Intel NetStructure 470 User Manual

Download

Intel® NetStructure

™

Intel

NetStructure

™

470 Switch User Guide

470 Switch

User Guide

Intel Corporation assumes no responsibility for errors or omissions in this manual. Nor does Intel make any commitment to update the information contained herein. Intel is a trademark or registered trademark of Intel Corporation or its subsidiaries in the United States and other countries.

* Other product and corporate names may be trademarks of other companies and are used only for explanation and

to the owners’ benefit, without intent to infringe.

Second Edition June 2001 A18558-002

CONTENTS

Intel® NetStructure

Contents

 

 470T and 470F Switches User Guide

 

1 Setting up the Intel® NetStructure™ 470T and 470F Switches

Overview..........................................................................1

Management....................................................................1

Switch Features ...............................................................2

LEDs ................................................................................3

Connection Guidelines.....................................................4

Straight-through vs. Crossover Cables ............................4

2 Using the Intel® NetStructure™ 470T and 470F Switches

Overview..........................................................................7

Sample Configuration ......................................................8

Flow Control.....................................................................9

Broadcast Storm Control..................................................9

Spanning Tree Protocol ...................................................10

Tagged Frames................................................................11

Priority Tagging................................................................11

Link Aggregation ..............................................................12

Virtual LANs .....................................................................13

GARP VLAN Registration Protocol (GVRP).....................17

Internet Group Management Protocol (IGMP) .................18

3 Using Intel® Device View

Overview..........................................................................19

Installing Intel Device View ..............................................20

Starting Intel Device View ................................................21

Installing a New Switch ....................................................22

Using the Device Tree .....................................................22

Managing a Switch...........................................................25

Viewing RMON Information .............................................25

CONTENTS

Intel® NetStructure

 

 470T and 470F Switches User Guide

 

4 Using the Web Device Manager

Overview..........................................................................27

Accessing the Web Device Manager ...............................28

Navigating the Web Device Manager...............................28

Using Management Screens............................................29

Configuring the Switch’s IP Settings ................................31

Configuring a Port ............................................................32

Managing User Accounts.................................................33

Configuring VLANs ..........................................................35

Link Aggregation ..............................................................41

Static MAC Addresses .....................................................41

Setting Up Priority Tagging ..............................................43

Configuring Community Strings and Trap Receivers .......44

Monitoring Switch Activity ................................................45

Viewing/Changing Switch Information..............................46

Updating Switch Firmware ...............................................47

Saving Configuration Changes and Logging Out .............48

5 Using Local Management

Overview..........................................................................49

Accessing Management...................................................49

Logon Screen ..................................................................50

Navigation........................................................................51

Main Menu (Top Screen) .................................................52

Configure Device .............................................................53

IP Settings .......................................................................54

Port Settings ....................................................................55

Flow Control.....................................................................56

Priority..............................................................................56

Configure GBIC Ports (470T only) ...................................57

Priority Tagging................................................................58

Switch Settings ................................................................59

Configure Advanced Switch Settings ...............................60

Configure Spanning Tree Protocol...................................61

Configure Spanning Tree for Ports ..................................63

Forwarding and Filtering ..................................................64

CONTENTS

Intel® NetStructure

 

 470T and 470F Switches User Guide

 

Configure IGMP Snooping ...............................................65

Configure Static MAC Addresses.....................................66

Configure Port Security....................................................67

Configure MAC Address Filtering.....................................68

Configure Ethernet Multicast Filtering ..............................69

Ethernet Multicast Filtering (Ports)...................................70

Port Mirroring ...................................................................71

Link Aggregation ..............................................................72

Broadcast Storm Control.................................................73

Configure Management Menu .........................................74

Community Strings & Trap Receivers ..............................75

Administer User Accounts................................................76

Managing User Accounts.................................................78

Define IP Access List .......................................................80

Update Firmware and Config Files...................................81

Reset and Console Options .............................................82

Configure VLAN Operation Mode ....................................83

Port-based VLANs ...........................................................84

Add a Port-based VLAN...................................................85

Edit/Delete a Port-based VLAN........................................86

Change Port Membership in a VLAN ...............................87

Configure 802.1Q VLANs ................................................88

Add an IEEE 802.1Q VLAN

(Configure Port Membership)..............................89

Add an IEEE 802.1Q VLAN (Configure Port Tagging) .....90

Configuring 802.1Q VLANs..............................................91

Edit/Delete an 802.1Q VLAN ...........................................93

Edit an IEEE 802.1Q VLAN (Configure Membership) ......94

Edit an IEEE 802.1Q VLAN (Configure Port Tagging) .....95

Configure VLAN ID for Untagged Traffic..........................96

GVRP and Ingress Filter Settings ....................................97

Configure a Protocol-based VLAN ...................................98

Add a Protocol-based VLAN ............................................99

Edit/Delete a Protocol-based VLAN .................................100

Edit a Protocol-based VLAN (Configure Membership).....101

iii

CONTENTS

Intel® NetStructure

Monitor (Network Statistics) .............................................102

Switch Overview ..............................................................103

Port Traffic Statistics ........................................................104

Port Error Statistics ..........................................................106

Packet Analysis................................................................108

IGMP Snooping Status ....................................................109

Browse Address Table.....................................................110

VLAN and GVRP Status ..................................................112

Tools ................................................................................113

Switch Event Log .............................................................114

Ping a Device...................................................................115

Upload Configuration Image File......................................116

Save Settings...................................................................117

 

 470T and 470F Switches User Guide

 

Appendix A: Technical Information 119

Index 139

Intel Customer Support 146

Setting up the Intel

NetStructure™ 470T

and 470F Switches

Overview

This guide provides information on configuring and managing the Intel NetStructure™ 470T and 470F Switches. It is organized into five chapters:

• Chapter 1 - Identifying and connecting the switch hardware

• Chapter 2 - Using the switch in a LAN; advanced features such as link

aggregation and VLANs

• Chapter 3 - Using Intel Device View

• Chapter 4 - Using Web Device Manager

• Chapter 5 - Using Local Management

Management

Through the switch’s built-in management you can configure the device and monitor network health. You can use any combination of the following methods to manage the switch.

• SNMP management applications like Intel Device View, LANDesk

Network Manager, HP OpenView*, and IBM Tivoli NetView* are tailored for Intel products and show a graphical representation of the device.

• Onboard management allows control over the switch without using an

SNMP application. The Web Device Manager provides a graphical interface while Local Management is a menu-driven interf ace.

• Other SNMP-compliant applications can manage the switches if you

compile the switch’s MIB files into that application.

CHAPTER 1

Status LED

Intel® NetStructure™ 470T and 470F Switches User Guide

Switch Features

These are the major features of the 470 switches.

8-port 470F Switch (Product Code ES470F)

Link/Activity LEDs

Serial Port

6+2-port 470T Switch (Product Code ES470T)

Status LED

Speed LEDs (top row)

Link/Activity LEDs (bottom row)

Serial Port

Back of 470 Switch

• 100/1000 Base-T auto-negotiates speed, duplex, and flow control—100Mbps or 1000Mbps

per port

• 470F supports 1000SX, 1000LX, and 1000LH GBICs

• Half-duplex and full-duplex flow control

• Port settings can be configured manually through management

• Access menu-driven Local Management through the serial port or a Telnet session

• Access the graphical Web Device Manager through a Web browser

1000 Base-SX Port

1000 Base-T Port

MAC Address

GBIC Port

AC Power Plug

CHAPTER 1

Setting Up the Intel

NetStructure™ 470T and 470F Switches

LEDs

The LEDs to the left of the ports indicate port status, individual port speed, and activity.

Status

470F

Link/Activity

470 Switch Setup

NOTE

After the switch is turned on, the Status LED blinks green once before the diagnostic mode starts.

Status

470T

Speed

Link/Activity

LED State Meaning

Status Blinking green Switch is performing diagnostics and booting.

(This lasts for 20–30 seconds.) Solid green Diagnostics have passed, the switch is ready. Blinking green Diagnostics have failed. (After the initial 20–

30 seconds, the LED continues blinking.)

Link/Activity Solid green Device linked.

Blinking green Receiving activity on that port. Off No link detected.

Speed Solid green Device connected at 1000Mbps. (470T only) Off Device connected at 100Mbps.

CHAPTER 1

Intel® NetStructure™ 470T and 470F Switches User Guide

Connection Guidelines

General

• The 470T switch is can auto-negotiate port duplex. It can operate at half-duplex or full-duplex at 100Mbps, and full-duplex at 1000Mbps. The switch matches the highest possible speed (up to 1000Mbps) of an attached device.

• The 470F operates at full-duplex and at 1000Mbps.

Cabling

NOTE

Use certified Category 5 cables to connect 1000Mbps devices to the switch.

• Use Category 5 unshielded, twisted-pair (CAT 5 UTP) cable to connect 1000Mbps or 100Mbps devices to the switch.

• Limit the cable length between devices to 100 meters (330 feet) for copper wire.

• Use a straight-through cable to connect the switch to a server or workstation.

• To connect to another switch or hub, use a crossover cable.

Straight-through vs. Crossover Cables

Switch ports are wired MDI-X, so use a straight-through cable to connect to a workstation or server (network adapter cards are wired MDI). To connect to another MDI-X port, use a crossover cable. The following pin arrangements are for the switch’s Ethernet port and the typical RJ-45 connector. The wiring diagrams illustrate how to wire a straight-through and crossover cable for 100Mbps and 1000Mbps devices.

Straight-Through UTP cable (100Mbps)

Switch (MDI-X) Adapter (MDI)

CHAPTER 1

Setting Up the Intel

NetStructure™ 470T and 470F Switches

Crossover UTP cable (100Mbps)

Switch (MDI-X) Hub (MDI-X)

Straight-Through UTP cable (1000Mbps)

Switch (MDI) Switch (MDI)

470 Switch Setup

CHAPTER 1

Intel® NetStructure™ 470T and 470F Switches User Guide

Using the Intel

NetStructure™ 470T

and 470F Switches

Overview

Chapter 2 provides an overview for using the Intel® NetStructure™ 470T and 470F Switches within a network. This chapter covers switching features like flow control and spanning tree, and includes a discussion of the more advanced features such as link aggregation and the types of VLANs available on the switch.

If you are familiar with switching technology you can skip ahead to a particular section within the chapter. The following list shows where you can find particular topics:

• Sample Configuration page 8

• Flow Control page 9

• Broadcast Storm Control page 10

• Spanning T ree Protocol page 11

• Tagged Frames page 12

• Priority T ag ging page 12

• Link Aggregation page 13

• Virtual LANs page 14

• GVRP page 18

• Internet Group Management Protocol (IGMP) Snooping page 18

CHAPTER 2

100Mbps

1000Mbps Link Aggregation

group

Intel® NetStructure™ 470T and 470F Switches User Guide

Sample Configuration

The following example illustrates how the 470T and 470F switches can be used in a network.

In this example, the Intel NetStructure 480T Routing Switch is the backbone of the network, providing routing capability. The 470T and 470F switches provide gigabit connectivity from the 480T to the Intel Express 460T Standalone Switches through the 460T gigabit uplinks.

Intel® NetStructure™ 470T Switch

Intel Express 460T Standalone Switches

Intel® NetStructure™ 470F Switch

Intel Express 460T Standalone Switches

Intel® NetStructure™ 480T Routing Switch

Servers

CHAPTER 2

Using the Intel

NetStructure™ 470T and 470F Switches

Flow Control

During heavy network activity, the switch’s port buffers can receive too much traffic and fill up faster than the switch can send the information. In cases like this, the switch tells the transmitting device to wait until the information in the buffer can be sent. This traffic control mechanism is called flow control.

The method of flow control depends on whether the port is set to full-duplex or half-duplex.

• If a port operates at half-duplex, the switch sends a collision (also called backpressure) that causes the transmitting device to wait.

• If the port operates at full-duplex, the switch sends out an IEEE 802.3x PAUSE frame.

You can enable or disable flow control for each port on the 470 switch.

Broadcast Storm Control

You can use broadcast storm control to control the amount of broadcast traffic serviced by the switch. You can prevent broadcasts from taking an excessive amount of network resources and degrading network performance.

Using the 470 Switch

To control the amount of broadcast traffic, set an upper threshold percentage for each port. The upper threshold is the percentage of the port’s total bandwidth that is available for broadcast traffic. For example, if a port’s upper threshold percentage is 4%, broadcast traffic can take up to 4% of the port’s total bandwidth.

Broadcast traffic

resumed

160 s.

% of% of

% of

% of% of

BroadcastBroadcast

Broadcast

BroadcastBroadcast

traffic ontraffic on

traffic on

traffic ontraffic on

the portthe port

the port

the portthe port

Upper

threshold

Lower

threshold

40 s.

TimeTime

Time

TimeTime in secondsin seconds

in seconds

in secondsin seconds

Broadcast traffic

dropped

80 s. 120 s.

CHAPTER 2

Intel® NetStructure™ 470T and 470F Switches User Guide

The switch checks the amount of broadcast traffic on each port every 20 seconds. If the port detects that the amount of broadcast traffic exceeds the upper threshold on two subsequent checks, the port drops all broadcast traffic.

When broadcast traffic is dropped for storm control, the switch continues to check the amount of broadcast traffic on each port. For the port to begin accepting broadcast traffic again, the amount of broadcast traffic must fall below the lower threshold percentage. The lower threshold percentage, 1%, is a factory default. If broadcast traffic falls below the lower threshold percentage when the port is checked, the switch automatically resumes servicing broadcast traffic.

When broadcast traffic servicing resumes, the switch begins checking the amount of broadcast traffic against the upper threshold.

Spanning Tree Protocol

Spanning Tree Protocol, as described in the IEEE (Institute of Electrical and Electronic Engineers) 802.1D specification, is a protocol designed to prevent loops within the network topology. A loop can occur if there is more than one path for information to travel between devices. The Spanning Tree Protocol determines the “cost” of a connection. For example, if two devices are connected by two links, spanning tree uses the connection with the lowest cost and blocks the second connection.

Spanning tree prevents loops by allowing only one active path between any two network devices at a time. However, you can also use this protocol to establish redundant links between devices that can take over if the primary link fails.

Backup Path from Client A to Server B: Switch A –> Switch B –> Switch C

Switch A

Primary Path from Client A to Server B: Switch A –> Switch C

Switch B

: 3

t: 1

Path: 1 Cost: 100

: 2

t: 2

Switch C

Server BPC Client A

CHAPTER 2

Using the Intel

In this example, Client A can communicate with Server B over two different paths. The primary path is Path 1 because the cost of the connection between switches A and C is lower than the cost between switches A, B and C. If the primary path fails, traffic is automatically sent over the backup path.

NetStructure™ 470T and 470F Switches

Tagged Frames

The 802.1D (1998 Edition) and 802.1Q specifications published by the IEEE extended Ethernet functionality to add tag information to Ethernet frames and propagate these tagged frames between bridges. The tag can carry priority information, VLAN information, or both and allows bridges to intelligently direct traffic across the network.

Some devices don’t recognize the tagged Ethernet frames. These devices see a frame that is too big, and then discard it. When operating 802.1Q (tagbased) VLANs, you can configure the switch to work with untagged devices. For more information, see “How to configure 802.1Q VLANs” in Chapter 5.

Priority Tagging

The IEEE 802.1D (1998 Edition) specification incorporates IEEE 802.1p and defines information in the frame tag to indicate a priority level. When these tagged packets are sent out on the network, the higher priority packets are transferred first. Priority tagging (also known as Traffic Class Expediting) is usually set on the LAN adapter in a PC or switch and works with other elements of the network (switches, routers) to deliver packets based on priority. The priority level can range from 0 (low) to 7 (high).

The 470 switches can read the priority tags and forward traffic on a per port basis. The switches have two priority queues per port and queue the packet based on its priority level. For example, when a packet comes into a switch with a high-priority tag, the switch inserts the packet in its high-priority queue.

Using the 470 Switch

CHAPTER 2

HIGH

LOW

Incoming packet

transmit

queue

for the

port

7 6 5 4

3 2 1 0

Express 460T

Network

Intel® NetStructure™ 470T and 470F Switches User Guide

Although there are eight priority levels, the 470 switches can only put a packet into one of the two queues. The switch maps levels 0-3 to the low queue and levels 4-7 to the high queue. If a packet is untagged, the switch can be set to use either the high or low queue for that port. The 470 switches preserve the priority level of the packet.

Link Aggregation

Link aggregation allows you to combine from two to four (adjacent) ports so that they function as a single high-speed link. For example, link aggregation is useful when making connections between switches or connecting servers to the switch.

Note

When connecting to another switch, connect anchor port to anchor port and member port to member port.

You can use link aggregation, also known as port trunking, to increase the bandwidth to some devices. Link aggregation can also provide a redundant link for fault tolerance. If one link in the aggregation fails, the switch balances the traffic among the remaining links.

To aggregate ports, you must link an “anchor” port with an adjacent port. The 470 switches support up to four link aggregation groups (anchor ports 1,3, 5, or 7). All aggregated ports must be the same speed.

CHAPTER 2

Using the Intel

NetStructure™ 470T and 470F Switches

Guidelines

• The switch treats aggregated links as a single port. This includes spanning tree and VLAN configur ations.

• For the 470F: Anchor ports 1, 3, and 5 can each have up to four aggregated ports; anchor port 7 can have two.

• For the 470T: Anchor ports 1 and 3 can each hav e up to four aggregated ports; anchor ports 5 and 7 can each have two.

• All ports share the same settings as the anchor port. You can change anchor port settings, but you cannot configure other ports in the link.

• When a port is configured as a member of an aggregated link, it adopts the configuration of the anchor port. When a port is no longer a member of an aggregated link, the configuration is reset to the default settings (auto-negotiate speed/duplex, flow control enabled).

• If a port is part of an aggregated link, it cannot be configured as the target port for a port mirror. However, a port in an aggregated link can serve as the source port for a port mirror.

• When connecting to another switch, connect anchor port to anchor port, and member port to member port.

Using the 470 Switch

Virtual LANs

A Virtual LAN (VLAN) is a logical network grouping you can use to isolate network traffic so members of the VLAN receive traffic only from other members. Creating a VLAN is the virtual equivalent to physically moving a group of devices to a separate switch (creating a Layer 2 broadcast domain). With VLANs you can reduce broadcast traffic for the entire switch, and increase security, without changing the wiring of your network.

The 470 switches support three types of VLANs:

• Port-based

• Tag-based (IEEE 802.1Q)

• Protocol-based

CHAPTER 2

Intel® NetStructure™ 470T and 470F Switches User Guide

Port-based VLANs

Port-based VLANs are the simplest and most common form of VLAN. In a port-based VLAN, the system administrator assigns the ports to a specific VLAN. For example, the system administrator can designate ports 1, 2, and 3 as part of the engineering VLAN and ports 5, 6, 7, and 8 as part of the marketing VLAN. Port-based VLANs are easy to configure and all changes are transparent to the users because they take place at the switch. The 470 switches support a maximum of four port-based VLANs. A port can belong to only one port-based VLAN at a time.

If a user changes to another location, the system administrator reassigns the port to the new VLAN. If a switch (or hub) is connected to a port that is part of a VLAN, all devices connected to the switch are also part of the VLAN. You cannot prevent an individual device on that switch from becoming part of the VLAN.

Tag-based (IEEE 802.1Q) VLANs

The tag-based VLAN supported by the 470 switches is based on the IEEE

802.1Q specification. The specification provides a uniform way to create VLANs within a network and allows you to create a VLAN that can span across the network. Until the release of IEEE 802.1Q, it was not possible to create a VLAN across devices from different vendors.

CHAPTER 2

Using the Intel

NetStructure™ 470T and 470F Switches

The 802.1Q VLAN works by using a tag added to the Ethernet frames. The tag contains a VLAN Identifier (VID) that identifies the frame as belonging to a specific VLAN. These tags allow switches that support the 802.1Q specification to segregate traffic between devices and communicate a device’s VLAN association across switches. The example below shows a 470F switch.

Local

Console: 9600-8-N-1

Management

Flow Ctrl=None

(EIA 232)

12345678

TX RX TX RX TX RX TX RX TX RX TX RX TX RX TX RX

VLAN 2: Manufacturing

VLAN 1: Engineering

Intel® NetStructure™ 470F Switch

Status

Link\Activity Link = Solid Green

12345678

Activity = Blinking Green

Link\Act

Using the 470 Switch

VLAN 1 computers can't see VLAN 2 computers

Server and Printer are members of both VLANs

There are multiple advantages to implementing 802.1Q VLANs. First, it helps to contain broadcast and multicast traffic across the switch thus improving performance. Second, ports can belong to more than one VLAN. Third, VLANs can span multiple switches that support the 802.1Q specification. Finally, it can provide security and improve performance by logically isolating users and grouping them.

A logical grouping can be mapped to a workgroup. For example, you can create a VLAN that groups all the users from the engineering department. Benefits of this logical grouping are: it improves performance by reducing traffic that belongs to a different logical group (e.g. marketing), improves security (engineering can’t see marketing), and eases moves because the user doesn’t have to be physically located in the same group to participate in the VLAN.

CHAPTER 2

Intel® NetStructure™ 470T and 470F Switches User Guide

Protocol-based VLANs

In a protocol-based VLAN, traffic is bridged through specified ports based on its protocol. Any packet using a different protocol is dropped as it enters the switch. This type of VLAN allows you to use a common protocol to communicate, yet prevents any packets that are not using the specified protocol, from entering the switch.

For example, you can attach a LAN using NetBEUI traffic to port 1 on the switch, and attach a LAN using IPX traffic to port 2 on the switch. Then, attach a router connected to the Internet, to port 8. Create an IP VLAN that incorportates ports 1, 2, and 8. The NetBEUI traffic on port 1is not passed to ports 2 or 8. The IPX traffic on port 2 is not passed to ports 1 or 8. However, computers using the IP protocol can talk freely to ports 1, 2, and

8. This allows the computers to connect to the Internet, yet not be bombarded with traffic that they do not need to see.

The 470 switches support a maximum of four protocol-based VLANs, and they can be either IP, IPX, NetBEUI, or all three combined. Each port can be a member of only one protocol-based VLAN. The example below shows a 470F switch.

Protocol-based VLANs can help optimize network traffic patterns because protocol-specific broadcast messages are sent only to computers that use that protocol. For example, if a NetBEUI VLAN is created, only NetBEUI traffic is allowed to pass through the VLAN.

CHAPTER 2

Using the Intel

NetStructure™ 470T and 470F Switches

Spanning Tree Protocol and VLANs

The 470 switches support the Spanning Tree Protocol across the entire switch, not across each VLAN. If VLANs create a redundant link between two switches and both of those switches have the Spanning Tree Protocol enabled, one of the VLANs is disabled.

The following diagram shows an example. Both Switch 1 and Switch 2 have two port-based VLANs configured. Crossover cables connect the ENG_VLAN on Switch 1 to ENG_VLAN on and Switch 2. Crossover cables also connect the MKT_VLAN on Switch 1 to the MKT_VLAN on Switch 2. When spanning tree is enabled on both switches, the redundant link between the MKT_VLANs is blocked and those VLANs can no longer communicate. The example below sho ws 470F switches.

Using the 470 Switch

GARP VLAN Registration Protocol (GVRP)

Because tag-based (IEEE 802.1Q) VLANs can span across the network, it poses a challenge for network administrators to manage changes to the VLAN. The GARP VLAN Registration Protocol (GVRP) provides a dynamic mechanism for switches to share topology information and manage changes with other switches. This saves the network administrator from having to manually propagate VLAN configuration information across switches.

CHAPTER 2

Intel® NetStructure™ 470T and 470F Switches User Guide

GARP (Generic Attribute Registration Protocol) is defined by the IEEE

802.1D (1998 Edition) specification and is the mechanism used by switches and end nodes (servers, PCs, and so on) to propagate configuration across the network domain. GVRP uses GARP as a foundation to propagate VLAN configuration to other switches. Devices that support GVRP transmit their updates to a known multicast address that all GVRP-capable devices monitor for information updates.

Note

Dynamically created VLANs are not saved in the switch’s memory. If the device sending out the GVRP updates is removed, the dynamic VLAN is removed.

Sending GVRP messages between switches accomplishes the following tasks:

• Dynamically adds or removes a port from participating in a VLAN

• Sends updates about the switch’s own VLAN configuration to neighboring

GVRP-capable devices.

• Integrates dynamic and static VLAN configurations within the same switch. For devices that don’t support GVRP, static VLAN configurations are created by the user on the switch.

When the switch is running 802.1Q VLANs, Spanning Tree Protocol is enabled for GVRP to work properly .

Internet Group Management Pr otocol (IGMP)

Normally, multicast traffic is broadcast by the switch to all ports. For multicast traffic based on TCP/IP using the IGMP protocol, the switch can optimize the broadcasting of multicast traffic by forwarding multicast traffic only to ports that require it.

IGMP Snooping is a feature that allows the switch to forward multicast traffic intelligently. The switch “snoops” the IGMP query and report messages and forwards traffic only to the ports that request the multicast traffic. This prevents the switch from broadcasting the traffic to all ports and possibly affecting network performance.

IGMP Snooping requires a router that detects multicast groups on its subnets and keeps track of group membership.

Using Intel® Device

View

Overview

Intel® Device View allows you to manage Intel NetStructure™ 470T and 470F switches and other supported Intel networking devices on your network.

Intel Device View provides these features:

• The ability to configure new network devices

• A graphical device manager for Intel switches, hubs, and routers

• Autodiscovery, which finds supported Intel devices on the network

• The Device Tree, which shows all the supported devices detected on your network

• Support for Remote Monitoring (RMON)

• Web or Windows* platform

• Plug-in to HP OpenView*, IBM Tivoli* NetView*, and Intel LANDesk® Network Manager

• Other useful tools such as a TFTP server

CHAPTER 3

Intel® NetStructure™ 470T and 470F Switches User Guide

Installing Intel Device View

Before you install Intel Device View, make sure your PC meets the system requirements in the Intel® Device View User Guide, which is included on the Intel Device View CD-ROM.

To install Intel Device View

1 Insert the Intel Device View CD-ROM into your computer’s CD-ROM

drive. The Intel Device View installation screen appears. If it doesn’t appear, run autoplay.exe from the CD-ROM.

2 Choose the version of Intel Device View you want to install.

• To install Intel Device View for use on this PC only, click Install for Windows.

• To install Intel Device View on a Web server, click Install for Web. You can access the Device View server from any PC on your network with Internet Explorer* 4.0x or later.

• To install Intel network device support for HP OpenView, IBM Tivoli NetView, or Intel LANDesk Network Manager, click Install as Plug-in. This option is available if you have OpenView, NetView, or LANDesk Network Manager installed on the PC.

3 Follow the instructions in on the installation screens.

CHAPTER 3

NOTE

These are the requirements if you want to use the Web version of Device View :

Web browser

Internet Explorer 4.0 or later

Intel Device View

Starting Intel Device View

Install either the Windows or Web version of Intel Device View.

Windows* version

On your desktop, click Start and then point to Programs > Intel Device View > Intel Device View - Windows to go to the Intel Device View main screen.

Web version

• On your desktop, click Start and then point to Programs > Intel Device View > Intel Device View - Web to go to the Intel Device View main screen.

• To view Intel Device View from another PC on your network, type the following URL. In the following example, the URL is entered in the Address field for Internet Explorer.

http://servername/devview/main.htm

where servername is the IP address or name of the server where Intel Device View is installed.

Intel Device View’s main screen appears.

Intel

Device View

Web Server

IIS* 2.0 or later

Peer Web Services*

Netscape Enterprise* Web Server 3.01 or later

CHAPTER 3

Intel® NetStructure™ 470T and 470F Switches User Guide

Installing a New Switch

After you install a new switch on your network, you can use the Intel Device View Device Install Wizard to configure it for management.

To install and configure a new switch for management

1 Start Intel Device View. The Device Install Wizard appears. If it

doesn’t appear, click Install from the Device menu or double-click the appropriate MAC address in the Device Tree under Unconfigured Devices. (The MAC address is located on the rear of the switch.)

2 On the Device Install Wizard - Start screen, click Next. 3 On the Device Install Wizard - MAC Address screen, click the MAC

address of the new switch, and then click Next.

4 Follow the instructions in the wizard to assign an IP address and a name

to the switch.

Using the Device Tree

After you start Intel Device View, the Device Discovery service begins searching for supported Intel network devices on your network. As it discovers devices, the Device Discovery service adds an icon for each device to the Device Tree on the left side of the screen.

CHAPTER 3

Intel Device View

Different states of the 470 switches are represented by icons in the Device Tree.

Device Tree icons

Device Tree root Subnet Intel Switch (if non-responding the icon is red) Unconfigured Intel Switch Group of Intel Switches Intel Router Intel Switch (Layer 3 capable) Intel Stackable Hub

To expand the root or a subnet, click the (+) next to the icon. To collapse the view, click the (-) next to the icon. Double-click a device icon to view the device image.

To add a device to the Device Tree

Use this procedure if the device does not automatically appear after installation.

1 Right-click anywhere on the Device Tree. 2 On the menu that appears, click Add Device. 3 In the Add Device dialog box, type the IP address of the switch you

want to add.

4 Fill in the other fields, as appropriate. 5 Click OK.

The icon for the new switch appears in the Device Tree.

Intel

Device View

CHAPTER 3

Intel® NetStructure™ 470T and 470F Switches User Guide

To refresh the Device Tree

Refreshing the Device Tree updates it to show any newly discovered devices and changes in device status.

1 Right-click anywhere on the Device Tree. 2 On the menu that appears, click Refresh.

To delete a device from the Device Tree

1 Right-click the device you want to remove from the Device Tree. 2 On the menu that appears, click Delete.

Deleting a device from the Device Tree does not remove the device from the network.

To find a device in the Device Tree

1 On the Device Tree, right-click anywhere. 2 On the menu that appears, click Find. 3 In the Find Device dialog box, type the IP address of the device you

want to find in the tree.

4 Click OK.

The device icon is highlighted in the Device Tree.

Losing contact with a switch

If Intel Device View loses contact with a switch, the color of the switch icon changes to red, to indicated that the switch is not responding.

If the non-responding switch icon appears, you cannot manage the device in Intel Device View. If you’re unable to ping the device or start a Telnet session, try accessing the switch’s Local Management.

CHAPTER 3

Intel Device View

Managing a Switch

To manage a 470T or 470F switch, double-click the switch icon in the Device Tree. In the example following, the switch has been assigned an IP address of 124.123.122.3.

The 470 switch Web Device Manager appears in the Intel Device View window. For information about using the Web Device Manager, see Ch. 4.

Intel

Device View

For information about using Intel Device View, see the Help or the User Guide on the Intel Device View installation CD-ROM.

Viewing RMON Information

The Remote Monitoring (RMON) specification extends SNMP functionality to look at traffic patterns on the network instead of looking only at the traffic for an individual device. The following RMON groups are supported:

CHAPTER 3

Intel® NetStructure™ 470T and 470F Switches User Guide

• Group 1 (Statistics): Monitors utilization and error statistics for each

network segment (100Mbps or 1000Mbps).

• Group 2 (History): Records periodic statistical samples from variables

available in the statistics group.

• Group 3 (Alarms): Allows you to set a sampling interval and alarm

thresholds for statistics. When a threshold is passed, the switch creates an event. For example, you might set an alarm if utilization exceeds 30%.

• Group 9 (Events): Provides notification and tells the switch what to do

when an event occurs on the network. Events can send a trap to a receiving station or place an entry in the log table, or both. For example, when the switch experiences an RMON Event, it sends out an alarm.

The switch also keeps a log that shows a list of the RMON Events and RMON Alarms that ha ve occurred on the switch.

To view RMON statistics

1 In the Device Tree, right-click the switch’s icon, and then point to RMON. 2 Click the RMON option you want to view.

You can also access RMON features using LANDesk Network Manager, or an SNMP application that supports RMON such as HP OpenView or IBM Tivoli NetView. F or more information about using RMON to monitor the switch, see the Intel Device View Help.

Using the Web

NOTE

You can use Internet Explorer* or Navigator* to access the Web Device Manager.

Device Manager

Overview

With the Web Device Manager, which is built into the Intel® NetStructure™ 470T and 470F Switches, you can use a Web browser to manage and monitor the switch. For example, you can use the Web Device Manager to configure the switch or individual ports, or to monitor traffic statistics and utilization.

For more information about using this interface, see the Web Device Manager Help.

CHAPTER 4

Intel® NetStructure™ 470T and 470F Switches User Guide

Accessing the Web Device Manager

1 In the Location or Address field of your Web browser type the IP

address of the switch. For example, to use the default IP address of the switch, type 192.0.2.1 and then press Enter.

NOTE

The default IP address for the switch is 192.0.2.1. To access the switch with the default IP address, your workstation must be on the 192.0.2.0 subnet.

Or, you can connect to the switch using Local Management (through the serial port) and set an IP address that is on your network. Then you can access the Web Device Manager using the new IP address.

2 When prompted, type your user name and password. By default, no

user name or password is assigned. If you previously set a user name and password using Local Management, enter them here.

3 Click OK. The Web Device Manager window appears in your Web

browser.

Navigating the Web Device Manager

1 On the left side of the Web Device Manager window, click a menu item

(such as Configure Device) to show the available options.

CHAPTER 4

Click a menu to view available options.

Using the Web Device Manager

2 In the menu, click an option. The corresponding screen appears on the

right side of your Web Device Manager window.

470F

470T

3 To hide the options, click the menu item again.

Using Management Screens

After you select an option from the navigation menu, the corresponding screen appears on the right side of the Web Device Manager window.

Switch faceplate graphic

A graphical representation of the switch’s faceplate appears at the top of the screen.

Web Device Manager

CHAPTER 4

Intel® NetStructure™ 470T and 470F Switches User Guide

If the option you selected allows you to configure or monitor a specific port, you can change to another port by clicking it on the faceplate graphic.

Port color on the faceplate graphic indicates the status of the port.

Port Color Meaning

Blue Port has a link at 1000Mbps. Green Port has a link at 100Mbps. Magenta outline Ports are in a link aggregation. Orange Port is disabled. Gray No link.

Buttons

Each configuration screen includes four buttons on the bottom of the screen.

Button Function

Submit Applies the configuration settings on the current screen.

Note: If you do not save the settings to the switch’s flash memory your changes are lost when the switch is rebooted.

Reset Clears any changes you made on the current screen and

restores the currently applied settings.

Default Applies factory defaults for this screen’s settings. When

you log out, you can permanently save the new settings to the switch. Otherwise, they are lost upon the next reboot.

Help Displays Help for the current screen.

CHAPTER 4

NOTE

If you change the flow control or IP settings, you must reboot the switch before the new settings can take effect.

Using the Web Device Manager

Configuring the Switch’s IP Settings

Note: You must select Manual in the IP Assignment Method box before you can change the IP settings.

1 Click the Configure Device menu, and then click IP Settings. The IP

Settings screen appears on the right side of the Web Device Manager window.

2 To manually configure the IP settings, select Manual in the IP

Assignment Method box.

3 Under “Change,” type the new IP address, subnet mask, and default

gateway. If you set up tag-based (IEEE 802.1Q) VLANs on the switch, you can specify the VLAN where the switch’s SNMP management agent resides.

4 To apply the changes, click Submit. 5 Click Save and Reboot for the new settings to take effect. Rebooting the

switch temporarily interrupts network connectivity to the switch. Click Reboot Later if you want to reboot the switch later. The new IP settings do not take effect until the switch reboots.

Web Device Manager

CHAPTER 4

Intel® NetStructure™ 470T and 470F Switches User Guide

Configuring a Port

You can use the Web Device Manager to enable or disable a port, and to change its speed, duplex, flow control, and priority settings.

To change port settings

1 Click the Configure Device menu, and then click Port Settings. To

access the Port Settings for a port, click the port you want to configure on the faceplate graphic.

NOTE

If you change the flow control or IP settings, you must reboot the switch before the new settings can take effect.

2 In the boxes, click the options you want to change:

• Port State lets you enable or disable the port.

• Speed/Duplex lets you set port speed and duplex.

• Flow Control lets you enable or disable flow control.

• Priority Queue (802.1p) lets you set the switch priority queue for

packets sent or received on this port.

3 Click Submit.

CHAPTER 4

NOTE

The accounts and passwords you create with the Web Device Manager are the same accounts used to access Local Management.

Using the Web Device Manager

Managing User Accounts

Create user accounts to give specific users read or write access to the switch through the Web Device Manager and Local Management. You can create a maximum of three accounts on the switch.

To create a user account

1 Click the Configure Management menu and then click User Accounts.

The first account you create must be an administrator.

2 Click Add.

3 In the User Name box, type a user name.

The username can be up to 15 characters long and is case sensitive.

4 In the Password box, type a password.

The password can be up to 15 characters long and is case sensitive. Asterisks (*) appear in the box as you type the password.

5 In the Confirm Password box, type the same password.

Web Device Manager

CHAPTER 4

Intel® NetStructure™ 470T and 470F Switches User Guide

6 In the Access Level box, click an access level. An administrator can

view all settings and make configuration changes. A user can only view settings.

7 Click Submit.

To delete a user account

1 Click the Configure Management menu, and then click User Accounts. 2 In the User Accounts box, click the account you want to delete. 3 Click Delete.

If you delete the account you used to log in for this session, you can continue to use that account until you log out. If you delete the only user account on the switch, log in again using the default of no user name and no password.

CHAPTER 4

Using the Web Device Manager

Configuring VLANs

VLANs provide a way to create a logical network grouping without regard to physical location of the network nodes.

For more information about VLANs, see “Virtual LANs” in Chapter 2. There are two main steps to set up a VLAN with the Web Device Manager:

• Set the switch’s VLAN operation mode.

• Configure the type of VLAN you selected.

NOTE

You can only have one operation mode active on the switch at a time.

To set the switch’s VLAN operation mode

1 Click the Configure VLAN menu, and then click VLAN Operation

Mode.

2 In the Current VLAN mode box, click the type of VLAN to set up.

3 Click Submit. 4 The switch automatically reboots. The 470 switches are rebooted

whenever you change their VLAN operation mode. After the switch reboots, you can configure the type of VLAN that you

selected.

Web Device Manager

CHAPTER 4

Intel® NetStructure™ 470T and 470F Switches User Guide

Port-based VLAN

You configure a port-based VLAN by creating the VLAN and then adding participating ports. The switch can support up to four port-based VLANs. However a port can be a member of only one VLAN; port-based VLANs cannot overlap.

To configure a port-based VLAN

1 Click the Configure VLAN menu, and then click Port-based VLAN. 2 Click Add to create a new VLAN, or select a VLAN and click Edit to

change its configuration.

3 If you are creating a new VLAN, type a name in the VLAN Name box. 4 In the Available Ports box, click a port to add to the VLAN, and then

click Add.

5 When you finish adding ports, click Submit.

CHAPTER 4

NOTE

When creating a VLAN that includes ports on more than one switch, set the same VID on each switch.

Using the Web Device Manager

Tag-based VLAN

You configure a tag-based VLAN by configuring port membership and ingress/egress rules. Note: If some of your devices don’t support 802.1Q tags, additional configuration may be necessary.

To configure a tag-based (IEEE 802.1Q) VLAN

1 Create a VLAN and assign member ports.

• Click the Configure VLAN menu, and then click Tag-based (IEEE

802.1Q) VLAN.

• From the main Tag-based VLAN page, click Add to create a new

VLAN. To modify an existing VLAN, click the VLAN name, and click Modify.

• If you are creating a new VLAN, type a name and VID (from 2 to

4094) to identify it.

• To configure membership of a port to a VLAN, click the port in the

Available ports box and click Add. To remove a port, click the port in the Member ports box and click Remove.

• The switch supports a maximum of 12 IGMP Snooping sessions to

manage broadcast traffic. If you want the VLAN to be part of an IGMP Snooping session, select the Enable IGMP Snooping check box.

• When you finish adding ports, click Next.

Web Device Manager

CHAPTER 4

Intel® NetStructure™ 470T and 470F Switches User Guide

2 Configure ports for egress (outbound) tagging.

• Ensure that the VLAN Name field displays the name of the port you are configuring.

• For each of the VLANs ports select Tag or Untag. This determines whether or not the system will remove (untag) tags before sending traffic out of each port.

3 Configure ports for handling untagged traffic.

• On the main Tag-based VLAN page, click Port Settings.

• On the Port Settings screen you can set port-specific behaviors for

processing VLAN traffic. To configure a specific port, click it on the faceplate graphic. To configure the same setting across all ports, click Configure All Ports.

CHAPTER 4

Using the Web Device Manager

Options include:

• Default Port VID: Sets the PVID to be assigned to untagged traffic

on a given port. For example, if port 7’s default PVID is 100, all untagged packets on port 7 belong to VLAN 100. The default setting for all ports is VID 1.

• GVRP: Allows automatic VLAN configuration between the switch

and nodes.

• Ingress Filtering: Allows frames belonging to a specific VLAN to

be forwarded if the port belongs to the same VLAN. Disabling this setting will cause all frames to be forwarded, regardless of the port's VLAN membership.

4 When you finish changing the settings, click Submit.

Web Device Manager

CHAPTER 4

Intel® NetStructure™ 470T and 470F Switches User Guide

Protocol-based VLAN

You configure a protocol-based VLAN by creating the VLAN and then adding participating ports. The switch supports up to three protocol-based VLANs: IP, IPX, and NetBEUI. However, each port can be a member of only one VLAN; protocol-based VLANs cannot overlap.

To configure a protocol-based VLAN

1 Click the Configure VLAN menu, and then click Protocol-based

VLAN.

2 Click Add to create a new VLAN, or select an existing VLAN and click

Edit to change its configuration.

3 If you are creating a new VLAN, type a name in the VLAN Name box

and select a protocol from the Protocol list.

4 In the Available Ports box, click a port to add to the VLAN, and then

click Add.

5 When you finish adding ports, click Done.

CHAPTER 4

NOTE

When configuring link aggregation between two 470 switches, you must connect anchor port to anchor port, and member port to member port.

Using the Web Device Manager

Link Aggregation

On the Web Device Manager’s switch faceplate graphic, a link aggregation is shown with its ports outlined in magenta (pink).

To create a link aggregation

1 Click the Configure Device menu, and then click Link Aggregation.

NOTE

Connectivity is momentarily interrupted when you submit changes.

2 Choose the anchor port. Anchor ports are listed by port number in the

left column.

3 In the Port Width box, click the number of ports (including the anchor

port) to include in the link aggregation.

4 In the Aggregation Group Name box, type a name for the aggregation. 5 Click Enable to activate the group. 6 Click Submit.

Static MAC Addresses

The switch has a MAC address table that stores all the MAC addresses that it learns from the network. The switch refers to this table forwarding traffic to specific ports, so it does not broadcast traffic to every port.

There are two ways to add addresses to the MAC address table:

• The switch can learn addresses from the network and add them dynamically. Dynamic entries remain in the table only while the associated node is active, and are deleted if the node is inactive for longer than a certain period of time (age-out time).

Web Device Manager

CHAPTER 4

Intel® NetStructure™ 470T and 470F Switches User Guide

• You can manually add MAC addresses to the table. These are called static addresses, because they remain in the table until you remove them, even if the associated node is inactive or removed from the network. Performance and security issues are two reasons for adding static addresses.

To add a static MAC address to the address table

1 Click the Configure Device menu, and then click Forwarding and

Filtering.

2 Click Static MAC Addresses. 3 Click Add.

NOTE

To view the switch’s address table, click the Monitor menu, click Advanced, and then click MAC Address Table.

4 In the MAC Address box, type the MAC address of a device on the

network. Do not include hyphens.

5 In the Port Number box, click a port number. 6 If port-based or tag-based (IEEE 802.1Q) VLANs are set up on the

switch, static MAC addresses are associated with specific VLANs. Type the VLAN name (port-based VLANs) or VID (tag-based VLANs) to associate with the MAC address.

7 Click Add.

CHAPTER 4

Using the Web Device Manager

Setting Up Priority Tagging

With priority tagging, you can specify a priority value for traffic based on MAC source or destination addresses. For example, you could tag all packets from computer A with a priority of 7 (high).

When you define priority tagging, you can specify a priority value from 0 (low) to 7 (high). Traffic with a priority value of 0–3 is routed through the switch’s low priority queue. Traffic with a priority value of 4–7 is routed through the switch’s high priority queue.

You can define up to 12 MAC addresses for priority tagging.

To set up priority tagging

1 Click the Configure Device menu, and then click Priority Tagging. 2 Click Add. 3 Select source or destination as the criteria for the tagged traffic.

4 Type the source or destination MAC address. 5 Select a priority value.

Traffic tagged with priority values 0–3 is routed through the switch’s low priority queue. Traffic tagged with priority values 4–7 is routed through the switch’s high priority queue.

6 In the State box, click Enabled to enable priority tagging for the traffic

pattern.

7 Click Done when you are finished.

Web Device Manager

CHAPTER 4

Intel® NetStructure™ 470T and 470F Switches User Guide

Configuring Community Strings and

NOTE

These are the traps supported by the switch:

• Power to the switch was cycled or reset.

• Link, speed, or other status changes on a port.

• Authentication failure.

Trap Receivers

A trap receiver is a computer on the network that is running an SNMP management application and receives messages sent by the switch. For example, the switch can send a trap to the trap receiver when it detects a change in port speed.

To specify a trap receiver

1 Click the Configure Management menu, and then click Community

Strings and Traps.

2 In the IP Address box, type the IP address of the computer you want to

use as a trap receiver. You can specify up to four trap receivers.

3 In the Status box, click Enabled. 4 In the Community String box, type the trap receiver’s SNMP

application community string.

5 Click Submit.

CHAPTER 4

Using the Web Device Manager

Monitoring Switch Activity

With the Web Device Manager you can view traffic, utilization, and error statistics for the switch and for individual ports. For more information on statistics, see “Port Traffic Statistics,” “Port Error Statistics,” and “Packet Analysis” in Chapter 5.

To view port statistics

1 Click the Monitor menu, and then click Port Statistics. 2 From the row of options below the page heading, click the option you

want to view:

• Traffic

• Utilization Graph

• Errors

• Packet Analysis

Web Device Manager

CHAPTER 4

Intel® NetStructure™ 470T and 470F Switches User Guide

Viewing/Changing Switch Information

You can view general information about the switch, such as its MAC address, firmware version, name, location, and contact person. Some of these fields can be updated, others are view-only.

To view and configure switch settings

1 Click the Configure Device menu, and then click Switch Settings.

2 In the Switch Name , Location, and Contact boxes you can provide

additional information about the switch. You can type up to 40 characters in each field. After modifying the settings, click Submit.

CHAPTER 4

Using the Web Device Manager

Updating Switch Firmware

On the Update Firmware screen you can set up the switch to update its firmware from a TFTP server. If you do not have a TFTP server set up on your network, you can install the TFTP server software by installing Intel Device View.

After downoading the firmware from the TFTP server, the switch automatically restarts. The actual firmware update occurs while the switch is rebooting.

To update the switch’s firmware

1 Click the Reset and Update menu, and then click Update Firmware.

2 Select a mode from the Update Mode box.

• If the switch uses a network connection for downloading the new firmware file from a TFTP server, click Network.

• If the switch uses a SLIP connection (for example, a serial port) for downloading the new firmware file, click SLIP.

3 In the TFTP Server Address box, type the IP address of the server that

hosts the file.

4 In the Firmware Update box, click Enabled.

Web Device Manager

CHAPTER 4

Intel® NetStructure™ 470T and 470F Switches User Guide

5 In the File Name box, type the name of the firmware file. 6 Click Submit.

The switch automatically reboots.

The next time the switch reboots it downloads and installs the new firmware during the boot process. If you want to view this process, you must use a terminal program and connect to the switch through the serial port.

Saving Configuration Changes and Logging Out

Each time you make configuration changes using the Web Device Manager, the switch immediately uses the new settings. However, when you log out of the Web Device Manager, you’ll be prompted to save the current configuration settings.

If you do not save the new configuration settings to the switch’s flash memory, the settings are lost upon the next switch reboot.

To save changes and log out

1 Click Log Out from the menu.

2 Click Save Now to save the current configuration settings. The Web

browser window closes and you are successfully logged off of the Web Device Manager.

If you click Do Not Save, all current configuration settings are lost the next time the switch is rebooted.

CHAPTER 5

Using Local Management

Local Management

Using Local

Management

Overview

Another way to configure the switch is through the Local Management interface. Local Management provides the same functionality as the Web Device Manager using a text-based interface.

Accessing Management

You can access Local Management in two different ways: by connecting directly to the switch’s serial port, or through a Telnet session (using an assigned IP address or the default of 192.0.2.1).

To use the serial port

1 Use the enclosed null modem cable to connect the serial port of your PC

to the serial port of the switch.

2 Start a terminal emulation program (such as HyperTerminal* or

Symantec Procomm Plus* in Windows* 98). Use these communication parameters:

• 9600 baud • 1 stop bit

• 8 data bits • No flow control

• No parity

NOTE

You use the same user name and password to log in to Web Device Manager and Local Management.

3 Press E to connect to the Local Management. 4 Log on to Local Management. By default, no password or username is

assigned. To assign them, see the section titled “Administer User Accounts” in this chapter.

CHAPTER 5

Intel® NetStructure™ 470T and 470F Switches User Guide

To useTelnet

1 Open a Telnet application. In Windows 98 or Windows NT*, select

Run from the Start Menu, and then type telnet and press E.

2 On the Terminal menu, select Preferences. Make sure the emulation

type is VT-100/ANSI and that VT100 arrows are enabled.

3 On the Connect menu, select Remote System. Enter the IP address of

the switch and click Connect.

4 Log on to Local Management. By default, no password or user name is

assigned. To assign them, see the section titled “Administer User Accounts” in this chapter.

Logon Screen

Description

By default, no username or password is assigned to the switch. Press E twice to log on to the Local Manager. Usernames and passwords can consist of any characters and can be up to 15 characters long. Remember that usernames and passwords are also case sensitive.

CHAPTER 5

Help text at the bottom of the screen provides information on the selected item.

Using Local Management

Local Management

Navigation

The console menus provide a basic interface for configuring switch options. For navigation tips, see the text below the graphic.

Screen Legend

Use the W Z A S keys or the T and b keys to move between screen fields. If you are running HyperTerminal in Windows 2000, use the Tab key rather than the arrow keys to move between fields.

<Manual> Angle brackets indicate a toggle field. Use the

z to toggle selections within the field. In this example, the options change between Manual, DHCP, and BOOTP.

[255.255.255.0] Brackets indicate an input field. Use the arrow keys to

select the field and type the required information. By default, Local Management is in overstrike mode, which means it replaces existing characters as you type.

SUBMIT Any word in all caps is a button. Use the T key

or the W Z A S keys to select it and press E to use it.

CHAPTER 5

Intel® NetStructure™ 470T and 470F Switches User Guide

Main Menu (Top Screen)

Description

LOCATION

To return to the Main Menu at any time, press c T.

The Main Menu is the starting point for all other Local Management screens. Use the W Z arrow keys to select an option, and then press E to display the screen.

Configure device: Accesses menus to assign an IP address to the switch, change port settings, or configure advanced switch settings.

Configure management: Sets SNMP traps and trap monitoring stations, administers user accounts, or updates the switch’s firmware.

Configure VLAN: Sets up and administers VLANs on the switch. Monitoring: Accesses menus to monitor traffic and activity at the port or

switch level. These menus also provide information on network errors and collisions.

Tools: Displays the switch Trap/Event log, pings devices to check connectivity, or saves the current switch configuration to an image file on a server.

SAVE SETTINGS: Saves configuration changes to the switch’s flash memory. Any changes not saved to memory are lost on the next reboot.

LOGOUT: Returns to the logon screen.

CHAPTER 5

Using Local Management

Local Management

Configure Device

Description

LOCATION

Main Menu

Configure Device

IP settings: Configures the switch’s IP address, subnet mask, and default gateway, or enables BOOTP.

Port settings: Enables and disables ports, configures port speed, duplex, flow control, and priority.

GBIC port settings (470T only): Enables and disables ports, configures port speed, duplex, flow control, and priority.

Priority tagging: Sets priority values for traffic based on source or destination MAC addresses.

Switch settings: Sets switch identification, location, and contact information, and configures some advanced switch settings.

Spanning Tree Protocol: Configures spanning tree for the entire switch or individual ports.

Forwarding and filtering: Adds or removes entries, locks the switch’s address table, enables IGMP snooping, and sets filters for specific MAC addresses.

Port mirroring: Sends a copy of data from one port to another for monitoring and troubleshooting purposes.

Link aggregation: Combines ports on the switch to increase bandwidth. Broadcast storm control: Configures ports to drop excessive broadcast

traffic before it floods the network.

CHAPTER 5

Intel® NetStructure™ 470T and 470F Switches User Guide

IP Settings

Description

LOCATION

Main Menu

Configure Device

IP Settings

NOTE

The default IP address for the switch is 192.0.2.1

Default VLAN for SNMP agent

Port-based: DEFAULT_VLAN tag-based (802.1Q-based):

VID=1

Switch MAC address: Displays the unique hardware address assigned by Intel.

Current Settings: Displays the switch’s current IP configuration. New settings: Assigns a new IP configuration to the switch.

Assign IP: Indicates if the switch uses a BOOTP or DHCP server to

obtain an IP address dynamically, or if you assign an address manually. IP address: Displays the IP configuration used by the switch. Use the

IP address shown here to access the switch through Telnet or a ping test.

Subnet mask: Matches the mask for other devices on the network. Default gateway: Displays the IP address of the device that routes to

different networks—typically, a router or routing server. Set this option to manage the switch remotely.

VLAN or VLAN ID (port-based or tag-based VLANs only): Specifies a VLAN where the switch’s SNMP management agent will reside. This option appears only when port-based and tag-based (IEEE 802.1Q) VLANs are active on the switch.

SUBMIT: Submits the changes and returns to the Configure Device screen. You must save the changes to the switch’s flash memory (from the Save Settings menu) and then reboot the switch for the new IP settings to take effect.

CHAPTER 5

Using Local Management

Local Management

Port Settings

Description

LOCATION

Main Menu

Configure Device

Port Settings

Configure ports: Selects a range of ports to configure (press z). State: Disables or enables ports (press z). Speed/Duplex: Changes the speed and duplex of the port (press z).

You can set the port to auto-negotiate speed, or to 100Mbps or 1000Mbps at half-duplex or full-duplex. This field is view-only for the 470F.

Flow Ctrl (Control): Enables or disables flow control (press z). This option is view-only if auto-negotiate is selected for Speed/Duplex.

Priority: Changes the settings (press z). The <Frame> setting reads the packet’s 802.1p priority tag and handles it accordingly. The <Normal> or <High > settings force the packet into one of two priority queues. Forcing a packet into a queue does not retag the packet.

Link: Indicates the port’s current link status:

--: Indicates no device link or port is disabled. 100M/1000M: Indicates the port’s speed (470T only). Full/Half: Indicates a device is connected at full-duplex or half-duplex. IEEE/BackP: Indicates the type of flow control, either IEEE PAUSE

frames or backpressure.

Partitioned: Indicates the port was disabled due to a partition error. Source mirror/Target mirror: Indicates the port being mirrored and

where the data is being sent.

CHAPTER 5

Intel® NetStructure™ 470T and 470F Switches User Guide

Flow Control

During times of heavy network activity, the switch’s port buffers can receive too much traffic and fill up faster than the switch can send the information. In cases like this, the switch tells the transmitting device to wait so the information in the buffer can be sent. This intervention is called flow control.

The method of flow control depends on whether the ports are set to fullduplex or half-duplex. If a port is operating at half-duplex, the switch sends a collision which causes the transmitting device to wait. If the port operates at full-duplex, the switch sends out an 802.3x PAUSE frame. You can enable or disable flow control for each port on the NetStructure™ 470 switches.

Priority

IEEE 802.1p is part of a new standard for tagging, or adding additional information (4 bytes) to packets to indicate a priority level. When these packets are sent out on the network, the higher priority packets are transferred first. Priority packet tagging (also known as Traffic Class Expediting) is usually set at the adapter and works with other elements of the network (switches, routers) to deliver priority packets first. 802.1p tagging consists of eight levels from 0 (low) to 7 (high).

The NetStructure™ 470 switches have the ability to read IEEE 802.1p priority tags and forward traffic on a per port basis. Each switch has two priority queues and routes traffic to a queue depending on the packet’s tag. For example, when a packet comes into the switch with a high priority tag, the switch routes the packet to its high-priority queue.

Even though there are eight priority levels, the switch can only route a packet into one of the two queues. The switch maps levels 0-3 to the low queue and levels 4-7 to the high queue. If a packet is untagged, the switch determines the best way to send the packet.

CHAPTER 5

Using Local Management

Local Management

Configure GBIC Ports (470T only)

Description

LOCATION

Main Menu

Configure Device

Configure GBIC Ports

Port 7- and 8-GBIC: Displays the type of GBIC installed on the switch. State: Disables or enables ports (press z). Speed/Duplex: The GBIC ports operate at 1000Mbps/full-duplex only;

this is a view-only field.

Flow Control: Enables or disables flow control (press z). Priority: Changes the settings (press z). <Frame> reads the

packet’s 802.1 priority tag and handles it accordingly. <Normal> or <High> forces the packet into one of two priority queues. Forcing a packet into a queue does not retag the packet.

Link: Indicates the port’s current link status:

--: Indicates no device link or port is disabled. 1000M: Indicates the port’s speed. Full: Indicates a device is connected at full-duplex. IEEE/BackP: Indicates the type of flow control, either IEEE PAUSE

frames or backpressure.

Partitioned: Indicates port was disabled due to a partition error. Source mirror/Target mirror: Indicates the port being mirrored and

where the data is being sent to.

CHAPTER 5

Intel® NetStructure™ 470T and 470F Switches User Guide

Priority Tagging

Description

LOCATION

Main Menu

Configure Device

Priority Tagging

With priority tagging, you can specify a priority value for traffic based on MAC source or destination addresses. For example, you could tag all packets from computer A with a priority of 7 (high).

When you define priority tagging, you can specify a priority value from 0 (low) to 7 (high). Traffic with a priority value of 0 - 3 is routed through the switch’s low priority queue. Traffic with a priority value of 4 - 7 is routed through the switch’s high priority queue.

Tag traffic: Select source or destination as the criteria for tagged traffic. Enter MAC: Type the source or destination MAC address of traffic to tag

with a priority value. VLAN ID: If the device whose MAC address you are adding to the list is a

member of a VLAN, type the VLAN ID here. Priority level: Toggle to the desired priority level. Traffic with a priority

of 0–3 is routed through the low priority queue; 4–7 is routed through the high priority queue.

ADD or DELETE: Adds or deletes the specified MAC address.

CHAPTER 5

Using Local Management

Local Management

Switch Settings

Description

LOCATION

Main Menu

Configure Device

Switch Settings

NOTE

Write down both the firmware version and Boot PROM version in case you need to contact Intel Customer Support.

Name: Assigns a name to the switch, up to 40 characters long. Location: Assigns a location to the switch, up to 40 characters long. Contact: Assigns a contact person or phone number to the switch, up to 40

characters long.

Device type: Displays the manufacturer-assigned type of switch. Description: Displays description of switch. Port 7- and 8-GBIC: Displays the type of GBIC detected, if applicable. MAC address: Displays the unique hardware address assigned by Intel. Boot PROM version: Displays the version of the switch’s boot code.

Firmware version: Displays the version of the firmware installed on the switch. You can update this software through the Update Firmware and Configuration Files screen.

Serial number: Displays the hardware serial number for the switch. Hardware revision: Displays the version of the switch’s PCB. CONFIGURE ADVANCED SETTINGS: Sets advanced switch settings

such as port auto-partition and Head of Line blocking.

CHAPTER 5

Intel® NetStructure™ 470T and 470F Switches User Guide

Configure Advanced Switch Settings

Description

LOCATION

Main Menu

Configure Device

Switch Settings

Configure Advanced...

Head of Line (HOL) blocking prevention: If this option is enabled it prevents the forwarding of data to a port that is blocked. Normally, when the switch sends traffic out from a port, the data goes to the port’s transmit queue and then is sent out. If the port’s transmit queue is already busy trying to send out data the switch places the waiting traffic in the buffer memory until the port is ready to send it out.

However, if the port’s transmit queue remains full, the switch fills up more of the buffer with traffic waiting to be sent on that port. HOL blocking works on the assumption that it is better to drop the traffic waiting in the buffer than to continue using more memory and impacting performance across all the ports.

High-priority packet service ratio: This option lets you determine how many high-priority packets are sent out by the switch before sending a lowpriority packet. For example, a ratio of 8 high:1 low means that the switch will send out eight high-priority packets before sending out one lowpriority packet.

CHAPTER 5

Using Local Management

Local Management

Configure Spanning Tree Protocol

Description

LOCATION

Main Menu

Configure Device

Spanning Tree Protocol

The IEEE 802.1D Spanning Tree Protocol specification prevents loops in a network by allowing only one active path between any two network devices at a time.

Spanning Tree status: Enables or disables (press z) support for the Spanning Tree Protocol, where the entire switch is a bridge for which you can set spanning tree parameters. (Note: If you are running 802.1Q VLANs, spanning tree is turned on automatically by the switch.)

Topology changes: Displays the number of times the spanning tree has changed its configuration.

Time since change: Displays the elapsed time (since the last switch reboot) since the spanning tree last changed its topology (the paths used to get through the network).

Root MAC address, Root path cost, Root port: Display information used by the root bridge in the same spanning tree as the switch.

Switch priority: Determines priority. Type a number from 0 to 65535 (default is 32768). The device with the lowest number becomes the root device (starting point for the spanning tree).

CHAPTER 5

Intel® NetStructure™ 470T and 470F Switches User Guide

Hello time: Displays the time between transmissions of configuration BPDUs (Bridge Protocol Data Units) when the switch is, or is attempting to become, the root in the spanning tree. Type a number from 1 to 10 seconds (default is 2 seconds).

Max age: Displays the maximum time that information from a configuration BPDU is used by the switch before it is discarded. Type a number from 6 to 40 seconds (default is 20 seconds).

Forward delay: Displays the amount of time between port states when the spanning tree is changing its status from blocking to forwarding. Type a number from 4 to 30 seconds (default is 15 seconds).

CONFIGURE SPANNING TREE FOR PORTS: Takes you to the screen where you can set spanning tree values for individual ports.

CHAPTER 5

Using Local Management

Local Management

Configure Spanning Tree for Ports

Description

LOCATION

Main Menu

Configure Device

Spanning Tree Protocol

Configure STP for Ports

Port: Identifies port numbers; select the port you want to configure for spanning tree.

STP State: Enables or disables each port to be active in the spanning tree (press z).

Cost: Forwards information to spanning tree, which determines alternate routes in the network to forward traffic. Type a number from 1 to 65535 (default is 10). The higher the cost of a port, the lower the chance of this port being used to forward traffic. When possible, assign a port a low cost if it is connected to a fast network segment.

Priority: Sets the port’s priority in the spanning tree. Type a number from 0 to 65535. The higher the value, the lower the chance of this port being used as the root port. If two ports on the switch have the same priority value, the spanning tree uses the port with the lowest number. For example, the spanning tree would choose port 1 over port 4 if they both had the same priority setting. The default for this field is 128.

CHAPTER 5

Intel® NetStructure™ 470T and 470F Switches User Guide

Forwarding and Filtering

Description

LOCATION

Main Menu

Configure Device

Forwarding and Filtering

Lock address table: Determines if the table learns new MAC addresses (press z). <Yes> prevents the switch from learning new MAC addresses. Any existing addresses that the switch has learned remain in the address table.

MAC address aging: Sets the time period (in seconds) at which the switch scans its MAC address table to determine the age of entries.

Configure IGMP snooping: Sets Internet Group Management Protocols (IGMP) options for multimedia applications, such as desktop video conferencing, that use IP multicast addresses.

Configure permanent MAC addresses: Allows permanent mapping between a network device and a port.

Configure port security: Configures the switch to only allow the transmission of authorized traffic over a particular port(s).

Configure MAC address filtering: Allows the switch to drop traffic based on MAC source or destination addresses.

Configure Ethernet multicast filtering: Blocks or forwards traffic over each port for Ethernet (MAC-based) multicast groups.

CHAPTER 5

Using Local Management

Local Management

Configure IGMP Snooping

Description

LOCATION

Main Menu

Configure Device

Forwarding and Filtering

IGMP Snooping

IGMP snooping (Internet Group Management Protocol) allows the switch to forward multicast traffic intelligently. The switch “snoops” the IGMP query and report messages and forwards traffic only to the ports that request the multicast traffic. This prevents the switch from broadcasting the traffic to all ports and possibly affecting network performance.

IGMP requires a router that learns about the presence of multicast groups on its subnets and keeps track of group membership. Note: Multicasting is not connection oriented, so data is delivered to the requesting hosts on a best-effort level of service.

VLAN Name (port-based or tag-based VLANs only): Displays the VLAN for which IGMP snooping is enabled. You can also enable IGMP snooping for a VLAN on the Create an 802.1Q VLAN screen.

IGMP Snooping state: Enables or disables IGMP Snooping (press z).

IGMP Snooping age-out timer: Indicates the amount of time (in seconds) the switch waits to receive IGMP queries. The default time is 300 seconds. A query allows the server to determine which network hosts are (or want to be) part of the IP multicast group, and are configured and ready to receive traffic for the given application.

CHAPTER 5

Intel® NetStructure™ 470T and 470F Switches User Guide

Configure Static MAC Addresses

Description

LOCATION

Main Menu

Configure Device

Forwarding and Filtering

Configure Static...

NOTE

If tag-based or port-based VLANs are currently active, you must assign each static MAC address to a specific VLAN.

Static MAC addresses are MAC addresses that remain in the switch’s address table, whether or not the device is physically connected to the switch. After you define a static MAC address, it remains in the switch’s address table until you remove it.

Enter MAC: Indicates the MAC address you want to permanently add to the address table.

VLAN or VLAN ID: Indicates VLAN or VLAN ID. When VLANs are active on the switch you can define static MAC addresses for each VLAN. If port-based VLANs are active press z to select a VLAN. If tagbased VLANs are active, type the VLAN ID that the static MAC address will be assigned.

Select port: Selects a port on the switch to which the switch forwards traffic (press z).

ADD/DELETE: Adds or removes a MAC address from the switch’s table.

CHAPTER 5

Using Local Management

Local Management

Configure Port Security

Description

LOCATION

Main Menu

Configure Device

Forwarding and Filtering

Configure Port Security

NOTE

You must first configure port security before configuring a static MAC address.

If you locked the address table on the Forwarding and Filtering screen, you must return to the screen and unlock the table before making changes on the Port Security screen.

Port security prevents unauthorized access of a port by “securing” a list of specific MAC addresses to a port. If the switch sees a MAC address that is not on the secured list, it discards the packet.

To set port security from Local Management

1 On the Configure Device screen, select Forwarding and Filtering. 2 Select Configure Port Security.

3 Select a port you want to secure. Press z in the Learning field to

disable the port’s ability to learn new MAC addresses.

4 Press q to move up a level, and then select the Configure Static

MAC Addresses screen.

5 Define a list of MAC addresses and assign them to the same port you

secured in the Port Security screen.

To turn off port security

1 On the Configure Device screen, select Forwarding and Filtering. Select

Configure Port Security.

2 Select the port on which you want to disable security. Press z in

the Learning field to disable security and enable the port to learn new MAC addresses.

CHAPTER 5

Intel® NetStructure™ 470T and 470F Switches User Guide

Configure MAC Address Filtering

Description

LOCATION

Main Menu

Configure Device

Forwarding and Filtering

MAC Address Filtering

NOTE

If tag-based (IEEE 802.1Q) or port-based VLANs are currently active and you want to enable MAC address filtering, you must assign each MAC address filter to a specific VLAN.

MAC address filtering allows the switch to drop unwanted packets. The switch drop a packet when it sees the specified MAC address in either the source address or destination address. For example, if your network is congested because of high utilization from a specific MAC address, you can filter all packets transmitted from that address and restore network flow while you troubleshoot the problem.

Enter MAC: Indicates the MAC address you want to filter. VLAN/VLAN ID: Indicates VLAN or VLAN ID. If VLANs are active on

the switch, you can set MAC address filtering on a per VLAN basis. For port-based VLANs, press z to select the name of the VLAN. For tag-based VLANs, type the VLAN ID.

ADD/DELETE: Adds or removes a MAC address from the switch’s table.

CHAPTER 5

Using Local Management

Local Management

Configure Ethernet Multicast Filtering

Description

LOCATION

Main Menu

Configure Device

Forwarding and Filtering

Configure Ethernet...

NOTE

If tag-based (IEEE 802.1Q) or port-based VLANs are currently active and you want to enable MAC address filtering, you must assign each multicast filter to a specific VLAN.

You can use Ethernet multicast filters to define which ports can receive multicast traffic from a specific multicast MAC address.

VLAN/VLAN ID: Indicates VLAN or VLAN ID. If VLANs are active on the switch you can set Ethernet multicast filtering on a per VLAN basis. For port-based VLANs, press z to select the name of VLAN. For tag-based VLANs, type the VLAN ID in the Multicast address field.

Multicast address: Indicates the MAC address you want to add, delete, or apply a filter to.

ADD/DELETE: Adds or removes a MAC address from the switch’s table.

To adding or deleting a multicast filter

1 In the Multicast address field, type a multicast address. 2 If the switch is running tag-based or port-based VLANs, select a VLAN

to locate the filter.

3 To add a filter, select ADD using the arrow keys and press E. 4 To remove a filter, type the MAC address in the Multicast field, select

DELETE, and then press E.

CHAPTER 5

LOCATION

Main Menu

Configure Device

Forwarding and Filtering

Configure Ethernet...

Multicast filters per port

Intel® NetStructure™ 470T and 470F Switches User Guide

Ethernet Multicast Filtering (Ports)

Description

Action: Blocks or forwards traffic to the selected port (press z). APPLY CHANGES: Applies the changes to the multicast filter after you

configure the ports. N/P: Scrolls through the addresses. (Press N (Next Page) or P (Previous

Page).

To modify a multicast filter

1 On the Configure Ethernet Multicast Filter screen, use the arrow

keys to select an address from the list on the right side of the screen. Press E.

2 Determine which ports can receive the multicast traffic by using

z to set Forward or Block for each port.

3 Select APPLY CHANGES and press E. This activates the

changes to the multicast filter and returns you to the previous screen.

CHAPTER 5

Using Local Management

Local Management

Port Mirroring

Description

LOCATION

Main Menu

Configure Device

Port Mirroring

NOTE

Do not mirror traffic to a target port that is connected to a network device other than a protocol analyzer. The device’s behavior may be unpredictable.

Port mirroring is a diagnostic tool you can use to send a copy of the good Ethernet frames transmitted or received on one port to another port. On the second port you can attach a protocol analyzer to capture and analyze the data without interfering with the client on the original port.

Source port: Selects the port whose traffic you want to mirror (press

z). Target port: Selects a port to receive the mirrored traffic (press z).

If you are using a protocol analyzer, connect it to this port. State: Enables or disables port’s mirror (press z).

CHAPTER 5

Intel® NetStructure™ 470T and 470F Switches User Guide

Link Aggregation

Description

LOCATION

Main Menu

Configure Device

Link Aggregation

NOTE

All custom settings for a port (including VLAN membership) are lost when you add that port to a link aggregation.

When configuring link aggregation between two 470 switches, you must connect anchor port to anchor port, and member port to member port.

Link aggregation is a way of combining ports on the switch to increase the available bandwidth and provide redundant links. All ports in the aggregated link take on the characteristics of the anchor port. This means if you set the anchor port to 1000Mbps full duplex (470T only), all the ports aggregated to that anchor port share the same setting. You can set a maximum of four aggregated groups on the switch.

Anchor Port: Displays the first port in the link aggregation. Width: Sets the total number of (consecutive) member ports in the

aggregated link (press z). The minimum number of ports for an aggregated link is two, and the maximum is four. The link aggregation width includes the anchor port.

Aggregation Group Name: Assigns a name to the aggregated links for management or identification purposes.

Status: Enables or disables the aggregated link (press z).

CHAPTER 5

Using Local Management

Local Management

Broadcast Storm Control

Description

LOCATION

Main Menu

Configure Device

Broadcast Storm Control

You can use broadcast storm control to filter out broadcasts from faulty devices to prevent them from degrading network performance.

For a more information about of broadcast storm control, see Chapter 2. Setting: Enables or disables broadcast storm control on each port (press

z). Upper Threshold: Sets the threshold of broadcast traffic on a port (shown

as a percentage of the port’s total bandwidth) that activates broadcast storm control. Type a value from 1–20%. The default value is 20%.

CHAPTER 5

Intel® NetStructure™ 470T and 470F Switches User Guide

Configure Management Menu

Description

LOCATION

Main Menu

Configure Management

Configure community strings & trap receivers: Assigns the switch’s community strings and sets trap receiving stations.

Administer user accounts: Configures user accounts. You can add or delete users, update passwords, and change a user’s access levels.

Define IP access list: Create a list of IP addresses that can access the switch through Telnet, Web Manager, or SNMP.

Update firmware and configuration files: Configures the switch’s internal software and specifies the location of configuration files.

Reset and console options: Reboots the switch or changes the settings on the serial port. You can also use this option to set the switch back to its factory defaults.

CHAPTER 5

LOCATION

Main Menu

Configure Management

Community Strings and . . .

Using Local Management

Local Management

Community Strings & Trap Receivers

Description

Use this screen to send alerts to PCs with SNMP management applications (such as Intel® Device View) installed.

Current read community: Sets a password for viewing (not changing) the switch configuration. The string you define here must match the read community string defined in the SNMP application. The default read community string is “public.”

NOTE

These are the traps supported by the switch:

• Power to the switch was cycled or reset.

• Link, speed, or other status changes on a port.

• Authentication failure.

Current write community: Sets a password for viewing and changing the switch configuration. The string you define here must match the write community string defined in the SNMP application. The default write community string is “private.”

Trap Receiving Stations: When an event occurs, the switch automatically alerts the SNMP management application by sending a trap to the SNMP management stations (for example, PCs) defined here.

Station IP address: Displays the IP addresses of PCs with SNMP applications (such as Intel Device View or LANDesk® Network Manager) installed.

State: Enables or disables sending of traps to the specified trap receiver.

Community string: Specifies a string for the trap that matches the community string defined in the SNMP management application. The default is “public.”

CHAPTER 5

Intel® NetStructure™ 470T and 470F Switches User Guide

Administer User Accounts

Description

LOCATION

Main Menu

Configure Management

Administer User Accounts

Add Users/Change Passwords

Username: By default, no username is assigned. Usernames can

consist of any character and can be up to 15 characters long. You can define three usernames.

Old Password: Used when changing the password of a current user. If this is a new account, you can skip to the New Password field. By default, no password is assigned.

New password: Sets a new password for accessing Local Management. The password you specify here is used the next time you reset the switch or log out and log in to Local and Web Management. Passwords are case-sensitive and can be up to 15 characters long.

Confirm new password: Verifies the entry in the New password field.

CHAPTER 5

Using Local Management

Local Management

Access level: Establishes a user’s access rights (press z). Administrators can make any changes to Local Management. All other users (categorized under Normal user) can view information but cannot make changes. To change a user’s access rights, see the “To modify a user’s access level” section of this chapter.

APPLY CHANGES: Saves changes when adding users or changing passwords.

Modify User Accounts

Access level: Changes access rights for the user (press z). Delete: Deletes an account (press z to change the value to

<Yes>). The default value is <No>. APPLY CHANGES: Saves changes when modifying or deleting user

accounts.

CHAPTER 5

Intel® NetStructure™ 470T and 470F Switches User Guide

Managing User Accounts

System Administrators can create up to three user accounts for managing the switch. You can also change the access rights for current users and delete user accounts. Make sure you always set up at least one Administrator account.

To create a user account

1 On the Main Menu, select Configure Management, and then press

E. Select Administer User Accounts and press E .

2 On the User Accounts screen, type the name of the new user in the

Username field, and then press E .

3 Because this is a new user, press T

and then go to the New password field.

4 Type the password for the new user, and then press E . Passwords

are case-sensitive and can be up to 15 characters long.

5 To confirm the new password, retype it in the Confirm new password

field. Press E .

6 Select the access rights for the new user by pressing z . 7 To save the information, press T to select SAVE CHANGES

(below the Confirm new password field), and then press E . The new account appears in the list under Modify User Accounts.

to skip the Old password field,

To change a password

1 On the Main Menu, select Configure Management, and then press

E . Select Administer User Accounts, and then press E .

2 In the Username field, type the username of the account for which you

want to change the password. Press E .

3 Type the current password in the Old password field, and then press

E .

4 Type the new password in the New password field, and then press

E .

5 To confirm the password, retype it in the Confirm new password field.

Press E .

CHAPTER 5

Using Local Management

Local Management

6 To save the new password, press T to select SAVE CHANGES

(below the Confirm new password field) and press E .

To modify a user’s access level

1 On the Main Menu, select Configure Management, and then press

E. Select Administer User Accounts and press E. 2 Under Access Level, press T to select the account to be modified. 3 Press z to change the user’s access rights. Users with

Administrator access can make changes to the management

configuration; users with Normal User access can view the

configuration but cannot make changes. 4 To save changes, press T to select SAVE CHANGES at the

bottom of the screen and press E .

To delete a user account

1 On the Main Menu, select Configure Management, press E .

Select Administer User Accounts, and then press E .

2 Under Delete, select the account to be removed. 3 Press z to select <Yes>. 4 To remove the user account, press T to select SAVE CHANGES

at the bottom of the screen and press E .

CHAPTER 5

LOCATION

Main Menu

Configure Management

Define IP Access List

Intel® NetStructure™ 470T and 470F Switches User Guide

Define IP Access List

Description

Users with IP addresses defined on the access list can manage the switch. If user names and passwords are set up, the user must also enter a valid user name and password when accessing the console. If you do not create an access list, any user with a valid user name and password can manage the switch. The IP access list provides a second level of security beyond that of a user name and password.

NOTE

The IP access list does not prevent unauthorized users from accessing switch management through the serial port.

If you create an access list, the first address you add must be the one from which you are accessing the switch. Only users with IP addresses defined on the access list can ping the switch.

The IP access list can contain up to eight IP addresses. Action: Specifies whether you want to add or delete an IP address. Press

z to toggle between <Add> and <Delete>. IP address: Type the IP address you want to add or delete from the access

list and then press E. The IP access list can contain up to eight IP addresses.

CHAPTER 5

LOCATION

Main Menu

Configure Management

Update Firmware and . . .

Using Local Management

Local Management

Update Firmware and Config Files

Description

Software update mode: Choose to update switch firmware over the network or through a serial port. SLIP/PPP is available only after changing the Port setting in the Reset and Console Options in the Configure Management menu (press z).

TFTP server address: Displays the IP address of the TFTP server.

NOTE

Check the Intel® Support Web site for firmware updates to the 470 switch.

Update Management Module Firmware:

Firmware update: Enables or disables the firmware update (press

z). When enabled, the switch searches for the TFTP server specified at the top of the screen and attempts to update the firmware.

Firmware file name: Displays the path and filename of the firmware located on the server.

Change Configuration File:

Config file download: Enables or disables the ability to download a

configuration file (press z). When enabled, the switch searches for the TFTP server specified at the top of the screen.

Config file name: Displays the path and filename of the configuration file located on the server.

Last TFTP server address: Displays the IP address of the last TFTP server accessed by the switch.

REBOOT TO START UPDATE: Starts the update process. The switch reboots and downloads the specified file.

CHAPTER 5

Intel® NetStructure™ 470T and 470F Switches User Guide

Reset and Console Options

Description

LOCATION

Main Menu

Configure Management

Reset and Console Options

Reset Options

Reboot switch: Reboots the switch. If you changed the IP

configuration or login setting, the new settings take effect after you select this option.

Reset switch settings to factory defaults: Clears any saved settings or current changes and resets the switch back to its factory defaults. All counters are cleared and the switch starts sending BOOTP requests.

Serial Port Settings

Port setting: Configures the switch’s serial port. Press z to

toggle between <Console>, <SLIP>, and <PPP>. Settings take effect on the next reboot.

Console timeout: Logs out a user after a period of inactivity. Settings are from 0–60 minutes in 15-minute increments. A setting of <Never> means no timeout. The default is 60 minutes.

CHAPTER 5

Using Local Management

Local Management

Configure VLAN Operation Mode

Description

LOCATION

Main Menu

Configure VLAN (if switch is in Default Mode)

NOTE

The first time you configure the switch, the system takes you directly to the Configure VLAN Operation Mode screen.

Use this screen to activate or change the type of VLAN operating on the switch. If there are no VLANs active on the switch, this is the first screen displayed when you select Configure VLAN from the Main Menu. By default, VLANs are not active on the Intel® NetStructure™ 470F and 470T Switches so they must be activated before you can start configuring them.

The 470 switches support only one type of VLAN operating at a time. However, you can have multiple VLANs of the same type.

Select the type of VLAN: Changes the type of VLAN on the switch (press z). The 470 switches support three types of VLANs: port-based, IEEE 802.1Q (tag-based), and protocol-based.

APPLY: Activates the changes to the VLAN and reboots the switch.

To change VLAN modes

1 On the Main Menu, select Configure VLAN. 2 On the Configure VLAN menu, select VLAN Operation Mode. 3 Press z to change the type of VLAN on the switch. Press

4 Select the APPLY button and press E. This reboots the switch

and changes the VLAN mode.

CHAPTER 5

Intel® NetStructure™ 470T and 470F Switches User Guide

Port-based VLANs

Description

LOCATION

Main Menu

Configure VLAN

Port-based VLANs are the simplest type of VLAN. With a port-based VLAN you can create multiple VLANs, each with its own broadcast domain and member ports.

For example, if port 3 is in VLAN_1 and port 5 is in VLAN_2 the two ports cannot communicate with each other even though they are part of the same switch. A port can only be a member of a single port-based VLAN. Any port that is not a member of a user-defined VLAN is a member of the DEFAULT_VLAN.

VLAN operation mode: Changes the type of VLAN operating on the switch, or disables VLANs entirely.

Add a port-based VLAN: Creates a port-based VLAN and adds ports to the VLAN.

Edit/delete a port-based VLAN: Selects a VLAN to change port membership in the VLAN, or removes a VLAN from the switch.

CHAPTER 5

Using Local Management

Local Management

Add a Port-based VLAN

Description

LOCATION

Main Menu

Configure VLAN

Add a Port-based VLAN

VLAN Name: Assigns a name to the VLAN. Names can consist of any character (no spaces) and be up to 12 characters long. After a VLAN is created the name cannot be changed. If you want to change the name you must delete the VLAN, create a new one, and assign the ports to the new VLAN.

Port: Specifies the port you want in the VLAN. Member: Determines which ports are part of the VLAN being created.

Ports can be members of only one port-based VLAN. Press z to toggle the following options:

<Yes> The port is a member of the VLAN.

<No > The port is not a member of the VLAN.

– The port is part of an aggregated link; the anchor port

determines membership in a VLAN.

N/A Displayed if the port is already participating in another

VLAN, or for the 470T, that a GBIC slot is open. Ports can belong to only one port-based VLAN.

APPLY: Creates the VLAN and activates the settings.

CHAPTER 5

LOCATION

Main Menu

Configure VLAN

Edit/Delete a Port-based VLAN

Edit VLAN

Intel® NetStructure™ 470T and 470F Switches User Guide

To create a port-based VLAN

1 On the Main Menu, select Configure VLAN.

Note: Make sure the switch’s current VLAN operation mode is set to

port-based VLAN. If another type of VLAN is running, see “Configure VLAN Operation Mode” earlier in this chapter to change the VLAN operation mode.

2 Select Add a Port-based VLAN and press E. 3 Type a name for the new VLAN and press E. 4 Select ports to add to the VLAN and use z to toggle the

Member field to Yes.

5 Select the APPLY button and press E.

Edit/Delete a Port-based VLAN

NOTE

The DEFAULT_VLAN cannot be deleted from the switch.

Description

Action: Indicates whether to delete a VLAN or to change its port membership. Press z to toggle between <Edit> or <Delete>, then use T or S to select a VLAN, and press E. If deleting, press

VLAN Name: Displays the name of an available port-based VLAN. Ports: Displays the number of member ports in the specified VLAN.

again to confirm deletion.

CHAPTER 5

Using Local Management

Local Management

Change Port Membership in a VLAN

Description

LOCATION

Main Menu

Configure VLAN

Edit/Delete a Port-based VLAN

This screen is similar to the VLAN creation screen. You can change the membership status of ports within the VLAN but you cannot change the name of the VLAN.

VLAN Name: Displays the name of the VLAN you are configuring. Port: Displays the port numbers. Select the port you want to add to or

eliminate from the VLAN. Member: Determines which ports are part of the current VLAN. Ports can

be members of only one port-based VLAN. Press z to toggle the following options:

<Yes> The port is a member of the VLAN.

<No > The port is not a member of the VLAN.

– The port is part of a aggregated link.

N/A Displayed if the port is already participating in another

VLAN. Ports can belong to only one VLAN.

APPLY: Activates the settings.

CHAPTER 5

Intel® NetStructure™ 470T and 470F Switches User Guide

Configure 802.1Q VLANs

Description

LOCATION

Main Menu

Configure VLAN

VLAN operation mode: Changes the type of VLAN operating on the switch, or disables VLANs entirely.

Create an IEEE 802.1Q VLAN: Creates a new 802.1Q VLAN and adds ports to the VLAN.

Edit/Delete an IEEE 802.1Q VLAN: Changes port membership of an existing VLAN or removes a VLAN from the switch.

Configure VLAN ID for Untagged Devices (PVID): Assigns a VLAN to inbound packets without a VID.

GVRP and ingress filter settings: Sets port-level options for dynamic VLAN creation and packet filtering by the VLAN.

CHAPTER 5

Using Local Management

Local Management

Add an IEEE 802.1Q VLAN (Configure Port Membership)

LOCATION

Main Menu

Configure VLAN

Create an 802.1Q VLAN

NOTE

A ‘+’ next to the Member indicates that the port is a member of more than one VLAN.

Description

VLAN Name: Assigns a name to the VLAN. The name can consist of any character (no spaces) and be up to 12 characters long. After a VLAN is created the name cannot be changed.

VLAN ID: Assigns a unique ID number for the VLAN. This number is used to identify all packets belonging to that VLAN. Type a number from 2 to 4094. The DEFAULT_VLAN (created when you select a VLAN mode) has a VID of 1.

Allow IGMP Snooping: Indicates if the switch performs IGMP snooping on this VLAN (press z). A maximum of 12 IGMP snooping sessions are allowed.

Member: Identifies which ports are part of the VLAN being created. Press z to toggle the following options:

<Yes> The port is a member of the VLAN. <No > The port is not a member of the VLAN. – The port is part of an aggregated link.

NEXT: Sends you to the Add an IEEE 802.1Q VLAN (Configure Port Tagging) screen.

CHAPTER 5

Intel® NetStructure™ 470T and 470F Switches User Guide

Add an IEEE 802.1Q VLAN (Configure Port Tagging)

LOCATION

Main Menu

Configure VLAN

Create an 802.1Q VLAN

Add an 802.1Q VLAN...

Description

VLAN Name: Displays the VLAN name assigned on the Add an IEEE

802.1Q VLAN (Configure Port Membership) screen. VLAN ID: Displays the VLAN ID assigned on the Add an IEEE 802.1Q

VLAN screen. Action: Indicates whether the device connected to this port supports

tagging (press z). PREV: Returns you to the Add an IEEE 802.1Q VLAN (Configure Port

Membership) screen. DONE: Returns you to the Configure 802.1Q VLANs screen.

CHAPTER 5

LOCATION

Main Menu

Configure VLAN

Configure PVID for...

Using Local Management

Local Management

Configuring 802.1Q VLANs

Setting up an 802.1Q VLAN is a three-step process. First, create a VLAN on the switch. Second, make sure that tagging is set up properly for your attached devices. Third, configure those devices that don’t support tagging.

Step 1: Create an 802.1Q VLAN and add ports

1 On the Main Menu, select Configure VLAN.

Note: Make sure the switch’s current VLAN operation mode is set to

IEEE 802.1Q VLAN. Refer to “Configure VLAN Operation Mode” earlier in this chapter to change the VLAN operation mode.

2 Select Create an IEEE 802.1Q VLAN and press E. 3 Type a name for the new VLAN (no spaces) and press E. 4 Type a VLAN ID (VID) and press E. The ID can be any number

from 2 to 4094.

5 Determine if you want to allow IGMP Snooping on this VLAN. This is

important because the switch can support more 802.1Q VLANs than the maximum of 12 IGMP Snooping sessions available.

6 Select ports to add to the VLAN. Press z to toggle the

Member field to Yes.

7 Select the NEXT button and press E.

Step 2: Configure tagging for member ports

Note: If the device on a particular port does not support tags, configure that port as untagged. Configuring a device as untagged ensures that the switch removes tags from packets before they leave the switch for the device.

1 Press z to select Tag or Untag for each port that is a member of

the VLAN.

2 Select the DONE button and press E.

If you configured any of the ports in the VLAN as Untagged, proceed to step 3, “Configure VLAN for untagged devices,” to configure ports for untagged devices and associate those ports with a PVID (port VLAN ID).

CHAPTER 5

NOTE

Determine which devices on your network support tag-based VLANs and which do not before you start this procedure.

Intel® NetStructure™ 470T and 470F Switches User Guide

Step 3: Configure VLAN for untagged devices

Even if the device attached to the switch doesn’t support 802.1Q tags it can participate in the VLAN. When communicating with untagged devices the switch:

Determines how to forward untagged traffic. For untagged traffic, the switch assigns a default VID to the incoming traffic from the untagged device. Normally, all untagged traffic received on the switch is assigned a VLAN ID=1 or the DEFAULT_VLAN. You can change this PVID to the VID of the VLAN you want the port to use.

Strips 802.1Q tags before sending traffic to the untagged device. When the switch needs to send traffic from a port to an untagged device, it strips the 802.1Q tag. Otherwise, the untagged device may not understand how to process the VID tag.

To add a untagged device to a 802.1Q VLAN

1 Ensure that the port is a member of the VLAN. Refer to the procedure

in step 1, “Create an 802.1Q VLAN and add ports,” to add a port to a

802.1Q VLAN.

2 On the Configure VLAN menu, select Configure VLAN ID for

Untagged Devices and press E.

3 Select the port where the untagged device is connected. For example,

port 7.

4 Type the VID of the VLAN you want the port to belong to and press

E. This is the same ID number you entered in step 1, “Create an

802.1Q VLAN and add ports.”

5 Select APPLY and press E to activate the changes.

By specifying a VID you set the switch to assign a particular VID to any incoming traffic it receives on that port.

CHAPTER 5

Using Local Management

Local Management

Edit/Delete an 802.1Q VLAN

Description

LOCATION

Main Menu

Configure VLAN

Edit/Delete an 802.1Q VLAN

Use this screen to select a VLAN to edit the port membership in the VLAN or delete the VLAN from the switch.

Action: Specifies whether you want to edit or delete a VLAN. Press z to toggle between <Edit> and <Delete>, select a VLAN from the list, and then press E.

VLAN Name: Displays the name of the VLAN you are configuring. VLAN ID: Displays the number assigned to identify this 802.1Q VLAN.

CHAPTER 5

Intel® NetStructure™ 470T and 470F Switches User Guide

Edit an IEEE 802.1Q VLAN (Configure Membership)

LOCATION

Main Menu

Configure VLAN

Edit/Delete IEEE 802.1Q VLAN

NOTE

A ‘+’ next to the Member toggle indicates that port is a member of more than one VLAN.

Description

Use this screen to change which ports are members of the VLAN.

VLAN Name: Displays the name of the VLAN you are editing or deleting. VLAN ID: Displays the ID number of the VLAN. This number identifies

all packets belonging to that VLAN. Allow IGMP Snooping: Identifies whether the switch performs IGMP

snooping on this VLAN (press z). There are a maximum of 12 IGMP snooping sessions allowed.

Member: Determines which ports are part of the VLAN being created. Press z to toggle the field for the following options:

<Yes> The port is a member of the VLAN. <No > The port is not a member of the VLAN. – The port is part of an aggregated link.

NEXT: Sends you to the Edit an IEEE 802.1Q VLAN (Configure Port Tagging) screen, where you can set egress tags (for outbound traffic).

Intel NetStructure 470 User Manual

Specifications and Main Features

Frequently Asked Questions

User Manual