CTS FOS-3124 SERIES User Manual

Download

FOS-3124 SERIES

20 PORTS 100/1000BASE-X SFP WITH 4 COMBO

PORTS (10/100/1000BASE-T, 100/1000BASE-X SFP)

UPLINK MANAGED SWITCH

Network Management

User’s Manual

Version 1.0

Trademarks

CTS is a registered trademark of Connection Technology Systems Inc.. Contents subject to revision without prior notice. All other trademarks remain the property of their owners.

This publication may not be reproduced as a whole or in part, in any way whatsoever unless prior consent has been obtained from Connection Technology Systems Inc..

FCC Warning

This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to Part 15 of the FCC Rules. These limitations are designed to provide reasonable protection against harmful interference in a residential installation. This equipment generates, uses and can radiate radio frequency energy and, if not installed and used in accordance with the instructions, may cause harmful interference to radio communications. However, there is no guarantee that interference will not occur in a particular installation. If this equipment does cause harmful interference to radio or television reception, which can be determined by turning the equipment off and on, the user is encouraged to try to correct the interference by one or more of the following measures:

 Reorient or relocate the receiving antenna.  Increase the separation between the equipment and receiver.  Connect the equipment into an outlet on a circuit different from that to which the receiver is connected.  Consult your local distributors or an experienced radio/TV technician for help.  Shielded interface cables must be used in order to comply with emission limits.

Changes or modifications to the equipment, which are not approved by the party responsible for compliance, could affect the user’s authority to operate the equipment.

Company has an on-going policy of upgrading its products and it may be possible that information in this document is not up-to-date. Please check with your local distributors for the latest information. No part of this document can be copied or reproduced in any form without written consent from the company.

Trademarks:

All trade names and trademarks are the properties of their respective companies.

Table of Content

1. INTRODUCTION ............................................................................................................... 8

1.1 Interface ....................................................................................................................... 8

1.2 Management Options ................................................................................................... 9

1.3 Management Software ............................................................................................... 10

1.4 Management Preparations ......................................................................................... 11

2. Command Line Interface (CLI) ...................................................................................... 14

2.1 Using the Local Console ............................................................................................ 14

2.2 Remote Console Management - Telnet ...................................................................... 15

2.3 Navigating CLI ............................................................................................................ 15

2.3.1 General Commands ............................................................................................. 16

2.3.2 Quick Keys........................................................................................................... 16

2.3.3 Command Format ................................................................................................ 17

2.3.4 Login Username & Password .............................................................................. 18

2.4 User Mode .................................................................................................................. 19

2.4.1 Ping Command .................................................................................................... 19

2.5 Privileged Mode.......................................................................................................... 20

2.5.1 Copy-cfg Command ............................................................................................. 20

2.5.2 Firmware Command ............................................................................................ 21

2.5.3 Ping Command .................................................................................................... 22

2.5.4 Reload Command ................................................................................................ 22

2.5.5 Write Command ................................................................................................... 22

2.5.6 Configure Command ............................................................................................ 22

2.6 Configuration Mode .................................................................................................... 23

2.6.1 Entering Interface Numbers ................................................................ ................. 23

2.6.2 No Command ....................................................................................................... 24

2.6.3 Show Command ................................................................................................ .. 24

2.6.4 Interface Command ............................................................................................. 26

2.6.5 ACL Command .................................................................................................... 27

2.6.6 Archive Command ............................................................................................... 43

2.6.7 Channel-Group Command ................................................................................... 44

2.6.8 Loop Detection Command ................................................................................... 46

2.6.9 Dot1x Command .................................................................................................. 47

2.6.10 IP Command ...................................................................................................... 50

2.6.11 LLDP Command................................................................................................. 57

2.6.12 MAC Command ................................................................................................. 59

2.6.13 Management Command .................................................................................... 60

2.6.14 Mirror Command ................................................................................................ 61

2.6.15 MVR Command ................................................................................................. 62

2.6.16 NTP Command .................................................................................................. 63

2.6.17 QoS Command .................................................................................................. 64

2.6.18 Security Command ............................................................................................ 67

2.6.19 Spanning Tree Command .................................................................................. 71

2.6.20 Switch Command ............................................................................................... 76

2.6.21 SNMP-Server Command ................................................................................... 77

2.6.22 Switch-info Command ........................................................................................ 81

2.6.23 User Command .................................................................................................. 82

2.6.24 Syslog Command .............................................................................................. 85

2.6.25 VLAN Command ................................................................................................ 86

2.6.26 Show interface statistics Command ................................................................... 88

2.6.27 Show sfp Command .......................................................................................... 89

2.6.28 Show default-setting, running-config and start-up-config Command ................. 89

3. SNMP NETWORK MANAGEMENT ................................................................................ 90

4. WEB MANAGEMENT ..................................................................................................... 91

4.1 System Information .................................................................................................... 93

4.2 User Authentication .................................................................................................... 94

4.2.1 RADIUS Configuration ......................................................................................... 96

4.3 Network Management ................................................................................................ 97

4.3.1 Network Configuration ......................................................................................... 98

4.3.2 System Service Configuration.............................................................................. 99

4.3.3 RS232/Telnet/Console Configuration ................................................................... 99

4.3.4 Time Server Configuration ................................................................................. 100

4.3.5 Device Community ............................................................................................. 101

4.3.6 Trap Destination ................................................................................................. 102

4.3.7 Trap Configuration ............................................................................................. 103

4.3.8 Mal-attempt Log Configuration........................................................................... 104

4.4 Switch Management ................................................................................................. 105

4.4.1 Switch Configuration .......................................................................................... 106

4.4.2 Port Configuration .............................................................................................. 108

4.4.3 Link Aggregation ................................................................................................ 108

4.4.3.1 Trunk Mode Configuration ........................................................................... 109

4.4.3.2 Port Trunk Configuration ............................................................................. 110

4.4.3.3 LACP Port Configuration ............................................................................. 111

4.4.4 Rapid Spanning Tree ......................................................................................... 113

4.4.4.1 RSTP Switch Settings ................................................................................. 114

4.4.4.2 RSTP Aggregated Port Settings .................................................................. 115

4.4.4.3 RSTP Physical Port Settings ....................................................................... 116

4.4.5 802.1X Configuration ......................................................................................... 118

4.4.5.1 Configure System ........................................................................................ 119

4.4.5.2 Configure Port Admin State ......................................................................... 120

4.4.5.3 Configure Port Reauthenticate .................................................................... 120

4.4.6 MAC Address Management ............................................................................... 121

4.4.6.1 MAC Table Learning ................................................................................... 121

4.4.6.2 Static MAC Table Configuration .................................................................. 122

4.4.7 VLAN Configuration ........................................................................................... 123

4.4.7.1 Port-Based VLAN ........................................................................................ 123

4.4.7.2 802.1Q VLAN Concept ................................................................................ 124

4.4.7.3 Introduction to Q-in-Q .................................................................................. 126

4.4.7.4 802.1Q VLAN .............................................................................................. 128

4.4.7.4.1 Configure VLAN .................................................................................... 128

4.4.7.4.2 VLAN Interface ..................................................................................... 129

4.4.7.4.3 Management VLAN .............................................................................. 130

4.4.8 QoS Configuration ............................................................................................. 130

4.4.8.1 QoS Port Configuration ............................................................................... 131

4.4.8.2 QoS Control List .......................................................................................... 134

4.4.8.3 QoS Rate Limiter ......................................................................................... 135

4.4.9 DSCP Remark ................................................................................................... 136

4.4.10 Port Mirroring ................................................................................................... 138

4.4.11 IGMP Snooping ................................................................................................ 139

4.4.11.1 IGMP Configuration ................................................................................... 140

4.4.11.2 IGMP VLANID Configuration ..................................................................... 141

4.4.11.3 IPMC Segment .......................................................................................... 141

4.4.11.4 IPMC Profile .............................................................................................. 143

4.4.11.5 IGMP Filtering ........................................................................................... 144

4.4.12 Static Multicast Configuration ........................................................................... 145

4.4.13 MVR ................................................................................................................. 146

4.4.13.1 MVR Settings ............................................................................................ 148

4.4.13.2 MVR Group ................................................................ ............................... 149

4.4.14 Security Configuration ..................................................................................... 150

4.4.14.1 DHCP Option 82 Settings .......................................................................... 151

4.4.14.2 DHCP Port Settings .................................................................................. 153

4.4.14.3 Filter Configuration .................................................................................... 154

4.4.14.4 Static IP Table Configuration ..................................................................... 155

4.4.14.5 Configure DHCP Snooping ....................................................................... 156

4.4.14.6 Storm Control ............................................................................................ 157

4.4.14.7 Anti-Broadcast Configuration .................................................................... 158

4.4.15 Access Control List Management (ACLM) ...................................................... 159

4.4.16 LLDP Configuration ........................................................................................ 169

4.4.17 Loop Detection Configuration ......................................................................... 170

4.5 Switch Monitor .......................................................................................................... 171

4.5.1 Switch Port State ............................................................................................... 172

4.5.2 Port Traffic Statistics .......................................................................................... 173

4.5.3 Port Packet Error ................................................................ ............................... 174

4.5.4 Port Packet Analysis Statistics ........................................................................... 175

4.5.5 LACP Monitor .................................................................................................... 176

4.5.5.1 LACP Port Status ........................................................................................ 176

4.5.5.2 LACP Statistics ........................................................................................... 177

4.5.6 RSTP Monitor .................................................................................................... 178

4.5.6.1 RSTP VLAN Bridge Overview ..................................................................... 178

4.5.6.2 RSTP Port Status ........................................................................................ 179

4.5.6.3 RSTP Statistics ........................................................................................... 180

4.5.7 802.1X Monitor .................................................................................................. 181

4.5.7.1 802.1X Port Status ...................................................................................... 181

4.5.7.2 802.1X Statistics ......................................................................................... 182

4.5.8 IGMP Monitor ..................................................................................................... 183

4.5.8.1 IGMP Snooping Status ................................................................................ 183

4.5.8.2 IGMP Group Table ...................................................................................... 184

4.5.9 MAC Address Table ........................................................................................... 184

4.5.10 SFP Information ............................................................................................... 185

4.5.10.1 SFP Port Info ............................................................................................. 185

4.5.10.2 SFP Port State .......................................................................................... 186

4.5.11 DCHP Snooping ............................................................................................... 187

4.5.12 LLDP Status ..................................................................................................... 188

4.5.13 Loop Detection Status ...................................................................................... 189

4.6 System Utility............................................................................................................ 190

4.6.1 Event Log .......................................................................................................... 191

4.6.2 Upgrade ............................................................................................................. 191

4.6.3 Load Factory Settings ........................................................................................ 192

4.6.4 Load Factory Settings Except Network Configuration ........................................ 193

4.6.5 Backup Configuration ........................................................................................ 193

4.7 Save Configuration ................................................................................................... 194

4.8 Reset System ........................................................................................................... 194

APPENDIX A: Free RADIUS readme ............................................................................... 195

APPENDIX B: Set Up DHCP Auto-Provisioning ............................................................ 196

APPENDIX C: VLAN Application Note ............................................................................ 205

1. INTRODUCTION

Thank you for using the 20 Ports 100/1000 Base-X SFP with 4 Combo Ports Uplink Managed Switch that is specifically designed for SMB (small and medium businesses), SME and for FTTx applications. The Managed Switch provides a built-in management module that enables users to configure and monitor the operational status both locally and remotely. This User‟s Manual will explain how to use Command Line Interface and Web Management to configure your Managed Switch. The readers of this manual should have knowledge about their network topologies and about basic networking concepts so as to make the best of this user‟s manual and maximize the Managed Switch‟s performance for your personalized networking environment.

1.1 Interface

There are 5 models in this series. Descriptions and interface figures are provided below: Model 1 – 20 Ports 100/1000BASE-X SFP With 4 Combo Ports (10/100/1000BASE-T,

100/1000BASE-X SFP) Uplink Management Switch Fixed 1 AC Model 2 – 20 Ports 100/1000BASE-X SFP With 4 Combo Ports (10/100/1000BASE-T,

100/1000BASE-X SFP) Uplink Management Switch Fixed 2 Reduandant AC Model 3 – 20 Ports 100/1000BASE-X SFP With 4 Combo Ports (10/100/1000BASE-T,

100/1000BASE-X SFP) Uplink Management Switch Fixed 1 DC Model 4 – 20 Ports 100/1000BASE-X SFP With 4 Combo Ports (10/100/1000BASE-T,

100/1000BASE-X SFP) Uplink Management Switch Fixed 2 Redundant DC Model 5 – 20 Ports 100/1000BASE-X SFP With 4 Combo Ports (10/100/1000BASE-T,

100/1000BASE-X SFP) Uplink Management Switch Fixed 1 Redundant AC AND 1 Redundant DC

These 5 models have the same front panel:

Figure 1: Front Panel

Each model has a different rear panel:

Figure 2-1: Model 1 Rear Panel

Figure 2-2: Model 2 Rear Panel

Figure 2-3: Model 3 Rear Panel

Figure 2-4: Model 4 Rear Panel

Figure 2-5: Model 5 Rear Panel

1.2 Management Options

Switch management options available are listed below:

 Local Console Management  Telnet Management  SNMP Management  WEB Management  SSH Management

Local Console Management

Local Console Management is done through the RS-232 DB-9 Console port located on the rear panel of the Managed Switch. Direct RS-232 cable connection between the PC and the Managed switch is required for this type of management.

Telnet Management

Telnet runs over TCP/IP and allows you to establish a management session through the network. Once the Managed switch is on the network with proper IP configurations, you can use Telnet to login and monitor its status remotely.

Battery DC 12V

SSH Management

SSH Management supports encrypted data transfer to prevent the data from being “stolen” due to remote management. You can use PuTTY, a free and open source terminal emulator application which can act as a client for the SSH, to gain access to the Managed Switch.

SNMP Management

SNMP is also done over the network. Apart from standard MIB (Management Information Bases), an additional private MIB is also provided for SNMP-based network management system to compile and control.

Web Management

Web Management is done over the network and can be accessed via a standard web browser, such as Microsoft Internet Explorer. Once the Managed switch is available on the network, you can login and monitor the status of it through a web browser remotely or locally. Local Console-type Web management, especially for the first time use of the Managed Switch to set up the needed IP, can be done through one of the 10/100Base-TX 8-pin RJ-45 ports located at the front panel of the Managed Switch. Direct RJ-45 LAN cable connection

between a PC and the Managed Switch is required for Web Management.

1.3 Management Software

Following is a list of management software options provided by this Managed Switch:

 Managed Switch CLI interface  SNMP-based Management Software  Web Browser Application

Console Program

The Managed Switch has a built-in Command Line Interface called the CLI which you can use to:

 Configure the system  Monitor the status  Reset the system

You can use CLI as the only management system. However, another network management option, SNMP-based management system, is also available.

You can access the text-mode Console Program locally by connecting a VT-100 terminal or a workstation running VT100 emulation software - to the Managed Switch RS-232 DB-9 Console port directly. Or, you can use Telnet to login and access the CLI through network connection remotely.

SNMP Management System

Standard SNMP-based network management system is used to manage the Managed Switch through the network remotely. When you use a SNMP-based network management system, the Managed Switch becomes one of the managed devices (network elements) in that system. The Managed Switch management module contains an SNMP agent that will respond to the requests from the SNMP-based network management system. These requests, which you can control, can vary from getting system information to setting the device attribute values.

The Managed Switch‟s private MIB is provided for you to be installed in your SNMP-based network management system.

Web Browser Application

You can manage the Managed Switch through a web browser, such as Internet Explorer or Netscape, etc.. (The default IP address of the Managed Switch port can be reached at “http://192.168.0.1”.) For your convenience, you can use either this Web-based Management Browser Application program or other network management options, for example SNMP-based management system as your management system.

1.4 Management Preparations

After you have decided how to manage your Managed Switch, you are required to connect cables properly, determine the Managed switch IP address and, in some cases, install MIB shipped with your Managed Switch.

Connecting the Managed switch

It is very important that the proper cables with the correct pin arrangement are used when connecting the Managed switch to other switches, hubs, workstations, etc..

100/1000Base-X SFP Port The small form-factor pluggable (SFP) is a compact optical transceiver used in optical

data communication applications. It interfaces a network device mother board (for a switch, router or similar device) to a fiber optic or unshielded twisted pair networking cable. It is a popular industry format supported by several fiber optic component vendors.

SFP transceivers are available with a variety of different transmitter and receiver types, allowing users to select the appropriate transceiver for each link to provide the required optical reach over the available optical fiber type. SFP transceivers are also available with a "copper" cable interface, allowing a host device designed primarily for optical fiber communications to also communicate over unshielded twisted pair networking cable.

SFP slot for 3.3V mini GBIC module supports hot swappable SFP fiber transceiver. Before connecting the other switches, workstation or Media Converter, make sure both side of the SFP transfer are with the same media type, for example, 1000Base-SX to 1000Base-SX, 1000Bas-LX to 1000Base-LX, and check the fiber-optic cable type matches the SFP transfer model. To connect to 1000Base-SX transceiver, use the multi-mode fiber cable with male duplex LC connector type for one side. To connect to 1000Base-LX transfer, use the single-mode fiber cable with male duplex LC connector type for one side.

10/100/1000Base-T RJ-45 Auto-MDI/MDIX Port

4 x 10/100/1000Base-T RJ-45 Auto-MDI/MDIX ports are located at the front of the Managed Switch. These RJ-45 ports allow users to connect their traditional copperbased Ethernet/Fast Ethernet devices to the network. All these ports support autonegotiation and MDI/MDIX auto-crossover, i.e. either crossover or straight through CAT-5 UTP or STP cables may be used.

RJ-45 DB-9 Port

The RJ-45 DB-9 port is located on the front panel of the Managed Switch. This RJ-45 DB-9 port is used for local, out-of-band management. This DB-9 port is DTE; therefore, a null modem is required to connect the Managed Switch and the PC. With a connection through RJ-45 DB-9 port, users can configure and check the Managed Switch even when the network is down.

IP Addresses

IP addresses have the format n.n.n.n, (The default factory setting is 192.168.0.1). IP addresses are made up of two parts:  The first part (for example 192.168.n.n) refers to the network address that identifies the

network where the device resides. Network addresses are assigned by three allocation organizations. Depending on your location, each allocation organization assigns a globally unique network number to each network which is intended to connect to the Internet.

 The second part (for example n.n.0.1) identifies the device within the network.

Assigning unique device numbers is your responsibility. If you are unsure of the IP addresses allocated to you, consult with the allocation organization where your IP addresses were obtained.

Remember that an address can be assigned to only one device on a network. If you connect to the outside network, you must change all the arbitrary IP addresses to comply with those you have been allocated by the allocation organization. If you do not do this, your outside communications will not be performed.

A subnet mask is a filtering system for IP addresses. It allows you to further subdivide your network. You must use the proper subnet mask for the proper operation of a network with subnets defined.

MIB for Network Management Systems

Private MIB (Management Information Bases) is provided for managing the Managed Switch through the SNMP-based network management system. You must install the private MIB into your SNMP-based network management system first.

The MIB file is shipped together with the Managed Switch. The file name extension is “.mib” that allows SNMP-based compiler can read and compile.

2. Command Line Interface (CLI)

This chapter introduces you how to use Command Line Interface (CLI), specifically in:

 Local Console  Telnet  Configuring the system  Resetting the system

The interface and options in Local Console and Telnet are the same. The major difference is the type of connection and the port that is used to manage the Managed Switch.

2.1 Using the Local Console

Local Console is always done through the RS-232 DB-9 port and requires a direct connection between the switch and a PC. This type of management is useful especially when the network is down and the switch cannot be reached by any other means.

You also need the Local Console Management to setup the Switch network configuration for the first time. You can setup the IP address and change the default configuration to the desired settings to enable Telnet or SNMP services.

Follow these steps to begin a management session using Local Console Management:

Step 1: Attach the serial cable to the RJ-45 DB-9 port. Step 2: Attach the other end to the serial port of a PC or workstation. Step 3: Run a terminal emulation program using the following settings:

 Emulation VT-100/ANSI compatible  BPS 9600  Data bits 8  Parity None  Stop bits 1  Flow Control None  Enable Terminal keys

Step 4: Press Enter to access the CLI (Command Line Interface) mode.

2.2 Remote Console Management - Telnet

You can manage the Managed Switch via Telnet session. However, you must first assign a unique IP address to the Switch before doing so. Use the Local Console to login the Managed Switch and assign the IP address for the first time.

Follow these steps to manage the Managed Switch through Telnet session:

Step 1. Use Local Console to assign an IP address to the Managed Switch

 IP address  Subnet Mask  Default gateway IP address, if required

Step 2. Run Telnet Step 3. Log into the Switch CLI

Limitations: When using Telnet, keep the following in mind: Only two active Telnet sessions can access the Managed Switch at the same time.

2.3 Navigating CLI

When you successfully access the Managed Switch, you will be asked for a login username. Enter your authorized username and password, and then you will be directed to User mode. In CLI management, the User mode only provides users with basic functions to operate the Managed Switch. If you would like to configure advanced features of the Managed Switch, such as, VLAN, QoS, Rate limit control, you must enter the Configuration Mode. The following table provides an overview of modes available in this Managed Switch.

Command Mode

Access Method

Prompt Displayed

Exit Method

User Mode

Switch>

logout, exit

Privileged Mode

From user mode, enter the enable command

Switch#

disable, exit, logout

Configuration Mode

From the enable mode, enter the config or configure command

Switch(config)#

exit, Ctrl + Z

NOTE: By default, the model name will be used for the prompt display. You can change the prompt display to the one that is ideal for your network environment using the

hostname command. However, for convenience, the prompt display “Switch” will be used throughout this user’s manual.

2.3.1 General Commands

This section introduces you some general commands that you can use in User, Enable, and Configuration Mode, including “help”, “exit”, “history” and “logout”.

Entering the command…

To do this…

Available Modes

help

Obtain a list of available commands in the current mode.

User Mode Privileged Mode Configuration Mode

exit

Return to the previous mode or login screen.

User Mode Privileged Mode Configuration Mode

history

List all commands that have been used.

User Mode Privileged Mode Configuration Mode

logout

Logout from the CLI or terminate Console or Telnet session.

User Mode Privileged Mode

2.3.2 Quick Keys

In CLI, there are several quick keys that you can use to perform several functions. The following table summarizes the most frequently used quick keys in CLI.

Keys

Purpose

tab

Enter an unfinished command and press “Tab” key to complete the command.

Press “?” key in each mode to get available commands.

Unfinished command followed by ?

Enter an unfinished command or keyword and press “?” key to complete the command and get command syntax help.

Example: List all available commands starting with the characters that you enter.

Switch#h? help Show available commands

history Show history commands

A space followed by ?

Enter a command and then press Spacebar followed by a “?” key to view the next parameter.

Up arrow

Use Up arrow key to scroll through the previous entered commands, beginning with the most recent key-in commands.

Down arrow

Use Down arrow key to scroll through the previous entered commands, beginning with the commands that are entered first.

2.3.3 Command Format

While in CLI, you will see several symbols very often. As mentioned above, you might already know what “>”, “#” and (config)# represent. However, to perform what you intend the device to do, you have to enter a string of complete command correctly. For example, if you want to assign an IP address for the Managed Switch, you need to enter the following command with the required parameter and IP, subnet mask and default gateway:

IP command syntax: Switch(config)#ip address [A.B.C.D] [255.X.X.X] [A.B.C.D]

Switch(config)#ip address 192.168.1.198 255.255.255.255 192.168.1.254

The following table lists common symbols and syntax that you will see very frequently in this User‟s Manual for your reference:

Symbols

Brief Description

Currently, the device is in User Mode.

Currently, the device is in Privileged Mode.

(config)#

Currently, the device is in Global Configuration Mode.

Syntax

Brief Description

[ ]

Brackets represent that this is a required field.

[-s size] [-r repeat] [-t timeout]

These three parameters are used in ping command and are optional, which means that you can ignore these three parameters if they are unnecessary when executing ping command.

[A.B.C.D ]

Brackets represent that this is a required field. Enter an IP address or gateway address.

[255.X.X.X]

Brackets represent that this is a required field. Enter the subnet mask.

[port]

Enter one port number. See section 2.6.4 for edtailed explanations.

[port_list]

Enter a range of port numbers or server discontinuous port numbers. See section

2.6.4 for edtailed explanations.

[forced_false | auto]

There are three options that you can choose. Specify one of them.

[1-8191]

Specify a value between 1 and 8191.

This means that you are in Global Configuration mode

This allows you to assign IP address.

Enter the IP address, subnet mask, and default gateway address.

Hostname

[0-7] 802.1p_list [0-63] dscp_list

Specify one value, more than one value or a range of values.

Example 1: specifying one value

Switch(config)#qos 802.1p-map 1 0

Switch(config)#qos dscp-map 10 3

Example 2: specifying three values (separated by commas)

Switch(config)#qos 802.1p-map 1,3 0

Switch(config)#qos dscp-map 10,13,15 3

Example 3: specifying a range of values

(separated by a hyphen)

Switch(config)#qos 802.1p-map 1-3 0

Switch(config)#qos dscp-map 10-15 3

2.3.4 Login Username & Password

Default Login

When you enter Console session, a login prompt for username and password will appear to request a valid and authorized username and password combination. For first-time users, enter the default login username “admin” and “press Enter key” in password field (no password is required for default setting). When system prompt shows “Switch>”, it means that the user has successfully entered the User Mode.

For security reasons, it is strongly recommended that you add a new login username and password using User command in Configuration Mode. When you create your own login username and password, you can delete the default username (admin) to prevent unauthorized accesses.

Enable Mode Password

Enable mode is password-protected. When you try to enter Enable Mode, a password prompt will appear to request the user to provide the legitimate passwords. Enable Mode password is the same as the one entered after login password prompt. By default, no password is required. Therefore, press Enter key in password prompt.

Forgot Your Login Username & Password

If you forget your login username and password, you can use the “reset button” on the front panel to set all configurations back to factory defaults. Once you have performed system reset to defaults, you can login with default username and password. Please note that if you use this method to gain access to the Managed Switch, all configurations saved in Flash will be lost. It is strongly recommended that a copy of configurations is backed up in your local hard-drive or file server from time to time so that previously-configured settings can be reloaded to the Managed Switch for use when you gain access again to the device.

2.4 User Mode

In User Mode, only a limited set of commands are provided. Please note that in User Mode, you have no authority to configure advanced settings. You need to enter Enable Mode and Configuration Mode to set up advanced functions of the Switch. For a list of commands available in User Mode, enter the question mark (?) or “help” command after the system prompt display Switch>.

Command

Description

exit

Quit the User Mode or close the terminal connection.

help

Display a list of available commands in User Mode.

history

Display the command history.

logout

Logout from the Managed Switch.

ping

Test whether a specified network device or host is reachable or not.

enable

Enter the Privileged Mode.

2.4.1 Ping Command

Ping is used to test the connectivity of end devices and also can be used to self test the network interface card. Enter the ping command in User Mode. In this command, you can add an optional packet size value and an optional value for the number of times that packets are sent and received.

Command

Parameter

Description

Switch> ping [A.B.C.D] [-s size (8-4000)bytes] [-r repeat (1-99)times] [-t timeout (1-

99)secs]

[A.B.C.D]

Enter the IP address that you would like to ping.

[-s size (8-

4000)bytes]

Enter the packet size that would be sent. The allowable packet size is from 8 to 4000 bytes. (optional)

[-r repeat (1-

99)times]

Enter the number of times that ping packets are sent. The allowable repeat number is from 1 to

99. (optional)

[-t timeout (1-

99)secs]

Enter the timeout value when the specified IP address is not reachable. (optional)

Example

Switch> ping 127.0.0.1 Switch> ping 127.0.0.1 –s 128 –r 5 –t 10

2.5 Privileged Mode

The only place where you can enter the Privileged (Enable) Mode is in User Mode. When you successfully enter Enable Mode (this mode is password protected), the prompt will be changed to Switch# (the model name of your device together with a pound sign). Enter the question mark (?) or help command to view a list of commands available for use.

Command

Description

copy-cfg

Restore or backup configuration file via FTP or TFTP server.

disable

Turn off privileged commands.

exit

Exit Enable mode and return to User Mode.

firmware

Allow users to update firmware via FTP or TFTP.

help

Display a list of available commands in Enable mode.

history

Show commands that have been used.

logout

Logout from the Managed Switch.

ping

Test whether a specified network device or host is reachable or not.

reload

Restart the Managed Switch.

write

Save your configurations to Flash.

configure

Enter Global Configuration Mode.

show

Show a list of commands or show the current setting of each listed command.

2.5.1 Copy-cfg Command

Use “copy-cfg” command to backup a configuration file via FTP or TFTP server and restore the Managed Switch back to the defaults or to the defaults but keep IP configurations.

1. Restore a configuration file via FTP or TFTP server.

Command

Parameter

Description

Switch# copy-cfg from ftp [A.B.C.D] [file name] [user_name] [password] [A.B.C.D]

Enter the IP address of your FTP server.

[file name]

Enter the configuration file name that you want to restore.

[user_name]

Enter the username for FTP server login.

[password]

Enter the password for FTP server login.

Switch# copy-cfg from tftp [A.B.C.D] [file_name]

[A.B.C.D]

Enter the IP address of your TFTP server.

[file name]

Enter the configuration file name that you want to restore.

Example

Switch# copy-cfg from ftp 192.168.1.198 HS_0600_file.conf misadmin1 abcxyz

Switch# copy-cfg from tftp 192.168.1.198 HS_0600_file.conf

2. Backup a configuration file to FTP or TFTP server.

Command

Parameter

Description

Switch# copy-cfg to ftp [A.B.C.D] [file name] [user_name]

[A.B.C.D]

Enter the IP address of your FTP server.

[file name]

Enter the configuration file name that you want to backup.

[password] [user_name]

Enter the username for FTP server login.

[password]

Enter the password for FTP server login.

Switch# copy-cfg to tftp [A.B.C.D] [file_name]

[A.B.C.D]

Enter the IP address of your TFTP server.

[file name]

Enter the configuration file name that you want to backup.

Example

Switch# copy-cfg to ftp 192.168.1.198 HS_0600_file.conf misadmin1 abcxyz

Switch# copy-cfg to tftp 192.168.1.198 HS_0600_file.conf

3. Restore the Managed Switch back to default settings.

Command / Example

Switch# copy-cfg from default

4. Restore the Managed Switch back to default settings but keep IP configurations.

Command / Example

Switch# copy-cfg from default keep-ip

2.5.2 Firmware Command

To upgrade Firmware via TFTP or FTP server.

Command

Parameter

Description

Switch# firmware upgrade ftp [A.B.C.D] [file_name] [user_name] [password]

[A.B.C.D]

Enter the IP address of your FTP server.

[file name]

Enter the firmware file name that you want to upgrade.

[user_name]

Enter the username for FTP server login.

[password]

Enter the password for FTP server login.

Switch# firmware upgrade tftp [A.B.C.D] [file_name]

[A.B.C.D]

Enter the IP address of your TFTP server.

[file_name]

Enter the firmware file name that you want to upgrade.

Example

Switch# firmware upgrade ftp 192.168.1.198 HS_0600_file.bin edgeswitch10 abcxyz

Switch# firmware upgrade tftp 192.168.1.198 HS_0600_file.bin

2.5.3 Ping Command

Command

Parameter

Description

Switch# ping [A.B.C.D] [-s size] [r repeat] [-t timeout]

[A.B.C.D]

Enter the IP address that you would like to ping.

[-s size]

Enter the packet size that would be sent. The allowable packet size is from 8 to 4000 bytes. (optional)

[-r repeat]

Enter the number of times that ping packets are sent. The allowable repeat number is from 1 to

99. (optional)

[-t timeout]

Enter the timeout value when the specified IP address is not reachable. (optional)

Example

Switch> ping 127.0.0.1 –s 128 –r 5 –t 10

2.5.4 Reload Command

To restart the Managed Switch, enter the reload command.

Command / Example

Switch# reload

2.5.5 Write Command

To save running configurations to startup configurations, enter the write command. All unsaved configurations will be lost when you restart the Managed Switch.

Command / Example

Switch# write

2.5.6 Configure Command

The only place where you can enter Global Configuration Mode is in Privileged Mode. You can type in “configure” or “config” for short to enter Global Configuration Mode. The display prompt will change from “Switch#” to “Switch(config)#” once you successfully enter Global Configuration Mode.

Command / Example

Switch#config Switch(config)#

Switch#configure Switch(config)#

2.6 Configuration Mode

When you enter “configure” or “config” and press “Enter” in Privileged Mode, you will be directed to Global Configuration Mode where you can set up advanced switching functions, such as QoS, VLAN and storm control security globally. All commands entered will be applied to running-configuration and the device‟s operation. From this level, you can also enter different sub-configuration modes to set up specific configurations for VLAN, QoS, security or interfaces.

Command

Description

acl

Set up access control entries and lists.

archive

Backup a copy of configuration file to FTP or TFTP.

channel-group

Configure static link aggregation groups or enable LACP function.

loop-detection

Configure Loop Detection settings.

dot1x

Configure the Managed Switch to send information when 802.1x client authenticates via the Switch.

exit

Exit the configuration Mode.

help

Display a list of available commands in Configuration Mode.

history

Show commands that have been used.

Set up the IP address and enable DHCP Mode & IGMP snooping.

lldp

Set up LLDP (Link Layer Discovery Protocol) configurations.

mac

Set up MAC learning function of each port

management

Set up console/telnet/SSH/web access control and timeout value.

mirror

Set up target port for mirroring.

mvr

Configure Multicast VLAN Registration (MVR) settings.

ntp

Set up required configurations for Network Time Protocol.

qos

Set up the priority of packets within the Managed Switch.

security

Configure broadcast, multicast, unknown unicast storm control settings.

snmp-server

Create a new SNMP community and trap destination and specify the trap types.

spanning-tree

Set up RSTP status of each port and aggregated ports.

switch

Set up acceptable frame size and address learning, etc..

switch-info

Set up company name, host name, system contact, system location, etc..

syslog

Set up required configurations for Syslog server.

user

Create a new user account.

vlan

Set up VLAN mode and VLAN configuration.

Disable a command or set it back to its default setting.

interface

Select a single interface or a range of interfaces.

show

Show a list of commands or show the current setting of each listed command.

2.6.1 Entering Interface Numbers

In the Global Configuration Mode, you can configure a command that is only applied to interfaces specified. For example, you can set up each interface‟s VLAN assignment, speeds, or duplex modes. To configure, you must first enter the interface number. There are four ways to enter your interface numbers to signify the combination of different interfaces that apply a command or commands.

Commands

Description

Switch(config)# interface 1 Switch(config-if-1)#

Enter a single interface. Only interface 1 will apply commands entered.

Switch(config)# interface 1,3,5 Switch(config-if-1,3,5)#

Enter three discontinuous interfaces, separated by commas. Interface 1, 3, 5 will apply commands entered.

Switch(config)# interface 1-3 Switch(config-if-1-3)#

Enter three continuous interfaces. Use a hyphen to signify a range of interface numbers. In this example, interface 1, 2, and 3 will apply commands entered.

Switch(config)# interface 1,3-5 Switch(config-if-1,3-5)#

Enter a single interface number together with a range of interface numbers. Use both commas and hypens to signify the combination of different interface numbers. In this example, interface 1, 3, 4, 5 will apply commands entered.

2.6.2 No Command

Almost every command that you enter in Configuration Mode can be negated using “no” command followed by the original or similar command. The purpose of “no” command is to disable a function, remove a command, or set the setting back to the default value. In each sub-section below, the use of no command to fulfill different purposes will be introduced.

2.6.3 Show Command

The “show” command is very important for network administrators to get information about the device, receive outputs to verify a command‟s configurations or troubleshoot a network configuration error. It can be used in Privileged or Configuration Mode. The following describes different uses of “show” command.

1. Display system information

Enter “show switch-info” command in Privileged or Configuration Mode, and then the following similar screen page will appear.

Company Name: Display a company name for this Managed Switch. Use “switch-info company-name [company-name]” command to edit this field.

System Object ID: Display the predefined System OID. System Contact: Display contact information for this Managed Switch. Use “switch-info

sys-contact [sys-contact]” command to edit this field. System Name: Display a descriptive system name for this Managed Switch. Use “switch-

info sys-name [sys-name]” command to edit this field. System Location: Display a brief location description for this Managed Switch. Use “switch-

info sys-location [sys-location]” command to edit this field.

Model Name: Display the product‟s model name. Firmware Version: Display the firmware version used in this device. M/B Version: Display the main board version. Serial Number: Display the serial number of this Managed Switch. Date Code: Display the Managed Switch Firmware date code. Up Time: Display how long the device has booted up. Local Time: Display the local time of the location where the device is. CPU Temperature: Display CPU‟s current temperature. PHY1/2/3 Temperature: Display the current temperature of each PHY. Case Fan1/2: Display the status of the case fans. Power A/B: Display whether the power module is installed on the device.

Type: Display the type of the power module. State: Display the current status of the power module.

2. Display or verify currently-configured settings

Refer to the following sub-sections. “Interface command”, “IP command”, “MAC command”, “QoS command”, “Security command”, “SNMP-Server command”, “User command”, “VLAN command” sections, etc.

3. Display interface information or statistics

Refer to “Show interface statistics command” and “Show sfp information command” sections.

4. Show default, running and startup configurations

Refer to “show default-setting command”, “show running-config command” and “show startup-config command” sections.

2.6.4 Interface Command

Use “interface” command to set up configurations of several discontinuous ports or a range of ports.

Command

Parameter

Description

Switch(config)# interface [port_list]

[port_list]

Enter several port numbers separated by commas or a range of port numbers. For example: 1,3 or 2-4

Switch(config-if-PORT-PORT)# speed [1000 | 100 | 10]

[1000 | 100 | 10]

Set up the selected interfaces‟ speed. Speed configuration only works when “no auto-negotiation” command is issued.

Switch(config-if-PORT-PORT)# auto-negotiation

Set the selected interfaces‟ to autonegotiation. When auto-negotiation is enabled, speed configuration will be ignored.

Switch(config-if-PORT-PORT)# duplex [full]

[full]

Set the selected interfaces‟ to full duplex mode.

Switch(config-if-PORT-PORT)# flowcontrol

Enable the selected interfaces‟ flow control function.

Switch(config-if-PORT-PORT)# description [description]

[description]

Specify a descriptive name for the selected interfaces.

Switch(config-if-PORT-PORT)# media-type [sfp]

[sfp]

Set the selected interfaces‟ type to fiber.

Switch(config-if-PORT-PORT)# shutdown

Administratively disable the selected ports‟ status.

No command

Switch(config)# interface [port_list]

[port_list]

Enter several port numbers separated by commas or a range of port numbers. For example: 1,3 or 2-4

Switch(config-if-PORT-PORT)# no speed

Set the selected ports‟ speed to the default setting.

Switch(config-if-PORT-PORT)# no auto-negotiation

Set auto-negotiation setting to the default setting.

Switch(config-if-PORT-PORT)# no duplex

Set the selected ports‟ duplex mode to the default setting (half duplex).

Switch(config-if-PORT-PORT)# no flowcontrol

Set the selected ports‟ flow control function to the default setting.

Switch(config-if-PORT-PORT)# no description

Delete the entered descriptive name for the selected interfaces.

Switch(config-if-PORT-PORT)# no media-type

Set the selected ports‟ media type to the default setting.

Switch(config-if-PORT-PORT)# no shutdown

Administratively enable the selected ports‟ status.

Show command

Switch(config)# show interface

Show each interface‟s port configuration including media type, forwarding state, speed, duplex mode, flow control and link up/down status.

Switch(config)# show interface [port_list]

[port_list]

Show the selected interface‟s port configuration.

Switch(config)# show interface status

Show each interface‟s port status including media type, forwarding state, speed, duplex mode, flow control and link up/down status.

Switch(config)# show interface status [port_list]

[port_list]

Show the selected interface‟s port status.

Interface command example

Switch(config)# interface 1-3

Enter port 1 to port 3‟s interface mode.

Switch(config-if-1-3)# auto-negotiation

Set the selected interfaces‟ to autonegotiation.

Switch(config-if-1-3)# duplex full

Set the selected interfaces‟ to full duplex mode.

Switch(config-if-1-3)# flowcontrol

Enable the selected interfaces‟ flow control function.

Switch(config-if-1-3)# speed 1000

Set the selected ports‟ speed to 1000Mbps.

Switch(config-if-1-3)# media-type sfp

Set the selected ports‟ media type to fiber.

Switch(config-if-1-3)# shutdown

Administratively disable the selected ports‟ status.

2.6.5 ACL Command

Command

Parameter

Description

Switch(config)# acl [1-110]

[1-110]

The total number of ACL rule can be created is 110. Use this command to enter ACL configuration mode for each ACL rule. When you enter each ACL rule, you can further configure detailed settings for this rule.

Switch(config-acl-RULE)# action [deny]

[deny]

Deny the action for this rule.

Switch(config-acl-RULE)# action port-copy [port]

[port]

Specify a port number (1~24). This command will send a copy of packets to the specified port.

Switch(config-acl-RULE)# action rate-limiter-id [1-14]

[1-14]

Specify a rate limiter ID.

Switch(config-acl-RULE)# action shutdown

Shutdown the interface.

Switch(config-acl-RULE)# frame-type any [dest_mac]

[dest_mac]

Define the destination MAC filtering type.

“any”: Specify “any” to filter any kind of traffic.

“uc”: Specify “uc” to filter unicast traffic.

“mc”: Specify “mc” to filter to filter multicast traffic.

“bc”: Specify “bc” to filter broadcast traffic.

Switch(config-acl-RULE)# frame-type arp [source_mac] [mac_mask] [dest_mac] [type] [opcode] [source_ip] [ip_mask] [dest_ip] [ip_mask] [arp_smac_match] [rarp_dmac_match] [length_check] [ip] [Ethernet]

[source_mac]

Define source MAC address. “any”: Specify “any” to apply ACL rule

to any source MAC addresses. “xx:xx:xx:xx:xx:xx”: Specify the

specific source MAC address.

[mac_mask]

Specify MAC mask. “any”: Specify “any” mean any MAC

mask. “ff:ff:ff:00:00:00”: Specify a specific

MAC mask.

[dest_mac]

Define the destination MAC filtering type.

“any”: Specify “any” to filter any kind of traffic.

“uc”: Specify “uc” to filter unicast traffic.

“mc”: Specify “mc” to filter to filter multicast traffic.

“bc”: Specify “bc” to filter broadcast traffic.

[type]

Specify ARP type. “any”: Specify “any” to use any ARP

type.

“arp”: Specify “arp” to use ARP type. “rarp”: Specify “rarp” to use RARP type.

[opcode]

Specify “any” to apply ACL rule to both reply and request frames; “reply” to denote reply frames; “request” to

denote request frames.

[source_ip]

This is sender IP filtering function.

Specify “any” to filter frames from any

sender IP addresses. Or, specify either a host IP address (x.x.x.x).

[ip_mask]

Define source IP mask. “any”: Specify “any” to mean any IP

mask. “255.255.0.0”: Specify a specific IP

mask.

[dest_ip]

This is destination IP filtering function. “any”: Specify “any” to filter frames to

any destination IP addresses. “x.x.x.x”: Specify either a host IP

address or a network address.

[ip_mask]

Define destination IP mask. “any”: Specify “any” to mean any IP

mask. “255.255.0.0”: Specify a specific IP

mask.

[arp_smac_match]

This is to configure whether ARP source MAC sent and received are matched or not.

“any”: Specify “any” to denote both a match and not a match.

“0”: Denote not a match. “1”: Denote a match.

[rarp_dmac_match]

This is to configure whether RARP destination MAC sent and received are matched or not.

“any”: Specify “any” to denote both a match and not a match.

“0”: Denote not a match. “1”: Denote a match.

[length_check]

“any”: Specify “Any” to indicate a match and not a match.

“0”: Specify “0” to indicate that HLN (Hardware Address Length) field in the ARP/RARP frame is not equal to Ethernet (0x6) and the Protocol Address Length field is not equal to IPv4 (0x4).

“1”: Specify “1” to indicate that HLN (Hardware Address Length) field in the ARP/RARP frame is equal to Ethernet (0x6) and the Protocol Address Length field is equal to IPv4 (0x4).

[ip]

“any”: Specify “any” to indicate a match and not a match.

“0”: Specify “0” to indicate that Protocol Address Space field in ARP/RARP frame is not equal to IP (0x800).

“1”: Specify “1” to indicate that Protocol Address Space is equal to IP (0x800).

[Ethernet]

“any”: Specify “any” to indicate a match and not a match.

“0”: Specify “0” to indicate that Hardware Address Space field in ARP/RARP frame is not equal to Ethernet (1).

“1”: Specify “1” to indicate that Hardware Address Space field is equal to Ethernet (1).

+ 193 hidden pages

CTS FOS-3124 SERIES User Manual

Specifications and Main Features

Frequently Asked Questions

User Manual