Allied Telesis AT-8100L/8POE User Manual Download Page 234 | Manualshive

Page: 234 / 330

background image

Chapter 20: Access Control Lists (ACL)

234

Guidelines

Here are the ACL guidelines:



An ACL can have a permit, deny, or copy-to-mirror action. The permit
action allows ports to forward ingress packets of the designated traffic
flow, while the deny action causes ports to discard packets. The copy-
to-mirror action causes a port to copy all ingress packets that match
the ACL to the destination port for mirroring.



A port can have more than one ACL.



An ACL can be assigned to more than one port.



ACLs filter ingress packets on ports, but they do not filter egress
packets. As a result, you must apply ACLs to the ingress ports of the
designated traffic flows.



ACLs for static port trunks or LACP trunks must be assigned to the
individual ports of the trunks.



A port that has more than one ACL checks the ingress packets in the
order in which the ACLs are added and forwards or discards packets
at the first match. The order matters when applying ACLs to a port.



An ACL can have multiple filtering criteria. For example, an ACL filters
with a specific source IP address and UDP port number.



Because ports, by default, forward all ingress packets, permit ACLs
are only required in circumstances where you want ports to forward
packets that are subsets of larger packet flows that are blocked by
deny ACLs.

«
...
232
233
234
235
236
...
»

Summary of Contents for AT-8100L/8POE

Page 1: ...OE 26 25 26R 25R S2 S1 CONSOLE LINK ACT plus 50 49 50R 49R AT 8100S 48POE S2 S1 CONSOLE LINK ACT plus 2056 S2 S1 CONSOLE LINK ACT AT 8100S 16F8 SC 1 TX RX L A 2 TX RX L A 3 TX RX L A 4 L A TX RX 5 TX...

Page 2: ...ng University of Posts and Telecommunications All rights reserved Copyright c 2003 by Fabasoft R D Software GmbH Co KG All rights reserved Copyright c 2004 2006 by Internet Systems Consortium Inc ISC...

Page 3: ...is logo are trademarks of Allied Telesis Incorporated Microsoft and Internet Explorer are registered trademarks of Microsoft Corporation All other product names company names logos or other designatio...

Page 4: ......

Page 5: ...Page 33 Logging onto the CLI through the Console Port 33 Checking for the IP Addresses of the Switch in the CLI 34 Adding an IP Address to the Switch in the CLI 34 Checking the Status of HTTP and HTT...

Page 6: ...t 88 Specifying Direction Type 89 Deleting Port Mirroring Settings 91 Chapter 7 Spanning Tree Protocol on a Port 93 Overview 94 Displaying Port Spanning Tree Protocol Settings 95 Modifying Port Spanni...

Page 7: ...elines 164 Displaying IGMP Snooping Querier 165 Modifying IGMP Snooping Query Interval 167 Chapter 15 Power Over Ethernet PoE 169 Overview 170 Power Sourcing Equipment PSE 170 Powered Device PD 170 PD...

Page 8: ...18 Adding an IPv4 Address 219 Changing an IPv4 Address 220 Deleting an IPv4 Address 222 Displaying the IPv6 Interface 223 Adding an IPv6 Address 225 Changing IPv6 Addresses 227 Deleting IPv6 Addresses...

Page 9: ...ecting LLDP TLVs on a Port 290 Setting a Location Entry for the LLDP MED Location TLV 294 Creating a Civic Location Entry 294 Creating a Coordinate Location 298 Creating an Emergency Location Identifi...

Page 10: ...Contents 10...

Page 11: ...gure 23 Port Number 64 Figure 24 Switching Tab with Port Tab 65 Figure 25 Port Configuration Page 65 Figure 26 Port Configuration Modify Page 68 Figure 27 Storm Control List Page 71 Figure 28 Storm Co...

Page 12: ...Operating Mode 204 Figure 78 Multiple Supplicant Mode 205 Figure 79 802 1x Authentication Page 207 Figure 80 Modify 802 1x Authentication Page 208 Figure 81 Modify 802 1x Authentication Page Expanded...

Page 13: ...igure 128 Modify LLDP TLV Page 292 Figure 129 Locations Tab 295 Figure 130 LLDP Civic Location Page 295 Figure 131 LLDP Civic Location Page Add 296 Figure 132 LLDP Coordinate Location List Page 298 Fi...

Page 14: ...Figures 14...

Page 15: ...his preface contains the following sections Document Conventions on page 16 Where to Find Web based Guides on page 17 Contacting Allied Telesis on page 18 Caution The software described in this docume...

Page 16: ...s Note Notes provide additional information Caution Cautions inform you that performing or omitting a specific action may result in equipment damage or loss of data Warning Warnings inform you that pe...

Page 17: ...e User s Guide 17 Where to Find Web based Guides The installation and user guides for all of the Allied Telesis products are available for viewing in portable document format PDF from our web site at...

Page 18: ...and to contact Allied Telesis experts USA and EMEA phone support Select the phone number that best fits your location and customer type Hardware warranty information Learn about Allied Telesis warran...

Page 19: ...Browser Interface This chapter describes the types of management sessions using the AT 8100 Series management software and the web interface manager accounts See the following sections Management Sess...

Page 20: ...d from the factory with an IP address assigned and the web interface HTTP service enabled so that you can start the initial management session through the web interface To start the initial web manage...

Page 21: ...anager account with a username of manager and the default password of friend Both the username and password are case sensitive This account gives you access to all management modes and commands In the...

Page 22: ...Chapter 1 AT 8100 Series Version 2 2 5 0 Web Browser Interface 22...

Page 23: ...ge 25 Logging onto the Switch on page 27 What to Configure First on page 30 Starting a Web Management Session on page 32 Saving Your Changes on page 37 Ending a Web Management Session on page 38 For a...

Page 24: ...switch shipped from the factory is configured with HTTP service enabled HTTPS Mode Web browser management sessions of the switch conducted in the HTTPS mode are protected against snooping because the...

Page 25: ...sconnect your PC from a network and let your PC automatically set an IP address in the 169 254 0 0 16 network When a PC is disconnected from a network and no longer connected to a DHCP server Windows...

Page 26: ...Chapter 2 Starting a Management Session 26 3 Open a web browser on the PC and enter the following http 169 254 1 1 The AT 8100 Login page is displayed as shown in Figure 1 Figure 1 Login Page...

Page 27: ...b interface the AT 8100 Login page is displayed Enter manager in the User Name field and friend in the Password field as shown in Figure 2 Then click the Login button Figure 2 Login Page with Entries...

Page 28: ...Time Length of time since the switch was last reset or power cycled in days hours minutes and seconds Note Up Time is displayed on the top right corner of the screen The System section displays the f...

Page 29: ...ogging Indicates if the remote logging is enabled or disabled on the switch Spanning Tree Indicates if STP RSTP or MSTP is enabled on the switch The default setting is RSTP QoS Indicates if QoS is ena...

Page 30: ...istance For instructions on how to create additional management accounts see Adding a New User Account on page 52 Assigning a Name to the Switch The switch is easier to identify if you assign it a nam...

Page 31: ...e switch can have only one IPv6 address Your PC must have an IP address that belongs to the network where the management IP address belongs or have access to the network where the management IP addres...

Page 32: ...ement Software Command Line Interface User s Guide There are some cases in which you must configure the switch using the CLI to start a web management session The switch does not have an IP address as...

Page 33: ...n the CLI on page 34 3 Enabling HTTP or HTTPS Service in the CLI on page 35 4 Saving your Changes in the CLI on page 36 Logging onto the CLI through the Console Port To log onto the CLI through the co...

Page 34: ...ddress to the Switch in the CLI When the switch does not have an IP address assign an IP address and subnet mask to the switch The following example assigns the IP address 192 168 1 2 and the subnet m...

Page 35: ...e when HTTP is enabled HTTPS is disabled Enabling HTTP or HTTPS Service in the CLI To enable HTTP service on the switch enter the following commands awplus configure terminal awplus config service htt...

Page 36: ...Starting a Management Session 36 Saving your Changes in the CLI Save your changes to the startup configuration file by entering the following commands awplus copy running config startup config Or awp...

Page 37: ...guration file When you reboot the switch the information in the running configuration file is lost To save your changes after you reboot the switch do the following 1 Click SAVE Figure 8 shows the SAV...

Page 38: ...rting a Management Session 38 Ending a Web Management Session To end a web management session select LOGOUT at the top of the web page For an example see the System Contact Information page in Figure...

Page 39: ...etting the Switch Information on page 48 Managing the Configuration File on page 50 Managing Local User Accounts on page 52 Rebooting a Switch on page 57 Upgrading the Software on page 58 Displaying S...

Page 40: ...on of this protocol You can configure the management software to obtain the current date and time from a Network Time Protocol NTP or SNTP server located on your network or the Internet SNTP is a simp...

Page 41: ...rom the System tab hover over System Settings 4 Move the cursor to the right and select Time The System Time Settings page is displayed See Figure 10 Figure 10 System Time Settings Page 5 Select the N...

Page 42: ...ormat is xxx xxx xxx xxx where xxx is a decimal number from 0 to 255 Note If the local interface on the switch is obtaining its IP address and subnet mask from a DHCP server you can configure the serv...

Page 43: ...server whenever a change is made to any of the fields on this page 8 Click SAVE to save your changes to the startup configuration file Setting System Time Manually To set the system time manually do...

Page 44: ...ar Page a Use the arrows at the top of the Calendar to select the month and year b Set the time of day using the following format hh mm ss c Click on the day of the month 7 Click Apply 8 Click SAVE to...

Page 45: ...encryption key in the CLI interface Then you can enable the SSH server in the web interface To enable Telnet or SSH server on the switch do the following 1 From the home page hover the cursor over the...

Page 46: ...eck the checkbox to enable the switch to send status and error messages to a remote log server To disable the switch to send messages to a remote log server uncheck the checkbox Server IP Address Ente...

Page 47: ...following 1 Hover the cursor over the System tab 2 From the System tab hover over System Settings The System Settings tab is displayed See Figure 9 on page 41 3 Move the cursor to the right and selec...

Page 48: ...forming a configuration procedure on the wrong switch To assign a name contact person and location to the switch perform the following procedure 1 From the home page hover the cursor over the System t...

Page 49: ...managing the switch The name can be from 1 to 255 characters however only the first 50 characters are displayed on the Dashboard page Spaces and special characters such as dashes and asterisks are all...

Page 50: ...on page 51 Downloading a Configuration File onto Your PC on page 51 Displaying the Configuration Files To display a list of the configuration files on the switch do the following 1 From the Dashboard...

Page 51: ...From the System tab drop down menu select Configuration Files For an example of the Configuration Files page See Figure 15 on page 50 3 Click Download next to the file name that you want to download F...

Page 52: ...er account See the following Adding a New User Account on page 52 Changing a User Password on page 53 Changing the User Privilege on page 54 Deleting a User Account on page 55 The switch also supports...

Page 53: ...a user level of 15 have unrestricted access to the management software This is the default setting Level 1 Management accounts with a user level of 1 have restricted access to the management software...

Page 54: ...ot allowed 6 Re enter the new password in the Confirm New Password field 7 Click Set Password 8 Click SAVE to save your changes to the startup configuration file Changing the User Privilege To change...

Page 55: ...1 have restricted access to the management software Accounts with this level are allowed to view the settings on the switch but not allowed to change them 6 Click Set Privilege 7 Click SAVE to save yo...

Page 56: ...Basic Switch Parameters 56 Figure 20 User Management Page with Delete User Tab 4 Use the pull down menu to select a user 5 Click Delete User 6 Click SAVE to save your changes to the startup configura...

Page 57: ...er the System Tab 2 From the System tab drop down menu select Dashboard The Dashboard Page is displayed See Figure 3 on page 28 3 Select Reboot at the bottom of the page A confirmation prompt is displ...

Page 58: ...owing procedure 1 Open a new browser and enter the following http www alliedtelesis com support software The Allied Telesis Software Download page is displayed 2 Select your hardware product model fro...

Page 59: ...ashboard Page is displayed See Figure 3 on page 28 Note All unsaved changes are discarded when you upgrade the software on a switch To save your changes to the startup configuration file click SAVE 7...

Page 60: ...Chapter 3 Basic Switch Parameters 60 Note Upgrading the system software on the switch ends your current web browser management session To continue managing the switch you must log in again...

Page 61: ...Switch Information on page 48 Version Version number of the AT 8100 software The Services section displays the following information IPv6 Management Indicates if IPv6 Management is enabled or disable...

Page 62: ...d on the switch The Administration Options section displays the following information System Upgrade Click this link to go to the System Upgrade page to upgrade your system software See Upgrading the...

Page 63: ...ions Port Numbers on the Switch on page 64 Displaying the Port Parameters on page 65 Changing the Port Settings on page 67 Displaying the Storm Control Settings on page 71 Modifying the Storm Control...

Page 64: ...the switch ID even though the stand alone switch displays number 0 on the Stack ID LED The format of the port for stand alone AT 8100 Series switches is PORT1 0 n When the switch is part of a hardwar...

Page 65: ...he Switching tab is displayed See Figure 24 Figure 24 Switching Tab with Port Tab 2 From the Switching tab hover over Port The Port tab expands to the right 3 From the Port tab move the cursor to the...

Page 66: ...ring periods of packet congestion to temporarily stop its network counterpart from transmitting more packets This prevents a buffer overrun and the subsequent loss and retransmission of network packet...

Page 67: ...o the following 1 Hover the cursor over the Switching tab The Switching tab is displayed See Figure 24 on page 65 2 From the Switching tab hover over Port The Port tab expands to the right 3 From the...

Page 68: ...t page Spaces and special characters are allowed Status Select either Enabled or Disabled The default setting is enabled Disabling a port turns off its receiver and transmitter so that the port does n...

Page 69: ...ing at 1000 Mbps the only option is AUTO When operating at 10 or 100 Mbps in either half or full duplex mode the options are AUTO MDI and MDI X To forward traffic a port on the switch and a port on a...

Page 70: ...ontrol is disabled on the port Flow Control Limit 1 7935 Set the threshold level for flow control on the port Enter the number of cells for flow control A cell represents 128 bytes The range is 1 to 7...

Page 71: ...displayed See Figure 27 Figure 27 Storm Control List Page The following fields are displayed Interface Port ID Broadcast Indicates whether the Broadcast threshold setting is enabled or disabled Broadc...

Page 72: ...t is 33 554 431 packets Dlf Indicates whether the unknown unicast threshold setting is enabled or disabled Dlf Level Maximum number of ingress packets per second of unknown unicast packets the port re...

Page 73: ...ng tab is displayed See Figure 24 on page 65 2 From the Switching tab hover over Port The Port tab expands to the right 3 From the Port tab move the cursor to the right and select Storm Control The St...

Page 74: ...xceed the specified level This feature is disabled by default Enter the Level Enter the maximum number of ingress packets per second of multicast packets the port receives Multicast packets that excee...

Page 75: ...interface port statistics This chapter contains the following topics Displaying Port Statistics on page 76 Clearing Port Statistics on page 82 Reloading Statistics on page 83 For additional informatio...

Page 76: ...face Statistics on page 80 Displaying Transmit and Receive Port Statistics To display the transmit and receive statistics for all of the switch ports do the following 1 Hover the cursor over the Switc...

Page 77: ...port that contains 512 to 1023 bytes 1024 1518 Byte Frames Number of frames transmitted by the port that contains 1024 to 1518 bytes 1519 1522 Byte Frames Number of frames transmitted by the port tha...

Page 78: ...umber of frames with a cyclic redundancy check CRC error but with the proper length 64 1518 bytes received by the port FCS Error Frames Number of ingress frames that had frame check sequence FCS error...

Page 79: ...events seen by the receive side of the MAC Displaying Transmit Statistics To display the statistics on the Transmit Statistics tab do the following 1 Hover the cursor over the Switching tab The Switc...

Page 80: ...lision Late Collision Number of late collisions Excessive Collision Number of excessive collisions Total Collision Frames Total number of collisions on the port MAC Error Frames Number of frames not t...

Page 81: ...Rx Discard Packets Number of ingress packets that were discarded prior to transmission because of an error Rx IP Header Error Packets Number of ingress packets that were discarded because of an IP He...

Page 82: ...m the Switching tab hover over Port 3 Move the cursor to the right and select Statistics The Port Statistics Page with Tx Rx tab selected is displayed See Figure 29 on page 76 4 Select the desired Por...

Page 83: ...lues are changing so that the data displayed in the Port Statistics pages are not the most recent To display the latest data possible click on the Reload Page button on a Port Statistics page Figure 3...

Page 84: ...Chapter 5 Setting Port Statistics 84...

Page 85: ...d speed of the switch is not affected by the port mirroring feature This chapter provides a brief description of the port mirroring feature and explains how to display and set port mirroring See the f...

Page 86: ...ere can be only one destination port on the switch Here are guidelines for setting the port mirroring feature Port mirroring can have one destination port Port mirroring can have more than one source...

Page 87: ...Page The following fields are displayed Destination Port Use the pull down menu to select the port where the packets from the source ports are copied and where the network analyzer is connected You c...

Page 88: ...e Port tab is displayed 3 From the Port tab move the cursor to the right and select Mirroring from the drop down menu The Port Mirroring List page is displayed See Figure 34 on page 87 4 Select the pu...

Page 89: ...n menu The Port Mirroring List page is displayed See Figure 34 on page 87 4 Click Edit next to the port that you want to specify as a source port for mirroring The Modify Port Mirroring Page is displa...

Page 90: ...Chapter 6 Port Mirroring 90 6 Click Apply 7 Click SAVE to save your changes to the startup configuration file...

Page 91: ...by doing the following 1 Display the port mirroring assignments See Displaying Port Mirroring Settings on page 87 The Port Mirroring List page is displayed See Figure 34 on page 87 2 Select the pull d...

Page 92: ...Chapter 6 Port Mirroring 92...

Page 93: ...ption of the spanning tree protocols and explains how to set spanning tree on a port See the following sections Overview on page 94 Displaying Port Spanning Tree Protocol Settings on page 95 Modifying...

Page 94: ...takes to complete the process referred to as convergence When a change is made to the network topology such as the addition of a new bridge a spanning tree protocol determines whether there are redun...

Page 95: ...See Figure 36 Figure 36 Port Spanning Tree Settings Page The following fields are displayed Interface Port ID Configured Path Cost Cost of a port to the root bridge This cost is combined with the cost...

Page 96: ...sition of the port to the forwarding state during the convergence process You may want to set Link Type to Shared when the port is connected to a hub with multiple switches connected to it PTP The poi...

Page 97: ...isplayed See Figure 24 on page 65 2 From the Switching tab hover over Port 3 Move the cursor to the right and select Spanning Tree The Port Spanning Tree page is displayed See Figure 36 on page 95 4 C...

Page 98: ...e the same the switch elects a port with the lower port ID The range of the priority value is 0 to 240 in increments of 16 for a total of 16 increments See Table 1 Specify the increment of the desired...

Page 99: ...s rapid transition You may want to set the link type to shared if the port is connected to a hub with multiple switches connected to it Loop Guard Enable or disable the BPDU loop guard feature on the...

Page 100: ...Chapter 7 Spanning Tree Protocol on a Port 100...

Page 101: ...See the following sections Displaying the Unicast MAC Addresses on page 102 Displaying the Multicast MAC Addresses on page 104 Assigning a Unicast MAC Address on page 105 Assigning a Multicast MAC Add...

Page 102: ...MAC addresses do the following 1 Hover the cursor over the Switching Tab The Switching Tab is displayed See Figure 38 Figure 38 Switching Tab 2 Hover over Mac Table and then move the cursor to the rig...

Page 103: ...ss Dynamic and static unicast MAC addresses learned on or assigned to the port Vlan ID number of the VLAN that the node designated by the MAC address belongs to The default VLAN is Vlan1 Interface Por...

Page 104: ...the cursor to the right to select Multicast The Multicast MACs Page is displayed See Figure 40 Figure 40 Multicast MACs Page The following fields are displayed MAC Address Dynamic or static unicast M...

Page 105: ...the right to select Unicast The Unicast MACs page is displayed See Figure 39 on page 102 3 Click Add The Unicast MAC Page is displayed See Figure 41 Figure 41 Unicast MAC Address Page 4 To add a new...

Page 106: ...cifies the port to forward packets that have the designated source MAC address Discard Specifies the port to discard packets that have the designated source MAC address 5 Click Add 6 Click SAVE to sav...

Page 107: ...ht to select Multicast The Multicast MACs page is displayed See Figure 40 on page 104 3 Click Add The Multicast MAC Address page is displayed See Figure 42 Figure 42 Multicast MAC Address Page 4 To ad...

Page 108: ...cifies the port to forward packets that have the designated source MAC address Discard Specifies the port to discard packets that have the designated source MAC address 5 Click Add 6 Click SAVE to sav...

Page 109: ...See Figure 38 on page 102 2 Hover over Mac Table and then move the cursor to the right to select Unicast The Unicast MACs page is displayed See Figure 39 on page 102 3 Do one of the following To clea...

Page 110: ...page 102 2 Hover over Mac Table and then move the cursor to the right to select Multicast The Multicast MACs page is displayed See Figure 40 on page 104 3 Do one of the following To clear all of the...

Page 111: ...LACP and explains how to display and set LACP See the following sections Overview on page 112 Displaying LACP Trunks on page 113 Adding an LACP Trunk on page 115 Modifying an LACP Trunk on page 117 De...

Page 112: ...nufacturers The main component of an LACP trunk is an aggregator An aggregator is a group of ports on the switch The ports of an aggregator are further grouped into a trunk referred to as an aggregate...

Page 113: ...See Figure 24 on page 65 2 From the Switching tab hover over Link Aggregation For an example of the Link Aggregation menu see Figure 43 Figure 43 Switching Tab with Link Aggregation Selected 3 Move t...

Page 114: ...ne load distribution method The load distribution method determines the manner in which the switch distributes the egress packets among the active ports of an aggregator The packets can be distributed...

Page 115: ...isplayed See Figure 24 on page 65 2 From the Switching tab hover over Link Aggregation For an example of the Link Aggregation selection see Figure 43 on page 113 3 Move the cursor to the right and sel...

Page 116: ...n MAC address as the load distribution method Src IP Source IP address as the load distribution method Dst IP Destination IP address as the load distribution method Src Dst IP Source IP address and de...

Page 117: ...ure 24 on page 65 2 From the Switching tab hover over Link Aggregation For an example of the Link Aggregation selection see Figure 43 on page 113 3 Move the cursor to the right and select LACP The LAC...

Page 118: ...s Src Dst MAC Source address destination MAC address Src IP Source IP address Dst IP Destination IP address Src Dst IP Source address destination IP address 6 Add or remove the member ports of the agg...

Page 119: ...24 on page 65 2 From the Switching tab hover over Link Aggregation For an example of the Link Aggregation selection see Figure 43 on page 113 3 Move the cursor to the right and select LACP The LACP T...

Page 120: ...Chapter 9 Link Aggregation Control Protocol LACP 120...

Page 121: ...e the following sections Overview on page 122 Displaying Static Trunk Settings on page 123 Adding Static Trunks on page 125 Modifying the Static Trunk Settings on page 127 Deleting Static Trunks on pa...

Page 122: ...1 If a link is lost on a port in a static port trunk the trunk s total bandwidth is reduced Although the traffic carried by a lost link is shifted to one of the remaining ports in the trunk the bandwi...

Page 123: ...ver Link Aggregation For an example of the Link Aggregation tab see Figure 47 Figure 47 Switching Tab with Static Trunks 3 Move the cursor to the right and select Static Trunks The Static Trunks page...

Page 124: ...ess and destination MAC address is the load distribution method Src IP Source IP address is the load distribution method Dst IP Destination IP address is the load distribution method Src Dst IP Source...

Page 125: ...bers of one static port trunk at a time A port that is already a member of a trunk cannot be added to another trunk To accomplish this you must first remove the member port from its current trunk assi...

Page 126: ...MAC Destination MAC address Src Dst MAC Source address and destination MAC address Src IP Source IP address Dst IP Destination IP address Src Dst IP Source address and destination IP address 7 Select...

Page 127: ...dd or remove member ports from a static port trunk or modify the load balance method do the following 1 Hover the cursor over the Switching tab The Switching tab is displayed See Figure 24 on page 65...

Page 128: ...tination IP address Src Dst IP Source address destination IP address 6 Select the member ports that you want to add to or remove from the static trunk by clicking on the ports Caution To prevent the f...

Page 129: ...ching tab is displayed See Figure 24 on page 65 2 From the Switching tab hover over Link Aggregation For an example of the Link Aggregation selection see Figure 47 on page 123 3 Move the cursor to the...

Page 130: ...Chapter 10 Setting Static Port Trunks 130...

Page 131: ...2 Displaying VLANs on page 134 Adding a VLAN on page 135 Modifying VLANs on page 137 Assigning a Native VLAN on page 139 Removing an Untagged Port from a VLAN on page 141 Deleting VLANs on page 142 Fo...

Page 132: ...just a few ports In addition a port based VLAN can span switches and consist of ports from multiple Ethernet switches Ports in a port based VLAN are referred to as untagged ports and the frames recei...

Page 133: ...evice must be able to process the tagged information on received frames and add tagged information to transmitted frames Tagged and Untagged Ports You need to specify which ports are members of the VL...

Page 134: ...played For an example of the VLANs page see Figure 51 Figure 51 VLANs Page The following fields are displayed Vlan ID VLAN identifier The range is 1 to 4094 The VID of 1 is the default VLAN Name VLAN...

Page 135: ...134 3 From the VLANs page click Add The Add VLAN page is displayed See Figure 52 Figure 52 Add VLAN Page 4 Enter the following settings as needed VLAN ID Assign a VLAN identifier The range is 2 to 409...

Page 136: ...e must be unique as well A VLAN that spans multiple switches must have the same name on each switch Device ID Assign a T U or H by clicking a port number until the desired choice appears in the box be...

Page 137: ...ause loss of connectivity to the switch 1 Hover the cursor over the Switching tab The Switching tab is displayed See Figure 24 on page 65 2 From the Switching tab drop down menu select VLANs The VLANs...

Page 138: ...choice appears in the box below the port number A T indicates the port is a tagged port A U indicates the port is an untagged port An H indicates the port does not belong to any VLANs on the switch as...

Page 139: ...tagged port perform the following procedure 1 Hover the cursor over the Switching tab The Switching tab is displayed See Figure 24 on page 65 2 From the Switching tab drop down menu select VLANs The...

Page 140: ...m the pull down menu The selected VLAN Interface is assigned to a port as a native VLAN on which untagged frames are placed Port ID Select a port ID from the pull down menu You can only select a tagge...

Page 141: ...VLANs The VLANs page is displayed See Figure 51 on page 134 3 From the VLANs page click Edit next to the VLAN that the untagged port you want to remove belongs to The Edit VLAN page is displayed See F...

Page 142: ...the Switching tab The Switching tab is displayed See Figure 24 on page 65 2 From the Switching tab drop down menu select VLANs The VLANs page is displayed See Figure 51 on page 134 3 From the VLANs p...

Page 143: ...nd Modifying Spanning Tree Protocol Settings on the Switch on page 145 Note For information about how to set a spanning tree protocol on the ports see Chapter 7 Spanning Tree Protocol on a Port on pag...

Page 144: ...ach takes to complete the process referred to as convergence When a change is made to the network topology such as the addition of a new bridge a spanning tree protocol determines whether there are re...

Page 145: ...r over the Switching tab The Switching tab is displayed See Figure 24 on page 65 2 From the Switching tab drop down menu select Spanning Tree The Spanning Tree Settings page is displayed See Figure 55...

Page 146: ...riority number in the spanning tree domain becomes the root bridge You can use the priority number to influence which switch becomes the root bridge If two or more devices have the same priority value...

Page 147: ...range is 4 to 30 seconds This value is active only when the switch is acting as the root bridge of the spanning tree domain Switches that are not acting as the root bridge use a dynamic value supplied...

Page 148: ...Chapter 12 Spanning Tree Protocols on the Switch 148...

Page 149: ...aying and Modifying IGMP Snooping Configuration on page 151 Disabling IGMP Snooping on page 154 Displaying the Routers List on page 155 Clearing the Routers List on page 156 Displaying the Hosts List...

Page 150: ...orts to remain a member After the router has received a report from a host node it notes the multicast group that the host node wants to join and the port on the router where the node is located Any m...

Page 151: ...modify the IGMP Configuration settings do the following 1 Hover the cursor over the Switching tab The Switching Tab is displayed See Figure 56 Figure 56 Switching IGMP Tab 2 Hover over IGMP and then...

Page 152: ...the IGMP host topology Choose between Single and Multiple Select Single when the switch has one host node per port Select Multiple when the switch has more than one host node per port By default the s...

Page 153: ...the port ID of a port that is connected to a multicast router You can enter a port ID in this field only when the Router Ports Mode is Manual Flood Unknown Multicasts Select Enabled to disable the au...

Page 154: ...over IGMP and then move the cursor to the right to select IGMP Snooping The IGMP Snooping page is displayed with the Configuration tab selected by default See Figure 57 on page 152 3 Use the pull down...

Page 155: ...by default See Figure 57 on page 152 3 Click the Routers List tab The Routers List page is displayed See Figure 58 Figure 58 IGMP Snooping Page with Routers List Tab The following settings are display...

Page 156: ...played See Figure 56 on page 151 2 Hover over IGMP and then move the cursor to the right to select IGMP Snooping The IGMP Snooping page is displayed with the Configuration tab selected by default See...

Page 157: ...t See Figure 57 on page 152 3 Click the Hosts List tab The Hosts List page is displayed See Figure 59 Figure 59 IGMP Snooping Page with Hosts List Tab The following settings are displayed Group Addres...

Page 158: ...Chapter 13 Internet Group Management Protocol IGMP Snooping 158...

Page 159: ...ollowing sections Overview on page 160 Guidelines on page 164 Displaying IGMP Snooping Querier on page 165 Modifying IGMP Snooping Query Interval on page 167 For more information about IGMP see the fo...

Page 160: ...ved The switch must have an IP address to add to the queries as its source address In addition the address must be a member of the same network as the host nodes and the multicasting source You assign...

Page 161: ...assign multiple queriers to a LAN the software must decide which is the active querier and which is the standby querier This task falls to a switch in the network that has IGMP snooping enabled but IG...

Page 162: ...itch 1 has the lowest IP routing address and forwards all multicast packets to switch 1 making switch 1 the active querier Switch 3 becomes the standby querier in case switch 1 stops transmitting quer...

Page 163: ...ttings that are illustrated in Figure 61 on page 162 Table 4 IGMP Snooping Querier with Two Queriers Switch Routing Address IGMP Snooping IGMP Snooping Querier Querier Status 1 149 123 48 2 Enabled En...

Page 164: ...e address If you want to add or remove ports from the VLAN after activating IGMP snooping querier you must disable IGMP snooping querier modify the VLAN and then enable it again The switch supports IG...

Page 165: ...owing 1 Hover the cursor over the Switching tab The Switching Tab is displayed See Figure 62 Figure 62 Switching IGMP Tab 2 Hover over IGMP and then move the cursor to the right to select IGMP Querier...

Page 166: ...Chapter 14 IGMP Snooping Querier 166 Query Interval Time interval in seconds at which IGMP General Query messages are transmitted...

Page 167: ...ct IGMP Querier The IGMP Snooping Querier page is displayed See Figure 63 on page 165 3 From the IGMP Snooping Querier page click Add or Edit The Edit IGMP Snooping Querier page is displayed See Figur...

Page 168: ...Chapter 14 IGMP Snooping Querier 168...

Page 169: ...he following sections Overview on page 170 Displaying PoE Port Settings on page 172 Modifying PoE Settings Globally on page 175 Modifying PoE Settings on a Port on page 176 For more information about...

Page 170: ...cing equipment PSE The AT 8100L 8PoE AT 8100S 24PoE and AT 8100S 48PoE switches are PSE devices providing DC power to the network cable and functioning as a central power source for other network devi...

Page 171: ...ased on the port number in ascending order For example when all of the ports in the switch are set to the low priority level and the power requirements are exceeded on the switch port 1 has the highes...

Page 172: ...Note The PoE pull down menu item appears only when you are accessing a PoE featured switch 1 Hover the cursor over the Switching tab The Switching tab is displayed See Figure 65 Figure 65 Switching Ta...

Page 173: ...oE status for a port individually Power Usage Threshold Power usage threshold in a percentage of the switch s total available power The range is 1 to 99 Interface Port ID Description Description of th...

Page 174: ...nected to the port is powered on or off When powered on it indicates Powered When no powered device is connected to the port indicates Off Power Class Class of the connected PD The switch automaticall...

Page 175: ...hange this field when you want to change the PoE status for all the ports all at once Power Threshold Set the power usage threshold in a percentage of the switch s total available power The range is 1...

Page 176: ...2 From the Switching tab drop down menu select PoE A list of PoE settings on the ports is displayed See Figure 66 on page 173 3 From the PoE page click Edit next to the port number that you want to mo...

Page 177: ...Device Select Yes to allow the switch to supply power to a device that is connected to the port even if the device is a legacy PD Select No to not allow the switch to supply power if a device that is...

Page 178: ...Chapter 15 Power Over Ethernet PoE 178...

Page 179: ...ing MAC Address based Port Security Settings on page 182 Modifying MAC Address based Port Security Settings on page 184 Disabling MAC Address based Port Security Settings on page 186 For more informat...

Page 180: ...sses as dynamic addresses can learn new addresses when addresses are timed out from the table by the switch The addresses are aged out according to the aging time of the MAC address table Intrusion Ac...

Page 181: ...the ingress port not on the egress port You cannot use MAC address based port security and 802 1x port based access control on the same port To specify a port as an Authenticator or Supplicant in 802...

Page 182: ...is displayed See Figure 68 Figure 68 Security Tab 2 From the Security tab drop down menu select MAC Based Security The MAC Based Port Security page is displayed See Figure 69 Figure 69 MAC Based Port...

Page 183: ...MAC address table This is the default setting MAX MACs Maximum number of dynamic MAC addresses the port is permitted to learn The range is 0 to 255 By default this field is set to 100 Violation Actio...

Page 184: ...ursor over the Security tab The Security tab is displayed See Figure 68 on page 182 2 From the Security tab drop down menu select MAC Based Security The MAC Based Port Security page is displayed See F...

Page 185: ...es Saves the source MAC addresses as dynamic addresses in the MAC address table No Saves the source MAC addresses as static addresses in the MAC address table MAX MACs Enter the maximum number of sour...

Page 186: ...gure 68 on page 182 2 From the Security tab drop down menu select MAC Based Security The MAC Based Port Security page is displayed See Figure 69 on page 182 3 Click Edit next to the port that you want...

Page 187: ...188 Configuring RADIUS for Remote Manager Authentication on page 191 Configuring TACACS for Remote Manager Authentication on page 195 Deleting an Authentication Server on page 200 For more information...

Page 188: ...e only the remote manager account feature you can use either RADIUS or TACACS because both clients support that feature If you want to use 802 1x port based network access control you have to use the...

Page 189: ...TACACS server you must configure remote manager authentication and add authentication servers that the switch can access You can configure up to three servers each for the RADIUS and TACACS features...

Page 190: ...nts 190 When you delete Server 1 the server with an IP address of 192 168 10 12 remains Server 2 the server with an IP address of 192 168 10 13 remains Server 3 As a result the next server that you ad...

Page 191: ...entication Using RADIUS To configure the RADIUS server do the following 1 Hover the cursor over the Security tab The Security tab is displayed See Figure 68 on page 182 2 From the Security tab drop do...

Page 192: ...rs authenticate user login Disabled The RADIUS servers do not authenticate user login Authentication is attempted using the username and password combinations specified on the User Management page and...

Page 193: ...tes that sending accounting messages is disabled 4 Click Apply The Active Authentication Server field shown on the upper middle of the page indicates RADIUS 5 Click SAVE to save your changes to the st...

Page 194: ...nting The default UDP port for accounting is 1813 Key Enter the encryption key for RADIUS communications between the switch and RADIUS server The key must match the encryption key used by the RADIUS s...

Page 195: ...TACACS Server on page 198 Configuring Remote Manager Authentication Using TACACS To configure a TACACS server do the following 1 Hover the cursor over the Security tab The Security tab is displayed S...

Page 196: ...he value of the global encryption key of the TACACS servers You can define a global encryption key if you have one TACACS server or if there is more than one server and they all use the same encryptio...

Page 197: ...e username and password combinations specified on the User Management page and using the USERNAME command in the CLI Note For additional information about the User Management page see Managing Local U...

Page 198: ...accounting message is sent at the beginning of a session and a stop accounting message is sent at the end of the session Stop Only A stop accounting message is sent at the end of the session None Send...

Page 199: ...e following IPv4 format xxx xxx xxx xxx Key Enter the encryption key for TACACS communications between the switch and TACACS server The key must match the encryption key used by the TACACS server The...

Page 200: ...displayed See Figure 68 on page 182 2 From the Security tab drop down menu select Authentication Servers The Authentication Server Configuration page is displayed See Figure 71 on page 191 3 Click ei...

Page 201: ...based Authentication on the Switch on page 207 Configuring 802 1x Port based Authentication on page 208 Disabling 802 1x Port based Authentication on the Switch on page 213 Disabling 802 1x Port base...

Page 202: ...e information about RADIUS and its configuration see Chapter 17 RADIUS and TACACS Clients on page 187 Note RADIUS with Extensible Authentication Protocol EAP extensions is the only supported authentic...

Page 203: ...mple of Port Roles Operating Modes Authenticator ports have three modes Single host mode An authenticator port set to the single host mode permits only one supplicant to log on and forwards only the t...

Page 204: ...ets through the port without being authenticated Figure 77 is an example of this mode Port 6 is connected to an Ethernet hub or non 802 1x compliant switch which in turn is connected to several suppli...

Page 205: ...VLAN when a supplicant logs on This frees the network manager from having to reconfigure VLANs as end users access the network from different points or where the same workstation is used by different...

Page 206: ...and has full access to the resources of the Guest VLAN If the switch receives 802 1x packets on the port signalling that an authenticated supplicant is logging on it moves the port to its predefined...

Page 207: ...r the Security tab The Security tab is displayed See Figure 68 on page 182 2 From the Security tab drop down menu select 802 1x Port Authentication The 802 1x Authentication page is displayed See Figu...

Page 208: ...e Security tab drop down menu select 802 1x Port Authentication The 802 1x Authentication page is displayed See Figure 79 on page 207 3 Click Edit next to the port that you want to modify The Modify 8...

Page 209: ...uide 209 Figure 81 Modify 802 1x Authentication Page Expanded 5 Modify the following fields as needed Interface Indicates the port ID You cannot modify this parameter from this page Port Role Specifie...

Page 210: ...an authenticator port remains in the quiet state following a failed authentication exchange with a supplicant The range is 0 to 65 535 seconds The default value is 60 seconds Tx period Enter the numbe...

Page 211: ...those supplicants that have the same VID as the supplicant who initially logged on Multi Specifies that an authenticator port forwards packets of all supplicants regardless of the VIDs in their suppli...

Page 212: ...ation method does not require 802 1x client software on supplicant nodes Re Auth Learning Check the checkbox to force the port that is using MAC address authentication into the unauthorized state You...

Page 213: ...ty tab The Security tab is displayed See Figure 68 on page 182 2 From the Security tab drop down menu select 802 1x Port Authentication The 802 1x Authentication page with the Status field set to Enab...

Page 214: ...gure 68 on page 182 2 From the Security tab drop down menu select 802 1x Port Authentication The 802 1x Authentication page is displayed See Figure 79 on page 207 3 Click Edit next to the port that yo...

Page 215: ...4 Address on page 219 Changing an IPv4 Address on page 220 Deleting an IPv4 Address on page 222 Displaying the IPv6 Interface on page 223 Adding an IPv6 Address on page 225 Changing IPv6 Addresses on...

Page 216: ...e an IPv6 address as the management IP address However as shown in Table 8 the IPv6 address supports only the TACACS client and HTTP clients To use features that are not supported by the IPv6 address...

Page 217: ...8100 Series Version 2 2 5 0 Management Software Command Line Interface User s Guide An IPv6 address is assigned as the static address The switch does not support the assignment of an IPv6 address from...

Page 218: ...s displayed See Figure 83 Figure 83 Layer 3 Tab 2 From the Layer 3 tab drop down menu select IPv4 Interfaces A list of IPv4 interfaces is displayed See Figure 84 Figure 84 IPv4 Interfaces Page The fol...

Page 219: ...aces is displayed See Figure 84 on page 218 3 Click Add The IP Address Configuration Page is displayed See Figure 85 Figure 85 IP Address Configuration Page 4 Enter the following fields IP Address Ent...

Page 220: ...lect IPv4 Interfaces A list of IPv4 interfaces is displayed See Figure 84 on page 218 3 From the IPv4 Interfaces page click Edit next to the VLAN ID that you want to modify The following page is displ...

Page 221: ...P address that you use to access the web interface you lose the connection to the switch Start a management session again by opening a web browser on your PC and entering the new IP address of the swi...

Page 222: ...er 3 tab The Layer 3 tab is displayed See Figure 83 on page 218 2 From the Layer 3 tab drop down menu select IPv4 Interfaces A list of IPv4 interfaces is displayed See Figure 84 on page 218 3 From the...

Page 223: ...f the IPv6 interface do the following 1 Hover the cursor over the Layer 3 tab The Layer 3 tab is displayed See Figure 87 Figure 87 Layer 3 Tab 2 From the Layer 3 tab drop down menu select IPv6 Interfa...

Page 224: ...ollowing fields are displayed Interface Name VLAN number that the management IPv6 address is assigned to IP Address Management IPv6 address Subnet Mask Subnet mask of the management IPv6 address Defau...

Page 225: ...page 223 2 From the Layer 3 tab drop down menu select IPv6 Interface The IPv6 Interface page is displayed Ensure that no IPv6 address is displayed 3 Click Add The IPv6 Management Configuration Page i...

Page 226: ...ing IPv6 addresses are equivalent 12c4 421e 09a8 0000 0000 0000 00a4 1c50 12c4 421e 9a8 a4 1c50 6 Enter the number of subnet mask bits in the Subnet Mask field 7 Enter an IPv6 default gateway address...

Page 227: ...ce is displayed if one has already been assigned See Figure 88 on page 223 3 From the IPv6 Interface page click Edit The following page is displayed See Figure 90 Figure 90 Edit IPv6 Management Config...

Page 228: ...Chapter 19 Setting IPv4 and IPv6 Addresses 228 5 Click Apply 6 Click SAVE to save your changes to the startup configuration file...

Page 229: ...owing 1 Hover the cursor over the Layer 3 tab The Layer 3 tab is displayed See Figure 87 on page 223 2 From the Layer 3 tab drop down menu select IPv6 Interface The IPv6 interface is displayed if any...

Page 230: ...Chapter 19 Setting IPv4 and IPv6 Addresses 230...

Page 231: ...page 232 Creating an ACL on page 235 Assigning an ACL to Ports on page 239 Displaying a List of ACLs on page 241 For information about the QoS feature see Chapter 22 Quality of Service QoS on page 25...

Page 232: ...action based on the ACL that is assigned to the port Using the AT 8100 web interface you can configure two types of ACLs IPv4 ACLs MAC ACLs IPv4 ACLs use IPv4 addresses as filtering criteria while MAC...

Page 233: ...ress Packets are Compared Against ACLs Ports that do not have an ACL forward all ingress packets Ports with one or more deny ACLs discard ingress packets that match the ACLs and forward all other traf...

Page 234: ...ter egress packets As a result you must apply ACLs to the ingress ports of the designated traffic flows ACLs for static port trunks or LACP trunks must be assigned to the individual ports of the trunk...

Page 235: ...oS tab The ACLs QoS tab is displayed See Figure 91 Figure 91 ACLs and QoS Tab 2 From the ACLs QoS tab drop down menu select Traffic Classifiers The Traffic Classifiers page is displayed See Figure 92...

Page 236: ...ct an action from the following options Deny Instructs ports to discard the ingress packets that match the specified filtering criteria Permit Instructs ports to forward ingress packets that match the...

Page 237: ...ollowing IPv4 Address and mask Select IPv4 then enter an IPv4 source address followed by a slash and a mask if you are creating an IPv4 ACL The keyword any matches all packets on the source address MA...

Page 238: ...rt fields are applicable only to IPv4 ACLs Source Port Select TCP or UDP from the pull down menu and enter a source port number as needed This field is optional Destination Port Select TCP or UDP from...

Page 239: ...page 235 To assign an ACL to ports do the following 1 Hover the cursor over the ACLs QoS tab The ACLs QoS tab is displayed See Figure 91 on page 235 2 From the ACLs QoS tab drop down menu select Polic...

Page 240: ...e 96 Traffic Classifiers Page from Policies ACLs Page 4 Click a radio button to select an ACL 5 Check one or multiple port numbers to select ports to apply the ACL 6 Click Apply 7 Click SAVE to save y...

Page 241: ...s displayed See Figure 91 on page 235 2 From the ACLs QoS tab drop down menu select Traffic Classifiers The Traffic Classifiers page is displayed See Figure 97 Figure 97 Traffic Classifiers Page 3 The...

Page 242: ...Chapter 20 Access Control Lists ACL 242...

Page 243: ...hapter describe how to display a list of static routes on the switch and how to add and delete a static route See the following sections Displaying Static Routes on page 244 Adding a Static Route on p...

Page 244: ...ayer 3 tab drop down menu select Static Routes A list of static routes is displayed See Figure 99 Figure 99 Static Routes Page The following fields are displayed Network Address IP address of the dest...

Page 245: ...of static routes is displayed See Figure 99 on page 244 3 Click Add The Add Static Route Page is displayed See Figure 100 Figure 100 Add Static Route Page 4 Enter the destination network address in th...

Page 246: ...Chapter 21 Setting Static Routes 246 8 Click Apply 9 Click SAVE...

Page 247: ...e entry do the following 1 Hover the cursor over the Layer 3 tab The Layer 3 tab is displayed See Figure 98 on page 244 2 From the Layer 3 tab drop down menu select Static Routes A list of static rout...

Page 248: ...the cursor over the Layer 3 tab The Layer 3 tab is displayed See Figure 101 Figure 101 Layer 3 Tab 2 From the Layer 3 tab drop down menu select Routing Table A list of routes is displayed See Figure 1...

Page 249: ...t the route was added statically RIP indicates that the route was added dynamically using the RIP protocol Connected indicates that the route is connected directly AD Metric Value of the administrativ...

Page 250: ...Chapter 21 Setting Static Routes 250...

Page 251: ...icy on page 255 Assigning a QoS Policy to Ports on page 260 Displaying a List of QoS Policies on page 262 For information about the ACL feature see Chapter 20 Access Control Lists ACL on page 231 For...

Page 252: ...class of service CoS value Layer 2 802 1Q frame headers have a Tag Control Information field that carries the CoS value You can use DSCP and CoS values as filtering criteria to classify incoming packe...

Page 253: ...ckets that match the filtering criteria with the specified CoS value How Ingress Packets are Selected with Filtering Criteria A QoS policy can have more than one filtering criterion A QoS policy that...

Page 254: ...but does not process egress packets As a result you must apply QoS policies to the ingress ports of the designated traffic flows QoS policies for static port trunks or LACP trunks must be assigned to...

Page 255: ...s QoS tab The ACLs QoS tab is displayed See Figure 103 Figure 103 ACLs and QoS Tab 2 From the ACLs QoS tab drop down menu select Traffic Classifiers The Traffic Classifiers page is displayed See Figur...

Page 256: ...mber to identify a QoS policy Choose a classifier number according to the following conditions When specifying an IPv4 address as a filtering criterion Choose from 3000 to 3699 When specifying a MAC A...

Page 257: ...to 7 Figure 106 Text Box for Priority Queue Mark DSCP Instructs ports to set the DSCP value in all ingress packets that match the filtering criteria with a specified DSCP value When you select Mark D...

Page 258: ...y Matches all packets on the source address IPv4 Address and mask Enter an IPv4 source address followed by a slash and a mask if you are creating an IPv4 ACL MAC Address and mask Enter a MAC source ad...

Page 259: ...ce Port Select TCP or UDP from the pull down menu and enter a source port number as needed Destination Port Select TCP or UDP from the pull down menu and enter a source port number as needed VLAN ID E...

Page 260: ...on page 255 To assign a QoS policy to ports do the following 1 Hover the cursor over the ACLs QoS tab The ACLs QoS tab is displayed See Figure 103 on page 255 2 From the ACLs QoS tab drop down menu s...

Page 261: ...s Guide 261 Figure 110 Traffic Classifier Page 4 Click a radio button to select a QoS policy 5 Check one or multiple checkboxes to select ports to apply the QoS policy 6 Click Apply 7 Click SAVE to sa...

Page 262: ...03 on page 255 2 From the ACLs QoS tab drop down menu select Traffic Classifiers The Traffic Classifiers page is displayed See Figure 111 Figure 111 Traffic Classifiers Page 3 The following fields are...

Page 263: ...e 264 Displaying the RIP Configuration on page 265 Enabling RIP on a VLAN Interface on page 267 Changing the RIP Settings on page 270 Removing a VLAN Interface from the RIP Configuration on page 271 D...

Page 264: ...about static routes refer to Chapter 21 Setting Static Routes on page 243 Enabling RIP Here are guidelines for enabling RIP A VLAN interface must have an IP address assigned before RIP is enabled on...

Page 265: ...m the Layer 3 tab drop down menu hover the cursor over RIP move the cursor to the right and select Configuration from the RIP drop down menu The RIP configuration page is displayed See Figure 113 Figu...

Page 266: ...uthentication Key Authentication password that the VLAN interface uses to authenticate the RIP packets Send RIP version number of the packets that the VLAN interface is specified to send Receive RIP v...

Page 267: ...k where the VLAN belongs is advertised through RIP To enable RIP on a VLAN interface you must add the VLAN to the RIP routing process by performing the following procedure 1 Hover the cursor over the...

Page 268: ...Authentication Key Enter the authentication password that the VLAN interface uses to authenticate the RIP packets The authentication password can be up to sixteen alphanumeric characters It is case se...

Page 269: ...way to go to the RIP Interface page to enable RIP on a VLAN interface Go to the RIP Configuration page from the RIP Configuration page shown in Figure 113 on page 265 and click Add To go to the RIP C...

Page 270: ...The Layer 3 tab is displayed See Figure 112 on page 265 2 From the Layer 3 tab drop down menu hover the cursor over RIP move the cursor to the right and select Configuration from the RIP drop down me...

Page 271: ...following 1 Hover the cursor over the Layer 3 tab The Layer 3 tab is displayed See Figure 112 on page 265 2 From the Layer 3 tab drop down menu hover the cursor over RIP move the cursor to the right...

Page 272: ...ure 116 Figure 116 Layer 3 Tab 2 From the Layer 3 tab drop down menu hover the cursor over RIP move the cursor to the right and select Statistics from the RIP drop down menu The RIP statistics page is...

Page 273: ...failure packet received when receive is disabled or mismatched sequence number of a triggered acknowledgement Output Counters displayed under these columns are for outgoing RIP packets outResponses N...

Page 274: ...ing up so that the data that has been displayed in the RIP Statistics pages are not the most recent To display the latest data possible click on the Refresh button on the RIP Statistics page Figure 11...

Page 275: ...atic ARP entries See the following sections Overview on page 276 Displaying the ARP Table on page 277 Adding a Static ARP Entry on page 278 Deleting ARP Entries on page 280 For more information about...

Page 276: ...e MAC address of the destination node The ARP table is populated dynamically however the AT 8100 switches allow you to add static ARP entries which are entered manually ARP Table Management Guidelines...

Page 277: ...9 Layer 3 Tab 2 From the Layer 3 tab drop down menu select ARP Table The ARP table is displayed See Figure 120 Figure 120 ARP Table Page The following fields are displayed IP Address IP address of the...

Page 278: ...ee Figure 120 on page 277 3 Click Add The Add Static ARP Page is displayed See Figure 121 Figure 121 Add Static ARP Page 4 Enter the following settings IP Address Enter the IPv4 address of the host to...

Page 279: ...AT 8100 Series Version 2 2 5 0 Web Interface User s Guide 279 6 Click SAVE to save your changes to the startup configuration file...

Page 280: ...tab is displayed See Figure 119 on page 277 2 From the Layer 3 tab drop down menu select ARP Table The ARP table is displayed See Figure 120 on page 277 3 Do one of the following To clear all of the...

Page 281: ...ort on page 288 Selecting LLDP TLVs on a Port on page 290 Setting a Location Entry for the LLDP MED Location TLV on page 294 Assigning LLDP Locations to a Port on page 302 Selecting LLDP MED TLVs on a...

Page 282: ...smitted in LLDP advertisements flows in one direction only from one device to its neighbors and the communication ends there Transmitted advertisements do not solicit responses and received advertisem...

Page 283: ...eries Version 2 2 5 0 Web Interface User s Guide 283 Optional LLDP MED TLVs You can select LLDP MED TLVs that are included in an LLDPDU The switch sends selected TLVs along with the mandatory TLVs in...

Page 284: ...r the Discovery Monitoring tab The Discovery Monitoring tab is displayed See Figure 122 Figure 122 Discovery Monitoring Tab 2 From the Discovery Monitoring tab hover over LLDP The LLDP tab appears to...

Page 285: ...it interval of LLDP advertisements The transmit interval must be at least four times the transmission delay timer Tx Delay The range is 5 to 32 768 seconds The default value is 30 seconds Fast Start C...

Page 286: ...tion Interval Enter a notification interval This is the minimum interval between LLDP SNMP notifications traps The range is 5 to 3 600 seconds The default value is 5 Reinit Enter a reinitialization de...

Page 287: ...yed See Figure 122 on page 284 2 From the Discovery Monitoring tab hover over LLDP The LLDP tab appears to the right 3 From the LLDP tab move the cursor to the right and select Basic Configuration fro...

Page 288: ...toring tab is displayed See Figure 122 on page 284 2 From the Discovery Monitoring tab hover over LLDP and then select Port Configurations on the right The LLDP Port Config page is displayed See Figur...

Page 289: ...configured to transmit LLDP advertisements sends the mandatory TLVs and any optional LLDP TLVs they have been specified to send By default this field is selected Advertisement Receive Check the checkb...

Page 290: ...Discovery Monitoring tab is displayed See Figure 122 on page 284 2 From the Discovery Monitoring tab hover over LLDP The LLDP tab is displayed 3 From the LLDP tab hover over TLV The LLDP TLV tab is di...

Page 291: ...8100 Series Version 2 2 5 0 Web Interface User s Guide 291 Figure 127 LLDP TLV Page 5 Click Edit next to the port that you want to modify The Modify LLDP TLV page is displayed See Figure 128 on page 2...

Page 292: ...on to be included in LLDPDUs System Name Check the checkbox to select the system name to be included in LLDPDUs System Description Check the checkbox to select the model number of the AT 8100 switch t...

Page 293: ...ocol IDs that are accessible through the port to be included in LLDPDUs For instance 9000 Loopback 0026424203000000 STP RSTP or MSTP 888e01 802 1x AAAA03 EPSR 88090101 LACP 00540000e302 Loop protectio...

Page 294: ...ction allow you to create LLDP MED Civic Coordinate and ELIN location entries See the following Creating a Civic Location Entry on page 294 Creating a Coordinate Location on page 298 Creating an Emerg...

Page 295: ...b Interface User s Guide 295 Figure 129 Locations Tab 4 From the Locations tab drop down menu move the cursor to the right and select Civic The LLDP Civic Location page is displayed See Figure 130 Fig...

Page 296: ...Chapter 25 LLDP and LLDP MED 296 5 Click Add The Add LLDP Civic Location Page is displayed See Figure 131 Figure 131 LLDP Civic Location Page Add 6 Enter the ID and Country fields...

Page 297: ...the following fields as needed Note Each field can contain up to 255 characters Spaces are not allowed The following list shows examples Country USA State CA County Santa Clara City San Jose Division...

Page 298: ...llowing 1 Hover the cursor over the Discovery Monitoring tab The Discovery Monitoring tab is displayed See Figure 122 on page 284 2 From the Discovery Monitoring tab hover over LLDP The LLDP tab appea...

Page 299: ...imal point Latitude Resolution Enter latitude resolution as the number of valid bits The range is 0 to 34 Longitude Enter a longitude value in decimal degrees The range is 180 0 to 180 0 The field acc...

Page 300: ...cation of a network device by its Emergency Location Identifier Number ELIN To create an LLDP ELIN location do the following 1 Hover the cursor over the Discovery Monitoring tab The Discovery Monitori...

Page 301: ...e 6 Enter values in the following fields ID Enter an ID number for an LLDP MED coordinate location entry on the switch The range is 1 to 256 This range is separate from the ranges for civic and coordi...

Page 302: ...Location TLV on page 294 To set an LLDP port location do the following 1 Hover the cursor over the Discovery Monitoring tab The Discovery Monitoring tab is displayed See Figure 122 on page 284 2 From...

Page 303: ...ic Location ID Select a Civic Location ID from the pull down menu By default none is selected Coordinate Location ID Select a Coordinate Location ID from the pull down menu By default none is selected...

Page 304: ...gure 122 on page 284 2 From the Discovery Monitoring tab hover over LLDP and then hover over TLV The LLDP TLV tab is displayed See Figure 126 on page 290 3 From the LLDP TLV tab select TLV MED on the...

Page 305: ...icy TLV includes the network policy information specified on the port for connected media endpoint devices The switch supports Application Type 1 Voice including the following network policy for conne...

Page 306: ...e and the software information to be included in LLDPDUs This information is identical on every port on the switch Hardware Revision Firmware Revision Software Revision Serial Number Manufacturer Name...

Page 307: ...he right and then select Neighbors The LLDP Neighbors Information page is displayed See Figure 140 Figure 140 LLDP Neighbors Information Page The following fields are displayed Local Port Port ID Neig...

Page 308: ...or not the MED device Classes I through III are supported Power Source code indicates the current power source which is either the Primary Power Source or the Backup Power Source The codes are C1 Cla...

Page 309: ...DP Statistics page is displayed with the Port Statistics tab selected automatically See Figure 141 Figure 141 LLDP Statistics Page with Port Statistics Tab The following fields are displayed Port ID P...

Page 310: ...e entered into the neighbor table because of insufficient resources Ageout Entries Number of times the information advertised by neighbors has been removed from the neighbor table because the informat...

Page 311: ...Civic Location do the following 1 Hover the cursor over the Discovery Monitoring tab The Discovery Monitoring tab is displayed See Figure 122 on page 284 2 From the Discovery Monitoring tab hover ove...

Page 312: ...aying Coordinate Locations To display a Coordinate Location do the following 1 Hover the cursor over the Discovery Monitoring tab The Discovery Monitoring tab is displayed See Figure 122 on page 284 2...

Page 313: ...1984 NAD83 MLLW Mean lower low water datum 1983 NAD83 NAVD North American vertical datum 1983 Displaying ELIN Locations To display an LLDP ELIN location do the following 1 Hover the cursor over the D...

Page 314: ...ng tab hover over LLDP The LLDP tab appears to the right 3 From the LLDP tab select Basic Configuration The LLDP Configuration page is displayed See Figure 123 on page 285 The following fields are dis...

Page 315: ...toring tab is displayed See Figure 122 on page 284 2 From the Discovery Monitoring tab hover over LLDP move the cursor to the right and then select Port Configurations The LLDP Port Config page is dis...

Page 316: ...on ID Coordinate Location ID Coordinate location ID ELIN Location ID ELIN location ID Displaying LLDP TLV To display the LLDP TLV settings do the following 1 Hover the cursor over the Discovery Monito...

Page 317: ...VLAN Names Lists the names of the VLANs in which the transmitting port is either an untagged or tagged member Protocol IDs List of protocols that are accessible through the port for instance 9000 Loop...

Page 318: ...r and bridge functions and whether or not these functions are currently enabled Network policy Network policy information specified on the port for connected media endpoint devices The switch supports...

Page 319: ...AT 8100 Series Version 2 2 5 0 Web Interface User s Guide 319 Model Name Asset ID...

Page 320: ...Chapter 25 LLDP and LLDP MED 320...

Page 321: ...n page 322 Specifying an sFlow Collector on page 324 Configuring sFlow on a Port on page 327 Enabling sFlow on the Switch on page 329 Displaying the sFlow Settings on page 330 For more information abo...

Page 322: ...ich the agent samples one packet For example a sampling rate of 1000 on a port prompts the agent to send one packet from every 1000 ingress packets to the designated sFlow collector Different ports ca...

Page 323: ...lapsed sFlow Collectors The sFlow agent on the switch can send port performance data to an sFlow collector on your network The performance data from each port can be sent to one collector Guidelines H...

Page 324: ...e collector To select the Collector tab from the sFlow page do the following 1 Hover the cursor over the Discovery Monitoring tab The Discovery Monitoring tab is displayed See Figure 143 Figure 143 Di...

Page 325: ...Guide 325 The sFlow page is displayed with the Collector Tab selected See Figure 145 Figure 145 sFlow Page with Collectors Tab 4 Click Add The sFlow Collector page is displayed See Figure 146 Figure 1...

Page 326: ...ress in the following format xxx xxx xxx xxx where xxx is a number from 0 to 255 There are four groups of numbers that are separated by periods UDP Port UDP port number of the sFlow collector The defa...

Page 327: ...owing 1 Hover the cursor over the Discovery Monitoring tab The Discovery Monitoring tab is displayed See Figure 143 on page 324 2 From the Discovery Monitoring tab drop down menu select sFlow The sFlo...

Page 328: ...pollings of the packet counter on the port by the sFlow agent Sample Rate Enter the packet sampling rate on the port The sampling rate dictates the number of ingress packets from which one sample is t...

Page 329: ...on a Port on page 327 To enable the sFlow feature on a switch do the following 1 Hover the cursor over the Discovery Monitoring tab The Discovery Monitoring tab is displayed See Figure 143 on page 324...

Page 330: ...llowing 1 Hover the cursor over the Discovery Monitoring tab The Discovery Monitoring tab is displayed See Figure 143 on page 324 2 From the Discovery Monitoring tab drop down menu select sFlow The sF...

Reviews:

No comments

Related manuals for AT-8100L/8POE

UR5i v2 Libratum

Brand: B+B SmartWorx Pages: 8

Brand: B+B SmartWorx Pages: 8

Brand: Wave wifi Pages: 2

Brand: Parkside Pages: 55

Brand: Parkside Pages: 34

Brand: Patton electronics Pages: 2

ipRocketLink 3086FR

Brand: Patton electronics Pages: 6

Brand: Patton electronics Pages: 16

Brand: Patton electronics Pages: 51

Firebox SOHO 6 Wireless

Brand: Watchguard Pages: 8

VigorIPPBX 2820 Series

Brand: Draytek Pages: 29

Brand: TP-Link Pages: 3

Brand: Stephen Pages: 102

APS6-400 Series

Brand: Eaton Pages: 114

Brand: Allnet Pages: 12

Brand: Telebyte Pages: 19

SUPERLOADER DLT MAGAZINE

Brand: Tandberg Data Pages: 6

Brand: Moxa Technologies Pages: 2

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands