Intel Corporation assumes no responsibility for errors or omissions in this manual. Nor does Intel make any commitment to update the
information contained herein. Intel is a trademark or registered trademark of Intel Corporation or its subsidiaries in the United States and
other countries.
* Other product and corporate names may be trademarks of other companies and are used only for explanation and
to the owners’ benefit, without intent to infringe.
Second Edition June 2001 A18558-002
CONTENTS
Intel® NetStructure
Contents
470T and 470F Switches User Guide
1 Setting up the Intel® NetStructure™ 470T and
470F Switches
Save Settings...................................................................117
470T and 470F Switches User Guide
Appendix A: Technical Information119
Index139
Intel Customer Support146
iv
Setting up the Intel
®
NetStructure™ 470T
1
and 470F Switches
Overview
This guide provides information on configuring and managing the Intel
NetStructure™ 470T and 470F Switches. It is organized into five chapters:
• Chapter 1 - Identifying and connecting the switch hardware
• Chapter 2 - Using the switch in a LAN; advanced features such as link
aggregation and VLANs
• Chapter 3 - Using Intel Device View
• Chapter 4 - Using Web Device Manager
• Chapter 5 - Using Local Management
Management
Through the switch’s built-in management you can configure the device and
monitor network health. You can use any combination of the following
methods to manage the switch.
• SNMP management applications like Intel Device View, LANDesk
Network Manager, HP OpenView*, and IBM Tivoli NetView* are
tailored for Intel products and show a graphical representation of the
device.
®
®
• Onboard management allows control over the switch without using an
SNMP application. The Web Device Manager provides a graphical
interface while Local Management is a menu-driven interf ace.
• Other SNMP-compliant applications can manage the switches if you
compile the switch’s MIB files into that application.
1
CHAPTER 1
Status
LED
Intel® NetStructure™ 470T and 470F Switches User Guide
Switch Features
These are the major features of the 470 switches.
8-port 470F Switch (Product Code ES470F)
Link/Activity LEDs
Serial
Port
6+2-port 470T Switch (Product Code ES470T)
Status
LED
Speed LEDs
(top row)
Link/Activity LEDs
(bottom row)
Serial
Port
Back of 470 Switch
• 100/1000 Base-T auto-negotiates speed, duplex, and flow control—100Mbps or
1000Mbps
per port
• 470F supports 1000SX, 1000LX, and 1000LH GBICs
• Half-duplex and full-duplex flow control
• Port settings can be configured manually through management
• Access menu-driven Local Management through the serial port or a Telnet session
• Access the graphical Web Device Manager through a Web browser
1000 Base-SX
Port
1000 Base-T
Port
MAC
Address
GBIC Port
AC Power
Plug
2
CHAPTER 1
Setting Up the Intel
®
NetStructure™ 470T and 470F Switches
LEDs
The LEDs to the left of the ports indicate port status, individual port speed,
and activity.
Status
470F
Link/Activity
470 Switch Setup
NOTE
After the switch is turned on, the
Status LED blinks green once
before the diagnostic mode starts.
Status
470T
Speed
Link/Activity
LEDStateMeaning
StatusBlinking greenSwitch is performing diagnostics and booting.
(This lasts for 20–30 seconds.)
Solid greenDiagnostics have passed, the switch is ready.
Blinking greenDiagnostics have failed. (After the initial 20–
30 seconds, the LED continues blinking.)
Link/ActivitySolid greenDevice linked.
Blinking greenReceiving activity on that port.
OffNo link detected.
SpeedSolid greenDevice connected at 1000Mbps.
(470T only)OffDevice connected at 100Mbps.
3
CHAPTER 1
Intel® NetStructure™ 470T and 470F Switches User Guide
Connection Guidelines
General
• The 470T switch is can auto-negotiate port duplex. It can operate at
half-duplex or full-duplex at 100Mbps, and full-duplex at 1000Mbps.
The switch matches the highest possible speed (up to 1000Mbps) of an
attached device.
• The 470F operates at full-duplex and at 1000Mbps.
Cabling
NOTE
Use certified Category 5 cables to
connect 1000Mbps devices to the
switch.
• Use Category 5 unshielded, twisted-pair (CAT 5 UTP) cable to connect
1000Mbps or 100Mbps devices to the switch.
• Limit the cable length between devices to 100 meters (330 feet) for
copper wire.
• Use a straight-through cable to connect the switch to a server or
workstation.
• To connect to another switch or hub, use a crossover cable.
Straight-through vs. Crossover Cables
Switch ports are wired MDI-X, so use a straight-through cable to connect to
a workstation or server (network adapter cards are wired MDI). To connect
to another MDI-X port, use a crossover cable. The following pin
arrangements are for the switch’s Ethernet port and the typical RJ-45
connector. The wiring diagrams illustrate how to wire a straight-through and
crossover cable for 100Mbps and 1000Mbps devices.
Straight-Through UTP cable (100Mbps)
Switch (MDI-X) Adapter (MDI)
4
CHAPTER 1
Setting Up the Intel
®
NetStructure™ 470T and 470F Switches
Crossover UTP cable (100Mbps)
Switch (MDI-X) Hub (MDI-X)
Straight-Through UTP cable (1000Mbps)
Switch (MDI) Switch (MDI)
470 Switch Setup
5
CHAPTER 1
Intel® NetStructure™ 470T and 470F Switches User Guide
6
Using the Intel
®
NetStructure™ 470T
2
and 470F Switches
Overview
Chapter 2 provides an overview for using the Intel® NetStructure™ 470T
and 470F Switches within a network. This chapter covers switching features
like flow control and spanning tree, and includes a discussion of the more
advanced features such as link aggregation and the types of VLANs
available on the switch.
If you are familiar with switching technology you can skip ahead to a
particular section within the chapter. The following list shows where you
can find particular topics:
• Sample Configuration page 8
• Flow Control page 9
• Broadcast Storm Control page 10
• Spanning T ree Protocol page 11
• Tagged Frames page 12
• Priority T ag ging page 12
• Link Aggregation page 13
• Virtual LANs page 14
• GVRP page 18
• Internet Group Management Protocol (IGMP) Snooping page 18
7
CHAPTER 2
100Mbps
1000Mbps
Link Aggregation
group
Intel® NetStructure™ 470T and 470F Switches User Guide
Sample Configuration
The following example illustrates how the 470T and 470F switches can be
used in a network.
In this example, the Intel NetStructure 480T Routing Switch is the
backbone of the network, providing routing capability. The 470T and 470F
switches provide gigabit connectivity from the 480T to the Intel Express
460T Standalone Switches through the 460T gigabit uplinks.
Intel® NetStructure™ 470T Switch
Intel Express 460T
Standalone Switches
Intel® NetStructure™ 470F Switch
Intel Express 460T
Standalone Switches
Intel® NetStructure™ 480T Routing Switch
Servers
8
CHAPTER 2
Using the Intel
®
NetStructure™ 470T and 470F Switches
Flow Control
During heavy network activity, the switch’s port buffers can receive too
much traffic and fill up faster than the switch can send the information. In
cases like this, the switch tells the transmitting device to wait until the
information in the buffer can be sent. This traffic control mechanism is
called flow control.
The method of flow control depends on whether the port is set to full-duplex
or half-duplex.
• If a port operates at half-duplex, the switch sends a collision (also called
backpressure) that causes the transmitting device to wait.
• If the port operates at full-duplex, the switch sends out an IEEE 802.3x
PAUSE frame.
You can enable or disable flow control for each port on the 470 switch.
Broadcast Storm Control
You can use broadcast storm control to control the amount of broadcast
traffic serviced by the switch. You can prevent broadcasts from taking an
excessive amount of network resources and degrading network
performance.
Using the 470 Switch
To control the amount of broadcast traffic, set an upper threshold
percentage for each port. The upper threshold is the percentage of the
port’s total bandwidth that is available for broadcast traffic. For example, if
a port’s upper threshold percentage is 4%, broadcast traffic can take up to
4% of the port’s total bandwidth.
Broadcast traffic
resumed
160 s.
% of% of
% of
% of% of
BroadcastBroadcast
Broadcast
BroadcastBroadcast
traffic ontraffic on
traffic on
traffic ontraffic on
the portthe port
the port
the portthe port
4%
Upper
threshold
1%
Lower
threshold
40 s.
TimeTime
Time
TimeTime
in secondsin seconds
in seconds
in secondsin seconds
Broadcast traffic
dropped
80 s.120 s.
9
CHAPTER 2
Intel® NetStructure™ 470T and 470F Switches User Guide
The switch checks the amount of broadcast traffic on each port every 20
seconds. If the port detects that the amount of broadcast traffic exceeds the
upper threshold on two subsequent checks, the port drops all broadcast
traffic.
When broadcast traffic is dropped for storm control, the switch continues
to check the amount of broadcast traffic on each port. For the port to begin
accepting broadcast traffic again, the amount of broadcast traffic must fall
below the lower threshold percentage. The lower threshold percentage, 1%,
is a factory default. If broadcast traffic falls below the lower threshold
percentage when the port is checked, the switch automatically resumes
servicing broadcast traffic.
When broadcast traffic servicing resumes, the switch begins checking the
amount of broadcast traffic against the upper threshold.
Spanning Tree Protocol
Spanning Tree Protocol, as described in the IEEE (Institute of Electrical and
Electronic Engineers) 802.1D specification, is a protocol designed to
prevent loops within the network topology. A loop can occur if there is
more than one path for information to travel between devices. The Spanning
Tree Protocol determines the “cost” of a connection. For example, if two
devices are connected by two links, spanning tree uses the connection with
the lowest cost and blocks the second connection.
10
Spanning tree prevents loops by allowing only one active path between any
two network devices at a time. However, you can also use this protocol to
establish redundant links between devices that can take over if the primary
link fails.
Backup Path from Client A to Server B:
Switch A –> Switch B –> Switch C
Switch A
Primary Path from Client A to Server B: Switch A –> Switch C
Switch B
P
a
: 3
0
0
th
a
P
t: 1
s
o
C
Path: 1
Cost: 100
th
: 2
C
o
s
t: 2
0
0
Switch C
Server BPC Client A
CHAPTER 2
Using the Intel
In this example, Client A can communicate with Server B over two different
paths. The primary path is Path 1 because the cost of the connection
between switches A and C is lower than the cost between switches A, B and
C. If the primary path fails, traffic is automatically sent over the backup
path.
®
NetStructure™ 470T and 470F Switches
Tagged Frames
The 802.1D (1998 Edition) and 802.1Q specifications published by the
IEEE extended Ethernet functionality to add tag information to Ethernet
frames and propagate these tagged frames between bridges. The tag can
carry priority information, VLAN information, or both and allows bridges to
intelligently direct traffic across the network.
Some devices don’t recognize the tagged Ethernet frames. These devices see
a frame that is too big, and then discard it. When operating 802.1Q (tagbased) VLANs, you can configure the switch to work with untagged
devices. For more information, see “How to configure 802.1Q VLANs” in
Chapter 5.
Priority Tagging
The IEEE 802.1D (1998 Edition) specification incorporates IEEE 802.1p
and defines information in the frame tag to indicate a priority level. When
these tagged packets are sent out on the network, the higher priority packets
are transferred first. Priority tagging (also known as Traffic Class
Expediting) is usually set on the LAN adapter in a PC or switch and works
with other elements of the network (switches, routers) to deliver packets
based on priority. The priority level can range from 0 (low) to 7 (high).
The 470 switches can read the priority tags and forward traffic on a per port
basis. The switches have two priority queues per port and queue the packet
based on its priority level. For example, when a packet comes into a switch
with a high-priority tag, the switch inserts the packet in its high-priority
queue.
Using the 470 Switch
11
CHAPTER 2
HIGH
LOW
Incoming
packet
transmit
queue
for the
port
7
6
5
4
3
2
1
0
Express 460T
Network
Intel® NetStructure™ 470T and 470F Switches User Guide
Although there are eight priority levels, the 470 switches can only put a
packet into one of the two queues. The switch maps levels 0-3 to the low
queue and levels 4-7 to the high queue. If a packet is untagged, the switch
can be set to use either the high or low queue for that port. The
470 switches preserve the priority level of the packet.
Link Aggregation
Link aggregation allows you to combine from two to four (adjacent) ports so
that they function as a single high-speed link. For example, link aggregation
is useful when making connections between switches or connecting servers
to the switch.
Note
When connecting to another
switch, connect anchor port to
anchor port and member port to
member port.
12
You can use link aggregation, also known as port trunking, to increase the
bandwidth to some devices. Link aggregation can also provide a redundant
link for fault tolerance. If one link in the aggregation fails, the switch
balances the traffic among the remaining links.
To aggregate ports, you must link an “anchor” port with an adjacent port.
The 470 switches support up to four link aggregation groups (anchor ports
1,3, 5, or 7). All aggregated ports must be the same speed.
CHAPTER 2
Using the Intel
®
NetStructure™ 470T and 470F Switches
Guidelines
• The switch treats aggregated links as a single port. This includes
spanning tree and VLAN configur ations.
• For the 470F: Anchor ports 1, 3, and 5 can each have up to four
aggregated ports; anchor port 7 can have two.
• For the 470T: Anchor ports 1 and 3 can each hav e up to four aggregated
ports; anchor ports 5 and 7 can each have two.
• All ports share the same settings as the anchor port. You can change
anchor port settings, but you cannot configure other ports in the link.
• When a port is configured as a member of an aggregated link, it adopts
the configuration of the anchor port. When a port is no longer a member
of an aggregated link, the configuration is reset to the default settings
(auto-negotiate speed/duplex, flow control enabled).
• If a port is part of an aggregated link, it cannot be configured as the
target port for a port mirror. However, a port in an aggregated link can
serve as the source port for a port mirror.
• When connecting to another switch, connect anchor port to anchor port,
and member port to member port.
Using the 470 Switch
Virtual LANs
A Virtual LAN (VLAN) is a logical network grouping you can use to isolate
network traffic so members of the VLAN receive traffic only from other
members. Creating a VLAN is the virtual equivalent to physically moving a
group of devices to a separate switch (creating a Layer 2 broadcast domain).
With VLANs you can reduce broadcast traffic for the entire switch, and
increase security, without changing the wiring of your network.
The 470 switches support three types of VLANs:
• Port-based
• Tag-based (IEEE 802.1Q)
• Protocol-based
13
CHAPTER 2
Intel® NetStructure™ 470T and 470F Switches User Guide
Port-based VLANs
Port-based VLANs are the simplest and most common form of VLAN. In a
port-based VLAN, the system administrator assigns the ports to a specific
VLAN. For example, the system administrator can designate ports 1, 2, and
3 as part of the engineering VLAN and ports 5, 6, 7, and 8 as part of the
marketing VLAN. Port-based VLANs are easy to configure and all changes
are transparent to the users because they take place at the switch. The 470
switches support a maximum of four port-based VLANs. A port can belong
to only one port-based VLAN at a time.
14
If a user changes to another location, the system administrator reassigns the
port to the new VLAN. If a switch (or hub) is connected to a port that is part
of a VLAN, all devices connected to the switch are also part of the VLAN.
You cannot prevent an individual device on that switch from becoming part
of the VLAN.
Tag-based (IEEE 802.1Q) VLANs
The tag-based VLAN supported by the 470 switches is based on the IEEE
802.1Q specification. The specification provides a uniform way to create
VLANs within a network and allows you to create a VLAN that can span
across the network. Until the release of IEEE 802.1Q, it was not possible to
create a VLAN across devices from different vendors.
CHAPTER 2
Using the Intel
®
NetStructure™ 470T and 470F Switches
The 802.1Q VLAN works by using a tag added to the Ethernet frames. The
tag contains a VLAN Identifier (VID) that identifies the frame as belonging
to a specific VLAN. These tags allow switches that support the 802.1Q
specification to segregate traffic between devices and communicate a
device’s VLAN association across switches. The example below shows a
470F switch.
Local
Console: 9600-8-N-1
Management
Flow Ctrl=None
(EIA 232)
12345678
TX RXTX RXTX RXTX RXTX RXTX RXTX RXTX RX
VLAN 2:
Manufacturing
VLAN 1:
Engineering
Intel® NetStructure™ 470F Switch
Status
Link\Activity
Link = Solid Green
12345678
Activity = Blinking Green
Link\Act
Using the 470 Switch
VLAN 1 computers
can't see VLAN 2
computers
Server and Printer
are members of both
VLANs
There are multiple advantages to implementing 802.1Q VLANs. First, it
helps to contain broadcast and multicast traffic across the switch thus
improving performance. Second, ports can belong to more than one VLAN.
Third, VLANs can span multiple switches that support the 802.1Q
specification. Finally, it can provide security and improve performance by
logically isolating users and grouping them.
A logical grouping can be mapped to a workgroup. For example, you can
create a VLAN that groups all the users from the engineering department.
Benefits of this logical grouping are: it improves performance by reducing
traffic that belongs to a different logical group (e.g. marketing), improves
security (engineering can’t see marketing), and eases moves because the
user doesn’t have to be physically located in the same group to participate in
the VLAN.
15
CHAPTER 2
Intel® NetStructure™ 470T and 470F Switches User Guide
Protocol-based VLANs
In a protocol-based VLAN, traffic is bridged through specified ports based
on its protocol. Any packet using a different protocol is dropped as it enters
the switch. This type of VLAN allows you to use a common protocol to
communicate, yet prevents any packets that are not using the specified
protocol, from entering the switch.
For example, you can attach a LAN using NetBEUI traffic to port 1 on the
switch, and attach a LAN using IPX traffic to port 2 on the switch. Then,
attach a router connected to the Internet, to port 8. Create an IP VLAN that
incorportates ports 1, 2, and 8. The NetBEUI traffic on port 1is not passed
to ports 2 or 8. The IPX traffic on port 2 is not passed to ports 1 or 8.
However, computers using the IP protocol can talk freely to ports 1, 2, and
8. This allows the computers to connect to the Internet, yet not be
bombarded with traffic that they do not need to see.
The 470 switches support a maximum of four protocol-based VLANs, and
they can be either IP, IPX, NetBEUI, or all three combined. Each port can
be a member of only one protocol-based VLAN. The example below shows
a 470F switch.
16
Protocol-based VLANs can help optimize network traffic patterns because
protocol-specific broadcast messages are sent only to computers that use
that protocol. For example, if a NetBEUI VLAN is created, only NetBEUI
traffic is allowed to pass through the VLAN.
CHAPTER 2
Using the Intel
®
NetStructure™ 470T and 470F Switches
Spanning Tree Protocol and VLANs
The 470 switches support the Spanning Tree Protocol across the entire
switch, not across each VLAN. If VLANs create a redundant link between
two switches and both of those switches have the Spanning Tree Protocol
enabled, one of the VLANs is disabled.
The following diagram shows an example. Both Switch 1 and Switch 2 have
two port-based VLANs configured. Crossover cables connect the
ENG_VLAN on Switch 1 to ENG_VLAN on and Switch 2. Crossover cables
also connect the MKT_VLAN on Switch 1 to the MKT_VLAN on Switch 2.
When spanning tree is enabled on both switches, the redundant link between
the MKT_VLANs is blocked and those VLANs can no longer communicate.
The example below sho ws 470F switches.
Using the 470 Switch
GARP VLAN Registration Protocol (GVRP)
Because tag-based (IEEE 802.1Q) VLANs can span across the network, it
poses a challenge for network administrators to manage changes to the
VLAN. The GARP VLAN Registration Protocol (GVRP) provides a
dynamic mechanism for switches to share topology information and manage
changes with other switches. This saves the network administrator from
having to manually propagate VLAN configuration information across
switches.
17
CHAPTER 2
Intel® NetStructure™ 470T and 470F Switches User Guide
GARP (Generic Attribute Registration Protocol) is defined by the IEEE
802.1D (1998 Edition) specification and is the mechanism used by switches
and end nodes (servers, PCs, and so on) to propagate configuration across the
network domain. GVRP uses GARP as a foundation to propagate VLAN
configuration to other switches. Devices that support GVRP transmit their
updates to a known multicast address that all GVRP-capable devices monitor
for information updates.
Note
Dynamically created VLANs are
not saved in the switch’s
memory. If the device sending out
the GVRP updates is removed,
the dynamic VLAN is removed.
Sending GVRP messages between switches accomplishes the following tasks:
• Dynamically adds or removes a port from participating in a VLAN
• Sends updates about the switch’s own VLAN configuration to neighboring
GVRP-capable devices.
• Integrates dynamic and static VLAN configurations within the same
switch. For devices that don’t support GVRP, static VLAN configurations
are created by the user on the switch.
When the switch is running 802.1Q VLANs, Spanning Tree Protocol is
enabled for GVRP to work properly .
Internet Group Management Pr otocol (IGMP)
Normally, multicast traffic is broadcast by the switch to all ports. For
multicast traffic based on TCP/IP using the IGMP protocol, the switch can
optimize the broadcasting of multicast traffic by forwarding multicast traffic
only to ports that require it.
IGMP Snooping is a feature that allows the switch to forward multicast traffic
intelligently. The switch “snoops” the IGMP query and report messages and
forwards traffic only to the ports that request the multicast traffic. This
prevents the switch from broadcasting the traffic to all ports and possibly
affecting network performance.
18
IGMP Snooping requires a router that detects multicast groups on its subnets
and keeps track of group membership.
Using Intel® Device
3
View
Overview
Intel® Device View allows you to manage Intel NetStructure™ 470T and
470F switches and other supported Intel networking devices on your
network.
Intel Device View provides these features:
• The ability to configure new network devices
• A graphical device manager for Intel switches, hubs, and routers
• Autodiscovery, which finds supported Intel devices on the network
• The Device Tree, which shows all the supported devices detected
on your network
• Support for Remote Monitoring (RMON)
• Web or Windows* platform
• Plug-in to HP OpenView*, IBM Tivoli* NetView*, and Intel
LANDesk® Network Manager
• Other useful tools such as a TFTP server
19
CHAPTER 3
Intel® NetStructure™ 470T and 470F Switches User Guide
Installing Intel Device View
Before you install Intel Device View, make sure your PC meets the system
requirements in the Intel® Device View User Guide, which is included on
the Intel Device View CD-ROM.
To install Intel Device View
1 Insert the Intel Device View CD-ROM into your computer’s CD-ROM
drive. The Intel Device View installation screen appears. If it doesn’t
appear, run autoplay.exe from the CD-ROM.
20
2 Choose the version of Intel Device View you want to install.
• To install Intel Device View for use on this PC only, click Installfor Windows.
• To install Intel Device View on a Web server, click Install forWeb. You can access the Device View server from any PC on your
network with Internet Explorer* 4.0x or later.
• To install Intel network device support for HP OpenView, IBM
Tivoli NetView, or Intel LANDesk Network Manager, click Installas Plug-in. This option is available if you have OpenView,
NetView, or LANDesk Network Manager installed on the PC.
3 Follow the instructions in on the installation screens.
CHAPTER 3
NOTE
These are the requirements if you
want to use the Web version of
Device View :
Web browser
Internet Explorer 4.0 or later
Intel Device View
Starting Intel Device View
Install either the Windows or Web version of Intel Device View.
Windows* version
On your desktop, click Start and then point to Programs > Intel Device View
> Intel Device View - Windows to go to the Intel Device View main screen.
Web version
•On your desktop, click Start and then point to Programs > Intel Device
View > Intel Device View - Web to go to the Intel Device View main
screen.
•To view Intel Device View from another PC on your network, type the
following URL. In the following example, the URL is entered in the
Address field for Internet Explorer.
http://servername/devview/main.htm
where servername is the IP address or name of the server where Intel
Device View is installed.
Intel Device View’s main screen appears.
Intel
®
Device View
Web Server
IIS* 2.0 or later
Peer Web Services*
Netscape Enterprise* Web
Server 3.01 or later
21
CHAPTER 3
Intel® NetStructure™ 470T and 470F Switches User Guide
Installing a New Switch
After you install a new switch on your network, you can use the Intel
Device View Device Install Wizard to configure it for management.
To install and configure a new switch for
management
1 Start Intel Device View. The Device Install Wizard appears. If it
doesn’t appear, click Install from the Device menu or double-click the
appropriate MAC address in the Device Tree under Unconfigured
Devices. (The MAC address is located on the rear of the switch.)
2 On the Device Install Wizard - Start screen, click Next.
3 On the Device Install Wizard - MAC Address screen, click the MAC
address of the new switch, and then click Next.
22
4 Follow the instructions in the wizard to assign an IP address and a name
to the switch.
Using the Device Tree
After you start Intel Device View, the Device Discovery service begins
searching for supported Intel network devices on your network. As it
discovers devices, the Device Discovery service adds an icon for each
device to the Device Tree on the left side of the screen.
CHAPTER 3
Intel Device View
Different states of the 470 switches are represented by icons in the Device
Tree.
Device Tree icons
Device Tree root
Subnet
Intel Switch (if non-responding the icon is red)
Unconfigured Intel Switch
Group of Intel Switches
Intel Router
Intel Switch (Layer 3 capable)
Intel Stackable Hub
To expand the root or a subnet, click the (+) next to the icon. To collapse the
view, click the (-) next to the icon. Double-click a device icon to view the
device image.
To add a device to the Device Tree
Use this procedure if the device does not automatically appear after
installation.
1 Right-click anywhere on the Device Tree.
2 On the menu that appears, click Add Device.
3 In the Add Device dialog box, type the IP address of the switch you
want to add.
4 Fill in the other fields, as appropriate.
5 Click OK.
The icon for the new switch appears in the Device Tree.
23
Intel
®
Device View
CHAPTER 3
Intel® NetStructure™ 470T and 470F Switches User Guide
To refresh the Device Tree
Refreshing the Device Tree updates it to show any newly discovered
devices and changes in device status.
1 Right-click anywhere on the Device Tree.
2 On the menu that appears, click Refresh.
To delete a device from the Device Tree
1 Right-click the device you want to remove from the Device Tree.
2 On the menu that appears, click Delete.
Deleting a device from the Device Tree does not remove the device from the
network.
To find a device in the Device Tree
1 On the Device Tree, right-click anywhere.
2 On the menu that appears, click Find.
3 In the Find Device dialog box, type the IP address of the device you
want to find in the tree.
4 Click OK.
The device icon is highlighted in the Device Tree.
24
Losing contact with a switch
If Intel Device View loses contact with a switch, the color of the switch icon
changes to red, to indicated that the switch is not responding.
If the non-responding switch icon appears, you cannot manage the device in
Intel Device View. If you’re unable to ping the device or start a Telnet
session, try accessing the switch’s Local Management.
CHAPTER 3
Intel Device View
Managing a Switch
To manage a 470T or 470F switch, double-click the switch icon in the
Device Tree. In the example following, the switch has been assigned an IP
address of 124.123.122.3.
The 470 switch Web Device Manager appears in the Intel Device View
window. For information about using the Web Device Manager, see Ch. 4.
Intel
®
Device View
For information about using Intel Device View, see the Help or the User
Guide on the Intel Device View installation CD-ROM.
Viewing RMON Information
The Remote Monitoring (RMON) specification extends SNMP functionality
to look at traffic patterns on the network instead of looking only at the
traffic for an individual device. The following RMON groups are supported:
25
CHAPTER 3
Intel® NetStructure™ 470T and 470F Switches User Guide
• Group 1 (Statistics): Monitors utilization and error statistics for each
network segment (100Mbps or 1000Mbps).
• Group 2 (History): Records periodic statistical samples from variables
available in the statistics group.
• Group 3 (Alarms): Allows you to set a sampling interval and alarm
thresholds for statistics. When a threshold is passed, the switch creates an
event. For example, you might set an alarm if utilization exceeds 30%.
• Group 9 (Events): Provides notification and tells the switch what to do
when an event occurs on the network. Events can send a trap to a
receiving station or place an entry in the log table, or both. For example,
when the switch experiences an RMON Event, it sends out an alarm.
The switch also keeps a log that shows a list of the RMON Events and
RMON Alarms that ha ve occurred on the switch.
To view RMON statistics
1 In the Device Tree, right-click the switch’s icon, and then point to RMON.
2 Click the RMON option you want to view.
26
You can also access RMON features using LANDesk Network Manager, or an
SNMP application that supports RMON such as HP OpenView or IBM Tivoli
NetView. F or more information about using RMON to monitor the switch, see
the Intel Device View Help.
Using the Web
4
NOTE
You can use Internet Explorer*
or Navigator* to access the Web
Device Manager.
Device Manager
Overview
With the Web Device Manager, which is built into the Intel® NetStructure™
470T and 470F Switches, you can use a Web browser to manage and
monitor the switch. For example, you can use the Web Device Manager to
configure the switch or individual ports, or to monitor traffic statistics and
utilization.
For more information about using this interface, see the Web Device
Manager Help.
27
CHAPTER 4
Intel® NetStructure™ 470T and 470F Switches User Guide
Accessing the Web Device Manager
1 In the Location or Address field of your Web browser type the IP
address of the switch. For example, to use the default IP address of the
switch, type 192.0.2.1 and then press Enter.
NOTE
The default IP address for the
switch is 192.0.2.1. To access
the switch with the default IP
address, your workstation must
be on the 192.0.2.0 subnet.
Or, you can connect to the
switch using Local Management
(through the serial port) and set
an IP address that is on your
network. Then you can access
the Web Device Manager using
the new IP address.
2 When prompted, type your user name and password. By default, no
user name or password is assigned. If you previously set a user name
and password using Local Management, enter them here.
3 Click OK. The Web Device Manager window appears in your Web
browser.
28
Navigating the Web Device Manager
1 On the left side of the Web Device Manager window, click a menu item
(such as Configure Device) to show the available options.
CHAPTER 4
Click a menu to view
available options.
Using the Web Device Manager
2 In the menu, click an option. The corresponding screen appears on the
right side of your Web Device Manager window.
470F
470T
3 To hide the options, click the menu item again.
Using Management Screens
After you select an option from the navigation menu, the corresponding
screen appears on the right side of the Web Device Manager window.
Switch faceplate graphic
A graphical representation of the switch’s faceplate appears at the top of the
screen.
Web Device Manager
29
CHAPTER 4
Intel® NetStructure™ 470T and 470F Switches User Guide
If the option you selected allows you to configure or monitor a specific port,
you can change to another port by clicking it on the faceplate graphic.
Port color on the faceplate graphic indicates the status of the port.
Port ColorMeaning
BluePort has a link at 1000Mbps.
GreenPort has a link at 100Mbps.
Magenta outlinePorts are in a link aggregation.
OrangePort is disabled.
GrayNo link.
Buttons
Each configuration screen includes four buttons on the bottom of the screen.
ButtonFunction
SubmitApplies the configuration settings on the current screen.
Note: If you do not save the settings to the switch’s flash
memory your changes are lost when the switch is rebooted.
ResetClears any changes you made on the current screen and
restores the currently applied settings.
DefaultApplies factory defaults for this screen’s settings. When
you log out, you can permanently save the new settings to
the switch. Otherwise, they are lost upon the next reboot.
HelpDisplays Help for the current screen.
30
CHAPTER 4
NOTE
If you change the flow control or
IP settings, you must reboot the
switch before the new settings
can take effect.
Using the Web Device Manager
Configuring the Switch’s IP Settings
Note: You must select Manual in the IP Assignment Method box before you
can change the IP settings.
1 Click the Configure Device menu, and then click IP Settings. The IP
Settings screen appears on the right side of the Web Device Manager
window.
2 To manually configure the IP settings, select Manual in the IP
Assignment Method box.
3 Under “Change,” type the new IP address, subnet mask, and default
gateway. If you set up tag-based (IEEE 802.1Q) VLANs on the switch,
you can specify the VLAN where the switch’s SNMP management
agent resides.
4 To apply the changes, click Submit.
5 Click Save and Reboot for the new settings to take effect. Rebooting the
switch temporarily interrupts network connectivity to the switch. Click
Reboot Later if you want to reboot the switch later. The new IP settings
do not take effect until the switch reboots.
31
Web Device Manager
CHAPTER 4
Intel® NetStructure™ 470T and 470F Switches User Guide
Configuring a Port
You can use the Web Device Manager to enable or disable a port, and to
change its speed, duplex, flow control, and priority settings.
To change port settings
1 Click the Configure Device menu, and then click Port Settings. To
access the Port Settings for a port, click the port you want to configure
on the faceplate graphic.
NOTE
If you change the flow control or
IP settings, you must reboot the
switch before the new settings
can take effect.
32
2 In the boxes, click the options you want to change:
•Port State lets you enable or disable the port.
•Speed/Duplex lets you set port speed and duplex.
•Flow Control lets you enable or disable flow control.
•Priority Queue (802.1p) lets you set the switch priority queue for
packets sent or received on this port.
3 Click Submit.
CHAPTER 4
NOTE
The accounts and passwords you
create with the Web Device
Manager are the same accounts
used to access Local
Management.
Using the Web Device Manager
Managing User Accounts
Create user accounts to give specific users read or write access to the switch
through the Web Device Manager and Local Management. You can create a
maximum of three accounts on the switch.
To create a user account
1 Click the Configure Management menu and then click User Accounts.
The first account you create must be an administrator.
2 Click Add.
3 In the User Name box, type a user name.
The username can be up to 15 characters long and is case sensitive.
4 In the Password box, type a password.
The password can be up to 15 characters long and is case sensitive.
Asterisks (*) appear in the box as you type the password.
5 In the Confirm Password box, type the same password.
Web Device Manager
33
CHAPTER 4
Intel® NetStructure™ 470T and 470F Switches User Guide
6 In the Access Level box, click an access level. An administrator can
view all settings and make configuration changes. A user can only view
settings.
7 Click Submit.
To delete a user account
1 Click the Configure Management menu, and then click User Accounts.
2 In the User Accounts box, click the account you want to delete.
3 Click Delete.
34
If you delete the account you used to log in for this session, you can
continue to use that account until you log out. If you delete the only user
account on the switch, log in again using the default of no user name and no
password.
CHAPTER 4
Using the Web Device Manager
Configuring VLANs
VLANs provide a way to create a logical network grouping without regard
to physical location of the network nodes.
For more information about VLANs, see “Virtual LANs” in Chapter 2.
There are two main steps to set up a VLAN with the Web Device Manager:
• Set the switch’s VLAN operation mode.
• Configure the type of VLAN you selected.
NOTE
You can only have one operation
mode active on the switch at a
time.
To set the switch’s VLAN operation mode
1 Click the Configure VLAN menu, and then click VLAN Operation
Mode.
2 In the Current VLAN mode box, click the type of VLAN to set up.
3 Click Submit.
4 The switch automatically reboots. The 470 switches are rebooted
whenever you change their VLAN operation mode.
After the switch reboots, you can configure the type of VLAN that you
selected.
Web Device Manager
35
CHAPTER 4
Intel® NetStructure™ 470T and 470F Switches User Guide
Port-based VLAN
You configure a port-based VLAN by creating the VLAN and then adding
participating ports. The switch can support up to four port-based VLANs.
However a port can be a member of only one VLAN; port-based VLANs
cannot overlap.
To configure a port-based VLAN
1 Click the Configure VLAN menu, and then click Port-based VLAN.
2 Click Add to create a new VLAN, or select a VLAN and click Edit to
change its configuration.
36
3 If you are creating a new VLAN, type a name in the VLAN Name box.
4 In the Available Ports box, click a port to add to the VLAN, and then
click Add.
5 When you finish adding ports, click Submit.
CHAPTER 4
NOTE
When creating a VLAN that
includes ports on more than one
switch, set the same VID on each
switch.
Using the Web Device Manager
Tag-based VLAN
You configure a tag-based VLAN by configuring port membership and
ingress/egress rules. Note: If some of your devices don’t support 802.1Q
tags, additional configuration may be necessary.
To configure a tag-based (IEEE 802.1Q) VLAN
1 Create a VLAN and assign member ports.
• Click the Configure VLAN menu, and then click Tag-based (IEEE
802.1Q) VLAN.
• From the main Tag-based VLAN page, click Add to create a new
VLAN. To modify an existing VLAN, click the VLAN name, and
click Modify.
• If you are creating a new VLAN, type a name and VID (from 2 to
4094) to identify it.
• To configure membership of a port to a VLAN, click the port in the
Available ports box and click Add. To remove a port, click the port in
the Member ports box and click Remove.
• The switch supports a maximum of 12 IGMP Snooping sessions to
manage broadcast traffic. If you want the VLAN to be part of an
IGMP Snooping session, select the Enable IGMP Snooping check
box.
• When you finish adding ports, click Next.
Web Device Manager
37
CHAPTER 4
Intel® NetStructure™ 470T and 470F Switches User Guide
2 Configure ports for egress (outbound) tagging.
• Ensure that the VLAN Name field displays the name of the port you
are configuring.
• For each of the VLANs ports select Tag or Untag. This determines
whether or not the system will remove (untag) tags before sending
traffic out of each port.
3 Configure ports for handling untagged traffic.
• On the main Tag-based VLAN page, click Port Settings.
• On the Port Settings screen you can set port-specific behaviors for
processing VLAN traffic. To configure a specific port, click it on the
faceplate graphic. To configure the same setting across all ports, click
Configure All Ports.
38
CHAPTER 4
Using the Web Device Manager
Options include:
• Default Port VID: Sets the PVID to be assigned to untagged traffic
on a given port. For example, if port 7’s default PVID is 100, all
untagged packets on port 7 belong to VLAN 100. The default setting
for all ports is VID 1.
• GVRP: Allows automatic VLAN configuration between the switch
and nodes.
• Ingress Filtering: Allows frames belonging to a specific VLAN to
be forwarded if the port belongs to the same VLAN. Disabling this
setting will cause all frames to be forwarded, regardless of the port's
VLAN membership.
4 When you finish changing the settings, click Submit.
Web Device Manager
39
CHAPTER 4
Intel® NetStructure™ 470T and 470F Switches User Guide
Protocol-based VLAN
You configure a protocol-based VLAN by creating the VLAN and then
adding participating ports. The switch supports up to three protocol-based
VLANs: IP, IPX, and NetBEUI. However, each port can be a member of
only one VLAN; protocol-based VLANs cannot overlap.
To configure a protocol-based VLAN
1 Click the Configure VLAN menu, and then click Protocol-based
VLAN.
40
2 Click Add to create a new VLAN, or select an existing VLAN and click
Edit to change its configuration.
3 If you are creating a new VLAN, type a name in the VLAN Name box
and select a protocol from the Protocol list.
4 In the Available Ports box, click a port to add to the VLAN, and then
click Add.
5 When you finish adding ports, click Done.
CHAPTER 4
NOTE
When configuring link
aggregation between two 470
switches, you must connect
anchor port to anchor port, and
member port to member port.
Using the Web Device Manager
Link Aggregation
On the Web Device Manager’s switch faceplate graphic, a link aggregation
is shown with its ports outlined in magenta (pink).
To create a link aggregation
1 Click the Configure Device menu, and then click Link Aggregation.
NOTE
Connectivity is momentarily
interrupted when you submit
changes.
2 Choose the anchor port. Anchor ports are listed by port number in the
left column.
3 In the Port Width box, click the number of ports (including the anchor
port) to include in the link aggregation.
4 In the Aggregation Group Name box, type a name for the aggregation.
5 Click Enable to activate the group.
6 Click Submit.
Static MAC Addresses
The switch has a MAC address table that stores all the MAC addresses that
it learns from the network. The switch refers to this table forwarding traffic
to specific ports, so it does not broadcast traffic to every port.
There are two ways to add addresses to the MAC address table:
•The switch can learn addresses from the network and add them
dynamically. Dynamic entries remain in the table only while the
associated node is active, and are deleted if the node is inactive for
longer than a certain period of time (age-out time).
Web Device Manager
41
CHAPTER 4
Intel® NetStructure™ 470T and 470F Switches User Guide
•You can manually add MAC addresses to the table. These are called
static addresses, because they remain in the table until you remove
them, even if the associated node is inactive or removed from the
network. Performance and security issues are two reasons for adding
static addresses.
To add a static MAC address to the address table
1 Click the Configure Device menu, and then click Forwarding and
Filtering.
2 Click Static MAC Addresses.
3 Click Add.
NOTE
To view the switch’s address
table, click the Monitor menu,
click Advanced, and then click
MAC Address Table.
42
4 In the MAC Address box, type the MAC address of a device on the
network. Do not include hyphens.
5 In the Port Number box, click a port number.
6 If port-based or tag-based (IEEE 802.1Q) VLANs are set up on the
switch, static MAC addresses are associated with specific VLANs.
Type the VLAN name (port-based VLANs) or VID (tag-based VLANs)
to associate with the MAC address.
7 Click Add.
CHAPTER 4
Using the Web Device Manager
Setting Up Priority Tagging
With priority tagging, you can specify a priority value for traffic based on
MAC source or destination addresses. For example, you could tag all
packets from computer A with a priority of 7 (high).
When you define priority tagging, you can specify a priority value from 0
(low) to 7 (high). Traffic with a priority value of 0–3 is routed through the
switch’s low priority queue. Traffic with a priority value of 4–7 is routed
through the switch’s high priority queue.
You can define up to 12 MAC addresses for priority tagging.
To set up priority tagging
1 Click the Configure Device menu, and then click Priority Tagging.
2 Click Add.
3 Select source or destination as the criteria for the tagged traffic.
4 Type the source or destination MAC address.
5 Select a priority value.
Traffic tagged with priority values 0–3 is routed through the switch’s
low priority queue. Traffic tagged with priority values 4–7 is routed
through the switch’s high priority queue.
6 In the State box, click Enabled to enable priority tagging for the traffic
pattern.
7 Click Done when you are finished.
Web Device Manager
43
CHAPTER 4
Intel® NetStructure™ 470T and 470F Switches User Guide
Configuring Community Strings and
NOTE
These are the traps supported by
the switch:
• Power to the switch was
cycled or reset.
• Link, speed, or other status
changes on a port.
• Authentication failure.
Trap Receivers
A trap receiver is a computer on the network that is running an SNMP
management application and receives messages sent by the switch. For
example, the switch can send a trap to the trap receiver when it detects a
change in port speed.
To specify a trap receiver
1 Click the Configure Management menu, and then click Community
Strings and Traps.
44
2 In the IP Address box, type the IP address of the computer you want to
use as a trap receiver. You can specify up to four trap receivers.
3 In the Status box, click Enabled.
4 In the Community String box, type the trap receiver’s SNMP
application community string.
5 Click Submit.
CHAPTER 4
Using the Web Device Manager
Monitoring Switch Activity
With the Web Device Manager you can view traffic, utilization, and error
statistics for the switch and for individual ports. For more information on
statistics, see “Port Traffic Statistics,” “Port Error Statistics,” and “Packet
Analysis” in Chapter 5.
To view port statistics
1 Click the Monitor menu, and then click Port Statistics.
2 From the row of options below the page heading, click the option you
want to view:
•Traffic
•Utilization Graph
•Errors
•Packet Analysis
Web Device Manager
45
CHAPTER 4
Intel® NetStructure™ 470T and 470F Switches User Guide
Viewing/Changing Switch Information
You can view general information about the switch, such as its MAC
address, firmware version, name, location, and contact person. Some of
these fields can be updated, others are view-only.
To view and configure switch settings
1 Click the Configure Device menu, and then click Switch Settings.
46
2 In the Switch Name , Location, and Contact boxes you can provide
additional information about the switch. You can type up to 40
characters in each field. After modifying the settings, click Submit.
CHAPTER 4
Using the Web Device Manager
Updating Switch Firmware
On the Update Firmware screen you can set up the switch to update its
firmware from a TFTP server. If you do not have a TFTP server set up on
your network, you can install the TFTP server software by installing Intel
Device View.
After downoading the firmware from the TFTP server, the switch
automatically restarts. The actual firmware update occurs while the switch is
rebooting.
To update the switch’s firmware
1 Click the Reset and Update menu, and then click Update Firmware.
2 Select a mode from the Update Mode box.
• If the switch uses a network connection for downloading the new
firmware file from a TFTP server, click Network.
• If the switch uses a SLIP connection (for example, a serial port) for
downloading the new firmware file, click SLIP.
3 In the TFTP Server Address box, type the IP address of the server that
hosts the file.
4 In the Firmware Update box, click Enabled.
Web Device Manager
47
CHAPTER 4
Intel® NetStructure™ 470T and 470F Switches User Guide
5 In the File Name box, type the name of the firmware file.
6 Click Submit.
The switch automatically reboots.
The next time the switch reboots it downloads and installs the new firmware
during the boot process. If you want to view this process, you must use a
terminal program and connect to the switch through the serial port.
Saving Configuration Changes and
Logging Out
Each time you make configuration changes using the Web Device Manager,
the switch immediately uses the new settings. However, when you log out
of the Web Device Manager, you’ll be prompted to save the current
configuration settings.
If you do not save the new configuration settings to the switch’s flash
memory, the settings are lost upon the next switch reboot.
48
To save changes and log out
1 Click Log Out from the menu.
2 Click Save Now to save the current configuration settings. The Web
browser window closes and you are successfully logged off of the Web
Device Manager.
If you click Do Not Save, all current configuration settings are lost the
next time the switch is rebooted.
CHAPTER 5
Using Local Management
Local Management
Using Local
5
Management
Overview
Another way to configure the switch is through the Local Management
interface. Local Management provides the same functionality as the Web
Device Manager using a text-based interface.
Accessing Management
You can access Local Management in two different ways: by connecting
directly to the switch’s serial port, or through a Telnet session (using an
assigned IP address or the default of 192.0.2.1).
To use the serial port
1 Use the enclosed null modem cable to connect the serial port of your PC
to the serial port of the switch.
2 Start a terminal emulation program (such as HyperTerminal* or
Symantec Procomm Plus* in Windows* 98). Use these communication
parameters:
• 9600 baud• 1 stop bit
• 8 data bits• No flow control
• No parity
NOTE
You use the same user name and
password to log in to Web Device
Manager and Local Management.
3 Press E to connect to the Local Management.
4 Log on to Local Management. By default, no password or username is
assigned. To assign them, see the section titled “Administer User
Accounts” in this chapter.
49
49
CHAPTER 5
Intel® NetStructure™ 470T and 470F Switches User Guide
To useTelnet
1 Open a Telnet application. In Windows 98 or Windows NT*, select
Run from the Start Menu, and then type telnet and press E.
2 On the Terminal menu, select Preferences. Make sure the emulation
type is VT-100/ANSI and that VT100 arrows are enabled.
3 On the Connect menu, select Remote System. Enter the IP address of
the switch and click Connect.
4 Log on to Local Management. By default, no password or user name is
assigned. To assign them, see the section titled “Administer User
Accounts” in this chapter.
Logon Screen
50
Description
By default, no username or password is assigned to the switch. Press
E twice to log on to the Local Manager. Usernames and passwords
can consist of any characters and can be up to 15 characters long.
Remember that usernames and passwords are also case sensitive.
CHAPTER 5
Help text at the bottom of
the screen provides information on the selected
item.
Using Local Management
Local Management
Navigation
The console menus provide a basic interface for configuring switch options.
For navigation tips, see the text below the graphic.
Screen Legend
Use the W Z AS keys or the T and b keys to move between
screen fields. If you are running HyperTerminal in Windows 2000, use the
Tab key rather than the arrow keys to move between fields.
<Manual>Angle brackets indicate a toggle field. Use the
z to toggle selections within the field. In this
example, the options change between Manual, DHCP,
and BOOTP.
[255.255.255.0] Brackets indicate an input field. Use the arrow keys to
select the field and type the required information. By
default, Local Management is in overstrike mode,
which means it replaces existing characters as you
type.
SUBMITAny word in all caps is a button. Use the T key
or the W Z AS keys to select it and press E
to use it.
51
CHAPTER 5
Intel® NetStructure™ 470T and 470F Switches User Guide
Main Menu (Top Screen)
Description
LOCATION
To return to the Main Menu at any
time, press c T.
The Main Menu is the starting point for all other Local Management
screens. Use the W Z arrow keys to select an option, and then press
E to display the screen.
Configure device: Accesses menus to assign an IP address to the switch,
change port settings, or configure advanced switch settings.
Configure management: Sets SNMP traps and trap monitoring stations,
administers user accounts, or updates the switch’s firmware.
Configure VLAN: Sets up and administers VLANs on the switch.
Monitoring: Accesses menus to monitor traffic and activity at the port or
switch level. These menus also provide information on network errors and
collisions.
Tools: Displays the switch Trap/Event log, pings devices to check
connectivity, or saves the current switch configuration to an image file on a
server.
SAVE SETTINGS: Saves configuration changes to the switch’s flash
memory. Any changes not saved to memory are lost on the next reboot.
LOGOUT: Returns to the logon screen.
52
CHAPTER 5
Using Local Management
Local Management
Configure Device
Description
LOCATION
Main Menu
Configure Device
IP settings: Configures the switch’s IP address, subnet mask, and default
gateway, or enables BOOTP.
Port settings: Enables and disables ports, configures port speed, duplex,
flow control, and priority.
GBIC port settings (470T only): Enables and disables ports, configures
port speed, duplex, flow control, and priority.
Priority tagging: Sets priority values for traffic based on source or
destination MAC addresses.
Switch settings: Sets switch identification, location, and contact
information, and configures some advanced switch settings.
Spanning Tree Protocol: Configures spanning tree for the entire switch or
individual ports.
Forwarding and filtering: Adds or removes entries, locks the switch’s
address table, enables IGMP snooping, and sets filters for specific MAC
addresses.
Port mirroring: Sends a copy of data from one port to another for
monitoring and troubleshooting purposes.
Link aggregation: Combines ports on the switch to increase bandwidth.
Broadcast storm control: Configures ports to drop excessive broadcast
traffic before it floods the network.
53
CHAPTER 5
Intel® NetStructure™ 470T and 470F Switches User Guide
IP Settings
Description
LOCATION
Main Menu
Configure Device
IP Settings
NOTE
The default IP address for the
switch is 192.0.2.1
Switch MAC address: Displays the unique hardware address assigned by
Intel.
Current Settings: Displays the switch’s current IP configuration.
New settings: Assigns a new IP configuration to the switch.
Assign IP: Indicates if the switch uses a BOOTP or DHCP server to
obtain an IP address dynamically, or if you assign an address manually.
IP address: Displays the IP configuration used by the switch. Use the
IP address shown here to access the switch through Telnet or a ping test.
Subnet mask: Matches the mask for other devices on the network.
Default gateway: Displays the IP address of the device that routes to
different networks—typically, a router or routing server. Set this option
to manage the switch remotely.
VLAN or VLAN ID (port-based or tag-based VLANs only): Specifies
a VLAN where the switch’s SNMP management agent will reside. This
option appears only when port-based and tag-based (IEEE 802.1Q)
VLANs are active on the switch.
SUBMIT: Submits the changes and returns to the Configure Device screen.
You must save the changes to the switch’s flash memory (from the Save
Settings menu) and then reboot the switch for the new IP settings to take
effect.
54
CHAPTER 5
Using Local Management
Local Management
Port Settings
Description
LOCATION
Main Menu
Configure Device
Port Settings
Configure ports: Selects a range of ports to configure (press z).
State: Disables or enables ports (press z).
Speed/Duplex: Changes the speed and duplex of the port (press z).
You can set the port to auto-negotiate speed, or to 100Mbps or 1000Mbps
at half-duplex or full-duplex. This field is view-only for the 470F.
Flow Ctrl (Control): Enables or disables flow control (press z).
This option is view-only if auto-negotiate is selected for Speed/Duplex.
Priority: Changes the settings (press z). The <Frame> setting reads
the packet’s 802.1p priority tag and handles it accordingly. The <Normal>
or <High > settings force the packet into one of two priority queues.
Forcing a packet into a queue does not retag the packet.
Link: Indicates the port’s current link status:
--: Indicates no device link or port is disabled.
100M/1000M: Indicates the port’s speed (470T only).
Full/Half: Indicates a device is connected at full-duplex or half-duplex.
IEEE/BackP: Indicates the type of flow control, either IEEE PAUSE
frames or backpressure.
Partitioned: Indicates the port was disabled due to a partition error.
Source mirror/Target mirror: Indicates the port being mirrored and
where the data is being sent.
55
CHAPTER 5
Intel® NetStructure™ 470T and 470F Switches User Guide
Flow Control
During times of heavy network activity, the switch’s port buffers can
receive too much traffic and fill up faster than the switch can send the
information. In cases like this, the switch tells the transmitting device to
wait so the information in the buffer can be sent. This intervention is called
flow control.
The method of flow control depends on whether the ports are set to fullduplex or half-duplex. If a port is operating at half-duplex, the switch sends
a collision which causes the transmitting device to wait. If the port operates
at full-duplex, the switch sends out an 802.3x PAUSE frame. You can
enable or disable flow control for each port on the NetStructure™ 470
switches.
Priority
IEEE 802.1p is part of a new standard for tagging, or adding additional
information (4 bytes) to packets to indicate a priority level. When these
packets are sent out on the network, the higher priority packets are
transferred first. Priority packet tagging (also known as Traffic Class
Expediting) is usually set at the adapter and works with other elements of
the network (switches, routers) to deliver priority packets first. 802.1p
tagging consists of eight levels from 0 (low) to 7 (high).
56
The NetStructure™ 470 switches have the ability to read IEEE 802.1p
priority tags and forward traffic on a per port basis. Each switch has two
priority queues and routes traffic to a queue depending on the packet’s tag.
For example, when a packet comes into the switch with a high priority tag,
the switch routes the packet to its high-priority queue.
Even though there are eight priority levels, the switch can only route a
packet into one of the two queues. The switch maps levels 0-3 to the low
queue and levels 4-7 to the high queue. If a packet is untagged, the switch
determines the best way to send the packet.
CHAPTER 5
Using Local Management
Local Management
Configure GBIC Ports (470T only)
Description
LOCATION
Main Menu
Configure Device
Configure GBIC Ports
Port 7- and 8-GBIC: Displays the type of GBIC installed on the switch.
State: Disables or enables ports (press z).
Speed/Duplex: The GBIC ports operate at 1000Mbps/full-duplex only;
this is a view-only field.
Flow Control: Enables or disables flow control (press z).
Priority: Changes the settings (press z). <Frame> reads the
packet’s 802.1 priority tag and handles it accordingly. <Normal> or
<High> forces the packet into one of two priority queues. Forcing a packet
into a queue does not retag the packet.
Link: Indicates the port’s current link status:
--: Indicates no device link or port is disabled.
1000M: Indicates the port’s speed.
Full: Indicates a device is connected at full-duplex.
IEEE/BackP: Indicates the type of flow control, either IEEE PAUSE
frames or backpressure.
Partitioned: Indicates port was disabled due to a partition error.
Source mirror/Target mirror: Indicates the port being mirrored and
where the data is being sent to.
57
CHAPTER 5
Intel® NetStructure™ 470T and 470F Switches User Guide
Priority Tagging
Description
LOCATION
Main Menu
Configure Device
Priority Tagging
With priority tagging, you can specify a priority value for traffic based on
MAC source or destination addresses. For example, you could tag all
packets from computer A with a priority of 7 (high).
When you define priority tagging, you can specify a priority value from 0
(low) to 7 (high). Traffic with a priority value of 0 - 3 is routed through the
switch’s low priority queue. Traffic with a priority value of 4 - 7 is routed
through the switch’s high priority queue.
Tag traffic: Select source or destination as the criteria for tagged traffic.
Enter MAC: Type the source or destination MAC address of traffic to tag
with a priority value.
VLAN ID: If the device whose MAC address you are adding to the list is a
member of a VLAN, type the VLAN ID here.
Priority level: Toggle to the desired priority level. Traffic with a priority
of 0–3 is routed through the low priority queue; 4–7 is routed through the
high priority queue.
ADD or DELETE: Adds or deletes the specified MAC address.
58
CHAPTER 5
Using Local Management
Local Management
Switch Settings
Description
LOCATION
Main Menu
Configure Device
Switch Settings
NOTE
Write down both the firmware
version and Boot PROM version
in case you need to contact Intel
Customer Support.
Name: Assigns a name to the switch, up to 40 characters long.
Location: Assigns a location to the switch, up to 40 characters long.
Contact: Assigns a contact person or phone number to the switch, up to 40
characters long.
Device type: Displays the manufacturer-assigned type of switch.
Description: Displays description of switch.
Port 7- and 8-GBIC: Displays the type of GBIC detected, if applicable.
MAC address: Displays the unique hardware address assigned by Intel.
Boot PROM version: Displays the version of the switch’s boot code.
®
Firmware version: Displays the version of the firmware installed on the
switch. You can update this software through the Update Firmware and
Configuration Files screen.
Serial number: Displays the hardware serial number for the switch.
Hardware revision: Displays the version of the switch’s PCB.
CONFIGURE ADVANCED SETTINGS: Sets advanced switch settings
such as port auto-partition and Head of Line blocking.
59
CHAPTER 5
Intel® NetStructure™ 470T and 470F Switches User Guide
Configure Advanced Switch Settings
Description
LOCATION
Main Menu
Configure Device
Switch Settings
Configure Advanced...
Head of Line (HOL) blocking prevention: If this option is enabled it
prevents the forwarding of data to a port that is blocked. Normally, when
the switch sends traffic out from a port, the data goes to the port’s transmit
queue and then is sent out. If the port’s transmit queue is already busy
trying to send out data the switch places the waiting traffic in the buffer
memory until the port is ready to send it out.
However, if the port’s transmit queue remains full, the switch fills up more
of the buffer with traffic waiting to be sent on that port. HOL blocking
works on the assumption that it is better to drop the traffic waiting in the
buffer than to continue using more memory and impacting performance
across all the ports.
High-priority packet service ratio: This option lets you determine how
many high-priority packets are sent out by the switch before sending a lowpriority packet. For example, a ratio of 8 high:1 low means that the switch
will send out eight high-priority packets before sending out one lowpriority packet.
60
CHAPTER 5
Using Local Management
Local Management
Configure Spanning Tree Protocol
Description
LOCATION
Main Menu
Configure Device
Spanning Tree Protocol
The IEEE 802.1D Spanning Tree Protocol specification prevents loops in a
network by allowing only one active path between any two network devices
at a time.
Spanning Tree status: Enables or disables (press z) support for the
Spanning Tree Protocol, where the entire switch is a bridge for which you
can set spanning tree parameters. (Note: If you are running 802.1Q
VLANs, spanning tree is turned on automatically by the switch.)
Topology changes: Displays the number of times the spanning tree has
changed its configuration.
Time since change: Displays the elapsed time (since the last switch
reboot) since the spanning tree last changed its topology (the paths used to
get through the network).
Root MAC address, Root path cost, Root port: Display information used
by the root bridge in the same spanning tree as the switch.
Switch priority: Determines priority. Type a number from 0 to 65535
(default is 32768). The device with the lowest number becomes the root
device (starting point for the spanning tree).
61
CHAPTER 5
Intel® NetStructure™ 470T and 470F Switches User Guide
Hello time: Displays the time between transmissions of configuration
BPDUs (Bridge Protocol Data Units) when the switch is, or is attempting
to become, the root in the spanning tree. Type a number from 1 to 10
seconds (default is 2 seconds).
Max age: Displays the maximum time that information from a
configuration BPDU is used by the switch before it is discarded. Type a
number from 6 to 40 seconds (default is 20 seconds).
Forward delay: Displays the amount of time between port states when the
spanning tree is changing its status from blocking to forwarding. Type a
number from 4 to 30 seconds (default is 15 seconds).
CONFIGURE SPANNING TREE FOR PORTS: Takes you to the
screen where you can set spanning tree values for individual ports.
62
CHAPTER 5
Using Local Management
Local Management
Configure Spanning Tree for Ports
Description
LOCATION
Main Menu
Configure Device
Spanning Tree Protocol
Configure STP for Ports
Port: Identifies port numbers; select the port you want to configure for
spanning tree.
STP State: Enables or disables each port to be active in the spanning tree
(press z).
Cost: Forwards information to spanning tree, which determines alternate
routes in the network to forward traffic. Type a number from 1 to 65535
(default is 10). The higher the cost of a port, the lower the chance of this
port being used to forward traffic. When possible, assign a port a low cost
if it is connected to a fast network segment.
Priority: Sets the port’s priority in the spanning tree. Type a number from
0 to 65535. The higher the value, the lower the chance of this port being
used as the root port. If two ports on the switch have the same priority
value, the spanning tree uses the port with the lowest number. For example,
the spanning tree would choose port 1 over port 4 if they both had the same
priority setting. The default for this field is 128.
63
CHAPTER 5
Intel® NetStructure™ 470T and 470F Switches User Guide
Forwarding and Filtering
Description
LOCATION
Main Menu
Configure Device
Forwarding and Filtering
Lock address table: Determines if the table learns new MAC addresses
(press z). <Yes> prevents the switch from learning new MAC
addresses. Any existing addresses that the switch has learned remain in the
address table.
MAC address aging: Sets the time period (in seconds) at which the switch
scans its MAC address table to determine the age of entries.
Configure IGMP snooping: Sets Internet Group Management Protocols
(IGMP) options for multimedia applications, such as desktop video
conferencing, that use IP multicast addresses.
Configure permanent MAC addresses: Allows permanent mapping
between a network device and a port.
Configure port security: Configures the switch to only allow the
transmission of authorized traffic over a particular port(s).
Configure MAC address filtering: Allows the switch to drop traffic
based on MAC source or destination addresses.
Configure Ethernet multicast filtering: Blocks or forwards traffic over
each port for Ethernet (MAC-based) multicast groups.
64
CHAPTER 5
Using Local Management
Local Management
Configure IGMP Snooping
Description
LOCATION
Main Menu
Configure Device
Forwarding and Filtering
IGMP Snooping
IGMP snooping (Internet Group Management Protocol) allows the switch
to forward multicast traffic intelligently. The switch “snoops” the IGMP
query and report messages and forwards traffic only to the ports that
request the multicast traffic. This prevents the switch from broadcasting the
traffic to all ports and possibly affecting network performance.
IGMP requires a router that learns about the presence of multicast groups
on its subnets and keeps track of group membership. Note: Multicasting is
not connection oriented, so data is delivered to the requesting hosts on a
best-effort level of service.
VLAN Name (port-based or tag-based VLANs only): Displays the
VLAN for which IGMP snooping is enabled. You can also enable IGMP
snooping for a VLAN on the Create an 802.1Q VLAN screen.
IGMP Snooping state: Enables or disables IGMP Snooping (press
z).
IGMP Snooping age-out timer: Indicates the amount of time (in seconds)
the switch waits to receive IGMP queries. The default time is 300 seconds.
A query allows the server to determine which network hosts are (or want to
be) part of the IP multicast group, and are configured and ready to receive
traffic for the given application.
65
CHAPTER 5
Intel® NetStructure™ 470T and 470F Switches User Guide
Configure Static MAC Addresses
Description
LOCATION
Main Menu
Configure Device
Forwarding and Filtering
Configure Static...
NOTE
If tag-based or port-based VLANs
are currently active, you must
assign each static MAC address to
a specific VLAN.
Static MAC addresses are MAC addresses that remain in the switch’s
address table, whether or not the device is physically connected to the
switch. After you define a static MAC address, it remains in the switch’s
address table until you remove it.
Enter MAC: Indicates the MAC address you want to permanently add to
the address table.
VLAN or VLAN ID: Indicates VLAN or VLAN ID. When VLANs are
active on the switch you can define static MAC addresses for each VLAN.
If port-based VLANs are active press z to select a VLAN. If tagbased VLANs are active, type the VLAN ID that the static MAC address
will be assigned.
Select port: Selects a port on the switch to which the switch forwards
traffic (press z).
ADD/DELETE: Adds or removes a MAC address from the switch’s table.
66
CHAPTER 5
Using Local Management
Local Management
Configure Port Security
Description
LOCATION
Main Menu
Configure Device
Forwarding and Filtering
Configure Port Security
NOTE
You must first configure port
security before configuring a
static MAC address.
If you locked the address table on
the Forwarding and Filtering
screen, you must return to the
screen and unlock the table
before making changes on the
Port Security screen.
Port security prevents unauthorized access of a port by “securing” a list of
specific MAC addresses to a port. If the switch sees a MAC address that is
not on the secured list, it discards the packet.
To set port security from Local Management
1 On the Configure Device screen, select Forwarding and Filtering.
2 Select Configure Port Security.
3 Select a port you want to secure. Press z in the Learning field to
disable the port’s ability to learn new MAC addresses.
4 Press q to move up a level, and then select the Configure Static
MAC Addresses screen.
5 Define a list of MAC addresses and assign them to the same port you
secured in the Port Security screen.
To turn off port security
1 On the Configure Device screen, select Forwarding and Filtering. Select
Configure Port Security.
2 Select the port on which you want to disable security. Press z in
the Learning field to disable security and enable the port to learn new
MAC addresses.
67
CHAPTER 5
Intel® NetStructure™ 470T and 470F Switches User Guide
Configure MAC Address Filtering
Description
LOCATION
Main Menu
Configure Device
Forwarding and Filtering
MAC Address Filtering
NOTE
If tag-based (IEEE 802.1Q) or
port-based VLANs are currently
active and you want to enable
MAC address filtering, you must
assign each MAC address filter to
a specific VLAN.
MAC address filtering allows the switch to drop unwanted packets. The
switch drop a packet when it sees the specified MAC address in either the
source address or destination address. For example, if your network is
congested because of high utilization from a specific MAC address, you can
filter all packets transmitted from that address and restore network flow
while you troubleshoot the problem.
Enter MAC: Indicates the MAC address you want to filter.
VLAN/VLAN ID: Indicates VLAN or VLAN ID. If VLANs are active on
the switch, you can set MAC address filtering on a per VLAN basis. For
port-based VLANs, press z to select the name of the VLAN. For
tag-based VLANs, type the VLAN ID.
ADD/DELETE: Adds or removes a MAC address from the switch’s table.
68
CHAPTER 5
Using Local Management
Local Management
Configure Ethernet Multicast Filtering
Description
LOCATION
Main Menu
Configure Device
Forwarding and Filtering
Configure Ethernet...
NOTE
If tag-based (IEEE 802.1Q) or
port-based VLANs are currently
active and you want to enable
MAC address filtering, you must
assign each multicast filter to a
specific VLAN.
You can use Ethernet multicast filters to define which ports can receive
multicast traffic from a specific multicast MAC address.
VLAN/VLAN ID: Indicates VLAN or VLAN ID. If VLANs are active on
the switch you can set Ethernet multicast filtering on a per VLAN basis.
For port-based VLANs, press z to select the name of VLAN. For
tag-based VLANs, type the VLAN ID in the Multicast address field.
Multicast address: Indicates the MAC address you want to add, delete, or
apply a filter to.
ADD/DELETE: Adds or removes a MAC address from the switch’s table.
To adding or deleting a multicast filter
1 In the Multicast address field, type a multicast address.
2 If the switch is running tag-based or port-based VLANs, select a VLAN
to locate the filter.
3 To add a filter, select ADD using the arrow keys and press E.
4 To remove a filter, type the MAC address in the Multicast field, select
DELETE, and then press E.
69
CHAPTER 5
LOCATION
Main Menu
Configure Device
Forwarding and Filtering
Configure Ethernet...
Multicast filters per port
Intel® NetStructure™ 470T and 470F Switches User Guide
Ethernet Multicast Filtering (Ports)
Description
Action: Blocks or forwards traffic to the selected port (press z).
APPLY CHANGES: Applies the changes to the multicast filter after you
configure the ports.
N/P: Scrolls through the addresses. (Press N (Next Page) or P (Previous
Page).
70
To modify a multicast filter
1 On the Configure Ethernet Multicast Filter screen, use the arrow
keys to select an address from the list on the right side of the screen.
Press E.
2 Determine which ports can receive the multicast traffic by using
z to set Forward or Block for each port.
3 Select APPLY CHANGES and press E. This activates the
changes to the multicast filter and returns you to the previous screen.
CHAPTER 5
Using Local Management
Local Management
Port Mirroring
Description
LOCATION
Main Menu
Configure Device
Port Mirroring
NOTE
Do not mirror traffic to a target
port that is connected to a
network device other than a
protocol analyzer. The device’s
behavior may be unpredictable.
Port mirroring is a diagnostic tool you can use to send a copy of the good
Ethernet frames transmitted or received on one port to another port. On the
second port you can attach a protocol analyzer to capture and analyze the
data without interfering with the client on the original port.
Source port: Selects the port whose traffic you want to mirror (press
z).
Target port: Selects a port to receive the mirrored traffic (press z).
If you are using a protocol analyzer, connect it to this port.
State: Enables or disables port’s mirror (press z).
71
CHAPTER 5
Intel® NetStructure™ 470T and 470F Switches User Guide
Link Aggregation
Description
LOCATION
Main Menu
Configure Device
Link Aggregation
NOTE
All custom settings for a port
(including VLAN membership) are
lost when you add that port to a
link aggregation.
When configuring link aggregation between two 470 switches,
you must connect anchor port to
anchor port, and member port to
member port.
Link aggregation is a way of combining ports on the switch to increase the
available bandwidth and provide redundant links. All ports in the
aggregated link take on the characteristics of the anchor port. This means if
you set the anchor port to 1000Mbps full duplex (470T only), all the ports
aggregated to that anchor port share the same setting. You can set a
maximum of four aggregated groups on the switch.
Anchor Port: Displays the first port in the link aggregation.
Width: Sets the total number of (consecutive) member ports in the
aggregated link (press z). The minimum number of ports for an
aggregated link is two, and the maximum is four. The link aggregation
width includes the anchor port.
Aggregation Group Name: Assigns a name to the aggregated links for
management or identification purposes.
Status: Enables or disables the aggregated link (press z).
72
CHAPTER 5
Using Local Management
Local Management
Broadcast Storm Control
Description
LOCATION
Main Menu
Configure Device
Broadcast Storm Control
You can use broadcast storm control to filter out broadcasts from faulty
devices to prevent them from degrading network performance.
For a more information about of broadcast storm control, see Chapter 2.
Setting: Enables or disables broadcast storm control on each port (press
z).
Upper Threshold: Sets the threshold of broadcast traffic on a port (shown
as a percentage of the port’s total bandwidth) that activates broadcast storm
control. Type a value from 1–20%. The default value is 20%.
73
CHAPTER 5
Intel® NetStructure™ 470T and 470F Switches User Guide
Configure Management Menu
Description
LOCATION
Main Menu
Configure Management
Configure community strings & trap receivers: Assigns the switch’s
community strings and sets trap receiving stations.
Administer user accounts: Configures user accounts. You can add or
delete users, update passwords, and change a user’s access levels.
Define IP access list: Create a list of IP addresses that can access the
switch through Telnet, Web Manager, or SNMP.
Update firmware and configuration files: Configures the switch’s
internal software and specifies the location of configuration files.
Reset and console options: Reboots the switch or changes the settings on
the serial port. You can also use this option to set the switch back to its
factory defaults.
74
CHAPTER 5
LOCATION
Main Menu
Configure Management
Community Strings and . . .
Using Local Management
Local Management
Community Strings & Trap Receivers
Description
Use this screen to send alerts to PCs with SNMP management applications
(such as Intel® Device View) installed.
Current read community: Sets a password for viewing (not changing) the
switch configuration. The string you define here must match the read
community string defined in the SNMP application. The default read
community string is “public.”
NOTE
These are the traps supported by
the switch:
• Power to the switch was
cycled or reset.
• Link, speed, or other status
changes on a port.
• Authentication failure.
Current write community: Sets a password for viewing and changing the
switch configuration. The string you define here must match the write
community string defined in the SNMP application. The default write
community string is “private.”
Trap Receiving Stations: When an event occurs, the switch automatically
alerts the SNMP management application by sending a trap to the SNMP
management stations (for example, PCs) defined here.
Station IP address: Displays the IP addresses of PCs with SNMP
applications (such as Intel Device View or LANDesk® Network
Manager) installed.
State: Enables or disables sending of traps to the specified trap
receiver.
Community string: Specifies a string for the trap that matches the
community string defined in the SNMP management application. The
default is “public.”
75
CHAPTER 5
Intel® NetStructure™ 470T and 470F Switches User Guide
Administer User Accounts
Description
LOCATION
Main Menu
Configure Management
Administer User Accounts
Add Users/Change Passwords
Username: By default, no username is assigned. Usernames can
consist of any character and can be up to 15 characters long. You can
define three usernames.
Old Password: Used when changing the password of a current user. If
this is a new account, you can skip to the New Password field. By
default, no password is assigned.
New password: Sets a new password for accessing Local
Management. The password you specify here is used the next time you
reset the switch or log out and log in to Local and Web Management.
Passwords are case-sensitive and can be up to 15 characters long.
Confirm new password: Verifies the entry in the New password
field.
76
CHAPTER 5
Using Local Management
Local Management
Access level: Establishes a user’s access rights (press z).
Administrators can make any changes to Local Management. All other
users (categorized under Normal user) can view information but
cannot make changes. To change a user’s access rights, see the “To
modify a user’s access level” section of this chapter.
APPLY CHANGES: Saves changes when adding users or changing
passwords.
Modify User Accounts
Access level: Changes access rights for the user (press z).
Delete: Deletes an account (press z to change the value to
<Yes>). The default value is <No>.
APPLY CHANGES: Saves changes when modifying or deleting user
accounts.
77
CHAPTER 5
Intel® NetStructure™ 470T and 470F Switches User Guide
Managing User Accounts
System Administrators can create up to three user accounts for managing the
switch. You can also change the access rights for current users and delete
user accounts. Make sure you always set up at least one Administrator
account.
To create a user account
1 On the Main Menu, select Configure Management, and then press
E. Select Administer User Accounts and press E .
2 On the User Accounts screen, type the name of the new user in the
Username field, and then press E .
3 Because this is a new user, press T
and then go to the New password field.
4 Type the password for the new user, and then press E . Passwords
are case-sensitive and can be up to 15 characters long.
5 To confirm the new password, retype it in the Confirm new password
field. Press E .
6 Select the access rights for the new user by pressing z .
7 To save the information, press T to select SAVE CHANGES
(below the Confirm new password field), and then press E . The
new account appears in the list under Modify User Accounts.
to skip the Old password field,
78
To change a password
1 On the Main Menu, select Configure Management, and then press
E . Select Administer User Accounts, and then press E .
2 In the Username field, type the username of the account for which you
want to change the password. Press E .
3 Type the current password in the Old password field, and then press
E .
4 Type the new password in the New password field, and then press
E .
5 To confirm the password, retype it in the Confirm new password field.
Press E .
CHAPTER 5
Using Local Management
Local Management
6 To save the new password, press T to select SAVE CHANGES
(below the Confirm new password field) and press E .
To modify a user’s access level
1 On the Main Menu, select Configure Management, and then press
E. Select Administer User Accounts and press E.
2 Under Access Level, press T to select the account to be modified.
3 Press z to change the user’s access rights. Users with
Administrator access can make changes to the management
configuration; users with Normal User access can view the
configuration but cannot make changes.
4 To save changes, press T to select SAVE CHANGES at the
bottom of the screen and press E .
To delete a user account
1 On the Main Menu, select Configure Management, press E .
Select Administer User Accounts, and then press E .
2 Under Delete, select the account to be removed.
3 Press z to select <Yes>.
4 To remove the user account, press T to select SAVE CHANGES
at the bottom of the screen and press E .
79
CHAPTER 5
LOCATION
Main Menu
Configure Management
Define IP Access List
Intel® NetStructure™ 470T and 470F Switches User Guide
Define IP Access List
Description
Users with IP addresses defined on the access list can manage the switch. If
user names and passwords are set up, the user must also enter a valid user
name and password when accessing the console. If you do not create an
access list, any user with a valid user name and password can manage the
switch. The IP access list provides a second level of security beyond that of
a user name and password.
NOTE
The IP access list does not prevent unauthorized users from
accessing switch management
through the serial port.
80
If you create an access list, the first address you add must be the one from
which you are accessing the switch. Only users with IP addresses defined on
the access list can ping the switch.
The IP access list can contain up to eight IP addresses.
Action: Specifies whether you want to add or delete an IP address. Press
z to toggle between <Add> and <Delete>.
IP address: Type the IP address you want to add or delete from the access
list and then press E. The IP access list can contain up to eight IP
addresses.
CHAPTER 5
LOCATION
Main Menu
Configure Management
Update Firmware and . . .
Using Local Management
Local Management
Update Firmware and Config Files
Description
Software update mode: Choose to update switch firmware over the
network or through a serial port. SLIP/PPP is available only after changing
the Port setting in the Reset and Console Options in the Configure
Management menu (press z).
TFTP server address: Displays the IP address of the TFTP server.
NOTE
Check the Intel® Support Web site
for firmware updates to the 470
switch.
Update Management Module Firmware:
Firmware update: Enables or disables the firmware update (press
z). When enabled, the switch searches for the TFTP server
specified at the top of the screen and attempts to update the firmware.
Firmware file name: Displays the path and filename of the firmware
located on the server.
Change Configuration File:
Config file download: Enables or disables the ability to download a
configuration file (press z). When enabled, the switch searches
for the TFTP server specified at the top of the screen.
Config file name: Displays the path and filename of the configuration
file located on the server.
Last TFTP server address: Displays the IP address of the last TFTP server
accessed by the switch.
REBOOT TO START UPDATE: Starts the update process. The switch
reboots and downloads the specified file.
81
CHAPTER 5
Intel® NetStructure™ 470T and 470F Switches User Guide
Reset and Console Options
Description
LOCATION
Main Menu
Configure Management
Reset and Console Options
Reset Options
Reboot switch: Reboots the switch. If you changed the IP
configuration or login setting, the new settings take effect after you
select this option.
Reset switch settings to factory defaults: Clears any saved settings or
current changes and resets the switch back to its factory defaults. All
counters are cleared and the switch starts sending BOOTP requests.
Serial Port Settings
Port setting: Configures the switch’s serial port. Press z to
toggle between <Console>, <SLIP>, and <PPP>. Settings take effect on
the next reboot.
Console timeout: Logs out a user after a period of inactivity. Settings
are from 0–60 minutes in 15-minute increments. A setting of <Never>
means no timeout. The default is 60 minutes.
82
CHAPTER 5
Using Local Management
Local Management
Configure VLAN Operation Mode
Description
LOCATION
Main Menu
Configure VLAN
(if switch is in Default Mode)
NOTE
The first time you configure the
switch, the system takes you
directly to the Configure VLAN
Operation Mode screen.
Use this screen to activate or change the type of VLAN operating on the
switch. If there are no VLANs active on the switch, this is the first screen
displayed when you select Configure VLAN from the Main Menu. By
default, VLANs are not active on the Intel® NetStructure™ 470F and 470T
Switches so they must be activated before you can start configuring them.
The 470 switches support only one type of VLAN operating at a time.
However, you can have multiple VLANs of the same type.
Select the type of VLAN: Changes the type of VLAN on the switch (press
z). The 470 switches support three types of VLANs: port-based,
IEEE 802.1Q (tag-based), and protocol-based.
APPLY: Activates the changes to the VLAN and reboots the switch.
To change VLAN modes
1 On the Main Menu, select Configure VLAN.
2 On the Configure VLAN menu, select VLAN Operation Mode.
3 Press z to change the type of VLAN on the switch. Press
E.
4 Select the APPLY button and press E. This reboots the switch
and changes the VLAN mode.
83
CHAPTER 5
Intel® NetStructure™ 470T and 470F Switches User Guide
Port-based VLANs
Description
LOCATION
Main Menu
Configure VLAN
Port-based VLANs are the simplest type of VLAN. With a port-based
VLAN you can create multiple VLANs, each with its own broadcast
domain and member ports.
For example, if port 3 is in VLAN_1 and port 5 is in VLAN_2 the two
ports cannot communicate with each other even though they are part of the
same switch. A port can only be a member of a single port-based VLAN.
Any port that is not a member of a user-defined VLAN is a member of the
DEFAULT_VLAN.
VLAN operation mode: Changes the type of VLAN operating on the
switch, or disables VLANs entirely.
Add a port-based VLAN: Creates a port-based VLAN and adds ports to
the VLAN.
Edit/delete a port-based VLAN: Selects a VLAN to change port
membership in the VLAN, or removes a VLAN from the switch.
84
CHAPTER 5
Using Local Management
Local Management
Add a Port-based VLAN
Description
LOCATION
Main Menu
Configure VLAN
Add a Port-based VLAN
VLAN Name: Assigns a name to the VLAN. Names can consist of any
character (no spaces) and be up to 12 characters long. After a VLAN is
created the name cannot be changed. If you want to change the name you
must delete the VLAN, create a new one, and assign the ports to the new
VLAN.
Port: Specifies the port you want in the VLAN.
Member: Determines which ports are part of the VLAN being created.
Ports can be members of only one port-based VLAN. Press z to
toggle the following options:
<Yes> The port is a member of the VLAN.
<No > The port is not a member of the VLAN.
–The port is part of an aggregated link; the anchor port
determines membership in a VLAN.
N/ADisplayed if the port is already participating in another
VLAN, or for the 470T, that a GBIC slot is open. Ports can
belong to only one port-based VLAN.
APPLY: Creates the VLAN and activates the settings.
85
CHAPTER 5
LOCATION
Main Menu
Configure VLAN
Edit/Delete a Port-based VLAN
Edit VLAN
Intel® NetStructure™ 470T and 470F Switches User Guide
To create a port-based VLAN
1 On the Main Menu, select Configure VLAN.
Note: Make sure the switch’s current VLAN operation mode is set to
port-based VLAN. If another type of VLAN is running, see “Configure
VLAN Operation Mode” earlier in this chapter to change the VLAN
operation mode.
2 Select Add a Port-based VLAN and press E.
3 Type a name for the new VLAN and press E.
4 Select ports to add to the VLAN and use z to toggle the
Member field to Yes.
5 Select the APPLY button and press E.
Edit/Delete a Port-based VLAN
NOTE
The DEFAULT_VLAN cannot be
deleted from the switch.
86
Description
Action: Indicates whether to delete a VLAN or to change its port
membership. Press z to toggle between <Edit> or <Delete>, then
use T or S to select a VLAN, and press E. If deleting, press
E
VLAN Name: Displays the name of an available port-based VLAN.
Ports: Displays the number of member ports in the specified VLAN.
again to confirm deletion.
CHAPTER 5
Using Local Management
Local Management
Change Port Membership in a VLAN
Description
LOCATION
Main Menu
Configure VLAN
Edit/Delete a Port-based VLAN
This screen is similar to the VLAN creation screen. You can change the
membership status of ports within the VLAN but you cannot change the
name of the VLAN.
VLAN Name: Displays the name of the VLAN you are configuring.
Port: Displays the port numbers. Select the port you want to add to or
eliminate from the VLAN.
Member: Determines which ports are part of the current VLAN. Ports can
be members of only one port-based VLAN. Press z to toggle the
following options:
<Yes> The port is a member of the VLAN.
<No > The port is not a member of the VLAN.
–The port is part of a aggregated link.
N/ADisplayed if the port is already participating in another
VLAN. Ports can belong to only one VLAN.
APPLY: Activates the settings.
87
CHAPTER 5
Intel® NetStructure™ 470T and 470F Switches User Guide
Configure 802.1Q VLANs
Description
LOCATION
Main Menu
Configure VLAN
VLAN operation mode: Changes the type of VLAN operating on the
switch, or disables VLANs entirely.
Create an IEEE 802.1Q VLAN: Creates a new 802.1Q VLAN and adds
ports to the VLAN.
Edit/Delete an IEEE 802.1Q VLAN: Changes port membership of an
existing VLAN or removes a VLAN from the switch.
Configure VLAN ID for Untagged Devices (PVID): Assigns a VLAN to
inbound packets without a VID.
GVRP and ingress filter settings: Sets port-level options for dynamic
VLAN creation and packet filtering by the VLAN.
88
CHAPTER 5
Using Local Management
Local Management
Add an IEEE 802.1Q VLAN (Configure
Port Membership)
LOCATION
Main Menu
Configure VLAN
Create an 802.1Q VLAN
NOTE
A ‘+’ next to the Member indicates
that the port is a member of more
than one VLAN.
Description
VLAN Name: Assigns a name to the VLAN. The name can consist of any
character (no spaces) and be up to 12 characters long. After a VLAN is
created the name cannot be changed.
VLAN ID: Assigns a unique ID number for the VLAN. This number is
used to identify all packets belonging to that VLAN. Type a number from 2
to 4094. The DEFAULT_VLAN (created when you select a VLAN mode)
has a VID of 1.
Allow IGMP Snooping: Indicates if the switch performs IGMP snooping
on this VLAN (press z). A maximum of 12 IGMP snooping
sessions are allowed.
Member: Identifies which ports are part of the VLAN being created. Press
z to toggle the following options:
<Yes> The port is a member of the VLAN.
<No > The port is not a member of the VLAN.
–The port is part of an aggregated link.
NEXT: Sends you to the Add an IEEE 802.1Q VLAN (Configure Port
Tagging) screen.
89
CHAPTER 5
Intel® NetStructure™ 470T and 470F Switches User Guide
Add an IEEE 802.1Q VLAN (Configure
Port Tagging)
LOCATION
Main Menu
Configure VLAN
Create an 802.1Q VLAN
Add an 802.1Q VLAN...
Description
VLAN Name: Displays the VLAN name assigned on the Add an IEEE
802.1Q VLAN (Configure Port Membership) screen.
VLAN ID: Displays the VLAN ID assigned on the Add an IEEE 802.1Q
VLAN screen.
Action: Indicates whether the device connected to this port supports
tagging (press z).
PREV: Returns you to the Add an IEEE 802.1Q VLAN (Configure Port
Membership) screen.
DONE: Returns you to the Configure 802.1Q VLANs screen.
90
CHAPTER 5
LOCATION
Main Menu
Configure VLAN
Configure PVID for...
Using Local Management
Local Management
Configuring 802.1Q VLANs
Setting up an 802.1Q VLAN is a three-step process. First, create a VLAN
on the switch. Second, make sure that tagging is set up properly for your
attached devices. Third, configure those devices that don’t support tagging.
Step 1: Create an 802.1Q VLAN and add ports
1 On the Main Menu, select Configure VLAN.
Note: Make sure the switch’s current VLAN operation mode is set to
IEEE 802.1Q VLAN. Refer to “Configure VLAN Operation Mode”
earlier in this chapter to change the VLAN operation mode.
2 Select Create an IEEE 802.1Q VLAN and press E.
3 Type a name for the new VLAN (no spaces) and press E.
4 Type a VLAN ID (VID) and press E. The ID can be any number
from 2 to 4094.
5 Determine if you want to allow IGMP Snooping on this VLAN. This is
important because the switch can support more 802.1Q VLANs than the
maximum of 12 IGMP Snooping sessions available.
6 Select ports to add to the VLAN. Press z to toggle the
Member field to Yes.
7 Select the NEXT button and press E.
Step 2: Configure tagging for member ports
Note: If the device on a particular port does not support tags, configure that
port as untagged. Configuring a device as untagged ensures that the switch
removes tags from packets before they leave the switch for the device.
1 Press z to select Tag or Untag for each port that is a member of
the VLAN.
2 Select the DONE button and press E.
If you configured any of the ports in the VLAN as Untagged, proceed to
step 3, “Configure VLAN for untagged devices,” to configure ports for
untagged devices and associate those ports with a PVID (port VLAN ID).
91
CHAPTER 5
NOTE
Determine which devices on your
network support tag-based VLANs
and which do not before you start
this procedure.
Intel® NetStructure™ 470T and 470F Switches User Guide
Step 3: Configure VLAN for untagged devices
Even if the device attached to the switch doesn’t support 802.1Q tags it can
participate in the VLAN. When communicating with untagged devices the
switch:
Determines how to forward untagged traffic. For untagged traffic, the
switch assigns a default VID to the incoming traffic from the untagged
device. Normally, all untagged traffic received on the switch is assigned a
VLAN ID=1 or the DEFAULT_VLAN. You can change this PVID to the
VID of the VLAN you want the port to use.
Strips 802.1Q tags before sending traffic to the untagged device. When
the switch needs to send traffic from a port to an untagged device, it strips
the 802.1Q tag. Otherwise, the untagged device may not understand how to
process the VID tag.
To add a untagged device to a 802.1Q VLAN
1 Ensure that the port is a member of the VLAN. Refer to the procedure
in step 1, “Create an 802.1Q VLAN and add ports,” to add a port to a
802.1Q VLAN.
2 On the Configure VLAN menu, select Configure VLAN ID for
Untagged Devices and press E.
3 Select the port where the untagged device is connected. For example,
port 7.
4 Type the VID of the VLAN you want the port to belong to and press
E. This is the same ID number you entered in step 1, “Create an
802.1Q VLAN and add ports.”
5 Select APPLY and press E to activate the changes.
92
By specifying a VID you set the switch to assign a particular VID to any
incoming traffic it receives on that port.
CHAPTER 5
Using Local Management
Local Management
Edit/Delete an 802.1Q VLAN
Description
LOCATION
Main Menu
Configure VLAN
Edit/Delete an 802.1Q VLAN
Use this screen to select a VLAN to edit the port membership in the VLAN
or delete the VLAN from the switch.
Action: Specifies whether you want to edit or delete a VLAN. Press
z to toggle between <Edit> and <Delete>, select a VLAN from the
list, and then press E.
VLAN Name: Displays the name of the VLAN you are configuring.
VLAN ID: Displays the number assigned to identify this 802.1Q VLAN.
93
CHAPTER 5
Intel® NetStructure™ 470T and 470F Switches User Guide
Edit an IEEE 802.1Q VLAN (Configure
Membership)
LOCATION
Main Menu
Configure VLAN
Edit/Delete IEEE 802.1Q VLAN
NOTE
A ‘+’ next to the Member toggle
indicates that port is a member of
more than one VLAN.
Description
Use this screen to change which ports are members of the VLAN.
VLAN Name: Displays the name of the VLAN you are editing or deleting.
VLAN ID: Displays the ID number of the VLAN. This number identifies
all packets belonging to that VLAN.
Allow IGMP Snooping: Identifies whether the switch performs IGMP
snooping on this VLAN (press z). There are a maximum of 12
IGMP snooping sessions allowed.
Member: Determines which ports are part of the VLAN being created.
Press z to toggle the field for the following options:
<Yes> The port is a member of the VLAN.
<No > The port is not a member of the VLAN.
–The port is part of an aggregated link.
NEXT: Sends you to the Edit an IEEE 802.1Q VLAN (Configure Port
Tagging) screen, where you can set egress tags (for outbound traffic).
94
Loading...
+ hidden pages
You need points to download manuals.
1 point = 1 manual.
You can buy points or you can get point for every manual you upload.