Allied Telesis AT-8100L/8POE Скачать руководство пользователя страница 232 | Manualshive

Страница: 232 / 330

background image

Chapter 20: Access Control Lists (ACL)

232

Overview

Access Control Lists (ACLs) act as filters to control the ingress packets on
ports. They are commonly used to restrict the types of packets that ports
accept to increase port security and create physical links dedicated to
carrying specific types of traffic. For instance, you can configure ACLs to
permit ports to accept only ingress packets that have a specific source IP
address or destination IP address.

You create an ACL first and then assign it to a port. ACLs take effect
immediately when they are assigned to ports. To create an ACL, you
assign filtering criteria to select a type of traffic, assign an action of
dropping the traffic, forwarding the traffic to another port, or copying and
mirroring the traffic to another port. The port filters the ingress traffic and
takes an action based on the ACL that is assigned to the port.

Using the AT-8100 web interface, you can configure two types of ACLs:



IPv4 ACLs



MAC ACLs

IPv4 ACLs use IPv4 addresses as filtering criteria while MAC ACLs use
only MAC addresses as filtering criteria. For IPv4 ACLs, you can specify
TCP or UDP port numbers to filter the traffic. In addition, IPv4 ACLs are
only compatible with IPv4 addresses. They are not compatible with IPv6
addresses.

Classifier

Number Ranges

IPv4 and MAC ACLs are identified by classifier numbers. When you create
an ACL, you must choose the correct classifier number based on which
ACL you want to create. See the IPv4 and MAC ACL classifier number
ranges displayed in Table 9.

Filtering Criteria

ACLs identify packets using filtering criteria. The AT-8100 web interface
offers five criteria:



Source and destination IPv4 addresses



Source and destination MAC addresses



Source and destination TCP ports

Table 9. ACL Classifier Number Ranges

Type of ACL

Classifier Number Range

IPv4 ACLs

3000 - 3699

MAC ACLs

4000 - 4699

«
...
230
231
232
233
234
...
»

Содержание AT-8100L/8POE

Страница 1: ...OE 26 25 26R 25R S2 S1 CONSOLE LINK ACT plus 50 49 50R 49R AT 8100S 48POE S2 S1 CONSOLE LINK ACT plus 2056 S2 S1 CONSOLE LINK ACT AT 8100S 16F8 SC 1 TX RX L A 2 TX RX L A 3 TX RX L A 4 L A TX RX 5 TX...

Страница 2: ...ng University of Posts and Telecommunications All rights reserved Copyright c 2003 by Fabasoft R D Software GmbH Co KG All rights reserved Copyright c 2004 2006 by Internet Systems Consortium Inc ISC...

Страница 3: ...is logo are trademarks of Allied Telesis Incorporated Microsoft and Internet Explorer are registered trademarks of Microsoft Corporation All other product names company names logos or other designatio...

Страница 4: ......

Страница 5: ...Page 33 Logging onto the CLI through the Console Port 33 Checking for the IP Addresses of the Switch in the CLI 34 Adding an IP Address to the Switch in the CLI 34 Checking the Status of HTTP and HTT...

Страница 6: ...t 88 Specifying Direction Type 89 Deleting Port Mirroring Settings 91 Chapter 7 Spanning Tree Protocol on a Port 93 Overview 94 Displaying Port Spanning Tree Protocol Settings 95 Modifying Port Spanni...

Страница 7: ...elines 164 Displaying IGMP Snooping Querier 165 Modifying IGMP Snooping Query Interval 167 Chapter 15 Power Over Ethernet PoE 169 Overview 170 Power Sourcing Equipment PSE 170 Powered Device PD 170 PD...

Страница 8: ...18 Adding an IPv4 Address 219 Changing an IPv4 Address 220 Deleting an IPv4 Address 222 Displaying the IPv6 Interface 223 Adding an IPv6 Address 225 Changing IPv6 Addresses 227 Deleting IPv6 Addresses...

Страница 9: ...ecting LLDP TLVs on a Port 290 Setting a Location Entry for the LLDP MED Location TLV 294 Creating a Civic Location Entry 294 Creating a Coordinate Location 298 Creating an Emergency Location Identifi...

Страница 10: ...Contents 10...

Страница 11: ...gure 23 Port Number 64 Figure 24 Switching Tab with Port Tab 65 Figure 25 Port Configuration Page 65 Figure 26 Port Configuration Modify Page 68 Figure 27 Storm Control List Page 71 Figure 28 Storm Co...

Страница 12: ...Operating Mode 204 Figure 78 Multiple Supplicant Mode 205 Figure 79 802 1x Authentication Page 207 Figure 80 Modify 802 1x Authentication Page 208 Figure 81 Modify 802 1x Authentication Page Expanded...

Страница 13: ...igure 128 Modify LLDP TLV Page 292 Figure 129 Locations Tab 295 Figure 130 LLDP Civic Location Page 295 Figure 131 LLDP Civic Location Page Add 296 Figure 132 LLDP Coordinate Location List Page 298 Fi...

Страница 14: ...Figures 14...

Страница 15: ...his preface contains the following sections Document Conventions on page 16 Where to Find Web based Guides on page 17 Contacting Allied Telesis on page 18 Caution The software described in this docume...

Страница 16: ...s Note Notes provide additional information Caution Cautions inform you that performing or omitting a specific action may result in equipment damage or loss of data Warning Warnings inform you that pe...

Страница 17: ...e User s Guide 17 Where to Find Web based Guides The installation and user guides for all of the Allied Telesis products are available for viewing in portable document format PDF from our web site at...

Страница 18: ...and to contact Allied Telesis experts USA and EMEA phone support Select the phone number that best fits your location and customer type Hardware warranty information Learn about Allied Telesis warran...

Страница 19: ...Browser Interface This chapter describes the types of management sessions using the AT 8100 Series management software and the web interface manager accounts See the following sections Management Sess...

Страница 20: ...d from the factory with an IP address assigned and the web interface HTTP service enabled so that you can start the initial management session through the web interface To start the initial web manage...

Страница 21: ...anager account with a username of manager and the default password of friend Both the username and password are case sensitive This account gives you access to all management modes and commands In the...

Страница 22: ...Chapter 1 AT 8100 Series Version 2 2 5 0 Web Browser Interface 22...

Страница 23: ...ge 25 Logging onto the Switch on page 27 What to Configure First on page 30 Starting a Web Management Session on page 32 Saving Your Changes on page 37 Ending a Web Management Session on page 38 For a...

Страница 24: ...switch shipped from the factory is configured with HTTP service enabled HTTPS Mode Web browser management sessions of the switch conducted in the HTTPS mode are protected against snooping because the...

Страница 25: ...sconnect your PC from a network and let your PC automatically set an IP address in the 169 254 0 0 16 network When a PC is disconnected from a network and no longer connected to a DHCP server Windows...

Страница 26: ...Chapter 2 Starting a Management Session 26 3 Open a web browser on the PC and enter the following http 169 254 1 1 The AT 8100 Login page is displayed as shown in Figure 1 Figure 1 Login Page...

Страница 27: ...b interface the AT 8100 Login page is displayed Enter manager in the User Name field and friend in the Password field as shown in Figure 2 Then click the Login button Figure 2 Login Page with Entries...

Страница 28: ...Time Length of time since the switch was last reset or power cycled in days hours minutes and seconds Note Up Time is displayed on the top right corner of the screen The System section displays the f...

Страница 29: ...ogging Indicates if the remote logging is enabled or disabled on the switch Spanning Tree Indicates if STP RSTP or MSTP is enabled on the switch The default setting is RSTP QoS Indicates if QoS is ena...

Страница 30: ...istance For instructions on how to create additional management accounts see Adding a New User Account on page 52 Assigning a Name to the Switch The switch is easier to identify if you assign it a nam...

Страница 31: ...e switch can have only one IPv6 address Your PC must have an IP address that belongs to the network where the management IP address belongs or have access to the network where the management IP addres...

Страница 32: ...ement Software Command Line Interface User s Guide There are some cases in which you must configure the switch using the CLI to start a web management session The switch does not have an IP address as...

Страница 33: ...n the CLI on page 34 3 Enabling HTTP or HTTPS Service in the CLI on page 35 4 Saving your Changes in the CLI on page 36 Logging onto the CLI through the Console Port To log onto the CLI through the co...

Страница 34: ...ddress to the Switch in the CLI When the switch does not have an IP address assign an IP address and subnet mask to the switch The following example assigns the IP address 192 168 1 2 and the subnet m...

Страница 35: ...e when HTTP is enabled HTTPS is disabled Enabling HTTP or HTTPS Service in the CLI To enable HTTP service on the switch enter the following commands awplus configure terminal awplus config service htt...

Страница 36: ...Starting a Management Session 36 Saving your Changes in the CLI Save your changes to the startup configuration file by entering the following commands awplus copy running config startup config Or awp...

Страница 37: ...guration file When you reboot the switch the information in the running configuration file is lost To save your changes after you reboot the switch do the following 1 Click SAVE Figure 8 shows the SAV...

Страница 38: ...rting a Management Session 38 Ending a Web Management Session To end a web management session select LOGOUT at the top of the web page For an example see the System Contact Information page in Figure...

Страница 39: ...etting the Switch Information on page 48 Managing the Configuration File on page 50 Managing Local User Accounts on page 52 Rebooting a Switch on page 57 Upgrading the Software on page 58 Displaying S...

Страница 40: ...on of this protocol You can configure the management software to obtain the current date and time from a Network Time Protocol NTP or SNTP server located on your network or the Internet SNTP is a simp...

Страница 41: ...rom the System tab hover over System Settings 4 Move the cursor to the right and select Time The System Time Settings page is displayed See Figure 10 Figure 10 System Time Settings Page 5 Select the N...

Страница 42: ...ormat is xxx xxx xxx xxx where xxx is a decimal number from 0 to 255 Note If the local interface on the switch is obtaining its IP address and subnet mask from a DHCP server you can configure the serv...

Страница 43: ...server whenever a change is made to any of the fields on this page 8 Click SAVE to save your changes to the startup configuration file Setting System Time Manually To set the system time manually do...

Страница 44: ...ar Page a Use the arrows at the top of the Calendar to select the month and year b Set the time of day using the following format hh mm ss c Click on the day of the month 7 Click Apply 8 Click SAVE to...

Страница 45: ...encryption key in the CLI interface Then you can enable the SSH server in the web interface To enable Telnet or SSH server on the switch do the following 1 From the home page hover the cursor over the...

Страница 46: ...eck the checkbox to enable the switch to send status and error messages to a remote log server To disable the switch to send messages to a remote log server uncheck the checkbox Server IP Address Ente...

Страница 47: ...following 1 Hover the cursor over the System tab 2 From the System tab hover over System Settings The System Settings tab is displayed See Figure 9 on page 41 3 Move the cursor to the right and selec...

Страница 48: ...forming a configuration procedure on the wrong switch To assign a name contact person and location to the switch perform the following procedure 1 From the home page hover the cursor over the System t...

Страница 49: ...managing the switch The name can be from 1 to 255 characters however only the first 50 characters are displayed on the Dashboard page Spaces and special characters such as dashes and asterisks are all...

Страница 50: ...on page 51 Downloading a Configuration File onto Your PC on page 51 Displaying the Configuration Files To display a list of the configuration files on the switch do the following 1 From the Dashboard...

Страница 51: ...From the System tab drop down menu select Configuration Files For an example of the Configuration Files page See Figure 15 on page 50 3 Click Download next to the file name that you want to download F...

Страница 52: ...er account See the following Adding a New User Account on page 52 Changing a User Password on page 53 Changing the User Privilege on page 54 Deleting a User Account on page 55 The switch also supports...

Страница 53: ...a user level of 15 have unrestricted access to the management software This is the default setting Level 1 Management accounts with a user level of 1 have restricted access to the management software...

Страница 54: ...ot allowed 6 Re enter the new password in the Confirm New Password field 7 Click Set Password 8 Click SAVE to save your changes to the startup configuration file Changing the User Privilege To change...

Страница 55: ...1 have restricted access to the management software Accounts with this level are allowed to view the settings on the switch but not allowed to change them 6 Click Set Privilege 7 Click SAVE to save yo...

Страница 56: ...Basic Switch Parameters 56 Figure 20 User Management Page with Delete User Tab 4 Use the pull down menu to select a user 5 Click Delete User 6 Click SAVE to save your changes to the startup configura...

Страница 57: ...er the System Tab 2 From the System tab drop down menu select Dashboard The Dashboard Page is displayed See Figure 3 on page 28 3 Select Reboot at the bottom of the page A confirmation prompt is displ...

Страница 58: ...owing procedure 1 Open a new browser and enter the following http www alliedtelesis com support software The Allied Telesis Software Download page is displayed 2 Select your hardware product model fro...

Страница 59: ...ashboard Page is displayed See Figure 3 on page 28 Note All unsaved changes are discarded when you upgrade the software on a switch To save your changes to the startup configuration file click SAVE 7...

Страница 60: ...Chapter 3 Basic Switch Parameters 60 Note Upgrading the system software on the switch ends your current web browser management session To continue managing the switch you must log in again...

Страница 61: ...Switch Information on page 48 Version Version number of the AT 8100 software The Services section displays the following information IPv6 Management Indicates if IPv6 Management is enabled or disable...

Страница 62: ...d on the switch The Administration Options section displays the following information System Upgrade Click this link to go to the System Upgrade page to upgrade your system software See Upgrading the...

Страница 63: ...ions Port Numbers on the Switch on page 64 Displaying the Port Parameters on page 65 Changing the Port Settings on page 67 Displaying the Storm Control Settings on page 71 Modifying the Storm Control...

Страница 64: ...the switch ID even though the stand alone switch displays number 0 on the Stack ID LED The format of the port for stand alone AT 8100 Series switches is PORT1 0 n When the switch is part of a hardwar...

Страница 65: ...he Switching tab is displayed See Figure 24 Figure 24 Switching Tab with Port Tab 2 From the Switching tab hover over Port The Port tab expands to the right 3 From the Port tab move the cursor to the...

Страница 66: ...ring periods of packet congestion to temporarily stop its network counterpart from transmitting more packets This prevents a buffer overrun and the subsequent loss and retransmission of network packet...

Страница 67: ...o the following 1 Hover the cursor over the Switching tab The Switching tab is displayed See Figure 24 on page 65 2 From the Switching tab hover over Port The Port tab expands to the right 3 From the...

Страница 68: ...t page Spaces and special characters are allowed Status Select either Enabled or Disabled The default setting is enabled Disabling a port turns off its receiver and transmitter so that the port does n...

Страница 69: ...ing at 1000 Mbps the only option is AUTO When operating at 10 or 100 Mbps in either half or full duplex mode the options are AUTO MDI and MDI X To forward traffic a port on the switch and a port on a...

Страница 70: ...ontrol is disabled on the port Flow Control Limit 1 7935 Set the threshold level for flow control on the port Enter the number of cells for flow control A cell represents 128 bytes The range is 1 to 7...

Страница 71: ...displayed See Figure 27 Figure 27 Storm Control List Page The following fields are displayed Interface Port ID Broadcast Indicates whether the Broadcast threshold setting is enabled or disabled Broadc...

Страница 72: ...t is 33 554 431 packets Dlf Indicates whether the unknown unicast threshold setting is enabled or disabled Dlf Level Maximum number of ingress packets per second of unknown unicast packets the port re...

Страница 73: ...ng tab is displayed See Figure 24 on page 65 2 From the Switching tab hover over Port The Port tab expands to the right 3 From the Port tab move the cursor to the right and select Storm Control The St...

Страница 74: ...xceed the specified level This feature is disabled by default Enter the Level Enter the maximum number of ingress packets per second of multicast packets the port receives Multicast packets that excee...

Страница 75: ...interface port statistics This chapter contains the following topics Displaying Port Statistics on page 76 Clearing Port Statistics on page 82 Reloading Statistics on page 83 For additional informatio...

Страница 76: ...face Statistics on page 80 Displaying Transmit and Receive Port Statistics To display the transmit and receive statistics for all of the switch ports do the following 1 Hover the cursor over the Switc...

Страница 77: ...port that contains 512 to 1023 bytes 1024 1518 Byte Frames Number of frames transmitted by the port that contains 1024 to 1518 bytes 1519 1522 Byte Frames Number of frames transmitted by the port tha...

Страница 78: ...umber of frames with a cyclic redundancy check CRC error but with the proper length 64 1518 bytes received by the port FCS Error Frames Number of ingress frames that had frame check sequence FCS error...

Страница 79: ...events seen by the receive side of the MAC Displaying Transmit Statistics To display the statistics on the Transmit Statistics tab do the following 1 Hover the cursor over the Switching tab The Switc...

Страница 80: ...lision Late Collision Number of late collisions Excessive Collision Number of excessive collisions Total Collision Frames Total number of collisions on the port MAC Error Frames Number of frames not t...

Страница 81: ...Rx Discard Packets Number of ingress packets that were discarded prior to transmission because of an error Rx IP Header Error Packets Number of ingress packets that were discarded because of an IP He...

Страница 82: ...m the Switching tab hover over Port 3 Move the cursor to the right and select Statistics The Port Statistics Page with Tx Rx tab selected is displayed See Figure 29 on page 76 4 Select the desired Por...

Страница 83: ...lues are changing so that the data displayed in the Port Statistics pages are not the most recent To display the latest data possible click on the Reload Page button on a Port Statistics page Figure 3...

Страница 84: ...Chapter 5 Setting Port Statistics 84...

Страница 85: ...d speed of the switch is not affected by the port mirroring feature This chapter provides a brief description of the port mirroring feature and explains how to display and set port mirroring See the f...

Страница 86: ...ere can be only one destination port on the switch Here are guidelines for setting the port mirroring feature Port mirroring can have one destination port Port mirroring can have more than one source...

Страница 87: ...Page The following fields are displayed Destination Port Use the pull down menu to select the port where the packets from the source ports are copied and where the network analyzer is connected You c...

Страница 88: ...e Port tab is displayed 3 From the Port tab move the cursor to the right and select Mirroring from the drop down menu The Port Mirroring List page is displayed See Figure 34 on page 87 4 Select the pu...

Страница 89: ...n menu The Port Mirroring List page is displayed See Figure 34 on page 87 4 Click Edit next to the port that you want to specify as a source port for mirroring The Modify Port Mirroring Page is displa...

Страница 90: ...Chapter 6 Port Mirroring 90 6 Click Apply 7 Click SAVE to save your changes to the startup configuration file...

Страница 91: ...by doing the following 1 Display the port mirroring assignments See Displaying Port Mirroring Settings on page 87 The Port Mirroring List page is displayed See Figure 34 on page 87 2 Select the pull d...

Страница 92: ...Chapter 6 Port Mirroring 92...

Страница 93: ...ption of the spanning tree protocols and explains how to set spanning tree on a port See the following sections Overview on page 94 Displaying Port Spanning Tree Protocol Settings on page 95 Modifying...

Страница 94: ...takes to complete the process referred to as convergence When a change is made to the network topology such as the addition of a new bridge a spanning tree protocol determines whether there are redun...

Страница 95: ...See Figure 36 Figure 36 Port Spanning Tree Settings Page The following fields are displayed Interface Port ID Configured Path Cost Cost of a port to the root bridge This cost is combined with the cost...

Страница 96: ...sition of the port to the forwarding state during the convergence process You may want to set Link Type to Shared when the port is connected to a hub with multiple switches connected to it PTP The poi...

Страница 97: ...isplayed See Figure 24 on page 65 2 From the Switching tab hover over Port 3 Move the cursor to the right and select Spanning Tree The Port Spanning Tree page is displayed See Figure 36 on page 95 4 C...

Страница 98: ...e the same the switch elects a port with the lower port ID The range of the priority value is 0 to 240 in increments of 16 for a total of 16 increments See Table 1 Specify the increment of the desired...

Страница 99: ...s rapid transition You may want to set the link type to shared if the port is connected to a hub with multiple switches connected to it Loop Guard Enable or disable the BPDU loop guard feature on the...

Страница 100: ...Chapter 7 Spanning Tree Protocol on a Port 100...

Страница 101: ...See the following sections Displaying the Unicast MAC Addresses on page 102 Displaying the Multicast MAC Addresses on page 104 Assigning a Unicast MAC Address on page 105 Assigning a Multicast MAC Add...

Страница 102: ...MAC addresses do the following 1 Hover the cursor over the Switching Tab The Switching Tab is displayed See Figure 38 Figure 38 Switching Tab 2 Hover over Mac Table and then move the cursor to the rig...

Страница 103: ...ss Dynamic and static unicast MAC addresses learned on or assigned to the port Vlan ID number of the VLAN that the node designated by the MAC address belongs to The default VLAN is Vlan1 Interface Por...

Страница 104: ...the cursor to the right to select Multicast The Multicast MACs Page is displayed See Figure 40 Figure 40 Multicast MACs Page The following fields are displayed MAC Address Dynamic or static unicast M...

Страница 105: ...the right to select Unicast The Unicast MACs page is displayed See Figure 39 on page 102 3 Click Add The Unicast MAC Page is displayed See Figure 41 Figure 41 Unicast MAC Address Page 4 To add a new...

Страница 106: ...cifies the port to forward packets that have the designated source MAC address Discard Specifies the port to discard packets that have the designated source MAC address 5 Click Add 6 Click SAVE to sav...

Страница 107: ...ht to select Multicast The Multicast MACs page is displayed See Figure 40 on page 104 3 Click Add The Multicast MAC Address page is displayed See Figure 42 Figure 42 Multicast MAC Address Page 4 To ad...

Страница 108: ...cifies the port to forward packets that have the designated source MAC address Discard Specifies the port to discard packets that have the designated source MAC address 5 Click Add 6 Click SAVE to sav...

Страница 109: ...See Figure 38 on page 102 2 Hover over Mac Table and then move the cursor to the right to select Unicast The Unicast MACs page is displayed See Figure 39 on page 102 3 Do one of the following To clea...

Страница 110: ...page 102 2 Hover over Mac Table and then move the cursor to the right to select Multicast The Multicast MACs page is displayed See Figure 40 on page 104 3 Do one of the following To clear all of the...

Страница 111: ...LACP and explains how to display and set LACP See the following sections Overview on page 112 Displaying LACP Trunks on page 113 Adding an LACP Trunk on page 115 Modifying an LACP Trunk on page 117 De...

Страница 112: ...nufacturers The main component of an LACP trunk is an aggregator An aggregator is a group of ports on the switch The ports of an aggregator are further grouped into a trunk referred to as an aggregate...

Страница 113: ...See Figure 24 on page 65 2 From the Switching tab hover over Link Aggregation For an example of the Link Aggregation menu see Figure 43 Figure 43 Switching Tab with Link Aggregation Selected 3 Move t...

Страница 114: ...ne load distribution method The load distribution method determines the manner in which the switch distributes the egress packets among the active ports of an aggregator The packets can be distributed...

Страница 115: ...isplayed See Figure 24 on page 65 2 From the Switching tab hover over Link Aggregation For an example of the Link Aggregation selection see Figure 43 on page 113 3 Move the cursor to the right and sel...

Страница 116: ...n MAC address as the load distribution method Src IP Source IP address as the load distribution method Dst IP Destination IP address as the load distribution method Src Dst IP Source IP address and de...

Страница 117: ...ure 24 on page 65 2 From the Switching tab hover over Link Aggregation For an example of the Link Aggregation selection see Figure 43 on page 113 3 Move the cursor to the right and select LACP The LAC...

Страница 118: ...s Src Dst MAC Source address destination MAC address Src IP Source IP address Dst IP Destination IP address Src Dst IP Source address destination IP address 6 Add or remove the member ports of the agg...

Страница 119: ...24 on page 65 2 From the Switching tab hover over Link Aggregation For an example of the Link Aggregation selection see Figure 43 on page 113 3 Move the cursor to the right and select LACP The LACP T...

Страница 120: ...Chapter 9 Link Aggregation Control Protocol LACP 120...

Страница 121: ...e the following sections Overview on page 122 Displaying Static Trunk Settings on page 123 Adding Static Trunks on page 125 Modifying the Static Trunk Settings on page 127 Deleting Static Trunks on pa...

Страница 122: ...1 If a link is lost on a port in a static port trunk the trunk s total bandwidth is reduced Although the traffic carried by a lost link is shifted to one of the remaining ports in the trunk the bandwi...

Страница 123: ...ver Link Aggregation For an example of the Link Aggregation tab see Figure 47 Figure 47 Switching Tab with Static Trunks 3 Move the cursor to the right and select Static Trunks The Static Trunks page...

Страница 124: ...ess and destination MAC address is the load distribution method Src IP Source IP address is the load distribution method Dst IP Destination IP address is the load distribution method Src Dst IP Source...

Страница 125: ...bers of one static port trunk at a time A port that is already a member of a trunk cannot be added to another trunk To accomplish this you must first remove the member port from its current trunk assi...

Страница 126: ...MAC Destination MAC address Src Dst MAC Source address and destination MAC address Src IP Source IP address Dst IP Destination IP address Src Dst IP Source address and destination IP address 7 Select...

Страница 127: ...dd or remove member ports from a static port trunk or modify the load balance method do the following 1 Hover the cursor over the Switching tab The Switching tab is displayed See Figure 24 on page 65...

Страница 128: ...tination IP address Src Dst IP Source address destination IP address 6 Select the member ports that you want to add to or remove from the static trunk by clicking on the ports Caution To prevent the f...

Страница 129: ...ching tab is displayed See Figure 24 on page 65 2 From the Switching tab hover over Link Aggregation For an example of the Link Aggregation selection see Figure 47 on page 123 3 Move the cursor to the...

Страница 130: ...Chapter 10 Setting Static Port Trunks 130...

Страница 131: ...2 Displaying VLANs on page 134 Adding a VLAN on page 135 Modifying VLANs on page 137 Assigning a Native VLAN on page 139 Removing an Untagged Port from a VLAN on page 141 Deleting VLANs on page 142 Fo...

Страница 132: ...just a few ports In addition a port based VLAN can span switches and consist of ports from multiple Ethernet switches Ports in a port based VLAN are referred to as untagged ports and the frames recei...

Страница 133: ...evice must be able to process the tagged information on received frames and add tagged information to transmitted frames Tagged and Untagged Ports You need to specify which ports are members of the VL...

Страница 134: ...played For an example of the VLANs page see Figure 51 Figure 51 VLANs Page The following fields are displayed Vlan ID VLAN identifier The range is 1 to 4094 The VID of 1 is the default VLAN Name VLAN...

Страница 135: ...134 3 From the VLANs page click Add The Add VLAN page is displayed See Figure 52 Figure 52 Add VLAN Page 4 Enter the following settings as needed VLAN ID Assign a VLAN identifier The range is 2 to 409...

Страница 136: ...e must be unique as well A VLAN that spans multiple switches must have the same name on each switch Device ID Assign a T U or H by clicking a port number until the desired choice appears in the box be...

Страница 137: ...ause loss of connectivity to the switch 1 Hover the cursor over the Switching tab The Switching tab is displayed See Figure 24 on page 65 2 From the Switching tab drop down menu select VLANs The VLANs...

Страница 138: ...choice appears in the box below the port number A T indicates the port is a tagged port A U indicates the port is an untagged port An H indicates the port does not belong to any VLANs on the switch as...

Страница 139: ...tagged port perform the following procedure 1 Hover the cursor over the Switching tab The Switching tab is displayed See Figure 24 on page 65 2 From the Switching tab drop down menu select VLANs The...

Страница 140: ...m the pull down menu The selected VLAN Interface is assigned to a port as a native VLAN on which untagged frames are placed Port ID Select a port ID from the pull down menu You can only select a tagge...

Страница 141: ...VLANs The VLANs page is displayed See Figure 51 on page 134 3 From the VLANs page click Edit next to the VLAN that the untagged port you want to remove belongs to The Edit VLAN page is displayed See F...

Страница 142: ...the Switching tab The Switching tab is displayed See Figure 24 on page 65 2 From the Switching tab drop down menu select VLANs The VLANs page is displayed See Figure 51 on page 134 3 From the VLANs p...

Страница 143: ...nd Modifying Spanning Tree Protocol Settings on the Switch on page 145 Note For information about how to set a spanning tree protocol on the ports see Chapter 7 Spanning Tree Protocol on a Port on pag...

Страница 144: ...ach takes to complete the process referred to as convergence When a change is made to the network topology such as the addition of a new bridge a spanning tree protocol determines whether there are re...

Страница 145: ...r over the Switching tab The Switching tab is displayed See Figure 24 on page 65 2 From the Switching tab drop down menu select Spanning Tree The Spanning Tree Settings page is displayed See Figure 55...

Страница 146: ...riority number in the spanning tree domain becomes the root bridge You can use the priority number to influence which switch becomes the root bridge If two or more devices have the same priority value...

Страница 147: ...range is 4 to 30 seconds This value is active only when the switch is acting as the root bridge of the spanning tree domain Switches that are not acting as the root bridge use a dynamic value supplied...

Страница 148: ...Chapter 12 Spanning Tree Protocols on the Switch 148...

Страница 149: ...aying and Modifying IGMP Snooping Configuration on page 151 Disabling IGMP Snooping on page 154 Displaying the Routers List on page 155 Clearing the Routers List on page 156 Displaying the Hosts List...

Страница 150: ...orts to remain a member After the router has received a report from a host node it notes the multicast group that the host node wants to join and the port on the router where the node is located Any m...

Страница 151: ...modify the IGMP Configuration settings do the following 1 Hover the cursor over the Switching tab The Switching Tab is displayed See Figure 56 Figure 56 Switching IGMP Tab 2 Hover over IGMP and then...

Страница 152: ...the IGMP host topology Choose between Single and Multiple Select Single when the switch has one host node per port Select Multiple when the switch has more than one host node per port By default the s...

Страница 153: ...the port ID of a port that is connected to a multicast router You can enter a port ID in this field only when the Router Ports Mode is Manual Flood Unknown Multicasts Select Enabled to disable the au...

Страница 154: ...over IGMP and then move the cursor to the right to select IGMP Snooping The IGMP Snooping page is displayed with the Configuration tab selected by default See Figure 57 on page 152 3 Use the pull down...

Страница 155: ...by default See Figure 57 on page 152 3 Click the Routers List tab The Routers List page is displayed See Figure 58 Figure 58 IGMP Snooping Page with Routers List Tab The following settings are display...

Страница 156: ...played See Figure 56 on page 151 2 Hover over IGMP and then move the cursor to the right to select IGMP Snooping The IGMP Snooping page is displayed with the Configuration tab selected by default See...

Страница 157: ...t See Figure 57 on page 152 3 Click the Hosts List tab The Hosts List page is displayed See Figure 59 Figure 59 IGMP Snooping Page with Hosts List Tab The following settings are displayed Group Addres...

Страница 158: ...Chapter 13 Internet Group Management Protocol IGMP Snooping 158...

Страница 159: ...ollowing sections Overview on page 160 Guidelines on page 164 Displaying IGMP Snooping Querier on page 165 Modifying IGMP Snooping Query Interval on page 167 For more information about IGMP see the fo...

Страница 160: ...ved The switch must have an IP address to add to the queries as its source address In addition the address must be a member of the same network as the host nodes and the multicasting source You assign...

Страница 161: ...assign multiple queriers to a LAN the software must decide which is the active querier and which is the standby querier This task falls to a switch in the network that has IGMP snooping enabled but IG...

Страница 162: ...itch 1 has the lowest IP routing address and forwards all multicast packets to switch 1 making switch 1 the active querier Switch 3 becomes the standby querier in case switch 1 stops transmitting quer...

Страница 163: ...ttings that are illustrated in Figure 61 on page 162 Table 4 IGMP Snooping Querier with Two Queriers Switch Routing Address IGMP Snooping IGMP Snooping Querier Querier Status 1 149 123 48 2 Enabled En...

Страница 164: ...e address If you want to add or remove ports from the VLAN after activating IGMP snooping querier you must disable IGMP snooping querier modify the VLAN and then enable it again The switch supports IG...

Страница 165: ...owing 1 Hover the cursor over the Switching tab The Switching Tab is displayed See Figure 62 Figure 62 Switching IGMP Tab 2 Hover over IGMP and then move the cursor to the right to select IGMP Querier...

Страница 166: ...Chapter 14 IGMP Snooping Querier 166 Query Interval Time interval in seconds at which IGMP General Query messages are transmitted...

Страница 167: ...ct IGMP Querier The IGMP Snooping Querier page is displayed See Figure 63 on page 165 3 From the IGMP Snooping Querier page click Add or Edit The Edit IGMP Snooping Querier page is displayed See Figur...

Страница 168: ...Chapter 14 IGMP Snooping Querier 168...

Страница 169: ...he following sections Overview on page 170 Displaying PoE Port Settings on page 172 Modifying PoE Settings Globally on page 175 Modifying PoE Settings on a Port on page 176 For more information about...

Страница 170: ...cing equipment PSE The AT 8100L 8PoE AT 8100S 24PoE and AT 8100S 48PoE switches are PSE devices providing DC power to the network cable and functioning as a central power source for other network devi...

Страница 171: ...ased on the port number in ascending order For example when all of the ports in the switch are set to the low priority level and the power requirements are exceeded on the switch port 1 has the highes...

Страница 172: ...Note The PoE pull down menu item appears only when you are accessing a PoE featured switch 1 Hover the cursor over the Switching tab The Switching tab is displayed See Figure 65 Figure 65 Switching Ta...

Страница 173: ...oE status for a port individually Power Usage Threshold Power usage threshold in a percentage of the switch s total available power The range is 1 to 99 Interface Port ID Description Description of th...

Страница 174: ...nected to the port is powered on or off When powered on it indicates Powered When no powered device is connected to the port indicates Off Power Class Class of the connected PD The switch automaticall...

Страница 175: ...hange this field when you want to change the PoE status for all the ports all at once Power Threshold Set the power usage threshold in a percentage of the switch s total available power The range is 1...

Страница 176: ...2 From the Switching tab drop down menu select PoE A list of PoE settings on the ports is displayed See Figure 66 on page 173 3 From the PoE page click Edit next to the port number that you want to mo...

Страница 177: ...Device Select Yes to allow the switch to supply power to a device that is connected to the port even if the device is a legacy PD Select No to not allow the switch to supply power if a device that is...

Страница 178: ...Chapter 15 Power Over Ethernet PoE 178...

Страница 179: ...ing MAC Address based Port Security Settings on page 182 Modifying MAC Address based Port Security Settings on page 184 Disabling MAC Address based Port Security Settings on page 186 For more informat...

Страница 180: ...sses as dynamic addresses can learn new addresses when addresses are timed out from the table by the switch The addresses are aged out according to the aging time of the MAC address table Intrusion Ac...

Страница 181: ...the ingress port not on the egress port You cannot use MAC address based port security and 802 1x port based access control on the same port To specify a port as an Authenticator or Supplicant in 802...

Страница 182: ...is displayed See Figure 68 Figure 68 Security Tab 2 From the Security tab drop down menu select MAC Based Security The MAC Based Port Security page is displayed See Figure 69 Figure 69 MAC Based Port...

Страница 183: ...MAC address table This is the default setting MAX MACs Maximum number of dynamic MAC addresses the port is permitted to learn The range is 0 to 255 By default this field is set to 100 Violation Actio...

Страница 184: ...ursor over the Security tab The Security tab is displayed See Figure 68 on page 182 2 From the Security tab drop down menu select MAC Based Security The MAC Based Port Security page is displayed See F...

Страница 185: ...es Saves the source MAC addresses as dynamic addresses in the MAC address table No Saves the source MAC addresses as static addresses in the MAC address table MAX MACs Enter the maximum number of sour...

Страница 186: ...gure 68 on page 182 2 From the Security tab drop down menu select MAC Based Security The MAC Based Port Security page is displayed See Figure 69 on page 182 3 Click Edit next to the port that you want...

Страница 187: ...188 Configuring RADIUS for Remote Manager Authentication on page 191 Configuring TACACS for Remote Manager Authentication on page 195 Deleting an Authentication Server on page 200 For more information...

Страница 188: ...e only the remote manager account feature you can use either RADIUS or TACACS because both clients support that feature If you want to use 802 1x port based network access control you have to use the...

Страница 189: ...TACACS server you must configure remote manager authentication and add authentication servers that the switch can access You can configure up to three servers each for the RADIUS and TACACS features...

Страница 190: ...nts 190 When you delete Server 1 the server with an IP address of 192 168 10 12 remains Server 2 the server with an IP address of 192 168 10 13 remains Server 3 As a result the next server that you ad...

Страница 191: ...entication Using RADIUS To configure the RADIUS server do the following 1 Hover the cursor over the Security tab The Security tab is displayed See Figure 68 on page 182 2 From the Security tab drop do...

Страница 192: ...rs authenticate user login Disabled The RADIUS servers do not authenticate user login Authentication is attempted using the username and password combinations specified on the User Management page and...

Страница 193: ...tes that sending accounting messages is disabled 4 Click Apply The Active Authentication Server field shown on the upper middle of the page indicates RADIUS 5 Click SAVE to save your changes to the st...

Страница 194: ...nting The default UDP port for accounting is 1813 Key Enter the encryption key for RADIUS communications between the switch and RADIUS server The key must match the encryption key used by the RADIUS s...

Страница 195: ...TACACS Server on page 198 Configuring Remote Manager Authentication Using TACACS To configure a TACACS server do the following 1 Hover the cursor over the Security tab The Security tab is displayed S...

Страница 196: ...he value of the global encryption key of the TACACS servers You can define a global encryption key if you have one TACACS server or if there is more than one server and they all use the same encryptio...

Страница 197: ...e username and password combinations specified on the User Management page and using the USERNAME command in the CLI Note For additional information about the User Management page see Managing Local U...

Страница 198: ...accounting message is sent at the beginning of a session and a stop accounting message is sent at the end of the session Stop Only A stop accounting message is sent at the end of the session None Send...

Страница 199: ...e following IPv4 format xxx xxx xxx xxx Key Enter the encryption key for TACACS communications between the switch and TACACS server The key must match the encryption key used by the TACACS server The...

Страница 200: ...displayed See Figure 68 on page 182 2 From the Security tab drop down menu select Authentication Servers The Authentication Server Configuration page is displayed See Figure 71 on page 191 3 Click ei...

Страница 201: ...based Authentication on the Switch on page 207 Configuring 802 1x Port based Authentication on page 208 Disabling 802 1x Port based Authentication on the Switch on page 213 Disabling 802 1x Port base...

Страница 202: ...e information about RADIUS and its configuration see Chapter 17 RADIUS and TACACS Clients on page 187 Note RADIUS with Extensible Authentication Protocol EAP extensions is the only supported authentic...

Страница 203: ...mple of Port Roles Operating Modes Authenticator ports have three modes Single host mode An authenticator port set to the single host mode permits only one supplicant to log on and forwards only the t...

Страница 204: ...ets through the port without being authenticated Figure 77 is an example of this mode Port 6 is connected to an Ethernet hub or non 802 1x compliant switch which in turn is connected to several suppli...

Страница 205: ...VLAN when a supplicant logs on This frees the network manager from having to reconfigure VLANs as end users access the network from different points or where the same workstation is used by different...

Страница 206: ...and has full access to the resources of the Guest VLAN If the switch receives 802 1x packets on the port signalling that an authenticated supplicant is logging on it moves the port to its predefined...

Страница 207: ...r the Security tab The Security tab is displayed See Figure 68 on page 182 2 From the Security tab drop down menu select 802 1x Port Authentication The 802 1x Authentication page is displayed See Figu...

Страница 208: ...e Security tab drop down menu select 802 1x Port Authentication The 802 1x Authentication page is displayed See Figure 79 on page 207 3 Click Edit next to the port that you want to modify The Modify 8...

Страница 209: ...uide 209 Figure 81 Modify 802 1x Authentication Page Expanded 5 Modify the following fields as needed Interface Indicates the port ID You cannot modify this parameter from this page Port Role Specifie...

Страница 210: ...an authenticator port remains in the quiet state following a failed authentication exchange with a supplicant The range is 0 to 65 535 seconds The default value is 60 seconds Tx period Enter the numbe...

Страница 211: ...those supplicants that have the same VID as the supplicant who initially logged on Multi Specifies that an authenticator port forwards packets of all supplicants regardless of the VIDs in their suppli...

Страница 212: ...ation method does not require 802 1x client software on supplicant nodes Re Auth Learning Check the checkbox to force the port that is using MAC address authentication into the unauthorized state You...

Страница 213: ...ty tab The Security tab is displayed See Figure 68 on page 182 2 From the Security tab drop down menu select 802 1x Port Authentication The 802 1x Authentication page with the Status field set to Enab...

Страница 214: ...gure 68 on page 182 2 From the Security tab drop down menu select 802 1x Port Authentication The 802 1x Authentication page is displayed See Figure 79 on page 207 3 Click Edit next to the port that yo...

Страница 215: ...4 Address on page 219 Changing an IPv4 Address on page 220 Deleting an IPv4 Address on page 222 Displaying the IPv6 Interface on page 223 Adding an IPv6 Address on page 225 Changing IPv6 Addresses on...

Страница 216: ...e an IPv6 address as the management IP address However as shown in Table 8 the IPv6 address supports only the TACACS client and HTTP clients To use features that are not supported by the IPv6 address...

Страница 217: ...8100 Series Version 2 2 5 0 Management Software Command Line Interface User s Guide An IPv6 address is assigned as the static address The switch does not support the assignment of an IPv6 address from...

Страница 218: ...s displayed See Figure 83 Figure 83 Layer 3 Tab 2 From the Layer 3 tab drop down menu select IPv4 Interfaces A list of IPv4 interfaces is displayed See Figure 84 Figure 84 IPv4 Interfaces Page The fol...

Страница 219: ...aces is displayed See Figure 84 on page 218 3 Click Add The IP Address Configuration Page is displayed See Figure 85 Figure 85 IP Address Configuration Page 4 Enter the following fields IP Address Ent...

Страница 220: ...lect IPv4 Interfaces A list of IPv4 interfaces is displayed See Figure 84 on page 218 3 From the IPv4 Interfaces page click Edit next to the VLAN ID that you want to modify The following page is displ...

Страница 221: ...P address that you use to access the web interface you lose the connection to the switch Start a management session again by opening a web browser on your PC and entering the new IP address of the swi...

Страница 222: ...er 3 tab The Layer 3 tab is displayed See Figure 83 on page 218 2 From the Layer 3 tab drop down menu select IPv4 Interfaces A list of IPv4 interfaces is displayed See Figure 84 on page 218 3 From the...

Страница 223: ...f the IPv6 interface do the following 1 Hover the cursor over the Layer 3 tab The Layer 3 tab is displayed See Figure 87 Figure 87 Layer 3 Tab 2 From the Layer 3 tab drop down menu select IPv6 Interfa...

Страница 224: ...ollowing fields are displayed Interface Name VLAN number that the management IPv6 address is assigned to IP Address Management IPv6 address Subnet Mask Subnet mask of the management IPv6 address Defau...

Страница 225: ...page 223 2 From the Layer 3 tab drop down menu select IPv6 Interface The IPv6 Interface page is displayed Ensure that no IPv6 address is displayed 3 Click Add The IPv6 Management Configuration Page i...

Страница 226: ...ing IPv6 addresses are equivalent 12c4 421e 09a8 0000 0000 0000 00a4 1c50 12c4 421e 9a8 a4 1c50 6 Enter the number of subnet mask bits in the Subnet Mask field 7 Enter an IPv6 default gateway address...

Страница 227: ...ce is displayed if one has already been assigned See Figure 88 on page 223 3 From the IPv6 Interface page click Edit The following page is displayed See Figure 90 Figure 90 Edit IPv6 Management Config...

Страница 228: ...Chapter 19 Setting IPv4 and IPv6 Addresses 228 5 Click Apply 6 Click SAVE to save your changes to the startup configuration file...

Страница 229: ...owing 1 Hover the cursor over the Layer 3 tab The Layer 3 tab is displayed See Figure 87 on page 223 2 From the Layer 3 tab drop down menu select IPv6 Interface The IPv6 interface is displayed if any...

Страница 230: ...Chapter 19 Setting IPv4 and IPv6 Addresses 230...

Страница 231: ...page 232 Creating an ACL on page 235 Assigning an ACL to Ports on page 239 Displaying a List of ACLs on page 241 For information about the QoS feature see Chapter 22 Quality of Service QoS on page 25...

Страница 232: ...action based on the ACL that is assigned to the port Using the AT 8100 web interface you can configure two types of ACLs IPv4 ACLs MAC ACLs IPv4 ACLs use IPv4 addresses as filtering criteria while MAC...

Страница 233: ...ress Packets are Compared Against ACLs Ports that do not have an ACL forward all ingress packets Ports with one or more deny ACLs discard ingress packets that match the ACLs and forward all other traf...

Страница 234: ...ter egress packets As a result you must apply ACLs to the ingress ports of the designated traffic flows ACLs for static port trunks or LACP trunks must be assigned to the individual ports of the trunk...

Страница 235: ...oS tab The ACLs QoS tab is displayed See Figure 91 Figure 91 ACLs and QoS Tab 2 From the ACLs QoS tab drop down menu select Traffic Classifiers The Traffic Classifiers page is displayed See Figure 92...

Страница 236: ...ct an action from the following options Deny Instructs ports to discard the ingress packets that match the specified filtering criteria Permit Instructs ports to forward ingress packets that match the...

Страница 237: ...ollowing IPv4 Address and mask Select IPv4 then enter an IPv4 source address followed by a slash and a mask if you are creating an IPv4 ACL The keyword any matches all packets on the source address MA...

Страница 238: ...rt fields are applicable only to IPv4 ACLs Source Port Select TCP or UDP from the pull down menu and enter a source port number as needed This field is optional Destination Port Select TCP or UDP from...

Страница 239: ...page 235 To assign an ACL to ports do the following 1 Hover the cursor over the ACLs QoS tab The ACLs QoS tab is displayed See Figure 91 on page 235 2 From the ACLs QoS tab drop down menu select Polic...

Страница 240: ...e 96 Traffic Classifiers Page from Policies ACLs Page 4 Click a radio button to select an ACL 5 Check one or multiple port numbers to select ports to apply the ACL 6 Click Apply 7 Click SAVE to save y...

Страница 241: ...s displayed See Figure 91 on page 235 2 From the ACLs QoS tab drop down menu select Traffic Classifiers The Traffic Classifiers page is displayed See Figure 97 Figure 97 Traffic Classifiers Page 3 The...

Страница 242: ...Chapter 20 Access Control Lists ACL 242...

Страница 243: ...hapter describe how to display a list of static routes on the switch and how to add and delete a static route See the following sections Displaying Static Routes on page 244 Adding a Static Route on p...

Страница 244: ...ayer 3 tab drop down menu select Static Routes A list of static routes is displayed See Figure 99 Figure 99 Static Routes Page The following fields are displayed Network Address IP address of the dest...

Страница 245: ...of static routes is displayed See Figure 99 on page 244 3 Click Add The Add Static Route Page is displayed See Figure 100 Figure 100 Add Static Route Page 4 Enter the destination network address in th...

Страница 246: ...Chapter 21 Setting Static Routes 246 8 Click Apply 9 Click SAVE...

Страница 247: ...e entry do the following 1 Hover the cursor over the Layer 3 tab The Layer 3 tab is displayed See Figure 98 on page 244 2 From the Layer 3 tab drop down menu select Static Routes A list of static rout...

Страница 248: ...the cursor over the Layer 3 tab The Layer 3 tab is displayed See Figure 101 Figure 101 Layer 3 Tab 2 From the Layer 3 tab drop down menu select Routing Table A list of routes is displayed See Figure 1...

Страница 249: ...t the route was added statically RIP indicates that the route was added dynamically using the RIP protocol Connected indicates that the route is connected directly AD Metric Value of the administrativ...

Страница 250: ...Chapter 21 Setting Static Routes 250...

Страница 251: ...icy on page 255 Assigning a QoS Policy to Ports on page 260 Displaying a List of QoS Policies on page 262 For information about the ACL feature see Chapter 20 Access Control Lists ACL on page 231 For...

Страница 252: ...class of service CoS value Layer 2 802 1Q frame headers have a Tag Control Information field that carries the CoS value You can use DSCP and CoS values as filtering criteria to classify incoming packe...

Страница 253: ...ckets that match the filtering criteria with the specified CoS value How Ingress Packets are Selected with Filtering Criteria A QoS policy can have more than one filtering criterion A QoS policy that...

Страница 254: ...but does not process egress packets As a result you must apply QoS policies to the ingress ports of the designated traffic flows QoS policies for static port trunks or LACP trunks must be assigned to...

Страница 255: ...s QoS tab The ACLs QoS tab is displayed See Figure 103 Figure 103 ACLs and QoS Tab 2 From the ACLs QoS tab drop down menu select Traffic Classifiers The Traffic Classifiers page is displayed See Figur...

Страница 256: ...mber to identify a QoS policy Choose a classifier number according to the following conditions When specifying an IPv4 address as a filtering criterion Choose from 3000 to 3699 When specifying a MAC A...

Страница 257: ...to 7 Figure 106 Text Box for Priority Queue Mark DSCP Instructs ports to set the DSCP value in all ingress packets that match the filtering criteria with a specified DSCP value When you select Mark D...

Страница 258: ...y Matches all packets on the source address IPv4 Address and mask Enter an IPv4 source address followed by a slash and a mask if you are creating an IPv4 ACL MAC Address and mask Enter a MAC source ad...

Страница 259: ...ce Port Select TCP or UDP from the pull down menu and enter a source port number as needed Destination Port Select TCP or UDP from the pull down menu and enter a source port number as needed VLAN ID E...

Страница 260: ...on page 255 To assign a QoS policy to ports do the following 1 Hover the cursor over the ACLs QoS tab The ACLs QoS tab is displayed See Figure 103 on page 255 2 From the ACLs QoS tab drop down menu s...

Страница 261: ...s Guide 261 Figure 110 Traffic Classifier Page 4 Click a radio button to select a QoS policy 5 Check one or multiple checkboxes to select ports to apply the QoS policy 6 Click Apply 7 Click SAVE to sa...

Страница 262: ...03 on page 255 2 From the ACLs QoS tab drop down menu select Traffic Classifiers The Traffic Classifiers page is displayed See Figure 111 Figure 111 Traffic Classifiers Page 3 The following fields are...

Страница 263: ...e 264 Displaying the RIP Configuration on page 265 Enabling RIP on a VLAN Interface on page 267 Changing the RIP Settings on page 270 Removing a VLAN Interface from the RIP Configuration on page 271 D...

Страница 264: ...about static routes refer to Chapter 21 Setting Static Routes on page 243 Enabling RIP Here are guidelines for enabling RIP A VLAN interface must have an IP address assigned before RIP is enabled on...

Страница 265: ...m the Layer 3 tab drop down menu hover the cursor over RIP move the cursor to the right and select Configuration from the RIP drop down menu The RIP configuration page is displayed See Figure 113 Figu...

Страница 266: ...uthentication Key Authentication password that the VLAN interface uses to authenticate the RIP packets Send RIP version number of the packets that the VLAN interface is specified to send Receive RIP v...

Страница 267: ...k where the VLAN belongs is advertised through RIP To enable RIP on a VLAN interface you must add the VLAN to the RIP routing process by performing the following procedure 1 Hover the cursor over the...

Страница 268: ...Authentication Key Enter the authentication password that the VLAN interface uses to authenticate the RIP packets The authentication password can be up to sixteen alphanumeric characters It is case se...

Страница 269: ...way to go to the RIP Interface page to enable RIP on a VLAN interface Go to the RIP Configuration page from the RIP Configuration page shown in Figure 113 on page 265 and click Add To go to the RIP C...

Страница 270: ...The Layer 3 tab is displayed See Figure 112 on page 265 2 From the Layer 3 tab drop down menu hover the cursor over RIP move the cursor to the right and select Configuration from the RIP drop down me...

Страница 271: ...following 1 Hover the cursor over the Layer 3 tab The Layer 3 tab is displayed See Figure 112 on page 265 2 From the Layer 3 tab drop down menu hover the cursor over RIP move the cursor to the right...

Страница 272: ...ure 116 Figure 116 Layer 3 Tab 2 From the Layer 3 tab drop down menu hover the cursor over RIP move the cursor to the right and select Statistics from the RIP drop down menu The RIP statistics page is...

Страница 273: ...failure packet received when receive is disabled or mismatched sequence number of a triggered acknowledgement Output Counters displayed under these columns are for outgoing RIP packets outResponses N...

Страница 274: ...ing up so that the data that has been displayed in the RIP Statistics pages are not the most recent To display the latest data possible click on the Refresh button on the RIP Statistics page Figure 11...

Страница 275: ...atic ARP entries See the following sections Overview on page 276 Displaying the ARP Table on page 277 Adding a Static ARP Entry on page 278 Deleting ARP Entries on page 280 For more information about...

Страница 276: ...e MAC address of the destination node The ARP table is populated dynamically however the AT 8100 switches allow you to add static ARP entries which are entered manually ARP Table Management Guidelines...

Страница 277: ...9 Layer 3 Tab 2 From the Layer 3 tab drop down menu select ARP Table The ARP table is displayed See Figure 120 Figure 120 ARP Table Page The following fields are displayed IP Address IP address of the...

Страница 278: ...ee Figure 120 on page 277 3 Click Add The Add Static ARP Page is displayed See Figure 121 Figure 121 Add Static ARP Page 4 Enter the following settings IP Address Enter the IPv4 address of the host to...

Страница 279: ...AT 8100 Series Version 2 2 5 0 Web Interface User s Guide 279 6 Click SAVE to save your changes to the startup configuration file...

Страница 280: ...tab is displayed See Figure 119 on page 277 2 From the Layer 3 tab drop down menu select ARP Table The ARP table is displayed See Figure 120 on page 277 3 Do one of the following To clear all of the...

Страница 281: ...ort on page 288 Selecting LLDP TLVs on a Port on page 290 Setting a Location Entry for the LLDP MED Location TLV on page 294 Assigning LLDP Locations to a Port on page 302 Selecting LLDP MED TLVs on a...

Страница 282: ...smitted in LLDP advertisements flows in one direction only from one device to its neighbors and the communication ends there Transmitted advertisements do not solicit responses and received advertisem...

Страница 283: ...eries Version 2 2 5 0 Web Interface User s Guide 283 Optional LLDP MED TLVs You can select LLDP MED TLVs that are included in an LLDPDU The switch sends selected TLVs along with the mandatory TLVs in...

Страница 284: ...r the Discovery Monitoring tab The Discovery Monitoring tab is displayed See Figure 122 Figure 122 Discovery Monitoring Tab 2 From the Discovery Monitoring tab hover over LLDP The LLDP tab appears to...

Страница 285: ...it interval of LLDP advertisements The transmit interval must be at least four times the transmission delay timer Tx Delay The range is 5 to 32 768 seconds The default value is 30 seconds Fast Start C...

Страница 286: ...tion Interval Enter a notification interval This is the minimum interval between LLDP SNMP notifications traps The range is 5 to 3 600 seconds The default value is 5 Reinit Enter a reinitialization de...

Страница 287: ...yed See Figure 122 on page 284 2 From the Discovery Monitoring tab hover over LLDP The LLDP tab appears to the right 3 From the LLDP tab move the cursor to the right and select Basic Configuration fro...

Страница 288: ...toring tab is displayed See Figure 122 on page 284 2 From the Discovery Monitoring tab hover over LLDP and then select Port Configurations on the right The LLDP Port Config page is displayed See Figur...

Страница 289: ...configured to transmit LLDP advertisements sends the mandatory TLVs and any optional LLDP TLVs they have been specified to send By default this field is selected Advertisement Receive Check the checkb...

Страница 290: ...Discovery Monitoring tab is displayed See Figure 122 on page 284 2 From the Discovery Monitoring tab hover over LLDP The LLDP tab is displayed 3 From the LLDP tab hover over TLV The LLDP TLV tab is di...

Страница 291: ...8100 Series Version 2 2 5 0 Web Interface User s Guide 291 Figure 127 LLDP TLV Page 5 Click Edit next to the port that you want to modify The Modify LLDP TLV page is displayed See Figure 128 on page 2...

Страница 292: ...on to be included in LLDPDUs System Name Check the checkbox to select the system name to be included in LLDPDUs System Description Check the checkbox to select the model number of the AT 8100 switch t...

Страница 293: ...ocol IDs that are accessible through the port to be included in LLDPDUs For instance 9000 Loopback 0026424203000000 STP RSTP or MSTP 888e01 802 1x AAAA03 EPSR 88090101 LACP 00540000e302 Loop protectio...

Страница 294: ...ction allow you to create LLDP MED Civic Coordinate and ELIN location entries See the following Creating a Civic Location Entry on page 294 Creating a Coordinate Location on page 298 Creating an Emerg...

Страница 295: ...b Interface User s Guide 295 Figure 129 Locations Tab 4 From the Locations tab drop down menu move the cursor to the right and select Civic The LLDP Civic Location page is displayed See Figure 130 Fig...

Страница 296: ...Chapter 25 LLDP and LLDP MED 296 5 Click Add The Add LLDP Civic Location Page is displayed See Figure 131 Figure 131 LLDP Civic Location Page Add 6 Enter the ID and Country fields...

Страница 297: ...the following fields as needed Note Each field can contain up to 255 characters Spaces are not allowed The following list shows examples Country USA State CA County Santa Clara City San Jose Division...

Страница 298: ...llowing 1 Hover the cursor over the Discovery Monitoring tab The Discovery Monitoring tab is displayed See Figure 122 on page 284 2 From the Discovery Monitoring tab hover over LLDP The LLDP tab appea...

Страница 299: ...imal point Latitude Resolution Enter latitude resolution as the number of valid bits The range is 0 to 34 Longitude Enter a longitude value in decimal degrees The range is 180 0 to 180 0 The field acc...

Страница 300: ...cation of a network device by its Emergency Location Identifier Number ELIN To create an LLDP ELIN location do the following 1 Hover the cursor over the Discovery Monitoring tab The Discovery Monitori...

Страница 301: ...e 6 Enter values in the following fields ID Enter an ID number for an LLDP MED coordinate location entry on the switch The range is 1 to 256 This range is separate from the ranges for civic and coordi...

Страница 302: ...Location TLV on page 294 To set an LLDP port location do the following 1 Hover the cursor over the Discovery Monitoring tab The Discovery Monitoring tab is displayed See Figure 122 on page 284 2 From...

Страница 303: ...ic Location ID Select a Civic Location ID from the pull down menu By default none is selected Coordinate Location ID Select a Coordinate Location ID from the pull down menu By default none is selected...

Страница 304: ...gure 122 on page 284 2 From the Discovery Monitoring tab hover over LLDP and then hover over TLV The LLDP TLV tab is displayed See Figure 126 on page 290 3 From the LLDP TLV tab select TLV MED on the...

Страница 305: ...icy TLV includes the network policy information specified on the port for connected media endpoint devices The switch supports Application Type 1 Voice including the following network policy for conne...

Страница 306: ...e and the software information to be included in LLDPDUs This information is identical on every port on the switch Hardware Revision Firmware Revision Software Revision Serial Number Manufacturer Name...

Страница 307: ...he right and then select Neighbors The LLDP Neighbors Information page is displayed See Figure 140 Figure 140 LLDP Neighbors Information Page The following fields are displayed Local Port Port ID Neig...

Страница 308: ...or not the MED device Classes I through III are supported Power Source code indicates the current power source which is either the Primary Power Source or the Backup Power Source The codes are C1 Cla...

Страница 309: ...DP Statistics page is displayed with the Port Statistics tab selected automatically See Figure 141 Figure 141 LLDP Statistics Page with Port Statistics Tab The following fields are displayed Port ID P...

Страница 310: ...e entered into the neighbor table because of insufficient resources Ageout Entries Number of times the information advertised by neighbors has been removed from the neighbor table because the informat...

Страница 311: ...Civic Location do the following 1 Hover the cursor over the Discovery Monitoring tab The Discovery Monitoring tab is displayed See Figure 122 on page 284 2 From the Discovery Monitoring tab hover ove...

Страница 312: ...aying Coordinate Locations To display a Coordinate Location do the following 1 Hover the cursor over the Discovery Monitoring tab The Discovery Monitoring tab is displayed See Figure 122 on page 284 2...

Страница 313: ...1984 NAD83 MLLW Mean lower low water datum 1983 NAD83 NAVD North American vertical datum 1983 Displaying ELIN Locations To display an LLDP ELIN location do the following 1 Hover the cursor over the D...

Страница 314: ...ng tab hover over LLDP The LLDP tab appears to the right 3 From the LLDP tab select Basic Configuration The LLDP Configuration page is displayed See Figure 123 on page 285 The following fields are dis...

Страница 315: ...toring tab is displayed See Figure 122 on page 284 2 From the Discovery Monitoring tab hover over LLDP move the cursor to the right and then select Port Configurations The LLDP Port Config page is dis...

Страница 316: ...on ID Coordinate Location ID Coordinate location ID ELIN Location ID ELIN location ID Displaying LLDP TLV To display the LLDP TLV settings do the following 1 Hover the cursor over the Discovery Monito...

Страница 317: ...VLAN Names Lists the names of the VLANs in which the transmitting port is either an untagged or tagged member Protocol IDs List of protocols that are accessible through the port for instance 9000 Loop...

Страница 318: ...r and bridge functions and whether or not these functions are currently enabled Network policy Network policy information specified on the port for connected media endpoint devices The switch supports...

Страница 319: ...AT 8100 Series Version 2 2 5 0 Web Interface User s Guide 319 Model Name Asset ID...

Страница 320: ...Chapter 25 LLDP and LLDP MED 320...

Страница 321: ...n page 322 Specifying an sFlow Collector on page 324 Configuring sFlow on a Port on page 327 Enabling sFlow on the Switch on page 329 Displaying the sFlow Settings on page 330 For more information abo...

Страница 322: ...ich the agent samples one packet For example a sampling rate of 1000 on a port prompts the agent to send one packet from every 1000 ingress packets to the designated sFlow collector Different ports ca...

Страница 323: ...lapsed sFlow Collectors The sFlow agent on the switch can send port performance data to an sFlow collector on your network The performance data from each port can be sent to one collector Guidelines H...

Страница 324: ...e collector To select the Collector tab from the sFlow page do the following 1 Hover the cursor over the Discovery Monitoring tab The Discovery Monitoring tab is displayed See Figure 143 Figure 143 Di...

Страница 325: ...Guide 325 The sFlow page is displayed with the Collector Tab selected See Figure 145 Figure 145 sFlow Page with Collectors Tab 4 Click Add The sFlow Collector page is displayed See Figure 146 Figure 1...

Страница 326: ...ress in the following format xxx xxx xxx xxx where xxx is a number from 0 to 255 There are four groups of numbers that are separated by periods UDP Port UDP port number of the sFlow collector The defa...

Страница 327: ...owing 1 Hover the cursor over the Discovery Monitoring tab The Discovery Monitoring tab is displayed See Figure 143 on page 324 2 From the Discovery Monitoring tab drop down menu select sFlow The sFlo...

Страница 328: ...pollings of the packet counter on the port by the sFlow agent Sample Rate Enter the packet sampling rate on the port The sampling rate dictates the number of ingress packets from which one sample is t...

Страница 329: ...on a Port on page 327 To enable the sFlow feature on a switch do the following 1 Hover the cursor over the Discovery Monitoring tab The Discovery Monitoring tab is displayed See Figure 143 on page 324...

Страница 330: ...llowing 1 Hover the cursor over the Discovery Monitoring tab The Discovery Monitoring tab is displayed See Figure 143 on page 324 2 From the Discovery Monitoring tab drop down menu select sFlow The sF...

Отзывы:

Нет отзывов

Похожие инструкции для AT-8100L/8POE

Univerge SV8100

Бренд: NEC Страницы: 44

Бренд: D-Link Страницы: 2

Бренд: M2M Страницы: 9

Бренд: SAF Страницы: 30

Бренд: CSS Страницы: 2

Бренд: LogLogic Страницы: 30

Бренд: Mercusys Страницы: 35

Active Module Carrier VX402C-64

Бренд: C&H Страницы: 32

Бренд: ZKTeco Страницы: 68

Бренд: Doro Страницы: 50

Бренд: netsys Страницы: 164

Бренд: Spirent Страницы: 22

Бренд: TRENDnet Страницы: 2

Бренд: TRENDnet Страницы: 2

airPoint Nexus sB3210

Бренд: SmartBridges Страницы: 55

Бренд: PairGain Страницы: 48

Бренд: XtendLan Страницы: 17

Бренд: Belkin Страницы: 2

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды