How it Works
Edge Products
Loading...
ES3528-WDM
User Manual
556 pgs7.44 Mb0
Table of contents
Loading...

Edge Products ES3528, ES3528-WDM User Manual

ES3528 ES3528-WDM
Powered by Accton
Layer 2 Metro Access Switch
Management Guide
www.edge-core.com
Management Guide
ES3528 Fast Ethernet Switch
ES3528-WDM Fast Ethernet Switch
Layer 2 WDM Metro Access Switch with 24 100BASE-BX Single-Fiber Ports (SC), 2 Gigabit Combination Ports (RJ-45/SFP), 2 Gigabit Extender Module Slots (RJ-45/SFP), 1 Fast Ethernet Management Port (RJ-45)
ES3528 ES3528-WDM F1.0.1.7 E122006/ST-R01 149100033100A
Contents
Section I: Getting Started
Chapter 1: Introduction 1-1
Key Features 1-1 Description of Software Features 1-2 System Defaults 1-6
Chapter 2: Initial Configuration 2-1
Connecting to the Switch 2-1
Configuration Options 2-1 Required Connections 2-2 Remote Connections 2-3
Basic Configuration 2-3
Console Connection 2-3 Setting Passwords 2-4 Setting an IP Address 2-4
Manual Configuration 2-4 Dynamic Configuration 2-5
Enabling SNMP Management Access 2-6
Community Strings (for SNMP version 1 and 2c clients) 2-6 Trap Receivers 2-7 Configuring Access for SNMP Version 3 Clients 2-8
Managing System Files 2-8
Saving Configuration Settings 2-9
Section II: Switch Management
Chapter 3: Configuring the Switch 3-1
Using the Web Interface 3-1 Navigating the Web Browser Interface 3-2
Home Page 3-2 Configuration Options 3-3 Panel Display 3-3 Main Menu 3-4
Chapter 4: Basic Management Tasks 4-1
Displaying System Information 4-1 Configuring the Switch for Normal Operation or Tunneling Mode 4-3 Configuring the Maximum Frame Size 4-4 Configuring Support for Jumbo Frames 4-5 Displaying Switch Hardware/Software Versions 4-6 Displaying Bridge Extension Capabilities 4-7 Setting the Switch’s IP Address 4-8
v
Contents
Manual Configuration 4-9 Using DHCP/BOOTP 4-10
Managing Firmware 4-11
Downloading System Software from a Server 4-12
Saving or Restoring Configuration Settings 4-14
Downloading Configuration Settings from a Server 4-15 Console Port Settings 4-16 Telnet Settings 4-18 Configuring Event Logging 4-20
System Log Configuration 4-20
Remote Log Configuration 4-21
Displaying Log Messages 4-23
Sending Simple Mail Transfer Protocol Alerts 4-23 Resetting the System 4-25 Setting the System Clock 4-26
Configuring SNTP 4-26
Setting the Time Zone 4-27
Chapter 5: Simple Network Management Protocol 5-1
Enabling the SNMP Agent 5-2 Setting Community Access Strings 5-3 Specifying Trap Managers and Trap Types 5-4 Configuring SNMPv3 Management Access 5-7
Setting a Local Engine ID 5-7
Specifying a Remote Engine ID 5-8
Configuring SNMPv3 Users 5-9
Configuring Remote SNMPv3 Users 5-11
Configuring SNMPv3 Groups 5-13
Setting SNMPv3 Views 5-16
Chapter 6: User Authentication 6-1
Configuring User Accounts 6-1 Configuring Local/Remote Logon Authentication 6-2 Configuring HTTPS 6-5
Replacing the Default Secure-site Certificate 6-6 Configuring the Secure Shell 6-7
Generating the Host Key Pair 6-9
Configuring the SSH Server 6-11 Configuring 802.1X Port Authentication 6-13
Displaying 802.1X Global Settings 6-14
Configuring 802.1X Global Settings 6-15
Configuring Port Settings for 802.1X 6-15
Displaying 802.1X Statistics 6-18 Filtering IP Addresses for Management Access 6-20
vi
Contents
Chapter 7: Client Security 7-1
Configuring Port Security 7-1
Chapter 8: Access Control Lists 8-1
Configuring Access Control Lists 8-1
Setting the ACL Name and Type 8-2 Configuring a Standard ACL 8-3 Configuring an Extended ACL 8-4 Configuring a MAC ACL 8-7 Configuring ACL Masks 8-9
Specifying the Mask Type 8-9 Configuring an IP ACL Mask 8-10 Configuring a MAC ACL Mask 8-12
Binding a Port to an Access Control List 8-13
Chapter 9: Port Configuration 9-1
Displaying Connection Status 9-1 Configuring Interface Connections 9-3 Creating Trunk Groups 9-6
Statically Configuring a Trunk 9-7 Enabling LACP on Selected Ports 9-8 Configuring LACP Parameters 9-10 Displaying LACP Port Counters 9-13 Displaying LACP Settings and Status for the Local Side 9-14
Displaying LACP Settings and Status for the Remote Side 9-16 Setting Broadcast Storm Thresholds 9-17 Configuring Port Mirroring 9-19 Configuring Rate Limits 9-20 Showing Port Statistics 9-21
Chapter 10: Address Table Settings 10-1
Setting Static Addresses 10-1 Displaying the Address Table 10-2 Changing the Aging Time 10-4
Chapter 11: Spanning Tree Algorithm 11-1
Displaying Global Settings 11-3 Configuring Global Settings 11-6 Displaying Interface Settings 11-10 Configuring Interface Settings 11-13 Configuring Multiple Spanning Trees 11-16 Displaying Interface Settings for MSTP 11-19 Configuring Interface Settings for MSTP 11-20
Chapter 12: VLAN Configuration 12-1
IEEE 802.1Q VLANs 12-1
Enabling or Disabling GVRP (Global Setting) 12-4
vii
Contents
Displaying Basic VLAN Information 12-4 Displaying Current VLANs 12-5 Creating VLANs 12-6 Adding Static Members to VLANs (VLAN Index) 12-7 Adding Static Members to VLANs (Port Index) 12-9 Configuring VLAN Behavior for Interfaces 12-10
Configuring IEEE 802.1Q Tunneling 12-12
Adding an Interface to a QinQ Tunnel 12-16
Configuring Private VLANs 12-17
Enabling Private VLANs 12-17 Configuring Uplink and Downlink Ports 12-18
Configuring Protocol-Based VLANs 12-18
Configuring Protocol Groups 12-19 Mapping Protocols to VLANs 12-20
Chapter 13: Class of Service 13-1
Layer 2 Queue Settings 13-1
Setting the Default Priority for Interfaces 13-1 Mapping CoS Values to Egress Queues 13-3 Selecting the Queue Mode 13-5 Setting the Service Weight for Traffic Classes 13-6
Layer 3/4 Priority Settings 13-7
Mapping Layer 3/4 Priorities to CoS Values 13-7 Selecting IP Precedence/DSCP Priority 13-7 Mapping IP Precedence 13-8 Mapping DSCP Priority 13-10 Mapping IP Port Priority 13-11
Chapter 14: Quality of Service 14-1
Configuring Quality of Service Parameters 14-1
Configuring a Class Map 14-2 Creating QoS Policies 14-5 Attaching a Policy Map to Ingress Queues 14-8
Chapter 15: Multicast Filtering 15-1
Layer 2 IGMP (Snooping and Query) 15-2
Configuring IGMP Snooping and Query Parameters 15-3 Displaying Interfaces Attached to a Multicast Router 15-5 Specifying Static Interfaces for a Multicast Router 15-6 Displaying Port Members of Multicast Services 15-7 Assigning Ports to Multicast Services 15-8
Multicast VLAN Registration 15-9
Configuring Global MVR Settings 15-10 Displaying MVR Interface Status 15-11 Configuring MVR Interface Status 15-12 Displaying Port Members of Multicast Groups 15-14
viii
Contents
Assigning Static Multicast Groups to Interfaces 15-15
Chapter 16: Domain Name Service 16-1
Configuring General DNS Service Parameters 16-1 Configuring Static DNS Host to Address Entries 16-3 Displaying the DNS Cache 16-5
Section III: Command Line Interface
Chapter 17: Overview of Command Line Interface 17-1
Using the Command Line Interface 17-1
Accessing the CLI 17-1
Console Connection 17-1
Telnet Connection 17-1 Entering Commands 17-3
Keywords and Arguments 17-3
Minimum Abbreviation 17-3
Command Completion 17-3
Getting Help on Commands 17-3
Showing Commands 17-4 Partial Keyword Lookup 17-5 Negating the Effect of Commands 17-5 Using Command History 17-5 Understanding Command Modes 17-6 Exec Commands 17-6 Configuration Commands 17-7 Command Line Processing 17-9
Command Groups 17-10
Chapter 18: General Commands 18-1
enable 18-1 disable 18-2 configure 18-2 show history 18-3 reload 18-4 prompt 18-4 end 18-4 exit 18-5 quit 18-5
Chapter 19: System Management Commands 19-1
Device Designation Commands 19-1
hostname 19-1
System Status Commands 19-2
show startup-config 19-2 show running-config 19-4
ix
Contents
show system 19-6 show users 19-7 show version 19-7
System Mode Commands 19-8
system mode 19-8 show system mode 19-9
System MTU Commands 19-9
jumbo frame 19-10 system mtu 19-11 show system mtu 19-11
File Management Commands 19-12
copy 19-13 delete 19-15 dir 19-16 whichboot 19-17 boot system 19-17
Line Commands 19-19
line 19-19 login 19-20 password 19-21 timeout login response 19-22 exec-timeout 19-22 password-thresh 19-23 silent-time 19-24 databits 19-24 parity 19-25 speed 19-25 stopbits 19-26 disconnect 19-26 show line 19-27
Event Logging Commands 19-28
logging on 19-28 logging history 19-29 logging host 19-30 logging facility 19-30 logging trap 19-31 clear log 19-31 show logging 19-32 show log 19-33
SMTP Alert Commands 19-34
logging sendmail host 19-34 logging sendmail level 19-35 logging sendmail source-email 19-35 logging sendmail destination-email 19-36 logging sendmail 19-36
x
Contents
show logging sendmail 19-37
Time Commands 19-37
sntp client 19-38 sntp server 19-39 sntp poll 19-39 show sntp 19-40 clock timezone 19-40 calendar set 19-41 show calendar 19-42
Chapter 20: SNMP Commands 20-1
snmp-server 20-2 show snmp 20-2 snmp-server community 20-3 snmp-server contact 20-4 snmp-server location 20-4 snmp-server host 20-5 snmp-server enable traps 20-7 snmp-server engine-id 20-8 show snmp engine-id 20-9 snmp-server view 20-10 show snmp view 20-11 snmp-server group 20-11 show snmp group 20-12 snmp-server user 20-14 show snmp user 20-15
Chapter 21: User Authentication Commands 21-1
User Account Commands 21-1
username 21-2 enable password 21-3
Authentication Sequence 21-4
authentication login 21-4 authentication enable 21-5
RADIUS Client 21-6
radius-server host 21-6 radius-server port 21-7 radius-server key 21-7 radius-server retransmit 21-8 radius-server timeout 21-8 show radius-server 21-8
TACACS+ Client 21-9
tacacs-server host 21-9 tacacs-server port 21-10 tacacs-server key 21-10 show tacacs-server 21-11
xi
Contents
Web Server Commands 21-11
ip http port 21-11 ip http server 21-12 ip http secure-server 21-12 ip http secure-port 21-13
Telnet Server Commands 21-14
ip telnet server 21-14
Secure Shell Commands 21-15
ip ssh server 21-17 ip ssh timeout 21-18 ip ssh authentication-retries 21-19 ip ssh server-key size 21-19 delete public-key 21-20 ip ssh crypto host-key generate 21-20 ip ssh crypto zeroize 21-21 ip ssh save host-key 21-21 show ip ssh 21-22 show ssh 21-22 show public-key 21-23
802.1X Port Authentication 21-24 dot1x system-auth-control 21-25 dot1x default 21-25 dot1x max-req 21-25 dot1x port-control 21-26 dot1x operation-mode 21-26 dot1x re-authenticate 21-27 dot1x re-authentication 21-27 dot1x timeout quiet-period 21-28 dot1x timeout re-authperiod 21-28 dot1x timeout tx-period 21-29 show dot1x 21-29
Management IP Filter Commands 21-33
management 21-33 show management 21-34
Chapter 22: Client Security Commands 22-1
Port Security Commands 22-1
port security 22-2
IP Source Guard Commands 22-3
ip source-guard 22-3 ip source-guard binding 22-5 show ip source-guard 22-6 show ip source-guard binding 22-6
DHCP Snooping Commands 22-7
ip dhcp snooping 22-7
xii
Contents
ip dhcp snooping vlan 22-9 ip dhcp snooping binding 22-10 ip dhcp snooping verify mac-address 22-11 ip dhcp snooping database flash 22-12 ip dhcp snooping trust 22-12 show ip dhcp snooping 22-13 show ip dhcp snooping binding 22-13
Chapter 23: Access Control List Commands 23-1
IP ACLs 23-1
access-list ip 23-2 permit, deny (Standard ACL) 23-2 permit, deny (Extended ACL) 23-3 show ip access-list 23-5 access-list ip mask-precedence 23-6 mask (IP ACL) 23-6 show access-list ip mask-precedence 23-10 ip access-group 23-11 show ip access-group 23-11
MAC ACLs 23-12
access-list mac 23-12 permit, deny (MAC ACL) 23-13 show mac access-list 23-14 access-list mac mask-precedence 23-15 mask (MAC ACL) 23-15 show access-list mac mask-precedence 23-17 mac access-group 23-18 show mac access-group 23-18
ACL Information 23-19
show access-list 23-19 show access-group 23-19
Chapter 24: Interface Commands 24-1
interface 24-1 description 24-2 speed-duplex 24-2 negotiation 24-3 capabilities 24-4 flowcontrol 24-5 media-type 24-6 shutdown 24-6 switchport packet-rate 24-7 switchport block 24-8 clear counters 24-8 show interfaces status 24-9 show interfaces counters 24-10
xiii
Contents
show interfaces switchport 24-11
Chapter 25: Link Aggregation Commands 25-1
channel-group 25-2 lacp 25-2 lacp system-priority 25-4 lacp admin-key (Ethernet Interface) 25-4 lacp admin-key (Port Channel) 25-5 lacp port-priority 25-6 show lacp 25-7
Chapter 26: Mirror Port Commands 26-1
port monitor 26-1 show port monitor 26-2
Chapter 27: Rate Limit Commands 27-1
rate-limit 27-1 rate-limit cos 27-2 show rate-limit cos 27-3
Chapter 28: Address Table Commands 28-1
mac-address-table static 28-1 clear mac-address-table dynamic 28-2 show mac-address-table 28-3 mac-address-table aging-time 28-4 show mac-address-table aging-time 28-4
Chapter 29: Spanning Tree Commands 29-1
spanning-tree 29-2 spanning-tree mode 29-2 spanning-tree forward-time 29-4 spanning-tree hello-time 29-4 spanning-tree max-age 29-5 spanning-tree priority 29-6 spanning-tree pathcost method 29-6 spanning-tree transmission-limit 29-7 spanning-tree mst-configuration 29-7 mst vlan 29-8 mst priority 29-9 name 29-9 revision 29-10 max-hops 29-11 spanning-tree spanning-disabled 29-11 spanning-tree cost 29-12 spanning-tree port-priority 29-13 spanning-tree edge-port 29-14 spanning-tree portfast 29-14
xiv
Contents
spanning-tree link-type 29-15 spanning-tree mst cost 29-16 spanning-tree mst port-priority 29-17 spanning-tree protocol-migration 29-18 show spanning-tree 29-18 show spanning-tree mst configuration 29-20
Chapter 30: VLAN Commands 30-1
GVRP and Bridge Extension Commands 30-1
bridge-ext gvrp 30-2 show bridge-ext 30-2 switchport gvrp 30-3 show gvrp configuration 30-3 garp timer 30-4 show garp timer 30-5
Editing VLAN Groups 30-6
vlan database 30-6 vlan 30-7
Configuring VLAN Interfaces 30-8
interface vlan 30-8 switchport mode 30-9 switchport acceptable-frame-types 30-9 switchport ingress-filtering 30-10 switchport native vlan 30-11 switchport allowed vlan 30-11 switchport forbidden vlan 30-12
Displaying VLAN Information 30-13
show vlan 30-13
Configuring Private VLANs 30-14
pvlan 30-14 show pvlan 30-15
Configuring Protocol-based VLANs 30-16
protocol-vlan protocol-group (Configuring Groups) 30-17 protocol-vlan protocol-group (Configuring Interfaces) 30-17 show protocol-vlan protocol-group 30-18 show interfaces protocol-vlan protocol-group 30-19
Configuring IEEE 802.1Q Tunneling 30-20
switchport mode dot1q-tunnel 30-21 show dot1q-tunnel 30-21 switchport dot1q-ethertype 30-22
Chapter 31: Class of Service Commands 31-1
Priority Commands (Layer 2) 31-1
queue mode 31-2 show queue mode 31-2 switchport priority default 31-3
xv
Contents
queue bandwidth 31-4 queue cos-map 31-4 show queue bandwidth 31-5 show queue cos-map 31-6 vlan priority 31-6 show vlan based priority 31-7
Priority Commands (Layer 3 and 4) 31-8
map ip port (Global Configuration) 31-8 map ip port (Interface Configuration) 31-9 map ip precedence (Global Configuration) 31-9 map ip precedence (Interface Configuration) 31-10 map ip dscp (Global Configuration) 31-11 map ip dscp (Interface Configuration) 31-11 show map ip port 31-12 show map ip precedence 31-13 show map ip dscp 31-14
Chapter 32: Quality of Service Commands 32-1
class-map 32-2 match 32-3 policy-map 32-4 class 32-5 set 32-6 police 32-6 service-policy 32-7 show class-map 32-8 show policy-map 32-8 show policy-map interface 32-9
Chapter 33: Multicast Filtering Commands 33-1
IGMP Snooping Commands 33-1
ip igmp snooping 33-2 ip igmp snooping vlan static 33-2 ip igmp snooping version 33-3 ip igmp snooping leave-proxy 33-3 ip igmp snooping immediate-leave 33-4 show ip igmp snooping 33-5 show mac-address-table multicast 33-6
IGMP Query Commands 33-6
ip igmp snooping querier 33-7 ip igmp snooping query-count 33-7 ip igmp snooping query-interval 33-8 ip igmp snooping query-max-response-time 33-8 ip igmp snooping router-port-expire-time 33-9
Static Multicast Routing Commands 33-10
ip igmp snooping vlan mrouter 33-10
xvi
Contents
show ip igmp snooping mrouter 33-11
Multicast VLAN Registration Commands 33-11
mvr (Global Configuration) 33-12 mvr (Interface Configuration) 33-13 show mvr 33-14
Chapter 34: Domain Name Service Commands 34-1
ip host 34-1 clear host 34-2 ip domain-name 34-3 ip domain-list 34-3 ip name-server 34-4 ip domain-lookup 34-5 show hosts 34-6 show dns 34-7 show dns cache 34-7 clear dns cache 34-8
Chapter 35: IP Interface Commands 35-1
Basic IP Configuration 35-1
ip address 35-1 ip default-gateway 35-2 ip dhcp restart 35-3 show ip interface 35-4 show ip redirects 35-4 show arp 35-4 ping 35-5
Section IV: Appendices
Appendix A: Software Specifications A-1
Software Features A-1 Management Features A-2 Standards A-2 Management Information Bases A-3
Appendix B: Troubleshooting B-1
Problems Accessing the Management Interface B-1 Using System Logs B-2
Glossary
Index
xvii
Contents
xviii
Tables
Table 1-1 Key Features 1-1 Table 1-2 System Defaults 1-6 Table 3-1 Web Page Configuration Buttons 3-3 Table 3-2 Switch Main Menu 3-4 Table 4-1 Logging Levels 4-20 Table 5-1 SNMPv3 Security Models and Levels 5-2 Table 5-2 Supported Notification Messages 5-13 Table 6-1 HTTPS System Support 6-6 Table 6-2 802.1X Statistics 6-18 Table 9-1 LACP Port Counters 9-13 Table 9-2 LACP Internal Configuration Information 9-14 Table 9-3 LACP Neighbor Configuration Information 9-16 Table 9-4 Port Statistics 9-21 Table 11-1 Recommended STA Path Cost Range 11-14 Table 11-2 Recommended STA Path Costs 11-14 Table 11-3 Default STA Path Costs 11-14 Table 13-1 Mapping CoS Values to Egress Queues 13-3 Table 13-2 CoS Priority Levels 13-3 Table 13-3 Mapping IP Precedence 13-8 Table 13-4 Mapping DSCP Priority 13-10 Table 17-1 General Command Modes 17-6 Table 17-2 Configuration Command Modes 17-8 Table 17-3 Keystroke Commands 17-9 Table 17-4 Command Group Index 17-10 Table 18-1 General Commands 18-1 Table 19-1 System Management Commands 19-1 Table 19-2 Device Designation Commands 19-1 Table 19-3 System Status Commands 19-2 Table 19-4 System Mode Commands 19-8 Table 19-5 Frame Size Commands 19-9 Table 19-6 Flash/File Commands 19-12 Table 19-7 File Directory Information 19-16 Table 19-8 Line Commands 19-19 Table 19-9 Event Logging Commands 19-28 Table 19-10 Logging Levels 19-29 Table 19-11 show logging flash/ram - display description 19-32 Table 19-12 show logging trap - display description 19-33 Table 19-13 SMTP Alert Commands 19-34 Table 19-14 Time Commands 19-37 Table 20-1 SNMP Commands 20-1 Table 20-2 show snmp engine-id - display description 20-9 Table 20-3 show snmp view - display description 20-11
xix
Tables
Table 20-4 show snmp group - display description 20-13 Table 20-5 show snmp user - display description 20-15 Table 21-1 Authentication Commands 21-1 Table 21-2 User Access Commands 21-1 Table 21-3 Default Login Settings 21-2 Table 21-4 Authentication Sequence Commands 21-4 Table 21-5 RADIUS Client Commands 21-6 Table 21-6 TACACS+ Client Commands 21-9 Table 21-7 Web Server Commands 21-11 Table 21-8 HTTPS System Support 21-13 Table 21-9 Telnet Server Commands 21-14 Table 21-10 Secure Shell Commands 21-15 Table 21-11 show ssh - display description 21-22 Table 21-12 802.1X Port Authentication Commands 21-24 Table 21-13 Management IP Filter Commands 21-33 Table 22-1 Client Security Commands 22-1 Table 22-2 Port Security Commands 22-1 Table 22-3 IP Source Guard Commands 22-3 Table 22-4 DHCP Snooping Commands 22-7 Table 23-1 Access Control List Commands 23-1 Table 23-2 IP ACL Commands 23-1 Table 23-3 MAC ACL Commands 23-12 Table 23-4 ACL Information Commands 23-19 Table 24-1 Interface Commands 24-1 Table 24-2 show interfaces switchport - display description 24-12 Table 25-1 Link Aggregation Commands 25-1 Table 25-2 show lacp counters - display description 25-7 Table 25-3 show lacp internal - display description 25-8 Table 25-4 show lacp neighbors - display description 25-9 Table 25-5 show lacp sysid - display description 25-10 Table 26-1 Mirror Port Commands 26-1 Table 27-1 Rate Limit Commands 27-1 Table 27-2 Mapping Default to Per Port CoS Priority Levels 27-2 Table 28-1 Address Table Commands 28-1 Table 29-1 Spanning Tree Commands 29-1 Table 29-2 Recommended STA Path Cost Range 29-12 Table 29-3 Recommended STA Path Cost 29-12 Table 29-4 Default STA Path Costs 29-12 Table 30-1 VLAN Commands 30-1 Table 30-2 GVRP and Bridge Extension Commands 30-1 Table 30-3 Commands for Editing VLAN Groups 30-6 Table 30-4 Commands for Configuring VLAN Interfaces 30-8 Table 30-5 Commands for Displaying VLAN Information 30-13 Table 30-6 Private VLAN Commands 30-14 Table 30-7 Protocol-based VLAN Commands 30-16
xx
Tables
Table 30-8 IEEE 802.1Q Tunneling Commands 30-20 Table 31-1 Priority Commands 31-1 Table 31-2 Priority Commands (Layer 2) 31-1 Table 31-3 Default CoS Priority Levels 31-5 Table 31-4 Priority Commands (Layer 3 and 4) 31-8 Table 31-5 Mapping IP Precedence to CoS Values 31-10 Table 31-6 Mapping IP DSCP to CoS Values 31-12 Table 32-1 Quality of Service Commands 32-1 Table 33-1 Multicast Filtering Commands 33-1 Table 33-2 IGMP Snooping Commands 33-1 Table 33-3 IGMP Query Commands 33-6 Table 33-4 Static Multicast Routing Commands 33-10 Table 33-5 Multicast VLAN Registration Commands 33-11 Table 33-6 show mvr - display description 33-15 Table 33-7 show mvr interface - display description 33-15 Table 33-8 show mvr members - display description 33-16 Table 34-1 DNS Commands 34-1 Table 34-2 show dns cache - display description 34-7 Table 35-1 Basic IP Configuration Commands 35-1 Table B-1 Troubleshooting Chart B-1
xxi
Tables
xxii
Figures
Figure 3-1 Home Page 3-2 Figure 3-2 Front Panel Indicators 3-3 Figure 4-1 System Information 4-2 Figure 4-2 System Mode 4-3 Figure 4-3 System MTU 4-4 Figure 4-4 Configuring Support for Jumbo Frames 4-5 Figure 4-5 Switch Information 4-6 Figure 4-6 Displaying Bridge Extension Configuration 4-8 Figure 4-7 IP Interface Configuration - Manual 4-9 Figure 4-8 IP Interface Configuration - DHCP 4-10 Figure 4-9 Copy Firmware 4-12 Figure 4-10 Setting the Startup Code 4-12 Figure 4-11 Deleting Files 4-13 Figure 4-12 Downloading Configuration Settings for Start-Up 4-15 Figure 4-13 Setting the Startup Configuration Settings 4-15 Figure 4-14 Configuring the Console Port 4-17 Figure 4-15 Configuring the Telnet Interface 4-19 Figure 4-16 System Logs 4-21 Figure 4-17 Remote Logs 4-22 Figure 4-18 Displaying Logs 4-23 Figure 4-19 Enabling and Configuring SMTP Alerts 4-24 Figure 4-20 Resetting the System 4-25 Figure 4-21 SNTP Configuration 4-26 Figure 4-22 Clock Time Zone 4-27 Figure 5-1 Enabling the SNMP Agent 5-2 Figure 5-2 Configuring SNMP Community Strings 5-3 Figure 5-3 Configuring SNMP Trap Managers 5-6 Figure 5-4 Setting the SNMPv3 Engine ID 5-7 Figure 5-5 Setting an Engine ID 5-8 Figure 5-6 Configuring SNMPv3 Users 5-10 Figure 5-7 Configuring Remote SNMPv3 Users 5-12 Figure 5-8 Configuring SNMPv3 Groups 5-15 Figure 5-9 Configuring SNMPv3 Views 5-17 Figure 6-1 User Accounts 6-2 Figure 6-2 Authentication Server Settings 6-4 Figure 6-3 HTTPS Settings 6-6 Figure 6-4 SSH Host-Key Settings 6-10 Figure 6-5 SSH Server Settings 6-12 Figure 6-6 802.1X Global Information 6-14 Figure 6-7 802.1X Global Configuration 6-15 Figure 6-8 802.1X Port Configuration 6-16 Figure 6-9 802.1X Port Statistics 6-19 Figure 6-10 IP Filter 6-21
xxiii
Figures
Figure 7-1 Port Security 7-3 Figure 8-1 Selecting ACL Type 8-3 Figure 8-2 ACL Configuration - Standard IPv4 8-4 Figure 8-3 ACL Configuration - Extended IPv4 8-6 Figure 8-4 ACL Configuration - MAC 8-8 Figure 8-5 Selecting ACL Mask Types 8-9 Figure 8-6 ACL Mask Configuration - IP 8-11 Figure 8-7 ACL Mask Configuration - MAC 8-12 Figure 8-8 ACL Port Binding 8-14 Figure 9-1 Port - Port Information 9-1 Figure 9-2 Port - Port Configuration 9-5 Figure 9-3 Static Trunk Configuration 9-7 Figure 9-4 LACP Trunk Configuration 9-9 Figure 9-5 LACP - Aggregation Port 9-11 Figure 9-6 LACP - Port Counters Information 9-13 Figure 9-7 LACP - Port Internal Information 9-15 Figure 9-8 LACP - Port Neighbors Information 9-16 Figure 9-9 Port Broadcast Control 9-18 Figure 9-10 Mirror Port Configuration 9-19 Figure 9-11 Rate Limit Configuration 9-20 Figure 9-12 Port Statistics 9-24 Figure 10-1 Static Addresses 10-1 Figure 10-2 Dynamic Addresses 10-3 Figure 10-3 Address Aging 10-4 Figure 11-1 STA Information 11-4 Figure 11-2 STA Global Configuration 11-9 Figure 11-3 STA Port Information 11-12 Figure 11-4 STA Port Configuration 11-15 Figure 11-5 MSTP VLAN Configuration 11-17 Figure 11-6 MSTP Port Information 11-19 Figure 11-7 MSTP Port Configuration 11-21 Figure 12-1 Globally Enabling GVRP 12-4 Figure 12-2 VLAN Basic Information 12-4 Figure 12-3 VLAN Current Table 12-5 Figure 12-4 VLAN Static List - Creating VLANs 12-7 Figure 12-5 VLAN Static Table - Adding Static Members 12-8 Figure 12-6 VLAN Static Membership by Port 12-9 Figure 12-7 VLAN Port Configuration 12-11 Figure 12-8 Tunnel Port Configuration 12-16 Figure 12-9 Private VLAN Status 12-17 Figure 12-10 Private VLAN Link Status 12-18 Figure 12-11 Protocol VLAN Configuration 12-19 Figure 12-12 Protocol VLAN Port Configuration 12-20 Figure 13-1 Default Port Priority 13-2 Figure 13-2 Traffic Classes 13-4
xxiv
Figures
Figure 13-3 Queue Mode 13-5 Figure 13-4 Queue Scheduling 13-6 Figure 13-5 IP Precedence/DSCP Priority Status 13-8 Figure 13-6 IP Precedence Priority 13-9 Figure 13-7 IP DSCP Priority 13-10 Figure 13-8 IP Port Priority Status 13-11 Figure 13-9 IP Port Priority 13-12 Figure 14-1 Configuring Class Maps 14-4 Figure 14-2 Configuring Policy Maps 14-7 Figure 14-3 Service Policy Settings 14-8 Figure 15-1 IGMP Configuration 15-4 Figure 15-2 Multicast Router Port Information 15-5 Figure 15-3 Static Multicast Router Port Configuration 15-6 Figure 15-4 IP Multicast Registration Table 15-7 Figure 15-5 IGMP Member Port Table 15-8 Figure 15-6 MVR Global Configuration 15-10 Figure 15-7 MVR Port Information 15-11 Figure 15-8 MVR Port Configuration 15-13 Figure 15-9 MVR Group IP Information 15-14 Figure 15-10 MVR Group Member Configuration 15-15 Figure 16-1 DNS General Configuration 16-2 Figure 16-2 DNS Static Host Table 16-4 Figure 16-3 DNS Cache 16-5
xxv
Figures
xxvi

Section I: Getting Started

This section provides an overview of the switch, and introduces some basic concepts about network switches. It also describes the basic settings required to access the management interface.
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-1
Initial Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-1
Getting Started

Chapter 1: Introduction

This switch provides a broad range of features for Layer 2 switching. It includes a management agent that allows you to configure the features listed in this manual. The default configuration can be used for most of the features provided by this switch. However, there are many options that you should configure to maximize the switch’s performance for your particular network environment.

Key Features

Table 1-1 Key Features
Feature Description
Configuration Backup and Restore
Authentication Console, Telnet, web – User name / password, RADIUS, TACACS+
Access Control Lists Supports IP or MAC ACLs
DHCP Client Supported
DNS Client and proxy service
Port Configuration Speed and duplex mode and flow control
Rate Limiting Input and output rate limiting per port
Port Mirroring Single session, one source port to one analysis port
Port Trunking Supports up to 12 trunks per unit, using either static or dynamic trunking (LACP)
Storm Control Broadcast and multicast storm control
Unknown Packet Blocking
Address Table Up to 4K MAC addresses in the forwarding table, 1024 static MAC addresses
IEEE 802.1D Bridge Supports dynamic data switching and addresses learning
Store-and-Forward Switching
Spanning Tree Algorithm
Backup to TFTP server
Web – HTTPS Telnet – SSH SNMP v1/2c - Community strings SNMP version 3 – MD5 or SHA password Port – IEEE 802.1X, MAC address filtering
Fast Ethernet ports - 157 rules, 4 masks shared by 8-port groups Gigabit Ethernet ports - 29 rules, 4 masks
Input rate limiting per port per CoS value
Blocks multicast or unicast packets with unknown MAC address
Supported to ensure wire-speed switching while eliminating bad frames
Supports standard STP, Rapid Spanning Tree Protocol (RSTP), and Multiple Spanning Trees (MSTP)
1-1
Introduction
1
Table 1-1 Key Features (Continued)
Feature Description
Virtual LANs Up to 255 using IEEE 802.1Q, port-based, protocol-based VLANs, private VLANs,
Traffic Prioritization Default port priority, VLAN priority, traffic class map, queue scheduling, IP
Qualify of Service Supports Differentiated Services (DiffServ)
Multicast Filtering Supports IGMP snooping and query, as well as Multicast VLAN Registration
Tunneling Supports IEEE 802.1Q tunneling (QinQ)
and QinQ tunneling
Precedence, or Differentiated Services Code Point (DSCP), and TCP/UDP Port

Description of Software Features

The switch provides a wide range of advanced performance enhancing features. Flow control eliminates the loss of packets due to bottlenecks caused by port saturation. Broadcast storm suppression prevents broadcast traffic storms from engulfing the network. Untagged (port-based), tagged, and protocol-based VLANs, plus support for automatic GVRP VLAN registration provide traffic security and efficient use of network bandwidth. CoS priority queueing ensures the minimum delay for moving real-time multimedia data across the network. While multicast filtering provides support for real-time network applications. Some of the management features are briefly described below.
Configuration Backup and Restore – You can save the current configuration settings to a file on a TFTP server, and later download this file to restore the switch configuration settings.
Authentication – This switch authenticates management access via the console port, Telnet or web browser. User names and passwords can be configured locally or can be verified via a remote authentication server (i.e., RADIUS or TACACS+). Port-based authentication is also supported via the IEEE 802.1X protocol. This protocol uses Extensible Authentication Protocol over LANs (EAPOL) to request user credentials from the 802.1X client, and then uses the EAP between the switch and the authentication server to verify the client’s right to access the network via an authentication server (i.e., RADIUS server).
Other authentication options include HTTPS for secure management access via the web, SSH for secure management access over a Telnet-equivalent connection, SNMP Version 3, IP address filtering for SNMP/web/Telnet management access. MAC address filtering and IP source guard also provide authenticated port access. While DHCP snooping is provided to prevent malicious attacks from unsecure ports.
1-2
Loading...
+ 526 hidden pages
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use