fsu seal Florida State University
Systems - Webmail - Web Support - UCS Home


 

UCS > Online help

Info for New Students

Secure Shell Help
Setup SSH

eMail

Listserve

Info for New Web Sites
Building a site
Intro to FSU's web
Publishing to the web

UNIX Operating System
Lynx:Text-only Webbrowser

FSU Computing

Policies
Data Management
and Security
Guide to Computing

University Computing Services

UCS specifications for network switches



 UCS specifications for network switches (version 2.0 12/17/04)
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

1.0 Network architecture and its influence on switch needs.
The necessary switch functionality at FSU varies with the switch use within
the network. Most switches connect end-users or small servers on a LAN back
to the core of the network where routing happens. The routing boundary
isolates LAN broadcasts and provides alternate link connectivity to the rest
of campus and to The Internet. Routing is currently done in the core switches but
may in the future include the building entrance switches.


1.1 For discussion of switch functionality, This document separates the basic
features of switches from the additional features needed for high-end
performance, and building entrances, and core switches, and computer-lab switches.


=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=


2.0 Basic switch operation. All switches should support all of these functions.


2.1 Wire speed capability on all ports.
2.2 Able to auto detect or force duplex.


2.3 Able to auto detect or force speed for 10/100/1000TX (copper) ports.
2.4 Spanning-tree:
2.4.1 802.1d = spanning tree - detects and stops loops on a LAN
2.4.2 802.1w = rapid spanning tree - speeds link up initialization to enable IPX
2.4.3 802.1s = multiple instance spanning tree - for trunked vlans
2.4.4 per VLAN spanningtree (PVST)
2.5 IGMP snooping (or CGMP) for multicast
2.6 802.1q - VLAN trunking to manage LANs
2.7 High port density for distribution closets (24 or 48 10/100TX in one box)
2.8 User login by name must have 2 password levels minimum. One level for looking and
a second level for making configuration changes. Different levels will be configured
for different users.
2.9 Must use encrypted passwords.
2.10 Must support HTTPS for GUI interface or SSH and (optional telnet) for CLI interface.
2.11 SNMP monitoring capability including bytes,packets,errors per port.
(default MIB-2 = .1.3.6.1.2.1)
2.12 OS upgrades via tftp or rcp or other on-line procedure.
2.13 Mirror or span a port to monitor traffic.


=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=


3.0 Switches that will serve computational intense areas. It is envisioned
that these switches would connect directly back to the core routers and not be part
of a LAN serving a whole department.
3.1 Large frame capability at 9000 byte MTU. The future MTU target is 64000Bytes.
Note that all devices on a LAN require the same MTU.
3.2 Gigabit Ethernet capable ports


=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=


4.0 Building entrance switches will need L3 routing in the future if we ever deploy
redundant boxes in the core. They will also be able to control multiple LANs for
multiple departments in one building and deploy QOS features.


4.1 Two GBIC or mini-GBIC uplinks.
4.2 rate-limit (or policy-limit) per port
4.3 Layer 3 routing with dual links in preparation for dual boxes in the core is
designed to support fail-over. (Note: We may use HSRP in the core and not need
layer3 routing in the building entrance switches.)
4.4 Broadcast control rate limits certain types of traffic.
4.5 ACL for to restrict access by IP address.


=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=


5.0 Core switches.


5.1 layer 3 routing:
5.1.1 ip protocols: encrypted OSPF, BGP4, and static routing.
5.1.2 PIM-SM, MSDP, MBGP, IGMP to support multicast
5.1.3 IPX, SAP/SPX, Appletalk (currently required, to be phased out)
5.1.4 IPv6
5.1.5 route-distribution maps
5.2 A single 'show config' should display all non-default settings.
5.3 An OS that supports saving multiple configs and multiple OS binaries.
5.4 sflow (RFC3176) or netflow sends flow information to external
computers for analysis of campus network traffic.
5.5 broadcast control rate limits certain types of traffic.
5.6 ACL for telnet/SSH access, QOS, traffic access, route maps, etc.
5.7 VLAN or physical port control
5.8 QOS feature set:
5.8.1 identify/classify traffic by source or destination TCP port or ip address
5.8.2 rate-limit or 'police' identified traffic
5.8.3 Set or trust DSCP value.
5.8.4 multiple queues per port in and out.
5.8.5 WRR queuing
5.9 Syslog
5.10 NTP
5.11 Redundant power supplies.
5.12 Interface support 100FX, GBIC or mini-GBIC at GigE, 10GigE
5.13 DHCP forwarding (helper address)
5.14 Hot standby/redundant controllers capability.


=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=


6.0 IP telephony support (future). This would be needed in all switches except
classrooms and labs and computationally intensive switches.


6.1 802.1p - prioritize traffic by QOS
6.2 a priority queue for IP telephone


=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Contact the Technology Services Help Desk.

© University Computing Services, Office of Technology Integration 200 Sliger Building, 2035 East Paul Dirac Drive
Florida State University, Tallahassee, FL 32306 | 850/644-2591
Comments & broken link reports to webmaster