M
M
M
E
E
E
G
G
G
8
8
8
2
2
2
1
1
1
A
A
A
E
E
E
MANUAL
Manual of VDSL2 Solution
http://www.black-box.eu
1
Safety Warnings
For your safety, be sure to read and follow all warning notices and instructions before device use.
DO NOT open the device or unit. Opening or removing covers can expose you to dangerous high voltage points or other
risks. ONLY qualified service personnel can service the device. Please contact your vendor for further information.
Use ONLY the dedicated power supply for your device. Connect the power cord to the right supply voltage (110V AC in
North America or 230V AC in Europe).
DO NOT use the device if the power supply is damaged as it might cause electrocution. If the power supply is damaged,
remove it from the power outlet. DO NOT attempt to repair the power supply. Contact your local vendor to order a new power
supply.
Place connecting cables carefully so that no one will step on them or stumble over them. DO NOT allow anything to rest on
the power cord and do NOT locate the product where anyone can work on the power cord.
DO NOT install nor use your device during a thunderstorm. There may be a remote risk of electric shock from lightning.
DO NOT expose your device to dampness, dust or corrosive liquids.
DO NOT use this product near water, for example, in a wet basement or near a swimming pool.
Connect ONLY suitable accessories to the device.
Make sure to connect the cables to the correct ports.
DO NOT obstruct the device ventilation slots, as insufficient airflow may harm your device.
DO NOT store things on the device.
DO NOT use the device outside, and make sure all the connections are indoors. There may be a remote risk of electric
shock from lightning.
Be careful when unplugging the power, because the transformer may be very hot.
Keep the device and all its parts and accessories out of children’s reach.
Clean the device using a soft and dry cloth rather than liquid or atomizers. Power off the equipment before cleansing it.
This product is recyclable. Dispose of it properly.
Manual of VDSL2 Solution
http://www.black-box.eu
2
VDSL2 Brief
VDSL2 (Very-High-Bit-Rate Digital Subscriber Line 2, ITU-T G.993.2 Standard) is an access technology that exploits the existing
infrastructure of copper wires that were originally deployed for POTS services. It can be deployed from central offices, from fibre-fed
cabinets located near the customer premises, or within buildings.
ITU-T G.993.2 VDSL2 is the newest and most advanced standard of DSL broadband wireline communications. Designed to support
the wide deployment of Triple Play services such as voice, video, data, high definition television (HDTV) and interactive gaming,
VDSL2 enables operators and carriers to gradually, flexibly, and cost efficiently upgrade existing xDSL-infrastructure.
ITU-T G.993.2 (VDSL2) is an enhancement to G.993.1 VDSL that permits the transmission of asymmetric and symmetric
(Full-Duplex) aggregate data rates up to 200 Mbit/s on twisted pairs using a bandwidth up to 30 MHz.
VDSL2 deteriorates quickly from a theoretical maximum of 200 Mbit/s at 'source' to symmetric 100 Mbit/s at 0.3 km and 50 Mbit/s at
1 km, but degrades at a much slower rate from there, and still outperforms VDSL. Starting from 1,6 km its performance is equal to
ADSL2+.
ADSL-like long reach (LR) performance: ADSL-like long reach performance is one of the key advantages of VDSL2. LR-VDSL2
enabled systems are capable of supporting speeds of around 1-4 Mbit/s (downstream) over distances of 2.5 km, gradually
increasing the bit rate up to symmetric 100Mbit/s as loop-length shortens. This means that VDSL2-based systems, unlike VDSL1
systems, are not limited to short loops or MTU/MDUs only, but can also be used for medium range applications.
MEG821AE
The MEG821AE utilize Lantiq(Infineon) Vinax VDSL2 Chipset, which is a MEG821AE that aggregates 8 ports into Giga Ethernet
uplinks for high-speed data/Internet services.
Based on DMT VDSL2 technologies, MEG821AE extends data service with line rate of solution for services such as remote lecturing,
Manual of VDSL2 Solution
http://www.black-box.eu
3
telemedicine, video conferencing, Video-on-Demand (VoD), IP-TV, Internet access and other various high-speed data applications.
When the number of subscribers increases, the second uplink Giga Ethernet interface can be used to daisy chain to another
MEG821AE. Alternatively, multiple MEG821AE can be connected to another LAN switch to from a two-tier configuration, thus
supporting a lot more subscribers. The MEG821AE is an ideal solution for delivering cost-effective, high-performance broadband
/multimedia services to Multi-Tenant Units (MTUs) or Multi-Dwelling Units (MDUs) such as hotels, campus, hospitals and telecom.
The MEG821AE provides the important features necessary for robust networks.
Key features and benefits :
Jumbo packet up to 9k byte: In computer networking, jumbo frames are Ethernet frames with more than 1500 bytes of
payload. Conventionally, jumbo frames can carry up to 9000 bytes of payload, but variations exist and some care must be
taken when using the term.
The original 1500-byte payload size for Ethernet frames was used because of the high error rates and low speed of
communications. Thus, if one receives a corrupted packet, only 1500 bytes (plus 18 bytes for the frame header and other
overhead) must be re-sent to correct the error. However, each frame requires that the network hardware and software
process it. If the frame size is increased, the same amount of data can be transferred with less effort. This reduces CPU
utilization (mostly due to interrupt reduction) and increases throughput by allowing the system to concentrate on the data in
the frames.
IEEE 802.1q Q-in-Q VLAN for performance & security: The VLAN feature in the switch offers the benefits of both security
and performance. VLAN is used to isolate traffic between different users and thus provides better security. Limiting the
broadcast traffic to within the same VLAN broadcast domain also enhances performance. VLAN support enabling advanced
techniques such as 802.1Q-in-1Q to be deployed.
And support GVRP up to 4k V-Lan groups.
Manual of VDSL2 Solution
http://www.black-box.eu
4
IEEE 802.1x: Port base network access control, this function for wireless users connecting Authentication.
Spanning tree: Support IEEE 802.1d STP/IEEE 802.1w RSTP/IEEE-802.1s MSTP. For mission critical environments with
multiple switches supporting STP, you can configure the switches with a redundant backup bridge path, so transmission and
reception of packets can be guaranteed in event of any fail-over switch on the network.
IEEEE 802.1p QoS(COS) with Four Priority Queues:
The QoS(Quality Of Service) feature provides four internal queues to support four different classifications of
traffic. High priority packet streams experience less delay inside the switch, which supports lower latency for
certain delay-sensitive traffic. The MEG821AE can classify the packet as one of the 8-level priority to 4 –level
queue mapping. I.e. Highest, SecHigh, Lowest, SecLow.
Differentiated Services or DiffServ: is a computer networking architecture that specifies a simple, scalable and
coarse-grained mechanism for classifying, managing network traffic and providing Quality of Service (QoS) on
modern IP networks. DiffServ can, for example, be used to provide low-latency to critical network traffic such as
voice or streaming media while providing simple best-effort service to non-critical services such as web traffic or
file transfers.
DiffServ uses the 6-bit Differentiated Services Code Point (DSCP) field in the IP header for packet
classification purposes. DSCP replaces the outdated Type of Service field.
IGMP Snooping : Snooping by 256 IP multicast table for VOD (Video on demand) and Video conference and Internet games
application.
Manual of VDSL2 Solution
http://www.black-box.eu
5
HTTPS (SSL) Web Access: Hypertext Transfer Protocol Secure (HTTPS) is a combination of the Hypertext Transfer
Protocol with the SSL protocol to provide encrypted communication and secure identification of a network web
server. HTTPS connections are often used for payment transactions on the World Wide Web and for sensitive
transactions in corporate information systems.
SNMP MIB Support: SNMP v1/v2c/v3 management and trap function
Support MIB tables: MIB-II (RFC 1213), Bridge MIBs (RFC 1493), Ethernet-like MIB (RFC 1643 & RFC 2665), private-MIB,
USM-MIB (RFC 2574), VACM-MIB (RFC 2575) and RMON-MIB 1, 2, 3, 9 groups (RFC 1757& RFC 2819).
Broadcast/Multicast/Unknown-unicast Storm Control:To limit too many broadcast/multicast/unknown-unicast flooding
in the network, broadcast/multicast storm control is used to restrict excess traffic. Threshold values are available to control
the rate limit for each port. Packets are discarded if the count exceeds the configured upper threshold.
Port Mirroring: This function could be mirroring and duplicated client side action, but Need to be with mirroring AP as
Session wall or other.
ACL(Access Control List): On some types of proprietary computer hardware, an Access Control List refers to rules that
are applied to port numbers or network daemon names that are available on a host or other layer 3, each with a list of hosts
and/or networks permitted to use the service. Both individual servers as well as routers can have network ACLs. Access
control lists can generally be configured to control both inbound and outbound traffic, and in this context they are similar to
firewalls. Like Firewalls, ACLs are subject to security regulations and standards.
Link Layer Discovery Protocol (LLDP): is a vendor-neutral Link Layer protocol in the Internet Protocol Suite used by
Manual of VDSL2 Solution
http://www.black-box.eu
6
network devices for advertising their identity, capabilities, and neighbors on a IEEE 802 local area network, principally wired
Ethernet. The protocol is formally referred to by the IEEE as Station and Media Access Control Connectivity Discovery
specified in standards document IEEE 802.1AB.
Speed Rate Control: Supports speed rate control function from 128k to 100Mbps.
Note: Regarding our MEG821AE' principle of bandwidth control, which must rely on flow control to limit
bandwidth over hardware, as long as client side doesn't support flow control, the upstream bandwidth control is
invalid, so for this case, client side must support flow control function.
In band Management: Provides a console port for setup IP or other function
Out Of Band Management: Supports remote control by Telnet and Web-based Management easy-to-use configuration and
ongoing monitoring. This software is embedded in the switch and delivers remote, intuitive management of the switch and
connected NIC devices through a single IP address. The VDSL2 8Ports Switch are easy-to-configured and deployed, and
offering a compelling option in terms of cost, performance, scalability and services compared to traditional repeater HUB
solutions.
2 Dual Media for Flexible Fiber Connection:Dual media port 9 and 10 are provided for flexible fiber/copper auto link
connection. You can select to install optional transceiver modules in these slots for short, medium or long distance fiber
backbone attachment. Use of the SFP will auto disable their corresponding built-in 10/100/1000Base-T connections.
DHCP Client: Dynamic Host Configuration Protocol (DHCP) for auto configuration management IP.
TFTP Protocol: Trivial File Transfer Protocol(TFTP) for new version firmware remote upgraded
Manual of VDSL2 Solution
http://www.black-box.eu
7
Firmware upgrade support : HTTP / TFTP protocol.
Scalability: Up to 100 Mbps symmetric performance over single-pair wiring for VDSL2 Channel
port aggregation.
Interleave delay time: To prevent the transmission against burst errors.
Noise Margins(SNRM): In electrical engineering, noise margin is the amount by which a signal exceeds the minimum
amount for proper operation. MEG821AE default value is 6db for telecom standard.
Upstream Power Back-Off (UPBO): helps to run services over loops with different
length co-located in the same cable binder (“mixed length” deployments), especially
in FEXT-dominated noise environment.
Strong FEXT generated by short loops can significantly degrade the performance
of long loops if UPBO is not applied. On the other hand, UPBO reduces the transmit
power of short loops and thus degrades their performance as well. The UPBO
technique should take in account both issues.
Downstream Power Back-Off (DPBO): The development of Triple Play services requires higher bandwidth. Higher
bandwidth and substantial performance gain can be reached by deploying DSLAM-s in a remote side cabinet near to the
customer premises. There is no problem at clean networks where all the customers are connected to the same local cabinet.
Manual of VDSL2 Solution
http://www.black-box.eu
8
Single-Ended Loop Testing (SELT) : The most convenient tests to perform are those that only require connection to one end
of the line, because only one tester is required, and one person is required, and no travelling needs to be done. Some tests
require the line to be correctly terminated and it may be possible to set the installed equipment (eg modem) to do this without
having to go to the end of the line.
Double-Ended Loop Testing (DELT) : Double-ended testing involves dispatching a technician to the customer's location to
install a modem or test equipment that communicates with the reference modem in the CO. If the service doesn't work, a work
order is issued to clean up the pair.
Trellis modulation : The name trellis was coined because a state diagram of the technique, when drawn on paper closely
resembles the trellis lattice used in rose gardens. The scheme is basically a convolutional code of rates (r,r+1). Ungerboeck's
unique contribution is to apply the parity check on a per symbol basis instead of the older technique of applying it to the bit
stream then modulating the bits. The key idea he termed Mapping by Set Partitions. This idea was to group the symbols in a
tree like fashion then separate them into two limbs of equal size. At each limb of the tree, the symbols were further apart.
Although in multi-dimensions, it is hard to visualize, a simple one dimension example illustrates the basic procedure. Suppose
the symbols are located at [1, 2, 3, 4, ...]. Then take all odd symbols and place them in one group, and the even symbols in the
second group. This is not quite accurate because Ungerboeck was looking at the two dimensional problem, but the principle is
the same, take every other one for each group and repeat the procedure for each tree limb. He next described a method of
assigning the encoded bit stream onto the symbols in a very systematic procedure. Once this procedure was fully described,
his next step was to program the algorithms into a computer and let the computer search for the best codes. The results were
astonishing. Even the most simple code (4 state) produced error rates nearly 1,000 times lower than an equivalent uncoded
system. For two years Ungerboeck kept these results private and only conveyed them to close colleagues. Finally, in 1982,
Manual of VDSL2 Solution
http://www.black-box.eu
9
Ungerboeck published a paper describing the principles of trellis modulation.
A flurry of research activity ensued, and by 1990 the International Telecommunication Union had published modem standards
for the first trellis-modulated modem at 14.4 kbit/s (2,400 baud and 6 bits per symbol). Over the next several years further
advances in encoding, plus a corresponding symbol rate increase from 2,400 to 3,429 baud, allowed modems to achieve rates
up to 34.3 kbit/s (limited by maximum power regulations to 33.8 kbit/s). Today, the most common trellis-modulated V.34
modems use a 4-dimensional set partition which is achieved by treating two 2-dimensional symbols as a single lattice. This set
uses 8, 16, or 32 state convolutional codes to squeeze the equivalent of 6 to 10 bits into each symbol sent by the modem (for
example, 2,400 baud × 8 bits/symbol = 19,200 bit/s).
Once manufacturers introduced modems with trellis modulation, transmission rates increased to the point where interactive
transfer of multimedia over the telephone became feasible (a 200 kilobyte image and a 5 megabyte song could be downloaded
in less than 1 minute and 30 minutes, respectively). Sharing a floppy disk via a BBS could be done in just a few minutes,
instead of an hour. Thus Ungerboeck's
Echo cancellation : The term echo cancellation is used in telephony to describe the process of removing echo from a voice
communication in order to improve voice quality on a telephone call. In addition to improving subjective quality, this process
increases the capacity achieved through silence suppression by preventing echo from traveling across a network.
Two sources of echo have primary relevance in telephony: acoustic echo and hybrid echo.
Echo cancellation involves first recognizing the originally transmitted signal that re-appears, with some delay, in the transmitted
or received signal. Once the echo is recognized, it can be removed by 'subtracting' it from the transmitted or received signal.
This technique is generally implemented using a digital signal processor (DSP), but can also be implemented in software. Echo
cancellation is done using either echo suppressors or echo cancellers, or in some cases both.
INP(Impulse Noise Protection): Impulse noise in multicarrier communication systems behaves effectively as a modulating
Manual of VDSL2 Solution
http://www.black-box.eu
10
signal that controls the first moment of the background Gaussian noise. The composite noise, which is the aggregate of the
Gaussian noise and impulse noise, has a probability density function that is conditionally Gaussian with non-zero average,
hence referred to as biased-Gaussian. The BER-equivalent power of the composite noise source is defined as the power of a
pure Gaussian noise source that yields the same bit-error rate (BER). The BER-equivalent noise for a biased-Gaussian noise
is simply the amplified version of the underlying Gaussian noise source. The amplification factor is derived from the
characteristics of the impulse interference. Any bit-loading algorithm designed for Gaussian noise sources is also applicable to
biased-Gaussian noise sources provided that the BER-equivalent SNR is used in place of the measured SNR.
Syslog : is a standard for logging program messages. It allows separation of the software that generates messages from the
system that stores them and the software that reports and analyzes them. It also provides devices which would otherwise be
unable to communicate a means to notify administrators of problems or performance.
Syslog can be used for computer system management and security auditing as well as generalized informational, analysis,
and debugging messages. It is supported by a wide variety of devices (like printers and routers) and receivers across multiple
platforms. Because of this, syslog can be used to integrate log data from many different types of systems into a central
repository.
Manual of VDSL2 Solution
http://www.black-box.eu
11
Table of Contents
Safety Warnings--------------------------------------------------------------------------------------------------------------------------- 1
VDSL2 Brief--------------------------------------------------------------------------------------------------------------------------------- 2
MEG821AE ---------------------------------------------------------------------------------------------------------------------------------- 2
Chapter 1. Unpacking Information -------------------------------------------------------------------------------------------------15
1.1 Check list............................................................................................................................................................................ 15
1.2 Package Contents.............................................................................................................................................................. 15
1.3 Product Guide .................................................................................................................................................................... 15
1.4 Features & Specifications:................................................................................................................................................ 16
Chapter 2. General Description -----------------------------------------------------------------------------------------------------18
2.1 Hardware Description........................................................................................................................................................ 18
2.2 Front Panel ......................................................................................................................................................................... 18
2.3 SFP Fiber Optics................................................................................................................................................................ 20
2.4 LED Indications.................................................................................................................................................................. 21
2.5 Rear Panel........................................................................................................................................................................... 22
2.6 AC Power Socket................................................................................................................................................................ 22
Chapter 3. Installation------------------------------------------------------------------------------------------------------------------23
3.1 Hardware Installation......................................................................................................................................................... 23
3.2 Pre-Installation Requirements........................................................................................................................................... 23
Manual of VDSL2 Solution
http://www.black-box.eu
12
3.3 General Rules..................................................................................................................................................................... 24
3.4 Connection Configuration................................................................................................................................................. 24
Chapter 4. Management Configuration-------------------------------------------------------------------------------------------26
4.0 In-Band Management......................................................................................................................................................... 26
4.0.1 Operation Notice ------------------------------------------------------------------------------------------------------------------------------- 28
4.0.3 Switch Static Configuration---------------------------------------------------------------------------------------------------------------- 32
4.0.4 Protocol Related Configuration----------------------------------------------------------------------------------------------------------- 62
4.0.5 Syslog---------------------------------------------------------------------------------------------------------------------------------------------- 93
4.0.6 SSH ------------------------------------------------------------------------------------------------------------------------------------------------- 93
4.0.7 Reboot switch----------------------------------------------------------------------------------------------------------------------------------- 93
4.0.8 TFTP Function ---------------------------------------------------------------------------------------------------------------------------------- 94
4.0.9 Access Control List --------------------------------------------------------------------------------------------------------------------------- 96
4.1 Remote Network Management........................................................................................................................................ 102
4.2 Administration.................................................................................................................................................................. 105
4.2.0 IP Address Setting----------------------------------------------------------------------------------------------------------------------------106
4.2.1 Switch Setting----------------------------------------------------------------------------------------------------------------------------------107
4.2.2 Console Port Information ------------------------------------------------------------------------------------------------------------------111
4.2.3 Port Configuration----------------------------------------------------------------------------------------------------------------------------112
4.2.4 SNMP Configuration -------------------------------------------------------------------------------------------------------------------------118
4.2.5 Syslog---------------------------------------------------------------------------------------------------------------------------------------------124
4.2.7 Configuration Backup-----------------------------------------------------------------------------------------------------------------------129
4.3 L2 Features....................................................................................................................................................................... 130
Manual of VDSL2 Solution
http://www.black-box.eu
13
4.3.0 VLAN Configuration--------------------------------------------------------------------------------------------------------------------------131
4.3.2 Trunking------------------------------------------------------------------------------------------------------------------------------------------141
4.3.3 Forwarding and Filtering-------------------------------------------------------------------------------------------------------------------146
4.3.4 Spanning Tree----------------------------------------------------------------------------------------------------------------------------------153
4.3.5 DHCP Relay and Option 82----------------------------------------------------------------------------------------------------------------163
4.3.6 LLDP-----------------------------------------------------------------------------------------------------------------------------------------------166
4.4 Access Control List ......................................................................................................................................................... 169
4.4.0 IPv4 ------------------------------------------------------------------------------------------------------------------------------------------------171
4.4.1 Non-IPv4------------------------------------------------------------------------------------------------------------------------------------------175
4.4.2 Binding -------------------------------------------------------------------------------------------------------------------------------------------177
4.4.3 QoS VoIP-----------------------------------------------------------------------------------------------------------------------------------------179
4.5 Security............................................................................................................................................................................. 181
4.5.0 Security Manager -----------------------------------------------------------------------------------------------------------------------------181
Fig. 4.5.0 Security Manager -----------------------------------------------------------------------------------------------------------------------181
4.5.1 MAC Limit----------------------------------------------------------------------------------------------------------------------------------------182
4.5.2 802.1x Configuration-------------------------------------------------------------------------------------------------------------------------183
4.6 QoS.................................................................................................................................................................................... 187
4.6.0 QoS Configuration----------------------------------------------------------------------------------------------------------------------------188
4.6.1 Per-Port Configuration----------------------------------------------------------------------------------------------------------------------189
4.7 Monitoring......................................................................................................................................................................... 192
4.7.0 Port Status --------------------------------------------------------------------------------------------------------------------------------------192
4.7.1 Port Statistics ----------------------------------------------------------------------------------------------------------------------------------194
4.8 Reset System.................................................................................................................................................................... 195
Manual of VDSL2 Solution
http://www.black-box.eu
14
4.9 Reboot............................................................................................................................................................................... 195
Chapter 5. VDSL2 functions--------------------------------------------------------------------------------------------------------196
5.1 Profile Config.................................................................................................................................................................... 196
5.2 Channel Config................................................................................................................................................................. 201
5.3 Channel Status................................................................................................................................................................. 202
5.4 SNR Status........................................................................................................................................................................ 203
5.5 Activate / Deactivate ........................................................................................................................................................ 204
5.6 DPBO................................................................................................................................................................................. 205
5.7 UPBO................................................................................................................................................................................. 207
5.9 VDSL2 Version Info.......................................................................................................................................................... 210
Chapter 6. Applications-------------------------------------------------------------------------------------------------------------- 211
Appendix A: Troubleshooting -----------------------------------------------------------------------------------------------------214
Diagnosing VDSL2 8PORTS SWITCH Indicators................................................................................................................. 214
Appendix B: Example of VLAN Setting-----------------------------------------------------------------------------------------216
Example 1:.............................................................................................................................................................................. 216
Example 2:.............................................................................................................................................................................. 220
Appendix C: Cable Requirements------------------------------------------------------------------------------------------------227
Appendix D: Compliance and Safety Information --------------------------------------------------------------------------230
Warranty ----------------------------------------------------------------------------------------------------------------------------------234
Manual of VDSL2 Solution
http://www.black-box.eu
15
Chapter 1. Unpacking Information
1.1 Check list
Carefully unpack the package and check its contents against the checklist.
1.2 Package Contents
1. VDSL2 8Ports Switch
8x VDSL2 Ports(RJ45),2x 1000Mbps auto link RJ-45/SFP Port
2. 1x User’s manual CD
3. 1x AC Power Cord
4. A package contains two Rack Mounting Brackets and four screws
5. 4x Plastic feet(Pre-installed on the bottom)
Note:
Please inform your dealer immediately for any missing, or damaged parts.
If possible, retain the carton, including the original packing materials.
Use them to repack the unit in case there is a need to return for repair.
1.3
Product Guide
Product Name::::VDSL2 8PORTS SWITCH
Manual of VDSL2 Solution
http://www.black-box.eu
16
1.4 Features & Specifications:
Compliant with ITU-T G993.2 VDSL2, G993.1 VDSL, G997.1, G994.1 G.hs standard
Compliant with IEEE-802.3, 802.3u, 802.3ab, 802.3z Ethernet Standard.
Support 8a, 8b, 8c, 8d, 12a, 12b, 17a and 30a band profiles.
Support 997 and 998 band plans.
Supports Jumbo packet up to 9k byte.
Supports interleave delay for noise resistant and data loss.
Supports Virtual Noise.
Supports SELT(Single-Ended Loop Testing).
Supports DELT(Double-Ended Loop Testing).
Supports Trellis coding for against noise.
Supports INP(Impulse Noise Protection) for multicarrier communication systems.
Support UPBO(Upstream PBO) and DPBO(Downstream PBO).
Supports high bandwidth up to symmetric 100Mbps within 0.3km (984 feet) for VDSL2 ports.
Supports ADSL LIKE long reach mode up to 2.2 km.
Supports bandwidth management (rate control) from 128k to 100Mbps.
Supports IEEE 802.1q tagging VLAN with Q-in-Q.
Supports quality of phone wiring detected with SNR(Signal to Noise Ratio) indicators.
Supports TOS IEEE-802.1p with 4 priority queues.
Supports HTTPS (SSL) web management.
Supports Multicast IP table/IGMP v2 with 512 groups.
Supports LACP IEEE-802.3ad port trunking (link aggregation).
Manual of VDSL2 Solution
http://www.black-box.eu
17
Support IEEE 802.1d STP / IEEE 802.1w RSTP & IEEE-802.1s MSTP.
Support port mirroring (sniffer) and broadcast storm filtering.
Supports port security with MAC address filtering.
Supports remote syslog.
Supports traffic storm control.
Support web based and telnet for remote management.
Support SNMP v1/v2/v3 RFC-1493 bridge MIBs, RFC-1643 Ethernet MIB, RFC-1213 MIBII.
Support RMON groups 1(Statistics), 2(Alarm), 3(Event), 9(History).
Support HTTP/TFTP for firmware upgrade.
Support In-Band/Out-of-Band management.
Support L2/L3/4 access control list(ACL).
Support DHCP client and Relay & Option 82.
Supports LLDP(Link Layer Discovery Protocol) protocol.
Supports surge protection and splitter on board.
Internal switching power adapter Input: AC 85-265 volts/50-60Hz/1A .
Rack mount size 19"/1U
Dimensions: 435 x 255 x 44 mm
Operating Temperature: 0°C ~ 50°C (32°F ~ 122°F)
Storage Temperature: - 20°C ~ 70°C (-4°F ~ 158°F)
Humidity: 10%~90% non-condensing
EMI by FCC/CE Class A
Power Consumption: Max : 37W
Weight : about 3.2kg
Manual of VDSL2 Solution
http://www.black-box.eu
18
Chapter 2. General Description
2.1 Hardware Description
This section describes the important parts of the VDSL2 8PORTS SWITCH. It features the front and rear panel drawings LEDs,
connectors, and VDSL2 8PORTS SWITCH.
2.2 Front Panel
The following figure shows the front panel.
Figure 2-1 Front Panel description
Manual of VDSL2 Solution
http://www.black-box.eu
19
(1) 8 X100Mbps VDSL2 ports(L1-L8)
(2) 8 x POTS splitters(L1-L8)
(3) 2 X1G auto link RJ-45 or SFP Transceivers.
(4) SFP Cage(Small Fiber Optic)
(5) Console port (RS-232, Baud Rate:115200)
(6) Reset Button.
Several LED indicators for monitoring the device itself, and the network status. At a quick glance of the front panel, the user
would be knew if the product is receiving power; if it is monitoring another VDSL2 8PORTS SWITCH or other devices; or if a
problem exists on the network.
Provides two 1000Mbps auto-sensing RJ-45 Ethernet ports and two GIGA Port.
GIGA Port supports RJ-45 or SFP Interface auto link function. You can use RJ-45 interface or SFP
Interface.Figure
Manual of VDSL2 Solution
http://www.black-box.eu
20
Note:
GIGA port (9, 10 port) supports Hot Swappable function. The status default in copper (RJ45), if you want to change connect media to
fiber you must plug in SFP fiber module (SFP port).
First, make sure fiber to fiber connecting is ready, and then the VDSL2 8PORTS SWITCH will be sensing and link that in Fiber optic
mode.
GIGA port RJ-45 and SFP can’t use in the same time, else that will be link in Copper mode (default).
2.3 SFP Fiber Optics
A gigabit interface converter (SFP) is a transceiver that converts electric currents (digital highs and lows) to optical signals, and
optical signals to digital electric currents. The SFP is typically employed in fiber optic and Ethernet systems as an interface for
high-speed networking. The data transfer rate is 1.25 gigabit per second.
SFP modules allow technicians to easily configure and upgrade electro-optical communications networks. The typical SFP
transceiver is a plug-in module that supports hot-plugging (it can be removed and replaced without turning off the system).
The devices are economical, because they eliminate the necessity for replacing entire boards at the system level. Upgrading
can be done with any number of units at a time, from an individual module to all the modules in a system. SFP (Small Form
Pluggable Transceivers), meet the Gigabit Interface Converter specification Rev. 5.4 (MOD_DEF4) industry standard.
Mode
Wave
length
Bit Rate Voltage
Power Margin
1 LX-Single Mode 10km 1.25Gbps 3.3V 10.5db(10KM or above)
2 SX- Multi Mode 550m 1.25Gbps 3.3V 8.5db(550m)
Manual of VDSL2 Solution
http://www.black-box.eu
21
2.4 LED Indications
The followings describe the function of each LED indicator:
LEDs Status Descriptions
Steady
PWR
(Power LED)
Green
This LED
light is located at the left side on the front panel. It will light up (ON) to show that the
product is receiving power. Conversely, no light (OFF) means the product is not receiving power.
Steady
POST
Green
POST(Power On Self Testing)
POST Led will light to show system is booting now.
When system is ready the LED will light off.
Steady
Green
Speed10/Link
Speed100/Link
Speed1000/Link
ACT(Active LEDs)
Blinking
Giga port indicates that communications have been set 10/100/1000 Mbps. Each port on the
VDSL2
8PORTS SWITCH is assigned an LED light for 100 or 1000 Base-TX connecting
Blinking to show data on Traffic status.
Fiber mode only support.
FD/Col
Steady
Green
Indicates that communications have been set to full-duplex operation for the indicated port,
The
indicator lights up working in Full Duplex, and light down working in Half Duplex
(Full-Duplex LEDs )
(Collision LEDs)
Blinking Blinking to show collision status.
Steady LED light up Steady to show VDSL2 Link is established
VDSL2 Link LEDs
Green LED light down Steady to show VDSL2 Link is not established
Manual of VDSL2 Solution
http://www.black-box.eu
22
2.5 Rear Panel
The following figure shows the rear panel of the MEG821AE.
Figure Chapter 2.3 Rear Panel
2.6 AC Power Socket
The power cord should be plug into this AC socket. The AC socket accepts AC power 100 to 240 voltage.
Manual of VDSL2 Solution
http://www.black-box.eu
23
Chapter 3. Installation
3.1 Hardware Installation
This chapter describes how to install the VDSL2 8PORTS SWITCH and establish network connections. You may install this
VDSL2 8PORTS SWITCH on any level surface (table, shelf, 19 inch rack or wall mounting). However, please take Note of the
following minimum site requirements before you begin.
4 plastic feet on the bottom has been pre-installed.
3.2 Pre-Installation Requirements
Before you start actual hardware installation, make sure you can provide the right operating environment, including power
requirements, sufficient physical space, and proximity to other network devices that are to be connected. Verify the following
installation requirement:
Power requirements: AC 100V to 240 V at 50 to 60 Hz.
The VDSL2 8PORTS SWITCH power supply automatically adjusts to the input voltage level.
The VDSL2 8PORTS SWITCH should be located in a cool dry place, with at least 10cm/4in of space at the front and back
for ventilation.
Place the VDSL2 8PORTS SWITCH out of direct sunlight, and away from heat sources or areas with a high amount of
electromagnetic interference.
Check if network cables and connectors needed for installation are available.
Manual of VDSL2 Solution
http://www.black-box.eu
24
3.3 General Rules
Before making any connections to the VDSL2 8PORTS SWITCH, Note the following rules:
Ethernet Port (RJ-45)
All network connections to the VDSL2 8PORTS SWITCH Ethernet port must be made using Category 5
UTP for 100Mbps and Category 3,4 UTP for 10Mbps.
No more than 100 meters (about 328 feet) of cabling may be used between the VDSL2 8PORTS SWITCH and an end
node.
3.4 Connection Configuration
The VDSL2 8PORTS SWITCH has 8 100 Mbps VDSL2 ports. And 2 Giga Ethernet ports which support connection to
10/100/1000 Ethernet. Support full or half-duplex operation and Auto MDI/MDIX. The transmission mode is using
auto-negotiation. Therefore, the devices attached to these ports must support auto-negotiation unless they will always operate
at half duplex. If transmissions must run at full duplex, but the attached device does not support auto-negotiation, then you
should upgrade this device to a newer version that supports auto-negotiation.
Use any of the 9~10 ports to connect to devices such as a workstation, server, bridge or router. You can also cascade to another
compatible VDSL2 8PORTS SWITCH or hub by connecting an MDI or MDIX port.
1.You can connect an (9~10) station port on the VDSL2 8PORTS SWITCH to any device that uses a standard network interface
such as a optical fiber converter, workstation or server, or also to a network interconnection device such as a bridge or router
(depending on the port type implemented).
2.Prepare the network devices you wish to network. Make sure you have installed VDSL2 CPE Modem making a connection to
any of the VDSL2 8PORTS SWITCH (1~8) station ports. You also need to prepare 24~26 gauge phone wire with RJ11 plugs
Manual of VDSL2 Solution
http://www.black-box.eu
25
at both ends.
3.Connect one end of the cable to the RJ-45 port of the network interface card, and the other end to any available (9~10) station
port on the VDSL2 8PORTS SWITCH. Every port support either 10 /100/1000 Mbps connections. When inserting an RJ-45
plug, be sure the tab on the plug clicks into position to ensure that it is properly seated.
Note:
1. Be sure each twisted-pair cable (RJ-45) is not over by 100 meters (328 feet).
2. We advise using Category 5 cable for Cable Modem or router connections or to attach to any high bandwidth device to avoid
any confusion or inconvenience.
Manual of VDSL2 Solution
http://www.black-box.eu
26
Chapter 4. Management Configuration
4.0 In-Band Management
Console port (RS-232) Configuration
You can configure the product with the local serial console port, If one of the Ethernet port is not in use, you can disable it, that
procedure is to connect a Notebook computer to the RS-232 port, then boot operating systems, such as using the Windows
operating system, and run “Hyper-terminal” program into terminal window, and setup step are as follow.
1. Set “Bits per second” at 115200 to the content window.
Manual of VDSL2 Solution
http://www.black-box.eu
27
2. Set “Flow control” at None
3. Connects PC with the VDSL2 8PORTS SWITCH, you will find login manual window on the screen then enter
Login name :”admin” ; password:”123”
Manual of VDSL2 Solution
http://www.black-box.eu
28
4. Setting IP Address by Console Port
When you are going to login a VDSL2 8PORTS SWITCH through the web page, you have to configure the IP address first. The
default IP address /
netmask / default gateway of a switch is 192.168.16.249 / 255.255.255.0 / 192.168.16.1, without making any configuration
changes in advance, you can login a VDSL2 8PORTS SWITCH with default IP address as long as the default IP address can
function properly in your network environment. Otherwise, you have to re-configure the IP address, subnet mask and default
gateway. The following show how to configure the IP address of a VDSL2 8PORTS SWITCH.
First, login with the console port.
Username: admin
Password: 123
Second, you will now enter the “IP Address ”, then, setup the IP address, subnet mask and gateway.
Switch# configure
Switch(config)# ip address 192.168.1.1 255.255.255.0
Switch(config)# ip default-gateway 192.168.1.254
4.0.1 Operation Notice
To enter the “configuration” mode, you need to be in the privileged mode, and then type the command configure
Switch# configure
Switch (config) #
Manual of VDSL2 Solution
http://www.black-box.eu
29
4.0.1.0
Command Line Editing
The following generic function keys provide functions in all of the menus:
Keys Function
<Ctrl>-B; ←
Moves the cursor back one character.
<Ctrl>-D Deletes the character at the cursor.
<Ctrl>-E Jumps to the end of the current command line.
<Ctrl>-F; →
Moves the cursor forward one character.
<Ctrl>-K Deletes from the cursor to the end of the command line.
<Ctrl>-N; ↓
Enters the next command line in the command history.
<Ctrl>-P; ↑
Enters the previous command line in the command history.
<Ctrl>-U Deletes from the cursor to the beginning of the command line.
<Ctrl>-W Deletes the last word typed.
<Esc> B Moves the cursor backward one word.
<Esc> D Deletes from the cursor to the end of the word.
<Esc> F Moves the cursor forward one word.
<Backspace> Delete the character before the cursor.
<Del> Delete the character at the cursor.
Manual of VDSL2 Solution
http://www.black-box.eu
30
4.0.1.1
Command Help
You may enter “?” at any command mode, and the CLI will return possible commands at that point, along with some description of
the keywords:
Switch (config) # copy tftp?
running-config Running configurations
flash Flash configurations
firmware Download firmware
You may use the <Tab> key to do keyword auto completion:
Switch (config) # copy tftp r<Tab>
Switch (config) # copy tftp running-config
You do not need to type in the entire commands; you only need to type in enough characters for the CLI to recognize the
command as unique. The following example shows you how to enter the show running-config command:
Switch (config) # sh ru
Manual of VDSL2 Solution
http://www.black-box.eu
31
4.0.2 System Commands
show running-config
Display the running configuration of the VDSL2 8PORTS SWITCH.
copy running-config startup-config
Backup the switch configurations.
erase startup-config
Reset to default factory settings at next boot time.
clear arp [<ip-addr>] Clear entries in the ARP cache.
Parameters:
[<ip-addr>] specifies the IP address to be cleared. If no IP address is entered, the entire ARP cache is cleared.
show arp
Show the IP ARP translation table.
ping ip-addr [<1..999>] Send ICMP ECHO_REQUEST to network hosts.
Parameters:
[<1..999>] specifies the number of repetitions. If not entered, it will continue to ping until you press <Ctrl>-C to stop.
[no] per-vlan-flooding-portmask Enable or disable per VLAN default flooding portmask.
Manual of VDSL2 Solution
http://www.black-box.eu
32
per-vlan-flooding-portmask <unicast | multicast> <vlan-id> <port-list> Set unicast or multicast per VLAN default flooding
portmask.
show per-vlan-flooding-portmask
Display unicast and multicast per VLAN default flooding portmask table.
4.0.3 Switch Static Configuration
4.0.3.0 Port Configuration and Status
port state <on | off> [<port-list>]
Turn the port state on or off.
Parameters:
<port-list> specifies the ports to be turn on or off. If not entered, all ports are turn on or off.
port nego <force | auto | nway-force> [<port-list>]
Set port negotiation.
Parameters:
<port-list> specifies the ports to be set.If not entered, all ports are set.
port speed <10 | 100 | 1000> <full | half> [<port-list>]
Set port speed (in mbps) and duplex.
Parameters:
<port-list> specifies the ports to be set. If not entered, all ports are set.
Manual of VDSL2 Solution
http://www.black-box.eu
33
port flow <enable | disable> <enable | disable> [<port-list>]
Enable or disable port flow control.
Parameters:
1st <enable | disable> enables or disables flow control in full duplex mode.
2nd <enable | disable> enables or disables flow control in half duplex mode.
<port-list> specifies the ports to be set. If not entered, all ports are set.
port rate <ingress | egress> <0..8000> [<port-list>]
Set port effective ingress or egress rate.
Parameters:
<0..8000> specifies the ingress or egress rate.<0..8000>
<port-list> specifies the ports to be set. If not entered, all ports are set.
port security <on | off> [<port-list>]
Set port priority. When port security is on, the port will stop MAC address learning, and forward only packets with MAC address
in the static MAC address table.
Parameters:
<port-list> specifies the ports to be set. If not entered, all ports are set.
port protected group <1-2> <port-list>
Set protected port group member.
Parameters:
<port-list> specifies the group member ports.
Manual of VDSL2 Solution
http://www.black-box.eu
34
port protected <port-list>
Set protected port list.
Parameters:
<port-list> specifies the protected port list.
port priority <disable | low | high> [<port-list>]
Set port priority.
Parameters:
<port-list> specifies the ports to be set. If not entered, all ports are set.
port jumboframe <enable | disable> [<port-list>]
Set port jumbo frame. When port jumbo frame is enable, the port forward jumbo frame packet
Parameters:
<port-list> specifies the ports to be set. If not entered, all ports are set.
port interval <0-3600>
While flooding CPU port at the speed of 4MB/s or larger, system will close relative port. And system will open this port using this
interval value.0 represents system will never enable this after close it for flooding CPU.
show port status
Show port status, including port State,Link,Trunking,VLAN,Negotiation,Speed,Duplex,Flow control, Rate
control ,Priority,Security,BSF control.
Manual of VDSL2 Solution
http://www.black-box.eu
35
show port statistics <port-id>
Show port statistics, including TxGoodPkt, TxBadPkt, RxGoodPkt, RxBadPkt,TxAbort, Collision, and DropPkt.
Parameters:
<port-id> specifies the port to be shown.
show port protection
Show protected port information.
4.0.3.1 Trunk
Trunk allows the switch to combine ports so that they function like a single high-speed link. It can be used to increase the
bandwidth to some devices to provide a high-speed link. For example, trunk is useful when making connections between switches
or connecting servers to the switch. Trunk can also provide a redundant link for fault tolerance. If one link in the trunk failed, the
switch can balance the traffic among the remaining links.
Note:
1: The 10/100 Mbps port cannot be trunked with gigabit port (port 9~10).
Manual of VDSL2 Solution
http://www.black-box.eu
36
2: All ports in the same trunk group will be treated as a single port. If a trunk group exists, the ports belonging to that trunk will be
replaced by “TRUNK #” in the VLAN configuration screen. The following example configures port 9~10 as “TRUNK 1.”
4.0.3.1.0 Trunking Commands
show trunk
Show trunking information.
trunk add <trunk-id> <lacp | no-lacp> <port-list> <active-port-list>
Add a new trunk group.
Parameters:
<trunk-id> specifies the trunk group to be added.
<lacp> specifies the added trunk group to be LACP enabled.
<no-lacp> specifies the added trunk group to be LACP disabled.
<port-list> specifies the ports to be set.
<active-port-list> specifies the ports to be set to LACP active.
no trunk <trunk-id>
Delete an existing trunk group.
Parameters:
<trunk-id> specifies the trunk group to be deleted.
4.0.3.1.1 LACP Commands
[no] lacp
Manual of VDSL2 Solution
http://www.black-box.eu
37
Enable/disable LACP.
lacp system-priority <1..65535>
Set LACP system priority.
Parameters:
<1..65535> specifies the LACP system priority.
no lacp system-priority
Set LACP system priority to the default value 32768.
show lacp status
Show LACP enable/disable status and system priority.
show lacp
Show LACP information.
show lacp agg <trunk-id>
Show LACP aggregator information.
Parameters:
<trunk-id> specifies the trunk group to be shown.
show lacp port <port-id>
Show LACP information by port.
Manual of VDSL2 Solution
http://www.black-box.eu
38
Parameters:
<port-id> specifies the port to be shown.
Note:
If VLAN group exist, all of the members of static trunk group must be in same VLAN group.
4.0.3.2 VLAN
4.0.3.2.0
Virtual LANs
A Virtual LAN (VLAN) is a logical network group that limits the broadcast domain. It allows you to isolate network traffic so
only members of the VLAN receive traffic from the same VLAN members. Basically, creating a VLAN within a switch is
logically equivalent of reconnecting a group of network devices to another Layer 2 switch. However, all the network devices are
still plugged into the same switch physically. A station can belong to more than one VLAN group. VLAN prevents users from
accessing network resources of another on the same LAN, thus the users can not see the hard disks and printers of another user in
the same building. VLAN can also increase the network performance by reducing the broadcast traffic and enhance the security of
the network by isolating groups.
This Switch supports two types of VLANs:
• Port-based
• IEEE 802.1Q (tag) –based
Note:
1. Only one of the two VLAN types can be enabled at one time.
2. Example of VLAN setting on page 223.
Manual of VDSL2 Solution
http://www.black-box.eu
39
Port-based VLANs are VLANs where the packet forwarding decision is made based on the destination MAC address and its
associated port. You must define the outgoing ports allowed for each port when you use port-based VLANs. In port-based VLANs,
the packets received from one port can only be sent to the ports which are configured to the same VLAN. As shown in the
following figure, the switch administrator configured port 1~2 as VLAN 1 and port 3~4 as VLAN 2. The packets received from
port 1 can only be forwarded to port 2. The packets received from port 2 can only be forwarded to port 1. That means the
computer A can send packets to computer B, and vice versa. The same situation also occurred in VLAN 2. The computer C and D
can communicate with each other. However, the computers in VLAN 1 can not see the computers in VLAN 2 since they belonged
to different VLANs.
Manual of VDSL2 Solution
http://www.black-box.eu
40
IEEE 802.1Q (tag) -based VLANs enable the Ethernet functionality to propagate tagged packets across the bridges and provides
a uniform way for creating VLAN within a network then span across the network. For egress packet, you can choose to tag it or
not with the associated VLAN ID of this port. For ingress packet, you can forward this packet to a specific port as long as it is also
in the same VLAN group.
The 802.1Q VLAN works by using a tag added to the Ethernet packets. The tag contains a VLAN Identifier (VID) which belongs
to a specific VLAN group. And ports can belong to more than one VLAN.
Manual of VDSL2 Solution
http://www.black-box.eu
41
The difference between a port-based VLAN and a tag-based VLAN is that the tag-based VLAN truly divided the network into
several logically connected LANs. Packets rambling around the switches can be forwarded more intelligently. In the figure shown
below, by identifying the tag, broadcast packets coming from computer A in VLAN1 at sw1 can be forwarded directly to VLAN1.
However, the switch could not be so smart in the port-based VLAN mechanism. Broadcast packets will also be forwarded to port
4 of sw2. It means the port-based VLAN can not operate a logical VLAN group among switches.
The MEG821AE supports both port-based VLAN and tag-based (802.1Q) VLAN modes. The default configuration is tag-based
(802.1Q) VLAN. In the 802.1Q VLAN, initially, all ports on the switch belong to default VLAN, VID is 1.
Note:
Manual of VDSL2 Solution
http://www.black-box.eu
42
You cannot delete the default VLAN group in 802.1Q VLAN mode.
4.0.3.2.1 VLAN Mode
VLAN Mode: Port based
Packets can go among only members of the same VLAN group. Note all unselected ports are treated as belonging to another single
VLAN. If the port-based VLAN enabled, the VLAN-tagging is ignored.
show vlan mode
Display the current VLAN mode.
vlan mode (disabled|port-based|dot1q)
Change VLAN mode.
Parameters:
(disabled|port-based|dot1q) specifies the VLAN mode.
Note:
Change the VLAN mode for every time, user have to restart the switch for valid value.
VLAN Mode: 802.1Q
If a trunk group exists, you can see it (e.g. TRUNK1, TRUNK2…) after port 8. And, you can configure it to be a member of the
VLAN group.
In the setting, port was set to Untagged if devices underneath this port do not support VLAN-tagging. Thus the switch can send
untagged frames to this port. Consequently, device that do not support VLAN-tagging or do not enable VLAN tagging could
Manual of VDSL2 Solution
http://www.black-box.eu
43
successfully fetch the incoming frames and could communicate with device that transfers tagged frames, and vice versa. In the
following figure, two different types of devices want to communicate with each other. Since computer A support 802.1Q VLAN
and computer B do not, you have to configure two ports both beneath the same VLAN group, and set left port to “Tagged”, right
port to “Untagged”. Therefore, two devices will receive packet type as they desired.
4.0.3.2.2 Advanced 802.1Q VLAN Setting
Ingress filters configuration
When a packet was received on a port, you can govern the switch to drop it or not if it is an untagged packet. Furthermore, if the
received packet is tagged but not belonging to the same VALN group of the receiving port, you can also control the switch to
forward or drop the packet. The example below configures the switch to drop the packets not belonging to the same VLAN group
and forward the packets not containing VLAN tags.
Manual of VDSL2 Solution
http://www.black-box.eu
44
VLAN Commands
show vlan mode
Display the current VLAN mode.
vlan mode (disabled|port-based|dot1q)
Change VLAN mode.
Parameters:
(disabled|port-based|dot1q) specifies the VLAN mode.
Note:
Change the VLAN mode for every time, user have to restart the switch for valid value.
vlan add <1-4094> <NAME> <cpu-port|no-cpu-port> <LIST> [<LIST>]
Add or edit VLAN entry.
Parameters:
<1-4094> specifies the VLAN id or Group id (if port based VLAN mode)
<NAME> specifies the VLAN group name.
<cpu-port|no-cpu-port> specifies the CPU port belong this VLAN group.
1st <LIST> specifies the ports to be set to VLAN members.
2nd [<LIST>] specifies the ports to be set to tagged members. If not entered, all members set to untagged.
e.g. vlan add 1 vlan1 cpu-port 1-4 . This VLAN entry has four members (from port1 to port4) and all members are untagged.
Manual of VDSL2 Solution
http://www.black-box.eu
45
no vlan <1-4094>
Delete VLAN entry.
Parameters:
<1-4094> specifies the VLAN id or group id (if port based VLAN).
e.g. no vlan 1
show vlan [<1-4094>]
Show VLAN entry information.
Parameters:
[<1-4094>] specifies the VLAN id, null means all valid entries.
e.g. show vlan 1
show vlan static
Show static VLAN entry information.
vlan pvid <LIST> <1-4094>
Set port default VLAN id.
Parameters:
<LIST> specifies the ports to be set.
<1-4094> specifies the port VLAN id.
show vlan pvid [<LIST>]
Show port default VLAN id.
Manual of VDSL2 Solution
http://www.black-box.eu
46
Parameters:
[<LIST>] specifies the ports to be showed. If not entered, all port’s PVID will be showed.
vlan filter <enable|disable> <enable|disable> <LIST>
Set ingress filter rules.
Parameters:
1st <enable|disable> specifies the non-members packet will be forwarded or not. If set enable, forward only packets with VID
matching this port's configured VID.
2nd <enable|disable> specifies the untagged frame will be dropped or not. If set enable, drop untagged frame.
<LIST> specifies the port or trunk list (eg. 3, 6-8, Trk2)
show vlan filter [<LIST>]
Show VLAN filter setting.
Parameters:
[<LIST>] specifies the ports to be showed. If not entered, all ports’ filter rules will be showed.
GVRP Commands
[no] gvrp
Enable or disable GVRP.
show gvrp status
Show GVRP enable or disable status.
Manual of VDSL2 Solution
http://www.black-box.eu
47
[no] port gvrp <LIST>
Enable or disable GVRP by port.
Parameters:
<LIST> specifies the port or trunk list to be set
show port gvrp
Show GVRP status by port.
garp timer <join | leave | leave-all> <0..65535>
Set GARP timer.
Parameters:
<join | leave | leave-all> specifies a timer (Join, Leave, or Leave-All) to be set
<0..65535> specifies the timer in seconds.
show garp timer
Show GARP timer.
show gvrp db
Show GVRP DB.
show gvrp gip
Show GVRP GIP.
Manual of VDSL2 Solution
http://www.black-box.eu
48
show gvrp machine
Show GVRP machine.
clear gvrp statistics <LIST>
Clear GVRP statistics by port.
Parameters:
<LIST> specifies the port or trunk list to be set
show gvrp statistics <LIST>
Show GVRP statistics by port.
Parameters:
<LIST> specifies the port or trunk list to be set
[no] gvrp debug [<sys | err | pdu | db | gen | garp | gvrp | vlan>]
Enable/disable GVRP debugging output.
4.0.3.2.3 QinQ VLAN Setting
Business customers of service providers often have specific requirements for VLAN IDs and the number of VLANs to be
supported. The VLAN ranges required by different customers in the same service-provider network might overlap, and traffic of
customers through the infrastructure might be mixed. Assigning a unique range of VLAN IDs to each customer would restrict
customer configurations and could easily exceed the VLAN limit (4096) of the IEEE 802.1Q specification. Using the QinQ
feature, service providers can use a single VLAN to support customers who have multiple VLANs. Customer VLAN IDs are
Manual of VDSL2 Solution
http://www.black-box.eu
49
preserved, and traffic from different customers is segregated within the service-provider network, even when they appear to be in
the same VLAN. Using QinQ expands VLAN space by using a VLAN-in-VLAN hierarchy and retagging the tagged packets.
Virtual private networks (VPNs) provide enterprise-scale connectivity on a shared infrastructure, often Ethernet-based, with the
same security, prioritization, reliability, and manageability requirements of private networks. QinQ is a feature designed for
service providers who carry traffic of multiple customers across their networks and are required to maintain the VLAN and Layer
2 protocol configurations of each customer without impacting the traffic of other customers.
The following figure is an example of QinQ VLAN application.
QinQ Commands
Manual of VDSL2 Solution
http://www.black-box.eu
50
qinq enable
Enable QinQ.
[no] qinq
Disable QinQ.
qinq tpid <TPIDVAL>
Set QinQ tpid.
Parameters:
<TPIDVAL> specifies QinQ tpid value (Hex, 1~FFFF)
qinq userport <enable|disable> <LIST>
A port configured to support client end of QinQ tunnel is called a QinQ user-port. Use this command to enable/disable QinQ
userport to specified port(s).
qinq uplinkport <enable|disable> <LIST>
A port configured to support network end of QinQ tunnel is called a QinQ uplink-port. Use this command to enable/disabel QinQ
uplinkport to specified port(s).
qinq tunnel add <1-25> <1-4094> <LIST>
Add QINQ tunnel.
Parameters:
<1-25> specifies the tunnel ID
Manual of VDSL2 Solution
http://www.black-box.eu
51
<1-4094> specifies the VLAN ID
<LIST> specifies the ports to be set to QINQ tunnel.
qinq tunnel delete <1-25>
Delete QinQ tunnel.
Parameters:
<1-25> specifies the tunnel ID
show qinq configuration
Show QinQ global and portal configuration
show qinq tunnel
Show QinQ tunnel information
For example, refer to the figure of QinQ application in previous page, a QinQ tunnel using VLAN10 wants to be created for Sales
VLAN100 across the public network. Port1 on left-side VDLS2 VDSL2 8PORTS SWITCH connects to Sales VLAN100 client. Port16
of switch connects to the public network. The following commands needs to be set:
qinq enable
qinq tpid 8100
qinq userport enable 1
qinq uplinkport enable 16
qinq tunnel add 1 10 1,16
4.0.3.3 Misc Configuration
Manual of VDSL2 Solution
http://www.black-box.eu
52
[no] mac-age-time
Enable or disable MAC address age-out.
mac-age-time <6..1572858> Set MAC address age-out time.
Parameters:
<6..1572858> specifies the MAC address age-out time. The value must be divisible by 6. Type the number of seconds that an
inactive MAC address remains in the switch’s address table
show mac-age-time
Show MAC address age-out time
broadcast mode <off | 1/2 | 1/4 | 1/8 | 1/16>
Set broadcast storm filter mode to off, 1/2, 1/4, 1/8, 1/16
broadcast select <unicast/multicast | control packet | ip multicast | broadcast>
Select the Broadcast storm filter packet type:
Unicast/Multicast: Flood unicast/multicast filter
Control Packets: Control packets filter
IP multicast: Ip multicast packets filter
Broadcast Packets: Broadcast Packets filter
Collision-Retry <off | 16 | 32 | 48>
Parameters:
Manual of VDSL2 Solution
http://www.black-box.eu
53
<off|16|32|48> In half duplex, collision-retry maximum is 16, 32 or 48 times and packet will be dropped if collisions still happen.
In default (off), if collision happens, it will retry forever.
Hash <crc-hash | direct-map>
Set hash algorithm to CRC-Hash or DirectMap.
4.0.3.4 Administration
4.0.3.4.0 Change Username/Password
hostname <name-str>
Set switch name.
<name-str> specifies the switch name. If you would like to have spaces within the name, use quotes (“”) around the name.
no hostname
Reset the switch name to factory default setting.
[no] password <manager | operator | all>
Set or remove username and password for manager or operator. The manager username and password is also used by the web UI.
4.0.3.4.1 IP Configuration
User can configure the IP setting and fill in the new value.
ip address <ip-addr> <ip-mask>
Set IP address and subnet mask.
Manual of VDSL2 Solution
http://www.black-box.eu
54
ip default-gateway <ip-addr>
Set the default gateway IP address.
show ip
Show IP address, subnet mask, and the default gateway.
show info
Show basic information, including system info, MAC address, and firmware version.
dhcp
Set VDSL2 8PORTS SWITCH as dhcp client, it can get ip from dhcp server
Note:
If this command is set, the VDSL2 8PORTS SWITCH will reboot.
show dhcp
show dhcp enable/disable
Manual of VDSL2 Solution
http://www.black-box.eu
55
4.0.3.5 Port Mirroring
Port monitoring is a feature to redirect the traffic occurred on every port to a designated monitoring port on the VDSL2 8PORTS
SWITCH . With this
feature, the network administrator can monitor and analyze the traffic on the entire LAN segment. In MEG821AE, you can specify
one
port to be the monitoring port and any single port to be the monitored port. You also can specify the direction of the traffic that
you want to monitor. After properly configured, packets with the specified direction from the monitored ports are forwarded to the
monitoring port.
Note:
1. The default Port Monitoring setting is disabled.
2. The analysis port is dedicated as mirroring port with duplicated traffic flow from mirrored port. The ordinary network traffic is
not available for the analysis port.
3. Any trunk group and member port is not available for this function
mirror-port <rx | tx | both> <port-id> <port-list> Set port monitoring information. (RX only|TX only|both RX and TX)
Parameters:
rx specifies monitoring rx only.
tx specifies monitoring tx only.
both specifies monitoring both rx and tx.
<port-id> specifies the analysis port ID. This port receives traffic from all monitored ports.
<port-list> specifies the monitored port list.
Manual of VDSL2 Solution
http://www.black-box.eu
56
show mirror-port
Show port monitoring information
4.0.3.6 Quality of Service
There are four transmission queues with different priorities in MEG821AE: Highest, SecHigh, SecLow and Lowest. The switch will
take packets from the four queues according to its QoS mode setting. If the QoS mode was set to “Disable”, the switch will not
perform QoS on its switched network. If the QoS mode was set to “High Empty Then Low”, the switch will never exhaust packets
from a queue until the queues with higher priorities are empty. If the QoS mode was set to “weight ratio”, the switch will exhaust
packets from the queues according to the ratio. The default value of QoS mode is “weight 8:4:2:1.” That means the switch will
first exhaust 8 packets from the queue with highest priority, and then exhaust 4 packets from the queue with second high priority,
and so on.
When the switch received a packet, the switch has to decide which queue to put the received packet into. In MEG821AE, the switch
will put received packets into queues according to the settings of “802.1p Priority” and “Static Port Ingress Priority.” When the
received packet is an 802.1p tagged packet, the switch will put the packet into a queue according to the 802.1p Priority setting.
Otherwise, the switch will put the packet into a queue according the setting of Static Port Ingress Priority.
802.1p Priority: the 802.1p packet has a priority tag in its packet header. The range of the priority is 7~0. The MEG821AE can
specify the mapping between 802.1p priority and the four transmission queues. In the default setting, the packets with 802.1p
priority 0~1 are put into the queue with lowest priority, the packets with 802.1p priority 2~3 are put into queue with second low
priority, and so on.
Static Port Ingress Priority: each port is assigned with one priority 7~0. The priority of the packet received from one port is set
Manual of VDSL2 Solution
http://www.black-box.eu
57
to the same priority of the receiving port. When the priority of the received packet was determined, the packet is treated as an
802.1p packet with that priority and will be put into a queue according to the 802.1p Priority setting.
4.0.3.6.0 QoS Configuration
QoS Mode:
First Come First Service: The sequence of packets sent is depending on arrive orders.
All High before Low: The high priority packets sent before low priority packets.
WRR: Weighted Round Robin. Select the preference given to packets in the switch's high-priority queue. These options
represent the number of higher priority packets sent before one lower priority packet is sent.
For example, 8 Highest:4 second-high means that the switch sends 8 highest-priority packets before sending 4 second high
priority packets.
Qos Level: 0~7 priority level can map to highest, second-high, second-low, lowest queue.
Commands:
qos priority <first-come-first-service | all-high-before-low |weighted-round-robin> [<highest-weight>][<sechighweight>][<
sec low -weight>] [<lowest-weight>]
Set 802.1p priority.
e.g. qos priority weighted-round-robin 8,4,2,1
qos level < highest | second-high | second-low | lowest > <level-list>
Set priority levels to highest, second-high, second-low and lowest.
Parameters:
Manual of VDSL2 Solution
http://www.black-box.eu
58
<level-list> specifies the priority levels to be high or low. Level must be
between 1 and 7.
e.g. qos level highest 7
e.g. qos level lowest 4
show qos
Show QoS configurations, including 802.1p priority, priority level.
e.g. show qos
QoS configurations:
QoS mode: first come first service
Highest weight: 8
Second High weight: 4
Second Low weight: 2
Lowest weight: 1
802.1p priority[0-7]:
Lowest Lowest SecLow SecLow SecHigh SecHigh Highest Highest
Manual of VDSL2 Solution
http://www.black-box.eu
59
4.0.3.6.1 Per Port Priority
port priority <disable | [0-7]> [<port-list>]
Set port priority.
Parameters:
[<port-list>] specifies the ports to be set. If not entered, all ports are set.
e.g. port priority disable 1-5
4.0.3.7 MAC Address Table
clear mac-address-table
Clear all dynamic MAC address table entries.
mac-address-table static <mac-addr> <vlan-id> <port-id | port-list>
Set static unicast or multicast MAC address. If multicast MAC address
(address beginning with 01:00:5E) is supplied, the last parameter must be port-list.
Otherwise, it must be port-id.
no mac-address-table static <mac-addr> <vlan-id>
Delete static unicast or multicast MAC address table entries.
show mac-address-table
Display MAC address table entries.
Manual of VDSL2 Solution
http://www.black-box.eu
60
show mac-address table static
Display static MAC address table entries.
show mac-address-table multicast
Display multicast related MAC address table.
smac-address-table static <mac-addr> <vlan-id> <port-id | port-list>
Set static unicast or multicast MAC address in secondary MAC address table. If multicast MAC address
(address beginning with 01:00:5E) is supplied, the last parameter must be port-list.
Otherwise, it must be port-id.
show smac-address-table
Display secondary MAC address table entries.
show smac-address-table multicast
Display multicast related secondary MAC address table.
[no] filter <mac-addr> <vlan-id>
Set MAC address filter. The packets will be filtered if both of the destination
MAC address and the VLAN tag matches the filter entry. If the packet does not have
a VLAN tag, then it matches an entry with VLAN ID 1.
show filter
Manual of VDSL2 Solution
http://www.black-box.eu
61
Display filter MAC address table.
4.0.3.8 MAC Limit
MAC limit allows users to set a maximum number of MAC addresses to be stored in the MAC address table. The MAC addresses
chosen to be stored in MAC address table is the result of first-come-first-save policy. Once a MAC address is stored in the MAC
address table, it stays in until it is aged out. When an “opening” is available, the switch stored the first new MAC address it sees in
that opening. All packets from MAC addresses not in the MAC address table should be blocked.
User can configure the MAC limit setting and fill in the new value.
mac-limit
Enable MAC limit.
no mac-limit
Disable MAC limit.
Mac-limit <port-list> <1-64>
Set port MAC limit value, 0 to turn off MAC limit of port.
show mac-limit
Show MAC limit information, including MAC limit enable/disable, per-port MAC limit setting.
Manual of VDSL2 Solution
http://www.black-box.eu
62
4.0.4 Protocol Related Configuration
4.0.4.0 STP/RSTP
[no] spanning-tree
Enable or disable spanning-tree.
spanning-tree forward-delay <4-30>
Set spanning tree forward delay used, in seconds.
Parameters:
<4-30> specifies the forward delay, in seconds. Default value is 15.
Note: The parameters must enforce the following relationships:
2*(hello-time + 1) <= maximum-age <= 2*(forward-delay - 1)
spanning-tree hello-time <1-10>
Set spanning tree hello time, in seconds.
Parameters:
<1-10> specifies the hello time, in seconds. Default value is 2.
Note: The parameters must enforce the following relationships:
2*(hello-time + 1) <= maximum-age <= 2*(forward-delay - 1)
spanning-tree maximum-age <6-40>
Set spanning tree maximum age, in seconds.
Parameters:
<6-40> specifies the maximum age, in seconds. Default value is 20.
Manual of VDSL2 Solution
http://www.black-box.eu
63
Note: The parameters must enforce the following relationships:
2*(hello-time + 1) <= maximum-age <= 2*(forward-delay - 1)
spanning-tree priority <0-61440>
Set spanning tree bridge priority.
Parameters:
<0-61440> specifies the bridge priority. The value must be in steps of 4096.
spanning-tree port path-cost <1-200000000> [<port-list>]
Set spanning tree port path cost.
Parameters:
<1-200000000> specifies port path cost.
[<port-list>] specifies the ports to be set. Null means all ports.
spanning-tree port priority <0-240> [<port-list>]
Set spanning tree port priority.
Parameters:
<0-240> specifies the port priority. The value must be in steps of 16.
[<port-list>] specifies the ports to be set. Null means all ports.
show spanning-tree
Show spanning-tree information.
Manual of VDSL2 Solution
http://www.black-box.eu
64
show spanning-tree port [<port-list>]
Show spanning tree per port information.
Parameters:
[<port-list>] specifies the port to be shown. Null means all ports.
The remaining commands in this section are only for system with RSTP (rapid
spanning tree, 802.1w) capability:
[no] spanning-tree debug
Enable or disable spanning tree debugging information.
spanning-tree protocol-version <stp | rstp>
Change spanning tree protocol version.
Parameters:
stp specifies the original spanning tree protocol (STP,802.1d).
rstp specifies rapid spanning tree protocol (RSTP,802.1w).
[no] spanning-tree port mcheck [<port-list>]
Force the port to transmit RST BPDUs. No format means not force the port to transmit RST BPDUs.
Parameters:
[<port-list>] specifies the ports to be set. Null means all ports.
[no] spanning-tree port edge-port [<port-list>]
Set the port to be edge connection. No format means set the port to be non-edge connection.
Manual of VDSL2 Solution
http://www.black-box.eu
65
Parameters:
[<port-list>] specifies the ports to be set. Null means all ports.
[no] spanning-tree port non-stp [<port-list>]
Disable or enable spanning tree protocol on this port.
Parameters:
[<port-list>] specifies the ports to be set. Null means all ports.
spanning-tree port point-to-point-mac <auto | true | false> [<port-list>]
Set the port to be point to point connection.
Parameters:
auto specifies point to point link auto connection.
true specifies point to point link true.
false specifies point to point link false.
[<port-list>] specifies the ports to be set. Null means all ports
.
Manual of VDSL2 Solution
http://www.black-box.eu
66
4.0.4.1 MSTP
[no] spanning-tree
Enable or disable multiple spanning tree.
[no] spanning-tree debug
Enable or disable multiple spanning tree debugging information.
spanning-tree forward-delay <4-30>
Set spanning tree forward delay of CIST, in seconds.
Parameters:
<4-30> specifies the forward delay, in seconds. Default value is 15.
Note: The parameters must enforce the following relationships:
2*(hello-time + 1) <= maximum-age <= 2*(forward-delay - 1)
spanning-tree hello-time <1-10>
Set spanning tree hello time of CIST, in seconds.
Parameters:
<1-10> specifies the hello time, in seconds. Default value is 2.
Note: The parameters must enforce the following relationships:
2*(hello-time + 1) <= maximum-age <= 2*(forward-delay - 1)
Manual of VDSL2 Solution
http://www.black-box.eu
67
spanning-tree maximum-age <6-40>
Set spanning tree maximum age of CIST, in seconds.
Parameters:
<6-40> specifies the maximum age, in seconds. Default value is 20.
Note: The parameters must enforce the following relationships:
2*(hello-time + 1) <= maximum-age <= 2*(forward-delay - 1)
spanning-tree priority <0-61440>
Set spanning tree bridge priority of CIST and all MSTIs.
Parameters:
<0-61440> specifies the bridge priority. The value must be in steps of 4096. Default value is 32768.
spanning-tree protocol-version { stp | mstp }
Set spanning tree protocol version of CIST.
Parameters:
stp specifies the original spanning tree protocol (STP,802.1d).
mstp specifies the multiple spanning tree protocol (MSTP,802.1s).
spanning-tree max-hops <1-40>
Set spanning tree bridge maximum hops of CIST and all MSTIs.
Parameters:
<1-40> specifies the bridge maximum hops. Default value is 20.
Manual of VDSL2 Solution
http://www.black-box.eu
68
spanning-tree name [<name-string>]
Set spanning tree bridge name of CIST.
Parameters:
[<name-string>] specifies the bridge name. Default name is null.
spanning-tree revision <1-65535>
Set spanning tree bridge revision of CIST.
Parameters:
<1-65535> specifies the bridge revision. Default value is 0.
spanning-tree port path-cost <1-200000000> [<port-list>]
Set spanning tree port path cost of CIST.
Parameters:
<1-200000000> specifies port path cost.
[<port-list>] specifies the ports to be set. Null means all ports.
spanning-tree port priority <0-240> [<port-list>]
Set spanning tree port priority of CIST.
Parameters:
<0-240> specifies the port priority. The value must be in steps of 16.
[<port-list>] specifies the ports to be set. Null means all ports.
Manual of VDSL2 Solution
http://www.black-box.eu
69
[no] spanning-tree port mcheck [<port-list>]
Force the port of CIST to transmit MST BPDUs. No format means not force the port of CIST to transmit MST BPDUs.
Parameters:
[<port-list>] specifies the ports to be set. Null means all ports.
[no] spanning-tree port edge-port [<port-list>]
Set the port of CIST to be edge connection. No format means set the port of CIST to be non-edge connection.
Parameters:
[<port-list>] specifies the ports to be set. Null means all ports.
[no] spanning-tree port non-stp [<port-list>]
Disable or enable spanning tree protocol on the CIST port.
Parameters:
[<port-list>] specifies the ports to be set. Null means all ports.
spanning-tree port point-to-point-mac <auto | true | false> [<port-list>]
Set the port of CIST to be point to point connection.
Parameters:
auto specifies point to point link auto connection.
true specifies point to point link true.
false specifies point to point link false.
[<port-list>] specifies the ports to be set. Null means all ports.
Manual of VDSL2 Solution
http://www.black-box.eu
70
spanning-tree mst <0-15> priority <0-61440>
Set spanning tree bridge priority of MSTI.
Parameters:
<0-15> specifies the MSTI instance ID.
<0-61440> specifies the MSTI bridge priority. The value must be in steps of 4096. Default value is 32768.
spanning-tree mst <0-15> vlan [<vlan-list>]
Set MSTI to map VLAN list.
Parameters:
<0-15> specifies the MSTI instance ID.
[<vlan-list>] specifies the mapped VLAN list. Null means all VLANs.
spanning-tree mst <0-15> port path-cost <1-200000000> [<port-list>]
Set spanning tree port path cost of MSTI.
Parameters:
<1-200000000> specifies port path cost.
[<port-list>] specifies the ports to be set. Null means all ports.
spanning-tree mst <0-15> port priority <0-240> [<port-list>]
Set spanning tree port priority of MSTI.
Parameters:
<0-240> specifies the port priority. The value must be in steps of 16.
[<port-list>] specifies the ports to be set. Null means all ports.
Manual of VDSL2 Solution
http://www.black-box.eu
71
no spanning-tree mst <0-15>
Delete the specific MSTI.
Parameters:
<0-15> specifies the MSTI instance ID.
show spanning-tree
Show spanning-tree information of CIST.
show spanning-tree port [<port-list>]
Show spanning tree port information of CIST.
Parameters:
[<port-list>] specifies the port to be shown. Null means all ports.
show spanning-tree mst configuration
Show MST instance map.
show spanning-tree mst <0-15>
Show MST instance information.
Parameters:
<0-15> specifies the MSTI instance ID.
show spanning-tree mst <0-15> port <1-26>
Show specific port information of MST instance.
Manual of VDSL2 Solution
http://www.black-box.eu
72
Parameters:
<0-15> specifies the MSTI instance ID.
<1-26> specifies port number.
show vlan spanning-tree
Show per VLAN per port spanning tree status.
Manual of VDSL2 Solution
http://www.black-box.eu
73
4.0.4.2 SNMP
Any Network Management running the simple Network Management Protocol (SNMP) can be management the VDSL2 8PORTS
SWITCH .
4.0.4.2.0 System Options
Snmp /no snmp
Enable or disable SNMP.
Show snmp status
Show enable or disable status of SNMP.
snmp system-name <name-str>
Set agent system name string.
Parameters:
<name-str> specifies the system name string.
e.g. snmp system-name SWITCH
snmp system-location <location-str>
Set agent location string.
Parameters:
<location-str> specifies the location string.
e.g. snmp system-location office
snmp system-contact <contact-str>
Set agent system contact string.
Parameters:
Manual of VDSL2 Solution
http://www.black-box.eu
74
<contact-str> specifies the contact string.
e.g. snmp system-contact abc@sina.com
show snmp system
Show SNMP system information.
4.0.4.2.1 Community Strings
snmp community <read-sysinfo-only | read-all-only | read-write-all> <community-str>
Set SNMP community string.
Parameters:
<community-str> specifies the community string.
e.g. snmp community read-all-only public
no snmp community <community-str>
Delete SNMP community string.
Parameters:
<community-str> specifies the community string.
e.g. no snmp community public
show snmp community
Show SNMP community strings.
4.0.4.2.2 Trap Managers
snmp trap <ip-addr> [<community-str>] [<1..65535>]
Manual of VDSL2 Solution
http://www.black-box.eu
75
Set SNMP trap receiver IP address, community string, and port number.
Parameters:
<ip-addr> specifies the IP address.
<community-str> specifies the community string.
<1..65535> specifies the trap receiver port number.
e.g. snmp trap 192.168.200.1 public
no snmp trap <ip-addr> [<1..65535>]
Remove trap receiver IP address and port number.
Parameters:
<ip-addr> specifies the IP address.
<1..65535> specifies the trap receiver port number.
e.g. no snmp trap 192.168.200.1
show snmp trap
Show all trap receivers.
4.0.4.2.3 SNMP V3 VACM (optional)
snmp group <group-name> <v1 | v2c | usm> <security-name>
Join a group.
Parameters:
<group-name> specifies the group name.
<v1 | v2c | usm> specifies the security model.
Manual of VDSL2 Solution
http://www.black-box.eu
76
<security-name> specifies the security name.
e.g. snmp group test usm testuser
no snmp group <v1 | v2c | usm> <security-name>
Leave a group.
Parameters:
<v1 | v2c | usm> specifies the security model.
<security-name> specifies the security name.
e.g. no snmp group usm testuser
show snmp group
Show group list.
snmp view <view-name> <included | excluded> <view-subtree> <view-mask>
Add a view.
Parameters:
<view-name> specifies the view name.
<included | excluded> specifies the view type.
<view-subtree> specifies the view subtree (e.g. .1.3.6.1.2.1).
<view-mask> specifies the view mask, in hexadecimal digits.
e.g. snmp view testview included 1.3.6.1.2.1 0xff
no snmp view <view-name>
Delete a view.
Manual of VDSL2 Solution
http://www.black-box.eu
77
Parameters:
<view-name> specifies the view name.
e.g. no snmp view system
show snmp view
Show view list.
snmp access <group-name> <v1 | v2c | usm> <noauth | auth | authpriv> <read-name> <write-name> <notify-name>
Add an access control.
Parameters:
<group-name> specifies the group name.
<v1 | v2c | usm> specifies the security model.
<noauth | auth | authpriv> specifies the security level.
<read-name> specifies the access read view name.
<write-name> specifies the access write view name.
<notify-name> specifies the access notify view name.
e.g. snmp access test usm testauth all all all
no snmp access <group-name> <v1 | v2c | usm> <noauth | auth | authpriv>
Delete an access control.
Parameters:
<group-name> specifies the group name.
<v1 | v2c | usm> specifies the security model.
Manual of VDSL2 Solution
http://www.black-box.eu
78
<noauth | auth | authpriv> specifies the security level.
e.g. no snmp access test usm auth
show snmp access
Show access list.
4.0.4.2.4 SNMP V3 USM (optional)
snmp engine-id <enterprise-id> <engine-id>
Setup SNMPv3 engine ID.
Parameters:
<engine-id> specifies the engine ID, in the format of text string.
e.g. snmp engine-id 123456789123456789123456
show snmp engine-id
Show SNMPv3 engine ID.
snmp usm-user <user-name> [<md5 | none>]
Add SNMPv3 USM user.
Parameters:
<user-name> specifies the user name.
<md5 | none> specifies the authentication type.
e.g. Create a user name is testuser and password is 12345678, use auth md5 then enter CLI command:
snmp usm-user testuser md5 <cr>
New password for authentication (8<=length<=32):
Manual of VDSL2 Solution
http://www.black-box.eu
79
12345678<cr>
Retype new password:
12345678<cr>
no snmp usm-user <user-name>
Delete SNMPv3 USM user.
Parameters:
<user-name> specifies the user name.
e.g. no snmp usm-user testuser
show snmp usm-user
Show all SNMPv3 USM users.
Manual of VDSL2 Solution
http://www.black-box.eu
80
4.0.4.3 IGMP
The Internet Group Management Protocol (IGMP) is an internal protocol of the Internet Protocol (IP) suite.
[no] igmp Enable/disable IGMP snooping.
[no] igmp fastleave Enable/disable IGMP snooping fast leave. If enable, switch will fast delete member who send leave report,
else wait one second.
[no] igmp querier Enable/disable IGMP snooping querier.
[no] igmp CrossVLAN Enable/disable IGMP snooping CrossVLAN
[no] igmp debug Enable/disable IGMP snooping debugging output.
show igmp <status | router | groups | table>
Show IGMP snooping information.
Parameters:
status specifies IGMP snooping status and statistics information.
router specifies IGMP snooping router’s IP address.
groups specifies IGMP snooping multicast group list.
table specifies IGMP snooping IP multicast table entries.
igmp clear_statistics
Manual of VDSL2 Solution
http://www.black-box.eu
81
Clear IGMP snooping statistics counters.
4.0.4.4 802.1x
This VDSL2 8PORTS SWITCH supports IEEE 802.1x standard which provides port-based access control by validating end user’s
authorization
through authentication (RADIUS) server. EAP- MD5/TLS/PEAP authentication types are supported for this VDSL2 8PORTS
SWITCH .
[no] dot1x
Enable or disable 802.1x.
radius-server host <ip-addr> <1024..65535> <1024..65535>
Set radius server IP, port number, and accounting port number.
Parameters:
<ip-addr> specifies server’s IP address.
1st <1024..65535> specifies the server port number.
2nd <1024..65535> specifies the accounting port number.
radius-server key <key-str>
Set 802.1x shared key.
Parameters:
<key-str> specifies shared key string.
Manual of VDSL2 Solution
http://www.black-box.eu
82
radius-server nas <id-str>
Set 802.1x NAS identifier.
Parameters:
<id-str> specifies NAS identifier string.
show radius-server
Show radius server information, including radius server IP, port number, accounting port number, shared key, NAS identifier,
dot1x timeout quiet-period <0..65535>
Set 802.1x quiet period. (default: 60 seconds).
Parameters:
<0..65535> specifies the quiet period, in seconds.
dot1x timeout tx-period <0..65535>
Set 802.1x Tx period. (default: 15 seconds).
Parameters:
<0..65535> specifies the Tx period, in seconds.
dot1x timeout supplicant <1..300>
Set 802.1x supplicant timeout (default: 30 seconds)
Parameters:
<1..300> specifies the supplicant timeout, in seconds.
Manual of VDSL2 Solution
http://www.black-box.eu
83
dot1x timeout radius-server <1..300>
Set radius server timeout (default: 30 seconds).
Parameters:
<1..300> specifies the radius server timeout, in seconds.
dot1x max-req <1..10>
Set 802.1x maximum request retries (default: 2 times).
Parameters:
<1..10> specifies the maximum request retries.
dot1x timeout re-authperiod <30..65535>
Set 802.1x re-auth period (default: 3600 seconds).
Parameters:
<30..65535> specifies the re-auth period, in seconds.
show dot1x
Show 802.1x information, quiet period, Tx period, supplicant timeout, server timeout, maximum requests, and re-auth period.
dot1x port <fu | fa | au | no> <port-list>
Set 802.1x per port information.
Parameters:
fu specifies forced unauthorized.
fa specifies forced authorized.
Manual of VDSL2 Solution
http://www.black-box.eu
84
au specifies authorization.
no specifies disable authorization.
<port-list> specifies the ports to be set.
show dot1x port
Show 802.1x per port information.
4.0.4.5 DHCP Relay & Option 82
DHCP is widely used in LAN environments to dynamically assign host IP addresses from a centralized server, which significantly
reduces the overhead of administration of IP addresses. DHCP also helps conserve the limited IP address space because IP
addresses no longer need to be permanently assigned to hosts.
When the DHCP Option 82 feature is enabled on the switch, a subscriber device is identified by the switch port through which it
connects to the network (in addition to its MAC address). Multiple hosts on the subscriber LAN can be connected to the same port
on the access switch and are uniquely identified. Option82 Information is inserted by the switch enabled option-82 feature when
forwarding client-originated DHCP packets to a DHCP server (RFC 3046). Servers may use this information to implement IP
address or other parameter assignment policies. This will significantly enhance the security of DHCP and effectively prevent the
attack of DHCP flood.
The following figure is an example of DHCP Option 82:
Manual of VDSL2 Solution
http://www.black-box.eu
85
If the DHCP relay feature is enabled on the switch, it forwards requests and replies between clients and servers when they are not
on the same physical subnet. Relay agent forwarding is different from the normal Layer 2 forwarding, in which IP datagrams are
switched transparently between networks. Relay agents receive DHCP messages and generate new DHCP messages to send on
output interfaces. So DHCP server can provide IP addresses to clients spanning multiple subnets instead of deploying a DHCP
server on every subnet.
The following figure is an example of DHCP relay:
Manual of VDSL2 Solution
http://www.black-box.eu
86
The following commands are provided for DHCP option82 / relay configuration:
[no] dhcp-option82
Enable/disable DHCP option82 function.
[no] dhcp-relay
Enable/disable DHCP relay function.
dhcp-option82 <enable | disable> <LIST>
Enable/disable port-based option82 function.
dhcp-relay <enable | disable> <LIST> <IP address>
Enable/disable port-based DHCP relay function.
Manual of VDSL2 Solution
http://www.black-box.eu
87
dhcp router <LIST>
Set DHCP router port
show dhcp configuration
Show DHCP configuration information
For example, refer to the figure of DHCP option 82 in the previous page, use the following commands to achieve:
dhcp-option82
dhcp router 18
dhcp-option82 enable 12
Refer to the example figure of DHCP relay application, use the following commands to achieve:
dhcp-relay
dhcp router 18
dhcp-relay enable 10.0.0.1 12
Manual of VDSL2 Solution
http://www.black-box.eu
88
4.0.4.6 LLDP
Link Layer Discovery Protocol (LLDP) operates on data link layer. It stores and maintains the information about the local device
and the devices directly connected to it for network administrators to manage networks through NMS (network management
systems). In LLDP, device information is encapsulated in LLDP PDUs in the form of TLV (meaning type, length, and value)
triplets and is exchanged between directly connected devices. Information in LLDP PDUs received is restored in its MIB.
Note:
Currently the LLDP neighbor(s) can be seen through the console only. SNMP browser will be supported in the future.
LLDP Operation Mode
LLDP can operate in one of the following modes.
LLDP Mode Description
TxRx mode A port in this mode sends and receives LLDP PDUs
Tx mode A port in this mode only sends LLDP PDUs
Rx mode A port in this mode only receives LLDP PDUs
Disable mode A port in this mode does not send or receive LLDP PDUs
LLDP is initialized when an LLDP-enabled port changes to operate in another LLDP operating mode. To prevent LLDP from
being initialized too frequently, LLDP undergoes a period before being initialized on an LLDP-enabled port when the port
changes to operate in another LLDP operating mode. The period is known as initialization delay, which is determined by the
re-initialization delay timer.
Sending LLDP PDUs
A LLDP-enabled device operating in the TxRx mode or Tx mode sends LLDP PDUs to its directly connected devices periodically.
Manual of VDSL2 Solution
http://www.black-box.eu
89
It also sends LLDP PDUs when the local configuration changes to inform the neighboring devices of the change timely. In any of
the two cases, an interval exists between two successive operations of sending LLDP PDUs. This prevents the network from being
overwhelmed by LLDP PDUs even if the LLDP operating mode changes frequently.
To enable the neighboring devices to be informed of the existence of a device or an LLDP operating mode change (from the
disable mode to TxRx mode, or from the Rx mode to Tx mode) timely, a device can invoke the fast sending mechanism. In this
case, the interval to send LLDP PDUs changes to one second. After the device sends specific number of LLDP PDUs, the interval
restores to the normal. (A neighbor is discovered when a device receives an LLDPDU and no information about the sender is
locally available.)
Receiving LLDP PDUs
An LLDP-enabled device operating in the TxRx mode or Rx mode validates the TLVs carried in the LLDP PDUs which receive
and store the valid neighboring information. An LLDP PDU also carries a TTL (time to live) setting with it. The information about
a neighboring device maintained locally ages out when the corresponding TTL expires.
The TTL of the information about a neighboring device is determined by the following expression:
TTL = LLDP hold time × LLDP PDU sending interval (hello-time)
You can set the TTL by configuring the LLDP hold-time and hello-time. Note that the TTL can be up to 65535 seconds. TTL
longer than it will be rounded off to 65535 seconds.
The following figure is an example of LLDP connection:
Manual of VDSL2 Solution
http://www.black-box.eu
90
LLDP Commands
[no] lldp
Enable/Disable LLDP global option
lldp hello-time <5-32768>
Set LLDP hello time which is the time interval between the transmission LLDP info packets. The range is from 5 to 32768
seconds. Default is 30 seconds.
lldp hod-time <2-10>
Set LLDP hold time. The range is from 2 to 10. Default is 4.
lldp port <rx|tx|both> [<PORT-LIST>]
Set LLDP port-based receive and transmit packet mode.
Parameters:
<rx|tx|both> rx: the port only receive LLDP packets; tx: the port only transmit LLDP packets;
Manual of VDSL2 Solution
http://www.black-box.eu
91
both: the port can receive and transmit LLDP packets.
[<PORT-LIST>] specifies the ports to be set. If not specified, all ports are set.
no lldp port [<PORT-LIST>]
Disable LLDP port-based receive and transmit packet mode.
Parameters:
[<PORT-LIST>] specifies the ports to be set. If not specified, all ports are set.
show lldp
Show the LLDP global option, all the ports configuration and the neighbor’s information.
show lldp port [<PORT-LIST>]
show LLDP port configuration and the neighbor’s information..
Parameters:
[<PORT-LIST>] specifies the ports to be set. If not specified, all ports are set.
An LLDP example refer to the figure in previous page, the following commands will be used:
lldp (for switch A & B)
lldp port both 8 (for switch A)
lldp port both 12 (for switch B)
show lldp port 8 (for switch A to see the switch B’s LLDP info learned by Switch A)
Port8 Information
Manual of VDSL2 Solution
http://www.black-box.eu
92
State : RX and TX
Pkt Tx : 3868
Pkt Rx : 46409
Neighbor Count : 1
Neighbor 1 information
TTL Time : 5879
Class ID : 56:78:17:45:25:00
Port ID : port(12)
System Name :
System Description : Switch v2.16
Port Description : Port 12
Port SetSpeed : Auto
Port ActualSpeed : FULL-100
Port Link Aggregation : not support
Manual of VDSL2 Solution
http://www.black-box.eu
93
4.0.5 Syslog
syslog-server <server-ip> <logging-level>
Setting the syslog server and loging level.
Parameters:
<server-ip> specifies the syslog server IP
<logging-level> specifies the logging level (0: none; 1: major; 2: all)
show syslog-server
Display the syslog server IP and logging level
4.0.6 SSH
ssh <v1 | v2 | all>
Enable ssh function.
Parameters:
<v1 | v2 | all> specifies which ssh version to suuport.
no ssh
Disable ssh function.
4.0.7 Reboot switch
4.0.7.0 Reset to Default
erase startup-config
Reset configurations to default factory settings at next boot time.
Manual of VDSL2 Solution
http://www.black-box.eu
94
4.0.7.1 Restart
boot
Reboot (warm-start) the switch.
4.0.8 TFTP Function
4.0.8.0 TFTP Firmware Update
copy tftp firmware <ip-addr> <remote-file>
Download firmware from TFTP server.
Parameters:
<ip-addr> specifies the IP address of the TFTP server.
<remote-file> specifies the file to be downloaded from the TFTP server.
4.0.8.1 Restore Configure File
copy tftp <running-config | flash> <ip-addr> <remote-file>
Retrieve configuration from the TFTP server. If the remote file is the text file of CLI commands, use the keyword running-config.
If the remote file is the configuration flash image of the switch instead, use the keyword flash.
Parameters:
<ip-addr> specifies the IP address of the TFTP server.
<remote-file> specifies the file to be downloaded from the TFTP server.
4.0.8.2 Backup Configure File
Send configuration to the TFTP server. If you want to save the configuration in a text file of CLI commands, use the keyword
Manual of VDSL2 Solution
http://www.black-box.eu
95
running-config
If you want to save the configuration flash image instead, use the keyword flash.
Parameters:
<ip-addr> specifies the IP address of the TFTP server.
<remote-file> specifies the file to be backed up to the TFTP server.
Manual of VDSL2 Solution
http://www.black-box.eu
96
4.0.9 Access Control List
Packets can be forwarded or dropped by ACL rules include IPv4 or non-IPv4 packets. This switch can be used to block packets by
maintaining a table of packet fragments indexed by source and destination IP address, protocol, and so on.
Note:
This function is available only in the 802.1q VLAN enabled environment.
4.0.8.0 IPv4 ACL commands
no acl <group id>
Delete ACL group.
Parameters:
<group id> specifies the group id (1~220).
e.g. no acl 1
no acl count <group id>
Reset the ACL group count
Parameters:
<group id> specifies the group id (1~220).
Enable/Disable acl <group id>
Reset the ACL group count
Parameters:
<group id> specifies the group id (1~220)
Manual of VDSL2 Solution
http://www.black-box.eu
97
show acl [<group id>]
Show all or ACL group information by group id
Parameters:
<group id> specifies the group id, null means all valid groups.
e.g. show acl 1
Group Id : 1
Action : Permit
Rules:
Vlan ID : Any
IP Fragement : Uncheck
Src IP Address : Any
Dst IP Address : Any
L4 Protocol : Any
Port ID : Any
Hit Octet Count : 165074
Hit Packet count : 472
acl (add|edit) <group id> (permit|deny) <0-4094> ipv4 <0-255> A.B.C.D A.B.C.D A.B.C.D A.B.C.D (check|unCheck) <065535> <0-26>
Add or edit ACL group for IPv4 packets.
Parameters:
(add|edit) specifies the operation.
Manual of VDSL2 Solution
http://www.black-box.eu
98
<group id> specifies the group id (1~220).
(permit|deny) specifies the action. permit: permit packet cross switch; deny: drop packet.
<0-4094> specifies the VLAN id. 0 means don't care.
<0-255> specifies the IP protocol. 0 means don't care.
1st A.B.C.D specifies the Source IP address. 0.0.0.0 means don't care.
2nd A.B.C.D specifies the Mask. 0.0.0.0 means don't care, 255.255.255.255 means compare all.
3rd A.B.C.D specifies the Destination IP Address. 0.0.0.0 means don't care.
4th A.B.C.D specifies the Mask. 0.0.0.0 means don't care, 255.255.255.255 means compare all.
(check|unCheck) specifies the IP Fragment. check: Check IP fragment field; unCheck: Not check IP fragment field.
<0-65535> specifies the Destination port number if TCP or UDP. 0 means don't care.
<0-26> specifies the Port id. 0 means don't care.
e.g. acl add 1 deny 1 ipv4 0 192.168.1.1 255.255.255.255 0.0.0.0 0.0.0.0 unCheck 0 0
This ACL rule will drop all packet from IP is 192.168.1.1 with VLAN id=1 and IPv4.
acl (add|edit) <group id> (qosvoip) <0-4094> <0-7> <0-1F> <0-1F> <0-FF> <0-FF> <0-FFFF> <0-FFFF> <0-FFFF> <0FFFF>
Add or edit ACL group for Ipv4.
Parameters:
(add|edit) specifies the operation.
<group id>specifies the group id (1~220).
(qosvoip) specifies the action, do qos voip packet adjustment.
<0-4094> specifies the VLAN id. 0 means don't care.
<0-1F> specifies the port ID value.
Manual of VDSL2 Solution
http://www.black-box.eu
99
<0-1F> specifies the port ID mask.
<0-FF> specifies the protocol value.
<0-FF> specifies the protocol mask.
<0-FFFF> specifies the source port value.
<0-FFFF> specifies the source port mask.
<0-FFFF> specifies the destination port value.
<0-FFFF> specifies the destination mask.
e.g. acl add 1 qosvoip 1 7 1 1 0 0 0 0 0 0
4.0.8.1 Non-IPv4 ACL commands
no acl <group id> and show acl [<group id>] commands are the same as in Ipv4 ACL commands.
acl (add|edit) <1-220> (permit|deny) <0-4094> nonipv4 <0-65535>
Add or edit ACL group for non-Ipv4.
Parameters:
(add|edit) specifies the operation.
<group id> specifies the group id (1~220).
(permit|deny) specifies the action. permit: permit packet cross switch; deny: drop packet.
<0-4094> specifies the VLAN id. 0 means don't care.
<0-65535> specifies the Ether Type. 0 means don't care.
e.g. acl add 1 deny 0 nonipv4 2054
This ACL rule will drop all packets for ether type is 0x0806 and non-IPv4
Loading...