北电Alteon应用层交换机技术手册_Intelligent Traffic Managemen

浏览量:1511 下载量:20 发布时间:2022-05-06

4655 Great America Parkway

Santa Clara, CA 95054

Phone 1-800-4Nortel

9f61ba9b51e79b896802261c Alteon Intelligent Traffic Management Release 3.1.2

User’s Guide

part number: 216392-B, January 2005

2

Copyright ? 2005 Nortel Networks, 4655 Great America Parkway, Santa Clara, California, 95054,

USA. All rights reserved. Part Number: 216392-B.

This document is protected by copyright and distributed under licenses restricting its use, copying,

distribution, and decompilation. No part of this document may be reproduced in any form by any

means without prior written authorization of Nortel Networks, Inc. Documentation is provided “as is”

without warranty of any kind, either express or implied, including any kind of implied or express

warranty of non-infringement or the implied warranties of merchantability or fitness for a particular

purpose.

U.S. Government End Users: This document is provided with a “commercial item” as defined by FAR

2.101 (Oct. 1995) and contains “commercial technical data” and “commercial software

documentation” as those terms are used in FAR 12.211-12.212 (Oct. 1995). Government End Users

are authorized to use this documentation only in accordance with those rights and restrictions set forth herein, consistent with FAR 12.211- 12.212 (Oct. 1995), DFARS 227.7202 (JUN 1995) and DFARS

252.227-7015 (Nov. 1995).

Nortel Networks, Inc. reserves the right to change any products described herein at any time, and

without notice. Nortel Networks, Inc. assumes no responsibility or liability arising from the use of

products described herein, except as expressly agreed to in writing by Nortel Networks, Inc. The use

and purchase of this product does not convey a license under any patent rights, trademark rights, or

any other intellectual property rights of Nortel Networks, Inc.

Alteon, Alteon Application Switch, Alteon Intelligent Traffic Management are trademarks of Nortel

Networks, Inc. in the United States and certain other countries.

Red Hat and all Red Hat-based trademarks and logos are trademarks or registered trademarks of Red

Hat, Inc. in the United States and other countries.

Linux is a registered trademark of Linus Torvalds.

Any other trademarks appearing in this manual are owned by their respective companies.

Originated in the USA.

Export

This product, software and related technology is subject to U.S. export control and may be subject to

export or import regulations in other countries. Purchaser must strictly comply with all such laws and regulations. A license to export or reexport may be required by the U.S. Department of Commerce. 216392-B

3 Contents

Figures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 Tables. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 Related Technical Manuals . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .14

Before Y ou Begin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15

How to Get Help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .16 Chapter1: Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

What is Alteon Intelligent Traffic Management? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .18 Performance Enhancement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .18 Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .19

Deploying Alteon ITM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .20

Hardware and Software Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .22

Basic Elements of Traffic Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .23 Filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .23

Contracts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .23 Static Contracts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .24

Grouping Contracts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .25 Traffic Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .25

Time Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .27

Bulk Provisioning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .28 Alteon ITM Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .29 Alteon EMS Client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .31

Alteon EMS Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .31 Before Y ou Start Managing Traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .32

Traffic Flow in ITM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .33

Application Signature . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .34

Alteon Intelligent Traffic Management User’s Guide

4Contents

Chapter2: Getting Started . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35

Before Y ou Begin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .36 Starting the Alteon ITM Wizard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .36 Launching Alteon EMS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .38

Selecting the Physical Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .39

Configuring ITM to Prevent DoS Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .41

Validating SMTP Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .42

Checking for New Signature File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .43

Selecting Applications to Classify . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .44 Notifying Updated Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .46

Conflicting Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .47

Prioritizing Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .48 Configuring Bandwidth Management Contracts . . . . . . . . . . . . . . . . . . . . . . . . . .49

Defining Traffic Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .51

Creating Contract Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .54

Configuring Time Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .55

Applying and Saving Y our Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .57

Deploying ITM Configuration to Multiple Switches . . . . . . . . . . . . . . . . . . . . . . . .58 Checking Current Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .60 Deleting Existing Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .60 Configuring from a Remote Client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .61 Determining How to Prioritize Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .61

Chapter3: Viewing Switch Statistics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63

Viewing Denial of Service Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .64 Viewing Layer 4 Filter Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .65 Viewing Pattern Group Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .67 Viewing Real Time Bandwidth Management Statistics . . . . . . . . . . . . . . . . . . . . . . . .68

Chapter4: Monitoring Switch Performance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69

Monitoring the Forwarding Database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .70 Monitoring Session Capacity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .72 Monitoring MP Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .74 Monitoring SP-Specific Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .75

216392-B

Contents5 Monitoring SP Statistics by Sessions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .76 Chapter5: Advanced Database Administration . . . . . . . . . . . . . . . . . . . . . . . . . . . 79

Database Administration Scripts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .80

Backing Up the Database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .81

Purging the Database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .82

Removing Obsolete Contract Names . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .83

Manually Adding Data to the Database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .84

Advanced SQL Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .85 Connecting to the Database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .85

Listing Available Databases . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .85

Listing T ables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .86

Viewing Table Structure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .87

Updating a Contract Name in the Database . . . . . . . . . . . . . . . . . . . . . . . . . . . . .87

Manual Data Queries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .88 Current Record Count . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .88

All Data in a Table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .89

Specific Data in a Table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .89 Chapter6: Generating Traffic Reports. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91

The Reporting Tool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .92

Starting the Reporting Tool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .93 Home Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .95

Graphing Menu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .97

Customizing Reports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .99 Understanding the Graph Display . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .100

Sample Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .102

Generating Reports Across Multiple Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .103

Sample Reports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .105 Sample 1: Selecting Inpidual Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . .106 Graph Format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .107

CSV Format Report . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .108

Table Format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .108 Sample 2: Selecting T raffic Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .109

Sample 3: Aggregating Traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .111

Alteon Intelligent Traffic Management User’s Guide

6Contents

216392-B Sample 4: Selecting Multiple Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .112 Sample 5: Summarizing Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .113 Sample 6: Displaying Data Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .115 Sample 7: Percent of Inbound T raffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .116 Sample 8: Graphing Discarded Traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .117 Sample 9: Stacking Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .118 Sample 10: Measuring Discarded Traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .121 Sample 11: Selecting Time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .123 Sample 12: Selecting Time Zone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .124 Sample 13: Generating a Typical Report . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .125 Sample 14: Generating User Reports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .127

Chapter7: Working with Signature Files. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131

What is a Signature File? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .132 Rule . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .132

Types of Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .133

Pattern Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .134

Application Masquerading . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .135 Nortel Signature File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .136 How the Alteon ITM Wizard Reads the XML Files . . . . . . . . . . . . . . . . . . . . . . . . . . .137 Checking Date of Signature File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .138 Updating the Signature File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .139 Modifying Application Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .140 Creating Custom Application Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .141 Before Creating Custom Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .142

Generic Syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .143 Sample Custom Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .144 Basic Layer 3 Rule . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .145

Basic Layer 4 Rule . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .146

Basic Layer 7 Rule (matching a single hex pattern) . . . . . . . . . . . . . . . . . . . . . .148

Basic Layer 7 Rule (matching multiple hex patterns) . . . . . . . . . . . . . . . . . . . . . .149

Basic Layer 7 Rule (matching optional hex patterns) . . . . . . . . . . . . . . . . . . . . .151

Basic Hybrid Rule . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .154

Contents7 Chapter8: Troubleshooting Alteon ITM. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159

Before Y ou Start Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .160

Not Receiving User Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .161

Cannot Receive SYSLOG Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .162

Traffic Management Wizard Option Missing . . . . . . . . . . . . . . . . . . . . . . . . .163

BWM Statistics are not Generated in Real-time . . . . . . . . . . . . . . . . . . . . . .164

Cannot Connect to the Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .165

Generating Only Default BWM Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . .166

Generating Only “Other” BWM Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . .167

Cannot Generate Traffic Reports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .168

Excessive Discards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .171

Statistics not Imported into Database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .173

Traffic Reports Display Discards When Rate Limit is not Configured . . . . . .174

SMTP Field Missing in Alteon EMS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .175

Graphs Display Straight Lines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .176

Error on Port Selection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .177

Security Menu Missing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .178

Rate Limit Policy not Working . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .179

Overall Upload Traffic Exceeds Download Traffic . . . . . . . . . . . . . . . . . . . . .180

Timeout Error . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .181

Reporting Server Cannot Receive Statistics . . . . . . . . . . . . . . . . . . . . . . . . .182

Error Message When Installing the Reporting Server . . . . . . . . . . . . . . . . . .183 Index. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185

Alteon Intelligent Traffic Management User’s Guide

8Contents 216392-B

9 Figures

Figure 1Alteon Intelligent T raffic Management Solution . . . . . . . . . . . . . . . . . . . . .29

Figure 2Selecting the Physical Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .39

Figure 3Specify SMTP Host and Username . . . . . . . . . . . . . . . . . . . . . . . . . . . . .42

Figure 4Selecting Applications to Classify . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .44

Figure 5Pre-defined Bandwidth Management Contracts and Policies . . . . . . . . . .49

Figure 6Creating a New Contract . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .50

Figure 7Customizing Rate Limit Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .52

Figure 8Customizing T raffic Shaping Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .52

Figure 9Customizing User Rate Limit Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . .53

Figure 10Configuring Time Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .55

Figure 11Configuring Action for Time Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . .56

Figure 12Bulk Provisioning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .58

Figure 13Monitoring DoS Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .64

Figure 14Viewing Filter Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .65

Figure 15Pattern Match Group Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .67

Figure 16Clearing Bandwidth Management Statistics . . . . . . . . . . . . . . . . . . . . . . .68

Figure 17Forwarding Database Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .70

Figure 18Monitoring Session Capacity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .73

Figure 19Switch Processor Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .75

Figure 20SP Maintenance Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .76

Figure 21Reporting Menu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .93

Figure 22Understanding the Graph Display . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .100

Figure 23Selecting Multiple Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .103

Figure 24Graphing Across Multiple Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . .104

Figure 25Sample Report in Standard Graph Format . . . . . . . . . . . . . . . . . . . . . . .107

Figure 26Top 5 Inbound Traffic Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .109

Figure 27All Inbound T raffic Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .110

Figure 28Traffic Aggregates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .111

Figure 29Selecting Multiple Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .112

Figure 30Before Averaging the Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .113

Alteon Intelligent Traffic Management User’s Guide

10Figures

Figure 31After Averaging the Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .114 Figure 32Data Points on Inbound Traffic for Application 3 . . . . . . . . . . . . . . . . . . .115 Figure 33Relative Graph . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .116 Figure 34Discarded Traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .117 Figure 35Applications Not Stacked . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .118 Figure 36Stacking by Application . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .119 Figure 37Stacking Applications with Discards . . . . . . . . . . . . . . . . . . . . . . . . . . . .120 Figure 38Measuring Discards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .121 Figure 39Selecting Time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .123 Figure 40Selecting Time Zone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .124 Figure 41 A Typical Report . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .126 Figure 42Top User Report . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .128 Figure 43Configuring a User Report for a Specific User . . . . . . . . . . . . . . . . . . . .129 Figure 44All Inbound Applications for User XYZ . . . . . . . . . . . . . . . . . . . . . . . . . .130 Figure 45Working with the XML Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .137 Figure 46Signature File Dates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .138 Figure 47Default Contract Gets All the Traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . .166 Figure 48Default Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .171 Figure 49Sum of Reserve Limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .172 Figure 50Alteon EMS Properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .181

216392-B

11 Tables

Table 1Traffic Management Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .20

Table 2Hardware and Software Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . .22

Table 3References to Install Hardware and Software Components . . . . . . . . . . .22

Table 4Traffic Management Policies and Description . . . . . . . . . . . . . . . . . . . . . .26

Table 5Alteon ITM Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .30

Table 6DOS Attacks Supported on the Switch . . . . . . . . . . . . . . . . . . . . . . . . . . .41

Table 7Information on the Displayed Applications . . . . . . . . . . . . . . . . . . . . . . . .45

Table 8Defining Policies for BWM Contracts . . . . . . . . . . . . . . . . . . . . . . . . . . . .51

Table 9Inbound and Outbound Action for Time Policies . . . . . . . . . . . . . . . . . . . .56

Table 10Monitoring Alteon ITM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .62

Table 11Session Capacity for Application Switches . . . . . . . . . . . . . . . . . . . . . . . .72

Table 12Reporting Menu Descriptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .94

Table 13Graphing Menu Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .97

Table 14Graph Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .100

Table 15Sample Report in T able Format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .108

Table 16Elements of a Rule . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .132

Table 17Rule T ypes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .133

Table 18Generic Syntax Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .143

Table 19Forcing Switch to Mail Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .169

Alteon Intelligent Traffic Management User’s Guide

12 216392-B

13 Preface

This User’s Guide describes how to use the Alteon Intelligent Traffic

Management (ITM) solution to control traffic traversing the Alteon Application

Switches.

This document describes the features and components of the Alteon ITM solution,

how to configure bandwidth management contracts and policies using the Alteon

Element Management System (EMS) graphical user interface, and monitor traffic

by generating reports.

Alteon Intelligent Traffic Management User’s Guide

14Preface

Related Technical Manuals

You can print selected technical manuals and release notes free, directly from the

Internet. Go to the 9f61ba9b51e79b896802261c/documentation URL. Find the

product for which you need documentation. Then locate the specific category and

model or version for your hardware or software product. Use Adobe Acrobat

Reader to open the manuals and release notes, search for the sections you need,

and print them on most standard printers. Go to Adobe Systems at the

9f61ba9b51e79b896802261c URL to download a free copy of the Adobe Acrobat Reader.

Related publications for this manual are listed below:

?Alteon Intelligent Traffic Management Installation Guide (part number

216391-B)

?Alteon EMS 3.1.2 Online Help (part number 216514-C)

?Using Alteon EMS 3.1.2 (part number 216515-C)

?Alteon Application Switch 22.0.2 Hardware Installation Guide (part number 315396-E)

?Alteon Application Switch 22.0.2 Application Guide (part number 315394-J)

?Alteon Application Switch 22.0.2 Command Reference (part number

315393-J)

216392-B

Preface15 Before You Begin

This guide is intended for network administrators with the following background:

?Basic knowledge of networks, Ethernet bridging, and IP routing

?Familiarity with networking concepts and terminology

?Experience with windows and graphical user interfaces

?Basic knowledge of network topologies

Before using this guide, you must complete the following:

1Install the application switch (see the installation guide that came with your switch).

2Connect the switch to the network.

3Refer to the Alteon ITM Installation Guide and install the Alteon ITM

software.

4Refer to this guide to configure and use Alteon ITM software.

Alteon Intelligent Traffic Management User’s Guide

16Preface

How to Get Help

If you purchased a service contract for your Nortel Networks product from a

distributor or authorized reseller, contact the technical support staff for that

distributor or reseller for assistance.

If you purchased a Nortel Networks service program, contact one of the following

Nortel Networks Technical Solutions Centers:

Technical Solutions Center Telephone

Europe, Middle East, and Africa00800 8008 9009

or

+44 (0) 870 907 9009

North America(800) 4NORTEL or (800) 466-7835

Asia Pacific(61) (2) 9927-8800

China(800) 810-5000

Additional information about the Nortel Networks Technical Solutions Centers is

available from the 9f61ba9b51e79b896802261c/help/contact/global URL.

An Express Routing Code (ERC) is available for many Nortel Networks products

and services. When you use an ERC, your call is routed to a technical support

person who specializes in supporting that product or service. To locate an ERC for

your product or service, go to the 9f61ba9b51e79b896802261c/help/contact/

erc/index URL.

216392-B

17 Chapter1

Overview

This section explains the features and components of the Alteon Intelligent Traffic

Management solution.

Select a T opic

?“What is Alteon Intelligent Traffic Management?” on page18

?“Features” on page19

?“Deploying Alteon ITM” on page20

?“Hardware and Software Requirements” on page22

?“Basic Elements of Traffic Management” on page23

?“Before You Start Managing Traffic” on page32

?“Alteon ITM Components” on page29

?“Traffic Flow in ITM” on page33

?“Application Signature” on page34

Alteon Intelligent Traffic Management User’s Guide

18Chapter1: Overview

What is Alteon Intelligent Traffic Management?

Alteon Intelligent Traffic Management (ITM) is a solution to help you control

network traffic traversing the Alteon Application Switch. The Alteon Intelligent

Traffic Manager is a very robust, reliable and flexible traffic manager that

inspects IP traffic at all layers and accurately identifies traffic enabling you to

implement policies on the classified traffic.

Alteon ITM does much more than allow or deny application traffic. It can detect,

rate limit, deny, or shape all application traffic including peer-to-peer applications

as well as network-based worms and viruses. Alteon ITM uses the following

resources to manage application traffic:

?Flexible deep packet inspection

Looking for simple or complex pattern or groups of patterns in variable

locations in an IP packet.

?Tracking sessions

?Inspecting traffic based on flow

?Collecting data and generating reports

True synergy for Intelligent Traffic Management is achieved by combining the

following attributes—IP flow based inspection, pattern-based recognition, policy

enforcement, and reporting into a cohesive system.

Performance Enhancement

This release of Alteon ITM provides significant improvement in performance

because only one side of the communication needs to be processed as opposed to

the earlier method where both directions were processed. The larger the filter list,

the larger the impact on performance. To avoid inspecting traffic in both

directions, this feature allows the switch to arbitrarily create the session entry in

the opposite direction the traffic was classified on.

In this implementation, a “Reverse Contract” association is supplied and the

returning traffic is classified into a different contract than configured on the

ingress filter, so you can exercise granular control over the application, such as

applying different policies for ingress and egress traffic.

216392-B

Chapter1: Overview19 Features

Alteon Intelligent Traffic Management provides flexibility and choice for

managing all types of traffic:

?Allow traffic

?Deny traffic

?Rate limit traffic

?Shape traffic

?Redirect traffic

?Generate detailed traffic reports and trends

?Change Differentiated Services Code Point (DSCP) value

?Classify non-IP traffic

For example, ITM can combine and enforce the following basic functions,

regardless of the layer 4 port the application is running on:

?Automatic Signature updates

?Allow HTTP

?Deny peer-to-peer uploads

?Rate limit peer-to-peer downloads

?User rate limit traffic (based on source or destination IP address)

?Share bandwidth among contracts

?Configure time policies for contracts

?Allow Instant Messaging chat

?Deny Instant Messaging file transfers

?Guarantee V oice over Internet Protocol (V oIP) traffic

Alteon Intelligent Traffic Management User’s Guide

20Chapter 1: Overview

216392-B Deploying Alteon ITM

The following identifies the capabilities of Alteon ITM and how it can be

deployed in your network:

?

Combat high-profile network worms and viruses. Alteon ITM has the ability to stop the worms without stopping valid application traffic.?

Identify and deny dynamic, port-hopping peer-to-peer applications used in the Enterprise network, or rate limit these applications in provider networks.?

Prevent Spyware applications from sending critical corporate data back to its recipient.?

Specify different enforcement policies based on time of day.?

Create a contract group and share bandwidth among contracts.?

Shape and prioritize critical business application traffic, so that it is not impacted when a new worm attacks the network.?

Deploy Alteon ITM configuration to multiple switches simultaneously.?Monitor all applications and network traffic to facilitate network and

application planning initiatives.

Table 1 shows that Alteon ITM is more than just a peer-to-peer traffic manager.Table 1 Traffic Management Features Features

Description Rate Limiting Limits bandwidth for a specific traffic class. Rate limiting performs a

hard discard of the traffic as soon as the limit is reached. Rate

limiting is efficient if you have 25% or less discards in your traffic.

T raffic Shaping Shapes (smooth) traffic for a given traffic class. T raffic shaping

should be used when you have more than 25% discards or you have

an application that does not respond well to discards.

User Rate Limit Limits bandwidth for specific users. Y ou can define user rate limit

based on source or destination IP address.

Data Capture and Analysis Generate traffic reports and analyze the captured data.

Packet Remarking Change the priority of the packet.

DoS Mitigation

Allows you to reduce load from firewalls by providing policies for well

known DoS attacks (Land, Smurf, Fraggle, Jolt, Blat, and so on)

Chapter 1: Overview

21Alteon Intelligent Traffic Management User’s Guide Emergency Virus

Response

Deny CODE RED, NIMBDA, MSBlast, and other high profile viruses in real-time.Custom Policy Support

Allows you to configure policy attributes such as buffer limits (hard, soft, and reserved limit) or enable TCP Window Resizing.Custom Application

Support Allows you to add or remove any detectable application. Not limited to Nortel or industry-defined applications.Table 1 Traffic Management Features

Features

Description

一键复制全文
立即下载
本网站内容来源于互联网搜集整理与AI生成,如有侵权或发现不合适的内容,请联系我们进行处理
Copyright © 2023 www.ifanwen.com All Rights Reserved. 琼ICP备2023004251号-1