24-Port 10/100/1000Mbps
Ethernet Security Switch
WGSW-24000
User's Manual
Page 1: ...24 Port 10 100 1000Mbps Ethernet Security Switch WGSW 24000 User s Manual ...
Page 2: ...ht to make improvements to this User s Manual and or to the products described in this User s Manual at any time without notice If you find information in this manual that is incorrect misleading or incomplete we would appreciate your comments and suggestions FCC Warning This equipment has been tested and found to comply with the limits for a Class A digital device pursuant to Part 15 of the FCC R...
Page 3: ...ck Mounting 17 3 CONFIGURATION 19 3 1 Management Access Overview 19 3 1 1 Administration Console 20 3 1 2 Direct Access 20 3 2 Web Management 20 3 3 SNMP Based Network Management 21 3 4 Protocols 21 3 4 1 Virtual Terminal Protocols 21 3 4 2 SNMP Protocol 21 3 4 3 Management Architecture 21 4 COMMAND STRUCTURE 23 4 1 Format 23 4 1 1 Command 23 4 1 2 Parameters 23 4 1 3 Values 24 4 1 4 Conventions 2...
Page 4: ...ing config 47 7 1 10 show sysinfo 48 7 1 11 snmp server 48 7 2 Management VLAN Commands 48 7 2 1 network mgmt_vlan 48 7 3 Dot1P Commands 48 7 3 1 classofservice dot1pmapping 48 7 3 2 show classofservice dot1pmapping 49 7 3 3 vlan port priority all 49 7 3 4 vlan priority 49 7 4 LAG Port Channel 802 3ad Commands 49 7 4 1 port channel staticcapability 49 7 4 2 show port channel brief 50 7 5 Managemen...
Page 5: ...nmp server community rw 59 7 5 26 snmp server enable traps 59 7 5 28 snmp server enable traps linkmode 60 7 5 29 snmp server enable traps multiusers 60 7 5 30 snmp server enable traps stpmode 61 7 5 31 snmptrap 61 7 5 32 snmptrap ipaddr 61 7 5 33 snmptrap mode 62 7 5 34 telnet 62 7 6 Device Configuration Commands 62 7 6 1 addport 62 7 6 2 auto negotiate 63 7 6 3 auto negotiate all 63 7 6 4 delete ...
Page 6: ...0 set gmrp interfacemode all 73 7 6 31 set gvrp adminmode 73 7 6 32 set gvrp interfacemode 73 7 6 33 set gvrp interfacemode all 74 7 6 34 show description 74 7 6 35 show garp 74 7 6 36 show gmrp configuration 74 7 6 37 show gvrp configuration 75 7 6 38 show igmpsnooping 76 7 6 39 show mac address table gmrp 77 7 6 40 show mac address table igmpsnooping 77 7 6 41 show mac address table multicast 77...
Page 7: ...lan name 88 7 6 69 vlan participation 88 7 6 70 vlan participation all 88 7 6 71 vlan port acceptframe all 89 7 6 72 vlan port ingressfilter all 89 7 6 73 vlan port pvid all 90 7 6 74 vlan port tagging all 90 7 6 75 vlan protocol group 90 7 6 76 vlan protocol group add protocol 90 7 6 77 vlan protocol group remove 91 7 6 78 vlan pvid 91 7 6 79 vlan tagging 91 7 7 User Account Management Commands 9...
Page 8: ...8 8 2 2 ip access group 99 8 2 3 ip access group all 99 8 3 CLI Commands Differentiated Services 100 8 3 1 diffserv 101 8 4 Class Commands 101 8 4 1 class map 102 8 4 2 class map rename 103 8 4 3 match any 103 8 4 4 match class map 103 8 4 5 match destination address mac 104 8 4 6 match dstip 104 8 4 7 match dstl4port 104 8 4 8 match ip dscp 105 8 4 9 match ip precedence 105 8 4 10 match ip tos 10...
Page 9: ...mmands 117 8 7 1 show class map 117 8 7 2 show diffserv 118 8 7 3 show policy map 118 8 7 4 show diffserv service 120 8 7 5 show diffserv service brief 121 8 7 6 show policy map interface 121 8 7 7 show service policy 122 8 8 Rate Limiting Commands 123 8 8 1 rate limiting 123 8 8 2 show rate limiting 123 9 CLI COMMANDS SECURITY 125 9 1 Security Commands 125 9 1 1 authentication login 125 9 1 2 cle...
Page 10: ...24 show authentication users 133 9 1 25 show dot1x 133 9 1 26 show dot1x users 136 9 1 27 show radius 136 9 1 28 show radius statistics 136 9 1 29 show users authentication 137 9 1 30 users defaultlogin 137 9 1 31 users login 138 9 2 Secure Shell SSH Commands 138 9 2 1 ip ssh 138 9 2 2 ip ssh protocol 138 9 2 3 show ip ssh 139 9 3 HTTP Commands 139 9 3 1 ip http secure port 139 9 3 2 ip http secur...
Page 11: ... time 148 10 1 15 spanning tree hello time 148 10 1 16 spanning tree max age 148 10 1 17 spanning tree mst 149 10 1 18 spanning tree mst instance 150 10 1 19 spanning tree mst priority 150 10 1 20 spanning tree mst vlan 151 10 1 21 spanning tree port mode 151 10 1 22 spanning tree port mode all 151 11 USING THE WEB INTERFACE 152 11 1 Configuring for Web Access 152 11 1 1 Web Page Layout 152 11 1 2...
Page 12: ...ically install the Switch Section 3 Configuration The section contains the information about the software function of the Switch Section 4 Switch Operation The section contains specifications of the Switch Appendices The section contains cable information of the Switch In the following section terms SWITCH with upper case denotes the WGSW 24000 Ethernet switch Terms with lower case switch means an...
Page 13: ...c multicast filtering support Class of Service or CoS Supports the IEEE 802 1Q Specification for Virtual Bridged Local Area Network Provides a mechanism by which up to eight ports of the same speed can be bundled together to form a port bundle or a trunk group Up to six trunk groups can be established Supports inclusive and exclusive filtering to enable a switch application to filter and classify ...
Page 14: ...MI FCC Class A CE Standard Compliance IEEE802 3 10BASE T IEEE802 3u 100BASE TX 100BASE FX IEEE802 3z Gigabit SX LX IEE802 3ab Gigabit 1000T IEEE802 3x Flow Control and Back pressure IEEE802 3ad Port trunk with LACP IEEE802 1d Spanning tree protocol IIEEE802 1w Rapid spanning tree protocol IEEE802 1p Class of service IEEE802 1Q VLAN Tagging ...
Page 15: ...ritizes applications with WFQ Weighted Fair Queuing scheduling algorithm to allocate more bandwidth to key traffics such as voice transmission empowering the enterprise to take full advantages of the limited network resources and guarantee the best performance PLANET WGSW 24000 offers comprehensive Access Control List ACL for enforcing security to the edge Its protection mechanisms comprised of po...
Page 16: ...work till it is powered If your networks should active all the time please consider using UPS Uninterrupted Power Supply for your device It will prevent you from network data loss or network downtime 2 In some area installing a surge suppression device may also help to protect your switch from being damaged by unregulated surge or current to the Switch or the power adapter 2 2 Install the Switch T...
Page 17: ...reen 2 2 2 Rack Mounting To install the switch in a 19 inch standard rack please follows the instructions described below Step1 Place the switch on a hard flat surface with the front panel positioned towards the front side Step2 Attach the rack mount bracket to each side of the switch with supplied screws attached to the package Figure 2 5 shows how to attach brackets to one side of the switch Fig...
Page 18: ...Figure 2 6 Mounting the Switch in a Rack Step6 Proceeds with the steps 4 and steps 5 of session 2 2 1 Desktop Installation to connect the network cabling and supply power to the switch ...
Page 19: ... or all of the following methods An administration console Web browser interface An external SNMP based network management application The administration console and Web browser interface support are embedded in the switch software and are available for immediate use Each of these management methods has their own advantages Table 3 1 compares the three management methods Method Advantages Disadvan...
Page 20: ...o Chapter 4 Command Line Interface Console Management 3 1 2 Direct Access Direct access to the administration console is achieved by directly connecting a terminal or a PC equipped with a terminal emulation program such as HyperTerminal to the switch console serial port When using this management method a null modem cable is required to connect the switch to the PC After making this connection con...
Page 21: ...ault gets and sets community strings for the switch are public 3 4 Protocols The switch supports the following protocols Virtual terminal protocols such as Telnet Simple Network Management Protocol SNMP 3 4 1 Virtual Terminal Protocols A virtual terminal protocol is a software program such as Telnet that allows you to establish a management session from a Macintosh a PC or a UNIX workstation Becau...
Page 22: ...le are immediately displayable by the other management methods for example SNMP agent of Web browser The management architecture of the switch adheres to the IEEE open standard This compliance assures customers that the switch is compatible with and will interoperate with other solutions that adhere to the same open standard ...
Page 23: ...d name 4 1 1 Command The text in bold non italic font must be typed exactly as shown 4 1 2 Parameters Parameters are order dependent The text in bold italics should be replaced with a name or number To use spaces as part of a name parameter enclose it in double quotes like this System Name with Spaces Parameters may be mandatory values optional values choices or a combination parameter The angle b...
Page 24: ... to configure the port channel 4 1 4 Conventions 1 Network addresses are used to define a link to a remote host workstation or network Network addresses are shown using the following syntax 2 Double quotation marks such as System Name with Spaces set off user defined strings If the operator wishes to use spaces as part of a name parameter then it must be enclosed in double quotation marks 3 Empty ...
Page 25: ...begins with the character is recognized as a comment line and ignored by the parser Some examples are provided below Script file for displaying the ip interface Display information about interfaces show ip interface 0 1 Displays the information about the first interface Display information about the next interface show ip interface 0 2 End of the script file ...
Page 26: ...equire administrator account rights we suggest logging into an administrator account Do not enter a password because there is no password in the default mode Press the enter key two times The CLI User EXEC prompt will be displayed Use enable to switch to the Privileged EXEC mode from User EXEC Use configure to switch to the Global Config mode from Privileged EXEC Use exit to return to the previous...
Page 27: ... Read Only access There can only be one Read Write user and up to five Read Only users show loginsession in User EXEC Displays all of the login session information users passwd username in Global Config Allows the user to set passwords or change passwords needed to login A prompt will appear after the command is entered requesting the users old password In the absence of an old password leave the ...
Page 28: ...Default IP is 0 0 0 0 Subnet Mask IP Subnet Mask for the interface Default is 0 0 0 0 Default Gateway The default Gateway for this interface Default value is 0 0 0 0 Burned in MAC Address The Burned in MAC Address used for in band connectivity Locally Administered MAC Address Can be configured to allow a locally administered MAC address MAC Address Type Specifies which MAC address should be used f...
Page 29: ...the file is going to be received by the PC Table 5 4 Quick Start up Uploading from Switch to Out of Band PC XMODEM Quick Start up Downloading from Out of Band PC to Switch Only XMODEM Command Details copy url nvram startup config system image Sets the destination download data type to be an image system image or a configuration file nvram startup config The URL must be specified as xmodem filepath...
Page 30: ...t up Factory Defaults Command Details clear config Enter yes when the prompt pops up to clear all the configurations made to the switch copy system running config nvram startup config Enter yes when the prompt pops up that asks if you want to save the configurations made to the switch reload OR Cold Boot the Switch Enter yes when the prompt pops up that asks if you want to reset the system This is...
Page 31: ...mode Command Mode Access Method Prompt Exit or Access Next Mode User Exec Mode This is the first level of access Perform basic tasks and list system information Switching Enter Logout command Privileged Exec Mode From the User Exec Mode enter the enable command Switching To exit this mode enter exit or press Ctrl Z VLAN Mode From the Privileged User Exec mode enter the vlan database command Switch...
Page 32: ...d Switching Config policy map To exit to the Global Config mode enter exit To return to user EXEC mode enter ctrl Z Policy Class Mode From the Policy Map mode enter the class map existed class name command Switching Config policy classmap To exit to Policy Map mode enter exit To return to User Exec mode enter ctrl Z Class Map Mode From the Global Config mode enter the class map command Switching C...
Page 33: ... CLI is divided into various modes The Commands in one mode are not available until the operator switches to that particular mode with the exception of the User Exec mode commands The User Exec mode commands may also be executed in the Privileged Exec mode The commands available to the operator at any point in time depend upon the mode Entering a question mark at the CLI prompt displays a list of ...
Page 34: ...hysical Port Configuration mode the Interface Configuration mode or the Protocol Specific modes specified below The command prompt at this level is Command Prompt Switching Config From the Global Config mode the operator may enter the following configuration modes Interface Config Mode Many features are enabled for a particular interface The Interface commands enable or modify the operation of an ...
Page 35: ...onfiguration mode to configure QoS class maps Switching Config class map class map name Command Prompt Switching Config class 6 3 Flow of Operation This section captures the flow of operation for the CLI 1 The operator logs into the CLI session and enters the User Exec mode In the User Exec mode the exec prompt is displayed on the screen The parsing process is initiated whenever the operator types...
Page 36: ...ameters entered by the operator 6 4 No Form of a Command No is a specific form of an existing command and does not represent a new or distinct command Only the configuration commands are available in the no form The behavior and the support details of the no form is captured as part of the mapping sheets 6 4 1 Support for No Form Almost every configuration command has a no form In general use the ...
Page 37: ...case when the no token is not specified as in interface and inte ...
Page 38: ... Security commands System utilities 7 1 System Information and Statistics Commands 7 1 1 show arp switch This command displays connectivity between the switch and other devices The Address Resolution Protocol ARP cache identifies the MAC addresses of the IP stations communicating with the switch Format show arp switch Mode Privileged EXEC MAC Address A unicast MAC address for which the switch has ...
Page 39: ...rently running on the switch Operating System The operating system currently running on the switch Network Processing Element The type of the processor microcode Additional Packages This displays the additional packages that are incorporated into this system such as BGP 4 or Multicast 7 1 4 show interface This command displays a summary of statistics for a specific port or a count of all CPU traff...
Page 40: ...ckets that higher level protocols requested to be transmitted to the Broadcast address including those that were discarded or not sent Transmit Packet Errors The number of outbound packets that could not be transmitted because of errors Address Entries Currently In Use The total number of Forwarding Database Address Table entries now active on the switch including learned and static entries VLAN E...
Page 41: ...including bad packets received that were between 512 and 1023 octets in length inclusive excluding framing bits but including FCS octets Packets Received 1024 1518 Octets The total number of packets including bad packets received that were between 1024 and 1518 octets in length inclusive excluding framing bits but including FCS octets Packets Received 1519 1522 Octets The total number of packets i...
Page 42: ...umber of octets Overruns The total number of frames discarded as this port was overloaded with incoming packets and could not keep up with the inflow Received Packets not forwarded 802 3x Pause Frames Received A count of MAC Control frames received on this interface with an opcode indicating the PAUSE operation This counter does not increment when the interface is operating in half duplex mode Una...
Page 43: ...ransmitted 256 511 Octets The total number of packets including bad packets received that were between 256 and 511 octets in length inclusive excluding framing bits but including FCS octets Packets Transmitted 512 1023 Octets The total number of packets including bad packets received that were between 512 and 1023 octets in length inclusive excluding framing bits but including FCS octets Packets T...
Page 44: ...es on a particular interface for which transmission is inhibited by more than one collision Excessive Collisions A count of frames for which transmission on a particular interface fails due to excessive collisions Port Membership The number of frames discarded on egress for this port due to egress filtering being enabled VLAN Viable Discards The number of frames discarded on this port when a looku...
Page 45: ... processor excluding framing bits but including FCS octets Total Packets Received Without Error The total number of packets including broadcast packets and multicast packets received by the processor Unicast Packets Received The number of subnetwork unicast packets delivered to a higher layer protocol Multicast Packets Received The total number of packets received that were directed to a multicast...
Page 46: ...The number of presently active VLAN entries on this switch that have been created statically Dynamic VLAN Entries The number of presently active VLAN entries on this switch that have been created by GVRP registration VLAN Deletes The number of VLANs on this switch that have been created and then deleted since the last reboot Time Since Counters Last Cleared The elapsed time in days hours minutes a...
Page 47: ...earned Learned The value of the corresponding instance was learned by observing the source MAC addresses of incoming traffic and is currently in use Management The value of the corresponding instance system MAC address is also the value of an existing instance of dot1dStaticAddress It is identified with interface 0 1 and is currently used when enabling VLANs for routing Self The value of the corre...
Page 48: ...urs and minutes since the last switch reboot MIBs Supported A list of MIBs supported by this agent 7 1 11 snmp server This command sets the name and the physical location of the switch and the organization responsible for the network The range for name location and contact is from 1 to 31 alphanumeric characters Default None Format snmp server sysname name location loc contact con Mode Global Conf...
Page 49: ... Privileged EXEC and User EXEC 7 3 3 vlan port priority all This command configures the port priority assigned for untagged packets for all ports presently plugged into the device The range for the priority is 0 7 Any subsequent per port configuration will override this configuration setting Format vlan port priority all priority Mode Global Config 7 3 4 vlan priority This command configures the d...
Page 50: ...articipating in this port channel 7 5 Management Commands These commands manage the switch and show current management settings 7 5 1 bridge aging time This command configures the forwarding database address aging timeout in seconds In an IVL system the fdbid all parameter is required Default 300 Format bridge aging time 10 1 000 000 fdbid all Mode Global Config Seconds The seconds parameter must ...
Page 51: ...annot view the Java applet Default Enabled Format network javamode Mode Privileged EXEC 7 5 3 1 no network javamode This command disallows access to the Java applet in the header frame of the Web interface When access is disabled the user cannot view the Java applet Format no network javamode Mode Privileged EXEC 7 5 4 network mac address This command sets locally administered MAC addresses The fo...
Page 52: ...guration protocol to be used If you modify this value change is effective immediately Default None Format network protocol none bootp dhcp where bootp indicates that the switch periodically sends requests to a Bootstrap Protocol BootP server or a dhcp server until a response is received none indicates that the switch should be manually configured with IP information Mode Privileged EXEC 7 5 8 remo...
Page 53: ... minutes to the default Note Changing the timeout value for active sessions does not become effective until the session is reaccessed Any keystroke will also activate the new timeout duration Default 5 Format no remotecon timeout Mode Privileged EXEC 7 5 10 serial baudrate This command specifies the communication rate of the terminal interface The supported rates are 1200 2400 4800 9600 19200 3840...
Page 54: ...orwarding database ID in an IVL system Agetime Displays the address aging timeout for the associated forwarding database in IVL 5 7 14 show network This command displays configuration settings associated with the switch s network interface The network interface is the logical interface used for in band connectivity with the switch via any of the switch s front panel ports The configuration paramet...
Page 55: ...he management VLAN ID 7 5 15 show remotecon This command displays telnet settings Format show remotecon Mode Privileged EXEC and User EXEC Remote Connection Login Timeout minutes This object indicates the number of minutes a remote connection session is allowed to remain inactive before being logged off A zero means there will be no timeout This may be specified as a number from 0 to 160 The facto...
Page 56: ...ated community The requesting entity s IP address is ANDed with the Subnet Mask before being compared to the IP Address Note that if the Subnet Mask is set to 0 0 0 0 an IP Address of 0 0 0 0 matches all IP addresses The default value is 0 0 0 0 Client IP Mask A mask to be ANDed with the requesting entity s IP address before comparison with IP Address If the result matches with IP Address then the...
Page 57: ...ent Multiple Users Flag Multiple Users Flag May be enabled or disabled The factory default is enabled Indicates whether a trap will be sent when the same user ID is logged into the switch more than once at the same time either via telnet or serial port Spanning Tree Flag May be enabled or disabled The factory default is enabled Indicates whether spanning tree traps will be sent Broadcast Storm Fla...
Page 58: ...cess the device A value of 0 0 0 0 allows access from any IP address Otherwise this value is ANDed with the mask to determine the range of allowed client IP addresses The name is the applicable community name Default 0 0 0 0 Format snmp server community ipaddr ipaddr name Mode Global Config 7 5 21 1 no snmp server community ipaddr This command sets a client IP address for an SNMP community to 0 0 ...
Page 59: ...ivate and public communities are enabled by default The four undefined communities are disabled by default Format snmp server community mode name Mode Global Config 7 5 23 1 no snmp server community mode This command deactivates an SNMP community If the community is disabled no SNMP requests using this community are accepted In this case the SNMP manager associated with this community cannot manag...
Page 60: ...y mode setting associated with the port is enabled Format no snmp server enable traps bcaststorm Mode Global Config 7 5 28 snmp server enable traps linkmode This command enables Link Up Down traps for the entire switch When enabled link traps are sent only if the Link Trap flag setting associated with the port is enabled see snmp trap link status command Default Enabled Format snmp server enable t...
Page 61: ...tpmode Mode Global Config 7 5 31 snmptrap This command adds an SNMP trap name The maximum length of name is 16 case sensitive alphanumeric characters Default The default name for the six undefined community names is Delete Format snmptrap name ipaddr Mode Global Config 7 5 31 1 no snmptrap This command deletes trap receivers for a community Format no snmptrap name ipaddr Mode Global Config 7 5 32 ...
Page 62: ...blished until there are no more sessions available If sessions are disabled no new telnet sessions are established An established session remains active until the session is ended or an abnormal network error ends it Default Enabled Format telnet Mode Privileged EXEC 7 5 34 1 no telnet This command disables telnet sessions If sessions are disabled no new telnet sessions are established Format no t...
Page 63: ...isting port channel LAG from the configuration The interface is a logical slot and port for a configured port channel The all option removes all configured port channels LAGs Format delete interface logical slot port all ModeInterface Config 7 6 5 deleteport This command deletes the port from the port channel LAG The interface is a logical slot and port number of a configured port channel Format d...
Page 64: ... in the format of b1 b2 b3 b4 b5 b6 The vlanid parameter must identify a valid VLAN Format macfilter adddest macaddr vlanid Mode Interface Config 7 6 7 1 no macfilter adddest This command removes a port from the destination filter set for the MAC filter with the given macaddr and VLAN of vlanid The macaddr parameter must be specified as a 6 byte hexadecimal number in the format of b1 b2 b3 b4 b5 b...
Page 65: ...with the MAC address of macaddr and VLAN of vlanid The macaddr parameter must be specified as a 6 byte hexadecimal number in the format of b1 b2 b3 b4 b5 b6 The vlanid parameter must identify a valid VLAN Format no macfilter addsrc macaddr vlanid Mode Interface Config 7 6 10 macfilter addsrc all This command adds all interfaces to the source filter set for the MAC filter with the MAC addressf maca...
Page 66: ...sion Mode Global Config 7 6 12 monitor session mode This command configures the monitor session port monitoring mode to enable The probe and monitored ports must be configured before monitor session port monitoring can be enabled If enabled the probe port will monitor all traffic received and transmitted on the physical monitored port It is not necessary to disable port monitoring before modifying...
Page 67: ... This command enables a port channel LAG The interface is a logical slot and port for a configured port channel The option all sets every configured port channel with the same administrative mode setting Format port channel adminmode logical slot port all Mode Global Config 7 6 16 1 no port channel adminmode This command disables a port channel LAG The interface is a logical slot and port for a co...
Page 68: ...ogical slot port all name Mode Global Config 7 6 19 protocol group This command attaches a vlanid to the protocol based VLAN identified by groupid A group may only be associated with one VLAN at a time however the VLAN association can be changed Default none Format protocol group groupid vlanid Mode VLAN database 7 6 19 1 no protocol group This command removes the vlanid from this protocol based V...
Page 69: ...will not be added to the group Default none Format protocol vlan group all groupid Mode Global Config 7 6 21 1 no protocol vlan group all This command removes all interfaces from this protocol based VLAN group that is identified by this groupid Format no protocol vlan group all groupid Mode Global Config 7 6 22 set garp timer join This command sets the GVRP join time per port and per GARP Join tim...
Page 70: ...ts the GVRP leave time per port Leave time is the time to wait after receiving an unregister request for a VLAN or a multicast group before deleting the VLAN entry This can be considered a buffer time for another station to assert registration for the same attribute in order to maintain uninterrupted service time is 20 to 600 centiseconds Note This command has an effect only when GVRP is enabled D...
Page 71: ...registered Participants would need to rejoin in order to maintain registration The value applies per port and per GARP participation The time may range from 200 to 6000 centiseconds Note This command has an effect only when GVRP is enabled Default 1000 centiseconds 10 seconds Format set garp timer leaveall 200 6000 ModeInterface Config 7 6 26 1 no set garp timer leaveall This command sets how freq...
Page 72: ...vileged EXEC 7 6 28 1 no set gmrp adminmode This command disables GARP Multicast Registration Protocol GMRP on the system Format no set gmrp adminmode Mode Privileged EXEC 7 6 29 set gmrp interfacemode This command enables GARP Multicast Registration Protocol on a selected interface If an interface which has GARP enabled is enabled for routing or is enlisted as a member of a port channel LAG GARP ...
Page 73: ... that interface GARP functionality will subsequently be re enabled if routing is disabled and portchannel LAG membership is removed from an interface that has GARP enabled Default Disabled Format set gmrp interfacemode all Mode Global Config 7 6 30 1 no set gmrp interfacemode all This command disables GARP Multicast Registration Protocol on a selected interface Format no set gmrp interfacemode all...
Page 74: ...ig 7 6 34 show description This command displays the port description information for one or all interfaces Format show description slot port all Mode Privileged EXEC and User EXEC 7 6 35 show garp This command displays Generic Attributes Registration Protocol GARP information Format show garp Mode Privileged EXEC and User EXEC GMRP Admin Mode This displays the administrative mode of GARP Multicas...
Page 75: ...e All Period Timer is set to a random value in the range of LeaveAllTime to 1 5 LeaveAllTime Permissible values are 200 to 6000 centiseconds 2 to 60 seconds The factory default is 1000 centiseconds 10 seconds The finest granularity of specification is 1 centisecond 0 01 seconds Port GMRP Mode Indicates the GMRP administrative mode for the port It may be enabled or disabled If this parameter is dis...
Page 76: ...ort GVRP Mode Indicates the GVRP administrative mode for the port It may be enabled or disabled If this parameter is disabled Join Time Leave Time and Leave All Time have no effect The factory default is disabled 7 6 38 show igmpsnooping This command displays IGMP Snooping information Configured information is displayed whether or not IGMP Snooping is enabled Status information is only displayed w...
Page 77: ...iltering information The format is 6 or 8 two digit hexadecimal numbers that are separated by colons for example 01 23 45 67 89 AB In an IVL system the MAC address will be displayed as 8 bytes Type This displays the type of the entry Static entries are those that are configured by the end user Dynamic entries are added to the table as a result of a learning process or protocol Description The text...
Page 78: ...LAN ID of the static MAC filter entry Source Port s Indicates the source port filter set s slot and port s Destination Port s Indicates the destination port filter set s slot and port s 7 6 43 show mac address table staticfiltering This command displays the Static Filtering entries in the Multicast Forwarding Database MFDB table Format show mac address table staticfiltering Mode Privileged EXEC Ma...
Page 79: ... port slot port all Mode Privileged EXEC slot port The physical slot and physical port Type If not blank this field indicates that this port is a special type of port The possible values are Mon this port is a monitoring port Look at the Port Monitoring screens to find out more information Lag this port is a member of a port channel LAG Probe this port is a probe port Admin Mode Selects the Port c...
Page 80: ...t channel LAG You may enter any string of up to 15 alphanumeric characters Link State Indicates whether the Link is up or down Admin Mode May be enabled or disabled The factory default is enabled Link Trap Mode This object determines whether or not to send a trap when link status changes The factory default is enabled STP Mode The Spanning Tree Protocol Administrative Mode associated with the port...
Page 81: ...s line It is possible to set the parameters for all ports by using the selectors on the top line Current Determines the degree of participation of this port in this VLAN The permissible values are Include This port is always a member of this VLAN This is equivalent to registration fixed in the IEEE 802 1Q standard Exclude This port is never a member of this VLAN This is equivalent to registration ...
Page 82: ...ters for all ports by using the selectors on the top line Port VLAN ID The VLAN ID that this port will assign to untagged frames or priority tagged frames received on this port The value must be for an existing VLAN The factory default is 1 Acceptable Frame Types Specifies the types of frames that may be received on this port The options are VLAN only and Admit All When set to VLAN only untagged f...
Page 83: ...g 7 6 55 snmp trap link status This command enables link status traps by interface Note This command is valid only when the Link Up Down Flag is enabled See snmpserverenable traps linkmode command Format snmp trap link status Mode Interface Config 7 6 55 1 no snmp trap link status This command disables link status traps by interface Note This command is valid only when the Link Up Down Flag is ena...
Page 84: ...ll option sets all configured port channels LAGs with the same option Format spanning tree logical slot port all off 802 1d fast ModeGlobal Config The mode is one of the following 802 1d IEEE 802 1D compliant STP mode is used fast Fast STP mode is used off STP is turned off 7 6 58 spanning tree bpdumigrationcheck This command enables BPDU migration check on a given interface The all option enables...
Page 85: ...l Config Acceptable values are 100h 100BASE T half duplex 100f 100BASE T full duplex 10h 10BASE T half duplex 10f 100BASE T full duplex 7 6 62 storm control broadcast This command enables broadcast storm recovery mode If the mode is enabled broadcast storm recovery with high and low thresholds is implemented The threshold implementation follows a percentage pattern If the broadcast traffic on any ...
Page 86: ...ry Thresholds table Format no storm control broadcast Mode Global Config Link Speed High Low 10M 20 10 100M 5 2 1000M 5 2 7 6 63 storm control flowcontrol This command enables 802 3x flow control for the switch Note This command only applies to full duplex mode ports Default Disabled Format storm control flowcontrol Mode Global Config 7 6 63 1 no storm control flowcontrol This command disables 802...
Page 87: ... per interface to Admit All For Admit All mode untagged frames or priority frames received on this interface are accepted and assigned the value of the interface VLAN ID for this port With either option VLAN tagged frames are forwarded in accordance with the IEEE 802 1Q VLAN Specification Format vlan acceptframe vlanonly all Mode Interface Config 7 6 66 vlan ingressfilter This command enables ingr...
Page 88: ...094 Format no vlan name 2 4094 Mode VLAN database 7 6 69 vlan participation This command configures the degree of participation for a specific interface in a VLAN The ID is a valid VLAN identification number and the interface is a valid interface number Format vlan participation exclude include auto 1 4094 Mode Interface Config Participation options are include The interface is always a member of ...
Page 89: ... All Format vlan port acceptframe all vlanonly all Mode Global Config 7 6 71 1 no vlan port acceptframe all This command sets the frame acceptance mode for all interfaces to Admit All For Admit All mode untagged frames or priority frames received on this interface are accepted and assigned the value of the interface VLAN ID for this port With either option VLAN tagged frames are forwarded in accor...
Page 90: ...ing all 1 4094 Mode Global Config 7 6 74 1 no vlan port tagging all This command configures the tagging behavior for all interfaces in a VLAN to disabled If tagging is disabled traffic is transmitted as untagged frames The ID is a valid VLAN identification number Format no vlan port tagging all 1 4094 Mode Global Config 7 6 75 vlan protocol group This command adds protocol based VLAN group to the ...
Page 91: ...move This command removes the protocol based VLAN group that is identified by this groupid Format vlan protocol group remove groupid Mode Global Config 7 6 78 vlan pvid This command changes the VLAN ID per interface Default 1 Format vlan pvid 1 4094 Mode Interface Config 7 6 78 1 no vlan pvid This command sets the VLAN ID per interface to 1 Format no vlan pvid 1 4094 Mode Interface Config 7 6 79 v...
Page 92: ...P address of the telnet client machine or EIA 232 for the serial port connection Idle Time Time this session has been idle Session Time Total time this session has been connected 7 7 3 show users This command displays the configured user names and their settings This command is only available for users with readwrite privileges The SNMPv3 fields will only be displayed if SNMP is available on the s...
Page 93: ...s as well as the dash and underscore _ The username is not case sensitive Six user names can be defined Format users name username Mode Global Config 7 7 4 1 no users name This command removes an operator Format no users name username Mode Global Config Note The admin user account cannot be deleted 7 7 5 users passwd This command is used to change a password The password should not be more than ei...
Page 94: ...login user The valid authentication protocols are none md5 or sha If md5 or sha are specified the user login password is also used as the snmpv3 authentication password and therefore must be at least eight characters in length The username is the login user name associated with the authentication protocol Default no authentication Format users snmpv3 authentication username none md5 sha Mode Globa...
Page 95: ...ion describes system utilities 7 8 1 clear config This command resets the configuration to the factory defaults without powering off the switch The switch is automatically reset when this command is processed You are prompted to confirm that the reset should proceed Format clear config Mode Privileged EXEC 7 8 2 clear counters This command clears the stats for a specified slot port or for all the ...
Page 96: ...ig error log nvram errorlog message log nvram msglog and trap log nvram traplog A URL is specified for the destination The command can also be used to download the startup configuration or code image by specifying the source as a URL and destination as nvram startup config or system image respectively The command can be used to the save the running configuration to nvram by specifying the source a...
Page 97: ...for network in band connection The source and target devices must have the ping utility enabled and running on top of TCP IP The switch can be pinged from any IP workstation with which the switch is connected through the default VLAN VLAN 1 as long as there is a physical path between the switch and the workstation The terminal interface sends three pings to the target station Format ping ipaddr Mo...
Page 98: ...esslistnumber Mode Privileged EXEC and User EXEC Rule Number This displays the number identifier for each rule that is defined for the ACL Action This displays the action associated with each rule The possible values are Permit or Deny Protocol This displays the protocol to filter for this rule Source IP Address This displays the source IP address for this rule Source IP Mask This field displays t...
Page 99: ...f these values translates into its equivalent port number which is used as both the start and end of a port range The command specifies a destination ipaddress and destination mask for match condition of the ACL rule specified by the dstip and dstmask parameters The command specifies the TOS for an ACL rule depending on a match of precedence or DSCP values using the parameters tos tosmask dscp Def...
Page 100: ...hat policy is found Note that the type of class all any or acl has a bearing on the validity of match criteria specified when defining the class A class type of any processes its match rules in an ordered sequence additional rules specified for such a class simply extend this list A class type of acl obtains its rule list by interpreting each ACL rule definition at the time the Diffserv class is c...
Page 101: ...n be changed but it is not activated When enabled Diffserv services are activated Format diffserv Mode Global Config 8 3 1 1 no diffserv This command sets the DiffServ operational mode to inactive While disabled the DiffServ configuration is retained and can be changed but it is not activated When enabled Diffserv services are activated Format no diffserv Mode Global Config 8 4 Class Commands The ...
Page 102: ...id ACL number range A match access group class type copies its set of match criteria from the current rule definition of the specified ACL number All elements of a single ACL Rule are treated by DiffServ as a grouped set similar to class type all For any class at least one class match condition must be specified for the class to be considered valid Note The class match conditions are obtained from...
Page 103: ...ose match conditions are being referenced by the specified class definition Note There is no not option for this match command Default None Format match class map refclassname Mode Class Map Config Restrictions The class types of both classname and refclassname must be identical i e any vs any or all vs all A class type of acl is not supported by this command Cannot specify refclassname the same a...
Page 104: ... what is specified here Default None Format match not destination address mac macaddr macmask Mode Class Map Config 8 4 6 match dstip This command adds to the specified class definition a match condition based on the destination IP address of a packet The ipaddr parameter specifies an IP address The ipmask parameter specifies an IP address bit mask note that although similar to a standard subnet m...
Page 105: ...ere The dscpval value is specified as either an integer from 0 to 63 or symbolically through one of the following keywords af11 af12 af13 af21 af22 af23 af31 af32 af33 af41 af42 af43 be cs0 cs1 cs2 cs3 cs4 cs5 cs6 cs7 ef Note The ip dscp ip precedence and ip tos match conditions are alternative ways to specify a match criterion for the same Service Type field in the IP header but with a slightly d...
Page 106: ...ify a match criterion for the same Service Type field in the IP header but with a slightly different user notation Note In essence this the free form version of the IP DSCP Precedence TOS match specification in that the user has complete control of specifying which bits of the IP Service Type field are checked Default None Format match not ip tos tosbits tosmask Mode Class Map Config 8 4 11 match ...
Page 107: ...et mask this bit mask need not be contiguous The optional not parameter has the effect of negating this match condition for the class i e match all source IP addresses except for what is specified here Default None Format match not srcip ipaddr ipmask Mode Class Map Config 8 4 14 match srcl4port This command adds to the specified class definition a match condition based on the source layer 4 port ...
Page 108: ...dwidth and queue depth management requirements of service levels EF AF etc The policy commands are used to associate a traffic class which was defined by the class command set with one or more QoS policy attributes This association is then assigned to an interface in a particular direction to form a service The user specifies the policy name when the policy is created The DiffServ CLI does not nec...
Page 109: ...s already in service on one or more interfaces Policy Type Out Incompatibilities Expedite all forms 8 5 2 bandwidth percent This command identifies a minimum amount of bandwidth to be reserved for the specified class instance within the named policy using a relative rate notation The committed information rate is specified as a percentage of total link capacity and is an integer from 1 to 100 Note...
Page 110: ... to be reserved for the specified class instance within the named policy using an absolute rate notation The committed information rate is specified in kilobits per second Kbps and is an integer from 1 to 4294967295 The optional committed burst size is specified in kilobytes KB as an integer from 1 to 128 with a default of 4 Note The actual bandwidth allocation does not occur until the policy is a...
Page 111: ... bandwidth of the interface to which that policy is assigned Violation of this requirement shall prevent successful attachment of a policy to the interface or shall cause this command to fail if the policy is already in service on one or more interfaces Policy Type Out Incompatibilities Bandwidth all forms Shape Peak 8 5 6 mark ip dscp This command marks all packets for the associated traffic stre...
Page 112: ...allowed for a given class instance in a particular policy Policy Type In Incompatibilities Mark IP DSCP Mark IP Precedence 8 5 9 police single rate This command is used to establish the traffic policing style for the specified class The single rate form of the police command uses a single data rate and two burst sizes resulting in three outcomes conform exceed and violate The conforming data rate ...
Page 113: ...qual to or greater than the conforming data rate For each outcome the only possible actions are drop set dscp transmit set prec transmit or transmit In this two rate form of the police command the conform action defaults to send the exceed action defaults to drop and the violate action defaults to drop These actions can be set with this command once the style has been configured For set dscp trans...
Page 114: ...y identifying the policy Format policy map rename policyname newpolicyname Mode Global Config 8 5 13 randomdrop This command changes the active queue depth management scheme from the default tail drop to RED The first two data parameters are the average queue depth minimum and maximum threshold values specified in bytes The minimum threshold is an integer from 1 to 250000 The maximum threshold is ...
Page 115: ...nfig Restrictions This shaping rate must not exceed the maximum link data rate of the interface to which the policy is applied Policy Type Out 8 5 15 shape bps peak This command is used to establish peak rate traffic shaping for the specified class which allows transmissions for the class to exceed the committed information rate by sending excess traffic with the understanding that it could be dro...
Page 116: ...ction Note that this command causes a service to create a reference to the policy Note This command effectively enables DiffServ on an interface in a particular direction There is no separate interface administrative mode command for DiffServ Note This command shall fail if any attributes within the policy definition exceed the capabilities of the interface Once a policy is successfully attached t...
Page 117: ...pe The class type all any or acl indicating how the match criteria are evaluated for this class A class type of all means every match criterion defined for the class is evaluated simultaneously they must all be true to indicate a class match For a type of any each match criterion is evaluated sequentially and only one need be true to indicate a class match Class type acl rules are evaluated in a h...
Page 118: ... the current administrative mode setting as well as the current and maximum number of rows in each of the main DiffServ private MIB tables This command takes no options Format show diffserv Mode Privileged EXEC DiffServ Admin mode The current value of the DiffServ administrative mode Class Table Size The current number of entries rows in the Class Table Class Table Max The maximum allowed entries ...
Page 119: ...tted rate used in simple policing single rate policing and two rate policing Committed Burst Size KB This field displays the committed burst size used in simple policing single rate policing and two rate policing Excess Burst Size KB This field displays the excess burst size used in single rate policing Peak Rate Kbps This field displays the peak rate used in two rate policing Peak Burst Size KB T...
Page 120: ... is not RED Random Drop Maximum Threshold This field displays the RED maximum threshold This is not displayed if the queue depth management scheme is not RED Random Drop Maximum Drop Probability This field displays the RED maximum drop probability This is not displayed if the queue depth management scheme is not RED Random Drop Sampling Rate This field displays the RED sampling rate This is not di...
Page 121: ...r interface and direction only those interfaces configured with an attached policy are shown Interface The slot number and port number of the interface slot port Direction The traffic direction of this interface service either in or out OperStatus The current operational status of this DiffServ service interface Policy Name The name of the policy attached to the interface in the indicated directio...
Page 122: ...ping These counts are only applicable for a class instance whose policy attributes includes random dropping and may not be supported on all platforms Only displayed for the out direction Shape Delayed Octets Packets A count of the octets packets that were delayed due to traffic shaping These counts are only applicable for a class instance whose policy attributes includes shaping and may not be sup...
Page 123: ...ing or routing function or an outbound link transmission element These are overall per interface per direction counts Policy Name The name of the policy attached to the interface Note None of the counters listed here are guaranteed to be supported on all platforms Only supported counters are shown in the display output 8 8 Rate Limiting Commands 8 8 1 rate limiting This command is used to set the ...
Page 124: ... Mode Privileged EXEC and User EXEC ...
Page 125: ...ed ID and password are used for authentication The value of radius indicates that the user s ID and password will be authenticated using the RADIUS server The value of reject indicates that the user is never authenticated To authenticate a user the authentication methods in the user s login will be attempted in order until an authentication attempt succeeds or fails Note that the default login lis...
Page 126: ...Mode Global Config 9 1 5 dot1x initialize This command begins the initialization sequence on the specified port This command is only valid if the control mode for the specified port is auto If the control mode is not auto an error will be returned Format dot1x initialize slot port Mode Privileged EXEC 9 1 6 dot1x login This command assigns the specified authentication login list to the specified u...
Page 127: ...rmat dot1x port control force unauthorized force authorized auto Mode Interface Config 9 1 8 1 no dot1x port control This command sets the authentication mode to be used on the specified port to auto Format no dot1x port control Mode Interface Config 9 1 9 dot1x port control All This command sets the authentication mode to be used on all ports The control mode may be one of the following force una...
Page 128: ...mand is used to enable the dot1x authentication support on the switch By default the authentication support is disabled While disabled the dot1x configuration is retained and can be changed but is not activated Default Disabled Format dot1x system auth control Mode Global Config 9 1 12 1 no dot1x system auth control This command is used to disable the dot1x authentication support on the switch For...
Page 129: ...must be a value in the range 1 65535 Default reauth period 3600 seconds quiet period 60 seconds tx period 30 seconds supp timeout 30 seconds server timeout 30 seconds Format dot1x timeout reauth period seconds quiet period seconds tx period seconds supp timeout seconds server timeout seconds Mode Interface Config 9 1 13 1 no dot1x timeout This command sets the value in seconds of the timer used by...
Page 130: ...th 1812 being the default value If the acct token is used the command configures the IP address to use for the RADIUS accounting server Only a single accounting server can be configured If an accounting server is currently configured it must be removed from the configuration using the no form of the command before this command succeeds If the optional port parameter is used the command will config...
Page 131: ...lient The primary server is the one that is used by default for handling RADIUS requests The remaining configured servers are only used if the primary server cannot be reached A maximum of three servers can be configured on each client Only one of these servers can be configured as the primary If a primary server is already configured prior to this command being executed the server specified by th...
Page 132: ... not included then only the accounting mode and the RADIUS accounting server details are displayed Mode Enabled or disabled IP Address The configured IP address of the RADIUS accounting server Port The port in use by the RADIUS accounting server Secret Configured Yes or No If the optional token statistics ipaddr is included the statistics for the configured RADIUS accounting server are displayed T...
Page 133: ...lists Format show authentication Mode Privileged EXEC Authentication Login List This displays the authentication login listname Method 1 This displays the first method in the specified authentication login list if any Method 2 This displays the second method in the specified authentication login list if any Method 3 This displays the third method in the specified authentication login list if any 9...
Page 134: ...access entity PAE functionality of this port Possible values are Authenticator or Supplicant Authenticator PAE State Current state of the authenticator PAE state machine Possible values are Initialize Disconnected Connecting Authenticating Authenticated Aborting Held ForceAuthorized and ForceUnauthorized Backend Authentication State Current state of the backend authentication state machine Possibl...
Page 135: ...mitted by this authenticator EAPOL Start Frames Received The number of EAPOL start frames that have been received by this authenticator EAPOL Logoff Frames Received The number of EAPOL logoff frames that have been received by this authenticator Last EAPOL Frame Version The protocol version number carried in the most recently received EAPOL frame Last EAPOL Frame Source The source MAC address carri...
Page 136: ...ds for request re transmissions Accounting Mode Yes or No If the optional token servers is included the following information regarding the configured RADIUS servers is displayed IP Address IP Address of the configured RADIUS server Port The port in use by this server Type Primary or secondary Secret Configured Yes No 9 1 28 show radius statistics This command is used to display the statistics for...
Page 137: ...packets containing invalid authenticators or signature attributes received from this server Pending Requests The number of RADIUS Access Request packets destined for this server that have not yet timed out or received a response Timeouts The number of authentication timeouts to this server Unknown Types The number of RADIUS packets of unknown types which were received from this server on the authe...
Page 138: ... the interface from all CLI web and telnet sessions will be blocked until the authentication is complete Note that the login list associated with the admin user can not be changed to prevent accidental lockout from the switch Format users login user listname Mode Global Config 9 2 Secure Shell SSH Commands The commands in this section is not supported currently 9 2 1 ip ssh This command is used to...
Page 139: ... the default is port 443 Default 443 Format ip http secure port portid Mode Privileged EXEC 9 3 1 1 no ip http secure port This command is used to reset the sslt port to the default value Format no ip http secure port Mode Privileged EXEC 9 3 2 ip http secure protocol This command is used to set protocol levels versions The protocol level can be set to TLS1 SSL3 or to both TLS1 and SSL3 Default SS...
Page 140: ...enabled Format ip http server Mode Privileged EXEC 9 3 4 1 no ip http server This command disables access to the switch through the Web interface When access is disabled the user cannot login to the switch s Web server Default enabled Format no ip http server Mode Privileged EXEC 9 3 5 show ip http This command displays the http settings for the switch Format show ip http Mode Privileged EXEC Secu...
Page 141: ...id VLAN Format mac lock vlanid macaddr Mode Interface Config 9 4 1 1 no mac lock This command removes the MAC address with the MAC address of macaddr and VLAN of vlanid locked by the specified interface Format mac lock vlanid macaddr Mode Interface Config 9 4 2 show mac lock This command displays the vlan id and mac addresses that are locked at the specified interface for one or all interfaces For...
Page 142: ...in seconds Topology Change Count Number of times changed Topology Change Boolean value of the Topology Change parameter for the switch indicating if a topology change is in progress on any port assigned to the common and internal spanning tree Designated Root Root Path Cost Value of the Root Path Cost parameter for the common and internal spanning tree Root Port Identifier Root Port Max Age Derive...
Page 143: ...ol Bridge Protocol Data Units sent RST BPDUs Received Rapid Spanning Tree Protocol Bridge Protocol Data Units received MSTP BPDUs Transmitted Multiple Spanning Tree Protocol Bridge Protocol Data Units sent MSTP BPDUs Received Multiple Spanning Tree Protocol Bridge Protocol Data Units received 10 1 3 show spanning tree mst detailed This command displays settings and parameters for the specified mul...
Page 144: ...e that offers the lowest cost to the LAN If 0 defined as the default CIST ID is passed as the mstid then this command displays the settings and parameters for a specific switch port within the common and internal spanning tree The slot port is the desired switch port In this case the following are displayed Port Identifier The port identifier for this port within the CST Port Priority The priority...
Page 145: ...ree instance Port Role The role of the specified port within the spanning tree Link Status The operational status of the link Possible values are Up or Down Link Trap The link trap configuration for the specified interface 10 1 6 show spanning tree mst summary This command displays summary information about all multiple spanning tree instances in the switch On execution the following details are d...
Page 146: ...9 spanning tree This command sets the spanning tree operational mode to enabled Default Disabled Format spanning tree Mode Global Config 10 1 9 1 no spanning tree This command sets the spanning tree operational mode to disabled While disabled the spanning tree configuration is retained and can be changed but is not activated Format no spanning tree Mode Global Config 10 1 10 spanning tree configur...
Page 147: ...ort This command specifies that this port is an Edge Port within the common and internal spanning tree This will allow this port to transition to Forwarding State without delay Format spanning tree edgeport Mode Interface Config 10 1 12 1 no spanning tree edgeport This command specifies that this port is not an Edge Port within the common and internal spanning tree Format no spanning tree edgeport...
Page 148: ...value i e 15 Format no spanning tree forward time Mode Global Config 10 1 15 spanning tree hello time This command sets the Hello Time parameter to a new value for the common and internal spanning tree The hellotime value is in whole seconds within a range of 1 to 10 with the value being less than or equal to Bridge Max Age 2 1 Default 2 Format spanning tree hello time 1 10 Mode Global Config 10 1...
Page 149: ...iority for this port within a specific multiple spanning tree instance or the common and internal spanning tree instance depending on the mstid parameter The port priority value is a number in the range of 0 to 240 in increments of 16 Default cost auto port priorty 128 Format spanning tree mst mstid cost 1 200000000 auto port priority 0 240 Mode Interface Config 10 1 17 1 no spanning tree mst This...
Page 150: ...nstance mstid is a number that corresponds to the desired existing multiple spanning tree instance The priority value is a number within a range of 0 to 61440 in increments of 4096 If 0 defined as the default CIST ID is passed as the mstid then this command sets the Bridge Priority parameter to a new value for the common and internal spanning tree The bridge priority value again is a number within...
Page 151: ...d existing multiple spanning tree instance The vlanid corresponds to an existing VLAN ID Format no spanning tree mst vlan mstid vlanid Mode Global Config 10 1 21 spanning tree port mode This command sets the Administrative Switch Port State for this port to enabled Default Disabled Format spanning tree port mode Mode Interface Config 10 1 21 1 no spanning tree port mode This command sets the Admin...
Page 152: ...o on To terminate the Web login session close the web browser There are several differences between the Web and terminal interfaces For example on the Web interface the entire forwarding database can be displayed and the terminal interface only displays 10 entries starting at specified addresses 11 1 Configuring for Web Access To enable Web access to the switch 1 Configure the switch for in band c...
Page 153: ...e System Description Menu is displayed in Frame 3 3 Make your selection by clicking on the appropriate item in the navigation tree in Frame 2 11 1 3 Command Buttons The following command buttons are used throughout the Web interface panels for the switch Save Implements and saves the changes you just made Some settings may require you to reset the system in order for them to take effect Refresh Th...
Page 154: ...on address is located according to the information from address table But if the destination address is located at the same port with this packet comes in then this packet will be filtered Thereby increasing the network throughput and availability 12 4 Store and Forward Store and Forward is one type of packet forwarding techniques A Store and Forward Ethernet Switching stores the incoming frame in...
Page 155: ...n Auto negotiation This technology automatically sets the best possible bandwidth when a connection is established with another network device usually at Power On or Reset This is done by detect the modes and speeds at the second of both device is connected and capable of both 10Base T and 100Base TX devices can connect with the port in either Half or Full Duplex mode If attached device is 100Base...
Page 156: ...ort Solution Please check the VLAN settings trunk settings or port enabled disabled status Performance is bad Solution Check the full duplex status of the Ethernet Switch If the Ethernet Switch is set to full duplex and the partner is set to half duplex then the performance will be poor Please also check the in out rate of the port Why the Switch doesn t connect to the network Solution Check the L...
Page 157: ...rnet Switch to another switch a bridge or a hub a straight or crossover cable is necessary Each port of the Switch supports auto MDI MDI X detection That means you can directly connect the Switch to any Ethernet devices without making a crossover cable The following table and diagram show the standard RJ 45 receptacle connector and their pin assignments RJ 45 Connector pin assignment Contact MDI M...
Page 158: ...en 7 White Brown 8 Brown 1 White Orange 2 Orange 3 White Green 4 Blue 5 White Blue 6 Green 7 White Brown 8 Brown Straight Cable SIDE 1 SIDE2 SIDE 1 1 2 3 4 5 6 7 8 1 2 3 4 5 6 7 8 SIDE 2 1 White Orange 2 Orange 3 White Green 4 Blue 5 White Blue 6 Green 7 White Brown 8 Brown 1 White Orange 2 Green 3 White Orange 4 Blue 5 White Blue 6 Orange 7 White Brown 8 Brown Figure A 1 Straight Through and Cros...
