User`s Manual - PLANET Technology Corporation.
Contents
1. DHCP Snooping Dynamic ARP Inspection Activate inactive entries Retry interval minute s Never Retry Now Figure 4 7 27 IP Source Guard Database screenshot 111 User s Manual of WGSW 48000 ACL Qos ARP Inspection DHCP Snooping etc also consume TCAM resources So the number of entries you can create varies 4 7 13 HTTPS E Getting started with HTTPS setting Hypertext Transfer Protocol over Secure Socket Layer or HTTPS is a URI scheme used to indicate a secure HTTP connection It is syntactically identical to the http scheme normally used for accessing resources using HTTP Using an https URL indicates that HTTP is to be used but with a different default TCP port 443 and an additional encryption authentication layer between the HTTP and TCP C Enable HTTPS Figure 4 7 28 HTTPs configuration The page includes the following fields Object Description e Enable HTTPs HTTPS enable Enable HTTPS for security access HTTPS disable Disable HTTPS 112 User s Manual of WGSW 48000 4 8 Quality of Service 4 8 1 Understand QOS Quality of Service QoS is an advanced traffic prioritization feature that allows you to establish control over network traffic QoS enables you to assign various grades of network service to different types of traffic such as multi media video protocol specific time critical and file backup traffic QoS reduces bandwidth limitatio2. eee ceeeeeee ener ee eeeeneeeeeeeeeeeeaeeeeeeaaeeeceeeaeeeeneeeeesaeeeseeaeeseneaeessneeeeneaas 244 access list name lt WORD gt Set lP MOd8 oocccccncocccccococcnonononononononononononnnn nn nn nano nn nr nen nn ia a a n rre A eaea 244 access list name lt WORD gt set IP mode SRC IP occccconoccccconoccnonononcnnnoncncnnnoncnn non nnn nan nnn nano nn rr narran rn nn cnr rra 244 access list name lt WORD gt set IP mode DST IP niccccnnnccccnnnoccnononononononcnn nano nnnn nono cnn nan nn rro nr nr r nn rra n rr rnn rn 244 access list name lt WORD gt Set L4 port iii dais 245 access list name lt WORD gt set l4port SRC port SRE POFtooconcccconoccccnococcnononcncnononcnnnnnnnnnnnn nn nn nono n nn rn nn nn nnnr rn 245 access list name lt WORD gt set l4port DS T POFtoiccocccnnococonanoncnonononcnnnoncncnanonnnn nono cnn nan nn nr naar rn rn n rra tenanan nannan 245 access list name lt WORD gt set IP mode packet type c ooooccccooocccccococccononononanoncno nono nnnn nn nnnnnnn nn anna cnn rra nnnrnnnn rra 245 access list name lt WORD gt Set Mac MOd8 ooccococccccococcnononcnonanoncnnnnnnnnnn nn nn rr nano rra rn rra rre rre reinan 246 access list name lt WORD gt set Mac MOde MAC S ccaccccconocanonononcnnnonnncnnno cnn cnn n nn nn non rre nan rn r nen rra nr rre rra 246 access list name lt WORD gt set mac mode mac DA oooooccccconoccnonononcnononcncnnnonnnc non cnn nn ttti nano rn nr narrar nenkun nnna nnan 246 access list name lt WORD gt set
3. Source Interface Indicates the port number Counter Variable Indicates which etherStatistics counter per interface been assigned for alarm The value might be Unassigned if the alarm entry is created but no variable been configurred and the value might be ohter if the value is assigned already but not in etherStatistics table with valid interface Sample Type Indicates the method of sampling the selected variable and calculating the value to be compared against the thresholds 160 User s Manual of WGSW 48000 e Value Indicates The value of the statistic during the last sampling period And this value is for comparing the risingThreshold and fallingThreshold e StartUp Alarm Indicates the alarm that may be sent when this entry is first set to valid e RisingThreshold Indicates a threshold for the sampled statistic e FallingThreshold Indicates a threshold for the sampled statistic e RisingEventindex Indicates the index of the eventEntry that is used when a rising threshold is crossed The eventEntry identified by a particular value of this index is the same as identified by the same value of the eventiIndex object If there is no corresponding entry in the eventTable then no association exists In particular if this value is zero no associated event will be generated as zero is not a valid event index e FallingEventindex Indicates the index of the eventEntry that is u
4. e VLAN Range Specifies vlan range the range is 1 to 4094 To specify a VLAN range use a hyphen for example 1 63 means VLANs 1 through 63 To specify a VLAN 77 User s Manual of WGSW 48000 series use a comma for example 10 20 30 means VLANs 10 20 and 30 e Add Creates a MST instance map VLANs to a MST instance e Remove Remove VLANs from the specified MST instance e Remove the last MST Removes the last created MST instance instance e Change Bridge Priority Specifies the selected spanning tree instance device priority The field range is 0 61440 4 5 6 MSTP Interface Network Administrators can assign MSTP Interface settings through the MSTP Port page RSTP RSTPPort MSTP MSTPPort MSTP Instance Instance O w Port Path Cost Priority Edge P2P Port Status Port Role 01 e 3 3 l 04 a z 07 z gt z Figure 4 5 9 MSTP Interface The page includes the following fields Object Description e Instance Specifies the MST instance e Cost Displays the cost of this port for the specified MST instance Cost means the contribution of this port to the path cost of paths towards the spanning tree root which include this port 78 User s Manual of WGSW 48000 Priority Displays the priority of this port for the specified MST insta
5. ACL implementations can be quite complex for example when the ACEs are prioritized for the various situation In networking the ACL refers to a list of service ports or network services that are available on a host or server each with a list of hosts or servers permitted or denied to use the service ACL can generally be configured to control inbound traffic and in this context they are similar to firewalls ACE is an acronym for Access Control Entry It describes access permission associated with a particular ACE ID There are three ACE frame types Ethernet Type ARP and IPv4 and two ACE actions permit and deny The ACE also 88 User s Manual of WGSW 48000 contains many detailed different parameter options that are available for individual application Port Security 802 1X RADIUS TACACS StormControl gt I Access Control List Sort By Priority vw Queue Entry Name Permit Deny Assignment Port List Priority 1 BLOCK SA 172 O NoAssign Allports Moi 1 DELETE O O No Assign v O O O No Assign Y o o O NoAssign m O O NoAssign x O O No Assign ES O O NoAssign O O NoAssign w O O O NoAssign vl Oo O NoAssign Maximal number of ACL entries 254 Including 64 MAC based ACL at most Figure 4 7 3 Access Control List main page The page includes the following fields Object Descr
6. lt mac address gt lt port id gt lt vlan id gt Mode Global Config dhcpsnooping static delete ip Description This command is used to delete a static dhcp entry Syntax dhcpsnooping static delete ip lt A B C D gt mac lt mac address gt port lt port id gt vid lt vlan id gt Parameters 254 User s Manual of WGSW 48000 lt A B C D gt lt mac address gt lt port id gt lt vlan id gt Mode Global Config dhcpsnooping dyamic Description This command is used to configure dhcp dynamic entry dhcpsnooping dynamic add ip Description This command is used to add a dynamic dhcp entry Syntax dhcpsnooping dynamic add ip lt A B C D gt mac lt mac address gt port lt port id gt vid lt vlan id gt lease time lt 1 9999999 gt Parameters lt A B C D gt lt mac address gt lt port id gt lt vlan id gt Mode Mode Global Config dhcpsnooping dynamic delete ip Description This command is used to delete a dynamic dhcp entry Syntax dhcpsnooping dynamic delete ip lt A B C D gt mac lt mac address gt port lt port id gt vid lt vlan id gt lease time lt 1 9999999 gt Parameters lt A B C D gt lt mac address gt lt port id gt lt vlan id gt Mode Global Config 255 6 3 19 Loop_detect Command Loop_detect enable Description This command is used to enable port self loop detection Syntax loop_detect enable Mode Global Config loop_detect disable Description Th
7. 67 User s Manual of WGSW 48000 The switch sends BPDUs to communicate and construct the spanning tree topology All switches connected to the LAN on which the packet is transmitted will receive the BPDU BPDUs are not directly forwarded by the switch but the receiving switch uses the information in the frame to calculate a BPDU and if the topology changes initiates a BPDU transmission The communication between switches via BPDUs results in the following a One switch is elected as the root switch E The shortest distance to the root switch is calculated for each switch E A designated switch is selected This is the switch closest to the root switch through which packets will be forwarded to the root E A port for each switch is selected This is the port providing the best path from the switch to the root switch a Ports included in the STP are selected Creating a Stable STP Topology It is to make the root port a fastest link If all switches have STP enabled with default settings the switch with the lowest MAC address in the network will become the root switch By increasing the priority lowering the priority number of the best switch STP can be forced to select the best switch as the root switch When STP is enabled using the default parameters the path between source and destination stations in a switched network might not be ideal For instance connecting higher speed links to a port that has a higher number than the current
8. Syntax lldp tlvs tx enable disable option 8023 mac phy power link aggregation frame size Parameters enable disable mac phy power link aggregation frame size Mode Interface Config admin mode Description Configure administrative mode on a port Syntax Switch Interface 1 admin mode enable disable Parameters Switch Interface 1 enable disable Mode Interface Config 264 auto negotiate Description Configure auto negotiate mode on a port Syntax auto negotiate enable disable Parameters enable disable Mode Interface Config speed Description User s Manual of WGSW 48000 Set port speed to 10Mbps half duplex 10Mbps full 100Mbps half 100Mbps full 1000Mbps 100FX mode 1000base x full Syntax speed 10hd 10fd 100hd 100fd 1000fd 100fx 1000base x Parameters 10hd 10fd 100hd 100fd 1000fd 100fx 1000base x Mode Interface Config flow control Description This command enable disable flow control on ports Syntax flow control enable disable Parameters enable disable Mode Interface Config 6 4 3 Port security Command port security Description This command add or delete a static mac into mac security table Syntax port security add delete lt sourcemac gt Parameters 265 add delete lt sourcemac gt Mode Interface Config port security lock mode Description This command disable port security
9. lt port list gt Mode Global Config spanning tree mst priority Description This command configures port priority in a MST instance Syntax spanning tree mst priority lt MST D gt lt priority gt ports lt port list gt Parameters lt MST ID gt lt priority gt lt port list gt Mode Global Config user password Description This command changes user password Syntax 238 User s Manual of WGSW 48000 User s Manual of WGSW 48000 user password Mode Global Config Interface Description This command enters into configure interface mode Syntax Interface lt port D gt Parameters lt port ID gt Mode Global Config 6 3 15 RMON Command rmon Description This command is used to configure RMON rmon event index Description This command creates rmon event entry Syntax rmon event index lt 1 65535 gt desc lt WORD gt event lt 1 4 gt community lt WORD gt owner lt WORD gt Parameters lt 1 65535 gt lt WORD gt lt 1 4 gt Mode Global Config Example Switch Config rmon event index 1 desc 123 event 4 community 123 owner test rmon alarm index Description This command creates rmon alarm entry Syntax 239 rmon alarm index lt 1 65535 gt interval lt 0 3600 gt interface lt port User s Manual of WGSW 48000 number gt counter lt 1 17 gt sample absolute delta start rasing falling all rthreshold lt 0 65535 gt fthreshold lt 0 65535 gt reindex
10. on this port Enable Port Self Loop Detection Recover Time Seconds Figure 4 11 17 Self Loop Detection 153 User s Manual of WGSW 48000 The page includes the following fields Object Description e Enable Port Self Enable or Disable port self loop detection function on the Managed Switch Loop Detection e Recover Time Specifies port recover time value 0 indicate the port will not auto recover Seconds 4 11 18 BOOTP Configure Download BOOTP Configure Download is a feature of download switch configure file from the special TFTP server automaticly Enable DHCP Client and DHCP Server assigned the Switch IP Address at the same time the Switch can acquire the Option 66 67 message bootp file name amp TFTP server IP from the DCHP Packet or BOOTP Packet According to these message Switch use tftp client download the special configure file from the special TFTP Server When switch download succeed these message will be saved Next time Switch get the different file name or TFTP server IP and try to download the new configure file again Ping Function Cable Diagnostic DHCP Relay DHCP Option82 SelfLoop _ Enable BOOTP ConfiaDownload Save Settings Figure 4 11 18 BOOTP Configure Download Enable DHCP Client and should have a DHCP Server or BOOTP Server support Option 66 67 154 User s Manual of WGSW 48000 4 12 Statistics This chapter sh
11. Clickes on this button to inserts a static MAC address into the L2 address table 137 User s Manual of WGSW 48000 e Static MAC Address Specifies the MAC address to add e Port Specifies the port number e VLAN ID Specifies the VLAN ID of the MAC address e Delete Removes the specified MAC address 4 11 4 Port Mirroring Configure port Mirroring on this page This function provide to monitoring network traffic that forwards a copy of each incoming or outgoing packet from one port of a network switch to another port where the packet can be studied It enables the manager to keep close track of switch performance and alter it if necessary e To debug network problems selected traffic can be copied or mirrored to a mirror port where a frame analyzer can be attached to analyze the frame flow e The Managed Switch can unobtrusively mirror traffic from any port to a monitor port You can then attach a protocol analyzer or RMON probe to this port to perform traffic analysis and verify connection integrity Port Mirroring UP Link Monitor Client With Ethereal or Sniffer Pro The traffic to be copied to the mirror port is selected as follows e All frames received on a given port also known as ingress or source mirroring e All frames transmitted on a given port also known as egress or destination mirroring Mirror Port Configuration Port mirroring monitors ingress and or egress traffic from specific ports to a
12. Maximal number of Servers 2 iD Priority Delete Figure 4 7 18 TACACS server configuration The page includes the following fields 102 Object User s Manual of WGSW 48000 Description e Authentication Type Local Local authentication only TACACS TACACS authentication only TACACS And Local Both enabled TACACS authentication first if failed then Local authentication used Server IP Address TACACS Server IP address e Priority The order in which the TACACS servers are used 0 means highest priority e Key String The encryption key for TACACS It must match the key used on the TACACS server e Authentication Port Port number of TACACS The default is port 49 Timeout for Reply Time that passes before the connection between the device and the TACACS server time out The field range is 1 120 seconds 103 4 7 6 Storm Control User s Manual of WGSW 48000 Forwarding broadcast traffic consumes switch resuources which can negatively impact the forwarding of other traffic This configuration page is used to protect regular traffic from an overabundance of broadcast or multicast traffic The system measures the incoming Broadcast and Multicast frame rate separately on each port and discard frames when the rate exceeds a user defined rate The Storm Control page provides fields for enabling and configuring Storm Control The screen in Figure 4 7 19 ap
13. O p049005000000 010 Oa Switch Management Interface Console Telnet Command Line Interface Web switch management SNMP v1 v2c and v3 switch management SSH SSL secure access DHCP client for IP address assignment Support DHCP relay function Built in Trivial File Transfer Protocol TFTP client Firmware upload download via TFTP or HTTP protocol Configuration upload download via TFTP or HTTP protocol SNTP Simple Network Time Protocol Message event error SNMP Trap logs Logging to local file and syslog server Four RMON groups 1 2 3 9 history statistics alarms and events Supports Ping function User s Manual of WGSW 48000 Cable Diagnostic technology provides the mechanism to detect and report potential cabling issues such as cable opens cable shorts and etc on Copper Links Link Layer Discovery Protocol LLDP Management IP Power Saving ability for Green networking 24 User s Manual of WGSW 48000 1 5 Product Specification WGSW 48000 48 Port 10 100 1000Mbps with 4 Shared SFP Managed Gigabit Switch Hardware Specification Copper Ports 48 10 100 1000Base T RJ 45 Auto MDI MDI X ports SFP mini GBIC slots 4 1000Base SX LX SFP interfaces shared with Port 23 Port 24 Port 47 and Port 48 Back pressure for Half Duplex Flow Control IEEE 802 3x Pause Frame for Full Duplex LED Power Link Act per port Reset Button lt 10 sec System reboot gt 10 sec Factory Default Dimension
14. The act of stripping 802 1Q VLAN information out of the packet header 57 User s Manual of WGSW 48000 Hi 802 1Q VLAN Tags The figure below shows the 802 1Q VLAN tag There are four additional octets inserted after the source MAC address Their presence is indicated by a value of 0x8100 in the Ether Type field When a packet s Ether Type field is equal to 0x8100 the packet carries the IEEE 802 1Q 802 1p tag The tag is contained in the following two octets and consists of 3 bits of user priority 1 bit of Canonical Format Identifier CFI used for encapsulating Token Ring packets so they can be carried across Ethernet backbones and 12 bits of VLAN ID VID The 3 bits of user priority are used by 802 1p The VID is the VLAN identifier and is used by the 802 1Q standard Because the VID is 12 bits long 4094 unique VLAN can be identified The tag is inserted into the packet header making the entire packet longer by 4 octets All of the information originally contained in the packet is retained 802 1Q Tag User Priority CFI VLAN ID VID 3 bits 1 bits 12 bits TPID Tag Protocol Identifier TCI Tag Control Information 2 bytes 2 bytes Preamble Destination Source VLAN TAG Ethernet Data FCS Address Address Type 6 bytes 6 bytes 4 bytes 2 bytes 46 1517 bytes 4 bytes The Ether Type and VLAN ID are inserted after the MAC source address but before the original Ether Type Length or Logical Link Control Because the packet is now a bi
15. The frames also contain a MAC address SMAC address which shows the MAC address of the equipment sending the frame The SMAC address is used by the switch to automatically update the MAC table with these dynamic MAC addresses Dynamic entries are removed from the MAC table if no frame with the corresponding SMAC address have been seen after a configurable age time Admin Password 2 able StaticAddress PortMirroring Admin Timeout L2 Table Aging Enable Aging Time Reload L2 Table Clear L2 Table Entry Source MAC Port VLAN ID Type 0 00 00 E2 53 76 30 23 1 dynamic A 00 30 4F 44 68 A Za ll 1 dynamic 2 00 16 D3 07 39 D6 23 1 dynamic _3 00 01 6C ED 7E 42 2a 3 dynamic _ on 00 01 29 40 96 1C I a pa dynamic 5 001550010900 23 dynamic _6 00 0E A6 5D 3F 63 23 dynamic 7 00 0C 6E 58 BA C3 23 1 dynamic _ 8 00 11 2F 10 D1 08 23 4 dynamic _ dae 00 0A 79 9F 42 03 ge dynamic 10 00 17 F2 C2EC 9A 23 4 dynamic 11 00 E0 18 E9 26 55 ee 1 dynamic 12 00 21 70 11 90 21 23 1 dynamic 13 00 01 6C E0 5D 01 23 1 dynamic 14 00 30 4F 52 A1 DD 323 1 dynamic Figure 4 11 2 L2 Table 136 User s Manual of WGSW 48000 The page includes the following fields Object Description L2 Table Aging Enable Enable or Disable switch L2 Table aging capability Aging Time Specifi
16. User s Manual of WGSW 48000 Authentication Client server 802 1X Switch RADIUS L al E EAPOL Start EAP Request Identity EAP Response ldentity RADIUS Access Request _ __ __ AA e EAP Request OTP RADIUS Access Challenge e A K EAP Response OTP RADIUS Access Request 3 A A D E EAP Success RADIUS Access Accept Port Authorized EAPOL Logoff Port Unauthorized Figure 4 7 7 EAP message exchange a Ports in Authorized and Unauthorized States The switch port state determines whether or not the client is granted access to the network The port starts in the unauthorized state While in this state the port disallows all ingress and egress traffic except for 802 1X protocol packets When a client is successfully authenticated the port transitions to the authorized state allowing all traffic for the client to flow normally If a client that does not support 802 1X is connected to an unauthorized 802 1X port the switch requests the client s identity In this situation the client does not respond to the request the port remains in the unauthorized state and the client is not granted access to the network In contrast when an 802 1X enabled client connects to a port that is not running the 802 1X protocol the client initiates the authentication process by sending the EAPOL start frame When no response is received the client sends the request for a fixed number of times Because no response
17. vlan lag vlan lt vian ID gt untagged Description This command is used to set to untagged lag Syntax vlan lag vlan lt vian ID gt untagged lags lt ag D gt Parameters lt lag ID gt Mode Global Config vlan lag vlan lt vlan 1D gt tagged Description This command is used to set to tagged lag Syntax vlan lag vlan lt vian ID gt tagged lags lt ag D gt Parameters lt lag ID gt Mode Global Config 201 User s Manual of WGSW 48000 Bridge aging time Description This command is used to configure switch aging time Syntax bridge aging time lt 0 1048575 gt Parameters lt 0 1048575 gt Mode Global Config 6 3 2 Link Aggregation Command lacp syspri system priority Description This command is used to configure lacp system priority Syntax lacp syspri system priority lt 0 65535 gt Parameters lt 0 65535 gt Mode Global Config link aggregation Description This command is used to configure link aggregation link aggregation addport Description This command is used to configure LAG groups Syntax Link Aggregation addport lag lt LAG D gt Parameters lt LAG ID gt Mode Global Config 202 User s Manual of WGSW 48000 link aggregation delport Description This command remove ports from LAG Link Aggregation delport all Description This command remove all ports from a LAG Syntax link aggregation delport all lag lt LAG D gt Parameters lt LAG ID gt Mode
18. 40 User s Manual of WGSW 48000 4 WEB CONFIGURATION This section introduces the configuration and functions of the Web Based management About Web based Management The Managed Switch offers management features that allow users to manage the Managed Switch from anywhere on the network through a standard browser such as Microsoft Internet Explorer The Web Based Management supports Internet Explorer 6 0 It is based on Java Applets with an aim to reduce network bandwidth consumption enhance access speed and present an easy viewing screen By default IE6 0 or later version does not allow Java Applets to open sockets The user has to explicitly modify the browser setting to enable Java Applets to use network ports The Managed Switch can be configured through an Ethernet connection make sure the manager PC must be set on same the IP subnet address with the Managed Switch For example the default IP address of the WGSW Managed Switch is 192 168 0 100 then the manager PC should be set at 192 168 0 x where x is a number between 1 and 254 except 100 and the default subnet mask is 255 255 255 0 If you have changed the default IP address of the Managed Switch to 192 168 1 1 with subnet mask 255 255 255 0 via console then the manager PC should be set at 192 168 1 x where x is a number between 2 and 254 to do the relative configuration on manager PC WGSW Managed Switch PC Workstation With IE Browser IP
19. Description This command displays the cos mapping Syntax show qos cos Mode Privileged Mode show qos queue settings Description This command displays the queue settings mapping Syntax show qos queue settings Mode Privileged Mode show qos advanced Description This command displays qos advanced mode information show qos advanced mode Description This command displays mode of qos Syntax show qos advanced mode Mode Privileged Mode show qos advanced dscp Description 177 User s Manual of WGSW 48000 This command displays qos dscp mapping Syntax show qos advanced dscp Mode Privileged Mode show qos advanced ip precedence Description This command displays qos ip precedence mapping Syntax show qos advanced ip precedence Mode Privileged Mode show qos port based Description This command is used to displays class of service information show qos port based port Description This command displays class of service information Syntax show qos port based port lt port D gt Parameters lt port ID gt Mode Privileged Mode show qos port based all Description This command displays all switch interfaces cos settings Syntax show qos port based all Mode Privileged Mode show dot1x Description This command displays dot1x information 178 User s Manual of WGSW 48000 show dot1x config Description This command displays dot1x and port configuration Syntax sho
20. Down Enable 03 Down Enable 04 Down Enable 05 Down Enable 06 Down Enable 07 Down Enable _ 08 Down Enable Z 09 Down Enable 10 Down Enable 41 Down Enable Eg Down Enable 13 Down Enable 14 Down Enable 15 _ Down _ Enable 16 Down Enable 17 Down Enable e _ 18 _ Up Enable 1000Mbps Full Disabled 19 Down Enable 20 Down Enable 21 Down Enable 22 Down Enable o 7 23 Up Enable 100Mbps Full Disabled 24 Down Enable sE Figure 4 3 1 Port Configuration screenshot The page includes the following fields Object Description e Port Number Indicates the port numbers in the system Click on the port index will enter port configuration page e Admin Mode Configure the administrative mode of the port Sets to Disable will force the port to link down status e Auto Negotiation Configure the port auto negotiation capability When auto negotiation is enabled the port negotiates with the link partner and works out speed and duplex operation When auto negotiation is disabled port speed and duplex operation is programmable by the user 50 User s Manual of WGSW 48000 Speed Duplex Indicates the speed and duplex mode if the port is linkup e Flow Control Indicates the state of flow control if the port is linkup e LAG Group Indicates the LAG group if the port is a LAG port e Link Statu
21. Parameters lt vian ID gt Mode Global Config vian port all protected Description This command is used to configure protected ports Syntax vlan port all protected enable disable Parameters enable disable Mode Global Config 199 User s Manual of WGSW 48000 vian port all pvid Description This command is used to configure port pvid Syntax vlan port all pvid lt vian D gt Parameters lt vian ID gt Mode Global Config vian port ports Description This command is used to configure multiple ports vian port ports port configure Description This command is used to configure ports in a specific vlan Syntax vlan port ports port configure lt vian D gt Parameters lt vian ID gt Mode Global Config vian port ports protected Description This command is used to configure protected ports Syntax vlan port ports protected enable disable Parameters enable disable Mode Global Config vian port ports pvid Description This command is used to configure port vid Syntax 200 User s Manual of WGSW 48000 vlan port ports pvid lt vian D gt Parameters lt vian ID gt Mode Global Config vian lag This command is used to configure lag to a special vlan vlan lag vlan lt vlan id gt exclude Description This command is used to remove lag from a vlan Syntax vlan lag vlan lt vian ID gt exclude lags lt ag D gt Parameters lt lag ID gt Mode Global Config
22. This command is used to displays all snmp config show snmp groups Description This command displays all snmp groups Syntax show snmp groups Mode Privileged Mode show snmp users Description This command displays all snmp users Syntax show snmp users Mode Privileged Mode show snmp communities Description This command displays all snmp communities Syntax show snmp communities Mode Privileged Mode show snmp info Description This command displays all snmp information Syntax show snmp info Mode Privileged Mode 185 User s Manual of WGSW 48000 show sntp Description This command is used to displays switch sntp information Syntax show sntp Mode Privileged Mode show spanning tree Description This command displayss Spanning Tree information show spanning tree interface Description This command displays RSTP ports information show spanning tree interface port Description This command specify an switch interface Syntax show spanning tree interface port lt port D gt Parameters lt port ID gt Mode Privileged Mode show spanning tree interface all Description This command displays all switch interface Syntax show spanning tree interface all Mode Privileged Mode show spanning tree mst Description 186 User s Manual of WGSW 48000 This command displays MST information show spanning tree mst detailed Description This command displays a MST i
23. Time synchronization is performed by a network SNTP server The device operates only as an SNTP client and cannot provide time services to other systems The device can poll the following server types for the server time Server IP Address Sets the SNTP server s IP address Update Time Now Synchronizes current device time with the SNTP server right away Polling Interval Sets the interval at which SNTP client polls for time 4 2 4 Green Ethernet This page is used to enable disable green Ethernet function Enable green Ethernet mode will reduce system power consumption when the link is not present System Information Network Management Time Settings Enable Green Ethernet Figure 4 2 4 Green Ethernet screenshot Enable mode will reduce chip power when the signal from the copper link partner is not present 49 User s Manual of WGSW 48000 4 3 Port Management Use the Port Menu to display or configure the Managed Switch s ports This section has the following items Port Configuration LACP Property LAG Group 4 3 1 Port Configuration This page displays current port configurations Ports can also be configured here The port settings relate to the currently selected stack unit as reflected by the page header LACP Property LAG Group Port Link Status Auto Nego Speed amp Duplex Flow Control 01 Down Enable 02
24. User s Manual of WGSW 48000 storm control Description Enable disable storm control Syntax storm control enable disable Parameters enable disable Mode Interface Config storm control broadcast Description This command storm control for broadcast only and limited value 0 64 256 1024 10240 65536 102400 1024000 which the unit is Kbps and 0 means no limit Syntax storm control broadcast lt rate gt Parameters lt rate gt Mode Interface Config storm control broadcast multicast Description This command storm control limited value 0 64 256 1024 10240 65536 102400 1024000 which the unit is Kops and 0 means no limit Syntax storm control broadcast multicast lt rate gt Parameters lt rate gt Mode Interface Config storm control broadcast unknown Description This command storm control limited value 0 64 256 1024 10240 65536 102400 1024000 which the unit is Kbps and O means no limit Syntax storm control broadcast unknown lt rate gt Parameters 268 User s Manual of WGSW 48000 lt rate gt Mode Interface Config Example Switch Interface 1 storm control broadcast unknown 64 storm control all cast Description This command storm control limited value 0 64 256 1024 10240 65536 102400 1024000 which the unit is Kops and 0 means no limit Syntax storm control all cast lt rate gt Parameters lt rate gt Mode Interface Config rmon counter Description This command s
25. W x D x H 430 x 350x 44 5 mm 1U height 3 5KG Power Consumption 74 Watt 252 34 BTU Maximum Power Requirement AC 100 240V 50 60Hz Layer F function Management Interface Console Telnet SSH Web Browser SSL SNMPv1 v2c and v3 Port disable enable Port configuration Auto negotiation 10 100 1000Mbps full and half duplex mode selection Flow Control disable enable Display each port s speed duplex mode link status Flow control status Auto negotiation status trunk status IEEE 802 1Q Tag based VLAN GVRP for VLAN Management Up to 255 VLANs groups out of 4041 VLAN IDs Private VLAN Edge PVE supported l Rate Limit Bandwidth Control GOO A di Egress Traffic Shaper IEEE 802 3ad LACP Static Trunk Link Aggregation Supports 14 groups of 8 Port trunk QS Traffic classification based on 802 1p priority DS TOS field in IP Packet 25 IGMP Snooping Access Control List Standard Conformance Regulation Compliance Standards Compliance User s Manual of WGSW 48000 IGMP v1 v2 Snooping IGMP Querier mode IP Based ACL MAC Based ACL Up to 254 entries RFC 1213 MIB II RFC 2863 Interface MIB RFC 2665 EtherLike MIB RFC 1493 Bridge MIB RFC 2674 Extended Bridge MIB RFC 2819 RMON MIB Group 1 2 3 and 9 RFC 2737 Entity MIB RFC 2618 RADIUS Client MIB FCC Part 15 Class A CE IEEE 802 3 10BASE T IEEE 802 3u 100BASE TX 100BASE FX IEEE 802 3z Gigabit SX LX IEEE 802 3ab Gigabit 1000T IEEE
26. arp dynamic ports trust untrust lt port list gt Parameters trust untrust lt port list gt Mode Global Config Example Swtich lt Config gt arp dynamic ports trust 1 4 Swtich lt Config gt arp dynamic ports untrust 4 arp dynamic vlan Description This command set add remove dynamic arp on specified vlan Syntax arp dynamic vlan add remove from lt vlan id gt to lt vlan id gt Parameters add remove lt vlan id gt Mode Global Config Example Swtich lt Config gt arp dynamic vlan add from 1 to 1 Swtich lt Config gt arp dynamic vlan remove from 1 to 1 arp static Description This command set arp static address table for mac address with IP Address Syntax arp static add delete vid lt 1 4094 gt ip lt A B C D gt mac lt mac address gt Parameters add delete lt 1 4094 gt lt A B C D gt lt mac address gt Mode Global Config 248 6 3 17 Dos Command dos land Description This command enables and disables land type attacks prevention Syntax dos land enable disable Parameters enable disable Mode Global Config dos blat Description This command enables and disables blat type attack prevention Syntax dos blat enable disable Parameters enable disable Mode Global Config dos syn fin Description This command enables and disables SYN fin type attack prevention Syntax dos syn fin enable disable Parameters enable disable
27. authentication port and timeout for reply Syntax tacplus add server lt IP_addr gt priority lt O 65535 gt key lt key string gt port lt auth port id gt timeout lt 1 30 gt Parameters lt IP_addr gt lt 0 65535 gt lt key string gt lt auth port id gt lt 1 30 gt Mode Global Config tacplus del server Description This command is used to delete a TACACS server Syntax tacplus del server lt IP_addr gt Parameters lt IP_addr gt Mode Global Config green eth Description This command is used to enable disable green Ethernet function Enable green Ethernet mode will reduce system power consumption when the link is not present Syntax green eth enable disable Parameters 251 enable disable Mode Global Config 6 3 19 DHCP Snooping Command dhcpsnooping enable Description This command is used to enable dhcp snooping functions Syntax dhcpsnooping enable Mode Global Confi dhcpsnooping disable Description This command is used to disable dhcp snooping functions Syntax dhcpsnooping disable Mode Global Config dhcpsnooping option82 Description This command is used to set option82 packets Syntax dhcpsnooping option82 enable disable Parameters enable disable Mode Global Config dhcpsnooping verifymac Description This command is used to set verify mac address Syntax dhcpsnooping verifymac enable disable 252 User s Manual of WGSW 48000 Parameters
28. e Description Indicates the description of the associcated entry e Event Type Indicates the entry event type 1 None 2 Log 3 STrap 4 Log and Trap e Community Indicates community for SNMP trap 158 User s Manual of WGSW 48000 e Last Time Sent Indicates the value of sysUpTime at the time this event entry last generated an event by xxD xxH xxM xxS format e Owner Indicates the entry creator Monitor means created by device itself e Delete Click this hyperlink to delete a specific event entry RFC 2819 The Event group controls the generation and notification of events from this device Each entry in the eventTable describes the parameters of the event that can be triggered Each event entry is fired by an associated condition located elsewhere in the MIB An event entry may also be associated with a function elsewhere in the MIB that will be executed when the event is generated For example a channel may be turned on or off by the firing of an event 4 12 4 RMON Event Log In this table overview every valid Event entry will be listed in the same page to help user to enter the other page to checking all the associated entries by the selected specific Event entry index The Event Index field contains each entry s hyper link on directing to the index dependency log data page 802 1X Statistic RMON Statistic RMON Event RMON Alarm RMON History index
29. enable disable Mode Global Config dhcpsnooping ports Description This command is used to set ports to trust or untrust dhcpsnooping ports trust Description This command is used to set ports to trust Syntax dhcpsnooping ports trust lt port list gt Parameters lt port list gt Mode Global Config dhcpsnooping ports untrust Description This command is used to set ports to untrust Syntax dhcpsnooping ports untrust lt port list gt Parameters lt port list gt Mode Global Config dhcpsnooping vian Description This command is used to configure dhcp vlan dhcpsnooping vlan add Description This command is used to enable dhcp snooping in a specified vlan Syntax dhcpsnooping vian add from lt vlan id gt to lt vlan id gt 253 User s Manual of WGSW 48000 User s Manual of WGSW 48000 Parameters lt vlan id gt Mode Global Config dhcpsnooping vlan remove Description This command is used to disable dhcp snooping in a specified vlan Syntax dhcpsnooping vlan remove from lt vlan id gt to lt vlan id gt Parameters lt vlan id gt Mode Global Config dhcpsnooping static Description This command is used to configure dhcp static entry dhcpsnooping static add ip Description This command is used to add a static dhcp entry Syntax dhcpsnooping static add ip lt A B C D gt mac lt mac address gt port lt port id gt vid lt vlan id gt Parameters lt A B C D gt
30. lt group name gt mgmt ip lt ip addr gt Parameters lt community name gt lt group name gt lt ip addr gt Mode Global Config snmp community delete Description This command deletes a community Syntax snmp community delete lt community name gt Parameters lt community name gt Mode Global Config snmp trapstation add Description Create a snmp trap station snmp trapstation add lt ip addr gt community lt community name gt type bootup trap version Description Send trap when system reboot Syntax snmp trapstation add lt ip addr gt community lt community name gt type bootup trap version 1 2 Parameters 1 2 Mode Global Config 228 User s Manual of WGSW 48000 snmp trapstation add lt ip addr gt community lt community name gt type linkchange trap version Description Send trap when port link change Syntax snmp trapstation add lt ip addr gt community lt community name gt type linkchange trap version 1 2 Parameters 1 2 Mode Global Config snmp trapstation add lt ip addr gt community lt community name gt type both trap version Description Send trap when system reboot or port link change Syntax snmp trapstation add lt ip addr gt community lt community name gt type both trap version 1 2 Parameters 1 2 Mode Global Config snmp trapstation add lt ip addr gt community lt community name gt type none trap version Description Send no trap Syntax snmp traps
31. the member Port LAG the VLAN tag is removed e Tagged Indicates that this Port LAG is a member of the VLAN When the packet leaves the member Port LAG the VLAN tag is kept The port must be a member of the same VLAN as the Port VLAN ID 63 4 4 5 VLAN Port User s Manual of WGSW 48000 This page is used for configuring the Managed Switch port VLAN The VLAN per Port Configuration page contains fields for managing ports that are part of a VLAN The port default VLAN ID PVID is configured on the VLAN Port Configuration page All untagged packets arriving to the device are tagged by the ports PVID Create VLAN VLAN Settings Port Number GVRP Protected Drop Non1Q VLAN Igress Port Frame Filter Oj 0 0 0 0 o o oO oO o oo O 00000000G oO 9410 4 0 O o o o o OO o o O Figure 4 4 3 VLAN Port The page includes the following fields Object Description e PVID The port default VLAN ID PVID is configured on the VLAN Port screen All untagged packets arrive to the device are tagged by the ports PVID e Protected Port When the ports specified as Protected Port they can not forward traffic to each other Only the ports that are not specified as Protected Port can forward traffic to and from the protected ports respectively e Drop Non 1Q Frame When ena
32. 0 0 ac e e 0 e 4 0 0 4 o0 0 0 a MEE 0 0 5 0 0 D 0 0 0 0 6 o0 o oO o n 0 0 0 7 o e 0 0 0 o 8 0 0 _0 0 0 0 39 9 0 o oO E 0 0 0 Ho 0 0 o 0 0 0 0 111 o Oo o o 0 0 0 jaz o o0 o oO 0 0 0 Figure 4 10 2 LLDP Statistics 130 Global Counters Object User s Manual of WGSW 48000 Description e Number of Inserts Shows the number of new entries added since switch reboot e Number of Deletes Shows the number of new entries deleted since switch reboot e Number of Drops Shows the number of LLDP frames dropped due to that the entry table was full e Number of Ageouts E Local Counters Shows the number of entries deleted due to Time To Live expiring The displayed table contains a row for each port The columns hold the following information Object Description e Port The port on which LLDP frames are received or transmitted e Tx Frames The number of LLDP frames transmitted on the port e RX Frames Discarded If an LLDP frame is received on a port and the switch s internal table has run full the LLDP frame is counted and discarded This situation is known as Too Many Neighbors in the LLDP standard LLDP frames require a new entry in the table when the Chassis ID or Remote Port ID is not already contained within the table Entries are removed from the table when a given port links down an LLDP shutdown frame is r
33. 0 7 gt lt 1 4 gt Mode Global Config qos wrr weight Description This command configures queue weight for weight round robin Syntax qos wrr weight lt 1 15 gt queue lt 1 4 gt Parameters lt 1 15 gt lt 1 4 gt Mode Global Config qos dscp remark acl_entry_name Description User s Manual of WGSW 48000 This command is used to change DSCP value if the outgoing packet is an IP packet Select an ACL Entry Name as the criterion and then enter New DSCP Value as the action Once the criterion is hit the DSCP value will be changed Syntax qos dscp remark acl_entry_name lt name gt new_dscp_value lt 0 63 gt Parameters lt name gt lt 0 63 gt Mode Global Config 222 6 3 11 Set Commang set IGMP Description Configure IGMP snooping set igmp enable Description This command enables igmp snooping Syntax set igmp enable Mode Global Config set igmp disable Description This command disables IGMP snooping Syntax set igmp disable Mode Global Config set igmp last memberquery Description This command specifies last member query interval Syntax set igmp last memberquery lt 1 200 gt Parameters lt 1 200 gt Mode Global Config set igmp last membercount Description This command specifies last member count Syntax set igmp last membercount lt 1 20 gt 223 User s Manual of WGSW 48000 Parameters lt 1 20 gt Mode Global Config set igmp query interval Des
34. 100Mbps 10 100 cas e ap Orange Blink To indicate that the switch is actively sending or receiving data over that port LNK ACT Off If 1000 LNK ACT LED light gt indicate that the port is operating at 1000Mbps If 1000 LNK ACT LED Off gt indicate that the port is link down 28 User s Manual of WGSW 48000 HM 1000Base SX LX SFP interfaces Shared Port 23 Port 24 Port 47 and Port 48 Function Lights To indicate the link through that SFP port is successfully established with speed 1000Mbps Off To indicate that the SFP port is link down 2 1 3 Switch Rear Panel The rear panel of the Managed Switch indicates an AC inlet power socket which accept input power from 100 to 240V AC 50 60Hz Figure 2 5 shows the rear panel of these Managed Switch WGSW 48000 Rear Panel Figure 2 5 Rear panel of WGSW 48000 M Console Port The console port is a DB9 RS 232 male seria port connector It is an interface for connecting a terminal directly Through the console port it provides rich diagnostic information includes IP Address setting factory reset port management link status and system setting Users can use the attached RS 232 cable in the package and connect to the console port on the device After the connection users an run any terminal emulation program Hyper Terminal ProComm Plus Telix Winterm and so on to enter the statup screen of the device HE AC Power Receptacle For compatibility with electric service
35. 191 SHOW MMONM event Adicciones 191 Show rmon Viudas 191 Show rmon event log event _iINdOX ooo ee ceneee cence eeeeneeeeeeeeaeeeseeeeeeesaeeeseeaaeeeseeeeeeesaeeeeeeaaeeeseeeeeesseeeesenaeeeenenaees 191 show rmon alarmi Ode ein iis een ee 191 SHOW TMON ALAM iii A A A een aoa inert di 192 SOW TMO MISTOPY sec es sucess aem oo ewen dll dear 192 SHOW imon Story ING OX ata a 192 SHOW imon NISTOLY we eegc0e eset lactea 192 SHOW MON Statistics A ias 193 SHOW POE POMM INdeX sitial 193 A O A 193 show poe SYSteM StAtUS ii bai 193 ShoWtacplUS iii ei bathed Meidiin Bibiana hea an A sees 194 NOW AND E E ta ddr 194 SHOW ACM is cc izs caved a asada 194 Show dhepsSnooping CONMPIG ii la 194 SHOW CHEPSNOOPING POMb aiii o a arcadas 194 show dhcpSnoOoping VIAN isitornitaca iii 195 Show dhcpsnooping database ee eeecceceeeneee eset eeenneeeeeeaaeeeceeeeeeecaeeeeeeeaaeeeseeaaeeeseneeeeesaeeeseeaeeeseeeeeeneneeeeneaas 195 show dhcpsnooping database alll vscscccsesn cesses ad ieee 195 show dhcpsnooping database StatiC oonooccccinnnicinnccccnnnocnccnononnno nono ncnn non n cn nano nn rra rre rr 195 show dhcpsnooping database dyNaMiC ooooocccconocicinococcnononcncnanonononnnn cnn nan tutkunun rra rn rra nnnr rra 195 SHOW IPSICOCsCONMG aa AA Ai 196 SOOWIPSECIA PO iii aa at aii 196 SHOW ipsrcgd database cnc aia 196 SHOW Attys ota At iia 196 OS 196 telnet ii A de ee a 197 6 3 Global Config Mode commandS cccmnonccccnnnnnnnnnnnannnnnnnrrrn
36. 39 40 41 42 43 44 45 46 47 48 i ll lal atajar 7 ad al a a a a a ata ata at Sie Seine _ _ Gros Maneti Figure 4 6 7 IGMP The page includes the following fields Object Description e Assign Router Ports Specify ports to which IGMP routers were connected e Dynamic Router Port Click on this button to display the port that receive the following traffic 1 IGMP Query 2 Packet with destination IP 224 0 0 2 e Group Membership Click on this button to display the IGMP groups information e VLAN ID Indicates the VLAN ID of the specified multicast group e Group Address Indicates IPv4 multicast group address of the group being reported e Member Port s Indicates the membership associated with the group 86 User s Manual of WGSW 48000 4 7 Security This section is to control the security access of the switch includes the user access and management control The Security function contains links to the following topics e Port Security e ACL e RADIUS e TACACS e 802 1x Settings 4 7 1 Port Security Port security is a feature that allows you to configure a switch port with one or more device MAC addresses that are authorized to access the network through that port When port security is enabled on a port the Managed Switch stops learning new MAC addresses on the specified port when it has reached a configured maximum number Only incoming traffic with source addresses already stored in the
37. 4 1 2 telnetd started Init sshd Server listening on 0 0 0 0 port 22 Network interface status MAC Address 00 30 4F 48 00 0A static IP 192 168 0 100 Netmask 255 255 255 0 Gateway 192 168 0 254 Management VLAN 1 Username admin Password COMMAND gt enable Username admin Password Switch show network MAC Address 00 30 4F 48 00 0A Management VLAN 1 STATIC IP 192 168 0 100 Netmask 255 255 255 0 Gateway 192 168 0 254 Connected 00 34 18 ANSIW 38400 8 N 1 Figure 5 2 Show IP information screen 165 User s Manual of WGSW 48000 a Configure IP address 3 On Switch prompt type configuration to enter into global configuration mode 4 On Switch Config prompt enter the following command and press lt Enter gt As show in Figure 5 2 Switch Config network parms 192 168 1 100 255 255 255 0 192 168 1 1 The previous command would apply the follow settings for the Managed Switch IP 192 168 1 100 Subnet Mask 255 255 255 0 Gateway 192 168 1 1 COM1_38400 HyperTerminal Ea Eile Edit View Call Transfer Help DS 539 Init sshd Server listening on 0 0 0 0 port 22 Network interface status MAC Address 00 30 4F 48 00 0A static IP 192 168 0 100 Netmask 255 255 255 0 Gateway 192 168 0 254 Management VLAN 1 Username admin Password x COMMAND gt enable Username admin Password Switch show network MAC Address 00 30 4F 48 00 0A Manag
38. 4 to 30 seconds This is the time any port on the Switch spends in the listening state while moving from the blocking state to the forwarding state Observe the following formulas when setting the above parameters Max Age _ 2 x Forward Delay 1 second Max Age _ 2 x Hello Time 1 second Port Priority A Port Priority can be from 0 to 240 The lower the number the greater the probability the port will be chosen as the Root Port Port Cost A Port Cost can be set from 0 to 200000000 The lower the number the greater the probability the port will be chosen to forward packets Illustration of STP A simple illustration of three switches connected in a loop is depicted in the below diagram In this example you can anticipate some major network problems if the STP assistance is not applied If switch A broadcasts a packet to switch B switch B will broadcast it to switch C and switch C will broadcast it to back to switch A and so on The broadcast packet will be passed indefinitely in a loop potentially causing a network failure In this example STP breaks the loop by blocking the connection between switch B and C The decision to block a particular connection is based on the STP calculation of the most current Bridge and Port settings Now if switch A broadcasts a packet to switch C then switch C will drop the packet at port 2 and the broadcast will end there Setting up STP using values other than the defaults
39. 5 The system is functioning properly but system notice Bad route has occurred Informational 6 Provides device information Link up Debug 7 Provides detailed information about the log If a Debug Method list created error occurs contact Dell Online Technical Support The Server Logs screen contains information for viewing and configuring the Remote Log Servers New log servers can be defined and the log severity sent to each server Reboot Save Conti rations Logs Settings Server Name Server IP Address Service UDP Port 514 Facility Max 12 characters Local 0 y The page includes the following fields Object Figure 4 11 10 Log Server Description e Server Name Specifies a short name for identifying this server 147 User s Manual of WGSW 48000 e Server IP Address Specifies IP address of the server inn dotted decimal notation Specifies UDP port of the server The possible range is 1 to 65535 The default value is 514 e Service UDP Port Specifies the facility value to be used when logs are recorded in the remote server See RFC 3164 for more details Only one facility can be assigned to a single server If a second facility level is e Facility assigned the first facility is overridden All applications defined for a device utilize the same facility on a server The possible field values are Local 0 Local 7 The field default
40. 802 3x Flow Control and Back pressure IEEE 802 3ad Port trunk with LACP IEEE 802 1d Spanning tree protocol IEEE 802 1w Rapid spanning tree protocol IEEE 802 1s Multiple Spanning tree protocol IEEE 802 1p Class of service IEEE 802 1Q VLAN Tagging IEEE 802 1x Port Authentication Network Control IEEE 802 1ad LLDP 26 User s Manual of WGSW 48000 2 INSTALLATION This section describes the hardware features and installation of the Managed Switch on the desktop or rack mount For easier management and control of the Managed Switch familiarize yourself with its display indicators and ports Front panel illustrations in this chapter display the unit LED indicators Before connecting any network device to the Managed Switch please read this chapter completely 2 1 Hardware Description 2 1 1 Switch Front Panel The unit front panel provides a simple interface monitoring the switch Figure 2 1 shows the front panel of the Managed Switches WGSW 48000 Front Panel Y PLANET e De Figure 2 1 WGSW 48000 front panel Ml Gigabit TP interface 10 100 1000Base T Copper RJ 45 Twist Pair Up to 100 meters Ml Gigabit SFP slots 1000Base SX LX mini GBIC slot SFP Small Factor Pluggable transceiver module From 550 meters Multi mode fiber up to 10 30 50 70 120 kilometers Single mode fiber M Reset button At the left of front panel the reset button is designed for reboot the
41. C Enabled N A Figure 4 7 8 802 1X port configuration The page includes the following fields Object Description e Enable 802 1X Enables or disables 802 1X function e Status Enables or disables port authentication e Enabled checked means these ports should be authorized by a RADIUS server to forward traffic No traffic is forwarded if it is unauthorized e Otherwise no authentication process is required for those ports all traffic could be forwarded normally e Client MAC Displays the last client in the MAC address who send out the EAPOL control frame of Address the port e Authorization Displays the authentication status of an enabled port e In Progress Indicates that the authentication is still in progress Traffic is not forwarded before authentication is verified e N A means no authentication required 96 User s Manual of WGSW 48000 4 7 3 3 Windows Platform RADIUS Server Configuration 1 Setup the RADIUS server and assign the client IP address to the Managed switch In this case field in the default IP Address of the Managed Switch with 192 168 0 100 And also make sure the shared secret key is as same as the one you had set at the switch RADIUS server 12345678 at this case Add RADIUS Client a xi Clert Irformation Specify information regarding the client Client addiess IP or DNS 192 168 0 100 Verify Client Verdor JRapius Standard 7 I Client must always
42. Disabled 0 50 50 1800 _ monitor Disabled 5 05 50 50 1800 monitor Disabled 6 06 50 50 1800 Monitor Disabled T 07 50 50 1800 monitor Disabled 8 08 50 50 1800 monitor Disabled 9 09 50 50 1800 monitor Disabled 10 o 50 50 1800 monitor Disabled ak E 11 50 sa 1800 monitor o Disabled 42 12 50 50 1800 monitor Disabled 13 13 so 50 1800 monitor Disabled _ 14 14 50 50 1800 monitor Disabled 15 15 50 50 alt 1800 monitor Disabled 16 16 50 50 1800 monitor Disabled 417 17 50 50 1800 monitor Disabled A ae AH ABD 50 1800 Monitor Disabled 19 19 50 50 1800 monitor Disabled 20 ENS INC 50 1800 monitor Disabled __ 21 21 50 50 1800 monitor Disabled 22 22 50 50 1800 monitor Disabled 23 23 50 50 1800 monitor Disabled 24 24 5 50 1800 monitor Disabled 25 25 50 50 1800 monitor Disabled 26 26 50 50 1800 monitor Disabled 7 7 En En 40nn manitar Mieshinad 802 1X Statistic RMON Statistic Index Source Interface Sampling Requested Interval Second Owner Status RMON Event Enable Disable Figure 4 12 7 RMON History screenshot RMON EventLog Cancel amp Return RMON Alarm Figure 4 12 8 Port RMON History screenshot The page includes the following fields Object Description e Control Index Control entry index value 162 User s Manual of WGSW 48000 Source Interface Indicates the ethernet interface
43. E EE oi ve de aces eo De I et a e ao 106 AOS A ata a estee e e o e cdta lo e seca le celo le al ed e a ea a 107 4 10 DHAGP SNOOPING O TON 108 4 77 11 Dynamic ARP Inspection iii A oi A a i i 109 4 12 1P SOUrCE GUA tii A ee Dan e hoagie neato 110 ABT VSS TDP Sect cess se e yn suen ce eleel E NE 112 4 8 Quality Of Service icon 113 4 8 1 Understand DOS cua Aina 113 4 8 2 QUEUE ia ia 114 ABRO a eR o e ao 114 4 8 3 BOD a 117 4 8 4 Port Based DO is 119 4 8 5 Rate Control cnn caeean ane ei eae nein ee Ani en ee ae ee 120 4 8 6 DSGP REMAK dedo toa 121 ARNM ai 122 SNMP OVORVIOW oi ta 122 A Bale a etek tle as a ns ed MH oad a Si aR ale Gens Aes pln UDA 8 ad odes hn SR a 8 123 RAS A A A OO 124 4X3 User Profle cioen a tai isa 125 4 9 4 Community Profle arsenid a da A TAN E dosed esd aa A ai a ias 127 4 9 5 SNMP Trap tati M rsi ireket epnd ernaten aa enaa aaa e edea a a iea a biiain piendas aie 128 AMO LED Ps ai A A A i oeae EAA Nere A 129 AO LUEDP Settings a tt case havnt hee thee oe ee ote he bene e a ee asia Seat 129 4 10 2 LLDP Statistics 0 oioi ais 130 4 10 3 Local Information iio Po weecetnenneds 131 4 10 4 Remote Informati n ni s 134 AI ADMIN A a denia 135 AATA Admin PassWord aiinsir ta aaa lore aaa eiii 135 A A Nia nD wth 1 ote Se ca E A hoes SoS adds Se aS cata hte bas what Seta Se 136 4 11 3 Static SA eee ae en in ee 137 4 11 4 Port MIT Oring a casos 138 411 5 Admin THIMGOUE iii a deli ee eatin 139 ATAN Firmware Upgrade ii A
44. Global Config link aggregation delport lag Description This command remove specify LAG group Syntax link aggregation delport lag lt LAG D gt Parameters lt LAG ID gt Mode Global Config 6 3 3 LLDP Command Ildp enable Description This command is used to enable lldp functions Syntax lldp enable Mode Global Config Ildp disable Description This command is used to disable Ildp functions 203 User s Manual of WGSW 48000 Syntax lldp disable Mode Global Config Ildp adv interval Description This command is used to specify advertised interval in seconds Syntax lldp adv interval lt 5 32768 gt Parameters lt 5 32768 gt Mode Global Config lldp fast startcnt Description This command is used to specify fast start count Syntax lldp fast startcnt lt 1 10 gt Parameters lt 1 10 gt Mode Global Config Ildp hold Description This command is used to specify hold value Syntax lldp hold lt 2 10 gt Parameters lt 2 10 gt Mode Global Config lldp notify interval Description This command is used to specify notification interval in seconds 204 User s Manual of WGSW 48000 Syntax lidp notify interval lt 5 3600 gt Parameters lt 5 3600 gt Mode Global Config Ildp reinit delay Description This command is used to specify re initialization delay in seconds Syntax lidp reinit delay lt 1 10 gt Parameters lt 1 10 gt Mode Global Config I
45. Information The System Info page provides information for the current device information System Info page helps a switch administrator to identify the hardware MAC address software version and system uptime WGSW 48000 CD PLANET EEHEHE EHHE HHHH A sian A Network Management Time Settings Green Ethernet Port Welcome to PLANET WGSW 48000 48 Port Gigabit Managed Ethernet Switch gt VLAN Spanning Tree Multicast gt Security Device Name L2 Managed Switch Hardware Version BM3 Boot Version 1 1 4 Firmware Version 2 01 Build Date Fri Mar 13 13 59 36 2009 MAC Address 00 30 4f 48 00 01 System Name gt QoS gt SNMP LLDP Admin System Location Statistics System Contact Help Logout Figure 4 2 1 System Information Screenshot The page includes the following fields Object Description e Device name Displays the switch model name e Hardware Version Displays the hardware version number e Firmware Version Displays the switch firmware version e Build Date Displays the firmware built date e MAC Address Displays the MAC address of the switch e System Name Displays the user defined system name e System Location Displays the user defined system location e System Contact Displays the user defined system contact person 46 User s Manual of WGSW 48000 4 2 2 Network Management The Network Managment includes the IP Address
46. NetWork aiii ad 170 SOOWISYS Mii alone 170 SOOWPOTESTAISTIOS A A AA Aa 170 MA ites eye en ee ata 171 A a caso 171 6 2 Privileged Mode COMMANOS ocomnncccnnonncnnnannnnnnnrrnrnn rr 171 Cable diag PO ias 171 AA EER E A E E TAE 172 Clear NS 172 Clear arl static Mac c ii uirae a hai lain Bib at he Aa o seed Woe eget eee 172 CIS AP COMIC O O 172 User s Manual of WGSW 48000 AA RON 172 CEA IGMPSNOOPING iii ne 173 clear static mCast ia 173 A O O EEST 173 COMA ii A A AA ee daa 173 Clear lOGSkizicneti noid n ane AEs Bei AA LAB ath ae A api l ME Ae 173 CIGAR Mina tddi 174 CONIL MON ata dd aio id A E 174 6 2 2 Copy Command ai 174 COPY NVFAM MCONTIG THD ita 174 copy system Mage letters 174 010 oD O adan 175 EX iaa a AO 175 helio ei ida 175 A ceectats A E E E E A aobas sotekens tenet an ET 176 PILA A as a ae a be atic a i as EN 176 A E E E EE E E E EE 176 SEa MA S E E SEA T E E E A E E E EE E S 176 6 2 3 ShoW Commands iiaeie aa aa oaa e a a a Ae e ea A aa aa ened gous a iia 177 E E OO EA AE EATE 177 SNOW QOS COS iondan A tai 177 SNOW GOS QUEUIE SELIN GS iia a SA ad an eed eae 177 SNOW GOS AVANCE lirica a to direis 177 Show dOS adya A MOG 642s T a alta att E laa dai E Ea 177 show GOS advanced ASCP laa 177 Show qos advanced ip precedenc es cnica dies 178 SHOW GOS POMm baSed siisii i is 178 Show COS port bDased i01 n EEEE ETETA ETEA EE A EA EE A E E E T 178 showqos port based all ccc wee ee ee ee A E eee 178 SHO
47. Parameters lt LAG ID gt 262 User s Manual of WGSW 48000 Mode Interface Config 6 4 2 LLDP Command An lldp agent can transmit information about the capabilities and current status of the system associated with its MSAP identifier The Ildp agent can also receive information about the capabilities and current status of the system associated with a remote MSAP identifier However lldp agents are not provided any means of soliciting information from other lldp agents via this protocol lldp state Description Only transfer the lldp status Syntax lldp state tx rx tx_rx disable Parameters tx rx tx_rx disable Mode Interface Config lldp notifications Description Enable disable notification form the agent Syntax lldp notification enable disable Parameters enable disable Mode Interface Config lldp tlvs tx Description Syntax lldp tlvs tx enable disable option basic port desc sys name sys desc sys capa Parameters enable disable port desc sys name sys desc sys capa Mode 263 User s Manual of WGSW 48000 Interface Config 8021 set Description Status of local 802 1 settings Syntax lldp tlvs tx enable disable option 8021 pvid vlanname protocol id Parameters enable disable pvid vianname protocol id Mode Interface Config Example switch interdface 1 lldp tlvs enable option 8021 pvid 1 8023 set Description
48. Parameters lt port gt all Mode User Mode enable Description Enter into the Privileged Mode Syntax enable Mode User Mode Save Description This command is used to save configurations 6 2 Privileged Mode commands cable diag port Description This command is used to proceed cable diagnostic Syntax cable diag port lt port D gt Parameters lt port list gt specifies the ports to be set If not entered all ports are set Mode Privileged Mode Example User s Manual of WGSW 48000 Switch cable diag port 1 171 6 2 1 Clear Command clear arl dynamic Description This command is used to Clear dynamic arl table entries Syntax clear arl dynamic Mode Privileged Mode clear arl static mac Description This command is used to clear static arl table entries Syntax clear arl static mac lt mac addr gt Parameters lt mac addr gt Mode Privileged Mode clear config Description This command is used to restore switch factory default configuration Syntax clear config Mode Privileged Mode clear counters Description This command is used to clear RMON statistics for entire switch Syntax clear counters Mode Privileged Mode 172 User s Manual of WGSW 48000 clear igmpsnooping Description This command is used to restore igmpsnooping configuration to factory default Syntax clear igmpsnooping Mode Privileged Mode clear static mcast Description This
49. SFP slot on the front of the Managed Switch Ensure that the SFP transceiver is operating correctly Check the Link mode of the SFP port if the link failed Co works with some fiber NICs or Media Converters set the Link mode to 1000 Force is needed Remove the transceiver module Make sure there is no network activity by consult or check with the network administrator Or through the management interface of the switch converter if available to disable the port in advance Remove the Fiber Optic Cable gently Turn the handle of the MGB module to horizontal Pull out the module gently through the handle 33 User s Manual of WGSW 48000 4 4 MGB SX LX Figure 2 14 Pull out the SFP transceiver Never pull out the module without pull the handle or the push bolts on the module Direct pull out the module with violent could damage the module and SFP module slot of the Managed Switch 34 User s Manual of WGSW 48000 3 SWITCH MANAGEMENT This chapter explains the methods that you can use to configure management access to the Managed Switch It describes the types of management applications and the communication and management protocols that deliver data between your management device work station or personal computer and the system It also contains information about port connection options This chapter covers the following topics Requirements Management Access Overview Administration Console Acc
50. Subnet Mask and Gateway The Configured column is used to view or change the IP configuration Fill up the IP Address Subnet Mask and Gateway for the device The screen in Figure 4 2 2 appears WGSW 48000 GQ PLANET Hetworking amp Commenication i System Information Time Settings Green Ethernet IP Address Mode Static v VLAN IP Address 192 168 0 100 Port gt Spanning Tree Subnet Mask 255 255 255 0 gt Multicast Default Gateway 192 168 0 1 gt Security Management VLAN lv oS gt Q Save Settings SNMP LLDP Admin Statistics gt Help gt Logout Figure 4 2 2 Network Management screenshot The page includes the following fields Object Description e IP Address Mode Retrieves the IP address using DHCP or Static The possible field values are DHCP that retrieves the IP addresses using DHCP client Static indicates IP address is statically assigned If Static was selected the IP Address Subnet Mask and Default Gateway fields are available e IP Address Defines the IP address of the system e Subnet Mask Defines the subnet mask of the system e Default Gateway Defines the default gateway IP address of the system e Management VLAN Indicates the VLAN group that system belongs to 47 User s Manual of WGSW 48000 4 2 3 Time Setting In the System sub function menu you can see the Time Setting by which you can configure the time settings for the Ma
51. Te Figure 4 11 13 Ping Function The page includes the following fields Object Description e Host IP Address The destination IP Address Be sure the target IP Address is within the same network subnet of the switch or you had setup the correct gateway IP address 4 11 14 Cable Diagnostic The accuracy for detecting fault free cable length is within 5 meters normally However under the following conditions the fault free cable length detection accuracy can be beyond 5 meters limit The frequency of this occurrence is very low 1 The remote link partner has a termination incompatible with IEEE 802 3 specification 100 Q 150 User s Manual of WGSW 48000 2 Acable coupler is placed within 7 meters from the link partner DHCP Relay DHCP Option 82 SelfLoop Figure 4 11 14 Cable Diagnostic Ping Function i DHCP Relay DHCP Option 82 SelfLoop Detection Diagnostics for Port 01 4 pairs Ok length 5 meters Ok length 4 meters Ok length 5 meters Ok length 5 meters Figure 4 11 15 Cable Diagnostic The page contains the following fields e Port This is the port to which the cable is connected e Test Result e OK indicates that the cable passed the test e Open means the cable is connected on only one side e Short indicates that a short has occurred in the cable This is the approximate length of the cable The Cable Length test can be perf
52. User Name Indicates the name of the user The allowed string length is 1 to 32 and the allowed content is the ASCII characters from 33 to 126 Group Name Indicates which group the user belongs to SNMP groups are defined in the SNMP Group Profile page SNMP Version Indicates the SNMP version of the user Auth Type Indicates the security model that this entry should belong to Possible security models are e None None authentication protocol MD5 An optional flag to indicate that this user using MD5 authentication protocol The value of security level cannot be modified if entry already exist That means must first ensure that the value is set correctly e Add New User M Add New User Creates a SNMP user 125 User s Manual of WGSW 48000 SNMP Group Profile Community Profile SNMP Trap Station User Name SNMPv3_User Group Name SNMPv3_Group v SNMP Version SNMPv3 Auth Type Key e so Cancel amp Return Figure 4 9 4 Add new user screenshot The page includes the following fields Object Description e Delete Check to delete the entry It will be deleted during the next save e User Name A string identifying the user name that this entry should belong to The allowed string length is 1 to 32 and the allowed content is the ASCII characters from 33 to 126 Group Name Contains a list of user defined SNMP groups SNMP groups are defined in the SN
53. aara aii 231 Snitp SErver PONG ef a aia 231 SNIP tIMeZONC wera ee ee eel eb te en eel enol een eel Bee 231 6 3 14 Spanning tree Command ii ias 232 SPANNING tree forever isisisi ieie Vests dete aii 232 spanning tree forceversiOn 80215 ococccnnoccccnonocanonocononnnonnncnnnon nn nn n cnn rn rre gi padi errar rre enn rra 232 Spanning tree forceversion BOL Wii ad hues 232 Spanning tree force version NONE srati eotie i panda 232 spanning tree tonfiguratidnN seseo retena ais 233 spanning tree Configuration NAME ap 233 spanning tree configuration revisiON conoci iaa 233 Spanning tree TO WArTd IME coooocinic atada 233 SPANNING tree max ge cats is 233 Spanning tree MANOS ii trienios 234 Spanning tree Pd bado 234 Spanning tree portall irsi muani AA ti 234 SPanning tree POCOS uacinctro rindas 234 SPAanningstrSS POR PO putita 235 Spanning tree Port SAGES iii Ai 235 User s Manual of WGSW 48000 spanning tree port force P2pliNK ccoo Eee 235 spanning tree port Migration Check issnin niinen aeae E ai eaan anA EEA TaN E nia NE NETE naai 235 spanning tree port MOOT QUAN iige e aa a did 236 SPANINING trES ono RIA EEEE A T A N E TE 236 Spanning treeMSt wats ee aa oe ee A ed 236 SPANNING trEe MSL INSTANCE muii dios 236 spanning tree mst instance add VIAN oo eee ceeeeeeeeeneeeeeeaeeeeeeeeeeeeaeeeeesaaeeeseeaaeeeseneeeeseaeeeseeaeeeseneeeeesnaeeeeeeaas 236 spanning tree mst instance delete priliko att a aai eaa e eaa Aa a e aa iaae 237 Sp
54. all hosts on a switched network even when multiple multicast groups are in use simultaneously HTTP is an acronym for Hypertext Transfer Protocol It is a protocol that used to transfer or convey information on the World Wide Web WWW HTTP defines how messages are formatted and transmitted and what actions Web servers and browsers should take in response to various commands For example when you enter a URL in your browser this actually sends an HTTP command to the Web server directing it to fetch and transmit the requested Web page The other main standard that controls how the World Wide Web works is HTML which covers how Web pages are formatted and displayed Any Web server machine contains in addition to the Web page files it can serve an HTTP daemon a program that is designed to wait for HTTP requests and handle them when they arrive The Web browser is an HTTP client sending requests to server machines An HTTP client initiates a request by establishing a Transmission Control Protocol TCP connection to a particular port on a remote host port 80 by default An HTTP server listening on that port waits for the client to send a request message HTTPS is an acronym for Hypertext Transfer Protocol over Secure Socket Layer It is used to indicate a secure HTTP connection 284 User s Manual of WGSW 48000 HTTPS provide authentication and encrypted communication and is widely used on the World Wide Web for security
55. at the front panel to identify the System is load completely or not If the PWR LED is blinking then it is in the firmware load stage if the PWR LED light on you can use the WEB browser to login the Switch 142 User s Manual of WGSW 48000 4 11 8 Save Configurations The page provides the ways to upgrade backup switch configuration via TFTP HTTP protocol The screen in Figure 4 11 11 appears MA Reboot Logs Settings Log Server Memory Logs upgrade O Backup Source File Figure 4 11 11 Save Configurations m HTTP Configuration Upgrade 1 Click the Browse button of the main page the system would pop up the file selection menu to choose saved configuration Choose file Look in O Config Backup gt ex FA 2 2 switch cfg My Recent Files of type All Files v Cancel typ iles z 3 Figure 4 11 12 Windows file selection menu popup 143 2 User s Manual of WGSW 48000 Select on the configuration file then click Proceed the bottom of the browser shows the upload status m HTTP Configuration Backup 1 2 Reboot Logs Settings Log Server Operate esca Figure 4 11 13 HTTP configuration backup screenshot Select Backup and press the Proceed button to save the current configuration in manager workstation The following screens in Figure 4 11 14 and 4 11 15 appear File Download Do you want to open
56. can be complex Therefore you are advised to keep the default factory settings and STP will automatically assign root bridges ports and block loop connections Influencing STP to choose a particular switch as the root bridge using the Priority setting or influencing STP to choose a particular port to block using the Port Priority and Port Cost settings is however relatively straight forward 71 User s Manual of WGSW 48000 LAN gt f Portcast 19 i A Pons FA Bridge ID 15 r y r Port Pot2 p y Y Portcast 4 Portcast 4 Portcast 4 Portcast 4 y P BE pons C Porti Bridge ID a Bridge ID 20 Port 2 Port 3 Portcast 19 l Port 2 Porta Portcast 19 Portcast 19 lt lt LAN 2 lt LAN 3 Figure 4 5 2 Before Applying the STA Rules In this example only the default STP values are used LAN 1 gt n Fens Root Bridge 4 A 7 Port Port 2 P A b K Designated Port Designated Port Root Port Root Port gt A D g N rer aesir B Port 1 C Port 1 SA C Designated Bridge a gt ie gt r gt a 5 Port 2 Port3 lt ___ Blocked oop Port 2 Port 3 X p 3 x y xx gt LAN 2 lt LAN 3 Figure 4 5 3 After Applying the STA Rules The switch with the lowest Bridge ID sw
57. e aid 184 SHOWASMIMP O O TA ETO EE ATE T 185 ShOw SNMP groups ai n edie OS 185 Show SNMP USEMS irirna a A a sensed 185 SHOW SNMP COMMUNITIES irector dirias airis 185 SROW SAMPUNTO eb dad aca dd tada he rd dei ata 185 O eed edi te eeu el eal aan ede a en ene 186 SHOW SPANMING tES oi aa Aa aAa 186 show spanning tree Interface iii 186 show spanning tree interface port eee eeeneeeeeeeeeeeeneeeeeeaeeeseeeeeeesaeeeeeeaaeeeseeaaeeeseeeeeesenaeeeseeeesneneeeesenaeeeeseaas 186 show Spanning tree interface All ad i 186 SHOW Spaniing trEe MSE voca ia labo 186 show spanning tree mst detailed wwczc scccsseeecintersteecs tans ri 187 show spanning tree MStinstanCe pai A Aida 187 show Spanning tree mst SUMMA Y iii Aaa 187 SHOW Spanning tree Status icon A aia 187 showW stormecontrol miii tia 188 AS O A 188 A AS 188 ShOW SWitCh admin time coo A di 188 SHOW SWITCH AGEATIME vicio eidariie 188 Show switch mMactable oct A AA cos ea Ea ae veld accelge haus 189 show Switch mac table alll c s2 2 ccc eee ccecececccesseceeden le cetee e 189 User s Manual of WGSW 48000 show switch mac table Vlad 189 Show switch mac table Port comi aaa 189 show switch mcast table saging e e acta ce abate a 189 SHOW SWITCH O O A E E TE 190 Show trapflags nndah cee A A ee a ee aa 190 SHOW VIAN A A A A A Ae 190 SHOW VAM MEMBER crecida tada 190 Showvlan number a eee Nea ciezecea detente cccas ta 190 SNOW MON cae A eee A een ee ee a ee ine t
58. is Local 7 When a severity level is selected all severity level choices above the selection are selected automatically 4 11 11 Memory Logs The Memory Log screen contains all system logs in a chronological order that are saved in RAM Cache Log Index which shows the log number Log Time at which the log was generated Severity which shows the log severity and the description that shows log message text Reboot Save Configurations Logs Settings Log Server Page 1 of 2 Goto page 1 2 Next index Level Category Time Message 73 INFO WEB 2007 1 1 21 30 43 User admin logined from 10 1 1 226 72 INFO WEB 2007 1 1 21 30 43 User session from 10 1 1 226 has been preempted 71 INFO WEB 2007 7 1 1 21 30 43 useradmia logined from 10 1 1 226 70 INFO WEB 2007 1 1 21 06 58 User session from 10 1 1 226 has expired 69 INFO WEB 7 2007 1 1 20 54 30 J User admin logined from 10 1 1 226 68 INFO WEB 2007 1 1 20 54 30 User session from 10 1 1 226 has been preempted 67 INFO WEB 2007 7 1 1 20 54 30 User admin logined from 10 1 1 226 66 INFO WEB 2007 1 1 20 37 41 User session from 10 1 1 226 has expired 65 INFO WEB gt 2007 1 1 20 32 08 i User admin ianed from 10 1 1226 64 INFO WEB 2007 1 1 20 32 08 User session from 10 1 1 226 has been preempted 63 INFO WEB 2007 7 1 1 20 32 08 User admin logined from 10 1 1 226 62 INFO WEB 2007 1 1 20 00 57 User sessi
59. name and an IP address corresponding to a different host name provides the session and transport services described in the Open Systems Interconnection OSI model NFS is an acronym for Network File System It allows hosts to mount partitions on a remote system and use them as though they are local file systems NFS allows the system administrator to store resources in a central location on the network providing authorized users continuous access to them which means NFS supports sharing of files printers and other resources as persistent storage over a computer network A LLDP frame contains multiple TLVs For some TLVs it is configurable if the switch shall include the TLV in the LLDP frame These TLVs are known as optional TLVs If an optional TLVs is disabled the corresponding information is not included in the LLDP frame 287 User s Manual of WGSW 48000 ping is a program that sends a series of packets over a network or the Internet to a specific computer in order to generate a response from that computer The other computer responds with an acknowledgment that it received the packets Ping was created to verify whether a specific computer on a network or the Internet exists and is connected ping uses Internet Control Message Protocol ICMP packets The PING Request is the packet from the origin computer and the PING Reply is the packet response from the target A policer can limit the bandwidth of received fr
60. of this system Sampling Requested Indicates the total numbers of sampling Current Number of Samples Indicates how many smaple were created per this control entry Sampling Interval Indicates the time period on sampling etherHistory data Owner Indicates the entry creator Monitor means created by device itself Status Indicates the Enabled Disabled status History Table RMON History statistics consists of sampled data entries which created by RMON lite probe Every entry within a index key Sample Index indicates the index key in this control index class Drop Events indicates the packcet dropped counted value Octects indicates the Octets including error counted value Packets indicates the Received packets counted value Broadcast Packets indicates the Broadcasts packets counted value Multicast Packets indicates the Multicast packets counted value CRC amp Alignment Errors indicates the CRC Alignment error counted value UndersizePackets indicates the undersize packets counted value OversizePackets indicates the oversize counted value Fragments indicates the fragments counted value Jabbers indicates the jabbers counted value Collisions indicates the collision counted value Utilization indicates the counted utilication RFC 2819 The Ethernet History group records periodic statistical samples fr
61. on a different device LACP allows switches connected to each other to discover automatically whether any ports are member of the same LAG This page allows the user to inspect the current LACP port configurations and possibly change them as well The LACP port settings relate to the currently selected stack unit as reflected by the page header The LACP Port Configuration screen in Figure 4 3 4 appears 53 User s Manual of WGSW 48000 Port Config LAG Group Port Number Priority Admin Key LAG Group Status 01 1001 1000 N A 02 1002 4000 NA 4 03 1003 1000 NA 04 1004 1000 NA 05 1005 1000 NA o6 1006 1000 N A oF 1007 1000 NA 08 1008 1000 N A 09 1009 1000 N A 4 10 1010 4000 NA At 3015 3000 NA a 42 1012 1000 NA 43 1013 4000 NA a q y 304 MWU NA 15 1015 1000 NA a 16 1016 1000 N A 17 1017 1000 NA a _ 8 Oe 54000 NA 19 1019 1000 NA 20 1020 1000 NA Figure 4 3 4 LACP Property The page includes the following fields Object Description LACP System Priority Specifies the actor device s link aggregation priority relative to the devices at the other ends of the links on which link aggregation is enabled A higher value indicates a lower priority e Port Number Display the port number Click on the index number will enter port LACP properti
62. or Wide Area Network WAN is given an Internet Protocol address and this IP address is used to identify the device uniquely among all other devices connected to the extended network The current version of the Internet protocol is IPv4 which has 32 bits Internet Protocol addresses allowing for in excess of four billion unique addresses This number is reduced drastically by the practice of webmasters taking addresses in large blocks the bulk of which remain unused There is a rather substantial movement to adopt a new version of the Internet Protocol IPv6 which would have 128 bits Internet Protocol addresses This number can be represented roughly by a three with thirty nine zeroes after it However IPv4 is still the protocol of choice for most of the Internet IPMC is an acronym for IP MultiCast LACP is an IEEE 802 3ad standard protocol The Link Aggregation Control Protocol allows bundling several physical ports together to form a single logical port LLDP is an IEEE 802 1ab standard protocol The Link Layer Discovery Protocol is used for network discovery and works by having the units in the network exchanging information with their neighbors using LLDP frames Switching of frames is based upon the DMAC address contained in the frame The switch builds up a table that maps MAC addresses to switch ports for knowing which ports the frames should go to based upon the DMAC address in the frame This table contains both sta
63. or save this file 7 Name switch cfg cu Type Microsoft Office Outlook 47E48 812 bytes From 192 168 100 100 harm your computer If you do not trust the source do not open or 2 While files from the Internet can be useful some files can potentially N save this file What s the risk Figure 4 11 14 File Download screen Chose the file save path in management workstation 144 User s Manual of WGSW 48000 O Config Backup My Documents 98 File name switch cfg My Network Save as type Microsoft Office Outlook SEH Figure 4 11 15 File save screen 145 User s Manual of WGSW 48000 4 11 9 Logs Settings This page allows you to log the messages happened in this system for later reference There are 4 types of logging targets are provided for the logs m Memory Logs The logs will be cleared after system reboot m Flash Logs The logs will be stored into flash Console Display log message through UART interface m Syslogs Log the message to a remote host with BSD syslogd compliant daemon running Name A short name for identifying this server IP Address Syslog Server IP address Port UDP port of the Syslogs Server Facility The facility value to be used when logs are recorded in the remote server See RFC 3164 for more details log Server MemoryLogs Target Level ERROR WARNING INFO DEBUG ACTION Memory M M O Gear Flash i v
64. protocol Terminal emulation differs from a virtual terminal protocol in that you must connect a terminal directly to the console serial port To access the Managed Switch through a Telnet session 1 Be Sure of the Managed Switch is configured with an IP address and the Managed Switch is reachable from a PC 2 Start the Telnet program on a PC and connect to the Managed Switch The management interface is exactly the same with RS 232 console management 3 6 2 SNMP Protocol Simple Network Management Protocol SNMP is the standard management protocol for multi vendor IP networks SNMP supports transaction based queries that allow the protocol to format messages and to transmit information between reporting devices and data collection programs SNMP runs on top of the User Datagram Protocol UDP offering a connectionless mode service 3 6 3 Management Architecture All of the management application modules use the same Messaging Application Programming Interface MAPI By unifying management methods with a single MAPI configuration parameters set using one method console port for example are immediately displayable by the other management methods for example SNMP agent of Web browser The management architecture of the switch adheres to the IEEE open standard This compliance assures customers that the Managed Switch is compatible with and will interoperate with other solutions that adhere to the same open standard
65. root port can cause a root port change STP Port States The BPDUs take some time to pass through a network This propagation delay can result in topology changes where a port that transitioned directly from a Blocking state to a Forwarding state could create temporary data loops Ports must wait for new network topology information to propagate throughout the network before starting to forward packets They must also wait for the packet lifetime to expire for BPDU packets that were forwarded based on the old topology The forward delay timer is used to allow the network topology to stabilize after a topology change In addition STP specifies a series of states a port must transition through to further ensure that a stable network topology is created after a topology change Each port on a switch using STP exists is in one of the following five states E Blocking the port is blocked from forwarding or receiving packets E Listening the port is waiting to receive BPDU packets that may tell the port to go back to the blocking state m Learning the port is adding addresses to its forwarding database but not yet forwarding packets a Forwarding the port is forwarding packets Disabled the port only responds to network management messages and must return to the blocking state first A port transitions from one state to another as follows From initialization switch boot to blocking E From blocking to listening or to disabled A Fr
66. rr 198 ld AA A A Heder a meted 198 6 321 VIAN COMIMANG seciorcisriit rl rete 198 User s Manual of WGSW 48000 WIA AAG ta Geeks ys tented Sede es th Jeet ee een as 198 Whar AAG MUM O tints rus daestasccenan uae tesszaaheevecde ta psacderazvaacedssagtenva vase 198 Vian add A Me eit a nl ei ei ie aaa 198 Vian delet ici AA Sa en eet enh oe nee 199 A shed tevaccndeescebeigy voueesevaackeatubactecsaotenansabtpheste ones avbel nevawasbnesadhantpboueesneaarbesaungbbescdbenssescseseesarbetbeueesntines 199 van POrtsalll EE TEE E ckaze dee eid Soece Recut eee lite 199 vlan port all port CONPIQUIFG iii tas 199 Vian port all protected dico aorta 199 Man portall PVid oscila 200 Vian UN A AAA 200 vlan port ports port configure oc tiene eine aren hia li ee aes 200 Vian port ports protected Mii iii dad 200 Man Port POMS PVid iciinncaiarn dan dao 200 Manara e a A A IS ated Seca i el al a Bars 201 Mlanilag vlan lt vlan id gt exclude ccoo Aaa 201 vian lag vlan lt vlan lD gt untagged nnie eie ais 201 vl nlag vlari lt vlan lt lD gt tagged moron id 201 Bridge Aging IM a A e cede aren Od Seg e de Sane 202 6 3 2 Link Aggregation Command iii ii deed voei E EE a EE ETE aS iaio aa 202 l p sysprisystem piority snese r e a a Sie geben ni ee aE a 202 HIMK AG GREG ALIOM i eirs ka aa aea ladridos 202 link aggregationaddport lc cota a td ces Hae an eas eee 202 link aggre gation Alp A da aia 203 Link Aggregation delportall oooiio ainda 203 link
67. rr RARA nds 140 ARM Re ii aldo 141 4 11 8 Save Configurations vv A Ae ei eh Pl bate 143 4At Logs SOMINGS iia daniela ieeebbenienctbers 146 AMADO AV A A A A ti 146 RI A RA 148 User s Manual of WGSW 48000 AAV AD FlASH A AO 149 4 1113 PING FUNCIONO a adas 150 4 11 14 Cable Diagnostic ii e lid 150 AUR eS 152 4 11 16 DHCP Option 82 iti li 152 4 11 17 SelfiLoop Detection aci e aie ea tens das aoe Se eek Se NT Bee eae ei renee 153 4 1118 BOOTP Configure DOWNIOAd icon iaa edad ceda rete 154 4 12 Statistics oi 155 4121 802 AX StatiSticyc i aint ei i eee et e ed oo a 155 4 12 2 RMON Statistic iiinn ais 156 4 12 3 RMON Event o e os 158 4124 RMON Event Logie ar ta 159 AL RMN Al Ok aig E eA hh A OAR ier ed 160 4 12 6 RMON History A re ieee EE ian E R Eni 162 5 COMMAND LINE INTERFACE 6 iiss vscscesicesccazacanatasatanscesvasasatanicanscasacasances deestceedcesdenedeeseeeedes 164 5 1 Accessing the Cll dina 164 Logon tothe Console AA AA coke aden ie 164 Configur IP address E E TEA ddsas go sone ccndsacecds saunaatoaeoed sdssceeadaags edevegraeeuiesnd teste sees 165 5 2 TelmetslOG Uc EEE E T E AE E T A E E E 167 6 COMMAND LINE MODE a ccssigsesccscavec cckcasusauisisvsccecasuscausasvcaczesewscausscusacveaswecensaainabeicvecetiaees 168 6 1 User Mode Command 2 i cccccscadec ches ecce einskonar renner a naci danna calada daa dana anni 169 Di E E E E E T 169 iii AA a a a a RDA 169 aa S EE TE A T A A E E E E T A A A 169 OS 170 SHOW
68. rra rr reir rra 241 access list name lt WORD gt Clears DST IP oooncccccnnocnnncccninnnccn cae 242 access list name lt WORD gt clear L4pOFtoocccccnnoccconococcnononnnonanonnnnnnnn cocoa aea di aa ea nn nn nan r nr rra Ea t deona didaa nr inn rre 242 access list name lt WORD gt clear L4port SRC port ee eeceeeeeeeeeeeeeenneeeeeenaeeeeeeaeeeeeneeeeeenaeeeseeaeeeesneeeesseeeeseaas 242 access list name lt WORD gt clear l4port DST port ee ee eeeeeeeeneeeeeeneeeeeeaaeeeceeeaeeeeneeeeeeaeeeseeaeeeeneeeeeeneeeeneaas 242 access list name lt WORD gt clear packet tyPe 00 ee eeeeeceeeeeneeeeeeeeeeeeneeeeeeaaeeeeeeeaeeeseeeeeesnaeeeeeenaeeeenneeeesnaeeeeeeaas 242 access list name lt WORD gt clear mac SA oocnoccconococcnononcncnnnnnnonononnnnn nn nc nano nn rra nn n rra rra rre 242 access list name lt WORD gt clear MAC DA oooononccnococcnononcncnnnoncnnnnnnnnnnnnnn nn canon nn rro n nn nan rre enn r anna rn criar rra 243 access list name lt WORD gt clear VID vcioiocinina tii a ia i aaia dios 243 access list name lt WORD gt clear ether type c ooooccoococccnnoccccnononnnonononcnnnonnncnnnn cnn rro nn cnn r nn rre rr 243 access list name lt WORD gt deletes deniers rta eel irene 243 access list name lt WORD gt enableldisable ooooooocconnncccnonoccconocccnnnnonnncnnnonnnn nono cnn nan nnn nano nn rra narran rra 244 User s Manual of WGSW 48000 access list name WORDS Set iii aci 244 access list name lt WORD gt Set PriOrity
69. send the signature attribute in the eques Shared secret han Confirm shared secret lt Back Cancel Figure 4 7 9 Windows Server RADIUS Server setting 2 Configure ports attribute of 802 1X the same as 802 1X Port Configuration Port Security ACL RADIUS TACACS StormControl Dp Enable 802 1X Port Status Client MAC Address Authorization Enabled NIA Enabled N A Enabled N A Y Enabled N A Enabled N A iz Enabled N A iz Enabled N A 08 Enabled N A 09 C Enabled N A Figure 4 7 10 802 1x Port Configuration 3 Create user data That step are different of Local Authenticate the establishment of the user data needs to be created on the Radius Server PC For example the Radius Server founded on Win2000 Server and then 97 User s Manual of WGSW 48000 eS 2 Active Directory Domains and Trusts ie Active Directory Sites and Services s and Computers El Computer Management Configure Your Server Data Sources ODBC Distributed File System Domain Controller Security Policy Domain Security Policy Event Viewer Licensing Local Security Policy or as e Pafe nere Routing and Remote Access gt fF Accessories Services Programs Telnet Server Administration al E El E ES a Lo EN Documents gt a Snaglt 7 b a Startup H winrar Search gt Fal Zcom ea Internet Explorer He Si Outlook Ex
70. single monitor to port The Port Mirror Configuration screen in Figure 4 11 4 appears 138 User s Manual of WGSW 48000 Admin Password L2 Table StaticAddress Por Wirroring Admin Timeout E Previous Next Port ID 101 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 1 Ingress Mirror i a a a a a a i a a a a a a a a i us a a Ca a POO S O OO OOO SOMO OO AO SO OJO O O Mirror To Save Settings Figure 4 11 4 Port Mirroring The page includes the following fields Object Description e Function Enables or disables port mirroring e Ingress Mirror Specifies an Ingress Mirror port to which ingress traffic will be mirrored e Egress Mirror Specifies an Egress Mirror port to which egress traffic will be mirrored e Mirror To Specifies the mirrored to port 4 11 5 Admin Timeout Specifies the web console administrative time out value Enable Web Console Admin Timeout Timeout Value Seconds Figure 4 11 5 Admin Timeout The page includes the following fields 139 User s Manual of WGSW 48000 Object Description e Enable Web Console Enable or Disable Admin Timeout function The web console connection session Admin Timeout will not be terminated if function is disabled e Timeout Value Specifies Admin Timeout value The web console session will be terminated if no Seconds action on current web c
71. state transitions from down to up It then sends an EAP request identity frame to the client to request its identity typically the switch sends an initial identity request frame followed by one or more requests for authentication information Upon receipt of the frame the client responds with an EAP response identity frame However if during bootup the client does not receive an EAP request identity frame from the switch the client can initiate authentication by sending an EAPOL start frame which prompts the switch to request the client s identity If 802 1X is not enabled or supported on the network access device any EAPOL frames from the client are dropped If the client does not receive an EAP request identity frame after three attempts to start authentication the client transmits frames as if the port is in the authorized state A port in the authorized state effectively means that the client has been successfully authenticated When the client supplies its identity the switch begins its role as the intermediary passing EAP frames between the client and the authentication server until authentication succeeds or fails If the authentication succeeds the switch port becomes authorized The specific exchange of EAP frames depends on the authentication method being used Figure 4 7 7 shows a message exchange initiated by the client using the One Time Password OTP authentication method with a RADIUS server 94
72. statistics show lldp statistic Description This command is used to displays lldp statistic Syntax show Ildp statistic Mode Privileged Mode show lldp local Description This command is used to displays local information Syntax show Ildp local Mode Privileged Mode show lldp msap Description This command is used to displays msap information Syntax show lldp msap Mode Privileged Mode show lldp msap entry Description This command is used to displays msap details information Syntax show lldp msap entry lt 7 26 gt Parameters lt 1 26 gt Mode 181 User s Manual of WGSW 48000 Privileged Mode show logging Description This command is used to displays trap records show logging memory log Description This command displays memory log Syntax show logging memory log Mode Privileged Mode show logging flash log Description This command displays flash logs Syntax show logging flash log Mode Privileged Mode show monitor Description This command is used to displays port mirroring settings Syntax show monitor Mode Privileged Mode show network Description This command is used to configuration for inband connectivity Syntax show network Mode Privileged Mode 182 User s Manual of WGSW 48000 show port Description This command is used to displays port mode and settings displays port status show port port index Description This command is used to specify an
73. switch interface Syntax show port port index lt port D gt Parameters lt port ID gt Mode Privileged Mode show port all Description This command is used to displays all switch interface Syntax show port all Mode Privileged Mode show port security Description This command is used to displays port security settings show port security port Description This command is used to specify an switch interface Syntax show port security port lt port D gt Parameters lt port 1D gt Mode Privileged Mode show port security all Description 183 User s Manual of WGSW 48000 User s Manual of WGSW 48000 This command is used to displays all interfaces status Syntax show port security all Mode Privileged Mode show rate limit Description This command is used to displays ingress and egress rate limit information show rate limit port Description This command is used to specify an switch interface Syntax show rate limit port lt port D gt Parameters lt port 1D gt Mode Privileged Mode Example Switch Show rate limit port 1 Switch Show rate limit port g show rate limit all Description This command is used to displays all interfaces status Syntax show rate limit all Mode Privileged Mode show running config Description This command is used to displays switch running config Syntax show running config 184 Mode Privileged Mode show snmp Description
74. the links between these devices You should also determine security boundaries in the network and disable GVRP on the boundary ports to prevent advertisements from being propagated or forbid those ports from joining restricted VLANs If you have host devices that do not support GVRP you should configure static or untagged VLANs for the switch ports connected to these devices as described in Adding Static Members to VLANs VLAN Index But you can still enable GVRP on these edge switches as well as on the core switches in the network 60 User s Manual of WGSW 48000 4 4 3 Create VLAN The Create VLAN screen provides information and global parameters for configuring and working with VLANs VLAN Settings VLAN Port GVRP Single VLAN Eo VLAN ID 2 4094 Multiple VLAN al Create Low High VLANID Member ports O Tagged Untagged Delete 4 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 Delete 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 Figure 4 4 1 Create VLAN screenshot The page includes the following fields Object Description e Single VLAN Indicates the ID number of the VLAN being configured Up to 256 VLANs can be created This field is used to create one VLAN group at a time e Multiple VLAN Specifies a range of VLANs being configured It allows multiple VLAN groups being created at a time e VLAN Group Table D
75. the switch is most commonly used to segment existence hubs which nearly always improves overall performance An Ethernet Switching can be easily configured in any Ethernet network environment to signifi cantly boost bandwidth using conventional cabling and adapters Due to the learning function of the Ethernet switching the source address and corresponding port number of each incoming and outgoing packet are stored in a routing table This information is subsequently used to filter packets whose destination address is on the same segment as the source address This confines network traffic to its respective domain and reduce the overall load on the network The Switch performs Store and forward therefore no error packets occur More reliably it reduces the re transmission rate No packet loss will occur 7 5 Auto Negotiation The STP ports on the Switch have built in Auto negotiation This technology automatically sets the best possible bandwidth 275 User s Manual of WGSW 48000 when a connection is established with another network device usually at Power On or Reset This is done by detect the modes and speeds at the second of both device is connected and capable of both 10Base T and 100Base TX devices can connect with the port in either Half or Full Duplex mode If attached device is 100Base TX port will set to 10Mbps no auto negotiation 10Mbps 10Mbps with auto negotiation 10 20Mbps 10Base T Full Duplex 100Mbps n
76. to the Privileged Global Config Mode enter the configuration Switch Config Mode enter the exit command command From the Global Config Switch Interface To exit to the Global Config Interface Config Mode mode enter the interface lt port gt mode enter exit lt port gt command Table 6 1 CLI Command Modes The CLI is divided into various modes The commands in one mode are not available until the operator switches to that particular mode The commands available to the operator at any point in time depend upon the mode Entering a question mark at the CLI prompt and displayss a list of the available commands and descriptions of the commands The CLI provides the following modes User Mode When the operator logs into the CLI the User Mode is the initial mode The User Mode contains a limited set of commands The command prompt shown at this level is Command Prompt COMMAND gt Privileged Mode To have access to the full suite of commands the operator must enter the Privileged Mode The Privileged Mode requires password authentication From Privileged Mode the operator can issue any Exec command to enter the Global Configuration 168 User s Manual of WGSW 48000 mode The command prompt shown at this level is Command Prompt Switch Global Config Mode This mode permits the operator to make modifications to the running configuration General setup commands are grouped in this mode From the Global Confi
77. try to activate inactive entries Retry Now Click this button to activate inactive entries immediately V What the users should be aware of In common cases DHCP Snooping must be enabled before you enable IP Source Guard If not as the Binding Database is null IP Source Guard will drop all IPv4 packets on ports which enabled this feature except DHCP packets If DHCP Snooping is disabled before IP Source Guard IP Source Guard can still work properly but new entires will be unable to 110 User s Manual of WGSW 48000 be created DHCP Snooping must be enabled before you enable IP Source Guard 144 Management IP List Auto DoS SSH DHCP Snooping Dynamic ARP IP Source Guard C Enable IP Source Guard Please select ports to enable IP Source Guard 01 62 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 25 26 27 28 29 30 31 32 33 4 35 36 37 38 39 40 41 42 43 44 45 46 47 Select All Unselect All IP Source Guard Database Figure 4 7 26 IP Source Guard screenshot The page includes the following fields Object Description e Enable IP Source Guard Enables or Disables IP Source Guard function e Ports to enable IP Source Guard Selects Ports of IP Source Guard function e IP Source Guard Database Displays the information of entries used by IP Source Guard E IP Source Guard Database
78. your connected cables are with same pin assignment and color as above picture before deploying the cables into your network 280 User s Manual of WGSW 48000 A 3 Available Modules The following list the available Modules for WGSW 48000 MGB GT SFP port 1000Base T Module MGB LX SFP port 1000Base LX mini GBIC module MGB L70 SFP port 1000Base LX mini GBIC module 70KM MGB LA10 SFP port 1000Base LX WDM TX 1310nm mini GBIC module 10KM MGB LA20 SFP port 1000Base LX WDM TX 1310nm mini GBIC module 20KM MGB LA40 SFP port 1000Base LX WDM TX 1310nm mini GBIC module 40KM 281 User s Manual of WGSW 48000 APPENDEX B GLOSSARY ACE is an acronym for Access Control Entry It describes access permission associated with a particular ACE ID There are three ACE frame types Ethernet Type ARP and IPv4 and two ACE actions permit and deny The ACE also contains many detailed different parameter options that are available for individual application ACL is an acronym for Access Control List It is the list table of ACEs containing access control entries that specify individual users or groups permitted or denied to specific traffic objects such as a process or a program Each accessible traffic object contains an identifier to its ACL The privileges determine whether there are specific traffic object access rights ACL implementations can be quite complex for example when the ACEs are prioritized for the variou
79. 0 User s Manual of WGSW 48000 TCP is an acronym for Transmission Control Protocol It is a communications protocol that uses the Internet Protocol IP to exchange the messages between computers The TCP protocol guarantees reliable and in order delivery of data from sender to receiver and distinguishes data for multiple connections by concurrent applications for example Web server and e mail server running on the same host The applications on networked hosts can use TCP to create connections to one another It is known as a connection oriented protocol which means that a connection is established and maintained until such time as the message or messages to be exchanged by the application programs at each end have been exchanged TCP is responsible for ensuring that a message is divided into the packets that IP manages and for reassembling the packets back into the complete message at the other end Common network applications that use TCP include the World Wide Web WWW e mail and File Transfer Protocol FTP TELNET is an acronym for TELetype NETwork It is a terminal emulation protocol that uses the Transmission Control Protocol TCP and provides a virtual connection between TELNET server and TELNET client TELNET enables the client to control the server and communicate with other servers on the network To start a Telnet session the client user must log in to a server by entering a valid username and password Then the c
80. 0 Yes gt gt m Wade gt eles is ais Tf amu 1 ae E Figure 4 5 5 RSTP Port The page includes the following fields Object Description e Port Indicates the port numbers of the system e Participate Indicates if the port is runung RSTP protocol or not e Cost Indicates the cost of this port which means the contribution of this port to the path cost of paths towards the spanning tree root which include this port e Priority Indicates the priority of this port This is the value of the priority field contained in the first octect of the Port ID e Edge Indicates if this port is the edge port Once configured as an edge port the port state immediately transitions from disable block to forwarding state e Root Guard Indicates if this port is the root guard port Once configured as a root guard port the port can prevent outside swit Displays the RSTP port status ch with suprior BID from affecting former topology e P2P Indicates if this port is a point to point link If you connect a port to another port though a point to point link and the local port becomes a designated port it 74 User s Manual of WGSW 48000 negotiates a rapid transition with the other port to ensure a loop free topology e Status Displays the RSTP port status e Role Displays the role of this RSTP port e Edit RSTP Port Click on this button to
81. 000 Modify 16 Disabled 20 60 1000 Modify 47 Disabled 20 60 1000 Modify 18 Disabled 20 60 1000 Modify 19 Disabled 20 60 1000 Modify 20 Disabled 20 50 1000 Modify 21 Disabled 20 60 1000 Modify 22 Disabled 20 60 1000 Modify Figure 4 4 4 GVRP The page contains the following fields e Enable GVRP Enables and disables GVRP on the device e Port Displays the interface on which GVRP is enabled Possible field values are Port indicates the port number on which GVRP is enabled LAG indicates the LAG number on which GVRP is enabled e GVRP Mode When the checkbox is checked GVRP is enabled on the interface e Join Period The interval between transmitting requests queries to participate in a VLAN group Range 20 1000 centiseconds Default 20 centiseconds e Leave Period The interval a port waits before leaving a VLAN group This time should be set to more than twice the join time This ensures that after a Leave or LeaveAll message 65 e AllLeave Period User s Manual of WGSW 48000 has been issued the applicants can rejoin before the port actually leaves the group Range 60 3000 centiseconds Default 60 centiseconds The interval between sending out a LeaveAll query message for VLAN group participants and the port leaving the group This interval should be considerably larger than the Leave Time to minimize the amount of traffic generated by nodes rejoini
82. 02 1X Authentication in Windows XP Please note that if you want to change the 802 1x authentication type of a wireless client i e switch to EAP TLS from EAP MD5 you must remove the current existing wireless network from your preferred connection first and add it in again E Configure Sample EAP MD5 Authentication 1 Goto Start gt Control Panel double click on Network Connections 2 Right click on the Local Network Connection 3 Click Properties to open up the Properties setting window 4 3COM 3C940 Status General Support Connection Status Connected Duration 03 35 37 Speed 100 0 Mbps Activity Sent e Received 146 938 760 110 212 126 Figure 4 7 13 Clients NIC 4 Select Authentication tab 5 Select Enable network access control using IEEE 802 1X to enable 802 1x authentication 6 Select MD 5 Challenge from the drop down list box for EAP type 99 User s Manual of WGSW 48000 4 3COM 3C940 Properties General Authentication Advanced Select this option to provide authenticated network access for Ethernet networks Enable IEEE 802 1x authentication for this network EAP type Protected EAP PEAP MD5 Challenge Protected EAP PEAP Smart Card or other Certificate Authenticate as computer when computer information is available C Authenticate as guest when user or computer information is unavailable Figure 4 7 14 802 1x client
83. 2 10 Figure 2 10 Place the Managed Switch on the desktop Step3 Keep enough ventilation space between the Managed Switch and the surrounding objects When choosing a location please keep in mind the environmental restrictions discussed in Chapter 1 Section 4 and Specification Step4 Connect the Managed Switch to network devices Connect one end of a standard network cable to the 10 100 1000 RJ 45 ports on the front of the Managed Switch Connect the other end of the cable to the network devices such as printer servers workstations or routers etc Connection to the Managed Switch requires UTP Category 5 network cabling with RJ 45 tips For more information please see the Cabling Specification in Appendix A 30 User s Manual of WGSW 48000 Step5 Supply power to the Managed Switch Connect one end of the power cable to the Managed Switch Connect the power plug of the power cable to a standard wall outlet When the Managed Switch receives power the Power LED should remain solid Green 2 2 2 Rack Mounting To install the Managed Switch in a 19 inch standard rack please follows the instructions described below Step1 Place the Managed Switch on a hard flat surface with the front panel positioned towards the front side Step2 Attach the rack mount bracket to each side of the Managed Switch with supplied screws attached to the package Figure 2 11 shows how to attach brackets to one side of
84. 209 mamt accessiiStipadar cian ata 209 mgmt accesslist enable A a ia Nai 209 mgamt accesslist disable ccicocinionicin a on odds 209 6 3 6 Monitor CoOmMana ceci ana 209 e succes E A T E E EAA A Er 209 monitor disable ssn nee hin en a E ais eee a eats 210 MONITOR delia A A canny aa idee A pad 210 monitor des lt port ID gt probetype bidirectiON o oo cece ceenne eee eeeeeeeeeaeeeeeeaaeeeeeeeeeeesaeeeeeeaaeeeseeeaeeeeneeeeseaeeeeeenaees 210 monitor des lt port ID gt probetype INGreSS ooooonncinncccinonoccccnonancnn nono ncnnno nn nn nnnn cnn ronca rr rre 210 monitor des lt port ID gt probetype egreSS occococccccocccccononcncnononcnnnonnccnnno nn nr nan nn 211 6 327 doti COMM ad ias 211 Cott x enable outils ee 211 A O AS 211 dottx POE Oi taa 211 dot1x port control enable port coc to8 ees seis a a iat desis Gan sica iaa 212 dott x port Control disable DOE arcoiris drets 212 6 38 network Command ies Secceki epedate a a veh Sovecbede caste ta 212 network MOMERVIAN viii A A dad 212 MEtWOr paS a dios 213 Network protocol recsceesezevveotes iaa ai 213 aciano aael ate o K e M AEEA TTET A cs 213 network dh p rel y Mod6 0000 en i een ee ee ae 213 network dhcp relay eve iraire i yoed ga seneb ethan a sgl cnaebaba ches bend i aooi E Evans 213 network dhep relay VaN scort ato daa 214 network dhcp relay vlan lt vlan ID gt add cccccececeecce cece ee eeeeeeeeeeee eee caaeaeeeeeeeseceaeaeeeeeeeeeeeeaaeeeeeeeseseeaeeeeeeeeeeee
85. 4 Firmware Version 2 01 lt 4 Main Screen Build Date Fri Mar 13 13 59 36 2009 MAC Address 00 30 4f 48 00 01 System Name gt QoS gt SNMP LLDP Admin System Location Statistics System Contact Help Logout Figure 4 1 4 Main Page Help Button Panel Display The web agent displays an image of the Managed Switch s ports The Mode can be set to display different information for the ports including Link up or Link down Clicking on the image of a port opens the Port Statistics page The port states are illustrated as follows State Disabled Down Link rasrots E SFP Ports re Main Menu Using the onboard web agent you can define system parameters manage and control the Managed Switch and all its ports or monitor network conditions Via the Web Management the administrator can setup the Managed Switch by select the functions those listed in the Main Function The screen in Figure 4 1 5 appears 44 User s Manual of WGSW 48000 Port VLAN Spanning Tree Multicast Security Qos SNMP LLDP Admin Statistics Help Logout Figure 4 1 5 WGSW Managed Switch Main Funcrions Menu 45 User s Manual of WGSW 48000 4 2 System Use the System menu items to display and configure basic administrative details of the Managed Switch Under System the following topics are provided to configure and view the system information This section has the following items 4 2 1 System
86. 5 Mgmt Command mgmt accesslist ipaddr Description This command specifies a management access IP for the DUT up to 8 IP address can be set Syntax mgmt accesslist ipaddr lt P addr gt Parameters lt IP addr gt Mode Global Config mgmt accesslist enable Description This command enables management access list Only the IP address specified in the management list is allowed to access DUT Syntax mgmt accesslist enable Mode Global Config mgmt accesslist disable Description This command disables management access list Syntax mgmt accesslist disable Mode Global Config 6 3 6 Monitor Command monitor enable Description This command enables port mirroring Syntax monitor enable 209 Mode Global Config monitor disable Description This command disables port mirroring Syntax monitor disable Mode Global Config monitor des Description Configure destination port monitor des lt port ID gt probetype bidirection Description This command configures port monitor probetype as bi direction traffic Syntax monitor des lt port ID gt probetype bidirection src lt port list gt Parameters lt port list gt Mode Global Config Example User s Manual of WGSW 48000 Switch config monitor des 1 probetype bidirection src 2 8 monitor des lt port ID gt probetype ingress Description This command configures port monitor probetype as ingress traffic Syntax monitor de
87. 8 20 521 22 23 24 a lual dal dial fal al al aj a fa jad Jal a aj Jal la fal ud Laj aj Ja fal a ja 25 28 2f 28 289 NM 31 32 3S UU 235 7367 37 38 397 407 41 42 43 44 45 48 47T 48 al la Lal lia la Lal La fa Jal J Ja Lal l aj Lal la la Lal Lal ia Jal al la Ja Figure 4 7 5 ACL Port List 1 If the rule filter of ACL entry is empty the check box of this entry will not be checked by default If the check box is not checked the corresponding ACL entry will not be programmed to hardware Before input MAC IP port number Packet type or Ether type you have to check the corresponding check box of rule filter The count of ACL entries which own PORT rule filter have to be smaller than 8 otherwise it would cause NO RESOURCE when add ACL entry 4 7 3802 1x E Overview of 802 1X Port Based Authentication In the 802 1X world the user is called the supplicant the switch is the authenticator and the RADIUS server is the authentication server The switch acts as the man in the middle forwarding requests and responses between the supplicant and the authentication server Frames sent between the supplicant and the switch are special 802 1X frames known as EAPOL EAP Over LANs frames EAPOL frames encapsulate EAP PDUs RFC3748 Frames sent between the switch and the RADIUS server are RADIUS packets RADIUS packets also encapsulate EAP PDUs together with other attributes like the switch s IP a
88. Address 192 168 0 100 ATA IP Address 192 168 0 x Figure 4 1 1 Web Management 41 User s Manual of WGSW 48000 m Logging on the switch 1 Use Internet Explorer 6 0 or above Web browser Enter the factory default IP address to access the Web interface The factory default IP Address as following http 192 168 0 100 When the following login screen appears please enter the default username admin with password admin or the username password you have changed via console to login the main screen of Managed Switch The login screen in Figure 4 1 2 appears Login Windows Internet Explorer http 192 168 0 100 login_win htm Type in Username and Password then click OK Username Password La Internet A 100 Figure 4 1 2 Login screen Default User name admin Default Password admin After entering the username and password the main screen appears as Figure 4 1 3 42 User s Manual of WGSW 48000 oa 4 WGSW 48000 ss e Network Management Time Settings Green Ethernet Port Welcome to PLANET WGSW 48000 48 Port Gigabit Managed Ethernet Switch gt VLAN Spanning Tree gt Multicast Security Device Name L2 Managed Switch Hardware Version BM3 Boot Version 1 1 4 Firmware Version 2 01 Build Date Fri Mar 13 13 59 36 2009 MAC Address 00 30 4f 48 00 01 System Name gt QoS gt SNMP LLDP Admin gt Statistics System Location
89. Auto Default Spanning Tree Configuration Feature Default Value Enable state STP disabled for all ports Port priority 128 Port cost 0 Bridge Priority 32 768 User Changeable STA Parameters The Switch s factory default setting should cover the majority of installations However it is advisable to keep the default settings as set at the factory unless it is absolutely necessary The user changeable parameters in the Switch are as follows Priority A Priority for the switch can be set from 0 to 65535 0 is equal to the highest Priority 70 User s Manual of WGSW 48000 Hello Time The Hello Time can be from 1 to 10 seconds This is the interval between two transmissions of BPDU packets sent by the Root Bridge to tell all other Switches that it is indeed the Root Bridge If you set a Hello Time for your Switch and it is not the Root Bridge the set Hello Time will be used if and when your Switch becomes the Root Bridge The Hello Time cannot be longer than the Max Age Otherwise a configuration error will occur Note Max Age The Max Age can be from 6 to 40 seconds At the end of the Max Age if a BPDU has still not been received from the Root Bridge your Switch will start sending its own BPDU to all other Switches for permission to become the Root Bridge If it turns out that your Switch has the lowest Bridge Identifier it will become the Root Bridge Forward Delay Timer The Forward Delay can be from
90. CHCpSNOOPING POMS siisi piine A Reel ei eed A ti 253 CHCPSNOOPING POMS UST is sescigss T A ETTET 253 dhepsnooping Ports UtTUS diia ad 253 AChepSnooping Ma aii 253 User s Manual of WGSW 48000 AChepSnooping A ON 253 dhepsnooping Vian remove acceda 254 ChcpSnooping statiCi rieni eai ias 254 ANCPSNOOPINY Static add M 0 ASETET E E E E eee 254 dhepsnooping static delete Ip viu ee ee ee es 254 ANCPSMOOPING CVAMICH oca a a e ese an Pn as ee ek a ed ts 255 CHCPSNOOPING dynamicadd Ip s cccssgeeaceceesveneuseeesveseteecxsesteedab ae tenssenene adh canyesunashescebenteeceenstuceeesveusoehenaddeeasbentyecsaeds 255 dhcpsnooping dynamic delete D a r aa r aaa E aa a a aaa ree a eiae 255 6 3 20 Loop detect Command ico ai 256 Loop lt detect Gnable ii rias 256 loop detect disable vivio anda 256 Op AetectrecoventiMe ooti rra iii 256 loop det ct ito iii A e shies 256 6 3 21 GVRP Comm disse ai ein SA on Eee a bane eee 257 OVID OMADIS imitado 257 OVID disable nn a Meant ts Secs hae ee ia staat e da e ak beeen dd ie in Sa a Sars 257 OVID POM A ON 257 OVip port disable Lion o adds 257 QVIP port StAtUs comicidad dd id 258 aai oE AAEE E Sea A decd nesta ET AA ASE EEA ETE A ESE EAA E E AES 258 6 3 22 BOOTP Command kerena a E eee sn A a chee edie ate eines 258 bootp enable sa cnni a a A Shane hae 258 BOOP disable vivir EE E E E E E ET 258 0701011 edl E1 A EA O RN 258 6 3 23 SSH Commands ee a e a E E E E E E A E a aa ii 259 SSH enable
91. DSTPORT 1 65535 C Packet type MAC SA MASK MACDA MASK O MAC ACL OX XX XX XX XX XX Ether type 802 1Q VID Add Entry Figure 4 7 4 Access Control List add new ACL entry The Page contains the following fields Entry Name Defines a new user defined IP based ACL e Priority Indicates the priority of ACL entry The largest value have highest priority The range is from O to 65535 And Different ACL entries can t have the same priority IP ACL e SIP Matches the source port IP address to which packets are addressed to the ACE And it s Source IP Address format is w x y z 90 e MASK e DIP Destination IP Address e MASK e SRC Port e DST Port Packet Type e MAC SA e MASK e MAC DA e Ether Type e 802 1Q VLAN ID e Add Entry User s Manual of WGSW 48000 Defines the source IP address mask Matches the destination port IP address to which packets are addressed to the ACE And it s format is w x y Z Defines the destination IP address mask Defines the TCP UDP source port to which the ACE is matched This field is active only if 800 6 TCP or 800 17 UDP is selected in the Select from List drop down menu The possible field range is 0 65535 Defines the TCP UDP destination port This field is active only if 800 6 TCP or 800 17 UDP is selected in the Select from List drop down menu The possible field range is 0 65535 Where selects from a protocols li
92. Description This command is used to specify flash log notify level Syntax log logging target flash enable disable Parameters enable disable Mode Privileged Mode log logging target console Description This command is used to specify console log notify level Syntax log logging target console enable disable Parameters enable disable Mode Global Config log logging target server name lt WORD gt Description This command is used to specify console log notify level Syntax log logging target server name lt WORD gt enable disable Parameters enable disable Mode Global Config 207 User s Manual of WGSW 48000 radius server ip Description This command is used to configure radius server Syntax radius server ip lt P addr gt Parameters lt IP addr gt Mode Global Config static address This command is used to specify static address static address add Description This command is used to add static mac address Syntax static address add lt mac addr gt vid lt vlan 1D gt port lt port ID gt Parameters lt mac addr gt vid lt vlan ID gt port lt port ID gt Mode Global Config static address delete Description This command is used to delete static mac address Syntax static address delete lt mac addr gt vid lt vlan D gt Parameters lt mac addr gt vid lt vlan D gt Mode Global Config 208 User s Manual of WGSW 48000 User s Manual of WGSW 48000 6 3
93. EAA E ANE A ETO E E A 225 SOtIGMP PlOXY OS 225 User s Manual of WGSW 48000 AE A O 225 set static mcast name lt WORD gt add Vid ooooooccccconoccnonononanononcncnano conc nono cnn nan nn rr canon nr nn n nn nn rnnn rare rr 225 set static mcast name lt WORD gt delete siinne ene eeeeenneeeeeeeeeeeseeeeeeeaaeeeceeaaeeeeeeeeeesaeeesesaeeeseeeeeneneeeeeeaas 226 6 351 2 SNMP Commanders sca O OO TN 226 SNMP NOY o iii ia eee oh ese ba id oe ee ee oes 226 SNMP Group Adios A i el Bate Ret Aga A IA aN Ae nee 226 SNMP Group delete union datada 227 SAMP USA ai A a Alar 227 snmp user ld aie ede tii esl ete eet ee eed eesti te eine es 227 SAMP COMMUMILYZAGM iria 228 snmp COMMUNITY deletei e a ai 228 snmp trapstation add lt ip addr gt community lt community name gt type bootup trap VersiON oooooccccnnnnicocccnccccannn 228 snmp trapstation add lt ip addr gt community lt community name gt type linkchange trap version sece 229 snmp trapstation add lt ip addr gt community lt community name gt type both trap version cceeeeeeeseeeeeees 229 snmp trapstation add lt ip addr gt community lt community name gt type none trap VersiOn cceeeeeeeeeeeeeeeees 229 snmpitrapstation delete i 25 taht A A ii 229 6 3 13 SNTP Command muii i 230 SAMP oi ida 230 sntp localtime ssena AA id ds 230 Sntp localtimesenable EEE A EA EET 230 sntp localtime localtime date ii s 230 stp sener enables A io 231 ALA eo o rsson aa O
94. ED 2 0 CS IEC 61000 4 6 2006 ED 2 2 Magnetic Field IEC 61000 4 8 2001 ED 1 1 Voltage Disp IEC 61000 4 11 2004 ED 2 0 Responsible for marking this declaration if the Manufacturer O Authorized representative established within the EU Authorized representative established within the EU if applicable Company Name Planet Technology Corp Company Address 11F No 96 Min Chuan Road Hsin Tien Taipei Taiwan R O C Person responsible for making this declaration Name Surname Kent Kang Position Title Product Manager K en ent A Taiwan 3 Jan 2009 i Place Date Legal Signature PLANET TECHNOLOGY CORPORATION e mail sales planet com tw http www planet com tw 11F No 96 Min Chuan Road Hsin Tien Taipei Taiwan R O C Tel 886 2 2219 9518 Fax 886 2 2219 9528
95. Event Type Last Time Sent Owner Figure 4 12 5 RMON Event Log screenshot The page includes the following fields Object Description e Index Indicates event entry index value e Event Type Indicates the entry event type 1 None 2 Log 3 Trap 4 Log and Trap e Last Time Sent Indicates the value of sysUpTime at the time this event entry last generated an event by xxD xxH xxM xxS format Owner Indicates the entry creator 159 User s Manual of WGSW 48000 RFC 2819 Each eventEntry may optionally specify that a log entry be created on its behalf whenever the event occurs 4 12 5 RMON Alarm In this table overview every valid entry will be listed in the same page to help user to get the overview image on each control entry setting 802 1X Statistic RMON Statistic RMON Event RMON EventLog RMON History Index Interval Second Source Interface Unassigned v Variable Unassigned v Sample Type Absolute v Startup Alarm Rising Threshold v Rising Threshold Falling Threshold Rising Event 0 None Unassigned v Falling Event 0 None Unassigned v Owner Show Alam Table Figure 4 12 6 RMON Alarm screenshot The page includes the following fields Object Description e Index Indicates the alarm entry index value e Interval Second The interval in seconds over which the data is sampled and compared with the rising and falling thresholds
96. M PLANET Networking amp Communication WGSW 48000 48 Port 10 100 1000Mbps with 4 Shared SFP Layer 2 Managed Ethernet User s Manual of WGSW 48000 Trademarks Copyright PLANET Technology Corp 2009 Contents subject to which revision without prior notice PLANET is a registered trademark of PLANET Technology Corp All other trademarks belong to their respective owners Disclaimer PLANET Technology does not warrant that the hardware will work properly in all environments and applications and makes no warranty and representation either implied or expressed with respect to the quality performance merchantability or fitness for a particular purpose PLANET has made every effort to ensure that this User s Manual is accurate PLANET disclaims liability for any inaccuracies or omissions that may have occurred Information in this User s Manual is subject to change without notice and does not represent a commitment on the part of PLANET PLANET assumes no responsibility for any inaccuracies that may be contained in this User s Manual PLANET makes no commitment to update or keep current the information in this User s Manual and reserves the right to make improvements to this User s Manual and or to the products described in this User s Manual at any time without notice If you find information in this manual that is incorrect misleading or incomplete we would appreciate your comments and suggestions FCC W
97. MP Group Profile page SNMP Version Indicates the SNMP version of the user e Authentication Type Indicates the authentication protocol that this entry should belong to Possible authentication protocol are e None None authentication protocol MDS5 An optional flag to indicate that this user using MD5 authentication protocol The value of security level cannot be modified if entry already exist That means must first ensure that the value is set correctly e Key A string identifying the authentication pass phrase For MD5 authentication protocol the allowed string length is 8 to 32 The allowed content is the ASCII characters from 33 to 126 e Privacy Protocol Indicates the privacy protocol that this entry should belong to Possible privacy protocol are None None privacy protocol e DES An optional flag to indicate that this user using DES authentication protocol e Privacy Password A string identifying the privacy pass phrase The allowed string length is 8 to 32 and the allowed content is the ASCII characters from 33 to 126 126 User s Manual of WGSW 48000 4 9 4 Community Profile Configure SNMP communities table on this page The entry index key is Community The SNMP Communities Configuration screen in Figure 4 9 5 and Figure 4 9 6 appears Group Profile User Profile SNMP Trap Station communio TEE Community ID Community String Group Name Remote Station IP 1 public Group_
98. Managed Switch without turn off and on the power The following is the summary table of Reset button functions Reset Button Pressed and Released Function About 1 3 second Reboot the Managed Switch Reset the Managed Switch to Factory Default configuration The Managed Switch will then reboot and load the default settings as below Until the PWR LED lit off Default Password admin Default IP address 192 168 0 100 Subnet mask 255 255 255 0 Default Gateway 192 168 0 254 27 User s Manual of WGSW 48000 2 1 2 LED Indications The front panel LEDs indicates instant status of port links data activity system operation and system power helps monitor and troubleshoot when needed WGSW 48000 LED indication WGSW 48000 48 Port Gigabit Managed Switch Figure 2 3 WGSW 48000 LED panel Function Lights to indicate that the Switch is powered on Blink to indicate the System is running under booting procedure KM 10 100 1000Base T interfaces LED 1000 LNK ACT Color Function Lights To indicate the link through that port is successfully established with speed 1000Mbps Blink To indicate that the switch is actively sending or receiving data over that port Off If L10 100 NK ACT LED light gt indicate that the port is operating at 10Mbps or 100Mbps If LNK ACT LED Off gt indicate that the port is link down Lights To indicate the link through that port is successfully established with speed 10Mbps or
99. Mode Global Config dos ports dos ports smurf Description This command enables and disables Smurf TYPR attack prevention 249 User s Manual of WGSW 48000 User s Manual of WGSW 48000 Syntax dos ports smurf enable disable Parameters enable disable Mode Global Config dos ports ping flooding Description This command enables and disables ping flooding type attack prevention Syntax dos ports ping flooding enable disable Parameters enable disable Mode Global Config dos ports synack flooding Description This command enables and disables SYNACK flooding type attack prevention Set rate is 64 kbps or 128kbps for port lists 1 3 5 7 9 11 Syntax dos ports synack flooding enable disable rate 64 128 lt port list gt Parameters enable disable 64 128 lt port list gt Mode Global Config Example Switch lt Config gt dos ports synack flooding enablerate 64 1 4 Switch lt Config gt dos ports synack flooding enablerate 64 5 tacplus authen_type Description This command is used to set authentication type There are three types for selecting local tacplus localandtacplus Syntax 250 User s Manual of WGSW 48000 tacplus authen_type local tacplus localandtacplus Parameters local tacplus localandtacplus Mode Global Config tacplus add server Description This command is used to add a new TACACS server and set server IP address priority key string
100. O O CLEAR Console FE El Save Settings Figure 4 11 9 Logs Settings The page includes the following fields Object Description e Level Indicates the severity of the logs e ACTION Click on hyperlink Clear Logs will erase the logs 4 11 10 Log Server The Global Log Parameters page contains fields for enabling logs globally and fields for defining log parameters The Severity log messages are listed from the highest severity to the lowest Event messages have a unique format as per the SYSLOG RFC recommended message format for all error reporting For example Syslog local device reporting Messages are assigned a severity code and include a message mnemonic which identifies the source application generating the message Messages are filtered based on their urgency or relevancy The 146 User s Manual of WGSW 48000 severity of each message determines the set of event logging devices to which are sent for each event logging device The following table contains the Log Severity Levels Severity Type Severity Description Example Level Emergency 0 The system is not functioning Memories overflow Alert 1 The system needs immediate attention Main system memory pool overflow Critical 2 The system is in a critical state Cannot bind to SNMP Error 3 A system error has occurred Failed to delete entry Warning 4 A system warning has occurred Port down Notice
101. OF CONETNTS 1 INTRODUTION iia 20 11s Packet Contes A A eey ev eve studvenecsvervateetseuntenecdetene 20 12 Product DESCriPtlOn 20 1 3 How to US ThiS Manual ii 21 1 4 Product Features i aiii a a na 23 1 5 Product Specification e r edi aie cons Ca Mae Seve dee aten clave ded a a Aa a aaa EEEa Ae rare Aae anda Nenana 25 2 INSTALLATION cas scscscspacs oes eee as coe essa ec ew esc cb ice cnts ee cag eee 27 2 1 Hardware Description sasacouterecagseanneced aveceusesshicodperraces 27 PASA entaleuds aoar eh eaae e nds ae eaa aT aaa E aa og ca teuabt chess avtavaat Si enee Eea aE REET can 27 2 VA LED AINGICAtONS ata a o E EE A AAA 28 2 1 3 Switch Rear Panel ooonniii adeirid iiidid daada dudi deseesecdeadugecdedvedecdaegageadedeucaecaeesdesencadencveesucedateecceesveeaed 29 LLOSA MAA T 30 22 1 Desktop Installation oia diia 30 2 2 2 Rack MOUN Gie aaa A ae ee ee dd 31 2 2 3 Installing the SFP TranscelvVer iooocconccininom eee 32 3 SWITCH MANAGEMENT ccccccesseeeeeeeeeeeeeeeeeneeeeeeeeneeeeeeeeseeeeeaueneeseeeeaseeeseoaneesseaeneees 35 FAN REQUIFEMENIS iii ia a aa di 35 3 2 Management Access OverVie Wenn 36 S SAAMINIstration CONSOlC Ei cccecccicscatseeiatencsdcecaceueeecentadeenascasieacedetersascacieatedesusacatasicacedveadeiatcesecteaeseiaeatecieeseaeas 36 34 Web Management iii tri 38 3 5 SNMP Based Network Manageme ntht ccsecccceseeeeeeseeeeeeeeeeeeseeeneeeeeeeneeeeeeeseaesesesneaeseseseaeseseseaese
102. POL control frame e Secret Key String It is a string used by the RADIUS server as a password to identify EAPOL control frames 4 7 5 TACACS TACACS Terminal Access Controller Access Control System Plus is a protocol which provides access control for routers network access servers and other networked computing devices via one or more centralized servers TACACS provides separate authentication authorization and accounting services TACACS is based on TACACS but in spite of its name it is an entirely new protocol which is incompatible with any previous version of TACACS TACACS and RADIUS have generally replaced the earlier protocols in more recently built or updated networks although TACACS and XTACACS are still running on many older systems Whereas RADIUS combines authentication and authorization in a user profile TACACS separates the two operations Another difference is that TACACS uses the TCP while RADIUS uses the UDP Most administrators recommend using TACACS because TCP is seen as a more reliable protocol The extensions to the TACACS protocol provide for more types of authentication requests and more types of response codes than were in the original specification The TACACS server configuration screen in Figure 4 7 18 appears Port Security ACL 802 1X RADIUS Storm Controli pp gt I Authentication Type Local x TACACS Server ADD Server IP Address Authentication Timeout Port for Retry
103. RP for dynamic VLAN Management Up to 255 VLANs groups out of 4041 VLAN IDs Private VLAN Edge PVE supported Management VLAN O Support Link Aggregation up to 14 trunk groups up to 8 ports per trunk group with 1 6Gbps bandwidth Full Duplex Mode IEEE 802 3ad LACP Link Aggregation Control Protocol Cisco ether channel Static Trunk O Spanning Tree Protocol STP IEEE 802 1D Classic Spanning Tree Protocol _RSTP IEEE 802 1w Rapid Spanning Tree Protocol MSTP IEEE 802 1s Multiple Spanning Tree Protocol spanning tree by VLAN O Port Mirroring to monitor the incoming or outgoing traffic on a particular port many to many Quality of Service O 4 priority queues on all switch ports O Traffic classification IEEE 802 1p CoS IP TOS DSCP IP Precedence Port Based QoS DSCP remarking based on ACL Strict priority and Weighted Round Robin WRR CoS policies O Supports QoS and In Out bandwidth control on each port Oa 23 E Multicast O O Support IGMP Snooping v1 and v2 IGMP Querier IGMP Proxy IGMP Immediately Leave support a Security 0400000005010 IEEE 802 1x Port Based Authentication Build in RADIUS client to co operate with the RADIUS servers TACACS login users access authentication IP Based Access Control List ACL MAC Based Access Control List Port Security Supports DHCP Snooping Supports Dynamic ARP Inspection Supports IP Source Guard Supports Auto Dos Management
104. SE SX SFP transceiver Multi mode 850nm 220m 550m E MGB LX SFP 1000BASE LX SFP transceiver Single mode 1310nm 10km Hi MGB L30 SFP 1000BASE LX SFP transceiver Single mode 1310nm 30km E MGB L50 SFP 1000BASE LX SFP transceiver Single mode 1310nm 50km Hi MGB LA10 SFP 1000BASE LX SFP transceiver WDM Single mode TX 1310nm RX 1550nm 10km Hi MGB LB10 SFP 1000BASE LX SFP transceiver WDM Single mode TX 1550nm RX 1310nm 10km It recommends using PLANET SFPs on the Managed Switch If you insert a SFP transceiver that is BA not supported the Managed Switch will not recognize it Note Before connect the other Managed Switches workstation or Media Converter 1 Make sure both side of the SFP transceiver are with the same media type for example 1000Base SX to 1000Base SX 1000Bas LX to 1000Base LX Check the fiber optic cable type match the SFP transceiver model gt To connect to 1000Base SX SFP transceiver use the Multi mode fiber cable with one side must be male duplex LC connector type gt To connect to 1000Base LX SFP transceiver use the Single mode fiber cable with one side must be male duplex LC connector type Connect the fiber cable Attach the duplex LC connector on the network cable into the SFP transceiver Connect the other end of the cable to a device switches with SFP installed fiber NIC on a workstation or a Media Converter Check the LNK ACT LED of the
105. Specifies trust mode to DSCP on the device e IP Precedence Specifies trust mode to IP Precedence on the device e Update Changes the priority map Note before you click Save Settings theses change will not be saved E DSCP mode configuration Queue Settings Port based QoS Rate Control DSCP Remark Mode DSCP Value Assigned Priority O Queue 1 v Update Save Settings DSCP Value Assigned Priority DSCP Value Assigned priority 00 0 32 4 01 0 33 4 02 0 34 4 03 0 35 4 04 0 36 4 05 0 37 4 06 0 38 4 07 0 39 4 08 1 40 5 09 1 41 5 10 1 42 5 Figure 4 8 5 DSCP mode configuration page screenshot E iP Precedence mode configuration Queue Settings 802 1P Port based QoS Rate Control DSCP Remark Mode IP Precedence v IP Precedence Assigned Priority O Queue 1 vw Update Save Settings IP Precedence Assigned Priority WWI Ny aloo Figure 4 8 6 IP Precedence mode configuration page screenshot 116 User s Manual of WGSW 48000 4 8 3 802 1P QoS settings allow customization of packet priority in order to facilitate delivery of data traffic that might be affected by latency problems When CoS 802 1p Tag Priority is applied the Managed Switch recognizes 802 1Q VLAN tag packets and extracts the VLAN tagged packets with User Priority value a 802 1Q Tag and 802 1p priority User P
106. SubType Port ID Port Description 10 30 4f 48 0 2 PLANET WGSW 48000 Version FW 2 01 Port 1 0 30 4f 48 0 3 PLANET WGSW 48000 Version FW 2 01 Port t 2 io 30 4f 48 0 4 PLANET WGSW 48000 Version FW 2 01 Port 3 lo 30 4f 48 0 5 PLANET WGSW 48000 Version FW 2 01 Port 4 TS in gt C3 INS E 10 30 4 48 0 7 PLANET WGSW 48000 Version FW 2 01 Port 6 10 30 4f 48 0 6 PLANET WGSW 48000 Version FW 2 01 Port t5 Figure 4 10 3 Local Information The LLDP port settings relate to the currently selected stack unit as reflected by the page header Object Description Chassis ID SubType Identifies the chassis containing the IEEE 802 LAN entity associated with the transmitting LLDP agent There are several ways in which a chassis may be identified and a chassis ID subtype is used to indicate the type of component being referenced by the chassis ID field The Managed Switch uses MAC Address as Chassis ID Chassis ID The Chassis ID is the identification of the Managed Switch s LLDP frames System Name Optional TLV When checked the system name is included in LLDP information transmitted System Description Optional TLV When checked the system description is included in LLDP information transmitted System Capabilities Optional TLV When checked the system capability is included in LLDP information t
107. System Contact Help Logout Figure 4 1 3 Default main page Now you can use the Web management interface to continue the switch management or manage the Managed Switch by Web interface The Switch Menu on the left of the web page let you access all the commands and statistics the Managed Switch provides 1 It is recommended to use Internet Explore 6 0 or above to access Managed Switch The changed IP address take effect immediately after click on the Save button you need to use the new IP address to access the Web interface For security reason please change and memorize the new password after this first setup Only accept command in lowercase letter under web interface 43 User s Manual of WGSW 48000 4 1 Main WEB PAGE The WGSW Managed Switch provides a Web based browser interface for configuring and managing it This interface allows you to access the Managed Switch using the Web browser of your choice This chapter describes how to use the Managed Switch s Web browser interface to configure and manage it Main Functions Menu Copper Port Link Status SFP Port Link Status WGSW 48000 CD PLANET EEHEHE EHHE EHHH a Q Network Management Time Settings Green Ethernet Port Welcome to PLANET WGSW 48000 48 Port Gigabit Managed Ethernet Switch VLAN Spanning Tree gt Multicast gt Security Device Name L2 Managed Switch Hardware Version BM3 Boot Version 1 1
108. Terminal emulation software ay ie RS 232 ME Serial Port EZ 38400 8 n 1 Serial Port Figure 3 1 Console management Direct Access Direct access to the administration console is achieved by directly connecting a terminal or a PC equipped with a terminal emulation program such as HyperTerminal to the Managed Switch console serial port When using this management method a straight DB9 RS 232 cable is required to connect the switch to the PC After making this connection configure the terminal emulation program to use the following parameters The default parameters are a 38400 bps a 8 data bits E No parity E 1 stop bit COM1 Properties Port Settings Bits per second EEE Data bits Parity Stop bits Flow control Figure 3 2 Terminal parameter settings 37 User s Manual of WGSW 48000 You can change these settings if desired after you log on This management method is often preferred because you can remain connected and monitor the system during system reboots Also certain error messages are sent to the serial port regardless of the interface through which the associated action was initiated A Macintosh or PC attachment can use any terminal emulation program for connecting to the terminal serial port A workstation attachment under UNIX can use an emulator such as TIP 3 4 Web Management The Managed Switch offers management features that allow users to manage the Managed Switch fr
109. W Obl ui 178 SHOW COU CONIC moriria air 179 SHOW dotIxradiUS gt A ete ees ae ae ieee tied bit A Gael Niele 179 show dot x Statistics Aaa 179 SHOW IGMPSNOOPING viii aia 179 show igmpsnooping dynamic_router_POrt oo ee eee eeeeeeeeeneeeceeeeeeeeseneeeeesaaeeeeeeaaeeeeeeeeeeeaeeeseeaeeesneeeesenaeeeeseaas 179 SNOW IQMPSNOOPING QOUPS ee eeeeeeeee cence ceeeneeeeeeeeeeeeeeeeeeeaaeeeceeeaeeeeneeeeeeaaeeeseeaaeeeseneeeesenaeeeseaeeeseneeeeseneeeeeeaas 180 Show IGMPSNOOPING INO iii baii 180 SHOW lag ssxivioteoi nda ethan AAA ene 180 ShoWlag lagarto idas 180 Showilag all lt ii a 180 SHOW Mp NA 181 User s Manual of WGSW 48000 Show Ildp Statistics see iiae e ae ada A E aa suedeneesigecushodee dbdgetendedsinueeeedaessteee 181 ShOW IldpsloCal EE E E E E is 181 sh owlldp MSa Perenn a deena di 181 OAIE A E O AS 181 SHOW IOGGING A een ee ee ee ee i 182 Show logging MeEMOry lOG 2 sceiescocee w se eeh coe ee dsb ded A ii doi 182 SHOW logging fash log ooodriorsinid at tdci 182 SHOW MONON e aiia At 182 SHOW Network iienaa a ee loaned N aa a ste cee eaa a E Ee eee eaat 182 a 183 show port Pordenone shadenvegentesuvtoeataetee 183 A OS 183 Show POrESCCU cia A Wea 183 showiport sec rity port ati A id ai did 183 show port security allri td litio 183 SHOW fatesliMt 22 5 cise eel ect A Ri 184 SHOW rate limit POrt acta 184 Show rate limitiall xcccci in A a A EAA Aa AEA AERAN 184 SHOW TUNMMING CONM Go athe Gece cette conte sten
110. a R A a A A A EAA 259 SSN GISADIC siii iii 259 ceken ae E CAE A E T E E TET 259 6 3 24 IP SQUTCE Guard Command isurpen nae EAE A EEE AA NENE EE E EE E A a 260 ipsregd enable coccion tac 260 IpSrEgA CISADI Ae E E A tasa 260 IPSHOGO POMS PEE EATE A T ai inte ETTET 260 A ean ene ee ee en ee en ein ei 260 IPSCO retry MOW A A O 260 ipsregd retry IntenValii iGs acca tila A IE 261 6 4 Interface Config mode COMMAMNAS coommccccnnnnicnnnnonnnnnnnarnrrn rr 261 Md t ocres 261 6 4 1 dotlx Command ii A shee ee i a ee a dd 261 Set 802 1x POrt CONtrOlh in nasrni sexton A eee gies Seats 261 lacp d se ta lalala 262 16 User s Manual of WGSW 48000 ACP Pri soii dai 262 o RN 262 d lpoiteena Herter rrr era creer er e rir tee nee eee ater ren era a e e Tre pene rer ere ee Ree rer er rT nacre 262 6 422 LEDP COMmMamned AAA 263 lldp state ii A A A ei 263 lldp notifications ys ii IA dp ds ii 263 O 263 02 EE tt A E E 264 A Sete escent ie eed rea le ee ed i ed ee ee 264 adM INMOdE iii aaa edades 264 AULO ME GON AS urinaria 265 O sick io ds nhs Staak Sed Ms fan hae TE rh Mas oe een ie Wes dors 265 flow control iii een ie Ae i ee ee 265 6 4 3 Port Security Command sristi iee niara ot 265 O E ET 265 port Secunity lock MOd s E ae 266 port security lock mode dynamic Max entries 24 00ccoocccccinoccononcncnononnnc nono cnn n nono cnn no nr r narran cnc 266 OS port based Pio da 266 Qos port based Status iii do idas 267 6 4 4 Rate limit Command A An
111. a loop It allows a maximum of 8 ports to be aggregated at the same time The Managed Switch support Gigabit Ethernet ports up to 14groups If the group is defined as a LACP static link aggregationing group then any extra ports selected are placed ina standby mode for redundancy if one of the other ports fails If the group is defined as a local static link aggregationing group then the number of ports must be the same as the group member ports The aggregation code ensures that frames belonging to the same frame flow for example a TCP connection are always forwarded on the same link aggregation member port Reording of frames within a flow is therefore not possible The aggregation code is based on the following information e Source MAC e Destination MAC e Source and destination IPv4 address e Source and destination TCP UDP ports for IPv4 packets Normally all 5 contributions to the aggregation code should be enabled to obtain the best traffic distribution among the link aggregation member ports Each link aggregation may consist of up to 8 member ports Any quantity of link aggregation s may be configured for the device only limited by the quantity of ports on the device To configure a proper traffic distribution the ports within a link aggregation must use the same link speed E Link Aggregation Port Configuration Link Aggregation Control Protocol LACP LACP LAG negotiate Aggregated Port links with other LACP ports located
112. ader that are encoded by certain applications and or devices to indicate the level of service required by the packet across a network DSCP are defined in RFC2597 for classifying traffic into different service classes The Managed Switch extracts the codepoint value of the DS field from IPv4 packets and identifies the priority of the incoming IP packets based on the configured priority 4 bit 4 bit 6 bit 2 bit VER 0100 Header Size De VLAN Destination Source Ethernet Type Preamble TAG Data FCS Address Address 0800 Optional 6 bytes 6 bytes 4 bytes 2 bytes 2 bytes 46 1517 bytes 4 bytes Figure 4 8 3 IPv4 frame format The DSCP is six bits wide allowing coding for up to 64 different forwarding behaviors The DSCP retains backward compatibility with the three precedence bits so that non DSCP compliant TOS enabled devices will not conflict with the DSCP mapping Based on network policies different kinds of traffic can be marked for different kinds of forwarding Queue Settings 802 1P Port basedQoS Rate Control DSCP Remark Mode Disabled v Disabled DSCP IP Precedence Figure 4 8 4 DSCP configuration page screenshot The page includes the following fields Object Description e Mode Specifies the advanced QoS mode to be used e Disable Disables advanced QoS mode on the device 115 User s Manual of WGSW 48000 e DSCP
113. affic to the same VLAN s either manually or dynamically using GVRP However if you want a port on this switch to participate in one or more VLANs but none of the intermediate network devices nor the host at the other end of the connection supports VLANs then you should add this port to the VLAN as an untagged port VLAN tagged frames can pass through VLAN aware or VLAN unaware network interconnection devices but the VLAN tags should be stripped off before passing it on to any end node host that does not support VLAN tagging 59 User s Manual of WGSW 48000 Hi VLAN Classification When the switch receives a frame it classifies the frame in one of two ways If the frame is untagged the switch assigns the frame to an associated VLAN based on the default VLAN ID of the receiving port But if the frame is tagged the switch uses the tagged VLAN ID to identify the port broadcast domain of the frame Hi Port Overlapping Port overlapping can be used to allow access to commonly shared network resources among different VLAN groups such as file servers or printers Note that if you implement VLANs which do not overlap but still need to communicate you can connect them by enabled routing on this switch Hi Untagged VLANs Untagged or static VLANs are typically used to reduce broadcast traffic and to increase security A group of network users assigned to a VLAN form a broadcast domain that is separate from other VLANs configure
114. aggregatiordelportlad siginn a io 203 ReRe AMMD Eea Tank lalo PEE EA E T ads Aa 203 RE AAA a ae ee E 203 lp disable icon aia at Acai abies Withee es eee oA adeeb heen bao e eater 203 WAP advainterVal corri ai dao ie ido iaa 204 Op TaSESTAM ME ii A E Ata 204 A 204 lldp notify sinterval tia ola alka aah ae 204 dp re init Aelay srsti ieie Aeolus Deeds DA 205 lldp tx delay da 205 ldap MIME AA di ei eno haa ain ee io ia ia 205 6 3 4 Log Command iii id 206 A afta E Sheet yea th Seman T E E E E bewedte beens fas tebuneres teoedevalgiteessdes T 206 A O eS at 206 log log server name lt WORD gt add 0000 0 eee ee eeneee cence eeeeneeeeeeaaeeeseeeeeeesaeeeeeeaaeeeseneeeeeeaeeeeseaaeeeseeeaeeesneeeesenaeeeeneaaees 206 log log server name lt word gt delete o oo ee ceeeceeeceeeeenneeeceeeaeeeeeeeeeeesaeeeeeeaaeeeseeeeeeeseaeeeeeeaeeeseeeeessieeeeesenaeeeeeenaees 206 log lOgging targets iia a lts 206 log logging target MEMO rie 207 User s Manual of WGSW 48000 log logging target fash oi a ea iini 207 log logging target console ic iii cats eidenteunseesounaneenseecenulverterbsuecgessubeeednmmtieg 207 log logging target server name lt WORDS ci cece cence eeenne ee nono ease eeneeeeeeaeeeseeeaeeeeeeneeeeeeaeeeseenaeeesneeeeeessateeeeenaes 207 TACIUS SEIVER O M asecuescuag NET 208 Static address adds ieee ie eee i ee ee ee ie 208 Static address delete iii ens ge Aes aves eee hs ee hee A ee a ie 208 6 325 MOMECOMMAN vurrciiocia dlls te
115. al for configuring the switch remotely Compatible with all popular browsers Can be accessed from any location Most visually appealing Communicates with switch functions at the MIB level Based on open standards Disadvantages Must be near switch or use dial up connection Not convenient for remote users Modem connection may prove to be unreliable or slow Security can be compromised hackers need only know the IP address and subnet mask May encounter lag times on poor connections Requires SNMP manager software Least visually appealing of all three methods Some settings require calculations Security can be compromised hackers need only know the community name Table 3 1 Management Methods Comparison 3 3 Administration Console The administration console is an internal character oriented and command line user interface for performing system administration such as displaying statistics or changing option settings Using this method you can view the administration console from a terminal personal computer Apple Macintosh or workstation connected to the switch s console serial port There are two ways to use this management method via direct access or modem port access The following sections describe these methods For more information about using the console refer to Chapter 5 Command Line Interface Console Management 36 User s Manual of WGSW 48000 WGSW 48000 Managed Switch PC Workstation with
116. allow you to configure RSTP port properties Property 4 5 3 MSTP The Multiple Spanning Tree Protocol MSTP algorithm and protocol provides simple and full connectivity for frames assigned to any given VLAN throughout a Bridged Local Area Network comprising arbitrarily interconnected Bridges each operating MSTP STP Clause 8 of IEEE Std 802 1D 1998 Edition or RSTP Clause 17 of IEEE Std 802 1D 1998 Edition MSTP allows frames assigned to different VLANs to follow separate paths each based on an independent Multiple Spanning Tree Instance MSTI within Multiple Spanning Tree MST Regions composed of LANs and or MST Bridges These Regions and the other Bridges and LANs are connected into a single Common Spanning Tree CST RSTP Port MSTP Port MSTP Instance MSTP Interface C Enable MSTP e Region Name Max 32 chars I Revision Level 0 65535 Max Age 6 40 sec Forward Delay 4 30 sec Max Hops 1 40 Figure 4 5 6 MSTP The page includes the following fields Object Description e Enable MSTP Enable or disable MSTP capability e Region Name Specifies the configuration region name The name string has a maximum length of 32 characters and is case sensitive e Revision Level Specifies the configuration revision level The range is 0 to 65535 e Max Age Configures the maximum age of the current bridge This is the maximum age of spanning tree protocol information le
117. ames It is located in front of the ingress queue POP3 is an acronym for Post Office Protocol version 3 It is a protocol for email clients to retrieve email messages from a mail server POP3 is designed to delete mail on the server as soon as the user has downloaded it However some implementations allow users or an administrator to specify that mail be saved for some period of time POP can be thought of as a store and forward service An alternative protocol is Internet Message Access Protocol IMAP IMAP provides the user with more capabilities for retaining e mail on the server and for organizing it in folders on the server IMAP can be thought of as a remote file server POP and IMAP deal with the receiving of e mail and are not to be confused with the Simple Mail Transfer Protocol SMTP You send e mail with SMTP and a mail handler receives it on your recipient s behalf Then the mail is read using POP or IMAP IMAP4 and POP3 are the two most prevalent Internet standard protocols for e mail retrieval Virtually all modern e mail clients and servers support both In a private VLAN communication between ports in that private VLAN is not permitted A VLAN can be configured as a private VLAN QCE is an acronym for QoS Control Entry It describes QoS class associated with a particular QCE ID There are six QCE frame types Ethernet Type VLAN UDP TCP Port DSCP TOS and Tag Priority Frames can be classified by one o
118. ameters lt 0 65535 gt Mode Global Config spanning tree forward time Description This configures the bridge forward delay parameter Syntax spanning tree forward time lt 4 30 gt Parameters lt 4 30 gt Mode Global Config spanning tree max age Description This command configures the bridge max age parameter Syntax spanning tree max age lt 6 40 gt 233 User s Manual of WGSW 48000 Parameters lt 6 40 gt Mode Global Config spanning tree max hops Description This command configure the number of hops in a region Syntax spanning tree max hops lt 1 40 gt Parameters lt 1 40 gt Mode Global Config spanning tree port spanning tree port all Description This command specifies RSTP capability for all ports Syntax spanning tree port all enable disable Parameters enable disable Mode Global Config spanning tree port cost Description This command configures RSTP port path cost Syntax spanning tree port cost lt 0 200000000 gt Parameters lt 0 200000000 gt Mode Global Config 234 User s Manual of WGSW 48000 spanning tree port priority Description This command configures RSTP port priority Syntax spanning tree port priority lt 0 24 gt Parameters lt 0 24 gt Mode Global Config spanning tree port edge Description This command configures STP edge Syntax spanning tree port edge enable disable ports lt port list gt Parameters enable disa
119. and network switches The LLDP MED TLVs advertise information such as network policy power inventory and device location details LLDP and LLDP MED information can be used by SNMP applications to simplify troubleshooting enhance network management and maintain an accurate network topology 4 10 1 LLDP Settings This page allows the user to inspect and configure the current LLDP port settings The LLDP settings screen in Figure 4 10 1 appears LLDP Statistics Localinformation Remote Information LLDP System Settings Change Settings LLDP Enabled Advertised Interval 5 32768 sec 30 Hold value 2 10 4 Re initialization Delay 1 10 sec 2 Transmit Delay 1 8192 sec 2 Notification Interval 5 3600 sec 5 MED Device Type Network Connectivity Fast Start Count 1 10 3 Management Address Transmit Ports 22 Figure 4 10 1 LLDP Settings screenshot The page includes the following fields Object Description e Advertised Interval The interval at which LLDP frames are transmitted on behalf of this LLDP agent e Hold value A multiplier to Advertised interval The result would be the TTL value for the information advertised e Transmit Delay The delay between successive LLDP frame transmissions initiated by value status changes in the local system 129 User s Manual of WGSW 48000 e Re initialization delay The minimum delay period before from the time a ports becomes disabled until
120. anning tree mst vlan sinnir aiii tai 237 spanning tree mst vlan lt MST ID gt lt vlan list gt add oooooonoccccconocaconocancnononcnonanonn nn nono cnn nar n nr nnno rr rra narran rr 237 Spanning Tree mst vlan lt MST ID gt lt vlan list gt delete oooocoonncnnnicinononocononacnnnnonnncnnnonn nn nano cnn rnnrn cnn rr 237 Spanning tree MSt pdg TT a ind 238 Spanning tree MSC dui aia 238 Spanning tree mst priority ui dada oa 238 E A A bewman Gaeta sabe ecshage seteait phewan then suhebt E E E TET 238 Interface A a beca 239 6 3 15 RMON Command iii iaa 239 MA o bid 239 MON een index tic A a ios 239 SA E 239 A eee ee ee ON 240 imon del event Index 4 2 sce 2 asks ene esl gent o ae ened een bench aie deh ater 240 mon Gel Alar INAS secs sees cuss ni oie tardar 240 6 3 6 Access list Command ita 240 access list name lt WORD gt add priOritY ooooonocccccnnocacononacanononcncnanonnnr nono cnn nao At rr naar rra rara 240 access list name lt WORD gt action urinda esi aceenesdenteecceeenndenbbeducneesene a aa AE Eaa 241 access list name lt WORD gt action deny isodi terisi teitei teste datensdoceteeuincensentdeevescus tii 241 access list name lt WORD gt action Permit ecceeeneeeeeeeeneeeeeeeeeeeeeeeeeeaaeeeseeeaeeeeeeeeeesaeeeseeaeeesneeeesenaeeeeseaas 241 access list name lt WORD gt Clear iii a seen eines eee aes 241 access list name lt WORD gt clears SRC lP oooioncccnococcnnnoccncnonancnnnonnncnnnonn nc nano cnn r nn nn rra AN rre rr
121. ar Description This command clears ACL entry contents access list name lt WORD gt clears SRC IP Description This command clears the source IP subnet mask filter Syntax access list name lt WORD gt clear SRC IP Mode Global Config 241 access list name lt WORD gt clears DST IP Description This command clears the destination IP subnet mask filter Syntax access list name lt WORD gt clear DST IP Mode Global Config access list name lt WORD gt clear L4port access list name lt WORD gt clear L4port SRC port Description This command clears TCP UDP source port filter Syntax access list name lt WORD gt clear l4port SRC port Mode Global Config access list name lt WORD gt clear l4port DST port Description This command clears TCP UDP destination port filter Syntax access list name lt WORD gt clear l4port DST port Mode Global Config access list name lt WORD gt clear packet type Description This command clears packet type filter Syntax access list name lt WORD gt clear packet type Mode Global Config access list name lt WORD gt clear mac SA Description This command clears a source mac address 242 User s Manual of WGSW 48000 Syntax Access list name lt WORD gt clear mac SA Mode Global Config access list name lt WORD gt clear MAC DA Description This command clears a destination mac address Syntax Access list name lt WORD gt clear mac DA Mode Global Co
122. arameters lt A B C D gt lt filename gt Mode Privileged Mode Example Switch copy system_image tftp 192 168 1 100 image_file copy tftp Description This command is used to download configuration or runtime image from host to switch Syntax copy tftp lt A B C D gt file lt filename gt nvram_config system_image Parameters lt A B C D gt file lt filename gt nvram_config system_image Mode Privileged Mode Example Switch copy tftp 192 168 1 100 file switch_configuration nvram_config Switch copy tftp 192 168 1 100 file runtime_code system_image exit Description This command is used to exit current shell Syntax exit Mode Privileged Mode help Description This command displayss help information Syntax help Mode 175 Privileged Mode logout Description This command is used to exit current shell Syntax logout Mode Privileged Mode ping Description This command is used to proceed ping destination host Syntax ping lt A B C D gt Parameters lt A B C D gt Mode Privileged Mode reload Description This command is used to reboot system Syntax reload Mode Privileged Mode save Description This command is used to save configuration Syntax save Mode Privileged Mode 176 User s Manual of WGSW 48000 6 2 3 Show Command This command is used to show configured data show qos Description This command displays class of service information show qos cos
123. arned from the network on any port before it 75 User s Manual of WGSW 48000 is discarded e Forward Delay Forward delay is a time value which controls how fast a port changes its state The value determines how long the port stays in each of the listening and learning states which precede the forward state This value is also used to age all dynamic entries in the forwarding databases when a topology change has been detected and is underway Note Max Age lt 2 Forward Delay 1 e Max Hops Specifies the number of hops in a region before the BPDU is discarded and the information held for a port is aged 4 5 4 MSTP Port RSTP RSTPPort MSTP MSTP Instance MSTP Interface MSTP Port Settings MSTP Port Priority amp Path Cost Settings Migration Check Figure 4 5 7 MSTP Port The page includes the following fields Object Description e MSTP Port Settings The MSTP Port Settings configure MSTP port parameters e Port Indicates the port numbers of the system e Edge Indicates if this port is the edge port Once configured as an edge port the port state immediately transitions from disable block to forwarding state 76 User s Manual of WGSW 48000 e P2P Indicates if this port is a point to point link If you connect a port to another port though a point to point link and the local port becomes a desig
124. arning This equipment has been tested and found to comply with the limits for a Class A digital device pursuant to Part 15 of the FCC Rules These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with the Instruction manual may cause harmful interference to radio communications Operation of this equipment in a residential area is likely to cause harmful interference in which case the user will be required to correct the interference at whose own expense CE Mark Warning This is a Class A product In a domestic environment this product may cause radio interference in which case the user may be required to take adequate measures WEEE Warning To avoid the potential effects on the environment and human health as a result of the presence of hazardous substances in electrical and electronic equipment end users of electrical and electronic equipment should understand the meaning of the crossed out wheeled bin symbol Do not dispose of E WEEE as unsorted municipal waste and have to collect such WEEE separately Revision PLANET 48 Port 10 100 1000Mbps with 4 Shared SFP Combo Managed Switch User s Manual FOR MODEL WGSW 48000 REVISION 1 0 APRIL 2009 Part No EM WGSW 48000 2081 A93180 000 User s Manual of WGSW 48000 TABLE
125. as fan 267 rate limit egress enable token DSIZe iinitan A at 267 rate limitegress disables oia a O Chane Sa 267 ratesliMitINOrESS ura tada 267 StOrMECONTTO std A alas 268 storm control TOA CAS iii ai 268 storm control broadcast Multicast oooooonnnccccononaconococcnononnncnnnannnn nono cnn nn rn n rro nn nn nn rre rra rre 268 storm control broadcast UMKMOWM miii iii 268 OMC Old aa 269 NONE iii AA A ee BE eee een a doe Ae 269 setigmp ToUter Porto 269 6 4 5 Spanning tree COMMANG ici ts A 270 SPANNING trES COST 2 cos ccs ce a A A Aa 270 Spanning tree edge ii aaa 270 Spanning tree force p2plink sensisse nnan A iaa des 270 Spanning tree migration check cuco bs 270 SPANMNING tES MSE COST 2s ws ese e Seecescac hee ees cadbesdectcals chee des iaa 271 Spanning tree mst priority isc weve sea elie p tie a chee 271 Spanning tree participations sana li ti aes Se phe e ed mo as 271 SPANNING trES Placido idol 272 6 40 VEAN Command ci Rea 272 vlan participation exclude vio lec ceee ste tesla tte a i ai a suvedcenesieddecsedeestsqedeesUeuiseseseceeesitee 272 User s Manual of WGSW 48000 Vian Particl PatlON annae cee eeeees sen ccee ede E dai 272 Man protected haat elk te el ive SE OO ht et Lod gli 273 AE NO 273 E TE oh O O OTE 273 Interfa c COMME hear bei healed Gl die ai sn eevee 273 7 SWITCH OPERATION fo ssissccscscsssdsiscessieieccssdsaedensisiacessdnsache sistaeeesdasacaucdstassucdesacasaceiacnasteescss 275 EA AAdress Table naii
126. ask addr gt Mode Global Config access list name lt WORD gt set mac mode mac DA Description This command specifies a destination mac address Syntax access list name lt WORD gt set mac mode mac DA lt mac addr gt lt mask addr gt Parameters lt mac addr gt lt mask addr gt Mode Global Config access list name lt WORD gt set mac mode ether type Description This command specifies the ether type of the packet Syntax access list name lt WORD gt set mac mode ether type ipv4 ARP xns Parameters ipv4 ARP xns Mode Global Config 246 User s Manual of WGSW 48000 access list name lt name gt set portlist Description This command is used to specify an acl entry to be work on a list of ports Syntax access list name lt name gt set portlist lt LINE port_id gt Parameters lt LINE port_id gt Mode Global Config 6 3 17 ARP Command arp dynamic Description This command enables and disables dynamic arp functions Syntax arp dynamic enable disable Parameters enable disable Mode Global Config arp dynamic aging time Description This command set arp dynamic aging time between Os and 999s 0 means disable Syntax arp dynamic aging time lt 0 999 gt Parameters lt 0 999 gt Mode Global Config arp dynamic ports Description This command set dynamic arp ports to trust and un trust Syntax 247 User s Manual of WGSW 48000 User s Manual of WGSW 48000
127. ast router on a sub network one router is elected as the queried This router then keeps track of the membership of the multicast groups that have active members The information received from IGMP is then used to determine if multicast packets should be forwarded to a given sub network or not The router can check using IGMP to see if there is at least one member of a multicast group on a given subnet work If there are no members on a sub network packets will not be forwarded to that sub network B Multicast Receiver Multicast a _ Switch Transmitter ae A re E EAS IPTV aaa Server Router Switch Switch C oe Multicast Switch Receiver Ch Multicast y Receiver p D Figure 4 6 1 Multicast Service User s Manual of WGSW 48000 Multicast Receiver B Multicast Switch Transmitter A IPTV Server Router Switch C Multicast Switch Receiver Multicast Receiver D Figure 4 6 2 Multicast flooding B Multicast Receiver Multicast IGMP Snooping Transmitter Switch A IPTV eae Router IGMP Snooping IGMP Snooping C Switch Switch I IGMP Snooping Multicast Switch Receiver Multicast Receiver D Figure 4 6 3 IGMP Snooping multicast stream control IGMP Versions 1 and 2 User s Manual of WGSW 48000 Multicast groups allow members to join or leave at any time IGMP provides the method for members and multicast routers to communicate when joining or lea
128. ation to configure and manage the Managed Switch such as SNMPc Network Manager HP Openview Network Node Management NNM or What s Up Gold This management method requires the SNMP agent on the switch and the SNMP Network Management Station to use the same community string This management method in fact uses two community strings the get community string and the set community string If the SNMP Net work management Station only knows the set community string it can read and write to the MIBs However if it only knows the get community string it can only read MIBs The default gets and sets community strings for the Managed Switch are public WGSW 48000 Managed Switch Oe SNMP Agent Status Enabled al ena PC Workstation Bis eE E with HAN a SNMP application g IP Address 192 168 0 x IP Address 192 168 0 100 Internet Intran Figure 3 4 SNMP management 39 User s Manual of WGSW 48000 3 6 Protocols The Managed Switch supports the following protocols a Virtual terminal protocols such as Telnet a Simple Network Management Protocol SNMP 3 6 1 Virtual Terminal Protocols A virtual terminal protocol is a software program such as Telnet that allows you to establish a management session from a Macintosh a PC or a UNIX workstation Because Telnet runs over TCP IP you must have at least one IP address configured on the Managed Switch before you can establish access to it with a virtual terminal
129. bal Config port all storm control Description Configure all ports storm control settings port all storm control disable Description This command disables storm control Syntax port all Storm Control disable Mode Global Config port all storm control broadcast Description This command configures storm control for broadcast only Syntax port all storm control broadcast lt value gt Parameters lt value gt Mode 218 User s Manual of WGSW 48000 Global Config port all storm control broadcast multicast Description This command configures storm control for broadcast and multicast Syntax port all Storm Control broadcast multicast lt value gt Parameters lt value gt Mode Global Config port all storm control broadcast unknown Description This command configures storm control for broadcast and unknown unicast Syntax port all storm control broadcast unknown lt value gt Parameters lt value gt Mode Global Config port all storm control all cast Description This command configures storm control for broadcast multicast and unknown unicast Syntax port all Storm Control all cast lt value gt Parameters lt value gt Mode Global Config 6 3 10 QoS Command qos qos advanced Description Configure qos advanced mode 219 User s Manual of WGSW 48000 qos qos advanced DSCP Description This command enables DSCP mode Syntax qos qos advanced DSCP Mode Globa
130. ble ports lt port list gt Mode Global Config spanning tree port force p2plink Description This command configures force point to point link mode on ports Syntax spanning tree port force p2plink auto enable disable ports lt port list gt Parameters auto enable disable lt port list gt Mode Global Config spanning tree port migration check Description This command Re checks the appropriate BPDU format to send on ports Syntax spanning tree port migration check enable disable ports lt port list gt Parameters enable disable lt port list gt 235 User s Manual of WGSW 48000 Mode Global Config spanning tree port root guard Description This command is used to configure stp root guard Syntax spanning tree port root guard enable disable ports lt port list gt Parameters enable disable lt port list gt Mode Global Config spanning tree priority Description This command configures RSTP bridge priority value Syntax spanning tree priority lt 0 61440 gt Parameters lt 0 61440 gt Mode Global Config spanning tree mst Description Configure a multiple spanning tree instance spanning tree mst instance Description This command creates or removes a MST instance spanning tree mst instance add vlan Description This command creates a MST instance Syntax spanning tree mst instance add vlan lt vian list gt mstpid lt MST ID gt Parameters 236 User s Ma
131. bled any Non 1Q ingress frame will be dropped by this port e VLAN Ingress Filter Enable ingress filtering for a port by checking the box This parameter affects VLAN ingress processing If ingress filtering is enabled and the ingress port is not a member of the classified VLAN of the frame the frame is discarded By default ingress filtering is disabled no checkmark 64 User s Manual of WGSW 48000 4 4 6 GVRP When Switch GVRP is enabled you can modify the GVRP settings of multiple ports But if it s disabled GVRP will be disabled on all ports Click the Modify hyperlink to modify the GVRP settings of multiple ports when Switch GVRP is enabled On the port GVRP modification page you can enable disable GVRP on the port you specified Create VLAN VLAN Settings VLAN Port Port GVRP Mode Join Periods Leave Periods All Leave Periods Modify 01 Disabled 20 60 1000 Modify 02 Disabled 20 60 1000 Modify 03 Disabled 20 60 1000 Modify 04 Disabled 20 60 1000 Modify 05 Disabled 20 60 1000 Modify 06 Disabled 20 60 1000 Modify 07 Disabled 20 60 1000 Modify 08 Disabled 20 60 1000 Modify 09 Disabled 20 60 1000 Modify 10 Disabled 20 60 1000 Modify 11 Disabled 20 60 1000 Modify 12 Disabled 20 60 1000 Modify 143 Disabled 20 60 1000 Modify 14 Disabled 20 60 1000 Modify 15 Disabled 20 60 1
132. c instead of physical location End nodes that frequently communicate with each other are assigned to the same VLAN regardless of where they are physically on the network Logically a VLAN can be equated to a broadcast domain because broadcast packets are forwarded to only members of the VLAN on which the broadcast was initiated No matter what basis is used to uniquely identify end nodes and assign these nodes VLAN membership packets cannot cross VLAN without a network device performing a routing function between the VLAN The Managed Switch supports IEEE 802 1Q VLAN The port untagging function can be used to remove the 802 1 tag from packet headers to maintain compatibility with devices that are tag unaware 3 The Managed Switch s default is to assign all ports to a single 802 1Q VLAN named DEFAULT_VLAN As new VLAN is created the member ports assigned to the new VLAN will be removed from the DEFAULT_ VLAN port member list The DEFAULT_VLAN has a VID 1 This section has the following items a IEEE 802 1Q VLAN Enable IEEE 802 1Q Tag based VLAN group 4 4 2 IEEE 802 1Q VLAN In large networks routers are used to isolate broadcast traffic for each subnet into separate domains This Managed Switch provides a similar service at Layer 2 by using VLANs to organize any group of network nodes into separate broadcast domains VLANs confine broadcast traffic to the originating group and can eliminate broadcast storms in large networ
133. command is used to clear static multicast groups Syntax clear static mcast Mode Privileged Mode clear pass Description This command is used to restore administrator s password to factory default Syntax clear pass Mode Privileged Mode clear lacp Description This command is used to restore LAG and LACP configuration to factory default Syntax clear lacp Mode Privileged Mode clear logs Description This command is used to clear memory flash logs Syntax clear logs Mode 173 User s Manual of WGSW 48000 User s Manual of WGSW 48000 Privileged Mode clear vlan Description This command is used to delete all VLAN groups Syntax clear vian Mode Privileged Mode configuration Description Enter into Global Configuration mode Syntax configuration Mode Privileged Mode 6 2 2 Copy Command This command is used to upload file from switch to host or download file to switch from host copy nvram_config tftp Description This command is used to backup switch configuration Syntax copy nvram_config tftp lt A B C D gt file lt filename gt Parameters lt A B C D gt file lt filename gt Mode Privileged Mode Example Switch copy nvram_config tftp 192 168 1 100 file switch_configuration copy system_image tftp Description 174 User s Manual of WGSW 48000 This command is used to backup switch runtime image Syntax copy system_image tftp lt A B C D gt lt filename gt P
134. configuration 7 Click OK 8 When client has associated with the Managed Switch a user authentication notice appears in system tray Click on the notice to continue A NP CON DOET D Wireless Network Connection x Cickhereto enter your user name and password For the network PLANET AP Figure 4 7 15 802 1x client port based authentication 100 User s Manual of WGSW 48000 9 Enter the user name password and the logon domain that your account belongs 10 Click OK to complete the validation process Wireless Network Connection User name test Password RAHELAAA Logon doman FAE LOCAL Figure 4 7 16 802 1x authentication dialogue window 4 7 4 RADIUS The RADIUS server is Remote Authentication Dial In User Service RADIUS defined in RFC2865 It is primarily used by ISPs who authenticate a username and password before authorizing use of the network The RADIUS server configuration screen in Figure 4 7 17 appears Port Security ACL 802 1X TACACS Storm Control RADIUS Server IP Address Authorization Port Secret Key String Save Settings Figure 4 7 17 RADIUS server configuration screenshot The page includes the following fields 101 User s Manual of WGSW 48000 Object Description e RADIUS Server IP Specifies the IP address of the RADIUS server Address e Authorization Port Specifies the UDP port number of the EA
135. cription This command specifies igmp query interval lt secs gt Syntax set igmp query interval lt 10 600 gt Parameters lt 10 600 gt Mode Global Config set igmp query resinterval Description This command specifies igmp query response interval lt secs gt Syntax set igmp query resinterval lt 0 200 gt Parameters lt 0 200 gt Mode Global Config set igmp robustness Description This command specifies robustness variable Syntax set igmp robustness lt 1 20 gt Parameters lt 1 20 gt Mode Global Config set igmp router port ports Description This command specifies igmp router port 224 User s Manual of WGSW 48000 Syntax set igmp router port ports lt port list gt Parameters lt port list gt Mode Global Config Example User s Manual of WGSW 48000 Switch config set igmp router port ports 1 10 set igmp querier Description This command configures igmp querier Syntax set igmp querier enable disable Parameters enable disable Mode Global Config set igmp proxy Description This command configures igmp proxy Syntax set igmp proxy enable disable Parameters enable disable Mode Global Config set static mcast Description Configure static multicast set static mcast name lt WORD gt add vid Description This command create a multicast group Syntax 225 User s Manual of WGSW 48000 set static mcast name lt WORD gt add vid lt v
136. ct information Syntax show loop_detect Mode Privileged Mode 196 User s Manual of WGSW 48000 telnet Description This command is used to telnet the other host Syntax telnet lt A B C D gt Parameters lt A B C D gt Mode Privileged Mode 197 User s Manual of WGSW 48000 6 3 Global Config mode commands exit Description This command is used to exit current shell Syntax exit Mode Global Config 6 3 1 VLAN Command This command is used to configure vlan vlan add Description This command is used to create a new vlan or some vlans vlan add number Description This command enter a vlan ID Syntax vlan add number lt v an D gt Parameters lt vian ID gt Mode Global Config vian add range Description This command enter a range of vlan ID Syntax vlan add range from lt vlan ID gt to lt vian ID gt Parameters lt vlan ID gt to lt vian ID gt Mode Global Config 198 User s Manual of WGSW 48000 vian delete Description This command remove a existed vlan Syntax vlan delete lt v an D gt Parameters lt vian ID gt Mode Global Config vian port Description This command is used to configure 802 1Q port parameters for vlans vian port all Description This command is used to configure all ports vian port all port configure Description This command is used to configure ports in a specific vlan Syntax vlan port all port configure lt vian D gt
137. curity function N A 32 __No Security function N A 09 No Security function N A 33 __No Security function N A 10 NoSecurityfunction N A 34 _ No Security function N A 11 No Security function N A 35 NoSecurityfunction N A 12 N Security function N A 36 NoSecurityfunction N A 13 NoSecurityfunction NA 37 NoSecurityfunction N A 14 N Security function N A 38 NoSecurityfunction N A 15 No Security function N A 39 NoSecurityfunction N A 16 No Security function N A 40 NoSecurityfunction N A Figure 4 7 2 Port Security current security table 4 7 2 ACL An ACL consists of a set of rules which are matched sequentially against a packet When a packet meets the match criteria of a rule the specified rule action Permit Deny is taken and the additional rules are not checked for a match On this menu the interfaces to which an ACL applies must be specified as well as whether it applies to inbound or outbound traffic Rules for the ACL are specified created using the ACL Rule Configuration menu ACL is an acronym for Access Control List It is the list table of ACEs containing access control entries that specify individual users or groups permitted or denied to specific traffic objects such as a process or a program Each accessible traffic object contains an identifier to its ACL The privileges determine whether there are specific traffic object access rights
138. d 802 2001 Network address networkAddress Interface name ifName IETF RFC 2863 Locally assigned locally assigned Table 4 10 1 Chassis ID Subtype C Table 4 10 2 System Capabilities 133 User s Manual of WGSW 48000 4 10 4 Remote Information This page provides a status overview for all LLDP neighbors The displayed table contains a row for each port on which an LLDP neighbor is detected The LLDP Neighbor screen in Figure 4 10 4 appears LLDP Settings LLDP Statistics Localinformation MSAP Entry Local Port Chassis ID SubType Chassis ID Port ID SubType Port ID Details Figure 4 10 4 Remote Information page screenshot The columns hold the following information Object Description e Local Port The port on which the LLDP frame was received e Chassis ID SubType Identifies the chassis containing the IEEE 802 LAN entity associated with the transmitting LLDP agent There are several ways in which a chassis may be identified and a chassis ID subtype is used to indicate the type of component being referenced by the chassis ID field e Chassis ID The Chassis ID is the identification of the neighbor s LLDP frames e Port ID SubType Indicates the basis for the identifier that is listed in the Port ID field e Port ID The Remote Port ID is the identification of the neighbor port 134 User s Manual of WGSW 48000 4 11 ADMIN The Admin section provides information for
139. d on the switch Packets are forwarded only between ports that are designated for the same VLAN Untagged VLANs can be used to manually isolate user groups or subnets However you should use IEEE 802 3 tagged VLANs with GVRP whenever possible to fully automate VLAN registration 3 Automatic VLAN Registration GVRP GARP VLAN Registration Protocol defines a system whereby the switch can automatically learn the VLANs to which each end station should be assigned If an end station or its network adapter supports the IEEE 802 1Q VLAN protocol it can be configured to broadcast a message to your network indicating the VLAN groups it wants to join When this switch receives these messages it will automatically place the receiving port in the specified VLANs and then forward the message to all other ports When the message arrives at another switch that supports GVRP it will also place the receiving port in the specified VLANs and pass the message on to all other ports VLAN requirements are propagated in this way throughout the network This allows GVRP compliant devices to be automatically configured for VLAN groups based solely on endstation requests To implement GVRP in a network first add the host devices to the required VLANs using the operating system or other application software so that these VLANs can be propagated onto the network For both the edge switches attached directly to these hosts and core switches in the network enable GVRP on
140. d provide link redundancy Port Config LACPProperty LAG Port Link Speed Group Member Status Duplex as NA Down 5 DE as N A Down Z 03 NIA Down 04 N A Down lt N A Down 4 06 N A Down LL HE N A Down 98 N A Down 2 EE as NIA Down E za N A Dom 11 NIA Down x 12 NIA Down a 13 NIA Down Z 14 NIA Down Figure 4 3 4 LAG Group The page includes the following fields Object Description e LAG Group Displays the LAG groups e Port Member Displays the ports that are members of this LAG e Link Status Displays the link status e Speed Duplex Display the connection speed and duplex User s Manual of WGSW 48000 4 4 VLAN 4 4 1 VLAN Overview A Virtual Local Area Network VLAN is a network topology configured according to a logical scheme rather than the physical layout VLAN can be used to combine any collection of LAN segments into an autonomous user group that appears as a single LAN VLAN also logically segment the network into different broadcast domains so that packets are forwarded only between ports within the VLAN Typically a VLAN corresponds to a particular subnet although not necessarily VLAN can enhance performance by conserving bandwidth and improve security by limiting traffic to specific domains A VLAN is a collection of end nodes grouped by logi
141. ddress 01000000000 Port 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 aaa aaa A aaa aa aa aaa a ae a Port 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 vd dl Flee soe ele hoe ANN A a EN E 00d E la A Figure 4 6 5 Static Multicast The page includes the following fields Object Description e Group Name Inserts a symbolic name for easy maintenance for this multicast group e VLAN ID Specifies a VLAN ID for this multicast group 1 4094 e MAC Address Specifies a L2 multicast address Format 01 XX XX XX XX XX e Port Specifies the multicast port members 4 6 3 Static Multicast Table The IGMP Static Multicast Table allowed the network administrator to assigning a specificy Multicast Group to a port The port is configured to send and receive all traffic for a particular mulcast group Usually the function is use to test the multicast protocols in the network or for the PC Laptop manufactory to pre install operation system via multicast There is maximum 128 static Multicast Groups are able to assign 84 User s Manual of WGSW 48000 Static Multicast The Maximum Number of Multicast Groups is 128 Group ID Group Name VLAN ID Multicast Address Member Port Modify Delete Figure 4 6 6 Static Multicast Table Static Multicast IGMP The Maximum Number of Multicast Groups is 128 Group ID Group Name VLAN ID Multicast Address Membe
142. ddress name and the supplicant s port number on the switch EAP is very flexible in that it allows for different authentication methods like MD5 Challenge PEAP and TLS The important thing is that the authenticator the switch doesn t need to know which authentication method the supplicant and the authentication server are using or how many information exchange frames are needed for a particular method The switch simply encapsulates the EAP part of the frame into the relevant type EAPOL or RADIUS and forwards it When authentication is complete the RADIUS server sends a special packet containing a success or failure indication Besides forwarding this decision to the supplicant the switch uses it to open up or block traffic on the switch port connected to the 92 User s Manual of WGSW 48000 supplicant 4 7 3 1 Understanding IEEE 802 1X Port Based Authentication The IEEE 802 1X standard defines a client server based access control and authentication protocol that restricts unauthorized clients from connecting to a LAN through publicly accessible ports The authentication server authenticates each client connected to a switch port before making available any services offered by the switch or the LAN Until the client is authenticated 802 1X access control allows only Extensible Authentication Protocol over LAN EAPOL traffic through the port to which the client is connected After authentication is successful normal traffic can
143. devining system parameters including User account and file management device software Under Admin the folling topics are provided to devine and view the system informatin Admin Password L2 Table Static Address Port Mirroting Admin Timeout Firmware Upgrade Reboot Save Configuration Logs Settings Log Server Memory Logs Flash Logs Ping Function Cable Diagnostic DHCP Relay DHCP Option 82 SelfLoop Detection BOOTP ConfigDownload 4 11 1 Admin Password The screen allows user to change the password of the administrator L2 Table Static Address Port Mirroring Old Password New Password Confirm New Password Figure 4 11 1 Admin Password 135 User s Manual of WGSW 48000 The page includes the following fields Object Description e Old Password Enter original password e New Password Enter a desired password to replace the original one e Confirm New Password Enter new password again for confirmation 4 11 2 L2 Table Switching of frames is based upon the DMAC address contained in the frame The Managed Switch builds up a table that maps MAC addresses to switch ports for knowing which ports the frames should go to based upon the DMAC address in the frame This table contains both static and dynamic entries The static entries are configured by the network administrator if the administrator wants to do a fixed mapping between the DMAC address and switch ports
144. dynamic or static address table will be authorized to access the network through that port If a device with an unauthorized MAC address attempts to use the switch port the intrusion will be detected and the switch can automatically take action by disabling the port and sending a trap message ACL 802 1X RADIUS TACACS Storm Control Port Security Mode Max Entries Show Security Thl Figure 4 7 1 Port Security main screen The page includes the following fields Object Description e Port Selects a specific port to configure e Security Mode Specifies the port security mode None Disable port security on the port Dynamic Determines dynamic learning mode with accept function e Max Entries It associates with Dynamic mode and indicates the maximum SA addresses can be learnt 0 24 on this port 87 User s Manual of WGSW 48000 Port Security Mode Max Entries Port Securiv Mode Max Entries Port Security Mode Max Entries 16 25 No Security function N A 02 o Security function N A 26 No Security function N A 03 No Security function N A 27 _ No Security function N A 04 No Security function NA 28 NoSecurityfunction N A 05 No Security function N A 29 __No Security function N A 06 No Security function N A 30 __No Security function N A 07 No Security function N A 31 __No Security function N A 08 No Se
145. e following fields Object Description e Scheduling Mode There are two available schedule mode e Strict Priority the packets in the higher queue will always be served first until the queue is empty e Weighted Round Robin the packets will be served according to the queue weight e Queue Indicates priority queues Queue 1 is the lowest priority queue and Queue 4 is the highest priority queue e Weight Indicates the weight number of packets to be served in the queue before moving to serve next queue A high priority queue should have a higher weight than a low priority queue 4 8 2 DSCP TOS DSCP priority is obtained through a 6 bit Type of Service TOS or Differentiated Service Code Point DSCP to 3 bit priority mapping The Type of Service TOS octet in the IPv4 header is divided into three parts Precedence 3 bits TOS 4 bits and MBZ 1 bit The Precedence bits indicate the importance of a packet whereas the TOS bits indicate how the network should make tradeoffs between throughput delay reliability and cost as defined in RFC 1394 The MBZ bit for must be zero is currently unused and is either set to zero or just ignored 114 User s Manual of WGSW 48000 me IPv4 Packet Header Type of Service Octet The four TOS bits provide 15 different priority values however only five values have a defined meaning DiffServ Code Point DSCP is the traffic prioritization bits within an IP he
146. e itself e Status indicates the enable disable status on this interface 156 802 1X Statistic Drop Events Received Bytes Received Packets Broadcast Packets Received Multicast Packets Received CRC amp Alignment Errors User s Manual of WGSW 48000 Undersize Packets Oversize Packets Fragments Jabbers Collisions Frames of 64 Bytes Frames of 65 to 127 Bytes Frames of 128 to 255 Bytes Frames of 256 to 511 Bytes Frames of 512 to 1023 Bytes Frames of 1024 to 1518 Bytes RMON Event RMON EventLog RM 04 Enabled 0 111971 70 10 A p P O 0 p 0 46 8 2 9 4 A Figure 4 12 3 Port detail RMON Statistic screenshot The port detail RMON statistic page includes the following fields Object Description Enable To enable disable this interface statistics counters Clear Counter Clear all counters on this interface and restart by zero Refresh Retrieves all counters in this page Drop Events indicates the drop event counted value Received Bytes indicates the Octets including error counted value Received Packets indicates the packets including error counted value Broadcast Packets Received indicates the Broadcasts packets counted value Multicast Packets Received indicates the Multicast packets counted value CRC amp Alignment Errors indicates the CRC amp Alignment errors counted
147. ecaeeeeeeeseeeeaees 218 port all storm control broadcast MultiCast cece eeeeeeeeenneeeeeeeeeeesaeeeeeeaaeeeceeeeeeesaeeeeseaaeeeseeeaeeenaeeeesenaeeeeeenaees 219 port all storm control broadcast UNKNOWN cooocccncoccccnononcnonononcnn nono nnnn nono nn nano nn rana 219 port all storm control alleCaS bi ccoo 219 CIAO Command ii a 219 o A O 219 GOS qos advanced DS CP a ida 220 qos qos advanced ip precedence cocidas 220 OS GOS AdVANCE Ea OIA e EEE TE error tandas 220 OS COS PO A ee i 220 GOS ASC iii A ana seen 220 qos port based port lt WORD gt Status oooooocccicococcnononcncnonncnnnnon cnc nano cnn rro n cnn narrar rre rre 221 o A O E 221 GOS Scheduling Strict 221 GOS SCHECUIING Wicca a a ne has 221 GOS IP PrOCOU SNCS irii nea ateetas date e seh radian ve oticn aa aiad aiias 222 JOS WITWOIO dt alas 222 gos dscp remark acl entry NAME iii ad dees 222 63 11 Set COMMANG iia da 223 sel MP ctas rra abastos tati ada 223 Setigmp enable A A A A A oan Nisei ee 223 Setigmp disable iii A eee 223 Set igMp laSt MEMberque ry cuco ce sundeeetiecentesooeetinedsesubeuednmeesteecssvenmeueeds AEE Eai 223 Setigmp lasttmemberco nt isisisi ii it is 223 setiigmp query intervall 0 cce5 cs EEOAE AAEE A TEE 224 Set iIgmp query resintervall ojo A A eee Ai ches 224 set igMp FODUSINESS aci A AA a in 224 SOtigMp TOUter POrt POMS iisiping inerea enian niiata eaae raene sacybeetescenespuacchetseh epsesgen ivbedeeatones 224 Aela oae EEE x x Sos EEE AE
148. eceived or when the entry ages out e Rx Frame Errors The number of received LLDP frames containing some kind of error e Rx Frames Total The number of LLDP frames received on the port e Rx Frames TLVs Discarded Each LLDP frame can contain multiple pieces of information known as TLVs TLV is short for Type Length Value If a TLV is malformed it is counted and discarded e Rx Frames TLVs Unrecognized The number of well formed TLVs but with an unknown type value e Rx Frames Ageouts 4 10 3 Local Information Each LLDP frame contains information about how long time the LLDP information is valid age out time If no new LLDP frame is received within the age out time the LLDP information is removed and the Age Out counter is incremented Use the LLDP Local Information screen to display information about the Managed Switch such as its MAC address chassis ID system capabilities system description management IP address and port information 131 LLDP Settings LLDP Statistics User s Manual of WGSW 48000 Remote Information Chassis ID SubType MAC Chassis ID 0 30 4f 48 0 1 System Name N A System Description PLANET WGSWW 48000 Version FW 2 01 System Capabilities Bridge Enabled Capabilities Bridge MED Device Type NIA Management Addresses Address Sub type Address Interface Sub type Interface Number OID 1 10 1 1 242 1 22 1 0 0 0 3 0 0 0 6 Port Port ID
149. ecessary Each port of the Switch supports auto MDI MDI X detection That means you can directly connect the Switch to any Ethernet devices without making a crossover cable The following table and diagram show the standard RJ 45 receptacle connector and their pin assignments RJ 45 Connector pin assignment Contact MDI MDI X Media Dependant Interface Media Dependant Interface Cross PE i 279 1 3 5 7 8 User s Manual of WGSW 48000 The standard cable RJ 45 pin assignment The standard RJ 45 receptacle connector There are 8 wires on a standard UTP STP cable and each wire is color coded The following shows the pin allocation and color of straight cable and crossover cable connection Straight Cable 1 2 3 4 5 6 7 8 POE 1 2 3 4 5 6 7 8 SIDE 2 Crossover Cable 1 2 3 4 5 6 7 8 SIDE 1 1 2 3 4 5 6 7 8 SIDE 2 SIDE 1 1 White Orange 2 Orange 3 White Green 4 Blue 5 White Blue 6 Green 7 White Brown 8 Brown SIDE 1 1 White Orange 2 Orange 3 White Green 4 Blue 5 White Blue 6 Green 7 White Brown 8 Brown SIDE2 1 White Orange 2 Orange 3 White Green 4 Blue 5 White Blue 6 Green 7 White Brown 8 Brown SIDE2 1 White Green 2 Green 3 White Orange 4 Blue 5 White Blue 6 Orange 7 White Brown 8 Brown Figure A 1 Straight Through and Crossover Cable Please make sure
150. ecimal string Each byte in hexadecimal character strings consists of two hexadecimal digits Each byte can be separated by a period or a colon The Engine ID must be defined before SNMPv3 is enabled For stand alone devices select a default Engine ID that is comprised of Enterprise number and the default MAC address Use Default Uses the device generated Engine ID It s defined per standard as First 4 octets first bit 1 the rest is IANA Enterprise number To locate the IANA Enterprise number by referring to the Vendor website or use the show SNMP 123 User s Manual of WGSW 48000 4 9 2 Group Profile The Group Profile screen provides information for creating SNMP groups and assigning SNMP access control privileges to SNMP groups Groups allow network managers to assign access rights to specific device features or features aspects The SNMP Groups Configuration screen in Figure 4 9 2 appears SNMP UserProfile Community Profile SNMP Trap Station cowo Ia Group ID Group Name SNMP Version Authentication Access a ai Group_v1 SNMPv1 _ Disabled RW Figure 4 9 2 Group Profile The page includes the following fields Object Description e Group ID Click on Group ID to edit or remove group e Group Name Indicates the name of the group which access control rules are applied The field range is up to 32 characters e SNMP Version Indicates the SNMP version of the group The Possible vers
151. ect a multicast queried for each LAN an explicit leave message and query messages that are specific to a given group The states a computer will go through to join or to leave a multicast group are shown below 82 User s Manual of WGSW 48000 Non Member Leave Group Leave Grou Stop Timer Join Group p Send Report Start Timer Query Received Start Timer Delaying Member Idle Member ying Report Received Stop Timer Timer Expried Send report Figure 4 6 4 IGMP State Transitions a IGMP Querier A router or multicast enabled switch can periodically ask their hosts if they want to receive multicast traffic If there is more than one router switch on the LAN performing IP multicasting one of these devices is elected querier and assumes the role of querying the LAN for group members It then propagates the service requests on to any upstream multicast switch router to ensure that it will continue to receive the multicast service Multicast routers use this information along with a multicast routing protocol such as DVMRP or PIM to support IP multicasting across the Internet 83 User s Manual of WGSW 48000 4 6 2 Static Multicast Static multicast groups provides a way to add and delete multicast addresses in the L2 address table Static Multicast Table IGMP Group Name T Max 8 characters VLAN ID 1 4094 MAC A
152. eeaeeesaeeeeeeaaeeeseeeaeeeseeeeeenaeeeseeaeeesnneeeened 73 A DARROW PROM este etek Ne EAS NOS 74 ADM TP a ons Sea ir ere AS elo ale oe ser de ela tao la ele ale oe ee a o 75 AIM PA o A Sah ea a aha ede rad i a 76 4 5 5 MSTP Instance wisi shelisel en en i ee iar 77 4 5 0 MSTP Interfaces coco A A chee eee ne Sate 78 AG MUNICASE ocio ra dd tev sce Nesstvideenste 80 4 6 1 IGMP SMOOPING iio ist 80 4 6 2 Static Mullins badca eea aiia nedee A getep a aoe eles E 84 4 6 3 Static Multicast Table oo iiaee erence ee enneeeeeeaaeeeeeeeaeeeeaeeeeeeaaeeeseeeaeeeseeeeeeeaeeeseaaeeesnieeeeesnaeeeseeaeeesnneeeened 84 4 6 4 IGMP ieee erences Aa Sa eee ates Que se hee A eed aaa aoe 86 AT SO CUMUCY A nn nce A N A E A E E 87 4 POM SOCUMILY acia iii a 87 O A o 88 ATS BOD o Seer 92 4 7 3 1 Understanding IEEE 802 1X Port Based Authentication oooooononcccnnnociconococnnononcncnanonnncnnnn cnn nnnnnn nana rra 93 4 7 3 2 802 1 Port Configuration viii ide 96 4 7 3 3 Windows Platform RADIUS Server Configuration oooonnonncnccnnnococcnnnonnnnnonannnnnonn conan nn nn rnnnn nn ran nr narnia 97 4 7 3 4 802 1X Client ConfiguratiON ooocoonnncccnonocicononccnnnnoncncnnnncnr nono unnt kA untk nano rr r nn nn n rre nr rre rnn rra 99 ATA RADIUS neni a ii 101 A125 TAGACS E E E E chy sa E E alee As A E E E E E 102 427 O Storm COMMON ATE dao E T 104 User s Manual of WGSW 48000 4 7 7 Management IP List 22 02 c2eccccccceceeegececcnce ia 105 AS AMO DOS
153. ement VLAN 1 STATIC IP 192 168 080 100 Netmask 255 255 255 0 Gateway 192 168 080 254 Switch configuration Switch Config network parms 192 168 1 100 255 255 255 0 192 168 1 1 Switch Config ANSIW 38400 8 N 1 Figure 5 3 Set IP address screen 5 Repeat Step 1 to check if the IP address is changed 6 On Switch prompt type Save to save the current configuration If the IP is successfully configured the Managed Switch will apply the new IP address setting immediately You can access the Web interface of WGSW Managed Switch through the new IP address If you do not familiar with console command or the related parameter enter anytime in console to get the help description 166 User s Manual of WGSW 48000 You can change these settings if desired after you log on This management method is often preferred because you can remain connected and monitor the system during system reboots Also certain error messages are sent to the serial port regardless of the interface through which the associated action was initiated A Macintosh or PC attachment can use any terminal emulation program for connecting to the terminal serial port A workstation attachment under UNIX can use an emulator such as TIP 5 2 Telnet login The Managed Switch also supports telnet for remote management The switch asks for user name and password for remote login when using telnet please use admin for us
154. ent the switch will drop the packet Because of the existence of the PVID for untagged packets and the VID for tagged packets tag aware and tag unaware network devices can coexist on the same network A switch port can have only one PVID but can have as many VID as the switch has memory in its VLAN table to store them Because some devices on a network may be tag unaware a decision must be made at each port on a tag aware device before packets are transmitted should the packet to be transmitted have a tag or not If the transmitting port is connected to a tag unaware device the packet should be untagged If the transmitting port is connected to a tag aware device the packet should be tagged E Default VLANs The Switch initially configures one VLAN VID 1 called default The factory default setting assigns all ports on the Switch to the default As new VLAN are configured in Port based mode their respective member ports are removed from the default M Assigning Ports to VLANs Before enabling VLANs for the switch you must first assign each port to the VLAN group s in which it will participate By default all ports are assigned to VLAN 1 as untagged ports Add a port as a tagged port if you want it to carry traffic for one or more VLANs and any intermediate network devices or the host at the other end of the connection supports VLANs Then assign ports on the other VLAN aware network devices along the path that will carry this tr
155. er name and password Port Numbers ANET WGSW 24646 Command Line Interface fon ea nnn WGSW 24048 t ee ee O I 4 1 t A O O O ttt 116112114116 to ee en O i 91111131151 4 4 H A A 118 126122 i241 e ee en ee 1171191211231 Password 125 help SWITCH gt or to get help 167 User s Manual of WGSW 48000 6 COMMAND LINE MODE The CLI groups all the commands in appropriate modes according to the nature of the command A sample of the CLI command modes are described below Each of the command modes supports specific software commands Mode based Command Hierarchy The Command Line Interface CLI groups all the commands in appropriate modes by the nature of the commands Examples of the CLI command modes are described below Each of the command modes supports specific switch s commands The CLI Command Modes table captures the command modes the prompts visible in that mode and the exit method from that mode Exit or Access Previous Command Mode Access Method Prompt Mode This is the first level of User Mode access Perform basic tasks COMMAND gt Enter Logout command and list system information From the User Mode enter To exit to the User Mode Privileged Mode Switch the enable command enter exit or Logout From the Privileged Mode To exit
156. es It is part of the Transmission Control Protocol Internet Protocol TCP IP protocol suite SNMP enables network administrators to manage network performance find and solve network problems and plan for network growth An SNMP managed network consists of three key components Network management stations NMSs SNMP agents Management information base MIB and network management protocol Network management stations NMSs Sometimes called consoles these devices execute management applications that monitor and control network elements Physically NMSs are usually engineering workstation caliber computers with fast CPUs megapixel color displays substantial memory and abundant disk space At least one NMS must be present in each managed environment Agents Agents are software modules that reside in network elements They collect and store management information such as the number of error packets received by a network element Management information base MIB A MIB is a collection of managed objects residing in a virtual information store Collections of related managed objects are defined in specific MIB modules network management protocol A management protocol is used to convey management information between agents and NMSs SNMP is the Internet community s de facto standard management protocol SNMP Operations SNMP itself is a simple request response protocol NMSs can send multiple requests without receiving a
157. es configuration screen e Priority Indicates actor port priority The port priority determines the active and standby links When a group of ports is negotiating with a group of ports on another device to establish a trunk group the port with the highest priority becomes the default active port The other ports with lower priorities become standby ports in the trunk group e Admin Key Indicates actor administration key for the port The LACP administration key must be set to the same value for ports that belong to the same LAG e LAG Group Indicates the LAG group ID if the port is the member of this LAG group e Status Summarizes the current LACP status for this port e LACP Port Priority Specifies actor port priority The port priority determines the active and standby links When a group of ports is negotiating with a group of ports on another device to establish a LAG group the port with the highest priority becomes the default active port The other ports with lower priorities become standby ports in the LAG group You can specify a priority from O to 65535 54 User s Manual of WGSW 48000 All information listed here is for reference only Please refer to IEEE 802 3ad for details 4 3 3 LAG Group Link Aggregated Groups optimize port usage by linking a group of ports together to form a single aggregated group Link aggregated groups multiply the bandwidth between the devices increase port flexibility an
158. es the amount of time the MAC address remains in the L2 table before it is timed out if no traffic from the source is detected Enter 0 means to disable aging too Clear L2 Dynamic Click on the button to clear the dynamic MAC address table Entries e Entry Indicates the sequence number for valid MAC address in the L2 address table e Source MAC Indicates the valid MAC address in the L2 address table e Port Indicates the port number e VLAN ID Indicates the VLAN ID the valid MAC address belongs to e Type Indicates the MAC address type either static or dynamic Reload L2 Table Retrieves current L2 address table L2 Entry Lookup 4 11 3 Static Address To seach if MAC existed in L2 Table by entering desired MAC and its VLAN ID and then click on Lookup button A static address can be assigned to a specific interface on this switch Static addresses are bound to the assigned interface and cannot be moved When a static address is seen on another interface the address will be ignored and will not be written to the address table see Figure 4 11 3 This Static Address page provides a way to add delete MAC addresses in the L2 address table Admin Password L2Table Static Addresse PortMirroring Admin Timeout Static Address ADD Entry Source MAC Port VLAN ID Delete Figure 4 11 3 Static Address The page includes the following fields Object Description e Add
159. eseeseeeeneaes 39 3 6 PrOlOCOIS A TT E cee cane enue caewetege notes secuueten T ccneeavteneleteeerenss 40 3 6 1 Virtual Terminal Protocols oca a A da eee aa 40 3 6 2 SNMP Protocol 2cccc cseccceccen cid decececccicecchsencecceccueestegeecedca Ai 40 3 6 3 Management Architecture comi a aia 40 4 WEB CONFIGURATION fc 2207 nets a tee A es 41 4 1 Main WEB PAGE ccoo rin dai 44 4 2 SVS ai a ali 46 User s Manual of WGSW 48000 42 1 System Informations aiieieo eei tues deectensuuedcneesccdensucecdessteeedes dude atia adea en dirade iaaea Seida 46 4 2 2 Network Management ccccccccececeeceeeeeeeeeeeae cece ee eae ttrt tnts cess ceesaaaeaeceeeeeaaaaeaeceeeegsaaaaeaeceseaeqesaeeeeeeeeeeeeaneeeeeeenees 47 4 23 TIME Setting ien Genk eee ead a ois Ee dea id 48 4 24 A A TEE O TAE E E E s veseneatnagbaeheste ceeds 49 AI Port Management aeieea anana AAA NATAR AAAA cx aaduededasecuecdacceeiseuseiaeen acduedegusesuecasueneteauseievenasgeededese 50 4 3 Port Configuration ii AA A ee i at 50 4 3 2 LACP Property uc A A ti dd 52 A323 LAG OU ridad cel pea 55 AON LEAN da 56 AAA VLAN Over Wes Ar 56 4 42 EEE BOLA LAN reas 56 44 3 Create VLAN A eae 61 4 AA VIEFAN Setting sesscstoset e eee iS 62 CW MILAN POM css 2s EE EE ct E EE ld citada ld 64 Bed 6 GVRP cet an a Sarena hth LEDO o Sd ian ne adh hee aD te acta athe Bie A e do 65 AS SPAMMING A OA 67 4 5 1 RSTP Rapid Spanning Tree Protocol 00 0 0 eeecceeeeneeeeeeeeeeeeeeeeeeeeaaeeese
160. ess Web Management Access SNMP Access Standards Protocols and Related Reading 3 1 Requirements Workstations of subscribers running Windows 98 ME NT4 0 2000 XP MAC OSS9 or later Linux UNIX or other platform compatible with TCP IP protocols Workstation installed with Ethernet NIC Network Interface Card Serial Port connect Terminal e Above PC with COM Port DB 9 RS 232 or USB to RS 232 converter Ethernet Port connect e Network cables Use standard network UTP cables with RJ45 connectors Above Workstation installed with WEB Browser and JAVA runtime environment Plug in It is recommended to use Internet Explore 6 0 or above to access Managed Switch 35 3 2 Management Access Overview User s Manual of WGSW 48000 The Managed Switch gives you the flexibility to access and manage it using any or all of the following methods E An administration console a Web browser interface An external SNMP based network management application The administration console and Web browser interface support are embedded in the Managed Switch software and are available for immediate use Each of these management methods has their own advantages Table 3 1 compares the three management methods Method Console Web Browser e SNMP Agent e Advantages No IP address or subnet needed Text based Telnet functionality and HyperTerminal built into Windows 95 98 NT 2000 ME XP operating systems Secure Ide
161. evention Global Port 1 C Apply settings to all ports Denial of Service Prevention Parameter 0 Prevent Smurf Attacks O Prevent Ping Flooding O64kbps O 128 kbps g Prevent SYN SYN ACK Flooding O 64 kbps 128 kbps Select Al Save Settings Figure 4 7 22 Advanced Auto DoS Attack Prevention screenshot 4 7 9 SSH SSH secure shell is a network protocol that allows data to be exchanged using a secure channel between two networked devices SSH was designed as a replacement for TELNET and other insecure remote shells which sent information notably passwords in plaintext leaving them open for interception The encryption used by SSH provides confidentiality and integrity of data over an insecure network such as the Internet SSH uses public key cryptography to authenticate the remote computer and allow the remote computer to authenticate the user if necessary SSH is typically used to log into a remote machine and execute commands An SSH server by default listens on the standard TCP port 22 Management IP List AutoDoS SSH DHCP Snooping Dynamic ARP C Enable SSH Save Settings Figure 4 7 23 SSH page screenshot 107 User s Manual of WGSW 48000 The page includes the following fields Object Description e Enable SSH Whether or not to activate the SSH daemon inside the switch Login will be denied if that deamon is inactive e Save Settings Save cu
162. f 4 different QoS classes Low Normal Medium and High for individual application QCL is an acronym for QoS Control List It is the list table of QCEs containing QoS control entries that classify to a 288 User s Manual of WGSW 48000 specific QoS class on specific traffic objects Each accessible traffic object contains an identifier to its QCL The privileges determine specific traffic object to specific QoS class QoS is an acronym for Quality of Service It is a method to guarantee a bandwidth relationship between individual applications or protocols A communications network transports a multitude of applications and data including high quality video and delay sensitive data such as real time voice Networks must provide secure predictable measurable and sometimes guaranteed services Achieving the required QoS becomes the secret to a successful end to end business solution Therefore QoS is the set of techniques to manage network resources RARP is an acronym for Reverse Address Resolution Protocol It is a protocol that is used to obtain an IP address for a given hardware address such as an Ethernet address RARP is the complement of ARP A router port is a port on the Ethernet switch that leads switch towards the Layer 3 multicast device In 1998 the IEEE with document 802 1w introduced an evolution of STP the Rapid Spanning Tree Protocol which provides for faster spanning tree convergence a
163. fter a topology change Standard IEEE 802 1D 2004 now incorporates RSTP and obsoletes STP while at the same time being backwards compatible with STP Samba is a program running under UNIX like operating systems that provides seamless integration between UNIX and Microsoft Windows machines Samba acts as file and print servers for Microsoft Windows IBM OS 2 and other SMB client machines Samba uses the Server Message Block SMB protocol and Common Internet File System CIFS which is the underlying protocol used in Microsoft Windows networking Samba can be installed on a variety of operating system platforms including Linux most common Unix platforms OpenVMS and IBM OS 2 289 User s Manual of WGSW 48000 Samba can also register itself with the master browser on the network so that it would appear in the listing of hosts in Microsoft Windows Neighborhood Network SHA is an acronym for Secure Hash Algorithm It designed by the National Security Agency NSA and published by the NIST as a U S Federal Information Processing Standard Hash algorithms compute a fixed length digital representation known as a message digest of an input data sequence the message of any length A shaper can limit the bandwidth of transmitted frames It is located after the ingress queues SMTP is an acronym for Simple Mail Transfer Protocol It is a text based protocol that uses the Transmission Control Protocol TCP and provides a mail
164. guration mode the operator can enter the Interface Configuration mode The command prompt at this level is Command Prompt Switch Config From the Global Config mode the operator may enter the following configuration modes Interface Config Mode Many features are enabled for a particular interface The Interface commands enable or modify the operation of an interface In this mode a physical port is set up for a specific logical connection operation The command prompt at this level is Command Prompt Switch Interface lt port gt 6 1 User Mode commands help Description This command displays help information Syntax help Mode User Mode logout Description This command is used to exit from the telnet Syntax logout Mode User Mode ping Description This command sends echo messages 169 Syntax ping lt A B C D gt Parameters lt A B C D gt Mode User Mode show port Description This command displays port status Syntax show port lt port gt all Parameters lt port gt all Mode User Mode show network Description This command displays switch IP configuration Syntax show network Mode User Mode show system Description This command displays system information Syntax show system Mode User Mode show port statistics Description This command displays port statistics Syntax show port statistics lt port gt all 170 User s Manual of WGSW 48000
165. his command changes management vlan Syntax network mgmt vlan lt vian D gt Parameters lt vian ID gt Mode Global Config 212 network parms Description This command configures static IP address of the switch Syntax network parms lt P addr gt lt subnet mask gt lt gateway gt Parameters lt IP addr gt lt subnet mask gt lt gateway gt Mode Global Config network protocol Description This command configure switch dhcp client Syntax network protocol dhcp none Parameters dhcp none Mode Global Config network dhcp relay Description Configure switch dhcp relay functions network dhcp relay mode Description This command configures dhcp relay mode Syntax network dhcp relay mode enable disable Parameters enable disable Mode Global Config network dhcp relay server Description This command configures dhcp relay server ip address Syntax 213 User s Manual of WGSW 48000 network dhcp relay server lt A B C D gt Parameters lt A B C D gt Mode Global Config network dhcp relay vlan Description Configure dhcp relay option 82 vian information network dhcp relay vlan lt vian ID gt add Description This command enters a vlan which will be enable DHCP relay option82 Syntax network dhcp relay vlan lt v an D gt add Mode Global Config network dhcp relay vlan lt vian ID gt remove Description This command enters a vian which will be disab
166. in most areas of the world the Managed Switch s power supply automatically adjusts to line power in the range 100 240VAC and 50 60 Hz Plug the female end of the power cord firmly into the receptalbe on the rear panel of the Managed Switch Plug the other end of the power cord into an electric service outlet then the power will be ready The device is a power required device it means it will not work till it is powered If your networks should active all the time please consider using UPS Uninterrupted Power Supply for your device It will Power Notice prevent you from network data loss or network downtime In some area installing a surge suppression device may also help to protect your Managed Switch from being damaged by unregulated surge or current to the Switch or the power adapter 29 User s Manual of WGSW 48000 2 2 Install the Switch This section describes how to install your Managed Switch and make connections to the Managed Switch Please read the following topics and perform the procedures in the order being presented To install your Managed Switch on a desktop or shelf simply complete the following steps 2 2 1 Desktop Installation To install the Managed Switch on desktop or shelf please follows these steps Step1 Attach the rubber feet to the recessed areas on the bottom of the Managed Switch Step2 Place the Managed Switch on the desktop or the shelf near an AC power source as shown in Figure
167. ion This command is used to configure the retry mechanism of ip source guard database ipsrcgd retry now Description This command is used to retry inactive entries now Syntax ipsrcgd retry now 260 User s Manual of WGSW 48000 Mode Global Config ipsrcgd retry interval Description This command is used to retry inactive entries after a interval Syntax ipsrcgd retry interval lt 0 1440 gt Parameters lt 0 1440 gt Mode Global Config 6 4 Interface Config mode commands exit Description Exit current shell Syntax exit Mode Interface Config 6 4 1 dot1x Command Set 802 1x port control Description Set auto authorized or force authorized on ports Syntax 802 1x port control enable disable Parameters enable disable Mode Interface Config 261 User s Manual of WGSW 48000 lacp admin Description Configure admin key of port Syntax lacp admin lt 0 65535 gt Parameters lt 0 65535 gt Mode Interface Config Example User s Manual of WGSW 48000 switch interface g1 lacp admin 36768 lacp priority Description Configure lacp port priority Syntax lacp priority lt 0 65535 gt Parameters lt 0 65535 gt Mode Interface Config addport Description add one port to a LAG group Syntax addport lt LAG D gt Parameters lt LAG ID gt Mode Interface Config delport Description Remove a port from a LAG group Syntax delport lt LAG D gt
168. ions are SNMP v1 Set SNMP supported version 1 e SNMP v2c Set SNMP supported version 2c e SNMP v3 Set SNMP supported version 3 e Authentication Defines the security level attached to the group Security levels apply to SNMPv3 only The possible field values are e Disable No Authentication which indicates that neither the Authentication nor the Privacy security levels are assigned to the group e Enable Authentication which authenticates SNMP messages and ensures the SNMP messages original is authenticated e Access Defines the group access rights The possible field values are e Read Enable The management access is restricted to read only and changes cannot be made to the assigned SNMP view e Write Enable The management access is read write and changes can be made to the assigned SNMP view e Disable Sends traps for the assigned SNMP view e Add New Group Add a new SNMP group 124 4 9 3 User Profile User s Manual of WGSW 48000 Configure SNMPv3 users table on this page The entry index key are Engine ID and User Name The SNMPv3 Users Configuration screen in Figure 4 9 3 appears Community Profile SNMP Trap Station User ID 1 Em User Name Group Name SNMP Version Auth Type Uservt Groupvi SNMPV1 None Figure 4 9 3 User Profile The page includes the following fields Description Object e UserID Click on User ID to edit or remove user e
169. iption e Management Enables or disables Management IP List e IP Address 1 8 Indicates the IP addresses of the Management IP List 105 4 7 8 Auto DoS User s Manual of WGSW 48000 Getting started with Global Auto DoS Attack Prevention Settings apply to all ports Denial of Sevice Prevention E Global Auto DoS Attack Prevention Md Management IP List SSH DHCP Snooping Global Auto DoS Attack Prevention Advanced Denial of Service Prevention C Prevent Land Attacks O Prevent Blat Attacks O Scan SYNFIN Deny Xmascan O Prevent NULL Scan Attacks C Deny SYN with sport lt 1024 C Prevent Ping of Death Attacks Select al Figure 4 7 21 Global Auto DoS Attack Prevention screenshot The page includes the following fields Object Description e Land Attack Packets with Source IP Destination IP e Blat Attack Packets with Source port Destination port e SYNFIN SYN and FIN bits set in the packets e Xmascan Sequence number is zero and the FIN URG and PSH bits are set e NULL scan TCP sequence number is zero and all control bits are zeroes SYN with sport lt 1024 SYN packets with source port less than 1024 Ping of Death Attack Uses packets larger than 64K bytes through fragments and target the vulnerable systems 106 User s Manual of WGSW 48000 E Advanced Auto DoS Attack Prevention H4 Management IP List SSH Advanced Auto DoS Attack Pr
170. iption e Sort By Defines the type of sort lt includes priority deny and permit e Entry Name Indicates the name of ACL entry The length of name have to be smaller than 20 And Different ACL entries can t have the same name e Permit Frames matching the ACL entries may be forwarded and learned e Deny Frames matching the ACL entries are dropped e Queue Assignment Select a traffic class of Low Normal Medium or High to apply to the ACL e Port List Indicates the ports ACL entry apply to When add new entry default to all ports so you can click modify linker to modify it e Proiority Indicates the priority of ACL entry The largest value have highest priority The range is from 0 to 65535 And Different ACL entries can t have the same priority increase priority by 1 decrease priority by 1 e Delete By which deletes the selected ACL 89 User s Manual of WGSW 48000 e New Entry Inserts anew ACL entry e Import Selects an XML file to import e Export Writes all ACL entries to an XML file e Save Settings Modifies the changes of ACL entries which are shown on this page NW Create new ACL entry Port Security 802 1X RADIUS TACACS StormControl pl Add ACL Entry Entry Name DENY_SA_172 Priority 1 0 65535 E SIP 172 16 0 0 MASK 0 0 0 255 O or MASK 7 W Xy Z IPACL SRC PORT ey C
171. is command is used to disable port self loop detection Syntax loop_detect disable Mode Global Config loop_detect recovertime Description This command is used to set the recover time Syntax loop_detect recovertime lt 0 65535 gt Parameters lt 0 65535 gt Mode Global Config loop detect trytorecover Description This command is used to try to recover all the selfloop port immediately Syntax loop_detect trytorecover Mode Global Config 256 User s Manual of WGSW 48000 6 3 21 GVRP Command gvrp enable Description This command is used to enable gvrp function globally Syntax gvrp enable Mode Global Config gvrp disable Description This command is used to disable gvrp function globally Syntax gvrp disable Mode Global Config gvrp port_enable Description This command is used to enable gvrp function on a specified port Syntax gvrp port_enable lt port id gt Parameters lt port id gt Mode Global Config gvrp port_disable Description This command is used to disable gvrp function on a specified port Syntax gvrp port_disable lt port id gt Parameters lt port id gt Mode Global Config 257 User s Manual of WGSW 48000 gvrp port_status Description This command is used to displays the gvrp port information Syntax gvrp port_status lt port list gt Parameters lt port list gt Mode Global Config https Description This command is used to set http
172. is exchanged between the 93 User s Manual of WGSW 48000 RADIUS server and one or more RADIUS clients o Switch 802 1X device controls the physical access to the network based on the authentication status of the client The switch acts as an intermediary proxy between the client and the authentication server requesting identity information from the client verifying that information with the authentication server and relaying a response to the client The switch includes the RADIUS client which is responsible for encapsulating and decapsulating the Extensible Authentication Protocol EAP frames and interacting with the authentication server When the switch receives EAPOL frames and relays them to the authentication server the Ethernet header is stripped and the remaining EAP frame is re encapsulated in the RADIUS format The EAP frames are not modified or examined during encapsulation and the authentication server must support EAP within the native frame format When the switch receives frames from the authentication server the server s frame header is removed leaving the EAP frame which is then encapsulated for Ethernet and sent to the client El Authentication Initiation and Message Exchange The switch or the client can initiate authentication If you enable authentication on a port by using the dot1x port control auto interface configuration command the switch must initiate authentication when it determines that the port link
173. is received the client begins sending frames as if the port is in the authorized state If the client is successfully authenticated receives an Accept frame from the authentication server the port state changes to authorized and all frames from the authenticated client are allowed through the port If the authentication fails the port remains in the unauthorized state but authentication can be retried If the authentication server cannot be reached the switch can retransmit the request If no response is received from the server after the specified number of attempts authentication fails and network access is not granted When a client logs off it sends an EAPOL logoff message causing the switch port to transition to the unauthorized state If the link state of a port transitions from up to down or if an EAPOL logoff frame is received the port returns to the unauthorized state 95 User s Manual of WGSW 48000 4 7 3 2 802 1x Port Configuration The Port Authentication function establishes security between ports Port Security ACL RADIUS TACACS StormControl pp Enable 802 1X Port Status Client MAC Address Authorization 01 Enabled N A 02 O Enabled NIA 03 C Enabled N A 04 C Enabled N A 05 C Enabled N A 06 O Enabled NIA 07 C Enabled NIA 08 C Enabled N A 09 fa Enabled N A 10 C Enabled NIA 11 io Enabled N A 12 C Enabled N A 13
174. is used to displays dhcp snooping vlan Syntax show dhcpsnooping vian Mode Privileged Mode show dhcpsnooping database Description This command is used to displays dhcp snooping database entries show dhcpsnooping database all Description This command is used to show all dhcpsnooping entries Syntax show show dhcpsnooping database all Mode Privileged Mode show dhcpsnooping database static Description This command is used to show all dhcpsnooping static entries Syntax show dhcpsnooping database static Mode Privileged Mode show dhcpsnooping database dynamic Description This command is used to show all dhcpsnooping dynamic entries Syntax show show dhcpsnooping database dynamic Mode Privileged Mode 195 User s Manual of WGSW 48000 show ipsrcgd config Description This command is used to displays the configuration of IP Source Guard Syntax show ipsrcgd config Mode Privileged Mode show ipsrcgd ports Description This command is used to displays ports which enabled IP Source Guard Syntax show ipsrcgd ports Mode Privileged Mode show ipsrcgd database Description This command is used to displays the database of IP Source Guard Syntax show ipsrcgd database Mode Privileged Mode show https Description This command is used to displays https information Syntax show https Mode Privileged Mode show loop_detect Description This command is used to displays selfloop dete
175. isplays all VLAN groups with their member ports There are two color symbols for each VLAN group member port that is Tagged and Untagged e Tagged Indicates that this port is a member of the VLAN When the packet leaves the member port the VLAN tag is kept e Untagged Indicates that this port is a member of the VLAN When the packet leaves the member port the VLAN tag is removed 61 User s Manual of WGSW 48000 4 4 4 VLAN Setting The VLAN Setting screen contains fields for configuring ports to a VLAN The port default VLAN ID PVID is configured on the Create VLAN screen All untagged packets arriving to the device are tagged by the ports PVID The VLAN Settings screen contains a Port Table for VLAN parameters for each port Ports are assigned VLAN membership by selecting and configuring the presented configuration options you can refer to Figure 4 4 2 Create VLAN VLANPort GVRP VLAN Group 1 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 oc000000o0o HHH OHHHHHHDHGHHHO O9 000000000000 0000 0000 00O 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 DPODOOGHQDHHHHHHHHHHHHHH HOO OO0C900O00C0C00CCOO0O0C0CO0O0CC0O0 000 PST 01 02 03 04 05 06 07 08 09 10 11 12 13 14 Save Settings Figure 4 4 2 VLAN Setting Understand nomenclature of the Switch M EEE 802 1Q Tagged and Untagged Every port on an 802 1Q compliant switch can be configured as tagged o
176. itch C was elected the root bridge and the ports were selected to give a high port cost between switches B and C The two optional Gigabit ports default port cost 4 on switch A are connected to one optional Gigabit port on both switch B and C The redundant link between switch B and C is deliberately chosen as a 100 Mbps Fast Ethernet link default port cost 19 Gigabit ports could be used but the port cost should be increased from the default to ensure that the link between switch B and switch C is the blocked link 72 User s Manual of WGSW 48000 4 5 1 RSTP Rapid Spanning Tree Protocol The Rapid Spanning Tree Protocol RSTP provides rapid convergence of the spanning tree by assigning port roles and by determining the active topology The RSTP builds upon the IEEE802 1D STP protocol to select the switch with the highest switch priority as the root switch RSTPPort MSTP MSTPPort MSTP Instance MSTP Interface C Enable RSTP Property Priority 0 61440 Max Age 6 40 sec Forward Delay 4 30 sec Designated Root Bridge Figure 4 5 4 RSTP The page includes the following fields Object Description e Enable RSTP Enables RSTP of the switch will allow you to control the RSTP parameters from the bridge point of view e Priority Specifies the bridge priority value When switches or bridges are running STP each is assigned a priority The default value is 32768 The por
177. ks This also provides a more secure and cleaner network environment An IEEE 802 1Q VLAN is a group of ports that can be located anywhere in the network but communicate as though they belong to the same physical segment VLANs help to simplify network management by allowing you to move devices to a new VLAN without having to change any 56 User s Manual of WGSW 48000 physical connections VLANs can be easily organized to reflect departmental groups such as Marketing or R amp D usage groups such as e mail or multicast groups used for multimedia applications such as videoconferencing VLANs provide greater network efficiency by reducing broadcast traffic and allow you to make network changes without having to update IP addresses or IP subnets VLANs inherently provide a high level of network security since traffic must pass through a configured Layer 3 link to reach a different VLAN This Managed Switch supports the following VLAN features E Up to 255 VLANs based on the IEEE 802 1Q standard m Distributed VLAN learning across multiple switches using explicit or implicit tagging and GVRP protocol m Port overlapping allowing a port to participate in multiple VLANs a End stations can belong to multiple VLANs E Passing traffic between VLAN aware and VLAN unaware devices a Priority tagging The Managed Switch allows 4k user manageable VLANs M EEE 802 1Q Standard IEEE 802 10 tagged VLAN are implemented on the Swi
178. l Config qos qos advanced ip_precedence Description This command enables IP Precedence mode Syntax qos qos advanced ip_precedence Mode Global Config qos qos advanced none Description This command disables gos advanced mode Syntax qos qos advanced none Mode Global Config qos cos priority Description This command configures 802 1p priority queue mapping Syntax Qos cos priority lt 0 7 gt queue lt 1 4 gt Parameters lt 0 7 gt lt 1 4 gt Mode Global Config qos dscp Description This command specifies dscp value to queue mapping 220 User s Manual of WGSW 48000 Syntax qos dscp lt 0 63 gt queue lt 1 4 gt Parameters lt 0 63 gt lt 1 4 gt Mode Global Config qos port based port lt WORD gt status Description This command configures port based priority mapping Syntax qos port based port lt WORD gt status enable disable Parameters enable disable Mode Global Config qos scheduling Configure qos scheduling mode qos scheduling strict Description This command sets to strict priority Syntax qos scheduling strict Mode Global Config qos scheduling wrr Description This command sets to Weight Round Robin Syntax qos scheduling wrr Mode Global Config 221 User s Manual of WGSW 48000 qos ip precedence Description This command configures IP precedence queue mapping Syntax qos ip precedence lt 0 7 gt queue lt 1 4 gt Parameters lt
179. lan D gt mac lt mac addr gt member port lt port list gt Parameters lt vian ID gt lt mac addr gt lt port list gt Mode Global Config set static mcast name lt WORD gt delete Description This command delete a static multicast group Syntax set static mcast name lt WORD gt delete Mode Global Config 6 3 12 SNMP Command snmp notify Description This command configures snmp notification Syntax snmp notify enable disable Parameters enable disable Mode Global Config snmp group add Description This command create a snmp group Syntax snmp group add lt WORD gt version lt 1 2 gt Parameters lt WORD gt lt 1 2 gt Mode 226 Global Config snmp group delete Description This command delete a snmp group Syntax snmp group delete lt WORD gt Parameters lt WORD gt Mode Global Config snmp user snmp user add Description This command creates a snmp user Syntax snmp user add lt user name gt group lt group name gt version lt 1 3 gt Parameters lt user name gt lt group name gt lt 1 3 gt Mode Global Config snmp user delete Description This command deletes a snmp user Syntax snmp user delete lt WORD gt Parameters lt WORD gt Mode Global Config 227 User s Manual of WGSW 48000 User s Manual of WGSW 48000 snmp community add Description This command creates a community Syntax snmp community add lt community name gt group
180. ldp tx delay Description Transmit Delay in seconds Syntax lldp tx delay lt 1 8192 gt Parameters lt 1 8192 gt Mode Global Config lldp mgmt addrtxport Description A range of ports can be set Syntax lldp mgmt addrtxport ports lt port list gt Parameters lt port list gt Mode Global Config Example switch config lldp mgmt addrtxport ports 1 switch config lldp mgmt addrtxport ports 1 4 User s Manual of WGSW 48000 205 User s Manual of WGSW 48000 6 3 4 Log Command log Description This command is used to configure log server log log server Description This command is used to configure log server log log server name lt WORD gt add Description This command is used to specify log server name enter a name up to 12 characters add a log server IP address Syntax log log server name lt WORD gt add ipaddr word Parameters lt WORD gt Mode Global Config log log server name lt word gt delete Description This command is used to delete a log server Syntax log log server name lt WORD gt delete Parameters lt WORD gt Mode Global Config log logging target Description This command is used to configure log notification level 206 log logging target memory Description This command is used to specify memory log notify level Syntax log logging target memory enable disable Parameters enable disable Mode Global Config log logging target flash
181. le StaticAddress PortMirroring w eo Source File i Figure 4 11 7 HTTP Firmware Upgrade 4 11 7 Reboot The Reboot page enables the device to be rebooted from a remote location Once the Reboot button is pressed user have to re login the WEB interface about 60 seconds later the screen in Figure 4 11 9 and Figure 4 11 10 appears lt eboot Save Configurations Logs Settings Log Server MemoryLogs Reboot Switch O Restore Configuration to Factory Defaults Keep Switch IP address O Restore Configuration to Factory Defaults Figure 4 11 8 Reboot The page includes the following fields Object Description e Reboot Switch Restart the switch with current configuration e Restore Configuration This option will restore the switch configuration to factory defaults All to Factory Defaults configuration will be removed except IP address Keep IP address 141 User s Manual of WGSW 48000 e Restore Configuration This option will restore the switch configuration to factory defaults All to Factory Defaults configuration will be removed Windows Internet Explorer E j Are you sure Cancel Figure 4 11 9 Reboot dialogue KKI Save Configurations Logs Settings Restarting Device Please wait until the button becomes Continue then press the button to continue Figure 4 11 10 Reboot message You can also check the PWR LED
182. le dhcp relay option82 Syntax network dhcp relay vlan lt vlan ID gt remove Mode Global Config network sysinfo Description Configure switch system information Network sysinfo sysname Description This command configures system name Syntax network sysinfo sysname lt WORD gt Parameters lt WORD gt Mode 214 User s Manual of WGSW 48000 Global Config network sysinfo syslocate Description This command configures system location Syntax network sysinfo syslocate lt WORD gt Parameters lt WORD gt Mode Global Config network sysinfo syscontact Description This command configures system contact information Syntax network sysinfo syscontact lt WORD gt Parameters lt WORD gt Mode Global Config network admin timeout Description This command configures web console admin time out interval 0 means disable Syntax network admin timeout lt 0 65535 gt Parameters lt 0 65535 gt Mode Global Config 6 3 9 Port Command port all admin mode Description 215 User s Manual of WGSW 48000 This command configures ports admin mode Syntax port all admin mode enable disable Parameters enable disable Mode Global Config port all auto negotiate Description This command configures ports auto negotiation mode Syntax port all auto negotiate enable disable Parameters enable disable Mode Global Config port all flow control Description This comma
183. lient user can enter commands through the Telnet program just as if they were entering commands directly on the server console TFTP is an acronym for Trivial File Transfer Protocol It is transfer protocol that uses the User Datagram Protocol UDP and provides file writing and reading but it does not provides directory service and security features ToS is an acronym for Type of Service It is implemented as the IPv4 ToS priority control It is fully decoded to determine the priority from the 6 bit ToS field in the IP header The most significant 6 bits of the ToS field are fully decoded into 64 possibilities and the singular code that results is compared against the corresponding bit in the IPv4 ToS priority control bit 0 63 ALLDP frame can contain multiple pieces of information Each of these pieces of information is known as TLV TLV is short for Type Length Value 291 User s Manual of WGSW 48000 UDP is an acronym for User Datagram Protocol It is a communications protocol that uses the Internet Protocol IP to exchange the messages between computers UDP is an alternative to the Transmission Control Protocol TCP that uses the Internet Protocol IP Unlike TCP UDP does not provide the service of dividing a message into packet datagrams and UDP doesn t provide reassembling and sequencing of the packets This means that the application program that uses UDP must be able to make sure that the entire message has a
184. lt 0 65535 gt feindex lt 0 65535 gt owner lt WORD gt Parameters Mode Global Config Example Switch Config RMON alarm index 1 interval 10 interface counter 1 sample delta start all rthreshold 100 fthreshold 10 reindex 1 feindex O owner test rmon del rmon del event index Description This command deletes rmon event entry Syntax rmon del event index lt 1 65535 gt Parameters lt 1 65535 gt Mode Global Config rmon del alarm index Description This command deletes rmon alarm entry Syntax rmon del alarm index lt 1 65535 gt Parameters lt 1 65535 gt Mode Global Config 6 3 16 Access list Command access list name lt WORD gt add priority Description This command creates a new access list 240 User s Manual of WGSW 48000 Syntax access list name lt WORD gt add priority lt 1 65535 gt Parameters lt 1 65535 gt Mode Global Config access list name lt WORD gt action access list name lt WORD gt action deny Description This command denies an ACL entry Syntax access list name lt WORD gt action deny Mode Global Config access list name lt WORD gt action permit Description This command permits an ACL entry and queue 1 4 will assign priority queue when rule activated Syntax access list name lt WORD gt action permit lt cr gt queue lt 1 4 gt Parameters lt cr gt queue lt 1 4 gt Mode Global Config access list name lt WORD gt cle
185. lt WORD gt set IP mode DSP IP lt P addr gt lt mask addr gt 244 User s Manual of WGSW 48000 Parameters lt IP addr gt lt mask addr gt Mode Global Config access list name lt WORD gt set L4port Description This command specifies the TCP UDP port range access list name lt WORD gt set l4port SRC port SRE port Description This command specifies the source TCP UDP port range Syntax Access list name lt WORD gt set L4 port SRE port from lt 1 65535 gt to lt 1 65535 gt Parameters lt 1 65535 gt Mode Global Config access list name lt WORD gt set l4port DST port Description This command specifies the destination TCP UDP port range Syntax access list name lt WORD gt set l4port DST port from lt 1 65535 gt to lt 1 65535 gt Parameters lt 1 65535 gt Mode Global Config access list name lt WORD gt set IP mode packet type Description This command specifies the packet type Syntax access list name lt WORD gt set IP mode packet type ICMP IGMP IP TCP UDP GRE Parameters ICMP IGMP IP TCP UDP GRE 245 User s Manual of WGSW 48000 Mode Global Config access list name lt WORD gt set mac mode Description Specify ACL entry priority access list name lt WORD gt set mac mode mac SA Description This command specifies a source mac address Syntax access list name lt WORD gt set mac mode mac SA lt mac addr gt lt mask addr gt Parameters lt mac addr gt lt m
186. mac mode ether type cooocccconocccccococcnonononcnanonnnn nono cnn nan nn nr nano rn rra n rra nr rn rnnn rra 246 access list name lt name gt Set portlist cccccecceeeeeeceeaece cece eee ee ance cess eeesaaaeaeeeeeeeeeaaeaeceeeeeeeeeaeaeeeeegeeeaeaeeeeeenees 247 6 3 17 ARPCOMMANA ivi tall naaa teca pita dee 247 ARAYA tt ti a ea dd ea Pell ita eee in Mia Bie o 247 Alp dynamic agiNg tiMEes iseia ai e ia e ie i daa 247 elo AYMAMICs POPS a A nda 247 arp dynamic Mii did das 248 ERD A OOO E E EE 248 6 53 18 Dos Command ii a seid ees 249 dos landiers idiot ant hia A A eat 249 GOS Dl at iia datar 249 GOS SVM TIN ss ssi na dehceececaze O O Soy clase 249 OOS POMS arnal We a eid ee re ee en ede ede ee ie Las 249 GOS POMS SMUM ces ceca ihc elceeh oi 249 OS ports PING MOOGING emitan a Tchad A tii 250 OS Ports SYNaCk TOOGING 3 252 33ccenseesced tedaccdeusshecqensaas aeeces id 250 tacplus authen YD ii ene ee ea sah eae 250 tacplus add SEMVER caia ai a2 aoe pe shoe Seek gncnbla tla sone o iaa 251 tACPIUS Cel SEMEL eiii ios 251 TENEN eee teeta igi hid eo ests Se tobe rie Sina NA ea eS eee i lad ies ate 251 6 3 19 DHCP Snooping COMMANA cc c cecssececee deneeecdieessucedessduegneestuegesoedeeedndedeeduucsnees 252 AhepsSnooping enable aiii da 252 AhcpsSnooping disable s 3s2 foe toelegecees a lis 252 ANCPSNOOPING OPTIONS 2 occc s EEE EE eMeads Rear 252 dhcpsnooping Verifymac ich eyed ane nile een a ie ee ete eis 252 A
187. me Getting Advertisement Expiry Time S LN FL_UPNP_SetDefaultConfig Setting Default d seen Configuration 2059 DEBUG UPNP 2007 4 1 0 00 01 FE_UPNP_Init Initializing UPNP 2061 DEBUG UPNP 2007 1 1 9 00 06 2060 DEBUG UPNP 2007 1 1 0 00 01 FE_UPNP_GetTTL Getting TTL FE_UPNP_GetAdviExpTime Getting Advertisement Expiry Time 2058 DEBUG UPNP 20071 1 1 9 00 12 FE_UPNP_GetNumPkts Getting NumPktCpy 2057 DEBUG UPNP 2007 7 1 1 9 00 12 2056 DEBUG UPNP 2007 7 1 1 9 00 12 Figure 4 11 12 Flash Logs The page includes the following fields Object Description e Index Indicates the global sequence number for the log 149 User s Manual of WGSW 48000 e Level Indicates the severity of the log e Category Indicates the facility category that the log belongs to e Time Indicates the time when the log is recorded e Message Shows the detailed description of the log 4 11 13 Ping Function This page allows you to issue ICMP PING packets to troubleshoot IP connectivity issues After you press 4 ICMP packets are transmitted and the sequence number and roundtrip time are displayed upon reception of a reply The page refreshes automatically until responses to all packets are received or until a timeout occurs The ICMP Ping screen in Figure 4 11 13 appears on Cable Diagnostic DHCP Relay DHCP Option82 SelfLoop stealeus ate mt allah
188. me interval Syntax sntp serve polling lt 0 9 gt Parameters lt 0 9 gt Mode Global Config sntp timezone Description This command sets sntp timezone 231 User s Manual of WGSW 48000 Syntax sntp timezone lt 1 75 gt Parameters lt 1 75 gt Mode Global Config 6 3 14 Spanning tree Command spanning tree forceversion Description This command configures Spanning Tree protocol version spanning tree forceversion 8021s Description This command selects spanning tree type as 8021 s multiple Spanning Tree Syntax spanning tree forceversion 8021s Mode Global Config spanning tree forceversion 8021w Description This command selects spanning tree type as 802 1w rapid Spanning Tree Syntax spanning tree forceversion 8021w Mode Global Config spanning tree forceversion none Description This command selects none spanning tree type Syntax spanning tree forceversion none Mode Global Config 232 User s Manual of WGSW 48000 spanning tree configuration Description This command configures MSTP region name and revision spanning tree configuration name Description This command configures MSTP region name Max 32 chars Syntax spanning tree configuration name lt WORD gt Parameters lt WORD gt Mode Global Config spanning tree configuration revision Description This command configures revision level Syntax spanning trees configuration revision lt 0 65535 gt Par
189. memberships It is an integral part of the IP multicast specification like ICMP for unicast connections IGMP can be used for online video and gaming and allows more efficient use of resources when supporting these uses A router sends IGMP Query messages onto a particular link This router is called the Querier IMAP is an acronym for Internet Message Access Protocol It is a protocol for email clients to retrieve email messages from a mail server IMAP is the protocol that IMAP clients use to communicate with the servers and SMTP is the protocol used to transport mail to an IMAP server The current version of the Internet Message Access Protocol is IMAP4 It is similar to Post Office Protocol version 3 POP3 but offers additional and more complex features For example the IMAP4 protocol leaves your email messages on the server rather than downloading them to your computer If you wish to remove your messages from 285 User s Manual of WGSW 48000 the server you must use your mail client to generate local folders copy messages to your local hard drive and then delete and expunge the messages from the server IP is an acronym for Internet Protocol It is a protocol used for communicating data across a internet network IP is a best effort system which means that no packet of information sent over it is assured to reach its destination in the same condition it was sent Each device connected to a Local Area Network LAN
190. mes from some port of the Ethernet Switching it will also check the destination address besides the source address learning The Ethernet Switching will lookup the address table for the destination address If not found this packet will be forwarded to all the other ports except the port which this packet comes in And these ports will transmit this packet to the network it connected If found and the destination address is located at different port from this packet comes in the Ethernet Switching will forward this packet to the port where this destination address is located according to the information from address table But if the destination address is located at the same port with this packet comes in then this packet will be filtered Thereby increasing the network throughput and availability 7 4 Store and Forward Store and Forward is one type of packet forwarding techniques A Store and Forward Ethernet Switching stores the incoming frame in an internal buffer do the complete error checking before transmission Therefore no error packets occurrence it is the best choice when a network needs efficiency and stability The Ethernet Switch scans the destination address from the packet header searches the routing table pro vided for the incoming port and forwards the packet only if required The fast forwarding makes the switch attractive for connecting servers directly to the network thereby increasing throughput and availability How ever
191. n Default Value Bridge Identifier Not user A combination of the User set priority and 32768 MAC configurable the switch s MAC address except by setting priority The Bridge Identifier consists of two parts below a 16 bit priority and a 48 bit Ethernet MAC 69 address 32768 MAC User s Manual of WGSW 48000 Priority A relative priority for each switch lower 32768 numbers give a higher priority and a greater chance of a given switch being elected as the root bridge Hello Time The length of time between broadcasts of 2 seconds the hello message by the switch Maximum Age Timer Measures the age of a received BPDU fora 20 seconds port and ensures that the BPDU is discarded when its age exceeds the value of the maximum age timer Forward Delay Timer The amount time spent by a port in the 15 seconds learning and listening states waiting for a BPDU that may return the port to the blocking state The following are the user configurable STP parameters for the port or port group level Variable Description Port Priority A relative priority for each port lower numbers give a higher priority and a greater chance of a given port being elected as the root port Port Cost A value used by STP to evaluate paths STP calculates path costs and selects the Default Value 128 200 000 100Mbps Fast Ethernet ports 20 000 1000Mbps Gigabit Ethernet path with the minimum cost as the active ports path 0
192. n a MST instance 1 200000000 Syntax spanning tree mst cost lt MST ID gt lt pathcost gt Parameters lt MST ID gt lt pathcost gt Mode Interface Config spanning tree mst priority Description This command configure the port priority on a MST instance 0 4094 Syntax spanning tree mst priority lt 0 4094 gt lt 0 240 gt Parameters lt 0 4094 gt lt 0 240 gt Mode Interface Config spanning tree participation Description This command configures RSTP capability on a port Syntax spanning tree participation enable disable Parameters enable disable 271 User s Manual of WGSW 48000 Mode Interface Config spanning tree priority Description This command configure RSTP port priority 0 240 Syntax spanning tree priority lt 0 240 gt Parameters lt 0 240 gt Mode Interface Config 6 4 6 VLAN Command vian participation This command join or leave a pertte a vian vian participation exclude Description This command is used to leave a vlan Syntax vlan participation exclude lt vlan id gt Parameters lt vlan id gt Mode Interface Config vlan participation Description This command join a vlan with untagged tagged mode Syntax vlan participation untagged tagged lt vlan id gt Parameters untagged tagged lt vlan id gt Mode Interface Config 272 User s Manual of WGSW 48000 vian protected Description This command configures port p
193. nable O Disable Boot Up Trap O Enable O Disable Trap Version Ovi Ov2c Cancel amp Return Figure 4 9 8 Add new SNMP Trap Station The page includes the following fields Object Description e Trap Station ID Click on Trap Station ID to edit or remove trap station e Community String Indicates the community string for this trap station e Link Change Trap Indicates if link up and link down traps are sent e Remote IP Address Indicates the IP address which traps are sent e Boot Up Trap Indicates if WarmStart and ColdStart traps are sent e Version Indicates the SNMP version of the trap station e Add New Trap Station Creates a trap station 128 User s Manual of WGSW 48000 4 10 LLDP Link Layer Discovery Protocol LLDP is used to discover basic information about neighboring devices on the local broadcast domain LLDP is a Layer 2 protocol that uses periodic broadcasts to advertise information about the sending device Advertised information is represented in Type Length Value TLV format according to the IEEE 802 1ab standard and can include details such as device identification capabilities and configuration settings LLDP also defines how to store and maintain information gathered about the neighboring network nodes it discovers Link Layer Discovery Protocol Media Endpoint Discovery LLDP MED is an extension of LLDP intended for managing endpoint devices such as Voice over IP phones
194. naged Switch You can specify SNTP Servers and set GMT Timezone The SNTP Configuration screen in Figure 4 2 3 appears System Information Network Management Green Ethernet C Enable Daylight Saving GMT Greenwich Mean Time Dublin Edinburg Lisbon London Use SNTP Server Server IP Address i Polling Interval 30 minutes Use Local Time M D Y M H S 1 E 2007 x 116 x 111 110 Use Browser Time _ Figure 4 2 3 Time Settings The page includes the following fields Object Description e Daylight Saving Indicates the Daylight Savings Time DST on the device based on the devices location When daylight saving is enabled one hour will be added to time zone offset value Only for SNTP e Time Zone Specifies the difference between Greenwich Mean Time GMT and local time For example the Time Zone Offset for Paris is GMT 1 while the local time in New York is GMT 5 Only for SNTP e Use Local Time M Month Sets the month D Day Sets the day Y Year Sets the year H Hours Sets the hours M Minutes Sets the minutes S Seconds Sets the seconds Use Browser Time The device system time is configured by your Desktop Laptop s time setting 48 User s Manual of WGSW 48000 e Use SNTP Server The device supports the Simple Network Time Protocol SNTP SNTP assures accurate network device clock time synchronization up to the millisecond
195. nated port it negotiates a rapid transition with the other port to ensure a loop free topology Migration Check Re checks the appropriate BPDU format to send on this port Path Cost Displays the cost of this port for the specified MST instance Cost means the contribution of this port to the path cost of paths towards the spanning tree root which include this port Port Priority Displays the priority of this port for the specified MST instance 4 5 5 MSTP Instance MSTP operation maps VLANs into STP instances Packets assigned to various VLANs are transmitted along different paths within Multiple Spanning Tree Regions MST Regions Regions are one or more Multiple Spanning Tree bridges by which frames can be transmitted In configuring MST the MST region to which the device belongs is defined A configuration consists of the name revision and region to which the device belongs RSTP RSTPPort MSTP MSTP Port MSTP Interface MST Instance MST ID 0 4094 VLAN Range o Remove Last MST Instance MST Instance MST ID VLAN Members instance Bridge Priority 0 Change Bridge Prioaity e Raion Daas Figure 4 5 8 MSTP Instance The page includes the following fields Object Description e MST Instance Specifies the instance to configure This system can support up to 16 MSTP instances e MST ID Specifies the instance identifier the range is 0 to 4094
196. nce Edge Indicates if this port is the edge port Once configured as an edge port the port state immediately transitions from disable block to forwarding state P2P Indicates if this port is a point to point link If you connect a port to another port though a point to point link and the local port becomes a designated port it negotiates a rapid transition with the other port to ensure a loop free topology Status Displays the MSTP port status for the specified MST instance Role Displays the role of this port for the specified MST instance 79 User s Manual of WGSW 48000 4 6 Multicast 4 6 1 IGMP Snooping The Internet Group Management Protocol IGMP lets host and routers share information about multicast groups memberships IGMP snooping is a switch feature that monitors the exchange of IGMP messages and copies them to the CPU for feature processing The overall purpose of IGMP Snooping is to limit the forwarding of multicast frames to only ports that are a member of the multicast group About the Internet Group Management Protocol IGMP Snooping Computers and network devices that want to receive multicast transmissions need to inform nearby routers that they will become members of a multicast group The Internet Group Management Protocol IGMP is used to communicate this information IGMP is also used to periodically check the multicast group for members that are no longer active In the case where there is more than one multic
197. nd configures ports flow control Syntax port all flow control enable disable Parameters enable disable Mode Global Config port all portsec lockmode Configure port security port all portsec lockmode none Description This command disable port security Syntax port all portsec lockmode none Mode Global Config 216 User s Manual of WGSW 48000 port all portsec lockmode dynamic max entries Description This command enable limited dynamic lock mode Syntax port all portsec lockmode dynamic max entries lt 0 24 gt Parameters lt 0 24 gt Mode Global Config port all rate limit Description Configure rate limit value on all ports port all rate limit egress Description This command specifies egress rate limit Syntax port all Rate Limit egress lt value gt Parameters lt value gt Mode Global Config port all rate limit ingress Description This command specifies ingress rate limit Syntax port all rate limit ingress lt value gt Parameters lt value gt Mode Global Config port all rmon counter Description This command configures rmon counter capability on ports 217 User s Manual of WGSW 48000 Syntax port all rmon counter enable disable Parameters enable disable Mode Global Config port all speed Description This command configures ports speed Syntax port all speed 10hd 10fd 100hd 100fd Parameters 10hd 1 Ofd 100hd 100fd Mode Glo
198. nfig access list name lt WORD gt clear VID Description This command clears the 802 1Q VLAN tag of packet Syntax Access list name lt WORD gt clear VID Mode Global Config access list name lt WORD gt clear ether type Description This command clears ether type filter Syntax access list name lt WORD gt clear ether type Mode Global Config access list name lt WORD gt deletes Description This command removes the ACL entry Syntax access list name lt WORD gt deletes Mode Global Config 243 User s Manual of WGSW 48000 access list name lt WORD gt enable disable Description This command enables disables the ACL entry Syntax access list name lt WORD gt enable disable Mode Global Config access list name lt WORD gt set access list name lt WORD gt set priority Description This command specifies ACL entry priority Syntax access list name lt WORD gt set priority lt 0 65535 gt Parameters lt 0 65535 gt Mode Global Config access list name lt WORD gt set IP mode access list name lt WORD gt set IP mode SRC IP Description This command specifies a source IP address Syntax access list name lt WORD gt set IP mode SRC IP lt IP addr gt lt mask addr gt Parameters lt IP addr gt lt mask addr gt Mode Global Config access list name lt WORD gt set IP mode DST IP Description This command specifies a destination IP address Syntax access list name
199. ng the group Range 500 18000 centiseconds Default 1000 centiseconds 66 User s Manual of WGSW 48000 4 5 Spanning Tree The Spanning Tree protocol can be used to detect and disable network loops and to provide backup links between switches bridges or routers This allows the switch to interact with other bridging devices in your network to ensure that only one route exists between any two stations on the network and provide backup links which automatically take over when a primary link goes down The spanning tree algorithms supported by this switch include these versions a STP Spanning Tree Protocol IEEE 802 1D a RSTP Rapid Spanning Tree Protocol IEEE 802 1w a MSTP Multiple Spanning Tree Protocol IEEE 802 1s Theory of Spanning Tree Protocol The IEEE 802 1D Spanning Tree Protocol and IEEE 802 1W Rapid Spanning Tree Protocol allow for the blocking of links between switches that form loops within the network When multiple links between switches are detected a primary link is established Duplicated links are blocked from use and become standby links The protocol allows for the duplicate links to be used in the event of a failure of the primary link Once the Spanning Tree Protocol is configured and enabled primary links are established and duplicated links are blocked automatically The reactivation of the blocked links at the time of a primary link failure is also accomplished automatically without operator inter
200. nique Port VLAN ID Ports connected to the service provider are VLAN aware members of multiple VLANs and set up to tag all frames Untagged frames received on a subscriber port are forwarded to the provider port with a single VLAN tag Tagged frames received on a subscriber port are forwarded to the provider port with a double VLAN tag VLAN ID VLAN ID is a 12 bit field specifying the VLAN to which the frame belongs 292 Y PLANET Networking amp Communication EC Declaration of Conformi For the following equipment Type of Product 48 Port 10 100 1000Mbps with 4 Shared SFP Managed Gigabit Switch Model Number WGSW 48000 Produced by Manufacturers Name Planet Technology Corp Manufacturer s Address 11F No 96 Min Chuan Road Hsin Tien Taipei Taiwan R O C is herewith confirmed to comply with the requirements set out in the Council Directive on the Approximation of the Laws of the Member States relating to Electromagnetic Compatibility Directive on 89 336 EEC For the evaluation regarding the EMC the following standards were applied Emission EN 55022 2006 Class A Harmonic EN 61000 3 2 2006 Class A Flicker EN 61000 3 3 1995 A1 2001 A2 2005 CISPR 22 2005 Class A AS NZS CISPR 22 2006 Class A Immunity EN 55024 1998 Al 2001 A2 2003 ESD IEC 61000 4 2 2001 ED 1 2 RS IEC 61000 4 3 2006 Al 2007 ED 3 0 EFT Burst IEC 61000 4 4 2004 ED 2 0 Surge IEC 61000 4 5 2005
201. ns delay loss and jitter It also provides increased reliability for delivery of your data and allows you to prioritize certain applications across your network You can define exactly how you want the switch to treat selected applications and types of traffic You can use QoS on your system to Control a wide variety of network traffic by Classifying traffic based on packet attributes Assigning priorities to traffic for example to set higher priorities to time critical or business critical applications Applying security policy through traffic filtering Provide predictable throughput for multimedia applications such as video conferencing or voice over IP by minimizing delay and jitter Improve performance for specific types of traffic and preserve performance as the amount of traffic grows Reduce the need to constantly add bandwidth to the network Manage network congestion QoS Terminology Classifier classifies the traffic on the network Traffic classifications are determined by protocol application source destination and so on You can create and modify classifications The Switch then groups classified traffic in order to schedule them with the appropriate service level DiffServ Code Point DSCP is the traffic prioritization bits within an IP header that are encoded by certain applications and or devices to indicate the level of service required by the packet across a network Service Level defines the p
202. nstance information Syntax show spanning tree mst detailed lt 0 4094 gt Parameters lt 0 4094 gt Mode Privileged Mode show spanning tree mst instance Description This command displays ports information on a MST instance Syntax show spanning tree mst instance lt 0 4094 gt Parameters lt 0 4094 gt Mode Privileged Mode show spanning tree mst summary Description This command displays all MST instance information Syntax show spanning tree mst summary Mode Privileged Mode show spanning tree status Description This command is used to displays spanning tree status Syntax show Spanning tree status Mode Privileged Mode 187 User s Manual of WGSW 48000 show storm control Description This command is used to displays storm control information Syntax show storm control Mode Privileged Mode show sysinfo Description This command is used to displays system information including system up time Syntax show sysinfo Mode Privileged Mode show switch Description This command is used to displays switch information show switch admin time Description This command displays the age time of web and console Syntax show switch admin time Mode Privileged Mode show switch age time Description This command displays the age time of L2 table Syntax show switch age time Mode Privileged Mode 188 User s Manual of WGSW 48000 show switch mac table Description This c
203. ntax Show rmon statistics lt port index gt Parameters lt port index gt Mode Privileged Mode show poe port index Description This command is used to specify an switch poe interface Syntax show poe port index lt port ID gt Parameters lt port ID gt Mode Privileged Mode show poe all Description This command is used to displays all switch poe interface Syntax show poe all Mode Privileged Mode show poe system status Description This command is used to displays PoE system status Syntax show poe system status Mode Privileged Mode 193 User s Manual of WGSW 48000 User s Manual of WGSW 48000 show tacplus Description This command is used to displays TACACS information includes authentication type and server parameters Syntax show tacplus Mode Privileged Mode show arp Description This command is used to displays table of static ARP Syntax show arp Mode Privileged Mode show acl Description This command is used to displays information about ACL entries Syntax show acl Mode Privileged Mode show dhcpsnooping config Description This command is used to displays dhcp snooping global configuration Syntax show dhcpsnooping config Mode Privileged Mode show dhcpsnooping port Description This command is used to displays dhcp snooping trust port Syntax show dhcpsnooping port Mode 194 Privileged Mode show dhcpsnooping vian Description This command
204. nual of WGSW 48000 lt vian list gt lt MST ID gt Mode Global Config Example Switch Config Spanning Tree mst instance add vlan 2 5 mstpid 2 Switch Config Spanning Tree mst instance add vlan 6 mstpid 3 User s Manual of WGSW 48000 spanning tree mst instance delete Description This command removes the last MST instance Syntax spanning tree mst instance delete Mode Global Config spanning tree mst vlan This command adds or deletes vian frome a MSTP instance spanning tree mst vlan lt MST ID gt lt vlan list gt add Description This command creates a MST instance Syntax spanning tree mst vlan lt MST ID gt lt vlan list gt add Mode Global Config Example Switch Config Spanning Tree mst vlan 3 3 5 add Spanning Tree mst vlan lt MST ID gt lt vian list gt delete Description This command deletes a vlan from a MST instance Syntax Spanning Tree mst vlan lt MST ID gt lt vlan list gt delete Mode Global Config 237 spanning tree mst bridgepri Description This command configures bridge priority for a MST instance Syntax spanning tree mst bridgepri lt MST D gt lt priority gt Parameters lt MST ID gt lt priority gt Mode Global Config spanning tree mst cost Description This command configures port path cost in a MST instance Syntax spanning tree mst cost lt MST ID gt lt path cost gt ports lt port list gt Parameters lt MST ID gt lt path cost gt
205. o auto negotiation 100Mbps 100Mbps with auto negotiation 100 200Mbps 100Base TX Full Duplex 276 User s Manual of WGSW 48000 8 TROUBLE SHOOTING This chapter contains information to help you solve problems If the Ethernet Switch is not functioning properly make sure the Ethernet Switch was set up according to instructions in this manual M The Link LED is not lit Solution Check the cable connection and remove duplex mode of the Ethernet Switch HE Some stations cannot talk to other stations located on the other port Solution Please check the VLAN settings trunk settings or port enabled disabled status M Performance is bad Solution Check the full duplex status of the Ethernet Switch If the Ethernet Switch is set to full duplex and the partner is set to half duplex then the performance will be poor Please also check the in out rate of the port MH Why the Switch doesn t connect to the network Solution 1 Check the LNK ACT LED on the switch 2 Try another port on the Switch 3 Make sure the cable is installed properly 4 Make sure the cable is the right type 5 Turn off the power After a while turn on power again HM 100Base TX port link LED is lit but the traffic is irregular Solution Check that the attached device is not set to dedicate full duplex Some devices use a physical or software switch to change duplex modes Auto negotiation may not recognize this type of full duplex setting M Switch d
206. o the IEEE 802 3ad standard Port link aggregations can be used to increase the bandwidth of a network connection or to ensure fault recovery Link aggregation lets you group up to 4 consecutive ports into a single dedicated connection between any two the Switch or other Layer 2 switches However before making any physical connections between devices use the Link aggregation Configuration menu to specify the link aggregation on the devices at both ends When using a port link aggregation note that 52 User s Manual of WGSW 48000 e The ports used in a link aggregation must all be of the same media type RJ 45 100 Mbps fiber e The ports that can be assigned to the same link aggregation have certain other restrictions see below e Ports can only be assigned to one link aggregation e The ports at both ends of a connection must be configured as link aggregation ports e None of the ports in a link aggregation can be configured as a mirror source port or a mirror target port e All of the ports in a link aggregation have to be treated as a whole when moved from to added or deleted from a VLAN e The Spanning Tree Protocol will treat all the ports in a link aggregation as a whole e Enable the link aggregation prior to connecting any cable between the switches to avoid creating a data loop e Disconnect all link aggregation port cables or disable the link aggregation ports before removing a port link aggregation to avoid creating a dat
207. oes not power up Solution 1 AC power cord not inserted or faulty 2 Check that the AC power cord is inserted correctly 3 Replace the power cord If the cord is inserted correctly check that the AC power source is working by connecting a different device in place of the switch 4 If that device works refer to the next step 5 If that device does not work check the AC power 277 User s Manual of WGSW 48000 E While IP Address be changed or forgotten admin password To reset the IP address to the default IP Address 192 168 0 100 or reset the password to default value Press the hardware reset button at the front panel about 10 seconds After the device is rebooted you can login the management WEB interface within the same subnet of 192 168 0 xx Q PLANET Meinert sg Corererkaiey Reset 00 HN 1000 278 User s Manual of WGSW 48000 APPENDEX A A 1 Switch s RJ 45 Pin Assignments 1000Mbps 1000Base T 1 BI_DA BI_DB 2 BI_DA BI_DB 3 BI_DB BI_DA 4 BI_DC BI_DD 5 BI_DC BI_DD 6 BI_DB BI_DA 7 BI_DD BI_DC 8 BI_DD BI_DC Implicit implementation of the crossover function within a twisted pair cable or at a wiring panel while not expressly forbidden is beyond the scope of this standard A 2 10 100Mbps 10 100Base TX When connecting your 10 100Mbps Ethernet Switch to another switch a bridge or a hub a straight or crossover cable is n
208. om 0 to 7 0 indicates the lowest priority 7 indicates the highest priority e Assigned Queue Indicates priority queue mapping for 802 1P There are four priority queues Queue 1 is the lowest priority queue and Queue 4 is the highest priority queue 802 1p Priority Priority classifiers of the Switch forward packet COS range is from 0 to 7 Seven is the high class Zero is the less class The user may configure the mapping between COS and Traffic classifiers 118 User s Manual of WGSW 48000 4 8 4 Port Based QoS When Port Based priority is applied any packets received from a high priority port will be treated as a high priority packet Select the QoS mode to Port Based Priority the Port ID to queue mapping configuration page appears as the Figure 4 8 9 shows Queue Settings DSCP 802 1P Rate Control DSCP Remark Change Priority port priority o1 0 E 0 02 0 26 0 03 0 27 0 04 0 28 0 05 0 29 0 06 0 30 0 07 0 31 0 08 0 32 0 09 0 33 0 10 0 34 0 11 0 35 0 12 0 36 0 13 0 37 0 14 0 38 0 45 0 39 0 16 0 40 0 17 0 41 0 18 0 42 0 Figure 4 8 9 Port Base QoS configuration screenshot The page includes the following fields Object Description e Port Port sets the priority to each specific port The Port mapping determines the packet queue e Priority Each port has 8 pri
209. om a network and stores them for later retrieval Once samples are taken their data is stored in an entry in a media specific table Each such entry defines one sample and is associated with the historyControlEntry that caused the sample to be taken 163 User s Manual of WGSW 48000 5 COMMAND LINE INTERFACE 5 1 Accessing the CLI When accessing the management interface for the switch over a direct connection to the server s console port or via a Telnet connection the switch can be managed by entering command keywords and parameters at the prompt Using the switch s command line interface CLI is very similar to entering commands on a UNIX system This chapter describes how to use the Command Line Interface CLI Logon to the Console Once the terminal has connected to the device power on the WGSW Managed Switch the terminal will display that it is running testing procedures Then the following message asks the login password The factory default password as following and the login screen in Figure 5 1 appears User name admin Password admin COM1_38400 HyperTerminal SE Eile Edit View Call Transfer Help nvram_init nuram start address 0Oxbc060000 and size 0x40000 _nvram_read source address is 0Oxbc060000 0x80950838 IFP 0x8054 e c next 0x8091a010 IFP 0x8091a010 next 0x00000000 ICS unit 0 Dev Oxc la Rev 0x03 Chip BCM937185_A1 Driver BCM96218_A0 Attaching SOC unit 0 snmp agent ini
210. om anywhere on the network through a standard browser such as Microsoft Internet Explorer After you set up your IP address for the switch you can access the Managed Switch s Web interface applications directly in your Web browser by entering the IP address of the Managed Switch WGSW Managed Switch PC Workstation with IE Browser PE IP Address RI UTP Cable 192 168 0 100 kitty IP Address 192 168 0 x Figure 3 3 Web management You can then use your Web browser to list and manage the Managed Switch configuration parameters from one central location just as if you were directly connected to the Managed Switch s console port Web Management requires either Microsoft Internet Explorer 6 0 or later Safari or Mozilla Firefox 1 5 or later 38 User s Manual of WGSW 48000 WGSW 48000 a e Network Management Time Settings Green Ethernet Port Welcome to PLANET WGSW 48000 48 Port Gigabit Managed Ethernet Switch gt VLAN Spanning Tree gt Multicast Security Device Name L2 Managed Switch Hardware Version BM3 Boot Version 1 1 4 Firmware Version 2 01 Build Date Fri Mar 13 13 59 36 2009 MAC Address 00 30 4f 48 00 01 System Name gt QoS gt SNMP LLDP Admin System Location Statistics System Contact Help Logout Figure 3 4 Web main screen of Managed Switch 3 5 SNMP Based Network Management You can use an external SNMP based applic
211. om listening to learning or to disabled E From learning to forwarding or to disabled E From forwarding to disabled 68 User s Manual of WGSW 48000 From disabled to blocking Switch Blocking lt y a gt y y Listening gt Disable Learning Forwarding Figure 4 5 1 STP Port State Transitions You can modify each port state by using management software When you enable STP every port on every switch in the network goes through the blocking state and then transitions through the states of listening and learning at power up If properly configured each port stabilizes to the forwarding or blocking state No packets except BPDUs are forwarded from or received by STP enabled ports until the forwarding state is enabled for that port STP Parameters STP Operation Levels The Switch allows for two levels of operation the switch level and the port level The switch level forms a spanning tree consisting of links between one or more switches The port level constructs a spanning tree consisting of groups of one or more ports The STP operates in much the same way for both levels On the switch level STP calculates the Bridge Identifier for each switch and then sets the Root Bridge and the Designated Bridges On the port level STP sets the Root Port and the Designated Ports The following are the user configurable STP parameters for the switch level Parameter Descriptio
212. ommand is used to displays address resolution protocol cache show switch mac table all Description This command displays all element of the mac table Syntax show switch mac table all Mode Privileged Mode show switch mac table vian Description This command displays all mac in a specify vlan Syntax show switch mac table vlan lt vlan id gt Parameters lt vlan id gt Mode Privileged Mode show switch mac table port Description This command displays all mac in a specify port Syntax show switch mac table port lt port id gt Parameters port lt port id gt Mode Privileged Mode show switch mcast table Description This command displays multicast address table Syntax show switch mcast table Mode 189 User s Manual of WGSW 48000 Privileged Mode show switch mac Description This command displays vlan and port info by the specific mac address Syntax show switch mac Mode Privileged Mode show trapflags Description This command is used to displays the value of trap flags that apply to the switch Syntax show trapflags Mode Privileged Mode show vlan Description This command is used to displays vlan configuration show vlan member Description This command displays vlan configuration Syntax show vlan member lt 7 4094 gt Parameters lt 1 4094 gt Mode Privileged Mode show vlan number Description This command displays how many vlans has been created Syntax sh
213. on from 10 1 1 226 has expired 61 INFO WEB 3 2007 1 1 19 55 53 jl User 2dmio iogined from 10 1 1 226 gt Figure 4 11 11 Memory Logs 148 User s Manual of WGSW 48000 The page includes the following fields Object Description e Index Indicates the global sequence number for the log e Level ndicates the severity of the log e Category Indicates the facility category that the log belongs to e Time Indicates the time when the log is recorded e Message Shows the detailed description of the log 4 11 12 Flash Logs The Flash Log screen contains information about log entries saved to the Log File in FLASH the time that the log generated the log severity and description of the log message The Message Log is available after reboot 4 Reboot Save Configurations Logs Settings Log Server Memory Logs Page 1 of 42 Goto page 1 2 3 40 41 42 Next Index Level Category Time Message 2067 DEBUG UPNP 2007 1 1 9 00 07 FE_UPNP_GetNumPkts Getting NumPktCpy 2066 DEBUG UPNP 2007 1 1 9 00 07 FE_UPNP_GetTTL Getting TTL FE_UPNP_GetAdvtExpTime Getting Advertisement Expiry Time 2064 DEBUG UPNP 2007 1 1 9 00 06 FE_LUPNP_SendSsdpBye FE_UPNP_SendSsdpBye 2065 DEBUG UPNP 20077 1 1 9 00 07 2063 DEBUG UPNP 2007 1 1 9 00 06 FE_UPNP_GetNumPkts Getting NumPktCpy 2062 DEBUG UPNP 2007 1 19 00 06 FE_UPNP_GetTTL Getting TTL FE_UPNP_GetAdvtExpTi
214. onsole cable x1 If any of these are missing or damaged please contact your dealer immediately if possible retain the carton including the original packing material and use them against to repack the product in case there is a need to return it to us for repair 1 2 Product Description High Density Cost effective Telecom class Gigabit solution for Enterprise backbone and Data Center Networking The PLANET WGSW 48000 is a Layer 2 Layer 4 full managed Gigabit Switch that provides high density performance and is rack mountable With 96Gbps switching fabric the WGSW 48000 can handle extremely large amounts of data in a secure topology linking to an enterprise backbone or high capacity servers The powerful QoS and Network Security features make WGSW 48000 to perform effective data traffic control for both ISP and Enterprise VolP video streaming and multicast applications High Performance The WGSW 48000 provides 48 10 100 1000Mbps Gigabit Ethernet ports with 4 shared Gigabit SFP slots It boasts a high performance switch architecture that is capable of providing non blocking switch fabric and wire speed throughput as high as 96Gbps which greatly simplifies the tasks of upgrading the LAN for catering to increasing bandwidth demands Robust Layer 2 Features 20 User s Manual of WGSW 48000 The WGSW 48000 can be programmed for basic Switch management functions such as Port speed configuration Port aggregation VLAN Spanning Tree p
215. onsole session during this time out value 4 11 6 Firmware Upgrade The page provides the ways to upgrade backup switch firmware It provides the functions allowing the user to update the switch firmware via HTTP or the Trivial File Transfer Protocol TFTP server Before updating make sure the TFTP server is ready and the firmware image is located on the TFTP server m TFTP Firmware Upgrade The Firmware Upgrade page provides the functions to allow a user to update the Managed Switch firmware from the TFTP server in the network Before updating make sure you have your TFTP server ready and the firmware image is on the TFTP server The screen in Figure 4 2 9 appears Use this menu to download a file from specified TFTP server to the Managed Switch Admin Password L2Table Static Address PortMirroring Admin Timeout Via TFTP UPGRADE BACKUP TFTP Server 192 168 0 200 Soure File WGSW48000 v2 01 img Destination File Figure 4 12 6 TFTP Firmware Upgrade The page includes the following fields Object Description TFTP Server Type in your TFTP server IP Source File Type in the name of the firmware image file to be updated 140 User s Manual of WGSW 48000 HTTP Firmware Upgrade The HTTP Firmware Upgrade page contains fields for downloading system image files from the Local File browser to the device The Web Firmware Upgrade screen in Figure 4 11 7 appears Admin Password L2Tab
216. or specify static lock mode Syntax port security lock mode none static Parameters none static Mode Interface Config port security lock mode dynamic max entries 24 Description User s Manual of WGSW 48000 This command enable limited dynamic lock mode and specify maximin learning entries for limited dynamic lock mode the max entries value 0 24 Syntax port security lock mode dynamic max entries 24 Mode Interface Config qos port based priority Description This command specifies port based qos priority mapping Syntax qos port based priority lt 0 7 gt Parameters lt 0 7 gt Mode Interface Config 266 Qos port based status Description This command is used to set port based status Syntax qos port based status enable disable Parameters enable disable Mode Interface Config 6 4 4 Rate limit Command Description rate limit egress rate limit egress enable token bsize Description This command limits egress rate which the unit is Kbps Syntax rate limit egress enable token bsize lt Burst Size Value gt Parameters lt Burst Size Value gt Mode Interface Config rate limit egress disable Description This command disable egress rate limit rate limit ingress Description This command limits ingress rate which the unit is Kbps Syntax rate limit ingress lt rate gt Parameters lt rate gt Mode Interface Config 267 User s Manual of WGSW 48000
217. ority levels 0 7 to be chosen 7 is the highest priority 0 is the default priority e Update Means change the priority map But thses change will not be programmed to database e Save Settings Means program these changes to database 119 4 8 5 Rate Control User s Manual of WGSW 48000 Configure the switch port rate limit for Policers and Shapers on this page The settings relate to the Managed Switch as reflected by the page header The screen Rate Control in Figure 4 8 10 appears Queue Settings DSCP 802 1P Port 01 Port based QoS DSCP Remark Ingress Rate Egress Traffic Shaping IE _ Rate NoLimit 3 5 Tokens Added Per Interval 1 Tokens _ Token Update Interval 7 8125 us Each token represents 0 5 bit Burst Size 8 KB f esa dore Figure 4 8 10 Rate Control configuration screenshot The page includes the following fields Object Description e Port Selects a port to configure e Ingress Rate Selects a rate for incoming traffic The selectable values are 64kbps 128kbps 256kbps 400Mbps e Egress Traffic Egress Traffic Shaping is an attempt to control network traffic in order to optimize or Shaping guarantee performance low latency and or bandwidth e Rate displays the rate for egress traffic And it s value comes from e Tokens Added Per Interval e Token Update Interval e Burst Size tokens mean
218. ormed only when the port is up 151 User s Manual of WGSW 48000 4 11 15 DHCP Relay A DHCP Relay agent is configured to listen for DHCP or BOOTP broadcast from DHCP clients and then relay those messages to DHCP servers on different subnets Ping Function Cable Diag Figure 4 11 15 DHCP Relay The page includes the following fields Object Description e Mode Enables or Disables DHCP Relay function e Server IP Enteres remote DHCP server IP address 4 11 16 DHCP Option 82 The DHCP option 82 enables a Dynamic Host Configuration Protocol DHCP relay agent to include information about itself when forwarding client originated DHCP packets to a DHCP server The DHCP server can use this information to implement IP address or other parameter assignment policies 152 User s Manual of WGSW 48000 DHCP Relay SelfLoop Ping Function Cable Diagnostic Select VLAN Interface Save Settings Figure 4 11 16 DHCP Option 82 The page includes the following fields Object Description e Select VLAN Interface Selects desired VLAN groups to perform relay function 4 11 17 Self Loop Detection Self Loop Detection means when one port produces a self loop and Switch can detect this situation When it happens the port will be disabled After a recover time s later switch will enable this port and try to detect this port again until there is no self loop
219. ow vlan number Mode Privileged Mode 190 User s Manual of WGSW 48000 show rmon Description This command displays rmon information show rmon event Index Description This command displays rmon event table Syntax show rmon event index lt 7 65535 gt Parameters lt 1 65535 gt Mode Privileged Mode show rmon event Description Syntax Show rmon event lt CR gt Parameters lt CR gt Mode Privileged Mode Show rmon event log event _index Description This command displays rmon event log Syntax Show rmon event log event _index lt 1 65535 gt Parameters lt 1 65535 gt Mode Privileged Mode show rmon alarm index Description This command displays rmon Alarm table Syntax 191 User s Manual of WGSW 48000 show rmon alarm index lt 1 65535 gt Parameters lt 1 65535 gt Mode Privileged Mode show rmon alarm Description Syntax show rmon alarm lt CR gt Parameters lt CR gt Mode Privileged Mode show rmon history show rmon history index Description This command displays enabled rmon history Syntax show rmon history index lt 1 65535 gt Parameters lt 1 65535 gt Mode Privileged Mode show rmon history Description Syntax show rmon history lt CR gt Parameters lt CR gt Mode Privileged Mode 192 User s Manual of WGSW 48000 show rmon statistics Description This command displayss port summary statistics Sy
220. ows Statistic of the Managed Switch 4 12 1 802 1X Statistic This page provides detailed IEEE 802 1X statistics of each port running port based authentication The 802 1X Statistics screen in Figure 4 12 1 appears Port Octet Received Octet Transmitted Session Time Terminate Cause User Name 01 0 0 0 0 NA 02 0 0 0 0 N A 103 0 0 0 0 N A 04 0 0 9 0 N A 105 9 0 a 0 N A 3 06 9 0 0 20 NIA 07 0 0 0 0 N A 08 0 0 0 0 N A 09 0 0 0 0 N A 10 0 0 0 0 N A 11 205 0 0 oe N A 12 aN Os 0 A E NA 13 0 0 0 0 N A 14 0 0 0 0 N A 0 0 0 0 N A 16 0 0 0 0 N A z _17 a5 0 0 E N A Ste 0 0 0 0 N A 3 19 ll 0 0 0 0 N A 1 20 0 0 0 0 N A 121 0 0 0 0 N A 22 o 0 0 0 N A _ 23 BA 9 w i 9 _ NIA 24 0 0 0 0 N A Figure 4 12 1 802 1X Statistic screenshot The page includes the following fields Object Description e Port Indicates the port number e Octets Recieved The number of octets received on this port during the session e Octets Transmitted The number of octets transmitted on this port during the session e Session Time The duration of the session in seconds e User Name Represents the identity of the Supplicant PAE e Termination Cause The reason for the session termination T his parameter can take the following values 1 Supplicant Logoff 1 2 Port Failure 2 155 Use
221. pass through the port This section includes this conceptual information e Device Roles e Authentication Initiation and Message Exchange e Ports in Authorized and Unauthorized States E Device Roles With 802 1X port based authentication the devices in the network have specific roles as shown below OM dig aclaren gt oo 802 1X RADIUS switch Workstations clients y gt gt a gt ae Figure 4 7 6 Device Roles o Client the device workstation that requests access to the LAN and switch services and responds to requests from the switch The workstation must be running 802 1 X compliant client software such as that offered in the Microsoft Windows XP operating system The client is the supplicant in the IEEE 802 1X specification o Authentication server performs the actual authentication of the client The authentication server validates the identity of the client and notifies the switch whether or not the client is authorized to access the LAN and switch services Because the switch acts as the proxy the authentication service is transparent to the client In this release the Remote Authentication Dial In User Service RADIUS security system with Extensible Authentication Protocol EAP extensions is the only supported authentication server it is available in Cisco Secure Access Control Server version 3 0 RADIUS operates in a client server model in which secure authentication information
222. pears Port Security ACL 802 1X RADIUS TACACS Port Control Type Control Rate l Save Settings Show Control Table The page includes the following fields Figure 4 7 19 Storm Control screenshot Object Description e Port Configure a single port or all ports e Control Type By which specifies the Broadcast mode currently enabled on the device The possible field values are None disable storm control function Broadcast counts only Broadcast traffic Broadcast Multicast counts Broadcast and Multicast traffic together Broadcast Unknown Unicast counts Broadcast and unknown unicast traffic Broadcast Multicast Unknown Unicast counts Unicast Multicast and Broadcast traffic e Control Rate Specifies a rate for storm control Where the maximum rate packets per second at which unknown packets are forwarded The available rate as below e 10pps e 100pps e 1000pps e 5000pps e 10000pps e 50000pps e 100000pps 104 User s Manual of WGSW 48000 4 7 7 Management IP List Management IP List specifies the IP addresses which can access the system Management IP Address 1 IP Address 2 IP Address 3 IP Address 4 IP Address 5 IP Address 6 IP Address 7 IP Address 8 Figure 4 7 20 Management IP List The page includes the following fields Object Descr
223. pecifies rmon counter capability on a port Syntax rmon counter enable disable Parameters enable disable Mode Interface Config set igmp router port Description This command specifies a igmp router port Syntax set igmp router port enable disable Parameters enable disable Mode Interface Config 269 User s Manual of WGSW 48000 6 4 5 Spanning tree Command spanning tree cost Description This command configure RSTP port path cost path cost value 0 200000000 Syntax spanning tree cost lt pathcost gt Parameters lt pathcost gt Mode Interface Config spanning tree edge Description This command configure edge property Syntax spanning tree edge enable disable Parameters enable disable Mode Interface Config Example Switch Interface 1 spanning tree edge enable spanning tree force p2plink Description This command configure force point to point link mode Syntax spanning tree force p2plink auto enable disable Parameters auto enable disable Mode Interface Config spanning tree migration check Description This command re checks the appropriate BPDU format to send on this port 270 Syntax spanning tree migration check enable disable Parameters enable disable Mode Interface Config spanning tree mst This command configures multiple spanning tree instance spanning tree mst cost Description This command configure the path cost o
224. press Settings Run Shut Down Snagit Capture Preview Figure 4 7 11Windows Server RADIUS Server setting path 5 Enter Active Directory Users and Computers create legal user data the next right click a user what you created to enter properties and what to be noticed Zs fictive Dire sInternetUser Properties z 2j xj ig Console MemberOf Diin Environment Sessions j ae Remote control Terminal Services Profile 22 General Address Account Profile Telephones Organization Tree lt 2 Active Direct Sanco BP wireless JTest Planet comtw LY Buki User logon name pre Windows 2000 E Y Com ny Tsintemetser SSS Dom MA TairternetUser a Fore 3 User Logon Hours Log On To E Accourttelesked ca Tf e July 05 2006 Wednesday Figure 4 7 12 TsInternetUser Properties screen 98 User s Manual of WGSW 48000 Set the Ports Authenticate Status to Disable if the port is connected to the RADIUS server or the port is a uplink port that is connected to another switch Or once the 802 1X stat to work the switch might not be able to access the RADIUS server 4 7 3 4 802 1X Client Configuration Windows XP is originally 802 1X support As to other operating systems windows 98SE ME 2000 an 802 1X client utility is needed The following procedures show how to configure 8
225. r s Manual of WGSW 48000 3 Supplicant Restart 3 4 Reauthentication Failure 4 5 AuthControlledPortControl set to ForceUnauthorized 5 6 Port re initialization 6 7 Port Administratively Disabled 7 8 Not Terminated Yet 999 4 12 2 RMON Statistic In this table overview each entry which created for each port was listed by showing owner and status fileds Use the port select link to select which port details to be displayed The RMON Statistics screen in Figure 4 12 2 and Figure 4 12 3 appears 802 1X Statistic RMON Statistic RMON Event RMONEventLog RMON Alarm n monitor Disabled 02 monitor Disabled 03 b monitor Disabled 04 monitor Disabled 05 monitor Disabled 06 monitor Disabled E monitor Disabled 08 monitor Disabled 09 monitor Disabled 10 monitor Disabled 41 i monitor Disabled 12 monitor Disabled B monitor Disabled 14 I monitor Disabled 15 monitor Disabled 16 monitor Disabled 17 i monitor Disabled 18 monitor Disabled 19 hi monitor Disabled 20 hi monitor Disabled 21 monitor Disabled 22 i monitor Disabled 23 g monitor Disabled 24 monitor Disabled Figure 4 12 2 RMON Statistic screenshot The page includes the following fields Object Description e Source Interface indicates the ethernet interface of this system e Owner indicates the entry creator Monitor means created by devic
226. r Port Modify Delete 1 BBC 1 01 00 5E 22 33 44 25 26 27 28 29 30 MODIFY O Figure 4 6 7 Static Multicast Table The page includes the following fields Object Description e Group ID The index for this static multicast group e Group Name The name for this static multicast group e VLAN ID The VLAN ID for this static multicast group e Multicast Address The multicast address for this static multicast group e Member Port The port members for this static multicast group e Modify Specifies the states of port member for this static multicast group e Delete To destroy the existing multicast group 85 User s Manual of WGSW 48000 4 6 4 IGMP IGMP is a standard defined in RFC1112 for IGMPv1 and in RFC2236 for IGMPv2 IGMP specifies how a host can register a router in order to receive specific multicast traffic Configure the switch to use IGMP snooping in subnets that receive IGMP queries from either IGMP or the IGMP snooping querier IGMP snooping constrains multicast traffic at Layer 2 by configuring Layer 2 LAN ports dynamically to forward multicast traffic only to those ports that want to receive it Static Multicast Static Multicast Table C Enable IGMP Snooping C Enable IGMP Proxy C Enable IGMP Querier C Enable IGMP Immediate Leave Assign Router Ports 123 4 5 6 7 8 9 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 OOOOOOOOOOOOOOOOOOOOOOOO 25 26 27 28 29 30 31 32 33 34 35 36 37 38
227. r untagged e Tagged Ports with tagging enabled will put the VID number priority and other VLAN information into the header of all packets that flow into those ports If a packet has previously been tagged the port will not alter the packet thus keeping the VLAN information intact The VLAN information in the tag can then be used by other 802 1Q compliant devices on the network to make packet forwarding decisions e Untagged Ports with untagging enabled will strip the 802 10 tag from all packets that flow into those ports If the packet doesn t have an 802 1Q VLAN tag the port will not alter the packet Thus all packets received by and forwarded by an untagging port will have no 802 10 VLAN information Remember that the PVID is only used internally within the Switch Untagging is used to send packets from an 802 1Q compliant network device to a non compliant network device 62 User s Manual of WGSW 48000 Frame Income Frame Leave Income Frame is tagged Income Frame is untagged Leave port is tagged Frame remains tagged Tag is inserted Leave port is untagged Tag is removed Frame remain untagged The page includes the following fields Object Description e VLAN Group Indicates the VLAN for which the port membership is configured e Excluded Excludes the Port LAG from the VLAN e Untagged Indicates that this Port LAG is a member of the VLAN When the packet leaves
228. ransmitted The system capabilities identifies the primary function s of the system and whether or not these primary functions are enabled The information advertised by this TLV is described in IEEE 802 1AB Enable Capabilities The capabilities that define the primary function s of the system 132 User s Manual of WGSW 48000 e Management Addresses Optional TLV When checked the management address is included in LLDP information transmitted The management address protocol packet includes the IPv4 address of the switch If no management address is available the address should be the MAC address for the CPU or for the port sending this advertisement The management address TLV may also include information about the specific interface associated with this address and an object identifier indicating the type of hardware component or protocol entity associated with this address e Port ID SubType Identifies the chassis containing the IEEE 802 LAN entity associated with the transmitting LLDP agent s interfaces e Port ID ID Basis The Port ID is the identification of the Managed Switch s port Reference Chassis component EntPhysicalAlias when entPhysClass has a value of chassis 3 IETF RFC 2737 Interface alias IfAlias IETF RFC 2863 Port component EntPhysicalAlias when entPhysicalClass has a value port 10 or backplane 4 IETF REC 2737 MAC address MAC address IEEE St
229. re initialization e Notification Interval The interval at which notification are generated when remote MSAP information changes e Management Address Indicates the ports on which the management address will be transmitted Transmit Ports e Port Configuration LLDP configuration for a port e LLDP Status The administratively desired status of the local LLDP agent e Enable Notification Indicates wether or not notifications from the agent are enabled e Enable MED Notification Indicates wether or not MED notifications from the agent are enabled e MED Fast Start Count Indicates the number of fast start LLDP MED PDUs that are sent when a LLDP MED Peer is detected e Enable Optional TLVs Tx Indicates which TLVs are enabled for tranmission 4 10 2 LLDP Statistics This page provides an overview of all LLDP traffic Two types of counters are shown Global counters are counters that refer to the Managed Switch while local counters refers to counters for the currently selected switch The LLDP Statistics screen in Figure 4 10 2 appears LLDP Settings Local Information Remote Information Number of Inserts 0 Number of Deletes 0 Number of Drops 662 Number of Ageouts 0 RX FramesRX FramesRX Frames RX Frames RX Frames RX Frames Discarded Errors Total TLVs DiscardedTLVs Unrecognized Ageouts 1 0 0 0 SI 0 0 TAS E 8 0 o v 0
230. response Get Allows the NMS to retrieve an object instance from the agent Set Allows the NMS to set values for object instances within an agent Trap Used by the agent to asynchronously inform the NMS of some event The SNMPv2 trap message is designed to replace the SNMPv1 trap message SNMP community An SNMP community is the group that devices and management stations running SNMP belong to It helps define where information is sent The community name is used to identify the group A SNMP device or agent may belong to more than one SNMP community It will not respond to requests from management stations that do not belong to one of its communities SNMP default communities are Write private Read public 122 User s Manual of WGSW 48000 4 9 1 SNMP Configure SNMP on this page The SNMP System Configuration screen in Figure 4 9 1 appears Group Profile UserProfile Community Profile SNMP Trap Station Enable SNMP Functionalities Enable SNMP Notification Engine ID 80 00078504 Use Default 80 00 07 e5 04 003041480001 Figure 4 9 1 SNMP configuration screenshot The page includes the following fields Object Description Enable SNMP Functionalities Enables or Disables SNMP function on this device Enable SNMP Notification Enables or Disables SNMP notification function on this device Engine ID Configures the Engine ID on this device The field value is a hexad
231. ribes how to use the Command Line interface CLI Section 6 CLI CONFIGURATION The section explains how to manage the Managed Switch by Command Line interface Section 7 SWITCH OPERATION The chapter explains how to does the switch operation of the Managed Switch Section 8 TROUBSHOOTING The chapter explains how to trouble shooting of the Managed Switch Appendix A The section contains cable information of the Managed Switch 22 User s Manual of WGSW 48000 1 4 Product Features gt Physical Port O 48 Port 10 100 1000Base T Gigabit Ethernet RJ 45 Ol 4mini GBIC SFP slots shared with Port 23 Port 24 Port 47 and Port 48 O RS 232 DB9 console interface for Switch basic management and setup Layer 2 Features O Complies with the IEEE 802 3 IEEE 802 3u IEEE 802 3ab IEEE 802 3z Gigabit Ethernet standard O Supports Auto negotiation and Half Duplex Full Duplex modes for all 10Base T 100Base TX and 1000Base T ports O Auto MDI MDI X detection on each RJ 45 port O Prevents packet loss Flow Control IEEE 802 3x FAUSE Frame flow control for Full Duplex mode Back Pressure Flow Control in Half Duplex mode O High performance Store and Forward architecture broadcast storm control runt CRC filtering eliminates erroneous packets to optimize the network bandwidth O 8K MAC address table automatic source address learning and ageing O 4Mbit embedded memory for packet buffers O Support VLAN IEEE 802 1Q Tag based VLAN GV
232. riority CFI VLAN ID VID 3 bits 1 bits 12 bits TPID Tag Protocol TCI Tag Control Identifier Information On 2 bytes Destination Source e a Ethernet Preamble VLAN TAG Data FCS Address Address Type 6 bytes 6 bytes 4 bytes 2 bytes 46 1517 bytes 4 bytes Figure 4 8 7 802 1p Tag Priority Set up the COS priority level With the drop down selection item of Priority Type above being selected as COS only COS first this control item will then be available to set the queuing policy for each port QoS settings allow customization of packet priority in order to facilitate delivery of data traffic that might be affected by latency problems The IEEE 802 1p Priority specification uses 8 priority levels to classify data packets In 802 1p compliant devices a tag inserted into the packet header is used to identify the priority level of data packets The Managed Switch supports Port based QoS Port priority mapping and four queues The screen in Figure 4 8 8 appears 802 1P sets the priority relationships between queues and 802 1p priority 117 User s Manual of WGSW 48000 Queue Settings DSCP Port based QoS Rate Control DSCP Remark 802 1P Priority Assigned Queue me Ses 0 NIDIA DIN Figure 4 8 8 802 1P configuration screenshot The page includes the following fields Object Description e 802 1P Priority This value is retrieved from the priority tag field with values fr
233. riority that will be given to a set of classified traffic You can create and modify service levels Policy comprises a set of rules that are applied to a network so that a network meets the needs of the business That is traffic can be prioritized across a network according to its importance to that particular business type QoS Profile consists of multiple sets of rules classifier plus service level combinations The QoS profile is assigned to a port s Rules comprises a service level and a classifier to define how theSwitch will treat certain types of traffic Rules are associated with a QoS Profile see above To implement QoS on your network you need to carry out the following actions 1 2 3 4 Define a service level to determine the priority that will be applied to traffic Apply a classifier to determine how the incoming traffic will be classified and thus treated by the Managed Switch Create a QoS profile which associates a service level and a classifier Apply a QoS profile to a port s 113 User s Manual of WGSW 48000 4 8 2 Queue Settings The Queue Setting page contains fields for defining the QoS queue forwarding types The screen in Figure 4 8 2 appears DSCP 802 1P Port basedQoS Rate Control DSCP Remark LOS Weighted Round Robin lv Queue Weights CI EA 2 2 vj 3s F Ce Figure 4 8 2 Queue Settings screenshot The page includes th
234. rom a DHCP Relay Device not the real client e Trust Port Selects Trust Ports Of DHCP Snooping function DHCP Snooping will deny all the DHCP Packets from the untrust port e DHCP VLAN Selects DHCP Snooping function s effect range 4 7 11 Dynamic ARP Inspection A Dynamic ARP is prevent the untrust ARP packets base on the DHCP Snooping Database Md Management IP List AutoDoS SSH DHCP Snooping Dynamic ARP C Enable Dynamic ARP Inspection Click the checkbox under each port to assign trusted ports 01 02 03 04 05 06 O7 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 Enable Dynamic ARP for VLAN from to Disable Dyamic ARP for VLAN from to Current Enabled VLAN Figure 4 7 25 Dynamic ARP Inspection screenshot The page includes the following fields Object Description e Mode Enables or Disables Dynamic ARP function 109 User s Manual of WGSW 48000 e Trust Port Selects Trust Ports Of Dynamic ARP function e Darp VLAN Selects Enabled Dynamic VLAN function 4 7 12 IP Source Guard I What is IP Source Guard IP Source Guard is a security feature that restricts the client IP traffic to those source IP addresses configured in the DHCP Snooping Binding Database and in manually configured IP source bindings For example IP Source Guard can help prevent traffic attacks caused when a host trie
235. rotected property Syntax vlan protected enable disable Parameters enable disable Mode Interface Config vlan dropnq Description This command configure port drop none 802 10 frame Syntax vlan dropnq enable disable Parameters enable disable Mode Interface Config vian pvid Description This command configure port PVID Syntax vlan pvid lt pvid gt Parameters lt pvid gt Mode Interface Config Example User s Manual of WGSW 48000 Switch Interface 1 vlan pvid 1 Interface commands Description This command is used to change to another interface Syntax Interface commands lt port number gt Parameters User s Manual of WGSW 48000 lt port number gt Mode Interface Config Example Switch Interface 1 interface g1 274 User s Manual of WGSW 48000 7 SWITCH OPERATION 7 1 Address Table The Switch is implemented with an address table This address table composed of many entries Each entry is used to store the address information of some node in network including MAC address port no etc This in formation comes from the learning process of Ethernet Switch 7 2 Learning When one packet comes in from any port the Switch will record the source address port no And the other related information in address table This information will be used to decide either forwarding or filtering for future packets 7 3 Forwarding amp Filtering When one packet co
236. rotocol QoS bandwidth control and IGMP Snooping The WGSW 48000 provides 802 1Q Tagged VLAN and GVRP protocol The VLAN groups allowed on the WGSW 48000 will be maximally up to 255 By supporting port aggregation the WGSW 48000 allows the operation of a high speed trunk combining multiple ports It enables up to 14 groups of maximum 8 ports for trunking and supports fail over as well Excellent Traffic Control PLANET WGSW 48000 is loaded with powerful traffic management and QoS features to enhance services offered by telecoms The functionality includes QoS features such as wire speed Layer 4 traffic classifiers and bandwidth limiting that are particular useful for multi tenant unit multi business unit Telco or Network Service Provide applications It also empowers the enterprises to take full advantages of the limited network resources and guarantees the best performance at VoIP and Video conferencing transmission Efficient Management For efficient management the WGSW 48000 Managed Ethernet Switch is equipped with console WEB and SNMP management interfaces With its built in Web based management interface the PLANET WGSW 48000 offers an easy to use platform independent management and configuration facility The WGSW 48000 supports standard Simple Network Management Protocol SNMP and can be managed via any standard based management software For text based management WGSW 48000 can be accessed via Telnet and the console port Moreover
237. rrent settings for SSH e Change Key Change the public key used for encryption But please note that key cannot be changed if any clients are currently connected 4 7 10 DHCP Snooping A DHCP Snooping is configured to listen for All the DHCP or BOOTP broadcast packets to registers the client s IP MAC Port VLAN Lease Time etc information when client assigns the IP address from the trust DHCP Server And check all the untrust port in the DHCP Snooping VLAN to prevent the untrust server s packets DHCP Snooping maintain this binding Table in order to Dynamic ARP Inspection and IP Source Guard s implementation Md Management IP List AutoDoS SSH Dynamic ARP Inspection DHCP Snooping C Enable DHCP Snooping Enable Pass Through Option 82 Enable Verify MAC Address Click the checkbox under each port to assign trusted ports 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 4647 48 Enable DHCP Snooping for VLAN from to Disable DHCP Snooping for VLAN from to Current Enabled VLAN Figure 4 7 24 DHCP Snooping screenshot 108 User s Manual of WGSW 48000 The page includes the following fields Object Description e Option82 Enables or Disables Pass Option82 Packets DHCP Relay Packets e Verify MAC Enables or Disables Verify Source MAC amp Client MAC function In order to pass or deny the packet comes f
238. rrived and is in the right order Network applications that want to save processing time because they have very small data units to exchange may prefer UDP to TCP UDP provides two services not provided by the IP layer It provides port numbers to help distinguish different user requests and optionally a checksum capability to verify that the data arrived intact Common network applications that use UDP include the Domain Name System DNS streaming media applications such as IPTV Voice over IP VoIP and Trivial File Transfer Protocol TFTP User Priority V VLAN User Priority is a 3 bit field storing the priority level for the 802 1Q frame Virtual LAN A method to restrict communication between switch ports VLANs can be used for the following applications VLAN unaware switching This is the default configuration All ports are VLAN unaware with Port VLAN ID 1 and members of VLAN 1 This means that MAC addresses are learned in VLAN 1 and the switch does not remove or insert VLAN tags VLAN aware switching This is based on the IEEE 802 1Q standard All ports are VLAN aware Ports connected to VLAN aware switches are members of multiple VLANs and transmit tagged frames Other ports are members of one VLAN set up with this Port VLAN ID and transmit untagged frames Provider switching This is also known as Q in Q switching Ports connected to subscribers are VLAN unaware members of one VLAN and set up with this u
239. rs from accessing information or services By targeting at network sites or network connection an attacker may be able to prevent network users from accessing email web sites online accounts banking etc or other services that rely on the affected computer Dotted Decimal Notation refers to a method of writing IP addresses using decimal numbers and dots as separators between octets An IPv4 dotted decimal address has the form x y z w where x y z and w are decimal numbers between 0 and 255 283 User s Manual of WGSW 48000 DSCP is an acronym for Differentiated Services Code Point It is a field in the header of IP packets for packet classification purposes Ethernet Type or EtherType is a field in the Ethernet MAC header defined by the Ethernet networking standard lt is used to indicate which protocol is being transported in an Ethernet frame FTP is an acronym for File Transfer Protocol It is a transfer protocol that uses the Transmission Control Protocol TCP and provides file writing and reading lt also provides directory service and security features IGMP snooping Fast Leave processing allows the switch to remove an interface from the forwarding table entry without first sending out group specific queries to the interface The VLAN interface is pruned from the multicast tree for the multicast group specified in the original leave message Fast leave processing ensures optimal bandwidth management for
240. s lt port D gt probetype ingress src lt port list gt Parameters lt port list gt Mode Global Config Example User s Manual of WGSW 48000 Switch config monitor des 1 probetype ingress src 2 8 monitor des lt port ID gt probetype egress Description This command configures port monitor probetype as egress traffic Syntax monitor des lt port ID gt probetype egress src lt port list gt Parameters lt port list gt Mode Global Config Example Switch config monitor des 1 probetype egress src 2 8 6 3 7 dot1x Command dot1x enable Description This command enables global 802 1x function Syntax dot1x enable Mode Global Config dot1x disable Description This command disables global 802 1x function Syntax dot1x disable Mode Global Config dot1x port control Description Configure port auto authentication mode 211 User s Manual of WGSW 48000 dot1x port control enable port Description This command set auto authorized on a list of ports Syntax dot1x port control enable port lt port list gt Parameters lt port list gt Mode Global Config dot1x port control disable port Description This command set force authorized on a list of ports Syntax dot1x port control disable port lt port list gt Parameters lt port list gt Mode Global Config Example Switch config dot1x port control disable port 1 4 6 3 8 network Command network mgmt vlan Description T
241. s Displays the link status of the port LACP Property LAG Group Port Admin Auto Speed Flow Number 01 Control Disable v Mode Negotiation Enable v Enable v Duplex Figure 4 3 2 Port Detail Configuration 51 User s Manual of WGSW 48000 4 3 2 LACP Property Link Aggregation Control Protocol LACP is part of an IEEE specification 802 3ad that allows several physical ports to be bundled together to form a single logical channel Link Aggregation allows one or more links to be aggregated together to form a Link Aggregation Group such that a MAC Client can treat the Link Aggregation Group as if it were a single link Link aggregation can be used on 10Mbps 100Mbps or 1000Mbps ethernet full duplex ports Example A network administrator could combine a group of four 1000Mbps ports into a logical link that will function as a single 4000Mbps port The actual throughput however will be less than the sum total of the links Link Aggregation 4 ports aggregate up to 4Gbps Figure 4 3 3Link Aggregation The Link Aggregation Control Protocol LACP provides a standardized means for exchanging information between Partner Systems that require high speed redundant links Link aggregation lets you group up to eight consecutive ports into a single dedicated connection This feature can expand bandwidth to a device on the network LACP operation requires full duplex mode more detail information refer t
242. s enable or disable Syntax https enable disable Parameters enable disable Mode Global Config 6 3 22 BOOTP Command bootp enable Description This command is used to enable bootp function Syntax bootp enable Mode Global Config bootp disable Description This command is used to disable bootp function Syntax bootp disable Mode Global Config bootp renew Description 258 User s Manual of WGSW 48000 This command is used to renew bootp Syntax bootp renew Mode Global Config 6 3 23 SSH Command ssh enable Description This command is used to enable ssh function Syntax ssh enable Mode Global Config ssh disable Description This command is used to disable ssh function Syntax ssh disable Mode Global Config ssh changekey Description This command is used to change key function Syntax ssh changekey Mode Global Config 259 User s Manual of WGSW 48000 6 3 24 IP Source Guard Command ipsrcgd enable Description This command is used to enable ip source guard function Syntax ipsrcgd enable Mode Global Config ipsrcgd disable Description This command is used to disable ip source guard function Syntax ipsrcgd disable Mode Global Config ipsrcgd ports Description This command is used to configure ports to enable or disable ip source guard Syntax ipsrcgd ports enable disable Parameters enable disable Mode Global Config ipsrcgd retry Descript
243. s situation In networking the ACL refers to a list of service ports or network services that are available on a host or server each with a list of hosts or servers permitted or denied to use the service ACL can generally be configured to control inbound traffic and in this context they are similar to firewalls Using multiple ports in parallel to increase the link speed beyond the limits of a port and to increase the redundancy for higher availability Also Port Aggregation Link Aggregation ARP is an acronym for Address Resolution Protocol It is a protocol that used to convert an IP address into a physical address such as an Ethernet address ARP allows a host to communicate with other hosts when only the Internet address of its neighbors is known Before using IP the host sends a broadcast ARP request containing the Internet address of the desired destination system Auto negotiation is the process where two different devices establish the mode of operation and the speed settings that can be shared by those devices for a link 282 User s Manual of WGSW 48000 DES is an acronym for Data Encryption Standard It provides a complete description of a mathematical algorithm for encrypting enciphering and decrypting deciphering binary coded information Encrypting data converts it to an unintelligible form called cipher Decrypting cipher converts the data back to its original form called plaintext The algorithm de
244. s to use the IP address of its neighbor Il How does IP Source Guard work IP Source Guard uses Port Access Control List PACL When a DHCP Snooping or manually created Source Binding on a port is added modified removed a corresponding PACL will be created modified removed When IP Source Guard is enabled packet transmission is permitted as follows IPv4 traffic Only IPv4 traffic with a source IP address that is associated with the specific port is permitted Non IPv4 traffic All non IPv4 traffic is permitted Ill What is IP Source Guard Database IP Source Guard Database displays the detailed information of entries used by IP Source Guard IP Source Guard uses Ternary Content Addressable Memory TCAM resources requiring one TCAM rule per IP Source Guard entry If the number of IP Source Guard entries exceeds the number of TCAM rules available new entries may remain inactive When this happens IP Source Guard will show the corresponding reasons to users the probable values are No Problem No error occured Resource No more TCAM resources are available right now Port IP Source Guard hasn t been enabled on specified port yet Unknown Unknown error s occured IV What is Activate inactive entries IP Source Guard can try to activate inactive entries periodically 1 to 1440 minutes which also can be done manually Retry interval Try to activate inactive entries at a specified interval Never Never
245. s tokens will be added to the token bucket in token update interval is 7 8125 us And each token represents 0 5 bit selects the size of burst 120 User s Manual of WGSW 48000 4 8 6 DSCP Remark This Managed Switch supports the Packet Remarking Remarks can be made on the DSCP filed if the outgoing packet is an IP packet Select an ACL Entry Name as the criterion and then enter New DSCP Value as the action Once the criterion is hit the DSCP value will be changed Queue Settings DSCP 802 1P Port basedQoS Rate Control ACL Entry Name New DSCP Value ACLEntryName New DSCP Value Figure 4 8 11 DSCP Remark configuration screenshot The page includes the following fields Object Description e ACL Entry Name selects a ACL entry as the criterion e New DSCP Value indicates new DSCP value of the outgoing packet E ACL DSCP mapping table The incoming packets match ACL entry High _DSCP_ACL will be marked with DSCP value 63 Queue Settings DSCP 802 1P Port basedQoS Rate Control NAME High_DSCP_ACL v EAS 63 Save Settings ACL Entry Name New DSCP Value High_DSCP_ACL 63 BLOCK_SA_172 No Change Figure 4 8 12 DSCP Remark table 121 User s Manual of WGSW 48000 4 9 SNMP SNMP Overview The Simple Network Management Protocol SNMP is an application layer protocol that facilitates the exchange of management information between network devic
246. saees 214 network dhcp relay vlan lt vlan ID gt remove oooocccnccccnonoconcnononcnnnnoncnnnnonn nn nono nn nr norris 214 METWOFKSYSINIO 2 5 25 iti e irlanda 214 Network SysinfO S SAMOA iii 214 network sysinfo SySloCate cccccccceeeeeeeeeeneceeeeeeeeeeaaeceeeeeseceeaaeeeeeeeeeceaaaeceeeeesescaaeaeeeeeeesecaeeeeeeseseecaeeeeeeeseeeeaaees 215 network sysinfo SyScontact 1 i c cui A bado 215 network AdMIn tiMEOults 42 2 a Se a a a te coe a doi 215 6 30 Port COMMANA cirios te iaar aana nii 215 portall adminz MoOdes siz 8 eee As ote Ai Ri 215 port all auto negotiate oinaan iieii ete getene idia eaaa a aa tee dees ei 216 User s Manual of WGSW 48000 port all fow CONTIOL 2 20 c e sue sees cee in cence tee cee de e 216 port all portsec lOCKMOGS sis ig essen chicos na aE AEE EE EEE a NEE AAEE n Eaa AE AAS AAA A E E AA ai 216 port all portsec lockmode noie aianei a 216 port all portsec lockmode dynamic max entries ooococococcccconoccnonononcnnnonnncnnno nono nono nn n nan nn nrnnnnn rr nnnn rra rr 217 port all adela A A A A es 217 port all ratedliMitiegresS ondo ias A A ns oid ae Ss eee ee a a a ee aS 217 port allitate limitingress iii dieta ieee piua eet 217 port all Fmon countere e ein DE ii Ri 217 LA ON 218 portzall StOrm COntrol iii a laos sdes 218 port all storm control disable nai 218 port all storm control DroadCaSt 0 0 2 cece ceceecce cece ee eecce eect eeeeeeeeaeaeceeeeesecaaeaeeeeeeeesesaaeaeeeeeseseaaaeaeeeseeee
247. scribed in this standard specifies both enciphering and deciphering operations which are based on a binary number called a key DHCP is an acronym for Dynamic Host Configuration Protocol It is a protocol used for assigning dynamic IP addresses to devices on a network DHCP used by networked computers clients to obtain IP addresses and other parameters such as the default gateway subnet mask and IP addresses of DNS servers from a DHCP server The DHCP server ensures that all IP addresses are unique for example no IP address is assigned to a second client while the first client s assignment is valid its lease has not expired Therefore IP address pool management is done by the server and not by a human network administrator Dynamic addressing simplifies network administration because the software keeps track of IP addresses rather than requiring an administrator to manage the task This means that a new computer can be added to a network without the hassle of manually assigning it a unique IP address DNS is an acronym for Domain Name System It stores and associates many types of information with domain names Most importantly DNS translates human friendly domain names and computer hostnames into computer friendly IP addresses For example the domain name www example com might translate to 192 168 0 1 DoS is an acronym for Denial of Service In a denial of service DoS attack an attacker attempts to prevent legitimate use
248. sed when a falling threshold is crossed The eventEntry identified by a particular value of this index is the same as identified by the same value of the eventiIndex object If there is no corresponding entry in the eventTable then no association exists In particular if this value is zero no associated event will be generated as zero is not a valid event index e Owner e Delete Indicates the entry creator Click this hyper link to delete a specific event entry RFC 2819 The Alarm group periodically takes statistical samples from variables in the probe and compares them to thresholds that have been configured The alarm table stores configuration entries that each define a variable polling period and threshold parameters If a sample is found to cross the threshold values an event is generated 161 User s Manual of WGSW 48000 4 12 6 RMON History In this table overview every enabled History Control entry will be listed in the same page to help user to enter the page on checking all the sampled entries by the selected specific History Control entry index 802 1X Statistic RMON Statistic RMON Event RMON EventLog RMON Alam Source Sampli Current Number Samplin masx interface od of Samples O Owner states 4 01 50 50 1800 monitor Disabled 2 02 50 50 1800 monitor Disabled 3 03 50_ 50 1800 monitor
249. sensitive communication such as payment transactions and corporate logons HTTPS is really just the use of Netscape s Secure Socket Layer SSL as a sublayer under its regular HTTP application layering HTTPS uses port 443 instead of HTTP port 80 in its interactions with the lower layer TCP IP SSL uses a 40 bit key size for the RC4 stream encryption algorithm which is considered an adequate degree of encryption for commercial exchange ICMP is an acronym for Internet Control Message Protocol It is a protocol that generated the error response diagnostic or routing purposes ICMP messages generally contain information about routing difficulties or simple exchanges such as time stamp or echo transactions For example the PING command uses ICMP to test an Internet connection IEEE 802 1X is an IEEE standard for port based Network Access Control It provides authentication to devices attached to a LAN port establishing a point to point connection or preventing access from that port if authentication fails With 802 1X access to all switch ports can be centrally controlled from a server which means that authorized users can use the same credentials for authentication from any point within the network IGMP is an acronym for Internet Group Management Protocol It is a communications protocol used to manage the membership of Internet Protocol multicast groups IGMP is used by IP hosts and adjacent multicast routers to establish multicast group
250. service modeled on the FTP file transfer service SMTP transfers mail messages between systems and notifications regarding incoming mail SNMP is an acronym for Simple Network Management Protocol It is part of the Transmission Control Protocol Internet Protocol TCP IP protocol for network management SNMP allow diverse network objects to participate in a network management architecture It enables network management systems to learn network problems by receiving traps or change notices from network devices implementing SNMP SNTP is an acronym for Simple Network Time Protocol a network protocol for synchronizing the clocks of computer systems SNTP uses UDP datagrams as transport layer Stack Protocol using ROUting Technology An advanced protocol for almost instantaneous discovery of topology changes within a stack as well as election of a master switch SPROUT also calculates parameters for setting up each switch to perform shortest path forwarding within the stack Spanning Tree Protocol is an OSI layer 2 protocol which ensures a loop free topology for any bridged LAN The original STP protocol is now obsoleted by RSTP Switch IDs 1 16 are used to uniquely identify the switches within a stack The Switch ID of each switch is shown on the display on the front of the switch and is used widely in the web pages as well as in the CLI commands Tag Priority is a 3 bit field storing the priority level for the 802 1Q frame 29
251. st on which ACE can be based The possible field values are e ICMP which indicates that the Internet Control Message Protocol ICMP is used to classify network flows e IGMP which indicates that the Internet Group Management Protocol IGMP is used to classify network flows e TCP which indicates that the Transmission Control Protocol is used to classify network flows e UDP which indicates that the User Datagram Protocol is used to classify network flows e IP which indicates that all IPv4 frames are used to classify network flows e GRE which indicates that the Generic Routing Encapsulation GRE protocol is used to classify network flows Matches the source MAC address to which packets are addressed to the ACE And it s format is XX XX XX XX XX XX Defines the source MAC address mask Where matches the destination MAC address to which packets are addressed to the ACE And it s format is XX XX XX XX XX XX Means destination TCP UDP port number The range is from 1 to 65535 When Specific is selected for the VLAN ID filter you can enter a specific VLAN ID number The allowed range is 1 to 4095 A frame that hits this ACE matches this VLAN ID value Inserts this ACL entry 91 User s Manual of WGSW 48000 E ACL Port select Port Security 802 1X RADIUS TACACS StormControl pl ACL Port List ACL Entry Name BLOCK_SA_172 Of 62 03 gt 04 05 08 Of OB 08 10 11 42 43 MA 15 18 a A 1
252. t UCD SNMP version 4 1 2 telnetd started Init sshd Server listening on 0 0 0 0 port 22 Network interface status MAC Address 00 30 4F 48 00 0A static IP 192 168 0 100 Netmask 255 255 255 0 Gateway 192 168 080 254 Management VLAN 1 Username admin Password Connected 00 33 48 ANSIW 38400 8 N 1 Figure 5 1 WGSW Managed Switch Console Login screen To have access to the full suite of commands the operator must enter the Privileged Mode Enter enable to into the Privileged Mode and it requires password authentication From Privileged Mode the operator can issue any Exec command to enter the 164 User s Manual of WGSW 48000 Global Configuration mode Command gt enable Username admin Password admin For security reason please change and memorize the new password after this first setup Only accept command in lowercase letter under console interface Configure IP address The WGSW Managed Switch is shipped with default IP address as following IP Address 192 168 0 100 Subnet Mask 255 255 255 0 To check the current IP address or modify a new IP address for the Switch please use the procedures as follow a Show the current IP address 1 On Switch prompt enter show network 2 The screen displays the current IP address Subnet Mask and Gateway As show in Figure 5 2 COM1_38400 HyperTerminal DER File Edit View Call Transfer Help Owe 23 m UCD SNMP version
253. t longer than it was originally the Cyclic Redundancy Check CRC must be recalculated Adding an IEEE802 1Q Tag Dest Addr Src Addr Length E type Data Old CRC Original Ethernet J Se Dest Addr Src Addr E type Tag Length E type Data New CRC Pa a New Tagged Packet Priority CFI VLAN ID 58 User s Manual of WGSW 48000 Hi Port VLAN ID Packets that are tagged are carrying the 802 1Q VID information can be transmitted from one 802 1Q compliant network device to another with the VLAN information intact This allows 802 1Q VLAN to span network devices and indeed the entire network if all network devices are 802 1Q compliant Every physical port on a switch has a PVID 802 1Q ports are also assigned a PVID for use within the switch If no VLAN are defined on the switch all ports are then assigned to a default VLAN with a PVID equal to 1 Untagged packets are assigned the PVID of the port on which they were received Forwarding decisions are based upon this PVID in so far as VLAN are concerned Tagged packets are forwarded according to the VID contained within the tag Tagged packets are also assigned a PVID but the PVID is not used to make packet forwarding decisions the VID is Tag aware switches must keep a table to relate PVID within the switch to VID on the network The switch will compare the VID of a packet to be transmitted to the VID of the port that is to transmit the packet If the two VID are differ
254. t priority value is provided in increments of 4096 For example 4096 8192 12288 etc The range is 0 to 61440 e Max Age The max age timer controls the maximum length of time that passes before a bridge port saves its configuration BPDU information e Forward Delay Forward delay is a time value which controls how fast a port changes its state The value determines how long the port stays in each of the listening and learning states which precede the forward state This value is also used to age all dynamic entries in the forwarding databases when a topology change has been detected and is underway e Designated Root The bridge identifier of the root of the spanning tree is determined by the RSTP Bridge protocol as executed by this node The bridge identifier value is used as the root identifier parameter in all configuration bridge BPDUs originated by this node 73 User s Manual of WGSW 48000 4 5 2 RSTP Port RSTP port settings control and monitor per port spanning tree status MSTP MSTPPort MSTP Instance MSTP Interface Port Participate Cost 01 0 Yes 2 3 02 f Yes gt f 2 ie Los O Yes gt S Mes Ms el 04 C Yes ETET ENS 05 la Yes salie lei Vase x amp l Perl ves S eon ee a A i E Eras gt e ls l 09 ia wa 2 Me i 40 la Yes ME it A E 1
255. ta e a ccteueecess 275 LU ii 275 7 3 Forwarding amp FilteriNg ooommnnccnnnncnnnncecnnscrcnncrcnrrc rr 275 A A stone an aa E eaa aaaea aaa Ea aare Eaa a Ka anasan anaE 275 7 5 Auto Negotiation oia aia ida 275 9 TROUBLE SHOOTING uu selec teccncecdcecese ices ice cecetecececesacecacmed caste ece 277 IAPPENDE A Ao 279 A 1 Switch s RJ 45 Pin Assignments ceeeeceseeeeeeeeeeeeeeeeeeeneneeeeeeeseseeesesesneesesesneeseseseensesesneeseesseeeesessnanens 279 A 2 10 100Mbps 10 100Base TX c ooocococonconcocccccccccnnnnononcnoncnonnnnnnnnnnn cn nene cnn enn creerme rre nnne crees 279 A 3 Available MoOdUlES ccoo da ra cia 281 APPENDEX B GLOSSAR Mos ia 282 18 19 User s Manual of WGSW 48000 User s Manual of WGSW 48000 1 INTRODUTION The PLANET Layer 2 Managed Gigabit Switch series WGSW 48000 is all multiple ports Gigabit Ethernet Switched with SFP fiber optical connective ability and robust layer 2 features the description of these models as below Terms of Managed Switch means the Switches mentioned titled in the cover page of this User s manual i e WGSW 48000 1 1 Packet Contents Open the box of the Managed Switch and carefully unpack it The box should contain the following items Check the contents of your package for following parts M The Managed Switch x1 M User s manual CD x1 M Quick installation guide x1 M 19 Rack mount accessory kit x1 M Power cord x1 M Rubber feet X4 M RS 232 DB9 male C
256. tation add lt ip addr gt community lt community name gt type none trap version 1 2 Parameters 1 2 Mode Global Config snmp trapstation delete Description This command delete a trap station Syntax snmp trapstation delete lt WORD gt Parameters lt WORD gt Mode 229 Global Config 6 3 13 SNTP Command sntp daylight Description This command enables or disables the daylight saving configuration Syntax sntp daylight enable disable Parameters enable disable Mode Global Config sntp localtime Description Configure the local time sntp localtime enable Description This command enables local time Syntax sntp localtime enable Mode Global Config sntp localtime localtime_date Description This command sets local time Syntax sntp localtime localtime_date lt year gt lt month gt lt date gt lt hour gt lt minute gt lt second gt Parameters lt year gt lt month gt lt date gt lt hour gt lt minute gt 230 User s Manual of WGSW 48000 lt second gt Mode Global Config sntp server sntp server enable Description This command enables sntp server Syntax sntp server enable Mode Global Config sntp server ipaddr Description This command sets sntp server IP address Syntax sntp server ipaddr lt P addr gt Parameters lt P addr gt Mode Global Config sntp server polling Description This command sets sntp server polling ti
257. tch 802 10 VLAN require tagging which enables them to span the entire network assuming all switches on the network are IEEE 802 1Q compliant VLAN allow a network to be segmented in order to reduce the size of broadcast domains All packets entering a VLAN will only be forwarded to the stations over IEEE 802 1Q enabled switches that are members of that VLAN and this includes broadcast multicast and unicast packets from unknown sources VLAN can also provide a level of security to your network IEEE 802 1Q VLAN will only deliver packets between stations that are members of the VLAN Any port can be configured as either tagging or untagging The untagging feature of IEEE 802 1Q VLAN allows VLAN to work with legacy switches that don t recognize VLAN tags in packet headers The tagging feature allows VLAN to span multiple 802 1Q compliant switches through a single physical connection and allows Spanning Tree to be enabled on all ports and work normally Any port can be configured as either tagging or untagging The untagging feature of IEEE 802 1Q VLAN allow VLAN to work with legacy switches that don t recognize VLAN tags in packet headers The tagging feature allows VLAN to span multiple 802 1Q compliant switches through a single physical connection and allows Spanning Tree to be enabled on all ports and work normally Some relevant terms Tagging The act of putting 802 1Q VLAN information into the header of a packet Untagging
258. the Managed Switch e lu 0 Figure 2 11 Attach brackets to the Managed Switch You must use the screws supplied with the mounting brackets Damage caused to the parts by using incorrect screws would invalidate the warranty Step3 Secure the brackets tightly Step4 Follow the same steps to attach the second bracket to the opposite side Step5 After the brackets are attached to the Managed Switch use suitable screws to securely attach the brackets to the rack as shown in Figure 2 12 31 User s Manual of WGSW 48000 povococn 44 Figure 2 12 Mounting WGSW 48000 in a Rack Step6 Proceeds with the steps 4 and steps 5 of session 2 2 1 Desktop Installation to connect the network cabling and supply power to the Managed Switch 2 2 3 Installing the SFP transceiver The sections describe how to insert an SFP transceiver into an SFP slot The SFP transceivers are hot pluggable and hot swappable You can plug in and out the transceiver to from any SFP port without having to power down the Managed Switch As the Figure 2 13 appears MGB SX LX de 1000Base SX LX LC Fiber Figure 2 13 Plug in the SFP transceiver 32 User s Manual of WGSW 48000 Approved PLANET SFP Transceivers PLANET Managed Switch supports both Single mode and Multi mode SFP transceiver The following list of approved PLANET SFP transceivers is correct at the time of publication Ml MGB SX SFP 1000BA
259. the WGSW 48000 offers secure remote management by supporting SSL and SSH connection which encrypts the packet content at each session Powerful Security PLANET WGSW 48000 offers comprehensive Access Control List ACL for enforcing security to the edge Its protection mechanisms also comprise port based 802 1x user and device authentication The port security is effective in limiting the numbers of clients pass through so that network administrators can now construct highly secured corporate networks with time and effort considerably less than before Flexibility and Extension solution The four mini GBIC slots built in the WGSW 48000 are compatible with 1000Base SX LX and WDM SFP Small Factor Pluggable fiber optic modules The distance can be extended from 550 meters Multi Mode fiber up to above 10 50 70 120 kilometers Single Mode fiber or WDM fiber It is well suited for applications within the enterprise data centers and distributions 1 3 How to Use This Manual This User Manual is structured as follows Section 2 INSTALLATION The section explains the functions of the Switch and how to physically install the Managed Switch Section 3 SWITCH MANAGEMENT 21 User s Manual of WGSW 48000 The section contains the information about the software function of the Managed Switch Section 4 WEB CONFIGURATION The section explains how to manage the Managed Switch by Web interface Section 5 COMMAND LINE INTERFACE The section desc
260. tic and dynamic entries The static entries are configured by the network administrator if the administrator wants to do a fixed mapping between the DMAC address and switch ports The frames also contain a MAC address SMAC address which shows the MAC address of the equipment sending the frame The SMAC address is used by the switch to automatically update the MAC table with these dynamic MAC 286 User s Manual of WGSW 48000 addresses Dynamic entries are removed from the MAC table if no frame with the corresponding SMAC address have been seen after a configurable age time MDS is an acronym for Message Digest algorithm 5 MD5 is a message digest algorithm used cryptographic hash function with a 128 bit hash value It was designed by Ron Rivest in 1991 MD5 is officially defined in RFC 1321 The MD5 Message Digest Algorithm For debugging network problems or monitoring network traffic the switch system can be configured to mirror frames from multiple ports to a mirror port In this context mirroring a frame is the same as copying the frame Both incoming source and outgoing destination frames can be mirrored to the mirror port NetBIOS is an acronym for Network Basic Input Output System It is a program that allows applications on separate computers to communicate within a Local Area Network LAN and it is not supported on a Wide Area Network WAN The NetBIOS giving each computer in the network both a NetBIOS
261. v1 0 0 0 0 Figure 4 9 5 SNMP Community Profile SNMP GroupProfile User Profile SNMP Trap Station Community ID 1 Remove This Community Community String Group Name Remote Station IP Figure 4 9 6 SNMP Community Profile The page includes the following fields Object Description e Community ID Click on Community ID to edit or remove community e Community String Indicates the community string It just like to defines the password used to authenticate the management station to the device e Group Name Indicates the group which the community belongs to SNMP groups are defined in the SNMP Group Profile page Remote Station IP j Indicates the management station IP address There are two definition options e IP Address Define the management station IP address e 0 0 0 0 which includes all management station IP addresses Add New Community Creates a community 127 User s Manual of WGSW 48000 4 9 5 SNMP Trap Station Configure SNMP trap on this page The SNMP Trap Configuration screen in Figure 4 9 7 and Figure 4 9 8 appears SNMP Group Profile UserProfile Community Profile M ss Trap Community Link Change Boot Up Remote IP Address Version Station ID String Trap Trap Figure 4 9 7 SNMP Trap Station SNMP Group Profile UserProfile Community Profile Community String public Remote IP Address 192 168 0 99 Link Change Trap O E
262. value Undersize Packets indicates the undersize packets counted value Oversize Packets indicates the oversize packets counted value Fragments indicates the fragments counted value Jabbers indicates the jabbers counted value 157 User s Manual of WGSW 48000 e Collisions indicates the collisions counted value e Frames of 64 Bytes indicates the 64 bytes and under packets counted value e Frames of 65 to 127 Bytes indicates the counted value which packets length are 65 to 127 bytes e Frames of 128 to 255 Bytes indicates the counted value which packets length are 128 to 255 bytes e Frames of 256 to 511 Bytes indicates the counted value which packets length are 256 to 511 bytes e Frames of 512 to 1023 Bytes indicates the counted value which packets length are 512 to 1023 bytes e Frames of 1024 to 1518 indicates the counted value which packets length are 1024 to 1518 bytes Bytes 4 12 3 RMON Event In this table overview every valid entry will be listed in the same page to help user to get the overview image on each control entry setting 802 1X Statistic RMON Sta Description Event Type None Log SNMP Trap Log and Trap Community Owner Siow Bei Figure 4 12 4 RMON Event screenshot The page includes the following fields Object Description e Index Indicate the event index value
263. vention This automatic network reconfiguration provides maximum uptime to network users However the concepts of the Spanning Tree Algorithm and protocol are a complicated and complex subject and must be fully researched and understood It is possible to cause serious degradation of the performance of the network if the Spanning Tree is incorrectly configured Please read the following before making any changes from the default values The Switch STP performs the following functions a Creates a single spanning tree from any combination of switching or bridging elements a Creates multiple spanning trees from any combination of ports contained within a single switch in user specified groups a Automatically reconfigures the spanning tree to compensate for the failure addition or removal of any element in the tree a Reconfigures the spanning tree without operator intervention Bridge Protocol Data Units For STP to arrive at a stable network topology the following information is used E The unique switch identifier E The path cost to the root associated with each switch port E The por tidentifier STP communicates between switches on the network using Bridge Protocol Data Units BPDUs Each BPDU contains the following information a The unique identifier of the switch that the transmitting switch currently believes is the root switch The path cost to the root from the transmitting port E The port identifier of the transmitting port
264. ving a multicast group IGMP version 1 is defined in RFC 1112 It has a fixed packet size and no optional data The format of an IGMP packet is shown below IGMP Message Format Octets 0 8 16 31 Checksum Type Response Time Group Address all zeros if this is a query The IGMP Type codes are shown below ype Meaning ext Membership Query if Group Address is 0 0 0 0 Specific Group Membership Query if Group Address is Present MON Membership Report version 2 Leave a Group version 2 MON Membership Report version 1 IGMP packets enable multicast routers to keep track of the membership of multicast groups on their respective sub networks The following outlines what is communicated between a multicast router and a multicast group member using IGMP A host sends an IGMP report to join a group A host will never send a report when it wants to leave a group for version 1 A host will send a leave report when it wants to leave a group for version 2 Multicast routers send IGMP queries to the all hosts group address 224 0 0 1 periodically to see whether any group members exist on their sub networks If there is no response from a particular group the router assumes that there are no group members on the network The Time to Live TTL field of query messages is set to 1 so that the queries will not be forwarded to other sub networks IGMP version 2 introduces some enhancements such as a method to el
265. w dot1x config Mode Privileged Mode show dot1x radius Description This command displays radius configuration Syntax show dot1x radius Mode Privileged Mode show dot1x statistics Description This command displays dot1x statistics Syntax show dot1x statistics Mode Privileged Mode show igmpsnooping Description This command displays IGMP snooping information show igmpsnooping dynamic_router_port Description This command displays dynamic router ports information Syntax show igmpsnooping dynamic_router_port Mode Privileged Mode 179 User s Manual of WGSW 48000 show igmpsnooping groups Description This command is used to displays igmp groups information Syntax show igmpsnooping groups Mode Privileged Mode show igmpsnooping info Description This command displays IGMP Snooping configuration information Syntax show igmpsnooping info Mode Privileged Mode show lag Description This command is used to displays link aggregation groups information show lag lag index Description This command is used to specify an switch lag Syntax show lag lag index lt lag id gt Parameters lt lag id gt Mode Privileged Mode show lag all Description This command is used to displays all switch lags Syntax show lag all lt lag id gt Parameters lt lag id gt Mode 180 User s Manual of WGSW 48000 Privileged Mode show lldp Description This command is use to displays lldp
Download Pdf Manuals
Related Search