This section contains instructions on how to install and configure the Top of Rack Switch (ToR Switch) inside the local FIBRE island, which is responsible for the control plane network of the local environment and to link the island to the FIBREnet backbone network.
- A 24-port Gigabit Ethernet Switch with:
- Remote Management support - mandatory
- SNMPv2 enabled - mandatory
- 4094 VLANs - mandatory
- Q-in-Q support - mandatory
- Selective Q-in-Q support - desirable
- OpenFlow 1.0 support - desirable
A higher port density is desirable according to the quantity of resources the local FIBRE island will be offering.
A more basic switch, with VLANs support but no Q-in-Q required, can be used to extend the number of ports dedicated to island resources, through a cascade-style connection.
Models currently in operation:
- Datacom DM4100 48-port Switch
- Dell N2024 24-port Switch
- Models currently under homologation:
- Dell PowerConnect 5548 48-port Switch
- Extreme X440-G2-24p-10GE4 24-port Switch
Before the Switch configuration - Firmware upgrade:
To execute a local firmware upgrade, is necessary to configure a TFTP server on a notebook. It's recommended to use the “Tftpd32 4.0” software related in the example below. All the example is for the DM4100 Switch:
- Create a new folder, download and copy the new firmware file to it, from: ftp://126.96.36.199/Firmware_DM4100/
- Download and decompress the Tftpd32 server application: ftp://188.8.131.52/Tftpd32/
- Configure a secondary IP address in the notebook ethernet interface: 10.0.0.1/24.
- Execute the Tftpd32 server e configure it in the main screen:
Current Directory: [fill in wit the entire filepath for the new firmware file]
Server interface: 10.0.0.1
- Connect the notebook ethernet interface to the mgmt-eth interface on the Datacom switch (cat RJ-45).
Access the equipment console and execute the following commands (this example is for the firmware file “DM4100_48P_OF_1.0.8.im” – substitute the file name if applicable):
Verify if the new version is marked as the next firmware to load (S Flag):
Execute an equipment reboot and verify wether the new version is active (R Flag):
Configuration steps for the ToR Switch:
All the examples are for the DM4100 Switch.
The initial configuration assumes the island is connected via VPN.
The 11th step is a "migration" step, to switch the connection from the VPN to the dedicated backbone called FIBREnet:
- SSH server, Telnet and HTTP
- SNMP server
- Routing and Default Gateway
- VPN to FIBREnet migration
Hostname - replace teh "[island-name]" string by the institution acronym:
Timezone - the clock timezone is set to UTF -3, with nem "BRT"
SSH server, Telnet and HTTP - is recommended to disable telnet access, as the SSH is the standard in FIBREs network.
SNMP server - the SNMP server is configured with local operator's contact info, equipment location and the official FIBRE read-only comunity. It's recommended to disable the public community.
Routing - initially, a default route to the VPN template is created in order to forward the internal traffic through the VPN gateway.
NTP - the NTP server is configured for timestamp syncronization:
VLANs - The [Institution-ID] number utilized in the IP addressing is defined in this document. The recommendation is to use the VLAN ID 60 for the island's control plane and VLAN 50 for the CMC icarus control network.
STP (Spanning Tree configuration for the FIBREnet standard is not used anymore):
Users - is mandatory to create the default FIBRE users within the equiment and their respective perimissions. This information can be requested by e-mail along the island installation. Furthermore, the local island team is allowed to create any other user account, according to the local policies.
VPN to FIBREnet migration - skip this step if the island is going to use a VPN connection. These configurations needs to be applied in order to migrate the island federal connection from the VPN to the dedicated backbone links known as FIBREnet. A Default Gateway can be configured in this step, if the local network uses a firewall or another gateway for internet connection. This changes in the ToR Switch has to be made in conjunction with another configuration changes in Dom0 following the same objective. It's recommended to access the equipments via console or the island network (10.[Institution-ID].0.1) to prevent any loss of session connectivity during the activity.
It's recommended to save the configuration already made at this point, in a separate file for backup and in the switch's startup configuration file: