manualshive.com logo in svg

CTC Union MSW-4424C Series, User Manual

The CTC Union MSW-4424C Series is a cutting-edge networking device that ensures seamless connectivity. Enhance your networking experience by downloading the User Manual, available for free on our website. Unlock the full potential of this product and take advantage of its advanced features and capabilities. Simply visit manualshive.com to download the manual.

Share
Download
background image

Chapter 4. Web Configuration & Operation 

 

232 

 

 

 

CHAPTER 4 

WEB OPERATION & CONFIGURATION

 

 

None:

 Do not allow more than the specified limit of MAC addresses to access on a port. No action is further taken. 

 

Trap: 

If Limit + 1 MAC addresses are seen on the port, send an SNMP trap. If Aging is disabled, only one SNMP 

trap will be sent, but with Aging enabled, new SNMP traps will be sent every time the limit is exceeded. 

 

Shutdown: 

If Limit + 1 MAC addresses is seen on the port, shut down the port. This implies that all secured MAC 

addresses  will  be  removed  from  the  port,  and  no  new  addresses  will  be  learned.  Even  if  the  link  is  physically 
disconnected and reconnected on the port (by disconnecting the cable), the port will remain shut down. There 
are three ways to re-open the port: 

* Boot the switch 
* Disable and re-enable Limit Control on the port or the switch 
* Click the “Reopen” button 

 

Trap & Shutdown: 

If Limit + 1 MAC addresses is seen on the port, both the “Trap” and the “Shutdown” actions 

described above will be taken. 

 

State:

  Display  the  current  state  of  the  port  from  the  port  security  limit  control's  point  of  view.  The  displayed  state 

might be one of the following: 
 
 

Disabled:

 Limit control is either globally disabled or disabled on a port. 

 
 

Ready:

 The limit is not reached yet.  

 

Limit Reached:

 The limit is reached on a port. This state can only be shown if Action is set to None or Trap. 

 

Shutdown: 

The port is shut down by the Limit Control module. This state can only be shown if Action is set to 

Shutdown or Trap & Shutdown. 

 

Re-open Button:

 If a port is shut down by this module, you may reopen it by clicking this button, which will only be 

enabled if this is the case. For other methods, refer to Shutdown in the Action section. Note that clicking the Reopen 
button causes the page to be refreshed, so non-committed changes will be lost. 
 
 

4.3.4.2.2 NAS 

Network  Access  Server  configuration  is  useful  to  the  networking  environment  that  wants  to  authenticate  clients 
(supplicants)  before  they  can  access  resources  on  the  protected  network.  To  effectively  control  access  to  unknown 
clients, 802.1X defined by IEEE provides a port-based authentication procedure that can prevent unauthorized access 
to a network by requiring users to first submit credentials for authentication purposes.  
 
A  switch  interconnecting  clients  and  radius  server  usually  acts  as  an  authenticator  and  uses    EAPOL  (Extensible 
Authentication Protocol over LANs) to exchange authentication protocol messages with clients and a remote RADIUS 
authentication  server  to  verify  user  identity  and  user’s  access  right.  This  section  is  for  setting  up  authenticator’s 
configurations  either  on  the  system  or  on  a  per  port  basis.  To  configure  backend  server,  please  go  to  RADIUS 
configuration page. 
 

Summary of Contents for MSW-4424C Series

Page 1: ...1 MSW 4424C MSW 4424CS L2 Gigabit Carrier Ethernet Switch ...

Page 2: ...ed use even if such claim alleges that CTC Union Technologies was negligent regarding the design or manufacture of said product TRADEMARKS Microsoft is a registered trademark of Microsoft Corp HyperTerminal is a registered trademark of Hilgraeve Inc WARNING This equipment has been tested and found to comply with the limits for a Class A digital device pursuant to Part 15 of the FCC Rules These lim...

Page 3: ...16 Draft This manual supports the following models MSW 4424C MSW 4424CS This document is the current official release manual Please check CTC Union s website for any updated manual or contact us by E mail at sales ctcu com Please address any comments for improving this manual or to point out omissions or errors to marketing ctcu com Thank you 2016 CTC Union Technologies Co Ltd All Rights Reserved ...

Page 4: ...Show System and Software Information 27 3 6 7 Show Running Configurations 28 3 6 8 Show History Commands 28 3 6 9 Help 29 3 6 10 Logout 29 3 7 COMMANDS IN USER MODE 29 3 7 1 clear ip arp 30 3 7 2 clear lldp statistics 30 3 7 3 clear statistics 30 3 7 4 enable 30 3 7 5 exit 30 3 7 6 help 30 3 7 7 logout 31 3 7 8 ping ip 31 3 7 9 ping ipv6 31 3 7 10 show commands 31 3 8 COMMANDS IN EXEC MODE 32 3 8 ...

Page 5: ... exec timeout 41 3 8 45 terminal history size 41 3 8 46 terminal length 41 3 8 47 terminal width 42 3 8 48 no port security shutdown 42 3 8 49 show commands 42 3 9 COMMANDS IN CONFIG MODE 42 3 9 1 config aaa authentication login 42 3 9 2 config access management 43 3 9 3 config access list 44 3 9 3 1 config access list ace 44 3 9 3 2 config access list ace update 45 3 9 3 3 config access list rate...

Page 6: ...config eps inst domain 59 3 9 11 4 config eps inst holdoff hold 59 3 9 11 5 config eps inst mep work mep_w mep protect mep_p mep aps mep_aps 60 3 9 11 6 config eps inst revertive 60 3 9 12 config erps 60 3 9 12 1 config erps group guard guard_time_ms 60 3 9 12 2 config erps group holdoff holdoff_time_ms 61 3 9 12 3 config erps group major port0 interface port1 interface port_type port1 interconnec...

Page 7: ...1 22 config ip helper address 79 3 9 21 23 config ip http secure server 79 3 9 21 24 config ip http secure redirect 80 3 9 21 25 config ip igmp host proxy 80 3 9 21 26 config ip igmp snooping 80 3 9 21 27 config ip igmp snooping vlan 81 3 9 21 28 config ip igmp ssm range 81 3 9 21 29 config ip igmp unknown flooding 81 3 9 21 30 config ip name server 81 3 9 21 31 config ip route 82 3 9 21 32 config...

Page 8: ...6 mld snooping unsolicited report interval ipmc_uri 94 3 9 22 config ipmc 94 3 9 22 1 config ipmc profile 94 3 9 22 2 config ipmc profile profile_name 95 3 9 22 3 config ipmc range 95 3 9 22 4 config ipmc profile default range 95 3 9 22 5 config ipmc profile description 96 3 9 22 6 config ipmc profile range 96 3 9 23 config ipv6 mld host proxy 97 3 9 23 1 config ipv6 mld host proxy 97 3 9 23 2 con...

Page 9: ... 116 3 9 27 2 config logging host 117 3 9 27 3 config logging level 117 3 9 28 config loop protect 118 3 9 28 1 config loop protect 118 3 9 28 2 config loop protect shutdown time 118 3 9 28 3 config loop protect transmit time 119 3 9 28 4 config if loop protect 119 3 9 28 5 config if loop protect action 119 3 9 28 6 config if loop protect tx mode 119 3 9 29 config mac 120 3 9 29 1 config mac addre...

Page 10: ...3 9 34 14 config mvr vlan v_vlan_list mode 139 3 9 34 15 config if mvr immediate leave 140 3 9 34 16 config if mvr name 140 3 9 34 17 config if mvr vlan 140 3 9 35 config ntp 141 3 9 35 1 config ntp 141 3 9 35 2 config ntp server 141 3 9 36 config port security 142 3 9 36 1 config port security 142 3 9 36 2 config port security aging 142 3 9 36 3 config port security aging time 142 3 9 36 4 config...

Page 11: ... server 165 3 9 44 2 config snmp server access 166 3 9 44 3 config snmp server community v2c 166 3 9 44 4 config snmp server community v3 167 3 9 44 5 config snmp server contact 167 3 9 44 6 config snmp server engine id local 168 3 9 44 7 config snmp server host 168 3 9 44 8 config snmp server location 168 3 9 44 9 config snmp server security to group model 169 3 9 44 10 config snmp server trap 16...

Page 12: ... 4 config if switchport hybrid acceptable frame type 186 3 9 47 5 config if switchport hybrid allowed vlan 186 3 9 47 6 config if switchport hybrid egress tag 187 3 9 47 7 config if switchport hybrid ingress filtering 187 3 9 47 8 config if switchport hybrid native vlan 187 3 9 47 9 config if switchport hybrid port type 188 3 9 47 10 config if switchport mode 189 3 9 47 11 config if switchport tru...

Page 13: ...ion 207 4 3 2 Ports 208 4 3 3 DHCP 209 4 3 3 1 Server 210 4 3 3 1 1 Mode 210 4 3 3 1 2 Excluded IP 210 4 3 3 1 3 Pool 211 4 3 3 2 DHCP Snooping 213 4 3 3 3 Relay Configuration 214 4 3 4 Security 216 4 3 4 1 Switch 217 4 3 4 1 1 Users 217 4 3 4 1 2 Privilege Levels 217 4 3 4 1 3 Auth Method 219 4 3 4 1 4 SSH 219 4 3 4 1 5 HTTPS 220 4 3 4 1 6 Access Management Configuration 220 4 3 4 1 7 SNMP 221 4 ...

Page 14: ...255 4 3 8 3 MSTI Priorities 256 4 3 8 4 CIST Ports 256 4 3 8 5 MSTI Ports 257 4 3 9 IPMC Profile 258 4 3 9 1 Profile Table 258 4 3 9 2 Address Entry 260 4 3 10 MVR 260 4 3 11 IPMC 262 4 3 11 1 IGMP Snooping 262 4 3 11 1 1 Basic Configuration 263 4 3 11 1 2 VLAN Configuration 264 4 3 11 1 3 Port Filtering Profile 265 4 3 11 2 MLD Snooping 265 4 3 11 2 1 Basic Configuration 266 4 3 11 2 2 VLAN Confi...

Page 15: ... 3 Port Tag Remarking 316 4 3 25 3 Port DSCP 317 4 3 25 4 DSCP Based QoS Ingress Classification 318 4 3 25 5 DSCP Translation 319 4 3 25 6 DSCP Classification 319 4 3 25 7 QoS Control List 320 4 3 25 8 Storm Control 323 4 3 25 9 WRED 323 4 3 26 Mirroring 324 4 3 27 UPnP 324 4 3 28 PTP 325 4 4 MONITOR 330 4 4 1 System 330 4 4 1 1 System Information 330 4 4 1 2 Power Fan 331 4 4 1 3 System CPU Load ...

Page 16: ...Overview 356 4 4 5 4 1 4 RMON Event Overview 357 4 4 6 LACP 357 4 4 6 1 System Status 357 4 4 6 2 Port Status 358 4 4 6 3 Port Statistics 359 4 4 7 Loop Protection 360 4 4 8 Spanning Tree 360 4 4 8 1 Bridge Status 360 4 4 8 2 Port Status 362 4 4 8 3 Port Statistics 363 4 4 9 MVR 363 4 4 9 1 MVR Statistics 363 4 4 9 2 MVR Channel Groups 364 4 4 9 3 MVR SFM Information 364 4 4 10 IPMC 365 4 4 10 1 I...

Page 17: ... Ping6 375 4 6 MAINTENANCE 376 4 6 1 Restart Device 376 4 6 2 Factory Defaults 377 4 6 3 Software 377 4 6 3 1 Upload 377 4 6 3 2 Image Select 377 4 6 4 Configuration 377 4 6 4 1 Save 377 4 6 4 2 Download 378 4 6 4 3 Upload 378 4 6 4 4 Activate 378 4 6 4 5 Delete 379 APPENDIX A CONFIGURATION EXAMPLE FOR Q IN Q APPLICATION 380 ...

Page 18: ...Mbps RJ 45 or 100 1000Mbps SFP ports and 4 1 10Gbps dual speed SFP uplink ports MSW 4424C S series optionally incorporates redundant power modules The supply derives its power from either an AC power source and or DC power source When two modules are installed they provide for power redundancy Fans are located on the rear panel of the device The immediate fan condition can be observed via FAN LED ...

Page 19: ...igure 3 Rear Panel for MSW 4424C MSW 4424CS Fan Module Port21 24 Combo Power Modules options available AC DC 2 AC 2 DC AC DC AC DC Port1 20 100 1000M SFP Console Port Port 25 28 1 10G SFP MGMT Port LED Indicators Default Push Button Earth Ground 1PPS TOD for SyncE ...

Page 20: ... service connection For port 25 to port 28 each of SFP cages may insert any SFP module that supports 1 10G Ethernet connectivity Having SFP option for uplink connectivity offers customers a wide variety of applications for data center enterprise wiring closet and service provider transport Figure 3 Fiber Connections 2 2 MGMT Port Connection The MSW 4424C S have a MGMT Management port for in band m...

Page 21: ...r module Figure 6 IEC AC Power Connector Pin Assignment MSW 4424C S switches also provide DC module for power connection The user must connect the device only to DC input source that has an input supply voltage from 36 to 60 VDC If the power you use is not in this range the device might not operate properly and there is great possibility that the device might be damaged Figure 7 Terminal Block DC ...

Page 22: ... rack mount brackets be sure to correctly align the orientation pin Use the screws provided in the rack mounting kit to securely fasten the brackets Figure 8 Attaching Rack Mounting Brackets Figure 9 The Switch with Rack Mounting Brackets Figure 10 Mounting in Rack ...

Page 23: ...present Off Port link is down or has no link 21 24 SFP Green On Port link is up and works in 100Mbps Blinking Traffic is present Off Port link is down or has no link Yellow On Port link is up and works in 1000Mbps Blinking Traffic is present Off Port link is down or has no link 21 24 RJ 45 Green On Port link is up and works in 100Mbps Yellow On Port link is up and works in 1000Mbps Green Blinking ...

Page 24: ...re in most configuration scenarios the console will only be used to initially configure the IP address so that the device may be accessed via the other methods which require working TCP IP After the device has been properly configured for the application and placed into service a third method of configuration management can be employed using Simple Network Management Protocol SNMP The operator wil...

Page 25: ...ds available in the current mode Up arrow key To view the previous entered commands Down arrow key To view the previous entered commands Tab key To complete an unfinished command 3 5 Command Syntax Commands introduced in this user manual are written using the coherent symbols and easy to understand syntax and style Although users can issue Help command to complete a desired command in CLI it is us...

Page 26: ...3 6 1 Configuring IPv4 Address IP address 192 168 0 101 Subnet mask 255 255 255 0 config terminal config interface vlan 1 config if vlan ip address 192 168 0 101 255 255 255 0 config if vlan exit config exit show ip interface brief Vlan Address Method Status 1 192 168 0 101 24 Manual DOWN 3 6 2 Enter Config Interface Mode Enter Port 3 s Config Interface mode config terminal config interface Gigabi...

Page 27: ...urce code and full license terms must have been made available to you Redboot comes with ABSOLUTELY NO WARRANTY RedBoot fi lo d managed Image loaded from 0x80040000 0x80ae54cc RedBoot go Press ENTER to get started 3 6 5 Load Factory Defaults Load factory default settings reload defaults Reloading defaults Please stand by Load factory defaults but keep IP settings reload defaults keep ip Reloading ...

Page 28: ...configuration username admin privilege 15 password none vlan 1 no smtp server spanning tree mst name 00 02 ab 00 00 01 revision 0 interface GigabitEthernet 1 1 no spanning tree interface GigabitEthernet 1 2 no spanning tree interface GigabitEthernet 1 3 no spanning tree interface GigabitEthernet 1 4 no spanning tree more next page Space continue g quit C 3 6 8 Show History Commands show history co...

Page 29: ...lable options Two styles of help are provided 1 Full help is available when you are ready to enter a command argument e g show and describes each possible argument 2 Partial help is provided when an abbreviated argument is entered and you want to know what arguments match the input e g show pr 3 6 10 Logout To close an active terminal session issue the logout command in User or EXEC mode config ex...

Page 30: ...yntax clear lldp statistics Explanation Clear LLDP statistics 3 7 3 clear statistics Syntax clear statistics interface port_type v_port_type_list port_type Specify the interface type v_port_type_list Specify the ports that you want to clear Explanation Clear statistics of the specified interfaces 3 7 4 enable Syntax enable new_priv new_priv 0 15 Choose a privilege level Explanation Enter the EXEC ...

Page 31: ... the specified destination IPv4 address or host 3 7 9 ping ipv6 Syntax ping ipv6 v_ipv6_addr repeat count size size interval seconds interface vlan v_vlan_id v_ipv6_addr Specify IPv6 address that you want to ping repeat count The number of packets that are sent to the destination IP or host size size The size of the ping packet interval seconds Timeout interval The ping test is successful only whe...

Page 32: ... interface port_type v_port_type_list Parameter interface port_type v_port_type_list Specify the interface that you want to clear Explanation Clear the specified interfaces dot1x statistics 3 8 4 clear eps Syntax clear eps inst wtr Parameter inst Specify the EPS instance number Explanation Clear the specified EPS instance 3 8 5 clear erps Syntax clear erps groups statistics Parameter groups Specif...

Page 33: ...all interface port_type in_port_list Explanation ClearIP DHCP statistics Parameter server client snooping relay helper all Specify the type of information that you want to clear interface port_type in_port_list Specify the interface type and port number 3 8 9 clear ip dhcp relay statistics Syntax clear ip dhcp relay statistics Explanation Clear IP DHCP Relay statistics 3 8 10 clear ip dhcp server ...

Page 34: ...n Clear IP IGMP Snooping statistics 3 8 15 clear ip statistics Syntax clear ip statistics system interface vlan v_vlan_list icmp icmp msg type Explanation Clear IPv4 statistics for system interface and ICMP 3 8 16 clear ipv6 mld snooping Syntax clear ipv6 mld snooping vlan v_vlan_list statistics Explanation Clear statistics for IPv6 MLD Snooping 3 8 17 clear ipv6 neighbors Syntax clear ipv6 neighb...

Page 35: ...nts 3 8 22 clear mac address table Syntax clear mac address table Explanation Clear MAC address table 3 8 23 clear mep Syntax clear mep inst lm dm tst Explanation Clear a specific instance MEP information 3 8 24 clear mvr Syntax clear mvr vlan v_vlan_list name mvr_name statistics Explanation Clear MVR statistics 3 8 25 clear spanning tree Syntax clear spanning tree statistics interface port_type v...

Page 36: ...t to copy to This can be startup config running config or a specific destination file in flash or TFTP server Explanation Save running configurations to startup configurations Example Save running configurations to startup configurations Explanation Save startup configurations to running configurations Example Save running configurations to startup configurations Explanation Save running configura...

Page 37: ...rectory of flash r 1970 01 01 00 00 00 284 default config rw 2015 01 01 01 56 32 1487 startup config rw 2015 01 01 01 56 49 1487 201 3 files 3258 bytes total delete flash 201 dir Directory of flash r 1970 01 01 00 00 00 284 default config rw 2015 01 01 01 56 32 1487 startup config 2 files 1771 bytes total dir Directory of flash r 1970 01 01 00 00 00 284 default config rw 2015 01 01 01 56 32 1487 s...

Page 38: ...pply to this command Explanation To initialize dot1x function in an interface immediately 3 8 33 erps Syntax erps group command clear force manual port0 port1 Explanation Configure ERPS instance Parameters group 1 64 Specify a group number between 1 64 clear force manual Specify an action port0 port1 Specify port0 east or port1 west that applies to this command 3 8 34 firmware swap Syntax firmware...

Page 39: ...uery process 3 8 37 more Syntax more path path Specify the filename Explanation Display file in Flash or in TFTP server 3 8 38 ping ip Syntax ping ip v_ip_addr repeat count size size interval seconds Explanation Ping the specified IP Parameters addr Specify the IPv4 address or IPv6 address for ping test 3 8 39 ping ipv6 Syntax ping ipv6 v_ipv6_addr repeat count size size interval seconds interface...

Page 40: ...rameters keep ip Keep VLAN 1 IP setting 3 8 42 send Syntax send session_list console 0 vty vty_list message Explanation Send messages to other tty lines Parameters session_list console 0 vty vty_list Choose one of the options Specify to denote all tty users session_list Specify a session number between 0 and 16 console 0 This means primary terminal line vty_list Send a message to a virtual termina...

Page 41: ... Negation no terminal exec timeout 3 8 45 terminal history size Syntax terminal history size 0 32 Parameters 0 32 Specify the current history size 0 means to disable Explanation Set up terminal history size Show show terminal show terminal Negation no terminal history size 3 8 46 terminal length Syntax terminal length 0 or 3 512 Parameters 0 or 3 512 Specify the lines displayed on the screen 0 mea...

Page 42: ...e show commands can be issued to display current status or settings of a certain command They will be introduced in Section 3 9 Commands in Config Mode 3 9 Commands in Config Mode 3 9 1 config aaa authentication login Syntax config aaa authentication login console telnet ssh http local radius tacacs local radius tacacs local radius tacacs Explanation Configure the authentication method for the cli...

Page 43: ...ttp Show show aaa 3 9 2 config access management Syntax config access management access_id access_vid start_addr to end_addr web snmp telnet all Explanation Create an access management rule Parameters access_id 1 16 Specify an ID for this access management entry access_vid Indicates the VLAN ID for the access management entry start_addr to end_addr Indicate the starting and ending IP address for t...

Page 44: ...ype any arp etype ipv4 ipv4 icmp ipv4 tcp ipv4 udp ipv6 ipv6 icmp ipv6 tcp ipv6 udp Specify the frame type that applies to this rule ingress any interface PORT_TYPE Specify the ingress port logging Enable logging function mirror Enable the function of mirroring frames to destination mirror port next AceId 1 256 last Insert the current ACE ID before the next ACE ID or put the ACE ID to the last one...

Page 45: ...rule frame type any arp etype ipv4 ipv4 icmp ipv4 tcp ipv4 udp ipv6 ipv6 icmp ipv6 tcp ipv6 udp Specify the frame type that applies to this rule ingress any interface PORT_TYPE Specify the ingress port logging Enable logging function mirror Enable the function of mirroring frames to destination mirror port next AceId 1 256 last Insert the current ACE ID before the next ACE ID or put the ACE ID to ...

Page 46: ... if access list action Syntax config if access list action permit deny Explanation Configure a specific port s action option Parameters permit deny Permit or deny frames on a specific port Show show access list interface port_type v_port_type_list 3 9 3 5 config if access list logging Syntax config if access list logging Explanation Enable a specific port s logging function Show show access list i...

Page 47: ...ig if no access list rate limiter 3 9 3 9 config if access list shutdown Syntax config if access list shutdown Explanation Shutdown this port when specified rules are matched Negation config if no access list shutdown 3 9 3 10 config if access list redirect port copy Syntax config if access list redirect port copy interface port_type port_type_id port_type port_type_list Parameters redirect port c...

Page 48: ...in a trunk port All traffic with the same source and destination TCP UDP port number is output on the same link in a trunk Negation config no aggregation mode Show show aggregation mode 3 9 4 2 config if aggregation group Syntax config if aggregation group unit Explanation Add this specific interface to the specified aggregation group Parameters unit Specify the aggregation group ID Negation confi...

Page 49: ...ed to set the clock forward or backward according to the configurations set for a defined Daylight Saving Time duration Recurring command is used to repeat the configuration every year Parameters summer time word16 Specify a description for this day light setting date start_month_var start_date_var start_year_var start_hour_var end_month_var end_date_var end_year_var end_hour_var offset_var start_...

Page 50: ...ption for this day light setting recurring start_week_var start_day_var start_month_var start_hour_var end_week_var end_day_var end_month_var end_hour_var offset_var start_week_var 1 5 Specify the starting week start_day_var 1 31 Specify the starting day start_month_var 1 12 Specify the starting month start_hour_var hh mm Specify the time to start end_week_var 1 5 Specify the ending week end_day_v...

Page 51: ...limiter ID Parameters rate_limiter_list 1 16 Specify a rate limiter ID Example To default rate limiter 1 3 9 8 config dot1x 3 9 8 1 config dot1x system auth control Syntax config dot1x system auth control Explanation To enable 802 1x service Parameters None Example Enable 802 1x service Negation config no dot1x system auth control Show show dot1x status interface port_type v_port_type_list brief s...

Page 52: ...the time interval for a connected device to be re authenticated By default the re authenticated period is set to 3600 seconds The allowed range is 1 3600 seconds Parameters 1 3600 Specify a re authentication value between 1 and 3600 Example Set re authentication timer to 100 Negation config no dot1x authentication timer re authenticate 3 9 8 4 config dot1x timeout tx period Syntax config dot1x tim...

Page 53: ... timeout quiet period Syntax config dot1x timeout quiet period v_10_to_1000000 Explanation The time after an EAP Failure indication or RADIUS timeout that a client is not allowed access This setting applies to ports running Single 802 1X Multi 802 1X or MAC based authentication By default hold time is set to 10 seconds The allowed range is 10 1000000 seconds Parameters 10 1000000 Specify a value b...

Page 54: ...dius qos radius vlan 3 9 8 8 config dot1x guest vlan Syntax config dot1x guest vlan value Explanation Configure a guest VLAN ID Parameters value 1 4095 Specify the guest VLAN ID The allowed VLAN ID range is from 1 to 4095 Negation config no dot1x guest vlan 3 9 8 9 config dot1x guest vlan supplicant Syntax config dot1x guest vlan supplicant Explanation Enable Guest VLAN supplicant function The swi...

Page 55: ... communication between the supplicant and the switch If more than one supplicant is connected to a port the one that comes first when the port s link comes up will be the first one considered If that supplicant doesn t provide valid credentials within a certain amount of time another supplicant will get a chance Once a supplicant is successfully authenticated only that supplicant will be allowed a...

Page 56: ...ble RADIUS Assigned QoS on the selected interfaces Parameters None Example Enable RADIUS Assigned QoS on port 1 10 Negation config if no dot1x radius qos 3 9 8 14 config if dot1x radius vlan Syntax config if dot1x radius vlan Explanation Enable RADIUS Assigned VLAN on the selected interfaces Parameters None Example Enable RADIUS Assigned VLAN on port 1 10 config t config interface gigabitethernet ...

Page 57: ..._list show dot1x statistics eapol radius all interface port_type v_port_type_list 3 9 9 config if duplex Syntax config if duplex half full auto half full Explanation Configure port s duplex mode Parameters half full auto half full Specify the duplex mode for this specific interface Example Set port 1 s duplex mode to auto Negation config if no duplex Show show interface port_type v_port_type_list ...

Page 58: ...l for this password password Specify the enable mode password Explanation Configure enable secret password and privilege level Negation config no enable secret 0 5 level priv 3 9 11 config eps 3 9 11 1 config eps inst 1plus1 bidirectional unidirectional aps Syntax config eps inst 1plus1 bidirectional unidirectional aps Explanation Configure the EPS 1 plus 1 architecture s direction Parameters inst...

Page 59: ...main Syntax config eps inst domain port evc architecture 1plus1 1for1 work flow flow_w port_type port_w protect flow flow_p port_type port_p Explanation Configure the EPS domain Parameters inst Specify the instance number domain port evc Specify the domain of EPS architecture 1plus1 1for1 Specify that EPS architecture is 1plus1 or 1for1 work flow flow_w port_type port_w Specify the working flow of...

Page 60: ...tect mep_p Specify protect MEP instance mep aps mep_aps Specify APS MEP instance Negation config no eps inst Show show eps inst detail 3 9 11 6 config eps inst revertive Syntax config eps inst revertive 10s 30s 5m 6m 7m 8m 9m 10m 11m 12m Explanation Configure EPS revertive value Parameters inst Specify the instance number 10s 30s 5m 6m 7m 8m 9m 10m 11m 12m Specify revertive value Negation config n...

Page 61: ...rface port1 interface port_type port1 interconnect Syntax config erps group major port0 interface port_type port0 port1 interface port_type port1 interconnect Explanation Create an ERPS instance Parameters group 1 64 Specify a group number The allowed range is from 1 to 64 port_type port0 Specify Port 0 s port type and port number Port 0 is also known as E port East port which is used by some of t...

Page 62: ...S PDU handling MEP When interconnected with the other sub ring 0 is used in this field to indicate that no west APS MEP is associated with this instance Negation config no erps group mep Show show erps groups detail statistics 3 9 12 5 config erps group revertive wtr_time_minutes Syntax config erps group revertive wtr_time_minutes Explanation Configure the Wait to Restore timer in revertive mode P...

Page 63: ...g_id virtual channel Explanation Create a profile and configure the Sub ERPS interface port 0 port 1 Parameters group 1 64 Specify a group number The allowed range is from 1 to 64 port_type port0 Specify sub port s port type and port number port1 interface port_type port1 interconnect major_ring_id virtual channel Specify Port 1 s port type and port numbr or specify major ring s group ID Negation ...

Page 64: ... Specify a group number The allowed range is from 1 to 64 none add remove vlans Specify an option none Do not include any VLANs add remove vlans Add or remove a specific VLAN Negation config no erps group vlan Show show erps groups detail statistics 3 9 13 config evc 3 9 13 1 config evc update evc_id Syntax config evc update evc_id vid evc_vid ivid ivid interface port_type port_list learning disab...

Page 65: ...ast interface port_type port_list outer tag match type untagged tagged c tagged s tagged any vid ot_match_vid any pcp ot_match_pcp any dei ot_match_dei any 1 add mode enable disable vid ot_add_vid preserve disable pcp mode classified fixed mapped pcp ot_add_pcp dei mode classified fixed dp dei ot_add_dei 1 1 inner tag match type untagged tagged c tagged s tagged any frame type any ipv4 ipv6 direct...

Page 66: ...ctional from NNI to UNI evc evc_id none Specify a EVC ID for EVC matching or specify non to map to no EVC ID policer policer_id none discard evc The policer ID filter for matching the ECE The possible values are policer_id If you want to filter a specific policer ID value with this ECE choose this value A field for entering a specific value appears discard All received frames are discarded for the...

Page 67: ...ind mode rate type line data he rate type of the bandwidth profile The allowed values are Data Specify that this bandwidth profile operates on data rate Line Specify that this bandwidth profile operates on line rate cir cir The Committed Information Rate CIR of the bandwidth profile The allowed range is from 0 through 10000000 kilobit per second cbs cbs The Committed Burst Size CBS of the bandwidt...

Page 68: ...config if no flowcontrol Show show interface port_type v_port_type_list status show interface port_type v_port_type_list status 3 9 16 config if geen ethernet 3 9 16 1 config if green ethernet energy detect Syntax config if green ethernet energy detect Explanation Enable power saving function for this specific interface when there is no link partner Negation config if no green ethernet energy dete...

Page 69: ...olutions of per minutes RPM in Monitor System Power Fan section 3 9 18 config gvrp 3 9 18 1 config gvrp Syntax config gvrp Explanation Globally enable GVRP function Parameters None Example Globally enable GVRP function Negation config no gvrp 3 9 18 2 config gvrp max vlans Syntax config gvrp max vlans maxvlans Explanation Set up the maximum number of VLANs can be learned via GVRP Parameters maxvla...

Page 70: ...e greater than the Leave time parameter leave all time leavealltime Specify the amount of time that LeaveAll PDUs are created A LeaveAll PDU indicates that all registrations are shortly de registered Participants will need to rejoin in order to maintain registration The valid value is 1000 to 5000 centi seconds The factory default 1000 centi seconds NOTE The LeaveAll time parameter must be greater...

Page 71: ...hernet port 1 config t config config interface GigabitEthernet 1 1 config if Show show interface port_type in_port_list switchport access trunk hybrid show interface port_type v_port_type_list capabilities show interface port_type v_port_type_list statistics packets bytes errors discards filtered priority priority_v_0_to_7 up down show interface port_type v_port_type_list status show interface por...

Page 72: ...nspection interface port_type in_port_type_list vlan in_vlan_list Clear clear ip arp 3 9 21 2 config ip arp inspection entry interface Syntax config ip arp inspection entry interface port_type in_port_type_id vlan_var mac_var ipv4_var Explanation Create ARP static entry Parameters port_type in_port_type_id Specify the port type and port number vlan_var Specify a configured VLAN ID mac_var Specify ...

Page 73: ... static interface port_type in_port_type_list 3 9 21 4 config ip arp inspection vlan Syntax config ip arp inspection vlan in_vlan_list Explanation Specify ARP inspection is enabled on which VLAN Parameters in_vlan_list Specify a list of VLAN ID to be used for ARP inspection Negation config no ip arp inspection vlan in_vlan_list Show show ip arp show ip arp Clear clear ip arp 3 9 21 5 config ip arp...

Page 74: ...o 1 2 3 10 from DHCP IP allocation pool Negation config no ip dhcp excluded address low_ip high_ip Show show ip dhcp excluded address 3 9 21 7 config ip dhcp pool Syntax config ip dhcp pool pool_name Parameters pool_name Specify the DHCP pool name in 32 characters Explanation Configure the pool name for DHCP IP addresses Negation config no ip dhcp pool pool_name Show show ip dhcp pool 3 9 21 8 con...

Page 75: ...ort and VLAN ID according to RFC 3046 tr 101 Used for defining the switch IP switch port and VLAN ID according to TR 101 alias Use the individual values for port Alias Explanation Specify the appropriate circuit ID format Negation config no ip dhcp relay information circuit id format 3 9 21 10 config ip dhcp relay information option Syntax config ip dhcp relay information option Explanation Enable...

Page 76: ... Example Keep the client s DHCP information Negation config no ip dhcp relay information policy 3 9 21 12 config ip dhcp relay information remote id Syntax config ip dhcp relay information remote id v_line63 Parameters v_line63 Specify remote ID string Explanation Specify the remoted ID inserted in DHCP Relay information option Negation config no ip dhcp relay information remote id Show show ip dh...

Page 77: ...bally When DHCP snooping mode operation is enabled the DHCP request messages will be forwarded to trusted ports and only allow reply packets from trusted ports Example Enable DHCP snooping function Example Set the holdtime to 5 Negation config no ip dhcp snooping Show show ip dhcp snooping interface port_type in_port_list show ip dhcp snooping interface port_type in_port_list show ip dhcp snooping...

Page 78: ...ackup DHCP Snooping table to the specified location of tftp server Explanation Backup DHCP Snooping table to the specified location of tftp server Show show ip dhcp snooping interface port_type in_port_list show ip dhcp snooping interface port_type in_port_list show ip dhcp snooping table 3 9 21 19 config ip dhcp snooping table retransmit Syntax config ip dhcp snooping table retransmit times times...

Page 79: ...ntax config ip helper address v_ipv4_ucast Explanation Configure DHCP Relay server IPv4 address Parameters v_ipv4_ucast Specify DHCP Relay server IPv4 address that is used by the switch s DHCP relay agent Negation config no ip helper address 3 9 21 23 config ip http secure server Syntax config ip http secure server Explanation Enable the HTTPS operation mode When the current connection is HTTPS an...

Page 80: ...t leaves a multicast group Parameters leave proxy The parameter is optional Enable leave proxy function Negation config no ip igmp host proxy leave proxy Show show ip igmp snooping detail 3 9 21 26 config ip igmp snooping Syntax config ip igmp snooping Explanation Globally enable IGMP Snooping feature When enabled this device will monitor network traffic and determine which hosts will receive mult...

Page 81: ...run the SSM service model for the groups in the address range Parameters v_ipv4_mcast Specify valid IPv4 multicast address ipv4_prefix_length Specify the prefix length ranging from 4 to 32 Negation config no ip igmp ssm range 3 9 21 29 config ip igmp unknown flooding Syntax config ip igmp unknown flooding Explanation Set forwarding mode for unregistered not joined IP multicast traffic Select the c...

Page 82: ... It defines how much of a network address that must match in order to qualify for this route Only a default route will have a mask length of 0 as it will match anything v_ipv4_gw This is the IP address of the gateway Valid format is dotted decimal notation Gateway and Network must be of the same type Example Add a new ip route with the following settings Negation config no ip route v_ipv4_addr v_i...

Page 83: ...type in_port_type_id vlan_var ipv4_var mask_var Show show ip source binding dhcp snooping static interface port_type in_port_type_list 3 9 21 34 config ip ssh Syntax config ip ssh Explanation Enable SSH mode Example Enable SSH mode Negation config no ip ssh Show show ip ssh NOTE SSH is preferred to Telnet unless the management network is trusted Telnet passes authentication credentials in plain te...

Page 84: ...ck type request reply both Parameters request reply both Specify the check type rquqest Check ARP rquest packets reply Check ARP reply packets both Check both ARP request and reply packets Explanation Specify the check type for ARP inspection Negation config if no ip arp inspection check type 3 9 21 38 config if ip arp inspection check vlan Syntax config if ip arp inspection check vlan Explanation...

Page 85: ...show ip dhcp snooping interface port_type in_port_list show ip dhcp snooping interface port_type in_port_list 3 9 21 42 config if ip dhcp relay information subscriber id v_line63 Syntax config if ip dhcp relay information subscriber id v_line63 Explanation Use this command to configure DHCP Option 82 subscriber ID on a per port basis Parameters v_line63 Specify DHCP Option 82 suboption 6 subscribe...

Page 86: ...config if ip dhcp snooping limit maximum Syntax config if ip dhcp snooping limit maximum cnt_var Parameter cnt_var 1 32 Specify the maximum number of DHCP clients that can be learnt on this specific port The valid number is 1 to 32 Explanation Enable DHCP Snooping client limit function Negation config if no ip dhcp snooping limit maximum Show show ip dhcp snooping interface port_type in_port_list ...

Page 87: ...st service without sending an IGMP group specific GS query to that interface Negation config if no ip igmp snooping immediate leave Show show ip igmp snooping vlan v_vlan_list group database interface port_type v_port_type_list sfm information detail show ip igmp snooping vlan v_vlan_list group database interface port_type v_port_type_list sfm information detail 3 9 21 49 config if ip igmp snoopin...

Page 88: ...source interface port_type in_port_type_list show ip verify source interface port_type in_port_type_list 3 9 21 52 config if ip verify source limit Syntax config if ip verify source limit 0 2 Explanation Specify the maximum number of dynamic clients that can be learned on a port The available options are 0 1 2 If the port mode is enabled and the maximum number of dynamic clients is equal 0 the swi...

Page 89: ...ver Show show ip dhcp server show ip dhcp server 3 9 21 55 config if vlan ip igmp snooping Syntax config if vlan ip igmp snooping Explanation Eanble IGMP Snooping on this specific VLAN Negation config if vlan no ip igmp snooping Show show ip statistics system interface vlan v_vlan_list icmp icmp msg type show ip statistics system interface vlan v_vlan_list icmp icmp msg type 3 9 21 56 config if vl...

Page 90: ...nooping priority Syntax config if vlan ip igmp snooping priority cos_priority Explanation Specify the priority for transmitting IGMP MLD control frames By default priority is set to 0 Allowed priority values is 0 7 Parameters cos_priority 0 7 Specify COS for this specific VLAN The valid range is 0 to 7 Negation config if vlan no ip igmp snooping priority 3 9 21 59 config if vlan ip igmp snooping q...

Page 91: ... expected packet loss on a subnet If a subnet is susceptible to packet loss this value can be increased The RV value must not be zero and should not be one The value should be 2 or greater By default it is set to 2 Parameters ipmc_rv 1 255 Specify IPMC Robustness Variable value The valid value is 1 255 Negation config if vlan no ip igmp snooping robustness variable 3 9 21 63 config if vlan ip igmp...

Page 92: ...6 mld snooping Explanation Eanble MLD Multicast Listener Discovery Snooping on this specific VLAN Negation config if vlan no ipv6 mld snooping Show show ipv6 statistics system interface vlan v_vlan_list icmp icmp msg type show ipv6 statistics system interface vlan v_vlan_list icmp icmp msg type 3 9 21 66 config if vlan ipv6 mld snooping compatibility Syntax config if vlan ipv6 mld snooping compati...

Page 93: ...6 mld snooping priority cos_priority Explanation Specify the priority for transmitting IGMP MLD control frames By default priority is set to 0 Allowed priority values is 0 7 Parameters cos_priority 0 7 Specify COS for this specific VLAN The valid range is 0 to 7 Negation config if vlan no ipv6 mld snooping priority 3 9 21 69 config if vlan ipv6 mld snooping querier election Syntax config if vlan i...

Page 94: ...e one The value should be 2 or greater By default it is set to 2 Parameters ipmc_rv 1 255 Specify IPMC Robustness Variable value The valid value is 1 255 Negation config if vlan no ipv6 mld snooping robustness variable 3 9 21 73 config if vlan ipv6 mld snooping unsolicited report interval ipmc_uri Syntax config if vlan ipv6 mld snooping unsolicited report interval ipmc_uri Explanation The Unsolici...

Page 95: ...st_1 v_ipv6_mcast v_ipv6_mcast_1 Explanation Specify the multicast IP range The available IP range is from 224 0 0 0 239 255 255 255 Parameters entry_name The name used in specifying the address range v_ipv4_mcast v_ipv4_mcast_1 v_ipv6_mcast v_ipv6_mcast_1 Specify the multicast IP range The available IP range is from 224 0 0 0 239 255 255 255 Negation config no no ipmc range entry_name Show show i...

Page 96: ... ipmc profile show ipmc profile profile_name detail 3 9 22 6 config ipmc profile range Syntax config ipmc profile range entry_name permit deny log next next_entry Parameters entry_name Specify an entry name permit deny Specify the action taken upon receiving the Join Report frame that has the group address matches the address range of the rule Permit Group address matches the range specified in th...

Page 97: ...xample Enable IPv6 MLD Proxy Example Enable IPv6 MLD proxy Negation config no ipv6 mld host proxy Show show ipv6 mld snooping vlan v_vlan_list group database interface port_type v_port_type_list sfm information detail show ipv6 mld snooping vlan v_vlan_list group database interface port_type v_port_type_list sfm information detail 3 9 23 2 config ipv6 mld host proxy leave proxy Syntax config ipv6 ...

Page 98: ...filters accordingly Example Enable IPv6 MLD snooping Negation config no ipv6 mld snooping Show show ipv6 mld snooping vlan v_vlan_list group database interface port_type v_port_type_list sfm information detail show ipv6 mld snooping vlan v_vlan_list group database interface port_type v_port_type_list sfm information detail 3 9 23 4 config ipv6 mld snooping vlan Syntax config ipv6 mld snooping vlan...

Page 99: ..._list group database interface port_type v_port_type_list sfm information detail 3 9 23 6 config ipv6 mld unknown flooding Syntax config ipv6 mld unknown flooding Explanation Enable forwarding mode for unregistered not joined IP multicast traffic Example To flood unregistered IPv6 multicast traffic Example Enable IPv6 MLD proxy Negation config no ipv6 mld unknown flooding Show show ipv6 mld snoopi...

Page 100: ...mld snooping vlan v_vlan_list group database interface port_type v_port_type_list sfm information detail show ipv6 mld snooping vlan v_vlan_list group database interface port_type v_port_type_list sfm information detail 3 9 23 9 config if ipv6 mld snooping immediate leave Syntax config if ipv6 igmp snooping immediate leave Explanation Enable fast leave function on a specific port When a leave pack...

Page 101: ...ent multicast groups supported by the attached router switch to ensure that multicast traffic is passed to all appropriate interfaces within the switch Negation config if no ipv6 mld snooping mrouter Show show ipv6 mld snooping vlan v_vlan_list group database interface port_type v_port_type_list sfm information detail show ipv6 mld snooping mrouter detail show ipv6 mld snooping vlan v_vlan_list gr...

Page 102: ...s in an aggregated link group must have the same LACP port Key In order to allow a port to join an aggregated group the port Key must be set to the same value Negation config if no lacp key v_1_to_65535 auto Show show lacp internal statistics system id neighbour 3 9 24 4 config if lacp port priority v_1_to_65535 Syntax config if lacp port priority v_1_to_65535 Explanation Configure a LACP key for ...

Page 103: ...d neighbour 3 9 24 6 config if lacp timeout fast slow Syntax config if lacp timeout fast slow Explanation Configure timeout mode Parameters fast slow The Timeout controls the period between BPDU transmissions Fast will transmit LACP packets each second while Slow will wait for 30 seconds before sending a LACP packet Negation config if no lacp timeout fast slow Show show lacp internal statistics sy...

Page 104: ...aaa settings 3 9 25 3 config line editing Syntax config line editing Explanation Enable command line editing Negation config line no editing Show show line alive show line alive 3 9 25 4 config line end Syntax config line end Explanation Return to EXEC mode Example Return to EXEC mode config t config line console 0 config line do show aaa console local telnet local ssh local http local config line...

Page 105: ...exec timeout min sec Parameters min Specify timeout in minutes The allowed range is 0 to 1440 Specify 0 to disable timeout function CLI session will never timeout sec Specify timeout in seconds The allowed range is 0 to 3600 Negation config line no exec timeout Show show line alive show line alive 3 9 25 7 config line exit Syntax config line exit Explanation Return to Config mode Example Return to...

Page 106: ...e show line alive config t config line console 0 config line history size 10 config t config line console 0 config line help Help may be requested at any point in a command by entering a question mark If nothing matches the help list will be empty and you must backup until entering a shows the available options Two styles of help are provided 1 Full help is available when you are ready to enter a ...

Page 107: ... 9 25 11 config line location Syntax config line location location Explanation Configure the descriptive location of this device Parameters location Location description for the terminal The characters allowed are 32 Example Configure the location cabinet5a Negation config line no location Show show line alive show line alive 3 9 25 12 config line motd banner Syntax config line motd banner Explana...

Page 108: ...mple Change the privilege level to 5 for vty 1 Negation config line no privilege level Show show line alive show line alive 3 9 25 14 config line width Syntax config line width width Explanation Configure the width of the terminal line Parameters width Specify the width of the terminal line The allowed range is 40 to 512 Specify 0 for unlimited width Example Change of width of vty 1 to 60 config t...

Page 109: ...holdtime to 5 Negation config no lldp holdtime 3 9 26 2 config lldp reinit Syntax config lldp reinit val Explanation Configure a delay between the shutdown frame and a new LLDP initialization Parameters val Specify a value between 1 and 10 seconds Example Set the LLDP re initiation value to 3 Negation config no lldp reinit 3 9 26 3 config lldp timer Syntax config lldp timer val Explanation Configu...

Page 110: ...on The Map Datum is used for the coordinates given in above options Parameters wgs84 nad83 navd88 nad83 mllw Specify one of the options WGS84 Geographical 3D World Geodesic System 1984 CRS Code 4327 Prime Meridian Name Greenwich NAD83 NAVD88 North American Datum 1983 CRS Code 4269 Prime Meridian Name Greenwich The associated vertical datum is the North American Vertical Datum of 1988 NAVD88 This d...

Page 111: ...d interval will be transmitted when a LLDP frame with new information is received It should be noted that LLDP MED and the LLDP MED Fast Start mechanism is only intended to run on links between LLDP MED Network Connectivity Devices and Endpoint Devices and as such does not apply to links between LAN infrastructure elements including between Network Connectivity Devices or to other types of links P...

Page 112: ...number place type postal community name p o box additional code Specify one of the options country The two letter ISO 3166 country code in capital ASCII letters Example DK DE or US state National subdivisions state canton region province prefecture county County parish gun Japan district city City township shi Japan Example Copenhagen district City division borough city district ward chou Japan bl...

Page 113: ...onfig lldp med location tlv elin addr Syntax config lldp med location tlv elin addr v_word25 Explanation Configure a value for Emergency Location Information Parameters v_word25 A value for Emergency Location Information ELIN Example Set the emergency location information to 911 Negation config no lldp med location tlv elin addr 3 9 26 10 config lldp med location tlv latitude Syntax config lldp me...

Page 114: ... softphone voice video conferencing streaming video video signaling tagged v_vlan_id untagged l2 priority v_0_to_7 dscp v_0_to_63 Explanation Configure a LLDP MED policy ID for a service Parameters policy_index Specify a policy ID The valid range is from 0 to 31 voice voice signaling guest voice signaling guest voice softphone voice video conferencing streaming video video signaling Specify one of...

Page 115: ... apply MED Media VLAN policy of LLDP on this interface Parameters v_range_list Assign a policy to this interface Negation config if no lldp med media vlan policy list v_range_list Show show lldp med media vlan policy v_0_to_31 show lldp med media vlan policy v_0_to_31 3 9 26 15 config if lldp med transmit tlv Syntax config if lldp med transmit tlv capabilities location network policy Explanation T...

Page 116: ... discover neighbour devices These attributes contains type length and value descriptions and are referred to TLVs Details such as port description system name system description system capabilities management address can be sent from this device Negation config if no lldp tlv select management address port description system capabilities system description system name Show show lldp neighbors inte...

Page 117: ...eters hostname ipv4_ucast Specify one of the options The hostname is the domain name of the log server while the latter is IPv4 address of the log server Explanation Configure log server address Example Use IPv4 address to configure log server Example Set the holdtime to 5 Negation config no logging host Show show logging show logging logging_id 1 4294967295 show logging info warning error 3 9 27 ...

Page 118: ...e port_type plist 3 9 28 2 config loop protect shutdown time Syntax config loop protect shutdown time t Explanation Configure the period for which a port will be kept disabled Parameters t 0 604800 Specify a shutdown time value The valid values are from 0 to 604800 seconds 0 means that a port is kept disabled until next device restart Example Set the shutdown time value to 180 seconds Negation con...

Page 119: ...egation config if no loop protect Show show loop protect interface port_type plist 3 9 28 5 config if loop protect action Syntax config if loop protect action shutdown log Explanation Configure the action taken when loops are detected on a port Parameters shutdown log When a loop is detected on a port the loop protection will immediately take appropriate actions Actions will be taken include Shutd...

Page 120: ..._addr vlan v_vlan_id vlan v_vlan_id_1 interface port_type v_port_type_list_1 show mac address table conf static aging time learning count interface port_type v_port_type_list address v_mac_addr vlan v_vlan_id vlan v_vlan_id_1 interface port_type v_port_type_list_1 show mac address table aging time 3 9 29 2 config mac address table static Syntax config mac address table static v_mac_addr vlan v_vla...

Page 121: ...re that the link used for managing the switch is added to the Static Mac Table before changing to secure learning mode otherwise the management link is lost and can only be restored by using another non secure port or by connecting to the switch via the serial interface Negation config if no mac address table learning secure Show show mac address table conf static aging time learning count interfa...

Page 122: ... Point mode up down Specify the traffic direction either Ingress or Egress for monitoring on a residence port domain port evc vlan Specify a domain option Port This is a MEP in the Port Domain Flow Instance is a Port CURRENTLY Port is available for use Evc This is a MEP in the EVC Domain Flow Instance is a EVC The EVC must be created VLAN This is a MEP in the VLAN Domain Flow Instance is a VLAN Th...

Page 123: ...stance ID number aps prio The priority to be inserted as PCP bits in TAG if any multi uni Specify an option multi OAM PDU is transmitted with multicast MAC Must be multi in case of RAPS Ring Automatic Protection Switching Protocol uni OAM PDU is transmitted with unicast MAC The MAC is taken from peer MEP MAC database This option is only possible in case of LAPS Linear Automatic Protection Switchin...

Page 124: ...detail 3 9 32 5 config mep inst client domain Syntax config mep inst client domain evc vlan Explanation Configure client domain of a MEP instance Parameters inst Specify an instance ID number cc Continuity Check evc vlan The client layer domain Options available are EVC and VLAN domain Show show mep inst peer cc lm dm lt lb tst aps client ais lck detail 3 9 32 6 config mep inst client flow Syntax ...

Page 125: ...surement DM priority value Priority in case of tagged OAM In the EVC domain this is the COS ID multi uni mep id mepid Specify multicast or unicast MEP ID single dual One Way or Two Way Delay Measurement implemented on 1DM or DMM DMR respectively rdtrp flow Specify one value rdtrp The frame delay calculated by the transmitting and receiving timestamps of initiators Frame Delay RxTimeb TxTimeStampf ...

Page 126: ...m overflow reset Explanation Reset all Delay Measurement results on total delay counter overflow Parameters inst Specify an instance ID number Negation config no mep inst dm overflow reset Show show mep inst peer cc lm dm lt lb tst aps client ais lck detail Clear clear mep inst lm dm tst 3 9 32 10 config mep inst dm proprietary Syntax config mep inst dm proprietary Explanation Use proprietary Dela...

Page 127: ...ance ID number lb prio 0 7 Configure loopback priority The priority to be inserted as PCP bits in TAG if any dei The DEI to be inserted as PCP bits in TAG if any multi uni mep id mepid mac mac Specify LBM PDU to be transmitted as unicast or multicast The unicast MAC will be configured through Peer MEP or Unicast Peer MAC To wards MIP only unicast Loop Back is possible count count The number of LBM...

Page 128: ...inst lm prio multi uni single dual fr10s fr1s fr6m fr1m fr6h flr flr Explanation Configure Locked Frame Rate of a MEP Parameters inst Specify an instance ID number lm prio 0 7 Configure loss measurement priority in case of tagged OAM In the EVC domain this is the COS ID multi uni multi OAM PDU is transmitted with multicast MAC uni OAM PDU is transmitted with unicast MAC The MAC is taken from peer ...

Page 129: ...ation config no mep inst lt Show show mep inst peer cc lm dm lt lb tst aps client ais lck detail 3 9 32 17 config mep inst meg id Syntax config mep inst meg id megid itu itu cc ieee name name Explanation To configure MEG ID format Parameters inst Specify an instance ID number meg id megid Specify a MEG ID string This is either the ITU MEG ID or the IEEE Short MA depending on the selected MEG ID fo...

Page 130: ...rs inst Specify an instance ID number Negation config no mep inst performance monitoring 3 9 32 20 config mep inst tst Syntax config mep inst tst prio dei mep id mepid sequence all zero all one one zero rate rate size size Explanation Enable test signal of MEP Parameters inst Specify an instance ID number tst prio 0 7 Configure the test signal priority in case of tagged OAM In the EVC domain this ...

Page 131: ...MEP Parameters inst Specify an instance ID number Negation config no mep inst tst rx Show show mep inst peer cc lm dm lt lb tst aps client ais lck detail Clear clear mep inst lm dm tst 3 9 32 22 config mep inst tst tx Syntax config mep inst tst tx Explanation Enable test signal TX transmission of MEP Parameters inst Specify an instance ID number Negation config no mep inst tst tx Show show mep ins...

Page 132: ...ig monitor destination interface Syntax config monitor destination interface port_type in_port_type Explanation Configure which port traffic should be mirrored to Parameters port_type Specify the interface type in_port_type Specify the port number Example Set the traffic to be mirrored to Gigabit Ethernet port 10 Negation config no monitor destination 3 9 33 2 config monitor source Syntax config m...

Page 133: ... 9 34 1 config mvr Syntax config mvr Explanation Enable MVR function Example Enable MVR function Negation config no mvr Show show mvr show mvr 3 9 34 2 config mvr name mvr_name channel Syntax config mvr name mvr_name channel profile_name Explanation Configure MVR name and channel Parameters mvr_name Specify a name for this MVR entry The allowed characters are 16 profile_name Specify a channel name...

Page 134: ...onfig no mvr name mvr_name frame priority Show show mvr vlan v_vlan_list name mvr_name group database interface port_type v_port_type_list sfm information detail show mvr vlan v_vlan_list name mvr_name group database interface port_type v_port_type_list sfm information detail 3 9 34 4 config mvr name mvr_name frame tagged Syntax config mvr name mvr_name frame tagged Explanation Tagged IGMP MLD fra...

Page 135: ...e mvr_name last member query interval Syntax config mvr name mvr_name last member query interval ipmc_lmqi Explanation Configure the maximum time to wait for IGMP MLD report memberships on a receiver port before removing the port from multicast group membership Parameters mvr_name Specify a name for this MVR entry The allowed characters are 16 ipmc_lmqi Specify the LMQI Last Member Query Interval ...

Page 136: ...m information detail show mvr vlan v_vlan_list name mvr_name group database interface port_type v_port_type_list sfm information detail 3 9 34 8 config mvr vlan v_vlan_list Syntax config mvr vlan v_vlan_list name mvr_name Explanation Configure a MVR VLAN and its corresponding MVR name Parameters v_vlan_list Specify multicast VLAN ID name mvr_name Specify a name for this MVR entry This argument is ...

Page 137: ...e_list sfm information detail 3 9 34 10 config mvr vlan v_vlan_list frame priority Syntax config mvr vlan v_vlan_list frame priority cos_priority Explanation Configure the priority for transmitting IGMP MLD control frames for the specified MVR VLAN ID Parameters v_vlan_list Specify MVR VLAN ID for this entry cos_priority Specify a Cos priority for this MVR entry The allowed range is from 0 to 7 Ex...

Page 138: ... config mvr vlan v_vlan_list igmp address Syntax config mvr vlan v_vlan_list igmp address v_ipv4_ucast Explanation Configure IGMP IPv4 address for the specified MVR entry Parameters v_vlan_list Specify MVR VLAN ID for this entry v_ipv4_ucast Specify the IPv4 unicast address as source address used in IP header for IGMP control frames Example Set up a MVR VLAN 201 and its corresponding IGMP address ...

Page 139: ..._list name mvr_name group database interface port_type v_port_type_list sfm information detail show mvr vlan v_vlan_list name mvr_name group database interface port_type v_port_type_list sfm information detail 3 9 34 14 config mvr vlan v_vlan_list mode Syntax config mvr vlan v_vlan_list mode dynamic compatible Explanation Configure MVR mode Parameters v_vlan_list Specify MVR VLAN ID for this entry...

Page 140: ...ig if mvr name Syntax config if mvr name mvr_name type source receiver Explanation Configure port role of specific MVR profile for specific interface Parameters mvr_name Specify a MVR name The maximum length of the MVR name string is 16 Both alphabets and numbers are allowed for use source receiver Specify MVR port role source MVR source port receiver MVR receiver port Negation config if no mvr na...

Page 141: ...are tried in numeric order If Server 1 is unavailable the NTP client will try to contact Server 2 ipv4_var ipv6_var name_var Specify one of the three options ipv4_var IPv4 address ipv6_var IPv6 address is in 128 bit records represented as eight fields of up to four hexadecimal digits with a colon separating each field For example fe80 215 c5ff fe03 4dc7 The symbol is a special syntax that can be u...

Page 142: ...ted and the corresponding resources are freed on the switch Example Enable port security aging function Negation config no port security aging Show show port security port interface port_type v_port_type_list show port security port interface port_type v_port_type_list 3 9 36 3 config port security aging time Syntax config port security aging time v_10_to_10000000 Explanation Configure a desired a...

Page 143: ...t 3 9 36 5 config if port security maximum Syntax configt if port security maximum v_1_to_1024 Explanation The maximum number of MAC addresses that can be secured on this port The number cannot exceed 1024 If the limit is exceeded the corresponding action is taken Parameters v_1_to_1024 Specify a value between 1 and 1024 Example Limit Gigabit Ethernet port 1 10 s MAC addresses can be learnt to 5 N...

Page 144: ...w addresses will be learned Even if the link is physically disconnected and reconnected on the port by disconnecting the cable the port will remain shut down There are three ways to re open the port Boot the switch Disable and re enable Limit Control on the port or the switch Click the Reopen button Example Send a SNMP trap when the limit is exceeded Negation configt if no port security violation ...

Page 145: ...ans that VLAN IDs and Private VLAN IDs can be identical A port must be a member of both a VLAN and a Private VLAN to be able to forward packets By default all ports are VLAN unaware and members of VLAN 1 and Private VLAN 1 A VLAN unaware port can only be a member of one VLAN but it can be a member of multiple Private VLANs Parameters pvlan_list Specify the private VLAN ID Negation config if no pvl...

Page 146: ...8 22 DSCP 20 23 DSCP 22 31 DSCP 26 32 DSCP 28 33 DSCP 30 41 DSCP 34 42 DSCP 36 cs1 cs2 cs3 cs4 cs5 cs6 cs7 Class selector PHB CS1 precedence 1 DSCP 8 CS2 precedence 2 DSCP 16 CS3 precedence 3 DSCP 24 CS4 precedence 4 DSCP 32 CS5 precedence 5 DSCP 40 CS6 precedence 6 DSCP 48 CS7 precedence 7 DSCP 56 ef Expedited Forwarding PHB DSCP 46 va Voice Admit PHB DSCP 44 Explanation Configure the COS DSCP ma...

Page 147: ...ort_type port wred maps dscp cos dscp ingress translation dscp classify cos dscp dscp egress translation storm qce qce 3 9 39 3 config qos map dscp cos Syntax config qos map dscp cos dscp_num be af11 af12 af13 af21 af22 af23 af31 af32 af33 af41 af42 af43 cs1 cs2 cs3 cs4 cs5 cs6 cs7 ef va cos cos dpl dpl Explanation Configure the DSCP based QoS Ingress classification Parameters dscp cos dscp_num be...

Page 148: ...planation Configure the DSCP Egress Mapping Table Parameters dscp egress translation dscp_num be af11 af12 af13 af21 af22 af23 af31 af32 af33 af41 af42 af43 cs1 cs2 cs3 cs4 cs5 cs6 cs7 ef va Specify one of the DSCP values dscp_num 0 63 The allowed number is from 0 to 63 be Default PHB DSCP 0 for best effort traffic af11 af12 af13 af21 af22 af23 af31 af32 af33 af41 af42 af43 Assured Forwarding PHB ...

Page 149: ...1 af12 af13 af21 af22 af23 af31 af32 af33 af41 af42 af43 Assured Forwarding PHB AF 11 DSCP 10 12 DSCP 12 13 DSCP 14 21 DSCP 18 22 DSCP 20 23 DSCP 22 31 DSCP 26 32 DSCP 28 33 DSCP 30 41 DSCP 34 42 DSCP 36 cs1 cs2 cs3 cs4 cs5 cs6 cs7 Class selector PHB CS1 precedence 1 DSCP 8 CS2 precedence 2 DSCP 16 CS3 precedence 3 DSCP 24 CS4 precedence 4 DSCP 32 CS5 precedence 5 DSCP 40 CS6 precedence 6 DSCP 48 ...

Page 150: ...Explanation To update the QCE Parameters update Update the QCE qce_id Specify the QCE ID next qce_id_next last Put this QCE next to the specified one or to the last one interface port_type port_list Specify port type and port number that apply to this updated QCE rule smac smac smac_24 any Set up the matched SMAC dmac dmac unicast multicast broadcast any Set up the matached DMAC tag type untagged ...

Page 151: ...than 00 00 00 then valid value of the PID will be any value from 0x0000 to 0xffff ipv4 proto IPv4 frame type includes Any TCP UDP Other If TCP or UDP is specified you might further define Sport Source port number and Dport Destination port number sip Specify source IP type By default any is used Indicate self defined source IP and submask format The address and mask must be in the format x y z w w...

Page 152: ...Specify the lowest RED threshold If the average queue filling level is below this threshold the drop probability is zero This valid value for this field is 0 100 mdp 1 mdp_1 Controls the drop probability for the frames marked in drop precedence level 1 when the average queue filling level is 100 The valid value is 0 100 mdp 2 mdp_2 Controls the drop probability for the frames marked in drop preced...

Page 153: ...P1 field remap dp Frame with DSCP from analyzer is remapped and remarked with the remapped DSCP value The remapped DSCP value is always taken from the DSCP Translation table Egress Remap DP0 field Negation config if no qos dscp remark Show show qos show qos interface port_type port wred maps dscp cos dscp ingress translation dscp classify cos dscp dscp egress translation storm qce qce 3 9 39 11 co...

Page 154: ...e of QoS for specific interface Parameters queue 0 7 Specify a queue or a range rate 100 13200000 Specify shaper rate in kbps excess Allow all excess bandwidth Negation config if no qos egress queue shaper queue queue Show show qos show qos interface port_type port wred maps dscp cos dscp ingress translation dscp classify cos dscp dscp egress translation storm qce qce 3 9 39 14 config if qos egres...

Page 155: ...gress translation storm qce qce 3 9 39 16 config if qos egress wrr Syntax config if qos egress wrr w0 w1 w2 w3 w4 w5 Explanation Assign egress weight for QoS queueing method WRR stands for Weighted Round Robin and uses default queue weights The number of packets serviced during each visit to a queue depends on the percentages you configure for the queues Parameters w0 1 100 Specify weight for queu...

Page 156: ...igure DEI Drop Eligible Indicator value on this selecte infterface Parameters dei Specify DEI for untagged frames Negation config if no qos ingress dei Show show qos show qos interface port_type port wred maps dscp cos dscp ingress translation dscp classify cos dscp dscp egress translation storm qce qce 3 9 39 19 config if qos ingress dpl Syntax config if qos ingress dpl dpl Explanation Configure ...

Page 157: ... cos dscp dscp egress translation storm qce qce 3 9 39 21 config if qos ingress pcp Syntax config if qos ingress pcp pcp Explanation Configure PCP value for specific interface Parameters pcp pcp 0 7 Specify a PCP Priority Code Point value Negation config if no qos ingress pcp Show show qos show qos interface port_type port wred maps dscp cos dscp ingress translation dscp classify cos dscp dscp egr...

Page 158: ... a range rate 100 13200000 Specify shaper rate in kbps Negation config if no qos ingress queue policer queue queue Show show qos show qos interface port_type port wred maps dscp cos dscp ingress translation dscp classify cos dscp dscp egress translation storm qce qce 3 9 39 24 config if qos ingress shaper Syntax config if qos ingress shaper rate burst has_burst_size Explanation Configure ingress s...

Page 159: ...qos ingress trust tag Show show qos show qos interface port_type port wred maps dscp cos dscp ingress translation dscp classify cos dscp dscp egress translation storm qce qce 3 9 39 27 config if qos storm Syntax config if qos storm unicast broadcast unknown rate fps Explanation Configure broadcast storm control rate for QoS on the selected ports Parameters unicast multicast broadcast Specify the s...

Page 160: ... radius server attribute 4 Syntax config radius server attribute 4 ipv4 Explanation Configure NAS IPv4 address Parameters ipv4 Specify NAS IPv4 address Example Set NAS IPv4 address to 100 1 1 25 Negation config no radius server attribute 4 Show show radius server statistics 3 9 40 3 config radius server attribute 95 Syntax config radius server attribute 95 ipv6 Explanation Configure NAS IPv6 addre...

Page 161: ...nfigure Radius server Parameters host_name Specify the hostname or IP address for the radius server The allowed characters are 1 to 255 auth port auth_port Specify the UDP port to be used on the RADIUS server for authentication acct port acct_port Specify the UDP port to be used on the RADIUS server for accounting timeout seconds Specify a timeout value If timeout value is specified here it will r...

Page 162: ...t does not respond If the server does not respond after the last retransmit is sent the switch considers the authentication server is dead Parameters retries Specify RADIUS server retransmit value The valid range is 1 to 1000 Example Set RADIUS server retransmit value to 5 Negation config no radius server retransmit Show show radius server statistics 3 9 40 8 config radius server timeout Syntax co...

Page 163: ...fOutDiscards ifOutErrors interval The polling interval for sampling and comparing the rising and falling threshold The range is from 1to 2 31 2147483647 seconds absolute delta Test for absolute or relative change in the specified variable Absolute The variable is compared to the thresholds at the end of the sampling period Delta The last sample is subtracted from the current value and the differen...

Page 164: ...n the event is triggered a RMON log entry will be generated trap community A password like community string sent with the trap Although the community string can be set on this configuration page it is recommended that it be defined on the SNMP trap configuration page prior to configuring it here The allowed characters are 0 127 description description Enter a descriptive comment for this entry Neg...

Page 165: ...using this command Parameters id Specify an ID index The range is 1 65535 Negation config if no rmon collection stats id Show show rmon statistics id_list 3 9 43 config if shutdown Syntax config if shutdown Explanation Shutdown this specific interface Negation config if no shutdown Show show interface port_type v_port_type_list status 3 9 44 config snmp server 3 9 44 1 config snmp server Syntax co...

Page 166: ...y noauth No authentication and no privacy priv Authentication and privacy read view_name The name of the MIB view defining the MIB objects for which this request may request the current values The allowed string length is 1 to 32 and the allowed content is ASCII characters from 0x21 to 0x7E write write_name The name of the MIB view defining the MIB objects for which this request may potentially se...

Page 167: ...ipv4_netmask Specify IPv4 address and subnet mask address Negation config no snmp server community v3 word127 Show show snmp show snmp community v3 3 9 44 5 config snmp server contact Syntax config snmp server contact v_line255 Explanation Configure system contact information Parameters v_line255 Specify system contact information This could be a person s name email address or other descriptions T...

Page 168: ...server host Syntax config snmp server host conf_name Explanation Configure SNMP server hostname Parameters conf_name word 32 Specify a host name Once Enter is pressed the CLI prompt changes to config snmps host Example Set SNMP server hostname to RemoteSnmp Negation config snmp server host conf_name Show show snmp host conf_name system switch power interface aaa 3 9 44 8 config snmp server locatio...

Page 169: ...el v1 v2c v3 name security_name Show show snmp security to group v1 v2c v3 security_name 3 9 44 10 config snmp server trap Syntax config snmp server trap Explanation Enable SNMP server trap function Example Enable SNMP server trap function Negation config no snmp server trap Show show snmp 3 9 44 11 config snmp server user Syntax configt snmp server user username engine id engineID md5 md5_passwd ...

Page 170: ...racters from 0x21 to 0x7E sha sha_passwd An optional flag to indicate that this user uses SHA authentication protocol A string identifying the authentication password phrase For MD5 authentication protocol the allowed string length is 8 to 32 characters For SHA authentication protocol the allowed string length is 8 to 40 characters The allowed content is ASCII characters from 0x21 to 0x7E priv des...

Page 171: ...ded In general if a view entry s view type is excluded there should be another view entry existing with view type as included and it s OID subtree should overstep the excluded view entry Negation config no snmp server view view_name oid_subtree Show show snmp view view_name oid_subtree 3 9 44 14 config if snmp server host conf_name traps Syntax config if snmp server host conf_name traps linkup lin...

Page 172: ... character must be an alpha character and the first and last characters cannot be a dot or a dash udp_port Indicates the SNMP trap destination port SNMP Agent will send SNMP message via this port the port range is 1 65535 The default SNMP trap port is 162 traps informs Specify one of the options Negation config snmps host no host 3 9 44 17 config snmps host version Syntax config snmps host version...

Page 173: ...mple Support SNMPv2c version Negation config snmps host no version 3 9 44 18 config snmps host informs retries Syntax config snmps host informs retries retries timeout timeout Explanation Configure SNMP trap retry times and timeout Parameters retries Indicates the SNMP trap inform retry times The allowed range is 0 to 255 timeout Indicates the SNMP trap inform timeout The allowed range is 0 to 214...

Page 174: ...er failure warmstart The switch has been rebooted from an already powered on state switch stp rmon Indicates that the Switch group s traps Possible traps are stp Enable STP trap rmon Enable RMON trap Example Send a trap notice when any authentication fails Negation config snmps host no traps Show show snmp host conf_name system switch interface aaa 3 9 45 config spanning tree 3 9 45 1 config spann...

Page 175: ...dge Show show spanning tree 3 9 45 4 config stp aggr spanning tree bpdu guard Syntax config stp aggr spanning tree bpdu guard Explanation Enable BPDU guard function This feature protects ports from receiving BPDUs It can prevent loops by shutting down a port when a BPDU is received instead of putting it into the spanning tree discarding state If enabled the port will disable itself upon receiving ...

Page 176: ... mst instance cost cost auto Explanation Configure MSTI and its path cost value Parameters mst instance 0 15 Specify MST instance number Specify 0 to denote CIST Specify 1 15 to denote MSTI 1 15 cost cost auto Specify a Path cost value that is used to determine the best path between devices Valid values are 1 to 200000000 If auto mode is specified the system automatically detects the speed and dup...

Page 177: ... aggr spanning tree restricted tcn Syntax config stp aggr spanning tree restricted tcn Explanation Enable restricted TCN function If enabled this causes the port not to propagate received topology change notifications and topology changes to other ports Negation config stp aggr no spanning tree restricted tcn Show show spanning tree 3 9 45 11 config spanning tree edge bpdu filter Syntax config spa...

Page 178: ...With this function enabled when edge ports receive configuration BPDUs STP disables those affected edge ports After a period of recovery time those disabled ports are re activated Example Enable edge BPDU guard function Negation config no spanning tree edge bpdu guard Show show spanning tree 3 9 45 13 config spanning tree mode Syntax config spanning tree mode stp rstp mstp Parameters stp rstp mstp...

Page 179: ...e mst instance vlan v_vlan_list Parameters instance 0 7 Specify an instance ID 0 means CIST 1 7 means MSTI 1 7 v_vlan_list Specify a list of VLANs for the specified MST instance Separate VLANs with a comma and use hyphen to denote a range of VLANs Example 2 5 20 40 Explanation Specify VLANs mapped to a certain MSTI Both a single VLAN and a range of VLANs are allowed Example Map MST Instance 1 to V...

Page 180: ...lid values are 6 to 40 seconds and Max Age values must be smaller than or equal to Forward Delay 1 2 Example Set the max age to 20 seconds Negation config no spanning tree mst max age Show show spanning tree 3 9 45 18 config spanning tree mst max hops Syntax config spanning tree mst max hops maxhops Parameters maxhops Specify the maximum hop count value The valid range is from 6 to 40 Explanation ...

Page 181: ... mst name Show show spanning tree 3 9 45 20 config spanning tree recovery interval Syntax config spanning tree recovery interval interval Parameters interval The time that has to pass before a port in the error disabled state can be enabled The allowed range is 30 86400 seconds Explanation When enabled a port that is in the error disabled state can automatically be enabled after a certain time Exa...

Page 182: ...Negation config if no spanning tree Show show spanning tree 3 9 45 23 config if spanning tree auto edge Syntax config if spanning tree auto edge Explanation Enable auto edge function on this interface When enabled a port is automatically determined to be at the edge of the network when it receives no BPDUs Negation config if no spanning tree auto edge Show show spanning tree 3 9 45 24 config if sp...

Page 183: ...tically determines whether the interface is attached to a point to point link or shared medium Negation config if no spanning tree link type Show show spanning tree 3 9 45 27 config if spanning tree mst instance cost Syntax config if spanning tree mst instance cost cost auto Explanation Configure MSTI and its path cost value Parameters mst instance 0 15 Specify MST instance number Specify 0 to den...

Page 184: ...ole function If enabled this causes the port not to be selected as Root Port for the CIST or any MSTI even if it has the best spanning tree priority Negation config if no spanning tree restricted role Show show spanning tree 3 9 45 30 config if spanning tree restricted tcn Syntax config if spanning tree restricted tcn Explanation Enable restricted TCN function If enabled this causes the port not t...

Page 185: ...ess ports support VLAN translation It is not recommended to configure VLAN Translation on trunk ports Parameters group ID 1 28 Indicate the Group ID that applies to this translation rule vlan_list Indicate the VLAN ID that will be mapped to a new VID translation_vlan Indicate the new VID to which VID of ingress frames will be changed Example Map the group ID 5 with VLAN ID 100 to be translated to ...

Page 186: ...ccept all frames tagged accept only tagged frames untagged accept only untagged frames This parameter affects VLAN ingress processing If the port only accepts tagged frames untagged frames received on the port are discarded By default frame type is set to All Parameters all tagged untagged Specify the frame type for this interface Available options include all accept all frames tagged accept only ...

Page 187: ...egation config if no switchport hybrid egress tag Show show vlan status 3 9 47 7 config if switchport hybrid ingress filtering Syntax config if switchport hybrid ingress filtering Explanation Enable ingress filtering function on this specific interface If Ingress Filtering is enabled and the ingress port is not a member of a VLAN the frame from the ingress port is discarded By default ingress filt...

Page 188: ...ort When a tagged frame is received on a port 1 If a tagged frame with TIPID 0x8100 it is forwarded 2 If the TPID of tagged frame is not 0x8100 ex 0x88A8 it will be discarded The TPID of frame transmitted by C port will be set to 0x8100 When an untagged frame is received on a port a tag PVID is attached and then forwarded S port When a tagged frame is received on a port 1 If a tagged frame with TP...

Page 189: ... is in trunk mode Parameters all none add remove except vlan_list Specify one of the options all All VLANs none No VLANs add Add VLANs to the current list remove Remove VLANs from the current list except All VLANs except the following specified in vlan_list vlan_list Specify the VLAN list Negation config if no switchport trunk allowed vlan Show show vlan status 3 9 47 12 config if switchport trunk...

Page 190: ...s are classified as belonging to the receiving port s VLAN ID PVID Parameters vce_id 1 128 Specify index of the entry Valid range is 1 128 ipv4 Specify IP address and subnet mask The format is xx xx xx xx mm mm mm mm vid Indicate the VLAN ID Negation config if no switchport vlan ip subnet id vce_id_list Show show vlan ip subnet id subnet_id 3 9 47 15 config if switchport vlan mac Syntax config if ...

Page 191: ...vid Show show vlan protocol eth2 etype arp ip ipx at snap oui rfc 1042 snap 8021h pid llc dsap ssap 3 9 47 18 config if switchport voice vlan discovery protocol Syntax config if switchport voice vlan discovery protocol oui lldp both Explanation Configure a method for detecting VoIP traffic By default OUI is used Parameters oui Traffic from VoIP devices is detected by the Organizationally Unique Id...

Page 192: ...oui oui interface port_type port_list 3 9 47 20 config if switchport voice vlan security Syntax config if switchport voice vlan security Explanation Enable security filtering feature on a per port basis When enabled any non VoIP packets received on a port with Voice VLAN ID will be discarded VoIP traffic is identified by source MAC addresses configured in the telephony OUI list or through LLDP whi...

Page 193: ... 63 characters This is shared between a TACACS sever and the switch Parameters key 1 63 Specify a shared secret key value Negation config no tacacs server key Show show tacacs server 3 9 48 4 config tacacs server host Syntax config tacacs server host host_name port port timeout seconds key key Explanation Configure radius server settings Parameters host_name Specify a hostname or IP address for th...

Page 194: ...ontrol point how often it should receive a SSDP advertisement message from the switch By default the advertising duration is set to 100 seconds However due to the unreliable nature of UDP it is recommended to set to the shorter duration since the shorter the duration the fresher is UPnP status Example Set the upnp advertising duration to 150 seconds Negation config no upnp advertising duration Sho...

Page 195: ...l 5 has the read only access and privilege level 10 has the read write access And the system maintenance software upload factory defaults and etc need user privilege level 15 Generally the privilege level 15 can be used for an administrator account privilege level 10 for a standard user account and privilege level 5 for a guest account password encrypted encry_password 4 44 Specify the encrypted p...

Page 196: ...re is only one user admin assigned the highest privilege level of 15 Use this command to configure a new user account with unencrypted password Parameters username username word31 Specify a new username The allowed characters are 31 privilege priv 0 15 Specify the privilege level for this new user account The allowed range is 1 to 15 If the privilege level value is 15 it can access all groups i e ...

Page 197: ...5 100 to the allowed VLAN list Negation config no vlan ethertype s custom port vlan_list 3 9 51 2 config vlan ethertype s custom port Syntax config vlan ethertype s custom port etype Explanation Configure ether type used for customer s ports Parameters ethertype s custom port etype Specify ether type used for customer s ports The valid range is 0x0600 to 0xffff Example Set ether type for customer ...

Page 198: ...a hexadecimal value in the ranges of 0x00 0xff PID If the OUI is hexadecimal 000000 the protocol ID is the Ethernet type field value for the protocol running on top of SNAP If the OUI is that of a particular organization the protocol ID is a value assigned by that organization to the protocol running on top of SNAP In other words if value of the OUI field is 00 00 00 then value of the PID will be ...

Page 199: ...lass low normal medium high Explanation Set voice vlan secure learning aging time Parameters traffic_class low normal medium high Specify voice vlan class value or prioritize voice vlan traffic_class 0 7 Specify voice vlan class value The valid value is 0 7 Negation config no voice vlan class Show show voice vlan oui oui interface port_type port_list 3 9 52 4 config voice vlan oui oui description ...

Page 200: ...ntenance Mirroring NTP POE PTP Ports Private_VLANs QoS RPC Security Spanning_Tree System Timer UPnP VCL VLAN_Translation VLANs Voice_VLAN level cro cro 0 15 crw crw 0 15 sro sro 0 15 srw srw 0 15 1 Every group has an authorization Privilege level for the following sub groups cro configuration read only The privilege level is 1 to 15 crw configuration execute read write The privilege level is 1 to ...

Page 201: ... successfully access the device 4 1 Web Management Interface Connection Login MSW 4424C S series provide one MGMT port on the front panel for accessing Web Management via IP connectivity For the first time user connect one end of RJ 45 cable to the MSW 4424C S and the other end of RJ 45 cable to your management PC Then open the web browser such as IE Firefox etc and input the default IP address 10...

Page 202: ... side menu and return to Monitor Ports State 4 2 2 Refresh To update the screen click the Refresh button For automatic updating of the screen the Auto refresh tick box may be ticked The screen will be auto refreshed every 3 seconds Unless connected directly on a local LAN we recommend not using the auto refresh function as it does generate a bit of traffic 4 2 3 Help System The MSW 4424C S switche...

Page 203: ...re will be reported in the standard SNMP MIB2 for sysContact OID 1 3 6 1 2 1 1 4 sysName OID 1 3 6 1 2 1 1 5 and sysLocation OID 1 3 6 1 2 1 1 6 Remember to click the Save button after entering the configuration information System Contact Indicate the descriptive contact information This could be a person s name email address or other descriptions The allowed string length is 0 255 and the allowed...

Page 204: ...r In Host mode IP traffic between interfaces will not be routed In Router mode traffic is routed between all interfaces When configuring this device for multiple VLANs the Router mode should be chosen Router mode is the default mode DNS Server This setting controls the DNS name resolution done by the switch The following modes are supported From any DHCP interfaces The first DNS server offered fro...

Page 205: ... with a colon separating each field For example fe80 215 c5ff fe03 4dc7 The symbol is a special syntax that can be used as a shorthand way of representing multiple 16 bit groups of contiguous zeros but it can appear only once It can also represent a legally valid IPv4 address For example 192 1 2 34 The field may be left blank if IPv6 operation on the interface is not desired IPv6 Mask The IPv6 net...

Page 206: ...l is a special syntax that can be used as a shorthand way of representing multiple 16 bit groups of contiguous zeros but it can appear only once NTP servers can also be represented by a legally valid IPv4 address For example 192 1 2 34 The NTP servers are tried in numeric order If Server 1 is unavailable the NTP client will try to contact Server 2 4 3 1 5 System Time Setup the device time The sett...

Page 207: ...Select he ending week day month year hours and minutes Offset settings Enter the number of minutes to add during Daylight Saving Time The allowed range is 1 to 1440 4 3 1 6 System Log Configuration Configure System Log on this page Server Mode This sets the server mode operation When the mode of operation is enabled the syslog message will send out to syslog server at the server address The syslog...

Page 208: ...ts numbered 25 28 Each logical port number is displayed in a row The select all port will apply actions on all ports Link The current link state for each port is displayed graphically Green indicates the link is up and red that it is down Current Speed This column provides the current link speed of each port Configured Speed This pull down selects any available link speed for the given switch port...

Page 209: ... is done by reading the SFP rom Due to the missing standardized way of doing SFP auto detect some SFPs might not be detectable The port is set in AMS mode with SFP preferred 100 FX_AMS Port in AMS mode with SFP preferred SFP port in 100 FX speed Copper port in Auto mode 1000 X_AMS Port in AMS mode with SFP preferred SFP port in 1000 X speed Copper port in Auto mode 100 FX SFP port in 100 FX speed ...

Page 210: ...abled The starting VLAIN ID must be smaller than or equal to the ending VLAN ID If there is only one VLAN ID then it can be entered either in starting or ending VLAN ID field Mode Indicates the operation mode per VLAN Enabled Enable DHCP server per VLAN Disabled Disable DHCP server per VLAN NOTE If you would like to disable DHCP server on an existing VLAN range then follow the steps below 1 Add on...

Page 211: ...um entries supported are 640 Name Enter the pool name for this entry All printable characters are supported except white space Click on the pool name after save to configure its detailed settings Type Display which type the pool is The displayed options include Network and Host If is displayed it means this field has not been defined yet IP Display network number of the DHCP address pool If is dis...

Page 212: ...Server Specify a list of IP addresses indicating NTP servers available to the client NetBios Node Type Select NetBIOS node type option to allow Netbios over TCP IP clients which are configurable to be configured as described in RFC 1001 1002 NetBIOS Scope Specify the NetBIOS over TCP IP scope parameter for the client as specified in RFC 1001 1002 NetBIOS Name Server Specify a list of NBNS name ser...

Page 213: ...equest messages from trusted ports will be processed and only allow reply packets from trusted ports VLAN A single VLAN or a range of VLANs specified here will be treated as authorized and secure VLANs Packets from specified VLANs are forwarded normally DHCP Snooping Table Saving Server URL Specify the TFTP server URL including path and file name to save the DHCP Snooping table The URL format migh...

Page 214: ...vices are treated as Untrusted sources DHCP Snooping filters out invalid DHCP messages from Untrusted sources Limited Enable or disable Limit Control function on the specific port Max Clients Specify the maximum number of DHCP clients that can be learnt on this specific port The valid number is 1 to 32 4 3 3 3 Relay Configuration DHCP Relay Configuration Relay Mode Enable or disable the DHCP relay...

Page 215: ...Information policy for DHCP client that includes option 82 information Replace Replace the DHCP client packet information with the switch s relay information This is the default setting Keep Keep the client s DHCP information Drop Drop the packet when it receives a DHCP message that already contains relay information DHCP Relay Agent Information Circuit ID Format Select the appropriate circuit ID ...

Page 216: ...s to Option 82 information Subscriber ID Format Select the appropriate Subscriber ID format None Sub option 6 is not used Port Alias Use the individual values for port Alias on a per port basis Configured Configure the desired Subscriber ID in the Configuration field Configuration Specify the desired Subscriber ID The maximum length of a Subscriber ID is 63 4 3 4 Security Under the security headin...

Page 217: ...el Select the appropriate privilege level for this user account The allowed range is 1 to 15 If the privilege level value is 15 it can access all groups i e that is granted the fully control of the device But other values need to refer to each group privilege level User s privilege should be same or greater than the group privilege level to have the access of that group By default setting most gro...

Page 218: ... Name Location Timezone Daylight Saving Time Log Security Authentication System Access Management Port contains Dot1x port MAC based and the MAC Address Limit ACL HTTPS SSH ARP Inspection IP source guard IP Everything except ping Diagnostics ping Maintenance CLI System Reboot System Restore Default System Password Configuration Save Configuration Load and Firmware Load Web Users Privilege Levels a...

Page 219: ...and login is not possible local Use the local user database on the switch for authentication radius Use remote RADIUS server s for authentication tacacs Use remote TACACS server s for authentication NOTE Methods that involve remote servers will time out if the remote servers are offline In this case the next method is tried Each method is tried from left to right and continues until a method eithe...

Page 220: ...de operation Disabled Disable HTTPS mode operation Automatic Redirect Indicates the HTTPS redirect mode operation It applies only if HTTPS mode Enabled is selected Automatically redirects HTTP of web browser to an HTTPS connection when both HTTPS mode and Automatic Redirect are enabled Possible modes are Enabled Enable HTTPS redirect mode operation Disabled Disable HTTPS redirect mode operation 4 ...

Page 221: ...n to save settings or changes Click the Reset button to restore changed settings to the default settings 4 3 4 1 7 SNMP 4 3 4 1 7 1 SNMP System Configuration Configure SNMP on this page Mode Indicates the SNMP mode operation Possible modes are Enabled Enable SNMP mode operation Disabled Disable SNMP mode operation Version Indicates the SNMP supported version Possible versions are SNMP v1 Set SNMP ...

Page 222: ...ity string a particular range of source addresses can be used to restrict source subnet Engine ID Indicates the SNMPv3 engine ID The string must contain an even number in hexadecimal format with number of digits between 10 and 64 but all zeros and all F s are not allowed Changes to the Engine ID will clear all original local users 4 3 4 1 7 2 SNMP Trap Configuration Configure SNMP trap on this pag...

Page 223: ...this port the port range is 1 65535 The default SNMP trap port is 162 Trap Inform Mode Indicates the SNMP trap inform mode operation Possible modes are Enabled Enable SNMP trap inform mode operation Disabled Disable SNMP trap inform mode operation Trap Inform Timeout seconds Indicates the SNMP trap inform timeout The allowed range is 0 to 2147 Trap Inform Retry Times Indicates the SNMP trap inform...

Page 224: ...ink Up none specific all ports Link up trap Link Down none specific all ports Link down trap LLDP none specific all ports LLDP Link Layer Discovery Protocol trap When the specific radio button is selected a popup graphic with port checkboxes allows selection specific ports AAA Authentication Authorization and Accounting A trap will be issued at any authentication failure Switch Indicates that the ...

Page 225: ... and User Name Engine ID An octet string identifying the engine ID that this entry should belong to The string must contain an even number in hexadecimal format with number of digits between 10 and 64 but all zeros and all F s are not allowed The SNMPv3 architecture uses the User based Security Model USM for message security and the View based Access Control Model VACM for access control For the U...

Page 226: ... is 8 to 40 characters The allowed content is ASCII characters from 0x21 to 0x7E Privacy Protocol Indicates the privacy protocol that this entry should belong to Possible privacy protocols are None No privacy protocol DES An optional flag to indicate that this user uses DES authentication protocol AES An optional flag to indicate that this user uses AES authentication protocol Privacy Password A s...

Page 227: ...at this entry should belong to Possible view types are included An optional flag to indicate that this view subtree should be included excluded An optional flag to indicate that this view subtree should be excluded In general if a view entry s view type is excluded there should be another view entry existing with view type as included and it s OID subtree should overstep the excluded view entry OI...

Page 228: ...to 0x7E Write View Name The name of the MIB view defining the MIB objects for which this request may potentially set new values The allowed string length is 1 to 32 and the allowed content is ASCII characters from 0x21 to 0x7E 4 3 4 1 8 RMON 4 3 4 1 8 1 RMON Statistics Configuration Configure RMON Statistics table on this page The entry index key is ID Delete Check to delete the entry It will be d...

Page 229: ...to respond to rising or falling thresholds ID Indicates the index of the entry The range is from 1 to 65535 Interval The polling interval for sampling and comparing the rising and falling threshold The range is from 1to 2 31 seconds Variable The object number of the MIB variable to be sampled Only variables of the type ifEntry n n may be sampled Possible variables are InOctets InUcastPkts InNUcast...

Page 230: ... Range 2147483647 to 2147483647 Falling Index Indicates the falling index of an event The range is 1 65535 Click the Add New Entry button to insert a new entry to the list Click the Delete button to remove a newly inserted entry or select the checkbox to remove a saved entry during the next save Click the Save button to save settings or changes Click the Reset button to restore changed settings to...

Page 231: ...eriod With aging enabled a timer is started once the end host gets secured When the timer expires the switch starts looking for frames from the end host and if such frames are not seen within the next Aging Period the end host is assumed to be disconnected and the corresponding resources are freed on the switch Aging Period If Aging Enabled is checked then the aging period can be set up with the d...

Page 232: ...Reached The limit is reached on a port This state can only be shown if Action is set to None or Trap Shutdown The port is shut down by the Limit Control module This state can only be shown if Action is set to Shutdown or Trap Shutdown Re open Button If a port is shut down by this module you may reopen it by clicking this button which will only be enabled if this is the case For other methods refer...

Page 233: ...Time The time after an EAP Failure indication or RADIUS timeout that a client is not allowed access This setting applies to ports running Single 802 1X Multi 802 1X or MAC based authentication By default hold time is set to 10 seconds The allowed range is 10 1000000 seconds Radius Assigned QoS Enabled Select the checkbox to globally enable RADIUS assigned QoS Radius Assigned VLAN Enabled RADIUS as...

Page 234: ...ients that are not dot1x aware will be denied access Single 802 1X In Single 802 1X at most one supplicant can get authenticated on the port at a time Normal EAPOL frames are used in the communication between the supplicant and the switch If more than one supplicant is connected to a port the one that comes first when the port s link comes up will be the first one considered If that supplicant doe...

Page 235: ...will not cause settings changed on the page to take effect Reauthenticate Schedules reauthentication to whenever the quiet period of the port runs out EAPOL based authentication For MAC based authentication reauthentication will be attempted immediately The button only has effect for successfully authenticated clients on the port and will not cause the clients to get temporarily unauthorized Reini...

Page 236: ...s to the system log To view log entries go to System menu and then click the System Log Information option Shutdown This field is to decide whether to shut down a port when matched frames are seen or not State Select a port state Enabled To re open a port Disabled To close a port Counters The number of frames that have matched the rules defined in the selected policy 4 3 4 2 3 2 Rate Limiters Rate...

Page 237: ...Display rate limiter is enabled or disabled when matched frames are found Port Redirect Display port redirect is enabled or disabled Mirror Display mirror function is enabled or disabled Counter Display the number of frames that have matched any of the rules defined for this ACL Click the plus sign to add a new ACE entry ACE Configuration Ingress Port Select the ingress port of the access control ...

Page 238: ...lect Ethernet and ARP frame type DMAC Filter The type of destination MAC address Any To allow all types of destination MAC addresses MC Multicast MAC address BC Broadcast MAC address UC Unicast MAC address Specific Use this to self define a destination MAC address This option is only available when you select Ethernet frame type VLAN Parameters VLAN ID Filter Select the VLAN ID filter for this ACE...

Page 239: ...fy the destination IP address Any No target IP filter is specified Host Specify the target IP address Network Specify the target IP address and target IP mask ARP Sender SMAC Match Select 0 to indicate that the SHA Sender Hardware Address field in the ARP RARP frame is not equal to source MAC address Select 1 to indicate that SHA field in the ARP RARP frame is equal to source MAC address Select An...

Page 240: ...e value which is either 0 or not 0 IP Fragment Select Any to allow any values Yes denotes that IPv4 frames where the MF bit is set or the FRAG OFFSET field is greater than zero must match this entry No denotes that IPv4 frames where the MF bit is set or the FRAG OFFSET field is greater than zero must not match this entry IP Option Specify the options flag setting for this rule Select Any to allow ...

Page 241: ...t Any to allow any values in this field Select 0 if IPv6 frames with a hop limit field greater than zero must not be able to match this entry 1 denotes that IPv6 frames with a hop limit field greater than zero must be able to match this entry 4 3 4 2 4 IP Source Guard 4 3 4 2 4 1 Configuration IP Source Guard Configuration Mode Enable or disable IP source guard globally Translate dynamic to static...

Page 242: ... dynamic clients is equal 0 the switch will only forward IP packets that are matched in static entries for a given port 4 3 4 2 4 2 Static Table Port Select a port to which a static entry is bound VLAN ID Enter VLAN ID that has been configured IP Address Enter a valid IP address IP Mask Enter the subnet mask for the entered IP address Click the Add New Entry button to insert an entry to the table ...

Page 243: ... The port number Port rules apply to all ports Mode Enable or disable ARP Inspection on a port Please note that to make ARP inspection work both global mode and port mode must be enabled Check VLAN Enable or disable check VLAN operation Check Type Enable operation of checking ARP request packet reply packet or both Log Type There are four log types available None Log nothing Deny Log denied entrie...

Page 244: ...hing Deny Log denied entries Permit Log permitted entries All Log all entries Click the Add New Entry button to insert an entry to the table Select the Delete checkbox to remove the entry during the next save Click the Save button to save newly configured settings or changes Click the Reset button to restore settings to default settings or previously configured settings 4 3 4 2 5 3 Static Table Po...

Page 245: ...C Address User MAC address of this entry IP Address User IP address of this entry Translate to static Click the button to translate the dynamic entry to static one 4 3 4 3 AAA 4 3 4 3 1 RADIUS Configuration Global Configuration Timeout The time the switch waits for a reply from an authentication server before it retransmits the request Retransmit Specify the number of times to retransmit request p...

Page 246: ...Pv6 address is used as attribute 95 in RADIUS Access Request packets If this field is left blank the IP address of the outgoing interface is used NAS Identifier The identifier up to 256 characters long is used as attribute 32 in RADIUS Access Request packets If this field is left blank the NAS Identifier is not included in the packet Sever Configuration Hostname The hostname or IP address for the ...

Page 247: ...witch Server Configuration Hostname The hostname or IP address for a TACACS server Port The TCP port number to be used on a TACACS server for authentication Timeout If timeout value is specified here it will replace the global timeout value If you prefer to use the global value leave this field blank Key If secret key is specified here it will replace the global secret key If you prefer to use the...

Page 248: ... Address All traffic with the same source and destination IP address is output on the same link in a trunk TCP UDP Port Number All traffic with the same source and destination TCP UDP port number is output on the same link in a trunk Aggregation Group Configuration Group ID Trunk ID number Normal means that no aggregation is used 14 aggregation groups are available for use Each group contains at l...

Page 249: ...LACP port Key In order to allow a port to join an aggregated group the port Key must be set to the same value Role The user can select either Active or Passive role depending on the device s capability of negotiating and sending LACP control packets Ports that are designated as Active are able to process and send LACP control frames Hence this allows LACP compliant devices to negotiate the aggrega...

Page 250: ...M functionality to be enabled on the link based upon local and remote state and configuration settings In other words it supports OAM capability discovery function and hence eliminates the need for operators configurations Remote loopback IEEE 802 3ah provides a mechanism to support a data link layer frame level loopback mode With this function the operator may test the performance of the link pri...

Page 251: ... threshold for that period Period Threshold Errored frames are frames that had transmission errors as detected at the Media Access Control sublayer Error Window for Error Frame Event must be an integer value between 1 60 and its default value is 1 Whereas Error Threshold must be between 0 0xffffffff and its default value is 0 Symbol Period Error Event The Errored Symbol Period Event counts the num...

Page 252: ...a network Once loops are detected ports received the loop protection packet form the switch can be shut down or loopped events can be logged General Settings Enable Loop Protection Enable or disable loop protection function Transmission Time The interval between each loop protection PDU sent on each port Valid values are 1 to 10 seconds Shutdown Time The period for which a port will be kept disabl...

Page 253: ...ilable CPU resources and bandwidth To solve problems causing by bridge loops spanning tree allows a network design to include redundant links to provide automatic backup paths if an active link fails without the danger of bridge loops or the need for manually enabling disabling these backup links The Spanning Tree Protocol STP defined in the IEEE Standard 802 1s can create a spanning tree within a...

Page 254: ...equal to Forward Delay 1 2 Maximum Hop Count The maximum number of hops allowed for MST region before a BPDU is discarded Each bridge decrements the hop count by one before passing on the BPDU When the hop count reaches zero the BPDU is discarded The default hop count is 20 The allowed range is 6 40 Transmit Hold Count The number of BPDU sent by a bridge port per second When exceeded transmission ...

Page 255: ...efore a port in the error disabled state can be enabled The allowed range is 30 86400 seconds 4 3 8 2 MSTI Mapping Configuration Identification Configuration Name The name for this MSTI By default the switch s MAC address is used The maximum length is 32 characters In order to share spanning trees for MSTI bridges must have the same configuration name and revision value Configuration Revision The ...

Page 256: ... address will then become the root device Note that lower numeric values indicate higher priority The bridge priority plus the MSTI instance number concatenated with the 6 byte MAC address of the switch forms a Bridge Identifier 4 3 8 4 CIST Ports CIST Aggregated Port Configuration Port The port number STP Enabled Enable STP function Path Cost Path cost is used to determine the best path between d...

Page 257: ...ses the port not to propagate received topology change notifications and topology changes to other ports BPDU Guard This feature protects ports from receiving BPDUs It can prevent loops by shutting down a port when a BPDU is received instead of putting it into the spanning tree discarding state If enabled the port will disable itself upon receiving valid BPDU s Point to Point Select the link type ...

Page 258: ...etects the speed and duplex mode to decide the path cost Select Specific if you want to use user defined value Valid values are 1 to 200000000 Please note that path cost take precedence over port priority Priority Select port priority 4 3 9 IPMC Profile The IPMC Profile includes the following two sub menus 4 3 9 1 Profile Table IPMC Profile Configuration Global Profile Mode Enable or disable IPMC ...

Page 259: ...tion taken upon receiving the Join Report frame that has the group address matches the address range of the rule Permit Group address matches the range specified in the rule will be learned Deny Group address matches the range specified in the rule will be dropped Log Select the logging preference receiving the Join Report frame that has the group address matches the address range of the rule Enab...

Page 260: ...to transmit multicast stream in a single multicast VLAN Clients that receive multicast VLAN stream can reside in different VLANs They can join or leave the multicast group simply by sending the IGMP Join or Leave message to a receiver port that belongs to one of the multicast groups can receive multicast stream from the media server MVR further isolates users who are not intended to receive multic...

Page 261: ...e string is 32 Both alphabets and numbers are allowed for use IGMP Address Specify the IPv4 unicast address as source address used in IP header for IGMP control frames Mode Two MVR operation modes are provided Dynamic MVR allows dynamic MVR membership reports on source ports This is the default mode Compatible MVR membership reports are forbidden on source ports Tagging Specify whether IGMP MLD co...

Page 262: ...udes IGMP Snooping and MLD Snooping sub menu Select the appropriate menu to set up detailed configurations 4 3 11 1 IGMP Snooping The Internet Group Management Protocol IGMP is a communications protocol used to manage the membership of Internet Protocol multicast groups IGMP is used by IP hosts and adjacent multicast routers to establish multicast group memberships It can be used more efficiently ...

Page 263: ... switch simply monitors the IGMP packets passing through it picks out the group registration information and configures the multicast filters accordingly Unregistered IPMCv4 Flooding Enabled Set forwarding mode for unregistered not joined IP multicast traffic Select the checkbox to flood traffic IGMP SSM Range SSM Source Specific Multicast Range allows the SSM aware hosts and routers run the SSM s...

Page 264: ...globally and an interface s IGMP snooping is enabled on an interface IGMP snooping on an interface will take precedence When disabled snooping can still be configured on an interface However settings will only take effect until IGMP snooping is enabled globally Querier Election Enable to join querier election in the VLAN When disabled it will act as an IGMP non querier Querier Address Specify the ...

Page 265: ...44 seconds 4 3 11 1 3 Port Filtering Profile The Port Filtering Configuration page is to filter specific multicast traffic on a per port basis Before you select a filtering profile for filtering purposes you must set up profiles in IPMC Profile page Port The port number Filtering Profile Select the configured multicast groups that are denied on a port When a certain multicast group is selected on ...

Page 266: ...e Proxy Enabled To prevent multicast router from becoming overloaded with leave messages MLD snooping suppresses leave messages unless received from the last member port in the group When the switch acts as the querier the leave proxy feature will not function Proxy Enabled When MLD proxy is enabled the switch exchanges MLD messages with the router on its upstream interface and performs the host p...

Page 267: ...ed it will act as an IGMP non querier Compatibility This configures how hosts and routers take actions within a network depending on MLD version selected Available options are MLD Auto Forced MLDv1 and Forced MLDv2 By default MLD Auto is used PRI Select the priority of interface This field indicates the MLD control frame priority level generated by the system which is used to prioritize different ...

Page 268: ... Profile Select the configured multicast groups that are denied on a port When a certain multicast group is selected on a port MLD join reports received on a port are dropped Click the summary button to view details of the selected IPMC profile 4 3 12 LLDP LLDP Link Layer Discovery Protocol runs over data link layer which is used for network devices to send information about themselves to other di...

Page 269: ...t number Port settings apply to all ports Mode Select the appropriate LLDP mode Disabled LLDP information will not be sent and LLDP information received from neighbours will be dropped Enabled LLDP information will be sent and LLDP information received from neighbours will be analyzed Rx Only The switch will analyze LLDP information received from neighbours Tx Only The switch will send out LLDP in...

Page 270: ...duce security and system integrity issues that can come with inappropriate knowledge of the network policy With this in mind LLDP MED defines an LLDP MED Fast Start interaction between the protocol and the application layers on top of the protocol in order to achieve these related properties With Fast start repeat count it is possible to specify the number of times the fast start transmission is r...

Page 271: ... datum pair is to be used when referencing locations on land not near tidal water which would use Datum NAD83 MLLW NAD83 MLLW North American Datum 1983 CRS Code 4269 Prime Meridian Name Greenwich The associated vertical datum is Mean Lower Low Water MLLW This datum pair is to be used when referencing locations on water sea ocean Civic Address Location IETF Geopriv Civic Address based Location Conf...

Page 272: ...vice Emergency Call Service e g E911 and others such as defined by TIA or NENA Policies Policy ID Specify the ID for this policy Application Type The application types include Voice Voice Signalling Guest Voice Guest Voice Signalling Softphone Voice Video Conferencing Streaming Video Signalling Tag Tag indicating whether the specified application type is using a tagged or an untagged VLAN VLAN ID ...

Page 273: ...lock source Lowest number 0 is the highest priority If two clock sources has the same priority the lowest clock source number gets the highest priority in the clock selection process Port The ports that are possible to select for this clock source are presented The PCB104 Synce module supports 10MHz station clock input The station clock input is indicated by a port number Number of ethernet ports ...

Page 274: ...ocked to when clock selector is in locked state LOL Clock selector has raised the Los Of Lock alarm DHOLD Clock selector has not yet calculated the holdover frequency offset to local oscillator This becomes active for about 10 s when a new clock source is selected SyncE Port SSM Enable Enable SSM Synchronization Status Message on this port 4 3 14 EPS EPS Ethernet Linear Protection Switching operat...

Page 275: ... The APS protocol is mandatory for 1 1 protection W Flow Working flow instance number P Flow Protecting flow instance number W SF MEP Working Signal Failure MEP instance number P SF MEP Protecting Signal Failure MEP instance number APS MEP APS MEP instance number Alarm When settings are complete the switch will show an alarm status on the EPS Click the Add New EPS button to create a new entry Clic...

Page 276: ... ready Select the desired Hold off time from the drop down menu Instance Command Command This field allows the switch to perform a particular action on an EPS instance Available options are listed below None No command is used Clear Any active command is cleared Lockout End to end lock out of the protection entity Forced Switch Forced switch to the protection entity Manual Switch P Manual switch t...

Page 277: ...he traffic direction either Ingress or Egress for monitoring on a residence port Residence Port Specify a port to monitor Level The MGP level of this MEP Flow Instance The MEP related to this flow Tagged VID A C tag or S tag depending on VLAN port type is added with this VID Entering 0 means no tag will be added This MAC The MAC of this MEP can be used by other MEP when unicast is selected Alarm T...

Page 278: ...rent from all Peer MEP ID configured for this MEP cAIS Fault Cause indicating that AIS PDU is received cLCK Fault Cause indicating that LCK PDU is received cSSF Fault Cause indicating that server layer is indicating Signal Fail aBLK The consequent action of blocking service frames in this flow is active aTSF The consequent action of indicating Trail Signal Fail to wards protection is active Peer M...

Page 279: ...rame rate of CCM PDU APS Protocol Enable Select the checkbox to enable APS Automatic Protection Switching protocol Priority The priority to be inserted as PCP bits in TAG if any Cast Select whether APS PDU transmitted unicast or multicast The unicast MAC will be taken from the Unicast Peer MAC configuration Unicast is only valid for L APS type The R APS PDU is always transmistted with multicast MA...

Page 280: ...is is only used if NOT configured to all zero This will be used as the LBM PDU unicast MAC This is the only way to configure Loop Back to wards a MIP To Send The number of LBM PDU to send in one loop test The value 0 indicate infinite transmission test behaviour This is HW based LBM LBR and Requires VOE Size The number of bytes in the LBM PDU Data Pattern TLV Interval The interval between transmit...

Page 281: ...end This value is inserted the transmitted LTM PDU and is expected to be received in the LTR PDU Received LTR with wrong transaction id is ignored There are five transactions in one Link Trace activated Time To Live This is the TTL value taken from the LTM received by the MIP MEP sending this LTR decremented as if forwarded Mode This indicates if it was a MEP MIP sending this LTR Direction This in...

Page 282: ...er Clear The frame size used for this calculation is the first received after Clear Test time The number of seconds passed since first TST frame received after last Clear Clear This will clear all Test Signal State Transmission of TST frame will be restarted Calculation of Rx frame count RX rate and Test time will be started when receiving first TST frame Client Configuration Domain The domain of ...

Page 283: ...period as described in Y 1731 Protection Select the checkbox to enable protection This means that the first 3 AIS PDU is transmitted as fast as possible in case of using this for protection in the end point LOCK Enable Enable or disable the insertion of LOCK signal LCK PDU transmission in client layer flows Frame Rate Select the frame rate of LCK PDU This is the inverse of transmission period as d...

Page 284: ...oss Measurement both implemented on SW based CCM Cast has to be the same Ended Single Single ended Loss Measurement implemented on LMM LMR Dual Dual ended Loss Measurement implemented on SW based CCM FLR Interval This is the interval in seconds where the Frame Loss Ratio is calculated Loss Measurement State Near End Loss Count The accumulated near end frame loss count since last clear Far End Loss...

Page 285: ...ange is 10 to 65535 Count The number of last records to calculate The range is 10 to 2000 Unit The time resolution D2forD1 Enable to use DMM DMR packet to calculate one way DM If the option is enabled the following action will be taken When DMR is received two way delay roundtrip or flow and both near end to far end and far end to near end one way delay are calculated When DMM or 1DM is received o...

Page 286: ... normally forward receive traffic Nodes on the ring periodically use control messages called Ring Automatic Protection Switching message to ensure that a ring is up and loop free Once RPL owner misses poll packets or learns from fault detection packets RPL owner detects signal failure SF in a ring Upon learning of a fault the RPL owner unblocks ring protection link RPL allowing protected VLAN traf...

Page 287: ...nnected node with virtual channel Leave this checkbox unchecked if sub ring does not have virtual channel Major Ring ID This field is used for an interconnected sub ring for sending topology change updates on major ring If ring is set to major this value is same as the protection group ID of this ring Alarm When settings are complete then the switch will show an alarm status on the ERPS Click the ...

Page 288: ...address entry VLAN ID Specify the VLAN ID for this entry Port Members Check or uncheck the ports If the incoming packet has the same destination MAC address as the one specified in VID it will be forwarded to the checked port directly 4 3 18 VLAN Translation VLAN Translation is especially useful for users who want to translate the original VLAN ID to a new VLAN ID so as to exchange data across dif...

Page 289: ... the same Group ID NOTE By default each port is mapped to a group with a group ID equal to the port number For example port 2 is mapped to the group with ID is 2 Port Number Click the appropriate radio button to include a port into a group 4 3 18 2 VID Translation Mapping Group ID Indicate the Group ID that applies to this translation rule VLAN ID Indicate the VLAN ID that will be mapped to a new ...

Page 290: ...the possibility of broadcast traffic damaging the entire network VLANs can help group devices that communicate frequently with other in the same VLAN so as to divide the entire network into several broadcast domains VLANs make changes of devices or relocation more easily In traditional networks when moving a device geographically to a new location for example move a device in floor 2 to floor 4 th...

Page 291: ...tag all frames in which case only tagged frames are accepted on ingress Hybrid Hybrid ports resemble trunk ports in many ways but adds additional port configuration features In addition to the characteristics described for trunk ports hybrid ports have these abilities Can be configured to be VLAN tag unaware C tag aware S tag aware or S custom tag aware Ingress filtering can be controlled Ingress ...

Page 292: ...ped Egress Tagging The action taken when packets are sent out from a port Untag Port VLAN Frames that carry PVID will be removed when leaving from a port Frames with tags other than PVID will be transmitted with the carried tags Tag All Frames are transmitted with a tag Untag All Frames are transmitted without a tag This option is only available for ports in Hybrid mode Allowed VLAN Ports in Trunk...

Page 293: ...f centi seconds that the device waits before deleting the associated etry The leave time is activated by a Leave All time message sent received and cancelled by the Join message The default value is 60 centi seconds LeaveAll time Specify the amount of time that LeaveAll PDUs are created A LeaveAll PDU indicates that all registrations are shortly de registered Participants will need to rejoin in or...

Page 294: ...TION CONFIGURATION 4 3 20 2 Port Config Port The port number Mode Enable GVRP on a per port basis 4 3 21 Private VLANs The Private VLANs menu contains the following sub menus Select the appropriate one to configure its detailed settings 4 3 21 1 PVLAN Membership ...

Page 295: ...Click the button once to add a new VLAN entry Save VLAN membership changes will be saved and new VLANs are enabled after clicking Save button Reset Click Reset button to clear all unsaved VLAN settings and changes 4 3 21 2 Port Isolation Private VLAN is used to group ports together so as to prevent communications within PVLAN Port Isolation is used to prevent communications between customer ports ...

Page 296: ...etwork devices required to support multiple protocols cannot be easily grouped into a common VLAN This may require non standard devices to pass traffic between different VLANs in order to encompass all the devices participating in a specific protocol This kind of configuration deprives users of the basic benefits of VLANs including security and easy accessibility To avoid these problems you can co...

Page 297: ...rotocol ID is a value assigned by that organization to the protocol running on top of SNAP In other words if value of the OUI field is 00 00 00 then value of the PID will be etherType 0x0600 0xffff and if value of the OUI is other than 00 00 00 then valid value of the PID will be any value from 0x0000 to 0xffff LLC Logical Link Control This includes DSAP Destination Service Access Point and SSAP S...

Page 298: ...ox to remove a saved entry during the next save 4 3 23 Voice VLAN Nowadays in the enterprise network VoIP devices are commonly deployed to save operational cost due to its easy to setup feature and convenience However while deploying VoIP devices it is recommended that VoIP traffic is separated from data traffic By isolating traffic VoIP traffic can be assigned to have the highest priority while f...

Page 299: ...he aging time is set to 86400 seconds The allowed aging time is 10 10 000 000 seconds Traffic Class Select the traffic class value which defines a service priority for traffic on the Voice VLAN The priority of any received VoIP packet is overwritten with the new traffic class when the Voice VLAN feature is active on a port By default 7 Highest priority is used The allowed range is 0 Lowest 7 Highe...

Page 300: ...C address MAC address OUI numbers must be configured in the Telephony OUI list so that the switch recognizes the traffic as being from a VoIP device LLDP Use LLDP IEEE 802 1ab to discover VoIP devices attached to a port LLDP checks that the telephone bit in the system capability TLV is turned on or not Both Use both OUI table and LLDP to detect VoIP traffic on a port 4 3 23 2 OUI Telephony OUI Spe...

Page 301: ...Fixed The DEI value is determined by ECE rules 4 3 24 2 L2CP L2CP stands for Layer 2 Control Protocol and contains Ethernet control protocols such as Spanning Tree BPDUs LACP Pause frames etc A L2CP frame has a specific destination address DA belonging to reserved multicast MAC address ranges MEF defines L2CP processing rules for Ethernet Frames carrying a MAC destination address DA within the ran...

Page 302: ...01 80 C2 00 00 0F and for GARP block of protocol is 01 80 C2 00 00 20 through 01 80 C2 00 00 2F L2CP Mode Select the L2CP frame handling mode for the corresponding destination MAC address DMAC Peer Redirect to CPU to allow peering tunneling discard depending on ECE and protocol configuration Forward Allow peering forwarding tunneling discarding depending on ECE and protocol configuration ...

Page 303: ...he policer type of the bandwidth profile The allowed values are MEF MEF ingress bandwidth profile Single Single bucket policer Policer Mode The colour mode of the bandwidth profile The allowed values are Coupled Colour aware mode with coupling enabled Aware Colour aware mode with coupling disabled Blind Colour blind mode Rate Type The rate type of the bandwidth profile The allowed values are Data ...

Page 304: ...D in the PB network It may be inserted in a C tag S tag or S custom tag depending on the NNI port VLAN configuration The allowed range is from 1 through 4095 IVID The Internal classified VLAN ID in the PB network The allowed range is from 1 through 4095 Learning The learning mode for the EVC controls whether source MAC addresses are learned for frames matching the EVC Learning may be disabled if t...

Page 305: ...the ECE The possible values are Any The ECE will match both tagged and untagged frames Untagged The ECE will match untagged frames only C Tagged The ECE will match custom tagged frames only S Tagged The ECE will match service tagged frames only Tagged The ECE will match tagged frames only VLAN ID Filter The VLAN ID filter for matching the ECE This field appears when tag type C Tagged S Tagged or T...

Page 306: ...r tag type for matching the ECE The possible values are Any The ECE will match both tagged and untagged frames Untagged The ECE will match untagged frames only C Tagged The ECE will match custom tagged frames only S Tagged The ECE will match service tagged frames only Tagged The ECE will match tagged frames only Inner VLAN ID Filter The inner VLAN ID filter for matching the ECE This field appears ...

Page 307: ...ng a range appears DSCP Value When Specific is selected for the DSCP filter you can enter a specific value The allowed value is from 0 through 63 DSCP Range When Range is selected for the DSCP filter you can enter a specific range The allowed range is from 0 through 63 Actions Direction The EVCs and ECEs are used to setup flows in one or both directions as determined by the ECE Direction parameter...

Page 308: ...tag for nni to uni direction for the ECE VLAN ID The EVC outer tag VID for UNI ports The allowed value is from 0 through 4095 PCP DEI Preservation The outer tag PCP and DEI preservation for the ECE The possible values are Preserved The outer tag PCP and DEI is preserved Fixed The outer tag PCP and DEI is fixed PCP The outer tag PCP value for the ECE The allowed range is from 0 through 7 DEI The ou...

Page 309: ...To overcome this challenge Quality of Service QoS is applied throughout the network This ensures that network traffic is prioritized according to specified criteria and receives preferential treatments QoS enables you to assign various grades of network service to different types of traffic such as multi media video protocol specific time critical and file backup traffic To set up the priority of ...

Page 310: ...ged frames on this port Disabled Use the default QoS class and DP level for tagged frames Enabled Use the mapped versions of PCP and DEI for tagged frames DSCP Based Select the checkbox to enable DSCP based QoS Ingress Port 4 3 25 1 2 Port Shaping Enabled Select the checkbox to enable port shaping function on a port Rate Indicate the rate for the port shaping By default 500kbps is used The allowed...

Page 311: ... bandwidth Port The port number Port settings apply to all ports Enabled Select the checkbox to enable port policing function on a port Rate Indicate the rate for the policer By default 500kbps is used The allowed range for kbps and fps is 100 to 1000000 The allowed range for Mbps and kfps is 1 to 3300Mbps Unit Select the unit of measure for the policer ...

Page 312: ...WEB OPERATION CONFIGURATION 4 3 25 1 4 Queue Policing Port The port number Port settings apply to all ports Queue 0 7 Enable Select the appropriate checkboxes to enable queue policing function on switch ports When enabled the following image will appear ...

Page 313: ...0000 Allowed range for Mbps is 1 to 3300Mbps Unit Select he unit of measure for the ingress queue policer Save Save the current running configurations to memory Reset Clear all selected settings 4 3 25 2 Egress 4 3 25 2 1 Port Scheduler Port Click the port to set up detailed settings for port scheduler Mode Display scheduler mode selected Weight Display the weight in percentage assigned to Q0 Q5 ...

Page 314: ...This gives egress queues with higher priority to be transmitted first before lower priority queues are serviced Weight mode Deficit Weighted Round Robin DWRR queuing which specifies a scheduling weight for each queue Options Strict Weighted Default Strict DWRR services the queues in a manner similar to WRR but the next queue is serviced only when the queue s Deficit Counter becomes smaller than th...

Page 315: ... each queue DWRR uses a predefined relative weight for each queue that determines the percentage of service time the switch services each queue before moving on to the next queue This prevents the head of line blocking that can occur with strict priority queuing Weight Assign a weight to each queue This weight sets the frequency at which each queue is polled for service and subsequently affects th...

Page 316: ... 25 2 3 Port Tag Remarking Tag Remarking Mode Select the appropriate remarking mode used by this port Classified Use classified PCP DEI values Default Use default PCP DEI values Default PCP 0 Default DEI 0 Mapped Use the mapping of the classified QoS class values and DP levels to PCP DEI values QoS class DP level Show the mapping options for QoS class values and DP levels drop precedence PCP Remar...

Page 317: ...n the selected classification method Ingress Classify Select the appropriate classification method Disable No ingress DSCP classification is performed DSCP 0 Classify if incoming DSCP is 0 Selected Classify only selected DSCP for which classification is enabled in DSCP Translation table All Classify all DSCP Egress Rewrite Configure port egress rewriting of DSCP values Disable Egress rewriting is ...

Page 318: ... trusted Only trusted DSCP values are mapped to a specific QoS class and drop precedence level DPL Frames with untrusted DSCP values are treated as non IP frames QoS Class Select the QoS class to the corresponding DSCP value for ingress processing By default 0 is used Allowed range is 0 to 7 DPL Select the drop precedence level to the corresponding DSCP value for ingress processing By default 0 is...

Page 319: ...fied classification method Ingress Classify Enable classification at ingress side as defined in the QoS port DSCP Configuration Table Egress Remap Enable egress remap based on the specified classification method 4 3 25 6 DSCP Classification Map DSCP values to QoS class and DPL value QoS Class List of actual QoS class values DSCP Select the DSCP value to map QoS class and DPL value DSCP value selec...

Page 320: ...icast SMAC Source MAC address Tag Type The value of tag field can be Untagged Tagged or Any VID Display VLAN ID 1 4095 PCP Display PCP value DEI Display DEI value Frame Type Display the frame type to look for in incoming frames Possible frame types are Any Ethernet LLC SNAP IPv4 IPv6 Action Display the classification action taken on ingress frames when the configured parameters are matched in the ...

Page 321: ... Select a PCP value either specific value or a range of values are provided By default any is used DEI Select a DEI value By default any is used Frame Type The frame types can be selected are listed below Any By default any is used which means that all types of frames are allowed Ethernet This option can only be used to filter Ethernet II formatted packets Options Any Specific 600 ffff hex Default...

Page 322: ...ask format The address and mask must be in the format x y z w where x y z and w are decimal numbers between 0 and 255 When the mask is converted to a 32 bit binary string and read from left to right all bits following the first zero must also be zero IP Fragment By default any is used Datagrams sometimes may be fragmented to ensure they can pass through a network device that uses a maximum transfe...

Page 323: ...rom storms by setting a threshold for specified traffic on the device Any specified packets exceeding the specified threshold will then be dropped Enable Enable Unicast storm Multicast storm or Broadcast storm protection Rate pps Select the packet threshold The packets received exceed the selected value will be dropped 4 3 25 9 WRED Queue The queue number Queue 0 to 5 can apply to Random Early Det...

Page 324: ...the frames marked in drop precedence level 3 when the average queue filling level is 100 The valid value is 0 100 4 3 26 Mirroring Port to mirror Select the mirror port to which rx or tx traffic will be mirrored Or disable port mirroring function Mode There are four modes that can be used on each port Disabled Disable the port mirroring function on a given port Rx only Only frames received on this...

Page 325: ... 100 seconds However due to the unreliable nature of UDP it is recommended to set to the shorter duration since the shorter the duration the fresher is UPnP status 4 3 28 PTP PTP External Clock Mode One_PPS_Mode Select one of the 1pps options Disable Disable 1 pps clock input output Input Enable 1pps clock input Output Enable 1pps clock output External Enable Select True to enable external clock o...

Page 326: ...rements are used This parameter applies only to a slave In one way mode no delay measurements are performed i e this is applicable only if frequency synchronization is needed The master always responds to delay requests Protocol Select transport protocol used by the PTP protocol engine Ethernet PTP over Ethernet multicast ip4multi PTP over IPv4 multicast ip4uni PTP over IPv4 unicast Note IPv4 unic...

Page 327: ... of data the static members defined at clock creation time the Dynamic members defined by the system and the configurable members which can be set here ClockId This shows the instance id number 0 3 Device Type This shows the Type of the Clock Instance 2 Step Flag This shows True or False Ports This shows the total number of physical ports in the node Clock Identity This shows unique clock identifi...

Page 328: ...This shows the mean propagation time for the link between the master and the local slave Filter Parameters DelayFilter Period Dist The default delay filter is a low pass filter with a time constant of 2 DelayFilter DelayRequestRate The default offset filter uses a minimum delay filter method i e The minimum measured offset during Period samples is used in the calculation The distance between two c...

Page 329: ...Constant P component in regulator The allowed value is 1 to 1000 I Constant I component in regulator The allowed value is 1 to 1000 D Constant D component in regulator The allowed value is 1 to 1000 Unicast Slave Configuration When operating in IPv4 Unicast mode the slave is configured up to 5 master IP addresses The slave then requests Announce messages from all the configured masters The slave u...

Page 330: ...The value is reflected in the MDR field in the Slave Delay Asymmetry If the transmission delay for a link in not symmetric the asymmetry can be configured here see IEEE 1588 Section 7 4 2 Communication path asymmetry Ingress latency Ingress latency measured in ns as defined in IEEE 1588 Section 7 3 4 2 Egress Latency Egress latency measured in ns as defined in IEEE 1588 Section 7 3 4 2 Version The...

Page 331: ...splays the current state of the built in power and fan If there is something wrong with fan modules error messages will be displayed here If there is something wrong with fan modules FAN LED indicators on the front panel will also be lit in red 4 4 1 3 System CPU Load This page displays the CPU load using an SVG graph ...

Page 332: ...s every 3 seconds 4 4 1 4 System IP Status Display the status of IP interfaces and routes Please refer to System IP for the configuration of the interfaces and routes This page is informational only 4 4 1 5 System Log Information Displays the collected log information Level Use this pull down to display all messages or messages of type info warning or error Clear Level Use this pull down to clear ...

Page 333: ...e Yellow colored ports indicate a 1G linked state For Port 25 28 Green colored ports indicate 1G linked state while Blue colored ports indicate a 10G linked state Black ports have no link The link status display can be updated by clicking the Refresh button When Auto refresh is checked the display will be updated every 3 seconds 4 4 2 2 SFP SFP monitoring page displays the selected port s slide in...

Page 334: ...ansmitted The number of frames received in error and the number of incomplete transmissions per port Drops Received Transmitted The number of frames discarded due to ingress or egress congestion Filtered Received The number of received frames filtered by the forwarding process The counter display can be updated by clicking the Refresh button When Auto refresh is checked the display will be updated...

Page 335: ... per queue 4 4 2 5 QCL Status This page shows the QCL status by different QCL users Each row describes the QCE that is defined It is a conflict if a specific QCE is not applied to the hardware due to hardware limitations The maximum number of QCEs is 256 on each switch User Indicates the QCL user QCE Indicates the index of QCE Port Indicates the list of ports configured with the QCE Frame Type Ind...

Page 336: ...played under DPL column DSCP If a frame matches the QCE then DSCP will be classified with the value displayed under DSCP column Conflict Displays Conflict status of QCL entries As H W resources are shared by multiple applications it may happen that resources required to add a QCE may not be available In that case it shows conflict status as Yes otherwise it is always No Please note that conflict c...

Page 337: ...to categories based on their respective frame sizes Receive and Transmit Queue Counters Rx Q0 Q7 Tx Q0 Q7 Displays the number of received and transmitted packets per input and output queue Receive Error Counters Rx Drops The number of frames dropped due to lack of receive buffers or egress congestion Rx CRC Alignment The number of frames received with CRC or alignment errors Rx Undersize The numbe...

Page 338: ...cation A count of the number of duplicate Event OAMPDUs received and transmitted on this interface Event Notification OAMPDUs may be sent in duplicate to increase the probability of successfully being received given the possibility that a frame may be lost in transit A duplicate Event Notification OAMPDU is indicated as an Event Notification OAMPDU with a Sequence Number field that is identical to...

Page 339: ...Monitoring Support If status is enabled the device supports interpreting Link Events MIB Retrieval Support If status is enabled the device supports sending Variable Response OAMPDUs MTU Size It represents the largest OAMPDU in octets supported by the device This value is compared to the remotes Maximum PDU Size and the smaller of the two is used Multiplexer State When in forwarding state the devic...

Page 340: ...mes in the period is required to be equal to or greater than in order for the event to be generated 1 The default value is one frame error 2 The lower bound is zero frame errors 3 The upper bound is unspecified Frame errors This four octet field indicates the number of detected errored frames in the period Total frame errors This eight octet field indicates the sum of errored frames that have been...

Page 341: ...rrors since the OAM sub layer was reset Symbol frame period error events This four octet field indicates the number of Errored Symbol Period Event TLVs that have been generated since the OAM sub layer was reset Local Remote Event Seconds Summary Status Event Seconds Summary Time Stamp This two octet field indicates the time reference when the event was generated in terms of 100 ms intervals encode...

Page 342: ...utomatic Binding The number of bindings with network type pools Manual Binding The number of bindings that the network engineer assigns an IP address to a client In other words the pool is of host type Expired Binding The number of bindings that their lease time expired or they are cleared from Automatic or Manual type bindings DHCP Message Received Counters Discover The number of DHCP DISCOVER me...

Page 343: ...HCP ACK messages sent NAK The number of DHCP NAK messages sent 4 4 4 1 2 Binding IP The IP address allocated to DHCP client Type The type of binding method This field can be Automatic Manual or Expired State The state of binding Possible states are Committed Allocated or Expired Pool Name The pool that generates the binding Server ID The server IP address to create the binding 4 4 4 1 3 Declined I...

Page 344: ...ption missing Receive Bad Circuit ID The number of packets whose Circuit ID option did not match known circuit ID Receive Bad Remote ID The number of packets whose Remote ID option did not match known Remote ID Client Statistics Transmit to Client The number of relayed packets from server to client Transmit Error The number of packets that resulted in error while being sent to servers Receive from...

Page 345: ... number of NAK option 53 with value 6 packets received and transmitted Rx and Tx Release The number of release option 53 with value 7 packets received and transmitted Rx and Tx Inform The number of inform option 53 with value 8 packets received and transmitted Rx and Tx Lease Query The number of lease query option 53 with value 10 packets received and transmitted Rx and Tx Lease Unassigned The num...

Page 346: ...ace The interface type through which any remote host can access the switch Received Packets The number of received packets from the interface when access management mode is enabled Allowed Packets The number of allowed packets from the interface when access management mode is enabled Discarded Packets The number of discarded packets from the interface when access management mode is enabled ...

Page 347: ...ns that the corresponding user module is not enabled whereas a letter indicates that the user module abbreviated by that letter has enabled port security State This shows the current status of a port It can be one of the following states Disabled No user modules are currently using the Port Security service Ready The Port Security service is in use by at least one user module and is awaiting frame...

Page 348: ...lly and on a port MAC addresses learned on a port show in here VLAN ID Display VLAN ID that is seen on this port State Display whether the corresponding MAC address is forwarding or blocked In the blocked state it will not be allowed to transmit or receive traffic Time of Addition Display the date and time when this MAC address was seen on the port Age Hold If at least one user module has decided ...

Page 349: ...t recently received EAPOL frame for EAPOL based authentication Last ID The user name supplicant identity carried in the most recently received Response Identity EAPOL frame for EAPOL based authentication QoS Class Display the QoS class that NAS assigns to the port This field is left blank if QoS is not set by NAS Port VLAN ID The VLAN ID of the port assigned by NAS This field is left blank if VLAN...

Page 350: ... will match IPv4 frames with ICMP protocol IPv4 UDP The ACE will match IPv4 frames with UDP protocol IPv4 TCP The ACE will match IPv4 frames with TCP protocol IPv4 Other The ACE will match IPv4 frames which are not ICMP UDP TCP IPv6 The ACE will match all IPv6 standard frames Action Display the forwarding action of the ACE Permit Frames matching the ACE may be forwarded and learned Deny Frames mat...

Page 351: ...lict Indicate the hardware status of the specific ACE The specific ACE is not applied to the hardware due to hardware limitations 4 4 5 2 4 Dynamic ARP Inspection Table Port The port number of this entry VLAN ID VLAN ID in which the ARP traffic is permitted MAC Address User MAC address of this entry 4 4 5 2 5 Dynamic IP Source Guard Table The Dynamic IP Source Guard table shows entries sorted by p...

Page 352: ... Displayed states include the following Disabled This server is disabled Not Ready The server is ready but IP communication is not yet up and running Ready The server is ready and IP communication is not yet up and running The RADIUS server is ready to accept access attempts 4 4 5 3 2 RADIUS Details RADIUS Authentication Statistics for Server Access Accepts The number of RADIUS Access Accept packe...

Page 353: ...ess Request is sent and decremented due to receipt of an Access Accept Access Reject Access Challenge timeout or retransmission Timeouts The number of authentication timeouts to the server After a timeout the client may retry to the same server send to a different server or give up A retry to the same server is counted as a retransmit as well as a timeout A send to a different server is counted as...

Page 354: ... of accounting timeouts to the server After a timeout the client may retry to the same server send to a different server or give up A retry to the same server is counted as a retransmit as well as a timeout A send to a different server is counted as a Request as well as a timeout IP Address IP address and UDP port for the accounting server in question State Shows the state of the server It takes o...

Page 355: ...re directed to the broadcast address Multicast The total number of good packets received that were directed to a multicast address CRC Errors The total number of packets received that had a length excluding framing bits but including FCS octets of between 64 and 1518 octets Undersize The total number of packets received that were less than 64 octets Oversize The total number of packets received th...

Page 356: ...were directed to a multicast address CRC Errors The total number of packets received that had a length excluding framing bits but including FCS octets of between 64 and 1518 octets Undersize The total number of packets received that were less than 64 octets Oversize The total number of packets received that were longer than 64 octets Frag The number of frames which size is less than 64 octets rece...

Page 357: ...was less than this threshold then an alarm will be generated Rising Index The index of the event to use if an alarm is triggered by monitored variables crossing above the rising threshold Falling Threshold If the current value is less than the falling threshold and the last sample value was greater than this threshold then an alarm will be generated Falling Index The index of the event to use if a...

Page 358: ...he partner Last Changed The time since this LAG changed Local Ports The local ports that are a port of this LAG 4 4 6 2 Port Status Port The port number LACP Show LACP status on a port Yes LACP is enabled and the port link is up No LACP is not enabled or the port link is down Backup The port is in a backup role When other ports leave LAG group this port will join LAG Key The aggregation key value ...

Page 359: ...o this local port Partner Prio The priority value of the partner 4 4 6 3 Port Statistics Port The port number LACP Received The number of LACP packets received on a port LACP Transmitted The number of LACP packets transmitted by a port Discarded The number of unknown and illegal packets that have been discarded on a port ...

Page 360: ...nsmit Tx mode Loops The number of loops detected on a port Status The current loop status detected on a port Loop Loops detected on a port or not Time of Last Loop The time of the last loop event detected 4 4 8 Spanning Tree 4 4 8 1 Bridge Status MSTI The bridge instance Click this instance to view STP detailed bridge status Bridge ID The unique bridge ID for this instance consisting a priority va...

Page 361: ...ance consisting a priority value and MAC address of the bridge switch Root ID Display the root device s priority value and MAC address Root Cost The path cost from the root port on the switch to the root device For the root bridge this is zero For all other bridges it is the sum of the port path costs on the least cost path to the root bridge Root Port The number of the port on this switch that is...

Page 362: ...ut do not forward them Learning Port has transmitted configuration messages for an interval set by the Forward Delay parameter without receiving contradictory information Port address table is cleared and the port begins learning addresses Forwarding Ports forward packets and continue to learn addresses Edge Display whether this port is an edge port or not Point to Point Display whether this point...

Page 363: ...nce the bridge port was last initialized 4 4 8 3 Port Statistics Port Display the port number Transmitted Received MSTP RSTP STP The number of MSTP RSTP STP configuration BPDU messages transmitted and received on a port Transmitted Received TCN The number of TCN messages transmitted and received on a port Discarded Unknown Illegal The number of unknown and illegal packets discarded on a port 4 4 9...

Page 364: ...D VLAN ID VLAN ID of the group Groups Group ID Port Members Ports that belong to this group 4 4 9 3 MVR SFM Information VLAN ID VLAN ID of the group Group The group address Port Switch port number Mode Indicates the filtering mode maintained per VLAN ID port number Group Address basis It can be either Include or Exclude Source Address The source IP Address Currently the system limits the total num...

Page 365: ...atus Statistics VLAN ID The VLAN ID of this entry Querier Version The current working Querier version Host Version The current host version Querier Status Show the Querier status that is either ACTIVE or IDLE DISABLE denotes the specific interface is administratively disabled Queries Transmitted The number of queries transmitted ...

Page 366: ...t The port number Status Indicate whether a specific port is a router port or not 4 4 10 1 2 Groups Information VLAN ID Display the VLAN ID of the group Groups Display the group address Port Members Ports that belong to this group 4 4 10 1 3 IPv4 SFM Information VLAN ID Display the VLAN ID of the group Groups Display the IP address of a multicast group Port The switch port number Mode The filterin...

Page 367: ... this entry Querier Version The current working Querier version Host Version The current host version Querier Status Show the Querier status that is either ACTIVE or IDLE DISABLE denotes the specific interface is administratively disabled Queries Transmitted The number of queries transmitted Queries Received The number of queries received V1 Reports Received The number of Received V1 Reports V2 Re...

Page 368: ... to this group 4 4 10 2 3 IPv6 SFM Information VLAN ID Display the VLAN ID of the group Group Display the IP address of a multicast group Port The switch port number Mode The filtering mode maintained per VLAN ID port number and group address Source Address The source IP address available for filtering Type Display either Allow or Deny type Hardware Filter Switch Indicates whether the data plane d...

Page 369: ...em Capabilities This shows the neighbour unit s capabilities When a capability is enabled the capability is followed by If disabled the capability is followed by Management Address The IPv4 address of the remote device If no management address is available the address should be the MAC address for the CPU or for the port sending this advertisement If the neighbor device allows management access cl...

Page 370: ...that a neighbor s information has been deleted from the LLDP remote systems MIB because the remote TTL timer has expired LLDP Statistics Local Counters Local Port The port number Tx Frames The number of LLDP PDUs transmitted Rx Frames The number of LLDP PDUs received Rx Errors The number of received LLDP frames with some kind of error Frames Discarded The number of frames discarded because they di...

Page 371: ...s Rx Tx The number of received and transmitted green frames Yellow Frames Rx Tx The number of received and transmitted yellow frames Red Frames Rx The number of received red frames Discarded Frames Rx Tx The number of discarded frames in ingress and egress queue system 4 4 12 2 ECE Statistics Clear Select the checkbox to mark an entry for clearance in next Clear operation Port The UNI NNI port num...

Page 372: ...e Display the current setting of VCXO Clock Frequency Display the current setting of clock frequency PTP Clock Configuration Disply clock instance currently created 4 4 14 MAC Table The MAC Address Table shows both static and dynamic MAC addresses learned from CPU or switch ports You can enter the starting VLAN ID and MAC addresses to view the desired entries Type This field displays whether the l...

Page 373: ... CPU or certain ports Port Members Ports associated with this entry Flush Dynamic Entries Refresh all MAC addresses or refresh MAC addresses on a per port or per VLAN basis 4 4 15 VLANs 4 4 15 1 Membership This page shows the current VLAN membership saved on the Switch VLAN ID VLANs that are already created Port members Display member ports on the configured VLANs ...

Page 374: ...frame type Port VLAN ID Display the Port VLAN ID PVID Tx Tag Displays the Egress action on a port Untagged VLAN ID Display the untagged VLAN ID A port s UVID determines the packet s behavior at the egress side If the VID of Ethernet frames leaving a port match the UVID these frames will be sent untagged Conflicts Display whether conflicts exist or not When a software module requests to set VLAN me...

Page 375: ...dress Enter the IP address that you wish to ping Ping Length The size or length of echo packets Ping Count The number of echo packets will be sent Ping Interval The time interval between each ping request 4 5 2 Link OAM 4 5 2 1 MIB Retrieval Local or Peer Click on the radio button to select the location of MIB to be polled Port The port on the device that is used for OAM MIB retrieval 4 5 3 Ping6 ...

Page 376: ...ICMP packet goes The VID ranges from 1 to 4094 and will be effective only when the corresponding IPv6 interface is valid When this field is not specified Ping6 will find the best match interface for destination Do not specify egress interface for loopback address Do specify egress interface for link local or multicast address 4 6 Maintenance The Maintenance menu contains several sub menus Select t...

Page 377: ...te that all changed settings will be lost It is recommended that a copy of the current configuration is saved to your local device 4 6 3 Software 4 6 3 1 Upload Update the latest Firmware file Select a Firmware file from your local device and then click Upload to start updating 4 6 3 2 Image Select Select the image file to be used in this device 4 6 4 Configuration 4 6 4 1 Save ...

Page 378: ... running configurations to your local device default config Download a copy of the factory default configurations to your local device startup config Download a copy of startup configurations to your local device 4 6 4 3 Upload Select a file and then click Upload Configuration to start uploading the file 4 6 4 4 Activate Select the file that you would like to use Click on the Activate Configuratio...

Page 379: ...r 4 Web Configuration Operation 379 CHAPTER 4 WEB OPERATION CONFIGURATION 4 6 4 5 Delete Select the file that you would like to delete Click on the Delete Configuration File to remove the file from the device ...

Page 380: ... Configuration Example for Q in Q Application Application Diagram Descriptions 1 MSW 4424C S receives packets with VLAN ID 10 on port 1 2 MSW 4424C S sneds packets with both VLAN ID 10 and 4000 from port 5 3 Enable Ingress Filtering on Port 1 and Port 5 4 Set Ingress Acceptance to Tagged Only Web Configurations ...

Page 381: ...FW Version Descriptions 0 9a Preliminary version 0 9b Revise default IP address errors 0 9c 2015 11 13 Add CLI 0 9d 2015 11 27 Add Web 4 3 13 SyncE 4 3 28 IEEE1588 4 4 13 Monitor PTP Add Q in Q Application 0 9e 2016 2 5 1 040 Add Fan mode Add NL version ...

Page 382: ......

Reviews:

No comments

Related manuals for MSW-4424C Series

D-Link DES-3526 - Switch - Stackable Manual preview
DES-3526 - Switch - Stackable
Brand: D-Link Pages: 258
Sagem 2604 Quick Installation Manual preview
2604
Brand: Sagem Pages: 19
IBM 11a Quick Start Manual preview
11a
Brand: IBM Pages: 32
D-Link DIR-853/EE Quick Installation Manual preview
DIR-853/EE
Brand: D-Link Pages: 83
Lanner NCA-1526 User Manual preview
NCA-1526
Brand: Lanner Pages: 78
Juniper ACX2000 Hardware Manual preview
ACX2000
Brand: Juniper Pages: 190
Navini Networks RIPWAVE 40-00460-00R User Manual preview
RIPWAVE 40-00460-00R
Brand: Navini Networks Pages: 35
NA DigiNet 416 User Manual preview
DigiNet 416
Brand: NA Pages: 22
ZyXEL Communications ZyAIR G-3000H User Manual preview
ZyAIR G-3000H
Brand: ZyXEL Communications Pages: 299
VCS VideoJet 100 Manual preview
VideoJet 100
Brand: VCS Pages: 118
ZyXEL Communications G-170S User Manual preview
G-170S
Brand: ZyXEL Communications Pages: 79
Dataprobe iBoot Instruction Manual preview
iBoot
Brand: Dataprobe Pages: 16
Softing TH LINK Installation Manual preview
TH LINK
Brand: Softing Pages: 16
Riverbed SteelCentral NetExpress 470 Upgrade And Maintenance Manual preview
SteelCentral NetExpress 470
Brand: Riverbed Pages: 140
Linksys WAG120N Datasheet preview
WAG120N
Brand: Linksys Pages: 2
Eaton 9479-ETG-CSL Instruction Manual preview
9479-ETG-CSL
Brand: Eaton Pages: 32
TRENDnet TEG-PCITX User Manual preview
TEG-PCITX
Brand: TRENDnet Pages: 15
SMC Networks SMCGS10P-Smart Installation Manual preview
SMCGS10P-Smart
Brand: SMC Networks Pages: 68

Brands by name

Popular brands

Load more brands