FibroLAN Falcon-RX/812/G/A User Manual Download Page 99 | Manualshive

Page: 99 / 333

background image

Falcon R-Class | User Guide

99

Table 4-62: Authentication Method Configurations Parameters

Authentication Method Configuration

Client

The management client for which the configuration below applies.

Authentication
Methods

Authentication Method can be set to one of the following values:

•

No

: authentication is disabled, and login is not possible.

•

local

: use the local user database on the switch for authentication.

•

radius

: use a remote RADIUS server for authentication.

•

: use a remote server for authentication

Methods that involve remote servers are timed out if the remote servers are offline. In this case
the next method is tried. Each method is tried from left to right and continues until a method
either approves or rejects a user. If a remote server is used for primary authentication it is
recommended to configure secondary authentication as 'local'. This will enable the management
client to login via the local user database if none of the configured authentication servers are
alive.

Command Authorization Method Configuration

The command authorization section allows you to limit the CLI commands available to a user.

Client

The management client for which the configuration below applies.

Method

Method can be set to one of the following values:

•

no

: Command authorization is disabled. User is granted access to CLI

commands according to his privilege level.

•

tacacs

: Use remote server(s) for command authorization. If

all remote servers are offline, the user is granted access to CLI
commands according to his privilege level.

Cmd Lvl

Authorize all commands with a privilege level higher than or equal to this
level. Valid values are in the range of 0 to 15.

Cfg Cmd

Also authorize configuration commands.

Accounting Method Configuration

Client

The management client for which the configuration below applies.

Method

Method can be set to one of the following values:

•

no

: Accounting is disabled.

•

tacacs

: Use remote server(s) accounting.

Cmd Lvi

Enable accounting of all commands with a privilege level higher than or
equal to this level. Valid values are in the range 0 to 15. Leave the field
empty to disable command accounting.

Exec

Enable exec (login) accounting.

4.8.1.4

SSH Configuration

is an acronym for

S

ecure

Sh

ell. It is a network protocol that allows data to be exchanged using a

secure channel between two networked devices. The encryption used by SSH provides confidentiality

«
...
97
98
99
100
101
...
»

Summary of Contents for Falcon-RX/812/G/A

Page 1: ...Falcon R Class User Guide Falcon RX Software version 8 0 20 www fibrolan com...

Page 2: ...ritten permission from Fibrolan Ltd Special Notes The R Class series includes various Falcon RX models Please refer to the Alphabetical Glossary of terms and definitions for clarification of the termi...

Page 3: ...ame Processing Overview 18 4 3 System Information 19 System Information Configuration 19 IP Configuration 19 IP Interfaces 21 IP Routes 23 NTP Configuration 23 Time Zone 26 System Log Configuration 28...

Page 4: ...uthentication Server Configuration AAA 141 4 9 SyncCenter Configuration 150 Overview 150 Mode Configuration 150 Sync Source Configuration 150 SyncCenter Visual Indicators 152 Sync Output 152 Source Se...

Page 5: ...MLD Snooping VLAN Configuration 205 MLD Snooping Status 207 MLD Snooping Groups Information 209 MLD SFM Information 209 4 17 Link Aggregation 210 Common Aggregation Configuration 211 Aggregation Group...

Page 6: ...Server Binding IP 271 DHCP Server Declined IP 272 DHCP Detailed Statistics Port 1 272 5 3 Simple Network Management Protocol SNMP 275 SNMP System Configuration 275 Trap Configuration 276 Trap Source C...

Page 7: ...ftware Image Select 302 7 4 Configuration Management 304 Save startup configuration 304 Download Configuration 304 Upload Configuration 304 Activate 305 Delete 305 7 5 Power Supply Overview 306 AC Pow...

Page 8: ...speed Copper management port is included All ports can operate at full wire speed with a total forwarding capacity of 200Gbps The system offers advanced Quality of Service QoS features including class...

Page 9: ...D 1 4 Typical Applications 5G Fronthaul Backhaul Convergence Evolved mobile networks requires high level of synchronization to operate The required accuracy level increases as the networks further ev...

Page 10: ...ty in production which dictates specific requirement for synchronization In such environment where man and machine coexist and work together side by side all actions must be coordinated and mutually a...

Page 11: ...Falcon R Class User Guide 11 2 System Description 2 1 Block Diagram Figure 2 1 R Class functional block diagram...

Page 12: ...PS Console RJ 45 RS 232 115 200Bd CLI Cisco like OAM IEEE802 3ah when connected to third party edge switch that supports the standard Management integration Integration with 3rd party network manageme...

Page 13: ...1731 data plane support several functions of this standard require HW based support These functions are o Loss measurement o Delay measurement o Delay variation measurement Linear Ethernet Protection...

Page 14: ...ct required cables to ports twisted pair RJ45 Ethernet and fiber Ethernet SFPs 6 Verify that the ports Link and Speed LEDs are lit per connected interfaces 7 Configure the selected device via the cons...

Page 15: ...oots up 3 The system prompts you to log in Default username moose Default password 1234 Note if you experiment difficulty in the connection contact Fibrolan support International support Fibrolan com...

Page 16: ...or Displays a variety of statuses from the device and other device info that enable system administrator to following up and check if the device is working properly Diagnostics Includes tools to diagn...

Page 17: ...configuration section Displays detailed data for the selected from one of the functionality menus Auto refresh Check this box to refresh the page automatically Automatic refresh occurs every 3 second...

Page 18: ...fication the frames are passed to the Policer If the Policer is not selected the frames pass untouched From the Policer the frames enter the Ingress Queue Some prioritization algorithms are used to ha...

Page 19: ...ct person for this managed node together with information on how to contact this person The allowed string length is 0 to 255 and the allowed content is the ASCII characters from 32 to 126 System Name...

Page 20: ...t address of the DNS Server in dotted decimal notation Make sure the configured DNS server could be reachable e g via PING for activating DNS service Configured IPv6 Explicitly provide the valid IPv6...

Page 21: ...C address will be used in the DHCP option 61 field IPv4 DHCP Client Identifier ASCII The ASCII string of DHCP client identifier When DHCPv4 client is enabled and the client identifier type is ascii th...

Page 22: ...28 bit records represented as eight fields of up to four hexadecimal digits with a colon separating each field For example 2001 1 90 The symbol is a special syntax that can be used as a shorthand way...

Page 23: ...istance Only for IPv4 The distance value of route entry is used to provide the priority information of the routing protocols to routers When there are two or more different routing protocols are invol...

Page 24: ...t Configuration Table 4 5 NTP Client Configuration Parameters Client Configuration Mode Indicates the NTP Client operation mode Possible modes are Enabled Enable NTP mode operation Disabled Disable NT...

Page 25: ...erver Configuration Parameters Client Configuration Mode Indicates the NTP Client operation mode Possible modes are Enabled Enable NTP mode operation Disabled Disable NTP mode operation Server ID Up t...

Page 26: ...cation to set the clock forward or backward according to the configurations set below for a defined Daylight Saving Time duration Select Disable to disable the Daylight Saving Time configuration Defau...

Page 27: ...t the ending hour Minutes Select the ending minute Offset settings Offset Enter the number of minutes to add during Daylight Saving Time Range 1 to 1440 Non Recurring Configurations Start time setting...

Page 28: ...provide acknowledgments The syslog packet will always send out even if the syslog server does not exist Possible modes are Enabled Enable server mode operation Disabled Disable server mode operation...

Page 29: ...ration Parameters Event Index Event Unique Name of the Event Severity Indicates the severity of the event Notice Info Warning Enable Disable Enable Event Change will take effect on all checked interfa...

Page 30: ...e port Configured Speed Selects available link speed for the given switch port Only speeds supported by the specific port are shown Possible speeds are Disabled Disables the switch port operation Auto...

Page 31: ...ty that is advertised to the link partner When a fixed speed setting is selected traffic that is what is selected Current Rx This column indicates whether pause frames on the port are obeyed Current T...

Page 32: ...sulated in the payload of the frame If frame length check is enabled frames with payload size less than 1536 bytes are dropped if the EtherType Length field doesn t match the actual payload length If...

Page 33: ...ype Indicates module Type Range Indicates the SFP s nominal optical range Wavelength Indicates the SFP wavelength separately for transmit and receive Serial Indicates the SFP s serial number SFP Opera...

Page 34: ...r device RX Power Module s allowed receive optical power range dBm TX Power Module s allowed transmit optical power range dBm Temperature Module s allowed internal temperature range Bias Current Modul...

Page 35: ...Overview Parameters Port The logical port for the settings contained in the same row Packets The number of received and transmitted packets per port Bytes The number of received and transmitted bytes...

Page 36: ...conflict if a specific QCE is not applied to the hardware due to hardware limitations The maximum number of QCEs is 256 on each switch QCL is an acronym for QoS Control List It is the list table of Q...

Page 37: ...y ACL Policy number Ingress Map Classify Ingress Map ID Conflict Displays Conflict status of QCL entries As H W resources are shared by multiple applications It may happen that the resources required...

Page 38: ...ved and transmitted good and bad multicast packets Rx and Tx Broadcast The number of received and transmitted good and bad broadcast packets Rx and Tx Pause A count of the MAC Control frames received...

Page 39: ...output buffer congestion Tx Late Exc Coll The number of frames dropped due to excessive or late collisions Green Ethernet This page allows the user to configure the port power savings features EEE is...

Page 40: ...if the traffic can be buffered up until a large burst of traffic can be transmitted Buffering traffic will give some latency in the traffic Note For Port Power Savings refer to Port Power Savings Conf...

Page 41: ...equipment sending the frame The SMAC address is used by the switch to automatically update the MAC table with these dynamic MAC addresses Dynamic entries are removed from the MAC table if no frame wi...

Page 42: ...ning is done automatically as soon as a frame with an unknown SMAC is received Disable No learning is done Secure Only static MAC entries are learned all other frames are dropped Note Make sure that t...

Page 43: ...entry Click to Add New Static Entry to add a new entry to the static MAC table Specify the VLAN ID MAC address and port members for the new entry Click Save Monitoring the MAC Address Table Entries in...

Page 44: ...lue of the first displayed entry allowing for continuous refresh with the same start address The button will use the last entry of the currently displayed VLAN MAC address pairs as a basis for the nex...

Page 45: ...same VLAN must be forwarded through a router VLANs are essentially Layer 2 constructs whereas IP subnets are Layer 3 constructs In a LAN employing VLANs a one to one relationship often exists between...

Page 46: ...l create VLANs 1 10 11 12 13 200 and 300 1 10 13 200 300 Spaces are allowed in between the delimiters Ethertype for Custom S ports This field specifies the ethertype TPID specified in hexadecimal used...

Page 47: ...ult is Access determines the fundamental behavior of the port in question A port can be in one of three modes as described below Whenever a particular mode is selected the remaining fields in that row...

Page 48: ...uration is set to untag Port VLAN The Port VLAN is called an Access VLAN for ports in Access mode and Native VLAN for ports in Trunk or Hybrid mode Port Type Ports in hybrid mode allow for changing th...

Page 49: ...ames are transmitted with the relevant tag Tag All All frames whether classified to the Port VLAN or not are transmitted with a tag Untag All All frames whether classified to the Port VLAN or not are...

Page 50: ...t in the VLAN Table Clicking the Refresh button will update the displayed table starting from that or the closest next VLAN Table match The will use the last entry of the currently displayed VLAN entr...

Page 51: ...Status for Combined Users Table 4 25 VLAN Port Status for Combined Users Parameters Port The logical port for the settings contained in the same row Port Type Shows the port type Unaware C Port S Por...

Page 52: ...membership status of VLAN users VLAN User Various internal software modules may use VLAN services to configure VLAN memberships on the fly The drop down list on the right allows for selecting between...

Page 53: ...ll be displayed If a port is in the forbidden port list and at the same time attempted included in the VLAN the following image will be displayed The port will not be a member of the VLAN in this case...

Page 54: ...into Groups identified by the Group ID This way a port is configured to use several VLAN Translation mappings easily by simply configuring it to use a given group Then the number of possible groups in...

Page 55: ...an be configured to use the same group A valid Group ID is an integer value from 1 to 10 Note By default each port is set to use the group with Group ID equal to the port number For example port 1 is...

Page 56: ...implementation of transparent L2 service for high numbers of customers Determination of which service to assign a frame to can be based on Ingress port All frames received on a specific ingress port...

Page 57: ...box To remove or exclude the port from the private VLAN make sure the box is unchecked By default no ports are members and all boxes are unchecked Add a New Private VLAN Click to add a new private VLA...

Page 58: ...te To delete a MAC to VLAN ID mapping entry check this box and press save The entry will be deleted in the stack MAC Address Indicates the MAC address of the mapping VLAN ID Indicates the VLAN ID the...

Page 59: ...d the valid value of the following text field will vary depending on the new frame type you selected Value Valid value that can be entered in this text field depends on the option selected from the pr...

Page 60: ...combination of alphabets a z or A Z and integers 0 9 Note Special characters and underscores _ are not allowed Adding a New Group to VLAN mapping entry Click Add New Entry to add a new entry in the ma...

Page 61: ...e mapped A valid VLAN ID ranges from 1 to 4095 Port Members A row of check boxes for each port is displayed for each Group Name to VLAN ID mapping To include a port in the mapping check the box To rem...

Page 62: ...port is displayed for each IP subnet to VLAN ID mapping entry To include a port in a mapping simply check the box To remove or exclude the port from the mapping make sure the box is unchecked By defau...

Page 63: ...e must disable MSTP feature before we enable Voice VLAN It can avoid the conflict of ingress filtering Possible modes are Enabled Enable Voice VLAN mode operation Disabled Disable Voice VLAN mode oper...

Page 64: ...n parameters Port Configuration Port The logical port for the settings contained in the same row Mode Indicates the Voice VLAN port mode Possible modes are Disabled Disjoin from Voice VLAN Auto Enable...

Page 65: ...DP or Both Changing the discovery protocol to OUI or LLDP will restart auto detect process Possible discovery protocols are OUI Detect telephony device by OUI address LLDP Detect telephony device by L...

Page 66: ...opriate multicast group address Uplink ports that send and receive multicast data to and from the multicast VLAN are called MVR source ports It is allowed to create at maximum 4 MVR VLANs with corresp...

Page 67: ...given it should contain at least one alphabet MVR VLAN name can be edited for the existing MVR VLAN entries or it can be added to the new entries IGMP Address Define the IPv4 address as source addres...

Page 68: ...ogical port for the settings Port Role Configure an MVR port of the designated MVR VLAN as one of the following roles Inactive The designated port does not participate MVR operations Source Configure...

Page 69: ...ping Fast Leave processing allows the switch to remove an interface from the forwarding table entry without first sending out group specific queries to the interface The VLAN interface is pruned from...

Page 70: ...Joins Received The number of Received IGMPv1 Join s IGMPv2 MLDv1 Reports Received The number of Received IGMPv2 Join s and MLDv1 Report s respectively IGMPv3 MLDv2 Reports Received The number of Rece...

Page 71: ...tion Table match In addition the two input fields will upon a Refresh button click assume the value of the first displayed entry allowing for continuous refresh with the same start address The will us...

Page 72: ...When first visited the web page will show the first 20 entries from the beginning of the MVR SFM Information table Clicking the Refresh button will update the displayed table starting from that or th...

Page 73: ...is function is performed in the Scheduler block on the egress side The egress scheduler supports both Strict Priority scheduling and Weighted Fair Queuing WFQ Each egress port has 8 queues Classificat...

Page 74: ...me is classified to the default DPL The classified DPL can be overruled by a QCL entry PCP Controls the default PCP Priority Code Point All frames are classified to a PCP entry If the port is VLAN awa...

Page 75: ...ingress queue Web GUI Configuration QoS Port Policing Figure 4 48 QoS Ingress Port Policers Table 4 45 QoS Ingress Port Policers Parameters Port The port number for which the configuration below appli...

Page 76: ...ess Queue Policers Config parameters Port The port number for which the configuration below applies Enable Enable or disable the queue policer for this switch port Rate Controls the rate for the queue...

Page 77: ...Port Schedulers Parameters Port The logical port for the settings contained in the same row Click on the port number to configure the schedulers Mode Shows the scheduling mode for this port Qn Shows...

Page 78: ...for the queue shaper The default value is 500 This value is restricted to 100 1000000 when the Unit is kbps and it is restricted to 1 3300 when the Unit is Mbps Queue Shaper Unit Controls the unit of...

Page 79: ...ontrols the unit of measure for the port shaper rate as kbps or Mbps The default value is kbps Port Shaper Rate type The rate type of the port shaper The allowed values are Line Specify that this shap...

Page 80: ...per is enabled for this queue on this switch port Queue Shaper Rate Controls the rate for the queue shaper The default value is 500 This value is restricted to 100 1000000 when the Unit is kbps and it...

Page 81: ...stricted to 100 1000000 when the Unit is kbps and it is restricted to 1 3300 when the Unit is Mbps Port Shaper Unit Controls the unit of measure for the port shaper rate as kbps or Mbps The default va...

Page 82: ...for this port Classified Use classified PCP DEI values Default Use default PCP DEI values Mapped Use mapped versions of QoS class and DP level Qos Port DSCP Configuration This section allows you to c...

Page 83: ...slate To Enable the Ingress Translation click the checkbox Classify Classification for a port has 4 different values Disable No Ingress DSCP Classification DSCP 0 Classify if incoming or translated if...

Page 84: ...sed QoS Ingress Classification This section allows you to configure the basic QoS DSCP based QoS Ingress Classification settings for all switches Web GUI Configuration QoS DSCP Based QoS Figure 4 57 D...

Page 85: ...untrusted DSCP values are treated as a non IP frame QoS Class QoS class value can be any of 0 7 DPL Drop Precedence Level 0 1 Every incoming frame is classified to a Drop Precedence Level DP level wh...

Page 86: ...Falcon R Class User Guide 86 Web GUI Configuration QoS DSCP Translation Figure 4 58 DSCP Translation...

Page 87: ...SCP values 2 Classify Click to enable Classification at Ingress side Egress There are the following configurable Parameters for Egress side Remap Select the DSCP value from select menu to which you wa...

Page 88: ...ged frames The default value is Any VID Indicates VLAN ID either a specific VID or range of VIDs VID can be in the range 1 4095 or Any PCP Priority Code Point Valid value PCP are specific 0 1 2 3 4 5...

Page 89: ...Web GUI Configuration QoS DSCP Translation Figure 4 60 QCE Parameters displays Table 4 56 QCE Configuration Parameters Port Members Check the checkbox button to include the port in the QCL entry By de...

Page 90: ...types are explained below 1 Any Allow all types of frames 2 Ether Type Ether Type Valid Ethernet type can have a value within 0x600 0xFFFF or Any but excluding 0x800 IPv4 and 0x86DD IPv6 3 LLC SSAP A...

Page 91: ...rop Precedence Level 0 1 or Default DSCP DSCP 0 63 BE CS1 CS7 EF or AF11 AF43 or Default PCP PCP 0 7 or Default Note PCP and DEI cannot be set individually DEI DEI 0 1 or Default Policy ACL Policy num...

Page 92: ...he rate in bits per second which the Policer is allowing to pass through when only excess resources are available EBS Excess Burst Size the burst size in bytes allowed for the excess bucket Figure 4 6...

Page 93: ...e or disable the global storm policer for the given frame type Rate Controls the rate for the global storm policer This value is restricted to 10 13128147 when Unit is fps or kbps and 1 13128 when Uni...

Page 94: ...switch port Rate Controls the rate for the port storm policer This value is restricted to 10 13128147 when Unit is fps or kbps and 1 13128 when Unit is kfps or Mbps The rate is internally rounded up...

Page 95: ...tion Table 4 59 User Configuration Parameters Username The name identifying the user Privilege level The privilege level of the user The allowed range is 0 to 15 If the privilege level value is 15 it...

Page 96: ...aracters including Space is accepted Privilege level The privilege level of the user The allowed range is 0 to 15 If the privilege level value is 15 it can access all groups i e that is granted the fu...

Page 97: ...f the privilege levels Web GUI Configuration Security Switch Privelege Levels Figure 4 65 Privilege Level Configuration Table 4 61 Privilege Configuration Level Parameters Group Name The name identify...

Page 98: ...to 15 where 0 is lowest level and 15 is highest level Every group has an authorization Privilege level for the following sub groups configuration read only configuration execute read write status stat...

Page 99: ...LI commands available to a user Client The management client for which the configuration below applies Method Method can be set to one of the following values no Command authorization is disabled User...

Page 100: ...ons Web servers and browsers should take in response to various commands For example when you enter a URL in your browser this sends an HTTP command to the Web server directing to fetch and transmit t...

Page 101: ...he current certificate Upload Upload a certificate PEM file Possible methods are Web Browser or URL Generate Generate a new self signed RSA certificate Certificate Pass Phrase Enter the pass phrase in...

Page 102: ...ess Management Figure 4 69 Access Management Configuration display Table 4 65 Access Management Configuration parameters Mode Indicates the access management mode operation Possible modes are Enabled...

Page 103: ...etwork Security includes the following subjects MAC Limit Port Security switch and Port Security port status Network Access Server NAS Access Control List ACL IP Source Guard ARP Inspection 4 8 2 1 MA...

Page 104: ...Configuration Parameters Global Configuration Mode Indicates if Limit Control is globally enabled or disabled on the switch If globally disabled other modules may still use the underlying functionalit...

Page 105: ...esources are freed on the switch Hold Time The hold time measured in seconds is used to determine how long a MAC address is held in the MAC table if it has been found to violate the limit Valid range...

Page 106: ...ct Sticky Enables sticky learning of MAC addresses on this port When the port is in sticky mode all MAC addresses that would otherwise have been learned as dynamic are learned as sticky Sticky MAC add...

Page 107: ...comes indirectly from other modules the user modules When a user module has enabled port security on a port the port is set up for software based learning In this mode frames from unknown MAC addresse...

Page 108: ...ull name of a module that may request Port Security services Abbr A one letter abbreviation of the user module This is used in the Users column in the port status table see below Port Status The table...

Page 109: ...and that module has indicated that the limit is exceeded No MAC addresses can be learned on the port until it is administratively re openedon the Limit Control configuration Webpage Mac Count Current...

Page 110: ...would otherwise have been learned as dynamic are learned as sticky Sticky entries are part of the running config and can therefore be saved to startup config An important aspect of sticky MAC address...

Page 111: ...oes not require the user to have special 802 1X supplicant software installed on his system The switch uses the user s MAC address to authenticate against the backend server Intruders can create count...

Page 112: ...s parameter controls exactly this period and can be set to a number between 10 and 1000000 seconds If reauthentication is enabled and the port is in an 802 1X based mode this is not so critical since...

Page 113: ...RADIUS assigned VLAN is enabled on that port When unchecked RADIUS server assigned VLAN is disabled on all ports Guest VLAN Enabled A Guest VLAN is a special VLAN typically with limited network acces...

Page 114: ...ill be allowed network access without authentication Force Unauthorized In this mode the switch will send one EAPOL Failure frame when the port link comes up and any client on the port will be disallo...

Page 115: ...has not yet failed because the X seconds have not expired the same server will be contacted upon the next backend authentication server request from the switch This scenario will loop forever Therefor...

Page 116: ...icant on behalf of clients The initial frame any kind of frame sent by a client is snooped by the switch which in turn uses the client s MAC address as both username and password in the subsequent EAP...

Page 117: ...be considered and to be valid it must follow this rule All 8 octets in the attribute s value must be identical and consist of ASCII characters in the range 0 7 which translates into the desired QoS Cl...

Page 118: ...ubleshooting VLAN assignments use the VLANs VLAN Membership Status and VLAN Port Status pages These pages show which modules have temporarily overridden the current Port VLAN configuration Guest VLAN...

Page 119: ...Unauth The port is in a multi supplicant mode Currently X clients are authorized and Y are unauthorized Restart Two buttons are available for each row The buttons are only enabled when authentication...

Page 120: ...ied in the most recently received Response Identity EAPOL frame for EAPOL based authentication and the source MAC address from the most recently received frame from a new client for MAC based authenti...

Page 121: ...f the VLAN ID is assigned by the RADIUS server RADIUS assigned is appended to the VLAN ID Read more about RADIUS assigned VLANs at previous section System Configuration If the port is moved to the Gue...

Page 122: ...nvalid Tx Total dot1xAuthEapolFramesTx The number of EAPOL frames of any type that have been transmitted by the switch Tx Request ID dot1xAuthEapolReqIdFra mesTx The number of EAPOL Request Identity f...

Page 123: ...er of times that the switch receives a failure message This indicates that the supplicant client has not authenticated to the backend server Tx Responses dot1xAuthBackend Responses 802 1X based Counts...

Page 124: ...above Port Counters table and will be empty if no MAC address is currently selected To populate the table select one of the attached MAC Addresses from the table below Attached MAC Addresses Identity...

Page 125: ...nsuccessful Buttons The port select box determines which port is affected when clicking the buttons Clear This button is available in the following modes Force Authorized Force Unauthorized Port based...

Page 126: ...are Disabled or the values 1 through 16 The default value is Disabled Port Redirect Select which port frames are redirected on The allowed values are Disabled or a specific port number The default val...

Page 127: ...by changing the volatile port configuration of the ACL user module Disabled To close ports by changing the volatile port configuration of the ACL user module The default value is Enabled Counter Count...

Page 128: ...ll match a specific ingress port Policy Bitmask Indicates the policy number and bitmask of the ACE Frame Type Indicates the frame type of the ACE Possible values are Any The ACE will match any frame t...

Page 129: ...y a frame Modification Button The lowest plus sign adds a new entry at the bottom of the ACE listings By checking this box you access additional displays ACE configuration VLAN Parameters Note Refer t...

Page 130: ...policy with this ACE choose this value Two field for entering a policy value and bitmask appears Frame Type Select the frame type for this ACE These frames are mutually exclusive Any Any frame can mat...

Page 131: ...mirror port The allowed values are Enabled Frames received on the port are mirrored Disabled Frames received on the port are not mirrored The default value is Disabled Logging Specify the logging ope...

Page 132: ...ID number appears Tag Priority Specify the tag priority for this ACE A frame that hits this ACE matches this tag priority The allowed number range is 0 to 7 or range 0 1 2 3 4 5 6 7 0 3 and 4 7 The v...

Page 133: ...e ACE may be forwarded and learned Deny Frames matching the ACE are dropped Filter Frames matching the ACE are filtered Rate Limiter Indicates the rate limiter number of the ACE The allowed range is 1...

Page 134: ...on provides the related IP Source Guard configurations Web GUI Configuration Security Network IP Source Guard Configuration Figure 4 82 IP Source Guard Configuration Table 4 78 IP Source Guard Configu...

Page 135: ...ss Buttons Add New Entry Click to add a new entry to the Static IP Source Guard table 4 8 2 14 Dynamic IP Source Guard Table Entries in the Dynamic IP Source Guard Table are shown on this page The Dyn...

Page 136: ...on Protocol ARP is an acronym for Address Resolution Protocol It is a protocol that used to convert an IP address into a physical address such as an Ethernet address ARP allows a host to communicate w...

Page 137: ...tion Configuration Mode of ARP Inspection Configuration Enable the Global ARP Inspection or disable the Global ARP Inspection Port Mode Configuration Port Mode Configuration Specify ARP Inspection is...

Page 138: ...setting of Check VLAN are Enabled Enable check VLAN operation Disabled Disable check VLAN operation Only if the Global Mode and Port Mode on a given port are enabled and the setting of Check VLAN is...

Page 139: ...ited the web page will show the first 20 entries from the beginning of the VLAN Table The first displayed will be the one with the lowest VLAN ID found in the VLAN Table The VLAN input fields allow th...

Page 140: ...ARP Inspection Table Web GUI Monitor Security Network ARP Inspection Dynamic Table Entries in the Dynamic ARP Inspection Table are shown on this page The Dynamic ARP Inspection Table contains up to 2...

Page 141: ...the Dynamic ARP Inspection Table Clicking the Refresh button will update the displayed table starting from that or the closest next Dynamic ARP Inspection Table match In addition the two input fields...

Page 142: ...s field is left blank the IP address of the outgoing interface is used NAS IPv6 Address Attribute 95 The IPv6 address to be used as attribute 95 in RADIUS Access Request packets If this field is left...

Page 143: ...f the server Authentication Port UDP port number for authentication Authentication Status The current status of the server This field takes one of the following values Disabled The server is disabled...

Page 144: ...a networking protocol which provides access control for routers network access servers and other networked computing devices via one or more centralized servers TACACS provides separate authentication...

Page 145: ...global timeout value Leaving it blank will use the global timeout value Change Secret Key Specify to change the secret key or not When the checkbox is checked you can change the setting overrides the...

Page 146: ...epts radiusAuthClientExtAccessA ccepts The number of RADIUS Access Accept packets valid or invalid received from the server Rx Access Rejects radiusAuthClientExtAccessR ejects The number of RADIUS Acc...

Page 147: ...sts The number of RADIUS Access Request packets destined for the server that have not yet timed out or received a response This variable is incremented when an Access Request is sent and decremented d...

Page 148: ...es radiusAccClientExtResp onses The number of RADIUS packets valid or invalid received from the server Rx Malformed Responses radiusAccClientExtMalf ormedResponses The number of malformed RADIUS packe...

Page 149: ...ues Disabled The selected server is disabled Not Ready The server is enabled but IP communication is not yet up and running Ready The server is enabled IP communication is up and running and the RADIU...

Page 150: ...the Hybrid mode allows each domain to operate independently of the others e g as a BC with both PTP and SyncE Mode Configuration This section enables the configuration of the device s clocking system...

Page 151: ...stance number etc State The status of the sync source This indicator displays the following states Green The source provides a valid reference clock Red indicates failure of the source Orange Source q...

Page 152: ...system is in Holdover state Yellow indicates Free running internal clock state Green Yellow blinking Lock Acquisition Blue Green blinking Holdover Recovery Output arrows Visualization of outputs dist...

Page 153: ...source is automatically selected based on priority and state When higher priority source that previously failed is valid again no switchover will take place Forced HoldOver the system will be synchro...

Page 154: ...n Figure 4 99 Time Attributes Configuration Table 4 94 Time Attributes Configuration parameters Holdover Configuration UTC to TAI Value in seconds of difference between UTC and TAI Mode Options suppor...

Page 155: ...s the sync source type and port instance the system is currently locked to e g PTP GPS etc Offset from GNSS nSec N A Time in State The time that has passed since the last system sync state change Time...

Page 156: ...UI Monitor Timing SyncCenter Status Figure 4 102 Monitoring SyncCenter Status displays The following displays allow us to monitor the SyncCenter status and activity Sync Sources and Visual Indicators...

Page 157: ...r is not running i e system stable Amber means timer is currently running and Grey indicates WTR is disabled WTR Time Indicates the time left before the WTR timer expires when running Clear button All...

Page 158: ...GNSS antenna When Manual is selected it is possible to directly configure the cable delay Velocity Factor Set the Velocity Factor VF of the antenna cable Length Set the length of the antenna cable in...

Page 159: ...eived by the GNSS in degrees Altitude Indicates the current altitude as received by the GNSS in meters Offsets 1PPS Indicates the current estimated 1PPS time error the GNSS is generating in nsec Offse...

Page 160: ...Gen When it lights red the GNSS cannot generate 1PPS signal Satellite Status Figure 4 107 Satellite Status Table 4 102 Satellite Status parameters Satellite PNR The PRN satellite number of the tracke...

Page 161: ...Common Buttons GNSS Config Sky View Sat Counts are direct links to the respective pages Figure 4 109 Common buttons of GNSS webpages GNSS Receiver Info Figure 4 110 GNSS Antenna Cable Status Table 4 1...

Page 162: ...which the satellite is displayed The elevation angle is represented by the distance from the center 90 degrees to the edge of the sky map circle 0 degrees Each satellite icon is positioned according t...

Page 163: ...w Time axis duration can be 15 minutes 1 minute resolution or 24 hours 15 minutes resolution Show only good above threshold satellites or all visible tracked ones Common Buttons Send Report send repor...

Page 164: ...establishes the clock sources The device internal state logic clock selector monitors all reference clocks and automatically selects the best available reference clock based on configured priority an...

Page 165: ...and frame pulses with a frequency accuracy equal to the frequency accuracy of the input reference clock The generated clock and frames pulse outputs comply with specifications as described in Telcord...

Page 166: ...or slave clock The OC sends and receive PTP messages It supports the synchronization mechanism Boundary clock has multiple physical ports to the network and can be used as an intermediate stage device...

Page 167: ...p Transp clock s Device Type is Peer to Peer Transparent Clock 3 E2e Transp clock s Device Type is End to End Transparent Clock 4 Master Only clock s Device Type is Master Only 5 Slave Only clock s De...

Page 168: ...2 5 Clock Parent Data Set The clock parent data set is defined in the IEEE 1588 standard The parent data set is dynamic Figure 4 118 Clock Type and Profile Table 4 112 Clock Type and Profile Parent Po...

Page 169: ...g True if two step Sync events and Pdelay_Resp events are used Ports The total number of physical ports in the node Clock Identity It shows unique clock identifier Dom Clock domain 0 127 Clock Quality...

Page 170: ...r Enable on State Table 4 114 Master Enable on State Free Run In Free Run state PTP can be set to Disable Enable Rule 0 Lock Acquisition In Lock Acquisition state PTP can be set to Disable Enable Rule...

Page 171: ...represented as 0 Leap Type The type of leap event i e leap59 or leap61 Buttons Apply Hit to apply the clock instance settings to the running config Reset Hit to reset the new clock instance parameter...

Page 172: ...icates the Instance of a particular Clock Instance 0 3 ClkDom HW Domain Refers to Clock HW Domain Device Type Indicates the Type of the Clock Instance There are five Clock Types Boundary clock s Type...

Page 173: ...t PTP over Ethernet multicast ip4multi PTP over IPv4 multicast ip4uni PTP over IPv4 unicast VID VLAN Identifier used for tagging the PTP frames Note Packets are tagged if the port is configured for vl...

Page 174: ...Indicates Master is NOT enabled for PTP transmission UtcOffset In systems whose epoch is UTC it is the offset between TAI and UTC Valid When true the value of currentUtcOffset is valid leap59 When tru...

Page 175: ...instance IP Address The slave s IP address Port The master s port number MAC Address The MAC address of the slave or the gateway s Status Sync Indicates Sync messages are transmitted to the slave Ann...

Page 176: ...tandard which specifies SyncE slave clocks ITU T G8264 standard that describes the specifications of Ethernet Synchronization Messaging Channel ESMC In Synchronous mode of operation the Synchronous Et...

Page 177: ...yncE enables the transport of slave synchronization signals within the entire network The EEC devices are defined as Ethernet Equipment Slave clocks Ethernet interfaces are also able to generate their...

Page 178: ...ut quality level in Holdover state PRC SSUB SSUA EEC1 DNU Figure 4 128 SyncE Port Configuration Table 4 121 SyncE Port Configuration Parameters SyncE Ports Port The port number to configure SSM Enable...

Page 179: ...of the SyncE configuration of the applicable Ethernet ports Web GUI Monitor Timing SyncE Figure 4 129 SyncE Status Table 4 122 SyncE Status Parameters SyncE Status SSM Option Select Display the syste...

Page 180: ...SSM Event Counter displaying the number of transmitted SSM Event messages Rx SSM Status Enable and disable of SSM functionality on this port Rx SSM Quality Level Monitoring of the received SSM QL on...

Page 181: ...input or output Output Type Set the port s output type and frequency Applicable when the port is set to Output Input Type Set the port s input type and frequency Applicable when the port is set to Inp...

Page 182: ...Direction Indicates whether the Sync port s direction is Input or Output Output Type Indicates the Sync port s Output type Input Indicates the Sync port s Input type Quality Option Indicates the Sync...

Page 183: ...mprovements in topology change detection notification and flushing of the learn tables 802 1s Multiple Instance Spanning Tree A newer version supporting more than a single topology each instance group...

Page 184: ...en any two nodes in a spanning tree instance An instance includes a unique set of VLANs belongs to a specific spanning tree region and creates a separate per instance forwarding topology A region may...

Page 185: ...on Assume we have tree switches in a region configured with VLANs grouped in two instances as follows VLAN1 10 20 30 mapped to Instance 1 VLAN2 11 21 31 mapped to Instance 2 The logical topologies sho...

Page 186: ...nt R Class series devices allows STP RSTP MSTP system settings configuration as detailed below Web GUI Configuration Spanning Tree Bridge Settings Figure 4 132 STP Bridge Configuration Table 4 126 STP...

Page 187: ...how many bridges a root bridge can distribute its BPDU information to Valid values are in the range 6 to 40 hops Transmit Hold Count The number of BPDU s a bridge port can send per second When exceed...

Page 188: ...me is at most 32 characters Configuration Revision The revision of the MSTI configuration named above This must be an integer between 0 and 65535 MSTI Mapping MSTI The bridge instance The CIST is not...

Page 189: ...of VLANs The CIST is the default instance which is always active Priority Controls the bridge priority Lower numeric values have better priority The bridge priority plus the MSTI instance number conca...

Page 190: ...d start as being set or cleared The initial operEdge state when a port is initialized AutoEdge Controls whether the bridge should enable automatic edge detection on the bridge port This allows operEdg...

Page 191: ...d or forced either true or false Transition to the forwarding state is faster for point to point LANs than for shared media MSTI Port Configuration This section allows the user to inspect the current...

Page 192: ...overview of all STP bridge instances Web GUI Monitor Spanning Tree Bridge Status Figure 4 137 STP Bridges Table 4 131 STP Bridges Parameters MSTI The Bridge Instance CIST also a link to the STP Detail...

Page 193: ...l root bridge inside the MSTP region of this bridge For the CIST instance only Internal Root Cost The Regional Root Path Cost For the Regional Root Bridge this is zero For all other CIST instances in...

Page 194: ...o Bridges are attached The flag may be automatically computed or explicitly configured Each Edge Port transits directly to the Forwarding Port State since there is no possibility of it participating i...

Page 195: ...the STP port statistics counters of bridge ports in the switch Web GUI Monitor Spanning Tree Port Statistics Figure 4 140 STP Statistics Table 4 134 STP Statistics Parameters Port The switch port numb...

Page 196: ...icast list for that group When the R Class series snoops an IGMP Leave it removes the host s port from the table entry The following sections explain and demonstrate in detail IGMP snooping support us...

Page 197: ...Falcon R Class User Guide 197 Web GUI Configuration IPMC IGMP Snooping Basic Configuration Figure 4 141 IGMP Snooping Configurations...

Page 198: ...outer port the whole aggregation will act as a router port Fast Leave Enables the fast leave on the port Multicast snooping Fast Leave processing allows the switch to remove an interface from the forw...

Page 199: ...pre defined value By default this value will be 192 0 2 1 Compatibility Compatibility is maintained by hosts and routers taking appropriate actions depending on the versions of IGMP operating on hosts...

Page 200: ...ions of a host s initial report of membership in a group The allowed range is 0 to 31744 seconds default unsolicited report interval is 1 second Buttons Add New IGMP VLAN Click to add new IGMP VLAN Sp...

Page 201: ...multicast streams Profile Management Button You can inspect the rules of the designated profile by using the following button List the rules associated with the designated profile IGMP Snooping Statu...

Page 202: ...e are shown on this section The IGMP Group Table is sorted first by VLAN ID and then by group Navigating the IGMP Group Table Each page shows up to 99 entries from the IGMP Group table default being 2...

Page 203: ...able Clicking Refresh the button will update the displayed table starting from that or the closest next IGMP SFM Information Table match In addition the two input fields will upon a button click assum...

Page 204: ...s an acronym for Multicast Listener Discovery for Ipv6 MLD is used by Ipv6 routers to discover multicast listeners on a directly attached link much as IGMP is used in Ipv4 The protocol is embedded in...

Page 205: ...ct as a router port Fast Leave Enable the fast leave on the port System will remove group record and stop forwarding data upon receiving the MLDv1 leave message without sending last member query messa...

Page 206: ...is 1 to 255 default robustness variable value is 2 QI Query Interval The Query Interval is the interval between General Queries sent by the Querier The allowed range is 1 to 31744 seconds default que...

Page 207: ...Snooping Port Group Filtering Configuration Parameters Port The logical port for the settings Filtering Profile Select the IPMC Profile as the filtering condition for the specific port Summary about t...

Page 208: ...Transmitted The number of Transmitted Queries Querier Received The number of Received Queries V1 Reports Received The number of Received V1 Reports V2 Reports Received The number of Received V2 Report...

Page 209: ...he currently displayed table as a basis for the next lookup When the end is reached the text No more entries is shown in the displayed table Use the button to start over Web GUI Configuration IPMC MLD...

Page 210: ...e Source Address IP Address of the source Currently system limits the total number of IPv6 source addresses for filtering per group is 8 Type Indicates the Type It can be either Allow or Deny Hardware...

Page 211: ...e two devices to detect multiple links between themselves and the combine them into a single logical link Common Aggregation Configuration The aggregation hash code contributor settings are global has...

Page 212: ...settings contained in the same row Group ID Normal indicates there is no aggregation Only one group ID is valid per port Port Members Each switch port is listed for each group ID Select a radio button...

Page 213: ...CP Figure 4 155 LACP Configuration Table 4 148 LACP Port Parameters Port The switch port number LACP Show whether LACP is currently enabled on this switch port Timeout The Timeout controls the period...

Page 214: ...e of the Aggregation group Static or LACP Speed Speed of the Aggregation group Configured ports Configured member ports of the Aggregation group Aggregated ports Aggregated member ports of the Aggrega...

Page 215: ...nternal Status Figure 4 158 LACP Internal Status Table 4 152 LACP Internal Status Parameters Internal Status This page provides a status overview for the LACP internal i e local system status for all...

Page 216: ...LACP Neighbor Status Table 4 153 LACP Neighbor Status Parameters Neighbor Status This page provides a status overview for the LACP neighbor status for all ports Only ports that are part of an LACP gro...

Page 217: ...faulted Show if the Actor s Receive machine is using Defaulted operational Partner information Expired Show if that the Actor s Receive machine is in the EXPIRED state 4 17 5 4 Port Statistics Web GUI...

Page 218: ...ct new link connectivity associations and correlate link endpoint attributes between these network elements Once successful link correlations have been determined autonomous notifications of these cor...

Page 219: ...the shutdown frame and a new LLDP initialization Valid values are restricted to 1 10 seconds LLDP Interface Configuration Interface The switch interface name of the logical LLDP interface Mode Select...

Page 220: ...hold time is exceeded CDP is an acronym for Cisco Discovery Protocol Optional TLVs TLV is an acronym for Type Length Value A LLDP frame can contain multiple pieces of information Each of these pieces...

Page 221: ...Falcon R Class User Guide 221 Web GUI Configuration LLDP LLDP MED Figure 4 162 LLDP MED Configuration displays...

Page 222: ...ormation as fast as possible to new neighbors Because there is a risk of an LLDP frame being lost during transmission between neighbors it is recommended to repeat the fast start transmission multiple...

Page 223: ...etwork Connectivity Device it is possible to configure it to act as an Endpoint Device and thereby start the LLDP MED information exchange In the case where two Network Connectivity Devices are connec...

Page 224: ...n of 250 characters 1 A non empty civic address location will use 2 extra characters in addition to the civic address location text 2 The 2 letter country code is not part of the 250 characters limita...

Page 225: ...t issue in VoIP environments that frequently result in voice quality degradation or loss of service Policies are only intended for use with applications that have specific real time network policy req...

Page 226: ...lication type should not be advertised if all the same network policies apply as those advertised in the Guest Voice application policy 5 Softphone Voice for use by softphone applications on typical d...

Page 227: ...DSCP value as defined in RFC 2475 Adding a new policy Click to Add New Policy to add a new policy Specify the Application type Tag VLAN ID L2 Priority and DSCP for the new policy Click Save The numbe...

Page 228: ...The possible capabilities are Other Repeater Bridge WLAN Access Point Router Telephone DOCSIS cable device Station only Reserved When a capability is Enabled the capability is followed by When a capab...

Page 229: ...fined for the previous Endpoint Device Class For example will any LLDP MED Endpoint Device claiming compliance as a Media Endpoint Class II also support all aspects of TIA 1057 applicable to Generic E...

Page 230: ...ion Extended Power via MDI PSE Extended Power via MDI PD Inventory Reserved Application Type Application Type indicating the primary function of the application s defined for this network policy adver...

Page 231: ...VID of the ingress port is used instead Priority Priority is the Layer 2 priority to be used for the specified application type One of the eight priority levels 0 through 7 DSCP DSCP is the DSCP value...

Page 232: ...e for a more efficient allocation Systems that do not implement this option default the value to be the same as that of the Receive Tw_sys_tx Echo Tx Tw The link partner s fallback receives Tw The res...

Page 233: ...160 Port Statistic Parameters Global Counters Clear Global counters If checked the global counters are cleared when Clear is pressed Neighbor entries were last changed Shows the time for the last entr...

Page 234: ...n type of value Org Discarded If LLDP frame is received with an organizationally TLV but the TLV is not supported the TLV is discarded and counted Age Outs Each LLDP frame contains information about h...

Page 235: ...rent link faults Event notification is delivered to the link partner when one of these events is detected on the link Frame Error events Frame Period Error events Symbol Period Error events Event Seco...

Page 236: ...nce the Discovery process completes Active DTE s are permitted to send any OAMPDU while connected to a remote OAM peer entity in Active mode Active DTE s operates in a limited respect if the remote OA...

Page 237: ...ent Configuration for selected port Parameters Port The switch port number Event Name Name of the Link Event which is being configured Error Window Represents the window period in the order of 1 sec f...

Page 238: ...total number of OAM frames received and transmitted for the selected port Discontinuities of these counters can occur at re initialization of the management system Web GUI Configuration Link OAM Even...

Page 239: ...ace Rx and Tx Variable Response A count of the number of Variable Response OAMPDUs received and transmitted on this interface Rx and Tx Org Specific PDU s A count of the number of Organization Specifi...

Page 240: ...vice is forwarding non OAMPDUs to higher sublayer When in loopback Device is looping back non OAMPDUs to the lower sublayer When in discarding state Device is discarding non OAMPDUs Organizational Uni...

Page 241: ...t field indicates the duration of the period in terms of 100 ms intervals 1 The default value is one second 2 The lower bound is one second 3 The upper bound is one minute Frame error event threshold...

Page 242: ...w This eight octet field indicates the number of symbols in the period Symbol Period Error Event Threshold This eight octet field indicates the number of errored symbols in the period is required to b...

Page 243: ...sum of errored frame seconds that have been detected since the OAM sublayer was reset Total Error Frame Seconds Summary Events This four octet field indicates the number of Errored Frame Seconds Summa...

Page 244: ...RMON History Configuration Configure RMON History table on this section The entry index key is ID Web GUI Configuration RMON History Figure 4 175 RMON History Configuration Table 4 167 RMON History Co...

Page 245: ...kets delivered to a higher layer protocol InDiscards The number of inbound packets that are discarded even the packets are normal InErrors The number of inbound packets that contained errors preventin...

Page 246: ...83647 Falling Index Falling event index 1 65535 RMON Event Configuration Configure RMON Event table on this section The entry index key is ID Web GUI Configuration RMON Event Figure 4 177 RMON Event C...

Page 247: ...otection configurations and possibly change them as well Web GUI Configuration Loop Protection Figure 4 178 Loop Protection Configuration Table 4 170 Loop Protection Configuration Parameters General S...

Page 248: ...conds Port Configuration Port The switch port number of the port Enable Controls whether Loop Protection is enabled on this switch port Action Configures the action performed when a loop is detected o...

Page 249: ...tly configured port action Transmit The currently configured port transmit mode Loops The number of loops detected on this port Status The current Loop Protection status of the port Loop Whether a loo...

Page 250: ...VRP Global config Figure 4 180 GVRP Configuration display Table 4 172 GVRP Configuration parameters GVRP Configuration Enable GVRP globally The GVRP feature is globally enabled by setting the check ma...

Page 251: ...ams to a central network traffic monitoring server This central server is called an sFlow receiver or sFlow collector Additional information can be found at http sflow org sFlow Configuration displays...

Page 252: ...gement If sFlow is currently configured through SNMP Owner contains a string identifying the sFlow receiver If sFlow is configured through SNMP all controls except for the Release button are disabled...

Page 253: ...Flow Sampler Max Header The maximum number of bytes that should be copied from a sampled packet to the sFlow datagram Valid range is 14 to 200 bytes with default being 128 bytes To have room for any f...

Page 254: ...current sFlow owner is released Tx Successes The number of UDP datagrams successfully sent to the sFlow receiver Tx Errors The number of UDP datagrams that has failed transmission The most common sour...

Page 255: ...of unidirectional links Its functionality is to provide mechanisms useful for detecting one way connections before they create a loop or other protocol malfunction RFC 5171 specifies a way at data lin...

Page 256: ...n the advertisement phase and are determined to be bidirectional The range is from 7 to 90 seconds Default value is 7 seconds Currently default time interval is supported due to lack of detailed infor...

Page 257: ...mation Figure 5 1 System Information Table 5 1 System Information Parameters Contact The system contact configured in Configuration System Information System Contact Name The system name configured in...

Page 258: ...Status Figure 5 2 System Status Table 5 2 System Status Parameters System Status Time The current GMT system time and date The system time is obtained through the Timing server running on the switch...

Page 259: ...conds intervals The last 120 samples are graphed and the last numbers are displayed as text as well To display the SVG graph your browser must support the SVG format Consult the SVG Wiki for more info...

Page 260: ...dress type of the entry This may be LINK IPv4 or IPv6 Address The current address of the interface of the given type Status The status flags of the interface and or address IP Routes Network The desti...

Page 261: ...entification of the system log entry Level The level of the system log entry Info The system log entry is belonged information level Warning The system log entry is belonged warning level Error The sy...

Page 262: ...g from that or the closest next entry match In addition these input fields will upon a Refresh button click assume the value of the first displayed entry allowing for continuous refresh with the same...

Page 263: ...ss pool management is done by the server and not by a human network administrator Dynamic addressing simplifies network administration because the software keeps track of IP addresses rather than requ...

Page 264: ...irst and second VLAN ID or both On the other hand if you want to disable existed VLAN range then you can follow the steps 1 Press Add VLAN Range to add a new VLAN range 2 Input the VLAN range that you...

Page 265: ...r Pool Figure 5 10 DHCP Server Pool Configuration Table 5 9 DHCP Server Pool Configuration Parameters Pool Setting Add or delete pools Adding a pool and giving a name is to create a new pool with defa...

Page 266: ...not defined Reserved Only If on Ip addresses obtainable from the pool are limited to those entered into the reserved entries table Lease Time Display lease time of the pool DHCP Snooping Configuration...

Page 267: ...server will be listed in this table except for local VLAN interface IP addresses Entries in the Dynamic DHCP snooping Table are shown on this section Web GUI Monitor DHCP Snooping Table Figure 5 12 D...

Page 268: ...rface IP address and PVID Port VLAN ID correctly Web GUI Configuration DHCP Relay Figure 5 13 DHCP Relay Configuration Table 5 12 DHCP Relay Configuration Parameters Relay Mode Indicates the DHCP rela...

Page 269: ...received Keep Keep the original relay information when a DHCP message that already contains it is received Drop Drop the package when a DHCP message that already contains relay information is received...

Page 270: ...nsmit Error The number of packets that resulted in error while being sent to servers Receive from Client The number of received packets from server Receive Agent Option The number of received packets...

Page 271: ...t type Expired Binding Number of bindings that their lease time expired or they are cleared from Automatic Manual type bindings DHCP Message Received Counters DISCOVER Number of DHCP DISCOVER messages...

Page 272: ...lick to clear all Automatic bindings and change them to Expired bindings Clear Manual Click to clear all Manual bindings and change them to Expired bindings Clear Expired Click to clear all Expired bi...

Page 273: ...K The number of ACK option 53 with value 5 packets received and transmitted Rx and Tx NAK The number of NAK option 53 with value 6 packets received and transmitted Rx and Tx Release The number of rele...

Page 274: ...ide 274 DHCP Detailed Statistics Port 1 Rx Discarded checksum error The number of discard packet that IP UDP checksum is error Rx Discarded from Untrusted The number of discarded packet that are comin...

Page 275: ...ation SNMPv3 Access Configuration SNMP System Configuration Web GUI Configuration SNMP System Figure 5 19 SNMP System Configuration display Table 5 18 SNMP System Configuration Parameters SNMP System...

Page 276: ...the allowed content is ASCII characters from 33 to 126 Mode Indicate the SNMP trap mode operation Possible modes are Enabled Enable SNMP trap mode operation Disabled Disable SNMP trap mode operation V...

Page 277: ...on Inform Timeout seconds Indicates the SNMP trap inform timeout The allowed range is 0 to 2147 Inform Retry Times Indicates the SNMP trap inform retry times The allowed range is 0 to 255 Security Eng...

Page 278: ...Name Indicates the name for the entry Type The filter type for the entry Possible types are Included An optional flag to indicate a trap is sent for the given trap source is matched Excluded An option...

Page 279: ...uration SNMP Users Figure 5 23 SNMPv3 User Configuration Table 5 22 SNMPv3 User Configuration Parameters SNMPv3 User Configuration Delete Check to delete the entry It will be deleted during the next s...

Page 280: ...odified if the entry already exists That means must first ensure that the value is set correctly Authentication Password A string identifying the authentication password phrase For MD5 authentication...

Page 281: ...g identifying the security name that this entry should belong to The allowed string length is 1 to 32 and the allowed content is the ASCII characters from 33 to 126 Group Name A string identifying the...

Page 282: ...ee to be added to the named view The allowed OID length is 1 to 128 The allowed string content is a digital number or an asterisk SNMPv3 Access Configuration Configure SNMPv3 accesses table The entry...

Page 283: ...and privacy Read View Name The name of the MIB view defining the MIB objects for which this request may request the current values The allowed string length is 1 to 32 and the allowed content is the A...

Page 284: ...riety of MIBs Future software versions will extend this list adding support for new features Note In order to retrieve the required MIB you must access Fibrolan Web site Support section To download th...

Page 285: ...X XX XX XX IP address of the R Class series The Telnet screen prompts for a username and password Username moose Password 1234 SSH Configuration Secure Shell or SSH is a network protocol that allows e...

Page 286: ...following severity types are supported Informational Information level of the system log Warning Warning level of the system log Notice Made to help the memory Enable Disable Enable Event Change will...

Page 287: ...Parameters Username The name identifying the user This is also a link to Add Edit User display Privilege level The privilege level of the user The allowed range is 1 to 15 If the privilege level value...

Page 288: ...s granted the fully control of the device But others value must refer to each group privilege level User s privilege should be same or greater than the group privilege level to have the access of that...

Page 289: ...guration To access the related setup go to Authentication Method Configuration Authentication Servers Configuration This section allows the user to configure the different RADIUS Authentication Server...

Page 290: ...nt table Clicking the Refresh button will update the displayed table starting from that or the next closest Event table match The will use the last entry of the currently displayed entry as a basis fo...

Page 291: ...127 octets in length 128 255 The total number of packets including bad packets received that were between 128 to 255 octets in length 256 511 The total number of packets including bad packets receive...

Page 292: ...s Multicast The total number of good packets received that were directed to a multicast address CECErrors The total number of packets received that had a length excluding framing bits but including FC...

Page 293: ...t may be sent when this entry is first set to valid Rising Threshold Rising threshold value Rising Index Rising event index Falling Threshold Falling threshold value Falling Index Falling event index...

Page 294: ...ows the user to select the starting point in the Event table Clicking the Refresh button will update the displayed table starting from that or the next closest Event table match The will use the last...

Page 295: ...pe ICMP ECHO_REPLY will always be 8 bytes more than the requested data space the ICMP header The page refreshes automatically until responses to all packets are received or until a timeout occurs PING...

Page 296: ...LAN interface as the source interface Leave this field empty for automatic selection based on routing configuration Note You may only specify either the VID or the IP Address for the source interface...

Page 297: ...4 ms 64 bytes from 172 16 1 1 seq 3 ttl 64 time 1 699 ms 64 bytes from 172 16 1 1 seq 4 ttl 64 time 1 916 ms 172 16 1 1 ping statistics 5 packets transmitted 5 packets received 0 packet loss round tri...

Page 298: ...nds Egress Interface Only for IPv6 The VLAN ID VID of the specific egress IPv6 interface which ICMP packet goes The given VID ranges from 1 to 4094 and will be effective only when the corresponding IP...

Page 299: ...ou can view the cable diagnostics results in the cable status table Note that VeriPHY is only accurate for cables of length 7 140 meters 10 and 100 Mbps ports will be linked down while running VeriPHY...

Page 300: ...oss pair coupling with pair A Cross B Abnormal cross pair coupling with pair B Cross C Abnormal cross pair coupling with pair C Cross D Abnormal cross pair coupling with pair D Length The length in me...

Page 301: ...eters Yes Click to restart device No Click to return to the Port State page without restarting 7 2 Factory Defaults You can reset the configuration of the switch Only the IP configuration is retained...

Page 302: ...file_name rbf All a combined file Select File Browse to the location of the image file and click Select Start Upgrade Click to start the upgrade After the image is uploaded a page announces that the...

Page 303: ...age The file name of the firmware image from when the image was last updated Version The version of the firmware image Date The date where the firmware was produced Buttons Activate Alternate Image Cl...

Page 304: ...when the system is restored to default settings Up to 31 other files typically used for configuration backups or alternative configurations Save startup configuration This copies running config to st...

Page 305: ...fig and 32 other files usually including startup config it is not possible to create new files Instead an existing file must be overwritten or another file must be deleted Activate It is possible to a...

Page 306: ...40 VAC 50 60 Hz There is no ON OFF switch on the device When the power is connected to the device the device is ON This will be indicated by the Power PWR LED lit green on the front panel The PS is ra...

Page 307: ...the front panel Note The earthen conductor of power cord must be grounded 20 to 60VDC Power Connection The rear panel is equipped with a suitable screw connection ST connector Figure 7 10 Falcon RX se...

Page 308: ...r eyes and must be handled with special care When not in use keep the fiber optic connector closed using its protective cover Never stare directly into the fiber optic connector of a powered device or...

Page 309: ...r this warranty only from the reseller from which you have purchased the device however you may refer directly to Fibrolan Ltd To claim the warranty you should provide a reasonable proof that the rese...

Page 310: ...tinuity Check Message CDP Cisco Discovery Protocol CE Customer Edge Equipment CFM Connectivity Fault Management IEEE 802 1ag CIR Committed Insured Rate CLI Command Line Interface CLNP Connectionless N...

Page 311: ...net Virtual Connection EVPL Ethernet Virtual Private Line FD Frame Delay FDV Frame delay variation FDX Full Duplex FEF Far End Fault FP Fault Propagation FTP File Transfer Protocol FTTB Broadband Acce...

Page 312: ...ETF Internet Engineering Task Force ITU T International Telecommunication Union Telecommunication IEEE 802 1X IEEE Standard for port based Network Access Control MLD Interior Gateway Media Protocol In...

Page 313: ...A Media Access Maintenance Association MAC Media Access Control MAC Address Media Access Control Address hardware address MAC layer address physical address MA Maintenance Association MA Micro Agent a...

Page 314: ...rface Card NMS Network Management System NTP Network Time Protocol NTU Network Termination Unit NU Node Unit OA Operation and Administration OAM Operation Administration Management ODI Open Data link...

Page 315: ...ocol RMON Remote Monitoring RSTP Rapid Spanning Tree Protocol IEEE 802 1w Rx Receive SFP Small Form factor Pluggable SLA Service Level Management SLE Subscriber Link Emulation SMAC Source MAC address...

Page 316: ...TLV ToS It is an acronym for Type of Service It is implemented as the IPv4 ToS priority control It is fully decoded to determine the priority from the 6 bit ToS field in the IP header TrTCM Two rate...

Page 317: ...gh there are more matching ACEs The first matching ACE will take action permit deny on that frame and a counter associated with that ACE is incremented An ACE can be associated with a Policy 1 ingress...

Page 318: ...with other hosts when only the Internet address of its neighbors is known Before using IP the host sends a broadcast ARP request containing the Internet address of the desired destination system ARP...

Page 319: ...ning it a unique IP address DHCP Relay DHCP Relay is used to forward and to transfer DHCP messages between the clients and the server when they are not on the same subnet domain The DHCP option 82 ena...

Page 320: ...t the device for providing congestion control guarantees to the frame according to what was configured for that specific DP level A DP level of 0 zero corresponds to Committed Green frames and a DP le...

Page 321: ...Layer It is used to indicate a secure HTTP connection HTTPS provide authentication and encrypted communication and is widely used on the World Wide Web for security sensitive communication such as pa...

Page 322: ...ng data across an internet network IP is a best effort system which means that no packet of information sent over is assured to reach its destination in the same condition it was sent Each device conn...

Page 323: ...recipients in a standard Management Information Base MIB making it possible for the information to be accessed by a Network Management System NMS using a management protocol such as the Simple Networ...

Page 324: ...are received on the MVR VLAN and forwarded to the VLANs where hosts have requested it them Wikipedia NAS NAS is an acronym for Network Access Server The NAS is meant to act as a gateway to guard acces...

Page 325: ...address which forms the first 24 bits of a MAC address PCP PCP is an acronym for Priority Code Point It is a 3 bit field storing the priority level for the 802 1Q frame It is also known as User Priori...

Page 326: ...e confused with the Simple Mail Transfer Protocol SMTP You send e mail with SMTP and a mail handler receives it on your recipient s behalf Then the mail is read using POP or IMAP IMAP4 and POP3 are th...

Page 327: ...nd business solution Therefore QoS is the set of techniques to manage network resources QoS class Every incoming frame is classified to a QoS class which is used throughout the device for providing qu...

Page 328: ...NSA and published by the NIST as a U S Federal Information Processing Standard Hash algorithms compute a fixed length digital representation known as a message digest of an input data sequence the mes...

Page 329: ...sed by SSH provides confidentiality and integrity of data over an insecure network The goal of SSH was to replace the earlier rlogin TELNET and rsh protocols which did not provide strong authenticatio...

Page 330: ...sage is divided into the packets that IP manages and for reassembling the packets back into the complete message at the other end Common network applications that use TCP include the World Wide Web WW...

Page 331: ...ided by the IP layer It provides port numbers to help distinguish different user requests and optionally a checksum capability to verify that the data arrived intact Common network applications that u...

Page 332: ...802 11b 802 11a dual band etc The term is promulgated by the Wi Fi Alliance WPA WPA is an acronym for Wi Fi Protected Access It was created in response to several serious weaknesses researchers had fo...

Page 333: ...ork The goal of the WPS protocol is to simplify the process of connecting any home device to the wireless network Wikipedia WRED WRED is an acronym for Weighted Random Early Detection It is an active...

Reviews:

No comments

Related manuals for Falcon-RX/812/G/A

Brand: Edge-Core Pages: 7

Brand: Digitus Pages: 8

Brand: WHOOP Pages: 26

Brand: ZALMAN Pages: 22

NVIP- NVRA0104/GO

Brand: Novus Pages: 44

Brand: IDT Pages: 93

Brand: Zonet Pages: 53

Brand: Xenya Pages: 189

Brand: B+B SmartWorx Pages: 52

ZyXEL ZyAIR B-120

Brand: ZyXEL Communications Pages: 20

Brand: Aaeon Pages: 72

Brand: ZALMAN Pages: 9

Brand: Vecow Pages: 61

Brand: Omron Pages: 29

Brand: IBM Pages: 130

Brand: Hamlet Pages: 11

Brand: Eagle Technology Pages: 39

Brand: Hologic Pages: 256

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands