Allied Telesis AT-8012M, AT-8088-MT, AT-8088-SC, AT-8026FC, AT-8026T User Manual

...

Download

Page 1

◆

User’s Guide

Management

Software

AT-S39

AT-8012M, AT-8012M-QS, AT-8016F/xx (MT, SC and ST), AT-8024, AT-8024GB, AT-8024M, AT-8026FC, AT-8026T, and AT-8088/xx (MT and SC) FAST ETHERNET SWITCHES

VERSION 3.3.0

PN 613-50245-00 Rev J

Page 2

Microsoft is a registered trademark of Microsoft Corporation, Netscape Navigator is a registered trademark of Netscape Communications Corporation. All other product names, company names, logos or other designations mentioned herein are trademarks or registered trademarks of their respective owners.

Allied Telesyn, Inc. reserves the right to make changes in specifications and other information contained in this document without prior written notice. The information provided herein is subject to change without notice. In no event shall Allied Telesyn, Inc. be liable for any incidental, special, indirect, or consequential damages whatsoever, including but not limited to lost profits, arising out of or related to this manual or the information contained herein, even if Allied Telesyn, Inc. has been advised of, known, or should have known, the possibility of such damages.

Page 3

List of Figures ........................................................................................................................................................................................................ 9

Preface ....................................................................................................................................................................................................................13

How This Guide is Organized ...........................................................................................................................................................................14

Document Conventions ....................................................................................................................................................................................15

Where to Find Web-based Guides .................................................................................................................................................................16

Contacting Allied Telesyn .................................................................................................................................................................................17

Online Support ............................................................................................................................................................................................. 17

Email and Telephone Support................................................................................................................................................................ 17

Returning Products..................................................................................................................................................................................... 17

For Sales or Corporate Information ...................................................................................................................................................... 17

Management Software Updates ....................................................................................................................................................................18

Section I Overview

Chapter 1

Overview ................................................................................................................................................................................................................20

Local Management Session ..............................................................................................................................................................................22

Telnet Management Session ............................................................................................................................................................................23

Web Browser Management Session ..............................................................................................................................................................24

SNMP Management Session ............................................................................................................................................................................25

Management Access Levels .............................................................................................................................................................................26

.......................................................................................................................................................... 19

Section II Local and Telnet Management

Chapter 2

Starting a Local or Telnet Management Session ................................................................................................................................29

Starting a Local Management Session................................................................................................................................................. 31

Enhanced Stacking ..................................................................................................................................................................................... 33

Quitting from a Local Session ................................................................................................................................................................. 34

Starting a Telnet Management Session .............................................................................................................................................. 35

Quitting from a Telnet Management Session................................................................................................................................... 36

Saving Your Parameter Changes ....................................................................................................................................................................37

.................................................................................................. 27

Page 4

Table of Contents

Chapter 3

Basic Switch Parameters ................................................................................................................................................................................ 38

When Does a Switch Need an IP Address? ................................................................................................................................................. 39

How Do You Assign an IP Address?...................................................................................................................................................... 40

Configuring an IP Address and Switch Name ........................................................................................................................................... 41

Activating the BOOTP and DHCP Client Software ................................................................................................................................... 44

Configuring SNMP Community Strings and Trap IP Addresses ......................................................................................................... 46

Resetting a Switch ............................................................................................................................................................................................... 49

Configuring the AT-S39 Management Security Features ..................................................................................................................... 50

Configuring the Management Passwords......................................................................................................................................... 51

Configuring Management Access ........................................................................................................................................................ 52

Viewing the AT-S39 Version Number and Switch MAC Address ........................................................................................................53

Pinging a Remote System ................................................................................................................................................................................ 54

Returning the AT-S39 Software to the Factory Default Values ........................................................................................................... 55

Configuring the Console Startup Mode ...................................................................................................................................................... 56

Chapter 4

Enhanced Stacking Overview ......................................................................................................................................................................... 58

Guidelines...................................................................................................................................................................................................... 58

Setting a Switch’s Enhanced Stacking Status ............................................................................................................................................ 61

Selecting a Switch in an Enhanced Stack ................................................................................................................................................... 63

Returning to the Master Switch............................................................................................................................................................. 64

Chapter 5

Port Parameters ................................................................................................................................................................................................. 65

Displaying Port Status ........................................................................................................................................................................................ 66

Configuring Port Parameters .......................................................................................................................................................................... 69

Displaying Uplink Information ....................................................................................................................................................................... 74

Chapter 6

Port Security ........................................................................................................................................................................................................ 76

Port Security Overview ...................................................................................................................................................................................... 77

Automatic...................................................................................................................................................................................................... 77

Limited............................................................................................................................................................................................................ 77

Secure ............................................................................................................................................................................................................. 78

Lock All Ports ................................................................................................................................................................................................ 78

Configuring Port Security ................................................................................................................................................................................. 79

Configuring the Limited Security Mode ...................................................................................................................................................... 80

Chapter 7

Port Trunking ...................................................................................................................................................................................................... 82

Port Trunking Overview .................................................................................................................................................................................... 83

Port Operating Specifications ................................................................................................................................................................ 84

Load Distribution Methods ..................................................................................................................................................................... 84

Creating a Port Trunk ......................................................................................................................................................................................... 89

Deleting a Port Trunk ......................................................................................................................................................................................... 91

Chapter 8

Port Mirroring ..................................................................................................................................................................................................... 92

Port Mirroring Overview ................................................................................................................................................................................... 93

Creating a Port Mirror ........................................................................................................................................................................................ 94

Deleting a Port Mirror ........................................................................................................................................................................................ 95

Page 5

Chapter 9

STP and RSTP .......................................................................................................................................................................................................96

STP and RSTP Overview .....................................................................................................................................................................................97

Bridge Priority and the Root Bridge...................................................................................................................................................... 98

Mixed STP and RSTP Networks ............................................................................................................................................................ 104

Spanning Tree and VLANs..................................................................................................................................................................... 104

Enabling or Disabling STP or RSTP .............................................................................................................................................................. 105

Configuring STP ................................................................................................................................................................................................. 107

Configuring STP Bridge Settings......................................................................................................................................................... 107

Configuring STP Port Settings ............................................................................................................................................................. 109

Configuring RSTP .............................................................................................................................................................................................. 112

Configuring RSTP Bridge Settings ...................................................................................................................................................... 112

Configuring RSTP Port Settings........................................................................................................................................................... 115

Chapter 10

Virtual LANs Overview ................................................................................................................................................................................. 118

VLAN Overview .................................................................................................................................................................................................. 119

VLAN Modes............................................................................................................................................................................................... 120

User-Configured VLAN Mode Overview ................................................................................................................................................... 121

Port-based VLAN Overview .................................................................................................................................................................. 121

Tagged VLAN Overview ......................................................................................................................................................................... 128

Basic VLAN Mode Overview .......................................................................................................................................................................... 132

Setting the VLAN Mode .................................................................................................................................................................................. 133

Chapter 11

Creating Port-based and Tagged VLANs .............................................................................................................................................134

Creating a New Port-based or Tagged VLAN .......................................................................................................................................... 135

Example of Creating a Port-based VLAN .................................................................................................................................................. 139

Example of Creating a Tagged VLAN ......................................................................................................................................................... 140

Modifying a VLAN ............................................................................................................................................................................................. 141

Displaying VLAN Information ....................................................................................................................................................................... 144

Deleting a VLAN ................................................................................................................................................................................................. 145

Deleting All VLANs ............................................................................................................................................................................................ 147

Displaying PVIDs and Priorities .................................................................................................................................................................... 148

Enabling or Disabling Ingress Filtering ..................................................................................................................................................... 149

Designating a Management VLAN ............................................................................................................................................................. 151

Chapter 12

Multiple VLAN Modes ................................................................................................................................................................................... 153

Multiple VLAN Modes Overview .................................................................................................................................................................. 154

802.1Q- Compliant Multiple VLAN Mode ........................................................................................................................................ 154

Non-802.1Q Compliant Multiple VLAN Mode................................................................................................................................ 156

Preserving User-Configured VLANs ................................................................................................................................................... 158

Uplink VLANs - Multiple VLANs Mode Management .................................................................................................................. 158

Activating or Deactivating a Multiple VLAN Mode ............................................................................................................................... 159

Displaying VLAN Information ....................................................................................................................................................................... 160

Chapter 13

MAC Address Table ........................................................................................................................................................................................ 161

MAC Address Overview .................................................................................................................................................................................. 162

Displaying MAC Addresses ............................................................................................................................................................................ 164

Adding Static Unicast and Multicast MAC Addresses ..........................................................................................................................167

Deleting MAC Addresses ................................................................................................................................................................................ 168

Deleting All Dynamic MAC Addresses ....................................................................................................................................................... 169

Viewing MAC Addresses by Port ................................................................................................................................................................. 170

Identifying a Port Number by MAC Address ........................................................................................................................................... 171

Viewing the MAC Addresses of a VLAN ..................................................................................................................................................... 172

Changing the Aging Time .............................................................................................................................................................................. 173

Page 6

Table of Contents

Chapter 14

Class of Service .................................................................................................................................................................................................174

Class of Service Overview ...............................................................................................................................................................................175

Configuring CoS .................................................................................................................................................................................................177

Chapter 15

IGMP Snooping ................................................................................................................................................................................................179

IGMP Snooping Overview ..............................................................................................................................................................................180

Activating IGMP Snooping .............................................................................................................................................................................182

Displaying a List of Host Nodes ....................................................................................................................................................................185

Displaying a List of Multicast Routers ........................................................................................................................................................186

Chapter 16

Broadcast Storm Control .............................................................................................................................................................................187

Broadcast Storm Control Overview ............................................................................................................................................................188

Configuring the Interval Timer .....................................................................................................................................................................190

Configuring the Maximum Broadcast Frame Count ............................................................................................................................191

Chapter 17

TACACS+ and RADIUS Protocols .............................................................................................................................................................192

TACACS+ and RADIUS Overview .................................................................................................................................................................193

Functions of an Authentication Protocol......................................................................................................................................... 195

TACACS+ and RADIUS Configuration Guidelines ......................................................................................................................... 195

Configuring the Authentication Client Software ...................................................................................................................................196

Chapter 18

802.1x Port-Based Access Control ..........................................................................................................................................................202

802.1x Port-based Access Control Overview ...........................................................................................................................................203

Authentication Process........................................................................................................................................................................... 204

Port Roles..................................................................................................................................................................................................... 205

General Steps ............................................................................................................................................................................................. 205

Port-based Access Control Guidelines.............................................................................................................................................. 206

Enabling and Disabling Port Access Control ...........................................................................................................................................209

Configuring Port Access Control Parameters ..........................................................................................................................................211

Viewing Port Access Status ............................................................................................................................................................................214

Chapter 19

Ethernet Statistics ...........................................................................................................................................................................................215

Displaying Port Statistics ................................................................................................................................................................................216

Displaying Switch Statistics ...........................................................................................................................................................................218

Chapter 20

File Downloads and Uploads .....................................................................................................................................................................220

File Uploads and Downloads Overview ....................................................................................................................................................221

Downloading Files from a Local Management Session ......................................................................................................................223

Downloading Files from a Remote Management Session .................................................................................................................229

Downloading Files Switch to Switch ..........................................................................................................................................................232

Uploading Files from a Local Management Session .............................................................................................................................235

Uploading Files from a Remote Management Session ........................................................................................................................239

Page 7

Section III Web Browser Management

Chapter 21

Starting a Web Browser Management Session ................................................................................................................................242

Starting a Web Browser Management Session ...................................................................................................................................... 243

Browser Tools............................................................................................................................................................................................. 245

Quitting a Web Browser Management Session............................................................................................................................. 245

Chapter 22

Configuring an IP Address and Switch Name ......................................................................................................................................... 247

Activating the BOOTP and DHCP Client Software ................................................................................................................................. 251

Viewing System Information ........................................................................................................................................................................ 252

Configuring the SNMP Parameters and Trap IP Addresses ................................................................................................................ 254

Returning the AT-S39 Software to the Factory Default Values .........................................................................................................258

Chapter 23

Setting a Switch’s Enhanced Stacking Status ......................................................................................................................................... 261

Selecting a Switch in an Enhanced Stack ................................................................................................................................................. 263

Returning to the Master Switch .......................................................................................................................................................... 264

Chapter 24

Displaying Port Status and Statistics .......................................................................................................................................................... 271

........................................................................................................ 241

Chapter 25

Displaying the Port Security Level .............................................................................................................................................................. 277

Chapter 26

Port Trunks ........................................................................................................................................................................................................ 278

Creating or Deleting a Port Trunk ............................................................................................................................................................... 279

Chapter 27

Creating or Deleting a Port Mirror .............................................................................................................................................................. 282

Chapter 28

Enabling or Disabling STP or RSTP .............................................................................................................................................................. 285

Configuring STP Bridge Settings......................................................................................................................................................... 287

Configuring STP Port Settings ............................................................................................................................................................. 289

Configuring RSTP Bridge Settings ...................................................................................................................................................... 291

Configuring RSTP Port Settings........................................................................................................................................................... 293

Displaying STP or RSTP Settings .................................................................................................................................................................. 295

Chapter 29

Virtual LANs ....................................................................................................................................................................................................... 297

Creating A New Port-based or Tagged VLAN .........................................................................................................................................298

Modifying a Port-based or Tagged VLAN ................................................................................................................................................. 302

Deleting a Port-based or Tagged VLAN ....................................................................................................................................................303

Page 8

Table of Contents

Displaying VLANs ..............................................................................................................................................................................................304

Procedure 1................................................................................................................................................................................................. 305

Procedure 2................................................................................................................................................................................................. 305

Selecting a Multiple VLANs Mode ...............................................................................................................................................................306

Chapter 30

Viewing the MAC Address Table ..................................................................................................................................................................308

Adding Static Unicast and Multicast MAC Addresses ..........................................................................................................................311

Chapter 31

Chapter 32

Configuring IGMP Snooping .........................................................................................................................................................................318

Displaying a List of Host Nodes and Multicast Routers .......................................................................................................................321

Chapter 33

Configuring the Interval Timer .....................................................................................................................................................................324

Setting the Maximum Number of Broadcast Frames ...........................................................................................................................325

Chapter 34

TACACS+ and RADIUS Protocols .............................................................................................................................................................326

Configuring TACACS+ and RADIUS ............................................................................................................................................................327

Appendix A

AT-S39 Default Settings ...............................................................................................................................................................................331

Management Interface Default Settings ...................................................................................................................................................331

Switch Administration Default Settings ....................................................................................................................................................332

System Software Default Settings ...............................................................................................................................................................333

Enhanced Stacking Default Setting ............................................................................................................................................................333

SNMP Default Settings ....................................................................................................................................................................................333

Port Configuration Default Settings ...........................................................................................................................................................334

IGMP Snooping Default Settings .................................................................................................................................................................334

Spanning Tree Switch Settings .....................................................................................................................................................................335

STP Default Settings ................................................................................................................................................................................ 335

RSTP Default Settings.............................................................................................................................................................................. 335

VLAN Default Settings .....................................................................................................................................................................................336

Port Security Default Settings .......................................................................................................................................................................336

802.1x Port-Based Network Access Control Default Settings ...........................................................................................................336

Server-Based Authentication Default Settings .......................................................................................................................................337

Server-Based Authentication Default Settings .............................................................................................................................. 337

RADIUS Default Settings ........................................................................................................................................................................ 337

TACACS+ Client Default Settings ........................................................................................................................................................ 337

Index ......................................................................................................................................................................... 339

Page 9

List of Figures

Chapter 1

Overview .....................................................................................................................................................................20

Chapter 2

Starting a Local or Telnet Management Session .....................................................................................................29

Figure 1: Connecting a Terminal or PC to the RS232 Terminal Port ................................................................................................. 31

Figure 2: Main Menu .......................................................................................................................................................................................... 33

Chapter 3

Basic Switch Parameters ...........................................................................................................................................38

Figure 3: Administration Menu ...................................................................................................................................................................... 41

Figure 4: System Configuration Menu ......................................................................................................................................................... 46

Figure 5: Advanced Configuration Menu ................................................................................................................................................... 47

Figure 6: SNMP Configuration Menu ........................................................................................................................................................... 47

Figure 7: Passwords Menu ............................................................................................................................................................................... 51

Figure 8: Diagnostics Menu ............................................................................................................................................................................. 53

Chapter 4

Enhanced Stacking ....................................................................................................................................................57

Figure 9: Enhanced Stacking Example ........................................................................................................................................................ 60

Figure 10: Enhanced Stacking Menu ............................................................................................................................................................ 61

Figure 11: Stacking Services Menu ............................................................................................................................................................... 63

Chapter 5

Port Parameters .........................................................................................................................................................65

Figure 12: Port Menu ......................................................................................................................................................................................... 66

Figure 13: Port Status Window ....................................................................................................................................................................... 66

Figure 14: Port Configuration Menu ............................................................................................................................................................ 69

Figure 15: Manual Speed and Duplex Mode Settings ........................................................................................................................... 71

Figure 16: Uplink Information Menu ............................................................................................................................................................ 74

Figure 17: GBIC Information Menu ............................................................................................................................................................... 75

Chapter 6

Port Security ...............................................................................................................................................................76

Figure 18: Port Security Menu ........................................................................................................................................................................ 79

Figure 19: Limited Security Mode Menu ..................................................................................................................................................... 80

Page 10

List of Figures

Chapter 7

Port Trunking ............................................................................................................................................................. 82

Figure 20: Port Trunk Example ....................................................................................................................................................................... 83

Figure 21: Load Distribution Method .......................................................................................................................................................... 86

Figure 22: Port Trunking Menu ...................................................................................................................................................................... 89

Chapter 8

Port Mirroring ............................................................................................................................................................ 92

Figure 23: Port Mirroring Menu ..................................................................................................................................................................... 94

Chapter 9

STP and RSTP ............................................................................................................................................................. 96

Figure 24: Point-to-Point Ports .................................................................................................................................................................... 102

Figure 25: Edge Port ........................................................................................................................................................................................ 103

Figure 26: Point-to-Point and Edge Point ................................................................................................................................................ 103

Figure 27: VLAN Fragmentation .................................................................................................................................................................. 104

Figure 28: Spanning Tree Menu .................................................................................................................................................................. 105

Figure 29: STP Menu ........................................................................................................................................................................................ 107

Figure 30: Config STP Port Settings Menu ............................................................................................................................................... 110

Figure 31: RSTP Menu ..................................................................................................................................................................................... 112

Figure 32: RSTP Port Parameters ................................................................................................................................................................. 115

Figure 33: Configure RSTP Port Settings Menu ..................................................................................................................................... 116

Chapter 10

Virtual LANs Overview ............................................................................................................................................ 118

Figure 34: Port-based VLAN - Example 1 ................................................................................................................................................. 124

Figure 35: Port-based VLAN - Example 2 ................................................................................................................................................. 126

Figure 36: Example of a Tagged VLAN ...................................................................................................................................................... 130

Chapter 11

Creating Port-based and Tagged VLANs ............................................................................................................... 134

Figure 37: VLAN Menu .................................................................................................................................................................................... 135

Figure 38: Configure VLANs Menu ............................................................................................................................................................. 135

Figure 39: Create VLAN Menu ...................................................................................................................................................................... 136

Figure 40: Modifying a VLAN Menu ........................................................................................................................................................... 141

Figure 41: Show VLANs Menu - User Configured .................................................................................................................................. 144

Figure 42: Delete a VLAN Menu ................................................................................................................................................................... 145

Figure 43: Show PVIDs and Priorities Window ....................................................................................................................................... 148

Chapter 12

Multiple VLAN Modes ............................................................................................................................................. 153

Figure 44: Show VLANs Window -Multiple VLAN ................................................................................................................................. 160

Chapter 13

MAC Address Table ................................................................................................................................................. 161

Figure 45: MAC Address Table Menu ........................................................................................................................................................ 164

Figure 46: Show All MAC Addresses Window ........................................................................................................................................ 165

Chapter 14

Class of Service ........................................................................................................................................................ 174

Figure 47: Configure COS Priorities ............................................................................................................................................................ 177

Chapter 15

IGMP Snooping ........................................................................................................................................................ 179

Figure 48: IGMP Snooping Configuration Menu ................................................................................................................................... 182

Figure 49: View Multicast Hosts List Window ......................................................................................................................................... 185

Figure 50: View Multicast Routers List Window .................................................................................................................................... 186

Page 11

Chapter 16

Broadcast Storm Control .........................................................................................................................................187

Figure 51: Broadcast Storm Control Menu .............................................................................................................................................. 190

Chapter 17

TACACS+ and RADIUS Protocols ............................................................................................................................192

Figure 52: Authentication Menu ................................................................................................................................................................. 196

Figure 53: Authentication Menu (TACACS+) .......................................................................................................................................... 197

Figure 54: RADIUS Client Configuration .................................................................................................................................................. 199

Figure 55: RADIUS Server Configuration ................................................................................................................................................. 200

Chapter 18

802.1x Port-Based Access Control ..........................................................................................................................202

Figure 56: Port-based Authentication Across Multiple Switches ................................................................................................... 208

Figure 57: Port Access Control Menu ........................................................................................................................................................ 209

Figure 58: Configure Port Access Parameters ........................................................................................................................................ 211

Figure 59: Configure Port Access Parameters Menu ........................................................................................................................... 212

Figure 60: Display Port Access Status Menu ........................................................................................................................................... 214

Chapter 19

Ethernet Statistics ....................................................................................................................................................215

Figure 61: Ethernet Statistics Menu ........................................................................................................................................................... 216

Figure 62: Display Module Statistics Window ........................................................................................................................................ 218

Chapter 20

File Downloads and Uploads ..................................................................................................................................220

Figure 63: Downloads & Uploads Menu .................................................................................................................................................. 224

Figure 64: Local Management Window ................................................................................................................................................... 226

Figure 65: Send File Window ....................................................................................................................................................................... 227

Figure 66: XModem File Send Window .................................................................................................................................................... 227

Figure 67: Local Management Window ................................................................................................................................................... 237

Figure 68: Receive File Window .................................................................................................................................................................. 237

Figure 69: Receive Filename Window ....................................................................................................................................................... 238

Chapter 21

Starting a Web Browser Management Session .....................................................................................................242

Figure 70: Entering a Switch’s IP Address in the URL Field ............................................................................................................... 243

Figure 71: Home Page .................................................................................................................................................................................... 244

Chapter 22

Basic Switch Parameters .........................................................................................................................................246

Figure 72: General Tab Menu - Configuration ....................................................................................................................................... 248

Figure 73: General Tab Window - Monitoring ....................................................................................................................................... 252

Figure 74: SNMP Tab ....................................................................................................................................................................................... 254

Figure 75: Ping Client Menu ......................................................................................................................................................................... 257

Figure 76: Factory Default Tab .................................................................................................................................................................... 258

Chapter 23

Enhanced Stacking ..................................................................................................................................................260

Figure 77: Enhanced Stacking Tab ............................................................................................................................................................. 262

Figure 78: Stacking Switches Menu ........................................................................................................................................................... 263

Chapter 24

Port Parameters .......................................................................................................................................................265

Figure 79: Port Setting Configuration Tab .............................................................................................................................................. 266

Figure 80: Settings for Port Menu .............................................................................................................................................................. 267

Figure 81: Port Monitoring Page ................................................................................................................................................................ 271

Page 12

List of Figures

Figure 82: Port Status Window .................................................................................................................................................................... 272

Figure 83: Port Statistics Window ............................................................................................................................................................... 274

Chapter 25

Port Security ............................................................................................................................................................ 276

Figure 84: Port Security Menu ...................................................................................................................................................................... 277

Chapter 26

Port Trunks .............................................................................................................................................................. 278

Figure 85: Port Trunking Menu .................................................................................................................................................................... 279

Chapter 27

Port Mirroring .......................................................................................................................................................... 281

Figure 86: Port Mirroring Menu ................................................................................................................................................................... 282

Chapter 28

STP and RSTP ........................................................................................................................................................... 284

Figure 87: Spanning Tree Tab ...................................................................................................................................................................... 285

Figure 88: STP Bridge Configuration Menu ............................................................................................................................................. 287

Figure 89: STP Port Configuration Menu ................................................................................................................................................. 289

Figure 90: RSTP Bridge Configuration Menu .......................................................................................................................................... 291

Figure 91: RSTP Port Configuration Menu ............................................................................................................................................... 293

Figure 92: Spanning Tree Tab - Monitoring ............................................................................................................................................ 295

Figure 93: Rapid Spanning Tree Window - Monitoring ...................................................................................................................... 296

Chapter 29

Virtual LANs ............................................................................................................................................................. 297

Figure 94: VLAN Menu .................................................................................................................................................................................... 298

Figure 95: Add VLAN Menu ........................................................................................................................................................................... 299

Figure 96: VLAN Monitoring Window ....................................................................................................................................................... 304

Chapter 30

MAC Address Table ................................................................................................................................................. 307

Figure 97: Forwarding Database Tab ........................................................................................................................................................ 308

Figure 98: Add Static MAC Address Menu ............................................................................................................................................... 311

Chapter 31

Class of Service ........................................................................................................................................................ 314

Figure 99: CoS Tab ............................................................................................................................................................................................ 315

Figure 100: CoS Setting for Port Menu ..................................................................................................................................................... 316

Chapter 32

IGMP Snooping ........................................................................................................................................................ 317

Figure 101: IGMP Menu - Configuration .................................................................................................................................................. 318

Figure 102: IGMP Window - Monitoring ................................................................................................................................................... 321

Chapter 33

Broadcast Storm Control ........................................................................................................................................ 323

Chapter 34

TACACS+ and RADIUS Protocols ............................................................................................................................ 326

Figure 103: Server-based Authentication Tab ....................................................................................................................................... 327

Figure 104: TACACS+ Configuration Menu ............................................................................................................................................. 328

Figure 105: RADIUS Configuration Menu ................................................................................................................................................ 329

Page 13

Preface

This guide contains instructions on how to configure an AT-8000 Series Fast Ethernet Switch using the AT-S39 management software.

The AT-8000 Series consists of the following Fast Ethernet switches:

❑ AT-8012M

❑ AT-8012M-QS

❑ AT-8016F/xx (MT, SC and ST)

❑ AT-8024

❑ AT-8024GB

❑ AT-8024M

❑ AT-8026FC

❑ AT-8026T

❑ AT-8088/xx (MT and SC)

Page 14

Preface

How This Guide is Organized

This manual is divided into three sections.

Section I: Overview

This section contains just one chapter. It reviews the different ways that you can access the AT-S39 management software on a switch.

Section II: Local and Telnet Management

The chapters in this section explain how to manage a switch from a local management session or a Telnet management session.

A local management session is established by connecting a terminal or PC to the RS-232 Terminal Port on the front panel of the switch.

A Telnet management session is established using the Telnet application protocol. This type of management session can be performed from any workstation on your network that has the application protocol.

Section III: Web Browser Management

The chapters in this section explain how to manage a switch using a web browser, such as Microsoft® Internet Explorer or Netscape® Navigator, from a workstation on your network.

Page 15

Document Conventions

This document uses the following conventions:

Note

Notes provide additional information.

Warning

Warnings inform you that performing or omitting a specific action may result in bodily injury.

Caution

Cautions inform you that performing or omitting a specific action may result in equipment damage or loss of data.

AT-S39 User’s Guide

Page 16

Preface

Where to Find Web-based Guides

The installation and user guides for all Allied Telesyn products are available in Portable Document Format (PDF) from on our web site at

www.alliedtelesyn.com. You can view the documents on-line or

download them onto a local workstation or server.

Page 17

AT-S39 User’s Guide

Contacting Allied Telesyn

This section provides Allied Telesyn contact information for technical support as well as sales or corporate information.

Online Support You can request technical support online by accessing the Allied Telesyn

Knowledge Base from the following web site: http://kb.alliedtelesyn.com. You can use the Knowledge Base to submit questions to our technical support staff and review answers to previously asked questions.

Email and

Telephone

Support

Returning

Products

For Sales or

Corporate

Information

For Technical Support via email or telephone, refer to the Support & Services section of the Allied Telesyn web site: http://www.alliedtelesyn.com.

Products for return or repair must first be assigned a Return Materials Authorization (RMA) number. A product sent to Allied Telesyn without a RMA number will be returned to the sender at the sender’s expense.

To obtain a RMA number, contact Allied Telesyn’s Technical Support at our web site: http://www.alliedtelesyn.com.

You can contact Allied Telesyn for sales or corporate information at our web site: http://www.alliedtelesyn.com. To find the contact information for your country, select Contact Us -> Worldwide Contacts.

Page 18

Preface

Management Software Updates

You can download new releases of management software for our managed products from either of the following Internet sites:

❑ Allied Telesyn web site: http://www.alliedtelesyn.com

❑ Allied Telesyn FTP server: ftp://ftp.alliedtelesyn.com

To download new software from the Allied Telesyn FTP server using your workstation’s command prompt, you need FTP client software and you must log in to the server. Enter “anonymous” as the user name and your email address for the password.

Page 19

Section I

Overview

The chapter in this section provides a brief overview of the AT-S39 management software. It explains some of the functions that you can perform with the management software and reviews different methods for accessing the AT-S39 software on an AT-8000 Series Fast Ethernet Switch.

Page 20

Chapter 1 Overview

The AT-S39 management software is intended for the AT-8000 Series Fast Ethernet Switches. The software is used to monitor and adjust a switch’s operating parameters. Some of the functions you can perform with the software include:

❑ Enable and disable ports

❑ Configure port parameters, such as port speed and duplex mode

❑ Create virtual LANs (VLANs)

❑ Create port trunks and port mirrors

❑ Assign an Internet Protocol (IP) address and subnet mask

❑ Activate and configure a spanning tree protocol

❑ Activate enhanced stacking functions

❑ Configure Class of Service (COS)

❑ Enable and configure IGMP snooping

❑ Enable and configure broadcast storm control

❑ Download and upload image and configuration files

❑ Configure port security

❑ Enable port access control

The AT-S39 management software comes pre-installed on the switch with default settings for all operating parameters. If the default settings are adequate for your network, you can use the switch as an unmanaged switch simply by connecting the unit to your network, as explained in the hardware installation guide, and powering ON the device.

Page 21

AT-S39 User’s Guide

Note

The default settings for the management software can be found in Appendix A, AT-S39 Default Settings on page 331.

To actively manage a switch, such as to change or adjust the operating parameters, you must access the switch’s AT-S39 management software. The AT-S39 software features a menu interface and a command line interface that make it very easy to use, and a special interface for managing a switch with a web browser.

There are four different ways to access the management software on an AT-8000 Series switch. In this guide, these methods are referred to as management sessions. They are:

❑ Local Management Session

❑ Telnet Management Session

❑ Web Browser Management Session

❑ SNMP Management Session

The following sections in this chapter briefly describe each type of management session.

Page 22

Section I: Overview

Local Management Session

You establish a local management session with an AT-8000 Series switch by connecting a terminal or a PC with a terminal emulator program to the RS232 Terminal port on the front panel of the switch, using a straight-through RS-232 cable. This type of management session is referred to as “local” because you must be physically close to the switch, such as in the wiring closet where the switch is located.

Once the session is started, a menu is displayed and you can make selections to configure and monitor the switch. You can configure all of a switch’s operating parameters from a local management session.

Note

For instructions on starting a local management session, refer to Starting a Local Management Session on page 31.

A switch does not need an Internet Protocol (IP) address for you to manage it locally. You can start a local management session on a switch at any time. It will not affect the forwarding of frames by the device.

If you assign an AT-8000 Series switch an IP address and designate it as a master switch of an enhanced stack, you can will be able to manage all of the switches in the enhanced stack, all from the same local management session.

Note

For further information on enhanced stacking, refer to Enhanced Stacking Overview on page 58.

Page 23

Telnet Management Session

Any management workstation on your network that has the Telnet application protocol can be used to manage an AT-8000 Series switch. This type of management session is referred to in this guide as a remote management session because you do not have to be in the wiring closet where the switch you want to manage is located. You can manage the switch from any workstation on the network that has the application protocol.

To establish a Telnet management session with a switch, there must be at least one AT-8000 Series switch in the subnet that has been assigned an Internet Protocol (IP) address. Only one switch in a subnet needs to have an IP address. Once you have established a Telnet management session with the switch that has an IP address, you can use the enhanced stacking feature of the AT-S39 software to access all the other enhanced stacking switches in the same subnet.

Note

For further information on enhanced stacking, refer to Enhanced Stacking Overview on page 58.

AT-S39 User’s Guide

Note

For instructions on how to start a Telnet management session, refer to Starting a Telnet Management Session on page 35.

A Telnet management session gives you complete access to all of a switch’s operating parameters. You can perform nearly all the same functions from a Telnet management session as you can from a local management session.

Page 24

Section I: Overview

Web Browser Management Session

You can also use a web browser to manage a switch. This too is referred to as remote management, just like a Telnet management session. You can manage a switch from any workstation on your network that has a web browser.

Note

For instructions on starting this type of management session, refer to Starting a Web Browser Management Session on page 242.

In order to start a web browser management session, there must be at least one enhanced stacking switch in the subnet with an IP address and whose stacking status has been set to master. Once you have started a management session on the master switch, you can manage all of the switches in the enhanced stack.

Note

For further information on enhanced stacking, refer to Enhanced Stacking Overview on page 58.

Page 25

SNMP Management Session

Another way to remotely manage the switch is with an SNMP management program. A familiarity with Management Information Base (MIB) objects is necessary for this type of management.

The AT-S39 software supports the following MIBs:

❑ SNMP MIB-II (RFC 1213)

❑ Bridge MIB (RFC 1493)

❑ Interface Group MIB (RFC 1573)

❑ Ethernet MIB (RFC 1643)

❑ Remote Network MIB (RFC 1757)

❑ Allied Telesyn managed switch MIB

AT-S39 User’s Guide

You must download the Allied Telesyn managed switch MIB (atistackinfo.mib and atiswitch.mib) file from the Allied Telesyn web site and compile the file with your SNMP program. For instructions, refer to your SNMP management documentation.

Note

SNMP management does not utilize the enhanced stacking feature. Consequently, you must assign an IP address to each switch to be managed with an SNMP program.

Page 26

Section I: Overview

Management Access Levels

There are two levels of management access on an AT-8000 Series switch: Manager and Operator. When you log in as a Manager, you can view and configure all of a switch’s operating parameters. When you log in as an Operator, you can only view the operating parameters; you cannot change any values.

You log in as a manager or an operator by entering the appropriate password when you start an AT-S39 management session. To log in as a manager, type “manager” as the login and “friend” as the password. The default user name for operator is “operator” and the password is also “operator”. The login names and passwords are case-sensitive.

Page 27

Section II

Local and Telnet Management

The chapters in this section explain how to manage an AT-8000 Series switch from a local or Telnet management session. The chapters include:

❑ Chapter 2: Starting a Local or Telnet Management Session on

page 29

❑ Chapter 3: Basic Switch Parameters on page 38

❑ Chapter 4: Enhanced Stacking on page 57

❑ Chapter 5: Port Parameters on page 65

❑ Chapter 6: Port Security on page 76

❑ Chapter 7: Port Trunking on page 82

❑ Chapter 8: Port Mirroring on page 92

❑ Chapter 9: STP and RSTP on page 96

❑ Chapter 10: Virtual LANs Overview on page 118

❑ Chapter 11: Creating Port-based and Tagged VLANs on page

134

❑ Chapter 12: Multiple VLAN Modes on page 153

❑ Chapter 13: MAC Address Table on page 161

❑ Chapter 14: Class of Service on page 174

❑ Chapter 15: IGMP Snooping on page 179

❑ Chapter 16: Broadcast Storm Control on page 187

❑ Chapter 17: TACACS+ and RADIUS Protocols on page 192

Page 28

Section II: Local and Telnet Management

❑ Chapter 18: 802.1x Port-Based Access Control on page 202

❑ Chapter 19: Ethernet Statistics on page 215

❑ Chapter 20: File Downloads and Uploads on page 220

Page 29

Chapter 2 Starting a Local or Telnet Management Session

This chapter contains the procedure for starting a local or Telnet management session on an AT-8000 Series switch. The sections in the chapter are:

❑ Local Management Session on page 30

❑ Telnet Management Session on page 35

❑ Saving Your Parameter Changes on page 37

Page 30

Section II: Local or Telnet Management

Local Management Session

On the front panel of the switch is a port labelled RS232 Terminal Port. You can use this port to establish a local (out-of-band) management session with the switch’s AT-S39 management software.

A local management session is so named because you must be close to the switch, usually within a few meters, to start this type of management session. This typically means that you must be in the wiring closet where the switch is located.

A switch does not need an IP address to be managed from a local management session. You can start a local management session at any time on any AT-8000 Series switch in your network. A local management session does not interfere with the flow of Ethernet traffic through the unit.

Starting a local management session on a switch that has been configured as a Master switch allows you to manage all the switches in the enhanced stack from the same local management session. You do not have to start a separate local management session for each switch. This can simplify network management.

Starting a local management session on a switch that is not part of an enhanced stack or that is a slave switch allows you to manage just that switch.

Note For information on enhanced stacking, refer to Enhanced Stacking Overview on page 58.

Page 31

AT-S39 User’s Guide

LINK

MODE

PORT B

FAULT

MASTER

PWR

Starting a Local

Management

Session

To start a local management session, perform the following procedure:

1. Connect one end of the straight-through RS232 management cable with a DB-9 connector to the RS232 Terminal Port on the switch. (The management cable is included with the switch.)

RS-232 TERMINAL PORT

Figure 1 Connecting a Terminal or PC to the RS232 Terminal Port

2. Connect the other end of the cable to an RS-232 port on a terminal or PC with a terminal emulator program.

3. Configure the terminal or terminal emulator program as follows:

❑ Baud rate: 1200 bps to 115200 bps (default 9600; see Note below)

❑ Data bits: 8

❑ Parity: None

❑ Stop bits: 1

❑ Flow control: None

Page 32

Section II: Local or Telnet Management

Note

The switch has an auto-detect feature on the serial port that automatically determines the speed of the local terminal. You activate this feature by pressing the Return or Enter key twice on your keyboard when you initially start the local interface or within five seconds after powering on or resetting the switch. The switch determines the speed of the terminal and automatically configures the speed of the RS232 Terminal Port accordingly. Otherwise, the switch uses a default baud rate of 9600 bits per second (bps). The switch maintains the terminal port speed until the system is again powered on or reset. The range of the port’s baud rate is 1200 to 115200 bps.

Note

The port settings are for a DEC VT100 or ANSI terminal, or an equivalent terminal emulator program.

Note

During boot up, the switch displays the following prompt: Press <CTRL>B to go to Boot prompt. This message is intended

for manufacturing purposes only. (If you inadvertently display the boot prompt (=>), type boot and press Return to start the switch.)

4. Press the Return key twice.

Prompts are displayed for a login name and password.

5. To view and change the switch’s configuration, log in as a Manger. The login name is “manager” and the default password “friend”. To just view the configuration, log in as an operator. The login name is “operator” and the default password is also “operator”. Login names and passwords are case-sensitive. For information on the two access levels, refer to Management Access Levels on page 26. For instructions on how to change a password, refer to Configuring the Management Passwords on page 51.

Page 33

AT-S39 User’s Guide

The Main Menu is shown in Figure 2.

Allied Telesyn Ethernet Switch AT-8024GB - AT-S39

Sales Switch

Main Menu

1 - Port Menu 2 - VLAN Menu 3 - Spanning Tree Menu 4 - Administration Menu 5 - System Config Menu 6 - MAC Address Tables 7 - Ethernet Statistics 8 - Diagnostics 9 - Enhanced Stacking C - Command Line Interface

Q - Quit

Enter your selection?

Figure 2 Main Menu

Enhanced

Stacking

To select a menu item, type the corresponding letter or number.

Pressing the Esc key or typing the letter R in a submenu or menu, returns you to the previous menu.

Please note the following:

❑ The Command Line Interface selection in the Main Menu is

described in the AT-S39 Command Line Interface User’s Guide.

❑ If the prompt “Manager$” or “Operator$” is displayed instead of

the Main Menu, the management software has been configured to initially display the command line prompt instead of the Main Menu. To display the menu, type menu and press Return.

Starting a local management session on the master switch of an enhanced stack enables you to manage all the switches in the same enhanced stack from the same management session. This can save you the time and trouble of having to start a separate local management session each time you want to manage a switch in your network. It can also save you from having to go to the different wiring closets where the switches are located.

Starting a local management session on a slave switch or a switch that is not part of an enhanced switch allows you to manage just that switch.

Page 34

Section II: Local or Telnet Management

For information on enhanced stacking and how to manage different switches from the same management session, refer to Chapter 4, Enhanced Stacking on page 57.

Quitting from a

Local Session

To quit a local session, return to the Main Menu and type Q for Quit.

You should always exit from a management session when you are finished managing a switch. This can prevent unauthorized individuals from making changes to a switch’s configuration should you leave your management station unattended.

Note

You cannot operate both a local management session and a Telnet management session on the same switch simultaneously. Failure to properly exit from a local or Telnet management session may block future management sessions.

Page 35

Telnet Management Session

You can use the Telnet application protocol from a workstation on your network to manage an AT-8000 Series switch. This type of management is referred to as remote management because, unlike a local management session, you do not have to be in the wiring closet where the switch is located. You can use any workstation on your network with the application protocol to manage the switch.

In terms of functionally, there are almost no differences between managing a switch locally through the RS232 Terminal Port and remotely with the Telnet application protocol. You see the same menu selections and have nearly the same management capabilities.

Starting a Telnet management session requires that there be at least one enhanced stacking switch in your network that has an IP address and whose enhanced stacking status has been set to master. That switch is referred to as the master switch. Once you have started a Telnet management session on the master switch, you have management access to all enhanced stacking switches, including the AT-8000 Series switch, that reside in the same enhanced stack.

AT-S39 User’s Guide

Starting a Telnet

Management

Session

Note

For background information on enhanced stacking, refer to Enhanced Stacking Overview on page 58.

To start a Telnet management session, specify the IP address of the master switch of the enhanced stack in the Telnet application protocol and enter the management software password when prompted. The default password for manager access is “friend”. The default password for operator access is “operator”. Logins and passwords are casesensitive. For information on the two access levels, refer to Management Access Levels on page 26. (For instructions on how to change a password, refer to Configuring the Management Passwords on page 51.)

The Main Menu of a Telnet management session is the same menu seen in a local management session, as shown in Figure 2 on page 33. You can perform nearly all the same functions from a local management session as you can from a Telnet management session.

The menus also function the same. To make a selection, type its corresponding number of letter. To return to a previous menu, type R or press ESC twice.

Page 36

Section II: Local or Telnet Management

Note

You can run only one Telnet management session on a switch at a time. Additionally, you cannot run both a Telnet management session and a local management session on the same switch at the same time.

Quitting from a

Telnet

Management

Session

To end a Telnet management session, return to the Main Menu and type Q for Quit.

Page 37

Saving Your Parameter Changes

When you make a change to a switch parameter, the change is, in most cases, immediately activated on the switch as soon as you enter it. However, a parameter change is initially saved only to temporary memory by the switch and will be lost the next time you reset or power cycle the unit. To permanently save a change, you must select the S Save Configuration Changes option. You should select that menu option whenever you have made a change to a switch parameter that you want the switch to retain even when it is reset or power cycled. If you do not see the menu option, then there are no parameter changes to be saved.

AT-S39 User’s Guide

Page 38

Chapter 3 Basic Switch Parameters

This chapter contains a variety of information and procedures. There is a discussion on when to assign an IP address to a switch and the different ways that you can go about it. There are also procedures for resetting the switch, activating the original switch default settings, and more.

Sections in the chapter include:

❑ When Does a Switch Need an IP Address? on page 39

❑ Configuring an IP Address and Switch Name on page 41

❑ Activating the BOOTP and DHCP Client Software on page 44

❑ Configuring SNMP Community Strings and Trap IP Addresses

on page 46

❑ Resetting a Switch on page 49

❑ Configuring the AT-S39 Management Security Features on

page 50

❑ Viewing the AT-S39 Version Number and Switch MAC Address

on page 53

❑ Pinging a Remote System on page 54

❑ Returning the AT-S39 Software to the Factory Default Values

on page 55

❑ Configuring the Console Startup Mode on page 56

Page 39

When Does a Switch Need an IP Address?

One of the tasks to building or expanding a network is deciding which of the managed switches need a unique IP address. In the past the rule was that a managed switch needed an IP address if you wanted to manage it remotely, such as with the Telnet application protocol or a web browser. However, if a network contained a lot of managed switches, having to assign each one an IP address was often cumbersome and time consuming. It was also often difficult keeping track of all the IP addresses.

The enhanced stacking feature of the AT-8000 Series, AT-8400 Series, and AT-8524M switches simplifies all this. With enhanced stacking, you only need to assign an IP address to one switch in each subnet in your network. The switch with the IP address is referred to as the Master switch of the enhanced stack. All switches in the same stack share the IP address.

Starting a local or remote management session on the Master switch automatically gives you complete management access to all the other switches in the same enhanced stack.

AT-S39 User’s Guide

This feature has two primary benefits. First, it reduces the number of IP addresses you have to assign to your network devices. Second, it allows you to configure multiple switches through the same local or remote management session.

Note

For additional information on enhanced stacking, refer to Enhanced Stacking Overview on page 58.

When you assign a switch an IP address, you must also assign it a subnet mask. The switch uses the subnet mask to determine which portion of an IP address represents the network address and which the node address.

You must also assign the switch a gateway address if the switch and a remote management workstation are separated by a router. This gateway address is the IP address of the router through which the switch and remote management station will communicate.

If you do not plan to remotely manage any of the AT-8000 Series switches in your network, you do not need to assign any of them an IP address. The switches can operate without an IP address and you will still be able to manage them completely using local management sessions.

Page 40

Section II: Local and Telnet Management

How Do You

Assign an IP

Address?

Once you have decided which, if any, switches on your network need an IP address, you have to access the AT-S39 software on the switches and assign the addresses. There are actually two ways in which a switch can obtain an IP address.

The first method is for you to assign the IP configuration information manually. This procedure is explained in Configuring an IP Address and Switch Name on page 41.

The second method is for you to activate the BOOTP and DHCP services on the switch and have the switch automatically download its IP configuration information from a BOOTP or DHCP server on your network. This procedure is explained in Activating the BOOTP and

DHCP Client Software on page 44.

Note

Initially assigning an IP address to a switch or activating BOOTP and DHCP can only be done through a local management session, unless the switch is a part of an existing enhanced stack.

Page 41

Configuring an IP Address and Switch Name

The procedure in this section explains how to manually assign an IP address, subnet mask, and gateway address to the switch from a local or Telnet management session. (If you want the switch to obtain its IP configuration from a DHCP or BOOTP server on your network, go to the procedure Activating the BOOTP and DHCP Client Software on page

44.)

This procedure also explains how to assign a name to the switch, along with other optional information, such as the name of the administrator responsible for maintaining the unit and the location of the switch.

To manually set a switch’s IP address, perform the following procedure:

1. From the Main Menu, type 4 to select Administration Menu.

The Administration Menu is shown in Figure 3.

Allied Telesyn Ethernet Switch AT-8024 - AT-S39

Sales Switch

Administration Menu

AT-S39 User’s Guide

1 - IP Address ........ 0.0.0.0

2 - Subnet Mask ....... 0.0.0.0

3 - Default Gateway ... 0.0.0.0

4 - System Name ....... Sales Switch

5 - Administrator ..... Jane Smith

6 - Comments .......... Bldg. 12, Rm. 201

7 - Set Password ......

8 - BOOTP/DHCP ........ Disabled

9 - Reset Switch A - Server-based Authentication D - Downloads & Uploads P - Ping a Remote System

R - Return to Previous Menu

Enter your selection?

Figure 3 Administration Menu

Page 42

Section II: Local and Telnet Management

2. Change the parameters as desired.

The parameters in the IP Parameters menu are described below:

1 - IP Address

This parameter specifies the IP address of the switch. You must assign an IP address if you want the switch to function as the Master switch of an enhanced stack. (Slave switches do not need and IP address.) You must also assign it an IP address if it will not be part of an enhanced stack and you want to be able to manage it remotely using Telnet or a web browser. The IP address must be entered in the format: xxx.xxx.xxx.xxx. The default value is 0.0.0.0.

2 - Subnet Mask

This parameter specifies the subnet mask for the switch. You must specify a subnet mask if you assigned an IP address to the switch. The mask address must be entered in the format: xxx.xxx.xxx.xxx. The default value is 0.0.0.0.

3 - Default Gateway

This parameter specifies the default router’s IP address. This address is required if you intend to remotely manage the switch from a management station that is separated from the switch by a router. The gateway address must be entered in the format: xxx.xxx.xxx.xxx. The default value is 0.0.0.0.

4 - System Name

This parameter specifies a name for the switch (for example, Sales Ethernet switch). This parameter is optional. The name can be up to 30 alphanumeric characters. Spaces are allowed.

Note

You should assign each switch a name. The names can help you identify the various switches in your network. This can help you avoid performing a configuration procedure on the wrong switch.

5 - Administrator

This parameter specifies the name of the network administrator responsible for managing the switch. This parameter is optional. The name can be up to 30 alphanumeric characters. Spaces are allowed.

6 - Comments

This parameter specifies additional information about the Fast Ethernet switch, such as its location (for example, 4th Floor, room 402B). This parameter is optional. Comments can be up to 30 alphanumeric characters. Spaces are allowed.

Page 43

AT-S39 User’s Guide

7 - Set Password

This parameter is used to change the Manager and Operator’s login passwords. For instructions, refer to Configuring the

Management Passwords on page 51.

8 - BOOTP/DHCP

This selection activates and deactivates the BOOTP and DHCP client software on the switch. For information on this selection, refer to Activating the BOOTP and DHCP Client Software on page 44.

9 - Reset Switch This selection resets the switch, as explained in Resetting a Switch on page 49.

A - Server-based Authentication

This selection is used to configure the TACACS+ and RADIUS client software on the switch. For information on this feature, refer to Chapter 17, TACACS+ and RADIUS Protocols on page 192.

Downloads and Uploads For information on this selection, refer to Chapter 20, File Downloads and Uploads on page 220.

R - Ping a Remote System For information on this selection, refer to Pinging a Remote System on page 54.

3. After you have set the parameters, type S to select Save Configuration Changes.

Note

A change to any parameter in this menu, including IP address, subnet mask, and gateway address, is immediately activated on the switch.

Page 44

Section II: Local and Telnet Management

Activating the BOOTP and DHCP Client Software

The BOOTP and DHCP application protocols were developed to simplify network management. They are used to automatically assign IP configuration information to the devices on your network, such as an IP address, subnet mask, and a default gateway address.

An AT-8000 Series switch contains the client software of these protocols and can obtain IP configuration information from a BOOTP or DHCP server on your network. If you activate this feature, the switch seeks its IP address and other IP configuration information from a BOOTP or DHCP server on your network whenever you reset or power ON the device.

For this to work there must be a BOOTP or DHCP server residing on your network and you must configure the service by entering in the switch’s MAC address and other appropriate information.

BOOTP and DHCP application protocols allow you to specify how the IP address is to be assigned to the switch. Choices are static and dynamic. If you choose static, the server will always assign the same IP address to the switch when the switch is reset or powered ON. This is the preferred configuration. Since the BOOTP and DHCP services always assigns the same IP address to a switch, you will always know which IP address to use when you need to remotely manage a particular switch.

If you choose dynamic, the server will assign any unused IP address that it has not already assigned to another device. This means that a switch might have a different IP address each time you reset or power cycle the device, making it difficult for you to remotely manage the unit.

Note

The default setting for the BOOTP and DHCP client software is disabled.

To activate or deactivate the BOOTP and DHCP client software on the switch, perform the following procedure:

1. From the Main Menu, type 4 to select Administration Menu.

The Administration in Figure 3 on page 41 is displayed.

2. Type 8 to select BOOTP/DHCP.

The following prompt is displayed:

BOOTP/DHCP (E-Enabled, D-Disabled):

3. Type E to enable BOOTP and DHCP services on the switch or D to disable the services and press Return. The default is disabled.

Page 45

AT-S39 User’s Guide

4. Type S to select Save Configuration Changes.

Note

If you activate the BOOTP and DHCP client software, the switch immediately begins to query the network for a BOOTP or DHCP server. The switch continues to query the network for its IP configuration until it receives a response.

Any static IP address, subnet mask, and gateway address assigned to the switch are deleted from the Administration menu and replaced with the values the switch receives from the BOOTP or DHCP server. If you later disable BOOTP and DHCP, these values are returned to their default setting of 0.0.0.0.

Page 46

Section II: Local and Telnet Management

Configuring SNMP Community Strings and Trap IP Addresses

To configure the SNMP community strings for the switch and assign up to four IP addresses of management stations to receive traps from the switch, perform the following procedure:

Note

SNMP access is disabled by default. To enable SNMP access, refer to Configuring Management Access on page 52.

1. From the Main Menu, type 5 to select System Config Menu.

The System Configuration Menu is shown in Figure 4.

Allied Telesyn Ethernet Switch AT-8024GB - AT-S39

Sales Switch

System Config Menu

1 - MAC Aging Time .................... 300 seconds

2 - Switch Mode ....................... Tagged

3 - Console Disconnect Timer Interval . 10 minute(s)

4 - Web Server Status ................. Enabled

5 - SNMP Access ....................... Disabled

6 - Console Startup Mode .............. Menu

7 - Reset to Factory Defaults

A - Advanced Configuration

R - Return to Previous Menu

Enter your selection?

Figure 4 System Configuration Menu

Page 47

AT-S39 User’s Guide

2. From the System Configuration Menu, type A to select Advanced Configuration.

The Advanced Configuration menu is shown in Figure 5.

Allied Telesyn Ethernet Switch AT-8024GB - AT-S39

Sales Switch

Advanced Configuration Menu

1 - IGMP Snooping Configuration 2 - Broadcast Timers Setup 3 - SNMP Configuration

R - Return to Previous Menu

Enter your selection:

Figure 5 Advanced Configuration Menu

3. From the Advanced Configuration menu, type 3 to select SNMP Configuration.

The SNMP Configuration menu is shown in Figure 6.

Allied Telesyn Ethernet Switch AT-8024GB - AT-S39

Sales Switch

SNMP Configuration

1 - GET Community .............. public

2 - SET Community .............. private

3 - Trap Community ............. public

4 - Trap Receiver 1 ............ 0.0.0.0

5 - Trap Receiver 2 ............ 0.0.0.0

6 - Trap Receiver 3 ............ 0.0.0.0

7 - Trap Receiver 4 ............ 0.0.0.0

S - Save Configuration Changes R - Return to Previous Menu

Enter your selection:

Figure 6 SNMP Configuration Menu

Page 48

Section II: Local and Telnet Management

4. Adjust the parameters as desired. To change a value, type its corresponding number and, when prompted, enter the new value. The parameters are described below.

1 - GET Community 2 - SET Community 3 - Trap Community

Use these parameters to set a switch’s SNMP community strings. A community string can be up to thirteen characters. Community strings are case sensitive and can contain spaces and special characters, such as an exclamation point (!).

4 - Trap Receiver 1 5 - Trap Receiver 2 6 - Trap Receiver 3 7 - Trap Receiver 4

Use these selections to specify the IP addresses of up to four management workstations on your network to receive traps from the switch.

Changes to the SNMP parameters are immediately activated on the switch.

5. After making your changes, type S to select Save Configuration Changes.

Page 49

Resetting a Switch

This procedure reboots the switch.

To reset a switch, perform the following procedure:

1. From the Main Menu, type 4 to select Administrator Menu.

2. From the Administrator Menu, type 9 to select Reset Switch.

AT-S39 User’s Guide

Note

Any configuration changes not saved will be lost once the switch reboots. To save your configuration changes, return to the Main Menu and type S to select Save Configuration Changes.

Caution

The switch will not forward traffic during the brief period required to reload its operating software. Some network traffic may be lost.

The following prompt is displayed:

Do you want to proceed with the switch reboot? [Yes/No] ->

3. Type Y to reset the switch or N to cancel this procedure.

If you are running a local management session, you will see this prompt:

Please press <ENTER> key within 5 seconds for:

* Terminal speed detection, and

* To view the initialization messages Entering any key other than <ENTER> key does not guarantee the above ...

4. To view the initialization messages during the reset process, press Return.

The switch reinitializes its operating system, a task requiring approximately 20 seconds to complete. Once complete, the switch is again ready for normal network operations.

5. To resume managing the switch, you must reestablish your management session.

Page 50

Section II: Local and Telnet Management

Configuring the AT-S39 Management Security Features

The AT-S39 software has several security features that can help prevent unauthorized individuals from changing a switch’s parameter settings. The security features are:

❑ Manager and Operator Passwords - The management software

has two standard, management login accounts: Manager and Operator. The Manager account allows you to configure all switch parameters, while the Operator account only allows you to view the parameter settings. The default login name for Manager access is “manager” and the password is “friend”. The login name and password for Operator access are both “operator”. Login names and passwords are case-sensitive. For instructions on how to change a password, refer to Configuring the Management Passwords on page 51. (You can create additional management login accounts for the switch if your network contains a TACACS+ or RADIUS authentication protocol server. For instructions, refer to Chapter 17, TACACS+ and RADIUS Protocols on page 192.)

❑ Console Timeout - This parameter causes the management

software to automatically end a management session if it does not detect any activity from the local or remote management station after the specified period of time. This security feature can prevent unauthorized individuals from using your management station should you step away from your system while configuring a switch. The default for the console timeout value is 10 minutes. For instructions on how to set this security feature, refer to Configuring Management Access on page 52.

❑ Web Access - You can disable the web browser management

feature on the switch, and so prevent individuals from managing the switch remotely using a web browser. The default setting for web browser management access is enabled. For instructions on how to set this security feature, refer to Configuring Management Access on page 52.

❑ SNMP Access - You can also disable the SNMP management

feature on the switch, and so prevent individuals from managing the switch remotely using a SNMP management program. The default setting for SNMP access is disabled. For instructions on how to set this security feature, refer to Configuring Management Access on page 52.

Page 51

AT-S39 User’s Guide

Configuring the

Management

Passwords

The default password for Manager access is “friend”. The default password for Operator access is “operator”. A password can be from 0 to 20 alphanumeric characters. Passwords are case-sensitive.

Caution

You should not use spaces or special characters, such as asterisks (*) and exclamation points (!), in a password if you will be managing the switch from a web browser. Many web browsers cannot handle special characters in passwords.

To change the Manager or Operator password, perform the following procedure:

1. From the Main Menu, type 4 to select Administrator Menu.

2. From the Administrator Menu, type 7 to select Set Password.

The Passwords Menu is shown in Figure 7.

Allied Telesyn Ethernet Switch AT-8024GB - AT-S39

Passwords Menu

1 - Set Manager Password 2 - Set Operator Password

R - Return to Previous Menu

Enter your selection?

Figure 7 Passwords Menu

3. Type 1 to change the Manager password or type 2 to change the Operator password.

4. Follow the prompts. You are asked to enter the new password twice.

The new password is automatically saved by the management software. You do not need to use the Save Configuration Changes menu selection to permanently save the new password.

Page 52

Section II: Local and Telnet Management

Configuring

Management

Access

To configure the console timer, web access, and SNMP access security features of the AT-S39 management software, perform the following procedure:

1. From the Main Menu, type 5 to select System Config Menu.

The System Config Menu is shown in Figure 4 on page 46.

2. To configure the console timer, type 3 to select Console Disconnect Timer Interval and, when prompted, enter a value of from 1 to 60 minutes. The default value is ten minutes.

For example, if you specify 2 minutes, the AT-S39 management software automatically ends a local or remote management session if it does not detect any activity from the management station after 2 minutes.

A new console timer value takes affect the next time you start a local or remote management session.

3. To configure web browser access, type 4 to select Web Server Status and, when prompted, type E to enable the web server or D to disable it. The default value is enabled.

For example, if you disable the web server, no one can manage the switch remotely using a web browser.

4. To configure SNMP management access of the switch, type 5 to select SNMP Access and, when prompted, type E to enable SNMP management access or D to disable it. The default value is disabled.

When SNMP access is disabled, no one can manage the switch remotely using an SNMP management program.

Your changes are immediately activated on the switch.

5. After you have made the desired changes, type S to select Save Configuration Changes.

Page 53

AT-S39 User’s Guide

Viewing the AT-S39 Version Number and Switch MAC Address

The procedure in this section displays the following switch information:

❑ AT-S39 version number

❑ Bootloader version number

❑ Serial number

❑ MAC Address

To display the information, type 8 to select Diagnostics from the Main Menu. The Diagnostics menu is shown in Figure 8.

Allied Telesyn Ethernet Switch AT-8024 - AT-S39

Diagnostics

1 - Application Software Version .... AT-S39 v3.3.0

2 - Application Software Build Date . May 12 2004 19:32:40

3 - Bootloader Version .............. ATS39_LOADER v2.1.0

4 - Bootloader Build Date ........... Jul 21 2002 16:37:14

5 - Serial Number ................... S05248014600028

6 - MAC Address ..................... 00:30:84:52:03:80

7 - System Up Time .................. 20D:15H:24M:51S

8 - Uplink Information

R - Return to Previous Menu

Enter your selection?

Figure 8 Diagnostics Menu

The information displayed in selections 1 through 7 in this menu is for viewing purposes only. For information on option 8, refer to Displaying Uplink Information on page 74.

Page 54

Section II: Local and Telnet Management

Pinging a Remote System

You can instruct the switch to ping a remote device on your network. This procedure is useful in determining whether a valid link exists between the switch and another device.

Note

The switch must have an IP address in order for you to perform this procedure. This means that in most cases you must perform this procedure from the master switch of an enhanced switch.

To instruct the switch to ping a network device, perform the following procedure:

1. From the Main Menu, type 4 to select Administration Menu.

2. From the Administration Menu, type P to select Ping a Remote System.

The following prompt is displayed:

Please enter an IP address ->

3. Enter the IP address of the end node you want the switch to ping and press Return.

The results of the ping command are displayed on the screen. To stop the ping, press any key.

Page 55

AT-S39 User’s Guide

Returning the AT-S39 Software to the Factory Default Values

The procedure in this section returns all AT-S39 software parameters to their default values. This procedure also deletes any VLANs you created on the switch. The AT-S39 software default values can be found in

Appendix A, AT-S39 Default Settings on page 331.

Caution

Performing this procedure resets the switch. The switch will not forward traffic during the brief period required to reload its operating software. Some data traffic may be lost.

To return the AT-S39 management software to its default settings, perform the following procedure:

1. From the Main Menu, type 5 to select System Config Menu.

2. From the System Configuration Menu, type 7 to select Reset to Factory Defaults.

The following prompt is displayed:

Are you sure you want to reset to Factory Defaults? [Yes/No] ->

3. Type Y for yes or N for no.

The following prompt is displayed:

Do you want to reset IP, Subnet and Gateway as well? [Yes/No] ->

4. If you type Y for yes, all switch parameters including the IP address, subnet mask, and gateway address are changed to their default values. If you type N for no, all switch parameters excluding those settings are changed to their default values.

The following prompt is displayed:

The Factory Defaults take effect only after the Switch reboots.

Do you want to proceed with switch reboot? [Yes/No]

5. Type Y to reset the switch.

The operating parameters are returned to their default values and the switch is reset.

Page 56

Section II: Local and Telnet Management

Configuring the Console Startup Mode

You can configure the AT-S39 software to display either the Main Menu or the command line interface prompt ($) whenever you start a local or remote management session. The default is the Main Menu.

To change the console startup mode, perform the following procedure:

1. From the Main Menu, type 5 to select System Config Menu.

2. From the System Configuration Menu, type 6 to select Console Startup Mode.

The following prompt is displayed:

Enter Console Mode (M-Menu, C-CLI):

3. Type M if you want a management session to always start with the Main Menu, or C if you want it to display the command line interface prompt. The default is the Main Menu.

A change to the console startup mode takes effect the next time you start a local or remote management session.

Page 57

Chapter 4 Enhanced Stacking

This chapter explains the enhanced stacking feature. The sections in this chapter include:

❑ Enhanced Stacking Overview on page 58

❑ Setting a Switch’s Enhanced Stacking Status on page 61

❑ Selecting a Switch in an Enhanced Stack on page 63

Page 58

Section II: Local and Telnet Management

Enhanced Stacking Overview

The enhanced stacking feature can make it easier for you to manage the AT-8000 Series switches in your network. It offers the following benefits:

❑ You can manage up to 24 switches from one local or remote

management session. This eliminates the need of having to start separate management sessions for the different switches in your network.

❑ The switches can share the same IP address. This reduces the

number of IP addresses you need to assign to your network devices for remote management.

❑ Remotely managing a new switch in your network is simplified.

You simply connect it to your network. Once connected, you can begin to manage it immediately from any workstation in your network.

Guidelines Here are a few guidelines to implementing enhanced stacking in your

network:

❑ A enhanced stack can consist of any Allied Telesyn switches that

feature enhanced stacking, including the AT-8000 Series switches, the AT-8400 Series switches, and the AT-8524M switch.

❑ An enhanced stack cannot span subnets.

❑ All of the switches in an enhanced stack must use the same

management VLAN. This is the VLAN on which the switch expects to receive remote management packets. You can create more than one enhanced stack in a subnet by assigning switches to different Management VLANs. For information about Management VLANs, refer to Designating a Management VLAN on page 151.

❑ An enhanced stack must have at least one master switch. The

master switch can be any Allied Telesyn switch that supports enhanced stacking.

❑ You must assign the master switch an IP address and subnet mask.

❑ You must set the master switch’s stacking status to Master.

❑ The enhanced stacking feature uses the IP address 176.16.16.16.

Do not assign this address to any device on your subnet if you intend to use the enhanced stacking feature.

Page 59

AT-S39 User’s Guide

There are three basic steps to implementing this feature on your network:

1. You must select a switch in your network to function as the master switch of the stack.

The master switch can be any switch that supports enhanced stacking, such as an AT-8000 Series switch, an AT-8400 Series switch, or an AT-8524M switch. For networks that consist of more than one subnet, there must be at least one master switch in each subnet.

It is recommended that each enhanced stack have two master switches, each assigned a unique IP address. That way, should you remove one of the master switches from the network, such as for maintenance, you all still be able to remotely manage the other switches in the stack using the second master switch.

2. You must assign the master switch an IP address and subnet mask.

A master switch must have an IP address and subnet mask. The other switches in an enhanced stack, referred to as slave switches, do not.

If an enhanced stack will have more than one master switch, you must assign each master switch a unique IP address.

Note

You can set the IP address manually or activate the BOOTP and DHCP client software on a master switch and have the switch obtain its IP information from a BOOTP or DHCP server on your network. Initially assigning an IP address or activating the BOOTP and DHCP services can only be performed through a local management session of the master switch.

For instructions on how to set the IP address manually, refer to Configuring an IP Address and Switch Name on page 41. For instructions on activating the BOOTP and DHCP services, refer to Activating the BOOTP and DHCP Client Software on page 44.

3. Change the enhanced stacking status of the master switch to Master.

This is explained in the procedure Setting a Switch’s Enhanced Stacking Status on page 61.

Page 60

Section II: Local and Telnet Management

Master 1

IP Address

149.32.11.22

Master 2

IP Address

149.32.11.16

Master 1

IP Address

149.32.09.18

Figure 9 is an example of the enhanced stacking feature.

Subnet A

RS-232 TERMINAL PORT

FAULT

Router

MASTER

PWR

Subnet B

Master 2

IP Address

149.32.09.24

Figure 9 Enhanced Stacking Example

The example consists of a network of two subnets interconnected with a router. Each subnet consists of one enhanced stack. Two switches in each subnet have been selected as master switches of the enhanced stacks, and each has been assigned a unique IP address.

To manage the switches of an enhanced stack, you could start a local or a remote management session with one of the master switches in the enhanced stack. You would then have management access to all the enhanced stacking switches in the same stack.

Page 61

Setting a Switch’s Enhanced Stacking Status

The enhanced stacking status of the switch can be master switch, slave switch, or unavailable. Each status is described below:

❑ Master switch - A master switch of a stack can be used to manage

all the other switches in the stack. Once you establish a local or remote management session with the Master switch, you can access and manage all the switches in the stack. A master switch must have a unique IP address. You can manually assign a master switch an IP address or activate the BOOTP and DHCP services on the switch.

❑ Slave switch - A slave switch can be remotely managed through a

master switch. It does not need an IP address or subnet mask. This is the default setting for a switch.

❑ Unavailable - A switch with an unavailable stacking status cannot

be remotely managed through enhanced stacking. A switch with this designation can be managed locally. To be managed remotely, a switch with an unavailable stacking status must be assigned a unique IP address.

AT-S39 User’s Guide

Note

You cannot change the stacking status of a switch accessed through enhanced stacking. To change the stacking status of a switch that does not have an IP address or subnet mask, such as a slave switch, you must use a local management session. If the switch has an IP address and subnet mask, you can use either a local or a Telnet management session.

To adjust a switch’s enhanced stacking status, perform the following procedure:

1. From the Main Menu, type 9 to select Enhanced Stacking. The Enhanced Stacking menu is shown in Figure 10.

Allied Telesyn Ethernet Switch AT-8024 - AT-S39

Enhanced Stacking

1 - Switch State-(M)aster/(S)lave/(U)navailable.... Master

2 - Stacking Services

S - Save Configuration Changes R - Return to Previous Menu

Enter your selection?

Figure 10 Enhanced Stacking Menu

Page 62

Section II: Local and Telnet Management

The menu displays the current status of the switch at the end of selection “1 - Switch State.” For example, the switch’s current status in the figure above is Master.

Note

The “2 - Stacking Services” selection is included in the menu only for master switches.

2. To change a switch’s stacking status, type 1 to select Switch State.

The following prompt is displayed.

Enter new setup (M/S/U) ->

3. Type M to change the switch to a master switch, S to make it a slave switch, or U to make the switch unavailable. Press Return.

A change to the status is immediately activated on the switch.

4. Type S to select Save Configuration Changes.

Page 63

Selecting a Switch in an Enhanced Stack

The first thing you should do before performing a procedure on a switch in an enhanced stack is check to be sure you are performing it on the correct switch. If you assigned system names to your switches, then this is easy. The name of the switch being managed is always displayed at the top of every management menu.

When you start a management session on the Master switch of an enhanced stack, you are by default addressing that particular switch. The management tasks that you perform affect only the master switch.

To manage a slave switch or another Master switch in the stack, you need to select it from the management software.

To select a switch to manage in an enhanced stack, perform the following procedure:

1. From the Main Menu, type 9 to select Enhanced Stacking.

AT-S39 User’s Guide

2. From the Enhanced Stacking menu, type 2 to select Stacking Services.

The Stacking Services menu is shown in Figure 11.

Allied Telesyn Ethernet Switch AT-8024GB - AT-S39

Sales Switch

Stacking Services

Switch Software Switch

Num MAC Address Name Mode Version Model

-------------------------------------------------------------

G - Get/Refresh List of Switches S - Sort Switches in New Order A - Access Switch I - Image Download to Remote Switches C - Configuration Download to Remote Switches B - Boot Loader Download to Remote Switches R - Return to Previous Menu

Enter your selection?

Figure 11 Stacking Services Menu

Page 64

Section II: Local and Telnet Management

3. Type G to select Get/Refresh List of Switches.

The Master switch polls the network for all slave and other Master switches in the enhanced stack and displays a list of the switches in the Stacking Services menu.

Note

The Master switch on which you started the management session is not included in the list, nor are any switches with an enhanced stacking status of Unavailable.

Note

The menu selections I, C, and B for downloading image and bootloader files are explained in Chapter 20, File Downloads and Uploads on page 220.

By default, the switches are sorted in the menu by MAC address. You can sort the switches by name as well by selecting the option S - Sort Switches in New Order.

Returning to

the Master

Switch

4. To manage a different switch in an enhanced stack, type A to select Access Switch.

A prompt similar to the following is displayed:

Enter the switch number -> [1 to 24}

5. Type the number of the switch in the list you want to manage.

6. Enter a user name and password for the switch and press Return.

The default user name and password for manager access is “manager” and “friend”, respectively. The default user name and password for operator access is “operator” and “operator”. User names and passwords are case-sensitive.

The Main Menu of the selected switch is displayed. You now can manage the switch. Any management tasks you perform affect only the selected switch.

When you have finished managing a slave switch and want to manage another switch in the subnet, return to the Main Menu of the slave switch and type Q for Quit. This returns you to the Stacking Services menu. Once you see that menu, you are again addressing the Master switch from which you started the management session.

You can either select another switch in the list to manage or, if you want to manage the Master switch, return to the master switch’s Main Menu by typing R twice.

Page 65

Chapter 5 Port Parameters

The chapter contains procedures for viewing and changing the parameter settings for the individual ports on a switch.

This chapter contains the following procedures:

❑ Displaying Port Status on page 66

❑ Configuring Port Parameters on page 69

❑ Displaying Uplink Information on page 74

Page 66

Section II: Local and Telnet Management

Displaying Port Status

To display the status of the ports on the switch, perform the following procedure:

1. From the Main Menu, type 1 to select Port Menu.

The Port Menu is shown in Figure 12

Allied Telesyn Ethernet Switch AT-8024 - AT-S39

1 - Port Configuration 2 - Port Mirroring 3 - Port Trunking 4 - Port Status 5 - Port Security 6 - Port Access Control

S - Save Configuration Changes R - Return to Previous Menu

Sales Switch

Port Menu

Enter your selection?

Figure 12 Port Menu

2. From the Port Menu, type 4 to select Port Status.

The Port Status window is displayed (see Figure 13).

Allied Telesyn Ethernet Switch AT-8024 - AT-S39

Port Status

Prt Link Neg MDIO Spd Dplx PVID VlanID Flow State

--------------------------------------------------------------------001 Up Auto MDI 10 Half 00001 00001 Disabled Forwarding 002 Up Auto MDI 100 Full 00001 00001 Disabled Forwarding 003 Up Auto MDI 100 Full 00001 00001 Disabled Forwarding 004 Up Auto MDI 100 Full 00001 00001 Disabled Forwarding 005 Up Auto MDI 10 Half 00001 00001 Disabled Forwarding 006 Up Auto MDI 100 Full 00001 00001 Disabled Forwarding 007 Up Auto MDI 100 Full 00001 00001 Disabled Forwarding 008 Up Auto MDI 10 Half 00001 00001 Disabled Forwarding

N - Next Page U - Update Display R - Return to Previous Menu

Enter your selection?

Figure 13 Port Status Window

Page 67

AT-S39 User’s Guide

The information in this window is for viewing purposes only. The columns in the window are described below:

Prt

The port number.

Link

The status of the link between the port and the end node connected to the port. Possible values are:

Up - indicates that a valid link exists between the port and the end node.

Down - indicates that the port and the end node have not established a valid link.

Neg

The status of Auto-Negotiation on the port. Possible values are:

Auto - Indicates that the port is using Auto-Negotiation to set operating speed and duplex mode.

Manual - Indicates that the operating speed and duplex mode have been set manually.

MDIO

The operating configuration of the port. Possible values are Auto, MDI, MDI-X. The status Auto indicates that the port is automatically determining the appropriate MDI or MDI-X setting.

Spd

The operating speed of the port. Possible values are:

10 - 10 Mbps

100 - 100 Mbps

1000 - 1000 Mbps (optional Gigabit Ethernet ports only)

Dplx

The duplex mode of the port. Possible values are half-duplex and full-duplex.

PVID

The port VLAN identifier currently assigned to the port. This number corresponds to the VLAN identifier (VID) where the port is an untagged member.

VlanID

The VLAN identifier of the VLAN in which the port is an untagged member. This column will not include the VIDs of the VLANs where the port is a tagged member.

Flow

The flow control setting for the port. Possible values are:

None - No flow control on the port.

Page 68

Section II: Local and Telnet Management

Transmit - Flow control only as packets are being transmitted out the port.

Receive - Flow control only on as packets are being received on the port.

Both - Flow control for both packets entering and leaving the port.

State

The current operating status of the port. Possible values are:

Forwarding - The port is sending and receiving Ethernet frames.

Disabled - The port has been manually disabled.

Page 69

Configuring Port Parameters

To configure the parameter settings for a port on the switch, perform the following procedure:

1. From the Main Menu, type 1 to select Port Menu.

2. From the Port Menu, type 1 to select Port Configuration.

The following prompt is displayed:

Enter Ports List ->

3. Enter the port you want to configure. You can specify more than one port at a time. You can specify the ports individually (for example, 5,7,22), as a range (for example, 18-23), or both (for example, 1,5,14-

22).

The Port Configuration menu is shown in Figure 14.

Allied Telesyn Ethernet Switch AT-8024 - AT-S39

AT-S39 User’s Guide

Sales Switch

Port Configuration

Configuring Ports 4

0 - Description .......

1 - Status ............ Forwarding

2 - Negotiation ....... Auto

5 - Flow Control ...... None

6 - Advertise 10FDX ... Yes 7 - Advertise 10HDX ... Yes 8 - Advertise 100FDX .. Yes 9 - Advertise 100HDX .. Yes

M - MDI/MDIX Mode ..... Auto

C - Broadcast Control . No Broadcast Control

S - Save Configuration changes F - Force Renegotiation X - Reset Port R - Return to Previous Menu

Enter your selection?

Figure 14 Port Configuration Menu

Note

The Port Configuration menu in the figure above is for a 10/100 Mbps twisted pair port. The menu for a fiber optic port, a GBIC module, or a stacking module will contain a subset of the parameters.

Page 70

Section II: Local and Telnet Management

If you are configuring multiple ports and the ports have different settings, the Port Configuration menu displays the settings of the lowest numbered port. Once you have configured the settings of the port, all of its settings are copied to the other selected ports.

4. Adjust the port parameters as desired. You adjust a parameter by typing its number. This toggles the parameter through its possible settings. The parameters are described below.

0 - Port Description

You use this selection to assign a name to a port. The name can be from one to fifteen alphanumeric characters. Spaces are allowed, but you should not use special characters, such as asterisks or exclamation points.

1 - Status

You use this selection to enable or disable a port. When disabled, a port will not forward frames.

You might want to disable a port and prevent it from forwarding packets if a problem occurs with the node or cable connected to the port. Once the problem has been fixed, you can enable the port again to resume normal operation. You can also disable an unused port to secure it from unauthorized connections.

Possible settings are:

Forwarding - The port will forward packets. This is the default setting.

Disabled - The port will not forward packets.

2 - Negotiation

You use this selection to configure a port for Auto-Negotiation or to manually set a port’s speed and duplex mode.

If you select Auto for Auto-Negotiation, which is the default setting, the switch will set both speed and duplex mode for the port automatically. The switch determines the highest possible common speed between the port and its end node and sets the port to that speed. This helps to ensure that the port and the end node are operating at the highest possible common speed.

You should note the following concerning the operation of AutoNegotiation on a switch port:

❑ In order for a switch port to successfully Auto-Negotiate its duplex

mode with an end node, the end node should also be using AutoNegotiation. Otherwise, a duplex mode mismatch can occur. A switch port using Auto-Negotiation will default to half-duplex if it detects that the end node is not using Auto-Negotiation. This will result in a duplex mismatch if the end node is operating at a fixed duplex mode of full-duplex.

Page 71

AT-S39 User’s Guide

To avoid this problem, when connecting an end node with a fixed duplex mode of full-duplex to a switch port, you should disable Auto-Negotiation on the port and set the port’s speed and duplex mode manually.

❑ The auto-MDI/MDI-X setting is available only when a port’s speed

and duplex mode are set by Auto-Negotiation. If a port’s speed or duplex mode is set manually, the port’s wiring configuration defaults to MDI-X. Disabling Auto-Negotiation and setting a port’s speed and duplex mode manually might require setting the port’s MDI/MDI-X setting as well.

If you select Manual, two additional selections are displayed in the menu:

3 - Speed .............. 0100

4 - Duplex ............. Full-Duplex

Figure 15 Manual Speed and Duplex Mode Settings

You use these two selections to set the port’s speed and duplex mode. The possible settings for the 2 - Speed selection are:

0010 - 10 Mbps

0100 - 100 Mbps

1000 - 1000 Mbps (optional Gigabit Ethernet ports only)

The possible settings for 3 - Duplex are Full-duplex and Halfduplex.

5 - Flow Control

Flow control applies only to ports operating in full-duplex mode. A port uses a special pause packet to stop the end node from sending frames. The pause packet notifies the end node to stop transmitting for a specified period of time.

Possible settings are:

None - No flow control on the port.

Transmit - Flow control only as packets are being transmitted out the port.

Receive - Flow control only on as packets are being received on the port.

Both - Flow control for both packets entering and leaving the port.

Page 72

Section II: Local and Telnet Management

6 - Advertise 10FDX 7 - Advertise 10HDX 8 - Advertise 100FDX 9 - Advertise 100HDX

These selections appear in the menu only when a port is configured for Auto-Negotiation. During Auto-Negotiation, a switch port determines the appropriate speed and duplex mode by advertising its capabilities to the end node connected to it.

By default, a switch port will advertise its full capabilities, which in the case of a port on an AT-8000 Series switch are 10 or 100 Mbps speed and half- or full-duplex mode.

You can use these four selections to limit the capabilities a switch port will advertise during Auto-Negotiation. For example, if you set the selection 8 - Advertise 100HDX to No, the switch port will not advertise that it is capable of 100 Mbps, half-duplex operation.

Note

In most network environments you should leave all AutoNegotiation advertisements activated, which is the default setting.

M - MDI/MDIX Mode

Use this selection to set the wiring configuration of the port. The configuration can be Auto, MDI, or MDI-X.

The twisted pair ports on the switch feature auto-MDI/MDI-X. They configured themselves automatically as MDI or MDI-X when connected to an end node. This allows you to use either a straightthrough twisted pair cable when connecting any type of network device to a port on the switch.

If you disable Auto-Negotiation on a port and set a port’s speed and duplex mode manually, the auto-MDI/MDI-X feature is also disabled. A port where Auto-Negotiation has been disabled defaults to MDI-X. Disabling Auto-Negotiation may require that you manually configure a port’s MDI/MDI-X setting using this option or use a crossover cable.

C - Broadcast Control

For background information on this selection and instructions on how to set the option, refer to Broadcast Storm Control

Overview on page 188 and Configuring the Maximum Broadcast Frame Count on page 191.

P - Back Pressure

This menu option only appears for ports configured for halfduplex.

Backpressure performs much the same function as flow control. Both are used by a port to control the flow of ingress packets.

Page 73

AT-S39 User’s Guide

Where they differ is that while flow control applies to ports operating in full-duplex, backpressure applies to ports operating in half-duplex mode.

When a twisted pair port on the switch operating in half-duplex mode needs to stop an end node from transmitting data, it forces a collision. A collision on an Ethernet network occurs when two end nodes attempt to transmit data using the same data link at the same time. A collision causes the end nodes to stop sending data. This is called backpressure.

When a switch port needs to stop a half-duplex end node from transmitting data, it forces a collision on the data link, which stops the end node. Once the port is ready to receive data again, it stops forcing collisions.

The default setting for backpressure on a switch port is disabled.

5. Once you have set the port parameters, type S to select Save Configuration Changes.

Configuration changes are immediately activated on a port.

The Port Configuration menu also features these selections:

F - Force Renegotiation

This selection appears in the menu only when a port is set to AutoNegotiation. You can use the option to prompt the port to re-AutoNegotiate with the end node. This can be helpful if you believe that a port and end node are not operating at the same speed and duplex mode.

X - Reset Port

You can use this option to reset the selected port. This can prove useful in situations where a port is experiencing a problem establishing a valid connection to the end node. The reset takes less than a second to complete. The port’s current parameter settings are not changed by this option.

Page 74

Section II: Local and Telnet Management

Displaying Uplink Information

The AT-S39 management software can display basic manufacturer information about an optional GBIC module in an AT-8024GB switch or the fiber optic ports in an AT-8026FC switch.

To display uplink information, perform the following procedure:

1. From the Main Menu, type 8 to select Diagnostics.

2. From the Diagnostics menu, type 8 to select Uplink Information.

The GBIC Information menu is shown in Figure 16.

Allied Telesyn Ethernet Switch AT-8024 - AT-S39

1 - Uplink Information

Sales Switch

Uplink Information Menu

R - Return to Previous Menu

Enter your selection?

Figure 16 Uplink Information Menu

3. Type 1 to select Uplink Information.

The following prompt is displayed:

Enter Uplink Port number -> [25 to 26]

4. Enter the port number you want to view. This will be either 25 or 26. Press Return.

Page 75

AT-S39 User’s Guide

The management software displays a menu containing basic information about the GBIC module or fiber optic port. Figure 17 is an example of the menu.

Allied Telesyn Ethernet Switch AT-8024GB - AT-S39

Uplink Information Menu

Port Number ................... 25

Type of Serial Transceiver .... Unknown

Extended Serial Transceiver ... Module Not Defined

Connector Type ................ Unknown

Elect/Opt Transceiver .........

Serial Encoding ............... Unspecified

Nominal bit rate(100Mbits/s) .. 0

Length 9/125 mm Fib. (k) ...... 0

Length 9/125 um Fib. (100m) ... 0 Length 50/125 um Fib. (10m) ... 0 Length 62.5/125 um Fib. (10m) . 0

N - Next Page R - Return to Previous Menu

Enter your selection?

Figure 17 GBIC Information Menu

The information in the menu cannot be changed and is for viewing purposes only.

Page 76

Chapter 6 Port Security

This chapter contains the procedures for setting port security. The sections in this chapter include:

❑ Port Security Overview on page 77

❑ Configuring Port Security on page 79

❑ Configuring the Limited Security Mode on page 80

Note

To change a switch’s port security level, you must use a local management session. You cannot set port security from a Telnet or web browser management session, or through enhanced stacking.

Page 77

Port Security Overview

This feature can enhance the security of your network. You can use it to control which end nodes can forward frames through the switch, and so prevent unauthorized individuals from accessing your network or particular parts of the network.

This type of network security uses a frame’s source MAC address to determine whether the switch should forward a frame or discard it. The source address is the MAC address of the end node that sent the frame.

There are four levels of port security. Only one security level can be active on a switch at a time. The levels of port security are:

❑ Automatic

❑ Limited

❑ Secured

AT-S39 User’s Guide

❑ Locked

Automatic This operating mode disables port security. The switch learns and adds

addresses to its dynamic MAC address table as it receives frames on the ports.

Note

The Automatic security mode is the default security level for the switch.

Limited You can use this security level to manually specify the maximum number

of dynamic MAC addresses each port on the switch can learn. Once a port has learned its maximum limit, it discards ingress frames with source MAC addresses not already stored in the MAC address table.

When you activate this mode, the switch deletes all MAC addresses in the dynamic MAC address table and immediately begins learning new addresses as frames are received on the ports, up to the allowed limit for each port.

The MAC aging time is disabled under this security level. Once a dynamic MAC address has been learned on a port and added to the MAC address table, it remains in the table and is never purged, even when the end node is inactive.

Page 78

Section II: Local and Telnet Management

Static MAC addresses are retained by the switch and are not included in the count of maximum addresses that can be learned by a port. You can continue to add static MAC addresses to a port even after a port has learned its maximum number of dynamic MAC addresses.

Secure This security level instructs the switch to forward frames based solely on

static MAC addresses. When this security level is activated, the switch deletes all dynamic MAC addresses and disables the MAC address table so that no new addresses can be learned.

The switch also deletes any addresses in the static MAC address table. Once you have activated this security level, you must enter the static MAC addresses of the nodes whose frames the switch should forward. The switch will forward frames only from those nodes whose MAC addresses you enter in the static MAC address table. Any node whose MAC address is not in the static MAC address table will not be able to send frames through the switch.

Lock All Ports This security level causes the switch to immediately stop learning new

dynamic MAC addresses. The switch forwards frames based on the dynamic MAC addresses it has already learned and any static MAC addresses the network administrator has entered.

The MAC aging time is disabled in this security level; no dynamic MAC addresses are deleted from the MAC address table, even those belonging to inactive end nodes.

Note

For background information on MAC addresses and aging time, refer to MAC Address Overview on page 162.

Guidelines Here are a few general guidelines to keep in mind when using this type

of port security:

❑ The filtering of a packet occurs on the ingress port, not on the

egress port.

❑ You cannot use MAC address security and 802.1x port-based

access control on a switch port at the same time.

❑ Port security is set at the switch level. You cannot set this on a per-

port basis.

❑ Only one security level can be active on a switch at a time.

Page 79

Configuring Port Security

Note

Port security can only be set through a local management session. You cannot set this feature from a Telnet or web browser management session, or through enhanced stacking.

To set a switch’s port security level, perform the following procedure:

1. From the Main Menu, type 1 to select Port Menu.

2. From the Port Menu, type 5 to select Port Security.

The Port Security menu is shown in Figure 18.

Allied Telesyn Ethernet Switch AT-8024 - AT-S39

AT-S39 User’s Guide

Sales Switch

Port Security

1 - Configure Port Security Mode ....... AUTOMATIC

2 - Configure Limited Mode Parameters

S - Save Configuration changes R - Return to Previous Menu

Enter your selection?

Figure 18 Port Security Menu

3. Type 1 to select Configure Port Security Mode.

The following prompt is displayed:

Enter new mode (A-Automatic, L-Limited, S-Secured, KlocKed):

4. Select the desired security level. You can select only one security level. For an explanation of the levels, refer to Port Security Overview on page 77.

A change to the security level is immediately activated on the switch.

5. Type S to select Save Configuration Changes.

6. If you selected the Limited security level, go to the next procedure to set the MAC address limits for the individual ports.

Page 80

Section II: Local and Telnet Management

Configuring the Limited Security Mode

The Limited security mode lets you set the maximum number of dynamic MAC addresses each port on a switch can learn. When you activate this security level, the switch deletes all MAC addresses in the dynamic MAC address table and immediately begins to learn new addresses as frames are received on the ports. Once the maximum number of MAC addresses have been learned by a port, ingress frames with new source MAC addresses received on the port are discarded and are not forwarded.

You can assign the same limit to all ports or different limits to different ports.

Static MAC addresses are not deleted from the static MAC address table. Static MAC addresses are not included in the count of the maximum MAC addresses a port can learn. You can continue to add static MAC addresses even after a port has learned its maximum number of dynamic MAC addresses.

To configure Limited security mode, perform the following procedure:

1. From the Main Menu, type 1 to select Port Menu.

2. From the Port Menu, type 5 to select Port Security.

The Port Security menu is shown in Figure 18 on page 79.

3. From the Port Security menu, type 2 to select Configure Limited Mode Parameters.

The Limited Security Mode menu is shown in Figure 19.

Allied Telesyn Ethernet Switch AT-8024 - AT-S39

Sales Switch

Port Security Limited Mode Menu

1 - Display MAC Limits 2 - Configure Limited Mode Parameters

R - Return to Previous Menu

Enter your selection?

Figure 19 Limited Security Mode Menu

4. Type 2 to select Configure Limited Mode Parameters.

The following prompt is displayed:

Enter ports list:

Page 81

AT-S39 User’s Guide

5. Enter the port(s) where you want to specify a new MAC address limit. You can specify the ports individually (e.g., 1,4), as a range (e.g., 4-7), or both (e.g., 2-7,11,15).

The following prompt is displayed:

Enter new MAC limit -> [1 to 150] ->

6. Enter the maximum number of dynamic MAC addresses you want the port to be able to learn and press Return. The range is 1 to 150 addresses. The default is 100.

7. Repeat this procedure starting with Step 4 to specify MAC address limits on other ports.

8. Type S to select Save Configuration Changes.

9. Type 1 to select Display MAC Limits.

The current MAC address limits for all ports are displayed.

10. Examine the MAC limits. Check to be sure that they are correct. If you assigned different values to different ports, be sure that the different values apply to the correct ports. If necessary, repeat this procedure to change any MAC address limits.

Page 82

Chapter 7 Port Trunking

This chapter contains the procedures for creating and deleting port trunks. Sections in the chapter include:

❑ Port Trunking Overview on page 83

❑ Creating a Port Trunk on page 89

❑ Deleting a Port Trunk on page 91

Page 83

Port Trunking Overview

Port trunking is an economical way for you to increase the bandwidth between two Ethernet switches. A port trunk is 2, 3, or 4 ports that have been grouped together to function as one logical path. A port trunk increases the bandwidth between switches and is useful in situations where a single physical data link between switches is insufficient to handle the traffic load.

A port trunk always sends packets from a particular source to a particular destination over the same link within the trunk. A single link is designated for flooding broadcasts and packets of unknown destination.

The example in Figure 20 consists of a port trunk of four data links between two AT-8024 switches.

AT-S39 User’s Guide

AT-8024

10Base-T/100Base-TX Fast Ethernet Switch

Link

Mode

Link

Mode

MODE

COL

100

FULL

ACT

AT-8024

10Base-T/100Base-TX Fast Ethernet Switch

Link

Mode

Link

Mode

MODE

COL

100

FULL

ACT

RS-232 TERMINAL PORT

FAULT

MASTER

PWR

Figure 20 Port Trunk Example

Observe the following guidelines when creating a port trunk:

❑ An AT-8000 Series switch can support only one port trunk at a

time.

❑ A port trunk can consist of 2, 3, or 4 ports.

❑ The ports of a port trunk must be of the same medium type. For

example, they can be all twisted pair ports or all fiber optic ports.

RS-232 TERMINAL PORT

FAULT

MASTER

PWR

❑ The speed, duplex mode, and flow control settings must be the

same for all the ports in a trunk.

❑ The ports of a port trunk must be members of the same VLAN. A

port trunk cannot consist of ports from different VLANs.

Page 84

❑ When cabling a trunk, the order of the connections should be

maintained on both nodes. The lowest numbered port in a trunk on the switch should be connected to the lowest numbered port of the trunk on the other device, the next lowest numbered port on the switch should be connected to the next lowest numbered port on the other device, and so on.

For example, assume that you are connecting a trunk between two AT-8024 switches. On the first AT-8024 switch you had chosen ports 12, 13, 14, 15 for the trunk. On the second AT8024 switch you had chosen ports 21, 22, 23, and 24. To maintain the order of the port connections, you would connect port 12 on the first AT-8024 switch to port 21 on the second AT-8024, port 13 to port 22, and so on.

❑ You can create a port trunk of optional GBIC modules installed in

Port 25 and Port 26 of an AT-8024GB switch.

❑ You can create a port trunk of the fiber optic ports in an

AT-8026FC switch.

❑ You can create a port trunk of the ports in two expansion modules

in an AT-8016F switch, providing that the ports are of the same medium type and have the same operating specifications.

Port Operating

Specifications

Load

Distribution

Methods

The speed, duplex mode, and flow control settings must be the same for all the ports of a port trunk. When you create a port trunk, the management software copies the current settings of the lowest numbered port in the trunk to the other ports. For example, if you create a port trunk consisting of ports 5 to 8, the speed, duplex mode, and flow control settings for port 5 are copied to ports 6, 7, and 8 so that all the ports of the trunk have the same settings. For this reason it is recommended that before creating a port trunk you first examine the settings of the lowest number port that will be in the trunk and verify that it has the correct settings.

Once you have created a port trunk, do not change the speed, duplex mode or flow control of any port in the trunk without making the same change to the other ports.

There are two steps to creating a port trunk. The first is to identify the ports on the switch that are to function as the port trunk. The second is to select a load distribution method. This second step is important because unless you select the correct distribution method for your configuration, the switch might not evenly distribute the load across all the links of a trunk. Naturally, this could greatly diminish the value and purpose of the port trunk.

Page 85

AT-S39 User’s Guide

The AT-S39 management software offers two load distribution methods. They are:

❑ Source Address (SA) Trunking

❑ Source Address / Destination Address (SA/DA) Trunking

Let’s first take a look at the SA method. When a switch receives a packet from a network node, it examines the destination address to determine on which switch port, if any, the packet should be transmitted. If the packet is destined for a port trunk, the switch then examines the source address of the packet. If this is the first packet from the source node to be transmitted over a port trunk, the switch assigns the source address to one of the trunk links. All subsequent packets from the source node are sent out the assigned data link of the trunk.

The switch assigns source addresses so as to evenly distribute the addresses, or at least as much as possible, across all the ports of the trunk. The intent is to try and ensure that all links in the trunk are utilized.

Here is an example. Figure 21 on page 86 shows two AT-8000 Series Switches, an AT-8024 (Switch #1) and an AT-8024GB (Switch #2) interconnected with a port trunk of three data links. The trunk on Switch #1 consists of Ports 13 to 15 and on Switch #2 of Ports 1 to 3. The 10Base and 100Base workstations are directing traffic to a server connected to Switch #2. The server is connected to Switch #2 with a fiber optic Gigabit Ethernet data link provided by a 1000Base fiber optic GBIC module in the AT-8024GB switch.

Page 86

Workstation

AT-8024

10Base-T/100Base-TX Fast Ethernet Switch

Link

Mode

Link

Mode

AT-8026FC

10Base-T/100Base-TX Fast Ethernet Switch

Link

Mode

Link

Mode

MODE

COL

100

FULL

ACT

MODE

COL

100

FULL

ACT

TX TXRX RX

RS-232 TERMINAL PORT

CLASS 1 LASER PRODUCT DO NOT STARE

INTO BEAM

LINK

MODE

FAULT

MASTER

PWR

RS-232 TERMINAL PORT

LINK

MODE

Switch #1

FAULT

MASTER

PWR

Switch #2

Figure 21 Load Distribution Method

Now assume that you configured the port trunk on Switch #1 for SA load distribution. The switch might distribute the load as follow:

Table 1 Switch #1 Load Distribution

Source Workstation

Source MAC Address

Trunk Port

A 00A0EE 2313A3 13

B 00A134 1A9032 14

C 00A301 9083B2 15

D 001B21 87C6D6 14

Page 87

AT-S39 User’s Guide

For example, when Workstation B sends a packet to the server, Switch #1 will use Port 14 of the trunk to transmit it to Switch #2.

An assignment of a source MAC address to a port trunk remains active as long as the source node remains active. If the MAC address times out, the assignment is dropped. Should the source node become active again and need to transmit a packet over the trunk, a new assignment is made, either to the same port or to a different port in the trunk.

It should be noted that packets sent back from the destination node to the original source node may travel the same or a different data link in the trunk.

As a general rule, the SA load distribution method is useful in situations where the number of source nodes equals or is greater than the number of data links in the trunk.

So when would the SA method be inappropriate? Returning to the example in Figure 21, assume you configured Switch #2 also for SA load distribution. The result would be that the switch would use only one data link in the trunk to send packets back to Switch #1, because there is only one source, a Gigabit Ethernet server, connected to Switch #2. Since there is only one source, only one data link is used. So obviously the SA method is not appropriate when there are fewer source nodes than data links.

Source MAC Address

Server 00B012 DA0231

So now let’s look at the SA/DA method. A switch using the SA/DA method creates a matrix of the source and destination MAC addresses and then uses the matrix to determine which port in the trunk a frame is to be transmitted. With this method, packets from a particular source node might be sent over different data links in a trunk when sent to different destination addresses.

So let’s take a look at how this might look in practice. Assume that you configured Switch #2 in our example for SA/DA. The result might be something similar to that shown in Table 2.

Table 2 Trunk Port Assignments in an SA/DA Matrix

Destinations MAC Addresses

Workstation

00A0EE 2313A3

Workstation

00A134 1A9032

Workstation

00A301 9083B2

Workstation

001B21 87C6D6

2131

Page 88

Even though there is only one source, all the data links in the trunk are used. For instance, if the server needed to send a packet to Workstation C, by referring to the matrix Switch #2 would use Port 3 of the trunk to transmit the packet from that particular source MAC address to Switch #1.

As you can see, the SA/DA method is useful when a port trunk needs to send packets from one source node to many destination nodes, something that the SA method is not suited for. Additionally, the SA/DA method is also valid when sending from many source nodes to one destination node, or from many sources to many destinations.

The table below shows a possible matrix for a port trunk of three data links using the SA/DA method, handling traffic from four sources to four destinations.

Table 3 Trunk Port Assignments in an SA/DA Matrix

Destinations Addresses

Source Addresses 00A0EE 2313A3 00A134 1A9032 00A301 9083B2 001B21 87C6D6

00B012 DA0231 1 2 3 1

001230 DA2943 2 3 1 2

0042AA D45A21 3 1 2 3

00456A C23521 1 2 3 1

The bottom line is that the SA/DA method is more flexible than the SA method. A general rule to follow is if you are not sure which load distribution to choose, you should probably go with SA/DA.

Page 89

Creating a Port Trunk

This section contains the procedure for creating a port trunk on the switch. Be sure to review the guidelines in Port Trunking Overview on page 83 before performing the procedure.

Caution

Do not connect the cables to the trunk ports on the switches until after you have configured the trunk with the management software. Connecting the cables before configuring the software will create a loop in your network topology. Data loops can result in broadcast storms and poor network performance.

Note

Before creating a port trunk, examine the speed, duplex mode, and flow control settings of the lowest numbered port to be in the trunk. Check to be sure that the settings are correct for the end node to which the trunk will be connected. When you create the trunk, the AT-S62 management software copies the settings of the lowest numbered port in the trunk to the other ports so that all the settings are the same.

AT-S39 User’s Guide

You should also check to be sure that the ports are untagged members of the same VLAN. You cannot create a trunk of ports that are untagged members of different VLANs.

To create a port trunk, perform the following procedure:

1. From the Main Menu, type 1 to select Port Menu.

2. From the Port Menu, type 3 to select Port Trunking.

The Port Trunking menu is shown in Figure 22.

Allied Telesyn Ethernet Switch AT-8024 - AT-S39

Sales Switch

Port Trunking

1 - Trunk Ports ..... None

S - Save Configuration Changes R - Return to Previous Menu

Enter your selection?

Figure 22 Port Trunking Menu

Page 90

3. Type 1 to select Trunk Ports.

The following prompt is displayed.

Enter Trunk Port(s) ->

4. Enter the ports that will constitute the port trunk and press Return.

You can specify the ports individually (e.g., 1,2,3,4) or as a range (e.g., 7-10).

Once you have specified the ports of the trunk, the following menu selection appears:

2 - Trunk Method ....... SA/DA trunking

You use this selection to specify the load distribution method. The default is SA/DA.

5. To change the load distribution method, type 2 to toggle the selection through its possible settings of SA/DA and SA only trunking. The change in Port Trunking configuration is immediately activated on the switch.

6. Type S to select Save Configuration Changes.

7. Configure the ports on the remote switch for port trunking.

8. Connect the cables to the ports of the trunk on the switch.

The port trunk is ready for network operation.

Page 91

Deleting a Port Trunk

Caution

Disconnect the cables from the port trunk on the switch before performing the following procedure. Deleting a port trunk without first disconnecting the cables can create loops in your network topology. Data loops can result in broadcast storms and poor network performance.

To delete a port trunk from the switch, perform the following procedure:

1. From the Main Menu, type 1 to select Port Menu.

2. From the Port Menu, type 3 to select Port Trunking.

The Port Trunking menu is shown in Figure 22 on page 89.

3. Type D to select Delete trunk.

A confirmation prompt is displayed.

AT-S39 User’s Guide

4. Type Y for yes to delete the port trunk or N for no to cancel this procedure.

The port trunk is immediately deleted from the switch.

5. Type S to select Save Configuration Changes.

Page 92

Chapter 8 Port Mirroring

This chapter contains the procedures for creating and deleting a port mirror. Sections in the chapter include:

❑ Port Mirroring Overview on page 93

❑ Creating a Port Mirror on page 94

❑ Deleting a Port Mirror on page 95

Page 93

Port Mirroring Overview

The port mirroring feature allows you to unobtrusively monitor the traffic being received and transmitted on one or more ports on a switch by having the traffic copied to another switch port. You can connect a network analyzer to the port where the traffic is being copied and monitor the traffic on the other ports without impacting network performance or speed.

Observe the following guidelines when creating a port mirror:

❑ You can mirror from one to 23 ports on a switch at a time.

However, the more ports you mirror, the less likely the mirroring port will be able to handle all the traffic. For example, if you mirror the traffic of six heavily active ports, the mirror port is likely to drop packets, meaning that it will not provide an accurate mirror of the traffic of the other six ports.

❑ The ports to be mirrored and the mirroring port must be located

on the same switch.

AT-S39 User’s Guide

❑ The ports to be mirrored and the mirroring port must be

operating at the same speed. For example, you cannot use a 10/100 Mbps port to mirror traffic on a 1000 Mbps GBIC port.

Page 94

Creating a Port Mirror

To create a port mirror, perform the following procedure:

1. From the Main Menu, type 1 to select Port Menu.

2. From the Port Menu, type 2 to select Port Mirroring.

The Port Mirroring menu is shown in Figure 23.

Allied Telesyn Ethernet Switch AT-8024 - AT-S39

1 - Mirror (Destination) Port ....... None

2 - Mirroring (Source) Port(s) ...... None

S - Save Configuration Changes R - Return to Previous Menu

Enter your selection?

Sales Switch

Port Mirroring

Figure 23 Port Mirroring Menu

3. Type 1 to select Mirror (Destination) Port.

The following prompt is displayed.

Enter Mirror port (0=None) [0 to 24] ->

4. Enter the number of the port to function as the mirror port (that is, the port to where the traffic will be copied). Press Return.

You can specify only one mirror port.

5. Type 2 to select Mirroring (Source) Port.

The following prompt is displayed.

Enter Mirroring Ports (0=None):

6. Enter the number of the port whose traffic is to be mirrored. To mirror the traffic of more than one port, enter the ports individually (e.g., 1,4,6), as a range (e.g., 11-14), or both. Press Return.

The port mirror is active on the switch. You can now connect a network analyzer to the mirror (destination) port to monitor the traffic on the other ports.

7. Type S to select Save Configuration Changes.

Page 95

Deleting a Port Mirror

To delete a port mirror, perform the following procedure:

1. From the Main Menu, type 1 to select Port Menu.

2. From the Port Menu, type 2 to select Port Mirroring.

The Port Mirroring menu is shown in Figure 23 on page 94.

3. Type 1 to select Mirror (Destination) Port.

The following prompt is displayed.

Enter mirror port (0=None) [0 to 24] ->

4. Enter 0 and press Return.

The port mirror on the switch is deleted. The port that was functioning as the port mirror is now available for normal network operations.

5. Type S to select Save Configuration Changes.

AT-S39 User’s Guide

Page 96

Chapter 9 STP and RSTP

This chapter provides background information on the Spanning Tree Protocol (STP) and Rapid Spanning Tree Protocol (RSTP). The chapter also contains procedures on how to adjust the STP and RSTP bridge and port parameters. The sections in this chapter include:

❑ STP and RSTP Overview on page 97

❑ Enabling or Disabling STP or RSTP on page 105

❑ Configuring STP on page 107

❑ Configuring RSTP on page 112

Note

For detailed information on the Spanning Tree Protocol, refer to IEEE Std 802.1d. For detailed information on the Rapid Spanning Tree Protocol, refer to IEEE Std 802.1w.

Page 97

STP and RSTP Overview

A significant danger to Ethernet network performance is the existence of a data loop in a network topology. A data loop exists when two or more nodes on a network can transmit data to each other over more than one data link. The problem that data loops pose is that data packets can become caught in repeating cycles, referred to as broadcast storms, that needlessly consume network bandwidth and significantly reduce network performance.

STP and RSTP prevent data loops from forming by ensuring that only one path exists between the end nodes in your network. Where multiple paths exist, these protocols place the extra paths in a standby or blocking mode, leaving only one main active path.

STP and RSTP can also activate a redundant path if the main path goes down. So not only do these protocols guard against multiple links between segments and the risk of broadcast storms, but they can also maintain network connectivity by activating a backup redundant path in case a main link fails.

AT-S39 User’s Guide

Where the two protocols differ is in the time each takes to complete the process commonly referred to as convergence. When a change is made to the network topology, such as the addition of a new bridge, a spanning tree protocol must determine whether there are redundant paths that must be blocked to prevent data loops, or activated to maintain intercommunications between the various network segments. This process is referred to as convergence.

With STP, convergence for a large network can take up to a minute to complete. This can result in lost data packets and the loss of intercommunication between various parts of the network during the convergence process.

RSTP is much faster. RSTP can complete a convergence in seconds, and so greatly diminish the possible impact the process can have on your network.

Note

RSTP is activated by default on the switch.

The STP implementation on the AT-8000 Series Switch complies with the IEEE 802.1d standard. The RSTP implementation complies with the IEEE

802.1w standard. The following subsections provide a basic overview on how STP and RSTP operate and define the different parameters that you can adjust.

Page 98

Section II: Local and Telnet Management

Bridge Priority

and the Root

Bridge

The first task that bridges perform when a spanning tree protocol is activated on a network is the selection of a root bridge. A root bridge distributes network topology information to the other network bridges and is used by the other bridges to determine if there are redundant paths in the network.

A root bridge is selected by a combination of a bridge priority number, also referred to as the bridge identifier, and sometimes the bridge’s MAC address. The bridge with the lowest bridge priority number in the network is selected as the root bridge. If two or more bridges have the same bridge priority number, of those bridges the one with the lowest MAC address is designated as the root bridge.

The bridge priority number can be changed on an AT-8000 Series switch. You can designate which switch on your network you want as the root bridge by giving it the lowest bridge priority number. You might also consider which bridge should function as the backup root bridge in the event you need to take the primary root bridge off-line, and assign that bridge the second lowest bridge identifier number.

With STP, the bridge priority has a range of from 0 to 65535. You can select any value within that range.

With RSTP, the range is slightly less, from 0 to 61440. Furthermore, you can only select a value that is a multiple of 4096. To make this easier for you, the management software divides the range into increments. You specify the increment that represents the desired bridge priority value. The range is divided into sixteen increments, as shown in the following table.

Table 4 RSTP Bridge Priority Value Increments

Increment

Bridge Priority

Increment

Bridge Priority

00832768

1 4096 9 36864

2 8192 10 40960

3 12288 11 45056

4 16384 12 49152

5 20480 13 53248

6 24576 14 57344

7 28672 15 61440

Page 99

AT-S39 User’s Guide

Path Costs and Port Costs

Once the Root Bridge has been selected, the bridges must determine if the network contains redundant paths and, if one is found, they must select a preferred path while placing the redundant paths in a backup or blocking state.

Where there is only one path between a bridge and the root bridge, the bridge is referred to as the designated bridge and the port through which the bridge is communicating with the root bridge is referred to as the root port.

If redundant paths exist, the bridges that are a part of the paths must determine which path will be the primary, active path, and which path(s) will be placed in the standby, blocking mode. This is accomplished by an determination of path costs. The path offering the lowest cost to the root bridge becomes the primary path and all other redundant paths are placed into blocking state.

Path cost is determined through an evaluation of port costs. Every port on a bridge participating in STP has a cost associated with it. The cost of a port on a bridge is typically based on port speed. The faster the port, the lower the port cost. The exception to this is the ports on the root bridge, where all ports have a port cost of 0.

Path cost is simply the cumulation of the port costs between a bridge and the root bridge.

The port costs of the ports on an AT-8000 Series switch are adjustable through the management software, but the range is different depending on whether you are using STP or RSTP.

For STP, the range is 1 to 65535. You can assign a port a port cost of any value within the range. Below are the default values.

Table 5 STP Default Port Costs

Port Speed Port Cost

10 Mbps 10

100 Mbps 10

1000 Mbps 4

In RSTP, the range is much greater: 0 to 20 000 000. This greater range allows you to have more control over path costs.

Page 100

Section II: Local and Telnet Management

RSTP port cost also features an Auto-Detect feature. This features allows RSTP to automatically set the port cost according to the speed of the port, assigning a lower value for higher speeds. Auto-Detect is the default setting on the ports when the switch is operating in RSTP. Table 6 lists the ports cost with Auto-Detect.

Table 6 RSTP Auto-Detect Port Costs

Port Speed Port Cost

10 Mbps 2 000 000

100 Mbps 200 000

1000 Mbps 20 000

You can override Auto-Detect and set the port cost manually.

Port Priority

If two paths have the same port cost, the bridges must select a preferred path. In some instances this can involve the use of the port priority parameter. This parameter can be used as a tie-breaker when two paths have the same cost.

In STP, the range for port priority is 0 to 255.

In RSTP, the range is 0 to 240. As with RSTP Bridge Priority, this range is broken into increments, in this case multiples of 16. When you specify a port priority for a port, you enter the increment of the desired value.

Table 7 RSTP Port Priority Value Increments

Increment

Port Priority

Increment

Port Priority

008128

1169144

2 3210160

3 4811176

4 6412192

5 8013208

6 9614224

7 112 15 240

100

Allied Telesis AT-8012M, AT-8088-MT, AT-8088-SC, AT-8026FC, AT-8026T User Manual

Specifications and Main Features

Frequently Asked Questions

User Manual

Table of Contents

List of Figures

Preface

How This Guide is Organized

Document Conventions

Where to Find Web-based Guides

Contacting Allied Telesyn

Online Support You can request technical support online by accessing the Allied Telesyn

Management Software Updates

Section I

Overview

Chapter 1

Overview

Local Management Session

Telnet Management Session

Web Browser Management Session

SNMP Management Session

Management Access Levels

Section II

Local and Telnet Management

Chapter 2

Starting a Local or Telnet Management Session

Local Management Session

Telnet Management Session

Saving Your Parameter Changes

Chapter 3

Basic Switch Parameters

When Does a Switch Need an IP Address?

Configuring an IP Address and Switch Name

Activating the BOOTP and DHCP Client Software

Configuring SNMP Community Strings and Trap IP Addresses

Resetting a Switch

Configuring the AT-S39 Management Security Features

Viewing the AT-S39 Version Number and Switch MAC Address

Pinging a Remote System

Returning the AT-S39 Software to the Factory Default Values

Configuring the Console Startup Mode

Chapter 4

Enhanced Stacking

Enhanced Stacking Overview

Guidelines Here are a few guidelines to implementing enhanced stacking in your

Setting a Switch’s Enhanced Stacking Status

Selecting a Switch in an Enhanced Stack

Chapter 5

Port Parameters

Displaying Port Status

Configuring Port Parameters

Displaying Uplink Information

Chapter 6

Port Security

Port Security Overview

❑ Automatic

❑ Limited

Secure This security level instructs the switch to forward frames based solely on

Lock All Ports This security level causes the switch to immediately stop learning new

Guidelines Here are a few general guidelines to keep in mind when using this type

Configuring Port Security

Configuring the Limited Security Mode

Chapter 7

Port Trunking

Port Trunking Overview

Creating a Port Trunk

Deleting a Port Trunk

Chapter 8

Port Mirroring

Port Mirroring Overview

Creating a Port Mirror

Deleting a Port Mirror

Chapter 9

STP and RSTP

STP and RSTP Overview