manualshive.com logo in svg

GE MULTILINK ML2400, Instruction Manual

The GE MULTILINK ML2400 boasts a comprehensive Instruction Manual, readily available for download at manualshive.com. With our user-friendly manual, you can effortlessly familiarize yourself with the product's features and make the most of its functionality. Enjoy the convenience of accessing this manual for free, enhancing your experience with the ML2400.

Share
Download
background image

6–8

MULTILINK ML2400 ETHERNET COMMUNICATIONS SWITCH – INSTRUCTION MANUAL

ACCESS CONSIDERATIONS

CHAPTER 6: ACCESS CONSIDERATIONS

Example 6-5 illustrates these steps for setting up port security on a specific port:

Once port security is setup, it is important to manage the log and review the log often. If 
the signals are sent to the trap receiver, the traps should also be reviewed for intrusion and 
other infractions.

6.2.2

Security Logs

All events occurring on the MultiLink family of switches are logged. The events can be 
informational (e.g. login, STP synchronization etc.), debugging logs (for debugging network 
and other values), critical (critical events), activity (traffic activity) and fatal events (such as 

Example 6-5: Configuring port security

ML2400#

 

port-security

ML2400(port-security)##

 

ps enable

Port Security is already enabled

ML2400(port-security)##

 

learn port=11 enable

Port Learning Enabled on selected port(s)

ML2400(port-security)##

 

show port-security

PORT

STATE

SIGNAL

ACTION

LEARN

COUNT

MAC ADDRESS

----

-----

------

------

-----

-----

-----------

9

ENABLE

LOG

NONE

ENABLE

6

00:e0:29:2a:f1:bd

00:01:03:e2:27:89

00:07:50:ef:31:40

00:e0:29:22:15:85

00:03:47:ca:ac:45

00:30:48:70:71:23

10

ENABLE

NONE

NONE

DISABLE

0

Not Configured

11

ENABLE

NONE

NONE

ENABLE

0

00:c1:00:7f:ec:00

12

ENABLE

NONE

NONE

DISABLE

0

Not Configured

13

ENABLE

NONE

NONE

DISABLE

0

Not Configured

14

ENABLE

NONE

NONE

DISABLE

0

Not Configured

15

ENABLE

NONE

NONE

DISABLE

0

Not Configured

16

ENABLE

NONE

NONE

DISABLE

0

Not Configured

ML2400(port-security)##

 

save

Saving current configuration

Configuration saved

ML2400(port-security)##

 

learn port=11 disable

Port Learning Disabled on selected port(s)

ML2400(port-security)##

 

action port=11 drop

Port security Action type set to Drop on selected

port(s)

ML2400(port-security)##

 

show port-security port=11

PORT

STATE

SIGNAL

ACTION

LEARN

COUNT

MAC ADDRESS

----

-----

------

------

-----

-----

-----------

11

ENABLE

NONE

DROP

ENABLE

0

00:c1:00:7f:ec:00

ML2400(port-security)##

 

signal port=11 logandtrap

Port security Signal type set to Log and Trap on

selected port(s)

ML2400(port-security)##

 

exit

ML2400#

Summary of Contents for MULTILINK ML2400

Page 1: ...042K Copyright 2008 GE Multilin GE Multilin 215 Anderson Avenue Markham Ontario Canada L6E 1B3 Tel 905 294 6222 Fax 905 201 2098 Internet http www GEmultilin com 1601 0220 AB IISO9001 2000 G E M ULTILI N R E GISTERE D GE Multilin s Quality Management System is registered to ISO9001 2000 QMI 005094 UL A3775 GE Consumer Industrial Multilin ...

Page 2: ... given with respect to local codes and ordinances because they vary greatly 2008 GE Multilin Incorporated All rights reserved GE Multilin Multilink ML2400 instruction manual for revision 3 x Multilink ML2400 is a registered trademark of GE Multilin Inc The contents of this manual are the property of GE Multilin Inc This documentation is furnished on license and may not be reproduced in whole or in...

Page 3: ...UTOMATIC IP ADDRESS CONFIGURATION 1 11 SETTING THE IP PARAMETERS 1 12 PRIVILEGE LEVELS 1 14 USER MANAGEMENT 1 14 HELP 1 15 EXITING 1 17 ENERVISTA SECURE WEB MANAGEMENT 1 18 LOGGING IN FOR THE FIRST TIME 1 18 PRIVILEGE LEVELS 1 19 USER MANAGEMENT 1 19 MODIFYING THE PRIVILEGE LEVEL 1 22 HELP 1 22 EXITING 1 23 ML2400 FIRMWARE UPDATES 1 24 UPDATING MULTILINK FIRMWARE 1 24 SELECTING THE PROPER VERSION ...

Page 4: ...UNTING 3 6 RACK MOUNTING 3 6 ELECTRICAL INSTALLATION 3 8 POWERING THE ML2400 3 8 UL REQUIREMENTS FOR DC POWERED UNITS 3 8 ALARM CONTACTS 3 9 DIELECTRIC STRENGTH HI POT TESTING 3 10 CONNECTING A MANAGEMENT CONSOLE TERMINAL TO THE ML2400 3 11 DESCRIPTION 3 11 4 OPERATION FUNCTIONALITY 4 1 SWITCHING FUNCTIONALITY 4 1 FILTERING AND FORWARDING 4 1 ADDRESS LEARNING 4 2 STATUS LEDS 4 2 UP LINK MANUAL SWI...

Page 5: ...APTER 5 32 6 ACCESS CONSIDERATIONS SECURING ACCESS 6 1 DESCRIPTION 6 1 PASSWORDS 6 1 PORT SECURITY FEATURE 6 2 CONFIGURING PORT SECURITY THROUGH THE COMMAND LINE INTERFACE 6 3 COMMANDS 6 3 SECURITY LOGS 6 8 AUTHORIZED MANAGERS 6 10 CONFIGURING PORT SECURITY WITH ENERVISTA SOFTWARE 6 12 COMMANDS 6 12 LOGS 6 14 AUTHORIZED MANAGERS 6 15 7 ACCESS USING RADIUS INTRODUCTION TO 802 1X 7 1 DESCRIPTION 7 1...

Page 6: ...LAN VS PORT VLAN 10 3 CONFIGURING PORT VLANS THROUGH THE COMMAND LINE INTERFACE 10 4 DESCRIPTION 10 4 COMMANDS 10 4 EXAMPLE 10 5 CONFIGURING PORT VLANS WITH ENERVISTA SECURE WEB MANAGEMENT SOFTWARE 10 9 DESCRIPTION 10 9 CONFIGURING TAG VLANS THROUGH THE COMMAND LINE INTERFACE 10 13 DESCRIPTION 10 13 COMMANDS 10 13 EXAMPLE 10 14 CONFIGURING TAG VLANS WITH ENERVISTA SECURE WEB MANAGEMENT SOFTWARE 10...

Page 7: ...4 1 DESCRIPTION 14 1 QOS CONCEPTS 14 1 DIFFSERV AND QOS 14 2 IP PRECEDENCE 14 2 CONFIGURING QOS THROUGH THE COMMAND LINE INTERFACE 14 4 COMMANDS 14 4 EXAMPLE 14 6 CONFIGURING QOS WITH ENERVISTA SECURE WEB MANAGEMENT SOFTWARE 14 9 DESCRIPTION 14 9 15 IGMP OVERVIEW 15 1 DESCRIPTION 15 1 IGMP CONCEPTS 15 1 IP MULTICAST FILTERS 15 4 RESERVED ADDRESSES EXCLUDED FROM IP MULTICAST IGMP FILTERING 15 5 IGM...

Page 8: ...TIVITY 17 11 DESCRIPTION 17 11 HISTORY 17 12 COMMANDS 17 12 PING 17 13 PING THROUGH THE COMMAND LINE INTERFACE 17 13 PING THROUGH ENERVISTA SECURE WEB MANAGEMENT SOFTWARE 17 13 PROMPT 17 14 CHANGING THE COMMAND LINE PROMPT 17 14 SYSTEM EVENTS 17 15 DESCRIPTION 17 15 COMMAND LINE INTERFACE EXAMPLE 17 15 ENERVISTA EXAMPLE 17 16 COMMAND REFERENCE 17 18 MAIN COMMANDS 17 18 CONFIGURATION COMMANDS 17 20...

Page 9: ...package should contain MultiLink ML2400 Ethernet Switch base unit configured with user selected port module options installed Set of metal ears for 19 inch rack mounting Installation and user guide this manual Remove the items from the shipping container Be sure to keep the shipping container should you need to re ship the unit at a later date To validate the product warranty please complete and r...

Page 10: ...er A8 A8 A8 A8 2 100 Mb SC sm fiber 20 km 4 10 100 Mb RJ45 copper AA AA AA AA 4 100 Mb LC mm fiber 4 10 100 Mb RJ45 copper AB AB AB AB 8 100 Mb LC mm fiber AC AC AC AC 4 100 Mb LC sm fiber 4 10 100 Mb RJ45 copper AD AD AD AD 8 100 Mb LC sm fiber AE AE AE AE 2 100 Mb LC sm fiber 6 10 100 Mb RJ45 copper AF AF AF AF 2 10 Mb ST mm fiber 2 100 Mb ST mm fiber AH AH AH AH 8 x 100 Mb MTRJ mm fiber AJ AJ A...

Page 11: ...d Spanning tree protocol IEEE 802 1q VLAN tagging IEEE 802 3x Flow control MAXIMUM 10 MBPS ETHERNET SEGMENT LENGTHS Unshielded twisted pair 100 m 328 ft Shielded twisted pair 150 m 492 ft 10Base FL multi mode fiber optic 2 km 6562 ft 10Base FL single mode fiber optic 10 km 32810 ft MAXIMUM STANDARD FAST ETHERNET SEGMENT LENGTHS 10Base T CAT 3 4 5 UTP 100 m 328 ft 100Base TX CAT 5 UTP 100 m 328 ft ...

Page 12: ...C Min Max DC Voltage 36 60 V DC HIGH RANGE HI and AC Power Supply Nominal DC Voltage 110 to 250 V DC Min Max DC Voltage 88 300 V DC Nominal AC Voltage 100 to 240 V AC Min Max AC Voltage 85 265 V AC Input current fiber LO 1 59 A maximum HI 1 8 A maximum for AC voltage 0 9 A maximum for DC voltage AC 1 8 A maximum Standard terminal block internally floating Ground Terminal for filter ground wire ext...

Page 13: ...300V 1000ohms impedance Surge Immunity IEC61000 4 5 2005 Class 4 2KV Line to Earth and 1KV Line to Line Installation Class 3 Level 2 3 Non Destructive transient Immunity NEMA TS2 2003 1000V 1 ohm X 3 Ring Wave Surge IEC Damped Oscillatory Burst 1Mhz EN IEC61000 4 12 2006 Ring wave 1KV Common 0 5KV diff Level 2 SWC Damped Oscillatory IEEEC37 90 1 2002 Common and transverse to 2 5KV No Transverse fo...

Page 14: ...6 hours 40 deg start up Ad Dry Heat Temperature EN IEC 60068 2 2 1994 1974 16 hours at rated upper limit hot start up Bd Humidity 34 to 74C 10 95 NEMA TS2 Humidity 34 to 74C 10 95 Defined in 2 1 5 MECHANICAL TESTS Sinusoidal Vibration EN IEC 60255 21 1 1996 1988 10 150hz Response Endurance 1G Class 1 Shock 2 Bump EN IEC 60255 21 2 1996 1988 Class 2 for shock 30g and Bump 20g Class 2 Shock NEMA TS2...

Page 15: ...or power susbstations CE EN 50082 1 EN 55022 1998 EN 60950 3rd Edition UL UL listed recognized file E156407 UL 60950 1 1st edition CSA Certified per C22 1 No 60950 1 1st edition WARRANTY 24 months from date of shipment Manufactured in USA GE Multilin reserves the right to change specifications performance characteristics and or model offerings without notice ...

Page 16: ...r 2 can be used optionally only if parameter 1 is specified parameter 3 is mandatory Whenever the word PC is used it implies a UNIX Linux Windows or any other operating system based workstation computer personal computer laptop notebook or any other computing device Most of the manual uses Windows XP based examples While effort has been made to indicate other operating system interactions it is be...

Page 17: ...cide on a manager level account name and password 6 IP address netmask default gateway for the switch being configured As a default the switch has no IP Internet Protocol address and subnet mask For first time use the IP address has to be assigned This can only be done by using the console interface provided The same procedure can also be used for other configuration changes or updates for example...

Page 18: ...e switch is configured with an IP address the command line interface or CLI is also accessible using telnet as well as the serial port Access to the switch can be either through the console interface or remotely over the network Simultaneous access that is through the console port as well as through the network to the MultiLink switch is not permitted The Command Line Interface CLI enables local o...

Page 19: ...ging In for the First Time For the first time use the default user name and passwords assigned by GE They are Username manager Password manager Username operator Password operator We recommend you login as manager for the first time to set up the IP address as well as change user passwords or create new users 1 5 5 Automatic IP Address Configuration The ML2400 is operational immediately after it i...

Page 20: ... switch will assign itself an IP address The ML2400 will check to see if IP address 192 168 1 2 with a network mask of 255 255 255 0 is free If so it will assume these values If this IP address is assigned to another device the ML2400 will repeat steps 1 through 3 to find a DCHP or BOOTP server or wait for the 192 168 1 2 address to become free Once connected the browser will display a login promp...

Page 21: ... mask 255 255 252 0 dgw 3 94 247 41 ML2400 save Note This manual assumes the reader is familiar with IP addressing schemes as well as how net mask is used and how default gateways and routers are used in a network Reboot gives an opportunity to save the configuration prior to shutdown For a reboot simply type in the command reboot Note that even though the passwords are not changed they can be cha...

Page 22: ...es with the levels For example to set up a user for basic monitoring capabilities use lower number or operator level privilege level 1 The Manager level provides all operator level privileges plus the ability to perform system level actions and configuration commands To select this level enter the enable user name command at the Operator level prompt and enter the Manager password when prompted en...

Page 23: ...ord is shown below passwd user name The following example changes the password for user peter ML2400 user passwd user peter Enter New Password Confirm New Password Password has been modified successfully ML2400 user The syntax to modify the privilege level for a specific user is shown below chlevel user name level number The following example modifies the privilege level of user peter to Operator ...

Page 24: ... 59 sec 0 59 zone GMT hh mm ML2400 The options for a specific command can be displayed by typing the command and pressing enter The following syntax applies command Enter For example the options for the show command are ML2400 show Enter Usage show active stp show active snmp show active vlan show address table show age show alarm show arp show auth config ports show backpressure show bootmode mor...

Page 25: ...the following example the TAB key completes the command ML2400 se TAB password timeout vlan ML2400 set 1 5 10 Exiting To exit from the CLI interface and terminate the console session use the logout command This command prompts to ensure that the logout was not mistakenly typed The following syntax applies logout The following example illustrates logging out from a session ML2400 logout Logging out...

Page 26: ...TTPS secure HTTP and not HTTP in the URL In the example shown in the previous section the URL is https 3 94 247 41 If your site uses name services you can use a name instead of the IP address Please make sure that the name is resolved to the IP address assigned to the switch The secure site will issue the certificate check shown below FIGURE 1 2 Security certificate Once you click Yes on the secur...

Page 27: ...low changes to the configuration Manager privilege users manager privileges allow configuration changes The changes can be done at the manager prompt or for global configuration as well as specific configuration 1 6 3 User Management A maximum of five users can be added per switch Users can be added deleted or changed from a manager level account There can be more than one manager account subject ...

Page 28: ...TRUCTION MANUAL INTRODUCTION CHAPTER 1 INTRODUCTION In the following example below the user peter was added with manager privilege after clicking the add button After successfully adding a user the added user is displayed in the list of users as shown below ...

Page 29: ... ETHERNET COMMUNICATIONS SWITCH INSTRUCTION MANUAL 1 21 Z To delete a user click on the delete icon as shown below The firmware will prompt to verify the delete command Z To modify the password view the users as described above and click on the edit icon ...

Page 30: ...ssword for peter will be modified after the new password is entered 1 6 4 Modifying the Privilege Level Privilege levels cannot be changed from the EnerVista Secure Web Management SWM firmware This can only be done through the CLI interface or alternately by deleting the user and adding the same user with the proper privilege level 1 6 5 Help Help for the EnerVista Secure Web Management software c...

Page 31: ...TRODUCTION INTRODUCTION MULTILINK ML2400 ETHERNET COMMUNICATIONS SWITCH INSTRUCTION MANUAL 1 23 1 6 6 Exiting Z To exit or logout click on the logout button Z Confirm the logout by selecting OK in the pop up window ...

Page 32: ... 4 At least 15 MB of free disk space 5 Manager level account name and password of the switch being upgraded 6 An internet connection Ensure the connection does not block ftp file transfers 1 7 2 Selecting the Proper Version Ensure that the proper version of the MultiLink Switch Software is installed The latest version of the firmware is available at http www GEmultilin com Z Connect to the ML2400 ...

Page 33: ... window used in step 5 Z Select the Transfer Send File menu item Z As shown below enter the location of the new firmware file Z Select the Xmodem protocol Z Select the Send button and to begin the file transfer Z Once the file transfer is completed reboot the switch with the reboot command or by cycling power Z Login to the switch and use the show version command to verify and upload the configura...

Page 34: ...e configuration to the ftp server then load the new image and restart the switch refer to Saving Configuration on page 5 19 for details on saving the configuration Z Load the new firmware as shown below As the file is being loaded the firmware will display the transfer in progress window Z Reboot the switch when the transfer is complete After reboot the firmware is ready for use Z If using TFTP sa...

Page 35: ...COMMUNICATIONS SWITCH INSTRUCTION MANUAL 1 27 Z Load the new firmware as shown below As the file is being loaded the firmware will display the transfer in progress window Z Reboot the switch when the transfer is complete After reboot the firmware is ready for use ...

Page 36: ...1 28 MULTILINK ML2400 ETHERNET COMMUNICATIONS SWITCH INSTRUCTION MANUAL INTRODUCTION CHAPTER 1 INTRODUCTION ...

Page 37: ...n height The mixed media capability allows user selection of all popular flavors of fiber port connectors and modes including 10Mb fiber alongside Gigabit ports It also allows a mix of 10 100Mb RJ45 copper ports and a fiber Gigabit port in the same unit This flexibility is achieved via a family of communication modules for copper and fiber six port modules for fiber and RJ45 combinations and 1 Gb ...

Page 38: ...dware and industry standard managed networks software functionality all in convenient 1 U rack mount packages The ML2400 is a 19 rack mountable Ethernet switch with three eight port slots A B and C and one Gb only slot D Slots A B and C may be configured with a selection of fiber and copper ports Slot D may be configured with a Gb module that accepts GBICs These configurable ports allow the ML2400...

Page 39: ...rts and under each port is a link LED In both cases the number of status LEDs is the same for each port There are three LEDs per fiber port The Link LK LED when lit indicates ready for operation on that port the F H LED indicates operation in full duplex mode when ON half duplex when OFF and the blinking ACT LED indicates receiving activity on the port A fiber cable must be connected to the port a...

Page 40: ...ame On the six port combo modules there are four LEDs for each RJ45 port which indicate status the same as described in the previous section There are three LEDs per fiber port The Link LK LED when lit indicates ready for operation on that port the F H LED indicates operation in full duplex mode when ON half duplex when OFF and the blinking ACT LED indicates receiving activity on the port A fiber ...

Page 41: ...cate full duplex operation and OFF to indicate half duplex mode A twisted pair cable must be connected into an RJ45 port and the Link LK indicator for that port must be ON indicating there is a powered up device at the other end of the cable in order for a LK LED to provide valid indications of operating conditions on that port Using the ML2400 management software the user may disable auto negotia...

Page 42: ...Modules The 1000 Mb Gigabit fiber port modules on the ML2400 are normally set factory default to operate in AUTO mode for best fiber distance and performance The 1000 Mbps SC fiber optic module on the Gigabit SX and Gigabit LX transceivers are compatible with the IEEE 802 3z Gigabit standards FIGURE 2 4 Gigabit module in fourth port 754730A1 CDR ...

Page 43: ...minimal frame latency they will also permit bad frames to propagate out to the Ethernet segments connected The cut through technique permits collision fragment frames which are a result of late collisions to be forwarded which add to the network traffic Since there is no way to filter frames with a bad CRC the entire frame must be present in order for CRC to be calculated the result of indiscrimin...

Page 44: ...ower input A and power supply 2 on the switch is power input B For example ML2400 show power Power Input A Good Power Input B Good The show power command is only available in switches with redundant power supplies 2 3 5 Additional Features and Benefits Managed switching for high performance Ethernet LANs The ML2400 provides non blocking all ports can run at full speed performance with standard man...

Page 45: ...e changed in the field Heavy duty design for industrial Ethernet and extended temperature operation Fiber ports take more power than copper ports but the ML2400 design provides for this with heavy duty components The ambient temperature can be up to is 85 C NEBS and ETSI tested and certified The ML2400 has been tested and certified for NEBS and ETSI Test reports are available upon request ...

Page 46: ... Switch can handle VLAN applications and provide security and performance in Ethernet network centers A secure VLAN enabled network is an administratively configured broadcast domain The network administrator determines which ports and nodes belong to certain broadcast domains by setting membership profiles The ML2400 VLAN capability can be developed in several types of virtual LANs such as port b...

Page 47: ...e uninterrupted support through a viewable SNMP monitor The MultiLink ML2400 Ethernet Switch equipped with the mix of copper and fiber ports provides an economical and seamless solution to the requirements The user configurable ML2400 provides an extra boost to the network requirements by providing copper fiber media along with the higher bandwidth support of 10 100 and 1000 Mb The user can utiliz...

Page 48: ...2 12 MULTILINK ML2400 ETHERNET COMMUNICATIONS SWITCH INSTRUCTION MANUAL PRODUCT DESCRIPTION CHAPTER 2 PRODUCT DESCRIPTION FIGURE 2 6 Network with multiple subnets example 754732A1 CDR ...

Page 49: ...e equipment has a reliable and uncompromised grounding path 6 Equipment is to be installed by service personnel in a restricted operation area This chapter describes installation of the MultiLink ML2400 Ethernet Switch as well as connection of the various Ethernet media types 3 1 2 Locating the ML2400 For mounting instructions refer to Mechanical Installation on page 3 6 The location of a ML2400 s...

Page 50: ... CHAPTER 3 INSTALLATION Locate an power source within six feet 2 meters of the intended ML2400 site The rugged metal case of the will normally protect the switch from accidental damage in a lab or workplace setting Maintain an open view of the front to visually monitor the status LEDs ...

Page 51: ...s with a soft cloth or lint free lens tissue dampened in alcohol Ensure the connectors are clean before proceeding Note One strand of the duplex fiber optic cable is coded using color bands at regular intervals The color coded strand must be used on the associated ports at each end of the fiber optic segment Z Connect the transmit TX port on the module light colored post to the receive RX port of ...

Page 52: ...X connections When the ports are used as 10Base T ports CAT 3 may be used In either case the maximum distance for unshielded twisted pair cabling is 100 m 328 ft Note It is recommended that high quality CAT 5 cables which work with 10 Mb and 100 Mb be used whenever possible to provide flexibility in a mixed speed network as dual speed ports are auto sensing for 10 and 100 Mb s The following proced...

Page 53: ...t either end of the cable with an RJ45 plug into the RJ45 connector on the module Although the connector is shielded either unshielded or shielded cables may be used Z Connect the other end of the cable to the corresponding device Z Use the LINK LED to ensure connectivity by noting that the LED will be illuminated when the unit is powered and connection is established 3 2 6 Connecting Gigabit Medi...

Page 54: ...hould be in plain view and easy to read Rack mount installation requires special 19 inch rack mounted brackets and screws included with the ML2400 These brackets attach to the front sides of the switch which is then typically fastened into a standard 19 RETMA rack as shown below FIGURE 3 1 Rack mounting The 23 inch brackets and the ETSI European metric approximately 21 brackets are also available ...

Page 55: ...s ways The same holes fit all three types 19 ETSI 23 of brackets The mounting for the 23 is illustrated above The brackets may be attached flush with the front or attached in the center for a set back mounting which may reduce cabling torque The optional 23 brackets and the ETSI 21 brackets each come as a pair in a package along with the necessary screws for attaching the brackets to the sides of ...

Page 56: ...e negative and or AC leads to the live L neutral N and Please ensure the correct polarity The should be connected to the safety ground except during dielectric testing Ensure that each lead is securely tightened FIGURE 3 3 Power connection and alarm contacts Note Always use a voltmeter to measure the voltage of the incoming power supply and properly determine the positive and negative leads Note T...

Page 57: ...e same space in the case The first NC alarm contact top position is a software alarm operated by user settings in the ML2400 software The user can disable the software alarm feature with a software configuration command if desired When the software alarm is enabled the form A normally closed NC contact is held close during normal software operation A user defined software malfunction such as an SN...

Page 58: ...LLATION CHAPTER 3 INSTALLATION 3 4 4 Dielectric Strength hi pot Testing The shorting link between the and safety ground must be removed prior to the dielectric strength test to protect the transient suppression circuitry of the power supply FIGURE 3 4 Dielectric strength testing ...

Page 59: ...e purchased as a separate items They are not included with the unit FIGURE 3 5 ML2400 console port The pin assignment for the console port are indicated in the following table This information enables a management station PC or console terminal to connect directly to the switch console using a straight through serial cable Table 3 2 Console port pin assignment Pin Signal Description 1 CD Carrier d...

Page 60: ...3 12 MULTILINK ML2400 ETHERNET COMMUNICATIONS SWITCH INSTRUCTION MANUAL INSTALLATION CHAPTER 3 INSTALLATION ...

Page 61: ... 10 or 100 Mbps selection for the switched ports must be configured through software as per the requirement The internal functions of both are described below 4 1 2 Filtering and Forwarding Each time a packet arrives on one of the switched ports the decision is taken to either filter or to forward the packet Packets whose source and destination addresses are on the same port segment will be filter...

Page 62: ...settings on all the RJ45 ports either used for all copper module or combo module 4 1 6 Auto Negotiation for Fast Ethernet Copper Ports The managed ML2400 Fast Ethernet copper ports can be set for either fixed 100 Mb speed or for 10 100 full half duplex n way auto negotiation per the IEEE802 3u standard The selection is made via the ML2400 software The factory default setting is for auto negotiatio...

Page 63: ...onally encountered When operating in 100 Mb half duplex mode cable distances and hop counts may be limited within that collision domain The Path Delay Value PDV bit times must account for all devices and cable lengths within that domain For MultiLink fast Ethernet switched ports operating at 10 0Mb half duplex the bit time delay is 50BT 4 1 7 Flow Control IEEE 802 3x The ML2400 incorporates a flow...

Page 64: ...00 implements a back pressure algorithm on 10 100 Mb ports for flow control That is the switch prevents frames from entering the device by forcing a collision indication on the half duplex ports that are receiving This temporary collision delay allows the available buffer space to improve as the switch catches up with the traffic flow ...

Page 65: ...dx λ Size PT PR OPBworst dworst OPBtyp dtypical A1 A5 10 Mb FL multi 2 2 km 850 nm 62 5 125 μm 100 140 μm 50 125 μm 15 0 dB 9 5 dB 19 5 dB 31 dB 31 dB 31 dB 14 dB 19 5 dB 19 5 dB 5 0 km 5 9 km 3 4 km 17 dB 23 5 dB 13 2 dB 6 0 km 7 0 km 4 8 km A2 A3 A6 100 Mb FX multi 2 0 4 km 1300 nm 62 5 125 μm 50 125 μm 20 dB 23 5 dB 31 dB 31 dB 9 0 dB 5 5 dB 3 0 km 2 0 km 14 dB 12 dB 5 0 km 4 0 km A7 A8 100 Mb ...

Page 66: ...over long distances i e in excess of 400 m can be achieved only if the following are applied 1 The 100 Mb fiber segment must operate in full duplex FDX mode i e the full duplex factory default 2 The worst case OPB of the fiber link must be greater than the fiber cable s passive attenuation where attenuation is the sum of cable loss LED aging loss insertion loss and safety factor ...

Page 67: ...nstallation about 90 of network downtime can be attributed to wiring and connector problems 3 If the problem is isolated to a network device other than the ML2400 it is recommended that the problem device be replaced with a known good device Verify whether or not the problem is corrected If not go to the next step If the problem is corrected the ML2400 and its associated cables are functioning pro...

Page 68: ...4 8 MULTILINK ML2400 ETHERNET COMMUNICATIONS SWITCH INSTRUCTION MANUAL OPERATION CHAPTER 4 OPERATION ...

Page 69: ... SNMP Network Management software to manage the switch Use NTP protocol or an NTP server to synchronize the time on the switch Use TFTP or FTP to download the configurations or upload software updates Run ping tests to test connectivity To set the IP address please refer to Setting the IP Parameters on page 1 12 Once the IP address is set the CLI can be accessed via telnet as well as the console i...

Page 70: ...erify the IP address using the EnerVista Secure Web Management software Z Select the Administration System menu item to view Z Edit the IP address information Besides manually assigning IP addresses there are other means to assign an IP address automatically The two most common procedures are using DHCP and bootp ...

Page 71: ...upported in a database a simple text file On most systems the bootp service is not started as a default and has to be enabled A sample entry by which the bootp software will look up the database and update the IP address and subnet mask of the switch would be as follows ML2400 ht ether ha 002006250065 ip 3 94 247 41 sm 255 255 252 0 gw 3 94 244 1 hn vm rfc1048 where ML2400 is a user defined symbol...

Page 72: ... file from the bootp server This is useful when a new switch is put on a network and the specific configurations are loaded from a centralized bootp server The following example changes the boot mode of the switch ML2400 set bootmode type bootp bootimg enable bootcfg disable Network application image download is enabled Network application config download is disabled Save Configuration and Restart...

Page 73: ...net enable disable Telnet can also be disabled for specific users with the useraccess command Refer to User Management on page 1 14 for details Multiple telnet sessions started from the CLI interface or the command line are serviced by the ML2400 in a round robin fashion that is one session after another If one telnet session started from an ML2400 is downloading a file the other windows will not ...

Page 74: ...ess port port number The default port for telnet is 23 To start a telnet session through the EnerVista Secure Web Management software Z Select the Administration Telnet menu item The default port for telnet is 23 The ML2400 will time out an idle telnet session It may be useful to see who is currently connected to the switch It may also be useful for a person to remotely terminate a telnet session ...

Page 75: ...ator session is then terminated using the kill session command Note A maximum of four simultaneous telnet sessions are allowed at any time on the switch The commands in these telnet windows are executed in a round robin fashion that is if one window takes a long time to finish a command the other windows may encounter a delay before the command is completed For example if one window is executing a...

Page 76: ... connectivity The terminal software parameters e g HyperTerminal will also have to be changed to match the new settings To see the current settings of the serial port use the show serial command to query the serial port settings as illustrated below ML2400 show serial Baud Rate 38400 Data 8 Parity No Parity Stop 1 Flow Control None 5 3 2 System Parameters The system parameters can be queried and c...

Page 77: ... and System Information This is helpful for identifying the administrator responsible for the switch and for identifying the locations of individual switches To set these variables change the mode to be SNMP configuration mode from the manager mode using the following syntax snmp setvar sysname syscontact syslocation string The following command sequence sets the system name system location and sy...

Page 78: ...anada Success in setting daylight savings to the given location country Canada ML2400 show daylight Daylight savings location name Canada ML2400 The date and time can only be set through the command line interface software 5 3 4 Network Time Many networks synchronize the time using a network time server The network time server provides time to the different machines using the Simple Network Time P...

Page 79: ...400 sntp sync hour 5 ML2400 sntp sntp enable SNTP is already enabled ML2400 sntp exit ML2400 sntp SNTP parameters can be configured through the EnerVista Secure Web Management software with the Configuration SNTP menu item The SNTP menu allows the time zone hours from GMT to be defined along with other appropriate parameters on setting the time and synchronizing clocks on network devices The edit ...

Page 80: ...ync Now button allows synchronization as soon as the server information is added Note If your site has internet access there are several SNTP servers available online A quick search will yield information about these servers You can use the IP address of these servers however please ensure the server can be reached by using the ping command The ping command can also be launched from the EnerVista ...

Page 81: ...ther alternative methods can be used In most situations the filename must be a unique since overwriting files is not permitted by most ftp and tftp servers or services Only alphanumeric characters are allowed in the filename The following example illustrated how to save the configuration on a tftp server ML2400 saveconf mode tftp 3 94 240 9 file ml2400set Do you wish to upload the configuration Y ...

Page 82: ...figuration of GE MultiLink switches settings GE Multilin Inc recommends that modifications of this file and the commands should be verified by the User in a test environment prior to use in a live production network All modifications are made at the User s own risk and are subject to the limitations of the GE MultiLink software End User License Agreement EULA Incorrect usage may result in network ...

Page 83: ...hed Should you want to edit edit the System portion of the file only GE Multilin Inc recommends editing the script file see below 2 File names cannot have special characters such as space and control characters SYSTEM Edit below this line only system_name ML2400 system_contact support gemultilin com system_location Markham Ontario boot_mode manual system_ip 192 168 5 5 system_subnet 0 0 0 0 system...

Page 84: ...uration or to view specific modules configured the show config command is used as described below Syntax show config module module name Where module name can be If the module name is not specified the whole configuration is displayed Name Areas affected system IP Configuration Boot mode Users settings e g login names passwords event Event Log and Alarm settings port Port settings Broadcast Protect...

Page 85: ...ut System Manager This area configures System related information SYSTEM Edit below this line only system_name Main system_contact someone joe com system_location Markham Ontario boot_mode manual system_ip 192 168 1 15 system_subnet 0 0 0 0 system_gateway 192 168 1 11 idle_timeout 10 telnet_access enable snmp_access enable web_access enable more ...

Page 86: ...w config command ML2400 show config module snmp HARDWARE type ML2400 slotB 8 Port TP Module Network Management This area configures the SNMPv3 agent SNMP engineid LE_v3Engine defreadcomm public defwritecomm private deftrapcomm public authtrap disable com2sec_count 0 group_count 0 view_count 1 view1_name all view1_type included view1_subtree 1 view1_mask ff more ...

Page 87: ...iguration Without a reboot the ML2400 used the previous configuration When reboot is selected the user is prompted as follows Reboot Y or N Select Y The ML2400 will prompt Save Current Configuration Select N ML2400 show config module snmp system HARDWARE type ML2400 slotB 8 Port TP Module System Manager This area configures System related information SYSTEM Edit below this line only system_name Ma...

Page 88: ... old v2 format and new v3 format The v3 format must be used to utilize the ASCII and CLI Script capability save format v2 v3 Note With release 1 7 and higher the configuration can be saved in the older format binary object or in a new format as an ASCII file The new format is recommended by GE Multilin Use the old format only if there are multiple MultiLink switches on the network running differen...

Page 89: ...uplication or disclosure is subject to U S Government restrictions as set forth in Sub division b 3 ii of the rights in Technical Data and Computer Software clause at 52 227 7013 This file is provided as a sample template to create a backup of GE MultiLink switches configurations As such this script provides insights into the configuration of GE MultiLink switch s settings GE Multilin Inc recommen...

Page 90: ...dress on the receiving Switch before connecting to the network After configuration changes are made all the changes are automatically saved It is a good practice to save the configuration on another server on the network using the tftp or ftp protocols Once the configuration is saved the saved configuration can be reloaded to restore the settings At this time the saved or loaded configuration para...

Page 91: ...he saved configuration from the server to the switch This option is used to save a backup of the ML2400 configuration or restore the configuration in case of a disaster 3 Script Download or Script Upload Save the necessary CLI commands used for configuration of the switch or upload the necessary CLI commands needed to configure the switch This option is used to ease the repetitive task of configur...

Page 92: ... typing in IP addresses of commonly reached hosts the ML2400 allows hosts to be created with the necessary host names IP addresses user names and passwords Z Use the Configuration Access Host menu to create host entries as shown below Z To add a host click the Add button Z Fill in all the fields below to create the necessary host entries ...

Page 93: ...entry shown above 5 4 8 Erasing Configuration Kill Config option using SWM To erase the configuration and reset the configurations to factory defaults you can use the kill config option from Administration tab by selecting kill config Note User also has the option to save one module from defaulting back to factory defaults by checking the module box before issuing kill Config command ...

Page 94: ...d is issued by pressing the OK button the Switch will perform a factory dump restoring all the Switch settings back to factory defaults except for the System settings which will be retained When the OK button is pressed the Switch will issue the following warning messages and reboot the switch for it to revert back to the factory default settings with the exceptions of modules opted not to be defa...

Page 95: ...ig save module command The kill Config command will default all the Switch settings back to factory defaults while the kill config save module will default all with the exception of module selected Available modules are system user acces port vlan ps mirror lacp slp and igmp Name Areas affected System IP Configuration Boot mode User Users settings e g login names passwords Port Port settings Broad...

Page 96: ...s configuration using the kill config command and the second example illustrates how to erase all the Switch s configuration with the exception of system configuration ML2400 kill config Do you want to erase the configuration Y or N Y Successfully erased configuration Please reboot ML2400 kill config save system Do you want to erase the configuration Y or N Y Successfully erased configuration Plea...

Page 97: ...rent IPv4 Its deployment strategy is designed to have no dependencies IPv6 is designed to run well on high performance networks e g Gigabit Ethernet OC 12 ATM etc and at the same time still be efficient on low bandwidth networks e g wireless In addition it provides a platform for the new level of internet functionality that will be required in the near future IPv6 includes a transition mechanism d...

Page 98: ...uded in all implementations 5 5 3 IPv6 Addressing IPv6 addresses are 128 bits long and are identifiers for individual interfaces and sets of interfaces IPv6 addresses of all types are assigned to interfaces not nodes Since each interface belongs to a single node any of that node s interface s unicast addresses may be used as an identifier for the node A single interface may be assigned multiple IP...

Page 99: ...Syntax show ipv6 displays the IPv6 information To configure IPv6 the following sequence of commands can be used FIGURE 5 5 Configuring IPv6 In addition to the commands listed above the commands which support IPv6 addressing are Syntax ftp IPv6 address ftp to an IPv6 station Example ftp fe80 220 6ff fe25 ed80 ML2400 ipconfig ipconfig Configures the system IP address subnet mask and gateway Usage ip...

Page 100: ...g as shown in the example below http fe80 220 6ff fe25 ed80 5 5 5 List of commands in this chapter Syntax ipconfig ip ip address mask subnet mask dgw gateway add del configure an IPv6 address The add delete option can be used to add or delete IPv4 IPv6 addresses Syntax show ipconfig display the IP configuration information including IPv6 address Syntax ping6 IPv6 address pings an IPv6 station Synt...

Page 101: ...er is familiar with issues concerning security as well as securing access for users and computers on a network Secure access on a network can be provided by authenticating against an allowed MAC address as well as IP address 6 1 2 Passwords The GE MultiLink family of switches have a factory default password for the manager as well as the operator account Passwords can be changed from the user ID b...

Page 102: ...vices connected to the MultiLink family of switches If there is an insecure access on the secondary device the MultiLink family of switches allow the authorized users to continue to access the network the unauthorized packets are dropped preventing access to the network Note Network security hinges on the ability to allow or deny access to network resources This aspect of secure network services i...

Page 103: ...gured to 1 Auto learn the MAC addresses 2 Specify individual MAC addresses to allow access to the network 3 Validate or change the settings The command syntax for the above actions are allow mac address list range port num list range learn port number list enable disable show port security action port num list range none disable drop signal port num list range none log trap logandtrap ps enable di...

Page 104: ...ty configuration mode Let s look at a few examples The following command allows specific MAC addresses on a specified port No spaces are allowed between specified MAC addresses ML2400 port security allow mac 00 c1 00 7f ec 00 00 60 b0 88 9e 00 port 18 The following command sequence sets the port security to learn the MAC addresses Note that a maximum of 200 MAC addresses can be learned per port to...

Page 105: ... 15 85 00 03 47 ca ac 45 00 30 48 70 71 23 10 ENABLE NONE NONE DISABLE 0 Not Configured 11 ENABLE NONE NONE DISABLE 0 Not Configured 12 ENABLE NONE NONE DISABLE 0 Not Configured 13 ENABLE NONE NONE DISABLE 0 Not Configured 14 ENABLE NONE NONE DISABLE 0 Not Configured 15 ENABLE NONE NONE DISABLE 0 Not Configured 16 ENABLE NONE NONE DISABLE 0 Not Configured ML2400 port security Example 6 2 Enabling ...

Page 106: ...ing is enables and MAC addresses are being learnt on required ports use the show port security port 11 command Z Save the port security configuration use the save command Z Disable learning on required ports for example use the learn port 11 15 disable command Example 6 3 Allowing specific MAC addresses on specific ports ML2400 port security allow mac 00 c1 00 7f ec 00 port 9 11 13 Specified MAC a...

Page 107: ... the add mac 00 c1 00 7f ec 00 port 11 15 command Z Disable access to the network for unauthorized devices Use action port 11 diable drop depending on whether the port should be disabled or the packed dropped Follow that with a show port security command to verify the setting Z Optional step Set the notification to notify the management station on security breach attempts use the command signal po...

Page 108: ... port s ML2400 port security show port security PORT STATE SIGNAL ACTION LEARN COUNT MAC ADDRESS 9 ENABLE LOG NONE ENABLE 6 00 e0 29 2a f1 bd 00 01 03 e2 27 89 00 07 50 ef 31 40 00 e0 29 22 15 85 00 03 47 ca ac 45 00 30 48 70 71 23 10 ENABLE NONE NONE DISABLE 0 Not Configured 11 ENABLE NONE NONE ENABLE 0 00 c1 00 7f ec 00 12 ENABLE NONE NONE DISABLE 0 Not Configured 13 ENABLE NONE NONE DISABLE 0 N...

Page 109: ...for that port and makes the intrusion information available The default log size is 50 rows To change the log size use the set logsize command Example 6 6 Security log commands ML2400 show log S Date Time Log Description I 12 07 2004 9 01 34 A M CLI manager console login I 12 07 2004 5 54 23 P M SNTP Date and Time updated from SNTP server I 12 08 2004 6 09 00 P M SNTP Date and Time updated from SN...

Page 110: ... indicates the activity on the switch D debug severity level 3 is reserved for GE Multilin internal diagnostic information C critical severity level 4 indicates that a severe switch error has occurred F fatal severity level 5 indicates that a service has behaved unexpectedly 6 2 3 Authorized Managers Just as port security allows and disallows specific MAC addresses from accessing a network the ML2...

Page 111: ...IP address 3 94 245 25 is allowed again note how the subnet mask is used An older station with IP address 3 94 245 15 is removed Example 6 7 Allowing blocking specific IP addresses ML2400 access ML2400 access allow ip 3 94 245 10 mask 255 255 255 0 service t Service s allowed for specified address ML2400 access allow ip 3 94 245 25 mask 255 255 255 255 service Service s allowed for specified addre...

Page 112: ...wn above each individual port can be configured for the proper action on the port auto learn MAC addresses and specify individual MAC addresses Z To edit each port click on the edit icon Z To enable or disable port security use the Status drop down menu as shown below Note that the screen also provides an overview of each port on the switch Each port can be individually configured for the proper p...

Page 113: ...ated by the Learn Status drop down menu Additionally MAC addresses can be added or deleted from the table of allowed MAC addresses Z To delete a MAC address click on the delete icon Z To add a MAC address click on the Add button and fill in the MAC address in the MAC address window There is a limitation of 200 MAC addresses per port and 500 MAC addresses per switch for port security After clicking...

Page 114: ...istics Log Statistics menu item When the switch detects an intrusion attempt on a port it records the date and time stamp the MAC address the port on which the access was attempted and the action taken by the MultiLink switches The event log lists the most recently detected security violation attempts This provides a chronological entry of all intrusions attempted on a specific port The event log ...

Page 115: ...e window above show the authorized access list for managing the switch Note specific services can be authorized Also note that individual stations or a group of stations with IP addresses can be authorized Note It is assumed that users are familiar with IP addressing schemes e g class A B C etc subnet masking and masking issues such as how many stations are allowed for a given subnet mask In the f...

Page 116: ...6 16 MULTILINK ML2400 ETHERNET COMMUNICATIONS SWITCH INSTRUCTION MANUAL ACCESS CONSIDERATIONS CHAPTER 6 ACCESS CONSIDERATIONS ...

Page 117: ... businesses use the RADIUS server for authenticating users connecting into a network For example if a user connects PC into the network whether the PC should be allowed access or not provides the same issues as to whether or not a dial in user should be allowed access into the network or not A user has to provide a user name and password for authenticated access A RADIUS server is well suited for ...

Page 118: ...S encapsulates EAP packets onto RADIUS packets for relaying to RADIUS authentication servers The details of the 802 1x authentication are as follows 1 The supplicant host is initially blocked from accessing the network The supplicant wanting to access these services starts with an EAPOL Start frame 2 The authenticator MultiLink switch upon receiving an EAPOL start frame sends a response with an EA...

Page 119: ...h EAPOL and EAP over RADIUS to communicate to a standard 802 1x supplicant and RADIUS authentication server The ML2400 software authenticator has the following characteristics Allows control on ports using STP based hardware functions EAPOL frames are Spanning Tree Protocol STP link Bridge PDUs BPDU with its own bridge multicast address Relays MD5 challenge although not limited to authentication p...

Page 120: ...meout 1 240 maxreq 1 10 The port argument is mandatory and represents the port s to be configured The supptimeout argument is optional and represents the timeout in seconds the authenticator waits for the supplicant to respond back The default value is 30 seconds and values can range from 1 to 240 seconds The servertimeout argument is optional and represents the timeout in seconds the authenticato...

Page 121: ...ion with the supplicant or PC reauth port num list range status enable disable period 10 86400 The port argument is mandatory and sets the ports to be configured The status argument is optional and enables disables re authentication The period argument is optional and represents the re authentication period This is the time in seconds the authenticator waits before a re authentication process will...

Page 122: ...ed 4 Enabled Auto Deasserted Unauthorized 5 Enabled Auto Deasserted Unauthorized 6 Enabled Auto Deasserted Unauthorized 7 Enabled Auto Deasserted Unauthorized 8 Enabled Auto Deasserted Unauthorized 9 Enabled Auto Deasserted Unauthorized 10 Enabled Auto Deasserted Unauthorized 11 Enabled Auto Deasserted Unauthorized 12 Enabled Auto Deasserted Unauthorized 13 Enabled Auto Deasserted Unauthorized 14 ...

Page 123: ...7 60 2 30 8 60 2 30 9 60 2 30 10 60 2 30 11 60 2 30 12 60 2 30 13 60 2 30 14 60 2 30 15 60 2 30 16 60 2 30 continued on following page This command sets timeout characteristics and the number of requests before access is denied The authenticator waits for the supplicant to respond back for 45 seconds the authenticator waits for 60 seconds for the back end RADIUS server to respond back and the auth...

Page 124: ...hEntersConnecting 3 authEapLogoffsWhileConnecting 0 authEntersAuthenticating 3 authAuthSuccessesWhileAuthenticating 2 authAuthTimeoutsWhileAuthenticating 0 authAuthFailWhileAuthenticating 0 authAuthReauthsWhileAuthenticating 0 authAuthEapStartsWhileAuthenticating 1 authAuthEapLogoffWhileAuthenticating 0 authAuthReauthsWhileAuthenticated 0 authAuthEapStartsWhileAuthenticated 0 authAuthEapLogoffWhil...

Page 125: ...the ports are configured enable RADIUS Also ensure that the port connected to the RADIUS server or the network where the RADIUS server is connected to is not an authenticated port The following window shows the configuration of a RADIUS Server Initially the RADIUS Services are disabled and the server IP address is set to 0 0 0 0 Edit the server IP and secret to add a RADIUS server The following fi...

Page 126: ... item to configure the RADIUS characteristics of each port Z To edit the port settings click on the edit icon Ensure that the port which has the RADIUS server is force authorized and asserted For other ports user ports it is best to leave the Control on auto and Initialize on de asserted To change the port access characteristics when authenticating with a RADIUS server ...

Page 127: ...to 10 with a default of 2 The Tx Period column represents the transmit period This is the time in seconds the authenticator waits to transmit another request for identification from the supplicant The values range from 1 to 65535 seconds with a default of 30 The backend or communication characteristics between the ML2400 and the RADIUS Server are defined through the Configuration Radius Port Acces...

Page 128: ...itch does the re authentication with the supplicant or PC These are defined through the Configuration Radius Port Access Reauth menu item The Reauth Period represents the time the authenticator waits before a re authentication process will be done again to the supplicant Values range from 10 to 86400 seconds with a default of 3600 1 hour The Configuration Radius Port Stats menu item illustrates th...

Page 129: ...a simple UDP based access control protocol originally developed by BBN for the MILNET Military Network XTACACS is now replaced by TACACS TACACS is a TCP based access control protocol TCP offers a reliable connection oriented transport while UDP offers best effort delivery TACACS improves on TACACS and XTACACS by separating the functions of authentication authorization and accounting and by encrypt...

Page 130: ...d stage is authorization where it is determined whether the user has operator access or manager privileges 8 1 3 TACACS Packet Packet encryption is a supported and is a configurable option for the ML2400 software When encrypted all authentication and authorization TACACS packets are encrypted and are not readable by protocol capture and sniffing devices such as EtherReal or others Packet data is h...

Page 131: ...ds compatibility Packet type Possible values are TAC_PLUS_AUTHEN 0x01 authentication TAC_PLUS_AUTHOR 0x02 authorization TAC_PLUS_ACCT 0x03 accounting Sequence number The sequence number of the current packet for the current session Flags This field contains various flags in the form of bitmaps The flag values signify whether the packet is encrypted Session ID The ID for this TACACS session Length ...

Page 132: ...ACS servers tacserver add delete id num ip ip addr port tcp port encrypt enable disable key string The add delete argument is mandatory and specifies whether to add or delete a TACACS server The id argument is mandatory and sets the order to poll the TACACS servers for authentication The ip argument is mandatory for adding and defines the IP address of the TACACS server The port argument is mandat...

Page 133: ...s Disabled ML2400 user tacplus enable TACACS Tunneling is enabled ML2400 user tacserver add id 2 ip 10 21 1 123 encrypt enable ke TACACS server is added ML2400 user show tacplus servers ID TACACS Server Port Encrypt Key 1 10 21 1 170 49 Enabled secret 2 10 21 1 123 49 Enabled some 3 4 5 ML2400 user tacserver delete id 2 TACACS server is deleted ML2400 user show tacplus servers ID TACACS Server Por...

Page 134: ...TACACS servers select the Administration User Mgmt TACACS menu item By default no TACACS servers are defined Z To add a server click on the Add button as shown below Note that the TCP port field can be left blank port 49 is used as a default port Up to five TACACS servers can be defined After the configuration is completed Z Save the settings Z Enable the TACACS services by using the Status drop d...

Page 135: ...CHAPTER 8 ACCESS USING TACACS ACCESS USING TACACS MULTILINK ML2400 ETHERNET COMMUNICATIONS SWITCH INSTRUCTION MANUAL 8 7 ...

Page 136: ...8 8 MULTILINK ML2400 ETHERNET COMMUNICATIONS SWITCH INSTRUCTION MANUAL ACCESS USING TACACS CHAPTER 8 ACCESS USING TACACS ...

Page 137: ... storm prevention thresholds An Ethernet switch sends traffic from one port to another port Unlike a switch a hub or a shared network device the traffic is broadcast on each and every port Capturing traffic for protocol analysis or intrusion analysis can be impossible on a switch unless all the traffic from a specific port is reflected on another port typically a monitoring port The MultiLink fami...

Page 138: ... port mirroring prtmr enable disable The sequence below illustrates how port 11 is mirrored on port 13 Any traffic on port 11 is also sent on port 13 ML2400 show port mirror Sniffer Port 0 Monitor Port 0 Mirroring State disabled ML2400 port mirror ML2400 port mirror setport monitor 11 sniffer 13 Port 11 set as Monitor Port Port 13 set as Sniffer Port ML2400 port mirror prtmr enable Port Mirroring ...

Page 139: ...le status enable disable lla enable disable The arguments for the setport command are defined as follows The device argument sets up the MultiLink switch in the device configuration mode The name argument assigns a specific name to the port This name is a designated name for the port and can be a server name user name or any other name The speed argument sets the speed to be 10 or 100 Mbps This wo...

Page 140: ...Mbps half duplex 10FDx 10 Mbps full duplex 100HDx 100 Mbps half duplex 100FDx 100 Mbps full duplex Possible port settings for 100FX fiber ports are 100FDx default 100 Mbps full duplex 100HDx 100 Mbps half duplex Possible port settings for 10FL fiber ports are 10HDx default 10 Mbps half duplex 10FDx 10 Mbps full duplex Gigabit fiber optic ports Gigabit SX and Gigabit LX 1000FDx default 1000 Mbps fu...

Page 141: ...rol xonlimit value xofflimit value where xonlimit can be from 3 to 127 default value is 4 and xofflimit ranges from 3 to 127 default value is 6 9 3 3 Back Pressure The backpressure command disables enables back pressure based flow control mechanisms The default state is disabled When enabled the port uses 802 3 Layer 2 back off algorithms Back pressure based congestion control is possible only on ...

Page 142: ... 2 Back pressure and flow control ML2400 device ML2400 device show flowcontrol XOnLimit 4 XOffLimit 6 ML2400 device flowcontrol xonlimit 10 xofflimit 15 XOn Limit set successfully XOff Limit set successfully ML2400 device show flowcontrol XOnLimit 10 XOffLimit 15 ML2400 device show backpressure Rx Buffer Threshold 28 continued on next page ...

Page 143: ... 9 B1 E H 10Tx UP 10 No E 1 10 B2 E H 10Tx DOWN 10 No E 1 11 JohnDoe E H 10Tx DOWN 10 No E 1 12 JaneDoe E H 10Tx DOWN 10 No E 1 13 B5 E F 100Tx UP 100 No E 1 14 B6 E H 10Tx DOWN 10 No E 1 15 B7 E H 10Tx DOWN 10 No E 1 16 B8 E H 10Tx DOWN 10 No E 1 ML2400 device show port 11 Configuration details of port 11 Port Name JohnDoe Port Link State DOWN Port Type TP Port Port Admin State Enable Port VLAN I...

Page 144: ...be over The storm is determined to be over when a one second period elapses with no broadcast packets received Back pressure and flow control continued ML2400 device show port Keys E Enable D Disable H Half Duplex F Full Duplex M Multiple VLAN s NA Not Applicable LI Listening LE Learning F Forwarding B Blocking Port Name Control Dplx Media Link Speed Part Auto VlanID GVRP STP 9 B1 E H 10Tx UP 10 N...

Page 145: ...n capabilities broadcast protect enable disable The rate threshold command set the rate limit in frames per second rate threshold port port list range rate frames sec The show broadcast protect command displays the broadcast storm protection settings show broadcast protect In Example 9 3 the broadcast protection is turned on The threshold for port 11 is then set to a lower value of 3500 broadcast ...

Page 146: ...protect PORT STATUS THRESHOLD frms sec CURR RATE frms sec ACTIVE 9 Disabled 19531 0 NO 10 Disabled 19531 0 NO 11 Disabled 19531 0 NO 12 Disabled 19531 0 NO 13 Disabled 19531 0 NO 14 Disabled 19531 0 NO 15 Disabled 19531 0 NO 16 Disabled 19531 0 NO ML2400 device broadcast protect enable Broadcast Storm Protection enabled ML2400 device show broadcast protect PORT STATUS THRESHOLD frms sec CURR RATE ...

Page 147: ...port 11 lla disable ML2400 device show port 11 Configuration details of port 11 Port Name JohnDoe Port Link State DOWN Port Type TP Port Port Admin State Enable Port VLAN ID 1 Port Speed 10Mbps Port Duplex Mode half duplex Port Auto negotiation State Enable Port STP State NO STP Port GVRP State No GVRP Port Priority Type None Port Security Enable Port Flow Control Enable Port Back Pressure Enable ...

Page 148: ...alysis of the traffic on that port To enable port mirroring as well as setting up the ports to be sniffed Z Select the Configuration Port Mirroring menu item Z Set the sniffer port and the port on which the traffic is reflected Z Make sure the Mirror Status is also set to enabled for mirroring For security reasons GE Multilin recommends that the port mirroring be disabled using the Edit button and...

Page 149: ...ammed Z Select a specific port by using the edit icon in the Configuration Port Settings menu Z Click the edit icon to open the following window In these windows Port Number represents the port number on the switch Port Name assigns a specific name to the port This name is a designated name for the port and can be a server name user name or any other name Admin Status indicates whether the port ca...

Page 150: ...window The GVRP State displays the GVRP settings on the port This value cannot be edited in this window The LLA indicates the state of the Link Loss Alert feature The Auto default value for the Port Speed senses the speed and negotiates with the port at the other end of the link for data transfer operation half duplex or full duplex The Auto value uses the IEEE 802 3u auto negotiation standard for...

Page 151: ...rs workstations servers and PCs to slow down or even crash The GE MultiLink switch is capable of detecting and limiting storms on each port A network administrator can also set the maximum rate of broadcast packets frames that are permitted from a particular interface If the maximum number is exceeded a storm condition is declared Once it is determined that a storm is occurring on an interface any...

Page 152: ...S SWITCH INSTRUCTION MANUAL PORT MIRRORING AND SETUP CHAPTER 9 PORT MIRRORING AND SETUP Z After changes are made do not forget to save the changes using the save icon If the switch is rebooted before the changes are made the changes will be lost ...

Page 153: ...t frames VLANs provide the capability of having two or more Ethernet segments co exist on common hardware The reason for creating multiple segments in Ethernet is to isolate collision domains VLANs can isolate groups of users or divide up traffic for security bandwidth management etc VLANs are widely used today and are here to stay VLANs need not be in one physical location They can be spread acro...

Page 154: ... to multiple VLANs By default on the MultiLink family of switches VLAN support is enabled and all ports on the switch belong to the default VLAN DEFAULT VLAN This places all ports on the switch into one physical broadcast domain If VLANs are entirely separate segments or traffic domains how can the VLANs route traffic or talk to each other This can be done using routing technologies e g a router o...

Page 155: ... extended across a large network 802 1Q compliant switch ports such as those on the MultiLink family of switches can be configured to transmit tagged or untagged frames A tag field containing VLAN information can be inserted into an Ethernet frame If a port has an 802 1Q compliant device attached such as another switch these tagged frames can carry VLAN membership information between switches thus...

Page 156: ... addition to the default VLAN 3 Assign the desired ports to the VLANs 4 Decide on trunking strategy how will the VLAN information be propagated from one switch to another and also what VLAN information will be propagated across 5 Layer 3 consideration check to see if the routing between the VLANs is working by pinging stations on different VLANs Note You can rename the default VLAN but you cannot ...

Page 157: ... vlan name port number list range Forbid number list range mgt nomgt To enable or disable Management Control on any VLAN edit id vlan Id name vlan name port number list range mgt nomgt 10 2 3 Example Example 10 1 below shows how to add three different VLANs Along with the VLANs Port 14 is assigned to the four VLANs the three new ones added plus the DEFAULT VLAN 1 The following interaction shows ho...

Page 158: ...successfully with Vlan id 10 Vlan name engineering Ports 14 ML2400 port vlan add id 20 name engineering port 14 ERROR Duplicate Vlan name ML2400 port vlan add id 20 name sales port 14 Vlan added successfully with Vlan id 20 Vlan name sales Ports 14 ML2400 port vlan add id 30 name marketing port 14 Vlan added successfully with Vlan id 30 Vlan name marketing Ports 14 continued on next page Each VLAN...

Page 159: ...tatus Pending PORT STATUS 14 DOWN VLAN ID 20 Name sales Status Pending PORT STATUS 14 DOWN VLAN ID 30 Name marketing Status Pending PORT STATUS 14 DOWN ML2400 port vlan start vlan all All pending VLAN s started ML2400 port vlan show vlan type port VLAN ID 1 Name Default VLAN Status Active PORT STATUS 9 UP 10 DOWN 11 DOWN 12 DOWN 13 UP 14 DOWN 15 DOWN 16 DOWN continued on next page The added VLANs ...

Page 160: ...APTER 10 VLAN Adding three VLANs continued VLAN ID 10 Name engineering Status Active PORT STATUS 14 DOWN VLAN ID 20 Name sales Status Active PORT STATUS 14 DOWN VLAN ID 30 Name markteting Status Active PORT STATUS 14 DOWN ML2400 port vlan exit ML2400 The pending VLAN is now active ...

Page 161: ...from configuring VLANs Include consideration for the interaction between VLANs 2 Configure at least one VLAN in addition to the default VLAN 3 Assign the desired ports to the VLANs 4 Decide on trunking strategy how will the VLAN information be propagated from one switch to another and also what VLAN information will be propagated across 5 Layer 3 consideration check to see if the routing between t...

Page 162: ...AL VLAN CHAPTER 10 VLAN The currently assigned Port VLANs are displayed as follows Z Select the Configuration VLAN Port Based menu item As discussed above ports 9 10 11 12 13 15 16 still belong to default VLAN We will now add another VLAN with VID 40 and VLAN name Support ...

Page 163: ...0 11 Z Add the ports Z Define the VLAN Z Click OK After adding the VLAN the VLAN is not active Activating the VLAN has to be done manually Z To activate the VLAN click on the Status button A specific VLAN can be activated or all VLANs can be activated or disabled Z Click OK to activate VLAN ...

Page 164: ...he new VLAN Their membership in the default VLAN has been eliminated Note the VLAN membership of the ports assigned to VLAN 40 now indicates that they are only members of VLAN 40 The default VLAN membership has been terminated on VLAN activation The ports can be added to VLAN 1 by using the edit button on VLAN 1 and assigning the ports to VLAN 1 ...

Page 165: ...ange default id number The filter parameter enables or disables the VLAN filtering function When enabled the switch will drop the packets coming in through a port if the port is not a member of the VLAN For example if port 1 is a member of VLANs 10 20 and 30 if a packet with VLAN id 40 arrives at port 1 it will be dropped set port port number list range filter status enable disable The tagging id ...

Page 166: ...s are plugged into ports 14 16 as a result the status of the ports show the port status as DOWN 1 A word of caution when Tag VLAN filtering is enabled there can be serious connectivity repercussions the only way to recover from that it is to reload the switch without saving the configuration or by modifying the configuration from the console serial port 2 There can be either Tag VLAN or Port VLAN ...

Page 167: ...tus Active PORT STATUS 14 DOWN VLAN ID 20 Name sales Status Active PORT STATUS 14 DOWN VLAN ID 30 Name markteting Status Active PORT STATUS 14 DOWN ML2400 port vlan stop vlan all All active VLAN s stopped ML2400 port vlan exit ML2400 set vlan type tag VLAN set to Tag based ML2400 show active vlan Tag VLAN is currently active continued on next page To switch to Tag VLAN the port VLAN has to be disa...

Page 168: ...ML2400 tag vlan edit id 10 name engineering port 14 16 Tag based vlan Added Successfully VLAN ID 10 VLAN Name engineering Ports 14 16 ML2400 tag vlan add id 20 name sales port 14 16 Tag based vlan Added Successfully VLAN ID 20 VLAN Name sales Ports 14 16 ML2400 tag vlan add id 20 name marketing port 14 16 ERROR Duplicate Vlan Id ML2400 tag vlan add id 30 name marketing port 14 16 Tag based vlan Ad...

Page 169: ... 15 UNTAGGED DOWN 16 UNTAGGED DOWN VLAN ID 10 Name engineering Status Pending PORT MODE STATUS 14 UNTAGGED DOWN 15 UNTAGGED DOWN 16 UNTAGGED DOWN VLAN ID 20 Name sales Status Pending PORT MODE STATUS 14 UNTAGGED DOWN 15 UNTAGGED DOWN 16 UNTAGGED DOWN VLAN ID 30 Name marketing Status Pending PORT MODE STATUS 14 UNTAGGED DOWN 15 UNTAGGED DOWN 16 UNTAGGED DOWN ML2400 tag vlan start vlan all All pendi...

Page 170: ...setting ingress might stop the session Do you want to continue Y or N Y Ingress Filter Enabled ML2400 tag vlan show vlan type tag VLAN ID 1 Name Default VLAN Status Active PORT MODE STATUS 9 UNTAGGED UP 10 UNTAGGED DOWN 11 UNTAGGED DOWN 12 UNTAGGED DOWN 13 UNTAGGED UP VLAN ID 10 Name engineering Status Active PORT MODE STATUS 14 UNTAGGED DOWN 15 UNTAGGED DOWN 16 UNTAGGED DOWN VLAN ID 20 Name sales...

Page 171: ...rt 14 16 tagging id 30 status tagged Port tagging enabled ML2400 tag vlan show vlan type tag VLAN ID 1 Name Default VLAN Status Active PORT MODE STATUS 9 UNTAGGED UP 10 UNTAGGED DOWN 11 UNTAGGED DOWN 12 UNTAGGED DOWN 13 UNTAGGED UP VLAN ID 10 Name engineering Status Active PORT MODE STATUS 14 TAGGED DOWN 15 TAGGED DOWN 16 TAGGED DOWN VLAN ID 20 Name sales Status Active PORT MODE STATUS 14 TAGGED D...

Page 172: ... connectivity repercussions when Tag VLAN filtering is enabled The only way to recover from this it is to reload the switch without saving the configuration or by modifying the configuration from the console serial port The ML2400 can be configured for either Tag VLAN or Port VLAN Both VLANs cannot co exit at the same time There can only be one default VLAN for the switch The default is set to VLA...

Page 173: ...er VLAN 1 All ports default VLAN VLAN 10 Engineering VLAN ports 11 12 13 VLAN 20 Support VLAN ports 13 14 15 note that port 13 belongs to VLAN 10 20 VLAN 30 Marketing VLAN ports 15 16 note that port 15 belongs to VLAN 20 30 Z After adding the ports and defining the VLAN click OK Z Click on Port Settings in the Configuration VLAN Tag Based menu and enable the tagging for each port ...

Page 174: ...Repeat the last two steps for each of the ports and each of the VLANs click on port settings and enable the tag on the port After all the ports are tagged the tagged column should change to Yes for all VLANs To check the status of the tagging Z Select the Configuration VLAN Tag Based Tagging menu ...

Page 175: ...s menu Z Click OK Tagged VLANs can be viewed from the Configuration VLAN Tag Based Tagging menu To add or delete specific ports from a VLAN Z Click on Join Leave button from the Configuration VLAN Tag Based Settings menu and specify the action In the example below we will take port 11 and assign it to leave VLAN 10 After the action is completed note that port 11 will belong to VLAN 1 only ...

Page 176: ...ITCH INSTRUCTION MANUAL VLAN CHAPTER 10 VLAN To enable the filter capability for each port use the Configuration VLAN Tag Based Settings menu as shown below Use the Configuration VLAN Tag Based Filter menu to view the filter information for the ports ...

Page 177: ...tegrity is maintained With GVRP this process can be automated It is critical that all switches share a common VLAN This VLAN typically is the default VLAN VID 1 on most switches and other devices GVRP uses GVRP Bridge Protocol Data Units GVRP BPDUs to advertise static VLANs We refer to GVRP BPDU is as an advertisement GVRP enables the MultiLink family of switches to dynamically create 802 1q compl...

Page 178: ...ent for that VLAN is received on that specific port FIGURE 11 1 GVRP operation Switch 1 with static VLANs VID 1 2 and 3 Port 2 is a member of VIDs 1 2 and 3 1 Port 2 advertises VIDs 1 2 and 3 2 On Switch 2 Port 1 receives advertisement of VIDs 1 2 and 3 AND becomes a member of VIDs 1 2 and 3 3 As discussed above a GVRP enabled port can forward advertisement for a VLAN it learnt about So port 3 adv...

Page 179: ...5 would become a member when advertisements for VLAN 22 were received from switch A GVRP provides a per port join request option which can be configured VLANs must be disabled in GVRP unaware devices to allow tagged packets to pass through A GVRP aware port receiving advertisements has these options If there is no static VLAN with the advertised VID on the receiving port then dynamically create a ...

Page 180: ... a static VLAN with the static command static vlan VID Note The show vlan type tag command will display VID in case the VID is not known Example 11 1 illustrates how to convert a dynamic VLAN into a static VLAN As the following table indicates a port that has a tagged or untagged static VLAN has the option for both generating advertisements and dynamically joining other VLANs Table 11 1 Port setti...

Page 181: ...port static VLAN options Tagged or untagged Auto Forbid Learn Generate advertisements Forward advertisements for other VLANs Receive advertisements and dynamically join any advertised VLAN Receive advertisements and dynamically join any advertised VLAN that has the same VID as the static VLAN Do not allow the port to become a member of this VLAN Block Generate advertisements Forward advertisements...

Page 182: ...L VLAN REGISTRATION OVER GARP CHAPTER 11 VLAN REGISTRATION OVER GARP The time to live for dynamic VLANs is 10 seconds That is if a port has not received an advertisement for an existing dynamic VLAN during the last 10 seconds the port removes itself from that dynamic VLAN ...

Page 183: ...LAN must be converted to a static VLAN before it can have an IP address After converting a dynamic VLAN to a static VLAN use the save command to save the changes made on a reboot the changes can be lost without the save command Within the same broadcast domain a dynamic VLAN can pass through a device that is not GVRP aware This is because a hub or a switch that is not GVRP aware will flood the GVR...

Page 184: ...VRP is now disabled ML2400 gvrp gvrp enable GVRP enabled ML2400 gvrp show vlan VLAN ID NAME VLAN STATUS 1 Default VLAN Static Active 2 Blue Static Active 10 dyn10 Dynamic Active ML2400 gvrp static vlan 10 ML2400 gvrp show vlan VLAN ID NAME VLAN STATUS 1 Default VLAN Static Active 2 Blue Static Active 10 dyn10 Static Active ML2400 gvrp set forbid vlan 2 forbid 11 15 ML2400 gvrp show forbid VLAN ID ...

Page 185: ...the VLAN context Since dynamic VLANs operate as tagged VLANs and it is possible that a tagged port on one device may not communicate with an untagged port on another device GE Multilin recommends that you use tagged VLANs for the static VLANs A dynamic VLAN continues to exist on a port for as long as the port continues to receive advertisements of that VLAN from another device connected to that po...

Page 186: ...11 10 MULTILINK ML2400 ETHERNET COMMUNICATIONS SWITCH INSTRUCTION MANUAL VLAN REGISTRATION OVER GARP CHAPTER 11 VLAN REGISTRATION OVER GARP ...

Page 187: ... one path at a time is active between any two nodes on the network In networks where more than one physical path exists between two nodes STP ensures only a single path is active by blocking all redundant paths Enabling STP is necessary to avoid loops and duplicate messages This duplication leads to a broadcast storm or other erratic behavior that can bring down the network As recommended in the I...

Page 188: ...rve as the new active path for as long as the original active path is down The table below lists the default values of the STP variables Refer to the following section for detailed explanation on the variables By default STP is disabled To use STP it has to be manually enabled Table 12 1 STP default values Variable or attribute Default value STP capabilities Disabled Reconfiguring general operatio...

Page 189: ...h waits from listening to learning states and from learning to forwarding states The value ranges from 4 to 30 seconds with a default of 15 Bridge Hello Time When the switch is the root device this is the time between messages being transmitted The value is from 1 to 10 seconds with a default of 2 Bridge Max Age This is the maximum time a message with STP information is allowed by the switch befor...

Page 190: ...400 show stp config STP CONFIGURATION Spanning Tree Enabled Global NO Spanning Tree Enabled Ports YES 9 10 11 12 13 14 15 16 Protocol Normal STP Bridge ID 80 00 00 20 06 25 ed 80 Bridge Priority 32768 Bridge Forward Delay 15 Bridge Hello Time 2 Bridge Max Age 20 Root Port 0 Root Path Cost 0 Designated Root 80 00 00 20 06 25 ed 80 Designated Root Priority 32768 Root Bridge Forward Delay 15 Root Bri...

Page 191: ...n mode via the stp command and use the stp enable or stp disable command To stp command enters STP configuration mode stp The enable and disable parameters start enable or stop disable STP stp enable disable The stp and rstp parameters set the spanning tree protocol to be IEEE 802 1d or 802 1w Rapid Spanning Tree Protocol set stp type stp rstp The show active stp command display which version of S...

Page 192: ... stp config STP CONFIGURATION Spanning Tree Enabled Global YES Spanning Tree Enabled Ports YES 9 10 11 12 13 14 15 16 Protocol Normal STP Bridge ID 80 00 00 20 06 25 ed 80 Bridge Priority 32768 Bridge Forward Delay 15 Bridge Hello Time 2 Bridge Max Age 20 Root Port 0 Root Path Cost 0 Designated Root 80 00 00 20 06 25 ed 80 Designated Root Priority 32768 Root Bridge Forward Delay 15 Root Bridge Hel...

Page 193: ...n STP discovery Its best to only allow trunk ports to participate in STP End stations need not participate in STP process port port number list range status enable disable The timers command changes the STP forward delay hello timer and aging timer values The forward delay parameter indicates the time duration the switch will wait from listening to learning states and from learning to forwarding s...

Page 194: ...Delay 15 Root Bridge Hello Time 2 Root Bridge Max Age 20 RSTP CONFIGURATION Rapid STP STP Enabled Global NO ML2400 stp show stp ports STP Port Configuration Port Type Priority Path Cost State Des Bridge Des Port 09 TP 10 100 128 100 Disabled 80 00 00 20 06 25 ed 80 80 09 10 TP 10 100 128 100 Disabled 80 00 00 20 06 25 ed 80 80 0a 11 TP 10 100 128 100 Disabled 80 00 00 20 06 25 ed 80 80 0b 12 TP 10...

Page 195: ...abled 80 00 00 20 06 25 ed 80 80 0a 11 TP 10 100 128 100 Disabled 80 00 00 20 06 25 ed 80 80 0b 12 TP 10 100 128 100 Disabled 80 00 00 20 06 25 ed 80 80 0c 13 TP 10 100 128 19 Forwarding 80 00 00 20 06 25 ed 80 80 0d 14 TP 10 100 128 100 Disabled 80 00 00 20 06 25 ed 80 80 0e 15 TP 10 100 128 100 Disabled 80 00 00 20 06 25 ed 80 80 0f 16 TP 10 100 128 100 Disabled 80 00 00 20 06 25 ed 80 80 10 ML2...

Page 196: ...ost State Des Bridge Des Port 09 TP 10 100 128 100 Forwarding 80 00 00 20 06 25 ed 80 80 09 10 TP 10 100 128 100 Disabled 80 00 00 20 06 25 ed 80 80 0a 11 TP 10 100 128 100 Disabled 80 00 00 20 06 25 ed 80 80 0b 12 TP 10 100 128 100 Disabled 80 00 00 20 06 25 ed 80 80 0c 13 TP 10 100 20 20 Forwarding 80 00 00 20 06 25 ed 80 80 0d 14 TP 10 100 128 100 Disabled 80 00 00 20 06 25 ed 80 80 0e 15 TP 10...

Page 197: ...P 10 100 128 100 Disabled 80 00 00 20 06 25 ed 80 80 0f 16 TP 10 100 128 100 Disabled 80 00 00 20 06 25 ed 80 80 10 ML2400 stp show stp config STP CONFIGURATION Spanning Tree Enabled Global YES Spanning Tree Enabled Ports YES 9 10 11 12 13 14 15 16 Protocol Normal STP Bridge ID 80 00 00 20 06 25 ed 80 Bridge Priority 15535 Bridge Forward Delay 15 Bridge Hello Time 2 Bridge Max Age 20 Root Port 0 R...

Page 198: ... Global YES Spanning Tree Enabled Ports YES 9 10 11 12 13 14 15 16 Protocol Normal STP Bridge ID 80 00 00 20 06 25 ed 80 Bridge Priority 15535 Bridge Forward Delay 20 Bridge Hello Time 5 Bridge Max Age 30 Root Port 0 Root Path Cost 0 Designated Root 80 00 00 20 06 25 ed 80 Designated Root Priority 15535 Root Bridge Forward Delay 20 Root Bridge Hello Time 5 Root Bridge Max Age 30 RSTP CONFIGURATION...

Page 199: ...age until all bridges in the network are sure to be aware of the new topology Using STP IEEE 802 1d recommended values this period lasts 30 seconds The Rapid Spanning Tree Protocol IEEE 802 1w is a further evolution of the 802 1d Spanning Tree Protocol It replaces the settling period with an active handshake between switches bridges that guarantees topology information to be rapidly propagated thr...

Page 200: ...place the port in the forwarding state While in this state the port both learns addresses and participates in frame transfer while in this state The result of these enhanced states is that the IEEE 802 1d version of spanning tree STP can take a fairly long time to resolve all the possible paths and to select the most efficient path through the network The IEEE 802 1w Rapid reconfiguration of Spann...

Page 201: ...t of sequence frames RSTP may have to be explicitly set to be compatible with STP This requires setting the Force Protocol Version parameter to be STP compatible This parameter should be set to all ports on a given switch 2 As indicated above one of the benefits of RSTP is the implementation of a larger range of port path costs that accommodates higher network speeds New default values have been i...

Page 202: ...port port number list range status enable disable migration enable edge enable disable p2p on off auto The p2p parameter sets the point to point value to off on all ports connected to shared LAN segments i e connections to hubs The default value is auto P2P ports would typically be end stations or computers on the network The edge parameter enables disables all ports connected to other hubs bridge...

Page 203: ...ch discards the information and updates the address table again Values range from 6 to 40 seconds with a default value of 20 Root Port Indicates the port number which is elected as the root port of the switch A root port of 0 indicates STP is disabled Root Path Cost A path cost is assigned to individual ports for the switch to determine which ports are the forwarding points A higher cost means mor...

Page 204: ...ridge Priority 0 Bridge Forward Delay 15 Bridge Hello Time 2 Bridge Max Age 20 Root Port 0 Root Path Cost 0 Designated Root 80 00 00 20 06 25 ed 89 Designated Root Priority 0 Root Bridge Forward Delay 15 Root Bridge Hello Time 2 Root Bridge Max Age 20 Topology Change Count 0 Time Since Topology Chg 12 ML2400 rstp show stp config RSTP CONFIGURATION Rapid STP STP Enabled Global YES RSTP STP Enabled ...

Page 205: ...ening Learning Forwarding Blocking and Disabled Des Bridge This is the port s designated root bridge Des Port This is the port s designated root port Another example of the same command from a larger network with several switches is shown in Example 13 3 Note the show stp ports command can be executed from the manager level prompt or from RSTP configuration state as shown in the screen captures ea...

Page 206: ...ue is 0 to 255 priority port number list range value 0 255 0 65535 A path cost is assigned to individual ports for the switch to determine which ports are the forwarding points A higher cost means the link is more expensive to use and falls in the passive mode compared to the link with a lower cost The value of the cost command ranges from 0 to 65535 with a default of 32768 cost port number list r...

Page 207: ...ard delay 4 30 hello 1 10 age 6 40 The forward delay parameter indicates the time duration the switch will wait from listening to learning states and from learning to forwarding states The value ranges from 4 to 30 seconds with a default of 15 The hello parameter represents the time between messages being transmitted when the switch is the root device The value is 1 to 10 seconds with a default of...

Page 208: ... 02 Bridge Max Age 20 Root Port 0 Root Path Cost 0 Designated Root 80 00 00 20 06 25 ed 89 Designated Root Priority 0 Root Bridge Forward Delay 15 Root Bridge Hello Time 02 Root Bridge Max Age 20 Topology Change Count 0 Time Since Topology Chg 33 ML2400 rstp show stp ports RSTP Port Configuration Port Type Priority Path Cost State Des Bridge Des Port 09 TP 10 100 128 2000000 Forwarding 80 00 00 20...

Page 209: ... Chg 100 ML2400 rstp forceversion rstp ML2400 rstp show forceversion Force Version Normal RSTP ML2400 rstp show stp config RSTP CONFIGURATION Rapid STP STP Enabled Global YES RSTP STP Enabled Ports 9 10 11 12 13 14 15 16 Protocol Normal RSTP Bridge ID 80 00 00 20 06 25 ed 89 Bridge Priority 0 Bridge Forward Delay 15 Bridge Hello Time 02 Bridge Max Age 20 Root Port 0 Root Path Cost 0 Designated Roo...

Page 210: ...te Des Bridge Des Port 09 TP 10 100 128 2000000 Forwarding 80 00 00 20 06 25 ed 89 00 09 10 TP 10 100 128 2000000 Disabled 00 0a 11 TP 10 100 128 2000000 Disabled 00 0b 12 TP 10 100 128 2000000 Disabled 00 0c 13 TP 10 100 100 200000 Forwarding 80 00 00 20 06 25 ed 89 00 0d 14 TP 10 100 128 2000000 Disabled 00 0e 15 TP 10 100 128 2000000 Disabled 00 0f 16 TP 10 100 128 2000000 Disabled 00 10 ML2400...

Page 211: ...0 100 128 2000000 Forwarding 80 00 00 20 06 25 ed 89 00 09 10 TP 10 100 128 2000000 Disabled 00 0a 11 TP 10 100 128 2000000 Disabled 00 0b 12 TP 10 100 128 2000000 Disabled 00 0c 13 TP 10 100 100 250000 Forwarding 80 00 00 20 06 25 ed 89 00 0d 14 TP 10 100 128 2000000 Disabled 00 0e 15 TP 10 100 128 2000000 Disabled 00 0f 16 TP 10 100 128 2000000 Disabled 00 10 ML2400 rstp timers forward delay 20 ...

Page 212: ...shown below 5 All switches in the ring must use the same firmware revision The ring structure can demonstrate fast recovery times typically faster than what RSTP can recover from a single fault In many situations RSTP will recover in seconds whereas smart RSTP ring only mode will recover in milliseconds To configure Ring Only mode ensure the first three of the four situations described above are m...

Page 213: ...et the RSTP status ML2400 rstp romode show RO MODE status Disabled RO MODE set on ports NONE ML2400 rstp romode add port 1 2 Added Ports 1 2 ML2400 rstp romode enable RSTP Ring Only Mode Enabled ML2400 rstp romode show RO MODE status Enabled RO MODE set on ports 1 2 ML2400 rstp romode disable RSTP Ring Only Mode Disabled ML2400 rstp romode show RO MODE status Disabled RO MODE set on ports 1 2 ML24...

Page 214: ...lly when STP is not enabled the switch designates itself as the root switch Root Path Cost A path cost is assigned to individual ports for the switch to determine which ports are the forwarding points A higher cost means more loops a lower cost fewer loops More loops equal more traffic and a tree which takes a long time to converge resulting in a slower system Root Port Indicates the port number w...

Page 215: ...ss table again The value ranges from 6 to 40 seconds with a default 20 Hold Time This is the minimum time period to elapse between the transmissions of configuration BPDUs through a given LAN Port At most one configuration BPDU shall be transmitted in any hold time period This parameter is a fixed parameter with values as specified in RSTP standard 3 seconds Topology Change A counter indicating th...

Page 216: ...3 RAPID SPANNING TREE PROTOCOL Once again if you are not familiar with the STP or RSTP parameter settings is best to use the default values Z Simply enable RSTP or STP and let the system default values prevail After RSTP is enabled the fields are updated Z Note the Status Time since TC and Designated Root values ...

Page 217: ...rned off Values can be Listening Learning Forwarding Blocking and Disabled Path Cost This is the assigned port cost value used for the switch to determine the forwarding points Values range from 1 to 2000000 The lower the value the lower the cost and hence the preferred route The costs for different Ethernet speeds are shown below The STP path cost is compared to the RSTP path cost Priority STP us...

Page 218: ...port RSTP services Status is normally enabled in certain cases the Status can be set to disabled to turn off RSTP or STP on that port 13 3 2 Smart RSTP Ring Only Mode with EnerVista Secure Web Management Software A ring is a special case mesh structure In many networks network managers prefer to create a ring structure for topological redundancy and simplicity In a ring structure 1 All switches in...

Page 219: ... SWITCH INSTRUCTION MANUAL 13 21 To configure ring only mode ensure the first three of the four situations described above are met To enable ring only mode first Z Enable RSTP by setting the STP Type to RSTP in the Administration Set STP Type menu Z Select the Configuration RSTP Bridge RSTP menu as shown below ...

Page 220: ...EE PROTOCOL Z Click the Edit button to configure RSTP Z Once in Edit mode change the Status to Enable Z Save Configuration To reset RSTP back to normal mode select Normal RSTP for the Protocol setting Save the configuration by clicking on the icon Z Select the Configuration RSTP RO Mode menu as shown below ENABLE STATUS THEN SAVE ...

Page 221: ...S SWITCH INSTRUCTION MANUAL 13 23 Z Click the Edit button to configure RO Mode Z Select the desired ports as shown below then click OK to exit Note Only 2 ports can be selected to Ring Only Mode Z Select the Enabled option for the Status setting as shown below Z Save the configuration by clicking on the icon ...

Page 222: ...13 24 MULTILINK ML2400 ETHERNET COMMUNICATIONS SWITCH INSTRUCTION MANUAL RAPID SPANNING TREE PROTOCOL CHAPTER 13 RAPID SPANNING TREE PROTOCOL ...

Page 223: ...nments where there are time critical applications such as voice transmission or video conferencing which can be adversely effected by packet transfer delays or other latency in a network Most switches today implement buffers to queue incoming packets as well as outgoing packets In a queue mechanism normally the packet which comes in first leaves first FIFO and all the packets are serviced accordin...

Page 224: ...sed in the LAN MAN and WAN DiffServ works by tagging each packet at the originating device or an intermediate switch for the requested level of service it requires across the network FIGURE 14 1 ToS and DSCP DiffServ inserts a 6 bit DiffServ code point DSCP in the Type of Service ToS field of the IP header as shown in the picture above Information in the DSCP allows nodes to determine the Per Hop ...

Page 225: ... particular tag setting on a packet allows each queue to have different service levels MultiLink QoS implementations provide mapping of ToS or IP precedence to Class of Service CoS A CoS setting in an Ethernet Frame is mapped to the ToS byte of the IP packet and vice versa A ToS level of 1 equals a CoS level of 1 This provides end to end priority for the traffic flow when MultiLink switches are de...

Page 226: ...ulated from the IP precedence setting for a packet This weight is used in an algorithm to determine when the packet will be serviced The show portweight command displays the weight settings on a port show portweight As mentioned previously the switch is capable of detecting higher priority packets marked with precedence by the IP forwarder and can schedule them faster providing superior response t...

Page 227: ...e transmitted as tagged from the priority queue set untag port port list range priority high low tag 0 7 Table 14 1 Port weight settings Value Hardware traffic queue behavior 0 No priority traffic is sent alternately from each queue and packets are queued alternately in each queue 1 Two packets are sent from the HIGH priority queue and one packet from LOW priority queue 2 Four packets are sent fro...

Page 228: ...DOWN 10 No E 1 13 B5 E F 100Tx UP 100 No E 1 14 B6 E H 10Tx DOWN 10 No E 1 15 B7 E H 10Tx DOWN 10 No E 1 16 B8 E H 10Tx DOWN 10 No E 1 ML2400 qos ML2400 qos setqos type port port 10 priority high ML2400 qos Successfully set QOS ML2400 qos show qos PORT QOS STATUS 9 None UP 10 Port DOWN 11 None DOWN 12 None DOWN 13 None UP 14 None DOWN 15 None DOWN 16 None DOWN ML2400 qos show qos type port PORT PR...

Page 229: ... UP 10 DOWN 11 6 DOWN 12 DOWN 13 UP 14 DOWN 15 DOWN 16 DOWN ML2400 qos setqos port 12 priority high type tag tag 5 Successfully set QOS ML2400 qos show qos type tag PORT QOS STATUS 9 UP 10 DOWN 11 6 DOWN 12 5 DOWN 13 UP 14 DOWN 15 DOWN 16 DOWN ML2400 qos show portweight Port priority Weight set to 1 High 1 Low ML2400 qos set weight weight 4 ML2400 qos show portweight Port priority Weight set to 8 ...

Page 230: ...S SWITCH INSTRUCTION MANUAL QUALITY OF SERVICE CHAPTER 14 QUALITY OF SERVICE Configuring QoS continued ML2400 qos show qos PORT QOS STATUS 9 None UP 10 Port DOWN 11 Tag DOWN 12 Tag DOWN 13 None UP 14 None DOWN 15 None DOWN 16 None DOWN ML2400 qos ...

Page 231: ...S with EnerVista Secure Web Management Software 14 3 1 Description To access QoS settings Z Select the Configuration QoS menu items Z Select the Port and the type of QoS ToS settings The following window illustrates the setting of port 14 for port based QoS with a high priority Note the sections on Tag and TOS are ignored for Port settings ...

Page 232: ... SERVICE CHAPTER 14 QUALITY OF SERVICE After the port QoS settings are completed the changes are reflected on the QoS menu screen The port 14 QoS settings indicate high priority set Next a tag based QoS is enabled on port 17 Note that only the menu area for the tag setting is relevant ...

Page 233: ...NK ML2400 ETHERNET COMMUNICATIONS SWITCH INSTRUCTION MANUAL 14 11 After the Tag QoS settings are completed the changes are reflected on the QoS menu screen In the following window a ToS is enabled on Port 19 As before only the ToS level settings are relevant ...

Page 234: ...N MANUAL QUALITY OF SERVICE CHAPTER 14 QUALITY OF SERVICE Note that the different settings are clear from the window below Port 14 has port based QoS port 15 has tag based QoS and port 16 is using ToS Z After all changes are made save the changes using the save icon ...

Page 235: ...lticasting is defined as the transmission of an IP datagram to a host group a set of zero or more hosts identified by a single IP destination address A multicast datagram is delivered to all members of its destination host group with the same best efforts reliability as regular unicast IP datagrams i e the datagram is not guaranteed to arrive at all members of the destination group or in the same ...

Page 236: ...e multicast group address The multicast group running version 2 of IGMP uses three fundamental types of messages to communicate Query A message sent from the querier multicast router or switch asking for a response from each host belonging to the multicast group If a multicast router supporting IGMP is not present then the switch must assume this function in order to elicit group membership inform...

Page 237: ...n members Thus sends large amounts of unwanted multicast traffic to PCs 2 and 3 Switch 2 is recognizing IGMP traffic and learns that PC 4 is in the IP multicast group receiving multicast data from the video server PC X Switch 2 then sends the multicast data only to PC 4 thus avoiding unwanted multicast traffic on the ports for PCs 5 and 6 The next figure below shows a network running IP multicasti...

Page 238: ...ng IP multicast traffic on all ports of switches 1 and 2 IGMP must be configured on both switches 1 and 2 and the port on switch 3 that connects to switch 1 must be unblocked 15 1 3 IP Multicast Filters IP multicast addresses occur in the range from 224 0 0 0 through 239 255 255 255 which corresponds to the Ethernet multicast address range of 01005e 000000 through 01005e 7fffff in hexadecimal Devi...

Page 239: ... to solicit group membership information Hosts on the network that are members of a multicast group send report messages When a host leaves a group it sends a leave group message The difference between Version 1 and Version 2 is that version 1 does not have a Leave mechanism for the host The MultiLink family of switches do pruning when there is a leave message or a time expires on a port we prune ...

Page 240: ...Querier Interval 125 Querier Response Interval 10 Multicasting Unknown Streams Enable ML2400 igmp The output of the show igmp command provides the following useful information IGMP State shows if IGMP is turned on Enable or off Disable Immediate Leave provides a mechanism for a particular host that wants to leave a multicast group It disables the port where the leave message is received ability to...

Page 241: ...ristics use the set port command in the IGMP configuration mode set port port port list range mode auto forward block The show port command displays the port characteristics for IGMP show port The show router command displays detected IGMP enabled router ports show router The set leave command enables or disables the switch to immediately process a host sending a leave message rather that wait for...

Page 242: ...ample shows how to configure IGMP Example 15 1 Configuring IGMP ML2400 igmp set port port 10 12 mode forward Port mode is set ML2400 igmp show port Port Mode 09 Auto 10 Forwarding 11 Forwarding 12 Forwarding 13 Auto 14 Auto 15 Auto 16 Auto ML2400 igmp show router RouterIp PortNo Timer 10 21 1 250 9 25 continued on next page ...

Page 243: ...d ML2400 igmp set querier enable IGMP querier status is enabled ML2400 igmp show igmp IGMP State Enabled ImmediateLeave Disabled Querier Enabled Querier Interval 125 Querier Response Interval 10 Multicasting Unknown Streams Enabled ML2400 igmp set querier disable IGMP querier status is disabled ML2400 igmp show igmp IGMP State Enabled ImmediateLeave Disabled Querier Disabled Querier Interval 125 Q...

Page 244: ...ticasting Unknown Streams Enabled ML2400 igmp mcast disable MCAST is disabled ML2400 igmp show igmp IGMP State Enabled ImmediateLeave Disabled Querier Disabled Querier Interval 127 Querier Response Interval 11 Multicasting Unknown Streams Disabled ML2400 igmp mcast enable MCAST is enabled ML2400 igmp show igmp IGMP State Enabled ImmediateLeave Disabled Querier Disabled Querier Interval 127 Querier...

Page 245: ...d provides information on IGMP groups and routers The menu allows the IGMP parameters described earlier to be set It also provides the necessary information of IGMP groups and routers Z Click on the Edit button to edit the IGMP parameters This screen also enables and disables IGMP Changes are reflected on the Configuration IGMP Information screen The groups and routers screen displays the IGMP Gro...

Page 246: ...15 12 MULTILINK ML2400 ETHERNET COMMUNICATIONS SWITCH INSTRUCTION MANUAL IGMP CHAPTER 15 IGMP ...

Page 247: ...olved over the years since 1988 using the RFC process Several RFCs define the SNMP standards The most common standards for SNMP are SNMP v1 the original version of SNMP SNMP v2 and finally SNMP v3 SNMP is a poll based mechanism SNMP manager polls the managed device for information and display the information retrieved in text or graphical manner Some definitions related to SNMP are Authentication ...

Page 248: ... prevented from being disclosed on a network Encryption is performed with an algorithm called CBC DES DES 56 Read view A view name not to exceed 64 characters for each group that defines the list of object identifiers OIDs that are accessible for reading by users belonging to the group Security level A type of security algorithm performed on each SNMP packet The three levels are noauth auth and pr...

Page 249: ...information SNMP view A mapping between SNMP objects and the access rights available for those objects An object can have different access rights in each view Access rights indicate whether the object is accessible by either a community string or a user Write view A view name not to exceed 64 characters for each group that defines the list of object identifiers OIDs that are able to be created or ...

Page 250: ...ing The quickcfg command automatically configures a default VACM view based access control model This allows any manager station to access the ML2400 either via SNMP v1 v2c or v3 The community name is public This command is only intended for first time users and values can be changed by administrators who want more strict access quickcfg The engineid command allows the user to change the engine ID...

Page 251: ...ific group entries The id argument is optional and is the number corresponding to the group entry number in the table show group id id The view command defines a manager or group or manager stations what it can access inside the MIB object tree Up to 10 entries can be specified This part of the View based Access Control Model VACM as defined in RFC 2275 view add delete id id viewname name type inc...

Page 252: ...m Name ML2400 System Location Markham ON System Contact multilin tech ge com Authentication Trap Disabled Default Trap Comm public V3 Engine ID Multi_Switch_Engine ML2400 snmpv3 ML2400 snmpv3 setvar sysname ml2400 syscontact admin syslocati ML2400 snmpv3 quickcfg This will enable default VACM Do you wish to proceed Y or N Y Quick configuration done default VACM enabled ML2400 snmpv3 engineid strin...

Page 253: ...Type ML2400 snmpv3 com2sec add id 1 secname public source default c Entry is added successfully ML2400 snmpv3 com2sec add id 2 ERROR secname parameter is required for add directive ML2400 snmpv3 com2sec add id 2 secname BCM Entry is added successfully ML2400 snmpv3 show com2sec ID Sec Name Source Community 1 public default public 2 BCM default public 3 4 5 6 7 8 9 10 ML2400 snmpv3 show com2sec id ...

Page 254: ...d 1 Group ID 1 Group Name v1 Model v1 Com2Sec ID 1 ML2400 snmpv3 view add id 1 viewname all type included subtree 1 Entry is added successfully ML2400 snmpv3 show view ID View Name Type Subtree Mask 1 all included 1 ff 2 3 4 5 6 7 8 9 10 ML2400 snmpv3 show view id 1 View ID 1 View Name all Type included Subtree 1 Mask ff ML2400 snmpv3 access add id 1 accessname v1 model v1 level noauth read 1 wri ...

Page 255: ...l noauth Read View ID 1 Write View ID none Notify View ID none Context Prefix exact ML2400 snmpv3 user add id 1 username jsmith usertype readwrite authpass something Entry is added successfully ML2400 snmpv3 show user ID User Name UType AuthPass PrivPass AType Level Subtree 1 jsmith RW something MD5 auth 2 3 4 5 ML2400 snmpv3 show user id 2 ERROR Entry is not active ML2400 snmpv3 show user id 1 Us...

Page 256: ...ecure Web Management Software For SNMP v2 and v3 parameters please refer to Configuring SNMP through the Command Line Interface on page 16 4 SNMP variables are used in conjunction with Alert definitions Alert Definitions are covered in the next chapter To configure SNMP Z Select the Configuration SNMP menu item Z Use the Edit button to change the SNMP community parameters Z Use the Add buttons to ...

Page 257: ...managers can be added as shown below Z When adding SNMP manager stations click on the Add button on the SNMP menu screen Z Make sure that each station can be pinged from the switch by using the Configuration Ping menu Z When done adding stations click OK Z When adding SNMP trap receivers click on the Add button on the SNMP menu screen Z Make sure that each station can be pinged from the switch by ...

Page 258: ...e adding trap receivers click OK Note the different types of trap receivers added Stations can be deleted using the delete icon To change the stations characteristics or IP addresses it is recommended to delete the station and add a new one Z After all changes are made save the changes using the save icon ...

Page 259: ...s are generated when RMON alarms are triggered 16 4 2 Commands The following RMON communities when defined enable the specific RMON group as show above The rmon command enter the RMON configuration mode to setup RMON groups and communities rmon The history command defines the RMON history group and the community string associated with the group history def owner string def comm string The statisti...

Page 260: ...ULTILINK ML2400 ETHERNET COMMUNICATIONS SWITCH INSTRUCTION MANUAL SNMP CHAPTER 16 SNMP ML2400 rmon show rmon event RMON Event Default Owner test RMON Event Default Community somestring ML2400 rmon exit ML2400 ...

Page 261: ... or activating an external relay to electrically trigger any circuit desired These could be an indicator light a flashing strobe light an audible alarm or other devices The MultiLink family of switches has a software optional controlled relay contact that can be use to report alarm conditions The relay is held closed in normal circumstances and will go to the open position during alarm conditions ...

Page 262: ...or relay The time is in seconds with a default of 3 period time 1 10 The del command disables alarm action in response to the specified event ID del event event id list range all The alarm command globally enables or disables the alarm action alarm enable disable The show alarm command displays the current status of alarm system show alarm An example of setting up the external relays and alerts is...

Page 263: ...0 Link Loss Learn Triggered MOMENTARY 11 Broadcast Storm Detected MOMENTARY 12 STP RSTP Reconfigured MOMENTARY ML2400 alarm alarm enable Alarm system Enabled ML2400 alarm show alarm Alarm Events Configuration Alarm Status ENABLED Relay Closure Time Period 5 Seconds EventId Description Mode 1 S RING OPEN SUSTAINED 2 Cold Start MOMENTARY 3 Warm Start MOMENTARY 4 Link Up MOMENTARY 5 Link Down MOMENTA...

Page 264: ...y Enabled Event 6 is Already Enabled Event 8 is Already Enabled Alarm Event s Added 7 9 10 11 12 ML2400 alarm del event 2 Alarm Event s Deleted 2 ML2400 alarm period time 5 Relay closure Time Set ML2400 alarm show alarm Alarm Events Configuration Alarm Status DISABLED Relay Closure Time Period 5 Seconds EventId Description Mode 1 S RING OPEN SUSTAINED 2 Cold Start NOT ENABLED 3 Warm Start MOMENTAR...

Page 265: ...be set using the drop down menu Z After changing the Alarm settings save the configuration using the save icon Alarm relays continued ML2400 alarm show alarm Alarm Events Configuration Alarm Status DISABLED Relay Closure Time Period 5 Seconds EventId Description Mode 1 S RING OPEN NOT ENABLED 2 Cold Start MOMENTARY 3 Warm Start NOT ENABLED 4 Link Up MOMENTARY 5 Link Down NOT ENABLED 6 Authenticati...

Page 266: ...le be setup on the mail server so that all e mails indicating SNMP faults are automatically stored in a folder or redirected to the necessary administrators The SNMP alerts can be configured using the MultiLink Switch Software for the following Send e mail alert according to the configuration rules when a specific event category happens Send e mail alert according to the configuration rules when a...

Page 267: ...vent ACF implies that events of severity types activity critical and fatal will be sent to recipients by e mail If this option is not defined a value of all is taken The optional ip parameter represents the SMTP server IP address This is the SMTP server to connect to for this particular user If this option is not defined the global default SMTP server is used The optional port parameter specifies ...

Page 268: ...on ML2400 smtp show smtp config SMTP Global Configuration Status Disabled SMTP Server Host 3 94 210 25 SMTP Server Domain ge com SMTP Server Port 25 Retry Count 3 ML2400 smtp add id 1 email jsmith ge com traps s events CF Recipient successfully added ML2400 smtp add id 2 email xyz abc com traps all events all ip 3 30 154 28 port 25 domain abc com Recipient successfully added ML2400 smtp show smtp ...

Page 269: ...Management Software allows for the display of several statistics in a graphical format These are described below To view statistics Z Select the Configuration Statistics menu item To view port specific statistics Z Select the Configuration Statistics Port Statistics menu item Each port can be viewed by clicking on the back or forward buttons Each group represents different statistics The following...

Page 270: ...17 10 MULTILINK ML2400 ETHERNET COMMUNICATIONS SWITCH INSTRUCTION MANUAL MISCELLANEOUS COMMANDS CHAPTER 17 MISCELLANEOUS COMMANDS The following figure displays the port statistics for group 3 ...

Page 271: ...IFO buffer used in the MultiLink switches is not overrun The important parameters to set for any serial connectivity software is to set the line delay to be 500 ms and the character delay to be 50 ms For example using HyperTerminal this can be set under File Properties When the Properties window is open click on the ASCII Setup button and in the Line Delay entry box enter in 500 and in the Charact...

Page 272: ...mmand repeats the last command The 1 2 n commands repeat the nth command as indicated by a show history n The show history command displays the last 25 executed commands If less than 25 commands were executed only those commands executed are shown show history The history is cleared if the user logs out or if the switch times out The history count restarts when the user logs in The show version co...

Page 273: ...s alive count 1 time 20ms 3 94 248 61 is alive count 2 time 20ms 3 94 248 61 is alive count 3 time 40ms ML2400 Many devices do not respond to ping or block ping commands Make sure that the target device responds or the network allows the ping packets to propagate 17 6 2 Ping through EnerVista Secure Web Management Software The ping command can be used from EnerVista Secure Web Management Software ...

Page 274: ...an be used to set the prompt These are n system name c system contact l system location i system IP address m system MAC address v version the dollar sign character r new line b space A few examples on how the system prompt can be setup are shown below ML2400 snmp ML2400 snmp setvar sysname Core System variable s set successfully ML2400 snmp exit ML2400 set prompt n Core set prompt n b i Core 192 ...

Page 275: ...plete event message Once the log has received 1000 entries it discards the current oldest line with information level severity only each time a new line is received The event log window contains 22 log entry lines and can be positioned to any location in the log 17 8 2 Command Line Interface Example The following example illustrates a typical event log Example 17 3 Typical system event log ML2400 ...

Page 276: ...ent for example html for an HTML file ML2400 exportlog mode tftp 192 168 5 2 file eventlog doctype html Do you wish to export the event logs Y or N Y Successfully uploaded the event log file ML2400 exportlog mode tftp 192 168 5 2 file eventlog txt doctype raw Do you wish to export the event logs Y or N Y Successfully uploaded the event log file 17 8 3 EnerVista Example The EnerVista Secure Web Man...

Page 277: ...ific type of log can be viewed by using the drop down menu as shown below In this example only informational logs are displayed The Clear button clears all the logs To prevent accidental erasures you will be prompted again if the logs should be deleted The Event Log records operating events as single line entries listed in chronological order For details on event log records refer to Description o...

Page 278: ... displays the configured daylight savings settings show gateway displays the gateway of the system show gvrp displays the GVRP parameters show host displays the host table for FTP users show igmp displays the IGMP parameters show interfaces display the interface information show ip displays the system IP address show ip access displays the IP address access list show ipconfig displays the IP confi...

Page 279: ...time show timeout displays the system inactivity time out show timezone displays the configured time zone of the device show uptime displays up time of the system show users displays all configured users show version displays current version of the software show vlan displays the VLAN parameters of a specified type show web The set commands are listed below set bootmode set date year set daylight ...

Page 280: ...ts to the remote system through telnet terminal to set the terminal size xmodem 17 9 2 Configuration commands The access commands are shown below allow allows the IP address deny denies the IP address dhcp enables or disables the DHCP modbus enables or disables access to Modbus map remove removeall snmp enables or disables SNMP ssl telnet web The alarm commands are shown below Refer to Alarm Relay...

Page 281: ...figures GVRP parameters for dynamic VLAN set forbid sets forbidden ports for a tag based VLAN show ports show ports current GVRP state show forbid show forbidden ports for tag based VLAN set ports set GVRP port state usage show vlan shows dynamic static tag based VLANs static convert dynamic VLAN to static VLAN The IGMP commands are shown below Refer to IGMP on page 15 1 for additional details mca...

Page 282: ...os setqos configures QOS configuration usage set untag set weight sets the port priority weights for all the ports in all the device show portweight displays the current port weight priority The remote monitoring RMON commands are shown below Refer to Configuring RMON on page 16 13 for additional details alarm sets the owner for the alarm group event sets the owner for the event group help rmon hi...

Page 283: ...NMP manager IP setvar configures system name contact or location traps adds or deletes a trap receiver The Simple Network Time Protocol SNTP commands are shown below Refer to Network Time on page 5 10 for additional details delete deletes the SNTP server from SNTP server database help sntp setsntp adds SNTP server into the SNTP server database sntp configures parameters for SNTP system sync sets t...

Page 284: ...ON MANUAL MISCELLANEOUS COMMANDS CHAPTER 17 MISCELLANEOUS COMMANDS useraccess The VLAN commands are shown below Refer to VLAN on page 10 1 for additional details add delete edit save set egress set ingress set port show egress show ingress show port start stop vlan ...

Page 285: ...t and contents of message fields The Modbus protocol thus operates at the layer 7 of the OSI 7 layer stack Additional information on Modbus can be found at http www modbus org and other related sites RFC 1122 Requirements for Internet Hosts Communication Layers defines how Modbus packets can be carried over a TCP IP transport and how Modicon controllers or other PLC devices can communicate over a ...

Page 286: ...ML2400 access ML2400 access modbus enable Enabling Access to Modbus ML2400 access show modbus Access to Modbus enabled Modbus is Using Port 502 Modbus is Using Device 5 ML2400 access modbus port 602 Modbus Port is set ML2400 access show modbus Access to Modbus enabled Modbus is Using Port 602 Modbus is Using Device 5 ML2400 access modbus port default Modbus Port Set to Default ML2400 access show m...

Page 287: ... 0 0030 Netmask byte 2 1 to 254 1 F1 0 0031 Netmask byte 3 1 to 254 1 F1 0 0032 Gateway byte 0 1 to 254 1 F1 0 0033 Gateway byte 1 1 to 254 1 F1 0 0034 Gateway byte 2 1 to 254 1 F1 0 0035 Gateway byte 3 1 to 254 1 F1 0 0036 MAC address 3 registers String Varies 0039 Order code 16 registers String Varies 0049 Power alarm 1 0 to 1 1 F2 0 004A Power alarm 2 0 to 1 1 F2 0 004B Stp State 0 to 1 1 F3 0 ...

Page 288: ...tatus 0 to 1 1 F3 0 0077 Port 2 link status 0 to 1 1 F3 0 0078 Port 3 link status 0 to 1 1 F3 0 0079 Port 4 link status 0 to 1 1 F3 0 007A Port 5 link status 0 to 1 1 F3 0 007B Port 6 link status 0 to 1 1 F3 0 007C Port 7 link status 0 to 1 1 F3 0 007D Port 8 link status 0 to 1 1 F3 0 007E Port 9 link status 0 to 1 1 F3 0 007F Port 10 link status 0 to 1 1 F3 0 0080 Port 11 link status 0 to 1 1 F3 ...

Page 289: ... to 1 1 F3 0 00A4 Port 15 STP state 0 to 1 1 F3 0 00A5 Port 16 STP state 0 to 1 1 F3 0 00A6 Port 17 STP state 0 to 1 1 F3 0 00A7 Port 18 STP state 0 to 1 1 F3 0 00A8 Port 19 STP state 0 to 1 1 F3 0 00A9 Port 20 STP state 0 to 1 1 F3 0 00AA Port 21 STP state 0 to 1 1 F3 0 00AB Port 22 STP state 0 to 1 1 F3 0 00AC Port 23 STP state 0 to 1 1 F3 0 00AD Port 24 STP state 0 to 1 1 F3 0 00AE Port 25 STP ...

Page 290: ...vity 0 to 1 1 F3 0 00D3 Port 30 activity 0 to 1 1 F3 0 00D4 Port 31 activity 0 to 1 1 F3 0 00D5 Port 32 activity 0 to 1 1 F3 0 00D6 Port 1 Number of bytes received 0 to 4294967295 1 F9 0 00D8 Port 1 Number of bytes sent 0 to 4294967295 1 F9 0 00DA Port 1 Number of frames received 0 to 4294967295 1 F9 0 00DC Port 1 Number of frames sent 0 to 4294967295 1 F9 0 00DE Port 1 Total bytes received 0 to 4...

Page 291: ...th good CRC 0 to 4294967295 1 F9 0 0108 Port 2 Number of bytes received 0 to 4294967295 1 F9 0 010A Port 2 Number of bytes sent 0 to 4294967295 1 F9 0 010C Port 2 Number of frames received 0 to 4294967295 1 F9 0 010E Port 2 Number of frames sent 0 to 4294967295 1 F9 0 0110 Port 2 Total bytes received 0 to 4294967295 1 F9 0 0112 Port 2 Total frames received 0 to 4294967295 1 F9 0 0114 Port 2 Number...

Page 292: ...ames sent 0 to 4294967295 1 F9 0 0142 Port 3 Total bytes received 0 to 4294967295 1 F9 0 0144 Port 3 Total frames received 0 to 4294967295 1 F9 0 0146 Port 3 Number of broadcast frames received 0 to 4294967295 1 F9 0 0148 Port 3 Number of multicast frames received 0 to 4294967295 1 F9 0 014A Port 3 Number of frames with CRC error 0 to 4294967295 1 F9 0 014C Port 3 Number of oversized frames receiv...

Page 293: ...r of multicast frames received 0 to 4294967295 1 F9 0 017C Port 4 Number of frames with CRC error 0 to 4294967295 1 F9 0 017E Port 4 Number of oversized frames received 0 to 4294967295 1 F9 0 0180 Port 4 Number of bad fragments received 64 bytes 0 to 4294967295 1 F9 0 0182 Port 4 Number of jabber frames received 0 to 4294967295 1 F9 0 0184 Port 4 Number of collisions occurred 0 to 4294967295 1 F9 ...

Page 294: ...ad fragments received 64 bytes 0 to 4294967295 1 F9 0 01B4 Port 5 Number of jabber frames received 0 to 4294967295 1 F9 0 01B6 Port 5 Number of collisions occurred 0 to 4294967295 1 F9 0 01B8 Port 5 Number of late collisions occurred 0 to 4294967295 1 F9 0 01BA Port 5 Number of 64 byte frames received sent 0 to 4294967295 1 F9 0 01BC Port 5 Number of 65 to 127 byte frames received sent 0 to 429496...

Page 295: ...rt 6 Number of late collisions occurred 0 to 4294967295 1 F9 0 01EC Port 6 Number of 64 byte frames received sent 0 to 4294967295 1 F9 0 01EE Port 6 Number of 65 to 127 byte frames received sent 0 to 4294967295 1 F9 0 01F0 Port 6 Number of 128 to 255 byte frames received sent 0 to 4294967295 1 F9 0 01F2 Port 6 Number of 256 to 511 byte frames received sent 0 to 4294967295 1 F9 0 01F4 Port 6 Number...

Page 296: ...frames received sent 0 to 4294967295 1 F9 0 0222 Port 7 Number of 128 to 255 byte frames received sent 0 to 4294967295 1 F9 0 0224 Port 7 Number of 256 to 511 byte frames received sent 0 to 4294967295 1 F9 0 0226 Port 7 Number of 512 to 1023 byte frames received sent 0 to 4294967295 1 F9 0 0228 Port 7 Number of 1023 to maximum byte frames received sent 0 to 4294967295 1 F9 0 022A Port 7 Number of ...

Page 297: ... 4294967295 1 F9 0 0258 Port 8 Number of 512 to 1023 byte frames received sent 0 to 4294967295 1 F9 0 025A Port 8 Number of 1023 to maximum byte frames received sent 0 to 4294967295 1 F9 0 025C Port 8 Number of MAC error packets 0 to 4294967295 1 F9 0 025E Port 8 Number of dropped received packets 0 to 4294967295 1 F9 0 0260 Port 8 Number of multicast frames sent 0 to 4294967295 1 F9 0 0262 Port 8...

Page 298: ...r packets 0 to 4294967295 1 F9 0 0290 Port 9 Number of dropped received packets 0 to 4294967295 1 F9 0 0292 Port 9 Number of multicast frames sent 0 to 4294967295 1 F9 0 0294 Port 9 Number of broadcast frames sent 0 to 4294967295 1 F9 0 0296 Port 9 Number of 64 byte fragments with good CRC 0 to 4294967295 1 F9 0 0298 Port 10 Number of bytes received 0 to 4294967295 1 F9 0 029A Port 10 Number of by...

Page 299: ... sent 0 to 4294967295 1 F9 0 02C8 Port 10 Number of 64 byte fragments with good CRC 0 to 4294967295 1 F9 0 02CA Port 11 Number of bytes received 0 to 4294967295 1 F9 0 02CC Port 11 Number of bytes sent 0 to 4294967295 1 F9 0 02CE Port 11 Number of frames received 0 to 4294967295 1 F9 0 02D0 Port 11 Number of frames sent 0 to 4294967295 1 F9 0 02D2 Port 11 Total bytes received 0 to 4294967295 1 F9 ...

Page 300: ...Port 12 Number of frames received 0 to 4294967295 1 F9 0 0302 Port 12 Number of frames sent 0 to 4294967295 1 F9 0 0304 Port 12 Total bytes received 0 to 4294967295 1 F9 0 0306 Port 12 Total frames received 0 to 4294967295 1 F9 0 0308 Port 12 Number of broadcast frames received 0 to 4294967295 1 F9 0 030A Port 12 Number of multicast frames received 0 to 4294967295 1 F9 0 030C Port 12 Number of fra...

Page 301: ... Number of broadcast frames received 0 to 4294967295 1 F9 0 033C Port 13 Number of multicast frames received 0 to 4294967295 1 F9 0 033E Port 13 Number of frames with CRC error 0 to 4294967295 1 F9 0 0340 Port 13 Number of oversized frames received 0 to 4294967295 1 F9 0 0342 Port 13 Number of bad fragments received 64 bytes 0 to 4294967295 1 F9 0 0344 Port 13 Number of jabber frames received 0 to...

Page 302: ... oversized frames received 0 to 4294967295 1 F9 0 0374 Port 14 Number of bad fragments received 64 bytes 0 to 4294967295 1 F9 0 0376 Port 14 Number of jabber frames received 0 to 4294967295 1 F9 0 0378 Port 14 Number of collisions occurred 0 to 4294967295 1 F9 0 037A Port 14 Number of late collisions occurred 0 to 4294967295 1 F9 0 037C Port 14 Number of 64 byte frames received sent 0 to 429496729...

Page 303: ... Port 15 Number of collisions occurred 0 to 4294967295 1 F9 0 03AC Port 15 Number of late collisions occurred 0 to 4294967295 1 F9 0 03AE Port 15 Number of 64 byte frames received sent 0 to 4294967295 1 F9 0 03B0 Port 15 Number of 65 to 127 byte frames received sent 0 to 4294967295 1 F9 0 03B2 Port 15 Number of 128 to 255 byte frames received sent 0 to 4294967295 1 F9 0 03B4 Port 15 Number of 256 ...

Page 304: ...to 4294967295 1 F9 0 03E2 Port 16 Number of 65 to 127 byte frames received sent 0 to 4294967295 1 F9 0 03E4 Port 16 Number of 128 to 255 byte frames received sent 0 to 4294967295 1 F9 0 03E6 Port 16 Number of 256 to 511 byte frames received sent 0 to 4294967295 1 F9 0 03E8 Port 16 Number of 512 to 1023 byte frames received sent 0 to 4294967295 1 F9 0 03EA Port 16 Number of 1023 to maximum byte fra...

Page 305: ...8 Port 17 Number of 256 to 511 byte frames received sent 0 to 4294967295 1 F9 0 041A Port 17 Number of 512 to 1023 byte frames received sent 0 to 4294967295 1 F9 0 041C Port 17 Number of 1023 to maximum byte frames received sent 0 to 4294967295 1 F9 0 041E Port 17 Number of MAC error packets 0 to 4294967295 1 F9 0 0420 Port 17 Number of dropped received packets 0 to 4294967295 1 F9 0 0422 Port 17 ...

Page 306: ...ames received sent 0 to 4294967295 1 F9 0 0450 Port 18 Number of MAC error packets 0 to 4294967295 1 F9 0 0452 Port 18 Number of dropped received packets 0 to 4294967295 1 F9 0 0454 Port 18 Number of multicast frames sent 0 to 4294967295 1 F9 0 0456 Port 18 Number of broadcast frames sent 0 to 4294967295 1 F9 0 0458 Port 18 Number of 64 byte fragments with good CRC 0 to 4294967295 1 F9 0 045A Port...

Page 307: ...ames sent 0 to 4294967295 1 F9 0 0488 Port 19 Number of broadcast frames sent 0 to 4294967295 1 F9 0 048A Port 19 Number of 64 byte fragments with good CRC 0 to 4294967295 1 F9 0 048C Port 20 Number of bytes received 0 to 4294967295 1 F9 0 048E Port 20 Number of bytes sent 0 to 4294967295 1 F9 0 0490 Port 20 Number of frames received 0 to 4294967295 1 F9 0 0492 Port 20 Number of frames sent 0 to 4...

Page 308: ...294967295 1 F9 0 04C0 Port 21 Number of bytes sent 0 to 4294967295 1 F9 0 04C2 Port 21 Number of frames received 0 to 4294967295 1 F9 0 04C4 Port 21 Number of frames sent 0 to 4294967295 1 F9 0 04C6 Port 21 Total bytes received 0 to 4294967295 1 F9 0 04C8 Port 21 Total frames received 0 to 4294967295 1 F9 0 04CA Port 21 Number of broadcast frames received 0 to 4294967295 1 F9 0 04CC Port 21 Number...

Page 309: ... 0 04FA Port 22 Total frames received 0 to 4294967295 1 F9 0 04FC Port 22 Number of broadcast frames received 0 to 4294967295 1 F9 0 04FE Port 22 Number of multicast frames received 0 to 4294967295 1 F9 0 0500 Port 22 Number of frames with CRC error 0 to 4294967295 1 F9 0 0502 Port 22 Number of oversized frames received 0 to 4294967295 1 F9 0 0504 Port 22 Number of bad fragments received 64 bytes ...

Page 310: ...rames with CRC error 0 to 4294967295 1 F9 0 0534 Port 23 Number of oversized frames received 0 to 4294967295 1 F9 0 0536 Port 23 Number of bad fragments received 64 bytes 0 to 4294967295 1 F9 0 0538 Port 23 Number of jabber frames received 0 to 4294967295 1 F9 0 053A Port 23 Number of collisions occurred 0 to 4294967295 1 F9 0 053C Port 23 Number of late collisions occurred 0 to 4294967295 1 F9 0 ...

Page 311: ...4 Number of jabber frames received 0 to 4294967295 1 F9 0 056C Port 24 Number of collisions occurred 0 to 4294967295 1 F9 0 056E Port 24 Number of late collisions occurred 0 to 4294967295 1 F9 0 0570 Port 24 Number of 64 byte frames received sent 0 to 4294967295 1 F9 0 0572 Port 24 Number of 65 to 127 byte frames received sent 0 to 4294967295 1 F9 0 0574 Port 24 Number of 128 to 255 byte frames re...

Page 312: ... 0 05A2 Port 25 Number of 64 byte frames received sent 0 to 4294967295 1 F9 0 05A4 Port 25 Number of 65 to 127 byte frames received sent 0 to 4294967295 1 F9 0 05A6 Port 25 Number of 128 to 255 byte frames received sent 0 to 4294967295 1 F9 0 05A8 Port 25 Number of 256 to 511 byte frames received sent 0 to 4294967295 1 F9 0 05AA Port 25 Number of 512 to 1023 byte frames received sent 0 to 42949672...

Page 313: ... 128 to 255 byte frames received sent 0 to 4294967295 1 F9 0 05DA Port 26 Number of 256 to 511 byte frames received sent 0 to 4294967295 1 F9 0 05DC Port 26 Number of 512 to 1023 byte frames received sent 0 to 4294967295 1 F9 0 05DE Port 26 Number of 1023 to maximum byte frames received sent 0 to 4294967295 1 F9 0 05E0 Port 26 Number of MAC error packets 0 to 4294967295 1 F9 0 05E2 Port 26 Number ...

Page 314: ... sent 0 to 4294967295 1 F9 0 0610 Port 27 Number of 1023 to maximum byte frames received sent 0 to 4294967295 1 F9 0 0612 Port 27 Number of MAC error packets 0 to 4294967295 1 F9 0 0614 Port 27 Number of dropped received packets 0 to 4294967295 1 F9 0 0616 Port 27 Number of multicast frames sent 0 to 4294967295 1 F9 0 0618 Port 27 Number of broadcast frames sent 0 to 4294967295 1 F9 0 061A Port 27...

Page 315: ...eceived packets 0 to 4294967295 1 F9 0 0648 Port 28 Number of multicast frames sent 0 to 4294967295 1 F9 0 064A Port 28 Number of broadcast frames sent 0 to 4294967295 1 F9 0 064C Port 28 Number of 64 byte fragments with good CRC 0 to 4294967295 1 F9 0 064E Port 29 Number of bytes received 0 to 4294967295 1 F9 0 0650 Port 29 Number of bytes sent 0 to 4294967295 1 F9 0 0652 Port 29 Number of frames...

Page 316: ... good CRC 0 to 4294967295 1 F9 0 0680 Port 30 Number of bytes received 0 to 4294967295 1 F9 0 0682 Port 30 Number of bytes sent 0 to 4294967295 1 F9 0 0684 Port 30 Number of frames received 0 to 4294967295 1 F9 0 0686 Port 30 Number of frames sent 0 to 4294967295 1 F9 0 0688 Port 30 Total bytes received 0 to 4294967295 1 F9 0 068A Port 30 Total frames received 0 to 4294967295 1 F9 0 068C Port 30 N...

Page 317: ...mes sent 0 to 4294967295 1 F9 0 06BA Port 31 Total bytes received 0 to 4294967295 1 F9 0 06BC Port 31 Total frames received 0 to 4294967295 1 F9 0 06BE Port 31 Number of broadcast frames received 0 to 4294967295 1 F9 0 06C0 Port 31 Number of multicast frames received 0 to 4294967295 1 F9 0 06C2 Port 31 Number of frames with CRC error 0 to 4294967295 1 F9 0 06C4 Port 31 Number of oversized frames r...

Page 318: ...r of multicast frames received 0 to 4294967295 1 F9 0 06F4 Port 32 Number of frames with CRC error 0 to 4294967295 1 F9 0 06F6 Port 32 Number of oversized frames received 0 to 4294967295 1 F9 0 06F8 Port 32 Number of bad fragments received 64 bytes 0 to 4294967295 1 F9 0 06FA Port 32 Number of jabber frames received 0 to 4294967295 1 F9 0 06FC Port 32 Number of collisions occurred 0 to 4294967295 ...

Page 319: ... 32 Number of multicast frames sent 0 to 4294967295 1 F9 0 0712 Port 32 Number of broadcast frames sent 0 to 4294967295 1 F9 0 0714 Port 32 Number of 64 byte fragments with good CRC 0 to 4294967295 1 F9 0 0716 Serial Number String Varies Table 18 1 Modbus memory map Sheet 33 of 33 Address Description Range Step Format Default ...

Page 320: ...egisters Encoded in big endian F1 16 bit unsigned integer F2 Enumeration power alarm 0 power supply good 1 power supply fail F3 Enumeration OFF ON 0 Off 1 On F4 Enumeration port type 0 Giga GBIC 1 Copper TP 2 Fiber 10 3 Fiber 100 4 Giga 10 100 1000 triple speed 5 Giga Copper 1000 TP 6 Giga SFP F9 32 bit unsigned long String A sequence of octets packed 2 to one register in sequence ...

Page 321: ...ease Date ECO 1601 0220 A1 1 5 1 06 May 2005 1601 0220 A2 1 5 1 19 May 2005 1601 0220 A3 1 5 1 11 July 2005 1601 0220 A4 1 5 1 16 September 2005 1601 0220 A5 1 6 1 08 June 2006 1601 0220 A6 1 7 x 18 August 2006 1601 0220 A7 1 7 x 9 January 2007 1601 0220 A8 1 7 x 24 January 2007 1601 0220 A9 1 7 x 25 May 2007 1601 0220 AA 2 0 x 20 October 2007 1601 0220 AB 3 x 27 June 2008 Table 19 2 Updates for M...

Page 322: ... revised to A9 Table 19 5 Updates for Manual Revision A7 Section Description 1 2 1 Change power supply ranges in Order Codes section 1 3 1 Description of Power Input Ranges in Input Voltage and Input Current sections 1 3 1 Add short term temperature duration 40 to 85 degC for 16 hours 1 3 2 Ambient Temperature Standard from IEC 60068 to IEC60068 2 1 and IEC60068 2 2 1 3 4 Add UL information Ul lis...

Page 323: ...ate Updated Ordering section 1 3 1 3 Update Updated Power Supply specifications 1 6 Add Added Automatic IP Address Configuration section 2 1 2 1 Update Updated Communication Modules section 4 3 4 3 Update Updated Power Budget Calculations with Fiber Media section 5 2 5 2 Update Updated Configuring DHCP BOOTP Manual section 10 12 10 12 Update Updated Configuring Tag VLANs with EnerVista section 13 ...

Page 324: ... to A3 1 3 1 3 Update Updated Power Supply specifications Table 19 10 Major updates for 1601 0220 A2 Page A1 Page A2 Change Description Title Title Update Manual revision to A2 1 2 1 2 Update Updated order code table 2 3 2 3 Update Updated Gigabit module diagram 3 4 3 4 Update Updated the POWERING THE ML2400 section 3 4 3 4 Remove Removed the REDUNDANT POWER SUPPLY section Table 19 8 Major updates...

Page 325: ...fective and it is returned with all transportation charges prepaid to an authorized service centre or the factory Repairs or replacement under warranty will be made without charge Warranty shall not apply to any relay which has been subject to misuse negligence accident incorrect installation or use not in accordance with instructions nor any unit that has been altered outside a GE Multilin author...

Page 326: ...19 6 MULTILINK ML2400 ETHERNET COMMUNICATIONS SWITCH INSTRUCTION MANUAL APPENDIX CHAPTER 19 APPENDIX ...

Page 327: ...THORIZED MANAGERS 6 10 AUTO NEGOTIATION 4 2 B BACK PRESSURE 9 5 BOOTP 5 3 BRODCAST STORMS 9 8 C CABLE LOSSES 4 5 CHANGES TO MANUAL 19 3 19 4 CONNECTORS 1 3 D DATE 5 9 DESIGN ASPECTS 2 2 DHCP 5 3 DIFFSERV 14 2 E ELECTRICAL INSTALLATION 3 8 E MAIL NOTIFICATION 16 2 17 8 ENVIRONMENTAL SPECIFICATIONS 1 5 ETHERNET connecting 3 3 modules 2 3 power budget calculations 4 5 specifications 1 3 EVENT LOG 17 ...

Page 328: ...P 11 1 GVRP 11 1 11 3 H HISTORY 17 12 I IEEE APPROVAL 1 6 IGMP 15 1 15 2 15 5 INSTALLATION 3 1 IP ADDRESSING 5 1 IP PRECEDENCE 14 2 L LEDS functionality 4 2 specifications 1 4 LINK LOSS ALERT 9 10 M MAC ADDRESS 6 6 MECHANICAL INSTALLATION 3 6 MEMORY MAP 18 3 MODBUS configuration 18 1 memory map 18 3 MODULES 8 port copper 2 4 combo modules 2 3 2 4 four port fiber 2 3 gigabit 2 6 MOUNTING specificat...

Page 329: ...OWER SUPPLY specifications 1 4 PRODUCT DESCRIPTION 2 1 Q QOS 2 7 14 1 14 4 14 6 14 9 R RADIUS 7 1 REDUNDANT POWER SUPPLY 2 8 REVISION HISTORY 19 1 RSTP 13 1 13 4 13 7 13 10 S SAVING CONFIGURATION 5 13 SECURITY 6 1 6 3 6 5 SECURITY LOGS 6 9 SERIAL CONNECTIVITY 17 11 SERIAL PORT parameters 5 8 SMART RSTP 13 15 SMTP 17 6 SNMP 16 1 16 6 SNTP 5 10 SOFTWARE 2 7 SPECIFICATIONS 1 3 STP 12 1 12 3 12 8 SWIT...

Page 330: ... INSTRUCTION MANUAL INDEX SYSTEM PARAMETERS 5 8 T TACACS 7 1 TACACS 8 1 TAG VLAN 10 13 TELNET 5 5 TIME 5 9 TROUBLESHOOTING 4 7 U UL REQUIREMENTS FOR DC UNITS 3 8 UNPACKING THE SWITCH 1 1 UP LINK SWITCH 4 2 V VLAN 10 1 10 4 10 13 W WARRANTY 1 1 1 7 19 5 ...

Reviews:

No comments

Related manuals for MULTILINK ML2400

D-Link DI-106 Series Faq preview
DI-106 Series
Brand: D-Link Pages: 29
D-Link DGS-3700 Series User Manual preview
DGS-3700 Series
Brand: D-Link Pages: 292
D-Link DGS-3224SR User Manual preview
DGS-3224SR
Brand: D-Link Pages: 140
D-Link DGS-1224T - Web Smart Switch User Manual preview
DGS-1224T - Web Smart Switch
Brand: D-Link Pages: 61
D-Link DI-LB604 - Load Balancing Router Quick Installation Manual preview
DI-LB604 - Load Balancing Router
Brand: D-Link Pages: 14
D-Link DIR-605L Specification preview
DIR-605L
Brand: D-Link Pages: 2
D-Link DIR-510L Manual preview
DIR-510L
Brand: D-Link Pages: 45
D-Link DES-3550 Manual preview
DES-3550
Brand: D-Link Pages: 218
D-Link DES-3528 - xStack Switch - Stackable User Manual preview
DES-3528 - xStack Switch - Stackable
Brand: D-Link Pages: 322
D-Link DIR-130 - Broadband VPN Router How To Set Up preview
DIR-130 - Broadband VPN Router
Brand: D-Link Pages: 10
D-Link DIR-130 - Broadband VPN Router Troubleshooting Manual preview
DIR-130 - Broadband VPN Router
Brand: D-Link Pages: 4
D-Link DIR-130 - Broadband VPN Router Configuration preview
DIR-130 - Broadband VPN Router
Brand: D-Link Pages: 13
D-Link DIR Series Configuration Manual preview
DIR Series
Brand: D-Link Pages: 13
D-Link DI-804HV - Express ENwork Router Configuration Manual preview
DI-804HV - Express ENwork Router
Brand: D-Link Pages: 19
D-Link DI-808HV Quick Installation Manual preview
DI-808HV
Brand: D-Link Pages: 12
D-Link DI-804 Quick Install Manual preview
DI-804
Brand: D-Link Pages: 8
D-Link DI-604UP Quick Install Manual preview
DI-604UP
Brand: D-Link Pages: 16
D-Link DI-304 Technical Bulletin preview
DI-304
Brand: D-Link Pages: 7

Brands by name

Popular brands

Load more brands