ©ããæéã§ãããã®å€ã¯ãèªåŸã·ã¹ãã ã«æ¥ç¶ããããã¹ãŠã®ã«ãŒã¿ã§åãã«èšå®ãããå¿ èŠããããŸãïŒç¯å² : 1 ïœ 65535 ç§ãããã©ã«ã : 4 à Hello ééããŸã㯠40 ç§ïŒã
⢠authentication-key key - ãããã³ã« ã¡ãã»ãŒãžã®ãããå ã®èªèšŒãã£ãŒã«ããçæãŸãã¯æ€èšŒããããã«ãä»®æ³ãªã³ã¯äžã®é£æ¥ã«ãŒã¿ã«ãã£ãŠäœ¿çšããããã¬ãŒã³ããã¹ã ãã¹ã¯ãŒãïŒæ倧 8 æåïŒ ãèšå®ããŸããåãããã¯ãŒã¯ ã€ã³ã¿ãã§ãŒã¹ã«åå¥ã®ãã¹ã¯ãŒã
506FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
ãå²ãåœãŠãããšãã§ããŸãããã ãããã®ããŒã¯ãåããããã¯ãŒã¯ïŒèªåŸã·ã¹ãã ïŒ äžã®ãã¹ãŠã®é£æ¥ã«ãŒã¿ã«å¯ŸããŠåãå€ã«èšå®ããå¿ èŠããããŸãããã®ããŒã¯ãããã¯ããŒã³ã§èªèšŒãæå¹ã«ãªã£ãŠããæã®ã¿äœ¿çšãããŸãã
⢠message-digest-key key-id md5 key - ã¡ãã»ãŒãž ãã€ãžã§ã¹ãïŒMD5ïŒ èªèšŒã䜿çšæãé£æ¥ã«ãŒã¿ãšãã®ã«ãŒã¿éãééãããããã³ã« ã¡ãã»ãŒãžã®èªèšŒã«äœ¿çšãããããŒèå¥åãšãã¹ã¯ãŒããèšå®ããŸããkey-id ã¯ã1 ïœ 255 ãŸã§ã®æŽæ°ã§ãkeyã¯ãæ倧 16 æåé·ã®è±æ°åã¹ããªã³ã°ã§ããä»®æ³ãªã³ã¯äžã§ MD5 èªèšŒã䜿çšãããŠããå ŽåãèªåŸã·ã¹ãã å ã®ãã¹ãŠã®ã«ãŒã¿äžã§ MD5 ãæå¹ã«ãªã£ãŠããå¿ èŠããããŸãããŸããããŒèå¥åãšããŒã¯ããã¹ãŠã®ã«ãŒã¿ã«å¯ŸããŠåãã§ããå¿ èŠããããŸãã
ã³ãã³ãã¢ãŒã
Router Configuration
åæèšå®
area-id: ãªã
router-id: ãªã
hello-interval:10 ç§
retransmit-interval:5 ç§
transmit-delay:1 ç§
dead-interval:40 ç§
authentication-key: ãªã
message-digest-key: ãªã
ã³ãã³ã解説
⢠èªåŸã·ã¹ãã å šäœã®ã«ãŒãã£ã³ã° ã³ãã¯ãã£ããã£ãä¿æããã«ã¯ããã¹ãŠã®ãšãªã¢ããããã¯ããŒã³ ãšãªã¢ïŒ0.0.0.0ïŒ ã«æ¥ç¶ãããŠããå¿ èŠããããŸããç¹å®ã®ãšãªã¢ãããã¯ããŒã³ã«æ¥ç¶ããããšãç©ççã«äžå¯èœãªå Žåãä»®æ³ãªã³ã¯ã䜿çšããããšãã§ããŸããä»®æ³ãªã³ã¯ã¯ãåé¢ããããšãªã¢ã®ããã¯ããŒã³ãžã®è«çãã¹ãæäŸãããã®ã§ãããã®ã«ãŒã¿ã§ã¯ãæ倧 32 ã®ä»®æ³ãªã³ã¯ãæå®ããããšãã§ããŸãã
⢠ããã¯ããŒã³ããåæãããåãšãªã¢ã«ã¯ããã©ã³ãžãã ãšãªã¢ IDãããã³ããã¯ããŒã³ã«é£æ¥ããä»®æ³ãªã³ã¯é£æ¥ã«ãŒã¿ã®ã«ãŒã¿ ID ãå«ãŸããŠããå¿ èŠããããŸãã
⢠ãã®ã«ãŒã¿ã§ã¯ãæ倧 64 ã®ä»®æ³ãªã³ã¯ããµããŒãããŸãã
äŸ
ãã®äŸã§ã¯ããã¹ãŠã®ãªãã·ã§ã³ ãã©ã¡ãŒã¿ã®ããã©ã«ãå€ã䜿çšããŠãä»®æ³ãªã³ã¯ãäœæããŸãã
ãã®äŸã§ã¯ãMD5 èªèšŒã䜿çšããŠãä»®æ³ãªã³ã¯ãäœæããŸãã
Console(config-router)#network 10.4.0.0 0.255.255.0.0 area 10.4.0.0Console(config-router)#area 10.4.0.0 virtual-link 10.4.3.254Console(config-router)#
Console(config-router)#network 10.4.0.0 0.255.255.0.0 area 10.4.0.0Console(config-router)#area 10.4.0.0 virtual-link 10.4.3.254message-digest-key 5 md5 ld83jdpqConsole(config-router)#
507 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
ip ospf authentication
ã€ã³ã¿ãã§ãŒã¹ã§äœ¿çšãããèªèšŒã¿ã€ããæå®ããŸãããã¬ãŒã³ ããã¹ãïŒã·ã³ãã« ãã¹ã¯ãŒãïŒ èªèšŒãæå®ããã«ã¯ããªãã·ã§ã³ ãã©ã¡ãŒã¿ã䜿çšããã«ãã
ã®ã³ãã³ããå ¥åããŸãã"no"ãåã«çœ®ãããšã§ãããã©ã«ãã®èªèšŒãªãã«æ»ããŸãã
ææ³
ip ospf authentication [message-digest | null]
no ip ospf authentication
⢠message-digest - ã¡ãã»ãŒãž ãã€ãžã§ã¹ãïŒMD5ïŒ èªèšŒãæå®ããŸãã
⢠null - 䜿çšãããèªèšŒã¯ãªãããšã瀺ããŸãã
ã³ãã³ãã¢ãŒã
Router Configuration
åæèšå®
èªèšŒãªã
ã³ãã³ã解説
⢠ã€ã³ã¿ãã§ãŒã¹ã«ãã¬ãŒã³ ããã¹ã ãã¹ã¯ãŒãèªèšŒãæå®ããéã¯ãip ospfauthentication-key ã³ãã³ãã§ãã¹ã¯ãŒããäºãæ§æããŠãããŸããã€ã³ã¿ãã§ãŒã¹ã« MD5 èªèšŒãæå®ããéã¯ãip ospf message-digest-key ã³ãã³ãã§ãã¡ãã»ãŒãžãã€ãžã§ã¹ã ã㌠ID ãšããŒãäºãæ§æããŠãããŸãã
⢠ãã¬ãŒã³ããã¹ãèªèšŒããŒããŸã㯠MD5 ã㌠ID ããã³ããŒã®äœ¿çšã§ã¯ãèªåŸã·ã¹ãã å šäœã§æŽåæ§ãä¿ã€å¿ èŠããããŸãã
äŸ
ãã®äŸã§ã¯ãæå®ã€ã³ã¿ãã§ãŒã¹ã§ã¡ãã»ãŒãžãã€ãžã§ã¹ãèªèšŒãæå¹ã«ããŸãã
Console(config)#interface vlan 1Console(config-if)#ip ospf authentication message-digestConsole(config-if)#
508FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
ip ospf authentication-key
é£æ¥ã«ãŒã¿ã«ãã£ãŠäœ¿çšãããã·ã³ãã« ãã¹ã¯ãŒããå²ãåœãŠãŸãã"no"ãåã«çœ®ãããšã§ããã¹ã¯ãŒããåé€ãããŸãã
ææ³
ip ospf authentication-key key
no ip ospf authentication-key
⢠key - ãã¬ãŒã³ ããã¹ã ãã¹ã¯ãŒããèšå®ããŸãïŒç¯å² : 1 ïœ 8 æåïŒã
ã³ãã³ãã¢ãŒã
Interface Configuration (VLAN)
åæèšå®
ãã¹ã¯ãŒããªã
ã³ãã³ã解説
⢠ã€ã³ã¿ãã§ãŒã¹ã«ãã¬ãŒã³ ããã¹ã ãã¹ã¯ãŒãèªèšŒãæå®ããéã¯ãip ospfauthentication-key ã³ãã³ãã§ãã¹ã¯ãŒããäºãæ§æããŠãããŸããã€ã³ã¿ãã§ãŒã¹ã« MD5 èªèšŒãæå®ããéã¯ãip ospf message-digest-key ã³ãã³ãã§ãã¡ãã»ãŒãžãã€ãžã§ã¹ã ã㌠ID ãšããŒãäºãæ§æããŠãããŸãã
⢠åãããã¯ãŒã¯ ã€ã³ã¿ãã§ãŒã¹ ããŒã¹ã§ç°ãªããã¹ã¯ãŒããå²ãåœãŠãããšãå¯èœã§ããããã¹ã¯ãŒãã®äœ¿çšã§ã¯ããããã¯ãŒã¯ïŒèªåŸã·ã¹ãã ïŒ å šäœã®ãã¹ãŠã®é£æ¥ã«ãŒã¿äžã§æŽåæ§ãä¿ã€å¿ èŠããããŸãã
äŸ
ãã®äŸã§ã¯ãæå®ã€ã³ã¿ãã§ãŒã¹ã®ãã¹ã¯ãŒããèšå®ããŸãã
Console(config)#interface vlan 1Console(config-if)#ip ospf authentication-key badboyConsole(config-if)#
509 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
ip ospf message-digest-key
æå®ã€ã³ã¿ãã§ãŒã¹ã§ã¡ãã»ãŒãžãã€ãžã§ã¹ãïŒMD5ïŒ èªèšŒãæå¹ã«ããŸãããŸããé£æ¥ã«ãŒã¿ã«ãã£ãŠäœ¿çšãããã㌠ID ããã³ããŒã®å²åœãŠãæå¹ã«ããŸãã
"no"ãåã«çœ®ãããšã§ãæ¢åã®ããŒãåé€ãããŸãã
ææ³
ip ospf message-digest-key key-id md5 key
no ip ospf message-digest-key key-id
⢠key-id - MD5 ããŒã®ã€ã³ããã¯ã¹çªå·ã§ãïŒç¯å² : 1 ïœ 255ïŒã
⢠key - 128 ãããã®ã¡ãã»ãŒãžãã€ãžã§ã¹ããŸãã¯ããã£ã³ã¬ãŒããªã³ãããçæããã®ã«äœ¿çšãããè±æ°åãã¹ã¯ãŒãã§ãïŒç¯å² : 1 ïœ 16 æåïŒã
ã³ãã³ã ã¢ãŒã
Interface Configuration (VLAN)
åæèšå®
MD5 èªèšŒã¯ç¡å¹ã§ãã
ã³ãã³ã解説
⢠éåžžãã¢ãŠãããŠã³ã ãã±ããçšã®èªèšŒæ å ±ã®çæããã³çä¿¡ãã±ããã®èªèšŒã«äœ¿çšãããããŒã¯ãã€ã³ã¿ãã§ãŒã¹ããšã« 1 ã€ã®ã¿ã§ããé£æ¥ã«ãŒã¿å士ã¯ãåãããŒèå¥åãšããŒå€ã䜿çšããå¿ èŠããããŸãã
⢠æ°èŠããŒã«å€æŽããæãã«ãŒã¿ã¯ããã¹ãŠã®ãããã³ã« ã¡ãã»ãŒãžã®è€æ°ã®ã³ããŒãã1 ã€ã¯å€ãããŒã§ããã 1 ã€ã¯æ°ããããŒã§éä¿¡ããŸãããã¹ãŠã®é£æ¥ã«ãŒã¿ãæ°ããããŒã§ããã®ã«ãŒã¿ãžãããã³ã« ã¡ãã»ãŒãžã®éä¿¡ãéå§ãããšãã«ãŒã¿ã¯å€ãããŒã®äœ¿çšãæ¢ããŸãããã®ããŒã«ãªãŒã ããã»ã¹ã«ããããããã¯ãŒã¯ç®¡çè ã«ã¯ããããã¯ãŒã¯ ã³ãã¯ãã£ããã£ãäœäžãããããšãªããããã¯ãŒã¯äžã®ãã¹ãŠã®ã«ãŒã¿ãã¢ããããŒãããæéã®äœè£ãã§ããŸãããã¹ãŠã®ãããã¯ãŒã¯ ã«ãŒã¿ãæ°ããããŒã§ã¢ããããŒãããããšãå€ãããŒã¯ãã»ãã¥ãªãã£äžã®çç±ã«ããåé€ãããŸãã
äŸ
ãã®äŸã§ã¯ãã¡ãã»ãŒãžãã€ãžã§ã¹ã ããŒã®èå¥åããã³ãã¹ã¯ãŒããèšå®ããŸãã
Console(config)#interface vlan 1Console(config-if)#ip ospf message-digest-key 1 md5 aiebelConsole(config-if)#
510FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
ip ospf cost
ã€ã³ã¿ãã§ãŒã¹äžã§ã®ãã±ããéä¿¡ã³ã¹ããæ瀺çã«èšå®ããŸãã"no"ãåã«çœ®ãããšã§ãèšå®ãåæå€ã«æ»ããŸãã
ææ³
ip ospf cost cost
no ip ospf cost
⢠cost - ãã®ã€ã³ã¿ãã§ãŒã¹ã®ãªã³ã¯ ã¡ããªãã¯ã§ããäœéããŒãã瀺ãã«ã¯ããã®å€ã倧ããããŸãïŒç¯å² : 1 ïœ 65535ïŒã
ã³ãã³ãã¢ãŒã
Interface Configuration (VLAN)
åæèšå®
1
ã³ãã³ã解説
ã€ã³ã¿ãã§ãŒã¹ ã³ã¹ãã¯ãããŒãã®ã¹ããŒããåæ ããŸãããã®ã«ãŒã¿ã§ã¯ããã¹ãŠã®ããŒãã«å¯ŸããŠããã©ã«ãã®ã³ã¹ã 1 ã䜿çšããŸãããããã£ãŠãã®ã¬ããã ã¢ãžã¥ãŒã«ãã€ã³ã¹ããŒã«ããå Žåããã¹ãŠã® 100 Mbps ããŒãã®ã³ã¹ãã 2 以äžã®å€ã«ãªã»ããããå¿ èŠããããŸãã
äŸ
Console(config)#interface vlan 1Console(config-if)#ip ospf cost 10Console(config-if)#
511 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
ip ospf dead-interval
Hello ãã±ãããåä¿¡ããªããŸãŸããã®æéãçµéãããšãé£æ¥ã«ãŒã¿ã«ãã£ãŠã«ãŒã¿ã®ããŠã³ã宣èšããããŸã§ã®ééãèšå®ããŸãã"no"ãåã«çœ®ãããšã§ãèšå®ãåæå€ã«æ»ããŸãã
ææ³
ip ospf dead-interval seconds
no ip ospf dead-interval
⢠seconds - é£æ¥ã«ãŒã¿ãéä¿¡ã«ãŒã¿ã®ããŠã³ã宣èšããåã«ãHello ãã±ãããåŸ æ©ããæ倧æéã§ãããã®ééã¯ããããã¯ãŒã¯äžã®ãã¹ãŠã®ã«ãŒã¿ã«å¯ŸããŠåãå€ã«èšå®ãããŠããå¿ èŠããããŸãïŒç¯å² : 1 ïœ 65535ïŒã
ã³ãã³ãã¢ãŒã
Interface Configuration (VLAN)
åæèšå®
40 ç§ããŸã㯠ip ospf hello-interval ã³ãã³ãã«ããæå®ãããééã® 4å
äŸ
Console(config)#interface vlan 1Console(config-if)#ip ospf dead-interval 50Console(config-if)#
512FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
ip ospf hello-interval
ã€ã³ã¿ãã§ãŒã¹äžã§éä¿¡ãã Hello ãã±ããã®ééãæå®ããŸãã"no"ãåã«çœ®ãããšã§ãèšå®ãåæå€ã«æ»ããŸãã
ææ³
ip ospf hello-interval seconds
no ip ospf hello-interval
⢠seconds - ã€ã³ã¿ãã§ãŒã¹ããéä¿¡ããã Hello ãã±ããã®ééã§ãããã®ééã¯ããããã¯ãŒã¯äžã®ãã¹ãŠã®ã«ãŒã¿ã«å¯ŸããŠåãå€ã«èšå®ãããŠããå¿ èŠããããŸãïŒç¯å² : 1 ïœ 65535ïŒã
ã³ãã³ãã¢ãŒã
Router Configuration
åæèšå®
10 ç§
ã³ãã³ã解説
Hello ãã±ããã¯ãéä¿¡ã«ãŒã¿ããŸã ã¢ã¯ãã£ãã§ããããšãä»ã®ã«ãŒã¿ã«éç¥ããããã«äœ¿çšãããŸããHello ééãå°ããå€ã«èšå®ãããšãããããžå€æŽã®æ€åºã«ãããé 延ã¯ççž®ãããŸãããã«ãŒãã£ã³ã° ãã©ãã£ãã¯ã¯å¢å ããŸãã
äŸ
ip ospf priority
ãšãªã¢ã®æå®ã«ãŒã¿ïŒDRïŒ ããã³ããã¯ã¢ããæå®ã«ãŒã¿ïŒBDRïŒ ã決å®ããéã«äœ¿çšãããã«ãŒã¿ ãã©ã€ãªãªãã£ãèšå®ããŸãã"no"ãåã«çœ®ãããšã§ãèšå®ãåæå€ã«æ»ããŸãã
ææ³
ip ospf priority priority
no ip ospf priority
⢠priority - ãã®ã«ãŒã¿ã®ã€ã³ã¿ãã§ãŒã¹ ãã©ã€ãªãªãã£ã§ãïŒç¯å² : 0 ïœ 255ïŒã
ã³ãã³ãã¢ãŒã
Interface Configuration (VLAN)
åæèšå®
1
Console(config)#interface vlan 1Console(config-if)#ip ospf hello-interval 5Console(config-if)#
513 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
ã³ãã³ã解説
⢠ã«ãŒã¿ã DR ãŸã㯠BDR ãšããŠéžåºãããªãããã«ããã«ã¯ããã©ã€ãªãªãã£ã 0ã«èšå®ããŸãã0 以å€ã®ä»»æã®å€ã«èšå®ãããšãæãé«ããã©ã€ãªãªãã£ã®ã«ãŒã¿ã DR ã«ãªãã次ã«é«ããã©ã€ãªãªãã£ã®ã«ãŒã¿ã BDR ã«ãªããŸãã2 ã€ãŸãã¯ãã以äžã®ã«ãŒã¿ã«åãæé«ã®ãã©ã€ãªãªãã£ãå²ãåœãŠãããŠããå Žåãããé«ã ID ãæã€ã«ãŒã¿ãéžåºãããŸãã
⢠DR ããã§ã«ååšããŠãããšãªã¢ã«ãã®ã€ã³ã¿ãã§ãŒã¹ãè¿œå ãããå Žåãæ°èŠã«ãŒã¿ã®æã€ãã©ã€ãªãªãã£ã«é¢ããããçŸè¡ã® DR ãåç¶ããŸããDR ã¯ã次ã«éžåºããã»ã¹ãåæåããããŸã§å€æŽãããŸããã
äŸ
ip ospf retransmit-interval
ãªã³ã¯ã¹ããŒã ã¢ããã¿ã€ãºã¡ã³ãïŒLSAïŒ ãåéä¿¡ããééãæå®ã
ãŸãã"no"ãåã«çœ®ãããšã§ãèšå®ãåæç¶æ ã«ãã©ããŸãã
ææ³
ip ospf retransmit-interval seconds
no ip ospf retransmit-interval
⢠seconds - ãã®ã€ã³ã¿ãã§ãŒã¹ã§ LSA ãåéä¿¡ããééãèšå®ããŸãïŒç¯å² : 1 ïœ 65535ïŒã
ã³ãã³ã ã¢ãŒã
Interface Configuration (VLAN)
åæèšå®
5 ç§
ã³ãã³ã解説
ã«ãŒã¿ã¯ãè¯å®å¿çïŒACKïŒ ãåä¿¡ããªããšãé£æ¥ã«ãŒã¿ã« LSA ãåéä¿¡ããŸãããã®éä¿¡ééã¯ãã«ãŒãã£ã³ã°æ å ±ã®é©åãªãããŒãæäŸãã€ã€ããäžå¿ èŠãªãããã³ã« ãã©ãã£ãã¯ãçºçãããªãçšåºŠã®æ§ãããªå€ã«èšå®ããŠãã ããããã®å€ã¯ãä»®æ³ãªã³ã¯ã®å€ãã倧ããèšå®ããå¿ èŠãããããšã«æ³šæããŠãã ããã
äŸ
Console(config)#interface vlan 1Console(config-if)#ip ospf priority 5Console(config-if)#
Console(config)#interface vlan 1Console(config-if)#ip ospf retransmit-interval 7Console(config-if)#
514FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
ip ospf transmit-delay
ã€ã³ã¿ãã§ãŒã¹ã§ãªã³ã¯ã¹ããŒã ã¢ããããŒã ãã±ãããéä¿¡ãããŸã§ã®æéãäºæž¬ããŸãã"no"ãåã«çœ®ãããšã§ãèšå®ãåæç¶æ ã«ãã©ããŸãã
ææ³
ip ospf transmit-delay seconds
no ip ospf transmit-delay
⢠seconds - ãªã³ã¯ã¹ããŒã ã¢ããããŒããéä¿¡ãããŸã§ã®äºæž¬åŸ æ©æéãèšå®ããŸãïŒç¯å² : 1 ïœ 65535ïŒã
ã³ãã³ã ã¢ãŒã
Interface Configuration (VLAN)
åæèšå®
1 ç§
ã³ãã³ã解説
LSA ã®ãšãŒãžã«ã¯ããã®é 延ãéä¿¡åã«å ç®ãããŸããéä¿¡é 延ãäºæž¬ããã«ã¯ãã€ã³ã¿ãã§ãŒã¹ã®éä¿¡é 延ããã³äŒæé 延ãèæ ®ã«å ¥ããŸããäœéãªã³ã¯ã«å€§ããå€ã䜿çšãããªã³ã¯ ã¹ããŒãã«åŸã£ãŠéä¿¡é 延ãèšå®ããŸãããã®éä¿¡é 延ã¯ãèªåŸã·ã¹ãã ã«æ¥ç¶ããããã¹ãŠã®ã«ãŒã¿ã§åãã«èšå®ãããå¿ èŠããããŸãã
äŸ
Console(config)#interface vlan 1Console(config-if)#ip ospf transmit-delay 6Console(config-if)#
515 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
show ip ospf
ãã®ã³ãã³ãã§ã¯ãã«ãŒãã£ã³ã° ã³ã³ãã£ã®ã¥ã¬ãŒã·ã§ã³ã«é¢ããåºæ¬æ å ±ã衚瀺ããŸãã
ã³ãã³ã ã¢ãŒã
Privileged Exec
äŸ
Console#show ip ospfRouting Process with ID 10.1.1.253Supports only single TOS(TOS0) routeIt is an area border and autonomous system boundary routerRedistributing External Routes from,
ãããrip with metric mapped to 10Number of area in this router is 2Area 0.0.0.0 (BACKBONE)
ãããNumber of interfaces in this area is 1
ãããSPF algorithm executed 19 timesArea 10.1.0.0
ãããNumber of interfaces in this area is 4
ãããSPF algorithm executed 19 timesConsole#
é ç® è§£èª¬Routing Process with ID ã«ãŒã¿ ID
Supports only single TOS(TOS0) route
ã¿ã€ã ãªã ãµãŒãã¹ïŒToSïŒ ã¯ãµããŒããããŠããŸããããããã£ãŠãã€ã³ã¿ãã§ãŒã¹ããšã« 1 ã€ã®ã³ã¹ãããå²ãåœãŠãããšãã§ããŸããã
It is an router type 衚瀺ãããã«ãŒã¿ ã¿ã€ããå éšã«ãŒã¿ããšãªã¢å¢çã«ãŒã¿ãèªåŸã·ã¹ãã å¢çã«ãŒã¿ããããŸãã
Number of areas in this router
æ§æããããšãªã¢ã®æ°
RteType ã«ãŒã ã¿ã€ããã€ã³ãã© ãšãªã¢ãŸãã¯ãšãªã¢éã«ãŒãïŒINTRA ãŸã㯠INTERïŒ ã®ãããã
Area identifier ãšãªã¢ ã¢ãã¬ã¹ãããã³ãšãªã¢ ã¿ã€ãïŒããã¯ããŒã³ãNSSAããŸãã¯ã¹ã¿ãïŒ
Number of interfaces ãã®ãšãªã¢ã«æ¥ç¶ãããã€ã³ã¿ãã§ãŒã¹ã®æ°
SPF algorithm executed ãã®ãšãªã¢ã«å¯Ÿã㊠SPF ïŒæçãã¹åªå ïŒ ã¢ã«ãŽãªãºã ãå®è¡ãããåæ°
516FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
show ip ospf border-routers
ãšãªã¢å¢çã«ãŒã¿ïŒABRïŒ ãŸãã¯èªåŸã·ã¹ãã å¢çã«ãŒã¿ïŒASBRïŒ ã«ã€ããŠã®ã«ãŒãã£ã³ã° ããŒãã«ã®ãšã³ããªã衚瀺ããŸãã
ã³ãã³ã ã¢ãŒã
Privileged Exec
äŸ
Console#show ip ospf border-routers
ãDestination ããNext Hop ãCost ãType ãRteType ãArea ãããããSPF No------------- ------------- ------ ----- -------- ------------- --------
ã10.1.1.252 ãã10.1.1.253 ããã0ã ABR ããINTRA ãã10.1.0.0 ãããã3
ã10.2.6.252 ãã10.2.9.253 ããã0 ãASBR ã INTERãã 10.2.0.0 ããã 7Console#
é ç® è§£èª¬
Destination å®å ã«ãŒã¿ã®èå¥å
Next Hop å®å ãžã®ãã¯ã¹ã ãããã® IP ã¢ãã¬ã¹
Cost ãã®ã«ãŒãã®ãªã³ã¯ ã¡ããªãã¯
Type å®å ã®ã«ãŒã¿ ã¿ã€ãïŒABRãASBRããŸãã¯äž¡æ¹ïŒ
RteType ã«ãŒã ã¿ã€ããã€ã³ãã© ãšãªã¢ãŸãã¯ãšãªã¢éã«ãŒãïŒINTRA ãŸãã¯INTERïŒ ã®ãããã
Area ãã®ã«ãŒããåŠç¿ããããšãªã¢SPF No ãã®ã«ãŒãã«å¯Ÿã㊠SPF ïŒæçãã¹åªå ïŒ ã¢ã«ãŽãªãºã
ãå®è¡ãããåæ°
517 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
show ip ospf database
ãã®ã«ãŒã¿ã®ããŒã¿ããŒã¹å ã«ä¿åãããåçš® OSPF ãªã³ã¯ã¹ããŒã ã¢ããã¿ã€ãºã¡ã³ãïŒLSAïŒ ã«é¢ããæ å ±ã衚瀺ããŸãã
ææ³
show ip ospf [area-id] database [adv-router [ip-address]]
show ip ospf [area-id] database [asbr-summary] [link-state-id]
show ip ospf [area-id] database [asbr-summary] [link-state-id] [adv-router [ip-address]]
show ip ospf [area-id] database [asbr-summary] [link-state-id] [self-originate] [link-state-id]
show ip ospf [area-id] database [database-summary]
show ip ospf [area-id] database [external] [link-state-id]
show ip ospf [area-id] database [external] [link-state-id] [adv-router [ip-address]]
show ip ospf [area-id] database [external] [link-state-id] [self-originate] [ip-address]
show ip ospf [area-id] database [network] [link-state-id]
show ip ospf [area-id] database [network] [link-state-id] [adv-router [ip-address]]
show ip ospf [area-id] database [network] [link-state-id] [self-originate] [link-state-id]
show ip ospf [area-id] database [nssa-external] [link-state-id]
show ip ospf [area-id] database [nssa-external] [link-state-id] [adv-router [ip-address]]
show ip ospf [area-id] database [nssa-external] [link-state-id] [self-originate] [link-state-id]
show ip ospf [area-id] database [router] [link-state-id]
show ip ospf [area-id] database [[router] [adv-router [ip-address]]
show ip ospf [area-id] database [router] [self-originate] [link-state-id]
show ip ospf [area-id] database [self-originate] [link-state-id]
show ip ospf [area-id] database [summary] [link-state-id]
show ip ospf [area-id] database [summary] [link-state-id] [adv-router [ip-address]]
show ip ospf [area-id] database [summary] [link-state-id] [self-originate] [link-state-id]
⢠area-id - LSA æ å ±ãé²èŠ§ããããšãªã¢ãå®çŸ©ããŸãïŒ ãã®é ç®ã¯ãIP ã¢ãã¬ã¹ãšåã圢åŒã§å ¥åããå¿ èŠããããŸãïŒã
⢠adv-router - ã¢ããã¿ã€ãžã³ã° ã«ãŒã¿ã® IP ã¢ãã¬ã¹ã§ããå ¥åããªãå Žåããã¹ãŠã®ã¢ããã¿ã€ãžã³ã° ã«ãŒã¿ã«é¢ããæ å ±ã衚瀺ãããŸãã
⢠ip-address - æå®ã«ãŒã¿ã® IP ã¢ãã¬ã¹ã§ããã¢ãã¬ã¹ãå ¥åããªãå ŽåãããŒã«ã«ã«ãŒã¿ã«é¢ããæ å ±ã衚瀺ãããŸãã
⢠asbr-summary - ASBR ïŒèªåŸã·ã¹ãã å¢çã«ãŒã¿ïŒ ãµããªãŒ LSA ã«é¢ããæ å ±ã衚瀺ããŸãã
⢠link-state-id - LSA ã«ãã£ãŠèšè¿°ããããããã¯ãŒã¯éšåã§ããlink-state-id ã«ã¯ã次ãå ¥åããå¿ èŠããããŸãã
ïŒã¿ã€ã 3 ãµããªãŒããã³å€éš LSA ã® IP ãããã¯ãŒã¯çªå·
518FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
ïŒã«ãŒã¿ã®ã«ãŒã¿ IDããããã¯ãŒã¯ãã¿ã€ã 4 AS ãµããªãŒ LSAããŸããã¿ã€ã 5 ASBR å€éš LSA ã«ãã£ãŠããã©ã«ã ã«ãŒããèšè¿°ãããæããã® link-state-id ã¯ããã©ã«ãã®å®å ïŒ0.0.0.0ïŒ ã«èšå®ãããããšã«æ³šæããŠãã ããã
⢠self-originate - ãã®ã«ãŒã¿ã«ãã£ãŠéä¿¡ããã LSA ã衚瀺ããŸãã
⢠database-summary - ããŒã¿ããŒã¹å ã«ä¿åãããŠããåãšãªã¢ã®å LSA ã¿ã€ãã®ã«ãŠã³ããããã³ããŒã¿ããŒã¹å ã® LSA ã®ç·æ°ã衚瀺ããŸãã
⢠external - å€éš LSA ã«é¢ããæ å ±ã衚瀺ããŸãã
⢠network - ãããã¯ãŒã¯ LSA ã«é¢ããæ å ±ã衚瀺ããŸãã
⢠nssa-external - NSSA å€éš LSA ã«é¢ããæ å ±ã衚瀺ããŸãã
⢠router - ã«ãŒã¿ LSA ã«é¢ããæ å ±ã衚瀺ããŸãã
⢠summary - ãµããªãŒ LSA ã«é¢ããæ å ±ã衚瀺ããŸãã
ã³ãã³ã ã¢ãŒã
Privileged Exec
äŸ
次ã®äŸã¯ãshow ip ospf database ã³ãã³ãã®åºåã瀺ããŸãã
Console#show ip ospf database
ããDisplaying Router Link States(Area 10.1.0.0)
ããããLink ID ãããADV Router ããAge ãããSeq# ãããChecksum--------------- --------------- ------ ----------- -----------
ããã10.1.1.252 ããã10.1.1.252 ãã26 ã0X80000005 ããã0X89A1ããã10.1.1.253 ããã10.1.1.253 ãã23 ã0X80000002 ããã0X8D9D
ããDisplaying Net Link States(Area 10.1.0.0)
ããããLink ID ãããADV Router ããAge ãããSeq# ãããChecksum--------------- --------------- ------ ----------- -----------
ããã10.1.1.252 ããã10.1.1.252 ãã28 ã0X80000001 ããã0X53E1Console#
é ç® è§£èª¬
Link ID ã«ãŒã¿ ID
ADV Router ã¢ããã¿ã€ãžã³ã° ã«ãŒã¿ ID
Age LSAã®ãšãŒãžã§ãïŒç§åäœïŒ
Seq# LSA ã®ã·ãŒã±ã³ã¹çªå·ïŒå€ãéè€ãã LSA ã®æ€åºã«äœ¿çšãããŸãïŒ
Checksum LSA ã®å®å šã³ã³ãã³ãã®ãã§ãã¯ãµã
519 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
次ã®äŸã¯ãasbr-summaryããŒã¯ãŒãã䜿çšããå Žå ã§ãã
Console#show ip ospf database asbr-summary
OSPF Router with id(10.1.1.253)
ãããããããDisplaying Summary ASB Link States(Area 0.0.0.0)
LS age: 433Options: (No TOS-capability)LS Type: Summary Links (AS Boundary Router)Link State ID: 192.168.5.1 (AS Boundary Router's Router ID)Advertising Router: 192.168.1.5LS Sequence Number: 80000002LS Checksum: 0x51E2Length: 32Network Mask: 255.255.255.0Metric: 1
Console#
é ç® è§£èª¬
OSPF Router id ã«ãŒã¿ ID
LS age LSA ã®ãšãŒãžïŒç§åäœïŒ
Options LSA ãšé¢é£ä»ãããããªãã·ã§ã³æ©èœ
LS Type AS External Links - LSA ã¯ãAS å€éšã®å®å ãžã®ã«ãŒãïŒAS ãžã®ããã©ã«ãå€éšã«ãŒããå«ãïŒ ãèšè¿°
Link State ID ãªã³ã¯ã¹ããŒã ID
Advertising Router ã¢ããã¿ã€ãžã³ã° ã«ãŒã¿ ID
LS SequenceNumber
LSA ã®ã·ãŒã±ã³ã¹çªå·ïŒå€ãéè€ãã LSA ã®æ€åºã«äœ¿çšãããŸãïŒ
LS Checksum LSA ã®å®å šã³ã³ãã³ãã®ãã§ãã¯ãµã
Length LSA ã®é·ãããã€ãåäœã§ç€º
Network Mask ãããã¯ãŒã¯ã®ã¢ãã¬ã¹ ãã¹ã¯
Metric Type ã¿ã€ã 1 ãŸãã¯ã¿ã€ã 2 å€éšã¡ããªãã¯
Metrics ãªã³ã¯ã®ã³ã¹ãForward Address ã¢ããã¿ã€ãºãããå®å ãžæž¡ãããããŒã¿ã®ãã©ã¯ãŒãã£ã³ã°
ã¢ãã¬ã¹ã§ãïŒãã©ã¯ãŒãã£ã³ã° ã¢ãã¬ã¹ã 0.0.0.0 ã«èšå®ãããŠããå ŽåãããŒã¿ã¯ã¢ããã¿ã€ãºã¡ã³ãã®çºä¿¡å ãžè»¢éãããŸãïŒ
External Route Tag åå€éšã«ãŒãã«å²ãåœãŠããã 32 ããã ãã£ãŒã«ãã§ãïŒOSPF ã§ã¯äœ¿çšãããŸãããç¹å®ã®ã¢ããªã±ãŒã·ã§ã³ã§æå®ããããšããã«å¢çã«ãŒã¿éã§ä»ã®æ å ±ãéä¿¡ããã®ã«äœ¿çšãããŸãïŒã
520FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
次ã®äŸã¯ãnetworkããŒã¯ãŒãã䜿çšããå Žå ã§ãã
Console#show ip ospf database network
OSPF Router with id(10.1.1.253)
ããããããDisplaying Net Link States(Area 10.1.0.0)
Link State Data Network (Type 2)-------------------------------
LS age: 433Options: Support External routing capabilityLS Type: Network LinksLink State ID: 10.1.1.252 (IP interface address of the DesignatedRouter)Advertising Router: 10.1.1.252LS Sequence Number: 80000002LS Checksum: 0x51E2Length: 32Network Mask: 255.255.255.0
ããããããããAttached Router: 10.1.1.252
ããããAttached Router: 10.1.1.253Console#
é ç® è§£èª¬
OSPF Router id ã«ãŒã¿ ID
LS age LSA ã®ãšãŒãžïŒç§åäœïŒ
Options LSA ãšé¢é£ä»ãããããªãã·ã§ã³æ©èœ
LS Type Network Link - LSA ã¯ããããã¯ãŒã¯ã«æ¥ç¶ãããã«ãŒã¿ãèšè¿°
Link State ID èªåŸã·ã¹ãã å¢çã«ãŒã¿ïŒASBRïŒ ã®ã€ã³ã¿ãã§ãŒã¹ ã¢ãã¬ã¹
Advertising Router ã¢ããã¿ã€ãžã³ã° ã«ãŒã¿ ID
LS Sequence Number
LSA ã®ã·ãŒã±ã³ã¹çªå·ïŒå€ãéè€ãã LSA ã®æ€åºã«äœ¿çšãããŸãïŒ
LS Checksum LSA ã®å®å šã³ã³ãã³ãã®ãã§ãã¯ãµã
Length LSA ã®é·ãããã€ãåäœã§ç€ºããŸã
Network Mask ãããã¯ãŒã¯ã®ã¢ãã¬ã¹ ãã¹ã¯
Metrics ãªã³ã¯ã®ã³ã¹ã
é ç® è§£èª¬
Area ID ãšãªã¢èå¥å
Router ã«ãŒã¿ LSA ã®æ°
Network ãããã¯ãŒã¯ LSA ã®æ°
521 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
次ã®äŸã¯ãrouterããŒã¯ãŒãã䜿çšããå Žå ã§ãã
Sum-Net ãµããªãŒ LSA ã®æ°
Sum-ASBR ãµããªãŒ ASBR LSA ã®æ°
External-AS AS å€éš LSA ã®æ°
External-Nssa NSSA å€éšãããã¯ãŒã¯ LSA ã®æ°
Total LSA Counts LSA ã®ç·æ°
Console#show ip ospf database router
OSPF Router with id(10.1.1.253)
ããããããDisplaying Router Link States(Area 10.1.0.0)
Link State Data Router (Type 1)-------------------------------
LS age: 233Options: Support External routing capabilityLS Type: Router LinksLink State ID: 10.1.1.252 (Originating Router's Router ID)Advertising Router: 10.1.1.252LS Sequence Number: 80000011LS Checksum: 0x7287Length: 48Router Role: Area Border RouterNumber of Links: 1-------------------------------------------------------Link ID: 10.1.7.0 (IP Network/Subnet Number)
ããLink Data: 255.255.255.0 (Network's IP address mask)
ããLink Type: Connection to a stub network
ããNumber of TOS metrics: 0
ããMetrics: 1
Console#
é ç® è§£èª¬
OSPF Router id ã«ãŒã¿ ID
LS age LSA ã®ãšãŒãžïŒç§åäœïŒ
Options LSA ãšé¢é£ä»ãããããªãã·ã§ã³æ©èœ
LS Type AS External Links - LSA ã¯ãAS å€éšã®å®å ãžã®ã«ãŒãïŒAS ãžã®ããã©ã«ãå€éšã«ãŒããå«ãïŒ ãèšè¿°
Link State ID ãªã³ã¯ã¹ããŒã ID
Advertising Router ã¢ããã¿ã€ãžã³ã° ã«ãŒã¿ ID
LS SequenceNumber
LSA ã®ã·ãŒã±ã³ã¹çªå·ïŒå€ãéè€ãã LSA ã®æ€åºã«äœ¿çšãããŸãïŒ
LS Checksum LSA ã®å®å šã³ã³ãã³ãã®ãã§ãã¯ãµã
522FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
Length LSA ã®é·ãããã€ãåäœã§ç€º
Network Mask ãããã¯ãŒã¯ã®ã¢ãã¬ã¹ ãã¹ã¯
Metric Type ã¿ã€ã 1 ãŸãã¯ã¿ã€ã 2 å€éšã¡ããªãã¯
Metrics ãªã³ã¯ã®ã³ã¹ãForward Address ã¢ããã¿ã€ãºãããå®å ãžæž¡ãããããŒã¿ã®ãã©ã¯ãŒãã£ã³ã°
ã¢ãã¬ã¹ã§ãïŒãã©ã¯ãŒãã£ã³ã° ã¢ãã¬ã¹ã 0.0.0.0 ã«èšå®ãããŠããå ŽåãããŒã¿ã¯ã¢ããã¿ã€ãºã¡ã³ãã®çºä¿¡å ãžè»¢éãããŸãïŒ
External Route Tag åå€éšã«ãŒãã«å²ãåœãŠããã 32 ããã ãã£ãŒã«ãã§ãïŒOSPF ã§ã¯äœ¿çšãããŸãããç¹å®ã®ã¢ããªã±ãŒã·ã§ã³ã§æå®ããããšããã«å¢çã«ãŒã¿éã§ä»ã®æ å ±ãéä¿¡ããã®ã«äœ¿çšãããŸãïŒã
é ç® è§£èª¬
OSPF Router id ã«ãŒã¿ ID
LS age LSA ã®ãšãŒãžïŒç§åäœïŒ
Options LSA ãšé¢é£ä»ãããããªãã·ã§ã³æ©èœ
LS Type Network Link - LSA ã¯ããããã¯ãŒã¯ã«æ¥ç¶ãããã«ãŒã¿ãèšè¿°
Link State ID ãªã³ã¯ã¹ããŒã ID
Advertising Router ã¢ããã¿ã€ãžã³ã° ã«ãŒã¿ ID
LS SequenceNumber
LSA ã®ã·ãŒã±ã³ã¹çªå·ïŒå€ãéè€ãã LSA ã®æ€åºã«äœ¿çšãããŸãïŒ
LS Checksum LSA ã®å®å šã³ã³ãã³ãã®ãã§ãã¯ãµã
Length LSA ã®é·ãããã€ãåäœã§ç€ºããŸã
Network Mask ãããã¯ãŒã¯ã®ã¢ãã¬ã¹ ãã¹ã¯
Attached Router ãããã¯ãŒã¯ã«æ¥ç¶ãããã«ãŒã¿ïŒæå®ã«ãŒã¿èªèº«ãå«ããæå®ã«ãŒã¿ã«å®å šã«é£æ¥ããã«ãŒã¿ïŒ ã®ãªã¹ã
523 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
次ã®äŸã¯ãsummaryããŒã¯ãŒãã䜿çšããå Žå ã§ãã
Console#show ip ospf database summary
OSPF Router with id(10.1.1.253)
ããããããDisplaying Summary Net Link States(Area 10.1.0.0)
Link State Data Summary (Type 3)-------------------------------
LS age: 686Options: Support External routing capabilityLS Type: Summary Links(Network)Link State ID: 10.2.6.0 (The destination Summary Network Number)Advertising Router: 10.1.1.252LS Sequence Number: 80000003LS Checksum: 0x3D02Length: 28Network Mask: 255.255.255.0Metric: 1
Console#
é ç® è§£èª¬
OSPF Router id ã«ãŒã¿ ID
LS age LSA ã®ãšãŒãžïŒç§åäœïŒ
Options LSA ãšé¢é£ä»ãããããªãã·ã§ã³æ©èœ
LS Type ïŒ Summary Links - LSA ã¯ããããã¯ãŒã¯ãžã®ã«ãŒããèšè¿°ããŸã
Link State ID ãªã³ã¯ã¹ããŒã ID
Advertising Router ã¢ããã¿ã€ãžã³ã° ã«ãŒã¿ ID
LS SequenceNumber
LSA ã®ã·ãŒã±ã³ã¹çªå·ïŒå€ãéè€ãã LSA ã®æ€åºã«äœ¿çšãããŸãïŒ
LS Checksum LSAã®å®å šã³ã³ãã³ãã®ãã§ãã¯ãµã
Length LSA ã®é·ãããã€ãåäœã§ç€ºããŸã
Network Mask å®å ãããã¯ãŒã¯ã® IP ã¢ãã¬ã¹ ãã¹ã¯
Metrics ãªã³ã¯ã®ã³ã¹ã
524FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
show ip ospf interface
OSPF ã€ã³ã¿ãã§ãŒã¹ã®ãµããªãŒæ å ±ã衚瀺ããŸãã
ææ³
show ip ospf interface [vlan vlan-id]
⢠vlan-id - VLAN ID ã§ãïŒç¯å² : 1 ïœ 4094ïŒ
ã³ãã³ã ã¢ãŒã
Privileged Exec
äŸ
Console#show ip ospf interface vlan 1
Vlan 1 is up
ãInterface Address 10.1.1.253, Mask 255.255.255.0, Area 10.1.0.0
ãRouter ID 10.1.1.253, Network Type BROADCAST, Cost: 1
ãTransmit Delay is 1 sec, State BDR, Priority 1
ãDesignated Router id 10.1.1.252, Interface address 10.1.1.252
ãBackup Designated router id 10.1.1.253, Interface addr 10.1.1.253
ãTimer intervals configured, Hello 10, Dead 40, Retransmit 5
Console#
é ç® è§£èª¬Vlan ç©çãªã³ã¯ã® VLAN ID ãšã¹ããŒã¿ã¹ã§ãã
Interface Address OSPFã€ã³ã¿ãã§ãŒã¹ã® IPã¢ãã¬ã¹
Mask ã€ã³ã¿ãã§ãŒã¹ ã¢ãã¬ã¹ã®ãããã¯ãŒã¯ ãã¹ã¯
Area ãã®ã€ã³ã¿ãã§ãŒã¹ãå±ããŠãã OSPF ãšãªã¢
Router ID ã«ãŒã¿ ID
Network Type ãããŒããã£ã¹ããéãããŒããã£ã¹ãããŸãã¯ãã€ã³ãããŒãã€ã³ã ãããã¯ãŒã¯ã®ãããã
Cost ã€ã³ã¿ãã§ãŒã¹ã®éä¿¡ã³ã¹ã
Transmit Delay ã€ã³ã¿ãã§ãŒã¹ã®éä¿¡é 延ïŒç§åäœïŒ
State ⢠Disabled - ãã®ã€ã³ã¿ãã§ãŒã¹äžã§ OSPF ã¯æå¹ã«ãªã£ãŠããŸããã⢠Down . - ãã®ã€ã³ã¿ãã§ãŒã¹äžã§ OSPF ã¯æå¹ã«ãªã£ãŠããŸãããã€ã³ã¿ãã§ãŒã¹ãããŠã³ããŠããŸãã
⢠Loopback - ã«ãŒããã㯠ã€ã³ã¿ãã§ãŒã¹ã§ãã⢠Waiting - ã«ãŒã¿ã¯ DR ãš BDR ãèŠã€ããããšããŠããŸãã⢠DR - æå®ã«ãŒã¿ïŒDesignated RouterïŒ ã§ãã⢠BDR - ããã¯ã¢ããæå®ã«ãŒã¿ïŒBackup Designated RouterïŒ ã§ãã⢠DRother - ã€ã³ã¿ãã§ãŒã¹ã¯ãã«ãã¢ã¯ã»ã¹ ãããã¯ãŒã¯äžã«ãããŸããã
DR ãŸã㯠BDR ã§ã¯ãããŸããã
Priority ã«ãŒã¿ã®ãã©ã€ãªãªãã£
Designated Router æå®ã«ãŒã¿ ID ïŒDR IDïŒãããã³å¯Ÿå¿ããã€ã³ã¿ãã§ãŒã¹ ã¢ãã¬ã¹
Backup Designated Router
ããã¯ã¢ããæå®ã«ãŒã¿ã® ID ãšå¯Ÿå¿ããã€ã³ã¿ãã§ãŒã¹ ã¢ãã¬ã¹
Timer intervals ã¿ã€ããŒééïŒHello ééãDead ééãRetransmit ééãå«ãïŒ ã®ã³ã³ãã£ã®ã¥ã¬ãŒã·ã§ã³èšå®
525 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
show ip ospf neighbor
OSPF ãšãªã¢å ã®åã€ã³ã¿ãã§ãŒã¹äžã®é£æ¥ã«ãŒã¿ã«é¢ããæ å ±ã衚瀺ããŸãã
ææ³
show ip ospf neighbor
ã³ãã³ã ã¢ãŒã
Privileged Exec
äŸ
Console#show ip ospf neighbor
ãããID ããããããPri ããããState ããããããAddress--------------- ------ ---------------- ---------------
ããã10.1.1.252 ããã1 ãããããFULL/DR ããã10.1.1.252
Console#
é ç® è§£èª¬ID é£æ¥ã«ãŒã¿ã®ã«ãŒã¿ ID
OSPF ã®ç¶æ ãšèå¥ãã©ã°ãåç¶æ ã¯ã次ã®ãšããã§ããDown - æ¥ç¶ãããŠã³ããŠããŸããAttempt - æ¥ç¶ã¯ããŠã³ããŠããããã³ã³ã¿ã¯ããè©Šã¿ãããŠããŸãïŒéãããŒããã£ã¹ã ãããã¯ãŒã¯çšïŒãInit - Hello ãã±ããã¯åä¿¡ãããããéä¿¡ã¯ãŸã 確ç«ãããŠããŸãããTwo-way - åæ¹åéä¿¡ã確ç«ããŠããŸããExStart - é£æ¥ã«ãŒã¿éã®é£æ¥æ§ãåæåããŠããŸããExchange - ããŒã¿ããŒã¹èšè¿°ã亀æããŠããŸããLoading - LSA ããŒã¿ããŒã¹ã亀æããŠããŸããFull - é£æ¥ã«ãŒã¿ã¯å®å šã«é£æ¥é¢ä¿ã«ãããŸããåèå¥ãã©ã°ã¯æ¬¡ã®ãšããã§ããD - ãã€ãããã¯é£æ¥ã«ãŒã¿ã§ããS - ã¹ã¿ãã£ãã¯é£æ¥ã«ãŒã¿ã§ããDR - æå®ã«ãŒã¿ã§ããBDR - ããã¯ã¢ããæå®ã«ãŒã¿ã§ãã
Address ãã®ã€ã³ã¿ãã§ãŒã¹ã® IP ã¢ãã¬ã¹
Interface äžæµã®é£æ¥ã«ãŒã¿ã«æ¥ç¶ãããã®ã«ãŒã¿äžã® IP ã€ã³ã¿ãã§ãŒã¹
526FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹IPã«ãŒãã£ã³ã°
show ip ospf summary-address
ãã¹ãŠã®ãµããªãŒ ã¢ãã¬ã¹æ å ±ã衚瀺ããŸãã
ææ³
show ip ospf summary-address
ã³ãã³ã ã¢ãŒã
Privileged Exec
äŸ
ãã®äŸã§ã¯ããµããªãŒ ã¢ãã¬ã¹ãããã³é¢é£ä»ãããããããã¯ãŒã¯ ãã¹ã¯ã衚瀺ããŸãã
show ip ospf virtual-links
ä»®æ³ãªã³ã¯ã«é¢ãã詳现æ å ±ã衚瀺ããŸãã
ææ³
show ip ospf virtual-links
ã³ãã³ã ã¢ãŒã
Privileged Exec
äŸ
Console#show ip ospf summary-address10.1.0.0/255.255.0.0Console#
Console#show ip ospf virtual-linksVirtual Link to router 10.1.1.253 is upTransit area 10.1.1.0Transmit Delay is 1 secTimer intervals configured, Hello 10, Dead 40, Retransmit 5Console#
é ç® è§£èª¬
Virtual Link to router
OSPF é£æ¥ã«ãŒã¿ãšãªã³ã¯ç¶æ ïŒã¢ãããŸãã¯ããŠã³ïŒ
Transit area ä»®æ³ãªã³ã¯ãã¿ãŒã²ãã ã«ãŒã¿ã«å°éããããã«æšªæããå ±éãšãªã¢
Transmit Delay ä»®æ³ãªã³ã¯äžã®äºæž¬éä¿¡é 延ïŒç§åäœïŒTimer intervals ã¿ã€ããŒééïŒHello ééãDead ééãRetransmit ééãå«ãïŒ ã®ã³ã³
ãã£ã®ã¥ã¬ãŒã·ã§ã³èšå®
527 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ãã«ãŒãã£ã³ã°
3.24 ãã«ããã£ã¹ãã«ãŒãã£ã³ã°
ãã®ã«ãŒã¿ã§ã¯ãIGMP ã¹ããŒãã³ã°ããã³ã¯ãšãªãŒã䜿çšããŠãäžæµã®ãã«ããã£ã¹ã ã
ã¹ãã«æ¥ç¶ããããŒããå€æãããã®æ å ±ããã«ããã£ã¹ã ããªãŒå šäœã«äŒæããèŠæ±ãã
ããµãŒãã¹ããã«ããã£ã¹ã ãµãŒããšãã®ãã¹ãéã®åäžéããŒããä»ããŠç¢ºå®ã«è»¢éãã
ãããã«ããŸãããŸãããããããµãŒãã¹ãèŠæ±ããŠããªãä»ã®ãã¹ãŠã®ã€ã³ã¿ãã§ãŒã¹
ããã®ãã©ãã£ãã¯ããã£ã«ã¿ãªã³ã°ããŸãã
ãã«ããã£ã¹ã ã«ãŒã¿ã§ã¯ãã¹ããŒãã³ã°ããã³ã¯ãšãªãŒ ã¡ãã»ãŒãžããã«ããã£ã¹ã ã«ãŒ
ãã£ã³ã° ãããã³ã«ãšãšãã«äœ¿çšããããšã«ãããç°ãªããµããããã¯ãŒã¯ã«ãŸããã IP ã
ã«ããã£ã¹ã ãã±ããã®é ä¿¡ãæäŸããŸãããã®ã«ãŒã¿ã¯ãDVMRP (Distance-Vector
Multicast Routing Protocol) ããã³ PIM (Protocol Independent Multicasting) ã®äž¡æ¹ããµããŒã
ããŠããŸãïŒãã«ããã£ã¹ã ã«ãŒãã£ã³ã°ã䜿çšããã€ã³ã¿ãã§ãŒã¹ã¯ããããã IGMP
ãæå¹ã«ãªã£ãŠããå¿ èŠãããããšã«æ³šæããŠãã ããïŒã
ã³ãã³ãã°ã«ãŒã
æ©èœ ããŒãž
Static MulticastRouting
ã¹ã¿ãã£ã㯠ãã«ããã£ã¹ã ã«ãŒã¿ ããŒããæ§æããŸãã
P529
General MulticastRouting
IP ãã«ããã£ã¹ã ã«ãŒãã£ã³ã°ãã°ããŒãã«ã«æå¹ã«ããŸãããŸããã¹ã¿ãã£ãã¯ãŸãã¯ãã€ããã㯠ã«ãŒãã£ã³ã°æ å ±ããäœæãã IP ãã«ããã£ã¹ã ã«ãŒãã£ã³ã° ããŒãã«ã衚瀺ããŸãã
P531
DVMRP MulticastRouting
DVMRP ã®ã°ããŒãã«èšå®ããã³ã€ã³ã¿ãã§ãŒã¹èšå®ãæ§æããŸãã
P534
PIM-DM MulticastRouting
PIM-DM ã®ã°ããŒãã«èšå®ããã³ã€ã³ã¿ãã§ãŒã¹èšå®ãæ§æããŸãã
P545
528FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ãã«ãŒãã£ã³ã°
3.24.1 éçãã«ããã£ã¹ãã«ãŒãã£ã³ã°
ip igmp snooping vlan mrouter
ãã«ããã£ã¹ã ã«ãŒã¿ ããŒããéçã«æ§æããŸãã"no"ãåã«çœ®ãããšã§ãã³ã³ãã£ã®ã¥ã¬ãŒã·ã§ã³ãåé€ãããŸãã
ææ³
[no] ip igmp snooping vlan vlan-id mrouter interface
⢠vlan-id - VLAN ID ã§ãïŒç¯å² : 1 ïœ 4093ïŒã
⢠interface
⢠ethernet unit/port
- unit - ã¹ã¿ã㯠ãŠãããã§ãïŒ1ïŒã
- port - ããŒãçªå·ã§ãïŒç¯å² : 1 ïœ 12ïŒã
⢠port-channel channel-id ïŒç¯å² : 1 ïœ 6ïŒ
åæèšå®
ã¹ã¿ãã£ã㯠ãã«ããã£ã¹ã ã«ãŒã¿ ããŒãã¯æ§æãããŠããŸããã
ã³ãã³ã ã¢ãŒã
Global Configuration
ã³ãã³ã解説
ãããã¯ãŒã¯æ¥ç¶ã«ãã£ãŠã¯ãIGMP ã¹ããŒãã³ã°ã§ IGMP ã¯ãšãªã¢ãç¹å®ã§ãããšã¯éããŸããããã®ãããIGMP ã¯ãšãªã¢ããã«ãŒã¿äžã®ã€ã³ã¿ãã§ãŒã¹ïŒããŒããŸãã¯ãã©ã³ã¯ïŒ ã«ãããã¯ãŒã¯æ¥ç¶ãããæ¢ç¥ã®ãã«ããã£ã¹ã ã«ãŒã¿ / ã¹ã€ããã§ããå Žåããã®ã€ã³ã¿ãã§ãŒã¹ãçŸåšã®ãã¹ãŠã®ãã«ããã£ã¹ã ã°ã«ãŒãã«åå ããããæåã§æ§æããããšãã§ããŸãã
äŸ
次ã®äŸã¯ãããŒã 11 ã VLAN 1 å ã®ãã«ããã£ã¹ã ã«ãŒã¿ ããŒããšããŠæ§æããæ¹æ³ã瀺ããŠããŸãã
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãž
ip igmp snooping vlan mrouter ãã«ããã£ã¹ã ã«ãŒã¿ ããŒããè¿œå ããŸãã GC P529
show ip igmp snooping mrouter ãã«ããã£ã¹ã ã«ãŒã¿ ããŒãã衚瀺ããŸãã PE P530
Console(config)#ip igmp snooping vlan 1 mrouter ethernet 1/11Console(config)#
529 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ãã«ãŒãã£ã³ã°
show ip igmp snooping mrouter
éçã«æ§æããããã«ããã£ã¹ã ã«ãŒã¿ ããŒããããã³åçã«åŠç¿ããããã«ããã£ã¹ã ã«ãŒã¿ ããŒãã®æ å ±ã衚瀺ããŸãã
ææ³
show ip igmp snooping mrouter [vlan vlan-id]
⢠vlan-id - VLAN ID ã§ãïŒç¯å² : 1 ïœ 4093ïŒã
åæèšå®
æ§æãããŠãããã¹ãŠã® VLAN ã®ãã«ããã£ã¹ã ã«ãŒã¿ ããŒãã衚瀺ããŸãã
ã³ãã³ã ã¢ãŒã
Privileged Exec
ã³ãã³ã解説
衚瀺ããããã«ããã£ã¹ã ã«ãŒã¿ ããŒãã®ã¿ã€ãã¯ã¹ã¿ãã£ãã¯ãŸãã¯ãã€ãããã¯ã§ãã
äŸ
次ã®äŸã¯ãVLAN 1 å ã®ããŒã 11 ããã«ããã£ã¹ã ã«ãŒã¿ã«æ¥ç¶ãããŠããããšã瀺ããŠããŸãã
Console#show ip igmp snooping mrouter vlan 1
ãVLAN ãM'cast Router Portsã Type
ã---- ã------------------- ã-------
ãã1 ããããããããEth 1/11 ããStaticãã2 ããããããããEth 1/12 ããDynamicConsole#
530FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ãã«ãŒãã£ã³ã°
3.24.2 äžè¬ãã«ããã£ã¹ãã«ãŒãã£ã³ã°
ip multicast-routing
ãã®ã³ãã³ãã§ã¯ãIP ãã«ããã£ã¹ã ã«ãŒãã£ã³ã°ãæå¹ã«ããŸããnoãåã«ããããšã§ãIP ãã«ããã£ã¹ã ã«ãŒãã£ã³ã°ãç¡å¹ã«ãªããŸãã
ææ³
[no] ip multicast-routing
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Global Configuration
ã³ãã³ã解説
ãã®ã³ãã³ãã§ã¯ãã«ãŒã¿ã§ãã«ããã£ã¹ã ã«ãŒãã£ã³ã°ãã°ããŒãã«ã«æå¹ã«ããŸãããŸããrouter dvmrp ãŸã㯠router pim ã³ãã³ãã䜿çšããŠãç¹å®ã®ãã«ããã£ã¹ã ã«ãŒãã£ã³ã° ãããã³ã«ãã°ããŒãã«ã«æå¹ã«ãã次ã«ãip dvmrp ãŸã㯠ip pim dense-mode ã³ãã³ãã䜿çšããŠããã«ããã£ã¹ã ã«ãŒãã£ã³ã°ããµããŒãããã€ã³ã¿ãã§ãŒã¹ãæå®ããå¿ èŠããããŸãã
äŸ
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãžip multicast-routing IP ãã«ããã£ã¹ã ã«ãŒãã£ã³ã°ãæå¹ã«ããŸãã GC P531
show ip mroute IP ãã«ããã£ã¹ã ã«ãŒãã£ã³ã° ããŒãã«ã衚瀺ããŸãã PE P532
Console(config)#ip multicast-routingConsole(config)#
531 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ãã«ãŒãã£ã³ã°
show ip mroute
IP ãã«ããã£ã¹ã ã«ãŒãã£ã³ã° ããŒãã«ã衚瀺ããŸãã
ææ³
show ip mroute [group-address source] [summary]
⢠group-address - IP ãã«ããã£ã¹ã ã°ã«ãŒã ã¢ãã¬ã¹ã§ããå å ¥è ã¯çŽæ¥æ¥ç¶ãããŠãããããŸãã¯ãã®ã«ãŒã¿ã®äžæµã«ååšããŸãã
⢠source - ãã«ããã£ã¹ãé ä¿¡ããªãŒã®æ ¹ãšãªã IP ãµããããã¯ãŒã¯ã§ãããã®ãµããããã¯ãŒã¯ã¯ãæ¢ç¥ã®ãã«ããã£ã¹ãéä¿¡å ãå«ã¿ãŸãã
⢠summary - IP ãã«ããã£ã¹ã ã«ãŒãã£ã³ã° ããŒãã«å ã®åãšã³ããªã«é¢ãããµããªãŒæ å ±ã衚瀺ããŸãã
ã³ãã³ã ã¢ãŒã
Privileged Exec
ã³ãã³ã解説
ãã®ã³ãã³ãã§ã¯ããã«ããã£ã¹ã ã«ãŒãã£ã³ã°ã«é¢ããæ å ±ã衚瀺ããŸãããªãã·ã§ã³ ãã©ã¡ãŒã¿ãéžæããªãå Žåããã«ããã£ã¹ã ã¢ãã¬ã¹ ããŒãã«å ã®åãšã³ããªã«é¢ãã詳现æ å ±ã衚瀺ããŸãããã«ããã£ã¹ã ã°ã«ãŒããšéä¿¡å ããã¢ã§éžæãããšãæå®ãããšã³ããªã«é¢ãã詳现æ å ±ã®ã¿è¡šç€ºãããŸãã
äŸ
ãã®äŸã§ã¯ãæå®ããã°ã«ãŒããšéä¿¡å ã®ãã¢ã«é¢ãã詳现ãªãã«ããã£ã¹ãæ å ±ã衚瀺ããŸãã
Console#show ip mroute 224.0.255.3 192.111.46.8IP Multicast Forwarding is enabled.
IP Multicast Routing Table
Flags: P - Prune, F - Forwarding(192.111.46.0, 255.255.255.0, 224.0.255.3)Owner: DVMPRUpstream Interface: vlan1Upstream Router: 148.122.34.9Downstream: vlan2(P), vlan3(F)Console#
é ç® è§£èª¬Source and netmask IPãã«ããã£ã¹ãéä¿¡å ãå«ãŸããŠãããµããããã¯ãŒã¯
Group address èŠæ±ããããµãŒãã¹ã® IP ãã«ããã£ã¹ã ã°ã«ãŒã ã¢ãã¬ã¹
Owner é¢é£ä»ãããããã«ããã£ã¹ã ãããã³ã«ïŒDVMRP ãŸã㯠PIM-DMïŒ
Upstream Interface äžæµã®é£æ¥ã«ãŒã¿ã«æ¥ç¶ãããã€ã³ã¿ãã§ãŒã¹
Upstream Router ãã®ã°ã«ãŒãã®çŽæ¥äžæµã«ãããã«ããã£ã¹ã ã«ãŒã¿ã® IP ã¢ãã¬ã¹
Downstream interfaceand flags
ãã«ããã£ã¹ãå å ¥è ãèšé²ãããã€ã³ã¿ãã§ãŒã¹ã§ããåã€ã³ã¿ãã§ãŒã¹ã«é¢é£ä»ãããããã©ã°ã¯ãäžæµã€ã³ã¿ãã§ãŒã¹ãæè¿çµäºããå Žåã¯ãã«ãŒã³ïŒPïŒããã®ã€ã³ã¿ãã§ãŒã¹ããŸã ã¢ã¯ãã£ããªå Žåã¯ãã©ã¯ãŒãã£ã³ã°ïŒFïŒ ã瀺ããŸãã
532FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ãã«ãŒãã£ã³ã°
ãã®äŸã§ã¯ããã«ããã£ã¹ã ããŒãã«å ã®ãã¹ãŠã®ãšã³ããªããµããªãŒåœ¢åŒã§ãªã¹ã衚瀺ããŸãã
Console#show ip mroute summaryIP Multicast Forwarding is enabled.
IP Multicast Routing Table (Summary)
Flags: P - Prune UP
Group Source Source Mask Interface Owner Flags----------- ---------- -------------- ---------- ------- - 224.1.1.1 10.1.0.0 255.255.0.0 vlan1 DVMRP P 224.2.2.2 10.1.0.0 255.255.0.0 vlan1 DVMRP --Console#
533 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ãã«ãŒãã£ã³ã°
3.24.3 DVMRP
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãžrouter dvmrp DVMRP ãæå¹ã«ããã«ãŒã¿ ã³ã³ãã£ã®ã¥ã¬ãŒ
ã·ã§ã³ã¢ãŒãã«å ¥ããŸããGC P535
probe-interval é£æ¥ã«ãŒã¿ã«ãããŒã ã¡ãã»ãŒãžãéä¿¡ããééãèšå®ããŸãã
RC P536
nbr-timeout æ¥ç¶ãããŠããé£æ¥ã«ãŒã¿ã®ããŠã³ã宣èšãããŸã§ã®é 延æéãèšå®ããŸãã
RC P537
report-interval ä»ã®é£æ¥ã«ãŒã¿ã«ã«ãŒãã£ã³ã° ããŒãã«å šäœãäŒæããééãèšå®ããŸãã
RC P537
flash-update-interval ãããã¯ãŒã¯ ããããžã®å€æŽã«é¢ããã¢ããããŒããéä¿¡ããééãèšå®ããŸãã
RC P538
prune-lifetime éä¿¡å ã«ãŒãã£ã³ã°ããããã«ããã£ã¹ã ããªãŒã®ãã«ãŒã³ç¶æ ãç¶æãããæéãå®çŸ©ããŸãã
RC P538
default-gateway IP ãã«ããã£ã¹ã ã«ãŒãã£ã³ã°ã®ããã©ã«ã ã²ãŒããŠã§ã€ãæ§æããŸãã
RC P539
ip dvmrp æå®ã€ã³ã¿ãã§ãŒã¹ã§ DVMRP ãæå¹ã«ããŸãã IC P540
ip dvmrp metric çŽæ¥æ¥ç¶ãããã€ã³ã¿ãã§ãŒã¹äžã®ããã€ãã®ãããã¯ãŒã¯ã«å¯ŸãããªããŒã¹ ãã¹ã確ç«ããã®ã«äœ¿çšãããã¡ããªãã¯ãèšå®ããŸãã
IC P541
clear ip dvmrp route ãã«ããã£ã¹ã ã«ãŒãã£ã³ã° ããŒãã«å ã®ãã¹ãŠã®ãã€ããã㯠ã«ãŒããã¯ãªã¢ããŸãã
PE P541
show router dvmrp ã°ããŒãã«ãª DVMRP ã³ã³ãã£ã®ã¥ã¬ãŒã·ã§ã³èšå®ã衚瀺ããŸãã
NE,PE P542
show ip dvmrp route DVMRP ã«ãŒãã£ã³ã°æ å ±ã衚瀺ããŸãã NE,PE P543
show ip dvmrpneighbor
DVMRP é£æ¥ã«ãŒã¿æ å ±ã衚瀺ããŸãã NE,PE P544
show ip dvmrpinterface
ã€ã³ã¿ãã§ãŒã¹ã® DVMRP ã³ã³ãã£ã®ã¥ã¬ãŒã·ã§ã³èšå®ã衚瀺ããŸãã
NE,PE P544
534FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ãã«ãŒãã£ã³ã°
router dvmrp
ãã®ã«ãŒã¿ã§ DVMRP (Distance-Vector Multicast Routing) ãã°ããŒãã«ã«æå¹ã«ããã«ãŒã¿ ã³ã³ãã£ã®ã¥ã¬ãŒã·ã§ã³ ã¢ãŒãã«å ¥ããŸãã"no"ãåã«çœ®ãããšã§ãDVMRP ãã«ããã£ã¹ã ã«ãŒãã£ã³ã°ãç¡å¹ã«ãªããŸãã
ææ³
[no] router dvmrp
ã³ãã³ã ã¢ãŒã
Global Configuration
ã³ãã³ã解説
ãã®ã³ãã³ãã§ã¯ããã®ã«ãŒã¿ã§ DVMRP ãã°ããŒãã«ã«æå¹ã«ããã«ãŒã¿ ã³ã³ãã£ã®ã¥ã¬ãŒã·ã§ã³ ã¢ãŒãã«å ¥ããŸãããŸããã°ããŒãã«ãª DVMRP ãã©ã¡ãŒã¿ã«å¿ èŠãªå€æŽãå ããŸãã次ã«ãip dvmrp ã³ãã³ãã䜿çšããŠãDVMRP ãã«ããã£ã¹ã ã«ãŒãã£ã³ã°ããµããŒãããã€ã³ã¿ãã§ãŒã¹ãæå®ããåã€ã³ã¿ãã§ãŒã¹ã«å¯Ÿããã¡ããªãã¯ãèšå®ããŸãã
äŸ
é¢é£ããã³ãã³ã
ip dvmrp ïŒP540ïŒ
show router dvmrp ïŒP542ïŒ
Console(config)#router dvmrpConsole(config-router)#endConsole#show router dvmrp
Admin Status ãããããããããã: enable
Probe Interval ããããããããã: 10
Nbr expire ããããããããããã : 35Minimum Flash Update Interval : 5
prune lifetime ããããããããã: 7200
route report ãããããããã ãã: 60
Default Gatewayããããããããã : 0.0.0.0
Metric of Default Gateway ããã: 0Console#
535 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ãã«ãŒãã£ã³ã°
probe-interval
ãã¹ãŠã® DVMRP ã«ãŒã¿ã®ãã«ããã£ã¹ã ã°ã«ãŒã ã¢ãã¬ã¹å®ã«é£æ¥ã«ãŒã¿ãžã®ãããŒã ã¡ãã»ãŒãžãéä¿¡ããééãèšå®ããŸãã"no"ãåã«çœ®ãããšã§ãèšå®ãåæå€ã«æ»ããŸãã
æ§æ
probe-interval seconds
no probe-interval
⢠seconds - é£æ¥ã«ãŒã¿ã«ãããŒã ã¡ãã»ãŒãžãéä¿¡ããééã§ãïŒç¯å² : 1 ïœ 65535ïŒã
åæèšå®
10 ç§
ã³ãã³ãã¢ãŒã
Router Configuration
ã³ãã³ã解説
ãããŒã ã¡ãã»ãŒãžã¯ãããã€ã¹ãåä¿¡ãããããŒãã®éä¿¡å ã§ããé£æ¥ DVMRP ã«ãŒã¿ãžéä¿¡ããããã®ã§ããããã®é£æ¥ã«ãŒã¿ããŸã ãã«ããã£ã¹ã ããªãŒã®ã¢ã¯ãã£ããªã¡ã³ããŒã§ãããã©ãããæ€èšŒããããã«äœ¿çšãããŸãã
äŸ
Console(config-router)#probe-interval 30Console(config-router)#
536FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ãã«ãŒãã£ã³ã°
nbr-timeout
DVMRP é£æ¥ã«ãŒã¿ã䜿çšäžèœã§ãããšå®£èšããåã«ããã®ã«ãŒã¿ããã®ã¡ãã»ãŒãžãåŸ æ©ããééãèšå®ããŸãã"no"ãåã«çœ®ãããšã§ãèšå®ãåæå€ã«æ»ããŸãã
æ§æ
nbr-timeout seconds
no nbr-timeout
⢠seconds - é£æ¥ã«ãŒã¿ã䜿çšäžèœã§ããããšã宣èšãããŸã§ã®ééã§ãïŒç¯å² : 1 ïœ 65535ïŒã
åæèšå®
35 ç§
ã³ãã³ãã¢ãŒã
Router Configuration
ã³ãã³ã解説
ãã®ã³ãã³ãã§ã¯ãã«ãŒãã®ã¿ã€ã ã¢ãŠããããã³åãã©ã°ãšèãã©ã°ã®èšå®ã«äœ¿çšãããŸãã
äŸ
report-interval
ä»ã®é£æ¥ DVMRP ã«ãŒã¿ã«ã«ãŒãã£ã³ã° ããŒãã«å šäœãäŒæããé »åºŠãæå®ããŸãã"no"ãåã«çœ®ãããšã§ãèšå®ãåæå€ã«æ»ããŸãã
ææ³
report-interval seconds
no report-interval
⢠seconds - ã«ãŒãã£ã³ã° ããŒãã«å šäœãéä¿¡ããééã§ãïŒç¯å² : 1 ïœ 65535ïŒã
åæèšå®
60 ç§
ã³ãã³ãã¢ãŒã
Router Configuration
äŸ
Console(config-router)#nbr-timeout 40Console(config-router)#
Console(config-router)#report-interval 90Console(config-router)#
537 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ãã«ãŒãã£ã³ã°
flash-update-interval
ãããã¯ãŒã¯ ããããžã®å€æŽãåæ ãããããã®ããªã¬ãŒ ã¢ããããŒãïŒ ãã©ãã·ã¥ ã¢ããããŒãïŒ ãéä¿¡ããé »åºŠãæå®ããŸãã"no"ãåã«çœ®ãããšã§ãèšå®ãåæå€ã«æ»ããŸãã
ææ³
flash-update-interval seconds
no flash-update-interval
⢠seconds - ãããã¯ãŒã¯ ããããžã®å€æŽãçºçããéã«ãã©ãã·ã¥ ã¢ããããŒããéä¿¡ããééã§ãïŒç¯å² : 1 ïœ 65535ïŒã
åæèšå®
5 ç§
ã³ãã³ãã¢ãŒã
Router Configuration
äŸ
prune-lifetime
ãã«ããã£ã¹ã ããªãŒã®ãã«ãŒã³ç¶æ ãç¶æãããæéãå®çŸ©ããŸãã
"no"ãåã«çœ®ãããšã§ãèšå®ãåæå€ã«æ»ããŸãã
ææ³
prune-lifetime seconds
no prune-lifetime
⢠seconds - ãã«ãŒã³ç¶æ ã®ç¶ææéã§ãïŒç¯å² : 1 ïœ 65535ïŒã
åæèšå®
7200 ç§
ã³ãã³ãã¢ãŒã
Router Configuration
ã³ãã³ã解説
ãã®ã³ãã³ãã¯ããã«ãŒã³ç¶æ ã®åç¶æéãèšå®ããŸãããã«ãŒã³ç¶æ ãçµäºåŸãã«ãŒã¿ã¯ããã«ããã£ã¹ãéä¿¡å ããã€ã¹ããã®ãã«ããã£ã¹ã ãã©ãã£ãã¯ã®ãã©ããã£ã³ã°ãåéããŸãã
äŸ
Console(config-router)#flash-update-interval 10Console(config-router)#
Console(config-router)#prune-lifetime 5000Console(config-router)#
538FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ãã«ãŒãã£ã³ã°
default-gateway
IP ãã«ããã£ã¹ã ãã©ãã£ãã¯çšã®ããã©ã«ã DVMRP ã²ãŒããŠã§ã€ãæå®ããŸãã"no"ãåã«çœ®ãããšã§ãããã©ã«ã ã²ãŒããŠã§ã€ãåé€ãããŸãã
ææ³
default-gateway ip-address
no default-gateway
⢠ip-address - ããã©ã«ã DVMRP ã²ãŒããŠã§ã€ã® IP ã¢ãã¬ã¹ã§ãã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Router Configuration
ã³ãã³ã解説
⢠æå®ãããã€ã³ã¿ãã§ãŒã¹ã¯ãé£æ¥ DVMRP ã«ãŒã¿ãžã®ããã©ã«ã ã«ãŒããšããŠèªèº«ãã¢ããã¿ã€ãºããŸããããã©ã«ã ã«ãŒãã®ã¢ããã¿ã€ãºã¡ã³ãã¯ãä»ã®ã€ã³ã¿ãã§ãŒã¹ãä»ããŠè¡ãããŸããä»ã®ã€ã³ã¿ãã§ãŒã¹äžã®é£æ¥ã«ãŒã¿ã¯ãããã©ã«ãã«ãŒãçšã®ãã€ãºã³ ãªããŒã¹ ã¡ãã»ãŒãžãã«ãŒã¿ã«è¿ããŸããã«ãŒã¿ã¯ããããã®ã¡ãã»ãŒãžãåä¿¡ãããšãããã©ã«ã ã«ãŒãã®ãã¹ãŠã®äžæµã«ãŒã¿ãèšé²ããŸãã
⢠ããã©ã«ãã®äžæµã«ãŒãã®ã€ã³ã¿ãã§ãŒã¹ããæªç¥ã®éä¿¡å ã¢ãã¬ã¹ïŒã«ãŒã ããŒãã«ã«ãªãã¢ãã¬ã¹ïŒ ãæã€ãã«ããã£ã¹ã ãã©ãã£ãã¯ãåä¿¡ãããšãã«ãŒã¿ã¯ãä»ã®ã€ã³ã¿ãã§ãŒã¹ïŒæ¢ç¥ã®äžæµã«ãŒã¿ãæã€ã€ã³ã¿ãã§ãŒã¹ïŒ ããããã®ãã©ãã£ãã¯ã転éããŸãããã ããæªç¥ã®éä¿¡å ã¢ãã¬ã¹ãæã€ãã«ããã£ã¹ã ãã©ãã£ãã¯ãå¥ã®ã€ã³ã¿ãã§ãŒã¹ã§åä¿¡ãããå Žåãã«ãŒã¿ã¯ãã®ãã©ãã£ãã¯ãå»æ£ããŸããçç±ã¯ãããã©ã«ãã®äžæµã€ã³ã¿ãã§ãŒã¹ãããæªç¥ã®éä¿¡å ããã®ãã«ããã£ã¹ã ãã©ãã£ãã¯ã転éããããšãã§ããªãããã§ãã
äŸ
Console(config-router)#default-gateway 10.1.0.253Console(config-router)#
539 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ãã«ãŒãã£ã³ã°
ip dvmrp
æå®ã€ã³ã¿ãã§ãŒã¹ã§ DVMRP ãæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§ãã€ã³ã¿ãã§ãŒã¹ã® DVMRP ãç¡å¹ã«ãªããŸãã
ææ³
ip dvmrp
no ip dvmrp
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Interface Configuration (VLAN)
ã³ãã³ã解説
DVMRP ãå®å šã«æå¹ã«ããã«ã¯ãip multicast-routing ã³ãã³ãïŒP531ïŒ ã§ã«ãŒã¿ã®ãã«ããã£ã¹ã ã«ãŒãã£ã³ã°ãã°ããŒãã«ã«æå¹ã«ããrouter dvmrp ã³ãã³ãïŒP535ïŒ ã§ã«ãŒã¿ã® DVMRP ãã°ããŒãã«ã«æå¹ã«ããããã« ip dvmrp ã³ãã³ãã§ããã«ããã£ã¹ã ã«ãŒãã£ã³ã°ã«åå ããåã€ã³ã¿ãã§ãŒã¹ã® DVMRP ãæå¹ã«ããå¿ èŠããããŸãã
äŸ
Console(config)#interface vlan 1Console(config-if)#ip dvmrpConsole(config-if)#endConsole#show ip dvmrp interfaceVlan 1 is up
ãDVMRP is enabled
ãMetric is 1
Console#
540FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ãã«ãŒãã£ã³ã°
ip dvmrp metric
ãã®ã³ãã³ãã§ã¯ããã®ã«ãŒã¿äžã®ã€ã³ã¿ãã§ãŒã¹ã«çŽæ¥æ¥ç¶ãããŠãããããã¯ãŒã¯ãž
ã®ãªããŒã¹ ãã¹ãéžæããéã«äœ¿çšãããã¡ããªãã¯ãæ§æããŸãã
ææ³
ip dvmrp metric interface-metric
no ip dvmrp metric
interface-metric - æçã®ãªããŒã¹ ãã¹ãéžæããããã®ã¡ããªãã¯ã§ãïŒç¯å² : 1 ïœ 31ïŒ
åæèšå®
1
ã³ãã³ã ã¢ãŒã
Interface Configuration (VLAN)
ã³ãã³ã解説
DVMRP ã€ã³ã¿ãã§ãŒã¹ ã¡ããªãã¯ã¯ãäžæµã®åãå®å ãžã®ãã¹ãè€æ°ããå Žåã«ãæçã®ãªããŒã¹ ãã¹ãéžæããã®ã«äœ¿çšãããŸããã³ã¹ãã®äœããã¹ãåªå ãã¹ã«ãªããŸãã
äŸ
clear ip dvmrp route
DVMRP ãåŠç¿ãããã¹ãŠã®ãã€ããã㯠ã«ãŒããã¯ãªã¢ããŸãã
ã³ãã³ã ã¢ãŒã
Privileged Exec
äŸ
ããã©ã«ã ã«ãŒã以å€ã®ãã¹ãŠã®ã«ãŒããã«ãŒã ããŒãã«ããã¯ãªã¢ããŸãã
Console(config)#interface vlan 1Console(config-if)#ip dvmrp metric 2Console(config-if)#
Console#clear ip dvmrp routeclear all ip dvmrp routeConsole#show ip dvmrp route
Source Mask Upstream_nbr Interface Metric UpTime Expire------------- ------------- ------------- --------- ------ ------ ------ 10.1.0.0 255.255.255.0 10.1.0.253 vlan1 1 1840 0Console#
541 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ãã«ãŒãã£ã³ã°
show router dvmrp
ã°ããŒãã«ãª DVMRP ã³ã³ãã£ã®ã¥ã¬ãŒã·ã§ã³èšå®ã衚瀺ããŸãã
ã³ãã³ã ã¢ãŒã
Normal ExecãPrivileged Exec
ã³ãã³ã解説
ãã®ã³ãã³ãã¯ãåè¿°ããã°ããŒãã« DVMRP èšå®ã®æ¬¡ã®é ç®ã衚瀺ããŸãã
⢠Admin Statusãrouter dvmrpãïŒP535ïŒ
⢠Probe Interval ïŒP536ïŒ
⢠Nbr Expire ïŒP537ïŒ
⢠Minimum Flash Update Interval ïŒP538ïŒ
⢠Prune Lifetime ïŒP538ïŒ
⢠Route Report ïŒP537ïŒ
⢠Default Gateway ïŒP539ïŒ
⢠Metric of Default Gateway ïŒP541ïŒ
äŸ
次ã®äŸã¯ãããã©ã«ãèšå®ã衚瀺ããŸãã
Console#show route dvmrp
Admin Status ãããããããããããã:enable
Probe Interval ããããããããããã:10
Nbr expire ããããããããããããã :35
Minimum Flash Update Intervalããã:5prune lifetime ããããããããããã: 7200
route report ããããããããããã : 60Default Gateway : 0.0.0.0Metric of Default Gateway : 1Console#
542FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ãã«ãŒãã£ã³ã°
show ip dvmrp route
DVMRP ã«ãŒãã£ã³ã° ããŒãã«å ã®ãã¹ãŠã®ãšã³ããªã衚瀺ããŸãã
ã³ãã³ã ã¢ãŒã
Normal ExecãPrivileged Exec
äŸ
次ã®äŸã§ã¯ãDMVRP ã«ãŒãã衚瀺ããŸãã
Console#show ip dvmrp route
ãããSource ãããããMask ãUpstream_nbr Interface Metric UpTime Expire------------ -------------- ------------- --------- ------ ------ ------
ãã10.1.0.0 ã255.255.255.0 ã10.1.0.253 ãvlan1 ãããã1 ã84438 ãã0
ãã10.1.1.0 ã255.255.255.0 ã10.1.1.253 ãvlan2 ãããã1 ã84987 ãã0
ãã10.1.8.0 ã255.255.255.0 ã10.1.0.254 ãvlan1 ãããã2 ã19729ã 97Console#
é ç® è§£èª¬Source ãã«ããã£ã¹ãéä¿¡å ãäžæµã«ãŒã¿ããŸãã¯ãã«ããã£ã¹ã
ãã¹ãã«æ¥ç¶ãããçºä¿¡ã€ã³ã¿ãã§ãŒã¹ãå«ãŸãã IP ãµããããã¯ãŒã¯
Mask éä¿¡å ã¢ãã¬ã¹ã«äœ¿çšããããµãããã ãã¹ã¯ããã®ãã¹ã¯ã¯ãç¹å®ã®ãµãããããžã®ã«ãŒãã£ã³ã°ã«äœ¿çšããããã¹ã ã¢ãã¬ã¹ ããããèå¥ãããã®ã§ãã
Upstream_nbr 1 ã€ãŸãã¯è€æ°ã®ãã«ããã£ã¹ã ã°ã«ãŒãã®çŽæ¥äžæµã«ãããããã¯ãŒã¯ ããã€ã¹ã® IP ã¢ãã¬ã¹
Interface äžæµã®é£æ¥ã«ãŒã¿ã«æ¥ç¶ãããã®ã«ãŒã¿äžã® IP ã€ã³ã¿ãã§ãŒã¹
Metric è·é¢ãã¯ãã«ã®èšç®ã«äœ¿çšããããã®ã€ã³ã¿ãã§ãŒã¹ã®ã¡ããªãã¯
Uptime ãã®ãšã³ããªãäœæãããŠããã®çµéæé
Expire ãã®ãšã³ããªãçµå¹ŽåŠçã«ããç¡å¹ã«ãªããŸã§ã®æ®ãæé
543 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ãã«ãŒãã£ã³ã°
show ip dvmrp neighbor
ãã¹ãŠã® DVMRP é£æ¥ã«ãŒã¿ã衚瀺ããŸãã
ã³ãã³ã ã¢ãŒã
Normal ExecãPrivileged Exec
äŸ
show ip dvmrp interface
DVMRPã€ã³ã¿ãã§ãŒã¹èšå®ã衚瀺ããŸãã
ã³ãã³ã ã¢ãŒã
Normal ExecãPrivileged Exec
äŸ
Console#show ip dvmrp neighbor
ããAddress ãããããInterface ãããUptime ãExpire ãCapabilities---------------- --------------- -------- -------- -------------
ããã10.1.0.254 ããããvlan1 ãããã79315 ãããã32 ããããããã6Console#
é ç® è§£èª¬Address ãã®ãã«ããã£ã¹ãé ä¿¡ããªãŒã®çŽæ¥äžæµã«ããããã
ã¯ãŒã¯ ããã€ã¹ã® IP ã¢ãã¬ã¹ã§ãã
Interface äžæµã®é£æ¥ã«ãŒã¿ã«æ¥ç¶ãããã®ã«ãŒã¿äžã® IP ã€ã³ã¿ãã§ãŒã¹ã§ãã
Uptime ãã®ãšã³ããªãçµå¹ŽåŠçã«ããç¡å¹ã«ãªããŸã§ã®æ®ãæé
Capabilities Leaf ïŒããã 0ïŒ - é£æ¥ã«ãŒã¿ã«ã¯ãé£æ¥ã«ãŒã¿ãæã€ã€ã³ã¿ãã§ãŒã¹ã 1 ã€ãããããŸãããPrune ïŒããã 1ïŒ - é£æ¥ã«ãŒã¿ã¯ããã«ãŒãã³ã°ããµããŒãããŠããŸããGeneration ID ïŒããã 2ïŒ - é£æ¥ã«ãŒã¿ã¯ããããŒã ã¡ãã»ãŒãžã«èªèº«ã® Generation ID ãå«ããŠéä¿¡ããŸããMtrace ïŒããã 3ïŒ - é£æ¥ã«ãŒã¿ã¯ããã«ããã£ã¹ã ãã¬ãŒã¹èŠæ±ãåŠçã§ããŸããSNMP ïŒããã 4ïŒ - é£æ¥ã«ãŒã¿ã¯ SNMP ããµããŒãããŠããŸããNetmask - ïŒããã 5ïŒ - é£æ¥ã«ãŒã¿ã¯ããã«ãŒã³ãã°ã©ãããããã³ã°ã©ãã ACKïŒè¯å®å¿çïŒ ã®åã¡ãã»ãŒãžã«ä»ãããããããã¯ãŒã¯ ãã¹ã¯ãåçããŸããReserved ïŒããã 6 ããã³ 7ïŒ - å°æ¥äœ¿çšããããã«çä¿ãããŠããŸãã
Console#show ip dvmrp interfaceVlan 1 is up
ãDVMRP is enabled
ãMetric is 1
Console#
544FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ãã«ãŒãã£ã³ã°
3.24.4 PIM-DM
router pim
ã¹ã€ãã㧠PIM-DM (Protocol-Independent Multicast - Dense Mode) ãã°ããŒãã«ã«æå¹ã«ããã«ãŒã¿ ã³ã³ãã£ã®ã¥ã¬ãŒã·ã§ã³ ã¢ãŒãã«å ¥ããŸãã"no"ãåã«çœ®ãããšã§ãPIM-DM ãã«ããã£ã¹ã ã«ãŒãã£ã³ã°ãç¡å¹ã«ããŸãã
ææ³
[no] router pim
åæèšå®
ç¡å¹
ã³ãã³ã ã¢ãŒã
ã°ããŒãã« ã³ã³ãã£ã®ã¥ã¬ãŒã·ã§ã³
ã³ãã³ã解説ãã®ã³ãã³ãã¯ãã¹ã€ãã㧠PIM-DM ãã°ããŒãã«ã«æå¹ã«ããŸããip pim dense-modeã³ãã³ãïŒP546ïŒ ã䜿çšããŠããã«ããã£ã¹ã ã«ãŒãã£ã³ã°ããµããŒãããåã€ã³ã¿ãã§ãŒã¹ã§ PIM-DM ãæå¹ã«ããå¿ èŠããããŸãããŸãããã«ããã£ã¹ã ãããã³ã« ãã©ã¡ãŒã¿ãå¿ èŠã«å¿ããŠå€æŽããŸãã
äŸ
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãžrouter pim ã«ãŒã¿ã§ PIM ãã°ããŒãã«ã«æå¹ã«ããŸãã GC P535
ip pim dense-mode æå®ã€ã³ã¿ãã§ãŒã¹ã§ PIM ãæå¹ã«ããŸãã IC P536
ip pim hello-interval PIM Hello ã¡ãã»ãŒãžã®éä¿¡ééãèšå®ããŸãã IC P537
ip pim hello-holdtime é£æ¥ãã PIM ã«ãŒã¿ã®äœ¿çšäžèœã宣èšããåã«ããã®ã«ãŒã¿ã® Hello ã¡ãã»ãŒãžãåŸ æ©ããæéãèšå®ããŸãã
IC P537
ip pimtrigger-hello-interval
ããªã¬ãŒããã PIM Hello ã¡ãã»ãŒãžãéä¿¡ãããŸã§ã®æ倧æéãèšå®ããŸãã
IC P538
ip pimjoin-prune-holdtime
ãã«ãŒã³ç¶æ ã®ããŒã«ã ã¿ã€ã ãæ§æããŸãã IC P538
ip pimgraft-retry-interval
ã°ã©ãã ã¡ãã»ãŒãžãåéä¿¡ããåã«ãã°ã©ããACK ïŒè¯å®å¿çïŒ ãåŸ æ©ããæéãèšå®ããŸãã
IC P539
ip pim max-graft-retries
ACK ïŒè¯å®å¿çïŒ ããªãå Žåã«ãã°ã©ããã¡ãã»ãŒãžãåéä¿¡ããæ倧åæ°ãæ§æããŸãã
IC P540
show router pim ã°ããŒãã«ãª PIM ã³ã³ãã£ã®ã¥ã¬ãŒã·ã§ã³èšå®ã衚瀺ããŸãã
NE,PE P541
show ip pim interface PIM ãæ§æããã€ã³ã¿ãã§ãŒã¹ã«é¢ããæ å ±ã衚瀺ããŸãã
NE,PE P541
show ip pim neighbor PIM é£æ¥ã«ãŒã¿ã«é¢ããæ å ±ã衚瀺ããŸãã NE,PE P542
Console(config)#router pimConsole#show router pimAdmin Status: EnabledConsole#
545 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ãã«ãŒãã£ã³ã°
ip pim dense-mode
æå®ã€ã³ã¿ãã§ãŒã¹ã§ PIM-DM ãæå¹ã«ããŸãã"no"ãåã«çœ®ãããšã§ãã€ã³ã¿ãã§ãŒã¹ã® PIM-DM ãç¡å¹ã«ãªããŸãã
ææ³
[no] ip pim dense-mode
åæèšå®
ç¡å¹
ã³ãã³ãã¢ãŒã
Interface Configuration (VLAN)
ã³ãã³ã解説
⢠PIM-DM ãå®å šã«æå¹ã«ããã«ã¯ãip multicast-routing ã³ãã³ãïŒP531ïŒ ã§ã¹ã€ããã®ãã«ããã£ã¹ã ã«ãŒãã£ã³ã°ãã°ããŒãã«ã«æå¹ã«ããrouter pim ã³ãã³ãïŒP545ïŒ ã§ã¹ã€ããã® PIM-DM ãã°ããŒãã«ã«æå¹ã«ããããã« ip pimdense-mode ã³ãã³ãïŒP546ïŒ ã§ããã«ããã£ã¹ã ã«ãŒãã£ã³ã°ã«åå ããåã€ã³ã¿ãã§ãŒã¹ã® PIM-DM ãæå¹ã«ããå¿ èŠããããŸãã
⢠ã€ã³ã¿ãã§ãŒã¹äžã§ PIM ãæå¹ã«ããå Žåããã®ã€ã³ã¿ãã§ãŒã¹ã§ã¯ IGMP ãæå¹ã«ããå¿ èŠããããŸãããã³ã¹ã¢ãŒãã®ã€ã³ã¿ãã§ãŒã¹ã¯ãããã©ã«ãã§ãã«ããã£ã¹ã ãã©ããã£ã³ã°ã®å¯Ÿè±¡ãšãªããŸãããããã®ã€ã³ã¿ãã§ãŒã¹ããã«ããã£ã¹ã ã«ãŒãã£ã³ã° ããŒãã«ããåé€ãããã®ã¯ãã°ã«ãŒã ã¡ã³ããŒãäžæµã«ãŒã¿ãååšããªããšã«ãŒã¿ãå€æããæããäžæµã«ãŒã¿ããã®ãã«ãŒã³ ã¡ãã»ãŒãžãåä¿¡ãããæã®ã¿ã§ãã
äŸ
Console(config)#interface vlan 1Console(config-if)#ip pim dense-modeConsole#show ip pim interfaceVlan 1 is up
ãPIM is enabled, mode is Dense.
ãInternet address is 10.1.0.253.
ãHello time interval is 30 sec, trigger hello time interval is 5 ãsec.
ãHello holdtime is 105 sec.
ãJoin/Prune holdtime is 210 sec.
ãGraft retry interval is 3 sec, max graft retries is 2.
ãDR Internet address is 10.1.0.253, neighbor count is 0.
Console#
546FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ãã«ãŒãã£ã³ã°
ip pim hello-interval
PIM Hello ã¡ãã»ãŒãžãéä¿¡ãããé »åºŠãæ§æããŸãã"no"ãåã«çœ®ãããšã§ãèšå®ãåæèšå®å€ã«æ»ããŸãã
ææ³
ip pim hello-interval seconds
no pim hello-interval
⢠secondsâ PIM Hello ã¡ãã»ãŒãžãéä¿¡ããééïŒç¯å² : 1 ïœ 65535ïŒ
åæèšå®
30 ç§
ã³ãã³ãã¢ãŒã
Interface Configuration (VLAN)
ã³ãã³ã解説çš
Hello ã¡ãã»ãŒãžã¯ãããã€ã¹ãåä¿¡ãããããŒãã®éä¿¡å ã§ããé£æ¥ PIM ã«ãŒã¿ãžé
ä¿¡ããããã®ã§ããããã®é£æ¥ã«ãŒã¿ããŸã ãã«ããã£ã¹ã ããªãŒã®ã¢ã¯ãã£ããªã¡ã³
ããŒã§ãããã©ãããæ€èšŒããããã«äœ¿çšãããŸãã
äŸ
Console(config-if)#ip pim hello-interval 60Console(config-if)#
547 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ãã«ãŒãã£ã³ã°
ip pim hello-holdtime
é£æ¥ãã PIM ã«ãŒã¿ã䜿çšäžèœã§ãããšå®£èšããåã«ããã®ã«ãŒã¿ããã® Hello ã¡ãã»ãŒãžãåŸ æ©ããééãèšå®ããŸãã"no"ãåã«çœ®ãããšã§ãèšå®ãåæå€ã«æ»ããŸãã
ææ³
ip pim hello-holdtime seconds
no ip pim hello-interval
⢠secondsâ PIM Hello ã¡ãã»ãŒãžã®ããŒã«ã ã¿ã€ã ïŒç¯å² : 1 ïœ 65535ïŒ
åæèšå®
105 ç§
ã³ãã³ãã¢ãŒã
Interface Configuration (VLAN)
ã³ãã³ã解説
ip pim hello-holdtime ã¯ãip pim hello-interval ïŒP547ïŒ ã®å€ã® 3.5 åã«èšå®ããå¿ èŠããããŸãã
äŸ
Console(config-if)#ip pim hello-holdtime 210Console(config-if)#
548FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ãã«ãŒãã£ã³ã°
ip pim trigger-hello-interval
ã«ãŒã¿ããªããŒãããåŸããã€ã³ã¿ãã§ãŒã¹ã§ PIM ãæå¹ã«ããåŸã«ãããªã¬ãŒããã PIM Hello ã¡ãã»ãŒãžãéä¿¡ãããŸã§ã®æ倧æéãæ§æããŸãã"no"ãåã«çœ®ãããšã§ãèšå®ãåæå€ã«æ»ããŸãã
ææ³
ip pim triggerr-hello-interval seconds
no ip pim triggerr-hello-interval
⢠secondsâ ããªã¬ãŒããã PIM Hello ã¡ãã»ãŒãžãéä¿¡ãããŸã§ã®æ倧æéïŒç¯å² : 0 ïœ 65535ïŒ
åæèšå®
5 ç§
ã³ãã³ãã¢ãŒã
Interface Configuration (VLAN)
ã³ãã³ã解説
⢠ã«ãŒã¿ãåããŠèµ·åããæããã€ã³ã¿ãã§ãŒã¹ã§ PIM ãæå¹ã«ããæãhello-intervalã®å€ã¯ã0 ãã trigger-hello-interval ãŸã§ã®ç¯å²ã§ã©ã³ãã ãªæ°å€ã«èšå®ãããŸããããã«ãããè€æ°ã®ã«ãŒã¿ãåæã«é»æºãªã³ã«ããå Žåã«ããã«ãã¢ã¯ã»ã¹ ãªã³ã¯äžã® Hello ã¡ãã»ãŒãžãåæããã®ãåé¿ããŸãã
⢠ãŸããæ°èŠã®é£æ¥ã«ãŒã¿ãã Hello ã¡ãã»ãŒãžãåä¿¡ããå Žåãåä¿¡ã«ãŒã¿ã¯ã0 ãã trigger-hello-interval ãŸã§ã®ç¯å²ã®ã©ã³ãã ãªå€ã ãé 延ããŠãèªèº«ã® Hello ã¡ãã»ãŒãžãéä¿¡ããŸãã
äŸ
Console(config-if)#ip pim triggerr-hello-interval 10Console(config-if)#
549 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ãã«ãŒãã£ã³ã°
ip pim join-prune-holdtime
ãã«ãŒã³ç¶æ ã®ããŒã«ã ã¿ã€ã ãæ§æããŸãã"no"ãåã«çœ®ãããšã§ãèšå®ãåæå€ã«æ»ããŸãã
ææ³
ip pim join-prune-holdtime seconds
no ip pim join-prune-holdtime
secondsâ ãã«ãŒã³ç¶æ ã®ããŒã«ã ã¿ã€ã ïŒç¯å² : 0 ïœ 65535ïŒã
åæèšå®
210 ç§
ã³ãã³ãã¢ãŒã
Interface Configuration (VLAN)
ã³ãã³ã解説
ç¹å®ã®éä¿¡å ãããã«ããã£ã¹ã ã¹ããªãŒã ãæåã«åä¿¡ãããã«ããã£ã¹ã ã€ã³ã¿ãã§ãŒã¹ã¯ãã«ãŒã¿äžã®ä»ã®ãã¹ãŠã® PIM ã€ã³ã¿ãã§ãŒã¹ã«ãã®ãã©ãã£ãã¯ã転éããŸããèŠæ±ããŠããã°ã«ãŒãã該åœã€ã³ã¿ãã§ãŒã¹äžã«ååšããªãå ŽåãèããŒãã¯ãäžæµã«ãã«ãŒã³ ã¡ãã»ãŒãžãéä¿¡ãããã®ãã«ããã£ã¹ã ã¹ããªãŒã ã«å¯ŸããŠãã«ãŒã³ç¶æ ã«å ¥ããŸãããã®ãã«ãŒã³ç¶æ ã¯ãjoin-prune-holdtime ã®ã¿ã€ããŒãæºäºãããããã©ã¯ãŒãã£ã³ã° ãšã³ããªã«å¯Ÿããã°ã©ãã ã¡ãã»ãŒãžãåä¿¡ããããŸã§ç¶æãããŸãã
äŸ
Console(config-if)#ip pim join-prune-holdtime 60Console(config-if)#
550FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ãã«ãŒãã£ã³ã°
ip pim graft-retry-interval
ã°ã©ãããåéä¿¡ããåã«ãã°ã©ãã ACK ïŒè¯å®å¿çïŒ ãåŸ æ©ããæéãèšå®ããŸãã"no"ãåã«çœ®ãããšã§ãèšå®ãåæå€ã«æ»ããŸãã
æ§æ
ip pim graft-retry-interval seconds
no ip pim graft-retry-interval
secondsâ ã°ã©ãããåéä¿¡ãããŸã§ã®æéã§ãïŒç¯å² : 0 ïœ 65535ïŒã
åæèšå®
3 ç§
ã³ãã³ãã¢ãŒã
Interface Configuration (VLAN)
ã³ãã³ã解説
ã°ã©ãã ã¡ãã»ãŒãžã¯ããã«ãŒã³ç¶æ ãåãæ¶ãããã«ãã«ãŒã¿ã«ãã£ãŠéä¿¡ããããã®ã§ããã°ã©ãã ã¡ãã»ãŒãžãåä¿¡ããã«ãŒã¿ã¯ãã°ã©ãã ACK ïŒè¯å®å¿çïŒ ã¡ãã»ãŒãžã§å¿çããå¿ èŠããããŸãããã® ACK ïŒè¯å®å¿çïŒ ã倱ãããå Žåãã°ã©ãã ã¡ãã»ãŒãžãéä¿¡ããã«ãŒã¿ã¯ãïŒip pim max-graft-retries ã³ãã³ãã§å®çŸ©ãããïŒ åæ°ã ãåéä¿¡ããŸãã
äŸ
ip pim max-graft-retries
ã°ã©ãã ã¡ãã»ãŒãžã«å¯Ÿã㊠ACK ïŒè¯å®å¿çïŒ ããªãå Žåã«ãã°ã©ãã ã¡ãã»ãŒãžãåéä¿¡ããæ倧åæ°ãæ§æããŸãã"no"ãåã«çœ®ãããšã§ãèšå®ãåæå€ã«æ»ããŸãã
ææ³
ip pim max-graft-retries retries
no ip pim graft-retry-interval
retriesâ ã°ã©ãããåéä¿¡ããæ倧åæ°ã§ãïŒç¯å² : 0 ïœ 65535ïŒã
åæèšå®
2
ã³ãã³ãã¢ãŒã
Interface Configuration (VLAN)
äŸ
Console(config-if)#ip pim graft-retry-interval 9Console(config-if)#
Console(config-if)#ip pim max-graft-retries 5Console(config-if)#
551 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ãã«ãŒãã£ã³ã°
show router pim
ã°ããŒãã«ãª PIM ã³ã³ãã£ã®ã¥ã¬ãŒã·ã§ã³èšå®ã衚瀺ããŸãã
ã³ãã³ãã¢ãŒã
Normal ExecãPrivileged Exec
äŸ
show ip pim interface
PIM ãæ§æããã€ã³ã¿ãã§ãŒã¹ã«é¢ããæ å ±ã衚瀺ããŸãã
ææ³
show ip pim interface vlan-id
⢠vlan-id â VLAN IDVLAN IDïŒç¯å² : 1 ïœ 4094ïŒã
ã³ãã³ã ã¢ãŒã
Normal ExecãPrivileged Exec
ã³ãã³ã解説
ãã®ã³ãã³ãã¯ãåè¿°ããæå®ã€ã³ã¿ãã§ãŒã¹ã® PIM èšå®ã衚瀺ããŸããæå® PIMã«ãŒã¿ã®ã¢ãã¬ã¹ãšãé£æ¥ PIM ã«ãŒã¿ã®æ°ã衚瀺ãããŸãã
äŸ
Console#show router pimAdmin Status: EnabledConsole#
Console#show ip pim interface 1Vlan 1 is up
ãPIM is enabled, mode is Dense.
ãInternet address is 10.1.0.253.
ãHello time interval is 30 sec, trigger hello time interval is 5 sec.
ãHello holdtime is 105 sec.
ãJoin/Prune holdtime is 210 sec.
ãGraft retry interval is 3 sec, max graft retries is 2.
ãDR Internet address is 10.1.0.254, neighbor count is 1.
Console#
552FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹ãã«ããã£ã¹ãã«ãŒãã£ã³ã°
show ip pim neighbor
PIM é£æ¥ã«ãŒã¿ã«é¢ããæ å ±ã衚瀺ããŸãã
ææ³
show ip pim neighbor [ip-address]
⢠ip-address â PIM é£æ¥ã«ãŒã¿ã® IP ã¢ãã¬ã¹
åæèšå®
ãã¹ãŠã®æ¢ç¥ã® PIM é£æ¥ã«ãŒã¿ã«é¢ããæ å ±ã衚瀺ããŸãã
ã³ãã³ã ã¢ãŒã
Normal ExecãPrivileged Exec
äŸ
Console#show ip pim neighbor
ãAddress ããããVLAN Interface ãUptime ããExpire ãMode--------------- ---------------- -------- -------- -------
ã10.1.0.254 ãããããããããã1 ã17:38:16 ã00:01:25 Dense
Console#
é ç® è§£èª¬Address ãã¯ã¹ã ããã ã«ãŒã¿ã® IP ã¢ãã¬ã¹
VLAN Interface ãã®é£æ¥ã«ãŒã¿ã«æ¥ç¶ãããŠããã€ã³ã¿ãã§ãŒã¹ã®çªå·
Uptime ãã®ãšã³ããªãã¢ã¯ãã£ãã«ãªã£ãŠããã®çµéæé
Expire ãã®ãšã³ããªãåé€ããããŸã§ã®æ®ãæé
ã¢ãŒã ãã®ã€ã³ã¿ãã§ãŒã¹ã§äœ¿çšããã PIM ã¢ãŒãïŒãã³ã¹ ã¢ãŒãã®ã¿ãµããŒããããŠããŸãïŒ
553 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VRRP
3.25 VRRP
ã«ãŒã¿åé·æ§ãããã³ã«ã¯ããã©ã€ã㪠ã«ãŒã¿ããã³è€æ°ã®ããã¯ã¢ãã ã«ãŒã¿ããµããŒã
ããããã«ãä»®æ³ IP ã¢ãã¬ã¹ã䜿çšããŸãããã¹ã¿ãŒ ã«ãŒã¿ã«é害ãçºçããæã«ã¯ãŒã¯
ããŒããåŒãç¶ãããã«ãããã¯ã¢ãã ã«ãŒã¿ãæ§æããããšãã§ããŸãããŸãããã©ãã£ã
㯠ããŒããå ±æããããã«æ§æããããšãã§ããŸããã«ãŒã¿åé·æ§ã®äž»ãªç®çã¯ããã©ã€ã
㪠ã²ãŒããŠã§ã€ã®é害çºçæã«ãåºå®ã²ãŒããŠã§ã€ã§æ§æããããã¹ã ããã€ã¹ãããã
ã¯ãŒã¯ ã³ãã¯ãã£ããã£ãä¿æã§ããããã«ããããšã§ãã
3.25.1 ä»®æ³ã«ãŒã¿åé·æ§ãããã³ã«ïŒVRRPïŒã³ãã³ã
ã³ãã³ãã°ã«ãŒã
æ©èœ ããŒãž
Virtual RouterRedundancy Protocol VRRP ã®ã€ã³ã¿ãã§ãŒã¹èšå®ãæ§æããŸãã P554
ã³ãã³ã æ©èœ ã¢ãŒã ããŒãžvrrp ip VRRP ãæå¹ã«ããä»®æ³ã«ãŒã¿ã® IP ã¢ãã¬ã¹ãèšå®ããŸãã IC P555
vrrp authentication key
ä»ã®ã«ãŒã¿ããåä¿¡ãã VRRP ãã±ããã®èªèšŒã«äœ¿çšãããããŒãæ§æããŸãã
IC P556
vrrp priority VRRP ã°ã«ãŒãå ã§ã®ãã®ã«ãŒã¿ã®ãã©ã€ãªãªãã£ãèšå®ããŸãã
IC P557
vrrp timers advertise
ãã¹ã¿ãŒä»®æ³ã«ãŒã¿ã®é£ç¶ããã¢ããã¿ã€ãºã¡ã³ãã®ééãèšå®ããŸãã
IC P558
vrrp preempt çŸåšã®ãã¹ã¿ãŒä»®æ³ã«ãŒã¿ãããé«ããã©ã€ãªãªãã£ãæã€ã«ãŒã¿ã VRRP ã°ã«ãŒãã«åå ããæããã®ã«ãŒã¿ããã¹ã¿ãŒä»®æ³ã«ãŒã¿ãšããŠåŠçãåŒãç¶ãããã«æ§æããŸãã
IC P559
show vrrp VRRP ã¹ããŒã¿ã¹æ å ±ã衚瀺ããŸãã PE P560
show vrrp interface æå®ã€ã³ã¿ãã§ãŒã¹ã® VRRP ã¹ããŒã¿ã¹æ å ±ã衚瀺ããŸãã PE P562
show vrrp routercounters
VRRP çµ±èšæ å ±ã衚瀺ããŸãã PE P562
show vrrp interfacecounters
æå®ã€ã³ã¿ãã§ãŒã¹ã® VRRP çµ±èšæ å ±ã衚瀺ããŸãã PE P563
clear vrrp routercounters
VRRP ã«ãŒã¿ã®çµ±èšæ å ±ãã¯ãªã¢ããŸãã PE P564
clear vrrp interfacecounters
VRRP ã€ã³ã¿ãã§ãŒã¹ã®çµ±èšæ å ±ãã¯ãªã¢ããŸãã PE P564
554FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VRRP
vrrp ip
ã€ã³ã¿ãã§ãŒã¹äžã®ä»®æ³ã«ãŒã¿åé·æ§ãããã³ã«ïŒVRRPïŒ ãæå¹ã«ããä»®æ³ã«ãŒã¿ã® IP ã¢ãã¬ã¹ãæå®ããŸãã"no"ãåã«çœ®ãããšã§ãã€ã³ã¿ãã§ãŒã¹äžã® VRRP ãç¡å¹ã«ãªããIP ã¢ãã¬ã¹ãä»®æ³ã«ãŒã¿ããåé€ãããŸãã
ææ³
[no] vrrp group ip ip-address [secondary]
⢠group â ä»®æ³ã«ãŒã¿ ã°ã«ãŒããèå¥ïŒç¯å² : 1 ïœ 255ïŒ
⢠ip-address âä»®æ³ã«ãŒã¿ã® IP ã¢ãã¬ã¹
⢠secondary âãã® VRRP ã°ã«ãŒãããµããŒãããçŸåšã® VLAN ã€ã³ã¿ãã§ãŒã¹ã«å²ãåœãŠãããè¿œå ã®ã»ã«ã³ã㪠IP ã¢ãã¬ã¹ãæå®ããŸãã
åæèšå®
ä»®æ³ã«ãŒã¿ ã°ã«ãŒãã¯æ§æãããŠããŸããã
ã³ãã³ãã¢ãŒã
Interface Configuration (VLAN)
ã³ãã³ã解説
⢠仮æ³ã«ãŒã¿ ã°ã«ãŒãã«åå ããŠãããã¹ãŠã®ã«ãŒã¿ã®ã€ã³ã¿ãã§ãŒã¹ã¯ãåã IPãµããããã«å±ããå¿ èŠããããŸãã
⢠仮æ³ã«ãŒã¿ã«å²ãåœãŠããã IP ã¢ãã¬ã¹ã¯ããªãŒããŒã«ãªãã«ãŒã¿äžã§äºãæ§æãããŠããå¿ èŠããããŸããããªãã¡ããã®ã³ãã³ãã§æå®ããã IP ã¢ãã¬ã¹ã¯ãä»®æ³ã«ãŒã¿ ã°ã«ãŒãã® 1 å°ã®ããã€å¯äžã®ã«ãŒã¿äžã«ãã§ã«ååšããŠããå¿ èŠããããŸãããŸããä»®æ³ã«ãŒã¿ ã¢ãã¬ã¹ã®ãããã¯ãŒã¯ ãã¹ã¯ã¯ãªãŒããŒãã掟çããŸãããŸãããªãŒããŒã¯ãã°ã«ãŒãå ã®ãã¹ã¿ãŒä»®æ³ã«ãŒã¿ãšããŠã®åœ¹å²ãæãããŸãã
⢠çŸåšã® VLAN ã€ã³ã¿ãã§ãŒã¹äžã§è€æ°ã®ã»ã«ã³ã㪠ã¢ãã¬ã¹ãæ§æããå Žåããã®ã³ãã³ãã secondary ããŒã¯ãŒããšãšãã«äœ¿çšããããšã§ãä»®æ³ã«ãŒã¿ã«ãã£ãŠãµããŒããããä»»æã®ã»ã«ã³ã㪠ã¢ãã¬ã¹ãè¿œå ããããšãã§ããŸãã
⢠ãã®ã³ãã³ããå ¥åãããšãVRRP ã¯å³åº§ã«æå¹ã«ãªããŸããVRRP ã®ä»ã®ãã©ã¡ãŒã¿ïŒèªèšŒããã©ã€ãªãªãã£ãã¢ããã¿ã€ãºã¡ã³ãééãŠãªã©ïŒ ãã«ã¹ã¿ãã€ãºããå¿ èŠãããå Žåãæåã«ãããã®ãã©ã¡ãŒã¿ãæ§æããŠãããVRRP ãæå¹ã«ããŠãã ããã
äŸ
ãã®ã³ãã³ãã§ã¯ãVRRP ã°ã«ãŒãã®ãªãŒããŒãšã㊠VLAN 1 ã®ãã©ã€ã㪠ã€ã³ã¿ãã§ãŒã¹ã䜿çšããŠãVRRP ã°ã«ãŒã 1 ãäœæããã°ã«ãŒãã®ã¡ã³ããŒãšããŠã»ã«ã³ã㪠ã€ã³ã¿ãã§ãŒã¹ãè¿œå ããŸãã
Console(config)#interface vlan 1Console(config-if)#vrrp 1 ip 192.168.1.6Console(config-if)#vrrp 1 ip 192.168.2.6 secondaryConsole(config-if)#
555 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VRRP
vrrp authentication key
ä»ã®ã«ãŒã¿ããåä¿¡ãã VRRP ãã±ããã®èªèšŒã«äœ¿çšãããããŒãæå®ããŸãã"no"ãåã«çœ®ãããšã§ãèªèšŒãç¡å¹ã«ãªããŸãã
ææ³vrrp group authentication key
no vrrp group authentication
⢠group â ä»®æ³ã«ãŒã¿ ã°ã«ãŒããèå¥ïŒç¯å² : 1 ïœ 255ïŒ
⢠keyâ èªèšŒã¹ããªã³ã°ïŒç¯å² : 1 ïœ 8 è±æ°åæåïŒã
åæèšå®
å®çŸ©ãããŠããããŒã¯ãããŸããã
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Interface Configuration (VLAN)
ã³ãã³ã解説⢠åã VRRP ã°ã«ãŒãå ã®ãã¹ãŠã®ã«ãŒã¿ã¯ãåãèªèšŒããŒã§æ§æãããŠããå¿ èŠããããŸãã
⢠ã°ã«ãŒãå ã®å¥ã®ã«ãŒã¿ãã VRRP ãã±ãããåä¿¡ããããšããã®èªèšŒããŒã¯ããã®ã«ãŒã¿äžã§æ§æãããã¹ããªã³ã°ãšæ¯èŒãããŸããããŒãåèŽããã°ãã¡ãã»ãŒãžã¯åçãããŸããåèŽããªãå Žåããã±ããã¯å»æ£ãããŸãã
⢠ãã¬ãŒã³ ããã¹ãèªèšŒã§ã¯ãçŸå®çãªã»ãã¥ãªãã£ã¯äœãæäŸãããŸããããã¬ãŒã³ããã¹ãã¯ã誀èšå®ãããã«ãŒã¿ã VRRP ã«åå ããããšãé²ãããã«ã®ã¿ãµããŒããããŠããŸãã
äŸ
Console(config-if)#vrrp 1 authentication bluebirdConsole(config-if)#
556FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VRRP
vrrp priority
VRRP ã°ã«ãŒãå ã§ã®ãã®ã«ãŒã¿ã®ãã©ã€ãªãªãã£ãèšå®ããŸãã"no"ãåã«çœ®ãããšã§ãèšå®ãåæå€ã«æ»ããŸãã
ææ³
vrrp group priority level
no vrrp group priority
⢠group â VRRP ã°ã«ãŒããèå¥ïŒç¯å² : 1 ïœ 255ïŒ
⢠levelâ VRRP ã°ã«ãŒãå ã§ã®ãã®ã«ãŒã¿ã®ãã©ã€ãªãªãã£ãèšå®ïŒç¯å² : 1 ïœ 254ïŒ
åæèšå®
100
ã³ãã³ãã¢ãŒã
Interface Configuration (VLAN)
ã³ãã³ã解説
⢠仮æ³ã«ãŒã¿ã«äœ¿çšãããã®ãšåã IP ã¢ãã¬ã¹ã®ç©çã€ã³ã¿ãã§ãŒã¹ãæã€ã«ãŒã¿ãããã¹ã¿ãŒä»®æ³ã«ãŒã¿ã«ãªããŸããçŸåšã®ãã¹ã¿ãŒãæ éããæã«ã¯ãæãé«ããã©ã€ãªãªãã£ãæã€ããã¯ã¢ãã ã«ãŒã¿ããã¹ã¿ãŒ ã«ãŒã¿ã«ãªããŸããå ã®ãã¹ã¿ãŒã«ãŒã¿ãé害ããå埩ãããšãã¢ã¯ãã£ããªãã¹ã¿ãŒ ã«ãŒã¿ãšããŠåã³åŠçãåŒãç¶ããŸãã
⢠2 ã€ãŸãã¯ãã以äžã®ã«ãŒã¿ãåã VRRP ãã©ã€ãªãªãã£ã§æ§æãããŠããå ŽåãçŸåšã®ãã¹ã¿ãŒã®æ éæã«ã¯ãæãé«ã IP ã¢ãã¬ã¹ãæã€ã«ãŒã¿ããæ°èŠãã¹ã¿ãŒ ã«ãŒã¿ãšããŠéžåºãããŸãã
⢠vrrp preempt ã³ãã³ãã«ããããã¯ã¢ãã ããªãšã³ããæ©èœãæå¹ã«ãªã£ãŠãããçŸåšãã¹ã¿ãŒãšããŠåäœããŠããã«ãŒã¿ãããé«ããã©ã€ãªãªãã£ãæã€ããã¯ã¢ããã«ãŒã¿ããªã³ã©ã€ã³ã«ãªã£ãå Žåããã®ããã¯ã¢ãã ã«ãŒã¿ãæ°èŠãã¹ã¿ãŒãšããŠåŠçãåŒãç¶ããŸãããã ããå ã®ãã¹ã¿ãŒïŒVRRP IP ã¢ãã¬ã¹ã®ãªãŒããŒïŒ ããªã³ã©ã€ã³ã«æ»ããšãåžžã«ãã¹ã¿ãŒãšããŠã®å¶åŸ¡ãåéããŸãã
äŸ
é¢é£ããã³ãã³ã
vrrp preempt ïŒP559ïŒ
Console(config-if)#vrrp 1 priority 1Console(config-if)#
557 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VRRP
vrrp timers advertise
ãã¹ã¿ãŒä»®æ³ã«ãŒã¿ãããã¹ã¿ãŒãšããŠã®ãã®ç¶æ ãéä¿¡ããããã®ã¢ããã¿ã€ãºã¡ã³ããéä¿¡ããééãèšå®ããŸãã"no"ãåã«çœ®ãããšã§ãèšå®ãåæå€ã«æ»ããŸãã
ææ³
vrrp group timers advertise interval
no vrrp group timers advertise
⢠group â VRRP ã°ã«ãŒããèå¥ïŒç¯å² : 1 ïœ 255ïŒ
⢠levelâ ãã¹ã¿ãŒä»®æ³ã«ãŒã¿ãã¢ããã¿ã€ãºã¡ã³ããè¡ãééïŒç¯å² : 1 ïœ 255 ç§ïŒ
åæèšå®
1 ç§
ã³ãã³ãã¢ãŒã
Interface Configuration (VLAN)
ã³ãã³ã解説
⢠çŸåšã®ãã¹ã¿ãŒä»®æ³ã«ãŒã¿ããã® VRRP ã¢ããã¿ã€ãºã¡ã³ãã«ã¯ããã®ãã©ã€ãªãªãã£ãšãã¹ã¿ãŒãšããŠã®çŸåšã®ç¶æ ã«é¢ããæ å ±ãå«ãŸããŠããŸãã
⢠VRRP ã¢ããã¿ã€ãºã¡ã³ãã¯ããã«ããã£ã¹ã ã¢ãã¬ã¹ 224.0.0.8 ãžéä¿¡ãããŸãã
⢠ãã«ããã£ã¹ã ã¢ãã¬ã¹ã䜿çšãããšãæå® VRRP ã°ã«ãŒãã«åå ããŠããªããããã¯ãŒã¯ ããã€ã¹ã«ãã£ãŠåŠçãããå¿ èŠã®ãããã©ãã£ãã¯ã®éãåæžã§ããŸãã
⢠ãã¹ã¿ãŒ ã«ãŒã¿ãã¢ããã¿ã€ãºã¡ã³ãã®éä¿¡ãåæ¢ãããšãããã¯ã¢ãã ã«ãŒã¿ã¯ããã©ã€ãªãªãã£ã«åºã¥ããŠãã¹ã¿ãŒ ã«ãŒã¿ã®åè£ãšãªããŸãããã¹ã¿ãŒãšããŠåŠçãåŒãç¶ãããšããåã® dead ééã®å€ã¯ãhello ééã® 3 åã« 0.5 ç§ãå ãããã®ã«ãªããŸãã
äŸ
Console(config-if)#vrrp 1 timers advertise 5Console(config-if)#
558FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VRRP
vrrp preempt
çŸåšãã¹ã¿ãŒãšããŠåäœããŠããã«ãŒã¿ãããé«ããã©ã€ãªãªãã£ãæã€ã«ãŒã¿ã VRRP ã°ã«ãŒãã«åå ããæããã®ã«ãŒã¿ããã¹ã¿ãŒä»®æ³ã«ãŒã¿ãšããŠåŠçãåŒãç¶ãããã«æ§æããŸãã"no"ãåã«çœ®ãããšã§ãããªãšã³ãã·ã§ã³ãç¡å¹ã«ãªããŸãã
ææ³
vrrp group preempt [delay seconds]
no vrrp group preempt
⢠group â VRRP ã°ã«ãŒããèå¥ïŒç¯å² : 1 ïœ 255ïŒ
⢠secondsâ ãã¹ã¿ãŒã«ãªã宣èšãçºè¡ãããŸã§ã®åŸ æ©æéã§ãïŒç¯å² : 0 ïœ 120 ç§ïŒã
åæèšå®
ããªãšã³ãã·ã§ã³ : æå¹
åŸ æ©æé : 0 ç§
ã³ãã³ãã¢ãŒã
Interface Configuration (VLAN)
ã³ãã³ã解説
⢠ããªãšã³ããæ©èœãæå¹ã«ãªã£ãŠããããã®ããã¯ã¢ãã ã«ãŒã¿ãçŸåšãã¹ã¿ãŒãšããŠåäœããŠããã«ãŒã¿ãããé«ããã©ã€ãªãªãã£ãæã€å Žåãæ°èŠãã¹ã¿ãŒãšããŠåŠçãåŒãç¶ããŸãããã ããå ã®ãã¹ã¿ãŒïŒVRRP IP ã¢ãã¬ã¹ã®ãªãŒããŒïŒ ããªã³ã©ã€ã³ã«æ»ããšãåžžã«ãã¹ã¿ãŒãšããŠã®å¶åŸ¡ãåéããŸãã
⢠ãã®é 延ãèšå®ããããšã«ãããæ°èŠã«ãŒã¿ãå¶åŸ¡ãåŒãç¶ãåã«ãçŸåšã®ãã¹ã¿ãŒããã¢ããã¿ã€ãºã¡ã³ã ã¡ãã»ãŒãžãåä¿¡ããããã®è¿œå ã®æéãäžããããšãã§ããŸãããã¹ã¿ãŒã«ãªãããšããŠããã«ãŒã¿ããªã³ã©ã€ã³ã«ãªã£ãæãïŒæ°èŠã«ãŒã¿ãïŒ çŸåšã®ã¢ã¯ãã£ã ã«ãŒã¿ãå®éã«ããªãšã³ããããåã«ããã®é 延æéã«ãããã«ãŒãã£ã³ã° ããŒãã«ã®æ å ±ãåéããæéãäžããããŸãã
äŸ
é¢é£ããã³ãã³ã
vrrp priority ïŒP557ïŒ
Console(config-if)#vrrp 1 preempt delay 10Console(config-if)#
559 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VRRP
show vrrp
VRRP ã®ã¹ããŒã¿ã¹æ å ±ã衚瀺ããŸãã
ææ³
show vrrp [brief | group]
⢠brief â ãã®ã«ãŒã¿äžã®ãã¹ãŠã® VRRP ã°ã«ãŒãã«é¢ãããµããªãŒæ å ±ã衚瀺
⢠group â VRRP ã°ã«ãŒããèå¥ããŸãïŒç¯å² : 1 ïœ 255ïŒ
åæèšå®
ãªã
ã³ãã³ã ã¢ãŒã
Privileged Exec
ã³ãã³ã解説
⢠ããŒã¯ãŒããæå®ããã«ããã®ã³ãã³ãã䜿çšãããšããã®ã«ãŒã¿äžã§æ§æããããã¹ãŠã® VRRP ã°ã«ãŒãã®ã¹ããŒã¿ã¹æ å ±ãå®å šã«ãªã¹ã衚瀺ãããŸãã
⢠ãã®ã³ãã³ãã brief ããŒã¯ãŒããšãšãã«äœ¿çšãããšããã®ã«ãŒã¿äžã§æ§æããããã¹ãŠã® VRRP ã°ã«ãŒãã®ã¹ããŒã¿ã¹ã«é¢ããèŠçŽæ å ±ã衚瀺ãããŸãã
⢠ç¹å®ã®ã°ã«ãŒãã«é¢ããã¹ããŒã¿ã¹æ å ±ã衚瀺ããã«ã¯ãã°ã«ãŒãçªå·ãæå®ããŸãã
äŸ
ãã®äŸã§ã¯ããã¹ãŠã®ã°ã«ãŒãã«é¢ããã¹ããŒã¿ã¹æ å ±ãå®å šã«ãªã¹ã衚瀺ããŸãã
Console#show vrrp
ãVlan 1 - Group 1,
ãstate ããããããããããããã Master
ãVirtual IP address ããããã 192.168.1.6ãVirtual MAC address ãããã 00-00-5E-00-01-01ãAdvertisement interval ããã 5 sec
ãPreemption ãããããããããã enabledãMin delay ããããããããããã 10 secãPriority ãããããããããããã 1ãAuthentication ãããããããã SimpleTextãAuthentication key ããããã bluebirdãMaster Router ãããããããã 192.168.1.6ãMaster priority 255
ãMaster Advertisement interval 5 sec
ãMaster down interval 15Console#
560FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VRRP
ãã®äŸã§ã¯ããã¹ãŠã®ã°ã«ãŒãã«é¢ããã¹ããŒã¿ã¹æ å ±ãç°¡æœã«ãªã¹ã衚瀺ããŸãã
é ç® è§£èª¬State ãã®ã€ã³ã¿ãã§ãŒã¹ã® VRRP 圹å²ïŒãã¹ã¿ãŒãŸãã¯
ããã¯ã¢ããïŒ ã§ãã
Virtual IP address ä»®æ³ IP ã¢ãã¬ã¹ã®ãªãŒããŒãã掟çããä»®æ³ MAC ã¢ãã¬ã¹ã§ãã
Virtual MAC address çµè·¯æ å ±ãå€æŽãããåæ°
Advertisementinterval
ãã¹ã¿ãŒä»®æ³ã«ãŒã¿ãããã¹ã¿ãŒãšããŠã®èªèº«ã®åœ¹å²ãã¢ããã¿ã€ãºããééã§ãã
Preemption ããé«ããã©ã€ãªãªãã£ã®ã«ãŒã¿ããçŸåšãã¹ã¿ãŒãšããŠåäœããŠããã«ãŒã¿ãããªãšã³ããã§ããã衚瀺ããŸãã
Min delay ããé«ããã©ã€ãªãªãã£ã®ã«ãŒã¿ããçŸåšãã¹ã¿ãŒãšããŠåäœããŠããã«ãŒã¿ãããªãšã³ãããããŸã§ã®é 延æéã§ãã
Priority ãã®ã«ãŒã¿ã®ãã©ã€ãªãªãã£ã§ãã
Authentication VRRP ãã±ããã®æ€èšŒã«äœ¿çšãããèªèšŒã¢ãŒãã§ãã
Authentication key ä»ã®ã«ãŒã¿ããåä¿¡ãã VRRP ãã±ããã®èªèšŒã«äœ¿çšãããããŒã§ãã
Master Router VRRP ã°ã«ãŒã ãã¹ã¿ãŒãšããŠçŸåšåäœããŠããã«ãŒã¿ã® IP ã¢ãã¬ã¹ã§ãã
Master priority VRRP ã°ã«ãŒã ãã¹ã¿ãŒãšããŠçŸåšåäœããŠããã«ãŒã¿ã®ãã©ã€ãªãªãã£ã§ãã
Master Advertisement interval
VRRP ãã¹ã¿ãŒäžã§æ§æãããã¢ããã¿ã€ãºã¡ã³ãééã§ãã
Master downinterval
VRRP ãã¹ã¿ãŒäžã§æ§æããããããŠã³ééã§ãïŒ ãã®ééã¯ãããŒã«ã«èšå®ã«é¢ããããã°ã«ãŒãå ã®ãã¹ãŠã®ã«ãŒã¿ã§äœ¿çšãããŸãïŒã
Console#show vrrp briefInterface Grp State Virtual addr Int Pre Prio----------------------------------------------------------------
vlan 1 ãã1 ãMaster 192.168.1.6 ã5 ãE ã1Console#
é ç® è§£èª¬Interface VLAN ã€ã³ã¿ãã§ãŒã¹
Grp VRRP ã°ã«ãŒã
State ãã®ã€ã³ã¿ãã§ãŒã¹ã® VRRP 圹å²ïŒãã¹ã¿ãŒãŸãã¯ããã¯ã¢ããïŒ ã§ãã
Virtual addr ãã® VRRP ã°ã«ãŒããèå¥ããä»®æ³ã¢ãã¬ã¹ã§ãã
Int ãã¹ã¿ãŒä»®æ³ã«ãŒã¿ãããã¹ã¿ãŒãšããŠã®èªèº«ã®åœ¹å²ãã¢ããã¿ã€ãºããééã§ãã
Pre ããé«ããã©ã€ãªãªãã£ã®ã«ãŒã¿ããçŸåšãã¹ã¿ãŒãšããŠåäœããŠããã«ãŒã¿ãããªãšã³ããã§ããã衚瀺ããŸãã
Prio ãã®ã«ãŒã¿ã®ãã©ã€ãªãªãã£ã§ãã
561 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VRRP
show vrrp interface
ãã®ã³ãã³ãã§ã¯ãæå®ãã VRRP ã€ã³ã¿ãã§ãŒã¹ã®ã¹ããŒã¿ã¹æ å ±ã衚瀺ããŸãã
ææ³
show vrrp interface vlan vlan-id [brief]
⢠vlan-id â æ§æããã VLAN ã€ã³ã¿ãã§ãŒã¹ã®èå¥åïŒç¯å² : 1 ïœ 4093ïŒ
⢠brief â ãã®ã«ãŒã¿äžã®ãã¹ãŠã® VRRP ã°ã«ãŒãã«é¢ãããµããªãŒæ å ±ã衚瀺
åæèšå®
ãªã
ã³ãã³ãã¢ãŒã
Privileged Exec
äŸãã®äŸã§ã¯ãVLAN 1 ã«é¢ããã¹ããŒã¿ã¹æ å ±ãå®å šã«ãªã¹ã衚瀺ããŸãã
* 衚瀺ãããé ç®ã«é¢ãã説æã¯ããshow vrrpïŒP560ïŒããåç §ããŠãã ããã
show vrrp router counters
VRRP ãããã³ã« ãã±ããå ã®ãšã©ãŒã«å¯Ÿããã«ãŠã³ã¿ã衚瀺ããŸãã
ã³ãã³ã ã¢ãŒã
Privileged Exec
äŸ
[泚æ ]ãæªç¥ã®ãšã©ãŒã¯ãæªç¥ãŸãã¯éãµããŒã察象ã®ããŒãžã§ã³çªå·ã§åä¿¡ããã VRRPãã±ããã瀺ãããšã«æ³šæããŠãã ããã
Console#show vrrp interface vlan 1
ãVlan 1 - Group 1,
ãstate Master
ãVirtual IP address 192.168.1.6
ãVirtual MAC address 00-00-5E-00-01-01
ãAdvertisement interval 5 sec
ãPreemption enabled
ãMin delay 10 sec
ãPriority 1
ãAuthentication SimpleText
ãAuthentication key bluebird
ãMaster Router 192.168.1.6
ãMaster priority 1
ãMaster Advertisement interval 5 sec
ãMaster down interval 15Console#
Console#show vrrp router counters
ãTotal Number of VRRP Packets with Invalid Checksum : 0
ãTotal Number of VRRP Packets with Unknown Error : 0
ãTotal Number of VRRP Packets with Invalid VRID : 0Console#
562FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VRRP
show vrrp interface counters
æå®ã°ã«ãŒããŸãã¯ã€ã³ã¿ãã§ãŒã¹ã§çºçãã VRRP ãããã³ã« ã€ãã³ããšãšã©ãŒã®ã«ãŠã³ã¿ã衚瀺ããŸãã
ææ³
show vrrp group interface vlan interface counters
⢠group â VRRP ã°ã«ãŒããèå¥ïŒç¯å² : 1 ïœ 255ïŒ
⢠interface â æ§æããã VLAN ã€ã³ã¿ãã§ãŒã¹ã®èå¥åïŒç¯å² : 1 ïœ 4093ïŒ
åæèšå®
ãªã
ã³ãã³ã ã¢ãŒã
Privileged Exec
äŸ
Console#show vrrp 1 interface vlan 1 counters
ãTotal Number of Times Transitioned to MASTER : 6
ãTotal Number of Received Advertisements Packets : 0
ãTotal Number of Received Error Advertisement Interval Packets : 0
ãTotal Number of Received Authentication Failures Packets : 0
ãTotal Number of Received Error IP TTL VRRP Packets : 0
ãTotal Number of Received Priority 0 VRRP Packets : 0
ãTotal Number of Sent Priority 0 VRRP Packets : 5
ãTotal Number of Received Invalid Type VRRP Packets : 0
ãTotal Number of Received Error Address List VRRP Packets : 0
ãTotal Number of Received Invalid Authentication Type VRRP Packets : 0
ãTotal Number of Received Mismatch Authentication Type VRRP Packets : 0
ãTotal Number of Received Error Packet Length VRRP Packets : 0Console#
563 FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VRRP
clear vrrp router counters
VRRP ã·ã¹ãã ã®çµ±èšæ å ±ãã¯ãªã¢ããŸãã
ã³ãã³ã ã¢ãŒã
Privileged Exec
äŸ
clear vrrp interface counters
æå®ããã°ã«ãŒãããã³ã€ã³ã¿ãã§ãŒã¹ã® VRRP ã·ã¹ãã çµ±èšæ å ±ãã¯ãªã¢ããŸãã
ææ³
clear vrrp group interface interface counters
⢠group â VRRP ã°ã«ãŒããèå¥ïŒç¯å² : 1 ïœ 255ïŒ
åæèšå®
ãªã
ã³ãã³ãã¢ãŒãPrivileged Exec
äŸ
Console#clear vrrp router countersConsole#
Console#clear vrrp 1 interface 1 countersConsole#
564FXC9012F
ã³ãã³ãã©ã€ã³ã€ã³ã¿ãã§ãŒã¹VRRP
565 FXC9012F
FXC08-DC-200012-R1.0
æ¬ãŠãŒã¶ããã¥ã¢ã«ã¯ãFXCæ ªåŒäŒç€Ÿãå¶äœãããã®ã§ãå šãŠã®æš©å©ãåŒç€ŸãææããŸããåŒç€Ÿã«ç¡æã§æ¬æžã®äžéšããŸãã¯å šéšãè€è£œ /転èŒããããšãçŠããŸããæ¹è¯ã®ãã補åã®ä»æ§ãäºåãªãå€æŽããããšããããŸããããäºæ¿ãã ãããäºåãªãæ¬æžã®äžéšãŸãã¯å šäœãä¿®æ£ãå€æŽããããšããããŸããããäºæ¿ãã ããããŠãŒã¶ããã¥ã¢ã«ã®å 容ã«é¢ããŸããŠã¯ãäžå šãæããŠãããŸãããäžäžãäžæãªç¹ãããããŸããããåŒç€ŸãµããŒãã»ã³ã¿ãŒãŸã§ãçžè«ãã ããã
FXC9012F Management Guide(FXC08-DC-200012-R1.0)
åç 2008幎 8æ
Management GuideFXC9012F
Management GuideFXC9012F
Management GuideFXC9012F
Management GuideFXC9012F
Management GuideFXC9012F
Management GuideFXC9012F
Management GuideFXC9012F
Management GuideFXC5126/5150
Management GuideFXC9012F
Management GuideFXC9012F
Management GuideFXC9012F
Management GuideFXC9012F
Management GuideFXC9012F
Management GuideFXC08-DC-200012-R1.0FXC9012F Management Guide