Tripp Lite NGI-M08C4POE8-2 Owner'S Manual Download

Page: 267 / 326

267

7.5

The purpose of this enhancement is to support on the Switch platforms. Terminal

Access Controller Access Control System Plus is a security application that provides centralized

validation of users attempting to gain access to a router, network access server etc. In order for

the feature on the TRIPP LITE products to work it would need a server,

which would typically be a daemon running on a centralized UNIX or windows NT

authentication, authorization and accounting facilities for managing network access points from

a single management service.

Product Features

The implementation will support the following features:



The implementation will conform to version 1.78 of the draft RFC.



Authentication, Authorization and Accounting can be run as well as disabled

independently of each other.



In case authentication fails on account of the server being unreachable the

box can be made to default to a local authentication policy.



packet body encryption will be supported.



Single server will be support.



Multiple connect mode will be support.



Syslog messages will be support.

Functional Description

The implementation will provide the following services:



Authentication:

Complete control of authentication through login and password dialog, challenge and response,

messaging support etc.



Authorization:

Control over user capabilities for the duration of the user session, like setting auto commands,

enforcing restrictions on what configuration commands a user may execute, session duration etc.



Accounting:

Collecting and sending information used for billing, auditing, and reporting to the

daemon.

Each of the above mentioned services can be configured and run independent of the others. The

implementation will provide authentication and confidentiality between the router

and the daemon. It runs on TCP port 49.

Application

Remote network access is witnessing a major paradigm shift that from terminal access to LAN

access. Single users want to connect to the corporate network in the same way that they connect

at work i.e. as a LAN user. This places increased emphasis on network access security. As a result

of this network managers are concerned with 3 parameters: authentication, authorization and

accounting. This is where enters into the picture. A typical deployment using

could be as follow:

Summary of Contents for NGI-M08C4POE8-2

Page 1: ......

Page 2: ... and can radiate radio frequency energy and if not installed and used in accordance with the instructions may cause harmful interference to radio communication Operation of this equipment in a residential area is likely to cause harmful interference in which case the user will be required to correct the interference at the user s own expense This is a Class A product In a domestic environment this...

Page 3: ...al object to the terminals Do not stack the chassis on any other equipment If the chassis falls it can cause severe bodily injury and equipment damage An exposed wire lead from a DC input power source can conduct harmful levels of electricity Be sure that no exposed portion of the DC input power source wire extends from the terminal block plug Ethernet cables must be shielded when used in a centra...

Page 4: ...nsure that the system remains stable The following guidelines are provided to ensure your safety This unit should be mounted at the bottom of the rack if it is the only unit in the rack When mounting this unit in a partially filled rack load the rack from the bottom to the top with the heaviest component at the bottom of the rack If the rack is provided with stabilizing devices install the stabili...

Page 5: ...location and users and service people who are authorized within the restricted access location are made aware of the hazard A restricted access area can be accessed only through the use of a special tool lock and key or other means of security No user serviceable parts inside Do not open This equipment must be grounded Never defeat the ground conductor or operate the equipment in the absence of a ...

Page 6: ...E CLI 27 4 4 CLI COMMAND CONCEPT 28 4 5 GUI LOGIN 29 4 6 SYSTEM INFORMATION 30 4 6 1 CLI CONFIGURATION 30 4 6 2 WEB CONFIGURATION 30 5 BASIC SETTINGS 33 5 1 GENERAL SETTINGS 33 5 1 1 SYSTEM 33 5 1 1 1 CLI CONFIGURATION 33 5 1 1 2 WEB CONFIGURATION 35 5 1 2 JUMBO FRAME 37 5 1 2 1 CLI CONFIGURATION 37 5 1 2 2 WEB CONFIGURATION 38 5 1 3 SNTP 38 5 1 3 1 CLI CONFIGURATION 39 5 1 3 2 WEB CONFIGURATION 4...

Page 7: ...DWIDTH CONTROL 59 6 1 1 QOS 59 6 1 1 1 PORT PRIORITY 61 6 1 1 1 1CLI CONFIGURATION 61 6 1 1 1 2WEB CONFIGURATION 61 6 1 1 2 IP DIFFSERV DSCP 62 6 1 1 2 1CLI CONFIGURATION 64 6 1 1 2 2WEB CONFIGURATION 64 6 1 1 3 PRIORITY QUEUE MAPPING 65 6 1 1 3 1CLI CONFIGURATION 65 6 1 1 3 2WEB CONFIGURATION 66 6 1 1 4 SCHEDULE MODE 67 6 1 1 4 1CLI CONFIGURATION 67 6 1 1 4 2WEB CONFIGURATION 68 6 1 2 RATE LIMITA...

Page 8: ... 3 2 2WEB CONFIGURATION 89 6 2 4 MVR 90 6 2 4 1 MVR SETTINGS 92 6 2 4 1 1CLI CONFIGURATION 92 6 2 4 1 2WEB CONFIGURATION 93 6 2 4 2 GROUP SETTINGS 94 6 2 4 2 1CLI CONFIGURATION 94 6 2 4 2 2WEB CONFIGURATION 94 6 2 5 MULTICAST ADDRESS 95 6 2 5 1 CLI CONFIGURATION 97 6 2 5 2 WEB CONFIGURATION 97 6 2 6 EXPLICIT HOST TRACKING 98 6 2 6 1 CLI CONFIGURATIONS 98 6 2 6 2 WEB CONFIGURATIONS 98 6 3 VLAN 99 6...

Page 9: ...SELECTIVE Q IN Q 128 6 3 7 3 1CLI CONFIGURATION 128 6 3 7 3 2WEB CONFIGURATION 129 6 3 8 VLAN TRANSLATION 130 6 3 8 1 CLI CONFIGURATION 130 6 3 8 2 WEB CONFIGURATION 131 6 4 DHCP OPTIONS 132 6 4 1 OPTION 66 AND 67 132 6 4 1 1 CLI CONFIGURATION 133 6 4 1 2 WEB CONFIGURATION 133 6 4 2 DHCP OPTION 82 134 6 4 2 1 CLI CONFIGURATION 136 6 4 2 2 WEB CONFIGURATION 137 6 5 DHCP RELAY 139 6 5 1 CLI CONFIGUR...

Page 10: ... 4 1 CLI CONFIGURATION 176 6 11 4 2 WEB CONFIGURATION 177 6 12 PTP IEEE 1588 V2 178 6 12 1 GENERAL SETTINGS 178 6 12 1 1 CLI CONFIGURATION 178 6 12 1 2 WEB CONFIGURATION 179 6 12 2 DOMAIN SETTINGS 180 6 12 2 1 CLI CONFIGURATION 180 6 12 2 2 WEB CONFIGURATION 182 6 12 3 PORT SETTINGS 184 6 12 3 1 CLI CONFIGURATION 184 6 12 3 2 WEB CONFIGURATION 185 6 13 PPPOE IA 187 6 13 1 GLOBAL CONFIGURATION 190 ...

Page 11: ...ONFIGURATIONS 226 6 16 1 2 WEB CONFIGURATIONS 228 6 16 2 NEIGHBORS 230 6 16 2 1 CLI CONFIGURATIONS 230 6 16 2 2 WEB CONFIGURATIONS 230 6 17 XPRESS RING 231 6 17 1 CLI CONFIGURATION 231 6 17 2 WEB CONFIGURATION 232 7 SECURITY 234 7 1 IP SOURCE GUARD 234 7 1 1 DHCP SNOOPING 234 7 1 1 1 DHCP SNOOPING 237 7 1 1 1 1CLI CONFIGURATIONS 237 7 1 1 1 2WEB CONFIGURATIONS 237 7 1 1 2 PORT SETTINGS 238 7 1 1 2...

Page 12: ... STICKY MAC 264 7 4 2 1 CLI CONFIGURATIONS 265 7 4 2 2 WEB CONFIGURATIONS 266 7 5 TACACS 267 7 5 1 CLI CONFIGURATIONS 268 7 5 2 WEB CONFIGURATIONS 270 8 MONITOR 272 8 1 ALARM 272 8 1 1 CLI CONFIGURATIONS 272 8 1 2 WEB CONFIGURATIONS 272 8 2 HARDWARE INFORMATION 273 8 2 1 CLI CONFIGURATIONS 273 8 2 2 WEB CONFIGURATIONS 274 8 3 PORT STATISTICS 275 8 3 1 CLI CONFIGURATIONS 275 8 3 2 WEB CONFIGURATION...

Page 13: ...NFIGURATIONS 290 9 1 3 1 2WEB CONFIGURATIONS 291 9 1 3 2 USER SETTINGS 292 9 1 3 2 1CLI CONFIGURATIONS 292 9 1 3 2 2WEB CONFIGURATIONS 293 9 1 3 3 VIEW SETTINGS 294 9 1 3 3 1CLI CONFIGURATIONS 294 9 1 3 3 2WEB CONFIGURATIONS 294 9 2 AUTO PROVISION 296 9 2 1 CLI CONFIGURATIONS 297 9 2 2 WEB CONFIGURATIONS 298 9 3 MAIL ALARM 299 9 3 1 REFERENCE 299 9 3 2 CLI CONFIGURATIONS 300 9 3 3 WEB CONFIGURATIO...

Page 14: ...NT 315 9 8 1 LLDP 315 9 8 1 1 CLI CONFIGURATIONS 315 9 8 1 2 WEB CONFIGURATIONS 316 9 8 2 MANUAL REGISTRATION 317 9 8 2 1 CLI CONFIGURATIONS 317 9 8 2 2 WEB CONFIGURATIONS 317 9 8 3 ONVIF 318 9 8 3 1 CLI CONFIGURATIONS 318 9 8 3 2 WEB CONFIGURATIONS 318 9 9 TOPOLOGY MAP 320 9 9 1 BACKGROUND CONFIGURATION 322 9 9 2 CLIENT SWITCH MANAGEMENT 323 10 MISC 323 10 1CABLE TEST 323 10 1 1 CLI CONFIGURATION...

Page 15: ...stand in operating temperatures from 40 to 75 40 F to 167 F The NGI M08C4POE8 2 features with 4 Gigabit SFP slots which is immune to moisture static electricity power surges and short circuits plus 8 10 100 1000Base T PoE ports Each of the PoE ports complies with the IEEE 802 3at standard allowing them to supply up to 30W to satisfy the growing demand of high power consuming network devices such a...

Page 16: ...ity Rate Limitation Storm Control Port Isolation 802 1Q Tag based VLAN Auto MDI MDI X PoE Configuration PoE Scheduling PD Alive Check PoE power on off PoE Priority Power budget control per system per port Digital Input 2 pairs digital input Open Close Support Dry Contact Network Management Command Line Interface Telnet Web GUI SNMP v1 v2c v3 Management VLAN Remote system log Firmware Upgradable Co...

Page 17: ...bps L2 forwarding 17 86Mpps Packet Buffer size 8Mbits MAC Entries 16 K Jumbo frame 10 K Throughput 1 488 000pps when 1000Mbps speed Ports 10 100 1000Base T RJ45 8 Gigabit SFP slots 4 Console port RJ45 to RS232 1 USB port 1 Power Input Voltage Primary inputs 24 57VDC at a maximum of 6A Redundant inputs 24 57VDC at a maximum of 6A Connection Removable 6 pin terminal block One Overload current protec...

Page 18: ... PoE Power Available at PD 25 50W Max Power delivered by PSE 30 W Voltage Range at PSE 24 57V Voltage Range at PD 50 57V Maximum Current 600mA Maximum Cable resistance 12 5 Ω Category 5 Output capacity for PoE 240W 48VDC input PoE supported mode Mode A DIN RAIL Recommendation Steel with Electrolytic Zinc Plating Stand Off Brackets 450 Angle and Straight Comply with DIN 50045 50022 and 50035 Standa...

Page 19: ...ode devices The following are recommended cabling for the RJ45 connectors 1 10Mbps Cat 3 or better 2 100 1000Mbps Cat 5e or better SFP Slots for SFP modules The four SFP slots are designed to Gigabit SFP modules that support network speed of 1000Mbps Installing the SFP modules and Fiber Cable 1 Slide the selected SFP module into the selected SFP slot Make sure the SFP module is aligned correctly w...

Page 20: ...chnical Specifications for the acceptable temperature and humidity ranges Install the Switch in a location that is not affected by strong electromagnetic field generators such as motors vibration dust and direct sunlight Leave at least 10 cm 4 in of space at the front and rear of the unit for ventilation ATTENTION The NGI M08C4POE8 2 is an open type device and NGI M08C4POE8 2 shall be DIN Rail mou...

Page 21: ... or isolating surface treatment ATTENTION This product is intended to be mounted to a well grounded mounting surface such as a metal panel CAUTION The earth connection must not be removed unless all power supply connection has been disconnected The device is installed in a restricted access location it has a separate protective earthing terminal on the chassis that must be permanently connected to...

Page 22: ...5 C 140 167 F tighten to 0 56 N m 5 lb in The wire gauge for the terminal block should range between 12 18 AWG Redundant Power Input You can use Terminal Block PWR as primary power or Terminal Block PWR for redundant power Connect power cables to terminal block Use your finger to press the orange plug on top of terminal block connector to insert power cables WARNING Safety measures should be taken...

Page 23: ... used to detect both power faults and port faults The two wires attached to the ALM contacts form an open circuit when 1 The Switch has lost power from one of the DC power inputs OR 2 One of the ports for which the corresponding PORT ALARM DIP Switch is set to ON is not properly connected If neither of these two conditions is satisfied the Fault circuit will be closed WARNING Use copper conductors...

Page 24: ...all your connections They are as follows Unit LEDs LED Condition Status PWR Illuminated Primary power is supplied to switch Off Primary power off or failure RPS Illuminated Redundant power is supplied to switch Off Redundant power off or failure ALM Illuminated External signal device will be activated through terminal block ALM when there is any alarm Alarm for following conditions Power lost prim...

Page 25: ...upgrade the firmware to version 1 0 1 S0 then you need to follow these steps 1 Create a folder with model name in USB eg NGI M08C4POE8 2 Note don t add A in folder name 2 Insert new firmware file in that folder Note There should be only one firmware in that folder If there are more than one firmware the upgrade process will stop 3 Insert the USB drive into the NGI M08C4POE8 2 s USB port 4 Switch u...

Page 26: ...mary power and redundant power supply No Name Description 1 PWR ON Primary power alarm reporting is enabled OFF Primary power alarm reporting is disabled 2 RPS ON Redundant power alarm reporting is enabled OFF Redundant power alarm reporting is disabled ...

Page 27: ...is your first login use the default values Default Management IP Address Setting Default Value IP Address 192 168 0 254 Subnet Mask 255 255 255 0 Default Gateway 0 0 0 0 Management VLAN 1 Default Username admin Default Password admin Make sure your computer IP address is in the same subnet unless you are accessing the Switch through one or more routers 4 3 How to enter the CLI Press Enter key to e...

Page 28: ...gurations The Node type enable Its command prompt is L2SWITCH It means these commands can be executed in this command prompt configure Its command prompt is L2SWITCH config It means these commands can be executed in this command prompt In Enable code executing command configure terminal enter the configure node L2SWITCH configure terminal eth0 Its command prompt is L2SWITCH config if It means thes...

Page 29: ...this command prompt In Configure code executing command vlan 2 enter the vlan 2 node Note where the 2 is the vlan ID L2SWITCH config vlan 2 L2SWITCH config vlan acl Its command prompt is L2SWITCH config acl It means these commands can be executed in this command prompt In Configure code executing command access list test enter the access list test node Note where the test is the profile name L2SWI...

Page 30: ... displays the system information enable show running config This command displays the current operating configurations enable show system info This command displays the system s CPU loading and memory information enable show uptime This command displays the system up time 4 6 2 Web Configuration The System Information window appears each time you log into the program Alternatively this window can ...

Page 31: ...rmware DHCP Client This field displays whether the DHCP client is enabled on the Switch IP Address This field indicates the IP address of the Switch Subnet Mask This field indicates the subnet mask of the Switch Default Gateway This field indicates the default gateway of the Switch MAC Address This field displays the MAC Media Access Control address of the Switch Serial Number The serial number as...

Page 32: ... Switch s local IP address for IPv6 IPv6 Default Gateway This field displays the default gateway for IPv6 IPv6 Global Address This field displays the Switch s global IP address for IPv6 Refresh Click Refresh to begin configuring this screen afresh ...

Page 33: ...enable show interface eth0 This command displays the eth0 configurations enable configure terminal This command changes the node to configure node configure hostname STRINGS This command sets the system s network name configure interface eth0 This command enters the eth0 interface node to configure the system IP eth0 show This command displays the eth0 configurations eth0 ip address A B C D M This...

Page 34: ...t on next system restart Example The procedures to configure an IP address for the Switch To enter the configure node L2SWITCH configure terminal L2SWITCH config To enter the ETH0 interface node L2SWITCH config interface eth0 L2SWITCH config if To get an IP address from a DHCP server L2SWITCH config if ip dhcp client enable To configure a static IP address and a gateway for the Switch L2SWITCH con...

Page 35: ... used for Switch management purposes DHCP Server Port Configures a port or a range of ports for valid DHCP server IPv4 Settings IP Address Configures a IPv4 address for your Switch in dotted decimal notation For example 192 168 0 254 Subnet Mask Enter the IP subnet mask of your Switch in dotted decimal notation for example 255 255 255 0 Default Gateway Enter the IP address of the default outgoing ...

Page 36: ...DHCP server Select Disable if you want to configure the Switch s IP address manually Global Address Configure a global IPv6 address for the Switch Default Gateway Set Set an IPv6 default gateway for the Switch Unset Unset the IPv6 default gateway for the Switch Apply Click Apply to take effect the settings Refresh Click Refresh to begin configuring this screen afresh ...

Page 37: ...0 9216 10240 5 1 2 1 CLI Configuration Node Command Description enable show jumboframe This command displays the current jumbo frame settings enable configure terminal This command changes the node to configure node configure interface IFNAME This command enters the interface configure node interface jumboframe 10240 1522 1536 1 552 9010 9216 This command configures the maximum number of bytes of ...

Page 38: ...ynchronizing the clocks of computer systems over packet switched variable latency data networks A less complex implementation of NTP using the same protocol but without requiring the storage of state over extended periods of time is known as the Simple Network Time Protocol SNTP NTP provides Coordinated Universal Time UTC No information about time zones or daylight saving time is transmitted this ...

Page 39: ...e terminal This command changes the node to configure node configure time HOUR MINUTE SECOND Sets the current time on the Switch hour 0 23 min 0 59 sec 0 59 Note If you configure Daylight Saving Time after you configure the time the Switch will apply Daylight Saving Time configure time date YEAR MONTH DAY Sets the current date on the Switch year 1970 month 1 12 day 1 31 configure time daylight sav...

Page 40: ... domain name of your time server configure time timezone STRING Configures the time difference between UTC formerly known as GMT and your time zone Valid Range 1200 1200 Example L2SWITCH config time ntp server 192 5 41 41 L2SWITCH config time timezone 0800 L2SWITCH config time ntp server enable L2SWITCH config time daylight saving time start date first Monday 6 0 L2SWITCH config time daylight savi...

Page 41: ...able to turn it off Start Date Configure the day and time when Daylight Saving Time starts if you enabled Daylight Saving Time The time is displayed in the 24 hour format Here are a couple of examples Daylight Saving Time starts in most parts of the United States on the second Sunday of March Each time zone in the United States starts using Daylight Saving Time at 2 A M local time So in the United...

Page 42: ...or whole subnet Notices This feature allows user to configure management host up to 10 entries The default is none any host can manage the Switch via telnet or web browser 5 1 4 1 CLI Configuration Node Command Description enable show interface eth0 This command displays the eth0 configurations enable configure terminal This command changes the node to configure node configure interface eth0 This ...

Page 43: ...Scope Link UP BROADCAST RUNNING ALLMULTI MULTICAST MTU 1500 Metric 1 ASYMMTU 0 RX packets 17931 errors 0 dropped 6680 overruns 0 frame 0 TX packets 6500 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 500 RX bytes 3565872 3 4 Mb TX bytes 1173040 1 1 Mb 5 1 4 2 Web Configuration Parameter Description Management Host Settings Management Host This field configures the management host ...

Page 44: ...ts When a device which may belong to a VLAN group sends a packet which is forwarded to a port on the Switch the MAC address of the device is shown on the Switch s MAC Table It also shows whether the MAC address is dynamic learned by the Switch or static manually entered The Switch uses the MAC Table to determine how to forward frames See the following figure 1 The Switch examines the received fram...

Page 45: ...able static MACADDR vlan 1 4094 port PORT_ID This command configures a static unicast entry configure no mac address table static MACADDR vlan 1 4094 This command removes a static unicast entry from the address table Example L2SWITCH config mac address table static 00 11 22 33 44 55 vlan 1 port 1 5 2 1 2 Web Configuration A static Media Access Control MAC address is an address that has been manual...

Page 46: ...fresh Click Refresh to begin configuring this screen afresh Static MAC Table MAC Address This field displays the MAC address of a manually entered MAC address entry VLAN ID This field displays the VID of a manually entered MAC address entry Port This field displays the port number of a manually entered MAC address entry The MAC address with port CPU means the Switch s MAC addresses itself Action C...

Page 47: ... mac address table mac MACADDR This command displays information of a specific MAC enable show mac address table port PORT_ID This command displays the current unicast address entries learnt by the specific port enable configure terminal This command changes the node to configure node configure clear mac address table dynamic This command clears the dynamic address entries 5 2 2 2 Web Configuratio...

Page 48: ...ry is associated It displays CPU if it is the entry for the Switch itself The CPU means that it is the Switch s MAC Total Counts This field displays the total entries in the MAC table 5 2 3 Age Time Settings 5 2 3 1 CLI Configuration Node Command Description enable show mac address table aging time This command displays the current MAC address table age time enable configure terminal This command ...

Page 49: ...ser can configure up to 20 entries 5 2 4 1 CLI Configuration Node Command Description enable show mac address table refusal This command displays the current refusal MAC address only enable configure terminal This command changes the node to configure node configure mac address table refusal MACADDR vlan 1 4094 This command configures a refusal MAC on a specific VLAN configure mac address table re...

Page 50: ...hh hh hh hh VLAN ID Enter the VLAN ID to apply to the computer or device Apply Click Apply to take effect the settings Refresh Click Refresh to begin configuring this screen afresh Refusal MAC Table Action Click Delete to remove this manually entered MAC address entry from the refusal MAC address table Total Counts This field displays the total entries in the refusal MAC table ...

Page 51: ...ction is enabled the Monitor to Port can receive mirrored packets only If a port has been configured as a source port and then user configures the port as a destination port the port will be removed from the source ports automatically 5 3 1 CLI Configuration Node Command Description enable show mirror This command displays the current port mirroring configurations enable configure terminal This co...

Page 52: ...orts Settings in this field apply to all ports Use this field only if you want to make some settings the same for all ports Use this field first to set the common settings and then make adjustments on a port by port basis Source Port This field displays the number of a port Mirror Mode Select Ingress Egress or Both to only copy the ingress incoming egress outgoing or both incoming and outgoing tra...

Page 53: ...unications device and returned looped back to it as a way to determine whether the device is working right or as a way to pin down a failing node in a network One type of loopback test is performed using a special plug called a wrap plug that is inserted in a port on a communications device The effect of a wrap plug is to cause transmitted output data to be returned as received input data simulati...

Page 54: ...and resend later The Switch uses IEEE802 3x flow control in full duplex mode and backpressure flow control in half duplex mode IEEE802 3x flow control is used in full duplex mode to send a pause signal to the sending port causing it to temporarily stop sending signals when the receiving port memory buffers fill Back Pressure flow control is typically used in half duplex mode to send a collision si...

Page 55: ...nterface range gigabitethernet1 0 PORTLISTS This command enters the if range configure node if range shutdown This command disables the specific ports if range no shutdown This command enables the specific ports if range speed auto 10 full 10 half 100 full 100 half 1000 full This command configures the speed and duplex for the port Example L2SWITCH configure terminal L2SWITCH config interface gi1 ...

Page 56: ...lays whether the port is enabled or disabled Speed Duplex This field displays the speed either 10M 100Mor 1000Mand the duplex mode Full or Half Flow Control This field displays whether the port s flow control is On or Off Link Status This field displays the link status of the port If the port is up it displays the port s speed duplex and flow control setting Otherwise it displays Link Down if the ...

Page 57: ... configure interface range gigabitethernet1 0 PORTLISTS This command enters the if range configure node if range description STRINGs This command configures a description for the specific ports if range no description This command configures the default port description for the specific ports if range alias STRING This command configures an alias for the specific ports The length of alias is up to...

Page 58: ... to take effect the settings Refresh Click Refresh to begin configuring this screen afresh Port Status Port This field displays the port number Description The meaningful name for the port Alias The alias name for the port Status The field displays the detail port status if the port is blocked by some protocol Uptime The sustained time from last link up Medium Mode The current working medium mode ...

Page 59: ...queues are numbered from 7 Class 7 the highest priority queue to 0 Class 0 the lowest priority queue The eight priority tags specified in IEEE 802 1p p0 to p7 are mapped to the Switch s priority queues as follows Priority 0 1 2 3 4 5 6 7 Queue 2 0 1 3 4 5 6 7 Priority scheduling is implemented by the priority queues stated above The Switch will empty the four hardware priority queues in order begi...

Page 60: ...Control Information TCI Priority Code Point PCP a 3 bit field which refers to the IEEE 802 1p priority It indicates the frame priority level from 0 lowest to 7 highest which can be used to prioritize different classes of traffic voice video data etc Canonical Format Indicator CFI a 1 bit field If the value of this field is 1 the MAC address is in non canonical format If the value is 0 the MAC addr...

Page 61: ... changes the node to configure node configure interface IFNAME This command enters the interface configure node interface default priority 0 7 This command allows the user to specify a default priority handling of untagged packets received by the Switch The priority value entered with this command will be used to determine which of the hardware priority queues the packet is forwarded to Default 0 ...

Page 62: ...al network traffic such as voice or video while providing simple best effort traffic guarantees to non critical services such as web traffic or file transfers Differentiated Services Code Point DSCP is a 6 bit field in the header of IP packets for packet classification purposes DSCP replaces the outdated IP precedence a 3 bit field in the Type of Service byte of the IP header originally used to cl...

Page 63: ...s may increase the cost in some sense of the service In many networks better performance for one of these parameters is coupled with worse performance on another Except for very unusual cases at most two of these three indications should be set The type of service is used to specify the treatment of the datagram during its transmission through the internet system Example mappings of the internet t...

Page 64: ...nable This command disables enables the DiffServ function configure diffserv dscp 0 63 priority 0 7 This command sets the DSCP to IEEE 802 1q mappings 6 1 1 2 2 Web Configuration Parameter Description DSCP Settings Mode Tag Over DSCP or DSCP Over Tag Tag Over DSCP means the 802 1p tag has higher priority than DSCP Priority This field displays each priority level The values range from 0 lowest prio...

Page 65: ...rvice queue configure no queue cos map This command configures the 802 1p priority mapping to the service queue to default Example L2SWITCH config queue cos map 0 1 Success L2SWITCH config queue cos map 1 2 Success L2SWITCH config queue cos map 2 3 Success L2SWITCH config queue cos map 3 4 Success L2SWITCH config queue cos map 4 5 Success L2SWITCH config queue cos map 5 6 Success L2SWITCH config q...

Page 66: ...priority to queue mappings to the defaults Priority This field displays each priority level The values range from 0 lowest priority to 7 highest priority Queue ID Select the number of a queue for packets with the priority level Apply Click Apply to take effect the settings Refresh Click Refresh to begin configuring this screen afresh ...

Page 67: ...g but services queues based on their priority and queue weight the number you configure in the queue Weight field rather than a fixed amount of bandwidth WRR is activated only when a port has more traffic than it can handle Queues with larger weights get more service than queues with smaller weights This queuing mechanism is highly efficient in that it divides any available bandwidth across the di...

Page 68: ...u configure in the queue Weight field Queues with larger weights get more service than queues with smaller weights Queue ID This field indicates which Queue 0 to 7 you are configuring Queue 0 has the lowest priority and Queue 7 the highest priority Weight Value You can only configure the queue weights when Weighted Round Robin is selected Bandwidth is divided across the different traffic queues ac...

Page 69: ...ast multicast and unknown unicast packets is reached per second the subsequent packets are discarded Enable this feature to reduce broadcast multicast and unknown unicast packets in your network Storm Control unit 652pps 6 1 2 1 1 CLI Configuration Node Command Description enable show storm control This command displays the current storm control configurations enable configure terminal This comman...

Page 70: ... receive per second Type Select Broadcast to specify a limit for the amount of broadcast packets received per second Multicast to specify a limit for the amount of multicast packets received per second DLF to specify a limit for the amount of DLF packets received per second Or other combinations such as Bcast Mcast Bcast_DLF Mcast DLF Bcast Mcast DLF Apply Click Apply to take effect the settings R...

Page 71: ...ndwidth limit for outgoing packets and set the limitation configure no bandwidth limit egress ports PORTLISTS This command disables the bandwidth limit for outgoing packets configure bandwidth limit ingress RATE_LIMIT ports PORTLISTS This command enables the bandwidth limit for incoming packets and set the limitation configure no bandwidth limit ingress ports PORTLISTS This command disables the ba...

Page 72: ...gs Port Selects a port that you want to configure Ingress Configures the rate limitation for the ingress packets Egress Configures the rate limitation for the egress packets Apply Click Apply to take effect the settings Refresh Click Refresh to begin configuring this screen afresh ...

Page 73: ...VLANs You can configure the Switch to automatically learn multicast group membership of any VLANs The Switch then performs IGMP snooping on the first VLANs that send IGMP packets Alternatively you can specify the VLANs that IGMP snooping should be performed on This is referred to as fixed mode In fixed mode the Switch does not learn multicast group membership of any VLANs other than those explicit...

Page 74: ...ears all of the IGMP snooping counters configure igmp snooping disable enable This command disables enables the IGMP snooping on the switch configure igmp snooping report suppression disable enable This command disables enables the IGMP snooping report suppression function on the switch configure igmp snooping vlan VLANID This command enables the IGMP snooping function on a VLAN or range of VLANs ...

Page 75: ... IDs is between 1 and 4094 Use a comma or hyphen to specify more than one VLANs Select Delete and enter VLANs on which to have the Switch not perform IGMP snooping Unknown Multicast Packets Specify the action to perform when the Switch receives an unknown multicast frame Select Drop to discard the frame s Select Flooding to send the frame s to all ports Apply Click Apply to take effect the setting...

Page 76: ...in the original leave message Immediate Leave ensures optimal bandwidth management for all hosts on a switched network even when multiple multicast groups are simultaneously in use Without Immediate Leave when the switch receives an IGMP leave message from a subscriber on a receiver port it sends out an IGMP specific query on that port and waits for IGMP group membership reports If no reports are ...

Page 77: ...t s The Switch forwards IGMP join or leave packets to an IGMP query port treating the port as being connected to an IGMP multicast router or server You must enable IGMP snooping as well Default auto configure interface range gigabitethernet1 0 POR TLISTS This command enters the if range configure node if range igmp immediate leave This command enables the IGMP Snooping immediate leave function for...

Page 78: ... IGMP multicast server to the port s Edge means the Switch does not use the port as an IGMP query port In this case the Switch does not keep a record of an IGMP router being connected to this port and the Switch does not forward IGMP join or leave packets to this port Immediate Leave Select individual ports on which to enable immediate leave Group Limit Configures the maximum group for the port or...

Page 79: ... and reliably determine membership information A General Query is addressed to the all systems multicast group 224 0 0 1 has a Group Address field of 0 and has a Max Response Time of Query Response Interval 6 2 1 3 1 CLI Configuration Node Command Description enable show igmp snooping querier This command displays the current IGMP Queriers enable configure terminal This command changes the node to...

Page 80: ...te in a vlan or a range of vlan Apply Click Apply to take effect the settings Refresh Click Refresh to begin configuring this screen afresh Querier Status State This filed indicates the current global Querier status Query Interval This field indicates the interval which Querier send query packet periodically Enable on VLAN This field displays VLANs on which the Switch is to perform IGMP querier No...

Page 81: ...iltering enable disable This command enables disables the IGMP snooping filtering profiles on the Switch configure igmp snooping filtering profile STRING This command creates a filtering profile and enters the IGMP snooping filtering profiles configuration node configure no igmp snooping filtering all This command removes all of the IGMP snooping filtering profiles from the Switch configure no igm...

Page 82: ...roup Settings 6 2 2 2 1 CLI Configurations Node Command Description enable show igmp snooping filtering This command displays the IGMP snooping filtering configurations enable configure terminal This command changes the node to configure node configure igmp snooping filtering profile STRING This command creates a filtering profile and enters the IGMP snooping filtering profiles configuration node ...

Page 83: ...t to configure the group Group This field selects the group index Start Address The field configures the first multicast address of the group End Address The field configures the last multicast address of the group Apply Click Apply to take effect the settings Refresh Click Refresh to begin configuring this screen afresh ...

Page 84: ...ring profile STRINGS This command disables the IGMP snooping filtering profiles on the range of ports configure interface range gigabitethernet1 0 PORTLISTS This command enters the if range configure node if config igmp snooping filtering profile STRING This command enables the IGMP snooping filtering profiles on the range of ports if config no igmp snooping filtering profile STRINGS This command ...

Page 85: ...c bridging based on IPv6 destination multicast addresses MLDv2 basic snooping uses MLDv2 control packets to set up traffic forwarding based on IPv6 destination multicast addresses Proxy Reporting All the hosts send their complete multicast group membership information to the multicast router in response to queries The switch snoop these responses updates the database and forwards the reports to th...

Page 86: ...erval This command resets the MLD Snooping router interval to 125 seconds configure mld snooping port interval 130 1225 This command configures the MLD Snooping port interval configure no mld snooping port interval This command resets the MLD Snooping port interval to 260 seconds configure mld snooping report suppression interval 1 25 This command configures the MLD Snooping report suppression int...

Page 87: ...on Interval Configures the MLD Snooping report suppression interval Querier State Enables Disables the MLD Snooping querier state on the Switch Port Interval Configures the MLD Snooping port interval Forward Report Mode all ports Report forwards on all existing ports router ports Report forwards on router ports only Group Querier Interval Configures the MLD Snooping group querier interval Apply Cl...

Page 88: ...LD Snooping version mld_vlan no version This command resets the MLD Snooping version to default v1 mld_vlan immediate leave enable This command enables the MLD Snooping immediate leave Default disable mld_vlan no immediate leave enable This command disables the MLD Snooping immediate leave mld_vlan querier enable This command enables the MLD Snooping Querier Default disable mld_vlan no querier ena...

Page 89: ...lects the MLD Snooping version on the vlan Immediate Leave Enables Disables the MLD Snooping immediate leave on the vlan Querier Enables Disables the MLD Snooping querier on the vlan Router Port Add add port s in the router port list for MLD Snooping on the vlan Remove remove port s from the router port list for MLD Snooping on the vlan Apply Click Apply to take effect the settings Refresh Click R...

Page 90: ...terface dynamically Compatible Mode If we select the dynamic mode in MVR setting IGMP report message transmitted from the receiver port will not be transmitted to a multicast router Operation Mode Join Operation A subscriber sends an IGMP report message to the switch to join the appropriate multicast The next depends on whether the IGMP report matches the switch configured multicast MAC address If...

Page 91: ...er Receiver Ports VLAN1 VLAN2 VLAN3 VLAN4 VLAN5 VLAN6 Default Settings There is no MVR vlan Default configuration for a new MVR MVR VLAN Information VLAN ID 2 Name MVR2 Active Enabled Mode Dynamic Source Port s None Receiver Port s None Tagged Port s None The Switch allows user to create up to 250 groups The Switch allows user to create up to 16 MVRs ...

Page 92: ...Settings 6 2 4 1 1 CLI Configuration Node Command Description enable show mvr This command displays the current MVR configurations enable show mvr vlan VLANLISTS This command displays the current MVR configurations of the specific VLAN enable configure terminal This command changes the node to configure node configure mvr VLANLISTS This command configures the MVR configurations for the specific VL...

Page 93: ...command removes a port or range of ports from the tagged port s MVR priority override disable enable This command enables disables the multicast priority override 6 2 4 1 2 Web Configuration Parameter Description MVR Setting VLAN ID Configures a VLAN NAME Configures a name for the MVR Priority Override Enable Disable for the priority override State Enables Disables the MVR Mode Configures the mode...

Page 94: ...de Command Description enable show mvr This command displays the current MVR configurations enable show mvr vlan VLANLISTS This command displays the current MVR configurations of the specific VLAN enable configure terminal This command changes the node to configure node configure mvr VLANLISTS This command configures the MVR configurations for the specific VLAN MVR group STRING start address IPADD...

Page 95: ...The first octet 01 includes the broadcast multicast bit The lower 23 bits of the 28 bit multicast IP address are mapped into the 23 bits of available Ethernet address space This means that there is ambiguity in delivering packets If two hosts on the same subnet each subscribe to a different multicast group whose address differs only in the first 5 bits Ethernet packets for both multicast groups wi...

Page 96: ...ers on a network segment 224 0 0 9 The RIP version 2 group address used to send routing information using the RIP protocol to all RIP v2 aware routers on a network segment 224 0 0 10 EIGRP group address Used to send EIGRP routing information to all EIGRP routers on a network segment 224 0 0 13 PIM Version 2 Protocol Independent Multicast 224 0 0 18 Virtual Router Redundancy Protocol 224 0 0 19 21 ...

Page 97: ...l This command changes the node to configure node configure mac address table multicast MACADDR vlan 1 4094 ports PORTLIST This command configures a static multicast entry configure no mac address table multicast MACADDR This command removes a static multicast entry from the address table 6 2 5 2 Web Configuration Parameter Description Static Multicast Address Settings VLAN ID Configures the VLAN ...

Page 98: ...state of all hosts on the interface 6 2 6 1 CLI Configurations Node Command Description enable show igmp snooping membership The command displays the multicast membership enable configure terminal This command changes the node to configure node configure igmp snooping explicit tracking This command enables the IGMP snooping explicit host tracking on the Switch configure no igmp snooping explicit t...

Page 99: ... This feature is a per port setting to configure the egress port s for the specific port to forward its received packets If the CPU port port 0 is not an egress port for a specific port the host connected to the specific port cannot manage the Switch If you wish to allow two subscriber ports to talk to each other you must define the egress port for both ports CPU refers to the Switch management po...

Page 100: ...e configure terminal This command changes the node to configure node configure interface IFNAME This command enters the interface configure node interface port isolation ports PORTLISTS This command configures a port or a range of ports to egress traffic from the specific port interface no port isolation This command configures all ports to egress traffic from the specific port Example L2SWITCH co...

Page 101: ... an outgoing port that is a port through which a data packet leaves Selecting a port as an outgoing port means it will communicate with the port currently being configured Select All Deselect All Click Select All to mark all ports as egress ports and permit traffic Click Deselect All to unmark all ports and isolate them Deselecting all ports means the port being configured cannot communicate with ...

Page 102: ...ytes longer than an untagged frame and contains two bytes of TPID Tag Protocol Identifier residing within the type length field of the Ethernet frame and two bytes of TCI Tag Control Information starts after the source address field of the Ethernet frame The CFI Canonical Format Indicator is a single bit flag always set to zero for Ethernet switches If a frame received at an Ethernet port has a CF...

Page 103: ...ld be able to talk to all other members of the subnet by simply sending information to the cable segment The switch is responsible for identifying that the information came from a specific VLAN and for ensuring that the information gets to all other members of the VLAN The switch is further responsible for ensuring that ports in a different VLAN do not receive the information This approach is quit...

Page 104: ...S This command adds a port or a range of ports to the VLAN vlan fixed PORTLISTS This command assigns ports for permanent member of the VLAN vlan no fixed PORTLISTS This command removes all fixed member from the VLAN configure vlan range VLANLIST This command configures a range of VLANs configure no vlan range VLANLIST This command removes a range of VLANs vlan range add PORTLISTS This command adds...

Page 105: ... You can designate multiple port numbers individually by using a comma and by range with a hyphen Apply Click Apply to take effect the settings Refresh Click Refresh to begin configuring this screen afresh VLAN List VLAN ID This field displays the index number of the VLAN entry Click the number to modify the VLAN VLAN Name This field displays the name of the VLAN VLAN Status This field displays th...

Page 106: ...STS This command adds a port or a range of ports to the VLAN vlan tagged PORTLISTS This command assigns ports for tagged member of the VLAN group The ports should be one some of the permanent members of the VLAN vlan no tagged PORTLISTS This command removes all tagged member from the VLAN vlan Untagged PORTLISTS This command assigns ports for untagged member of the VLAN group The ports should be o...

Page 107: ... which is a member of the selected VLAN ID will make it a tag port This means the port will tag all outgoing frames transmitted with the VLAN ID Select All Click Select All to mark all member ports as tag ports Deselect All Click Deselect All to mark all member ports as untag ports Apply Click Apply to take effect the settings Refresh Click Refresh to begin configuring this screen afresh ...

Page 108: ...s tagged acceptable tagged frame only untagged acceptable untagged frame only interface pvid 1 4094 This command configures a VLAN ID for the port default VLAN ID interface no pvid This command configures 1 for the port default VLAN ID configure interface range gigabitethernet1 0 PORTLISTS This command enters the if range configure node if range acceptable frame type all tagged untagged This comma...

Page 109: ...n a port Choices are All VLAN Untagged Only or VLAN Tagged Only Select All from the drop down list box to accept all untagged or tagged frames on this port This is the default setting Select VLAN Tagged Only to accept only tagged frames on this port All untagged frames will be dropped Select VLAN Untagged Only to accept only untagged frames on this port All tagged frames will be dropped Apply Clic...

Page 110: ...be connected to that end node s desired VLAN For end nodes to make use of GVRP they need GVRP aware Network Interface Cards NICs The GVRP aware NIC is configured with the desired VLAN or VLANs then connected to a GVRP enabled switch The NIC communicates with the switch and VLAN connectivity is established between the NIC and switch Registration Mode Normal The normal registration mode allows dynam...

Page 111: ... all ports enable configure terminal This command changes the node to configure node configure gvrp disable enable This command disables enables the GVRP on the switch configure no gvrp configuration This command set GVRP configuration to its defaults configure interface IFNAME This command enters the interface configure node interface gvrp disable enable This command disables enables the GVRP on ...

Page 112: ...State Select Enable to activate the port GVRP function Select Disable to deactivate the port GVRP function Registration Mode Select Normal to allows dynamic creation if dynamic VLAN creation is enabled registration and deregistration of VLANs on the trunk port Select Forbidden to deregister all VLANs except VLAN 1 and prevents any further VLAN creation or registration on the trunk port Apply Click...

Page 113: ...node configure interface IFNAME This command enters the interface configure node interface garp join time 1 65535 leave time 1 65535 leaveall time 1 65535 This command configures the join time leaves time leave all time for the GARP on the specific port interface no garp time This command configures the join time leaves time leaves all time to default for the GARP on the specific port 6 3 3 2 2 We...

Page 114: ...ame from After the checking has done the switch forwards the packet in the corresponding VLAN If no IP subnet classification can be made the packet is followed to the normal VLAN classification methods of the switch The significant benefit of using subnet based VLANs is that the priority can be divided and integrated based on which VLAN the traffic belongs to Notices The 802 1Q port base VLAN shou...

Page 115: ...es 1 6 3 4 2 Web Configuration Parameter Description IP Subnet VLAN Settings IP Address Configures the IP address Subnet Mask Configures the IP subnet mask VLAN Configures the vlan Priority Configures the priority Apply Click Apply to take effect the settings Refresh Click Refresh to begin configuring this screen afresh IP Subnet VLAN Table Action Clicks Delete to delete this rule Total Counts It ...

Page 116: ...02 1Q port base VLAN should be created first 6 3 5 1 CLI Configuration Node Command Description enable show mac vlan This command displays the all of the mac vlan configurations enable configure terminal This command changes the node to configure node configure mac vlan STRINGS vlan 1 4094 priority 0 7 This command creates a mac vlan entry with the leading three or more bytes of mac address and th...

Page 117: ...6 Protocol Based VLAN The Protocol based VLAN allows users to create VLAN with packet frame type The packet frame type can be one of the three frame types EthernetII Non LLC SNAP and LLC SNAP If configuring the EthernetII frame type the configuration will be more detail with the Ethernet type When the user configures the protocol VLAN as LLC SNAP VLAN 22 ports list 1 3 If the Switch receives packe...

Page 118: ...es a protocol vlan entry with LLC SNAP frame type configure no protocol vlan frame type ethernetII ether type STRINGS vlan 1 4094 This command deletes a protocol vlan entry with ethernetII frame type configure no protocol vlan frame type nonLLC SNAP vlan 1 4094 This command deletes a protocol vlan entry with nonLLC SNAP frame type and vlan configure no protocol vlan frame type LLC SNAP vlan 1 4094...

Page 119: ...he ingress PE Provider Edge This VLAN tag corresponds to the VLAN of the Service Provider SP When the frame reaches the destination PE the SP VLAN is stripped off The DA of the encapsulated frame and the VLAN ID are used to take further L2 decisions similar to an Ethernet frame arriving from a physical Ethernet port The SP VLAN tag determines the VPLS Virtual Private LAN Service membership Double ...

Page 120: ...the customer has paid for 0 is the lowest priority level and 7 is the highest VID is the VLAN ID SP VID is the VID for the second or outer service provider s VLAN tag CVID is the VID for the first or inner Customer s VLAN tag The frame formats for an untagged Ethernet frame a single tagged 802 1Q frame customer and a double tagged 802 1Q frame service provider are shown as following untagged frame...

Page 121: ... in Q encapsulation can be based on port or traffic Port based Q in Q is to encapsulate all the packets incoming to a port with the same SPVID outer tag The mode is more inflexible In the following example figure both X and Yare Service Provider s Network SPN customers with VPN tunnels between their head offices and branch offices respectively Both have an identical VLAN tag for their VLAN group T...

Page 122: ...an stacking port based role access L2SWITCH config if vlan stacking spvid 100 L2SWITCH config if vlan stacking priority 4 L2SWITCH config interface gigaethernet1 0 6 L2SWITCH config if vlan stacking port based role tunnel L2SWITCH config if vlan stacking tunnel tpid index 2 L2SWITCH config if exite L2SWITCH config exit L2SWITCH show vlan stacking L2SWITCH show vlan stacking tpid table L2SWITCH sho...

Page 123: ... exit L2SWITCH config vlan 40 L2SWITCH config vlan fixed 3 4 L2SWITCH config vlan tagged 3 L2SWITCH config vlan exit L2SWITCH config vlan 500 L2SWITCH config vlan fixed 3 4 L2SWITCH config vlan tagged 4 L2SWITCH config vlan exit L2SWITCH config vlan 600 L2SWITCH config vlan fixed 3 4 L2SWITCH config vlan tagged 4 L2SWITCH config vlan exit L2SWITCH config vlan 700 L2SWITCH config vlan fixed 3 4 L2S...

Page 124: ...nterface 1 0 4 L2SWITCH config if vlan stacking tunnel tpid index 6 L2SWITCH config if exit L2SWITCH config exit L2SWITCH show vlan stacking L2SWITCH show vlan stacking tpid table L2SWITCH show vlan stacking selective qinq Default Setting VLAN Stacking is disabled 6 3 7 1 VLAN Stacking 6 3 7 1 1 CLI Configuration Node Command Description enable show vlan stacking This command displays the current ...

Page 125: ...his command enters the if range configure node if range vlan stacking tunnel tpid index 1 6 This command sets TPID for a Q in Q tunnel port 6 3 7 1 2 Web Configuration Parameter Description VLAN Stacking Settings Action Select one of the three modes Disable or Port Based or Selective for the VLAN stacking Configures the TPID Table The TPID table has 6 entries ...

Page 126: ...onfigure node interface vlan stacking port based priority 0 7 This command sets the priority in port based Q in Q interface vlan stacking port based role tunnel access normal This command sets VLAN stacking port role interface vlan stacking port based spvid 1 4096 This command sets the service provider s VID of the specified port interface vlan stacking tunnel tpid index 1 6 This command sets TPID...

Page 127: ...hich you want to configure Role Selects one of the three roles Normal and Access and Tunnel for the specific ports SPVID Configures the service provider s VLAN Priority Configures the priority for the specific ports Apply Click Apply to take effect the settings Refresh Click Refresh to begin configuring this screen afresh ...

Page 128: ...profile with the name qinq active This command enables the selective Q in Q profile qinq inactive This command disables the selective Q in Q profile qinq cvid 1 4094 This command specifies the customer s VLAN range on the incoming packets qinq spvid 1 4094 This command sets the service provider s VLAN ID for outgoing packets in selective Q in Q qinq priority 0 7 This command sets priority in selec...

Page 129: ...Configures a port or a range of ports for the tunnel ports CVID Configures a customer s VLAN SPVID Configures a service provider s VLAN Priority Configures an 802 1Q priority for the profile Action Enables Disables the profile Apply Click Apply to take effect the settings Refresh Click Refresh to begin configuring this screen afresh Selective Q in Q Status Action Clicks Delete to delete this Selec...

Page 130: ...tion configuration enable configure terminal This command changes the node to configure node configure vlan translation egressold vlan 1 4094 new vlan 1 4094 priority 0 7 This command configures the egress vlan translation configuration for all ports configure vlan translation ingress port PORT_ID old vlan 1 4094 new vlan 1 4094 priority 0 7 This command configures the vlan translation configurati...

Page 131: ...e vlan translation rule Priority Configures a new priority for the vlan translation rule Old Vlan Configures the vlan for the old vlan in the vlan translation rule New Vlan Configures the vlan for the new vlan in the vlan translation rule Apply Click Apply to take effect the settings Refresh Click Refresh to begin configuring this screen afresh Vlan Translation Status Action Clicks Delete to delet...

Page 132: ...ader has been used for DHCP options DHCP option 67 is used to identify a TFTP server when the file name field in the DHCP header has been used for DHCP options If DHCP server supplys DHCP option 66 and 67 then the user can set it When the switch connects to a network the switch will get DHCP option 66 and 67 s information from DHCP sever The user can put the configure file on the TFTP server The S...

Page 133: ...l This command changes the node to configure node configure dhcp options option_66_67 disable enable This command disables enables the DHCP option 66 and 67 on the Switch configure dhcp options option_66_67 auto backup This command uploads the current configurations to TFTP server The file name is vcmsh_config_MODEL NAME_MAC if you didn t specifiy a filename for it configure dhcp options option_66...

Page 134: ... uniquely identified When you enable the DHCP snooping information option 82 on the switch this sequence of events occurs The host DHCP client generates a DHCP request and broadcasts it on the network When the switch receives the DHCP request it adds the option 82 information in the packet The option 82 information contains the switch MAC address the remote ID sub option and the port identifier vl...

Page 135: ...n The Circuit Form is a string format And its maximum length is 100 characters The keyword SPACE will be replaced with a space character The other keywords get system configurations from the system and then replace the keyword and its leading code in the Circuit form Eventually the content of the circuit form is part of the payload on the DHCP option 82 packet Rules The keyword must have a leading...

Page 136: ...ORT _ SVLAN CVLAN The circuit sub option result is RD Department L2SWITCH 1_44 32 6 4 2 1 CLI Configuration Node Command Description enable show dhcp options This command displays the DHCP options configurations enable configure terminal This command changes the node to configure node configure dhcp options option82 disable enable This command disables enables the DHCP option 82on the Switch confi...

Page 137: ...or the circuit sub option Circuit Shelf The shelf ID for the circuit sub option Circuit Slot The slot ID for the circuit sub option Circuit ID String The String of the circuit ID sub option information Remote ID String The String of the remote ID sub option information Apply Click Apply to take effect the settings Refresh Click Refresh to begin configuring this screen afresh ...

Page 138: ...2 Port Settings Port The port ID Circuit ID String The String of the circuit ID sub option information for the specific port Remote ID String The String of the remote ID sub option information for the specific port ...

Page 139: ...ere are some circumstances where unicast addresses will be used A router for such a subnet receives the DHCP broadcasts converts them to unicast with a destination MAC IP address of the configured DHCP server source MAC IP of the router itself The field identified as the GIADDR in the main DHCP page is populated with the IP address of the interface on the router it received the DHCP request on The...

Page 140: ...s The DHCP Relay in management VLAN should be enabled Default Settings The default global DHCP relay state is disabled The default VLAN DHCP relay state is disabled for all VLANs The default DHCP server is 0 0 0 0 6 5 1 CLI Configuration Node Command Description enable show dhcp relay This command displays the current configurations for the DHCP relay enable configure terminal This command changes...

Page 141: ...01 24 L2SWITCH config if ip address default gateway 172 20 1 1 L2SWITCH config dhcp relay enable L2SWITCH config dhcp relay vlan 1 L2SWITCH config dhcp helper address 172 20 1 1 6 5 2 Web Configuration Parameter Description DHCP Relay Settings State Enables disables the DHCP relay for the Switch VLAN State Enables disables the DHCP relay on the specific VLAN s DHCP Server IP Configures the DHCP se...

Page 142: ...ting Notice If the channel is a single port then the port cannot add into any trunk group 6 6 1 CLI Configuration Node Command Description enable show dual homing This command displays the dual homing information enable configure terminal This command changes the node to configure node configure dual homing disable enable This command disables enables the dual homing function for the system config...

Page 143: ...nfiguration Parameter Description Dual Homing Settings State Enables disables the Dual Homing for the Switch Group ID Selects a group which you want to configure Group State Enables disables the Dual Homing for a group ...

Page 144: ...he channel can be single port or a trunk group Secondary channel Configures Resets the secondary channel for a group The channel can be single port or a trunk group Apply Click Apply to take effect the settings Refresh Click Refresh to begin configuring this screen afresh ...

Page 145: ...onsists of conjoined Ethernet rings by one or more interconnection points The protection switching mechanisms and protocol defined in this Recommendation shall be applicable for a multi ring ladder network if the following principles are adhered to R APS channels are not shared across Ethernet ring interconnections on each ring port each traffic channel and each R APS channel are controlled e g fo...

Page 146: ...d ERPS Revertive and Non Revertive Switching ERPS considers revertive and non revertive operation In revertive operation after the condition s causing a switch has cleared the traffic channel is restored to the working transport entity i e blocked on the RPL In the case of clearing of a defect the traffic channel reverts after the expiry of a WTR timer which is used to avoid toggling protection st...

Page 147: ...g left port PORTID type owner neighbor normal This command configures the left port and type for the ERPS ring erps ring mel 0 7 This command configures a Control MEL for the ERPS ring erps ring name STRING This command configures a name for the ERPS ring erps ring revertive This command configures the revertive mode for the ERPS ring erps ring no revertive This command configures then on revertiv...

Page 148: ...Name Configures the ring name Up to 32 characters Revertive Enables disables the revertive mode Instance Configures the instance for the ring The Valid value is from 0 to 30 0 Disable means the ERPS is running in version 1 The control VLAN of the instance should be same as below Control VLAN Control VLAN Configures the Control VLAN which is the ERPS control packets domain for the ring Version Conf...

Page 149: ...PS version 2 the instance is a profile specifies a control vlan and a data vlan or multiple data vlans for the ERPS In ERPS it can separate the control packets and data packets in different vlans The control packets is in the Control VLAN and the data packets can be in one or multiple data vlan And then user can assign an instance to an ERPS ring easily In ERPS version 1 if a port is blocked by ER...

Page 150: ...ription Instance Settings Instance Configures the instance ID The valid value is from 1 to 31 Control VLAN Configures the control vlan for the instance The valid value is from 1 to 4094 Data VLAN Configures the data vlan for the instance The valid value is from 1 to 4094 It can be one or multiple vlans Apply Click Apply to take effect the settings Refresh Click Refresh to begin configuring this sc...

Page 151: ...d control over the trunk groups on your Switch 6 8 1 1 CLI Configuration Node Command Description enable show link aggregation The command displays the current trunk configurations enable configure terminal This command changes the node to configure node configure link aggregation GROUP_ID disable enable The command disables enables the trunk on the specific trunk group configure link aggregation ...

Page 152: ... logical link containing multiple ports Select Enable to use this static trunk group Load Balance Configures the load balance algorithm MAC IP for the specific trunk group Member Ports Select the ports to be added to the static trunk group Apply Click Apply to take effect the settings Refresh Click Refresh to begin configuring this screen afresh ...

Page 153: ...network topology loops System Priority The switch with the lowest system priority and lowest port number if system priority is the same becomes the LACP server The LACP server controls the operation of LACP setup Enter a number to set the priority of an active port using Link Aggregation Control Protocol LACP the smaller the number the higher the priority level System ID The LACP system ID is the ...

Page 154: ... or all ports configure lacp system priority 1 65535 This command configures the system priority for the LACP Note The default value is 32768 configure no lacp system priority This command configures the default for the system priority for the LACP configure interface IFNAME This command enters the interface configure node interface lacp port_priority 1 65535 This command configures the priority f...

Page 155: ... system priority is the same becomes the LACP server The LACP server controls the operation of LACP setup Enter a number to set the priority of an active port using Link Aggregation Control Protocol LACP The smaller the number the higher the priority level Group LACP Select a trunk group ID and then select whether to Enable or Disable Group Link Aggregation Control Protocol for that trunk group Po...

Page 156: ...D This command displays the LACP neighbor s information for the specific group or all groups 6 8 3 2 Web Configurations Parameter Description LACP Information Group ID Select a LACP group that you want to view Apply Click Apply to take effect the settings Neighbors Information Port The LACP member port ID System Priority LACP system priority is used to determine link aggregation group LAG membersh...

Page 157: ... port s state of the neighbor Switch Port Priority The direct connected port s priority of the neighbor Switch Oper Key The Oper key of the neighbor Switch Internal Information Port The LACP member port ID Port Priority The port priority of the LACP member port Admin Key The Admin key of the LACP member port Oper Key The Oper key of the LACP member port Port State The port state of the LACP member...

Page 158: ...oop Recovery When the loop detection is enabled the Switch will send one probe packets every two seconds and then listen this packet If it receives the packet at the same port the Switch will disable this port After the time period recovery time the Switch will enable this port and do loop detection again The Switch generates syslog internal log messages as well as SNMP traps when it shuts down a ...

Page 159: ...ort interface loop detection recovery time 1 60 This command configures the recovery period time configure interface range gigabitethernet1 0 PORTLISTS This command enters the if range configure node if range loop detection disable enable This command disables enables the loop detection on the ports if range loop detection recovery disable enable This command enables disables the recovery function...

Page 160: ... the port will be shut down Port Select a port on which to configure loop guard protection State Select Enable to use the loop guard feature on the Switch Recovery State Select Enable to reactivate the port automatically after the designated recovery time has passed Recovery Time Specify the recovery time in minutes that the Switch will wait before reactivating the port This can be between 1 to 60...

Page 161: ...e This field displays if the loop guard feature is enabled Status This field displays if the port is blocked Manual Recovery Clicks Unblock to reactivate the port manually Recovery State This field displays if the loop recovery feature is enabled Recovery Time min This field displays the recovery time for the loop recovery feature ...

Page 162: ...base address of Tripp Lite switches is 1001 decimal for Function Code 4 Address Offset Data Type Interpretation Description System Information 0x0000 1 word HEX Vendor ID 0x0b04 0x0001 16 words ASCII Vendor Name Tripp Lite Word 0 Hi byte T Word 0 Lo byte r Word 1 Hi byte i Word 1 Lo byte p Word 2 Hi byte p Word 2 Lo byte Word 3 Hi byte L Word 3 Lo byte i Word 4 Hi byte t Word 4 Lo byte e Word 5 Hi...

Page 163: ... 01 02 03 04 05 Word 0 Hi byte 0 x 00 Word 0 Lo byte 0 x 01 Word 1 Hi byte 0 x 02 Word 1 Lo byte 0 x 03 Word 2 Hi byte 0 x 04 Word 2 Lo byte 0 x 05 0x0080 1 word HEX Power 1 PWR Alarm DIP switch 1 need ON 0x0000 no alarm 0x0001 input voltage 44V 0x0002 input voltage 57V 0x0003 No PWR input 0x0081 1 word HEX Power 2 RPS Alarm DIP switch 1 need ON 0x0000 no alarm 0x0001 input voltage 44V 0x0002 inpu...

Page 164: ...12 Word 1 3456 0x0480 to 0x0493 port 1 to 6 2 words HEX Port 1 to 6 Tx Error Packets Ex port 1 Tx Error Packet Amount 0x87654321 Word 0 8765 Word 1 4321 0x04C0 to 0x04D3 port 1 to 6 2 words HEX Port 1 to 6 Rx Error Packets Ex port 1 Rx Error Packet Amount 0x123456 Word 0 0012 Word 1 3456 STP Information 0x0500 1 word HEX STP Status 0x0000 STP is disabled 0x0001 STP 0x0002 RSTP 0x0003 MSTP Xpress R...

Page 165: ...HEX Primary Port Status of Xpress ring1 0x0000 link down 0x0001 forwarding 0x0002 blocking 0x051f 1 word HEX Secondary Port Status of Xpress ring1 0x0000 link down 0x0001 forwarding 0x0002 blocking 0x0520 1 word HEX Primary Port Status of Xpress ring2 0x0000 link down 0x0001 forwarding 0x0002 blocking 0x0521 1 word HEX Secondary Port Status of Xpress ring2 0x0000 link down 0x0001 forwarding 0x0002...

Page 166: ...ect this option to enable disable the Modbus on the Switch Apply Click Apply to take effect the settings Refresh Click Refresh to begin configuring this screen afresh Modbus TCP Information Download Clicks the Download button to download all of the regisers information to load host ...

Page 167: ...PoE standardization to provide power over Ethernet cabling Some are still in active use The new IEEE 802 3bt 2013 standard enables delivery of 90W over four pairs of Cat5e cables and above Such PoE level is expected to be the maximum level defined as higher levels may not be safe for the existing cabling and connectors deployed in today s infrastructures The standard will replace all existing pre ...

Page 168: ... pair mode 4 pair mode Power Devices Power Levels Available Class Usage Classification current mA Power range Watt Class description 0 Default 0 4 0 44 12 94 Classification unimplemented 1 Optional 9 12 0 44 3 84 Very Low power 2 Optional 17 20 3 84 6 49 Low power 3 Optional 26 30 6 49 12 95 Mid power 4 Reserved 36 44 12 95 25 50 High power For IEEE 802 3at type 2 devices class 4 instead of Reserv...

Page 169: ...isables or enables the global PoE for the Switch configure poe perpetual enable disable This command disables or enables the PoE perpetual mode for the Switch configure poe fast enable disable This command disables or enables the fast PoE for the Switch configure poe total power This command configures the total power which the Switch can support configure interface IFNAME This command enters the ...

Page 170: ...elect this option to enable disable the Prepetual PoE on the Switch Total Power W Configure the total power for the Switch Port Selects a port or a range of ports that you want to configure the PoE function State Select this option to enable disable the PoE on the specific ports Priority Selects Critical High Low priority for the specific ports Maximum Power Limit Configures maximum power limit fo...

Page 171: ...s mode which the PSE negotiate with the PD on the specific port Consuming Power mW Displays the consuming power for the specific port Power Allocated mW Displays the power allocated for the specific port Current Status mA Displays the current status for the specific port 6 11 2 PD Alive Check The function has a global state configuration If the global state configuration is enabled The Switch will...

Page 172: ...e node configure pd alive disable enable This command disables or enables the global PD Alive Check for the Switch configure interface IFNAME This command enters the interface configure node interface pd alive action reboot alarm all none This command configures the action when the system detects that the host cannot respond the keep a live probe packet interface pd alive interval 10 120 This comm...

Page 173: ...d the packet probes to check if the host is still alive Retry Time The retry times when no response from the host for the keep a live probe packet Action The action to the Power Device when the system detects that the Power Device cannot respond the keep a live probe packet The options have Reboot Alarm All None Power Off Time When PD has been rebooted the PoE port restored power after the Power O...

Page 174: ...is command enters the interface configure node interface poe power delay enable disable This command enables disables of the Power Delay function for the specific port interface poe power delay time 0 300 This command configures the delay time of the Power Delay for the specific port configure interface range gigabitethernet1 0 PORTLISTS This command enters the if range configure node if range poe...

Page 175: ...Selects a port or a range of ports which you want to configure State Enables Disables the PoE Power Delay for these specific ports Time The delay time for the specific ports Apply Click Apply to take effect the settings Refresh Click Refresh to begin configuring this screen afresh ...

Page 176: ...rval between Start time and End Time the Switch will not send power to the port 6 11 4 1 CLI Configuration Node Command Description enable show poe schedule port PORT_ID This command displays the PoE port schedule configurations enable configure terminal This command changes the node to configure node configure interface IFNAME This command enters the interface configure node interface poe schedul...

Page 177: ...pecific ports Week Select a week day that you want to configure the schedule Check Enables or Disables the PoE schedule on the specific port for a defined time period Action Enables Disables the PoE on the specific port for a defined time period Time Hour Select the schedule time period Apply Click Apply to take effect the settings Refresh Click Refresh to begin configuring this screen afresh ...

Page 178: ...C algorithm and identifies itself as either master or member 2 Clock Synchronization a Master sends Sync message to member b Member sends DReq Delay Request message to master c Master sends Dresp Delay Response message to member d Member will adjust its clock by using parameters in above messages 6 12 1 General Settings 6 12 1 1 CLI Configuration Node Command Description Enable show ptp informatio...

Page 179: ...te existing primary domain ID from PTP and adds default domain ID 0 as primary domain ID L2SWITCH config no ptp primary domain 6 12 1 2 Web Configuration Parameter Description PTP Settings PTP State Enables Disables the global PTP state Domain ID Creates Removes a Domain Primary Domain Configure the primary domain Apply Click Apply to take effect the settings Refresh Click Refresh to begin configu...

Page 180: ...mand Description Enable show ptp domain Domain ID This command displays specified PTP domain configurations enable configure terminal This command changes the node to configure node configure ptp primary domain Domain ID This command configures a specified Domain ID as the PTP s primary domain configure no ptp primary domain This command resets the primary domain ID default domain ID 0 configure p...

Page 181: ...lue 128 ptp_config path trace This command enables path trace TLV and adds TLV in list ptp_config no path trace This command disables path trace TLV in domain and deletes it from list ptp_config slave This command enables PTP domain as slave PTP domain will be act as member in PTP network ptp_config no slave This command disables PTP domain as slave only Based on clock data sets it can be act as e...

Page 182: ...n domain and delete it from list Slave Enable enables PTP domain as slave PTP domain will be act as member in PTP network Disable disables PTP domain as slave only Based on clock data sets it can be act as either slave or master Two Step Clock Enable enables two step clock mode in PTP domain Disable disables two step clock mode and acts as one step clock as default Clock Priority_1 Configures a pr...

Page 183: ...It forward all received PTP messages in domain ports Acceptable Master Priority Enable enables PTP port in domain as acceptable master Disable deletes PTP port in domain from acceptable master list Apply Click Apply to take effect the settings Refresh Click Refresh to begin configuring this screen afresh Domain Status Domain ID The domain ID Domain Status The current state of the domain Slave The ...

Page 184: ...ster enable This command enables PTP port in domain as acceptable master ptp_config_port no acceptable master enable This command deletes PTP port in domain from acceptable master list ptp_config_port announce interval 0 4 This command configures to send periodical announce messages in specified intervals in PTP port ptp_config_port no announce interval This command deletes existing announce inter...

Page 185: ...elects a domain ID to configure Port Selects a port to join the domain Acceptable Master Enable enables PTP port in domain as acceptable master Disable deletes PTP port in domain from acceptable master list Sync Interval Add configures synchronization interval of PTP port as specified value Default deletes existing synchronization interval from PTP port and adds default value 0 ...

Page 186: ... interval 1 Announce Timeout Add configures specified value as announce time in PTP port Default deletes existing announce timeout from PTP port and adds default timeout 3 Vlan ID Add configures specified VLAN list to PTP port Remove deletes specified VLAN list from PTP port Apply Click Apply to take effect the settings Refresh Click Refresh to begin configuring this screen afresh ...

Page 187: ...bout the service type it requests 2 PPPoE IA intercepts PPPoE discovery frames from the client and inserts a unique line identifier circuit id remote id using the PPPoE Vendor Specific tag 0x0105 to PADI PPPoE Active Discovery Initiation packets The PPPoE IA forwards these packets to the PPPoE server after the insertion 3 After receiving a PADI packet that it can serve a PPPoE server replies with ...

Page 188: ... IANA entry 1 and 2 are PPPoE intermediate agent sub options which contain additional information about the PPPoE client Sub Option Format There are two types of sub option Agent Circuit ID Sub option and Agent Remote ID Sub option They have the following formats Table 2PPPoE IA Circuit ID Sub option Format User defined String SubOpt Length Value N 1 byte 0x01 1 byte String 64 bytes Table 3PPPoE I...

Page 189: ...rt and no set the flexible Circuit ID syntax in the Switch the Switch automatically generates a Circuit ID string according to the default Circuit ID syntax which is defined in the DSL Forum Working Text WT 101 The default access node identifier is the hostname of the PPPoE intermediate agent and the eth indicates Ethernet and the slot id is 0 SubOpt Length Value N 1 byte 0x01 1 byte Access node i...

Page 190: ...on an untrusted port 6 13 1 Global Configuration 6 13 1 1 CLI Configuration Node Command Description enable show pppoe intermediate agent configuration This command displays the current configurations for the PPPoE IA enable configure terminal This command changes the node to configure node configure pppoe intermediate agent enable disable This command disables enables the PPPoE IA on the switch c...

Page 191: ...PPoE IAcircuit idon specific VLANs configure no pppoe intermediate agent remote id vlan This no command disables thePPPoE IAremote idon all VLANs configure no pppoe intermediate agent remote id vlan VLANLISTS This no command disables thePPPoE IAremote idon specific VLANs Example L2SWITCH config pppoe intermediate agent enable L2SWITCH config pppoe intermediate agent vlan 1 100 200 300 L2SWITCH con...

Page 192: ...es the node to configure node configure interface IFNAME This command enters the interface configure node interface pppoe intermediate agent enable disable This command disables enables the PPPoE IA on specific interface for the PPPoE IA interface pppoe intermediate agent trust This command setsaphysical interfaceastrusted port interface pppoe intermediate agent format type circuit id remote id id...

Page 193: ...rcuit id remote id This command removes circuit ID or remote ID string on specific VLANs of interface for the PPPoE IA Example L2SWITCH config pppoe intermediate agent enable L2SWITCH config pppoe intermediate agent vlan 1 100 200 300 L2SWITCH config pppoe intermediate agent circuit id vlan 1 100 200 300 L2SWITCH config pppoe intermediate agent remote id vlan 1 100 200 300 L2SWITCH config pppoe in...

Page 194: ... number you want to configure on this screen State Selects Enable to activate the port or Disable to deactivate the port Trusted Selects yes to sets a physical interface as trusted port Vendor Tag Set the retransmitting policy of the specific interface for the PADO PADS packet keep replace strip Default Keep ...

Page 195: ...rface VLAN Selects Add to increase the interface Vlan or Remove to delete the interface Vlan Circuit ID String User defined circuit ID string on specific interface vlan for the PPPoE IA Remote ID String User defined remote ID string on specific interface vlan for the PPPoE IA Apply Click Apply to take effect the settings Refresh Click Refresh to begin configuring this screen afresh ...

Page 196: ... the node to configure node configure clear pppoe intermediate agent statistics This command clears the statistics for the PPPoE IA configure clear pppoe intermediate agent statistics by vlan VLANLISTS This command clears the statistics by specific VLANs for the PPPoE IA 6 13 3 2 Web Configuration Parameter Description PPPoE IA Statistics VLAN Displays the current statistics of the vlan for the PP...

Page 197: ...197 Clear Clear the statistics of the valn ...

Page 198: ...forwarding status This command displays the current configuration of the ip forwarding status enable show ip routes all ipv4 ipv6 This command displays the configurations of IPv4 or IPv6 or both routes from routing table enable show ip arp all ipv4 ipv6 This command displays dynamic and static IPv4 orIPv6or both ARP entries in ARP table enable show ip hosts all ipv4 ipv6 This command displays assi...

Page 199: ...on the specified IPv4 interface route If there is no assigned IP addresses for the specified interface after deleting then it will automatically disables routing in interface L3 interface no ipv4 address IPv6_ADDR M This command deletes a specified IPv6 interface route from the interface This command deletes all dependent static routes on the specified IPv6 interface route If there is no assigned ...

Page 200: ...6 interface route to a interface vlan L2SWITCH config interface vlan 1 L2SWITCH config if vlan l3 L2SWITCH config if vlan l3 ipv4 address 192 168 20 1 24 L2SWITCH config if vlan l3 ipv6 address 1234 ab ccdd 120 Deleting IPv4 IPv6 address This command is used to delete an IPv4 IPv6 interface route from a interface vlan L2SWITCH config if vlan l3 no ipv4 address 192 168 20 1 24 L2SWITCH config if vl...

Page 201: ...les disables the route to act as an ARP proxy globally IPv4 ARP Table Adds a static IPv4 ARP entry in the ARP table Deletes a static IPv4 ARP entry from the ARP table IP The IP address for the entry MAC The MAC address for the entry IPv6 ARP Table Adds a static IPv6 ARP entry in the ARP table Deletes a static IPv6 ARP entry from the ARP table ...

Page 202: ...ask for the entry IP The static route address for the Static Route type only IPv6 Adds an IPv6 Interface Route Static Route onto the interface vlan Deletes an IPv6 Interface Route Static Route from the interface vlan Selects the route type Interface Route or Static Route IP M The IP address and the net mask for the entry IP The static route address for the Static Route type only Apply Click Apply ...

Page 203: ...es a topology change first notifies the root bridge and then the root bridge notifies the network Both RSTP and STP flush unwanted learned addresses from the filtering database In STP the port states are Blocking Listening Learning Forwarding In RSTP the port states are Discarding Learning and Forwarding Note In this document STP refers to both STP and RSTP STP Terminology The root bridge is the b...

Page 204: ...STP Works After a bridge determines the lowest cost spanning tree with STP it enables the root port and the ports that are the designated ports for connected LANs and disables all other ports that participate in STP Network packets are therefore only forwarded between enabled ports eliminating any possible network loops STP aware switches exchange Bridge Protocol Data Units BPDUs periodically When...

Page 205: ... port 802 1w RSTP In 1998 the IEEE with document 802 1w introduced an evolution of the Spanning Tree Protocol Rapid Spanning Tree Protocol RSTP which provides for faster spanning tree convergence after a topology change Standard IEEE 802 1D 2004 now incorporates RSTP and obsoletes STP While STP can take 30 to 50 seconds to respond to a topology change RSTP is typically able to respond to changes w...

Page 206: ...o be blocked by STP if a network loop is detected BPDU Guard This is a per port setting If the port is enabled in BPDU guard and receive any BPDU the port will be set to disable to avoid the error environments User must enable the port by manual BPDU Filter It is a feature to filter sending or receiving BPDUs on a switch port If the port receives any BPDUs the BPDUs will be dropped Notice If both ...

Page 207: ...e times forward delay max age hello time configure no spanning tree algorithm timer This command configures the default values for forward time max age hello time configure spanning tree forward time 4 30 This command configures the bridge forward delay time sec configure no spanning tree forward time This command configures the default values for forward time configure spanning tree hello time 1 ...

Page 208: ...ary data loops might result The allowed range is 4 to 30 seconds Max Age This is the maximum time in seconds the Switch can wait without receiving a BPDU before attempting to reconfigure All Switch ports except for designated ports should receive BPDUs at regular intervals Any port that age out STP information provided in the last BPDU becomes the designated port for the attached LAN If it is a ro...

Page 209: ...he node to configure node configure interface IFNAME This command enters the interface configure node interface spanning tree disable enable This command configures enables disables the STP function for the specific port interface spanning tree bpdufilter disable enable This command configures enables disables the bpdu filter function for the specific port interface spanning tree bpduguard disable...

Page 210: ...g tree rootguard disable enable This command enables disables the BPDU Root guard port setting for the specific port if range spanning tree edge port disable enable This command enables disables the edge port setting for the specific port if range spanning tree cost VALUE This command configures the cost for the specific port Cost range 16 bit based value range 1 65535 32 bit based value range 1 2...

Page 211: ...y Configures the priority for the specific port Edge Port Configures the port type for the specific port Edge or Non Edge BPDU Filter Enables Disables the BPDU filter function for the specific port BPDU Guard Enables Disables the BPDU guard function for the specific port ROOT Guard Enables Disables the BPDU root guard function for the specific port Apply Click Apply to take effect the settings Ref...

Page 212: ...f the BPDU filter function BPDU Guard The state of the BPDU guard function ROOT Guard The state of the BPDU Root guard function 6 15 3 STP Status 6 15 3 1 Web Configurations Parameter Description Current Root Status MAC address This is the MAC address of the root bridge Priority Root refers to the base of the spanning tree the root bridge This field displays the root bridge s priority This Switch ...

Page 213: ...tached to the network Hello Time This is the time interval in seconds between BPDU Bridge Protocol Data Units configuration message generations by the root switch Forward Delay This is the maximum time in seconds the Switch will wait before changing states This delay is required because every switch must receive information about topology changes before it starts to forward frames In addition each...

Page 214: ... state is forced to be the same as the IST port state MST ports at the boundary are in the forwarding state only when the IST port is forwarding An IST port at the boundary can have any port role except a backup port role On a shared boundary link the MST ports wait in the blocking state for the forward delay time to expire before transitioning to the learning state The MST ports wait another forw...

Page 215: ... same name A region can have one member or multiple members with the same MST configuration each member must be capable of processing RSTP BPDUs There is no limit to the number of MST regions in a network but each region can support up to 16 spanning tree instances You can assign a VLAN to only one spanning tree instance at a time 6 15 4 1 General Settings 6 15 4 1 1 CLI Configurations Node Comman...

Page 216: ...rations for the MSTP mst apply This command applies configurations to current instant mst Instance 1 63 vlan VLANLIST This command configures the instance and vlan map The target vlan number ex 10 or range ex 1 10 mst name This command configures a region name for the MSTP mst no name This command reset the region name for the MSTP mst revision This command configures the revision for the MSTP mst...

Page 217: ...ltiple Spanning Tree Protocol Configuration Parameters Region Name Configures the region name for the Switch Revision Configures the revision for the Switch Instance Selects an instance which you want to configure Priority Configures the priority for the instance Priority is used in determining the root switch root port and designated port The switch with the highest priority lowest numeric value ...

Page 218: ... the MSTP configurations enable show spanning tree mst instance 0 63 interface IFNAME This command displays specific instance configurations on an interface of the MSTP enable configure terminal This command changes the node to configure node configure spanning tree mst forward time 4 30 This command configures the forward time for the MSTP configure no spanning tree mst forward time This command ...

Page 219: ...t The allowed range is 4 to 30 seconds Hello Time This is the time interval in seconds between BPDU Bridge Protocol Data Units configuration message generations by the root switch The allowed range is 1 to 10 seconds Max Age This is the maximum time in seconds the Switch can wait without receiving a BPDU before attempting to reconfigure All Switch ports except for designated ports should receive B...

Page 220: ...nning tree bpdufilter disable enable This command configures enables disables the bpdu filter function for the specific port interface spanning tree bpduguard disable enable This command configures enables disables the bpdu guard function for the specific port interface spanning tree rootguard disable enable This command enables disables the BPDU Root guard port setting for the specific port inter...

Page 221: ... spanning tree edge port disable enable This command enables disables the edge port setting for the specific port if range spanning tree cost VALUE This command configures the cost for the specific port Cost range 16 bit based value range 1 65535 32 bit based value range 1 200000000 if range no spanning tree cost This command configures the path cost to default for the specific port if range spann...

Page 222: ...ath Cost Configures the path cost for the specific port Priority Configures the priority for the specific port Port Selects a port or a range of ports that you want to configure Active Enables Disables the spanning tree function for the specific port Edge Port Configures the port type for the specific port Edge or Non Edge BPDU Filter Enables Disables the BPDU filter function for the specific port...

Page 223: ...Alternated Designated Root Backup None Status The port s status Should be one of the Discarding Blocking Listening Learning Forwarding Disabled Path Cost The port s path cost Priority The port s priority Edge Port The state of the edge function BPDU Filter The state of the BPDU filters function BPDU Guard The state of the BPDU guards function ROOT Guard The state of the BPDU Root guard function 6 ...

Page 224: ...ge This is the maximum time in seconds the Switch can wait without receiving a configuration message before attempting to reconfigure Hello Time This is the time interval in seconds at which the root switch transmits a configuration message The root bridge determines Hello Time Max Age and Forwarding Delay Forward Delay This is the time in seconds the root switch will wait before changing states R...

Page 225: ...225 Priority This is the priority of the Switch Refresh Click Refresh to begin configuring this screen afresh ...

Page 226: ...ors even when either one of PHY layer mechanisms has deemed the transmission medium bidirectional 6 16 1 Port Settings 6 16 1 1 CLI Configurations Node Command Description enable show udld status This command displays the UDLD global settings enable show udld port status This command displays the ports settings enable show udld neighbor This command displays the port s neighbor information enable ...

Page 227: ...t example port 1 L2SWITCH configure terminal L2SWITCH config interface port_1 L2SWITCH config if udld port aggressive Case 6 To disable aggressive mode on a specific port example port 1 L2SWITCH configure terminal L2SWITCH config interface port_1 L2SWITCH config if no udld port aggressive Display Commands L2SWITCH show udld status UDLD state enabled UDLD message interval time 7 seconds UDLD neighb...

Page 228: ...never it receives a neighbor information advertisement 6 Status shows a Active If neighbor is participating in advertisement and it last refreshed time is less than message interval time So it is actively updating from the connected switch b Inactive Last refreshment of neighbor information is more than message time interval It is getting updated actively from connected switch 6 16 1 2 Web Configu...

Page 229: ...essive Selects enable to let the port working in Aggressive mode Selects disable to let the port working in Normal mode Apply Click Apply to take effect the settings Refresh Click Refresh to begin configuring this screen afresh Port Status State Display the current UDLD port state for the specific port Aggressive Display the current Aggressive state for the specific port Bidirectional State Displa...

Page 230: ...or Information Select Port Selects Enable or Disable to enable or disable the global UDLD state Port The local port number Device Name The device name of the neighbor Switch Device ID The device ID of the neighbor Switch Port ID The port number of the neighbor Switch connected to this port Neighbor State The operational state of the neighbor Switch Refresh Click Refresh to begin configuring this s...

Page 231: ... multicast MAC If you want to enable the STP RSTP and Xpress Ring on a Switch you should disable the STP RSTP on the Xpress Ring s member ports If you want to enable the Loop Detection and Xpress Ring on a Switch you should disable the Loop Detection on the Xpress Ring s member ports If you want to enable the Broadcast Storm and Xpress Ring on a Switch you should disable the Broadcast Storm on the...

Page 232: ...set the primary port configure xpress ring ring RING1 RING2 secondary port PORTID This command configures the secondary port for the ring on the Switch Notice If the global xpress ring is disabled or ring state is disabled you can input 0 to reset the primary port 6 17 2 Web Configuration Parameter Description Xpring Ring Settings Global State Enables Disable the global Xpress ring function State ...

Page 233: ...e ring Apply Click Apply to take effect the settings Refresh Click Refresh to begin configuring this screen afresh Xpress Ring Status State The current state of the ring Destination MAC The destination MAC for the ring Role The current role of the ring Primary Port The current primary port and its status Secondary Port The current secondary port and its status ...

Page 234: ...ork security by filtering un trusted DHCP messages and by building and maintaining a DHCP snooping binding database which is also referred to as a DHCP snooping binding table DHCP snooping acts like a firewall between un trusted hosts and DHCP servers You can use DHCP snooping to differentiate between un trusted interfaces connected to the end user and trusted interfaces connected to the DHCP serv...

Page 235: ...packet do not match any of the current bindings The packet is a RELEASE or DECLINE packet and the source MAC address and source port do not match any of the current bindings The rate at which DHCP packets arrive is too high DHCP Snooping Database The Switch stores the binding table in volatile memory If the Switch restarts it loads static bindings from permanent memory but loses the dynamic bindin...

Page 236: ...lease B DHCP Client 1 ipconfig renew DHCP Client 1 can get an IP address 2 Enable the global DHCP Snooping A L2SWITCH config dhcp snooping B DHCP Client 1 ipconfig release C DHCP Client 1 ipconfig renew DHCP Client 1 can get an IP address 3 Enable the global DHCP Snooping and VLAN 1 DHCP Snooping A L2SWITCH config dhcp snooping B L2SWITCH config dhcp snooping vlan 1 C DHCP Client 1 ipconfig releas...

Page 237: ...iption enable show dhcp snooping This command displays the current DHCP snooping configurations enable configure terminal This command changes the node to configure node configure dhcp snooping disable enable This command disables enables the DHCP snooping on the switch configure dhcp snooping vlan VLANLISTS This command enables the DHCP snooping function on a VLAN or range of VLANs configure no d...

Page 238: ... Enabled or Disabled Enabled on VLAN This field displays the VLAN IDs that have DHCP snooping enabled on them This will display None if no VLANs have been set 7 1 1 2 Port Settings 7 1 1 2 1 CLI Configurations Node Command Description enable show dhcp snooping This command displays the current DHCP snooping configurations enable configure terminal This command changes the node to configure node co...

Page 239: ... port for the specific ports if range no dhcp snooping trust This command configures the un trust port for the specific ports 7 1 1 2 2 Web Configurations Parameter Description Port Settings Port Select a port number to modify its configurations Trust Configures the specific port if it is a trust port Maximum Host Count Enter the maximum number of hosts 1 32 that are permitted to simultaneously co...

Page 240: ...rs are configured it means all DHCP server are valid 7 1 1 3 1 CLI Configurations Node Command Description enable show dhcp snooping server This command displays the valid DHCP server IP enable configure terminal This command changes the node to configure node configure dhcp snooping server IPADDR This command configures a valid DHCP server s IP configure no dhcp snooping server IPADDR This comman...

Page 241: ... one static binding If you try to create a static binding with the same MAC address and VLAN ID as an existing static binding the new static binding replaces the original one 7 1 2 1 Static Entry 7 1 2 1 1 CLI Configurations Node Command Description enable show dhcp snooping binding This command displays the current DHCP snooping binding table enable configure terminal This command changes the nod...

Page 242: ... screen afresh Static Binding Table No This field displays a sequential number for each binding Click it to update an existing entry MAC Address This field displays the source MAC address in the binding IP Address This field displays the IP address assigned to the MAC address in the binding Lease Hour This field displays how long the binding is valid VLAN This field displays the source VLAN ID in ...

Page 243: ...s screen 7 1 2 2 1 CLI Configurations Node Command Description enable show dhcp snooping binding This command displays the current DHCP snooping binding table 7 1 2 2 2 Web Configurations Parameter Description DHCP Snooping Binding Table MAC Address This field displays the source MAC address in the binding IP Address This field displays the IP address assigned to the MAC address in the binding Lea...

Page 244: ...ercepted packets has a valid IP to MAC address binding before it updates the local ARP cache or before it forwards the packet to the appropriate destination Trusted and untrusted port This setting is independent of the trusted and untrusted setting of the DHCP Snooping The Switch does not discard ARP packets on trusted ports for any reasons The Switch discards ARP packets on un trusted ports if th...

Page 245: ...n function on a VLAN or range of VLANs configure no arp inspection vlan VLANLISTS This command disables the ARP Inspection function on a VLAN or range of VLANs configure interface IFNAME This command enters the interface configure node interface arp inspection trust This command configures the trust port for the specific port interface no arp inspection trust This command configures the un trust p...

Page 246: ...t does not match any of the current bindings The rate at which ARP packets arrive is too high You can specify the maximum rate at which ARP packets can arrive on un trusted ports Select All Click this to set all ports to trusted Deselect All Click this to set all ports to un trusted Apply Click Apply to take effect the settings Refresh Click Refresh to begin configuring this screen afresh ARP Insp...

Page 247: ...ink down and ARP Inspection was enabled Switch will remove the MAC filter entries learned by this port The maximum entry of the MAC address filter table is 256 When MAC address filter table of ARP Inspection is full the Switch receives unauthorized ARP packet and it automatically creates a SYSLOG and drop this ARP packet The SYSLOG event happens on the first time 7 1 3 2 1 CLI Configurations Node ...

Page 248: ...begin configuring this screen afresh Filter Table No This field displays a sequential number for each MAC addressfilter MAC Address This field displays the source MAC address in the MAC addressfilter VLAN This field displays the source VLAN ID in the MAC address filter Port This field displays the source port of the discarded ARP packet Expiry min This field displays how long in minutes the MAC ad...

Page 249: ...a specific source MAC address Command sourcemac host MACADDR 2 Filter a specific destination MAC address Command destination mac host MACADDR 3 Filter a range of source MAC address Command sourcemac MACADDR MACADDR The second MACADDR is a mask for example ffff ffff 0000 4 Filter a range of destination MAC address Command destination mac MACADDR MACADDR The second MACADDR is a mask for example ffff...

Page 250: ...emark acl action dscp remarking 0 63 This command actives this profile and specify that it is for DSCP remark And configures the new DSCP value which will be override to all packets matched this profile acl action 802 1p remarking 0 7 This command actives this profile and specify that it is for 802 1p remark And configures the new 802 1p value which will be override to all packets matched this pro...

Page 251: ...ASK This command configures the destination IP address and mask for the profile acl no destination ip This command removes the destination IP address from the profile acl l4 source port IPADDR This command configures UDP TCP source port for the profile acl no l4 source port IPADDR This command removes the UDP TCP source port from the profile acl L4 destination port PORT This command configures the...

Page 252: ...to 172 20 255 255 Example L2SWITCH configure terminal L2SWITCH config access list 111 L2SWITCH config acl vlan 2 L2SWITCH config acl source interface 1 L2SWITCH config acl show Profile Name 111 Activate disabled VLAN 2 Source Interface 1 Destination MAC Address any Source MAC Address any Ethernet Type any Source IP Address any Destination IP Address any Source Application any Destination Applicati...

Page 253: ...rmits DSCP 802 1P action for the profile Ethernet Type Configures the Ethernet type of the packets for the profile VLAN Configures the VLAN of the packets for the profile Source MAC Configures the source MAC of the packets for the profile Mask of Source MAC Configures the bitmap mask of the source MAC of the packets for the profile If the Source MAC field has been configured and this field is empt...

Page 254: ...empty it means the profile will filter the one IP configured in Source IP field Destination IP Configures the destination IP of the packets for the profile Mask of Destination IP Configures the bitmap mask of the destination IP of the packets for the profile If the Destination IP field has been configured and this field is empty it means the profile will filter the one IP configured in Destination...

Page 255: ...rd or digital certificate to the authenticator and the authenticator forwards the credentials to the authentication server for verification If the credentials are valid in the authentication server database the supplicant client device is allowed to access resources located on the protected side of the network Upon detection of the new client supplicant the port on the switch authenticator is enab...

Page 256: ...eauthentication Specify if a subscriber has to periodically re enter his or her user name and password to stay connected to the port Reauth period Specify how often a client has to re enter his or her username and password to stay connected to the port The acceptable range for this field is 0 to 65535 seconds Port Control Mode auto Users can access network after authenticating force authorized Use...

Page 257: ...local accounting records enable configure terminal This command changes the node to configure node configure dot1x authentication disable enable This command enables disables the 802 1x authentication on the switch configure dot1x authentic method local radius This command configures the authentic method of802 1x configure no dot1xauthentic method This command configures the authentic method of 80...

Page 258: ...ter Description Global Settings State Select Enable to permit 802 1x authentication on the Switch Note You must first enable 802 1x authentication on the Switch before configuring it on each port Authentication Method Select whether to use Local or RADIUS as the authentication method The Local method of authentication uses the guest and user user groups of the user account database on the Switch i...

Page 259: ...d decimal notation UDP Port The default port of a RADIUS server for authentication is 1812 Share Key Specify a password up to 32 alphanumeric characters as the key to be shared between the external RADIUS server and the Switch This key is not sent over the network This key must be the same on the external RADIUS server and the Switch Second Radius Server This is the backup server used only when th...

Page 260: ...l auto force authorized force unauthorized This command configures the port control mode on the port interface dot1x authentication disable enable This command enables disables the 802 1x authentication on the port interface dot1x reauthentication disable enable This command enables disables re authentication on the port interface dot1x timeout quiet period This command configures the quiet period...

Page 261: ...rection Select Both to drop incoming and outgoing packets on the port when a user has not passed 802 1x port authentication Select In to drop only incoming packets on the port when a user has not passed 802 1x port authentication Re authentication Specify if a subscriber has to periodically re enter his or her user name and password to stay connected to the port Port Control Mode Select Auto to re...

Page 262: ...seconds Quiet period Specify a period of the time the client has to wait before the next re authentication attempt This will prevent the Switch from becoming overloaded with continuous re authentication attempts from the client The acceptable range for this field is 0 to 65535 seconds Supp timeout Specify how long the Switch will wait before communicating with the server The acceptable range for t...

Page 263: ...ber of MAC addresses allowed per interface When the limit is exceeded incoming packets with new MAC addresses are dropped It can be use MAC table to check it The static MAC addresses are included for the limit Note If you configure a port of the Switch from disabled to enabled all of the MAC learned by this port will be clear 7 4 1 Port Security 7 4 1 1 CLI Configurations Node Command Description ...

Page 264: ...resh to begin configuring this screen afresh 7 4 2 Sticky Mac Port security with sticky MAC addresses provides many of the same benefits as port security with static MAC addresses but sticky MAC addresses can be learned dynamically Port security with sticky MAC addresses retains dynamically learned MAC addresses during a link down condition If you enter a write memory or copy running config startu...

Page 265: ... stick function on the specific port interface no port security mac address sticky This command disables the stick function on the specific port config interface range gigabitethernet1 0 PORTLISTS This command enters the if range configure node if range port security mac address sticky This command enables the stick function on the specific ports if range no port security mac address sticky This c...

Page 266: ...ss Configures a Sticky MAC VLAN ID Configures a VLAN for the Sticky MAC Port Configures a port for the Sticky MAC Apply Click Apply to take effect the settings Refresh Click Refresh to begin configuring this screen afresh Sticky MAC Table Action Clicks Delete to clear the sticky MAC ...

Page 267: ...l be support Syslog messages will be support Functional Description The TACACS implementation will provide the following services Authentication Complete control of authentication through login and password dialog challenge and response messaging support etc Authorization Control over user capabilities for the duration of the user session like setting auto commands enforcing restrictions on what c...

Page 268: ... command or partial command with TAB command must be completed The reason is only the command after user HIT the ENTER is only send to TACACS server for authorization or accounting So if this command is partial then subsequently authorization or accounting fails 7 5 1 CLI Configurations Mode Command Description enable show tacacs plus To show the TACACS Statistics enable configure terminal This co...

Page 269: ...nable To disable the authentication enable local mode configure tacacs plus authorization commands enable To enable the authorization show commands configure no tacacs plus authorization commands enable To disable the authorization show commands configure tacacs plus authorization exec enable To enable the authorization configuration commands configure no tacacs plus authorization exec enable To d...

Page 270: ... disabled Authentication Enable mode disabled Local disabled Authorization Command disabled Exec disabled Accounting Command disabled Exec disabled Authentication Sessions 0 Authorization Sessions 0 Accounting Sessions 0 7 5 2 Web Configurations ...

Page 271: ... done by TACACS server Authentication Enable Mode Local Enables Disables the authentication in Enable mode this authentication is done by switch when it cannot find TACACS server Authorization Command Enables Disables the authorization with show commands Authorization Exec Enables Disables the authorization with configuration commands Accounting Command Enables Disables the level 1 command for the...

Page 272: ...in power supply disconnect RPS ON The Switch will send alarm message when the redundant power supply disconnect 8 1 1 CLI Configurations Node Command Description enable show alarm info This command displays alarm information 8 1 2 Web Configurations Parameter Description Alarm Information Alarm Status This field indicates if there is any alarm events Alarm Reason s This field displays all of the d...

Page 273: ...and 3 3V input status 8 2 1 CLI Configurations Node Command Description enable show hardware monitor C F This command displays hardware working information Example L2SWITCH show hardware monitor C Temperature C Current MAX MIN Threshold Status BOARD 44 0 44 2 24 0 80 0 Normal CPU 49 2 49 2 26 5 80 0 Normal PHY 57 5 57 5 30 0 80 0 Normal Voltage V Current MAX MIN Threshold Status 1 0V IN 1 009 1 00...

Page 274: ...onitor alarm This field allows to enable disable the hardware Monitor alarm to be reported or not Hardware Working Information Temperature The field displays the temperature information of board CPU and PHY Voltage The field indicates the voltage level status Apply Click Apply to take effect the settings Refresh Click Refresh to begin configuring this screen afresh ...

Page 275: ...t Select a port or a range of ports to display their statistics Receive Drops The field displays the received drop count Transmit Drops The field displays the transmitted drop count Receive Errors The field displays the received error count Transmit Errors The field displays the transmitted error count Receive Packets The field displays the received packet count Transmit Packets The field displays...

Page 276: ... Unit Select a unit for displaying the port utilization Port Select a port or a range of ports to display their RMON statistics Speed The current port speed Rx Utilization The port receiving traffic utilization in percentage Rx Utilization bps The port receiving traffic utilization in bits per second Tx Utilization The port transmitting traffic utilization in percentage Tx Utilization bps The port...

Page 277: ...MON statistics enable configure terminal This command changes the node to configure node configure clear rmon statistics IFNAME This command clears one port s or all ports RMON statistics 8 5 2 Web Configuration Parameter Description RMON Statistics Port Select a port or a range of ports to display their RMON statistics Show Show them Clear Clear the RMON statistics for the port or a range of port...

Page 278: ... Command Description enable show sfp info port PORT_ID This command displaysthe SFP information enable show sfp ddmi port PORT_ID This command displaysthe SFP DDMI status 8 6 2 Web Configurations Parameter Description SFP Information Port Select a port number to configure Apply Click Apply to display the SFP information SFP Information Fiber Cable To indicate if the fiber cable is connected Connec...

Page 279: ...e interface IFNAME This command enters the interface configure node interface traffic monitor disable enable This command enables disables the traffic monitor on the port interface traffic monitor rate RATE_LIMIT type bcast mcast bcast mc ast This command configures the packet rate and packet type for the traffic monitor on the port bcast Broadcast packets mcast Multicast packets bcast mcast Broad...

Page 280: ...raffic monitor recovery disable enable This command enables disables the recovery function for the traffic monitor on the port if range traffic monitor recovery time 1 60 This command configures the recovery time for the traffic monitor on the port if range traffic monitor quarantine times 1 20 This command configures the quarantine times for the traffic monitor on the port 8 7 2 Web Configuration...

Page 281: ...r Recover State Enables disables the recovery function for the traffic monitor function on these ports Recovery Time Configures the recovery time for the traffic monitor function on these ports Range 1 60 minutes Quarantine Times Configures the quarantine times for the traffic monitor on these ports Range 1 20 times Apply Click Apply to take effect the settings Refresh Click Refresh to begin confi...

Page 282: ...s of SNMP clients in an SNMP v1 and SNMP v2c environments The default SNMP community is public for both SNMP v1 and SNMP v2c before SNMP v3 is enabled Once SNMP v3 is enabled the communities of SNMP v1 and v2c have to be unique and cannot be shared Network ID of Trusted Host The IP address is a combination of the Network ID and the Host ID Network ID Host IP Mask User need only input the network I...

Page 283: ...mp system name STRING This command configures a name for the system The System Name is same as the host name configure no snmp system contact STRING This command resets the contact information for the system configure no snmp system location STRING This command resets the location information for the system configure no snmp system name STRING This command resets the system name for the system Exa...

Page 284: ... a System Contact for the Switch Apply Click Apply to take effect the settings Refresh Click Refresh to begin configuring this screen afresh 9 1 1 2 Community Name 9 1 1 2 1 CLI Configurations Node Command Description enable show snmp This command displays the SNMP configurations enable configure terminal This command changes the node to configure node configure snmp community STRING ro rw trusted...

Page 285: ...gement station in dotted decimal notation for example 192 168 1 0 Mask Type the subnet mask for the IP address of the remote SNMP management station in dotted decimal notation for example 255 255 255 0 Apply Click Apply to take effect the settings Refresh Click Refresh to begin configuring this screen afresh Community Name List Action Click Delete to remove a specific Community String 9 1 2 SNMP T...

Page 286: ...Select the version of the Simple Network Management Protocol to use v1 or v2c Community String Specify the community string used with this remote trap station Apply Click Apply to take effect the settings Refresh Click Refresh to begin configuring this screen afresh Trap Receiver List Action Click Delete to remove a configured trap receiver station ...

Page 287: ...Ring 9 1 2 2 1 CLI Configurations Node Command Description enable show snmp trap event This command displays the SNMP configurations enable configure terminal This command changes the node to configure node configure snmp trap event alarm over heat disable enable This command enables disables the alarm over heat trap configure snmp trap event alarm over load disable enable This command enables dis...

Page 288: ...enable This command enables disables the stp topology change trap configure snmp trap event traffic monitor disable enable This command enables disables the traffic monitor trap configure snmp trap event xpress ring disable enable This command enables disables the xpress ring trap 9 1 2 2 2 Web Configurations Parameter Description Trap Event State Settings Select all Enables all of trap events Des...

Page 289: ... This command enters the interface configure node interface snmp port link change trap This command enables the link change trap on the specific port interface no snmp port link change trap This command disables the link change trap on the specific port configure interface range gigabitethernet1 0 PORTLISTS This command enters the if range configure node if range snmp port link change trap This co...

Page 290: ...mand displays all snmp v3 groups enable configure terminal This command changes the node to configure node configure snmp group GROUPNAME noauth read STRINGS write STRINGS notify STRINGS Configures v3 group of non authentication configure snmp group GROUPNAME auth read STRINGS write STRINGS notify STRINGS Configures v3 group of authentication configure snmp group GROUPNAME priv read STRINGS write ...

Page 291: ... to members of the group Default value is none Notify View By using a notify view a group determines the list of notifications its users can receive Default value is none Apply Click Apply to take effect the settings Refresh Click Refresh to begin configuring this screen afresh SNMPv3 Group Status Group Name This field displays the v3 user name Security Model This field displays the security model...

Page 292: ...command changes the node to configure node configure snmp user USERNAME GROUPNAME noauth Configures v3 user of non authentication configure snmp user USERNAME GROUPNAME auth MD5 SHA STRINGS Configures v3 user of authentication configure snmp user USERNAME GROUPNAME priv MD5 SHA STRINGS des STRINGS Configures v3 user osnmf authentication and encryption configure no snmp user USERNAME GROUPNAME This...

Page 293: ...cated and encrypted Auth Algorithm Select MD5 or SHA Algorithm when security level is auth or priv Auth Password Set the password for this user when security level is auth or priv pass phrases must be at least 8 characters long Priv Algorithm Select DES encryption when security level is priv Priv Password Set the password for this user when security level is priv pass phrases must be at least 8 ch...

Page 294: ...ow status Action Click Delete to remove a v3 user 9 1 3 3 View Settings 9 1 3 3 1 CLI Configurations Node Command Description enable show snmp view This command displays all snmp v3 view enable configure terminal This command changes the node to configure node configure snmp view VIEWNAME STRINGS included excluded To identify the subtree configure no snmp view VIEWNAME STRINGS This command removes...

Page 295: ...amed view View Type Select included or excluded to define subtree adding to the view or not Apply Click Apply to take effect the settings Refresh Click Refresh to begin configuring this screen afresh View Status View Name This field displays the v3 view name View Subtree This field displays the subtree View Type This field displays the subtree adding to the view or not Action Click Delete to remov...

Page 296: ...cific_Configuration_Reboot 0 2 If AUTO_PROVISION_VER is biggest than current auto provision version do step 3 otherwise wait 24 hours and go back to step 1 3 If the Firmware_Upgrade_State 1 do step 4 otherwise do step 6 4 If the Firmware_Version is difference than current firmware version download the Firmware_Image_File and upgrade firmware 5 If upgrade firmware succeeded and Firmware_Reboot 1 le...

Page 297: ...ovision show This command displays the current auto provision configurations auto provision active enable disable This command enables disables the auto provision function auto provision server addressIPADDR This command configures the auto provision server s IP auto provision protocol tftp http ftp The command configurations the upgrade protocol auto provision FTP user username STRING password ST...

Page 298: ...298 9 2 2 Web Configurations ...

Page 299: ...25 or 587 Secure TLS StartTLS 587 Secure SSL SSL 465 POP3 Server Incoming Messages Non Encrypted AUTH 110 Secure SSL SSL 995 Googlemail Gmail Server Authentication Port SMTP Server Outgoing Messages smtp gmail com SSL 465 smtp gmail com StartTLS 587 POP3 Server Incoming Messages pop gmail com SSL 995 Outlook com Server Authentication Port SMTP Server Outgoing Messages smtp live com StartTLS 587 PO...

Page 300: ...ure mail alarm mail to This command configures the mail receiver configure mail alarm server ip ipv6 domain name STRINGS server port VALUE This command configures the mail server IP address domain name and the TCP port configure mail alarm server ip ipv6 domain name STRINGS server port default This command configures the mail server IP address domain name and configures 25 as the server s TCP port...

Page 301: ... name Server Port Specifies the TCP port for the SMTP server Account Name Specifies the mail account name Account Password Specifies the mail account password Mail From Specifies the mail sender Mail To Specifies the mail receiver UTF 8 Encoding Enable disable the UTF 8 encoding for mail content Mail Event State Enables disables the mail trap event states Apply Click Apply to take effect the setti...

Page 302: ...tp 192 168 1 1 file tftp 192 168 1 1 file configure reload default config This command copies a user default config file to replace the startup config file Note The system will reboot automatically to take effect the configurations configure archive download config URL_PATH user default config This command downloads configure file to user default config configure copy factory default config to use...

Page 303: ...ures To setup all configurations what you want Do the command write memory to save them to startup config file Do the command copy startup config to user default config to copy startup config file to user default config file The factory default config file for user special propose 9 4 1 2 Web Configurations Save Configurations Press the Save button to save the current settings to the NV RAM flash ...

Page 304: ...rt the process Follow the steps below to load the configuration file from your PC to the Switch Select the Upload configurations file to your Switch Select the full path to your configuration file Click the Upload button to start the process Reset the factory default settings of the Switch Press the Reset button to set the settings to factory default configurations ...

Page 305: ...ttp 192 168 1 1 file tftp 192 168 1 1 file configure archive download secondary fw URL PATH This command downloads a new copy of firmware file for secondary image from TFTP FTP HTTP server Where URL PATH can be ftp user pass 192 168 1 1 file http 192 168 1 1 file tftp 192 168 1 1 file configure archive ipv6 download secondary fw URL PATH This command downloads a new copy of firmware file for secon...

Page 306: ...eboots the system 9 4 3 2 Web Configurations Reboot allows you to restart the Switch without physically turning the power off Follow the steps below to reboot the Switch In the Reboot screen click the Reboot button The following screen displays Click OK again and then wait for the Switch to restart This takes up to two minutes This does not affect the Switch s configuration ...

Page 307: ...command configures the TCP port for the HTTP server configure no http server port This command resets the HTTP TCP port to 80 configure https server This command enables the https on the Switch configure no https server This command disables the https on the Switch configure ssh server This command enables the ssh on the Switch configure no ssh server This command disables the ssh on the Switch co...

Page 308: ...res the TCP port for the HTTP service SSH Server State Selects Enable or Disable to enable or disable the SSH service Telnet Server State Selects Enable or Disable to enable or disable the Telnet service TELNET Server TCP Port Configures the TCP port for the Telnet service Apply Click Apply to take effect the settings Refresh Click Refresh to begin configuring this screen afresh ...

Page 309: ...ded in the Switch enable show syslog server The command displays the syslog server configurations enable configure terminal This command changes the node to configure node configure clear syslog The command clears the syslog message configure syslog server disable enable The command disables enables the syslog server function configure syslog server ipv4 ip IPADDR The command configures the syslog...

Page 310: ...server when any new log message occurred Facility Selects the facility level Apply Click Apply to take effect the settings Refresh Click Refresh to begin configuring this screen afresh Log Level Select Alert Critical Error Warning Notice Information to choose which log message to want to see Clear Click Clear to clear all of log message Save Click Save to save all of log message into NV RAM ...

Page 311: ...nables the USB upgrade firmware automatically configure usb auto download config disable enable This command disables enables the USB download configuration file automatically configure usb auto download syslog disable enable This command disables enables the USB download syslog file automatically Example L2SWITCH show usb status USB auto upgrade firmware State Enabled USB auto download config Sta...

Page 312: ...ff Auto Download Config Select Enable to turn on automatic download configurations or select Disable to turn it off Auto Download Syslog Select Enable to turn on automatic download system log or select Disable to turn it off Apply Click Apply to take effect the settings Refresh Click Refresh to begin configuring this screen afresh ...

Page 313: ... Maximum user account 6 Maximum user name length 32 Maximum password length 32 Default user account for privileged mode admin admin Notices The Switch allows users to create up to 6 user account The user name and the password should be the combination of the digit or the alphabet The last admin user account cannot be deleted The maximum length of the username and password is 32 characters 9 7 1 CL...

Page 314: ...assword Type a new password or modify an existing one Enter up to 32 alphanumeric or digit characters User Authority Select with which group the user associates admin read and write or normal read only for this user account Apply Click Apply to take effect the settings Refresh Click Refresh to begin configuring this screen afresh User Account List Action Click Delete to remove the user account Not...

Page 315: ...rts neighbor information enable configure terminal This command changes the node to configure node configure lldp disable enable This command globally enables disables the LLDP function on the Switch configure lldp tx interval This command configures the interval to transmit the LLDP packets configure lldp tx hold This command configures the tx hold time which determines the TTL of the Switch s me...

Page 316: ...Interval Configures the interval to transmit the LLDP packets Tx Hold Configures the tx hold time which determines the TTL of the Switch s message TTL tx hold tx interval Time To Live The hold time for the Switch s information Apply Click Apply to take effect the settings Refresh Click Refresh to begin configuring this screen afresh LLDP Neighbor Information Local Port The local port ID ...

Page 317: ... Node Command Description enable show manual registration device This command displays the manual registration device configurations enable configure terminal This command changes the node to configure node configure manual registration device type ipcam plc switch pc mac MACADDR ip IPADDR product name STRINGS system name STRINGS This command configures a device for the Topology Map configure no m...

Page 318: ...ete to delete this device 9 8 3 ONVIF 9 8 3 1 CLI Configurations Node Command Description enable show onvif This command displays the ONVIF configurations enable configure terminal This command changes the node to configure node config onvif enable This command enables the ONVIF on the Switch config onvif tx interval 6 3600 This command configures the tx interval for the ONVIF config no onvif enab...

Page 319: ...Refresh to begin configuring this screen afresh ONVIF Neighbor Information Port The connected port of the ONVIF device IP Address The IP address of the ONVIF device MAC Address The MAC address on the ONVIF device VLAN ID The VLAN ID of the ONVIF device join Product Name Name of the product added Product Type What kind of product that is added Model Model of the product Location Location where it i...

Page 320: ...320 9 9 Topology Map When you click the Topology Map Lock the screen will appear as below The green circle on the devices indicates they are working normally ...

Page 321: ...etails of the devices connected to the host by placing the cursor on it When there is something wrong with the devices the screen will appear as below So that you can find the details of events that have gone wrong and correct it ...

Page 322: ...sily where the switches has been placed Picture To choice a file which you want to display it in the background and the Preview window will display your select immediately If you click the Upgrade button the file will be download to the Switch and it will be applied on next reboot Color Allow user to select standard color for the background and the Preview window will display your select immediate...

Page 323: ... username and password 10 MISC 10 1 Cable Test This feature determines the quality of the cables shorts and cable impedance mismatch bad connectors termination mismatch and bad magnetics The feature can work on the copper Ethernet cable only The cable testers can measure the signal strength and attenuation of the cable during transmission Note Cable tester can only accesable through the CLI withou...

Page 324: ...324 Interface show cable test result This command displays the cable test result Interface cable test start This command starts to test the cable ...

Page 325: ... LITE is not liable for any costs such as lost profits or revenue loss of equipment loss of use of equipment loss of software loss of data costs of substitutes claims by third parties or otherwise PRODUCT REGISTRATION Visit www tripplite com warranty today to register your new Tripp Lite product You ll be automatically entered into a drawing for a chance to win a FREE Tripp Lite product No purchas...

Page 326: ...red to correct the interference at his own expense The user must use shielded cables and connectors with this equipment Any changes or modifications to this equipment not expressly approved by Tripp Lite could void the user s authority to operate this equipment Tripp Lite has a policy of continuous improvement Specifications are subject to change without notice Photos and illustrations may differ ...

Search results

Summary of Contents for NGI-M08C4POE8-2

Reviews:

Related manuals for NGI-M08C4POE8-2

Brands by name

Popular brands

Tripp Lite NGI-M08C4POE8-2, Owner'S Manual

Search results

Summary of Contents for NGI-M08C4POE8-2

Reviews:

Related manuals for NGI-M08C4POE8-2

Brands by name

Popular brands