manualshive.com logo in svg

Kontrol KSwitch D10 MMT, User Manual, Page: 82 / 110

Share
Download
Kontrol KSwitch D10 MMT User Manual Download Page 82

KSwitch D10 MMT Managed Time Sensitive Ethernet Switch - Preliminary User Guide, Rev. 0.99 

 

www.kontron.com 

 

// 82 

 

aaa authentication login

 

{ console | telnet | ssh | http } { { local | radius | tacacs } [ { local | radius |  tacacs } [ { local | 

radius | tacacs } ] ] } 

no aaa authentication login

 { console | telnet | ssh | http }

 

 

Parameter 

Description 

Parameter 

N.A 

N.A 

Default 

N.A 

Mode 

Global Configuration Mode 

Usage 

Configure user authentication method for a specific management interface. Use the no version 
of the command to disable the interface. 

Examples 

Example#1 (configure SSH to be authenticated 1st by RADIUS Server. In case it is down, then by 
TACACS Server, and in case it is also down, then be authenticated locally) 
(config)#aaa authentication login ssh radius tacacs localconfig)# aaa authentication login ssh 
radius tacacs local 
 
Example#2 (disable Telnet remote access) 
(config)# no aaa authentication login telnet 

 

9.6.5.2.

 

aaa Accounting 

Description - Configure what type of activity over a specific interface (console, telnet or ssh) is reported  to the 
 accounting server. Possible options are “CLI Commands”, and Exec=Login/Logout. 

CLI Commands - every CLI command entered by the user will be mirrored to the accounting server.  Exe 
(Login/Logout) – every login/logout of remote user will be reported to the accounting server. 

aaa accounting

 

{ console | telnet | ssh } tacacs { [ commands <priv_lvl> ] [ exec ] } 

no aaa accounting

 { console | telnet | ssh }

 

 

Parameter 

Description 

Parameter 

[commands <priv_lvl> ] 

All CLI commands equal and above the privilege level are accounted 

[ exec ] 

Only remote user login/logout is reported 

Default 

N.A 

Mode 

Global Configuration Mode 

Usage 

Configure accounting method and reporting. Use the no version of the command to disable 
accounting. 

Examples 

Example#1 (configure accounting for ssh to report all CLI activity and any login/logout ) 
(config)# aaa accounting ssh tacacs commands 15 exec 
 
Example#2 (disable accounting for Telnet) 
(config)# no aaa accounting telnet 

 

 

Summary of Contents for KSwitch D10 MMT

Page 1: ...USER GUIDE www kontron com KSwitch D10 MMT Managed Time Sensitive Ethernet Switch Doc Preliminary User Guide Rev 0 99 Doc ID 1069 3835...

Page 2: ...KSwitch D10 MMT Managed Time Sensitive Ethernet Switch Preliminary User Guide Rev 0 99 www kontron com 2 This page has been intentionally left blank...

Page 3: ...entation or warranty that such application will be suitable for the specified use without further testing or modification Kontron expressly informs the user that this user guide only contains a genera...

Page 4: ...the risks associated with your products and applications you should provide adequate design and operating safeguards You are solely responsible for compliance with all legal regulatory safety and secu...

Page 5: ...CONTACT US Customer Support Find Kontron contacts by visiting https www kontron de support and services Customer Service As a trusted technology innovator and global solutions provider Kontron extend...

Page 6: ...utions indicated and or prescribed by the law may endanger your life health and or result in damage to your material ESD Sensitive Device This symbol and title informs that the electronic boards and t...

Page 7: ...llation of piggybacks Serious electrical shock hazards can exist during all installation repair and maintenance operations on this product Therefore always unplug the power cable and any other cables...

Page 8: ...n cause short circuits and damage the batteries or conductive circuits on the product Lithium Battery Precautions If your product is equipped with a lithium battery take the following precautions when...

Page 9: ...he components used are capable of being recycled Final disposal of this product after its service life must be accomplished in accordance with applicable country state or local laws or regulations WEE...

Page 10: ...16 3 Shipment and Packaging 17 3 1 Packaging 17 3 2 Unpacking 17 3 3 Scope of Delivery 17 3 4 Accessories 18 3 4 1 Mounting Kits 18 3 4 2 SFP Modules 18 3 5 Product Identification Type Label 18 4 Swi...

Page 11: ...ng the Switch NOS CLI using Telnet from a Remote Computer 49 9 1 3 Accessing the Operating System 52 9 1 4 Help Tools 52 9 2 Managing the KSwitch D10 Using the Web Interface 53 9 3 Using the CLI 54 9...

Page 12: ...b Configuration Commands 81 9 6 6 Telnet SSH Web View Commands 83 9 6 7 Access Control List Configuration Commands 83 9 6 8 Access Control List View Commands 84 9 7 VLAN 85 9 7 1 VLAN Configuration Co...

Page 13: ...Mechanical Specification 43 Table 11 Electrical Specification 45 Table 12 CE Compliance 46 Table 13 International Compliance 46 Table 14 List of Acronyms 109 List of Figures Figure 1 KSwitch D10 MMT 8...

Page 14: ...etwork to provide reliable and good quality services To ensure you have the latest version of this user guide visit Kontron s KSwitch Industrial Ethernet Switches For safety reasons Kontron recommends...

Page 15: ...ited Power Source LPS and Power Source PS2 of UL IEC 62368 1 Only products or parts that meet the requirements for Power Source PS1 of UL IEC 62368 1 may be connected to the product s available interf...

Page 16: ...g a connector attached to a broken fiber or an energized fiber 2 2 Electrostatic Discharge ESD A sudden discharge of electrostatic electricity can destroy static sensitive devices or micro circuitry T...

Page 17: ...nal order contact your Kontron representative for help and information 3 3 Scope of Delivery Check that your delivery is complete and contains the items listed below If you discover damaged or missing...

Page 18: ...Kit 4U Enables the switch with DIN Rail to be installed in a 4U rack WK25 Wall Mount Kit includes two wall mount plates and four M3x5 screws to attach the plates to the switch 3 4 2 SFP Modules For in...

Page 19: ...s user guide Figure 3 Switch Variants KSwitch D10 MMT 6G 2GS KSwitch D10 MMT 8 G 1 6x RJ45 copper Ethernet ports 10BASE T 100BASE TX 1000BASE T 2 2x RJ45 copper Ethernet ports 10BASE T 100BASE TX 1000...

Page 20: ...cables with 10BASE T 100BASE TX and Category 5E 6 or 6a or better with 1000BASE T 2 5GBASE T Ethernet networks When connecting the switch to a PC use a straight through or a cross over Ethernet cable...

Page 21: ...er device and the receive RX port of the switch connects to the transmit TX port of the other device For fiber SFP the SFP port accepts 2 5GBASE X 1000BASE X SFP plug in fiber modules with LC type con...

Page 22: ...ptical output 4 SDA Data serial ID 5 SCL Clock serial ID 6 MOD_ABS SFP present 7 RS0 Rate0 select 8 RX_LOS Loss of signal 9 RS1 Rate1 select 10 GND Receiver ground 11 GND Receiver ground 12 RD Receive...

Page 23: ...power line disconnect or does not have supply power On Green P1 P2 power line has power ALM Off No power failure alarm On Red One of the two power rails is not active Ethernet Port RJ45 Copper Link Ac...

Page 24: ...C terminal block enables the connection of dual external 12 VDC to 58 VDC power supplies using the P1 and P2 contacts Figure 7 pos 1 and 2 When dual power sources are connected to the switch the switc...

Page 25: ...cal management of the switch The serial console port features the RS232 serial management interface with TX and RX signals only and no hardware flow control For more information contact Kontron Suppor...

Page 26: ...Ground Stud The ground stud Figure 7 pos 7 connects to ground The switch must be grounded properly for optimum system performance Connect the switch to ground before connecting the power Ground prope...

Page 27: ...openings for DIN Rail clip purple 3 2x wall mount threaded screw openings 4 3 1 DIN Rail Clip The mounting holes for the DIN Rail clip Figure 8 pos 1 and pos 2 changes the orientation of the DIN Rail...

Page 28: ...t Switch Preliminary User Guide Rev 0 99 www kontron com 28 4 4 Side Features The switch is fanless and passively cooled by one heatsink positioned on the left side of the switch The right side has no...

Page 29: ...mmon time reference It may cause malfunctioning of TAS and PSFP if a config change is issued before the PTP time is in a Locked or Locking state A function that can delay the issue of config change un...

Page 30: ...nfigure terminal config interface GigabitEthernet 1 1 config if qos queue shaper queue 6 800 kbps credit Disable the shaper on port 1 queue 6 configure terminal config interface GigabitEthernet 1 1 co...

Page 31: ...elease tsn tas control list length length tsn tas cycle time time ms us ns tsn tas cycle time extension extension tsn tas gate enabled tsn tas gate states queue queue open closed tsn tas max sdu queue...

Page 32: ...st index 0 gate state queue 7 open time interval 20000000 operation set hold config if tsn tas control list index 1 gate state queue 5 6 open time interval 30000000 operation set release config if tsn...

Page 33: ...e queue and as a result gbt s can be configured for each traffic class on an interface The required guard band time can be reduced if preemption is used If the traffic class being closed consist of pr...

Page 34: ...ys be larger than the guard band time as specified thru the values of max sdu and LINK_SPEED An open queue will always be opened for a small amount of time even if the guard band time is larger than t...

Page 35: ...e Ts In a test where frames of the same size are transmitted using TAS the maximum number of frames transmitted N is calculated as follows Ts gate open time interval max_sdu_line configured value incl...

Page 36: ...eemption Enable frame preemption on queue level for port 1 queue 0 and 1 configure terminal config interface GigabitEthernet 1 1 Enable frame preemption on queue 0 and 1 config if tsn frame preemption...

Page 37: ...rt status using show tsn frame preemption status show tsn frame preemption status interface GigabitEthernet 1 1 interface GigabitEthernet 1 1 HoldAdvance 1016 nanoseconds ReleaseAdvance 1016 nanosecon...

Page 38: ...of the switch within the installation environment and access to connectors The switch is fanless and passively cooled by a heatsink positioned on the left side of the switch When installing the switc...

Page 39: ...tom of the DIN Rail clip from the DIN Rail 2 Rotate the bottom of the switch away from the DIN Rail 3 Unhook the top of the DIN Rail clip from the DIN Rail by lifting upwards 4 Remove the DIN Rail cli...

Page 40: ...he mounting surface is clean and smooth and meets the screw s thickness requirement 2 Fasten the wall mount plates to the switch top and bottom using the two screws M3x5 provided Figure 7 pos 1 3 Inse...

Page 41: ...wer cable wires must be selected according to the maximum electrical specifications on the product label as stipulated by EN62368 1 When attaching power wires to the DC terminal block s power contacts...

Page 42: ...2 3 IEEE 802 3u IEEE 802 3ab IEEE 802 3z IEEE 802 3x IEEE 802 3ad LLDP IPv4 IPv6 SNMP v1 v2c TFTP ARP RARP Telnet Syslog Flow Control Back Pressure ICMP UPD TCP IEEE 1588 Rev 2 Network Redundancy Span...

Page 43: ...F to 167 F Storage Temperature 40 C to 85 C 40 F to 185 F Humidity 93 RH at 40 C non condensing Shock according to IEC 60068 2 27 15 g 9 ms half sine Shock Count 3 direction total 18 Vibration accord...

Page 44: ...ry User Guide Rev 0 99 www kontron com 44 The switch variants share the same main dimensions and mechanical features and differ only in faceplate design Figure 11 Mechanical Dimensions KSwitch D10 MMT...

Page 45: ...rnational region The DC power supply must be connected to a well fused power source If access to power is restricted guarantee disconnection using a separate cut off device After a brownout condition...

Page 46: ...fety EN 62368 1 Audio video information and communication technology equipment Part 1 Safety requirements Table 13 International Compliance USA CANADA EMC CFR 47 Part 15 Subpart B ICES 003 Complies wi...

Page 47: ...ay no longer apply Kontron is not responsible for any radio television interference caused by unauthorized modifications of the delivered switch or the substitution or attachment of connecting cables...

Page 48: ...itch network subnet Further Prerequisites Prerequisite Description HTML5 To connect to the Web UI a Web browser supporting HTML5 is required HTTPS self signed certificate Upon connection to the Web UI...

Page 49: ...s to the switch network subnet Remote computer has an installed telnet client tool PuTTY is recommended for Windows environments and telnet is recommended for Linux environments 9 1 2 1 Setting up the...

Page 50: ...w prolific com tw US ShowProduct aspx p_id 225 pcid 41 and selecting the latest version of the Standard Driver download file 3 Download and install the open source terminal emulation software package...

Page 51: ...kontron com 51 6 In the pop up Window select SETUP and click on Serial Port 7 Within the Tera Term serial port setup pop up window choose a baud rate of 11520 select 8 N 1 8 bit data No parity 1 bit...

Page 52: ...the appropriate credentials 9 1 2 3 Deactivate Serial Timeout configure terminal config line console 0 config line exec timeout 0 config line end config end 9 1 3 Accessing the Operating System Acces...

Page 53: ...Rev 0 99 www kontron com 53 9 2 Managing the KSwitch D10 Using the Web Interface The KSwitch D10 Web Management Interface provides a significant amount of information on how to configure and monitor t...

Page 54: ...the brackets and text inside them parameter The square brackets indicate that an optional parameter may be entered in place of the brackets and text inside them choice1 choice2 The indicates that only...

Page 55: ...9 www kontron com 55 9 3 5 Configuration Examples using the CLI The following chapters provide examples on how to setup dedicated features and configurations For more information on additional feature...

Page 56: ...Terminal display will switch from config to config if It is possible to configure same parameter for multiple interface by using syntax as 1 1 8 configure same value for ports 1 8 as described in the...

Page 57: ...it Example 2 config if exit config 9 4 4 End Description End any in depth configuration mode and go back to EXEC mode End Parameter Description Parameter N A Default N A Mode Go back to EXEC mode Usag...

Page 58: ...to view the current configuration including all default values Examples show running config all default 9 4 7 Dir Description Show all optional configuration files stored inside the switch Dir Parame...

Page 59: ...ples Example 1 save current configuration stored in switch flash to another file named test also inside switch FLASH copy running config flash test Example 2 save switch running configuration file to...

Page 60: ...ults 9 4 13 Reload Defaults Keep IP Description Semi factory defaults keeping IP and VLAN configuration unchanged Reload Defaults Keep ip Parameter Description Parameter Default N A Mode EXEC Usage Us...

Page 61: ...mmand to enable the interface Examples Example 1 disable port 1 configure terminal config interface GigabitEthernet 1 1 config if shutdown Example 2 disable ports 1 through 8 configure terminal config...

Page 62: ...the duplex mode of the specified interface Use the no form of the command Examples Example 1 set duplex for port 1 to half configure terminal config interface GigabitEthernet 1 1 config if duplex hal...

Page 63: ...ace config if flowcontrol on 9 5 1 5 MTU Description specify the Maximum Transmission Unit MTU Ethernet frame size for the interface mtu max_length no mtu Parameter Description Parameter on Enable flo...

Page 64: ...ation for any port show interface port_type v_port_type_list status Parameter Description Parameter port_type Port type in GigabitEthernet v_port_type_list List of Port ID ex 1 1 3 5 2 2 4 6 Default N...

Page 65: ...resolving domain names Use the no version of the command to return to default Examples Example 1 DNS Server 0 setting is derived from any DHCPv4 VLANs ID config ip name server 0 dhcp Example 2 DNS Se...

Page 66: ...th a hostname test config interface vlan 3 config if vlan ip address dhcp client id GigabitEthernet 1 1 hostname test 9 5 3 3 IP Routes default gateway Description Add new IP route ip route ipv4_addr...

Page 67: ...1 Show Interface VLAN Description View VLAN interface status and configuration show interface vlan vlist Parameter Description Parameter vlist VLAN list Default N A Mode EXEC mode Usage Use to display...

Page 68: ...ar Domain name of NTP server Default N A Mode Global Configuration mode Usage Enable NTP server by entering ntp command Use a no version of the command to disable it Specify the parameters of NTP serv...

Page 69: ...ar subtype_var no clock timezone Parameter Description Parameter word16 Name of time zone up to 16 characters Use for null input hour_var Hours offset from UTC 23 23 minute_var Minutes offset from UTC...

Page 70: ...start 1 12 start_date_var Date to start 1 31 start_year_var Year to start 2000 2097 start_hour_var Time to start hh mm end_month_var Month to end 1 12 end_date_var Date to end 1 31 end_year_var Year t...

Page 71: ...www kontron com 71 9 5 9 Time Zone View Commands 9 5 9 1 Show Clock Detail Description Display the detailed clock information show clock detail Parameter Description Parameter N A N A Default N A Mod...

Page 72: ...ging host ipv4_addr domain_name logging level informational notice warning error no logging on Parameter Description Parameter ipv4_addr Name of time zone up to 16 characters Use for null input domain...

Page 73: ...al Severity 6 Informational messages notice Severity 5 Normal but significant condition warning Severity 4 Warning conditions error Severity 3 Error conditions log_id Message logging ID switch_list Li...

Page 74: ...ing Default Aging time is 300 seconds Mode Global Configuration mode Usage Set MAC address table aging time in seconds Use the no version of the command to reset to default 300 seconds Examples Exampl...

Page 75: ...port or ports mac address table static v_mac_addr vlan v_vlan_id interface port_type v_port_type_list no mac address table static v_mac_addr vlan v_vlan_id interface port_type v_port_type_list Paramet...

Page 76: ...added static MAC addresses static All static MAC addresses aging time Display MAC address aging time learning MAC address learning state Learn Secure Disable count Total number of MAC addresses Defaul...

Page 77: ...9 www kontron com 77 9 5 14 Routing View Commands 9 5 14 1 Show IP Route Description Display IPv4 route entry table with status information show ip route Parameter Description Parameter N A N A Defaul...

Page 78: ...password The UNENCRYPTED Plain Text user password Any printable characters including space are accepted Notice that you have no chance to get the Plain Text password after this command The system will...

Page 79: ...A Default N A Mode EXEC Mode Usage Display information about all local user accounts Examples Example show user privilege 9 6 2 2 Show Users New Command Need to Update TOC Description Display informa...

Page 80: ...enerate a new self signed RSA certificate or upload a PEM certificate using URL over http tftp or ftp ip http secure certificate upload url_file pass phrase pass_phrase delete generate Parameter Descr...

Page 81: ...counting server whenever remote user login logout and report any CLI command typed by the user over Console Telnet or SSH 9 6 5 1 aaa Authentication Login Description Configures how a user is authenti...

Page 82: ...gin telnet 9 6 5 2 aaa Accounting Description Configure what type of activity over a specific interface console telnet or ssh is reported to the TACACS accounting server Possible options are CLI Comma...

Page 83: ...ser will be able to access the Switch management interface over Web SNMP Telnet SSH 9 6 7 1 Access Management Description Enable disable access management mode and configure up to 16 entries access ma...

Page 84: ...access management entry 1 config no access management 1 9 6 8 Access Control List View Commands 9 6 8 1 Show Access Management show access management statistics access_id_list Parameter Description P...

Page 85: ...ded in the tag If a frame is untagged or priority tagged the frame gets classified to the Port VLAN If frames must be tagged on egress they will be tagged with a C tag VLAN Port Type S Port On egress...

Page 86: ...ments are separated by commas Default None Mode Global Configuration mode Usage Create allowed Access VLANs Use the no version of the command to delete VLANs Examples Example 1 Create Access VLANs 10...

Page 87: ...re terminal config interface GigabitEthernet 1 3 config if switchport mode trunk 9 7 2 2 Switchport Trunk Native VLAN Description Configure VLAN ID to be added internally by the Switch whenever native...

Page 88: ...fig if switchport trunk native vlan 4 config if switchport trunk vlan tag native 9 7 2 4 Switchport Trunk Allowed VLAN Description Ports in Trunk mode may control which VLANs they are allowed to becom...

Page 89: ...fault Examples Example 1 configure port 3 as trunk and add VLAN 4 to the list of forbidden VLANs configure terminal config interface GigabitEthernet 1 3 config if switchport mode trunk config if switc...

Page 90: ...8100 S custom ports do the same as C ports If the received frame is untagged S custom port adds a tag based on PVID to the frame and then forward it If the frame is already tagged it will be forwarded...

Page 91: ...tagged frames only on ingress configure terminal config interface GigabitEthernet 1 3 config if switchport mode hybrid config if switchport hybrid acceptable frame type tagged 9 7 2 10 Switchport Hybr...

Page 92: ...become member of any VLAN add Add VLANs to the current list remove Remove VLANs from the current list except All VLANs except the following VLAN ID or list vlan_list VLAN IDs of the allowed VLANs Indi...

Page 93: ...n status interface GigabitEthernet 1 1 admin 9 7 4 View VLAN Ports 9 7 4 1 Show VLAN Status Description Shows VLAN status for a specific interface port configured by a specific user show vlan status i...

Page 94: ...e that at any given time only one path out of multiple possible loops will be active those allowing the switch to use multiple backup paths in case main connection path go down 9 8 1 1 Spanning Tree M...

Page 95: ...ard delay used by STP Bridges to transit Root and Designated Ports to Forwarding Valid values are 4 30 seconds Default is 15 maxage Maximum age of the information transmitted by the Bridge when it is...

Page 96: ...rted values are 0 240 For example 16 32 etc Default value is 128 link type point to point shared auto Controls whether the port connects to a point to point LAN rather than to a shared medium Default...

Page 97: ...t_1 mst configuration instance interface port_type v_port_type_list_2 Parameter Description Parameter summary STP summary active STP active interfaces interface port_type Choose port and type in Gigab...

Page 98: ...9 9 1 2 Port Configuration Description Configure port mirroring parameters monitor session session_number destination interface port_type di_list source interface port_type si_list both rx tx cpu bot...

Page 99: ...arameter Description Examples config monitor session 1 source interface GigabitEthernet 1 1 5 rx config monitor session 1 Disable MAC address learning to the port used to mirror the traffic of the mon...

Page 100: ...n Gi 1 6 Enabled Auto Yes Down Gi 1 7 Enabled Auto Yes Down Gi 1 8 Enabled Auto Yes Down 9 10 4 Interface Capabilities show interface GigabitEthernet 1 1 capabilities GigabitEthernet 1 1 Capabilities...

Page 101: ...Priority 2 0 Rx Priority 3 0 Tx Priority 3 0 Rx Priority 4 0 Tx Priority 4 0 Rx Priority 5 0 Tx Priority 5 0 Rx Priority 6 0 Tx Priority 6 0 Rx Priority 7 0 Tx Priority 7 45082 Rx Drops 0 Tx Drops 0...

Page 102: ...llection of information organized hierarchically and used to manage network devices such as router and switches in a communication network MIB is most often associated and managed using the SNMP The s...

Page 103: ...ble from the switch NOS The gz upgrade file provided by Kontron was downloaded on the server 10 2 1 Reset and Restore Switch 10 2 1 1 Reload Cold Description Command switch to perform software reset t...

Page 104: ...escription Parameter Default N A Mode EXEC Usage Use this command to restore to factory default Examples reload defaults 10 2 2 Switch Configuration 10 2 2 1 Download Switch Configuration to TFTP Serv...

Page 105: ...flash test1 Example 2 upload configuration file test to running configuration copy tftp 192 168 0 40 test running config 10 2 2 3 Activate One of the Already Stored Configuration Files Description Se...

Page 106: ...ing they should be percent encoded Default N A Mode EXEC Usage Use this command to upgrade switch software version Examples Example download switch new software version from TFTP Server firmware upgra...

Page 107: ...warranty period Follow these steps before returning any product to Kontron 1 Visit the RMA Information website http www kontron com support and services support rma information Download the RMA Reque...

Page 108: ...the statutory accident liability obligations in the event of damage caused to the product due to failure to observe the following General safety instructions for IT equipment within this user guide Wa...

Page 109: ...t Emitting Diode LPS Limited Power Source MAC Media Access Control MDI Medium Dependent Interface MDIX Medium Dependent Interface cross over MIB Management Information Base MLD Multicast Listener Disc...

Page 110: ...T and Industry 4 0 applications With its standard products and tailor made solutions based on highly reliable state of the art embedded technologies Kontron provides secure and innovative applications...

Reviews:

No comments