Page History

The following example shows how to use a wildcard template to display information about network interfaces "eth0" and "eth1". The "eth~" template using informs the "switch" command to display information about interfaces which names started with "eth" and has any symbol in the end. "Cost" – the cost (metric) of the route. "UsCNT" – a counter indicating how many times this record has been used, i.e. how many packets were sent to this MAC address.

switch group 1 dump eth~
 Bridge group 1(normal), READY STARTED Interfaces : eth0(F) eth1(F) rf5.0(F)
 Total records 5
   DST MAC        L   Int.   GateWay MAC   GT Cost   UsCNT    Dead    HashCVlan
 ==============   =  ====  ========= ==   === =====  =====    ====   =======
 001111144693       eth0   000000000000        0      3987      300       1
 000435018822    *  eth0   000000000000        0       0          0       1
 000435118822    *  eth1   000000000000        0       0          0       1

Create "iface" type list with name "my_iface" and add network interfaces "eth0" and "rf5.0".

switch list my_iface iface add eth0 rf5.0

Create a list of values ranges named "vlans" and add value 10, values range 20...30 and 40 value.

switch list vlans numrange add 10 20-30 40

Create "match" type list and add filter its effect will cover packets of all type protocol from "195.38.45.64/26" network.

switch list ip_mynet match add net 195.38.45.64/26

In the following example "match" type list is also created, but filter covers only IP packets from "195.38.45.64/26" network.

switch list ip_mynet match add ip net 195.38.45.64/26

Specify a text file as a values source.

switch list MACGROUP1 file ftp://1.2.3.4/switches/list/macgroup1.txt

In the following example list "macgroup1.txt" may contain the following lines:

#Список компьютеров отдела Легкой Промышленности
00:01:02:03:04:05  # Иванова
00:11:12:13:14:15  # Сидоров
<EOF>

Nodes with numbers 1, 2, 3, 4, 5 and 6 are connected to digital cameras which broadcast video traffic using multicast packets. All of these flows need to be transferred to a video server the best way without flooding the network with unnecessary broadcast packets.

Downstream (from server to camera) traffic, if any, is transferred in group number 1000 in which all the nodes are located. But upstream flows from each camera are transmitted directly to the nearest hub of the group.

A feature of this solution is the ability to set multiple switchs with the same group number. To address the problem broadcast storm that could arise from the fact that the switchs are included in the various ports switch of one wire in MINT restricted - Broadcast and downstream switchs never use each other to carry traffic. Furthermore, the availability of options "upstream" ensures that the terminal nodes will choose to send packages only one hub, but it is the shortest way to the nearest hub.

To make switch group 100 on a subscriber station a member of a trunk group 5, the following command should be added to subscriber station configuration:

switch group 100 in-trunk 5

Display current STP state using the "switch group ID stp dump" command.

switch 1 stp dump
 STP state for passive group 1:
 ID:       0000000000000000 Priority: 57344 ID ext: 0
 ROOT:     0000000000000000 Priority: 0     ID ext: 0
 Ports:
  Name  Prio    Cost    PVer    Role      State
 ====== ==== ========== ==== ========== ==========
 eth0    128    2000000 RSTP DISABLED   DISCARDING
 rf5.0   128     180844 RSTP DESIGNATED DISCARDING

In the following examples all packets switching by group 3 will be tagged with VLAN 10 tag when sending through "rf5.0" interface and tags will be removed when sending through the "eth0" interface.

switch group 3 add rf5.0:10 eth0:0

Enable a trunk group on the device that will transmit several VLAN flows in different directions.

switch group 12 trunk on

On the subscriber devices "in-trunk" option must be used to specify which trunk group this group belongs to.

switch group 12 in-trunk 0

switch list MYNET numrange add 100 200 300
switch group 10 xvlan MYNET
switch group 10 trunk on

Group 20 will process only tagged packets from MYNET list and changes the VLAN tag to the corresponding group number (and vice versa) before transmission.

switch list MYNET numrange add 100 200 300
switch group 20 vlan MYNET
switch group 20 trunk on

Group 30 will process only tagged packets from MYNET list and transmits without changing with the group number 30.

switch list MYNET numrange add 100 200 300
switch group 30 vlan MYNET
switch group 30 trunk off

Create switch group "1", enable STP for it and set the 36864 STP priority value.

switch group 1 add eth0 rf5.0
switch group 1 stp priority 36864
switch group 1 stp on
switch group 1 start

There are three switch group.

1. Create rule 10 in the switch group 5 to forbid packets with source MAC addresses (specified in the group MACGROUP1), belonging to certain VLAN (VLAN ID list belongs to VGROUP and consists of 10, 40 and range 20...30), in case if packets are IP and ARP, belonging to the network listed in IP_NET3845.
2. Create rule 20 in the switch group 5 to forbid packets with destination MAC addresses (specified in the group MACGROUP1), belonging to certain VLAN (VLAN ID list belongs to VGROUP and consists of 10, 40 and range 20...30), in case if packets are IP and ARP, belonging to the network listed in IP_NET3845.
3. Set priority 10 to packets in switch group 1.

switch list MACGROUP1 mac add 00:01:02:03:04:05 00:11:12:13:14:15
switch list VGROUP numrange add 10 20-30 40
switch list IP_NET3845 match add arp net 195.38.45.64/26 || ip net 195.38.45.64/26
switch group 5 rule 10 src MACGROUP1 vlan VGROUP match IP_NET3845 deny
switch group 5 rule 20 dst MACGROUP1 vlan VGROUP match IP_NET3845 deny
switch group 1 rule 1 setpri 10

Enable logging of packets with source MAC address "00:11:22:33:44:55" and "1.2.3.0/24" subnetwork processing by the switch.

sw trace filter "ether host 00:11:22:33:44:55"
sw trace filter "net 1.2.3.0/24"

Create three switch group. Group 5 switches packets with VLAN tags 10, 20-30 and 40. Group 15 switches packets with any VLAN tag with exception for those switched by group 5. Group 25 switches all packets without VLAN tag. In addition, group 25 will transmit inter-switch traffic.

switch list VGROUP numrange add 10 20-30 40

switch list ALL_VLAN numrange add 0-4999

switch group 5 add eth0 rf5.0
switch group 5 rule 10 vlan VGROUP permit
switch group 5 deny
switch group 5 start

switch group 15 add eth0 rf5.0
switch group 15 rule 10 vlan VGROUP deny
switch group 15 rule 11 vlan ALL_VLAN permit
switch group 15 deny
switch group 15 start

switch group 25 add eth0 rf5.0
switch group 25 rule 10 vlan ALL_VLAN deny
switch group 25 permit
switch group 25 start
switch start