Accton Technology ES4710BD User Manual Download

Page: 275 / 547

274

ES4710BD 10 Slots L2/L3/L4 Chassis Switch

Command: ip access-group [<

num

<acl-name>

{ in|out }

no ip access-group

<name>

{ in|out }

Function:

Applies an access list to the incoming direction on the port; the “

no ip access-group

<name>

{in|out}

” command deletes the access list bound to the port.

Parameter:

<name>

is the name for access list; the character string length is 1 – 8.

Command mode:

Physical Interface Mode

Default:

No ACL is bound by default.

Usage Guide:

Only one access rule can be bound to a port, application of an access list on the

outgoing direction is not supported yet.

Example:

Binding access list “aaa” to the incoming direction of the port.

Switch(Config-Ethernet1/1)#ip access-group aaa in

12.2.2.8 permit | deny(extended)

Command: [no] {deny | permit} icmp {{

<sIpAddr>

<sMask>

} | any-source | {host-source

<sIpAddr>

}} {{

<dIpAddr>

<dMask>

} | any-destination | {host-destination

<dIpAddr>

}}

[

<icmp-type>

[

<icmp-code>

]] [precedence

<prec>

] [tos

<tos>

]

[no] {deny | permit} igmp {{

<sIpAddr>

<sMask>

} | any-source | {host-source

<sIpAddr>

}}

{{

<dIpAddr>

<dMask>

} | any-destination | {host-destination

<dIpAddr>

}} [

<igmp-type>

]

[precedence

<prec>

] [tos

<tos>

]

[no] {deny | permit} tcp {{

<sIpAddr>

<sMask>

} | any-source | {host-source

<sIpAddr>

}}

[s-port

<sPort>

] {{

<dIpAddr>

<dMask>

} | any-destination | {host-destination

<dIpAddr>

}}

[d-port

<dPort>

] [ack | fin | psh | rst | syn | urg] [precedence

<prec>

] [tos

<tos>

]

[no] {deny | permit} udp {{

<sIpAddr>

<sMask>

} | any-source | {host-source

<sIpAddr>

}}

[s-port

<sPort>

] {{

<dIpAddr>

<dMask>

} | any-destination | {host-destination

<dIpAddr>

}}

[d-port

<dPort>

] [precedence

<prec>

] [tos

<tos>

]

[no] {deny | permit} {eigrp | gre | igrp | ipinip | ip |

<int>

} {{

<sIpAddr>

<sMask>

} |

any-source | {host-source

<sIpAddr>

}} {{

<dIpAddr>

<dMask>

} | any-destination |

{host-destination

<dIpAddr>

}} [precedence

<prec>

] [tos

<tos>

]

Function:

Creates or deletes a name-based extended IP access rule for a specified IP protocol or all

IP protocols.

Parameters:

<sIpAddr>

is the source IP address in decimal format;

sMask

is the mask

complement of the source IP in decimal format;

<dIpAddr>

is the destination IP

address in decimal format;

dMask

is the mask complement of the destination IP in

decimal format, 0 for significant bit and 1 for ignored bit;

igmp

type

is the IGMP

type from 0 to 255;

<icmp-type>

is the ICMP type from 1 to 255;

<icmp-code>

is the

ICMP protocol number from 0 to 255;

<prec>

is the IP priority from 0 – 7;

<tos>

is the

tos value from 0 -15;

<sPort>

is the source port number from 0 – 65535;

<dPort>

is the

destination port number from 0 – 65535.

Command Mode:

named-based extended IP ACL configuration mode

Default:

No IP address is configured by default.

Example:

Creating an extensive IP access list named “udpFlow”, denying IGMP packets and

allowing UDP packets destined for 192.168.0.1, port 32.

Summary of Contents for ES4710BD

Page 1: ...www edge core com ES4710BD 10 Slots L2 L3 L4 Chassis Switch User s Guide...

Page 2: ...provides 10 slots with support for various types of line cards and can seamlessly support a variety of network interfaces from 100Mb 1000Mb to 10Gb Ethernet We are providing this manual for your bett...

Page 3: ...1 4 2 1 1 Front Panel 39 1 4 2 1 2 Front Panel Indicator 39 1 4 2 1 3 Front Panel Console Port 40 1 4 2 1 4 Front Panel Management Port 40 1 4 2 1 5 Front Panel Reset Button 41 1 4 2 1 6 Front Panel...

Page 4: ...08 DC Direct Current Power Module 49 1 4 3 3 Power module Front Panel 49 1 4 4 Power Distribution Box 49 1 4 5 System Backplane 50 1 4 6 Fan Tray 50 1 4 7 Dust Gauze 50 1 4 8 Rear Panel 51 1 4 9 Side...

Page 5: ...able Connection 68 2 3 9 Power supply connection 68 CHAPTER 3 SETUP CONFIGURATION 70 3 1 SETUP CONFIGURATION 70 3 1 1 Main Setup Menu 70 3 1 2 Setup Submenu 71 3 1 2 1 Configuring switch hostname 71 3...

Page 6: ...1 4 3 Web Management 91 4 3 1 MAIN PAGE 91 4 3 2 MODULE FRONT PANEL 92 CHAPTER 5 BASIC SWITCH CONFIGURATION 93 5 1 BASIC SWITCH CONFIGURATION COMMANDS 93 5 1 1 clock set 93 5 1 2 config 93 5 1 3 enabl...

Page 7: ...5 2 4 12 show telnet user 107 5 2 4 13 show version 107 5 2 5 debug 107 5 3 CONFIGURING SWITCH IPADDRESSES 108 5 3 1 Configuring Switch IP Addresses Task Sequence 108 5 3 2 Commands for Configuring Sw...

Page 8: ...ds 127 5 5 2 2 3 copy FTP 127 5 5 2 2 4 dir 128 5 5 2 2 5 ftp server enable 129 5 5 2 2 6 ftp server timeout 129 5 5 2 2 7 ip ftp 130 5 5 2 2 8 copy TFTP 130 5 5 2 2 9 tftp server enable 131 5 5 2 2 1...

Page 9: ...b server user configuration 148 5 6 7 2 Exit current web configuration 149 5 6 7 3 Save current running config 149 5 6 7 4 Reboot 149 5 6 7 5 Reboot with the default configuration 149 5 6 8 Telnet ser...

Page 10: ...k 162 7 2 1 2 6 mdi 162 7 2 1 2 7 name 163 7 2 1 2 8 negotiation 163 7 2 1 2 9 rate suppression 164 7 2 1 2 10 shutdown 164 7 2 1 2 11 speed duplex 165 7 2 2 VLAN Interface Configuration 165 7 2 2 1 V...

Page 11: ...ow interface 175 7 4 2 Port Troubleshooting Help 175 7 5 WEB MANAGEMENT 175 7 5 1 Ethernet port configuration 176 7 5 1 1 Physical port configuration 176 7 5 1 2 Bandwidth control 176 7 5 2 Vlan inter...

Page 12: ...ress 190 8 5 1 2 2 6 clear port security dynamic 191 8 5 1 2 2 7 switchport port security maximum 191 8 5 1 2 2 8 switchport port security violation 192 8 5 1 3 Mac Address Binding Troubleshooting Hel...

Page 13: ...an 205 9 2 2 4 switchport interface 206 9 2 2 5 switchport mode 206 9 2 2 6 switchport trunk allowed vlan 206 9 2 2 7 switchport trunk native vlan 207 9 2 2 8 vlan ingress disable 207 9 2 3 Typical VL...

Page 14: ...GVRP configuration 222 9 5 2 1 Enable global GVRP 222 9 5 2 2 Enable port GVRP 222 9 5 2 3 GVRP configuration 222 9 5 3 Vlan debug and maintenance 223 9 5 3 1 Show vlan 223 9 5 3 2 Show GARP 224 9 5...

Page 15: ...0 4 2 MSTP Troubleshooting Help 245 10 5 WEB MANAGEMENT 246 10 5 1 MSTP field operation 246 10 5 1 1 Instance configuration 246 10 5 1 2 Field operation 246 10 5 1 3 Revision level control 246 10 5 2...

Page 16: ...2 8 ip igmp snooping vlan query interval 255 11 2 2 9 ip igmp snooping vlan query max response time 255 11 3 IGMP SNOOPING EXAMPLE 256 11 4 IGMP SNOOPING TROUBLESHOOTING HELP 258 11 4 1 Monitor and D...

Page 17: ...ss lists 276 12 4 1 2 show access group 277 12 4 1 3 show firewall 277 12 4 2 ACL Troubleshooting Help 278 12 5 WEB MANAGEMENT 278 12 5 1 Numeric standard ACL configuration 279 12 5 2 Delete numeric I...

Page 18: ...300 14 2 2 2 client identifier 300 14 2 2 3 client name 301 14 2 2 4 default router 301 14 2 2 5 dns server 301 14 2 2 6 domain name 302 14 2 2 7 hardware address 302 14 2 2 8 host 302 14 2 2 9 ip dhc...

Page 19: ...uration 319 14 6 2 4 Client wins server configuration 320 14 6 2 5 DHCP file server address configuration 320 14 6 2 6 DHCP network parameter configuration 321 14 6 2 7 Manual address pool configurati...

Page 20: ...ation Commands 340 16 2 2 1 mls qos 340 16 2 2 2 class map 340 16 2 2 3 match 340 16 2 2 4 policy map 341 16 2 2 5 class 341 16 2 2 6 set 342 16 2 2 7 police 342 16 2 2 8 mls qos aggregate policer 343...

Page 21: ...6 5 4 2 Port default CoS configuration 362 16 5 4 3 Apply policy map to port 362 16 5 4 4 Apply DSCP mutation mapping 362 16 5 5 Egress queue configuration 363 16 5 5 1 Egress queue WRR weight configu...

Page 22: ...Arp 373 17 3 2 2 2 ip proxy arp 374 17 3 3 ARP Forwarding Troubleshooting Help 374 17 3 3 1 Monitor and Debug Commands 374 17 3 3 1 1 show arp 374 17 3 3 1 2 clear arp cache 375 17 3 3 1 3 debug arp...

Page 23: ...n 391 18 3 2 2 6 ip rip metricout 392 18 3 2 2 7 ip rip input 392 18 3 2 2 8 ip rip output 392 18 3 2 2 9 ip rip receive version 392 18 3 2 2 10 ip rip send version 393 18 3 2 2 11 ip rip work 393 18...

Page 24: ...11 ip ospf passive interface 415 18 4 2 2 12 ip ospf priority 415 18 4 2 2 13 ip ospf retransmit interval 416 18 4 2 2 14 ip ospf transmit delay 416 18 4 2 2 15 network 416 18 4 2 2 16 preference 417...

Page 25: ...OSPF 449 18 5 3 1 Enable OSPF protocol 449 18 5 3 1 1 Enable Disable OSPF protocol 449 18 5 3 1 2 Router ID configuration 450 18 5 3 1 3 OSPF network range configuration 450 18 5 3 1 4 Configure OSPF...

Page 26: ...p pim query interval 463 19 3 3 Typical PIM DM Scenario 463 19 3 4 PIM DM Troubleshooting Help 464 19 3 4 1 Monitor and Debug Commands 464 19 3 4 2 show ip pim mroute dm 465 19 3 4 3 show ip pim neigh...

Page 27: ...484 19 5 2 2 5 ip dvmrp nbr timeout 484 19 5 2 2 6 ip dvmrp probe interval 485 19 5 2 2 7 ip dvmrp report interval 485 19 5 2 2 8 ip dvmrp route timeout 485 19 5 2 2 9 ip dvmrp tunnel 486 19 5 3 Typic...

Page 28: ...Enable PIM DM 501 19 7 2 2 PIM DM parameter configuration 501 19 7 3 PIM SM configuration 502 19 7 3 1 Enable PIM SM 502 19 7 3 2 PIM SM parameter configuration 502 19 7 3 3 Set interface as PIM SM BS...

Page 29: ...eclient enable 514 20 2 2 7 dot1x macfilter enable 515 20 2 2 8 dot1x max req 515 20 2 2 9 dot1x max user 515 20 2 2 10 dot1x port control 516 20 2 2 11 dot1x port method 516 20 2 2 12 dot1x re authen...

Page 30: ...531 20 5 2 3 802 1X port mac configuration 532 20 5 2 4 802 1X port status list 532 CHAPTER21 VRRP CONFIGURATION 534 21 1 INTRODUCTION TO VRRP 534 21 1 1 Configuration Task Sequence 534 21 1 2 VRRP Co...

Page 31: ...gure VRRP Port 544 21 4 4 Activate Virtual Router 544 21 4 5 Configure Preemptive Mode For VRRP 544 21 4 6 Configure VRRP priority 545 21 4 7 Configure VRRP Timer interval 545 21 4 8 Configure VRRP In...

Page 32: ...provides 10 slots 8 of which are interface module slots ES4710BD supports various types of line cards and can seamlessly support network interfaces from 100Mb 1000Mb to 10Gb Ethernet Featuring functio...

Page 33: ...Ethernet in both speed and distance in which full duplex technology is employed thus avoiding low speed half duplex CSMA CD protocol Moreover 10GbE maintains the essence of the original Ethernet mode...

Page 34: ...r inbound IP based traffic by source destination IP Mac addresses IP protocol types TCP IP port numbers IP Precedence and ToS information IEEE802 1x Access Authentication ES4710BD supports port based...

Page 35: ...ed via IEEE802 1x protocols Comprehensive Network Management With ES4710BD in band and out of band management can be done through Console Telnet and SNMP Console and Telnet management provides simple...

Page 36: ...X FX Fast Ethernet IEEE802 3x Flow control IEEE802 1x access control IEEE802 1D w Spanning Tree IEEE802 1p Class of Service IEEE802 1Q VLAN IEEE802 3ad Link Aggregation TFTP FTP DHCP BootP Telnet IP U...

Page 37: ...x 478mm D The chassis consists of functional block thermal block and power supply block The function module block is a board rack which is the supporting structure for ES4710BD system boards 10 boards...

Page 38: ...or three 600W DC modules Fan tray slot supports up to three system fan assemblies each assembly consists of two axial fans Dust gauze slot exterior air inlet for the ventilation subsystem Distributio...

Page 39: ...ilation and Cooling System The operating ambient temperature of the ES4710BD is 0 40 C the thermal design of the equipment can ensure that the surface temperature of the device will not exceed the 50...

Page 40: ...ntrol and administration and network maintenances are performed here The board can be inserted into M1 or M2 slots of the chassis for Master Slave redundancy 1 4 2 1 1 Front Panel The EM4710BD AGENT c...

Page 41: ...ort The EM4710BD AGENT provides a RJ 45 receptacle Console serial port Users can connect to hosts via this port to perform system debugging configuration maintenance administration and host software l...

Page 42: ...blink at 8 Hz When the RUN indicator is off the cards are powered off and can be removed 1 4 2 2 EM4700BD 12GT RJ45 12 copper Gb ports line card EM4700BD 12GT RJ45 supports 12 1000Base T copper ports...

Page 43: ...iption Port Type Specification RJ 45 port z 10 100 1000 Mbps auto sensing z MDI MDI X cable ant sensing z Cat 5 UTP 100 m 1 4 2 2 4 Front Panel Reset Button The EM4700BD 12GT RJ45 provides a RESET but...

Page 44: ...d blinks at 8 Hz Malfunction status Operation indicator RUN Off Cards is powered off and can be removed RJ 45 port indicator On Green Network connection on SFP transceiver is normal Status indicator L...

Page 45: ...ng the board 1 4 2 3 5 Front Panel SWAP Button The EM4700BD 12GX SFP provides a SWAP button for hot swapping the module during operation Before removing the modules users should first press the SWAP b...

Page 46: ...8 Hz Malfunction status Operation indicator RUN Off Card is powered off and can be removed XENPAK port indicator On Green Network connection on XENPAK transceiver is normal Status indicator Link Off...

Page 47: ...the cards are powered off and can be removed 1 4 2 5 EM 7600 ES and EM 7600 ES 2GB Enhanced processing card EM 7600 ES enables enhanced services including IPv6 MPLS and firewall Enhanced processing c...

Page 48: ...On Red blinking at 8 Hz Malfunction status Operation indicator RUN Off Card is powered off and can be removed SFP port indicator On Green Network connection on SFP transceiver is normal Status indica...

Page 49: ...cator RUN will turn yellow and blink at 8 Hz When the RUN indicator is off the card is powered off and can be removed 1 4 3 EM4710BD AC and EM 7608 DC ES4710BD uses 2 1 redundant power supplies three...

Page 50: ...EM4710BD AC Front Panel view 1 4 4 Power Distribution Box There is a dedicated AC distribution box or DC distribution box in the lower section of ES4710BD backplane distributing power supply for the c...

Page 51: ...and between all management and control signals of various cards A backplane has been installed in the unit chassis The backplane provides the following functions z Provides communication channel for c...

Page 52: ...emoval of the rear panel Never lift or move the switch with these handles The rear panel is shown below Fig 1 9 Rear panel and side view 1 4 9 Side Panels There are several rows of ventilation opening...

Page 53: ...ity 10 90 with no condensing Operating Temperature 0 C 40 C Power Supplies Nominal Input Voltage AC 90 264 VAC 50 60Hz DC 36 72 VDC supporting 2 1 redundant backup of power modules Power Consumption 7...

Page 54: ...ces also remember to fasten ties or scarves and roll up your sleeves 8 If the environment may cause harm to eyes be sure to wear a pair of protective goggles 9 Do not perform any operation that may re...

Page 55: ...cuits and damage the device when in contact with both powered items and the ground 3 An improper connection between the device and power sockets may be hazardous 4 Only trained and qualified personnel...

Page 56: ...cuits the switch comes with internal fan assemblies To maintain proper air circulation through the switch chassis we recommend that you maintain a minimum 100mm separation between the chassis air inta...

Page 57: ...d within 5 hours 2 1 3 Dust and Particles Dust is harmful to the safe operation of the ES4710BD Dust can lead to electrostatic adherence especially likely under low relative humidity causing poor cont...

Page 58: ...ons 2 Provide the system with a dedicated grounding rather than sharing the grounding with electronic equipment or lightning protection devices 3 Keep away from high power radio transmitters radar tra...

Page 59: ...system should include in a fuse or circuit breaker of no greater than 240V 10A It is recommended to use a UPS for more reliable power supply Improper power supply system grounding extreme fluctuation...

Page 60: ...bove list is subject to change without notice please use the packing list shipped with the switch as the checklist 2 2 2 Required Tools and Utilities z cross screwdrivers z Flat blade screwdriver Requ...

Page 61: ...Connecting to the Console Connecting to the Console port Connecting to the Management Port Connecting to the Ethernet port SFP transceiver installation Install the SFP transceiver in the SFP slot XENP...

Page 62: ...correct Preposition of the mounting points may result in inadequate spacing between the switch front panel and the rack front door and the rack front door may be unable to be closed with cables and fi...

Page 63: ...lumn with the screws provided Be sure to tighten the screws smoothly The ES4710BD should now be securely attached to the equipment rack The procedure is shown below Fig2 2 Rack mounting ES4710BD 2 3 1...

Page 64: ...d resistance value should be less than 1 ohm The ES4710BD provides 2 chassis grounding posts in the lower rear chassis marked as GND Chassis protection grounding should be properly connected to the ra...

Page 65: ...d installing the Dust Gauze Dust gauze is provided in the lower section of the ES4710BD which can be installed and removed from the front of the switch The dust gauze is meant to prevent large debris...

Page 66: ...e module fails it can be replaced while the system is operating without presenting an electrical hazard or damage to the system The procedures are provided below Step 1 Loosen the 2 panel fasteners in...

Page 67: ...z Attach the upper part of the dust gauze panel to the front panel of power module align with the pin holes in both sides z Press the dust gauze panel from the lower section softly to lock Installati...

Page 68: ...he ES4710BD each line card with a 1000BASE fiber interface provides several SFP 1000BASE transceiver slots The procedure for installing the SFP 1000BASE fiber transceiver is shown below Step 1 Put on...

Page 69: ...are listed below Step 1 Remove the protective dust plug from the SFP XENPAK fiber transceiver bore take out the fiber cable and remove the protective cap from one end of the fiber cable Keep the fiber...

Page 70: ...in any cards is not illuminated please verify the card has been properly inserted and locked Connection procedures for DC power supply module are described below Step 1 Before connecting the DC power...

Page 71: ...which the switch s hostname Vlan1 interface Telnet service and SNMP can be configured 3 1 1 Main Setup Menu Before entry into the main menu the following screen will be displayed to prompt the user to...

Page 72: ...een will appear Please input the host name ES4710BD The corresponding prompt in Chinese is ES4710BD Note the hostname should be less than 30 characters If the user presses Enter without input the host...

Page 73: ...ser can configure the IP address and mask according to their own network conditions After configuration the menu will return to the Vlan1 interface configuration section Select 1 in the Vlan1 interfac...

Page 74: ...rs When a user enters a valid username and presses Enter the following screen will appear Please input the new telnet user password The corresponding prompt in Chinese is Note Valid password length is...

Page 75: ...Configure web server 0 Add web user 1 Config web server status 2 Exit Selection number The corresponding prompt in Chinese is Web 0 Web 1 Web 2 Select 0 in the Web server configuration menu and press...

Page 76: ...press Enter or just press Enter to enable Web service The Web server configuration menu will then appear Select 2 in the Web server configuration menu to return to the Setup main menu 3 1 2 5 Configur...

Page 77: ...ng public The corresponding prompt in Chinese is SNMP public Note the valid length for a read only access community string is 1 to 255 characters the default value is public When a valid read only acc...

Page 78: ...ut the new NMS IP address A B C D The corresponding prompt in Chinese is SNMP IP A B C D When a valid secure IP address es for SNMP management workstation is entered press Enter to return to the SNMP...

Page 79: ...a the Console interface to be able to access the switch through Telnet The procedures for management via Console interface are listed below Step 1 Setting up the environment Fig 4 1 ES4710BD Out of ba...

Page 80: ...example below is based on HyperTerminal that is included in Windows XP 1 Click Start menu Programs Accessories Communications HyperTerminal Fig 4 2 Opening HyperTerminal 1 2 Type a name for opening Hy...

Page 81: ...erTerminal 3 4 COM1 properties appears select 9600 for Baud rate 8 for Data bits none for Parity checksum 1 for stop bits and none for flow control or you can also click Restore default and click OK F...

Page 82: ...tch The following appears in the HyperTerminal windows this is the CLI configuration mode for ES4710BD ES4710BD Management Switch Copyright c 2001 2004 by Edge Core Networks Limited All rights reserve...

Page 83: ...switch by devices attached to the switch In the case when in band management fails due to switch configuration changes out of band management can be used for configuring and managing the switch 4 1 2...

Page 84: ...ion commands for VLAN1 interface ES4710BD are listed below Before in band management the switch must be configured with an IP address by out of band management i e Console mode The configuration comma...

Page 85: ...nfiguration interface As a result when Telnet is enabled for configuring and managing the switch username and password for authorized Telnet users must be configured with the following command telnet...

Page 86: ...witch via other devices such as a router 4 Network management is enabled The computer hosting ECview should be able to ping the associated IP address of Switch so that ECview will upon launching find...

Page 87: ...ibed below in Fig 4 10 z Configuration Modes z Configuration Syntax z Shortcut keys z Help function z Input verification z Fuzzy match support 4 2 1 1 Configuration Modes Fig 4 10 Shell Configuration...

Page 88: ...modes such as Interface Mode or VLAN mode to return to Global Mode The user can perform global configuration settings under Global Mode such as MAC Table Port Mirroring VLAN creation IGMP Snooping sta...

Page 89: ...DHCP Address Pool Mode to Global Mode 4 2 1 1 3 4 Route Mode Routing Protocol Entry Prompt Operates Exit RIP Routing Protocol Type router rip command under Global Mode Switch Config Router Rip Config...

Page 90: ...eters required This is a command with only a keyword and no parameter just type in the command to run y vlan vlan id parameter values are required after the keyword y duplex auto full half user can en...

Page 91: ...o get a brief description of the associated help system 1 Under any command line prompt enter to get a command list of the current mode and related brief description 2 Enter a after the command keywor...

Page 92: ...Shell will recognize commands or keywords correctly if the entered string causes no conflict For example 1 For Admin configuration command show interface ethernet 1 1 simply typing in sh in e 1 1 will...

Page 93: ...tication you will see the following web management main page On the left of the management page is the main management menu and on the right of the page system information and command parameter are di...

Page 94: ...t upon first time start up defaulted is 2001 1 1 0 0 0 Usage guide The switch can not continue keeping time with power off hence the current date and time must be first set at environments where exact...

Page 95: ...d mode Global Mode Default upon first time start up the Admin user password is empty If this is the first configuration simply press Enter on prompting for current password Usage Guide Configure Admin...

Page 96: ...urrent mode to the previous mode Under Global Mode this command will return the user to Admin Mode and in Admin Mode to User Mode etc Command mode All configuration modes Example Switch exit Switch 5...

Page 97: ...is ES4710BD Usage Guide With this command the user can set the command line prompt of the switch according to their own requirements Example Setting the prompt to Test Switch Config hostname Test Tes...

Page 98: ...e Function Saves the currently configured parameters to the Flash memory Command mode Admin Mode Usage Guide After a set of configurations with desired functions the setting should be saved to the Fla...

Page 99: ...the above example the switch pings a device with an IP address of 10 1 128 160 three ICMP request packets were sent without receiving corresponding reply packets i e ping failed the last two packets...

Page 100: ...10BD uses telnet command under the Admin Mode to allow the user to log in to the other remote hosts ES4710BD can only establish TCP connections to one remote host at a time If a connection to another...

Page 101: ...rmation in Telnet client Switch monitor Related command telnet user 5 2 2 3 2 telnet Command telnet ip addr port Function Logs in to a remote host with an IP address of ip addr through Telnet Paramete...

Page 102: ...server securityip ip addr Function Configures the secure IP address of Telnet clients allowed to log in to the switch the no telnet server securityip ip addr command deletes the authorized Telnet secu...

Page 103: ...on This command tests the gateway passed while packet is in route from the source device to the target device This can be used to test connectivity and locate a failed sector Parameters ip addr is the...

Page 104: ...debugging is on Switch Related command debug 5 2 4 3 show flash Command show flash Function Displays the files and their sizes in the Flash memory Command mode Admin Mode Example Checking for files a...

Page 105: ...000 0000 0000 0000 002110 0000 0000 0000 0000 0000 0000 0000 0000 002120 0000 0000 0000 0000 0000 0000 0000 0000 002130 0000 0000 0000 0000 0000 0000 0000 0000 002140 0000 0000 0000 0000 0000 0000 000...

Page 106: ...uration to the Flash memory the displays of show running config and show startup config will be the same 5 2 4 8 show switchport interface Command show switchport interface ethernet interface list Fun...

Page 107: ...w udp Command show udp Function Displays the current UDP connection status established to the switch Command mode Admin Mode Example Switch show udp LocalAddress LocalPort ForeignAddress ForeignPort S...

Page 108: ...s the switch version Command mode Admin Mode Usage Guide Use this command to view the version information for the switch including hardware version and software version Example Switch show vers ES4710...

Page 109: ...ss upon receiving the request In addition ES4710BD can act as a DHCP server and dynamically assign network parameters such as IP addresses gateway addresses and DNS server addresses to DHCP clients DH...

Page 110: ...de Usage Guide A VLAN interface must be created first before the user can assign an IP address to the switch Example Set 10 1 128 1 24 as the IP address of VLAN1 interface Switch Config interface vlan...

Page 111: ...IP address by DHCP Manual configuration and BootP are mutually exclusive enabling any 2 methods for obtaining an IP address is not allowed Example Getting an IP address through DHCP Switch Config int...

Page 112: ...own status or network topology changes Agents will send Trap messages to NMS to inform the NMS of exceptions NMS can also be set to alert some exceptions by enabling RMON When preset alert events are...

Page 113: ...nage the private MIB MIB I RFC1156 is the first implementation of SNMP public MIB and was replaced by MIB II RFC1213 MIB II expanded MIB I but kept its OID of MIB tree MIB II contains many sub trees r...

Page 114: ...able or disable SNMP Agent server function 2 Configure SNMP community string 3 Configure secure address of SNMP management base 4 Configuring TRAP 5 Enable Disable RMON 1 Enable or disable SNMPAgent s...

Page 115: ...SNMP Trap messages 5 Enable Disable RMON Command Explanation rmon enable no rmon enable Enables Disables RMON 5 4 4 2 SNMP Configuration Commands 5 4 4 2 1 rmon Command rmon enable no rmon enable Fun...

Page 116: ...snmp server enable command disables the SNMP agent server function Command mode Global Mode Default SNMP agent server function is disabled by default Usage Guide To enable configuration and management...

Page 117: ...nt has a community string set the RMON community string will be used to send RMON Trap Example Set an IP address to receive Trap Switch Config snmp server host 1 1 1 5 dcstrap Delete an IP address tha...

Page 118: ...nmp server securityip 1 1 1 5 Thus the NMS can use private as the community string to access the switch with read write permission or use public as the community string to access the switch with read...

Page 119: ...packet inputs bad snmp version errors Number of version information error packets unknown community name Number of community name error packets illegal operation for community name supplied Number of...

Page 120: ...mmand mode Admin Mode Example Switch show snmp status System Name System Contact System Location Trap enable RMON enable Community Information Trap manager Information Security IP Information Displaye...

Page 121: ...NMP Agent server function use snmp server enable command Secure IP for NMS use snmp server securityip command and community string use snmp server community command are correctly configured as if any...

Page 122: ...console cable is used to connect PC to the management port on the switch The PC should have FTP TFTP server software installed and have the img file required for the upgrade Step 2 Press ctrl b on sw...

Page 123: ...fig Host IP Address 10 1 1 1 192 168 1 2 Server IP Address 10 1 1 2 192 168 1 66 FTP 1 or TFTP 2 1 2 Network interface configure OK Boot Step 4 Enable FTP TFTP server in the PC For TFTP run TFTP serve...

Page 124: ...ile nos img nos1 img Config File boot conf 5 5 2 FTP TFTP Upgrade 5 5 2 1 Introduction to FTP TFTP FTP File Transfer Protocol TFTP Trivial File Transfer Protocol are both file transfer protocols that...

Page 125: ...as a FTP TFTP client configuration files or system files can be downloaded from the remote FTP TFTP servers can be hosts or other switches without affecting its normal operation And file list can also...

Page 126: ...load and easier configuration ES4710BD mandates the name of active configuration file to be running config Factory configuration file The configuration file shipped with ES4710BD is in the name of fac...

Page 127: ...r configuration 1 Start FTP server Command Explanation Global Mode ftp server enable no ftp server enable Starts FTP server the no ftp server enable command shuts down FTP server and prevents FTP user...

Page 128: ...ansmission time within timeout interval 5 5 2 2 2 FTP TFTP Configuration Commands 5 5 2 2 3 copy FTP Command copy source url destination url ascii binary Function FTP client upload download file Param...

Page 129: ...ample 1 Saving the mirror in FLASH to FTP server 10 1 1 1 the login username for the FTP server is Switch and the password is edgecore Switch copy nos img ftp Switch edgecore 10 1 1 1 nos img 2 Get th...

Page 130: ...unction is enabled the switch can still perform ftp client functions FTP server is not enabled by default Example enable FTP server service Switch config Switch Config ftp server enable Related comman...

Page 131: ...ftp ECSwitch password 0 edgecore Switch Config 5 5 2 2 8 copy TFTP Command copy source url destination url ascii binary Function TFTP client upload download file Parameters source url is the source f...

Page 132: ...1 1 Switch copy tftp 10 1 1 1 nos img nos img 3 Saving the active configuration file Switch copy running config startup config Related command write 5 5 2 2 9 tftp server enable Command tftp server en...

Page 133: ...config Switch Config tftp server retransmission number 10 5 5 2 2 11 tftp server transmission timeout Command tftp server transmission timeout seconds Function Sets the transmission timeout value for...

Page 134: ...no shut Switch Config If Vlan1 exit Switch Config exit Switch copy ftp Switch edgecore 10 1 1 1 12_30_nos img nos img With the above commands the switch will have the nos img file in the computer down...

Page 135: ...ures of the switch are listed below Switch Config inter vlan 1 Switch Config If Vlan1 ip address 10 1 1 2 255 255 255 0 Switch Config If Vlan1 no shut Switch Config If Vlan1 exit Switch Config tftp se...

Page 136: ...ASH TFTP Configuration Computer side configuration Start TFTP server software on the computer and place Profile1 Profile2 and Profile3 to the appropriate TFTP server directory on the computer The conf...

Page 137: ...erver v2 5 build 6 for WinSock ready 331 User name okay need password 230 User logged in proceed 200 PORT Command successful 150 Opening ASCII mode data connection for bin ls recv total 480 nos img no...

Page 138: ...When uploading downloading system files with FTP protocol the connectivity of the link must be ensured i e use the ping command to verify the connectivity between the FTP client and server before runn...

Page 139: ...or 226 Transfer complete is displayed indicating the upgrade was successful otherwise the switch may be rendered unable to start If the system file and system start up file upgrade through FTP fails...

Page 140: ...ENT 5 6 1 Switch basic configuration Users should click Switch basic configuration table and configure the switch s clock prompts of command line interface timeout of quitting privileged configuration...

Page 141: ...guration mode 5 6 2 SNMP configuration Users should click Switch basic configuration and SNMP configuration to configure the SNMP relating functions 5 6 2 1 SNMP manager configuration Users should cli...

Page 142: ...remove Example configure the Trap receiver as 41 1 1 100 and configure the community string as trap and State as Valid The command will be applied to the switch by clicking on the Apply button 5 6 2...

Page 143: ...SNMP configuration and RMON and TRAP configuration to configure the RMON function of the switch z Snmp Agent state open close the switch to be SNMP agent server function Please refer to the CLI comman...

Page 144: ...lease refer to the CLI command 5 5 2 2 9 Words and phrases are explained in the following Server IP address IP address of the server Local file name the local file name Server file name the file name...

Page 145: ...are explained in the following Server IP address IP address of the server User name the name of the user Password the specific password Operation type Upload means to upload files Download means to do...

Page 146: ...nd debug command Users should click Switch basic configuration and Basic configuration debug to enter into the configuration page and make configuration nodes which include the following segments z De...

Page 147: ...nd as 5 2 1 and 5 2 3 Words and phrases of Ping segment are explained in the following IP address the destination IP address Hostname the name of the host Words and phrases of IP Traceroute segment ar...

Page 148: ...ay FLASH files 5 6 5 Basic introduction to switch Users should click Switch basic configuration and Switch basic information to enter into the configuration page and make configuration nodes Words and...

Page 149: ...and GVRP and then click on the Apply button 5 6 7 Switch Maintenance On the left directory of the root page users should click Switch maintenance to configure maintenance nodes through web interface...

Page 150: ...5 1 10 5 6 7 5 Reboot with the default configuration Users should clear all current configurations and reboot the switch again by clicking Switch maintenance and Reboot with the default configuration...

Page 151: ...he Telnet user name as switch and password as switch and then click on the Apply button 5 6 8 2 Telnet security IP Users should click Telnet server configuration and Telnet security IP to configure th...

Page 152: ...the Standby Master 6 2 Device Management Configuration 5 6 1 SWITCH BASIC CONFIGURATION Command reset slot slotno Function Resets specified card Parameters slotno is the slot number or the card locat...

Page 153: ...ommand show fan Function Shows whether the fan tray is in place Parameters N A Default No display by default Command mode Admin Mode Usage Guide YES for fan in place NO for fan not in place Example Sw...

Page 154: ...displays incoming device management packets state displays card status change information Default Debugging information is disabled by default Command mode Admin Mode 6 3 Card Hot Swap Operation ES471...

Page 155: ...and the user hot inserts a card into a slot with a different card inserted previously the system will not reload configuration if the slot has a same type of card as the one inserted previously then t...

Page 156: ...will be hot swapped This function is equal to the CLI command showing in 6 2 1 Click the Reset button to confirm the selection of the module number Note that the Active master module is not hot swappa...

Page 157: ...switch module and you can see if the physical ports on the module are currently linked up or not Select to display a certain slot module The management page will display the front panel drawing of th...

Page 158: ...te port numbers and is used for consecutive port numbers Suppose an operation should be performed on ports 2 3 4 5 of the card in slot 1 and ports 8 9 10 on the card in slot 3 the command would look l...

Page 159: ...er the Ethernet port configuration mode 2 Configure the properties for the Ethernet ports Command Explanation Interface Mode combo forced mode copper forced copper preferred auto sfp forced sfp prefer...

Page 160: ...roadcast packet number the no format of this command disables the broadcast storm control function 7 2 1 2 Ethernet Port Configuration Commands 7 2 1 2 1 bandwidth Command bandwidth control bandwidth...

Page 161: ...port connection condition determines the active port of the combo ports A combo port consist of one fiber port and a copper cable port It should be noted that the speed duplex command applies to the c...

Page 162: ...flow control Function Enables the flow control function for the port the no flow control command disables the flow control function for the port Command mode Interface Mode Default Port flow control i...

Page 163: ...mally After loopback has been enabled the port will assume a connection established to itself and all traffic sent from the port will be received at the very same port Example Enabling loopback test i...

Page 164: ...rts are obvious Example Naming ports 1 1 2 as financial Switch Config interface ethernet 1 1 2 Switch Config Port Range name financial 7 2 1 2 8 negotiation Command negotiation on off Function Enables...

Page 165: ...long to a same broadcast domain if no VLAN has been set The switch will send the abovementioned three traffics to all ports in the broadcast domain which may result in broadcast storm and so may great...

Page 166: ...s to 1000Base TX or 100Base TX ports only speed duplex command is not available for 1000Base X port For combo port this command applies to the 1000Base TX port only and has no effect on 1000Base X por...

Page 167: ...existing VLAN interface Parameters vlan id is the VLAN ID for the establish VLAN the valid range is 1 to 4094 Command mode Global Mode Usage Guide Before setting a VLAN interface the existence of the...

Page 168: ...Setting the IP address of VLAN1 interface to 192 168 1 10 24 Switch Config If Vlan1 ip address 192 168 1 10 255 255 255 0 7 2 2 2 3 shutdown Command shutdown no shutdown Function Shuts down the speci...

Page 169: ...Command mode Network management port configuration Mode Default The default duplex mode is set to auto negotiation Usage Guide According to IEEE 802 3 the auto negotiation for port speed and duplex a...

Page 170: ...twork management port configuration Mode Default No IP address is configured by default Usage Guide This command configures the IP address for network management port Example Setting the IP address of...

Page 171: ...tion for speed is set by default Usage Guide According to IEEE 802 3 the auto negotiation for port speed and duplex are linked If the port speed setting is auto negotiation the port duplex mode will a...

Page 172: ...ce interface number no monitor session session destination interface interface number Specifies the mirror destination port the no monitor session session destination interface interface number comman...

Page 173: ...ort 3 5 Switch Config monitor session 1 source interface ethernet 1 1 4 tx Switch Config monitor session 1 source interface ethernet 3 5 rx 7 2 4 3 2 monitor session destination interface Command moni...

Page 174: ...mirroring please check the following first for causes Whether the mirror destination port is a member of a trunk group or not if yes modify the trunk group If the throughput of mirror destination por...

Page 175: ...rnet4 12 speed duplex force1000 full Switch2 Config Ethernet4 12 exit Switch2 Config monitor session 1 source interface ethernet 1 8 3 9 Switch2 Config monitor session 1 destination interface ethernet...

Page 176: ...address IP address and statistics for packets sent received for trunk ports this command displays port speed duplex mode traffic control on off broadcast storm control and statistics for packets sent...

Page 177: ...ex status Sets up Ethernet sport speed and duplex including auto negotiation 10Mbps Half 10Mbps Full 100Mbps Half 100Mbps Full 1000Mbps Half 1000Mbps Full Equals to CLI command 7 2 1 2 and 7 2 1 2 10...

Page 178: ...displays the port bandwidth control information of the switch 7 5 2 Vlan interface configuration Click Port configuration vlan interface configuration to open the VLAN port configuration management li...

Page 179: ...ick Port configuration Port mirroring configuration to enter port mirroring configuration management table to do port mirroring configurations 7 5 3 1 Mirror configuration Click Port configuration Por...

Page 180: ...ror dialog session as 1 and set up port mirroring list as 1 5 tag as preserve Click Apply button and this setting will be applied in the switch 7 5 4 Port debug and maintenance Click Port configuratio...

Page 181: ...esses and switch ports MAC addresses can be categorized as static MAC addresses and dynamic MAC addresses Static MAC addresses are manually configured by the user have the highest priority and are per...

Page 182: ...between the MAC addresses and the ports Dynamic learning is the process in which the switch learns the mapping between MAC addresses and ports and updates the MAC table regularly In this section we w...

Page 183: ...S4710BD 8 1 2 Forward or Filter The switch will forward or filter received data frames according to the MAC table Take the above figure as an example assuming ES4710BD has learnt the MAC address of PC...

Page 184: ...nicast frame in the VLAN it belongs to 8 2 MAC Table Configuration 8 2 1 mac address table aging time Command mac address table aging time age 0 no mac address table aging time Function Sets the aging...

Page 185: ...ess entries except system default reserved entries Example Port 1 1 belongs to VLAN200 set a mapping to MAC address 00 03 0f f0 00 18 Switch Config mac address table static address 00 03 0f f0 00 18 v...

Page 186: ...are listed below 1 Set the MAC address 00 01 11 11 11 11 of PC1 as a filter address Switch Config mac address table blackhole address 00 01 11 11 11 11 vlan 1 2 Set the static mapping relationship fo...

Page 187: ...ss table blackhole address mac addr vlan vlan id Function Displays the filter entries of the current MAC table Parameters blackhole stands for filter entries mac addr for the MAC addresses of the entr...

Page 188: ...olicy may require MAC addresses to be bound with the ports only data streams from the bound MAC are allowed to be forwarded in the ports That is to say after a MAC address is bound to a port only the...

Page 189: ...default setting switchport port security mac address mac address no switchport port security mac address mac address Adds static secure a MAC address no switchport port security mac address command d...

Page 190: ...the MAC address binding function for port 1 Switch Config interface Ethernet 1 1 Switch Config Ethernet1 1 switchport port security 8 5 1 2 2 2 switchport port security convert Command switchport port...

Page 191: ...the default setting Parameters value is the timeout value the valid range is 0 to 300 seconds Command mode Interface Mode Default Port locking timer is not enabled by default Usage Guide The port lock...

Page 192: ...curity dynamic interface Ethernet 1 1 8 5 1 2 2 7 switchport port security maximum Command switchport port security maximum value no switchport port security maximum Function Sets the maximum number o...

Page 193: ...on mode is set to shutdown then the port will be shutdown when the secure MAC address number exceeds maximum secure MAC address number set the user can manually open the port by using the no shutdown...

Page 194: ...in the system 8 5 1 3 1 2 show port security interface Command show port security interface interface id Function displays the configuration of secure port Command mode Admin Mode Parameters interfac...

Page 195: ...Command show port security address interface interface id Function Displays the secure MAC addresses of the port Command mode Admin Mode Parameters interface list stands for the port to be displayed U...

Page 196: ...nagement list Users can proceed to manage set security port add and delete MAC addresses and so on 8 6 1 Mac address table configuration Click MAC address table configuration to open MAC address list...

Page 197: ...button to confirm deleting MAC according to MAC type Example Select VID as 1 select port as Ethernet1 1 port status as Static and click Delete button then will delete all static MAC address in port 1...

Page 198: ...ss table configuration MAC address table configuration show mac address table to show current MAC address information of the switch Equals to CLI command 8 4 1 1 An example of displayed information is...

Page 199: ...ration Lock port to enable the lock port configuration list to set up port security functions including lock port MAC converting and so on 8 6 2 2 1 Lock port Click MAC address table configuration MAC...

Page 200: ...uration Lock port Binding MAC to add remove static security MAC addresses Equals to CLI command 8 5 1 2 2 5 z Port Specifies the port z Port security MAC MAC address Operation type adds removes static...

Page 201: ...y MAC address numbers Equals to CLI command 8 5 1 2 2 7 z Port Specifies the port z Max security MAC number 1 128 Maximum port security MAC address number Select Ethernet port 1 1 and set up Max secur...

Page 202: ...rt security related information z Show port security by interface displays the specified port security configuration status Equals to CLI command 8 5 1 3 1 3 z Show port security address by interface...

Page 203: ...the standardized VLAN implementation ES4710BD VLAN implementation follows IEEE 802 1Q VLAN technology can partition a big LAN into many separate broadcast domains dynamically to meet demands Fig 9 1...

Page 204: ...detail 9 2 VLAN Configuration 9 2 1 VLAN Configuration Task Sequence 1 Creating or deleting VLAN 2 Specifying or deleting VLAN name 3 Assigning Switch ports for VLAN 4 Setting the port type for the s...

Page 205: ...mmand Explanation Interface Mode switchport mode trunk access Sets the current port as a Trunk or Access port Command Explanation Interface Mode switchport trunk allowed vlan vlan list all no switchpo...

Page 206: ...ameters vlan name is the specified VLAN name string Command mode VLAN Mode Default The default VLAN name is vlanXXX where XXX is the VID Usage Guide The switch provides a function to specify different...

Page 207: ...Switch Config Vlan100 switchport interface ethernet 1 1 3 4 7 8 9 2 2 5 switchport mode Command switchport mode trunk access Function Sets the port in access mode or trunk mode Parameters trunk means...

Page 208: ...tch Config ethernet1 5 exit 9 2 2 7 switchport trunk native vlan Command switchport trunk native vlan vlan id no switchport trunk native vlan Function Sets the PVID for Trunk port the no switchport tr...

Page 209: ...fig Ethernet1 1 vlan ingress disable 9 2 3 Typical VLAN Application Scenario Fig 9 2 Typical VLAN Application Topology Example The existing LAN is required to be partitioned to 3 VLANs due to security...

Page 210: ...vlan 100 Switch Config Vlan100 switchport interface ethernet 1 5 7 Switch Config Vlan100 exit Switch Config vlan 200 Switch Config Vlan200 switchport interface ethernet 1 8 10 Switch Config Vlan200 e...

Page 211: ...ive dynamic VLAN register information from the other switches and update local VLAN register information according the information received A GVRP enabled switch can also populate their own VLAN regis...

Page 212: ...e Command garp timer leave timer value no garp timer leave Function Sets the leave timer for GARP the no garp timer leave command restores the default timer setting Parameters timer value is the value...

Page 213: ...g Ethernet1 10 garp timer hold 500 9 3 2 4 garp timer leaveall Command garp timer leaveall timer value no garp timer leaveall Function Sets the leaveall timer for GARP the no garp timer leaveall comma...

Page 214: ...1 10 Switch Config gvrp Switch Config interface ethernet 1 10 Switch Config Ethernet1 10 gvrp Switch Config exit 9 3 3 Typical GVRPApplication Scenario PC PC Switch A Switch B Switch C Fig 9 3 Typical...

Page 215: ...Config vlan 100 Switch Config Vlan100 switchport interface ethernet 1 2 6 Switch Config Vlan100 exit Switch Config interface Ethernet 1 11 Switch Config Ethernet1 11 switchport mode trunk Switch Conf...

Page 216: ...y status information the valid range is 1 to 4094 vlan name is the VLAN name for the VLAN to display status information valid length is 1 to 11 characters Command mode Admin Mode Usage Guide If no vla...

Page 217: ...eters interface nam stands for the name of the Trunk port to be displayed Command mode Admin Mode Usage Guide N A Example Displaying global GARP information Switch show garp 9 4 1 3 show gvrp Command...

Page 218: ...ust be disabled first 9 5 WEB MANAGEMENT Click Vlan configuration to open the vlan allocation management list to manage the VLAN configuration of the switch 9 5 1 Vlan configuration Click Vlan configu...

Page 219: ...2 VLAN Name as default and VLAN type as universal vlan and click Apply button then VLAN 2 is created VLAN ID information displays current VLAN allocation information of the switch 9 5 1 2 Allocate po...

Page 220: ...nfiguration Port type configuration Set port mode Trunk Access to set up port mode of the switch z Port specified port z Type port mode including access mode and trunk mode Equals to CLI command 9 2 2...

Page 221: ...2 2 7 z Port specifies port z Trunk native vlan specifies native vlan id z Operation type Sets native vlan means to add new VLAN Remove native vlan means to remove original native vlan Example Select...

Page 222: ...access port Click Vlan configuration Vlan configuration Access port configuration Vlan setting to add current access ports to specified a VLAN or delete by VLAN z Port specified port z Vlan ID Specifi...

Page 223: ...tion GVRP configuration to open the GVRP configuration management list to manage GVRP function of the switch 9 5 2 1 Enable global GVRP Click Vlan configuration GVRP configuration Enable global GVRP t...

Page 224: ...2 3 3 z Leaveall timer 100 327650ms configures the value of GARP leaveall timer Equals to CLI command 9 2 3 4 Example Select Ethernet port 1 1 setup Join timer as 200 Leave timers as 100 Hold timer as...

Page 225: ...guration Vlan debug and maintenance show gvrp The display window on the right will show all related GVRP information Equals to CLI command 9 4 1 3 Chapter 10 MSTP Configuration 10 1 Introduction to MS...

Page 226: ...in the field maintain the same MSTIs Bridges in each field have the following properties z Configuration Name consisting of alphanumeric characters z Configuration revision level z Configuration Dige...

Page 227: ...s connections through CST IST connects bridges in the field as a virtual bridges and connects to neighboring fields or 802 1D bridges The functional range of MSTI limits to the MST field it resides An...

Page 228: ...mode Sets MSTP running mode Port Mode spanning tree mcheck Forces port migration to run under MSTP 2 Configure instance parameters Command Explanation Global Mode spanning tree mst instance id priori...

Page 229: ...P field revision level level no revision level Sets the revision level for MSTP field abort Exits MSTP field mode to Global mode without saving current configuration to MSTP field exit Exits MSTP fiel...

Page 230: ...made to MSTP field are applied at the same time Example exiting MST mode and apply the configuration changes Switch Config Mstp Region exit Switch Config 10 2 2 3 instance vlan Command instance insta...

Page 231: ...ommand mode MSTP Field Mode Default The default MSTP field name is the Switch bridge MAC Usage Guide This command is used to set the MSTP field name Switches are considered to be in the same MSTP fiel...

Page 232: ...the default setting Parameters time is the forward delay time in seconds the valid range is 4 to 30 Command mode Global Mode Default The default forward delay time is 15 seconds Usage Guide When the...

Page 233: ...nt to point Command mode Port configuration Mode Default MSTP auto detects the link type connected to the port by default Usage Guide When the port is operating under full duplex mode MSTP will assume...

Page 234: ...a BPDU with Max hop 0 it will drop that BPDU and make itself the designated port for sending BDPUs Example Setting the max hop count to 32 Switch Config spanning tree max hop 32 10 2 2 12 spanning tr...

Page 235: ...n MST configuration mode of the switch switch specific MSTP field parameter can be configured the no spanning tree mst configuration command resets the default switch MSTP field parameter Command mode...

Page 236: ...2000 N Usage Guide Sets the route cost for the ports that can control the rout routing cost from the instance port to the root bridge so as to control the election of root port and designated ports Ex...

Page 237: ...e ID of the specified instance can be changed by setting switch priority therefore affecting the root bridge and designated port election for that instance A smaller switch bridge priority value means...

Page 238: ...run in MSTP mode by default their bridge priority port priority and port route cost are all the default values equal The default configuration for switches are listed below Bridge name SW1 SW2 SW3 SW...

Page 239: ...d SW4 to Instance3 map vlan 40 and vlan 50 to Instance4 Step 3 Configure switch SW3 to be the root bridge of Instance3 Configure switch SW4 to be root bridge of Instance4 z Set in Switch SW3 the corre...

Page 240: ...Mstp Region exit SW3 Config interface e1 1 7 SW3 Config Port Range switchport mode trunk SW3 Config Port Range exit SW3 Config spanning tree SW3 Config spanning tree mst 3 priority 0 Switch SW4 SW4 Co...

Page 241: ...affic of vlan 40 and vlan 50 transmit along the topology of Instance4 traffic of other vlan transmit along topology of Instance0 Port 1 of Switch SW2 is the Master Port of Instance3 and Instance4 MSTP...

Page 242: ...lp 10 4 1 Monitor and Debug Command 10 4 1 1 show spanning tree Command show spanning tree mst instance id interface interface list detail Function Displays MSTP and instances information Parameters i...

Page 243: ...otPathCost 200000 Region Root Id this switch Int RootPathCost 0 Root Port ID 128 1 Current port list in Instance 0 Ethernet1 1 Ethernet1 2 Total 2 PortName ID ExtRPC IntRPC State Role DsgBridge DsgPor...

Page 244: ...lue of the current running STP Instance Information Self Bridge Id Priority and MAC of the current bridge corresponding to the Instance Root Id Priority and MAC of the root bridge corresponding to the...

Page 245: ...lans Mapped 00 1 29 31 39 41 4094 03 30 04 40 10 4 1 3 show mst pending Command show mst pending Function Displays effective MSTP field parameter configurations in MSTP field mode Command mode MSTP Fi...

Page 246: ...g information for receiving BPDU packets on port 1 1 Switch debug spanning tree Switch debug spanning tree bpdu rx interface e1 1 10 4 2 MSTP Troubleshooting Help If MSTP is to be run in the switch MS...

Page 247: ...to specified Instance Configure mapping between VLAN1 10 100 110 and Instance 1 Equivalent command 1 2 1 3 Set Instance name to 1 VLAN name to VLAN1 10 100 110 Click Apply to commit the application 1...

Page 248: ...Config Set the priority for the current port on specified instance Set the priority for port 1 2 of instance1 to 32 10 5 2 3 Port route cost setting Click MSTP control to enter MSTP port operation th...

Page 249: ...e switch port configuration mode Enable MSTP under Global Mode and disable MSTP for port 1 2 10 5 3 MSTP global control 10 5 3 1 MSTP global protocol port configuration Click MSTP control to enter MST...

Page 250: ...itch Set max age time to 25 seconds in Global Mode 10 5 3 5 Set the max hop count support for BPDU transmitting in MSTP field Click MSTP control MSTP Global control then set the BPDU Max Hop Time Conf...

Page 251: ...instance for the switch Configure switch instance2 priority to 4096 10 5 4 Show MSTP setting 10 5 4 1 Instance information Click MSTPL control show MSTP settings enter Instance Information Display MST...

Page 252: ...ership reports a message IGMP Snooping is also referred to as IGMP listening The switch prevents multicast traffic from flooding through IGMP Snooping multicast traffic is forwarded to ports associate...

Page 253: ...nd Explanation Global Mode ip igmp snooping vlan vlan id query no ip igmp snooping vlan vlan id query Enables IGMP Snooping of a specified VLAN to send a query ip igmp snooping vlan vlan id query robu...

Page 254: ...nooping for the specified VLAN This command cannot be used with ip igmp snooping vlan vlan id query command i e either snooping or query can be enabled for one VLAN but not both Example Enabling IGMP...

Page 255: ...face ethernet 1 6 Delete static multicast address 224 1 1 1 in VLAN 100 Switch Config no ip igmp snooping vlan 100 static 224 1 1 1 11 2 2 5 ip igmp snooping vlan immediate leave Command ip igmp snoop...

Page 256: ...A larger robustness parameter means worse network conditions smaller robustness parameter means better network conditions The user can set the robustness parameter according to their network condition...

Page 257: ...rio 1 IGMP Snooping function Fig 11 1 Enabling IGMP Snooping function Example As shown in the above figure a VLAN 100 is configured in the switch and includes ports 1 2 6 10 and 12 on slot 1 Four host...

Page 258: ...rogram1 while the host is connected to port 12 plays program 2 IGMP Snooping listening result The multicast table built by IGMP Snooping in VLAN 100 indicates ports 1 2 6 10 in Group1 and ports 1 12 i...

Page 259: ...snooping vlan 100 Switch2 Config ip igmp snooping vlan 100 mrouter interface ethernet 1 1 Multicast Configuration The same as scenario 1 IGMP Snooping listening result Similar to scenario 1 11 4 IGMP...

Page 260: ...tion for VLAN 3 igmp snooping vlan status Disabled igmp snooping vlan query Disabled igmp snooping vlan mrouter port null IGMP information for VLAN 4 igmp snooping vlan status Disabled igmp snooping v...

Page 261: ...ed 2 Displaying detailed information of IGMP Snooping and Query for VLAN2 Switch show ip igmp snooping vlan 2 IGMP information for VLAN 2 igmp snooping status Enabled igmp snooping vlan status Enabled...

Page 262: ...vlan query SX Query packet number received by the VLAN igmp snooping multicast mac Multicast addresses learnt by the IGMP Snooping forward table igmp snooping multicast port The member port name corre...

Page 263: ...Click on the IGMP Snooping configuration the IGMP Snooping configuration node and the IGMP Snooping static multicast configuration node will be expanded The IGMP Snooping configuration screen is used...

Page 264: ...ponse The maximum value for response time Equivalent to the CLI command 11 2 2 9 To configure query select VLAN from the VLAN ID list under Query State choose Open configure the other parameters click...

Page 265: ...ulticast address configures the multicast address z Operation type adds or removes the static multicast member This is equivalent to the CLI command 11 2 2 4 To add the static multicast address select...

Page 266: ...265 EES4710BD 10 Slots L2 L3 L4 Chassis Switch...

Page 267: ...ch as source IP destination IP IP protocol number and TCP port Access lists can be categorized by the following criteria z Filter information based criterion IP access list layer 3 or higher informati...

Page 268: ...only be deny 12 2 ACL configuration 12 2 1 ACL Configuration Task Sequence 1 Configuring access list 1 Configuring a numbered standard IP access list 2 Configuring an numbered extended IP access list...

Page 269: ...eated using this number access list num deny permit tcp sIpAddr sMask any source host source sIpAddr s port sPort dIpAddr dMask any destination host destination dIpAddr d port dPort ack fin psh rst sy...

Page 270: ...extended IP access list a Create an extended IP access list basing on nomenclatur Command Explanation Global Mode ip access extended name no ip access extended name Creates an extended IP access list...

Page 271: ...r sMask any source host source sIpAddr dIpAddr dMask any destination host destination dIpAddr precedence prec tos tos Creates an extended name based IP access rule for other IP protocols the no form c...

Page 272: ...ny destination host destination dIpAddr d port dPort precedence prec tos tos access list num deny permit eigrp gre igrp ipinip ip int sIpAddr sMask any source host source sIpAddr dIpAddr dMask any des...

Page 273: ...r is the source IP address in decimal format sMask is the mask complement for source IP in decimal format Command mode Global Mode Default No IP address is configured by default Usage Guide When the u...

Page 274: ...s 1 8 a pure digit sequence is not allowed Command mode Global Mode Default No IP address is configured by default Usage Guide When this command is run for the first time only an empty access list wit...

Page 275: ...ion dIpAddr d port dPort ack fin psh rst syn urg precedence prec tos tos no deny permit udp sIpAddr sMask any source host source sIpAddr s port sPort dIpAddr dMask any destination host destination dIp...

Page 276: ...mand Mode named based standard IP ACL configuration mode Default No IP address is configured by default Example Allowing packets from 10 1 1 0 24 and denying packets from 10 1 1 0 16 Switch Config ip...

Page 277: ...4 ACL Troubleshooting Help 12 4 1 ACL Debug and Monitor Commands 12 4 1 1 show access lists Command show access lists num acl name Function Displays the access list configured Parameters acl name is...

Page 278: ...port Parameters name is the port name Default N A Command mode Admin Mode Usage Guide If no port is specified then ACL bound in all ports will be displayed Example Switch show access group interface...

Page 279: ...The number of ACLs that can be successfully bound depends on the content of the ACL bound and the hardware resource limit Users will be prompted if an ACL cannot be bound due to hardware resource lim...

Page 280: ...n add the new Numeric Standard IP ACL 12 5 2 Delete numeric IPACL Click Numeric ACL Configuration and then Delete Numeric ACL section to enter the configuration page it is equals to CLI command of 12...

Page 281: ...b category z IGMP type Regarding TCP numeric extended ACL there are three sub categories z Source port z Target port z TCP sign Regarding UDP numeric extended ACL there are two sub categories z Source...

Page 282: ...ic ACL Configuration The only difference users should change the ACL number to the ACL name This should be entered in ACL name not ACL number CLI command 12 2 2 6 There are seven sub sections of this...

Page 283: ...lated the configuration web page the configuration is the same with it is with numeric extended ACL The only difference is the ACL number needs to be changed to ACL name and entered into the ACL name...

Page 284: ...ter the configuration page Equal to CLI command 12 2 2 7 There are five items in this section z Port the target port to bind to ACL z ACL name the target ACL name to bind z Ingress Egress the target d...

Page 285: ...ot only add network s bandwidth but also provide link backup Port aggregation is usually used when the switch is connected to routers PCs or other switches Fig 14 1 Port aggregation As shown in the ab...

Page 286: ...cal port aggregation of any two switches maximum 8 port groups and 8 ports in each port group are supported Once ports are aggregated they can be used as a normal port ES4710BD has a built in aggregat...

Page 287: ...if the group number is already exist an error message will be given dst mac performs load balancing according to destination MAC src mac performs load balance according to source MAC dst src mac perfo...

Page 288: ...e consistent VLAN information Adding a port in active or passive mode enables LACP Ports of at least one end must be added in active mode if ports of both ends are added in passive mode the ports will...

Page 289: ...ssive mode All the ports should be connected with cables four connecting lines in the figure The configuration steps are listed below Switch1 config Switch1 Config interface eth 1 1 3 Switch1 Config P...

Page 290: ...Example As shown in the figure ports 1 2 3 of Switch 1 are access ports that belong to vlan1 Add those three port to group1 in on mode Ports 6 8 9 of Switch 2 are trunk port that allow all add the the...

Page 291: ...irst and re aggregated to form a new group Now all three ports in both Switch 1 and Switch 2 are aggregated in on mode and become an aggregated port respectively 13 4 Port Channel Troubleshooting Help...

Page 292: ...of the port ACTIVE lacp_aware enable begin FALSE port_enabled FALSE lacp_ena FALSE ready_n TRUE the attributes of the port are as follows mac_type ETH_TYPE speed_type ETH_SPEED_100M duplex_type FULL...

Page 293: ...to the group mac_type Port type standard Ethernet port and fiber optical distributed data interface speed_type Port speed type 10Mbps 100Mbps 1 000Mbps and 10Gbps duplex_type Port duplex mode full dup...

Page 294: ...ty LACP timeout 1 1 Aggregation 1 1 Synchronization Collecting Distributing Defaulted 1 1 Expired Selected Unselected Displayed information Explanation portnumber Port number port priority Port Priori...

Page 295: ...rt Mode 1 Ethernet1 1 active 2 Ethernet1 2 active Displayed information Explanation Port channels in the group If port channel does not exist the above information will not be displayed Number of port...

Page 296: ...n or removal Verify that port group is configured in the partner end and in the same configuration If the local end is set in manual aggregation or LACP the same should be done in the partner end othe...

Page 297: ...3 2 2 2 z group num z Port will be added or deleted z Port mode active passive or on z Operation type add port to group or remove port from group Fill up group num select Port and Port mode operation...

Page 298: ...entation of DHCP is shown below Fig 14 1 DHCP protocol interaction Explanation 1 DHCP client broadcasts DHCPDISCOVER packets in the local subnet 2 On receiving the DHCPDISCOVER packet DHCP server send...

Page 299: ...Disable DHCP server 2 Configure DHCP Address pool 1 Create Delete DHCP Address pool 2 Configure DHCP address pool parameters 3 Configure manual DHCP address pool parameters 3 Enable logging for addre...

Page 300: ...ures the address of the server hosting file for importing option code ascii string hex hex ipaddress ipaddress no option code Configures the network parameter specified by the option code lease days h...

Page 301: ...the name of the file to be imported up to 255 characters are allowed Command Mode DHCP Address Pool Mode Usage Guide Specify the name of the file to be imported for the client This is usually used for...

Page 302: ...mmand default router address1 address2 address8 no default router Function Configures default gateway s for DHCP clients the no default router command deletes the default gateway Parameters address1 a...

Page 303: ...hardware address hardware address Ethernet IEEE802 type number no hardware address Function Specifies the hardware address of the user when binding address manually the no hardware address command del...

Page 304: ...in host command to the client Example Specifying IP address 10 1 128 160 to be bound to user with hardware address 00 10 5a 60 af 12 in manual address binding Switch dhcp 1 config hardware address 00...

Page 305: ...ed address pool Parameters name is the address pool name up to 255 characters are allowed Command mode Global Mode Usage Guide This command is used to configure a DHCP address pool under Global Mode a...

Page 306: ...s8 no netbios name server Function Configures WINS servers address the no netbios name server command deletes the WINS server Parameters address1 address8 are IP addresses in decimal format Default No...

Page 307: ...he scope of addresses that can be used for dynamic assignment by the DHCP server one address pool can only have one corresponding segment This command is exclusive with the manual address binding comm...

Page 308: ...tch dhcp 1 config option 72 ip 10 1 128 240 14 2 2 19 service dhcp Command service dhcp no service dhcp Function Enables DHCP server the no service dhcp command disables the DHCP service Default DHCP...

Page 309: ...adcast packet to specified servers 14 3 1 DHCP Relay Configuration Task Sequence 1 Enable DHCP relay 2 Configure DHCP relay to forward DHCP broadcast packet 3 Configure DHCP relay to forward other UDP...

Page 310: ...onfig ip forward protocol udp 69 Switch Config interface vlan 1 Switch Config If Vlan1 ip helper address 192 168 1 5 14 3 2 2 ip helper address Command ip helper address ip address no ip helper addres...

Page 311: ...users a company is using ES4710BD as a DHCP server The Admin VLAN IP address is 10 16 1 2 16 The local area network for the company is divided into network A and B according to the office locations T...

Page 312: ...0 Switch Config ip dhcp pool B Switch dhcp B config network 10 16 2 0 24 Switch dhcp B config lease 1 Switch dhcp B config default route 10 16 2 200 10 16 2 201 Switch dhcp B config dns server 10 16 2...

Page 313: ...Config interface vlan 1 Switch Config If Vlan1 ip help address 10 1 1 10 Switch Config If Vlan1 exit Switch Config ip forward protocol udp 69 Switch Config interface vlan 1 Switch Config If Vlan1 ip h...

Page 314: ...dresses that have a binding record Command mode Admin Mode Usage Guide show ip dhcp binding command can be used to view binding information for IP addresses and corresponding DHCP client hardware addr...

Page 315: ...tatistics command all information is accumulated You can use the clear ip dhcp server statistics command to clear the count for easier statistics checking Example clearing the count for DHCP server Sw...

Page 316: ...ation IP Address Conflicting IP address Detection method Method in which the conflict is detected Detection Time Time when the conflict is detected 14 5 1 6 show ip dhcp server statistics Command show...

Page 317: ...DISCOVER Number of DHCPDISCOVER packets DHCPREQUEST Number of DHCPREQUEST packets DHCPDECLINE Number of DHCPDECLINE packets DHCPRELEASE Number of DHCPRELEASE packets DHCPINFORM Number of DHCPINFORM pa...

Page 318: ...take effect furthermore in manual binding only one IP MAC binding can be configured in a pool If multiple bindings are required multiple manual pools can be created and IP MAC bindings set for each po...

Page 319: ...CP client node type Configures the DHCP client node type broadcast node is broadcast type Hybrid node is first peer to peer then broadcast mixed type Mixed node is first broadcast then peer to peer Pe...

Page 320: ...2 address3 etc Example Select DHCP pool name as 1 configure Gateway 1 as 10 128 1 3 configure Gateway 2 as 10 128 1 100 and then click the Apply button to apply this configuration to the switch 14 6 2...

Page 321: ...pool z WINS server WINS server system maximum support configure 8 WINS server address the headmost configured WINS server address has the higher priority so the address1 has the highest priority then...

Page 322: ...nfiguration Click DHCP configuration DHCP server configuration DHCP network parameter configuration to specify network parameters Same as CLI command 14 2 2 18 z DHCP pool name Choose one DHCP address...

Page 323: ...e address as 00 00 e2 3a 26 04 configure Client IP as 10 1 128 160 configure Client network mask as 255 255 255 0 configure User name as 00 00 e2 3a 26 04 and then click Add to apply the configuration...

Page 324: ...display DHCP server statistics information of all kinds of DHCP data packets Same as CLI command 14 5 1 3 14 6 3 DHCP relay configuration Click DHCP configuration DHCP server configuration DHCP packet...

Page 325: ...is configuration to switch When layer 3 switch is working as DHCP relay to configure the relay forwarding policy as non forwarding DHCP messages click the Apply button This will close the switch s DHC...

Page 326: ...s log Click DHCP configuration DHCP debugging Delete DHCP server statistics log Deletes the DHCP server statistics log to make DHCP server tally clear Example Click Apply button to clear the DHCP serv...

Page 327: ...who do not require full NTP functions it is a subset of NTP It is common practice to synchronize the clocks of several hosts in local area network with other NTP hosts through the Internet and use tho...

Page 328: ...ime Function Sets the interval for SNTP clients to send requests to NTP SNTP the no sntp polltime command cancels the polltime sets and restores the default setting Parameters interval is the interval...

Page 329: ...onization which is done through two redundant SNTP NTP servers For time to be synchronized the network must be properly configured There should be reachable route between any ES4710BD and the two SNTP...

Page 330: ...information Parameters adjust stands for SNTP clock adjustment information packet for SNTP packets select for SNTP clock selection Command mode Admin Mode Example Displaying debugging information for...

Page 331: ...tion Time difference to configure the SNTP client time zone and UTC time difference Same as CLI command 15 1 3 z Time zone configures time zone z Time difference configures time difference z Add means...

Page 332: ...carried in Layer 3 IPv4 packet headers to symbolize the service type of IP packets The ToS field can be IP Precedence value or DSCP value Fig 16 2 ToS priority IP Precedence IP priority classification...

Page 333: ...data and e business data transmission this best effort method cannot satisfy the bandwidth and low latency requirement Based on differentiated service QoS specifies a priority for each packet at the i...

Page 334: ...t below explains this in detail Sorts the packet traffic according to the classification info and ACLs and converts classification info to DSCP values Decides whether the traffic is in profile or out...

Page 335: ...down The following flowchart describes the operations during policing and remarking Star IP non IP packets Reads ingress classification configuration info Trust CoS value IP non IP packets Trust IP pr...

Page 336: ...ding to the CoS value while the scheduling operation performs packet forwarding according to the prioritized queue weight The following flowchart describes the operations during queuing and scheduling...

Page 337: ...st be enabled first in Global Mode to configure other QoS commands 2 Configure class map Start Read packet DSCP and convert it to CoS according to DSCP to CoS mapping Finish Discard packets until queu...

Page 338: ...Configures queue out to PQ or WRR sets the proportion of the 8 egress queues bandwidth and mapping from internal priority to egress queue 6 Configure QoS mapping Configures the mapping from CoS to DSC...

Page 339: ...policed dscp transmit Configures a policy to classify traffic data stream exceeding the limit will be dropped or degraded the no police rate kbps burst kbyte exceed action drop policed dscp transmit...

Page 340: ...the no mls qos dscp mutation dscp mutation name command restores the DSCP mutation mapping default 5 Configure queue out method and weight Command Explanation Interface Mode wrr queue bandwidth weight...

Page 341: ...provides 8 queues to handle traffics of 8 priorities This function cannot be used with the traffic control function Example Enabling and then disabling the QoS function Switch Config mls qos Switch Co...

Page 342: ...hing ACLs only permit rule can be set in the ACL Example Creating a class map named c1 setting the class map rule to match packets of IP precedence priority 0 and 1 Switch Config class map c1 Switch C...

Page 343: ...e new precedence is the new IP precedence value Default No value is assigned by default Command mode Policy class map configuration Mode Usage Guide Only traffic satisfying the matching criterion and...

Page 344: ...ses the no mls qos aggregate policer aggregate policer name command deletes the specified policy set Parameters aggregate policer name is the name of the policy set rate kbps is the average baud rate...

Page 345: ...cos port priority cos no mls qos trust Function Configures port trust the no mls qos trust command disables the current trust status of the port Parameters cos configures the port to trust CoS value...

Page 346: ...g Ethernet1 1 mls qos cos 5 16 2 2 12 service policy Command service policy input policy map name output policy map name no service policy input policy map name output policy map name Function Applies...

Page 347: ...of mu1 Switch Config interface ethernet 1 1 Switch Config Ethernet1 1 mls qos trust dscp pass through cos Switch Config Ethernet1 1 mls qos dscp mutation mu1 16 2 2 14 wrr queue bandwidth Command wrr...

Page 348: ...ueue out ranging from 0 7 up to 8 values are supported Default Default CoS to Egress Queue Map when QoS is Enabled CoS Value 0 1 2 3 4 5 6 7 Queue Selected 1 2 3 4 5 6 7 8 Command mode Global Mode Usa...

Page 349: ...limited with space ranging from 0 to 63 policed dscp dscp list to mark down dscp defines DSCP mark down mapping where dscp list is a list of DSCP values containing up to 8 DSCP values mark down dscp a...

Page 350: ...espond to queue out 1 2 3 4 5 6 7 8 respectively If the incoming packet has no CoS value it is by default 5 and will be put in queue 6 All passing packets would not have their DSCP values changed Scen...

Page 351: ...ropped Scenario 3 Fig 16 7 Typical QoS topology As shown in the figure inside the block is a QoS domain switch1 classifies different traffic and assigns different IP precedence For example set IP prec...

Page 352: ...s trust ip precedence pass through cos 16 4 QoS Troubleshooting Help 16 4 1 QoS Debug and Monitor Commands 16 4 1 1 show mls qos Command show mls qos Function Displays global configuration information...

Page 353: ...the queue buffer setting on the port policers is the policy setting on the port queuing is the queue setting for the port statistics is the number of packets allowed to pass for in profile and out of...

Page 354: ...4 5 6 7 8 WFQ Displayed information Explanation Cos queue map CoS value to queue mapping Queue and weight type Queue to weight mapping QType WFQ or PQ queue out method Switch show mls qos interface p...

Page 355: ...cp mutation dscp mutation name for DSCP DSCP mutation dscp mutation name is the name of mutation ip prec dscp IP for IP precedence DSCP policed dscp is DSCP mark down mapping Default N A Command mode...

Page 356: ...s map name Default N A Command mode Admin Mode Usage Guide Displays all configured class map or specified class map information Example Switch show class map Class map name c1 Match acl name 1 Display...

Page 357: ...ed state by default the default queue weight values are 1 2 3 4 5 6 7 8 in order all QoS Map uses the default value CoS value 7 maps to queue 8 that has the highest priority and usually reserved for c...

Page 358: ...ick Apply 16 5 2 2 Class map configuration Click Class map configuration to enter the configuration page Equivalent to CLI command 16 2 2 3 Terms are described as following z Class map name z Match ac...

Page 359: ...Policy map priority configuration z Policy map bandwidth configuration z Add Remove aggregate policer z Apply aggregate policer 16 5 3 1 Add Remove policy map Click Add Remove policy map to enter the...

Page 360: ...configuration Click Policy map bandwidth configuration to entry configure page Equivalent to CLI command 16 2 2 7 Terms are described as following z Policy map name z Class map name z Rate average bau...

Page 361: ...e limited includes drop and policied dscp transmit the latter is by a mapping function between given DSCP and corresponding policy and mark the DSCP into the packet To create the aggregate policer nam...

Page 362: ...lowing z Port z Port trust status including 9 cos cos and pass through dcsp 9 dcsp dcsp and pass through cos 9 ip precedence ip pre and pass through cos z Port priority z Reset Will set column as star...

Page 363: ...et port 1 1 and click Apply to finish 16 5 4 3 Apply policy map to port Click Apply policy map to port to enter the configuration page Equivalent to CLI command 16 2 2 12 Terms are described as follow...

Page 364: ...gress queue work mode configuration 3 Mapping CoS values to egress queues 16 5 5 1 Egress queue WRR weight configuration Click Egress queue WRR weight configuration to enter the configuration page Equ...

Page 365: ...ration Example Configure the port as priority queue mode chose port name first and then click Apply 16 5 5 3 Mapping CoS values to egress queue Click Mapping CoS values to egress queue to enter the co...

Page 366: ...5 DSCP mark down mapping These configurations are equivalent to CLI command16 2 2 17 16 5 6 1 CoS to DSCP mapping Click CoS to DSCP mapping to enter the configuration page Terms are described as foll...

Page 367: ...mapping to CoS value z Operation type Add or Remove Example To make DSCP value 20 map to CoS value 2 input the CoS value 2 and DSCP1 value 20 selecting Set for Operation type then click Apply 16 5 6 3...

Page 368: ...value 2 to map to DSCP value 20 input the DSCP value 20 into the IP precedence value 2 column selecting Set for Operation type then click Apply 16 5 6 5 DSCP mark down mapping Click DSCP mark down map...

Page 369: ...eatly improved even to line speed 17 1 Layer 3 Interface 17 1 1 Introduction to Layer 3 Interface Layer 3 interface can be created on ES4710BD Layer 3 interface is not physical interface but a virtual...

Page 370: ...creation of the VLAN interface Layer 3 interface interface vlan command can still be used to enter Layer 3 interface mode Example Creating a VLAN interface layer 3 interface Switch Config interface vl...

Page 371: ...route to simplify the aggregation result This method has the benefit of more effectively simplifying the aggregation result However while adding a virtual default route to the chip segment route tabl...

Page 372: ...Max 0 TcpRtoMin 0 UDP statics UdpInDatagrams 0 UdpInErrors 0 UdpNoPorts 0 UdpOutDatagrams 0 Displayed information Explanation IP statistics IP packet statistics Rcvd 290 total 44 local destinations 0...

Page 373: ...atistics UDP statistics UDP packet statistics 17 2 3 1 2 debug ip packet Command debug ip packet no debug ip packet Function Enable the IP packet debug function the no debug IP packet command disables...

Page 374: ...rp ip_address mac_address ethernet portName no arp ip_address Configures a static ARP entry the no arp ip_address command deletes a static ARP entry 2 Configure proxy ARP Command Explanation ip proxy...

Page 375: ...destination network is reachable before responding to the ARP request ARP request will only be responded if the destination is reachable Note the ARP request matching default route will not use proxy...

Page 376: ...mmand clear arp cache Function Clears arp table Parameters N A Command mode Admin Mode Usage Guide Clears the content of current ARP table but it does not clear the current static ARP table Example Sw...

Page 377: ...Click L3 interface configuration to enter L3 port related configuration z Click IP route Aggregate configuration to enter IP routing aggregate configuration z Click ARP configuration to enter ARP rela...

Page 378: ...e L3 port of static AP selected from the drop down menu z Port Specifies the L2 port of static ARP selected from the drop down menu 17 4 3 2 Clear ARP Click Clear ARP cache to delete all dynamic ARP i...

Page 379: ...a host static route cannot be changed freely Static route is simple and consistent and can limit illegal route modification and is convenient for load balance and route backup However as this is set m...

Page 380: ...routes of different priority to the same destination the layer 3 switch will choose one route for IP packet forwarding according to the priority order To avoid too large of a route table a default ro...

Page 381: ...te Configuration 18 2 3 1 Static Route Configuration Task Sequence 1 Static Route Configuration 2 Default Route Configuration 1 Static Route Configuration Command Explanation Global Mode ip route ip_a...

Page 382: ...route Switch Config ip route 1 1 1 0 255 255 255 0 2 1 1 1 Example 2 adding a default route Switch Config ip route 0 0 0 0 0 0 0 0 2 2 2 1 18 2 3 2 2 show ip route Command show ip route dest destinat...

Page 383: ...ASE Route introduced by OSPF B BGP derived BGP route the route obtained through BGP protocol Destination destination network Mask Mask of the destination network Nexthop Next hop IP address Interface...

Page 384: ...Switch 3 Switch config Next hop use the partner IP address Switch Config ip route 10 1 1 0 255 255 255 0 10 1 2 1 Next hop use the partner IP address Switch Config ip route 10 1 4 0 255 255 255 0 10 1...

Page 385: ...layer 3 switches at regular interval A layer 3 switch will build their own route selecting information table based on the information they receive from neighboring layer 3 switches Then it will send...

Page 386: ...icast Both RIP I and RIP II packets are accepted Each layer 3 switch running RIP has a route database which contains all route entries for reachable destinations the route table is built based on this...

Page 387: ...RIP update timeout and hold down 3 Configure RIP I RIP II switch 1 Configure the RIP version to be used in all ports 2 Configure the RIP version to send receive in all ports 3 Configure whether to ena...

Page 388: ...ode default metric value no default metric Sets the default route metric for route to be introduced the no default metric command restores the default setting redistribute static ospf bgp metric value...

Page 389: ...ng no rip checkzero Enables zero fields verification to RIP I packets refuses to process if non zero zero field the no rip checkzero command cancels this check for zero field timer basic update invali...

Page 390: ...is widely used for its simple configurations RIP exchanges routing information by UDP packet advertisement route update information is sent every 30 seconds It uses hop number as the standard for choo...

Page 391: ...he RIP version to RIP II and disables route aggregation Switch Config router rip Switch Config Router Rip version 2 Switch Config Router Rip no auto summary Related command version 18 3 2 2 2 default...

Page 392: ...nd conventional MD5 Default The default setting is text authentication Command mode Interface Mode Usage Guide RIP I does not support authentication RIP II supports 2 authentication methods text authe...

Page 393: ...s on the interface Default Receiving RIP packet is enabled by default Command mode Interface Mode Usage Guide This command is used with the other two commands ip rip output and ip rip work ip rip work...

Page 394: ...nterface sends RIP II packets by MC multicast by default packets are only broadcasted when BC is set on the interface Default RIP II packets are sent by default Command mode Interface Mode Usage Guide...

Page 395: ...lue the default metric value is used Command mode RIP configuration Mode Usage Guide Use this command to introduce routes of other routing protocols as RIP routes to improve RIP performance Example Se...

Page 396: ...uide Each routing protocol has its own priority the value of which is decided by the specific routing policy The priority determines the best route of what routing protocol will be the route in the co...

Page 397: ...ould be at least greater than RIP update time and the holddown time should also be greater than RIP update interval and must be integer multiples of the RIP update interval Example Setting the RIP rou...

Page 398: ...etric value neighbour is The neighbor layer 3 switch connecting to this RIP switch Preference RIP routing priority rip version information Displays the version information for RIP including the RIP ve...

Page 399: ...ables the RIP packet debugging function for sending receiving the no debug IP packet command disables this debugging function Default Debugging is disabled by default Command mode Admin Mode Example S...

Page 400: ...acket from 159 226 42 1 rip packet cmd 2 version 1 00 03 59 start at 238 received a rip packet from 11 11 11 2 rip packet cmd 2 version 1 00 03 59 rip receive response packet head 14872964 packet end...

Page 401: ...dway metric 1 159 222 0 0 0 0 0 0 0 0 0 0 2 2 11 11 11 2 0 0 0 0 0 0 0 0 2 18 3 3 Typical RIP Scenario SW I TC H A SW I TC H B SW I TC H C vl an2 20 1 1 2 24 vl an1 10 1 1 2 24 vl an1 10 1 1 1 24 vl a...

Page 402: ...eceive RIP packets SwitchA Config interface vlan 1 SwitchA Config If vlan1 ip rip work SwitchA Config If vlan1 exit Enable vlan2 to send receive RIP packets SwitchA Config If vlan2 ip rip work SwitchA...

Page 403: ...how ip rip Displays the current running status and configuration information for RIP The user can decide whether the configurations are correct or not and perform RIP troubleshooting according to the...

Page 404: ...stination Mask Nexthop Interface Pref C 2 2 2 0 255 255 255 0 0 0 0 0 vlan1 0 R 7 7 7 0 255 255 255 0 2 2 2 8 vlan2 100 R stands for RIP route i e the RIP route with the destination network address of...

Page 405: ...80 seconds that switch is considered failed or unreachable The route of that switch will be kept in the route table for another 120 seconds before deleting As a result if a RIP route is deleted wait 3...

Page 406: ...e next neighbor flooding 6 Since a routing database is not recalculated before the layer 3 switch forwards LSA flooding the converging time is greatly reduced One major advantage of link state routing...

Page 407: ...be connected to the 0 area logically and the 0 area must be online For this reason the concept of virtual connection is introduced to the backbone area so that physically separated areas still have lo...

Page 408: ...on about the autonomous system can be recorded As a result the route table of each layer 3 switch is different OSPF protocol was developed by the IETF and OSPF v2 widely used now is accordance to the...

Page 409: ...switch ID optional OSPF protocol configuration mode no network network mask area area_id advertise notadvertise Defines several segments in an area to a network scope the no network network mask area...

Page 410: ...ocol configuration mode default redistribute type 1 2 no default redistribute type Sets the default route weight for route to be introduced the no default metric command restores the default setting d...

Page 411: ...ointerval time deadinterval time retransmit time transitdelay time no virtuallink neighborid router_id transitarea area_id Creates and configures virtual link the no virtuallink neighborid router_id t...

Page 412: ...cost no default redistribute cost Function Sets the default cost for introducing exterior routes into OSPF the no default redistribute cost command restores the default setting Parameters cost is the...

Page 413: ...er of routes allowed in one route introduction ranging from 1 to 65535 Default The default exterior route allowed to be introduced in OSPF is 100 Command Mode OSPF protocol configuration mode Usage Gu...

Page 414: ...hentication simple auth_key md5 auth_key key_id no ip ospf authentication Function Configures the authentication method for the interface to accept OSPF packets the no ip ospf authentication command c...

Page 415: ...d send with it For OSPF protocol to run properly the dead interval parameter between the interface and a neighbor layer 3 switch must be the same and be at least four times of the hello interval value...

Page 416: ...ancels the setting Default The interface receives sends OSPF packets by default Command mode Interface Mode Example Setting Ethernet interface vlan1 to receive OSPF packet only Switch Config If Vlan1...

Page 417: ...a layer 3 switch and return Example Setting the re authentication time of LSA for interface vlan1 to 10 seconds Switch Config If Vlan1 ip ospf retransmit 10 18 4 2 2 14 ip ospf transmit delay Command...

Page 418: ...the priority value ranging from 1 to 255 Default The default priority of OSPF protocol is 110 the default priority to introduce exterior route is 150 Command Mode OSPF protocol configuration mode Usag...

Page 419: ...in decimal format Default No layer 3 switch ID number is configured by default an address from the IP addresses of all the interfaces is selected to be the layer 3 switch ID number Command mode Globa...

Page 420: ...a virtual link the no virtuallink neighborid router_id transitarea area_id command deletes a virtual link Parameters router_id is the ID for the virtual link neighbor in decimal format area_id is the...

Page 421: ...etmask255 255 252 0 LSRefreshTime is1800 Displayed information Explanation my router ID The ID of the current layer 3 switch preference Routing protocol priority ase perference Exterior routes priorit...

Page 422: ...tes 18 4 2 2 24 show ip ospf cumulative Command show ip ospf cumulative Function Displays OSPF statistics Default Nothing displayed by default Command mode Admin Mode Example Switch show ip ospf cumul...

Page 423: ...twork router summary Function Display OSPF link state database information Default Nothing displayed by default Command mode Admin Mode Usage Guide OSPF link state database information can be checked...

Page 424: ...1 11 4 1 0 2147483669 0 33875 Router LSA 11 11 2 1 11 11 2 1 1 2147483698 1 6777215 14 14 14 1 14 14 14 1 1 2147483662 1 14831 11 11 4 1 11 11 4 1 0 2147483669 0 33875 Network LSAs LS ID ADV rtr Age S...

Page 425: ...ch show ip ospf interface vlan 1 IP address 11 11 4 1 Mask 255 255 255 0 Area 0 Net type BROADCAST cost 1 State IBACKUP Type BDR Priority 1 Transit Delay 1 DR 11 11 4 2 BDR 11 11 4 1 Authentication ke...

Page 426: ...ommand Example Switch show ip ospf neighbor interface ip 12 1 1 1 area id 0 router id 12 1 1 2 router ip addr 12 1 1 2 state NFULL priority 1 DR 12 1 1 2 BDR 12 1 1 1 last hello 59006 last exch 49717...

Page 427: ...g AS internal routes Destination Area Cost Dest Type Next Hop ADV rtr 60 2 127 0 0 7 DTYPE_NET 12 1 1 2 6 1 1 2 60 1 132 0 0 7 DTYPE_NET 12 1 1 2 6 1 1 2 60 4 67 0 0 7 DTYPE_NET 12 1 1 2 6 1 1 2 60 3...

Page 428: ...tag 2147483648 area ID 1 interface count 2 7times spf has been run for this area net range LSRefreshTime is1800 RIP information rip is shutting down Displayed information Explanation OSPF is running T...

Page 429: ...ement debug function the no debug ip ospf lsa command disables the debug function Default Debugging is disabled by default Command mode Admin Mode 18 4 2 2 33 debug ip ospf packet Command debug ip osp...

Page 430: ...switch Switch1 and Switch5 make up OSPF area 0 layer 3 switch Switch2 and Switch3 form OSPF area 1 assume vlan1 interface of layer 3 switch Switch1 belongs to area 0 layer 3 switch Switch4 forms OSPF...

Page 431: ...re the IP address for interface vlan1 and vlan2 Switch2 config Switch2 Config interface vlan 1 Switch2 Config if vlan1 ip address 10 1 1 2 255 255 255 0 Switch2 Config if vlan1 no shut down Switch2 Co...

Page 432: ...ch4 Config if vlan3 ip address30 1 1 2 255 255 255 0 Switch4 Config if vlan3 no shut down Switch4 Config if vlan3 exit Enable OSPF protocol configure the OSPF area interfaces vlan3 resides in Switch4...

Page 433: ...N 9 N 10 N 4 N 2 N 15 N 14 N 7 N 12 N 13 N 11 D om ai n 0 SW I TC H 1 SW I TC H 2 SW I TC H 3 SW I TC H 4 SW I TC H 5 SW I TC H 6 SW I TC H 9 SW I TC H 12 SW I TC H 11 SW I TC H 10 SW I TC H 7 SW I TC...

Page 434: ...ch8 and Switch10 is cut down the backbone area will become discontinued The backbone area can become more robust by establishing a virtual link between backbone layer 3 switches Switch7 and Switch10 I...

Page 435: ...lan2 Switch2 config Switch2 Config interface vlan 2 Switch2 Config If Vlan2 ip address 10 1 1 2 255 255 255 0 Switch2 Config If Vlan2 exit Enable OSPF protocol configure the area number for interface...

Page 436: ...Switch3 Config interface vlan 1 Switch3 Config If Vlan1 ip address 10 1 5 1 255 255 255 0 Switch3 Config If Vlan1 ip ospf enable area 0 Configure MD5 key authentication Switch3 Config If Vlan1 ip ospf...

Page 437: ...n be checked Show ip ospf ase Displays exterior OSPF routing information Show ip ospf cumulative Displays OSPF statistics Show ip ospf database Displays OSPF link state database information Show ip os...

Page 438: ...he hops for output from the port export tag The route tag for output from the port area ID interface count imes spf has been run for this area net range OSPF area number including statistics for inter...

Page 439: ...r OSPF route i e the OSPF route with the destination network address of 5 1 17 0 network mask of 255 255 255 0 the next hop address of 12 1 1 2 and the forwarding interface of Ethernet vlan12 The prio...

Page 440: ...SE 3 AS internal route 4 AS external route 0 Displayed information Explanation IO cumulative Statistics for OSPF packets in out type Packet type including HELLO packet DD packet LS request update and...

Page 441: ...1 2 255 11 11 4 1 0 2147483649 1 6777215 11 11 3 255 11 11 4 1 0 2147483680 1 6777215 ASBR Summary LSAs LS ID ADV rtr Age Sequence Cost Checksum ASBR s Rtr ID Area 2 Area ID 1 Router LSAs LS ID ADV rt...

Page 442: ...rk LSAs Network LSA Summary Network LSAs Summary network LSA ASBR Summary LSAs Autonomous system exterior LSA 6 show ip ospf interface The show ip ospf interface command can be used to display the OSP...

Page 443: ...show ip ospf neighbor command can be used to display information about the neighbor OSPF layer 3 switches For example displayed information can be Switch show ip ospf neighbor interface ip 12 1 1 1 a...

Page 444: ...11 11 4 1 11 11 4 2 11 11 2 0 1 2 0 11 11 1 2 11 11 2 1 11 11 3 0 1 11 0 11 11 1 3 14 14 14 1 AS external routes Destination Cost Dest Type Next Hop ADV rtr Displayed information Explanation AS inter...

Page 445: ...OSPF Troubleshooting Help In configuring and using OSPF protocol the OSPF protocol may fail to run properly due to reasons such as physical connection failure or incorrect configuration The user shou...

Page 446: ...ion to configure static route 18 5 1 1 Static route configuration Click Static route configuration to enter the configuration page Equivalent to CLI command 18 2 3 2 1 including z Destination IP addre...

Page 447: ...and 18 3 2 2 17 z Enable RIP Enables RIP and Disables RIP Example Select Enable RIP and click Apply button to enable RIP 18 5 2 1 2 Enable port to receive transmit RIP packet Click Enable port to ente...

Page 448: ...umns select port 18 5 2 2 3 RIP imported route Click RIP port imported route to enter the configuration page z Port specifies port z Receiving RIP version sets up port receiving RIP version Includes v...

Page 449: ...ng version1 version2 and Cancel means default Equivalent to CLI command 18 3 2 2 19 z Auto summary configures route aggregate function including set and cancel Equivalent to CLI command 18 3 2 2 1 z R...

Page 450: ...OSPF TX parameter configuration configures OSPF forwarding packet parameter z Imported route parameter configuration configures OSPF imported route parameter z Other parameter configuration configures...

Page 451: ...itch Example 18 5 3 1 3 OSPF network range configuration Click OSPF network range configuration to enter the configuration page Equivalent to CLI command 18 4 2 2 15 z Network network IP address z Net...

Page 452: ...authentication parameter configuration z Passive interface configuration Configures OSPF port as receiving packets only z Sending packet cost configuration configures the cost and timer parameter for...

Page 453: ...t needed for the OSPF protocol port Equivalent to CLI command 18 4 2 2 7 z Hello packet interval specifies the interval time to send a hello packet on the ports Equivalent to CLI command 18 4 2 2 10 z...

Page 454: ...2 2 4 z Default imported route cost Default imported route cost Equivalent to CLI command 18 4 2 2 1 z Imported route interval imported route interval Equivalent to CLI command 18 4 2 2 2 z Maximum im...

Page 455: ...ty configuration to enter the configuration page Equivalent to CLI command 18 4 2 2 16 z ASE yes means the priority level of specified imported OSPF external route no means the priority level for spec...

Page 456: ...set resets each column value to default in this page and this action will not change settings z Apply valid each column value This action will change settings z Default resets to default setting This...

Page 457: ...w ip ospf neighbor displays OSPF neighbor node information Equivalent to CLI command 18 4 2 2 27 z show ip ospf routing displays OSPF routing table information Equivalent to CLI command 18 4 2 2 28 z...

Page 458: ...ce is not necessarily a member of the multicast group When sending data to some multicast group the sender itself is not necessarily a receiver of that group Multiple sources are allowed to send packe...

Page 459: ...224 0 0 2 All multicast router address 224 0 0 3 Not for allocation 224 0 0 4 DVMRP router 224 0 0 5 OSPF router 224 0 0 6 OSPF DR 224 0 0 7 ST router 224 0 0 7 ST host 224 0 0 9 RIP II router 224 0...

Page 460: ...packet if a shared tree is used the source address is the root address of that shared tree When a multicast packet arrives at a router the packet will be forwarded according to the multicast forwardi...

Page 461: ...4 Index 2006 State 13 localaddr 2 1 1 1 remote 2 1 1 1 Name Vlan3 Index 2007 State 13 localaddr 3 1 1 1 remote 3 1 1 1 Group Origin Iif Wrong Oif TTL 225 1 1 101 1 1 1 100 Vlan1 0 2006 1 2007 1 239 25...

Page 462: ...ce list Hence a shortest path tree SPT rooted by source S is established The prune process is initiated by leaf routers first The above procedures are referred to as the Flooding Prune process A timeo...

Page 463: ...protocol the no ip pim dense mode command disables PIM DM protocol required 2 Configure PIM DM sub parameters 1 Configure PIM DM interface parameters a Configure PIM DM HELLO packet interval Command E...

Page 464: ...meters query interval is the interval for sending PIM DM HELLO packets ranging from 1 to 18724s Default The default interval for sending PIM DM HELLO is 10 seconds econds Command mode Interface Mode U...

Page 465: ...ace vlan2 Switch Config If Vlan1 ip pim dense mode 2 Configuration of SwitchB Switch Config interface vlan 1 Switch Config If Vlan1 ip pim dense mode Switch Config If Vlan1 exit Switch Config interfac...

Page 466: ...BIT Proto DVMRP 0x2 PIM 0x8 PIMSM 0x10 PIMDM 0x20 Flags RPT 0x1 WC 0x2 SPT 0x4 NEG CACHE 0x8 JOIN SUPP 0x10 Downstream IGMP 0x1 NBR 0x2 WC 0x4 RP 0x8 STATIC 0x10 PIMDM Group Table inodes 7 routes 4 5...

Page 467: ...e Expires DR state 2 1 1 1 Vlan1 2005 00 25 17 00 01 15 9 1 1 6 Vlan2 2006 00 25 09 00 01 35 DR 5 1 1 4 Vlan3 2007 00 25 01 00 01 38 DR Switch Displayed information Explanation Neighbor Address Neighb...

Page 468: ...de If detailed information about PIM packets etc is required this debugging command can be used Example Switch debug ip pim 00 15 45 PIM Send v2 Hello on vlan1 holdtime 105 00 15 45 PIM Send v2 Hello...

Page 469: ...is omitted here 1 RP shared tree RPT generation When a host joins a multicast group G the leaf route directly connected with the host learns the presence of recipient of multicast group G through IGM...

Page 470: ...SM Configuration Task Sequence 1 Enable PIM SM protocol Basic configuration of PIM SM routing protocol on ES4710BD series switches is quite simple just enable PIM SM in the appropriate interfaces Com...

Page 471: ...up list access list interval interval no ip pim rp candidate ifname This command is a global candidate RP configuration command It is used to configure information for PIM SM candidate RP and to conte...

Page 472: ...ommands for interface BSR border It is used to configure the border for PIM SM area to prevent BSR message flooding outside the local PIM SM area In other words BSR messages inside the local PIM SM ar...

Page 473: ...d to configure information for PIM SM candidate BSR and to contend for the BSR router with the other candidate BSRs The switch will be a BSR candidate router only when this command is configured Examp...

Page 474: ...A SWITCHB E t hernet 1 1 vl an1 E t hernet 1 1 vl an1 E t hernet 1 2 vl an2 rp E t hernet 1 2 vl an2 E t hernet 1 2 vl an2 E t hernet 1 2 vl an2 bsr E t hernet 1 1 vl an1 E t hernet 1 1 vl an1 E t her...

Page 475: ...Vlan3 ip pim sparse mode Switch Config If Vlan3 exit Switch Config ip pim bsr candidate vlan2 30 10 4 Configuration of SWITCHD Switch Config interface vlan 1 Switch Config If Vlan1 ip pim sparse mode...

Page 476: ...ace Default No display by default Command mode Admin Mode Function Displaying PIM information of interface vlan 2 Switch show ip pim interface vlan2 Switch Interface Vlan2 192 3 1 2 owner is pimsm Vif...

Page 477: ...0 10 18 00 03 18 Incoming interface Vlan1 RPF Nbr 0 0 0 0 pref 0 metric 0 Outgoing interface list Vlan2 protos 0x2 UpTime 00 10 18 Exp 00 03 18 Switch Displayed information Explanation 192 1 1 1 225 0...

Page 478: ...related information Parameters mapping displays the group address and RP association group address is the group address Default No display by default Command mode Admin Mode Function Displaying the R...

Page 479: ...ers N A Default Disabled Command mode Admin Mode Usage Guide If detailed information about PIM candidate RP BSR packets etc is required this debugging command can be used Example Switch debug ip pim b...

Page 480: ...packet CIDR supported Comparing to unicast routing the multicast routing is a reversed route i e interest is in where the packet comes from instead of where it is going to This is why the route table...

Page 481: ...switch will first broadcast the multicast packet in all downstream interfaces interfaces in which other DVMRP switches have indicated dependency On receiving a prune message from a downstream switch t...

Page 482: ...ric value for DVMRP report packet b Configure DVMRP neighbor timeout time Command Explanation Interface Mode ip dvmrp metric metric_val no ip dvmrp metric Sets interval for sending DVMRP report packet...

Page 483: ...g Command Explanation Interface Mode ip dvmrp tunnel A B C D metric metric_val no ip dvmrp tunnel A B C D Configures tunneling to neighbor A B C D the no ip dvmrp tunnel command removes the tunnel to...

Page 484: ...received in an interval three times of the report interval that neighbor is considered to be timeout Example Enabling connectivity with CISCO neighbor 1 1 1 1 Switch Config interface vlan 1 Switch Con...

Page 485: ...ulation to determine upstream downstream conditions If a route metric in the local switch is greater than 32 or equal to 32 then this route is unreachable If after calculation the switch confirms itse...

Page 486: ...interval 20 19 5 2 2 7 ip dvmrp report interval Command ip dvmrp report interval time_val no ip dvmrp report interval Function Sets the interval for sending DVMRP report messages the no ip dvmrp repor...

Page 487: ...ic_val is the metric value for the tunneling interface ranging from 1 to 32 Default DVMRP tunneling is disabled by default the default value for metric_val is 1 Command mode Interface Mode Usage Guide...

Page 488: ...p 19 5 4 1 Monitor and Debug Commands 19 5 4 1 1 show ip dvmrp mroute Command show ip dvmrp mroute Function Displays the DVMRP packet forwarding entries Parameters N A Default Not displayed Command mo...

Page 489: ...or DVMRP neighbors Parameters ifname is the interface name i e displays neighbor information of the specified interface Default Not displayed Command mode Admin Mode Example Displays neighbor informat...

Page 490: ...ue state Route state active hold etc 19 5 4 1 4 show ip dvmrp tunnel Command show ip dvmrp tunnel ifname Function Displays information for a DVMRP tunnel Parameters ifname is the interface name i e di...

Page 491: ...35 DVMRP probe nbrs 192 168 1 11 01 18 09 40 DVMRP Send probe on vlan1 to 224 0 0 4 len 16 01 18 09 40 DVMRP probe Vers majorv 3 minorv 255 01 18 09 40 DVMRP probe flags PG 01 18 09 40 DVMRP probe ge...

Page 492: ...protocols use unicast routes to perform RPF check for this reason the unicast route correctness must be ensured DVMRP uses its own unicast route table use the show ip dvmrp route command to view that...

Page 493: ...re and specifies the multicast switch of the lowest IP address to be the querieer 2 Quit group mechanism added in IGMP v2 In IGMP v1 the hosts quits the multicast without giving any message to any mul...

Page 494: ...mode ip pim sparse mode Enables IGMP protocol the no pim sparse mode command disables IGMP protocol required 2 Configure IGMP sub parameters 1 Configure IGMP group parameters a Configure IGMP group fi...

Page 495: ...onse time Sets the maximum time for an interface to response to an IGMP query the no ip igmp query max response time command restores the default setting ip igmrp query timeout time_val no ip igmp que...

Page 496: ...nfig access list 1 permit 224 1 1 1 0 0 0 0 Switch Config access list 1 deny 224 1 1 2 0 0 0 0 Switch Config interface vlan 1 Switch Config If Vlan1 ip igmp access group 1 19 6 2 2 2 ip igmp join grou...

Page 497: ...g Parameters time_val is the maximum interface response time for IGMP queries ranging from 1 to 25 seconds Default The default value is 10 seconds Command mode Interface Mode Usage Guide On receiving...

Page 498: ...c group 224 1 1 1 then the local interface will keep receiving multicast packets about he group 224 1 1 1 regardless of whether there are receiver of not under the interface Note the difference betwee...

Page 499: ...m dense mode Switch Config If Vlan1 exit Switch Config interface vlan2 Switch Config If Vlan2 ip pim dense mode Switch Config If Vlan2 ip igmp version 1 Switch Config If Vlan2 ip igmp query timeout 15...

Page 500: ...nterface Parameters ifname is the interface name i e displays IGMP information of the specified interface Default Not displayed Command mode Admin Mode Example Displaying IGMP information of Ethernet...

Page 501: ...mrp2 for 0 0 0 0 02 17 38 58 IGMP Received membership query on dvmrp2 from 192 168 1 11 for 0 0 0 0 02 17 39 26 IGMP Send membership query on vlan1 for 0 0 0 0 02 17 39 26 IGMP Received membership que...

Page 502: ...c monitor command Example In multicast protocol public monitor mode click Show ip mroute to display IP multicast message forward item This is the same as CLI command 19 2 1 1 1 No additional parameter...

Page 503: ...er 3 interface PIM SM protocol 19 7 3 2 PIM SM parameter configuration Click PIM SM parameter configuration to configure PIM SM running parameter for a specific layer 3 interface This is the same as C...

Page 504: ...SR 19 7 3 5 Set router as RP candidate Click Set router as RP candidate to configure PIM SM candidate RP information to compete with other candidate RPs for RP router This is the same as CLI command 1...

Page 505: ...mand 19 5 2 2 and 19 5 2 2 5 z Vlan Port assigns layer 3 interface select from scroll bar menu z DVMRP report metric configuration Configures interface DVMRP report message metric This is the same as...

Page 506: ...Neighbor ip address remote neighbor IP address z Metric tunnel interface metric z Vlan Port assigns layer 3 interface select from scroll bar menu z Apply creates DVMRP tunnel to specific neighbor z De...

Page 507: ...age will appear when only configure one or many parameter it s not affected 19 7 5 2 IGMP version configuration Click IGMP version configuration to configure interface IGMP protocol version This is th...

Page 508: ...6 6 Show ip pim rp Click Show ip pim rp to display RP interrelated information of PIM This is the same as CLI command 19 4 4 1 5 19 7 6 7 Show ip dvmrp mroute Click Show ip dvmrp mroute to display DVM...

Page 509: ...2 1x is shown below Fig 20 1 802 1x architecture As shown in the above figure the IEEE 802 1x architecture consists of three parts Supplicant System user access devices Authenticator System access man...

Page 510: ...authorized devices will not be able to access the network In this way even if multiple terminals are connected via one physical port ES4710BD can still authenticate and manage each user access device...

Page 511: ...le no dot1x privateclient enable Enables the switch to force client software to use Edge Core s proprietary 802 1x authentication packet format the no dot1x privateclient enable command disables the f...

Page 512: ...ult setting dot1x timeout tx period seconds no dot1x timeout tx period Sets the interval for the supplicant to re transmit EAP request identity frame the no dot1x timeout tx period command restores th...

Page 513: ...tion host IPaddress command deletes the RADIUS server 3 Configure RADIUS Service parameters Command Explanation Global Mode radius server dead time minutes no radius server dead time Configures the re...

Page 514: ...ounting for the switch Switch Config aaa accounting enable 20 2 2 3 dot1x accept mac Command dot1x accept mac mac address interface interface name no dot1x accept mac mac address interface interface n...

Page 515: ...nction Command mode Global Mode and Interface Mode Default 802 1x function is not enabled in global mode by default if 802 1x is enabled under Global Mode 802 1x will not be enabled for the ports by d...

Page 516: ...r by the MAC address Only the authentication request initialed by the users in the dot1x address filter table will be accepted Example Enabling dot1x address filter function for the switch Switch Conf...

Page 517: ...Mode Default When 802 1x is enabled for the port force authorized is set by default Usage Guide If the port needs to provide 802 1x authentication for the user the port authentication mode should be...

Page 518: ...for supplicant is enabled the switch will re authenticate the supplicant at regular interval This function is not recommended for common use Example Enabling the periodical re authentication for authe...

Page 519: ...host Command radius server accounting host ip address port port number primary no radius server accounting host ip address Function Specifies the IP address and listening port number for RADIUS accoun...

Page 520: ...specify authentication port number which must be the same as the specified authentication port in the RADIUS server the default port number is 1812 If this port number is set to 0 the specified serve...

Page 521: ...e default value is 3 times Usage Guide This command specifies the retransmission time for a packet without a RADIUS server response after the switch sends the packet to the RADIUS server If authentica...

Page 522: ...port 1 2 is used to connect to RADIUS authentication server which has an IP address of 10 1 1 3 and use the default port 1812 for authentication and port 1813 for accounting IEEE 802 1x authenticatio...

Page 523: ...authentication and accounting server specified Example Switch show aaa config For Boolean value 1 stands for TRUE and 0 for FALSE AAA config data Is Aaa Enabled 1 Is Account Enabled 1 MD5 Server Key...

Page 524: ...the authentication server number and corresponding IP address UDP port number Primary server or not down or not and socket number accounting server sum The number of accounting servers accounting serv...

Page 525: ...information displays is used for troubleshooting by the technical support Example Switch show aaa authenticating user authenticating users User name Retry time Radius ID Port Eap ID Chap ID Mem Addr...

Page 526: ...status for corresponding port is displayed Parameters interface list is the port list If no parameter is specified information for all ports is displayed Command mode Admin Mode Usage Guide The dot1x...

Page 527: ...ress filter table dot1x EAPoR Authentication method used by the switch EAP relay EAP local end 802 1x is enabled on ethernet 1 Indicates whether dot1x is enabled for the port Authentication Method Por...

Page 528: ...802 1x authentication the above functions must be disabled If the switch is configured properly but still cannot pass through authentication connectivity between the switch and RADIUS server the swit...

Page 529: ...Status Enables disables switch AAA accounting function Disable Accounting disable accounting function Enable Accounting enable accounting function Equivalent to CLI command 20 2 2 2 z RADIUS key Confi...

Page 530: ...ID with range 0 65535 where 0 means it s not working as an authentication server z Primary authentication server Primary Authentication server is the primary server Non Primary Authentication server...

Page 531: ...server IP as 10 0 0 1 Accounting server port as default port choose Primary accounting server choose Operation type as Add accounting server and then click Apply button to add the accounting server 2...

Page 532: ...ose Re authenticate client periodically as Disable Re authenticate configure Holddown time for authentication failure as 1 configure Reauthenticate client interval as 1 configure Resending EAP request...

Page 533: ...click the Set button to apply this configuration to switch 20 5 2 3 802 1X port mac configuration Click Authentication configuration 802 1X configuration 802 1x port mac configuration to Add a MAC ad...

Page 534: ...CLI command 1 2 2 11 z Port assign port z 802 1x status port 802 1x status z Authentication type Authentication type z Authentication status Authentication status z Authentication mode Authentication...

Page 535: ...routers in the Standby cluster also have their own IP address Since VRRP runs on routes or Ethernet Switches only the Standby cluster is transparent to the hosts with the segment To them there exists...

Page 536: ...terface command removes the interface 3 Activate Deactivate Virtual Router Command Explanation VRRP protocol configuration mode enable Activates the Virtual Router disable Deactivates the Virtual Rout...

Page 537: ...otocol configuration mode circuit failover IFNAME Vlan ID no circuit failover Configures VRRP interface monitor the no circuit failover removes monitor to the interface 21 1 2 VRRP Configuration Comma...

Page 538: ...e IP address and a Master must be elected and the virtual IP should fall inside the segment of the interface IP addresses Example Setting the backup dummy IP address to 10 1 1 1 Switch Config Router V...

Page 539: ...thentication mode for outgoing VRRP packets on the interface the no ip vrrp authentication mode command restores the default VRRP authentication mode Parameters text set the VRRP authentication mode t...

Page 540: ...eemptive mode should be enabled Example Setting non preemptive VRRP mode Switch Config Router Vrrp preempt mode false 21 1 2 9 priority Commands priority value no priority Function Configures VRRP pri...

Page 541: ...al is three times that of adver_interval Extraordinary large traffic or timer setting differences between routers or L3 Ethernet switches may result in master_down_interval and invoke instant status c...

Page 542: ...HA SWITCHB Vlan 1 Vlan 1 Fig 20 1 VRRP Network Topology Configuration of SWITCHA SwitchA config interface vlan 1 SwitchA Config If Vlan1 ip address 10 1 1 5 255 255 255 0 SwitchA Config If Vlan1 exit...

Page 543: ...nterface is Vlan1 Configured priority is 255 Current priority is 255 Advertisement interval is 1 sec Preempt mode is TRUE Circuit failover interface Vlan1 Priority Delta 10 Status UP Displayed informa...

Page 544: ...te use show interface command Ensure VRRP is enabled on the interface Verify the authentication mode of different routers or L3 Ethernet switches in the same standby cluster are the same Verify the ti...

Page 545: ...P control to configure VRRP and enter VRRP Port Example Enter created Virtual Router number 1 and VLAN port IP 23 Click Apply to add port 23 to Virtual Router number 1 Click Remove to remove port 23 f...

Page 546: ...RP Interval Example Enter created Virtual Router number 1 and interval 3 Click Enable to set the interval of virtual router number 1 to 3 Click Disable to disable the interval of Virtual Router number...

Page 547: ...n1 authentication mode configuration 21 4 10 Configure Authentication String For VRRP Click VRRP control to enter VRRP AuthenString and configure VRRP authentication string Example Choose created Vlan...

Search results

Summary of Contents for ES4710BD

Reviews:

Related manuals for ES4710BD

Brands by name

Popular brands

Accton Technology ES4710BD, User Manual

Search results

Summary of Contents for ES4710BD

Reviews:

Related manuals for ES4710BD

Brands by name

Popular brands