manualshive.com logo in svg

Planet MGSD-10080F, User Manual

The Planet Networking & Communication MGSD-10080F comes with a comprehensive User Manual, available for free download from our website. This detailed manual provides step-by-step instructions and essential information for maximizing the use of this outstanding product. Improve your networking and communication experience with this indispensable resource.

Share
Download
background image

User’s Manual of MGSD-10080F 

 

 

250 

 

limited using the Port Security Limit Control functionality.   

MAC-based Auth. 

Unlike port-based 802.1X, MAC-based authentication is not a standard, but 

merely a best-practices method adopted by the industry. In MAC-based 

authentication, users are called clients, and the switch acts as the supplicant on 

behalf of clients. The initial frame (any kind of frame) sent by a client is snooped 

by the switch, which in turn uses the client's MAC address as both username and 

password in the subsequent EAP exchange with the RADIUS server. The 6-byte 

MAC address is converted to a string on the following form "xx-xx-xx-xx-xx-xx", 

that is, a dash (-) is used as separator between the lower-cased hexadecimal 

digits. The switch only supports the MD5-Challenge authentication method, so 

the RADIUS server must be configured accordingly. 

When authentication is complete, the RADIUS server sends a success or failure 

indication, which in turn causes the switch to open up or block traffic for that 

particular client, using the Port Security module. Only then will frames from the 

client be forwarded on the switch. There are no EAPOL frames involved in this 

authentication, and therefore, MAC-based Authentication has nothing to do with 

the 802.1X standard. 

The advantage of MAC-based authentication over port-based 802.1X is that 

several clients can be connected to the same port (e.g. through a 3rd party 

switch or a hub) and still require individual authentication, and that the clients 

don't need special supplicant software to authenticate. The advantage of 

MAC-based authentication over 802.1 X-based authentication is that the clients 

don't need special supplicant software to authenticate. The disadvantage is that 

MAC addresses can be spoofed by malicious users - equipment whose MAC 

address is a valid RADIUS user can be used by anyone. Also, only the 

MD5-Challenge method is supported. The maximum number of clients that can 

be attached to a port can be limited using the Port Security Limit Control 

functionality. 

 

RADIUS-Assigned QoS 

Enabled 

When RADIUS-Assigned QoS is both globally enabled and enabled (checked) 

for a given port, the switch reacts to QoS Class information carried in the 

RADIUS Access-Accept packet transmitted by the RADIUS server when a 

supplicant is successfully authenticated. If present and valid, traffic received on 

the supplicant's port will be classified to the given QoS Class. If 

(re-)authentication fails or the RADIUS Access-Accept packet no longer carries a 

QoS Class or it's invalid, or the supplicant is otherwise no longer present on the 

port, the port's QoS Class is immediately reverted to the original QoS Class 

(which may be changed by the administrator in the meanwhile without affecting 

Summary of Contents for MGSD-10080F

Page 1: ...User s Manual of MGSD 10080F 1 ...

Page 2: ...s are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with the Instruction manual may cause harmful interference to radio communications Operation of this equipment in a residential area is likely to cause...

Page 3: ...r Input 38 2 1 4 Wiring the DC Power Input 39 2 1 5 Wiring the Faulty Alarm Contact 40 2 1 6 Wiring the Digital Input Output 41 2 2 Install the Managed Switch 44 2 2 1 Desktop Installation 44 2 2 2 Rack Mounting 45 2 3 Cabling 46 2 3 1 Installing the SFP Transceiver 47 2 3 2 Remove the Module 49 3 SWITCH MANAGEMENT 50 3 1 Requirements 50 3 2 Management Access Overview 51 3 3 CLI Mode Management 52...

Page 4: ...82 4 2 16 Digital Input Output 83 4 2 17 Faulty Alarm 85 4 2 18 LED Power Reduction 86 4 2 19 EEE Power Reduction 87 4 2 20 Web Firmware Upgrade 88 4 2 21 TFTP Firmware Upgrade 89 4 2 22 Configuration Backup 90 4 2 23 Configuration Upload 92 4 2 24 Image Select 93 4 2 25 Factory Default 94 4 2 26 System Reboot 95 4 3 Simple Network Management Protocol 96 4 3 1 SNMP Overview 96 4 3 2 SNMP System Co...

Page 5: ...bership 133 4 6 6 VLAN Membership Status 134 4 6 7 VLAN Port Status 136 4 6 8 Private VLAN 137 4 6 9 Port Isolation 138 4 6 10 VLAN Setting Example 140 4 6 10 1 Two separate 802 1Q VLANs 140 4 6 10 2 VLAN Trunking between two 802 1Q aware Switches 143 4 6 10 3 Port Isolate 145 4 6 11 MAC based VLAN 146 4 6 12 MAC based VLAN Status 147 4 6 13 IP Subnet based VLAN 148 4 6 14 Protocol based VLAN 149 ...

Page 6: ...ormation 189 4 8 14 MVR 190 4 8 15 MVR Status 192 4 8 16 MVR Groups Information 193 4 8 17 MVR SFM Information 194 4 9 Quality of Service 196 4 9 1 Understand QOS 196 4 9 2 Port Policing 197 4 9 3 Port Shaping 198 4 9 3 1 QoS Egress Port Schedule and Shapers 198 4 9 4 Port Classification 200 4 9 4 1 QoS Ingress Port Tag Classification 201 4 9 5 Port Scheduler 203 4 9 6 Port Tag Remarking 203 4 9 6...

Page 7: ...n Server Configuration 262 4 11 7 RADIUS Overview 265 4 11 8 RADIUS Details 267 4 11 9 Windows Platform RADIUS Server Configuration 273 4 11 10 802 1X Client Configuration 278 4 12 Security 281 4 12 1 Port Limit Control 281 4 12 2 Access Management 285 4 12 3 Access Management Statistics 286 4 12 4 HTTPs 287 4 12 5 SSH 288 4 12 6 Port Security Status 289 4 12 7 Port Security Detail 291 4 12 8 DHCP...

Page 8: ...17 RMON 330 4 17 1 RMON Alarm Configuration 330 4 17 2 RMON Alarm Status 332 4 17 3 RMON Event Configuration 333 4 17 4 RMON Event Status 334 4 17 5 RMON History Configuration 335 4 17 6 RMON History Status 335 4 17 7 RMON Statistics Configuration 337 4 17 8 RMON Statistics Status 337 4 19 Ring 340 4 19 1 MEP Configuration 341 4 19 2 Detailed MEP Configuration 342 4 19 3 Ethernet Ring Protocol Swi...

Page 9: ...iguration 362 System Location 362 System Log Level 363 System DST Mode 363 System DST Start 364 System Log Lookup 364 System DST End 365 System Log Clear 365 System Reboot 366 System DST Offset 366 System Restore Default 366 System Load 367 6 2 IP Command 368 IP Configuration 368 IP DHCP 368 IP Setup 369 IP Ping 370 IP DNS 370 IP DNS Proxy 371 IPv6 AUTOCINFIG 371 IPv6 Setup 372 IPv6 State 372 IPv6...

Page 10: ... 383 MAC Configuration 383 MAC Add 383 MAC Delete 384 MAC Lookup 384 MAC Age Time 385 MAC Learning 385 MAC Dump 386 MAC Statistics 387 MAC Flush 387 6 5 VLAN Configuration Command 388 VLAN Configuration 388 VLAV PVID 389 VLAN Frame Type 389 VLAN Ingress Filter 390 VLAN Mode 390 VLAN Link Type 391 VLAN Q in Q Mode 391 VLAN Ethernet Type 392 VLAN untagVID 392 VLAN Add 393 VLAN Forbidden Add 393 VLAN...

Page 11: ... 405 Security Switch SSH Configuration 406 Security Switch SSH Mode 406 Security Switch HTTPs Configuration 407 Security Switch HTTPs Mode 407 Security Switch HTTPs Redirect 408 Security Switch Access Configuration 408 Security Switch Access Mode 409 Security Switch Access Add 409 Security Switch Access IPv6 Add 410 Security Switch Access Delete 410 Security Switch Access Lookup 411 Security Switc...

Page 12: ...elete 424 Security Switch SNMP User Changekey 424 Security Switch SNMP User Lookup 425 Security Switch SNMP Group Add 425 Security Switch SNMP Group Delete 426 Security Switch SNMP Group Lookup 426 Security Switch SNMP View Add 427 Security Switch SNMP View Delete 427 Security Switch SNMP View Lookup 428 Security Switch SNMP Access Add 428 Security Switch SNMP Access Delete 429 Security Switch SNM...

Page 13: ...S RADIUS_QoS 445 Security Network NAS RADIUS_VLAN 446 Security Network NAS Guest_VLAN 447 Security Network NAS Authenticate 448 Security Network NAS Statistics 448 Security Network ACL Configuration 449 Security Network ACL Action 449 Security Network ACL Policy 450 Security Network ACL Rate 450 Security Network ACL Add 451 Security Network ACL Delete 452 Security Network ACL Lookup 453 Security N...

Page 14: ...on Mode 463 Security Network ARP Inspection Port Mode 464 Security Network ARP Inspection Entry 464 Security Network ARP Inspection Status 465 Security Network ARP Inspection Translation 465 Security AAA Configuration 465 Security AAA Timeout 467 Security AAA Deadtime 467 Security AAA RADIUS 468 Security AAA ACCT_RADIUS 468 Security AAA TACACS 469 Security AAA Statistics 470 6 8 Spanning Tree Prot...

Page 15: ...guration 486 Aggregation Add 486 Aggregation Delete 486 Aggregation Lookup 487 Aggregation Mode 487 6 10 Link Aggregation Control Protocol Command 489 LACP Configuration 489 LACP Mode 489 LACP Key 490 LACP Prio 490 LACP System Prio 491 LACP Role 491 LACP Status 492 LACP Statistics 492 LACP Timeout 493 6 11 LLDP Command 494 LLDP Configuration 494 LLDP Mode 494 LLDP Optional TLV 495 LLDP Interval 49...

Page 16: ...Queues 507 6 14 LED Power Command 508 LED Power Timers 508 LED Power Delete Timer 508 LED Power Maintenance 508 LED Power Configuration 509 6 15 Ethernet Virtual Connections Command 510 EVC Configuration 510 EVC Port DEI 510 EVC Port Tag 510 EVC Port Addr 511 EVC Port L2CP 511 EVC Policer 511 EVC Add 512 EVC Delete 512 EVC Lookup 513 EVC Status 513 EVC Statistics 513 EVC ECE Add 514 EVC ECE Delete...

Page 17: ...asurement State 526 MEP Loss Measurement State Clear 526 MEP Link Trace State 527 MEP Loop Back State 527 MEP Delay Measurement State 527 MEP Delay Measurement State Clear 528 MEP Test Signal State 528 MEP Test Signal State Clear 528 6 18 Quality of Service Command 529 QoS Configuration 529 QoS Port Classification Class 529 QoS Port Classification DPL 530 QoS Port Classification PCP 530 QoS Port C...

Page 18: ...essRemark 542 QoS DSCP Map 542 QoS DSCP Translation 543 QoS DSCP Trust 543 QoS DSCP Classification Mode 543 QoS DSCP EgressRemap 544 QoS Storm Unicast 544 QoS Storm Multicast 545 QoS Storm Broadcast 545 QoS QCL Add 546 QoS QCL Delete 547 QoS QCL Lookup 548 QoS QCL Status 548 QoS QCL Refresh 548 6 19 Mirror Command 550 Mirror Configuration 550 Mirror Port 550 Mirror Mode 551 6 20 Configuration Comm...

Page 19: ...61 MVR SFM 561 6 24 Voice VLAN Command 563 Voice VLAN Configuration 563 Voice VLAN Mode 564 Voice VLAN ID 565 Voice VLAN Agetime 565 Voice VLAN Traffic Class 566 Voice VLAN OUI Add 566 Voice VLAN OUI Delete 567 Voice VLAN OUI Clear 567 Voice VLAN OUI Lookup 567 Voice VLAN Port Mode 568 Voice VLAN Security 568 Voice VLAN Discovery Protocol 569 6 25 Ethernet Ring Protection Switching Command 570 ERP...

Page 20: ...ansmit 577 Loop Protect Shutdown 578 Loop Protect Port Configuration 578 Loop Protect Port Mode 578 Loop Protect Port Action 579 Loop Protect Port Transmit 579 Loop Protect Status 579 6 27 IPMC Command 580 IPMC Configuration 580 IPMC Mode 580 IPMC Flooding 581 IPMC Leave Proxy 581 IPMC Proxy 582 IPMC SSM 582 IPMC VLAN Add 583 IPMC VLAN Delete 583 IPMC State 584 IPMC Querier 584 IPMC Compatibility ...

Page 21: ...ete Ethernet II 595 VCL Protocol based VLAN Delete SNAP 595 VCL Protocol based VLAN Delete LLC 596 VCL Protocol based VLAN Add 596 VCL Protocol based VLAN Delete 596 VCL Protocol based VLAN Configuration 597 VCL IP Subnet based Vlan Configuration 597 VCL IP Subnet based Vlan Add 597 VCL IP Subnet based Vlan Delete 597 6 29 SMTP Command 599 SMTP Configuration 599 SMTP Mode 599 SMTP Server 599 SMTP ...

Page 22: ... 609 Show ARP 609 Show Auth 609 Show DHCP Relay 610 Show EEE 610 Show HTTPs 610 Show IGMP 610 Show IP 611 Show LACP 611 Show Limit Control 611 Show LLDP 611 Show LLDP MED 611 Show Loop Protect 612 Show MAC 612 Show Mirror 612 Show MVR 612 Show Port 613 Show Privilege 613 Show Private VLAN 613 Show QoS 613 Show SNMP 613 Show SSH 614 Show System 614 Show Timezone 614 Show UPnP 614 Show Users 615 Sho...

Page 23: ...s Table 617 7 2 Learning 617 7 3 Forwarding Filtering 617 7 4 Store and Forward 617 7 5 Auto Negotiation 618 8 TROUBLE SHOOTING 619 APPENDEX A 621 A 1 Switch s Data RJ 45 Pin Assignments 1000Mbps 1000Base T 621 A 2 10 100Mbps 10 100Base TX 621 APPENDEX B GLOSSARY 623 ...

Page 24: ... Degrees C Managed Switch mentioned in this User s Manual refers to the MGSD 10080F 1 1 Packet Contents Open the box of the Managed Switch and carefully unpack it The box should contain the following items The MGSD 10080F X1 Quick Installation Guide X1 User s Manual CD X1 DB9 to RJ 45 Consol Cable X1 Rubber Feet X4 Rack Mount Accessory Kit X1 AC Power Cord X1 Dust Cap X11 If any of these are missi...

Page 25: ...r technicians AC and DC Redundant Power to ensure continuous operation PLANET MGSD 10080F is equipped with one 100 240V AC power supply unit and one additional 36 72V DC power supply unit for redundant power supply installation A redundant power system is also provided to enhance the reliability with either the 100 240V AC power supply unit or the DC 36 72V power supply unit Redundant Power System...

Page 26: ...edge service and for Industries to connect with IPv6 network Layer 2 Layer 4 Full functioned Managed Switch for Building Automation Networking The MGSD 10080F Metro Managed Ethernet Switch is ideal for applications in the factory data centers and distributions It provides advanced Layer 2 to Layer 4 data switching and redundancy Quality of Service traffic control network access control and authent...

Page 27: ...ork administrator such as optical output power optical input power temperature laser bias current and transceiver supply voltage 1 3 How to Use This Manual This User Manual is structured as follows Section 2 INSTALLATION The section explains the functions of the Managed Switch and how to physically install the Managed Switch Section 3 SWITCH MANAGEMENT The section contains the information about th...

Page 28: ... do the switch operation of the Managed Switch Section 8 TROUBLESHOOTING The chapter explains how to do troubleshooting of the Managed Switch Appendix A The section contains cable information of the Managed Switch Appendix B The section contains glossary information of the Managed Switch ...

Page 29: ... SNMP Trap Hardware Design 10 to 60 Degrees C Operating Temperature for DC Power Input only 19 inch Rack mountable Relay Alarm for Port Breakdown Power Failure Fanless Design Layer 2 Features Prevents Packet Loss with Back Pressure Half Duplex and IEEE 802 3x PAUSE Frame Flow Control Full Duplex High Performance of Store and Forward Architecture and Runt CRC Filtering Eliminate Erroneous Packets t...

Page 30: ...t Per Port Bandwidth Control 8 Priority Queues on All Switch Ports Traffic Classification IEEE 802 1p CoS IP TOS DSCP IP Precedence IP TCP UDP Port Number Typical Network Application Strict Priority and Weighted Round Robin WRR CoS Policies Supports QoS and In Out bandwidth Control on Each Port Traffic Policing Policies on the Switch Port DSCP Remarking Multicast Supports IGMP Snooping v1 v2 and v...

Page 31: ...SL and SNMP v3 Secure Access Four RMON Groups History Statistics Alarms and Events IPv6 IP Address NTP DNS Management Built in Trivial File Transfer Protocol TFTP Client BOOTP and DHCP for IP Address Assignment Firmware Upload Download via HTTP TFTP DHCP Relay DHCP Option 82 User Privilege Levels Control NTP Network Time Protocol Link Layer Discovery Protocol LLDP Protocol SFP DDM Digital Diagnost...

Page 32: ...nds Factory Default Connector Removable 6 pin terminal block for power input Pin 1 2 for Power 1 Pin 3 4 for fault alarm Pin 5 6 for Power 2 Removable 6 pin terminal block for DI DO interface Pin 1 2 for DI 1 2 Pin 3 4 for DO 1 2 Pin 5 6 for GND Dimensions W x D x H 330 x 155 x 43 5 mm 1U high Weight 1661g LED Indicator System PWR Green DC 1 Green DC 2 Green Fault Alarm Green Ring Green Ring Owner...

Page 33: ...ports 5 Groups of 8 Port trunk Support QoS Traffic Classification based Strict Priority and WRR 8 Level Priority for Switching Port Number 802 1p Priority 802 1Q VLAN Tag DSCP TOS Field in IP Packet IGMP Snooping IGMP v1 v2 V3 Snooping up to 255 Multicast Groups IGMP Querier Mode Support MLD Snooping MLD v1 v2 Snooping up to 255 Multicast Groups MLD Querier Mode Support Access Control List IP base...

Page 34: ...ith LACP IEEE 802 1D Spanning Tree Protocol IEEE 802 1w Rapid Spanning Tree Protocol IEEE 802 1s Multiple Spanning Tree Protocol IEEE 802 1p Class of Service IEEE 802 1Q VLAN Tagging IEEE 802 1x Port Authentication Network Control IEEE 802 1ab LLDP RFC 768 UDP RFC 793 TFTP RFC 791 IP RFC 792 ICMP RFC 2068 HTTP RFC 1112 IGMP version 1 RFC 2236 IGMP version 2 Environment Operating Temperature 10 60 ...

Page 35: ... 45 Twist Pair Up to 100 meters Gigabit SFP slots 1000Base SX LX mini GBIC Slot SFP Small Factor Pluggable Transceiver Module from 550 meters Multi mode Fiber up to 10 30 50 70 120 kilometers Single mode Fiber Console Port The console port is a RJ 45 port connector It is an interface for connecting a terminal directly Through the console port it provides rich diagnostic information including IP Ad...

Page 36: ...ower in the range of 100 240V AC and 50 60 Hz Plug the female end of the power cord firmly into the receptalbe on the front panel of the Managed Switch Plug the other end of the power cord into an electric service outlet and then the power will be ready Power Notice The device is a power required device which means it will not work till it is powered If your networks should be active all the time ...

Page 37: ...owered on by DC2 input Fault Green Lights to indicate that Switch AC DC or port has failed Ring Green Lights to indicate that the ERPS Ring has been created successfully R O Green Lights to indicate that Switch has been enabled Ring Owner Per SFP Interface LED Color Function 1000 LNK ACT Green Lights To indicate the link through that port is successfully established with speed 1000Mbps Blink To in...

Page 38: ...T LED Off indicate that the port is link down 10 100 LNK ACT Orange Lights To indicate the link through that port is successfully established with speed 10Mbps or 100Mbps Blink To indicate that the switch is actively sending or receiving data over that port Off If 1000 LNK ACT LED light indicate that the port is operating at 1000Mbps If 1000 LNK ACT LED Off indicate that the port is link down 2 1 ...

Page 39: ...lock connector on the front panel of MGSD 10080F is used for two DC redundant powers input Please follow the steps below to insert the power wire 1 Insert positive negative DC power wires into the contacts 1 and 2 for DC POWER 1 or 5 and 6 for DC POWER 2 Figure 2 3 MGSD 10080F Upper Panel ...

Page 40: ... Alarm Contact The fault alarm contacts are in the middle 3 4 of the terminal block connector as the picture shows below Inserting the wires the Managed Switch will detect the fault status of the power failure or port link failure available for managed model The following illustration shows an application example for wiring the fault alarm contacts Insert the wires into the faulty alarm contacts 1...

Page 41: ...and 2 are DI groups 3 and 4 are DO groups and 5 and 6 are GND ground Figure 2 5 Wiring the Redundant Power Inputs 2 Tighten the wire clamp screws for preventing the wires from loosening 1 2 3 4 5 6 DI0 DI1 DO0 DO1 GND GND Figure 2 6 6 Pin Terminal Block DI DO Wiring Input 3 There are two Digital Input groups for you to monitor two different devices The following topology shows how to wire DI0 and ...

Page 42: ... 2 7 Wires DI0 and DI1 to Open Detector 4 There are two Digital Output groups for you to sense MGSD 10080F port failure or power failure and issue a high or low signal to external device The following topology shows how to wire DO0 and DO1 ...

Page 43: ...User s Manual of MGSD 10080F 43 Figure 2 8 Wires DO0 and DO1 to Open Detector ...

Page 44: ...ktop or the shelf near an AC DC power source as shown in Figure 2 4 Figure 2 4 Place the Managed Switch on the Desktop Step3 Keep enough ventilation space between the Managed Switch and the surrounding objects Step4 Connect the Managed Switch to network devices Connect one end of a standard network cable to the 10 100 1000 RJ 45 ports on the front of the Managed Switch Connect the other end of the...

Page 45: ... Switch Figure 2 5 Attach Brackets to the Managed Switch You must use the screws supplied with the mounting brackets Damage caused to the parts by using incorrect screws would invalidate the warranty Step3 Secure the brackets tightly Step4 Follow the same steps to attach the second bracket to the opposite side Step5 After the brackets are attached to the Managed Switch use suitable screws to secur...

Page 46: ... of unshielded twisted pair cable UTP The IEEE 802 3 802 3u 802 3ab Fast Gigabit Ethernet standard requires Category 5 UTP for 100Mbps 100Base TX 10Base T networks can use Cat 3 4 5 or 1000Base T use 5 5e 6 UTP see table below Maximum distance is 100meters 328 feet The 100Base FX 1000Base SX LX SFP slot is used as LC connector with optional SFP module Please see table below and know more about the...

Page 47: ...ET SFP transceivers is correct at the time of publication Gigabit SFP Transceiver Modules MGB GT SFP Port 1000Base T Module MGB SX SFP Port 1000Base SX mini GBIC module MGB LX SFP Port 1000Base LX mini GBIC module MGB L30 SFP Port 1000Base LX mini GBIC module 30km MGB L50 SFP Port 1000Base LX mini GBIC module 50km MGB L70 SFP Port 1000Base LX mini GBIC module 70km MGB L120 SFP Port 1000Base LX min...

Page 48: ...nsceiver that is not supported the Managed Switch will not recognize it 2 Please choose the SFP transceiver which can be operated under 40 75 degrees C temperature if the switch device is working in an 0 50 degrees C temperature environment 1000Base SX LX Before connecting the other switches workstation or media converter 1 Make sure both sides of the SFP transceiver are with the same media type f...

Page 49: ...with SFP installed fiber NIC on a workstation or a media converter 3 Check the LNK ACT LED of the SFP slot of the switch converter Ensure that the SFP transceiver is operating correctly 4 Check the Link mode of the SFP port if the link fails Co works with some fiber NICs or media converters Set the Link mode to 100 Force when needed 2 3 2 Remove the Module 1 Make sure there is no network activity ...

Page 50: ...llowing topics Requirements Management Access Overview Remote Telnet Access Web Management Access SNMP Access Standards Protocols and Related Reading 3 1 Requirements Workstations of subscribers running Windows XP 2003 Vista Windows 7 MAC OS X Linux Fedora Ubuntu or other platform compatible with TCP IP protocols Workstation installed with Ethernet NIC Network Interface Card Ethernet Port connect ...

Page 51: ... Telnet functionality built into Windows XP 2003 Vista Windows 7 operating systems Can be accesses from any location Security can be compromised hackers need only know the IP address Web Browser Ideal for configuring the switch remotely Compatible with all popular browsers Can be accessed from any location Most visually appealing Security can be compromised hackers need only know the IP address an...

Page 52: ...system administration such as displaying statistics or changing option settings Using this method you can access the Managed Switch remote telnet interface from personal computer or workstation in the same Ethernet environment as long as you know the current IP address of the Managed Switch Figure 3 1 Remote Telnet and Console Port Interface Management In Windows system you may click Start then ch...

Page 53: ...s Manual of MGSD 10080F 53 Figure 3 2 Remote Telnet Interface Main Screen of Managed Switch For more information about using the Remote Telnet interface refer to Chapter 5 Remote Telnet Interface Management ...

Page 54: ...et up your IP address for the Managed Switch you can access the Managed Switch s Web interface applications directly in your Web browser by entering the IP address of the Managed Switch Figure 3 3 Web Management You can then use your Web browser to list and manage the Managed Switch configuration parameters from one central location the Web Management requires Microsoft Internet Explorer 7 0 or la...

Page 55: ...nagement Station only knows the set community string it can read and write to the MIBs However if it only knows the get community string it can only read MIBs The default getting and setting community strings for the Managed Switch is public Figure 3 5 SNMP Management 3 6 PLANET Smart Discovery Utility For easily listing the Managed Switch in your Ethernet environment the Planet Smart Discovery Ut...

Page 56: ...tion for the devices 2 After setup is completed press Update Device Update Multi or Update All button to take effect The meaning of the 3 buttons above are shown as below Update Device use current setting on one single device Update Multi use current setting on choose multi devices Update All use current setting on whole devices in the list The same functions mentioned above also can be finding in...

Page 57: ...Java Applets to open sockets The user has to explicitly modify the browser setting to enable Java Applets to use network ports The Managed Switch can be configured through an Ethernet connection making sure the manager PC must be set on the same IP subnet address with the Managed Switch For example the default IP address of the Managed Switch is 192 168 0 100 then the manager PC should be set at 1...

Page 58: ...ows http 192 168 0 100 2 When the following login screen appears please enter the default username admin with password admin or the username password you have changed via console to login the main screen of Managed Switch The login screen in Figure 4 1 2 appears Figure 4 1 2 Login Screen Default User name admin Default Password admin After entering the username and password the main screen appears...

Page 59: ...cess all the commands and statistics the Managed Switch provides 1 It is recommended to use Internet Explore 7 0 or above to access Managed Switch 2 The changed IP address take effect immediately after clicking on the Save button you need to use the new IP address to access the Web interface 3 For security reason please change and memorize the new password after this first setup 4 Only accept comm...

Page 60: ... browser interface to configure and manage it Figure 4 1 4 Main Page Panel Display The web agent displays an image of the Managed Switch s ports The Mode can be set to display different information for the ports including Link up or Link down Clicking on the image of a port opens the Port Statistics page The port states are illustrated as follows State Disabled Link Down Link Up RJ 45 Ports SFP Po...

Page 61: ...rs manage and control the Managed Switch and all its ports or monitor network conditions Via the Web Management the administrator can setup the Managed Switch by selecting the functions those listed in the Main Function The screen in Figure 4 1 5 appears Figure 4 1 5 Managed Switch Main Functions Menu ...

Page 62: ...in Figure 4 2 1 appears Figure 4 2 1 System Information Page Screenshot The page includes the following fields Object Description Contact The system contact configured in Configuration System Information System Contact Name The system name configured in Configuration System Information System Name Location The system location configured in Configuration System Information System Location MAC Addre...

Page 63: ...fresh occurs every 3 seconds Click to refresh the page 4 2 2 IP Configuration The IP Configuration includes the IP Address Subnet Mask and Gateway The Configured column is used to view or change the IP configuration Fill up the IP Address Subnet Mask and Gateway for the device The screen in Figure 4 2 2 appears Figure 4 2 2 IP Configuration Page Screenshot The Current column is used to show the ac...

Page 64: ...ed range is 1 through 4095 DNS Server Provide the IP address of the DNS Server in dotted decimal notation DNS Proxy When DNS proxy is enabled DUT will relay DNS requests to the current configured DNS server on DUT and reply as a DNS resolver to the client device on the network Buttons Click to save changes Click to undo any changes made locally and revert to previously saved values Click to renew ...

Page 65: ...vide the IPv6 Prefix of this switch The allowed range is 1 to 128 Router Provide the IPv6 gateway address of this switch IPv6 address is in 128 bit records represented as eight fields of up to four hexadecimal digits with a colon separating each field For example fe80 215 c5ff fe03 4dc7 The symbol is a special syntax that can be used as a shorthand way of representing multiple 16 bit groups of con...

Page 66: ...privilege should be same or greater than the group privilege level to have the access of that group By default setting almost group privilege level 5 has the read only access and privilege level 10 has the read write access And the system maintenance software upload factory defaults and etc need user privilege level 15 Generally the privilege level 15 can be used for an administrator account privi...

Page 67: ...rivilege level 5 has the read only access and privilege level 10 has the read write access And the system maintenance software upload factory defaults and etc need user privilege level 15 Generally the privilege level 15 can be used for an administrator account privilege level 10 for a standard user account and privilege level 5 for a guest account Buttons Click to save changes Click to undo any c...

Page 68: ... provides an overview of the privilege levels After setup completed please press Save button to take effect Please login web interface with new user name and password and the screen in Figure 4 2 7 appears Figure 4 2 7 Privilege Levels Configuration Page Screenshot ...

Page 69: ...nfiguration Save Configuration Load and Firmware Load Web Users Privilege Levels and everything in Maintenance Debug Only present in CLI Privilege Level Every group has an authorization Privilege level for the following sub groups Configuration read only Configuration execute read write Status statistics read only Status statistics read write e g for clearing of statistics User Privilege should be...

Page 70: ...ow select the time zone according to current location of switch Server Provide the NTP IPv4 or IPv6 address of this switch IPv6 address is in 128 bit records represented as eight fields of up to four hexadecimal digits with a colon separating each field For example fe80 215 c5ff fe03 4dc7 The symbol is a special syntax that can be used as a shorthand way of representing multiple 16 bit groups of c...

Page 71: ...ect the time zone according to current location of switch Acronm User can set the acronym of the time zone This is a User configurable acronym to identify the time zone Range Up to 16 alpha numeric characters and can contain _ or Daylight Saving Time is is used to set the clock forward or backward according to the configurations set below for a defined Daylight Saving Time duration Select Disable ...

Page 72: ...the ending minute Offest Enter the number of minutes to add during Daylight Saving Time Range 1 to 1440 Daylight Saving Rime Non Recurring Mode Object Description Month Start Time Setting Select the starting month Date Start Time Setting Select the starting date Year Start Time Setting Select the starting year Hours Start Time Setting Select the starting hour Minutes Start Time Setting Select the ...

Page 73: ...s to CPU The ACEs are automatically removed when the mode is disabled TTL The TTL value is used by UPnP to send SSDP advertisement messages Valid values are in the range of 1 to 255 Advertising Duration The duration carried in SSDP packets is used to inform a control point or control points how often it or they should receive a SSDP advertisement message from this switch If a control point does no...

Page 74: ...se this information to implement IP address or other assignment policies Specifically the option works by setting two sub options Circuit ID option 1 Remote ID option2 The Circuit ID sub option is supposed to include information specific to which circuit the request came in on The Remote ID sub option was designed to carry information relating to the remote host end of the circuit The definition o...

Page 75: ...r when they are not on the same subnet domain Relay Information Mode Indicates the DHCP relay information mode option operation Possible modes are Enabled Enable DHCP relay information mode operation When enable DHCP relay information mode operation the agent insert specific information option82 into a DHCP message when forwarding to DHCP server and remove it from a DHCP message when transferring ...

Page 76: ...t to Server The number of packets that are relayed from client to server Transmit Error The number of packets that resulted in errors while being sent to clients Receive form Server The number of packets received from server Receive Missing Agent Option The number of packets received without agent information options Receive Missing Circuit ID The number of packets received with the Circuit ID opt...

Page 77: ... number of packets that were dropped which were received with relay agent information Buttons Auto refresh Check this box to refresh the page automatically Automatic refresh occurs every 3 seconds Click to refresh the page immediately Clear all statistics 4 2 11 CPU Load This page displays the CPU load using a SVG graph The load is measured as average over the last 100ms 1sec and 10 seconds interv...

Page 78: ...U Load Page Screenshot Buttons Auto refresh Check this box to refresh the page automatically Automatic refresh occurs every 3 seconds If your browser cannot display anything on this page please download Adobe SVG tool and install it in your computer ...

Page 79: ...ing level of the system log Error Error level of the system log All All levels Time The time of the system log entry Message The message of the system log entry Buttons Auto refresh Check this box to refresh the page automatically Automatic refresh occurs every 3 seconds Click to updates the system log entries starting from the current entry ID Flushes the selected log entries Hide system log acco...

Page 80: ... here The Detailed Log screen in Figure 4 2 16 appears Figure 4 2 16 Detailed Log Page Screenshot The page includes the following fields Object Description ID The ID 1 of the system log entry Message The message of the system log entry Buttons Click this button could download system log with CSV format file Updates the system log entry to the current entry ID Updates the system log entry to the fi...

Page 81: ...rver will not send acknowledgments back sender since UDP is a connectionless protocol and it does not provide acknowledgments The syslog packet will always send out even if the syslog server does not exist Possible modes are Enabled Enable server mode operation Disabled Disable server mode operation Server Address Indicates the IPv4 host address of syslog server If the switch provide DNS feature i...

Page 82: ...er IP address at IP configuration page SMTP Port It is for you to input the SMTP server port number As default is 25 SMTP Authentication Enabled As usual SMTP server is denied to relay a mail from a different domain so you have to enable this option and input your mail account and password for SMTP sever authorizing to forward a mail from different domain For example you want a SMTP server which l...

Page 83: ...aved values 4 2 16 Digital Input Output Digital Input allows user can log external device such as industrial cooler dead or alive or something else system will logs a user cistomize message into system log syslog issue SNMP trap or issue an alarm E mail Digital Output allows user to monitor the switch port and power and let system issue a high or low signal to an external device such as alarm when...

Page 84: ...ignal to an external device such as an alarm Event Description Allows user setting a customize message for Digital Input function alarming Event As Digital Input Allows user to record alarm message to System log syslog or issues out via SNMP Trap or SMTP As default SNMP Trap and SMTP are disabled please enable them first if you want to issue alarm message via them As Digital Output Allows user to ...

Page 85: ...rm Contact for the failure detection The Configuration screen in Figure 4 2 20 appears Figure 4 2 20 Windows File Selection Menu Popup The page includes the following fields Object Description Enable Allows user to enable Fault Alarm function Record Allows user to record alarm message to System log syslog or issues out via SNMP Trap or SMTP As default SNMP Trap and SMTP are disabled please enable ...

Page 86: ... Description Time The time at which the LEDs intensity will be set Intensity The LEDs intensity 100 Full power 0 LED off Maintenance Time When a network administrator does maintenance of the switch e g adding or moving users he might want to have full LED intensity during the maintenance period Therefore it is possible to specify that the LEDs will use full intensity for a specific period of time ...

Page 87: ...an exchange wakeup time information using the LLDP protocol For maximizing power savings the circuit isn t started as soon as data is ready for a port but is instead queued until 3000 bytes of data is ready to be transmitted In case of delay data less than 3000 bytes will be transmitted Data is always transmitted after 48 us giving a maximum latency of 48 us the wakeup time If desired it is possib...

Page 88: ...eviously saved values 4 2 20 Web Firmware Upgrade This page facilitates an update of the firmware controlling the Managed Switch The Web Firmware Upgrade screen in Figure 4 2 23 appears Figure 4 2 23 Web Firmware Upgrade Page Screenshot To open Firmware Upgrade screen perform the folling 1 Click System Web Firmware Upgrade 2 The Firmware Upgrade screen is displayed as in Figure 4 2 23 3 Click the ...

Page 89: ...2 21 TFTP Firmware Upgrade The Firmware Upgrade page provides the functions to allow a user to update the Managed Switch firmware from the TFTP server in the network Before updating make sure you have your TFTP server ready and the firmware image is on the TFTP server The TFTP Firmware Upgrade screen in Figure 4 2 25 appears Figure 4 2 25 TFTP Firmware Update Page Screenshot The page includes the ...

Page 90: ...le is in XML format with a hierarchy of tags Header tags xml version 1 0 and configuration These tags are mandatory and must be present at the beginning of the file Section tags platform global and switch The platform section must be the first section tag and this section must include the correct platform ID and version The global section is optional and includes configuration which is not related...

Page 91: ...time and the learning mode per port When loading this file only the included parameters will be changed This means that the age time will be set to 200 and the learn mode will be set to automatic Save Configuration 1 Press the Save Configuration button to save the current configuration in manager workstation The following screens in Figure 4 2 27 4 2 28 appear Figure 4 2 27 File Download Screen 2 ...

Page 92: ...n Figure 4 2 29 appears Figure 4 2 29 Configuration Upload Page Screenshot Configuration Upload 1 Click the button of the main page the system would pop up the file selection menu to choose saved configuration Figure 4 2 30 Windows File Selection Menu Popup 2 Select on the configuration file and then click The bottom of the browser shows the upload status 3 After down the main screen appears Trans...

Page 93: ...witch User can select any one of the image as Active image of Managed Switch The Image Select screen in Figure 4 2 31 appears Figure 4 2 31 Image Select Page Screenshot Button Click to choose Alternate Image as Activate Image Figure 4 2 32 Image Select Page Screenshot Figure 4 2 33 Image Select Page Screenshot ...

Page 94: ...itch on this page Only the IP configuration is retained The new configuration is available immediately which means that no restart is necessary The Factory Default screen in Figure 4 2 35 appears Figure 4 2 35 Factory Default Page Screenshot Buttons Click to reset the configuration to Factory Defaults Figure 4 2 36 Factory Default Page Screenshot Click to return to the web main page without resett...

Page 95: ... will be loaded to default settings to include IP address You can login the management WEB interface within the same subnet of 192 168 0 xx 4 2 26 System Reboot The Reboot page enables the device to be rebooted from a remote location Once the Reboot button is pressed user will re access the WEB interface about 60 seconds later the System Reboot screen in Figure 4 2 37 appears Figure 4 2 37 System ...

Page 96: ...a virtual information store Collections of related managed objects are defined in specific MIB modules network management protocol A management protocol is used to convey management information between agents and NMSs SNMP is the Internet community s de facto standard management protocol SNMP Operations SNMP itself is a simple request response protocol NMSs can send multiple requests without recei...

Page 97: ... SNMP System Configuration screen in Figure 4 3 1 appears Figure 4 3 1 SNMP System Configuration Page Screenshot The SNMP System Configuration page includes the following fields Object Description Mode Indicates the SNMP mode operation Possible modes are Enabled Enable SNMP mode operation Disabled Disable SNMP mode operation Version Indicates the SNMP supported version Possible versions are SNMP v...

Page 98: ...y string a particular range of source addresses can be used to restrict source subnet Engine ID Indicates the SNMPv3 engine ID The string must contain an even number in hexadecimal format with number of digits between 10 and 64 but all zeros and all F s are not allowed Change of the Engine ID will clear all original local users The SNMP Trap Configuration page includes the following fields Object ...

Page 99: ...s Possible modes are Enabled Enable SNMP trap authentication failure Disabled Disable SNMP trap authentication failure Trap Link up and Link down Indicates the SNMP trap link up and link down mode operation Possible modes are Enabled Enable SNMP trap link up and link down mode operation Disabled Disable SNMP trap link up and link down mode operation Trap Inform Mode Indicates the SNMP trap inform ...

Page 100: ...ers from 32 to 126 System Name An administratively assigned name for this managed node By convention this is the node s fully qualified domain name A domain name is a text string drawn from the alphabet A Za z digits 0 9 minus sign No space characters are permitted as part of a name The first character must be an alpha character And the first or last character must not be a minus sign The allowed ...

Page 101: ... Indicates the community access string to permit access to SNMPv3 agent The allowed string length is 1 to 32 and the allowed content is ASCII characters from 33 to 126 The community string will be treated as security name and map a SNMPv1 or SNMPv2c community string Source IP Indicates the SNMP access source address A particular range of source addresses can be used to restrict source subnet when ...

Page 102: ...smUserEngineID is always that agent s own snmpEngineID value The value can also take the value of the snmpEngineID of a remote SNMP engine with which this user can communicate In other words if user engine ID equal system engine ID then it is local user otherwise it s remote user User Name A string identifying the user name that this entry should belong to The allowed string length is 1 to 32 and ...

Page 103: ...rivacy Protocol Indicates the privacy protocol that this entry should belong to Possible privacy protocol are None None privacy protocol DES An optional flag to indicate that this user using DES authentication protocol Privacy Password A string identifying the privacy pass phrase The allowed string length is 8 to 32 and the allowed content is the ASCII characters from 33 to 126 Buttons Click to ad...

Page 104: ... the ASCII characters from 33 to 126 Group Name A string identifying the group name that this entry should belong to The allowed string length is 1 to 32 and the allowed content is the ASCII characters from 33 to 126 Buttons Click to add a new group entry Click to save changes Click to undo any changes made locally and revert to previously saved values 4 3 4 4 SNMPv3 Views Configure SNMPv3 views t...

Page 105: ...ew type is included and it s OID subtree overstep the excluded view entry OID Subtree The OID defining the root of the subtree to add to the named view The allowed OID length is 1 to 128 The allowed string content is digital number or asterisk Buttons Click to add a new view entry Click to save changes Click to undo any changes made locally and revert to previously saved values 4 3 4 5 SNMPv3 Acce...

Page 106: ... security models are NoAuth NoPriv None authentication and none privacy Auth NoPriv Authentication and none privacy Auth Priv Authentication and privacy Read View Name The name of the MIB view defining the MIB objects for which this request may request the current values The allowed string length is 1 to 32 and the allowed content is the ASCII characters from 33 to 126 Write View Name The name of ...

Page 107: ...roring 4 4 1 Port Configuration This page displays current port configurations Ports can also be configured here The Port Configuration screen in Figure 4 4 1 appears Figure 4 4 1 Port Configuration Page Screenshot The page includes the following fields Object Description Port This is the logical port number for this row means selection all ports of Managed Switch Port Description This function pr...

Page 108: ... the port are transmitted The Rx and Tx settings are determined by the result of the last Auto Negotiation Check the configured column to use flow control This setting is related to the setting for Configured Link Speed Maximum Frame Size Enter the maximum frame size allowed for the switch port including FCS The allowed range is 1518 bytes to 9600 bytes for TP port and 9000 bytes for Fiber port Ex...

Page 109: ...layed counters are Object Description Port The logical port for the settings contained in the same row Packets The number of received and transmitted packets per port Bytes The number of received and transmitted bytes per port Errors The number of frames received in error and the number of incomplete transmissions per port Drops The number of frames discarded due to ingress or egress congestion Fi...

Page 110: ...etailed Port Statistics Port 1 Page Screenshot The page includes the following fields Receive Total and Transmit Total Object Description Rx and Tx Packets The number of received and transmitted good and bad packets Rx and Tx Octets The number of received and transmitted good and bad bytes including FCS but excluding framing bits Rx and Tx Unicast The number of received and transmitted good and ba...

Page 111: ...number of short 1 fram received with invalid CRC Rx Jabber The number of long 2 frame received with invalid CRC Rx Filtered The number of received frames filtered by the forwarding process Short frames are frames that are smaller than 64 bytes Long frames are frames that are longer than the configured maximum frame length for this port 1 Short frame is the frames that are smaller than 64 bytes 2 L...

Page 112: ...e SX 1000Base LX 100Base FX Speed Display the speed of current SFP module The speed value or description is gotten from the SFP module Different vendors of SFP modules might show different speed information Wave Length nm Display the wavelength of current SFP module The wavelength value is gotten from the SFP module Use this column to check if the wavelength values of two nodes are matched while t...

Page 113: ...witch to another port where the packet can be studied It enables the manager to keep close track of switch performance and alter it if necessary To debug network problems selected traffic can be copied or mirrored to a mirror port where a frame analyzer can be attached to analyze the frame flow The Managed Switch can unobtrusively mirror traffic from any port to a monitor port You can then attach ...

Page 114: ...ained in the same row means selection of all ports of Managed Switch Mode Select mirror mode Rx only Frames received at this port are mirrored to the mirroring port Frames transmitted are not mirrored Tx only Frames transmitted from this port are mirrored to the mirroring port Frames received are not mirrored Disabled Neither frames transmitted nor frames received are mirrored Both Frames received...

Page 115: ...iber types provided they operate at the same speed Aggregated Links can be assigned manually Port Trunk or automatically by enabling Link Aggregation Control Protocol LACP on the relevant links Aggregated Links are treated by the system as a single logical port Specifically the Aggregated Link has similar port attributes to a non aggregated port including auto negotiation speed Duplex setting etc ...

Page 116: ...wever before making any physical connections between devices use the Link aggregation Configuration menu to specify the link aggregation on the devices at both ends When using a port link aggregation note that The ports used in a link aggregation must all be of the same media type RJ 45 100 Mbps fiber The ports that can be assigned to the same link aggregation have certain other restrictions see b...

Page 117: ...ggregation code ensures that frames belonging to the same frame flow for example a TCP connection are always forwarded on the same link aggregation member port Recording of frames within a flow is therefore not possible The aggregation code is based on the following information Source MAC Destination MAC Source and destination IPv4 address Source and destination TCP UDP ports for IPv4 packets Norm...

Page 118: ...n port for the frame Check to enable the use of the Source MAC address or uncheck to disable By default Source MAC Address is enabled Destination MAC Address The Destination MAC Address can be used to calculate the destination port for the frame Check to enable the use of the Destination MAC Address or uncheck to disable By default Destination MAC Address is disabled IP Address The IP address can ...

Page 119: ...e row Group ID Normal indicates there is no aggregation Only one group ID is valid per port Port Members Each switch port is listed for each group ID Select a radio button to include a port in an aggregation or clear the radio button to remove the port from the aggregation By default no ports belong to any aggregation group Only full duplex ports can join an aggregation and ports must be in the sa...

Page 120: ...appears Figure 4 5 4 LACP Port Configuration Page Screenshot The page includes the following fields Object Description Port The switch port number means selection of all ports of Managed Switch LACP Enabled Controls whether LACP is enabled on this switch port LACP will form an aggregation when 2 or more ports are connected to the same partner LACP can form max 12 LLAGs per switch and 2 GLAGs per s...

Page 121: ...ckup role Lower number means greater priority Buttons Click to save changes Click to undo any changes made locally and revert to previously saved values 4 5 3 LACP System Status This page provides a status overview for all LACP instances The LACP Status page display the current LACP aggregation Groups and LACP Port status The LACP System Status screen in Figure 4 5 5 appears Figure 4 5 5 LACP Syst...

Page 122: ...The page includes the following fields Object Description Port The switch port number LACP Yes means that LACP is enabled and the port link is up No means that LACP is not enabled or that the port link is down Backup means that the port could not join the aggregation group but will join if other port leaves Meanwhile its LACP status is disabled Key The key assigned to this port Only ports with the...

Page 123: ...Figure 4 5 7 appears Figure 4 5 7 LACP Statistics Page Screenshot The page includes the following fields Object Description Port The switch port number LACP Received Shows how many LACP frames have been sent from each port LACP Transmitted Shows how many LACP frames have been received at each port Discarded Shows how many unknown or illegal LACP frames have been discarded at each port Buttons Auto...

Page 124: ... end nodes and assign these nodes VLAN membership packets cannot cross VLAN without a network device performing a routing function between the VLANs 2 The Managed Switch supports IEEE 802 1Q VLAN The port untagging function can be used to remove the 802 1 tag from packet headers to maintain compatibility with devices that are tag unaware 3 The Switch s default is to assign all ports to a single 80...

Page 125: ...each a different VLAN This Managed Switch supports the following VLAN features Up to 255 VLANs based on the IEEE 802 1Q standard Port overlapping allowing a port to participate in multiple VLANs End stations can belong to multiple VLANs Passing traffic between VLAN aware and VLAN unaware devices Priority tagging IEEE 802 1Q Standard IEEE 802 1Q tagged VLAN are implemented on the Switch 802 1Q VLAN...

Page 126: ...sed by the 802 1Q standard Because the VID is 12 bits long 4094 unique VLAN can be identified The tag is inserted into the packet header making the entire packet longer by 4 octets All of the information originally contained in the packet is retained 802 1Q Tag User Priority CFI VLAN ID VID 3 bits 1 bits 12 bits TPID Tag Protocol Identifier TCI Tag Control Information 2 bytes 2 bytes Preamble Dest...

Page 127: ...m Because some devices on a network may be tag unaware a decision must be made at each port on a tag aware device before packets are transmitted should the packet to be transmitted have a tag or not If the transmitting port is connected to a tag unaware device the packet should be untagged If the transmitting port is connected to a tag aware device the packet should be tagged Default VLANs The Swi...

Page 128: ...e typically used to reduce broadcast traffic and to increase security A group of network users assigned to a VLAN form a broadcast domain that is separate from other VLANs configured on the switch Packets are forwarded only between ports that are designated for the same VLAN Untagged VLANs can be used to manually isolate user groups or subnets 4 6 3 VLAN Basic Information The VLAN Basic Informatio...

Page 129: ...hose ports If a packet has previously been tagged the port will not alter the packet thus keeping the VLAN information intact The VLAN information in the tag can then be used by other 802 1Q compliant devices on the network to make packet forwarding decisions Untagged Ports with untagging enabled will strip the 802 1Q tag from all packets that flow into those ports If the packet doesn t have an 80...

Page 130: ...Switch supports multiple VLAN tags and can therefore be used in MAN applications as a provider bridge aggregating traffic from numerous independent customer LANs into the MAN Metro Access Network space One of the purposes of the provider bridge is to recognize and use VLAN tags so that the VLANs in the MAN space can be used independent of the customers VLANs This is accomplished by adding a VLAN t...

Page 131: ... that the port belong to VLAN group or the untagged traffic will be dropped Untag VID Allows user to set the port to remove default VID This option could be edited when Link Type selected to Tagged Ingress Filtering Enable ingress filtering for a port by checking the box This parameter affects VLAN ingress processing If ingress filtering is enabled and the ingress port is not a member of the class...

Page 132: ...on in Disable mode Disable The port operates in its normal VLAN mode This is the default MAN Port Configures IEEE 802 1Q tunneling QinQ for an uplink port to another device within the service provider network Customer Port Configures IEEE 802 1Q tunneling QinQ for a client access port to segregate and preserve customer VLAN IDs for traffic crossing the service provider network Set Out layer VLAN t...

Page 133: ...ve VLAN ID Indicates the ID of this particular VLAN VLAN Name Indicates the name of the VLAN Maximum length of the VLAN Name String is 32 VLAN Name can only contain alphabets or numbers VLAN name should contain at least one alphabet VLAN name can be edited for the existing VLAN entries or it can be added to the new entries Port Members A row of check boxes for each port is displayed for each VLAN ...

Page 134: ...table starting from the first entry in the VLAN Table i e the entry with the lowest VLAN ID Updates the table starting with the entry after the last entry currently displayed 4 6 6 VLAN Membership Status This page provides an overview of membership status for VLAN users The VLAN Membership Status screen in Figure 4 6 4 appears Figure 4 6 4 VLAN Membership Status for Static User Page Screenshot The...

Page 135: ...cator and an Authentication Server MVR MVR is used to eliminate the need to duplicate multicast traffic for subscribers in each VLAN Multicast traffic for all channels is sent only on a single multicast VLAN Voice VLAN Voice VLAN is a VLAN configured specially for voice traffic typically originating from IP phones MSTP The 802 1s Multiple Spanning Tree protocol MSTP uses VLANs to create multiple s...

Page 136: ... a port This parameter affects VLAN ingress processing If ingress filtering is enabled and the ingress port is not a member of the classified VLAN of the frame the frame is discarded Frame Type Shows whether the port accepts all frames or only tagged frames This parameter affects VLAN ingress processing If the port only accepts tagged frames untagged frames received on that port are discarded UVID...

Page 137: ... VLAN unaware port can only be a member of one VLAN but it can be a member of multiple Private VLANs The Private VLAN screen in Figure 4 6 6 appears Figure 4 6 6 Private VLAN Membership Configuration Page Screenshot The page includes the following fields Object Description Delete To delete a private VLAN entry check this box The entry will be deleted during the next save Private VLAN ID Indicates ...

Page 138: ...ame VLAN but they are not allowed to communicate with each other within that VLAN Servers in a farm of web servers in a Demilitarized Zone DMZ are allowed to communicate with the outside world and with database servers on the inside segment but are not allowed to communicate with each other For private VLANs to be applied the switch must first be configured for standard VLAN operation When this is...

Page 139: ...te VLAN This page is used for enabling or disabling port isolation on ports in a Private VLAN A port member of a VLAN can be isolated to other isolated ports on the same VLAN and Private VLAN The Port Isolation screen in Figure 4 6 7 appears Figure 4 6 7 Port Isolation Configuration Page Screenshot The page includes the following fields Object Description Port Members A check box is provided for e...

Page 140: ... isolate network traffic so only members of the VLAN receive traffic from the same VLAN members The screen in Figure 4 6 8 appears and Table 4 1 describes the port configuration of the Managed Switch Figure 4 6 8 Two Separate VLAN Diagrams VLAN Group VID Untagged Members Tagged Members VLAN Group 1 1 Port 7 Port 10 N A VLAN Group 2 2 Port 1 Port 2 Port 3 VLAN Group 3 3 Port 4 Port 5 Port 6 Table 4...

Page 141: ...t entering VLAN 3 1 While PC 4 transmits an untagged packet enters Port 4 the switch will tag it with a VLAN Tag 3 PC 5 and PC 6 will receive the packet through Port 5 and Port 6 2 While the packet leaves Port 5 it will be stripped away it tag becoming an untagged packet 3 While the packet leaves Port 6 it will keep as a tagged packet with VLAN Tag 3 For this example VLAN Group 1 is set as default...

Page 142: ...ration Or the ports would become overlap setting About the overlapped VLAN configuration see next VLAN configure sample 4 Assign PVID for each port Port 1 Port 2 and Port 3 PVID 2 Port 4 Port 5 and Port 6 PVID 3 Port 7 Port 24 PVID 1 5 Enable VLAN Tag for specific ports Link Type Port 3 VLAN 2 and Port 6 VLAN 3 The Per Port VLAN configuration in Figure 4 6 10 appears Figure 4 6 10 Port 1 Port 6 VL...

Page 143: ... screen in Figure 4 6 11 appears Setup steps 1 Create VLAN Group Set VLAN Group 1 Default VLAN with VID VLAN ID 1 Add two VLANs VLAN 2 and VLAN 3 VLAN Group 2 with VID 2 VLAN Group 3 with VID 3 2 Assign VLAN Member VLAN 2 Port 1 Port 2 and Port 3 VLAN 3 Port 4 Port 5 and Port 6 VLAN 1 All other ports Port 7 Port 24 About the VLAN ports connect to the hosts please refer to 4 6 10 1 examples The fol...

Page 144: ...rlap port setting VLAN 1 The Public Area Member Assign 5 Specify Port 8 to be the 802 1Q VLAN Trunk port and the Trunking port must be a Tagged port while egress The Port 8 configuration as the following screen in Figure 4 6 13 Figure 4 6 13 The configuration of VLAN Trunk Port That is although the VLAN 2 members Port 1 to Port 3 and VLAN 3 members Port 4 to Port 6 also belongs to VLAN 1 But with ...

Page 145: ... 14 appears This section will show you how to configure the port for the server that could be accessed by each isolate port Figure 4 6 14 The Port Isolate VLAN Diagram Setup steps 1 Assign Port Mode Set Port 1 Port 4 in Isolate port Set Port5 and Port 6 are in Promiscuous port The screen in Figure 4 6 15 appears Figure 4 6 15 The Configuration of Isolate and Promiscuous Port 2 Assign VLAN Member V...

Page 146: ...tion Page Screenshot The page includes the following fields Object Description Delete To delete a MAC based VLAN entry check this box and press save The entry will be deleted in the stack MAC Address Indicates the MAC address VLAN ID Indicates the VLAN ID Port Members A row of check boxes for each port is displayed for each MAC based VLAN entry To include a port in a MAC based VLAN check the box T...

Page 147: ...ntry currently displayed 4 6 12 MAC based VLAN Status This page shows MAC based VLAN entries configured by various MAC based VLAN users The MAC based VLAN Status screen in Figure 4 6 18 appears Figure 4 6 18 MAC based VLAN Membership Configuration for User Static Page Screenshot The page includes the following fields Object Description MAC Address Indicates the MAC address VLAN ID Indicates the VL...

Page 148: ...entry Deletion and lookup of IP subnet based VLAN are based on VCE ID IP Address Indicates the IP address Mask Length Indicates the network mask length VLAN ID Indicates the VLAN ID VLAN ID can be changed for the existing entries Port Members A row of check boxes for each port is displayed for each IP subnet based VLAN entry To include a port in an IP subnet based VLAN check the box To remove or e...

Page 149: ...can have one of the following values 1 Ethernet 2 LLC 3 SNAP Note On changing the Frame type field valid value of the following text field will vary depending on the new frame type you select Value Valid value that can be entered in this text field depends on the option selected from the the preceding Frame Type selection menu Below is the criteria for three different Frame Types 1 For Ethernet Va...

Page 150: ...valid value of PID will be any value from 0x0000 to 0xffff Group Name A valid Group Name is a unique 16 character long string for every entry which consists of a combination of alphabets a z or A Z and integers 0 9 Note special character and underscore _ are not allowed Buttons Click to add a new entry in mapping table Click to save changes Click to undo any changes made locally and revert to prev...

Page 151: ...ny other existing mapping entry on this page VLAN ID Indicates the ID to which Group Name will be mapped A valid VLAN ID ranges from 1 4095 Port Members A row of check boxes for each port is displayed for each Group Name to VLAN ID mapping To include a port in a mapping check the box To remove or exclude the port from the mapping make sure the box is unchecked By default no ports are members and a...

Page 152: ... of a primary link failure is also accomplished automatically without operator intervention This automatic network reconfiguration provides maximum uptime to network users However the concepts of the Spanning Tree Algorithm and protocol are a complicated and complex subject and must be fully researched and understood It is possible to cause serious degradation of the performance of the network if ...

Page 153: ...ng higher speed links to a port that has a higher number than the current root port can cause a root port change STP Port States The BPDUs take some time to pass through a network This propagation delay can result in topology changes where a port that transitioned directly from a Blocking state to a Forwarding state could create temporary data loops Ports must wait for new network topology informa...

Page 154: ...forwarded from or received by STP enabled ports until the forwarding state is enabled for that port 2 STP Parameters STP Operation Levels The Switch allows for two levels of operation the switch level and the port level The switch level forms a spanning tree consisting of links between one or more switches The port level constructs a spanning tree consisting of groups of one or more ports The STP ...

Page 155: ... a received BPDU for a port and ensures that the BPDU is discarded when its age exceeds the value of the maximum age timer 20 seconds Forward Delay Timer The amount time spent by a port in the learning and listening states waiting for a BPDU that may return the port to the blocking state 15 seconds The following are the user configurable STP parameters for the port or port group level Variable Des...

Page 156: ...ding its own BPDU to all other Switches for permission to become the Root Bridge If it turns out that your Switch has the lowest Bridge Identifier it will become the Root Bridge Forward Delay Timer The Forward Delay can be from 4 to 30 seconds This is the time any port on the Switch spends in the listening state while moving from the blocking state to the forwarding state Observe the following for...

Page 157: ... and the broadcast will end there Setting up STP using values other than the defaults can be complex Therefore you are advised to keep the default factory settings and STP will automatically assign root bridges ports and block loop connections Influencing STP to choose a particular switch as the root bridge using the Priority setting or influencing STP to choose a particular port to block using th...

Page 158: ...tch B and switch C is the blocked link 4 7 2 STP System Configuration This page allows you to configure STP system settings The settings are used by all STP Bridge instances in the Switch or switch Stack The Managed Switch support the following Spanning Tree protocols Compatiable Spanning Tree Protocol STP Provides a single path between end stations avoiding and eliminating loops Normal Rapid Span...

Page 159: ...ce number concatenated with the 6 byte MAC address of the switch forms a Bridge Identifier For MSTP operation this is the priority of the CIST Otherwise this is the priority of the STP RSTP bridge Forward Delay The delay used by STP Bridges to transition Root and Designated Ports to Forwarding used in STP compatible mode Valid values are in the range 4 to 30 seconds Default 15 Minimum The higher o...

Page 160: ...moved from the active topology Port Error Recovery Control whether a port in the error disabled state automatically will be enabled after a certain time If recovery is not enabled ports have to be disabled and re enabled for normal STP operation The condition is also cleared by a system reboot Port Error Recovery Timeout The time that has to pass before a port in the error disabled state can be en...

Page 161: ...Root Bridge this is zero For all other Bridges it is the sum of the Port Path Costs on the least cost path to the Root Bridge Topology Flag The current state of the Topology Change Flag for this Bridge instance Topology Change Last The time since last Topology Change occurred Buttons Auto refresh Check this box to refresh the page automatically Automatic refresh occurs every 3 seconds Click to ref...

Page 162: ... appropriate by the physical link speed using the 802 1D recommended values Using the Specific setting a user defined value can be entered The path cost is used when establishing the active topology of the network Lower path cost ports are chosen as forwarding ports in favor of higher path cost ports Valid values are in the range 1 to 200000000 All means all ports will have one specific setting Pr...

Page 163: ...ly because those bridges are not under the full control of the administrator This feature is also known as Root Guard Restricted TCN If enabled causes the port not to propagate received topology change notifications and topology changes to other ports If set it can cause temporary loss of connectivity after changes in a spanning tree s active topology as a result of persistently incorrect learned ...

Page 164: ...00 Fast Ethernet 10 60 20 000 2 000 000 Gigabit Ethernet 3 10 2 000 200 000 Table 4 7 1 Recommended STP Path Cost Range Port Type Link Type IEEE 802 1D 1998 IEEE 802 1w 2001 Ethernet Half Duplex Full Duplex Trunk 100 95 90 2 000 000 1 999 999 1 000 000 Fast Ethernet Half Duplex Full Duplex Trunk 19 18 15 200 000 100 000 50 000 Gigabit Ethernet Full Duplex Trunk 4 3 10 000 5 000 Table 4 7 2 Recomme...

Page 165: ...iption MSTI The bridge instance The CIST is the default instance which is always active Priority The Configuration All with available values will assign to whole items Controls the bridge priority Lower numerical values have better priority The bridge priority plus the MSTI instance number concatenated with the 6 byte MAC address of the switch forms a Bridge Identifier means all MSTI items will ha...

Page 166: ...Configuration This page allows the user to inspect the current STP MSTI bridge instance priority configurations and possibly change them as well The MSTI Configuration screen in Figure 4 7 8 appears Figure 4 7 8 MSTI Configuration Page Screenshot ...

Page 167: ...e VLANs must be separated with comma and or space A VLAN can only be mapped to one MSTI A unused MSTI should just be left empty I e not having any VLANs mapped to it Buttons Click to save changes Click to undo any changes made locally and revert to previously saved values 4 7 7 MSTI Ports Configuration This page allows the user to inspect the current STP MSTI port configurations and possibly chang...

Page 168: ...rt Configuration Object Description Port The switch port number of the corresponding STP CIST and MSTI port Path Cost The Configuration All with available values will assign to whole items Controls the path cost incurred by the port The Auto setting will set the path cost as appropriate by the physical link speed using the 802 1D recommended values Using the Specific setting a user defined value c...

Page 169: ...all ports will have one specific setting Buttons Click to set MSTx configuration Click to save changes Click to undo any changes made locally and revert to previously saved values 4 7 8 Port Status This page displays the STP CIST port status for port physical ports in the currently selected switch The STP Port Status screen in Figure 4 7 11 appears Figure 4 7 11 STP Port Status Page Screenshot The...

Page 170: ...to refresh the page immediate 4 7 9 Port Statistics This page displays the STP port statistics counters for port physical ports in the currently selected switch The STP Port Statistics screen in Figure 4 7 12 appears Figure 4 7 12 STP Statistics Page Screenshot The page includes the following fields Object Description Port The switch port number of the logical RSTP port MSTP The number of MSTP Con...

Page 171: ...er of unknown Spanning Tree BPDU s received and discarded on the port Discarded Illegal The number of illegal Spanning Tree BPDU s received and discarded on the port Buttons Auto refresh Check this box to refresh the page automatically Automatic refresh occurs every 3 seconds Click to refresh the page immediate Click to clear the information immediately ...

Page 172: ...ters that they will become members of a multicast group The Internet Group Management Protocol IGMP is used to communicate this information IGMP is also used to periodically check the multicast group for members that are no longer active In the case where there is more than one multicast router on a sub network one router is elected as the queried This router then keeps track of the membership of ...

Page 173: ...User s Manual of MGSD 10080F 173 Figure 4 8 2 Multicast Flooding Figure 4 8 3 IGMP Snooping Multicast Stream Control ...

Page 174: ... packets enable multicast routers to keep track of the membership of multicast groups on their respective sub networks The following outlines what is communicated between a multicast router and a multicast group member using IGMP A host sends an IGMP report to join a group A host will never send a report when it wants to leave a group for version 1 A host will send a leave report when it wants to ...

Page 175: ...they want to receive multicast traffic If there is more than one router switch on the LAN performing IP multicasting one of these devices is elected querier and assumes the role of querying the LAN for group members It then propagates the service requests on to any upstream multicast switch router to ensure that it will continue to receive the multicast service Multicast routers use this informati...

Page 176: ...e the Global IGMP Snooping Unregistered IPMCv4 Flooding enabled Enable unregistered IPMCv4 traffic flooding IGMP SSM Range SSM Source Specific Multicast Range allows the SSM aware hosts and routers run the SSM service model for the groups in the address range Leave Proxy Enable Enable IGMP Leave Proxy This feature can be used to avoid forwarding unnecessary leave messages to the router side Proxy ...

Page 177: ...servers directly on the non querier Managed Switch and don t want the multicast stream be flood to uplink switch throught the port that connected to the IGMP querier Fast Leave Enable the fast leave on the port Throtting The Configuration All with available values will assign to whole items Enable to limit the number of multicast groups to which a switch port can belong All means all ports will ha...

Page 178: ...e value is 2 QI Query Interval The Query Interval is the interval between General Queries sent by the Querier The allowed range is 1 to 255 seconds default query interval is 125 seconds QRI Query Response Interval The Max Response Time used to calculate the Max Resp Code inserted into the periodic General Queries The allowed range is 0 to 31744 in tenths of seconds default query response interval ...

Page 179: ... groups that are permitted or denied on the port An IGMP filter profile can contain one or more or a range of multicast addresses but only one profile can be assigned to a port When enabled IGMP join reports received on the port are checked against the filter profile If a requested multicast group is permitted the IGMP join report is forwarded as normal If a requested multicast group is denied the...

Page 180: ...Snooping Status This page provides IGMP Snooping status The IGMP Snooping Status screen in Figure 4 8 8 appears Figure 4 8 8 IGMP Snooping Status Page Screenshot The page includes the following fields Object Description VLAN ID The VLAN ID of the entry Querier Version Working Querier Version currently Host Version Working Host Version currently Querier Status Show the Querier status is ACTIVE or I...

Page 181: ...ge The IGMP Group Table is sorted first by VLAN ID and then by group Each page shows up to 99 entries from the IGMP Group table default being 20 selected through the entries per page input field When first visited the web page will show the first 20 entries from the beginning of the IGMP Group Table The Start from VLAN and group input fields allow the user to select the starting point in the IGMP ...

Page 182: ...the entries per page input field When first visited the web page will show the first 20 entries from the beginning of the IGMP SFM Information Table The Start from VLAN and Group input fields allow the user to select the starting point in the IGMP SFM Information Table The IGMPv3 Information screen in Figure 4 8 10 appears Figure 4 8 10 IGMP SFM Information Page Screenshot The page includes the fo...

Page 183: ...ntry in the IGMP Group Table Updates the table starting with the entry after the last entry currently displayed 4 8 8 MLD Snooping Configuration This page provides MLD Snooping related configuration The MLD Snooping Configuration screen in Figure 4 8 11 appears Figure 4 8 11 MLD Snooping Configuration Page Screenshot The page includes the following fields Object Description Snooping Enabled Enable...

Page 184: ... as a router port the whole aggregation will act as a router port All means all ports will have one specific setting Fast Leave Enable the fast leave on the port Throtting The Configuration All with available values will assign to whole items Enable to limit the number of multicast groups to which a switch port can belong All means all ports will have one specific setting Buttons Click to save cha...

Page 185: ...ange is 0 to 31744 in tenths of seconds default query response interval is 100 in tenths of seconds 10 seconds LLQI Last Listener Query Interval The Last Listener Query Interval is the Maximum Response Delay used to calculate the Maximum Response Code inserted into Multicast Address Specific Queries sent in response to Version 1 Multicast Listener Done messages It is also the Maximum Response Dela...

Page 186: ... the MLD join report is forwarded as normal If a requested multicast group is denied the MLD join report is dropped MLD throttling sets a maximum number of multicast groups that a port can join at the same time When the maximum number of groups is reached on a port the switch can take one of two actions either deny or replace If the action is set to deny any new MLD join reports will be dropped If...

Page 187: ... Host Version Working Host Version currently Querier Status Show the Querier status is ACTIVE or IDLE Queriers Transmitted The number of Transmitted Querier Queriers Received The number of Received Querier V1 Reports Received The number of Received V1 Reports V2 Reports Received The number of Received V2 Reports V1 Leave Received The number of Received V1 Leaves Buttons Auto refresh Check this box...

Page 188: ... allow the user to select the starting point in the MLD Group Table The MLD Groups Informatino screen in Figure 4 8 15 appears Figure 4 8 15 MLD Snooping Groups Information Page Screenshot The page includes the following fields Object Description VLAN ID VLAN ID of the group Groups Group address of the group displayed Port Members Ports under this group Buttons Auto refresh Check this box to refre...

Page 189: ...starting point in the MLD SSM Information Table The MLDv2 Information screen in Figure 4 8 16 appears Figure 4 8 16 MLD SSM Information Page Screenshot The page includes the following fields Object Description VLAN ID VLAN ID of the group Group Group address of the group displayed Port Switch port number Mode Indicates the filtering mode maintained per VLAN ID port number Group Address basis It ca...

Page 190: ...e subscriber port which is a switch port configured as an MVR receiver port When a subscriber selects a channel the set top box or PC sends an IGMP MLD report message to Switch A to join the appropriate multicast group address Uplink ports that send and receive multicast data to and from the multicast VLAN are called MVR source ports It is allowed to create at maximun 8 MVR VLANs with correspondin...

Page 191: ...e ports In Compatible mode MVR membership reports are forbidden on source ports The default is Dynamic mode Tagging Specify whether the traversed IGMP MLD control frames will be sent as Untagged or Tagged with MVR VID The default is Tagged Priority Specify how the traversed IGMP MLD control frames will be sent in prioritized manner The default Priority is 0 LLQI Define the maximun time to wait for...

Page 192: ...ive Immediate Leave Enable the fast leave on the port Buttons Click to add new MVR VLAN Specify the VID and configure the new entry Click Save Click to save changes Click to undo any changes made locally and revert to previously saved values 4 8 15 MVR Status This page provides MVR status The MVR Status screen in Figure 4 8 18 appears Figure 4 8 18 MVR Status Page Screenshot The page includes the ...

Page 193: ...roups Information Entries in the MVR Group Table are shown on this page The MVR Group Table is sorted first by VLAN ID and then by group Each page shows up to 99 entries from the MVR Group table default being 20 selected through the entries per page input field When first visited the web page will show the first 20 entries from the beginning of the MVR Group Table The Start from VLAN and group inp...

Page 194: ...ble is sorted first by VLAN ID then by group and then by Port Different source addresses belong to the same group are treated as single entry The MVR Groups Information screen in Figure 4 8 20 appears Figure 4 8 20 MVR Groups Information Page Screenshot The page includes the following fields Object Description VLAN ID VLAN ID of the group Group Group ID of the group displayed Port Switch port numb...

Page 195: ...dress could be handled by chip or not Buttons Auto refresh Check this box to refresh the page automatically Automatic refresh occurs every 3 seconds Click to refresh the page immediate Updates the table starting from the first entry in the MVR SFM Information Table Updates the table starting with the entry after the last entry currently displayed ...

Page 196: ...ssifier classifies the traffic on the network Traffic classifications are determined by protocol application source destination and so on You can create and modify classifications The Switch then groups classified traffic in order to schedule them with the appropriate service level DiffServ Code Point DSCP is the traffic prioritization bits within an IP header that are encoded by certain applicati...

Page 197: ...ch Rate Controls the rate for the policer The default value is 500 This value is restricted to 100 1000000 when the Unit is kbps or fps and it is restricted to 1 3300 when the Unit is Mbps or kfps Unit The Configuration All with available options will assign to whole ports Controls the unit of measure for the policer rate as kbps Mbps fps or kfps The default value is kbps All means all ports will ...

Page 198: ...n Port The logical port for the settings contained in the same row Click on the port number in order to configure the shapers For more detail please refer to chapter 4 9 3 1 Q0 Q7 Shows disabled or actual queue shaper rate e g 800 Mbps Port Shows disabled or actual port shaper rate e g 800 Mbps 4 9 3 1 QoS Egress Port Schedule and Shapers The Port Scheduler and Shapers for a specific port are conf...

Page 199: ...00000 when the Unit is kbps and it is restricted to 1 3300 when the Unit is Mbps Queue Shaper Unit Controls the unit of measure for the queue shaper rate as kbps or Mbps The default value is kbps Queue Shaper Excess Controls whether the queue is allowed to use excess bandwidth Queue Scheduler Weight Controls the weight for this queue The default value is 17 This value is restricted to 1 100 This p...

Page 200: ...ndo any changes made locally and revert to previously saved values Click to undo any changes made locally and return to the previous page 4 9 4 Port Classification This page allows you to configure the basic QoS Ingress Classification settings for all switch ports The Port Classification screen in Figure 4 9 4 appears Figure 4 9 4 QoS Ingress Port Classification Page Screenshot The page includes t...

Page 201: ...pecific setting DEI The Configuration All with available values will assign to whole ports Controls the default DEI for untagged frames All means all ports will have one specific setting Tag Class Shows the classification mode for tagged frames on this port Disabled Use default QoS class and DP level for tagged frames Enabled Use mapped versions of PCP and DEI for tagged frames Click on the mode i...

Page 202: ...oS class and DP level for tagged frames Enabled Use mapped versions of PCP and DEI for tagged frames PCP DEI to QoS class DP level Mapping The Configuration All with available values will assign to whole items Controls the mapping of the classified PCP DEI to QoS class DP level values when Tag Classification is set to Enabled Buttons Click to save changes Click to undo any changes made locally and...

Page 203: ...ollowing fields Object Description Port The logical port for the settings contained in the same row Click on the port number in order to configure the schedulers For more detail please refer to chapter 4 9 5 1 Mode Shows the scheduling mode for this port Q0 Q5 Shows the weight for this queue and port 4 9 6 Port Tag Remarking This page provides an overview of QoS Egress Port Tag Remarking for all s...

Page 204: ...ing For more detail please refer to chapter 4 9 6 1 Mode Shows the tag remarking mode for this port Classified Use classified PCP DEI values Default Use default PCP DEI values Mapped Use mapped versions of QoS class and DP level 4 9 6 1 QoS Egress Port Tag Remarking The QoS Egress Port Tag Remarking for a specific port are configured on this page The QoS Egress Port Tag Remarking sscreen in Figure...

Page 205: ...alues used when the mode is set to Default QoS class DP level to PCP DEI Mapping Controls the mapping of the classified QoS class DP level to PCP DEI values when the mode is set to Mapped Buttons Click to save changes Click to undo any changes made locally and revert to previously saved values Click to undo any changes made locally and return to the previous page 4 9 7 Port DSCP This page allows y...

Page 206: ...coming or translated if enabled DSCP is 0 Selected Classify only selected DSCP for which classification is enabled as specified in DSCP Translation window for the specific DSCP All Classify all DSCP Egress The Configuration All with available options will assign to whole ports Port Egress Rewriting can be one of All means all ports will have one specific setting Disable No Egress rewrite Enable Re...

Page 207: ...9 10 appears Figure 4 9 10 DSCP Based QoS Ingress Classification Page Screenshot The page includes the following fields Object Description DSCP Maximum number of support ed DSCP values are 63 Trust Click to check if the DSCP value is trusted means to select all ports of Managed Switch QoS Class The Configuration All with available values will assign to whole DSCP values QoS Class value can be any ...

Page 208: ...to save changes Click to undo any changes made locally and revert to previously saved values 4 9 9 DSCP Translation This page allows you to configure the basic QoS DSCP Translation settings for all switches DSCP translation can be done in Ingress or Egress The DSCP Translation screen in Figure 4 9 11 appears Figure 4 9 11 DSCP Translation Page Screenshot ...

Page 209: ...ues Classify Click to enable Classification at Ingress side Egress There are the following configurable parameters for Egress side Remap DP0 Controls the remapping for frames with DP level 0 Remap DP1 Controls the remapping for frames with DP level 1 Remap DP0 The Configuration All with available values will assign to whole DSCP values Select the DSCP value from select menu to which you want to re...

Page 210: ...ect Description QoS Class Available QoS Class value ranges from 0 to 7 QoS Class 0 7 can be mapped to followed parameters DPL Drop Precedence Level 0 1 can be configured for all available QoS Classes DSCP The Configuration All with available values will assign to whole QoS Class Select DSCP value 0 63 from DSCP menu to map DSCP to corresponding QoS Class and DPL value Buttons Click to save changes...

Page 211: ...all frame type Ethernet Only Ethernet frames with Ether Type 0x600 0xFFFF are allowed LLC Only LLC frames are allowed SNAP Only SNAP frames are allowed IPv4 The QCE will match only IPV4 frames IPv6 The QCE will match only IPV6 frames SMAC Displays the OUI field of Source MAC address i e first three octet byte of MAC address DMAC Specify the type of Destination MAC addresses for incoming frame Poss...

Page 212: ... frame matches the QCE then DP level will set to value displayed under DPL column DSCP If a frame matches the QCE then DSCP will be classified with the value displayed under DSCP column Modification Buttons You can modify each QCE in the table using the following buttons Inserts a new QCE before the current row Edits the QCE Moves the QCE up the list Moves the QCE down the list Deletes the QCE The...

Page 213: ...g values 1 Any 2 Ethernet 3 LLC 4 SNAP 5 IPv4 6 IPv6 Note All frame types are explained below Any Allow all types of frames Ethernet Ethernet Type Valid ethernet type can have value within 0x600 0xFFFF or Any but excluding 0x800 IPv4 and 0x86DD IPv6 default value is Any LLC SSAP Address Valid SSAP Source Service Access Point can vary from 0x00 to 0xFF or Any the default value is Any DSAP Address V...

Page 214: ...r Any specific or port range applicable for IP protocol UDP TCP Dport Destination TCP UDP port 0 65535 or Any specific or port range applicable for IP protocol UDP TCP Action Parameters Class QoS class 0 7 or Default DP Valid Drop Precedence Level can be 0 1 or Default DSCP Valid DSCP value can be 0 63 BE CS1 CS7 EF or AF11 AF43 or Default Default means that the default classified value is not mod...

Page 215: ...ction Indicates the classification action taken on ingress frame if parameters configured are matched with the frame s content There are three action fields Class DPL and DSCP Class Classified QoS Class if a frame matches the QCE it will be put in the queue DPL Drop Precedence Level if a frame matches the QCE then DP level will set to value displayed under DPL column DSCP If a frame matches the QC...

Page 216: ...ess Queue Policers Page Screenshot The page includes the following fields Object Description Port The port number for which the configuration below applies Enable E Controls whether the queue policer is enabled on this switch port Rate Controls the rate for the queue policer The default value is 500 This value is restricted to 100 1000000 when the Unit is kbps and it is restricted to 1 3300 when t...

Page 217: ... unicast multicast or broadcast traffic across the switch The Storm Control Configuration screen in Figure 4 9 17 appears Figure 4 9 17 Storm Control Configuration Page Screenshot The page includes the following fields Object Description Frame Type The settings in a particular row apply to the frame type listed here unicast multicast Broadcast Enable Enable or disable the storm control status for ...

Page 218: ... page includes the following fields Object Description Port The logical port for the settings contained in the same row Q0 Q7 There are 8 QoS queues per port Q0 is the lowest priority queue Rx Tx The number of received and transmitted packets per queue Buttons Auto refresh Check this box to refresh the page automatically Automatic refresh occurs every 3 seconds Click to refresh the page immediate ...

Page 219: ...d through its own GUI The Voice VLAN Configuration screen in Figure 4 9 19 appears Figure 4 9 19 Voice VLAN Configuration Page Screenshot The page includes the following fields Object Description Mode Indicates the Voice VLAN mode operation We must disable MSTP feature before we enable Voice VLAN It can avoid the conflict of ingress filter Possible modes are Enabled Enable Voice VLAN mode operatio...

Page 220: ...Voice VLAN members automatically Forced Forced join to Voice VLAN All means all ports will have one specific setting Port Security Indicates the Voice VLAN port security mode When the function is enabled all non telephone MAC address in Voice VLAN will be blocked 10 seconds Possible port modes are Enabled Enable Voice VLAN security mode operation Disabled Disable Voice VLAN security mode operation...

Page 221: ...ect Description Delete Check to delete the entry It will be deleted during the next save Telephony OUI An telephony OUI address is a globally unique identifier assigned to a vendor by IEEE It must be 6 characters long and the input format is xx xx xx x is a hexadecimal digit Description The description of OUI address Normaly it descript which vendor telephony device The allowed string length is 0 ...

Page 222: ...s permission associated with a particular ACE ID There are three ACE frame types Ethernet Type ARP and IPv4 and two ACE actions permit and deny The ACE also contains many detailed different parameter options that are available for individual application 4 10 1 Access Control List Status This page shows the ACL status by different ACL users Each row describes the ACE that is defined It is a conflic...

Page 223: ...edirect operation of the ACE Frames matching the ACE are redirected to the port number The allowed values are Disabled or a specific port number When Disabled is displayed the port redirect operation is disabled Mirror Specify the mirror operation of this port The allowed values are Enabled Frames received on the port are mirrored Disabled Frames received on the port are not mirrored The default v...

Page 224: ...number and bitmask of the ACE Frame Type Indicates the frame type of the ACE Possible values are Any The ACE will match any frame type EType The ACE will match Ethernet Type frames Note that an Ethernet Type based ACE will not get matched by IP and ARP frames ARP The ACE will match ARP RARP frames IPv4 The ACE will match all IPv4 frames IPv4 ICMP The ACE will match IPv4 frames with ICMP protocol I...

Page 225: ...unter indicates the number of times the ACE was hit by a frame Modification Buttons You can modify each ACE Access Control Entry in the table using the following buttons Inserts a new ACE before the current row Edits the ACE row Moves the ACE up the list Moves the ACE down the list Deletes the ACE The lowest plus sign adds a new entry at the bottom of the ACE listings Buttons Auto refresh Check th...

Page 226: ...pears Figure 4 10 3 ACE Configuration Page Screenshot The page includes the following fields Object Description Ingress Port Select the ingress port for which this ACE applies All The ACE applies to all port Portn The ACE applies to this port number where n is the number of the switch port Policy Filter Specify the policy number filter for this ACE Any No policy filter is specified policy filter s...

Page 227: ...the rate limiter operation is disabled EVC Policer Select whether EVC policer is enabled or disabled The default value is Disabled EVC Policer ID Select which EVC policer ID to apply on this ACE The allowed values are Disabled or the values 1 through 128 Port Redirect Frames that hit the ACE are redirected to the port number specified here The allowed range is the same as the switch port number ra...

Page 228: ...s ACE choose this value A field for entering a DMAC value appears DMAC Value When Specific is selected for the DMAC filter you can enter a specific destination MAC address The legal format is xx xx xx xx xx xx A frame that hits this ACE matches this DMAC value VLAN Parameters Object Description 802 1Q Tagged Specify whether frames can hit the action according to the 802 1Q tagged The allowed value...

Page 229: ...r IP address in the SIP Address field that appears Network Sender IP filter is set to Network Specify the sender IP address and sender IP mask in the SIP Address and SIP Mask fields that appear Sender IP Address When Host or Network is selected for the sender IP filter you can enter a specific sender IP address in dotted decimal notation Sender IP Mask When Network is selected for the sender IP fi...

Page 230: ... is allowed don t care IP Specify whether frames can hit the action according to their ARP RARP hardware address space HRD settings 0 ARP RARP frames where the HLD is equal to Ethernet 1 1 ARP RARP frames where the HLD is equal to Ethernet 1 Any Any value is allowed don t care Ethernet Specify whether frames can hit the action according to their ARP RARP protocol address space PRO settings 0 ARP R...

Page 231: ...es where the MF bit is set or the FRAG OFFSET field is greater than zero must not be able to match this entry Yes IPv4 frames where the MF bit is set or the FRAG OFFSET field is greater than zero must be able to match this entry Any Any value is allowed don t care IP Option Specify the options flag setting for this ACE No IPv4 frames where the options flag is set must not be able to match this ent...

Page 232: ...ilter status is don t care Specific If you want to filter a specific ICMP filter with this ACE you can enter a specific ICMP value A field for entering an ICMP value appears ICMP Type Value When Specific is selected for the ICMP filter you can enter a specific ICMP value The allowed range is 0 to 255 A frame that hits this ACE matches this ICMP value ICMP Code Filter Specify the ICMP code filter f...

Page 233: ...nter a specific TCP UDP destination value A field for entering a TCP UDP destination value appears Range If you want to filter a specific range TCP UDP destination filter with this ACE you can enter a specific TCP UDP destination range value A field for entering a TCP UDP destination value appears TCP UDP Destination Number When Specific is selected for the TCP UDP destination filter you can enter...

Page 234: ...e is allowed don t care TCP URG Specify the TCP Urgent Pointer field significant URG value for this ACE 0 TCP frames where the URG field is set must not be able to match this entry 1 TCP frames where the URG field is set must be able to match this entry Any Any value is allowed don t care Ethernet Type Parameters The Ethernet Type parameters can be configured when Frame Type Ethernet Type is selec...

Page 235: ... ACL Ports Configuration Page Screenshot The page includes the following fields Object Description Port The logical port for the settings contained in the same row Policy ID Select the policy to apply to this port The allowed values are 1 through 8 The default value is 1 Action Select whether forwarding is permitted Permit or denied Deny The default value is Permit All means all ports will have on...

Page 236: ...emory size and logging rate is limited All means all ports will have one specific setting Shutdown Specify the port shut down operation of this port The allowed values are Enabled If a frame is received on the port the port will be disabled Disabled Port shut down is disabled The default value is Disabled All means all ports will have one specific setting State Specify the port state of this port ...

Page 237: ...e includes the following fields Object Description Rate Limiter ID The rate limiter ID for the settings contained in the same row Rate The allowed values are 0 3276700 in pps or 0 100 200 300 1000000 in kbps Unit Specify the rate unit The allowed values are pps packets per second kbps Kbits per second All means all ports will have one specific setting Buttons Click to save changes Click to undo an...

Page 238: ...et containing a success or failure indication Besides forwarding this decision to the supplicant the switch uses it to open up or block traffic on the switch port connected to the supplicant Overview of MAC Based Authentication Unlike 802 1X MAC based authentication is not a standard but merely a best practices method adopted by the industry In MAC based authentication users are called clients and...

Page 239: ...e or TACACS aware devices on the network An authentication server contains a database of multiple user name password pairs with associated privilege levels for each user that requires management access to the Managed Switch 4 11 1 Understanding IEEE 802 1X Port Based Authentication The IEEE 802 1X standard defines a client server based access control and authentication protocol that restricts unau...

Page 240: ...ts as the proxy the authentication service is transparent to the client In this release the Remote Authentication Dial In User Service RADIUS security system with Extensible Authentication Protocol EAP extensions is the only supported authentication server it is available in Cisco Secure Access Control Server version 3 0 RADIUS operates in a client server model in which secure authentication infor...

Page 241: ... identity request frame followed by one or more requests for authentication information Upon receipt of the frame the client responds with an EAP response identity frame However if during bootup the client does not receive an EAP request identity frame from the switch the client can initiate authentication by sending an EAPOL start frame which prompts the switch to request the client s identity If...

Page 242: ...col the client initiates the authentication process by sending the EAPOL start frame When no response is received the client sends the request for a fixed number of times Because no response is received the client begins sending frames as if the port is in the authorized state If the client is successfully authenticated receives an Accept frame from the authentication server the port state changes...

Page 243: ...ethod Authentication Method can be set to one of the following values None authentication is disabled and login is not possible local use the local user database on the switch stack for authentication RADIUS use a remote RADIUS server for authentication TACACSt use a remote TACACS server for authentication Fallback Enable fallback to local authentication by checking this box If none of the configu...

Page 244: ... AAA page The IEEE802 1X standard defines port based operation but non standard variants overcome security limitations as shall be explored below MAC based authentication allows for authentication of more than one user on the same port and doesn t require the user to have special 802 1X supplicant software installed on his system The switch uses the user s MAC address to authenticate against the b...

Page 245: ...eout Determines the time between retransmission of Request Identity EAPOL frames Valid values are in the range 1 to 255 seconds This has no effect for MAC based ports Aging Period This setting applies to the following modes i e modes using the Port Security functionality to secure MAC addresses Single 802 1X Multi 802 1X MAC Based Auth When the NAS module uses the Port Security module to secure MA...

Page 246: ...r a detailed description The RADIUS Assigned QoS Enabled checkbox provides a quick way to globally enable disable RADIUS server assigned QoS Class functionality When checked the individual ports ditto setting determine whether RADIUS assigned QoS Class is enabled for that port When unchecked RADIUS server assigned QoS Class is disabled for all ports RADIUS Assigned VLAN Enabled RADIUS assigned VLA...

Page 247: ...emembers if an EAPOL frame has been received on the port for the life time of the port Once the switch considers whether to enter the Guest VLAN it will first check if this option is enabled or disabled If disabled unchecked default the switch will only enter the Guest VLAN if an EAPOL frame has not been received on the port for the life time of the port If enabled checked the switch will consider...

Page 248: ...are needed for a particular method The switch simply encapsulates the EAP part of the frame into the relevant type EAPOL or RADIUS and forwards it When authentication is complete the RADIUS server sends a special packet containing a success or failure indication Besides forwarding this decision to the supplicant the switch uses it to open up or block traffic on the switch port connected to the sup...

Page 249: ...or network traffic This allows other clients connected to the port for instance through a hub to piggy back on the successfully authenticated client and get network access even though they really aren t authenticated To overcome this security breach use the Multi 802 1X variant Multi 802 1X is really not an IEEE standard but features many of the same characteristics as does port based 802 1X Multi...

Page 250: ...dvantage of MAC based authentication over port based 802 1X is that several clients can be connected to the same port e g through a 3rd party switch or a hub and still require individual authentication and that the clients don t need special supplicant software to authenticate The advantage of MAC based authentication over 802 1 X based authentication is that the clients don t need special supplic...

Page 251: ... is successfully authenticated If present and valid the port s Port VLAN ID will be changed to this VLAN ID the port will be set to be a member of that VLAN ID and the port will be forced into VLAN unaware mode Once assigned all traffic arriving on the port will be classified and switched on the RADIUS assigned VLAN ID If re authentication fails or the RADIUS Access Accept packet no longer carries...

Page 252: ...d VLAN Port pages These pages show which modules have temporarily overridden the current Port VLAN configuration Guest VLAN Operation When a Guest VLAN enabled port s link comes up the switch starts transmitting EAPOL Request Identity frames If the number of transmissions of such frames exceeds Max Reauth Count and no EAPOL frames have been received in the meanwhile the switch considers entering t...

Page 253: ... X Auth Y Unauth The port is in a multi supplicant mode Currently X clients are authorized and Y are unauthorized Restart Two buttons are available for each row The buttons are only enabled when authentication is globally enabled and the port s Admin State is in an EAPOL based or MAC based mode Clicking these buttons will not cause settings changed on the page to take effect Reauthenticate Schedul...

Page 254: ...cription of the individual states Last Source The source MAC address carried in the most recently received EAPOL frame for EAPOL based authentication and the most recently received frame from a new client for MAC based authentication Last ID The user name supplicant identity carried in the most recently received Response Identity EAPOL frame for EAPOL based authentication and the source MAC addres...

Page 255: ...ess Statistics screen in Figure 4 11 6 appears Figure 4 11 6 Network Access Statistics Page Screenshot The page includes the following fields Port State Object Description Admin State The port s current administrative state Refer to NAS Admin State for a description of possible values Port State The current state of the port Refer to NAS Port State for a description of the individual states QoS Cl...

Page 256: ...1xAuthEapolRespId FramesRx The number of valid EAPOL Response Identity frames that have been received by the switch Rx Responses dot1xAuthEapolRespFr amesRx The number of valid EAPOL response frames other than Response Identity frames that have been received by the switch Rx Start dot1xAuthEapolStartFra mesRx The number of EAPOL Start frames that have been received by the switch Rx Logoff dot1xAut...

Page 257: ...sTx The number of valid EAPOL Request frames other than Request Identity frames that have been transmitted by the switch Backend Server Counters These backend RADIUS frame counters are available for the following administrative states Port based 802 1X Single 802 1X Multi 802 1X MAC based Auth Direction Name IEEE Name Description Rx Access Challenges dot1xAuthBackendAcce ssChallenges 802 1X based ...

Page 258: ... of times that the switch receives a success indication Indicates that the supplicant client has successfully authenticated to the backend server Rx Auth Failures dot1xAuthBackendAuth Fails 802 1X and MAC based Counts the number of times that the switch receives a failure message This indicates that the supplicant client has not authenticated to the backend server Tx Responses dot1xAuthBackendResp...

Page 259: ...nistrative states Port based 802 1X Single 802 1X Multi 802 1X MAC based Auth Name IEEE Name Description MAC Address dot1xAuthLastEapolF rameSource The MAC address of the last supplicant client VLAN ID The VLAN ID on which the last frame from the last supplicant client was received Version dot1xAuthLastEapolF rameVersion 802 1X based The protocol version number carried in the most recently receive...

Page 260: ...of the attached supplicant For MAC based Auth this column holds the MAC address of the attached client Clicking the link causes the client s Backend Server counters to be shown in the Selected Counters table If no clients are attached it shows No clients attached VLAN ID This column holds the VLAN ID that the corresponding client is currently secured through the Port Security module State The clie...

Page 261: ...ounters for the selected port This button is available in the following modes Multi 802 1X MAC based Auth X Click to clear both the port counters and all of the attached client s counters The Last Client will not be cleared however This button is available in the following modes Multi 802 1X MAC based Auth X Click to clear only the currently selected client s counters ...

Page 262: ...1 6 Authentication Server Configuration This page allows you to configure the Authentication Servers The Authentication Server Configuration screen in Figure 4 11 7 appears Figure 4 11 7 Authentication Server Configuration Page Screenshot ...

Page 263: ...is the period during which the switch will not send new requests to a server that has failed to respond to a previous request This will stop the switch from continually trying to contact a server that it has already determined as dead Setting the Dead Time to a value greater than 0 zero will enable this feature but only if more than one server has been configured RADIUS Authentication Server Confi...

Page 264: ...ween the RADIUS Accounting Server and the switch TACACS Authentication Server Configuration The table has one row for each TACACS Authentication Server and a number of columns which are Object Description The TACACS Authentication Server number for which the configuration below applies Enabled Enable the TACACS Authentication Server by checking this box IP Address Hostname The IP address or hostna...

Page 265: ...ck to navigate to detailed statistics for this server IP Address The IP address and UDP port number in IP Address UDP Port notation of this server Status The current state of the server This field takes one of the following values Disabled The server is disabled Not Ready The server is enabled but IP communication is not yet up and running Ready The server is enabled IP communication is up and run...

Page 266: ... disabled Not Ready The server is enabled but IP communication is not yet up and running Ready The server is enabled IP communication is up and running and the RADIUS module is ready to accept accounting attempts Dead X seconds left Accounting attempts were made to this server but it did not reply within the configured timeout The server has temporarily been disabled but will get re enabled when t...

Page 267: ...e includes the following fields RADIUS Authentication Servers The statistics map closely to those specified in RFC4668 RADIUS Authentication Client MIB Use the server select box to switch between the backend servers to show details for Object Description Packet Counters RADIUS authentication server packet counter There are seven receive and four transmit counters Direction Name RFC4668 Name Descri...

Page 268: ...med packets include packets with an invalid length Bad authenticators or Message Authenticator attributes or unknown types are not included as malformed access responses Rx Bad Authenticators radiusAuthClientExtB adAuthenticators The number of RADIUS Access Response packets containing invalid authenticators or Message Authenticator attributes received from the server Rx Unknown Types radiusAuthCli...

Page 269: ... a response This variable is incremented when an Access Request is sent and decremented due to receipt of an Access Accept Access Reject Access Challenge timeout or retransmission Tx Timeouts radiusAuthClientExtT imeouts The number of authentication timeouts to the server After a timeout the client may retry to the same server send to a different server or give up A retry to the same server is cou...

Page 270: ...ime interval measured in milliseconds between the most recent Access Reply Access Challenge and the Access Request that matched it from the RADIUS authentication server The granularity of this measurement is 100 ms A value of 0 ms indicates that there hasn t been round trip communication with the server yet RADIUS Accounting Servers The statistics map closely to those specified in RFC4670 RADIUS A...

Page 271: ...d from the server on the accounting port and dropped for some other reason Tx Requests radiusAccClientExt Requests The number of RADIUS packets sent to the server This does not include retransmissions Tx Retransmissions radiusAccClientExt Retransmissions The number of RADIUS packets retransmitted to the RADIUS accounting server Tx Pending Requests radiusAccClientExt PendingRequests The number of R...

Page 272: ...yet up and running Ready The server is enabled IP communication is up and running and the RADIUS module is ready to accept accounting attempts Dead X seconds left Accounting attempts were made to this server but it did not reply within the configured timeout The server has temporarily been disabled but will get re enabled when the dead time expires The number of seconds left before this occurs is ...

Page 273: ...ion 4 11 9 Windows Platform RADIUS Server Configuration Setup the RADIUS server and assign the client IP address to the Managed switch In this case field in the default IP Address of the Managed Switch with 192 168 0 100 And also make sure the shared secret key is as same as the one you had set at the Managed Switch s 802 1x system configuration 12345678 at this case 1 Configure the IP Address of ...

Page 274: ...0080F 274 2 Add New RADIUS Cleint on the Windows 2003 server Figure 4 11 11 Windows Server Add New RADIUS Client Setting 3 Assign the client IP address to the Managed Switch Figure 4 11 12 Windows Server RADIUS Server Setting ...

Page 275: ...e 4 11 13 Windows Server RADIUS Server Setting 5 Configure ports attribute of 802 1X the same as 802 1X Port Configuration Figure 4 11 14 802 1x Port Configuration 6 Create user data The establishment of the user data needs to be created on the Radius Server PC For example the Radius Server founded on Win2003 Server and then ...

Page 276: ...User s Manual of MGSD 10080F 276 Figure 4 11 15 Windows 2003 AD Server Setting Path ...

Page 277: ...Enter Active Directory Users and Computers create legal user data the next right click a user what you created to enter properties and what to be noticed Figure 4 11 16 Add User Properties Screen Figure 4 11 17 Add User Properties Screen ...

Page 278: ...dows 98SE ME 2000 an 802 1X client utility is needed The following procedures show how to configure 802 1X Authentication in Windows XP Please note that if you want to change the 802 1x authentication type of a wireless client i e switch to EAP TLS from EAP MD5 you must remove the current existing wireless network from your preferred connection first and add it in again Configure Sample EAP MD5 Au...

Page 279: ... to enable 802 1x authentication 6 Select MD 5 Challenge from the drop down list box for EAP type Figure 4 11 19 7 Click OK 8 When client has associated with the Managed Switch a user authentication notice appears in system tray Click on the notice to continue Figure 4 11 20 Windows Client Popup Login Request Message ...

Page 280: ...User s Manual of MGSD 10080F 280 9 Enter the user name password and the logon domain that your account belongs 10 Click OK to complete the validation process Figure 4 11 21 ...

Page 281: ...l This page allows you to configure the Port Security Limit Control system and port settings Limit Control allows for limiting the number of users on a given port A user is identified by a MAC address and VLAN ID If Limit Control is enabled on a port the limit specifies the maximum number of users on the port If this number is exceeded an action is taken The action can be one of the four different...

Page 282: ...cks and corresponding actions are disabled Aging Enabled If checked secured MAC addresses are subject to aging as discussed under Aging Period Aging Period If Aging Enabled is checked then the aging period is controlled with this input If other modules are using the underlying port security for securing MAC addresses they may have other requirements to the aging period The underlying port security...

Page 283: ...iguration All with available options will assign to whole ports Controls whether Limit Control is enabled on this port Both this and the Global Mode must be set to Enabled for Limit Control to be in effect Notice that other modules may still use the underlying port security features without enabling Limit Control on a given port Limit The maximum number of MAC addresses that can be secured on this...

Page 284: ... of view The state takes one of four values Disabled Limit Control is either globally disabled or disabled on the port Ready The limit is not yet reached This can be shown for all actions Limit Reached Indicates that the limit is reached on this port This state can only be shown if Action is set to None or Trap Shutdown Indicates that the port is shut down by the Limit Control module This state ca...

Page 285: ...Disable access management mode operation Delete Check to delete the entry It will be deleted during the next save Start IP Address Indicates the start IP address for the access management entry End IP Address Indicates the end IP address for the access management entry HTTP HTTPS Indicates the host can access the switch from HTTP HTTPS interface that the host IP address matched the entry SNMP Indi...

Page 286: ...ce that allowed remote host can access the Managed Switch Receive Packets The received packets number from the interface under access management mode is enabled Allowed Packets The allowed packets number from the interface under access management mode is enabled Discard Packets The discarded packets number from the interface under access management mode is enabled Buttons Auto refresh Check this b...

Page 287: ...he HTTPS mode operation Possible modes are Enabled Enable HTTPS mode operation Disabled Disable HTTPS mode operation Automatic Redirect Indicates the HTTPS redirect mode operation Automatic redirect web browser to HTTPS during HTTPS mode enabled Possible modes are Enabled Enable HTTPS redirect mode operation Disabled Disable HTTPS redirect mode operation Buttons Click to save changes Click to undo...

Page 288: ...ddress to be set in the forwarding state all enabled user modules must unanimously agree on allowing the MAC address to forward If only one chooses to block it it will be blocked until that user module decides otherwise The status page is divided into two sections one with a legend of user modules and one with the actual port status The SSH Configuration screen in Figure 4 12 5 appears Figure 4 12...

Page 289: ... block it For a MAC address to be set in the forwarding state all enabled user modules must unanimously agree on allowing the MAC address to forward If only one chooses to block it it will be blocked until that user module decides otherwise The status page is divided into two sections one with a legend of user modules and one with the actual port status The Port Security Status screen in Figure 4 ...

Page 290: ...ne user module and is awaiting frames from unknown MAC addresses to arrive Limit Reached The Port Security service is enabled by at least the Limit Control user module and that module has indicated that the limit is reached and no more MAC addresses should be taken in Shutdown The Port Security service is enabled by at least the Limit Control user module and that module has indicated that the limi...

Page 291: ...VLAN ID The MAC address and VLAN ID that is seen on this port If no MAC addresses are learned a single row stating No MAC addresses attached is displayed State Indicates whether the corresponding MAC address is blocked or forwarding In the blocked state it will not be allowed to transmit or receive traffic Time of Addition Shows the date and time when this MAC address was first seen on the port Ag...

Page 292: ...e includes the following fields Object Description Snooping Mode Indicates the DHCP snooping mode operation Possible modes are Enabled Enable DHCP snooping mode operation When enable DHCP snooping mode operation the request DHCP messages will be forwarded to trusted ports and only allowed reply packets from trusted ports Disabled Disable DHCP snooping mode operation Port Mode Indicates the DHCP sn...

Page 293: ... Snooping Port Statistics Screen Page Screenshot The page includes the following fields Object Description Rx and Tx Discover The number of discover option 53 with value 1 packets received and transmitted Rx and Tx Offer The number of offer option 53 with value 2 packets received and transmitted Rx and Tx Request The number of request option 53 with value 3 packets received and transmitted Rx and ...

Page 294: ...tted Rx and Tx Lease Unassigned The number of lease unassigned option 53 with value 11 packets received and transmitted Rx and Tx Lease Unknown The number of lease unknown option 53 with value 12 packets received and transmitted Rx and Tx Lease Active The number of lease active option 53 with value 13 packets received and transmitted Buttons Auto refresh Check this box to refresh the page automati...

Page 295: ...ration Screen Page Screenshot The page includes the following fields Object Description Mode of IP Source Guard Configuration Enable the Global IP Source Guard or disable the Global IP Source Guard All configured ACEs will be lost when the mode is enabled Port Mode Configuration Specify IP Source Guard is enabled on which ports Only when both Global Mode and Port Mode on a given port are enabled I...

Page 296: ...s Static IP Source Guard Table The Static IP Source Guard Table screen in Figure 4 12 11 appears Figure 4 12 11 Static IP Source Guard Table Screen Page Screenshot The page includes the following fields Object Description Delete Check to delete the entry It will be deleted during the next save Port The logical port for the settings VLAN ID The VLAN ID for the settings IP Address Allowed Source IP ...

Page 297: ...ated configuration The ARP Inspection Configuration screen in Figure 4 12 12 appears Figure 4 12 12 ARP Inspection Configuration Screen Page Screenshot The page includes the following fields Object Description Mode of ARP Inspection Configuration Enable the Global ARP Inspection or disable the Global ARP Inspection Port Mode Configuration Specify ARP Inspection is enabled on which ports Only when ...

Page 298: ...3 appears Figure 4 12 13 Static ARP Inspection Table Screen Page Screenshot The page includes the following fields Object Description Delete Check to delete the entry It will be deleted during the next save Port The logical port for the settings VLAN ID The VLAN ID for the settings MAC Address Allowed Source MAC address in ARP request packets IP Address Allowed Source IP address in ARP request pac...

Page 299: ...and switch ports The frames also contain a MAC address SMAC address which shows the MAC address of the equipment sending the frame The SMAC address is used by the switch to automatically update the MAC table with these dynamic MAC addresses Dynamic entries are removed from the MAC table if no frame with the corresponding SMAC address has been seen after a configurable age time 4 13 1 MAC Address T...

Page 300: ...ption Auto Learning is done automatically as soon as a frame with unknown SMAC is received Disable No learning is done Secure Only static MAC entries are learned all other frames are dropped Note Make sure that the link used for managing the switch is added to the Static Mac Table before changing to secure learning mode otherwise the management link is lost and can only be restored by using anothe...

Page 301: ...irst visited the web page will show the first 20 entries from the beginning of the MAC Table The first displayed will be the one with the lowest VLAN ID and the lowest MAC address found in the MAC Table The Start from MAC address and VLAN input fields allow the user to select the starting point in the MAC Table Clicking the Refresh button will update the displayed table starting from that or the c...

Page 302: ...mic ARP Inspection Table are shown on this page The Dynamic ARP Inspection Table contains up to 1024 entries and is sorted first by port then by VLAN ID then by MAC address and then by IP address The Dynamic ARP Inspection Table screen in Figure 4 13 3 appears Figure 4 13 3 Dynamic ARP Inspection Table Screenshot Navigating the ARP Inspection Table Each page shows up to 999 entries from the Dynami...

Page 303: ...ting from the input fields Updates the table starting from the first entry in the Dynamic ARP Inspection Table Updates the table starting with the entry after the last entry currently displayed 4 13 4 Dynamic IP Source Guard Table Entries in the Dynamic IP Source Guard Table are shown on this page The Dynamic IP Source Guard Table is sorted first by port then by VLAN ID then by IP address and then...

Page 304: ...d the text No more entries is shown in the displayed table Use the button to start over The page includes the following fields Object Description Port Switch Port Number for which the entries are displayed VLAN ID VLAN ID in which the IP traffic is permitted IP Address User IP Address of the entry MAC Address Source MAC Address Buttons Auto refresh Check this box to refresh the page automatically ...

Page 305: ... store and maintain information gathered about the neighboring network nodes it discovers Link Layer Discovery Protocol Media Endpoint Discovery LLDP MED is an extension of LLDP intended for managing endpoint devices such as Voice over IP phones and network switches The LLDP MED TLVs advertise information such as network policy power inventory and device location details LLDP and LLDP MED informat...

Page 306: ...he default TTL is 4 30 120 seconds Tx Delay If some configuration is changed e g the IP address a new LLDP frame is transmitted but the time between the LLDP frames will always be at least the value of Tx Delay seconds Tx Delay cannot be larger than 1 4 of the Tx Interval value Valid values are restricted to 1 8192 seconds This attribute must comply with the rule 4 Delay Interval Transmission Inte...

Page 307: ...n the LLDP neighbours table CDP TLV Port ID is mapped to the LLDP Port ID field CDP TLV Version and Platform is mapped to the LLDP System Description field Both the CDP and LLDP support system capabilities but the CDP capabilities cover capabilities that are not part of the LLDP These capabilities are shown as others in the LLDP neighbours table If all ports have CDP awareness disabled the switch ...

Page 308: ... the port sending this advertisement The management address TLV may also include information about the specific interface associated with this address and an object identifier indicating the type of hardware component or protocol entity associated with this address Buttons Click to save changes Click to undo any changes made locally and revert to previously saved values 4 14 3 LLDP MED Configurati...

Page 309: ... advertise LLDP MED TLVs in outgoing LLDPDUs on the associated port The LLDP MED application will temporarily speed up the transmission of the LLDPDU to start within a second when a new LLDP MED neighbor has been detected in order share LLDP MED information as fast as possible to new neighbors Because there is a risk that a LLDP frame being lost during transmission between neighbors it is recommen...

Page 310: ... level at the main entrance Map Datum The Map Datum used for the coordinates given in this Option WGS84 Geographical 3D World Geodesic System 1984 CRS Code 4327 Prime Meridian Name Greenwich NAD83 NAVD88 North American Datum 1983 CRS Code 4269 Prime Meridian Name Greenwich The associated vertical datum is the North American Vertical Datum of 1988 NAVD88 This datum pair is to be used when referenci...

Page 311: ... Jahn Zip code Postal zip code Example 2791 Building Building structure Example Low Library Apartment Unit Apartment suite Example Apt 42 Floor Floor Example 4 Room no Room number Example 450F Place type Place type Example Office Postal community name Postal community name Example Leonia P O Box Post office box P O BOX Example 12345 Additional code Additional code Example 1320300003 Emergency Call...

Page 312: ...cy for the media types above A large network may support multiple VoIP policies across the entire organization and different policies per application type LLDP MED allows multiple policies to be advertised per port each corresponding to a different application type Different ports on the same Network Connectivity Device may advertise different sets of policies based on the authenticated user ident...

Page 313: ... Video Conferencing Streaming Video for use by broadcast or multicast based video content distribution and other similar applications supporting streaming video services that require specific network policy treatment Video applications relying on TCP with buffering would not be an intended use of this application type Video Signaling conditional for use in network topologies that require a separat...

Page 314: ...t values 0 through 63 A value of 0 represents use of the default DSCP value as defined in RFC 2475 Port Policies Configuration Every port may advertise a unique set of network policies or different attributes for the same network policies based on the authenticated user identity or port configuration Object Description Port The port number for which the configuration applies Policy ID The set of p...

Page 315: ...e port on which the LLDP frame was received Device Type LLDP MED Devices are comprised of two primary Device Types Network Connectivity Devices and Endpoint Devices LLDP MED Network Connectivity Device Definition LLDP MED Network Connectivity Devices as defined in TIA 1057 provide access to the IEEE 802 based LAN infrastructure for LLDP MED Endpoint Devices An LLDP MED Network Connectivity Device ...

Page 316: ...ices defined in this class include LAN configuration device location network policy power management and inventory management LLDP MED Media Endpoint Class II The LLDP MED Media Endpoint Class II definition is applicable to all endpoint products that have IP media capabilities however may or may not be associated with a particular end user Capabilities include all of the capabilities defined for t...

Page 317: ...e VLAN for ease of deployment and enhanced security by isolation from data applications Voice Signaling for use in network topologies that require a different policy for the voice signaling than for the voice media Guest Voice to support a separate limited feature set voice service for guest users and visitors with their own IP Telephony handsets and other similar appliances supporting interactive...

Page 318: ...ly the IEEE 802 1D priority level is significant and the default PVID of the ingress port is used instead Priority Priority is the Layer 2 priority to be used for the specified application type One of eight priority levels 0 through 7 DSCP DSCP is the DSCP value to be used to provide Diffserv node behavior for the specified application type as defined in IETF RFC 2474 Contain one of 64 code point ...

Page 319: ...rtised by the neighbor unit Port Description Port Description is the port description advertised by the neighbor unit System Capabilities System Capabilities describes the neighbor unit s capabilities The possible capabilities are 1 Other 2 Repeater 3 Bridge 4 WLAN Access Point 5 Router 6 Telephone 7 DOCSIS cable device 8 Station only 9 Reserved When a capability is enabled the capability is follo...

Page 320: ...ing fields Global Counters Object Description Neighbor entries were last changed at It also shows the time when the last entry was last deleted or added It also shows the time elapsed since the last change was detected Total Neighbors Entries Added Shows the number of new entries added since switch reboot Total Neighbors Entries Deleted Shows the number of new entries deleted since switch reboot T...

Page 321: ...ined within the table Entries are removed from the table when a given port links down an LLDP shutdown frame is received or when the entry ages out TLVs Discarded Each LLDP frame can contain multiple pieces of information known as TLVs TLV is short for Type Length Value If a TLV is malformed it is counted and discarded TLVs Unrecognized The number of well formed TLVs but with an unknown type value...

Page 322: ...s The Managed Switch transmits ICMP packets and the sequence number and roundtrip time are displayed upon reception of a reply Cable Diagnostics The Cable Diagnostics is performing tests on copper cables These functions have the ability to identify the cable length and operating conditions and to isolate a variety of common faults that can occur on the Cat5 twisted pair cabling There might be two ...

Page 323: ... appears Figure 4 15 1 ICMP Ping Page Screenshot The page includes the following fields Object Description IP Address The destination IP Address Ping Length The payload size of the ICMP packet Values range from 2 bytes to 1452 bytes Ping Count The count of the ICMP packet Values range from 1 time to 60 times Ping Interval The interval of the ICMP packet Values range from 0 second to 30 seconds Be ...

Page 324: ...Address Ping Length The payload size of the ICMP packet Values range from 2 bytes to 1452 bytes Ping Count The count of the ICMP packet Values range from 1 time to 60 times Ping Interval The interval of the ICMP packet Values range from 0 second to 30 seconds Button Click to start transmitting ICMP packets Click to re start diagnostics with PING 4 15 3 Remote IP Ping Test This page allows you to i...

Page 325: ...mote IP Address The destination IP Address Ping Size The payload size of the ICMP packet Values range from 8 bytes to 1400 bytes Result Display the ping result Buttons Click to start ping process Click to save changes Click to undo any changes made locally and revert to previously saved values Clears the local counters All counters including global counters are cleared upon reboot ...

Page 326: ...ning cable diagnostic Therefore running cable diagnastic on a 10 or 100 Mbps management port will cause the switch to stop responding until VeriPHY is complete The ports belong to the currently selected stack unit as reflected by the page header The VeriPHY Cable Diagnostics screen in Figure 4 15 4 appears Figure 4 15 4 VeriPHY Cable Diagnostics Page Screenshot The page includes the following fiel...

Page 327: ...oop Protection Configuration Page Screenshot The page includes the following fields General Settings Object Description Enable Loop Protection Controls whether loop protections is enabled as a whole Transmission Time The interval between each loop protection PDU sent on each port valid values are 1 to 10 seconds Shutdown Time The period in seconds for which a port will be kept disabled in the even...

Page 328: ...whether the port is actively generating loop protection PDU s or whether it is just passively looking for looped PDU s Buttons Click to save changes Click to undo any changes made locally and revert to previously saved values 4 16 2 Status This page displays the loop protection port status the ports from the Managed Switch Figure 4 16 2 Loop Protection Status Page Screenshot The page includes the ...

Page 329: ...us of the port Loop Whether a loop is currently detected on the port Time of Last Loop The time of the last loop event detected Buttons Auto refresh Check this box to refresh the page automatically Automatic refresh occurs every 3 seconds Click to refresh the page immediate ...

Page 330: ...ts generated by RMON Agent Alarm depends on the implementation of Event Statistics and History display some current or history subnet statistics Alarm and Event provide a method to monitor any integer data change in the network and provide some alerts upon abnormal events sending Trap or record in logs 4 17 1 RMON Alarm Configuration Configure RMON Alarm table on this page The entry index key is I...

Page 331: ...ormal OutErrors The The number of outbound packets that could not be transmitted because of errors OutQLen The length of the output packet queue in packets Sample Type The method of sampling the selected variable and calculating the value to be compared against the thresholds possible sample types are Absolute Get the sample directly Delta Calculate the difference between samples default Value The...

Page 332: ...een in Figure 4 17 2 appears Figure 4 17 2 Port Statistics Overview page screenshot The page includes the following fields Object Description ID Indicates the index of Alarm control entry Interval Indicates the interval in seconds for sampling and comparing the rising and falling threshold Variable Indicates the particular variable to be sampled Sample Type The method of sampling the selected vari...

Page 333: ... delete the entry It will be deleted during the next save ID Indicates the index of the entry The range is from 1 to 65535 Desc Indicates this event the string length is from 0 to 127 default is a null string Type Indicates the notification of the event the possible types are none The total number of octets received on the interface including framing characters log The number of uni cast packets d...

Page 334: ...ith the lowest Event Index and Log Index found in the Event table table screen in Figure 4 17 4 appears Figure 4 17 4 RMON Event Overview page screenshot The page includes the following fields Object Description Event Index Indicates the index of the event entry Log Index Indicates the index of the log entry LogTime Indicates Event log time LogDescription Indicates the Event description Buttons Au...

Page 335: ...statistics data The range is from 1 to 3600 default value is 1800 seconds Buckets Indicates the maximum data entries associated this History control entry stored in RMON The range is from 1 to 3600 default value is 50 Buckets Granted The number of data shall be saved in the RMON Buttons Click to add a new community entry Click to save changes Click to undo any changes made locally and revert to pr...

Page 336: ... Broadcast The total number of good packets received that were directed to the broadcast address Multicast The total number of good packets received that were directed to a multicast address CRCErrors The total number of packets received that had a length excluding framing bits but including FCS octets of between 64 and 1518 octets Undersize The total number of packets received that were less than...

Page 337: ... entry It will be deleted during the next save ID Indicates the index of the entry The range is from 1 to 65535 Data Source Indicates the port ID which wants to be monitored If in stacking switch the value must add 1000 switch ID 1 for example if the port is switch 3 port 5 the value is 2005 Buttons Click to add a new community entry Click to save changes Click to undo any changes made locally and...

Page 338: ...number of good packets received that were directed to a multicast address CRC Errors The total number of packets received that had a length excluding framing bits but including FCS octets of between 64 and 1518 octets inclusive but had either a bad Frame Check Sequence FCS with an integral number of octets FCS Error or a bad FCS with a non integral number of octets Alignment Error Under size The t...

Page 339: ... 512 1023 The total number of packets including bad packets received that were from 512 to 1023 octets in length 1024 1588 The total number of packets including bad packets received that were from 1024 to 1588 octets in length Buttons Auto refresh Check this box to refresh the page automatically Automatic refresh occurs every 6 seconds Click to refresh the page immediate Updates the table starting...

Page 340: ...and two ports should be assigned as the member ports in the ERPS Only one switch in the Ring group would be set as the RPL owner switch in which one port called owner port would be blocked and PRL neighbour switch has one port in which one port called neighbour port would be blocked The neighbour port is connected to the owner port directly and this link is called the Ring Protection Link or RPL E...

Page 341: ... here as screen in Figure 4 19 1 is shown below Figure 4 19 1 MEP configuration page screenshot The page includes the following fields Object Description Delete This box is used to mark an MEP for deletion in next Save operation Instance The ID of the MEP Click on the ID of an MEP to enter the configuration page ...

Page 342: ...ere MEP is monitoring see Direction Level The MEG level of this MEP Flow Instance The MEP is related to this flow See Domain Tagged VID Port MEP An outer C S tag depending on VLAN Port Type is added with this VID Entering 0 means no TAG added This MAC The MAC of this MEP can be used by other MEPs when unicast is selected Info only Alarm There is an active alarm on the MEP Buttons Click to add a ne...

Page 343: ...EP Instance The ID of the MEP Domain See help on MEP create WEB Mode See help on MEP create WEB Direction See help on MEP create WEB Residence Port See help on MEP create WEB Flow Instance See help on MEP create WEB Tagged VID See help on MEP create WEB This MAC See help on MEP create WEB Instance Configuration Object Description Level See help on MEP create WEB ...

Page 344: ...om all Peer MEP ID configured for this MEP cAIS Fault Cause indicating that AIS PDU is received cLCK Fault Cause indicating that LCK PDU is received cSSF Fault Cause indicating that server layer is indicating Signal Fail aBLK The consequent action of blocking service frames in this flow is active aTSF The consequent action of indicating Trail Signal Fail to wards protection is active Delete This b...

Page 345: ...C Fault Cause cPeriod is declared if a CCM PDU has been received with different period see cPeriod Selecting 300f sec or 100f sec will configure HW based CCM if possible Selecting other frame rates will configure SW based CCM In case of enabling Continuity Check and Loss Measurement both implemented on SW based CCM Frame Rate has to be the same APS Protocol Object Description Enable Automatic Prot...

Page 346: ...hanges Click to undo any changes made locally and revert to previously saved values 4 19 3 Ethernet Ring Protocol Switch The Ethernet Ring Protection Switch instances are configured here screen in Figure 4 19 3 appears Figure 4 19 3 Ethernet Ring Protocol Switch page screenshot The page includes the following fields Object Description Delete This box is used to mark an ERPS for deletion in next Sa...

Page 347: ... field indicates that no Port 1 APS MEP is associated with this instance Ring Type Type of Protecting ring It can be either major ring or sub ring Major Ring ID Major ring group ID for the interconnected sub ring It is used to send topology change updates on major ring If ring is major this value is same as the protection group ID of this ring Alarm There is an active alarm on the ERPS Buttons Cli...

Page 348: ... SF MEP See help on ERPS create WEB Port 1 SF MEP See help on ERPS create WEB Port 0 APS MEP See help on ERPS create WEB Port 1 APS MEP See help on ERPS create WEB Ring Type Type of Protected ring It can be either major ring or sub ring Instance Configuration Object Description Configuration Red This ERPS is only created and has not yet been configured is not active Green This ERPS is configured i...

Page 349: ...nel is restored to the working transport entity i e blocked on the RPL In Non Revertive mode the traffic channel continues to use the RPL if it is not failed after a protection switch condition has cleared VLAN Config VLAN configuration of the Protection Group Click on the VLAN Config link to configure VLANs for this protection group PRL Configuration Object Description PRL Role It can be either R...

Page 350: ...seconds RPL Un blocked APS is received on the working flow No APS Received RAPS PDU is not received from the other end Port 0 Block Status Block status for Port 0 Both traffic and R APS block status R APS channel is never blocked on sub rings without virtual channel Port 1 Block Status Block status for Port 1 Both traffic and R APS block status R APS channel is never blocked on sub rings without v...

Page 351: ...shot The page includes the following fields Object Description All Switch Numbers Set all the switch numbers for the ring group The default number is 3 and maximum number is 30 Number ID The switch where you are requesting ERPS Port Configures the port number for the MEP VLAN Set the ERPS VLAN Buttons Click to configure ERPS Click to save changes Click to show the ring topology ...

Page 352: ... Switch ID Port MEP ID RPL Type VLAN Group Switch 1 Port 1 1 None 3001 Port 2 2 Owner 3001 Switch 2 Port 1 4 None 3001 Port 2 3 Neighbour 3001 Switch 3 Port 1 6 None 3001 Port 2 5 None 3001 Table 4 2 ERPS Configuration Table The scenario is described as follows 1 Disable DHCP client and set proper static IP for Switch 1 2 3 In this example switch 1 is 192 168 0 101 switch 2 is 192 168 0 102 and sw...

Page 353: ...witch 2 directly don t connect to port 1 2 Log in on the Switch 2 and click Ring Ring Wizard Set All Switch Number 3 and Number ID 2 click Next button to set the ERPS configuration for Switch 2 Set MEP3 Port2 MEP4 Port1 and VLAN ID 3001 click Set button to save the ERPS configuration for Switch 2 Set ERPS Configuration on Switch 3 Connect PC to switch 3 directly don t connect to port 1 2 Log in on...

Page 354: ...ogether in the ring topology before configuring the end of ERPS Follow the configuration or ERPS wizard to connect the Switch 1 2 3 together to establish ERPS application MEP2 MEP3 Switch1 Port2 Switch2 Port2 MEP4 MEP5 Switch2 Port1 Switch3 Port2 MEP1 MEP6 Switch1 Port1 Switch3 Port1 ...

Page 355: ...ommand keywords and parameters at the prompt Using the Managed Switch s command line interface CLI is very similar to entering commands on a UNIX system This chapter describes how to use the Command Line Interface CLI 5 2 Telnet Login The Managed Switch supports telnet for remote management The Managed Switch asks for user name and password for remote login when using telnet please use admin for u...

Page 356: ... Aggregation LACP Link Aggregation Control Protocol LLDP Link Layer Discovery Protocol LLDPMED Link Layer Discovery Protocol Media EEE Energy Efficient Ethernet Led_power LED power reduction EVC Ethernet Virtual Connections EPS Ethernet Protection Switching MEP Maintainence entity End Point QoS Quality of Service Mirror Port mirroring Config Load Save of configuration via TFTP Firmware Download of...

Page 357: ...Port list or all default All ports Example To display system information MGSD 10080F System configuration System Contact System Name MGSD 10080F System Location MAC Address 00 30 4f 16 81 68 Temperature 27 0 C 80 6 F System Time 1970 01 01 Thu 03 28 50 00 00 System Uptime 03 28 50 Software Version 1 0b121221 Software Date 2012 12 21T14 58 31 0800 Previous Restart Cold Power Status PWR1 ON PWR2 OFF...

Page 358: ...User s Manual of MGSD 10080F 358 ...

Page 359: ... Log Server Address System Log Level Info MGSD 10080F System Timezone Configuration Description Show System Timezone configuration Syntax System Timezone Configuration System Version Description Show system version information Syntax System Version Example To display system version MGSD 10080F System version Version 1 0b121221 Build Date 2012 12 21T14 58 31 0800 MGSD 10080F ...

Page 360: ...able Example To show the log server mode MGSD 10080F System log server mode System Log Server Mode Disabled System Name Description Set or show the system name Syntax System Name name Parameters name System name string 1 255 Use to clear the string System name is a text string drawn from the alphabet A Za z digits 0 9 minus sign No blank or space characters are permitted as part of a name The firs...

Page 361: ...ow the system contact Syntax System Contact contact clear Parameters contact System contact string 1 255 Use clear or to clear the string In CLI No blank or space characters are permitted as part of a contact clear Clear system contact Default Setting empty System Log Server Address Description Show or set the system log server address Syntax System Log Server Address ip_addr_string Parameters ip_...

Page 362: ...ription Set or show the system timezone acronym Syntax System Timezone Acronym acronym Parameters acronym Time zone acronym 0 16 characters Default Setting empty System DST Configuration Description Show Daylight Saving Time configuration Syntax System DST Configuration System Location Description Set or show the system location Syntax System Location location ...

Page 363: ...F System location MyOffice System Log Level Description Show or set the system log level It uses to determine what kind of message will send to syslog server Syntax System Log Level info warning error Parameters info Send informations warnings and errors warning Send warnings and errors error Send errors Default Setting info Example To set log level MGSD 10080F log level warning System DST Mode De...

Page 364: ...ed System DST Start Description Set or show the daylight saving time start time settings Syntax System DST start week day month date year hour minute Parameters week Week 1 5 0 ignored day Day 1 7 0 ignored month Month 1 12 0 ignored date Date 1 31 0 ignored year Year 2000 2097 hour Hour 0 23 minute Minutes 0 59 System Log Lookup Description Show the system log Syntax System Log Lookup log_id all ...

Page 365: ...x System DST end week day month date year hour minute Parameters week Week 1 5 0 ignored day Day 1 7 0 ignored month Month 1 12 0 ignored date Date 1 31 0 ignored year Year 2000 2097 hour Hour 0 23 minute Minutes 0 59 System Log Clear Description Clear the system log Syntax System Log Clear all info warning error Parameters all Show all levels default info Show informations warning Show warnings e...

Page 366: ...t or show the daylight saving time offset Syntax System DST Offset dst_offset Parameters dst_offset DST offset in minutes 1 to 1440 System Restore Default Description Restore factory default configuration Syntax System Restore Default keep_ip Parameters keep_ip Keep IP configuration default Restore full configuration Example To restore default value but not reset IP address MGSD 10080F system rest...

Page 367: ... 10080F 367 System Load Description Show current CPU load 100ms 1s and 10s running average in percent zero is idle Syntax System Load Example To show current CPU load MGSD 10080F system load Load average 100ms 1s 10s 1 1 1 ...

Page 368: ...ation IP Configuration DHCP Client Disabled IP Address 192 168 0 101 IP Mask 255 255 255 0 IP Router 192 168 0 253 DNS Server 0 0 0 0 VLAN ID 1 DNS Proxy Disabled IPv6 AUTOCONFIG mode Disabled IPv6 Link Local Address fe80 6082 cdb9 19ab c0e2 IPv6 Address 192 168 0 100 IPv6 Prefix 96 IPv6 Router IP DHCP Description Set or show the DHCP client mode Syntax IP DHCP enable disable ...

Page 369: ...yntax IP Setup ip_addr ip_mask ip_router vid Parameters ip_addr IP address a b c d default Show IP address ip_mask IP subnet mask a b c d default Show IP mask ip_router IP router a b c d default Show IP router vid VLAN ID 1 4095 default Show VLAN ID Default Setting IP Address 192 168 0 100 IP Mask 255 255 255 0 IP Router 192 168 0 1 DNS Server 0 0 0 0 VLAN ID 1 Example Set IP address MGSD 10080F i...

Page 370: ...g_length Ping ICMP data length 2 1452 Default is 56 excluding MAC IP and ICMP headers count PING Count keyword ping_count Transmit ECHO_REQUEST packet count 1 60 Default is 5 interval PING Interval keyword ping_interval Ping interval 0 30 Default is 0 IP DNS Description Set or show the DNS server address Syntax IP DNS ip_addr Parameters ip_addr IP address a b c d default Showdne IP address Default...

Page 371: ...roxy Default Setting disable Example Enable DNS proxy function MGSD 10080F ip dns_proxy enable IPv6 AUTOCINFIG Description Set or show the IPv6 AUTOCONFIG mode Syntax IP IPv6 AUTOCONFIG enable disable Parameters enable Enable IPv6 AUTOCONFIG mode disable Disable IPv6 AUTOCONFIG mode Default Setting disable Example Enable IPv6 autoconfig function MGSD 10080F ip ipv6 autoconfig enable ...

Page 372: ...refix IPv6 subnet mask default Show IPv6 prefix ipv6_router IPv6 router default Show IPv6 router IPv6 address is in 128 bit records represented as eight fields of up to four hexadecimal digits with a colon separates each field For example fe80 215 c5ff fe03 4dc7 The symbol is a special syntax that can be used as a shorthand way of representing multiple 16 bit groups of contiguous zeros but it can ...

Page 373: ... ping_length Count ping_count Interval ping_interval Parameters ipv6_addr IPv6 host address IPv6 address is in 128 bit records represented as eight fields of up to four hexadecimal digits with a colon separates each field For example four hexadecimal digits with a colon separates each field For example fe80 215 c5ff fe03 4dc7 The symbol is a special syntax that can be used as a shorthand way of re...

Page 374: ... string 1 pool ntp org 2 europe pool ntp org 3 north america pool ntp org 4 asia pool ntp org 5 oceania pool ntp org IP NTP Mode Description Set or show the NTP mode Syntax IP NTP Mode enable disable Parameters enable Enable NTP mode disable Disable NTP mode default Show NTP mode Default Setting disable Example Enable NTP mode MGSD 10080F ip ntp mode enable ...

Page 375: ...Server Ipv6 Add server_index server_ipv6 Parameters server_index The server index 1 5 server_ipv6 IPv6 server address IPv6 address is in 128 bit records represented as eight fields of up to four hexadecimal digits with a colon separates each field For example fe80 215 c5ff fe03 4dc7 The symbol is a special syntax that can be used as a shorthand way of representing multiple 16 bit groups of contigu...

Page 376: ...SD 10080F 376 IP NTP Server Delete Description Delete NTP server entry Syntax IP NTP Server Delete server_index Parameters server_index The server index 1 5 Example To delete NTP server MGSD 10080F ip ntp server delete 1 ...

Page 377: ...all ports Example Display port1 4 status MGSD 10080F port configuration 1 4 Port Configuration Port State Mode Flow Control MaxFrame Power Excessive Link 1 Enabled Auto Disabled 9600 Disabled Discard Down 2 Enabled Auto Disabled 9600 Disabled Discard Down 3 Enabled Auto Disabled 9600 Disabled Discard Down 4 Enabled Auto Disabled 9600 Disabled Discard Down Port Mode Description Set or show the port...

Page 378: ...ed and current mode Default Setting Auto Example Set 10Mbps half duplex speed for port1 MGSD 10080F port mode 1 10hdx Port Flow Control Description Set or show the port flow control mode Syntax Port Flow Control port_list enable disable Parameters port_list Port list or all default All ports enable Enable flow control disable Disable flow control default Show flow control mode Default Setting Disa...

Page 379: ...ult Show administrative mode Default Setting Enable Example Disable port1 MGSD 10080F port state 1 disable Port Maximum Frame Description Set or show the port maximum frame size Syntax Port MaxFrame port_list max_frame Parameters port_list Port list or all default All ports max_frame Port maximum frame size 1518 9600 default Show maximum frame size Default Setting 9600 Example Set 2048 frame size ...

Page 380: ...able ActiPHY power control dynamic Enable Dynamic power control Default Setting disable Example Disable port power function for port1 4 MGSD 10080F port power 1 4 enable Port Excessive Description Set or show the port excessive collision mode Syntax Port Excessive port_list discard restart Parameters port_list Port list or all default All ports discard Discard frame after 16 collisions restart Res...

Page 381: ...following values clear Clear port statistics packets Show packet statistics bytes Show byte statistics errors Show error statistics discards Show discard statistics filtered Show filtered statistics 0 7 Show priority statistics default Show all port statistics up Show ports which are up down Show ports which are down default Show all ports Port VeriPHY Description Run cable diagnostics Syntax Port...

Page 382: ...mple Show SFP information for port9 10 MGSD 10080F port sfp Port Type Speed Wave Length nm Distance m 9 1000Base LX 1000 Base 1310 10000 10 1000Base LX 1000 Base 1310 10000 Port Description Description Set or show Port Description Syntax Port Description port_list descr_text Parameters port_list Port list or all default All ports descr_text Text of port description ...

Page 383: ...tion Syntax MAC Configuration port_list Parameters port_list Port list or all default All ports Example Show Mac address state MGSD 10080F mac configuration MAC Configuration MAC Address 00 30 4f 24 04 d1 MAC Age Time 300 Port Learning 1 Auto 2 Auto 3 Auto 4 Auto 5 Auto 6 Auto 7 Auto 8 Auto 9 Auto 10 Auto MAC Add Description ...

Page 384: ...d Mac address 00 30 4F 01 01 02 in port1 and vid1 MGSD 10080F mac add 00 30 4f 01 01 02 1 1 MAC Delete Description Delete MAC address entry Syntax MAC Delete mac_addr vid Parameters mac_addr MAC address xx xx xx xx xx xx vid VLAN ID 1 4095 default 1 Example Delete Mac address 00 30 4F 01 01 02 in vid1 MGSD 10080F mac delete 00 30 4f 01 01 02 1 MAC Lookup Description Lookup MAC address entry Syntax...

Page 385: ...ge Time Description Set or show the MAC address age timer Syntax MAC Agetime age_time Parameters age_time MAC address age time 0 10 1000000 0 disable default Show age time Default Setting 300 Example Set agetime value in 30 MGSD 10080F mac agetime 30 MAC Learning Description Set or show the port learn mode Syntax MAC Learning port_list auto disable secure Parameters port_list Port list or all defa...

Page 386: ...rs mac_max Maximum number of MAC addresses 1 8192 default Show all addresses mac_addr First MAC address xx xx xx xx xx xx default MAC address zero vid First VLAN ID 1 4095 default 1 Example Show all of MAC table MGSD 10080F mac dump Type VID MAC Address Ports Static 1 00 30 4f 16 81 68 None CPU Dynamic 1 00 e0 4c 69 60 84 1 Static 1 33 33 00 00 00 01 1 2 4 10 CPU Static 1 33 33 00 00 00 02 1 2 4 1...

Page 387: ...port_list Parameters port_list Port list or all default All ports Example Set all of MAC statistics MGSD 10080F mac statistics Port Dynamic Addresses 1 1 2 0 3 0 4 0 5 0 6 0 7 0 8 0 9 0 10 0 Total Dynamic Addresses 1 Total Static Addresses 6 MGSD 10080F MAC Flush Description Flush all learned entries Syntax MAC Flush ...

Page 388: ...ort_list Parameters port_list Port list or all default All ports Example Show VLAN status of port1 MGSD 10080F vlan configuration 1 VLAN Configuration Mode IEEE 802 1Q Port PVID IngrFilter FrameType LinkType Q in Q Mode Eth type 1 1 Disabled All UnTag Disable N A VID VLAN Name Ports 1 default 1 10 VID VLAN Name Ports VLAN forbidden table is empty ...

Page 389: ...ow port VLAN ID Default Setting 1 Example Set PVID2 for port10 MGSD 10080F vlan pvid 10 2 VLAN Frame Type Description Set or show the port VLAN frame type Syntax VLAN FrameType port_list all tagged Parameters port_list Port list or all default All ports all Allow tagged and untagged frames tagged Allow tagged frames only default Show accepted frame types Default Setting All Example Set port10 that...

Page 390: ...ll default All ports enable Enable VLAN ingress filtering disable Disable VLAN ingress filtering default Show VLAN ingress filtering Default Setting Disable Example Enable VLAN ingress filtering for port10 MGSD 10080F vlan ingressfilter 10 enable VLAN Mode Description Set or show the VLAN Mode Syntax VLAN Mode portbased dot1q Parameters portbased Port Based VLAN Mode dot1q 802 1Q VLAN Mode default...

Page 391: ...LinkType port_list untagged tagged Parameters port_list Port list or all default All ports untagged VLAN Link Type Tagged tagged VLAN Link Type Untagged default Show VLAN link type Default Setting Un tagged Example Enable tagged frame for port2 MGSD 10080F vlan linktype 2 tagged VLAN Q in Q Mode Description Set or show the port Q in Q mode Syntax VLAN QinQ port_list disable man customer ...

Page 392: ...ription Set or show out layer VLAN tag ether type in Q in Q VLAN mode Syntax VLAN Ethtype port_list man dot1q Parameters port_list Port list or all default All ports man Set out layer VLAN tag ether type MAN dot1q Set out layer VLAN tag ether type 802 1Q default Show VLAN out layer VLAN tag ether type Default Setting N A Example Set out layer VLAN tag Ethernet type for port 10 in man Ethernet type...

Page 393: ...le untag VID function Default Setting N A VLAN Add Description Add or modify VLAN entry Syntax VLAN Add vid name port_list Parameters vid name VLAN ID 1 4095 or VLAN Name port_list Port list or all default All ports Default Setting 1 Example Add port1 to port4 in VLAN10 MGSD 10080F vlan add 10 1 4 VLAN Forbidden Add Description Add or modify VLAN entry in forbidden table Syntax VLAN Forbidden Add ...

Page 394: ...orbidden add 10 1 4 VLAN Delete Description Delete VLAN entry Syntax VLAN Delete vid name Parameters vid name VLAN ID 1 4095 or VLAN Name Example Delete VLAN10 MGSD 10080F vlan delete 10 VLAN Forbidden Delete Description Delete VLAN entry Syntax LAN Forbidden Delete vid name Parameters vid name VLAN ID 1 4095 or VLAN Name Example Forbidden delete VLAN10 MGSD 10080F vlan forbidden delete 10 ...

Page 395: ...name name combined static nas mvr voice_vlan all Parameters vid VLAN ID 1 4095 default Show all VLANs name VLAN name string name VLAN name Maximum of 32 characters VLAN Name can only contain alphabets or numbers VLAN name should contain atleast one alphabet combined Shows All the Combined VLAN database static Shows the VLAN entries configured by the administrator nas Shows the VLANs configured by ...

Page 396: ...bets or numbers VLAN name should contain atleast one alphabet vid VLAN ID 1 4095 Example Add VLAN name for VLAN 1 MGSD 10080F vlan name add test 1 VLAN Name Delete Description Delete VLAN Name to VLAN ID Mapping Syntax VLAN Name Delete name Parameters name VLAN name Maximum of 32 characters VLAN Name can only contain alphabets or numbers VLAN name should contain atleast one alphabet Example Delete...

Page 397: ...lookup VLAN NAME vid test 1 VLAN Status Description VLAN Port Configuration Status Syntax VLAN Status port_list combined static nas mvr voice_vlan mstp all conflicts Parameters port_list Port list or all default All ports combined combined VLAN Users configuration static static port configuration nas NAS port configuration mvr MVR port configuration voice_vlan Voice VLAN port configuration mstp MS...

Page 398: ...how VLAN configuration of port10 MGSD 10080F status 1 Port VLAN User PortType PVID Frame Type Ing Filter Tx Tag UVID Conflicts 1 Static Unaware 1 All Disabled Untag This 1 NAS No MVR No Voice VLAN No MSTP No Combined Unaware 1 All Disabled Untag This 1 No ...

Page 399: ...yntax PVLAN Configuration port_list Parameters port_list Port list or all default All ports Example Show private VLAN configuration MGSD 10080F pvlan configuration Private VLAN Configuration Port Isolation 1 Disabled 2 Disabled 3 Disabled 4 Disabled 5 Disabled 6 Disabled 7 Disabled 8 Disabled 9 Disabled 10 Disabled PVLAN ID Ports 1 1 10 ...

Page 400: ...number range port_list Port list or all default All ports Example Add port1 to port4 in PVLAN10 MGSD 10080F pvlan add 10 1 4 PVLAN Delete Description Delete Private VLAN entry Syntax PVLAN Delete pvlan_id Parameters pvlan_id Private VLAN ID The allowed range for a Private VLAN ID is the same as the switch port number range Example Delete PVLAN10 MGSD 10080F pvlan delete 10 PVLAN Lookup Description...

Page 401: ...kup PVLAN MGSD 10080F pvlan lookup PVLAN ID Ports 1 1 10 PVLAN Isolate Description Set or show the port isolation mode Syntax PVLAN Isolate port_list enable disable Parameters port_list Port list or all default All ports enable Enable port isolation disable Disable port isolation default Show port isolation port list Default Setting disable Example Enable isolate for port10 MGSD 10080F pvlan isola...

Page 402: ...tion User Name Privilege Level admin 15 Security Switch User Add Description Add or modify users entry Syntax Security Switch Users Add user_name password privilege_level Parameters user_name A string identifying the user name that this entry should belong to The allowed string length is 1 32 The valid user name is a combination of letters numbers and underscores password The password for this use...

Page 403: ...that this entry should belong to The allowed string length is 1 32 The valid user name is a combination of letters numbers and underscores Example Delete test account MGSD 10080F security switch users delete user Security Switch Privilege Level Configuration Description Show privilege configuration Syntax Security Switch Privilege Level Configuration Security Switch Privilege Level Group Descripti...

Page 404: ...1 15 Example Change privilege level of MVR group MGSD 10080F security switch privilege level group mvr 15 15 15 15 Security Switch Privilege Level Current Description Show the current privilege level Syntax Security Switch Privilege Level Current Default Setting 15 Security Switch Auth Configuration Description Show Auth configuration Syntax Security Switch Auth Configuration Example Show authenti...

Page 405: ...ngs for telnet ssh Settings for ssh web Settings for web default Set or show the specific client authentication method none Authentication disabled local Use local authentication radius Use remote RADIUS authentication tacacs Use remote TACACS authentication default Show client authentication method enable Enable local authentication if remote authentication fails disable Disable local authenticat...

Page 406: ...figuration MGSD 10080F security switch ssh configuration SSH Configuration SSH Mode Enable Security Switch SSH Mode Description Set or show the SSH mode Syntax Security Switch SSH Mode enable disable Parameters enable Enable SSH disable Disable SSH default Show SSH mode Default Setting enable Example Enable SSH function MGSD 10080F security switch ssh mode enable ...

Page 407: ... security switch https configuration HTTPS Configuration HTTPS Mode Enable HTTPS Redirect Mode Disabled Security Switch HTTPs Mode Description Set or show the HTTPS mode Syntax Security Switch HTTPS Mode enable disable Parameters enable Enable HTTPs disable Disable HTTPs default Show HTTPs mode Default Setting Enable Example Enable HTTPs function MGSD 10080F security switch https mode enable ...

Page 408: ...Disable HTTPs redirect default Show HTTPs redirect mode Default Setting disable Example Enable HTTPs redirect function MGSD 10080F security switch https redirect enable Security Switch Access Configuration Description Show access management configuration Syntax Security Switch Access Configuration Example Show access management configuration MGSD 10080F security switch access configuration Access ...

Page 409: ...le Security Switch Access Add Description Add access management entry default Add all supported protocols Syntax Security Switch Access Add access_id start_ip_addr end_ip_addr web snmp telnet Parameters access_id entry index 1 16 start_ip_addr Start IP address a b c d end_ip_addr End IP address a b c d web Indicates that the host can access the switch from HTTP HTTPS snmp Indicates that the host c...

Page 410: ...ce It also used a following legally IPv4 address For example 192 1 2 34 end_ipv6_addr End IPv6 address IPv6 address is in 128 bit records represented as eight fields of up to four hexadecimal digits with a colon separates each field For example fe80 215 c5ff fe03 4dc7 The symbol is a special syntax that can be used as a shorthand way of representing multiple 16 bit groups of contiguous zeros but i...

Page 411: ...tch Access Lookup Description Lookup access management entry Syntax Security Switch Access Lookup access_id Parameters access_id entry index 1 16 Example Lookup access management entry MGSD 10080F security switch access lookup 1 Security Switch Access Clear Description Clear access management entry Syntax Security Switch Access Clear Example Clear access management entry MGSD 10080F security switc...

Page 412: ...GSD 10080F security switch access statistics Access Management Statistics HTTP Receive 0 Allow 0 Discard 0 HTTPS Receive 0 Allow 0 Discard 0 SNMP Receive 0 Allow 0 Discard 0 TELNET Receive 0 Allow 0 Discard 0 SSH Receive 0 Allow 0 Discard 0 Security Switch SNMP Configuration Description Show SNMP configuration Syntax Security Switch SNMP Configuration Security Switch SNMP Mode Description Set or s...

Page 413: ...ecurity Switch SNMP Version Description Set or show the SNMP protocol version Syntax Security Switch SNMP Version 1 2c 3 Parameters 1 SNMP version 1 2c SNMP version 2c 3 SNMP version 3 default Show SNMP version Default Setting 2c Example Set SNMP in version 3 MGSD 10080F security switch snmp version 3 Security Switch SNMP Read Community Description Set or show the community string for SNMP read ac...

Page 414: ...read community private Security Switch SNMP Write Community Description Set or show the community string for SNMP write access Syntax Security Switch SNMP Write Community community Parameters community Community string Use clear or to clear the string default Show SNMP write community Default Setting private Example Set public value in SNMP write community MGSD 10080F security switch snmp write co...

Page 415: ...able SNMP trap mode MGSD 10080F security switch snmp trap mode enable Security Switch SNMP Trap Version Description Set or show the SNMP trap protocol version Syntax Security Switch SNMP Trap Version 1 2c 3 Parameters 1 SNMP version 1 2c SNMP version 2c 3 SNMP version 3 default Show SNMP trap version Default Setting 1 Example Set SNMP trap version in version 2c MGSD 10080F security switch snmp tra...

Page 416: ...Example Set private value for SNMP trap community MGSD 10080F security switch snmp trap community private Security Switch SNMP Trap Destination Description Set or Show the SNMP trap destination address Syntax Security Switch SNMP Trap Destination ip_addr_string Parameters ip_addr_string IP host address a b c d or a host name string Example Set SNMP trap destination address for 192 168 0 20 MGSD 10...

Page 417: ...uous zeros but it can only appear once It also used a following legally IPv4 address For example 192 1 2 34 Example Set SNMP trap IPv6 destination address for 2001 0001 MGSD 10080F security switch snmp trap ipv6 destination 2001 0001 Security Switch SNMP Trap Authentication Failure Description Set or show the SNMP authentication failure trap mode Syntax Security Switch SNMP Trap Authentication Fai...

Page 418: ...rap link up and link down mode Default Setting enable Example Disable SNMP trap link up MGSD 10080F security switch snmp trap link up disable Security Switch SNMP Trap Inform Mode Description Set or show the SNMP trap inform mode Syntax Security Switch SNMP Trap Inform Mode enable disable Parameters enable Enable SNMP trap inform disable Disable SNMP trap inform default Show SNMP inform mode Defau...

Page 419: ...ting 1 Example Set SNMP trap inform timeout in 20sec MGSD 10080F security switch snmp trap inform timeout 20 Security Switch SNMP Trap Inform Retry Times Description Set or show the SNMP trap inform retry times Syntax Security Switch SNMP Trap Inform Retry Times retries Parameters retries SNMP trap inform retransmited times 0 255 default Show SNMP trap inform retry times Default Setting 5 Example ...

Page 420: ...engine ID probe mode Default Setting enable Example Disable SNMP trap probe security engine ID MGSD 10080F security switch snmp trap probe security engine id disable Security Switch SNMP Trap Security Engine ID Description Set or show SNMP trap security engine ID Syntax Security Switch SNMP Trap Security Engine ID engineid Parameters engineid Engine ID the format may not be all zeros or all ff H a...

Page 421: ... characters from 33 to 126 Example Set the SNMP trap security name MGSD 10080F security switch snmp trap security name 12345678 Security Switch SNMP Engine ID Description Set or show SNMPv3 local engine ID Syntax Security Switch SNMP Engine ID engineid Parameters engineid Engine ID the format may not be all zeros or all ff H and is restricted to 5 32 octet string Default Setting 800007e5017f000001...

Page 422: ... mask Example Add SNMPv3 community entry MGSD 10080F security switch snmp community add public 192 168 0 20 255 255 255 0 Security Switch SNMP Community Delete Description Delete SNMPv3 community entry Syntax Security Switch SNMP Community Delete index Parameters index entry index 1 64 Example Delete SNMPv3 community entry MGSD 10080F security switch snmp community delete 3 Security Switch SNMP Co...

Page 423: ... name of None is reserved The allowed string length is 1 32 and the allowed content is ASCII characters from 33 to 126 md5 An optional flag to indicate that this user using MD5 authentication protocol The allowed length is 8 32 and the allowed content is ASCII characters from 33 to 126 sha An optional flag to indicate that this user using SHA authentication protocol The allowed length is 8 40 and ...

Page 424: ...ineid user_name auth_password priv_password Parameters engineid Engine ID the format may not be all zeros or all ff H and is restricted to 5 32 octet string user_name A string identifying the user name that this entry should belong to The name of None is reserved The allowed string length is 1 32 and the allowed content is ASCII characters from 33 to 126 auth_password A string identifying the auth...

Page 425: ...ch SNMP Group Add Description Add or modify SNMPv3 group entry The entry index key are security_model and security_name Syntax Security Switch SNMP Group Add security_model security_name group_name Parameters security_model v1 Reserved for SNMPv1 v2c Reserved for SNMPv2c usm User based Security Model USM security_name A string identifying the security name that this entry should belong to The allo...

Page 426: ...te SNMPv3 group entry Syntax Security Switch SNMP Group Delete index Parameters index entry index 1 64 Example Delete SNMPv3 group entry MGSD 10080F security switch snmp group delete 1 Security Switch SNMP Group Lookup Description Lookup SNMPv3 group entry Syntax Security Switch SNMP Group Lookup index Parameters index entry index 1 64 Example Lookup SNMPv3 group entry MGSD 10080F security switch ...

Page 427: ...view_name A string identifying the view name that this entry should belong to The allowed string length is 1 32 and the allowed content is ASCII characters from 33 to 126 included An optional flag to indicate that this view subtree should included excluded An optional flag to indicate that this view subtree should excluded oid_subtree The OID defining the root of the subtree to add to the named vi...

Page 428: ...index entry index 1 64 Example Lookup SNMPv3 view entry MGSD 10080F security switch snmp view lookup Idx View Name View Type OID Subtree 1 default_view included 1 2 snmpv3_viwe included 1 Number of entries 2 Security Switch SNMP Access Add Description Add or modify SNMPv3 access entry The entry index key are group_name security_model and security_level Syntax Security Switch SNMP Access Add group_...

Page 429: ...h this request may request the current values The name of None is reserved The allowed string length is 1 32 and the allowed content is ASCII characters from 33 to 126 write_view_name The name of the MIB view defining the MIB objects for which this request may potentially SET new values The name of None is reserved The allowed string length is 1 32 and the allowed content is ASCII characters from ...

Page 430: ...ny NoAuth NoPriv 2 default_rw_group any NoAuth NoPriv Number of entries 2 Security Switch RMON Statistics Add Description Add or modify RMON Statistics entry The entry index key is stats_id Syntax Security Switch RMON Statistics Add stats_id data_source Parameters stats_id Statistics ID 1 65535 data_source The OID that indicates that the ifIndex in ifEntry The value should be like 1 3 6 1 2 1 2 2 ...

Page 431: ... or modify RMON Hisotry entry The entry index key is history_id Syntax Security Switch RMON History Add history_id data_source interval buckets Parameters history_id History ID 1 65535 data_source The OID that indicates that the ifIndex in ifEntry The value should be like 1 3 6 1 2 1 2 2 1 1 xxx interval Sampling interval 1 3600 default 1800 buckets The maximum data entries associated this History...

Page 432: ...ity Switch RMON Alarm Add alarm_id interval alarm_vairable absolute delta rising_threshold rising_event_index falling_threshold falling_event_index rising falling both Parameters alarm_id Alarm ID 1 65535 interval Sampling interval 1 2147483647 default 30 alarm_vairable The MIB OID that need to be referenced 1 3 6 1 2 1 2 2 1 10 xxx ifInOctets 1 3 6 1 2 1 2 2 1 11 xxx ifInUcastPkts 1 3 6 1 2 1 2 2...

Page 433: ...ng_threshold Falling threshold value 2147483648 2147483647 falling_event_index Falling event index 1 65535 rising Trigger alarm when the first value is larger than the rising threshold falling Trigger alarm when the first value is less than the falling threshold both Trigger alarm when the first value is larger than the rising threshold or less than the falling threshold default Security Switch RM...

Page 434: ...e the difference between samples default community Specify the community when trap is sent the string lengh is 0 127 default public description The string for describing this event the string lengh is 0 127 default null string Security Switch RMON Event Delete Description Delete RMON Event entry The entry index key is event_id Syntax Security Switch RMON Event Delete event_id Parameters event_id E...

Page 435: ...t All ports Example Show port security status MGSD 10080F security network psec switch Users L Limit Control 8 802 1X D DHCP Snooping V Voice VLAN Port Users State MAC Cnt 1 No users 0 2 No users 0 3 No users 0 4 No users 0 5 No users 0 6 No users 0 7 No users 0 8 No users 0 9 No users 0 10 No users 0 Security Network Psec Port Description Show MAC Addresses learned by Port Security Syntax ...

Page 436: ...1 MAC Address VID State Added Age Hold Time none Security Network Limit Configuration Description Show Limit Control configuration Syntax Security Network Limit Configuration port_list Parameters port_list Port list or all default All ports Example Show Limit Control configuration MGSD 10080F security network limit configuration Port Security Limit Control Configuration Mode Disabled Aging Disable...

Page 437: ...ty Network Limit Mode Description Set or show global enabledness Syntax Security Network Limit Mode enable disable Parameters enable Globally enable port security disable Globally disable port security default Show current global enabledness of port security limit control Default Setting disable Example Enable the limit mode MGSD 10080F security network limit mode enable Security Network Limit Agi...

Page 438: ...nable Security Network Limit Agetime Description Time in seconds between check for activity on learned MAC addresses Syntax Security Network Limit Agetime age_time Parameters age_time Time in seconds between checks for activity on a MAC address 10 10000000 seconds default Show current age time Default Setting 3600 Example Set age time in 100sec MGSD 10080F security network limit agetime 100 Securi...

Page 439: ...lt Setting disable Example Enable port limit for port 1 MGSD 10080F security network limit port 1 enable Security Network Limit Limit Description Set or show the max number of MAC addresses that can be learned on this set of ports Syntax Security Network Limit Limit port_list limit Parameters port_list Port list or all default All ports limit Max number of MAC addresses on this port default Show c...

Page 440: ...the limit none Don t do anything trap Send an SNMP trap shut Shutdown the port trap_shut Send an SNMP trap and shutdown the port default Show current action Default Setting none Example Set trap mode for limit action for port 1 MGSD 10080F security network limit action 1 trap Security Network Limit Reopen Description Reopen one or more ports whose limit is exceeded and shut down Syntax Security Ne...

Page 441: ... 10080F security network nas configuration 1 802 1X Configuration Mode Disabled Reauth Disabled Reauth Period 3600 EAPOL Timeout 30 Age Period 300 Hold Time 10 RADIUS QoS Disabled RADIUS VLAN Disabled Guest VLAN Disabled Guest VLAN ID 1 Max Reauth Count 2 Allow Guest VLAN if EAPOL Frame Seen Disabled Port Admin State Port State Last Source Last ID 1 Force Authorized Globally Disabled Security Netw...

Page 442: ...Description Set or show the port security state Syntax Security Network NAS State port_list auto authorized unauthorized single multi macbased Parameters port_list Port list or all default All ports auto Port based 802 1X Authentication authorized Port access is allowed unauthorized Port access is not allowed single Single Host 802 1X Authentication multi Multiple Host 802 1X Authentication macbas...

Page 443: ...on disable Disable reauthentication default Show current reauthentication mode Default Setting disable Example Enable reauthentication function MGSD 10080F security network nas reauthentication enable Security Network NAS ReauthPeriod Description Set or show either global enabledness use the global keyword or per port enabledness of RADIUS assigned VLAN Syntax Security Network NAS RADIUS_VLAN glob...

Page 444: ...rity network nas radius_vlan enable Security Network NAS EapolTimeout Description Set or show the time between EAPOL retransmissions Syntax Security Network NAS EapolTimeout eapol_timeout Parameters eapol_timeout Time between EAPOL retransmissions 1 65535 seconds default Show current EAPOL retransmission timeout Default Setting 30 Example Set the time between EAPOL retransmissions for 100sec MGSD ...

Page 445: ... Description Time in seconds before a MAC address that failed authentication gets a new authentication chance Syntax Security Network NAS Holdtime hold_time Parameters hold_time Hold time before MAC addresses that failed authentication expire default Show current hold time Default Setting 10 Example Set NAS hold time in 100sec MGSD 10080F security network nas holdtime 100 Security Network NAS RADI...

Page 446: ...IUS QoS MGSD 10080F security network nas radius_qos enable Security Network NAS RADIUS_VLAN Description Set or show either global enabledness use the global keyword or per port enabledness of RADIUS assigned VLAN Syntax Security Network NAS RADIUS_VLAN global port_list enable disable Parameters global Select the global RADIUS assigned VLAN setting port_list Select the per port RADIUS assigned VLAN...

Page 447: ...y or on one or more ports default Show current Guest VLAN enabledness vid Guest VLAN ID used when entering the Guest VLAN Use the global keyword to change it default Show current Guest VLAN ID reauth_max The value can only be set if you use the global keyword in the beginning of the command The number of times a Request Identity EAPOL frame is sent without reasponse before considering entering the...

Page 448: ...10080F security network nas authenticate 1 now Security Network NAS Statistics Description Show or clear 802 1X statistics Syntax Security Network NAS Statistics port_list clear eapol radius Parameters port_list Port list or all default All ports clear Clear statistics eapol Show EAPOL statistics radius Show Backend Server statistics default Show all statistics Example Show 802 1X statistics in po...

Page 449: ...Configuration Syntax Security Network ACL Configuration port_list Parameters port_list Port list or all default All ports Security Network ACL Action Description Set or show the ACL port default action Syntax Security Network ACL Action port_list permit deny rate_limiter port_copy logging shutdown Parameters port_list Port list or all default All ports permit Permit forwarding default deny Deny fo...

Page 450: ...Disabled Disabled Disabled Disabled Disabled 0 Security Network ACL Policy Description Set or show the ACL port policy Syntax Security Network ACL Policy port_list policy Parameters port_list Port list or all default All ports policy Policy number 1 8 Default Setting 1 Example Set ACL policy 2 for port 1 MGSD 10080F security network acl policy 1 2 Security Network ACL Rate Description Set or show ...

Page 451: ...the ACE will be placed last in the list If the Switch keyword is used the rule applies to all ports If the Port keyword is used the rule applies to the specified port only If the Policy keyword is used the rule applies to all ports configured with the specified policy The default is that the rule applies to all ports Syntax Security Network ACL Add ace_id ace_id_next switch port port_list policy p...

Page 452: ... flags request smac tmac len ip ether 0 1 any ip IP keyword protocol IP protocol number 0 255 or any ip_flags IP flags ttl options fragment 0 1 any icmp ICMP keyword icmp_type ICMP type number 0 255 or any icmp_code ICMP code number 0 255 or any udp UDP keyword sport Source UDP TCP port range 0 65535 or any dport Destination UDP TCP port range 0 65535 or any tcp TCP keyword tcp_flags TCP flags fin...

Page 453: ...curity Network ACL Lookup Description Show ACE default All ACEs Syntax Security Network ACL Lookup ace_id Parameters ace_id ACE ID 1 256 Example Lookup ACE 1 MGSD 10080F security network acl lookup 1 Security Network ACL Clear Description Clear all ACL counters Syntax Security Network ACL Clear Example Clear all ACL counters MGSD 10080F security network acl clear ...

Page 454: ...status by DHCP upnp Shows the status by UPnP arp_inspection Shows the status by ARP Inspection ip_source_guard Shows the status by IP Source Guard conflicts Shows all conflict status default Shows the combined status Example Show ACL status MGSD 10080F security network acl status Security Network ACL Port State Description Set or show the ACL port state Syntax Security Network ACL Port State port_...

Page 455: ...ode Disabled DHCP Relay Information Policy replace Security Network DHCP Relay Mode Description Set or show the DHCP relay mode Syntax Security Network DHCP Relay Mode enable disable Parameters enable Enable DHCP relaly mode When enable DHCP relay mode operation the agent forward and to transfer DHCP messages between the clients and the server when they are not on the same subnet domain And the DH...

Page 456: ...y Network DHCP Relay Information Mode Description Set or show DHCP relay agent information option mode When enable DHCP relay information mode operation the agent insert specific information option 82 into a DHCP message when forwarding to DHCP server and remote it from a DHCP message when transferring to DHCP client It only works under DHCP relay operation mode enabled Syntax Security Network DHC...

Page 457: ...keep drop Parameters replace Replace the original relay information when receive a DHCP message that already contains it keep Keep the original relay information when receive a DHCP message that already contains it drop Drop the package when receive a DHCP message that already contains relay information default Show DHCP relay information policy Default Setting replace Example Keep the original re...

Page 458: ...y Network DHCP Snooping Mode Description Set or show the DHCP snooping mode Syntax Security Network DHCP Snooping Mode enable disable Parameters enable Enable DHCP snooping mode When enable DHCP snooping mode operation the request DHCP messages will be forwarded to trusted ports and only allowed reply packets from trusted ports disable Disable DHCP snooping mode default Show flow DHCP snooping mod...

Page 459: ...f the DHCP message default Show flow DHCP snooping port mode Default Setting trusted Example Set untrusted DHCP snooping port mode in port 1 MGSD 10080F security network dhcp snooping port mode 1 untrusted Security Network DHCP Snooping Statistics Description Show or clear DHCP snooping statistics Syntax Security Network DHCP Snooping Statistics port_list clear Parameters port_list Port list or al...

Page 460: ...0 Rx Lease Unknown 0 Tx Lease Unknown 0 Rx Lease Active 0 Tx Lease Active 0 Security Network IP Source Guard Configuration Description Show IP source guard configuration Syntax Security Network IP Source Guard Configuration Security Network IP Source Guard Mode Description Set or show IP source guard mode Syntax Security Network IP Source Guard Mode enable disable Parameters enable Enable IP Sourc...

Page 461: ...isable IP Source Guard port default Show IP Source Guard port mode Default Setting disable Example Enable IP source guard port mode for port1 4 MGSD 10080F security network ip source guard port mode 1 4 enable Security Network IP Source Guard Limit Description Set or show the IP Source Guard port limitation for dynamic entries Syntax Security Network IP Source Guard limit port_list dynamic_entry_l...

Page 462: ...uard static entry delete Delete existing port IP source guard static entry vid VLAN ID 1 4095 allowed_ip IP address a b c d IP address allowed for doing IP source guard allowed_mac MAC address xx xx xx xx xx xx MAC address allowed for doing IP source guard Example Add IP source guard static entry MGSD 10080F security network ip source guard entry 1 add 1 192 168 0 20 Security Network IP Source Gua...

Page 463: ... Translation Security Network ARP Inspection Configuration Description Show ARP inspection configuration Syntax Security Network ARP Inspection Configuration Example Show ARP inspection configuration MGSD 10080F security network arp inspection configuration Security Network ARP Inspection Mode Description Set or show ARP inspection mode Syntax Security Network ARP Inspection Mode enable disable Pa...

Page 464: ...ult All ports enable Enable ARP Inspection port disable Disable ARP Inspection port default Show ARP Inspection port mode Default Setting Disable Example Enable the ARP inspection mode of port 1 MGSD 10080F security network arp inspection port mode 1 Security Network ARP Inspection Entry Description Add or delete ARP inspection static entry Syntax Security Network ARP Inspection Entry port_list ad...

Page 465: ...f 00 00 11 192 168 0 11 Security Network ARP Inspection Status Description Show ARP inspection static and dynamic entries Syntax Security Network ARP Inspection Status port_list Parameters port_list Port list or all default All ports Example Show ARP inspection static and dynamic entries MGSD 10080F security network arp inspection status Security Network ARP Inspection Translation Description Tran...

Page 466: ...300 seconds RADIUS Authentication Server Configuration Server Mode IP Address Secret Port 1 Disabled 1812 2 Disabled 1812 3 Disabled 1812 4 Disabled 1812 5 Disabled 1812 RADIUS Accounting Server Configuration Server Mode IP Address Secret Port 1 Disabled 1813 2 Disabled 1813 3 Disabled 1813 4 Disabled 1813 5 Disabled 1813 TACACS Authentication Server Configuration Server Mode IP Address Secret Por...

Page 467: ...rver response timeout 3 3600 seconds default Show server timeout configuration Default Setting 15 Example Set 30sec for server timeout MGSD 10080F security aaa timeout 30 Security AAA Deadtime Description Set or show server dead time Syntax Security AAA Deadtime dead_time Parameters dead_time Time that a server is considered dead if it doesn t answer a request 0 3600 seconds default Show server de...

Page 468: ...S authentication server disable Disable RADIUS authentication server default Show RADIUS server mode ip_addr_string IP host address a b c d or a host name string secret Secret shared with external authentication server To set an empty secret use two quotes To use spaces in secret enquote the secret Quotes in the secret are not allowed server_port Server UDP port Use 0 to use the default RADIUS por...

Page 469: ... port Use 0 to use the default RADIUS port 1813 Example Set RADIUS accounting server configuration MGSD 10080F security acct_radius 1 enable 192 168 0 20 12345678 1813 Security AAA TACACS Description Set or show TACACS authentication server setup Syntax Security AAA TACACS server_index enable disable ip_addr_string secret server_port Parameters The server index 1 5 default Show TACACS authenticati...

Page 470: ...ion server configuration MGSD 10080F security aaa tacacs 1 enable 192 168 0 20 12345678 49 Security AAA Statistics Description Show RADIUS statistics Syntax Security AAA Statistics server_index Parameters The server index 1 5 default Show statistics for all servers Example Show RADIUS statistics MGSD 10080F security aaa statistics ...

Page 471: ...nfiguration MGSD 10080F stp cofiguration STP Configuration Protocol Version MSTP Max Age 20 Forward Delay 15 Tx Hold Count 6 Max Hop Count 20 BPDU Filtering Disabled BPDU Guard Disabled Error Recovery Disabled STP Version Description Set or show the STP Bridge protocol version Syntax STP Version stp_version Parameters stp_version mstp rstp stp Default Setting MSTP ...

Page 472: ...ge Transmit Hold Count parameter Syntax STP Txhold holdcount Parameters holdcount STP Transmit Hold Count 1 10 Default Setting 6 Example Set STP Tx hold in 10 MGSD 10080F stp txhold 10 STP MaxHops Description Set or show the MSTP Bridge Max Hop Count parameter Syntax STP MaxHops maxhops Parameters maxhops STP BPDU MaxHops 6 40 Default Setting 20 Example ...

Page 473: ...ameters max_age STP maximum age time 6 40 and max_age forward_delay 1 2 Default Setting 20 Example Set STP maximum age time in 10 MGSD 10080F stp maxage 10 STP FwdDelay Description Set or show the CIST MSTI bridge forward delay Syntax STP FwdDelay delay Parameters delay MSTP forward delay 4 30 and max_age forward_delay 1 2 Default Setting 15 Example Set STP forward delay value in 25 ...

Page 474: ... to 32 characters long Use quotes to embed spaces in name integer Integer value Default Setting Configuration name MAC address Configuration rev 0 Example Set MSTP configuration name and revision MGSD 10080F stp cname 9f_MGSD 10080F 1 STP BPDU Filter Description Set or show edge port BPDU Filtering Syntax STP bpduFilter enable disable Parameters enable disable enable or disable BPDU Filtering for ...

Page 475: ...rameters enable disable enable or disable BPDU Guard for Edge ports Default Setting Disable Example Set edge port BPDU guard MGSD 10080F stp bpduguard enable STP Recovery Description Set or show edge port error recovery timeout Syntax STP recovery timeout Parameters timeout Time before error disabled ports are reenabled 30 86400 seconds 0 disables default Show recovery timeout Default Setting Disa...

Page 476: ...rt_list Port list or all default All ports Default Setting Disable Example Show STP Bridge status MGSD 10080F stp status CIST Bridge STP Status Bridge ID 80 00 00 30 4F 24 04 D1 Root ID 80 00 00 30 4F 24 04 D1 Root Port Root PathCost 0 Regional Root 80 00 00 30 4F 24 04 D1 Int PathCost 0 Max Hops 20 TC Flag Steady TC Count 0 TC Last Port Port Role State Pri PathCost Edge P2P Uptime 10 DesignatedPo...

Page 477: ...priority STP bridge priority 0 16 32 48 224 240 Default 128 Example Set MST1 priority value in 48 MGSD 10080F stp msti priority 1 48 STP MSTI Map Description Show or clear MSTP MSTI VLAN mapping configuration Syntax STP Msti Map msti clear Parameters msti STP bridge instance no 0 7 CIST 0 MSTI1 1 Clear Clear VID to MSTI mapping Example Add MST1 priority value in 48 MGSD 10080F stp msti priority 1 ...

Page 478: ...dd MST1 in vlan1 MGSD 10080F stp msti add 1 1 STP Port Configuration Description Show STP Port configuration Syntax STP Port Configuration port_list Parameters port_list Port list or all Port zero means aggregations Example Show STP status of Port1 MGSD 10080F stp port configuration 1 Port Mode AdminEdge AutoEdge restrRole restrTcn Point2point 1 Disabled Disabled Enabled Disabled Disabled Auto ...

Page 479: ...col Disable Disable MSTP protocol Default disable Example Enable STP function on port1 MGSD 10080F stp port mode 1 enable STP Port Edge Description Set or show the STP adminEdge port parameter Syntax STP Port Edge port_list enable disable Parameters port_list Port list or all default All ports Enable Configure MSTP adminEdge to Edge Disable Configure MSTP adminEdge to Non edge Default disable Exam...

Page 480: ...orts Enable Enable MSTP autoEdge Disable Disable MSTP autoEdge Default enable Example Disable STP edge function on port1 MGSD 10080F stp port autoedge 1 disable STP Port P2P Description Set or show the STP point2point port parameter Syntax STP Port P2P port_list enable disable auto Parameters port_list Port list or all default All ports enable Enable MSTP point2point disable Disable MSTP point2poi...

Page 481: ...P Port RestrictedRole port_list enable disable Parameters port_list Port list or all default All ports enable Enable MSTP restricted role disable Disable MSTP restricted role Default disable Example Eisable STP restricted role on port1 MGSD 10080F stp port restrictedrole 1 enable STP Port RestrictedTcn Description Set or show the MSTP restrictedTcn port parameter Syntax STP Port RestrictedTcn port...

Page 482: ...0080F stp port restrictedtcn 1 enable STP Port bpduGuard Description Set or show the bpduGuard port parameter Syntax STP Port bpduGuard port_list enable disable Parameters port_list Port list or all default All ports enable Enable port BPDU Guard disable Disable port BPDU Guard Default disable Example Eisable BPDU guard on port1 MGSD 10080F stp port bpduguard 1 enable STP Port Statistic Descriptio...

Page 483: ... STP Rx TCN Tx TCN Rx Ill Rx Unk STP Port Mcheck Description Set the STP mCheck Migration Check variable for ports Syntax STP Port Mcheck port_list Parameters port_list Port list or all default All ports Example Set the STP mCheck Migration Check variable for port 1 MGSD 10080F stp port mcheck 1 STP MSTI Port Configuration Description Show the STP port instance configuration Syntax STP Msti Port C...

Page 484: ...bridge instance no 0 7 CIST 0 MSTI1 1 port_list Port list or all Port zero means aggregations path_cost STP port path cost 1 200000000 or auto Default auto Example Set MSTI7 in port1 MGSD 10080F stp msti port cost 7 1 MSTI Port Path Cost MST7 1 Auto STP MSTI Port Priority Description Set or show the STP port instance priority Syntax STP Msti Port Priority msti port_list priority Parameters msti ST...

Page 485: ...User s Manual of MGSD 10080F 485 port_list Port list or all Port zero means aggregations priority STP port priority 0 16 32 48 224 240 Default 128 ...

Page 486: ...guration Aggregation Add Description Add or modify link aggregation Syntax Aggr Add port_list aggr_id Parameters port_list Port list or all default All ports aggr_id Aggregation ID Example Add port 1 4 in Group1 MGSD 10080F aggr add 1 4 1 Aggregation Delete Description Delete link aggregation Syntax Aggr Delete aggr_id Parameters aggr_id Aggregation ID ...

Page 487: ...scription Set or show the link aggregation traffic distribution mode Syntax Aggr Mode smac dmac ip port enable disable Parameters smac Source MAC address dmac Destination MAC address ip Source and destination IP address port Source and destination UDP TCP port enable Enable field in traffic distribution disable Disable field in traffic distribution Default Setting SMAC Enabled DMAC Disabled IP Ena...

Page 488: ...User s Manual of MGSD 10080F 488 Example Disable SMAC mode MGSD 10080F Aggr mode smac disable ...

Page 489: ...All ports Example Show LACP configuration MGSD 10080F lacp configuration Port Mode Key Role 1 Disabled Auto Active 2 Disabled Auto Active 3 Disabled Auto Active 4 Disabled Auto Active 5 Disabled Auto Active 6 Disabled Auto Active 7 Disabled Auto Active 8 Disabled Auto Active 9 Disabled Auto Active 10 Disabled Auto Active LACP Mode Description Set or show LACP mode Syntax LACP Mode port_list enable...

Page 490: ...tting disable Example Enable LACP for port1 4 MGSD 10080F lacp mode 1 4 enable LACP Key Description Set or show the LACP key Syntax LACP Key port_list key Parameters port_list Port list or all default All ports key LACP key 1 65535 or auto Default Setting auto Example Set key1 for port1 4 MGSD 10080F lacp key 1 4 1 LACP Prio Description Set or show the LACP prio Syntax ...

Page 491: ...tion Set or show the LACP System prio Syntax LACP System Prio sysprio Parameters sysprio LACP System Prio 0 65535 Default Setting 32768 LACP Role Description Set or show the LACP role Syntax LACP Role port_list active passive Parameters port_list Port list or all default All ports active Initiate LACP negotiation passive Listen for LACP packets default Show LACP role Default Setting ...

Page 492: ...tus Syntax LACP Status port_list Parameters port_list Port list or all default All ports Example Show LACP status of port1 4 MGSD 10080F lacp status 1 4 Port Mode Key Aggr ID Partner System ID Partner Port 1 Disabled 1 2 Disabled 1 3 Disabled 1 4 Disabled 1 LACP Statistics Description Show LACP Statistics Syntax LACP Statistics port_list clear ...

Page 493: ...atistics 1 4 Port Rx Frames Tx Frames Rx Unknown Rx Illegal 1 0 0 0 0 2 0 0 0 0 3 0 0 0 0 4 0 0 0 0 LACP Timeout Description Set or show the LACP timeout Syntax LACP Timeout port_list fast slow Parameters port_list Port list or all default All ports fast Fast PDU transmissions fast timeout slow Slow PDU transmissions slow timeout default Show LACP timeout Default Setting fast ...

Page 494: ...4 LLDP Configuration Interval 30 Hold 3 Tx Delay 2 Reinit Delay 2 Port Mode Port Descr System Name System Descr System Capa Mgmt Addr CDP awareness 1 Enabled Enabled Enabled Enabled Enabled Enabled Disabled 2 Enabled Enabled Enabled Enabled Enabled Enabled Disabled 3 Enabled Enabled Enabled Enabled Enabled Enabled Disabled 4 Enabled Enabled Enabled Enabled Enabled Enabled Disabled LLDP Mode Descri...

Page 495: ...n Show or Set LLDP Optional TLVs Syntax LLDP Optional_TLV port_list port_descr sys_name sys_descr sys_capa mgmt_addr enable disable Parameters port_list Port list or all default All ports port_descr Description of the port sysm_name System name sys_descr Description of the system sys_capa System capabilities mgmt_addr Master s IP address default Show optional TLV s configuration enable Enables TLV...

Page 496: ...t_descr disable LLDP Interval Description Set or show LLDP Tx interval Syntax LLDP Interval interval Parameters interval LLDP transmission interval 5 32768 Default Setting 30 Example Set transmission interval in 10 MGSD 10080F lldp interval 10 LLDP Hold Description Set or show LLDP Tx hold value Syntax LLDP Hold hold Parameters hold LLDP hold value 2 10 Default Setting 3 ...

Page 497: ...n Set or show LLDP Tx delay Syntax LLDP Delay delay Parameters delay LLDP transmission delay 1 8192 Default Setting 2 Example Set LLDP delay value in 1 MGSD 10080F lldp delay 1 LLDP Reinit Description Set or show LLDP reinit delay Syntax LLDP Reinit reinit Parameters reinit LLDP reinit delay 1 10 Default Setting 2 ...

Page 498: ...cs Example Show LLDP Statistics of port 1 MGSD 10080F lldp statistics 1 LLDP global counters Neighbor entries was last changed at 18819 sec ago Total Neighbors Entries Added 0 Total Neighbors Entries Deleted 0 Total Neighbors Entries Dropped 0 Total Neighbors Entries Aged Out 0 LLDP local counters Rx Tx Rx Rx Rx TLV Rx TLV Rx TLV Port Frames Frames Errors Discards Errors Unknown Organz Aged 1 0 0 ...

Page 499: ...ery information from received CDP Cisco Discovery Protocol frames is added to the LLDP neighbor table Syntax LLDP cdp_aware port_list enable disable Parameters port_list Port list or all default All ports enable Enable CDP awareness CDP discovery information is added to the LLDP neighbor table disable Disable CDP awareness default Show CDP awareness configuration ...

Page 500: ...l default All ports Example Show LLDP MED configuration of port1 4 MGSD 10080F lldpmed configuration 1 4 LLDP MED Configuration Fast Start Repeast Count 4 Location Coordinates Latitude 0 0000 North Longitude 0 0000 East Altitude 0 0000 meter s Map datum WGS84 Civic Address Location Port Policies 1 none 2 none 3 none 4 none LLDP MED Civic Description Set or show LLDP MED Civic Address Location ...

Page 501: ...borhood block street Street leading_street_direction Leading street direction trailing_street_suffix Trailing street suffix str_suf Street Suffix house_no House Number house_no_suffix House number suffix landmark Landmark or vanity address additional_info Additional location information name Bame residence and office occupant zip_code Postal zip code building Building structure apartment Unit apar...

Page 502: ...guest_voice guest_voice_signaling softphone_voice video_conferencing streaming_video video_si gnaling tagged untagged vlan_id l2_priority dscp Parameters voice Voice for use by dedicated IP Telephony handsets and other similar appliances supporting interactive voice services These devices are typically deployed on a separate VLAN for ease of deployment and enhanced security by isolation from data ...

Page 503: ...ications supporting streaming video services that require specific network policy treatment Video applications relying on TCP with buffering would not be an intended use of this application type video_signaling Video Signaling conditional for use in network topologies that require a separate policy for the video signaling than for the video media tagged The device is using tagged frames unragged T...

Page 504: ...f the prime meridian altitude Altitude Meters or floors with max 4 digits default Show coordinate location configuration north south west east meters floor North North Valid for latitude South South Valid for latitude West West Valid for longitude East East Valid for longitude Meters Meters Valid for altitude Floor Floor Valid for altitude lldpmed Coordinate value coordinate_value lldpmed Coordina...

Page 505: ...MED Fast count Parameters count The number of times the fast start LLDPDU are being sent during the activation of the fast start mechanism defined by LLDP MED 1 10 LLDP MED Info Description Show LLDP MED neighbor device information Syntax LLDPMED Info port_list Parameters port_list Port list or all default All ports ...

Page 506: ...t or all default All ports Example Show EEE configuration of port1 4 MGSD 10080F eee configuration 1 4 EEE Configuration Port Mode Urgent queues 1 Disabled none 2 Disabled none 3 Disabled none 4 Disabled none EEE Mode Description Set or show the eee mode Syntax EEE Mode port_list enable disable Parameters port_list Port list or all default All ports enable Enable EEE ...

Page 507: ...Enable EEE mode for port1 4 MGSD 10080F eee mode enable 1 4 EEE Urgent Queues Description Set or show EEE Urgent queues Syntax EEE Urgent_queues port_list queue_list Parameters port_list Port list or all default All ports queue_list List of queues to configure as urgent queues 1 8 or none Default Setting None ...

Page 508: ...led_power delete_timer hour Parameters hour The hour 0 23 at which to change LEDs intensity LED Power Maintenance Description Set or show the maintenance settings Syntax led_power maintenance maintenance_time on_at_errors leave_at_errors Parameters maintenance_time Time in seconds 0 65535 that the LEDs shall be turned on when any port changes link state on_at_errors leave_at_errors on_at_error if ...

Page 509: ...User s Manual of MGSD 10080F 509 LED Power Configuration Description Show Led Power Reduction configuration Syntax led_power configuration ...

Page 510: ...all default All ports policer_id Policer ID 1 128 EVC Port DEI Description Set or show port DEI mode Syntax EVC Port DEI port_list dei_mode Parameters port_list Port list or all default All ports dei_mode DEI mode coloured fixed EVC Port Tag Description Set or show port tag match mode Syntax EVC Port Tag port_list tag_mode Parameters port_list Port list or all default All ports tag_mode Tag mode i...

Page 511: ...Set or show port L2CP mode Syntax EVC Port L2CP port_list l2cp_list mode Parameters port_list Port list or all default All ports l2cp_list L2CP ID list 0 31 BPDU range 0 15 GARP range 16 31 mode The mode takes the following values normal Default forwarding forward Forward redirect Redirect to CPU EVC Policer Description Set or show EVC bandwidth profile Syntax EVC Policer policer_id enable disable...

Page 512: ...it_preserve it_pcp it_dei outer ot_vid Parameters evc_id EVC ID 1 128 vid EVC VLAN ID ivid Internal VLAN ID nni_list NNI port list 1 10 or none learning Learning mode enable disable inner Inner tag action keyword it_type Inner tag type none c tag s tag s custom tag it_vid_mode Inner VID mode normal tunnel it_vid Inner tag VLAN ID 1 4095 it_preserve Inner tag preserved or fixed PCP DEI preserved fi...

Page 513: ...okup Description Lookup EVC Syntax EVC Lookup evc_id Parameters evc_id EVC ID 1 128 EVC Status Description Show EVC Status Syntax EVC Status evc_id Parameters evc_id EVC ID 1 128 EVC Statistics Description Show or clear EVC statistics Syntax EVC Statistics port_list class_list command Parameters ...

Page 514: ...ntax EVC ECE Add ece_id ece_id_next uni uni_list dmac_type smac tag tag_type vid pcp dei all ipv4 proto sip dscp fragment sport dport ipv6 proto sip_v6 dscp sport dport direction direction evc evc_id pop pop policy policy class class outer ot_mode ot_preserve ot_pcp ot_dei Parameters ece_id ECE ID 1 128 ece_id_next Next ECE ID 1 128 or last uni UNI keyword uni_list UNI port list 1 10 dmac_type DMA...

Page 515: ... 128 or none pop Pop keyword pop Tag pop count 0 1 2 policy Policy keyword policy ACL policy number 0 255 class Class keyword class QoS class disable or 0 7 outer Outer tag action keyword ot_mode Outer tag for nni to uni direction enable disable ot_preserve Outer tag preserved or fixed PCP DEI preserved fixed ot_pcp Outer tag PCP value 0 7 ot_dei Outer tag DEI value 0 1 EVC ECE Delete Description ...

Page 516: ...User s Manual of MGSD 10080F 516 Parameters ece_id ECE ID 1 128 EVC ECE Status Description Show ECE Status Syntax EVC ECE Status ece_id Parameters ece_id ECE ID 1 128 ...

Page 517: ...1f1 EPS architecture flow_w Working flow instance number flow_p Protecting flow instance number mep_w Working MEP instance number mep_p Protecting MEP instance number mep_aps APS MEP instance number enable disable enable disable protection EPS Config Description EPS config operation Syntax EPS config inst aps noaps revert norevert unidir bidir w0s w10s w30s w1m w5m w12m h0s h100ms h500ms h1s h2s h...

Page 518: ...value EPS Command Description EPS command set operation Syntax EPS command inst clear lockout forced manualp manualw exercise freeze lockoutlocal Parameters inst Instance number clear lockout forced manualp manualw exercise freeze lockoutlocal EPS protection command type clear is no command active EPS State Description Get protection state Syntax EPS state inst Parameters inst Instance number ...

Page 519: ...n port domain itu ieee is the MEG ID format meg is the MEG ID max 8 char in case of ieee 6 or 7 char in case of itu mep is the MEP ID Syntax MEP config inst mep mip ingress egress port domport domevc level itu ieee meg mep vid flow enable disable Parameters inst Instance number mep mip Mode of the MEP instance ingress egress Direction of the MEP instance port Port number domport domevc Flow domain...

Page 520: ...rity PCP of transmitted CCM frame 300s 100s 10s 1s 6m 1m 6h is the number of CCM frame pr second Syntax MEP cc config inst prio 300s 100s 10s 1s 6m 1m 6h enable disable Parameters inst Instance number prio OAM PDU priority 300s 100s 10s 1s 6m 1m 6h OAM period 100s 100 PDU pr second enable disable enable disable MEP Loss Measurement Configuration Description MEP Loss Measurement configuration prio ...

Page 521: ... Configuration Description MEP APS configuration prio is the priority PCP of transmitted APS frame uni multi is selecting uni cast or multi cast transmission of APS frame laps raps is selecting ELPS or ERPS protocol octet is the last octet in RAPS multicast MAC Syntax MEP aps config inst prio uni multi laps raps octet enable disable Parameters inst Instance number prio OAM PDU priority uni multi D...

Page 522: ...Configuration Description MEP AIS configuration prio is the priority PCP of transmitted AIS frame 1s 1m is the number of AIS frame pr second set clear is set or clear of protection usability If set the first 3 AIS frames are transmitted as fast as possible this gives protection reliability in the path end point Syntax MEP ais config inst prio 1s 1m set clear enable disable Parameters inst Instance...

Page 523: ...able MEP Link Trace Configuration Description MEP Link Trace configuration prio is the priority PCP of transmitted LTM frame mac_addr is the unicast MAC of target MEP MIP mep is the peer MEP ID of target MEP only used if mac_addr is all zero tll is the TLL in the transmitted LTM Syntax MEP lt config inst prio mac_addr mep ttl enable disable Parameters inst Instance number prio OAM PDU priority mac...

Page 524: ...x is a hexadecimal digit mep This MEP id 0 0x1FFF tosend Number of LBM to send size Size of LBM data field in bytes max 1400 gap Gap between LBM to send in 10ms max 100 0 is as fast as possible enable disable enable disable MEP Delay Measurement Configuration Description MEP Delay Measurement configuration prio is the priority PCP of transmitted DM frame uni multi is selecting uni cast or multi ca...

Page 525: ...p between 1DM DMM to send in 10ms 10 65535 count The number of last records to calculate 10 2000 us ns Time resolution keep reset The action to counter when overflow happens d2ford1 Enable to use DMM DMR packets to calculate one way DM enable disable enable disable MEP Test Signal Configuration Description MEP Test Signal configuration set clear is set or clear of DEI of transmitted LBM frame prio...

Page 526: ...e Size of TST data field in bytes max 1518 allzero allone onezero Data pattern to be filled in TST PDU enable disable enable disable MEP State Description MEP state get Syntax MEP state inst Parameters inst Instance number MEP Loss Measurement State Description MEP Loss Measurement state get Syntax MEP lm state inst Parameters inst Instance number MEP Loss Measurement State Clear Description MEP L...

Page 527: ...escription MEP Link Trace state get Syntax MEP lt state inst Parameters inst Instance number MEP Loop Back State Description MEP Loop Back state get Syntax MEP lb state inst Parameters inst Instance number MEP Delay Measurement State Description MEP Delay Measurement state get Syntax MEP dm state inst Parameters ...

Page 528: ...ar Syntax MEP dm clear inst Parameters inst Instance number MEP Test Signal State Description MEP Test Signal state get RX rate is shown in 100 Kbps Syntax MEP tst state inst Parameters inst Instance number MEP Test Signal State Clear Description MEP Test Signal state clear Syntax MEP tst clear inst Parameters inst Instance number ...

Page 529: ...rs port_list Port list or all default All ports QoS Port Classification Class Description Set or show the default QoS class Syntax QoS Port Classification Class port_list class Parameters port_list Port list or all default All ports class QoS class 0 7 Default Setting 0 Example Set default QoS class in 1 for port 1 MGSD 10080F qos Port Classification Class 1 1 ...

Page 530: ...Setting 0 Example Set the default Drop Precedence Level in 1 for port1 MGSD 10080F qos Port Classification dpl 1 1 QoS Port Classification PCP Description Set or show the default PCP for an untagged frame Syntax QoS Port Classification PCP port_list pcp Parameters port_list Port list or all default All ports pcp Priority Code Point 0 7 Default Setting 0 Example Set the default PCP for an untagged ...

Page 531: ...lt DEI for an untagged frame in 1 for port1 MGSD 10080F qos Port Classification dei 1 1 QoS Port Classification Tag Description Set or show if the classification is based on the PCP and DEI values in tagged frames Syntax QoS Port Classification Tag port_list enable disable Parameters port_list Port list or all default All ports enable Enable tag classification disable Disable tag classification de...

Page 532: ...ass dpl Parameters port_list Port list or all default All ports pcp_list PCP list or all default All PCPs 0 7 dei_list DEI list or all default All DEIs 0 1 class QoS class 0 7 dpl Drop Precedence Level 0 1 QoS Port Classification DSCP Description Set or show if the classification is based on DSCP value in IP frames Syntax QoS Port Classification DSCP port_list enable disable Parameters port_list P...

Page 533: ... or all default All ports enable Enable port policer disable Disable port policer default Show port policer mode Default Setting disable Example Enable QoS port policer MGSD 10080F qos Port Policer Mode 1 10 enable QoS Port Policer Rate Description Set or show the port policer rate Syntax QoS Port Policer Rate port_list rate Parameters port_list Port list or all default All ports rate Rate in kbps...

Page 534: ...bits per second fps Unit is frames per second default Show port policer unit Default Setting kbps Example Set the port policer unit in fps MGSD 10080F qos Port Policer unit 1 10 fps QoS Port Policer Flow Control Description Set or show the port policer flow control If policer flow control is enabled and the port is in flow control mode then pause frames are sent instead of discarding frames Syntax...

Page 535: ...rameters port_list Port list or all default All ports queue_list Queue list or all default All queues 0 7 enable Enable port queue policer disable Disable port queue policer default Show port queue policer mode Default Setting Disable QoS Port QueuePolicer Rate Description Set or show the port queue policer rate Syntax QoS Port QueuePolicer Rate port_list queue_list bit_rate Parameters port_list P...

Page 536: ...d Weighted mode default Show port scheduler mode Default Setting strict Example Set the port schedule mode in weighted mode MGSD 10080F qos Port Scheduler Mode 1 10 weighted QoS Port Scheduler Weight Description Set or show the port scheduler weight Syntax QoS Port Scheduler Weight port_list queue_list weight Parameters port_list Port list or all default All ports queue_list Weighted queue list or...

Page 537: ...ble Disable port queue shaper default Show port queue shaper mode Default Setting disable Example Enable port queue shaper for all port queue MGSD 10080F qos Port QueueShaper Mode 1 10 0 7 enable QoS Port QueueShaper Rate Description Set or show the port queue shaper rate Syntax QoS Port QueueShaper Rate port_list queue_list bit_rate Parameters port_list Port list or all default All ports queue_li...

Page 538: ...r all default All queues 0 7 enable Enable use of excess bandwidth disable Disable use of excess bandwidth default Show port queue excess bandwidth mode Default Setting disable Example Enable the port queue excess bandwidth mode MGSD 10080F qos Port QueueShaper Excess 1 10 0 7 enable QoS Port TagRemarking Mode Description Set or show the port tag remarking mode Syntax QoS Port TagRemarking Mode po...

Page 539: ...or show the default PCP This value is used when port tag remarking mode is set to default Syntax QoS Port TagRemarking PCP port_list pcp Parameters port_list Port list or all default All ports pcp Priority Code Point 0 7 Default Setting 0 Example Set the default PCP in 1 MGSD 10080F qos Port TagRemarking PCP 1 10 1 QoS Port TagRemarking DEI Description Set or show the default DEI This value is use...

Page 540: ... 7 and DP level 0 1 to PCP and DEI Syntax QoS Port TagRemarking Map port_list class_list dpl_list pcp dei Parameters port_list Port list or all default All ports class_list QoS class list or all default All QoS classes 0 7 dpl_list DP level list or all default All DP levels 0 1 pcp Priority Code Point 0 7 dei Drop Eligible Indicator 0 1 QoS Port DSCP Translation Description Set or show DSCP ingres...

Page 541: ...P classification based on QoS class and DP level This enables per port to map new DSCP value based on QoS class and DP level Syntax QoS Port DSCP Classification port_list none zero selected all Parameters port_list Port list or all default All ports none No DSCP ingress classification zero Classify DSCP if DSCP 0 selected Classify DSCP for which class mode is enable all Classify all DSCP default S...

Page 542: ...re Rewrite DSCP in egress frame with remapped DSCP where remap is DP aware and DP 1 default Show port DSCP egress remarking mode Default Setting disable Example Enable DSCP egress rewrite MGSD 10080F QoS Port DSCP EgressRemark 1 10 enable QoS DSCP Map Description Set or show DSCP mapping table This table is used to map QoS class and DP level based on DSCP value DSCP value used to map QoS class and...

Page 543: ... EF or AF11 AF43 QoS DSCP Trust Description Set or show trusted DSCP value which is used for QoS classification The DSCP value to be checked for trust is either translated value ifDSCP translation is enabled for the ingress port or incoming frame DSCPvalue if translation is disabled for the port Trusted DSCP value is onlyused for QoS classification Syntax QoS DSCP Trust dscp_list enable disable Pa...

Page 544: ...ss classification default Show DSCP classification mode Default Setting disable QoS DSCP EgressRemap Description Set or show DSCP egress remap table This table is used if the port egress remarking mode is remap and the purpose is to map the DSCP and DP level to a new DSCP value Syntax QoS DSCP EgressRemap dscp_list dpl_list dscp Parameters dscp_list DSCP 0 63 BE CS1 CS7 EF or AF11 AF43 list or all...

Page 545: ...ast storm rate limiter Syntax QoS Storm Multicast enable disable packet_rate Parameters enable Enable multicast storm control disable Disable multicast storm control packet_rate Rate in fps 1 2 4 512 1k 2k 4k 32768k Default Setting disable Example Enable multicast storm control in 2fps MGSD 10080F QoS Storm multicast enable 2 QoS Storm Broadcast Description Set or show the broadcast storm rate lim...

Page 546: ...if the next QCE ID is not specified and if existing QCE is modified QCE will be in the same location in the list To modify and move the entry to last in the list use the word last for qce_id_next Syntax QoS QCL Add qce_id qce_id_next port_list tag vid pcp dei smac dmac_type etype etype LLC DSAP SSAP control SNAP PID ipv4 protocol sip dscp fragment sport dport ipv6 protocol sip_v6 dscp sport dport ...

Page 547: ... specific range fragment IPv4 frame fragmented yes no any sport Source TCP UDP port 0 65535 or any specific or port range dport Dest TCP UDP port 0 65535 or any specific or port range ipv6 IPv6 keyowrd sip_v6 IPv6 source address a b c d n or any 32 LS bits class QoS Class class 0 7 default basic classification dp DP Level dp 0 1 default basic classification classified_dscp DSCP dscp 0 63 BE CS1 CS...

Page 548: ...E for differnet user types Syntax QoS QCL status combined static voice_vlan conflicts Parameters combined static voice_vlan conflicts combined Shows the combined status static Shows the static user configured status voice_vlan Shows the status by Voice VLAN conflicts Shows all conflict status default Shows the combined status QoS QCL Refresh Description Resolve QCE conflict status Same H W resourc...

Page 549: ...flicts combined Shows the combined status static Shows the static user configured status voice_vlan Shows the status by Voice VLAN conflicts Shows all conflict status default Shows the combined status Default Setting disable Example Enable multicast storm control in 2fps MGSD 10080F QoS Storm multicast enable 2 ...

Page 550: ...meters port_list Port list or all default All ports Example Show mirror configuration MGSD 10080F mirror configuration Mirror Port Description Set or show the mirror port Syntax Mirror Port port disable Parameters port disable Mirror port or disable default Show port Default Setting disable Example Set port 2 for the mirror port MGSD 10080F mirror port 2 ...

Page 551: ...st enable disable rx tx Parameters port_list Port list or all default All ports enable Enable Rx and Tx mirroring disable Disable Mirroring rx Enable Rx mirroring tx Enable Tx mirroring default Show mirror mode Default Setting disable Example Enable the mirror mode for port 1 4 MGSD 10080F mirror mode 1 4 enable ...

Page 552: ...ile_name Parameters ip_server TFTP server IP address a b c d file_name Configuration file name Configuration Load Description Load configuration from TFTP server Syntax Config Load ip_server file_name check Parameters ip_server TFTP server IP address a b c d file_name Configuration file name check Check configuration file only default Check and apply file ...

Page 553: ... a b c d or a host name string file_name Firmware file name Firmware IPv6 Load Description Load new firmware from IPv6 TFTP server Syntax Firmware IPv6 Load ipv6_server file_name Parameters ipv6_server TFTP server IPv6 address file_name Firmware file name Firmware Information Description Display information about active and alternate firmware images Syntax Firmware Information Firmware Swap Descri...

Page 554: ...User s Manual of MGSD 10080F 554 Activate the alternate firmware image Syntax Firmware Swap ...

Page 555: ... Show UPnP configuration MGSD 10080F upnp configuration UPnP Configuration UPnP Mode Disabled UPnP TTL 4 UPnP Advertising Duration 100 UPnP Mode Description Set or show the UPnP mode Syntax UPnP Mode enable disable Parameters enable Enable UPnP disable Disable UPnP default Show UPnP mode Default Setting disable Example Enable the UPnP mode ...

Page 556: ...ult Setting 4 Example Set the value 10 for TTL value of the IP header in SSDP messages MGSD 10080F upnp ttl 10 UPnP Advertising Duration Description Set or show UPnP Advertising Duration Syntax UPnP Advertising Duration duration Parameters duration duration range 100 86400 default Show UPnP duration range Default Setting 100 Example Set value 1000 for UPnP Advertising Duration MGSD 10080F upnp adv...

Page 557: ...n MVR Mode Disabled Muticast VLAN ID 100 Port Port Mode Port Type Immediate Leave 1 Disabled Receive Disabled 2 Disabled Receive Disabled 3 Disabled Receive Disabled 4 Disabled Receive Disabled 5 Disabled Receive Disabled 6 Disabled Receive Disabled 7 Disabled Receive Disabled 8 Disabled Receive Disabled 9 Disabled Receive Disabled 10 Disabled Receive Disabled MVR Mode Description Set or show the ...

Page 558: ...mode enable MVR VLAN Setup Description Set or show per MVR VLAN configuration Syntax MVR VLAN Setup mvid add del upd Name mvr_name Parameters mvid MVR VLAN ID 1 4095 add Add operation del Delete operation upd Update operation name MVR Name keyword mvr_name MVR VLAN name Maximum of 32 characters MVR VLAN Mode Description Set or show per MVR VLAN mode Syntax MVR VLAN Mode vid mvr_name dynamic compat...

Page 559: ...R VLAN ID 1 4095 or Name Maximum of 32 characters port_list Port list or all default All ports source MVR source port receiver MVR receiver port inactive Disable MVR default Show MVR port role MVR VLAN LLQI Description Set or show per MVR VLAN LLQI Last Listener Query Interval Syntax MVR VLAN LLQI vid mvr_name mvr_param_llqi Parameters vid mvr_name MVR VLAN ID 1 4095 or Name Maximum of 32 characte...

Page 560: ...und The boundary IPv4 IPv6 multicast group address for the channel name MVR Name keyword grp_name MVR Channel name Maximum of 32 characters MVR VLAN Priority Description Set or show per MVR VLAN priority and VLAN tag Syntax MVR VLAN Priority vid mvr_name priority tagged untagged Parameters vid mvr_name MVR VLAN ID 1 4095 or Name Maximum of 32 characters priority CoS priority value ranges from 0 7 ...

Page 561: ...ble Disable Immediate Leave default Show MVR Immediate Leave MVR Status Description Show Clear MVR operational status Syntax MVR Status vid clear Parameters vid VLAN ID 1 4095 clear Clear log MVR Groups Description Show MVR group addresses Syntax MVR Groups vid Parameters vid VLAN ID 1 4095 MVR SFM Description Show SFM including SSM related information for MVR Syntax ...

Page 562: ...User s Manual of MGSD 10080F 562 MVR SFM vid port_list Parameters vid VLAN ID 1 4095 port_list Port list or all default All ports ...

Page 563: ...nfiguration V oice VLAN Configuration Voice VLAN Mode Disabled Voice VLAN VLAN ID 1000 Voice VLAN Age Time seconds 86400 Voice VLAN Traffic Class 7 Voice VLAN OUI Table Telephony OUI Description 00 30 4F PLANET phones 00 03 6B Cisco phones 00 0F E2 H3C phones 00 60 B9 Philips and NEC AG phones 00 D0 1E Pingtel phones 00 E0 75 Polycom phones 00 E0 BB 3Com phones 00 01 E3 Siemens AG phones Voice VLA...

Page 564: ...led OUI 9 Disabled Disabled OUI 10 Disabled Disabled OUI Voice VLAN Mode Description Set or show the Voice VLAN mode We must disable MSTP feature before we enable Voice VLAN It can avoid the conflict of ingress filter Syntax Voice VLAN Mode enable disable Parameters enable Enable Voice VLAN mode disable Disable Voice VLAN mode default Show flow Voice VLAN mode Default Setting disable Example Enabl...

Page 565: ...Setting 1000 Example Set ID 2 for Voice VLAN ID MGSD 10080F voice vlan id 2 Voice VLAN Agetime Description Set or show Voice VLAN age time Syntax Voice VLAN Agetime age_time Parameters age_time MAC address age time 10 10000000 default Show age time Default Setting 86400sec Example Set Voice VLAN age time in 100sec MGSD 10080F voice valn agetime 100 ...

Page 566: ... VLAN OUI Add Description Add Voice VLAN OUI entry Modify OUI table will restart auto detect OUI process The maximum entry number is 16 Syntax Voice VLAN OUI Add oui_addr description Parameters oui_addr OUI address xx xx xx The null OUI address isn t allowed description Entry description Use clear or to clear the string No blank or space characters are permitted as part of a contact only in CLI Ex...

Page 567: ...ss isn t allowed Example Delete Voice VLAN OUI entry MGSD 10080F voice vlan oui delete 00 11 22 Voice VLAN OUI Clear Description Clear Voice VLAN OUI entry Modify OUI table will restart auto detect OUI process Syntax Voice VLAN OUI Clear Example Clear Voice VLAN OUI entry MGSD 10080F voice vlan oui clear Voice VLAN OUI Lookup Description Clear Voice VLAN OUI entry Modify OUI table will restart aut...

Page 568: ... All ports disable Disjoin from Voice VLAN auto Enable auto detect mode It detects whether there is VoIP phone attached on the specific port and configure the Voice VLAN members automatically force Forced join to Voice VLAN default Show Voice VLAN port mode Default Setting disable Example Set auto mode for port 1 4 of Voice VLAN port mode MGSD 10080F voice vlan port mode 1 4 auto Voice VLAN Securi...

Page 569: ... Protocol Description Set or show the Voice VLAN port discovery protocol mode It only work under auto detect mode is enabled We should enable LLDP feature before configure discovery protocol to LLDP or Both Change discovery protocol to OUI or LLDP will restart auto detect process Syntax Voice VLAN Discovery Protocol port_list oui lldp both Parameters port_list Port list or all default All ports OU...

Page 570: ... id Syntax Erps command fs ms clear port group id Parameters fs ms clear administrative commands port Port number group id protection group id 1 64 ERPS Version Description Specifying protocol version for a given protection group v1 v2 specifying protocol version for a given protection group group_id protection group id Syntax Erps version v1 v2 group id Parameters v1 v2 ERPS protocol version to b...

Page 571: ...ort 0 of a protection group west_port Port 1 of a protection group major sub ring type interconnected Set for interconnected node virtual_channel Set for virtual channel major ring id major ring of a sub ring when configuring as an interconnected node ERPS Reversion Description Configuring reversion characteristics for a given node revertive nonrevertive enabling or disabling reversion for a given...

Page 572: ... group id Parameters vid VLAN ID 1 4095 group id protection group id 1 64 ERPS MEP Description Associating Port 0 1 MEP to a protection group east_sf_mep Mep_ID for finding out Continuity Check errors on Port 0 west_sf_mep Mep_ID for finding out Continuity Check errors on Port 1 east_raps_mep Mep_ID for transmitting R APS frames on Port 0 west_raps_mep Mep_ID for transmitting R APS frames on Port ...

Page 573: ... RPL neighbour group id protection group id for selecting RPL Block Syntax Erps rpl neighbour rpl_port group id Parameters rpl_port RPL Block group id protection group id 1 64 ERPS RPL Owner Description Selection of RPL Block for a protection group by default this node is considered as RPL Owner east west select east Port 0 or west Port 1 as RPL Block group id protection group id for selecting RPL...

Page 574: ...oup After clear this node is nore an rpl owner for the given group east west selected east Port 0 or west Port 1 as RPL Block group id protection group id for selecting RPL Block Syntax Erps rpl owner clear group id Parameters group id protection group id 1 64 ERPS Hold Off Timeout Description configuring hold off timeout for a protection group in milliseconds 0 10000 in the increments of 100ms ho...

Page 575: ...rotection group id for configuring guard time Syntax Erps guard timeout guard_timeout group id Parameters guard_timeout timer timeout values group id protection group id 1 64 ERPS WRT timeout Description configuring wait to restore timeout for a protection group in minutes in the range of 1 to 12 minutes wtr_timeout configuring wtr timeout group id protection group id for configuring wtr time Synt...

Page 576: ...ology change propagation for a given group group_id protection group id Syntax Erps topologychange propagate nopropagate group id Parameters propagate nopropagate topology change propagation configuration group id protection group id 1 64 ERPS Configurationt Description deletion of a protection group group id protection group id statistics for displaying R APS statistics clear for clearing R APS s...

Page 577: ...Mode Description Set or show the Loop Protection mode Syntax Loop Protect Mode enable disable Parameters enable Enable Loop Protection disable Disable Loop Protection Default Setting enable Loop Protect Transmit Description Set or show the Loop Protection transmit interval Syntax Loop Protect Transmit transmit time Parameters Transmit time interval 1 10 seconds Default Setting 5 ...

Page 578: ...efault Setting 10 Loop Protect Port Configuration Description Show Loop Protection port configuration Syntax Loop Protect Port Configuration port_list Parameters port_list Port list or all default All ports Loop Protect Port Mode Description Set or show the Loop Protection port mode Syntax Loop Protect Port Mode port_list enable disable Parameters port_list Port list or all default All ports enabl...

Page 579: ...tdown the port and Log event log Only Log the event Loop Protect Port Transmit Description Set or show the Loop Protection port transmit mode Syntax Loop Protect Port Transmit port_list enable disable Parameters port_list Port list or all default All ports enable Enable Loop Protection disable Disable Loop Protection Loop Protect Status Description Show the Loop Protection status Syntax Loop Prote...

Page 580: ...r IPv6 MLD igmp IPMC for IPv4 IGMP IPMC Mode Description Set or show the IPMC snooping mode Syntax IPMC Mode mld igmp enable disable Parameters mld igmp mld IPMC for IPv6 MLD igmp IPMC for IPv4 IGMP enable Enable IPMC snooping disable Disable IPMC snooping default Show global IPMC snooping mode Default Setting disable Example Enable IGMP snooping MGSD 10080F ipmc mode igmp enable ...

Page 581: ...isable Disable IPMC flooding default Show global IPMC flooding mode Default Setting enable Example Enable IGMP flooding MGSD 10080F ipmc flooding igmp enable IPMC Leave Proxy Description Set or show the mode of IPMC Leave Proxy Syntax IPMC Leave Proxy mld igmp enable disable Parameters mld igmp mld IPMC for IPv6 MLD igmp IPMC for IPv4 IGMP enable Enable IPMC Leave Proxy disable Disable IPMC Leave ...

Page 582: ...tax IPMC Proxy mld igmp enable disable Parameters mld igmp mld IPMC for IPv6 MLD igmp IPMC for IPv4 IGMP enable Enable IPMC Proxy disable Disable IPMC Proxy default Show global IPMC Proxy mode Default Setting disable Example Enable IGMP Proxy MGSD 10080F ipmc proxy igmp enable IPMC SSM Description Set or show the IPMC SSM Range Syntax IPMC SSM mld igmp Range prefix mask_len ...

Page 583: ... 32 IPv6 8 128 ssm range accordingly IPMC VLAN Add Description Add the IPMC snooping VLAN interface Syntax IPMC VLAN Add mld igmp vid Parameters mld igmp mld IPMC for IPv6 MLD igmp IPMC for IPv4 IGMP vid VLAN ID 1 4095 IPMC VLAN Delete Description Delete the IPMC snooping VLAN interface Syntax IPMC VLAN Delete mld igmp vid Parameters mld igmp mld IPMC for IPv6 MLD igmp IPMC for IPv4 IGMP vid VLAN ...

Page 584: ...ANs enable Enable MLD snooping disable Disable MLD snooping Default Setting disable Example Enable IGMP snooping state for VLAN 1 MGSD 10080F ipmc state igmp 1 enable IPMC Querier Description Set or show the IPMC snooping querier mode for VLAN Syntax IPMC Querier mld igmp vid enable disable Parameters mld igmp mld IPMC for IPv6 MLD igmp IPMC for IPv4 IGMP vid VLAN ID 1 4095 or any default Show all...

Page 585: ...IPMC for IPv6 MLD igmp IPMC for IPv4 IGMP vid VLAN ID 1 4095 or any default Show all VLANs auto v1 v2 v3 auto Auto Compatibility Default Value v1 Forced Compatibility of IGMPv1 or MLDv1 v2 Forced Compatibility of IGMPv2 or MLDv2 v3 Forced Compatibility of IGMPv3 default Show IPMC Interface Compatibility IPMC Fastleave Description Set or show the IPMC snooping fast leave port mode Syntax IPMC Fastl...

Page 586: ...0F ipmc fastleave igmp 1 10 enable IPMC Throttling Description Set or show the IPMC port throttling status Syntax IPMC Throttling mld igmp port_list limit_group_number Parameters mld igmp mld IPMC for IPv6 MLD igmp IPMC for IPv4 IGMP port_list Port list or all default All ports 0 No limit 1 10 Group learn limit default Show IPMC Port Throttling Default Setting Unlimited Example Set the max learn 1...

Page 587: ...t group filtering entry default Show IPMC port group filtering list group_addr IPv4 IPv6 multicast group address accordingly IPMC Router Description Set or show the IPMC snooping router port mode Syntax IPMC Router mld igmp port_list enable disable Parameters mld igmp mld IPMC for IPv6 MLD igmp IPMC for IPv4 IGMP port_list Port list or all default All ports enable Enable IPMC router port disable D...

Page 588: ...ID 1 4095 or any default Show all VLANs Example Show VLAN 1 IPMC operational status MGSD 10080F ipmc status igmp 1 IPMC Group Description Show IPMC group addresses accordingly Syntax IPMC Groups mld igmp vid Parameters mld igmp mld IPMC for IPv6 MLD igmp IPMC for IPv4 IGMP vid VLAN ID 1 4095 or any default Show all VLANs Example Show VLAN 1 IPMC group addresses accordingly MGSD 10080F ipmc groups ...

Page 589: ...ll VLANs Example Show VLAN 1 IPMC Versions MGSD 10080F ipmc version igmp 1 IPMC SFM Description Show SFM including SSM related information for IPMC Syntax IPMC SFM mld igmp vid port_list Parameters mld igmp mld IPMC for IPv6 MLD igmp IPMC for IPv4 IGMP vid VLAN ID 1 4095 or any default Show all VLANs port_list Port list or all default All ports IPMC Parameter RV Description Set or show the IPMC Ro...

Page 590: ...ustness Variable IPMC Parameter QI Description Set or show the IPMC Query Interval Syntax IPMC Parameter QI mld igmp vid ipmc_param_qi Parameters mld igmp mld IPMC for IPv6 MLD igmp IPMC for IPv4 IGMP vid VLAN ID 1 4095 or any default Show all VLANs ipmc_param_qi 1 Default Value 125 1 31744 Query Interval in seconds default Show IPMC Interface Query Interval IPMC Parameter QRI Description Set or s...

Page 591: ...et or show the IPMC Last Listener Query Interval Syntax IPMC Parameter LLQI mld igmp vid ipmc_param_llqi Parameters mld igmp mld IPMC for IPv6 MLD igmp IPMC for IPv4 IGMP vid VLAN ID 1 4095 or any default Show all VLANs ipmc_param_llqi 1 Default Value 10 0 31744 Last Listener Query Interval in tenths of seconds default Show IPMC Interface Last Listener Query Interval IPMC Parameter URI Description...

Page 592: ...2 mld IPMC for IPv6 MLD igmp IPMC for IPv4 IGMP vid VLAN ID 1 4095 or any default Show all VLANs ipmc_param_uri 1 Default Value 1 0 31744 Unsolicited Report Interval in seconds default Show IPMC Interface Unsolicited Report Interval ...

Page 593: ...VLAN entry Syntax VCL Macvlan Add mac_addr vid port_list Parameters mac_addr MAC address xx xx xx xx xx xx vid VLAN ID 1 4095 port_list Port list or all default All ports Example Add 00 11 22 33 44 55 66 in VLAN 20 for all port MGSD 10080F vcl macvlan add 00 11 22 33 44 55 66 20 1 10 VCL MAC based VLAN Delete Description Delete VCL MAC based VLAN entry Syntax VCL Macvlan Del mac_addr Parameters ma...

Page 594: ...Ethernet II protocol to group mapping Syntax VCL ProtoVlan Protocol Add Eth2 ether_type arp ip ipx at group_id Parameters ether_type arp ip ipx at Ether Type 0x0600 0xFFFF group_id Protocol group ID VCL Protocol based VLAN Add SNAP Description Add VCL protocol based VLAN SNAP protocol to group mapping Syntax VCL ProtoVlan Protocol Add Snap oui rfc_1042 snap_8021h pid group_id Parameters oui rfc_10...

Page 595: ...Delete VCL protocol based VLAN Ethernet II protocol to group mapping Syntax VCL ProtoVlan Protocol Delete Eth2 ether_type arp ip ipx at Parameters ether_type arp ip ipx at Ether Type 0x0600 0xFFFF VCL Protocol based VLAN Delete SNAP Description Delete VCL protocol based VLAN SNAP protocol to group mapping Syntax VCL ProtoVlan Protocol Delete Snap oui rfc_1042 snap_8021h pid Parameters oui rfc_1042...

Page 596: ...col based VLAN Add Description Add VCL protocol based VLAN group to VLAN mapping Syntax VCL ProtoVlan Vlan Add port_list group_id vid Parameters port_list Port list or all default All ports group_id Protocol group ID vid VLAN ID 1 4095 VCL Protocol based VLAN Delete Description Delete VCL protocol based VLAN group to VLAN mapping Syntax VCL ProtoVlan Vlan Delete port_list group_id Parameters port_...

Page 597: ... vce_id Parameters vce_id Unique VCE ID 1 128 for each VCL entry VCL IP Subnet based Vlan Add Description Add or modify VCL IP Subnet based VLAN entry The maximum IPVlan entries are limited to 128 Syntax VCL IPVlan Add vce_id ip_addr_mask vid port_list Parameters vce_id Unique VCE ID 1 128 for each VCL entry ip_addr_mask Source IP address and mask Format a b c d n vid VLAN ID 1 4095 port_list Port...

Page 598: ...User s Manual of MGSD 10080F 598 Delete VCL IP Subnet based VLAN entry Syntax VCL IPVlan Delete vce_id Parameters vce_id Unique VCE ID 1 128 for each VCL entry ...

Page 599: ...ation Default Setting disable SMTP Mode Description Enable or disable SMTP configure Syntax SMTP Mode enable disable Parameters enable Enable SMTP mode disable Disable SMTP mode default Show SMTP mode Default Setting Disable SMTP Server Description Set or show SMTP server configure Syntax SMTP Server server port Parameters ...

Page 600: ...igure Syntax SMTP Auth enable disable Parameters enable Enable SMTP Authentication disable Disable SMTP Authentication default Show SMTP Authentication Default Setting disable SMTP Auth_user Description Set or show SMTP authentication user name configure Syntax SMTP Auth_user auth_user_text Parameters auth_user_text SMTP Authentication User Name Default Setting disable ...

Page 601: ...uthentication Password Default Setting disable SMTP Mail from Description Set or show SMTP e mail from configure Syntax SMTP Mailfrom mailfrom_text Parameters mailfrom_text SMTP E mail From address Default Setting Disable SMTP Mail Subject Description Set or to show SMTP e mail subject configure Syntax SMTP Mailsubject mailsubject_text Parameters mailsubject_text SMTP E mail Subject ...

Page 602: ...Mailto1 mailto1_text Parameters mailto1_text SMTP e mail 1 to address Default Setting Disable SMTP Mail to 2 Description Set or show SMTP e mail 2 to configure Syntax SMTP Mailto2 mailto2_text Parameters mailto1_text SMTP e mail 2 to address Default Setting Disable SMTP Test Description Test the status for linking to SMTP server Syntax ...

Page 603: ...User s Manual of MGSD 10080F 603 SMTP Test ...

Page 604: ...0 1 action enable Enable digital input0 1 function disable Disable digital input0 1 function default Set or show digital input output fault alarm 0 1 status DIDO DI Desciption Description Set or show the system digital input0 1 description Syntax DIDO Di_desc first second description Parameters first Digital Input Output 0 second Digital Input Output 1 default Set or show digital input output firs...

Page 605: ...1 function default Set or show digital input output fault alarm 0 1 status hightolow Trigger high to low lowtohigh Trigger low to high default Set or show digital input output 0 1 trigger DIDO DO Act Description Set or show the system digital output0 1 action Syntax DIDO Do_act first second port power enable disable Parameters first Digital Input Output 0 second Digital Input Output 1 default Set ...

Page 606: ...tal input output first 0 second 1 select enable Enable digital input0 1 function disable Disable digital input0 1 function default Set or show digital input output fault alarm 0 1 status hightolow Trigger high to low lowtohigh Trigger low to high default Set or show digital input output 0 1 trigger DIDO DO Port Alarm Description Set or show the system digital output0 1 port alarm Syntax DIDO Do_po...

Page 607: ...tput fault alarm 0 1 power_fail enable Enable digital input0 1 function disable Disable digital input0 1 function default Set or show digital input output fault alarm 0 1 status DIDO Fault Act Description Set or show the system fault alarm action Syntax DIDO Fault_act port power enable disable Parameters port port fail power power fail DI1 DI1 trigger DI2 DI2 trigger default Set or show digital ou...

Page 608: ... Set or show the system fault alarm of port alarm Syntax DIDO Fault_port_alr port_list Parameters port_list Port list or all default All ports DIDO Fault Power Alarm Description Set or show the system fault alarm of power alarm Syntax DIDO Fault_pwr_alr dc1 dc2 enable disable Parameters dc1 DC power 1 dc2 DC power 2 default Set or show digital output fault alarm 0 1 power_fail enable Enable digita...

Page 609: ...ent configuration Syntax Show access Show ACL Description Show ACL Configuration Syntax Show acl Show Aggregation Description Show link aggregation configuration Syntax Show aggr Show ARP Description Show ARP inspection configuration Syntax Show arp Show Auth Description Show Auth configuration ...

Page 610: ...ay Description Show DHCP relay configuration Syntax Show DHCP relay Show EEE Description Show EEE configuration Syntax Show EEE Show HTTPs Description Show HTTPS configuration Syntax Show https Show IGMP Description Show IPMC snooping configuration Syntax Show igmp ...

Page 611: ...ax Show ip Show LACP Description Show LACP configuration Syntax Show lacp Show Limit Control Description Show Limit Control configuration Syntax Show limit control Show LLDP Description Show LLDP configuration Syntax Show lldp Show LLDP MED Description Show LLDP MED configuration ...

Page 612: ...escription Show Loop Protection configuration Syntax Show Loop Protect Show MAC Description Show MAC address table configuration Syntax Show MAC Show Mirror Description Show mirror configuration Syntax Show mirror Show MVR Description Show MVR configuration Syntax Show MVR ...

Page 613: ...Syntax Show port Show Privilege Description Show privilege configuration Syntax Show privilege Show Private VLAN Description Show Private VLAN configuration Syntax Show pvlan Show QoS Description Show QoS Configuration Syntax Show QoS Show SNMP Description Show SNMP configuration ...

Page 614: ...scription Show SSH configuration Syntax Show ssh Show System Description Show system configuration Syntax Show system Show Timezone Description Show System Timezone configuration Syntax Show timezone Show UPnP Description Show UPnP configuration Syntax Show upnp ...

Page 615: ...how VLAN Description Show VLAN configuration Syntax Show vlan Show Voice VLAN Description Show Voice VLAN configuration Syntax Show voice vlan Show Firmware Description Display information about active and alternate firmware images Syntax Show firmware Show STP Description Show STP Port configuration ...

Page 616: ...User s Manual of MGSD 10080F 616 Syntax Show STP ...

Page 617: ...this packet will be filtered Thereby increasing the network throughput and availability 7 4 Store and Forward Store and Forward is one type of packet forwarding techniques A Store and Forward Managed Switch stores the incoming frame in an internal buffer do the complete error checking before transmission Therefore no error packets occurrence it is the best choice when a network needs efficiency an...

Page 618: ...st possible bandwidth when a connection is established with another network device usually at Power On or Reset This is done by detect the modes and speeds at the second of both device is connected and capable of both 10Base T and 100Base TX devices can connect with the port in either Half or Full Duplex mode 1000Base T can be only connected in Full duplex mode ...

Page 619: ...that the attached device is not set to dedicate full duplex Some devices use a physical or software switch to change duplex modes Auto negotiation may not recognize this type of full duplex setting Why the Managed Switch doesn t connect to the network Solution Check per port LED on the Managed Switch Try another port on the Managed Switch Make sure the cable is installed properly Make sure the cab...

Page 620: ...o reset the IP address to the default IP Address 192 168 0 100 or reset the password to default value Press the hardware reset button at the front panel about 5 seconds After the device is rebooted you can login the management WEB interface within the same subnet of 192 168 0 xx Reset Button ...

Page 621: ... Each port of the Switch supports auto MDI MDI X detection That means you can directly connect the Switch to any Ethernet devices without making a crossover cable The following table and diagram show the standard RJ 45 receptacle connector and their pin assignments RJ 45 Connector pin assignment Contact MDI Media Dependant Interface MDI X Media Dependant Interface Cross 1 Tx transmit Rx receive 2 ...

Page 622: ...een 4 Blue 5 White Blue 6 Green 7 White Brown 8 Brown 1 White Orange 2 Orange 3 White Green 4 Blue 5 White Blue 6 Green 7 White Brown 8 Brown SIDE 2 Crossover Cable SIDE 1 SIDE2 1 2 3 4 5 6 7 8 1 2 3 4 5 6 7 8 SIDE 1 1 White Orange 2 Orange 3 White Green 4 Blue 5 White Blue 6 Green 7 White Brown 8 Brown 1 White Green 2 Green 3 White Orange 4 Blue 5 White Blue 6 Orange 7 White Brown 8 Brown SIDE 2 ...

Page 623: ...l List The web page shows the ACEs in a prioritized way highest top to lowest bottom Default the table is empty An ingress frame will only get a hit on one ACE even though there are more matching ACEs The first matching ACE will take action permit deny on that frame and a counter associated with that ACE is incremented An ACE can be associated with a Policy 1 ingress port or any ingress port the w...

Page 624: ... increase the link speed beyond the limits of a port and to increase the redundancy for higher availability Also Port Aggregation Link Aggregation ARP ARP is an acronym for Address Resolution Protocol It is a protocol that used to convert an IP address into a physical address such as an Ethernet address ARP allows a host to communicate with other hosts when only the Internet address of its neighbo...

Page 625: ...ey DHCP DHCP is an acronym for Dynamic Host Configuration Protocol It is a protocol used for assigning dynamic IP addresses to devices on a network DHCP used by networked computers clients to obtain IP addresses and other parameters such as the default gateway subnet mask and IP addresses of DNS servers from a DHCP server The DHCP server ensures that all IP addresses are unique for example no IP a...

Page 626: ...gus DHCP reply packet to a legitimate conversation between the DHCP client and server DNS DNS is an acronym for Domain Name System It stores and associates many types of information with domain names Most importantly DNS translates human friendly domain names and computer hostnames into computer friendly IP addresses For example the domain name www example com might translate to 192 168 0 1 DoS Do...

Page 627: ...l hosts on a switched network even when multiple multicast groups are in use simultaneously This processing applies to IGMP and MLD H HTTP HTTP is an acronym for Hypertext Transfer Protocol It is a protocol that used to transfer or convey information on the World Wide Web WWW HTTP defines how messages are formatted and transmitted and what actions Web servers and browsers should take in response t...

Page 628: ...ING command uses ICMP to test an Internet connection IEEE 802 1X IEEE 802 1X is an IEEE standard for port based Network Access Control It provides authentication to devices attached to a LAN port establishing a point to point connection or preventing access from that port if authentication fails With 802 1X access to all switch ports can be centrally controlled from a server which means that autho...

Page 629: ...device uniquely among all other devices connected to the extended network The current version of the Internet protocol is IPv4 which has 32 bits Internet Protocol addresses allowing for in excess of four billion unique addresses This number is reduced drastically by the practice of webmasters taking addresses in large blocks the bulk of which remain unused There is a rather substantial movement to...

Page 630: ...such as the Simple Network Management Protocol SNMP LLDP MED LLDP MED is an extension of IEEE 802 1ab and is defined by the telecommunication industry association TIA 1057 LLQI LLQI Last Listener Query Interval is the maximun response time used to calculate the Maximun Respse Code inserted into Specific Queries It is used to detect the departure of the last listener for a multicast address or sour...

Page 631: ...ng Tree Protocol The MSTP protocol provides for multiple spanning tree instances while ensuring RSTP and STP compatibility The standard was originally defined by IEEE 802 1s but was later incorporated in IEEE 802 1D 2005 MVR Multicast VLAN Registration MVR is a protocol for Layer 2 IP networks that enables multicast traffic from a source VLAN to be shared with subscriber VLANs The main reason for ...

Page 632: ...atagrams as transport layer O Optional TLVs A LLDP frame contains multiple TLVs For some TLVs it is configurable if the switch shall include the TLV in the LLDP frame These TLVs are known as optional TLVs If an optional TLVs is disabled the corresponding information is not included in the LLDP frame OUI OUI is the organizationally unique identifier An OUI address is a globally unique identifier as...

Page 633: ... and forward service An alternative protocol is Internet Message Access Protocol IMAP IMAP provides the user with more capabilities for retaining e mail on the server and for organizing it in folders on the server IMAP can be thought of as a remote file server POP and IMAP deal with the receiving of e mail and are not to be confused with the Simple Mail Transfer Protocol SMTP You send e mail with ...

Page 634: ... a method to guarantee a bandwidth relationship between individual applications or protocols A communications network transports a multitude of applications and data including high quality video and delay sensitive data such as real time voice Networks must provide secure predictable measurable and sometimes guaranteed services Achieving the required QoS becomes the secret to a successful end to e...

Page 635: ... be installed on a variety of operating system platforms including Linux most common Unix platforms OpenVMS and IBM OS 2 Samba can also register itself with the master browser on the network so that it would appear in the listing of hosts in Microsoft Windows Neighborhood Network SHA SHA is an acronym for Secure Hash Algorithm It designed by the National Security Agency NSA and published by the NI...

Page 636: ...ithin range advertising their SSIDs and can choose one to connect to base on pre configuration or by displaying a list of SSIDs in range and asking the user to select one wikipedia SSH SSH is an acronym for Secure SHell It is a network protocol that allows data to be exchanged using a secure channel between two networked devices The encryption used by SSH provides confidentiality and integrity of ...

Page 637: ... include the World Wide Web WWW e mail and File Transfer Protocol FTP TELNET TELNET is an acronym for TELetype NETwork It is a terminal emulation protocol that uses the Transmission Control Protocol TCP and provides a virtual connection between TELNET server and TELNET client TELNET enables the client to control the server and communicate with other servers on the network To start a Telnet session...

Page 638: ...ata units to exchange may prefer UDP to TCP UDP provides two services not provided by the IP layer It provides port numbers to help distinguish different user requests and optionally a checksum capability to verify that the data arrived intact Common network applications that use UDP include the Domain Name System DNS streaming media applications such as IPTV Voice over IP VoIP and Trivial File Tr...

Page 639: ...e IEEE 802 11 wireless networks Wireless networks broadcast messages is using radio so are more susceptible to eavesdropping than wired networks When introduced in 1999 WEP was intended to provide confidentiality comparable to that of a traditional wired network Wikipedia WiFi WiFi is an acronym for Wireless Fidelity It is meant to be used generically when referring of any type of 802 11 network w...

Page 640: ...ode security depends on the strength and secrecy of the passphrase The design of WPA is based on a Draft 3 of the IEEE 802 11i standard Wikipedia WPS WPS is an acronym for Wi Fi Protected Setup It is a standard for easy and secure establishment of a wireless home network The goal of the WPS protocol is to simplify the process of connecting any home device to the wireless network Wikipedia WRED WRE...

Page 641: ...3 2 2006 A1 2009 A2 2009 EN 61000 3 3 2008 EN 55024 2010 IEC 61000 4 2 2008 IEC 61000 4 3 2006 A1 2007 A2 2010 IEC 61000 4 4 2004 A1 2010 IEC 61000 4 5 2005 IEC 61000 4 6 2008 IEC 61000 4 8 2009 IEC 61000 4 11 2004 Responsible for marking this declaration if the Manufacturer Authorized representative established within the EU Authorized representative established within the EU if applicable Compan...

Reviews:

No comments

Related manuals for MGSD-10080F

i3 International S244 Quick Start Manual preview
S244
Brand: i3 International Pages: 2
S&C Omni-Rupter Installation Manual preview
Omni-Rupter
Brand: S&C Pages: 28
S&C Mark V Assembly And Installation Instructions Manual preview
Mark V
Brand: S&C Pages: 12
S&C Alduti-Rupter Instruction Sheet preview
Alduti-Rupter
Brand: S&C Pages: 24
S&C Alduti-Rupter Additional Instructions For Installation And Operation preview
Alduti-Rupter
Brand: S&C Pages: 24
S&C Vista SD Instruction Sheet preview
Vista SD
Brand: S&C Pages: 24
S&C Alduti-Rupter Installation Manual preview
Alduti-Rupter
Brand: S&C Pages: 28
S&C Vista SD Operation Manual preview
Vista SD
Brand: S&C Pages: 37
UNICOM FEP-31024T-3 Specifications preview
FEP-31024T-3
Brand: UNICOM Pages: 1
Jabra LINK 14201-20 - DATASHEET FOR TOSHIBA PHONES How To Connect preview
LINK 14201-20 - DATASHEET FOR TOSHIBA PHONES
Brand: Jabra Pages: 4
Sams DS-4 User Manual For Use And Maintenance preview
DS-4
Brand: Sams Pages: 10
Eaton RMQ-Titan M30 Series Instruction Leaflet preview
RMQ-Titan M30 Series
Brand: Eaton Pages: 4
Dexon DIMAX404 User Manual preview
DIMAX404
Brand: Dexon Pages: 31
H3C DA-06D12 User Manual preview
DA-06D12
Brand: H3C Pages: 10
Ihse Draco tera compact 480 Series User Manual preview
Draco tera compact 480 Series
Brand: Ihse Pages: 244
N-Tron NTSFP-LX-40 User Manual & Installation Manual preview
NTSFP-LX-40
Brand: N-Tron Pages: 20
Conceptronic HUBBIES 01 Multi Language Quick Manual preview
HUBBIES 01
Brand: Conceptronic Pages: 7
LevelOne GTL-2690 Installation Manual preview
GTL-2690
Brand: LevelOne Pages: 76

Brands by name

Popular brands

Load more brands