background image

M A G N U M   6 K   S W I T C H E S ,     M N S - 6 K   U S E R   G U I D E  
 

 
 

F

IGURE 

116 

- Using IGMP-L2 on Magnum 6K family of switches, a Layer 2 network can minimize multicast 

traffic as shown above. Each switch has the IGMPL2 turned on.  Each switch can exchange the IGMP query 
message and respond properly. R4 wants to view surveillance traffic from T1. As shown by (1), a join request is 
sent by R4. Once the join report information is exchanged, only R4 receives the video surveillance traffic, as shown 
by (2). No other device on the network gets the video surveillance traffic unless they issue a join request as well.  

R1

R2

R3

R4

R5

R6

T1

T1

T2

T2

L2 Mode

L2 Mode

L2 Mode

L2 Mode

 

Since the query and the join information is exchanged between the neighboring switches, the 
topology does not matter. The design issue to consider is the timing difference between a 
topology recovery and IGMP refresh (recovery). GarrettCom Magnum 6K family of switches, 
connected in a S-Ring or RS-Ring topology recovers very rapidly (sub-second recovery). The 
IGMP requests for updates are sent out every few seconds (depending on the network and the 
devices on the network). The recovery of the network from a fault situation is much faster than 
the age out and join request from IGMP. Thus when the Magnum 6K switch network self heals, 
it is possible that the video may freeze till the (IGMP) device reissues a join request again. 
 
A few additional facts about IGMP L2 

 

GarrettCom Magnum 6K family of switches configured for IGMP-L2 can perform the 
Join aggregation required by IGMP 

201

 

Содержание Magnum MNS-6K

Страница 1: ...MAGNUM 6K FAMILY OF SWITCHES Managed Network Software MNS for Magnum 6K family of Switches MNS 6K Release 3 7 1 CLI User Guide 25 00 USD...

Страница 2: ...word help help command or just type command Enter If you need information on a specific feature in Web Management Interface use the online help provided in the interface If you need further informati...

Страница 3: ...demarks and Personal Hub is a registered trademark of GarrettCom Inc NEBS is a registered trademark of Telcordia Technologies UL is a registered trademark of Underwriters Laboratories Ethernet is a tr...

Страница 4: ...creen 24 Logging in for the first time 25 Setting the IP parameters 25 Privilege levels 28 Operator Privileges 28 Manager Privileges 28 User management 28 Add User 29 Delete User 29 Modify Password 29...

Страница 5: ...meters 41 Date and time 43 Network time 44 Saving and loading configuration 45 Config files 48 Displaying configuration 50 Erasing configuration 53 Displaying Serial Number 54 List of commands in this...

Страница 6: ...CS flavors and history 87 TACACS Flow 88 TACACS Packet 89 Configuring TACACS 89 List of commands in this chapter 91 8 Port Mirroring and Setup 93 Port monitoring and mirroring 93 Port mirroring 93 Por...

Страница 7: ...Transition from STP to RSTP 136 Configuring RSTP 137 List of commands in this chapter 147 12 RS Ring S Ring and Link Loss Learn LLL 149 S Ring and LLL concepts 150 RS Ring concepts 151 When to use RS...

Страница 8: ...85 15 Quality of Service 186 QoS concepts 186 DiffServ and QoS 187 IP Precedence 188 Configuring QoS 189 List of commands in this chapter 193 16 IGMP 195 IGMP concepts 195 IGMP L2 199 Configuring IGMP...

Страница 9: ...Chapter 257 Chapter 2 Getting Started 257 Chapter 3 IP Address and System Information 258 Chapter 4 IPv6 261 Chapter 5 Access Considerations 262 Chapter 6 Access Using Radius 263 Chapter 7 Access usi...

Страница 10: ...wnloading the MNS 6K software 303 Next steps 307 2 Preparing to load the software 308 Accessing the switch 308 Serial Connection 308 Network Access 309 Saving the Configuration 309 Serial Connection 3...

Страница 11: ...x Updating boot code over the network 319 Index 321...

Страница 12: ...FIGURE 10 Changing the privilege levels for a user 30 FIGURE 11 Creating user access privileges 30 FIGURE 12 Help command 31 FIGURE 13 Help for a specific command 31 FIGURE 14 Options for the show co...

Страница 13: ...ater in this section to define the ftp server 48 FIGURE 35 Contents of the config file 49 FIGURE 36 Creating host entries on MNS 6K 50 FIGURE 37 show config command output 52 FIGURE 38 displaying spec...

Страница 14: ...low deny or remove specific services 75 FIGURE 57 802 1x network components 78 FIGURE 58 802 1x authentication details 79 FIGURE 59 securing the network using port access 84 FIGURE 60 Flow chart descr...

Страница 15: ...port now becomes forwarding so that traffic can reach all switches in the network Note the mP62 as well as the ESD42 switches support LLL and can participate in S Ring as an access switch 156 FIGURE...

Страница 16: ...e using RSTP and LACP allows multiple switches to be configured together in a meshed redundant link architecture First define the RSTP configuration on the switches Then define the LACP ports Then fin...

Страница 17: ...L2 207 FIGURE 121 GVRP operation see description below 210 FIGURE 122 VLAN Assignment in GVRP enabled switches Non GVRP enabled switches can impact VLAN settings on other GVRP enabled switches 211 FI...

Страница 18: ...ram In the figure above the Windows XP based HyperTerminal screen is shown 311 FIGURE 149 Make sure to select the Xmodem protocol and the proper directory where the configuration is saved Click on Rec...

Страница 19: ...mpt shown in Bold font with a or at the end For the document we will use Magnum6K25 as the default prompt Syntax rules Optional entries are shown in square brackets Parameter values within are shown i...

Страница 20: ...d examples While effort has been made to indicate other Operating System interactions it is best to use a Windows XP based machine when in doubt Supported MNS 6K Version The documentation reflects fea...

Страница 21: ...e setup and managed At this stage the network and the switch are secured It is now critical to make the network more reliable The User Guide switches gears and talks about STP RSTP and S Ring technolo...

Страница 22: ...on IGMP Chapter 16 focuses on GVRP Chapter 17 shows how the SNMP parameters can be setup for managing the switch with network management software such as Castle Rock SNMPc Chapter 18 includes miscella...

Страница 23: ...in available from LAN store or from GarrettCom Inc Alternately a USB to serial cable can also be used This cable is also available from LAN store or GarrettCom Inc 3 A PC or a workstation computer wit...

Страница 24: ...urrent version please refer to the GarrettCom web site for information on updating the MNS 6K software The documentation on how to update the MNS 6K is included as an Appendix in this manual j The Log...

Страница 25: ...tion and maintenance The Magnum 6K family of switches provides a set of system commands which allow effective monitoring configuration and debugging of the devices on the network Console setup Connect...

Страница 26: ...re details This manual was documented on a Magnum 6K25 switch and for clarity the prompt shown in the manual will be Magnum6K25 For additional information on default users user levels and more see Use...

Страница 27: ...e login prompt appears login as manager using default password manager Configure the IP address network mask and default gateway as per the IP addressing scheme for your network Set the Manager Passwo...

Страница 28: ...w setup Version Magnum 6K25 build 3 7 1 Sep 27 2007 16 41 37 MAC Address 00 20 08 03 05 09 IP Address 192 168 5 5 Subnet Mask 255 255 255 0 Gateway Address 192 168 5 1 CLI Mode Manager System Name Mag...

Страница 29: ...perator level prompt and enter the Manager password when prompted Syntax enable user name For example switching from an Operator level to manager level using the enable command is shown below in Figur...

Страница 30: ...5 user FIGURE 7 Adding a user with Manager level privilege In this example user peter was added with Manager privilege Delete User Syntax delete user name Magnum6K25 user delete user peter Confirm Use...

Страница 31: ...user id service telnet web specifies which service telnet or web the user has access to enable disable specifies whether the services are allowed or not allowed Magnum6K25 user Magnum6K25 user add us...

Страница 32: ...idual Command Help for any command that is available at the current context level can be viewed by typing help followed by enough of the command string to identify the command Syntax help command stri...

Страница 33: ...ce to a command or a set of commands use the TAB key Syntax TAB Syntax Command string TAB Syntax First character of the command TAB For example following the syntax listed above the TAB key will list...

Страница 34: ...ut Magnum6K25 logout Logging out from the current session Y or N Y Connection to the host lost FIGURE 18 logout command List of commands in this chapter Syntax ipconfig ip ip address mask subnet mask...

Страница 35: ...help command string help for a specific command Syntax command Enter options for a command Syntax TAB listing all commands available at the privilege level Syntax command string TAB options for a com...

Страница 36: ...switch will operate as a standalone Layer 2 switch Without an IP address you cannot Use the web interface to manage the switch Use telnet to access the CLI Use any SNMP Network Management software to...

Страница 37: ...y used in the industry It s best to check with your network administrator as to what protocol to use and what the related parameters are DHCP and bootp require respective services on the network DHCP...

Страница 38: ...t mode for the switch Where dhcp bootp manual auto where dhcp look only for DHCP servers on the network for the IP address Disable bootp or other modes bootp look only for bootp servers on the network...

Страница 39: ...iscuss or edit changes to the MNS 6K This also becomes useful as two remote people want to view the commands and other settings on the switch The telnet client can be disabled by using the telnet disa...

Страница 40: ...ote host from the Magnum 6K family of switches Syntax telnet ipaddress port port number The default port for telnet is 23 Magnum6K25 show ipconfig IP Address 192 168 1 11 Subnet Mask 255 255 255 0 Gat...

Страница 41: ...itch The commands in these telnet windows are executed in a round robin i e if one window takes a long time to finish a command the other windows may encounter a delay before the command is completed...

Страница 42: ...can be queried and changed To query the system parameters two commands are used frequently They are show sysconfig and show setup Both the commands are shown below Magnum6K25 show setup Version Magnu...

Страница 43: ...g System Name Using a unique name helps you to identify individual devices in a network System Contact and System Information This is helpful for identifying the administrator responsible for the swit...

Страница 44: ...time hour 8 min 30 sec 0 zone GMT 8 00 success in setting device time Magnum6K25 show time Time 8 30 04 Magnum6K25 show timezone Timezone GMT 08hours 00minutes Magnum6K25 set date year 2003 month 10...

Страница 45: ...SNTP parameter enter the SNTP configuration mode from the manager The setsntp sync sntp commands can then be used to setup the time synchronization automatically from the SNTP server Note it is not s...

Страница 46: ...or loaded are not in a human readable format The commands for saving and loading configurations on the network are Syntax saveconf mode serial tftp ftp ipaddress file name Syntax loadconf mode serial...

Страница 47: ...f script hosts log host hostname ip ipaddress file filename user user pass password upload and download information using ftp command Where get put list del different ftp operations type app config ol...

Страница 48: ...ations get a file from the server or put the information on the server type app config oldconf script hosts log optional type field This is useful to specify whether a log file or host file is uploade...

Страница 49: ...K is the capability to export the CLI commands as described in this manual used to configure the switch To do that for example using the tftp command the sequence of commands are shown below Magnum 6K...

Страница 50: ...al damages due to improper use Magnum 6KQ build 3 7 1 Sep 27 2007 16 41 37 Modules 39 99 86 0 Slot A 4 Port TP MDIX Module Slot B 2 Port Fiber10 Module Slot C 4 Port Fiber100 Module Slot D 1 10 100 10...

Страница 51: ...accessing host This is equivalent to creating a host table on many systems Maximum of 10 such entries are allowed Syntax show host displays the host table entries Magnum6K25 access Magnum6K25 access...

Страница 52: ...VRP settings snmp SNMP settings web Web and SSL TLS settings tacacs TACACS settings auth 802 1x Settings igmp IGMP Settings smtp SMTP settings If the module name is not specified the whole configurati...

Страница 53: ...roup_count 0 view_count 1 view1_name all view1_type included view1_subtree 1 view1_mask ff more additional lines deleted for succinct viewing FIGURE 38 displaying specific modules using the show confi...

Страница 54: ...ecommended to save the configuration using saveconf command discussed above before using the kill config command The kill config will also reset the IP address and all other parameters as well unless...

Страница 55: ...aying Serial Number To display the serial number of the unit use the command show setup as shown below The command also displays other information related to the switch Syntax show setup display the s...

Страница 56: ...HCP server then BootP server then check if the IP address 192 68 1 2 is freed up bootimg enable disable valiad with type bootp only Allows the switch to load the image file from the BootP server This...

Страница 57: ...esets the system configuration The module_name option does not reset the specific module parameters The modules are system event port bridge stp ps mirror sntp vlan gvrp and snmp Syntax show session d...

Страница 58: ...nection Where get put different xmodem file transfer operations get a file from the server or put the information on the server type app config oldconf script hosts log optional type field This is use...

Страница 59: ...ings Syntax show setup reviews system parameters Syntax show sysconfig reviews settable system parameters Syntax show time shows the system time Syntax show timezone shows the system timezone Syntax s...

Страница 60: ...uly 25 1994 in RFC 1752 The Recommendation for the IP Next Generation Protocol The recommendation was approved by the Internet Engineering Steering Group and made a proposed standard on November 17 19...

Страница 61: ...o multicast addresses A new type of address called a anycast address is defined to identify sets of nodes where a packet sent to an anycast address is delivered to one of the nodes The use of anycast...

Страница 62: ...s space 232 This works out to be 340 282 366 920 938 463 463 374 607 431 768 211 456 This is an extremely large address space In a theoretical sense this is approximately 665 570 793 348 866 943 898 5...

Страница 63: ...way Magnum 6K25 FIGURE 42 Configuring IPv6 In addition to the commands listed above the commands which support IPv6 addressing are Syntax ftp IPv6 address ftp to an IPv6 station Example ftp fe80 220 6...

Страница 64: ...S M N S 6 K U S E R G U I D E Syntax ping6 IPv6 address pings an IPv6 station Syntax show ipv6 displays the IPv6 information Syntax ftp IPv6 address ftp to an IPv6 station Syntax telnet IPv6 address...

Страница 65: ...rs and computers on a network Secure access on a network can be provided by authenticating against an allowed MAC address as well as IP address Passwords Magnum 6K family of switches comes with a fact...

Страница 66: ...work security hinges on the ability to allow or deny access to network resources The access control aspect of secure network services involves allowing or disallowing traffic based on information cont...

Страница 67: ...emove mac all address list range port num list range Syntax signal port num list range none log trap logandtrap Where allow mac configures the switch to setup allowed MAC addresses on specific ports l...

Страница 68: ...ecified port No spaces between specified MAC addresses Magnum6K25 port security action port 9 10 none Magnum6K25 port security learn port 9 10 enable FIGURE 47 Port security the port learns the MAC ad...

Страница 69: ...ADDRESS 9 ENABLE LOG NONE ENABLE 6 00 e0 29 2a f1 bd 00 01 03 e2 27 89 00 07 50 ef 31 40 00 e0 29 22 15 85 00 03 47 ca ac 45 00 30 48 70 71 23 10 ENABLE NONE NONE DISABLE 0 Not Configured 11 ENABLE NO...

Страница 70: ...MAC address from port security Magnum6K25 port security signal port 11 logandtrap Port security Signal type set to Log and Trap on selected port s FIGURE 53 Setting the logging on a port The figures...

Страница 71: ...03 e2 27 89 00 07 50 ef 31 40 00 e0 29 22 15 85 00 03 47 ca ac 45 00 30 48 70 71 23 10 ENABLE NONE NONE DISABLE 0 Not Configured 11 ENABLE NONE NONE ENABLE 0 00 c1 00 7f ec 00 12 ENABLE NONE NONE DISA...

Страница 72: ...l messages A few point to note about logs By default the logging is limited to the first six levels The event log is now automatically saved to flash so rebooting will not loose them NOTE since the ev...

Страница 73: ...m SWM 192 168 5 2 Note 01 01 2001 12 01 47 A M WEB User manager Login From SWM 192 168 5 2 Note 01 01 2001 12 04 16 A M SYSMGR Loaded Application Ver 3 7 Note 01 01 2001 12 00 00 A M SYSMGR System Was...

Страница 74: ...s the most recently detected security violation attempts This provides a chronological entry of all intrusions attempted on a specific port The event log records events as single line entries listed i...

Страница 75: ...orized managers service the services allowed or denied are telnet web and SNMP It is assumed here that the user is familiar with IP addressing schemes e g Class A B C etc subnet masking and masking is...

Страница 76: ...ne disable drop action to perform in case of breach of port security Syntax signal port num list range none log trap logandtrap port to monitor and signal to send in case of breach of port security Sy...

Страница 77: ...s Syntax show ip access display all trusted hosts Syntax clear history log 1 5 informational activity critical fatal debug terminal arp portstats addr clear command to clear various aspects of the MNS...

Страница 78: ...dial in users Today many businesses use the RADIUS server for authenticating users connecting into a network For example if a user connects a PC into the network whether the PC should be allowed acce...

Страница 79: ...ntication Server RADIUS 802 1x Switch Supplicant Authenticator Authentication Server RADIUS 802 1x Switch FIGURE 57 802 1x network components The RADIUS server is the authentication server The authent...

Страница 80: ...an EAP Request frame This will request the supplicant to pass its credentials for authentication 6 The supplicant will send its credentials using an EAP Response packet 7 The authenticator will relay...

Страница 81: ...ate the port use the setport command The CLI commands to configure and perform authentication with a RADIUS server are Syntax auth configuration mode to configure the 802 1x parameters Syntax show aut...

Страница 82: ...conds Syntax reauth port num list range status enable disable period 10 86400 set values on how the authenticator Magnum 6K switch does the re authentication with the supplicant or PC port mandatory p...

Страница 83: ...Auto Deasserted Unauthorized 8 Enabled Auto Deasserted Unauthorized 9 Enabled Auto Deasserted Unauthorized 10 Enabled Auto Deasserted Unauthorized 11 Enabled Auto Deasserted Unauthorized 12 Enabled A...

Страница 84: ...n parameter s Force the authentication period on port 1 every 5 minutes all other ports are force authenticated every hour as the show port reauth command shows The amount of time in seconds the suppl...

Страница 85: ...pLogoffsWhileConnecting 0 authEntersAuthenticating 3 authAuthSuccessesWhileAuthenticating 2 authAuthTimeoutsWhileAuthenticating 0 authAuthFailWhileAuthenticating 0 authAuthReauthsWhileAuthenticating 0...

Страница 86: ...in seconds the authenticator waits for the backend RADIUS server to respond back The default value is 30 seconds Values can range from 1 to 240 seconds maxreq optional The maximum number of times the...

Страница 87: ...gured status optional This enables disables re authentication period optional this is the re authentication period in seconds This is the time the authenticator waits before a re authentication proces...

Страница 88: ...Network Cisco s enhancements to TACACS are called XTACACS XTACACS is now replaced by TACACS TACACS is a TCP based access control protocol TCP offers a reliable connection oriented transport while UDP...

Страница 89: ...orized as Manager Login as Manager Start Additional Servers Logout Connection failure No Yes Login User in Local User List Yes Is User Manager Yes Login as Manager Login as Operator No No TACACS Enabl...

Страница 90: ...TACACS server 32 bits wide 4 4 8 8 8 bits Major Version Minor Version Packet type Sequence no Flags Session ID Length FIGURE 61 TACACS packet format Major Version The major TACACS version number Minor...

Страница 91: ...or add TCP port number on which the server is listening encrypt enable disable optional for add enable or disable packet encryption key string optional for add mandatory with encrypt when encryption i...

Страница 92: ...ers show status of TACACS or servers configured as TACACS servers Syntax tacplus enable disable order tac local local tac enable or disable TACACS authentication specifying the order in which the serv...

Страница 93: ...rypt enable disable optional for add enable or disable packet encryption key string optional for add mandatory with encrypt when encryption is enabled the secret shared key string must be supplied mgr...

Страница 94: ...the traffic for a specific port is reflected on another port typically a monitoring port The Magnum 6K family of switches can be instructed to repeat the traffic from one port onto another port This...

Страница 95: ...tmr diable command 1 Only one port can be set to port mirror at a time 2 Both the ports monitored port and sniffer port have to belong to the same VLAN 3 The mirrored port shows both incoming as well...

Страница 96: ...ort 11 name JohnDoe Magnum6K25 device setport port 12 name JaneDoe Magnum6K25 device show port Keys E Enable D Disable H Half Duplex F Full Duplex M Multiple VLANs NA Not Applicable LI Listening LE Le...

Страница 97: ...ntrol is for full duplex operation and the controls provided indicates the number of buffers allowed for incoming traffic before a Rxon or Rxoff information is sent RXon is sent when the number of buf...

Страница 98: ...sed congestion control is possible only on half duplex 10 Mbps Ethernet ports Other technologies are not supported on Magnum 6K family of switches Syntax backpressure rxthreshold value where rxthresho...

Страница 99: ...Half Duplex F Full Duplex M Multiple VLAN s NA Not Applicable LI Listening LE Learning F Forwarding B Blocking Port Name Control Dplx Media Link Speed Part Auto VlanID GVRP STP 9 B1 E H 10Tx UP 10 No...

Страница 100: ...tion State Enable Port STP State NO STP Port GVRP State No GVRP Port Priority Type None Port Security Enable Port Flow Control Enable Port Back Pressure Enable Magnum6K25 device exit Note the flow con...

Страница 101: ...Syntax rate threshold port port list range rate frames sec set the rate limit in frames per second Syntax show broadcast protect display the broadcast storm protection settings In the example below t...

Страница 102: ...ting for broadcast traffic Please refer to the above section on broadcast storms List of commands in this chapter Syntax show port mirror display port mirror settings Syntax port mirror enter configur...

Страница 103: ...uffers Syntax backpressure rxthreshold value configure backpressure buffers Syntax show backpressure display backpressure buffers Syntax broadcast protect enable disable protect switch from broadcast...

Страница 104: ...Ethernet segments co exist on common hardware The reason for creating multiple segments in Ethernet is to isolate collision domains VLANs can isolate groups of users or divide up traffic for security...

Страница 105: ...2 and 3 This is not shown in the figure By default on Magnum 6K family of switches VLAN support is enabled and all ports on the switch belong to the default VLAN DEFAULT VLAN This places all ports on...

Страница 106: ...a nutshell the term port vlan is specific to a switch and port VLAN assigns a specific port or group of ports belonging to a VLAN So when ports belong to multiple VLANs and they are specific to a swit...

Страница 107: ...Q compliant device attached such as another switch these tagged frames can carry VLAN membership information between switches thus letting a VLAN span multiple switches Normally connections between sw...

Страница 108: ...n different VLANs is needed Broadcast traffic is not isolated to one VLAN in Port VLANs General steps for using port VLANs are 1 Plan your VLAN strategy and create a map of the logical topology that w...

Страница 109: ...ng the configuration Syntax save Editing VLANs Syntax edit id vlan Id name vlan name port number list range mgt nomgt Displaying the VLAN information Syntax show vlan type port tag id vlanid Magnum6K2...

Страница 110: ...port vlan add id 10 name engineering port 14 Vlan added successfully with Vlan id 10 Vlan name engineering Ports 14 Magnum6K25 port vlan add id 20 name engineering port 14 ERROR Duplicate Vlan name M...

Страница 111: ...num6K25 port vlan start vlan all All pending VLAN s started Magnum6K25 port vlan show vlan type port VLAN ID 1 Name Default VLAN Status Active PORT STATUS 9 UP 10 DOWN 11 DOWN 12 DOWN 13 UP 15 DOWN 16...

Страница 112: ...ons Default VLAN id is the VLAN id assigned to the untagged packets received on that port For Magnum 6K family of switches the default VLAN id is 1 Syntax set port port number list range filter status...

Страница 113: ...DOWN 1 A word of caution when TAG VLAN filtering is enabled there can be serious connectivity repercussions the only way to recover from that it is to reload the switch without saving the configurati...

Страница 114: ...active VLAN s stopped Magnum6K25 port vlan exit Magnum6K25 set vlan type tag VLAN set to Tag based Magnum6K25 show active vlan Tag VLAN is currently active Magnum6K25 show vlan type tag VLAN ID 1 Nam...

Страница 115: ...ag based vlan Added Successfully Vlan id 20 Vlan name sales Ports 14 16 Magnum6K25 tag vlan add id 20 name marketing port 14 16 ERROR Duplicate Vlan Id Magnum6K25 tag vlan add id 30 name marketing por...

Страница 116: ...Name marketing Status Pending PORT MODE STATUS 14 UNTAGGED DOWN 15 UNTAGGED DOWN 16 UNTAGGED DOWN Magnum6K25 tag vlan start vlan all All pending VLAN s started Magnum6K25 tag vlan set port port 14 16...

Страница 117: ...using telnet session on this port setting ingress might stop the session Do you want to continue Y or N Y Ingress Filter Enabled Magnum6K25 tag vlan show vlan type tag VLAN ID 1 Name Default VLAN Stat...

Страница 118: ...ging enabled Magnum6K25 tag vlan set port port 14 16 tagging id 30 status tagged Port tagging enabled Magnum6K25 tag vlan show vlan type tag VLAN ID 1 Name Default VLAN Status Active PORT MODE STATUS...

Страница 119: ...gating on a VLAN please use the commands listed below Syntax add id vlan Id name vlan name port number list range forbid number list range mgt nomgt add VLANs GarrettCom recommends to disable manageme...

Страница 120: ...rts 15 16 Magnum 6K25 tag vlan show vlan type tag VLAN ID 1 Name Default VL Status Active PORT MODE STATUS 1 UNTAGGED UP 2 UNTAGGED DOWN 3 UNTAGGED DOWN 4 UNTAGGED DOWN 5 UNTAGGED DOWN 6 UNTAGGED DOWN...

Страница 121: ...n show vlan type tag id 5 VLAN ID 5 Name engineering Status Pending Management Port Excluded from this VLAN PORT MODE STATUS 14 UNTAGGED DOWN Magnum 6K25 tag vlan show vlan type tag id 5 port 10 14 VL...

Страница 122: ...D DOWN 15 UNTAGGED DOWN 16 UNTAGGED DOWN VLAN ID 5 Name engineering Status Pending Management Port Excluded from this VLAN PORT MODE STATUS 14 UNTAGGED DOWN VLAN ID 10 Name marketing Status Pending Ma...

Страница 123: ...tion Syntax set port port number list range default id number sets the default VLAN id For Magnum 6K family of switches the default VLAN id is 1 unless changed using this command Syntax set port port...

Страница 124: ...eads to a broadcast storm or other erratic behavior that can bring down the network j As recommended in the IEEE 802 1Q VLAN standard the Magnum 6K family of switches uses single instance STP This mea...

Страница 125: ...is disabled To use STP it has to be manually enabled 2 If you are using tagged VLANs at least one untagged VLAN must be available for the BPDU s to propagate through the network to update STP status U...

Страница 126: ...the root device Lower values mean higher priority Value ranges from 0 to 65535 Default value is 32768 Bridge Forward Delay indicates the time duration the switch will wait from listening to learning s...

Страница 127: ...discards the information as being old and receives new updates These variables can be changed using the priority cost port and timers commands described later in this chapter Magnum6K25 show stp port...

Страница 128: ...or stop Disable STP Syntax set stp type stp rstp set the spanning tree protocol to be IEEE 802 1d or 802 1w Rapid Spanning Tree Protocol Syntax show active stp Display which version of STP is currentl...

Страница 129: ...80 00 00 20 06 25 ed 80 80 0c 13 TP 10 100 128 19 Forwarding 80 00 00 20 06 25 ed 80 80 0d 14 TP 10 100 128 100 Disabled 80 00 00 20 06 25 ed 80 80 0e 15 TP 10 100 128 100 Disabled 80 00 00 20 06 25...

Страница 130: ...istening to learning states and from learning to forwarding states The value ranges from 4 to 30 seconds Default value is 15 Hello When the switch is the root device this is the time between messages...

Страница 131: ...ning Tree Enabled Global YES Spanning Tree Enabled Ports YES 9 10 11 12 13 14 15 16 Protocol Normal STP Bridge ID 80 00 00 20 06 25 ed 80 Bridge Priority 32768 Bridge Forward Delay 15 Bridge Hello Tim...

Страница 132: ...riority 15535 Root Bridge Forward Delay 15 Root Bridge Hello Time 2 Root Bridge Max Age 20 RSTP CONFIGURATION Rapid STP STP Enabled Global NO Magnum6K25 stp priority port 13 value 20 Successfully set...

Страница 133: ...0a 11 TP 10 100 128 100 Disabled 80 00 00 20 06 25 ed 80 80 0b 12 TP 10 100 128 100 Disabled 80 00 00 20 06 25 ed 80 80 0c 13 TP 10 100 20 19 Forwarding 80 00 00 20 06 25 ed 80 80 0d 14 TP 10 100 128...

Страница 134: ...bal NO Magnum6K25 stp timers forward delay 20 hello 5 age 40 ERROR Invalid Values Max Age 2 Forward Delay 1 and Max Age 2 Hello Time 1 Magnum6K25 stp timers forward delay 20 hello 5 age 30 Successfull...

Страница 135: ...ist range value 0 255 0 65535 specifies the port or switch level priority When a port s are specified the priority is associated with ports and their value is 0 255 If no ports are specified then the...

Страница 136: ...r evolution of the 802 1d Spanning Tree Protocol It replaces the settling period with an active handshake between switches bridges that guarantees topology information to be rapidly propagated through...

Страница 137: ...state While in this state the port both learns addresses and participates in frame transfer while in this state The result of these enhanced states is that the IEEE 802 1d version of spanning tree STP...

Страница 138: ...uplication and out of sequence frames RSTP may have to be explicitly set to be compatible with STP This explicit setting is called setting the Force Protocol Version parameter to be STP compatible Thi...

Страница 139: ...ected to other devices such as hubs bridges and switches known to support IEEE 802 1d STP services but cannot support RSTP services Syntax show active stp status whether STP or RSTP is running Syntax...

Страница 140: ...om listening to learning states and from learning to forwarding states The value ranges from 4 to 30 seconds Default value is 15 Bridge Hello Time when the switch is the root device this is the time b...

Страница 141: ...Bridge Des Port 09 TP 10 100 128 2000000 Forwarding 00 00 00 20 06 25 ed 89 00 09 10 TP 10 100 128 2000000 Disabled 00 0a 11 TP 10 100 128 2000000 Disabled 00 0b 12 TP 10 100 128 2000000 Disabled 00...

Страница 142: ...isabled 00 01 02 TP 10 100 128 2000000 Disabled 00 02 03 TP 10 100 128 2000000 Disabled 00 03 04 TP 10 100 128 2000000 Disabled 00 04 05 TP 10 100 128 2000000 Disabled 00 05 06 TP 10 100 128 200000 Fo...

Страница 143: ...re let MNS 6K software make the decisions Syntax timers forward delay 4 30 hello 1 10 age 6 40 change the STP Forward delay Hello timer and Aging timer values Priority specifies the switch bridge prio...

Страница 144: ...the RSTP status Magnum6K25 rstp show active stp Current Active Mode RSTP RSTP is Enabled Magnum6K25 rstp show stp config RSTP CONFIGURATION Rapid STP STP Enabled Global YES RSTP STP Enabled Ports 9 10...

Страница 145: ...stp show stp config RSTP CONFIGURATION Rapid STP STP Enabled Global YES RSTP STP Enabled Ports 9 10 11 12 13 14 15 16 Protocol Force to STP only Bridge ID 00 00 00 20 06 25 ed 89 Bridge Priority 0 Bri...

Страница 146: ...ec Magnum6K25 rstp show stp ports RSTP Port Configuration Port Type Priority Path Cost State Des Bridge Des Port 09 TP 10 100 128 2000000 Forwarding 00 00 00 20 06 25 ed 89 00 09 10 TP 10 100 128 2000...

Страница 147: ...0 0d 14 TP 10 100 128 2000000 Disabled 00 0e 15 TP 10 100 128 2000000 Disabled 00 0f 16 TP 10 100 128 2000000 Disabled 00 10 Magnum6K25 rstp port port 9 status disable Magnum6K25 rstp show stp ports R...

Страница 148: ...Protocol Normal RSTP Bridge ID 00 00 00 20 06 25 ed 89 Bridge Priority 0 Bridge Forward Delay 20 Bridge Hello Time 05 Bridge Max Age 30 Root Port 0 Root Path Cost 0 Designated Root 00 00 00 20 06 25...

Страница 149: ...atus whether STP or RSTP is running Syntax show stp config ports display the RSTP or STP parameters Syntax forceversion stp rstp set the STP or RSTP compatibility mode Syntax show forceversion the cur...

Страница 150: ...device supporting LLL when a connection is broken or there is loss of the link signal on a ring port LLL can be used with S Ring on managed switches such as the GarrettCom Magnum 6K family of switche...

Страница 151: ...resses that route packets around the fault This procedure which is similar to switch initialization occurs within milliseconds resulting in fast ring recovery An S Ring implementation watches for link...

Страница 152: ...software standards such as Rapid Spanning Tree Protocol RSTP based on IEEE 802 1w RS Ring defines two ports on each switch which participates in the ring topology and works with the RSTP tree structur...

Страница 153: ...ted below Speed RS Ring offers substantially faster recovery times compared to S Ring While the recovery time will vary on factors such as number of nodes in a ring lengthof the ring etc on an average...

Страница 154: ...r Many Many Recovery decision Distributed across all switches in the ring Works with RSTP in each switch Centralized to Ring Manager LLL provides triggers to recomputed topology for ring members Also...

Страница 155: ...g Size 50 nodes 50 nodes NA NA Dual Homing Supports dual homing to members in the ring Supports dual homing to members in the ring Supports dual homed device to devices in the network Supports dual ho...

Страница 156: ...re in the ring will interrupt the flow of standard RSTP STP status checking BPDU packets and will signal to RSTP STP that a fault has occurred According to the standard RSTP STP defined sequence proto...

Страница 157: ...tes depending on the number of switches and other RSTP STP parameters in operation RSTP STP Operation with S Ring When the Magnum 6K family of switches is used in the network and the S Ring feature is...

Страница 158: ...he ring The MNS 6K software package provides for remote operation access security event logs and other industry standard managed network capabilities suitable for industrial applications requiring red...

Страница 159: ...hes can significantly reduce switch address memory decay time resulting in more rapid reconfiguration With Link Loss Learn LLL Magnum 6K family switches in a ring can flush their address memory buffer...

Страница 160: ...S RING Module Successfully Authorized Please Save Configuration Magnum6K25 save Saving current configuration Configuration saved Saving current event logs Event logs saved Magnum 6K25 reboot Proceed...

Страница 161: ...rrently active Syntax show s ring show the status of S Ring status and configuration Syntax s ring enable disable enable or disable S Ring capabilities Syntax s ring learn start the learning process t...

Страница 162: ...l timers and safeguards to prevent erroneous operation Ring faults are not expected to happen in quick successions If the ring system sees a sequence of changes in the duration of a less than a second...

Страница 163: ...n S Ring RSTP Operation with RS Ring When the managed Magnum 6K family of switches is used in the network and the RS Ring feature is enabled5 each of the managed Magnum 6K switch knows of the neighbor...

Страница 164: ...RSTP functions are performed by the Magnum 6K family of switches for other ports in the same manner as they would be without RS Ring enabled when operating in the RING_CLOSED state During this state R...

Страница 165: ...Successfully Authorized Please Save Configuration Magnum6K25 save Saving current configuration Configuration saved Saving current event logs Event logs saved FIGURE 91 Activating RS Ring on the switc...

Страница 166: ...witch Syntax rs ring del port port1 port2 remove the switch from RS Ring topology by eliminating the end ports on the switch Magnum 6K25 authorize s ring key BABABABABABAB S RING Module Successfully A...

Страница 167: ...Don t forget to use the save command to save the key Syntax stp STP Configuration mode Syntax stp enable disable Start Enable or stop Disable STP Syntax set stp type stp rstp set the spanning tree pr...

Страница 168: ...on mode Syntax rstp enable disable Start Enable or stop Disable STP Syntax set stp type stp rstp set the spanning tree protocol to be IEEE 802 1d or 802 1w Rapid Spanning Tree Protocol Syntax show act...

Страница 169: ...iability by allowing a device to be connected to the network by way of two independent connection points points of attachment One connection point is the operating connection and the other is a standb...

Страница 170: ...s well as other advantages such as IGMP managed configuration and more To provide the managed reliability to the end devices dual homing can be used with MNS 6K devices FIGURE 94 Dual homing using Mag...

Страница 171: ...nectors cables in the switch6 Only one set of dual homing ports can be defined per switch Port types Copper vs fiber as well as speeds can be mixed and matched both ports need not be identical By defa...

Страница 172: ...has to be explicitly setup The primary secondary mode of operation is only possible on managed switches such as the Magnum 6K family of switches The primary secondary mode of operation allows the netw...

Страница 173: ...al Homing Active On Port 10 Magnum 6K25 dualhome dualhome del Dual Homing Ports Deleted and Dual Homing Disabled Magnum 6K25 dualhome show dualhome Dual Homing Status DISABLED Magnum 6K25 dualhome dua...

Страница 174: ...ntax dualhome enable disable enable or disable dual homing Syntax dualhome add port1 port port2 port dual homing setup similar to that of unmanaged switches such as ESD42 OR Syntax dualhome add primar...

Страница 175: ...links into a single logical link for increased bandwidth With LACP the effective bandwidth of a trunk and network availability is increased Two or more Fast Ethernet connections are combined as one lo...

Страница 176: ...Us by default So it is possible to hook up multiple ports to these switches and create an Ethernet loop In many cases this is prevented by Spanning Tree running on these switches All ports in a trunk...

Страница 177: ...shown below FIGURE 98 an incorrect LACP connection scheme for Magnum 6K family of switches All LACP trunk ports must be on the same module and cannot span different modules Switch 1 Switch 2 Switch 1...

Страница 178: ...set of ports can belong to same VLANs as shown in the figure below While the ports belong to the same VLANs there is no common VLAN between the switches and hence the LACPDU cannot be transmitted Thi...

Страница 179: ...valid configuration VLAN 1 10 VLAN 1 20 Switch 2 Switch 1 Switch 3 Switch 2 Switch 1 FIGURE 102 In the architecture above using RSTP and LACP allows multiple switches to be configured together in a me...

Страница 180: ...bone Using this reliable core with a dual homed edge switch brings reliability and redundancy to the edge of the network It is recommended not to use LACP with S Ring at this time Since S Ring and LAC...

Страница 181: ...ween two facilities connected via a wireless bridge As shown in the figure below four trunk ports are connected to four wireless bridge pairs This increases the effective throughput of the wireless co...

Страница 182: ...m the logical LACP trunk Default value for priority is 32768 The lower the value assigned to priority the higher the priority The port with the highest priority is the primary port Syntax del port num...

Страница 183: ...designated as the LACP group port 4 would become the primary port If the primary port fails the next available secondary port is designated as the primary port So in the example above if port 4 fails...

Страница 184: ...ing LACP The error messages received when a trunk port is not configured properly are as follows Link Down Link is down or the cable is not connected Half duplex A Half Duplex port Half Duplex ports c...

Страница 185: ...mmand listed below In the figure shown above Switch 1 has ports 11 and 15 forming the first trunk connecting to Switch 3 Switch 1 also has ports 17 and 23 forming the second trunk on Switch 2 The show...

Страница 186: ...range priority 0 65535 add the specified list of ports to form the logical LACP trunk Default value for priority is 32768 The lower the value assigned to priority the higher the priority The port with...

Страница 187: ...plement buffers to queue incoming packets as well as outgoing packets In a queue mechanism normally the packet which comes in first leaves first FIFO and all the packets are serviced accordingly Imagi...

Страница 188: ...n the LAN MAN and WAN DiffServ works by tagging each packet at the originating device or an intermediate switch for the requested level of service it requires across the network FIGURE 109 ToS and DSC...

Страница 189: ...need to differentiate these bits from the rest of the ToS byte The Magnum 6K family of switches has the capability to provide QoS at Layer 2 At Layer 2 the frame uses Type of Service ToS as specified...

Страница 190: ...e IPv4 packet which has 64 bits are used If the 6 bits are set to ToS QoS for the specific port number the packet went to that packet is assigned high priority by that port Configuring QoS Magnum 6K f...

Страница 191: ...For instance traffic with an IP precedence field value of 7 gets a lower weight than traffic with an IP Precedence field value of 3 and thus has priority in the transmit order Once the port weight is...

Страница 192: ...tagged received packets to be transmitted as tagged from the priority queue Magnum6K25 show port Keys E Enable D Disable H Half Duplex F Full Duplex M Multiple VLAN s NA Not Applicable LI Listening LE...

Страница 193: ...K25 qos show qos PORT QOS STATUS 9 None UP 10 Port DOWN 11 Tag DOWN 12 None DOWN 13 None UP 14 None DOWN 15 None DOWN 16 None DOWN Magnum6K25 qos show qos type tag PORT QOS STATUS 9 UP 10 DOWN 11 6 DO...

Страница 194: ...nds in this chapter Syntax qos enter the QoS configuration mode Syntax setqos type port tag tos none port port list range priority high low tos 0 63 list range tag 0 7 list range depending on the type...

Страница 195: ...4 Syntax show qos type port tag tos port port list range displays the QoS settings Syntax set untag port port list range priority high low tag 0 7 The 802 1p user priority assigned to untagged receive...

Страница 196: ...am i e the datagram is not guaranteed to arrive at all members of the destination group or in the same order relative to other datagram The membership of a host group is dynamic that is hosts may join...

Страница 197: ...IGMP is not present then the switch must assume this function in order to elicit group membership information from the hosts on the network If you need to disable the querier feature you can do so thr...

Страница 198: ...fic and does not distinguish between IP multicast group members and non members Thus it is sending large amounts of unwanted multicast traffic out the ports to PCs 2 and 3 Switch 2 is recognizing IGMP...

Страница 199: ...rk In the above figure the multicast group traffic does not go to switch 1 and beyond This is because either the port on switch 3 that connects to switch 1 has been configured as blocked or there are...

Страница 200: ...hanges A multicast group is formed in the switch and the stream is sent only to those ports that actually want to join the stream The default behavior of multicasting streams to all ports could create...

Страница 201: ...s shown below FIGURE 115 In a Layer 2 network an IGMP multicast traffic goes to all the nodes In the figure T1 a surveillance camera using multicast will send the traffic to all the nodes R1 through R...

Страница 202: ...e query and the join information is exchanged between the neighboring switches the topology does not matter The design issue to consider is the timing difference between a topology recovery and IGMP r...

Страница 203: ...L2 and IGMP L3 networks can co exist The Magnum 6K family of switches configured for IGMP L2 are aware of topology changes so new queries can be sent or tables updated to ensure robustness Configurin...

Страница 204: ...e output of show igmp provide useful information The following information is provided IGMP State shows if IGMP is turned on Enable or off Disable Immediate Leave provides a mechanism for a particular...

Страница 205: ...hree different IGMP modes Auto Block and Forward Auto lets IGMP control whether the port should or should not participate sending multicast traffic Block manually configures the port to always block m...

Страница 206: ...n it receives a response from a host The Default value is 10 seconds The Range can be from 2 to 270 seconds Restrictions apply to the maximum value because of an internal calculation that is dependent...

Страница 207: ...Magnum6K25 igmp show igmp IGMP State Enabled ImmediateLeave Disabled Querier Enabled Querier Interval 125 Querier Response Interval 10 Magnum6K25 igmp set querier disable IGMP querier status is disab...

Страница 208: ...igmp Magnum 6K25 igmp mode L2 IGMP set to L2 Mode Magnum 6K25 igmp show igmp IGMP State Disabled ImmediateLeave Disabled Querier L2 Mode Querier Interval 125 Querier Response Interval 10 Multicasting...

Страница 209: ...a host sending a leave message rather that wait for the timer to expire Syntax set querier enable disable enables or disables a switch as IGMP querier Syntax set qi interval value The IGMP querier rou...

Страница 210: ...r devices GVRP uses GVRP Bridge Protocol Data Units GVRP BPDUs to advertise static VLANs We refer to GVRP BPDU as an advertisement GVRP enables the Magnum 6K family of switches to dynamically create 8...

Страница 211: ...RP On 1 5 Switch 3 GVRP On 4 5 Switch 3 GVRP On 5 Switch 3 GVRP On 4 Static VLAN configured end device NIC or switch with GVRP on 6 Static VLAN configured end device NIC or switch with GVRP on 6 Switc...

Страница 212: ...ts 11 12 belong to Tagged VLAN 33 Switch E Port 2 dynamically joined VLAN 33 Ports 7 dynamically joined VLAN 33 Switch D Port 3 dynamically joined VLAN 33 Ports 6 dynamically joined VLAN 33 Switch A G...

Страница 213: ...e advertisements for VLANs on other ports and dynamically join those VLANs Send VLAN advertisements but ignore advertisements received from other ports Avoid GVRP participation by not sending advertis...

Страница 214: ...gured on one or more switches with GVRP enabled MNS 6K allows a dynamic VLAN to be converted to a static VLAN The command to use is Syntax static vlan VID convert a dynamic VLAN to a static VLAN Note...

Страница 215: ...126 GVRP options As the above table indicates a port that has a tagged or untagged static VLAN has the option to both generate advertisements and dynamically join other VLANs The unknown VLAN paramete...

Страница 216: ...the port to learn block or disable for GVRP Note the default state is disable Syntax static vlan VID convert a dynamic VLAN to a static VLAN Syntax set forbid vlan tag vlanid forbid port number list r...

Страница 217: ...ecause a hub or a switch that is not GVRP aware will flood the GVRP multicast advertisement packets out all ports GVRP assigns dynamic VLANs as tagged VLANs To configure the VLAN as untagged first con...

Страница 218: ...RP Syntax show vlan list all the VLANs including dynamic VLANs on the switch Syntax set ports port port list range state learn block disable set the state of the port to learn block or disable for GVR...

Страница 219: ...ne the SNMP standards The most common standards for SNMP are SNMP v1 the original version of SNMP SNMP v2 and more recently SNMP v3 SNMP is a poll based mechanism SNMP manager polls the managed device...

Страница 220: ...ludes both data integrity and data origin authentication Authoritative SNMP engine One of the SNMP copies involved in network communication designated to be the allowed SNMP engine which protects agai...

Страница 221: ...et by a string match of the user name auth authenticates a packet by using either the HMAC MD5 algorithms priv authenticates a packet by using either the HMAC MD5 algorithms and encrypts the packet us...

Страница 222: ...NMPv2 Working Group RFC 1908 Coexistence between Version 1 and Version 2 of the Internet standard Network Management Framework SNMPv2 Working Group RFC 2271 2275 SNMPv3 RFC 2104 Keyed Hashing for Mess...

Страница 223: ...ew based access control model This allows any manager station to access the Magnum 6K switch either via SNMP v1 v2c or v3 The community name is public This command is only intended for first time user...

Страница 224: ...ned in RFC 2275 This command defines a manager or group or manager stations what it can access inside the MIB object tree On MNS 6K up to 10 entries can be specified Syntax show view id id display all...

Страница 225: ...Magnum6K25 snmp mgrip add ip 192 168 1 111 Manager IP Address added successfully Magnum6K25 snmp mgrip add ip 192 168 1 222 Manager IP Address added successfully Magnum6K25 snmp show snmp SNMP CONFIG...

Страница 226: ...222 SNMP TRAP STATIONS INFO IP Address 192 168 1 2 Trap Type SNMP RMON Magnum6K25 snmp exit Magnum6K25 show snmp SNMP CONFIGURATION INFORMATION SNMP Get Community Name public SNMP Set Community Name...

Страница 227: ...ocation lab Magnum6K25 snmpv3 quickcfg This will enable default VACM Do you wish to proceed Y or N Y Quick configuration done default VACM enabled Magnum6K25 snmpv3 engineid string Magnum6K Engine ID...

Страница 228: ...dd id 1 secname public source default community public Entry is added successfully Magnum6K25 snmpv3 com2sec add id 2 ERROR secname parameter is required for add directive Magnum6K25 snmpv3 com2sec ad...

Страница 229: ...v1 v1 1 2 public v2c 1 3 public usm 1 4 5 6 7 8 9 10 Magnum6K25 snmpv3 show group id 1 Group ID 1 Group Name v1 Model v1 Com2Sec ID 1 Magnum6K25 snmpv3 view add id 1 viewname all type included subtree...

Страница 230: ...e none exact 2 3 4 5 6 7 8 9 10 Magnum6K25 snmpv3 show access id 1 Access ID 1 Access Name v1 Sec Model v1 Sec Level noauth Read View ID 1 Write View ID none Notify View ID none Context Prefix exact M...

Страница 231: ...l connected network segments This allows for troubleshooting and optimizing your network The Magnum 6K family of switches provides hardware based RMON counters The switch manager or a network manageme...

Страница 232: ...string def comm string define the RMON alarm group and the community string associated with the group Syntax event def owner string def comm string define the RMON event group and the community strin...

Страница 233: ...nmp displays the SNMP configuration information Syntax setvar sysname syscontact syslocation string sets the system name contact and location All parameters are optional but a user must supply at leas...

Страница 234: ...play all or specific group entries id is optional and is the number corresponding to the group entry number in the table Syntax view add delete id id viewname name type included excluded subtree oid m...

Страница 235: ...associated with the group Syntax alarm def owner string def comm string define the RMON alarm group and the community string associated with the group Syntax event def owner string def comm string def...

Страница 236: ...ovision for tripping or activating an external relay to electrically trigger any circuit desired These could be an indicator light a flashing strobe light an audible alarm or any other such devices Th...

Страница 237: ...dition The relay will revert to closed position when the S RING goes to CLOSED position This information is covered in more details in Chapter 11 on S Ring and Link Loss Learn To customize these capab...

Страница 238: ...ent s Added 2 Magnum6K25 alarm add event 1 5 Event 2 is Already Enabled Alarm Event s Added 1 3 4 5 Magnum6K25 alarm add event 6 8 Alarm Event s Added 6 8 Magnum6K25 alarm add event all Event 1 is Alr...

Страница 239: ...ING OPEN SUSTAINED 2 Cold Start MOMENTARY 3 Warm Start MOMENTARY 4 Link Up MOMENTARY 5 Link Down MOMENTARY 6 Authentication Failure MOMENTARY 7 RMON Raising Alarm MOMENTARY 8 RMON Falling Alarm MOMENT...

Страница 240: ...D 6 Authentication Failure MOMENTARY 7 RMON Raising Alarm NOT ENABLED 8 RMON Falling Alarm MOMENTARY 9 Intruder Alarm MOMENTARY 10 Link Loss Learn Triggered MOMENTARY 11 Broadcast Storm Detected MOMEN...

Страница 241: ...de configuration and customization commands for users to specify SMTP server to connect to TCP ports user recipients and filters The SMTP alerts provide the following capabilities SMTP alerts can be e...

Страница 242: ...P server IP address This is the SMTP server to connect to for this particular user If this option is not defined the global default SMTP server is used port optional TCP port of the SMTP server If thi...

Страница 243: ...com 67 109 247 195 25 All All 2 3 4 5 Magnum6K25 smtp add id 2 email jsmith garrettcom com traps S events CF Recipient successfully added Magnum6K25 smtp show smtp recipients ID E mail Address SMTP S...

Страница 244: ...2 to jack garrettcom com from support garrettcom com subject test body hello Magnum6K25 smtp show smtp config SMTP Global Configuration Status Enabled SMTP Server IP 67 109 247 195 SMTP Server Port 25...

Страница 245: ...y to optimize the character delays so that the FIFO buffer used in the GarrettCom Magnum 6K family of switches is not overrun The important parameters to set for any serial connectivity software is to...

Страница 246: ...s out the history is erased The history count restarts when the user logs in again Syntax Up arrow every time the key is pressed the last command is printed on the screen but not executed This allows...

Страница 247: ...useful when a network administrator is managing multiple switches and has multiple telnet or console sessions open at the same time To facilitate this MNS 6K allows administrators to define custom pr...

Страница 248: ...5 192 168 5 5 Magnum6K25 192 168 5 5 set prompt Some bthing i Some thing192 168 5 5 set prompt Some bthing b i Some thing 192 168 5 5 FIGURE 135 Setting custom prompts Ping Ping command can be used fr...

Страница 249: ...ata and command connection request Most companies prefer passive ftp and GarrettCom MNS 6K provides means to operate in those environments System Events The Event Log records operating events as singl...

Страница 250: ...03 03 2005 9 31 59 A M TELNET Telnet Session Started I 03 03 2005 9 32 04 A M CLI manager console login A 03 03 2005 9 32 11 A M IGMP IGMP Snooping is enabled A 03 03 2005 9 35 40 A M IGMP IGMP Snoopi...

Страница 251: ...92 168 5 2 file eventlog doctype html Do you wish to export the event logs Y or N Y Successfully uploaded the event log file Magnum6K25 exportlog mode tftp 192 168 5 2 file eventlog txt doctype raw Do...

Страница 252: ...ters C DEVICE Failed to read saved system logs D DEVICE Ethernet DMA init failure F DEVICE Ethernet hardware error F DEVICE Ethernet interrupt init failure F DEVICE Unable to allocate ethernet memory...

Страница 253: ...d I RMON Event entry X is set to invalid I RMON Alarm entry X is set to valid I RMON Alarm entry X is set to invalid I SNMP Snmp snmpEnableAuthenTraps is set to enabled A SNMP Snmp snmpEnableAuthenTra...

Страница 254: ...based vlan started I VLAN Pvlan default vlan is modified I VLAN Tvlan Tag based vlan started I VLAN pvlan vlan X enabled I VLAN pvlan vlan X disabled I VLAN pvlan vlan X deleted I VLAN pvlan port bas...

Страница 255: ...For example if the packet with MAC address 00 0c F1 B9 D1 DC 2 above appears with this MAC address in the DST field the packet will be sent to port number 3 Also notice that there are other MAC addre...

Страница 256: ...ill be sent to recipient or a combination of I informational A activity C critical F fatal and D debug With event ACF implies that events of severity types activity critical and fatal will be sent to...

Страница 257: ...Syntax n repeat the n th command as indicated by a show history Syntax show history show the last 25 commands executed if less than 25 commands are executed only those commands executed are shown Syn...

Страница 258: ...same effect as physically turning off the power Syntax show setup show setup parameters Syntax show config show setup parameters configured Syntax enable user name changing the privilege level Syntax...

Страница 259: ...see if the switch had a pre configured IP address If it did the switch would be assigned that IP address If the switch did not have a pre configured IP address it would inspect if the IP address 192 1...

Страница 260: ...ing time Syntax setsntp server ipaddress timeout 1 10 retry 1 3 setup the SNTP server Syntax sync hour 0 24 min 0 59 setup the frequency at which the SNTP server is queried Syntax sntp enable disable...

Страница 261: ...pe app config oldconf script hosts log optional type field This is useful to specify whether a log file or host file is uploaded or downloaded This can also perform the task of exporting a configurati...

Страница 262: ...em parameters Syntax show time shows the system time Syntax show timezone shows the system timezone Syntax show date shows the system date Syntax show uptime shows the amount of time the switch has be...

Страница 263: ...show port security display port security settings Syntax action port num list range none disable drop action to perform in case of breach of port security Syntax signal port num list range none log tr...

Страница 264: ...1x parameters Syntax show auth config ports show the 802 1x configuration or port status Syntax authserver ip ip addr udp num secret string define the RADIUS server use UDP socket number if the RADIUS...

Страница 265: ...uthenticator waits to transmit another request for identification from the supplicant Default value is 30 Values can be from 1 to 65535 seconds Syntax reauth port num list range status enable disable...

Страница 266: ...pecifies the manager and operator level as defined on the TACACS server for the respective level of login Chapter 8 Port mirroring and setup Syntax show port mirror display port mirror settings Syntax...

Страница 267: ...the configuration including the VLAN configuration Syntax show vlan type port tag id vlanid display specific VLAN information Syntax set port port number list range default id number sets the default...

Страница 268: ...list range value 0 65535 cost is specific to a port and the port s have to be specified Syntax port port number list range status enable disable specific ports may not need to participate in STP proc...

Страница 269: ...orced version Syntax show timers show the values of the timers set for RSTP Syntax priority port number list range value 0 255 0 65535 specifies the port or switch level priority When a port s are spe...

Страница 270: ...the switch Syntax lll enable disable enable or disable LLL on the switch Syntax lll add port port list range enable LLL on the list of specified ports Syntax lll del port port list range disable LLL...

Страница 271: ...e LACP configuration module within CLI Syntax lacp enable disable enable or disable LACP Syntax add port number list range priority 0 65535 add the specified list of ports to form the logical LACP tru...

Страница 272: ...7 The 802 1p user priority assigned to untagged received packets to be transmitted as tagged from the priority queue Chapter 16 IGMP Syntax igmp IGMP configuration mode Syntax igmp enable disable enab...

Страница 273: ...shows whether GVRP is disabled along with the current settings for the maximum number of VLANs and the current Primary VLAN Syntax gvrp enable disable enable or disable GVRP Syntax show vlan list all...

Страница 274: ...MP v1 v2c or v3 The community name is public This command is only intended for first time users and values can be changed by administrators who want more strict access Syntax engineid string string Ev...

Страница 275: ...be specified Syntax show view id id display all or specific view entries id is optional and is the number corresponding to the view entry number in the table Syntax user add delete id id username name...

Страница 276: ...Syntax show smtp config recipients config displays the current SMTP global settings and recipients displays the currently configured recipients of email alerts Syntax add id 1 5 email email addr traps...

Страница 277: ...ck SMTP settings the email sent out by specifying the email subject field server address to field and the body of the text See example fo the body of the text message later in this chapter server mand...

Страница 278: ...llows for editing errors made in typing Syntax Down arrow opposite of Up arrow key Syntax set ftp mode normal passive set the ftp mode of operation Syntax show ftp display the current ftp operation mo...

Страница 279: ...n the screen but not executed This allows for editing errors made in typing access setup access configuration parameters action port num list range none disable drop action to perform in case of breac...

Страница 280: ...list allow specific IP address or range of addresses as a trusted host s allow mac address list range port num list range specify a specific MAC address or MAC address list auth configuration mode to...

Страница 281: ...ies the mapping from a source community pair to a security name On MNS 6K up to 10 entries can be specified command Enter options for a command community write write community read read community trap...

Страница 282: ...deny specific IP address or range of IP addresses device configure device and port specific settings dualhome enter the dual homing configuration sub system dualhome enable disable enable or disable d...

Страница 283: ...rol xonlimit value xofflimit value configure flow control buffers forceversion stp rstp set the STP or RSTP compatibility mode ftp get put list del type app config oldconf script host s log host hostn...

Страница 284: ...are allowed help command string help for a specific command history def owner string def comm string define the RMON history group and the community string associated with the group igmp IGMP configu...

Страница 285: ...ns allowed mode l2 normal Set the IGMP mode to be IGMP L2 mode or normal IGMP mode more enable disable show enable or disable the scrolling of lines one page at a time passwd user name changing a pass...

Страница 286: ...able enable or disable port security qos enter the QoS configuration mode quickcfg quick setup for snmpv3 configuration It automatically configures a default VACM view based access control model This...

Страница 287: ...aveconf mode serial tftp ftp ipaddress file name saving the configuration on the network using tftp ftp or serial protocols sendmail server ip addr to email addr from email addr subject string body st...

Страница 288: ...System Location i System IP m System MAC v Version Character r New Line b Space set serial baud rate data 5 6 7 8 parity none odd even stop 1 1 5 2 flowctrl none xonxoff set serial port parameters se...

Страница 289: ...ck set the port characteristics for IGMP Block drops the unregistered multicasts Forward forwards unregistered multicasts set port port number list range default id number sets the default VLAN id For...

Страница 290: ...f full auto enable disable flow enable disable bp enable disable status enable disable configure port settings set ports port port list range state learn block disable set the state of the port to lea...

Страница 291: ...levels have to be set and for QOS type ToS the ToS levels have to be set If the priority field is not set it then defaults to low priority ToS has 64 levels and the valid values are 0 63 and a tagged...

Страница 292: ...show address table displays which mac address is associated with which port for packet switching show active stp status whether STP or RSTP is running Show active snmp display the version of SNMP curr...

Страница 293: ...t settings show port mirror display port mirror settings show port security display port security settings show qos type port tag tos port port list range displays the QoS settings show rmon stats his...

Страница 294: ...amount the time elapsed since the last reboot or power failure show version displays the version of MNS 6K being used show vlan type port tag id vlanid display specific VLAN information show authtrap...

Страница 295: ...including dynamic VLANs on the switch signal port num list range none log trap logandtrap port to monitor and signal to send in case of breach of port security smtp configure the SNMP alerts to be sen...

Страница 296: ...num ip ip addr port tcp port encrypt enable disable key string mgrlevel level oprlevel level adds a list of up to five TACACS servers where add delete mandatory adds or delete a TACACS server id num...

Страница 297: ...a configuration file or uploading a new image to the switch host hostname ip ipaddress file filename parameters associated with tftp server for proper communications with the server upload and downlo...

Страница 298: ...ng access capabilities to the user for example to allow or not allow telnet access to the switch view add delete id id viewname name type included excluded subtree oid mask hex string a part of the Vi...

Страница 299: ...M A G N U M 6 K S W I T C H E S M N S 6 K U S E R G U I D E 298 Intentionally left blank...

Страница 300: ...or after April 24th End DST at 2am the first Sunday on or after October 25th Canada and Continental US Begin DST at 2am the first Sunday on or after April 1st End DST at 2am the first Sunday on or aft...

Страница 301: ...m Canada Chile Cuba Egypt France Finland Germany Greece Iraq Italy London Namibia Portugal Russia Spain Sweden Switzerland Syria USA Note as of Release 3 7 the new daylight saving times dates enforced...

Страница 302: ...U P D A T I N G M N S 6 K APPENDIX 4 APPENDIX 4 Updating MNS 6K Software Keep up to date The steps required to update the MNS 6K software on your Magnum switch are listed Intentionally left blank 301...

Страница 303: ...ot have a serial port you may want to invest in a USB to serial converter This is again available from LANstore or from GarrettCom Alternately a USB to serial cable can also be used This cable is avai...

Страница 304: ...t determine the version of the software on your switch To do that use the command show version after connecting to the switch and logging in as manager with the proper password If the password is lost...

Страница 305: ...member the file name and the directory where the MNS 6K software is stored This will be needed later for the upgrade irrespective of whether the MNS 6K software is updated via the serial port or over...

Страница 306: ...ort the login prompt you can type in the user name and password on the URL as follows ftp m6kuser m6kuser ftp garrettcom com 3 After successful login select the proper folder for downloading the prope...

Страница 307: ...nt the release is The release notes provide additional information on the latest features and functionality plus any other additional information not covered in the manuals FIGURE 143 Navigate to MNS...

Страница 308: ...6K switch The access can be over the console port using the null modem cable or through the network using telnet This is described in step 2 2 Save the existing configuration either through the seria...

Страница 309: ...num 6K switch can be accessed via the serial port or through the network using telnet For using telnet make sure the switch is configured with the proper IP address netmask and default gateway informa...

Страница 310: ...ct to a Magnum 6K switch with IP address 192 168 10 11 If the telnet command does not work check for network connectivity using the ping command Please ensure that a personal firewall or other firewal...

Страница 311: ...lt do not over write files If the file transfer fails check to see if the file name already exists or use a different file name with the saveconf command Also make sure the ftp or TFTP FTP services ar...

Страница 312: ...the Receive File is invoked as shown in Figure 8 follow the dialog to save the file in the proper directory with the proper name as shown in Figure 9 FIGURE 149 Make sure to select the Xmodem protocol...

Страница 313: ...orkstations computers can be one and the same To save using TFTP or FTP first ensure that you have the FTP or TFTP server set up and the switch can ping the TFTP or the FTP server For ftp services mak...

Страница 314: ...cked Check for network connectivity using the ping command If the connectivity is OK please contact your system or network administrator to unblock FTP or TFTP packets If that is not possible the alte...

Страница 315: ...iate users are informed of this outage Alternately if the S Ring technology is used the outage will not be noticeable and the switch will be re inserted in the S Ring after the upgrade is performed It...

Страница 316: ...wish to upgrade the image Y or N Y FIGURE 153 Upgrade using serial connection Once the upgrade process is started the VT100 emulation software e g HyperTerminal will ask for the file location Once th...

Страница 317: ...twork Access Prerequisites make sure the directory and the file name of the MNS 6K software image downloaded in steps 1 and 2 is known To upgrade using TFTP or FTP ensure that the FTP or TFTP server i...

Страница 318: ...n will not be visible and the boot code will not be automatically updated See step 4 updating boot code over the network on how to update the boot code manually Magnum6K25 show version MNS 6K Ver 3 4...

Страница 319: ...te the boot code A Accessing the switch Continue to use the access method defined in steps 1 2 and 3 Reloading the configuration The command used for restoring the original configuration is Syntax loa...

Страница 320: ...ing the help capabilities in MNS 6K This command can be executed by accessing the switch through the console port serial connection or through the network telnet to the switch Continue to use the netw...

Страница 321: ...E P 4 320 Make sure there is no power failure during the boot loader update If the boot code does not load properly please contact GarrettCom Inc technical support at 510 438 9071 email support garre...

Страница 322: ...75 262 263 allow mac 66 67 75 262 anycast address 60 app 46 47 260 282 297 auth 32 80 81 82 83 84 85 263 Authentication 219 Authentication Server 77 authenticator 77 79 80 81 85 86 263 264 Authentica...

Страница 323: ...281 Dual Homing 168 EAP 78 EAPOL 78 edit 108 114 122 181 185 266 270 281 edit port 181 185 270 281 enable 28 33 257 enable ps 69 engineid 222 226 232 273 Ethernet segments 103 Ethernet Statistics Gro...

Страница 324: ...learn port 66 75 262 Link Loss Learn 149 150 See LLL list 46 260 282 lll 161 162 167 269 LLL 149 150 158 161 162 167 269 lll add 161 167 269 lll del 161 162 167 269 loadconf 45 56 259 log 46 47 260 28...

Страница 325: ...904 221 RFC 1905 221 RFC 1906 221 RFC 1907 221 RFC 1908 221 RFC 2104 221 RFC 2271 221 RFC 2272 221 RFC 2273 221 RFC 2274 221 RFC 2275 221 RFC 3164 71 RFC 4541 202 RFC 821 239 RING_CLOSED 155 157 163 R...

Страница 326: ...259 set vlan 107 109 113 122 266 set egress 111 set forbid 215 216 272 set ingress 111 set leave 205 206 208 271 setport 80 81 85 93 94 95 99 101 263 265 set port 111 112 115 117 122 204 205 266 271 s...

Страница 327: ...pconfig 36 39 58 261 show ipv6 61 63 261 show lacp 181 182 183 184 185 270 show lll 161 167 269 show log 71 72 75 249 262 show port 95 98 101 191 265 show port mirror 93 101 265 show port security 66...

Страница 328: ...oup 219 SNMP user 219 SNMPv2c 218 219 snmpv3 222 226 232 272 sntp 44 45 56 sntp enable 45 s ring 160 165 166 167 269 286 S Ring ii 20 149 150 151 152 154 156 157 158 159 160 161 162 163 164 166 186 26...

Страница 329: ...187 188 189 193 271 trap 222 226 233 273 trigger reauth 84 86 264 UDP 80 81 82 85 87 263 UNKNOWN 161 user 40 223 229 233 274 useraccess 30 34 40 257 USM 221 223 233 274 VACM 221 222 223 226 232 233 27...

Отзывы: