manualshive.com logo in svg

Planet IGS-10020MT, Руководство пользователя

Планета IGS-10020MT - отличное устройство с множеством функций. Для успешного использования требуется ознакомление с руководством пользователя. Вы можете скачать бесплатное руководство по использованию с нашего сайта. Главное - познакомиться с функционалом этого продукта! Скачайте его с {ссылка на ваш веб-сайт}.

Поделиться
Скачать
background image

User’s Manual of IGS-10020MT 

 

The page includes the following fields: 

Object 

Description 

 

Group Name 

The name identifying the privilege group. In most cases, a privilege level group 

consists of a single module (e.g. LACP, RSTP or QoS), but a few of them 

contains more than one. The following description defines these privilege level 

groups in details: 

System: Contact, Name, Location, Timezone, Log.   

Security: Authentication, System Access Management, Port (contains Dot1x port, 

MAC based and the MAC Address Limit), ACL, HTTPS, SSH, ARP Inspection 

and IP source guard. 

IP: Everything except 'ping'. 

Port: Everything except 'VeriPHY'. 

Diagnostics: 'ping' and 'VeriPHY'. 

Maintenance: CLI- System Reboot, System Restore Default, System Password, 

Configuration Save, Configuration Load and Firmware Load. Web- Users, 

Privilege Levels and everything in Maintenance. 

Debug: Only present in CLI. 

 

Privilege Level

 

Every group has an authorization Privilege level for the following sub groups: 

configuration read-only, configuration/execute read-write, status/statistics 

read-only, status/statistics read-write (e.g. for clearing of statistics). User 

Privilege should be same or greater than the authorization Privilege level to have 

the access to that group. 

 

Buttons 

: Click to save changes. 

: Click to undo any changes made locally and revert to previously saved values. 

 

62 

 

Содержание IGS-10020MT

Страница 1: ...User s Manual of IGS 10020MT 1 User s Manual IGS 10020MT Industrial 8 Port 10 100 1000T 2 100 1000X SFP Managed Switch ...

Страница 2: ...ection against harmful interference when the equipment is operated in a commercial environment This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with the Instruction manual may cause harmful interference to radio communications Operation of this equipment in a residential area is likely to cause harmful interference in which case the u...

Страница 3: ... 31 2 1 4 Switch Upper Panel 32 2 2 Install the Industrial Managed Switch 33 2 2 1 Installation Steps 33 2 2 2 DIN Rail Mounting 34 2 2 3 Wall Mount Plate Mounting 36 2 3 Wiring the Power Inputs 37 2 4 Wiring the Fault Alarm Contact 37 2 5 Cabling 38 2 5 1 Installing the SFP Transceiver 39 2 5 2 Remove the Module 41 3 SWITCH MANAGEMENT 42 3 1 Requirements 42 3 2 Management Access Overview 43 3 3 R...

Страница 4: ...figuration 73 4 2 15 EEE Power Reduction 75 4 2 16 Web Firmware Upgrade 77 4 2 17 TFTP Firmware Upgrade 78 4 2 18 Configuration Backup 79 4 2 19 Configuration Upload 81 4 2 20 Image Select 82 4 2 21 Factory Default 84 4 2 22 System Reboot 85 4 3 Simple Network Management Protocol 86 4 3 1 SNMP Overview 86 4 3 2 SNMP System Configuration 87 4 3 3 SNMP System Information 90 4 3 4 SNMPv3 Configuratio...

Страница 5: ... Membership 126 4 6 6 VLAN Membership Status 127 4 6 7 VLAN Port Status 129 4 6 8 Private VLAN 130 4 6 9 Port Isolation 132 4 6 10 VLAN setting example 133 4 6 10 1 Two separate 802 1Q VLAN 134 4 6 10 2 VLAN Trunking between two 802 1Q aware Switch 137 4 6 10 3 Port Isolate 139 4 6 11 MAC based VLAN 140 4 6 12 MAC based VLAN Status 141 4 6 13 IP Subnet based VLAN 142 4 6 14 Protocol based VLAN 143...

Страница 6: ...n 182 4 8 14 MVR 183 4 8 15 MVR Status 185 4 8 16 MVR Groups Information 186 4 8 17 MVR SFM Information 187 4 9 Quality of Service 188 4 9 1 Understand QOS 188 4 9 2 Port Policing 189 4 9 3 Port Classification 190 4 9 3 1 QoS Ingress Port Tag Classification 191 4 9 4 Port Scheduler 192 4 9 5 Port Shaping 193 4 9 5 1 QoS Egress Port Schedule and Shapers 194 4 9 6 Port Tag Remarking 195 4 9 6 1 QoS ...

Страница 7: ...4 11 7 RADIUS Overview 257 4 11 8 RADIUS Details 259 4 11 9 Windows Platform RADIUS Server Configuration 266 4 11 10 802 1X Client Configuration 271 4 12 Security 274 4 12 1 Port Limit Control 274 4 12 2 Access Management 278 4 12 3 Access Management Statistics 279 4 12 4 HTTPs 280 4 12 5 SSH 281 4 12 6 Port Security Status 282 4 12 7 Port Security Detail 284 4 12 8 DHCP Snooping 285 4 12 9 DHCP S...

Страница 8: ...iguration 322 4 16 2 Status 323 4 17 RMON 324 4 17 1 RMON Alarm Configuration 324 4 17 2 RMON Alarm Detail 326 4 17 3 RMON Alarm Status 327 4 17 4 RMON Event Configuration 328 4 17 5 RMON Event Detail 329 4 17 6 RMON Event Status 330 4 17 7 RMON History Configuration 331 4 17 8 RMON History Detail 332 4 17 9 RMON History Status 333 4 17 10 RMON Statistics Configuration 335 4 17 11 RMON Statistics ...

Страница 9: ...347 IP DHCP 348 IP Setup 348 IP Ping 349 IP DNS 350 IP DNS Proxy 350 IPv6 AUTOCINFIG 351 IPv6 Setup 351 IPv6 Ping 352 IP NTP Configuration 353 IP NTP Mode 353 IP NTP Server Add 354 IP NTP Server IPv6 Add 354 IP NTP Server Delete 355 6 3 Port Management Command 356 Port Configuration 356 Port Mode 356 Port Flow Control 357 Port State 358 Port Maximum Frame 358 Port Power 359 Port Excessive 359 Port...

Страница 10: ...LAN Add 371 VLAN Forbidden Add 372 VLAN Delete 372 VLAN Forbidden Delete 373 VLAN Forbidden Lookup 373 VLAN Lookup 374 VLAN Name Add 374 VLAN Name Delete 375 VLAN Name Lookup 375 VLAN Status 376 6 6 Private VLAN Configuration Command 377 PVLAN Configuration 377 PVLAN Add 378 PVLAN Delete 378 PVLAN Lookup 379 PVLAN Isolate 379 6 7 Security Command 380 Security Switch User Configuration 380 Security...

Страница 11: ...iguration 393 Security Switch SNMP Mode 393 Security Switch SNMP Version 393 Security Switch SNMP Read Community 394 Security Switch SNMP Write Community 395 Security Switch SNMP Trap Mode 395 Security Switch SNMP Trap Version 396 Security Switch SNMP Trap Community 396 Security Switch SNMP Trap Destination 397 Security Switch SNMP Trap IPv6 Destination 397 Security Switch SNMP Trap Authentication...

Страница 12: ...etwork Limit Mode 413 Security Network Limit Aging 414 Security Network Limit Agetime 414 Security Network Limit Port 415 Security Network Limit Limit 415 Security Network Limit Action 416 Security Network Limit Reopen 416 Security Network NAS Configuration 417 Security Network NAS Mode 418 Security Network NAS State 418 Security Network NAS Reauthentication 419 Security Network NAS ReauthPeriod 4...

Страница 13: ... 435 Security Network IP Source Guard Configuration 436 Security Network IP Source Guard Mode 436 Security Network IP Source Guard Port Mode 437 Security Network IP Source Guard Limit 437 Security Network IP Source Guard Entry 438 Security Network IP Source Guard Status 438 Security Network ARP Inspection Configuration 439 Security Network ARP Inspection Mode 439 Security Network ARP Inspection Po...

Страница 14: ...duGuard 457 STP Port Statistic 457 STP Port Mcheck 458 STP MSTI Port Configuration 458 STP MSTI Port Cost 459 STP MSTI Port Priority 459 6 9 Link Aggregation Command 460 Aggregation Configuration 460 Aggregation Add 460 Aggregation Delete 460 Aggregation Lookup 461 Aggregation Mode 461 6 10 Link Aggregation Control Protocol Command 462 LACP Configuration 462 LACP Mode 463 LACP Key 463 LACP Role 46...

Страница 15: ...figuration 477 EEE Mode 477 EEE Urgent Queues 478 6 14 Thermal Command 479 Thermal Priority Temperature 479 Thermal Port Priority 479 Thermal Status 480 Thermal Configuration 480 6 15 Quality of Service Command 481 QoS Configuration 481 QoS Port Classification Class 481 QoS Port Classification DPL 482 QoS Port Classification PCP 482 QoS Port Classification DEI 483 QoS Port Classification Tag 483 Q...

Страница 16: ...93 QoS Port DSCP EgressRemark 493 QoS DSCP Map 494 QoS DSCP Translation 494 QoS DSCP Trust 495 QoS DSCP Classification Mode 495 QoS DSCP EgressRemap 496 QoS Storm Unicast 496 QoS Storm Multicast 497 QoS QCL Add 497 QoS QCL Delete 498 QoS QCL Lookup 499 QoS QCL Status 499 QoS QCL Refresh 500 6 16 Mirror Command 501 Mirror Configuration 501 Mirror Port 501 Mirror Mode 502 6 17 Configuration Command ...

Страница 17: ... 512 Voice VLAN ID 513 Voice VLAN Agetime 513 Voice VLAN Traffic Class 514 Voice VLAN OUI Add 514 Voice VLAN OUI Delete 515 Voice VLAN OUI Clear 515 Voice VLAN OUI Lookup 516 Voice VLAN Port Mode 516 Voice VLAN Security 517 6 22 Loop Protect Command 517 Loop Protect Configuration 517 Loop Protect Mode 517 Loop Protect Transmit 518 Loop Protect Shutdown 518 Loop Protect Port Configuration 519 Loop ...

Страница 18: ...30 VCL MAC based VLAN Add 530 VCL MAC based VLAN Delete 531 VCL Stasus 531 VCL Protocol based VLAN Add Ethernet II 531 VCL Protocol based VLAN Add SNAP 532 VCL Protocol based VLAN Add LLC 532 VCL Protocol based VLAN Delete Ethernet II 532 VCL Protocol based VLAN Delete SNAP 533 VCL Protocol based VLAN Delete LLC 533 VCL Protocol based VLAN Add 533 VCL Protocol based VLAN Delete 534 VCL Protocol ba...

Страница 19: ...RATION 539 7 1 Address Table 539 7 2 Learning 539 7 3 Forwarding Filtering 539 7 4 Store and Forward 539 7 5 Auto Negotiation 540 8 TROUBLE SHOOTING 541 APPENDEX A 543 A 1 Switch s Data RJ 45 Pin Assignments 1000Mbps 1000Base T 543 A 2 10 100Mbps 10 100Base TX 543 APPENDEX B GLOSSARY 545 19 ...

Страница 20: ...ned to build a full Gigabit backbone to transmit reliable but high speed data in heavy industrial demanding environments and forward data to remote network through fiber optic It provides 8 Port 10 100 1000Base T copper and 2 extra 100 1000Base X SFP fiber optic interfaces delivered in an IP30 rugged strong case with redundant power system Besides supports 20Gbps switch fabric to handle extremely ...

Страница 21: ...case protection the IGS 10020MT provides a high level of immunity against electromagnetic interference and heavy electrical surges which are usually found on plant floors or in curb side traffic control cabinets It also possesses an integrated power supply source with wide range of voltages 12 to 48V DC or 24V AC for worldwide high availability applications requiring dual or backup power inputs Be...

Страница 22: ...e Industrial Managed Switch by Web interface Section 5 COMMAND LINE INTERFACE The section describes how to use the Command Line interface CLI Section 6 CLI MODE The section explains how to manage the Industrial Managed Switch by Command Line interface Section 7 SWITCH OPERATION The chapter explains how to does the switch operation of the Industrial Managed Switch Section 8 TROUBLESHOOTING The chap...

Страница 23: ...eous packets to optimize the network bandwidth Storm Control support Multicast Unknown Unicast Support VLAN IEEE 802 1Q Tagged VLAN Up to 255 VLANs groups out of 4095 VLAN IDs Provider Bridging VLAN Q in Q support IEEE 802 1ad Private VLAN Edge PVE Protocol based VLAN MAC based VLAN Voice VLAN Support Spanning Tree Protocol STP IEEE 802 1D Spanning Tree Protocol RSTP IEEE 802 1w Rapid Spanning Tre...

Страница 24: ...cess authentication RADIUS TACACS users access authentication IP Based Access Control List ACL MAC Based Access Control List Source MAC IP address binding DHCP Snooping to filter untrusted DHCP messages Dynamic ARP Inspection discards ARP packets with invalid MAC address to IP address binding IP Source Guard prevents IP spoofing attacks Auto DoS rule to defend DoS attack IP address access manageme...

Страница 25: ... Link Layer Discovery Protocol LLDP Protocol Cable Diagnostic technology provides the mechanism to detect and report potential cabling issues Reset button for system reboot or reset to factory default PLANET Smart Discovery Utility for deploy management 25 ...

Страница 26: ...er 2 Green Fault Alarm Green Per 10 100 1000T RJ 45 Ports LNK ACT Green 1000 Orange Per SFP Interface LNK ACT Green 1000 Orange Dimension W x D x H 87 8 x 135 x 56mm Weight 720g Power Requirement DC 12 to 48V AC 24V Power Adapter Power Consumption 10 Watts 34BTU Full loading Layer 2 function Basic Management Interfaces Web Browser Remote Telnet SNMPv1 v2c Secure Management Interface SSH SSL SNMP v...

Страница 27: ... Standards Conformance Regulation Compliance FCC Part 15 Class A CE Stability Testing IEC60068 2 32 Free fall IEC60068 2 27 Shock IEC60068 2 6 Vibration Standards Compliance IEEE 802 3 10Base T IEEE 802 3u 100Base TX 100Base FX IEEE 802 3z Gigabit SX LX IEEE 802 3ab Gigabit 1000T IEEE 802 3x Flow Control and Back pressure IEEE 802 3ad Port trunk with LACP IEEE 802 1D Spanning Tree Protocol IEEE 80...

Страница 28: ...tion describes the hardware features of Industrial Managed Switch For easier management and control of the Industrial Managed Switch familiarize yourself with its display indicators and ports Front panel illustrations in this chapter display the unit LED indicators Before connecting any network device to the Industrial Managed Switch read this chapter carefully 2 1 1 Physical Dimension Industrial ...

Страница 29: ...User s Manual of IGS 10020MT 2 1 2 Front Panel Figure 2 1 shows a front panel of Industrial Managed Switch Figure 2 1 IGS 10020MT Switch Front Panel 29 ...

Страница 30: ...he power also can reset the Industrial Managed Switch to factory default mode Figure 2 2 Reset button of Industrial Managed Switch 1 Press the RESET button once The Industrial Managed Switch will reboot automatically 2 Press the RESET button for 5 seconds The Industrial Managed Switch will back to the factory default mode the entire configuration will be erased 30 ...

Страница 31: ... or receiving data over that port Light Indicate that the port is successfully connecting to the network at 1000Mbps 1000 Orange Off Indicate that the port is successfully connecting to the network at 10Mbps or 100Mbps Per SFP Interface LED Color Function Light Indicate the link through that port is successfully established LNK ACT Green Blink Indicate that the Switch is actively sending or receiv...

Страница 32: ...Upper Panel The Upper Panel of the Industrial Managed Switch indicates a DC inlet power socket and consist one terminal block connector within 6 contacts It accepts input power from 12 to 48V DC also AC 24V Figure 2 3 IGS 10020MT Upper Panel 32 ...

Страница 33: ...r wall mount plate installation 3 To hang the Industrial Managed Switch on the DIN Rail track or wall 4 Power on the Industrial Managed Switch Please refer to the Wiring the Power Inputs section for knowing the information about how to wire the power The power LED on the Industrial Managed Switch will light up Please refer to the LED Indicators section for indication of LED lights 5 Prepare the tw...

Страница 34: ... There have two methods to install the Industrial Managed Switch DIN Rail Mounting and Wall Mount Plate Mounting Please read the following topics and perform the procedures in the order being presented Step 1 Screw the DIN Rail on the Industrial Managed Switch Step 2 Lightly press the button of DIN Rail into the track 34 ...

Страница 35: ...0020MT Step 3 Check the DIN Rail is tightly on the track Please refer to following procedures to remove the Industrial Managed Switch from the track Step 4 Lightly press the button of DIN Rail for remove it from the track 35 ...

Страница 36: ...ch Use the screwdriver to loose the screws and remove the DIN Rail Step 2 Place the wall mount plate on the rear panel of the Industrial Managed Switch Step 3 Use the screwdriver to screw the wall mount plate on the Industrial Managed Switch Step 4 Use the hook holes at the corners of the wall mount plate to hang the Industrial Managed Switch on the wall Step 5 To remove the wall mount plate rever...

Страница 37: ...ge for the terminal block should be in the range between 12 24 AWG 2 Performing any of the procedures like inserting the wires or tighten the wire clamp screws Ensure the power is OFF to prevent to get an electric shock 2 4 Wiring the Fault Alarm Contact The fault alarm contacts are in the middle 3 4 of the terminal block connector as the picture shows below Inserting the wires the Industrial Mana...

Страница 38: ...se FX 1000Base SX LX SFP module Cabling Each 10 100 1000Base T ports use RJ 45 sockets similar to phone jacks for connection of unshielded twisted pair cable UTP The IEEE 802 3 802 3u 802 3ab Fast Gigabit Ethernet standard requires Category 5 UTP for 100Mbps 100Base TX 10Base T networks can use Cat 3 4 5 or 1000Base T use 5 5e 6 UTP see table below Maximum distance is 100meters 328 feet The 100Bas...

Страница 39: ...ect at the time of publication Gigabit SFP Transceiver Modules MGB GT SFP Port 1000Base T Module MGB SX SFP Port 1000Base SX mini GBIC module MGB LX SFP Port 1000Base LX mini GBIC module MGB L30 SFP Port 1000Base LX mini GBIC module 30km MGB L50 SFP Port 1000Base LX mini GBIC module 50km MGB L70 SFP Port 1000Base LX mini GBIC module 70km MGB L120 SFP Port 1000Base LX mini GBIC module 120km MGB LA1...

Страница 40: ...t supported the Industrial Managed Switch will not recognize it 1000Base SX LX Before connect the other switches workstation or Media Converter 1 Make sure both side of the SFP transceiver are with the same media type for example 1000Base SX to 1000Base SX 1000Bas LX to 1000Base LX 2 Check the fiber optic cable type match the SFP transceiver model To connect to 1000Base SX SFP transceiver use the ...

Страница 41: ...ber NIC on a workstation or a Media Converter 3 Check the LNK ACT LED of the SFP slot of the switch converter Ensure that the SFP transceiver is operating correctly 4 Check the Link mode of the SFP port if the link failed Co works with some fiber NICs or Media Converters set the Link mode to 100 Force is needed 2 5 2 Remove the Module 1 Make sure there is no network activity by consult or check wi...

Страница 42: ...ollowing topics Requirements Management Access Overview Remote Telnet Access Web Management Access SNMP Access Standards Protocols and Related Reading 3 1 Requirements Workstations of subscribers running Windows XP 2003 Vista Windows 7 MAC OS X Linux Fedora Ubuntu or other platform compatible with TCP IP protocols Workstation installed with Ethernet NIC Network Interface Card Ethernet Port connect...

Страница 43: ...et Text based Telnet functionality built into Windows XP 2003 Vista Windows 7 operating systems Can be accesses from any location Security can be compromised hackers need only know the IP address Web Browser Ideal for configuring the switch remotely Compatible with all popular browsers Can be accessed from any location Most visually appealing Security can be compromised hackers need only know the ...

Страница 44: ...e same Ethernet environment As long as you know the current IP address of the Industrial Managed Switch Figure 3 1 Remote Telnet Interface Management In Windows system you may click Start then choose Acessories and Command Prompt please input telnet 192 168 0 100 and press enter from your keyboard You will see the following screen appears Figure 3 2 Remote Telnet Interface Main Screen of Industria...

Страница 45: ...naged Switch you can access the Industrial Managed Switch s Web interface applications directly in your Web browser by entering the IP address of the Industrial Managed Switch Figure 3 3 Web Management You can then use your Web browser to list and manage the Industrial Managed Switch configuration parameters from one central location the Web Management requires either Microsoft Internet Explorer 7...

Страница 46: ...dustrial Managed Switch and the SNMP Network Management Station to use the same community string This management method in fact uses two community strings the get community string and the set community string If the SNMP Net work management Station only knows the set community string it can read and write to the MIBs However if it only knows the get community string it can only read MIBs The defau...

Страница 47: ... Planet Smart Discovery Utility 1 Deposit the Planet Smart Discovery Utility in administrator PC 2 Run this utility and the following screen appears Figure 3 6 Planet Smart Discovery Utility Screen If there are two LAN cards or above in the same administrator PC choose different LAN card by use the Select Adapter tool 3 Press Refresh button for list current connected devices in the discovery list ...

Страница 48: ...ove are shown as below Update Device use current setting on one single device Update Multi use current setting on choose multi devices Update All use current setting on whole devices in the list The same functions mentioned above also can be finding in Option tools bar 3 To click the Control Packet Force Broadcast function it can allow assign new setting value to the Web Smart Switch under differe...

Страница 49: ...ts to open sockets The user has to explicitly modify the browser setting to enable Java Applets to use network ports The Industrial Managed Switch can be configured through an Ethernet connection make sure the manager PC must be set on same the IP subnet address with the Industrial Managed Switch For example the default IP address of the Industrial Managed Switch is 192 168 0 100 then the manager ...

Страница 50: ...g http 192 168 0 100 2 When the following login screen appears please enter the default username admin with password admin or the username password you have changed via console to login the main screen of Industrial Managed Switch The login screen in Figure 4 1 2 appears Figure 4 1 2 Login Screen Default User name admin Default Password admin After entering the username and password the main scree...

Страница 51: ...ess all the commands and statistics the Managed Switch provides 1 It is recommended to use Internet Explore 7 0 or above to access Industrial Managed Switch 2 The changed IP address take effect immediately after click on the Save button you need to use the new IP address to access the Web interface 3 For security reason please change and memorize the new password after this first setup 4 Only acce...

Страница 52: ...ed Switch s Web browser interface to configure and manage it Copper Port Link Status Main Functions Menu SFP Port Link Status Help Button Figure 4 1 4 Main Page Main Screen Panel Display The web agent displays an image of the Industrial Managed Switch s ports The Mode can be set to display different information for the ports including Link up or Link down Clicking on the image of a port opens the ...

Страница 53: ...rol the Industrial Managed Switch and all its ports or monitor network conditions Via the Web Management the administrator can setup the Industrial Managed Switch by select the functions those listed in the Main Function The screen in Figure 4 1 5 appears Figure 4 1 5 Industrial Managed Switch Main Functions Menu 53 ...

Страница 54: ...y CPU Load This page displays the CPU load using a SVG graph System Log The switch system log information is provided here Detailed Log The switch system detailed log information is provided here Remote Syslog Configure remote syslog on this page SMTP Configuration Configure SMTP function on this page EEE Power Reduction Configuration energy efficient ethernet power reduction on this page Thermal ...

Страница 55: ...d in Configuration System Information System Name Location The system location configured in Configuration System Information System Location MAC Address The MAC Address of this Industrial Managed Switch Power The Power 1 and Power 2 ON OFF Status display System Date The current GMT system time and date The system time is obtained through the configured SNTP Server if any System Uptime The period ...

Страница 56: ...ress is non zero DHCP will stop and the configured IP settings will be used The DHCP client will announce the configured System Name as hostname to provide DNS lookup IP Address Provide the IP address of this switch in dotted decimal notation IP Mask Provide the IP mask of this switch dotted decimal notation IP Router Provide the IP address of the router in dotted decimal notation VLAN ID Provide ...

Страница 57: ...ficantly longer Address Provide the IPv6 address of this switch IPv6 address is in 128 bit records represented as eight fields of up to four hexadecimal digits with a colon separating each field For example fe80 215 c5ff fe03 4dc7 The symbol is a special syntax that can be used as a shorthand way of representing multiple 16 bit groups of contiguous zeros but it can appear only once It can also rep...

Страница 58: ...ge includes the following fields Object Description User Name The name identifying the user Privilege Level The privilege level of the user The allowed range is 1 to 15 If the privilege level value is 15 it can access all groups i e that is granted the fully control of the device But others value need to refer to each group privilege level User s privilege should be same or greater than the group ...

Страница 59: ... is 15 it can access all groups i e that is granted the fully control of the device But others value need to refer to each group privilege level User s privilege should be same or greater than the group privilege level to have the access of that group By default setting most groups privilege level 5 has the read only access and privilege level 10 has the read write access And the system maintenanc...

Страница 60: ... 6 User Configuration Page Screenshot After change the default password if you forget the password Please press the Reset button in the front panel of the Industrial Managed Switch over 5 seconds and then release the current setting includes VLAN will be lost and the Industrial Managed Switch will restore to the default mode 60 ...

Страница 61: ...ge provides an overview of the privilege levels After setup completed please press Save button to take effect Please login web interface with new user name and password the screen in Figure 4 2 7 appears Figure 4 2 7 Privilege Levels Configuration Page Screenshot ...

Страница 62: ...rything except ping Port Everything except VeriPHY Diagnostics ping and VeriPHY Maintenance CLI System Reboot System Restore Default System Password Configuration Save Configuration Load and Firmware Load Web Users Privilege Levels and everything in Maintenance Debug Only present in CLI Privilege Level Every group has an authorization Privilege level for the following sub groups configuration read...

Страница 63: ...t forwards NTP messages between the clients and the server when they are not on the same subnet domain Disabled Disable NTP mode operation Timezone Allow select the time zone according to current location of switch Server Provide the NTP IPv4 or IPv6 address of this switch IPv6 address is in 128 bit records represented as eight fields of up to four hexadecimal digits with a colon separating each f...

Страница 64: ...o CPU The ACEs are automatically removed when the mode is disabled TTL The TTL value is used by UPnP to send SSDP advertisement messages Valid values are in the range 1 to 255 Advertising Duration The duration carried in SSDP packets is used to inform a control point or control points how often it or they should receive a SSDP advertisement message from this switch If a control point does not rece...

Страница 65: ...signment policies Specifically the option works by setting two sub options Circuit ID option 1 Remote ID option2 The Circuit ID sub option is supposed to include information specific to which circuit the request came in on The Remote ID sub option was designed to carry information relating to the remote host end of the circuit The definition of Circuit ID in the switch is 4 bytes in length and the...

Страница 66: ...ation mode option operation Possible modes are Enabled Enable DHCP relay information mode operation When enable DHCP relay information mode operation the agent insert specific information option82 into a DHCP message when forwarding to DHCP server and remove it from a DHCP message when transferring to DHCP client It only works under DHCP relay operation mode enabled Disabled Disable DHCP relay inf...

Страница 67: ...ent to clients Receive form Server The number of packets received from server Receive Missing Agent Option The number of packets received without agent information options Receive Missing Circuit ID The number of packets received with the Circuit ID option missing Receive Missing Remote ID The number of packets received with the Remote ID option missing Receive Bad Circuit ID The number of packets...

Страница 68: ...ackets which were replaced with relay agent information option Keep Agent Optin The number of packets whose relay agent information was retained Drop Agent Option The number of packets that were dropped which were received with relay agent information Buttons Auto refresh Check this box to refresh the page automatically Automatic refresh occurs every 3 seconds Click to refresh the page immediately...

Страница 69: ...upport the SVG format Consult the SVG Wiki for more information on browser support Specifically at the time of writing Microsoft Internet Explorer will need to have a plugin installed to support SVG The CPU Load screen in Figure 4 2 13 appears Figure 4 2 13 CPU Load Page Screenshot Buttons Auto refresh Check this box to refresh the page automatically Automatic refresh occurs every 3 seconds If you...

Страница 70: ... Error level of the system log All All levels Time The time of the system log entry Message The message of the system log entry Buttons Auto refresh Check this box to refresh the page automatically Automatic refresh occurs every 3 seconds Click to updates the system log entries starting from the current entry ID Flushes the selected log entries Updates the system log entries starting from the firs...

Страница 71: ...he following fields Object Description ID The ID 1 of the system log entry Message The message of the system log entry Buttons Updates the system log entry to the current entry ID Updates the system log entry to the first available entry ID Updates the system log entry to the previous available entry ID Updates the system log entry to the next available entry ID Updates the system log entry to the...

Страница 72: ...ledgments back sender since UDP is a connectionless protocol and it does not provide acknowledgments The syslog packet will always send out even if the syslog server does not exist Possible modes are Enabled Enable server mode operation Disabled Disable server mode operation Server Address Indicates the IPv4 host address of syslog server If the switch provide DNS feature it also can be a host name...

Страница 73: ... number As default is 25 SMTP Authentication Enabled As usual SMTP server is denied to relay a mail from a different domain so you have to enable this option and input your mail account and password for SMTP sever authorizing to forward a mail from different domain For example you want a SMTP server which located on mail 123 com send a mail to mail 456 net com If you want to send the mail to a SMT...

Страница 74: ...User s Manual of IGS 10020MT Buttons Click to test SMTP server address Click to save changes Click to undo any changes made locally and revert to previously saved values 74 ...

Страница 75: ... information using the LLDP protocol For maximizing power savings the circuit isn t started at once transmit data is ready for a port but is instead queued until 3000 bytes of data is ready to be transmitted For not introducing a large delay in case that data less then 3000 bytes shall be transmitted data are always transmitted after 48 us giving a maximum latency of 48 us the wakeup time If desir...

Страница 76: ...Managed Switch EEE Enable Controls whether EEE is enabled for this switch port EEE Urgent Queues Queues set will activate transmition of frames as soon as any data is available Otherwise the queue will postpone the transmsion until 3000 bytes are ready to be transmitted Buttons Click to save changes Click to undo any changes made locally and revert to previously saved values 76 ...

Страница 77: ...ge the system would pop up the file selection menu to choose firmware 4 Select on the firmware then click the Software Upload Progress would show the file upload status 5 Once the software be loaded to the system successfully The following screen appears The system will load the new software after reboot Figure 4 2 20 Software successfully Loaded Notice Screen DO NOT Power OFF the Industrial Manag...

Страница 78: ...4 2 21 appears Figure 4 2 21 TFTP Firmware Update Page Screenshot The page includes the following fields Object Description TFTP Server IP Fill in your TFTP server IP address Firmware File Name The name of firmware image Maximum length 24 characters Buttons Click to upgrade firmware DO NOT Power OFF the Industrial Managed Switch until the update progress is complete Do not quit the Firmware Upgrad...

Страница 79: ...s Module tags ip mac port etc These tags identify a module controlling specific parts of the configuration Group tags port_table vlan_table etc These tags identify a group of parameters typically a table Parameter tags mode entry etc These tags identify parameters for the specific section module and group The entry tag is used for table entries Configuration parameters are represented as attribute...

Страница 80: ...User s Manual of IGS 10020MT 80 Figure 4 2 23 File Download Screen 2 Chose the file save path in management workstation Figure 4 2 24 File Save Screen ...

Страница 81: ...een in Figure 4 2 25 appears Figure 4 2 25 Configuration Upload Page Screenshot Configuration Upload 1 Click the button of the main page the system would pop up the file selection menu to choose saved configuration Figure 4 2 26 Windows File Selection Menu Popup 2 Select on the configuration file then click the bottom of the browser shows the upload status 3 After down the main screen appears Tran...

Страница 82: ...ch user can select any one of the image as Active image of Industrial Managed Switch The Image Select screen in Figure 4 2 27 appears Figure 4 2 27 Image Select Page Screenshot Button Click to choose Alternate Image as Activate Image Figure 4 2 28 Image Select Page Screenshot Figure 4 2 29 Image Select Page Screenshot 82 ...

Страница 83: ...User s Manual of IGS 10020MT 83 Figure 4 2 30 Image Select Page Screenshot Figure 4 2 31 Image Select Page Screenshot After the system reboot you can use the Alternate Image of Industrial Managed Switch ...

Страница 84: ...fault Page Screenshot Click to return to the web main page without resetting the configuration After the Factory button be pressed and rebooted the system will load the default IP settings as following Default IP address 192 168 0 100 Subnet mask 255 255 255 0 Default Gateway 192 168 0 254 The other setting value is back to disable or none To reset the Industrial Managed Switch to the Factory defa...

Страница 85: ...a remote location Once the Reboot button is pressed user will re access the WEB interface about 60 seconds later the System Reboot screen in Figure 4 2 34 appears Figure 4 2 34 System Reboot Page Screenshot Buttons Click to reboot the system Click to return to the web main page without reboot the system 85 ...

Страница 86: ...irtual information store Collections of related managed objects are defined in specific MIB modules network management protocol A management protocol is used to convey management information between agents and NMSs SNMP is the Internet community s de facto standard management protocol SNMP Operations SNMP itself is a simple request response protocol NMSs can send multiple requests without receivin...

Страница 87: ... 3 1 SNMP System Configuration Page Screenshot The SNMP System Configuration page includes the following fields Object Description Mode Indicates the SNMP mode operation Possible modes are Enabled Enable SNMP mode operation Disabled Disable SNMP mode operation Version Indicates the SNMP supported version Possible versions are SNMP v1 Set SNMP supported version 1 SNMP v2c Set SNMP supported version...

Страница 88: ...in hexadecimal format with number of digits between 10 and 64 but all zeros and all F s are not allowed Change of the Engine ID will clear all original local users The SNMP Trap Configuration page includes the following fields Object Description Trap Mode Indicates the SNMP trap mode operation Possible modes are Enabled Enable SNMP trap mode operation Disabled Disable SNMP trap mode operation Trap...

Страница 89: ...tion failure Trap Link up and Link down Indicates the SNMP trap link up and link down mode operation Possible modes are Enabled Enable SNMP trap link up and link down mode operation Disabled Disable SNMP trap link up and link down mode operation Trap Inform Mode Indicates the SNMP trap inform mode operation Possible modes are Enabled Enable SNMP trap inform mode operation Disabled Disable SNMP tra...

Страница 90: ...rs from 32 to 126 System Name An administratively assigned name for this managed node By convention this is the node s fully qualified domain name A domain name is a text string drawn from the alphabet A Za z digits 0 9 minus sign No space characters are permitted as part of a name The first character must be an alpha character And the first or last character must not be a minus sign The allowed s...

Страница 91: ...dicates the community access string to permit access to SNMPv3 agent The allowed string length is 1 to 32 and the allowed content is ASCII characters from 33 to 126 The community string will be treated as security name and map a SNMPv1 or SNMPv2c community string Source IP Indicates the SNMP access source address A particular range of source addresses can be used to restrict source subnet when com...

Страница 92: ...is always that agent s own snmpEngineID value The value can also take the value of the snmpEngineID of a remote SNMP engine with which this user can communicate In other words if user engine ID equal system engine ID then it is local user otherwise it s remote user User Name A string identifying the user name that this entry should belong to The allowed string length is 1 to 32 and the allowed con...

Страница 93: ...l the allowed string length is 8 to 40 The allowed content is the ASCII characters from 33 to 126 Privacy Protocol Indicates the privacy protocol that this entry should belong to Possible privacy protocol are None None privacy protocol DES An optional flag to indicate that this user using DES authentication protocol Privacy Password A string identifying the privacy pass phrase The allowed string l...

Страница 94: ...s entry should belong to Possible security models are v1 Reserved for SNMPv1 v2c Reserved for SNMPv2c usm User based Security Model USM Security Name A string identifying the security name that this entry should belong to The allowed string length is 1 to 32 and the allowed content is the ASCII characters from 33 to 126 Group Name A string identifying the group name that this entry should belong t...

Страница 95: ...rs from 33 to 126 View Type Indicates the view type that this entry should belong to Possible view type are included An optional flag to indicate that this view subtree should be included excluded An optional flag to indicate that this view subtree should be excluded General if a view entry s view type is excluded it should be exist another view entry which view type is included and it s OID subtr...

Страница 96: ...ould belong to Possible security models are any Accepted any security model v1 v2c usm v1 Reserved for SNMPv1 v2c Reserved for SNMPv2c usm User based Security Model USM Security Level Indicates the security model that this entry should belong to Possible security models are NoAuth NoPriv None authentication and none privacy Auth NoPriv Authentication and none privacy Auth Priv Authentication and p...

Страница 97: ...User s Manual of IGS 10020MT Buttons Click to add a new access entry Click to save changes Click to undo any changes made locally and revert to previously saved values 97 ...

Страница 98: ...ation Display SFP information Port Mirror Sets the source and target ports for mirroring 4 4 1 Port Configuration This page displays current port configurations Ports can also be configured here The Port Configuration screen in Figure 4 4 1 appears Figure 4 4 1 Port Configuration Page Screenshot The page includes the following fields Object Description Port This is the logical port number for this...

Страница 99: ...nd Tx settings are determined by the result of the last Auto Negotiation Check the configured column to use flow control This setting is related to the setting for Configured Link Speed Maximum Frame Size Enter the maximum frame size allowed for the switch port including FCS The allowed range is 1518 bytes to 9600 bytes Excessive Collision Mode Configure port transmit collision behavior Discard Di...

Страница 100: ...l port for the settings contained in the same row Packets t The number of received and transmitted packets per por Bytes The number of received and transmitted bytes per port Errors ceived in error and the number of incomplete The number of frames re transmissions per port Drops The number of frames discarded due to ingress or egress congestion Filtered The number of received frames filtered by th...

Страница 101: ...iorities Each priority can be given a temperature at which the corresponding ports shall be turned off The Port Thermal Protection screen in Figure 4 4 3 appears Figure 4 4 3 Port Thermal Protection Page Screenshot The page includes the following fields Object Description Temperature settings for priority groups The temperature at which the ports with the corresponding priority will be turned off ...

Страница 102: ...Page Screenshot The displayed counters are Object Description Local Port The logical port for the settings contained in the same row Temperature The current temperature for logical port Port Status This function display port link operation status it depend on the Temperature Setting of Thermal Protection Buttons Click to refresh the page immediately Auto refresh Check this box to refresh the page ...

Страница 103: ...ed Port Statistics Port 1 Page Screenshot The page includes the following fields Receive Total and Transmit Total Object Description Rx and Tx Packets The number of received and transmitted good and bad packets Rx and Tx Octets The number of received and transmitted good and bad bytes Includes FCS but excludes framing bits Rx and Tx Unicast The number of received and transmitted good and bad unica...

Страница 104: ...of short 1 frames received with invalid CRC Rx Jabber The number of long2 frames received with invalid CRC Rx Filtered The number of received frames filtered by the forwarding process Short frames are frames that are smaller than 64 bytes Long frames are frames that are longer than the configured maximum frame length for this port 1 Short frames are frames that are smaller than 64 bytes 2 Long fra...

Страница 105: ...ct Description Type Display the type of current SFP module the possible types are 1000Base SX 1000Base LX 100Base FX Speed Display the spedd of current SFP module the speed value or description is get from the SFP module Different vendors SFP modules might shows different speed information Wave Length nm Display the wavelength of current SFP module the wavelength value is get from the SFP module U...

Страница 106: ...ed traffic can be copied or mirrored to a mirror port where a frame analyzer can be attached to analyze the frame flow The Managed Switch can unobtrusively mirror traffic from any port to a monitor port You can then attach a protocol analyzer or RMON probe to this port to perform traffic analysis and verify connection integrity Figure 4 4 7 Port Mirror Application The traffic to be copied to the m...

Страница 107: ...or the settings contained in the same row Select mirror mode Rx only Frames received at this port are mirrored to the mirroring port Frames transmitted are not mirrored Tx only Frames transmitted from this port are mirrored to the mirroring port Frames received are not mirrored Disabled Neither frames transmitted or frames received are mirrored Mode Both Frames received and frames transmitted are ...

Страница 108: ... types provided they operate at the same speed Aggregated Links can be assigned manually Port Trunk or automatically by enabling Link Aggregation Control Protocol LACP on the relevant links Aggregated Links are treated by the system as a single logical port Specifically the Aggregated Link has similar port attributes to a non aggregated port including auto negotiation speed Duplex setting etc The ...

Страница 109: ...ation Configuration menu to specify the link aggregation on the devices at both ends When using a port link aggregation note that The ports used in a link aggregation must all be of the same media type RJ 45 100 Mbps fiber The ports that can be assigned to the same link aggregation have certain other restrictions see below Ports can only be assigned to one link aggregation The ports at both ends o...

Страница 110: ... a TCP connection are always forwarded on the same link aggregation member port Reording of frames within a flow is therefore not possible The aggregation code is based on the following information Source MAC Destination MAC Source and destination IPv4 address Source and destination TCP UDP ports for IPv4 packets Normally all 5 contributions to the aggregation code should be enabled to obtain the ...

Страница 111: ... port for the frame Check to enable the use of the Source MAC address or uncheck to disable By default Source MAC Address is enabled Destination MAC Address The Destination MAC Address can be used to calculate the destination port for the frame Check to enable the use of the Destination MAC Address or uncheck to disable By default Destination MAC Address is disabled IP Address The IP address can b...

Страница 112: ...w Group ID Normal indicates there is no aggregation Only one group ID is valid per port Port Members Each switch port is listed for each group ID Select a radio button to include a port in an aggregation or clear the radio button to remove the port from the aggregation By default no ports belong to any aggregation group Only full duplex ports can join an aggregation and ports must be in the same s...

Страница 113: ...age Screenshot The page includes the following fields Object Description Port The switch port number means selection all ports of Industrial Managed Switch LACP Enabled Controls whether LACP is enabled on this switch port LACP will form an aggregation when 2 or more ports are connected to the same partner LACP can form max 12 LLAGs per switch and 2 GLAGs per stack Key The Key value incurred by the...

Страница 114: ...e 4 5 5 appears Figure 4 5 5 LACP System Status Page Screenshot The page includes the following fields Object Description Aggr ID The Aggregation ID associated with this aggregation instance For LLAG the id is shown as isid aggr id and for GLAGs as aggr id Partner System ID The system ID MAC address of the aggregation partner Partner Key The Key that the partner has assigned to this aggregation ID...

Страница 115: ...ot enabled or that the port link is down Backup means that the port could not join the aggregation group but will join if other port leaves Meanwhile it s LACP status is disabled Key The key assigned to this port Only ports with the same key can aggregate together Aggr ID The Aggregation ID assigned to this aggregation group IDs 1 and 2 are GLAGs while IDs 3 14 are LLAGs Partner System ID The part...

Страница 116: ...the following fields Object Description Port The switch port number LACP Received Shows how many LACP frames have been sent from each port LACP Transmitted Shows how many LACP frames have been received at each port Discarded Shows how many unknown or illegal LACP frames have been discarded at each port Buttons Auto refresh Automatic refresh occurs every 3 seconds Click to refresh the page immediat...

Страница 117: ...d nodes and assign these nodes VLAN membership packets cannot cross VLAN without a network device performing a routing function between the VLAN 2 The Managed Switch supports IEEE 802 1Q VLAN The port untagging function can be used to remove the 802 1 tag from packet headers to maintain compatibility with devices that are tag unaware 3 The Switch s default is to assign all ports to a single 802 1Q...

Страница 118: ...h a different VLAN This Managed Switch supports the following VLAN features Up to 255 VLANs based on the IEEE 802 1Q standard Port overlapping allowing a port to participate in multiple VLANs End stations can belong to multiple VLANs Passing traffic between VLAN aware and VLAN unaware devices Priority tagging IEEE 802 1Q Standard IEEE 802 1Q tagged VLAN are implemented on the Switch 802 1Q VLAN re...

Страница 119: ...by the 802 1Q standard Because the VID is 12 bits long 4094 unique VLAN can be identified The tag is inserted into the packet header making the entire packet longer by 4 octets All of the information originally contained in the packet is retained 802 1Q Tag User Priority CFI VLAN ID VID 3 bits 1 bits 12 bits TPID Tag Protocol Identifier TCI Tag Control Information 2 bytes 2 bytes Preamble Destinat...

Страница 120: ...cause some devices on a network may be tag unaware a decision must be made at each port on a tag aware device before packets are transmitted should the packet to be transmitted have a tag or not If the transmitting port is connected to a tag unaware device the packet should be untagged If the transmitting port is connected to a tag aware device the packet should be tagged Default VLANs The Switch ...

Страница 121: ...to a VLAN form a broadcast domain that is separate from other VLANs configured on the switch Packets are forwarded only between ports that are designated for the same VLAN Untagged VLANs can be used to manually isolate user groups or subnets 4 6 3 VLAN Basic Information The VLAN Basic Information page displays basic information on the VLAN type supported by the Managed Switch The VLAN Basic Inform...

Страница 122: ...t have an 802 1Q VLAN tag the port will not alter the packet Thus all packets received by and forwarded by an untagging port will have no 802 1Q VLAN information Remember that the PVID is only used internally within the Switch Untagging is used to send packets from an 802 1Q compliant network device to a non compliant network device Frame Income Frame Leave Income Frame is tagged Income Frame is u...

Страница 123: ...s in the MAN space can be used independent of the customers VLANs This is accomplished by adding a VLAN tag with a MAN related VID for frames entering the MAN When leaving the MAN the tag is stripped and the original VLAN tag with the customer related VID is again available This provides a tunneling mechanism to connect remote costumer VLANs through a common MAN space without interfering with the ...

Страница 124: ...or a port by checking the box This parameter affects VLAN ingress processing If ingress filtering is enabled and the ingress port is not a member of the classified VLAN of the frame the frame is discarded By default ingress filtering is disabled no checkmark Accept Frame Type Determines whether the port accepts all frames or only tagged frames This parameter affects VLAN ingress processing If the ...

Страница 125: ...he service provider network Customer Port Configures IEEE 802 1Q tunneling QinQ for a client access port to segregate and preserve customer VLAN IDs for traffic crossing the service provider network Set Out layer VLAN tag ether type The Tag Protocol Identifier TPID specifies the ethertype of incoming packets on a tunnel access port 802 1Q Tag 8100 vMAN Tag 88A8 Default 802 1Q Tag The port must be ...

Страница 126: ...VLAN ID Indicates the ID of this particular VLAN VLAN Name Indicates the name of the VLAN Maximum length of the VLAN Name String is 32 VLAN Name can only contain alphabets or numbers VLAN name should contain atleast one alphabet VLAN name can be edited for the existing VLAN entries or it can be added to the new entries Port Members A row of check boxes for each port is displayed for each VLAN ID T...

Страница 127: ...t VLAN ID Updates the table starting with the entry after the last entry currently displayed 4 6 6 VLAN Membership Status This page provides an overview of membership status for VLAN users The VLAN Membership Status screen in Figure 4 6 4 appears Figure 4 6 4 VLAN Membership Status for Static User Page Screenshot The page includes the following fields Object Description VLAN ID Indicates the ID of...

Страница 128: ...ate multicast traffic for subscribers in each VLAN Multicast traffic for all channels is sent only on a single multicast VLAN Voice VLAN Voice VLAN is a VLAN configured specially for voice traffic typically originating from IP phones MSTP The 802 1s Multiple Spanning Tree protocol MSTP uses VLANs to create multiple spanning trees in a network which significantly improves network resource utilizati...

Страница 129: ...rt with Custom TPID Ingress Filtering Show the ingress filtering for a port This parameter affects VLAN ingress processing If ingress filtering is enabled and the ingress port is not a member of the classified VLAN of the frame the frame is discarded Frame Type Shows whether the port accepts all frames or only tagged frames This parameter affects VLAN ingress processing If the port only accepts ta...

Страница 130: ...e spanning trees in a network which significantly improves network resource utilization while maintaining a loop free environment Buttons Select VLAN Users from this drop down list Auto refresh Check this box to refresh the page automatically Automatic refresh occurs every 3 seconds Click to refresh the page immediately 4 6 8 Private VLAN The Private VLAN membership configurations for the switch c...

Страница 131: ... A row of check boxes for each port is displayed for each private VLAN ID To include a port in a Private VLAN check the box To remove or exclude the port from the Private VLAN make sure the box is unchecked By default no ports are members and all boxes are unchecked Buttons Click to add new VLAN Click to save changes Click to undo any changes made locally and revert to previously saved values Auto...

Страница 132: ...tabase servers on the inside segment but are not allowed to communicate with each other For private VLANs to be applied the switch must first be configured for standard VLAN operation When this is in place one or more of the configured VLANs can be configured as private VLANs Ports in a private VLAN fall into one of these two groups Promiscuous ports Ports from which traffic can be forwarded to al...

Страница 133: ...lated to other isolated ports on the same VLAN and Private VLAN The Port Isolation screen in Figure 4 6 7 appears Figure 4 6 7 Port Isolation Configuration Page Screenshot The page includes the following fields Object Description Port Members A check box is provided for each port of a private VLAN When checked port isolation is enabled on that port When unchecked port isolation is disabled on that...

Страница 134: ...rate VLAN Diagram VLAN Group VID Untagged Members Tagged Members VLAN Group 1 1 Port 7 Port 10 N A VLAN Group 2 2 Port 1 Port 2 Port 3 VLAN Group 3 3 Port 4 Port 5 Port 6 Table 4 1 VLAN and Port Configuration The scenario described as follow Untagged packet entering VLAN 2 1 While PC 1 transmit an untagged packet enters Port 1 the Managed Switch will tag it with a VLAN Tag 2 PC 2 and PC 3 will rec...

Страница 135: ...g an untagged packet 3 While the packet leaves Port 6 it will keep as a tagged packet with VLAN Tag 3 At this example VLAN Group 1 just set as default VLAN but only focus on VLAN 2 and VLAN 3 traffic flow Setup steps 1 Create VLAN Group Set VLAN Group 1 Default VLAN with VID VLAN ID 1 Add two VLANs VLAN 2 and VLAN 3 VLAN Group 2 with VID 2 VLAN Group 3 with VID 3 2 Assign VLAN Member VLAN 2 Port 1...

Страница 136: ...rlapped VLAN configuration see next VLAN configure sample 4 Assign PVID for each port Port 1 Port 2 and Port 3 PVID 2 Port 4 Port 5 and Port 6 PVID 3 Port 7 Port 24 PVID 1 5 Enable VLAN Tag for specific ports Link Type Port 3 VLAN 2 and Port 6 VLAN 3 The Per Port VLAN configuration in Figure 4 6 10 appears Figure 4 6 10 Port 1 Port 6 VLAN Configuration ...

Страница 137: ...two VLANs VLAN 2 and VLAN 3 VLAN Group 2 with VID 2 VLAN Group 3 with VID 3 2 Assign VLAN Member VLAN 2 Port 1 Port 2 and Port 3 VLAN 3 Port 4 Port 5 and Port 6 VLAN 1 All other ports Port 7 Port 24 About the VLAN ports connect to the hosts please refer to 4 6 10 1 examples The following steps will focus on the VLAN Trunk port configuration 1 Specify Port 8 to be the 802 1Q VLAN Trunk port 2 Assig...

Страница 138: ...the Trunking port must be a Tagged port while egress The Port 8 configuration as the following screen in Figure 4 6 13 Figure 4 6 13 The configuration of VLAN Trunk Port That is although the VLAN 2 members Port 1 to Port 3 and VLAN 3 members Port 4 to Port 6 also belongs to VLAN 1 But with different PVID settings packets form VLAN 2 or VLAN 3 is not able to access to the other VLAN 6 Repeat Step 1...

Страница 139: ...ion will show you how to configure the port for the server that could be accessed by each isolate port Figure 4 6 14 The Port Isolate VLAN Diagram Setup steps 1 Assign Port Mode Set Port 1 Port 4 in Isolate port Set Port5 and Port 6 in Promiscuous port The screen in Figure 4 6 15 appears Figure 4 6 15 The Configuration of Isolate and Promiscuous Port 2 Assign VLAN Member VLAN 1 Port 1 Port 2 Port ...

Страница 140: ...ss VLAN ID Indicates the VLAN ID Port Members A row of check boxes for each port is displayed for each MAC based VLAN entry To include a port in a MAC based VLAN check the box To remove or exclude the port from the MAC based VLAN make sure the box is unchecked By default no ports are members and all boxes are unchecked Buttons Click to add a new MAC based VLAN entry Click to save changes Click to ...

Страница 141: ... 6 18 MAC based VLAN Membership Configuration for User Static Page Screenshot The page includes the following fields Object Description MAC Address Indicates the MAC address VLAN ID Indicates the VLAN ID Port Members Port members of the MAC based VLAN entry Buttons Auto refresh Check this box to refresh the page automatically Automatic refresh occurs every 3 seconds Click to refresh the page immed...

Страница 142: ... entry Deletion and lookup of IP subnet based VLAN are based on VCE ID IP Address Indicates the IP address Mask Length Indicates the network mask length VLAN ID Indicates the VLAN ID VLAN ID can be changed for the existing entries Port Members A row of check boxes for each port is displayed for each IP subnet based VLAN entry To include a port in a IP subnet based VLAN check the box To remove or e...

Страница 143: ...ave one of the following values 1 Ethernet 2 LLC 3 SNAP Note On changing the Frame type field valid value of the following text field will vary depending on the new frame type you selected Value Valid value that can be entered in this text field depends on the option selected from the the preceding Frame Type selection menu Below is the criteria for three different Frame Types 1 For Ethernet Value...

Страница 144: ...lue of OUI field is 00 00 00 then value of PID will be etype 0x0600 0xffff and if value of OUI is other than 00 00 00 then valid value of PID will be any value from 0x0000 to 0xffff Group Name A valid Group Name is a unique 16 character long string for every entry which consists of a combination of alphabets a z or A Z and integers 0 9 Note special character and underscore _ are not allowed Button...

Страница 145: ... Whichever Group name you try map to a VLAN must be present in Protocol to Group mapping table and must not be preused by any other existing mapping entry on this page VLAN ID Indicates the ID to which Group Name will be mapped A valid VLAN ID ranges from 1 4095 Port Members A row of check boxes for each port is displayed for each Group Name to VLAN ID mapping To include a port in a mapping check ...

Страница 146: ... is also accomplished automatically without operator intervention This automatic network reconfiguration provides maximum uptime to network users However the concepts of the Spanning Tree Algorithm and protocol are a complicated and complex subject and must be fully researched and understood It is possible to cause serious degradation of the performance of the network if the Spanning Tree is incor...

Страница 147: ... a higher number than the current root port can cause a root port change STP Port States The BPDUs take some time to pass through a network This propagation delay can result in topology changes where a port that transitioned directly from a Blocking state to a Forwarding state could create temporary data loops Ports must wait for new network topology information to propagate throughout the network...

Страница 148: ...he forwarding state is enabled for that port 2 STP Parameters STP Operation Levels The Switch allows for two levels of operation the switch level and the port level The switch level forms a spanning tree consisting of links between one or more switches The port level constructs a spanning tree consisting of groups of one or more ports The STP operates in much the same way for both levels On the sw...

Страница 149: ...d when its age exceeds the value of the maximum age timer 20 seconds Forward Delay Timer The amount time spent by a port in the learning and listening states waiting for a BPDU that may return the port to the blocking state 15 seconds The following are the user configurable STP parameters for the port or port group level Variable Description Default Value Port Priority A relative priority for each...

Страница 150: ...etting the above parameters Max Age _ 2 x Forward Delay 1 second Max Age _ 2 x Hello Time 1 second Port Priority A Port Priority can be from 0 to 240 The lower the number the greater the probability the port will be chosen as the Root Port Port Cost A Port Cost can be set from 0 to 200000000 The lower the number the greater the probability the port will be chosen to forward packets 3 Illustration ...

Страница 151: ...User s Manual of IGS 10020MT Figure 4 7 2 Before Applying the STA Rules In this example only the default STP values are used Figure 4 7 3 After Applying the STA Rules 151 ...

Страница 152: ...STP system settings The settings are used by all STP Bridge instances in the Switch or switch Stack The Managed Switch support the following Spanning Tree protocols Compatiable Spanning Tree Protocol STP Provides a single path between end stations avoiding and eliminating loops Normal Rapid Spanning Tree Protocol RSTP Detects and uses of network topologies that provide faster spanning tree converg...

Страница 153: ...conds Default 20 Minimum The higher of 6 or 2 x Hello Time 1 Maximum The lower of 40 or 2 x Forward Delay 1 Maximum Hop Count This defines the initial value of remaining Hops for MSTI information generated at the boundary of an MSTI region It defines how many bridges a root bridge can distribute its BPDU information Valid values are in the range 6 to 40 hops Transmit Hold Count The number of BPDU ...

Страница 154: ...us overview for all STP bridge instances The displayed table contains a row for each STP bridge instance where the column displays the following information The Bridge Status screen in Figure 4 7 5 appears Figure 4 7 5 STP Bridge Status Page Screenshot The page includes the following fields Object Description MSTI The Bridge Instance This is also a link to the STP Detailed Bridge Status Bridge ID ...

Страница 155: ...Description Port The switch port number of the logical STP port STP Enabled Controls whether RSTP is enabled on this switch port means to select all ports of Industrial Managed Switch Path Cost Controls the path cost incurred by the port The Auto setting will set the path cost as appropriate by the physical link speed using the 802 1D recommended values Using the Specific setting a user defined va...

Страница 156: ...tivity It can be set by a network administrator to prevent bridges external to a core region of the network influence the spanning tree active topology possibly because those bridges are not under the full control of the administrator This feature is also known as Root Guard Restricted TCN If enabled causes the port not to propagate received topology change notifications and topology changes to ot...

Страница 157: ... IEEE 802 1w 2001 Ethernet 50 600 200 000 20 000 000 Fast Ethernet 10 60 20 000 2 000 000 Gigabit Ethernet 3 10 2 000 200 000 Table 4 7 1 Recommended STP Path Cost Range Port Type Link Type IEEE 802 1D 1998 IEEE 802 1w 2001 Ethernet Half Duplex Full Duplex Trunk 100 95 90 2 000 000 1 999 999 1 000 000 Fast Ethernet Half Duplex Full Duplex Trunk 19 18 15 200 000 100 000 50 000 Gigabit Ethernet Full...

Страница 158: ...iption MSTI The bridge instance The CIST is the default instance which is always active Priority The Configuration All with available values will assign to whole items Controls the bridge priority Lower numerical values have better priority The bridge priority plus the MSTI instance number concatenated with the 6 byte MAC address of the switch forms a Bridge Identifier means all MSTI items will ha...

Страница 159: ...iguration This page allows the user to inspect the current STP MSTI bridge instance priority configurations and possibly change them as well The MSTI Configuration screen in Figure 4 7 8 appears Figure 4 7 8 MSTI Configuration Page Screenshot 159 ...

Страница 160: ... Revision The revision of the MSTI configuration named above This must be an integer between 0 and 65535 MSTI Mapping Object Description MSTI The bridge instance The CIST is not available for explicit mapping as it will receive the VLANs not explicitly mapped VLANs Mapped The list of VLAN s mapped to the MSTI The VLANs must be separated with comma and or space A VLAN can only be mapped to one MSTI...

Страница 161: ...licable for the port The MSTI instance must be selected before displaying actual MSTI port configuration options This page contains MSTI port settings for physical and aggregated ports The aggregation settings are stack global The MSTI Port Configuration screen in Figure 4 7 9 Figure 4 7 10 appears Figure 4 7 9 MSTI Port Configuration Page Screenshot The page includes the following fields MSTI Por...

Страница 162: ...by the physical link speed using the 802 1D recommended values Using the Specific setting a user defined value can be entered The path cost is used when establishing the active topology of the network Lower path cost ports are chosen as forwarding ports in favor of higher path cost ports Valid values are in the range 1 to 200000000 All means all ports will have one specific setting Priority The Co...

Страница 163: ... The STP Port Status screen in Figure 4 7 11 appears Figure 4 7 11 STP Port Status Page Screenshot The page includes the following fields Object Description Port The switch port number of the logical STP port CIST Role The current STP port role of the ICST port The port role can be one of the following values AlternatePort BackupPort RootPort DesignatedPort CIST State The current STP port state of...

Страница 164: ...ch port number of the logical RSTP port MSTP The number of MSTP Configuration BPDU s received transmitted on the port RSTP The number of RSTP Configuration BPDU s received transmitted on the port STP The number of legacy STP Configuration BPDU s received transmitted on the port TCN The number of legacy Topology Change Notification BPDU s received transmitted on the port Discarded Unknown The numbe...

Страница 165: ... that they will become members of a multicast group The Internet Group Management Protocol IGMP is used to communicate this information IGMP is also used to periodically check the multicast group for members that are no longer active In the case where there is more than one multicast router on a sub network one router is elected as the queried This router then keeps track of the membership of the ...

Страница 166: ...User s Manual of IGS 10020MT Figure 4 8 2 Multicast Flooding Figure 4 8 3 IGMP Snooping Multicast Stream Control 166 ...

Страница 167: ...kets enable multicast routers to keep track of the membership of multicast groups on their respective sub networks The following outlines what is communicated between a multicast router and a multicast group member using IGMP A host sends an IGMP report to join a group A host will never send a report when it wants to leave a group for version 1 A host will send a leave report when it wants to leav...

Страница 168: ... want to receive multicast traffic If there is more than one router switch on the LAN performing IP multicasting one of these devices is elected querier and assumes the role of querying the LAN for group members It then propagates the service requests on to any upstream multicast switch router to ensure that it will continue to receive the multicast service Multicast routers use this information a...

Страница 169: ...MCv4 traffic flooding IGMP SSM Range SSM Source Specific Multicast Range allows the SSM aware hosts and routers run the SSM service model for the groups in the address range Leave Proxy Enable Enable IGMP Leave Proxy This feature can be used to avoid forwarding unnecessary leave messages to the router side Proxy Enable Enable IGMP Proxy This feature can be used to avoid forwarding unnecessary join...

Страница 170: ...first visited the web page will show the first 20 entries from the beginning of the VLAN Table The first displayed will be the one with the lowest VLAN ID found in the VLAN Table The VLAN input fields allow the user to select the starting point in the VLAN Table The IGMP Snooping VLAN Configuration screen in Figure 4 8 6 appears Figure 4 8 6 IGMP Snooping VLAN Configuration Page Screenshot The pag...

Страница 171: ...ery Interval The Last Member Query Time is the time value represented by the Last Member Query Interval multiplied by the Last Member Query Count The allowed range is 0 to 31744 in tenths of seconds default last member query interval is 10 in tenths of seconds 1 second URI Unsolicited Report Interval The Unsolicited Report Interval is the time between repetitions of a host s initial report of memb...

Страница 172: ...IGMP join report is forwarded as normal If a requested multicast group is denied the IGMP join report is dropped IGMP throttling sets a maximum number of multicast groups that a port can join at the same time When the maximum number of groups is reached on a port the switch can take one of two actions either deny or replace If the action is set to deny any new IGMP join reports will be dropped If ...

Страница 173: ...ersion currently Querier Status Show the Querier status is ACTIVE or IDLE Queriers Transmitted The number of Transmitted Querier Queriers Received The number of Received Querier V1 Reports Received The number of Received V1 Reports V2 Reports Received The number of Received V2 Reports V3 Reports Received The number of Received V3 Reports V2 Leaves Received The number of Received V2 Leave Buttons A...

Страница 174: ... allow the user to select the starting point in the IGMP Group Table The IGMP Groups Informatino screen in Figure 4 8 9 appears Figure 4 8 9 IGMP Snooping Groups Information Page Screenshot The page includes the following fields Object Description VLAN ID VLAN ID of the group Groups Group address of the group displayed Port Members Ports under this group Buttons Auto refresh Check this box to refr...

Страница 175: ... Figure 4 8 10 appears Figure 4 8 10 IGMP SFM Information Page Screenshot The page includes the following fields Object Description VLAN ID VLAN ID of the group Group Group address of the group displayed Port Switch port number Mode Indicates the filtering mode maintained per VLAN ID port number Group Address basis It can be either Include or Exclude Source Address IP Address of the source Current...

Страница 176: ...nabled Enable unregistered IPMCv6 traffic flooding Please note that disabling unregistered IPMCv6 traffic flooding may lead to failure of Neighbor Discovery MLD SSM Range SSM Source Specific Multicast Range allows the SSM aware hosts and routers run the SSM service model for the groups in the address range Leave Proxy Enable Enable MLD Leave Proxy This feature can be used to avoid forwarding unnec...

Страница 177: ... any changes made locally and revert to previously saved values 4 8 9 MLD Snooping VLAN Configuration Each page shows up to 99 entries from the VLAN table default being 20 selected through the entries per page input field When first visited the web page will show the first 20 entries from the beginning of the VLAN Table The first displayed will be the one with the lowest VLAN ID found in the VLAN ...

Страница 178: ...I Last Listener Query Interval The Last Listener Query Interval is the Maximum Response Delay used to calculate the Maximum Response Code inserted into Multicast Address Specific Queries sent in response to Version 1 Multicast Listener Done messages It is also the Maximum Response Delay used to calculate the Maximum Response Code inserted into Multicast Address and Source Specific Query messages T...

Страница 179: ...LD join report is forwarded as normal If a requested multicast group is denied the MLD join report is dropped MLD throttling sets a maximum number of multicast groups that a port can join at the same time When the maximum number of groups is reached on a port the switch can take one of two actions either deny or replace If the action is set to deny any new MLD join reports will be dropped If the a...

Страница 180: ...t Version Working Host Version currently Querier Status Show the Querier status is ACTIVE or IDLE Queriers Transmitted The number of Transmitted Querier Queriers Received The number of Received Querier V1 Reports Received The number of Received V1 Reports V2 Reports Received The number of Received V2 Reports V1 Leave Received The number of Received V1 Leaves Buttons Auto refresh Check this box to ...

Страница 181: ... allow the user to select the starting point in the MLD Group Table The MLD Groups Informatino screen in Figure 4 8 15 appears Figure 4 8 15 MLD Snooping Groups Information Page Screenshot The page includes the following fields Object Description VLAN ID VLAN ID of the group Groups Group address of the group displayed Port Members Ports under this group Buttons Auto refresh Check this box to refre...

Страница 182: ...ure 4 8 16 appears Figure 4 8 16 MLD SSM Information Page Screenshot The page includes the following fields Object Description VLAN ID VLAN ID of the group Group Group address of the group displayed Port Switch port number Mode Indicates the filtering mode maintained per VLAN ID port number Group Address basis It can be either Include or Exclude Source Address IP Address of the source Currently sy...

Страница 183: ...n a subscriber selects a channel the set top box or PC sends an IGMP MLD report message to Switch A to join the appropriate multicast group address Uplink ports that send and receive multicast data to and from the multicast VLAN are called MVR source ports It is allowed to create at maximun 8 MVR VLANs with corresponding channel settings for each Multicast VLAN There will be totally at maximun 256...

Страница 184: ...raversed IGMP MLD control frames will be sent in prioritized manner The default Priority is 0 LLQI Define the maximun time to wait for IGMP MLD report memberships on a receiver port before removing the port from multicast group membership The value is in units of tenths of a seconds The range is from 0 to 31744 The default LLQI is 5 tenths or one half second Interface Channel Setting When the MVR ...

Страница 185: ...ber of Received Queries for IGMP and MLD respectively IGMP MLD Queries Transmitted The number of Transmitted Queries for IGMP and MLD respectively IGMPv1 Joins Received The number of Received IGMPv1 Joins IGMPv2 MLDv1 Reports Received The number of Received IGMPv2 Joins and MLDv1 Reports respectively IGMPv3 MLDv2 Reports Received The number of Received IGMPv3 Joins and MLDv2 Reports respectively I...

Страница 186: ...he user to select the starting point in the MVR Group Table The MVR Groups Information screen in Figure 4 8 19 appears Figure 4 8 19 MVR Groups Information Page Screenshot The page includes the following fields Object Description VLAN ID VLAN ID of the group Groups Group ID of the group displayed Port Members Ports under this group Buttons Auto refresh Check this box to refresh the page automatica...

Страница 187: ...icates the filtering mode maintained per VLAN ID port number Group Address basis It can be either Include or Exclude Source Address IP Address of the source Currently system limits the total number of IP source addresses for filtering to be 128 When there is no any source filtering address the text None is shown in the Source Address field Type Indicates the Type It can be either Allow or Deny Har...

Страница 188: ...ier classifies the traffic on the network Traffic classifications are determined by protocol application source destination and so on You can create and modify classifications The Switch then groups classified traffic in order to schedule them with the appropriate service level DiffServ Code Point DSCP is the traffic prioritization bits within an IP header that are encoded by certain applications ...

Страница 189: ... Switch Rate Controls the rate for the policer The default value is 500 This value is restricted to 100 1000000 when the Unit is kbps or fps and it is restricted to 1 3300 when the Unit is Mbps or kfps Unit The Configuration All with available options will assign to whole ports Controls the unit of measure for the policer rate as kbps Mbps fps or kfps The default value is kbps All means all ports ...

Страница 190: ...queue and priority A QoS class of 0 zero has the lowest priority All means all ports will have one specific setting DP Level The Configuration All with available values will assign to whole ports Controls the default DP level i e the DP level for frames not classified in any other way All means all ports will have one specific setting PCP The Configuration All with available values will assign to ...

Страница 191: ...sed Click to Enable DSCP Based QoS Ingress Port Classification Buttons Click to save changes Click to undo any changes made locally and revert to previously saved values 4 9 3 1 QoS Ingress Port Tag Classification The clasification modes for tagged frames are configured on this page The QoS Ingress Port Tag Classification screen in Figure 4 9 3 appears Figure 4 9 3 QoS Ingress Port Tag Classificat...

Страница 192: ... to QoS class DP level values when Tag Classification is set to Enabled Buttons Click to save changes Click to undo any changes made locally and revert to previously saved values Return to the previous page 4 9 4 Port Scheduler This page provides an overview of QoS Egress Port Schedulers for all switch ports The Port Scheduler screen in Figure 4 9 4 appears Figure 4 9 4 QoS Egress Port Schedule Pa...

Страница 193: ...ing screen in Figure 4 9 5 appears Figure 4 9 5 QoS Egress Port Shapers Page Screenshot The page includes the following fields Object Description Port The logical port for the settings contained in the same row Click on the port number in order to configure the shapers For more detail please refer to chapter 4 9 5 1 Q0 Q7 Shows disabled or actual queue shaper rate e g 800 Mbps Port Shows disabled ...

Страница 194: ...nable Controls whether the queue shaper is enabled for this queue on this switch port Queue Shaper Rate Controls the rate for the queue shaper The default value is 500 This value is restricted to 100 1000000 when the Unit is kbps and it is restricted to 1 3300 when the Unit is Mbps Queue Shaper Unit Controls the unit of measure for the queue shaper rate as kbps or Mbps The default value is kbps Qu...

Страница 195: ...s Buttons Click to save changes Click to undo any changes made locally and revert to previously saved values Click to undo any changes made locally and return to the previous page 4 9 6 Port Tag Remarking This page provides an overview of QoS Egress Port Tag Remarking for all switch ports The Port Tag Remarking screen in Figure 4 9 7 appears Figure 4 9 7 QoS Egress Port Tag Remarking Page Screensh...

Страница 196: ...rols the tag remarking mode for this port Classified Use classified PCP DEI values Default Use default PCP DEI values Mapped Use mapped versions of QoS class and DP level PCP DEI Configuration Controls the default PCP and DEI values used when the mode is set to Default QoS class DP level to PCP DEI Mapping Controls the mapping of the classified QoS class DP level to PCP DEI values when the mode is...

Страница 197: ...nslation and classification settings for individual ports There are two configuration parameters available in Ingress Translate Classify Translate To Enable the Ingress Translation click the checkbox means to select all ports of Industrial Managed Switch Classify The Configuration All with available options will assign to whole ports Classification for a port has 4 different values All means all p...

Страница 198: ...mapped and frame is remarked with remapped DSCP value The remapped DSCP value is always taken from the DSCP Translation Egress Remap DP0 table Remap DP Aware DSCP from analyzer is remapped and frame is remarked with remapped DSCP value Depending on the DP level of the frame the remapped DSCP value is either taken from the DSCP Translation Egress Remap DP0 table or from the DSCP Translation Egress ...

Страница 199: ...all switches The DSCP Based QoS screen in Figure 4 9 10 appears Figure 4 9 10 DSCP Based QoS Ingress Classification Page Screenshot The page includes the following fields Object Description DSCP Maximum number of support ed DSCP values are 63 Trust Click to check if the DSCP value is trusted means to select all ports of Industrial Managed Switch 199 ...

Страница 200: ...values will assign to whole DSCP values Drop Precedence Level 0 1 Buttons Click to save changes Click to undo any changes made locally and revert to previously saved values 4 9 9 DSCP Translation This page allows you to configure the basic QoS DSCP Translation settings for all switches DSCP translation can be done in Ingress or Egress The DSCP Translation screen in Figure 4 9 11 appears 200 ...

Страница 201: ...ny of 0 63 DSCP values Classify Click to enable Classification at Ingress side Egress There are the following configurable parameters for Egress side Remap DP0 Controls the remapping for frames with DP level 0 Remap DP1 Controls the remapping for frames with DP level 1 Remap DP0 The Configuration All with available values will assign to whole DSCP values Select the DSCP value from select menu to w...

Страница 202: ...Description QoS Class Available QoS Class value ranges from 0 to 7 QoS Class 0 7 can be mapped to followed parameters DPL Drop Precedence Level 0 1 can be configured for all available QoS Classes DSCP The Configuration All with available values will assign to whole QoS Class Select DSCP value 0 63 from DSCP menu to map DSCP to corresponding QoS Class and DPL value Buttons Click to save changes Cli...

Страница 203: ...frame type Ethernet Only Ethernet frames with Ether Type 0x600 0xFFFF are allowed LLC Only LLC frames are allowed SNAP Only SNAP frames are allowed IPv4 The QCE will match only IPV4 frames IPv6 The QCE will match only IPV6 frames SMAC Displays the OUI field of Source MAC address i e first three octet byte of MAC address DMAC Specify the type of Destination MAC addresses for incoming frame Possible...

Страница 204: ...tches the QCE it will be put in the queue DPL Drop Precedence Level if a frame matches the QCE then DP level will set to value displayed under DPL column DSCP If a frame matches the QCE then DSCP will be classified with the value displayed under DSCP column Modification Buttons You can modify each QCE in the table using the following buttons Inserts a new QCE before the current row Edits the QCE M...

Страница 205: ... is described as below Tag Value of Tag field can be Any Untag or Tag VID Valid value of VLAN ID can be any value in the range 1 4095 or Any user can enter either a specific value or a range of VIDs PCP Priority Code Point Valid value PCP are specific 0 1 2 3 4 5 6 7 or range 0 1 2 3 4 5 6 7 0 3 4 7 or Any DEI Drop Eligible Indicator Valid value of DEI can be any of values between 0 1 or Any SMAC ...

Страница 206: ...e mask format or Any IP and Mask are in the format x y z w where x y z and w are decimal numbers between 0 and 255 When Mask is converted to a 32 bit binary string and read from left to right all bits following the first zero must also be zero DSCP Diffserv Code Point value DSCP It can be specific value range of value or Any DSCP values are in the range 0 63 including BE CS1 CS7 EF or AF11 AF43 IP...

Страница 207: ... previous page without saving the configuration change 4 9 12 QoS Status This page shows the QCL status by different QCL users Each row describes the QCE that is defined It is a conflict if a specific QCE is not applied to the hardware due to hardware limitations The maximum number of QCEs is 256 on each switch The QoS Control List Status screen in Figure 4 9 15 appears Figure 4 9 15 QoS Control L...

Страница 208: ...en DP level will set to value displayed under DPL column DSCP If a frame matches the QCE then DSCP will be classified with the value displayed under DSCP column Conflict Displays QCE status It may happen that resources required to add a QCE may not available in that case it shows conflict status as Yes otherwise it is always No Please note that conflict can be resolved by releaseing the resource r...

Страница 209: ...tch The Storm Control Configuration screen in Figure 4 9 16 appears Figure 4 9 16 Storm Control Configuration Page Screenshot The page includes the following fields Object Description Frame Type The settings in a particular row apply to the frame type listed here unicast multicast Broadcast Enable Enable or disable the storm control status for the given frame type Rate The rate unit is packets per...

Страница 210: ...e includes the following fields Object Description Port The logical port for the settings contained in the same row Q0 Q7 There are 8 QoS queues per port Q0 is the lowest priority queue Rx Tx The number of received and transmitted packets per queue Buttons Auto refresh Check this box to refresh the page automatically Automatic refresh occurs every 3 seconds Click to refresh the page immediate Clea...

Страница 211: ... Configuration screen in Figure 4 9 18 appears Figure 4 9 18 Voice VLAN Configuration Page Screenshot The page includes the following fields Object Description Mode Indicates the Voice VLAN mode operation We must disable MSTP feature before we enable Voice VLAN It can avoid the conflict of ingress filter Possible modes are Enabled Enable Voice VLAN mode operation Disabled Disable Voice VLAN mode o...

Страница 212: ... Forced Forced join to Voice VLAN All means all ports will have one specific setting Port Security Indicates the Voice VLAN port security mode When the function is enabled all non telephone MAC address in Voice VLAN will be blocked 10 seconds Possible port modes are Enabled Enable Voice VLAN security mode operation Disabled Disable Voice VLAN security mode operation All means all ports will have o...

Страница 213: ...Description Delete Check to delete the entry It will be deleted during the next save Telephony OUI An telephony OUI address is a globally unique identifier assigned to a vendor by IEEE It must be 6 characters long and the input format is xx xx xx x is a hexadecimal digit Description The description of OUI address Normaly it descript which vendor telephony device The allowed string length is 0 to 3...

Страница 214: ...s permission associated with a particular ACE ID There are three ACE frame types Ethernet Type ARP and IPv4 and two ACE actions permit and deny The ACE also contains many detailed different parameter options that are available for individual application 4 10 1 Access Control List Status This page shows the ACL status by different ACL users Each row describes the ACE that is defined It is a conflic...

Страница 215: ...ect operation of the ACE Frames matching the ACE are redirected to the port number The allowed values are Disabled or a specific port number When Disabled is displayed the port redirect operation is disabled Mirror Specify the mirror operation of this port The allowed values are Enabled Frames received on the port are mirrored Disabled Frames received on the port are not mirrored The default value...

Страница 216: ...Frame Type Indicates the frame type of the ACE Possible values are Any The ACE will match any frame type EType The ACE will match Ethernet Type frames Note that an Ethernet Type based ACE will not get matched by IP and ARP frames ARP The ACE will match ARP RARP frames IPv4 The ACE will match all IPv4 frames IPv4 ICMP The ACE will match IPv4 frames with ICMP protocol IPv4 UDP The ACE will match IPv...

Страница 217: ...er The counter indicates the number of times the ACE was hit by a frame Modification Buttons You can modify each ACE Access Control Entry in the table using the following buttons Inserts a new ACE before the current row Edits the ACE row Moves the ACE up the list Moves the ACE down the list Deletes the ACE The lowest plus sign adds a new entry at the bottom of the ACE listings Buttons Auto refresh...

Страница 218: ...defined here The ACE Configuration screen in Figure 4 10 3 appears Figure 4 10 3 ACE Configuration Page Screenshot The page includes the following fields Object Description Ingress Port Select the ingress port for which this ACE applies All The ACE applies to all port Portn The ACE applies to this port number where n is the number of the switch port Policy Filter Specify the policy number filter f...

Страница 219: ... base units The allowed range is 1 to 16 Disabled indicates that the rate limiter operation is disabled EVC Policer Select whether EVC policer is enabled or disabled The default value is Disabled EVC Policer ID Select which EVC policer ID to apply on this ACE The allowed values are Disabled or the values 1 through 128 Port Redirect Frames that hit the ACE are redirected to the port number specifie...

Страница 220: ...MAC Value When Specific is selected for the DMAC filter you can enter a specific destination MAC address The legal format is xx xx xx xx xx xx A frame that hits this ACE matches this DMAC value VLAN Parameters Object Description 802 1Q Tagged Specify whether frames can hit the action according to the 802 1Q tagged The allowed values are Any Any value is allowed don t care Enabled Tagged frame only...

Страница 221: ... for the sender IP filter you can enter a specific sender IP address in dotted decimal notation Sender IP Mask When Network is selected for the sender IP filter you can enter a specific sender IP mask in dotted decimal notation Target IP Filter Specify the target IP filter for this specific ACE Any No target IP filter is specified Target IP filter is don t care Host Target IP filter is set to Host...

Страница 222: ...P RARP frames where the PRO is equal to IP 0x800 1 ARP RARP frames where the PRO is equal to IP 0x800 Any Any value is allowed don t care IP Parameters The IP parameters can be configured when Frame Type IPv4 is selected Object Description IP Protocol Filter Specify the IP protocol filter for this ACE Any No IP protocol filter is specified don t care Specific If you want to filter a specific IP pr...

Страница 223: ...the source IP filter for this ACE Any No source IP filter is specified Source IP filter is don t care Host Source IP filter is set to Host Specify the source IP address in the SIP Address field that appears Network Source IP filter is set to Network Specify the source IP address and source IP mask in the SIP Address and SIP Mask fields that appear SIP Address When Host or Network is selected for t...

Страница 224: ... can enter a specific ICMP code value The allowed range is 0 to 255 A frame that hits this ACE matches this ICMP code value TCP UDP Parameters Object Description TCP UDP Source Filter Specify the TCP UDP source filter for this ACE Any No TCP UDP source filter is specified TCP UDP source filter status is don t care Specific If you want to filter a specific TCP UDP source filter with this ACE you ca...

Страница 225: ... entry 1 TCP frames where the FIN field is set must be able to match this entry Any Any value is allowed don t care TCP SYN Specify the TCP Synchronize sequence numbers SYN value for this ACE 0 TCP frames where the SYN field is set must not be able to match this entry 1 TCP frames where the SYN field is set must be able to match this entry Any Any value is allowed don t care TCP RST Specify the TC...

Страница 226: ... Type Value When Specific is selected for the EtherType filter you can enter a specific EtherType value The allowed range is 0x600 to 0xFFFF but excluding 0x800 IPv4 0x806 ARP and 0x86DD IPv6 A frame that hits this ACE matches this EtherType value Buttons Click to save changes Click to undo any changes made locally and revert to previously saved values Return to the previous page 4 10 4 ACL Ports ...

Страница 227: ...e is Disabled All means all ports will have one specific setting Mirror Specify the mirror operation of this port The allowed values are Enabled Frames received on the port are mirrored Disabled Frames received on the port are not mirrored The default value is Disabled All means all ports will have one specific setting Logging Specify the logging operation of this port The allowed values are Enabl...

Страница 228: ... any changes made locally and revert to previously saved values Click to refresh the page any changes made locally will be undone Click to clear the counters 4 10 5 ACL Rate Limiter Configuration Configure the rate limiter for the ACL of the switch The ACL Rate Limiter Configuration screen in Figure 4 10 5 appears Figure 4 10 5 ACL Rate Limiter Configuration Page Screenshot 228 ...

Страница 229: ... in the same row Rate The allowed values are 0 3276700 in pps or 0 100 200 300 1000000 in kbps Unit Specify the rate unit The allowed values are pps packets per second kbps Kbits per second All means all ports will have one specific setting Buttons Click to save changes Click to undo any changes made locally and revert to previously saved values 229 ...

Страница 230: ...containing a success or failure indication Besides forwarding this decision to the supplicant the switch uses it to open up or block traffic on the switch port connected to the supplicant Overview of MAC Based Authentication Unlike 802 1X MAC based authentication is not a standard but merely a best practices method adopted by the industry In MAC based authentication users are called clients and th...

Страница 231: ...e or TACACS aware devices on the network An authentication server contains a database of multiple user name password pairs with associated privilege levels for each user that requires management access to the Managed Switch 4 11 1 Understanding IEEE 802 1X Port Based Authentication The IEEE 802 1X standard defines a client server based access control and authentication protocol that restricts unau...

Страница 232: ...s the LAN and switch services Because the switch acts as the proxy the authentication service is transparent to the client In this release the Remote Authentication Dial In User Service RADIUS security system with Extensible Authentication Protocol EAP extensions is the only supported authentication server it is available in Cisco Secure Access Control Server version 3 0 RADIUS operates in a clien...

Страница 233: ... its identity typically the switch sends an initial identity request frame followed by one or more requests for authentication information Upon receipt of the frame the client responds with an EAP response identity frame However if during bootup the client does not receive an EAP request identity frame from the switch the client can initiate authentication by sending an EAPOL start frame which pro...

Страница 234: ...the client initiates the authentication process by sending the EAPOL start frame When no response is received the client sends the request for a fixed number of times Because no response is received the client begins sending frames as if the port is in the authorized state If the client is successfully authenticated receives an Accept frame from the authentication server the port state changes to ...

Страница 235: ...ethod Authentication Method can be set to one of the following values None authentication is disabled and login is not possible local use the local user database on the switch stack for authentication RADIUS use a remote RADIUS server for authentication TACACSt use a remote TACACS server for authentication Fallback Enable fallback to local authentication by checking this box If none of the configu...

Страница 236: ... page The IEEE802 1X standard defines port based operation but non standard variants overcome security limitations as shall be explored below MAC based authentication allows for authentication of more than one user on the same port and doesn t require the user to have special 802 1X supplicant software installed on his system The switch uses the user s MAC address to authenticate against the backe...

Страница 237: ... Determines the time between retransmission of Request Identity EAPOL frames Valid values are in the range 1 to 255 seconds This has no effect for MAC based ports Aging Period This setting applies to the following modes i e modes using the Port Security functionality to secure MAC addresses Single 802 1X Multi 802 1X MAC Based Auth When the NAS module uses the Port Security module to secure MAC ad...

Страница 238: ...d QoS Enabled checkbox provides a quick way to globally enable disable RADIUS server assigned QoS Class functionality When checked the individual ports ditto setting determine whether RADIUS assigned QoS Class is enabled for that port When unchecked RADIUS server assigned QoS Class is disabled for all ports RADIUS Assigned VLAN Enabled RADIUS assigned VLAN provides a means to centrally control the...

Страница 239: ...port for the life time of the port Once the switch considers whether to enter the Guest VLAN it will first check if this option is enabled or disabled If disabled unchecked default the switch will only enter the Guest VLAN if an EAPOL frame has not been received on the port for the life time of the port If enabled checked the switch will consider entering the Guest VLAN even if an EAPOL frame has ...

Страница 240: ...into the relevant type EAPOL or RADIUS and forwards it When authentication is complete the RADIUS server sends a special packet containing a success or failure indication Besides forwarding this decision to the supplicant the switch uses it to open up or block traffic on the switch port connected to the supplicant Note Suppose two backend servers are enabled and that the server timeout is configur...

Страница 241: ...ssfully authenticated client and get network access even though they really aren t authenticated To overcome this security breach use the Multi 802 1X variant Multi 802 1X is really not an IEEE standard but features many of the same characteristics as does port based 802 1X Multi 802 1X is like Single 802 1X not an IEEE standard but a variant that features many of the same characteristics In Multi...

Страница 242: ...e connected to the same port e g through a 3rd party switch or a hub and still require individual authentication and that the clients don t need special supplicant software to authenticate The advantage of MAC based authentication over 802 1X based authentication is that the clients don t need special supplicant software to authenticate The disadvantage is that MAC addresses can be spoofed by mali...

Страница 243: ...and the port will be forced into VLAN unaware mode Once assigned all traffic arriving on the port will be classified and switched on the RADIUS assigned VLAN ID If re authentication fails or the RADIUS Access Accept packet no longer carries a VLAN ID or it s invalid or the supplicant is otherwise no longer present on the port the port s VLAN ID is immediately reverted to the original VLAN ID which...

Страница 244: ...entity frames If the number of transmissions of such frames exceeds Max Reauth Count and no EAPOL frames have been received in the meanwhile the switch considers entering the Guest VLAN The interval between transmission of EAPOL Request Identity frames is configured with EAPOL Timeout If Allow Guest VLAN if EAPOL Seen is enabled the port will now be placed in the Guest VLAN If disabled the switch ...

Страница 245: ...t Two buttons are available for each row The buttons are only enabled when authentication is globally enabled and the port s Admin State is in an EAPOL based or MAC based mode Clicking these buttons will not cause settings changed on the page to take effect Reauthenticate Schedules a reauthentication to whenever the quiet period of the port runs out EAPOL based authentication For MAC based authent...

Страница 246: ...tion of the individual states Last Source The source MAC address carried in the most recently received EAPOL frame for EAPOL based authentication and the most recently received frame from a new client for MAC based authentication Last ID The user name supplicant identity carried in the most recently received Response Identity EAPOL frame for EAPOL based authentication and the source MAC address fr...

Страница 247: ...Statistics screen in Figure 4 11 6 appears Figure 4 11 6 Network Access Statistics Page Screenshot The page includes the following fields Port State Object Description Admin State The port s current administrative state Refer to NAS Admin State for a description of possible values Port State The current state of the port Refer to NAS Port State for a description of the individual states QoS Class ...

Страница 248: ...ramesRx The number of valid EAPOL Response Identity frames that have been received by the switch Rx Responses dot1xAuthEapolRespFr amesRx The number of valid EAPOL response frames other than Response Identity frames that have been received by the switch Rx Start dot1xAuthEapolStartFra mesRx The number of EAPOL Start frames that have been received by the switch Rx Logoff dot1xAuthEapolLogoffFr ames...

Страница 249: ...The number of valid EAPOL Request frames other than Request Identity frames that have been transmitted by the switch These backend RADIUS frame counters are available for the following administrative states Port based 802 1X Single 802 1X Multi 802 1X MAC based Auth Direction Name IEEE Name Description Backend Server Counters Rx Access Challenges dot1xAuthBackendAcce ssChallenges 802 1X based Coun...

Страница 250: ... of times that the switch receives a success indication Indicates that the supplicant client has successfully authenticated to the backend server Rx Auth Failures dot1xAuthBackendAuth Fails 802 1X and MAC based Counts the number of times that the switch receives a failure message This indicates that the supplicant client has not authenticated to the backend server Tx Responses dot1xAuthBackendResp...

Страница 251: ... 1X Single 802 1X Multi 802 1X MAC based Auth Name IEEE Name Description MAC Address dot1xAuthLastEapolF rameSource The MAC address of the last supplicant client VLAN ID The VLAN ID on which the last frame from the last supplicant client was received Version dot1xAuthLastEapolF rameVersion 802 1X based The protocol version number carried in the most recently received EAPOL frame MAC based Not appl...

Страница 252: ...he attached supplicant For MAC based Auth this column holds the MAC address of the attached client Clicking the link causes the client s Backend Server counters to be shown in the Selected Counters table If no clients are attached it shows No clients attached VLAN ID This column holds the VLAN ID that the corresponding client is currently secured through the Port Security module State The client c...

Страница 253: ...ers for the selected port This button is available in the following modes Multi 802 1X MAC based Auth X Click to clear both the port counters and all of the attached client s counters The Last Client will not be cleared however This button is available in the following modes Multi 802 1X MAC based Auth X Click to clear only the currently selected client s counters 253 ...

Страница 254: ...1 6 Authentication Server Configuration This page allows you to configure the Authentication Servers The Authentication Server Configuration screen in Figure 4 11 7 appears Figure 4 11 7 Authentication Server Configuration Page Screenshot ...

Страница 255: ...he period during which the switch will not send new requests to a server that has failed to respond to a previous request This will stop the switch from continually trying to contact a server that it has already determined as dead Setting the Dead Time to a value greater than 0 zero will enable this feature but only if more than one server has been configured RADIUS Authentication Server Configura...

Страница 256: ... the RADIUS Accounting Server and the switch TACACS Authentication Server Configuration The table has one row for each TACACS Authentication Server and a number of columns which are Object Description The TACACS Authentication Server number for which the configuration below applies Enabled Enable the TACACS Authentication Server by checking this box IP Address Hostname The IP address or hostname o...

Страница 257: ...DIUS server number Click to navigate to detailed statistics for this server IP Address The IP address and UDP port number in IP Address UDP Port notation of this server Status The current state of the server This field takes one of the following values Disabled The server is disabled Not Ready The server is enabled but IP communication is not yet up and running Ready The server is enabled IP commu...

Страница 258: ...bled The server is disabled Not Ready The server is enabled but IP communication is not yet up and running Ready The server is enabled IP communication is up and running and the RADIUS module is ready to accept accounting attempts Dead X seconds left Accounting attempts were made to this server but it did not reply within the configured timeout The server has temporarily been disabled but will get...

Страница 259: ...Details This page provides detailed statistics for a particular RADIUS server The RADIUS Authentication Accounting for Server Overview screen in Figure 4 11 9 appears Figure 4 11 9 RADIUS Authentication Accounting for Server Overview Page Screenshot ...

Страница 260: ...usAuthClientExtA ccessRejects The number of RADIUS Access Reject packets valid or invalid received from the server Rx Access Challenges radiusAuthClientExtA ccessChallenges The number of RADIUS Access Challenge packets valid or invalid received from the server Rx Malformed Access Responses radiusAuthClientExt MalformedAccessRe sponses The number of malformed RADIUS Access Response packets received...

Страница 261: ...he server This does not include retransmissions Tx Access Retransmissio ns radiusAuthClientExtA ccessRetransmission s The number of RADIUS Access Request packets retransmitted to the RADIUS authentication server Tx Pending Requests radiusAuthClientExtP endingRequests The number of RADIUS Access Request packets destined for the server that have not yet timed out or received a response This variable...

Страница 262: ...s enabled IP communication is up and running and the RADIUS module is ready to accept access attempts Dead X seconds left Access attempts were made to this server but it did not reply within the configured timeout The server has temporarily been disabled but will get re enabled when the dead time expires The number of seconds left before this occurs is displayed in parentheses This state is only r...

Страница 263: ... received from the server Malformed packets include packets with an invalid length Bad authenticators or or unknown types are not included as malformed access responses Rx Bad Authenticators radiusAcctClientExt BadAuthenticators The number of RADIUS packets containing invalid authenticators received from the server Rx Unknown Types radiusAccClientExt UnknownTypes The number of RADIUS packets of un...

Страница 264: ...to the same server send to a different server or give up A retry to the same server is counted as a retransmit as well as a timeout A send to a different server is counted as a Request as well as a timeout This section contains information about the state of the server and the latest round trip time Name RFC4670 Name Description IP Address IP address and UDP port for the accounting server in quest...

Страница 265: ...ientExtRo undTripTime The time interval measured in milliseconds between the most recent Response and the Request that matched it from the RADIUS accounting server The granularity of this measurement is 100 ms A value of 0 ms indicates that there hasn t been round trip communication with the server yet Buttons Auto refresh Check this box to refresh the page automatically Automatic refresh occurs e...

Страница 266: ...witch In this case field in the default IP Address of the Managed Switch with 192 168 0 100 And also make sure the shared secret key is as same as the one you had set at the Managed Switch s 802 1x system configuration 12345678 at this case 1 Configure the IP Address of remote RADIUS server and secret key Figure 4 11 10 RADIUS Server Configuration Screenshot ...

Страница 267: ...2 Add New RADIUS Cleint on the Windows 2003 server Figure 4 11 11 Windows Server Add New RADIUS Client Setting 3 Assign the client IP address to the Industrial Managed Switch Figure 4 11 12 Windows Server RADIUS Server Setting 267 ...

Страница 268: ...User s Manual of IGS 10020MT 4 The shared secret key should be as same as the key configured on the Industrial Managed Switch Figure 4 11 13 Windows Server RADIUS Server Setting 268 ...

Страница 269: ...2 1X Port Configuration Figure 4 11 14 802 1x Port Configuration 6 Create user data The establishment of the user data needs to be created on the Radius Server PC For example the Radius Server founded on Win2003 Server and then Figure 4 11 15 Windows 2003 AD Server Setting Path 269 ...

Страница 270: ...r Active Directory Users and Computers create legal user data the next right click a user what you created to enter properties and what to be noticed Figure 4 11 16 Add User Properties Screen Figure 4 11 17 Add User Properties Screen 270 ...

Страница 271: ...dows 98SE ME 2000 an 802 1X client utility is needed The following procedures show how to configure 802 1X Authentication in Windows XP Please note that if you want to change the 802 1x authentication type of a wireless client i e switch to EAP TLS from EAP MD5 you must remove the current existing wireless network from your preferred connection first and add it in again Configure Sample EAP MD5 Au...

Страница 272: ...control using IEEE 802 1X to enable 802 1x authentication 6 Select MD 5 Challenge from the drop down list box for EAP type Figure 4 11 19 7 Click OK 8 When client has associated with the Managed Switch a user authentication notice appears in system tray Click on the notice to continue 272 ...

Страница 273: ...of IGS 10020MT Figure 4 11 20 Windows Client Popup Login Request Message 9 Enter the user name password and the logon domain that your account belongs 10 Click OK to complete the validation process Figure 4 11 21 273 ...

Страница 274: ...rol This page allows you to configure the Port Security Limit Control system and port settings Limit Control allows for limiting the number of users on a given port A user is identified by a MAC address and VLAN ID If Limit Control is enabled on a port the limit specifies the maximum number of users on the port If this number is exceeded an action is taken The action can be one of the four differe...

Страница 275: ...ed Aging Enabled If checked secured MAC addresses are subject to aging as discussed under Aging Period Aging Period If Aging Enabled is checked then the aging period is controlled with this input If other modules are using the underlying port security for securing MAC addresses they may have other requirements to the aging period The underlying port security will use the shorter requested aging pe...

Страница 276: ...s port Both this and the Global Mode must be set to Enabled for Limit Control to be in effect Notice that other modules may still use the underlying port security features without enabling Limit Control on a given port Limit The maximum number of MAC addresses that can be secured on this port This number cannot exceed 1024 If the limit is exceeded the corresponding action is taken The stackswitch ...

Страница 277: ...bally disabled or disabled on the port Ready The limit is not yet reached This can be shown for all actions Limit Reached Indicates that the limit is reached on this port This state can only be shown if Action is set to None or Trap Shutdown Indicates that the port is shut down by the Limit Control module This state can only be shown if Action is set to Shutdown or Trap Shutdown Reopen Button If a...

Страница 278: ...ble access management mode operation Delete Check to delete the entry It will be deleted during the next save Start IP Address Indicates the start IP address for the access management entry End IP Address Indicates the end IP address for the access management entry HTTP HTTPS Indicates the host can access the switch from HTTP HTTPS interface that the host IP address matched the entry SNMP Indicate...

Страница 279: ...at allowed remote host can access the Industrial Managed Switch Receive Packets The received packets number from the interface under access management mode is enabled Allowed Packets The allowed packets number from the interface under access management mode is enabled Discard Packets The discarded packets number from the interface under access management mode is enabled Buttons Auto refresh Check ...

Страница 280: ...TTPS mode operation Possible modes are Enabled Enable HTTPS mode operation Disabled Disable HTTPS mode operation Automatic Redirect Indicates the HTTPS redirect mode operation Automatic redirect web browser to HTTPS during HTTPS mode enabled Possible modes are Enabled Enable HTTPS redirect mode operation Disabled Disable HTTPS redirect mode operation Buttons Click to save changes Click to undo any...

Страница 281: ...ss to be set in the forwarding state all enabled user modules must unanimously agree on allowing the MAC address to forward If only one chooses to block it it will be blocked until that user module decides otherwise The status page is divided into two sections one with a legend of user modules and one with the actual port status The SSH Configuration screen in Figure 4 12 5 appears Figure 4 12 5 S...

Страница 282: ...ate all enabled user modules must unanimously agree on allowing the MAC address to forward If only one chooses to block it it will be blocked until that user module decides otherwise The status page is divided into two sections one with a legend of user modules and one with the actual port status The Port Security Status screen in Figure 4 12 6 appears Figure 4 12 6 Port Security Status Screen Pag...

Страница 283: ... addresses to arrive Limit Reached The Port Security service is enabled by at least the Limit Control user module and that module has indicated that the limit is reached and no more MAC addresses should be taken in Shutdown The Port Security service is enabled by at least the Limit Control user module and that module has indicated that the limit is exceeded No MAC addresses can be learned on the p...

Страница 284: ... ID The MAC address and VLAN ID that is seen on this port If no MAC addresses are learned a single row stating No MAC addresses attached is displayed State Indicates whether the corresponding MAC address is blocked or forwarding In the blocked state it will not be allowed to transmit or receive traffic Time of Addition Shows the date and time when this MAC address was first seen on the port Age Ho...

Страница 285: ...e includes the following fields Object Description Snooping Mode Indicates the DHCP snooping mode operation Possible modes are Enabled Enable DHCP snooping mode operation When enable DHCP snooping mode operation the request DHCP messages will be forwarded to trusted ports and only allowed reply packets from trusted ports Disabled Disable DHCP snooping mode operation Port Mode Indicates the DHCP sn...

Страница 286: ... page includes the following fields Object Description Rx and Tx Discover The number of discover option 53 with value 1 packets received and transmitted Rx and Tx Offer The number of offer option 53 with value 2 packets received and transmitted Rx and Tx Request The number of request option 53 with value 3 packets received and transmitted Rx and Tx Decline The number of decline option 53 with valu...

Страница 287: ...ase unassigned option 53 with value 11 packets received and transmitted Rx and Tx Lease Unknown The number of lease unknown option 53 with value 12 packets received and transmitted Rx and Tx Lease Active The number of lease active option 53 with value 13 packets received and transmitted Buttons Auto refresh Check this box to refresh the page automatically Automatic refresh occurs every 3 seconds C...

Страница 288: ...ludes the following fields Object Description Mode of IP Source Guard Configuration Enable the Global IP Source Guard or disable the Global IP Source Guard All configured ACEs will be lost when the mode is enabled Port Mode Configuration Specify IP Source Guard is enabled on which ports Only when both Global Mode and Port Mode on a given port are enabled IP Source Guard is enabled on this given po...

Страница 289: ... IP Source Guard Table screen in Figure 4 12 11 appears Figure 4 12 11 Static IP Source Guard Table Screen Page Screenshot The page includes the following fields Object Description Delete Check to delete the entry It will be deleted during the next save Port The logical port for the settings VLAN ID The VLAN ID for the settings IP Address Allowed Source IP address MAC address Allowed Source MAC ad...

Страница 290: ...ated configuration The ARP Inspection Configuration screen in Figure 4 12 12 appears Figure 4 12 12 ARP Inspection Configuration Screen Page Screenshot The page includes the following fields Object Description Mode of ARP Inspection Configuration Enable the Global ARP Inspection or disable the Global ARP Inspection Port Mode Configuration Specify ARP Inspection is enabled on which ports Only when ...

Страница 291: ...pears Figure 4 12 13 Static ARP Inspection Table Screen Page Screenshot The page includes the following fields Object Description Delete Check to delete the entry It will be deleted during the next save Port The logical port for the settings VLAN ID The VLAN ID for the settings MAC Address Allowed Source MAC address in ARP request packets IP Address Allowed Source IP address in ARP request packets...

Страница 292: ...nd switch ports The frames also contain a MAC address SMAC address which shows the MAC address of the equipment sending the frame The SMAC address is used by the switch to automatically update the MAC table with these dynamic MAC addresses Dynamic entries are removed from the MAC table if no frame with the corresponding SMAC address have been seen after a configurable age time 4 13 1 MAC Address T...

Страница 293: ...n Auto Learning is done automatically as soon as a frame with unknown SMAC is received Disable No learning is done Secure Only static MAC entries are learned all other frames are dropped Note Make sure that the link used for managing the switch is added to the Static Mac Table before changing to secure learning mode otherwise the management link is lost and can only be restored by using another no...

Страница 294: ... visited the web page will show the first 20 entries from the beginning of the MAC Table The first displayed will be the one with the lowest VLAN ID and the lowest MAC address found in the MAC Table The Start from MAC address and VLAN input fields allow the user to select the starting point in the MAC Table Clicking the Refresh button will update the displayed table starting from that or the close...

Страница 295: ...ARP Inspection Table are shown on this page The Dynamic ARP Inspection Table contains up to 1024 entries and is sorted first by port then by VLAN ID then by MAC address and then by IP address The Dynamic ARP Inspection Table screen in Figure 4 13 3 appears Figure 4 13 3 Dynamic ARP Inspection Table Screenshot Navigating the ARP Inspection Table Each page shows up to 999 entries from the Dynamic AR...

Страница 296: ... fields Object Description Port Switch Port Number for which the entries are displayed VLAN ID VLAN ID in which the ARP traffic is permitted MAC Address User MAC address of the entry IP Address User IP address of the entry Buttons Auto refresh Check this box to refresh the page automatically Automatic refresh occurs every 3 seconds Refreshes the displayed table starting from the input fields Updat...

Страница 297: ...ed table starting from that or the closest next Dynamic IP Source Guard Table match In addition the two input fields will upon a Refresh button click assume the value of the first displayed entry allowing for continuous refresh with the same start address The will use the last entry of the currently displayed as a basis for the next lookup When the end is reached the text No more entries is shown ...

Страница 298: ... store and maintain information gathered about the neighboring network nodes it discovers Link Layer Discovery Protocol Media Endpoint Discovery LLDP MED is an extension of LLDP intended for managing endpoint devices such as Voice over IP phones and network switches The LLDP MED TLVs advertise information such as network policy power inventory and device location details LLDP and LLDP MED informat...

Страница 299: ...time Multiplier 65536 Therefore the default TTL is 4 30 120 seconds Tx Delay If some configuration is changed e g the IP address a new LLDP frame is transmitted but the time between the LLDP frames will always be at least the value of Tx Delay seconds Tx Delay cannot be larger than 1 4 of the Tx Interval value Valid values are restricted to 1 8192 seconds This attribute must comply with the rule 4...

Страница 300: ...TLV can contain multiple addresses but only the first address is shown in the LLDP neighbours table CDP TLV Port ID is mapped to the LLDP Port ID field CDP TLV Version and Platform is mapped to the LLDP System Description field Both the CDP and LLDP support system capabilities but the CDP capabilities cover capabilities that are not part of the LLDP These capabilities are shown as others in the LL...

Страница 301: ...des the IPv4 address of the switch If no management address is available the address should be the MAC address for the CPU or for the port sending this advertisement The management address TLV may also include information about the specific interface associated with this address and an object identifier indicating the type of hardware component or protocol entity associated with this address Butto...

Страница 302: ...ise the voice network policy to permitted voice capable devices both in order to conserve the limited LLDPU space and to reduce security and system integrity issues that can come with inappropriate knowledge of the network policy With this in mind LLDP MED defines an LLDP MED Fast Start interaction between the protocol and the application layers on top of the protocol in order to achieve these rel...

Страница 303: ... within 0 90 degrees with a maximum of 4 digits It is possible to specify the direction to either North of the equator or South of the equator Longitude Longitude SHOULD be normalized to within 0 180 degrees with a maximum of 4 digits It is possible to specify the direction to either East of the prime meridian or West of the prime meridian Altitude Altitude SHOULD be normalized to within 32767 to ...

Страница 304: ...prefecture County County parish gun Japan district City City township shi Japan Example Copenhagen City district City division borough city district ward chou Japan Block Neighborhood Neighborhood block Street Street Example Poppelvej Leading street direction Leading street direction Example N Trailing street suffix Trailing street suffix Example SW Street suffix Street suffix Example Ave Platz Ho...

Страница 305: ...IP environments that frequently result in voice quality degradation or loss of service Policies are only intended for use with applications that have specific real time network policy requirements such as interactive voice and or video services The network policy attributes advertised are 1 Layer 2 VLAN ID IEEE 802 1Q 2003 2 Layer 2 priority value IEEE 802 1D 2004 3 Layer 3 Diffserv code point DSC...

Страница 306: ...phony handsets and other similar appliances supporting interactive voice services Guest Voice Signaling conditional for use in network topologies that require a different policy for the guest voice signaling than for the guest voice media This application type should not be advertised if all the same network policies apply as those advertised in the Guest Voice application policy Softphone Voice f...

Страница 307: ...e used for the specified application type L2 Priority may specify one of eight priority levels 0 through 7 as defined by IEEE 802 1D 2004 A value of 0 represents use of the default priority as defined in IEEE 802 1D 2004 DSCP DSCP value to be used to provide Diffserv node behavior for the specified application type as defined in IETF RFC 2474 DSCP may contain one of 64 code point values 0 through ...

Страница 308: ...Endpoint Devices An LLDP MED Network Connectivity Device is a LAN access device based on any of the following technologies 1 LAN Switch Router 2 IEEE 802 1 Bridge 3 IEEE 802 3 Repeater included for historical reasons 4 IEEE 802 11 Wireless Access Point 5 Any device that supports the IEEE 802 1AB and MED extensions defined by TIA 1057 and can relay IEEE 802 frames via any method LLDP MED Endpoint D...

Страница 309: ...d to adhere to this class include but are not limited to Voice Media Gateways Conference Bridges Media Servers and similar Discovery services defined in this class include media type specific network layer policy discovery LLDP MED Communication Endpoint Class III The LLDP MED Communication Endpoint Class III definition is applicable to all endpoint products that act as end user communication appl...

Страница 310: ...equipment and other similar appliances supporting real time interactive video audio services Streaming Video for use by broadcast or multicast based video content distribution and other similar applications supporting streaming video services that require specific network policy treatment Video applications relying on TCP with buffering would not be an intended use of this application type Video S...

Страница 311: ...to negotiation Capabilities Auto negotiation Capabilities shows the link partners MAC PHY capabilities Buttons Auto refresh Check this box to refresh the page automatically Automatic refresh occurs every 3 seconds Click to refresh the page immediate 4 14 5 Neighbor This page provides a status overview for all LLDP neighbors The displayed table contains a row for each port on which an LLDP neighbor...

Страница 312: ...bility is enabled the capability is followed by If the capability is disabled the capability is followed by Management Address Management Address is the neighbor unit s address that is used for higher layer entities to assist the discovery by the network management This could for instance hold the neighbor s IP address Buttons Auto refresh Check this box to refresh the page automatically Automatic...

Страница 313: ...ing fields Global Counters Object Description Neighbor entries were last changed at It also shows the time when the last entry was last deleted or added It also shows the time elapsed since the last change was detected Total Neighbors Entries Added Shows the number of new entries added since switch reboot Total Neighbors Entries Deleted Shows the number of new entries deleted since switch reboot T...

Страница 314: ... within the table Entries are removed from the table when a given port links down an LLDP shutdown frame is received or when the entry ages out TLVs Discarded Each LLDP frame can contain multiple pieces of information known as TLVs TLV is short for Type Length Value If a TLV is malformed it is counted and discarded TLVs Unrecognized The number of well formed TLVs but with an unknown type value Org...

Страница 315: ...ime that receiver would like the transmitter to holdoff to allow time for the receiver to wake from sleep Fallback Receive Tw The link parther s fallback receive Tw A receiving link partner may inform the transmitter of an alternate desired Tw_sys_tx Since a receiving link partner is likely to have discrete levels for savings this provides the transmitter with additional information that it may us...

Страница 316: ... this link Note NOT the link parther The resolved value that is the actual tx wakeup time used for this link based on EEE information exchanged via LLDP EEE in Sync Shows whether the switch and the link partner have agreed on wake times Red Switch and link partner have not agreed on wakeup times Green Switch and link partner have agreed on wakeup times Buttons Auto refresh Check this box to refres...

Страница 317: ...ues The Managed Switch transmit ICMP packets and the sequence number and roundtrip time are displayed upon reception of a reply Cable Diagnostics The Cable Diagnostics performing tests on copper cables These functions have the ability to identify the cable length and operating conditions and to isolate a variety of common faults that can occur on the Cat5 twisted pair cabling There might be two st...

Страница 318: ...ears Figure 4 15 1 ICMP Ping Page Screenshot The page includes the following fields Object Description IP Address The destination IP Address Ping Length The payload size of the ICMP packet Values range from 2 bytes to 1452 bytes Ping Count The count of the ICMP packet Values range from 1 time to 60 times Ping Interval The interval of the ICMP packet Values range from 0 second to 30 seconds Be sure...

Страница 319: ...r until a timeout occurs The ICMPv6 Ping screen in Figure 4 15 2 appears Figure 4 15 2 ICMPv6 Ping Page Screenshot The page includes the following fields Object Description IP Address The destination IP Address Ping Length The payload size of the ICMP packet Values range from 2 bytes to 1452 bytes Ping Count The count of the ICMP packet Values range from 1 time to 60 times Ping Interval The interv...

Страница 320: ... occurs The ICMP Ping screen in Figure 4 15 3 appears Figure 4 15 3 Remote IP Ping Test Page Screenshot The page includes the following fields Object Description Port The logical port for the settings Remote IP Address The destination IP Address Ping Size The payload size of the ICMP packet Values range from 8 bytes to 1400 bytes Result Display the ping result Buttons Click to start ping process C...

Страница 321: ...s will be linked down while running cable diagnostic Therefore running cable diagnastic on a 10 or 100 Mbps management port will cause the switch to stop responding until VeriPHY is complete The ports belong to the currently selected stack unit as reflected by the page header The VeriPHY Cable Diagnostics screen in Figure 4 15 4 appears Figure 4 15 4 VeriPHY Cable Diagnostics Page Screenshot The p...

Страница 322: ...page includes the following fields General Settings Object Description Enable Loop Protection Controls whether loop protections is enabled as a whole Transmission Time The interval between each loop protection PDU sent on each port valid values are 1 to 10 seconds Shutdown Time The period in seconds for which a port will be kept disabled in the event of a loop is detected and the port action shuts...

Страница 323: ...ously saved values 4 16 2 Status This page displays the loop protection port status the ports from the Industrial Managed Switch Figure 4 16 2 Loop Protection Status Page Screenshot The page includes the following fields Object Description Port The switch port number of the logical port Action The currently configured port action Transmit The currently configured port transmit mode Loops The numbe...

Страница 324: ...mplementation of Event Statistics and History display some current or history subnet statistics Alarm and Event provide a method to monitor any integer data change in the network and provide some alerts upon abnormal events sending Trap or record in logs 4 17 1 RMON Alarm Configuration Configure RMON Alarm table on this page The entry index key is ID screen in Figure 4 17 1 appears Figure 4 17 1 R...

Страница 325: ...s that could not be transmitted because of errors OutQLen The length of the output packet queue in packets Sample Type The method of sampling the selected variable and calculating the value to be compared against the thresholds possible sample types are Absolute Get the sample directly Delta Calculate the difference between samples default Value The value of the statistic during the last sampling ...

Страница 326: ...bject Description Interval Indicates the interval in seconds for sampling and comparing the rising and falling threshold Variable Indicates the particular variable to be sampled Sample Type The method of sampling the selected variable and calculating the value to be compared against the thresholds Value The value of the statistic during the last sampling period Startup The alarm that may be sent w...

Страница 327: ...n in Figure 4 17 3 appears Figure 4 17 3 Port Statistics Overview page screenshot The page includes the following fields Object Description ID Indicates the index of Alarm control entry Interval Indicates the interval in seconds for sampling and comparing the rising and falling threshold Variable Indicates the particular variable to be sampled Sample Type The method of sampling the selected variab...

Страница 328: ... delete the entry It will be deleted during the next save ID Indicates the index of the entry The range is from 1 to 65535 Desc Indicates this event the string length is from 0 to 127 default is a null string Type Indicates the notification of the event the possible types are none The total number of octets received on the interface including framing characters log The number of uni cast packets d...

Страница 329: ...Figure 4 17 5 appears Figure 4 17 5 Detailed RMON Event ID page screenshot The page includes the following fields Object Description Event Index Indicates the index of the event entry Log Index Indicates the index of the log entry LogTime Indicates Event log time LogDescription Indicates the Event description Buttons Auto refresh Check this box to refresh the page automatically Automatic refresh o...

Страница 330: ...een in Figure 4 17 6 appears Figure 4 17 6 RMON Event Overview page screenshot The page includes the following fields Object Description Event Index Indicates the index of the event entry Log Index Indicates the index of the log entry LogTime Indicates Event log time LogDescription Indicates the Event description Buttons Auto refresh Check this box to refresh the page automatically Automatic refre...

Страница 331: ...rt ID which wants to be monitored If in stacking switch the value must add 1000 switch ID 1 for example if the port is switch 3 port 5 the value is 2005 Interval Indicates the interval in seconds for sampling the history statistics data The range is from 1 to 3600 default value is 1800 seconds Buckets Indicates the maximum data entries associated this History control entry stored in RMON The range...

Страница 332: ...robe due to lack of resources Drops The total number of events in which packets were dropped by the probe due to lack of resources Octets The total number of octets of data including those in bad packets received on the network Pkts The total number of packets including bad packets broadcast packets and multicast packets received Broadcast The total number of good packets received that were direct...

Страница 333: ...cally Automatic refresh occurs every 3 seconds Click to refresh the page immediate 4 17 9 RMON History Status This page provides an overview of RMON History entries Each page shows up to 99 entries from the History table default being 20 selected through the entries per page input field When first visited the web page will show the first 20 entries from the beginning of the History table The first...

Страница 334: ...ze The total number of packets received that were less than 64 octets Oversize The total number of packets received that were longer than 1518 octets Frag The number of frames which size is less than 64 octets received with invalid CRC Jabb The number of frames which size is larger than 64 octets received with invalid CRC Coll The best estimate of the total number of collisions on this Ethernet se...

Страница 335: ...bject Description Delete Check to delete the entry It will be deleted during the next save ID Indicates the index of the entry The range is from 1 to 65535 Data Source Indicates the port ID which wants to be monitored If in stacking switch the value must add 1000 switch ID 1 for example if the port is switch 3 port 5 the value is 2005 Buttons Click to add a new community entry Click to save change...

Страница 336: ...opped by the probe due to lack of resources Octets The total number of octets of data including those in bad packets received on the network Pkts The total number of packets including bad packets broadcast packets and multicast packets received Broad cast The total number of good packets received that were directed to the broadcast address Multi cast The total number of good packets received that ...

Страница 337: ...ts in length 65 127 The total number of packets including bad packets received that were between 65 to 127 octets in length 128 255 The total number of packets including bad packets received that were between 128 to 255 octets in length 256 511 The total number of packets including bad packets received that were between 256 to 511 octets in length 512 1023 The total number of packets including bad...

Страница 338: ...words and parameters at the prompt Using the Industrial Managed Switch s command line interface CLI is very similar to entering commands on a UNIX system This chapter describes how to use the Command Line Interface CLI 5 2 Telnet Login The Industrial Managed Switch supports telnet for remote management The Industrial Managed Switch asks for user name and password for remote login when using telnet...

Страница 339: ...N PVLAN Private VLAN Security Security management STP Spanning Tree Protocol Aggr Link Aggregation LACP Link Aggregation Control Protocol LLDP Link Layer Discovery Protocol LLDPMED Link Layer Discovery Protocol Media EEE Energy Efficient Ethernet Thermal Thermal Protection QoS Quality of Service Mirror Port mirroring Config Load Save of configuration via TFTP Firmware Download of firmware via TFTP...

Страница 340: ...ort list or all default All ports Example To display system information IGS 10020MT System configuration System Contact System Name IGS 10020MT System Location Timezone Offset 0 MAC Address 00 30 4F 00 a0 01 System Time 1970 01 01 Thu 02 50 01 00 00 System Uptime 00 10 55 Software Version 1 0b120618 Software Date 2012 06 18T10 43 11 0800 Previous Restart Cold IGS 10020MT System Log Configuration D...

Страница 341: ... Description Show system version information Syntax System Version Example To display system version IGS 10020MT System version Version 1 0b120618 Build Date 2012 06 18T10 43 11 0800 IGS 10020MT System Log Server Mode Description Show or set the system log server mode Syntax System Log Server Mode enable disable Parameters enable Enable system log server mode disable Disable system log server mode...

Страница 342: ...255 Use clear or to clear the string System name is a text string drawn from the alphabet A Za z digits 0 9 minus sign In CLI no blank or space characters are permitted as part of a name The first character must be an alpha character and the first or last character must not be a minus sign clear Clear system name Example To set device title IGS 10020MT System name IGS 10020MT System Contact Descri...

Страница 343: ... device contact IGS 10020MT System contact System Log Server Address Description Show or set the system log server address Syntax System Log Server Address ip_addr_string Parameters ip_addr_string IP host address a b c d or a host name string Default Setting empty Example To set log server address IGS 10020MT log server address 192 168 0 21 System Location Description Set or show the system locati...

Страница 344: ...ng empty Example To set device location IGS 10020MT System location 9F LAB System Log Level Description Show or set the system log level It uses to determine what kind of message will send to syslog server Syntax System Log Level info warning error Parameters info Send informations warnings and errors warning Send warnings and errors error Send errors Default Setting info Example To set log level ...

Страница 345: ...20 relative to UTC Default Setting 0 Example To set timezone IGS 10020MT system timezone 0 System Log Lookup Description Show or clear the system log Syntax System Log Lookup log_id all info warning error clear Parameters log_id System log ID or range default All entries all Show all levels default info Show informations warning Show warnings error Show errors clear Clear log 345 ...

Страница 346: ... 1970 01 01T00 00 05 00 00 Link up on port 8 IGS 10020MT System Reboot Description Reboot the system Syntax System Reboot Example To reboot device without changing any of the settings IGS 10020MT system reboot System Restore Default Description Restore factory default configuration Syntax System Restore Default keep_ip Parameters keep_ip Keep IP configuration default Restore full configuration 346...

Страница 347: ...ge in percent zero is idle Syntax System Load Example To show current CPU load IGS 10020MT system load Load average 100ms 1s 10s 1 1 1 6 2 IP Command IP Configuration Description Show IP configuration Syntax IP Configuration Example Show IP configuration IGS 10020MT ip configuration IP Configuration DHCP Client Disabled IP Address 192 168 0 101 IP Mask 255 255 255 0 IP Router 192 168 0 253 DNS Ser...

Страница 348: ...100 IPv6 Prefix 96 IPv6 Router IP DHCP Description Set or show the DHCP client mode Syntax IP DHCP enable disable Parameters enable Enable or renew DHCP client disable Disable DHCP client Default Setting Disable Example Disable DHCP sever IGS 10020MT ip dhcp disable IP Setup Description Set or show the IP setup Syntax IP Setup ip_addr ip_mask ip_router vid 348 ...

Страница 349: ...2 168 0 100 255 255 255 0 IP Ping Description Ping IP address ICMP echo Syntax IP Ping ip_addr_string ping_length Parameters ip_addr_string IP host address a b c d or a host name string ping_length Ping data length 8 1400 excluding MAC IP and ICMP headers Example IGS 10020MT ip ping 192 168 0 21 PING server 192 168 0 21 60 bytes from 192 168 0 21 icmp_seq 0 time 0ms 60 bytes from 192 168 0 21 icmp...

Страница 350: ...t Showdne IP address Default Setting 0 0 0 0 Example Set DNS IP address IGS 10020MT ip dns 168 95 1 1 IP DNS Proxy Description Set or show the IP DNS Proxy mode Syntax IP DNS_Proxy enable disable Parameters enable Enable DNS Proxy disable Disable DNS Proxy Default Setting disable Example Enable DNS proxy function IGS 10020MT ip dns_proxy enable 350 ...

Страница 351: ...cimal digits with a colon separates each field For example fe80 215 c5ff fe03 4dc7 The symbol is a special syntax that can be used as a shorthand way of representing multiple 16 bit groups of contiguous zeros but it can only appear once It also used a following legally IPv4 address For example 192 1 2 34 ipv6_prefix IPv6 subnet mask default Show IPv6 prefix ipv6_router IPv6 router default Show IPv...

Страница 352: ...field For example four hexadecimal digits with a colon separates each field For example fe80 215 c5ff fe03 4dc7 The symbol is a special syntax that can be used as a shorthand way of representing multiple 16 bit groups of contiguous zeros but it can only appear once It also used a following legally IPv4 address For example 192 1 2 34 ping_length Ping data length 8 1400 excluding MAC IP and ICMP hea...

Страница 353: ... Disabled Idx Server IP host address a b c d or a host name string 1 pool ntp org 2 europe pool ntp org 3 north america pool ntp org 4 asia pool ntp org 5 oceania pool ntp org IP NTP Mode Description Set or show the NTP mode Syntax IP NTP Mode enable disable Parameters enable Enable NTP mode disable Disable NTP mode default Show NTP mode Default Setting disable ...

Страница 354: ...erver IPv6 Add Description Add NTP server IPv6 entry Syntax IP NTP Server Ipv6 Add server_index server_ipv6 Parameters server_index The server index 1 5 server_ipv6 IPv6 server address IPv6 address is in 128 bit records represented as eight fields of up to four hexadecimal digits with a colon separates each field For example fe80 215 c5ff fe03 4dc7 The symbol is a special syntax that can be used a...

Страница 355: ...S 10020MT ip ntp server ipv6 add 1 2001 7b8 3 2c 123 IP NTP Server Delete Description Delete NTP server entry Syntax IP NTP Server Delete server_index Parameters server_index The server index 1 5 Example To delete NTP server IGS 10020MT ip ntp server delete 1 355 ...

Страница 356: ...ports Example Display port1 4 status IGS 10020MT port configuration 1 4 Port Configuration Port State Mode Flow Control MaxFrame Power Excessive Link 1 Enabled Auto Disabled 9600 Disabled Discard Down 2 Enabled Auto Disabled 9600 Disabled Discard Down 3 Enabled Auto Disabled 9600 Disabled Discard Down 4 Enabled Auto Disabled 9600 Disabled Discard Down Port Mode Description Set or show the port spe...

Страница 357: ...nd current mode Default Setting Auto Example Set 10Mbps half duplex speed for port1 IGS 10020MT port mode 1 10hdx Port Flow Control Description Set or show the port flow control mode Syntax Port Flow Control port_list enable disable Parameters port_list Port list or all default All ports enable Enable flow control disable Disable flow control default Show flow control mode Default Setting Disable ...

Страница 358: ...Show administrative mode Default Setting Enable Example Disable port1 IGS 10020MT port state 1 disable Port Maximum Frame Description Set or show the port maximum frame size Syntax Port MaxFrame port_list max_frame Parameters port_list Port list or all default All ports max_frame Port maximum frame size 1518 9600 default Show maximum frame size Default Setting 9600 Example Set 2048 frame size for ...

Страница 359: ... ActiPHY power control dynamic Enable Dynamic power control Default Setting disable Example Disable port power function for port1 4 IGS 10020MT port power 1 4 enable Port Excessive Description Set or show the port excessive collision mode Syntax Port Excessive port_list discard restart Parameters port_list Port list or all default All ports discard Discard frame after 16 collisions restart Restart...

Страница 360: ...owing values clear Clear port statistics packets Show packet statistics bytes Show byte statistics errors Show error statistics discards Show discard statistics filtered Show filtered statistics 0 7 Show priority statistics default Show all port statistics up Show ports which are up down Show ports which are down default Show all ports Port VeriPHY Description Run cable diagnostics Syntax Port Ver...

Страница 361: ...rmation Syntax Port SFP port_list Parameters port_list Port list or all default All ports Example Show SFP information for port21 24 IGS 10020MT port sfp Port Type Speed Wave Length nm Distance m 9 1000Base LX 1000 Base 1310 10000 10 1000Base LX 1000 Base 1310 10000 361 ...

Страница 362: ...nfiguration port_list Parameters port_list Port list or all default All ports Example Show Mac address state IGS 10020MT mac configuration MAC Configuration MAC Address 00 30 4f 24 04 d1 MAC Age Time 300 Port Learning 1 Auto 2 Auto 3 Auto 4 Auto 5 Auto 6 Auto 7 Auto 8 Auto 9 Auto 10 Auto MAC Add Description Add MAC address table entry 362 ...

Страница 363: ...20MT mac add 00 30 4f 01 01 02 1 1 MAC Delete Description Delete MAC address entry Syntax MAC Delete mac_addr vid Parameters mac_addr MAC address xx xx xx xx xx xx vid VLAN ID 1 4095 default 1 Example Delete Mac address 00 30 4F 01 01 02 in vid1 IGS 10020MT mac delete 00 30 4f 01 01 02 1 MAC Lookup Description Lookup MAC address entry Syntax MAC Lookup mac_addr vid Parameters mac_addr MAC address ...

Страница 364: ...eters age_time MAC address age time 0 10 1000000 0 disable default Show age time Default Setting 300 Example Set agetime value in 30 IGS 10020MT mac agetime 30 MAC Learning Description Set or show the port learn mode Syntax MAC Learning port_list auto disable secure Parameters port_list Port list or all default All ports auto Automatic learning disable Disable learning secure Secure learning defau...

Страница 365: ...92 default Show all addresses mac_addr First MAC address xx xx xx xx xx xx default MAC address zero vid First VLAN ID 1 4095 default 1 Example Show all of MAC table IGS 10020MT mac dump Type VID MAC Address Ports Static 1 00 30 00 33 22 55 1 Static 1 00 30 4f 24 04 d1 None CPU Static 1 33 33 ff 24 04 d1 None CPU Static 1 33 33 ff a8 00 64 None CPU Dynamic 1 40 61 86 04 18 69 10 Static 1 ff ff ff f...

Страница 366: ..._list Port list or all default All ports Example Set all of MAC statistics IGS 10020MT mac statistics Port Dynamic Addresses 1 0 2 0 3 0 4 0 5 0 6 0 7 0 8 0 9 0 10 0 Total Dynamic Addresses 0 Total Static Addresses 4 MAC Flush Description Flush all learned entries Syntax MAC Flush ...

Страница 367: ...Port list or all default All ports Example Show VLAN status of port1 IGS 10020MT vlan configuration 1 VLAN Configuration Mode IEEE 802 1Q Port PVID IngrFilter FrameType LinkType Q in Q Mode Eth type 1 1 Disabled All UnTag Disable N A VID VLAN Name Ports 1 default 1 10 VID VLAN Name Ports VLAN forbidden table is empty VLAV PVID Description Set or show the port VLAN ID 367 ...

Страница 368: ...ID2 for port10 IGS 10020MT vlan pvid 10 2 VLAN Frame Type Description Set or show the port VLAN frame type Syntax VLAN FrameType port_list all tagged Parameters port_list Port list or all default All ports all Allow tagged and untagged frames tagged Allow tagged frames only default Show accepted frame types Default Setting All Example Set port10 that allow tagged frames only IGS 10020MT vlan frame...

Страница 369: ...le Enable VLAN ingress filtering disable Disable VLAN ingress filtering default Show VLAN ingress filtering Default Setting Disable Example Enable VLAN ingress filtering for port10 IGS 10020MT vlan ingressfilter 10 enable VLAN Mode Description Set or show the VLAN Mode Syntax VLAN Mode portbased dot1q Parameters portbased Port Based VLAN Mode dot1q 802 1Q VLAN Mode default Show VLAN Mode Default S...

Страница 370: ...ort_list untagged tagged Parameters port_list Port list or all default All ports untagged VLAN Link Type Tagged tagged VLAN Link Type Untagged default Show VLAN link type Default Setting Un tagged Example Enable tagged frame for port2 IGS 10020MT vlan linktype 2 tagged VLAN Q in Q Mode Description Set or show the port Q in Q mode Syntax VLAN QinQ port_list disable man customer 370 ...

Страница 371: ...escription Set or show out layer VLAN tag ether type in Q in Q VLAN mode Syntax VLAN Ethtype port_list man dot1q Parameters port_list Port list or all default All ports man Set out layer VLAN tag ether type MAN dot1q Set out layer VLAN tag ether type 802 1Q default Show VLAN out layer VLAN tag ether type Default Setting N A Example Set out layer VLAN tag Ethernet type for port 10 in man Ethernet t...

Страница 372: ...VLAN10 IGS 10020MT vlan add 10 1 4 VLAN Forbidden Add Description Add or modify VLAN entry in forbidden table Syntax VLAN Forbidden Add vid name port_list Parameters vid name VLAN ID 1 4095 or VLAN Name port_list Port list or all default All ports Example Frobidden add port1 to port4 in VLAN10 IGS 10020MT vlan forbidden add 10 1 4 VLAN Delete Description Delete VLAN entry Syntax VLAN Delete vid na...

Страница 373: ...vid name VLAN ID 1 4095 or VLAN Name Example Forbidden delete VLAN10 IGS 10020MT vlan forbidden delete 10 VLAN Forbidden Lookup Description Lookup VLAN Forbidden port entry Syntax VLAN Forbidden Lookup vid name name Parameters vid VLAN ID 1 4095 default Show all VLANs name VLAN name string name VLAN name Maximum of 32 characters VLAN Name can only contain alphabets or numbers VLAN name should cont...

Страница 374: ...should contain atleast one alphabet combined Shows All the Combined VLAN database static Shows the VLAN entries configured by the administrator nas Shows the VLANs configured by NAS mvr Shows the VLANs configured by MVR voice_vlan Shows the VLANs configured by Voice VLAN all Shows all VLANs configuration default combined VLAN Users configuration Example Show VLAN status IGS 10020MT vlan lookup VID...

Страница 375: ...ete VLAN Name to VLAN ID Mapping Syntax VLAN Name Delete name Parameters name VLAN name Maximum of 32 characters VLAN Name can only contain alphabets or numbers VLAN name should contain atleast one alphabet Example Delete VLAN name IGS 10020MT vlan name delete test VLAN Name Lookup Description Show VLAN Name table Syntax VLAN Name Lookup name Parameters name VLAN name Maximum of 32 characters VLAN...

Страница 376: ...rt list or all default All ports combined combined VLAN Users configuration static static port configuration nas NAS port configuration mvr MVR port configuration voice_vlan Voice VLAN port configuration mstp MSTP port configuration all All VLAN Users configuration default combined VLAN Users configuration Default Setting Promiscous Example Show VLAN configuration of port10 IGS 10020MT status 1 Po...

Страница 377: ...Private VLAN Configuration Command PVLAN Configuration Description Show Private VLAN configuration Syntax PVLAN Configuration port_list Parameters port_list Port list or all default All ports Example Show private VLAN configuration IGS 10020MT pvlan configuration Private VLAN Configuration Port Isolation 1 Disabled 2 Disabled 3 Disabled 4 Disabled 5 Disabled 377 ...

Страница 378: ...d Private VLAN ID The allowed range for a Private VLAN ID is the same as the switch port number range port_list Port list or all default All ports Example Add port1 to port4 in PVLAN10 IGS 10020MT pvlan add 10 1 4 PVLAN Delete Description Delete Private VLAN entry Syntax PVLAN Delete pvlan_id Parameters pvlan_id Private VLAN ID The allowed range for a Private VLAN ID is the same as the switch port...

Страница 379: ...s The allowed range for a Private VLAN ID is the same as the switch port number range Example Lookup PVLAN IGS 10020MT pvlan lookup PVLAN ID Ports 1 1 10 PVLAN Isolate Description Set or show the port isolation mode Syntax PVLAN Isolate port_list enable disable Parameters port_list Port list or all default All ports enable Enable port isolation disable Disable port isolation default Show port isol...

Страница 380: ...rity Switch User Configuration Description Show users configuration Syntax Security Switch Users Configuration Default Setting User Name Privilege admin 15 Example Show users configuration IGS 10020MT security switch user configuration Users Configuration User Name Privilege Level admin 15 Security Switch User Add Description Add or modify users entry ...

Страница 381: ... 15 Example Add new user username test password test privilege 10 IGS 10020MT security switch users add test test 10 Security Switch User Delete Description Delete users entry Syntax Security Switch Users Delete user_name Parameters user_name A string identifying the user name that this entry should belong to The allowed string length is 1 32 The valid user name is a combination of letters numbers...

Страница 382: ...15 Diagnostics 5 10 5 10 DualCPU 5 10 5 10 EEE 5 10 5 10 IP 5 10 5 10 LACP 5 10 5 10 LLDP 5 10 5 10 LLDP_MED 5 10 5 10 MAC_Table 5 10 5 10 MVR 5 10 5 10 Maintenance 15 15 15 15 Mirroring 5 10 5 10 Multicast 5 10 5 10 Port_Security 5 10 5 10 Ports 5 10 1 10 Private_VLANs 5 10 5 10 Protocol_based_VLAN 5 10 5 10 QoS 5 10 5 10 SNMP 5 10 5 10 Security 5 10 5 10 Spanning_Tree 5 10 5 10 System 5 10 1 10 ...

Страница 383: ...rite privilege level 1 15 sro Status Statistics read only privilege level 1 15 srw Status Statistics read write privilege level 1 15 Example Change privilege level of MVR group IGS 10020MT security switch privilege level group mvr 15 15 15 15 Security Switch Privilege Level Current Description Show the current privilege level Syntax Security Switch Privilege Level Current Default Setting 15 Securi...

Страница 384: ...telnet ssh web none local radius tacacs enable disable Parameters console Settings for console telnet Settings for telnet ssh Settings for ssh web Settings for web default Set or show the specific client authentication method none Authentication disabled local Use local authentication radius Use remote RADIUS authentication tacacs Use remote TACACS authentication default Show client authentication...

Страница 385: ...ion Show SSH configuration Syntax Security Switch SSH Configuration Example Show SSH configuration IGS 10020MT security switch ssh configuration SSH Configuration SSH Mode Enable Security Switch SSH Mode Description Set or show the SSH mode Syntax Security Switch SSH Mode enable disable Parameters enable Enable SSH disable Disable SSH default Show SSH mode Default Setting enable 385 ...

Страница 386: ...witch HTTPS Configuration Example Show HTTPs configuration IGS 10020MT security switch https configuration HTTPS Configuration HTTPS Mode Enable HTTPS Redirect Mode Disabled Security Switch HTTPs Mode Description Set or show the HTTPS mode Syntax Security Switch HTTPS Mode enable disable Parameters enable Enable HTTPs disable Disable HTTPs default Show HTTPs mode Default Setting enable 386 ...

Страница 387: ...HTTPS Redirect enable disable Parameters enable Enable HTTPs redirect disable Disable HTTPs redirect default Show HTTPs redirect mode Default Setting disable Example Enable HTTPs redirect function IGS 10020MT security switch https redirect enable Security Switch Access Configuration Description Show access management configuration Syntax Security Switch Access Configuration Example Show access man...

Страница 388: ...ameters enable Enable access management disable Disable access management default Show access management mode Default Setting disable Example Enable access management function IGS 10020MT security switch access mode enable Security Switch Access Configuration Description Show access management configuration Syntax Security Switch Access Configuration Example Show access management configuration IG...

Страница 389: ...show the access management mode Syntax Security Switch Access Mode enable disable Parameters enable Enable access management disable Disable access management default Show access management mode Default Setting disable Example Enable switch access mode IGS 10020MT security switch access mode enable Security Switch Access Add Description Add access management entry default Add all supported protoco...

Страница 390: ...access_id entry index 1 16 start_ipv6_addr Start IPv6 address IPv6 address is in 128 bit records represented as eight fields of up to four hexadecimal digits with a colon separates each field For example fe80 215 c5ff fe03 4dc7 The symbol is a special syntax that can be used as a shorthand way of representing multiple 16 bit groups of contiguous zeros but it can only appear once It also used a fol...

Страница 391: ...ss Delete Description Delete access management entry Syntax Security Switch Access Delete access_id Parameters access_id entry index 1 16 Example Delete access management ID 1 IGS 10020MT security switch access delete 1 Security Switch Access Lookup Description Lookup access management entry Syntax Security Switch Access Lookup access_id Parameters access_id entry index 1 16 Example Lookup access ...

Страница 392: ...atistics Description Show or clear access management statistics Syntax Security Switch Access Statistics clear Parameters clear Clear access management statistics Example Show access management statistics IGS 10020MT security switch access statistics Access Management Statistics HTTP Receive 0 Allow 0 Discard 0 HTTPS Receive 0 Allow 0 Discard 0 SNMP Receive 0 Allow 0 Discard 0 TELNET Receive 0 All...

Страница 393: ...iption Set or show the SNMP mode Syntax Security Switch SNMP Mode enable disable Parameters enable Enable SNMP disable Disable SNMP default Show SNMP mode Default Setting enable Example Disable SNMP mode IGS 10020MT security switch snmp mode disable Security Switch SNMP Version Description Set or show the SNMP protocol version Syntax Security Switch SNMP Version 1 2c 3 393 ...

Страница 394: ... snmp version 3 Security Switch SNMP Read Community Description Set or show the community string for SNMP read access Syntax Security Switch SNMP Read Community community Parameters community Community string Use clear or to clear the string default Show SNMP read community Default Setting public Example Set SNMP read community private IGS 10020MT security switch snmp read community private 394 ...

Страница 395: ...ar or to clear the string default Show SNMP write community Default Setting private Example Set public value in SNMP write community IGS 10020MT security switch snmp write community public Security Switch SNMP Trap Mode Description Set or show the SNMP trap mode Syntax Security Switch SNMP Trap Mode enable disable Parameters enable Enable SNMP traps disable Disable SNMP traps default Show SNMP tra...

Страница 396: ...ers 1 SNMP version 1 2c SNMP version 2c 3 SNMP version 3 default Show SNMP trap version Default Setting 1 Example Set SNMP trap version in version 2c IGS 10020MT security switch snmp trap version 2c Security Switch SNMP Trap Community Description Set or show the community string for SNMP traps Syntax Security Switch SNMP Trap Community community Parameters community Community string Use clear or t...

Страница 397: ...trap destination 192 168 0 20 Security Switch SNMP Trap IPv6 Destination Description Set or Show the SNMP trap destination IPv6 address Syntax Security Switch SNMP Trap IPv6 Destination ipv6_addr Parameters ipv6_addr IPv6 address is in 128 bit records represented as eight fields of up to four hexadecimal digits with a colon separates each field For example four hexadecimal digits with a colon sepa...

Страница 398: ...authentication failure disable Disable SNMP trap authentication failure default Show SNMP trap authentication failure mode Default Setting enable Example Disable SNMP trap authentication failure IGS 10020MT security switch snmp trap authentication failure disable Security Switch SNMP Trap Link up Description Set or show the port link up and link down trap mode Syntax Security Switch SNMP Trap Link...

Страница 399: ...able Parameters enable Enable SNMP trap inform disable Disable SNMP trap inform default Show SNMP inform mode Default Setting enable Example Disable SNMP trap inform mode IGS 10020MT security switch snmp trap inform mode disable Security Switch SNMP Trap Inform Timeout Description Set or show the SNMP trap inform timeout usecs Syntax Security Switch SNMP Trap Inform Timeout timeout Parameters time...

Страница 400: ...orm retransmited times 0 255 default Show SNMP trap inform retry times Default Setting 5 Example Set SNMP trap inform retry times in 10 IGS 10020MT security switch snmp trap inform retry times 10 Security Switch SNMP Trap Probe Security Engine ID Description Show SNMP trap security engine ID probe mode Syntax Security Switch SNMP Trap Probe Security Engine ID enable disable Parameters enable Enabl...

Страница 401: ...ID the format may not be all zeros or all ff H and is restricted to 5 32 octet string Example Set the SNMP trap security engine ID IGS 10020MT security switch snmp trap security engine id 800007e5017f000011 Security Switch SNMP Trap Security Name Description Set or show SNMP trap security name Syntax Security Switch SNMP Trap Security Name security_name Parameters security_name A string representi...

Страница 402: ...f H and is restricted to 5 32 octet string Default Setting 800007e5017f000001 Example Set 800007e5017f000002 for SNMPv3 local engine ID IGS 10020MT security switch snmp engine id 800007e5017f000002 Security Switch SNMP Community Add Description Add or modify SNMPv3 community entry The entry index key is community Syntax Security Switch SNMP Community Add community ip_addr ip_mask Parameters commun...

Страница 403: ...Delete index Parameters index entry index 1 64 Example Delete SNMPv3 community entry IGS 10020MT security switch snmp community delete 3 Security Switch SNMP Community Lookup Description Lookup SNMPv3 community entry Syntax Security Switch SNMP Community Lookup index Parameters index entry index 1 64 Example Lookup SNMPv3 community entry IGS 10020MT security switch snmp community lookup Idx Commun...

Страница 404: ...ation protocol The allowed length is 8 32 and the allowed content is ASCII characters from 33 to 126 sha An optional flag to indicate that this user using SHA authentication protocol The allowed length is 8 40 and the allowed content is ASCII characters from 33 to 126 auth_password A string identifying the authentication pass phrase des An optional flag to indicate that this user using DES privacy...

Страница 405: ... user_name A string identifying the user name that this entry should belong to The name of None is reserved The allowed string length is 1 32 and the allowed content is ASCII characters from 33 to 126 auth_password A string identifying the authentication pass phrase priv_password A string identifying the privacy pass phrase The allowed string length is 8 40 and the allowed content is ASCII charact...

Страница 406: ...up Add security_model security_name group_name Parameters security_model v1 Reserved for SNMPv1 v2c Reserved for SNMPv2c usm User based Security Model USM security_name A string identifying the security name that this entry should belong to The allowed string length is 1 32 and the allowed content is ASCII characters from 33 to 126 group_name A string identifying the group name that this entry sho...

Страница 407: ...delete 1 Security Switch SNMP Group Lookup Description Lookup SNMPv3 group entry Syntax Security Switch SNMP Group Lookup index Parameters index entry index 1 64 Example Lookup SNMPv3 group entry IGS 10020MT security switch snmp group lookup Idx Model Security Name Group Name 1 v1 public default_ro_group 2 v1 private default_rw_group 3 v2c public default_ro_group 4 v2c private default_rw_group 5 u...

Страница 408: ... characters from 33 to 126 included An optional flag to indicate that this view subtree should included excluded An optional flag to indicate that this view subtree should excluded oid_subtree The OID defining the root of the subtree to add to the named view Example Add SNMPv3 view entry IGS 10020MT security switch snmp view add snmpv3_view include 1 Security Switch SNMP View Delete Description De...

Страница 409: ...entry index key are group_name security_model and security_level Syntax Security Switch SNMP Access Add group_name security_model security_level read_view_name write_view_name Parameters group_name A string identifying the group name that this entry should belong to The allowed string length is 1 32 and the allowed content is ASCII characters from 33 to 126 security_model any Accepted any security...

Страница 410: ... None is reserved The allowed string length is 1 32 and the allowed content is ASCII characters from 33 to 126 Example Add SNMPv3 access entry IGS 10020MT security switch snmp access add group_snmpv3 usm authpriv snmpv3_view snmpv3_view Security Switch SNMP Access Delete Description Delete SNMPv3 access entry Syntax Security Switch SNMP Access Delete index Parameters index entry index 1 64 Example...

Страница 411: ..._rw_group any NoAuth NoPriv Number of entries 2 Security Network Psec Switch Description Show Port Security status Syntax Security Network Psec Switch port_list Parameters port_list Port list or all default All ports Example Show port security status IGS 10020MT security network psec switch Users L Limit Control 8 802 1X D DHCP Snooping V Voice VLAN Port Users State MAC Cnt 1 No users 0 2 No users...

Страница 412: ...Port Security Syntax Security Network Psec Port port_list Parameters port_list Port list or all default All ports Example Show MAC address learned on port 1 IGS 10020MT security network psec port 1 Port 1 MAC Address VID State Added Age Hold Time none Security Network Limit Configuration Description Show Limit Control configuration Syntax Security Network Limit Configuration port_list 412 ...

Страница 413: ...imit Action 1 Disabled 4 None 2 Disabled 4 None 3 Disabled 4 None 4 Disabled 4 None 5 Disabled 4 None 6 Disabled 4 None 7 Disabled 4 None 8 Disabled 4 None 9 Disabled 4 None 10 Disabled 4 None Security Network Limit Mode Description Set or show global enabledness Syntax Security Network Limit Mode enable disable Parameters enable Globally enable port security disable Globally disable port security...

Страница 414: ...e Enable aging disable Disable aging default Show current enabledness of aging Default Setting disable Example Enable limit aging IGS 10020MT security network limit aging enable Security Network Limit Agetime Description Time in seconds between check for activity on learned MAC addresses Syntax Security Network Limit Agetime age_time Parameters age_time Time in seconds between checks for activity ...

Страница 415: ...on this port disable Disable port security on this port default Show current port enabledness of port security limit control Default Setting disable Example Enable port limit for port 1 IGS 10020MT security network limit port 1 enable Security Network Limit Limit Description Set or show the max number of MAC addresses that can be learned on this set of ports Syntax Security Network Limit Limit por...

Страница 416: ...t Port list or all default All ports none trap shut trap_shut Action to be taken in case the number of MAC addresses exceeds the limit none Don t do anything trap Send an SNMP trap shut Shutdown the port trap_shut Send an SNMP trap and shutdown the port default Show current action Default Setting none Example Set trap mode for limit action for port 1 IGS 10020MT security network limit action 1 tra...

Страница 417: ...uration Description Show 802 1X configuration Syntax Security Network NAS Configuration port_list Parameters port_list Port list or all default All ports Example Show 802 1X configuration of port 1 IGS 10020MT security network nas configuration 1 802 1X Configuration Mode Disabled Reauth Disabled Reauth Period 3600 EAPOL Timeout 30 Age Period 300 Hold Time 10 RADIUS QoS Disabled RADIUS VLAN Disabl...

Страница 418: ...y Network NAS Mode enable disable Parameters enable Globally enable 802 1X disable Globally disable 802 1X default Show current 802 1X global enabledness Default Setting disable Example Enable IEEE802 1X function IGS 10020MT security network nas mode enable Security Network NAS State Description Set or show the port security state Syntax Security Network NAS State port_list auto authorized unautho...

Страница 419: ... port 1 security state IGS 10020MT security network nas state 1 Port Admin State Port State Last Source Last ID 1 Force Authorized Globally Disabled Security Network NAS Reauthentication Description Set or show Reauthentication enabledness Syntax Security Network NAS Reauthentication enable disable Parameters enable Enable reauthentication disable Disable reauthentication default Show current reau...

Страница 420: ...VLAN enabledness enable Enable RADIUS assigned VLAN either globally or on one or more ports disable Disable RADIUS assigned VLAN either globally or on one or more ports default Show current RADIUS assigned VLAN enabledness Default Setting disable Example Enable RADIUS assigned VLAN IGS 10020MT security network nas radius_vlan enable Security Network NAS EapolTimeout Description Set or show the tim...

Страница 421: ...ime between checks for activitiy on a MAC address that succeeded autentication default Show current age time Default Setting 300 Example Set NAS age time in 1000sec IGS 10020MT security network nas agetime 1000 Security Network NAS Holdtime Description Time in seconds before a MAC address that failed authentication gets a new authentication chance Syntax Security Network NAS Holdtime hold_time Par...

Страница 422: ...IUS assigned QoS enabledness enable Enable RADIUS assigned QoS either globally or on one or more ports disable Disable RADIUS assigned QoS either globally or on one or more ports default Show current RADIUS assigned QoS enabledness Default Setting disable Example Enable NAS RADIUS QoS IGS 10020MT security network nas radius_qos enable Security Network NAS RADIUS_VLAN Description Set or show either...

Страница 423: ... port Guest VLAN setting default Show current per port Guest VLAN enabledness enable disable enable Enable Guest VLAN either globally or on one or more ports disable Disable Guest VLAN either globally or on one or more ports default Show current Guest VLAN enabledness vid Guest VLAN ID used when entering the Guest VLAN Use the global keyword to change it default Show current Guest VLAN ID reauth_m...

Страница 424: ...authentication immediately Example Start NAS authentication now for port 1 IGS 10020MT security network nas authenticate 1 now Security Network NAS Statistics Description Show or clear 802 1X statistics Syntax Security Network NAS Statistics port_list clear eapol radius Parameters port_list Port list or all default All ports clear Clear statistics eapol Show EAPOL statistics radius Show Backend Se...

Страница 425: ...allenges 0 Tx Responses 0 Rx Other Requests 0 Rx Auth Successes 0 Rx Auth Failures 0 Security Network ACL Configuration Description Show ACL Configuration Syntax Security Network ACL Configuration port_list Parameters port_list Port list or all default All ports Security Network ACL Action Description Set or show the ACL port default action Syntax Security Network ACL Action port_list permit deny ...

Страница 426: ...shut shut_disable Example Show ACL action in port 1 IGS 10020MT security network acl action 1 Port Action Rate Limiter Port Copy Mirror Logging Shutdown Counter 1 Permit Disabled Disabled Disabled Disabled Disabled 0 Security Network ACL Policy Description Set or show the ACL port policy Syntax Security Network ACL Policy port_list policy Parameters port_list Port list or all default All ports pol...

Страница 427: ... will be modified Otherwise a new ACE will be added If the ACE ID is not specified the next available ACE ID will be used If the next ACE ID parameter ace_id_next is specified the ACE will be placed before this ACE in the list If the next ACE ID is not specified the ACE will be placed last in the list If the Switch keyword is used the rule applies to all ports If the Port keyword is used the rule ...

Страница 428: ...4 0x806 ARP and 0x86DD IPv6 smac Source MAC address xx xx xx xx xx xx or any dmac Destination MAC address xx xx xx xx xx xx or any arp ARP keyword sip Source IP address a b c d n or any dip Destination IP address a b c d n or any arp_opcode ARP operation code any arp rarp other arp_flags ARP flags request smac tmac len ip ether 0 1 any ip IP keyword protocol IP protocol number 0 255 or any ip_flag...

Страница 429: ...work ACL Delete Description Delete ACE Syntax Security Network ACL Delete ace_id Parameters ace_id ACE ID 1 256 Example Delete ACE 1 IGS 10020MT security network acl delete 1 Security Network ACL Lookup Description Show ACE default All ACEs Syntax Security Network ACL Lookup ace_id Parameters ace_id ACE ID 1 256 Example Lookup ACE 1 IGS 10020MT security network acl lookup 1 429 ...

Страница 430: ...inspection ipmc ip_source_guard conflicts Parameters combined Shows the combined status static Shows the static user configured status dhcp Shows the status by DHCP upnp Shows the status by UPnP arp_inspection Shows the status by ARP Inspection ip_source_guard Shows the status by IP Source Guard conflicts Shows all conflict status default Shows the combined status Example Show ACL status IGS 10020...

Страница 431: ... Description Set or show the DHCP relay mode Syntax Security Network DHCP Relay Mode enable disable Parameters enable Enable DHCP relaly mode When enable DHCP relay mode operation the agent forward and to transfer DHCP messages between the clients and the server when they are not on the same subnet domain And the DHCP broadcast message won t flood for security considered disable Disable DHCP relal...

Страница 432: ...cription Set or show DHCP relay agent information option mode When enable DHCP relay information mode operation the agent insert specific information option 82 into a DHCP message when forwarding to DHCP server and remote it from a DHCP message when transferring to DHCP client It only works under DHCP relay operation mode enabled Syntax Security Network DHCP Relay Information Mode enable disable P...

Страница 433: ...place the original relay information when receive a DHCP message that already contains it keep Keep the original relay information when receive a DHCP message that already contains it drop Drop the package when receive a DHCP message that already contains relay information default Show DHCP relay information policy Default Setting replace Example Keep the original relay information when receive a ...

Страница 434: ...de Description Set or show the DHCP snooping mode Syntax Security Network DHCP Snooping Mode enable disable Parameters enable Enable DHCP snooping mode When enable DHCP snooping mode operation the request DHCP messages will be forwarded to trusted ports and only allowed reply packets from trusted ports disable Disable DHCP snooping mode default Show flow DHCP snooping mode Default Setting disable ...

Страница 435: ...f the DHCP message default Show flow DHCP snooping port mode Default Setting trusted Example Set untrusted DHCP snooping port mode in port 1 IGS 10020MT security network dhcp snooping port mode 1 untrusted Security Network DHCP Snooping Statistics Description Show or clear DHCP snooping statistics Syntax Security Network DHCP Snooping Statistics port_list clear Parameters port_list Port list or al...

Страница 436: ...se Unassigned 0 Rx Lease Unknown 0 Tx Lease Unknown 0 Rx Lease Active 0 Tx Lease Active 0 Security Network IP Source Guard Configuration Description Show IP source guard configuration Syntax Security Network IP Source Guard Configuration Security Network IP Source Guard Mode Description Set or show IP source guard mode Syntax Security Network IP Source Guard Mode enable disable Parameters enable E...

Страница 437: ...Source Guard port disable Disable IP Source Guard port default Show IP Source Guard port mode Default Setting disable Example Enable IP source guard port mode for port1 4 IGS 10020MT security network ip source guard port mode 1 4 enable Security Network IP Source Guard Limit Description Set or show the IP Source Guard port limitation for dynamic entries Syntax Security Network IP Source Guard limi...

Страница 438: ...t IP source guard static entry delete Delete existing port IP source guard static entry vid VLAN ID 1 4095 allowed_ip IP address a b c d IP address allowed for doing IP source guard allowed_mac MAC address xx xx xx xx xx xx MAC address allowed for doing IP source guard Example Add IP source guard static entry IGS 10020MT security network ip source guard entry 1 add 1 192 168 0 20 Security Network ...

Страница 439: ...P Inspection Configuration Example Show ARP inspection configuration IGS 10020MT security network arp inspection configuration Security Network ARP Inspection Mode Description Set or show ARP inspection mode Syntax Security Network ARP Inspection Mode enable disable Parameters enable Enable ARP Inspection disable Disable ARP Inspection Default Setting disable Example Enable ARP inspection mode IGS...

Страница 440: ... of port 1 IGS 10020MT security network arp inspection port mode 1 Security Network ARP Inspection Entry Description Add or delete ARP inspection static entry Syntax Security Network ARP Inspection Entry port_list add delete vid allowed_mac allowed_ip Parameters port_list Port list or all default All ports add Add new port ARP inspection static entry delete Delete existing port ARP inspection stat...

Страница 441: ...tatus port_list Parameters port_list Port list or all default All ports Example Show ARP inspection static and dynamic entries IGS 10020MT security network arp inspection status Security AAA Configuration Description Show Auth configuration Syntax Security AAA Configuration Example Show Auth configuration IGS 10020MT security aaa configuration AAA Configuration Server Timeout 15 seconds Server Dea...

Страница 442: ...figuration Server Mode IP Address Secret Port 1 Disabled 1813 2 Disabled 1813 3 Disabled 1813 4 Disabled 1813 5 Disabled 1813 TACACS Authentication Server Configuration Server Mode IP Address Secret Port 1 Disabled 49 2 Disabled 49 3 Disabled 49 4 Disabled 49 5 Disabled 49 Security AAA Timeout Description Set or show server timeout Syntax Security AAA Timeout timeout 442 ...

Страница 443: ...er dead time Syntax Security AAA Deadtime dead_time Parameters dead_time Time that a server is considered dead if it doesn t answer a request 0 3600 seconds default Show server dead time configuration Default Setting 300 Example Set 1000sec for server dead time IGS 10020MT security aaa deadtime 1000 Security AAA RADIUS Description Set or show RADIUS authentication server setup Syntax Security AAA ...

Страница 444: ...entication server configuration IGS 10020MT security aaa radius 1 enable 192 168 0 20 12345678 1812 Security AAA ACCT_RADIUS Description Set or show RADIUS accounting server setup Syntax Security AAA ACCT_RADIUS server_index enable disable ip_addr_string secret server_port Parameters The server index 1 5 default Show RADIUS accounting server configuration enable Enable RADIUS accounting server dis...

Страница 445: ...uthentication server disable Disable TACACS authentication server default Show TACACS server mode ip_addr_string IP host address a b c d or a host name string secret Secret shared with external authentication server To set an empty secret use two quotes To use spaces in secret enquote the secret Quotes in the secret are not allowed server_port Server TCP port Use 0 to use the default TACACS port 4...

Страница 446: ...ocol Command STP Configuration Description Show STP configuration Syntax STP Configuration Example Show STP configuration IGS 10020MT stp cofiguration STP Configuration Protocol Version MSTP Max Age 20 Forward Delay 15 Tx Hold Count 6 Max Hop Count 20 BPDU Filtering Disabled BPDU Guard Disabled Error Recovery Disabled STP Version Description Set or show the STP Bridge protocol version 446 ...

Страница 447: ... rstp STP Tx Hold Description Set or show the STP Bridge Transmit Hold Count parameter Syntax STP Txhold holdcount Parameters holdcount STP Transmit Hold Count 1 10 Default Setting 6 Example Set STP Tx hold in 10 IGS 10020MT stp txhold 10 STP MaxHops Description Set or show the MSTP Bridge Max Hop Count parameter Syntax STP MaxHops maxhops Parameters maxhops STP BPDU MaxHops 6 40 447 ...

Страница 448: ... Syntax STP MaxAge max_age Parameters max_age STP maximum age time 6 40 and max_age forward_delay 1 2 Default Setting 20 Example Set STP maximum age time in 10 IGS 10020MT stp maxage 10 STP FwdDelay Description Set or show the CIST MSTI bridge forward delay Syntax STP FwdDelay delay Parameters delay MSTP forward delay 4 30 and max_age forward_delay 1 2 Default Setting 15 448 ...

Страница 449: ...nfiguration name A text string up to 32 characters long Use quotes to embed spaces in name integer Integer value Default Setting Configuration name MAC address Configuration rev 0 Example Set MSTP configuration name and revision IGS 10020MT stp cname 9f_IGS 10020MT 1 STP BPDU Filter Description Set or show edge port BPDU Filtering Syntax STP bpduFilter enable disable Parameters enable disable enab...

Страница 450: ...rd enable disable Parameters enable disable enable or disable BPDU Guard for Edge ports Default Setting Disable Example Set edge port BPDU guard IGS 10020MT stp bpduguard enable STP Recovery Description Set or show edge port error recovery timeout Syntax STP recovery timeout Parameters timeout Time before error disabled ports are reenabled 30 86400 seconds 0 disables default Show recovery timeout ...

Страница 451: ...TI1 1 port_list Port list or all default All ports Default Setting Disable Example Show STP Bridge status IGS 10020MT stp status CIST Bridge STP Status Bridge ID 80 00 00 30 4F 24 04 D1 Root ID 80 00 00 30 4F 24 04 D1 Root Port Root PathCost 0 Regional Root 80 00 00 30 4F 24 04 D1 Int PathCost 0 Max Hops 20 TC Flag Steady TC Count 0 TC Last Port Port Role State Pri PathCost Edge P2P Uptime 10 Desi...

Страница 452: ...rity STP bridge priority 0 16 32 48 224 240 Default 128 Example Set MST1 priority value in 48 IGS 10020MT stp msti priority 1 48 STP MSTI Map Description Show or clear MSTP MSTI VLAN mapping configuration Syntax STP Msti Map msti clear Parameters msti STP bridge instance no 0 7 CIST 0 MSTI1 1 Clear Clear VID to MSTI mapping Example Add MST1 priority value in 48 IGS 10020MT stp msti priority 1 48 4...

Страница 453: ...ST1 in vlan1 IGS 10020MT stp msti add 1 1 STP Port Configuration Description Show STP Port configuration Syntax STP Port Configuration port_list Parameters port_list Port list or all Port zero means aggregations Example Show STP status of Port1 IGS 10020MT stp port configuration 1 Port Mode AdminEdge AutoEdge restrRole restrTcn Point2point 1 Disabled Disabled Enabled Disabled Disabled Auto 453 ...

Страница 454: ...STP protocol Default disable Example Enable STP function on port1 IGS 10020MT stp port mode 1 enable STP Port Edge Description Set or show the STP adminEdge port parameter Syntax STP Port Edge port_list enable disable Parameters port_list Port list or all default All ports Enable Configure MSTP adminEdge to Edge Disable Configure MSTP adminEdge to Non edge Default disable Example Enable STP edge f...

Страница 455: ...TP autoEdge Disable Disable MSTP autoEdge Default enable Example Disable STP edge function on port1 IGS 10020MT stp port autoedge 1 disable STP Port P2P Description Set or show the STP point2point port parameter Syntax STP Port P2P port_list enable disable auto Parameters port_list Port list or all default All ports enable Enable MSTP point2point disable Disable MSTP point2point auto Automatic MST...

Страница 456: ...P Port RestrictedRole port_list enable disable Parameters port_list Port list or all default All ports enable Enable MSTP restricted role disable Disable MSTP restricted role Default disable Example Eisable STP restricted role on port1 IGS 10020MT stp port restrictedrole 1 enable STP Port RestrictedTcn Description Set or show the MSTP restrictedTcn port parameter Syntax STP Port RestrictedTcn port...

Страница 457: ...T stp port restrictedtcn 1 enable STP Port bpduGuard Description Set or show the bpduGuard port parameter Syntax STP Port bpduGuard port_list enable disable Parameters port_list Port list or all default All ports enable Enable port BPDU Guard disable Disable port BPDU Guard Default disable Example Eisable BPDU guard on port1 IGS 10020MT stp port bpduguard 1 enable STP Port Statistic Description Sh...

Страница 458: ...STP Rx RSTP Tx RSTP Rx STP Tx STP Rx TCN Tx TCN Rx Ill Rx Unk STP Port Mcheck Description Set the STP mCheck Migration Check variable for ports Syntax STP Port Mcheck port_list Parameters port_list Port list or all default All ports Example Set the STP mCheck Migration Check variable for port 1 IGS 10020MT stp port mcheck 1 STP MSTI Port Configuration Description Show the STP port instance configu...

Страница 459: ...ort Cost msti port_list path_cost Parameters msti STP bridge instance no 0 7 CIST 0 MSTI1 1 port_list Port list or all Port zero means aggregations path_cost STP port path cost 1 200000000 or auto Default auto Example Set MSTI7 in port1 IGS 10020MT stp msti port cost 7 1 MSTI Port Path Cost MST7 1 Auto STP MSTI Port Priority Description Set or show the STP port instance priority Syntax STP Msti Po...

Страница 460: ... Link Aggregation Command Aggregation Configuration Description Show link aggregation configuration Syntax Aggr Configuration Aggregation Add Description Add or modify link aggregation Syntax Aggr Add port_list aggr_id Parameters port_list Port list or all default All ports aggr_id Aggregation ID Example Add port 1 4 in Group1 IGS 10020MT aggr add 1 4 1 Aggregation Delete Description Delete link a...

Страница 461: ...ggr_id Parameters aggr_id Aggregation ID Aggregation Mode Description Set or show the link aggregation traffic distribution mode Syntax Aggr Mode smac dmac ip port enable disable Parameters smac Source MAC address dmac Destination MAC address ip Source and destination IP address port Source and destination UDP TCP port enable Enable field in traffic distribution disable Disable field in traffic di...

Страница 462: ...n Show LACP configuration Syntax LACP Configuration port_list Parameters port_list Port list or all default All ports Example Show LACP configuration IGS 10020MT lacp configuration Port Mode Key Role 1 Disabled Auto Active 2 Disabled Auto Active 3 Disabled Auto Active 4 Disabled Auto Active 5 Disabled Auto Active 6 Disabled Auto Active 7 Disabled Auto Active 8 Disabled Auto Active 9 Disabled Auto ...

Страница 463: ...protocol disable Disable LACP protocol default Show LACP mode Default Setting disable Example Enable LACP for port1 4 IGS 10020MT lacp mode 1 4 enable LACP Key Description Set or show the LACP key Syntax LACP Key port_list key Parameters port_list Port list or all default All ports key LACP key 1 65535 or auto Default Setting auto Example Set key1 for port1 4 IGS 10020MT lacp key 1 4 1 463 ...

Страница 464: ...gotiation passive Listen for LACP packets default Show LACP role Default Setting active Example Set passive for port1 4 IGS 10020MT lacp role 1 4 passive LACP Status Description Show LACP Status Syntax LACP Status port_list Parameters port_list Port list or all default All ports Example Show LACP status of port1 4 IGS 10020MT lacp status 1 4 Port Mode Key Aggr ID Partner System ID Partner Port 464...

Страница 465: ...n Show LACP Statistics Syntax LACP Statistics port_list clear Parameters port_list Port list or all default All ports clear Clear LACP statistics Example Show LACP statistics of port1 4 IGS 10020MT lacp statistics 1 4 Port Rx Frames Tx Frames Rx Unknown Rx Illegal 1 0 0 0 0 2 0 0 0 0 3 0 0 0 0 4 0 0 0 0 465 ...

Страница 466: ...DP Configuration Interval 30 Hold 3 Tx Delay 2 Reinit Delay 2 Port Mode Port Descr System Name System Descr System Capa Mgmt Addr CDP awareness 1 Enabled Enabled Enabled Enabled Enabled Enabled Disabled 2 Enabled Enabled Enabled Enabled Enabled Enabled Disabled 3 Enabled Enabled Enabled Enabled Enabled Enabled Disabled 4 Enabled Enabled Enabled Enabled Enabled Enabled Disabled LLDP Mode Descriptio...

Страница 467: ...ow or Set LLDP Optional TLVs Syntax LLDP Optional_TLV port_list port_descr sys_name sys_descr sys_capa mgmt_addr enable disable Parameters port_list Port list or all default All ports port_descr Description of the port sysm_name System name sys_descr Description of the system sys_capa System capabilities mgmt_addr Master s IP address default Show optional TLV s configuration enable Enables TLV dis...

Страница 468: ...scr disable LLDP Interval Description Set or show LLDP Tx interval Syntax LLDP Interval interval Parameters interval LLDP transmission interval 5 32768 Default Setting 30 Example Set transmission interval in 10 IGS 10020MT lldp interval 10 LLDP Hold Description Set or show LLDP Tx hold value Syntax LLDP Hold hold Parameters hold LLDP hold value 2 10 Default Setting 3 468 ...

Страница 469: ...t or show LLDP Tx delay Syntax LLDP Delay delay Parameters delay LLDP transmission delay 1 8192 Default Setting 2 Example Set LLDP delay value in 1 IGS 10020MT lldp delay 1 LLDP Reinit Description Set or show LLDP reinit delay Syntax LLDP Reinit reinit Parameters reinit LLDP reinit delay 1 10 Default Setting 2 469 ...

Страница 470: ...xample Show LLDP Statistics of port 1 IGS 10020MT lldp statistics 1 LLDP global counters Neighbor entries was last changed at 18819 sec ago Total Neighbors Entries Added 0 Total Neighbors Entries Deleted 0 Total Neighbors Entries Dropped 0 Total Neighbors Entries Aged Out 0 LLDP local counters Rx Tx Rx Rx Rx TLV Rx TLV Rx TLV Port Frames Frames Errors Discards Errors Unknown Organz Aged 1 0 0 0 0 ...

Страница 471: ...tax LLDPMED Configuration port_list Parameters port_list Port list or all default All ports Example Show LLDP MED configuration of port1 4 IGS 10020MT lldpmed configuration 1 4 LLDP MED Configuration Fast Start Repeast Count 4 Location Coordinates Latitude 0 0000 North Longitude 0 0000 East Altitude 0 0000 meter s Map datum WGS84 Civic Address Location Port Policies 1 none 2 none 3 none 4 none 471...

Страница 472: ...rict City division borough city district ward chou JP block Neighborhood block street Street leading_street_direction Leading street direction trailing_street_suffix Trailing street suffix str_suf Street Suffix house_no House Number house_no_suffix House number suffix landmark Landmark or vanity address additional_info Additional location information name Bame residence and office occupant zip_cod...

Страница 473: ...icy_list Parameters policy_list List of policies to delete Example Delete the policy 1 IGS 10020MT lldpmed policy delete 1 LLDPMED Policy Add Description Adds a policy to the list of polices Syntax LLDPMED policy add voice voice_signaling guest_voice guest_voice_signaling softphone_voice video_conferencing streaming_video video_si gnaling tagged untagged vlan_id l2_priority dscp Parameters voice V...

Страница 474: ...edicated Video Conferencing equipment and other similar appliances supporting real time interactive video audio services streaming_video Streaming Video for use by broadcast or multicast based video content distribution and other similar applications supporting streaming video services that require specific network policy treatment Video applications relying on TCP with buffering would not be an i...

Страница 475: ...ss with max 4 digits Positive values are East of the prime meridian and negative numbers are West of the prime meridian altitude Altitude Meters or floors with max 4 digits default Show coordinate location configuration north south west east meters floor North North Valid for latitude South South Valid for latitude West West Valid for longitude East East Valid for longitude Meters Meters Valid for...

Страница 476: ...on Set or show LLDP MED Fast Start Repeat Count Syntax LLDPMED Fast count Parameters count The number of times the fast start LLDPDU are being sent during the activation of the fast start mechanism defined by LLDP MED 1 10 LLDPMED Info Description Show LLDP MED neighbor device information Syntax LLDPMED Info port_list Parameters port_list Port list or all default All ports 476 ...

Страница 477: ... all default All ports Example Show EEE configuration of port1 4 IGS 10020MT eee configuration 1 4 EEE Configuration Port Mode Urgent queues 1 Disabled none 2 Disabled none 3 Disabled none 4 Disabled none EEE Mode Description Set or show the eee mode Syntax EEE Mode port_list enable disable Parameters port_list Port list or all default All ports enable Enable EEE 477 ...

Страница 478: ...Enable EEE mode for port1 4 IGS 10020MT eee mode enable 1 4 EEE Urgent Queues Description Set or show EEE Urgent queues Syntax EEE Urgent_queues port_list queue_list Parameters port_list Port list or all default All ports queue_list List of queues to configure as urgent queues 1 8 or none Default Setting none ...

Страница 479: ..._list List of priorities 0 3 shut_down_temp Temperature at which ports shall be shut down 0 255 degree C Example Show thermal priority temperature IGS 10020MT Thermal prio_temp Priority Temp 0 255 C 1 255 C 2 255 C 3 255 C Thermal Port Priority Description Set or show the ports priority Syntax Thermal port_prio port_list prio Parameters port_list Port list or all default All ports prio Priority 0 ...

Страница 480: ...us Description Shows the chip temperature Syntax Thermal status Example Shows the chip temperature IGS 10020MT Thermal status Port Chip Temp 1 47 C 2 47 C 3 47 C 4 47 C 5 47 C 6 47 C 7 47 C 8 47 C 9 47 C 10 47 C Thermal Configuration Description Show thermal_protect configuration Syntax Thermal configuration 480 ...

Страница 481: ...rs port_list Port list or all default All ports QoS Port Classification Class Description Set or show the default QoS class Syntax QoS Port Classification Class port_list class Parameters port_list Port list or all default All ports class QoS class 0 7 Default Setting 0 Example Set default QoS class in 1 for port 1 IGS 10020MT qos Port Classification Class 1 1 ...

Страница 482: ...ing 0 Example Set the default Drop Precedence Level in 1 for port1 IGS 10020MT qos Port Classification dpl 1 1 QoS Port Classification PCP Description Set or show the default PCP for an untagged frame Syntax QoS Port Classification PCP port_list pcp Parameters port_list Port list or all default All ports pcp Priority Code Point 0 7 Default Setting 0 Example Set the default PCP for an untagged fram...

Страница 483: ...n 1 for port1 IGS 10020MT qos Port Classification dei 1 1 QoS Port Classification Tag Description Set or show if the classification is based on the PCP and DEI values in tagged frames Syntax QoS Port Classification Tag port_list enable disable Parameters port_list Port list or all default All ports enable Enable tag classification disable Disable tag classification default Show tag classification ...

Страница 484: ... ports pcp_list PCP list or all default All PCPs 0 7 dei_list DEI list or all default All DEIs 0 1 class QoS class 0 7 dpl Drop Precedence Level 0 1 QoS Port Classification DSCP Description Set or show if the classification is based on DSCP value in IP frames Syntax QoS Port Classification DSCP port_list enable disable Parameters port_list Port list or all default All ports enable Enable DSCP base...

Страница 485: ...policer default Show port policer mode Default Setting disable Example Enable QoS port policer IGS 10020MT qos Port Policer Mode 1 10 enable QoS Port Policer Rate Description Set or show the port policer rate Syntax QoS Port Policer Rate port_list rate Parameters port_list Port list or all default All ports rate Rate in kbps or fps 100 15000000 Default Setting 500 Example Set the port policer rate...

Страница 486: ...Unit is frames per second default Show port policer unit Default Setting kbps Example Set the port policer unit in fps IGS 10020MT qos Port Policer unit 1 10 fps QoS Port Scheduler Mode Description Set or show the port scheduler mode Syntax QoS Port Scheduler Mode port_list strict weighted Parameters port_list Port list or all default All ports strict Strict mode weighted Weighted mode default Sho...

Страница 487: ...r all default All weighted queues 0 5 weight Scheduler weight 1 100 QoS Port QueueShaper Mode Description Set or show the port queue shaper mode Syntax QoS Port QueueShaper Mode port_list queue_list enable disable Parameters port_list Port list or all default All ports queue_list Queue list or all default All queues 0 7 enable Enable port queue shaper disable Disable port queue shaper default Show...

Страница 488: ...ault Setting 500kbps Example Set the port queue shaper rate in 1000 IGS 10020MT qos Port QueueShaper rate 1 10 0 7 1000 QoS Port QueueShaper Excess Description Set or show the port queue excess bandwidth mode Syntax QoS Port QueueShaper Excess port_list queue_list enable disable Parameters port_list Port list or all default All ports queue_list Queue list or all default All queues 0 7 enable Enabl...

Страница 489: ...rameters port_list Port list or all default All ports enable Enable port shaper disable Disable port shaper default Show port shaper mode Default Setting Enable Example Enable port shaper mode IGS 10020MT qos Port Shaper Mode 1 10 enable QoS Port Shaper Rate Description Set or show the port shaper rate Syntax QoS Port Shaper Rate port_list bit_rate Parameters port_list Port list or all default All...

Страница 490: ...ort list or all default All ports classified Use classified PCP DEI values default Use default PCP DEI values mapped Use mapped versions of QoS class and DP level default Show port tag remarking mode Default Setting classified Example Set the port tag remarking mode in mapped IGS 10020MT qos Port TagRemarking Mode 1 10 mapped QoS Port TagRemarking PCP Description Set or show the default PCP This v...

Страница 491: ...port tag remarking mode is set to default Syntax QoS Port TagRemarking DEI port_list dei Parameters port_list Port list or all default All ports dei Drop Eligible Indicator 0 1 Default Setting 0 Example Set the default EDI in 1 IGS 10020MT qos Port TagRemarking EDI 1 10 1 QoS Port TagRemarking Map Description Set or show the port tag remarking map This map is used when port tag remarking mode is s...

Страница 492: ...ation Description Set or show DSCP ingress translation mode If translation is enabled for a port incoming frame DSCP value is translated and translated value is used for QoS classification Syntax QoS Port DSCP Translation port_list enable disable Parameters port_list Port list or all default All ports enable Enable DSCP ingress translation disable Disable DSCP ingress translation default Show DSCP...

Страница 493: ...de Default Setting none Example Set DSCP classification based on QoS class and DP level in zero IGS 10020MT QoS Port DSCP Classification 1 10 zero QoS Port DSCP EgressRemark Description Set or show the port DSCP remarking mode Syntax QoS Port DSCP EgressRemark port_list disable enable remap_dp_unaware remap_dp_aware Parameters port_list Port list or all default All ports disable Disable DSCP egres...

Страница 494: ...p_list DSCP 0 63 BE CS1 CS7 EF or AF11 AF43 list or all default Show DSCP ingress map table i e DSCP class DPL class QoS class 0 7 dpl Drop Precedence Level 0 1 QoS DSCP Translation Description Set or show global ingress DSCP translation table If port DSCP translation is enabled translation table is used to translate incoming frames DSCP value and translated value is used to map QoS class and DP l...

Страница 495: ...CP as trusted DSCP disable Set DSCP as un trusted DSCP default Show DSCP Trust status Default Setting disable QoS DSCP Classification Mode Description Set or show DSCP ingress classification mode If port DSCP classification is selected DSCP will be classified based on QoS class and DP level only for DSCP value with classification mode enabled DSCP may be translated DSCP if translation is enabled f...

Страница 496: ... CS1 CS7 EF or AF11 AF43 list or all dpl_list DP level list or all default All DP levels 0 1 dscp Egress remapped DSCP 0 63 BE CS1 CS7 EF or AF11 AF43 QoS Storm Unicast Description Set or show the unicast storm rate limiter Syntax QoS Storm Unicast enable disable packet_rate Parameters enable Enable unicast storm control disable Disable unicast storm control packet_rate Rate in fps 1 2 4 512 1k 2k...

Страница 497: ...ill be modified Otherwise a new QCE will be added If the QCE ID is not specified the next available QCE ID will be used If the next QCE ID parameter qce_id_next is specified the QCE will be placed before this QCE in the list If the next QCE ID is not specified and if it is a new entry added the QCE will be placed last in the list Otherwise if the next QCE ID is not specified and if existing QCE is...

Страница 498: ...estination Service Access Point 0x00 0xFF or any ssap Source Service Access Point 0x00 0xFF or any control LLC control 0x00 0xFF or any snap SNAP keyword pid Protocol ID EtherType or any ipv4 IPv4 keyowrd protocol IP protocol number 0 255 TCP or UDP or any sip Source IP address a b c d n or any dscp DSCP 0 63 BE CS1 CS7 EF or AF11 AF43 or any specific range fragment IPv4 frame fragmented yes no an...

Страница 499: ...escription Lookup QoS Control List Syntax QoS QCL Lookup qce_id Parameters qce_id QCE ID 1 256 default Next available ID Default Setting disable Example Enable multicast storm control in 2fps IGS 10020MT QoS Storm multicast enable 2 QoS QCL Status Description Show QCL status This can be used to display if there is any conflict in QCE for differnet user types Syntax QoS QCL status combined static v...

Страница 500: ...ltiple applications and it may not be available even before MAX QCE entry So user can release the resource in use by other applications and use this command to acquire the resource Syntax QoS QCL refresh Parameters combined static voice_vlan conflicts combined Shows the combined status static Shows the static user configured status voice_vlan Shows the status by Voice VLAN conflicts Shows all conf...

Страница 501: ...rs port_list Port list or all default All ports Example Show mirror configuration IGS 10020MT mirror configuration Mirror Port Description Set or show the mirror port Syntax Mirror Port port disable Parameters port disable Mirror port or disable default Show port Default Setting disable Example Set port 2 for the mirror port IGS 10020MT mirror port 2 501 ...

Страница 502: ...st enable disable rx tx Parameters port_list Port list or all default All ports enable Enable Rx and Tx mirroring disable Disable Mirroring rx Enable Rx mirroring tx Enable Tx mirroring default Show mirror mode Default Setting disable Example Enable the mirror mode for port 1 4 IGS 10020MT mirror mode 1 4 enable ...

Страница 503: ...name Parameters ip_server TFTP server IP address a b c d file_name Configuration file name Configuration Load Description Load configuration from TFTP server Syntax Config Load ip_server file_name check Parameters ip_server TFTP server IP address a b c d file_name Configuration file name check Check configuration file only default Check and apply file 503 ...

Страница 504: ... string file_name Firmware file name Firmware IPv6 Load Description Load new firmware from IPv6 TFTP server Syntax Firmware IPv6 Load ipv6_server file_name Parameters ipv6_server TFTP server IPv6 address file_name Firmware file name Firmware Information Description Display information about active and alternate firmware images Syntax Firmware Information Firmware Swap Description Activate the alte...

Страница 505: ...Configuration Example Show UPnP configuration IGS 10020MT upnp configuration UPnP Configuration UPnP Mode Disabled UPnP TTL 4 UPnP Advertising Duration 100 UPnP Mode Description Set or show the UPnP mode Syntax UPnP Mode enable disable Parameters enable Enable UPnP disable Disable UPnP default Show UPnP mode Default Setting disable 505 ...

Страница 506: ... ttl Parameters ttl ttl range 1 255 default Show UPnP TTL Default Setting 4 Example Set the value 10 for TTL value of the IP header in SSDP messages IGS 10020MT upnp ttl 10 UPnP Advertising Duration Description Set or show UPnP Advertising Duration Syntax UPnP Advertising Duration duration Parameters duration duration range 100 86400 default Show UPnP duration range Default Setting 100 ...

Страница 507: ...w the MVR configuration IGS 10020MT mvr configuration MVR Configuration MVR Mode Disabled Muticast VLAN ID 100 Port Port Mode Port Type Immediate Leave 1 Disabled Receive Disabled 2 Disabled Receive Disabled 3 Disabled Receive Disabled 4 Disabled Receive Disabled 5 Disabled Receive Disabled 6 Disabled Receive Disabled 7 Disabled Receive Disabled 8 Disabled Receive Disabled 9 Disabled Receive Disab...

Страница 508: ...tatus Description Show the MVR status Syntax MVR Status MVR Mode Description Set or show the MVR mode Syntax MVR Mode enable disable Parameters enable Enable MVR mode disable Disable MVR mode default Show MVR mode Default Setting disable Example Enable MVR mode IGS 10020MT mvr mode enable 508 ...

Страница 509: ...isable MVR mode default Show MVR mode Default Setting disable Example Enable the MVR port mode for port 1 4 IGS 10020MT mvr port mode 1 4 enable MVR Multicast VLAN Description Set or show MVR multicast VLAN ID Syntax MVR Multicast VLAN vid Parameters vid VLAN ID 1 4095 default Show current MVR multicast VLAN ID Default Setting 100 Example Set VLAN 1000 for MVR multicast VLAN ID IGS 10020MT mvr mul...

Страница 510: ... Show MVR port type Default Setting receive Example Set source type for MVR port type of port 1 IGS 10020MT mvr port type 1 source MVR Immediate Leave Description Set or show MVR port state about immediate leave Syntax MVR Immediate Leave port_list enable disable Parameters port_list Port list or all default All ports enable Enable Immediate leave mode disable Disable Immediate leave mode default ...

Страница 511: ...Configuration Example Show Voice VLAN configuration IGS 10020MT voice vlan configuration V oice VLAN Configuration Voice VLAN Mode Disabled Voice VLAN VLAN ID 1000 Voice VLAN Age Time seconds 86400 Voice VLAN Traffic Class 7 Voice VLAN OUI Table Telephony OUI Description 00 30 4F PLANET phones 00 03 6B Cisco phones 00 0F E2 H3C phones 00 60 B9 Philips and NEC AG phones 00 D0 1E Pingtel phones 00 E...

Страница 512: ...sabled Disabled OUI 7 Disabled Disabled OUI 8 Disabled Disabled OUI 9 Disabled Disabled OUI 10 Disabled Disabled OUI Voice VLAN Mode Description Set or show the Voice VLAN mode We must disable MSTP feature before we enable Voice VLAN It can avoid the conflict of ingress filter Syntax Voice VLAN Mode enable disable Parameters enable Enable Voice VLAN mode disable Disable Voice VLAN mode default Sho...

Страница 513: ...e VLAN ID Syntax Voice VLAN ID vid Parameters vid VLAN ID 1 4095 Default Setting 1000 Example Set ID 2 for Voice VLAN ID IGS 10020MT voice vlan id 2 Voice VLAN Agetime Description Set or show Voice VLAN age time Syntax Voice VLAN Agetime age_time Parameters age_time MAC address age time 10 10000000 default Show age time Default Setting 86400sec ...

Страница 514: ... traffic class for voice VLAN IGS 10020MT voice vlan traffic class4 Voice VLAN OUI Add Description Add Voice VLAN OUI entry Modify OUI table will restart auto detect OUI process The maximum entry number is 16 Syntax Voice VLAN OUI Add oui_addr description Parameters oui_addr OUI address xx xx xx The null OUI address isn t allowed description Entry description Use clear or to clear the string No bl...

Страница 515: ... process Syntax Voice VLAN OUI Delete oui_addr Parameters oui_addr OUI address xx xx xx The null OUI address isn t allowed Example Delete Voice VLAN OUI entry IGS 10020MT voice vlan oui delete 00 11 22 Voice VLAN OUI Clear Description Clear Voice VLAN OUI entry Modify OUI table will restart auto detect OUI process Syntax Voice VLAN OUI Clear Example Clear Voice VLAN OUI entry IGS 10020MT voice vla...

Страница 516: ...feature before we enable Voice VLAN It can avoid the conflict of ingress filter Syntax Voice VLAN Port Mode port_list disable auto force Parameters port_list Port list or all default All ports disable Disjoin from Voice VLAN auto Enable auto detect mode It detects whether there is VoIP phone attached on the specific port and configure the Voice VLAN members automatically force Forced join to Voice...

Страница 517: ...ult All ports enable Enable Voice VLAN security mode disable Disable Voice VLAN security mode default Show flow Voice VLAN security mode Default Setting disable Example Enable the Voice VLAN port security mode for port 1 4 IGS 10020MT voice vlan security 1 4 enable 6 22 Loop Protect Command Loop Protect Configuration Description Show Loop Protection configuration Syntax Loop Protect Configuration ...

Страница 518: ... Protection transmit interval Syntax Loop Protect Transmit transmit time Parameters Transmit time interval 1 10 seconds Default Setting 5 Loop Protect Shutdown Description Set or show the Loop Protection shutdown time Syntax Loop Protect Shutdown shutdown time Parameters Shutdown time interval 0 604800 seconds A value of zero disables re enabling the port Default Setting 10 518 ...

Страница 519: ...ion port mode Syntax Loop Protect Port Mode port_list enable disable Parameters port_list Port list or all default All ports enable Enable Loop Protection disable Disable Loop Protection Loop Protect Port Action Description Set or show the Loop Protection port action Syntax Loop Protect Port Action port_list shutdown shut_log log Parameters port_list Port list or all default All ports shutdown Shu...

Страница 520: ...cription Set or show the IPMC snooping mode Syntax IPMC Mode mld igmp enable disable Parameters mld igmp mld IPMC for IPv6 MLD igmp IPMC for IPv4 IGMP enable Enable IPMC snooping disable Disable IPMC snooping default Show global IPMC snooping mode Default Setting disable Example Enable IGMP snooping IGS 10020MT ipmc mode igmp enable IPMC Flooding Description Set or show the IPMC unregistered addre...

Страница 521: ...e Example Enable IGMP flooding IGS 10020MT ipmc flooding igmp enable IPMC Leave Proxy Description Set or show the mode of IPMC Leave Proxy Syntax IPMC Leave Proxy mld igmp enable disable Parameters mld igmp mld IPMC for IPv6 MLD igmp IPMC for IPv4 IGMP enable Enable IPMC Leave Proxy disable Disable IPMC Leave Proxy default Show global IPMC Leave Proxy mode Default Setting disable Example Enable IG...

Страница 522: ... Disable IPMC Proxy default Show global IPMC Proxy mode Default Setting disable Example Enable IGMP Proxy IGS 10020MT ipmc proxy igmp enable IPMC State Description Set or show the IPMC snooping state for VLAN Syntax IPMC State mld igmp vid enable disable Parameters mld igmp mld IPMC for IPv6 MLD igmp IPMC for IPv4 IGMP vid VLAN ID 1 4095 or any default Show all VLANs enable Enable MLD snooping dis...

Страница 523: ...sable Parameters mld igmp mld IPMC for IPv6 MLD igmp IPMC for IPv4 IGMP vid VLAN ID 1 4095 or any default Show all VLANs enable Enable MLD querier disable Disable MLD querier Default Setting disable Example Enable IGMP querier for VLAN 1 IGS 10020MT ipmc querier igmp 1 enable IPMC Fastleave Description Set or show the IPMC snooping fast leave port mode Syntax IPMC Fastleave mld igmp port_list enab...

Страница 524: ...pmc fastleave igmp 1 10 enable IPMC Throttling Description Set or show the IPMC port throttling status Syntax IPMC Throttling mld igmp port_list limit_group_number Parameters mld igmp mld IPMC for IPv6 MLD igmp IPMC for IPv4 IGMP port_list Port list or all default All ports 0 No limit 1 10 Group learn limit default Show IPMC Port Throttling Default Setting Unlimited Example Set the max learn 10 gr...

Страница 525: ...oup filtering entry default Show IPMC port group filtering list group_addr IPv4 IPv6 multicast group address accordingly IPMC Router Description Set or show the IPMC snooping router port mode Syntax IPMC Router mld igmp port_list enable disable Parameters mld igmp mld IPMC for IPv6 MLD igmp IPMC for IPv4 IGMP port_list Port list or all default All ports enable Enable IPMC router port disable Disab...

Страница 526: ... 4095 or any default Show all VLANs Example Show VLAN 1 IPMC operational status IGS 10020MT ipmc status igmp 1 IPMC Group Description Show IPMC group addresses accordingly Syntax IPMC Groups mld igmp vid Parameters mld igmp mld IPMC for IPv6 MLD igmp IPMC for IPv4 IGMP vid VLAN ID 1 4095 or any default Show all VLANs Example Show VLAN 1 IPMC group addresses accordingly IGS 10020MT ipmc groups igmp...

Страница 527: ...Example Show VLAN 1 IPMC Versions IGS 10020MT ipmc version igmp 1 IPMC SSM Description Show SSM related information for IPMC Syntax IPMC SSM mld igmp vid port_list Parameters mld igmp mld IPMC for IPv6 MLD igmp IPMC for IPv4 IGMP vid VLAN ID 1 4095 or any default Show all VLANs port_list Port list or all default All ports Example Show VLAN 1 port 1 10 SSM related information for IPMC IGS 10020MT i...

Страница 528: ...l VLANs ipmc_param_rv 1 Default Value 2 1 255 Robustness Variable default Show IPMC Interface Robustness Variable IPMC Parameter QI Description Set or show the IPMC Query Interval Syntax IPMC Parameter QI mld igmp vid ipmc_param_qi Parameters mld igmp mld IPMC for IPv6 MLD igmp IPMC for IPv4 IGMP vid VLAN ID 1 4095 or any default Show all VLANs ipmc_param_qi 1 Default Value 125 1 31744 Query Inter...

Страница 529: ...0 31744 Query Response Interval in tenths of seconds default Show IPMC Interface Query Response Interval IPMC Parameter LLQI Description Set or show the IPMC Last Listener Query Interval Syntax IPMC Parameter LLQI mld igmp vid ipmc_param_llqi Parameters mld igmp mld IPMC for IPv6 MLD igmp IPMC for IPv4 IGMP vid VLAN ID 1 4095 or any default Show all VLANs ipmc_param_llqi 1 Default Value 10 0 31744...

Страница 530: ...ault Value 1 0 31744 Unsolicited Report Interval in seconds default Show IPMC Interface Unsolicited Report Interval 6 24 VLAN Control List Command VCL MAC based VLAN Configuration Description Show VCL MAC based VLAN configuration Syntax VCL Macvlan Configuration VCL MAC based VLAN Add Description Add or modify VCL MAC based VLAN entry Syntax VCL Macvlan Add mac_addr vid port_list Parameters mac_ad...

Страница 531: ...ss xx xx xx xx xx xx Example Delete 00 11 22 33 44 55 66 in MAC based VLAN list IGS 10020MT vcl macvlan del 00 11 22 33 44 55 66 VCL Stasus Description Show VCL MAC based VLAN users configuration Syntax VCL Status combined static nas all Parameters combined static nas all VCL User VCL Protocol based VLAN Add Ethernet II Description Add VCL protocol based VLAN Ethernet II protocol to group mapping ...

Страница 532: ...o FF FF FF pid PID value 0x0 0xFFFF If OUI is 00 00 00 valid range of PID is from 0x0600 0xFFFF group_id Protocol group ID VCL Protocol based VLAN Add LLC Description Add VCL protocol based VLAN LLC protocol to group mapping Syntax VCL ProtoVlan Protocol Add Llc dsap ssap group_id Parameters dsap DSAP value 0x00 0xFF ssap SSAP value 0x00 0xFF group_id Protocol group ID VCL Protocol based VLAN Dele...

Страница 533: ... PID value 0x0 0xFFFF If OUI is 00 00 00 valid range of PID is from 0x0600 0xFFFF VCL Protocol based VLAN Delete LLC Description Delete VCL protocol based VLAN LLC protocol to group mapping Syntax VCL ProtoVlan Protocol Delete Llc dsap ssap Parameters dsap DSAP value 0x00 0xFF ssap SSAP value 0x00 0xFF VCL Protocol based VLAN Add Description Add VCL protocol based VLAN group to VLAN mapping Syntax...

Страница 534: ...id Parameters port_list Port list or all default All ports group_id Protocol group ID VCL Protocol based VLAN Configuration Description Show VCL protocol based VLAN entries Syntax VCL ProtoVlan Conf 6 25 SMTP Command SMTP Configuration Description Show SMTP configure Syntax SMTP Configuration Default Setting disable SMTP Mode Description Enable or disable SMTP configure 534 ...

Страница 535: ...rver Description Set or show SMTP server configure Syntax SMTP Server server port Parameters server SMTP server address port SMTP server port Default Setting disable SMTP Auth Description Enable or disable SMTP authentication configure Syntax SMTP Auth enable disable Parameters enable Enable SMTP Authentication disable Disable SMTP Authentication default Show SMTP Authentication ...

Страница 536: ...ameters auth_user_text SMTP Authentication User Name Default Setting disable SMTP Auth_pass Description Set or show SMTP authentication password configure Syntax SMTP Auth_pass auth_pass_text Parameters auth_pass_text SMTP Authentication Password Default Setting disable SMTP Mailfrom Description Set or show SMTP e mail from configure Syntax SMTP Mailfrom mailfrom_text 536 ...

Страница 537: ...subject_text Parameters mailsubject_text SMTP E mail Subject Default Setting disable SMTP Mailto1 Description Set or show SMTP e mail 1 to configure Syntax SMTP Mailto1 mailto1_text Parameters mailto1_text SMTP e mail 1 to address Default Setting disable SMTP Mailto2 Description Set or show SMTP e mail 2 to configure Syntax SMTP Mailto2 mailto2_text Parameters mailto1_text SMTP e mail 2 to address...

Страница 538: ...User s Manual of IGS 10020MT 538 Default Setting disable SMTP Test Description Test the status for linking to SMTP server Syntax SMTP Test ...

Страница 539: ...n then this packet will be filtered Thereby increasing the network throughput and availability 7 4 Store and Forward Store and Forward is one type of packet forwarding techniques A Store and Forward Industrial Managed Switch stores the incoming frame in an internal buffer do the complete error checking before transmission Therefore no error packets occurrence it is the best choice when a network n...

Страница 540: ...the best possible bandwidth when a connection is established with another network device usually at Power On or Reset This is done by detect the modes and speeds at the second of both device is connected and capable of both 10Base T and 100Base TX devices can connect with the port in either Half or Full Duplex mode 1000Base T can be only connected in Full duplex mode ...

Страница 541: ...ed device is not set to dedicate full duplex Some devices use a physical or software switch to change duplex modes Auto negotiation may not recognize this type of full duplex setting Why the Industrial Managed Switch doesn t connect to the network Solution Check per port LED on the Industrial Managed Switch Try another port on the Industrial Managed Switch Make sure the cable is installed properly...

Страница 542: ... reset the IP address to the default IP Address 192 168 0 100 or reset the password to default value Press the hardware reset button at the front panel about 5 seconds After the device is rebooted you can login the management WEB interface within the same subnet of 192 168 0 xx Reset 542 ...

Страница 543: ...TX When connecting your 10 100Mbps Ethernet Switch to another switch a bridge or a hub a straight or crossover cable is necessary Each port of the Switch supports auto MDI MDI X detection That means you can directly connect the Switch to any Ethernet devices without making a crossover cable The following table and diagram show the standard RJ 45 receptacle connector and their pin assignments RJ 45...

Страница 544: ... Green 4 Blue 5 White Blue 6 Green 7 White Brown 8 Brown 1 White Orange 2 Orange 3 White Green 4 Blue 5 White Blue 6 Green 7 White Brown 8 Brown Crossover Cable SIDE 1 SIDE2 SIDE 1 1 2 3 4 5 6 7 8 1 2 3 4 5 6 7 8 SIDE 2 1 White Orange 2 Orange 3 White Green 4 Blue 5 White Blue 6 Green 7 White Brown 8 Brown 1 White Green 2 Green 3 White Orange 4 Blue 5 White Blue 6 Orange 7 White Brown 8 Brown Figu...

Страница 545: ...h the manual ACL configuration ACL Access Control List The web page shows the ACEs in a prioritized way highest top to lowest bottom Default the table is empty An ingress frame will only get a hit on one ACE even though there are more matching ACEs The first matching ACE will take action permit deny on that frame and a counter associated with that ACE is incremented An ACE can be associated with a...

Страница 546: ... Link Aggregation ARP ARP is an acronym for Address Resolution Protocol It is a protocol that used to convert an IP address into a physical address such as an Ethernet address ARP allows a host to communicate with other hosts when only the Internet address of its neighbors is known Before using IP the host sends a broadcast ARP request containing the Internet address of the desired destination sys...

Страница 547: ...nym for Dynamic Host Configuration Protocol It is a protocol used for assigning dynamic IP addresses to devices on a network DHCP used by networked computers clients to obtain IP addresses and other parameters such as the default gateway subnet mask and IP addresses of DNS servers from a DHCP server The DHCP server ensures that all IP addresses are unique for example no IP address is assigned to a...

Страница 548: ...CP Snooping DHCP Snooping is used to block intruder on the untrusted ports of the switch device when it tries to intervene by injecting a bogus DHCP reply packet to a legitimate conversation between the DHCP client and server DNS DNS is an acronym for Domain Name System It stores and associates many types of information with domain names Most importantly DNS translates human friendly domain names ...

Страница 549: ...er or convey information on the World Wide Web WWW HTTP defines how messages are formatted and transmitted and what actions Web servers and browsers should take in response to various commands For example when you enter a URL in your browser this actually sends an HTTP command to the Web server directing it to fetch and transmit the requested Web page The other main standard that controls how the ...

Страница 550: ...in the network IGMP IGMP is an acronym for Internet Group Management Protocol It is a communications protocol used to manage the membership of Internet Protocol multicast groups IGMP is used by IP hosts and adjacent multicast routers to establish multicast group memberships It is an integral part of the IP multicast specification like ICMP for unicast connections IGMP can be used for online video ...

Страница 551: ... acronym for IP MultiCast IP Source Guard IP Source Guard is a secure feature used to restrict IP traffic on DHCP snooping untrusted ports by filtering traffic based on the DHCP Snooping Table or manually configured IP Source Bindings It helps prevent IP spoofing attacks when a host tries to spoof and use the IP address of another host L LACP LACP is an IEEE 802 3ad standard protocol The Link Aggr...

Страница 552: ...ate the MAC table with these dynamic MAC addresses Dynamic entries are removed from the MAC table if no frame with the corresponding SMAC address have been seen after a configurable age time MEP MEP is an acronym for Maintenance Entity Endpoint and is an endpoint in a Maintenance Entity Group ITU T Y 1731 MD5 MD5 is an acronym for Message Digest algorithm 5 MD5 is a message digest algorithm used c...

Страница 553: ...ork Basic Input Output System It is a program that allows applications on separate computers to communicate within a Local Area Network LAN and it is not supported on a Wide Area Network WAN The NetBIOS giving each computer in the network both a NetBIOS name and an IP address corresponding to a different host name provides the session and transport services described in the Open Systems Interconne...

Страница 554: ...t field storing the priority level for the 802 1Q frame It is also known as User Priority PD PD is an acronym for Powered Device In a PoE system the power is delivered from a PSE power sourcing equipment to a remote device The remote device is called a PD PHY PHY is an abbreviation for Physical Interface Transceiver and is the device that implement the Ethernet physical layer IEEE 802 3 PING ping ...

Страница 555: ... organizing it in folders on the server IMAP can be thought of as a remote file server POP and IMAP deal with the receiving of e mail and are not to be confused with the Simple Mail Transfer Protocol SMTP You send e mail with SMTP and a mail handler receives it on your recipient s behalf Then the mail is read using POP or IMAP IMAP4 and POP3 are the two most prevalent Internet standard protocols f...

Страница 556: ... a multitude of applications and data including high quality video and delay sensitive data such as real time voice Networks must provide secure predictable measurable and sometimes guaranteed services Achieving the required QoS becomes the secret to a successful end to end business solution Therefore QoS is the set of techniques to manage network resources R RARP RARP is an acronym for Reverse Ad...

Страница 557: ...SA and published by the NIST as a U S Federal Information Processing Standard Hash algorithms compute a fixed length digital representation known as a message digest of an input data sequence the message of any length Shaper A shaper can limit the bandwidth of transmitted frames It is located after the ingress queues SMTP SMTP is an acronym for Simple Mail Transfer Protocol It is a text based prot...

Страница 558: ... confidentiality and integrity of data over an insecure network The goal of SSH was to replace the earlier rlogin TELNET and rsh protocols which did not provide strong authentication or guarantee confidentiality Wikipedia SSM SSM In SyncE this is an abbreviation for Synchronization Status Message and is containing a QL indication STP Spanning Tree Protocol is an OSI layer 2 protocol which ensures ...

Страница 559: ...NET TELNET is an acronym for TELetype NETwork It is a terminal emulation protocol that uses the Transmission Control Protocol TCP and provides a virtual connection between TELNET server and TELNET client TELNET enables the client to control the server and communicate with other servers on the network To start a Telnet session the client user must log in to a server by entering a valid username and...

Страница 560: ...nits to exchange may prefer UDP to TCP UDP provides two services not provided by the IP layer It provides port numbers to help distinguish different user requests and optionally a checksum capability to verify that the data arrived intact Common network applications that use UDP include the Domain Name System DNS streaming media applications such as IPTV Voice over IP VoIP and Trivial File Transfe...

Страница 561: ...IEEE 802 11 wireless networks Wireless networks broadcast messages using radio so are more susceptible to eavesdropping than wired networks When introduced in 1999 WEP was intended to provide confidentiality comparable to that of a traditional wired network Wikipedia WiFi WiFi is an acronym for Wireless Fidelity It is meant to be used generically when referring of any type of 802 11 network whethe...

Страница 562: ...ion server which distributes different keys to each user Personal WPA utilizes less scalable pre shared key PSK mode where every allowed computer is given the same passphrase In PSK mode security depends on the strength and secrecy of the passphrase The design of WPA is based on a Draft 3 of the IEEE 802 11i standard Wikipedia WPS WPS is an acronym for Wi Fi Protected Setup It is a standard for ea...

Страница 563: ...22 2010 Class A EN 55024 2010 IEC 61000 4 2 2008 IEC 61000 4 3 2006 A1 2007 A2 2010 IEC 61000 4 4 2004 A1 2010 IEC 61000 4 5 2005 IEC 61000 4 6 2008 IEC 61000 4 8 2009 Responsible for marking this declaration if the Manufacturer Authorized representative established within the EU Authorized representative established within the EU if applicable Company Name Planet Technology Corp Company Address 1...

Отзывы:

Нет отзывов

Похожие инструкции для IGS-10020MT

N-Tron 900 Installation & User Manual preview
900
Бренд: N-Tron Страницы: 18
4O3A Antenna Genius Quick Start Manual preview
Antenna Genius
Бренд: 4O3A Страницы: 2
JB Systems Light SW-416 Operation Manual preview
SW-416
Бренд: JB Systems Light Страницы: 15
Zigen SW-42Plus User Manual preview
SW-42Plus
Бренд: Zigen Страницы: 40
Zigen SW-41Plus Quick Start Manual preview
SW-41Plus
Бренд: Zigen Страницы: 4
FS 108710 Quick Start Manual preview
108710
Бренд: FS Страницы: 23
Balluff NAMUR BES G06MD-GNX10B-EV02-EEX Operating Instructions Manual preview
NAMUR BES G06MD-GNX10B-EV02-EEX
Бренд: Balluff Страницы: 56
Penguin Edge RTM-ATCA-F140 Quick Start Manual preview
Edge RTM-ATCA-F140
Бренд: Penguin Страницы: 2
Dahua PFS3005-5ET-V2 Quick Start Manual preview
PFS3005-5ET-V2
Бренд: Dahua Страницы: 17
Orno OR-GB-422 Quick Start Manual preview
OR-GB-422
Бренд: Orno Страницы: 2
TAXON TOOLS Scart Switch Manual preview
Scart Switch
Бренд: TAXON TOOLS Страницы: 9
CableTronix CTMS-16RKPS Installation Manual preview
CTMS-16RKPS
Бренд: CableTronix Страницы: 4
Ormazabal velatia cgm.3 system General Instructions Manual preview
velatia cgm.3 system
Бренд: Ormazabal Страницы: 76
IDT 89HPES12N3 User Manual preview
89HPES12N3
Бренд: IDT Страницы: 158
KDS KD-MSW8x3 Operating Instructions Manual preview
KD-MSW8x3
Бренд: KDS Страницы: 10
CoolGear CG-UC31PD4H Product Manual preview
CG-UC31PD4H
Бренд: CoolGear Страницы: 8
KTI KGS-1620 Installation Manual preview
KGS-1620
Бренд: KTI Страницы: 25
Elk Products ELK-M1DBHR Installation Manual preview
ELK-M1DBHR
Бренд: Elk Products Страницы: 2

Бренды по названию

Популярные бренды

Загрузить еще бренды