FXC3024 User Manual
Contents
1. Figure 4 54 TFTP Restore Configuration User can restore the switch s configuration database from a TFTP server to the switch Before starting the restore operation make sure that the configuration database file is located in the TFTP server and 69 that the TFTP server is reachable from the switch 70 4 6 Default Configuration To reset the switch and restore the switch configuration to factory settings use the following web page and click on the reset button 3 Intelligent Switch Microsoft Internet Explorer File Edit View Favorites Tools Help Back gt Y A Asearch Favorites meda C4 B 3 Ol aH Address 4 http 172 30 40 219 v Go Links gt DO o QE MT nn nn nn lt a a Sai E E l Default Configuration Home Port Status Reset Switch to Default Configuration Port Statistics After restore configuration is completed system will reboot Administrator Reconnect after switch boots up TFTP Update Firmware reset Backup Restore Configuration Save Configuration Default Configuration Reboot Switch AA E Figure 4 55 Reset System 4 7 Reboot To just reboot the switch without restoring to default factory configuration use the following web page 71 A Intelligent Switch Microsoft Internet Explorer File Edit View Favorites Tools Help Back Y 2 A A Search Gs Favorites Media JB s H Address http 172 30 40 2192. Figure 6 18 MST Switch Configuration display in Detailed format e To view information related to a MST instance such as Bridge Priority Designated Root for that Instance Root Path Cost and VLANs associated with that MST instance use the following command Figure 6 19 displays the insformation related to MST Instance L2SW gt show spanningtree mst detailed lt 1 8 gt L2SW gt show spanningtree mst detailed 1 136 Z CA WINNT system32 telnet exe CL25W gt show spanningtree mst detailed 1 ST Instance ID ST Bridge Priority ime Since Last Topology Change Figure 6 19 MST Instance Details e To view port specific information related to a port associated with a MST instance use the following command Figure 6 20 displays the port information for the port 0 24 associated with MST instance 1 L2SW gt show spanningtree mst port detailed lt l 8 gt lt slot port gt L2SW gt show spanningtree mst port detailed 1 0 24 aj CA WINNT system32 telnet exe L25W gt show spanningtree mst port detailed 1 4 24 Forwarding Hig AHAHA 86 61 86 560 A8 86 68 61 5 6 601 00 560 A8 86 68 61 84018 esignated Port LL gt Figure 6 20 Spanning Tree Port Information Display 6 9 Link Aggregation amp Trunking Settings L2SW can create a maximum of seven trunk groups User can arbitrarily select up to four ports from ports 1 to 26 to build a trunking group All ports in the same static trunk group must be c
3. Spanning Tree unit 7 sus Home Port Status Port Statistics Administrator Stacking IP Address Switch Settings Console Port Info Port Controls Trunking MSTI Configuration System Configuration Port Configuration Spanning Tree Parameters Bridge Priority 32768 0 61400 STP State V Force Yersion 50214 y Max Age 6 40 Forward Delay Time 4 30 Configuration Name E Configuration Revision Level e Timers seconds Hello Time 1 10 IGMP Snooping _ Apply E Root Bridge Information LAN Configuratic Switch STP Summary a Spanning Tree Port Sniffer STP Admin Mode Enable SNMP E Protocol Version IEEE 802 1D Security Manager 802 1x Bridge Priority 32768 Configuration Bridge Identifier 80 00 00 50 48 80 08 61 TFTP Update Bridge Max Age sec 20 Firmware Bridge Hello Time sec 2 Backup Restore i Configuration Bridge Forward Delay sec 15 si 4 b E Done lap Internet A Figure 4 29 Switch STP Configuration Summary Users can view the Spanning Tree Port Status by selecting Port configuration link on the STP configuration screen L2SW Port Priority and Path Costs are automatically selected by the switch based on Port ID and speed of the port Future release will support configuration of these parameters from WBI and CLI 4 3 10 2 RSTP 802 1w Configuration 49 To configure L2SW to support RSTP set the Force Version Paramet
4. Spanning Tree Home System Configuration Port Configuration MSTI Configuration Port Status Port Statistics New MST Instance ID Select MST Instance ID Administrator MST ID 1 8 Sac PAN E MST ID 71 z Delete MSTI Information acking AS Details IP Address Switch Settings 0 2 Port View Console Port Info Port Controls gt MSTI Parameters Trunking EE io a Are IGMP Snooping MSTI VLAN Configuration Filter Database A Pe VLAN 1D qow _ Add 4 LAN Configuratic Ham VLAN ID high EJ naire f Spanning Tree e ll 4 Done gal 55 al Internet Z Figure 4 34 MST Instance Configuration p gt The VLANs have to be created first before assigning them to a MSTI The VLAN assignment details for each MSTI can be displayed by clicking on the Report button displayed under the MST Instance List title Figure 4 35 displays the list of MST instances created by the user along with list of VLANs assigned to each MST Instance 53 Bak gt Y A Qsearch Favorites media 4 B S O A Address 42 http 172 30 40 213 v Go Links gt Bassas aaa T ee Se Se SB eB Be ew we 4 0 cas Spanning Tree Home System Configuration Port Configuration MSTI Configuration Port Status Port Statistics New MST Instance ID Select MST Instance ID Administrator MST ID 1 8 7 ETE Pl Bz MST ID Mo z Delete MSTI Information Details IP Address Switch Settings C
5. 6 11 Broadcast Storm Filtering To control the broadcast storm the threshold value should be defined The threshold value is the percentage of the port s total bandwidth used by broadcast traffic When broadcast traffic for a port rises above the threshold broadcast storm control becomes active The valid threshold value are 5 10 15 20 25 and 0 Value of O means storm control is disabled Following commands are used to configure amp display the broadcast storm filter L2SW gt config stormcontrol level lt threshold gt L2SW gt config stormcontrol level To display storm control filter information L2SW gt show stormcontrol L2SW 0 x Leow show stormcontrol Broadcast Storm threshold 15 Lesh A Figure 6 24 Displays broadcast storm settings 6 12 IGMP Snooping The Internet Group Management Protocol IGMP is an internal protocol of the Internet Protocol IP suite Multicast traffic is propagated through the network using switches routers and hosts that support IGMP and other multicast protocols Enabling IGMP snooping allows the ports to detect IGMP queries and report packets and manage IP multicast traffic through the switch The following set of commands can be used to configure IGMP snooping 1 To enable or disable administrative mode of IGMP snooping use the following command By default the administrative mode of IGMP snooping is disable L2SW gt config igmpsnooping adminmode lt enable disable gt L2SW
6. Ebo switch Serial Number XOLA O O O O O O O O O O O ee ee ee A F s30011 Pasa A aa UE SUE ABI Version A A A AAA AA A AA AA A AA AA AA A ee ee VIAbbb FOO Sot tware Version ER A ee ee ee te 00 l Pl Module Lard 1 Twp E CA AAA AAA AAA AAA A E Module Gard 1 eS A Module Lard E Twp a PP Pe eee EEE EA OF HE Module Gard 2 TE ee ee ee L25H 1 Figure 6 33 Display inventroy 147 6 17 3 Network IP Address Configuration To configure IP address subnet mask gateway IP and protocol on the switch use the following set of commands The default IP address is 192 168 0 1 A switch can have only one IP address The switch can be configured for protocol none or DHCP If the switch is set for protocol none then all the IP information is manually configured DHCP is disabled by default If the user removes the IP address through a telnet session the connection to the switch is lost L25W gt config network protocol lt none dhcp gt L2SW gt config network protocol none L2SW gt config network params lt ipaddr gt lt netmask gt gateway L2SW gt config network params 172 30 40 202 255 255 255 0 172 30 40 2 L2SW gt save config L2SW gt reset system Are you sure you would like to reset the system y n Y p gt ln order for the statically configured IP address to take effect the switch has to be restarted using reset system command To display network configuration settings use the following command The response to
7. Future X Communications FXC3024 User Manual Version 1 0 Oct 2004 Table of Contents INTRODUCTION A P o ennenen 10 1 1 About This Manta iii iii 10 1 2 Summary OF Features rat 10 1 3 Factory Default SEM A A ds 11 PHYSICAL DESCRIPTION cortarla 13 2 1 Front Panel o 25 WS Mitch ad 13 2 2 L2SW Switch LED INdICAONS os 13 2 3 Rear Panel LISIS A oia 14 2 4 Description ot TZ WEEDS ratico r aaas 14 MANAGEMENT ACCESS sarral 16 3 1 Management Methods Supported by Various Interfaces cccccccccscsssssssssssscscscccccccccccsccsssssssssccecs 16 3 1 1 Serrak POr o AA A 17 3 1 2 In band Network Management Interface ooooonnnnncccnnnnnncnonononononoonnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnns 17 3 2 OEE GS A sant eee E EE Ratatat Bn Bere eee te een 17 al COLIN AM o O des 17 IPR Termal ACES SUMP iS 17 325 CEES a COM Ve UOT e e e dona aaswaoe 18 3 24 Network POL ACCESS el Drs nation ie 18 WEB MANAGEMENT FUNCTION sssnsensennnnnnnnnnonnonnennennnnnnnnnnonnonnennennnnnnnnnnnnn 19 4 1 Fort SUAS esos eos accu A E E E 21 4 2 Port SUAUIS UGS AAA IO 23 4 3 AdmmistratoE iii il lid 24 4 3 1 O oc a asco 24 4 3 2 O e cases eh aan totter Ola cadene hea datanath iene caseaei tdavannet dateee Payetaesilionatn i dataeeastagiehs 25 4 3 3 SCC TSS CIN santas ae Fe earl ceded A Delian intas tele is 27 2 es Po 00 Basi ae E A E E nn Sune CUNT Te tony Den NS tay ene ee Terror 2 RIDAD ModE O EEEE iach ih Sk cela ii ol
8. UnTagged Port is a member port of VLAN group and outgoing frames are not VLAN Tagged frames Tagged Portis a member port of VLAN group and outgoing frames are VLAN Tagged frames No The port is not a member of this VLAN group 82 6 Press Ctrl A to go back action menu line 7 Select Save to save all configured values AE Edit Delete a VLAN Group DEFAULT U2 actions lt Quit gt 1 lt Delete gt lt Previous Page gt Next Page gt Edit Delete a ULAN Group ab Next Item BackSpace Previous Item Quit Previous menu Enter Select Item Figure 5 11 Select a VLAN for editing Edit an VLAN Group ULAH Hame U2 ULAH ID 2 14174094 Protocol ULAH Hone Member UnTagged UnTagged actions gt lt Quit gt Edit gt Save Previous Page gt Next Page gt Select the Action menu ab Mext Item HackSpace Previous Item Quit Previous menu Enter Select Item Figure 5 12 Edit Delete selected VLAN In this page user can edit or delete a VLAN group as follows 1 PressEdit or Delete item 2 Choose the VLAN group to be edited or deleted and then press enter 3 User can modify the protocol VLAN item or change the member port to be tagged or un tagged User can also remove some member ports from the VLAN group 4 After edit VLAN press lt Save gt key to save all configures value 83 j gt 1 The VLAN Name and VLAN ID cannot be modified 2 The default VLAN must be deleted DSS Groups Sor
9. ag Address E http 172 30 40 213 Go Links gt A Home Port Status Port Statistics Administrator Stacking IP Address Switch Settings Console Port Info Port Controls Trunking IGMP Snooping Filter Database 1x DERDEN DEENEN ii i 5 fur ss e 4 gt Spanning Tree System Configuration Port Configuration MSTI Configuration Spanning Tree Parameters STP State V Force Yersion 80214 y Bridge Priority 32768 0 61400 m Timers seconds LAN Configuratic Spanning Tree Max Age 6 40 Hello Time 1 10 Port Sniffer Forward Delay Time 4 30 SNMP Security Manager Configuration Name Configuration Revision Level 802 1x Configuration ST as sl 4 b E Done 8 Internet Z Figure 4 28 Spanning Tree Version Selection STP can be enabled by selecting 802 1d as the Force Version parameter Other parameters associated with the STP can be configured as well using the same screen See also Figure 4 28 for the list of STP related parameters that can be configured Note STP should be enabled on LACP links Otherwise broadcast storm may occur Force Version Select the Spanning Tree Protocol Version You can choose 802 1d STP 8021 w RSTP or 802 1s MSTP as the spanning tree protocol for the switch Priorit j Priority value is used to identify the root bridge
10. 5 Priority Queue Service 302 1p Priority 1 First Come First Service O lay High before Low C WRR High weight Low weight Qos Policy High Priority Levels IF Levelo IF Levels IF Level2 IF Levels Levels IM Levels IM Levels M Level Apply Default Help Figure 4 10 Advanced Switch Settings MAC Address Age out Time Type the number of seconds that an inactive MAC address remains in the switch s address table The valid range is 10 765 seconds Default is 300 seconds Max bridge transmit delay bound control Limit the packets queuing time in switch If enabled the packets queued which exceed the delay bound setting will be dropped This valid values are 1sec 2 sec 4 sec and off Enable Low Queue Delay Bound Limit the low priority packets queuing time in switch If the low priority packet queued up in switch exceed Max Delay Time 1t will be dropped The valid range is 1 255 ms NOTE Enable Max bridge transit delay bound control before enabling Low Queue Delay Bound because this parameter is valid only when Max bridge transit delay bound control is enabled Broadcast Storm Filter To configure broadcast storm control enable it and set the upper threshold for individual ports The threshold is the percentage of the port s total bandwidth used by 29 broadcast traffic When broadcast traffic for a port rises above the threshold you set broadcast storm control becomes active The valid threshold
11. Mac Address HHHHKHKHHHAHI1 Ulan ID z1 Select the action menu BackSpace Previous Item Quit Previous menu Enter Select Figure 5 36 Add MAC Address To edit MAC address filter 1 Press lt Edi t gt key 2 Choose the MAC address that you want to modify and then press enter Intelligent Switch Filter MAG Address Configuration Mac Address Ulan ID Mac Address Ulan ID 5l5 5 51515 5 51515 150 1 5l5 5 5 51515 5 5 5 pes als 5 5 5 51515 je actions gt uit gt lt dd gt thie lt Delete gt Previous Page gt Next Page gt a A A Mac ab Next Item HackSpace Previous Item Quit Previous menu Enter Select Item Figure 5 37 Filter MAC Address Configuration 3 Press lt Edi t gt key to modify all the items 4 Press Ctrl A to go back action menu line and then select lt Save gt to save all configure value 99 Intelligent Swatch Edit Filter MAC Address Mac Address HHKKKHHHHHAS3 Ulan ID z2 Select the action menu _BackS pace Preyvious Item Quit Previous menu Enter Select Figure 5 38 Edit Filter MAC Address To delete MAC address filter use the following procedure 1 Press lt Del et e gt key to delete a filter MAC address 2 Choose the MAC address that you want to delete and then press enter 3 When pressing lt Ent er gt once will complete deletion on delete mode Intelligent Switch Filter MAC Address Configuration Mac Address Ulan ID Mac Address Ulan ID HAHAHA
12. Port Status Admin Mode Enable F Port Statistics ini Bo gt Administrator Max Units Bo 7 Stacking IP Address _Apply Help Switch Settings Stack Status Console Port Info AE Unit Id Base MAC Address Stack Port Status Release Trunking al 00 50 48 01 12 01 Online 00 02 01 00 IGMP Snooping Filter Database LAN Configuration Spanning Tree Port Sniffer SNMP Security Manager 802 1x Configuration TFTP Update Firmware Backup Restore Configuration Save Configuration Default Configuration Reboot Switch Figure 4 6 Stacking Configuration 4 3 2 IP Address 25 3 Intelligent Switch Microsoft Internet Explorer e gt 08 Ala a aja 3 A H 9 2 Back Fonverd Stop Refresh Home Search Favorites History Mail Print Edit Discuss Real com Messenger Address e http 172 30 40 219 Go Links gt al E E a a Dax Set IP Addresses 2 PET TELL LL 1 Smee eee eee O 1000 3 M See eee uk san PWR ox mansn Seeeeae Home Port Status Port Statistics DHCP Disable Administrator Stacking IP Address ap Address Subnet_Mask Switch Settings Console Port Info Gateway Port Controls Trunking Apply Help IGMP Snooping Filter Database LAN Configuration Spanning Tree Port Sniffer SNMP Security Manager 802 1x Configuration TFTP Update Firmware Backup Restore Configuration Save Configu
13. Select lt Save gt to save configure value Intelligent Switch IGMP Configuration IGMP Enabled Edit gt Save gt lt Quit gt Select the action menu BackSpace Previous Item Quit Previous menu Enter Select Item Figure 5 41 IGMP Configuration 102 5 3 5 LACP Using this page user can configure and view the LACP status Intelligent Switch LACE Configuration Jorking Ports Settin State Activity LACP Status Previous Menu Tab Next_ Item Enter Select Item Figure 5 42 LACP Configuration 5 3 5 1 Working Port Setting Intelligent Switch LACP Group Configuration Group LAGP Work Port Mum lt Edit gt GAVE gt Quit gt Select the action menu m Back5pace Previous Item Space Togqgle CGtrltA Action menu Figure 5 43 LACP Group Configuration 103 LACP Group Trunking is configured as follows 1 Select lt Edi t gt 2 Group Display the trunk group ID 3 LACP Work Port Num The parameter defines the max number of ports that can be aggregated at the same time If LACP static trunking group number exceeds the LACP work port num the excess ports are assigned to standby mode These standby ports would be able to join the static trunking group if any of the working port fails If local static trunking group is used this number must be the same as group ports p gt Prerequisite for configuring LACP trunking is to set up Trunk Configuration first 5 3 5 2 State
14. The bridge with the lowest value has the highest priority and is selected as the root Enter a number 1 through 65535 ue a Max Age value is the number of seconds a bridge waits without receiving Spanning Tree Protocol configuration messages before attempting a reconfiguration Enter a number 6 through 40 Hello Ti me e Hello time value 1s the number of seconds between the transmissions of E Spanning Tree Protocol configuration messages Enter a number 1 through 10 48 Forward Delay time Forward Delay Time is the number of seconds a port waits before changing from its Spanning Tree Protocol learning and listening states to the forwarding state Enter a number 4 through 30 Table 4 2 STP Parameters Configuration Name and Revision Level are parameters that are associated only with MSTP A brief description of these parameters will be provided in the following subsections Spanning Tree screen also displays a summary of switch releated configuration at the bottom of the screen as illustrated in Figure 4 29 Further details related to Switch level STP configuration can be displayed by clicking on the Detailed hyperlink displayed in Figure 4 29 Intelligent Switch Microsoft Internet Explorer E 3 Oj x File Edit View Favorites Tools Help Back gt gt Y A Qsearch gFavorites meda CH D 3 0 13 B Address 7 http 172 30 40 213 Go Links gt 1x O A Qe ar css
15. config vlan port ingressfilter enable 0 Enable To enables ingress filtering on the specified port Disable To disables ingress filtering on the specified port S ot port Physical port or trunk port or all p gt To configure ingress filter on any selected port or all ports 802 1q based VLAN must be enabled 2 To configure the switch whether to accept tagged or untagged frames use following command syntax L25W gt config vlan port acceptframe lt all vlanonly gt lt slot port all gt L2SW gt config vlan port acceptframe vlanonly 0 1 all vlanonly To accepts all frames or only tagged frames slot port all Physical port or trunk port 6 7 3 Show VLAN There are various display commands for VLAN and they are briefly described below 1 To display the configured VLANs in a summarized form use the following command This displays VLAN mode VLAN id VLAN name VLAN type and Protocol This command also display dynamic VLANs learned when GVRP enabled L2SW gt show vlan summary 127 L2SW l loj x Leow show vlan summary VLAN Mode oaeee O AE VLAN ID VLAN Mame LAN Type Protocol 1 DEFAULT Static none lt Yellow Static 1p a Atti A ieee Z Figure 6 8 Display VLAN Summary p gt Dynamic VLAN display is not available on CMLI and WBI interface 2 To display detailed information for the selected VLAN use the following command This displays VLAN id VLAN Name VLAN Type Protocol ty
16. for executing the command The square brackets indicates that the parameter is optional The indicate that only one of the parameter should be entered This parameter is a valid IP address of four decimal bytes separated by each byte ranging from 0 to 255 The default IP is usually 0 0 0 0 Note the user can customize the CLI prompt using Config command 115 Command Description Macaddr The MAC address format is six hexadecimal numbers separated by colons for e g 0 20 10 32 0e 40 slot port This parameter denotes a valid slot number and a valid port number For example 0 1 represents slot O port 1 6 1 2 Login User Setup User Id and password are required for all users trying to access and manage L2SW switch L2SW switch supports only one login account with full access rights Read Write admin Level Access to run config show reset save clear commands to configure maintain and troubleshoot the L2SW switch The login account name admin with password 12sw is pre configured and cannot be deleted but password can be changed using following commands L25W gt config user password lt name gt lt passwd gt L2SW gt config user password admin ess E gt To restore default password settings for admin account use cl ear config command 6 1 3 Network Port Access Setup If one of the network ports is used for in band management use the following command to configure that port 1 If DHCP is used L2
17. 00 50 a8 80 0 e0____ Apply Configuration xl 1 7 4 E De tene sg Figure 4 41 SNMP Engine ID Configuration Screen Assuming that the Engine ID for the switch is not changed by the user the first step in the configuration of SNMPv3 is creation of the necessary MIB views The MIB view can be created by entering a View Name a string of up to 16 ASCH printable characters an OID representing a subtree in the MIB and operational directive to include or exclude the MIB subtree identified by the view The block under the title Vi ews in Figure 4 42 is used for creating MIB views 59 3 Intelligent Switch Microsoft Internet Explorer EO E 3 iol x Fie Edit view Favorites Tools Help Back gt gt Y A Asearch Favorites meda CH Eh 3 0 aH Address tr SA Links gt a DAS DOS E E y he canas E L Home Port Status Port Statistics Administrator Stacking IP Address Switch Settings Console Port Info Port Controls Trunking IGMP Snooping Filter Database LAN Configuratic Spanning Tree New View Port Sniffer View Name e SNMP ETE EERE Sub Tree OOOO 802 1x Included Excluded lt lt Add lt lt Configuration 7 x 4 gt bbe Yiews Current Views E Done lap Internet Figure 4 42 Views Configuration Screen L2SW creates the following t
18. 100 Full Full On On On Off Off Disable Off 0 13 On On Down Auto Auto 100 100 Full Full On On On Off Off Disable Off 0 14 On On Down Auto Auta 100 100 Full Full On On On Off Off Disable Off 0 15 On On Down Auto Auto 100 100 Full Full On On On Off Off Disable Off 0 16 On On Down Auto Auto 100 100 Full Full On On On Off Off Disable Off ni ME On Down Auto Auto 100 100 Full Full On On On Off Off Disable Off 0 18 On On Down Auto Auto 100 100 Full Full On On On Off Off Disable Off 0 19 On On Down Auto Auto 100 100 Full Full On On On Off Off Disable Off 0 20 On On Down Auto Auto 100 100 Full Full On On On Off Off Disable Off 0 21 On On Down Auto Auto 100 100 Full Full On On On Off Off Disable Off 0 22 On On Down Auto Auto 100 100 Full Full On On On Off Off Disable Off 0 23 On On Down Auto Auto 100 100 Full Full On On On Off Off Disable Off 0 24 On On Up Auto Auto 100 100 Full Full On On On Off Off Disable Off Opening page http 172 30 40 219 hidden1 htm Sep intemet Figure 4 3 Port Status State Port state information is displayed under two columns Conf i g and Actual Configured and actual port state information are displayed as On or Of f Note that the port status and port statistics pages are automatically updated after every 5 seconds Link Status Link status information is displayed as Up or Down If the link is established between with peering port the link status information is displayed as Up Otherwise it is displayed as Down A
19. 153 153 156 156 157 157 158 158 1 Introduction 1 1 About This Manual The guide is intended for network administrators who are responsible for installing provisioning and managing L2SW layer 2 switch running software version R2 2 or higher It assumes a basic working knowledge of the following Local area networks LANs Ethernet concepts Ethernet switching and bridging concepts Internet Protocol IP concepts 1 2 Summary of Features 10 100Base TX half and Full Duplex 1000BaseT SX and LX full Duplex 802 1D MAC Bridge 802 1w Rapid Spanning Tree Protocol RSTP 802 1s Multiple Spanning Tree Protocol MSTP Virtual LANs VLAN 802 1Q GVRP Spanning Tree Protocol STP 802 1p Priority Queuing 802 1x Network Port Security 802 3x Flow Control 802 3ad Link Aggregation Port Mirroring Broadcast Storm Recovery BSR IGMP Snooping Bootstrap Protocol BOOTP and Dynamic Host Configuration Control Protocol DHCP clients for management interface Trivial File Transfer Protocol TFTP client for management interfaces User Interfaces 10 gt Console Menu Line Interface CMLI gt Command Line Interface CLI gt Web Based Interface WBI e Simple Network Management Protocol SNMP gt SNMP vl gt SNMP v2c and SNMPv3 e Simplified Remote Monitoring RMON I sections 1 2 3 and 9 e Simple Network Timing Protocol SNTP e Syslog 1 3 Factory Default Settings The L2SW products are factory provisioned w
20. 1x Configuration System Configuration PerPort Configuration Misc Configuration Configure 802 1 Per Port State Port Number Port State Al PORT Apply Help Figure 4 48 802 1x Perport Configuration Each port can select four kinds of authorization state Fu Force the specific port to operate in unauthorized state Access to the network through this port will be blocked Fa Force the specific port to be in authorized state and allow users attached to this port to access the network without forcing the user to go thru authentication procedure Au The state of the specific port is determined by the outcome of the authentication No 802 1x based port security is not supported in this port 65 PORT 1 No PORT No PORTS No PORT 4 Mo PORT No PORTS No PORT Mo PORTI0 Mo PORTI1 Mo PORTI2 Mo PORTIS No PORTI4 Mo PORTL9 No PORT2O No PORTZ1 Mo PORTZ2 Mo Figure 4 49 802 1x Port Status 4 3 14 3 802 1x Miscellaneous Configuration Parameters for 802 1x such as Quiet period Server timeout Maximum request and re authorization period can be configured using this page 202 1x Configuration System Configuration PerPort Configuration Misc Configuration Configure 802 1 misc configuration Quiet period Tx period Supplicant timeout Server timeout Max requests Reauth period Apply Help Figure 4 50 802 1x Miscellaneous Configuration e Quiet Period Define periods of time dur
21. 6 15 Display STP Port Settings in Detailed Form 6 8 2 RSTP Configuration RSTP protocol can be enabled by setting the forcedversion parameter to 802 1 w as illustrated below e Set forcedversion to RSTP L2SW gt config spanningtree switch forceversion lt 802 1d 802 1w 802 1s gt L2SW gt config spanningtree switch forceversion 802 lw p gt While switching spanning tree protocol from one version to another e g STP to RSTP or RSTP to STP or STP to MSTP etc it is recommended that the STP adminmode is disabled and then reenabled Users can disable or enable STP adminmode by clicking on the box next to STP State RSTP protocol parameter configuration such as switch priority forwarddelay etc are exactly same as STP protocol paramter except that with RSTP users configure a port to be an Edge port and set the link type to be Point to point shared or Auto The following commands illustrate how to configure the Edge port and link type associated with a port e To configure a port to be an Edge port use the following command L25W gt config spanningtree port edgeport lt slot port all gt lt true false gt L2SW gt config spanningtree port edgeport 0 1 true e To configure link type associated with a port use the following command L2SW gt config spanningtree port linktype lt slot port all gt lt point to point shared auto gt L2SW gt config spanningtree port linktype 0 1 point to point e To display the Edge port c
22. A gt Go to beginning of line lt Ctrl E gt Go to end of line lt Ctrl F gt Go forward one character lt Ctrl B gt Go backward one character lt Ctrl D gt Delete current character lt Ctrl1 U gt Delete to beginning of line lt Ctrl K gt Delete to end of line lt Ctrl w gt Delete previous word lt Ctrl T gt Transpose previous character lt Ctrl P gt Go to previous line in history buffer lt Ctrl N gt Go to next line in history buffer lt Ctrl 2Z gt Return to root command prompt lt TAB gt Command line completion end Return to root command prompt exit Go to parent command prompt 2 help command List choices e Depending on the access level the following commands are available to the use to configure and control the switch O clear O ontie O copy O help O logout o menu O reset O Save O show Clear or restore configuration to factory defaults Configure switch options and settings Transfer a file to or from the switch Help for CLI commands Exit this session Any unsaved changes will be lost Enter menu interface Reset the switch Save switch configurations Display switch options and settings 114 CLI CLI commands allow the user to configure various features such as Spanning Tree Protocol VLAN MAC filter Port Mirroring Priority Queue 802 1x and also perform a set of maintenance related functions such as user password maintenance log traps configuration upload and download L2SW switch p
23. ADVANCED SWITCH SETTINGS MISCELLANEOUS SWITCH SETTINGS CONSOLE INFORMATION TRUNKING LACP DISABLED STATIC TRUNKING GROUPS ACTOR AND PARTNER GROUP STATE ACTIVITY IGMP SNOOPING STATIC MAC ADDRESS MAC FILTERING VLAN CONFIGURATION PORT BASED VLAN ID PORT BASED VLAN 802 1Q BASED VLAN CREATE VLAN ADD PORTS TO VLAN CONFIGURE VID SPANNING TREE VERSION SELECTION SWITCH STP CONFIGURATION SUMMARY RSTP CONFIGURATION RSTP PORT CONFIGUATION RSTP PORT STATUS DISPLAY MSTP SWITCH CONFIGURATION MST INSTANCE CONFIGURATION MSTI CONFIGURATION REPORT MST INSTANCE DETAILS PORT SNIFFER SNMP MANAGEMENT COMMUNITY STRINGS TRAP MANAGER SNMP ENGINE ID CONFIGURATION SCREEN VIEWS CONFIGURATION SCREEN SNMPV3 GROUP CONFIGURATION SNMPV3 USER CONFIGURATION SECURITY MANAGER ENABLE 802 1X 802 1X CONFIGURATION 802 1X PERPORT CONFIGURATION 802 1X PORT STATUS 13 14 19 20 21 22 25 26 27 28 29 31 32 33 34 34 35 37 38 40 41 43 44 45 45 48 49 50 51 52 53 53 54 55 56 57 58 58 59 60 61 62 63 64 64 65 FIGURE 4 50 FIGURE 4 51 FIGURE 4 52 FIGURE 4 53 FIGURE 4 54 FIGURE 4 55 FIGURE 4 56 FIGURE 5 1 FIGURE 5 2 FIGURE 5 3 FIGURE 5 4 FIGURE 5 5 FIGURE 5 6 FIGURE 5 7 FIGURE 5 8 FIGURE 5 9 FIGURE 5 10 FIGURE 5 11 FIGURE 5 12 FIGURE 5 13 FIGURE 5 14 FIGURE 5 15 FIGURE 5 16 FIGURE 5 17 FIGURE 5 18 FIGURE 5 19 FIGURE 5 20 FIGURE 5 21 FIGURE 5 22 FIGURE 5 23 FIGURE 5 24 FI
24. Activity Activity of the ports is displayed in this page The port 1s said to be active 1f 1t sends LACP protocol packets It is in passive mode if 1t does not automatically send LACP protocol packets Intelligent Switch L CP Port State Active Configuration Active Active Passive Passive Lons gt Edit gt Gave gt lt Quit gt Save successfully press any key to return Next Item HackSpace Previous Item Quit Previous menu Enter Select Item Figure 5 44 LACP Port State Active Configuration To configure the LACP port state configuration use the following procedure 1 Select lt Edit gt 2 Press Space key to choose the item Active The port automatically sends LACP protocol packets Passive The port does not automatically send LACP protocol packets and responds only if it receives LACP protocol packets from the opposite device 3 Press Ctrl A go back action menu line 104 4 Select lt Save gt to save the configured value 105 DEDO LACP Status If Link Aggregation Control Protocol is enabled the group is LACP static trunking group If it 1s disabled the group 1s Local static trunking group Intelligent Switch LACP Group Status Static Trunking Group Group Key 1 Port _No 123 4 Quit gt lt Previous Page gt Next Page gt Select the action menu m BackS pace Previous Item Quit Previous menu Enter Select ltem_ Figure 5 45 LACP Static Trunking Group 5 3 5 4 LACP tr
25. HAMEN Select the action menu em BackS pace Prev ious Item space Toggle Ctrl A Action menu Figure 5 19 Collisions Retry Forever Collisions Retry Forever e Disable In half duplex if collision happens switch will retry 48 times for retransmission of the frame and then drop the frame e Enable In half duplex if collision happens transmission will retry forever 5 2 5 Administration Configuration 88 Intelligent Switch Device Configuration Change Password Device Information IP Configuration Previous Menu Configure the username Figure 5 20 Device Configuration DZ Change Username Using the following page a user can change username Intelligent Switch UserName Configuration UserName admin Edit gt Save gt Quit gt Select the action menu BackSpace Previous Item Quit Previous menu Enter 5elect Item Figure 5 21 User Name Configuration Type the new user name press lt Save gt item D2 22 Change Password 89 With this page user can change the password Intelligent Switch Password Configuration Old Password Ney Password eee enter again i xx Save successfullyt press an return Esc Previous menu Figure 5 22 Password Configuration DO Device Information Device information such as Name description and content are displayed in this page Intelligent Switch Device Information Intelligent 24 2 Switch Intellig
26. L2SW gt config spanningtree switch hellotime lt interval gt L2SW gt config spanningtree switch hellotime 3 e To configure the interval between messages that the spanning tree receives from the root switch If a switch does not receive a BPDU message from the root switch within this interval it re computes the spanning tree topology The range for bridges maximum age is 6 to 40 seconds The default value is 20 seconds L25W gt config spanningtree switch maxage lt interval gt L2SW gt config spanningtree switch maxage 10 e To configure the forwarding delay of the switch use the following command The allowed range of the forwarding delay is 4 to 30 seconds and the default value is 15 seconds L25W gt config spanningtree switch forwarddelay lt interval gt L2SW gt config spanningtree switch forwarddelay 10 e To configure the STP bridge priority use following command The allowed range for the STP priority is 1 to 65535 and the default value is 32768 Higher numerical value means a lower priority L25W gt config spanningtree switch priority lt priority gt L2SW gt config spanningtree switch priority 10 e To display STP settings in summary or detailed form use the following command In detailed form information such as the number of topology change count Root Path Cost and Root Port Identifier are displayed L25W gt show spanningtree switch lt summary detailed gt L2SW gt show spanningtree switch summary 131 uF CA
27. LACP operation requires full duplex mode for more detail information refer to IEEE 802 3ad standard 4 3 5 1 Aggregator Seitings This page is used to create a link aggregation across two or more ports Intelligent Switch Microsoft Internet Explorer OF x File Edit Yiew Favorites Tools Help To gt dE 43 58 4 Fa a 9 2 lt lt Back Fonvard Stop Refresh Home Search Favorites History Mail Print Edit Discuss Realcom Messenger Address http 172 30 40 219 y Go Links gt A Trunkin Home Port Status Aggregator Setting Aggregator information State Activit Port Statistics Stacking a IP Address Switch Settings Group ID Groupt a _ lt lt Get Console Port Info Lacp Enable y Port Controls Work Ports Trunking IGMP Snooping Filter Database carad _Remove gt _ LAN Configuration Spanning Tree Port Sniffer SNMP Security Manager 802 1x Apply Delete Help Configuration TFTP Update Firmware Backup Restore Configuration Save Configuration Default Configuration Reboot Switch E Done a Intemet 7 Figure 4 13 Trunking To create a link aggregation group with two or more ports the following parameters are used System Priority This value is used to identify the active LACP The switch with the lowest value has the highest priority and is selected as the active LACP G
28. Le E Done g Internet A Figure 4 38 SNMP Management 57 User can also define a name location and contact person for the switch Users can also select the SNMP version under the SNMP protocol Version block to select the SNMP protocol version to be supported by the switch Fill in the system options data and then click apply to update the changes on this page e Name Enter a name to be used for the switch e Location Enter the location of the switch e Contact Enter the name of a person or organization Community Strings Current Strings New Community String public RO Add String private Riv Remove RO ORW Figure 4 39 Community Strings Community strings serve as passwords and can be entered as one of the following RO Read only Enables requests accompanied by this string to display MIB object information RW Read write Enables requests accompanied by this string to display MIB object information and to set MIB objects Trap Managers Current Managers none Add IP Address Mew Manager oa Community Figure 4 40 Trap Manager A trap manager is a management station that receives traps and the system alerts generated by the switch Switch will not generate any trap until the trap manager information is defined in the switch Create a trap manager by entering the IP address of the station and a community string into the Trap Manager screen displayed in Figur
29. Plowtcontrol Full Next Page gt To change the configuration of an individual port user needs to select Edit from the action menu In 76 the edit mode the following parameters can be modified InRate 100K unit Input rate limit can be set in increments of 100K The valid range is 0 1000 e 0 disable rate control e 1 1000 input rate control value 100K OutRate 100K unit Output rate limit can be set in increments of 100K The valid range is 0 1000 e 0 disable rate control e 1 1000 output rate control value 100K Enabled Choose No for disabling and Yes for enabling an individual port Auto Choose auto negotiation mode e Auto e Nway_Force e Force for an individual port Spd Dpx Choose 10Mbps or 100Mbps for ports 1 24 Choose 10Mbps or 100Mbps or 1000Mbps depending on the type of module card for ports25 26 Ports can be set to full duplex or half duplex mode depends on the type of module card for ports 25 26 Flow Control Full Choose Off for disabling and On for enabling pause flow control function Hal f Choose Off for disabling and On for enabling backpressure flow control function E gt ore 1 Select lt Save gt from action menu to save changes 2 If the static trunk groups exist those trunk groups eg TRK1 TRK2 will be displayed after the module cards ports 25 26 Physical characteristics of trunk groups can also be edited in the abo
30. WINNT system32 telnet exe L25W gt show spanningtree switch summary panning Tree Adminmode IEEE 862 1D Priority 32768 Identifier S6 00 60 50 A8 826 68 61 6 Max Age Hello Time Forvard Delay Hold Time gt Figure 6 12 Displays switch STP settings in summary form L2SW gt show spanningtree switch detailed ul CA WINNT system32 telnekt exe CL25W gt gt show spanningtree switch detailed ridge Priority ridge Identifier ime Since Last Topology Change opology Change Count Hello Time Forward Delay Hold Time gt Figure 6 13 Display Switch Settings in Detailed Form e To display STP settings and STP statistics associated with a port use the following command L25W gt show spanningtree port lt summary detailed gt lt slot port gt L2SW gt show spanningtree port summary 0 1 a CA WINNT system32 telnekt exe CL25W gt show spanningtree port summary 8 1 Port Mode BPDUs Received BPDUs Transmitted BPDUs Received BPDUs Transmitted BPDUs Received BPDUs Transmitted BPDUs Received BPDUS Transmitted Figure 6 14 Displays port STP settings in summay form L2SW gt show spanningtree port detailed 0 1 132 Figure 6 15 displays STP port settings in detailed form a CA WINNT system32 telnet exe L25W gt gt show spanningtree port detailed 6 1 Discarding 601 8A B4 00 340 1E 18 1F 98 14 80 66 00 856 3E 98 8D E4 8064 opology Change Acknowledgement ello Time Figure
31. are operational e Redundant paths are enabled if the main traffic paths fail Rapid Spanning Tree Protocol RSTP specified by IEEE802 1w is an improved version of Spanning Tree Protocol and specifically addresses the problem associated with convergence time in STP With RSTP covergence typically occur within a couple of seconds whenever a topology change occurs in the network Multiple Spanning Tree Protocol MSTP allows an user to configure and support multiple spanning tree instances within the same switch For more details about RSTP and MSTP refer to Section 4 3 10 6 8 1 STP Configuration STP can be enabled by configuring the System and Per Port Configuration as displayed in the following commands 130 e To enable or disable administrative mode for switch use following command L2SW gt config spanningtree switch adminmode lt enable disable gt L2SW gt config spanningtree switch adminmode enable e Since L2SW supports multiple spanning tree protocols the user has to specify the spanning tree protocol type For example to specify the IEEE802 1D as the spanning protocol for the switch use the following command L2SW gt config spanningtree switch forceversion lt 802 1d 802 1w 802 1s gt L2SW gt config spanningtree switch forceversion 802 1d p gt The default spanning tree protocol version is 802 1s e To configure STP hello time for switch The valid range is from 1 to 10 seconds The default value is 2 seconds
32. command L2SW gt config dotlx switch portcontrol lt slot port all gt lt fa fu auto none gt L2SW gt config dot1lx switch portcontrol 0 2 auto 7 To display 802 1x configuration settings on switch execute the following command L2SW gt show dot1lx switch 142 L2SW 0 x Leow show dotlz swatch Swatch administration mode oooooo Enable ESP retransmission interval room oll Seconds Re authentication interval room 3600 Seconds He Period a a Ol seconds Maximum re authentication attempts Supplicant timeout interval oooooooo o oll Seconds EE timeout interval rr roomommmmmms ll seconds Figure 6 27 Displays dot1x switch settings 8 To display dot1x settings for switch port use the following command L2SW gt show dotlx port lt slot port all gt L2SW gt show dot1x port all LOSW lel ES Leo show dotlz port all Fort Port Control O Force uthorized Hone Hone Hone Hone Hone Hone O None 1 None 2 Mone 3 fone 14 fone 15 None _ l Would vou like to display the next 15 entries v m FR O oo oo ST O o HA SS SS SS 5 Figure 6 28 Displays dot1x port control 6 14 Priority The dotlp queue priority is queuing which allows switch to organize buffered packets and then service one class of traffic differently from other classes of traffic For example you can set priorities so that real time applications such as interactive voice and
33. gt config i gmpsnooping adminmode enable 2 The IGMP snooping query mode can be active passive or auto The active query mode is to enable query mode for group members The passive query mode is for passive snooping on IGMP Query Report In auto mode switch performs Query function if there is no other device in the 140 VLAN such as a multicast router is available to perform Query requests The default value is auto L25W gt config igmpsnooping querymode lt active passive auto gt L2SW gt config gmpsnooping querymode passive 2 To display IGMP snooping configuration use the following command The table below shows IGMP snooping parameters such as IGMP snooping mode query mode query interval time max response time and max IGMP entries L2SW gt show igmpsnooping info L2SW 0 x Leow show 1empenooping info Admin Mode ee Enable Query Mode h b h h OF E L e a S SE S EE SE SE SE A A A E Passive Query Interval Tame h h h h h h h h ee ee M G 125 Maz Response Time L e e S S D S S SE A A 100 Maz TME Entries A E E E E E lied LASH jf Figure 6 25 Displays IGMP snooping settings 6 13 802 1X 802 1x makes use of the physical access characteristics of IEEE 802 LAN infrastructures in order to provide a means of authenticating and authorizing devices attached to a LAN port that has point to point connection characteristics and to prevent access to that port in case the authentication and authorization process fails T
34. in this mode Dot1q Enable both port based VLAN and tag based VLAN A default VLAN with VLAN ID 1 is created and assigned to all ports once the mode is set to dotlq 2 To create a VLAN use the following commands The valid range is from 2 4094 An alphanumeric name can be assigned to the created VLAN The maximum length of the alphanumeric string is 16 characters L2SW gt config vlan create lt vlanid gt lt name gt L2SW gt config vlan create 10 Yellow 3 To add or delete a port to anew VLAN use the following command This command can be used for both port based VLAN and Protocol based VLAN L2SW gt config vlan addport lt vlanid gt lt slot port gt L2SW gt config vlan addport 10 0 1 L2SW gt config vlan delport lt vlanid gt lt slot port gt L2SW gt config vlan delport 10 0 1 4 Toremove VLAN use the following command L2SW gt config vlan delete lt vlanid gt L2SW gt config vlan delete 10 5 To configure protocol based VLAN use following command L2SW gt config vlan protocol lt vlanid gt lt protocoltype gt L2SW gt config vlan protocol 10 IP vlanid A valid VLAN ID The valid range is 2 4094 protcol type protocol type supported by the switch Valid options are None IP Arp Appletalk Appletalk_aarp Novelll_ipx BANYAN_VINES_C4 BANYAN_VINES_C5 BANYAN_VINES_AD DECNET_MOP_01 DECNET_MOP_02 DECNET_DPR DECNET_LAT DECNET_LAVC IBM_SNA X75_INTERNET X25_LAYER3 To configure the degre
35. of the spanning tree RSTP reduces the number of states of a port to three states o Discarding o Learning o Forwarding To assist in faster convergence RSTP also introduced the following additional roles for a port o Alternate Port o Backup Port o Edge Port Alternate Port is another root port on a switch through which the root of the spanning tree can be reach If the Root port on a switch fails the traffic will be switched over quickly to the Alternate port Backup port onLAN acts as a backup to the Designated port on the same LAN If the Designated port fails the Backup port will quickly take over the role of the Designated port for that LAN Edge port is a port that is typically connected to an end system such as PC or server Edge ports quickly transition into Forwarding state and remain in forwarding state regardless of topology changes The link connecting the Edge port can be a point to point link or shared link Generally an Edge port operating in full duplex mode can be considered to be connected on a point to point link Both STP and RSTP consider all VLANs to be part of the same Spanning Tree In some applications it is desirable to have separate spanning tree based on the VLAN association of the ports Some 46 vendors introduced the concept of Per VLAN Spanning Tree PVST which allows the switch to maintain a separate spanning tree instance for each VLAN This may be too burdensome on the switch Multiple Spanning Tree Pro
36. re te cere nen 103 Deeks WORE T OTTS CLIO Ors seta ae ales a a e at sca 103 A NCAA atada 104 e O O AIS E AA E E AAA AA 106 ee LA III COULD EE AANA A A 106 5 4 Status and CounmieT S ooien n ae e a Eaa a a a E ES 107 5 4 1 PESAS E O 107 5 4 2 PORE C OMA O 108 5 4 3 SY Ste rea o a aise acess Sia A A A O elcid ales 108 5 5 Reboot Swite EA A Rd ARA Obeid ceca cani 109 5 5 1 Dera E a E A 110 I2 A A E A 110 5 6 TETP Update Fimware ca ita 111 5 6 1 TFIP Update i Wat A E a da 111 5 6 2 Restore Concreto cod sacado 112 5 6 3 Backup onto led een aa eee 113 6 CLI BASED MANAGEMENT wevcivetictivettoetinsttavtinettenitesitaviiesiteehivslaaeieesicevtinws 114 6 1 1 CLOS ta CONVENIOS A a cuse accu EEA 115 6 1 2 Loim US CE SLU A SEA AA AA E eo cua 116 6 1 3 Network POL ACES O o 116 6 1 4 Tener Acess Eo pe a e a ide 116 6 1 5 A ON SC UU cet nasaretSanwed wanoaswstelaaaedetencnesnscausted Manmnusaheatapancmermnsansied ta noasaabahiesecekanatetsimarmstaeatanbalvaecenbnones 117 6 1 6 iacu VIL AA A A II A 117 6 2 SLACK ING OMG AGI ON oso ee 117 6 3 Port ConticUra ON EE T EE A E T EE AE E AE E E O T 118 6 3 1 Display Por Conf oura ON essien E NEE 119 6 3 2 Port COMMS UPAM ON S eE Skaer re iio EEE E 120 6 4 INA CP AAA O 122 6 5 SACMA C Addres Soia id AAA AA Ea e aara ooreo aea 122 6 6 MAC Bal in aise oraaa tara Ee aar Er aaa EEE R 123 6 7 A EA EE E E A A ARE A E S AE O A OEE E E 124 6 7 1 NI a E E te Ye Salata A te cel a re ene 125 6 7 2 POT VIDA TN SE
37. reassigned to MST Instance 0 L2SW gt config spanningtree mst vlan remove lt mstid gt lt vlanid o0w gt lt vl andid hi gh gt L2SW gt config spanningtree mst vlan remove 1 13 15 e To assign switch priority for a MST Instance use the following command L2SW gt config spanningtree mst priority lt mstid gt lt 0 61440 gt L2SW gt config spanningtree mst priority 1 10 p gt L2SW supports priority assignment on a per MST Instance basis Port level priority assignment on a MST Instance basis is not currently supported e To display MST switch configuration and statistics in summary or detailed form use the following commands The responses from the switch are displayed in Figure 6 17 and Figure 6 18 The configuration digest value is an MD 5 encoded message digest derived from Configuration Name Revision Level and VLAN to MST Instance mapping table L2SW gt show spanningtree switch lt summary detail ed gt L2SW gt show spanningtree switch summary 135 of Cr WINNT system3 telnet exe CL28W gt gt L25W gt show spanningtree switch summary IEEE 82 15 REGION 1 1 Di 4407284248 22EAED56BD46ECF3AF22F 5 Priority Identifier 86 66 06 56 08 86 68 68 Max Age 2A Hello Time Forward Delay Hold Time of Cr WINNT system32 telnet exe CL25W gt gt show spanningtree switch detailed ridge Priority ridge Identifier ime Since Last Topology Change opology Change Count oot Port Identifier ax Age
38. s configured PVID Press Space key to choose forward or drop the frame that VID does not match the port s configured VID UnTagged Pkt Ingress Filter rule for untagged frames Press Space key to choose drop or forward the untagged frame Note that PVIDs cannot be assigned arbitrarily Instead all the PVIDs must take on values within the same PVID set The following list depicts the relation between the PVID sets and value of PVID gt PVID Set 0 PVID range 0 255 PVID Set 1 PVID range 256 511 PVID Set 2 PVID range 512 767 PVID Set 3 PVID range 768 1023 PVID Set 4 PVID range 1024 1279 PVID Set 5 PVID range 1280 1535 PVID Set 6 PVID range 1536 1791 Vv Vv Y Y VY V Vy PVID Set 7 PVID range 1792 2047 80 PVID Set 8 PVID range 2048 2303 PVID Set 9 PVID range 2304 2559 PVID Set 10 PVID range 2560 2815 PVID Set 11 PVID range 2816 3071 PVID Set 12 PVID range 3072 3327 PVID Set 13 PVID range 3328 3583 PVID Set 14 PVID range 3584 3840 Vv Vv VW Y Y Y V WV PVID Set 15 PVID range 3841 4095 5 2 3 1 1 Create a Port based VLAN Add an ULAH Group ULAH Hame vlani 14174094 Member PORTS actions gt lt Quit gt lt Edit gt Save gt Previous Page gt Next Page Select the Action menu Tab Next Item Back pace Previous Item Quit Previous menu Enter Select Item Figure 5 9 Create Port based VLAN To create a port based VLAN and add member nonm
39. they are not required e PrivateUser authPriv previlege e AuthOnl yUser authNoPriv previlege e PublicUser noAuthNoPriv previlege p gt To get the Authentication and Privacy Password for the default users contact L2SW technical support E gt L2SW supports 8 MIB views 8 Groups and 16 Users p gt Before deleting a group all users associated with that group must be deleted and before deleting a view all groups using that view must be deleted p gt L2SW will be busy for a while computing the message digest and encrypting the password string when Authentication and Privacy Passwords are configured 4 3 13 Security Manager User Name is displayed on this page Using this page user can change web management user name and password 62 security Manager User Name Assign Change jf password Reconfirm pssword Apply Figure 4 45 Security Manager To change password use the following procedure e User Name Type the new user name e Password Type the new password e Reconfirm password Retype the new password Click App y button 4 3 14 802 1x 802 1x makes use of the physical access characteristics of IEEE 802 LAN infrastructures in order to provide a means of authenticating and authorizing devices attached to a LAN port that has point to point connection characteristics and to prevent access to that port in case the authentication and authorization process fails Before configuring 802 1x feature it has
40. traffic of the L2SW switch 3 1 Management Methods Supported by Various Interfaces 16 3 1 1 Serial Port Interface e CMLI e CLI 3 1 2 In band Network Management Interface e CLI e WBI e SNMP 3 2 Getting Started The following sections describe setting up of management stations for managing the L2SW switch 3 2 1 Port Names The term port refers to a physical Fast Ethernet port a port on the user installable plug in module card or a logical trunk in the L2SW switch Each port is referred to using the following naming convention lt slot number gt lt port number gt where lt sl ot number gt represents the port type and lt port number gt represents the number of the physical port within the selected port type Slot O denotes the fixed 24 x 10 100 Fast Ethernet ports slot 1 represents the user installable plug in module card and slot 2 represents the logical trunk port lt port number gt is the number assigned to the port The range and assignment of port numbers varies by the slot type The assignment of port numbers by slot number is shown in the following table Slot Number Port Number Assignment Left to Right 0 24 x 10 100 FE Upper level 1 12 Lower level 13 24 1 plug in module card 12 2 trunk port 1234567 In this document some alternative notations are also used to refer to the port numbers e PORT Refers to physical ports For example PORTS is equivalent to 0 8 and PORT25 an
41. value are 5 10 15 20 25 and off Priority Queue Service Settings Priority queue settings part of the screen allows the user to choose processing method for packets queued for a port First Come First Service The sequence of packets sent is dependent on order of arrival All High before Low The high priority packets are sent before low priority packets WRR Weighted Round Robin Select the preference given to packets in the switch s high priority and low priority queue These options represent the number of high priority packets sent before one low priority packet is sent For example 5 High 2 Low means that the switch sends 5 high priority packets before sending 2 low priority packet QOS Policy High Priority Levels 0 7 priority level can map to high or low queue 4 3 3 4 Miscellaneous Settings Other features essential to the switch such as 802 1x protocol Hash Algorithm IFG compensation are displayed on this page Switch Settings Misc Config Collisions Retry Forever Enable Hash Algorithm IFG compensation Enable 202 1x Protocol Disable Default Help Figure 4 11 Miscellaneous Switch Settings Collisions Retry Forever Enable disable collisions retry forever 30 Hash Al gorithm CRC hash Direct map hash algorithm The default setting should be changed only under special circumstances IFG Compensation Enable disable IFG Compensation The default setting should be changed o
42. video get priority over applications that do not operate in real time There are three different modes of priority and they are e FCFS First Come First Served 143 e SP Strict Priority e WRR Weighed round robin l To configure priority mode and user level priority use the following set of commands L2SW gt config dotlp mode lt fcfs sp wrr gt L2SW gt config dotlp mode sp 2 To create a user priority to queue priority mapping use the following command The dotlp_priority variable is user priority This is a decimal number between 0 and 7 While queue priority variable is for out put queue This is a decimal number between O and 1 where O is for low priority and 1 is the high priority queue L2SW gt config dotlp map lt dotlp_priority 0 7 gt lt queue_priority 0 1 gt L2SW gt config dotlp map 3 1 3 To configure 802 1p Weighted Round Robin WRR for out put queue use the following command The output queue priority value is a decimal number between 0 and 1 Value of 0 is low and is high priority queue While the WRR weight has valid range from 0 to 7 The default value is 1 L2SW gt config dotlp wrr lt queue priority 0 1 gt lt weight 1 7 gt L2SW gt config dotlp wrr 1 3 p gt Only 802 1p WRR mode weights can be modified 4 To display 802 1p mode and user priority to queue priority mappings use following command L2SW gt show dotlp LOSW O x Leow show dotlp DosMode 5P 502 1p User Priorit
43. y Port View MSTI Parameters priority Apply MSTI VLAN Configuration LAN ID low a Add WLANID high Delete MST Instance List Report Port Sniffer AER MST Instance Details a SNMP Security Manager MST Instance ID 1 G24 MST Bridge Priority 32768 Configuration SS eel TFTP Update Time Since Topology Change 133 Firmware Topology Change Count 0 Backup Restore Topology Change False contourner a Designated Root 80 01 00 50 A8 80 08 61 5 4 gt E Done g Internet A Figure 4 36 MST Instance Details 4 3 11 Port Sniffer The Port Sniffer is a method to monitor traffic in switched networks In Sniffer mode of operation traffic flowing in and out of monitored ports will be duplicated into sniffer port Port Sniffer page is used to enable disable various sniffer parameters such as Roving Analysis State and Port to be analyzed 55 Port Sniffer Ad E p lt 2 Lt al F F de cn T ma Ea m 4 DISABLE a A LA a ct 5 cm Al PORTIS Troms m pore E ron pore m Tors orzo m Tora m pore porras m rore E Default 1 Maa E E Figure 4 37 Port Sniffer Roving Analysis State Set sniffer mode to one of the following options e Disable e Rx e TX e Both Analysis Port It s mean sniffer port can be used to see all monitor port traffic User can connect sniffer port
44. 0 IQQF Down Un 0 Wone OTT U2 100TA Enable buto 100 100 Down Un 0 None OTT 0 3 IQQTA Enable buto 100 IQQF Down Un 0 Mone OTT 0 4 1I0OTA Enable buto 100 100 Down Un 0 None OTT 05 IQQTA Enable Auto 100 100 Down Un 0 0 Wone OTT 0 6 1I0OTA Enable buto 100 IQQF Down Un 0 0 Wone OTT U IOQQTA Enable buto 100 100 Down Un 0 None OTT U6 I0OTA Enable buto 100 IQQF Down Un 0 None OTT 0 9 I0OTA Enable buto 100 IQQF Down Un 0 0 None OTT 0 10 TI00TA Enable buto 100 IQQF Down Un 0 Mone OTT 0 11 T0OTA Enable buto 100 IQQF Down Un 0 None OTT 0 12 100TX Enable Auto 100 100 Down Un 0 None tt 0 13 100I Enable Auto 1009F 100 Down Un 0 None Off 0 14 100TX Enable Auto 100 100F is On 0 None Off 0 15 100TX Enable Auto 1090F 100 Dow Un 0 None Off Would you like to B the next 15 IES yin Admin Spd Spd Link Rate 100 Port Type Enable buto i State status FG In Uut pri security 0 16 100TX Enable Auto 100 100 Down Un 0 None Off 0 17 100TX Enable Auto 1009F 100 Down Un 0 None Off 0 18 1QQTX Enable Auto 1090F 100 Down Un 0 None Off 0 19 100I Enable Auto 1090F 100 Down Un 0 None Off 0 20 100TX Enable Auto 1009F 100 Down Un 0 None Off 0 21 100TX Enable Auto 1090F 100 Down Un 0 None Off 0 22 LOQTX Enable Auto 100r 100 Down Un 0 None Off 0 3 LOQTX Enable Auto 1009F 100 Down Un 0 None Off nable Auto 100 100 Down On 0 None Off 0 24 10UTA E L2H gt Figure 6 3 Port Status Display 6 3 2 Port Configuration Settings 2101 x T
45. 0 entries e Protocol VLAN Table 2048 entries However L2SW allows user to resize these table entries by choosing one of the following alternate configurations MAC Table Size VLAN Tag Table Multicast Table Size Size RA l 10K To change the internal table configuration stored inside L2SW use the following command The 145 L2SW will respond to the command by displaying the hardware configurations available in a menu format as illustrated in Figure 6 30 L2SW gt config switchconfig hardwaretable L2SW gt config switchconfig hardwaretable ul C WINNT system32 telnekt exe L25W gt config switchconfig hardvaretable Mac 14K Ulan IpMcst 4 5K 16K Ulan IpMcst 8 25K Ulan IpMcst 1 25K Ulan IpMcst 2 25K Ulan 4K IpMcst 4 25K an option of hardware table size 3 Figure 6 30 Hardware Table Size Configuration Command p gt In order to make hardware table configuration changes to be effective you need to save the configuration change and reboot the switch To display switch settings including the hardware table sizes use the following command L2SW gt show switchconfig ul CA WINNT system32 telnekt exe LS show sulitchconf ig Figure 6 31 Displays Switch settings 6 16 Statistics To display statistics for a specific port use the following command This displays statistics such as packets transmitted and received with and without errors transmit abort collision and drop packets L2S
46. 3 Ping the L2SW from the host where TFTP server is installed and make sure the network connectivity between the TFTP server and the L2SW switch is OK To download a new firmware using TFTP use the following procedure 1 Enter the TFTP Server IP Address 2 Enter the name of the firmware file e g image bin and click Apply button After the image is downloaded successfully you will see the following message on your screen Image download complete Click on Update Firmware below to update system with the new image Update Firmware Figure 4 52 Confirmation for TFTP upgrade 68 45 Configuration Backup 4 5 1 TFTP Backup Configuration This page 1s used for backing up storing configuration database of the switch on a remote file server TETP Configuration IFIP Restore Configuration TFTP Backup Configuration daa IP Address 172 30 10 11 Bacup Eve Mame Apply Help Figure 4 53 TFTP Backup Configuration Users can backup the switch s configuration database from the switch to a TFTP server using the TFTP Configuration web page Before you start the database backup operation make sure that the TFTP server is reachable from the switch use PING command from the TFTP server to the switch 4 5 2 TFTP Restore Configuration The following web page is used for Restore operations TETP Configuration TFTP Restore Configuration IFIP Backup Configuration U IP Address 172 30 10 11 kestore Fue Mame Help
47. 3 y 60 DENEN Qe nan Spanning Tree Home l System Configuration Port Configuration MSTI Configuration Port Status Spanning Tree Parameters Port Statistics PEE ai STP State Y Force Version 8021s y Bridge Priority 0 61400 Stacking Timers seconds IP Address Max Age 6 40 Hello Time 2 1 10 Switch Settings _ Forward Delay Time fs 4 30 Console Port Info n Port Controls Configuration Name Configuration Revision Level f Trunking IGMP Snooping _ Apply y 4 ESTONIA 52 Figure 4 33 MSTP Switch Configuration To configure an instance of MST click on the MST details on the Spanning Tree configuration and configure the MST instance D and VLAN range low and high values The MST configuration screen is illustrated in Figure 4 34 To delete a subset of the VLANs within an MST configure the VLAN range on the Select MST part on the right side of the screen and click delete key p gt L2SW supports 8 MSTIs p gt The VLANs deleted the from a MSTI will be assigned to IST Instance 0 If all the VLANs assigned to a MSTI are deleted the MSTI itself will be deleted after reassigning the VLANs to the IST 3 Intelligent Switch Microsoft Internet Explorer E o xE File Edit view Favorites Tools Help e Back gt Y ay Asearch yFavorites Media amp Dr 9 A E Y Address E http 172 30 40 213 y Go Links gt At Q SS SS SSS SS ee UA m 220 6
48. 802 1Q VLAN are set up on the switch static addresses are associated with individual VLANs Type the VID to associate with the MAC address 5 Press Ctrl A to go back action menu line and then select Save to save all the configured values 5 2 8 1 2 Edit Static MAC Address Intelligent Switch Static MAC Address Configuration Mac Address Port num Ulan ID Mac Address Port num Ulan ID 60445635002 FP PORTS 4044400423456 PORTS actions gt lt Quit gt lt dd gt ieee lt Delete gt lt Previous Page gt Next Page gt Add Edit Delete a Mac Tab Next Item Back Space Previous Item Quit Previous menu Enter Select Item 96 Figure 5 32 Select MAC Address To edit static MAC address use the following procedure 1 Press lt Edi t gt key 2 Choose the MAC address that you want to modify and then press enter 3 Press lt Edi t gt key to modify all the items 4 Press Ctrl A to go back action menu line and then select lt Save gt to save all the configured values Intelligent Switch Static MAG Address Configuration Mac Address 4bH4663HHH2FF Port num PORT 3 Ulan ID ay Select the action menu BackS pace Prev ious Item Quit Previous menu Enter 3e lect Figure 5 33 Edit Static MAC Address 5 2 8 1 3 Delete Static MAC Address Intelligent Switch Static MAC Address Configuration Mac Address Port num Ulan ID Mac Address Port num Ulan ID 44446 3404 FF PORTS HABBBAA2 S456 PORTS actions gt Q
49. AILED FORMAT FIGURE 6 19 MST INSTANCE DETAILS FIGURE 6 20 SPANNING TREE PORT INFORMATION DISPLAY FIGURE 6 21 DISPLAY TRUNK SUMMARY FIGURE 6 22 DISPLAYS SELECTED TRUNK DETAILS FIGURE 6 23 SHOW PORT MIRRORING FIGURE 6 24 DISPLAYS BROADCAST STORM SETTINGS FIGURE 6 25 DISPLAYS IGMP SNOOPING SETTINGS FIGURE 6 26 DISPLAYS RADIUS SETTINGS FIGURE 6 27 DISPLAYS DOT1X SWITCH SETTINGS FIGURE 6 28 DISPLAYS DOT1X PORT CONTROL FIGURE 6 29 DISPLAYS 802 1P PRIORITY SETTINGS FIGURE 6 30 HARDWARE TABLE SIZE CONFIGURATION COMMAND FIGURE 6 31 DISPLAYS SWITCH SETTINGS FIGURE 6 32 DISPLAYS PORT STATISTICS FIGURE 6 33 DISPLAY INVENTROY FIGURE 6 34 DISPLAYS NETWORK SETTINGS FIGURE 6 35 DISPLAYS SNMP SYSTEM SETTINGS FIGURE 6 36 DISPLAYS SNMP COMMUNITY SETTINGS FIGURE 6 37 DISPLAYS SNMP TRAP SETTINGS FIGURE 6 38 SNMP SYSTEM CONFIGURATION FIGURE 6 39 SNMP MIB VIEWS FIGURE 6 40 SNMPV2 GROUP CONFIGURATION FIGURE 6 41 SNMP USER CONFIGURATION FIGURE 6 42 SNTP CONFIGURATION FIGURE 6 43 DISPLAYS UPLOAD CONFIGURATION TO TFTP SERVER FIGURE 6 44 DISPLAYS CONFIGURATION DOWN LOAD TO SYSTEM FIGURE 6 45 DISPLAYS IMAGE DOWNLOAD FIGURE 6 46 RESET SWITCH CONFIGURATION TO FACTORY DEFAULT FIGURE 6 47 DISPLAYS SYSTEM REBOOT OPERATION 109 110 110 111 111 112 113 115 118 120 122 123 123 124 128 128 129 130 132 132 132 133 134 136 136 137 137 138 139 140 140 141 142 143 143 144 146 146 147 147 148 149 150 150 151 152
50. CL2SW show mac addresstable dynamic MAC address You like Figure 6 6 Dynamically Learnt MAC Addresses Display p gt To flush all dynamically learnt MAC addresses configure MAC address agetime to 10 seconds wait for 10 seconds and then reset the MAC address agetime to desired value 6 6 MAC Filtering MAC address filtering allows the switch to drop unwanted traffic Traffic is filtered based on the destination addresses Maximum of 1024 static MAC filtering entries can be added Using the following command user can add delete filter MAC address L2SW gt config mac filter add lt macaddr gt L2SW gt config mac filter add 00 00 10 00 10 To remove the MAC filtering entry use following command L2SW gt config mac filter delete lt macaddr gt 123 L2SW gt config mac filter add 00 00 10 00 10 To display the MAC filter table use following command L25W gt show mac filter LOSW o x Leow show mac filter Maximum MAC filtering Entries s s s 1024 Current MAG filtering Entries ooooo HAG address 00 00 00 10 00 10 L25W 3g ae Figure 6 7 Displays MAC filter entries p gt To prevent MAC filter data being lost configure VLAN mode before configuring MAC filter 6 7 VLAN A VLAN is an arbitrary grouping of nodes on the network This grouping promotes efficient use of network resources and facilitates productive entry of repetitive network transactions Conceptually a VLAN allows the
51. CP CONFIGURATION LACP GROUP CONFIGURATION LACP PORT STATE ACTIVE CONFIGURATION LACP STATIC TRUNKING GROUP LACP GROUP STATUS STATUS AND COUNTERS PORT STATUS PORT COUNTERS 66 68 68 69 69 71 72 73 74 76 76 78 79 79 80 1 82 83 84 85 85 86 86 87 88 89 90 90 91 92 93 93 94 95 95 97 97 98 99 100 100 102 102 103 103 104 106 106 107 107 108 FIGURE 5 50 SYSTEM INFORMATION FIGURE 5 51 RESTART CONFIGURATION FIGURE 5 52 DEFAULT SETTING FIGURE 5 53 TFTP UPDATE FIRMWARE CONFIGURATION FIGURE 5 54 EDIT TFTP UPDATE FIRMWARE FIGURE 5 55 RESTORE CONFIGURATION FILE FIGURE 5 56 BACKUP CONFIGURATION FILE FIGURE 6 1 LOGIN PROMPT FIGURE 6 2 DISPLAYS STACK FIGURE 6 3 PORT STATUS DISPLAY FIGURE 6 4 MAC TABLE AGING TIME FIGURE 6 5 SHOW STATIC MAC ADDRESS ENTRIES FIGURE 6 6 DYNAMICALLY LEARNT MAC ADDRESSES DISPLAY FIGURE 6 7 DISPLAYS MAC FILTER ENTRIES FIGURE 6 8 DISPLAY VLAN SUMMARY FIGURE 6 9 DISPLAY VLAN DETAILS FOR SELECTED VLAN FIGURE 6 10 SHOW VLAN PORT FIGURE 6 11 GVRP INFORMATION DISPLAY FIGURE 6 12 DISPLAYS SWITCH STP SETTINGS IN SUMMARY FORM FIGURE 6 13 DISPLAY SWITCH SETTINGS IN DETAILED FORM FIGURE 6 14 DISPLAYS PORT STP SETTINGS IN SUMMAY FORM FIGURE 6 15 DISPLAY STP PORT SETTINGS IN DETAILED FORM FIGURE 6 16 RSTP PORT CONFIGURATION STATUS DISPLAY FIGURE 6 17 MST SWITCH CONFIGURATION DISPLAY IN SUMMARY FORMAT FIGURE 6 18 MST SWITCH CONFIGURATION DISPLAY IN DET
52. E A ponnn eboot Switch System 1 R Home Port Status tea Es Port Statistics Administrator TFTP Update Firmware Backup Restore Configuration Save Configuration Default Configuration Reboot Switch Figure 4 56 Reboot System T2 5 Console Menu Line L2SW switch provides a serial RS 232 interface to manage the switch User can configure the Windows HyperTerminal program as per the Console Port Information displayed in the WBI section to connect to the switch CMLI in the L2SW switch is organized as a set of Menu pages Some menu pages only contain a list of menu items and by selection of one of these menu items will open up a new menu for configuration or display some status information Menu pages for configuring switch parameters typically contain an action menu line at the bottom of the screen User needs to switch from action mode to edit mode for configuring modifying the switch parameters User has to specify the user name and password to login The default user name is admin For default password contact your sales representative or technical support User Interface fc Intelligent 24 2 Standalone Switch username admin password Figure 5 1 Login for Console After successful login the switch will display the CLI prompt L2 W gt indicating that it is ready to accept CLI commands from the user Enter menu to enter Menu Line Mode 5 1 Ma
53. E Auto Polntto Backup Restore l point EE 0 2 Enable Disabled Disabled 200000 200000 TRUE TRUE Auto Polntto Save Configuratior j point Default Point to y p y 0 3 Enable Disabled Disabled 200000 200000 TRUE TRUE Auto 3 Confinuratinn oint y 4 gt TOTO mm Figure 4 31 RSTP Port Configuation Per port status is displayed in the same screen as the RSTP port configuration as illustrated in Figure 4 32 The per port status includes the following information e Port Number 0 1 thru 0 24 and 1 1 and 1 2 e Admin Mode Enabled Disabled e State Discarding Listening or Forwarding e Port Role Root Designated Alternate Backup or Edge Port e Path Cost Value configured by Admin and Value used by protocol e Edge Port TRUE or FALSE e Link Type Point to point Shared Auto Two values are displayed under Path Cost Edge Port and Link Type They represented administrative value and operational value used by the protocol machine 51 3 Intelligent Switch Microsoft Internet Explorer File Edit View Favorites Tools Help Bak gt Y A Asearch Favorites Meda 4 D 4 OG E Address E http 1172 30 40 213 Go Links gt A ER Qe eenscescceeem s Spanning Tree Home System Configuration Port Configuration MSTI Configuration Port Status _ Spanning Tree Port Parameters Port Statistics Administrator Port Number Edge Port Link Type Admin Mode Stacking Tr
54. E OE E ESE E O E TN 71 5 CONSOLE MENU LINE oia aii iii is 73 5 1 ME OA 73 5 2 Swich Static Configura NOs eaaa oe oLa eE a oe era EEES Pea a eE E e aap re Eio 76 5 2 1 Port CORTO a fr a I Nee RE Ce Tree ge en meet 76 522 TURCO HUA ON a q 52 5 VEAN COn CULALION sica e 79 eh VAN CO OT i EEA AEE ENE 79 a LEE DETE AVAN OTOU aida bicis 83 I OUPS S Or A M OUO EE AAE E E A 84 5 2 4 Miscellaneous C Ont CUT ANON lista 84 Se MAC Ae DUCT VOL OR a 85 De Broadcast SIOTM AE LIC O AAA a 85 3243 Max Bridge transmit delay DOUNC serrana 86 ILAA O A Sateen Sas AA RAR Aare ASS RU a EARN AGA PSE EADIE AD RASA ORE 87 LADO COUSOns REY TOM EVEL cis se eaen oera iE EAEE ae Ee a E AA r E a a EAEE OT 88 25 Administration CONSUMO A a E 88 Dele GWAC CAT STAM E eo Eea A A A A A 89 Seidl CHANCE T aS WOTA asec ar AAA 89 Dele DEVICE Mf OVINGION AE A AA es 90 Dis ICO EUTG ON AAA AA 90 5 2 6 Port Mirrorine Contour ON sena a a la 91 5 2 7 ts AAA O A A duvanoeesueaiins 92 LR FORANET NONN A ASA AA AAA A 93 Dae GO APTF ROY CG ONL OUT QU OM aiken irs A A 94 5 2 8 MAC Address Ona UTA id 94 IOL IANO VIA ASS a ii da 95 O gt AUNE MAC AUI ECSS A dra ri 98 5 3 Protocol Related Conficuration cosida ies 101 5 3 1 A ANE E E E E E E E T O T 101 5 3 2 SNM Pere EtA O A T EN A E Sia a 101 5 3 3 A seta 101 5 3 4 LEi EEE ESEESE DE ECA E E E OPE E E E SE E E N a OE E E T te vase Batt ae 102 OO A A mec TOT enor em On Mme Creme merece Re Neren neeee tan aire wer Unter nee
55. ETA IA NTE emrt EERI h b i i h Figure 2 1 Front Panel of L2SW Switch with two 1000 Base TX card 2 2 L2SW Switch LED Indications e 24 pairs of LEDs for 24 Fast Ethernet ports gt Upper LED link status up down and port activity gt Lower LED ON 100 Mbps OFF 10 Mbps settings e 2 LEDs for each plug in feature card ports gt When a 1000Base feature card is used Upper LED link status up down and port activity Lower LED ON 1000Mbps OFF less than 1000 Mbps gt When a 100Base FX feature card is used Upper LED link status up down and port Activity 13 Lower LED ON 100 Mbps e 3 LEDs for Power Status Indicator located on left corner gt Upper PWR Power on status gt Middle BSALERT Broadcast Storm Alert gt Lower FLT Fault See section 2 4 for a description of the various LEDs in L2SW switch 2 3 Rear Panel of L2SW Switch The rear panel of L2SW switch has the following connectors on its rear panel as illustrated in Figure 2 2 e AC power connector AC power cord comes standard with the unit The L2SW switch operates with AC power input from 100VAC to 240VAC with a frequency range of 50 to 60 Hz e RS 232 connector Console port for local management a Console Port Figure 2 2 Rear Panel of L2SW Switch 2 4 Description of L2SW LEDs The L2SW switch s port LEDs allow the user to identify e Status of ports e Data transmission or receive activity e Link
56. GURE 5 25 FIGURE 5 26 FIGURE 5 27 FIGURE 5 28 FIGURE 5 29 FIGURE 5 30 FIGURE 5 31 FIGURE 5 32 FIGURE 5 33 FIGURE 5 34 FIGURE 5 35 FIGURE 5 36 FIGURE 5 37 FIGURE 5 38 FIGURE 5 39 FIGURE 5 40 FIGURE 5 41 FIGURE 5 42 FIGURE 5 43 FIGURE 5 44 FIGURE 5 45 FIGURE 5 46 FIGURE 5 47 FIGURE 5 48 FIGURE 5 49 802 1X MISCELLANEOUS CONFIGURATION TFTP DOWNLOAD CONFIRMATION FOR TFTP UPGRADE TFTP BACKUP CONFIGURATION TFTP RESTORE CONFIGURATION RESET SYSTEM REBOOT SYSTEM LOGIN FOR CONSOLE MAIN MENU FOR CONSOLE SWITCH CONFIGURATION PORT CONFIGURATION TRUNK CONFIGURATION VLAN CONFIGURATION PORT BASED VLAN 802 1Q BASED VLAN CREATE PORT BASED VLAN CREATE 802 1Q BASED VLAN SELECT A VLAN FOR EDITING EDIT DELETE SELECTED VLAN GROUP SORTED VLAN MISCELLANEOUS CONFIGURATION MAC AGE INTERVAL BROADCAST STORM FILTERING MAXIMUM BRIDGE TRANSMIT DELAY BOUND PORT SECURITY COLLISIONS RETRY FOREVER DEVICE CONFIGURATION USER NAME CONFIGURATION PASSWORD CONFIGURATION DEVICE INFORMATION IP CONFIGURATION PORT MIRRORING PRIORITY CONFIGURATION PORT PRIORITY 802 1P PRIORITY CONFIGURATION MAC ADDRESS CONFIGURATION STATIC MAC ADDRESS CONFIGURATION ADD STATIC MAC ADDRESS SELECT MAC ADDRESS EDIT STATIC MAC ADDRESS DELETE STATIC MAC ADDRESS FILTER MAC ADDRESS ADD MAC ADDRESS FILTER MAC ADDRESS CONFIGURATION EDIT FILTER MAC ADDRESS DELETE SELECTED MAC ADDRESS GVRP CONFIGURATION IGMP CONFIGURATION LA
57. HAHA 1 SSS 151515 eae 400000004433 actions gt uit lt Add gt lt Edit gt MATA lt Previous Page gt Next Page gt Add Edit Delete a Mac ab Mext Item Back5pace Previous Item Quit Previous menu Enter Select Item Figure 5 39 Delete selected MAC Address 100 5 3 9 3 1 Protocol Related Configuration STP STP configuration through CMLI is no longer supported Use WBI or CLI to configure STP protocol for the switch SNMP 5 3 2 SNMP SNMP configuration through CMLI is no longer supported Use WBI or CLI to configure SNMP parameters for the switch 5 3 3 GVRP Using this page you can enable disable the GVRP GARP VLAN Registration Protocol support l 2 gt 4 Select lt Edi t gt Press Space key to choose Enabled Disabled Press Ctrl A go back action menu line Select lt Save gt to save the configured value p gt For system performance reasons it is recommended that the numbder of dynamically learnt GVRP entries be limited to 128 About the GVRP description please see the Pagel7 Intelligent Switch GURP Configuration GURP Edit gt Select the action menu BackSpace Previous Item Space Toggle Ctrl A Action menu 101 Figure 5 40 GVRP Configuration 5 3 4 IGMP Using this page you can enable disable the IGMP snooping support 1 Select lt Edi t gt 2 Press Space key to choose Enabled Disabled 3 Press Ctrl A go back action menu line 4
58. NTP feature in L2SW use the following command L2SW gt config sntp adminmode lt enable disable gt L2SW gt config sntp adminmode enable The next step in SNTP configuration 1s to define the IP address for the SNTP server Use the following command to configure the SNTP server L2SW gt config sntp server lt ipaddress gt L2SW gt config sntp server 172 30 10 7 The default SNTP polling interval is 1800 seconds However this value can be reconfigured by the following command L2SW gt config sntp interval lt l 60480 gt L2SW gt config sntp interval 900 155 The SNTP information can be displayed using show snt p command The response from the L2SW to one such command is displayed in of Cr WINNT system3 telnet exe L25W gt gt show ntp able 172 38 16 7 94848 1970 01 41 0 29 26 GMT Figure 6 42 SNTP Configuration 6 20 3 Syslog Configuration L2SW can be configured to report system events and alarms to a remote syslog server To enable syslog feature in the L2SW use the following command L2SW gt config log adminmode lt enable disable gt L2SW gt config log adminmode enable To configure remote IP address for the syslog server use the following command L2SW gt config log remote lt ipaddress gt L2SW gt config log remote 172 30 40 7 You can display syslog configuration by using the command show log 6 20 4 TFTP Backup or Upload Configuration TFTP Trivial File Transfer Protocol is used to tr
59. O 148 SNME COMMUNITY SEUD ea a a o sek eal A alee 149 SNMP Tap SEU siii di E EE R 150 SNMP S CONS UA OM iS E N a bomen 150 Remote MONITO on A re ie octal 154 my Stern UM ito cion 155 Management LAN oe 155 ANTEC ias 155 DVSIOS COn uO ea a a 156 ETP Backup or Upload Cont uration ad 156 TREP restore or download Conio urios EEE 157 NA E A 157 SAA OM AE A T E T E E A PE A EA 158 A o e EE a 158 APPENDIX A TERMS AND ABBREVIATIONS ccccsseeeeeeeeeseeees 159 Table of Figures FIGURE 2 1 FRONT PANEL OF L2SW SWITCH WITH TWO 1000 BASE TX CARD FIGURE 2 2 REAR PANEL OF L2SW SWITCH FIGURE 4 1 FIGURE 4 2 FIGURE 4 3 FIGURE 4 4 FIGURE 4 5 FIGURE 4 6 FIGURE 4 7 FIGURE 4 8 FIGURE 4 9 FIGURE 4 10 FIGURE 4 11 FIGURE 4 12 FIGURE 4 13 FIGURE 4 14 FIGURE 4 15 FIGURE 4 16 FIGURE 4 17 FIGURE 4 18 FIGURE 4 19 FIGURE 4 20 FIGURE 4 21 FIGURE 4 22 FIGURE 4 23 FIGURE 4 24 FIGURE 4 25 FIGURE 4 26 FIGURE 4 27 FIGURE 4 28 FIGURE 4 29 FIGURE 4 30 FIGURE 4 31 FIGURE 4 32 FIGURE 4 33 FIGURE 4 34 FIGURE 4 35 FIGURE 4 36 FIGURE 4 37 FIGURE 4 38 FIGURE 4 39 FIGURE 4 40 FIGURE 4 41 FIGURE 4 42 FIGURE 4 43 FIGURE 4 44 FIGURE 4 45 FIGURE 4 46 FIGURE 4 47 FIGURE 4 48 FIGURE 4 49 LOGIN WBI MANAGEMENT INTERFACE PORT STATUS INDIVIDUAL PORT STATUS PORT STATISTICS STACKING CONFIGURATION IP ADDRESS SWITCH SETTINGS BASIC INFORMATION SWITCH SETTINGS MODULE INFORMATION
60. PVID Set 8 PVID Set 9 PVID range PVID range PVID range PVID range PVID range PVID range PVID range PVID range PVID range 256 511 512 767 768 1023 1024 1279 1280 1535 1536 1791 1792 2047 2048 2303 2304 2559 gt gt gt gt gt gt gt gt gt gt PVID Set 10 PVID range 2560 2815 gt PVID Set 11 PVID range 2816 3071 gt PVID Set 12 PVID range 3072 3327 gt PVID Set 13 PVID range 3328 3583 gt PVID Set 14 PVID range 3584 3840 gt PVID Set 15 PVID range 3841 4095 4 3 9 2 802 1Q Tag based VLAN Tag based VLANs are based on IEEE 802 10 specifications Traffic is forwarded to VLAN member ports based on identifying VLAN tags in data packets User can use the following web page to configure 802 1Q VLAN 42 VLAN Configuration VLAN Operation Mode EE IC Enable GVEP Protocol YLAN Information DEF SULT 1 Delete PrePage HextPage Figure 4 24 802 1Q based VLAN To configure a tag based VLAN use the following procedure 1 Create a VLAN and add tagged member ports to it From the main menu click VLAN Configuration then click 802 109 VLAN Operation Mode Click Add button Type a name for the new VLAN Type a VID between 2 4094 The default value is 1 Select protocol VLAN The default value is None From the Available ports box select ports to add to the switch and click Add Click Next E ee
61. Quit Exit the current menu page without saving and return to previous menu page Edit Switch CMLI to editing mode Individual items in the page can be configured by switching to editing mode Use Ctrl A to switch back to action mode Save Save all edited modified values in this menu page get applied and saved in RAM file system Previous Page Return to previous menu page Next page Goto next menu page 75 5 2 Switch Static Configuration Various features of the Switch such as Port Trunk VLAN Port Mirroring etc can be configured in this menu page Intelligent Switch Switch Configuration Trunk Configuration ULAN Configuration Misc Configuration Administration Configuration Port Mirroring Configuration Priority Configuration MAG Address Configuration Main Menu Tab Mext Item BackSpace Previous Item Enter Select Item Figure 5 3 Switch Configuration 5 2 1 Port Configuration Speed administration mode Auto negotiation mode Flow Control etc physical characteristics of individual ports can be configured using this page Intelligent Switch Port Configuration InKate Out Hate 10HHK gt 10HBHK gt Enable Auto S pdz Dpx 14H 14H 14H 14H 14H 14H 14H Full Full Full Full Full Full Full actions gt 1 Edit gt Save lt Previous Page gt Select the Action menu Tab Next Item Back5pace Previous Item Quit Previous menu Enter Select Item Figure 5 4 Port Configuration
62. Revision number A number in the range 0 65535 can be used as Revision number To configure MST Configuration Revision number use the following command L2SW gt config spanningtree switch configuration revision lt 0 65535 gt L2SW gt config spanningtree switch configuration revision 1 134 e To configure a MST Instance use the following command Instance IDs in the range 1 8 are valid L2SW gt config spanningtree mst create lt mstid gt L2SW gt config spanningtree mst create 1 e To delete an MST Instance use the following command Instance IDs in the range 1 8 are valid When an MST Instance is deleted all the VLANs associated with that Instance are reassigned to MST Instance O Internal Spanning Tree L25W gt config spanningtree mst delete lt mstid gt L2SW gt config spanningtree mst delete l e A range of VLANs can be specified by the following command using vl ani d ow and vl ani d high value The vlanid low corresponds to starting VLAN id in the VLAN id range and vlanid high corresponds to the ending VLAN id in the VLAN id range If the vlanid high value is not specified it is assumed that the command is being used to assign a single VLAN to the MST instance ai L2SW gt config spanningtree mst vlan add lt mstid gt lt vlandid low gt lt vlanid i gh gt L25W gt config spanningtree mst vlan add 1 11 19 e Toremove a range VLANs from a MST Instance use the following command VLANs removed from a MST instance are
63. SS TIENS tao 126 6 7 3 SNOW VAIN Cda ostclas 127 6 7 4 O a te lat sees ene eure as 129 6 8 6 8 1 6 8 2 6 8 3 6 9 6 10 6 11 6 12 6 13 6 14 6 15 6 16 6 17 6 17 1 6 17 2 6 17 3 6 18 6 18 1 6 18 2 6 18 3 6 18 4 6 19 6 20 6 20 1 6 20 2 6 20 3 6 20 4 6 20 5 6 20 6 6 20 7 6 20 8 ro OPEN UT AV Iree og LL AAA ra ee er A es een e en ene 130 SI Soran OUTA o seem nent ee ere ter ner eter renner etietee tee Mme nret ter Tron Tet Tneee ese ne rere terry rete irre ete wemenv ener rt erat Tet 130 RSTEC ONOI ON aaeeeanee ee werner ee ryeee none ett tneet e o tee rete te 133 DVDS Oa OUTIL OIA adecue tease 134 Link Aggregation amp Trunking Settings cccsssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssesass 137 Port WEN POPUNG S335 caecscccaccstevavectecccaccvdeces de vetscesisasesssssucseadecesceceteccas ete suatessscacecdccausevetacaseuuesusosussscacensteestes 139 Broadcast Storm Filtering ls loc 140 IGMP A NP A Pr a aa 140 OUZ EN rao a aa e a a a a eS 141 e TS 143 UC loli 144 a IA TS P T e sesscvecsdsncsessanseraccssseavssessasacddassevisutecvecdsaueverecuauddsdduasavseessssasveusstsssususndaucesseenasvesdauasaastaveeseceassesmsasas 146 Management Commands iii AAA AA AA AAA A AAA 147 User LOSE AACGCOUNES art iia 147 SIUC MEV EIO slats anne 147 Network IP Address Configuration eii a li tos Madomesncetssaeee 148 SNM P tai ar ca AAA ORAR ARONA IAN AAA AAN Rara 148 AR AAA
64. SW gt config network protocol lt none dhcp gt L2SW gt config network protocol dhcp 2 If static IP address is used L2SW gt config network protocol lt none dhcp gt L2SW gt config network protocol none L2SW gt config network parms lt ipaddr gt lt netm L2 et k gt gateway SW gt config network parms 172 30 30 221 5 5 5 0 as gate 255 233 239 0 1 2 30 30 2 Where 172 30 30 221 IP address assigned for in band management 255 255 255 0 network mask to be assigned for in band management 172 30 30 2 IP address of the default gateway p gt The default protocol is none After changing protocol type from none to DHCP the switch needs to be rebooted using reset switch command 6 1 4 Telnet Access Setup A telnet session to the L2SW switch can be initiated by starting any telnet client software on the management station for e g from a PC running any Windows Operating System type telnet a b c d where a b c d is the IP address of the L2SW switch Once a telnet connection is established the switch will prompt the user to enter user ID and password After entering a valid user id and password CLI prompt will be displayed 116 e Maximum number of sessions Up to five simultaneous telnet sessions can be created e nactivity Timeout Telnet session will be terminated after the 5 minutes of inactivity The value of Inactivity Timeout for a Telnet session is not configurable j gt CMLI is not avai
65. Stats Table consists of list of Ethernet statistics entries such as etherstatsPkts640ctets etherstatsPktsl28to2550ctets and etherstatsPkts256to2550ctets 6 20 System Utilities 6 20 1 Management VLAN To prevent unnecessary management packets e g ARP Telnet etc from being sent to CPU L2SW allows users to configure a VLAN for management traffic Packets that would be normally forwarded to CPU will be dropped by L2SW ASIC if they don t belong to the management VLAN Note Protocol PDUs such BPDUs LACP etc will be forwarded to the CPU for processing regarding of the management VLAN affliation of the switch By default the management VLAN is a member of VLAN 1 default VLAN However users can reassign the management to any other VLAN by using the following command L2SW gt config mgmtvlan lt l 4095 gt L2SW gt config mgmtvlan 25 To delete the management VLAN from non default VLAN to default VLAN use the following command L2SW gt config mgmtvlan 1 To display the management VLAN information use the following command L2SW gt show mgmtvlan L2SW gt show mgmt vlan 6 20 2 SNTP Configuration Simple Network Timing Protocol SNTP is used to synchronize the system clock with a SNTP server located either on the local network or on the internet By synchronizing the system clock with a SNTP server helps SNTP switch to correct any clock drifts and to report accurate time in the Traps and syslog messages sent out To enable S
66. TEFTP Update Firmware TFTP Server 192 168 223 979 Remote File Name image hbin actions gt Edit gt Save gt Quit gt Select the action menu Tab Hext Item BackSpace Previous Item Quit Previous menu Enter Select Item A EEE Figure 5 54 Edit TFTP Update Firmware This page 1s used to update the firmware using TFTP l Start the TFTP server and copy firmware update version image file to TFTP server 2 Press lt Edi t gt on this page 3 TFTP Server Type the IP of TFTP server 111 4 Remote File Name Type the image file name 5 Press Ctrl A go to action line 6 Press lt Save gt key it will start to download the image file 7 When saved successfully the image file gets downloaded 8 Restart switch 5 6 2 Restore Configure File To restore configuration database of the switch from a backup copy stored on a TFTP server use the following page Intelligent Switch Restore Configuration File TFTP Server 192 168 223 9 Remote File Name data dat Edit gt Save gt lt Quit gt Select the action menu BackSpace Previous Item Quit Previous menu Enter Select Item Figure 5 55 Restore Configuration File To restore configuration 1 Start the TFTP server 2 Press lt Edi t gt on this page 3 TFTP Server Type the IP of TFTP server 4 Remote File Name Type the image file name 5 Press Ctrl A go to action line 6 Press lt Save gt key 1t will start to download the image f
67. To remove an existing users select the user from the list of Current Users on the same screen and click on Remove button User Name Group Name Auth Password Priv Password Name of the new user A text string of up to 16 characters Name of the group for the user to be associated with Provide a previously defined group name Authentication Password A string of maximum of 16 characters Privacy Password A string of maximum 16 characters 61 A Intelligent Switch Microsoft Internet Explorer File Edit View Favorites Tools Help Back gt Y At Qsearch Favorites Smeda C4 Eh SO a E Address http 172 30 40 211 v Go Links gt A 1x O 2 285 1 Ga NA nn nasa Ly Ld Home Port Status Port Statistics Administrator Stacking IP Address Switch Settings Console Port Info Users Current Users New Users PrivateUser initial lt lt Add lt lt User Name EA AuthOnlyUser initial Port Controls PublicUser initial Group Name sid T ki R runking _ Remove Authentication E IGMP Snooping Pwd Filter Database Privacy Pwd AAA LAN Configuratic Spanning Tree Port Sniffer EE minam 4 CE Figure 4 44 SNMPv3 User Configuration When SNMPvy3 is enabled L2SW automatically creates the following users attached to the i ni tial group The default users created by L2SW may be deleted if
68. W gt show statistic port lt slot port gt L2SW gt show statistic port 0 1 146 L2SW y 0 x LSW show statistics port 0 1 Tx Good Packets caccccaccsenccseceseeese ZOO i Weror Packers 21 2e a cas ol Rx Good Packets cccsecesessceeseeesecess 16149 Re Error Packers ra pieces Tx Abart b b CCA A a a eee ore Dropped PacketS sssssssssssssssseesesee JLS L2SW gt E Figure 6 32 Displays port statistics To reset the port counter statistic on any one port or all the ports use following command L2SW gt clear statistics port lt slot port alll gt L2SW gt clear statistics port all 6 17 Management Commands 6 17 1 User Login Accounts L2SW only supports one user account for administration The user name is admin and password is ess by default Username is up to eight alphanumeric characters The username is not case sensitive Password is up to eight alphanumeric characters The password is not case sensitive L25W gt config user passwd lt name gt lt password gt L2SW gt config user passwd admin manager 6 17 2 Switch Inventory To display L2SW switch inventory information use the following command This displays information such as Machine Type Serial Number Base MAC Address ASIC Version Software Version and the gigabit optional modules type as shown in the table below L2SW gt show inventory LOSW Pel ES Leow show Inventory Machine Type E ee O O O O ee O O ee ee ee ee ee
69. a By adding ports to the 802 1Q VLAN user is also enabling tagging of frames leaving from those ports 4 3 9 3 VLAN Configuration The following are the steps involved in configuring a VLAN 43 VLAN Name i VID Protocol Ylan ome s lt Cs s J Add lt lt Remove lt lt Remove Next Help Figure 4 25 Create VLAN Step I Create a VLAN and add tagged member ports to it 1 From the main menu click administrator gt VLAN configuration click Add then user will see the following page 2 Type a name for the new VLAN 3 Type a VID between 2 4094 The default value is 1 4 If you are configuring Protocol VLAN choose the protocol type Otherwise set protocol type to None 5 From the Available ports box select ports to add to the switch and click Add gt gt If the trunk groups exist and 1f trunks ports have to be configured as part of a VLAN click on the Trunk group ID instead of port number 6 Click Next 7 Set the outgoing frames as Tag or Untag ged Then click Apply Tag outgoing frames with VLAN Tagged Untag outgoing frames without VLAN Tagged 44 PORTI ras E Porre ras El PORTS Tras PORTA Untag PORTS Untag Figure 4 26 Add Ports to VLAN Step IT Configure port VID settings From the main Tag based IEEE 802 1Q VLAN page click Port VID Settings Basic Port VID For each port assign a Port VLAN ID 12555 for untagged traffic and cli
70. able disable gt L2SW gt config switchconfig collisionretry adminmode enable IFG Compensation is used to compensate for the minor differences in clock speeds on two different FE ports Since IEEE standards allow 100ppm variance in clock speed it is quite possible that the transmit clock speed on one port may be slightly less than the receive clock speed on another port If the traffic between these two ports below wire speed the difference in clock speeds don t matter that much If the traffic between these two ports run at wire speed for a sustained period of time then frames will be lost To prevent the loss of frames due to difference in clock speed the Inter frame Gap on the transmit side can be reduced from a normally allowed 7 bytes to 5 or 6 bytes To enable or disable IFG compensation mode use the following command By default IFG compensation mode is disabled L25W gt config switchconfig ifgcomp adminmode lt enabl e disable gt L2SW gt config switchconfig fgcomp adminmode enable L2SW maintains the number of internal tables such as MAC address table VLAN tag table and Multicast table to support switching The total number of entries in all these tables are limited to a maximum of 14K entries For optimal performance and based on number of input from customers the tables are configured to support the following default configuration e MAC address Table 8192 entries e VLAN Tag Table 2048 entries e Multicast Table 128
71. ansfer software images into the switch and it is also used to download and upload configuration databases To upload a copy of current configuration database from system flash to TFTP server use following command Before starting the upload operation make sure that the TFTP server is reachable from the switch In the following example it is assumed that TFTP server IP address is 172 30 10 8 and filename used is ESSF10 1 config L2SW gt copy config tftp lt ipaddr gt lt file name L2SW gt copy config tftp 172 30 10 8 SSF 10 1 config Df x L25H copy config tftp 172 30 10 8 ESSF10 1 config Uploading the configuration please wait The configuration was uploaded successfully Lesh A Figure 6 43 Displays upload configuration to TFTP server 156 6 20 5 TFTP restore or download configuration To restore the switch s configuration database from a TFTP server to the switch use the following set of commands Before starting the restore operation make sure that the configuration database file is located in the TFTP server and that the TFTP server is reachable from the switch L2SW gt copy tftp config lt ipaddr gt lt filename gt L2SW gt copy tftp config 172 30 10 8 ESSF10 1 config Downloading the configuration please wait The configuration download completed Would you want to reboot the switch y n Y 10 x L254 copy tftp config 172 30 10 8 ESSF1Q 1 config Downloading the configuration please wa
72. as Yes otherwise the status of that port will be displayed as N 0 see Auto Display the auto negotiation status of the port e Auto e Nway_ Force e Force Spd Dpx Display the port speed and duplex Flow Control In auto Nway force mode flow control is enabled or disabled after negotiation In force mode flow control status 1s enabled or disabled depending on user setting 5 4 2 Port Counters Port Counters page displays transmission and reception statistics etc information for each port Intelligent Switch Port Counters TxGoodPkt TxBadPkt ExBadPkt TxAbort Collision DropPkt actions gt i Reset All gt Previous Page gt Next Page gt Configure the action menu Tab Next Item Back5pace Previous Item Quit Previous menu Enter Select Item Figure 5 49 Port Counters 5 4 3 System Information System Information page displays MAC Address Firmware Version Serial Number and Module information of the Switch 108 Intelligent Switch System Information MAC Address 4440638029988 Firmware version 2 5 ASIC version A 4 PCBA version 1 4 Serial number Module 1 Type Module 1 information Module 2 Type Module 2 information Figure 5 50 System Information MAC Address The unique hardware address assigned by manufacturer Firmware Version Display the switch s firmware version ASIC Versi on Display the switch s Hardware version PCBA version Display the board number Serial nu
73. atabase e VLAN configuration e Spanning tree e Port Sniffer e SNMP e Security Manager e TFTP Update Firmware e Configuration Backup e Reset System e Reboot 4 3 1 Stacking Stacking capability allows the user to manage a group of up to 8 switches from a single management point This page provides stack configuration to set stacking parameters on the master unit and stack status to view the system MAC address stack port software version and status for each unit in the stack when stacking is enabled And on the left side of page user can access slave units by clicking unit ID drop down list To enable stacking feature configure an IP address on master unit and open this page select Enable option in Admin Mode tab and click on Apply To disable stacking feature select Disable option in Admin Mode tab and click on Apply To configure the number of switches that participate in the stacking configuration enter a decimal number between 2 and 8 then click on Apply Default value is 8 Stacking maximum units configuration should match with the number of units currently connected via stack up link ports and stack down link ports To view the stacking status check stack status part on the page To access slave units in the stack click unit ID drop down list choose the unit ID and click on select 24 tab 3 Intelligent Switch Microsoft Internet Explorer 7 a x r FORGE E http 172 30 40 219 Stack Configuration
74. box enter a port number If tag based IEEE 802 1Q VLANs are set up on the switch VLAN IDs are associated with individual VLANs Type the VID tag based VLANs to associate the VLAN with the MAC address entered earlier Click Add button 37 4 3 8 MAC Filtering MAC address filtering allows the switch to drop unwanted traffic Traffic is filtered based on the destination addresses For example if network is congested because of heavy bursts of traffic from one particular MAC address using this page user can filter all traffic transmitted from or to that MAC address This type of filtering would enable the network administrator to restore network traffic flow while troubleshooting the problem Forwarding and Filtering MAC Filtering Specify a MAC address to filter Mac Address Vlan ID Ss Add Delete Figure 4 20 MAC Filtering To add MAC filter use the following procedure 1 Inthe MAC Address box enter the MAC address that needs to be filtered 2 If tag based 802 1Q VLANs are set up on the switch type the VID in the VLAN ID box to associate with the MAC address defined earlier 3 Click the Add button If a MAC address filter has to be deleted enter the MAC address to be deleted and then click the Delete button 4 3 9 VLAN A Virtual LAN VLAN is a logical network grouping that limits the broadcast domain It allows the user to isolate network traffic so that members of a VLAN receive traffic only fr
75. characters and notifyview name a text string of 16 characters L2SW gt config snmp group add lt groupname gt lt no auth priv gt lt readvi ewname gt lt writeviewname gt lt notifyviewname gt eed config snmp group add 2sw group auth 2sw user 2Sw user 25 w user To delete a group or all the groups use one of the following command L2SW gt config snmp group delete lt groupname gt Or L2SW gt config snmp group delal l L2SW gt config snmp group delete 2sw group p gt The same group can be configured with different combination of views and access previleges previleges This would allow users belonging to the same group to have different access To display SNMP groups supported by the switch use the following command The response from the switch is illustrated in Figure 6 40 L2SW gt show snmp group L2SW gt show snmp group 152 a CA WINNT system32 telnet exe L25W gt gt shov snmp group Readview lritevien l2sw qroup Aut hHoPriy Llesw user Ll2sw user Ll2sw user initial AuthPriv internet internet internet AuthNoPriwv internet internet internet No uthHNoPriv restricted HONE restricted Figure 6 40 SNMPv2 Group Configuration e User Creation New users can be created and assigned to an existing SNMPv3 group by using the following command The parameters associated with the creation of a new user are User name text string of up to 16 characters Group Name name of the group to which the
76. ck Apply Ingress Filtering Rule 1 Forward only packets whose VIO Port s configured VID Ingress ce Rule 2 Drop Untagged Frame Ingress Filtering Rule 1 Ingress Filtering Rule 2 PORT1 POR TA Enable T bse Default PortNo P YID Ingress Filtering Rule 1 Ingress Filtering Rule 2 PORTI ENABLE DISABLE PORTZ ENABLE DISABLE Figure 4 27 Configure VID Set the port VLAN ID PVID assigned to untagged traffic on a given port This feature is useful for accommodating devices that user wants to participate in the VLAN but don t support tagging L2S W each port allows user to set one PVID per port The range is 1 255 default PVID value is 1 The PVID must be same as the VLAN ID that the port belongs to VLAN group or the untagged traffic will be dropped Ingress filtering lets frames belonging to a specific VLAN to be forwarded if the port belongs to that VLAN L2SW have two ingress filtering rule as follows Ingress Filtering Rule 1 Forward only packets with VID matching this port s configured VID Ingress Filtering Rule 2 Drop Untagged Frame 45 4 3 10 Spanning Tree The Spanning Tree Protocol STP is a standardized method IEEE 802 1D for avoiding loops in switched networks STP is a bridge based mechanism for providing fault tolerance on networks by determining alternate paths for bridged traffic when a failure is encountered STP enables user to implement parallel paths for network traffic and ensure the followi
77. col allows automatic VLAN configuration between the switch and nodes If the switch is connected to a device with GVRP enabled the device can send a GVRP request using the VID of a VLAN defined on the switch and it will automatically add that device to the existing VLAN 40 4 3 9 1 Port Based VLAN In Port based VLAN traffic is forwarded to the member ports of the same VLAN group Use the following Port based VLAN configuration web page to configure Port based VLAN VLAN Configuration VLAN Operation Mode Port Based LAN IF Enable GVRP Protocol LAN Information Delete PrePage NextPage Figure 4 23 Port based VLAN To create a port based VLAN use the following procedure 1 Click Ada to create a new VLAN group 2 Enter the VLAN name group ID and select the members for the new VLAN 3 Click App1y button 4 If there are many groups that span over the limit of one page user can click the NextPage to view other VLAN groups NOTE If the trunk groups exist user can see it e g TRK1 TRK2 in select menu of ports Users can configure Trunk ports to be a member of a VLAN PVIDs cannot be assigned arbitrarily Instead all the PVIDs must take on values within the same PVID set The following list depicts the relation between the PVID sets and value of PVID gt PVID Set 0 PVID range 0 255 41 PVID Set 1 PVID Set 2 PVID Set 3 PVID Set 4 PVID Set 5 PVID Set 6 PVID Set 7
78. d 26 refer to 1 1 and 1 2 respectively e TRUNK Refers to logical trunk ports For example TRUNK3 is equivalent to 2 3 3 2 2 Terminal Access Setup 17 L2SW switch has a RS 232 serial interface located on the rear side of the switch Any terminal with VT100 terminal emulation capabilities can be connected to this port using a standard RS 232 serial cable The following terminal settings have to be configured for the serial communication to work properly e Baud Rate 19200 e Data Bits 8 e Parity none e Stop Bits e Flow Control none 3 2 3 CLI Syntax Conventions Command Description U and Text displayed in Bitstream Vera Sans font after the L2 SW gt prompt must be typed exactly as shown Following the syntax of a command an example usage of the command is shown Output of the command is shown either in Italics or as image of the screen displaying the actual results lt parameter gt The lt gt angle brackets indicates that the parameter is required for executing the command parameter The square brackets indicates that the parameter is optional choicel choice The indicate that only one of the parameter should be entered paddr This parameter is a valid IP address of four decimal bytes separated by each byte ranging from 0 to 255 The default IP is 0 0 0 0 Macaddr The MAC address format is six hexadecimal numbers separated by colons for e g 0 20 10 32 0e 40 slot port This parameter denotes a va
79. e 4 40 4 3 12 1 SNMP v3 Configuration L2SW supports SNMPvl SNMPv2c and SNMPv3 in a multi lingual mode In other words even if L2SW is configured to operate in SNMPv3 mode it will respond to requests from SNMPvl or SNMPv2c managers 58 SNMPv3 requires each agent to be uniquely identified by an Engine ID L2SW automatically configures a unique default EngineID for each switch as follows e Octet 1 4 80 00 1A 73 e Octet 5 10 Base MAC address of the switch In general there is no need to change the default EngineID configured automatically by the system However L2SW provides the WBI screen as illustrated in Figure 4 41 to allow the user to configure the Engine ID Y ESS F10 Switch Microsoft Internet Explorer EO 5 x Fie Edit View Favorites Tools Help Back gt Y fat Search Favorites Media 4 A 9 A a Y Address 4 http 172 30 40 211 v Go Links gt Home Port Status Port Statistics Administrator Stacking IP Address Switch Settings Console Port Info Port Controls Trunking IGMP Snooping Filter Database LAN Configuratic Spanning Tree 1x ESSential F10 E 5 Fur AAA b SNMP Management System Options Name A location 1d contact 1 Port Sniffer_ _Apply Help SNMP Security Manager SNMP Engine Identity 802 1x Engine Id 80 00 a 73 03
80. e of participation for a specific port ina VLAN use the following command L2SW gt config vlan port pvid lt vlanid gt lt slot port all gt L2SW gt config vlan port pvid 10 0 1 vlanid A valid VLAN ID The valid range is 1 4094 slot port physical port or trunk port or all 6 7 1 802 1Q VLAN To configure tag based VLAN use the following set of commands 1 Configure the VLAN mode dotlg on the switch By default VLAN is disabled on the switch and mode settings are none L2SW gt Config vlan mode lt none port dotlq gt 125 L2SW gt config vlan mode dotlq 2 Create VLAN and add tagged member ports to it L2SW gt config vlan create lt vlanid gt lt name gt L2SW gt config vlan create 10 Yellow 3 Enable tagging and add tagged member ports to it L25W gt config vlan port tagging lt enable disable gt lt vlanid gt lt slot port gt L2SW gt config vlan port tagging enable 10 0 1 p gt If the trunk groups exist and if trunks ports have to be configured as part of a VLAN then add trunk id instead of port number 6 7 2 Port VID amp Ingress filtering Set the port VLAN ID assigned to untagged traffic on a given port This feature is useful for accommodating devices that user wants to participate in VLAN but that don t support tagging L2SW each port allows user to set one PVID the range is 1 4094 default PVID is 1 The PVID must be same as VLAN ID that the port belongs to VLAN group or the untagg
81. e the following L2SW gt reset system x L25w ee iolxi L2H clear config Resetting to default will restart the system automatically Are you sure you would like to continue y n E Are you sure you would like to reset the system y n y L2SW ATR LES reset system Are you sure you would like to reset the system y n Figure 6 47 Displays system reboot operation 158 AN ARP BSR CIST CLI CMLI CRC CST DHCP EAPOL ESS FE FTP GVRP HTML HTTP ICMP IETF IFG IGMP IP IST kbps kHz 7 Appendix A Terms and Abbreviations Auto Negotiation Address Resolution Protocol Broadcast Storm Recovery Common Internal Spanning Tree Command Line Interface Console Menu Line Interface Cyclic Redundancy Check Common Spanning Tree Dynamic Host Configuration Control Protocol Extensible Authentication Protocol Over LAN Ethernet Smart Switch Fast Ethernet File Transfer Protocol Generic VLAN Registration Protocol Hyper Text Markup Language Hyper Text Transfer Protocol Hertz Internet Control Message Protocol Internet Engineering Task Force Inter Frame Gap Internet Group Management Protocol Internet Protocol Internal Spanning Tree kilobits per second kilohertz 159 2 LACP LAG LAN LED MAC Max Min MIB Mbps MBONE MD5 Min MST MSTP MSTI NE NIC OSI PD PDU PING PSE PVID RAM RARP OSI Layer 2 Link Access Control Protocol Link Aggregation Local Area Network Light Emi
82. eUser authPriv previlege e AuthOnl yUser authNoPriv previlege 153 e Publ icUser noAuthNoPriv previlege p gt To get the Authentication and Privacy Password for the default users contact L2SW technical support Note that the Authentication Password and Privacy Passwords are displayed in encoded form similar to encrypted password display in etc passwd file in Unix Linux systems p gt L2SW supports 16 MIB views 16 Groups and 64 Users p gt Before deleting a group all users associated with that group must be deleted and before deleting a view all groups using that view must be deleted p gt L2SW will be busy for a while computing the message digest and encrypting the password string when Authentication and Privacy Passwords are configured 6 19 Remote Monitoring RMON is a standard MIB that defines current and historical MAC layer statistic and control objects allowing network manager to capture real time information across the entire network The RMON standard is an SNMP MIB definition described in RFC 1757 for Ethernet A typical RMON configuration consists of a central network management station and a remote monitoring device called an RMON agent for e g L2SW switch is a RMON agent From the management station one can issue SNMP commands requesting information from the RMON agent The RMON agent e g L2SW switch sends the requested information to the management station The MIB allows a network agent to be configured t
83. ed traffic will be dropped The following command is for PVID configuration L2SW gt config vlan port pvid lt 1 4094 gt lt slot port all gt L2SW gt config vlan port pvid 10 0 1 Note that PVIDs cannot be assigned arbitrarily Instead all the PVIDs must take on values within the same PVID set The following list depicts the relation between the PVID sets and value of PVID gt PVID Set 0 PVID range 0 255 PVID Set 1 PVID Set 2 PVID Set 3 PVID Set 4 PVID Set 5 PVID Set 6 PVID Set 7 PVID Set 8 PVID range PVID range PVID range PVID range PVID range PVID range PVID range PVID range 256 511 512 767 768 1023 1024 1279 1280 1535 1536 1791 1792 2047 2048 2303 PVID Set 9 PVID range 2304 2559 PVID Set 10 PVID range 2560 2815 PVID Set 11 PVID range 2816 3071 Vv Y Y Y Y Y Y Y VW VY VW WV PVID Set 12 PVID range 3072 3327 126 gt PVID Set 13 PVID range 3328 3583 gt PVID Set 14 PVID range 3584 3840 PVID Set 15 PVID range 3841 4095 1 Ingress filtering feature allows only those frames belonging to a specific VLAN to be forwarded if the port belongs to that VLAN Disabling these settings will cause all frames to be forwarded regardless of the port s VLAN settings The following command is for Ingress settings on the port L2SW gt config vlan port ingressfilter lt enable disable gt lt slot port all gt L2SW gt
84. ember ports to VLAN use the following procedure 1 SelectEdit 2 VLAN Name Type a name for the new VLAN 3 Grp 1D Type the VLAN group ID The group ID range is 1 to 4094 4 Member Press Space key to choose VLAN member There are two types to selected a Member Port is member port b No Port is NOT member port 81 5 Press Ctrl A go back action menu line 6 Select Save to save all configured value p gt If the trunk groups exist you will see the trunk groups e g TRK1 TRK2 after port26 and you can configure the trunk group to be a member of the VLAN 5 2 3 1 2 Create 802 1Q VLAN Add an VLAN Group ULAH Name CUS ULAH ID 2 141 4694 gt Protocol ULAN Hone Member UnTagged UnTagged Tagged Tagged Ho Ho Ho PORTS Ho actions gt lt Quit gt Edit gt ave gt lt Previous Page gt Next Page gt Select the Action menu ab Mext Item BackSpace Previous Item Quit Previous menu Enter 5elect Item Figure 5 10 Create 802 1Q based VLAN To create 802 1Q VLAN and add tagged untagged member ports to it the following steps are involved 1 SelectEdit 2 VLAN Name Type a name for the new VLAN 3 VLAN 1D Type a VID between 2 4094 The default is 1 There are 256 VLAN groups available for configuring a VLAN 4 Protocol VLAN Press Space key to choose protocol type 5 Member Press Space key to choose VLAN member The following three types of VLAN membership is supported
85. ent 2412 Switch z 24 2 PORTS actions gt Edit gt ave Quit gt Select the action menu Tab Next Item BackSpace Previous Item Quit Previous menu Enter 3elect Figure 5 23 Device Information 5 2 5 4 IP Configuration 90 User can configure the IP setting and fill in the new value Intelligent Switch IP Configuration Disabled IP Address 192 168 223 38 subnet Mask 255 255 248 0 Gateway 172 168 223 254 actions gt Select the action menu ab Next Item Back5pace Previous Item Quit Previous menu Enter Select Item Figure 5 24 IP Configuration IP Address for the switch can be configured either statically or using DHCP To automatically obtain the IP address using DHCP click on Edit and select enable and the switch automatically gives an IP address To statically configure the IP address select Disabled tab enter IP address subnet mask and default gateway parameters E gt The L2SW Switch must be reset for the new IP address to become effective 5 2 6 Port Mirroring Configuration The port mirroring is a method for monitoring traffic in switched networks Traffic through ports can be monitored by one specific port That is traffic goes in or out through the monitored ports will be duplicated into the monitoring sniffer port 91 Intelligent Switch Port Sniffer Sniffer Mode Kx Monitoring Port PORT1 Monitored Port member v i L lt Quit gt lt Edit gt lt Save gt lt Previ
86. er switch In L2SW IST and CIST refer to one and the same 4 3 10 1 STP 802 1d Configuration L2SW supports all three spanning tree protocols STP RSTP and MSTP Users can select any one of the the three protocols by selecting the Force Version parameter in the Set Spanning Tree Configuration as illustrated in Y ESS F10 Switch Microsoft Internet Explorer Be x File Edit View Favorites Tools Help Back gt Y Atl Search Favorites Meda C4 D GO Hyg a Address El Al G0 is gt Home a Port Status T 1 At Port Statistics kkkh 228 2 a Administrator a PWR ny Stacking j j ah Jax ox e SBS Se eee eee ew Na IP Address Switch Settings l Console Port Info Spanning Tree Port Controls System Configuration Port Configuration MSTI Configuration Trunking A Spanning Tree Parameters IGMP Snooping Flier Database STP State Y Force Version 8021d y Bridge Priority 0 61400 LAN Configuratic m Timers seconds Spanning Tree Max Age 6 40 Hello Time 1 10 Port Sniffer Forward Delay Time 4 30 SNMP SSS SS Security Manager Configuration Name SSS Configuration Revision Level SS 802 1x Configuration eyo o AT eee eee eee ee io Internet 47 Figure 4 28 A ESS F10 Switch Microsoft Internet Explorer y E lol x Fie Edit View Favorites Tools Help Back Y A Qsearch Favorites meda 4 D 3 IO
87. er value to 802 1w as illustrated in Figure 4 30 To configure port level parameters Click on Port Configuration link p gt While switching spanning tree protocol from one version to another e g STP to RSTP or RSTP to STP or STP to MSTP etc it is recommended that the STP adminmode is disabled and then reenabled Users can disable or enable STP adminmode by clicking on the box next to STP State Z ESS F10 Switch Microsoft Internet Explorer File Edit View Favorites Tools Help Back gt Y fat Qsearch GyFavorites Media C4 Dr 40 85 Address e http 172 30 40 213 y Go Links gt A Home Port Status 1x 12x Port Statistics nb bibidids kkk gt Administrator a a Stacking E the 2x IP Address Switch Settings Console Port Info Port Controls Trunking IGMP Snooping Filter Database LAN Configuratic Spanning Tree Port Sniffer Spanning Tree System Configuration Port Configuration MSTI Configuration Spanning Tree Parameters STP State Vv Force ersion 802 1w y Bridge Priority 32768 0 61400 Timers seconds Max Age 6 40 Hello Time 1 10 Forward Delay Time fis 4 30 SNMP Security Manager Configuration Name E Configuration Revision Level 802 1x Configuration Apply ji Y 4 b Dones 0 Internet Figure 4 30 RSTP Configuration The Port Configuration allows users to enable disable RSTP on a per port basis a
88. esd hh aA E er ahs ale 28 IDO AVIANCA CULINOS eis tek aah ale hcl a i a ed ae Dae 28 ADD IVATSCOL OM COUS SCLIN OS sso A hs kcal ii a A ee Desa lata ce aul eat 30 4 3 4 Console Port MENO A vee macnn A AAA A E 31 4 3 5 Ln AAA PP O E E E E 31 AOL FANG OTCS ALOR ELIO si A A A vlan E A A E ii 32 4 3 6 IGMP Snooping and Filter Database ises e a ed Sennen ates 35 GSO AMES de 35 4 3 7 SHC MAC AUA ol dd 37 4 3 8 MAC EUNN di id elo decido 38 4 3 9 O te seetsgas a acest peeeatanaacitoasecciest ageaadeee seers tudeadens pe teestnncensnad sieenetetcceest 38 ADA A A A a e a e 41 ADD BOTO CT ac based VLAN socias 42 o E A A aE a a NS 43 ASLO pando Trees ciido 46 4 3 10 1 SLP S0 dd CONSUMO aE 47 4 3 10 2 ESTE SOZ2 lt EWI Contour A ma iakdcammestutmedanaate 49 4 3 10 3 IVES EPC Oni Ut OM sidra 52 Ac SelM SPOR SOME ai ai oir 55 Aia ON MPE aladas 57 4 3 12 1 SNMP V3 ODLU OaE lie 58 ASIS SoU WANA SCI ir E EAE AEE AT E 62 A eM SS O AN 63 4 3 14 1 AMABA NS A E O E eetde 64 4 3 14 2 PEt POM Coone urato AAA E E E I 65 4 3 14 3 S02 x Miscellaneous COM SUENO E uae eee a E a ieee ake oe ada 66 4 4 TPIP Update Firmware case ces sassacscuderas cosceectwcedesecassvssccseudovcccesucwccecsassesckenstcseesdeccadssasswasecdeseseccssseccesteseaes 68 4 5 COMMPEU PATO BACK UD iii a 69 4 5 1 THE TP Backup Cont Oi AU OA AS E AN 69 4 5 2 TE TP Restore Commo ura A E A AA A eee 69 4 6 Default Cophourao sssr EE a a 71 4 7 SAELE AAEE AA E EAE E E PESAT AE E
89. f p gt For physical mode configurations to take effect auto negotiation must be disabled To enable or disable the flow control on any selected port or on all the ports use following command L2SW gt config port flowcontrol lt slot port all gt lt enable disable gt L2SW gt config port flowcontrol 0 1 enable j gt The flow control status displays the actual status instead of the configuration value The flow control status varies based on the link status duplex mode auto force mode peer side settings when AN is enabled To control the ingress in or egress out traffic on any port or all the ports use the following command The bandwidth ratelimit on any port has valid range from 0 1000 The unit is 100K where 0 means rate control is disabled L2SW gt config port ratelimit lt in out gt lt s ort all gt lt ratelimit gt lot L2SW gt config port ratelimt in 0 1 1000 L2SW gt config port ratelimit out 0 1 100 p 0 E gt Flow control must be enabled for Ingress rate limit to work properly To configure static priority on any port or all the ports of the switch use following command L2SW gt config port priority lt slot port all gt lt none ow hi gh gt L2SW gt config port priority 0 1 low 121 p gt In order to apply static port priority First Come First Served mode must be disabled The following command configures the administration mode of port priority A port in security mode will be locked with addres
90. fig snmp view delal L2SW gt config snmp view delete 2sw user L2SW creates the following two views as deafult views The user can modify or delete these views if required e internet Enter subtree rooted at OID 1 3 6 1 e restricted 5 Subtrees with the following root OIDs 1 3 6 1 2 1 1 1 3 6 1 2 1 11 1 3 1 6 3 10 2 1 1 3 1 6 3 11 2 1 1 3 1 6 3 15 1 1 VV VV Y p gt Some SNMPv3 managers allow users to configure a context name along with the Views 151 L2SW currently doesn t support contexts to be associated with the Views Therefore te Context name should be configured as blank on the SNMP manager side To display all views created by the administrator use the following command Response from the switch for this command is illustrated in Figure 6 39 L2SW gt show snmp view L2SW gt show snmp view Z CA WINNT system32 telnet exe Es Of xj CL25W gt show snmp view Inc luded Included Included Included Included Inc luded Included Exc luded ei pek fs flo fue fundo fs pd E A fed fundo flo flo ful fundo pnl fl Figure 6 39 SNMP MIB Views e Groups to be supported in SNMPv3 mode can be created by the following command The parameters associated with the creation of a group are Group Name a text string of up to 16 characters security model noAuthNoPriv AuthNoPriv and AuthPriv Readview name a text string of 16 characters Writeview name a text string of 16
91. g this standard IEEE 802 1Q VLAN inserts a tag into the Ethernet frames which contains the VLAN identifier VID In order for an end station to send packets to different VLANs it has to be either capable of tagging packets with VLAN ID or get attached to a VLAN aware bridge switch that is capable of classifying and tagging the packets with different VLAN ID based on not only default Port based VLAN ID PVID but also other information about the packet such as the protocol L2SW supports protocol based VLAN classification and tagging based on layer 2 packet formats used by selected popular protocols such as Novell IPX and AppleTalk s EtherTalk Port VLAN ID PVID defines the VLAN ID that will be assigned to untagged frames received from a given port For example if port 10 s PVID is 100 all untagged packets received on port 10 will belong to VLAN 100 The default PVID setting for all ports is VID 1 This feature is useful for accommodating devices that user wants to participate in the VLAN but that don t support tagging Only one untagged VLAN is allowed per port In other words there can be only one PVID per port Ingress Filtering Ingress filtering feature is used to filter tagged frames received through a port with VLAN ID that doesn t match any of the VLANs in which the port participate in Disabling this setting will cause all frames to be forwarded regardless of the port s VLAN setting GVRP GARP VLAN Registration Proto
92. gure Create a UL N Group Edit Delete a WLAN Group Group Sorted Mode Previous Menu Configure the ULAH pvid and ingress egress Rule ab Next Item Back5pace Previous Item Quit Previous menu Enter 5elect Item Figure 5 6 VLAN Configuration IL VLAN Configure This page can set VLAN mode as port based VLAN or 802 1Q VLAN or protocol based VLAN or disable VLAN function Intelligent Switch ULAN Support Configuraton ULAN Mode CEUEERA actions gt Quit gt lt Edit gt KRAVE lt Previous Page gt Next Page gt Select the Action menu Tab Next Item Back5pace Previous Item Space Toggle CtrltA Action menu Figure 5 7 Port based VLAN If 802 1Q VLAN is set PVID ingress filtering 1 and ingress filtering 2 can be configured as well 19 p gt To make the change in VLAN mode effective the switch must be restarted Intelligent Swatch ULAH Support Configuraton IngressFilterl IngressFilter2 NonMember Pkt Untagged Pkt Forward Forward Forward Forward Forward Forward Forward Drop Forward 1 1 1 1 1 1 1 1 actions Quit Edit gt Save gt lt Previous Page gt Next Page gt Select the Action menu Tab Mext Item Back5pace Previous Item Space Toggle CtrltA Action menu Figure 5 8 802 1Q based VLAN 802 1Q VLAN can be configured using the following parameters PVI D Port VID 1 255 Type the PVID NonMember Pkt Ingress Filter rule for packets with VID that does not match port
93. he following are the list of terms used within 802 1x Authentication Server The server that performs the authentication allowing or denying access to the network based on username password The 802 1x uses the Remote Authentication Dial In User Service RADIUS supported server Client 802 1x supported client is the network access device requesting LAN services Authenticator This is the network access point that has 802 1x authentication enabled This includes LAN switch port of L2SW Before configuring 802 1x feature it has to be enabled in Switch Settings 1 To configure L2SW for 802 1x to communicate with RADIUS server use the following command gt L2SW gt config radius addr lt serve a L2SW gt config radius addr 10 0 2 To configure shared secret password between L2SW and the RADIUS server use the following command It is used to authenticate all transactions between the two devices It is a character string 1 to 128 characters in length it may contain any alphanumeric character Use the following command for configuration 141 L2SW gt config radius lt shared secret gt L2SW gt config radius secret secret word 3 To configure UDP port for a Radius server use the following command The possible value is 1812 or 1645 1645 is used for early deployment of Radius Default value is 1812 L25W gt config radius serviceport lt portno gt L2SW gt config radius serviceport 1645 4 To configure Radius serve
94. he following parameters associated with a port on L2SW switch can be configured e Port s Administrative mode e Auto negotiation mode e Link Up Down trap e Port Speed amp duplex settings 120 e Flow Control e Rate Limit e Priority selection e Security control User can enable or disable the administrative mode of each port using the following command When a port is disabled it will not forward any traffic However it will retain all the configured values associated with that port To enable disable the administrative mode of a port use the following command L25W gt config port adminmode lt slot port all gt lt enable disable gt L2SW gt config port adminmode 0 1 enable Use the following command to set the port in auto negotiation forced speed L2SW gt config port autoneg lt slot port all gt lt auto force nway gt L2SW gt config port autoneg 0 1 auto p gt Auto negotiation cannot be set on trunk port You can set the duplex mode of any port as full or half duplex the speed of a FE port as 10 Mbps or 100Mbps and the speed of a gigabit TX port as 100 Mbps or 1000 Mbps In the L2SW switch the speed and duplex mode for SX LX port is fixed at 1000 Mbps full duplex The following command can be used to manually configure the speed and duplex mode of an individual port or all ports L2SW gt config port physical mode lt slot port all gt lt 1000f 100h 100f 10h 10f gt L2SW gt config port physical mode 0 1 100
95. he parameters that are specific to SNMP v3 150 e In SNMPv3 mode SNMP agents in L2SW switches are identified using a unique Engine ID By default the switch is configured with a unique system ID 80 00 1A 73 MAC address of the switch 6 octets Users can reconfigure the SNMP EnginelD using the following command EnginelD is a hexadecimal byte string with each byte separated by a colon character To display EngineID configured for the switch use the show snmp system command as illustrated in Figure 6 38 L2SW gt config snmp engineid lt Engi nel D L2SW gt config snmp engineid 00 00 LE 4E 30 10 3D p gt The Engine ID specified by user is added to the system prefix 80 oe Eat 73 of CH WINNT system3 telnet exe E Oj x CL25W gt gt show snmp system L25W 18 third f loor John_Doe 8 68 14a 73 63 86 50 08 86 08 68 Figure 6 38 SNMP System Configuration e To configure an SNMP view users have to define a viewname text string of 16 characters followed by an OID representing MIB subtree and an operational directive to include or exclude the MIB subtree The following command is used to create a SNMP MIB view L25W gt config snmp view add lt viewname gt lt subtree gt lt included excluded gt L2SW gt config snmp view add 2sw user 1 3 6 1 2 included To remove an existing view or to delete all user created views use the following command L2SW gt config snmp view delete lt viewname gt Or L2SW gt con
96. he switch If enabled the switch will perform IGMP query functions if there is no other device in the VLAN such as a multicast router is available to perform query functions Report A message sent by a host to the querier to indicate that the host wants to be or is a member of a given group indicated in the report message Leave Group A message sent by a host to the querier to indicate that the host has quit to be a member of a specific multicast group 36 Table 4 1 IGMP Snooping 4 3 7 Static MAC Address Static MAC address remains in the switch s address table regardless of whether the device is physically connected to the switch This saves the switch from having to re learn a device s MAC address when the disconnected or powered off device is active on the network again This page enables the user to add delete a MAC address Forwarding and Filtering Static MAC Addresses Static addresses currently defined on the switch are listed below Click Add to add a new static entry to the address table Mac Address Mac Address Port num Vian ID Figure 4 19 Static MAC Address To add a Static MAC Address execute the following steps l Ze 3 4 From the main menu click administrator gt Filter Database gt Static MAC Address In the MAC address box enter the destination MAC address of the frames which should be forwarded by the switch to a fixed port also defined in this screen In the Port Number
97. ile 7 When saved successfully the image file gets downloaded 8 Restart switch 112 5 6 3 Backup Configure File User can backup the configuration database of the switch using this page Intelligent Switch Backup Configuration File TFTP Server 192 168 223 99 Remote File Name data dat Select the action menu BackSpace Previous Item Quit Previous menu Enter 5elect Item Figure 5 56 Backup Configuration File To backup EEPROM 1 Start the TFTP server 2 Press lt Edit gt on this page 3 TFTP Server Type the IP address of TFTP server 4 Remote File Name Type in image file name 5 Press Ctrl A go to action line 6 Press lt Save gt key it will start to upload the image file 7 When saved successfully the image file gets uploaded 8 Restart switch 113 6 CLI based Management The L2SW switch can be managed using CLI commands over the dedicated serial interface or via a telnet session e CLI based management interprets the following control key sequences as character line editor commands User can get a list of choices in a command line by using the character The keyword end can be used to return from the currently active CLI command tree to the root command prompt 1 e the prompt displayed after login The keyword exit is used to return from the currently active CLI command tree to its parent command prompt lt DEL gt lt BS gt Delete previous character lt Ctrl
98. in Menu The Main Menu has six different options as displayed in the following page 73 Main Menu witch Static Confieuration Protocol Related Configuration otatus and Counters pave Configuration Reboot Swatch TFTP Update Firmware Command Line Interface Logout Lontisure the swatch Arrows TAR ERBPG Move Item Enter select Item Figure 5 2 Main Menu for Console Switch Static Configuration Configure various switch parameters such as Ports VLAN Trunking etc Protocol Related Confi guration Configure various features such as STP SNMP GVRP IGMP etc Status and Counters Display Status and Counters for each port of the switch Save Confi guration To save configuration in to Flash Memory Reboot Switch Restart the Switch using either default configuration OR after saving the current configuration TFTP Update Firmware Use TFIP protocol to download new firmware for the switch Logout Exit the CMLI User can use the following control keys to navigate through the individual menu items in CMLI lt TAB key gt Move to next item lt Backspace key gt Move to previous item lt ENTER key gt Select or complete entering data for a item lt Space key gt Toggle selection in the item to be configured 74 Menu pages that have items to be edited contain one or more of the following navigation actions The mode in which the user can navigate select these actions is called action mode
99. incoming frame from this port will be processed as a high priority packet by the switch Intelligent Switch Port Priority Low Low High High High Disable PORTI2 Disable actions gt Quit gt lt Edit gt Save lt Previous Page gt Next Page Save successfullytpress any key to return Tab Next Item Back5pace Previous Item Quit Previous menu Enter Select Item Figure 5 27 Port Priority 93 ILL 8 02 1p Priority Configuration Intelligent Switch 82 1p Priority Configuration Will be overwritten by port prioritytt Priority Priority Priority Priority Priority Priority Priority Priority 4 1 2 3 4 5 6 7 Low Low Low Low High High High High QosMode First Come First Service Select the action menu Item BackS pace Previous Item Quit Previous menu Enter 5elect Figure 5 28 802 1p Priority Configuration 802 1p defines 8 priority levels which are defined as 0 7 User can map each one of the eight 802 1p priority levels to high or low queue 1 SelectEdit 2 Press Space key to select the priority level mapping to Hi gh or Low queue 3 QoS Mode User can select the QoS Mode as First Come First Service Round Robin or WRR 4 Press Ctrl A go back action menu line 5 Select Save to save all configure value 5 2 8 MAC Address Configuration 94 Intelligent Switch MAG Address Configuration Static MAG Address Filtering MAC Address Previous Menu Configu
100. ing which the switch will not 66 attempt to acquire a supplicant Default time is 60 seconds Supplicant is a host client attached to a 802 1x port TX Period Defines the interval at which an EAPOL PDU is transmitted Default value is 30 seconds Supplicant Timeout Defines the timeout value to be used in the exchanges between the supplicant and authentication server Default value is 30 seconds Server Timeout Defines the timeout value to be used in the exchanges between the authenticator and authentication server Default value is 30 seconds ReAut hMax Defines the number of re authentication attempts that are permitted before the specific port becomes unauthorized Default value is 2 times Reauth Period Defines the number of seconds between periodic re authentication of the supplications Default value is 3600 seconds 67 4 4 TFTP Update Firmware TFTP Trivial File Transfer Protocol is used to transfer software images into the switch and it is also used to download and upload configuration databases This page is used to set TFTP server IP address and new image in TFTP server to download new software image into flash TFPT Download New Image BAS abe Caer Apply Help Figure 4 51 TFTP Download The following procedure is a prerequisite to update Firmware and remote boot switch system 1 Install TFTP server and start the TFTP server 2 Copy firmware update version image bin to TFTP server s directory
101. istics Port Statistics page displays information such as interface state link status transmission and reception statistics for each port 3 Intelligent Switch Microsoft Internet Explorer JOJ x Fie Edt View Favorites Tools Help e Aala a 3 1P 9 A H 9 2 Back Fonverd Stop Refresh Home Search Favorites History Mail Print Edit Discuss Realcom Messenger Address e http 172 30 40 219 Go Links gt 1x Sseececeeess ar seesaw ee 1 0 0 0 O D Home 0 5 On Down 0 D D D 0 Port Status 0 6 On Down o 0 0 D D Port Statistics DF On Down ia D O 0 o Administrator 0 8 On Down 0 0 0 o 0 TFTP Update 0 9 On Down o o o o o PINES 0 10 On Down 0 D D D D Backup Restore Configuration 0 111 On Down D D o D 0 Save Configuration 0 12 On Down o 0 0 0 0 Default 0 13 On Down 0 0 0 0 0 Configuration 0 14 On Down o o o o 0 Reboot Sultan 0 15 On Down o o o o o 0 16 On Down 0 0 0 D 0 0 17 On Down D D 0 D 0 018 On Down 0 0 0 0 0 0 19 On Down D D 0 D 0 0 20 On Down 0 0 0 0 0 0 21 On Down D D o D 0 0 22 On Down 0 D 0 D D 0 23 On Down D D o D D 0 24 On Up 4120 6568 0 O 1115 y Reset Dones ea Figure 4 5 Port Statistics Use Reset button to clear the port statistics 23 4 3 Administrator This link on the navigation tree allows the user to configure the following features e Stacking e IP address e Switch settings e Console port information e Port controls e Trunking e Filter d
102. ith the following default settings e User Account admin e Password contact your sales representative e Telnet Enabled e System IP Address 192 168 1 1 e Subnet Mask 255 255 255 0 e Default Gateway IP Address 192 168 1 2 e Broadcast Storm filtering Disabled e 802 3x Flow Control Mode Enabled e 802 1x Network Port Security Disabled e LACP Mode Disabled e Port Mirroring Mode Disabled e STP Port State Disabled e Port Mirroring Disabled e VLAN traffic untagged e Ingress Filtering Disabled e GVRP Disabled e IGMP Snooping Disabled e BOOTP DHCP Admin Mode Disabled e SNTP Disabled e Syslog Disabled 11 For all acronyms used in the manual see Appendix A 12 2 Physical Description This chapter explains the hardware features of the L2SW Ethernet Smart Switch 2 1 Front Panel of L2SW Switch L2SW switch is designed for efficient use with front panel access to the Fast Ethernet 10 100Base T ports and two slots for user installable plug in modules for uplink connection The front panel also includes status LEDs for all the ports including uplink ports e 24x 10 100 Mbps Fast Ethernet ports e 2 plug in slots for uplink connection The following plug in cards are supported in L2SW gt 10 100 1000 Mbps T card It supports auto negotiation and can operate in master slave clock modes gt 100 Mbps 100BaseFX card This card is available with SC gt 1000 Mbps SFP card
103. lable for Telnet Sessions 6 1 5 Serial Port Setup L2SW switch has a RS 232 serial interface located on the back of the switch Any terminal with VT100 terminal emulation capabilities can be connected using a standard RS 232 serial cable The following terminal settings have to be configured for serial communication to work correctly e Baud Rate 19200 e Data Bits 8 e Parity none e Stop Bits e Flow Control none 6 1 6 Inactivity Timeout L2SW Session will be terminated after 5 minutes default value of inactivity The inactivity time can be configured using following command L2SW gt config serial timeout lt 0 160 gt L2SW gt config serial timeout 30 The session will never expire if the timeout value is set to 0 minutes To display the serial port settings use following command L2SW gt show serial 6 2 Stacking Configuration Stacking capability provides a single management point for multiple L2SW switches and increases the port density in L2SW L2SW supports cascade mode by connecting stack up link port to down link port To form a stack all the units including master unit and slave units that need to participate in the stack must be informed that the unit should participate in the stack e g by manual configuration by automatic discovery using dedicated stacking ports or by combination of manual configuration in the master unit and control protocol among stacked units Stacked switches can be managed as if it
104. led and there are no active links Trunking Aggregator information The following information provides a view of LACP current status NO GROUP ACTIVE Figure 4 14 LACP disabled Scenario 2 LACP Enabled with no active links The following information provides a view of LACP current status Port_No 33 Figure 4 15 Static Trunking Groups Scenario 3 LACP is enabled with active links Trunking Aggregator Setting Aggregator information State Activity The following information provides a view of LACP current status fe ee ee 005038806000 0050a8009988 PORTI O ORT2 ORT3 ORT 513 1 selectediPORT 5141 Group Key 2 Port_No 15 16 17 18 Figure 4 16 Actor and Partner Group The following page displays the state of each LACP and it indicates whether that port is in active or passive state 34 Trunkin State Activity 6 NA NA N A CI CI 7 hse EA Apply Help Figure 4 17 State Activity Active select The switch automatically sends LACP protocol packets through this port Passive no Select The switch does not automatically send LACP protocol packets through this port and responds only if it receives LACP protocol packets from the peer device A link having either two active LACP ports or one active port can perform dynamic LACP trunking Switches attached to a link with two passive LACP ports will not perform dynamic LACP trunking because both switches are wai
105. lid slot number and a valid port number For example 0 1 represents slot O port 1 3 2 4 Network Port Access Setup Any of the in band line ports can be used for management of the L2SW switch If DHCP is used to assign IP address for the switch use the following command to enable DHCP L2SW gt config network protocol lt none dhcp gt L2SW gt config network protocol dhcp 18 4 Web Management Function For management of L2SW via WBI a Web browser is required Microsoft Internet Explorer version 5 0 or higher is recommended If you need to change IP address for the first time you can use console mode to modify the following default parameters IP Address 172 30 40 145 Subnet Mask 255 255 255 0 Default Gateway 172 30 40 2 Assuming that the IP address assigned to the in band port of the L2SW switch is set to 172 30 40 145 you can use browser to connect to the switch by typing the URL After connection is established with the L2SW switch the browser will display the login screen as shown below Enter Network Password 3 21 xl gt Please type your user name and password Site 172 30 40 145 Realm READONLY User Hame admin Password Save this password in pour password list Cancel Figure 4 1 Login Upon entering a valid user name and password WBI management interface screen will be presented to the user as shown below Contact technical support or sales representative for the default pas
106. lt The configuration download completed Would you want to reboot the switch y n j Figure 6 44 Displays configuration down load to system 6 20 6 TFTP Update Firmware To download a copy of an executable image from TFTP server into system flash use the following command Before starting the image download operation make sure that the executable image file is located in the TFTP server and that the TFTP server is reachable from the switch In the example shown below the TFTP server IP address is 172 30 10 8 and image filename is f10_201 img L2SW gt copy tftp code lt ipaddr gt lt filename gt L2SW gt copy tftp code 172 30 10 8 f10 201 img Downloading image now please wait Image download completed Would you want to update firmware and then reboot y n Y EST ioii L2SW copy tftp code 172 30 10 8 10_201p1 img Downloading image now please walt Image download completed _ Would you want to update firmware and then reboot y n j Figure 6 45 Displays image download 157 6 20 7 Default Configuration To reset the switch and restore the switch configuration to factory settings use the following command L2SW gt clear config Resetting to default will restart the system automatically Are you sure you would like to continue y n y Figure 6 46 Reset switch configuration to factory default 6 20 8 Reboot To just reboot the switch without restoring to default factory configuration us
107. mber Display the serial number assigned by manufacturer Module 1 Type Display the module 1 type 1000Tx or 100Fx ext Depend on module card mode Module 1 information Display the information saved in eeprom of modulel Module 2 Type Display the module 2 type 1000Tx or 100Fx ext Depend on module card mode Module 2 information Display the information saved in eeprom of module2 5 5 Reboot Switch 109 Intelligent Switch Restart Configuration Restart Previous Menu Recovering to default Back5pace Previous Item Enter Select Item ari e e N Miss i a Figure 5 51 Restart Configuration 5 5 1 Default Reset switch to default configuration If you type Y the switch will load default configuration After finished loading the default configuration the switch will reboot automatically Resetting to the default will restart the system automatically Do you want to continue y n gt Figure 5 52 Default Setting 5 5 2 Restart Reboot the switch in software reset 110 5 6 TFTP Update Firmware This page is used to download firmware and upload download configuration database Intelligent Switch TFTP Update Firmware Configuration FTP Update Firmware TFTP Restore configuration TFTP Backup configuration Previous Menu Use IFTE to update firmware BackSpace Previous Item Enter 5elect Item Figure 5 53 TF TP Update Firmware Configuration 5 6 1 TFTP Update Firmware Intelligent Switch
108. me for low priority packet queuing in switch Default Max Delay Time is 255ms The valid range is 1 255 ms p gt Make sure that Max bridge transit delay bound control is enabled before enabling Low Queue Delay Bound since latter can be configured only after former is configured 5 2 4 4 Port Security A port in security mode will be locked without permission of address learning Only incoming packets with SMAC already existing in the address table will be forwarded normally User can disable the port from learning any new MAC addresses and then use static MAC addresses screen to define a list of MAC addresses that can used by the secure port Intelligent Switch Port Security Enable Security disable for MAC Learning enabled enabled L Disabled Disabled Disabled Disabled Disabled actions gt Quit gt Edit gt Save lt Previous Page gt Next Page gt Select the Action menu Tab Next Item Hack Space FPrevious Item Space Toggle Ctrl A Action menu Figure 5 18 Port Security Following is the procedure for configuring Port Security 1 SelectEdit 2 Press Space key to choose enable disable item 3 Press Ctrl A to go back action menu line 4 Select Save to save all configure value 87 5 Click Next Page to configure port9 port26 Click lt Previous Page gt return to last page D245 Collisions Retry Forever Intelligent Switch Collisions Retry Forever Collisions Retry Forever
109. mirroring feature use the following set of commands l Configure port mirroring mode using following commands L2SW gt config mirroring mode lt none rx tx both gt L2SW gt config mirroring mode both None To disable port mirroring RX To monitor ingress traffic on mirrored ports TX To monitor egress traffic on mirrored ports Both To monitor traffic on mirrored ports in both directions 2 Configure the port used as Sniffer port and see all monitored port traffic It is the port connected to Sniffer L2SW gt config mirroring sniffer lt slot port gt L2SW gt config mirroring sniffer 0 1 To configure the port to be monitored All monitored port traffic will be copied to sniffer port Maximum of 25 monitored ports can be selected in the switch To add or remove monitored port use following set of commands L25W gt config mirroring monitored add lt slo ort gt t p L2SW gt config mirroring monitored add 0 2 L2SW gt config mirroring monitored delete lt slot port gt L2SW gt config mirroring monitored delete 0 2 To display port mirroring information use following command The table below shows Sniffer mode is both RX and TX and Sniffer port is 2 while monitored ports are 3 4 5 6 and 7 L2SW gt show mirroring 139 LOSW O x Leow show mirroring Sniffer Mode Ce ee LAA Roth emitter Port ER AA ee ee O 2 Momitored Ports WS w4 el M6 M7 Leow 1 Figure 6 23 Show port mirroring
110. nd to configure the Edge ports on the swith along with type of link attached to the Edge port L2SW allows users to set Edge port link to Point to point Shared or Auto mode as illustrated in Figure 4 30 In Auto mode the Link Type is automatically set to Point to point if the link is auto negotiated to full duplex mode and set to shared mode 1f the link operates in half duplex mode 50 Z SI Tech 2 Microsoft Internet Explorer File Edit View Favorites Bak Y At Qsearch GyFavorites meda C4 B S Ol EE Address e http 172 30 30 223 poefindex htrn y Po Tools Help Home E ip na eo TET a a SEE Se sasata ealada flat PoE Port Status 5 gt e y ona UK Port Statistics 1 x Ar cas POE Port Statistics Administrator z Set Spanning Tree a Stacking IP Address Switch Settings System Configuration Port Configuration Console Port Info Port Controls Spanning Tree Port Parameters PoE Port Controls Port Number Edge Port Link Type Admin Mode Trunking 7 IGMP Snooping 02 Filter Database 03 True y Point to Point y Enable y LAN Configuratic oe eee ee are Spanning Tree Port Sniffer sl tereerens_ SNMP a Spanning Tree Port Status Security Manager E f Path Cost Edge Port Link Type Configuration Port oe State ee Admin Admin Admin TFTP Update ia e Operational Operational Operational e 0 1 Enable Disabled Disabled 200000 200000 TRUE TRU
111. network administrator to structure separate or partition the network For example these structures in existing LANs are subnets in IP networks or broadcast domains in bridged networks When multiple LAN segments are bridged together the bridged segments still see all broadcast and multicast traffic on each LAN that is physically connected to the bridges and shared media hubs The number of stations or LAN segments that can be bridged without creating excessive broadcast traffic on the LAN segments is limited To avoid excessive broadcast traffic networks must be divided into subnets and typically subnets are constrained by the physical LAN structure VLANs are used to overcome some of these constraints involved in configuring the network L2SW supports the following three types of VLANs e Port base VLAN e Tag based VLAN e Protocol based VLAN The following commands can be used to display the configuration of VLAN type add or delete a port attached to a VLAN 1 To configure the VLAN mode on the switch use following command L2SW gt Config vlan mode lt none port dotlq gt L2SW gt config vlan mode port None To disable VLAN on the switch Port Enable port based VLAN mode tag based VLAN is excluded All packets will be associated with default port VID before forwarding and no tag modification insert modify or remove will take place when the packet is transmitted out of this port Only 124 Shared VLAN SVL is supported
112. new user is assigned to Auth Password text string of up to 16 characters Priv Password text string of up to 16 characters Authentication Password and Privacy Password are optional parameters These parameters are not required if noAut hNoPriv security level is used for the group L2SW gt config snmp user add lt username gt lt groupname gt lt auth password gt lt priv passwords L2SW gt config snmp user add joey l2sw group iamj oey mysecret To delete a user or all users use oen of the following command L2SW gt config snmp user delete lt username gt Or L2SW gt config snmp user delal L2SW gt config snmp user delete j oey To display SNMP users supported by the switch use the following command The response from the switch is illustrated in Figure 6 41 L2SW gt show snmp user L2SW gt show snmp user of Cr WINNT system32telnet exe E 2 aj CL2SW show snmp user Group auth_Key r priv_HKey Ll2su user l2su group 4427781ee5b22878ccdc552e878ff62B d alif56da58ceab 6bchbe601863f abd rivatellser initial 479b6d47c3bea3d8efY efe5fi358f6c57 49b6d47c3hea3d8HefYefe5fi358f6c59 uthOnlyser initial Yoo f h6Sc279F 49 a2c04442 95028 eb74 ubliclser initial lt L2SW gt _ Figure 6 41 SNMP User Configuration When SNMPv3 is enabled L2SW automatically creates the following users attached to the i ni tial group The default users created by L2SW may be deleted 1f they are not required e Privat
113. ng e Redundant paths are disabled when the main paths are operational e Redundant paths are enabled if the main traffic paths fail One of the major problems with the Spanning Tree Protocol is the convergence time 1 e time taken to recompute the STP wheneven a topology change occurs The convergence could be anywhere from 30Secs to one or two minutes This type of delay is unacceptable in networks where time sensitive and mission critical traffic flows through the switch Rapid Spanning Tree Protocol RSTP specified by IEEE802 1w addresses this specific problem and allows network to coverge typically within a couple of seconds whenever a topology change occurs in the network RSTP specification also defines backward compatibility rules a port is connected to a legacy 802 1D bridge Apart from faster convergence time there are some additional differences between STP and RSTP STP allows a port to remain in one of the following five states Disabled Blocking Listening Learning Forwarding On 0 0 10 Switch will discard packets received through a port in Disabled Blocking orListeni ng states Ports in For warding state are assigned the role of a Root port ora Desi gnated port Root port is a forwarding port on a switch which connects to the next switch in the path towards the root of the spanning tree can be reached Designated port on a LAN is the port through which all other switches or hosts on that LAN can reach the root
114. nly under special circumstances 802 1x protocol Enable disable 802 1x protocol 4 3 4 Console Port Information Console is a standard UART interface to communicate with Serial Port Various parameters such as Baudrate Parity Check Flow control etc are displayed in this page Console Information Baurate bits sec 990 Data Bits 8 Parity Check OMe Stop Bits 1 Flow Control PEPE Help Figure 4 12 Console Information Windows hyper terminal program can be used to connect to the switch Make sure the baud rate and stop bit settings on the Windows hyper terminal match the following settings for the console port 4 3 5 Trunking Baudrate 19200 Data bits 8 Parity none Stop bits 1 Flow control none L2SW supports both static and dynamic trunking using the Link Aggregation Control Protocol 3 For an brief explanation on IFG read section 6 15 31 LACP LACP provides a standardized means for exchanging information between Partner Systems on a link to allow their Link Aggregation Control instances to reach agreement on the identity of the Link Aggregation Group to which the link belongs move the link to that Link Aggregation Group and enable its transmission and reception functions in an orderly manner Link aggregation lets you group up to eight consecutive ports into a single dedicated connection This feature can expand bandwidth to a device on the network by combining two or more lower speed ports p gt
115. nnected to a device with GVRP enabled user can send a GVRP request using the VLAN ID of a VLAN defined on the switch and the switch will automatically add that device to the existing VLAN The following command is used to enable or disable GVRP L2SW gt config gvrp adminmode lt enable disable gt L2SW gt config gvrp adminmode enable p gt For system performance reasons it is recommended that the numbder of dynamically learnt GVRP entries be limited to 128 Apart from enabling GVRP at the switch level the user must also enable GVRP on the relevant interface port By default GVRP is disabled on all ports To enable GVRP on a port use the following 129 command L2SW gt config gvrp interfacemode lt slot port all gt lt enable disable gt L2SW gt config gvrp interfacemode 0 1 enable To display the GVRP configuration use following command L2SW gt show gvrp info a CA WINNT system32 telnet exe L25W gt show gurp info More or tq duit Figure 6 11 GVRP Information Display 6 8 Spanning Tree Protocol The Spanning Tree Protocol STP is a standardized method IEEE 802 1D for avoiding loops in switched networks STP is a bridge based mechanism for providing fault tolerance on networks by determining alternate paths for bridged traffic when a failure is encountered STP enables user to implement parallel paths for network traffic and ensure the following e Redundant paths are disabled when the main paths
116. o In Auto mode Speed is set by auto negotiation process The fifth column indicates Physical Status Indicates the port speed and duplex mode Note that the values displayed indicate the capabilities negotiated with the peer and not necessarily the capabilities of the switch itself Depending on the negotiated or configured values one of the following values will be displayed for each port e 10 Half 10 Base T Half duplex e 10 Full 10 Base T Full duplex e 100 Half 100 Base T Half duplex e 100 Full 100 Base T or 100 Base FX Full duplex e 1000 Full 1000 Base T or 1000 Base SX LX Full duplex The sixth column indicates the actual speed of the connected network element The seventh column indicates the Link Status Indicates whether the link is up or down The eighth column indicates whether the Flow control is on or off The ninth and tenth column indicates the Rate Control settings for ingress and egress side of each port The eleventh column indicates the port priority status Values displayed under this column are High or Low or Off Disabled The twelfth column indicates the security status of the port On indicates security is enabled and off 119 indicates security 1s disabled By default admin and auto negotiation modes are enabled on all ports LOSW LES show port all Admin Spd Spd Link Rate 100K Port Type Enable Auto Dpx State otatus FG In Uut pri security 0 1 IQQTA Enable buto 10
117. o perform diagnostics and to collect statistics continuously even when communication with the management station may not be possible or efficient The network agent may then attempt to notify the management station when an exceptional condition occurs L2SW switch supports 1 2 3 amp 9 RMON related MIB group The RMON information can be retrieved from the switch only via SNMP interface by the SNMP Management station an SNMP manager The following RMON groups are supported by L2SW Event group controls the generation amp notification of events from L2SW switch It consists of eventTable and logTable Each entry in eventTable describes the parameters of the event that can be triggered Event is a type of action to be taken for e g a link may be turned up or down based on an event The Al arm group module periodically collects statistical samples from L2SW switch and compares them to pre defined default values L2SW switch creates one default value for each active physical port These default entries define alarm Interval time to be 30 seconds 1 e time for each sample The History and Control Group controls periodic statistical sampling of data from various types of interfaces This group consists of history control table The Ethernet Statistic Group contains statistics measured by L2SW switch for each monitored 154 Ethernet interface This group consists of Ether Stats Table L2SW switch implements Ether Stats Table The Ether
118. om the members of the same VLAN Basically creating a VLAN is logically equivalent of connecting a group of network devices to a separate Layer 2 switch even though all the network devices are still plugged into the same switch physically The L2SW supports port based 802 1Q tagged based and protocol based VLAN In the default 38 configuration VLAN support is disabled VLAN Configuration VLAN Operation Mode EE IC Enable GVRP Protocol YLAN Information DEFAULT 1 yl 7 Add Edit Delete PrePage HextPage Help Figure 4 21 VLAN configuration p gt If VLAN mode is changed you have to reboot the switch to make the change effective To enable GVRP mode Click on the box marked Enable GVRP Protocol 4 In Port based VLAN packets can be exchanged only between devices attached to the ports that are members of the same VLAN group If the port based VLAN is enabled the VLAN tagging is ignored It is recommended that GVRP configuration is done only through CLI interface since per port GVRP configuration is not currently supported through WBI or CMLI 39 AS be On Cea Cea ea D Cea Ce ea D am T pal T niii iii 3 ra ii ii Da xa 1 El EX 1 ful hl 2 i Engineering VID 2 yMerketing WID 3 A Me r fy a all 2ang a se a Figure 4 22 Port based VLAN ID Tagged based VLAN is an IEEE 802 1Q standard It is possible to create a VLAN across devices from different switch venders usin
119. on is used e AuthNoPri v Messages are authenticated using HMAC MD5 message digest but are not encrypted e AuthPri v Messages are authenticated using HAAC MDS and encrypted for privacy using DES 56 encryption standard In SNMPv3 mode L2SW allows users to configure MIB views with different access previleges for different groups of users For example a MIB view with full read write access previleges can be set up for administrative group while a read only view can be set up for other users SNMP Management web page is used to define L2SW switch name and to enter SNMP community strings Figure 4 38 illustrates the screen used for configuration SNMP parameters such as System Name Location and Contact person A ESS F10 Switch Microsoft Internet Explorer E loj x Fie Edit View Favorites Tools Help Back A A Reach Favorites meda B 3 A Hy Address on http 172 30 40 211 y Go Links gt Home Port Status Port Statistics Administrator Stacking IP Address Switch Settings Console Port Info Port Controls Trunking IGMP Snooping Filter Database YLAN Configuratic Spanning Tree ESSential F10 El m W SNMP Management E System Options Name A Ly Port Sniffer Apply Help SNMP Security Manager SNMP Engine Identity 802 1 Engine 1d 9UUO TAE pl A guration al
120. onfiguration and link type use the following command The display response from the switch is illustrated in L2SW gt show spanningtree port detailed lt slot port gt L2SW gt show spanningtree port detailed 0 1 133 CA WINNT system32 telnet exe CL25W gt gt show spanningtree port detailed H i opology Change Acknowledgement ello Time Figure 6 16 RSTP Port Configuration Status Display 6 8 3 MSTP Configuration To enable MSTP for the switch set the spanningtree protocol forcedversion parameter to 802 1s as illustrated by the following command e Set forcedversion to MSTP W gt config spanningtree switch forceversion lt 802 1d 802 1w 802 1s gt L25 Wo config spanningtree switch forceversion 802 1s L2SW allows users to configure the following items associated with MSTP e MSTP Configuration Name e MSTP Configuration Version e MST Instance Creation Deletion e Add Delete VLANs to an MST Instance e Set Switch Priority on a per MST Instance basis E gt L2SW supports 8 user defined MST Instances Instance 0 is reserved for use as IST e MST Configuration Name consists of an ASCII string of upto 32 characters MST Configuration Name must be unique among all switches in a MST Region To configure MST Configuration name use the following command L2SW gt config spanningtree switch configuration name lt name_string gt L2SW gt config spanningtree switch configuration name REGI ON 1 e Configure MST Configuration
121. onfigured to operate at the same speed and will be treated as a single port The following set of commands can be used to configure and display trunking mode l To create trunk group with two ports ESS F10 gt config trunk lt trunkid gt lt static lacp gt lt port list gt L2SW gt config trunk 2 1 static 0 2 0 3 Trunki d Trunking group ID The trunk group id values will be from 2 1 to 2 7 Static static trunk LACP the trunk group has LACP j gt Note that all members of a trunk port should be configured to operate at the same speed 137 Ze To remove the configured trunk use the following command L2SW gt config trunk delete lt trunkid gt L2SW gt config trunk delete 2 1 3 Add ports to the existing trunk group L2SW gt config trunk addport lt trunkid gt lt port list gt L2SW gt config trunk addport 2 1 0 4 4 To delete one or more ports from trunk group L2SW gt config trunk delport lt trunkid gt lt port list gt L2SW gt config trunk delport 2 1 0 2 System priority specifies the link aggregation priority relative to the devices at the other end of the links on which link aggregation is enabled A higher value indicates a lower priority The range is from O 65535 The default is 1 To configure link aggregation priority use the following command L25W gt config trunk systempriority lt priority_num gt L2SW gt config trunk systempriority 20 5 To change the mode of configured t
122. onsole Port Info Port Controls Trunking IGMP Snooping Filter Database LAN Configuratic Spanning Tree for y Port View MSTI Parameters priority Apply MSTI VLAN Configuration LAN ID low Add VLAN ID high Delete MST Instance List Report Port Sniffer MST Instance List a SNMP ee Security Manager ee e MST ID A OEY Priority 802 1x Configuration 1 11 12 32768 TFTP Update 2 13 14 32768 Firmware 3 15 16 32768 Backup Restore a 17 18 32768 Configuration 5 19 32768 PEE S PA 6 None 32768 x gt TA Internet JA Figure 4 35 MSTI Configuration Report Detailed information for each MST Instance can be displayed by Clicking the button marked as Details in the block marked MSTI Information Figure 4 36 displays MST Instance details for one of the MSTI configured in the switch 54 sei gt gt sy Back gt gt Y A Qsearch Favorites media 4 B SO a Address E http 172 30 40 213 y Go Links gt a a SSSSSs seses 8 cas anning Tree Home System Configuration Port Configuration MSTI Configuration Port Status Port Statistics New MST Instance ID Select MST Instance ID Administrator MST ID 1 8 TEETER Pl MST ID i z Delete MSTI Information A E _ Details IP Address Create Switch Settings Console Port Info Port Controls Trunking IGMP Snooping Filter Database VLAN Configuratic Spanning Tree 0 24
123. onverd Stop Refresh Home Search Favorites History Mail Print Edit Discuss Realcom Messenger Address 4 http 172 30 40 219 1x DEREDE MIEREN ii i 5 AT ss Port Status unn TZ sona Home The following information provides a view of the current status of the unit Port Statistics State Negotiation Speed Duplex Sates pane ante ae ay Config Actual re Config Actual Config Actual Config Actual conto Actual AECA gigas esa ES Full Half Ingress Egress Backup Restore 0 1 on On Down Auto Auto 100 100 Full Full On On On Off Off Disable Off Configuration 0 2 On On Down Auto Auto 100 100 Full Full On On On Off Off Disable Off Save Configuration 0 3 On On Down Auto Auto 100 100 Full Full On On On Off Off Disable Off eee 04 On On Down Auto Auto 100 100 Full Full On On On Off Off Disable Of Rebuot Switch OS On On Down Auto Auto 100 100 Full Full On On On Off Off Disable Off 0 6 On On Down Auto Auta 100 100 Full Full On On On Off Off Disable Off 0 7 On On Down Auto Auto 100 100 Full Full On On On Off Off Disable Off 0 8 On On Down Auto Auto 100 100 Full Full On On On Off Off Disable Off 0 9 on On Down Auto Auto 100 100 Full Full On On On Off Off Disable Off 0 10 On On Down Auto Auto 100 100 Full Full On On On Off Off Disable Off 0 11 On On Down Auto Auta 100 100 Full Full On On On Off Off Disable Off 0 12 On On Down Auto Auto 100
124. ous Page gt Hex Select the ction menu ab Next Item HackSpace Previous Item Space Toggle Ctrl A Action Figure 5 25 Port Mirroring Port Sniffer is configured as follows l 2 Select Edit Sniffer Mode Press Space key to set sniffer mode to one of the following e Disable e Rx e Tx e Both Monitoring Port Sniffer port can be used to see all monitor port traffic Press Space key to choose it Monitored Port The ports you want to monitor All monitor port traffic will be copied to sniffer port You can select max 25 monitor ports in the switch User can choose which port to be monitored in a selected sniffer mode Press Space key to choose member port V is the member not the member Press Ctrl A go back action menu line Select Save to save all configure value On the action menu line you can press Next Page to configure port9 port26 Click Previ ous Page return to last page E gt ony one port can be configured in Sniffer mode at any time 5 2 7 Priority Configuration 92 The following page 1s used to select port priority configuration Intelligent Switch The Priority configuration Port Static Priorit S02 1ip priority Previous Menu ort static BackSpace Previous Item Enter select Item Figure 5 26 Priority Configuration JZ 74 Port Static Priority The static priority is set on a per port basis If a port s priority is set to high priority then the
125. pe slot port current and configured details for physical port and tagging details L2SW gt show vlan detailed lt vlanid gt L2SW gt show vlan detailed 10 LOSW E olx Leow show vlan detailed 10 VLAN ID 10 VLAN Mame Yellow VLAN Type otatic Protocol Type 1p plot Port Member HH A O OD O A E A E 2 pu CT AA O a HA a A A A A A A A A A A SS SS A Ho More or qjuit Figure 6 9 Display VLAN details for selected VLAN 128 3 The following command displays VLAN port The table below shows slot Port PVID Ingress Filter action details for non member and untagged packets In this example the switch is configure to drop non member packets and forward untagged packets L2SW gt show vlan port LOSW 0 x Leow show vlan port IngressFilter IngressFilter Slot Port EWIL Mon Member Ekt Untarged Pkt U1 l Drop Forward O E l Drop Forward 0 3 1 Drop Forward 1 4 1 Drop Forward Neo 1 Drop Forward 0 6 1 Drop Forward ey 1 Drop Forward 0 8 1 Drop Forward 0 3 1 Drop Forward 0 10 1 Drop Forward 0 11 Drop Forward Date 1 Drop Forward 0 13 1 Drop Forward D 14 1 Drop Forward Mal Drop Forward 0 16 l Drop Forward 0 17 l Drop Forward 0 18 l Drop Forward 0 19 l Drop Forward Figure 6 10 Show vlan port 6 7 4 GVRP GVRP GARP VLAN Registration Protocol allows automatic VLAN configuration between the switch and network nodes If the switch is co
126. r UDP accounting port use the following command The possible value is 1813 or 1646 1646 is used for early deployment of Radius accounting server The default value is 1813 L25W gt config radius acctport lt portno gt L2SW gt config radius acctport 1646 5 To display Radius settings use the following command L2SW gt show radius info L2SW lo x Lesh show radius info SET Ver IP Ce ee ea e e E E IUN z Service port A A A A A AA A A A A AA A A A AA A A A ee F Accounting port ER AA 1646 perver shared secret Key iccaeeeeeeeeeees C DErpAath L25H 1 Figure 6 26 Displays Radius settings 6 To configure L2SW switch port s for 802 1x client use the following command a To Enable Disable the administrative mode for the 802 1x on switch use the following command By default 802 1x administrative mode is disabled L25W gt config dotlx switch adminmode lt enable disable gt L2SW gt config dotlx switch adminmode enable b Four types of port control are e ForceAuthorized Fa Disable 802 1x and put the port to authorized state without any authentication exchange required This is the default port control setting e ForceUnaut hori zed Fu causes the port to unconditionally remain in the unauthorized state ignoring all attempts by client to authenticate e Auto Enable 802 1x and causes the port to being in unauthorized state e None Disables 802 1x on a port To configure port control use the following
127. rate the MAC address BackS pace Previous Item Enter 5elect Item Figure 5 29 MAC Address Configuration 5 2 8 1 Static MAC Address When you add a static MAC address it remains in the switch s address table regardless of whether the device 1s physically connected to the switch or not This saves the switch from having to re learn a device s MAC address when the device is disconnected or powered off and reconnected or powered on again Using the following page user can add modify delete a static MAC address Intelligent Switch Static MAC Address Configuration Mac Address Port num Mac Address Port num actions gt Quit phit Edit Delete lt Previous Page gt Next Page gt Add Edit Delete a Mac Tab Next Item BackSpace Previous Item Quit Previous menu Enter Select Item Figure 5 30 Static MAC Address Configuration 5 2 8 1 1 Add Static MAC Address 95 Intelligent Switch Add Static MAC Address Mac Address 6646603002FF Port num PORT 3 Select the action menu BackSpace Previous Item Quit Previous menu Enter Se lect Figure 5 31 Add Static MAC Address To add static MAC address use the following procedure l Press Add gt Edit key to add static MAC addresses 2 MAC Address Enter the MAC address to and from which the port should permanently forward traffic regardless of the device s network activity 3 Port num press Space key to select the port number 4 VLAN 1D If tag based
128. ration Default Configuration Reboot Switch El AT A A Figure 4 7 IP Address IP Address for the switch can be configured either statically or obtained dynamically from a DHCP server To automatically obtain the IP address using DHCP select Enable option in DHCP tab and click on Apply To statically configure the IP address select Di sab e in DHCP tab enter the IP address subnet mask and default gateway parameters and click on Appl y 26 4 3 3 Switch Setting 4 3 3 1 Basic Various factory assigned parameters of the switch such as MAC address Firmware ASIC version Serial Number etc are displayed in this page 3 Intelligent Switch Microsoft Internet Explorer JOJ Xx e gt 9 0419 a IB 9 23 2 2 Back Ronsard Stop Refresh Home Search Favorites History Mail Print Edit Discuss Realcom Messenger Address http 172 30 40 219 Po Links al 2 PET TELL EAS e Switch Settings Dira du seesaw eee Home Port Status Port Statistics Module Info Advanced Misc Config Administrator Stacking IP Address Switch Settings Console Port Info Description Intelligent 24 2 Switch MAC Address 0050a8011201 Firmware version v2 01 04 Port Controls ASIC version 47 00 Trunking PCBA version v1 00 IGMP Snooping Serial number CWDA010101 Filter Database LAN Configuration Spanning Tree Port Sniffer SNMP Securit
129. re working on that unit right now Only one unit can be managed at a given time L2SW gt telnet lt unitid 2 8 gt L2SW gt telnet 2 5 To return back to master logout from slave unit L2SW gt logout L2SW gt ogout p gt Stacking configuration is not available on CMLI interface 6 3 Port Configuration 118 6 3 1 Display Port Configuration show port command displays interface information such as speed duplex mode and connector type User can choose to display the configuration of an individual port by typing the port number e g 0 12 or choose to display the configuration of all the ports of the switch by typing the keyword all after the show port command L2SW gt show port lt slot port all gt L2SW gt show port all The first column in the display Slot Port indicates the type of physical logical port and the associated port number The following are the possible slot options values e 0 10 100Mbs FE ports in L2SW switch e 1 Fixed gigabit port or Port on the plugin in module The second column indicates port Type If the port is a FE port this field is displayed as 100Tx If the port Gigabit it is displayed as 1000Tx The third column displays the administrative mode for the port Depending on the state of the port one of the following values will be displayed e Yes Admin mode enable e No Admin mode disable The fourth column displays the Physical Mode which is either Manual or Aut
130. roup ID Seven trunk groups are available for configuration Choose the group id and click Get 32 to configure a Link aggregation group LACP If enabled the group is LACP static trunking group If disabled the group is local static trunking group All ports support LACP dynamic trunking group If the switch is connected to another device that also supports LACP the LACP dynamic trunking group will be created automatically Work ports A maximum of four ports can be aggregated within a trunking group If the number of ports configured to be part of a LACP static trunking group exceeds the maximum number the excess ports are moved to a standby state and would be able to join the trunking group if any of the working ports in the group fails If the local static trunking group is used then the number of group member ports must be as same as the working ports Select the ports to join the trunking group by selecting the ports from the ports list A maximum of four ports can be aggregated within a trunking group If LACP is enabled you can configure LACP Active Passive status in each port on State Activity page To complete the LACP configuration click the Apply button 4 3 5 1 1 Trunking Configuration This page displays the current LACP status If LACP is enabled the group is LACP trunking group Otherwise the group is Local static trunking group The following are the various scenarios of LACP status Scenario 1 LACP is disab
131. roup to have different access previleges 3 Intelligent Switch Microsoft Internet Explorer Eo Pija gt Fie Edit View Favorites Tools Help Back gt Y At Qsearch Favorites Smeda C Eh SO a E Address 42 http 172 30 40 211 A Unit 1 y sales Home Port Status Port Statistics Administrator Stacking IP Address Switch Settings Console Port Info Port Controls Trunking IGMP Snooping Filter Database LAN Configuratic Spanning Tree Port Sniffer SNMP Security Manager 802 1x Configuration TFTP Update a US EEE thesessrrerrts PAR om gt a bx a 3 24 e SS See eee ee UA ss fur ble Groups Current Groups authPriv internet internet initial authNoPriw internet internet initial noAuthNoPriv restricted NONE s oll New Group Group Name po Read View Name E Write View Name i Notify View Name ESA al Remove TENS Authorization Type noAuthNoPriv y lt lt Add lt lt Rackun Dactora Ba x 4 b E Done a Internet A Figure 4 43 SNMPv3 Group Configuration When SNMPvy3 is enabled the L2SW creates a default group named initial The third step in the configuration of SNMPv3 is creation of usernames and associated the user with a previously defined group To configure a user name the following parameters have to be configured as illustrated in Figure 4 44
132. rovides a command line interface for the management amp monitoring purposes The command line interface can be accessed thru serial RS 232 port or thru a telnet session User can configure the Windows HyperTerminal program for speed and parity as per the Console Port Information displayed in the WBI The switch will displays the login prompt when it is ready as shown below in Figure 6 1 User has to specify the user name and password to login into the switch The default user name is ad mi n For default password please contact your sales representative User Interface fc Intelligent 24 2 Standalone Switch username admin password Figure 6 1 Login Prompt After successful login the switch will display the CLI prompt L25W gt indicating that it is ready to accept CLI commands from the user The following sections provide a complete description of configuration and monitoring commands available to the user thru the command line interface 6 1 1 CLI Syntax Conventions Command Command Na parameters lt parameter parameter choicel paddr me and gt choi ce2 Description Text displayed in bitstream Vera Sans fonts after the L2SW gt prompt must be typed exactly as shown Following the syntax of a command an example usage of the command is shown Output of the command is shown either in Italics or as a terminal capture The lt gt angle brackets indicates that the parameter is required
133. runk use the following command L2SW gt config trunk mode lt trunkid gt lt lacp static gt L2SW gt config trunk mode 2 1 lacp 6 To displays trunk summary use following command for specified trunk group The group id is the id for static or LACP group The below table 7 11 shows the system priority set to 20 trunk group 2 1 is static and 2 2 is LACP mode Port 0 2 and 0 3 are members of trunk group 2 1 while 0 4 and 0 5 are in trunk group 2 2 L2SW gt show trunk summary LOSW o x Leow show trunk summary System Priority ee A E 0 Trunk Work Group Mode Ports Member Ports teal Static 2 p2 0 3 PA LACF A 014 05 AS Disable Ag Disable AD Disable A6 Disable Q Disable Figure 6 21 Display trunk summary 6 To display trunk details use following command This displays static trunk group Group Key System Priority and Member Ports L2SW gt show trunk detailed lt trunki d gt L2SW gt show trunk detailed 2 1 138 LOSW S Leow show trunk detailed 2 1 Static Trunking Group 2 1 GRUPO Nets sel koa oa ewan ea eee eal OSU CME Pine al A POMS O 2 oll to Ls gt E Figure 6 22 Displays selected trunk details 6 10 Port Mirroring The port mirroring is a method for monitoring traffic in switched networks Traffic through ports can be monitored by one specific port That is traffic goes in or out through the monitored ports will be duplicated into monitoring port To configure port
134. s learning capabilities disabled Only the incoming packets with SMAC already existing in the address table can be forwarded normally User can disable the port from learning any new MAC addresses then use the static MAC addresses screen to define a list of MAC addresses used by the secure port L25W gt config port security lt slot port all gt lt enable disable gt L2SW gt config port security all disables 6 4 MAC Aging The L2SW forwarding database holds the MAC addresses learnt by the switch The addresses stored in this database are dynamically learnt and are deleted after the age out period The valid range for MAC address aging time is from 10 to 765 seconds The default value is 300 seconds To configure the MAC address table aging time use the following command L2SW gt config mac addresstable agingtime lt time gt L2SW gt config mac addresstable agingtime 400 To display the MAC address table ageing time use the following commands L2SW gt show mac addresstable agingti me LOSW Sex L24 show mac addresstable aginetime MAC Address Aging Timeout cccceseeceseee 400 ESHON Figure 6 4 MAC table aging time 6 5 Static MAC Address When you add a static MAC address it remains in the switch s address table regardless of whether the device is physically connected to the switch or not This saves the switch from having to re learn a device s MAC address when the device is disconnected or powered off and reconnected or po
135. son or organization Co L2SW gt config snmp syscontact lt Contact gt L2SW gt config snmp syscontact Network Admin To display SNMP system settings use the following command L2SW gt show snmp system L2SW gt show snmp system LOSW loj x Lesh show snmp system oystemn Mame ee A E Leck oystem Location O E E E EE EE DE SE SE E S A E E Lyberpath Lab Pasten ontact L a e E E EE E E E E SE E o o o o o o o E E E E E E E Network 4dmin W Figure 6 35 Displays SNMP system settings 6 18 2 SNMP Community setup Community strings serve as passwords and it has two modes to configure e Read onl y ro Enables requests accompanied by this string to display MIB object information e Read write rw Enables requests accompanied by this string to display MIB object information and to set MIB objects e To add community name use the following command SNMP community name can be up to 16 characters L2SW gt config snmp community add lt name gt lt ro rw gt L2SW gt config snmp community add finance group rw e To delete community name use the following command SNMP community name can be up to 16 characters L2SW gt config snmp community delete lt name gt L2SW gt config snmp community delete finance group e To display SNMP community settings L2SW gt show snmp community 149 LOSW o x Leow show snmp community SAMP Community Name Access Mode public Read Only private Read Write Cyberpa
136. speed 10 100 1000Mbps LED ON LED OFF Blinking green Amber L2SW Base Board 24 10 100Mbps ports L2SW 10 100 port Upper LED Link UP RX TX Activity 14 green Amber L2SW 10 100 port Lower LED 100 Mbps Green 10 Mbps L2SW 1000BaseT card oo ee ARO 10 100 1000 Mbps Port Upper LED Link UP RX TX Activity 10 100 1000 Mbps Port Lower LED 1000 Mbps Amber 10 100 Mbps L2swi00BaseFXeard TSS Table 2 1 L2SW LED Indications 15 3 Management Access L2SW switch provides the network administrator with a set of comprehensive management functions for configuration of the switch The network administrator has a choice of four types of management interfaces e CMLI e CLI e WBI e SNMP CMLI Console Menu Line Interface CMLI is one of the management interfaces supported by L2SW The CMLI provides a menu oriented interface for the user to configure and monitor the L2SW switch Users can access this interface only via serial port CMLI interface is being discontinued Therefore any new features implemented in L2SW will not be supported using CMLI CLI CLI commands allow the user to configure various L2SW switch features like Spanning Tree Protocol VLAN Mac filter Port security 802 1x etc and also perform a set of maintenance related functions like users maintenance log traps telnet sessions etc The L2SW switch can be managed using CLI commands over the dedicated serial interface or via a telnet session WBI L2SW
137. st Storm Filter Mode 5 Actions gt Edit gt ave gt Quit Select the action menu ab Next Item BackSpace Previous Item Quit Previous menu Enter Select Item Figure 5 16 Broadcast Storm Filtering To configure Broadcast Storm Filter use the following procedure 1 Press lt Edi t gt to configure the broadcast storm filter mode 2 Press Space key to choose the threshold value The valid threshold value are 5 10 15 20 25 and NO 5 2 4 3 Max Bridge transmit delay bound This page displays features such as Maximum bridge Transmit Low Queue delay Bound Time Intelligent Switch Max Bridge Transmit Delay Hound Max bridge transmit delay bound 0FF Low Queue Delay Bound Disabled Low Queue Max Delay Time 255 2ms unit gt ctions gt Edit gt 5auve gt Quit gt Select the action menu b Next Item BackSpace Previous Item Quit Previous menu Enter Select Item gt Figure 5 17 Maximum Bridge Transmit Delay Bound 86 Max bridge transmit delay bound Limits packet queuing time in switch If enabled packets queued exceeding the time limit will be dropped Press Space key to set the time The valid values are lsec 2sec 4sec and off Default is off Low Queue Delay Bound Limits low priority packets queuing time in switch If enabled the low priority packet exceeding Low Queue Max Delay Time will be sent Press Space key to enable or disable this function Low Queue Max Delay Ti me To set the ti
138. switch can also be managed using a graphical interface using Web browser A flexible and consistent set of screens allow the user to configure and manage the resources available on the L2SW switch In addition real time events such as alarms and statistics can be monitored using the WBI Some of the new features such as SNTP Syslog Per port GVRP configuration and Management VLAN are not currently supported through WBI These features will be supported in a future release of L2SW switch SNMP based Management L2SW switch can also be managed using an external SNMP manager L2SW switch supports standard MIBs and some proprietary MIBs enterprise specific extensions to manage the additional features supported by the switch Any external SNMP based manager like HP Openview can be used to configure and manage the L2SW switch The SNMP agent in the L2SW switch also implements trap functionality so that the SNMP Manager can receive traps from the switch Management access methods of L2SW switch enable the network administrator to locally remotely configure manage and control using the following access interfaces e Serial Port e Ethernet Line Ports The Serial port is referred to as out of band interfaces while the Ethernet ports are referred to as in band management interfaces While out of band interfaces are dedicated for management of L25W switch in band interfaces are used to carry both the user s network traffic as well as the management
139. sword 19 3 SI Tech 2 Microsoft Internet Explorer Ial x File Edit View Favorites Tools Help da Back gt 6 fat A Search Gaj Favorites E Media A EA 3 3 Y Address http 172 30 30 223 poefindex htm v Go Links gt y bl 2 Search Web Cay E GP Welcome Tour Uhr Bookmarks J Mail Y Yahoo Q myYahoo Fj Games gt Google al o search Web go PageRank E is202 blocked autoril EJ fuoptions Y E Mercero aaa tooo 2 SS SSB BBB eee mua hx eee eee ee oD Port status Welcome to pmm Port Statisties Intelligent 24 2 Stantalone Swit HANH PoE Port Statistics Administrator TFTP Update Firmware Backup Restore m Configuration Save Configuration AAA Hi i stl N 000011 Default Configuration Reboot Switch E Done gh Internet I Figure 4 2 WBI Management Interface The navigation tree displayed on the left side of the browser window should be used for choosing appropriate configuration screens It is organized with the folders for configuration of different features supported by L2SW switch 20 4 1 Port Status Port Status page displays interface details such as speed duplex mode flow control priority and security information for each port 3 Intelligent Switch Microsoft Internet Explorer JO px File Edit Yiew Favorites Tools Help Ga 0o fF Ala a alB 9 A H 9 8B Back F
140. ted Mode In this page user can select VLAN groups either by name or by VID Intelligent Switch Group Sorted Selection Group Sorted S5orted_Ey_Name actions gt Edit gt Save gt lt Quit gt Select the action menu Tab Mext Item HackSpace Previous Item Quit Previous menu Enter Select Item Figure 5 13 Group sorted VLAN In the Edit Delete a VLAN Group page the result is sorted by name In the Edit Delete a VLAN Group page the result is sorted by VID 5 2 4 Miscellaneous Configuration 84 Intelligent Switch Misc Configuration AC Age Interval Broadcast Storm Filtering Max bridge transmit delay bound Port Security Collisions Retry Forever Previous Menu Configure the MAC agin Tab Next Item BackSpace Previous Item Enter 3elect Item Figure 5 14 Miscellaneous Configuration 5 2 4 1 MAC Age Interval Intelligent Switch MAC Aging Time MAC Age Interval sec 300 3460 disable BM valid value 300765 gt actions gt Select the action menu Tab Next Item BackSpace Previous Item Quit Previous menu Enter Select Item Figure 5 15 MAC Age Interval Enter number of seconds that an inactive MAC address may remain in the switch s address table The valid range is 10 765 seconds Default is 300 seconds 5 2 4 2 Broadcast Storm Filtering The following screen can be used to configure broadcast storm control 85 Intelligent Switch Broadcast Storm Filter Mode Broadca
141. th Read Write LASH f Figure 6 36 Displays SNMP community settings 6 18 3 SNMP Trap Setup Trap Manager A trap manager is a management station that receives traps alarms and event notifications and the system alerts generated by the switch If no trap manager is defined switch will not issue any trap Create a trap manager by entering the IP address of the station and a community string using the following command e To add trap manager IP address and community name use the following command L2SW gt config snmp trap add lt i paddr gt lt communityname gt L2SW gt config snmp trap add 172 30 40 202 finance group e To delete trap manager use the following command L2SW gt config snmp trap delete lt ipaddr L2SW gt config snmp trap delete 172 30 40 202 e To display SNMP trap settings use the following command L2SW gt show snmp trap L2SW gt show snmp trap LOSW Sox Leow show snmp trap SIMP Community Name IF Address Cyberpath 172 30 40 202 LAS f Figure 6 37 Displays SNMP trap settings 6 18 4 SNMPv3 Configuration L2SW supports SNMP v1 SNMP v2c and SNMP v3 in multi lingual mode Based on the SNMP version type supported by the manager the L2SW will automatically adapt itself to respond to the manager s request There is no need to explicitly configure the SNMP version However there are parameters that are specific to SNMP v3 The following subsections describe the commands used to configure t
142. this command displays IP address subnet mask and default gateway assigned to the switch for management It also displays the switch MAC address and IP address configuration mode DHCP or none L2SW gt show network L2SW 0 x Leow show network IP Address NAAA AAA AAA 12 30 40 202 Subnet LS ea ee foo Zoo Zoo U Default eee 172 30 40 2 Network Configuration Protocol Current Hone Poh Figure 6 34 Displays network settings 6 18 SNMP SNMP is a protocol that governs the transfer of management information between element network manager and an agent Any Network Management system an SNMP manager running the simple Network Management Protocol SNMP can manage the switch an SNMP agent provided the Management Information Base MIB is installed correctly on the network management station The L2SW supports SNMP V1 V2C and V3 The SNMP Management station an SNMP manager can use SNMPv1 SNMPv2 or SNMPv3 protocol to retrieve information from the switch For brief description on SNMPv1 v2c v3 refer to Section 4 3 12 6 18 1 SNMP System Setup 148 User can define a system name location and contact person for the switch using following commands e Name Name to be used for the switch L25W gt config snmp sysname lt name gt L2SW gt config snmp sysname L2SW e Location Location of the switch L2SW gt config snmp syslocation lt Location gt L2SW gt config snmp syslocation research Lab e ntact Name of a per
143. ting for LACP protocol packet from its peer 4 3 6 IGMP Snooping and Filter Database The L2SW supports IP multicast user can enable disable IGMP Snooping Static MAC Addresses and MAC filtering using this page 4 3 6 1 IGMP Snooping 35 Forwarding and Filtering IGMP Snooping Multicast Group Ip Address MemberPort 224 000 000 002 239 255 255 254 IGMP Protocol Enable IGMP Query Mode Enable Apply Figure 4 18 IGMP Snooping The Internet Group Management Protocol IGMP is a multicast protocol of the Internet Protocol IP suite Multicast traffic is propagated through the network using switches routers and hosts that support IGMP and other multicast protocols Enabling IGMP snooping allows the ports to detect IGMP queries and report packets and manage IP multicast traffic through the switch IGMP has three fundamental types of messages The IGMP query mode can be enabled or disabled If IGMP query mode is disabled switch will perform passive snooping of IGMP Query Report messages passing thru the switch If enabled the switch will perform IGMP query functions if there is no other device in the VLAN such as a multicast router is available to perform query functions Query A message sent from the querier IGMP router or switch asking for a response from each host belonging to the multicast group If IGMP query mode is disabled switch will perform passive snooping of IGMP Query Report messages passing thru t
144. to an external LAN analyzer Monitored Port The ports user wants to monitor All monitored port traffic will be copied to sniffer port User can select up to 25 ports to be monitored All ports selected for monitoring purposes are monitored using the same Sniffer mode RX only TX only or both RX and TX If user wants to disable the Sniffer function user must set the analysis Sniffer port to None 56 4 3 12 SNMP SNMP is a protocol that governs the transfer of information between a SNMP manager and agent Any Network Management system that supports the Simple Network Management Protocol SNMP can manage the switch provided the Management Information Base MIB is installed correctly on the management station The L2SW supports SNMP versions V1 V2c and V3 User can select the SNMP version to be supported by the switch SNMP v1 and SNMPv2c are essentially the same except that SNMPv2c supports bulk retrieval command to reduce the number of exchanges required between manager and agent to retrieve information from a large SNMP table Both SNMPvl and V2 supports only community string based administrative control SNMPv3 provides secure access to devices by authenticating and encrypting the messages exchanged between manager and agent While operating in SNMPv3 mode the L2SW can be configured to operate based one of the following security models e NoAuthNoPri v Security is enforced using community based string no authentication and encrypti
145. to be enabled in Switch Settings web page gt Note the L2SW switch can currently support only one user Changing the user name does not necessarily mean creation of more user accounts in the switch 63 Switch Settings Module Info Advanced Misc Contig Collisions Retry Forever Enable Hash Algorithm CRC Hash IFG compensation Enable 202 1x Protocol Enable Figure 4 46 Enable 802 1x 4 3 14 1 802 1x Configuration 802 1x parameters such as Radius Server IP Server Port Shared Key and NAS Identifier can be configured with this page 202 1x Configuration System Configuration PerPort Configuration Misc Configuration Configure 802 1 Parameters Radius Server IP 1924168201 72 Server Port 1812 Shared Key NAS Identifier Apply Help Figure 4 47 802 1x Configuration To configure 802 1x the following authentication server information has to be provided e Radius Server IP IP address of the authentication server e Server Port The UDP port number used by the authentication server for authentication purposes e Accounting Port The UDP port number used by the authentication server to retrieve accounting information e Shared Key A key shared between this switch and authentication server e NAS Identifier A string used to identify this switch 4 3 14 2 PerPort Configuration With this page user can select the specific port and configure the authorization state 202
146. tocol MSTP as specified in IEEE 802 1s addresses this problem by mapping several VLANs into a single spanning tree instance This would reduce the number of spanning tree instances maintained within each switch Each switch running MSTP is a member of one or more MST Regions Each MST Region can support more than one MST instances MST regions are idenfied by MST configuration which consists of a configuration name configuration revision number and aVLAN mapping table which maps each VLAN 0 4096 onto an MST instance Two switches are said to belong to the same MST Region provided the two switches have a common MST configuration Every MST Bridge within a MST Region maintains two types of spanning trees e nternal Spanning Tree IST e One ormore Multiple Spanning Tree Instances MSTI IST is also referred to as an MSTI with instance value O and is the only spanning tree instance that sends and receives BPDUs All of the other spanning tree instances information is contained in M records which are encapsulated within MSTP PDUs IST is the spanning tree that connects all the switches within a MST Region and the IST Root is also referred to as the IST Master A Common and Internal Spanning Tree CIST is acollection od ISTs in each MST Region and is used to connect all the MST Regions together into a single spanning tree L2SW supports 8 user defined MSTIs per MST Region In the current software release L2S W supports only one MST Regions p
147. tting Diode Media Access Controller Maximum Minimum Management Information Base Megabits per second Multicast backbone of the internet Message Digest 5 Minimum millisecond Mutiple Spanning Tree Multiple Spanning Tree Protocol Multiple Spanning Tree Instance Network Element Network Interface Card Open Systems Interconnection Powered Device Protocol Data Unit Packet Internet Groper Power Source Equipment Port VLAN ID Random Access Memory Reverse Address Resolution Protocol 160 RFC RMON RO RSTP RW RX SNMP SNTP STP TCP TFTP TX UDP VLAN WBI Request For Comment TCP IP Standard Document Remote Monitoring Read Only Rapid Spanning Tree Protocol Read Write Receive Simple Network Management Protocol Simple Network Timing Protocol Spanning Tree Protocol Transmission Control Protocol Trivial File transfer Protocol TCP IP Transmit User Datagram Protocol Virtual LAN Web Based Interface 161
148. ue y Point to Point y Enable y IP Address Switch Settings Console Port Info Port Controls Trunking IGMP Snooping Filter Database LAN Configuratic Spanning Tree Details Spanning Tree Port Status Path Cost Edge Port Link Type Port Admin Mode State Port Role Admin Admin Admin Operational Operational Operational Port Sniffer Enable Disabled Disabled 200000 200000 TRUE TRUE Auto Point to point SNMP 0 2 Disable Disabled Disabled 200000 200000 TRUE TRUE Auto Pointto point Security Manager 0 3 Enable Disabled Disabled 200000 200000 TRUE TRUE Auto Pointto point 802 1x 0 4 Enable Disabled Disabled 200000 200000 TRUE TRUE Auto Pointto point Configuration 0 5 Enable Disabled Disabled 200000 200000 TRUE TRUE Auto Point to point WA he Update 0 6 Enable Disabled Disabled 200000 200000 TRUE TRUE Auto Point to point Al 0 7 Enable Disabled Disabled 200000 200000 TRUE TRUE Auto Pointto point Backup Restore 3 p gt 0 8 Enable Disabled Disabled 200000 200000 TRUE TRUE Auto Pointto point Configuration gt 4 gt Done 08 Ba El 0 Internet 7 Figure 4 32 RSTP Port Status Display 4 3 10 3 MSTP Configuration To configure MSTP use STP configuration screen and select 802 1s as the Force Version parameter as illustrated in Figure 4 33 3 Intelligent Switch Microsoft Internet Explorer File Edit View Favorites Tools Help Bak gt Y A Qsearch Favorites media D OG H Y Address http 11172 30 40 21
149. uit gt Add lt Edit gt Veta lt Previous Page gt Next Page gt Add Edit Delete a Mac ab Next Item BackSpace Previous Item Quit Previous menu Enter 5elect Item o7 Figure 5 34 Delete Static MAC Address To delete static MAC address use the following procedure 1 Press lt Del et e gt key 2 Choose the MAC address that you want to delete and then press enter 3 When pressing lt Ent er gt once will complete deletion on delete mode 20 2 Filtering MAC Address MAC address filtering allows the switch to drop unwanted traffic Traffic 1s filtered based on the destination addresses Using the following page user can add modify delete filter MAC address Intelligent Switch Filter MAG Address Configuration Mac Address Ulan ID Mac Address Ulan ID actions Quit gt OR lt Edit gt Delete lt lt Previous Page gt Next Page gt Add Edit Delete a Mac lab Next Item BackSpace Previous Item Quit Previous menu Enter 5elect Item Figure 5 35 Filter MAC Address To add MAC address filter use the following procedure l Press lt Add gt gt lt Edit gt key to add a filter MAC address 2 MAC Address Type the MAC addresses to filter 3 VLAN 1D If tag based 802 1Q VLAN are set up on the switch type the VID associated with the MAC address 4 Press Ctrl A to go back action menu line and then select lt Save gt to save all configure value 98 Intelligent Switch Add Filter MAC Address
150. unk group Intelligent Switch LACP Group Status Actor Partner Priority 1 1 MAC 404063807988 0044638508899 selected selected selected selected Port_No Priority Active Port _No Key Priority 5 i 5 5 1 act Lons gt Quit gt Previous Page gt Next Page gt Select the action menu aAb Next Item BackSpace Previous Item Quit Previous menu Enter Select Item Figure 5 46 LACP Group Status 106 5 4 9 4 Status and Counters Intelligent Switch Status and Counters Port Status Port Counters System Information Main Menu current status of all the switch a BackSpace Previous Item Enter select Item Figure 5 47 Status and Counters 1 Port Status Port Status page displays interface state link status flow control etc information for each port Intelligent Switch Port Status Link InRate OutRate Flow Status Li BAK 1A6K gt Enable Control PORT12 actions gt Quit gt lt Previous Page gt Next Page gt Select the action menu ab Next Item HackSpace Previous Item Quit Previous menu Enter 5elect Item Figure 5 48 Port Status Link Status Display the status of the port link is up or down InRate Display the value of input rate control 100K unit Out Rate Display the value of output rate control 100K unit Enabled Display the port is enabled or disable depended on user setting If a port is enabled the 107 status of that port will be displayed
151. uto Negotiation One of the following three values will be displayed as auto negotiation mode e Auto e Force e Nway force 21 Speed Display Speed for port 1 24 is displayed as 10 Mbps or 100Mbps and speed for Port 25 26 is displayed as 10 100 or 1000Mbps Duplex status Full full dulex or Half half duplex mode Flow Control Display the flow control status as On or Of f The flow control status is displayed under the columns Ful andHalf Ful Send Process PAUSE frames to exercise flow control Hal f Use Jabber to exercise flow control in half duplex mode Rate Control Display the rate control setting of the Ingress and Egress side of each port ngr Display the effective ingress rate for the port Egr Display the effective egress rate for the port Priority Display the port s static priority as Hi gh or Low or Di sable Port Security Security status of a port is displayed as On Enabled and Of f Disabled Values displayed under the column Conf i g are the values configured by the user and the values displayed under the column Actual are the values derived as a result of negotiation with the corresponding partner of a port User can see an individual port status by clicking on any of the ports in L2SW image displayed on top of the page The following web page is used to display status of the selected port 3 http 7 172 30 40 62 portcot_htm p M Figure 4 4 Individual Port Status 22 4 2 Port Stat
152. ve menu page 5 2 2 Trunk Configuration Up to seven static trunk groups TRK1 7 can be configured using this menu page Each static trunk group can have up to four ports All ports in the same static trunk group will be treated as a single port T Intelligent Switch Trunk Configuration 13 14 1 17 18 2 rtd t tot rtd tt th Pitt O O a A O O t amp E de E h Pt ttt amp rl tlie Plt A 3 O O O O O van 11111116 Ee beets A O E E Pt tt t tot bs 11111110 11111112 k ful pr bo Static LACP Disable Disable Disable Disable Disable actions gt Edit gt Save lt Quit gt Select the action menu Tab Mext Item Back5pace Previous Item Quit Previous menu Enter 5elect Item Figure 5 5 Trunk Configuration To change the configuration of an individual static trunk group Select Edi t from the action menu Choose up to 4 ports for the static trunk group This selection can be done using the Space key Choose Static LACP or Di sabl e in the corresponding TRK1 7 group Static LACP is disabled normal trunk LACP LACP is enabled on this trunk group Disable Delete the trunk group p gt l Select lt Save gt from action menu to save changes 2 If VLAN group exists all the ports of a static trunk group must be in same VLAN group 78 5 2 3 VLAN Configuration User can configure VLAN using the following screen Intelligent Switch ULAH Configuration LAN Confi
153. were a single integrated switch Stacking configuration commands only allowed on master unit The following set of commands can be used to configure Stacking and provide an approach to manage slave units 1 To enable or disable administrative mode of stacking use the following command By default 117 the administrative mode of stacking is disable The switch that executes this command successfully is configured as the master unit L2SW gt config stack adminmode lt enable disable gt L2SW gt config stack adminmode enable 2 The number of units in the stack can be 2 to 8 by modifying stack height By default the stack height is 8 L2SW gt config stack maxunits lt unitcount 2 8 gt L2SW gt config stack maxunits 3 To display stack configuration use the following command The table below shows stack parameters such as stack mode administration status stack heights and information about units in the stack L2SW gt show stack L2SW gt show stack D lt xterm O OOOO O ioj xi L250 show stack acka e e rae a a a E Stacking mode A aaa a a a Lascade Stacking maximum units A A A AAA AAA AA Unat Id Base MAC Address Stack Port Status System Type Release 1 0 50 48 280 04 80 Online ES F10 0 2 1 0 E Down 3 Down 4 Down 3 Down E Down Town 3 Down L250 gt Figure 6 2 Displays Stack 4 To manage slave units login to slave unit by using unit ID The slave unit prompt will be displayed to remind you a
154. wered on again Using the following command syntax user can add modify delete a static MAC address L2SW gt config mac addresstable static add lt macaddr gt lt slot L2SW gt config mac addresstable static add 00 00 00 1d 0 10 10 0 1 macaddr Destination MAC address to add to the address table Packets with this destination Address received in the specified VLAN is forwarded to the specified port slot port Interface to which the received packet is forwarded Valid interfaces include physical ports and trunk ports To delete the static MAC address entry from the address table use following command L2SW gt config mac addresstable static delete lt macaddr gt lt slot port gt 22 L2SW gt config mac addresstable static delete 00 00 00 10 00 10 10 0 1 To display the static MAC address table use the following command Response from the switch to this command is displayed in Figure 6 5 L2SW gt show mac addresstable static LOSW ES L258 show mac addresstable static Maximum Static MAG Entries oooooooooooo 1024 Current Static MAG Entries ooooooo ooo o _ L2sh 8 Figure 6 5 show static MAC address entries p gt To prevent static MAC data being lost configure VLAN mode before configuring static MAC To display MAC addresses dynamically learnt by the switch use the following command Figure 6 6 displays MAC addresses dynamically learnt by the switch of CA WINNT system32 telnet exe
155. wo views as deafult views The user can modify or delete these views if required e internet Enter subtree rooted at OID 1 3 6 1 e restricted 5 Subtrees with the following root OIDs 1 3 6 1 2 1 1 1 3 6 1 2 1 11 1 3 1 6 3 10 2 1 1 3 1 6 3 11 2 1 1 3 1 6 3 15 1 1 VV V V Y p gt Some of the SNMPv3 managers allow users to configure a context name along with the Views L2SW currently doesn t support contexts with the Views The Context name should be configured as blank on the SNMP manager side To delete an existing view select the view to be deleted in the window displaying the list of current views and click on Remove button The second step in the configuration of SNMPv3 is the creation of user groups using the block titled Groups To create a group the following parameters have to be configured as illustrated in Figure 4 43 Group Name The name of the Group A text string of up to 16 characters are used to define Group Name ReadView Name View for Readonly access previleges Name of a previously defined view WriteView Name View for Read write access previleges Name of a previously defined view 60 NotifyView Name View for generating notification traps Name of a previously defined view Auth Type Authorization Type noAuthNoPriv AuthNoPriv AuthPriv p gt The same group can be configured with different combination of views and access previleges This would allow users belonging to the same g
156. y 0 1 2 3 ueue Priority 60 0 0 1 Lesh 5 b Ba ron ho H Figure 6 29 Displays 802 1p priority settings 6 15 Switch Settings There are few more parameters that users can configure to control the transmission delay queuing delay and Inter Frame Gap Transmit Delay limits the packets queuing time in switch If enabled the packets queued exceeding the queuing delay will be dropped Valid range for maximum transmit delay is from 0 to 4 with the default value set to O The transmit delay mode is disabled when set to 0 To configure Maximum Bridge transmit delay bound use the following command L2SW gt config switchconfig transmitdelay lt delay 0 1 2 3 4 gt 144 L2SW gt config switchconfig transmitdelay 2 The Low Queue Del ay limits the low priority packets queuing time in switch If the low priority packet stays in switch and exceeds the configured maximum delay time it will be dropped Valid range for Low Queue Delay is from 0 to 255ms with the default value set to O The Low Queue Delay mode is disabled when set to 0 L2SW gt config switchconfig lowqueuedelay lt delay 0 255 gt L2SW gt config switchconfig lowqueueelay 25 Collision Retry defines the number of times the packet has to be retransmitted to recover from collisions To enable or disable configure collision retry forever mode By default collision retry forever administrative mode is disabled L2SW gt config switchconfig collisionretry adminmode lt en
157. y Manager 802 1x Configuration TFTP Update Firmware Backup Restore Configuration Save Configuration Default Configuration Reboot Switch El internet Figure 4 8 Switch Settings Basic Information Description Displays name of device MAC Address Displays unique hardware address assigned by manufacturer default Firmware Version Displays switch s firmware version ASIC Version Displays switch s Hardware version PCBA version Displays board number 2d Serial number Displays serial number assigned by manufacturer 4 3 3 2 Module Info Replaceable feature cards are displayed in this page Switch Settings Module Info Advanced Misc Contig TYPE DESCRIPTION Modulel i1000Tx O O 00018 00 Module 1OOOF _DULMODE OF0 00019 00 Figure 4 9 Switch Settings Module Information Type and description of the plug in module cards are displayed in this page 4 3 3 3 Advanced Settings Advanced Settings of the switch such as MAC Address Age out time Broadcast Storm Filter 802 1p Priority are displayed in this Page User can change the values of these settings e g Age out time by editing the values displayed inside the box 28 Switch Settings Advanced MAC Table Address Entry Age Out Time seconds 300 765 must multiple of 3 Max bridge transmit delay bound control OFF IF Enable Low Queue Delay Bound Max Delay Time ss 1 255 2ms unit Broadcast Storm Filter Mode
Download Pdf Manuals
Related Search