GarrettCom MNS-6K User Manual

MAGNUM 6K FAMILY OF SWITCHES

Managed Network Software (MNS) for Magnum 6K family of Switches

– MNS-6K

Release 3.7.1

CLI User Guide

Preface

This guide describes how to use the Command Line Interface (CLI) for the Magnum
6K family of switches. For the Web Management Interface please refer to the Web
Management Guide.

Some simple guidelines which will be useful for configuring and using the Magnum
6K family of switches -

 If you need information on a specific command in the CLI, type the

command name after you type the word “help” (help <command> ) or just
type <command> [Enter].

 If you need information on a specific feature in Web Management Interface,

use the online help provided in the interface.

 If you need further information or data sheets on GarrettCom Magnum 6K

family of switches, refer to the GarrettCom web links at:

http://www.garrettcom.com/managed_switches.htm (except MP62 switch shown on the page)

GarrettCom Inc.

47823 Westinghouse Drive

Fremont, CA 94539-7437

Phone (510) 438-9071• Fax (510) 438-9072

Email – Tech support – support@garrettcom.com

Email – Sales – sales@garrettcom.com

WWW – http://www.garrettcom.com/

i ii

Trademarks

GarrettCom Inc. reserves the right to change specifications, performance characteristics

and/or model offerings without notice. GarrettCom, Magnum, S-Ring, Link-Loss-Learn,

Converter Switch, Convenient Switch and Personal Switch are trademarks and Personal Hub

is a registered trademark of GarrettCom, Inc.

NEBS is a registered trademark of Telcordia Technologies.

UL is a registered trademark of Underwriters Laboratories.

Ethernet is a trademark of Xerox Corporation.

Copyright © 2007 GarrettCom, Inc. All rights reserved. No part of this publication may be

reproduced without prior written permission from GarrettCom, Inc.

Printed in the United States of America.

Part #: 84-00131

PK-040207

Table of Contents

1 – Conventions Followed...............................................................18

Flow of the User Guide ..........................................................19

2 – Getting Started ............................................................................22

Before starting ..........................................................................22

MNS-6K Software Updates .......................................................23

Console connection .................................................................23

Console setup............................................................................24

Console screen..........................................................................24

Logging in for the first time ...................................................25

Setting the IP parameters........................................................25

Privilege levels...........................................................................28

Operator Privileges......................................................................28

Manager Privileges.......................................................................28

User management.....................................................................28

Add User.......................................................................................29

Delete User...................................................................................29

Modify Password .........................................................................29

Modify the Privilege Level .........................................................29

Modify Access Privileges for a user ..........................................30

Help............................................................................................31

Displaying Help for an Individual Command.........................31

Viewing options for a command...............................................31

Context help.................................................................................32

Exiting........................................................................................33

iii

List of commands in this chapter ..........................................33

3 – IP Address and System Information.....................................35

IP Addressing...............................................................................35

Importance of an IP address ..................................................35

DHCP and bootp ........................................................................36

Bootp Database ...........................................................................36

Configuring Auto/DHCP/Bootp/Manual .............................37

Using Telnet .................................................................................38

Setting serial port parameters .................................................40

System parameters....................................................................41

Date and time............................................................................43

Network time............................................................................44

Saving and loading configuration ..........................................45

Config files....................................................................................48

Displaying configuration.........................................................50

Erasing configuration ..............................................................53

Displaying Serial Number.......................................................54

List of commands in this chapter ..........................................55

Other commands .....................................................................57

4 – IPv6 .................................................................................59

Assumptions.................................................................................59

Introduction to IPv6................................................................59

What’s changed in IPV6?........................................................60

IPv6 Addressing .......................................................................61

Configuring IPv6......................................................................61

List of commands in this chapter ..........................................62

5 – Access Considerations ....................................................64

Securing access.............................................................................64

Passwords ..................................................................................64

Port Security..............................................................................65

iv

Network security..........................................................................65

Configuring Port Security...........................................................65

Logs ............................................................................................71

Authorized managers...............................................................73

List of commands in this chapter ..........................................75

6 – Access Using RADIUS ...................................................77

RADIUS .......................................................................................77

802.1x .........................................................................................77

Configuring 802.1x...................................................................80

List of commands in this chapter ..........................................85

7 – Access Using TACACS+ ................................................87

TACACS – flavors and history..................................................87

TACACS+ Flow.......................................................................88

TACACS+ Packet....................................................................89

Configuring TACACS+ ..........................................................89

List of commands in this chapter ..........................................91

8 – Port Mirroring and Setup................................................93

Port monitoring and mirroring..................................................93

Port mirroring...........................................................................93

Port setup ..................................................................................94

Speed settings...............................................................................95

Flow Control ................................................................................96

Back Pressure ...............................................................................97

Broadcast Storms.........................................................................99

Preventing broadcast storms ................................................100

Port Rate limiting for broadcast traffic...............................101

List of commands in this chapter ........................................101

9 – VLAN............................................................................ 103

Why VLANs?.............................................................................103

Tag VLAN or Port VLAN? .................................................105

v

Private VLANs .......................................................................106

Using Port VLANs ................................................................107

Creating VLANs.....................................................................107

Using Tag VLANs .................................................................111

Tag VLANs and Management .............................................118

List of commands in this chapter ........................................121

10 – Spanning Tree Protocol (STP).................................... 123

STP features and operation......................................................123

Using STP................................................................................124

List of commands in this chapter ........................................134

11 – Rapid Spanning Tree Protocol (RSTP)....................... 135

RSTP concepts...........................................................................135

Transition from STP to RSTP .............................................136

Configuring RSTP..................................................................137

List of commands in this chapter ........................................147

12 – RS-Ring™, S-Ring™ and Link-Loss-Learn™ (LLL) 149

S-Ring and LLL concepts.........................................................150

RS-Ring concepts ......................................................................151

When to use RS-Ring vs S-Ring ..........................................152

Comparing resiliency methods.............................................153

RSTP/STP Operation without RS-Ring or S-Ring ..........154

RSTP/STP Operation with S-Ring .....................................156

LLL with S-Ring.....................................................................158

Ring learn features..................................................................158

Configuring S-Ring ................................................................159

RSTP Operation with RS-Ring ............................................162

Configuring RS-Ring .............................................................164

List of commands in this chapter ........................................166

13 – Dual-Homing.............................................................. 168

vi

Dual-Homing concepts ............................................................168

Dual-Homing Modes.............................................................171

Configuring Dual-Homing ...................................................171

List of commands in this chapter ........................................173

14 – Link Aggregation Control Protocol (LACP) ............... 174

LACP concepts..........................................................................174

LACP Configuration..............................................................175

List of commands in this chapter ........................................185

15 – Quality of Service ........................................................ 186

QoS concepts .............................................................................186

DiffServ and QoS...................................................................187

IP Precedence .........................................................................188

Configuring QoS ....................................................................189

List of commands in this chapter ........................................193

16 – IGMP........................................................................... 195

IGMP concepts..........................................................................195

IGMP-L2.................................................................................199

Configuring IGMP.................................................................202

List of commands in this chapter ........................................207

17 – GVRP...........................................................................209

GVRP concepts .........................................................................209

GVRP Operations..................................................................210

Configuring GVRP ................................................................215

GVRP Operations Notes......................................................216

List of commands in this chapter ........................................217

18 – SNMP.......................................................................... 218

SNMP concepts .........................................................................218

Traps.........................................................................................220

Standards .................................................................................220

vii

Configuring SNMP ................................................................221

Configuring RMON ..............................................................230

List of commands in this chapter ........................................231

19 – Miscellaneous Commands .......................................... 235

Alarm Relays ...........................................................................235

Email ........................................................................................239

Serial Connectivity .................................................................244

Miscellaneous commands .....................................................245

Prompt .....................................................................................246

Ping...........................................................................................247

FTP modes..............................................................................248

System Events.........................................................................248

MAC Address Table ..............................................................253

List of commands in this chapter ........................................254

APPENDIX 1 - Command listing by Chapter ..................257

Chapter 2 – Getting Started..................................................257

Chapter 3 – IP Address and System Information.............258

Chapter 4 – IPv6 ....................................................................261

Chapter 5 – Access Considerations.....................................262

Chapter 6 – Access Using Radius........................................263

Chapter 7 – Access using TACACS+.................................264

Chapter 8 – Port mirroring and setup.................................265

Chapter 9 - VLAN .................................................................266

Chapter 10 – Spanning Tree Protocol (STP).....................267

Chapter 11 – Rapid Spanning Tree Protocol.....................267

Chapter 12 – RS-Ring, S-Ring and Link-Loss-Learn .......268

Chapter 13 – Dual-Homing..................................................270

Chapter 14 – Link Aggregation Control Protocol (LACP)270

Chapter 15 – Quality of Service...........................................270

viii

Chapter 16 - IGMP................................................................271

Chapter 17 - GVRP ...............................................................272

Chapter 18 – SNMP ..............................................................272

Chapter 19 – Miscellaneous Commands ............................275

APPENDIX 2 - Commands sorted alphabetically............278

APPENDIX 3 - Daylight Savings ......................................299

Daylight Savings Time...........................................................299

APPENDIX 4 – Updating MNS-6K Software.................... 301

1. Getting Started ......................................................302

Selecting the proper version .................................................303

Downloading the MNS-6K software..................................303

Next steps................................................................................307

2. Preparing to load the software..............................308

Accessing the switch..............................................................308

Serial Connection.......................................................................308

Network Access.........................................................................309

Saving the Configuration ......................................................309

Serial Connection.......................................................................310

Network Access.........................................................................312

Next steps................................................................................313

3. Loading the MNS-6K software ............................. 314

Before loading the MNS-6K software ................................314

Accessing the switch..............................................................314

Serial Connection.......................................................................315

Network Access.........................................................................316

Next steps................................................................................317

4. (Optional Step) Restoring the configuration........ 318

Accessing the switch..............................................................318

Reloading the configuration .................................................318

ix

Updating boot code over the network................................319

Index................................................................................... 321

x

List of Figures

FIGURE 1 - HyperTerminal screen showing the serial settings ................................................................. 24

FIGURE 2 - Prompt indicating the switch model number as well as mode of operation – note the

commands to switch between the levels is not shown here.............................................................. 25

IGURE 3 - Setting IP address on the switch ......................................................................................... 26

F

FIGURE 4 - Rebooting the switch .......................................................................................................... 27

F

IGURE 5 - Viewing the basic setup parameters. You can use ‘show setup’ or ‘show sysconfig’ to

view setup parameters ................................................................................................................ 27

FIGURE 6 - Switching users and privilege levels. Note the prompt changes with the new privilege

level. .........................................................................................................................................28

FIGURE 7 - Adding a user with Manager level privilege .......................................................................29

FIGURE 8 - Deleting a user ................................................................................................................. 29

FIGURE 9 - Changing the password for a specific user........................................................................... 29

FIGURE 10 - Changing the privilege levels for a user ............................................................................. 30

FIGURE 11 – Creating user access privileges........................................................................................... 30

FIGURE 12 - Help command.............................................................................................................. 31

FIGURE 13 - Help for a specific command........................................................................................... 31

IGURE 14 - Options for the ‘show’ command...................................................................................... 32

F

FIGURE 15 - Listing commands available (at the operator level) ...........................................................32

FIGURE 16 - Listing commands starting with a specific character ..........................................................32

F

IGURE 17 - Listing commands options – note the command was not completed and the TAB

key completed the command. ......................................................................................................33

FIGURE 18 – logout command .............................................................................................................. 33

FIGURE 19 - Checking the IP settings.................................................................................................. 36

FIGURE 20 - Changing the boot mode of the switch .............................................................................. 38

FIGURE 21 - Changing telnet access – note in this case, the enable command was repeated without

any effect to the switch................................................................................................................ 38

FIGURE 22 - Reviewing the console parameters – note telnet is enabled .................................................39

FIGURE 23 - Example of a telnet session............................................................................................. 39

FIGURE 24 – managing and viewing multiple telnet sessions .................................................................. 40

xi

FIGURE 25 - Querying the serial port settings ......................................................................................41

FIGURE 26 - System parameters using the show setup command. Most parameters here cannot be

changed .....................................................................................................................................41

FIGURE 27 - System parameters using the show sysconfig command. Most parameters here can be

changed. ....................................................................................................................................42

FIGURE 28 - Setting the system name, system location and system contact information........................... 42

FIGURE 29 - Setting the system date, time and time zone .....................................................................43

FIGURE 30 - Setting the system daylight saving time............................................................................. 44

FIGURE 31 - Setting up SNTP services ............................................................................................... 45

FIGURE 32 - Saving the configuration on a tftp server ..........................................................................45

F

IGURE 33 – Based on the ftp or tftp or xmodem commands – the MNS-6K based switch can

upload or download different types of files and images .Other files such as log files, hosts file

can also be saved or loaded onto a switch .................................................................................... 47

FIGURE 34 – commands to save the configuration using ftp. Similar options will be specified using

tftp etc. When using the ftp command, use the host command discussed later in this section

to define the ftp server ................................................................................................................ 48

FIGURE 35 – Contents of the config file................................................................................................. 49

FIGURE 36 – Creating host entries on MNS-6K.................................................................................. 50

FIGURE 37 – ‘

FIGURE 38 – displaying specific modules using the

show config’

command output................................................................................... 52

‘show config’

command....................................... 52

FIGURE 39 – displaying configuration for different modules. Note – multiple modules can be

specified on the command line..................................................................................................... 53

FIGURE 40 – Erasing configuration without erasing the IP address .......................................................54

IGURE 41 – Display the serial number, factory code and other relevant setup information...................... 54

F

FIGURE 42 – Configuring IPv6............................................................................................................ 62

FIGURE 43 – Changing password for a given account ............................................................................ 64

FIGURE 44 – Port security configuration mode ......................................................................................65

FIGURE 45 – Port security configuration mode ......................................................................................66

FIGURE 46 – Port security – allowing specific MAC addresses on a specified port. (No spaces

between specified MAC addresses) ............................................................................................. 67

FIGURE 47 – Port security - the port learns the MAC addresses. Note – a maximum of 200

MAC addresses can be learnt per port and a maximum of 500 per switch. Also, the
‘action’ on the port must be set to none before the port ‘learns’ the MAC address

information. ..............................................................................................................................67

FIGURE 48 – Enabling and disabling port security ...............................................................................67

xii

FIGURE 49 – Viewing port security settings on a switch. On port 9, learning is enabled. This port

has 6 stations connected to it with the MAC addresses as shown. Other ports have

learning disabled and the MAC addresses are not configured on those ports ................................68

FIGURE 50 – Enabling learning on a port. Note – after the learning is enabled, the port security

can be queried to find the status of MAC addresses learnt. If there were machines
connected to this port, the MAC address would be shown on port 11 as they are shown on

port 9 .......................................................................................................................................68

FIGURE 51 – Allowing specific MAC address on specific ports. After the MAC address is

specified, the port or specific ports or a range of ports can be queried as shown .............................. 69

FIGURE 52 – Removing a MAC address from port security .................................................................. 69

FIGURE 53 – Setting the logging on a port ............................................................................................ 69

FIGURE 54 – Steps for setting up port security on a specific port ............................................................ 71

F

IGURE 55 – Show log and clear log command. The show log command indicates the type of log

activity in the S column .............................................................................................................73

FIGURE 56 – Steps to allow deny or remove specific services ...................................................................75

FIGURE 57 – 802.1x network components........................................................................................... 78

FIGURE 58 – 802.1x authentication details .........................................................................................79

FIGURE 59 – securing the network using port access ..............................................................................84

FIGURE 60 – Flow chart describing the interaction between local users and TACACS

authorization ............................................................................................................................88

FIGURE 61 – TACACS packet format............................................................................................... 89

FIGURE 62 – Configuring TACACS+............................................................................................... 91

FIGURE 63 – Enabling port mirroring .................................................................................................94

IGURE 64 – Port setup....................................................................................................................... 95

F

FIGURE 65 – Setting up back pressure and flow control on ports............................................................ 99

FIGURE 66 – Setting up broadcast storm protection. Also shows how the threshold can be lowered

for a specific port .....................................................................................................................101

FIGURE 67 – VLAN as two separate collision domains. The top part of the figure shows two

“traditional” Ethernet segments. Up to 32 VLANs can be defined per switch.........................103

FIGURE 68 – Ports can belong to multiple VLANs. In this figure a simplistic view is presented

where some ports belong to VLANs 1, 2 and other ports belong to VLANs 2,3. Ports

can belong to VLANs 1, 2 and 3. This is not shown in the figure. ......................................... 104

FIGURE 69 – routing between different VLANs is performed using a router or a Layer 3 switch

(L3-switch)............................................................................................................................. 105

FIGURE 70 – configuring VLANs on Magnum 6K switch ................................................................ 108

FIGURE 71 – Example of setting up port based VLANs ..................................................................111

xiii

FIGURE 72 – Example for Tag VLAN...........................................................................................118

FIGURE 73 – Editing the VLAN information for enabling or disabling management .........................121

Figure 74 – STP default values – refer to next section “Using STP” for more detailed

explanation on the variables ....................................................................................................124

FIGURE 75 – Viewing STP configuration ..........................................................................................125

FIGURE 76 – STP Port status information......................................................................................... 126

FIGURE 77 – Enabling STP ............................................................................................................. 128

FIGURE 78 – Configuring STP parameters ........................................................................................134

FIGURE 79 – Enabling RSTP and reviewing the RSTP variables...................................................... 139

FIGURE 80 – Reviewing the RSTP port parameters............................................................................ 140

Figure 81 – Path cost as defined in IEEE 802.1d (STP) and 802.1w (RSTP) ............................... 141

F

IGURE 82 – RSTP information from a network with multiple switches. Note the “show stp

ports” command can be executed from the manager level prompt or from rstp configuration

state as shown in the screen captures earlier. .............................................................................141

FIGURE 83 – Configuring RSTP on MNS-6K..................................................................................147

FIGURE 84 – Normal RSTP/STP operations in a series of switches. Note – this normal status

is designated RING_CLOSED............................................................................................155

FIGURE 85 – A fault in the ring interrupts traffic. The blocking port now becomes forwarding so

that traffic can reach all switches in the network Note – the mP62 as well as the ESD42

switches support LLL and can participate in S-Ring as an access switch ..................................156

FIGURE 86 – More than one S-Ring pair can be selected and more than one S-Ring can be

defined per switch. Note – the mP62 as well as the ESD42 switches support LLL and

can participate in S-Ring as an access switch ............................................................................157

IGURE 87 – Activating S-Ring on the switch ....................................................................................159

F

FIGURE 88 – S-Ring configuration commands for root switch ..............................................................161

FIGURE 89 – Link Loss Learn (LLL) setup. Setup LLL on ports connected to other switches

participating in S-Ring............................................................................................................ 162

FIGURE 90 – More than one RS-Ring cannot be defined per managed Magnum 6K switch. Note

– unmanaged switches cannot participate in RS-Ring...............................................................163

FIGURE 91 – Activating RS-Ring on the switch..................................................................................164

FIGURE 92 – RS-Ring configuration commands .................................................................................166

FIGURE 93 – Dual-homing using ESD42 switch and Magnum 6K family of switches. In case of

a connectivity break – the connection switches to the standby path or standby link ..................... 169

FIGURE 94 – Dual-homing using Magnum 6K family of switches. Note the end device (video

surveillance camera) can be powered using PoE options on Magnum 6K family of switches.

xiv

In case of a connectivity break – the connection switches to the standby path or standby

link ........................................................................................................................................169

FIGURE 95 – Using S-Ring, RS-Ring and dual-homing, it is possible to build networks resilient

not only to a single link failure but also for one device failing on the network .............................170

FIGURE 96 – configuring dual-homing ................................................................................................172

FIGURE 97 – Some valid LACP configurations. ................................................................................176

FIGURE 98 – an incorrect LACP connection scheme for Magnum 6K family of switches. All

LACP trunk ports must be on the same module and cannot span different modules..................176

FIGURE 99 – In this figure, even though the connections are from one module to another, this is

still not a valid configuration (for LACP using 4 ports) as the trunk group belongs to two

different VLANs................................................................................................................... 177

F

IGURE 100 - In the figure above, there is no common VLAN between the two sets of ports, so

packets from one VLAN to another cannot be forwarded. There should be at least one

VLAN common between the two switches and the LACP port groups. ...................................177

FIGURE 101 – This configuration is similar to the previous configuration, except there is a common

VLAN (VLAN 1) between the two sets of LACP ports. This is a valid configuration. ........178

FIGURE 102 – In the architecture above, using RSTP and LACP allows multiple switches to be

configured together in a meshed redundant link architecture. First define the RSTP
configuration on the switches. Then define the LACP ports. Then finally connect the ports

together to form the meshed redundant link topology as shown above.......................................... 178

FIGURE 103 – LACP, along with RSTP/STP brings redundancy to the network core or

backbone. Using this reliable core with a dual-homed edge switch brings reliability and

redundancy to the edge of the network.......................................................................................179

FIGURE 104 – This architecture is not recommended............................................................................ 180

FIGURE 105 – Creating a reliable infrastructure using wireless bridges (between two facilities) and

LACP. “A” indicates a Wi-Fi wireless Bridge or other wireless Bridges.................................. 181

IGURE 106 – Configuring LACP....................................................................................................183

F

FIGURE 107 – The network for the ‘show lacp’ command listed below.................................................. 184

FIGURE 108 – LACP information over a network .............................................................................185

FIGURE 109 – ToS and DSCP......................................................................................................... 187

FIGURE 110 - IP Precedence ToS Field in an IP Packet Header.........................................................188

FIGURE 111 - Port weight settings and the meaning of the setting .........................................................190

FIGURE 112 – QoS configuration and setup........................................................................................ 193

FIGURE 113 – IGMP concepts – advantages of using IGMP.............................................................. 197

FIGURE 114 – IGMP concepts – Isolating multicast traffic in a network............................................. 198

FIGURE 115 - In a Layer 2 network, an IGMP multicast traffic goes to all the nodes. In the

figure, T1, a surveillance camera, using multicast, will send the traffic to all the nodes - R1

xv

through R6 - irrespective of whether they want to view the surveillance traffic or not. The
traffic is compounded when additional cameras are added to the network. End result is that
users R1 through R6 see the network as heavily loaded and simple day to day operations

may appear sluggish................................................................................................................. 200

FIGURE 116 - Using IGMP-L2 on Magnum 6K family of switches, a Layer 2 network can

minimize multicast traffic as shown above. Each switch has the IGMPL2 turned on.
Each switch can exchange the IGMP query message and respond properly. R4 wants to
view surveillance traffic from T1. As shown by (1), a join request is sent by R4. Once the
join report information is exchanged, only R4 receives the video surveillance traffic, as
shown by (2). No other device on the network gets the video surveillance traffic unless they

issue a join request as well. ......................................................................................................201

FIGURE 117 – Enabling IGMP and query the status of IGMP ......................................................... 203

F

IGURE 118 – Displaying IGMP groups............................................................................................204

FIGURE 119 – Configuring IGMP.....................................................................................................207

FIGURE 120 - Setting IGMP-L2.......................................................................................................207

FIGURE 121 – GVRP operation – see description below .....................................................................210

FIGURE 122 – VLAN Assignment in GVRP enabled switches. Non GVRP enabled switches

can impact VLAN settings on other GVRP enabled switches.................................................211

FIGURE 123 – Port settings for GVRP operations .............................................................................212

FIGURE 124 – Command to check for dynamically assigned VLANs ................................................213

FIGURE 125 – Converting a dynamic VLAN to a static VLAN.....................................................213

FIGURE 126 – GVRP options........................................................................................................... 214

FIGURE 127 – GVRP configuration example ....................................................................................216

FIGURE 128 – Configuring SNMP – most of the command here are SNMP v3 commands ................230

IGURE 129 – Configuring RMON groups........................................................................................ 231

F

FIGURE 130 – Predefined conditions for the relay ................................................................................236

FIGURE 131 – Setting up the external electrical relay and alerts........................................................... 239

FIGURE 132 – setting SMTP to receive SNMP trap information via email......................................... 244

FIGURE 133 – Optimizing serial connection (shown for Hyper Terminal on Windows XP). The

highlighted fields are the ones to change as described ..................................................................244

FIGURE 134 – History commands ......................................................................................................246

FIGURE 135 – Setting custom prompts................................................................................................247

FIGURE 136 – Using the ping command ............................................................................................. 247

FIGURE 137 – Event log shown on the screen...................................................................................... 249

FIGURE 138 – Using exportlog to export the event log information ......................................................250

FIGURE 139 – Listing of severity - sorted by subsystem and severity .....................................................253

xvi xvii

FIGURE 140 – Display of the internal switching decision table............................................................. 254

FIGURE 141 – Accessing the GarrettCom site for download.................................................................305

FIGURE 142 – Select the proper version to use after successful login ...................................................... 306

FIGURE 143 – Navigate to MNS-6K folder to download the latest MNS-6K software and the

release notes............................................................................................................................. 306

FIGURE 144 – Use the copy command to copy the files to the proper location ........................................307

FIGURE 145 - HyperTerminal screen showing the serial settings .........................................................309

FIGURE 146 – Using telnet command to connect to a Magnum 6K switch with IP address

192.168.10.11 ......................................................................................................................309

FIGURE 147 – Example of saveconf command using serial interface..................................................... 310

F

IGURE 148 – Invoke the “Receive File” to start the Xmodem transfer program. In the figure

above the Windows XP based HyperTerminal screen is shown ................................................. 311

FIGURE 149 – Make sure to select the Xmodem protocol and the proper directory where the

configuration is saved. Click on Receive. This starts the file transfer. .........................................311

FIGURE 150 – Status window for Xmodem (using HyperTerminal under Windows XP) .................... 312

FIGURE 151 – Message which shows the completion of the file transfer (from ‘saveconf’ command).........312

FIGURE 152 – Example of saveconf command for tftp.........................................................................312

FIGURE 153 – Upgrade using serial connection ...................................................................................315

FIGURE 154 – File upload status window under Xmodem (using HyperTerminal under Windows

XP)........................................................................................................................................315

FIGURE 155 – upgrading the switch using the serial interface ............................................................... 316

FIGURE 156 – Dialog for upgrading the image using tftp.....................................................................317

IGURE 157 – Updating the boot code over the network using the upgrade command. Make sure

F

to reboot the switch after the boot loader upgrade is completed.................................................... 319

Chapter

1

1 – Conventions Followed

Conventions followed in the manual…

o best use this document, please review some of the conventions followed in the
manual, including screen captures, interactions and commands with the switch,

T

Box shows interaction with the switch command line or screen captures from the
switch or computer for clarity

Commands typed by a user will be shown in a different color and this
font

Switch prompt – shown in Bold font, with a “# or >” at the end. For the
document we will use Magnum6K25# as the default prompt.

Syntax rules

Optional entries are shown in [square brackets]
Parameter values within are shown in < pointed brackets >
Optional parameter values are shown again in [square brackets]

Thus

Syntax command [parameter1=<value1>[, parameter2=<value2>]]
parameter3=<value3|value4>

In the example above:
Parameter 1 and Parameter 2 are optional values
Parameter 2 can be used optionally only if Parameter 1 is specified
Parameter 3 is mandatory.

Parameter 1 has value1 = IP address
Parameter 2 has value2 = string
Parameter 3 has value3 or value4

etc.

18

MAGNUM 6K SWITCHES, MNS-6K USER GUIDE

Related Topics

j

Related topics show that GarrettCom strongly recommends reading
about those topics. You may choose to skip those if you already have
prior detailed knowledge on those subjects.

Tool box – Necessary software and hardware components needed (or
recommended to have) as a prerequisite. These include serial ports on a
computer, serial cables, TFTP or FTP software, serial terminal emulation
software etc.

Caution or take notice – Things to watch out for in case of problems or
potential problems. This is also used to draw attention to a special issue,
capability or fact.

Terminology – Whenever the word PC is used it implies a UNIX, Linux, Windows or
any other operating system based work station, computer, personal computer, laptop,
notebook or any other computing device. Most of the manual uses Windows-XP based
examples. While effort has been made to indicate other Operating System interactions, it
is best to use a Windows-XP based machine when in doubt.

Supported MNS-6K Version – The documentation reflects features of MNS-6K
version 3.4 or later. If your switch is not at the current version, GarrettCom Inc.
recommends upgrade to the latest version. Please refer to the GarrettCom Web site for
information on upgrading the MNS-6K software on Magnum 6K family of switches.

Product Family – this manual is for all the Magnum 6K family of switches.

Finally, at the end of each chapter, is a list of the commands covered in the chapter
as well as a brief synopsis of what they do.

Flow of the User Guide

The manual is designed to guide the user through a sequence of events.

Chapter 1 – this chapter

Chapter 2 is the basic setup as required by the Magnum 6K family of switches. After

completing Chapter 2, the configuration can be done using the web interface. Chapter 2 is
perhaps the most critical chapter in what needs to be done by the network administrator
once the switch is received.

19

MAGNUM 6K SWITCHES, MNS-6K USER GUIDE

Chapter 3 focuses on operational issues of the switch. This includes time synchronization
using the command line or using a time server on the network.

Chapter 4 through Chapter 6 focuses on security and access consideration. Bad
passwords trump any security setup, so setup the manager passwords carefully as
described in Chapter 2. Chapter 4 describes how to setup port access using MAC address
security. Chapter 5 describes how a RADIUS server can be used for authentication and
access. Chapter 6 essentially is similar to Chapter 5, and talks about using a TACACS+
server instead of a RADIUS server.

Chapter 7 talks about port mirroring and preventing broadcast storms. Port mirroring is
necessary in a network to reflect traffic from one port onto another port so that the traffic
can be captured for protocol analysis or intrusion analysis.

Chapter 8 deals with VLANs. VLANs provide security as well as traffic separation. This
chapter shows how VLANs can be setup and managed.

At this stage the network and the switch are secured. It is now critical to make the
network more reliable. The User Guide switches gears and talks about STP, RSTP and S­Ring technologies which can be used for making the network reliable. These technologies
allow resiliency in a network. Chapters 9 through Chapter 12 discuss some resiliency
techniques.

Chapter 9 shows how STP can be setup and used. Today, RSTP is preferred over STP.

Chapter 10 shows how RSTP is setup and used as well as how RSTP can be used with

legacy devices which support STP only.

Chapter 11 focuses on S-Ring™ and setup of S-Ring (optional). This chapter also talks
about using RS-Ring™ with managed switches.

Chapter 12 talks about dual homing and how dual homing can be used to bring resiliency
to edge devices.

Chapter 13 describes LACP and how LACP can be used to increase the throughput
using 10/100 Mbps ports or in situations where resiliency is needed between switches
(trunks).

Once the network is made resilient, the network manager may want to setup prioritization
of traffic.

Chapter 14 focuses on Quality of Service (QoS) and other prioritization issues.

Chapters 15 and 16 focus on advanced topics such as IGMP and GVRP.

20

MAGNUM 6K SWITCHES, MNS-6K USER GUIDE

Chapter 15 focuses on IGMP.

Chapter 16 focuses on GVRP.

Chapter 17 shows how the SNMP parameters can be setup for managing the switch with

network management software such as Castle Rock SNMPc™

Chapter 18 includes miscellaneous commands to improve the overall ease of use and
other diagnostic information.

21

2 – Getting Started

First few simple steps …

his section explains how the GarrettCom Magnum 6K family of switches can be setup
using the console port on the switch. Some of the functionality includes setting up the IP

T

address of the switch, securing the switch with a user name and password, setting up
VLAN’s and more.

Chapter

2

Before starting

Before you start, it is recommended to acquire the hardware listed below and
be ready with the items listed.

For initial configuration through the serial/console port

1) A female-female null modem cable. This cable is available from GarrettCom Inc.

as well as from LAN store (http://www.lanstore.com)

2) Serial port – if your PC does not have a serial port, you may want to invest in a

USB to serial converter. This is again available from LAN store or from
GarrettCom Inc. Alternately a USB to serial cable can also be used. This cable is
also available from LAN store or GarrettCom Inc.

3) A PC (or a workstation/computer) with a terminal emulation program such as

HyperTerminal (included with Windows) or Teraterm-pro, minicom or other
equivalent software. (Make sure the software supports Xmodem protocol, as you
may need this in the future to update the MNS-6K software)

4) Enough disk space to store and retrieve the configuration files as well as copy

software files from GarrettCom. We recommend at least 15MB of disk space for
this purpose

5) Decide on a manager level account name and password for access security

6) IP address, netmask, default gateway for the switch being configured

As a default, the switch has no IP (Internet Protocol) address and subnet mask. For
first time use, the IP address has to be assigned. This can only be done by using the
console interface provided.

22

MAGNUM 6K SWITCHES, MNS-6K USER GUIDE

The same procedure can also be used for other configuration changes or updates –
e.g. changing the IP address, VLAN assignments and more. Once the IP address is
assigned and a PC is networked to the switch, the switch’s command line interface
(CLI) can be accessed via telnet. To manage the switch through in-band (networked)
access (e.g. telnet, or Web Browser Interface), you should configure the switch with
an IP address and subnet mask compatible with your network. You should also
change the manager password to control access privileges from the console.

Many other features such as optimizing the switch’s performance, traffic engineering
and traffic prioritizing, VLAN configuration, and improving network security can be
configured through the switch’s console interface as well as in-band (networked)
access, once the IP address is setup. Besides the IP address, setting up the SNMP
parameters allows configuration and monitoring through an SNMP network
management station running a network management program (e.g. SNMPc from
Castle Rock – available from GarrettCom Inc.)

MNS-6K Software Updates

j

GarrettCom web site for information on updating the MNS-6K software. The
documentation on how to update the MNS-6K is included as an Appendix in this
manual.

Magnum switches already have the necessary software loaded on
them. If a software upgrade is needed or the MNS-6K software
needs to be updated to the current version, please refer to the

The Login prompt is shown when the connection to the GarrettCom Magnum 6K
Switch is successful and the switch is ready for the configuration commands. Should
you get a boot prompt, please contact GarrettCom technical support.

The IP address of the switch is assigned automatically from a DHCP server or a
BootP server. If these servers do not exist, the switch will be assigned an IP address
which was previously configured or a static IP address of 192.168.1.2 with a netmask
of 255.255.255.0 (if that address is not in use). It is recommended that the user uses
Secure Web Management (SWM) capabilities built into MNS-6K to setup and
manage the switch. Please refer to the SWM user guide for more information.

Console connection

The connection to the console is accessed through the DB-9 RS232 connector on
the switch marked on the Magnum 6K family of switches as a console port. This
interface provides access to the commands the switch can interpret and is called the
Command Line Interface (or CLI). This interface can be accessed by attaching a
VT100 compatible terminal or a PC running a terminal emulation program to the
console port on the Magnum 6K family of switches.

USB to serial adapters are also available for laptops or computers that do not native
serial ports but have access to USB ports.

23

MAGNUM 6K SWITCHES, MNS-6K USER GUIDE

The interface through the console or the Console Management Interface (or CMI)
enables you to reconfigure the switch and to monitor switch status and performance.

Once the switch is configured with an IP address, the Command
Line Interface (or CLI) is also accessible using telnet as well as the
serial port. Access to the switch can be either through the console
interface or remotely over the network.

The Command Line Interface (CLI) enables local or remote unit installation and
maintenance. The Magnum 6K family of switches provides a set of system
commands which allow effective monitoring, configuration and debugging of the
devices on the network.

Console setup

Connect the console port on the switch to the serial port on the computer using the
serial cable listed above. The settings for the HyperTerminal software emulating a
VT100 are shown in Figure 1 below. Make sure the serial parameters are set as
shown (or bps = 38400, data bits=8, parity=none, stop bits=1, flow control=none).

FIGURE 1 - HyperTerminal screen showing the serial settings

Console screen

Once the console cable is connected to the PC and the software configured, MNS­6K legal disclaimers and other text scrolls by on the screen.

24

MAGNUM 6K SWITCHES, MNS-6K USER GUIDE

The switch has three modes of operation – Operator (least privilege), Manager and
Configuration. The prompts for the switches change as the switch changes modes
from Operator to Manager to Configuration. The prompts are shown in Figure 2
below, with a brief explanation of what the different prompts indicate.

Magnum6K> Operator Level – for running operations queries
Magnum6K# Manager Level – for setting and reviewing commands
Magnum6K## Configuration Level – for changing the switch parameter values

FIGURE 2 - Prompt indicating the switch model number as well as mode of operation – note the
commands to switch between the levels is not shown here.

The prompt can be changed by the user. See the Chapter on Miscellaneous

Commands, sub section Prompt for more details. This manual was documented on a

Magnum 6K25 switch, and for clarity, the prompt shown in the manual will be

Magnum6K25

For additional information on default users, user levels and

j

more, see User Management in this guide.

Logging in for the first time

For the first time, use the default user name and passwords assigned by GarrettCom
for the Magnum 6K family of switches. They are:

Username – manager Password – manager
Username – operator Password – operator

We recommend you login as manager for the first time to set up the IP address as
well as change user passwords or create new users.

Setting the IP parameters

To setup the switch, the IP address and other relevant TCP/IP parameters have to
be specified. A new GarrettCom Magnum switch looks for a DHCP or a BootP
server. If a DHCP or a BootP server is present, the switch will be assigned an IP
address from those servers. Failing to find these servers, the IP address is
automatically assigned to 192.168.1.2 with a netmask of 255.255.255.0.

25

MAGNUM 6K SWITCHES, MNS-6K USER GUIDE

Should a situation arise when there are multiple new switches powered up at the
same time, there could be a situation of duplicate IP addresses. In this situation, only
one Magnum switch will be assigned the IP address of 192.168.1.2 and netmask of

255.255.255.0. The other switches will not be assigned an IP address till the static IP
address of 192.168.1.2 is freed up or reassigned.

To change the IP address, please ensure that the IP address to be assigned to the
switch is known or contact your system/network administrator to get the IP address
information. Follow the steps listed below to configure the IP address manually.

• Ensure the power is off

• Follow the steps described above

for connecting the console cable and setting

the console software

• Power on the switch

• Once the login prompt appears, login as manager using default password

(manager)

• Configure the IP address, network mask and default gateway as per the IP

addressing scheme for your network

• Set the Manager Password (recommended–refer to next section)

• Save the settings (without saving, the changes made will be lost)

• Power off the switch (or a software reboot as discussed below)

• Power on the switch – login with the new login name and password

• From the PC (or from the switch) ping the IP address specified for the switch to

ensure connectivity

• From the switch ping the default gateway specified (ensure you are connected to

the network to check for connectivity) to ensure network connectivity

Syntax ipconfig [ip=<ip-address>] [mask=<subnet-mask>]
[dgw=<gateway>] [add|del]

Magnum6K25# ipconfig ip=192.168.1.150 mask=255.255.255.0

dgw=192.168.1.10

Magnum6K25# save

FIGURE 3 - Setting IP address on the switch

This document assumes the reader is familiar with IP
addressing schemes as well as how net mask is used and how
default gateways and routers are used in a network.

26

MAGNUM 6K SWITCHES, MNS-6K USER GUIDE

Reboot gives an opportunity to save the configuration prior to shutdown. For a
reboot – simply type in the command “reboot”. (Note – even though the passwords
are not changed, they can be changed later.)

Magnum6K25# reboot
Proceed on rebooting the switch? [ 'Y' or 'N' ] Y

Do you wish to save current configuration? [ 'Y' or 'N' ] Y

Magnum6K25#

FIGURE 4 - Rebooting the switch

MNS-6K forces an answer the prompts with a “Y” or a “N” to prevent accidental
keystroke errors and loss of work.

The parameters can be viewed at any time by using the ‘show’ command. The show
command will be covered in more detail later in various sections throughout the
document.

Magnum6K25# show setup
Version : Magnum 6K25 build 3.7.1 Sep 27 2007 16:41:37

MAC Address : 00:20:08:03:05:09
IP Address : 192.168.5.5
Subnet Mask : 255.255.255.0
Gateway Address : 192.168.5.1
CLI Mode : Manager
System Name : Magnum 6K25
System Description : 25 Port Modular Ethernet Switch
System Contact : support@garrettcom.com
System Location : Fremont, CA
System ObjectId : 1.3.6.1.4.1.553.12.6
System Serial No : 43576812
Original Factory Config Code : 6K25-8TP

Magnum6K25# show sysconfig
System Name : Magnum6K25

System Contact : support@garrettcom.com
System Location : HO, Fremont, CA
Boot Mode : manual
Inactivity Timeout(min) : 10
Address Age Interval(min) : 300
Inbound Telnet Enabled : Yes
Web Agent Enabled : Yes
Time Zone : GMT-08hours:00minutes
Day Light Time Rule : USA
System UpTime : 36 Days 7 Hours 49 Mins 48 Secs

Magnum6K25#

FIGURE 5 - Viewing the basic setup parameters. You can use ‘show setup’ or ‘show sysconfig’ to

view setup parameters

27

MAGNUM 6K SWITCHES, MNS-6K USER GUIDE

Some of the parameters in the Magnum 6K family of switches are shown above. The
list of parameters below indicates some of the key parameters on the switch and the
recommendations for changing them (or optionally keeping them the same).

Privilege levels

Two privilege levels are available - Manager and Operator. Operator is at privilege
level 1 and the Manager is at privilege level 2 (the privilege increases with the levels).
For example, to set up a user for basic monitoring capabilities use lower number or
operator level privilege (Level 1)

The Manager level provides all Operator level privileges plus the ability to
perform system-level actions and configuration commands. To select this level, enter
the ‘enable <user-name>’ command at the Operator level prompt and enter the
Manager password, when prompted.

Syntax enable <user-name>

For example, switching from an Operator level to manager level, using the ‘enable’
command is shown below in Figure 6

Magnum6K25> enable manager
Password: *******
Magnum6K25#

FIGURE 6 - Switching users and privilege levels. Note the prompt changes with the new privilege

level.

Operator Privileges

Operator privileges allow views of the current configurations but do not allow
changes to the configuration. A ">" character delimits the Operator-level prompt.

Manager Privileges

Manager privileges allow configuration changes. The changes can be done at the
manager prompt or for global configuration as well as specific configuration. A “#”
character delimits any Manager prompt.

User management

A maximum of five users can be added per switch. Users can be added, deleted or
changed from a manager level account. There can be more than one manager
account, subject to the maximum number of users on the switch being restricted to
five.

28

MAGNUM 6K SWITCHES, MNS-6K USER GUIDE

Add User

To add a user, use the command “add” as shown below. The user name has to be a
unique name and can be up to 24 characters long. The password is recommended to be at
least 8 characters long with a mix of upper case, lower case, numbers and special
characters.

Syntax add user=<name> level=<number>

Magnum6K25# user
Magnum6K25(user)## add user=peter level=2

Enter User Password:******
Confirm New Password:******

Magnum6K25(user)##

FIGURE 7 - Adding a user with Manager level privilege

In this example, user ‘peter’ was added with Manager privilege.

Delete User

Syntax delete user=<name>

Magnum6K25(user)##delete user=peter
Confirm User Deletion(Y/N): Y

User successfully deleted
Magnum6K25(user)##

FIGURE 8 - Deleting a user

In this example, user ‘peter’ was deleted.

Modify Pass word

Syntax passwd user=<name>

Magnum6K25(user)## passwd user=peter
Enter New Password:******
Confirm New Password :******

Password has been modified successfully
Magnum6K25(user)##

FIGURE 9 - Changing the password for a specific user

In this example, password for ‘peter’ was modified.

Modify the Privilege Level

Syntax chlevel user=<name> level=<number>

29