GE MultiLink ML1600 Скачать руководство пользователя страница 105 | Manualshive

Страница: 105 / 324

background image

CHAPTER 6: ACCESS CONSIDERATIONS

CONFIGURING PORT SECURITY THROUGH THE COMMAND LINE INTERFACE

MULTILINK ML1600 ETHERNET COMMUNICATIONS SWITCH – INSTRUCTION MANUAL

6–9

6.2.2

Security Logs

All events occurring on the MultiLink family of switches are logged. The events can be
informational (e.g. login, STP synchronization etc.), debugging logs (for debugging network
and other values), critical (critical events), activity (traffic activity) and fatal events (such as
unexpected behavior). The specific types of logs can be viewed and cleared. The

show

log

command displays the log information and the

clear log

command clears the log

entries. The syntax for these commands is shown below:

show log

[1..5|informational|debug|fatal |critical|activity]

clear log

[informational|debug|activity |critical|fatal]

The

set logsize

command set the number of lines to be collected in the log before the

oldest record is re-written. The syntax for this command is:

set logsize

size=<1-1000>

Example 6-6 illustrates the

show log

and

clear log

commands. The

show log

command indicates the type of log activity in the S column. I indicates informational
entries and A indicates activities which are a result of port-security setup. Notice the

clear log informational

command clears the informational entries only.

The log shows the most recent intrusion at the top of the listing. If the log is filled when the
switch detects a new intrusion, the oldest entry is dropped off the listing.

As discussed in the prior section, any port can be set to monitor security as well as make a
log on the intrusions that take place. The logs for the intrusions are stored on the switch.
When the switch detects an intrusion on a port, it sets an “alert flag” for that port and
makes the intrusion information available.

Example 6-6: Security log commands

ML1600#

show log

S

Date

Time

Log Description

-

----

----

---------------

I

12-07-2004

9:01:34 A.M

CLI:manager console login

I

12-07-2004

5:54:23 P.M

SNTP:Date and Time updated from SNTP server

I

12-08-2004

6:09:00 P.M

SNTP:Date and Time updated from SNTP server

I

12-09-2004

1:48:56 P.M

TELNET:Telnet Session Started

I

12-09-2004

1:49:23 P.M

CLI:manager console login

I

12-09-2004

4:26:26 P.M

TELNET:Telnet Session Started

I

12-09-2004

4:26:34 P.M

CLI:manager console login

I

12-09-2004

6:23:37 P.M

SNTP:Date and Time updated from SNTP server

I

12-10-2004

6:38:13 P.M

SNTP:Date and Time updated from SNTP server

I

12-11-2004

10:16:24 A.M

TELNET:Telnet Session Started

I

12-11-2004

6:52:49 P.M

SNTP:Date and Time updated from SNTP server

I

12-12-2004

12:40:35 P.M

TELNET:Telnet Session Started

I

12-12-2004

12:40:42 P.M

CLI:manager console login

A

12-17-2004

12:05:52 P.M

PS:INTRUDER 00:e0:29:6c:a4: fd@port11, packet dropped

A

12-17-2004

12:07:04 P.M

PS:INTRUDER 00:50:0f:02:33: b6@port15, packet dropped

A

12-17-2004

12:07:16 P.M

PS:INTRUDER 00:e0:29:2a:f0: 3a@port15, packet dropped

ML1600#

clear log informational

Clear Logged Events? ['Y' or 'N']

ML1600#

show log

S

Date

Time

Log Description

-

----

----

---------------

A

12-17-2004

12:05:52 P.M

PS:INTRUDER 00:e0:29:6c:a4: fd@port11, packet dropped

A

12-17-2004

12:07:04 P.M

PS:INTRUDER 00:50:0f:02:33: b6@port15, packet dropped

A

12-17-2004

12:07:16 P.M

PS:INTRUDER 00:e0:29:2a:f0: 3a@port15, packet dropped

«
...
103
104
105
106
107
...
»

Содержание MultiLink ML1600

Страница 1: ...113041J Copyright 2008 GE Multilin IISO9001 2000 G E M ULTILI N R E GISTERE D GE Multilin s Quality MGMNT System is registered to ISO9001 2000 QMI 005094 UL A3775 GE Consumer Industrial Multilin GE Multilin 215 Anderson Avenue Markham Ontario Canada L6E 1B3 Tel 905 294 6222 Fax 905 201 2098 Internet http www GEmultilin com 1601 0221 AA ...

Страница 2: ... given with respect to local codes and ordinances because they vary greatly 2008 GE Multilin Incorporated All rights reserved GE Multilin Multilink ML1600 instruction manual for revision 3 x Multilink ML1600 is a registered trademark of GE Multilin Inc The contents of this manual are the property of GE Multilin Inc This documentation is furnished on license and may not be reproduced in whole or in...

Страница 3: ...SS CONFIGURATION 1 9 SETTING THE IP PARAMETERS 1 10 PRIVILEGE LEVELS 1 12 USER MGMNT 1 12 HELP 1 13 EXITING 1 15 ENERVISTA SECURE WEB MGMNT 1 16 LOGGING IN FOR THE FIRST TIME 1 16 PRIVILEGE LEVELS 1 17 USER MGMNT 1 17 MODIFYING THE PRIVILEGE LEVEL 1 20 HELP 1 20 EXITING 1 21 ML1600 SOFTWARE UPDATES 1 22 UPDATING MULTILINK SOFTWARE 1 22 SELECTING THE PROPER VERSION 1 22 UPDATING THROUGH THE COMMAND...

Страница 4: ...KETS 3 6 ELECTRICAL INSTALLATION 3 8 POWERING THE ML1600 3 8 UL REQUIREMENTS FOR DC POWERED UNITS 3 8 ALARM CONTACTS 3 9 CONNECTING A MGMNT CONSOLE TERMINAL TO THE ML1600 3 10 DESCRIPTION 3 10 4 OPERATION FUNCTIONALITY 4 1 SWITCHING FUNCTIONALITY 4 1 FILTERING AND FORWARDING 4 1 ADDRESS LEARNING 4 2 STATUS LEDS 4 2 UP LINK MANUAL SWITCHES FOR RJ45 PORT ONLY 4 2 AUTO NEGOTIATION FOR FAST ETHERNET C...

Страница 5: ...ION 6 1 PASSWORDS 6 1 PORT SECURITY FEATURE 6 2 CONFIGURING PORT SECURITY THROUGH THE COMMAND LINE INTERFACE 6 3 COMMANDS 6 3 SECURITY LOGS 6 9 AUTHORIZED MANAGERS 6 10 CONFIGURING PORT SECURITY WITH ENERVISTA SOFTWARE 6 12 COMMANDS 6 12 LOGS 6 14 AUTHORIZED MANAGERS 6 15 7 ACCESS USING RADIUS INTRODUCTION TO 802 1X 7 1 DESCRIPTION 7 1 802 1X PROTOCOL 7 1 CONFIGURING 802 1X THROUGH THE COMMAND LIN...

Страница 6: ...OUGH THE COMMAND LINE INTERFACE 10 4 DESCRIPTION 10 4 COMMANDS 10 4 EXAMPLE 10 5 CONFIGURING PORT VLANS WITH ENERVISTA SECURE WEB MANAGEMENT SOFTWARE 10 9 DESCRIPTION 10 9 CONFIGURING TAG VLANS THROUGH THE COMMAND LINE INTERFACE 10 13 DESCRIPTION 10 13 COMMANDS 10 13 EXAMPLE 10 14 CONFIGURING TAG VLANS WITH ENERVISTA SOFTWARE 10 20 DESCRIPTION 10 20 11 VLAN REGISTRATION OVER GARP OVERVIEW 11 1 DES...

Страница 7: ...ND QOS 14 2 IP PRECEDENCE 14 2 CONFIGURING QOS THROUGH THE COMMAND LINE INTERFACE 14 4 COMMANDS 14 4 EXAMPLE 14 6 CONFIGURING QOS WITH ENERVISTA SECURE WEB MANAGEMENT SOFTWARE 14 9 DESCRIPTION 14 9 15 IGMP OVERVIEW 15 1 DESCRIPTION 15 1 IGMP CONCEPTS 15 1 IP MULTICAST FILTERS 15 4 RESERVED ADDRESSES EXCLUDED FROM IP MULTICAST IGMP FILTERING 15 5 IGMP SUPPORT 15 5 CONFIGURING IGMP THROUGH THE COMMA...

Страница 8: ...ANDS 17 12 PING 17 13 PING THROUGH THE COMMAND LINE INTERFACE 17 13 PING THROUGH ENERVISTA SECURE WEB MANAGEMENT SOFTWARE 17 13 PROMPT 17 14 CHANGING THE COMMAND LINE PROMPT 17 14 SYSTEM EVENTS 17 15 DESCRIPTION 17 15 COMMAND LINE INTERFACE EXAMPLE 17 15 ENERVISTA EXAMPLE 17 16 SUBSYSTEM EVENT LIST 17 17 COMMAND REFERENCE 17 21 MAIN COMMANDS 17 21 CONFIGURATION COMMANDS 17 23 18 MODBUS PROTOCOL MO...

Страница 9: ...e should contain MultiLink ML1600 Ethernet Switch base unit configured with user selected port module options installed Set of two vertical mount brackets with mounting screws Installation and user guide this manual Remove the items from the shipping container Be sure to keep the shipping container should you need to re ship the unit at a later date To validate the product warranty please complete...

Страница 10: ...0 100 Mb RJ45 copper AF AF 2 10 Mb ST mm fiber and 2 100 Mb ST mm fiber AH AH 8 100 Mb MTRJ mm fiber AJ AJ 4 100 Mb MTRJ mm fiber 4 10 100 Mb RJ45 copper AK AK 2 100 Mb MTRJ mm fiber 6 10 100 Mb RJ45 copper G3 G3 1 1000 Mb SC mm fiber 2km 2 100 Mb SC mm fiber G4 G4 1 1000 Mb SC mm fiber 2km 4 RJ45 10 100 Mb RJ45 copper G5 G5 2 1000 Mb SC mm fiber 2km GC GC 2 100 Mb SC mm fiber 1 1000 Mb RJ45 coppe...

Страница 11: ...1d Spanning tree protocol IEEE 802 1q VLAN tagging IEEE 802 3x Flow control MAXIMUM 10 MBPS ETHERNET SEGMENT LENGTHS Unshielded twisted pair 100 m 328 ft Shielded twisted pair 150 m 492 ft 10Base FL multi mode fiber optic 2 km 6562 ft 10Base FL single mode fiber optic 10 km 32810 ft MAXIMUM STANDARD FAST ETHERNET SEGMENT LENGTHS 10Base T CAT 3 4 5 UTP 100 m 328 ft 100Base TX CAT 5 UTP 100 m 328 ft...

Страница 12: ... Min Max DC Voltage 36 60 V DC HIGH RANGE HI and AC Power Supply Nominal DC Voltage 110 to 250 V DC Min Max DC Voltage 88 300 V DC Nominal AC Voltage 100 to 240 V AC Min Max AC Voltage 85 265 V AC Input current fiber LO 1 59 A maximum HI 1 8 A maximum for AC voltage 0 9 A maximum for DC voltage AC 1 8 A maximum Standard terminal block internally floating Ground Terminal for filter ground wire exte...

Страница 13: ...heet metal Dimensions 1 94 in 9 25 in 10 24 in H W D 4 92 cm 23 5 cm 26 0 cm H W D 1 3 4 Approvals and Warranty APPROVALS FCC Emissions meet FCC part 15 class A NEBS level 3 ETSI certified for carrier central offices IEEE IEEE P1613 environmental standard for electric power substations IEC IEC61850 EMC and operating conditions class C for power substations CE EN 50082 1 EN 55022 1998 EN 60950 3rd ...

Страница 14: ...ameter 2 can be used optionally only if parameter 1 is specified parameter 3 is mandatory Whenever the word PC is used it implies a UNIX Linux Windows or any other operating system based workstation computer personal computer laptop notebook or any other computing device Most of the manual uses Windows XP based examples While effort has been made to indicate other operating system interactions it ...

Страница 15: ...rity decide on a manager level account name and password 6 IP address netmask default gateway for the switch being configured As a default the switch has no IP Internet Protocol address and subnet mask For first time use the IP address has to be assigned This can only be done by using the console interface provided The same procedure can also be used for other configuration changes or updates for ...

Страница 16: ...Once the switch is configured with an IP address the command line interface or CLI is also accessible using telnet as well as the serial port Access to the switch can be either through the console interface or remotely over the network Simultaneous access that is through the console port as well as through the network to the MultiLink switch is not permitted The Command Line Interface CLI enables ...

Страница 17: ...1 5 4 Logging in for the First Time For the first time use the default user name and passwords assigned by GE They are Username manager Password manager Username operator Password operator We recommend you login as manager for the first time to set up the IP address as well as change user passwords or create new users 1 5 5 Automatic IP Address Configuration The ML1600 is operational immediately a...

Страница 18: ...twork the switch will assign itself an IP address The ML1600 will check to see if IP address 192 168 1 2 with a network mask of 255 255 255 0 is free If so it will assume these values If this IP address is assigned to another device the ML1600 will repeat steps 1 through 3 to find a DCHP or BOOTP server or wait for the 192 168 1 2 address to become free Once connected the browser will display a lo...

Страница 19: ...onfig ip 3 94 247 41 mask 255 255 252 0 dgw 3 94 247 41 ML1600 save Note This manual assumes the reader is familiar with IP addressing schemes net masks and how default gateways and routers are used in a network Reboot gives an opportunity to save the configuration prior to shutdown For a reboot simply type in the command reboot Note that even though the passwords are not changed they can be chang...

Страница 20: ...lege increases with the levels For example to set up a user for basic monitoring capabilities use lower number or operator level privilege level 1 The Manager level provides all operator level privileges plus the ability to perform system level actions and configuration commands To select this level enter the enable user name command at the Operator level prompt and enter the Manager password when...

Страница 21: ...y a password is shown below passwd user name The following example changes the password for user peter ML1600 user passwd user peter Enter New Password Confirm New Password Password has been modified successfully ML1600 user The syntax to modify the privilege level for a specific user is shown below chlevel user name level number The following example modifies the privilege level of user peter to ...

Страница 22: ... 23 min 0 59 sec 0 59 zone GMT hh mm ML1600 The options for a specific command can be displayed by typing the command and pressing enter The following syntax applies command Enter For example the options for the show command are ML1600 show Enter Usage show active stp show active snmp show active vlan show address table show age show alarm show arp show auth config ports show backpressure show boo...

Страница 23: ...ML1600 In the following example the TAB key completes the command ML1600 se TAB password timeout vlan ML1600 set 1 5 10 Exiting To exit from the CLI interface and terminate the console session use the logout command This command prompts to ensure that the logout was not mistakenly typed The following syntax applies logout The following example illustrates logging out from a session ML1600 logout L...

Страница 24: ... to the switch Note Make sure you use HTTPS secure HTTP and not HTTP in the URL In the example shown in the previous section the URL is https 3 94 247 41 If your site uses name services you can use a name instead of the IP address Please make sure that the name is resolved to the IP address assigned to the switch The secure site will issue the certificate check shown below FIGURE 1 2 Security cert...

Страница 25: ...ews of the current configurations but do not allow changes to the configuration Manager privilege users manager privileges allow configuration changes The changes can be done at the manager prompt or for global configuration as well as specific configuration 1 6 3 User MGMNT A maximum of five users can be added per switch Users can be added deleted or changed from a manager level account There can...

Страница 26: ...ILINK ML1600 ETHERNET COMMUNICATIONS SWITCH INSTRUCTION MANUAL ENERVISTA SECURE WEB MGMNT CHAPTER 1 INTRODUCTION In the example below the user peter was added with manager privilege after clicking the add button ...

Страница 27: ...TCH INSTRUCTION MANUAL 1 19 After successfully adding a user the added user is displayed in the list of users as shown below Z To delete a user click on the delete icon as shown below The software will prompt to verify the delete command Z To modify the password view the users as described above ...

Страница 28: ...er was selected for modification The password for peter will be modified after the new password is entered 1 6 4 Modifying the Privilege Level Privilege levels cannot be changed from the EnerVista Secure Web MGMNT SWM software This can only be done through the CLI interface or alternately by deleting the user and adding the same user with the proper privilege level 1 6 5 Help Help for the EnerVist...

Страница 29: ...E WEB MGMNT MULTILINK ML1600 ETHERNET COMMUNICATIONS SWITCH INSTRUCTION MANUAL 1 21 Z Click on the Help icon as shown below 1 6 6 Exiting Z To exit or logout click on the logout button To confirm the logout Z Select OK in the pop up window ...

Страница 30: ...ace 5 Manager level account name and password of the switch being upgraded 6 An internet connection Ensure the connection does not block ftp file transfers 1 7 2 Selecting the Proper Version Ensure that the proper version of the MultiLink Switch Software is installed The latest version of the software is available at http www GEmultilin com 1 Connect to the ML1600 and login as manager 2 Enter the ...

Страница 31: ...e Transfer Send File menu item Z As shown below enter the location of the new software file Z Select the Xmodem protocol Z Select the Send button and to begin the file transfer Z Once the file transfer is completed reboot the switch with the reboot command or by cycling power Z Login to the switch and use the show version command to verify and upload the configuration file if necessary 1 7 4 Updat...

Страница 32: ...ate save the configuration to the ftp server load the new image and restart the switch refer to Saving Configuration on page 5 19 for details on saving the configuration Z Load the new software as shown below As the file is being loaded the software will display the transfer in progress window Z Reboot the switch when the transfer is complete After reboot the software is ready for use Z If using T...

Страница 33: ...ERNET COMMUNICATIONS SWITCH INSTRUCTION MANUAL 1 25 Z Load the new software as shown below As the file is being loaded the software will display the transfer in progress window Z Reboot the switch when the transfer is complete After reboot the software is ready for use ...

Страница 34: ...1 26 MULTILINK ML1600 ETHERNET COMMUNICATIONS SWITCH INSTRUCTION MANUAL ML1600 SOFTWARE UPDATES CHAPTER 1 INTRODUCTION ...

Страница 35: ...ingle mode and 10 100 Mb auto negotiating RJ45 ports Standard GBIC ports can be configured for a variety of Gigabit cabling types and distances High performance features include non blocking speed on all ports and 802 1p QoS Traffic Prioritization The MultiLink ML1600 switches are plug and play ready for use as backbone switches where a mix of bursty data traffic and priority streaming traffic for...

Страница 36: ...trol systems power utilities and industrial factory floors For the fast growing demands of video surveillance systems with segments requiring Gigabit backbone interconnections the ML1600 managed switches are easy to install and operate The next generation of industrial applications will need advanced managed network software operation at extended temperatures fiber ports modularity support for sel...

Страница 37: ...ports and under each port is a link LED In both cases the number of status LEDs is the same for each port There are three LEDs per fiber port The Link LK LED when lit indicates ready for operation on that port the F H LED indicates operation in full duplex mode when ON half duplex when OFF and the blinking ACT LED indicates receiving activity on the port A fiber cable must be connected to the port...

Страница 38: ... same On the six port combo modules there are four LEDs for each RJ45 port which indicate status the same as described in the previous section There are three LEDs per fiber port The Link LK LED when lit indicates ready for operation on that port the F H LED indicates operation in full duplex mode when ON half duplex when OFF and the blinking ACT LED indicates receiving activity on the port A fibe...

Страница 39: ...rating conditions on that port Using the ML1600 MGMNT software the user may disable auto negotiation and fix the desired operation of each RJ45 port User may select the 10 or 100 Mb speed and full or half duplex mode per port as per the user requirement The combo eight port modules are combinations of copper and fiber media available in the configurations shown below AA module 4 100 Mb LC mm fiber...

Страница 40: ... minimal frame latency they will also permit bad frames to propagate out to the Ethernet segments connected The cut through technique permits collision fragment frames which are a result of late collisions to be forwarded which add to the network traffic Since there is no way to filter frames with a bad CRC the entire frame must be present in order for CRC to be calculated the result of indiscrimi...

Страница 41: ...monitor basic operations One is for hardware and will signal loss of power internally The other is software controllable and will signal user defined software events such as a security violation Heavy duty design for industrial Ethernet and extended temperature operation Fiber ports take more power than copper ports but the ML1600 design provides for this with heavy duty components The ambient tem...

Страница 42: ...ion is particularly useful in the telecommunication industry where it is common for facilities to operate on 48 V DC power Such companies include regular and wireless telephone service providers Internet Service Providers ISPs and other communication companies In addition many high availability equipment services such as broadcasters publishers newspaper operations brokerage firms and other facili...

Страница 43: ...roof fiber media can easily connect long distance subnets and provide a stable secure network to all applications The SNMP MGMNT capability of the ML1600 helps create a database of all the network subnets to easily manage the network FIGURE 2 4 Typical factory floor application with the ML1600 2 4 3 Redundant Ring Topology In another application a managed network is needed to provide a Redundant r...

Страница 44: ...cations Environment In a telecommunications environment 12 port Nebs compliant 48 V DC operated managed switch is required to meet the fiber and copper connection to store sensitive data The switch must be SNMP enabled and managed The ML1600 qualifies for this requirement Loaded with MGMNT software the ML1600 provides a very effective and economical solution for the carrier class space environment...

Страница 45: ...CHAPTER 2 PRODUCT DESCRIPTION APPLICATIONS MULTILINK ML1600 ETHERNET COMMUNICATIONS SWITCH INSTRUCTION MANUAL 2 11 FIGURE 2 6 ML1600 in a telecommunications environment 754707A1 CDR ...

Страница 46: ...2 12 MULTILINK ML1600 ETHERNET COMMUNICATIONS SWITCH INSTRUCTION MANUAL APPLICATIONS CHAPTER 2 PRODUCT DESCRIPTION ...

Страница 47: ...stem 4 Verify the equipment s power requirements to prevent overloading of electrical circuits 5 Verify that the equipment has a reliable and uncompromised grounding path 6 Equipment is to be installed by service personnel in a restricted operation area This chapter describes installation of the MultiLink ML1600 Ethernet Switch as well as connection of the various Ethernet media types 3 1 2 Locati...

Страница 48: ...d in alcohol Ensure the connectors are clean before proceeding Note One strand of the duplex fiber optic cable is coded using color bands at regular intervals The color coded strand must be used on the associated ports at each end of the fiber optic segment 3 Connect the transmit TX port on the module light colored post to the receive RX port of the remote device Begin with the color coded strand ...

Страница 49: ...ecommended that high quality CAT 5 cables which work with 10 Mb and 100 Mb be used whenever possible to provide flexibility in a mixed speed network as dual speed ports are auto sensing for 10 and 100 Mb s The following procedure describes how to connect a 10Base T or 100Base TX twisted pair segment to the RJ45 port The procedure is the same for both unshielded and shielded twisted pair cables 1 U...

Страница 50: ...lthough the connector is shielded either unshielded or shielded cables may be used 2 Connect the other end of the cable to the corresponding device 3 Use the LINK LED to ensure connectivity by noting that the LED will be illuminated when the unit is powered and connection is established 3 2 6 Connecting Gigabit Media using GBICs The Gigabit ports accept industry standard GBICs for user selection o...

Страница 51: ...rear corners of the unit Two threaded holes are provided on the sides of ML1600 for DIN rail mounting purposes Two 10 32 3 8 PHIL PAN with star washer screws are included with the DIN rail brackets The two heavy duty DIN rail latches are designed to be manually accessible from the top when the unit is installed on a DIN rail FIGURE 3 2 DIN rail latch detail To install the ML1600 with the DIN rail ...

Страница 52: ... to be ordered as separate items 3 3 2 Mounting Dimensions with Metal Brackets Each MultiLink ML1600 is supplied with metal mounting brackets and screws to mount the unit securely It is recommended to mount the ML1600 vertically for proper cooling and long life reliability It is also advisable to mount the unit with space for air movement around the top and the sides typically a minimum of 1 inch ...

Страница 53: ...CHAPTER 3 INSTALLATION MECHANICAL INSTALLATION MULTILINK ML1600 ETHERNET COMMUNICATIONS SWITCH INSTRUCTION MANUAL 3 7 FIGURE 3 4 ML1600 mounting dimensions 754711A1 CDR ...

Страница 54: ... terminals positive and negative screws Please ensure correct polarity and that each lead is securely tightened FIGURE 3 5 Power connection and alarm contacts Note Always use a voltmeter to measure the voltage of the incoming power supply and properly determine the positive or negative leads Note The GND should be hooked up first The ML1600 has a floating ground so the user may elect to ground eit...

Страница 55: ...t top position is a software alarm operated by user settings in the ML1600 software The user can disable the software alarm feature with a software configuration command if desired When the software alarm is enabled the form A normally closed NC contact is held close during normal software operation A user defined software malfunction such as an SNMP trap or a software security violation or an S R...

Страница 56: ...software manual publication number GEK 113043 Note Console cables may be purchased as a separate items They are not included with the unit FIGURE 3 6 ML1600 console port The pin assignment for the console port are indicated in the following table This information enables a MGMNT station PC or console terminal to connect directly to the switch console using a straight through serial cable Table 3 2...

Страница 57: ... 10 or 100 Mbps selection for the switched ports must be configured through software as per the requirement The internal functions of both are described below 4 1 2 Filtering and Forwarding Each time a packet arrives on one of the switched ports the decision is taken to either filter or to forward the packet Packets whose source and destination addresses are on the same port segment will be filter...

Страница 58: ...either used for all copper module or combo module 4 1 6 Auto negotiation for fast Ethernet copper ports The managed ML1600 Fast Ethernet copper ports can be set for either fixed 100 Mb speed or for 10 100 full half duplex n way auto negotiation per the IEEE802 3u standard The selection is made via the ML1600 software The factory default setting is for auto negotiation At 10 or 100 Mb fixed speed t...

Страница 59: ...y be occasionally encountered When operating in 100 Mb half duplex mode cable distances and hop counts may be limited within that collision domain The Path Delay Value PDV bit times must account for all devices and cable lengths within that domain For MultiLink fast Ethernet switched ports operating at 10 0Mb half duplex the bit time delay is 50BT 4 1 7 Flow Control IEEE 802 3x The ML1600 incorpor...

Страница 60: ...esigners and installers Table 4 1 Cable losses Cable size Mode Cable loss 62 5 125 μm multi mode 2 8 dB km 50 125 μm multi mode 2 8 dB km 100 140 μm multi mode 3 3 dB km 9 125 μm single mode 0 5 dB km 0 4 dB km LXSC25 0 25 dB km LXSC40 0 2 dB km LXSC70 OPB Pt min PR min OPBworst OPB 1dB LED aging 1dB insertion loss distanceworst worst case OPB in dB cable loss in dB km Table 4 2 Power budget value...

Страница 61: ...is the sum of cable loss LED aging loss insertion loss and safety factor AG 100 Mb FX single 18 0 4 km 1310 nm 9 125 μm 20 dB 31 dB 9 0 dB 18 km 12 5 dB 25 km G3 G4 G5 1000 Mb multi 0 55 km 1300 nm 62 5 125 μm 50 125 μm 9 5 dB 17 dB 5 5 dB 2 km 12 5 dB 4 km GC 100 Mb FX multi 2 0 4 km 1310 nm 62 5 125 μm 50 125 μm 20 dB 23 5 dB 31 dB 31 dB 9 0 dB 5 5 dB 3 0 km 2 0 km 14 dB 12 dB 5 0 km 4 0 km GF G...

Страница 62: ...g installation about 90 of network downtime can be attributed to wiring and connector problems 3 If the problem is isolated to a network device other than the ML1600 it is recommended that the problem device be replaced with a known good device Verify whether or not the problem is corrected If not go to the next step If the problem is corrected the ML1600 and its associated cables are functioning ...

Страница 63: ...ny SNMP Network MGMNT software to manage the switch Use NTP protocol or an NTP server to synchronize the time on the switch Use TFTP or FTP to download the configurations or upload software updates Run ping tests to test connectivity To set the IP address please refer to Setting the IP Parameters on page 1 10 Once the IP address is set the CLI can be accessed via telnet as well as the console inte...

Страница 64: ...SSING To verify the IP address using the EnerVista Secure Web Management software select the Administration System menu item to view and edit the IP address information Besides manually assigning IP addresses there are other means to assign an IP address automatically The two most common procedures are using DHCP and bootp ...

Страница 65: ... supported in a database a simple text file On most systems the bootp service is not started as a default and has to be enabled A sample entry by which the bootp software will look up the database and update the IP address and subnet mask of the switch would be as follows ML1600 ht ether ha 002006250065 ip 3 94 247 41 sm 255 255 252 0 gw 3 94 244 1 hn vm rfc1048 where ML1600 switch is a user defin...

Страница 66: ...iguration file from the bootp server This is useful when a new switch is put on a network and the specific configurations are loaded from a centralized bootp server The following example changes the boot mode of the switch ML1600 set bootmode type bootp bootimg enable bootcfg disable Network application image download is enabled Network application config download is disabled Save Configuration an...

Страница 67: ...yntax telnet enable disable Telnet can also be disabled for specific users with the useraccess command Refer to User MGMNT on page 1 12 for details Multiple telnet sessions started from the CLI interface or the command line are serviced by the ML1600 in a round robin fashion that is one session after another If one telnet session started from an ML1600 is downloading a file the other windows will ...

Страница 68: ... user exit ML1600 show session Current Sessions SL Sessn Id Connection User Name User Mode 1 1 163 10 10 14 manager Manager 2 2 163 11 11 1 peter Manager 3 3 163 12 12 16 operator Operator ML1600 kill session id 3 Session Terminated ML1600 In the above example the user with username peter is given telnet access Then multiple users telnet into the switch This is shown using the show session command...

Страница 69: ...DDRESS MULTILINK ML1600 ETHERNET COMMUNICATIONS SWITCH INSTRUCTION MANUAL 5 7 To start a telnet session through the EnerVista Secure Web Management software select the Administration Telnet menu item The default port i e port 23 is used for telnet ...

Страница 70: ... connectivity The terminal software parameters e g HyperTerminal will also have to be changed to match the new settings To see the current settings of the serial port use the show serial command to query the serial port settings as illustrated below ML1600 show serial Baud Rate 38400 Data 8 Parity No Parity Stop 1 Flow Control None 5 3 2 System Parameters The system parameters can be queried and c...

Страница 71: ...ct and System Information This is helpful for identifying the administrator responsible for the switch and for identifying the locations of individual switches To set these variables change the mode to be SNMP configuration mode from the manager mode using the following syntax snmp setvar sysname syscontact syslocation string The following command sequence sets the system name system location and ...

Страница 72: ... Canada Success in setting daylight savings to the given location country Canada ML1600 show daylight Daylight savings location name Canada ML1600 The date and time can only be set through the command line interface software 5 3 4 Network Time Many networks synchronize the time using a network time server The network time server provides time to the different machines using the Simple Network Time...

Страница 73: ...used ML1600 sntp ML1600 sntp setsntp server 3 94 210 5 timeout 3 retry 3 SNTP server is added to SNTP server database ML1600 sntp sync hour 5 ML1600 sntp sntp enable SNTP is already enabled ML1600 sntp exit ML1600 sntp SNTP parameters can be configured through the EnerVista Secure Web Management software with the Configuration SNTP menu item The SNTP menu allows the time zone hours from GMT to be ...

Страница 74: ... an SNTP server the time out in seconds and the number of retries before the time synchronization effort is aborted The Sync Now button allows synchronization as soon as the server information is added Note If your site has internet access there are several SNTP servers available online A quick search will yield information about these servers You can use the IP address of these servers however pl...

Страница 75: ...r other alternative methods can be used In most situations the filename must be a unique since overwriting files is not permitted by most ftp and tftp servers or services Only alphanumeric characters are allowed in the filename The following example illustrated how to save the configuration on a tftp server ML1600 saveconf mode tftp 3 94 240 9 file ml1600set Do you wish to upload the configuration...

Страница 76: ... configuration of GE MultiLink switches settings GE Multilin Inc recommends that modifications of this file and the commands should be verified by the User in a test environment prior to use in a live production network All modifications are made at the User s own risk and are subject to the limitations of the GE MultiLink software End User License Agreement EULA Incorrect usage may result in netw...

Страница 77: ...atched Should you want to edit edit the System portion of the file only GE Multilin Inc recommends editing the script file see below 2 File names cannot have special characters such as space and control characters SYSTEM Edit below this line only system_name ML2400 system_contact support gemultilin com system_location Markham Ontario boot_mode manual system_ip 192 168 5 5 system_subnet 0 0 0 0 sys...

Страница 78: ...nfiguration or to view specific modules configured the show config command is used as described below Syntax show config module module name Where module name can be If the module name is not specified the whole configuration is displayed Name Areas affected system IP Configuration Boot mode Users settings e g login names passwords event Event Log and Alarm settings port Port settings Broadcast Pro...

Страница 79: ...utput System Manager This area configures System related information SYSTEM Edit below this line only system_name Main system_contact someone joe com system_location Markham Ontario boot_mode manual system_ip 192 168 1 15 system_subnet 0 0 0 0 system_gateway 192 168 1 11 idle_timeout 10 telnet_access enable snmp_access enable web_access enable more ...

Страница 80: ... show config command ML2400 show config module snmp HARDWARE type ML2400 slotB 8 Port TP Module Network Management This area configures the SNMPv3 agent SNMP engineid LE_v3Engine defreadcomm public defwritecomm private deftrapcomm public authtrap disable com2sec_count 0 group_count 0 view_count 1 view1_name all view1_type included view1_subtree 1 view1_mask ff more ...

Страница 81: ...configuration Without a reboot the ML1600 used the previous configuration When reboot is selected the user is prompted as follows Reboot Y or N Select Y The ML1600 will prompt Save Current Configuration Select N ML2400 show config module snmp system HARDWARE type ML2400 slotB 8 Port TP Module System Manager This area configures System related information SYSTEM Edit below this line only system_nam...

Страница 82: ...n in old v2 format and new v3 format The v3 format must be used to utilize the ASCII and CLI Script capability save format v2 v3 Note With release 1 7 and higher the configuration can be saved in the older format binary object or in a new format as an ASCII file The new format is recommended by GE Multilin Use the old format only if there are multiple MultiLink switches on the network running diff...

Страница 83: ...se duplication or disclosure is subject to U S Government restrictions as set forth in Sub division b 3 ii of the rights in Technical Data and Computer Software clause at 52 227 7013 This file is provided as a sample template to create a backup of GE MultiLink switches configurations As such this script provides insights into the configuration of GE MultiLink switch s settings GE Multilin Inc reco...

Страница 84: ...P address on the receiving Switch before connecting to the network After configuration changes are made all the changes are automatically saved It is a good practice to save the configuration on another server on the network using the tftp or ftp protocols Once the configuration is saved the saved configuration can be reloaded to restore the settings At this time the saved or loaded configuration ...

Страница 85: ...menus several operations can take place as shown in the figure below and summarized below These operations can take place from the FTP or TFTP servers on the network as shown above The different operations possible with ftp and tftp are shown below The file transfer operations allowed are 1 Image Download or Image Upload Copy the ML1600 image from switch to the server or from the server to the swi...

Страница 86: ...nds needed to configure the ML1600 4 Host Download or Host Upload Save the host information The hosts are created by the Configuration Access Host commands 5 Log Upload Save the log file on the ftp tftp server To save any changes Z Click on the save icon The software will ask again if the changes need to be saved or ignored Z If the changes need to be ignored click on Cancel and reboot the switch ...

Страница 87: ...d of typing in IP addresses of commonly reached hosts the ML1600 allows hosts to be created with the necessary host names IP addresses user names and passwords Use the Configuration Access Host menu to create host entries as shown below To add a host Z Click the Add button Z Fill in all the fields below to create the necessary host entries ...

Страница 88: ...h entry shown above 5 4 8 Erasing Configuration Kill Config option using SWM To erase the configuration and reset the configurations to factory defaults you can use the kill config option from Administration tab by selecting kill config Note User also has the option to save one module from defaulting back to factory defaults by checking the module box before issuing kill Config command ...

Страница 89: ...mand is issued by pressing the OK button the Switch will perform a factory dump restoring all the Switch settings back to factory defaults except for the System settings which will be retained When the OK button is pressed the Switch will issue the following warning messages and reboot the switch for it to revert back to the factory default settings with the exceptions of modules opted not to be d...

Страница 90: ...onfig save module command The kill Config command will default all the Switch settings back to factory defaults while the kill config save module will default all with the exception of module selected Available modules are system user acces port vlan ps mirror lacp slp and igmp Name Areas affected System IP Configuration Boot mode User Users settings e g login names passwords Port Port settings Br...

Страница 91: ...ch s configuration using the kill config command and the second example illustrates how to erase all the Switch s configuration with the exception of system configuration ML1600 kill config Do you want to erase the configuration Y or N Y Successfully erased configuration Please reboot ML1600 kill config save system Do you want to erase the configuration Y or N Y Successfully erased configuration P...

Страница 92: ... IPv4 Its deployment strategy is designed to have no dependencies IPv6 is designed to run well on high performance networks e g Gigabit Ethernet OC 12 ATM etc and at the same time still be efficient on low bandwidth networks e g wireless In addition it provides a platform for the new level of internet functionality that will be required in the near future IPv6 includes a transition mechanism desig...

Страница 93: ...in all implementations 5 5 3 IPv6 Addressing IPv6 addresses are 128 bits long and are identifiers for individual interfaces and sets of interfaces IPv6 addresses of all types are assigned to interfaces not nodes Since each interface belongs to a single node any of that node s interface s unicast addresses may be used as an identifier for the node A single interface may be assigned multiple IPv6 ad...

Страница 94: ...ax show ipv6 displays the IPv6 information To configure IPv6 the following sequence of commands can be used FIGURE 5 5 Configuring IPv6 In addition to the commands listed above the commands which support IPv6 addressing are Syntax ftp IPv6 address ftp to an IPv6 station Example ftp fe80 220 6ff fe25 ed80 ML1600 ipconfig ipconfig Configures the system IP address subnet mask and gateway Usage ipconf...

Страница 95: ...shown in the example below http fe80 220 6ff fe25 ed80 5 5 5 List of commands in this chapter Syntax ipconfig ip ip address mask subnet mask dgw gateway add del configure an IPv6 address The add delete option can be used to add or delete IPv4 IPv6 addresses Syntax show ipconfig display the IP configuration information including IPv6 address Syntax ping6 IPv6 address pings an IPv6 station Syntax sh...

Страница 96: ...5 34 MULTILINK ML1600 ETHERNET COMMUNICATIONS SWITCH INSTRUCTION MANUAL IPV6 CHAPTER 5 IP ADDRESSING ...

Страница 97: ... user is familiar with issues concerning security as well as securing access for users and computers on a network Secure access on a network can be provided by authenticating against an allowed MAC address as well as IP address 6 1 2 Passwords The GE MultiLink family of switches have a factory default password for the manager as well as the operator account Passwords can be changed from the user I...

Страница 98: ...es connected to the MultiLink family of switches If there is an insecure access on the secondary device the MultiLink family of switches allow the authorized users to continue to access the network the unauthorized packets are dropped preventing access to the network Note Network security hinges on the ability to allow or deny access to network resources This aspect of secure network services invo...

Страница 99: ... switch can be configured to 1 Auto learn the MAC addresses 2 Specify individual MAC addresses to allow access to the network 3 Validate or change the settings The command syntax for the above actions are allow mac address list range port num list range learn port number list enable disable show port security action port num list range none disable drop signal port num list range none log trap log...

Страница 100: ...der the port security configuration mode Let s look at a few examples The following command allows specific MAC addresses on a specified port No spaces are allowed between specified MAC addresses ML1600 port security allow mac 00 c1 00 7f ec 00 00 60 b0 88 9e 00 port 18 The following command sequence sets the port security to learn the MAC addresses Note that a maximum of 200 MAC addresses can be ...

Страница 101: ...ef 31 40 00 e0 29 22 15 85 00 03 47 ca ac 45 00 30 48 70 71 23 10 ENABLE NONE NONE DISABLE 0 Not Configured 11 ENABLE NONE NONE DISABLE 0 Not Configured 12 ENABLE NONE NONE DISABLE 0 Not Configured 13 ENABLE NONE NONE DISABLE 0 Not Configured 14 ENABLE NONE NONE DISABLE 0 Not Configured 15 ENABLE NONE NONE DISABLE 0 Not Configured 16 ENABLE NONE NONE DISABLE 0 Not Configured ML1600 port security E...

Страница 102: ...rt 11 Z Verify learning is enables and MAC addresses are being learnt on required ports use the show port security port 11 command Z Save the port security configuration use the save command Z Disable learning on required ports for example use the learn port 11 15 disable command Example 6 3 Allowing specific MAC addresses on specific ports ML1600 port security allow mac 00 c1 00 7f ec 00 port 9 1...

Страница 103: ...access the network use the add mac 00 c1 00 7f ec 00 port 11 15 command Z Disable access to the network for unauthorized devices Use action port 11 diable drop depending on whether the port should be disabled or the packed dropped Follow that with a show port security command to verify the setting Z Optional step Set the notification to notify the MGMNT station on security breach attempts use the ...

Страница 104: ... 00 e0 29 2a f1 bd 00 01 03 e2 27 89 00 07 50 ef 31 40 00 e0 29 22 15 85 00 03 47 ca ac 45 00 30 48 70 71 23 10 ENABLE NONE NONE DISABLE 0 Not Configured 11 ENABLE NONE NONE ENABLE 0 00 c1 00 7f ec 00 12 ENABLE NONE NONE DISABLE 0 Not Configured 13 ENABLE NONE NONE DISABLE 0 Not Configured 14 ENABLE NONE NONE DISABLE 0 Not Configured 15 ENABLE NONE NONE DISABLE 0 Not Configured 16 ENABLE NONE NONE...

Страница 105: ... set to monitor security as well as make a log on the intrusions that take place The logs for the intrusions are stored on the switch When the switch detects an intrusion on a port it sets an alert flag for that port and makes the intrusion information available Example 6 6 Security log commands ML1600 show log S Date Time Log Description I 12 07 2004 9 01 34 A M CLI manager console login I 12 07 ...

Страница 106: ... level 1 indicates routine events A activity severity level 2 indicates the activity on the switch D debug severity level 3 is reserved for GE Multilin internal diagnostic information C critical severity level 4 indicates that a severe switch error has occurred F fatal severity level 5 indicates that a service has behaved unexpectedly 6 2 3 Authorized Managers Just as port security allows and disa...

Страница 107: ...ic station with IP address 3 94 245 25 is allowed again note how the subnet mask is used An older station with IP address 3 94 245 15 is removed Example 6 7 Allowing blocking specific IP addresses ML1600 access ML1600 access allow ip 3 94 245 10 mask 255 255 255 0 service telne Service s allowed for specified address ML1600 access allow ip 3 94 245 25 mask 255 255 255 255 service tel Service s all...

Страница 108: ... Security menu item to configure port security as shown below From the menu shown above each individual port can be configured for the proper action on the port auto learn MAC addresses and specify individual MAC addresses Z To edit each port click on the edit icon Z To enable or disable port security use the Status drop down menu as shown below Note that the screen also provides an overview of ea...

Страница 109: ...able the learning This is indicated by the Learn Status drop down menu Additionally MAC addresses can be added or deleted from the table of allowed MAC addresses Z To delete a MAC address click on the delete icon Z To add a MAC address click on the Add button Z Fill in the MAC address in the MAC address window There is a limitation of 200 MAC addresses per port and 500 MAC addresses per switch for...

Страница 110: ...information available Note The default log size is 50 rows Z To change the log size select the Configuration Statistics Log Statistics menu item When the switch detects an intrusion attempt on a port it records the date and time stamp the MAC address the port on which the access was attempted and the action taken by the MultiLink switches The event log lists the most recently detected security vio...

Страница 111: ...as port security allows and disallows specific MAC addresses from accessing a network the EnerVista Secure Web Management software can allow or block specific IP addresses or a range of IP addresses to access the switch Z Access the functionality via the Configuration Access IP Access menu item The window above shows the authorized access list for managing the switch Note specific services can be ...

Страница 112: ...RATIONS In the following example any computer on 10 10 10 0 sub network is allowed note how the subnet mask is used to indicate that Also a specific station with IP address 192 168 15 25 is allowed again note how the subnet mask is used to allow only one specific station in the network and an older station with IP address 192 168 15 15 is removed ...

Страница 113: ... businesses use the RADIUS server for authenticating users connecting into a network For example if a user connects PC into the network whether the PC should be allowed access or not provides the same issues as to whether or not a dial in user should be allowed access into the network or not A user has to provide a user name and password for authenticated access A RADIUS server is well suited for ...

Страница 114: ...US encapsulates EAP packets onto RADIUS packets for relaying to RADIUS authentication servers The details of the 802 1x authentication are as follows 1 The supplicant host is initially blocked from accessing the network The supplicant wanting to access these services starts with an EAPOL Start frame 2 The authenticator MultiLink switch upon receiving an EAPOL start frame sends a response with an E...

Страница 115: ... both EAPOL and EAP over RADIUS to communicate to a standard 802 1x supplicant and RADIUS authentication server The ML1600 software authenticator has the following characteristics Allows control on ports using STP based hardware functions EAPOL frames are Spanning Tree Protocol STP link Bridge PDUs BPDU with its own bridge multicast address Relays MD5 challenge although not limited to authenticati...

Страница 116: ...ut 1 240 servertimeout 1 240 maxreq 1 10 The port argument is mandatory and represents the port s to be configured The supptimeout argument is optional and represents the timeout in seconds the authenticator waits for the supplicant to respond back The default value is 30 seconds and values can range from 1 to 240 seconds The servertimeout argument is optional and represents the timeout in seconds...

Страница 117: ...he re authentication with the supplicant or PC reauth port num list range status enable disable period 10 86400 The port argument is mandatory and sets the ports to be configured The status argument is optional and enables disables re authentication The period argument is optional and represents the re authentication period This is the time in seconds the authenticator waits before a re authentica...

Страница 118: ...asserted Authorized 4 Enabled Auto Deasserted Unauthorized 5 Enabled Auto Deasserted Unauthorized 6 Enabled Auto Deasserted Unauthorized 7 Enabled Auto Deasserted Unauthorized 8 Enabled Auto Deasserted Unauthorized 9 Enabled Auto Deasserted Unauthorized 10 Enabled Auto Deasserted Unauthorized 11 Enabled Auto Deasserted Unauthorized 12 Enabled Auto Deasserted Unauthorized 13 Enabled Auto Deasserted...

Страница 119: ...0 2 30 6 60 2 30 7 60 2 30 8 60 2 30 9 60 2 30 10 60 2 30 11 60 2 30 12 60 2 30 13 60 2 30 14 60 2 30 15 60 2 30 16 60 2 30 continued on following page This command sets timeout characteristics and the number of requests before access is denied The authenticator waits for the supplicant to respond back for 45 seconds the authenticator waits for 60 seconds for the back end RADIUS server to respond ...

Страница 120: ...tion Counters authEntersConnecting 3 authEapLogoffsWhileConnecting 0 authEntersAuthenticating 3 authAuthSuccessesWhileAuthenticating 2 authAuthTimeoutsWhileAuthenticating 0 authAuthFailWhileAuthenticating 0 authAuthReauthsWhileAuthenticating 0 authAuthEapStartsWhileAuthenticating 1 authAuthEapLogoffWhileAuthenticating 0 authAuthReauthsWhileAuthenticated 0 authAuthEapStartsWhileAuthenticated 0 auth...

Страница 121: ...s Server menu item Z Select the server Do not enable RADIUS capabilities until you have ensured that the ports are configured properly Z After the ports are configured enable RADIUS Z Ensure that the port connected to the RADIUS server or the network where the RADIUS server is connected to is not an authenticated port The following window shows the configuration of a RADIUS Server Initially the RA...

Страница 122: ...figure illustrates the editing of information for the RADIUS server Note the UDP port number can be left blank and the default port 1812 is used After configuring the server information specific port information is configured Z Select the Configuration Radius Port Set menu item to configure the RADIUS characteristics of each port Z To edit the port settings click on the edit icon ...

Страница 123: ...adius Port Access menu item The Quiet Period column represents the time in seconds the supplicant is held after an authentication failure before the authenticator retries the supplicant for connection The value ranges from 0 to 65535 seconds with a default of 60 The Max Reauth column shows the permitted reauthentication attempts before the port becomes unauthorized Values are integers ranging from...

Страница 124: ... authenticator waits for the backend RADIUS server to respond The values range from 1 to 240 seconds with a default of 30 The Max Request column represents the maximum times the authenticator retransmits an EAP request packet to the supplicant before it times out Values are integers ranging from 1 to 10 with a default of 2 The port authentication characteristics define how the authenticator ML1600...

Страница 125: ...ERNET COMMUNICATIONS SWITCH INSTRUCTION MANUAL 7 13 The Configuration Radius Port Stats menu item illustrates the radius statistics for each port After all the port characteristics are enabled do not forget to Z Save the configuration using the save icon and enabling RADIUS from the Configuration Radius Server menu ...

Страница 126: ...7 14 MULTILINK ML1600 ETHERNET COMMUNICATIONS SWITCH INSTRUCTION MANUAL CONFIGURING 802 1X WITH ENERVISTA SECURE WEB MANAGEMENT SOFTWARE CHAPTER 7 ACCESS USING RADIUS ...

Страница 127: ...simple UDP based access control protocol originally developed by BBN for the MILNET Military Network XTACACS is now replaced by TACACS TACACS is a TCP based access control protocol TCP offers a reliable connection oriented transport while UDP offers best effort delivery TACACS improves on TACACS and XTACACS by separating the functions of authentication authorization and accounting and by encryptin...

Страница 128: ... stage is authorization where it is determined whether the user has operator access or manager privileges 8 1 3 TACACS Packet Packet encryption is a supported and is a configurable option for the ML1600 software When encrypted all authentication and authorization TACACS packets are encrypted and are not readable by protocol capture and sniffing devices such as EtherReal or others Packet data is ha...

Страница 129: ...rds compatibility Packet type Possible values are TAC_PLUS_AUTHEN 0x01 authentication TAC_PLUS_AUTHOR 0x02 authorization TAC_PLUS_ACCT 0x03 accounting Sequence number The sequence number of the current packet for the current session Flags This field contains various flags in the form of bitmaps The flag values signify whether the packet is encrypted Session ID The ID for this TACACS session Length...

Страница 130: ...of up to five TACACS servers tacserver add delete id num ip ip addr port tcp port encrypt enable disable key string The add delete argument is mandatory and specifies whether to add or delete a TACACS server The id argument is mandatory and sets the order to poll the TACACS servers for authentication The ip argument is mandatory for adding and defines the IP address of the TACACS server The port a...

Страница 131: ...us TACACS Status Disabled ML1600 user tacplus enable TACACS Tunneling is enabled ML1600 user tacserver add id 2 ip 10 21 1 123 encrypt enable key s TACACS server is added ML1600 user show tacplus servers ID TACACS Server Port Encrypt Key 1 10 21 1 170 49 Enabled secret 2 10 21 1 123 49 Enabled some 3 4 5 ML1600 user tacserver delete id 2 TACACS server is deleted ML1600 user show tacplus servers ID...

Страница 132: ...uring TACACS with EnerVista Secure Web Management Software Z To access the TACACS servers select the Administration User Mgmt TACACS menu item By default no TACACS servers are defined Z To add a server click on the Add button to open the screen shown below Note that the TCP port field can be left blank port 49 is used as a default port Up to five TACACS servers can be defined ...

Страница 133: ...TACACS WITH ENERVISTA SECURE WEB MANAGEMENT SOFTWARE MULTILINK ML1600 ETHERNET COMMUNICATIONS SWITCH INSTRUCTION MANUAL 8 7 After the configuration is completed Z Save the settings Z Enable the TACACS services by using the Status drop down menu ...

Страница 134: ...8 8 MULTILINK ML1600 ETHERNET COMMUNICATIONS SWITCH INSTRUCTION MANUAL CONFIGURING TACACS WITH ENERVISTA SECURE WEB MANAGEMENT SOFTWARE CHAPTER 8 ACCESS USING TACACS ...

Страница 135: ... storm prevention thresholds An Ethernet switch sends traffic from one port to another port Unlike a switch a hub or a shared network device the traffic is broadcast on each and every port Capturing traffic for protocol analysis or intrusion analysis can be impossible on a switch unless all the traffic from a specific port is reflected on another port typically a monitoring port The MultiLink fami...

Страница 136: ...nd disables port mirroring prtmr enable disable The sequence below illustrates how port 11 is mirrored on port 13 Any traffic on port 11 is also sent on port 13 ML1600 show port mirror Sniffer Port 0 Monitor Port 0 Mirroring State disabled ML1600 port mirror ML1600 port mirror setport monitor 11 sniffer 13 Port 11 set as Monitor Port Port 13 set as Sniffer Port ML1600 port mirror prtmr enable Port...

Страница 137: ...tatus enable disable lla enable disable The arguments for the setport command are defined as follows The device argument sets up the MultiLink switch in the device configuration mode The name argument assigns a specific name to the port This name is a designated name for the port and can be a server name user name or any other name The speed argument sets the speed to be 10 or 100 Mbps This works ...

Страница 138: ...lf duplex 10FDx 10 Mbps full duplex 100HDx 100 Mbps half duplex 100FDx 100 Mbps full duplex Possible port settings for 100FX fiber ports are 100FDx default 100 Mbps full duplex 100HDx 100 Mbps half duplex Possible port settings for 10FL fiber ports are 10HDx default 10 Mbps half duplex 10FDx 10 Mbps full duplex Gigabit fiber optic ports Gigabit SX and Gigabit LX 1000FDx default 1000 Mbps full dupl...

Страница 139: ...limit value xofflimit value where xonlimit can be from 3 to 127 default value is 4 and xofflimit ranges from 3 to 127 default value is 6 9 3 3 Back Pressure The backpressure command disables enables back pressure based flow control mechanisms The default state is disabled When enabled the port uses 802 3 Layer 2 back off algorithms Back pressure based congestion control is possible only on half du...

Страница 140: ... pressure and flow control ML1600 device ML1600 device show flowcontrol XOnLimit 4 XOffLimit 6 ML1600 device flowcontrol xonlimit 10 xofflimit 15 XOn Limit set successfully XOff Limit set successfully ML1600 device show flowcontrol XOnLimit 10 XOffLimit 15 ML1600 device show backpressure Rx Buffer Threshold 28 continued on next page ...

Страница 141: ... H 10Tx UP 10 No E 1 10 B2 E H 10Tx DOWN 10 No E 1 11 JohnDoe E H 10Tx DOWN 10 No E 1 12 JaneDoe E H 10Tx DOWN 10 No E 1 13 B5 E F 100Tx UP 100 No E 1 14 B6 E H 10Tx DOWN 10 No E 1 15 B7 E H 10Tx DOWN 10 No E 1 16 B8 E H 10Tx DOWN 10 No E 1 ML1600 device show port 11 Configuration details of port 11 Port Name JohnDoe Port Link State DOWN Port Type TP Port Port Admin State Enable Port VLAN ID 1 Por...

Страница 142: ... The storm is determined to be over when a one second period elapses with no broadcast packets received Back pressure and flow control continued ML1600 device show port Keys E Enable D Disable H Half Duplex F Full Duplex M Multiple VLAN s NA Not Applicable LI Listening LE Learning F Forwarding B Blocking Port Name Control Dplx Media Link Speed Part Auto VlanID GVRP STP 9 B1 E H 10Tx UP 10 No E 1 1...

Страница 143: ...ilities broadcast protect enable disable The rate threshold command set the rate limit in frames per second rate threshold port port list range rate frames sec The show broadcast protect command displays the broadcast storm protection settings show broadcast protect In Example 9 3 the broadcast protection is turned on The threshold for port 11 is then set to a lower value of 3500 broadcast frames ...

Страница 144: ...dcast protect enable Broadcast Storm Protection enabled ML1600 device show broadcast protect PORT STATUS THRESHOLD frms sec CURR RATE frms sec ACTIVE 9 Enabled 19531 0 NO 10 Enabled 19531 0 NO 11 Enabled 19531 0 NO 12 Enabled 19531 0 NO 13 Enabled 19531 0 NO 14 Enabled 19531 0 NO 15 Enabled 19531 0 NO 16 Enabled 19531 0 NO ML1600 device rate threshold port 11 rate 3500 Broadcast Rate Threshold set...

Страница 145: ...ugh the relay s receive fiber cable thereby allowing the relay to switch to its secondary path This feature is available for both 10 Mb and 100 Mb fiber ports It is recommended to enable the Link Loss Alert LLA feature on ports that are connected to end devices LLA should be disabled for switch ports connected in a ring The Link Loss Alert feature is enabled by default on 10 MB Fiber Optic ports a...

Страница 146: ...ort STP State NO STP Port GVRP State No GVRP Port Priority Type None Port Security Enable Port Flow Control Enable Port Back Pressure Enable Port Link Loss Alert Disable ML1600 device setport port 11 lla enable Link Loss Alert enabled ML1600 device show port 11 Configuration details of port 11 Port Name JohnDoe Port Link State DOWN Port Type TP Port Port Admin State Enable Port VLAN ID 1 Port Spee...

Страница 147: ...n that port To enable port mirroring as well as setting up the ports to be sniffed Z Select the Configuration Port Mirroring menu item Z Set the sniffer port and the port on which the traffic is reflected on Make sure the Mirror Status is also set to enabled for mirroring For security reasons GE Multilin recommends that the port mirroring be disabled using the Edit button and setting the Mirror St...

Страница 148: ...fic port by using the edit icon in the Configuration Port Settings menu Z Click the edit icon to open the following window In these windows Port Number represents the port number on the switch Port Name assigns a specific name to the port This name is a designated name for the port and can be a server name user name or any other name Admin Status indicates whether the port can be administered remo...

Страница 149: ... be edited in this window The GVRP State displays the GVRP settings on the port This value cannot be edited in this window The LLA indicates the state of the Link Loss Alert feature The Auto default value for the Port Speed senses the speed and negotiates with the port at the other end of the link for data transfer operation half duplex or full duplex The Auto value uses the IEEE 802 3u auto negot...

Страница 150: ...g some network games are used Storms can reduce network performance and cause bridges routers workstations servers and PCs to slow down or even crash The GE MultiLink switch is capable of detecting and limiting storms on each port A network administrator can also set the maximum rate of broadcast packets frames that are permitted from a particular interface If the maximum number is exceeded a stor...

Страница 151: ...TIONS SWITCH INSTRUCTION MANUAL 9 17 To edit the threshold level click on the edit icon as seen below See details in Broadcast Storms on page 9 8 to determine the threshold level After changes are made do not forget to save the changes using the save icon If the switch is rebooted before the changes are made the changes will be lost ...

Страница 152: ...9 18 MULTILINK ML1600 ETHERNET COMMUNICATIONS SWITCH INSTRUCTION MANUAL PORT MIRRORING USING ENERVISTA SECURE WEB MANAGEMENT SOFTWARE CHAPTER 9 PORT MIRRORING AND SETUP ...

Страница 153: ...rnet frames VLANs provide the capability of having two or more Ethernet segments co exist on common hardware The reason for creating multiple segments in Ethernet is to isolate collision domains VLANs can isolate groups of users or divide up traffic for security bandwidth MGMNT etc VLANs are widely used today and are here to stay VLANs need not be in one physical location They can be spread across...

Страница 154: ...signed to multiple VLANs By default on the MultiLink family of switches VLAN support is enabled and all ports on the switch belong to the default VLAN DEFAULT VLAN This places all ports on the switch into one physical broadcast domain If VLANs are entirely separate segments or traffic domains how can the VLANs route traffic or talk to each other This can be done using routing technologies e g a ro...

Страница 155: ...n can be extended across a large network 802 1Q compliant switch ports such as those on the MultiLink family of switches can be configured to transmit tagged or untagged frames A tag field containing VLAN information can be inserted into an Ethernet frame If a port has an 802 1Q compliant device attached such as another switch these tagged frames can carry VLAN membership information between switc...

Страница 156: ...igure at least one VLAN in addition to the default VLAN 3 Assign the desired ports to the VLANs 4 Decide on trunking strategy how will the VLAN information be propagated from one switch to another and also what VLAN information will be propagated across 5 Layer 3 consideration check to see if the routing between the VLANs is working by pinging stations on different VLANs Note You can rename the de...

Страница 157: ...y VLAN add id vlan Id name vlan name port number list range Forbid number list range mgt nomgt To enable or disable Management Control on any VLAN edit id vlan Id name vlan name port number list range mgt nomgt 10 2 3 Example Example 10 1 below shows how to add three different VLANs Along with the VLANs Port 14 is assigned to the four VLANs the three new ones added plus the DEFAULT VLAN 1 The foll...

Страница 158: ...eering port 14 Vlan added successfully with Vlan id 10 Vlan name engineering Ports 14 ML1600 port vlan add id 20 name engineering port 14 ERROR Duplicate Vlan name ML1600 port vlan add id 20 name sales port 14 Vlan added successfully with Vlan id 20 Vlan name sales Ports 14 ML1600 port vlan add id 30 name marketing port 14 Vlan added successfully with Vlan id 30 Vlan name marketing Ports 14 contin...

Страница 159: ...AN ID 10 Name engineering Status Pending PORT STATUS 14 DOWN VLAN ID 20 Name sales Status Pending PORT STATUS 14 DOWN VLAN ID 30 Name marketing Status Pending PORT STATUS 14 DOWN ML1600 port vlan start vlan all All pending VLAN s started ML1600 port vlan show vlan type port VLAN ID 1 Name Default VLAN Status Active PORT STATUS 9 UP 10 DOWN 11 DOWN 12 DOWN 13 UP 14 DOWN 15 DOWN 16 DOWN continued on...

Страница 160: ... COMMAND LINE INTERFACE CHAPTER 10 VLAN Adding three VLANs continued VLAN ID 10 Name engineering Status Active PORT STATUS 14 DOWN VLAN ID 20 Name sales Status Active PORT STATUS 14 DOWN VLAN ID 30 Name markteting Status Active PORT STATUS 14 DOWN ML1600 port vlan exit ML1600 The pending VLAN is now active ...

Страница 161: ...e 1 Plan your VLAN strategy and create a map of the logical topology that will result from configuring VLANs Include consideration for the interaction between VLANs 2 Configure at least one VLAN in addition to the default VLAN 3 Assign the desired ports to the VLANs 4 Decide on trunking strategy how will the VLAN information be propagated from one switch to another and also what VLAN information w...

Страница 162: ...GURING PORT VLANS WITH ENERVISTA SECURE WEB MANAGEMENT SOFTWARE CHAPTER 10 VLAN For VLAN configuration use Configuration VLAN menu items as shown below The Port VLANs are active by default Z Display the assigned Port VLANs by selecting the Configuration VLAN Port Based menu item ...

Страница 163: ...ATIONS SWITCH INSTRUCTION MANUAL 10 11 As discussed above ports 9 10 11 12 13 15 16 still belong to default VLAN We will now add another VLAN with VID 40 and VLAN name Support Z After adding the ports and defining the VLAN click OK After adding the VLAN the VLAN is not active Activating the VLAN has to be done manually ...

Страница 164: ...n be activated or disabled Z Click OK to activate the VLAN After activation note that ports 9 to 13 belong to the new VLAN Their membership in the default VLAN has been eliminated Note the VLAN membership of the ports assigned to VLAN 40 now indicates that they are only members of VLAN 40 The default VLAN membership has been terminated on VLAN activation The ports can be added to VLAN 1 by using t...

Страница 165: ... 1 set port port number list range default id number The filter parameter enables or disables the VLAN filtering function When enabled the switch will drop the packets coming in through a port if the port is not a member of the VLAN For example if port 1 is a member of VLANs 10 20 and 30 if a packet with VLAN id 40 arrives at port 1 it will be dropped set port port number list range filter status ...

Страница 166: ...N setup is done before devices are plugged into ports 14 16 as a result the status of the ports show the port status as DOWN 1 A word of caution when Tag VLAN filtering is enabled there can be serious connectivity repercussions the only way to recover from that it is to reload the switch without saving the configuration or by modifying the configuration from the console serial port 2 There can be ...

Страница 167: ...ID 10 Name engineering Status Active PORT STATUS 14 DOWN VLAN ID 20 Name sales Status Active PORT STATUS 14 DOWN VLAN ID 30 Name markteting Status Active PORT STATUS 14 DOWN ML1600 port vlan stop vlan all All active VLAN s stopped ML1600 port vlan exit ML1600 set vlan type tag VLAN set to Tag based ML1600 show active vlan Tag VLAN is currently active continued on next page To switch to Tag VLAN th...

Страница 168: ...VLAN Name mkt Ports 14 16 ML1600 tag vlan edit id 10 name engineering port 14 16 Tag based vlan Added Successfully VLAN ID 10 VLAN Name engineering Ports 14 16 ML1600 tag vlan add id 20 name sales port 14 16 Tag based vlan Added Successfully VLAN ID 20 VLAN Name sales Ports 14 16 ML1600 tag vlan add id 20 name marketing port 14 16 ERROR Duplicate Vlan Id ML1600 tag vlan add id 30 name marketing po...

Страница 169: ...TAGGED UP 14 UNTAGGED DOWN 15 UNTAGGED DOWN 16 UNTAGGED DOWN VLAN ID 10 Name engineering Status Pending PORT MODE STATUS 14 UNTAGGED DOWN 15 UNTAGGED DOWN 16 UNTAGGED DOWN VLAN ID 20 Name sales Status Pending PORT MODE STATUS 14 UNTAGGED DOWN 15 UNTAGGED DOWN 16 UNTAGGED DOWN VLAN ID 30 Name marketing Status Pending PORT MODE STATUS 14 UNTAGGED DOWN 15 UNTAGGED DOWN 16 UNTAGGED DOWN ML1600 tag vla...

Страница 170: ...lnet session on this port setting ingress might stop the session Do you want to continue Y or N Y Ingress Filter Enabled ML1600 tag vlan show vlan type tag VLAN ID 1 Name Default VLAN Status Active PORT MODE STATUS 9 UNTAGGED UP 10 UNTAGGED DOWN 11 UNTAGGED DOWN 12 UNTAGGED DOWN 13 UNTAGGED UP VLAN ID 10 Name engineering Status Active PORT MODE STATUS 14 UNTAGGED DOWN 15 UNTAGGED DOWN 16 UNTAGGED ...

Страница 171: ...L1600 tag vlan set port port 14 16 tagging id 30 status tagged Port tagging enabled ML1600 tag vlan show vlan type tag VLAN ID 1 Name Default VLAN Status Active PORT MODE STATUS 9 UNTAGGED UP 10 UNTAGGED DOWN 11 UNTAGGED DOWN 12 UNTAGGED DOWN 13 UNTAGGED UP VLAN ID 10 Name engineering Status Active PORT MODE STATUS 14 TAGGED DOWN 15 TAGGED DOWN 16 TAGGED DOWN VLAN ID 20 Name sales Status Active PO...

Страница 172: ...as DOWN There can be serious connectivity repercussions when Tag VLAN filtering is enabled The only way to recover from this it is to reload the switch without saving the configuration or by modifying the configuration from the console serial port The ML1600 can be configured for either Tag VLAN or Port VLAN Both VLANs cannot co exit at the same time There can only be one default VLAN for the swit...

Страница 173: ... Now add the necessary VLANs In the example below add the VLANs in the following manner VLAN 1 All ports default VLAN VLAN 10 Engineering VLAN ports 11 12 13 VLAN 20 Support VLAN ports 13 14 15 note that port 13 belongs to VLAN 10 20 VLAN 30 Marketing VLAN ports 15 16 note that port 15 belongs to VLAN 20 30 Z After adding the ports and defining the VLAN click OK ...

Страница 174: ...onfiguration VLAN Tag Based menu and enable the tagging for each port Z Repeat the last two steps for each of the ports and each of the VLANs click on port settings and enable the tag on the port After all the ports are tagged the tagged column should change to Yes for all VLANs To check the status of the tagging Z Select the Configuration VLAN Tag Based Tagging menu ...

Страница 175: ... Tag Based Settings menu Z Click OK Tagged VLANs can be viewed from the Configuration VLAN Tag Based Tagging menu To add or delete specific ports from a VLAN Z Click on Join Leave button from the Configuration VLAN Tag Based Settings menu and specify the action In the example below we will take port 11 and assign it to leave VLAN 10 After the action is completed note that port 11 will belong to VL...

Страница 176: ...L CONFIGURING TAG VLANS WITH ENERVISTA SOFTWARE CHAPTER 10 VLAN To enable the filter capability for each port Z Use the Configuration VLAN Tag Based Settings menu as shown below To view the filter information for the ports Z Use the Configuration VLAN Tag Based Filter menu ...

Страница 177: ...tegrity is maintained With GVRP this process can be automated It is critical that all switches share a common VLAN This VLAN typically is the default VLAN VID 1 on most switches and other devices GVRP uses GVRP Bridge Protocol Data Units GVRP BPDUs to advertise static VLANs We refer to GVRP BPDU is as an advertisement GVRP enables the MultiLink family of switches to dynamically create 802 1q compl...

Страница 178: ...at VLAN is received on that specific port FIGURE 11 1 GVRP operation Switch 1 with static VLANs VID 1 2 and 3 Port 2 is a member of VIDs 1 2 and 3 1 Port 2 advertises VIDs 1 2 and 3 2 On Switch 2 Port 1 receives advertisement of VIDs 1 2 and 3 AND becomes a member of VIDs 1 2 and 3 3 As discussed above a GVRP enabled port can forward advertisement for a VLAN it learnt about So port 3 advertises VI...

Страница 179: ...ed from switch A GVRP provides a per port join request option which can be configured VLANs must be disabled in GVRP unaware devices to allow tagged packets to pass through A GVRP aware port receiving advertisements has these options If there is no static VLAN with the advertised VID on the receiving port then dynamically create a VLAN with the same VID as in the advertisement and allow that VLAN ...

Страница 180: ...w vlan type tag command will display VID in case the VID is not known Example 11 1 illustrates how to convert a dynamic VLAN into a static VLAN As the following table indicates a port that has a tagged or untagged static VLAN has the option for both generating advertisements and dynamically joining other VLANs Table 11 1 Port settings for GVRP operations Unknown VLAN mode Operations Learn Enables ...

Страница 181: ...ptions Tagged or untagged Auto Forbid Learn Generate advertisements Forward advertisements for other VLANs Receive advertisements and dynamically join any advertised VLAN Receive advertisements and dynamically join any advertised VLAN that has the same VID as the static VLAN Do not allow the port to become a member of this VLAN Block Generate advertisements Forward advertisements received from oth...

Страница 182: ...L OVERVIEW CHAPTER 11 VLAN REGISTRATION OVER GARP Reboot the switch The time to live for dynamic VLANs is 10 seconds That is if a port has not received an advertisement for an existing dynamic VLAN during the last 10 seconds the port removes itself from that dynamic VLAN ...

Страница 183: ... A dynamic VLAN must be converted to a static VLAN before it can have an IP address After converting a dynamic VLAN to a static VLAN use the save command to save the changes made on a reboot the changes can be lost without the save command Within the same broadcast domain a dynamic VLAN can pass through a device that is not GVRP aware This is because a hub or a switch that is not GVRP aware will f...

Страница 184: ...rp disable GVRP is now disabled ML1600 gvrp gvrp enable GVRP enabled ML1600 gvrp show vlan VLAN ID NAME VLAN STATUS 1 Default VLAN Static Active 2 Blue Static Active 10 dyn10 Dynamic Active ML1600 gvrp static vlan 10 ML1600 gvrp show vlan VLAN ID NAME VLAN STATUS 1 Default VLAN Static Active 2 Blue Static Active 10 dyn10 Static Active ML1600 gvrp set forbid vlan 2 forbid 11 15 ML1600 gvrp show for...

Страница 185: ...figured in the VLAN context Since dynamic VLANs operate as tagged VLANs and it is possible that a tagged port on one device may not communicate with an untagged port on another device GE Multilin recommends that you use tagged VLANs for the static VLANs A dynamic VLAN continues to exist on a port for as long as the port continues to receive advertisements of that VLAN from another device connected...

Страница 186: ...11 10 MULTILINK ML1600 ETHERNET COMMUNICATIONS SWITCH INSTRUCTION MANUAL CONFIGURING GVRP WITH ENERVISTA SECURE WEB MANAGEMENT SOFTWARE CHAPTER 11 VLAN REGISTRATION OVER GARP ...

Страница 187: ... one path at a time is active between any two nodes on the network In networks where more than one physical path exists between two nodes STP ensures only a single path is active by blocking all redundant paths Enabling STP is necessary to avoid loops and duplicate messages This duplication leads to a broadcast storm or other erratic behavior that can bring down the network As recommended in the I...

Страница 188: ...e new active path for as long as the original active path is down The table below lists the default values of the STP variables Refer to the following section for detailed explanation on the variables By default STP is disabled To use STP it has to be manually enabled Table 12 1 STP default values Variable or attribute Default value STP capabilities Disabled Reconfiguring general operation priorit...

Страница 189: ...ult value of 32768 Bridge Forward Delay Indicates the duration the switch waits from listening to learning states and from learning to forwarding states The value ranges from 4 to 30 seconds with a default of 15 Bridge Hello Time When the switch is the root device this is the time between messages being transmitted The value is from 1 to 10 seconds with a default of 2 Bridge Max Age This is the ma...

Страница 190: ...imum age after which it discards the information as being old and receives new updates These variables can be changed using the priority cost port and timers commands described later in this chapter Example 12 1 Viewing STP configuration ML1600 show stp config STP CONFIGURATION Spanning Tree Enabled Global NO Spanning Tree Enabled Ports YES 9 10 11 12 13 14 15 16 Protocol Normal STP Bridge ID 80 0...

Страница 191: ...stp command enters STP configuration mode stp The enable and disable parameters start enable or stop disable STP stp enable disable The stp and rstp parameters set the spanning tree protocol to be IEEE 802 1d or 802 1w Rapid Spanning Tree Protocol set stp type stp rstp The show active stp command display which version of STP is currently active show active stp Note Incorrect STP settings can adver...

Страница 192: ...ocol Normal STP Bridge ID 80 00 00 20 06 25 ed 80 Bridge Priority 32768 Bridge Forward Delay 15 Bridge Hello Time 2 Bridge Max Age 20 Root Port 0 Root Path Cost 0 Designated Root 80 00 00 20 06 25 ed 80 Designated Root Priority 32768 Root Bridge Forward Delay 15 Root Bridge Hello Time 2 Root Bridge Max Age 20 RSTP CONFIGURATION Rapid STP STP Enabled Global NO ML1600 stp show stp ports STP Port Con...

Страница 193: ...of 32768 cost port number list range value 0 65535 The port command assigns ports to STP If you are unsure let the software make the decisions The status parameter enables or disables a port from participating in STP discovery Its best to only allow trunk ports to participate in STP End stations need not participate in STP process port port number list range status enable disable The timers comman...

Страница 194: ... 15 Root Bridge Hello Time 2 Root Bridge Max Age 20 RSTP CONFIGURATION Rapid STP STP Enabled Global NO ML1600 stp show stp ports STP Port Configuration Port Type Priority Path Cost State Des Bridge Des Port 09 TP 10 100 128 100 Disabled 80 00 00 20 06 25 ed 80 80 09 10 TP 10 100 128 100 Disabled 80 00 00 20 06 25 ed 80 80 0a 11 TP 10 100 128 100 Disabled 80 00 00 20 06 25 ed 80 80 0b 12 TP 10 100 ...

Страница 195: ... 80 00 00 20 06 25 ed 80 80 0a 11 TP 10 100 128 100 Disabled 80 00 00 20 06 25 ed 80 80 0b 12 TP 10 100 128 100 Disabled 80 00 00 20 06 25 ed 80 80 0c 13 TP 10 100 128 19 Forwarding 80 00 00 20 06 25 ed 80 80 0d 14 TP 10 100 128 100 Disabled 80 00 00 20 06 25 ed 80 80 0e 15 TP 10 100 128 100 Disabled 80 00 00 20 06 25 ed 80 80 0f 16 TP 10 100 128 100 Disabled 80 00 00 20 06 25 ed 80 80 10 ML1600 s...

Страница 196: ...tate Des Bridge Des Port 09 TP 10 100 128 100 Forwarding 80 00 00 20 06 25 ed 80 80 09 10 TP 10 100 128 100 Disabled 80 00 00 20 06 25 ed 80 80 0a 11 TP 10 100 128 100 Disabled 80 00 00 20 06 25 ed 80 80 0b 12 TP 10 100 128 100 Disabled 80 00 00 20 06 25 ed 80 80 0c 13 TP 10 100 20 20 Forwarding 80 00 00 20 06 25 ed 80 80 0d 14 TP 10 100 128 100 Disabled 80 00 00 20 06 25 ed 80 80 0e 15 TP 10 100 ...

Страница 197: ...00 128 100 Disabled 80 00 00 20 06 25 ed 80 80 0f 16 TP 10 100 128 100 Disabled 80 00 00 20 06 25 ed 80 80 10 ML1600 stp show stp config STP CONFIGURATION Spanning Tree Enabled Global YES Spanning Tree Enabled Ports YES 9 10 11 12 13 14 15 16 Protocol Normal STP Bridge ID 80 00 00 20 06 25 ed 80 Bridge Priority 15535 Bridge Forward Delay 15 Bridge Hello Time 2 Bridge Max Age 20 Root Port 0 Root Pa...

Страница 198: ...l YES Spanning Tree Enabled Ports YES 9 10 11 12 13 14 15 16 Protocol Normal STP Bridge ID 80 00 00 20 06 25 ed 80 Bridge Priority 15535 Bridge Forward Delay 20 Bridge Hello Time 5 Bridge Max Age 30 Root Port 0 Root Path Cost 0 Designated Root 80 00 00 20 06 25 ed 80 Designated Root Priority 15535 Root Bridge Forward Delay 20 Root Bridge Hello Time 5 Root Bridge Max Age 30 RSTP CONFIGURATION Rapid...

Страница 199: ...age until all bridges in the network are sure to be aware of the new topology Using STP IEEE 802 1d recommended values this period lasts 30 seconds The Rapid Spanning Tree Protocol IEEE 802 1w is a further evolution of the 802 1d Spanning Tree Protocol It replaces the settling period with an active handshake between switches bridges that guarantees topology information to be rapidly propagated thr...

Страница 200: ...port in the forwarding state While in this state the port both learns addresses and participates in frame transfer while in this state The result of these enhanced states is that the IEEE 802 1d version of spanning tree STP can take a fairly long time to resolve all the possible paths and to select the most efficient path through the network The IEEE 802 1w Rapid reconfiguration of Spanning Tree s...

Страница 201: ...nce frames RSTP may have to be explicitly set to be compatible with STP This requires setting the Force Protocol Version parameter to be STP compatible This parameter should be set to all ports on a given switch 2 As indicated above one of the benefits of RSTP is the implementation of a larger range of port path costs that accommodates higher network speeds New default values have been implemented...

Страница 202: ...hown below port port number list range status enable disable migration enable edge enable disable p2p on off auto The p2p parameter sets the point to point value to off on all ports connected to shared LAN segments i e connections to hubs The default value is auto P2P ports would typically be end stations or computers on the network The edge parameter enables disables all ports connected to other ...

Страница 203: ...re the switch discards the information and updates the address table again Values range from 6 to 40 seconds with a default value of 20 Root Port Indicates the port number which is elected as the root port of the switch A root port of 0 indicates STP is disabled Root Path Cost A path cost is assigned to individual ports for the switch to determine which ports are the forwarding points A higher cos...

Страница 204: ... 25 ed 89 Bridge Priority 0 Bridge Forward Delay 15 Bridge Hello Time 2 Bridge Max Age 20 Root Port 0 Root Path Cost 0 Designated Root 80 00 00 20 06 25 ed 89 Designated Root Priority 0 Root Bridge Forward Delay 15 Root Bridge Hello Time 2 Root Bridge Max Age 20 Topology Change Count 0 Time Since Topology Chg 12 ML1600 rstp show stp config RSTP CONFIGURATION Rapid STP STP Enabled Global YES RSTP S...

Страница 205: ... can be Listening Learning Forwarding Blocking and Disabled Des Bridge This is the port s designated root bridge Des Port This is the port s designated root port Another example of the same command from a larger network with several switches is shown in Example 13 3 Note the show stp ports command can be executed from the manager level prompt or from RSTP configuration state as shown in the screen...

Страница 206: ...nd their value is 0 to 255 priority port number list range value 0 255 0 65535 A path cost is assigned to individual ports for the switch to determine which ports are the forwarding points A higher cost means the link is more expensive to use and falls in the passive mode compared to the link with a lower cost The value of the cost command ranges from 0 to 65535 with a default of 32768 cost port n...

Страница 207: ... timers forward delay 4 30 hello 1 10 age 6 40 The forward delay parameter indicates the time duration the switch will wait from listening to learning states and from learning to forwarding states The value ranges from 4 to 30 seconds with a default of 15 The hello parameter represents the time between messages being transmitted when the switch is the root device The value is 1 to 10 seconds with ...

Страница 208: ... Hello Time 02 Bridge Max Age 20 Root Port 0 Root Path Cost 0 Designated Root 80 00 00 20 06 25 ed 89 Designated Root Priority 0 Root Bridge Forward Delay 15 Root Bridge Hello Time 02 Root Bridge Max Age 20 Topology Change Count 0 Time Since Topology Chg 33 ML1600 rstp show stp ports RSTP Port Configuration Port Type Priority Path Cost State Des Bridge Des Port 09 TP 10 100 128 2000000 Forwarding ...

Страница 209: ...ce Topology Chg 100 ML1600 rstp forceversion rstp ML1600 rstp show forceversion Force Version Normal RSTP ML1600 rstp show stp config RSTP CONFIGURATION Rapid STP STP Enabled Global YES RSTP STP Enabled Ports 9 10 11 12 13 14 15 16 Protocol Normal RSTP Bridge ID 80 00 00 20 06 25 ed 89 Bridge Priority 0 Bridge Forward Delay 15 Bridge Hello Time 02 Bridge Max Age 20 Root Port 0 Root Path Cost 0 Des...

Страница 210: ...th Cost State Des Bridge Des Port 09 TP 10 100 128 2000000 Forwarding 80 00 00 20 06 25 ed 89 00 09 10 TP 10 100 128 2000000 Disabled 00 0a 11 TP 10 100 128 2000000 Disabled 00 0b 12 TP 10 100 128 2000000 Disabled 00 0c 13 TP 10 100 100 200000 Forwarding 80 00 00 20 06 25 ed 89 00 0d 14 TP 10 100 128 2000000 Disabled 00 0e 15 TP 10 100 128 2000000 Disabled 00 0f 16 TP 10 100 128 2000000 Disabled 0...

Страница 211: ...Port 09 TP 10 100 128 2000000 Forwarding 80 00 00 20 06 25 ed 89 00 09 10 TP 10 100 128 2000000 Disabled 00 0a 11 TP 10 100 128 2000000 Disabled 00 0b 12 TP 10 100 128 2000000 Disabled 00 0c 13 TP 10 100 100 250000 Forwarding 80 00 00 20 06 25 ed 89 00 0d 14 TP 10 100 128 2000000 Disabled 00 0e 15 TP 10 100 128 2000000 Disabled 00 0f 16 TP 10 100 128 2000000 Disabled 00 10 ML1600 rstp timers forwa...

Страница 212: ...ring only mode as shown below 5 All switches in the ring must use the same firmware revision The ring structure can demonstrate fast recovery times typically faster than what RSTP can recover from a single fault In many situations RSTP will recover in seconds whereas smart RSTP ring only mode will recover in milliseconds To configure Ring Only mode ensure the first three of the four situations des...

Страница 213: ...ccessfully set the RSTP status ML1600 rstp romode show RO MODE status Disabled RO MODE set on ports NONE ML1600 rstp romode add port 1 2 Added Ports 1 2 ML1600 rstp romode enable RSTP Ring Only Mode Enabled ML1600 rstp romode show RO MODE status Enabled RO MODE set on ports 1 2 ML1600 rstp romode disable RSTP Ring Only Mode Disabled ML1600 rstp romode show RO MODE status Disabled RO MODE set on po...

Страница 214: ...e root bridge Normally when STP is not enabled the switch designates itself as the root switch Root Path Cost A path cost is assigned to individual ports for the switch to determine which ports are the forwarding points A higher cost means more loops a lower cost fewer loops More loops equal more traffic and a tree which takes a long time to converge resulting in a slower system Root Port Indicate...

Страница 215: ...d updates the address table again The value ranges from 6 to 40 seconds with a default 20 Hold Time This is the minimum time period to elapse between the transmissions of configuration BPDUs through a given LAN Port At most one configuration BPDU shall be transmitted in any hold time period This parameter is a fixed parameter with values as specified in RSTP standard 3 seconds Topology Change A co...

Страница 216: ... SOFTWARE CHAPTER 13 RAPID SPANNING TREE PROTOCOL Once again if you are not familiar with the STP or RSTP parameter settings is best to use the default values Z Simply enable RSTP or STP and let the system default values prevail After RSTP is enabled the fields are updated Z Note the Status Time since TC and Designated Root values ...

Страница 217: ... be unplugged or turned off Values can be Listening Learning Forwarding Blocking and Disabled Path Cost This is the assigned port cost value used for the switch to determine the forwarding points Values range from 1 to 2000000 The lower the value the lower the cost and hence the preferred route The costs for different Ethernet speeds are shown below The STP path cost is compared to the RSTP path c...

Страница 218: ...d cannot support RSTP services Status is normally enabled in certain cases the Status can be set to disabled to turn off RSTP or STP on that port 13 3 2 Smart RSTP Ring Only Mode with EnerVista Secure Web Management Software A ring is a special case mesh structure In many networks network managers prefer to create a ring structure for topological redundancy and simplicity In a ring structure speci...

Страница 219: ...RNET COMMUNICATIONS SWITCH INSTRUCTION MANUAL 13 21 To configure ring only mode ensure the first three of the four situations described above are met To enable ring only mode first Z Enable RSTP by setting the STP Type to RSTP in the Administration Set STP Type menu Z Select the Configuration RSTP Bridge RSTP menu as shown below ...

Страница 220: ...3 RAPID SPANNING TREE PROTOCOL Z Click the Edit button to configure RSTP Z Once in Edit mode change the Status to Enable Z Save Configuration To reset RSTP back to normal mode select Normal RSTP for the Protocol setting Save the configuration by clicking on the icon Z Select the Configuration RSTP RO Mode menu as shown below ENABLE STATUS THEN SAVE ...

Страница 221: ...ERNET COMMUNICATIONS SWITCH INSTRUCTION MANUAL 13 23 Z Click the Edit button to configure RO Mode Z Select the desired ports as shown below then click OK to exit Note Only 2 ports can be selected to Ring Only Mode Z Select the Enabled option for the Status setting as shown below Z Save the configuration by clicking on the icon ...

Страница 222: ...13 24 MULTILINK ML1600 ETHERNET COMMUNICATIONS SWITCH INSTRUCTION MANUAL CONFIGURING STP RSTP WITH ENERVISTA SECURE WEB MANAGEMENT SOFTWARE CHAPTER 13 RAPID SPANNING TREE PROTOCOL ...

Страница 223: ...nments where there are time critical applications such as voice transmission or video conferencing which can be adversely effected by packet transfer delays or other latency in a network Most switches today implement buffers to queue incoming packets as well as outgoing packets In a queue mechanism normally the packet which comes in first leaves first FIFO and all the packets are serviced accordin...

Страница 224: ...ed in the LAN MAN and WAN DiffServ works by tagging each packet at the originating device or an intermediate switch for the requested level of service it requires across the network FIGURE 14 1 ToS and DSCP DiffServ inserts a 6 bit DiffServ code point DSCP in the type of service ToS field of the IP header as shown in the picture above Information in the DSCP allows nodes to determine the per hop b...

Страница 225: ...ular tag setting on a packet allows each queue to have different service levels MultiLink QoS implementations provide mapping of ToS or IP precedence to Class of Service CoS A CoS setting in an Ethernet Frame is mapped to the ToS byte of the IP packet and vice versa A ToS level of 1 equals a CoS level of 1 This provides end to end priority for the traffic flow when MultiLink switches are deployed ...

Страница 226: ...is a number calculated from the IP precedence setting for a packet This weight is used in an algorithm to determine when the packet will be serviced The show portweight command displays the weight settings on a port show portweight As mentioned previously the switch is capable of detecting higher priority packets marked with precedence by the IP forwarder and can schedule them faster providing sup...

Страница 227: ...ved packets to be transmitted as tagged from the priority queue set untag port port list range priority high low tag 0 7 Table 14 1 Port weight settings Value Hardware traffic queue behavior 0 No priority traffic is sent alternately from each queue and packets are queued alternately in each queue 1 Two packets are sent from the HIGH priority queue and one packet from LOW priority queue 2 Four pack...

Страница 228: ...aneDoe E H 10Tx DOWN 10 No E 1 13 B5 E F 100Tx UP 100 No E 1 14 B6 E H 10Tx DOWN 10 No E 1 15 B7 E H 10Tx DOWN 10 No E 1 16 B8 E H 10Tx DOWN 10 No E 1 ML1600 qos ML1600 qos setqos type port port 10 priority high ML1600 qos Successfully set QOS ML1600 qos show qos PORT QOS STATUS 9 None UP 10 Port DOWN 11 None DOWN 12 None DOWN 13 None UP 14 None DOWN 15 None DOWN 16 None DOWN ML1600 qos show qos t...

Страница 229: ...ORT QOS STATUS 9 UP 10 DOWN 11 6 DOWN 12 DOWN 13 UP 14 DOWN 15 DOWN 16 DOWN ML1600 qos setqos port 12 priority high type tag tag 5 Successfully set QOS ML1600 qos show qos type tag PORT QOS STATUS 9 UP 10 DOWN 11 6 DOWN 12 5 DOWN 13 UP 14 DOWN 15 DOWN 16 DOWN ML1600 qos show portweight Port priority Weight set to 1 High 1 Low ML1600 qos set weight weight 4 ML1600 qos show portweight Port priority ...

Страница 230: ...TION MANUAL CONFIGURING QOS THROUGH THE COMMAND LINE INTERFACE CHAPTER 14 QUALITY OF SERVICE Configuring QoS continued ML1600 qos show qos PORT QOS STATUS 9 None UP 10 Port DOWN 11 Tag DOWN 12 Tag DOWN 13 None UP 14 None DOWN 15 None DOWN 16 None DOWN ML1600 qos ...

Страница 231: ... 9 14 3 Configuring QoS with EnerVista Secure Web Management Software 14 3 1 Description Z To access QoS settings select the Configuration QoS menu items Z Select the Port and the type of QoS ToS settings The following window illustrates the setting of port 14 for port based QoS with a high priority Note the sections on Tag and TOS are ignored for Port settings ...

Страница 232: ...ECURE WEB MANAGEMENT SOFTWARE CHAPTER 14 QUALITY OF SERVICE After the port QoS settings are completed the changes are reflected on the QoS menu screen The port 14 QoS settings indicate high priority set Next a tag based QoS is enabled on port 17 Note that only the menu area for the tag setting is relevant ...

Страница 233: ...MENT SOFTWARE MULTILINK ML1600 ETHERNET COMMUNICATIONS SWITCH INSTRUCTION MANUAL 14 11 After the Tag QoS settings are completed the changes are reflected on the QoS menu screen In the following window a ToS is enabled on Port 19 As before only the ToS level settings are relevant ...

Страница 234: ...OS WITH ENERVISTA SECURE WEB MANAGEMENT SOFTWARE CHAPTER 14 QUALITY OF SERVICE Note that the different settings are clear from the window below Port 14 has port based QoS port 15 has tag based QoS and port 16 is using ToS Z After all changes are made save the changes using the save icon ...

Страница 235: ...casting is defined as the transmission of an IP datagram to a host group a set of zero or more hosts identified by a single IP destination address A multicast datagram is delivered to all members of its destination host group with the same best efforts reliability as regular unicast IP datagrams i e the datagram is not guaranteed to arrive at all members of the destination group or in the same ord...

Страница 236: ... multicast group address The multicast group running version 2 of IGMP uses three fundamental types of messages to communicate Query A message sent from the querier multicast router or switch asking for a response from each host belonging to the multicast group If a multicast router supporting IGMP is not present then the switch must assume this function in order to elicit group membership informa...

Страница 237: ...non members Thus sends large amounts of unwanted multicast traffic to PCs 2 and 3 Switch 2 is recognizing IGMP traffic and learns that PC 4 is in the IP multicast group receiving multicast data from the video server PC X Switch 2 then sends the multicast data only to PC 4 thus avoiding unwanted multicast traffic on the ports for PCs 5 and 6 The next figure below shows a network running IP multicas...

Страница 238: ...ding IP multicast traffic on all ports of switches 1 and 2 IGMP must be configured on both switches 1 and 2 and the port on switch 3 that connects to switch 1 must be unblocked 15 1 3 IP Multicast Filters IP multicast addresses occur in the range from 224 0 0 0 through 239 255 255 255 which corresponds to the Ethernet multicast address range of 01005e 000000 through 01005e 7fffff in hexadecimal De...

Страница 239: ...es to solicit group membership information Hosts on the network that are members of a multicast group send report messages When a host leaves a group it sends a leave group message The difference between Version 1 and Version 2 is that version 1 does not have a Leave mechanism for the host The MultiLink family of switches do pruning when there is a leave message or a time expires on a port we prun...

Страница 240: ... Querier Enabled Querier Interval 125 Querier Response Interval 10 Multicasting Unknown Streams Enable ML1600 igmp The output of the show igmp command provides the following useful information IGMP State shows if IGMP is turned on Enable or off Disable Immediate Leave provides a mechanism for a particular host that wants to leave a multicast group It disables the port where the leave message is re...

Страница 241: ...o set the port characteristics use the set port command in the IGMP configuration mode set port port port list range mode auto forward block The show port command displays the port characteristics for IGMP show port The show router command displays detected IGMP enabled router ports show router The set leave command enables or disables the switch to immediately process a host sending a leave messa...

Страница 242: ...Example The following example shows how to configure IGMP Example 15 1 Configuring IGMP ML1600 igmp set port port 10 12 mode forward Port mode is set ML1600 igmp show port Port Mode 09 Auto 10 Forwarding 11 Forwarding 12 Forwarding 13 Auto 14 Auto 15 Auto 16 Auto ML1600 igmp show router RouterIp PortNo Timer 10 21 1 250 9 25 continued on next page ...

Страница 243: ... Unknown Streams Enabled ML1600 igmp set querier enable IGMP querier status is enabled ML1600 igmp show igmp IGMP State Enabled ImmediateLeave Disabled Querier Enabled Querier Interval 125 Querier Response Interval 10 Multicasting Unknown Streams Enabled ML1600 igmp set querier disable IGMP querier status is disabled ML1600 igmp show igmp IGMP State Enabled ImmediateLeave Disabled Querier Disabled...

Страница 244: ...esponse Interval 11 Multicasting Unknown Streams Enabled ML1600 igmp mcast disable MCAST is disabled ML1600 igmp show igmp IGMP State Enabled ImmediateLeave Disabled Querier Disabled Querier Interval 127 Querier Response Interval 11 Multicasting Unknown Streams Disabled ML1600 igmp mcast enable MCAST is enabled ML1600 igmp show igmp IGMP State Enabled ImmediateLeave Disabled Querier Disabled Queri...

Страница 245: ...enu allows the IGMP parameters to be set and provides information on IGMP groups and routers This screen allows the IGMP parameters to be set and provides the information of IGMP groups and routers Z Click on the Edit button to edit the IGMP parameters This screen also enables and disables IGMP Changes are reflected on the Configuration IGMP Information screen The groups and routers screen display...

Страница 246: ...15 12 MULTILINK ML1600 ETHERNET COMMUNICATIONS SWITCH INSTRUCTION MANUAL CONFIGURING IGMP WITH ENERVISTA SECURE WEB MANAGEMENT SOFTWARE CHAPTER 15 IGMP ...

Страница 247: ...he years since 1988 using the RFC process Several RFCs define the SNMP standards The most common standards for SNMP are SNMP v1 the original version of SNMP SNMP v2 and finally SNMP v3 SNMP is a poll based mechanism SNMP manager polls the managed device for information and display the information retrieved in text or graphical manner Some definitions related to SNMP are Authentication The process ...

Страница 248: ...where they are prevented from being disclosed on a network Encryption is performed with an algorithm called CBC DES DES 56 Read view A view name not to exceed 64 characters for each group that defines the list of object identifiers OIDs that are accessible for reading by users belonging to the group Security level A type of security algorithm performed on each SNMP packet The three levels are noau...

Страница 249: ...fining SNMP MNS supports the following RFC s and standards SNMPv1 standards Security via configuration of SNMP communities Event reporting via SNMP Managing the switch with an SNMP network management tool Supported Standard MIBs include SNMP MIB II RFC 1213 Bridge MIB RFC 1493 ifGeneralGroup ifRcvAddressGroup ifStackGroup RMON MIB RFC 1757 RMON groups 1 2 3 and 9 Statistics Events Alarms and Histo...

Страница 250: ...work Management Framework SNMPv2 Working Group RFC 2271 2275 SNMPv3 RFC 2104 Keyed Hashing for Message Authentication RFC 2271 An Architecture for Describing SNMP Management Frameworks RFC 2272 Message Processing and Dispatching for the Simple Network Management Protocol SNMP RFC 2273 SNMPv3 Applications RFC 2274 User Based Security Model USM for version 3 of the Simple Network Management Protocol...

Страница 251: ...contact syslocation string The quickcfg command automatically configures a default VACM view based access control model This allows any manager station to access the ML1600 either via SNMP v1 v2c or v3 The community name is public This command is only intended for first time users and values can be changed by administrators who want more strict access quickcfg The engineid command allows the user ...

Страница 252: ...nd displays all or specific group entries The id argument is optional and is the number corresponding to the group entry number in the table show group id id The view command defines a manager or group or manager stations what it can access inside the MIB object tree Up to 10 entries can be specified This part of the View based Access Control Model VACM as defined in RFC 2275 view add delete id id...

Страница 253: ...ation Information System Name ML1600 System Location Markham ON System Contact multilin tech ge com Authentication Trap Disabled Default Trap Comm public V3 Engine ID Multi_Switch_Engine ML1600 snmpv3 ML1600 snmpv3 setvar sysname ml1600 syscontact admin syslocation ML1600 snmpv3 quickcfg This will enable default VACM Do you wish to proceed Y or N Y Quick configuration done default VACM enabled ML1...

Страница 254: ...07 Community Auth Type ML1600 snmpv3 com2sec add id 1 secname public source default community pu Entry is added successfully ML1600 snmpv3 com2sec add id 2 ERROR secname parameter is required for add directive ML1600 snmpv3 com2sec add id 2 secname BCM Entry is added successfully ML1600 snmpv3 show com2sec ID Sec Name Source Community 1 public default public 2 BCM default public 3 4 5 6 7 8 9 10 M...

Страница 255: ... snmpv3 show group id 1 Group ID 1 Group Name v1 Model v1 Com2Sec ID 1 ML1600 snmpv3 view add id 1 viewname all type included subtree 1 Entry is added successfully ML1600 snmpv3 show view ID View Name Type Subtree Mask 1 all included 1 ff 2 3 4 5 6 7 8 9 10 ML1600 snmpv3 show view id 1 View ID 1 View Name all Type included Subtree 1 Mask ff ML1600 snmpv3 access add id 1 accessname v1 model v1 leve...

Страница 256: ...v1 Sec Model v1 Sec Level noauth Read View ID 1 Write View ID none Notify View ID none Context Prefix exact ML1600 snmpv3 user add id 1 username jsmith usertype readwrite authpass something Entry is added successfully ML1600 snmpv3 show user ID User Name UType AuthPass PrivPass AType Level Subtree 1 jsmith RW something MD5 auth 2 3 4 5 ML1600 snmpv3 show user id 2 ERROR Entry is not active ML1600 ...

Страница 257: ...ease refer to Configuring SNMP through the Command Line Interface on page 16 5 SNMP variables are used in conjunction with Alert definitions Alert Definitions are covered in the next chapter Z To configure SNMP select the Configuration SNMP menu item Z Use the Edit button to change the SNMP community parameters Z Use the Add buttons to add the MGMNT and trap receivers The following window illustra...

Страница 258: ...dd button on the SNMP menu screen Z Make sure that each station can be pinged from the switch by using the Administration Ping menu Z When done adding stations click OK When adding SNMP trap receivers Z Click on the Add button on the SNMP menu screen Z Make sure that each station can be pinged from the switch by using the Administration Ping menu Z Determine which sorts of traps each station will ...

Страница 259: ...ATIONS SWITCH INSTRUCTION MANUAL 16 13 Z Note the different types of trap receivers added Stations can be deleted using the delete icon To change the stations characteristics or IP addresses it is recommended to delete the station and add a new one Z After all changes are made save the changes using the save icon ...

Страница 260: ...traps are generated when RMON alarms are triggered 16 4 2 Commands The following RMON communities when defined enable the specific RMON group as show above The rmon command enter the RMON configuration mode to setup RMON groups and communities rmon The history command defines the RMON history group and the community string associated with the group history def owner string def comm string The stat...

Страница 261: ...MP CONFIGURING RMON MULTILINK ML1600 ETHERNET COMMUNICATIONS SWITCH INSTRUCTION MANUAL 16 15 ML1600 rmon show rmon event RMON Event Default Owner test RMON Event Default Community somestring ML1600 rmon exit ML1600 ...

Страница 262: ...16 16 MULTILINK ML1600 ETHERNET COMMUNICATIONS SWITCH INSTRUCTION MANUAL CONFIGURING RMON CHAPTER 16 SNMP ...

Страница 263: ...g or activating an external relay to electrically trigger any circuit desired These could be an indicator light a flashing strobe light an audible alarm or other devices The MultiLink family of switches has a software optional controlled relay contact that can be use to report alarm conditions The relay is held closed in normal circumstances and will go to the open position during alarm conditions...

Страница 264: ...lay The time is in seconds with a default of 3 period time 1 10 The del command disables alarm action in response to the specified event ID del event event id list range all The alarm command globally enables or disables the alarm action alarm enable disable The show alarm command displays the current status of alarm system show alarm An example of setting up the external relays and alerts is show...

Страница 265: ...k Loss Learn Triggered MOMENTARY 11 Broadcast Storm Detected MOMENTARY 12 STP RSTP Reconfigured MOMENTARY ML1600 alarm alarm enable Alarm system Enabled ML1600 alarm show alarm Alarm Events Configuration Alarm Status ENABLED Relay Closure Time Period 5 Seconds EventId Description Mode 1 S RING OPEN SUSTAINED 2 Cold Start MOMENTARY 3 Warm Start MOMENTARY 4 Link Up MOMENTARY 5 Link Down MOMENTARY 6 ...

Страница 266: ...bled Event 6 is Already Enabled Event 8 is Already Enabled Alarm Event s Added 7 9 10 11 12 ML1600 alarm del event 2 Alarm Event s Deleted 2 ML1600 alarm period time 5 Relay closure Time Set ML1600 alarm show alarm Alarm Events Configuration Alarm Status DISABLED Relay Closure Time Period 5 Seconds EventId Description Mode 1 S RING OPEN SUSTAINED 2 Cold Start NOT ENABLED 3 Warm Start MOMENTARY 4 L...

Страница 267: ...t using the drop down menu Z After changing the Alarm settings save the configuration using the save icon Alarm relays continued ML1600 alarm show alarm Alarm Events Configuration Alarm Status DISABLED Relay Closure Time Period 5 Seconds EventId Description Mode 1 S RING OPEN NOT ENABLED 2 Cold Start MOMENTARY 3 Warm Start NOT ENABLED 4 Link Up MOMENTARY 5 Link Down NOT ENABLED 6 Authentication Fa...

Страница 268: ...tup on the mail server so that all e mails indicating SNMP faults are automatically stored in a folder or redirected to the necessary administrators The SNMP alerts can be configured using the MultiLink Switch Software for the following Send e mail alert according to the configuration rules when a specific event category happens Send e mail alert according to the configuration rules when a specifi...

Страница 269: ... implies that events of severity types activity critical and fatal will be sent to recipients by e mail If this option is not defined a value of all is taken The optional ip parameter represents the SMTP server IP address This is the SMTP server to connect to for this particular user If this option is not defined the global default SMTP server is used The optional port parameter specifies the TCP ...

Страница 270: ...on ML1600 smtp show smtp config SMTP Global Configuration Status Disabled SMTP Server Host 3 94 210 25 SMTP Server Domain ge com SMTP Server Port 25 Retry Count 3 ML1600 smtp add id 1 email jsmith ge com traps s events CF Recipient successfully added ML1600 smtp add id 2 email xyz abc com traps all events all ip 3 30 154 28 port 25 Recipient successfully added ML1600 smtp show smtp recipients ID E...

Страница 271: ...ment Software allows for the display of several statistics in a graphical format These are described below To view statistics Z Select the Configuration Statistics menu item To view port specific statistics Z Select the Configuration Statistics Port Statistics menu item Each port can be viewed by clicking on the back or forward buttons Each group represents different statistics The following figur...

Страница 272: ...17 10 MULTILINK ML1600 ETHERNET COMMUNICATIONS SWITCH INSTRUCTION MANUAL STATISTICS CHAPTER 17 MISCELLANEOUS COMMANDS The following figure displays the port statistics for group 3 ...

Страница 273: ...IFO buffer used in the MultiLink switches is not overrun The important parameters to set for any serial connectivity software is to set the line delay to be 500 ms and the character delay to be 50 ms For example using HyperTerminal this can be set under File Properties Z When the Properties window is open click on the ASCII Setup button Z In the Line Delay entry box enter in 500 Z In the Character...

Страница 274: ...peats the last command The 1 2 n commands repeat the nth command as indicated by a show history n The show history command displays the last 25 executed commands If less than 25 commands were executed only those commands executed are shown show history The history is cleared if the user logs out or if the switch times out The history count restarts when the user logs in The show version command di...

Страница 275: ...unt 1 time 20ms 3 94 248 61 is alive count 2 time 20ms 3 94 248 61 is alive count 3 time 40ms ML1600 Many devices do not respond to ping or block ping commands Make sure that the target device responds or the network allows the ping packets to propagate 17 6 2 Ping through EnerVista Secure Web Management Software The ping command can be used from EnerVista Secure Web Management Software to test co...

Страница 276: ...ed to set the prompt These are n system name c system contact l system location i system IP address m system MAC address v version the dollar sign character r new line b space A few examples on how the system prompt can be setup are shown below ML1600 snmp ML1600 snmp setvar sysname Core System variable s set successfully ML1600 snmp exit ML1600 set prompt n Core set prompt n b i Core 192 168 5 5 ...

Страница 277: ... event message Once the log has received 1000 entries it discards the current oldest line with information level severity only each time a new line is received The event log window contains 22 log entry lines and can be positioned to any location in the log 17 8 2 Command Line Interface Example The following example illustrates a typical event log Example 17 3 Typical system event log ML1600 show ...

Страница 278: ...for example html for an HTML file ML1600 exportlog mode tftp 192 168 5 2 file eventlog doctype html Do you wish to export the event logs Y or N Y Successfully uploaded the event log file ML1600 exportlog mode tftp 192 168 5 2 file eventlog txt doctype raw Do you wish to export the event logs Y or N Y Successfully uploaded the event log file 17 8 3 EnerVista Example The EnerVista Secure Web Managem...

Страница 279: ...y informational logs are displayed The Clear button clears all the logs To prevent accidental erasures you will be prompted again if the logs should be deleted The Event Log records operating events as single line entries listed in chronological order For details on event log records refer to Description on page 17 15 17 8 4 Subsystem Event List For the alerts the events per subsystem function are...

Страница 280: ...nauthorized on Port u I Auth User s Authenticated as s I Auth Set Address Age to u I Auth Authentication Module Initialization I Bridge Bridging Module Initialization I Bridge Switch Hardware Initialization I Bridge MAC Address Table Initialization I Event Event Log Module Initialization I Event Event Log Full E Event Failed to Log Event E IGMP IGMP Enabled I IGMP IGMP Disabled I IGMP IGMP Querier...

Страница 281: ...Mirroring sniffer I RMON RMON Raising Alarm Trap Sent I RMON RMON Falling Alarm Trap Sent I RMON RMON Added History Control Entry I RMON RMON Deleted History Control entry I RMON RMON Added Event Control entry I RMON RMON Deleted Event Control entry I RMON RMON Added Alarm Control entry I RMON RMON Deleted Alarm Control entry I RMON RMON Initialization I SMTP SMTP Module Initialization I SMTP SMTP...

Страница 282: ...idge Priority u I STP STP Set Port u Priority u I STP STP Set Port Path Cost u I STP STP Set Port State s I STP STP Set Port Timers u I STP Spanning Tree Initialization I System Memory Allocation Failure F System Semaphore Creation Failure F System Failure to Register with Database F System Failure to Restore Configuration F System Using Default Configuration F System Failure Writing Flash Storage...

Страница 283: ...ate show daylight displays the configured daylight savings settings show gateway displays the gateway of the system show gvrp displays the GVRP parameters show host displays the host table for FTP users show igmp displays the IGMP parameters show interfaces display the interface information show ip displays the system IP address show ip access displays the IP address access list show ipconfig disp...

Страница 284: ... system inactivity time out show timezone displays the configured time zone of the device show uptime displays up time of the system show users displays all configured users show version displays current version of the software show vlan displays the VLAN parameters of a specified type show web The set commands are listed below set bootmode set date year set daylight country set prompt set logsize...

Страница 285: ...ote system through telnet terminal to set the terminal size xmodem 17 9 2 Configuration Commands The access commands are shown below allow allows the IP address deny denies the IP address dhcp enables or disables the DHCP modbus enables or disabled access to the Modbus map remove removeall snmp enables or disables SNMP ssl telnet web The alarm commands are shown below Refer to Alarm Relays on page...

Страница 286: ...VRP parameters for dynamic VLAN set forbid sets forbidden ports for a tag based VLAN show ports show ports current GVRP state show forbid show forbidden ports for tag based VLAN set ports set GVRP port state usage show vlan shows dynamic static tag based VLANs static convert dynamic VLAN to static VLAN The IGMP commands are shown below Refer to IGMP on page 15 1 for additional details mcast set le...

Страница 287: ...setqos configures QOS configuration usage set untag set weight sets the port priority weights for all the ports in all the device show portweight displays the current port weight priority The remote monitoring RMON commands are shown below Refer to Configuring RMON on page 16 14 for additional details alarm sets the owner for the alarm group event sets the owner for the event group help rmon histo...

Страница 288: ... manager IP setvar configures system name contact or location traps adds or deletes a trap receiver The Simple Network Time Protocol SNTP commands are shown below Refer to Network Time on page 5 10 for additional details delete deletes the SNTP server from SNTP server database help sntp setsntp adds SNTP server into the SNTP server database sntp configures parameters for SNTP system sync sets the ...

Страница 289: ... ML1600 ETHERNET COMMUNICATIONS SWITCH INSTRUCTION MANUAL 17 27 useraccess The VLAN commands are shown below Refer to VLAN on page 10 1 for additional details add delete edit save set egress set ingress set port show egress show ingress show port start stop vlan ...

Страница 290: ...17 28 MULTILINK ML1600 ETHERNET COMMUNICATIONS SWITCH INSTRUCTION MANUAL COMMAND REFERENCE CHAPTER 17 MISCELLANEOUS COMMANDS ...

Страница 291: ...t and contents of message fields The Modbus protocol thus operates at the layer 7 of the OSI 7 layer stack Additional information on Modbus can be found at http www modbus org and other related sites RFC 1122 Requirements for Internet Hosts Communication Layers defines how Modbus packets can be carried over a TCP IP transport and how Modicon controllers or other PLC devices can communicate over a ...

Страница 292: ...5 ML1600 access ML1600 access modbus enable Enabling Access to Modbus ML1600 access show modbus Access to Modbus enabled Modbus is Using Port 502 Modbus is Using Device 5 ML1600 access modbus port 602 Modbus Port is set ML1600 access show modbus Access to Modbus enabled Modbus is Using Port 602 Modbus is Using Device 5 ML1600 access modbus port default Modbus Port Set to Default ML1600 access show...

Страница 293: ...1 0 002F Netmask byte 1 1 to 254 1 F1 0 0030 Netmask byte 2 1 to 254 1 F1 0 0031 Netmask byte 3 1 to 254 1 F1 0 0032 Gateway byte 0 1 to 254 1 F1 0 0033 Gateway byte 1 1 to 254 1 F1 0 0034 Gateway byte 2 1 to 254 1 F1 0 0035 Gateway byte 3 1 to 254 1 F1 0 0036 MAC address 3 registers String Varies 0039 Order code 16 registers String Varies 0049 Power alarm 1 0 to 1 1 F2 0 004A Power alarm 2 0 to 1...

Страница 294: ... 0 to 6 1 F4 Varies 0075 Port 32 type 0 to 6 1 F4 Varies 0076 Port 1 link status 0 to 1 1 F3 0 0077 Port 2 link status 0 to 1 1 F3 0 0078 Port 3 link status 0 to 1 1 F3 0 0079 Port 4 link status 0 to 1 1 F3 0 007A Port 5 link status 0 to 1 1 F3 0 007B Port 6 link status 0 to 1 1 F3 0 007C Port 7 link status 0 to 1 1 F3 0 007D Port 8 link status 0 to 1 1 F3 0 007E Port 9 link status 0 to 1 1 F3 0 0...

Страница 295: ...to 1 1 F3 0 00A2 Port 13 STP state 0 to 1 1 F3 0 00A3 Port 14 STP state 0 to 1 1 F3 0 00A4 Port 15 STP state 0 to 1 1 F3 0 00A5 Port 16 STP state 0 to 1 1 F3 0 00A6 Port 17 STP state 0 to 1 1 F3 0 00A7 Port 18 STP state 0 to 1 1 F3 0 00A8 Port 19 STP state 0 to 1 1 F3 0 00A9 Port 20 STP state 0 to 1 1 F3 0 00AA Port 21 STP state 0 to 1 1 F3 0 00AB Port 22 STP state 0 to 1 1 F3 0 00AC Port 23 STP s...

Страница 296: ...DA Port 1 Number of frames received 0 to 4294967295 1 F9 0 00DC Port 1 Number of frames sent 0 to 4294967295 1 F9 0 00DE Port 1 Total bytes received 0 to 4294967295 1 F9 0 00E0 Port 1 Total frames received 0 to 4294967295 1 F9 0 00E2 Port 1 Number of broadcast frames received 0 to 4294967295 1 F9 0 00E4 Port 1 Number of multicast frames received 0 to 4294967295 1 F9 0 00E6 Port 1 Number of frames ...

Страница 297: ... sent 0 to 4294967295 1 F9 0 012A Port 2 Number of 256 to 511 byte frames received sent 0 to 4294967295 1 F9 0 012C Port 2 Number of 512 to 1023 byte frames received sent 0 to 4294967295 1 F9 0 012E Port 2 Number of 1023 to maximum byte frames received sent 0 to 4294967295 1 F9 0 0130 Port 2 Number of MAC error packets 0 to 4294967295 1 F9 0 0132 Port 2 Number of dropped received packets 0 to 4294...

Страница 298: ...s occurred 0 to 4294967295 1 F9 0 0186 Port 4 Number of late collisions occurred 0 to 4294967295 1 F9 0 0188 Port 4 Number of 64 byte frames received sent 0 to 4294967295 1 F9 0 018A Port 4 Number of 65 to 127 byte frames received sent 0 to 4294967295 1 F9 0 018C Port 4 Number of 128 to 255 byte frames received sent 0 to 4294967295 1 F9 0 018E Port 4 Number of 256 to 511 byte frames received sent ...

Страница 299: ... with CRC error 0 to 4294967295 1 F9 0 01E2 Port 6 Number of oversized frames received 0 to 4294967295 1 F9 0 01E4 Port 6 Number of bad fragments received 64 bytes 0 to 4294967295 1 F9 0 01E6 Port 6 Number of jabber frames received 0 to 4294967295 1 F9 0 01E8 Port 6 Number of collisions occurred 0 to 4294967295 1 F9 0 01EA Port 6 Number of late collisions occurred 0 to 4294967295 1 F9 0 01EC Port ...

Страница 300: ...otal bytes received 0 to 4294967295 1 F9 0 023E Port 8 Total frames received 0 to 4294967295 1 F9 0 0240 Port 8 Number of broadcast frames received 0 to 4294967295 1 F9 0 0242 Port 8 Number of multicast frames received 0 to 4294967295 1 F9 0 0244 Port 8 Number of frames with CRC error 0 to 4294967295 1 F9 0 0246 Port 8 Number of oversized frames received 0 to 4294967295 1 F9 0 0248 Port 8 Number o...

Страница 301: ...mber of bytes received 0 to 4294967295 1 F9 0 029A Port 10 Number of bytes sent 0 to 4294967295 1 F9 0 029C Port 10 Number of frames received 0 to 4294967295 1 F9 0 029E Port 10 Number of frames sent 0 to 4294967295 1 F9 0 02A0 Port 10 Total bytes received 0 to 4294967295 1 F9 0 02A2 Port 10 Total frames received 0 to 4294967295 1 F9 0 02A4 Port 10 Number of broadcast frames received 0 to 42949672...

Страница 302: ...d received packets 0 to 4294967295 1 F9 0 02F6 Port 11 Number of multicast frames sent 0 to 4294967295 1 F9 0 02F8 Port 11 Number of broadcast frames sent 0 to 4294967295 1 F9 0 02FA Port 11 Number of 64 byte fragments with good CRC 0 to 4294967295 1 F9 0 02FC Port 12 Number of bytes received 0 to 4294967295 1 F9 0 02FE Port 12 Number of bytes sent 0 to 4294967295 1 F9 0 0300 Port 12 Number of fra...

Страница 303: ...received sent 0 to 4294967295 1 F9 0 0352 Port 13 Number of 512 to 1023 byte frames received sent 0 to 4294967295 1 F9 0 0354 Port 13 Number of 1023 to maximum byte frames received sent 0 to 4294967295 1 F9 0 0356 Port 13 Number of MAC error packets 0 to 4294967295 1 F9 0 0358 Port 13 Number of dropped received packets 0 to 4294967295 1 F9 0 035A Port 13 Number of multicast frames sent 0 to 429496...

Страница 304: ...urred 0 to 4294967295 1 F9 0 03AE Port 15 Number of 64 byte frames received sent 0 to 4294967295 1 F9 0 03B0 Port 15 Number of 65 to 127 byte frames received sent 0 to 4294967295 1 F9 0 03B2 Port 15 Number of 128 to 255 byte frames received sent 0 to 4294967295 1 F9 0 03B4 Port 15 Number of 256 to 511 byte frames received sent 0 to 4294967295 1 F9 0 03B6 Port 15 Number of 512 to 1023 byte frames r...

Страница 305: ...zed frames received 0 to 4294967295 1 F9 0 040A Port 17 Number of bad fragments received 64 bytes 0 to 4294967295 1 F9 0 040C Port 17 Number of jabber frames received 0 to 4294967295 1 F9 0 040E Port 17 Number of collisions occurred 0 to 4294967295 1 F9 0 0410 Port 17 Number of late collisions occurred 0 to 4294967295 1 F9 0 0412 Port 17 Number of 64 byte frames received sent 0 to 4294967295 1 F9 ...

Страница 306: ...ames received 0 to 4294967295 1 F9 0 0466 Port 19 Number of broadcast frames received 0 to 4294967295 1 F9 0 0468 Port 19 Number of multicast frames received 0 to 4294967295 1 F9 0 046A Port 19 Number of frames with CRC error 0 to 4294967295 1 F9 0 046C Port 19 Number of oversized frames received 0 to 4294967295 1 F9 0 046E Port 19 Number of bad fragments received 64 bytes 0 to 4294967295 1 F9 0 0...

Страница 307: ...0 Port 21 Number of bytes sent 0 to 4294967295 1 F9 0 04C2 Port 21 Number of frames received 0 to 4294967295 1 F9 0 04C4 Port 21 Number of frames sent 0 to 4294967295 1 F9 0 04C6 Port 21 Total bytes received 0 to 4294967295 1 F9 0 04C8 Port 21 Total frames received 0 to 4294967295 1 F9 0 04CA Port 21 Number of broadcast frames received 0 to 4294967295 1 F9 0 04CC Port 21 Number of multicast frames...

Страница 308: ...ulticast frames sent 0 to 4294967295 1 F9 0 051E Port 22 Number of broadcast frames sent 0 to 4294967295 1 F9 0 0520 Port 22 Number of 64 byte fragments with good CRC 0 to 4294967295 1 F9 0 0522 Port 23 Number of bytes received 0 to 4294967295 1 F9 0 0524 Port 23 Number of bytes sent 0 to 4294967295 1 F9 0 0526 Port 23 Number of frames received 0 to 4294967295 1 F9 0 0528 Port 23 Number of frames ...

Страница 309: ...frames received sent 0 to 4294967295 1 F9 0 057A Port 24 Number of 1023 to maximum byte frames received sent 0 to 4294967295 1 F9 0 057C Port 24 Number of MAC error packets 0 to 4294967295 1 F9 0 057E Port 24 Number of dropped received packets 0 to 4294967295 1 F9 0 0580 Port 24 Number of multicast frames sent 0 to 4294967295 1 F9 0 0582 Port 24 Number of broadcast frames sent 0 to 4294967295 1 F9...

Страница 310: ...ent 0 to 4294967295 1 F9 0 05D6 Port 26 Number of 65 to 127 byte frames received sent 0 to 4294967295 1 F9 0 05D8 Port 26 Number of 128 to 255 byte frames received sent 0 to 4294967295 1 F9 0 05DA Port 26 Number of 256 to 511 byte frames received sent 0 to 4294967295 1 F9 0 05DC Port 26 Number of 512 to 1023 byte frames received sent 0 to 4294967295 1 F9 0 05DE Port 26 Number of 1023 to maximum by...

Страница 311: ...ragments received 64 bytes 0 to 4294967295 1 F9 0 0632 Port 28 Number of jabber frames received 0 to 4294967295 1 F9 0 0634 Port 28 Number of collisions occurred 0 to 4294967295 1 F9 0 0636 Port 28 Number of late collisions occurred 0 to 4294967295 1 F9 0 0638 Port 28 Number of 64 byte frames received sent 0 to 4294967295 1 F9 0 063A Port 28 Number of 65 to 127 byte frames received sent 0 to 42949...

Страница 312: ...cast frames received 0 to 4294967295 1 F9 0 068E Port 30 Number of multicast frames received 0 to 4294967295 1 F9 0 0690 Port 30 Number of frames with CRC error 0 to 4294967295 1 F9 0 0692 Port 30 Number of oversized frames received 0 to 4294967295 1 F9 0 0694 Port 30 Number of bad fragments received 64 bytes 0 to 4294967295 1 F9 0 0696 Port 30 Number of jabber frames received 0 to 4294967295 1 F9...

Страница 313: ...r of bytes sent 0 to 4294967295 1 F9 0 06E8 Port 32 Number of frames received 0 to 4294967295 1 F9 0 06EA Port 32 Number of frames sent 0 to 4294967295 1 F9 0 06EC Port 32 Total bytes received 0 to 4294967295 1 F9 0 06EE Port 32 Total frames received 0 to 4294967295 1 F9 0 06F0 Port 32 Number of broadcast frames received 0 to 4294967295 1 F9 0 06F2 Port 32 Number of multicast frames received 0 to ...

Страница 314: ...gisters Encoded in big endian F1 16 bit unsigned integer F2 Enumeration power alarm 0 power supply good 1 power supply fail F3 Enumeration OFF ON 0 Off 1 On F4 Enumeration port type 0 Giga GBIC 1 Copper TP 2 Fiber 10 3 Fiber 100 4 Giga 10 100 1000 triple speed 5 Giga Copper 1000 TP 6 Giga SFP F9 32 bit unsigned long String A sequence of octets packed 2 to one register in sequence ...

Страница 315: ...ber Revision Release date 1601 0221 A1 1 0 x 27 May 2005 1601 0221 A2 1 0 x 11 July 2005 1601 0221 A3 1 0 x 16 September 2005 1601 0221 A4 1 6 1 09 June 2006 1601 0221 A5 1 7 3 18 August 2006 1601 0221 A6 1 7 x 9 January 2007 1601 0221 A7 1 7 x 24 January 2007 1601 0221 A8 1 7 x 25 May 2007 1601 0221 A9 2 0 x 16 October 2007 1601 0221 AA 3 x 27 June 2008 Table 19 2 Updates for Manual Revision AA S...

Страница 316: ... 2 1 Change power supply ranges in Order Codes section 1 3 1 Description of Power Input Ranges in Input Voltage and Input Current sections 1 3 2 Operating Environment standards IEC 60068 2 1 IEC 60068 2 2 1 3 4 Add UL information add listed recognized CE standard EN50082 1 remove EN55024 1998 2 1 1 Change temperature ratings 3 4 1 Add chassis ground symbol to second note 3 4 4 Revised picture 3 4 ...

Страница 317: ...Communication Modules section 4 3 4 3 Update Updated Power Budget Calculations with Fiber Media section 5 2 5 2 Update Updated Configuring DHCP BOOTP Manual section 5 2 5 2 Update Updated Using Telnet section 10 12 10 12 Update Updated Configuring Tag VLANs with EnerVista section 13 10 13 10 Update Updated Configuring STP RSTP with EnerVista section 17 11 17 11 Update Updated Command List section ...

Страница 318: ... SWITCH INSTRUCTION MANUAL REVISION HISTORY CHAPTER 19 APPENDIX Table 19 9 Updates for ML1600 manual revision A2 Page A1 Page A2 Change Description Title Title Update Manual number to GEK 113041A 1 3 1 3 Update Updated Power Supply specifications ...

Страница 319: ...the limits for a Class A computing device in accordance with the specifications in Subpart J of Part 15 of FCC rules which are designed to provide reasonable protection against such interference when operated in a commercial environment Operation of this equipment in a residential area is likely to cause interference in which case the user at their own expense will be required to take whatever mea...

Страница 320: ...urned with all transportation charges prepaid to an authorized service centre or the factory Repairs or replacement under warranty will be made without charge Warranty shall not apply to any device which has been subject to misuse negligence accident incorrect installation or use not in accordance with instructions nor any unit that has been altered outside a GE Multilin authorized factory outlet ...

Страница 321: ...TION 4 2 B BACK PRESSURE 9 5 BOOTP 5 3 BRODCAST STORMS 9 8 C CABLE LOSSES 4 4 CHANGES TO MANUAL 19 2 19 3 19 4 CHANGES TO THE MANUAL 19 2 CONNECTORS 1 3 D DATE 5 9 DESIGN ASPECTS 2 2 DHCP 5 3 DIFFSERV 14 2 DIMENSIONS 3 7 DIN RAIL MOUNTING 3 5 E ELECTRICAL INSTALLATION 3 8 E MAIL NOTIFICATION 16 2 17 8 ENVIRONMENTAL SPECIFICATIONS 1 5 ETHERNET connecting 3 2 modules 2 3 power budget calculations 4 ...

Страница 322: ...GVRP 11 1 11 3 H HISTORY 17 12 I IEEE APPROVAL 1 5 IGMP 15 1 15 2 15 5 INDUSTRIAL APPLICATIONS 2 8 INSTALLATION 3 1 IP ADDRESSING 1 9 5 1 IP PRECEDENCE 14 2 L LEDS functionality 4 2 specifications 1 4 LINK LOSS ALERT 9 11 M MAC ADDRESS 6 6 MECHANICAL INSTALLATION 3 5 MEMORY MAP 18 3 MODBUS configuration 18 1 memory map 18 3 MODULES combo modules 2 3 2 4 four port fiber 2 3 gigabit 2 5 MOUNTING spe...

Страница 323: ...OWER SUPPLY specifications 1 4 PRODUCT DESCRIPTION 2 1 Q QOS 2 6 14 1 14 4 14 6 14 9 R RADIUS 7 1 REDUNDANT RING TOPOLOGY 2 9 REVISION HISTORY 19 1 RSTP 13 1 13 4 13 7 13 10 S SAVING CONFIGURATION 5 13 SECURITY 6 1 6 3 6 5 SECURITY LOGS 6 9 SERIAL CONNECTIVITY 17 11 SERIAL PORT parameters 5 8 SMART RSTP 13 15 SMTP 17 6 SNMP 16 1 16 7 SNTP 5 10 SOFTWARE 2 6 SPECIFICATIONS 1 3 STP 12 1 12 3 12 8 SWI...

Страница 324: ... MANUAL INDEX SYSTEM PARAMETERS5 8 T TACACS7 1 TACACS 8 1 TAG VLAN10 13 TELECOMMUNICATIONS APPLICATIONS2 10 TELNET5 5 TIME5 9 TROUBLESHOOTING4 6 U UL REQUIREMENTS FOR DC UNITS3 8 UNPACKING THE SWITCH1 1 UP LINK SWITCH4 2 V VLAN10 1 10 4 10 13 W WARRANTY1 1 1 5 19 6 ...

Отзывы:

Нет отзывов

Похожие инструкции для MultiLink ML1600

Бренд: Patton electronics Страницы: 75

RocketLink-G 3088/I

Бренд: Patton electronics Страницы: 61

Бренд: Patton Страницы: 12

Бренд: Patton Страницы: 84

OnSite 3210 Series

Бренд: Patton Страницы: 110

Бренд: Patton electronics Страницы: 2

SMARTNODE 4110 Series

Бренд: Patton electronics Страницы: 78

Бренд: Patton electronics Страницы: 8

Бренд: A10 Страницы: 52

Бренд: DPtech Страницы: 39

Бренд: KPN Страницы: 14

IBOX-BAC Series

Бренд: IntesisBox Страницы: 2

WRT54GR - Wireless-G Broadband Router

Бренд: Linksys Страницы: 81

8677 - BladeCenter Rack-mountable - Power Supply

Бренд: IBM Страницы: 126

Бренд: ANEP Страницы: 48

IP-Logic ZIG-IPPRO-RX

Бренд: Zigen Страницы: 4

Бренд: 2N Telekomunikace Страницы: 67

Бренд: Dynamix Страницы: 102

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды