manualshive.com logo in svg

KTI Networks KGS-2416, User Manual

The KTI Networks KGS-2416 is a versatile networking device that allows for streamlined data transmission. To maximize its potential, it is essential to have the comprehensive User Manual at hand. You can easily download the free manual from our website, ensuring a smooth setup and operation of the KGS-2416.

Share
Download
background image

 

 

152

3-10. 802.1X Configuration 

802.1X port-based network access control provides a method to restrict 

users to access network resources via authenticating user’s information. This 
restricts users from gaining access to the network resources through a 802.1X-
enabled port without authentication. If a user wishes to touch the network through a 
port under 802.1X control, he (she) must firstly input his (her) account name for 
authentication and waits for gaining authorization before sending or receiving any 
packets from a 802.1X-enabled port. 

Before the devices or end stations can access the network resources through 

the ports under 802.1X control, the devices or end stations connected to a 
controlled port send the authentication request to the authenticator, the 
authenticator pass the request to the authentication server to authenticate and verify, 
and the server tell the authenticator if the request get the grant of authorization for 
the ports.  

According to IEEE802.1X, there are three components implemented. They 

are Authenticator, Supplicant and Authentication server shown in Fig. 3-53. 

Supplicant:  

It is an entity being authenticated by an authenticator. It is used to 
communicate with the Authenticator 

PAE (Port Access Entity)

 by 

exchanging the authentication message when the Authenticator PAE 
request to it. 

Authenticator:  

An entity facilitates the authentication of the supplicant entity. It controls 
the state of the port, authorized or unauthorized, according to the result 
of authentication message exchanged between it and a supplicant PAE. 

The authenticator may request the supplicant to re-authenticate itself at a 
configured time period. Once start re-authenticating the supplicant, the 
controlled port keeps in the authorized state until re-authentication fails. 

A port acting as an authenticator is thought to be two logical ports, a 
controlled port and an uncontrolled port. A controlled port can only pass 
the packets when the authenticator PAE is authorized, and otherwise, an 
uncontrolled port will unconditionally pass the packets with PAE group 
MAC address, which has the value of 01-80-c2-00-00-03 and will not be 
forwarded by MAC bridge, at any time. 

Authentication server: 

 

A device provides authentication service, through EAP, to an 

authenticator by using authentication credentials supplied by the 
supplicant to determine if the supplicant is authorized to access the 
network resource. 

Summary of Contents for KGS-2416

Page 1: ... ag ge ed d 2 24 4 P Po or rt t G Gi ig ga ab bi it t E Et th he er rn ne et t S Sw wi it tc ch h w wi it th h 2 24 4 S SF FP P F Fi ib be er r S Su up pp po or rt t U Us se er r s s M Ma an nu ua al l DOC 090920 ...

Page 2: ......

Page 3: ...fective warranty period the media may be returned to Manufacture then Manufacture will replace the media Manufacture shall not be responsible for the replacement of media if the failure of the media results from accident abuse or misapplication of the media EXCLUSIONS The warranty as mentioned above does not apply to the Software which 1 customer does not comply with the manual instructions offere...

Page 4: ......

Page 5: ...t Agent of SW24GF 20 2 1 4 1 Configuring the Management Agent of SW24GF through the Serial RS 232 Port 21 2 1 4 2 Configuring the Management Agent of SW24GF through the Ethernet Port 23 2 1 5 IP Address Assignment 24 2 2 TYPICAL APPLICATIONS 29 3 OPERATION OF WEB BASED MANAGEMENT 31 3 1 WEB MANAGEMENT HOME OVERVIEW 32 3 1 1 System Information 35 3 1 2 Account Configuration 37 3 1 3 Time Configurat...

Page 6: ... 1X CONFIGURATION 152 3 10 1 Server 157 3 10 2 Port Configuration 159 3 10 3 Status 162 3 10 4 Statistics 163 3 11 TRUNKING CONFIGURATION 164 3 11 1 Port 166 3 11 2 Aggregator View 168 3 11 3 ACP System Priority 169 3 12 STP CONFIGURATION 170 3 12 1 Status 170 3 12 2 Configuration 172 3 12 3 STP Port Configuration 174 3 13 MSTP 177 3 13 1 Status 177 3 13 2 Region Config 178 3 13 3 Instance View 17...

Page 7: ... EXPORT IMPORT 212 3 21 DIAGNOSTICS 213 3 21 1 Diag 213 3 21 2 Ping 214 3 22 MAINTENANCE 215 3 22 1 Reset Device 215 3 22 2 Software Upload 215 3 23 LOGOUT 216 4 OPERATION OF CLI MANAGEMENT 217 4 1 CLI MANAGEMENT 217 4 1 1 Login 217 4 2 COMMANDS OF CLI 219 4 2 1 Global Commands of CLI 220 4 2 2 Local Commands of CLI 226 5 MAINTENANCE 310 5 1 RESOLVING NO LINK CONDITION 310 5 2 Q A 310 APPENDIX A T...

Page 8: ...g Addition an arrester between outdoor device and this switch Electronic Emission Notices Federal Communications Commission FCC Statement This equipment has been tested and found to comply with the limits for a class A computing device pursuant to Subpart J of part 15 of FCC Rules which are designed to provide reasonable protection against such interference when operated in a commercial environmen...

Page 9: ...ce and Ethernet ports step by step Many explanations in detail of hardware and software functions are shown as well as the examples of the operation for web based interface and command line interface CLI Overview of this user s manual Chapter 1 Introduction describes the features of SW24GF Chapter 2 Installation Chapter 3 Operation of Web based Management Chapter 4 Operation of CLI Management Chap...

Page 10: ... detect the client idle and cable length to provide different power In this switch Port 1 and Port 8 include two types of media TP and SFP Fiber LC BiDi LC this port supports 10 100 1000Mbps TP or 1000Mbps SFP Fiber with auto detected function 1000Mbps SFP Fiber transceiver is used for high speed connection expansion 1000Mbps LC Multi Mode SFP Fiber transceiver 1000Mbps LC 10km SFP Fiber transceiv...

Page 11: ...s Group 1 2 3 9 Ethernet like MIB RFC 1643 Ethernet MIB RFC 1643 and so on IGMP Snooping Support IGMP version 2 RFC 2236 The function IGMP snooping is used to establish the multicast groups to forward the multicast packet to the member ports and in nature avoid wasting the bandwidth while IP multicast packets are running over the network IGMP Proxy The implementation of IP multicast processing The...

Page 12: ...ug tool and enhance the networking management availability Others it can provide auto discovery device and topology providing MVR Multicast VLAN Registration MVR can support carrier to serve content provider using multicast for Video streaming application in the network Each content provider Video streaming has a dedicated multicast VLAN The MVR routes packets received in a multicast source VLAN t...

Page 13: ...0Mbps TP or 1000Mbps SFP Fiber dual media auto sense 1392KB on chip frame buffer Support jumbo frame up to 9K bytes Programmable classifier for QoS Layer 4 Multimedia 8K MAC address and 4K VLAN support IEEE802 1Q Per port shaping policing and Broadcast Storm Control Power Saving with ActiPHY Power Management and Perfect Reach Power Management techniques IEEE802 1Q Q in Q nested VLAN support Full d...

Page 14: ...traffic Supports rapid spanning tree 802 1w RSTP Supports multiple spanning tree 802 1s MSTP Supports 802 1X port security on a VLAN Supports IP MAC Port Binding for LAN security Supports user management and only first login administrator can configure the device The rest of users can only view the switch SNMP access can be disabled and prevent from illegal SNMP access Supports Ingress Non unicast...

Page 15: ...1000Ethernet TP Port 1 to 8 LED LINK ACT Green Lit when connection with remote device is good Blinks when any traffic is present Off when cable connection is not good 10 100 1000Mbps Green Amber Lit green when 1000Mbps speed is active Lit ember when 100Mbps speed is active Off when 10Mbps speed is active 1000SX LX Gigabit Fiber Port 1 24 LED SFP LINK ACT Green Lit when connection with the remote d...

Page 16: ...the following are optional SFP types provided for the switch 1000Mbps LC MM SFP Fiber transceiver 1000Mbps LC SM 10km SFP Fiber transceiver 1000Mbps LC SM 30km SFP Fiber transceiver 1000Mbps LC SM 50km SFP Fiber transceiver 1000Mbps BiDi LC type 1 SM 20km SFP Fiber WDM transceiver 1000Mbps BiDi LC type 2 SM 20km SFP Fiber WDM transceiver 1000Mbps LC SM 10km SFP Fiber transceiver with DDM Fig 1 3 R...

Page 17: ... modules please skip this section Connecting the SFP Module to the Chassis The optional SFP modules are hot swappable so you can plug or unplug it before or after powering on 1 Verify that the SFP module is the right model and conforms to the chassis 2 Slide the module along the slot Also be sure that the module is properly seated against the slot socket connector 3 Install the media cable for net...

Page 18: ... you can start having the switch in operation Power On The switch supports 100 240 VAC 50 60 Hz power supply The power supply will automatically convert the local AC power source to DC power It does not matter whether any connection plugged into the switch or not when power on even modules as well After the power is on all LED indicators will light up immediately and then all off except the power ...

Page 19: ...er the LAN to work poorly 2 1 3 1 Cabling Requirements for TP Ports For Fast Ethernet TP network connection The grade of the cable must be Cat 5 or Cat 5e with a maximum length of 100 meters Gigabit Ethernet TP network connection The grade of the cable must be Cat 5 or Cat 5e with a maximum length of 100 meters Cat 5e is recommended 2 1 3 2 Cabling Requirements for 1000SX LX SFP Module It is more ...

Page 20: ... mode 62 5 125μm Multi mode 50 125μm Modal Bandwidth Distance Modal Bandwidth Distance 160MHz Km 220m 400MHz Km 500m IEEE 802 3z Gigabit Ethernet 1000SX 850nm 200MHz Km 275m 500MHz Km 550m Single mode Fiber 9 125μm Single mode transceiver 1310nm 10Km 1000Base LX LHX XD ZX Single mode transceiver 1550nm 30 50Km TX Transmit 1310nm Single Mode 20Km RX Receive 1550nm TX Transmit 1550nm 1000Base LX Sin...

Page 21: ... 10 10 m TP to fiber Converter 56 Bit Time unit 1ns 1sec 1000 Mega bit Bit Time unit 0 01μs 1sec 100 Mega bit Table 2 2 Sum up all elements bit time delay and the overall bit time delay of wires devices must be within Round Trip Delay bit times in a half duplex network segment collision domain For full duplex operation this will not be applied You may use the TP Fiber module to extend the TP node ...

Page 22: ...pports both port based VLAN and tag based VLAN They are different in practical deployment especially in physical location The following diagram shows how it works and what the difference they are Case2a Port based VLAN See Fig 2 4 1 The same VLAN members could not be in different switches 2 Every VLAN members could not access VLAN members each other 3 The switch manager has to assign different nam...

Page 23: ...3 members but they could access VLAN4 members 3 VLAN3 members could not access VLAN1 VLAN2 and VLAN4 4 VLAN4 members could not access VLAN1 and VLAN3 members but they could access VLAN2 members Case3a The same VLAN members can be at different switches with the same VID See Fig 2 6 Fig 2 5 Port based VLAN Diagram Fig 2 6 Attribute based VLAN Diagram ...

Page 24: ...m to monitor and configure the switch You can touch them through the following procedures Section 2 1 4 1 Configuring the Management Agent of SW24GF through the Serial RS 232 Port Section 2 1 4 2 Configuring the Management Agent of SW24GF through the Ethernet Port Note Please first modify the IP address Subnet mask Default gateway and DNS through RS 232 console and then do the next ...

Page 25: ...on Null Modem Cable Specifications 2 Attaches the DB 9 female cable connector to the male serial RS 232 DB 9 connector on the switch 3 Attaches the other end of the serial RS 232 DB 9 cable to PC s serial port running a terminal emulator supporting VT100 ANSI terminal with The switch s serial port default settings For example Windows98 2000 XP HyperTerminal utility Note The switch s serial port de...

Page 26: ...ask is 255 255 255 0 You can change the switch s default IP address 192 168 1 1 to 10 1 1 1 and set the subnet mask to be 255 255 255 0 Then choose your default gateway may be it is 10 1 1 254 Default Value SW24GF Your Network Setting IP Address 192 168 1 1 10 1 1 1 Subnet 255 255 255 0 255 255 255 0 Default Gateway 192 168 1 254 10 1 1 254 Table 2 3 After completing these settings in the switch i...

Page 27: ...h Then follow the procedures listed below 1 Set up a physical path between the configured the switch and a PC by a qualified UTP Cat 5 cable with RJ 45 connector Note If PC directly connects to the switch you have to setup the same subnet mask between them But subnet mask may be different for the PC in the remote site Please refer to Fig 2 9 about the switch s default IP address information 2 Run ...

Page 28: ...here the addressed host resides and the latter indicates the individual host in the network which the address of host refers to And the host identifier must be unique in the same LAN Here the term of IP address we used is version 4 known as IPv4 Network identifier Host identifier Fig 2 11 IP address structure With the classful addressing it divides IP address into three classes class A class B and...

Page 29: ... 4 MSB Most significance bit set to 1 1 1 0 and is used for IP Multicast See also RFC 1112 Class E is a class with first 4 MSB set to 1 1 1 1 and is used for IP broadcast According to IANA Internet Assigned Numbers Authority there are three specific IP address blocks reserved and able to be used for extending internal network We call it Private IP address and list below Class A 10 0 0 0 10 255 255...

Page 30: ...ss B network the third byte is used to identify the subnet within this class B network and of course the last byte is the host number Not all IP address is available in the sub netted network Two special addresses are reserved They are the addresses with all zero s and all one s host number For example an IP address 128 1 2 128 what IP address reserved will be looked like All 0s mean the network i...

Page 31: ... to have more than two independent networks in a worknet a partition to the network must be performed In this case subnet mask must be applied For different network applications the subnet mask may look like 255 255 255 240 This means it is a small network accommodating a maximum of 15 nodes in the network Default gateway For the routed packet if the destination is not in the routing table all the...

Page 32: ... x is allowable in this case DNS The Domain Name Server translates human readable machine name to IP address Every machine on the Internet has a unique IP address A server generally has a static IP address To connect to a server the client needs to know the IP of the server However user generally uses the name to connect to the server Thus the switch DNS client program such as a browser will ask t...

Page 33: ...ease refer to Appendix A The switch is suitable for the following applications Central Site Remote site application is used in carrier or ISP See Fig 2 13 Peer to peer application is used in two remote offices See Fig 2 14 Office network See Fig 2 15 Fig 2 13 is a system wide basic reference connection diagram This diagram demonstrates how the switch connects with other network devices and hosts F...

Page 34: ...30 Fig 2 15 Office Network Connection Fig 2 14 Peer to peer Network Connection ...

Page 35: ... login process now is completed Just click the link of Forget Password in WebUI See Fig 3 1 or input Ctrl Z in CLI s login screen See Fig 4 1 4 2 in case the user forgets the manager s password Then the system will display a serial No for the user Write down this serial No and contact your vendor the vendor will give you a temporary password Use this new password as ID and Password and it will all...

Page 36: ...he switch shows you the system information as Fig 3 2 This page is default and tells you the basic information of the system including Model Name System Description Location Contact Device Name System Up Time Current Time BIOS Version Firmware Version Hardware Mechanical Version Serial Number Host IP Address Host Mac Address Device Port RAM Size and Flash Size With this information you will know t...

Page 37: ...us and bandwidth rating for egress and ingress respectively On the left top corner there is a pull down list for Auto Logout For the sake of security we provide auto logout function to protect you from illegal user as you are leaving If you do not choose any selection in Auto Logout list it means you turn on the Auto Logout function and the system will be logged out automatically when no action on...

Page 38: ...34 Port MAC QoS System VLAN GVRP SNMP ACL Root IP MAC Binding 802 1X Trunk STP MSTP Mirroring Multicast Alarm DHCP Snooping LLDP Save Restore Export Imports Diagnostics Maintenance Logout ...

Page 39: ... is this tells what this device is Here it is L2 Plus Managed Switch Location Basically it is the location where this switch is put User defined Contact For easily managing and maintaining device you may write down the contact person and phone here for getting help soon You can configure this parameter through the device s user interface or SNMP Device name The name of the switch User defined Defa...

Page 40: ...rsion The version of Hardware and Mechanical The figure before the hyphen is the version of electronic hardware the one after the hyphen is the version of mechanical Serial number The serial number is assigned by the manufacturer Host IP address The IP address of the switch Host MAC address It is the Ethernet MAC address of the management agent in this switch Device Port Show all types and numbers...

Page 41: ...switch provides manual and automatic ways to set the system time via NTP Manual setting is simple and you just input Year Month Day Hour Minute and Second within the valid value range indicated in each item If you input an invalid value for example 61 in minute the switch will clamp the figure to 59 NTP is a well known protocol used to synchronize the clock of the switch system time over a network...

Page 42: ... 1 Hour 0 Minute 0 Second 0 NTP NTP is Network Time Protocol and is used to sync the network time based Greenwich Mean Time GMT If use the NTP mode and select a built in NTP time server or manually specify an user defined NTP server as well as Time Zone the switch will sync the time in a short after pressing Apply button Though it synchronizes the time automatically NTP does not update the time pe...

Page 43: ...p one hour The zero for this parameter means it need not have to adjust current time equivalent to in act daylight saving You don t have to set the starting ending date as well If you set daylight saving to be non zero you have to set the starting ending date as well otherwise the daylight saving function will not be activated Default for Daylight Saving 0 The following parameters are configurable...

Page 44: ...Parameter description DHCP Setting DHCP is the abbreviation of Dynamic Host Configuration Protocol Here DHCP means a switch to turn ON or OFF the function The switch supports DHCP client used to get an IP address automatically if you set this function Enable When enabled the switch will issue the request to the DHCP server resided in the network to get an IP address If DHCP server is down or does ...

Page 45: ...d Network address Subnet mask number and host address It is shown in the following figure This reduces the total IP number of a network able to support by the amount of 2 power of the bit number of subnet number 2 bit number of subnet number Subnet mask is used to set the subnet mask value which should be the same value as that of the other devices resided in the same network it attaches For more ...

Page 46: ... specify a DNS IP address for the switch With this the switch can translate a mnemonic name address into an IP address There are two ways to specify the IP address of DNS One is fixed mode which manually specifies its IP address the other is dynamic mode which is assigned by DHCP server while DHCP is enabled DNS can help you easily remember the mnemonic address name with the meaningful words in it...

Page 47: ...n name Loop Detection Function description Display whether switch open Loop detection Fig 3 8 Parameter description Port No Display the port number The number is 1 24 Detection Port Enable When Port No is chosen and enable port s Loop detection the port can detect loop happens When Port No is chosen enable port s Loop detection and the port detects loop happen port will be Locked If Loop did not h...

Page 48: ...n inside of the accepting range Accept Deny Accept Deny Accept Rule 3 When only deny lists exist then it will accept all connections excluding the connection inside of the denying range Deny Accept Deny Accept Deny Rule 4 When both accept and deny lists exist then it will deny all connections excluding the connection inside of the accepting range Accept Deny Deny Deny Accept Rule 5 When both accep...

Page 49: ... which VLAN VID is able to be accepted or denied by the switch the IP range of the user could be accepted or denied by the switch the port that the user is allowed or not allowed to connect with the switch or the way of controlling and connecting to the switch via Http Telnet or SNMP Fig 3 9 Fig 3 10 Add A new entry of Management Security Configuration can be created after the parameters as mentio...

Page 50: ... Custom Default is Any You can select the ports that you would like them to be worked and restricted in the management security configuration if Custom had been chosen Access Type The switch supports two kinds of options for managed valid Access Type including Any and Custom Default is Any Http Telnet and SNMP are three ways for the access and managing the switch in case that Custom had been chose...

Page 51: ...g Function description The Trap Log Data is displaying the log items including all SNMP Private Trap events SNMP Public traps and user logs occurred in the system In the report table No Time and Events are three fields contained in each trap record Fig 3 11 Parameter description No Display the order number that the trap happened Time Display the time that the trap happened Desc Displays a descript...

Page 52: ...in the same window without the login of these devices The most top left button is only for Master Device See Fig 3 9 The background color of the button you press will be changed to represent that the device is under your management Note It will remove the grouping temporarily in case that you login the switch via the console The device of the group will be shown as station address the last number ...

Page 53: ...able Role The role that the switch would like to play in virtual stack Two types of roles including master and slave are offered for option Default is Master Group ID It is the group identifier GID which signs for VSM Valid letters are A Z a z 0 9 and _ characters The maximal length is 15 characters ...

Page 54: ...ort Configuration Simple Counter and Detail Counter are contained in this function folder for port monitor and management Each of them will be described in detail orderly in the following sections Configuration Status Simple Counter Detail Counter Port Configuration ...

Page 55: ...s configuration function you can set reset the following functions All of them are described in detail below Function name Port Configuration Function description It is used to set each port s operation mode The switch supports 3 parameters for each port They are state mode and flow control Fig 3 12 ...

Page 56: ... can send PAUSE frame to the transmitting device s if the receiving port is too busy to handle When it is set Disable there will be no flow control in the port It drops the packet if too much to handle Maximum Frame This module offers 1518 9600 Bytes length to make the long packet Excessive Collision Mode There are two modes to choose when excessive collision happens in half duplex condition as be...

Page 57: ... duplex Rx Pause and Tx Pause An extra media type information for the module ports 1 and 8 is also offered See Fig 3 14 Fig 3 13 Function name Port Status Function Description Report the latest updated status of all ports in this switch When any one of the ports in the switch changes its parameter displayed in the page it will be automatically refreshed the port current status about every 5 second...

Page 58: ...pported is half duplex and full duplex If the media is 1Gbps fiber it is 1000Mbps supported only The status of speed duplex mode is determined by 1 the negotiation of both local port and link partner in Auto Speed mode or 2 user setting in Force mode The local port has to be preset its capability Default None depends on the result of the negotiation Flow Control Show each port s flow control statu...

Page 59: ...is assigned by IEEE Vendor Name Display the company name of the module manufacturer Vendor P N Display the product name of the naming by module manufacturer Vendor Rev Revision Display the module revision Vendor SN Serial Number Show the serial number assigned by the manufacturer Date Code Show the date this SFP module was made Temperature Show the current temperature of SFP module Vcc Show the wo...

Page 60: ...unting The data is updated every time interval defined by the user The Refresh Interval is used to set the update frequency Function name Simple Counter Function description Display the summary counting of each port s traffic including Tx Byte Rx Byte Tx Packet Rx Packet Tx Collision and Rx Error Packet Fig 3 15 Parameters description Packet Transmit The counting number of the packet transmitted R...

Page 61: ...ransmit Number of packets transmitted drop Receive Number of packets received drop Auto refresh The simple counts will be refreshed automatically on the UI screen Refresh The simple counts will be refreshed manually when user use mouse to click on Refresh button Clear The simple counts will be reset to zero when user use mouse to click on Clear button ...

Page 62: ...he counting is overflow the counter will be reset and restart counting The data is updated every time interval defined by the user The valid range is 3 to 10 seconds The Refresh Interval is used to set the update frequency Default update time is 3 seconds Function name Detail Counter Function description Display the detailed counting number of each port s traffic In the Fig 3 14 the window can sho...

Page 63: ...ng number of the transmitted multicast packet Rx 64 Bytes Number of 64 byte frames in good and bad packets received Rx 65 127 Bytes Number of 65 126 byte frames in good and bad packets received Rx 128 255 Bytes Number of 127 255 byte frames in good and bad packets received Rx 256 511 Bytes Number of 256 511 byte frames in good and bad packets received Rx 512 1023 Bytes Number of 512 1023 byte fram...

Page 64: ...bytes with invalid CRC Rx Jabber Number of long frames according tomax_length register with invalid CRC Rx Drops Frames dropped due to the lack of receiving buffer Rx Errors Number of the error packet received Tx Collisions Number of collisions transmitting frames experienced Tx Drops Number of frames dropped due to excessive collision late collision or frame aging Tx FIFO Drops Number of frames d...

Page 65: ... Function name Power Saving Function description The function using ActiPHY Power Management and Perfect Reach Power Management to save the switch s power consumption Fig 3 16 1 Parameter description Power Saving The parameter will enable or disable to verify switches have the ability to consider the length of any Ethernet cable connected for adjustment of power usage accordingly Shorter lengths r...

Page 66: ... of them by pulling down list and selecting an item Then click Apply button the settings will take effect immediately Fig 3 17 Parameter description VLAN Mode Port based Port based VLAN is defined by port Any packet coming in or outgoing from any one port of a port based VLAN will be accepted No filtering criterion applies in port based VLAN The only criterion is the physical port you connect to F...

Page 67: ...ch LAN segment will be isolated The fixed segment ports mapping as below Segment Forwarding Port Mapping 1 Port 01 ÅÆ Port 09 2 Port 02 ÅÆ Port 10 3 Port 03 ÅÆ Port 11 4 Port 04 ÅÆ Port 12 5 Port 05 ÅÆ Port 13 6 Port 06 ÅÆ Port 14 7 Port 07 ÅÆ Port 15 8 Port 08 ÅÆ Port 16 9 Port 17 ÅÆ Port 18 10 Port 19 ÅÆ Port 20 11 Port 21 ÅÆ Port 22 12 Port 23 ÅÆ Port 24 Segment B The Segment B mode is a specia...

Page 68: ...AN tag or un tag frames The L2 PDU will be passed through between two ports in the same LAN segment Including STP MSTP GVRP LACP Except 802 3X Pause Frame Notice The following L2 switch functions can not work with LAN segmentation mode at the same time z GVRP z MSTP RSTP STP z IGMP Proxy and IGMP Snooping z DHCP Snooping z IP MAC Binding z LACP and Static Port Link Aggregation z IEEE 802 1X ...

Page 69: ...ost messages on behalf of hosts that the system discovered through standard IGMP interfaces The system acts as a proxy for its hosts This switch can be set IGMP function Enable or Disable by VLAN group If the VLAN group IGMP proxy is disabled the switch will stop the exchange of IGMP messages in the VLAN group members If the VLAN group IGMP proxy is enabled the switch will support the exchange of ...

Page 70: ...unction and choose the member by ticking the check box beside the port No then press the Apply button to have the setting taken effect Fig 3 19 Delete Group Just press the Delete button to remove the selected group entry from the Tag based group table Fig 3 20 Note If you need use PVLAN Private VLAN function on Switch then you need follow up the process as below a Create a VLAN as primary VLAN and...

Page 71: ...unction buttons User can add a new VLAN group by inputting a new VLAN name Fig 3 21 Parameter description VLAN Name The name defined by administrator is associated with a VLAN group Valid letters are A Z a z 0 9 and _ characters The maximal length is 15 characters Member Port This is used to enable or disable if a port is a member of the new added VLAN Enable means it is a member of the VLAN Just ...

Page 72: ...and choose the member by ticking the check box beside the port No then press the Apply button to have the setting taken effect Fig 3 22 Delete Group Just press the Delete button to remove the selected group entry from the Port based group table Fig 3 23 ...

Page 73: ...ing Rule 1 is forward only packets with VID matching this port s configured VID The Ingress Filtering Rule 2 is drop untagged frame You can also select the Role of each port as Access Trunk or Hybrid Fig 3 24 Parameter description Port 1 24 Port number VLAN Aware Based on IEEE 802 1Q VLAN tag to forward packet Ingress Filtering Discard other VLAN group packets only forward this port joined VLAN gr...

Page 74: ...ve double VLAN tags one will be dropped and the other will still be left As to Hybrid it is similar to Trunk and both of them will tag out When the port is set to Hybrid its packets will be untagged out if the VID of the outgoing packets with tag is the same as the one in the field of Untag VID of this port Untag VID Valid range is 1 4094 It works only when Role is set to Hybrid Double Tag Double ...

Page 75: ...packet The method for isolating ports on a layer 2 switch comprises configuring each of the ports on the layer 2 switch as a protected port or a non protected port A destination address on an data packet is matched with a physical address on said layer 2 switch and a forwarding map is generated for the data packet based upon the destination address on the data packet The data packet is then sent t...

Page 76: ...72 3 3 6 Management Function name Management Function description To assign a specific VLAN for management purpose Fig 3 25 Parameter description VID Specific Management VLAN ID ...

Page 77: ...ddress Age out Time will be removed from the MAC Table The range of Age out Time is 10 1000000 seconds and the setup of this time will have no effect on static MAC addresses In addition the learning limit of MAC maintenance is able to limit the amount of MAC that each port can learn Fig 3 26 Parameter description Aging Time Delete a MAC address idling for a period of time from the MAC Table which ...

Page 78: ...his port MAC address dynamic learning mechanism only support static MAC address setting Secure Disable this port MAC address dynamic learning mechanism and copy the dynamic learning packets to CPU Save Save MAC Address Table configuration Reset Reset MAC Address Table configuration ...

Page 79: ...n the table by filling in MAC Address VID VLAN ID and Alias fields individually User also can delete the existed entry by clicking Delete button Fig 3 27 Parameter description MAC It is a six byte long Ethernet hardware address and usually expressed by hex and separated by hyphens For example 00 40 C7 D6 00 02 VID VLAN identifier This will be filled only when tagged VLAN is applied Valid range is ...

Page 80: ... MAC address will be forwarded to this port For adding a MAC address entry in the allowed table you just need to fill in four parameters MAC address associated port VID and Alias Just select the existed MAC address entry you want and click Delete button you also can remove it Fig 3 28 Parameter description MAC It is a six byte long Ethernet hardware address and usually expressed by hex and separat...

Page 81: ...Alias Edit and MAC Alias Delete You can click Create Edit button to add modify a new or an existed alias name for a specified MAC address or mark an existed entry to delete it Alias name must be composed of A Z a z and 0 9 only and has a maximal length of 15 characters Fig 3 29 Parameter description MAC Address It is a six byte long Ethernet hardware address and usually expressed by hex and separa...

Page 82: ... VLAN identifier This will be filled only when tagged VLAN is applied Valid range is 1 4094 MAC address Display the MAC address of one entry you selected from the searched MAC entries table Port The port that exists in the searched MAC Entry Refresh Refresh function can help you to see current MAC Table status Clear To clear the selected entry Previous Page Move to the previous page Next Page Move...

Page 83: ...P GVRP state machine maintain the contents of Dynamic VLAN Registration Entries for each VLAN and propagate these information to other GVRP aware devices to setup and update their knowledge database the set of VLANs associated with currently active members and through which ports these members can be reached In GVRP Configuration function folder there are three functions supported including GVRP C...

Page 84: ...o modes normal participant and non participant provided for the user s choice Normal It is Normal Participant In this mode the switch participates normally in GARP protocol exchanges The default setting is Normal Non Participant It is Non Participant In this mode the switch does not send or reply any GARP messages It just listens messages and reacts for the received GVRP BPDU Default Registrar Mod...

Page 85: ...led In this mode the switch dynamic VLAN will be created when this port received GVRP PDU The default setting is Normal Enabled In this mode the switch does not create dynamic VLAN when this port received GVRP PDU Except received dynamic VLAN message of the GVRP PDU is an existed static VLAN in the switch this port will be added into the static VLAN members dynamically ...

Page 86: ...application Invalid GVRP Packets Number of invalid GARP BPDU is received by the GARP application LeaveAll Message Packets Number of GARP BPDU with Leave All message is received by the GARP application JoinEmpty Message Packets Number of GARP BPDU with Join Empty message is received by the GARP application JoinIn Message Packets Number of GARP BPDU with Join In message is received by the GARP appli...

Page 87: ...mber of GARP BPDU with Leave All message is transmitted by the GARP application JoinEmpty Message Packets Number of GARP BPDU with Join Empty message is transmitted by the GARP application JoinIn Message Packets Number of GARP BPDU with Join In message is transmitted by the GARP application LeaveEmpty Message Packets Number of GARP BPDU with Leave Empty message is transmitted by the GARP applicati...

Page 88: ...description VID VLAN identifier When GVRP group creates each dynamic VLAN group owns its VID Valid range is 1 4094 Member Port Those are the members belonging to the same dynamic VLAN group Edit Administrative Control When you create GVRP group you can use Administrative Control function to change Applicant Mode and Registrar Mode of GVRP group member ...

Page 89: ... congestion control guarantees to the frame according to what was configured for that specific QoS class The switch support advanced memory control mechanisms providing excellent performance of all QoS classes under any traffic scenario including jumbo frame A super priority queue with dedicated memory and strict highest priority in the arbitration The ingress super priority queue allows traffic r...

Page 90: ... User priority The user priority value 0 7 3 bits is used as an index to the eight QoS class values for VLAN tagged or priority tagged frames Queuing Mode There are two Scheduling Method Strict Priority and Weighted Fair Default is Strict Priority After you choose any of Scheduling Method please click Apply button to be in operation Queue Weighted There are four queues per port and four classes we...

Page 91: ... queues per port with strict or weighted fair queuing scheduling There are 24 QoS Control Lists QCL for advance programmable QoS classification based on IEEE 802 1p Ether Type VID IPv4 IPv6 DSCP and UDP TCP ports and ranges Fig 3 35 Delete this entry Insert an entry Edit this entry Move up this entry Move down this entry ...

Page 92: ...t to the bottom of the list for a match The first matching QCE determines the QoS classification of the frame The QCE ordering is therefore important for the resulting QoS classification algorithm If no matching QCE is found the default QoS class is used in the port QoS configuration Fig 3 36 Fig 3 37 Fig 3 38 ...

Page 93: ...89 Fig 3 39 Fig 3 40 Fig 3 41 ...

Page 94: ... Well known protocols already assigned Ether Type values The commonly used values in the Ether Type field and corresponding protocols are listed below Ether type Hexadecimal Protocol 0x0800 IP Internet Protocol 0x0801 X 75 Internet 0x0802 NBS Internet 0x0803 ECMA Internet 0x0804 Chaos net 0x0805 X 25 Level 3 0x0806 ARP Address Resolution Protocol 0x0808 Frame Relay ARP RFC1701 ...

Page 95: ...net Protocol version 6 0x880B PPP Point to Point Protocol 0x 880C GSMP General Switch Management Protocol 0x8847 MPLS Multi Protocol Label Switching unicast 0x8848 MPLS Multi Protocol Label Switching multicast 0x8863 PPPoE PPP Over Ethernet Discovery Stage 0x8864 PPPoE PPP Over Ethernet PPP Session Stage 0x88BB LWAPP Light Weight Access Point Protocol 0x88CC LLDP Link Layer Discovery Protocol 0x8E...

Page 96: ...0 65535 You can refer to following UDP TCP port numbers information http www iana org assignments port numbers UDP TCP Port No The configurable specific port value 0 65535 DSCP Value The configurable DSCP value 0 63 Traffic Class Low Normal Medium High ...

Page 97: ...policer and an egress shaper which can limit the bandwidth of received and transmitted frames Ingress policer or egress shaper operation is controlled per port in the Rate Limit Configuration Fig 3 43 Parameter description Port Port number Policer Enabled Policer enabled to limit ingress bandwidth by policer rate ...

Page 98: ...cer Unit There are two units for ingress policer rate limit kbps Mbps Shaper Enabled Shaper enabled to limit egress bandwidth by shaper rate Shaper Rate The configurable shaper rate range 500 Kbps 1000000 Kbps 1 Mbps 1000 Mbps Shaper Unit There are two units for egress shaper rate limit kbps Mbps ...

Page 99: ... to prevent storm event happen Fig 3 44 Parameter description Frame Type There three frame types of storm can be controlled Flooded unicast Multicast Broadcast Status Enable Disable Selection means enabled means disabled Rate pps Refer to the following rate configurable value list the unit is Packet Per Second pps 1 2 4 8 16 32 64 128 256 512 1K 2K 4K 8K 16K 32K 64K 128K 256K 512K 1024K ...

Page 100: ...er can apply these application easily Fig 3 45 Parameter description Please select an Action User need to select one of action from following items then click on Next to finish QCL configuration Set up Port Policies Set up Typical Network Application Rules Set up TOS Precedence Mapping Set up VLAN Tag Priority Mapping Next Go to next step Cancel Abort current configuration back to previous step Ba...

Page 101: ... 24 Fig 3 47 Set up Port Policies Parameter description Wizard Again Click on the Wizard Again back to QCL Configuration Wizard Finish When you click on Finish the parameters will be set according to the wizard configuration and shown on the screen then ask you to click on Apply for changed parameters confirmation ...

Page 102: ...98 Fig 3 48 Set up Port Policies Finish Fig 3 49 Set up Typical Network Application Rules Fig 3 50 Set up Typical Network Application Rules ...

Page 103: ...Audio Games Blizzard Battlenet Diablo2 and StarCraft Fighter Ace II Quake2 Quake3 MSN Game Zone User Definition Ethernet Type VLAN ID UDP TCP Port DSCP Ethernet Type Value Type Range 0x600 0xFFFF VLAN ID VLAN ID Range 1 4094 UDP TCP Port Two Mode Range Specific UDP TCP Port Range Port Range 0 65535 UDP TCP Port No Port Range 0 65535 DSCP Value DSCP Value Range 0 63 ...

Page 104: ...Fig 3 52 Set up Typical Network Application Rules Parameter description QCL ID QCL ID Range 1 24 Traffic Class There are four classes Low Normal Medium High Fig 3 53 Set up Typical Network Application Rules ...

Page 105: ...101 Fig 3 54 Set up Typical Network Application Rules Finish Fig 3 55 Set up Typical Network Application Rules Finish ...

Page 106: ...102 Fig 3 56 Set up Typical Network Application Rules Finish Parameter description QCL QoS Control List QCL 1 24 Fig 3 57 Set up TOS Precedence Mapping ...

Page 107: ...103 Parameter description QCL ID QoS Control List QCL 1 24 TOS Precedence 0 7 Class Low Normal Medium High Fig 3 58 Set up TOS Precedence Mapping Fig 3 59 Set up TOS Precedence Mapping Finish ...

Page 108: ...104 Fig 3 60 Set up VLAN Tag Priority Mapping Parameter description QCL ID QoS Control List QCL 1 24 Tag Priority 0 7 Class Low Normal Medium High Fig 3 61 Set up VLAN Tag Priority Mapping ...

Page 109: ...105 Fig 3 62 Set up VLAN Tag Priority Mapping Finish ...

Page 110: ...t will be started up All supported MIB OIDs including RMON MIB can be accessed via SNMP manager If the field SNMP is set Disable SNMP agent will be de activated the related Community Name Trap Host IP Address Trap and all MIB counters will be ignored Function name SNMP Configuration Function description This function is used to configure SNMP settings community name trap host and public traps as w...

Page 111: ...y name for Trap public Default Set function Enable Default trap host IP address 0 0 0 0 Default port number 162 Trap In the switch there are 6 trap hosts supported Each of them has its own community name and IP address is user definable To set up a trap host means to create a trap manager by assigning an IP address to host the trap message In other words the trap host is a network management unit ...

Page 112: ...an be applied to any port This makes it very easy to determine what type of ACL policy you will be working with 3 8 1 Ports Function name ACL Port Configuration Function description The switch ACL function support up to 128 Access Control Entries ACEs using the shared 128 ACEs for ingress classification You can create an ACE and assign this ACE for each port with Any or assign this ACE for a polic...

Page 113: ...6 To select one of rate limiter ID for this port it will limit met ACL packets by rate limiter ID configuration Port Copy Disabled Disable to copy the met ACL packets to specific port Port number 1 24 Copy the met ACL packets to the selected port Counter The counter will increase from initial value 0 when this port received one of the met ACL packet the counter value will increase 1 ...

Page 114: ...tion There are 16 rate limiter ID You can assign one of the limiter ID for each port The rate limit configuration unit is Packet Per Second pps Fig 3 65 Parameter description Rate Limiter ID ID Range 1 16 Rate pps 1 2 4 8 16 32 64 128 256 512 1K 2K 4K 8K 16K 32K 64K 128K 256K 512K 1024K ...

Page 115: ...select one of policy then decides which of the Permit Deny Rate Limitation and Port Copy actions would take according to the ACL configuration packet s IPv4 Ether Type ARP Protocol MAC Parameters and VLAN parameters Parameter description Ingress Port Configurable Range Any Policy 1 8 Port 1 24 Any Apply this ACE rule for each port ingress classification Policy 1 8 Apply this ACE rule for specific ...

Page 116: ...112 Fig 3 67 Ingress Port Fig 3 68 ...

Page 117: ... Any Ethernet Type ARP IPv4 Any It is including all frame type Ethernet Type It is including all Ethernet frame type ARP It is including all ARP protocol frame type IPv4 It is including all IPv4 protocol frame type Fig 3 69 Frame Type Fig 3 70 ...

Page 118: ...114 Fig 3 71 Fig 3 72 Fig 3 73 ARP ...

Page 119: ...115 Fig 3 74 ARP Fig 3 75 ARP Fig 3 76 ARP Fig 3 77 ARP ...

Page 120: ...116 Fig 3 78 ARP Fig 3 79 ARP Fig 3 80 ARP Fig 3 81 ARP ...

Page 121: ...117 Fig 3 82 ARP Fig 3 83 ARP Fig 3 84 ARP Fig 3 85 ARP Fig 3 86 ARP ...

Page 122: ...118 Fig 3 87 IPv4 Fig 3 88 IPv4 Fig 3 89 IPv4 ...

Page 123: ...119 Fig 3 90 IPv4 Fig 3 91 IPv4 Fig 3 92 IPv4 Fig 3 93 IPv4 Fig 3 94 IPv4 ...

Page 124: ...120 Fig 3 95 IPv4 Fig 3 96 IPv4 Fig 3 97 IPv4 Fig 3 98 IPv4 Fig 3 99 IPv4 ...

Page 125: ...121 Fig 3 100 IPv4 Fig 3 101 IPv4 Fig 3 102 IPv4 ...

Page 126: ...122 Fig 3 103 IPv4 Fig 3 104 IPv4 Fig 3 105 IPv4 ...

Page 127: ...123 Fig 3 106 IPv4 Fig 3 107 IPv4 Fig 3 108 IPv4 ...

Page 128: ...124 Fig 3 109 IPv4 Fig 3 110 IPv4 Fig 3 111 IPv4 ...

Page 129: ...125 Fig 3 112 IPv4 Fig 3 113 IPv4 Fig 3 114 IPv4 ...

Page 130: ...126 Fig 3 115 IPv4 Fig 3 116 IPv4 Fig 3 117 Action ...

Page 131: ...127 Fig 3 118 Rate Limiter Fig 3 119 Port Copy ...

Page 132: ...128 Fig 3 120 DMAC Filter Fig 3 121 VLAN ID Filter Fig 3 122 VLAN ID Filter ...

Page 133: ...py actions would take according to the ACL configuration packet s IPv4 Ether Type ARP Protocol MAC Parameters and VLAN parameters Parameter description Ingress Port Range Any Policy 1 8 Port 1 24 Any Apply this ACE rule for each port ingress classification Policy 1 8 Apply this ACE rule for specific policy Port 1 24 Apply this ACE rule for specific port ingress classification IP Protocol Filter Ra...

Page 134: ...MAC address Specific It is according to DMAC Value specific the destination MAC address MAC Parameters When Frame Type ARP SMAC Filter Range Any Specific Any It is including all source MAC address Specific It is according to SMAC Value specific the source MAC address DMAC Filter Range Any MC BC UC Any It is including all destination MAC address MC It is including all Multicast MAC address BC It is...

Page 135: ...all ARP RARP Request and Reply Request Including all ARP RARP request frames Reply Including all ARP RARP reply frames Sender IP Filter Range Any Host Network Any Including all sender IP address Host Only one specific sender host IP address Network A specific IP subnet segment under the sender IP mask Sender IP Address Default 192 168 1 1 Sender IP Mask Default 255 255 255 0 Target IP Filter Range...

Page 136: ...ting 1 The ingress RARP frames where the Destination MAC address is equal DMAC address under MAC parameter setting IP Ethernet Length Range Any 0 1 Any Both 0 and 1 0 The ingress ARP PARP frames where the Hardware size is not equal 0x6 or the Protocol size is not equal 0x4 1 The ingress ARP PARP frames where the Hardware size is equal 0x6 and the Protocol size is 0x4 IP Range Any 0 1 Any Both 0 an...

Page 137: ... field The flags indicate whether the datagram may be fragmented whether the datagram is fragmented and whether the current fragment is the final one Range Any Yes No Any Including all IP fragment case Yes The ingress frame is fragmented packet No The ingress frames is not fragmented packet IP Option A list of optional specifications for security restrictions route recording and source routing Not...

Page 138: ...ding to following ICMP type value setting for ingress classification ICMP Type Value Range 0 255 ICMP Code Filter Range Any Specific Any Including all of ICMP code values Specific According to following ICMP code value setting for ingress classification ICMP Code Value Range 0 255 IP Parameters Frame Type IPv4 and IP Protocol Filter UDP Source Port Filter Range Any Specific Range Any Including all...

Page 139: ...ific Range Any Including all TCP source ports Specific According to following Source Port No setting for ingress classification Range According to following Source Port Range setting for ingress classification Source Port No Range 0 65535 Source Port Range Range 0 65535 Dest Port Filter Range Any Specific Range Any Including all TCP destination ports Specific According to following Dest Port No se...

Page 140: ...ush Function Range Any 0 1 Any Including all TCP PSH case 0 The TCP control bit PSH is 0 1 The TCP control bit PSH is 1 TCP ACK TCP Control Bit ACK Means Acknowledgment field significant Range Any 0 1 Any Including all TCP ACK case 0 The TCP control bit ACK is 0 1 The TCP control bit ACK is 1 TCP URG TCP Control Bit URG Means Urgent Pointer field significant Range Any 0 1 Any Including all TCP URG...

Page 141: ...atagram fragmentation together with the identification field The flags indicate whether the datagram may be fragmented whether the datagram is fragmented and whether the current fragment is the final one Range Any Yes No Any Including all IP fragment case Yes The ingress frame is fragmented packet No The ingress frames is not fragmented packet IP Option A list of optional specifications for securi...

Page 142: ...llowing VLAN ID and Tag Priority setting for ingress classification VLAN ID Range 1 4094 Tag Priority Range Any 0 7 Any Including all Tag Priority values 0 7 The Tag Priority Value is one of number 0 7 Action Parameters When the ingress frame meets above ACL ingress classification rule you can do the following actions Action Range Permit Deny Permit Permit the met ACL ingress classification rule p...

Page 143: ...ules Set up Port Policies Set up Typical Network Application Rules Set up Source MAC and Source IP Binding Next Click on Next to confirm current setting and go to next step automatically Cancel Cancel current setting back to top layer in the ACL wizard function Back Click on Back to back to previous step Wizard Again Click on Wizard Again the UI will back to top layer in the wizard function Finish...

Page 144: ...140 Fig 3 124 Wizard Fig 3 125 Set up Policy Rules Fig 3 126 Set up Policy Rules ...

Page 145: ...141 Fig 3 127 Set up Policy Rules Fig 3 128 Set up Policy Rules Finish Fig 3 129 Set up Port Policies ...

Page 146: ...142 Fig 3 130 Set up Port Policies Fig 3 131 Set up Port Policies ...

Page 147: ...143 Fig 3 132 Set up Port Policies Finish Fig 3 133 Set up Typical Network Application Rules ...

Page 148: ...144 Fig 3 134 Set up Typical Network Application Rules Fig 3 135 Set up Typical Network Application Rules ...

Page 149: ...meter description Common Server DHCP DNS FTP HTTP IMAP NFS POP3 SAMBA SMTP TELNET TFTP Instant Messaging Google Talk MSN Messenger Yahoo Messenger User Definition Ethernet Type UDP Port TCP Port Others TCP Port ICMP Multicast IP Stream NetBIOS Ping Request Ping Reply SNMP SNMP Traps Ingress Port Any Policy1 8 Port1 24 ...

Page 150: ...146 Action Permit Deny Rate Limiter ID Disabled 1 16 Fig 3 138 Set up Source MAC and Source IP Binding Fig 3 139 Set up Source MAC and Source IP Binding ...

Page 151: ...147 Fig 3 140 Set up Source MAC and Source IP Binding Fig 3 141 Set up Source MAC and Source IP Binding Finish ...

Page 152: ...Binding Enabled Use the switch ACL function to support IP MAC Binding function the maximum is up to 128 entries Source MAC Address xx xx xx xx xx xx For example 00 40 c7 00 00 01 Source IP Address xxx xxx xxx xxx For example 192 168 1 100 ...

Page 153: ...gured database If an unauthorized user tries to access an IP MAC binding enabled port the system will block the access by dropping its packet 3 9 1 IP MAC Binding Configuration Function name IP MAC Binding Configuration Function description The switch has IP MAC Binding table The maximum number of IP MAC binding table is 1024 entries The creation of authorized users can be manually The function is...

Page 154: ...ur byte IP Address xxx xxx xxx xxx For example 192 168 1 100 Port No Port no 1 24 VID VLAN ID 1 4094 Add Input MAC IP Port and VID then click on Add to create a new entry into the IP MAC Binding table Delete Select one of entry from the table then click on Delete to delete this entry ...

Page 155: ...ding dynamic Entry information Fig 3 142 1 IP MAC Binding Dynamic Entry Parameters description No The index to display the IP MAC Binding Dynamic Entry MAC T Six byte MAC Address xx xx xx xx xx xx For example 00 40 c7 00 00 01 IP Four byte IP Address xxx xxx xxx xxx For example 192 168 1 100 Port No Port no 1 24 VID VLAN ID 1 4094 ...

Page 156: ...ant It is an entity being authenticated by an authenticator It is used to communicate with the Authenticator PAE Port Access Entity by exchanging the authentication message when the Authenticator PAE request to it Authenticator An entity facilitates the authentication of the supplicant entity It controls the state of the port authorized or unauthorized according to the result of authentication mes...

Page 157: ...nd C is in the internal network D is Authentication server running RADIUS switch at the central location acts Authenticator connecting to PC A and A is a PC outside the controlled port running Supplicant PAE In this case PC A wants to access the services on device B and C first it must exchange the authentication message with the authenticator on the port it connected via EAPOL packet The authenti...

Page 158: ...will initiate EAPOL Start the process by sending to the authenticator 5 And next the Supplicant replies an EAP Response Identity to the authenticator The authenticator will embed the user ID into Radius Access Request command and send it to the authentication server for confirming its identity 6 After receiving the Radius Access Request the authentication server sends Radius Access Challenge to th...

Page 159: ...enticator receives a Radius Access Reject it will send an EAP Failure to the supplicant This means the supplicant is failed to authenticate The port it connected is in the unauthorized state the supplicant and the devices connected to this port won t be allowed to access the network 10 When the supplicant issue an EAP Logoff message to Authentication server the port you are using is set to be unau...

Page 160: ...inguish the device s MAC address and its VID The following table is the summary of the combination of the authentication status and the port status versus the status of port mode set in 802 1X Port mode port control state set in 802 1X port setting Here Entry Authorized means MAC entry is authorized Port Mode Port Control Authentication Port Status Disable Don t Care Don t Care Port Uncontrolled M...

Page 161: ...This function is used to configure the global parameters for RADIUS authentication in 802 1X port security application Fig 3 143 802 1X Server Configuration Parameter description Authentication Server Server IP Server Server IP address for authentication Default 192 168 1 1 UDP Port ...

Page 162: ...ng a blank between any two characters Default Radius Accounting Server Server IP Server Server IP address for authentication Default 192 168 1 1 UDP Port Default port number is 1812 Secret Key The secret key between authentication server and authenticator It is a string with the length 1 31 characters The character string may contain upper case lower case and 0 9 It is character sense It is not al...

Page 163: ...parameters description for details Fig 3 144 802 1X Port Configuration Parameter description Port It is the port number to be selected for configuring its associated 802 1X parameters which are Port control reAuthMax txPeriod Quiet Period reAuthEnabled reAuthPeriod max Request suppTimeout serverTimeout and Controlled direction Mode Range Disable Normal Advanced Clientless Disable Disable IEEE 802 ...

Page 164: ...d ForceUnauthorized ForceAuthorized Auto y ForceUnauthorized The controlled port is forced to hold in the unauthorized state y ForceAuthorized The controlled port is forced to hold in the authorized state y Auto The controlled port is set to be in authorized state or unauthorized state depends on the result of the authentication exchange between the authentication server and the supplicant Default...

Page 165: ... Request to the supplicant before it times out the authentication session The valid range 1 10 Default 2 times suppTimeout 1 65535 s A timeout condition in the exchange between the authenticator and the supplicant The valid range 1 65535 Default 30 seconds serverTimeout 1 65535 s A timeout condition in the exchange between the authenticator and the authentication server The valid range 1 65535 Def...

Page 166: ...entication current operating mode and status Parameter description Port Port number 1 24 Mode Show this port IEEE 802 1X operating mode There are four modes Disable Normal Advance and Clientless Status Show this port IEEE 802 1X security current status Authorized or Unauthorized Fig 3 145 802 1X Status ...

Page 167: ...anager monitoring authenticator status Parameter description Port Port Number 1 24 Auto refresh Refresh the authenticator counters in the web UI automatically Refresh Click on the Refresh to update the authenticator counters in the web UI Clear Click on the Clear to clear all authenticator counters in the web UI Fig 3 146 802 1X Port Statistics ...

Page 168: ... non IEEE 802 3 MAC link Operating in half duplex mode Aggregate the ports with different data rates Static Trunk Ports using Static Trunk as their trunk method can choose their unique Static GroupID also 1 8 this Static groupID can be the same with another LACP groupID to form a logic trunked port The benefit of using Static Trunk method is that a port can immediately become a member of a trunk g...

Page 169: ...tic Trunk Group ID 1 the 13th port willing to use the same Static Trunk Group ID will be automatically set to use the None trunking method and its Group ID will turn to 0 This means the port won t aggregate with other ports b 14 ports all use LACP Trunk Group ID 1 at most 12 ports can aggregate together and transit into the ready state c A port using the None trunking method or Group ID 0 will be ...

Page 170: ...figure the trunk property of each and every port in the switch system Fig 3 147 Trunk Port Setting Parameter description Port Port Number 1 24 Method This determines the method a port uses to aggregate with other ports None A port does not want to aggregate with any other port should choose this default setting ...

Page 171: ...entity started to take control of this port Passive A Passive LACP port will not actively send LACPDU out before it receives an LACPDU from its link partner Aggtr Aggtr is an abbreviation of aggregator Every port is also an aggregator and its own aggregator ID is the same as its own Port No We can regard an aggregator as a representative of a trunking group Ports with same Group ID and using same ...

Page 172: ... View Parameter description Aggregator It shows the aggregator ID from 1 to 24 of every port In fact every port is also an aggregator and its own aggregator ID is the same as its own Port No Method Show the method a port uses to aggregate with other ports Member Ports Show all member ports of an aggregator port Ready Ports Show only the ready member ports within an aggregator port ...

Page 173: ...re all on a single system Each system supports LACP will be assigned a globally unique System Identifier for this purpose A system ID is a 64 bit field comprising a 48 bit MAC Address and 16 bit priority value The System Priority can be set by the user Its range is from 1 to 65535 Default 32768 Fig 3 149 LACP System Priority Parameter description System Priority Show the System Priority part of a ...

Page 174: ... 3 12 1 Status Function name STP Status Function description In the Spanning Tree Status user can read 12 parameters to know STP current status The 12 parameters description is listed in the following table Fig 3 150 STP Status Parameter description STP State Show the current STP Enabled Disabled status Default is Disabled Bridge ID Show switch s bridge ID which stands for the MAC address of this ...

Page 175: ...Delay time is defined as the time spent from Listening state moved to Learning state or from Learning state moved to Forwarding state of a port in bridge Hello Time Show the current hello time of the root bridge Hello time is a time interval specified by root bridge used to request all other bridges periodically sending hello message every hello time seconds to the bridge attached to its designate...

Page 176: ...select mode RSTP STP and affect STP state machine behavior to send BPDU in this switch The default setting of Spanning Tree Protocol is Disable Fig 3 151 STP Configuration Parameter description Spanning Tree Protocol Set 802 1W Rapid STP function Enable Disable Default is Disable Bridge Priority The lower the bridge priority is the higher priority it has Usually the bridge with the highest bridge ...

Page 177: ...l bridges in the LAN will re calculate and determine who the root bridge is The valid value of Max Age is 6 40 seconds Default is 20 seconds Forward Delay You can set the root bridge forward delay time This figure is set by root bridge only The forward delay time is defined as the time spent from Listening state moved to Learning state and also from Learning state moved to Forwarding state of a po...

Page 178: ...Configuration Parameter description Port Status It displays the current state of a port We cannot manually set it because it displays the status only There are three possible states according to 802 1w specification DISCARDING state indicates that this port can neither forward packets nor contribute learning knowledge Notice Three other states Disable state BLOCKING state and LISTENING state defin...

Page 179: ...form the Port ID Port IDs are often compared in order to determine which port of a bridge would become the Root Port The range is 0 240 Default is 128 Admin Edge Port If user selects Yes this port will be an edge port An Edge Port is a port connected to a device that knows nothing about STP or RSTP Usually the connected device is an end station Edge Ports will immediately transit to forwarding sta...

Page 180: ...t will not fast transit to Forwarding state If it is set as True the port is treated as point to point link by RSTP and unconditionally transited to Forwarding state If it is set as False fast transition to Forwarding state will not happen on this port Default Auto M Check Migration Check It forces the port sending out an RSTP BPDU instead of a legacy STP BPDU at the next transmission The only ben...

Page 181: ...t can ensure a loop free data path for a group of vlans within an MSTI Redundant path and load balancing in vlan environment is also achieved via this feature A spanning tree instance called CIST Common and Internal Spanning Tree always exists Up to 64 more spanning tree instances MSTIs can be provisioned 3 13 1 Status Function name MSTP State Function description To enable or disable MSTP And to ...

Page 182: ...ridge Bridges participating in a common MST region must have the same Region Name and Revision Level Fig 3 154 MSTP Region Config Parameter description Region Name 0 32 characters A variable length text string encoded within a fixed field of 32 octets conforming to RFC 2271 s definition of SnmpAdminString Revision Level 0 65535 ...

Page 183: ...itional MSTP configuration data can be applied and MSTP status can be retrieved Fig 3 155 MSTP Instance Config Fig 3 156 Edit MSTI Vlan Parameter description Instance ID Every spanning tree instance need to have a unique instance ID within 0 4095 Instance 0 CIST always exists and can not be deleted Additional spanning instances MSTIs can be added or deleted At least one vlan must be provisioned fo...

Page 184: ... Instance Configuration Fig 3 157 To provision spanning tree performance parameters per instance Port Config Fig 3 158 To provision spanning tree performance parameters per instance per port Instance Status Fig 3 159 To show the status report of a particular spanning tree instance Port Status Fig 3 160 To show the status report of all ports regarding a specific spanning tree instance Parameter des...

Page 185: ...t s a new parameter for the multiple spanning tree protocol It is used in the internal spanning tree instances CIST Remaining Hops or MSTI Remaining Hops in the Spanning tree protocol message would decreased by one when the message is propagated to the neighboring bridge If the Remaining Hops in a message is zero the message BPDU would be regarded as invalid Max Hops is used to specify the initial...

Page 186: ... the Root Port has been selected This parameter is No by default If set it can cause lack of spanning tree connectivity It is set by a network administrator to prevent bridges external to a core region of the network influencing the spanning tree active topology possibly because those bridges are not under the full control of the administrator Restricted TCN Yes No If Yes causes the Port not to pr...

Page 187: ...the Max Age setting of the bridge itself Bridge Forward Delay It shows the Forward Delay setting of the bridge itself Bridge Max Hops It shows the Max Hops setting of the bridge itself Instance Priority Spanning tree priority value for a specific tree instance CIST or MSTI Bridge Mac Address The Mac Address of the bridge itself CIST ROOT PRIORITY Spanning tree priority value of the CIST root bridg...

Page 188: ...and MSTIs are transparent to bridges outside this region CIST REGIONAL ROOT MAC Mac Address of the CIST regional root bridge CIST INTERNAL ROOT PATH COST Root path cost value from the point of view of the bridges inside the IST CIST CURRENT MAX AGE Max Age of the CIST Root bridge CIST CURRENT FORWARD DELAY Forward Delay of the CIST Root bridge TIME SINCE LAST TOPOLOGY CHANGE SECs Time Since Last T...

Page 189: ...DSGN designated port MSTR master port The last 3 are possible port roles for a port to transit to FORWARDING state Path Cost Display currently resolved port path cost value for each port in a particular spanning tree instance Priority Display port priority value for each port in a particular spanning tree instance Hello per port Hello Time display It takes the following form Current Hello Time Hel...

Page 190: ...186 Restricted Role Same as mentioned in Port Config Restricted Tcn Same as mentioned in Port Config ...

Page 191: ...e the mirror function you should avoid setting a port to be a sniffer port and aggregated port at the same time It will cause something wrong Fig 3 161 Mirror Configuration Parameter description Port to mirror to Range Disabled Port 1 24 Set the monitoring port Port Range 1 24 Select the monitored ports Source Enable The source enable means the monitored port ingress traffic will be copied to moni...

Page 192: ...e the information of the Multicast table when a member port joins or leaves an IP Multicast Destination Address With this function once a switch receives an IP multicast packet it will forward the packet to the members who joined in a specified IP multicast group before The packets will be discarded by the IGMP Snooping if the user transmits multicast packets to the multicast group that had not be...

Page 193: ...d be running IGMP Fig 3 162 IGMP Proxy Parameter description General Query Interval The general query interval is the amount of time in seconds between IGMP General Query messages sent by the router if the router is the querier on this subnet Available value 1 3600 sec General Query Response Timeout The General Query Response Timeout field is the amount of time in seconds Available value 1 25 sec ...

Page 194: ...me in seconds between IGMP last member Query messages sent by the router if the router is the querier on this subnet Available value 1 25 sec Last Member Query Max Response Time To set the last member Query Response Time field is used in specific or group specific query messages The last member query Maximum Response Time is configured as the value Available value 1 25 sec ...

Page 195: ...lt flood multicast traffic to all the ports in a broadcast domain or the VLAN equivalent Multicast can cause unnecessary or even crippling load on host devices by requiring them to process packets they have not solicited Fig 3 163 1 IGMP Snooping Parameter description Host Time Out The IGMP Snooping Host query Timeout field is the amount of time in seconds Available value 1 65535 sec Fast Leave To...

Page 196: ... The valid range is 224 0 0 0 239 255 255 255 VLAN ID The switch supports two kinds of options for managed valid VLAN VID including Any and Custom Default is Any When you choose Custom you can fill in VID number The valid VID range is 1 4094 Port The switch supports two kinds of options for managed valid port range including Any and Custom Default is Any You can select the ports that you would lik...

Page 197: ...s to be disabled when MVR is enabled Refer to the configuration guide at Understanding Multicast VLAN Registration for more information on MVR Fig 3 163 1 MVR setting Parameter description MVR Enable To set the multicast VLAN registration function enable Host Time Out The MVR Host query Timeout field is the amount of time in seconds Available value 1 65535 sec Fast Leave To evoke the port to becom...

Page 198: ...supports two kinds of options for managed valid VLAN VID including Client and router Default is Disable When you choose Client you can fill in MVID number The valid VID range is 1 4094 Port The switch supports two kinds of options for managed valid port range including Client and router Default is Disable You can select the ports that you would like them to be worked and restricted in the allowed ...

Page 199: ...luding Client and router Default is disable When you choose Custom you can fill in VID number The valid VID range is 1 4094 Start Address to End Address IP Range The switch supports two kinds of options for managed valid IP range you can assign effective IP range The valid range is 224 0 0 0 239 255 255 255 Add A new entry of allowed group configuration can be created after the parameters as menti...

Page 200: ...ess range it will show effective IP range The valid range is 224 0 0 0 239 255 255 255 MVID The switch supports two kinds of options for managed valid MVID you can fill in VID number The valid VID range is 1 4094 Port The switch supports two kinds of options for managed valid port range including Any and Custom Default is Any You can select the ports that you would like them to be worked and restr...

Page 201: ...be sent while users tick the trap event individually on the web page shown as below Parameter description Trap Cold Start Warm Start Link Down Link Up Authentication Failure User login User logout STP STP Topology Changed STP Disabled STP Enabled LACP LACP Disabled LACP Enabled LACP Member Added LACP Port Failure GVRP GVRP Disabled GVRP Enabled VLAN VLAN Disabled Port based VLAN Enabled Tag based ...

Page 202: ...e web page of alarm configuration See Fig 3 61 Then user can read the trap information from the email This function provides 6 email addresses at most The 24 different trap events will be sent out to SNMP Manager when trap event occurs After ticking trap events you can fill in your desired email addresses Then please click Apply button to complete the alarm configuration It will take effect in a f...

Page 203: ... Server the IP address of the server transferring your email Username your username on the mail server Password your password on the mail server Email Address 1 6 email address that would like to receive the alarm message Fig 3 165 Alarm Configuration ...

Page 204: ...k from rogue DHCP servers or other devices which send port related information to a DHCP server This information can be useful in tracking an IP address back to a physical port Fig 3 17 1 DHCP Snooping State Parameter description DHCP Snooping state The parameter which set to disabled or enabled the DHCP snooping function on the switch the default is Disabled Note To click Apply when you finish th...

Page 205: ... received all DHCP packets are forwarded for a trusted port It set a trust port 1 available port from 0 to 24 0 is disabled Trust port 2 It set a trust port 2 available port from 0 to 24 0 is disabled Trust VID It set a trust VLAN ID available VID from 1 to 4094 Server IP It set a trust DHCP Server IP address for DHCP Snooping Option 82 It set the DHCP Option 82 function on the switch default is D...

Page 206: ...ket from a client passes the filtering criteria above it will only be forwarded to trusted ports in the same VLAN If a DHCP packet is from server is received on a trusted port it will be forwarded to both trusted and un trusted ports in the same VLAN 3 17 3 DHCP Snooping Client Function name DHCP Snooping Client Function description To show the DHCP snooping client Fig 3 17 2 DHCP Snooping Client ...

Page 207: ... interval between consecutive transmissions of LLDP advertisements on any given port Default 30 secs Tx Hold The specifies the amount of time the receiving device holds a Link Layer Discovery Protocol LLDP packet before discarding it Default 4 times Tx Delay The specifies the delay between successive LLDP frame transmissions initiated by value status changes in the LLDP local systems MIB Default 2...

Page 208: ...sements includes an alphanumeric string describing the full name and version identification for the system s hardware type software version and networking application Sys Capa To evoke outbound advertisements includes a bit mask of system capabilities device functions that are supported Also includes information on whether the capabilities are enabled Mgmt Addr To evoke outbound advertisements inc...

Page 209: ...ID To display the Chassis ID which connect to the switch and what the neighbor Chassis ID Remote Port ID To display the Remote Port ID which connect to the switch and what the neighbor s remote port ID System name To display the system name which connect to the switch and which device supports the LLDP Port Description To display an alphanumeric string describing the full name and version identifi...

Page 210: ...e enabled Management Address To display include a specific IP address in the outbound LLDP advertisements for specific ports Auto refresh Refresh the authenticator counters in the web UI automatically Refresh Click on the Refresh to update the authenticator counters in the web UI ...

Page 211: ...ged at The time period which neighbor entries were be changed Total Neighbors Entries Added The total neighbors entries added be received Total Neighbors Entries Deleted The total neighbors entries deleted be received Total Neighbors Entries Dropped The total neighbors entries dropped be received Total Neighbors Entries Aged Out The total neighbors entries aged out be received Local port Show the ...

Page 212: ...mitted Rx Frames The counting number of the frames transmitted Frames Discarded Show the number of frame discarded TLVs Discarded Show the number of TLVs discarded TLVs Unrecognized Show the number of TLVs unrecognized Age Outs Show the number of Age Outs ...

Page 213: ...ult IP address the IP address will restore to default 192 168 1 1 as you use it The other is the function of Restore Default Configuration without changing current IP address the IP address will keep the same one that you had saved before by performing this function Working Configuration It is the configuration you are using currently and can be changed any time The configurations you are using ar...

Page 214: ...P address of the switch will also be restored to 192 168 1 1 Fig 3 166 Factory Defaults 3 19 2 Save Start Function name Save As Start Configuration Function description Save the current configuration as a start configuration file in flash memory Fig 3 167 Save as Start Configuration 3 19 3 Save User Function name Save As User Configuration Function description Save the current configuration as a u...

Page 215: ...ser Configuration function can retrieve the previous confirmed working configuration stored in the flash memory to update start configuration When completing to restore the configuration the system s start configuration is updated and will be changed its system settings after rebooting the system Fig 3 169 Restore User Configuration ...

Page 216: ...a TFTP Parameter description Export File Path Export Start Export Save As Start s config file stored in the flash Export User Conf Export Save As User s config file stored in the flash Import File Path Import Start Import Save As Start s config file stored in the flash Import User Conf Import Save As User s config file stored in the flash Fig 3 170 Export Import Configuration ...

Page 217: ...cribed in detail orderly in the following sections 3 21 1 Diag Function name Diagnostics Function description Diagnostics function provides a set of basic system diagnosis It let users know that whether the system is health or needs to be fixed The basic system check includes EEPROM test UART test DRAM test and Flash test Fig 3 171 Diagnostics Diagnostics Ping Test Diagnostics ...

Page 218: ... that if the target device is available or not You can simply fill in a known IP address and then click Ping button After a few seconds later the switch will report you the pinged device is alive or dead in the field of Ping Result Parameter description IP Address An IP address with the version of v4 e g 192 168 1 1 Default Gateway IP address of the default gateway For more details please see the ...

Page 219: ...ging IP configuration or changing VLAN mode configuration then you must reboot to have the new configuration taken effect Here we are discussing is software reset for the reboot in the main menu Fig 3 174 Warm Reset 3 22 2 Software Upload Function name Software Upload Function description Click on Browse to select a specific SW24GF firmware file from the Web management PC then click on Upload to c...

Page 220: ... name Logout Function description The switch allows you to logout the system to prevent other users from the system without the permission If you do not logout and exit the browser the switch will automatically have you logout in five minutes Besides this manually logout Parameter description Logout Click on Logout to leave the web UI management function Fig 3 176 Logout ...

Page 221: ...es Menu configure the parameters as below see the next section Baud rate 115200 Stop bits 1 Data bits 8 Parity N Flow control none 4 1 1 Login The command line interface CLI is a text based interface User can access the CLI through either a direct serial connection to the device or a Telnet session The default values of the managed switch are listed below Username admin Password admin After you lo...

Page 222: ...218 Fig 4 1 Fig 4 2 ...

Page 223: ... help history logout save start save user restore default and restore user For more details please refer to Section 4 2 1 Command instructions reside in the corresponding modes are local commands The same command with the same command name may occur but perform totally different function in different modes For example show in IP mode performs displaying the IP information however it performs displ...

Page 224: ...of the top mode Argument None Possible value None Example SW24GF alarm SW24GF alarm events SW24GF alarm events end SW24GF exit Syntax exit Description Back to the previous mode When you enter this command your current position would move back to the previous mode If you use this command in the top mode you are still in the position of the top mode Argument None Possible value None Example SW24GF t...

Page 225: ...mple SW24GF ip SW24GF ip help Commands available Local commands set ip Set ip subnet mask and gateway set dns Set dns enable dhcp Enable DHCP and set dns auto or manual disable dhcp Disable DHCP show Show IP Configuration Global commands exit Back to the previous mode end Back to the top mode help Show available commands history Show a list of previously run commands logout Logout the system save ...

Page 226: ...d list total records up to 256 If optional argument is given the CLI would only show the last numbers of records given by the argument Argument show last number of history records optional Possible value 1 2 3 256 Example SW24GF ip history Command history 0 trunk 1 exit 2 SW24GF trunk 3 SW24GF trunk exit 4 SW24GF 5 6 trunk 7 exit 8 alarm 9 events 10 end 11 ip 12 help 13 ip 14 history SW24GF ip his...

Page 227: ...ore the default IP address y n If you choose Y or y the IP address will restore to default 192 168 1 1 If you choose N or n the IP address will keep the same one that you had saved before If restoring default successfully the CLI would prompt if reboot immediately or not If you press Y or y the system would reboot immediately otherwise it would be back to the CLI system After restoring default con...

Page 228: ... the entire startup configuration would replace as user defined one Argument None Possible value None Example SW24GF restore user Restoring Restore User Configuration Successfully Press any key to reboot system save start Syntax save start Description To save the current configuration as the start one When you enter this command the CLI would save your current configuration into the non volatile F...

Page 229: ...guration as the user defined configuration When you enter this command the CLI would save your current configuration into the non volatile FLASH as user defined configuration Argument None Possible value None Example SW24GF save user Saving user Save Successfully SW24GF ...

Page 230: ...vailable from 1 to 24 value max times range 1 10 Possible value port range 1 to 24 value 1 10 default is 2 Example SW24GF 802 1X set maxReq 2 2 set mode Syntax set mode port range mode Description To set up the 802 1X authentication mode of each port Argument port range syntax 1 5 7 available from 1 to 24 mode set up 802 1X mode 0 disable the 802 1X function 1 set 802 1X to Multi host mode Possibl...

Page 231: ...tor state machine to define periods of time during when it will not attempt to acquire a Supplicant Argument port range syntax 1 5 7 available from 1 to 24 value timer range 0 65535 Possible value port range 1 to 24 value 0 65535 default is 60 Example SW24GF 802 1X set quietPeriod 2 30 set reAuthEnabled Syntax set reAuthEnabled port range on off Description A constant that define whether regular r...

Page 232: ...7 available from 1 to 24 value timer range 1 65535 Possible value port range 1 to 24 value 1 65535 default is 3600 Example SW24GF 802 1X set reAuthPeriod 2 3600 set serverTimeout Syntax set serverTimeout port range value Description A timer used by the Backend Authentication state machine in order to determine timeout conditions in the exchanges between the Authenticator and the Supplicant or Auth...

Page 233: ... determine timeout conditions in the exchanges between the Authenticator and the Supplicant or Authentication Server The initial value of this timer is either suppTimeout or serverTimeout as determined by the operation of the Backend Authentication state machine Argument port range syntax 1 5 7 available from 1 to 24 value timer range 1 65535 Possible value port range 1 to 24 value 1 65535 default...

Page 234: ...ig port range Description To display the parameter settings of each port Argument port range syntax 1 5 7 available from 1 to 24 Possible value port range 1 to 24 Example SW24GF 802 1X show port config 1 2 port 1 Mode Disabled port control Auto reAuthMax 2 txPeriod 30 Quiet Period 60 reAuthEnabled ON reAuthPeriod 120 max Request 2 suppTimeout 30 serverTimeout 30 port 2 Mode Disabled port control A...

Page 235: ...configuration Argument None Possible value None Example SW24GF 802 1X show server Authentication Server ________________________________________ IP Address 192 168 1 1 UDP Port 1812 Secret Key Radius Accounting Server _________________________________________ IP Address 192 168 1 1 UDP Port 1812 Secret Key Radius account add Syntax add name Description To create a new guest user When you create a ...

Page 236: ...a Account aaaaa deleted modify Syntax modify username Description To change the username and password of an existing account Argument name existing user account Possible value None Example SW24GF account modify aaaaa username password the length is from 5 to 15 Current username aaaaa bbbbb New password Confirm password Username changed successfully Password changed successfully show Syntax show De...

Page 237: ...nfiguration Argument index the access control rule index value Possible value None Example SW24GF acl ace 2 index 2 rule switch vid any tag_prio any dmac any frame type arp arp type Request Reply opcode any source ip any destination ip any ARP flag ARP SMAC Match any RARP DMAC Match any IP Ethernet Length any IP any Ethernet any action 1 rate limiter 0 copy port 0 ...

Page 238: ...deny 0 1 rate_limiter 0 16 port copy 0 24 Example SW24GF acl action 5 0 2 2 SW24GF acl show port policy id action rate limiter port copy counter a class map 5 1 deny 2 2 23 1 permit 0 0 0 24 1 permit 0 0 0 rate limiter rate pps 1 1 2 1 3 1 4 1 5 1 SW24GF acl delete Syntax delete index Description To delete the ACE Access Control Entry configuration on the switch Argument index the access control r...

Page 239: ...8 ports 1 24 Possible value policy 1 8 ports 1 24 Example SW24GF acl policy 3 10 SW24GF acl ratelimiter Syntax ratelimiter id rate Description To set access control rule with rate limiter on switch Argument id 1 16 rate 1 2 4 8 16 32 64 128 256 512 1000 2000 4000 8000 16000 32000 64000 128000 256000 512000 1024000 Possible value id 1 16 rate 1 2 4 8 16 32 64 128 256 512 1000 2000 4000 8000 16000 3...

Page 240: ...option icmp icmp type icmp code udp source port range destination port range tcp source port range destination port range tcp fin flag tcp syn flag tcp rst flag tcp psh flag tcp ack flag tcp urg flag other ip protocol value any action rate limiter port copy Description To set access control entry on switch Argument Possible value Example show Syntax show Description To show all access control entr...

Page 241: ...ress number range 1 to 6 Possible value 1 to 6 Example SW24GF alarm email del mail address 2 del server user Syntax del server user Description To remove the configuration of server user account and password Argument None Possible value None Example SW24GF alarm email del server user set mail address Syntax set mail address mail address Description To set up the email address Argument ...

Page 242: ...ue None Example SW24GF alarm email set server 192 168 1 6 set user Syntax set user username Description To set up the account and password of the email server Argument username email server account and password Possible value None Example SW24GF alarm email set user admin show Syntax show Description To display the configuration of e mail Argument None Possible value None Example SW24GF alarm emai...

Page 243: ...ple SW24GF alarm events del all 1 3 del email Syntax del email range Description To disable the email of the events Argument range del the range of email syntax 1 5 7 Possible value range 1 24 Example SW24GF alarm events del email 1 3 del trap Syntax del trap range Description To disable the trap of the events Argument range del the range of trap syntax 1 5 7 Possible value range 1 24 Example SW24...

Page 244: ...e the email of the events Argument range set the range of email syntax 1 5 7 Possible value range 1 24 Example SW24GF alarm events set email 1 3 set trap Syntax set trap range Description To enable the trap of the events Argument range set the range of trap syntax 1 5 7 Possible value range 1 24 Example SW24GF alarm events set trap 1 3 show Syntax show Description To display the configuration of a...

Page 245: ...pped 11 Looping Detected 12 STP Disabled 13 STP Enabled 14 STP Topology Changed 15 LACP Disabled 16 LACP Enabled 17 LACP Member Added 18 LACP Aggregates Port Failure 19 GVRP Disabled 20 GVRP Enabled 21 VLAN Disabled 22 Port based Vlan Enabled 23 Tag based Vlan Enabled 24 IP MAC Binding Enabled 25 IP MAC Binding Disabled 26 IP MAC Binding Client Authenticate error 27 IP MAC Binding Server Authentic...

Page 246: ...value None Example SW24GF alarm show events SW24GF alarm show email autologout autologout Syntax autologout time Description To set up the timer of autologout Argument time range 1 to 3600 seconds 0 for autologout off current setting is 180 seconds Possible value time 0 1 3600 Example SW24GF autologout 3600 Set autologout time to 3600 seconds ...

Page 247: ...urrent user ip address Description To run the import start function Argument None Possible value None Example SW24GF config file import current 192 168 1 63 Import successful firmware Upgrade Syntax upgrade ip_address file_path Description To set up the image file that will be upgraded Argument ip address TFTP server ip address filepath upgrade file path Possible value ip address TFTP server ip ad...

Page 248: ...pplicant Syntax group applicant vid port 0 1 Description To enter any of gvrp group for changing gvrp group setting You can change the applicant or registrar mode of existing gvrp group per port Argument vid enter which gvrp group you had created using value is vid Available range 1 to 4094 port 1 to 24 0 1 Possible value vid 1 4094 port 1 to 24 Example SW24GF gvrp group applicant 2 5 0 GVRP group...

Page 249: ...for each port Argument port port range syntax 1 5 7 available from 1 to 24 0 set registrar as normal mode 1 set registrar as fixed mode 2 set registrar as forbidden mode Possible value range 1 to 24 0 1 2 normal or fixed or forbidden Example SW24GF gvrp set registrar 1 5 fixed set restricted Syntax set restricted port 0 1 2 Description To set the restricted mode for each port Argument port port ra...

Page 250: ...isable 24 20 60 1000 Normal Normal Disable set timer Syntax set timer port JoinTime leaveTime leaveAllTime Description To set gvrp join time leave time and leaveall time for each port Argument port port range syntax 1 5 7 available from 1 to 24 JoinTime join timer available from 20 to 100 LeaveTime leave timer available from 60 to 300 LeaveAllTime leaveall timer available from 1000 to 5000 Leave T...

Page 251: ...ormal Disable 23 20 60 1000 Normal Normal Disable 24 20 60 1000 Normal Normal Disable counter Syntax counter port Description To display the counter number of the port Argument port port number Possible value port available from 1 to 24 Example SW24GF gvrp counter 2 Received Total GVRP Packets 0 Invalid GVRP Packets 0 LeaveAll message 0 JoinEmpty message 0 JoinIn message 0 LeaveEmpty message 0 Emp...

Page 252: ...VID Member Port hostname hostname Syntax hostname name Description To set up the hostname of the switch Argument name hostname max 40 characters Possible value name hostname max 40 characters Example SW24GF hostname Company Company igmp set drp Syntax set drp port Description Set router ports to disable Argument port syntax 1 5 7 available from 1 to 24 Possible value port 1 to 24 Example SW24GF ig...

Page 253: ...t flood state Description To set up disable enable unregister ipmc flooding Argument state 0 disable 1 enable Possible value state 0 or 1 Example SW24GF igmp set flood 1 show gm Syntax show gm Description To display group memebership Argument None Possible value None Example SW24GF igmp show gm show igmpp Syntax show igmpp Description To display igmp proxy setting Argument None Possible value None...

Page 254: ...able dhcp manual auto Description To enable the system DHCP function and set DNS server via manual or auto mode Argument manual auto set dhcp by using manual or auto mode Possible value manual auto manual or auto Example SW24GF ip enable dhcp manual set dns Syntax set dns ip Description To set the IP address of DNS server Argument ip dns ip address Possible value 168 95 1 1 Example SW24GF ip set d...

Page 255: ...53 or others Example SW24GF ip set ip 192 168 1 2 255 255 255 0 192 168 1 253 show Syntax show Description To display the system s DHCP function state IP address subnet mask default gateway DNS mode DNS server IP address and current IP address Argument None Possible value None Example SW24GF ip show DHCP Disable IP Address 192 168 2 237 Current IP Address 192 168 2 237 Subnet mask 255 255 255 0 Ga...

Page 256: ...format 00 02 03 04 05 06 ip ip address port 1 to 24 vid 1 to 4094 Example SW24GF ip_mac_binding set entry 1 00 11 2f de 7b a9 192 168 2 2 1 1 delete ip Syntax delete ip 0 1 ip Description Delete ip mac binding entry by ip Argument 0 1 0 client 1 server ip ip address Possible value None Example SW24GF ip_mac_binding delete ip 1 192 168 2 2 set state Syntax show Description To display the mac alias ...

Page 257: ...sable 1 24 SW24GF loop detection show Detection Port Locked Port Port Status Port Status 1 Disable 1 Normal 2 Disable 2 Normal 3 Disable 3 Normal 4 Disable 4 Normal 5 Disable 5 Normal 6 Disable 6 Normal 7 Disable 7 Normal 8 Disable 8 Normal enable Syntax enable Description To enable switch ports the loop detection function Argument set up the range of the ports to search for syntax 1 5 7 available...

Page 258: ... 1 to 24 Example SW24GF loop detection resume 1 24 SW24GF loop detection show Detection Port Locked Port Port Status Port Status 1 Enable 1 Normal 2 Enable 2 Normal 3 Enable 3 Normal 4 Enable 4 Normal 5 Enable 5 Normal 6 Enable 6 Normal 7 Enable 7 Normal 8 Enable 8 Normal Resume Syntax resume Description To resume locked ports on switch Argument set up the range of the ports to search for syntax 1...

Page 259: ...Enable 8 Normal show Syntax show Description To display loop detection configure Argument None Possible value None Example SW24GF loop detection show Detection Port Locked Port Port Status Port Status 1 Enable 1 Normal 2 Enable 2 Normal 3 Enable 3 Normal 4 Enable 4 Normal 5 Enable 5 Normal 6 Enable 6 Normal 7 Enable 7 Normal 8 Enable 8 Normal Mac alias del Syntax del mac Description ...

Page 260: ... 3F 03 SW24GF mac alias show MAC Alias No MAC Alias 1 23 56 00 55 EF 03 test13 2 23 56 00 55 EF 33 test1 set Syntax set mac alias Description To set mac alias entry Argument mac mac address xx xx xx xx xx xx alias mac alias name max 15 characters Possible value mac set up the MAC format xx xx xx xx xx xx alias mac alias name max 15 characters Example SW24GF mac alias set 23 56 r5 55 3f 03 test3 SW...

Page 261: ...ion To del dynamic mac entry Argument none Possible value none Example SW24GF mac mac table flush SW24GF mac mac table show No Type VLAN MAC Port Members 1 Static 1 FF FF FF FF FF FF 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 1 8 19 20 21 22 23 24 show Syntax show Description To show all mac table informaion Argument none Possible value none Example SW24GF mac mac table show No Type VLAN MAC Port M...

Page 262: ...e zero disables aging Possible value 0 10 to 1000000 Example SW24GF mac table maintain set age time 300 SW24GF mac maintenance show E api_ai 26 vtss_ Aging Configuration Enter into sta Age time 300mode MAC Table Learning Port Learning Mode Global commands 2 Auto 3 Auto 4 Auto 5 Auto 6 Auto 7 Auto 8 Auto 9 Auto 10 Auto 11 Auto 12 Auto 13 Auto 14 Auto 15 Auto 16 Auto 17 Auto 18 Auto 19 Auto 20 Auto ...

Page 263: ...om 1 to 24 auto auto learning disable disable learning secure learn frames are discarded Example SW24GF mac table maintain set learning 1 24 auto SW24GF mac maintenance show E api_ai 26 vtss_ Aging Configuration Enter into sta Age time 300mode MAC Table Learning Port Learning Mode Global commands 2 Auto 3 Auto 4 Auto 5 Auto 6 Auto 7 Auto 8 Auto 9 Auto 10 Auto 11 Auto 12 Auto 13 Auto 14 Auto 15 Aut...

Page 264: ...F mac maintenance show 1 Static Aging Configuration FF 1 2 3 4 5 6 7 8 9 Age time 3004 15 16 17 1 MAC Table Learning Port Learning Mode 2 Auto 3 Auto 4 Auto 5 Auto 6 Auto 7 Auto 8 Auto 9 Auto 10 Auto 11 Auto 12 Auto 13 Auto 14 Auto 15 Auto 16 Auto 17 Auto 18 Auto 19 Auto 20 Auto 21 Auto 22 Auto 23 Auto 24 Auto ...

Page 265: ...rt 0 24 vid 0 1 4094 alias mac alias name Example SW24GF mac static mac add 00 02 03 04 05 06 3 0 aaa SW24GF mac static mac del Syntax del mac vid Description To del the static mac entry Argument mac mac address format 00 02 03 04 05 06 vid vlan id 0 1 4094 VID must be zero if vlan mode is not tag based Possible value mac mac address vid 0 1 4094 Example SW24GF mac static mac del 00 02 03 04 05 06...

Page 266: ... 06 vid alias ccc SW24GF mac static mac show forward Syntax show forward Description To display the static forwarding mac entry Argument None Possible value None Example SW24GF mac static mac show forward Static Forwarding Etnry Total 1 item s 1 mac 00 02 03 04 05 06 port 3 vid alias aaa SW24GF mac static mac ...

Page 267: ... 2 set monitor destination Syntax set monitor destination range Description To set monitor destination port The packets sent by this port will be copied to the monitoring port Argument range the port that is chosen for monitored port of the mirror function syntax 1 5 7 available from 1 to 24 Possible value range 1 to 24 Example SW24GF mirror set monitor destination 2 15 SW24GF mirror show 2 V 3 V ...

Page 268: ...ort Argument range the monitoring port that is chosen for the mirror function Only one port is allowed to configure available from 1 to 24 Possible value range 1 to 24 Example SW24GF mirror set monitor source 18 SW24GF mirror show Port to mirror to 1 Port Source Enable Destination Enable 2 V 3 V 4 V 5 V 6 V 7 V 8 V 9 V 10 V 11 V 12 V 13 V 14 V 15 V 16 17 18 V 19 20 21 22 23 24 SW24GF mirror ...

Page 269: ...g status of mirror configuration Argument None Possible value None Example SW24GF mirror show Port to mirror to 1 Port Source Enable Destination Enable 2 V 3 V 4 V 5 V 6 V 7 V 8 V 9 V 10 V 11 V 12 V 13 V 14 V 15 V 16 17 18 V 19 20 21 22 23 24 SW24GF mirror ...

Page 270: ... enable migrate check Syntax migrate check port range Description To force the port to transmit RST BPDUs Argument Usage migrate check port range port range syntax 1 5 7 available from 1 to 24 Possible value Usage migrate check port range port range syntax 1 5 7 available from 1 to 24 Example SW24GF mstp migrate check 1 2 set config Syntax set config Max Age Forward Delay Max Hops Description To s...

Page 271: ... MSTI id available from 1 to 4095 vid string syntax example 2 5 7 100 200 Possible value instance id available from 1 to 4094 Example SW24GF mstp set msti vlan 2 2 5 msti 2 had been successfully created and or vlan s have been added to map to this msti SW24GF mstp set p cost Syntax set p cost instance_id port range path cost Description To set port path cost per instance Argument port range syntax...

Page 272: ...ello time only 1 2 are valid values Example SW24GF mstp set p hello 5 10 1 SW24GF mstp set p p2p Syntax set p p2p port range admin p2p Description To set per port admin p2p Argument port range syntax 1 5 7 available from 1 to 24 admin p2p Admin point to point auto true false Possible value port range syntax 1 5 7 available from 1 to 24 admin p2p Admin point to point auto true false Example SW24GF ...

Page 273: ...CIST CURRENT MAX AGE 20 CIST CURRENT FORWARD DELAY 15 TIME SINCE LAST TOPOLOGY CHANGE SECs 2 TOPOLOGY CHANGE COUNT SECs 0 SW24GF mstp set r role Syntax set r role port range restricted role Description To set per port restricted role Argument port range syntax 1 5 7 available from 1 to 24 restricted role 0 false 1 True Possible value port range 1 to 24 restricted role 0 false 1 True Example SW24GF...

Page 274: ...128 2 2 V 22 DISCARDING dsbl 2000000 128 2 2 V 23 DISCARDING dsbl 2000000 128 2 2 V 24 DISCARDING dsbl 2000000 128 2 2 V SW24GF mstp set r tcn Syntax set r tcn port range restricted tcn Description To set per port restricted tcn Argument port range syntax 1 5 7 available from 1 to 24 restricted tcn 0 false 1 True Possible value port range 1 to 24 restricted tcn 0 false 1 True Example SW24GF mstp s...

Page 275: ...ue auto true false 24 0 128 2 true auto true false SW24GF mstp set region name Syntax set region name string Description To set mstp region name 0 32 bytes Argument string a null region name Possible value string 1 32 Example SW24GF mstp set region name test2 SW24GF mstp show region info Name test2 Revision 0 Instances 0 SW24GF mstp set revision level Syntax set rev revision level Description To s...

Page 276: ... 1 4095 MSTI Example SW24GF mstp show instance 0 mstp status enabled force version 2 instance id 0 bridge max age 20 bridge forward delay 15 bridge max hops 20 instance priority 4096 bridge mac 00 40 c7 5e 00 09 CIST ROOT PRIORITY 4096 CIST ROOT MAC 00 40 c7 5e 00 09 CIST EXTERNAL ROOT PATH COST 0 CIST ROOT PORT ID 0 CIST REGIONAL ROOT PRIORITY 4096 CIST REGIONAL ROOT MAC 00 40 c7 5e 00 09 CIST IN...

Page 277: ...o true true 11 0 128 2 true auto true false 12 0 128 2 true auto true false 13 0 128 2 true auto false false 14 0 128 2 true auto false true 15 0 128 2 true auto false true 16 0 128 2 true auto false true 17 0 128 2 true auto true true 18 0 128 2 true auto true true 19 0 128 2 true auto true true 20 0 128 2 true auto true true 21 0 128 2 true auto true false 22 0 128 2 true auto true false 23 0 12...

Page 278: ...d 0 CIST 1 4095 MSTI Example SW24GF mstp show vlan map 0 instance 0 has those vlans 0 4095 SW24GF mstp policy add Syntax add name value ip value port value type value action value Description To add a new management policy entry Argument Synopsis add name George ip 192 168 1 1 192 168 1 90 port 2 5 8 type has action a Synopsis add name Mary ip 192 168 2 1 192 168 2 90 action deny Possible value No...

Page 279: ... entry s e g delete 2 3 8 12 Possible value index a specific or range management policy entry s Example SW24GF policy add name rule2 ip 192 168 4 23 192 168 4 33 port 6 8 type s t action d SW24GF policy show 1 Name rule1 IP Range 192 168 4 5 192 168 4 22 Action Deny Access Type HTTP TELENT SNMP Port 2 3 4 5 2 Name rule2 IP Range 192 168 4 23 192 168 4 33 Action Deny Access Type TELENT SNMP Port 6 ...

Page 280: ...simple and detail port counter information Argument None Possible value None Example SW24GF port clear counter set description Syntax set description port range description Description To set port description Argument port range syntax 1 5 7 available from 1 to 24 description set port description max 47 characters Possible value port range 1 to 24 description max 47 characters Example SW24GF port ...

Page 281: ...ive collision 6 10 restart SW24GF port show config Speed Flow Maximum Excessive Port Duplex Control Frame Collision Description a list of previously run command set priority DISCAR 2 Auto Disabled 9600 Discard 3 Auto Disabled 9600 Discard salesdepartment 4 Auto Disabled 9600 Discard salesdepartment 5 Auto Disabled 9600 Discard salesdepartment 6 Auto Disabled 9600 Restart salesdepartment 7 Auto Dis...

Page 282: ...maximum frame size Argument port range syntax 1 5 7 available from 1 to 24 value Allowed value are 1518 9600 bytes Possible value port range syntax 1 to 24 value 1518 9600 bytes Example SW24GF port set max frame 3 6 1518 SW24GF port show config Speed Flow Maximum Excessiveommands 2 Auto Disabled 9600 Discard 3 Auto Enabled 1518 Discard salesdepartment 4 Auto Enabled 1518 Discard salesdepartment 5 ...

Page 283: ...eed Port Link Duplex Rx Pause Tx Pause Description 1 Up 100M Full Disabled Disabled 2 Down Down Disabled Disabled 3 Up 100M Full Disabled Disabled 4 Down Down Disabled Disabled 5 Down Down Disabled Disabled 6 Down Down Disabled Disabled 7 Up 1G Full Disabled Disabled 8 Down Down Disabled Disabled 9 Down Down Disabled Disabled set powersaving Syntax set set powersaving port 0 1 Description To set p...

Page 284: ...600 Discard 11 Auto Disabled 9600 Discard 12 Auto Disabled 9600 Discard show detail counter Syntax show detail counter port Description To display the display detail port counter Argument port port available from 1 to 24 Possible value port 1 24 Example SW24GF port show detail counter 3 Rx Multicast 6 Tx Multicast 641 Rx Broadcast 94 Tx Broadcast 5251 Rx Pause 0 Tx Pause 0 Receive Size Counters Tr...

Page 285: ...e SW24GF port show sfp 11 Port 11 SFP information Connector Type SFP Unknown or unspecified Fiber Type Reserved Tx Central Wavelength 0 Baud Rate 1G Vendor OUI 00 00 00 Vendor Name FIBERXON INC Vendor PN FTM C012R LC Vendor Rev 10 Vendor SN PP220052901281 Date Code 051012 Temperature none Vcc none Mon1 Bias mA none Mon2 TX PWR none Mon3 RX PWR none SW24GF port Port 23 SFP information Connector Typ...

Page 286: ...ne Possible value None Example SW24GF port show simple counter set max frame Set per port maximum frame size 13 0 0 0 0 0 0 0 0 14 0 0 0 0 0 0 0 0 15 0 0 0 0 0 0 0 0 16 0 0 0 0 0 0 0 0 17 0 0 0 0 0 0 0 0 18 0 0 0 0 0 0 0 0 19 0 0 0 0 0 0 0 0 20 0 0 0 0 0 0 0 0 21 0 0 0 0 0 0 0 0 22 0 0 0 0 0 0 0 0 23 0 0 0 0 0 0 0 0 24 0 0 0 0 0 0 0 0 SW24GF port show status Syntax show status Description To displ...

Page 287: ...own Disabled Disabled 5 Down Down Disabled Disabled 6 Down Down Disabled Disabled 7 Up 1G Full Disabled Disabled SW24GF port show Powersaving Syntax show powersaving Description To display the port s powersaving status Argument None Possible value None Example SW24GF port show powersaving Port Power Saving 1 Disabled 2 Disabled 3 Disabled 4 Disabled 5 Disabled 6 Disabled 7 Disabled 8 Disabled SW24...

Page 288: ... 7 available from 1 to 24 default class option low normal medium high qcl available from 1 to 24 user priority available from 0 to 7 queuing mode strict weighted low queue weighted 1 2 4 8 normal queue weighted 1 2 4 8 medium queue weighted 1 2 4 8 high queue weighted 1 2 4 8 Possible value range syntax 1 to 24 default class option low normal medium high qcl 1 to 24 user priority 0 to 7 queuing mo...

Page 289: ...escription To show port information Argument none Possible value none Example SW24GF qos ports show Number of Classes 2 2 Medium 1 3 Weighted Fair 2 2 2 2 3 Low 1 0 Strict Priority 1 2 4 8 4 Low 1 0 Strict Priority 1 2 4 8 5 Low 1 0 Strict Priority 1 2 4 8 6 Low 1 0 Strict Priority 1 2 4 8 7 Low 1 0 Strict Priority 1 2 4 8 8 Low 1 0 Strict Priority 1 2 4 8 9 Low 1 0 Strict Priority 1 2 4 8 10 Low ...

Page 290: ...ption To move up the specific QCE entry in the specific QCL Argument qcl the qcl number available from 1 to 24 qce the original qce number available from 1 to 12 new qce the new qce number available from 1 to 12 Possible value qcl available from 1 to 24 qce available from 1 to 12 new qce available from 1 to 12 Example SW24GF qos qcl move 2 1 1 delete Syntax delete qcl qce range Description To dele...

Page 291: ...ble and 0 means disable rate allowed values are 500kbps 1Gkps unit k means kbps and m means mbps shaper enabled 1 means enable and 0 means disable rate allowed values are 500kbps 1Gkps unit k means kbps and m means mbps Example SW24GF qos rate set 2 1 1000 m 1 1000 m SW24GF qos rate show 2 V 1000 Mbps V 1000 Mbps 3 500 kbps 500 kbps 4 500 kbps 500 kbps 5 500 kbps 500 kbps 6 500 kbps 500 kbps 7 500...

Page 292: ...rate 1 2 4 8 16 32 64 128 256 512 1k 2k 4k 8k 16k 32k 64k 128k 256k 512k Possible value status 1 means enable and 0 means disable rate 1 2 4 8 16 32 64 128 256 512 1k 2k 4k 8k 16k 32k 64k 128k 256k 512k Example SW24GF qos storm set multicast 1 64 SW24GF qos storm show Frame Type Status Rate Packet Per Second Flooded unicast 1 Multicast V 64 Broadcast V 512 set unicast Syntax set unicast status rat...

Page 293: ...d unicast V 128 Multicast V 64 Broadcast V 512 show Syntax show Description To show storm control configuration Argument none Possible value none Example SW24GF qos storm show Frame Type Status Rate Packet Per Second Flooded unicast V 128 Multicast V 64 Broadcast V 512 reboot reboot Syntax reboot Description To reboot the system Argument None Possible value None Example SW24GF reboot snmp ...

Page 294: ...ent None Possible value None Example SW24GF snmp enable snmp SW24GF snmp enable set ability set Syntax set get community community set set community community set trap ip port community Description The Set here is used for the setup of get community set community trap host ip host port and trap community Argument trap number ip ip address or domain name port trap port community trap community name...

Page 295: ...ic Set Community private Enable Trap Host 1 IP Address 192 168 1 1 Port 162 Community public Trap Host 2 IP Address 0 0 0 0 Port 162 Community public Trap Host 3 IP Address 0 0 0 0 Port 162 Community public Trap Host 4 IP Address 0 0 0 0 Port 162 Community public Trap Host 5 IP Address 0 0 0 0 Port 162 Community public Trap Host 6 IP Address 0 0 0 0 Port 162 Community public ...

Page 296: ...lable from 1 to 24 Possible value range 1 to 24 Example SW24GF stp Mcheck 1 8 disable Syntax disable Description To disable the STP function Argument None Possible value None Example SW24GF stp disable enable Syntax enable Description To enable the STP function Argument None Possible value None Example SW24GF stp enable ...

Page 297: ... to 10 Max Age 6 to 40 Forward Delay 4 to 30 Example SW24GF stp set config 61440 2 20 15 set port Syntax set port range path cost priority edge_port admin p2p Description To set up the port information of STP Argument range syntax 1 5 7 available from 1 to 24 path cost 0 1 200000000 The value zero means auto status priority priority must be a multiple of 16 available from 0 to 240 edge_port Admin ...

Page 298: ...ample SW24GF stp set version rstp show config Syntax show config Description To display the configuration of STP Argument None Possible value None Example SW24GF stp show config STP State Configuration Spanning Tree Protocol Enabled Bridge Priority 0 61440 61440 Hello Time 1 10 sec 2 Max Age 6 40 sec 20 Forward Delay 4 30 sec 15 Force Version RSTP ...

Page 299: ...Auto 7 DISCARDING 2000000 128 No Auto 8 DISCARDING 2000000 128 No Auto 9 DISCARDING 2000000 128 No Auto 10 DISCARDING 2000000 128 No Auto 11 DISCARDING 2000000 128 No Auto 12 DISCARDING 2000000 128 No Auto 13 DISCARDING 2000000 128 No Auto 14 DISCARDING 2000000 128 No Auto 15 DISCARDING 2000000 128 No Auto 16 DISCARDING 2000000 128 No Auto 17 DISCARDING 2000000 128 No Auto 18 DISCARDING 2000000 12...

Page 300: ...GF stp show status STP Status STP State Enabled Bridge ID 00 40 C7 D8 09 1D Bridge Priority 61440 Designated Root 00 40 C7 D8 09 1D Designated Priority 61440 Root Port 0 Root Path Cost 0 Current Max Age sec 20 Current Forward Delay sec 15 Hello Time sec 2 STP Topology Change Count 0 Time Since Last Topology Change sec 848 ...

Page 301: ...e name device name string Description To set the device name description of the switch Argument device name string length up to 40 characters Possible value device name A b c d z and 1 2 3 etc Example SW24GF system set device name CR 2600 set location Syntax set location location string Description To set the location description of the switch Argument location string length up to 40 characters Po...

Page 302: ...rs 4 Mins 14 Secs Current Time Tue Jan 17 16 28 46 2006 BIOS Version v1 05 Firmware Version v2 08 Hardware Mechanical Version v1 01 v1 01 Serial Number 030C02000003 Host IP Address 192 168 1 1 Host MAC Address 00 40 c7 e7 00 10 Device Port UART 1 TP 22 Dual Media Port RJ45 SFP 2 RAM Size 16 M Flash Size 2 M traplog clear Syntax clear Description To clear trap log Argument none Possible value none ...

Page 303: ... 17 15 18 38 2008 Link Up Port 5 8 Mon Mar 17 15 18 48 2008 Login admin time set daylightsaving Syntax set daylightsaving hr MM DD HH mm dd hh Description To set up the daylight saving Argument hr daylight saving hour range 5 to 5 MM daylight saving start Month 01 12 DD daylight saving start Day 01 31 HH daylight saving start Hour 00 23 mm daylight saving end Month 01 12 dd daylight saving end Day...

Page 304: ...ntp Syntax set ntp ip timezone Description To set up the current time via NTP server Argument ip ntp server ip address or domain name timezone time zone GMT range 12 to 13 Possible value timezone 12 11 0 1 13 Example SW24GF time set ntp clock via net 8 Synchronizing 1 Synchronization success show Syntax show Description To show the time configuration including Current Time NTP Server Timezone Dayl...

Page 305: ...To set up the LACP system priority Argument range available from 1 to 65535 Possible value range 1 to 65535 default 32768 Example SW24GF trunk set priority 33333 set trunk Syntax set trunk port range method group active LACP Description To set up the status of trunk including the group number and mode of the trunk as well as LACP mode Argument port range port range syntax 1 5 7 available from 1 to...

Page 306: ...ne Member Ports 1 Ready Ports 1 Aggregator 2 Method LACP Member Ports 2 Ready Ports show lacp detail Syntax show lacp detail aggtr Description To display the detailed information of the LACP trunk group Argument aggtr aggregator available from 1 to 24 Possible value aggtr 1 to 24 Example SW24GF trunk show lacp detail 2 Aggregator 2 Information Actor Partner System Priority MAC Address System Prior...

Page 307: ...the aggregator status and the settings of each port Argument None Possible value None Example SW24GF trunk show status Trunk Port Setting Trunk Port Status port Method Group Active LACP Aggtregator Status 1 None 0 Active 1 Ready 2 LACP 1 Active 2 3 LACP 1 Active 3 4 LACP 1 Active 4 5 LACP 1 Active 5 6 LACP 1 Active 6 7 LACP 1 Active 7 19 None 0 Active 19 20 None 0 Active 20 21 None 0 Active 21 22 ...

Page 308: ...el tag group vid Description To delete the tag based vlan group Argument vid which vlan group you want to delete available from 1 to 4094 Possible value vid 1 to 4094 Example SW24GF vlan del tag group 2 disable drop untag Syntax disable drop untag range Description Don t drop the untagged frames Argument range which port s you want to set syntax 1 5 7 available from 1 to 24 Possible value range 1 ...

Page 309: ...g Syntax enable drop untag range Description To drop the untagged frames Argument range which port s you want to set syntax 1 5 7 available from 1 to 24 Possible value range 1 to 24 Example SW24GF vlan enable drop untag 5 10 enable sym vlan Syntax enable sym vlan range Description To drop frames from the non member port Argument range which port s you want to set syntax 1 5 7 available from 1 to 2...

Page 310: ... Syntax set double tag range 0 1 2 Description To set double tag per port and enable Q in Q VLAN function on switch Argument range 1 5 7 available from 1 to 24 0 disable 1 service provider port 2 customer port Possible value range 1 to 24 Example SW24GF vlan set double tag 3 1 SW24GF vlan set port group Syntax set port group name range Description To add or edit a port based VLAN group Argument na...

Page 311: ...d Tag all frames except a specific VID vid untag vid for hybrid port Possible value range 1 to 24 vid 1 to 4094 Example SW24GF vlan set port role 5 hybrid 6 set pvid Syntax set pvid range pvid Description To set the pvid of vlan Argument range which port s you want to set PVID s syntax 1 5 7 available from 1 to 24 pvid which PVID s you want to set available from 1 to 4094 Possible value range 1 to...

Page 312: ...o 4094 range 1 to 24 0 or 1 Example SW24GF vlan set tag group 2 VLAN 2 2 5 6 15 13 0 show group Syntax show group Description To display the vlan mode and vlan group Argument None Possible value None Example SW24GF vlan show group Vlan mode is double tag 1 Vlan Name default Vlan ID 1 Sym vlan Disable Member 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 2 Vlan Name VLAN 2 Vlan ID 2 Sym vlan Disable Member...

Page 313: ... 2 1 Disable Disable Access 3 5 Disable Disable Access 4 1 Disable Disable Access 5 5 Enable Disable Hybrid 6 6 5 Enable Disable Access 7 5 Enable Disable Access 8 5 Enable Disable Access 9 1 Enable Disable Access 10 1 Enable Disable Access 11 1 Disable Disable Access 23 1 Disable Disable Access 24 1 Disable Disable Access ...

Page 314: ...ction ports are used on that Managed Switch 9 Please check the uplink setup of the Managed Switch to verify the uplink function is enabled 3 The console interface cannot appear on the console port connection 9 The COM port default parameters are Baud Rate 115200 Data Bits 8 Parity Bits None Stop Bit A Flow Control None Please check the COM port property in the terminal program And if the parameter...

Page 315: ...chanism enables forwarding rate at wire speed Web based management provides the ability to completely manage the switch from any web browser Support Power Saving with ActiPHY Power Management and Perfect Reach Power Management techniques Support Link Layer Discovery Protocol LLDP SNMP Telnet interface delivers complete in band management Supports IEEE 802 1d Spanning Tree Protocol Supports IEEE 80...

Page 316: ...00Mbps for TP 1000Mbps for Fiber Full Forwarding Filtering Packet Rate PPS packets per second Forwarding Rate Speed 1 488 000PPS 1000Mbps 148 800PPS 100Mbps 14 880PPS 10Mbps MAC Address and Self learning 8K MAC address 4K VLAN table entries Buffer Memory Embedded 1392 KB frame buffer Flow Control IEEE802 3x compliant for full duplex Backpressure flow control for half duplex Cable and Maximum Lengt...

Page 317: ...h Control Supports by port Egress Ingress rate control Quality of Service QoS Referred as Class of Service CoS by the IEEE 802 1P standard Classification of packet priority can be based on either a VLAN tag on packet or a user defined Per port QoS Two queues per port IP TOS Classification TCP UDP Port Classification IP DiffServe Classification Port Security Limit number of MAC addresses learned pe...

Page 318: ...rface The table below shows the pin assignments for the DB 9 cable Function Mnemonic Pin Carrier CD 1 Receive Data RXD 2 Transmit Data TXD 3 Data Terminal Ready DTR 4 Signal Ground GND 5 Data Set Ready DSR 6 Request To Send RTS 7 Clear To Send CTS 8 9 Pin Null Modem Cable CD 1 4 DTR DSR 6 1 CD DTR 4 6 DSR RXD 2 3 TXD TXD 3 2 RXD GND 5 5 GND RTS 7 8 CTS CTS 8 7 RTS Reserve 9 9 Reserve ...

Reviews:

No comments

Related manuals for KGS-2416

Handic VIC-Switch User Manual preview
VIC-Switch
Brand: Handic Pages: 2
LIVOLO VL-C302S-61 Manual preview
VL-C302S-61
Brand: LIVOLO Pages: 14
DirectConnect 43136 User Manual preview
43136
Brand: DirectConnect Pages: 10
Phonocar 5-981 Mounting Instructions preview
5-981
Brand: Phonocar Pages: 2
Cabletron Systems 9F426-03 Appendix preview
9F426-03
Brand: Cabletron Systems Pages: 14
cable matters 201063 User Manual preview
201063
Brand: cable matters Pages: 12
T.I.P. TLS 100 E Manual preview
TLS 100 E
Brand: T.I.P. Pages: 42
Sandberg Mini Hub 5 port Quick Start Manual preview
Mini Hub 5 port
Brand: Sandberg Pages: 12
Booma-RC Hidden Ignition Switch Manual preview
Hidden Ignition Switch
Brand: Booma-RC Pages: 16
infobit iMatrix H44H150 User Manual preview
iMatrix H44H150
Brand: infobit Pages: 27
ADTRAN 1200766L1 Quick Start Manual preview
1200766L1
Brand: ADTRAN Pages: 2
ADTRAN 1700546G1 120 Quick Start Manual preview
1700546G1 120
Brand: ADTRAN Pages: 4
ADTRAN NetVanta 1570-24-370W Quick Start Manual preview
NetVanta 1570-24-370W
Brand: ADTRAN Pages: 9
Qlogic SANbox 3810 Specifications preview
SANbox 3810
Brand: Qlogic Pages: 4
Kramer VS-44DT User Manual preview
VS-44DT
Brand: Kramer Pages: 71
Wise P941 Instruction Manual preview
P941
Brand: Wise Pages: 8
Arista DCS-7010T-48 Quick Start Manual preview
DCS-7010T-48
Brand: Arista Pages: 20
Kramer VS-1616DN-EM User Manual preview
VS-1616DN-EM
Brand: Kramer Pages: 156

Brands by name

Popular brands

Load more brands