Cisco Small Business SF200-24 Скачать руководство пользователя страница 1

Страница: 1 / 314

Cisco Small Business 200 Series Smart Switch
Administration Guide Release 1.1

10/100 Switches

SF200-24, SF200-24P, SF200-48, SF200-48P

Gigabit Switches

SG200-18, SG200-26, SG200-26P, SG200-50, SG200-50P

ADMINISTRATION

GUIDE

Содержание Small Business SF200-24

Страница 1: ...mall Business 200 Series Smart Switch Administration Guide Release 1 1 10 100 Switches SF200 24 SF200 24P SF200 48 SF200 48P Gigabit Switches SG200 18 SG200 26 SG200 26P SG200 50 SG200 50P ADMINISTRATION GUIDE ...

Страница 2: ...n Header 7 Management Buttons 9 Chapter 2 Viewing Statistics 12 Viewing Ethernet Interface 12 Viewing Etherlike Statistics 15 Viewing 802 1X EAP Statistics 17 Managing RMON Statistics 18 Viewing RMON Statistics 19 Configuring RMON History 21 Viewing the RMON History Table 23 Defining RMON Events Control 25 Viewing the RMON Events Logs 27 Defining RMON Alarms 28 Chapter 3 Managing System Logs 31 Se...

Страница 3: ...em Time 57 Adding an SNTP Server 59 Defining SNTP Authentication 63 Chapter 6 General Administrative Information and Operations 66 System Information 67 Displaying the System Summary 67 Configuring the System Settings 69 Switch Models 70 Rebooting the Switch 71 Monitoring the Fan Status 73 Defining Idle Session Timeout 74 Pinging a Host 75 Chapter 7 Configuring Discovery 77 Configuring Bonjour Dis...

Страница 4: ...Dynamic LAG Workflow 112 Defining LAG Management 113 Defining Member Ports in a LAG 114 Configuring LAG Settings 115 Configuring LACP 117 Setting Port LACP Parameter Settings 118 Green Ethernet 120 Setting Global Green Ethernet Properties 121 Setting Green Ethernet Properties for Ports 123 Chapter 9 Managing Device Diagnostics 125 Testing Copper Ports 125 Displaying Optical Module Status 129 Confi...

Страница 5: ...ng VLAN Membership 158 Voice VLAN 159 Voice VLAN Options 160 Configuring Voice VLAN Properties 161 Configuring Telephony OUI 163 Chapter 12 Configuring the Spanning Tree Protocol 165 STP Flavors 165 Configuring STP Status and Global Settings 166 Defining Spanning Tree Interface Settings 169 Configuring Rapid Spanning Tree Settings 172 Chapter 13 Managing MAC Address Tables 176 Configuring Static M...

Страница 6: ...t GroupsI 202 Defining Multicast Router Ports 203 Defining Forward All Multicast 205 Defining Unregistered Multicast Settings 207 Chapter 15 Configuring IP Information 210 Management and IP Interfaces 210 IP Addressing 212 Defining an IPv4 Interface 213 Defining IPv6 Global Configuration 215 Defining an IPv6 Interface 216 Defining IPv6 Addresses 218 Viewing the IPv6 Default Router List 220 Configu...

Страница 7: ...ining Storm Control 259 Configuring Port Security 262 Configuring 802 1X 265 802 1X Parameters Workflow 266 Defining 802 1X Properties 267 Defining 802 1X Port Authentication 268 Defining Host and Session Authentication 271 Viewing Authenticated Hosts 274 Chapter 17 Configuring Quality of Service 275 QoS Features and Components 275 Configuring QoS 277 Displaying QoS Properties 277 Defining QoS Int...

Страница 8: ...ctions Browsers have the following restrictions If you are using Internet Explorer 6 you cannot directly use an IPv6 address to access the switch You can however use the DNS Domain Name System server to create a domain name that contains the IPv6 address and then use that domain name in the address bar in place of the IPv6 address In Firefox the automatic pop up on top option is disabled by defaul...

Страница 9: ... new password To log in to the device configuration utility STEP 1 Enter the username password The password can contain up to 64 ASCII characters Password complexity rules are described in the Setting Password Complexity Rules section of the Configuring Security chapter STEP 2 If you are not using English select the desired language from the Language drop down menu To add a new language to the swi...

Страница 10: ...ace the factory default password When the password expires this page forces you to select a new password Logging Out Logging Out By default the application logs out after ten minutes of inactivity You can change this default value as described in the Defining Idle Session Timeout section in the General Administrative Information and Operations chapter CAUTION Unless the Running Configuration is co...

Страница 11: ...lly log out of the system a message is displayed and the Login page opens with a message indicating the logged out state After you log in the application returns to the initial page The initial page displayed depends on the Do not show this page on startup option in the Getting Started page If you did not select this option the initial page is the Getting Started page If you did select this option...

Страница 12: ...uct support page and clicking on the Forums link takes you to the Small Business Support Community page View Log RAM Memory page Quick Access Change Device Password User Accounts page Upgrade Device Software Upgrade Backup Firmware Language page Backup Device Configuration Download Backup Configuration Log page Configure QoS QoS Properties page Configure Port Mirroring Port and VLAN Mirroring page...

Страница 13: ...lay the Copy Save Configuration page Save the Running Configuration file type by copying it to the Startup Configuration file type on the switch After this save the red X icon and the Save application link are no longer displayed When the switch is rebooted it copies the Startup Configuration file type to the Running Configuration and sets the switch parameters according to the data in the Running...

Страница 14: ...lert Status icon is no longer displayed To display the page when there is not an active SYSLOG message follow the Status and Statistics View Log RAM Memory page path Management Buttons Button Name Description The Administrator can use the pull down menu to configure how many entries per page they wish to see at a time Indicates a mandatory field Add Click to display the related Add page and add an...

Страница 15: ...ace Clear Logs Clears log files Clear Table Clears table entries Close Returns to main page If there are changes that were not applied to the Running Configuration a message is displayed Copy Settings A table typically contains one or more entries containing configuration settings Instead of modifying each entry individually it is possible to modify one entry and then copy it to multiple entries a...

Страница 16: ...ntries for editing The Edit page opens and the entry can be modified 1 Click Apply to save the changes to the Running Configuration 2 Click Close to return to the main page Go Enter the query filtering criteria and click Go The results are displayed on the page Test Click Test to perform the related tests Management Buttons Continued Button Name Description ...

Страница 17: ...seful for analyzing the amount of traffic that is both sent and received and its dispersion Unicast Multicast and Broadcast To display Ethernet statistics STEP 1 Click Status and Statistics Interface The Interface page opens STEP 2 Enter the parameters Interface Select the type of interface and specific interface for which Ethernet statistics are to be displayed Refresh Rate Select the time period...

Страница 18: ...s transmitted including bad packets and FCS octets but excluding framing bits Unicast Packets Good Unicast packets transmitted Multicast Packets Good Multicast packets transmitted Broadcast Packets Good Broadcast packets transmitted To clear statistics counters Click Clear Interface Counters to clear counters for the interface displayed Click Clear All Interface Counters to clear counters for all ...

Страница 19: ...s involved in a single collision but were successfully transmitted Late Collisions Collisions that have been detected after the first 512 bits of data Excessive Collisions Number of transmissions due to excessive collisions Oversize Packets Packets greater than 1518 octets received Internal MAC Receive Errors Frames rejected because of receiver errors Pause Frames Received Received flow control pa...

Страница 20: ...Frames Received Valid EAPOL frames received on the port EAPOL Frames Transmitted Valid EAPOL frames transmitted by the port EAPOL Start Frames Received EAPOL Start frames received on the port EAPOL Logoff Frames Received EAPOL Logoff frames received on the port EAP Response ID Frames Received EAP Resp ID frames received on the port EAP Response Frames Received EAP Response frames received by the p...

Страница 21: ...since the last time they were cleared Viewing RMON Statistics The Statistics page displays detailed information regarding packet sizes and some information regarding physical layer errors The information shown is according to the RMON standard An oversized packet is defined as an Ethernet frame with the following criteria Packet length is greater than MRU byte size Collision event has not been det...

Страница 22: ...ckets Number of oversized packets over 1518 octets received Fragments Number of fragments packets with less than 64 octets excluding framing bits but including FCS octets received Jabbers Total number received packets that were longer than 1632 octets This number excludes frame bits but includes FCS octets that had either a bad FCS Frame Check Sequence with an integral number of octets FCS Error o...

Страница 23: ... of frames containing 256 511 bytes that were received Frames of 512 to 1023 Bytes Number of frames containing 512 1023 bytes that were received Frames greater than 1024 Bytes Number of frames containing 1024 1632 bytes and Jumbo Frames that were received STEP 4 Select another interface in the Interface field The RMON statistics are displayed To reset the counters click Clear Interface Counters or...

Страница 24: ...across reboots In addition you can send messages to remote SYSLOG servers in the form of SYSLOG messages This section contains the following sections Setting System Log Settings Setting Remote Logging Settings Viewing Memory Logs Setting System Log Settings You can enable or disable logging on the Log Settings page and select whether to aggregate log messages Severity Levels You can select the eve...

Страница 25: ... of the higher severity events to be automatically stored in the log Lower severity events are not stored in the log For example if Warning is selected all severity levels that are Warning and higher are stored in the log Emergency Alert Critical Error and Warning No events with severity level below Warning are stored Notice Informational and Debug To set global log parameters STEP 1 Click Adminis...

Страница 26: ...page opens This page displays the list of remote log servers STEP 2 Click Add The Add Remote Log Server page opens STEP 3 Enter the parameters Server Definition Select whether to specify the remote log server by IP address or name IP Version Select the supported IP format IPv6 Address Type Select the IPv6 address type if IPv6 is used The options are Link Local The IPv6 address uniquely identifies ...

Страница 27: ...rity Select the minimum level of system log messages to be sent to the server STEP 4 Click Apply The Add Remote Log Server page closes the SYSLOG server is added and the Running Configuration file is updated Viewing Memory Logs The switch can write to the following logs Log in RAM cleared during reboot Log in Flash memory cleared only upon user command You can configure the messages that are writt...

Страница 28: ...ng the event To clear the log messages click Clear Logs The messages are cleared Flash Memory Flash Memory The Flash Memory page displays the messages that were stored in Flash memory in chronological order The minimum severity for logging is configured in the Log Settings page Flash logs remain when the switch is rebooted You can clear the logs manually To view the Flash logs click Status and Sta...

Страница 29: ...le type to another but the names of the file types cannot be changed by the user Other files on the device include firmware boot code and log files and are referred to as operational files The configuration files are text files and can be edited by a user in a text editor such as Notepad after they are copied to an external device such as a PC Files and File Types The following types of configurat...

Страница 30: ...t system shutdown or for the maintenance of a specific operating state You can copy the Mirror Configuration Startup Configuration or Running Configuration to a Backup Configuration file The Backup Configuration exists in Flash and is preserved if the device is rebooted Mirror Configuration A copy of the Startup Configuration created by the switch after The switch has been operating continuously f...

Страница 31: ...ing Configuration Files section Automatically upload a configuration file from a TFTP server to the switch as described in the Setting DHCP Auto Configuration section CAUTION Unless the Running Configuration is manually copied to the Startup Configuration Backup Configuration or an external file all changes made since the last time the file was saved are lost when the switch is rebooted We recomme...

Страница 32: ... following methods for transferring files are supported HTTP that uses the facilities provided by the browser TFTP that requires a TFTP server If a new language file was loaded onto the switch the new language can be selected from the drop down menu It is not necessary to reboot the switch The Upgrade Backup Firmware Language page can also be accessed by selecting Download New Language in the Lang...

Страница 33: ...pes are described in the Files and File Types section Note that the boot code can only be upgraded via TFTP b Server Definition Select whether to specify the TFTP server by IP address or domain name c IP Version Select whether an IPv4 or an IPv6 address is used d IPv6 Address Type Select the IPv6 address type if IPv6 is used The options are Link Local The IPv6 address uniquely identifies hosts on ...

Страница 34: ...the configuration Global The IPv6 address is a global Unicast IPV6 type that is visible and reachable from other networks e Link Local Interface Select the link local interface if IPv6 is used from the list f TFTP Server IP Address Name Enter the IP address of the TFTP server g Destination File Name Enter the destination file name File names cannot contain slashes or the leading letter of the file...

Страница 35: ... types from another device to the switch When restoring a configuration file to the Running Configuration the imported file adds any configuration commands that did not exist in the old file and overrides any parameter values in the existing configuration commands When restoring a configuration file to the Startup Configuration or a backup configuration file the new file replaces the previous file...

Страница 36: ...fies hosts on a single network link A link local address has a prefix of FE80 is not routable and can be used for communication only on the local network Only one link local address is supported If a link local address exists on the interface this entry replaces the address in the configuration Global The IPv6 address is a global Unicast IPV6 type that is visible and reachable from other networks ...

Страница 37: ...face from the list d TFTP Server IP Address Name Enter the IP address or domain name of the TFTP server e Source File Type Enter the source configuration file type Only valid file types are displayed The file types are described in the Files and File Types section f Destination File Name Enter the destination file name File names cannot contain slashes or the leading letter of the file name should...

Страница 38: ...uration and or the Backup Configuration You cannot delete the other configuration file types To view configuration file properties click Administration File Management Configuration Files Properties The Configuration Files Properties page opens This page provides the following fields Configuration File Name Displays the type of file Creation Time Displays the date and time that file was modified T...

Страница 39: ...or Backup Configuration From the Startup Configuration to the Backup Configuration From the Backup Configuration to the Startup Configuration From the Mirror Configuration to the Startup Configuration or Backup Configuration To copy one configuration from one file type to another file type STEP 1 Click Administration File Management Copy Save Configuration The Copy Save Configuration page opens ST...

Страница 40: ...e DHCP by using the procedure is described in the Management and IP Interfaces section The DHCP Auto Configuration page configures the switch to receive DHCP information pointing to a TFTP server and file for auto configuration purposes or manual configuration of the TFTP server and configuration file in the event that the information is not provided in a DHCP message Note the following limitation...

Страница 41: ...er the path and file name of the file to be used when no configuration file name was specified in the DHCP message The window displays the following Last Auto Configuration TFTP Server IP Address Displays the IP address of the TFTP server last used to perform auto configuration Last Auto Configuration File Name Displays the last file name used by the switch in auto configuration The Last Auto Conf...

Страница 42: ...are inaccurate Time also reduces confusion in shared file systems as it is important for the modification times to be consistent regardless of the machine on which the files systems reside For these reasons it is important that the time configured on the all devices on the network be accurate NOTE The switch supports Simple Network Time Protocol SNTP and when enabled the switch dynamically synchro...

Страница 43: ...he millisecond by using an SNTP server for the clock source NOTE This method is recommended for the sake of accuracy Manual The user can manually set the time From Browser Time can be received from the time of the PC using browser information If this feature is enabled the switch uses the system time from the configuring computer unless the time has been configured on the switch manually by the us...

Страница 44: ...r supplying the source parameters fails or dynamic configuration is disabled by the user the manual settings are used Dynamic configuration of the time zone and DST continues after the IP address lease time has expired Manual configuration of the time zone and DST by the user becomes the Operational time zone and DST only if the dynamic configuration is disabled or fails Configuring System Time Us...

Страница 45: ...time is used when there is no alternate source of time such as an SNTP server Date Enter the system date Local Time Enter the system time Time Zone Settings The local time is used via DHCP or Time Zone offset Get time zone from DHCP Select to enable dynamic configuration of the time zone and the DST from the DHCP server Whether one or both of these parameters can be configured depends on the infor...

Страница 46: ...allows further customization of the start and stop of DST From Date when DST begins each year Day Day of the week on which DST begins every year Week Week within the month from which DST begins every year Month Month of the year in which DST begins every year Time The time at which DST begins every year To Date when DST ends each year For example DST ends locally every fourth Friday in October at ...

Страница 47: ...ame time and selects the best source of the parameters according to the closest stratum distance from the reference clock To add an SNTP server STEP 1 Click Administration Time Settings SNTP Settings The SNTP Settings page opens This page displays the following information for each Unicast SNTP server SNTP Server SNTP server IP address Up to eight SNTP servers can be defined The preferred server o...

Страница 48: ...stem will only display an SNTP server once a successful broadcast has been received This feature is not functional when the switch is in layer 3 mode STEP 3 Click Add to display the Add SNTP Server page STEP 4 Enter the following parameters Server Definition Select if the SNTP server is going to be identified by its IP address or if you are going to chose a well known SNTP server by name from the ...

Страница 49: ...rs with the polling setting enabled and selects a new primary server with the lowest stratum Authentication Select the check box to enable authentication Authentication Key ID If authentication is enabled select the value of the key ID Create the authentication keys using the SNTP Authentication page STEP 5 Click Apply The STNP server is added and you are returned to the main page Defining SNTP Au...

Страница 50: ... STEP 4 Click Add The Add SNTP Authentication page opens STEP 5 Enter the following parameters Authentication Key ID Enter the number used to identify this SNTP authentication key internally Authentication Key Enter the key used for authentication up to eight characters The SNTP server must send this key for the switch to synchronize to it Trusted Key Select the check box to allow the switch to re...

Страница 51: ...e Switch Monitoring the Fan Status and Temperature Defining Idle Session Timeout Pinging a Host System Information The System Summary page provides a graphic view of the switch and displays switch status hardware information firmware version information general Power over Ethernet PoE status and other items Displaying the System Summary To view system information click Status and Statistics System...

Страница 52: ...ime Time that has elapsed since the last reboot Current Time Current system time Base MAC Address Switch MAC address Jumbo Frames Jumbo frame support status This support can be enabled or disabled by using the Port Setting page NOTE Jumbo frames support takes affect only after it is enabled and after the switch is rebooted TCP UDP Services Status HTTP Service Displays whether HTTP is enabled disab...

Страница 53: ...umption W Total PoE power delivered to connected PoE devices PoE Power Mode Port Limit or Class Limit Configuring the System Settings To enter system settings STEP 1 Click Administration System Settings The System Settings page opens STEP 2 Modify the system settings System Description Displays a description of the switch System Location Enter the location where the switch is physically located Sy...

Страница 54: ... a VLAN aware bridge In Layer 3 mode the switch performs both IPv4 routing and VLAN aware bridging When the switch operates in Layer 3 mode the VLAN Rate Limit and QoS policers are not operational Other QoS Advanced mode features are operational Fast Ethernet 10 100 ports are designated as FE and Gigabit Ethernet ports 10 100 1000 are designated as GE in the table below NOTE Acronyms used for port...

Страница 55: ... special purpose combo ports 180W 24 ports FE1 FE12 FE25 FE36 SF200 24 SLM224GT 24 FE ports 2 GE special purpose combo ports SF200 24P SLM224PT 24 FE ports 2 GE special purpose combo ports 100W 12 ports FE1 FE6 FE13 FE18 SF200 48 SLM248GT 48 FE ports 2 GE special purpose combo ports SF200 48P SLM248PT FE1 FE48 GE1 GE4 48 FE ports 2 GE special purpose combo ports 180W 24 ports FE1 FE12 FE25 FE36 Sm...

Страница 56: ... Files section To reboot the switch STEP 1 Click Administration Reboot The Reboot page opens STEP 2 Click one of the Reboot buttons to reboot the switch Reboot Reboots the switch Since any unsaved information in the Running Configuration s is discarded when the switch is rebooted you must click Save in the upper right corner of any window to preserve current configuration across the boot process I...

Страница 57: ...wing fields Fan Status Fan status OK indicates that the fans are operating normally Temperature The internal temperature of the switch Defining Idle Session Timeout The Idle Session Timeout configures the time interval during which the HTTP session can remain idle before it times out and the user must login again to reestablish the session HTTP Session Timeout HTTPS Session Timeout To set the idle...

Страница 58: ...r Global as the type of IPv6 address to enter Link Local The IPv6 address uniquely identifies hosts on a single network link A link local address has a prefix of FE80 is not routable and can be used for communication only on the local network Only one link local address is supported If a link local address exists on the interface this entry replaces the address in the configuration Global The IPv6...

Страница 59: ...ries Smart Switch Administration Guide 51 6 STEP 3 Click Activate Ping to ping the host The ping status is displayed and another message is added to the list of messages indicating the result of the ping operation STEP 4 View the results of ping in the Ping Counters and Status section of the page ...

Страница 60: ...able or disable the switch services The switch can be discovered by a network management system or other third party applications By default Bonjour is enabled and runs on the Management VLAN The Bonjour console automatically detects the device and displays it Bonjour for a System in Layer 2 Mode Bonjour Discovery can only be enabled globally and not on a per port or per VLAN basis The switch adve...

Страница 61: ...ocol are link layer protocols for directly connected LLDP and CDP capable neighbors to advertise themselves and their capabilities to each other By default the switch sends an LLDP CDP advertisement periodically to all its interfaces and terminates and processes incoming LLDP and CDP packets as required by the protocols In LLDP and CDP advertisements are encoded as TLV Type Length Value in the pac...

Страница 62: ...VLAN and Auto Voice VLAN sections for details NOTE CDP LLDP does not distinguish if a port is in a LAG If there are multiple ports in a LAG CDP LLDP transmit packets on each port without taking into account the fact that the ports are in a LAG The operation of CDP LLDP is independent of the STP status of an interface If 802 1x port access control is enabled at an interface the switch will transmit...

Страница 63: ...anagement in multi vendor environments LLDP standardizes methods for network devices to advertise themselves to other systems and to store discovered information LLDP enables a device to advertise its identification configuration and capabilities to neighboring devices that then store the data in a Management Information Base MIB The network management system models the topology of the network by ...

Страница 64: ... Create LLDP MED network policies by using the LLDP MED Network Policy page 4 Associate LLDP MED network policies and the optional LLDP MED TLVs to the desired interfaces by using the LLDP MED Port Settings page 5 If Auto Smartport is to detect the capabilities of LLDP devices enable LLDP in the Smartport Properties page 6 Display overloading information by using the LLDP Overloading page Setting ...

Страница 65: ... in seconds that passes between successive LLDP frame transmissions due to changes in the LLDP local systems MIB For a description of LLDP MED refer to the LLDP MED Network Policy section STEP 3 In the Fast Start Repeat Count field enter the number of times LLDP packets are sent when the LLDP MED Fast Start mechanism is initialized This occurs when a new endpoint device links to the switch STEP 4 ...

Страница 66: ...st The available TLVs contain the following information Port Description Information about the port including manufacturer product name and hardware software version System Name System s assigned name in alpha numeric format The value equals the sysName object System Description Description of the network entity in alpha numeric format This includes the system s name and versions of the hardware o...

Страница 67: ...he dynamic IP addresses If there are no dynamic addresses the software chooses the lowest IP address among the static IP addresses None Do not advertise the management IP address Manual Advertise Select this option and the management IP address to be advertised IP Address If Manual Advertise was selected select the Management IP address from the addresses provided STEP 3 Enter the relevant informa...

Страница 68: ...ministrator can manually configure one or more network policies and the interfaces where the policies are to be sent It is the administrator s responsibility to manually create the VLANs and their port memberships according to the network policies and their associated interfaces In addition an administrator can instruct the switch to automatically generate and advertise a network policy for voice ...

Страница 69: ...nt by neighbors This informs them how they should mark the application traffic they send to the switch STEP 6 Click Apply The network policy is defined NOTE You must manually configure the interfaces to include the desired manually defined network policies for the outgoing LLDP packets using the LLDP MED Port Settings Configuring LLDP MED Port Settings The LLDP MED Port Settings page enables the s...

Страница 70: ...this port System Log Notification Select whether the log notification is sent on a per port basis when an end station that supports MED has been discovered Available Optional TLVs Select the TLVs that can be published by the switch by moving them to the Selected Optional TLVs list Available Network Policies Select the LLDP MED policies that will be published by LLDP by moving them to the Selected ...

Страница 71: ... to see the details of the LLDP and LLDP MED TLVs received from the neighbor LLDP Port Status Global Information LLDP Port Status Global Information Chassis ID Subtype Type of chassis ID for example MAC address Chassis ID Identifier of chassis Where the chassis ID subtype is a MAC address the MAC address of the switch is displayed System Name Name of switch System Description Description of the sw...

Страница 72: ...Switch Administration Guide 64 7 Local PoE Local PoE information advertised Remote PoE PoE information advertised by the neighbor of neighbors Number of neighbors discovered Neighbor Capability of 1st Device Displays the primary functions of the neighbor for example Bridge or Router ...

Страница 73: ...For example the MAC address Chassis ID Identifier of chassis Where the chassis ID subtype is a MAC address the MAC address of the switch is displayed System Name Name of switch System Description Description of the switch in alpha numeric format Supported System Capabilities Primary functions of the device such as Bridge WLAN AP or Router Enabled System Capabilities Primary enabled function s of t...

Страница 74: ...ata conversion from the Ethernet interfaces collision detection and bit injection into the network for example 100BASE TX full duplex mode 802 3 Details 802 3 Maximum Frame Size The maximum supported IEEE 802 3 frame size 802 3 Link Aggregation Aggregation Capability Indicates whether the interface can be aggregated Aggregation Status Indicates whether the interface is aggregated Aggregation Port ...

Страница 75: ...ass offering media streaming capabilities as well as all Class 1 features Endpoint Class 3 Indicates a communications device class offering all Class 1 and Class 2 features plus location 911 Layer 2 switch support and device information management capabilities PoE Device Type Port PoE type for example powered PoE Power Source Port power source PoE Power Priority Port power priority PoE Power Value...

Страница 76: ... policy DSCP Displaying LLDP Neighbors Information The LLDP Neighbors Information page displays information that was received from neighboring devices After timeout based on the value received from the neighbor Time To Live TLV during which no LLDP PDU was received from a neighbor the information is deleted To view the LLDP neighbors information STEP 1 Click Administration Discovery LLDP Neighbors...

Страница 77: ...Information about the port including manufacturer product name and hardware software version System Name Name of system that is published System Description Description of the network entity in alpha numeric format This includes the system name and versions of the hardware operating system and networking software supported by the device The value equals the sysDescr object Supported System Capabil...

Страница 78: ...full duplex mode 802 3 Power via MDI MDI Power Support Port Class Advertised power support port class PSE MDI Power Support Indicates if MDI power is supported on the port PSE MDI Power State Indicates if MDI power is enabled on the port PSE Power Pair Control Ability Indicates if power pair control is supported on the port PSE Power Pair Power pair control type supported on the port PSE Power Cla...

Страница 79: ...LDP MED endpoint device class The possible device classes are Endpoint Class 1 Indicates a generic endpoint class offering basic LLDP services Endpoint Class 2 Indicates a media endpoint class offering media streaming capabilities as well as all Class 1 features Endpoint Class 3 Indicates a communications device class offering all Class 1 and Class 2 features plus location 911 Layer 2 switch suppo...

Страница 80: ...ion Enter the following data structures in hexadecimal as described in section 10 2 4 of the ANSI TIA 1057 standard Civic Civic or street address Coordinates Location map coordinates latitude longitude and altitude ECS ELIN Device s Emergency Call Service ECS Emergency Location Identification Number ELIN Unknown Unknown location information Network Policies Application Type Network policy applicat...

Страница 81: ...carded Errors Total number of received frames with errors Rx TLVs Discarded Total number of received TLVs that were discarded Unrecognized Total number of received TLVs that were unrecognized Neighbor s Information Deletion Count Number of neighbor ageouts on the interface STEP 2 Click Refresh to view the latest statistics LLDP Overloading LLDP adds information as LLDP and LLDP MED TLVs into the L...

Страница 82: ... a port select it and click Details The LLDP Overloading Details opens This page displays the following information for each TLV sent on the port LLDP Mandatory TLVs Size Bytes Total mandatory TLV byte size Status If the mandatory TLV group is being transmitted or if the TLV group was overloaded LLDP MED Capabilities Size Bytes Total LLDP MED capabilities packets byte size Status If the LLDP MED c...

Страница 83: ... LLDP MED 802 3 TLVs packets were sent or if they were overloaded LLDP Optional TLVs Size Bytes Total LLDP MED optional TLVs packets byte size Status If the LLDP MED optional TLVs packets were sent or if they were overloaded LLDP MED Inventory Size Bytes Total LLDP MED inventory TLVs packets byte size Status If the LLDP MED inventory packets were sent or if they were overloaded Total Bytes Total n...

Страница 84: ...CDP is a Cisco proprietary protocol CDP Configuration Workflow The followings is sample workflow in configuring CDP on the switch You can also find additional CDP configuration guidelines in the LLDP CDP section Enter the CDP global parameters using the CDP Properties page Configure CDP per interface using the Interface Setting page If Auto Smartport is to detect the capabilities of CDP devices en...

Страница 85: ...nd the invalid error counter is incremented CDP Version Select the version of CDP to use CDP Hold Time Amount of time that CDP packets are held before the packets are discarded measured in multiples of the TLV Advertise Interval For example if the TLV Advertise Interval is 30 seconds and the Hold Multiplier is 4 then the LLDP packets are discarded after 120 seconds The following options are possib...

Страница 86: ...formation in the incoming frame does not match what the local device is advertising STEP 3 Click Apply The LLDP properties are defined Editing CDP Interface Settings Use the Interface Settings page to activate LLDP and remote log server notification per port and to select the TLVs included in LLDP PDUs By setting these properties it is possible to select the types of information to be provided to ...

Страница 87: ...s are operational when the switch has been set up to send traps to the management station Syslog Voice VLAN Mismatch Select to enable the option of sending a SYSLOG message when a voice VLAN mismatch is detected This means that the voice VLAN information in the incoming frame does not match what the local device is advertising Syslog Native VLAN Mismatch Select to enable the option of sending a SY...

Страница 88: ...LV Port ID Identifier of port advertised in the port TLV Capabilities Capabilities advertised in the port TLV Version Information about the software release on which the device is running Platform Identifier of platform advertised in the platform TLV Native VLAN The native VLAN identifier advertised in the native VLAN TLV Duplex Whether port is half or full duplex advertised in the full half duple...

Страница 89: ...field which is different from the last received set or when the first value is received The interface transitions to Down Available Power Amount of power consumed by port Management Power Level Displays the supplier s request to the powered device for its Power Consumption TLV The device always displays No Preference in this field Displaying CDP Neighbors Information The CDP Neighbors Information ...

Страница 90: ...of CDP Time to Live Time interval in seconds after which the information for this neighbor is deleted Capabilities Primary functions of the device The capabilities are indicated by two octets Bits 0 through 7 indicate Other Repeater Bridge WLAN AP Router Telephone DOCSIS cable device and station respectively Bits 8 through 15 are reserved Platform Identifier of the neighbor s platform Neighbor Int...

Страница 91: ...P Statistics The CDP Statistics page opens STEP 2 Enter the parameter Refresh Rate Select the time period that passes before the CDP Statistics page is refreshed The Attribute Counter block displays the counters for various types of packets per interface Version 1 Number of CDP version 1 packets received transmitted Version 2 Number of CDP version 2 packets received transmitted Total Total number ...

Страница 92: ...ocol and configure the potential member ports to the desired LAGs by using the LAG Management page By default all LAGs are empty 3 Configure the Ethernet parameters such as speed and auto negotiation for the LAGs by using the LAG Settings page 4 Configure the LACP parameters for the ports that are members or candidates of a dynamic LAG by using the LACP page 5 Configure Green Ethernet and 802 3 En...

Страница 93: ...ake effect only after the Running Configuration is explicitly saved to the Startup Configuration File using the Copy Save Configuration page and the switch is rebooted STEP 4 To update the port settings select the desired port and click Edit The Edit Port Setting page opens STEP 5 Modify the following parameters Interface Select the port number Port Description Enter the port user defined name or ...

Страница 94: ...ds You can designate Administrative Speed only when port auto negotiation is disabled NOTE To change the status of a Giga port from 10 Half 100 Half to 1000 Full change the duplex mode to Full and then change the Administrative Port speed to 1000 Operational Port Speed Displays the current port speed that is the result of negotiation Administrative Duplex Mode Select the port duplex mode This fiel...

Страница 95: ...t from sending packets by jamming the signal Flow Control Enable or disable 802 3x Flow Control or enable the auto negotiation of Flow Control on the port only when in Full Duplex mode MDI MDIX the Media Dependent Interface MDI Media Dependent Interface with Crossover MDIX status on the port The options are MDIX Select to swap the port s transmit and receives pairs MDI Select to connect this switc...

Страница 96: ...bers After a LAG is manually created the LACP option cannot be added or removed until the LAG is edited and a member is removed which can be added prior applying then the LACP button will become available for editing Dynamic A LAG is dynamic if LACP is enabled on it The group of ports assigned to dynamic LAG are candidate ports LACP determines which candidate ports are active member ports The non ...

Страница 97: ... All ports in a LAG must be of the same media type To add a port to the LAG it cannot belong to any VLAN except the default VLAN Ports in a LAG must not be assigned to another LAG No more than eight ports are assigned to a static LAG and no more than 16 ports can be candidates for a dynamic LAG All the ports in a LAG must have auto negotiation disabled although the LAG can have auto negotiation en...

Страница 98: ...AG Management page 2 Configure various aspects of the LAG such as speed and flow control by using the LAG Settings page 3 Set the LACP priority and timeout of the ports in the LAG by using the LACP page Defining LAG Management The LAG Management page displays the global and per LAG settings The page also enables you to configure the global setting and to select and edit the desired LAG on the Edit...

Страница 99: ...gned and 16 ports can be assigned to a dynamic LAG STEP 3 Click Apply The LAG membership is defined and the Running Configuration file is updated Configuring LAG Settings The LAG Settings page displays a table of current settings for all LAGs You can configure the settings of selected LAGs and reactivate suspended LAGs by launching the Edit LAG Settings page To configure the LAG settings or reacti...

Страница 100: ... be advertised by the LAG The options are Max Capability All LAG speeds and both duplex modes are available 10 Full The LAG advertises a 10 Mbps speed and the mode is full duplex 100 Full The LAG advertises a 100 Mbps speed and the mode is full duplex 1000 Full The LAG advertises a 1000 Mbps speed and the mode is full duplex Operational Advertisement Displays the Administrative Advertisement statu...

Страница 101: ...ies are the same the local and remote MAC addresses are compared The priority of the device with the lowest MAC address controls candidate port selection to the LAG A dynamic LAG can have up to 16 Ethernet ports of the same type Up to eight ports can be active and up to eight ports can be in standby mode When there are more than eight ports in the dynamic LAG the switch on the controlling end of t...

Страница 102: ...ts ports as active from the dynamic LAG that has the highest priority NOTE The LACP setting is irrelevant on ports that are not members of a dynamic LAG To define the LACP settings STEP 1 Click Port Management Link Aggregation LACP The LACP page opens STEP 2 Select a port and click Edit The Edit LACP page opens STEP 3 Enter the values for the following fields Port Select the port number to which t...

Страница 103: ...the port Up Recovery from this mode to full operational mode is fast transparent and no frames are lost This mode is supported on both GE and FE ports Short Reach Mode This feature provides for power savings on a short length of cable After cable length is analyzed the power usage is adjusted for various cable lengths If the cable is shorter than 50 meters the switch uses less power to send frames...

Страница 104: ...efault Configuration Interactions Between Features 802 3az EEE Configuration Workflow 802 3az EEE Overview 802 3az EEE is designed to save power when there is no traffic on the link In Green Ethernet power is reduced when the port is down With 802 3az EEE power is reduced when the port is up but there is no traffic on it 802 3az EEE is only supported on devices with GE ports When using 802 3az EEE...

Страница 105: ...nt process both link partners to exchange their 802 3az EEE capabilities Auto Negotiation functions automatically without user interaction when it is enabled on the device NOTE If Auto Negotiation is not enabled on a port the EEE is disabled The only exception is if the link speed is 1GB then EEE will still e enabled even though Auto Negotiation is disabled Link Level Discovery for 802 3az EEE In ...

Страница 106: ...o Negotiation field to ensure that it is Enabled STEP 2 Ensure that 803 2 Energy Efficient Ethernet EEE is globally enabled in the Port Management Green Ethernet Properties page it is enabled by default This page also displays how much energy has been saved STEP 3 Ensure that 802 3az EEE is enabled on a port by opening the Green Ethernet Port Settings page a Select a port open the Edit Port Settin...

Страница 107: ... NOTE Disabling or enabling Energy Detect Mode temporarily disconnects the network connections Short Reach Globally enable or disable Short Reach mode if there are GE ports on the switch If this mode is changed a message is displayed The field still shows on switches that do not have GE ports but is invalid 802 3 Energy Efficient Ethernet EEE Globally enable or disable EEE mode only available if t...

Страница 108: ...EP 1 Click Port Management Green Ethernet Port Settings The Port Settings page opens The Port Settings page displays the following Port The port number Energy Detect State of the port regarding Energy Detect mode Administrative Displays whether Energy Detect mode was enabled Operational Displays whether Energy Detect mode is currently operating Reason If Energy Detect mode is not operational displ...

Страница 109: ...he Short Reach Energy Detect and EEE settings for each port however they are not enabled on any port unless they are also enabled globally by using the Properties page To enable Short Reach and EEE globally see the Setting Global Green Ethernet Properties section STEP 2 Select a Port and click Edit The Edit Port Setting page opens STEP 3 Select to enable or disable Energy Detect mode on the port S...

Страница 110: ...the Reset Operation Auto Smartport Default Configuration Relationships with Other Features and Backwards Compatibility Common Smartport Tasks Web GUI Built in Smartport Macros Overview The Smartport feature provides a convenient way to save and share common configurations By applying the same Smartport macro to multiple interfaces the interfaces share a common set of configurations A Smartport mac...

Страница 111: ...ents and features are described in the following sections Smartport Smartport types and Smartport macros described in this section Voice VLAN and Smartport described in the Voice VLAN section LLDP CDP for Smartport described in the Configuring LLDP and Configuring CDP sections respectively Additionally typical work flows are described in the Common Smartport Tasks section What is a Smartport A Sma...

Страница 112: ...r called the anti macro serves to undo all configuration performed by the macro when that interface happens to become a different Smartport type A Smartport macro can be applied by its Smartport type statically from the GUI and dynamically by Auto Smartport Auto Smartport derives the Smartport types of the attached devices based on CDP capabilities LLDP system capabilities and or LLDP MED capabili...

Страница 113: ...xist to signify the state of the interface regarding smartport The following are special Smartport types Default An interface that does not yet have a Smartport type assigned to it has the Default Smartport status Server No No Host Yes No IP camera No No IP phone Yes Yes IP phone desktop Yes Yes Switch Yes Yes Router Yes No Wireless Access Point Yes Yes Table1 Smartport Type Supported by Auto Smar...

Страница 114: ...s the Smartport status See the workflow area in Common Smartport Tasks section for troubleshooting tips NOTE Throughout this section the term aged out is used to describe the LLDP and CDP messages via their TTL If Auto Smartport is enabled and persistent status is disabled and no more CDP or LLDP messages are received on the interface before both TTLs of the most recent CDP and LLDP packets decrea...

Страница 115: ...rt types and the Smartport macros to the interfaces after reboot as follows If the Startup Configuration File does not specify a Smartport type for an interface its Smartport type is set to Default If the Startup Configuration File specifies a static Smartport type the Smartport type of the interface is set to this static type If the Startup Configuration File specifies a Smartport type that was d...

Страница 116: ...he macro Because support is provided for Smartport types which correspond to devices which do not allow themselves to be discovered via CDP and or LLDP these Smartport types must be statically assigned to the desired interfaces This can be done by navigating to the Smartport Interface Settings page selecting the radio button of the desired interface and clicking edit Then select the Smartport type...

Страница 117: ... that is appropriate for all of the devices is applied to the interface if possible If a device is aged out no longer receiving advertisements from other devices the interface configuration is changed according to its Persistent Status If the Persistent Status is enabled the interface configuration is retained If not the Smartport Type reverts to Default Enabling Auto Smartport Enabling Auto Smart...

Страница 118: ...ace where the IP phone attaches Unless Persistent Auto SmartPort is enabled on an interface the SmartPort type and resulting configuration applied by Auto SmartPort will be removed if the attaching device s ages out links down reboots or conflicting capabilities are received Aging out times are determined by the absence of CDP and or LLDP advertisements from the device for a specified time period ...

Страница 119: ...rt Type Capability Name LLDP Bit Smartport Type Other 1 Ignore Repeater IETF RFC 2108 2 Ignore MAC Bridge IEEE Std 802 1D 3 Switch WLAN Access Point IEEE Std 802 11 MIB 4 Wireless Access Point Router IETF RFC 1812 5 Router Telephone IETF RFC 4293 6 ip_phone DOCSIS cable device IETF RFC 4639 and IETF RFC 4546 7 Ignore Station Only IETF RFC 4293 8 Host C VLAN Component of a VLAN Bridge IEEE Std 802 ...

Страница 120: ...ed For more information about LLDP CDP refer to the Configuring LLDP and Configuring CDP sections respectively Persistent Auto Smartport Interface If the Persistent Status of an interface is enabled its Smartport type and the configuration that is already applied dynamically by Auto Smartport will remain on the interface even after the attaching device ages out the interface goes down and the swit...

Страница 121: ...op Switch and Wireless Access Point See the Voice VLAN section for a description of the voice factory defaults Relationships with Other Features and Backwards Compatibility Auto Smartport is enabled by default and may be disabled Telephony OUI cannot function concurrently with Auto Smartport and Auto Voice VLAN Auto Smarport must be disabled before enabling Telephony OUI A switch can be upgraded t...

Страница 122: ...TEP 3 Select which type of devices will be detected in the Auto Smartport Device Detection field STEP 4 Click Apply STEP 5 To enable the Auto Smartport feature on one or more interfaces open the Smartport Interface Settings page STEP 6 Select the interface and click Edit STEP 7 Select Auto Smartport in the Smartport Application field STEP 8 Check or uncheck Persistent Status if desired STEP 9 Clic...

Страница 123: ... will be used when Auto Smartport applies the selected Smartport type if applicable to an interface 5 In the Edit page modify the fields 6 Click Apply to rerun the macro if the parameters were changed or Restore Defaults to restore default parameter values to built in macros if required Workflow4 To rerun a Smartport macro after it has failed perform the following steps STEP 1 In the Interface Set...

Страница 124: ...t Properties Smartport Type Settings and Interface Settings pages For Voice VLAN configuration see the Voice VLAN section For LLDP CDP configuration see the Configuring LLDP and Configuring CDP sections respectively Properties To configure the Smartport feature globally STEP 1 Click Smartport Properties The Properties Page opens STEP 2 Enter the parameters Administrative Auto Smartport Select to g...

Страница 125: ... the switch Smartport Type Settings Use the Smartport Type Settings page to edit the Smartport Type settings and view the Macro Source By default each Smartport type is associated with a pair of built in Smartport macros See the Smartport Types page for further information on macro versus anti macro Built in or user defined macros can have parameters The built in macros have up to three parameters...

Страница 126: ...o Smartport will not apply the changes to interfaces that were statically assigned a Smartport type NOTE There is no method to validate macro parameters because they do not have a type association Therefore any entry is valid at this point However invalid parameter values may cause errors to occur when the Smartport type is assigned to an interface applying the associated macro Interface Settings ...

Страница 127: ...faces All Switches Routers and Wireless Access Points All Switches All Routers All Wireless Access Points If desired you can reapply the associated Smartport to all the interfaces that are already assigned with Smartport type switch router or wireless Access Points This step reapplies the macro to all interfaces which have been assigned to the selection in the area at the top of the page called Re...

Страница 128: ...iguration performed by the macro that failed This clean up must be done manually To assign a Smartport type to an interface or activate Auto Smartport on the interface STEP 1 Select an interface and click Edit The Edit Interface Settings page opens STEP 2 Click Reset to reset the interface of an unknown type before applying Auto Smartport or the desired Smartport type to the interface See the note...

Страница 129: ... If an interface is in Unknown status as a result of an unsuccessful macro application set it to Default and reapply the last macro that was run on it STEP 4 Click Apply to update the changes and assign the Smartport type to the interface Built in Smartport Macros The following describes the pair of built in macros for each Smartport type For each Smartport type there is a macro to configure the i...

Страница 130: ...on native_vlan The untag VLAN which will be configured on the port max_hosts The maximum number of allowed devices on the port Default Values are native_vlan Default VLAN max_hosts 10 the port type cannot be detected automatically the default mode is trunk smartport switchport trunk native vlan native_vlan port security max max_hosts port security mode max addresses port security discard trap 60 s...

Страница 131: ...cro description No Desktop no smartport switchport trunk native vlan smartport switchport trunk allowed vlan remove all no port security no port security mode no port security max no smartport storm control broadcast enable no smartport storm control broadcast level no smartport storm control include multicast spanning tree portfast auto ...

Страница 132: ...N which will be configured on the port Default Values are native_vlan Default VLAN the port type cannot be detected automatically switchport mode access switchport access vlan native_vlan single host port security max 1 port security mode max addresses port security discard trap 60 smartport storm control broadcast level 10 smartport storm control include multicast smartport storm control broadcas...

Страница 133: ...ide 125 9 no_printer no_printer macro description No printer no switchport access vlan no switchport mode no port security no port security mode no smartport storm control broadcast enable no smartport storm control broadcast level no smartport storm control include multicast spanning tree portfast auto ...

Страница 134: ...hich will be configured on the port Default Values are native_vlan Default VLAN the port type cannot be detected automatically switchport mode access switchport access vlan native_vlan single host port security max 1 port security mode max addresses port security discard trap 60 smartport storm control broadcast level 10 smartport storm control include multicast smartport storm control broadcast e...

Страница 135: ... Guide 127 9 no_guest no_guest macro description No guest no switchport access vlan no switchport mode no port security no port security mode no smartport storm control broadcast enable no smartport storm control broadcast level no smartport storm control include multicast spanning tree portfast auto ...

Страница 136: ...igured on the port max_hosts The maximum number of allowed devices on the port Default Values are native_vlan Default VLAN max_hosts 10 the port type cannot be detected automatically the default mode is trunk smartport switchport trunk native vlan native_vlan port security max max_hosts port security mode max addresses port security discard trap 60 smartport storm control broadcast level 10 smartp...

Страница 137: ...no_server no_server macro description No server no smartport switchport trunk native vlan smartport switchport trunk allowed vlan remove all no port security no port security mode no port security max no smartport storm control broadcast enable no smartport storm control broadcast level spanning tree portfast auto ...

Страница 138: ...osts The maximum number of allowed devices on the port Default Values are native_vlan Default VLAN max_hosts 10 the port type cannot be detected automatically the default mode is trunk smartport switchport trunk native vlan native_vlan port security max max_hosts port security mode max addresses port security discard trap 60 smartport storm control broadcast level 10 smartport storm control includ...

Страница 139: ...o description No host no smartport switchport trunk native vlan smartport switchport trunk allowed vlan remove all no port security no port security mode no port security max no smartport storm control broadcast enable no smartport storm control broadcast level no smartport storm control include multicast spanning tree portfast auto ...

Страница 140: ... native_vlan The untag VLAN which will be configured on the port Default Values are native_vlan Default VLAN switchport mode access switchport access vlan native_vlan single host port security max 1 port security mode max addresses port security discard trap 60 smartport storm control broadcast level 10 smartport storm control include multicast smartport storm control broadcast enable spanning tre...

Страница 141: ... 133 9 no_ip_camera no_ip_camera macro description No ip_camera no switchport access vlan no switchport mode no port security no port security mode no smartport storm control broadcast enable no smartport storm control broadcast level no smartport storm control include multicast spanning tree portfast auto ...

Страница 142: ...ce VLAN ID max_hosts The maximum number of allowed devices on the port Default Values are native_vlan Default VLAN voice_vlan 1 max_hosts 10 the default mode is trunk smartport switchport trunk allowed vlan add voice_vlan smartport switchport trunk native vlan native_vlan port security max max_hosts port security mode max addresses port security discard trap 60 smartport storm control broadcast le...

Страница 143: ...lan The voice VLAN ID Default Values are voice_vlan 1 smartport switchport trunk allowed vlan remove voice_vlan no smartport switchport trunk native vlan smartport switchport trunk allowed vlan remove all no port security no port security mode no port security max no smartport storm control broadcast enable no smartport storm control broadcast level no smartport storm control include multicast spa...

Страница 144: ...vlan The voice VLAN ID max_hosts The maximum number of allowed devices on the port Default Values are native_vlan Default VLAN voice_vlan 1 max_hosts 10 the default mode is trunk smartport switchport trunk allowed vlan add voice_vlan smartport switchport trunk native vlan native_vlan port security max max_hosts port security mode max addresses port security discard trap 60 smartport storm control ...

Страница 145: ...tion voice_vlan The voice VLAN ID Default Values are voice_vlan 1 smartport switchport trunk allowed vlan remove voice_vlan no smartport switchport trunk native vlan smartport switchport trunk allowed vlan remove all no port security no port security mode no port security max no smartport storm control broadcast enable no smartport storm control broadcast level no smartport storm control include m...

Страница 146: ...ords native_vlan voice_vlan macro key description native_vlan The untag VLAN which will be configured on the port voice_vlan The voice VLAN ID Default Values are native_vlan Default VLAN voice_vlan 1 the default mode is trunk smartport switchport trunk allowed vlan add all smartport switchport trunk native vlan native_vlan spanning tree link type point to point ...

Страница 147: ... Switch Administration Guide 139 9 no_switch no_switch macro description No switch macro keywords voice_vlan macro key description voice_vlan The voice VLAN ID no smartport switchport trunk native vlan smartport switchport trunk allowed vlan remove all no spanning tree link type ...

Страница 148: ...ription native_vlan The untag VLAN which will be configured on the port voice_vlan The voice VLAN ID Default Values are native_vlan Default VLAN voice_vlan 1 the default mode is trunk smartport switchport trunk allowed vlan add all smartport switchport trunk native vlan native_vlan smartport storm control broadcast level 10 smartport storm control broadcast enable spanning tree link type point to ...

Страница 149: ...r no_router macro description No router macro keywords voice_vlan macro key description voice_vlan The voice VLAN ID no smartport switchport trunk native vlan smartport switchport trunk allowed vlan remove all no smartport storm control broadcast enable no smartport storm control broadcast level no spanning tree link type ...

Страница 150: ...ative_vlan voice_vlan macro key description native_vlan The untag VLAN which will be configured on the port voice_vlan The voice VLAN ID Default Values are native_vlan Default VLAN voice_vlan 1 the default mode is trunk smartport switchport trunk allowed vlan add all smartport switchport trunk native vlan native_vlan spanning tree link type point to point ...

Страница 151: ... Smart Switch Administration Guide 143 9 no_ap no_ap macro description No ap macro keywords voice_vlan macro key description voice_vlan The voice VLAN ID no smartport switchport trunk native vlan smartport switchport trunk allowed vlan remove all no spanning tree link type ...

Страница 152: ...ted cable tests performed on copper cables by the Virtual Cable Tester VCT VCT performs two types of tests Time Domain Reflectometry TDR technology tests the quality and characteristics of a copper cable attached to a port Cables of up to 140 meters long can be tested These results are displayed in the Test Results block of the Copper Test page DSP based tests are performed on active GE links to m...

Страница 153: ... device are disrupted To test copper cables attached to ports STEP 1 Click Administration Diagnostics Copper Test The Copper Test page opens STEP 2 Select the port on which to run the test STEP 3 Click Copper Test STEP 4 When the message is displayed click OK to confirm that the link can go down or Cancel to abort the test The following fields are displayed in the Test Results block Last Update Ti...

Страница 154: ...med when the port speed is 10Mbit Sec Displaying Optical Module Status The Optical Module Status page displays the operating conditions reported by the SFP Small Form factor Pluggable transceiver Some information might not be available for SFPs that do not support the digital diagnostic monitoring standard SFF 8472 MSA compatible SFPs MSA compatible SFPs The following FE SFP 100Mbps transceivers a...

Страница 155: ...FP is operating Voltage SFP s operating voltage Current SFP s current consumption Output Power Transmitted optical power Input Power Received optical power Transmitter Fault Remote SFP reports signal loss Values are True False and No Signal N S Loss of Signal Local SFP reports signal loss Values are True and False Data Ready SFP is operational Values are True and False Configuring Port and VLAN Mi...

Страница 156: ...AN Mirroring The Port and VLAN Mirroring page opens This page displays the following fields Destination Port Port to which traffic is to be copied the analyzer port Source Interface Interface port or VLAN from which traffic is sent to the analyzer port Type Type of monitoring incoming to the port outgoing from the port or both Status Displays one of the following values Active Both source and dest...

Страница 157: ...chnology This section describes the Secure Core Technology SCT and how to view CPU usage The switch handles the following types of traffic in addition to end user traffic Management traffic Protocol traffic Snooping traffic Excessive traffic burdens the CPU and might prevent normal switch operation The switch uses the Secure Core Technology SCT feature to ensure that the switch will receive and pr...

Страница 158: ...ld displays the rate of input frames to the CPU per second STEP 3 Select CPU Utilization to enable viewing CPU resource utilization information The window displays a graph of the CPU utilization The Y axis is percentage of usage and the X axis is the sample number STEP 4 Select the Refresh Rate time period in seconds that passes before the statistics are refreshed A new sample is created for each ...

Страница 159: ...iority and Class PoE on the Switch A PoE switch is PSE Power Sourcing Equipment that delivers electrical power to connected PD Powered Devices over existing copper cables without interfering with the network traffic updating the physical network or modifying the network infrastructure PoE Features PoE Features PoE provides the following features Eliminates the need to run 110 220 V AC power to all...

Страница 160: ...ment PSE and the Powered Device PD commences after the Detection stage During negotiation the PD specifies its class which is the amount of maximum power that the PD consumes Power Consumption After the classification stage completes the PSE provides power to the PD If the PD supports PoE but without classification it is assumed to be class 0 the maximum If a PD tries to consume more power than pe...

Страница 161: ... consume too much and at what percent of the maximum power this trap is generated The PoE specific hardware automatically detects the PD class and its power limit according to the class of the device connected to each specific port Class Limit mode If at any time during the connectivity an attached PD requires more power from the switch than the configured allocation allows no matter if the switch...

Страница 162: ...ptions Port Limit The maximum power limit per each port is configured by the user Class Limit The maximum power limit per port is determined by the class of the device which results from the Classification stage Traps Enable or disable a SYSLOG trap Power Trap Threshold Enter the usage threshold that is a percentage of the power limit An alarm is initiated if the power exceeds this value The follo...

Страница 163: ...PoE Properties page When the power consumed on the port exceeds the class limit the port power is turned off In some cases the switch does not have enough power to supply all ports with their allowed power at once To resolve this problem assign both limits and priorities to the ports For example 15 4W is allowed on all 48 ports but only 24 ports can be supplied at one time due to power limits In t...

Страница 164: ...is field is displayed only if the Power Mode set in the PoE Properties page is Class Limit The class determines the power level Power Consumption Displays the amount of power in milliwatts assigned to the powered device connected to the selected interface Overload Counter Displays the total number of power overload occurrences Short Counter Displays the total number of power shortage occurrences D...

Страница 165: ...ices Configuring the PoE Power Priority and Class Cisco Small Business 200 1 1 Series Smart Switch Administration Guide 157 11 STEP 4 Click Apply The PoE settings for the port are defined and the Running Configuration file is updated ...

Страница 166: ... which they are connected VLAN Description Each VLAN is configured with a unique VID VLAN ID with a value from 1 to 4094 A port on a device in a bridged network is a member of a VLAN if it can send data to and receive data from the VLAN A port is an untagged member of a VLAN if all packets destined for that port into the VLAN have no VLAN tag A port is a tagged member of a VLAN if all packets dest...

Страница 167: ...t if Ingress Filtering is enabled and the ingress port is not a member of the VLAN to which the packet belongs A frame is regarded as priority tagged only if the VID in its VLAN tag is 0 Frames belonging to a VLAN remain within the VLAN This is achieved by sending or forwarding a frame only to egress ports that are members of the target VLAN An egress port may be a tagged or untagged member of a V...

Страница 168: ... a provider bridge network where the bridging is based on the S tag VID S VID only The S Tag is preserved while traffic is forwarded through the network service provider s infrastructure and is later removed by an egress device An additional benefit of QinQ is that there is no need to configure customers edge devices QinQ is enabled in the VLAN Management Interface Settings page VLAN Configuration...

Страница 169: ...ny special role such as unauthenticated VLAN or Voice VLAN If a port is no longer a member of any VLAN the switch automatically configures the port as an untagged member of the default VLAN A port is no longer a member of a VLAN if the VLAN is deleted or the port is removed from the VLAN When the VID of the default VLAN is changed the switch performs the following on all the ports in the VLAN afte...

Страница 170: ...ght corner of the window and save the Running Configuration to the Startup Configuration The Default VLAN ID After Reset becomes the Current Default VLAN ID after you reboot the switch Creating VLANs You can create a VLAN but this has no effect until the VLAN is attached to at least one port either manually or dynamically Ports must always belong to one or more VLANs The Cisco Sx200 Series switch ...

Страница 171: ...ingle VLAN or a range of VLANs STEP 3 To create a single VLAN select the VLAN radio button enter the VLAN ID VID and optionally the VLAN Name To create a range of VLANs select the Range radio button and specify the range of VLANs to be created by entering the Starting VID and Ending VID inclusive When using the Range function the maximum number of VLANs you can create at one time is 100 STEP 4 Cli...

Страница 172: ...eir own VLAN arrangements PVID across the provider network The switch will be in Q in Q mode when it has one or more customer ports See QinQ Administrative PVID Enter the Port VLAN ID PVID of the VLAN to which incoming untagged and priority tagged frames are classified The possible values are 1 to 4094 Frame Type Select the type of frame that the interface can receive Frames that are not of the co...

Страница 173: ...AN aware devices should be to the same VLAN In other words the PVID on the ports between the two devices must be the same if the ports are to send and receive untagged packets to and from the VLAN Otherwise traffic might leak from one VLAN to another VLAN tagged frames can pass through VLAN aware or VLAN unaware network interconnection devices If a destination end node is VLAN unaware but is to re...

Страница 174: ...agged The interface is a tagged member of the VLAN Untagged The interface is an untagged member of the VLAN Frames of the VLAN are sent untagged to the interface VLAN PVID Select to set the PVID of the interface to the VID of the VLAN PVID is a per port setting STEP 4 Click Apply The interfaces are assigned to the VLAN and written to the Running Configuration file You can continue to display and o...

Страница 175: ...he Join VLAN button The Join VLAN To Port page opens STEP 4 Enter the values for the following fields Interface Select a Port or LAG Mode Displays the port VLAN mode that was selected in the Interface Settings page Select VLAN To associate a port with a VLAN s move the VLAN ID s from the left list to the right list by using the arrow buttons The default VLAN might appear in the right list if it is...

Страница 176: ...ace is in access mode or trunk mode the switch automatically makes the interface an untagged member of the VLAN If the interface is in general mode you must manually configure VLAN membership STEP 5 Click Apply The settings are modified and written to the Running Configuration file STEP 6 To see the administrative and operational VLANs on an interface click Details ...

Страница 177: ...opriate configurations UC3xx UC5xx hosted All Cisco phones and VoIP endpoints support this deployment model For this model the UC3xx UC5xx Cisco phones and VoIP endpoints reside in the same voice VLAN The voice VLAN of UC3xx UC5xx defaults to VLAN 100 Third party IP PBX hosted Cisco SBTG CP 79xx SPA5xx phones and SPA8800 endpoints support this deployment model In this model the VLAN used by the ph...

Страница 178: ...o Smartports enabled Dynamic Voice VLAN Modes The switch supports two dynamic voice VLAN modes They are Telephony OUI Organization Unique Identifier mode and Auto Voice VLAN mode The two modes affect how voice VLAN and or voice VLAN port memberships are configured The two modes are mutually exclusive to each other Telephony OUI In Telephony OUI mode the voice VLAN must be a manually configured VLA...

Страница 179: ...one endpoint may obtain the voice VLAN in the boot file it downloads from a TFTP server A DHCP server may specify the boot file and the TFTP server when it assigns an IP address to the phone A phone endpoint may obtain the voice VLAN information from CDP and LLDP MED advertisements it receives from their neighbor voice systems and switches The switch expects the attaching voice devices to send voi...

Страница 180: ...VLAN out of the box It also applies to unconfigured switches that have been upgraded to the firmware version that supports Auto Voice VLAN NOTE The defaults and the voice VLAN triggers are designed to have no affect on any installations without a voice VLAN and on switches that have already been configured You may manually disable and enable Auto Voice VLAN and or Auto Smartport to fit your deploy...

Страница 181: ...ates it and replaces all the port memberships of the existing voice VLAN to the new voice VLAN This may interrupt or terminate existing voice sessions which is expected when network topology is altered NOTE If the switch is in Layer 2 mode it can synchronize with only VSDP capable switches in the same management VLAN If the switch is in layer 3 mode it can synchronize with VSDP capable switches th...

Страница 182: ...2 1p value found in the voice stream For Telephony OUI voice streams the user can override the quality of service and optionally remark the 802 1p of the voice streams by specifying the desired CoS 802 1p values and using the remarking option under Telephony OUI Voice VLAN Constraints The following constraints exist Only one Voice VLAN is supported A VLAN that is defined as a Voice VLAN cannot be ...

Страница 183: ...e VLAN to Enable Auto Voice VLAN STEP 4 Select the Auto Voice VLAN Activation method NOTE If the device is currently in Telephony OUI mode you must disable it before you can configure Auto Voice Vlan STEP 5 Click Apply STEP 6 Configure Smartports as described in the Common Smartport Tasks section STEP 7 Configure LLDP CDP as described in the Configuring LLDP and Configuring CDP sections respective...

Страница 184: ...nagement Voice VLAN Properties The Properties page opens The voice VLAN settings configured on the switch are displayed in the Voice VLAN Settings Administrative Status block The voice VLAN settings that are actually being applied to the voice VLAN deployment are displayed in the Voice VLAN Settings Operational Status block STEP 2 Enter values for the following fields Voice VLAN ID Enter the VLAN ...

Страница 185: ...oice VLAN Trigger Auto Voice VLAN on the switch is activated and put into operation only if the switch detects a device advertising the voice VLAN NOTE Manually re configuring the voice VLAN ID CoS 802 1p and or DSCP from their default values will result in a static voice VLAN which has higher priority than auto voice VLAN that was learned from external sources STEP 3 Click Apply The VLAN properti...

Страница 186: ...that discovers or is configured with the voice VLAN from which the voice VLAN is learned Switch MAC Address Base MAC address of the switch If the device s Switch MAC address is the Root Switch MAC Address the device is the Auto Voice VLAN root device Voice VLAN ID Change Time Last time that voice VLAN was updated STEP 2 Click Restart Auto Voice VLAN to reset the voice VLAN to the default voice VLA...

Страница 187: ...UI page to configure Telephony OUI QoS properties In addition the Auto Membership Aging time can be configured If the specified time period passes with no telephony activity the port is removed from the Voice VLAN Use the Telephony OUI page to view existing OUIs and add new OUIs To configure Telephony OUI and or add a new Voice VLAN OUI STEP 1 Click VLAN Management Voice VLAN Telephony OUI The Tel...

Страница 188: ...ollowing fields Telephony OUI Enter a new OUI Description Enter an OUI name STEP 6 Click Apply The OUI is added to the Telephony OUI Table Adding Interfaces to Voice VLAN on Basis of OUIs The QoS attributes can be assigned per port to the voice packets in one of the following modes All Quality of Service QoS values configured to the Voice VLAN are applied to all of the incoming frames that are rec...

Страница 189: ...e VLAN click Edit The Edit Interface Settings page opens STEP 3 Enter the values for the following fields Interface Select an interface Telephony OUI VLAN Membership If enabled the interface is a candidate port of the telephony OUI based voice VLAN When packets that match one of the configured telephony OUI are received the port is added to the voice VLAN Voice VLAN QoS Mode Select one of the foll...

Страница 190: ...uring STP Status and Global Settings Defining Spanning Tree Interface Settings Configuring Rapid Spanning Tree Settings STP Flavors Loops occur when alternate routes exist between hosts Loops in an extended network can cause Layer 2 switches to forward traffic indefinitely resulting in increased traffic and reduced network efficiency STP provides a tree topology for any arrangement of Layer 2 swit...

Страница 191: ...erface Settings page and RSTP Interface Settings page to configure ports with these modes respectively To set STP status and global settings STEP 1 Click Spanning Tree STP Status and Global Settings The STP Status and Global Settings page displays STEP 2 Enter the parameters Global Settings Spanning Tree State Enable or disable STP on the switch STP Operation Mode Select an STP mode BPDU Handling ...

Страница 192: ...eiving a configuration message before attempting to redefine its own configuration Forward Delay Set the interval in seconds that a bridge remains in a learning state before forwarding packets For more information refer to Defining Spanning Tree Interface Settings Designated Root Bridge ID The bridge priority concatenated with the MAC address of the switch Root Bridge ID The Root Bridge priority c...

Страница 193: ...LAG on which Spanning Tree is configured STP Enables or disables STP on the port Edge Port Enables or disables Fast Link on the port If Fast Link mode is enabled for a port the port state is automatically placed in the Forwarding state when the port link is up Fast Link optimizes the STP protocol convergence The options are Enable Enables Fast Link immediately Auto Enables Fast Link a few seconds ...

Страница 194: ...g mode The port cannot forward traffic and cannot learn MAC addresses Learning The port is in Learning mode The port cannot forward traffic but it can learn new MAC addresses Forwarding The port is in Forwarding mode The port can forward traffic and learn new MAC addresses Designated Bridge ID Displays the bridge priority and the MAC address of the designated bridge Designated Port ID Displays the...

Страница 195: ...ol Migration to run a Protocol Migration test This discovers whether the link partner using STP still exists and if so whether it has migrated to RSTP If it still exists as an STP link the device continues to communicate with it by using STP Otherwise if it has been migrated to RSTP the device communicates with it using RSTP STEP 5 Select an interface and click Edit The Edit Rapid Spanning Tree pa...

Страница 196: ...cted to a shared segment Disabled The port is not participating in Spanning Tree Mode Displays the current Spanning Tree mode Classic STP or RSTP Fast Link Operational Status Displays whether the Fast Link Edge Port is enabled disabled or automatic for the interface The values are Enabled Fast Link is enabled Disabled Fast Link is disabled Auto Fast Link mode is enabled a few seconds after the int...

Страница 197: ...Configuring the Spanning Tree Protocol Configuring Rapid Spanning Tree Settings Cisco Small Business 200 1 1 Series Smart Switch Administration Guide 189 13 MSTP Workflow ...

Страница 198: ...nd the frame is marked for egress on a specific port based on the search of the tables Frames addressed to a destination MAC address that is not found in the tables are flooded to all the ports on the relevant VLAN These frames are called Unknown Unicast Frames The switch supports a maximum of 8 000 static and dynamic MAC addresses This section contains information for defining both static and dyn...

Страница 199: ...aged out of the table Delete on timeout The MAC address is deleted when aging occurs Secure The MAC address is secure when the interface is in classic locked mode STEP 4 Click Apply A new entry is made in the table Dynamic MAC Addresses The Dynamic Address Table contains the MAC addresses acquired by monitoring the source addresses of traffic entering the switch When the destination address for in...

Страница 200: ...namic Addresses To view all dynamic addresses or a subset STEP 1 Click MAC Address Tables Dynamic Addresses The Dynamic Addresses page opens STEP 2 In the Filter block enter the following query criteria VLAN ID Enter the VLAN ID for which the table is queried MAC Address Enter the MAC address for which the table is queried Interface Select the interface for which the table is queried The query can...

Страница 201: ...Managing MAC Address Tables Dynamic MAC Addresses Cisco Small Business 200 1 1 Series Smart Switch Administration Guide 193 14 Click Clear Table to delete all of the dynamic MAC addresses ...

Страница 202: ...ticast Router Ports Defining Forward All Multicast Defining Unregistered Multicast Settings Multicast Forwarding Multicast forwarding enables one to many information dissemination Multicast applications are useful for dissemination of information to multiple clients where clients do not require reception of the entire content A typical application is a cable TV like service where clients can join ...

Страница 203: ... snooping and a Multicast client that wants to receive a Multicast stream In this setup the router sends IGMP queries periodically NOTE MLD for IPv6 is derived from the IGMP v2 for IPv4 Even though the description in this section is mostly for IGMP it also describes coverage of MLD where implied These queries reach the switch which in turn floods the queries to the VLAN and also learns the port wh...

Страница 204: ... Group Address G of the Multicast packet One of these options can be configured per VLAN The system maintains lists of Multicast groups for each VLAN and this manages the Multicast information that each port should receive The Multicast groups and their receiving ports can be configured statically or learned dynamically using IGMP or Multicast Listener Discovery MLD protocols snooping Multicast Re...

Страница 205: ...es Each IPv4 Multicast address is in the address range 224 0 0 0 to 239 255 255 255 The IPv6 Multicast address is FF00 8 To map an IP Multicast group address to an Layer 2 Multicast address For IPv4 this is mapped by taking the 23 low order bits from the IPv4 address and adding them to the 01 00 5e prefix By standard the upper nine bits of the IP address are ignored and any IP addresses that only ...

Страница 206: ...ata and G is the IPv4 or IPv6 group address If a Multicast client can receive Multicast traffic from any source of a specific Multicast group this is written as G The following are ways of forwarding Multicast frames MAC Group Address Based on the destination MAC address in the Ethernet frame NOTE As mentioned before one or more IP Multicast group addresses can be mapped to a MAC group address For...

Страница 207: ...ch supports forwarding incoming Multicast traffic based on the Multicast group information This information is derived from the IGMP MLD packets received or as the result of manual configuration and it is stored in the Multicast Forwarding Database MFDB When a frame is received from a VLAN that is configured to forward Multicast streams based on MAC group addresses and its destination address is a...

Страница 208: ... this page and in the IP Multicast Group Address page are displayed For those created in the IP Multicast Group Address page the IP addresses are converted to MAC addresses STEP 4 Click Add to add a static MAC Group Address The Add MAC Group Address page opens STEP 5 Enter the parameters VLAN ID Defines the VLAN ID of the new Multicast group MAC Group Address Defines the MAC address of the new Mul...

Страница 209: ...cannot be deleted in this page even if they are selected Adding IP Multicast Group Addresses The IP Multicast Group Address page is similar to the MAC Group Address page except that Multicast groups are identified by IP addresses The IP Multicast Group Address page enables querying and adding IP Multicast groups To define and view IP Multicast groups STEP 1 Click Multicast IP Multicast Group Addre...

Страница 210: ...rce Specific Indicates that the entry contains a specific source and adds the address in the IP Source Address field If not the entry is added as a G entry an IP group address from any IP source IP Source Address Defines the source address to be included STEP 6 Click Apply The IP Multicast group is added and the device is updated STEP 7 To configure and display the registration of an IP group addr...

Страница 211: ...switch forwards Multicast frames to ports that have registered Multicast clients NOTE The switch supports IGMP Snooping only on static VLANs It does not support IGMP Snooping on dynamic VLANs When IGMP Snooping is enabled globally or on a VLAN all IGMP packets are forwarded to the CPU The CPU analyzes the incoming packets and determines the following Which ports are asking to join which Multicast ...

Страница 212: ...us Enable or disable the monitoring of network traffic for the selected VLAN Operational IGMP Snooping Status Displays the current status of the IGMP Snooping for the selected VLAN MRouter Ports Auto Learn Enable or disable auto learning of the ports to which the Mrouter is connected Query Robustness Enter the Robustness Variable value to be used if this switch is the elected querier Operational Q...

Страница 213: ... IGMP Group Leave message is received on that port STEP 5 Click Apply The Running Configuration file is updated MLD Snooping When IGMP MLD snooping is enabled in a switch on a VLAN it analyzes the IGMP MLD packets it receives from the VLAN connected to the switch and from the Multicast routers in the network When a switch learns that a host is using IGMP MLD messages to register to receive a Multi...

Страница 214: ...ion Multicast addresses MLDv2 snooping uses MLDv2 control packets to forward traffic based on the source IPv6 address and the destination IPv6 Multicast address The actual MLD version is selected by the Multicast router in the network In an approach similar to IGMP snooping MLD frames are snooped as they are forwarded by the switch from stations to an upstream Multicast router and vice versa This ...

Страница 215: ...oping and Bridge Multicast filtering are both enabled Operational MLD Snooping Status Displays the current status of MLD Snooping for the selected VLAN MRouter Ports Auto Learn Enable or disable Auto Learn for the Multicast router Query Robustness Enter the Robustness Variable value to be used if the switch cannot read this value from messages sent by the elected querier Operational Query Robustne...

Страница 216: ...h port STEP 5 Click Apply The Running Configuration file is updated Querying IGMP MLD IP Multicast Group The IGMP MLD IP Multicast Group page displays the IPv4 and IPv6 group address learned from IGMP MLD messages There might be a difference between information on this page and for example information displayed in the MAC Group Address page Assuming that the system is in MAC based groups and a por...

Страница 217: ...up address Defining Multicast Router Ports A Multicast router Mrouter port is a port that connects to a Multicast router The switch includes the Multicast router port s when it forwards the Multicast streams and IGMP MLD registration messages This is required so that the Multicast routers can in turn forward the Multicast streams and propagate the registration messages to other subnets To statical...

Страница 218: ...uter port STEP 5 Click Apply to update the switch Defining Forward All Multicast The Forward All page enables and displays the configuration of the ports and or LAGs that are to receive Multicast streams from a specific VLAN This feature requires that Bridge Multicast filtering in the Properties page be enabled If it is disabled then all Multicast traffic is flooded to ports in the switch You can ...

Страница 219: ...lly configured Multicast groups that were either dynamically learned or statically configured are considered registered The switch forwards Multicast frames from a registered Multicast group only to ports that are registered to that Multicast group The Unregistered Multicast page enables handling Multicast frames that belong to groups that are not known to the switch unregistered Multicast groups ...

Страница 220: ... Multicast Displays the forwarding status of the selected interface The possible values are Forwarding Enables forwarding of unregistered Multicast frames to the selected interface Filtering Enables filtering rejecting of unregistered Multicast frames to the selected interface STEP 3 Click Apply The settings are saved and the Running Configuration file is updated ...

Страница 221: ...e Layer 3 capabilities Layer 2 IP Addressing Layer 2 IP Addressing The switch has a single IP address in the management VLAN This IP address and the default gateway can be configured manually or by DHCP The static IP address and default gateway are configured on the IPv4 Interface page The switch uses the default gateway if configured to communicate with devices that are not in the same IP subnet ...

Страница 222: ...n be configured with a static or dynamic IP address The IP subnets to which these IP addresses belong are known as directly connected attached IP subnets The IP address assignment rules for the switch are as follows Unless the switch is configured with a static IP address it issues DHCP queries until a response is received from a DHCP server If the IP address on the switch is changed the switch is...

Страница 223: ... telnet or the Web GUI VLAN1 is the default Management VLAN IP Address Type Select one of the following options Dynamic Discover the IP address using DHCP from the management VLAN Static Manually define a static IP address If a static IP address is used configure the following fields IP Address Enter the IP address and configure one of the following fields Mask Select and enter the IP address mask...

Страница 224: ...otocol version 6 IPv6 is a network layer protocol for packet switched internetworks IPv6 was designed to replace IPv4 the predominantly deployed Internet protocol IPv6 introduces greater flexibility in assigning IP addresses because the address size increases from 32 bit to 128 bit addresses IPv6 addresses are written as eight groups of four hexadecimal digits for example FE80 0000 0000 0000 0000 ...

Страница 225: ... per interval STEP 3 Click Apply The IPv6 global parameters are defined and the Running Configuration file is updated Defining an IPv6 Interface The IPv6 Interfaces page displays the switch s IPv6 interface parameters and enables configuring this interface An IPv6 interface can be configured on a port a LAG VLAN or ISATAP tunnel interface The switch supports one IPv6 interface as an IPv6 end devic...

Страница 226: ...orts IPv6 stateless address auto configuration of site local and global IP address from the IPv6 router advertisement received on the interface The switch does not support stateful address auto configuration Send ICMPv6 Messages Enable generating unreachable destination messages STEP 5 Click Apply to enable IPv6 processing on the selected interface Regular IPv6 interfaces have the following addres...

Страница 227: ... IPV6 type that is visible and reachable from other networks IPv6 Address The switch supports one IPv6 interface In addition to the default link local and Multicast addresses the device also automatically adds global addresses to the interface based on the router advertisements it receives The device supports a maximum of 128 addresses at the interface Each address must be a valid IPv6 address tha...

Страница 228: ...e removed An alert message is displayed after an attempt is made to insert more than a single user defined address An alert message is displayed when attempting to insert a non link local type address meaning fe80 To define a default router STEP 1 Click Administration Management Interface Layer 2 IPv6 Default Router List The IPv6 Default Router List page opens This page displays the following fiel...

Страница 229: ... the Running Configuration file is updated Configuring IPv6 Tunnels The ISATAP Intra Site Automatic Tunnel Addressing Protocol enables encapsulating IPv6 packets within IPv4 packets for transmission over IPv4 networks To configure a tunnel do the following Manually enable and configure an ISATAP tunnel Manually define an IPv6 interface for the ISATAP tunnel After these actions the switch automatic...

Страница 230: ... None Disable the ISATAP tunnel Manual Manually configure an IPv4 address The IPv4 address configured must be one of the IPv4 addresses at the switch IPv4 interfaces Tunnel Router s Domain Name A global string that represents a specific automatic tunnel router domain name The name can either be the default name ISATAP or a user defined name Query Interval The number of seconds from 10 3600 between...

Страница 231: ...plays the neighbors that were automatically detected or manually configured entries Each entry displays to which interface the neighbor is connected the neighbor s IPv6 and MAC addresses the entry type static or dynamic and the state of the neighbor To define IPv6 neighbors STEP 1 Click Administration Management Interface Layer 2 IPv6 Neighbors The IPv6 Neighbors page opens STEP 2 Select a Clear T...

Страница 232: ... The neighboring IPv6 interface to be added IPv6 Address Enter the IPv6 network address assigned to the interface The address must be a valid IPv6 address MAC Address Enter the MAC address mapped to the specified IPv6 address STEP 5 Click Apply The Running Configuration file is updated STEP 6 To change the type of an IP address from Dynamic to Static use the Edit IPv6 Neighbors page Viewing IPv6 R...

Страница 233: ... forwarded Typically this is the address of a neighboring router This must be a link local address Metric Value used for comparing this route to other routes with the same destination in the IPv6 router table All default routes have the same value Life Time Time period during which the packet can be sent and resent before being deleted Route Type How the destination is attached and the method used...

Страница 234: ...t The switch creates dynamic addresses from the ARP packets it receives Dynamic addresses age out after a configured time NOTE The IP MAC address mapping information in the ARP Table is used by the switch to forward traffic originated by the switch To define the ARP tables STEP 1 Click IP Configuration ARP Layer 2 The ARP Table page opens STEP 2 Enter the parameters ARP Entry Age Out Enter the num...

Страница 235: ...Click Add The Add ARP Entry page opens STEP 5 Enter the parameters IP Version The IP address format supported by the host Only IPv4 is supported Interface IPv4 interface on the switch There is only one directly connected IP subnet which is always in the management VLAN All the static and dynamic addresses in the ARP Table reside in the management VLAN IP Address Enter the IP address of the local d...

Страница 236: ...ons DHCP The default domain name is dynamically assigned by the DHCP server Static The default domain name is user defined N A No default domain name DNS Server Table DNS Server The IP addresses of the DNS servers Up to eight DNS servers can be defined Server State The active DNS server There can be only one active server Each static server has a priority a lower value means a higher priority When...

Страница 237: ...gh VLAN2 or ISATAP DNS Server IP Address Enter the DNS server IP address Set DNS Server Active Select to activate the new DNS server STEP 6 Click Apply The DNS server is added and the Running Configuration file is updated Mapping DNS Hosts The switch saves frequently queried domain names acquired from the DNS servers in a local DNS cache The cache can hold up to 64 static entries 64 dynamic entrie...

Страница 238: ... is not routable and can be used for communication only on the local network Only one link local address is supported If a link local address exists on the interface this entry replaces the address in the configuration Global The IPv6 address is a global Unicast IPV6 type that is visible and reachable from other networks Link Local Interface If the IPv6 address type is Link Local select whether it...

Страница 239: ... administer the switch is described in the following sections Setting Password Complexity Rules Configuring RADIUS Parameters Configuring Management Access Authentication Defining Access Profiles Configuring TCP UDP Services Protection from attacks directed at the switch CPU is described in the following sections Configuring TCP UDP Services Defining Storm Control Access control of end users to th...

Страница 240: ...omplex enough Password Complexity Settings are enabled in the Password Strength page you will be prompted to create another password Setting User Accounts Setting User Accounts The User Accounts page enables entering additional users that are permitted to access to the switch read only or read write or changing the passwords of existing users NOTE It is not permitted to delete all users If all use...

Страница 241: ...y hazards Therefore password complexity requirements are enforced by default and may be configured as necessary Password complexity requirements are configured on the Password Strength page reached through the Security drop down menu Additionally password aging time may be configured on this page To define password complexity rules STEP 1 Click Security Password Strength The Password Strength page...

Страница 242: ...anging the case of the characters STEP 4 If the Password Complexity Settings are enabled the following parameters may be configured Minimal Password Length Enter the minimal number of characters required for passwords NOTE A zero length password no password is allowed and can still have password aging assigned to it Minimal Number of Character Classes Enter the number of character classes which mu...

Страница 243: ...se fields IP Version Displays the supported IP version IPv6 and or IPv4 subnet Retries Enter the number of transmitted requests that are sent to the RADIUS server before a failure is considered to have occurred Timeout for Reply Enter the number of seconds that the switch waits for an answer from the RADIUS server before retrying the query or switching to the next server Dead Time Enter the number...

Страница 244: ... authenticating and encrypting communication between the switch and the RADIUS server This key must match the key configured on the RADIUS server If this field is left blank the switch attempts to authenticate to the RADIUS server by using the default Key String Timeout for Reply Enter the number of seconds the switch waits for an answer from the RADIUS server before retrying the query or switchin...

Страница 245: ...ied in priority order and do not reply the user is authenticated locally If an authentication method fails or the user has insufficient privilege level the user is denied access to the switch In other words if authentication fails at an authentication method the switch stops it does not continue and does not attempt to use the next authentication method To define authentication methods for an acce...

Страница 246: ...thods are given management access to the switch There can only be a single access profile active on the switch at one time Access profiles consist of one or more rules The rules are executed in order of their priority within the access profile top to bottom Rules are composed of filters that include the following elements Access Methods Methods for accessing and managing the switch Hypertext Trans...

Страница 247: ... the active access profile select a profile from the Active Access Profile drop down menu and click Apply This makes the chosen profile the active access profile NOTE Some 200 Series switches only support web access The profile you define may be customized according to a set of settings provided in Access Profile entry but ultimately will only provide web access console or any other methods SSH Te...

Страница 248: ...rface attached to the rule The options are All Applies to all ports VLANs and LAGs User Defined Applies to selected interface Interface Enter the interface number if User Defined was selected Applies to Source IP Address Select the type of source IP address to which the access profile applies The Source IP Address field is valid for a subnetwork Select one of the following values All Applies to al...

Страница 249: ... example you can limit access to the switch from all IP addresses except IP addresses that are allocated to the IT management center In this way the switch can still be managed and has gained another layer of security To add profile rules to an access profile STEP 1 Click Security Mgmt Access Method Profile Rules The Profiles Rules page displays STEP 2 Select the Filter field and an access profile...

Страница 250: ...ed Applies only to the port VLAN or LAG selected Interface Enter the interface number Applies to Source IP Address Select the type of source IP address to which the access profile applies The Source IP Address field is valid for a subnetwork Select one of the following values All Applies to all types of IP addresses User Defined Applies to only those types of IP addresses defined in the fields IP ...

Страница 251: ...vice Indicates whether the HTTP service is enabled or disabled HTTPS Service Indicates whether the HTTPS service is enabled or disabled The TCP Service Table displays the following fields for each service Service Name Access method through which the switch is offering the TCP service Type IP protocol the service uses Local IP Address Local IP address through which the switch is offering the servic...

Страница 252: ...orm Storm protection enables you to limit the number of frames entering the switch and to define the types of frames that are counted towards this limit When a threshold is entered in the system the port discards traffic after that threshold is reached The port remains blocked until the traffic rate drops below this threshold It then resumes normal forwarding To define Storm Control STEP 1 Click S...

Страница 253: ...ck Apply Storm control is modified and the Running Configuration file is updated Configuring Port Security Network security can be increased by limiting access on a port to users with specific MAC addresses The MAC addresses can be either dynamically learned or statically configured Port security monitors received and learned packets Access to locked ports is limited to users with specific MAC add...

Страница 254: ... related traps not generated through SNMP NOTE If you want to use 802 1X on a port it must be in multiple host or multi session mode Port security on a port cannot be set if the port is in single mode see the 802 1x Host and Session Authentication page To configure port security STEP 1 Click Security Port Security The Port Security page displays STEP 2 Select an interface to be modified and click ...

Страница 255: ...ithout learning the MAC address Shutdown Discards packets from any unlearned source and shuts down the port The port remains shut down until reactivated or until the switch is rebooted Trap Select to enable traps when a packet is received on a locked port This is relevant for lock violations For Classic Lock this is any new address received For Limited Dynamic Lock this is any new address that exc...

Страница 256: ... single host In this mode the switch as an authenticator supports a single 802 1x session and grants permission to use the port to the authorized supplicant All access by other devices received from the same port are denied until the authorized supplicant is no longer using the port or the access is to the unauthenticated VLAN Single session multiple hosts This follows the 802 1x standard In this ...

Страница 257: ...obally enable 802 1X and define how ports will be authenticated For 802 1X to function it must be activated both globally and individually on each port To define port based authentication STEP 1 Click Security 802 1X Properties The 802 1X Properties page displays STEP 2 Enter the parameters Port Based Authentication Enable or disable port based 802 1X authentication Authentication Method Select th...

Страница 258: ...s page displays authentication settings for all ports STEP 2 Select a port and click Edit The Edit Port Authentication page displays STEP 3 Enter the parameters Interface Select a port User Name Displays the username of the port Current Port Control Displays the current port authorization state If the state is Authorized the port is either authenticated or the Administrative Port Control is Force ...

Страница 259: ...t in Force Unauthorized it is in Auto Mode and the authenticator displays the state of the authentication in progress After the port is authenticated the state is shown as Authenticated Quiet Period Enter the number of seconds that the switch remains in the quiet state following a failed authentication exchange Resending EAP Enter the number of seconds that the switch waits for a response to an Ex...

Страница 260: ...d all attached clients are denied access to the network Multiple Sessions Enables the number of specific authorized hosts to access the port Each host is treated as if it were the first and only user and must be authenticated Filtering is based on the source MAC address To define 802 1X advanced settings for ports STEP 1 Click Security 802 1X Host and Session Authentication The Host and Session Au...

Страница 261: ...ibed above in Defining Host and Session Authentication NOTE The following fields are only relevant if you select Single in the Host Authentication field Action on a Single Host Violation Select the action to be applied to packets arriving in Single Session Single Host mode from a host whose MAC address is not the supplicant MAC address The options are Discard Discards the packets Forward Forwards ...

Страница 262: ...last session was authenticated The options are None No authentication is applied it is automatically authorized RADIUS Supplicant was authenticated by a RADIUS server MAC Address Displays the supplicant MAC address STEP 2 Click Apply The settings are defined and the Running Configuration file is updated Denial of Service Prevention Denial of Service DoS Prevention increases network security by pre...

Страница 263: ...al of Service Security Suite Settings page Details button Denial of Service Security Suite Settings NOTE Before activating DoS Prevention you must unbind all Access Control Lists ACLs or advanced QoS policies that are bound to a port ACL and advanced QoS policies are not active when a port has DoS Protection enabled on it To configure DoS Prevention global settings and monitor SCT STEP 1 Click Sec...

Страница 264: ... Quality of Service feature is applied throughout the network to ensure that network traffic is prioritized according to required criteria and the desired traffic receives preferential treatment This section contains the following topics QoS Features and Components Configuring QoS General Managing QoS Statistics ...

Страница 265: ... as a function of the traffic class to which they belong Other Traffic Class Handling Attribute Applies QoS mechanisms to various classes including bandwidth management QoS Operation When using the QoS feature all traffic of the same class receives the same treatment which consists of a single QoS action of determining the egress queue on the egress port based on the indicated QoS value in the inc...

Страница 266: ...put into the egress queues based on the their DSCP TC value STEP 5 Designate an egress queue to each CoS 802 1p priority If the switch is in CoS 802 1 trusted mode all incoming packets will be put into the designated egress queues according to the CoS 802 1p priority in the packets This is done by using the CoS 802 1p to Queue page STEP 6 Enter bandwidth and rate limits in the following pages a Se...

Страница 267: ...Defaults to restore the factory CoS default setting for this interface STEP 6 Click DSCP Override Table to enter the DSCP values The DSCP Override Table opens STEP 7 DSCP In displays the DSCP value of the incoming packet that needs to be re marked to an alternative value Select the new DSCP value to override the incoming value Select Restore Defaults to restore the factory DSCP values STEP 8 Click...

Страница 268: ... or LAG to display the list of ports or LAGs The list of ports LAGs is displayed QoS State displays whether QoS is enabled on the interface STEP 3 Select an interface and click Edit The Edit QoS Interface Settings opens STEP 4 Select the Port or LAG interface STEP 5 Click to enable or disable QoS State for this interface STEP 6 Click Apply The Running Configuration file is updated Configuring QoS ...

Страница 269: ...ir quota has been used up and then another queue is serviced It is also possible to assign some of the lower queues to WRR while keeping some of the higher queues in strict priority In this case traffic for the strict priority queues is always sent before traffic from the WRR queues Only after the strict priority queues have been emptied is traffic from the WRR queues forwarded The relative portio...

Страница 270: ... 1p priority assigned to the ingress ports Default Mapping Queues By changing the CoS 802 1p to Queue mapping and the Queue schedule method and bandwidth allocation it is possible to achieve the desired quality of services in a network CoS 802 1p to Queue mapping is applicable only if CoS 802 1p is the trusted mode and the packets belong to flows that are CoS trusted 802 1p Values 0 7 7 being the ...

Страница 271: ...iority egress queue and Queue1 is the lowest priority STEP 3 For each 802 1p priority select the Output Queue to which it is mapped STEP 4 Click Apply 801 1p priority values to queues are mapped and the Running Configuration file is updated Mapping DSCP to Queue The DSCP IP Differentiated Services Code Point to Queue page maps DSCP to egress queues The DSCP to Queue Table determines the egress que...

Страница 272: ...e ingress rate limit is the number of bits per second that can be received from the ingress interface Excess bandwidth above this limit is discarded The following values are entered for egress shaping Committed Information Rate CIR sets the average maximum amount of data allowed to be sent on the egress interface measured in bits per second Committed Burst Size CBS is the burst of data that is all...

Страница 273: ...mit STEP 5 Click Apply The bandwidth settings are modified and the Running Configuration file is updated Configuring Egress Shaping per Queue In addition to limiting transmission rate per port which is done in the Bandwidth page the switch can limit the transmission rate of selected egressing frames on a per queue per port basis Egress rate limiting is performed by shaping the output load The swit...

Страница 274: ...ter the maximum rate CIR in Kbits per second Kbps CIR is the average maximum amount of data that can be sent Committed Burst Size CBS Enter the maximum burst size CBS in bytes CBS is the maximum burst of data allowed to be sent even if a burst exceeds CIR STEP 6 Click Apply The bandwidth settings are modified and the Running Configuration file is updated Workflow to Configure Basic QoS Mode Managi...

Страница 275: ... statistics are refreshed The available options are No Refresh Statistics are not refreshed 15 Sec Statistics are refreshed every 15 seconds 30 Sec Statistics are refreshed every 30 seconds 60 Sec Statistics are refreshed every 60 seconds Counter Set The options are Set 1 Displays the statistics for Set 1 that contains all interfaces and queues with a high DP Drop Precedence Set 2 Displays the sta...

Страница 276: ... contains all interfaces and queues with a low DP Interface Select the ports for which statistics are displayed The options are Port Selects the port on the selected unit number for which statistics are displayed All Ports Specifies that statistics are displayed for all ports Queue Select the queue for which statistics are displayed Drop Precedence Enter drop precedence that indicates the probabil...

Страница 277: ...Configuring Quality of Service Managing QoS Statistics Cisco Small Business 200 1 1 Series Smart Switch Administration Guide 267 18 ...

Страница 278: ...Configuring Quality of Service Managing QoS Statistics Cisco Small Business 200 1 1 Series Smart Switch Administration Guide 268 18 ...

Страница 279: ...Configuring Quality of Service Managing QoS Statistics Cisco Small Business 200 1 1 Series Smart Switch Administration Guide 269 18 ...

Страница 280: ...Configuring Quality of Service Managing QoS Statistics Cisco Small Business 200 1 1 Series Smart Switch Administration Guide 270 18 ...

Страница 281: ...Configuring Quality of Service Managing QoS Statistics Cisco Small Business 200 1 1 Series Smart Switch Administration Guide 271 18 ...

Страница 282: ...Configuring Quality of Service Managing QoS Statistics Cisco Small Business 200 1 1 Series Smart Switch Administration Guide 272 18 ...

Страница 283: ...Configuring Quality of Service Managing QoS Statistics Cisco Small Business 200 1 1 Series Smart Switch Administration Guide 273 18 ...

Страница 284: ...Configuring Quality of Service Managing QoS Statistics Cisco Small Business 200 1 1 Series Smart Switch Administration Guide 274 18 ...

Страница 285: ...Configuring Quality of Service Managing QoS Statistics Cisco Small Business 200 1 1 Series Smart Switch Administration Guide 275 18 ...

Страница 286: ...Configuring Quality of Service Managing QoS Statistics Cisco Small Business 200 1 1 Series Smart Switch Administration Guide 276 18 ...

Страница 287: ...Configuring Quality of Service Managing QoS Statistics Cisco Small Business 200 1 1 Series Smart Switch Administration Guide 277 18 ...

Страница 288: ...Configuring Quality of Service Managing QoS Statistics Cisco Small Business 200 1 1 Series Smart Switch Administration Guide 278 18 ...

Страница 289: ...Configuring Quality of Service Managing QoS Statistics Cisco Small Business 200 1 1 Series Smart Switch Administration Guide 279 18 ...

Страница 290: ...Configuring Quality of Service Managing QoS Statistics Cisco Small Business 200 1 1 Series Smart Switch Administration Guide 280 18 ...

Страница 291: ...Configuring Quality of Service Managing QoS Statistics Cisco Small Business 200 1 1 Series Smart Switch Administration Guide 281 18 ...

Страница 292: ...Configuring Quality of Service Managing QoS Statistics Cisco Small Business 200 1 1 Series Smart Switch Administration Guide 282 18 ...

Страница 293: ...Configuring Quality of Service Managing QoS Statistics Cisco Small Business 200 1 1 Series Smart Switch Administration Guide 283 18 ...

Страница 294: ...Configuring Quality of Service Managing QoS Statistics Cisco Small Business 200 1 1 Series Smart Switch Administration Guide 284 18 ...

Страница 295: ...Configuring Quality of Service Managing QoS Statistics Cisco Small Business 200 1 1 Series Smart Switch Administration Guide 285 18 ...

Страница 296: ...Configuring Quality of Service Managing QoS Statistics Cisco Small Business 200 1 1 Series Smart Switch Administration Guide 286 18 ...

Страница 297: ...Configuring Quality of Service Managing QoS Statistics Cisco Small Business 200 1 1 Series Smart Switch Administration Guide 287 18 ...

Страница 298: ...Configuring Quality of Service Managing QoS Statistics Cisco Small Business 200 1 1 Series Smart Switch Administration Guide 288 18 ...

Страница 299: ...Configuring Quality of Service Managing QoS Statistics Cisco Small Business 200 1 1 Series Smart Switch Administration Guide 289 18 ...

Страница 300: ...Configuring Quality of Service Managing QoS Statistics Cisco Small Business 200 1 1 Series Smart Switch Administration Guide 290 18 ...

Страница 301: ...Configuring Quality of Service Managing QoS Statistics Cisco Small Business 200 1 1 Series Smart Switch Administration Guide 291 18 ...

Страница 302: ...Configuring Quality of Service Managing QoS Statistics Cisco Small Business 200 1 1 Series Smart Switch Administration Guide 292 18 ...

Страница 303: ...Configuring Quality of Service Managing QoS Statistics Cisco Small Business 200 1 1 Series Smart Switch Administration Guide 293 18 ...

Страница 304: ...Configuring Quality of Service Managing QoS Statistics Cisco Small Business 200 1 1 Series Smart Switch Administration Guide 294 18 ...

Страница 305: ...Configuring Quality of Service Managing QoS Statistics Cisco Small Business 200 1 1 Series Smart Switch Administration Guide 295 18 ...

Страница 306: ...Configuring Quality of Service Managing QoS Statistics Cisco Small Business 200 1 1 Series Smart Switch Administration Guide 296 18 ...

Страница 307: ...Configuring Quality of Service Managing QoS Statistics Cisco Small Business 200 1 1 Series Smart Switch Administration Guide 297 18 ...

Страница 308: ...Configuring Quality of Service Managing QoS Statistics Cisco Small Business 200 1 1 Series Smart Switch Administration Guide 298 18 ...

Страница 309: ...Configuring Quality of Service Managing QoS Statistics Cisco Small Business 200 1 1 Series Smart Switch Administration Guide 299 18 ...

Страница 310: ...Configuring Quality of Service Managing QoS Statistics Cisco Small Business 200 1 1 Series Smart Switch Administration Guide 300 18 ...

Страница 311: ...Configuring Quality of Service Managing QoS Statistics Cisco Small Business 200 1 1 Series Smart Switch Administration Guide 301 18 ...

Страница 312: ...Configuring Quality of Service Managing QoS Statistics Cisco Small Business 200 1 1 Series Smart Switch Administration Guide 302 18 ...

Страница 313: ...Configuring Quality of Service Managing QoS Statistics Cisco Small Business 200 1 1 Series Smart Switch Administration Guide 303 18 ...

Страница 314: ... and or its affiliates in the U S and other countries A listing of Cisco s trademarks can be found at www cisco com go trademarks Third party trademarks mentioned are the property of their respective owners The use of the word partner does not imply a partnership relationship between Cisco and any other company 1005R ...

Результаты поиска

Содержание Small Business SF200-24

Отзывы:

Похожие инструкции для Small Business SF200-24

Бренды по названию

Популярные бренды

Cisco Small Business SF200-24, Руководство администратора

Результаты поиска

Содержание Small Business SF200-24

Отзывы:

Похожие инструкции для Small Business SF200-24

Бренды по названию

Популярные бренды