manualshive.com logo in svg

Edge-Core ES4528V-38, Management Manual, Page: 326 / 396

Share
Download
Edge-Core ES4528V-38 Management Manual Download Page 326

C

HAPTER

 23

  |  ACL Commands

–  326  –

acl add

This command adds or modifies an access control entry.

S

YNTAX

 

acl add 

[

ace-id

] [

ace-id-next

[

switch

 | (

port

 

port

) | (

policy

 

policy

)] 

[

vlan-id

] [

tag-priority

] [

dmac-type

[(

etype

 [

ethernet-type

] [

smac

] [

dmac

]) |

(

arp

 [

sip

] [

dip

] [

smac

] [

arp-opcode

] [

arp-flags

]) | 

(

ip

 [

sip

] [

dip

] [

protocol

] [

ip-flags

]) | 

(

icmp

 [

sip

] [

dip

] [

icmp-type

] [

icmp-code

] [

ip-flags

]) | 

(

udp

 [

sip

] [

dip

] [

sport

] [

dport

] [

ip-flags

]) | 

(

tcp

 [

sip

] [

dip

] [

sport

] [

dport

] [

ip-flags

] [

tcp-flags

])] 

[

permit

 | 

deny

] [

rate-limiter

] [

port-copy

] [

logging

] [

shutdown

]

ace-id 

- An ACL entry which specifies one of the following criteria to 

be matched in the ingress frame. (Range: 1-128; Default: Next 

available ID)

ace-id-next

 - Inserts the ACE before this row. If not specified, the 

ACE is inserted at the bottom of the list. (Range: 1-128)

switch

 

- ACE applies to all ports on the switch.

port

 port 

- ACE applies to specified port or a range of ports. 

(Range: 1-28)

policy

 policy 

- An ACL policy identifier to which this ACE is 

assigned. (Range: 1-8)

vlan-id

 - The VLAN to filter for this rule. (Range: 1-4095, or 

any

)

tag-priority

 - Specifies the User Priority value found in the VLAN tag 

(3 bits as defined by IEEE 802.1p) to match for this rule. (Range: 0-

7, or 

any

)

dmac-type

 - The type of destination MAC address. (Options:

any

unicast

multicast

broadcast

; Default: 

any

)

etype

 - One of the following Ethernet or MAC parameters:

ethernet-type

 - This option can only be used to filter Ethernet II 

formatted packets. (Range: 0x600-0xffff hex, or 

any

; Default: 

any

)

A detailed listing of Ethernet protocol types can be found in RFC 

1060. A few of the more common types include 0800 (IP), 0806 

(ARP), 8137 (IPX).

smac

 - Source MAC address (xx-xx-xx-xx-xx-xx) or 

any

.

dmac

 - Destination MAC address (xx-xx-xx-xx-xx-xx) or 

any

.

arp

 - 

One of the following MAC or ARP parameters:

sip

 - Source IP address (a.b.c.d/n) or 

any

.

dip

 - Destination IP address (a.b.c.d/n) or 

any

.

smac

 - Source MAC address (xx-xx-xx-xx-xx-xx) or 

any

.

arp-opcode

 - Specifies the type of ARP packet. (Options:

any

no ARP/RARP opcode flag is specified, 

arp

- frame  must  have 

Summary of Contents for ES4528V-38

Page 1: ...Management Guide www edge core com 28 Port Gigabit Ethernet Switch...

Page 2: ......

Page 3: ...MANAGEMENT GUIDE ES4528V GIGABIT ETHERNET SWITCH Layer 2 Switch with 24 10 100 1000BASE T RJ 45 Ports and 4 Gigabit Combination Ports RJ 45 SFP ES4528V E072009 ST R01 149100000014A...

Page 4: ......

Page 5: ...your attention to related features or instructions CAUTION Alerts you to a potential hazard that could cause loss of data or damage the system or equipment WARNING Alerts you to a potential hazard th...

Page 6: ...ABOUT THIS GUIDE 6...

Page 7: ...28 Access Control Lists 29 Port Configuration 29 Rate Limiting 29 Port Mirroring 29 Port Trunking 29 Storm Control 29 Static Addresses 29 IEEE 802 1D Bridge 30 Store and Forward Switching 30 Spanning...

Page 8: ...play 51 Main Menu 51 4 CONFIGURING THE SWITCH 55 Configuring System Information 55 Setting an IP Address 56 Setting an IPv4 Address 56 Setting an IPv6 Address 58 Setting the System Password 61 Filteri...

Page 9: ...rol 116 Access Control Lists 118 Assigning ACL Policies and Responses 118 Configuring Rate Limiters 119 Configuring Access Control Lists 120 Configuring Port Mirroring 128 Simple Network Management Pr...

Page 10: ...idge Status for STA 166 Displaying Port Status for STA 168 Displaying Port Statistics for STA 169 Displaying Port Security Information 170 Displaying Port Security Status 170 Displaying Port Security...

Page 11: ...d Line Processing 200 CLI Command Groups 201 9 SYSTEM COMMANDS 203 system configuration 204 system reboot 204 system restore default 205 system contact 205 system name 205 system location 206 system p...

Page 12: ...s 225 auth acct_radius 226 auth tacacs 228 auth client 229 auth statistics 230 12 PORT COMMANDS 233 port configuration 233 port state 235 port mode 235 port flow control 236 port maxframe 237 port pow...

Page 13: ...p cost 259 rstp priority 261 rstp edge 261 rstp autoedge 262 rstp p2p 263 rstp status 263 rstp statistics 264 rstp mcheck 264 16 IEEE 802 1X COMMANDS 267 dot1x configuration 267 dot1x mode 269 dot1x s...

Page 14: ...guration 287 lldp mode 288 lldp optional_tlv 288 lldp interval 289 lldp hold 290 lldp delay 290 lldp reinit 291 lldp info 291 lldp statistics 292 lldp cdp_aware 293 19 MAC COMMANDS 295 mac configurati...

Page 15: ...onfiguration 312 qos default 312 qos tagprio 313 qos qcl port 313 qos qcl add 314 qos qcl delete 315 qos qcl lookup 316 qos mode 316 qos weight 317 qos rate limiter 317 qos shaper 318 qos storm unicas...

Page 16: ...snmp trap community 340 snmp trap destination 341 snmp trap ipv6 destination 341 snmp trap authentication failure 341 snmp trap link up 342 snmp trap inform mode 342 snmp trap inform timeout 343 snmp...

Page 17: ...mode 357 https redirect 358 28 SSH COMMANDS 361 ssh configuration 361 ssh mode 361 29 UPNP COMMANDS 363 upnp configuration 363 upnp mode 363 upnp ttl 364 upnp advertising duration 365 30 DHCP COMMANDS...

Page 18: ...A SOFTWARE SPECIFICATIONS 377 Software Features 377 Management Features 378 Standards 379 Management Information Bases 379 B TROUBLESHOOTING 381 Problems Accessing the Management Interface 381 Using S...

Page 19: ...on 87 Figure 15 HTTPS Configuration 89 Figure 16 SSH Configuration 90 Figure 17 IGMP Snooping Configuration 94 Figure 18 IGMP Snooping Port Group Filtering Configuration 95 Figure 19 LLDP Configuratio...

Page 20: ...51 Figure 46 Port State Overview 151 Figure 47 Port Statistics Overview 152 Figure 48 Queuing Counters 153 Figure 49 Detailed Port Statistics 156 Figure 50 RADIUS Overview 158 Figure 51 RADIUS Details...

Page 21: ...FIGURES 21 Figure 68 Factory Defaults 188 Figure 69 Software Upload 189 Figure 70 Register Product 189 Figure 71 Configuration Save 190 Figure 72 Configuration Upload 191...

Page 22: ...FIGURES 22...

Page 23: ...d Levels 131 Table 13 System Capabilities 177 Table 14 Keystroke Commands 200 Table 15 Command Group Index 201 Table 16 System Commands 203 Table 17 IP Commands 213 Table 18 Authentication Commands 22...

Page 24: ...o Egress Queues 314 Table 37 ACL Commands 323 Table 38 Mirror Commands 331 Table 39 Configuration Commands 333 Table 40 SNMP Commands 335 Table 41 HTTPS Commands 357 Table 42 HTTPS System Support 358...

Page 25: ...view of the switch and introduces some basic concepts about network switches It also describes the basic settings required to access the management interface This section includes these chapters Intro...

Page 26: ...SECTION Getting Started 26...

Page 27: ...n 82 relay information IP Source Guard Access Control Lists Supports up to 128 rules DHCP Client Supported DNS Proxy service Port Configuration Speed duplex mode flow control MTU response to excessive...

Page 28: ...This switch authenticates management access via the console port Telnet or a web browser User names and passwords can be configured locally or can be verified via a remote authentication server i e RA...

Page 29: ...incorporated in IEEE 802 3 2002 RATE LIMITING This feature controls the maximum rate for traffic transmitted or received on an interface Rate limiting is configured on interfaces at the edge of a net...

Page 30: ...provides 0 75 MB for frame buffering This buffer can queue packets awaiting transmission on congested networks SPANNING TREE ALGORITHM The switch supports these spanning tree protocols Spanning Tree...

Page 31: ...Use private VLANs to restrict traffic to pass only between data ports and the uplink ports thereby isolating adjacent ports within the same VLAN and allowing you to limit the total number of VLANs th...

Page 32: ...r VLAN lists Using access lists allows you select traffic based on Layer 2 Layer 3 or Layer 4 information contained in each packet Based on network policies different kinds of traffic can be marked fo...

Page 33: ...d Port Security Disabled IP Filtering Disabled Web Management HTTP Server Enabled HTTP Port Number 80 HTTP Secure Server Disabled HTTP Secure Server Redirect Disabled SNMP SNMP Agent Disabled Communit...

Page 34: ...ht 1 2 4 8 Ethernet Type Disabled VLAN ID Disabled VLAN Priority Tag Disabled ToS Priority Disabled IP DSCP Priority Disabled TCP UDP Port Priority Disabled IP Settings Management VLAN Any VLAN config...

Page 35: ...b agent allows you to configure switch parameters monitor port connections and display statistics using a standard web browser such as Internet Explorer 5 x or above Netscape 6 2 or above and Mozilla...

Page 36: ...m information and statistics REQUIRED CONNECTIONS The switch provides an RS 232 serial port that enables a connection to a PC or terminal for monitoring and configuring the switch A null modem console...

Page 37: ...default To manually configure this address or enable dynamic address assignment via DHCP see Setting an IP Address on page 38 If the switch does not receive a response from a DHCP server it will defa...

Page 38: ...through the network This can be done in either of the following ways Manual You have to input the information including IP address and subnet mask If your management station is not in the same IP sub...

Page 39: ...IP address a b c d default Show IP address ip_mask IP subnet mask a b c d default Show IP mask ip_router IP router a b c d default Show IP router vid VLAN ID 1 4095 default Show VLAN ID ip setup 192...

Page 40: ...iption Set or show the IPv6 setup Syntax IP IPv6 Setup ipv6_addr ipv6_prefix ipv6_router vid ip ipv6 setup 2001 DB8 2222 7272 72 64 2001 DB8 2222 7272 254 1 ip ipv6 setup IPv6 AUTOCONFIG mode Disabled...

Page 41: ...t address prefix received in router advertisement messages To dynamically generate an IPv6 host address for the switch type the following command and press Enter ip ipv6 autoconfig enable ip ipv6 auto...

Page 42: ...ons to receive trap messages from the switch You therefore need to assign community strings to specified users and set the access level The default strings are public with read only access Authorized...

Page 43: ...er For a more detailed description of these parameters and other SNMP commands see SNMP Commands on page 335 The following example creates a trap host for a version 1 SNMP client snmp trap version 1 s...

Page 44: ...called r d snmp user add 800007e5017f000001 steve md5 greenearth des blueseas snmp group add usm steve r d snmp view add mib 2 included 1 3 6 1 2 1 snmp view add 802 1d included 1 3 6 1 2 1 17 snmp a...

Page 45: ...executed after boot up also known as run time code This code runs the switch operations and provides the CLI and web management interfaces It can be uploaded from a TFTP server using the CLI or from a...

Page 46: ...CHAPTER 2 Initial Switch Configuration Managing System Files 46...

Page 47: ...detailed description of how to configure each feature via a web browser This section includes these chapters Using the Web Interface on page 49 Configuring the Switch on page 55 Monitoring the Switch...

Page 48: ...SECTION Web Configuration 48...

Page 49: ...tasks 1 Configured the switch with a valid IP address subnet mask and default gateway using an out of band serial connection or DHCP protocol See Setting an IP Address on page 38 2 Set the system pass...

Page 50: ...image of the front panel on the right side The Main Menu links are used to navigate to other menus and display configuration parameters and statistics Figure 1 Home Page CONFIGURATION OPTIONS Configur...

Page 51: ...screen right now Clicking on the image of a port opens the Detailed Statistics page as described on page 154 Figure 2 Front Panel Indicators MAIN MENU Using the onboard web agent you can define system...

Page 52: ...VLAN attributes 103 Private VLANs PVLAN Membership Configures PVLAN groups 105 Port Isolation Prevents communications between designated ports within the same private VLAN 106 QoS 107 Ports Configure...

Page 53: ...essage 150 Access Management Statistics Displays the number of packets used to manage the switch via HTTP HTTPS SNMP Telnet and SSH 150 Ports 151 State Displays a graphic image of the front panel indi...

Page 54: ...crossing each port 178 DHCP Relay Statistics Displays server and client statistics for packets affected by the relay information policy 179 MAC Address Table Displays dynamic and static address entrie...

Page 55: ...the System Information page System Contact Administrator responsible for the system Maximum length 255 characters System Name Name assigned to the switch system Maximum length 255 characters System Lo...

Page 56: ...ough either of these address types You can manually configure a specific IPv4 or IPv6 address or direct the switch to obtain an IPv4 address from a DHCP server when it is powered on An IPv6 address ca...

Page 57: ...192 168 2 10 IP Mask This mask identifies the host address bits used for routing to specific subnets Default 255 255 255 0 IP Router IP address of the gateway router between the switch and management...

Page 58: ...ng the switch with an IPv4 address see Setting an IP Address on page 56 IPv6 includes two distinct address types link local unicast and global unicast A link local address makes the switch accessible...

Page 59: ...rm of the interface identifier to automatically create the host portion of the address This option can be selected by enabling the Auto Configuration option You can also manually configure the global...

Page 60: ...are members of VLAN 1 However the management station can be attached to a port belonging to any VLAN as long as that VLAN has been assigned an IP address Range 1 4095 Default 1 SNTP Server Sets the I...

Page 61: ...he web interface 1 Click Configuration System Password 2 Enter the old password 3 Enter the new password 4 Enter the new password again to confirm your input 5 Click Save Figure 6 System Password FILT...

Page 62: ...ket Layer SSL protocol to provide an encrypted connection SNMP Filters IP addresses for access through SNMP TELNET SSH Filters IP addresses for access through Telnet or through Secure Shell which prov...

Page 63: ...00Mbps FDX Supports 100 Mbps full duplex operation 100Mbps HDX Supports 100 Mbps half duplex operation 10Mbps FDX Supports 10 Mbps full duplex operation 10Mbps HDX Supports 10 Mbps half duplex operati...

Page 64: ...r Control Adjusts the power provided to ports based on the length of the cable used to connect to other devices Only sufficient power is used to maintain connection requirements IEEE 802 3 defines the...

Page 65: ...each user that requires management access to the switch USAGE GUIDELINES The switch supports the following authentication services Authorization of users that access the Telnet SSH the web or console...

Page 66: ...t Specifies how the administrator is authenticated when logging into the switch via Telnet SSH a web browser or the console interface Authentication Method Selects the authentication method Options No...

Page 67: ...n messages Range 1 65535 Default 0 If the UDP port is set to 0 zero the switch will use 1812 for RADIUS authentication servers 1813 for RADIUS accounting servers or 49 for TACACS authentication server...

Page 68: ...uthentication for management access in the web interface 1 Click Configuration Authentication 2 Configure the authentication method for management client types the common server timing parameters and...

Page 69: ...e trunk fail one of the standby ports will automatically be activated to replace it USAGE GUIDELINES Besides balancing the load across each port in the trunk the other ports provide redundancy by taki...

Page 70: ...runk However depending on the device to which a trunk is connected and the traffic flows in the network this load balance algorithm may result in traffic being distributed mostly on one port in a trun...

Page 71: ...the switch is destined for many different hosts Do not use this mode for switch to server trunk links where the destination IP address is the same for all traffic One of the defaults TCP UDP Port Numb...

Page 72: ...INTERFACE To configure a static trunk 1 Click Configuration Aggregation Static 2 Select one or more load balancing methods to apply to the configured trunks 3 Assign port members to each trunk that w...

Page 73: ...by forced mode or auto negotiation Trunks dynamically established through LACP will be shown on the LACP System Status page page 163 and LACP Port Status page 163 pages under the Monitor menu Ports as...

Page 74: ...o automatically send LACP negotiation packets once each second Use Passive initiation mode on a port to make it wait until it receives an LACP protocol packet from a partner before starting negotiatio...

Page 75: ...CHAPTER 4 Configuring the Switch Creating Trunk Groups 75 Figure 11 LACP Port Configuration...

Page 76: ...ce All ports connected to designated bridging devices are assigned as designated ports After determining the lowest cost spanning tree it enables all root ports and designated ports and disables all o...

Page 77: ...te that references to ports in this section mean interfaces which includes both ports and trunks Minimum The higher of 6 or 2 x Hello Time 1 Maximum The lower of 40 or 2 x Forward Delay 1 Default 20 F...

Page 78: ...P System Configuration CONFIGURING INTERFACE SETTINGS FOR STA Use the RSTP Port Configuration page to configure RSTP attributes for specific interfaces including path cost port priority edge port for...

Page 79: ...less likely to be blocked if the Spanning Tree Protocol is detecting network loops Where more than one port is assigned the highest priority the port with lowest numeric identifier will be enabled Ra...

Page 80: ...STA related timeout problems However remember that this feature should only be enabled for ports connected to an end node device Default Edge Auto Edge Controls whether automatic edge detection is ena...

Page 81: ...Switch Configuring the Spanning Tree Algorithm 81 WEB INTERFACE To configure interface settings for RSTP 1 Click Configuration Spanning Tree Ports 2 Modify the required attributes 3 Click Save Figure...

Page 82: ...which it forwards to the RADIUS server The RADIUS server verifies the client identity and sends an access challenge back to the client The EAP packet from the RADIUS server contains not only the chall...

Page 83: ...ng 802 1X authentication the RADIUS server and 802 1X client must support EAP The switch only supports EAPOL in order to pass the EAP packets from the server to the client The RADIUS server and client...

Page 84: ...period after which a connected client must be re authenticated Range 1 3600 seconds Default 3600 seconds EAP Timeout Sets the time the switch waits for a supplicant response during an authentication s...

Page 85: ...1X Requires a dot1x aware client to be authorized by the authentication server Clients that are not dot1x aware will be denied access MAC Based Enables MAC based authentication on the port The switch...

Page 86: ...to MAC Based Range 1 112 Default 112 The switch has a fixed pool of state machines from which all ports draw whenever a new client is seen on the port When a given port s maximum is reached counting...

Page 87: ...the Switch Configuring 802 1X Port Authentication 87 WEB INTERFACE To configure 802 1X Port Security 1 Click Configuration Port Security 2 Modify the required attributes 3 Click Save Figure 14 Port S...

Page 88: ...h a secure encrypted connection A padlock icon should appear in the status bar for Internet Explorer 5 x or above Netscape 6 2 or above and Mozilla Firefox 2 0 0 0 or above The following web browsers...

Page 89: ...ta traveling over the network arrives unaltered USAGE GUIDELINES You need to install an SSH client on the management station to access the switch for management via the SSH protocol The switch support...

Page 90: ...reduces the network overhead required by a multicast server the broadcast traffic must be carefully pruned at every multicast switch router it passes through to ensure that traffic is only passed on...

Page 91: ...eed to forward multicast traffic Multicast routers use information from IGMP snooping and query reports along with a multicast routing protocol such as DVMRP or PIM to support IP multicasting across t...

Page 92: ...precedence When IGMP snooping is disabled globally snooping can still be configured per VLAN interface but the interface settings will not take effect until snooping is re enabled globally IGMP Queri...

Page 93: ...the query within the specified timeout period If Fast Leave is enabled the switch assumes that only one host is connected to the interface Therefore Fast Leave should only be enabled on an interface i...

Page 94: ...ing the Switch IGMP Snooping 94 WEB INTERFACE To configure IGMP Snooping 1 Click Configuration IGMP Snooping Basic Configuration 2 Adjust the IGMP settings as required 3 Click Save Figure 17 IGMP Snoo...

Page 95: ...ltering Configuration page Port Port identifier Range 1 28 Filtering Groups Multicast groups that are denied on a port When filter groups are defined IGMP join reports received on a port are checked a...

Page 96: ...sion Delay Tx Hold Configures the time to live TTL value sent in LLDP advertisements as shown in the formula below Range 2 10 Default 3 The time to live tells the receiving LLDP agent how long to reta...

Page 97: ...es are shown as others in the LLDP neighbors table If all ports have CDP awareness disabled the switch forwards CDP frames received from neighbor devices If at least one port has CDP awareness enabled...

Page 98: ...with this address The interface number and OID are included to assist SNMP applications in the performance of network discovery by indicating enterprise specific or other starting points for the sear...

Page 99: ...esses learned by monitoring traffic are stored in the dynamic address table You can also manually configure static addresses that are bound to a specific port PARAMETERS The following parameters are d...

Page 100: ...ed by using another non secure port or by connecting to the switch via the serial interface NOTE If the learning mode for a given port in the MAC Learning Table is grayed out another software module i...

Page 101: ...Click Save Figure 20 MAC Address Table Configuration IEEE 802 1Q VLANS In large networks routers are used to isolate broadcast traffic for each subnet into separate domains This switch provides a simi...

Page 102: ...evices Priority tagging Assigning Ports to VLANs Before enabling VLANs for the switch you must first assign each port to the VLAN group s in which it will participate By default all ports are assigned...

Page 103: ...cluding whether or not the ports are VLAN aware enabling ingress filtering accepting Queue in Queue frames with embedded tags setting the accepted frame types and configuring the default VLAN identifi...

Page 104: ...cific Specific If the port is VLAN aware untagged frames received on the port are assigned to the default PVID and tagged frames are processed using the frame s VLAN ID If the port is not VLAN aware a...

Page 105: ...not communicate with any other ports on the switch except for the uplink ports Ports assigned to both a private VLAN and an 802 1Q VLAN are designated as uplink ports and can communicate with any dow...

Page 106: ...rs of PVLAN 1 require access Port Port identifier WEB INTERFACE To configure VLAN port members for private VLANs 1 Click Configuration Private VLANs PVLAN Membership 2 Add or delete members of any exi...

Page 107: ...ffic classes The manner in which an individual device handles traffic is called per hop behavior All devices along a path should be configured in a consistent manner to construct a consistent end to e...

Page 108: ...h untagged and tagged frames This priority does not apply to IEEE 802 1Q VLAN tagged frames If the incoming frame is an IEEE 802 1Q VLAN tagged frame the IEEE 802 1p User Priority bits will be used In...

Page 109: ...gure 25 Port QoS Configuration CONFIGURING DSCP REMARKING The Differentiated Services Code Point should be set at network boundaries or by trusted hosts within those boundaries to ensure a consistent...

Page 110: ...gs to this service aggregate Such packets may be sent into a network without adhering to any particular rules and the network will deliver as many of these packets as possible and as soon as possible...

Page 111: ...st of up to 24 entries and can be mapped to a specific port using the Port QoS Configuration menu page 108 Once a QCL is mapped to a port traffic matching the first entry in the QCL is assigned to the...

Page 112: ...ackets Range 600 ffff hex Default ffff A detailed listing of Ethernet protocol types can be found in RFC 1060 A few of the more common types include 0800 IP 0806 ARP 8137 IPX VLAN ID VLAN ID Range 1 4...

Page 113: ...iguration QoS Control Lists 2 Click the button to add a new QCL or use the other QCL modification buttons to specify the editing action i e edit delete or moving the relative position of entry in the...

Page 114: ...he customer service package by limiting traffic into or out of the switch Packets that exceed the acceptable amount of traffic are dropped while conforming traffic is forwarded without any changes PAR...

Page 115: ...f measure for the port shaper Options kbps Mbps Default kbps WEB INTERFACE To configure Rate Limits 1 Click Configuration QoS Rate Limiters 2 To set an rate limit on ingress traffic check Policer Enab...

Page 116: ...xceeding the specified threshold will then be dropped Note that the limit specified on this page applies to each port PARAMETERS The following parameters are displayed on the Storm Control Configurati...

Page 117: ...Enable storm control for unknown unicast broadcast or multicast traffic by marking the Status box next to the required frame type 3 Select the control rate as a function of 2n pps i e a value with no...

Page 118: ...o which matching frames are copied enable logging or shut down a port when a matching frame is seen Note that rate limiting configured with the Rate Limiter menu page 119 is implemented regardless of...

Page 119: ...Click Save Figure 30 ACL Port Configuration CONFIGURING RATE LIMITERS The ACL Rate Limiter Configuration page is used to define the rate limits applied to a port as configured either through the ACL...

Page 120: ...ess Control List Configuration page is used to define filtering rules for an ACL policy for a specific port or for all ports Rules applied to a port take effect immediately while those defined for a p...

Page 121: ...P option flag source destination IP VLAN ID VLAN priority PARAMETERS The following options are displayed on the Access Control List Configuration page ACCESS CONTROL LIST CONFIGURATION Ingress Port An...

Page 122: ...st UC unicast Default Any Ethernet MAC Parameters SMAC Filter The type of source MAC address Options Any MC multicast BC broadcast UC unicast Specific user defined Default Any DMAC Filter The type of...

Page 123: ...or RARP Reply opcode flag Default Any Sender IP Filter Specifies the sender s IP address Options Any no sender IP filter is specified Host specifies the sender IP address in the SIP Address field Netw...

Page 124: ...hether frames can be matched according to their ARP RARP protocol address space PRO settings Options Any any value is allowed 0 ARP RARP frames where the PRO is equal to IP 0x800 must not match this e...

Page 125: ...for this rule Options Any any value is allowed 0 TCP frames where the RST field is set must not match this entry 1 TCP frames where the RST field is set must match this entry Default Any TCP PSH Spec...

Page 126: ...dress and SIP Mask fields Default Any DIP Filter Specifies the destination IP filter for this rule Options Any no destination IP filter is specified Host specifies the destination IP address in the DI...

Page 127: ...ick the button to add a new ACL or use the other ACL modification buttons to specify the editing action i e edit delete or moving the relative position of entry in the list 3 When editing an entry on...

Page 128: ...tely unobtrusive manner PARAMETERS The following parameters are displayed on the Mirror Configuration page Port to mirror to The destination port that will mirror the traffic from the source port All...

Page 129: ...INTERFACE To configure port mirroring 1 Click Configuration Mirroring Then click Next 2 Select the destination port to which all mirrored traffic will be sent 3 Set the mirror mode on any of the sourc...

Page 130: ...ns 1 2c and 3 This agent continuously monitors the status of the switch hardware as well as the traffic passing through its ports A network management station can access this information using softwar...

Page 131: ...NMPv1 and SNMPv2c SNMPv3 uses the User based Security Model USM for authentication and privacy This Table 12 SNMP Security Models and Levels Model Level Community String Group Read View Write View Sec...

Page 132: ...D is deleted or changed all local SNMP users will be cleared You will need to reconfigure all existing users SNMP Trap Configuration Trap Mode Enables or disables SNMP traps Default Disabled You shoul...

Page 133: ...ult 1 second Trap Inform Retry Times The maximum number of times to resend an inform message if the recipient does not acknowledge receipt Range 0 255 Default 5 Trap Probe Security Engine ID SNMPv3 Sp...

Page 134: ...access strings if required and set the engine ID if SNMP version 3 is used 3 In the SNMP Trap Configuration table enable the Trap Mode to allow the switch to send SNMP traps Specify the trap version...

Page 135: ...CHAPTER 4 Configuring the Switch Simple Network Management Protocol 135 Figure 34 SNMP System Configuration...

Page 136: ...ate For SNMPv3 these strings are treated as a Security Name and are mapped as an SNMPv1 or SNMPv2 community string in the SNMPv3 Groups Configuration table see Configuring SNMPv3 Groups on page 138 So...

Page 137: ...digest for authenticating and encrypting packets sent to a user on the remote host SNMP passwords are localized using the engine ID of the authoritative agent For informs the authoritative SNMP agent...

Page 138: ...SNMPv3 Access Configuration page page 141 You can use the pre defined default groups or create a new group and the views authorized for that group PARAMETERS The following parameters are displayed on...

Page 139: ...new group 3 Select a security model 4 Select the security name For SNMP v1 and v2c the security names displayed are based on the those configured in the SNMPv3 Communities menu For USM the security n...

Page 140: ...dentifier of a branch within the MIB tree is included or excluded from the SNMP view Generally if the view type of an entry is excluded another entry of view type included should exist and its OID sub...

Page 141: ...characters ASCII characters 33 126 only Security Model The user security model Options any v1 v2c or the User based Security Model usm Default any Security Level The security level assigned to the gro...

Page 142: ...vice to broadcast its services to control points on the network Similarly when a control point is added to the network the UPnP discovery protocol allows that control point to search for UPnP enabled...

Page 143: ...rface Or right click on the entry and select Properties to display a list of device attributes advertised through UPnP PARAMETERS The following parameters are displayed on the UPnP Configuration page...

Page 144: ...the DHCP request it allocates a free IP address for the DHCP client from its defined scope for the DHCP client s subnet and sends a DHCP response back to the switch The switch then broadcasts the DHC...

Page 145: ...ault Disabled Relay Server IP address of DHCP server to be used by the switch s DHCP relay agent Relay Information Mode Enables or disables the DHCP Relay Option 82 support Note that Relay Mode must a...

Page 146: ...RFACE To configure DHCP Relay 1 Click Configuration DHCP Relay 2 Enable the DHCP relay function specify the DHCP server s IP address enable Option 82 information mode and set the policy by which to ha...

Page 147: ...act information PARAMETERS These parameters are displayed on the System Information page System To configure the following items see Configuring System Information on page 55 Contact Administrator res...

Page 148: ...m Log Information page to scroll through the logged system and event messages PARAMETERS These parameters are displayed on the System Log Information page Display Filter Level Specifies the type of lo...

Page 149: ...splay per page 3 Use Auto refresh to automatically refresh the page at regular intervals Refresh to update system log entries starting from the current entry ID or Clear to flush all system log entrie...

Page 150: ...SPLAYING ACCESS MANAGEMENT STATISTICS Use the Access Management Statistics page to view statistics on traffic used in managing the switch USAGE GUIDELINES Statistics will only be displayed on this pag...

Page 151: ...ON ABOUT PORTS You can use the Monitor Port menu to display a graphic image of the front panel which indicates the connection status of each port basic statistics on the traffic crossing each port the...

Page 152: ...smit The number of packets received and transmitted Bytes Receive Transmit The number of bytes received and transmitted Errors Receive Transmit The number of frames received with errors and the number...

Page 153: ...f packets received and transmitted through the low priority queue Normal Queue Receive Transmit The number of packets received and transmitted through the normal priority queue Medium Queue Receive Tr...

Page 154: ...er of received and transmitted broadcast packets good and bad Pause A count of the MAC Control frames received or transmitted on this port that have an opcode indicating a PAUSE operation Receive Tran...

Page 155: ...bber The total number of frames received that were longer than the configured maximum frame length for this port excluding framing bits but including FCS octets and had either an FCS or alignment erro...

Page 156: ...CHAPTER 5 Monitoring the Switch Displaying Information About Ports 156 WEB INTERFACE To display the detailed port statistics click Monitor Ports Detailed Statistics Figure 49 Detailed Port Statistics...

Page 157: ...on the RADIUS Overview page IP Address The IP address and UDP port number of this server Status The current state of the server This field takes one of the following values Disabled The server is dis...

Page 158: ...S These parameters are displayed on the RADIUS Details page RADIUS Authentication Statistics Receive Packets Access Accepts The number of RADIUS Access Accept packets valid or invalid received from th...

Page 159: ...a response This variable is incremented when an Access Request is sent and decremented due to receipt of an Access Accept Access Reject Access Challenge timeout or retransmission Timeouts The number...

Page 160: ...of RADIUS packets of unknown types that were received from the server on the accounting port Packets Dropped The number of RADIUS packets that were received from the server on the accounting port and...

Page 161: ...reply within the configured timeout The server has temporarily been disabled but will get re enabled when the dead time expires The number of seconds left before this occurs is displayed in parenthes...

Page 162: ...the Switch Displaying Information on Authentication Servers 162 WEB INTERFACE To display statistics for configured authentication and accounting servers click Monitor Authentication RADIUS Details Fig...

Page 163: ...iated with this Link Aggregation Group LAG Partner System ID LAG partner s system ID MAC address Partner Key The Key that the partner has assigned to this LAG Last Changed The time since this LAG chan...

Page 164: ...Current operational value of the key for the aggregation port Note that only ports with the same key can aggregate together Aggr ID The Aggregation ID assigned to this LAG Partner System ID LAG partne...

Page 165: ...ers are displayed on the LACP Port Statistics page Port Port Identifier LACP Transmitted The number of LACP frames sent from each port LACP Received The number of LACP frames received at each port Dis...

Page 166: ...closest to the root This switch communicates with the root device through this port If there is no root port then this switch has been accepted as the root device of the Spanning Tree network Root Co...

Page 167: ...nd continues learning addresses Path Cost The contribution of this port to the path cost of paths towards the spanning tree root which include this port This will either be a value computed from the A...

Page 168: ...Port Port Identifier Role Roles are assigned according to whether the port is part of the active topology connecting the bridge to the root bridge i e root port connecting a LAN through the bridge to...

Page 169: ...STATISTICS FOR STA Use the Port Statistics page to display statistics on spanning tree protocol packets crossing each port PARAMETERS These parameters are displayed on the RSTP Port Statistics page P...

Page 170: ...r State The current state of the port Disabled 802 1X and MAC based authentication are globally disabled Link Down 802 1X or MAC based authentication is enabled but there is no link on the port Author...

Page 171: ...r Port Security Status Figure 58 Port Security Status DISPLAYING PORT SECURITY STATISTICS Use the Port Security Statistics page to display IEEE 802 1X statistics and protocol information for each port...

Page 172: ...uthorized unauthorized clients below the two counter tables There are slight differences in the interpretation of the counters between port and MAC based authentication as shown below Access Challenge...

Page 173: ...ssible retransmissions are not counted Last Supplicant Info Version For port based authentication this field indicates the protocol version number carried in the most recently received EAPOL frame For...

Page 174: ...ing the Switch Displaying Port Security Information 174 WEB INTERFACE To display IEEE 802 1X statistics and protocol information for each port click Monitor Port Security Statistics Figure 59 Port Sec...

Page 175: ...o receive multicast traffic Querier Transmit The number of transmitted Querier messages Querier Receive The number of received Querier messages V1 Reports Receive The number of received IGMP Version 1...

Page 176: ...splay information advertised by LLDP neighbors and statistics on LLDP control frames DISPLAYING LLDP NEIGHBOR INFORMATION Use the LLDP Neighbor Information page to display information about devices co...

Page 177: ...y function s of the system as shown in the following table When a capability is enabled the capability is followed by If the capability is disabled the capability is followed by Management Address The...

Page 178: ...The number of times which the remote database on this switch dropped an LLDPDU because the entry table was full Total Neighbors Entries Aged Out The number of times that a neighbor s information has...

Page 179: ...ontrol frames click Monitor LLDP Port Statistics Figure 62 LLDP Port Statistics DISPLAYING DHCP RELAY STATISTICS Use the DHCP Relay Statistics page to display statistics for the DHCP relay service sup...

Page 180: ...ith a Remote ID option that did not match a known remote ID Client Statistics Transmit to Client The number of packets that were relayed from the server to a client Transmit Error The number of packet...

Page 181: ...ers are displayed on the MAC Address Table Start from VLAN and MAC address with entries per page These input fields allow you to select the starting point in the table Type Indicates whether the entry...

Page 182: ...CHAPTER 5 Monitoring the Switch Displaying the MAC Address Table 182 WEB INTERFACE To display the address table click Monitor MAC Address Table Figure 64 MAC Address Table...

Page 183: ...ods An IPv6 address consists of 8 colon separated 16 bit hexadecimal values One double colon may be used in the address to indicate the appropriate number of zeros required to fill the undefined field...

Page 184: ...agnostics can be performed on all ports or on a specific port Cable Status Shows the cable length operating conditions and isolates a variety of common faults that can occur on Category 5 twisted pair...

Page 185: ...in the cable status table Note that VeriPHY is only accurate for cables 7 140 meters long Ports will be linked down while running VeriPHY Therefore running VeriPHY on a management port will cause the...

Page 186: ...CHAPTER 6 Performing Basic Diagnostics Running Cable Diagnostics 186...

Page 187: ...tware restoring or saving configuration settings and resetting the switch RESETTING THE SWITCH Use the Reset Device page to restart the switch WEB INTERFACE To restart the switch 1 Click Maintenance R...

Page 188: ...lick Yes The factory defaults are immediately restored which means that no reboot is necessary Figure 68 Factory Defaults UPGRADING FIRMWARE Use the Software Upload page to upgrade the switch s system...

Page 189: ...ogress Do not reset or power off the device at this time or the switch may fail to function afterwards Figure 69 Software Upload REGISTERING THE PRODUCT Use the Register Product page to register your...

Page 190: ...of the file under which to save the current configuration settings The configuration file is in XML format The configuration parameters are represented as attribute values When saving the configuratio...

Page 191: ...CHAPTER 7 Performing System Maintenance Managing Configuration Files 191 Figure 72 Configuration Upload...

Page 192: ...CHAPTER 7 Performing System Maintenance Managing Configuration Files 192...

Page 193: ...on page 203 IP Commands on page 213 Authentication Commands on page 223 Port Commands on page 233 Link Aggregation Commands on page 243 LACP Commands on page 249 RSTP Commands on page 255 IEEE 802 1X...

Page 194: ...SECTION Command Line Interface 194 SNMP Commands on page 335 HTTPS Commands on page 357 SSH Commands on page 361 UPnP Commands on page 363 DHCP Commands on page 367 Firmware Commands on page 371...

Page 195: ...CONNECTION To access the switch through the console port perform these steps 1 At the console prompt enter the user name and password The default user name is admin with no password When the administ...

Page 196: ...tch and set the default gateway if you are managing the switch from a different IP subnet For example ip setup 192 168 0 10 255 255 255 0 192 168 0 1 1 If your corporate network is connected to anothe...

Page 197: ...command is a series of keywords and arguments Keywords identify a command and arguments specify configuration parameters Commands are organized into functional groups You can enter the full command fr...

Page 198: ...play a list of valid keywords for a specific command For example the command system displays a list of possible system commands help General Commands Help Get help on a group or a specific command Up...

Page 199: ...tem Access Add access_id start_ip_addr end_ip_addr web snmp telnet System Access Ipv6 Add access_id start_ipv6_addr end_ipv6_addr web snmp telnet System Access Delete access_id System Access Lookup ac...

Page 200: ...ameters as long as they contain enough letters to differentiate them from any other currently available commands or parameters You can use the Tab key to complete partial commands or enter a partial c...

Page 201: ...GMP Configures IGMP snooping query throttling and filtering 277 LLDP Configures Link Layer Discovery Protocol 287 MAC Configures the MAC address table including learning mode aging time and setting st...

Page 202: ...Upgrades firmware via a TFTP server 371 Debug Displays debugging information for all key functions These commands are not described in this manual Please refer to the prompt messages included in the...

Page 203: ...witch system system location Displays or sets the system location system password Displays or sets the administrator password system timezone Displays or sets the time zone for the switch s internal c...

Page 204: ...XAMPLE System configuration System Contact System Name System Location System Password Timezone Offset 0 MAC Address 00 01 c1 00 00 e1 System Time 1970 01 01 03 39 06 0000 System Uptime 03 39 06 Softw...

Page 205: ...ple shows how to restore all factory defaults System restore default System system contact This command displays or sets the system contact SYNTAX system contact contact contact String that describes...

Page 206: ...aces are permitted as part of the location string EXAMPLE System location WC5 System system password This command displays or sets the administrator password SYNTAX system password password clear pass...

Page 207: ...sed on the earth s prime meridian zero degrees longitude To display a time corresponding to your local time you must indicate the number of minutes your time zone is east before or west after of UTC E...

Page 208: ...6 0000 Frame of 243 bytes received on port 1 597 Info 1970 01 01 02 23 56 0000 Frame of 243 bytes received on port 0 System system access configuration This command displays the access mode and the nu...

Page 209: ...IP address es to the SNMP group telnet Adds IP address es to the Telnet group DEFAULT SETTING None COMMAND USAGE To set a single address for a entry enter the same address for both the start and end...

Page 210: ...ss must be formatted according to RFC 2373 IPv6 Addressing Architecture using 8 colon separated 16 bit hexadecimal values One double colon may be used to indicate the appropriate number of zeros requi...

Page 211: ...tem access lookup access id access id Entry index Range 1 16 EXAMPLE System Access lookup 1 Idx Start IP Address End IP Address WEB SNMP TELNET 1 192 168 1 0 192 168 2 0 Yes NO NO System Access system...

Page 212: ...E System Access statistics Access Management Statistics HTTP Receive 3 Allow 0 Discard 0 HTTPS Receive 0 Allow 0 Discard 0 SNMP Receive 0 Allow 0 Discard 0 TELNET Receive 0 Allow 0 Discard 0 SSH Recei...

Page 213: ...ets the DHCP client mode ip setup Displays or sets the switch s IPv4 address and gateway for the specified VLAN ip ping Sends ICMP echo request packets to another node on the network ip dns Displays o...

Page 214: ...ither of these address types You can manually configure a specific IPv4 or IPv6 address or direct the switch to obtain an IPv4 address from a DHCP server when it is powered on The IPv4 address for the...

Page 215: ...efault gateway vlan id VLAN to which the management address is assigned Range 1 4095 DEFAULT SETTING IP Address 192 168 2 10 Network Mask 255 255 255 0 Gateway none VLAN 1 COMMAND USAGE NOTE Only one...

Page 216: ...192 168 0 9 IP Mask 255 255 255 0 IP Router 192 168 0 1 DNS Server 0 0 0 0 VLAN ID 1 IP ip ping This command sends ICMP echo request packets to another node on the network SYNTAX ip ping ip addr packe...

Page 217: ...es from 192 168 2 19 icmp_seq 2 time 0ms 60 bytes from 192 168 2 19 icmp_seq 3 time 0ms 60 bytes from 192 168 2 19 icmp_seq 4 time 0ms Sent 5 packets received 5 OK 0 bad IP ip dns This command display...

Page 218: ...the IP address for a time server SYNTAX ip sntp ip addr ip addr IP address or IP alias of a time server NTP or SNTP An IPv4 address consists of 4 numbers 0 to 255 separated by periods DEFAULT SETTING...

Page 219: ...s or sets the switch s IPv6 address and gateway for the specified VLAN SYNTAX ip ipv6 setup ipv6 addr ipv6 prefix ipv6 gateway vlan id ipv6 addr The full IPv6 address of the switch including the netwo...

Page 220: ...e gateway has been configured on the switch EXAMPLE This example specifies the IPv6 address the prefix length the IPv6 gateway and the VLAN to which the address is assigned IP IPv6 setup 2001 DB8 2222...

Page 221: ...nation unreachable The gateway for this destination indicates that the destination is unreachable Network or host unreachable The gateway found no corresponding entry in the route table EXAMPLE IP IPv...

Page 222: ...APTER 10 IP Commands 222 COMMAND USAGE The switch attempts to periodically update the time from the specified server The polling interval is fixed at 15 minutes EXAMPLE IP IPv6 sntp 129 6 15 28 IP IPv...

Page 223: ...18 Authentication Commands Command Function auth configuration Displays settings for authentication servers and the authentication methods used for each access protocol auth timeout Displays or sets...

Page 224: ...isabled 49 Client Configuration Client Authentication Method Local Authentication Fallback console local Disabled telnet local Disabled ssh local Disabled web local Disabled Auth auth timeout This com...

Page 225: ...YNTAX auth radius server index enable disable ip addr secret server port server index Allows you to specify up to five servers These servers are queried in sequence until a server responds or the retr...

Page 226: ...5 Message Digest 5 TLS Transport Layer Security or TTLS Tunneled Transport Layer Security NOTE This guide assumes that RADIUS servers have already been configured to support AAA The configuration of R...

Page 227: ...ecret Quotes in the secret are not allowed DEFAULT SETTING Accounting Disabled Server Port 1813 COMMAND USAGE The switch supports the following accounting services Accounting for users that access the...

Page 228: ...et are not allowed DEFAULT SETTING Authentication Disabled Server Port 49 COMMAND USAGE By default management access is always checked against the authentication database stored on the local switch If...

Page 229: ...ssh Settings for SSH web Settings for HTTP or HTTPS none Disables access for the specified management protocol local Authenticates through the local database radius Authenticates through RADIUS tacac...

Page 230: ...Authentication Statistics Rx Access Accepts 0 Tx Access Requests 0 Rx Access Rejects 0 Tx Access Retransmissions 0 Rx Access Challenges 0 Tx Pending Requests 0 Rx Malformed Acc Responses 0 Tx Timeout...

Page 231: ...d 0 State Disabled Round Trip Time 0 ms Server 4 0 0 0 0 1812 RADIUS Authentication Statistics Rx Access Accepts 0 Tx Access Requests 0 Rx Access Rejects 0 Tx Access Retransmissions 0 Rx Access Challe...

Page 232: ...CHAPTER 11 Authentication Commands 232 Rx Bad Authenticators 0 Tx Pending Requests 0 Rx Unknown Types 0 Tx Timeouts 0 Rx Packets Dropped 0 State Disabled Round Trip Time 0 ms Auth...

Page 233: ...t state Displays or sets administrative state to enabled or disabled port mode Displays or sets port speed and duplex mode port flow control Displays or sets flow control mode port maxframe Displays o...

Page 234: ...00 Disabled Discard Down 16 Enabled Auto Disabled 9600 Disabled Discard Down 17 Enabled Auto Disabled 9600 Disabled Discard Down 18 Enabled Auto Disabled 9600 Disabled Discard Down 19 Enabled Auto Dis...

Page 235: ...o disable a port for security reasons EXAMPLE Port state 5 disable Port port mode This command displays or sets port speed and duplex mode of a port SYNTAX port mode port list 10hdx 10fdx 100hdx 100fd...

Page 236: ...COMMAND USAGE Flow control can eliminate frame loss by blocking traffic from end stations or segments connected directly to the switch when its buffers fill When enabled back pressure is used for hal...

Page 237: ...Port port power This command displays or sets the power provided to ports based on the length of the cable used to connect to other devices Only sufficient power is used to maintain connection require...

Page 238: ...enable Port power 5 Port Power Usage 5 Enabled 41 Port port excessive This command displays or sets the response to take when excessive transmit collisions are detected on a port SYNTAX port excessiv...

Page 239: ...packets received and transmitted through the low priority queue normal The number of packets received and transmitted through the normal priority queue medium The number of packets received and transm...

Page 240: ...e approximately 5 seconds If all ports are selected it can run approximately 15 seconds When completed the page refreshes automatically and you can view the cable diagnostics results in the cable stat...

Page 241: ...Open 2 2 OK 14 OK 14 Abnormal 3 Abnormal 3 3 Open 0 Open 0 Short 0 Short 0 4 Open 0 Open 0 Open 0 Open 0 5 Open 0 Open 0 Open 0 Open 0 6 Open 0 Open 0 Open 0 Open 0 7 Open 0 Open 0 Open 0 Open 0 8 Op...

Page 242: ...CHAPTER 12 Port Commands 242...

Page 243: ...nk via the configuration interface Besides balancing the load across each port in the trunk the other ports provide redundancy by taking over the load if a port in the trunk fails However before makin...

Page 244: ...it ports on the front panel can be trunked together including ports of different media types All the ports in a trunk have to be treated as a whole when moved from to added or deleted from a VLAN STP...

Page 245: ...eating a loop in the network be sure you add a static trunk via the configuration interface before connecting the ports EXAMPLE Aggr add 4 8 1 Aggr configuration Aggregation Mode SMAC Enabled DMAC Dis...

Page 246: ...many different hosts dmac Destination MAC Address All traffic with the same destination MAC address is output on the same link in a trunk This mode works best for switch to switch trunk links where t...

Page 247: ...each conversation are mapped to the same trunk link To achieve this requirement and to distribute a balanced load across all links in a trunk the switch uses a hash algorithm to calculate an output li...

Page 248: ...CHAPTER 13 Link Aggregation Commands 248...

Page 249: ...in standby mode Should one link in the trunk fail one of the standby ports will automatically be activated to replace it Besides balancing the load across each port in the trunk the other ports provid...

Page 250: ...e made for the entire trunk If the target switch has also enabled LACP on the connected ports the trunk will be activated automatically A trunk formed with another switch using LACP will automatically...

Page 251: ...sabled Auto Active 4 Enabled Auto Active 5 Enabled Auto Active 6 Enabled Auto Active 7 Enabled Auto Active 8 Disabled Auto Active 9 Disabled Auto Active 10 Disabled Auto Active LACP lacp mode This com...

Page 252: ...y The key must be set to the same value for ports that belong to the same LAG Range 0 65535 or auto DEFAULT SETTING auto A trunk formed with another switch using LACP will automatically be assigned th...

Page 253: ...em ID Partner Key Last Changed Ports 1 00 30 fc 12 34 56 3 01 34 46 4 5 Port Mode Key Aggr ID Partner System ID Partner Port 1 Disabled 2 2 Disabled 2 3 Disabled 1 4 Enabled 2 1 00 30 fc 12 34 56 2 5...

Page 254: ...ple shows the number of LACP frames received and transmitted as well as the number of unknown or illegal LACP frames that have been discarded LACP statistics 4 5 Port Rx Frames Tx Frames Rx Unknown Rx...

Page 255: ...ys or sets RSTP administrative mode for specified interfaces rstp cost Displays or sets RSTP path cost for specified interfaces rstp priority Displays or sets RSTP priority for specified interfaces rs...

Page 256: ...Point2point 1 Enabled Auto 128 Enabled Enabled Auto 2 Enabled Auto 128 Enabled Enabled Auto 3 Enabled Auto 128 Enabled Enabled Auto 4 Enabled Auto 128 Enabled Enabled Auto 5 Enabled Auto 128 Enabled...

Page 257: ...is a root port a new root port is selected from among the device ports attached to the network Note that references to ports in this section mean interfaces which includes both ports and trunks EXAMPL...

Page 258: ...ormal compatible Compatible with STP normal RSTP DEFAULT SETTING Normal COMMAND USAGE RSTP supports connections to either RSTP or STP nodes by monitoring the incoming protocol messages and dynamically...

Page 259: ...NTAX rstp cost port list path cost port list A specific port or a range of ports Range 1 28 all for all ports or 0 for all link aggregation groups path cost The path cost for an interface Range 1 2000...

Page 260: ...nk Type IEEE 802 1D 1998 IEEE 802 1w 2001 Ethernet Half Duplex Full Duplex Trunk 100 95 90 2 000 000 1 999 999 1 000 000 Fast Ethernet Half Duplex Full Duplex Trunk 19 18 15 200 000 100 000 50 000 Gig...

Page 261: ...priority the port with lowest numeric identifier will be enabled EXAMPLE RSTP priority 19 0 RSTP rstp edge This command displays or sets an edge port to enable fast forwarding SYNTAX rstp edge port li...

Page 262: ...specified ports SYNTAX rstp autoedge port list enable disable port list A specific port or a range of ports Range 1 28 or all enable Enables automatic edge port detection disable Disables automatic e...

Page 263: ...ster for point to point links than for shared media Specify a point to point link if the interface can only be connected to exactly one other bridge or a shared link if it can be connected to two or m...

Page 264: ...r all EXAMPLE This example displays RSTP statistics for port 1 and LAG1 For a description of the items displayed in this example refer to Displaying Port Statistics for STA on page 169 RSTP statistics...

Page 265: ...CHAPTER 15 RSTP Commands 265 appropriate BPDU format to send on the selected interfaces i e RSTP or STP compatible EXAMPLE RSTP mcheck RSTP...

Page 266: ...CHAPTER 15 RSTP Commands 266...

Page 267: ...ction dot1x configuration Displays 802 1X settings for the switch and specified ports dot1x mode Displays or sets the 802 1X mode for the switch dot1x state Displays or sets the 802 1X authentication...

Page 268: ...ed This state exists when 802 1X authentication is enabled the port has a link the Admin State is 802 1X and the supplicant is authenticated or when the Admin State is Authorized Unauthorized The port...

Page 269: ...ist A specific port or a range of ports Range 1 28 or all macbased Enables MAC based authentication on the port The switch does not transmit or accept EAPOL frames on the port Flooded frames and broad...

Page 270: ...nts are not restored EXAMPLE Dot1x state 9 authorized Dot1x state 9 Port Admin State Port State Last Source Last ID 9 Authorized Link Down Dot1x dot1x authenticate This command restarts the client aut...

Page 271: ...rized disable Disables 802 1X reauthentication DEFAULT SETTING Disabled COMMAND USAGE For port based authentication the re authentication process verifies the connected client s user ID and password o...

Page 272: ...t SYNTAX dot1x timeout eap timeout eap timeout The time that an interface on the switch waits during an authentication session before re transmitting an EAP packet Range 1 255 seconds DEFAULT SETTING...

Page 273: ...e a client is connected to a 3rd party switch or hub which in turn is connected to a port on this switch that is running MAC based authentication and suppose the client gets successfully authenticated...

Page 274: ...d specified by the auth timeout command page 224 the client is put on hold in the Unauthorized state In this state frames from the client will not cause the switch to attempt to re authenticate the cl...

Page 275: ...Dot1x statistics 1 Rx Access Rx Other Rx Auth Rx Auth Tx MAC Port Challenges Requests Successes Failures Responses Address 1 0 0 0 0 0 Dot1x statistics 1 Port 1 EAPOL Statistics Rx Total 0 Tx Total 3...

Page 276: ...CHAPTER 16 IEEE 802 1X Commands 276...

Page 277: ...all DEFAULT SETTING All ports Table 29 IGMP Commands Command Function igmp configuration Displays IGMP snooping settings for the switch all VLANs and specified ports igmp mode Displays or sets the IGM...

Page 278: ...ges are suppressed unless received from the last member port in the group Flooding Shows if unregistered multicast traffic is flooded into attached VLANs VLAN Settings VID VLAN identifier State Shows...

Page 279: ...it picks out the group registration information and configures the multicast filters accordingly EXAMPLE IGMP mode enable IGMP igmp state This command displays or sets the IGMP snooping state for the...

Page 280: ...e for asking hosts if they want to receive multicast traffic disable Disables the switch from serving as querier on this VLAN DEFAULT SETTING Disabled COMMAND USAGE A router or multicast enabled switc...

Page 281: ...oup specific GS query to that interface If Fast Leave is not used a multicast router or querier will send a GS query message when an IGMPv2 v3 group leave message is received The router querier stops...

Page 282: ...t the last dynamic member port in the group the receiving port is not a router port and no IGMPv1 member port exists in the group the switch will generate and send a group specific GS query to the mem...

Page 283: ...iltering port list add del group address port list A specific port or a range of ports Range 1 28 or all add Adds a new IGMP group filtering entry del Deletes a IGMP group filtering entry group addres...

Page 284: ...ter switch This interface will then join all the current multicast groups supported by the attached router switch to ensure that multicast traffic is passed to all appropriate interfaces within the sw...

Page 285: ...This command displays IGMP querier status and protocol statistics SYNTAX igmp status vlan id vlan id VLAN to which the management address is assigned Range 1 4095 DEFAULT SETTING Displays status for a...

Page 286: ...CHAPTER 17 IGMP Commands 286...

Page 287: ...port list port list A specific port or a range of ports Range 1 28 or all DEFAULT SETTING All ports Table 31 LLDP Commands Command Function lldp configuration Displays LLDP configuration settings for...

Page 288: ...ransmission only DEFAULT SETTING Disabled EXAMPLE LLDP mode enable LLDP lldp optional_tlv This command displays or sets LLDP optional TLVs for specified ports SYNTAX lldp optional_tlv port list port_d...

Page 289: ...specific interface associated with this address and an object identifier indicating the type of hardware component or protocol entity associated with this address The interface number and OID are inc...

Page 290: ...ULT SETTING 3 COMMAND USAGE The time to live tells the receiving LLDP agent how long to retain all information pertaining to the sending LLDP agent if it does not transmit updates in a timely manner E...

Page 291: ...init reinit reinit The delay before attempting to re initialize after LLDP ports are disabled or the link goes down Range 1 10 seconds DEFAULT SETTING 2 seconds COMMAND USAGE When LLDP is re initializ...

Page 292: ...rt or a range of ports Range 1 28 or all clear Clears LLDP statistics DEFAULT SETTING Disabled COMMAND USAGE For a description of the information displayed by this command see Displaying LLDP Port Sta...

Page 293: ...assis ID field CDP TLV Address is mapped into the LLDP Management Address field The CDP address TLV can contain multiple addresses but only the first address is shown in the LLDP neighbors table CDP T...

Page 294: ...CHAPTER 18 LLDP Commands 294...

Page 295: ...e 32 MAC Commands Command Function mac configuration Displays MAC address table configuration for specified ports mac add Adds a static MAC address to the specified port and VLAN mac delete Deletes a...

Page 296: ...o the assigned port and will not be moved When a static address is seen on another port the address will be ignored and will not be written to the address table A static address cannot be learned on a...

Page 297: ...X mac agetime age time age time The time after which a learned entry is discarded Range 10 1000000 seconds or 0 to disable aging DEFAULT SETTING 300 seconds EXAMPLE MAC agetime 100 MAC mac learning Th...

Page 298: ...An example of such a module is the MAC Based Authentication under 802 1X EXAMPLE MAC learning 9 secure MAC mac dump This command displays sorted list of MAC address entries SYNTAX mac dump mac max mac...

Page 299: ...or all DEFAULT SETTING Displays statistics for all ports EXAMPLE MAC statistics 1 Port Dynamic Addresses 1 0 Total Dynamic Addresses 5 Total Static Addresses 4 MAC mac flush This command clears all l...

Page 300: ...CHAPTER 19 MAC Commands 300...

Page 301: ...Displays VLAN attributes for specified ports and list of ports assigned to each VLAN vlan aware Displays or sets whether or not a port processes the VLAN ID in ingress frames vlan pvid Displays or se...

Page 302: ...has been assigned is different from the default PVID a tag indicating the VLAN to which this frame was assigned will be inserted in the egress frame Otherwise the frame is transmitted without a VLAN...

Page 303: ...ted in frames transmitted from the port The assigned VLAN ID can be based on the ingress tag for tagged frames or the default PVID for untagged ingress frames Note that this mode is normally used for...

Page 304: ...ot a member these frames will be flooded to all other ports DEFAULT SETTING Disabled COMMAND USAGE Ingress filtering only affects tagged frames Ingress filtering does not affect VLAN independent BPDU...

Page 305: ...VLAN 1 COMMAND USAGE Port overlapping can be used to allow access to commonly shared network resources among different VLAN groups such as file servers or printers Note that if you implement VLANs wh...

Page 306: ...CHAPTER 20 VLAN Commands 306 vlan lookup This command displays port members for specified VLAN SYNTAX vlan lookup vlan id vlan id VLAN identifier Range 1 4095 EXAMPLE VLAN lookup 2 VID Ports 2 9 VLAN...

Page 307: ...e of ports Range 1 28 or all EXAMPLE PVLAN configuration 1 10 Port Isolation 1 Disabled 2 Disabled 3 Disabled 4 Disabled 5 Disabled 6 Disabled 7 Disabled 8 Disabled 9 Disabled 10 Disabled PVLAN ID Por...

Page 308: ...of both a standard IEEE 802 1Q VLAN and the private VLAN By default all ports are configured as members of VLAN 1 and PVLAN 1 Because all of these ports are members of 802 1Q VLAN 1 isolation cannot b...

Page 309: ...isolate port list enable disable port list A specific port or a range of ports Range 1 28 or all enable Enables port isolation disable Disables port isolation DEFAULT SETTING Disabled COMMAND USAGE P...

Page 310: ...CHAPTER 21 PVLAN Commands 310...

Page 311: ...port Displays or sets the QCL assigned to specified ports qos qcl add Adds or modifies a QoS control entry qos qcl delete Deletes a QoS control entry qos qcl lookup Displays the specified QoS control...

Page 312: ...Strict 1 2 4 8 3 Low 0 1 Disabled Disabled Strict 1 2 4 8 4 Low 0 1 Disabled Disabled Strict 1 2 4 8 5 Low 0 1 Disabled Disabled Strict 1 2 4 8 6 Low 0 1 Disabled Disabled Strict 1 2 4 8 7 Low 0 1 Di...

Page 313: ...have VLAN tags are tagged with the input port s default ingress tag priority and then placed in the appropriate priority queue at the output port Note that if the output port is an untagged member of...

Page 314: ...atted packets Range 0x600 0xffff hex Default 0xffff A detailed listing of Ethernet protocol types can be found in RFC 1060 A few of the more common types include 0800 IP 0806 ARP 8137 IPX vlan id VLAN...

Page 315: ...ium Normal or High defined by that entry Traffic not matching any of the QCEs are classified to the default QoS Class for the port see the qos default command on page 312 EXAMPLE QoS QCL add 1 1 tos 1...

Page 316: ...s all QCLs EXAMPLE QoS QCL lookup QCL ID 1 QCE ID Type Class Mapping 1 VLAN ID 1 Low 2 UDP TCP 0 Low QoS QCL qos mode This command displays or sets the egress queuing mode for specified ports SYNTAX q...

Page 317: ...16 the switch uses the Weighted Round Robin WRR algorithm to determine the frequency at which it services each priority queue The traffic classes are mapped to one of the egress queues provided for ea...

Page 318: ...orts SYNTAX qos shaper port list enable disable bit rate port list A specific port or range of ports Range 1 28 or all enable Enables egress rate limiting disable Disables egress rate limiting bit rat...

Page 319: ...then be dropped Due to an ASIC limitation the enforced rate limits are slightly less than the listed options For example 1 Kpps translates into an enforced threshold of 1002 1 pps EXAMPLE QoS Storm un...

Page 320: ...ackets are dropped Options 1 2 4 512 1k 2k 4k 1024k pps DEFAULT SETTING Disabled 2 pps when enabled COMMAND USAGE The specified limit applies to each port Any packets exceeding the specified threshold...

Page 321: ...P remarking for specified ports SYNTAX qos dscp queue mapping port list class dscp port list A specific port or range of ports Range 1 28 or all class Output queue buffer Range low normal medium high...

Page 322: ...CHAPTER 22 QoS Commands 322...

Page 323: ...sabled Disabled Disabled Disabled 0 4 1 Permit Disabled Disabled Disabled Disabled 818 5 1 Permit Disabled Disabled Disabled Disabled 818 Rate Limiter Rate 1 1 2 1 3 1 4 1 5 1 6 1 Table 37 ACL Command...

Page 324: ...ed policy see the acl policy command rate limiter Specifies a rate limiter see the acl rate command on page 325 to apply to the port Range 1 15 or disable port copy Defines a port to which matching fr...

Page 325: ...cy 9 7 ACL acl rate This command displays or sets the rate limiter and maximum packet rate SYNTAX acl rate rate limiter list packet rate rate limiter list Rate limiter identifier Range 1 15 packet rat...

Page 326: ...ntifier to which this ACE is assigned Range 1 8 vlan id The VLAN to filter for this rule Range 1 4095 or any tag priority Specifies the User Priority value found in the VLAN tag 3 bits as defined by I...

Page 327: ...where the PRO is equal to IP 0x800 any any value is allowed Default any ip One of the following IP parameters sip Source IP address a b c d n or any dip Destination IP address a b c d n or any protoc...

Page 328: ...P frames with any value in the PSH field ack TCP frames with any value in the ACK field urg 0 1 any Specifies the TCP Urgent Pointer field significant URG value for this rule Options 0 TCP frames wher...

Page 329: ...s command deletes an access control entry SYNTAX acl delete ace id ace id An ACL entry Range 1 128 DEFAULT SETTING None EXAMPLE ACL delete 9 ACL acl lookup This command displays the specified access c...

Page 330: ...APTER 23 ACL Commands 330 Tag Priority Any ACL acl clear This command clears all ACL counters displayed in the ACL lookup table see the acl lookup command page 329 SYNTAX acl clear EXAMPLE ACL clear A...

Page 331: ...isabled 2 Disabled 3 Disabled 4 Disabled 5 Disabled Mirror mirror port This command displays or sets the destination port to which data is mirrored SYNTAX mirror port port disable port The destination...

Page 332: ...mode for specified source ports SYNTAX mirror mode port list enable disable rx tx port list A specific port or range of ports Range 1 28 or all enable Mirror both received and transmitted packets disa...

Page 333: ...later be downloaded to the switch to restore system operation The success of the file transfer depends on the accessibility of the TFTP server and the quality of the network connection The configurati...

Page 334: ...y saved configuration file The destination file name should not contain slashes or the leading letter of the file name should not be a period and the maximum length is 31 characters for files on the s...

Page 335: ...for SNMP read access snmp write community Displays or sets the community string for SNMP read write access snmp trap mode Displays or sets the SNMP trap mode snmp trap version Displays or sets the SNM...

Page 336: ...Enabled snmp community add Adds or modifies an SNMPv3 community entry snmp community delete Deletes an SNMPv3 community entry snmp community lookup Displays SNMPv3 community entries snmp user add Add...

Page 337: ...ecurity Name Group Name 1 v1 public default_ro_group 2 v1 private default_rw_group 3 v2c public default_ro_group 4 v2c private default_rw_group 5 usm default_user default_rw_group Number of entries 5...

Page 338: ...SNMP version 3 SNMP snmp read community This command displays or sets the community string for SNMP read access SYNTAX snmp read community community community The community string used for read only a...

Page 339: ...thentication and privacy This community string is associated with SNMPv1 or SNMPv2 clients in the SNMPv3 communities table see the snmp community lookup command on page 347 EXAMPLE SNMP write communit...

Page 340: ...P v1 COMMAND USAGE This command specifies whether to send notifications as SNMP v1 v2c or v3 traps EXAMPLE SNMP Trap version 3 SNMP Trap snmp trap community This command displays or sets the community...

Page 341: ...pv6 address ipv6 address IPv6 address of the management station to receive notification messages An IPv6 address must be formatted according to RFC 2373 IPv6 Addressing Architecture using 8 colon sepa...

Page 342: ...USAGE When this function is enabled the switch will issue a notification message whenever a port link is established or broken EXAMPLE SNMP Trap link up enable SNMP Trap snmp trap inform mode This co...

Page 343: ...trap inform timeout SYNTAX snmp trap inform timeout timeout timeout The number of seconds to wait for an acknowledgment before re sending an inform message Range 0 2147 seconds DEFAULT SETTING 1 secon...

Page 344: ...he SNMP trap security engine ID SYNTAX snmp trap security engine id engine id engine id Specifies the SNMP trap security engine ID Range 10 64 hex digits excluding a string of all 0 s or all F s DEFAU...

Page 345: ...NMP snmp engine id This command displays or sets the SNMPv3 local engine ID SYNTAX snmp engine id engine id engine id The SNMPv3 engine ID Range 10 64 hex digits excluding a string of all 0 s or all F...

Page 346: ...d command page 350 ip address Specifies the source address of an SNMP client address mask Specifies the address mask for the SNMP client DEFAULT SETTING public private COMMAND USAGE All community stri...

Page 347: ...ries EXAMPLE SNMP Community lookup Idx Community Source IP Source Mask 1 public 0 0 0 0 0 0 0 0 2 private 0 0 0 0 0 0 0 0 3 r d 192 168 2 19 255 255 255 0 Number of entries 3 SNMP Community snmp user...

Page 348: ...HA des The encryption algorithm use for data privacy only 56 bit DES is currently available priv password A string identifying the privacy pass phrase Range 8 40 characters ASCII characters 33 126 onl...

Page 349: ...ts excluding a string of all 0 s or all F s user name The name of user connecting to the SNMP agent Range 1 32 characters ASCII characters 33 126 only auth password A plain text string identifying the...

Page 350: ...ty add command page 346 can be used For USM or SNMPv3 the names configured with the local engine ID with the snmp user add command page 347 can be used To modify an entry for USM the current entry mus...

Page 351: ...ault_rw_group 5 usm default_user default_rw_group 6 usm steve tps Number of entries 6 SNMP Group delete 6 SNMP Group snmp group lookup This command displays SNMPv3 group entries SYNTAX snmp group look...

Page 352: ...ntifiers of branches within the MIB tree Note that the first character must be a period Wild cards can be used to mask a specific portion of the OID string using an asterisk Length 1 128 DEFAULT SETTI...

Page 353: ...level read view name write view name group name The name of the SNMP group Range 1 32 characters ASCII characters 33 126 only security model The user security model Options any v1 v2c or the User base...

Page 354: ...Entry a SNMP Access snmp access delete This command deletes an SNMPv3 access entry SYNTAX snmp access delete index index Index to SNMPv3 access table Range 1 64 DEFAULT SETTING None EXAMPLE SNMP Acces...

Page 355: ...TER 26 SNMP Commands 355 EXAMPLE SNMP Access lookup Idx Group Name Model Level 1 default_ro_group any NoAuth NoPriv 2 default_rw_group any NoAuth NoPriv 3 r d usm Auth Priv Number of entries 3 SNMP Ac...

Page 356: ...CHAPTER 26 SNMP Commands 356...

Page 357: ...ational mode SYNTAX https mode enable disable enable Enables HTTPS service on the switch disable Disables HTTPS service on the switch DEFAULT SETTING Disabled COMMAND USAGE You can configure the switc...

Page 358: ...illa Firefox 2 0 0 0 or above The following web browsers and operating systems currently support HTTPS EXAMPLE HTTPS mode enable HTTPS https redirect This command displays or sets HTTPS redirect mode...

Page 359: ...CHAPTER 27 HTTPS Commands 359 EXAMPLE HTTPS redirect enable HTTPS...

Page 360: ...CHAPTER 27 HTTPS Commands 360...

Page 361: ...switch DEFAULT SETTING Disabled COMMAND USAGE SSH provides remote management access to this switch as a secure replacement for Telnet When the client contacts the switch via the SSH protocol the switc...

Page 362: ...e authenticated either locally or via a RADIUS or TACACS remote authentication server as specified the auth radius command page 225 or auth tacacs command page 228 To use SSH with password authenticat...

Page 363: ...ables UPnP on the switch disable Disables UPnP on the switch DEFAULT SETTING Disabled COMMAND USAGE The first step in UPnP networking is discovery When a device is added to the network the UPnP discov...

Page 364: ...rvice includes a list of actions the service responds to and a list of variables that model the state of the service at run time If a device has a URL for presentation then the control point can retri...

Page 365: ...Service Discover Protocol SSDP packets which informs a control point or control points how often it or they should receive a SSDP advertisement message from this switch Due to the unreliable nature of...

Page 366: ...CHAPTER 29 UPnP Commands 366...

Page 367: ...mode SYNTAX dhcp relay mode enable disable enable Enables the DHCP relay function disable Disables the DHCP relay function DEFAULT SETTING Disabled Table 45 DHCP Commands Command Function dhcp relay c...

Page 368: ...DHCP response to the client A DHCP relay server must first be configured see the dhcp relay server command on page 368 before DHCP relay mode can be enabled with this command EXAMPLE DHCP Relay mode e...

Page 369: ...aving to flood them to the entire VLAN EXAMPLE DHCP Relay Information mode enable DHCP Relay Information dhcp relay information policy This command displays or sets the DHCP relay policy for DHCP clie...

Page 370: ...Relay statistics Server Statistics Transmit to Server 0 Transmit Error 0 Receive from Server 0 Receive Missing Agent Option 0 Receive Missing Circuit ID 0 Receive Missing Remote ID 0 Receive Bad Circ...

Page 371: ...ware by specifying a file provided by Edgecore You can download firmware files for your switch from the Support section of the Edgecore web site at www edge core com After the software image is upload...

Page 372: ...opyright C 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 Free Software Foundation Inc RedBoot is free software covered by the eCos license derived from the GNU General Public License You are welco...

Page 373: ...ay be used in the address to indicate the appropriate number of zeros required to fill the undefined fields file name The name of the file to load from the TFTP server The destination file name should...

Page 374: ...CHAPTER 31 Firmware Commands 374...

Page 375: ...375 SECTION IV APPENDICES This section provides additional information and includes these items Software Specifications on page 377 Troubleshooting on page 381...

Page 376: ...SECTION Appendices 376...

Page 377: ...NTROL Full Duplex IEEE 802 3 2005 Half Duplex Back pressure STORM CONTROL Broadcast multicast or unicast traffic throttled above a critical threshold PORT MIRRORING Multiple source ports one destinati...

Page 378: ...affic shaping MULTICAST FILTERING IGMP Snooping ADDITIONAL FEATURES DHCP Client DNS Proxy LLDP Link Layer Discover Protocol RMON Remote Monitoring groups 1 2 3 9 SMTP Email Alerts SNMP Simple Network...

Page 379: ...g ARP RFC 826 DHCP Client RFC 2131 HTTPS ICMP RFC 792 IGMP RFC 1112 IGMPv2 RFC 2236 IGMPv3 RFC 3376 partial support RADIUS RFC 2618 RMON RFC 2819 groups 1 2 3 9 SNMP RFC 1157 SNMPv2c RFC 2571 SNMPv3 R...

Page 380: ...te MIB Quality of Service MIB RADIUS Accounting Server MIB RFC 2621 RADIUS Authentication Client MIB RFC 2621 RMON MIB RFC 2819 RMON II Probe Configuration Group RFC 2021 partial implementation SNMPv2...

Page 381: ...umber of concurrent Telnet SSH sessions permitted Try connecting again at a later time Cannot connect using Secure Shell If you cannot connect using SSH you may have exceeded the maximum number of con...

Page 382: ...r messages reported to include all categories 3 Enable SNMP 4 Enable SNMP traps 5 Designate the SNMP host that is to receive the error messages 6 Repeat the sequence of commands or other actions that...

Page 383: ...well defined set of building blocks from which a variety of aggregate forwarding behaviors may be built Each packet carries information DS byte used by each hop to give it a particular forwarding trea...

Page 384: ...le Authentication Protocol over LAN EAPOL is a client authentication protocol used by this switch to verify the network access rights for any device that is plugged into the switch A user name and pas...

Page 385: ...EE 802 3AC Defines frame extensions for VLAN tagging IEEE 802 3X Defines Ethernet frame start stop requests and timers used for flow control on full duplex links Now incorporated in IEEE 802 3 2002 IG...

Page 386: ...an algorithm that is used to create digital signatures It is intended for use with 32 bit machines and is safer than the MD4 algorithm which has been broken MD5 is a one way hash function meaning tha...

Page 387: ...n ports within the assigned VLAN Data traffic on downlink ports can only be forwarded to and from uplink ports QOS Quality of Service QoS refers to the capability of a network to provide better servic...

Page 388: ...k systems Spanning Tree detects and directs data along the shortest available path maximizing the performance and efficiency of the network TACACS Terminal Access Controller Access Control System Plus...

Page 389: ...al LAN A Virtual LAN is a collection of network nodes that share the same collision domain regardless of their physical location or connection point in the network A VLAN serves as a logical workgroup...

Page 390: ...GLOSSARY 390...

Page 391: ...ress port 108 312 default settings system 33 DHCP 57 214 client 57 214 dynamic configuration 40 DHCP relay information option 145 368 information option policy 145 369 DNS server 57 217 Domain Name Se...

Page 392: ...in menu 51 management access filtering IP addresses 61 208 Management Information Bases MIBs 379 maximum frame size 64 mirror port configuring 128 331 multicast filtering 91 277 multicast groups 175 2...

Page 393: ...on 264 transmission hold count 77 258 transmission limit 77 258 standards IEEE 379 static addresses setting 100 296 statistics port 152 239 STP 77 258 STP Also see STA switch settings restoring 190 33...

Page 394: ...INDEX 394 W web interface access requirements 49 configuration buttons 50 home page 50 menu list 51 panel display 51...

Page 395: ......

Page 396: ...ES4528V E072009 ST R01 149100000014A...

Reviews:

No comments