DG-GS1500E Series
Gigabit Ethernet Web Managed Switch
Management Guide
V1.0
2014-03-05
As our products undergo continuous development the specifications are subject to change without prior notice
AZTECA 1000 Web Managed Switch Series
Page 1: ...Gigabit Ethernet Web Managed Switch Management Guide V1 0 2014 03 05 As our products undergo continuous development the specifications are subject to change without prior notice AZTECA 1000 Web Manag...
Page 2: ...0BASE T Ports RJ 45 and 2 Gigabit SFP Ports DG GS1526HPE GIGABIT ETHERNET SWITCH Layer 2 Gigabit Ethernet PoE Switch with 24 10 100 1000BASE T Ports RJ 45 and 2 Gigabit SFP Ports DG GS1526E GIGABIT ET...
Page 3: ...e used throughout this guide to show information NOTE Emphasizes important information or calls your attention to related features or instructions CAUTION Alerts you to a potential hazard that could c...
Page 4: ...URATION 27 3 USING THE WEB INTERFACE 28 Navigating the Web Browser Interface 28 Home Page 28 Configuration Options 29 Panel Display 29 Main Menu 29 4 CONFIGURING THE SWITCH 39 Configuring System Infor...
Page 5: ...DHCP Relay and Option 82 Information 106 Configuring IP Source Guard 107 Configuring ARP Inspection 111 Specifying Authentication Servers 114 Creating Trunk Groups 116 Configuring Static Trunks 116 Co...
Page 6: ...Protocol VLANs 177 Configuring Protocol VLAN Groups 178 Mapping Protocol Groups to Ports 179 Configuring IP Subnet based VLANs 180 Managing VoIP Traffic 182 Configuring VoIP Traffic 182 Configuring T...
Page 7: ...splaying Information About Learned MAC Addresses 228 Displaying Port Status for Authentication Services 229 Displaying Port Statistics for 802 1X or Remote Authentication Service 230 Displaying ACL St...
Page 8: ...ion 262 Showing MLD Snooping Status 262 Showing MLD Snooping Group Information 263 Showing IPv6 SFM Information 264 Displaying LLDP Information 265 Displaying LLDP Neighbor Information 265 Displaying...
Page 9: ...aving Configuration Settings 285 Restoring Configuration Settings 285 SECTION III APPENDICES 287 A SOFTWARE SPECIFICATIONS 288 Software Features 288 Management Features 289 Standards 290 Management In...
Page 10: ...14 Authentication Server Operation 57 Figure 15 Authentication Method for Management Access 58 Figure 16 SSH Configuration 59 Figure 17 HTTPS Configuration 61 Figure 18 Access Management Configuratio...
Page 11: ...anning Tree Internal Spanning Tree125 Figure 48 STA Bridge Configuration 129 Figure 49 Adding a VLAN to an MST Instance 131 Figure 50 Configuring STA Bridge Priorities 132 Figure 51 STP RSTP CIST Port...
Page 12: ...isplaying Port Tag Remarking Mode 194 Figure 83 Configuring Port Tag Remarking Mode 195 Figure 84 Configuring Port DSCP Translation and Rewriting 197 Figure 85 Configuring DSCP based QoS Ingress Class...
Page 13: ...gure 119 RMON History Overview 247 Figure 120 RMON Alarm Overview 248 Figure 121 RMON Event Overview 248 Figure 122 LACP System Status 249 Figure 123 LACP Port Status 250 Figure 124 LACP Port Statisti...
Page 14: ...ble 274 Figure 146 Showing VLAN Members 275 Figure 147 Showing VLAN Port Status 276 Figure 148 Showing MAC based VLAN Membership Status 277 Figure 149 Showing sFlow Statistics 278 Figure 150 ICMP Ping...
Page 15: ...upport 60 Table 6 SNMP Security Models and Levels 63 Table 7 Dynamic QoS Profiles 85 Table 8 QCE Modification Buttons 97 Table 9 Recommended STA Path Cost Range 133 Table 10 Recommended STA Path Costs...
Page 16: ...view of the switch and introduces some basic concepts about network switches It also describes the basic settings required to access the management interface This section includes these chapters Intro...
Page 17: ...Port Authentication Port Security DHCP Snooping with Option 82 relay information IP Source Guard Access Control Lists Supports up to 256 rules DHCP Client DNS Client and Proxy service Port Configurati...
Page 18: ...authentication server i e RADIUS or TACACS Port based authentication is also supported via the IEEE 802 1X protocol This protocol uses Extensible Authentication Protocol over LANs EAPOL to request use...
Page 19: ...E LIMITING This feature controls the maximum rate for traffic transmitted or received on an interface Rate limiting is configured on interfaces at the edge of a network to limit traffic into or out of...
Page 20: ...ed by using the STP backward compatible mode provided by RSTP STP provides loop detection When there are multiple physical paths between segments this protocol will choose a single path and disable al...
Page 21: ...ecified interfaces based on protocol type IEEE 802 1Q TUNNELING QINQ This feature is designed for service providers carrying traffic for multiple customers across their networks QinQ tunneling is used...
Page 22: ...Query to manage multicast group registration for IPv4 traffic and MLD Snooping for IPv6 traffic It also supports Multicast VLAN Registration MVR which allows common multicast traffic such as televisio...
Page 23: ...t Enabled 1 kpps Multicast disabled Unknown unicast disabled Spanning Tree Algorithm Status Enabled RSTP Defaults RSTP standard Edge Ports Enabled Address Table Aging Time 300 seconds Virtual LANs Def...
Page 24: ...ient Disabled Snooping Disabled DNS Proxy service Disabled Multicast Filtering IGMP Snooping Snooping Disabled Querier Disabled MLD Snooping Disabled Multicast VLAN Registration Disabled System Log co...
Page 25: ...ave addresses that start 192 168 1 x If the PC and switch are not on the same subnet you must manually set the PC s IP address to 192 168 1 x where x is any number from 1 to 254 except 10 4 Open your...
Page 26: ...CHAPTER 2 Initial Switch Configuration 26 logging out To change the password click Security and then Users Select admin from the User Configuration list fill in the Password fields and then click Save...
Page 27: ...detailed description of how to configure each feature via a web browser This section includes these chapters Using the Web Interface on page 28 Configuring the Switch on page 39 Monitoring the Switch...
Page 28: ...the web browser interface you must first enter a user name and password The administrator has Read Write access to all configuration parameters and statistics The default user name and password for t...
Page 29: ...223 Figure 2 Front Panel Indicators MAIN MENU Using the onboard web agent you can define system parameters manage and control the switch and all its ports or monitor network conditions The following t...
Page 30: ...igures VLAN groups 170 Ports Specifies default PVID and VLAN attributes 171 Mirroring RSPAN Sets source and target ports for local or remote mirroring 205 Advanced Configuration System2 Information Co...
Page 31: ...d per port security including maximum allowed MAC addresses and response for security breach 78 NAS Configures global and port settings for IEEE 802 1X 81 ACL Access Control Lists 93 Ports Assigns ACL...
Page 32: ...and immediate leave 137 IPMC IP Multicast IGMP Snooping Internet Group Management Protocol Snooping 142 Basic Configuration Configures global and port settings for multicast filtering 142 VLAN Config...
Page 33: ...d DSCP based QoS classification 186 Port Policing Controls the bandwidth provided for frames entering the ingress queue of specified ports 188 Port Scheduler Provides overview of QoS Egress Port Sched...
Page 34: ...ailed Ethernet port statistics 223 Security 226 Access Management Statistics Displays the number of packets used to manage the switch via HTTP HTTPS and SNMP Telnet and SSH 226 Network Port Security S...
Page 35: ...ion Control Protocol 249 System Status Displays administration key and associated local ports for each partner 249 Port Status Displays administration key LAG ID partner ID and partner ports for each...
Page 36: ...ough LLDP messages 269 Port Statistics Displays statistics for all connected remote devices and statistics for LLDP protocol packets crossing each port 271 PoE3 Displays the status for all PoE ports i...
Page 37: ...settings 283 Software Upload Updates software on the switch with a file specified on the management station 283 Image Select Displays information about the active and alternate backup firmware images...
Page 38: ...iguration settings from a file on the management station 285 1 The Basic Configuration menu is a subset of Advanced Configuration The following configuration chapter is therefore structured on the Adv...
Page 39: ...ETERS These parameters are displayed System Contact Administrator responsible for the system Maximum length 255 characters System Name Name assigned to the switch system Maximum length 255 characters...
Page 40: ...ned via DHCP by default If the switch does not receive a response from a DHCP server it will default to the IP address 192 168 1 10 and subnet mask 255 255 255 0 You can manually configure a specific...
Page 41: ...base based on previous responses to DNS queries forwarded on behalf of attached clients If the required information is not in the local database the switch forwards the DNS query to a DNS server store...
Page 42: ...manually configure a link local address by entering the full address with the network prefix FE80 To connect to a larger network with multiple subnets you must configure a global unicast address Ther...
Page 43: ...ts specifies that the first six colon separated values comprise the network portion of the address Router Sets the IPv6 address of the default next hop router An IPv6 default gateway must be defined i...
Page 44: ...the switch periodically sends a request for a time update to a configured time server You can configure up to five time server IP addresses The switch will attempt to poll each server in the configur...
Page 45: ...Savings Time or Summer Time Typically clocks are adjusted forward one hour at the start of spring and then adjusted backward in autumn PATH Basic Advanced Configuration System Time PARAMETERS These p...
Page 46: ...number of minutes to add during Daylight Saving Time Range 1 1440 WEB INTERFACE To set the time zone or Daylight Savings Time 1 Click Configuration System Time 2 Select one of the predefined time zon...
Page 47: ...even if the syslog server does not exist PARAMETERS These parameters are displayed Server Mode Enables disables the logging of debug or error messages to the remote logging process Default Disabled S...
Page 48: ...d 30 s for other link speeds EEE devices must agree upon the value of the wakeup time in order to make sure that both the receiving and transmitting devices have all circuits powered up when traffic i...
Page 49: ...ion page to configure the connection parameters for each port This page includes options for enabling auto negotiation or manually setting the speed and duplex mode enabling flow control setting the m...
Page 50: ...c from end stations or segments connected directly to the switch when its buffers fill When enabled back pressure is used for half duplex operation and IEEE 802 3 2005 formally IEEE 802 3x for full du...
Page 51: ...100 meters Enabling power saving mode can significantly reduce power used for cable lengths of 20 meters or less and continue to ensure signal integrity The following options are supported Disabled A...
Page 52: ...Guard commands ARP Inspection can also be used to validate the MAC address bindings for ARP packets providing protection against ARP traffic with invalid MAC to IP address bindings which forms the ba...
Page 53: ...ilege Level Specifies the user level Options 1 15 Access to specific functions are controlled through the Privilege Levels configuration page see page 54 The default settings provide four access level...
Page 54: ...ple modules or access to various system settings System Contact Name Location Timezone Log Security Authentication System Access Management Port contains Dot1x port MAC based and the MAC Address Limit...
Page 55: ...maintenance and debugging 10 read and write access of all system functions except for maintenance and debugging 15 read and write access of all system functions including maintenance and debugging WE...
Page 56: ...d on the switch or can be controlled with a RADIUS or TACACS remote access authentication server Note that the RADIUS servers used to authenticate client access for IEEE 802 1X port authentication are...
Page 57: ...thentication server is used you must specify the authentication method and the corresponding parameters for the remote authentication protocol on the Network Access Server Configuration page Local and...
Page 58: ...ication method Options None Local RADIUS TACACS Default Local Selecting the option None disables access through the specified management interface Fallback Uses the local user database for authenticat...
Page 59: ...or management via the SSH protocol The switch supports both SSH Version 1 5 and 2 0 clients SSH service on this switch only supports password authentication The password can be authenticated either lo...
Page 60: ...decrypting data The client and server establish a secure encrypted connection A padlock icon should appear in the status bar for Internet Explorer 5 x or above Netscape 6 2 or above and Mozilla Firef...
Page 61: ...es to access a management interface on the switch from an invalid address the switch will reject the connection PATH Advanced Configuration Security Switch Access Management PARAMETERS These parameter...
Page 62: ...performance or detect potential problems Managed devices supporting SNMP contain software which runs locally on the device and is referred to as an agent A defined set of variables known as managed ob...
Page 63: ...Configuration page to configure basic settings and traps for SNMP To manage the switch through SNMP you must first enable the protocol and configure the basic access parameters To issue trap messages...
Page 64: ...USM for authentication and privacy This community string is associated with SNMPv1 or SNMPv2 clients in the SNMPv3 Communities table page 67 Engine ID The SNMPv3 engine ID Range 10 64 hex digits excl...
Page 65: ...ble for version 2c and 3 hosts Default traps are used The recipient of a trap message does not send a response to the switch Traps are therefore not as reliable as inform messages which include a requ...
Page 66: ...ers on page 68 WEB INTERFACE To configure SNMP system and trap settings 1 Click Advanced Configuration Security Switch SNMP System 2 In the SNMP System Configuration table set the Mode to Enabled to e...
Page 67: ...to authorize access by SNMP v1 and v2c clients should be listed in the SNMPv3 Communities Configuration table For security reasons you should consider removing the default strings PATH Advanced Config...
Page 68: ...these strings for security reasons 3 Add any new community strings required for SNMPv1 or v2 clients that need to access the switch along with the source address and address mask for each client 4 Cl...
Page 69: ...of user connecting to the SNMP agent Range 1 32 characters ASCII characters 33 126 only Security Level The security level assigned to the user NoAuth NoPriv There is no authentication or encryption us...
Page 70: ...odel The user security model Options SNMP v1 v2c or the User based Security Model usm Security Name The name of a user connecting to the SNMP agent Range 1 32 characters ASCII characters 33 126 only T...
Page 71: ...ee The predefined view default_view includes access to the entire MIB tree PARAMETERS These parameters are displayed View Name The name of the SNMP view Range 1 32 characters ASCII characters 33 126 o...
Page 72: ...SCII characters 33 126 only Security Model The user security model Options any v1 v2c or the User based Security Model usm Default any Security Level The security level assigned to the group NoAuth No...
Page 73: ...ini RMON which consists of the Statistics History Event and Alarm groups When RMON is enabled the system gradually builds up information about its physical interfaces storing this information in the r...
Page 74: ...tion packet types and errors A historical record of activity can be used to track down intermittent problems The record can be used to establish normal baseline activity which may reveal problems asso...
Page 75: ...NG RMON ALARMS Use the RMON Alarm Configuration page to define specific criteria that will generate response events Alarms can be set to test data over any specified time interval and can monitor abso...
Page 76: ...ising Trigger alarm when the first value is larger than the rising threshold Falling Trigger alarm when the first value is less than the falling threshold Rising or Falling Trigger alarm when the firs...
Page 77: ...e type the alarm startup type the thresholds and the event to trigger 4 Click Save Figure 27 RMON Alarm Configuration CONFIGURING RMON EVENTS Use the RMON Event Configuration page to set the action to...
Page 78: ...e The value of sysUpTime when an event was last generated for this entry WEB INTERFACE To configure an RMON event 1 Click Advanced Configuration Security Switch RMON Event 2 Click Add New Entry 3 Ente...
Page 79: ...ation Port Port identifier Mode Controls whether Limit Control is enabled on this port Both this and the global Mode must be set to Enabled for Limit Control to be in effect Notice that other modules...
Page 80: ...an be shown for all Actions Limit Reached Indicates that the limit is reached on this port This state can only be shown if Action is set to None or Trap Shutdown Indicates that the port is shut down b...
Page 81: ...2 1X standard defines a port based access control procedure that prevents unauthorized access to a network by requiring users to first submit credentials for authentication Access to all switch ports...
Page 82: ...ed authentication is MD5 The client responds to the appropriate method with its credentials such as a password or certificate The RADIUS server verifies the client credentials and responds with an acc...
Page 83: ...ode Indicates if 802 1X and MAC based authentication are globally enabled or disabled on the switch If globally disabled all ports are allowed to forward frames Reauthentication Enabled Sets clients t...
Page 84: ...an on going authentication In MAC based Authentication mode the switch will ignore new frames coming from the client during the hold time RADIUS Assigned QoS Enabled RADIUS assigned QoS provides a mea...
Page 85: ...ps If duplicate profiles are passed in the Filter ID attribute then only the first profile is used For example if the attribute is service policy in p1 service policy in p2 then the switch applies onl...
Page 86: ...N functionality When checked the individual port settings determine whether RADIUS assigned VLAN is enabled for that port When unchecked RADIUS server assigned VLAN is disabled for all ports When RADI...
Page 87: ...typically with limited network access on which 802 1X unaware clients are placed after a network administrator defined timeout The switch follows a set of rules for entering and leaving the Guest VLA...
Page 88: ...uest VLAN It is only changeable if the Guest VLAN option is globally enabled Range 1 4095 Max Reauth Count The number of times that the switch transmits an EAPOL Request Identity frame without receivi...
Page 89: ...he first EAPOL Start or EAPOL Response Identity frame sent by the supplicant An exception to this is when no supplicants are attached In this case the switch sends EAPOL Request Identity frames using...
Page 90: ...r Guidelines for Port Admin State Port Admin state can only be set to Force Authorized for ports participating in the Spanning Tree algorithm see page 132 When 802 1X authentication is enabled on a po...
Page 91: ...are only enabled when the switch s authentication mode is globally enabled under System Configuration and the port s Admin State is an EAPOL based or MAC Based mode Clicking these buttons will not cau...
Page 92: ...matches a permit rule or dropped as soon as it matches a deny rule If no rules match the frame is accepted Other actions can also be invoked when a matching packet is found including rate limiting co...
Page 93: ...ing Local Port Mirroring on page 205 ACL based port mirroring set by this parameter and port mirroring set on the general Mirror Configuration page are implemented independently To use ACL based mirro...
Page 94: ...L will be applied 4 Click Save Figure 32 ACL Port Configuration CONFIGURING RATE LIMITERS Use the ACL Rate Limiter Configuration page to define the rate limits applied to a port as configured either t...
Page 95: ...r a specific port or for all ports Rules applied to a port take effect immediately while those defined for a policy must be mapped to one or more ports using the ACL Ports Configuration menu page 93 P...
Page 96: ...ion flag source destination IP VLAN ID VLAN priority PARAMETERS These parameters are displayed ACCESS CONTROL LIST CONFIGURATION Ingress Port The ingress port of the ACE All The ACE will match all ing...
Page 97: ...to match Options Any Ethernet ARP IPv4 Default Any Filter Criteria Based on Selected Frame Type Ethernet MAC Parameters SMAC Filter The type of source MAC address Options Any Specific user defined Def...
Page 98: ...ress Options Any no sender IP filter is specified Host specifies the sender IP address in the SIP Address field Network specifies the sender IP address and sender IP mask in the SIP Address and SIP Ma...
Page 99: ...owed 0 ARP RARP frames where the PRO is equal to IP 0x800 must not match this entry 1 ARP RARP frames where the PRO is equal to IP 0x800 must match this entry Default Any IPv4 MAC Parameters DMAC Filt...
Page 100: ...st match this entry Default Any TCP PSH Specifies the TCP Push Function PSH value for this rule Options Any any value is allowed 0 TCP frames where the PSH field is set must not match this entry 1 TCP...
Page 101: ...ifies the destination IP address and destination IP mask in the DIP Address and DIP Mask fields Default Any Response to take when a rule is matched Action Permits or denies a frame based on whether it...
Page 102: ...s rule Options Any Specific 0 7 Default Any WEB INTERFACE To configure an Access Control List for a port or a policy 1 Click Advanced Configuration Security Network ACL Access Control List 2 Click the...
Page 103: ...c bindings configured with IP Source Guard DHCP snooping allows a switch to protect a network from rogue DHCP servers or other devices which send port related information to a DHCP server This informa...
Page 104: ...CP packet is a reply packet from a DHCP server including OFFER ACK or NAK messages the packet is dropped If a DHCP DECLINE or RELEASE message is received from a client the switch forwards the packet o...
Page 105: ...rwarded to trusted ports and reply packets only allowed from trusted ports Default Disabled Port Port identifier Mode Enables or disables a port as a trusted source of DHCP messages Default Trusted WE...
Page 106: ...can be identified by the VLAN and switch port to which they are connected rather than just their MAC address DHCP client server exchange messages are then forwarded directly between the server and cli...
Page 107: ...be used to prevent traffic attacks caused when a host tries to use the IP address of a neighbor to access the network CONFIGURING GLOBAL AND PORT SETTINGS FOR IP SOURCE GUARD Use the IP Source Guard...
Page 108: ...a matching entry is found in the binding table and the entry type is static IP source guard binding or dynamic DHCP snooping binding the packet will be forwarded If IP source guard if enabled on an in...
Page 109: ...ic clients for any port 4 Click Save Figure 37 Configuring Global and Port based Settings for IP Source Guard CONFIGURING STATIC BINDINGS FOR IP SOURCE GUARD Use the Static IP Source Guard Table to bi...
Page 110: ...o static IP source guard binding Only unicast addresses are accepted for static bindings PARAMETERS These parameters are displayed Port The port to which a static entry is bound VLAN ID ID of a config...
Page 111: ...tion is controlled on a global and port basis By default ARP Inspection is disabled both globally and on all ports If ARP Inspection is globally enabled then it becomes active only on the ports where...
Page 112: ...Default Disabled Translate dynamic to static Click to translate all dynamic entries to static entries Port Mode Configuration Port Port identifier Mode Enables Dynamic ARP Inspection on a given port O...
Page 113: ...packets to any entries specified in the static ARP table If no static entry matches the packets then the DHCP snooping bindings database determines their validity PATH Advanced Configuration Security...
Page 114: ...equest Range 3 3600 seconds Default 15 seconds Dead Time The time after which the switch considers an authentication server to be dead if it does not reply Range 0 3600 seconds Default 300 seconds Set...
Page 115: ...ement access in the web interface 1 Click Advanced Configuration Security AAA 2 Configure the authentication method for management client types the common server timing parameters and address UDP port...
Page 116: ...ts will automatically be activated to replace it USAGE GUIDELINES Besides balancing the load across each port in the trunk the other ports provide redundancy by taking over the load if a port in the t...
Page 117: ...ffic flows in the network this load balance algorithm may result in traffic being distributed mostly on one port in a trunk To ensure that the switch traffic load is distributed evenly across all link...
Page 118: ...of the defaults TCP UDP Port Number All traffic with the same source and destination TCP UDP port number is output on the same link in a trunk Avoid using his mode as a lone option It may overload a s...
Page 119: ...target switch has also enabled LACP on the connected ports the trunk will be activated automatically A trunk formed with another switch using LACP will automatically be assigned the next available tru...
Page 120: ...Default Auto Select the Specific option to manually configure a key Use the Auto selection to automatically set the key based on the actual link speed where 10Mb 1 100Mb 2 and 1Gb 3 Role Configures ac...
Page 121: ...ection USAGE GUIDELINES The default settings for the control frame transmit interval and recover time may be adjusted to improve performance for your specific environment The response mode may also ne...
Page 122: ...iguration Port Port identifier Enable Enables loopback detection on a port Default Enabled Action Configures the response to take when a loop is detected on a port Options Shutdown Port Shutdown Port...
Page 123: ...D RSTP Rapid Spanning Tree Protocol IEEE 802 1w MSTP Multiple Spanning Tree Protocol IEEE 802 1s STP STP uses a distributed algorithm to select a bridging device STP compliant switch bridge or router...
Page 124: ...ng an alternate route that can be used when a node or port fails and retaining the forwarding database for ports insensitive to changes in the tree structure when reconfiguration occurs MSTP When usin...
Page 125: ...m between switches that support the STP RSTP MSTP protocols Once you specify the VLANs to include in a Multiple Spanning Tree Instance MSTI the protocol will automatically build an MSTI tree to mainta...
Page 126: ...P generates a unique spanning tree for each instance This provides multiple pathways across the network thereby balancing the traffic load preventing wide scale disruption when a bridge node in a sing...
Page 127: ...Max Age The maximum time in seconds a device can wait without receiving a configuration message before attempting to reconfigure All device ports except for designated ports should receive configurat...
Page 128: ...o the spanning tree discarding state In a valid configuration configured edge ports should not receive BPDUs If an edge port receives a BPDU an invalid configuration exists such as a connection to an...
Page 129: ...stance fails and allowing for faster convergence of a new topology for the failed instance By default all VLANs are assigned to the Common Internal Spanning Tree CIST or MST Instance 0 that connects a...
Page 130: ...C address Configuration Revision The revision for this MSTI Range 0 65535 Default 0 Note The MST name and revision number are both required to uniquely identify an MST region MSTI Mapping MSTI Instanc...
Page 131: ...ce identifier to configure Range CIST MIST1 7 Priority The priority of a spanning tree instance Range 0 240 in steps of 16 Options 0 16 32 48 64 80 96 112 128 144 160 176 192 208 224 240 Default 128 B...
Page 132: ...ity edge port for fast forwarding automatic detection of an edge port and point to point link type You may use a different priority or path cost for ports of the same media type to indicate the prefer...
Page 133: ...to faster media and higher values assigned to ports with slower media Path cost takes precedence over port priority By default the system automatically detects the speed and duplex mode used on each p...
Page 134: ...bridge can determine that a port is at the edge of the network if no BPDU s are received on the port Default Enabled Restricted Role If enabled this causes the port not to be selected as Root Port fo...
Page 135: ...arding state is faster for point to point links than for shared media These options are described below Auto The switch automatically determines if the interface is attached to a point to point link o...
Page 136: ...s Therefore lower values should be assigned to ports attached to faster media and higher values assigned to ports with slower media Path cost takes precedence over port priority By default the system...
Page 137: ...ish the distribution tree for a normal multicast VLAN This makes it possible to support common multicast services over a wide part of the network without having to use any multicast routing protocol M...
Page 138: ...r However if IGMP snooping and MVR are both enabled MVR reacts only to join and leave messages from multicast groups configured under MVR Join and leave messages from all other multicast groups are ma...
Page 139: ...Role Click the Role symbol to configure a port to one of the following MVR roles Inactive I The designated port does not participate in MVR operations This is the default Source S Configures uplink po...
Page 140: ...he MVR ID set the priority and last member query interval 4 Optionally enable immediate leave on any receiver port to which only one subscriber is attached 5 Click Save Figure 54 Configuring General M...
Page 141: ...undefined fields Note that the IP address ff02 X is reserved PARAMETERS These parameters are displayed VLAN ID Displays the Multicast VLAN identifier VLAN Name Displays the Multicast VLAN name Start A...
Page 142: ...ry thereby identifies the ports containing hosts requesting to join the service and sends data out to those ports only It then propagates the service request up to any neighboring multicast switch rou...
Page 143: ...ing and Query service requests from IGMP Version 1 2 or 3 hosts are all forwarded to the upstream router as IGMPv3 reports The primary enhancement provided by IGMPv3 snooping is in keeping track of in...
Page 144: ...ms IGMP Snooping with Proxy Reporting as defined in DSL Forum TR 101 April 2006 including report suppression last leave and query suppression Report suppression intercepts absorbs and summarizes IGMP...
Page 145: ...ost or a neighbor running IGMP snooping Fast Leave is only effective if IGMP snooping is enabled and IGMPv2 or IGMPv3 snooping is used Fast Leave does not apply to a port if the switch has learned tha...
Page 146: ...the role of querying the LAN for group members It then propagates the service requests on to any upstream multicast switch router to ensure that it will continue to receive the multicast service This...
Page 147: ...Member Query Count which is fixed at 2 Range 1 31744 tenths of a second in multiples of 10 Default 1 second When a multicast host leaves a group it sends an IGMP leave message When the leave message i...
Page 148: ...ort PATH Advanced Configuration IPMC IGMP Snooping Port Group Filtering PARAMETERS These parameters are displayed Port Port identifier Filtering Groups Multicast groups that are denied on a port When...
Page 149: ...tch from broadcasting the traffic to all ports and possibly disrupting network performance If multicast routing is not supported on other switches in your network you can use MLD Snooping and Query to...
Page 150: ...t dynamic member port leaves a multicast group The leave proxy feature does not function when a switch is set as the querier When the switch is a non querier the receiving port is not the last dynamic...
Page 151: ...ed a multicast router or querier will send a GS query message when a group leave message is received The router querier stops forwarding traffic for that group only if no host replies to the query wit...
Page 152: ...edence When MLD snooping is disabled globally snooping can still be configured per VLAN interface but the interface settings will not take effect until snooping is re enabled globally MLD Querier When...
Page 153: ...ll not advertise a QRV in any query messages it subsequently sends QI The Query Interval is the interval at which General Queries are sent by the Querier Range 1 255 seconds Default 125 seconds An MLD...
Page 154: ...ave Figure 60 Configuring VLAN Settings for MLD Snooping and Query CONFIGURING MLD FILTERING Use the MLD Snooping Port Group Filtering Configuration page to filter specific multicast traffic In certai...
Page 155: ...er 2 protocol that uses periodic broadcasts to advertise information about the sending device Advertised information is represented in Type Length Value TLV format according to the IEEE 802 1AB standa...
Page 156: ...and to increase the probability that multiple rather than single changes are reported in each transmission This attribute must comply with the rule 4 Transmission Delay Transmission Interval Tx Reinit...
Page 157: ...tively assigned name To configure the system name see page 39 Sys Descr The system description is taken from the sysDescr object in RFC 3418 which includes the full name and version identification of...
Page 158: ...tion CONFIGURING LLDP MED TLVS Use the LLDP MED Configuration page to set the device information which is advertised for end point devices LLDP MED Link Layer Discovery Protocol Media Endpoint Discove...
Page 159: ...ED neighbor has been detected in order share LLDP MED information as fast as possible to new neighbors Because there is a risk that a LLDP frame being lost during transmission between neighbors it is...
Page 160: ...DK DE or US State National subdivisions state region province prefecture County County India district City City township Example Copenhagen City District City division borough city district ward Block...
Page 161: ...onfiguration along with the associated Layer 2 and Layer 3 attributes which apply for a set of specific protocol applications on that port Improper network policy configurations are a very significant...
Page 162: ...rent policy for the voice signaling than for the voice media This application type should not be advertised if all the same network policies apply as those advertised in the Voice application policy G...
Page 163: ...by IEEE 802 1Q 2003 VLAN ID VLAN identifier for the port Range 1 4095 L2 Priority Layer 2 priority used for the specified application type L2 Priority may specify one of eight priority levels 0 7 as d...
Page 164: ...emand from devices connected to the switch exceeds the power budget the switch uses port power priority settings to limit the supplied power COMMAND USAGE The switch can provide DC power to a wide ran...
Page 165: ...connected to a switch port its power requirements are detected by the switch before power is supplied If the power required by a device exceeds the power budget of the port or the whole switch power...
Page 166: ...The ports are shut down according to port priority If two ports have the same priority the port with the highest port number is shut down Reserved Power Ports are shut down when total reserved powere...
Page 167: ...priority and the port power budget 4 Click Save Figure 64 Configuring PoE Settings CONFIGURING THE MAC ADDRESS TABLE Use the MAC Address Table Configuration page to configure dynamic address learning...
Page 168: ...learning mode Otherwise the management link will be lost and can only be restored by using another non secure port or by connecting to the switch via the interface NOTE If the learning mode for a give...
Page 169: ...VLANs to organize any group of network nodes into separate broadcast domains VLANs confine broadcast traffic to the originating group and can eliminate broadcast storms in large networks This also pro...
Page 170: ...ticipate By default all ports are assigned to VLAN 1 as untagged ports Add a port as a tagged port if you want it to carry traffic for one or more VLANs and any intermediate network devices or the hos...
Page 171: ...TES FOR PORT MEMBERS Use the VLAN Port Configuration page to configure VLAN attributes for specific interfaces including processing Queue in Queue frames with embedded tags enabling ingress filtering...
Page 172: ...o value set in the Ethertype for Custom S ports field to indicate that double tagged frames are being forwarded across the switch The switch will pass these frames on to the VLAN indicated in the oute...
Page 173: ...ort VLAN ID If the classified VLAN ID of a frame transmitted on the port is different from the Port VLAN ID a VLAN tag with the classified VLAN ID is inserted in the frame When forwarding a frame from...
Page 174: ...ate VLAN to which it has been assigned and to any other ports within the 802 1Q VLANs to which it has been assigned One example of how private VLANs can be used is in servicing multi tenant dwellings...
Page 175: ...RT ISOLATION Use the Port Isolation Configuration page to prevent communications between customer ports within the same private VLAN Ports within a private VLAN PVLAN are isolated from other ports whi...
Page 176: ...ive VLAN ID PVID PATH Advanced Configuration VCL MAC based VLANs COMMAND USAGE Source MAC addresses can be mapped to only one VLAN ID Configured MAC addresses cannot be broadcast or multicast addresse...
Page 177: ...based VLANs that divide the physical network into logical VLAN groups for each required protocol When a frame is received at a port its VLAN membership can then be determined based on the protocol typ...
Page 178: ...D If the OUI is hexadecimal 000000 the protocol ID is the Ethernet type EtherType field value for the protocol running on top of SNAP If the OUI is that of a particular organization the protocol ID is...
Page 179: ...rfaces using any of the other VLAN menus such as the VLAN Static table page 170 these interfaces will admit traffic of any protocol type into the associated VLAN When a frame enters a port that has be...
Page 180: ...IP SUBNET BASED VLANS Use the IP Subnet based VLAN Membership Configuration page to map untagged ingress frames to a specified VLAN if the source address is found in the IP subnet to VLAN mapping tab...
Page 181: ...VLANs are supported concurrently priority is applied in this sequence and then port based VLANs last PARAMETERS These parameters are displayed VCE ID Index of the entry Range 0 256 where 0 auto gener...
Page 182: ...cted on a configured port the switch automatically assigns the port as a tagged member the Voice VLAN Alternatively switch ports can be manually configured CONFIGURING VOIP TRAFFIC Use the Voice VLAN...
Page 183: ...t You must select a method for detecting VoIP traffic either OUI or LLDP 802 1ab When OUI is selected be sure to configure the MAC address ranges in the Telephony OUI list Forced3 The Voice VLAN featu...
Page 184: ...s to the VoIP settings for the switch or for a specific port 3 Click Save Figure 74 Configuring Global and Port Settings for a Voice VLAN CONFIGURING TELEPHONY OUI Use the Voice VLAN OUI Table to iden...
Page 185: ...OUI for VoIP devices in the network and enter a description for the devices 4 Click Save Figure 75 Configuring an OUI Telephony List QUALITY OF SERVICE All switches or routers that access the Interne...
Page 186: ...d network policies different kinds of traffic can be marked for different kinds of forwarding CONFIGURING PORT CLASSIFICATION Use the QoS Ingress Port Classification page to set the basic QoS paramete...
Page 187: ...he mapped versions of PCP and DEI for tagged frames PCP DEI Shows the mapping options for classified PCP DEI to QoS class DP level values when Tag Classification is Enabled QoS class Controls the mapp...
Page 188: ...cation CONFIGURING PORT POLICIERS Use the QoS Ingress Port Policers page to limit the bandwidth of frames entering the ingress queue This function allows the network manager to control the maximum rat...
Page 189: ...trol mode then pause frames are sent instead of discarding frames WEB INTERFACE To configure ingress port policing 1 Click Advanced Configuration QoS Port Policing 2 Enable port policing as required f...
Page 190: ...on this port Enable Enables or disables queue shaping Default Disabled Rate Controls the rate for the queue shaper The default value is 500 This value is restricted to 100 1000000 kbps or 1 3300 Mbps...
Page 191: ...ght used by egress ports 1 Click Configuration QoS Port Scheduler 2 Click on any enter under the Port field to configure the Port Scheduler and Shaper Figure 79 Displaying Egress Port Schedulers To co...
Page 192: ...oS Egress Port Shapers including the rate for each queue and port Click on any of the entries in the Port field to configure egress queue mode queue shaper rate and access to excess bandwidth and port...
Page 193: ...hapers CONFIGURING PORT REMARKING MODE Use the QoS Egress Port Tag Remarking page to show an overview of QoS Egress Port Tag Remarking mode Click on any of the entries in the Port field to configure t...
Page 194: ...arks matching egress frames with the specified Priority Code Point or User Priority value Range 0 7 Default 0 DEI Remarks matching egress frames with the specified Drop Eligible Indicator Range 0 1 De...
Page 195: ...CHAPTER 4 Configuring the Switch Quality of Service 195 Figure 83 Configuring Port Tag Remarking Mode...
Page 196: ...see page 198 All Classify all DSCP Egress Rewrite Configures port egress rewriting of DSCP values Disable Egress rewriting is not performed Enable Egress rewriting is performed without remapping Rema...
Page 197: ...es with trusted DSCP values are mapped to a specific QoS class and drop level DPL Frames with untrusted DSCP values are treated as non IP frames QoS Class QoS value to which the corresponding DSCP val...
Page 198: ...s ingress translation of DSCP values based on the specified classification method Ingress Classify Enable Classification at ingress side as defined in the QoS Port DSCP Configuration table see page 19...
Page 199: ...ce level PATH Advanced Configuration QoS DSCP Classification PARAMETERS These parameters are displayed QoS Class DPL Shows the mapping options for QoS class values and DP drop precedence levels DSCP D...
Page 200: ...ss drop precedence level and DSCP value defined by that entry Traffic not matching any of the QCEs are classified to the default QoS Class for the port PATH Advanced Configuration QoS QoS Control List...
Page 201: ...he following buttons are used to edit or move the QCEs QCE Configuration Port Members The ports assigned to this entry Key Parameters Tag VLAN tag type Options Any Tag Untag Default Any VID VLAN ident...
Page 202: ...k Access Protocol can be distinguished by an OUI and a Protocol ID Options for PID Any Specific 0x00 0xffff Default Any If the OUI is hexadecimal 000000 the protocol ID is the Ethernet type EtherType...
Page 203: ...ame if the configured parameters are matched in the frame s content If a frame matches the QCE the following actions will be taken Class Classified QoS Class If a frame matches the QCE it will be put...
Page 204: ...ams are not well designed or properly configured Traffic storms caused by any of these problems can severely degrade performance or bring your network to a complete halt You can protect your network f...
Page 205: ...configure Storm Control 1 Click Configuration QoS Storm Control 2 Enable storm control for unknown unicast broadcast or multicast traffic by marking the Status box next to the required frame type 3 Se...
Page 206: ...or disables port mirroring Type Select Mirror for local port mirroring Port Port identifier Source Sets the source port from which traffic will be mirrored Select one of these options Disabled No fram...
Page 207: ...sion in all participating switches Monitored traffic from one or more sources is copied onto the RSPAN VLAN through IEEE 802 1Q trunk or hybrid ports that carry it to any RSPAN destination port monito...
Page 208: ...d RSPAN Limitations The following limitations apply to the use of RSPAN on this switch RSPAN Ports Only ports can be configured as an RSPAN source intermediate or destination type static and dynamic t...
Page 209: ...ce switch through which mirrored traffic is passed on to the RSPAN VLAN The reflector port only applies to Source switch type MAC Table learning and STP must be disabled on the reflector port Port Por...
Page 210: ...figuration Mirroring RSPAN 2 Set the Mode to Enabled and the Type to Intermediate 3 Select the intermediate ports through which all mirrored traffic will be forwarded to other switches 4 Click Save Fi...
Page 211: ...step in UPnP networking is discovery When a device is added to the network the UPnP discovery protocol allows that device to broadcast its services to control points on the network Similarly when a co...
Page 212: ...entry and select Properties to display a list of device attributes advertised through UPnP PATH Advanced Configuration UPnP PARAMETERS These parameters are displayed Mode Enables disables UPnP on the...
Page 213: ...ission characteristic of the switch is thus preserved even at high traffic levels As the Collector receives streams from the various sFlow agents other switches or routers throughout the network a tim...
Page 214: ...seconds where 0 indicates no time out The sFlow parameters affected by this command include the IP address and UDP port timeout maximum datagram size sampling rate and maximum header size While active...
Page 215: ...the counters are updated Range 0 3600 seconds where 0 disables this feature Default Disabled WEB INTERFACE To configure flow sampling 1 Click Advanced Configuration sFlow 2 Set the parameters for flo...
Page 216: ...ation and contact information PATH Monitor System Information PARAMETERS These parameters are displayed System To configure the following items see Configuring System Information on page 39 Contact Ad...
Page 217: ...ation DISPLAYING CPU UTILIZATION Use the CPU Load page to display information on CPU utilization The load is averaged over the last 100ms 1sec and 10 seconds intervals The last 120 samples are graphed...
Page 218: ...the logged system and event messages PATH Monitor System Log PARAMETERS These parameters are displayed Display Filter Level Specifies the type of log messages to display Info Informational messages on...
Page 219: ...splay per page 3 Use Auto refresh to automatically refresh the page at regular intervals Refresh to update system log entries starting from the current entry ID or Clear to flush all system log entrie...
Page 220: ...S You can use the Monitor Port menu to display a graphic image of the front panel which indicates the connection status of each port basic statistics on the traffic crossing each port the number of pa...
Page 221: ...of frames received with errors and the number of incomplete transmissions Drops Received Transmitted The number of frames discarded due to ingress or egress congestion Filtered Received The number of...
Page 222: ...try index Frame Type Indicates the type of frame to look for in incoming frames Possible frame types are Any Ethernet LLC SNAP IPv4 IPv6 Port Port identifier Action Indicates the classification action...
Page 223: ...cumulated since the last system reboot and are shown as counts per second Statistics are refreshed every 60 seconds by default PATH Monitor Ports Detailed Statistics PARAMETERS These parameters are di...
Page 224: ...otherwise well formed Rx Oversize The total number of frames received that were longer than the configured maximum frame length for this port excluding framing bits but including FCS octets and were o...
Page 225: ...CHAPTER 5 Monitoring the Switch Displaying Information About Ports 225 WEB INTERFACE To display the detailed port statistics click Monitor Ports Detailed Statistics Figure 105 Detailed Port Statistics...
Page 226: ...Management Statistics USAGE GUIDELINES Statistics will only be displayed on this page if access management is enabled on the Access Management Configuration menu see page 61 and traffic matching one o...
Page 227: ...port security services and one with the actual port status PATH Monitor Security Network Port Security Switch PARAMETERS These parameters are displayed User Module Legend User Module Name The full nam...
Page 228: ...y information about switch level settings for the Port Security module click Monitor Security Network Port Security Switch Figure 107 Port Security Switch Status DISPLAYING INFORMATION ABOUT LEARNED M...
Page 229: ...igure 108 Port Security Port Status DISPLAYING PORT STATUS FOR AUTHENTICATION SERVICES Use the Network Access Server Switch Status page to show the port status for authentication services including 80...
Page 230: ...ty Network NAS Switch Figure 109 Network Access Server Switch Status DISPLAYING PORT STATISTICS FOR 802 1X OR REMOTE AUTHENTICATION SERVICE Use the NAS Statistics Port selection page to display authen...
Page 231: ...rames that have been received by the switch Invalid Type The number of EAPOL frames that have been received by the switch in which the frame type is not recognized Invalid Length The number of EAPOL f...
Page 232: ...ilure message This indicates that the supplicant client has not authenticated to the backend server Transmit Backend Server Counters Responses 802 1X based Counts the number of times that the switch a...
Page 233: ...licant For MAC based Auth this column holds the MAC address of the attached client Clicking the link causes the client s Backend Server counters to be shown in the Selected Counters table If no client...
Page 234: ...s the ACL user see Configuring User Privilege Levels on page 54 for a list of software modules Ingress Port Indicates the ingress port to which the ACE applies Possible values are Any The ACE will mat...
Page 235: ...is 1 to 15 Port Redirect Indicates the port redirect operation implemented by the ACE Frames matching the ACE are redirected to the listed port Mirror Indicates the port mirror operation implemented...
Page 236: ...ber of ACK option 53 with value 5 packets received and transmitted Rx Tx NAK The number of NAK option 53 with value 6 packets received and transmitted Rx Tx Release The number of release option 53 wit...
Page 237: ...er Transmit Error The number of packets containing errors that were sent to clients Receive from Server The number of packets received from the server Receive Missing Agent Option The number of packet...
Page 238: ...ackets received where the DHCP client packet information was retained Drop Agent Option The number of packets that were dropped because they already contained relay information WEB INTERFACE To displa...
Page 239: ...tries sorted first by port then VLAN ID MAC address and finally IP address Each page shows up to 999 entries from the Dynamic IP Source Guard table default being 20 selected through the entries per pa...
Page 240: ...mber of this server Status The current state of the server This field takes one of the following values Disabled The server is disabled Not Ready The server is enabled but IP communication is not yet...
Page 241: ...ith an invalid length Bad authenticators or Message Authenticator attributes or unknown types are not included as malformed access responses Bad Authenticators The number of RADIUS Access Response pac...
Page 242: ...abled when the dead time expires The number of seconds left before this occurs is displayed in parentheses Round Trip Time The time interval measured in milliseconds between the most recent Access Rep...
Page 243: ...t Other Info IP Address IP address and UDP port for the accounting server State The current state of the server It takes one of the following values Disabled The server is disabled Not Ready The serve...
Page 244: ...the Switch Displaying Information on Authentication Servers 244 WEB INTERFACE To display statistics for configured authentication and accounting servers click Monitor Security AAA RADIUS Details Figur...
Page 245: ...events in which packets were dropped by the probe due to lack of resources Octets The total number of octets of data including those in bad packets received on the network Pkts The total number of pac...
Page 246: ...statistics on a physical interface including network utilization packet types and errors PATH Monitor Security Switch RMON History PARAMETERS These parameters are displayed History Index Index of Hist...
Page 247: ...mpared against the thresholds For more information see Configuring RMON Alarms on page 75 Value The value of the statistic during the last sampling period Startup Alarm The alarm that may be triggered...
Page 248: ...T SETTINGS Use the RMON Alarm Event page to display configured event settings PATH Monitor Security Switch RMON Event PARAMETERS These parameters are displayed Event Index Index of the event entry Log...
Page 249: ...up LAG Partner System ID LAG partner s system ID MAC address Partner Key The Key that the partner has assigned to this LAG Partner Priority This priority is used to determine LAG membership and to ide...
Page 250: ...he LACP protocol i e its MAC address Partner Port The partner port connected to this local port Partner Priority The partner port priority used to select a backup link WEB INTERFACE To display LACP st...
Page 251: ...conditions PATH Monitor Loop Protection PARAMETERS These parameters are displayed Port Port identifier Action Configured port action i e the response to take when a loop is detected on a port Transmi...
Page 252: ...This is also a link to the STP Detailed Bridge Status Bridge ID A unique identifier for this bridge consisting of the bridge priority and MAC address where the address is taken from the switch system...
Page 253: ...ex of the bridge port Role Roles are assigned according to whether the port is part of the active topology connecting the bridge to the root bridge i e root port connecting a LAN through the bridge to...
Page 254: ...sition RSTP states Uptime The time since the bridge port was last initialized WEB INTERFACE To display an overview of all STP bridge instances click Monitor Spanning Tree Bridge Status Figure 126 Span...
Page 255: ...current state of this port within the Spanning Tree Blocking Port receives STA configuration messages but does not forward packets Learning Port has transmitted configuration messages for an interval...
Page 256: ...ed on a port Discarded Illegal The number of illegal Spanning Tree BPDU s received and discarded on a port WEB INTERFACE To display information on spanning port statistics click Monitor Spanning Tree...
Page 257: ...WEB INTERFACE To display information for MVR statistics click Monitor MVR Statistics Figure 130 MVR Statistics DISPLAYING MVR GROUP INFORMATION Use the MVR Group Information page to display statistics...
Page 258: ...ation including group filtering mode include or exclude source address and type allow or deny PATH Monitor MVR MVR SFM Information PARAMETERS These parameters are displayed VLAN ID VLAN identifier Gro...
Page 259: ...H Monitor IPMC IGMP Snooping Status PARAMETERS These parameters are displayed Statistics VLAN ID VLAN Identifier Querier Version IGMP version used by the switch when serving as the IGMP querier Host V...
Page 260: ...NTERFACE To display IGMP snooping status information click Monitor IGMP Snooping Status Figure 133 IGMP Snooping Status SHOWING IGMP SNOOPING GROUP INFORMATION Use the IGMP Snooping Group Information...
Page 261: ...TERS These parameters are displayed VLAN ID VLAN identifier Group The IP address of a multicast group detected on this interface Port Port identifier Mode The filtering mode maintained per VLAN ID por...
Page 262: ...ticast router switch PATH Monitor IPMC MLD Snooping Status PARAMETERS These parameters are displayed Statistics VLAN ID VLAN Identifier Querier Version MLD version used by the switch when serving as t...
Page 263: ...INTERFACE To display MLD snooping status information click Monitor MLD Snooping Status Figure 136 MLD Snooping Status SHOWING MLD SNOOPING GROUP INFORMATION Use the MLD Snooping Group Information pag...
Page 264: ...S These parameters are displayed VLAN ID VLAN Identifier Group The IP address of a multicast group detected on this interface Port Port identifier Mode The filtering mode maintained per VLAN ID port n...
Page 265: ...PATH Monitor LLDP Neighbors PARAMETERS These parameters are displayed Local Port The local port to which a remote LLDP capable device is attached Chassis ID An octet string indicating the specific ide...
Page 266: ...Neighbor Information page to display information about a remote device connected to a port on this switch which is advertising LLDP MED TLVs including network connectivity device endpoint device capa...
Page 267: ...es as defined in TIA 1057 Discovery services defined in this class include LAN configuration device location network policy power management and inventory management LLDP MED Media Endpoint Class II A...
Page 268: ...is currently enabled at the link partner If Auto negotiation is supported and Auto negotiation status is disabled the 802 3 PMD operating mode will be determined the operational MAU type field value...
Page 269: ...riority of the PD device or the power priority associated with the PSE type device s port that is sourcing the power There are three levels of power priority The three levels Critical High and Low If...
Page 270: ...its echoed values from the remote link partner it can determine whether or not the remote link partner has received registered and processed its most recent values For example if the local link partne...
Page 271: ...tal Neighbors Entries Aged Out The number of times that a neighbor s information has been deleted from the LLDP remote systems MIB because the remote TTL timer has expired LLDP Statistics Local Port P...
Page 272: ...METERS These parameters are displayed Local Port The port on this switch which received the LLDP frame PD class Each PD is classified according to the maximum power it will use The PD classes include...
Page 273: ...TH Monitor MAC Address Table PARAMETERS These parameters are displayed Start from VLAN and MAC address with entries per page These input fields allow you to select the starting point in the table Type...
Page 274: ...membership and VLAN port settings such as the PVID or untagged VLAN ID This switch supports the following VLAN user modules Static Ports statically assigned to a VLAN through the CLI Web or SNMP NAS...
Page 275: ...es PATH Monitor VLANs VLAN Port PARAMETERS These parameters are displayed VLAN User A software module that uses VLAN management services to configure VLAN membership and VLAN port settings such as the...
Page 276: ...p or VLAN port configuration the following conflicts can occur Functional conflicts between features Conflicts due to hardware limitations Direct conflicts between user modules WEB INTERFACE 1 To disp...
Page 277: ...of the page Figure 148 Showing MAC based VLAN Membership Status DISPLAYING INFORMATION ABOUT FLOW SAMPLING Use the sFlow Statistics page to display information on sampled traffic including the owner r...
Page 278: ...f flow samples sent to the sFlow receiver Counter Samples The total number of counter samples sent to the sFlow receiver Port Statistics Port Port identifier Rx TX Flow Samples The number of flow samp...
Page 279: ...IPv4 address consists of 4 numbers 0 to 255 separated by periods An IPv6 address consists of 8 colon separated 16 bit hexadecimal values One double colon may be used in the address to indicate the app...
Page 280: ...IPv4 or IPv6 Address 280 After you press Start the sequence number and round trip time are displayed upon reception of a reply The page refreshes automatically until responses to all packets are recei...
Page 281: ...faults that can occur on Category 5 twisted pair cabling WEB INTERFACE To run cable diagnostics 1 Click Diagnostics VeriPHY 2 Select all ports or indicate a specific port for testing 3 Click Start If...
Page 282: ...aving configuration settings and resetting the switch RESTARTING THE SWITCH Use the Restart Device page to restart the switch PATH Maintenance Restart Device WEB INTERFACE To restart the switch 1 Clic...
Page 283: ...no reboot is necessary Figure 153 Factory Defaults UPGRADING FIRMWARE Use the Software Upload page to upgrade the switch s system firmware by specifying a file provided by DIGISOL You can download fir...
Page 284: ...off the device at this time or the switch may fail to function afterwards Figure 154 Software Upload ACTIVATING THE ALTERNATE IMAGE Use the Software Image Selection page to display information about t...
Page 285: ...Click Maintenance Configuration Save 2 Click the Save configuration button 3 Specify the directory and name of the file under which to save the current configuration settings The configuration file i...
Page 286: ...Files 286 WEB INTERFACE To restore your current configuration settings 1 Click Maintenance Configuration Upload 2 Click the Browse button and select the configuration file 3 Click the Upload button to...
Page 287: ...287 SECTION III APPENDICES This section provides additional information and includes these items u Software Specifications on page 288 u Troubleshooting on page 292...
Page 288: ...0 Mbps at half full duplex 1000 Mbps at full duplex 1000BASE SX LX LH 1000 Mbps at full duplex SFP FLOW CONTROL Full Duplex IEEE 802 3 2005 Half Duplex Back pressure STORM CONTROL Broadcast multicast...
Page 289: ...traffic policing and egress traffic shaping MULTICAST FILTERING IGMP Snooping IPv4 MLD Snooping IPv6 Multicast VLAN Registration ADDITIONAL FEATURES DHCP Client Relay Option 82 DNS Client Proxy Flow S...
Page 290: ...E 802 3 2005 Ethernet Fast Ethernet Gigabit Ethernet Link Aggregation Control Protocol LACP Full duplex flow control ISO IEC 8802 3 IEEE 802 3ac VLAN tagging ARP RFC 826 DHCP Client RFC 2131 DHCPv6 Cl...
Page 291: ...636 MIB II RFC 1213 P Bridge MIB RFC 2674P Port Access Entity MIB IEEE 802 1X Port Access Entity Equipment MIB Power Ethernet MIB RFC 3621 Private MIB Q Bridge MIB RFC 2674Q Quality of Service MIB RAD...
Page 292: ...t been disabled Be sure you have configured the VLAN interface through which the management station is connected with a valid IP address subnet mask and default gateway Be sure the management station...
Page 293: ...witch follow these steps 1 Enable logging 2 Set the error messages reported to include all categories 3 Enable SNMP 4 Enable SNMP traps 5 Designate the SNMP host that is to receive the error messages...
Page 294: ...according to the port default the packet s priority bit in the VLAN tag TCP UDP port number IP Precedence bit or DSCP priority bit DHCP Dynamic Host Control Protocol Provides a framework for passing...
Page 295: ...and password is requested by the switch and then passed to an authentication server e g RADIUS for verification EAPOL is implemented as part of the IEEE 802 1X Port Authentication standard EUI Extend...
Page 296: ...1S An IEEE standard for the Multiple Spanning Tree Protocol MSTP which provides independent spanning trees for VLAN groups IEEE 802 1W An IEEE standard for the Rapid Spanning Tree Protocol RSTP which...
Page 297: ...by this switch can pass multicast traffic along to participating hosts IP PRECEDENCE The Type of Service ToS octet in the IPv4 header includes three precedence bits defining eight different priority l...
Page 298: ...egion and prevents VLAN members from being segmented from the rest of the group MULTICAST SWITCHING A process whereby the switch filters incoming multicast frames for services for which no attached ho...
Page 299: ...rity of one flow or limiting the priority of another flow RADIUS Remote Authentication Dial in User Service RADIUS is a logon authentication protocol that uses software running on a central server to...
Page 300: ...T Defines a remote communication facility for interfacing to a terminal device over TCP IP TFTP Trivial File Transfer Protocol A TCP IP protocol commonly used for software downloads UDP User Datagram...
Page 301: ...licy 106 DHCP snooping 103 DNS server 41 Domain Name Service See DNS downloading software 283 using HTTP 283 using TFTP 283 drop precedence QoS 186 DSCP classification QoS 199 rewriting port 196 trans...
Page 302: ...ce 28 logon authentication 52 encryption keys 114 RADIUS client 114 RADIUS server 114 settings 114 TACACS client 56 TACACS server 56 114 loopback detection non STA 121 loopback detection non STA 121 M...
Page 303: ...uality control list entry 201 QCL status monitoring 222 QoS 185 class 186 control lists 200 drop precedence 186 DSCP classification 199 DSCP rewriting 196 DSCP translation 196 198 egress port schedule...
Page 304: ...1 time zone setting 45 time setting 44 trap destination 65 trap manager 64 troubleshooting 292 trunk configuration 116 119 LACP 119 static 116 Type Length Value See LLDP TLV See LLDP MED TLV U unknown...
Page 305: ...PRODUCTS SOLD OUTSIDE INDIA CARRY 1 YEAR WARRANTY ONLY...
