Digisol DG-CS4554F User Manual
Page 1
10G Top-of-Rack Switches
DG-CS4554F
User Manual
V1.0
2015-10-20
As our products undergo continuous development the specifications are subject to change without prior notice.
Web Management Guide
DG-CS4554F
54-Port 10G Data Center Switch
with 48 10GBASE SFP+ Ports,
6 40GBASE QSFP Ports,
2 Power Supply Units,
and 5 Fan Trays (5 Fans – F2B and B2F Airflow)
How to Use This Guide
– 3 –
Who Should Read This
Guide?
This guide includes detailed information on the switch software, including how to
operate and use the management functions of the switch. To deploy this switch
effectively and ensure trouble-free operation, you should first read the relevant
sections in this guide so that you are familiar with all of its software features.
This guide is for network administrators who are responsible for operating and
maintaining network equipment. The guide assumes a basic working knowledge of
LANs (Local Area Networks), the Internet Protocol (IP), and Simple Network
Management Protocol (SNMP).
How This Guide is
Documentation
Organized
Related
This guide describes the switch’s web browser interface. For more detailed
information on the switch’s key features refer to the Administrator’s Guide.
The guide includes these sections:
◆
Section I “Getting Started” — Includes an introduction to switch management,
and the basic settings required to access the management interface.
◆
Section II “Web Configuration” — Includes all management options available
through the web browser interface.
◆
Section III “Appendices” — Includes information on troubleshooting switch
management access.
This guide focuses on switch software configuration through the web browser.
For information on how to manage the switch through the command line interface,
see the following guide:
CLI Reference Guide
Note: For a description of how to initialize the switch for management access via
the CLI, web interface or SNMP, refer to “Initial Switch Configuration” in the CLI
Reference Guide.
How to Use This Guide
– 4 –
For information on how to install the switch, see the following guide:
Installation Guide
For all safety information and regulatory statements, see the following documents:
Quick Start Guide
Safety and Regulatory Information
Conventions The following conventions are used throughout this guide to show information:
Note: Emphasizes important information or calls your attention to related features
or instructions.
Caution: Alerts you to a potential hazard that could cause loss of data, or damage
the system or equipment.
Revision History This section summarizes the changes in each revision of this guide.
Warning: Alerts you to a potential hazard that could cause personal injury.
Nov 2015 Revision
This is the first version of this guide.
– 5 –
Contents
How to Use This Guide
3
Contents
5
Figures
13
Tables
23
Section I
Getting Started 25
1
Introduction
27
Key Features
27
Description of Software Features
28
Equal-cost Multipath Load Balancing
32
System Defaults
34
Section II
Web Configuration
37
2
Using the Web Interface
39
Connecting to the Web Interface
39
Navigating the Web Browser Interface
40
Home Page 40
Configuration Options
41
Panel Display 41
Main Menu
42
3
Basic Management Tasks
55
Displaying System Information
55
Displaying Hardware/Software Versions
56
Configuring Support for Jumbo Frames
58
Displaying Bridge Extension Capabilities
59
– 6 –
Contents
Managing System Files 60
Copying Files via FTP/TFTP or HTTP 60
Saving the Running Configuration to a Local File 62
Setting The Start-Up File 63
Showing System Files 64
Automatic Operation Code Upgrade 65
Setting the System Clock 69
Setting the Time Manually 69
Setting the SNTP Polling Interval 70
Configuring NTP 71
Configuring Time Servers 72
Setting the Time Zone 75
Configuring The Console Port 76
Configuring Telnet Settings 78
Displaying CPU Utilization 80
Displaying Memory Utilization 80
Resetting the System 81
4 Interface Configuration 85
Port Configuration 85
Configuring by Port List 85
Configuring by Port Range 88
Displaying Connection Status 89
Configuring Local Port Mirroring 90
Showing Port or Trunk Statistics 92
Displaying Statistical History 96
Displaying Transceiver Data 100
Configuring Transceiver Thresholds 101
Trunk Configuration 103
Configuring a Static Trunk 104
Configuring a Dynamic Trunk 107
Displaying LACP Port Counters 113
Displaying LACP Settings and Status for the Local Side 114
Displaying LACP Settings and Status for the Remote Side 116
Configuring Load Balancing 117
– 7 –
Contents
Traffic Segmentation 119
Enabling Traffic Segmentation 119
Configuring Uplink and Downlink Ports 120
5 VLAN Configuration 123
IEEE 802.1Q VLANs 123
Configuring VLAN Groups 125
Adding Static Members to VLANs 128
6 Address Table Settings 133
Configuring MAC Address Learning 133
Setting Static Addresses 135
Changing the Aging Time 136
Displaying the Dynamic Address Table 137
Clearing the Dynamic Address Table 138
Issuing MAC Address Traps 139
7 Spanning Tree Algorithm 141
Overview 141
Configuring Global Settings for STA 143
Displaying Global Settings for STA 148
Configuring Interface Settings for STA 149
Displaying Interface Settings for STA 152
Configuring Multiple Spanning Trees 155
Configuring Interface Settings for MSTP 159
8 Congestion Control 163
Storm Control 163
9 Class of Service 165
Layer 2 Queue Settings 165
Setting the Default Priority for Interfaces 165
Selecting the Queue Mode 166
Mapping CoS Values to Egress Queues 169
Layer 3/4 Priority Settings 172
Setting Priority Processing to IP Precedence/DSCP or CoS 172
Mapping Ingress DSCP Values to Internal DSCP Values 173
– 8 –
Contents
Mapping CoS Priorities to Internal DSCP Values 176
Mapping Internal DSCP Values to Egress CoS Values 178
Mapping IP Precedence Values to Internal DSCP Values 180
Mapping IP Port Priority to Internal DSCP Values 182
10 Quality of Service 185
Overview 185
Configuring a Class Map 186
Creating QoS Policies 190
Attaching a Policy Map to a Port 199
11 Security Measures 201
AAA Authorization and Accounting 201
Configuring Local/Remote Logon Authentication
Configuring Remote Logon Authentication Servers 203
Configuring User Accounts 209
Configuring HTTPS 211
Configuring Global Settings for HTTPS 211
Replacing the Default Secure-site Certificate 212
Configuring the Secure Shell 214
Configuring the SSH Server 217
202
Generating the Host Key Pair 218
Importing User Public Keys 220
Access Control Lists 222
Setting A Time Range 223
Showing TCAM Utilization 226
Setting the ACL Name and Type 227
Configuring a Standard IPv4 ACL 229
Configuring an Extended IPv4 ACL 230
Configuring a Standard IPv6 ACL 232
Configuring an Extended IPv6 ACL 234
Configuring a MAC ACL 235
Binding a Port to an Access Control List 237
Filtering IP Addresses for Management Access 238
– 9 –
Contents
13 Multicast Filtering
309
Overview
309
12 Basic Administration Protocols 241
Configuring Event Logging 241
System Log Configuration 241
Remote Log Configuration 244
Link Layer Discovery Protocol 245
Setting LLDP Timing Attributes 245
Configuring LLDP Interface Attributes 247
Configuring LLDP Interface Civic-Address 251
Displaying LLDP Local Device Information 253
Displaying LLDP Remote Device Information 256
Displaying Device Statistics 264
Simple Network Management Protocol 266
Configuring Global Settings for SNMP 268
Setting the Local Engine ID 269
Specifying a Remote Engine ID 270
Setting SNMPv3 Views 271
Configuring SNMPv3 Groups 274
Setting Community Access Strings 278
Configuring Local SNMPv3 Users 279
Configuring Remote SNMPv3 Users 281
Specifying Trap Managers 284
Creating SNMP Notification Logs 288
Showing SNMP Statistics 290
Remote Monitoring 292
Configuring RMON Alarms 292
Configuring RMON Events 295
Configuring RMON History Samples 297
Configuring RMON Statistical Samples 300
UDLD Configuration 302
Configuring UDLD Protocol Intervals 303
Configuring UDLD Interface Settings 304
Displaying UDLD Neighbor Information 306
Contents
– 10 –
IGMP Protocol 310
Layer 2 IGMP (Snooping and Query for IPv4) 311
Configuring IGMP Snooping and Query Parameters 313
Specifying Static Interfaces for an IPv4 Multicast Router 316
Assigning Interfaces to IPv4 Multicast Services 319
Setting IGMP Snooping Status per Interface 320
Filtering IGMP Query Packets 326
Displaying Multicast Groups Discovered by IGMP Snooping 327
Displaying IGMP Snooping Statistics 328
Filtering and Throttling IGMP Groups 332
Enabling IGMP Filtering and Throttling 332
Configuring IGMP Filter Profiles 333
Configuring IGMP Filtering and Throttling for Interfaces 335
14 IP Configuration 339
Setting the Switch’s IP Address (IP Version 4) 339
Setting the Switch’s IP Address (IP Version 6) 343
Configuring the IPv6 Default Gateway 343
Configuring IPv6 Interface Settings 344
Configuring an IPv6 Address 348
Showing IPv6 Addresses 351
Showing the IPv6 Neighbor Cache 352
Showing IPv6 Statistics 353
Showing the MTU for Responding Destinations 360
15 IP Services 361
Dynamic Host Configuration Protocol 361
Specifying A DHCP Client Identifier 361
Configuring DHCP Relay Service 363
16 General IP Routing 365
Overview 365
Initial Configuration 365
IP Routing and Switching 366
Routing Path Management 367
Routing Protocols 368
Contents
– 11 –
Configuring IP Routing Interfaces 368
Configuring Local and Remote Interfaces 368
Using the Ping Function 369
Using the Trace Route Function 370
Address Resolution Protocol 372
ARP Timeout Configuration 372
Configuring Static ARP Addresses 373
Displaying Dynamic or Local ARP Entries 375
Displaying ARP Statistics 375
Configuring Static Routes 376
Displaying the Routing Table 378
Equal-cost Multipath Routing 379
17 Configuring Router Redundancy 383
Configuring VRRP Groups 384
Displaying VRRP Global Statistics 390
Displaying VRRP Group Statistics 391
18 Unicast Routing 393
Overview 393
Configuring the Open Shortest Path First Protocol (Version 2) 393
Defining Network Areas Based on Addresses 395
Configuring General Protocol Settings 398
Displaying Administrative Settings and Statistics 401
Adding an NSSA or Stub 403
Configuring NSSA Settings 404
Configuring Stub Settings 407
Displaying Information on NSSA and Stub Areas 409
Configuring Area Ranges (Route Summarization for ABRs) 410
Redistributing External Routes 412
Configuring Summary Addresses (for External AS Routes) 414
Configuring OSPF Interfaces 416
Configuring Virtual Links 421
Displaying Link State Database Information 424
Displaying Information on Neighboring Routers 426
Configuring Passive Interfaces 427
Contents
– 12 –
Section III
Appendices 431
A
Software Specifications
433
Software Features
433
Management Features
434
Standards
435
Management Information Bases
436
B
Troubleshooting 439
Problems Accessing the Management Interface
439
Using System Logs 440
C
License Information
441
The GNU General Public License
441
Glossary
445
Index
453
– 13 –
Figure 1:
Home Page
40
Figure 2:
Front Panel Indicators
41
Figure 3:
System Information
56
Figure 4:
General Switch Information
57
Figure 5:
Configuring Support for Jumbo Frames
58
Figure 6:
Displaying Bridge Extension Configuration
60
Figure 7:
Copy Firmware
62
Figure 8:
Saving the Running Configuration
63
Figure 9:
Setting Start-Up Files
64
Figure 10:
Displaying System Files
64
Figure 11:
Configuring Automatic Code Upgrade
68
Figure 12:
Manually Setting the System Clock
70
Figure 13:
Setting the Polling Interval for SNTP
70
Figure 14:
Configuring NTP 71
Figure 15:
Specifying SNTP Time Servers
72
Figure 16:
Adding an NTP Time Server
73
Figure 17:
Showing the NTP Time Server List
74
Figure 18:
Adding an NTP Authentication Key
75
Figure 19:
Showing the NTP Authentication Key List
75
Figure 20:
Setting the Time Zone 76
Figure 21:
Console Port Settings
78
Figure 22:
Telnet Connection Settings
79
Figure 23:
Displaying CPU Utilization
80
Figure 24:
Displaying Memory Utilization
81
Figure 25:
Restarting the Switch (Immediately)
83
Figure 26:
Restarting the Switch (In)
83
Figure 27:
Restarting the Switch (At)
84
Figure 28:
Restarting the Switch (Regularly)
84
Figure 29:
Configuring Connections by Port List
88
Figures
Figures
– 14 –
Figure 30:
Configuring Connections by Port Range
89
Figure 31:
Displaying Port Information
90
Figure 32:
Configuring Local Port Mirroring
90
Figure 33:
Configuring Local Port Mirroring
91
Figure 34:
Displaying Local Port Mirror Sessions
91
Figure 35:
Showing Port Statistics (Table)
95
Figure 36:
Showing Port Statistics (Chart)
96
Figure 37:
Configuring a History Sample
98
Figure 38:
Showing Entries for History Sampling
98
Figure 39:
Showing Status of Statistical History Sample
99
Figure 40:
Showing Current Statistics for a History Sample
99
Figure 41:
Showing Ingress Statistics for a History Sample
100
Figure 42:
Displaying Transceiver Data
101
Figure 43:
Configuring Transceiver Thresholds
103
Figure 44:
Configuring Static Trunks
104
Figure 45:
Creating Static Trunks
105
Figure 46:
Adding Static Trunks Members
106
Figure 47:
Configuring Connection Parameters for a Static Trunk
106
Figure 48:
Showing Information for Static Trunks
107
Figure 49:
Configuring Dynamic Trunks
107
Figure 50:
Configuring the LACP Aggregator Admin Key
110
Figure 51:
Enabling LACP on a Port
111
Figure 52:
Configuring LACP Parameters on a Port
111
Figure 53:
Showing Members of a Dynamic Trunk
112
Figure 54:
Configuring Connection Settings for Dynamic Trunks
112
Figure 55:
Displaying Connection Parameters for Dynamic Trunks
113
Figure 56:
Displaying LACP Port Counters
114
Figure 57:
Displaying LACP Port Internal Information
115
Figure 58:
Displaying LACP Port Remote Information
117
Figure 59:
Configuring Load Balancing
118
Figure 60:
Enabling Traffic Segmentation
120
Figure 61:
Configuring Members for Traffic Segmentation
121
Figure 62:
Showing Traffic Segmentation Members
122
Figure 63:
VLAN Compliant and VLAN Non-compliant Devices
124
Figure 64:
Creating Static VLANs
126
Figures
– 15 –
Figure 65:
Modifying Settings for Static VLANs
127
Figure 66:
Showing Static VLANs
127
Figure 67:
Configuring Static Members by VLAN Index
130
Figure 68:
Configuring Static VLAN Members by Interface
131
Figure 69:
Configuring Static VLAN Members by Interface Range
131
Figure 70:
Configuring MAC Address Learning
134
Figure 71:
Configuring Static MAC Addresses
136
Figure 72:
Displaying Static MAC Addresses
136
Figure 73:
Setting the Address Aging Time
137
Figure 74:
Displaying the Dynamic MAC Address Table
138
Figure 75:
Clearing Entries in the Dynamic MAC Address Table
139
Figure 76:
Issuing MAC Address Traps (Global Configuration)
140
Figure 77:
Issuing MAC Address Traps (Interface Configuration)
140
Figure 78:
STP Root Ports and Designated Ports
142
Figure 79:
MSTP Region, Internal Spanning Tree, Multiple Spanning Tree
142
Figure 80:
Common Internal Spanning Tree, Common Spanning Tree,
Internal Spanning Tree
143
Figure 81:
Configuring Global Settings for STA (STP)
147
Figure 82:
Configuring Global Settings for STA (RSTP)
147
Figure 83:
Configuring Global Settings for STA (MSTP)
148
Figure 84:
Displaying Global Settings for STA
149
Figure 85:
Configuring Interface Settings for STA
152
Figure 86:
STA Port Roles
154
Figure 87:
Displaying Interface Settings for STA
155
Figure 88:
Creating an MST Instance
156
Figure 89:
Displaying MST Instances
157
Figure 90:
Modifying the Priority for an MST Instance
157
Figure 91:
Displaying Global Settings for an MST Instance
158
Figure 92:
Adding a VLAN to an MST Instance
158
Figure 93:
Displaying Members of an MST Instance
159
Figure 94:
Configuring MSTP Interface Settings
160
Figure 95:
Displaying MSTP Interface Settings
161
Figure 96:
Configuring Storm Control
164
Figure 97:
Setting the Default Port Priority
166
Figure 98:
Setting the Queue Mode (Strict)
168
Figures
– 16 –
Figure 99:
Setting the Queue Mode (WRR)
168
Figure 100:
Setting the Queue Mode (Strict and WRR)
169
Figure 101:
Mapping CoS Values to Egress Queues
171
Figure 102:
Showing CoS Values to Egress Queue Mapping
171
Figure 103:
Setting the Trust Mode
173
Figure 104:
Configuring DSCP to DSCP Internal Mapping
175
Figure 105:
Showing DSCP to DSCP Internal Mapping
175
Figure 106:
Configuring CoS to DSCP Internal Mapping
177
Figure 107:
Showing CoS to DSCP Internal Mapping
178
Figure 108:
Configuring DSCP to CoS Egress Mapping
179
Figure 109:
Showing DSCP to CoS Egress Mapping
180
Figure 110:
Configuring IP Precedence to DSCP Internal Mapping
182
Figure 111:
Showing the IP Precedence to DSCP Internal Map
182
Figure 112:
Configuring IP Port Number to DSCP Internal Mapping
183
Figure 113:
Showing IP Port Number to DSCP Internal Mapping
184
Figure 114:
Configuring a Class Map
187
Figure 115:
Showing Class Maps
188
Figure 116:
Adding Rules to a Class Map
189
Figure 117:
Showing the Rules for a Class Map
189
Figure 118:
Configuring a Policy Map
197
Figure 119:
Showing Policy Maps
197
Figure 120:
Adding Rules to a Policy Map
198
Figure 121:
Showing the Rules for a Policy Map
199
Figure 122:
Attaching a Policy Map to a Port
200
Figure 123:
Configuring the Authentication Sequence
203
Figure 124:
Authentication Server Operation
204
Figure 125:
Configuring Remote Authentication Server (RADIUS)
207
Figure 126:
Configuring Remote Authentication Server (TACACS+)
207
Figure 127:
Configuring AAA Server Groups
208
Figure 128:
Showing AAA Server Groups
208
Figure 129:
Configuring User Accounts
210
Figure 130:
Showing User Accounts
210
Figure 131:
Configuring HTTPS
212
Figure 132:
Downloading the Secure-Site Certificate
214
Figure 133:
Configuring the SSH Server
218
Figures
– 17 –
Figure 134:
Generating the SSH Host Key Pair
219
Figure 135:
Showing the SSH Host Key Pair
220
Figure 136:
Copying the SSH User’s Public Key
221
Figure 137:
Showing the SSH User’s Public Key
222
Figure 138:
Setting the Name of a Time Range
224
Figure 139:
Showing a List of Time Ranges
225
Figure 140:
Add a Rule to a Time Range
225
Figure 141:
Showing the Rules Configured for a Time Range
226
Figure 142:
Showing TCAM Utilization
227
Figure 143:
Creating an ACL
228
Figure 144:
Showing a List of ACLs
228
Figure 145:
Configuring a Standard IPv4 ACL
230
Figure 146:
Configuring an Extended IPv4 ACL
232
Figure 147:
Configuring a Standard IPv6 ACL
233
Figure 148:
Configuring an Extended IPv6 ACL
235
Figure 149:
Configuring a MAC ACL
237
Figure 150:
Binding a Port to an ACL
238
Figure 151:
Creating an IP Address Filter for Management Access
240
Figure 152:
Showing IP Addresses Authorized for Management Access
240
Figure 153:
Configuring Settings for System Memory Logs
243
Figure 154:
Showing Error Messages Logged to System Memory
243
Figure 155:
Configuring Settings for Remote Logging of Error Messages
245
Figure 156:
Configuring LLDP Timing Attributes
247
Figure 157:
Configuring LLDP Interface Attributes
251
Figure 158:
Configuring the Civic Address for an LLDP Interface
252
Figure 159:
Displaying Local Device Information for LLDP (General)
255
Figure 160:
Displaying Local Device Information for LLDP (Port)
256
Figure 161:
Displaying Remote Device Information for LLDP (Port)
262
Figure 162:
Displaying Remote Device Information for LLDP (Port Details)
263
Figure 163:
Displaying Remote Device Information for LLDP (End Node)
264
Figure 164:
Displaying LLDP Device Statistics (General)
265
Figure 165:
Displaying LLDP Device Statistics (Port)
266
Figure 166:
Configuring Global Settings for SNMP
269
Figure 167:
Configuring the Local Engine ID for SNMP
270
Figure 168:
Configuring a Remote Engine ID for SNMP
271
Figures
– 18 –
Figure 169:
Showing Remote Engine IDs for SNMP
271
Figure 170:
Creating an SNMP View
272
Figure 171:
Showing SNMP Views
273
Figure 172:
Adding an OID Subtree to an SNMP View
273
Figure 173:
Showing the OID Subtree Configured for SNMP Views
274
Figure 174:
Creating an SNMP Group
277
Figure 175:
Showing SNMP Groups
277
Figure 176:
Setting Community Access Strings
278
Figure 177:
Showing Community Access Strings
279
Figure 178:
Configuring Local SNMPv3 Users
280
Figure 179:
Showing Local SNMPv3 Users
281
Figure 180:
Configuring Remote SNMPv3 Users
283
Figure 181:
Showing Remote SNMPv3 Users
283
Figure 182:
Configuring Trap Managers (SNMPv1)
287
Figure 183:
Configuring Trap Managers (SNMPv2c)
287
Figure 184:
Configuring Trap Managers (SNMPv3)
287
Figure 185:
Showing Trap Managers
288
Figure 186:
Creating SNMP Notification Logs
289
Figure 187:
Showing SNMP Notification Logs
290
Figure 188:
Showing SNMP Statistics
291
Figure 189:
Configuring an RMON Alarm
294
Figure 190:
Showing Configured RMON Alarms
295
Figure 191:
Configuring an RMON Event
296
Figure 192:
Showing Configured RMON Events
297
Figure 193:
Configuring an RMON History Sample
299
Figure 194:
Showing Configured RMON History Samples
299
Figure 195:
Showing Collected RMON History Samples
300
Figure 196:
Configuring an RMON Statistical Sample
301
Figure 197:
Showing Configured RMON Statistical Samples
301
Figure 198:
Showing Collected RMON Statistical Samples
302
Figure 199:
Configuring UDLD Protocol Intervals
304
Figure 200:
Configuring UDLD Interface Settings
306
Figure 201:
Displaying UDLD Neighbor Information
307
Figure 202:
Multicast Filtering Concept
309
Figure 203:
IGMP Protocol
311
Figures
– 19 –
Figure 204:
Configuring General Settings for IGMP Snooping
316
Figure 205:
Configuring a Static Interface for an IPv4 Multicast Router
318
Figure 206:
Showing Static Interfaces Attached an IPv4 Multicast Router
318
Figure 207:
Showing Current Interfaces Attached an IPv4 Multicast Router
319
Figure 208:
Assigning an Interface to an IPv4 Multicast Service
320
Figure 209:
Showing Static Interfaces Assigned to an IPv4 Multicast Service
320
Figure 210:
Configuring IGMP Snooping on a VLAN
325
Figure 211:
Showing Interface Settings for IGMP Snooping
326
Figure 212:
Dropping IGMP Query Packets
327
Figure 213:
Showing Multicast Groups Learned by IGMP Snooping
328
Figure 214:
Displaying IGMP Snooping Statistics – Query
330
Figure 215:
Displaying IGMP Snooping Statistics – VLAN
331
Figure 216:
Displaying IGMP Snooping Statistics – Port
331
Figure 217:
Enabling IGMP Filtering and Throttling
333
Figure 218:
Creating an IGMP Filtering Profile
334
Figure 219:
Showing the IGMP Filtering Profiles Created
334
Figure 220:
Adding Multicast Groups to an IGMP Filtering Profile
335
Figure 221:
Showing the Groups Assigned to an IGMP Filtering Profile
335
Figure 222:
Configuring IGMP Filtering and Throttling Interface Settings
337
Figure 223:
Configuring a Static IPv4 Address
341
Figure 224:
Configuring a Dynamic IPv4 Address
342
Figure 225:
Showing the IPv4 Address Configured for an Interface
343
Figure 226:
Configuring the IPv6 Default Gateway
344
Figure 227:
Configuring General Settings for an IPv6 Interface
348
Figure 228:
Configuring an IPv6 Address
350
Figure 229:
Showing Configured IPv6 Addresses
352
Figure 230:
Showing IPv6 Neighbors
353
Figure 231:
Showing IPv6 Statistics (IPv6)
358
Figure 232:
Showing IPv6 Statistics (ICMPv6)
359
Figure 233:
Showing IPv6 Statistics (UDP)
359
Figure 234:
Showing Reported MTU Values
360
Figure 235:
Specifying A DHCP Client Identifier
363
Figure 236:
Layer 3 DHCP Relay Service
363
Figure 237:
Configuring DHCP Relay Service
364
Figure 238:
Virtual Interfaces and Layer 3 Routing
366
Figures
– 20 –
Figure 239:
Pinging a Network Device
370
Figure 240:
Tracing the Route to a Network Device
371
Figure 241:
Configuring ARP Timeout
373
Figure 242:
Configuring Static ARP Entries
374
Figure 243:
Displaying Static ARP Entries
375
Figure 244:
Displaying ARP Entries
375
Figure 245:
Displaying ARP Statistics
376
Figure 246:
Configuring Static Routes
377
Figure 247:
Displaying Static Routes
378
Figure 248:
Displaying the Routing Table
379
Figure 249:
Setting the Maximum ECMP Number
381
Figure 250:
Master Virtual Router with Backup Routers
383
Figure 251:
Several Virtual Master Routers Using Backup Routers
384
Figure 252:
Several Virtual Master Routers Configured for Mutual Backup and Load Sharing
384
Figure 253:
Configuring the VRRP Group ID
388
Figure 254:
Showing Configured VRRP Groups
388
Figure 255:
Setting the Virtual Router Address for a VRRP Group
389
Figure 256:
Showing the Virtual Addresses Assigned to VRRP Groups
389
Figure 257:
Configuring Detailed Settings for a VRRP Group
390
Figure 258:
Showing Counters for Errors Found in VRRP Packets
391
Figure 259:
Showing Counters for Errors Found in a VRRP Group
392
Figure 260:
Configuring OSPF
394
Figure 261:
OSPF Areas
396
Figure 262:
Defining OSPF Network Areas Based on Addresses
397
Figure 263:
Showing OSPF Network Areas
398
Figure 264:
Showing OSPF Process Identifiers
398
Figure 265:
AS Boundary Router
400
Figure 266:
Configure General Settings for OSPF
401
Figure 267:
Showing General Settings for OSPF
402
Figure 268:
Adding an NSSA or Stub
403
Figure 269:
Showing NSSAs or Stubs
404
Figure 270:
OSPF NSSA
404
Figure 271:
Configuring Protocol Settings for an NSSA
407
Figure 272:
OSPF Stub Area
407
Figure 273:
Configuring Protocol Settings for a Stub
409
Figures
– 21 –
Figure 274:
Displaying Information on NSSA and Stub Areas
410
Figure 275:
Route Summarization for ABRs
410
Figure 276:
Configuring Route Summaries for an Area Range
411
Figure 277:
Showing Configured Route Summaries
412
Figure 278:
Redistributing External Routes
412
Figure 279:
Importing External Routes
413
Figure 280:
Showing Imported External Route Types
414
Figure 281:
Summarizing External Routes
415
Figure 282:
Showing Summary Addresses for External Routes
415
Figure 283:
Configuring Settings for All Interfaces Assigned to a VLAN
419
Figure 284:
Configuring Settings for a Specific Area Assigned to a VLAN
420
Figure 285:
Showing OSPF Interfaces
420
Figure 286:
Showing MD5 Authentication Keys
421
Figure 287:
OSPF Virtual Link
421
Figure 288:
Adding a Virtual Link
422
Figure 289:
Showing Virtual Links
423
Figure 290:
Configuring Detailed Settings for a Virtual Link
423
Figure 291:
Showing MD5 Authentication Keys
424
Figure 292:
Displaying Information in the Link State Database
426
Figure 293:
Displaying Neighbor Routers Stored in the Link State Database
427
Figure 294:
Configuring an OSPF Passive Interface
428
Figure 295:
Showing OSPF Passive Interfaces
429
Figures
– 22 –
– 23 –
Table 1:
Key Features
27
Table 2:
System Defaults
34
Table 3:
Web Page Configuration Buttons
41
Table 4:
Switch Main Menu
42
Table 5:
Port Statistics
92
Table 6:
LACP Port Counters
113
Table 7:
LACP Internal Configuration Information
114
Table 8:
LACP Remote Device Configuration Information
116
Table 9:
Traffic Segmentation Forwarding
120
Table 10:
Recommended STA Path Cost Range
150
Table 11:
Default STA Path Costs
150
Table 12:
IEEE 802.1p Egress Queue Priority Mapping
169
Table 13:
CoS Priority Levels
170
Table 14:
Mapping Internal Per-hop Behavior to Hardware Queues
170
Table 15:
Default Mapping of DSCP Values to Internal PHB/Drop Values
174
Table 16:
Default Mapping of CoS/CFI to Internal PHB/Drop Precedence
176
Table 17:
Mapping Internal PHB/Drop Precedence to CoS/CFI Values
179
Table 18:
Mapping IP Precedence
180
Table 19:
Default Mapping of IP Precedence to Internal PHB/Drop Values
181
Table 20:
HTTPS System Support
211
Table 21:
Logging Levels
242
Table 22:
LLDP MED Location CA Types
251
Table 23:
Chassis ID Subtype
253
Table 24:
System Capabilities
253
Table 25:
Port ID Subtype
254
Table 26:
Remote Port Auto-Negotiation Advertised Capability
258
Table 27:
SNMPv3 Security Models and Levels
267
Table 28:
Supported Notification Messages
275
Table 29:
Show IPv6 Neighbors - display description
352
Tables
Tables
– 24 –
Table 30:
Show IPv6 Statistics - display description
354
Table 31:
Show MTU - display description
360
Table 32:
Options 60, 66 and 67 Statements
361
Table 33:
Options 55 and 124 Statements
362
Table 34:
Address Resolution Protocol
372
Table 35:
ARP Statistics
375
Table 36:
VRRP Group Statistics
391
Table 37:
OSPF System Information
401
Table 38:
Troubleshooting Chart
439
– 25 –
Section I
Getting Started
This section provides an overview of the switch, and introduces some basic
concepts about network switches. It also describes the basic settings required to
access the management interface.
This section includes these chapters:
◆
"Introduction" on page 27
Section I
|
Getting Started
– 26 –
– 27 –
Feature Description
1
Key Features
Introduction
This switch provides a broad range of features for Layer 2 switching and Layer 3
routing. It includes a management agent that allows you to configure the features
listed in this manual. The default configuration can be used for most of the features
provided by this switch. However, there are many options that you should
configure to maximize the switch’s performance for your particular network
environment.
Table 1: Key Features
Configuration Backup and
Restore
Authentication Console, Telnet, web – user name/password, RADIUS, TACACS+
General Security Measures IP Address Filtering
Access Control Lists Supports up to 256 ACLs, up to 96 rules per ACL
DHCP
DHCPv6 Client
DNS
Port Configuration Speed, duplex mode and flow control
Port Trunking Supports up to 8 trunks – static or dynamic trunking (LACP)
Port Mirroring 28 sessions, one or more source ports to one analysis port
Congestion Control Rate Limiting
Using management station or FTP/TFTP server
SNMP v1/2c - Community strings
SNMP version 3 – MD5 or SHA password
Telnet – SSH
Web – HTTPS
Local and Remote User Accounts
RADIUS Server Authentication
Secure Shell
Client, Relay
Client service
Throttling for broadcast, multicast, unknown unicast storms
Chapter 1
|
Introduction
Description of Software Features
– 28 –
Feature Description
Table 1: Key Features (Continued)
Address Table 32K MAC addresses in forwarding table, 1K static MAC addresses;
8K entries in ARP cache, 256 static ARP entries;
512 static IP routes, 512 IP interfaces;
12K IPv4 entries in host table;
8K IPv4 entries in routing table;
6K IPv6 entries in host table;
4K IPv6 entries in routing table
1K L2 IPv4 multicast groups;
1K L3 IPv4 multicast groups (shared with IPv6);
1K L3 IPv6 multicast groups (shared with IPv4)
IP Version 4 and 6 Supports IPv4 and IPv6 addressing, and management
IEEE 802.1D Bridge Supports dynamic data switching and addresses learning
Store-and-Forward
Switching
Spanning Tree Algorithm Supports standard STP, Rapid Spanning Tree Protocol (RSTP), and
Virtual LANs Up to 4094 using IEEE 802.1Q, and port-based VLANs
Traffic Prioritization Default port priority, traffic class map, queue scheduling, IP Precedence,
Qualify of Service Supports Differentiated Services (DiffServ)
Link Layer Discovery
Protocol
Router Redundancy Router backup is provided with the Virtual Router Redundancy Protocol
IP Routing
ARP Static and dynamic address configuration, proxy ARP
Multicast Filtering Supports IGMP snooping and query for Layer 2
Multicast Routing Static multicast routing
Supported to ensure wire-speed switching while eliminating bad
frames
Multiple Spanning Trees (MSTP)
or Differentiated Services Code Point (DSCP), and TCP/UDP Port
Used to discover basic information about neighboring devices
(VRRP)
Open Shortest Path First (OSPFv2/v3*), Border Gateway Protocol
(BGPv4)*, policy-based routing for BGP*, static routes, Equal-Cost
Multipath Routing (ECMP)
Description of Software Features
* These features are only available through the Command Line Interface
The switch provides a wide range of advanced performance enhancing features.
Flow control eliminates the loss of packets due to bottlenecks caused by port
saturation. Broadcast storm suppression prevents broadcast traffic storms from
engulfing the network. Untagged (port-based), tagged, and protocol-based VLANs,
plus support for automatic GVRP VLAN registration provide traffic security and
efficient use of network bandwidth. CoS priority queueing ensures the minimum
delay for moving real-time multimedia data across the network. While multicast
filtering and routing provides support for real-time network applications.
Chapter 1
|
Introduction
Description of Software Features
– 29 –
Some of the management features are briefly described below.
Configuration
Backup and Restore
You can save the current configuration settings to a file on the management station
(using the web interface) or an FTP/TFTP server (using the web or console
interface), and later download this file to restore the switch configuration settings.
Authentication This switch authenticates management access via the console port, Telnet, or a web
browser. User names and passwords can be configured locally or can be verified via
a remote authentication server (i.e., RADIUS or TACACS+).
Other authentication options include HTTPS for secure management access via the
web, SSH for secure management access over a Telnet-equivalent connection,
SNMP Version 3, IP address filtering for SNMP/Telnet/web management access.
MAC address filtering and IP source guard also provide authenticated port access.
Access Control Lists
ACLs provide packet filtering for IP frames (based on address, protocol, TCP/UDP
port number or TCP control code) or any frames (based on MAC address or Ethernet
type). ACLs can by used to improve performance by blocking unnecessary network
traffic or to implement security controls by restricting access to specific network
resources or protocols.
DHCP DHCP Relay Option 82 controls the processing of Option 82 information in DHCP
request packets relayed by this device.
Port Configuration You can manually configure the speed, duplex mode, and flow control used on
specific ports, or use auto-negotiation to detect the connection settings used by
the attached device. Use full-duplex mode on ports whenever possible to double
the throughput of switch connections. Flow control should also be enabled to
control network traffic during periods of congestion and prevent the loss of
packets when port buffer thresholds are exceeded. The switch supports flow
control based on the IEEE 802.3x standard (now incorporated in IEEE 802.3-2002).
Port Mirroring The switch can unobtrusively mirror traffic from any port to a monitor port. You can
then attach a protocol analyzer or RMON probe to this port to perform traffic
analysis and verify connection integrity.
Port Trunking Ports can be combined into an aggregate connection. Trunks can be manually set
up or dynamically configured using Link Aggregation Control Protocol (LACP – IEEE
802.3-2005). The additional ports dramatically increase the throughput across any
connection, and provide redundancy by taking over the load if a port in the trunk
should fail. The switch supports up to 8 trunks.
Chapter 1
|
Introduction
Description of Software Features
– 30 –
Storm Control Broadcast, multicast and unknown unicast storm suppression prevents traffic from
overwhelming the network.When enabled on a port, the level of traffic passing
through the port is restricted. If traffic rises above a pre-defined threshold, it will be
throttled until the level falls back beneath the threshold.
Static MAC
Addresses
A static address can be assigned to a specific interface on this switch. Static
addresses are bound to the assigned interface and will not be moved. When a static
address is seen on another interface, the address will be ignored and will not be
written to the address table. Static addresses can be used to provide network
security by restricting access for a known host to a specific port.
IP Address Filtering Access to insecure ports can be controlled using DHCP Snooping which filters
ingress traffic based on static IP addresses and addresses stored in the DHCP
Snooping table. Traffic can also be restricted to specific source IP addresses or
source IP/MAC address pairs based on static entries or entries stored in the DHCP
Snooping table.
IEEE 802.1D Bridge The switch supports IEEE 802.1D transparent bridging. The address table facilitates
data switching by learning addresses, and then filtering or forwarding traffic based
on this information. The address table supports up to 32K addresses.
Store-and-Forward
Switching
The switch copies each frame into its memory before forwarding them to another
port. This ensures that all frames are a standard Ethernet size and have been
verified for accuracy with the cyclic redundancy check (CRC). This prevents bad
frames from entering the network and wasting bandwidth.
Spanning Tree
Algorithm
To avoid dropping frames on congested ports, the switch provides 3 Mbits for
frame buffering. This buffer can queue packets awaiting transmission on congested
networks.
The switch supports these spanning tree protocols:
◆
Spanning Tree Protocol (STP, IEEE 802.1D) – This protocol provides loop
detection. When there are multiple physical paths between segments, this
protocol will choose a single path and disable all others to ensure that only one
route exists between any two stations on the network. This prevents the
creation of network loops. However, if the chosen path should fail for any
reason, an alternate path will be activated to maintain the connection.
◆
Rapid Spanning Tree Protocol (RSTP, IEEE 802.1w) – This protocol reduces the
convergence time for network topology changes to about 3 to 5 seconds,
compared to 30 seconds or more for the older IEEE 802.1D STP standard. It is
intended as a complete replacement for STP, but can still interoperate with
switches running the older standard by automatically reconfiguring ports to
Loading...