This product includes software licensed under the BSD License. As such, the following language applies for those
portions of the software licensed under the BSD License:
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following
conditions are met:
* Redistributions of source code must retain the above copyright notice, this list of conditions and the following
disclaimer.
* Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following
disclaimer in the documentation and/or other materials provided with the distribution.
* Neither the name of Allied Telesis, Inc. nor the names of the respective companies above may be used to endorse or
promote products derived from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT
SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY
WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
Copyright 1989, 1991, 1992 by Carnegie Mellon University. Derivative Work - 1996, 1998-2000. Copyright 1996, 19982000 by The Regents of the University of California - All rights reserved. Copyright (c) 2001-2003 by Networks
Associates Technology, Inc. - All rights reserved. Copyright (c) 2001-2003 by Cambridge Broadband Ltd. - All rights
reserved. Copyright (c) 2003 by Sun Microsystems, Inc. - All rights reserved. Copyright (c) 2003-2005 by Sparta, Inc. All rights reserved. Copyright (c) 2004 by Cisco, Inc. and Information Network Center of Beijing University of Posts and
Telecommunications. - All rights reserved. Copyright (c) 2003 by Fabasoft R&D Software GmbH & Co KG - All rights
reserved. Copyright (c) 2004-2006 by Internet Systems Consortium, Inc. ("ISC") - All rights reserved. Copyright (c)
1995-2003 by Internet Software Consortium - All rights reserved. Copyright (c) 1992-2003 by David Mills - All rights
reserved. Copyright (c) 1995 by Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved. Copyright (c) 1998
by CORE SDI S.A., Buenos Aires, Argentina - All rights reserved. Copyright 1995, 1996 by David Mazieres - All rights
reserved. Copyright 1983, 1990, 1992, 1993, 1995 by The Regents of the University of California - All rights reserved.
Copyright (c) 1995 Patrick Powell - All rights reserved. Copyright (c) 1998-2005 The OpenSSL Project - All rights
reserved. Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - All rights reserved. Copyright (c) 2008, Henry
Kwok - All rights reserved. Copyright (c) 1995, 1998, 1999, 2000, 2001 by Jef Poskanzer <jef@mail.acme.com>. - All
rights reserved.
Some components of the SSH software are provided under a standard 2-term BSD license with the following names as
copyright holders: Markus Friedl, Theo de Raadt, Niels Provos, Dug Song, Aaron Campbell, Damien Miller, Kevin
Steves, Daniel Kouril, Wesley Griffin, Per Allansson, Nils Nordman, and Simon Wilkinson,
Portable OpenSSH includes code from the following copyright holders, also under the 2-term BSD license: Ben
Lindstrom, Tim Rice, Andre Lucas, Chris Adams, Corinna Vinschen, Cray Inc., Denis Parker, Gert Doering, Jakob
Schlyter, Jason Downs, Juha Yrjola, Michael Stone, Network Associates, Solar Designer, Todd C. Miller, Wayne
Schroeder, William Jones, Darren Tucker, Sun Microsystems, The SCO Group.
Some Portable OpenSSH code is licensed under a 3-term BSD style license to the following copyright holders: Todd C.
Miller, Theo de Raadt, Damien Miller, Eric P. Allman, The Regents of the University of California, and Constantin S.
Svintsoff. Some Portable OpenSSH code is licensed under an ISC-style license to the following copyright holders:
Internet Software Consortium, Todd C. Miller, Reyk Floeter, and Chad Mynhier. Some Portable OpenSSH code is
licensed under a MIT-style license to the following copyright holder: Free Software Foundation, Inc.
This product also includes software licensed under the GNU General Public License available from:
http://www.gnu.org/licenses/gpl2.html
Allied Telesis is committed to meeting the requirements of the open source licenses including the GNU General Public
License (GPL) and will make all required source code available.
If you would like a copy of the GPL source code contained in this product, please send us a request by registered mail
including a check for US$15 to cover production and shipping costs, and a CD with the GPL code will be mailed to you.
GPL Code Request
Allied Telesis, Inc.
3041 Orchard Parkway
San Jose, California 95134
No part of this publication may be reproduced without prior written permission from Allied Telesis, Inc.
Allied Telesis, AlliedWare Plus, and the Allied Telesis logo are trademarks of Allied Telesis, Incorporated. Microsoft and
Internet Explorer are registered trademarks of Microsoft Corporation. All other product names, company names, logos or
other designations mentioned herein are trademarks or registered trademarks of their respective owners.
Allied Telesis, Inc. reserves the right to make changes in specifications and other information contained in this document
without prior written notice. The information provided herein is subject to change without notice. In no event shall Allied
Telesis, Inc. be liable for any incidental, special, indirect, or consequential damages whatsoever, including but not limited
to lost profits, arising out of or related to this manual or the information contained herein, even if Allied Telesis, Inc. has
been advised of, known, or should have known, the possibility of such damages.
Web Manager Accounts ................................................................................................................................... 21
Chapter 2: Starting a Management Session ............................................................................................... 23
Non-secure HTTP and Secure HTTPS Modes................................................................................................. 24
Starting the Initial Web Management Session.................................................................................................. 25
Logging onto the Switch ................................................................................................................................... 27
What to Configure First..................................................................................................................................... 30
Changing the Login Password ................................................................................................................... 30
Assigning a Name to the Switch ................................................................................................................ 30
Changing a Management IP Address ........................................................................................................ 30
Setting System Time .................................................................................................................................. 31
Starting a Web Management Session .............................................................................................................. 32
When You Do Not Know the IP Address of the Switch .............................................................................. 32
When the Switch Does Not Display the Login Page .................................................................................. 33
Logging onto the CLI through the Console Port......................................................................................... 33
Checking for the IP Addresses of the Switch in the CLI............................................................................. 34
Adding an IP Address to the Switch in the CLI .......................................................................................... 34
Checking the Status of HTTP and HTTPS Services in the CLI.................................................................. 34
Enabling HTTP or HTTPS Service in the CLI ............................................................................................ 35
Saving your Changes in the CLI ................................................................................................................ 36
Saving Your Changes....................................................................................................................................... 37
Ending a Web Management Session ............................................................................................................... 38
Setting the System Date and Time................................................................................................................... 40
Configuring an SNTP or NTP Server ......................................................................................................... 40
Setting System Time Manually................................................................................................................... 43
Configuring a Telnet or SSH Server ................................................................................................................. 45
Configuring a Remote Log Server .................................................................................................................... 47
Setting the Switch Information.......................................................................................................................... 48
Managing the Configuration File....................................................................................................................... 50
Displaying the Configuration Files.............................................................................................................. 50
Setting the Active Configuration File .......................................................................................................... 51
Downloading a Configuration File onto Your PC........................................................................................ 51
Deleting a Configuration............................................................................................................................. 51
Managing Local User Accounts........................................................................................................................ 52
Adding a New User Account ...................................................................................................................... 52
Changing a User Password ....................................................................................................................... 53
5
Contents
Changing the User Privilege.......................................................................................................................54
Deleting a User Account............................................................................................................................. 55
Rebooting a Switch ........................................................................................................................................... 57
Upgrading the Software .................................................................................................................................... 58
Displaying System Information ......................................................................................................................... 61
Chapter 4: Setting Port Parameters ............................................................................................................. 63
Port Numbers on the Switch .............................................................................................................................64
Displaying the Port Parameters ........................................................................................................................65
Changing the Port Settings ............................................................................................................................... 67
Displaying the Storm Control Settings .............................................................................................................. 71
Modifying the Storm Control Settings ............................................................................................................... 73
Chapter 5: Setting Port Statistics ................................................................................................................. 75
Displaying Port Statistics .................................................................................................................................. 76
Displaying Transmit and Receive Port Statistics ........................................................................................ 76
Clearing Port Statistics...................................................................................................................................... 82
Displaying Port Mirroring Settings..................................................................................................................... 87
Assigning a Destination Port ............................................................................................................................. 88
Specifying Direction Type .................................................................................................................................89
Deleting Port Mirroring Settings ........................................................................................................................ 91
Chapter 7: Spanning Tree Protocol on a Port ............................................................................................. 93
AT-FS970M Series Version 2.3.1.0 Web Interface User’s Guide
Port VLAN Identifier ................................................................................................................................. 132
Adding a VLAN ............................................................................................................................................... 135
Displaying the Routers List............................................................................................................................. 155
Clearing the Routers List ................................................................................................................................ 156
Displaying the Hosts List ................................................................................................................................ 157
Power Budget........................................................................................................................................... 170
Port Prioritization...................................................................................................................................... 171
Displaying PoE Port Settings.......................................................................................................................... 172
Modifying PoE Settings on a Port................................................................................................................... 176
Chapter 16: MAC Address-based Port Security ....................................................................................... 179
Accounting Information ............................................................................................................................ 189
Configuring RADIUS and TACACS+ ....................................................................................................... 189
Placing RADIUS and TACACS+ Servers in the Client’s List ................................................................... 189
Configuring RADIUS for Remote Manager Authentication ............................................................................. 191
Configuring Remote Manager Authentication Using RADIUS ................................................................. 191
7
Contents
Adding a RADIUS Server .........................................................................................................................193
Configuring TACACS+ for Remote Manager Authentication ..........................................................................195
Configuring Remote Manager Authentication Using TACACS+............................................................... 195
Adding a TACACS+ Server ...................................................................................................................... 198
Deleting an Authentication Server .................................................................................................................. 200
Port Roles................................................................................................................................................. 202
Creating an ACL ............................................................................................................................................. 235
Assigning an ACL to Ports .............................................................................................................................. 239
Displaying a List of ACLs ................................................................................................................................ 241
Class Information......................................................................................................................................252
Creating a QoS Policy..................................................................................................................................... 255
8
AT-FS970M Series Version 2.3.1.0 Web Interface User’s Guide
Assigning a QoS Policy to Ports..................................................................................................................... 260
Displaying a List of QoS Policies .................................................................................................................... 262
Chapter 23: Setting Dynamic Routes Using RIP ...................................................................................... 263
Displaying the RIP Configuration.................................................................................................................... 265
Enabling RIP on a VLAN Interface ................................................................................................................. 267
Changing the RIP Settings ............................................................................................................................. 270
Removing a VLAN Interface from the RIP Configuration ............................................................................... 271
Displaying the ARP Table............................................................................................................................... 277
Adding a Static ARP Entry.............................................................................................................................. 278
Enabling and Configuring LLDP on the Switch............................................................................................... 284
Disabling LLDP on the Switch ........................................................................................................................ 287
Configuring LLDP on a Port............................................................................................................................ 288
Selecting LLDP TLVs on a Port...................................................................................................................... 290
Setting a Location Entry for the LLDP-MED Location TLV............................................................................. 294
Creating a Civic Location Entry................................................................................................................ 294
Creating a Coordinate Location ............................................................................................................... 298
Creating an Emergency Location Identification Number (ELIN) Location................................................ 300
Assigning LLDP Locations to a Port ............................................................................................................... 302
Selecting LLDP-MED TLVs on a Port............................................................................................................. 304
Displaying LLDP Neighbor Information .......................................................................................................... 307
Specifying an sFlow Collector ........................................................................................................................ 324
Configuring sFlow on a Port ........................................................................................................................... 327
Enabling sFlow on the Switch......................................................................................................................... 329
Displaying the sFlow Settings......................................................................................................................... 330
Figure 4: AlliedWare Plus™ Command Line Prompt............................................................................................................34
Figure 5: Displaying the IP Address .....................................................................................................................................34
Figure 6: Displaying the Status of HTTP Service .................................................................................................................35
Figure 7: Displaying the Status of HTTPS Service...............................................................................................................35
Figure 8: System Contact Information Page.........................................................................................................................37
Figure 9: System Settings Tab .............................................................................................................................................41
Figure 10: System Time Settings Page ................................................................................................................................41
Figure 11: System Time Settings Page with Network Time Settings Tab ............................................................................42
Figure 13: System Services Page ........................................................................................................................................45
Figure 14: System Contact Information Page.......................................................................................................................48
Figure 17: User Management Page......................................................................................................................................52
Figure 18: User Management Page with Change Password Tab.........................................................................................54
Figure 19: User Management Page with Change Privilege Tab...........................................................................................55
Figure 20: User Management Page with Delete User Tab...................................................................................................56
Figure 21: User Login Page on the Allied Telesis Website...................................................................................................58
Figure 22: System Upgrade Page ........................................................................................................................................59
Figure 23: Port Number ........................................................................................................................................................64
Figure 24: Switching Tab with Port Tab................................................................................................................................65
Figure 25: Port Configuration Page ......................................................................................................................................65
Figure 26: Port Configuration Modify Page...........................................................................................................................68
Figure 27: Storm Control List Page ......................................................................................................................................71
Figure 28: Storm Control Settings Page...............................................................................................................................73
Figure 29: Port Statistics Page with Tx + Rx Tab.................................................................................................................76
Figure 30: Port Statistics with the Receive Tab....................................................................................................................78
Figure 31: Port Statistics with the Transmit Tab...............................................................................
Figure 32: Port Statistics Page with Interface Tab................................................................................................................81
Figure 33: Port Statistics Page with the Reload Page Button...............................................................................................83
Figure 34: Port Mirroring List Page.......................................................................................................................................87
Figure 35: Modify Port Mirroring Page..................................................................................................................................89
Figure 36: Port Spanning Tree Settings Page......................................................................................................................95
Figure 37: Modify Port Spanning Tree Settings Page ..........................................................................................................97
Figure 41: Unicast MAC Address Page..............................................................................................................................105
Figure 42: Multicast MAC Address Page............................................................................................................................107
Figure 43: Switching Tab with Link Aggregation Selected..................................................................................................113
Figure 57: IGMP Snooping Page with Configuration Tab ...................................................................................................152
Figure 58: IGMP Snooping Page with Routers List Tab .....................................................................................................155
Figure 59: IGMP Snooping Page with Hosts List Tab.........................................................................................................157
Figure 60: IGMP Snooping Querier with One Querier ........................................................................................................161
Figure 61: IGMP Snooping Querier with Two Queriers ......................................................................................................162
Figure 66: PoE Port List Page ............................................................................................................................................173
Figure 67: Modify Port PoE Settings Page .........................................................................................................................176
Figure 69: MAC Based Port Security Page.........................................................................................................................182
Figure 70: Modify MAC Based Port Security Page .............................................................................................................184
Figure 71: Authentication Server Configuration Page with RADIUS Tab ...........................................................................191
Figure 72: RADIUS Server Add Page.................................................................................................................................193
Figure 73: Authentication Server Configuration Page with TACACS+ Tab ........................................................................196
Figure 74: TACACS+ Server Add Page..............................................................................................................................198
Figure 75: Example of Port Roles.......................................................................................................................................203
Figure 76: Single Host Mode ..............................................................................................................................................203
Figure 82: 802.1x Authentication Page with Status Enabled ..............................................................................................213
Figure 94: Menu for Mirror to Port.......................................................................................................................................237
Figure 106: Text Box for Priority Queue .............................................................................................................................257
Figure 107: Text Box for DSCP ..........................................................................................................................................257
Figure 108: Text Box for CoS .............................................................................................................................................258
Figure 118: RIP Statistics Page with the Refresh Button ...................................................................................................274
Figure 140: LLDP Neighbors Information Page..................................................................................................................307
Figure 141: LLDP Statistics Page with Port Statistics Tab .................................................................................................309
Figure 142: LLDP Statistics Page with Summary Tab........................................................................................................310
Figure 144: sFlow Page with the Port Configurations Tab .................................................................................................324
Figure 145: sFlow Page with Collectors Tab ......................................................................................................................325
Figure 147: sFlow Port Modify Page...................................................................................................................................328
13
Figures
14
Preface
Caution
This is the web interface user’s guide for the AT-FS970M Series of Fast
Ethernet switches. The instructions in this guide explain how to start a
management session, use the web interface of the AlliedWare Plus™
Management Software, and configure the features of the switch.
For hardware installation instructions, refer to the AT-FS970M Series Fast Ethernet Switches Installation Guide.
This preface contains the following sections:
“Document Conventions” on page 16
“Where to Find Web-based Guides” on page 17
“Contacting Allied Telesis” on page 18
The software described in this document may contain certain
encryption/security or cryptographic functionality and for exporting
those products/software, USA export restrictions apply as per 15
C.F.R. Part 730-772 (particularly Part 740.17). At present, as per
United States of America’s export regulations our products/software
cannot be exported to Cuba, Iran, North Korea, North Sudan, or
Syria. If you wish to transfer this software outside the United States
or Canada, please refer to export regulations of USA.
15
Document Conventions
Note
Caution
Warning
This document uses the following conventions:
Notes provide additional information.
Cautions inform you that performing or omitting a specific action
may result in equipment damage or loss of data.
Warnings inform you that performing or omitting a specific action
may result in bodily injury.
16
Where to Find Web-based Guides
The installation and user guides for all of the Allied Telesis products are
available for viewing in portable document format (PDF) from our web site
at www.alliedtelesis.com/support/documentation.
AT-FS970M Series Version 2.3.1.0 Web Interface User’s Guide
17
Contacting Allied Telesis
If you need assistance with this product, you may contact Allied Telesis
technical support by going to the Support & Services section of the Allied
Telesis web site at www.alliedtelesis.com/support. You can find links for
the following services on this page:
24/7 Online Support— Enter our interactive support center to
search for answers to your product questions in our knowledge
database, to check support tickets, to learn about RMAs, and to
contact Allied Telesis experts.
USA and EMEA phone support— Select the phone number that
best fits your location and customer type.
Hardware warranty information— Learn about Allied Telesis
warranties and register your product online.
Replacement Services— Submit a Return Materials Authorization
(RMA) request via our interactive support center.
Documentation— View the most recent installation and user
guides, software release notes, white papers, and data sheets for
your products.
Software Downloads— Download the latest software releases for
your managed products.
For sales or corporate information, go to www.alliedtelesis.com/purchase and select your region.
18
Chapter 1
AT-FS970M Series Version 2.3.1.0 Web
Browser Interface
This chapter describes the types of management sessions using the
AT-FS970M Series management software and the web interface manager
accounts. See the following sections:
“Management Sessions” on page 20
“Web Manager Accounts” on page 21
19
Chapter 1: AT-FS970M Series Version 2.3.1.0 Web Browser Interface
Management Sessions
The AT-FS970M Series switches provide two management interfaces: the
web interface and Command Line Interface (CLI). This manual provides
procedures that guide you through the web interface.
The initial management session of the switch can be from a management
session, either through the web interface or the CLI. The switch is shipped
from the factory with an IP address assigned and the web interface (HTTP
service) enabled so that you can start the initial management session
through the web interface. To start the initial web management session,
see Chapter 2, “Starting a Management Session” on page 23.
The web interface allows access to a subset of the AlliedWare Plus
features. For access to all of the AlliedWare Plus features, you must use
the CLI.
Detailed feature descriptions are not provided in this guide. For thorough
explanations of the features, see the AT-FS970M Series Version 2.3.1.0
Management Software Command Line Interface User’s Guide.
20
Web Manager Accounts
You must log on to manage the switch. This requires a valid username and
password. The switch comes with one manager account with a username
of “manager” and the default password of “friend.” Both the username and
password are case-sensitive. This account gives you access to all
management modes and commands.
In the web interface, you can create two additional remote manager
accounts. For instructions, see “Managing Local User Accounts” on
page 52. The switch supports up to three manager sessions at one time.
AT-FS970M Series Version 2.3.1.0 Web Interface User’s Guide
21
Chapter 1: AT-FS970M Series Version 2.3.1.0 Web Browser Interface
22
Chapter 2
Starting a Management Session
This chapter describes how to start a management session using the
AlliedWare Plus™ web interface as well as how to select fields, save your
changes, and end a management session. See the following sections:
“Non-secure HTTP and Secure HTTPS Modes” on page 24
“Starting the Initial Web Management Session” on page 25
“Logging onto the Switch” on page 27
“What to Configure First” on page 30
“Starting a Web Management Session” on page 32
“Saving Your Changes” on page 37
“Ending a Web Management Session” on page 38
For additional information about the web server, see the following chapters
in the AT-FS970M Series Version 2.3.1.0 Management Software Command Line Interface User’s Guide:
Non-secure HTTP Web Browser Server
Non-secure HTTP Web Browser Server Commands
Secure HTTPS Web Browser Server
Secure HTTPS Web Browser Server Commands
Starting a Management Session
23
Chapter 2: Starting a Management Session
Note
Non-secure HTTP and Secure HTTPS Modes
The switch has a web server so that you can remotely manage the switch
over the network from a web browser on your PC. The server can operate
in either plain-text HTTP mode or encrypted HTTPS mode. To access the
switch through a web browser on your PC, either HTTP service or HTTPS
service must be enabled.
HTTP ModeWeb browser management sessions of the switch conducted in the HTTP
mode are non-secure because the packets exchanged by the server on
the switch and your management workstation are sent in clear text,
leaving the packets vulnerable to snooping.
The switch shipped from the factory is configured with HTTP service
enabled.
HTTPS ModeWeb browser management sessions of the switch conducted in the
HTTPS mode are protected against snooping because the packets
exchanged between the switch and your management workstation are
encrypted. Only the switch and the workstation are able to decipher the
packets.
To access the switch in the HTTPS mode:
The switch must have an HTTPS certificate.
HTTPS service on the switch must be enabled.
Either HTTPS or HTTP service can be enabled. To enable HTTPS
service, HTTP must be disabled.
To configure the switch with an HTTPS certificate and enable HTTPS
service, you must use the AlliedWare Plus™ Command Line Interface
(CLI). See “Secure HTTPS Web Browser Server” chapter in AT-FS970M
Series Version 2.3.1.0 Management Software Command Line Interface
User’s Guide.
24
AT-FS970M Series Version 2.3.1.0 Web Interface User’s Guide
Note
Starting the Initial Web Management Session
This section explains how to start a management session for the first time
using the AT-FS970M web interface. The switch shipped from the factory
is configured with an IP address assigned and the web interface (HTTP
service) enabled.
The switch and your PC must be directly connected through a twisted-pair
cable, and the IP addresses of the switch and your PC must be members
of the same network. Because the switch is shipped from the factory with
the IP address 169.254.1.1 and the subnet mask 16, you must assign your
PC an IP address in the 169.254.0.0/16 network, except 169.254.1.1. In
addition, your PC must have a web browser, such as Windows Internet
Explorer, installed.
There are two ways to assign an IP address to your PC:
Manually assign any IP address in the 169.254.0.0/16 network (except
169.254.1.1) to your PC.
Disconnect your PC from a network and let your PC automatically set
an IP address in the 169.254.0.0/16 network. When a PC is
disconnected from a network and no longer connected to a DHCP
server, Windows assigns a random IP address in the 169.254.0.0/16
network to the PC.
Deleting the boot.cfg file and restarting the switch restores the
switch to its default configuration with HTTP service disabled and no
IP address assigned.
To start a web management session when the switch has lost the
factory default settings, you must use the Command Line Interface
(CLI) to assign an IP address and enable HTTP or HTTPS service.
For more information about enabling HTTP or HTTPS service and
assigning an management IP address, see “Starting a Web
Management Session” on page 32.”
To start a web management session using a PC with an IP address in the
169.254.0.0/16 network, perform the following procedure:
1. Connect an RJ-45 plug on a straight-through twisted-pair cable to an
Ethernet port on the switch.
2. Connect the other RJ-45 plug on the straight-through twisted-pair
cable to an Ethernet port on the PC network interface card (NIC).
25
Chapter 2: Starting a Management Session
3. Open a web browser on the PC and enter the following:
http://169.254.1.1
The AT-FS970M Login page is displayed as shown in Figure 1.
Figure 1. Login Page
26
Logging onto the Switch
Once you start the web interface, the AT-FS970M Login page is displayed.
Enter “manager” in the User Name field and “friend” in the Password field
as shown in Figure 2. Then click the Login button.
.
AT-FS970M Series Version 2.3.1.0 Web Interface User’s Guide
Figure 2. Login Page with Entries
The Dashboard page is displayed. See Figure 3 on page 28. The
Dashboard page is the home page of the switch.
27
Chapter 2: Starting a Management Session
Note
Figure 3. Dashboard Page
The following fields are displayed:
Up Time— Length of time since the switch was last reset or power
cycled in days, hours, minutes and seconds.
Up Time is displayed on the top-right corner of the screen.
The System section displays the following information:
MAC Address— MAC address of the switch.
Serial No.— Unique serial number of the switch.
28
AT-FS970M Series Version 2.3.1.0 Web Interface User’s Guide
System Name— Name of the switch. To specify this field, see
“Setting the Switch Information” on page 48.
Version— Software version number of the Management Software.
Contact— Contact person for the switch. To specify this field, see
“Setting the Switch Information” on page 48.
Location—Location of the switch. To specify this field, see “Setting
the Switch Information” on page 48.
The Services section displays the following information:
IPv6 Management— Indicates if IPv6 Management is enabled or
disabled on the switch.
SNMP— SNMP setting of the switch.
HTTP— HTTP setting of the switch.
Telnet— Indicates if Telnet is enabled or disabled on the switch.
SSH— Indicates if SSH is enabled or disabled on the switch.
Remote Logging— Indicates if the remote logging is enabled or
disabled on the switch.
Spanning Tree— Indicates if STP, RSTP, or MSTP is enabled on
the switch. The default setting is “RSTP.”
QoS— Indicates if QoS is enabled or disabled on the switch.
LLDP— Indicates if LLDP is enabled or disabled on the switch.
sFLOW— Indicates if sFlow is enabled or disabled on the switch.
IGMP Snooping— Indicates if IGMP Snooping is enabled or
disabled on the switch.
IGMP Snooping Querier— Indicates if IGMP Snooping Querier is
enabled or disabled on the switch.
802.1x Port Authentication— Indicates if 802.1x Port
Authentication is enabled or disabled on the switch.
RIP— Indicates if RIP is enabled or disabled on the switch.
The Administration Options section displays the following information:
System Upgrade— Select this field to upgrade your system
software. See “Upgrading the Software” on page 58.
Reboot— Select this field to reboot the switch. For instructions,
see “Rebooting a Switch” on page 57.
29
Chapter 2: Starting a Management Session
Note
Note
What to Configure First
Here are a few suggestions on what to configure during your initial
management session on the switch through the web interface. The initial
management session can be performed through the Command Line
Interface (CLI) as well as the web interface. For instructions on how to
start a local management session through the CLI, refer to the AT-
FS970M Series Version 2.3.1.0 Management Software Command Line
Interface User’s Guide.
Changing the
Login Password
Assigning a Name
to the Switch
Changing a
Management IP
Address
To protect the switch from unauthorized access, change the password of
the manager account. For instructions, see “Changing a User Password”
on page 53.
Write down the new password and keep it in a safe and secure
location. If you forget the manager password, you cannot manage
the switch if there are no other management accounts on the unit. In
this case, contact Allied Telesis Technical Support for assistance.
For instructions on how to create additional management accounts, see
“Adding a New User Account” on page 52.
The switch is easier to identify if you assign it a name. The switch’s name
is displayed on the Dashboard page. To change the name of the switch,
see “Setting the Switch Information” on page 48.
A name can be up to 39 alphanumeric characters. Special characters,
except spaces and quotation marks, are allowed.
The switch shipped from the factory has the IP address 169.254.1.1
assigned. You must change the factory default IP address to an address in
your network. To change the IP address, see “Changing an IPv4 Address”
on page 220. Also, remember to change the IP address of your PC.
When you change the management IP address of the switch, you
lose the connection to the switch. After you change the IP address of
your PC, start a management session again by opening a web
browser on the PC and entering the new IP address of the switch.
Here are the requirements:
You can assign one IPv4 address per VLAN.
The switch can have up to 256 IPv4 addresses.
30
AT-FS970M Series Version 2.3.1.0 Web Interface User’s Guide
The management IPv4 address can be any IPv4 address assigned
on the switch.
The switch can have only one IPv6 address.
Your PC must have an IP address that belongs to the network
where the management IP address belongs, or have access to the
network where the management IP address belongs.
Setting System
Time
To set the system time, either manually or with an NTP server, see
“Setting the System Date and Time” on page 40.
31
Chapter 2: Starting a Management Session
Note
Starting a Web Management Session
This section provides how to start a web management session when the
switch does not have the factory default configuration.
To log onto the switch through the web interface, enter the IP address of
the switch on the web browser, such as Windows Internet Explorer, on the
PC or laptop that can access the switch. If the web interface comes up,
you can skip the rest of this section and continue a web management
session. If the web interface does not come up, you must configure the
switch using the Command Line Interface (CLI).
For more information about how to start the Command Line
Interface (CLI), see the AT-FS970M Series Version 2.3.1.0
Management Software Command Line Interface User’s Guide.
There are some cases in which you must configure the switch using the
CLI to start a web management session:
When You Do
Not Know the IP
Address of the
Switch
The switch does not have an IP address assigned, or you do not know
the IP address of the switch.
HTTP service on the switch is disabled.
You want to access the switch in the HTTPS mode.
If the switch has no IP address assigned, or you do not know the IP
address of the switch, perform the following steps:
1. “Logging onto the CLI through the Console Port” on page 33.
2. “Checking for the IP Addresses of the Switch in the CLI” on page 34.
3. If the switch does not have any IP address assigned, “Adding an IP
Address to the Switch in the CLI” on page 34.
4. “Checking the Status of HTTP and HTTPS Services in the CLI” on
page 34.
5. “Enabling HTTP or HTTPS Service in the CLI” on page 35.
6. “Saving your Changes in the CLI” on page 36.
32
AT-FS970M Series Version 2.3.1.0 Web Interface User’s Guide
Note
When the Switch
Does Not Display
the Login Page
When the switch does not display the web interface, even though you
enter the IP address of the switch on the web browser, you must enable
HTTP or HTTPS service on the switch through the CLI by performing the
following steps:
1. “Logging onto the CLI through the Console Port” on page 33.
Or
Log onto the CLI using the Telnet or SSH protocol.
To start a Telnet or SSH management session, see the AT-FS970M
Series Version 2.3.1.0 Management Software Command Line
Interface User’s Guide.
2. “Checking the Status of HTTP and HTTPS Services in the CLI” on
page 34.
3. “Enabling HTTP or HTTPS Service in the CLI” on page 35.
4. “Saving your Changes in the CLI” on page 36.
Logging onto the
CLI through the
Console Port
To log onto the CLI through the console port on the switch, perform the
following procedure:
1. Connect the RJ-45 connector on the management cable to the console
port on the switch.
2. Connect the other end of the cable to an RS-232 port on a terminal or
a PC with a terminal emulator program.
3. Configure the terminal or terminal emulator program as follows:
Baud rate: 9600
Data bits: 8
Parity: None
Stop bits: 1
Flow control: None
4. Press Enter.
You are prompted for a username and password.
5. Enter a username and password. If this is the initial management
session of the switch, enter “manager” as the username and “friend” as
the password. The username and password are case-sensitive.
33
Chapter 2: Starting a Management Session
awplus>
awplus# show ip interface
InterfaceIP-AddressStatusProtocol
vlan1-0192.168.1.3/24admin uprunning
The local management session is started when the AlliedWare Plus™
command line prompt is displayed as shown in Figure 4.
Figure 4. AlliedWare Plus™ Command Line Prompt
Checking for the
IP Addresses of
the Switch in the
CLI
Adding an IP
Address to the
Switch in the CLI
To check for IP addresses assigned to the switch, enter the following
commands:
awplus> enable
awplus# show ip interface
For a display of this command, see Figure 5.
Figure 5. Displaying the IP Address
When the switch does not have an IP address, assign an IP address and
subnet mask to the switch. The following example assigns the IP address
192.168.1.2. and the subnet mask 24 to VLAN 1:
awplus> enable
awplus# configure terminal
awplus(config)# interface vlan1
awplus(config-if)# ip address 192.168.1.2/24
awplus(config-if)#
Checking the
Status of HTTP
To check if HTTP service is enabled, enter the following commands:
awplus> enable
and HTTPS
Services in the
CLI
34
awplus# show ip http
Figure 6 on page 35 shows an example of the command output.
AT-FS970M Series Version 2.3.1.0 Web Interface User’s Guide
Note
awplus# show ip http
HTTP server disabled.
HTTPS server enabled. Port: 443
Certificate 1 is active
Issued by: self-signed
Figure 6. Displaying the Status of HTTP Service
To check whether HTTPS service is enabled, enter the following
commands:
awplus> enable
awplus# show ip https
Figure 7 shows an example of the command output.
Figure 7. Displaying the Status of HTTPS Service
Enabling HTTP
or HTTPS
Service in the
CLI
HTTPS and HTTP services cannot be enabled at the same time. For
example, when HTTP is enabled, HTTPS is disabled.
To enable HTTP service on the switch, enter the following commands:
awplus# configure terminal
awplus(config)# service http
awplus(config)# exit
awplus#
To enable HTTPS, the switch must have a certificate. To configure the
web server in the HTTPS mode, see the “Secure HTTPS Web Browser
Server” chapter in the AT-FS970M Series Version 2.3.1.0 Management
Software Command Line Interface User’s Guide.
35
Chapter 2: Starting a Management Session
Saving your
Changes in the
CLI
Save your changes to the startup configuration file by entering the
following commands:
awplus# copy running-config startup-config
Or
awplus# write
36
Saving Your Changes
The changes you have made are temporarily stored in the running
configuration file. When you reboot the switch, the information in the
running configuration file is lost. To save your changes after you reboot the
switch, do the following:
AT-FS970M Series Version 2.3.1.0 Web Interface User’s Guide
1. Click SAVE
Figure 8 shows the SAVE
Clicking SAVE
.
saves the changes to the startup configuration file.
at the upper right corner of the web page.
Figure 8. System Contact Information Page
37
Chapter 2: Starting a Management Session
Ending a Web Management Session
To end a web management session, select LOGOUT at the top of the web
page. For an example, see the System Contact Information page in Figure
8 on page 37.
38
Chapter 3
Basic Switch Parameters
This chapter describes how to set up basic switch operations. See the
following sections:
“Setting the System Date and Time” on page 40
“Configuring a Telnet or SSH Server” on page 45
“Configuring a Remote Log Server” on page 47
“Setting the Switch Information” on page 48
“Managing the Configuration File” on page 50
“Managing Local User Accounts” on page 52
“Rebooting a Switch” on page 57
“Upgrading the Software” on page 58
“Displaying System Information” on page 61
For additional information about basic port settings, see the following
chapters in the AT-FS970M Series Version 2.3.1.0 Management Software Command Line Interface User’s Guide:
Basic Switch Management
Basic Switch Management Commands
39
Chapter 3: Basic Switch Parameters
Note
Note
Setting the System Date and Time
This procedure explains how to set the switch’s date and time. Setting the
date and time is important if you plan to view the events in the switch’s
event log or on a syslog server. The correct date and time are also
important if the management software sends traps to a management
workstation or if you plan to create a self-signed SSL certificate. Events,
traps, and self-signed certificates should contain the date and time of
when they occurred or, in the case of certificates, when they were created.
There are two ways to set the switch’s date and time. One method is to set
it manually. This method is not recommended because the date and time
are lost if you reboot the switch.
The second method uses the Simple Network Time Protocol (SNTP). The
AlliedWare Plus™ Management Software comes with the client version of
this protocol. You can configure the management software to obtain the
current date and time from a Network Time Protocol (NTP) or SNTP
server located on your network or the Internet.
Configuring an
SNTP or NTP
Server
SNTP is a simplified version of the NTP and uses the same packet
structure as NTP. The SNTP client software in the management software
is interoperable with NTP servers.
In order for the management software on the switch to communicate
with an SNTP or NTP server, there must be an interface on the local
subnet from where the switch is able to reach the server. The switch
uses the IP address of the interface as its source address when
sending packets to the server.
The default system time on the switch is midnight, January 1, 2000.
Choose from the following procedures:
“Configuring an SNTP or NTP Server” on page 40
“Setting System Time Manually” on page 43
To configure SNTP or NTP server, do the following:
1. Hover the cursor over the System tab.
2. From the System tab, select System Settings.
The System Settings Tab is displayed in Figure 9 on page 41.
40
AT-FS970M Series Version 2.3.1.0 Web Interface User’s Guide
Figure 9. System Settings Tab
3. From the System tab, hover over System Settings.
4. Move the cursor to the right and select Time.
The System Time Settings page is displayed. See Figure 10.
Figure 10. System Time Settings Page
5. Select the Network Time Settings tab.
The Network Time Settings page is displayed. See Figure 11 on page
42.
41
Chapter 3: Basic Switch Parameters
Note
Figure 11. System Time Settings Page with Network Time Settings Tab
6. To configure the switch to obtain its date and time from an SNTP or
NTP server on your network or the Internet, specify the following fields:
NTP Status— Select Enabled or Disabled to configure the SNTP
client on the switch. The default is disabled.
Server IP Address— Specify the IPv4 address of an SNTP or
NTP server.
The IPv4 format is: xxx.xxx.xxx.xxx where xxx is a decimal number
from 0 to 255.
If the local interface on the switch is obtaining its IP address and
subnet mask from a DHCP server, you can configure the server to
provide the interface with an IP address of an NTP or SNTP server.
If you configured the server to provide this address, then you do not
need to enter it here.
Time Zone— Select the time zone as a measurement of
Greenwich Mean Time (GMT) which is the default setting. Use the
pull-down menu to select the other time zones.
Daylight Saving— Enable or disable the system’s adjustment for
daylight savings time. The default is disabled.
42
AT-FS970M Series Version 2.3.1.0 Web Interface User’s Guide
Note
The switch does not set daylight saving time (DST) automatically. If
the switch is in a locale that uses DST, you must remember to
enable this in March when DST begins and disable it in October
when DST ends. If the switch is in a locale that does not use DST,
this option should be set to disabled all the time.
7. Click Apply.
If you enabled the SNTP client, the switch immediately polls the SNTP
or SNTP server for the current date and time. (When SNTP is enabled,
the switch automatically polls the server whenever a change is made
to any of the fields on this page.)
Setting System
Time Manually
8. Click SAVE
To set the system time manually, do the following:
1. Hover the cursor over the System tab.
2. From the System tab, hover over System Settings.
The System Settings Tab is displayed in Figure 9 on page 41.
3. Move the cursor to the right and click Time.
The System Time Settings page is displayed. See Figure 10 on page
41.
4. You have two ways to set the date and time in the Date & Time field.
Use either Step 5 or Step 6.
5. Type in the time and date in the following format:
yyyy-dd-mm hh:mm:ss
6. Select the calendar icon next to the Date & Time field.
to save your changes to the startup configuration file.
The Calendar page is displayed. See Figure 12 on page 44.
43
Chapter 3: Basic Switch Parameters
Figure 12. Calendar Page
a. Use the arrows at the top of the Calendar to select the month and
year.
b. Set the time of day using the following format:
hh:mm:ss
c. Click on the day of the month.
7. Click Apply.
8. Click SAVE
to save your changes to the startup configuration file.
44
Configuring a Telnet or SSH Server
The AT-FS970M web browser interface allows you to configure the switch
as a Telnet or SSH server.
You can use the web browser interface to enable a Telnet server, but not
as a Telnet client. The Telnet client is only supported from the Command
Line Interface (CLI). For information about how to use a Telnet client, see
the AT-FS970M Series Version 2.3.1.0 Management Software Command Line Interface User’s Guide.
To enable an SSH server in the web interface, you must first create an
encryption key in the CLI interface. Then you can enable the SSH server in
the web interface.
To enable Telnet or SSH server on the switch, do the following:
1. From the home page, hover the cursor over the System tab.
AT-FS970M Series Version 2.3.1.0 Web Interface User’s Guide
2. From the System tab, hover over System Settings.
The System Settings tab is displayed. See Figure 9 on page 41.
3. Move the cursor to the right and select Services from the drop-down
menu.
The System Services page is displayed. See Figure 13.
Figure 13. System Services Page
4. Specify the following fields as necessary:
Telnet— Check the checkbox to enable the Telnet server on the
switch. To disable the server on the switch, uncheck the checkbox.
SSH— Check the checkbox to enable the SSH server on the
switch. To disable the server on the switch, uncheck the checkbox.
45
Chapter 3: Basic Switch Parameters
Note
Both the Remote Log and Server IP Address fields are used only to
set a remote log server. For information on these fields, see
“Configuring a Remote Log Server” on page 47.
Remote Log— Check the checkbox to enable the switch to send
status and error messages to a remote log server. To disable the
switch to send messages to a remote log server, uncheck the
checkbox.
Server IP Address— Enter the IPv4 address of the remote log
server if you check the Remote Log checkbox above. Enter the IP
address in the IPv4 format: nnn.nnn.nnn.nnn.
5. Click Apply.
6. Click SAVE
to save your changes to the startup configuration file.
46
Configuring a Remote Log Server
You can use the AT-FS970M web browser interface to enable logging to a
remote log server, which is part of the Syslog feature. However, you must
use the CLI to view or clear the event log. For information about the Syslog
features, see the SysLog chapters in the AT-FS970M Series Version
2.3.1.0 Management Software Command Line Interface User’s Guide.
To activate remote logging on the switch, do the following:
1. Hover the cursor over the System tab.
2. From the System tab, hover over System Settings.
The System Settings tab is displayed. See Figure 9 on page 41.
3. Move the cursor to the right and select Services.
The System Services page is displayed. See Figure 13 on page 45.
AT-FS970M Series Version 2.3.1.0 Web Interface User’s Guide
4. Specify the following fields:
Remote Log— Check the checkbox to enable the switch to send
status and error messages to a remote log server. To disable the
switch from sending messages to a remote log server, uncheck the
checkbox.
Server IP Address— Enter the IPv4 address of the remote log
server in the IPv4 format: nnn.nnn.nnn.nnn.
5. Click Apply.
6. Click SAVE
to save your changes to the startup configuration file.
47
Chapter 3: Basic Switch Parameters
Setting the Switch Information
This procedure allows you to set information about the switch, such as a
switch name, contact person, and location. Assigning a name to the switch
helps you identify your switches when you manage them and avoid
performing a configuration procedure on the wrong switch.
To assign a name, contact person, and location to the switch, perform the
following procedure:
1. From the home page, hover the cursor over the System tab.
2. From the System tab, hover over SystemSettings.
The System Setting tab is displayed. See Figure 9 on page 41.
3. Move the cursor to the right and select Contact Information.
The System Contact Information page is displayed. See Figure 14.
48
Figure 14. System Contact Information Page
AT-FS970M Series Version 2.3.1.0 Web Interface User’s Guide
Specify the following fields as necessary:
System Name— Enter a name for the switch, for example, S1 or
Switch2. The name is displayed on the Dashboard page. See
Figure 3 on page 28. The name can be from 1 to 39 characters in
length. Special characters, except spaces and quotation marks,
are allowed. By default, no system name is specified. This field is
optional.
System Contact — Enter the name of a network administrator
responsible for managing the switch. The name can be from 1 to
255 characters; however, only the first 50 characters are displayed
on the Dashboard page. Spaces and special characters, such as
dashes and asterisks are allowed. By default, no system contact is
specified. This field is optional.
System Location— Enter the location of the switch, (for example,
4th Floor - room 402B). The location can be from 1 to 255
characters; however, only the first 50 characters are displayed on
the Dashboard page. Spaces and special characters, such as
dashes and asterisks, are allowed. By default, no system location
is specified. This field is optional.
4. Click Apply.
5. Click SAVE
to save your changes to the startup configuration file.
49
Chapter 3: Basic Switch Parameters
Managing the Configuration File
Within the web browser interface, you can upload a configuration file onto
the switch, download a configuration file from the switch, delete a
configuration file, and save your changes to the current configuration file.
However, to create a new configuration file, you need to access the switch
through the CLI.
See the following procedures:
“Displaying the Configuration Files” on page 50
“Setting the Active Configuration File” on page 51
“Downloading a Configuration File onto Your PC” on page 51
Displaying the
Configuration
Files
To display a list of the configuration files on the switch, do the following:
1. From the Dashboard page, hover the cursor over the System tab.
2. From the System tab drop-down menu, select Configuration Files
from the pull-down menu.
For an example of the Configuration Files page, see Figure 15.
50
Figure 15. Configuration Files Page
The following fields are displayed:
Startup Config— Name of the active boot configuration file, which
for the switch of the example is “boot.cfg.”
File Name— Name of the file.
File Size— File size in bytes.
AT-FS970M Series Version 2.3.1.0 Web Interface User’s Guide
Last Modify— Date the configuration file was last modified. The
format is year, month, date.
Setting the Active
Configuration
File
Downloading a
Configuration
File onto Your
PC
To specify a file as the startup configuration file, do the following:
1. Use the pull-down menu to select a file as the active configuration file.
2. Click Apply.
The file you select is the active configuration file after you reboot the
switch.
To download a configuration file onto your PC, do the following:
1. Hover the cursor over the System tab.
For an example of the System tab, see Figure 9 on page 41.
2. From the System tab drop-down menu, select Configuration Files.
For an example of the Configuration Files page, See Figure 15 on
page 50.
3. Click Download next to the file name that you want to download.
For an example of the File Download popup window, see Figure 16.
Deleting a
Configuration
.
Figure 16. File Download Popup Window
4. Follow the instructions of your web browser to select a location and
save the file.
To delete a configuration file, do the following:
1. Hover the cursor over the System tab.
For an example of the System tab, see Figure 9 on page 41.
2. From the System tab drop-down menu, select Configuration Files.
For an example of the Configuration Files page, See Figure 15 on
page 50.
3. Click Delete next to the file name that you want to download.
The file is deleted.
51
Chapter 3: Basic Switch Parameters
Managing Local User Accounts
The switch comes with one local manager account. The account, which
has the username “manager” and default password “friend,” is referred to
as a local account because it is the switch that authenticates the
username and password when a manager logs on using the account.
This section explains how to create additional local user accounts, how to
change passwords and privileges, and how to delete a manager account.
See the following:
“Adding a New User Account” on page 52
“Changing a User Password” on page 53
“Changing the User Privilege” on page 54
“Deleting a User Account” on page 55
The switch also supports remote manager accounts that are not
authenticated by the switch, but by a RADIUS or TACACS+ server on your
network. For information, see Chapter 17, “RADIUS and TACACS+
Clients” on page 187.
Adding a New
User Account
To add a local user account, do the following:
1. From the home page, hover the cursor over the System tab.
2. From the System tab drop-down menu, select User Management.
For an example of the User Management page, see Figure 17.
52
Figure 17. User Management Page
AT-FS970M Series Version 2.3.1.0 Web Interface User’s Guide
3. Add a new user by doing the following:
User Name— Enter a new logon name for the new account. The
name is case-sensitive and can contain up to 15 alphanumeric
characters. Spaces and special characters are not allowed.
Password— Enter the password for the new account in plain text.
The password can consist of up to 16 alphanumeric characters and
is case-sensitive. Spaces and special characters are not allowed.
Privilege— Select a user privilege level from the pull-down menu.
Choose from the following:
Level 15:Management accounts with a user level of 15 have
unrestricted access to the management software.
This is the default setting.
Level 1:Management accounts with a user level of 1 have
restricted access to the management software.
Accounts with this level are allowed to view the
settings on the switch, but not allowed to change
them.
Changing a User
Password
4. Click Add User
5. Click SAVE
.
to save your changes to the startup configuration file.
To change a user password, do the following:
1. From the home page, hover the cursor over the System tab.
2. From the System tab drop-down menu, select User Management.
The User Management page is displayed. See Figure 17 on page 52.
3. From the User Management page, select the Change Password tab.
The User Management page with the Change Password tab is
displayed. See Figure 18 on page 54.
53
Chapter 3: Basic Switch Parameters
Changing the
User Privilege
Figure 18. User Management Page with Change Password Tab
4. Use the pull-down menu next to the User Name field to select a
username.
The username must already exist.
5. Enter a new password in plaintext in the New Password field.
A password can consist of up to 16 alphanumeric characters and is
case-sensitive. Spaces and special characters are not allowed.
6. Re-enter the new password in the Confirm New Password field.
7. Click Set Password
8. Click SAVE
To change a privilege of a user, do the following:
1. From the home page, hover the cursor over the System tab.
2. From the System tab drop-down menu, select User Management.
to save your changes to the startup configuration file.
.
54
The User Management page is displayed. See Figure 17 on page 52.
3. From the User Management page, select the Change Privilege tab.
The User Management page with the Change Privilege tab is
displayed. See Figure 19 on page 55.
AT-FS970M Series Version 2.3.1.0 Web Interface User’s Guide
Figure 19. User Management Page with Change Privilege Tab
Deleting a User
Account
4. Use the pull-down menu next to the User Name field to select a user.
5. Use the pull-down menu next the New Privilege field to select a user
privilege level. Choose from the following:
Level 15— Management accounts with a user level of 15 have
unrestricted access to the management software.
Level 1— Management accounts with a user level of 1 have
restricted access to the management software. Accounts with this
level are allowed to view the settings on the switch, but not allowed
to change them.
6. Click Set Privilege.
7. Click SAVE
to save your changes to the startup configuration file.
To delete a user account from the switch, do the following:
1. From the home page, hover the cursor over the System tab.
2. From the System tab drop-down menu, select User Management.
The User Management page is displayed. See Figure 17 on page 52.
3. From the User Management page, select the Delete User tab.
The User Management page with the Delete User tab is displayed.
See Figure 20 on page 56.
55
Chapter 3: Basic Switch Parameters
Figure 20. User Management Page with Delete User Tab
4. Use the pull-down menu to select a user.
5. Click Delete User.
6. Click SAVE
to save your changes to the startup configuration file.
56
Rebooting a Switch
Note
Note
AT-FS970M Series Version 2.3.1.0 Web Interface User’s Guide
Resetting the switch ends your web browser management session. To
continue managing the switch, you must log in again.
All unsaved changes are discarded when you reset a switch. To
save your changes to the startup configuration file, click SAVE.
To reboot a switch, perform the following procedure:
1. Hover the cursor over the System Tab.
2. From the System tab drop-down menu, select Dashboard.
The Dashboard Page is displayed. See Figure 3 on page 28.
3. Select Reboot
A confirmation prompt is displayed indicating that the connection to the
web is lost during a reboot.
4. Click OK to reset the switch or Cancel to cancel the procedure.
The switch does not forward packets while it initializes the
management software and loads its active configuration file. This
process takes between 20 seconds to 2 minutes to complete,
depending on the number and types of commands in the
configuration file.
at the bottom of the page.
57
Chapter 3: Basic Switch Parameters
Upgrading the Software
The latest version of the AlliedWare Plus™ Management Software is
available from the Allied Telesis website. You can download the software
image file on your workstation and upload the file onto the switch.
To upgrade the AT-FS970M software, perform the following procedure:
1. Open a new browser and enter the following:
http://www.alliedtelesis.com/support/software
The Allied Telesis Software Download page is displayed.
2. Select your hardware product model from the pull-down menu next to
the Product field. If the model is not listed, click the Log in to access restricted software link, then skip to Step 4.
3. Click the software file that you want to upload to the switch.
The User Login page is displayed. See Figure 21.
58
Figure 21. User Login Page on the Allied Telesis Website
AT-FS970M Series Version 2.3.1.0 Web Interface User’s Guide
Note
Note
4. Enter your email address and password, then click the Sign In button.
If you do not know your password, click the Create Account link and
follow the instructions on the page.
5. Download the software image file to your workstation.
6. Go back to the AT-FS970M web interface and select Dashboard from
the System tab drop-down menu.
The Dashboard Page is displayed. See Figure 3 on page 28.
All unsaved changes are discarded when you upgrade the software
on a switch. To save your changes to the startup configuration file,
click SAVE.
7. Select System Upgrade
at the bottom of the page.
The System Upgrade page is displayed. See Figure 22.
Figure 22. System Upgrade Page
8. Click Browse to select an image file.
9. Click Open to select the file that you downloaded in Step 5.
10. Click Start Upgrade to begin the software upgrade or close the
System Upgrade page to cancel the procedure.
The upgrade process takes approximately three minutes.
59
Chapter 3: Basic Switch Parameters
Note
Upgrading the system software on the switch ends your current web
browser management session. To continue managing the switch,
you must log in again.
60
Displaying System Information
To view basic information about the switch, select the System Tab.
The Dashboard Page is displayed as shown in Figure 3 on page 28.
The following fields are displayed:
Up Time— Length of time since the switch was last reset or power-
cycled in days, hours, minutes and seconds.
The System section displays the following information:
MAC Address— MAC address of the switch.
Contact— Contact person for the switch. To specify this field, see
“Setting the Switch Information” on page 48.
Serial No.— Unique serial number of the switch.
Location— Location of the switch. To specify this field, see
“Setting the Switch Information” on page 48.
AT-FS970M Series Version 2.3.1.0 Web Interface User’s Guide
System Name— Name of the switch. To specify this field, see
“Setting the Switch Information” on page 48.
Version— Version number of the AT-FS970M software.
The Services section displays the following information:
IPv6 Management— Indicates if IPv6 Management is enabled or
disabled on the switch.
Spanning Tree— Indicates if STP, RSTP, or MSTP is enabled on
the switch. The default setting is “RSTP.”
802.1x Port Authentication— Indicates if 802.1x Port
Authentication is enabled or disabled on the switch.
SNMP— SNMP setting of the switch.
QoS— Indicates if QoS is enabled or disabled on the switch.
RIP— RIP setting of the switch
HTTP— HTTP setting of the switch
LLDP— Indicates if LLDP is enabled or disabled on the switch.
Telnet— Indicates if Telnet is enabled or disabled on the switch.
SFLOW— Indicates if sFlow is enabled or disabled on the switch.
SSH— Indicates if SSH is enabled or disabled on the switch.
IGMP Snooping— Indicates if IGMP Snooping is enabled or
disabled on the switch.
Remote Logging— Indicates if the remote log is enabled or
disabled on the switch.
61
Chapter 3: Basic Switch Parameters
IGMP Snooping Querier— Indicates if IGMP Snooping Querier is
enabled or disabled on the switch.
The Administration Options section displays the following information:
System Upgrade— Click this link to go to the System Upgrade
page to upgrade your system software. See “Upgrading the
Software” on page 58.
Reboot— Click this link to reboot the switch. For instructions, see
“Rebooting a Switch” on page 57.
62
Chapter 4
Setting Port Parameters
This chapter describes how to display and modify the port settings such as
back pressure and flow control. In addition, it provides procedures to
display and modify storm control settings.
This chapter contains the following sections:
“Port Numbers on the Switch” on page 64
“Displaying the Port Parameters” on page 65
“Changing the Port Settings” on page 67
“Displaying the Storm Control Settings” on page 71
“Modifying the Storm Control Settings” on page 73
For additional information about the port parameters and the storm control
feature, see the following chapters in the AT-FS970M Series Version
2.3.1.0 Management Software Command Line Interface User’s Guide:
Port Parameters
Port Parameter Commands
63
Chapter 4: Setting Port Parameters
Port Numbers on the Switch
The ports on the switch are identified in the format shown in Figure 23.
Switch ID: This number is used if the switch supports stacking. It is the
switch’s ID number in a stack. This number should always be 1 for
AT-FS970M Series switches because they do not support stacking.
Module Slot ID: This number is used to identify a slot in a modular
switch. This number is always 0 for AT-FS970M Series switches
because they are not modular switches.
Figure 23. Port Number
Port number: This is the port number.
64
Displaying the Port Parameters
To display the settings for all of the switch ports, do the following:
1. Hover the cursor over the Switching tab.
The Switching tab is displayed. See Figure 24.
AT-FS970M Series Version 2.3.1.0 Web Interface User’s Guide
Figure 24. Switching Tab with Port Tab
2. From the Switching tab, hover over Port.
The Port tab expands to the right.
3. From the Port tab, move the cursor to the right and select Port Configuration from the drop-down menu.
The Port Configuration page is displayed. See Figure 25.
Figure 25. Port Configuration Page
4. The following fields are displayed:
Interface— Port ID.
65
Chapter 4: Setting Port Parameters
Type— Transmission speed and medium, copper or fiber optic, of
the port. For example, 1000Base-SX indicates that the port is a
fiber optic gigabit standard.
Status— Indicates if the port is enabled or disabled. The default
setting is “Enabled.” Disabling a port turns off its receiver and
transmitter so that the port cannot forward traffic.
Link— Indicates whether the port has successfully connected to a
port on another switch or unit.
Auto-Neg— Auto-Negotiation. The setting is “Auto” or “Manual.”
The default is “Auto.”
Speed— Speed of the port. The possible options are 10 Mbps,
100 Mbps, and 1000 Mbps.
Duplex— Duplex mode of the twisted-pair port. The setting is
“Half” or “Full.”
Polarity— Indicates the port’s wiring configuration is MDI (medium
dependent interface), MDI-X (medium dependent interface
crossover), or the auto setting. This setting only applies to a
twisted-pair port that is operating at 10 or 100 Mbps.
Back Pressure— Indicates if back pressure is enabled or disabled
on the port. Back pressure is used by a port during periods of
packet congestion to temporarily stop its network counterpart from
transmitting more packets. This prevents a buffer overrun and the
subsequent loss and retransmission of network packets. A port
initiates back pressure by transmitting on the shared link to cause
a data collision, which causes its link partner to cease
transmission. The default setting is “Disabled.”
Back Pressure Limit— Threshold level for back pressure on the
port. Specifies the number of cells for back pressure. The default
value is 7935 cells.
Flow Control— Indicates if flow control (send and receive) is
enabled or disabled on a port. If flow control is enabled, a port
sends pause packets when it reaches the point of packet
congestion. Also, the port stops transmitting packets when it
receives pause packets from its local or remote counterpart. When
flow control is disabled, the port transmits regardless of packet
congestion. In addition, the port continues transmitting packets
when it receives pause packets from its local or remote
counterpart. The default is “Disabled.”
Flow Control Limit— Threshold level for flow control on a port.
The default value is 7935.
66
Description— Description of a port. To specify this field, see
“Changing the Port Settings” on page 67.
Changing the Port Settings
You can change the settings of one port at a time. Use the following
procedure to change the port settings or reset a port to its default value,
To change the port settings, do the following:
1. Hover the cursor over the Switching tab.
The Switching tab is displayed. See Figure 24 on page 65.
2. From the Switching tab, hover over Port.
The Port tab expands to the right.
3. From the Port tab, move the cursor to the right and select Port Configuration.
The Port Configuration page is displayed. See Figure 25 on page 65.
AT-FS970M Series Version 2.3.1.0 Web Interface User’s Guide
4. Click Edit
The Port Configuration Modify page is displayed. See Figure 26 on
page 68.
next to the port that you want to modify.
67
Chapter 4: Setting Port Parameters
Figure 26. Port Configuration Modify Page
5. Specify the following fields as needed:
Interface— Indicates the port ID.
Port Type— Indicates the transmission speed and medium,
copper or fiber, that the port supports.
Port Description— Enter a description of the port. You can enter
up to 80 alphanumeric characters; however, only 30 characters are
displayed in the Port Configuration List page. Spaces and special
characters are allowed.
Status— Select either “Enabled” or “Disabled.” The default setting
is enabled. Disabling a port turns off its receiver and transmitter so
that the port does not forward traffic. You may want to disable a
port if there is a problem with a cable or network device.
Negotiation— Select the state of Auto Negotiation from the pull-
down menu. Setting “Auto” enables Auto Negotiation, and setting
“Manual” disables Auto Negotiation. The default setting is “Auto.”
When the setting for this field is “Auto,” the Configure Speed and
Configure Duplex fields change from white to brown, and you
68
AT-FS970M Series Version 2.3.1.0 Web Interface User’s Guide
Note
cannot select them. To change the Configure Speed and
Configure Duplex fields, change the Negotiation setting to
“Manual.”
When the port type is 1000Base fiber optic, the Negotiation must be
“Auto”, and you are not allowed to change the setting to “Manual.”
Current Speed— Displays the current speed of the port.
Current Duplex Mode— Displays the current duplex mode setting
of the port.
Configure Speed— Select a port speed from the pull-down menu.
For example, for a 10/100Base-T port, the options are 10 and 100.
For a 1000Base-SX/LX port, 1000 is the only option. You can enter
a value in this field when the Negotiation is set to “Manual.”
Configure Duplex Mode— Select the duplex mode of the twisted-
pair port. Choose from Half, Full, or Auto. A port operating in halfduplex mode can either receive or transmit packets, but not both at
the same time. Ports operating in full-duplex can both send and
receive packets, simultaneously.
Polarity— Select the wiring configuration of the twisted-pair port.
When a port is operating at 1000 Mbps, the only option is “AUTO.”
When operating at 10 or 100 Mbps, in either half- or full-duplex
mode, the options are “AUTO,” “MDI,” and “MDI-X.”
To forward traffic, a port on the switch and a port on a network
device must have different settings. For instance, the wiring
configuration of a switch port has to be MDI if the wiring
configuration on a port on a network device is MDIX.
To set the polarity to either “MDI” or “MDI-X” on a port, the
Negotiation setting must be “Manual.” A port with the AutoNegotiation must set the polarity to “AUTO.”
Back Pressure Status— Enable or disable back pressure on a
port that is operating at 10 or 100 Mbps in half-duplex mode. Back
pressure is used by a port during periods of packet congestion to
temporarily stop their network counterparts from transmitting more
packets. This prevents a buffer overrun and the subsequent loss
and retransmission of network packets. A port initiates back
pressure by transmitting on the shared link to cause a data
collision, which causes its link partner to cease transmission.
To enable or disable back pressure on a port, the speed and
duplex mode must be specified manually.
Back Pressure Limit (1 - 7935)— Enter a threshold level for back
pressure on the port. Enter the number of cells for back pressure.
69
Chapter 4: Setting Port Parameters
A cell represents 128 bytes. The range is 1 to 7935 cells. The
default value is 7935 cells.
Flow Control Status— Enable or disable the flow control feature.
By default, flow control is disabled on the port.
Flow Control Limit (1 - 7935)— Set the threshold level for flow
control on the port. Enter the number of cells for flow control. A cell
represents 128 bytes. The range is 1 to 7935 cells. The default
value is 7935 cells.
6. To set the port to the default port value, click Default. Otherwise skip
this step.
7. Click Apply.
8. Click SAVE
to save your changes to the startup configuration file.
70
Displaying the Storm Control Settings
To display the storm control settings, do the following:
1. Hover the cursor over the Switching tab.
The Switching tab is displayed. See Figure 24 on page 65.
2. From the Switching tab, hover over Port.
The Port tab expands to the right.
3. From the Port tab, move the cursor to the right and select Storm Control.
The Storm Control List page is displayed. See Figure 27.
AT-FS970M Series Version 2.3.1.0 Web Interface User’s Guide
Figure 27. Storm Control List Page
The following fields are displayed:
Interface— Port ID.
Broadcast— Indicates whether the Broadcast threshold setting is
enabled or disabled.
Broadcast Level— Maximum number of ingress packets per
second of broadcast packets the port receives. Broadcast packets
that exceed the threshold are discarded by the port. The range is 0
to 33,554,431 packets. The default is 33,554,431 packets.
Multicast— Indicates whether the Multicast threshold setting is
enabled or disabled.
Multicast Level— Indicates the maximum number of ingress
packets per second of multicast packets the port receives.
71
Chapter 4: Setting Port Parameters
Multicast packets that exceed the threshold are discarded by the
port. The range is 0 to 33,554,431 packets. The default is
33,554,431 packets.
Dlf— Indicates whether the unknown unicast threshold setting is
enabled or disabled.
Dlf Level— Maximum number of ingress packets per second of
unknown unicast packets the port receives. Unknown unicast
packets that exceed the threshold are discarded by the port. The
range is 0 to 33,554,431 packets. The default is 33,554,431
packets.
72
Modifying the Storm Control Settings
To modify the storm control settings, do the following:
1. Hover the cursor over the Switching tab.
The Switching tab is displayed. See Figure 24 on page 65.
2. From the Switching tab, hover over Port.
The Port tab expands to the right.
3. From the Port tab, move the cursor to the right and select Storm Control.
The Storm Control List page is displayed. See Figure 25 on page 65.
AT-FS970M Series Version 2.3.1.0 Web Interface User’s Guide
4. Click Edit
The Storm Control Settings page is displayed. See Figure 28.
on the port that you want to modify.
Figure 28. Storm Control Settings Page
73
Chapter 4: Setting Port Parameters
5. Change the following fields as needed:
Broadcast— Enable or disable the broadcast storm control
feature. When this feature is enabled, the port discards ingress
broadcast packets that exceed the specified level. This feature is
disabled by default.
Enter the Level— Enter the maximum number of ingress packets
per second of broadcast packets the port receives. Broadcast
packets that exceed this level are discarded when the feature is
enabled. The range is 0 to 33,554,431 packets. The default is
33,554,431 packets.
Multicast— Enable or disable the multicast storm control feature.
When this feature is enabled, the port discards ingress multicast
packets that exceed the specified level. This feature is disabled by
default.
Enter the Level— Enter the maximum number of ingress packets
per second of multicast packets the port receives. Multicast
packets that exceed this level are discarded when this feature is
enabled. The range is 0 to 33,554,431 packets. The default is
33,554,431 packets.
DLF— Enable or disable the unknown unicast storm control
feature. When this feature is enabled, the port discards ingress
unknown packets that exceed the specified level.This feature is
disabled by default.
Enter the Level— Enter the maximum number of ingress packets
per second of unknown unicast packets the port receives.
Unknown unicast packets that exceed this level are discarded
when this feature is enabled. The range is 0 to 33,554,431
packets. The default is 33,554,431 packets.
6. Click Apply.
7. Click SAVE
to save your changes to the startup configuration file.
74
Chapter 5
Setting Port Statistics
This chapter describes how to display and clear port statistics. Within the
AlliedWare Plus™ software, you can display and clear transmit, receive,
and interface port statistics.
This chapter contains the following topics:
“Displaying Port Statistics” on page 76
“Clearing Port Statistics” on page 82
“Reloading Statistics” on page 83
For additional information about port statistics, see the following chapters
in the AT-FS970M Series Version 2.3.1.0 Management Software Command Line Interface User’s Guide:
Port Parameters
Port Parameter Commands
75
Chapter 5: Setting Port Statistics
Displaying Port Statistics
You can display several types of port statistics. See the following sections:
“Displaying Transmit and Receive Port Statistics” on page 76
“Displaying Receive Statistics” on page 77
“Displaying Transmit Statistics” on page 79
“Displaying Interface Statistics” on page 80
Displaying
Transmit and
Receive Port
Statistics
To display the transmit and receive statistics for all of the switch ports, do
the following:
1. Hover the cursor over the Switching tab.
The Switching tab is displayed. See Figure 24 on page 65.
2. From the Switching tab, hover over Port.
3. Move the cursor to the right and select Statistics.
The Port Statistics page is displayed with the Tx + Rx tab automatically
selected. See Figure 29.
76
Figure 29. Port Statistics Page with Tx + Rx Tab
AT-FS970M Series Version 2.3.1.0 Web Interface User’s Guide
The following fields are displayed:
Interface— Port ID.
0-64 Byte Frames— Number of frames transmitted by the port that
contains 0 to 64 bytes.
65-127 Byte Frames— Number of frames transmitted by the port
that contains 65 to 127 bytes.
128-255 Byte Frames— Number of frames transmitted by the port
that contains 128 to 255 bytes.
256-511 Byte Frames— Number of frames transmitted by the port
that contains 256 to 511 bytes.
512-1023 Byte Frames— Number of frames transmitted by the
port that contains 512 to 1023 bytes.
1024-1518 Byte Frames— Number of frames transmitted by the
port that contains 1024 to 1518 bytes.
1519-1522 Byte Frames— Number of frames transmitted by the
port that contains 1519 to 1522 bytes.
Displaying
Receive Statistics
To display the statistics on the Receive Statistics tab, do the following:
1. Hover the cursor over the Switching tab.
The Switching tab is displayed. See Figure 24 on page 65.
2. From the Switching tab, hover over Port.
3. Move the cursor to the right and select Statistics.
The Port Statistics page with the Tx + Rx tab selected is displayed.
See Figure 29 on page 76.
4. Click on the Receive Tab.
The Port Statistics with the Receive tab selected is displayed. See
Figure 30 on page 78.
77
Chapter 5: Setting Port Statistics
Note
Figure 30. Port Statistics with the Receive Tab
The following fields are displayed:
Interface— Port ID.
Total Bytes— Number of received bytes.
Total Frames— Number of received frames.
Total Error Frames— Total number of received frames with
errors.
Multicast Frames— Number of received multicast frames.
Broadcast Frames— Number of received broadcast frames.
CRC Error Frames— Number of frames with a cyclic redundancy
check (CRC) error, but with the proper length (64 -1518 bytes)
received by the port.
FCS Error Frames— Number of ingress frames that had frame
check sequence (FCS) errors.
Pause Frames— Number of received flow-control pause frames.
Oversized Frames— Number of received frames that exceeded
the maximum size as specified by IEEE 802.3 (1518 bytes,
including the CRC).
Fragmented Frames— Number of received fragmented frames.
Jabber Frames— Number of occurrences of corrupted data or
useless signals the port has encountered.
The following fields are not displayed in Figure 30.
78
AT-FS970M Series Version 2.3.1.0 Web Interface User’s Guide
Undersize Frames— Number of received frames that were less
than the minimum length as specified by IEEE 802.3 (64 bytes,
including the CRC).
Dropped Frames— Number of frames successfully received and
buffered by the port, but discarded and not forwarded.
MTU Exceed Discarded Frames— Number of received frames
with an MTU that exceeds the MTU of the switch. These frames
are discarded.
MAC Error Frames— Number of Receive Error events seen by
the receive side of the MAC.
Displaying
Transmit
Statistics
To display the statistics on the Transmit Statistics tab, do the following:
1. Hover the cursor over the Switching tab.
The Switching tab is displayed. See Figure 24 on page 65.
2. From the Switching tab, hover over Port.
3. Move the cursor to the right and select Statistics.
The Port Statistics page with the Tx + Rx tab selected is displayed.
See Figure 29 on page 76.
4. Click the Transmit tab.
The Port Statistics with the Transmit tab selected is displayed. See
Figure 31.
Figure 31. Port Statistics with the Transmit Tab
The following fields are displayed:
Interface— Port ID.
Total Bytes— Number of transmitted bytes.
79
Chapter 5: Setting Port Statistics
Total Frames— Number of transmitted frames.
Total Error Frames— Number of transmitted frames with errors.
Multicast Frames— Number of transmitted multicast frames.
Broadcast Frames— Number of transmitted broadcast frames.
Pause Frames Sent— Number of transmitted flow-control pause
frames.
Deferred— Number of egress frames that the port could not
immediately transmit.
Single Collision— Number of frames that were transmitted after
at least one collision.
Multi Collision— Number of frames that were transmitted after
more than one collision.
Late Collision— Number of late collisions.
Excessive Collision— Number of excessive collisions.
Total Collision Frames— Total number of collisions on the port.
MAC Error Frames— Number of frames not transmitted correctly
or dropped due to an internal MAC transmit error.
Displaying
Interface
Statistics
To display the interface statistics, do the following:
1. Hover the cursor over the Switching tab.
The Switching tab is displayed. See Figure 24 on page 65.
2. From the Switching tab, hover over Port.
3. Move the cursor to the right and select Statistics.
The Port Statistics page with the Tx + Rx tab selected is displayed.
See Figure 29 on page 76.
4. Click the Interface tab.
The Port Statistics Page with the Interface tab selected is displayed.
See Figure 32 on page 81.
80
AT-FS970M Series Version 2.3.1.0 Web Interface User’s Guide
Figure 32. Port Statistics Page with Interface Tab
The following fields are displayed:
Interface— Port ID.
Rx Unicast Packets— Number of ingress unicast packets.
Rx Discard Packets— Number of ingress packets that were
discarded prior to transmission because of an error.
Rx IP Header Error Packets— Number of ingress packets that
were discarded because of an IP Header error.
Tx Unicast Packets— Number of egress unicast packets.
Tx Discard Packets— Number of egress packets that were
discarded prior to transmission because of an error.
Tx Error Packets— Number of egress error packets.
81
Chapter 5: Setting Port Statistics
Clearing Port Statistics
To clear the statistics for a port, do the following:
1. Hover the cursor over the Switching tab.
The Switching tab is displayed. See Figure 24 on page 65.
2. From the Switching tab, hover over Port.
3. Move the cursor to the right and select Statistics.
The Port Statistics Page with Tx + Rx tab selected is displayed. See
Figure 29 on page 76.
4. Select the desired Port Statistics tab. Choose from the following:
Tx+Rx— Transmit and receive statistics.
Receive— Receive statistics.
Transmit— Transmit statistics.
Interface— Interface statistics.
5. Click Clear
on the port that you want to clear.
82
Reloading Statistics
Port statistics are constantly counting, and the values are changing so that
the data displayed in the Port Statistics pages are not the most recent. To
display the latest data possible, click on the Reload Page button on a Port
Statistics page.
Figure 33 shows the Reload Page button on the Port Statistics page as an
example.
AT-FS970M Series Version 2.3.1.0 Web Interface User’s Guide
Figure 33. Port Statistics Page with the Reload Page Button
83
Chapter 5: Setting Port Statistics
84
Chapter 6
Port Mirroring
The port mirror is a management tool that allows you to monitor the traffic
on one or more ports on the switch. It works by copying the traffic from
source ports to a destination port where the traffic can be monitored with a
network analyzer. The port mirror can be used to troubleshoot network
problems or to investigate possible unauthorized network access. The
performance and speed of the switch is not affected by the port mirroring
feature.
This chapter provides a brief description of the port mirroring feature and
explains how to display and set port mirroring. See the following sections:
“Overview” on page 86
“Displaying Port Mirroring Settings” on page 87
“Assigning a Destination Port” on page 88
“Specifying Direction Type” on page 89
“Deleting Port Mirroring Settings” on page 91
For more information about port mirroring, see the following chapters in the
AT-FS970M Series Version 2.3.1.0 Management Software Command Line
Interface User’s Guide:
Port Mirror
Port Mirror Commands
Chapter 6: Port Mirroring
Overview
To use the port mirroring feature, you must designate one or more source
ports and one destination port. The source ports are the ports whose
packets are mirrored and monitored. The destination port is the port where
the packets from the source ports are copied and where the network
analyzer is connected. There can be only one destination port on the
switch.
Here are guidelines for setting the port mirroring feature:
Port mirroring can have one destination port.
Port mirroring can have more than one source port. This allows you to
monitor the traffic on multiple ports at the same time. For example, you
might monitor the traffic on all the ports of a particular VLAN.
You can select whether to mirror the receive traffic, the transmit traffic,
or both, on the source ports.
The destination port must not be a member of a static port trunk or an
LACP trunk.
86
Displaying Port Mirroring Settings
To display the port mirroring assignments for all of the switch ports, do the
following:
1. Hover the cursor over the Switching tab.
The Switching tab is displayed. See Figure 24 on page 65.
2. From the Switching tab, hover over Port.
The Port tab is displayed.
3. From the Port tab, move the cursor to the right and select Mirroring.
The Port Mirroring List page is displayed. See Figure 34.
AT-FS970M Series Version 2.3.1.0 Web Interface User’s Guide
Figure 34. Port Mirroring List Page
The following fields are displayed:
Destination Port— Use the pull-down menu to select the port
where the packets from the source ports are copied and where the
network analyzer is connected. You can assign only one
destination port to the switch.
Interface— Port ID.
Mirror Transmit— Source port whose transmitted (egress)
packets are mirrored and monitored. In this case, transmit is the
specified direction in which the packets are mirrored. There can be
multiple source ports on the switch.
Mirror Receive— Source port whose received (ingress) packets
are mirrored and monitored. In this case, receive is the specified
direction in which the packets are mirrored. There can be multiple
source ports on the switch.
87
Chapter 6: Port Mirroring
Assigning a Destination Port
The destination port is the source port where the packets are copied. You
can only assign one destination port to the switch.
To assign a destination port, do the following:
1. Hover the cursor over the Switching tab.
The Switching tab is displayed. See Figure 24 on page 65.
2. From the Switching tab, hover over Port.
The Port tab is displayed.
3. From the Port tab, move the cursor to the right and select Mirroring
from the drop-down menu.
The Port Mirroring List page is displayed. See Figure 34 on page 87.
4. Select the pull-down menu next to the Destination Port field at the top
of the page.
5. Click on the port that you want to designate as the destination port.
You can only assign one destination port to a switch.
6. Click Apply.
The Edit option is removed from the port. This indicates the
destination port for the switch.
7. Click SAVE
to save your changes to the startup configuration file.
88
Specifying Direction Type
To specify source ports and type of packet direction, do the following:
1. Hover the cursor over the Switching tab.
The Switching tab is displayed. See Figure 24 on page 65.
2. From the Switching tab, hover over Port.
The Port tab is displayed.
3. From the Port tab, move the cursor to the right and select Mirroring
from the drop-down menu.
The Port Mirroring List page is displayed. See Figure 34 on page 87.
AT-FS970M Series Version 2.3.1.0 Web Interface User’s Guide
4. Click Edit
next to the port that you want to specify as a source port for
mirroring.
The Modify Port Mirroring Page is displayed. See Figure 35.
Figure 35. Modify Port Mirroring Page
5. Select the type of mirroring for the port. The options are:
Transmit— Egress traffic on this port to be copied to the
destination port.
Receive— Ingress traffic on this port to be copied to the
destination port.
Both— Both the egress and ingress traffic on this port to be copied
to the destination port.
By default, there is no port assigned to port mirroring.
89
Chapter 6: Port Mirroring
6. Click Apply.
7. Click SAVE
to save your changes to the startup configuration file.
90
Deleting Port Mirroring Settings
To delete the existing port mirroring settings, assign the port to “None” by
doing the following:
1. Display the port mirroring assignments. See “Displaying Port Mirroring
Settings” on page 87.
The Port Mirroring List page is displayed. See Figure 34 on page 87.
2. Select the pull-down menu next to the Destination Port field at the top
of the page.
3. Click on “None.”
4. Click Apply.
AT-FS970M Series Version 2.3.1.0 Web Interface User’s Guide
5. Click SAVE
to save your changes to the startup configuration file.
91
Chapter 6: Port Mirroring
92
Chapter 7
Note
Spanning Tree Protocol on a Port
The Spanning Tree Protocol (STP) and Rapid Spanning Tree Protocol
(RSTP) guard against the formation of loops in an Ethernet network
topology. A topology has a loop when two or more nodes can transmit
packets to each other over more than one data path. Packets can become
caught in repeating cycles, referred to as broadcast storms, that
needlessly consume network bandwidth and that can significantly reduce
network performance.
This chapter provides a brief description of the spanning tree protocols and
explains how to set spanning tree on a port. See the following sections:
“Overview” on page 94
“Displaying Port Spanning Tree Protocol Settings” on page 95
“Modifying Port Spanning Tree Protocol Settings” on page 97
For information about how to set a spanning tree protocol for the
switch, see Chapter 12, “Spanning Tree Protocols on the Switch” on
page 143.
For more information about the spanning tree protocols, see the following
chapters in the AT-FS970M Series Version 2.3.1.0 Management Software Command Line Interface User’s Guide:
Spanning Tree and Rapid Spanning Tree Protocols
Spanning Tree Protocol (STP)
STP Commands
Rapid Spanning Tree Protocol (RSTP)
RSTP Commands
93
Chapter 7: Spanning Tree Protocol on a Port
Overview
STP and RSTP prevent loops from forming by ensuring that only one path
is available at a time between the switches in your network. Where
multiple paths exist, these spanning tree protocols place the extra paths in
a standby or blocking mode. In addition, these protocols can activate
redundant paths if primary paths go down. These protocols guard against
multiple links between segments and the risk of broadcast storms as well
as maintain network connectivity by activating backup redundant paths.
One of the primary differences between the STP and RTP protocols is in
the time each takes to complete the process referred to as convergence.
When a change is made to the network topology, such as the addition of a
new bridge, a spanning tree protocol determines whether there are
redundant paths that must be blocked to prevent data loops, or activated
to maintain communications between the various network segments. This
is the process of convergence.
With STP, convergence can take up to a minute to complete in a large
network. This can result in the loss of communication between various
parts of the network during the convergence process, and the subsequent
lost of data packets. RSTP is much faster than STP. It can complete a
convergence in seconds, and so greatly diminish the possible impact the
process can have on your network.
Only one spanning tree can be active on the switch at a time. The default
setting is RSTP.
94
AT-FS970M Series Version 2.3.1.0 Web Interface User’s Guide
Displaying Port Spanning Tree Protocol Settings
To display the Spanning Tree Protocol settings for all of the switch ports,
do the following:
1. Hover the cursor over the Switching tab.
The Switching tab is displayed. See Figure 24 on page 65.
2. From the Switching tab, hover over Port.
3. Move the cursor to the right and select Spanning Tree.
The Port Spanning Tree Settings page is displayed. See Figure 36.
Figure 36. Port Spanning Tree Settings Page
The following fields are displayed:
Interface— Port ID.
Configured Path Cost— Cost of a port to the root bridge. This
cost is combined with the costs of the other ports in the path to the
root bridge to determine the total path cost. The lower the numeric
value, the higher the priority of the path. The range is 1 to
200,000,000.
Priority— Port priority number for the switch. The device with the
lowest priority number in the spanning tree domain becomes the
root bridge. If two or more devices have the same priority value,
the device with the numerically lowest MAC address becomes the
root bridge.
95
Chapter 7: Spanning Tree Protocol on a Port
Version— Spanning Tree Protocol version: STP, RSTP, or MSTP.
The default setting is RSTP.
Portfast— Indicates if the port is designated as an edge port. If a
port on the switch is not connected to a switch or a network that is
running the spanning tree protocol, you can designate it as an
edge port. A port that is designated as an edge port transitions
from the blocking to forwarding state immediately to minimize the
time that the port must wait for spanning tree to converge.
If an edge port starts to receive BPDUs, the spanning tree protocol
no longer considers the port as an edge port.
Link Type— Indicates one of the following:
Shared: The shared link type disables rapid transition of the
port to the forwarding state during the convergence process.
You may want to set Link Type to Shared when the port is
connected to a hub with multiple switches connected to it.
PTP: The point-to-point link type allows for rapid transition of
the port to the forwarding state during the convergence
process.
AUTO: The switch automatically determines the link type of the
port.
Loop Guard— Indicates the BPDU loop-guard feature on the port
is enabled (Yes) or disabled (No). If a port that has this feature
activated stops receiving BPDU packets, the switch automatically
disables it. A port that has been disabled by the feature remains in
that state until it begins to receive BPDU packets again or the
switch is reset.
This feature is supported in RSTP and not supported on edge
ports. The default setting for BPDU loop-guard on a port is
disabled.
Root Guard— Indicates if the Root Guard feature is enabled or
disabled.
96
AT-FS970M Series Version 2.3.1.0 Web Interface User’s Guide
Modifying Port Spanning Tree Protocol Settings
To modify port settings for Spanning Tree Protocol, do the following:
1. Hover the cursor over the Switching tab.
The Switching tab is displayed. See Figure 24 on page 65.
2. From the Switching tab, hover over Port.
3. Move the cursor to the right and select Spanning Tree.
The Port Spanning Tree page is displayed. See Figure 36 on page 95.
4. Click Edit
on the port that you want to change.
The Modify Port Spanning Tree Settings page is displayed. See
Figure 37.
Figure 37. Modify Port Spanning Tree Settings Page
5. Change the following settings as needed:
Interface— Indicates the port ID.
97
Chapter 7: Spanning Tree Protocol on a Port
Version— Indicates the Spanning Tree Protocol version. The
default setting is RSTP.
Configured Path Cost— Enter the cost of the port to the root
bridge. This cost is combined with the costs of the other ports in
the path to the root bridge to determine the total path cost. The
lower the numeric value, the higher the priority of the path. The
range is 1 to 200,000,000. The default value is 0.
Priority (0-15)— Enter the priority value of the port. You can
influence which port is elected for a specific port role.
For example, when the switch has the two ports with the same
path cost, and the path cost is the lowest on the switch, it uses the
port priority value to determine which port is the root port.
If both priority values of these two ports are the same, the switch
elects a port with the lower port ID.
The range of the priority value is 0 to 240, in increments of 16, for a
total of 16 increments. See Table 1. Specify the increment of the
desired value. The default port priority is 128 (increment 8).
Table 1. STP Port Priority Value Increments
Increment
Port
Priority
Increment
Port
Priority
008128
1169144
23210160
34811176
46412192
58013208
69614224
711215240
PortFast— Select “Enabled” to assign the port as an edge port, or
“Disabled” to assign the port as an non-edge port. Assign the port
as an edge port if the port is not connected to spanning tree
devices or to LANs that have spanning tree devices. An edge port
transitions from the blocking to forwarding state immediately so
that the host connected to the edge port can connect to the
network immediately, rather than waiting for spanning tree to
converge.
98
When an edge port starts to receive BPDUs, the switch no longer
considers the port as an edge port.
AT-FS970M Series Version 2.3.1.0 Web Interface User’s Guide
Link Type— Choose from the following settings:
AUTO: The switch determines the link type of the port is either
PTP or Shared. If a port is set to full-duplex mode, the link type
is point-to-point. If a port is set to half-duplex mode, the link
type is shared.
PTP: Allows the port rapid transition to the forwarding state
during the convergence process of the spanning tree domain.
Shared: Disables rapid transition. You may want to set the link
type to shared if the port is connected to a hub with multiple
switches connected to it.
Loop Guard— Enable or disable the BPDU loop-guard feature on
the port. If a port with the loop guard activated stops receiving
BPDU packets, the switch automatically shut down the port. A port
that is disabled by the feature remains in that state until it begins to
receive BPDU packets again or the switch is reset. The default
setting for BPDU loop-guard on the ports is disabled.
Root Guard— Enable or disable the Root Guard feature.
6. Click Apply.
7. Click SAVE
to save your changes to the startup configuration file.
99
Chapter 7: Spanning Tree Protocol on a Port
100
Loading...
+ hidden pages
You need points to download manuals.
1 point = 1 manual.
You can buy points or you can get point for every manual you upload.