HP OfficeConnect 1920S8G, OfficeConnect 1920S 48G, OfficeConnect 1920S 24G Management And Configuration Manual

HPE OfficeConnect 1920S
8G/24G/48G Switch Series
Management and Configuration
Guide

Abstract

Use this guide to assist in managing the following HPE OfficeConnect 1920S switches:

HPE OfficeConnect 1920S 8G Switch (JL380A)
HPE OfficeConnect 1920S 24G Switch (JL381A)
HPE OfficeConnect 1920S 48G Switch (JL382A)
HPE OfficeConnect 1920S 8G PPoE+ (65W) Switch (JL383A)
HPE OfficeConnect 1920S 24G PPoE+(185W) Switch (JL384A)
HPE OfficeConnect 1920S 24G PoE+(370W) Switch (JL385A)
HPE OfficeConnect 1920S 48G PPoE+ (370W) Switch (JL386A)

Part Number: 5200-2836a

Published: June 2017

Edition: 2

© Copyright 2017 by Hewlett Packard Enterprise Development LP

The information contained herein is subject to change without notice. The only warranties for Hewlett Packard Enterprise products
and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be
construed as constituting an additional warranty. Hewlett Packard Enterprise shall not be liable for technical or editorial errors or
omissions contained herein.

Confidential computer software. Valid license from Hewlett Packard Enterprise required for possession, use, or copying. Consistent
with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commer­cial Items are licensed to the U.S. Government under vendor’s standard commercial license.

Links to third-party websites take you outside the Hewlett Packard Enterprise website. Hewlett Packard Enterprise has no control
over and is not responsible for information outside the Hewlett Packard Enterprise website.

Acknowledgments

Microsoft®, Windows®, and Windows NT® are US registered trademarks of Microsoft Corporation.

Java and Oracle are registered trademarks of Oracle and/or its affiliates.

Open Source Code Notice

This product includes code licensed under the GNU General Public License, the GNU Lesser General Public License, and/or certain
other open source licenses. A complete machine-readable copy of the source code corresponding to such code is available upon
request. This offer is valid to anyone in receipt of this information and shall expire three years following the date of the final distribu­tion of this product version by Hewlett Packard Enterprise Company. To receive the CD, HPE charges a small fee in order to cover
the actual costs of manufacturing and shipping the CD.

Requests for Open Source Software should be emailed to HPN_SMB_FOSS_code_request@hpe.com

Please specify the product and version for which you are requesting source code.

.

Warranty

For the software end user license agreement and the hardware limited warranty information for HPE Networking products, visit

http://www.hpe.com/support/Networking-Warranties

Applicable Products

HPE OfficeConnect 1920S 8G Switch JL380A

HPE OfficeConnect 1920S 24G Switch JL381A

HPE OfficeConnect 1920S 48G Switch JL382A

HPE OfficeConnect 1920S 8G PPoE+ (65W) Switch JL383A

HPE OfficeConnect 1920S 24G PPoE+(185W) Switch JL384A

HPE OfficeConnect 1920S 24G PoE+(370W) Switch JL385A

HPE OfficeConnect 1920S 48G PPoE+ (370W) Switch JL386A

.

Contents

Preface........................................................................................................... 10

About This Document ................................................................................................................... 10

Audience ................................................................................................................................ 10

About Your Switch Manual Set ..................................................................................................... 10

Supported Features ...................................................................................................................... 11

1 Getting Started .............................................................................................12

Connecting the Switch to a Network............................................................................................. 12

Operating System and Browser Support................................................................................ 13

Getting Started With the Web Interface........................................................................................ 13

Logging On............................................................................................................................. 13

Interface Layout and Features ............................................................................................... 14

Common Page Elements ....................................................................................................... 15

Saving Changes..................................................................................................................... 15

Graphical Switch .................................................................................................................... 15

Port Configuration and Summary .................................................................................... 16

System LEDs................................................................................................................... 16

Port Status Indicator ........................................................................................................ 16

2 Dashboard....................................................................................................17

3 Setup Network..............................................................................................19

Get Connected.............................................................................................................................. 19

HTTPS Configuration .............................................................................................................22

System Time Pages...................................................................................................................... 24

System Time .......................................................................................................................... 24

Time Configuration................................................................................................................. 25

Time Zone Configuration........................................................................................................ 27

Daylight Saving Time Configuration....................................................................................... 28

User Accounts .............................................................................................................................. 30

Configuration.......................................................................................................................... 30

Adding a User Account.................................................................................................... 31

Changing User Account Information................................................................................ 32

Removing a User Account............................................................................................... 32

Sessions................................................................................................................................. 33

Password Manager....................................................................................................................... 34

Contents 3

4 Switching Features.......................................................................................36

Port Configuration......................................................................................................................... 36

Port Status ............................................................................................................................. 36

Modifying Interface Settings ............................................................................................ 38

Port Summary Statistics.........................................................................................................39

Port Mirroring ................................................................................................................................ 40

Port Mirroring Configuration ................................................................................................... 40

Configuring a Port Mirroring Session............................................................................... 41

Configuring a Port Mirroring Source ................................................................................ 42

Configuring the Port Mirroring Session Destination......................................................... 43

Removing Source Ports from a Session.......................................................................... 43

Port Mirroring Summary ......................................................................................................... 44

Flow Control.................................................................................................................................. 45

Spanning Tree .............................................................................................................................. 46

Spanning Tree Switch Configuration...................................................................................... 46

Spanning Tree MSTP Summary ............................................................................................ 48

Spanning Tree MSTP Port Summary..................................................................................... 49

Viewing MSTP Port Details or Editing MSTP Port Settings............................................. 50

CST Configuration.................................................................................................................. 52

CST Port Summary ................................................................................................................54

Viewing CST Port Details or Editing CST Port Settings .................................................. 55

Spanning Tree Statistics ........................................................................................................58

Auto Recovery Configuration ................................................................................................. 59

Loop Protection............................................................................................................................. 61

Loop Protection Status........................................................................................................... 61

Loop Protection Configuration................................................................................................ 62

Configuring Loop Protection Settings on Interfaces ........................................................ 63

IGMP Snooping ............................................................................................................................ 65

SNMP ........................................................................................................................................... 66

SNMP v1 and v2 .................................................................................................................... 66

SNMP v3 ................................................................................................................................ 66

SNMP Community Configuration ........................................................................................... 67

Adding an SNMP Community or Community Group........................................................ 68

Removing an SNMP Community or Community Group................................................... 68

SNMP v1/v2 Trap Receivers.................................................................................................. 69

Adding an SNMP v1/v2 Trap Receiver............................................................................ 69

Removing an SNMP v1/v2 Trap Receiver....................................................................... 70

SNMP 3 Trap Receivers ........................................................................................................ 70

Page 4 Contents

Adding an SNMP v3 Trap Receiver................................................................................. 71

Removing an SNMP v3 Trap Receiver............................................................................ 72

Access Control Group ............................................................................................................72

Adding an SNMP Access Control Group......................................................................... 73

Removing an SNMP Access Control Group.................................................................... 73

User Security Model............................................................................................................... 74

Adding an SNMP v3 User................................................................................................ 75

Removing an SNMP v3 User........................................................................................... 75

SNMP View Entry................................................................................................................... 76

Adding an SNMP View .................................................................................................... 77

Removing an SNMP View ............................................................................................... 77

5 Virtual LAN ...................................................................................................78

Viewing VLAN Status and Adding VLANs .................................................................................... 78

Adding VLANs........................................................................................................................ 79

Changing a VLAN Name........................................................................................................ 80

Configuring Interfaces as VLAN Members ................................................................................... 80

VLAN Port Configuration .............................................................................................................. 82

Auto Voice VLAN Configuration.................................................................................................... 83

6 Trunks ..........................................................................................................85

Trunk Configuration ...................................................................................................................... 86

Modifying Trunk Settings........................................................................................................87

Trunk Statistics ............................................................................................................................. 88

7 Link Layer Discovery Protocol (LLDP and LLDP-MED) ...............................89

LLDP Global Configuration........................................................................................................... 89

LLDP Local Device Summary.......................................................................................................91

Displaying Port Details ........................................................................................................... 92

LLDP Remote Device Summary................................................................................................... 93

LLDP Global Statistics .................................................................................................................. 94

LLDP-MED Global Configuration.................................................................................................. 96

LLDP-MED Local Device Summary.............................................................................................. 98

LLDP-MED Remote Device Summary.......................................................................................... 99

Displaying Remote Device Details ....................................................................................... 100

8 Power Over Ethernet..................................................................................102

PoE Capabilities ......................................................................................................................... 102

PoE Configuration....................................................................................................................... 103

PoE Port Configuration ............................................................................................................... 104

Contents 5

Modifying Port PoE Settings ................................................................................................ 105

Viewing PoE Port Details ..................................................................................................... 106

PoE Port Schedule ..................................................................................................................... 107

Configuring an Absolute Time Period .................................................................................. 108

Adding a Periodic Time Period............................................................................................. 109

9 Routing.......................................................................................................110

Routing IP Interface Summary ............................................................................................. 110

Global Routing IP Configuration........................................................................................... 112

Routing IP VLAN/Interface Configuration............................................................................. 114

Routing IP Statistics ............................................................................................................. 116

IPv4 Routing ............................................................................................................................... 119

IP Route Summary............................................................................................................... 119

Configured Route Summary................................................................................................. 120

Adding a Static Route.................................................................................................... 121

Removing a Route......................................................................................................... 121

Route Table.......................................................................................................................... 122

DHCP Relay ............................................................................................................................... 123

DHCP Relay Global Configuration ....................................................................................... 123

Adding a DHCP Server.................................................................................................. 124

Removing a DHCP Server............................................................................................. 124

DHCP Relay VLAN/Interface Configuration ......................................................................... 124

Adding a DHCP Server.................................................................................................. 125

Removing a Relay Interface .......................................................................................... 125

DHCP Relay Statistics ......................................................................................................... 126

Configuring ARP ......................................................................................................................... 127

ARP Table Summary ........................................................................................................... 128

Adding a Static ARP Entry............................................................................................. 129

Removing an ARP Entry................................................................................................ 129

ARP Table Configuration ..................................................................................................... 130

ARP Table Statistics ............................................................................................................131

10 Quality of Service (QoS) ..........................................................................132

Configuring Access Control Lists................................................................................................132

Access Control List Summary .............................................................................................. 132

Adding an ACL .............................................................................................................. 133

Removing an ACL.......................................................................................................... 134

Access Control List Configuration.................................................................................. 134

Adding a Rule to a Standard IPv4 ACL ......................................................................... 135

Page 6 Contents

Adding a Rule to an Extended or Named IPv4 ACL...................................................... 137

Adding a Rule to an Extended MAC ACL...................................................................... 140

Access Control List Interface Summary ............................................................................... 143

Associating an ACL with an Interface............................................................................ 143

Removing an Association Between an ACL and an Interface ....................................... 144

Access Control List VLAN Summary.................................................................................... 144

Associating an ACL with a VLAN................................................................................... 145

Removing an Association Between an ACL and a VLAN.............................................. 145

Access Control List Statistics ............................................................................................... 146

Configuring Class of Service ...................................................................................................... 147

802.1p CoS Mapping Configuration ..................................................................................... 147

Configuring 802.1p CoS Mapping on an Interface......................................................... 148

DSCP CoS Global Mapping Configuration........................................................................... 149

CoS Trust Configuration....................................................................................................... 151

Configuring the Trust Mode and Shaping Rate on an Interface .................................... 151

CoS Interface Queue Configuration ..................................................................................... 152

Configuring CoS Queue Settings................................................................................... 153

11 Security ....................................................................................................154

Advanced Security Configuration ............................................................................................... 154

RADIUS Settings ........................................................................................................................ 156

RADIUS Configuration ......................................................................................................... 156

Adding a RADIUS Server .............................................................................................. 158

Changing RADIUS Server Settings ............................................................................... 158

Removing a RADIUS Server ......................................................................................... 159

RADIUS Server Statistics..................................................................................................... 159

RADIUS Accounting Server Status ...................................................................................... 161

Adding a RADIUS Accounting Server............................................................................ 162

Changing RADIUS Accounting Server Settings ............................................................ 162

Removing a RADIUS Accounting Server....................................................................... 163

RADIUS Accounting Server Statistics.................................................................................. 163

Port Access Control .................................................................................................................... 165

Port Access Control Configuration ....................................................................................... 165

Configuring Port Access Control on an Interface........................................................... 168

Viewing Per-port 802.1X Details.................................................................................... 171

Port Access Control Statistics .............................................................................................. 172

Port Access Control Client Summary................................................................................... 174

Port Access Control History Log Summary.......................................................................... 175

Contents 7

Configuring Protected Ports........................................................................................................ 176

Protected Ports Configuration .............................................................................................. 176

Creating a Protected Ports Group ................................................................................. 176

Editing a Protected Ports Group.................................................................................... 177

Removing a Protected Ports Group ..................................................................................... 177

Storm Control.............................................................................................................................. 178

12 Green Features ........................................................................................180

Green Features Configuration ....................................................................................................180

EEE Status ................................................................................................................................. 181

13 Diagnostics...............................................................................................183

Buffered Log ............................................................................................................................... 183

Crash Log............................................................................................................................. 184

Log Configuration ....................................................................................................................... 185

Ping............................................................................................................................................. 187

Ping IPv4.............................................................................................................................. 187

Ping IPv6.............................................................................................................................. 188

Traceroute .................................................................................................................................. 190

Traceroute IPv4.................................................................................................................... 190

Traceroute IPv6.................................................................................................................... 192

Reboot Switch............................................................................................................................. 194

Factory Defaults.......................................................................................................................... 195

Support File ................................................................................................................................ 196

Locator........................................................................................................................................ 197

MAC Table.................................................................................................................................. 198

14 Maintenance Pages .................................................................................200

Dual Image Configuration ........................................................................................................... 200

Backup and Update Manager ..................................................................................................... 201

Backing Up Files .................................................................................................................. 201

Updating Files ...................................................................................................................... 203

A Support and other resources .....................................................................206

Accessing Hewlett Packard Enterprise Support................................................................... 206

Accessing updates ...............................................................................................................206

Websites........................................................................................................................207

Customer self repair ...................................................................................................... 207

Remote support ............................................................................................................. 207

Documentation feedback............................................................................................... 208

Page 8 Contents

B Warranty information .................................................................................209

Warranty information .................................................................................................................. 209

Contents 9

Preface

About This Document

The HPE OfficeConnect 1920S Switch Series provides reliable, plug-and-play Gigabit network connec­tivity. The HPE OfficeConnect 1920S switches are ideal for open offices that require silent operation or
businesses making the transition from unmanaged to managed networks.

The HPE OfficeConnect 1920S switches can be managed in-band from a remote network station using
a web-based graphical user interface (GUI), and its configuration may also be viewed using the SNMP
manager. This guide describes how to configure and view the software features using the web GUI.

Audience

The information in this guide is primarily intended for system administrators and support providers who
are responsible for configuring, operating, or supporting a network using HPE OfficeConnect 1920S
switch software. An understanding of the software specifications for the networking device platform,
and a basic knowledge of Ethernet and networking concepts, are presumed.

About Your Switch Manual Set

The switch manual set includes the following:

 HPE OfficeConnect 1920S Switch Series Quick Setup Guide and Safety/Regulatory Infor-

mation - a printed guide shipped with your switch. Provides illustrations for basic installation and
setup. Also includes product specifications, as well as safety and regulatory statements and stan­dards supported by the switch.

 HPE OfficeConnect 1920S Switch Series Installation and Getting Started Guide - (HPE web-

site only). Provides detailed installation guide for your switch, including physical installation on
your network, basic troubleshooting, product specifications, supported accessories, Regulatory
and Safety information.

 HPE OfficeConnect 1920S Switch Series Management and Configuration Guide - This guide

describes how to manage and configure switch features using a web browser interface.

 Release Notes - (HPE website only). Provides information on software updates. The Release

Notes describe new features, fixes, and enhancements that become available between revisions
of the above guides.

NOTE:

For the latest version of all HPE documentation, visit the HPE website at

www.hpe.com/support/manuals. Then select your switch product.

Page 10 About This Document

Supported Features

HPE OfficeConnect 1920S switches include support for the following features:

Feature HPE OfficeConnect 1920S Series Switch

HTTP and HTTPS sessions 4 each, 8 total

SNMPv1/v2c/v3 (r/w community) 1

MAC table 16382 entries

SNTP server configuration 1

Time zones count 91

Jumbo frame size 9216 bytes

Soft session web session timeout 1 min–60 min

Hard session web session timeout 1 Hr–168 Hrs

Trunk configuration (8 port switch) 4

Trunk configuration (24 port switch) 8

Trunk configuration (48 port switch) 16

Trunk membership ports (8 port switch) 4

Trunk membership ports (24 port switch) 4

Trunk membership ports (48 port switch) 8

VLANs 256

VLAN IDs 1-4093

VLAN priority levels 0–7

ACLs (IPv4 and MAC) 50

Configurable rules per list 2

ACL rules per interface 10

CoS queues per port 4

IEEEE 802.1p traffic classes 4

Static routes 32

ARP entries 509

Syslog servers 1

Buffered logs 200 (total storage 10K)

Maintenance users 1

Password length 8 chars–64 chars

Images 2

Supported Features 11

1 Getting Started

This chapter describes how to make the initial connections to the switch and provides an overview of
the web interface.

Connecting the Switch to a Network

To enable remote management of the switch through a web browser, the switch must be connected to
the network. By default, the switch is configured to acquire an IP address from a DHCP server on the
network. If the switch does not obtain an address from a DHCP server, the switch will be assigned the
IP address 192.168.1.1.

NOTE:

 To use DHCP for IP network configuration, the switch must be connected to the same network as

the DHCP server. You will need to access your DHCP server to determine the IP address
assigned to the switch.

 The switch supports LLDP (Link Layer Discovery Protocol), allowing discovery of its IP address

from a connected device or management station.

 If DHCP is used for configuration and the switch fails to be configured, the IP address 192.168.1.1

is assigned to the switch interface.

To access the web interface on the switch by using the default IP address:

1. Connect the switch to the management PC or to the network using any of the available network

ports.

2. Power on the switch.

3. Set the IP address of the management PC’s network adapter to be in the same subnet as the

switch.

For example, set it to IP address 192.168.1.2, mask 255.255.255.0.

4. Enter the IP address 192.168.1.1 in the web browser. See page 13 for web browser requirements.

Thereafter, use the web interface to configure a different IP address or configure the switch as a DHCP
client so that it receives a dynamically assigned IP address from the network.

After the switch is able to communicate on your network, enter its IP address into your web browser’s
address field to access the switch management features.

Page 12 Connecting the Switch to a Network

Operating System and Browser Support

The following operating systems and browsers with JavaScript enabled are supported:

Operating System Browser

Windows 7 Internet Explorer 9, 10

Firefox 38.2.1, 40.0.3, 41.0.b1 (beta)
Chrome 44.0.2403, 45.0.2454, 46.0 (beta)

Windows 8/8.1 Internet Explorer 11 (included in base OS 8.1)

Firefox 38.2.1, 40.0.3, 41.0.b1 (beta)
Chrome 44.0.2403, 45.0.2454, 46.0 (beta)

Windows 10 Internet Explorer 11 (included in base OS)

Chrome 44.0.2403, 45.0.2454 (beta)

MacOS X Firefox 38.2.1, 40.0.3, 41.0.b1 (beta)

MacOS X 10.6 and later Safari 7, Chrome 44.0.2403, 45.0.2454, 46.0 (beta)

Getting Started With the Web Interface

This section describes how to log on to the switch and provides information about the page layout.

Logging On

Follow these steps to log on through the web interface:

1. Open a web browser and enter the IP address of the switch in the web browser address field.

2. On the Login page, enter the username and password (if one has been set), and then click Log In.

By default, the username is admin and there is no password. After the initial log on, the administra­tor may configure a password.

NOTE:

To set the password or change the username, see “Password Manager” on page 34.

Figure 1. Login Page

Getting Started With the Web Interface 13

Interface Layout and Features

Navigation Pane Graphical Switch Common Links

Figure 2 shows the initial view.

Figure 2. Interface Layout and Features

Click on any topic in the navigation pane to display related configuration options.

The Dashboard page displays when you first log on and when you click Dashboard in the navigation
pane. See “Dashboard” on page 17 for more information.

You can click the Setup Network link beneath Dashboard to display the Get Connected page, which
you use to set up a management connection to the switch. See “Get Connected” on page 19 for more
information.

The graphical switch displays summary information for the switch LEDs and port status. For informa­tion on this feature see “Graphical Switch” on page 15.

Page 14 Getting Started With the Web Interface

Common Page Elements

Port Configuration and Summary
(Point, left-click, or right-click on any port for options)

System LEDs

Port Status Indicator

Most pages contain a common set of buttons that include one or more of the following:

 Click on any page to display a help panel that explains the fields and configuration options on

the page.

 Click to send the updated configuration to the switch. Applied changes update the device

running configuration and take effect immediately. If you want the device to retain these changes
across a reboot, you must first save the configuration. See “Saving Changes” on page 15.

 Click to refresh the page with the latest information from the switch.

 Click to clear any configurations changes that have not yet been applied on a page.

 Click to end the current management session.

Saving Changes

When you click , changes are saved to the running configuration file in RAM. Unless you save
them to system flash memory, the changes will be lost if the system reboots. To save them perma-

nently, click on the upper right side of the page. Note that when there are unsaved
changes, the button displays a file image ( ). A page displays to confirm that you want to

save, followed by a page that confirms that the operation was completed successfully.

Graphical Switch

The graphical switch, shown in Figure 3, displays at the top of the page as a representation of the
physical switch to provide status information about individual ports. The graphical switch enables easy
system configuration and web-based navigation.

You can right-click anywhere on the graphic and select from the menu to display the product informa­tion on the Dashboard page, to refresh the graphic display, and to set the automatic refresh rate.

Figure 3. Graphical Switch

Getting Started With the Web Interface 15

Port Configuration and Summary

You can point to any port to display the following information about the port:

 The link status (up or down).

 Auto negotiation status.

 The maximum transmission unit (MTU), which is the largest packet size that can be transmitted on

the port.

You can left-click a port to display the Port Status page.

System LEDs

The following System LEDs reflect the status of the actual LEDs on the switch:

 Power (Green)

 On— The switch is receiving power.

 Blinking— The switch is receiving power through its Power Over Ethernet (PoE) port.

 Off— The switch is powered off or is NOT receiving power.

 Fault/Locator (Orange)

 Blinking rapidly—A fault has occurred, other than during self-test.

 Blinking slowly— The locator function has been enabled to help physically locate the switch.

 On— If continuously on, no firmware was detected upon boot-up.

 Off— The locator function is disabled and the switch is operating properly.

Port Status Indicator

Each port in the device view is visually represented by one of five different state images.

Port State Image Description

Active

Disabled

Error

Inactive

Sourcing Power

The port is connected, enabled, and the link is up.

The port has been administrative disabled. This image is also used for “dead” ports
that may exist physically on the device but have no internal connection.

The port has an error condition and may or may not be active.

The port is connected and enabled, but the link is down (likely because no cable is
connected).

For a PoE port, this image is overlaid on the port when it is providing power.

Page 16 Getting Started With the Web Interface

2 Dashboard

You can use the Dashboard page to display and configure basic information about the system.

The Dashboard page displays basic information such as the configurable switch name and description,
the IP address for management access, and the software and operating system versions. This page
also shows resource usage statistics.

This page is displayed when you first log on or when you click Dashboard in the navigation pane.

Figure 4. Dashboard Page

NOTE:

The Logged In Users fields display only if more than one user is logged into the system.

Getting Started With the Web Interface 17

If you update the name, location, or contact information, click Apply to update the switch configuration.
Your changes take effect immediately but are not retained across a switch reset unless you click Save

Configuration.

Table 1. Dashboard Page Fields

Field Description

System Information

A description of the switch hardware, including the hardware type, software version, operating

System Description

System Name

System Location

System Contact

System Object ID

System Up Time

Current Time

Date

system version, and boot loader (U-Boot) version.

Enter the preferred name to identify this switch. A maximum of 64 alpha-numeric characters
including hyphens, commas and spaces are allowed. This field is blank by default.

The user configurable switch name will appear in the login screen banner.

Enter the location of this switch. A maximum of 255 alpha-numeric characters including
hyphens, commas, and spaces are allowed. This field is blank by default.

Enter the name of the contact person for this switch. A maximum of 255 alpha-numeric
characters including hyphens, commas, and spaces are allowed. This field is blank by default.

The base object ID for the switch's enterprise MIB.

The time in days, hours and minutes since the last switch reboot.

The current time in hours, minutes, and seconds as configured (24- or 12-hr AM/PM format)
by the user.

The current date in month, day, and year format.

Device Information

Software Version

Operating System

Serial Number

System Resource Usage

CPU Utilization

Memory Usage

Logged In Users—These fields display only when more than one user is logged into the management utility.

Username

Connection From

Idle Time

Session Time

The version of the code running on the switch.

The version of the operating system running on the switch.

The unique serial number assigned to the switch.

The percentage of CPU utilization for the entire system averaged over the past 60 seconds.

The percentage of total system memory (RAM) currently in use.

The username of each logged in user.

The IP address from which the user logged in.

The time that has elapsed since the last user activity.

The amount of time the user session has been active.

Page 18 Getting Started With the Web Interface

3 Setup Network

You can use the Setup Network pages to configure how a management computer connects to the
switch, to setup system time settings, and to manage switch administrator accounts and passwords.

Get Connected

Use the Get Connected page to configure settings for the network interface. The network interface is
defined by an IP address, subnet mask, and gateway. Any one of the switch's front-panel ports can be
selected as the management port for the network interface. The configuration parameters associated
with the switch's network interface do not affect the configuration of the front-panel ports through which
traffic is switched or forwarded except that, for the management port, the port VLAN ID (PVID) will be
the management VLAN.

To display the Get Connected page, click Setup Network > Get Connected.

In the example configuration in Figure 5, the switch is configured to acquire its IP address through
DHCP, which is the default setting. Access to the management software is restricted to members of
VLAN 1.

Figure 5. Get Connected Page

Get Connected 19

Table 2. Get Connected Fields

Field Description

Network Details

Internet Protocol Address Select whether to configure the IPv4 or IPv6 information for the switch. The rest of the fields

IPv4 Network Details

Protocol Type Select the type of network connection:

IP Address The IPv4 address for the switch.

Subnet Mask The IPv4 subnet address to be used. The default IP subnet address is 255.255.255.0.

in the Network Details section depend on the option you select.

 Static— Select this option to enable the IP address, subnet mask, and gateway fields for

data entry.

 DHCP— Select this option to enable the switch to obtain IP information from a DHCP

server on the network. If the DHCP server responds, then the assigned IP address is
used. If DHCP is enabled but the DHCP server does not respond, the default static IP
address 192.168.1.1 is used. DHCP operation is enabled by default.

When a DHCP server assigns an IP address to the switch, it specifies the time for which the
assignment is valid. After the time expires, the server may reclaim the address for assignment
to another device. When DHCP is enabled, you can click to send a request to the DHCP
server to renew the lease.

Only a user-configured static IP address is saved to flash.
CAUTION: Changing the protocol type or IP address discontinues the current connection;

you can log on again using the new IP information.

If the Protocol Type is set to DHCP, this field displays the IP address assigned by the DHCP
server. If the Protocol Type is set to Static, the IP address can be manually configured in this
field. The default IP address is 192.168.1.1.

Note: A broadcast, multicast, or network IP address should not be entered in this field.

Gateway Address The IPv4 gateway address to be used. When in doubt, set this to be the same as the default

MAC Address The hardware MAC address of this switch.

IPv6 Network Details

IPv6 Mode Enables or disables the IPv6 administrative mode on the network interface.

Network Configuration
Protocol

IPv6 Stateless Address
AutoConfig Mode

gateway address used by your PC.

Specify whether the device should attempt to acquire network information from a DHCPv6
server. Selecting None disables the DHCPv6 client on the network interface.

Sets the IPv6 stateless address autoconfiguration mode on the network interface.

 Enabled – The network interface can acquire an IPv6 address through IPv6 Neighbor

Discovery Protocol (NDP) and through the use of Router Advertisement messages.

 Disabled – The network interface will not use the native IPv6 address autoconfiguration

features to acquire an IPv6 address.

Static IPv6 Addresses Specify the IPv6 address to add to the interface.

Dynamic IPv6 Addresses Lists the IPv6 addresses on the network interface that have been dynamically configured

EUI Flag Select this option to enable the Extended Universal Identifier (EUI) flag for IPv6 address, or

DHCPv6 Client DUID The client identifier used by the DHCPv6 client (if enabled) when sending messages to the

IPv6 Gateway Specify the default gateway for the IPv6 network interface.

through IPv6 autoconfiguration or DHCPv6.

clear the option to omit the flag.

DHCPv6 server.

Page 20 Get Connected

Field Description

HTTP Management Access

HTTP Admin Mode Enables or disables the HTTP administrative mode. When enabled, the device can be

HTTP Port The TCP port number on which the HTTP server listens for requests. Existing HTTP login

accessed through a web browser using the HTTP protocol.

sessions are closed whenever this value is changed. All new HTTP sessions must use the
new port number.

Note: Before changing this value, check your system to make sure the desired port number
is not currently being used by any other service.

HTTP Session Soft Time
Out (Minutes)

HTTP Session Hard Time
Out (Hours)

Maximum Number of HTTP
Sessions

Management VLAN

Management VLAN ID Access to the management software is controlled by the assignment of a management VLAN

Management Port Access to the management software can also be controlled by the selection of a management

HTTP session inactivity timeout value. A logged-in user that does not exhibit any HTTP
activity for this amount of time is automatically logged out of the HTTP session.

HTTP session hard timeout value. A user connected to the device via an HTTP session is
automatically logged out after this amount of time regardless of the amount of HTTP activity
that occurs.

The maximum number of HTTP sessions that may be connected to the device
simultaneously.

ID. Only ports that are members of the management VLAN allow access to the management
software.

By default, the management VLAN ID is 1. The management VLAN can be any value
between 1 and 4093. All ports are members of VLAN 1 by default; the administrator may want
to create a different VLAN to assign as the management VLAN and associate it with a
management port (see the next field).

A VLAN that does not have any member ports (either tagged or untagged) cannot be
configured as the management VLAN.

When the network protocol is configured to be DHCP, any change in the configured
management VLAN ID may cause disruption in connectivity because the switch acquires a
new IP address when the management subnet is changed. To reconnect to the switch, the
user must determine the new IP address by viewing the log on the DHCP server.

port. The selected management port is auto-configured to be an untagged member of the
management VLAN and is excluded from any other untagged VLANs.

When the switch boots with the default configuration, any port can be used as management
port and this field is configured as None.

You can configure a management port to ensure that a port always remains an untagged
member of the configured management VLAN; this helps to ensure management connectivity
in case of an accidental change in VLAN membership.

If no management port is specified, then all ports that are members of the management VLAN
provide access to the switch management interface. If a management port is configured,
access to the switch is restricted to that port. For example, if VLAN 1 is the management
VLAN and port 10 is the management port, other ports that are members of VLAN 1 will not
provide access to the switch management interface.

The features that utilize the management port include the following:

 DHCP
 SNMP
 SNTP
 TFTP

Click Apply to update the switch configuration. Your changes take effect immediately but are not
retained across a switch reset unless you click Save Configuration.

Get Connected 21

NOTE:

A power cycle does not reset the IP address to its factory-default value. If the configured IP address
is unknown, you can perform a manual reset to factory defaults to regain access to the switch (see

“Factory Defaults” on page 195).

NOTE:

Changing the management port from the default configuration not only restricts access to the web UI
but also impacts the following protocols: DHCP, SNMP, SNTP, and TFTP.

HTTPS Configuration

Use this page to view and modify the Secure HTTP (HTTPS) settings on the device. HTTPS increases
the security of web-based management by encrypting communication between the administrative sys­tem and the device.

To access the HTTPS Configuration page, click Setup Network > Get Connected in the navigation
menu, and then click the HTTPS Connection tab.

Figure 6. HTTPS Management Access Page

Table 3. HTTPS Management Access Fields

Field Description

HTTPS Admin Mode Enables or disables the HTTPS administrative mode. When this mode is enabled, the

TLS Version 1 Enables or disables Transport Layer Security Version 1.0. When this option is enabled,

HTTPS Port The TCP port number that HTTPS uses.

HTTPS Session Soft Time Out
(Minutes)

HTTPS Session Hard Time Out
(Hours)

Page 22 Get Connected

device can be accessed through a web browser using the HTTPS protocol.

communication between the web browser on the administrative system and the web
server on the device is sent through TLS 1.0.

HTTPS session inactivity timeout value. A logged-in user that does not exhibit any
HTTPS activity for this amount of time is automatically logged out of the HTTPS session.

HTTPS session hard timeout value. A user connected to the device via an HTTPS
session is automatically logged out after this amount of time regardless of the amount of
HTTPS activity that occurs.

Field Description

Maximum Number of HTTPS
Sessions

Certificate Status The status of the SSL certificate generation process.

The maximum number of HTTPS sessions that can be connected to the device
simultaneously.

 Present – The certificate has been generated and is present on the device
 Absent – Certificate is not available on the device
 Generation In Progress – An SSL certificate is currently being generated.

Download Certificates (Button) Allows you to download an SSL certificate file from a remote system to the device. Note

Generate Certificate (Button) Generates an SSL certificate to use for secure communication between the web browser

Delete Certificates (Button) Deletes the SSL certificate. This button is available only if an SSL certificate is present

that to download SSL certificate files, SSL must be administratively disabled.

and the embedded web server on the device.

on the device.

Click Apply to update the switch configuration. Your changes take effect immediately but are not
retained across a switch reset unless you click Save Configuration.

Get Connected 23

System Time Pages

You click Setup Network > System Time to display the web pages for configuring the system clock,
SNTP client functionality, system time zone, and daylight saving time settings.

System Time

The System Time page displays the current time, time zone, and Daylight Saving Time settings, and
enables you to configure the time display format. To display the System Time page, click Setup Net-

work > System Time in the navigation pane, and ensure that the Clock tab is selected.

Figure 7. System Time Page

Table 4. System Time Fields

Field Description

Current Time

Time The current time. This value is determined by an SNTP server. When SNTP is disabled, the

Date The current date.

Time Source The source from which the time and date is obtained:

Time Format Select 24 Hour (“military” time, the default) or 12 Hour to specify the time display format.

system time increments from 00:00:00, 1 Jan 1970, which is set at bootup.

 SNTP— The time has been acquired from an SNTP server.
 No Time Source— The time has been either manually configured or not configured at all.

This is the default selection.

Page 24 System Time Pages

Field Description

Time Zone

Time Zone The currently set time zone. The default is (GMT) Greenwich Mean Time: Dublin, Edinburgh,

Acronym The acronym for the time zone, if one is configured on the system (e.g., PST, EDT).

Daylight Saving Time

Daylight Saving Time Shows whether Daylight Saving Time (DST) is enabled and the mode of operation:

For instructions on configuring the system time, see “Time Configuration” on page 25, “Time Zone

Configuration” on page 27, and “Daylight Saving Time Configuration” on page 28.

Time Configuration

You can configure the system time manually or acquire time information automatically from a Simple
Network Time Protocol (SNTP) server. Using SNTP ensures accurate network device clock time syn­chronization up to the millisecond. Time synchronization is performed by a network SNTP server. The
software operates only as an SNTP client and cannot provide time services to other systems.

Lisbon, London.

 No Daylight Saving Time—No clock adjustment will be made for DST. This is the

default.

 Recurring Every Year—The settings will be in effect for the upcoming period and subse-

quent years.

 Non-Recurring—The settings will be in effect only for a specified period during the year

(i.e., they will not carry forward to subsequent years).

If DST is enabled and the current time is within the configured DST period, then “(On DST)”
displays following this field value.

To display the Time Configuration page, click Setup Network > System Time in the navigation pane
and click the Time tab.

System Time Pages 25

Figure 8. Time Configuration Page

Table 5. Time Configuration Fields

Field Description

Set System Time Select Using Simple Network Time Protocol (SNTP) to configure the switch to acquire its

SNTP Configuration

SNTP Client Select Enabled or Disabled (default) to configure the SNTP client mode. When disabled, the

SNTP/NTP Server Specify the IPv4 address of the SNTP server to which requests should be sent.

Server Port Specify the server's UDP port for SNTP. The range is 1 to 65535 and the default is 123.

Last Update Time The date and time (GMT) when the SNTP client last updated the system clock.

Last Attempt Time The date and time (GMT) of the last SNTP request or receipt of an unsolicited message.

time settings from an SNTP server. When selected, only the SNTP Configuration fields are
available for configuration.

Select Manually to disable SNTP and configure the time manually. When selected, only the
Manual Time Configuration fields are available for configuration.

system time increments from 00:00:00, 1 Jan 1970, which is set at bootup.

Page 26 System Time Pages

Field Description

Last Update Status The status of the last update request to the SNTP server, which can be one of the following

values:

 Other— None of the following values apply or no message has been received.
 Success— The SNTP operation was successful and the system time was updated.
 Request Timed Out—A SNTP request timed out without receiving a response from the

SNTP server.

 Bad Date Encoded—The time provided by the SNTP server is not valid.
 Version Not Supported—The SNTP protocol version supported by the server is not com-

patible with the version supported by the switch client.

 Server Unsynchronized—The SNTP server is not synchronized with its peers. This is

indicated via the leap indicator field in the SNTP message.

 Blocked—The SNTP server indicated that no further requests were to be sent to this

server. This is indicated by a stratum field equal to 0 in a message received from the
server.

Requests The number of requests made to the SNTP sever since the switch was rebooted.

Failed Requests The number of failed SNTP requests made to this server since last reboot.

Manual Time Configuration

Time Specify the current time in HH:MM:SS format.

Date Click the date field to display a calendar and select the current date.

Click Apply to update the switch configuration. Your changes take effect immediately but are not
retained across a switch reset unless you click Save Configuration.

Time Zone Configuration

The Time Zone Configuration page is used to configure your local time zone.

To display this page, click Setup Network > System Time in the navigation pane and click the Time

Zone tab.

Figure 9. Time Zone Configuration Page

Table 6. Time Zone Configuration Fields

Field Description

Time Zone Select the time zone for your location. The default is (GMT) Greenwich Mean Time: Dublin,

Acronym Specify an acronym for the time zone. The acronym can have up to four alphanumeric

Edinburgh, Lisbon, London.

characters and can contain dashes, underscores, and periods.

Click Apply to update the switch configuration. Your changes take effect immediately but are not
retained across a switch reset unless you click Save Configuration.

System Time Pages 27

Daylight Saving Time Configuration

The Daylight Saving Time Configuration page is used to configure if and when Daylight Saving Time
(DST) occurs within your time zone. When configured, the system time adjusts automatically one hour
forward at the start of the DST period, and one hour backward at the end.

To display the Daylight Saving Time page, click Setup Network > System Time in the navigation
pane and click the Daylight Saving Time tab.

Figure 10. Daylight Saving Time Configuration Page

Page 28 System Time Pages

Table 7. Daylight Saving Time Configuration Fields

Field Description

Daylight Saving Time Select how DST will operate:

 Disable—No clock adjustment will be made for DST. This is the default selection.
 Recurring—The settings will be in effect for the upcoming period and subsequent years.
 EU— The system clock uses the standard recurring daylight saving time settings used in

countries in the European Union.

 USA— The system clock uses the standard recurring daylight saving time settings used

in the United States.

 Non-Recurring—The settings will be in effect only for a specified period during the year

(that is, they will not carry forward to subsequent years).

When a DST mode is enabled, the clock will be adjusted one hour forward at the start of the
DST period and one hour backward at the end.

Date Range Set the following to indicate when the change to DST occurs and when it ends.

These fields are editable when Non-Recurring is selected as the DST mode:

 Start/End Date—Use the calendar to set the day, month, and year when the change to/

from DST occurs. Or, enter the hours and minutes in 24-hour format (HH:MM).

 Starting Time of Day— Set the hour and minutes when the change to/from DST occurs.

Recurring Date When Recurring is selected as the DST mode, the following fields display:

 Start/End Week—Set the week of the month, from 1 to 5, when the change to/from DST

occurs. The default is 1 (the first week of the month).

 Start/End Day— Set the day of the week when the change to/from DST occurs.
 Start/End Month— Set the month when the change to/from DST occurs.
 Starting/Ending Time of Day—Set the hour and minutes when the change to/from DST

occurs.

Click Apply to update the switch configuration. Your changes take effect immediately but are not
retained across a switch reset unless you click Save Configuration.

System Time Pages 29

User Accounts

By default, the switch contains only the admin user account, which has read/write privileges.

Click Setup Network > User Accounts to display the web pages to add switch management users,
change user settings, or remove users.

Configuration

If you log on to the switch with a user account with read/write privileges (i.e., as admin), you can use
the User Accounts Configuration page to assign passwords and set security parameters for the
default accounts. You can also add up to five read-only accounts. You can delete all accounts except
for the Read/Write account.

To display this page, click Setup Network > User Accounts in the navigation pane.

Figure 11. User Accounts Configuration Page

Table 8. User Accounts Configuration Fields

Field Description

Username A unique ID or name used to identify this user account.

Access Level Indicates the access or privilege level for this user. The options are:

 Read Write - The user can view and modify the configuration.
 Read Only - The user can view the configuration but cannot modify any fields.
 Suspended - The user exists but is not permitted to log on to the device.

Lockout Status Provides the current lockout status for this user. If the lockout status is True, the user cannot

Password Override Identifies the password override complexity status for this user.

Password Expiration Indicates the current expiration date (if any) of the password.

access the management interface even if the correct username and password are provided.
The user has been locked out of the system due to a failure to supply the correct password
within the configured number of login attempts.

 Enable - The system does not check the strength of the password.
 Disable - When configuring a password, it is checked against the Strength Check rules

configured for passwords.

From this page, use the available buttons to add or remove users, or to edit the settings for an existing
user.

Page 30 User Accounts

Adding a User Account

To add a new user account:

1. From the User Accounts Configuration page, click Add.

2. Configure the settings for the new user.

Field Description

User Name Enter the name you want to give to the new account. (You can only enter data in this field

Password Enter the optional new or changed password for the account. It will not display as it is typed,

Confirm Enter the password again, to confirm that you entered it correctly. This field will not display,

Access Level Indicates the access or privilege level for this user. The options are:

Password Override Identifies the password override complexity status for this user.

Password Strength Shows the status of password strength check.

Encrypt password Select this option to encrypt the password before it is stored on the device.

when you are creating a new account.) User names are up to 32 alphanumeric characters in
length and are not case sensitive. Valid characters include all the alphanumeric characters
and the dash ('-') and underscore ('_') characters. User name default is not valid.

only asterisks (*) or dots(.) will show based on the browser used. Passwords must be greater
than eight characters and can be up to 64 characters in length, and are case sensitive.

but will show asterisks (*) or dots (.), based on the browser you use.

 Read Write - The user can view and modify the configuration.
 Read Only - The user can view the configuration but cannot modify any fields.
 Suspended - The user exists but is not permitted to log on to the device.

 Enable - The system does not check the strength of the password.
 Disable - When configuring a password, it is checked against the Strength Check rules

configured for passwords.

3. Click Apply.

Figure 12. Add New User Page

User Accounts 31

Changing User Account Information

You cannot change the name of an existing user, but you can change the password, privilege, and
password settings. To change user information, select the username with the information to change
and click Edit. Update the fields as needed, and click Apply.

Figure 13. Edit Existing User Page

Removing a User Account

To remove any of the user accounts, select one or more users to remove. Click Remove to delete the
selected users. You must confirm the action before the user is deleted.

Page 32 User Accounts

Sessions

The Sessions page identifies the users that are logged in to the management interface of the device.
The page also provides information about their connections.

To display this page, click Setup Network > User Accounts in the navigation pane and click the Ses-

sions tab.

Figure 14. Logged In Sessions Page

Table 9. Logged In Sessions Fields

Field Description

ID The unique ID of the session.

User Name The name that identifies the user account.

Connection From Identifies the administrative system that is the source of the connection. For remote

Idle Time Shows the amount of time in hours, minutes, and seconds that the logged-on user has been

Session Time Shows the amount of time in hours, minutes, and seconds since the user logged onto the

Session Type Shows the type of session, which can be Telnet, Serial, SSH, HTTP, or HTTPS.

connections, this field shows the IP address of the administrative system. For local
connections through the console port, this field shows the communication standard for the
serial connection.

inactive.

system.

User Accounts 33

Password Manager

Use this page to configure rules for locally-administered passwords. The rules you set determine the
strength of local passwords that device users can associate with their usernames. The strength of a
password is a function of length, complexity, and randomness. To display the Password Manager
page, click Setup Network > Password Manager in the navigation menu.

Figure 15. Password Manager Page

Table 10. Password Manager Fields

Field Description

Rules Configuration

Minimum Length Passwords must have at least this many characters (0 to 64).

Aging (days) The number of days that a user password is valid from the time the password is set. Once a

History The number of previous passwords that are retained to prevent password reuse. This helps

Page 34 Password Manager

password expires, the user is required to enter a new password at the next login.

to ensure that a user does not attempt to reuse the same password too often.

Field Description

Lockout Attempts After a user fails to log in this number of times, the user is locked out until the password is

Password Complexity

Strength Check Enable or disable the password strength check feature. Enabling this feature forces the user

Minimum Number of
Uppercase Letters

Minimum Number of
Lowercase Letters

Minimum Number of
Numeric Characters

reset by the administrator.

to configure passwords that comply with the strong password configuration specified in the
following fields.

Specify the minimum number of uppercase letters a password must include.

Specify the minimum number of lowercase letters a password must include.

Specify the minimum number of numbers a password must include.

Minimum Number of
Special Characters

Maximum Number of
Repeated Characters

Maximum Number of
Consecutive Characters

Minimum Character
Classes

Specify the minimum number of special characters (non-alphanumeric, such as # or &) a
password must include.

Specify the maximum number of repeated characters a password is allowed to include. An
example of four repeated characters is aaaa.

Specify the maximum number of consecutive characters a password is allowed to include. An
example of four consecutive characters is abcd

Specify the minimum number of character classes a password must contain. There are four
character classes:

 Uppercase
 Lowercase
 Numbers
 Special Characters

Keyword Exclusion

Exclude Keyword Name The list of keywords that a valid password must not contain. Excluded keyword checking is

case-insensitive. Additionally, a password cannot contain the backwards version of an
excluded keyword. For example, if pass is an excluded keyword, passwords such as
23passA2c, ssapword, and PAsSwoRD are prohibited. Use the plus and minus buttons to
perform the following tasks:

 To add a keyword to the list, click Add, type the word to exclude in the Exclude Keyword

Name field, and click Apply.

 To remove one or more keywords from the list, select each keyword to delete and click

Remove.

Click Apply to update the switch configuration. Your changes take effect immediately but are not
retained across a switch reset unless you click Save Configuration.

Password Manager 35

4 Switching Features

You can use the Switching pages to configure port operation and various Layer 2 features and capabil­ities.

Port Configuration

You can use the Port Configuration pages to display port status, configure port settings, and view sta­tistics on packets transmitted on the port.

Port Status

The Port Status page displays the operational and administrative status of each port and enables port
configuration. To view this page, click Switching > Port Configuration in the navigation pane.

Figure 16. Port Status Page

Table 11. Port Status Fields

Field Description

Interface The port or trunk ID.

Type The interface type, which can be one of the following:

 Normal—The port is a normal port, which means it is not a Link Aggregation Group

(LAG) member or configured for port mirroring. All ports are normal ports by default.

 Trunk Member—The port is a member of a trunk.
 Mirrored— The port is configured to mirror its traffic (ingress, egress, or both) to another

port (the probe port).

 Probe— The port is configured to receive mirrored traffic from one or more source ports.

Admin Mode The administrative mode of the interface. If a port or trunk is administratively disabled, it

cannot forward traffic.

 Enabled: Administratively enabled.
 Disabled: Administratively disabled.
 D-Disabled: Automatically disabled by the system due to error conditions. For example,

an interface may be disabled if it exceeded its rate limit. Please see error logs for more
information.

Page 36 Port Configuration

Field Description

Physical Mode The port speed and duplex mode. If the mode is Auto, the port's maximum capabilities are

Physical Status Indicates the port speed and duplex mode for physical interfaces. The physical status for a

Auto Negotiate Capabilities Indicates the list of configured capabilities for a port when Auto Negotiate is on. The Capability

advertised, and the duplex mode and speed are set from the auto-negotiation process. The
physical mode for a trunk is reported as “LAG.”

trunk is not reported. When a port is down, the physical status is unknown.

status for a trunk is not reported

STP Mode The Spanning Tree Protocol (STP) Administrative Mode associated with the port or LAG. STP

is a layer 2 protocol that provides a tree topology for switches on a bridged LAN. STP allows
a network to have redundant paths without the risk of network loops. by providing a single
path between end stations on a network. The possible values for STP mode are:

 Enable - Spanning tree is enabled for this port.
 Disable - Spanning tree is disabled for this port.

LACP Mode Indicates the Link Aggregation Control Protocol administration state. The mode must be

enabled in order for the port to participate in Link Aggregation. This field can have the
following values:

 Enable: Specifies that the port is allowed to participate in a port channel (LAG), which is

the default mode.

 Disable: Specifies that the port cannot participate in a port channel (LAG).
 N/A: For LAG ports.

Link Status Indicates whether the Link is up or down.

MTU Indicates the Maximum Transmission Unit (MTU) of the interface, which is the largest frame

Edit Port Configuration Page (Additional Fields)

Link Trap

Port Description The current description, if any, associated with the interface to help identify it.

Storm Control Limits

Broadcast Storm Recovery
Level

size that can be transmitted on the port.
The size does not include the Source MAC, the Destination MAC, the Ethernet

Encapsulation, or the Ethernet FC.

The physical speed (Mbps) at which the port is operating. If no link is present, this field is empty.

Specifies the broadcast storm control mode and threshold for the port. Broadcast storm
control limits the amount of broadcast frames accepted and forwarded by the port. If the
broadcast traffic on the Ethernet port exceeds the configured threshold, the system blocks
(discards) the broadcast traffic. Limits are defined as percentages or Packets Per Second
(pps).

The menu specifies the broadcast storm recovery action to take if a broadcast storm is
detected on the interface. The options are:

 Shutdown: The interface which receives broadcast packets at a rate which is above the

threshold is diagnostically disabled.

 Trap: Sends trap messages at approximately every 30 seconds until broadcast storm

control recovers.

 None: No action is taken.

Multicast Storm Recovery
Level

Specifies the multicast storm control mode and threshold for the port. Multicast storm control
limits the amount of multicast frames accepted and forwarded by the port. If the multicast
traffic on the Ethernet port exceeds the configured threshold, the system blocks (discards) the
multicast traffic. Limits are defined as percentages or Packets Per Second (pps).

The menu specifies the multicast storm recovery action to take if a multicast storm is detected
on the interface. The options are:

 Shutdown: The interface which receives multicast packets at a rate which is above the

threshold is diagnostically disabled.

 Trap: Sends trap messages at approximately every 30 seconds until multicast storm

control recovers.

 None: No action is taken.

Port Configuration 37

Field Description

Unicast Storm Recovery
Level

Modifying Interface Settings

To change the port configuration of one or more interfaces, select one or more interfaces and click

Edit.

Figure 17. Edit Port Configuration Page

Specifies the unicast storm control mode and threshold for the port. Unicast storm control
limits the amount of unicast frames accepted and forwarded by the switch. If the unicast traffic
on the Ethernet port exceeds the configured threshold, the system blocks (discards) the
unicast traffic. Limits are defined as percentages or Packets Per Second (pps).

The menu specifies the unicast storm recovery action to take if a unicast storm is detected on
the interface. The options are:

 Shutdown: The interface which receives unicast packets at a rate which is above the

threshold is diagnostically disabled.

 Trap: Sends trap messages at approximately every 30 seconds until unicast storm con-

trol recovers.

 None: No action is taken.

Click Apply to save any changes for the current boot session. The changes take effect immediately
and are applied to each of the selected interfaces. The changes are not retained across a switch reset
unless you click Save Configuration.

Page 38 Port Configuration

Port Summary Statistics

The Port Summary Statistics page displays statistics on packets transmitted and received on each port
or trunk. These statistics can be used to identify potential problems with the switch. The displayed val­ues are the accumulated totals since the last clear operation.

To display the Port Summary Statistics page, click Switching > Port Configuration in the navigation
pane and select the Statistics tab.

Figure 18. Port Summary Statistics Page

Table 12. Port Summary Statistics Fields

Field Description

Interface The port or trunk ID.

Received Packets w/o Error The count of packets received on the port without any packet errors.

Received Packets with Error The count of packets received on the port with errors.

Broadcast Received Packets The count of broadcast packets received on the port.

Transmitted Packets w/o Error The number of packets transmitted out of that port without any packet errors.

Transmitted Packets with Error The number of packets transmitted out of the port with packet errors.

Collisions The number of packet collisions.

Transmitted Pause Frames The number of Ethernet pause frames transmitted. (This information is collected for ports

Received Pause Frames The number of Ethernet pause frames received. (This information is collected for ports

but not for trunks.)

but not for trunks.)

Click Clear All Counters to reset all statistics to zero.

Port Configuration 39

Port Mirroring

Port Mirroring is used to monitor the network traffic that one or more ports send and receive. The Port
Mirroring feature creates a copy of the traffic that the source interface handles and sends it to a desti­nation port. All traffic from the source port or ports can be mirrored and sent to the destination port.
When the destination is a port on the local device, a network protocol analyzer is typically connected to
the port. Multiple switch ports can be configured as source ports, with each port mirrored to the same
destination.

CAUTION:

When configuring port mirroring, avoid oversubscribing the destination port to prevent the loss of mir­rored data.

While a port is used as the destination port for mirrored data, the port cannot be used for any other
purpose; the port will not receive and forward traffic.

Port Mirroring Configuration

To display the Port Mirroring page, click Switching > Port Mirroring in the navigation pane.

Figure 19. Port Mirroring Page

Page 40 Port Mirroring

Table 13. Port Mirroring Fields

Field Description

Session ID The port mirroring session ID. Up to four port mirroring sessions are allowed.

Mode The administrative mode for the selected port mirroring session. If the mode is disabled, the

configured source is not mirroring traffic to the destination.

Destination Port The switch port to which packets will be mirrored. Typically, a network protocol analyzer is

connected to this port.

 Interface – If port configured as a interface or probe port. This port receives traffic from

all configured source ports.

 None – The destination is not configured.

Source Port(s) The ports or VLAN configured to mirror traffic to the destination. You can configure multiple

Direction The direction of traffic on the source port (or source ports) or VLAN that is sent to the specified

source ports or one source VLAN per session. The source VLAN can also be a remote VLAN.

destination. A source VLAN mirrors all received and transmitted packets to the destination.
Possible values for source ports are:

 Tx/Rx – Both ingress and egress traffic.
 Rx – Ingress traffic only.
 Tx – Egress traffic only.

Click Apply to update the switch configuration. Your changes take effect immediately but are not
retained across a switch reset unless you click Save Configuration.

Configuring a Port Mirroring Session

1. From the Port Mirroring page, select the Session ID for of the port mirroring session to configure.

2. Click Configure Session to display the Session Configuration page.

Figure 20. Configure Port Mirroring Session

3. Enable or disable the selected port mirroring session.

4. Click Apply to apply the changes to the system.

Port Mirroring 41

Configuring a Port Mirroring Source

NOTE:

If an interface participates in some VLAN and is a LAG member, this VLAN cannot be assigned as a
source VLAN for a Monitor session. At the same time, if an interface participates in some VLAN and
this VLAN is assigned as a source VLAN for a Monitor session, the interface can be assigned as a
LAG member.

1. From the Port Mirroring page, select the Session ID for of the port mirroring session to configure.

2. Click Configure Source to display the Source Configuration page.

Figure 21. Configure Port Mirroring Session Source

3. Configure the following fields:

Field Description

Type The type of interface to use as the source:

 None – The source is not configured.
 VLAN – Traffic to and from a configured VLAN is mirrored. In other words, all the packets

sent and received on all the physical ports that are members of the VLAN are mirrored.

 Interface – Traffic is mirrored from one or more physical ports on the device.

VLAN ID The VLAN to use as the source. Traffic from all physical ports that are members of this VLAN

Available Source port(s) The physical port or ports to use as the source. To select multiple ports, CTRL + click each

Direction The direction of traffic on the source port (or source ports) or VLAN that is sent to the specified

is mirrored. This field is available only when the selected Type is VLAN.

port. This field is available only when the selected Type is Interface.

destination. A source VLAN mirrors all received and transmitted packets to the destination.
Possible values for source ports are:

 Tx/Rx – Both ingress and egress traffic.
 Rx – Ingress traffic only.
 Tx – Egress traffic only.

4. Click Apply to apply the changes to the system.

Page 42 Port Mirroring

Configuring the Port Mirroring Session Destination

NOTE:

A port will be removed from a VLAN or LAG when it becomes a destination mirror.

1. From the Port Mirroring page, select the Session ID for of the port mirroring session to configure.

2. Click Configure Destination to display the Destination Configuration page.

Figure 22. Configure Port Mirroring Session Destination

3. To configure a port that receives the mirrored traffic, select Interface in the Type field, or select

None to remove the configuration from a port.

4. If Interface is selected from the Type field, specify the port number of the interface to receive mir-

rored traffic.

5. Click Apply to apply the changes to the system.

Removing Source Ports from a Session

1. From the Port Mirroring page, select the Session ID for of the port mirroring session to configure.

2. Select one or more source ports to remove from the session.

3. Click Remove Source.

The source ports are removed from the port mirroring session, and the device is updated.

Port Mirroring 43

Port Mirroring Summary

The Port Mirroring Summary page displays summary information for all port mirroring sessions. To dis­play the Port Mirroring Summary page, click Switching > Port Mirroring in the navigation pane and
click the Summary tab.

Figure 23. Port Mirroring Summary Page

Table 14. Port Mirroring Summary Fields

Field Description

Session ID The port mirroring session ID. The number of sessions allowed is platform specific.

Admin Mode The administrative mode for the selected port mirroring session. If the mode is disabled, the

Probe Port The interface that receives traffic from all configured source ports.

Src VLAN The VLAN configured to mirror traffic to the destination. You can configure one source VLAN

Mirrored Port The ports configured to mirror traffic to the destination. You can configure multiple source

Direction The type of traffic on the source port (or source ports) or VLAN that is sent to the specified

configured source is not mirroring traffic to the destination.

per session. The source VLAN can also be a remote VLAN.

ports per session.

destination. A source VLAN mirrors all received and transmitted packets to the destination.
Possible values for source ports are:

 Tx and Rx – Both ingress and egress traffic.
 Rx – Ingress traffic only.
 Tx – Egress traffic only.

Page 44 Port Mirroring

Flow Control

When a port becomes congested, it may begin dropping all traffic for small bursts of time during the
congestion condition. This can lead to high-priority and/or network control traffic loss. When 802.3x
flow control is enabled, a lower-speed switch can communicate with a higher-speed switch by request­ing that the higher-speed switch refrain from sending packets. Transmissions are temporarily halted to
prevent buffer overflows.

NOTE:

Flow control works well when the link speed is auto-negotiated. If auto-negotiation is OFF or if the
port speed was configured manually, then flow control is not negotiated with or advertised to the
peer. Additionally, the flow control PAUSE frame configuration may be lost if the auto-negotiation is
disabled on the port.

Use the Flow Control page to enable or disable this functionality. It is disabled by default and can be
enabled globally on all switch ports.

To display the Flow Control page, click Switching > Flow Control in the navigation pane.

Figure 24. Flow Control Page

Select Enabled to use flow control on the switch. If you change this setting, click Apply to update the
switch configuration. The change takes effect immediately but is not retained across a switch reset
unless you click Save Configuration.

Flow Control 45

Spanning Tree

Spanning Tree Protocol (STP) is a Layer 2 protocol that provides a tree topology for switches on a
bridged LAN. STP allows a network to have redundant paths without the risk of network loops. STP
uses the spanning-tree algorithm to provide a single path between end stations on a network. When
STP is enabled, bridges on a network exchange bridge protocol data units (BPDUs) to communicate
changes in the network topology and to provide information that helps determine the optimal paths
between network segments.

HPE OfficeConnect 1920S series switches support STP versions IEEE 802.1D (STP), and 802.1w
(Rapid STP, or RSTP). RSTP reduces the convergence time for network topology changes to about 3
to 5 seconds from the 30 seconds or more for the IEEE 802.1D STP standard. RSTP is intended as a
complete replacement for STP, but can still interoperate with switches running the STP protocol by
automatically reconfiguring ports to STP-compliant mode if they detect STP protocol messages from
attached devices.

Spanning Tree Switch Configuration

To display the Spanning Tree Switch Configuration page, click Switching > Spanning Tree in the nav­igation pane, and make sure the Configuration tab is selected. This page includes information about
global STP settings and interface status information.

Figure 25. Spanning Tree Switch Configuration Page

Page 46 Spanning Tree

Table 15. Spanning Tree Switch Configuration Fields

Field Description

Spanning Tree Bridge Configuration

Spanning Tree Admin Mode The administrative mode of STP on the device. When enabled, the device participates in the

Force Protocol Version The STP version the device uses, which is one of the following:

Configuration Name The name of the MSTP region. Each switch that participates in the same MSTP region must

Configuration Revision
Level

root bridge election process and exchanges Bridge Protocol Data Units (BPDUs) with other
switches in the spanning tree to determine the root path costs and maintain topology
information.

 STP (IEEE 802.1d) – Classic STP provides a single path between end stations, avoiding

and eliminating loops.

 RSTP (IEEE 802.1w) – Rapid Spanning Tree Protocol (RSTP) behaves like classic STP

but also has the ability to configure and recognize full-duplex connectivity and ports that
are connected to end stations, resulting in rapid transitioning of the port to the Forward­ing state and the suppression of Topology Change Notifications.

 MSTP (IEEE 802.1s) – Multiple Spanning Tree Protocol (MSTP) includes all the advan-

tages of RSTP and also supports multiple spanning tree instances to efficiently channel
VLAN traffic over different interfaces. MSTP is compatible with both RSTP and STP.

share the same Configuration Name, Configuration Revision Level, and MST-to-VLAN
mappings.

The revision number of the MSTP region. This number must be the same on all switches that
participate in the MSTP region.

Configuration Digest Key The 16 byte signature of type HMAC-MD5 created from the MST Configuration Table (a VLAN

Configuration Format
Selector

Spanning Tree Interface Status

Root Bridge Identifier The bridge identifier of the root bridge for the spanning tree. The identifier is made up of the

Root Guarded Interfaces A list of interfaces currently having the Root Guard parameter set.

TCN Guarded Interfaces A list of interfaces currently having the TCN Guard parameter set.

BPDU Filtered Interfaces A list of interfaces currently having the BPDU Filter parameter set.

ID-to-MST ID mapping).

The version of the configuration format being used in the exchange of BPDUs.

bridge priority and the base MAC address. When electing the root bridge for the spanning
tree, if the bridge priorities for multiple bridges are equal, the bridge with the lowest MAC
address is elected as the root bridge.

If you modify any settings, click Apply to update the switch configuration. The changes take effect
immediately but are not retained across a switch reset unless you click Save Configuration.

Spanning Tree 47

Spanning Tree MSTP Summary

Multiple Spanning Tree Protocol (MSTP) allows the creation of MSTIs based upon a VLAN or groups
of VLANs. Configuring MSTIs creates an active topology with a better distribution of network traffic and
an increase in available bandwidth when compared to classic STP.

To display the Spanning Tree MSTP Summary page, click Switching > Spanning Tree in the naviga­tion pane, and then click the MSTP tab.

Figure 26. Spanning Tree MSTP Summary Page

Table 16. Spanning Tree MSTP Summary Fields

Field Description

MSTP ID The number that identifies the MST instance.

Priority The bridge priority for the spanning-tree instance. This value affects the likelihood that the

# of Associated VLANs The number of VLANs that are mapped to the MSTI. This number does not contain any

Bridge Identifier A unique value that is automatically generated based on the bridge priority value of the MSTI

Time Since Topology
Change

Designated Root The bridge identifier of the root bridge for the MST instance. The identifier is made up of the

Root Path Cost The path cost to the designated root for this MST instance. Traffic from a connected device

Root Port The port on the bridge with the least-cost path to the designated root for the MST instance.

bridge is selected as the root bridge. A lower value increases the probability that the bridge
is selected as the root bridge.

information about the VLAN IDs that are mapped to the instance.

and the base MAC address of the bridge. When electing the root bridge for an MST instance,
if the bridge priorities for multiple bridges are equal, the bridge with the lowest MAC address
is elected as the root bridge.

The amount of time that has passed since the topology of the MSTI has changed.

bridge priority and the base MAC address.

to the root bridge takes the least-cost path to the bridge. If the value is 0, the cost is
automatically calculated based on port speed.

If you modify any settings, click Apply to update the switch configuration. The changes take effect
immediately but are not retained across a switch reset unless you click Save Configuration.

Page 48 Spanning Tree

Spanning Tree MSTP Port Summary

To display the Spanning Tree MSTP Port Summary page, click Switching > Spanning Tree in the
navigation pane, and then click the MSTP Port tab.

Figure 27. Spanning Tree MSTP Port Summary Page

Table 17. Spanning Tree MSTP Port Summary Fields

Field Description

MSTP ID The menu contains the ID of each MST instance that has been created on the device.

Interface The port or link aggregation group (LAG) associated with the rest of the data in the row. When

Port Role The role of the port within the MST, which is one of the following:

Port Forwarding State

configuring MST settings for an interface, this field identifies the interface being configured.

 Root – A port on the non-root bridge that has the least-cost path to the root bridge.
 Designated – A port that has the least-cost path to the root bridge on its segment.
 Alternate – A blocked port that has an alternate path to the root bridge.
 Backup – A blocked port that has a redundant path to the same network segment as

another port on the bridge.

 Master – The port on a bridge within an MST instance that links the MST instance to

other STP regions.

 Disabled – The port is administratively disabled and is not part of the spanning tree.

 Blocking – The port discards user traffic and receives, but does not send, BPDUs. During

the election process, all ports are in the blocking state. The port is blocked to prevent
network loops.

 Listening – The port sends and receives BPDUs and evaluates information to provide a

loop-free topology. This state occurs during network convergence and is the first state in
transitioning to the forwarding state.

 Learning – The port learns the MAC addresses of frames it receives and begins to popu-

late the MAC address table. This state occurs during network convergence and is the
second state in transitioning to the forwarding state.

 Forwarding – The port sends and receives user traffic.
 Disabled – The port is administratively disabled and is not part of the spanning tree.

Spanning Tree 49

Field Description

Port Priority The priority for the port within the MSTI. This value is used in determining which port on a

Port Path Cost The path cost from the port to the root bridge.

switch becomes the root port when two ports have the same least-cost path to the root. The
port with the lower priority value becomes the root port. If the priority values are the same, the
port with the lower interface index becomes the root port.

From the Spanning Tree MSTP Port Summary page, you can view additional details about the MSTP
settings on a port or configure additional settings for one or more ports.

Viewing MSTP Port Details or Editing MSTP Port Settings

To configure MST settings for one or more interfaces, first select the appropriate MST instance from
the MSTP ID menu. Then, select the interfaces to configure and click Edit. The same settings are
applied to all selected interfaces. To view additional information about an interface's role in the MST
topology, select the MST instance and the interface to view, and then click Details.

The fields on the Edit MSTP Port page and Details of MSTP Port Entry page are the same.

Figure 28. Edit MSTP Port Page

Table 18. Spanning Tree MSTP Port Edit and Details Fields

Field Description

MSTP ID The ID of each MST instance this port is associated with.

Interface Identifies the interface.

Page 50 Spanning Tree

Field Description

Port Priority The priority for the port within the MSTI. This value is used in determining which port on a

Port Path Cost The path cost from the port to the root bridge.

Auto-calculate Port Path
Cost

switch becomes the root port when two ports have the same least-cost path to the root. The
port with the lower priority value becomes the root port. If the priority values are the same, the
port with the lower interface index becomes the root port.

Shows whether the path cost from the port to the root bridge is automatically determined by
the speed of the interface (Enabled) or configured manually (Disabled).

Port ID A unique value that is automatically generated based on the port priority value and the

Port Up Time Since
Counters Last Cleared

Port Mode The administrative mode of spanning tree on the port.

Port Forwarding State

interface index.

The amount of time that the port has been up since the counters were cleared.

 Blocking – The port discards user traffic and receives, but does not send, BPDUs. During

the election process, all ports are in the blocking state. The port is blocked to prevent
network loops.

 Listening – The port sends and receives BPDUs and evaluates information to provide a

loop-free topology. This state occurs during network convergence and is the first state in
transitioning to the forwarding state.

 Learning – The port learns the MAC addresses of frames it receives and begins to popu-

late the MAC address table. This state occurs during network convergence and is the
second state in transitioning to the forwarding state.

 Forwarding – The port sends and receives user traffic.
 Disabled – The port is administratively disabled and is not part of the spanning tree.

Port Role The role of the port within the MST, which is one of the following:

 Root – A port on the non-root bridge that has the least-cost path to the root bridge.
 Designated – A port that has the least-cost path to the root bridge on its segment.
 Alternate – A blocked port that has an alternate path to the root bridge.
 Backup – A blocked port that has a redundant path to the same network segment as

another port on the bridge.

 Master – The port on a bridge within an MST instance that links the MST instance to

other STP regions.

 Disabled – The port is administratively disabled and is not part of the spanning tree.

Designated Root The bridge ID of the root bridge for the MST instance.

Designated Cost The path cost offered to the LAN by the designated port.

Designated Bridge The bridge ID of the bridge with the designated port.

Designated Port The port ID of the designated port.

Loop Inconsistent State Identifies whether the interface is currently in a loop inconsistent state. An interface

Transitions Into
LoopInconsistent State

Transitions Out Of
LoopInconsistent State

transitions to a loop inconsistent state if loop guard is enabled and the port stops receiving
BPDUs. In this state, the interface does not transmit frames.

The number of times this interface has transitioned into loop inconsistent state.

The number of times this interface has transitioned out of loop inconsistent state.

If you modify any MSTP port settings, click Apply to save the changes for the current boot session.
The changes take effect immediately but are not retained across a switch reset unless you click Save
Configuration.

Spanning Tree 51

CST Configuration

Use the Spanning Tree CST Configuration page to configure the Common Spanning Tree (CST) set­tings. The settings and information on this page define the device within the spanning tree topology
that connects all STP/RSTP bridges and MSTP regions.

To display the CST Configuration page, click Switching > Spanning Tree in the navigation pane, and
then click the CST tab.

Figure 29. Spanning Tree CST Configuration Page

Table 19. Spanning Tree CST Configuration Fields

Field Description

Bridge Priority The value that helps determine which bridge in the spanning tree is elected as the root bridge

Bridge Max Age The amount of time a bridge waits before implementing a topological change.

Bridge Hello Time The amount of time the root bridge waits between sending hello BPDUs.

Bridge Forward Delay The amount of time a bridge remains in a listening and learning state before forwarding

Spanning Tree Maximum
Hops

Page 52 Spanning Tree

during STP convergence. A lower value increases the probability that the bridge becomes the
root bridge.

packets.

The maximum number of hops a Bridge Protocol Data Unit (BPDU) is allowed to traverse
within the spanning tree region before it is discarded.

Field Description

BPDU Guard When enabled, BPDU Guard can disable edge ports that receive BPDU packets. This

BPDU Filter When enabled, this feature filters the BPDU traffic on the edge ports. When spanning tree is

Spanning Tree Tx Hold
Count

prevents a new device from entering the existing STP topology. Thus devices that were
originally not a part of STP are not allowed to influence the STP topology.

disabled on a port, BPDU filtering allows BPDU packets received on that port to be dropped.

The maximum number of BPDUs that a bridge is allowed to send within a hello time window.

Bridge Identifier A unique value that is automatically generated based on the bridge priority value and the base

Time Since Topology
Change

Topology Change Count The number of times the topology of the spanning tree has changed.

Topology Change Indicates whether a topology change is in progress on any port assigned to the CST. If a

Designated Root The bridge identifier of the root bridge for the CST. The identifier is made up of the bridge

Root Path Cost The path cost to the designated root for the CST. Traffic from a connected device to the root

Root Port The port on the bridge with the least-cost path to the designated root for the CST.

Max Age The amount of time a bridge waits before implementing a topological change.

Forward Delay The forward delay value for the root port bridge.

Hold Time The minimum amount of time between transmissions of Configuration BPDUs.

CST Regional Root The bridge identifier of the CST regional root. The identifier is made up of the priority value

CST Path Cost The path cost to the CST tree regional root.

MAC address of the bridge. When electing the root bridge for the spanning tree, if the bridge
priorities for multiple bridges are equal, the bridge with the lowest MAC address is elected as
the root bridge.

The amount of time that has passed since the topology of the spanning tree has changed
since the device was last reset.

change is in progress the value is True; otherwise, it is False.

priority and the base MAC address.

bridge takes the least-cost path to the bridge. If the value is 0, the cost is automatically
calculated based on port speed.

and the base MAC address of the regional root bridge.

Click Apply to update the switch configuration. Your changes take effect immediately but are not
retained across a switch reset unless you click Save Configuration.

Spanning Tree 53

CST Port Summary

Use the CST Port Summary page to view and configure the Common Spanning Tree (CST) settings for
each interface on the device. To configure CST settings for an interface and to view additional informa­tion about the interface's role in the CST topology, select the interface to view or configure and click
Edit.

To display the Spanning Tree CST Port Configuration/Status page, click Switching > Spanning Tree
in the navigation pane, and then click the CST Port tab.

Figure 30. Spanning Tree CST Port Summary Page

Table 20. Spanning Tree CST Port Summary Fields

Field Description

Interface The port or link aggregation group (LAG) associated with the rest of the data in the row. When

Port Role The role of the port within the CST, which is one of the following:

Port Forwarding State

configuring CST settings for an interface, this field identifies the interface being configured.

 Root – A port on the non-root bridge that has the least-cost path to the root bridge.
 Designated – A port that has the least-cost path to the root bridge on its segment.
 Alternate – A blocked port that has an alternate path to the root bridge.
 Backup – A blocked port that has a redundant path to the same network segment as

another port on the bridge.

 Master – The port on a bridge within an MST instance that links the MST instance to

other STP regions.

 Disabled – The port is administratively disabled and is not part of the spanning tree.

 Blocking – The port discards user traffic and receives, but does not send, BPDUs. During

the election process, all ports are in the blocking state. The port is blocked to prevent
network loops.

 Listening – The port sends and receives BPDUs and evaluates information to provide a

loop-free topology. This state occurs during network convergence and is the first state in
transitioning to the forwarding state.

 Learning – The port learns the MAC addresses of frames it receives and begins to popu-

late the MAC address table. This state occurs during network convergence and is the
second state in transitioning to the forwarding state.

 Forwarding – The port sends and receives user traffic.
 Disabled – The port is administratively disabled and is not part of the spanning tree.

Page 54 Spanning Tree

Field Description

Port Priority The priority for the port within the CST. This value is used in determining which port on a

Port Path Cost The path cost from the port to the root bridge.

switch becomes the root port when two ports have the same least-cost path to the root. The
port with the lower priority value becomes the root port. If the priority values are the same, the
port with the lower interface index becomes the root port.

Click Apply to update the switch configuration. Your changes take effect immediately but are not
retained across a switch reset unless you click Save Configuration.

Viewing CST Port Details or Editing CST Port Settings

To configure CST settings for one or more interfaces, select the interfaces to configure and click Edit.
The same settings are applied to all selected interfaces. To view additional information about an inter­face's role in the CST topology, select the interface to view, and then click Details.

The fields on the Edit CSST Port Entry page and Details of CST Port Entry page are the same.

Figure 31. Edit CST Port Entry Page

Spanning Tree 55

Table 21. Spanning Tree MSTP Port Edit and Details Fields

Field Description

Interface The port or link aggregation group (LAG) associated with the rest of the data in the row. When

Port Priority The priority for the port within the CST. This value is used in determining which port on a

configuring CST settings for an interface, this field identifies the interface being configured.

switch becomes the root port when two ports have the same least-cost path to the root. The
port with the lower priority value becomes the root port. If the priority values are the same, the
port with the lower interface index becomes the root port.

Admin Edge Port Select this option administratively configure the interface as an edge port. An edge port is an

Port Path Cost The path cost from the port to the root bridge.

Auto-calculate Port Path
Cost

Hello Timer The amount of time the port waits between sending hello BPDUs.

External Port Path Cost The cost of the path from the port to the CIST root. This value becomes important when the

Auto-calculate External
Port Path Cost

BPDU Filter When enabled, this feature filters the BPDU traffic on the edge ports. Edge ports do not need

BPDU Guard Effect Shows the status of BPDU Guard Effect on the interface. When enabled, BPDU Guard Effect

Port ID A unique value that is automatically generated based on the port priority value and the

Port Up Time Since
Counters Last Cleared

Port Mode The administrative mode of spanning tree on the port.

Port Forwarding State

interface that is directly connected to a host and is not at risk of causing a loop.

Shows whether the path cost from the port to the root bridge is automatically determined by
the speed of the interface (Enabled) or configured manually (Disabled).

network includes multiple regions.

Shows whether the path cost from the port to the CIST root is automatically determined by
the speed of the interface (Enabled) or configured manually (Disabled).

to participate in the spanning tree, so BPDU filtering allows BPDU packets received on edge
ports to be dropped.

can disable edge ports that receive BPDU packets. This prevents a new device from entering
the existing STP topology. Thus devices that were originally not a part of STP are not allowed
to influence the STP topology.

interface index.

The amount of time that the port has been up since the counters were cleared.

 Blocking – The port discards user traffic and receives, but does not send, BPDUs. During

the election process, all ports are in the blocking state. The port is blocked to prevent
network loops.

 Listening – The port sends and receives BPDUs and evaluates information to provide a

loop-free topology. This state occurs during network convergence and is the first state in
transitioning to the forwarding state.

 Learning – The port learns the MAC addresses of frames it receives and begins to popu-

late the MAC address table. This state occurs during network convergence and is the
second state in transitioning to the forwarding state.

 Forwarding – The port sends and receives user traffic.
 Disabled – The port is administratively disabled and is not part of the spanning tree.

Port Role The role of the port within the CST, which is one of the following:

 Root – A port on the non-root bridge that has the least-cost path to the root bridge.
 Designated – A port that has the least-cost path to the root bridge on its segment.
 Alternate – A blocked port that has an alternate path to the root bridge.
 Backup – A blocked port that has a redundant path to the same network segment as

another port on the bridge.

 Master – The port on a bridge within an MST instance that links the MST instance to

other STP regions.

 Disabled – The port is administratively disabled and is not part of the spanning tree.

Designated Root The bridge ID of the root bridge for the CST.

Designated Cost The path cost offered to the LAN by the designated port.

Page 56 Spanning Tree

Field Description

Designated Bridge The bridge ID of the bridge with the designated port.

Designated Port The port ID of the designated port.

Topology Change
Acknowledge

Indicates whether the next BPDU to be transmitted for this port will have the topology change
acknowledgment flag set.

Auto Edge When enabled, Auto Edge allows the interface to become an edge port if it does not receive

Edge Port Indicates whether the interface is configured as an edge port (Enabled).

Point-to-point MAC Indicates whether the link type for the interface is a point-to-point link.

Root Guard When enabled, Root Guard allows the interface to discard any superior information it receives

Loop Guard When enabled, Loop Guard prevents an interface from erroneously transitioning from

TCN Guard When enabled, TCN Guard restricts the interface from propagating any topology change

CST Regional Root The bridge ID of the bridge that has been elected as the root bridge of the CST region.

CST Path Cost The path cost from the interface to the CST regional root.

Loop Inconsistent State Identifies whether the interface is currently in a loop inconsistent state. An interface

Transitions Into Loop
Inconsistent State

Transitions Out Of Loop
Inconsistent State

any BPDUs within a given amount of time.

to protect the root of the device from changing. The port gets put into discarding state and
does not forward any frames.

blocking state to forwarding when the interface stops receiving BPDUs. The port is marked
as being in loop-inconsistent state. In this state, the interface does not forward frames.

information received through that interface.

transitions to a loop inconsistent state if loop guard is enabled and the port stops receiving
BPDUs. In this state, the interface does not transmit frames.

The number of times this interface has transitioned into loop inconsistent state.

The number of times this interface has transitioned out of loop inconsistent state.

Click Apply to update the switch configuration. Your changes take effect immediately but are not
retained across a switch reset unless you click Save Configuration.

Spanning Tree 57

Spanning Tree Statistics

Use the Spanning Tree Statistics page to view information about the number and type of bridge proto­col data units (BPDUs) transmitted and received on each port.

To display the Spanning Tree Statistics page, click Switching > Spanning Tree in the navigation
pane, and click the Statistics tab.

Figure 32. Spanning Tree Statistics Page

Table 22. Spanning Tree Statistics Fields

Field Description

Interface The port or trunk associated with the rest of the data in the row.

STP BPDUs Rx The number of classic STP (IEEE 802.1d) BPDUs received by the interface.

STP BPDUs Tx The number of classic STP BPDUs sent by the interface.

RSTP BPDUs Rx The number of RSTP (IEEE 802.1w) BPDUs received by the interface.

RSTP BPDUs Tx The number of RSTP BPDUs sent by the interface.

MSTP BPDUs Rx The number of MSTP (IEEE 802.1s) BPDUs received by the interface.

MSTP BPDUs Tx The number of MSTP BPDUs sent by the interface.

Page 58 Spanning Tree

Auto Recovery Configuration

The switch supports Auto Recovery for BPDU Guard, BPDU Rate Limiting, and Storm Control. A
switch port will be placed into a diagnostically disabled state when defined error conditions are met.
The error conditions that cause a port to be placed into the diagnostically disabled state are as follows:

 BPDU Guard: If a port that has the BPDU Guard feature enabled receives a BPDU, it is placed in

the diagnostically disabled state.

 BPDU Rate Limit: When Spanning Tree is enabled, BPDU Rate Limiting is enabled by default to

protect the switch from BPDU storms. The BPDU rate limit threshold is set to 12–17 BPDU pack­ets per second for three consecutive seconds.

When a port has been placed into a diagnostically disabled state, the port is shutdown, and no traffic is
sent or received on the port until it is either manually enabled by the administrator or re-enabled by the
Auto Recovery feature.

The Auto Recovery feature will automatically re-enable a diagnostically disabled port when the error
conditions that caused the port to be disabled are no longer detected. The switch utilizes a configu­rable Auto Recovery timer to periodically check the error condition at set intervals. If the error condition
is no longer present, the port will be re-enabled. The administrator can manually override the timer set­ting by re-enabling a port at any time.

Auto Recovery is disabled by default. When disabled, ports in a diagnostically disabled state remain
disabled until an administrator manually enables them.

Use the Auto Recovery Configuration page to configure Auto Recovery settings for STP BPDU Guard
and BPDU Rate Limit components. To display this page, click Switching > Spanning Tree in the nav­igation pane, and then click the Auto Recovery tab.

Figure 33. Auto Recovery Configuration Page

Spanning Tree 59

Table 23. Auto Recovery Configuration Fields

Field Description

Auto Recovery Parameters

Recovery Time This configures the Auto Recovery time interval. The Auto Recovery time interval is common

Auto Recovery Components

BPDU Guard When BPDU Guard Auto Recovery is enabled, the port will be enabled once the configured

BPDU Rate Limit If a port receives BPDUs at a rate greater than or equal to 12–17 BPDUs per second for three

Interface Status

Interface The interface that is diagnostically disabled. If no interfaces are in the diagnostically disabled

Admin Mode The administrative mode of the interface.

for BPDU Guard and BPDU Rate Limit. The default value of the timer is 300 seconds and the
range is from 30 to 86400 seconds.

Recovery Time expires. If the port receives another BPDU, it will be disabled again.
If the BPDU Guard Auto Recovery mode is disabled, a port that has received a BPDU and

has been placed in the diagnostically disabled state will remain in that state until an
administrator manually enables it. BPDU Guard Auto Recovery is disabled by default.

consecutive seconds, that port will be placed in the diagnostically disabled state.
When BPDU Rate Limit Auto Recovery is enabled, the port will be enabled once the

configured Recovery Time expires. If the port continues to receive BPDUs at a rate greater
than or equal to 12–17 BPDUs per second for three consecutive seconds, that port will be
disabled again. BPDU Rate Limit Auto Recovery is disabled by default.

state, the table is blank.

Port Status Indicates whether the link is up or down. The link is the physical connection between the port

Reason If the switch detects an error condition for an interface, the switch puts the interface in the

or trunk and the interface on another device.

diagnostically disabled state, meaning that it has been intentionally disabled because it has
encountered errors. The reasons that the interface can go into a diagnostically disabled state
include the following:

 BPDU Guard
 BPDU Storm

Time to Recover When Auto Recovery is enabled and the interface is placed in the diagnostically disabled

state, then a recovery timer starts for that interface. Once this timer expires, the device checks
if the interface is in the diagnostically disabled state. If yes, then the device enables the
diagnostically disabled interface.

If you modify these settings, click Apply to save the changes for the current boot session. The
changes take effect immediately but are not retained across a switch reset unless you click Save Con-
figuration.

Page 60 Spanning Tree

Loop Protection

Loops on a network consume resources and can degrade network performance. Detecting loops man­ually can be very cumbersome and time consuming. The HPE OfficeConnect 1920S series switch soft­ware provides an automatic loop protection feature.

When loop protection is enabled on the switch and on one or more interfaces (ports or trunks), the
interfaces send loop protection protocol data units (PDUs) to the multicast destination address
09:00:09:09:13:A6. When an interface receives a loop protection PDU, it compares the source MAC
address with its own. If the MAC addresses match, a loop is detected and a configured action is taken,
which may include shutting down the port for a specified period.

An interface can be configured to receive and take action in response to loop protection PDUs, but not
to send out the PDUs itself.

Ports on which loop protection is disabled drop the loop protection packets silently.

Loop Protection Status

Use the Loop Protection Status page to display the status of this feature on each port. To display this
page, click Switching > Loop Protection in the navigation pane.

Figure 34. Loop Protection Status Page

Loop Protection 61

Table 24. Loop Protection Status Fields

Field Description

Interface The port or trunk ID.

Loop Protection Indicates whether the feature is administratively enabled or disabled on the port. Loop

Protection is disabled by default.

Configured Action Taken The action that is set to occur when a loop is detected on the port with loop protection

enabled:

 Shutdown Port—The port will be shut down for the configured period. This is the default.
 Shutdown Port and Log—The event will be logged and the port is shut down for the con-

 Log Only—The event will be logged and the port remains operational.

Tx Mode Indicates whether the interface is configured (Enabled) to send out loop protection protocol

data units (PDUs) to actively detect loops. When disabled, the interface does not send out
loop protection PDUs but can receive them from other ports. Tx Mode is enabled by default.

Loop Count The number of loops detected on this interface since the last system boot or since statistics

were cleared.

Status The current loop protection status of the port. Link Up indicates the interface is operating

normally. Link Down indicates that the port has been shut down due to the detection of a loop.

Loop Whether a loop is currently detected on the port.

Time of Last Loop The date and time of the last loop event detected.

Loop Protection Configuration

Use the Loop Protection Configuration page to configure this feature on one or more interfaces. To dis­play this page, click Switching > Loop Protection in the navigation pane and select the Configura-

tion tab.

Figure 35. Loop Protection Configuration Page

figured period.

Page 62 Loop Protection

Table 25. Loop Protection Configuration Global Fields

Field Description

Loop Protection Select Enabled or Disabled to administratively enable or disable this feature globally on the

Transmission Time The interval at which the switch sends loop protection PDUs on interfaces that are enabled

switch. This feature is disabled by default.

to send them. The range is 1 to 10 seconds and the default is 5 seconds.

Shutdown Time The period that a port is shut down when a loop is detected. This setting applies only to ports

that are configured to be shut down upon the detection of a loop. The range is 0 to 604800
seconds and the default is 180 seconds.

If you modify these settings, click Apply to update the switch configuration. The changes take effect
immediately but are not retained across a switch reset unless you click Save Configuration.

Configuring Loop Protection Settings on Interfaces

To configure loop protection settings on one or more interfaces, select the interfaces and click Edit.

Figure 36. Edit Loop Protection Port Configuration Page

Loop Protection 63

Table 26. Edit Loop Protection Port Configuration Fields

Field Description

Interface The port or ports that are being configured.

Loop Protection Select Enabled or Disabled to administratively enable or disable this feature on the selected

Action Select the action to occur when a loop is detected on a port with loop protection enabled:

interfaces. By default, this feature is disabled on all interfaces.
Note that loop protection can be enabled on static trunks, but cannot be enabled on trunks

that are dynamically formed through LACP.

 Shutdown Port—The port will be shut down for the configured period. This is the default

selection.

 Shutdown Port and Log—The event will be logged and the port it shut down for the con-

figured period.

 Log Only—The event will be logged and the port remains operational.

Tx Mode When set to Enabled (the default), the port actively sends out loop protection PDUs to other

ports on which the loop protection feature is enabled. When set to Disabled, the port does
not send loop protection PDUs but can receive them from other ports. Tx Mode is enabled by
default.

Click Apply to update the switch configuration. Your changes take effect immediately. The changes
are not retained across a switch reset unless you click Save Configuration.

Page 64 Loop Protection

IGMP Snooping

Internet Group Management Protocol (IGMP) snooping allows a device to forward multicast traffic
intelligently. Multicast IP traffic is traffic that is destined to a host group. Host groups are identified by
class D IP addresses, which range from 224.0.0.0 to 239.255.255.255. Based on the IGMP query and
report messages, the switch forwards traffic only to the ports that request the multicast traffic. This pre­vents the switch from broadcasting the traffic to all ports, which could affect network performance.

When enabled, the switch supports IGMPv1 and IGMPv2.

To enable IGMP snooping and view global status information, click Switching > IGMP Snooping in
the navigation pane.

Figure 37. IGMP Snooping Page

Table 27. IGMP Snooping Fields

Field Description

IGMP Snooping Select Enabled to globally enable IGMP snooping on the switch. This feature is disabled by

Multicast Control Frame
Count

default.

The number of multicast control frames that have been processed by the CPU since the
switch was last reset.

If you change the Admin Mode, click Apply to save the changes for the current boot session. The
changes take effect immediately but are not retained across a switch reset unless you click Save Con-
figuration.

IGMP Snooping 65

SNMP

Simple Network Management Protocol (SNMP) provides a method for managing network devices. The
device supports SNMP version 1, SNMP version 2, and SNMP version 3.

SNMP v1 and v2

The SNMP agent maintains a list of variables, which are used to manage the device. The variables are
defined in the Management Information Base (MIB). The MIB presents the variables controlled by the
agent. The SNMP agent defines the MIB specification format, as well as the format used to access the
information over the network. Access rights to the SNMP agent are controlled by access strings.

SNMP v3

SNMP v3 also applies access control and a new traps mechanism to SNMPv1 and SNMPv2 PDUs. In
addition, the User Security Model (USM) is defined for SNMPv3 and includes:

 Authentication: Provides data integrity and data origin authentication.

 Privacy: Protects against disclosure of message content. Cipher-Block-Chaining (CBC) is used

for encryption. Either authentication is enabled on an SNMP message, or both authentication and
privacy are enabled on an SNMP message. However privacy cannot be enabled without authenti­cation.

 Timeliness: Protects against message delay or message redundancy. The SNMP agent com-

pares an incoming message to the message time information.

 Key Management: Defines key generation, key updates, and key use.

The device supports SNMP notification filters based on Object IDs (OID). OIDs are used by the system
to manage device features. SNMP v3 supports the following features:

 Security

 Feature Access Control

 Traps

Authentication or Privacy Keys are modified in the SNMPv3 User Security Model (USM).

Page 66 SNMP

SNMP Community Configuration

Access rights are managed by defining communities on the SNMP Community Configuration page.
When the community names are changed, access rights are also changed. SNMP Communities are
defined only for SNMP v1 and SNMP v2.

Use the SNMP Community Configuration page to enable SNMP and Authentication notifications.

To display the Community Configuration page, click Switching > SNMP in the navigation pane, and
ensure that the Community tab is selected.

Figure 38. SNMP Community Configuration Page

Table 28. SNMP Community Configuration Fields

Field Description

Community Name Community name used in SNMPv1/v2 packets. This is configured in the client and identifies

Security Name Identifies the Security entry that associates Communities and Groups for a specific access

Group Name Identifies the Group associated with this Community entry.

Community Access Specifies the access control policy for the community. The default access privileges are as

the access the user may connect with.

type.

follows:

 DefaultRead: Access to the entire MIB tree except to SNMP configuration objects.
 DefaultWrite: Access to the entire MIB tree except to SNMP configuration objects.
 DefaultSuper: Access to the entire MIB tree.

For more information about controlling access to objects, see “SNMP View Entry” on page 76.

Community View Specifies the community view for the community. If the value is empty, then no access is

IP Address Specifies the IP address that can connect with this community.

granted.
A view is used to restrict or grant access to specific MIB trees. For example, it is possible to

define a view to grant access to the mib-2 tree but deny access to the RMON MIB subtree,
or a view could allow access to only the RADIUS Accounting and Authentication MIBs
(SNMPv2-SMI::mib-2.67.2.2 and SNMPv2-SMI::mib-2.67.1.2). In this way, it is possible to
define a community that has access rights of a (restricted) view.

Click Apply to update the switch configuration. Your changes take effect immediately but are not
retained across a switch reset unless you click Save Configuration.

SNMP 67

Adding an SNMP Community or Community Group

To add a new SNMP community, click Add Community. The Add New Community screen appears.

Figure 39. Add SNMP Community Page

Configure the community fields and click Apply.

To add a new SNMP community group, click Add Community Group. The Add New Community

Group screen appears.

Figure 40. Add SNMP Community Group Page

Configure the community group fields and click Apply.

Removing an SNMP Community or Community Group

To remove an SNMP community or community group, select each item to delete and click Remove.
You must confirm the action before the entries are removed from the page.

Page 68 SNMP

SNMP v1/v2 Trap Receivers

Use the SNMP v1/v2 Trap Receivers page to configure settings for each SNMPv1 or SNMPv2 man­agement host that will receive notifications about traps generated by the device. The SNMP manage­ment host is also known as the SNMP trap receiver.

To access the Trap Receiver v1/v2 Configuration page, click Switching > SNMP in the navigation
pane, and then click the Trap Receiver V1/V2 tab.

Figure 41. SNMP v1/v2 Trap Receivers Page

Table 29. SNMP v1/v2 Trap Receivers Fields

Field Description

Host IP Address The IP address of the SNMP management host that will receive traps generated by the

device.

Community Name The name of the SNMP community that includes the SNMP management host and the SNMP

Notify Type The type of SNMP notification to send the SNMP management host:

agent on the device.

 Inform – An SNMP message that notifies the host when a certain event has occurred on

the device. The message is acknowledged by the SNMP management host. This type of
notification is not available for SNMPv1.

 Trap – An SNMP message that notifies the host when a certain event has occurred on

the device. The message is not acknowledged by the SNMP management host.

SNMP Version The version of SNMP to use, which is either SNMPv1 or SNMPv2.

Timeout Value The number of seconds to wait for an acknowledgment from the SNMP management host

Retries The number of times to resend an inform message that is not acknowledged by the SNMP

Filter The name of the filter for the SNMP management host. The filter defines which MIB objects

UDP Port The UDP port on the SNMP management host that will receive the SNMP notifications. If no

before resending an inform message.

management host.

to include or exclude from the view. This field is optional.

value is specified when configuring a receiver, the default UDP port value is used.

Click Apply to update the switch configuration. Your changes take effect immediately but are not
retained across a switch reset unless you click Save Configuration.

Adding an SNMP v1/v2 Trap Receiver

To add a SNMP v1/v2 trap receiver, click Add. The Add SNMP v1/v2 Host screen appears.

SNMP 69

Figure 42. Add SNMP v1/v2 Host Page

Configure the required fields and click Apply. Note that the Reties and Timeout Value fields are avail­able only if the selected Notify Type is Inform.

Removing an SNMP v1/v2 Trap Receiver

To remove an SNMP v1/v2 trap receiver, select each item to delete and click Remove. You must con­firm the action before the entries are removed from the page.

SNMP 3 Trap Receivers

Use the SNMP v3 Trap Receivers page to configure settings for each SNMPv3 management host that
will receive notifications about traps generated by the device. The SNMP management host is also
known as the SNMP trap receiver

To access the Trap Receiver v3 Configuration page, click Switching > SNMP in the navigation pane,
and then click the Trap Receiver V3 tab.

Figure 43. SNMP v3 Trap Receivers Page

Page 70 SNMP

Table 30. SNMP v3Trap Receivers Fields

Field Description

Host IP Address The IP address of the SNMP management host that will receive traps generated by the

User Name The name of the SNMP user that is authorized to receive the SNMP notification.

Notify Type The type of SNMP notification to send the SNMP management host:

Security Level The security level associated with the SNMP user, which is one of the following:

Timeout Value The number of seconds to wait for an acknowledgment from the SNMP management host

device.

 Inform – An SNMP message that notifies the host when a certain event has occurred on

the device. The message is acknowledged by the SNMP management host. This type of
notification is not available for SNMPv1.

 Trap – An SNMP message that notifies the host when a certain event has occurred on

the device. The message is not acknowledged by the SNMP management host.

 No Auth No Priv – No authentication and no data encryption (no security).
 Auth No Priv – Authentication, but no data encryption. With this security level, users

send SNMP messages that use an MD5 key/password for authentication, but not a DES
key/password for encryption.

 Auth Priv – Authentication and data encryption. With this security level, users send an

MD5 key/password for authentication and a DES key/password for encryption.

before resending an inform message.

Retries The number of times to resend an inform message that is not acknowledged by the SNMP

Filter The name of the filter for the SNMP management host. The filter defines which MIB objects

UDP Port The UDP port on the SNMP management host that will receive the SNMP notifications. If no

management host.

to include or exclude from the view. This field is optional.

value is specified when configuring a receiver, the default UDP port value is used.

Click Apply to update the switch configuration. Your changes take effect immediately but are not
retained across a switch reset unless you click Save Configuration.

Adding an SNMP v3 Trap Receiver

To add a SNMP v3 trap receiver, click Add. The Add SNMP v3 Host screen appears.

Figure 44. Add SNMP v3 Host Page

SNMP 71

Configure the required fields and click Apply. Note that the Reties and Timeout Value fields are avail­able only if the selected Notify Type is Inform.

Removing an SNMP v3 Trap Receiver

To remove an SNMP v3trap receiver, select each item to delete and click Remove. You must confirm
the action before the entries are removed from the page.

Access Control Group

Use this page to configure SNMP access control groups. These SNMP groups allow network manag­ers to assign different levels of authorization and access rights to specific device features and their
attributes. The SNMP group can be referenced by the SNMP community to provide security and con­text for agents receiving requests and initiating traps as well as for management systems and their
tasks. An SNMP agent will not respond to a request from a management system outside of its config­ured group, but an agent can be a member of multiple groups at the same time to allow communication
with SNMP managers from different groups. Several default SNMP groups are preconfigured on the
system.

To access the Access Control Group page, click Switching > SNMP in the navigation pane, and then
click the Access Control Group tab.

Figure 45. Access Control Group Configuration Page

Table 31. Access Control Group Configuration Fields

Field Description

Group Name The name that identifies the SNMP group.

Context Name The SNMP context associated with the SNMP group and its views. A user or a management

Page 72 SNMP

application specifies the context name to get the performance information from the MIB
objects associated with that context name. The Context EngineID identifies the SNMP entity
that should process the request (the physical router), and the Context Name tells the agent
in which context it should search for the objects requested by the user or the management
application.

Field Description

SNMP Version The SNMP version associated with the group.

Security Level The security level associated with the group, which is one of the following:

 No Auth No Priv – No authentication and no data encryption (no security). This is the

only Security Level available for SNMPv1 and SNMPv2 groups.

 Auth No Priv – Authentication, but no data encryption. With this security level, users

send SNMP messages that use an MD5 key/password for authentication, but not a DES
key/password for encryption.

 Auth Priv – Authentication and data encryption. With this security level, users send an

MD5 key/password for authentication and a DES key/password for encryption.

Read The level of read access rights for the group. The menu includes the available SNMP views.

Write The level of write access rights for the group. The menu includes the available SNMP views.

Notify The level of notify access rights for the group. The menu includes the available SNMP views.

When adding a group, select the check box to allow the field to be configured, then select the
desired view that restricts management access to viewing the contents of the agent.

When adding a group, select the check box to allow the field to be configured, then select the
desired view that permits management read-write access to the contents of the agent but not
to the community.

When adding a group, select the check box to allow the field to be configured, then select the
desired view that permits sending SNMP traps or informs.

Adding an SNMP Access Control Group

To add a SNMP access control group click Add. The Add new Access Control Group screen
appears.

Figure 46. Add New Access Control Group Page

Configure the required fields and click Apply

Removing an SNMP Access Control Group

To remove an SNMP v1/v2 trap receiver, select each item to delete and click Remove. You must con­firm the action before the entries are removed from the page.

SNMP 73

User Security Model

The User Security Model page provides the capability to configure the SNMP V3 user accounts.

To access the User Security Model page, click System > Advanced Configuration > SNMP > User

Security Model in the navigation menu.

Figure 47. SNMP User Security Model Page

Table 32. SNMP User Security Model Fields

Field Description

User Name Specifies the name of the SNMP user being added for the User-based Security Model (USM).

Each user name must be unique within the SNMP agent user list. A user name cannot contain
any leading or embedded blanks

Group Name A SNMP group is a group to which hosts running the SNMP service belong. A group name

Engine ID Type This field is available on the Add New SNMP User page. Specify whether the engine ID for

Engine ID Each SNMPv3 agent has an engine ID that uniquely identifies the agent in the device. If given

Authentication Method The authentication protocol to be used on authenticated messages on behalf of the user.

parameter is simply the name of that group by which SNMP communities are identified. The
use of a group name provides some security and context for agents receiving requests and
initiating traps and does the same for management systems and their tasks. An SNMP agent
won't respond to a request from a management system outside its configured group, but an
agent can be a member of multiple groups at the same time. This allows for communications
with SNMP managers from different groups.

the SNMP v3 agent is local or remote. If the agent is local, the engine ID is automatically
generated. If the agent is remote, you must specify the engine ID.

this entry will be used only for packets whose engine id is this. This field takes an hexadecimal
string in the form 0102030405.

 None - No authentication will be used for this user.
 MD5 - MD5 protocol will be used. This option requires a password of 1-32 hexadecimal

characters.

 SHA - SHA protocol will be used. This option requires a password of 1-32 hexadecimal

characters.

 MD5-Key - MD5 protocol will be used. This option requires a pregenerated MD5 authen-

tication key of 32 hexadecimal characters.

 SHA-Key - SHA protocol will be used. This option requires a pregenerated SHA authen-

tication key of 48 hexadecimal characters.

Password This field is available on the Add New SNMP User page. If the Authentication Method is MD5

or SHA, use this field to specify the password used to generate the key to be used in
authenticating messages on behalf of this user. If the Authentication Method is MD5-Key or
SHA-Key, use this field to specify the pregenerated MD5 or SHA authentication key.

Page 74 SNMP

Field Description

Privacy Specifies the privacy protocol to be used on encrypted messages on behalf of the specified

Authentication Key (Add
New SNMP User page)

Adding an SNMP v3 User

To add an SNMP user, click Add. The Add New SNMP User screen appears.

Figure 48. Add New SNMP User Page

user. This parameter is only valid if the value in the Authentication Method field is not None.

 None - No privacy protocol will be used.
 DES - DES protocol will be used. This option requires an authentication key of 1-32

hexadecimal characters.

 DES-Key - DES protocol will be used. This option requires an authentication key of 32

characters if MD5 is selected or 48 characters if SHA is selected.

This field is available on the Add New SNMP User page. Specifies the password used to
generate the key to be used in encrypting messages to and from this user. This parameter
must be specified if the value in the Privacy field is not None.

Configure the required fields and click Apply

Removing an SNMP v3 User

To remove one or more SNMP v3 users, select each user to delete and click Remove. You must con­firm the action before the entries are removed from the page.

SNMP 75

SNMP View Entry

Use the SNMP View Entry page to configure SNMP views. These SNMP views allow network manag­ers to control access to different parts of the MIB hierarchy permitting or denying access to objects.
Once configured, views are associated to access control groups to complete access privileges.

To access the SNMP View Entry page, click System > Advanced Configuration > SNMP > View

Entry in the navigation menu.

Figure 49. SNMP View Entry Page

Table 33. SNMP View Entry Fields

Field Description

View Name The name that identifies the SNMP view.

OID Tree The ASN.1 subtree to be included or excluded from the view.

View Type Type of access granted to the specified ASN.1 subtree:

 Included – Access is granted to this subtree.
 Excluded – Access is denied to this subtree.

Page 76 SNMP

Adding an SNMP View

To add an SNMP view, click Add. The Add New SNMP User screen appears.

Figure 50. Add New View

Configure the required fields and click Apply

Removing an SNMP View

To remove one or more SNMP views, select each view to delete and click Remove. Only user-config­ured views can be removed. You must confirm the action before the entries are removed from the
page.

SNMP 77

5 Virtual LAN

On a Layer 2 switch, Virtual LAN (VLAN) support offers some of the benefits of both bridging and rout­ing. Like a bridge, a VLAN switch forwards traffic based on the Layer 2 header. Like a router, a VLAN
switch partitions the network into logical segments. Partitioning the network provides better administra­tion, security, and multicast traffic management.

A VLAN is a set of end stations and the switch ports that connect them. Many reasons exist for the log­ical division, such as department or project membership. The only physical requirement is that the end
station and the port to which it is connected both belong to the same VLAN.

Each VLAN in a network has an associated VLAN ID, which displays in the IEEE 802.1Q tag in the
Layer 2 header of packets transmitted on a VLAN. An end station may omit the tag, or the VLAN por­tion of the tag, in which case the first switch port to receive the packet may either reject it or insert a tag
using its default VLAN ID. A given port may handle traffic for more than one VLAN, but it can only sup­port one default VLAN ID.

HPE OfficeConnect 1920S series switches support up to 256 VLANs.

Viewing VLAN Status and Adding VLANs

Use the VLAN Status page to view information on VLANs currently defined on the switch and to add
and edit VLAN information.

To display the VLAN Status page, click VLAN > Configuration in the navigation pane.

Figure 51. VLAN Configuration Page

By default, VLAN 1 is defined on the switch. It is designated as the default VLAN and cannot be modi­fied or deleted. All ports are members of VLAN 1 by default.

VLAN 1 is also the default management VLAN, which identifies the VLAN that management users
must be a member of. The administrator can configure a different VLAN as the management VLAN.
See Table 2 on page 20 for additional information about the management VLAN.

Page 78 Viewing VLAN Status and Adding VLANs

The following information displays for each VLAN:

Table 34. VLAN Configuration Fields

Field Description

VLAN ID The numerical VLAN identifier (VID) assigned to the VLAN, from 1 to 4093.

Note: VLAN 0 (VID = 0x000 in a frame) is reserved and is used to indicate that the frame does
not belong to any VLAN. In this case, the 802.1Q tag specifies only a priority and the value is
referred to as a priority tag.

Name A user-configurable name that identifies the VLAN. If no name is specified, the name is

Type The type of VLAN, which can be one of the following:

Adding VLANs

To add a VLAN, click Add.

Figure 52. Add VLAN

In the VLAN ID or Range field, specify one or more VLAN IDs in the range 2 to 4093, and click Apply.

VLANnnnn, where nnnn is the four-digit VLAN ID (including any leading zeros).

 Default—The default VLAN. This VLAN is always present, and the VLAN ID is 1.
 Static— A user-configured VLAN.

To create a range of VLANs, specify the beginning and ending VLAN IDs, separated by a dash. To cre­ate multiple non-sequential VLANs, separate each VLAN ID with a comma.

You can create up to 256 VLANs.

Viewing VLAN Status and Adding VLANs 79

Changing a VLAN Name

When you create a VLAN, a default name is automatically assigned in the form VLANnnnn, where
nnnn is the VLAN number with preceding zeros as needed. To change the VLAN name, select it on the
VLAN Status page and click Edit.

Figure 53. Edit VLAN Page

On the Edit VLAN Configuration page, specify the new name consisting of 0 to 32 alphanumeric char­acters and click Apply.

Configuring Interfaces as VLAN Members

By default, all ports and trunks are assigned membership in the default VLAN (VLAN 1). If you create
additional VLANs, you can add interfaces as members of the new VLANs and configure VLAN tagging
settings for the interfaces. You can also modify interface memberships in VLAN 1.

To configure interface VLAN memberships, click VLAN > Port Membership in the navigation pane.

Figure 54. VLAN Port Membership Page

Page 80 Configuring Interfaces as VLAN Members

Table 35. VLAN Port Membership Fields

Field Description

VLAN ID Select the VLAN ID for which you want to view interface memberships.

Interface The port or trunk ID.

Participation The participation mode of the interface in the selected VLAN, which is one of the following:

 Include – The port is a member of the selected VLAN. This mode is also equivalent to

registration fixed in the IEEE 802.1Q standard.

 Exclude – The port is not a member of the selected VLAN. This mode is also equivalent

to registration forbidden in the IEEE 802.1Q standard.

Tagging The tagging behavior for each port in this VLAN, which is one of the following:

 Tagged — The port is a tagged member of the selected VLAN. When frames in this VLAN

are forwarded on this port, the VLAN ID will be included in the frame’s Ethernet header.

 Untagged—The port is an untagged member of the selected VLAN. When frames in this

VLAN are forwarded on this port, the VLAN ID will not be included in the frame’s Ether­net header.

To configure port membership to the selected VLAN, select one or more ports and click Edit. Or, click
Edit All to configure all ports at the same time.

On the Edit VLAN Port Membership page, configure the Participation and Tagging settings to spec­ify whether the ports are excluded from the VLAN or are included as a tagged or untagged member.

NOTE:

Consider the following guidelines when editing VLAN port memberships and settings:

 A port can be an untagged member of only one VLAN. If you change the VLAN that a port is an

untagged member of, then the port will be excluded from the VLAN where it was previously an
untagged member. A port can be a tagged member of multiple VLANs.

 All ports must be a member of at least one VLAN, as either a tagged or an untagged member.

You cannot exclude a port from a VLAN unless the port is a member of at least one other VLAN.

 If you exclude a port from the management VLAN, a computer connected to the switch via that

port will be unable to access the switch management interface.

 Ports belonging to a trunk cannot be assigned membership in a VLAN, although the trunk itself

can be a member of one or more VLANs. When a member port is added to a trunk, it loses any
previous VLAN memberships and acquires those of the trunk. When deleted from a trunk, a port
loses the VLAN memberships of the trunk and acquires untagged membership in VLAN 1.

Click Apply to save any changes for the currently selected VLAN. The changes take effect immedi­ately but are not retained across a switch reset unless you click Save Configuration.

Configuring Interfaces as VLAN Members 81

VLAN Port Configuration

Use the VLAN Port Configuration page to configure the way interfaces handle VLAN-tagged, priority­tagged, and untagged traffic. To view this page, click VLANs > VLAN Port Configuration in the navi­gation pane.

Figure 55. VLAN Port Configuration Page

Table 36. VLAN Port Configuration Fields

Field Description

Interface Identifies the physical interface associated with the rest of the data in the row.

Port VLAN ID The VLAN ID assigned to untagged or priority tagged frames received on this port. This value

Acceptable Frame Types Indicates how the interface handles untagged and priority tagged frames:

Ingress Filtering Shows how the port handles tagged frames.

Untagged VLANs VLANs that are configured on the port to transmit egress packets as untagged.

Tagged VLANs VLANs that are configured on the port to transmit egress packets as tagged.

Priority Identifies the default 802.1p priority assigned to untagged packets arriving at the port.

is also known as the Port VLAN ID (PVID). In a tagged frame, the VLAN is identified by the
VLAN ID in the tag.

 Admit All – Untagged and priority tagged frames received on the interface are accepted

and assigned the value of the Port VLAN ID for this interface.

 Only Tagged – The interface discards any untagged or priority tagged frames it receives.
 Only Untagged – The interface discards any tagged frames it receives.

For all options, VLAN tagged frames are forwarded in accordance with the IEEE 802.1Q
VLAN standard.

 Enable: A tagged frame is discarded if this port is not a member of the VLAN identified

by the VLAN ID in the tag.

 Disable: All tagged frames are accepted, which is the factory default.

To modify these settings for one or more interfaces, select the interface and click Edit. Or, click Edit
All to configure all interfaces at the same time. Click Apply to save any changes for the currently

selected VLAN. The changes take effect immediately but are not retained across a switch reset unless
you click Save Configuration.

Page 82 VLAN Port Configuration

Auto Voice VLAN Configuration

The voice VLAN feature enables switch ports to carry voice traffic with defined settings so that voice
and data traffic are separated when coming onto the port. A voice VLAN ensures that the sound quality
of an IP phone is safeguarded from deterioration when data traffic on the port is high.

The inherent isolation provided by VLANs ensures that inter-VLAN traffic is under management control
and that network-attached clients cannot initiate a direct attack on voice components. A QoS protocol
based on the IEEE 802.1P class-of-service (CoS) protocol uses classification and scheduling to send
network traffic from the switch in a predictable manner. The system uses the source MAC of the traffic
traveling through the port to identify the IP phone data flow.

Voice VLAN is enabled per-port basis. A port can participate only in one voice VLAN at a time. The
Voice VLAN feature is disabled by default.

Use the Auto Voice VLAN Configuration page to configure the global administrative mode of the Voice
VLAN feature as well as the per-port settings. When Voice VLAN is configured on a port that receives
both voice and data traffic, it can help ensure that the voice traffic has priority.

To display the Auto Voice VLAN Configuration page, click Switching > Auto Voice VLAN in the navi­gation pane.

Figure 56. Auto Voice VLAN Configuration Page

Table 37. Auto Voice VLAN Configuration Fields

Field Description

Voice VLAN Admin Mode Click Enable or Disable to administratively turn the Voice VLAN feature on or off for all ports.

Interface The interface associated with the rest of the data in the row. When adding a Voice VLAN

Operational State The operational status of the Voice VLAN feature on the interface. To be enabled, Voice VLAN

The administrative mode of the Voice VLAN feature. When Voice VLAN is enabled globally
and configured on interfaces that carry voice traffic, this feature can help ensure that the
sound quality of an IP phone does not deteriorate when data traffic on the port is high.

configuration to a port, the Interface menu allows you to select the port to configure. Only
interfaces that have not been configured with Voice VLAN settings can be selected from the
menu.

must be globally enabled and enabled on the interface. Additionally, the interface must be up
and have a link.

Auto Voice VLAN Configuration 83

Field Description

CoS Override Mode The Class of Service override mode:

 Enabled – The port ignores the 802.1p priority value in the Ethernet frames it receives

from connected devices.

 Disabled – The port trusts the priority value in the received frame.

Voice VLAN Interface Mode Indicates how an IP phone connected to the port should send voice traffic:

 VLAN ID – Forward voice traffic in the specified voice VLAN.
 802.1p – Tag voice traffic with the specified 802.1p priority value.
 None – Use the settings configured on the IP phone to send untagged voice traffic.
 Untagged – Send untagged voice traffic.

Voice VLAN Interface Value When adding or editing Voice VLAN settings for an interface and either VLAN ID or Dot1p is

Voice VLAN DSCP The IP DSCP value that voice traffic is tagged with.

selected as the Voice VLAN Interface Mode, specify the voice VLAN ID or the Dot1p priority
value that the connected IP phone should use for voice traffic.

Use the buttons to perform the following tasks:

 To configure Voice VLAN settings on a port, click Add. Select the interface to configure from the

Interface menu, and then configure the desired settings.

 To change the Voice VLAN settings, select the interface to modify and click Edit.

 To remove the Voice VLAN configuration from one or more ports, select each entry to delete and

click Remove.

Click Apply to update the switch configuration. Your changes take effect immediately but are not
retained across a switch reset unless you click Save Configuration.

Page 84 Auto Voice VLAN Configuration

6 Trunks

Trunks allow for the aggregation of multiple full-duplex Ethernet links into a single logical link. Network
devices treat the aggregation as if it were a single link, which increases fault tolerance and provides
load sharing capability.

A trunk interface can be either static or dynamic:

 Dynamic—Dynamic trunks use the Link Aggregation Control Protocol (LACP, IEEE standard

802.3ad). An LACP-enabled port automatically detects the presence of other aggregation-capable
network devices in the system and exchanges Link Aggregation Control Protocol Data Units
(LACPDUs) with links in the trunk. The PDUs contain information about each link and enable the
trunk to maintain them.

 Static—Static trunks are assigned to a bundle by the administrator. Members do not exchange

LACPDUs. A static trunk does not require a partner system to be able to aggregate its member
ports. This is the default port type.

All members of a trunk must participate in the same protocols. A static trunk interface does not require
a partner system to be able to aggregate its member ports.

From a system perspective, a Trunk is treated as a physical port. A Trunk and a physical port use the
same configuration parameters for administrative enable/disable, port priority, and path cost.

A trunk failure of one or more of the links does not stop traffic in any manner. Upon failure, the flows
mapped to a link are dynamically reassigned to the remaining links of the trunk. Similarly when links
are added to a trunk, existing flows may automatically shift to a different link member within the trunk.
Before any relocation of a conversation, the system ensures reordered frames do not exist.

When ports are added as members to a trunk, they are removed from all existing VLAN memberships
and acquire the membership of trunk VLANs.

The 8-port switches support four trunks, the 24-port switches support eight trunks, and the 48-port
switches support 16 trunks. On the 8-port and 24-port switches, each trunk can support up to four trunk
members, and on the 48-port switches, each trunk can support up to eight members.

NOTE:

Trunks are sometimes referred to as link aggregation groups (LAGs) or port-channels.

Auto Voice VLAN Configuration 85

Trunk Configuration

You can use the Trunk Configuration page to view and edit trunks. The number of trunks on the system
is fixed, and all trunks are disabled by default. You can enable, disable, and edit settings for each
trunk. Click Trunk > Trunk Configuration in the navigation pane.

Figure 57. Trunk Configuration Page

The following information displays for each trunk.

Table 38. Trunk Configuration Fields

Field Description

Trunk The trunk ID.

Name The configurable trunk name, which is the same as the trunk ID by default.

Type Trunks can be either dynamic or static, but not both:

 Dynamic— Dynamic trunks use the Link Aggregation Control Protocol (LACP, IEEE

standard 802.3ad). An LACP-enabled port automatically detects the presence of other
aggregation-capable network devices in the system and exchanges Link Aggregation
Control Protocol Data Units (LACPDUs) with links in the trunk. The PDUs contain infor­mation about each link and enable the trunk to maintain them.

 Static— Static trunks are assigned to a bundle by the administrator. Members do not

exchange LACPDUs. A static trunk does not require a partner system to be able to
aggregate its member ports. This is the default port type.

Note that the loop protection feature is not supported on dynamic trunks. If loop protection is
enabled on a static trunk and the trunk is changed to a dynamic trunk, loop protection is
disabled.

Admin Mode Whether the trunk is administratively enabled or disabled. This feature is enabled by default.

Link Status Indicates the operational status of the trunk interface, which can be Up, Up (SFP) for ports

Members The ports that are members of the trunk. By default, no ports belong to any trunk.

Active Ports The ports that are actively participating members of a trunk. A member port that is

with an installed SFP transceiver, or Down.

operationally or administratively disabled or does not have a link is not an active port.

Page 86 Trunk Configuration

Modifying Trunk Settings

To modify a trunk, select it and click Edit. The Edit Existing Trunk page displays:

Figure 58. Edit Existing Trunk Page

You can define the trunk name, administratively enable and disable the trunk, and select between
static and dynamic mode, as described in Table 38 on page 86. You can also configure the following
additional settings:

Table 39. Additional Trunk Configuration Fields

Field Description

STP Mode The spanning tree protocol (STP) mode of the trunk. When enabled, the trunk participates in

Static Mode When enabled, the trunk is a static trunk. When disabled, the trunk type is Dynamic.

Load Balance The hashing algorithm used to distribute traffic load among the physical ports of the trunk

Port List/Members The Port List shows ports that are not members of the trunk, and the Members list shows

the STP operation to help prevent network loops. This feature is enabled on all trunks by
default.

while preserving the per-flow packet order. The hashing algorithm uses various packet
attributes to determine the outgoing physical port.The following sets of packet attributes can
be used to compute the hashing algorithm:

 Source MAC, VLAN, EtherType, Incoming Port
 Destination MAC, VLAN, EtherType, Incoming Port
 Source/Destination MAC, VLAN, EtherType, Incoming Port. This is the default selection.
 Source IP and Source TCP/UDP Port Fields
 Destination IP and Destination TCP/UDP Port Fields
 Source/Destination IP and TCP/UDP Port Fields

the ports that are members. Use the arrows to move ports between the lists.

Trunk Configuration 87

Note the following considerations when configuring trunks and trunk members:

 All ports in a trunk must have the same full-duplex speed.

 Loop protection is supported on static trunks, but not on dynamic trunks. If loop protection is

enabled on a static trunk that is now being changed to a dynamic trunk, loop protection will be dis­abled on the trunk.

 A port that is added to a trunk loses its port VLAN membership and is assigned the VLAN mem-

berships configured for the trunk. Individual port VLAN memberships cannot be configured for
ports that are members of a trunk. When the port is removed from a trunk, the port is made a
member of the default VLAN.

 When ports are members of a trunk, they take on the STP configuration for the trunk. When ports

are removed from a trunk, the take on their earlier configured STP states.

Click Apply to save any changes to the currently selected trunk. The changes take effect immediately.

Trunk Statistics

The Trunk Statistics page displays the flap count for each trunk. A flap occurs when a trunk interface or
trunk member port goes down.To display the Trunk page, click

Figure 59. Trunk Statistics Page

Trunks

>

Statistics

in the navigation pane

.

Table 40. Trunk Statistics Fields

Field Description

Trunk Name The user-created name for the trunk.

Type The interface type, which is either Port-Channel (a trunk) or Member Port (a physical port).

Flap Count The number of times the interface has gone down. The counter for a member port is

You can click Clear Counters to reset the flap count statistics to 0.

Page 88 Trunk Statistics

incremented when the physical port is either manually shut down by the administrator or when
its link state is down. When a trunk is administratively shut down, the flap counter for the trunk
is incremented, but the flap counters for its member ports are not affected. When all active
member ports for a trunk are inactive (either administratively down or link down), then the
trunk flap counter is incremented.

7 Link Layer Discovery Protocol (LLDP and LLDP-MED)

LLDP is a standardized discovery protocol defined by IEEE 802.1AB. It allows stations residing on a
LAN to advertise major capabilities, physical descriptions, and management information to other
devices on the network. A network management system (NMS) can access and display this informa­tion.

LLDP is a one-way protocol; there are no request/response sequences. Information is advertised in
LLDP Protocol Data Units (LLDPDUs) by stations implementing the LLDP transmit function, and LLDP­DUs are received and processed by stations implementing the receive function. The transmit and
receive functions can be enabled and disabled separately per port. By default, both functions are
enabled on all ports.

LLDP-MED is an extension of the LLDP standard. LLDP-MED uses LLDP's organizationally-specific
Type- Length-Value (TLV) extensions and defines additional TLVs.

LLDP Global Configuration

Use the LLDP Global Configuration page to specify global LLDP parameters and to configure the pro­tocol on individual ports.

To display the LLDP Global Configuration page, click LLDP > Configuration in the navigation pane.

Figure 60. LLDP Global Configuration Page

LLDP Global Configuration 89

You can configure the following global settings:

Table 41. LLDP Global Configuration Fields

Field Description

Transmit Interval Specify the time between transmission of LLDPDUs. The range is from 5 to 32768 seconds

Transmit Hold Multiplier Specify the multiplier value on the transmit interval, which is used to compute the time-to-live

and the default is 30 seconds.

(TTL) value associated with LLDPDUs. The range is from 2 to 10 seconds, and the default is
4 seconds.

Re-Initialization Delay Specify the number of seconds to wait before attempting to re-initialize LLDP on a port after

Notification Interval Specify the minimum number of seconds to wait between transmissions of remote data

the LLDP operating mode on the port changes. The range is from 1 to 10 seconds and the
default is 2 seconds.

change notifications. The range is from 5 to 3600 seconds and the default is 5 seconds.

If you change these settings, click Apply to save any changes for the current boot session. The
changes take effect immediately but are not retained across a switch reset unless you click Save Con-
figuration.

The following information displays for each interface:

Table 42. LLDP Global Configuration—Port Fields

Field Description

Interface The port or trunk ID.

Link Status The link status of the interface, which is either Up or Down. An interface that is down does not

Transmit The LLDP advertise (transmit) mode on the interface. If the transmit mode is enabled, the

Receive The LLDP receive mode on the interface. If the receive mode is enabled, the device can

Notify Enable to have LLDP generate a log file entry.

Transmit Management
Information

forward traffic.

interface sends LLDPDUs that advertise the mandatory TLVs that are enabled.

receive LLDPDUs from other devices.

The status of the LLDP remote data change notification on the interface. When enabled, the
interface sends notifications when a link partner device is added or removed.

To modify interface settings, select one or more interfaces and click Edit to display the Edit LLDP Inter­face page.

Page 90 LLDP Global Configuration

Figure 61. Edit LLDP Interface

Select a box to enable the associated feature. Clear a box to disabled the associated feature.

To modify settings on all interfaces, click Edit All.

LLDP Local Device Summary

Use the LLDP Local Device Summary page to view LLDP information for switch interfaces. To display
this page, click LLDP > Local Devices in the navigation pane.

Figure 62. LLDP Local Device Summary Page

LLDP Local Device Summary 91

If all LLDP functions are disabled on an interface, then it does not appear in the table.

Table 43. LLDP Local Device Summary Fields

Field Description

Local Device Summary

Chassis ID The hardware platform identifier for the device.

Chassis ID Subtype The type of information used to identify the chassis.

Capabilities Supported The primary function(s) the device supports.

Capabilities Enabled The primary function(s) the device supports that are enabled.

Interface Description

Interface The interface ID.

Port ID The port identifier, which is the physical address associated with the interface.

Port ID Subtype The type of information used to identify the interface

Port Description A description of the port. An administrator can configure this information on the Port Status

Displaying Port Details

page.

To view additional LLDP information that the interface advertises, select the interface and click Details.

Figure 63. LLDP Local Device Information Page

Page 92 LLDP Local Device Summary

In addition to the fields described in Table 43 on page 92, this page displays the following fields.

Table 44. LLDP Local Device Information Fields

Field Description

System Name The user-configured system name for the device. The system name is configured on the

System Description The device description which includes information about the product model and platform.

Management Address The address, such as an IP address, associated with the management interface of the device.

Management Address Type The protocol type or standard associated with the management address.

Dashboard page.

LLDP Remote Device Summary

Use the LLDP Remote Device Summary page to view information about remote devices for which the
switch has received LLDP information. Interfaces that have this option enabled display in this table
only if they have received LLDP notifications from a remote device.

To display the Remote Device page, click LLDP > Remote Devices in the navigation pane.

Figure 64. LLDP Remote Device Summary Page

Table 45. LLDP Remote Device Summary Fields

Field Description

Interface The HPE OfficeConnect 1920S interface that received the LLDP data from the remote

Remote ID The identifier assigned to the remote system that sent the LLDPDU.

Chassis ID The hardware platform ID for the remote system.

Port ID The physical address of the port on the remote device that sent the LLDP data.

Port Description The port description configured on the remote device. If the port description is not configured,

System Name The system description configured on the remote device. If the system description is not

system.

the field may show the interface number of the remote port, or it may be blank.

configured, the field is blank.

LLDP Remote Device Summary 93

Field Description

Capabilities Supported The capabilities on the remote device. The possible capabilities include other, repeater,

Capabilities Enabled The capabilities on the remote device that are enabled.

System ID The reported management IP or MAC addresses of the remote device.

LLDP Global Statistics

The Link Layer Discovery Protocol (LLDP) Statistics page displays summary and per-port information
for LLDP and LLDP-MED frames transmitted and received on the switch.

To display the LLDP Global Statistics page, click LLDP > Statistics in the navigation pane.

Figure 65. LLDP Statistics Page

bridge, WLAN AP, router, telephone, DOCSIS cable device, and station.

Table 46. LLDP Global Statistics Fields

Field Description

Global Statistics

Insertions The number of times the complete set of information advertised by a particular MAC Service

Deletions The number of times the complete set of information advertised by a particular MSAP has

Drops The number of times the complete set of information advertised by a particular MSAP could

Page 94 LLDP Global Statistics

Access Point (MSAP) has been inserted into tables associated with the remote systems.

been deleted from tables associated with the remote systems.

not be entered into tables associated with the remote systems because of insufficient
resources.

Field Description

Age Outs The number of times the complete set of information advertised by a particular MSAP has

Time Since Last Update Time when an entry was created, modified, or deleted in the tables associated with the remote

Interface Statistics

Interface The interface ID.

Transmitted Frames The number of LLDP frames transmitted on the interface.

Received Frames The number of valid LLDP frames received on the interface.

Discarded Frames The number of LLDP frames the interface discarded for any reason.

Errors The number of invalid LLDP frames received by the LLDP agent on the interface.

MED TLVs The total number of LLDP-MED TLVs received on the interface.

been deleted from tables associated with the remote systems because the information
timeliness interval has expired.

system.

Click Clear All Counters to reset all statistics to their initial values.

LLDP Global Statistics 95

LLDP-MED Global Configuration

LLDP-MED is an enhancement to LLDP that enables:

 Auto-discovery of LAN policies (such as VLAN and Layer 2 Priority settings).

 Device location discovery for creation of location databases.

 Extended and automated power management of Power over Ethernet (PoE) endpoints.

 Inventory management, enabling network administrators to track their network devices and deter-

mine their characteristics (manufacturer, software and hardware versions, serial/asset number).

To view and configure global Link Layer Discovery Protocol-Media Endpoint Discovery (LLDP-MED)
settings, click LLDP-MED > Configuration in the navigation pane.

Figure 66. LLDP-MED Global Configuration Page

The following global settings display:

Table 47. LLDP-MED Global Configuration Fields

Field Description

Fast Start Repeat Count The number of LLDP-MED Protocol Data Units (LLDPDUs) that are transmitted during the

Device Class The device's MED classification. The HPE OfficeConnect 1920S switch is classified as a

fast start period when LLDP-MED is enabled. The default is 3.

Network Connectivity device.

If you change the Fast Start Repeat Count, click Apply to save any changes for the current boot ses­sion. The changes take effect immediately but are not retained across a switch reset unless you click
Save Configuration.

Page 96 LLDP-MED Global Configuration

The following information displays for each port:

Table 48. LLDP Global Configuration—Port Fields

Field Description

Interface The ID of the physical and trunk interfaces.

Link Status The link status of the interface, which is either Up or Down. An interface that is down does not

MED Mode The administrative status of LLDP-MED on the interface. When enabled, the LLDP-MED

Notification Status Indicates whether LLDP-MED topology change notifications are enabled or disabled on the

Operational Status Indicates whether the interface is configured to transmit TLVs. To transmit TLVs, the interface

forward traffic.

transmit and receive functions are effectively enabled on the interface. This feature is enabled
by default.

interface. This feature is disabled by default.

must be enabled to receive and transmit LLDPDUs and must be connected to an LLDP-MED
device. The switch waits for the LLDP-MED device to advertise its information before the
switch transmits its own LLDP-MED TLVs, at which point the operational status becomes
enabled.

Transmitted TLVs The LLDP-MED TLV(s) that the interface transmits. The HPE OfficeConnect 1920S switch,

can transmit TLVs of the following types:

 Capabilities
 Network Policy

To enable or disable LLDP-MED on one or more interfaces, and to configure related features, select
the interfaces and click Edit.

Figure 67. Edit LLDP-MED Interface

To modify settings on all interfaces, click Edit All. The settings you configure are applied to all inter­faces.

LLDP-MED Global Configuration 97

LLDP-MED Local Device Summary

Use the LLDP-MED Local Device Summary to view the information that is advertised by the switch
interfaces when they are enabled for LLDP-MED. To display this page, click LLDP-MED > Local

Devices in the navigation pane.

Figure 68. LLDP-MED Local Device Summary Page

Table 49. LLDP-MED Local Device Summary Fields

Field Description

Interface The trunk or port ID.

Port ID The interface identifier, which is its physical address.

Page 98 LLDP-MED Local Device Summary

LLDP-MED Remote Device Summary

Use the LLDP-MED Remote Device Summary page to view information about the remote devices the
local system has learned through the LLDP-MED data units received on its interfaces. Information is
available about remote devices only if an interface receives an LLDP-MED data unit from a device.

To display this page, click LLDP-MED > Remote Devices in the navigation pane.

Figure 69. LLDP-MED Remote Device Summary Page

Table 50. LLDP Remote Device Summary Fields

Field Description

Interface The local interface that has received LLDP-MED data units from remote devices.

Remote ID The client identifier assigned to the remote system that sent the LLDP-MED data unit.

Device Class The MED Classification advertised by the TLV from the remote device. The following three

System ID The reported management IP addresses of the remote device.

classifications represent the actual endpoints:

 Class I Generic (for example, IP Communication Controller)
 Class II Media (for example, Conference Bridge)
 Class III Communication (for example, IP Telephone)

The fourth device is Network Connectivity Device, which is typically a device such as a LAN
switch or router, IEEE 802.1 bridge, or IEEE 802.11 wireless access point.

LLDP-MED Remote Device Summary 99

Displaying Remote Device Details

To view additional information about a remote device, select the interface that received the LLDP-MED
data and click Details.

Figure 70. LLDP-MED Remote Device Information Page

The following additional fields appear on the LLDP-MED Remote Device Information page:

Field Description

Capability Information

Supported Capabilities The supported capabilities that were received in the MED TLV on this interface.

Enabled Capabilities The supported capabilities on the remote device that are also enabled.

Device Class The MED Classification advertised by the TLV from the remote device.

Page 100 LLDP-MED Remote Device Summary