manualshive.com logo in svg

Allied Telesis z AT-8700XL Series, Руководство пользователя, Страница: 67 / 81

Поделиться
Скачать
Allied Telesis z AT-8700XL Series Скачать руководство пользователя страница 67

Switching

67

Software Release 2.6.1
C613-02030-00 REV B

can be enabled for a specified time, disabled, and displayed using the 
commands:

ENABLE VLAN={

vlan-name

|1..255|ALL} DEBUG={PKT|ALL} 

[OUTPUT=CONSOLE] [TIMEOUT={1..4000000000|NONE}]

DISABLE VLAN={

vlan-name

|1..255|ALL} DEBUG={PKT|ALL}

SHOW VLAN DEBUG

To view packet reception and transmission counters for a VLAN, use the 
command (see the 

Interfaces

 chapter of the switch’s Software Reference):

SHOW INTERFACE=VLAN

COUNTER

Summary of VLAN tagging rules

When designing a VLAN and adding ports to VLANs, the following rules 
apply.

1.

Each port, except for the mirror port, must belong to at least one static 
VLAN. By default, a port is an untagged member of the default VLAN. 

2.

A port can be untagged for zero or one VLAN. A port that is untagged for 
a VLAN transmits frames destined for that VLAN without a VLAN tag in 
the Ethernet frame. 

3.

A port can be tagged for zero or more VLANs. A port that is tagged for a 
VLAN transmits frames destined for that VLAN with a VLAN tag, 
including the numerical VLAN Identifier of the VLAN.

4.

A port cannot be untagged and tagged for the same VLAN. 

5.

The mirror port, if there is one, is not a member of any VLAN.

Protected VLANs

If a VLAN is Protected, Layer 2 traffic between ports that are members of a 
Protected VLAN is blocked. Traffic can be Layer 3 switched to another VLAN. 
This feature prevents members of a Protected VLAN from communicating with 
each other yet still allows members to access another network. Layer 3 Routing 
between Ports in a Protected VLAN can be prevented by adding a Layer 3 
filter. The Protected VLAN feature also allows all of the members of the 
Protected VLAN to be in the same subnet.

A typical application is a hotel installation where each room has a port that can 
be used to access the Internet. In this situation it is undesirable to allow 
communication between rooms.

To create a Protected VLAN, use the command:

CREATE VLAN=

vlan-name

 VID=2..255 [PROTECTED]

VLAN Interaction with STPs and Trunk Groups

VLANs may have ports in more than one STP, when the ports belong to 
multiple VLANs. VLANs can belong to multiple STPs.

All the ports in a trunk group must have the same VLAN configuration: they 
must belong to the same VLANs and have the same tagging status, and can 
only be operated on as a group.

Содержание z AT-8700XL Series

Страница 1: ...AT 8700XL SERIES SWITCH USER GUIDE Software Release 2 6 1...

Страница 2: ...to make changes in specifications and other information contained in this document without prior written notice The information provided herein is subject to change without notice In no event shall A...

Страница 3: ...Changing a Password 16 Choosing a Password 16 Using the Commands 17 Getting Command Line Help 18 Setting System Parameters 18 CHAPTER 3 Getting Started with the Graphical User Interface GUI This Chap...

Страница 4: ...uting Information Protocol RIP 70 Example output from the SHOW IP RIP command 70 IGMP Snooping 70 Triggers 71 CHAPTER 6 Maintenance and Troubleshooting This Chapter 73 How the Switch Starts Up 74 How...

Страница 5: ...on The switch has both a Command Line Interface CLI and a Graphical User Interface GUI for configuration and management Before you can use the GUI you will need to login to the switch and use its CLI...

Страница 6: ...Install Guides step by step instructions for physically installing the switch and any expansion options The AT 8700XL Series Hardware Reference gives detailed information about the equipment hardware...

Страница 7: ...to copy them to the switch s FLASH memory Use the SET INSTALL command to enable the new software see Upgrading Switch Software on page 56 for detailed instructions If you require further assistance c...

Страница 8: ...DHCP lets you automatically assign IP addresses and other configuration information to PCs and other hosts on TCP IP networks Support for the Simple Network Management Protocol SNMP standard MIBs and...

Страница 9: ...can impact severely on your switch s performance DO NOT clear the FLASH memory completely The software release files are stored in FLASH and clearing FLASH memory would leave no software to run the sw...

Страница 10: ......

Страница 11: ...over which you will manage the switch This is necessary if you will access the switch using the GUI or Telnet see Assigning an IP Address on page 14 Set routes see Setting Routes on page 15 Change the...

Страница 12: ...e default settings of the console port on the switch For instructions on how to configure HyperTerminal see the AT 8700XL Series Hardware Reference To start a terminal session connect to the switch in...

Страница 13: ...me and password to gain access to the command prompt When the switch is supplied it has a manager account with an initial password friend Enter your login name at the login prompt login manager Enter...

Страница 14: ...e switch remotely if you change the configuration for example the VLAN membership of the port over which you are configuring the switch is likely to break the connection For more information about swi...

Страница 15: ...amically from listening to the selected route protocol and on the static information entered as part of the configuration process In addition you can configure user defined filters to restrict the way...

Страница 16: ...password discovery is to select a good password and keep it secret When choosing a password Do make it six or more characters in length The UAF enforces a minimum password length which the manager ca...

Страница 17: ...e prompt Path names of up to 256 characters including file names and file names up to 16 characters long with extensions of 3 characters are supported Aliases The command line interface supports alias...

Страница 18: ...at the end of a partially completed command displays a list of the parameters that may follow the current command line with the minimum abbreviations in uppercase letters see Figure 1 on page 18 The...

Страница 19: ...NAME nd1 co nz the location of the switch for example SET SYSTEM LOCATION Head Office 3rd floor east and a contact name and phone number for the network administrator responsible for the switch for ex...

Страница 20: ......

Страница 21: ...servers establishing a connection to your switch including an example of configuring SSL for secure access the System Status page the first GUI page you see Using the GUI navigation and features an o...

Страница 22: ...ource files are model specific with the model and version encoded in the file name Accessing the Switch via the GUI To use the GUI to configure the switch you use a web browser to open a connection to...

Страница 23: ...our side of the proxy server you will need to set the browser to bypass proxy entries for the IP address of the appropriate interface on the switch See Establishing a Connection to the Switch on page...

Страница 24: ...h possibility in detail Figure 2 A summary of the process for establishing a connection via the GUI Is the router already installed and configured in the LAN Determine the IP address of an interface o...

Страница 25: ...cable to connect an Ethernet card on the PC to any one of the switch ports see Figure 3 Figure 3 Connecting a PC directly to the switch You can browse to the switch through any VLAN as long as you giv...

Страница 26: ...h JavaScript enabled See Browser and PC Setup on page 22 for more information You need to know the PC s subnet 2 Plug the switch into the LAN To install the switch into the same subnet as the PC Use a...

Страница 27: ...an display it using the command SHOW SWITCH To set the interface to obtain its IP address by DHCP use the commands ADD IP INTERFACE VLAN1 IPADDRESS DHCP and ENABLE IP REMOTEASSIGN 6 If the PC you want...

Страница 28: ...ERFACE You can browse to the switch through any VLAN as long as you give that VLAN an IP address see below These instructions assume you will use vlan1 The switch ports all belong to vlan1 by default...

Страница 29: ...feature licences If these licences are not already present on your switch please contact your authorised distributor or reseller To secure your switch s HTTP Server with SSL for secure switch manageme...

Страница 30: ...ificate is not issued by a trusted authority For details see the Public Key Infrastructure PKI chapter of your Software Reference 8 Load self signed switch certificate To load the signed switch certif...

Страница 31: ...ease 2 6 1 C613 02030 00 REV B System Status The GUI opens to display the System Status page Figure 6 points out key information contained on the page Figure 6 The System Status page Model name Help S...

Страница 32: ...ters Using Configuration Pages Most protocols are configured by creating or adding an entry an IP route a PIM interface and so on For such protocols configuration with the GUI is based on sets of thre...

Страница 33: ...ts you expand or change the configuration for example change the Hello interval for a PIM interface see Figure 9 on page 34 To delete or destroy an item select it by clicking on the option button at t...

Страница 34: ...lds where there are few limits on the entries such as names See the online help for valid characters and field length select lists to select one option from a small number of possibilities Only valid...

Страница 35: ...closes a popup page without making any changes to the configuration Close Button A Close button closes a popup page and conserves any changes that you made to the settings on the page by clicking on b...

Страница 36: ...ic flow including displaying the number of good and bad packets received and transmitted over each switch port displaying the number of frames related to 802 1x port authentication received and transm...

Страница 37: ...g the GUI can be saved to a configuration script by clicking the Save button at the top of the sidebar menu A pop up Save window gives you the option of saving to the current configuration file anothe...

Страница 38: ...LE GUI Then delete the GUI resource file using the command DELETE FILE old gui rsc where old gui rsc is the name of the GUI resource file that you are replacing Wait until FLASH compaction has finishe...

Страница 39: ...old resource file enable it again using the command ENABLE GUI Check that the new GUI resource file is valid for your device using the command SHOW GUI If it is not or if the file was corrupted during...

Страница 40: ...and that your PC has a route to it Solution If you cannot ping the switch s interface Check that your PC s gateway is correct so that your PC has a route to the switch The IP address of the switch s...

Страница 41: ...MZ or both Solutions Check that the switch s link to the LAN is functioning by checking the interface status Monitoring and that the link LED is lit If the LED is not lit or the appropriate interfaces...

Страница 42: ...ion Changing the time is a 3 step process Select Configuration System Time First enter a time that is very shortly in the future e g 20 seconds later than the current time Then check Set time Then wai...

Страница 43: ...Solution 1 Access the switch s CLI see Connecting a Terminal or PC on page 12 If the switch has been switched off or has rebooted since you attempted to load the release file it will boot up with the...

Страница 44: ......

Страница 45: ...ANAGER and SECURITY OFFICER By default the switch has one account manager defined with manager privilege and the default password friend The commands that a user can execute depends on the user s priv...

Страница 46: ...d you are prompted to re enter the password The secure delay timer is by default 60 seconds If the password is not entered correctly the password prompt is repeated a set number of times If the correc...

Страница 47: ...ell chapter AT 8700XL Series Software Reference Encryption see the Compression and Encryption Services chapter AT 8700XL Series Software Reference Public Key Encryption PKI see the Public Key Infrastr...

Страница 48: ...ific Parameters ACTIVATE SCR ADD IP INT ADD SCR ADD USER CREATE CONFIG CREATE ENCO KEY CREATE PPP CREATE PPP TEMPLATE CREATE SNMP COMMUNITY DEACTIVATE SCR DELETE FILE DELETE SCR DELETE USER DISABLE US...

Страница 49: ...even if the switch is powered down You will use the FLASH memory to store updated software releases or patches and files that record the switch s configuration FLASH memory is like a flat file system...

Страница 50: ...ot script are limited to 128 characters The commands you enter into the switch from the command line affect only the dynamic configuration in RAM which is not retained over a power cycle The switch do...

Страница 51: ...itch s configuration dynamically Manually edit a configuration file using the switch s built in editor see Using the Built in Editor on page 60 or upload it to a PC using the UPLOAD command see the Op...

Страница 52: ...acters are lowercase letters a z uppercase letters A Z digits 0 9 and the hyphen character ext is a file name extension one to three characters in length Some file name extensions are shown in Figure...

Страница 53: ...ference The switch s default download method is TFTP To load a file onto the switch from a TFTP server using the TFTP protocol enter the command LOAD METHOD TFTP DELAY delay DESTFILE destfilename DEST...

Страница 54: ...efaults on your switch see the Operations chapter in the AT 8700XL Series Software Reference Example Load a Patch File Using HTTP This example loads a patch file onto the switch from a HTTP server on...

Страница 55: ...TP server on the network Before following this procedure make sure The TFTP server is operating on a host with an IP address for example 192 168 1 3 on the network The switch has a valid IP address fo...

Страница 56: ...action is taken The current release and patch file are set as the preferred install The switch also has a very limited version of the software stored in permanent memory EPROM You cannot delete this...

Страница 57: ...perations chapter in the AT 8700XL Series Software Reference Example Upgrade to a New Software Release Using TFTP This example assumes the switch is correctly configured to allow TFTP to function This...

Страница 58: ...new release once only when it reboots SET INSTALL TEMPORARY RELEASE 87 261 rez If you want to use the current switch configuration again store the dynamic configuration as a configuration script file...

Страница 59: ...tch once only the next time it reboots SET INSTALL TEMPORARY RELEASE 87 261 rez PATCH 87261 01 paz If you want to use the current switch configuration again store the dynamic configuration as a config...

Страница 60: ...on page 60 shows a example screen shot of the text editor To start the editor with a new file or an existing file enter the command EDIT filename Figure 11 The editor screen layout The editor uses VT1...

Страница 61: ...RITE TRAPHOST ipadd MANAGER ipadd OPEN ON OFF YES NO TRUE FALSE The community name is a security feature and you should keep it secure To enable the generation of authentication failure traps by the S...

Страница 62: ...memory on page 9 before you attempt to do this How to set aliases to represent common command strings How to define a remote security officer so you can manage the security features remotely via Telne...

Страница 63: ...or all 10 100 BASE ports Manual setting of port speed and duplex mode for all 10 100 BASE ports Link up and link down triggers Port trunking Packet storm protection Port mirroring Support for SNMP man...

Страница 64: ...ical connection of higher bandwidth This can be used where a higher performance link is required and makes links even more reliable Packet Storm Protection The packet storm protection feature allows y...

Страница 65: ...ent VLANs Share servers and other network resources without losing data isolation or security Direct broadcast traffic to only those devices which need to receive it to reduce traffic across the netwo...

Страница 66: ...t is it cannot be added to a VLAN as both a tagged and an untagged port To remove ports from a VLAN use the command DELETE VLAN vlan name 1 255 PORT port list ALL Removing an untagged port from a VLAN...

Страница 67: ...the VLAN 4 A port cannot be untagged and tagged for the same VLAN 5 The mirror port if there is one is not a member of any VLAN Protected VLANs If a VLAN is Protected Layer 2 traffic between ports th...

Страница 68: ...customers with different amounts of bandwidth Configuring Quality of Service involves two separate stages 1 Classifying traffic into flows according to a wide range of criteria Classification is perf...

Страница 69: ...be involved in STP negotiations STP must be enabled on the switch the port must be enabled on the switch and enabled for the STP it belongs to IP Switching The switch performs IP routing at wire speed...

Страница 70: ...VLAN is a member of a multicast group by default multicast packets will be flooded onto all ports in the VLAN IGMP snooping enables the switch to forward multicast traffic intelligently on the switch...

Страница 71: ...me REPEAT YES NO ONCE FOREVER count TEST YES NO ON OFF The following sections list the events that may be specified for the EVENT parameter the parameters that may be specified as module specific para...

Страница 72: ......

Страница 73: ...support personnel need to provide accurate support tailored to your situation see Getting the Most Out of Technical Support on page 78 restart the switch at any time with no configuration see Resettin...

Страница 74: ...should be able to at least proceed far enough to perform the load of the EPROM release and to start operating The install override option is designed to allow a mandatory switch boot from the EPROM r...

Страница 75: ...rom the switch s FLASH memory you will need to reload the software release and patch files If your access to the Internet is via the switch then you will need the files on your LAN You may wish to kee...

Страница 76: ...iculties arise FLASH compaction If the FLASH memory gets filled beyond a certain level it will automatically activate FLASH compaction to recover any space that is made available from deleted files Yo...

Страница 77: ...an IP address to the switch interface over which the software files are downloaded see Assigning an IP Address on page 14 5 Load software files onto switch Load the required software and patch onto th...

Страница 78: ...and network as you can This gives the support personnel as much information as possible to diagnose and solve your problem They may ask you to send the information to them by email Gather this inform...

Страница 79: ...re is a connection between the switch and another routing interface in the network Use the switch s extended PING command over IPv4 IPv6 IPX and AppleTalk network protocols PING sends echo request pac...

Страница 80: ...IP RIP To check that the IP Telnet server is enabled on each switch enter the command SHOW IP If the Telnet server is disabled enable the Telnet server with the command ENABLE TELNETSERVER 2 If Telne...

Страница 81: ...fic You can use trace route to discover the route that packets pass between two systems running the IP protocol Trace route sends an initial UDP packets with the Time To Live TTL field in the IP heade...

Отзывы:

Нет отзывов