16 100/1000M SFP+ 8 10/100/1000T/Dual Speed SFP Combo L2 Plus Managed Switch w/
Redundant Power Supply
G
UIDE
LGS-2816C-RPS
Publication date: March., 2011
Revision v5.17
ABOUT THIS GUIDE
PURPOSE This guide gives specific information on how to operate and
AUDIENCEThe guide is intended for use by network administrators who
CONVENTIONSThe following conventions are used throughout this guide
RELATED PUBLICATIONSThe following publication details the hardware features of the
use the management functions of the switch.
are responsible for operating and maintaining network
equipment; consequently, it assumes a basic working
knowledge of general switch functions, the Internet Protocol
(IP), and Simple Network Management Protocol (SNMP).
to show information:
NOTE:Emphasizes important information or calls your attention to
related features or instructions.
C
AUTION
data, or damage the system or equipment.
W
ARNING
injury.
switch, including the physical and performance-related
characteristics, and how to install the switch:
The Installation Guide
Also, as part of the switch‘s software, there is an online webbased help that describes all management related features.
:
Alerts you to a potential hazard that could cause loss of
:
Alerts you to a potential hazard that could cause personal
Release
Date
Revision
5.17
01/10/2010
B1
Revision History
CONTENTS
– 6 –
SECTION I GETTING STARTED
This section provides an overview of the switch, and introduces some basic
concepts about network switches. It also describes the basic settings
required to access the management interface.
This section includes these chapters:
◆
―Introduction‖
◆
―Initial Switch Configuration‖
1 INTRODUCTION
This switch provides a broad range of features for Layer 2 plus switching.
It includes a management agent that allows you to configure the features
listed in this manual. The default configuration can be used for most of
the features provided by this switch. However, there are many options
that you should configure to maximize the switch‘s performance for your
particular network environment.
KEY FEATURES
Table 1: Key Features
Feature Description
Configuration
Backup and
Restore
Authentication Console, Telnet, web – user name/password, RADIUS,
Access Control Lists Supports up to 128 Access Control Entries (ACEs), using the
DHCP Client Supported
DNS Proxy service
Port Configuration Speed, duplex mode, flow control, MTU, response to
Rate Limiting Input rate limiting per port (using ACL)
Port Mirroring One or more ports mirrored to single analysis port
Port Trunking Supports up to 14 trunks using either static or dynamic trunking
Storm Control Throttling for broadcast, multicast, and unknown unicast storms
Address Table Up to 8K MAC addresses in the forwarding table, 1024 static MAC
Backup to management station or TFTP server
TACACS+ Web – HTTPS
Telnet –
SSH
SNMP v1/2c - Community strings
SNMP version 3 – MD5 or SHA password
Port – IEEE 802.1X, MAC address filtering
DHCP Snooping
IP Source Guard
shared 128 ACEs for ingress classification
excessive collisions, power saving mode
(LACP)
addresse
s
IP Version 4
IEEE 802.1D Bridge Supports dynamic data switching and addresses learning
Store-andForward
Switching
Spanning Tree Algorithm Supports Rapid Spanning Tree Protocol (RSTP), which includes
Supports IPv4 addressing, management, and QoS
Supported to ensure wire-speed switching while eliminating
bad frames
STP backward compatible mode
SYSLOG
The Syslog is a standard for logging program messages . It allows
separation of the software that generates messages from the
system that stores them and the software that reports and analyzes
them. It is supported by a wide variety of devices and receivers
across multiple platforms.
QoS
Support Quality of Service by the IEEE 802.1P standard. There are
two priority queue and packet transmission schedule. multiple
platforms.
SNMP/RMON
SNMP agent and RMON MIB. In the device, SNMP agent is a client software
which is operating over SNMP protocol used to receive the command from
SNMP manager (server site) and echo the corresponded data, i.e. MIB object.
Besides, SNMP agent will actively issue TRAP information when happened.
RMON is the abbreviation of Remote Network Monitoring and is a branch of the
SNMP MIB.
The device supports MIB-2 (RFC 1213), Bridge MIB (RFC 1493), RMON MIB
(RFC 1757)-statistics Group 1,2,3,9, Ethernet-like MIB (RFC 1643), Ethernet
MIB (RFC 1643) and so on.multiple platforms.
Table 1-2: Key Features (Continued)
Feature Description
Virtual LANs Up to 4K using IEEE 802.1Q, port-based, and private VLANs
Traffic Prioritization Queue mode and CoS configured by Ethernet type, VLAN ID,
TCP/ UDP port, DSCP, ToS bit, VLAN tag priority, or port
Qualify of Service Supports Differentiated Services (DiffServ), and DSCP
remarking
Multicast Filtering Supports IGMP snooping and Proxy
DESCRIPTION OF FIRMWARE FEATURES
The switch provides a wide range of advanced performance and
Security enhancing features. Flow control eliminates the loss of packets
due to bottlenecks caused by port saturation. Storm suppression
prevents broadcast, multicast, and unknown unicast traffic storms from
engulfing the network. Untagged (port-based) and tagged VLANs, plus
support for automatic GVRP VLAN registration provide traffic security
and efficient use of network bandwidth. QoS priority queueing ensures
the minimum delay for moving real-time multimedia data across the
network. While IGMP Snooping function provides support for real-time
network applications.
Others the switch also supports TACACS+ and RADIUS authentication
for management security requirement and SSL and SSH for encryption
for all HTTP traffic and all transmitted data for secure, remote
command-line interface (CLI) access over IP networks
Some of the management features are briefly described below.
IGMP SNOOPING
Support IGMP version 2 (RFC 2236): The function IGMP snooping is
used to establish the multicast groups to forward the multicast
packet to the member ports, and, in nature, avoid wasting the
bandwidth while IP multicast packets are running over the network.
ACCESS CONTROL
LISTS
The ACLs are divided into EtherTypes. IPv4, ARP protocol, MAC and
VLAN parameters etc. Here we will just go over the standard and
extended access lists for TCP/IP. As you create ACEs for ingress
classification, you can assign a policy for each port, the policy
number is 1-8, however, each policy can be applied to any port.
This makes it very easy to determine what type of ACL policy you
will be working with.
SECURIY
AND
AUTHENTICATION
This switch provides management access via the console port,
Telnet, or a web browser. User names and passwords can be
configured locally or can be verified via a remote authentication
server (i.e., RADIUS or TACACS+).
Port-based authentication is also supported via the IEEE 802.1X
protocol. This protocol uses Extensible Authentication Protocol over
LANs (EAPOL) to request user credentials from the 802.1X client,
and then uses the EAP between the switch and the authentication
server to verify the client‘s right to access the network via an
authentication server (i.e., RADIUS server).
Other authentication options include HTTPS for secure management
access via the web, SSH for secure management access over a
Telnet-equivalent connection, SNMP Version 3, IP address filtering
for web/SNMP/Telnet/SSH management access, and MAC address
filtering for port access.
IGMP PROXY
The implementation of IP multicast processing. The switch supports IGMP
version 1 and IGMP version 2, efficient use of network bandwidth, and fast
response time for channel changing. IGMP version 1 (IGMPv1) is described in
RFC1112 ,and IGMP version 2 (IGMPv2) is described in RFC 2236. Hosts
interact with the system through the exchange of IGMP messages. Similarly,
when you configure IGMP proxy, the system interacts with the router on its
upstream interface through the exchange of IGMP messages. However, when
acting as the proxy, the system performs the host portion of the IGMP task on
the upstream interface as follows:
When queried, sends group membership reports to the group.
When one of its hosts joins a multicast address group to which
none of its other hosts belong, sends unsolicited group
membership reports to that group.
When the last of its hosts in a particular multicast group leaves the
group, sends an unsolicited leave group membership report to the
all-routers group (244.0.0.2).
NOTE:The SSL only provide the CLI for switch management and SSH
default enable without UI for management.
REDUDANT
POWER SUPPLY
Provide a D-Sub connector on rear panel to connect to RP-2000
External/Redundant system for provide a full power cord
redundancy solution that can protect against a single power main
failure
POWER SAVING
The Power saving using the "ActiPHY Power Management" and
"PerfectReach Power Management" two techniques to detect the
client idle and cable length automatically and provides the different
power.
Q-in-Q VLAN FOR
PERFORMANCEAND
SECURITY
The VLAN feature in the switch offers the benefits of both security
and performance. VLAN is used to isolate traffic between different
users and thus provides better security. Limiting the broadcast traffic
to within the same VLAN broadcast domain also enhances
performance. Q-in-Q, the use of double VLAN tags is an efficient
method for enabling Subscriber Aggregation. This is very useful in
the MAN.
MVR
Multicast VLAN Registration (MVR) can support carrier to serve
content provider using multicast for Video streaming application in
the network. Each content provider Video streaming has a dedicated
multicast VLAN. The MVR routes packets received in a multicast
source VLAN to one or more receive VLANs. Clients are in the receive
VLANs and the multicast server is in the source VLAN.
PORT CONFIGURATIONYou can manually configure the speed and duplex mode, and flow
control used on specific ports, or use auto-negotiation to detect the
connection settings used by the attached device. Flow control should
also be enabled to control network traffic during periods of congestion
and prevent the loss of packets when port buffer thresholds are
exceeded. The switch supports flow control based on the IEEE 802.3 x
standards.
PORT MIRRORING The switch can unobtrusively mirror traffic from any port to a monitor
You can then attach a protocol analyzer or RMON probe to this port to
perform traffic analysis and verify connection integrity.
PORT TRUNKING Ports can be combined into an aggregate connection. Trunks can be
manually set up or dynamically configured using Link Aggregation
Control Protocol (LACP). The additional ports dramatically increase the
throughput across any connection, and provide redundancy by taking
over the load if a port in the trunk should fail.
STORM CONTROLBroadcast, multicast and unknown unicast storm suppression prevents
traffic from overwhelming the network. When enabled on a port, the
level of broadcast traffic passing through the port is restricted. If
broadcast traffic rises above a pre-defined threshold, it will be throttled
until the level falls back beneath the threshold.
port.
SPANNING TREE
ALGORITHM
The switch supports these spanning tree protocols:
Spanning Tree Protocol (STP, IEEE 802.1D) – Supported by using
the STP backward compatible mode provided by RSTP. STP
provides loop detection. When there are multiple physical paths
between segments, this protocol will choose a single path and
disable all others to ensure that only one route exists between
any two stations on the network. This prevents the creation of
network loops. However, if the chosen path should fail for any
reason, an alternate path will be activated to maintain the
connection.
Rapid Spanning Tree Protocol (RSTP, IEEE 802.1w) – This
protocol reduces the convergence time for network topology
changes, for the older IEEE 802.1D STP standard. It is intended
as a complete replacement for STP, but can still interoperate with
switches running the older standard by automatically
reconfiguring ports to STP-compliant mode if they detect STP
protocol messages from attached devices.
VIRTUAL LANS
(VLANS)
The switch supports up to 4K VLANs. The VLAN is a collection of
network nodes that share the same collision domain regardless of
their physical location or connection point in the network. The
switch supports the IEEE 802.1Q tagged VLANs standard. Members
of VLAN groups can be dynamically learned via GVRP, or ports can
be manually assigned to a specific set of VLANs. By segmenting
your network into VLANs, you can:
Eliminate broadcast storms which severely degrade
performance in a flat network.
Provide data security by restricting all traffic to the originating
VLAN.
Use private VLANs to restrict traffic to pass only between data
ports and
the uplink ports, thereby isolating adjacent ports
within the same VLAN, and allowing you to limit the total
number of VLANs that need to be configured.
IP-MAC-PORT BINDING
The IP network layer uses a four-byte address. The Ethernet link
layer uses a six-byte MAC address. Binding these two address
types together allows the transmission of data between the layers.
The primary purpose of IP-MAC binding is to restrict the access to
a switch to a number of authorized users. Only the authorized
client can access the Switch‘s port by checking the pair of IP-MAC
Addresses and port number with the pre-configured database. If
an unauthorized user tries to access an IP-MAC binding enabled
port, the system will block the access by dropping its packet.
DHCP SNOOPING
This feature enables the DHCP Snooping to include information
about client when forwarding DHCP requests from a DHCP client to a
DHCP server via Trust Port. DHCP snooping can be configured on
LAN switches to harden the security on the LAN to only allow clients
with specific IP/MAC addresses to have access to the network. In
short, DHCP snooping ensures IP integrity on a Layer 2 switched
domain.
LINK LAYER
DISCOVERY PROTOCOL
(LLDP)
IEEE Standard──802.1AB (Link Layer Discovery Protocol),Provide
more easy debug tool and enhance the networking management
availability, Others it can provide auto-discovery device and
topology providing
QUALITY OF SERVICEDifferentiated Services (DiffServ) provides policy-based management
mechanisms used for prioritizing network resources to meet the
requirements of specific traffic types. Each packet is classified upon entry
into the network based on access lists, DSCP values, or VLAN lists. Using
access lists allows you select traffic based on Layer 2, Layer 3, or Layer 4
information contained in each packet. Based on network policies,
different kinds of traffic can be marked for different kinds of forwarding.
Function
Parameter
Default
Console Port Connection
Baud Rate
115200 bps
Data bits
8
Stop bits
1
Parity
none
Local Console Timeout
0 (disabled)
System Information
Device Name
LGS-2816C-RPS
Account
Admin User
admin/admin
Guest User
guest/guest
Time
Manual/NTP
Manual
NTP Server
209.81.9.7
Time Zone
GMT+8:00
Daylight Saving
0 (hour)
IP Configuration
DHCP Setting
Disabled
IP Address
192.168.1.1
Subnet Mask
255.255.255.0
Default Gateway
192.168.1.254
DNS
Manual
DNS Server
0.0.0.0
Loop Detection
Detection Port
None
Management Policy
Management Policy
None
Syslog
Syslog
Disabled
IP Address
0.0.0.0
Port
514
Virtual Stack
State
Disable
Role
Slave
Group ID
default
Port Configuration
Speed
Auto
Flow Control
SYM
Masimum Frame
9600
Excessive Collision Mode
Discard
Description
Empty
Port Power Saving
Power Saving
Disable
VLAN Mode
VLAN Mode
Tag-based
SYSTEM DEFAULTS
The following table lists some of the basic system defaults.
Table: System Defaults
Function
Parameter
Default
Tag-based Group
VLAN ID
1
VLAN Name
Default
IGMP Aware
Disable
Private VLAN
Disable
GVRP propagation
Disable
Member Port
1-24 ports
Port-based Group
VLAN Name
Default
Member Port
1-24 ports
VLAN Ports
Tag Identifier
0x8100
VLAN Aware
Enable
Ingress Filtering
Disable
Frame Type
All
PVID
1
Role
Access
Untag VID
0
Double Tag
Disable
Port Isolation
Port Member
None
Management VLAN
VLAN ID
1
MAC Address Table
Age Time
300 secs
Disable automatic aging
Disable
MAC Table Learning
Auto
GVRP Config
GVRP State
Disabled
Join Time
20
Leave Time
60
LeaveAll Time
1000
Default Applicant Mode
Normal
Default Registrar Mode
Normal
Restricted Mode
Disabled
Masimum Frame
9600
Excessive Collision Mode
Discard
QoS Ports
Number of Classes
4
Default Class
Low
QCL
1
User Priority
0
Table: System Defaults (Continued)
Function
Parameter
Default
Queuing Mode
Strict Priority
Queue Weighted Low
1 Queue Weighted Normal
2
Queue Weighted Medium
4
Queue Weighted High
8
QoS Control List
QoS Control List
None
Rate Limiters
Ingress Enable
Disabled
Ingress Rate
500 Ingress Unit
Kbps
Egress Enable
Disabled
Egress Rate
500 Egress Unit
Kbps
Storm Control
Flooded unicast status
Disabled
Flooded unicast Rate
1 pps
Multicast status
Disabled
Multicast Rate
1 pps
Broadcast status
Disabled
Broadcast Rate
1 pps
ACL Ports
Policy ID
1
Action
Permit
Rate Limiter ID
Disabled
Port Copy
Disabled
Rate Limiters
Rate Limiter 1
512 pps
Rate Limiter 2
16K pps
Rate Limiter 3
32 pps
Rate Limiter 4- 16
1 pps
Table : System Defaults (Continued)
2
INITIAL SWITCH CONFIGURATION
This chapter includes information on connecting to the switch and
basic configuration procedures.
CONNECTING TO THE SWITCH
The switch has a embed network management agent. It offers a variety of
management options, including SNMP, RMON and a web- based interface.
A PC may also be connected directly to the switch for configuration and
monitoring via a command line interface (CLI).
NOTE: An IPv4 address for the switch could be obtained via DHCP
CONFIGURATION
OPTIONS
Server. To change this address, see ―Setting an IP Address‖ on page 34.
If the switch couldn‘t receive a IP Address from a DHCP server, it has a
default IP address 192.168.1.1, default gateway 192.168.1.254
and subnet mask 255.255.255.0.
The switch‘s HTTP web agent allows you to configure switch
parameters, monitor port connections, and display statistics using a
standard web browser such as Microsoft IE 6.0 above, Netscape
V7.1 above or FireFox V1.00. The switch‘s web management
interface can be accessed from any computer attached to the network.
The CLI program can be accessed by a direct connection to the RS-232
serial console port on the switch, or remotely by a Telnet connection
over the network.
The switch‘s management agent also supports SNMP (Simple Network
Management Protocol). This SNMP agent permits the switch to be
managed from any system in the network using network management
software such as Lantech View.
The switch‘s web interface, console interface, and SNMP agent allow you
to perform the following management functions:
Set the administrator password
Set an IP interface for a management VLAN
Configure SNMP parameters
Enable/disable any port
REQUIRED
CONNECTIONS
Set the speed/duplex mode for any port
Configure the bandwidth of any port by limiting input or output
rates or enable the Flow control of any port
Control port access through IEEE 802.1X security or static
address filtering
Filter packets using Access Control Lists (ACLs)
Configure up to 4K IEEE 802.1Q VLANs
Configure IGMP Snooping or Proxy functionality
Upgrade the system firmware or Import /Export configuration
files via HTTP (using the web interface) or TFTP (using the
command line interface)
Configure Spanning Tree/ RSTP/ MSTP parameters
Configure Class of Service (CoS) priority queuing and QoS
Configure the Port Trunk via static or LACP standard trunks
Enable port mirroring
Set storm control on any port for excessive broadcast, multicast,
or unknown unicast traffic
Display system information and statistics
Configure the LLDP Parameters
The switch provides an RS-232 serial port that enables a connection to
a PC or terminal for monitoring and configuring the switch. A nullmodem console cable is provided with the switch.
Attach a VT100-compatible terminal, or a PC running a terminal
emulation program to the switch. You can use the console cable provided
with this package, or use a null-modem cable that complies with the
wiring assignments shown in the Installation Guide.
To connect a terminal to the console port, complete the following steps:
1.Connect the console cable to the serial port on a terminal, or a PC
running terminal emulation software, and tighten the captive
retaining screws on the DB-9 connector.
2. Connect the other end of the cable to the RS-232 serial port on
the switch.
3. Make sure the terminal emulation software is set as follows:
■
Select the appropriate serial port (COM port 1 or COM port 2).
■
Set the baud rates to 115200 bps.
REMOTE
CONNECTIONS
■
Set the data format to 8 data bits, 1 stop bit, and no parity.
■
Set flow control to none.
■
Set the emulation mode to VT100.
■
When using HyperTerminal, select Terminal keys, not
Windows keys.
NOTE: Once you have set up the terminal correctly, the console login
screen will be displayed.
For a description of how to use the CLI, see ―Using the Command Line
Interface‖. For a list of all the CLI commands and detailed information on
using the CLI, refer to ―CLI Command Groups‖ on.
Prior to accessing the switch‘s onboard agent via a network connection,
you must first configure it with a valid IP address, subnet mask, and
default gateway using a console connection, or DHCP protocol.
An IPv4 address for this switch could be obtained via DHCP Server. To
manually configure this address or enable dynamic address assignment
via DHCP, see ―Setting an IP Address‖ on page 34.
If the switch does not receive a IP Address from a DHCP server, it will
default to the IP address 192.168.1.1, default gateway 192.168.1.254
and subnet mask 255.255.255.0.
NOTE:This switch supports the Telnet sessions or SSH sessions.
Telnet and SSH cannot be used concurrently.
After configuring the switch‘s IP parameters, you can access the
onboard configuration program from anywhere within the attached
network. The onboard configuration program can be accessed using
Telnet from any computer attached to the network. The switch can
also be managed by any computer using a web browser (Microsoft IE 6.0 above, Netscape V7.1 above or FireFox V1.00.), or
from a network computer using SNMP network management
software.
The onboard program only provides access to basic configuration functions.
To access the full range of SNMP management functions, you must use
SNMP-based network management software.
SETTING AN IP
ADDRESS
You must establish IP address information for the switch to obtain
management access through the network. This can be done in either
of the following ways:
MANUAL
CONFIGURATION
You can manually assign an IP address to the switch. You may also
need to specify a default gateway that resides between this device
and management stations that exist on another network segment.
Valid IPv4 addresses consist of four decimal numbers, 0 to 255,
separated by periods. Anything outside this format will not be
accepted by the CLI program.
BASIC CONFIGURATION
SETTING PASSWORDSIf this is your first time to log into the console interface, you could define
a new password for access to the web interface, record it, and put it in a
safe place. The password can consist of up to 15 alphanumeric
characters and is case sensitive. To prevent unauthorized access to the
switch, set the password as follows:
First to access the Switch via Console port and Type ― admin‖ default
username and ― admin‖ default password.
Then enter account configuration interface. Type ―modify admin,‖ where
password is your new password.
Managed Switch LGS-2816C-RPS
Login: admin
Password: *****
LGS-2816C-RPS(account)# modify admin
username/password: the length is from 5 to 15.
Current username (admin):admin
Current password:
New password:
Confirm password:
Username changed successfully.
Password changed successfully.
▼
Manual — You have to input the information, including IP address
and subnet mask. If your management station is not in the same IP
subnet as the switch, you will also need to specify the default gateway
router.
▼
Dynamic — The switch can obtain a IPv4 address from DHCP
address allocation servers on the network.
NOTE:An IPv4 address for this switch is 192.168.1.1 default .
ASSIGNING AN IPV4 A
Before you can assign an IP address to the switch, you must obtain
the following information from your network administrator:
▼
IP address for the switch
▼
Network mask for this network
▼
Default gateway for the network
To assign an IPv4 address to the switch, type
―set ip ip mask gateway‖
DDRESS
where ―ip‖ is the switch‘s IP address, ―mask‖ is the mask for the network
portion of the address, ―gateway‖ is the IP address of the default
gateway, Press <Enter>.
Managed Switch - LGS2816C-RPS
Login: admin
Password: *****
LGS-2816C-RPS# ip
LGS-2816C-RPS(ip)# set ip ?
Usage: set <ip> [mask] [gateway]
LGS-2816C-RPS(ip)#
LGS-2816C-RPS(ip)# set ip 192.168.20.15 255.255.255.0 192.168.20.250>
DYNAMIC CONFIGURATION
OBTAINING AN IPV4 A
If you enable the ―dhcp‖ option, IP will be enabled but will not function
until a DHCP reply has been received. Requests will be sent periodically
in an effort to obtain IP configuration information. DHCP values can
include the IP address, subnet mask, and default gateway.
If the DHCP option is enabled, the switch will start broadcasting service
requests as soon as it is powered on.
To automatically configure the switch by communicating with DHCP
address allocation servers on the network, type the following command,
and press <Enter>. Wait a few minutes, and then check the IP
configuration settings using the ―enable dhcp‖ command.
―enable dhcp‖
DDRESS
ENABLING SNMP
MANAGEMENT
ACCESS
Managed Switch - LGS-2816C-RPS
Login: admin
Password: *****
LGS-2816C-RPS# ip
LGS-2816C-RPS(ip)# enabl dhcp ?
Usage: enable dhcp <manual|auto>
LGS-2816C-RPS(ip)# enable dhcp manual
LGS-2816C-RPS(ip)# show
DHCP : Enable
IP Address : 192.168.20.15
Current IP Address : 0.0.0.0
Subnet mask : 255.255.255.0
Gateway : 192.168.20.250
Current Gateway : 255.255.255.255
DNS Setting : Manual
DNS Server : 0.0.0.0
LGS-2816C-RPS(ip)#
NOTE:Response time from DHCP servers vary considerably for different
network environments. If you do not get a response in a reasonable
amount of time, try entering the ―disable dhcp‖ command followed by
the ―enable dhcp‖ command. Otherwise, set the static IP address to a
null address, and then enter the ―dhcp enable‖ command or reboot the
switch.
The switch can be configured to accept management commands from
Simple Network Management Protocol (SNMP) applications such as
Lantech View. You can configure the switch to (1) respond to SNMP
requests or (2) generate SNMP traps.
When SNMP management stations send requests to the switch (either
to return information or to set a parameter), the switch provides the
requested data or sets the specified parameter. The switch can also be
configured to send information to SNMP managers (without being
requested by the managers) through trap messages, which inform the
manager that certain events have occurred.
The switch includes an SNMP agent that supports SNMP version 1, 2c, and
3 clients. To provide management access for version 1 or 2c clients, you
must specify a community string. The switch provides a default MIB
View (i.e., an SNMPv3 construct) for the default ―public‖ community
string that provides read access to the entire MIB tree, and a default
view for the ―private‖ community string that provides read/write access
to the entire MIB tree. However, you may assign new views to version 1
or 2c community strings that suit your specific security requirements.
COMMUNITY STRINGS (FOR SNMP VERSION 1 AND 2C CLIENTS)
Community strings are used to control management access to SNMP
version 1 and 2c stations, as well as to authorize SNMP stations to
receive trap messages from the switch. You therefore need to assign
community strings to specified users, and set the access level.
The default strings are:
▼
public - with read-only access. Authorized management stations
are only able to retrieve MIB objects.
▼
private - with read/write access. Authorized management stations
are able to both retrieve and modify MIB objects.
To prevent unauthorized access to the switch from SNMP version 1 or 2c
clients, it is recommended that you change the default community
strings.
To change the read-only or read/write community string, type either of
the following commands, and press <Enter>.
“ set community <Community> <user_name> <Source IP> <Source
Mask> “
LGS-2816C-RPS(snmp)# set community public publicuser 0.0.0.0
0.0.0.0
LGS-2816C-RPS(snmp)#
MIL-SM24DPA(snmp)# show community
SNMP Community Table:
Source IP Source Mask
---------- ---------------
0.0.0.0 0.0.0.0
Number of entries: 1
LGS-2816C-RPS(snmp)#
NOTE: If you do not intend to support access to SNMP version 1
and 2c clients, we recommend that you delete both of the
default community strings. If there are no community strings,
then SNMP management access from SNMP v1 and v2c clients is
disabled.
Idx Community UserName
--- -------------- ------------- ----
1 public publicuser
.
EXPORT OR IMPORT
CONFIGURATION
SETTINGS
Configuration commands modify the working configuration, and are
exported to a nonvolatile storage. To export the current
configuration settings to a backup server, enter the following
command, and press <Enter>.
―export <current|user> <ip_address>”
where ―ip_address‖ is the ip address of the backup server, and
―current| user”
is the name under which the configuration settings
are exported.
TRAP RECEIVERS
You can also specify SNMP stations that are to receive traps from the switch.
To configure a trap receiver, enter the ―snmp trap‖ commands shown below,
and press <Enter>.
where ―version‖ indicates the SNMP client version (1, 2c, 3), ―community- string‖
specifies access rights for a version 1/2c host, and ―host-address‖ is the IP
address for the trap receiver. For a more detailed description of these
parameters and other SNMP commands. The following example creates a trap
host for a version 1 SNMP client.
>snmp trap version 1
LGS-2816C-RPS(snmp)# set trap 1 2 192.168.1.10 162 public
LGS-2816C-RPS(snmp)#
LGS-2816C-RPS(snmp)# show trap
SNMPv3 Trap Host Configuration:
No Ver. IP Port Community/Security Security Auth. Priv.
Name Level Protocol Protocol
Passward:*****
LGS-2816C-PRS# config-file
LGS-2816C-PRS(config-file)#
LGS-2816C-PRS(config-file)# export ?
Usage: export <current l user> <ip_address>
LGS-2816C-PRS(config-file)# export user 192.168.20.1
C
HAPTER
2 | Initial Switch Configuration
Managing System Files
– 42 –
To Import configuration settings from a backup server, enter the following
command, and press <Enter>.“config load tftp-server file-name‖
Login: admin
Passward:*****
LGS-2816C-PRS# config-file
LGS-2816C-PRS(config-file)#
LGS-2816C-PRS(config-file)# import ?
Usage: import <current│user> <ip_address> <file_path>
Ip_address : TFTP server ip address.
LGS-2816C-PRS(config-file)# import user 192.168.20.1 LGS-2816C-RPS.config
Managed Switch- LGS-2816C-PRS
File_path : Configuration file path.
S
ECTION
II
WEB CONFIGURATION
S
ECTION
II
This section describes the basic switch features, along with a detailed
description of how to configure each feature via a web browser.
This section includes these chapters:
◆
―Using the Web Interface‖
◆
―Configuring the Switch‖
3
USING THE WEB INTERFACE
3
This switch has an embedded HTTP web agent. Using a web browser you
can configure the switch and view statistics to monitor network activity.
The web agent can be accessed by any computer on the network using a
standard web browser (Microsoft IE 6.0 above, Netscape V7.1 above or FireFox V1.00).
NOTE: You can also use the Command Line Interface (CLI) to manage the
switch over a serial connection to the console port or via Telnet. For more
information on using the CLI, refer to ―Using the Command Line
Interface‖ on page 178.
CONNECTING TO THE WEB INTERFACE
Prior to accessing the switch from a web browser, be sure you have
first performed the following tasks:
1.Configured the switch with a valid IP address, subnet mask, and
default gateway using an out-of-band serial connection, or DHCP
protocol. (See ―Setting an IP Address‖ on page 34.)
2.Set the system password using an out-of-band serial connection. (See
―Setting Passwords‖ on page 34.)
3. After you enter a user name and password, you will have access to
the system configuration program.
NOTE: The switch only allow one user connect from RS-232 Console UI and
three user from Telnet. Others allow maximum 4 users connect via WebUI and
maximum 1 user connect via Telnet, then Maximum 5 users allowed to login
the switch via WebUI, Telnet and RS-232 Console.
NOTE:The Admin could create the Operator account. The Operator has create,
modify and delete rights as the same as Admin, but operator only has the right
to change himself password and couldn‘t do upgrade.
The guest has no right to create, modify and delete. Only has read right.
NAVIGATING THE WEB BROWSER INTERFACE
To access the web-browser interface you must first enter a user name
and password. By default, the user name is ―admin‖ and there is no
HOME PAGEWhen your web browser connects with the switch‘s web agent, the home
password.
page is displayed as shown below. The home page displays the Main
Menu on the left side of the screen and an image of the front panel on
the right side. The Main Menu links are used to navigate to other menus,
and display configuration parameters and statistics.
Figure 1: Home Page
CONFIGURATIO
N
OPTION
S
Configurable parameters have a dialog box or a drop-down list. Once a
configuration change has been made on a page, be sure to click on the
Apply button to confirm the new setting. The following table
summarizes the web page configuration buttons.
Table 3: Web Home Page Configuration Buttons
Button Action
Apply Sets specified values to the system.
Auto Logout Sets the device auto logout with time
period up to 60 minutes or disable the auto
logout
NOTE: To ensure proper screen refresh, be sure that Internet Explorer is
configured so that the setting ―Check for newer versions of stored
pages‖ reads ―Every visit to the page.‖
Internet Explorer 6.x and earlier: This option is available under the menu
―Tools / Internet Options / General / Temporary Internet Files / Settings.‖
Internet Explorer 7.x: This option is available under ―Tools / Internet
Options / General / Browsing History / Settings / Temporary Internet Files.‖
Menu
Description
Page
Configuration
System
System
Information
Configures Location, Contact and Device Name
Account
Configures User Account and Password
Time
Configures SNTP and System Time settings
IP Configuration
Configures IPv4 settings
Loop Detection
Configures Loop Detection
Management
Policy
Configures Management Policy
Syslog
Configures Syslog parameters
Virtual Stack
Configures the Virtual Stack for Switch Management
Port
Configuration
Configures port parameters settings
Status
Display port status
Simple Counter
Display port simple counter
Detail Counter
Display port detail counter
Power Saving
Configures port power saving settings
Vlan
Vlan mode
Configures VLAN Mode with port-base, tag-base..etc
Tag-based
Group
Configures Tag-based VLAN Group parameters setting
Port-based
Group
Configures Port-based VLAN Group parameters setting
Ports
Configures VLAN Port detail parameters setting
PANEL DISPLAY The web agent displays an image of the switch‘s ports. The refresh mode
is auto-mode by default. Clicking on the image of a port opens the
Detailed Statistics page as described on page 143.
Figure 2: Front Panel Indicators
MAIN MENUUsing the onboard web agent, you can define system parameters,
manage and control the switch, and all its ports, or monitor network
conditions. The following table briefly describes the selections available
from this program.
Table 4: Main Menu
– 47 –
C
HAPTER
3 | Using the Web Interface
Navigating the Web Browser Interface
Port Isolation
Configures Port Isolation setting
Management
VLAN
Configures Management VLAN ID
MAC
MAC Address
Table
Configures MAC Address Aging parameters setting
Static Filter
Configures MAC Address Static Filter settting
Static Forward
Configures MAC Address Static Forward setting
MAC Alias
Configures MAC Address Alias setting
MAC Table
Display the MAC Address Table
GVRP
Config
Configures GVRP detail parameters setting
Counter
Display GVRP per port detail counter
Group
Configures and display the GVRP VLAN Group Information
Configures Trunk port settings and Display Trunk Port
Status
Aggregator View
Display Trunk Aggregation status and LACP Detail
information
Aggregation
Hash Mode
Configures Aggregation Mode parameters setting
LACP System
Priority
Configures LACP System Priority setting
STP (Spanning
Tree)
Status
Display the STP parameters setting information
Configuration
Configures STP parameters setting
Port
Display Port STP configuration and status information
MSTP
State
Configrues MSTP parameters setting
Region Config
Configrues MSTP Region parameters setting
Instance View
Display the MSTP Instance View information
Mirroring
Configures Port Mirroring parameters setting
SSH
Configures Secure Shell server
Multicast
IGMP Mode
Configures Multicast IGMP mode with Snooping or Proxy
– 49 –
C
HAPTER
3 | Using the Web Interface
Navigating the Web Browser Interface
Proxy
Configures IGMP Proxy parameters setting
Snooping
Configures IGMP Snooping parameters setting
IGMP Group
Allow
Configures IGMP Group Allow parameters setting
Group
Membership
Display IGMP Group Membership detail information
MVR
Configures MVR parameters setting
MVID
Configures Multicast MVID and display the detail
information
MVR Group
Allow
Configures Multicast MVR Group Allow parameters setting
MVR Group
Membership
Display Multicast MVR Group Membership detail information
Alarm
Events
Configures Trap Events parameters setting
Email
Configures Alarm trap send email and Email server
parameters setting
DHCP Snooping
DHCP Snooping
State
Configures DHCP Snooping enable or disable setting
DHCP Snooping
Entry
Display DHCP Snooping Entry detail information and
configures DHCP Snooping parameters setting
DHCP Snooping
Client
Display DHCP Snooping Client detail information
(LINK LAYER
DISCOVERY
PROTOCOL) LLDP
LLDP State
Configures per port the LLDP parameters setting
LLDP Entry
Configures switch to display per port which build the LLDP
available entry
LLDP Statistics
Display the detailed counting number of each port‘s LLDP
traffic
Save/Restore
Factory Defaults
Restore Default Configuration (Includes default
IP Address)
Save Start
Save the current configuration as a start
configuration file in flash memory
Save User
Save the current configuration as a user
configuration file in flash memory
Restore User
Restore User Configuration function can retrieve
the previous confirmed working configuration
stored in the flash memory to update start
configuration.
– 50 –
C
HAPTER
3 | Using the Web Interface
Navigating the Web Browser Interface
Export/ Import
Allows user can back up or reload the
configuration files of Save AS Start or Save As
User via TFTP Server
Diagnotics
Diagnostics
Provides a set of basic system diagnosis. The
basic system check includes EEPROM test, UART
test, DRAM test and Flash test
Ping
Tests specified path using IPv4 ping
Maintenance
Warm Restart
Provides a way to reset the switch, including
power up, hardware reset and software reset.
Firmware
Upgrade
Provides new firmware will be uploaded into the
switch and write into flash memory.
Logout
Allows you to logout the system to prevent other
users from the system without the permission.
4
CONFIGURING THE SWITCH
This chapter describes all of the basic configuration tasks.
CONFIGURING SYSTEM INFORMATION
You can identify the system by configuring the contact information,
name, and location of the switch.
WEB INTERFACE
To configure System Information in the web interface:
1.Click SYSTEM, System, Information.
2. Specify the contact information for the system administrator, as well
as the name and location of the switch. Also indicate the local time
zone by configuring the appropriate offset.
3. Click Apply.
Figure 4-1: System Information Configuration
– 52 –
C
HAPTER
4 | ConfiguringtheSwitch
SettingAccount
C
HAPTER
4 | Configuring the Switch
Setting Account
PARAMETERS
These parameters are displayed on the System Information page:
Model name –The model name of this device
System description –As it is, this tells what this device
is. Here, it is “16-Port SFP + 8-Port Combo Port GbE
L2 Plus Managed Switch”.
Location – User-defined the specifies the system location.
(Maximum length: 255 characters)
Contact – For easily managing and maintaining device,
you may write down the contact person and phone here
for getting help soon. You can configure this parameter
through the device‘s user interface or SNMP.
Device name –The name of the switch. User-defined.
Default is LGS-2816C-RPS.
– 53 –
C
HAPTER
4 | ConfiguringtheSwitch
SettingAccount
C
HAPTER
4 | Configuring the Switch
Setting Account
System up time – The time accumulated since this
switch is powered up. Its format is day, hour, minute,
second.
Current time – Show the system time of the switch. Its
format: day of week, month, day, hours : minutes :
seconds, year. For instance, Wed, Apr. 23, 12:10:10,
2004.
BIOS version – The version of the BIOS in this switch.
Firmware version – The firmware version in this switch.
Hardware-Mechanical version – The version of
Hardware and Mechanical. The figure before the hyphen is
the version of electronic hardware; the one after the
hyphen is the version of mechanical.
Serial number – The serial number is assigned by
Lantech.
Host IP address – The IP address of the switch.
Host MAC address – It is the Ethernet MAC address of
the management agent in this switch.
Device Port – Show all types and numbers of the port in
the switch.
RAM size – The size of the DRAM in this switch.
Flash size – The size of the flash memory in this switch.
CPU Loading – The loading of the CPU on this switch.
Model name – To display the Redundant Power Supply
system model name.
Hardware Mechanical Version – To display the
Redundant Power Supply system hardware mechanical
version.
Serial Number – To display the Redundant Power Supply
system serial number.
Temperature – To display the Redundant Power Supply
system temperature with ‗C and ‗F.
– 54 –
C
HAPTER
4 | ConfiguringtheSwitch
SettingAccount
C
HAPTER
4 | Configuring the Switch
Setting Account
Fan – To display the Redundant Power Supply system fan
status with rotation speed.
Voltage – To display the Redundant Power Supply system
voltage value
– 55 –
C
HAPTER
4 | ConfiguringtheSwitch
SettingAccount
C
HAPTER
4 | Configuring the Switch
Setting Account
CONFIGURING ACCOUNT
In this function, only administrator can create, modify or delete the username
and password. Administrator can modify other guest identities‘ password without
confirming the password but it is necessary to modify the administratorequivalent identity. Guest-equivalent identity can modify his password only.
WEB INTERFACE
To configure Account in the web interface:
1.Click SYSTEM, Account.
2. Click Create New to add new username and password.
3. Edit or Delete exist Accout name and password.
4. Click Apply.
NOTE: The switch only allow one user connect from RS-232 Console UI and
three user from Telnet. Others allow maximum 4 users connect via WebUI
and maximum 1 user connect via Telnet, then Maximum 5 users allowed to
login the switch via WebUI, Telnet and RS-232 Console.
NOTE:The Admin could create the Operator account. The Operator has
create, modify and delete rights as the same as Admin, but operator only has
the right to change himself password and couldn‘t do upgrade.
The guest has no right to create, modify and delete. Only has read right.
Figure 4-2: Account Configuration
PARAMETERS
These parameters are displayed on the Account configuration page:
Create New – To add a new account and password
Edit – To verified the exist account and password
Delete – To delete the exist accout and password
CONFIGURING TIME
The switch provides manual and automatic ways to set the system time via NTP.
Manual setting is simple and you just input ―Year‖, ―Month‖, ―Day‖, ―Hour‖,
―Minute‖ and ―Second‖ within the valid value range indicated in each item.
NTP is a well-known protocol used to synchronize the clock of the switch system
time over a network. NTP, an internet draft standard formalized in RFC 1305,
has been adopted on the system is version 3 protocol. The switch provides four
built-in NTP server IP addresses resided in the Internet and an user-defined NTP
server IP address. The time zone is Greenwich-centered which uses the
expression form of GMT+/- xx hours.
WEB INTERFACE
To configure Time in the web interface:
1.Click SYSTEM, Time.
2. Specify the Time parameter in manual or NTP parameters.
3. Click Apply.
NOTE: Time Zone is an offset time off GMT. You have to select the time zone
first and then perform time sync via NTP because the switch will combine this
time zone offset and updated NTP time to come out the local time
NOTE:Daylight saving is adopted in some countries. If set, it will adjust the
time lag or in advance in unit of hours, according to the starting date and the
ending date. For example, if you set the day light saving to be 1 hour. When
the time passes over the starting time, the system time will be increased one
hour after one minute at the time since it passed over.
Figure 4-3: Time Configuration
– 57 –
C
HAPTER
4 | Configuring the Switch
Setting Virtual Stack
PARAMETERS
These parameters are displayed on the Time configuration page:
Current Time – To display the current time of the system
Manual – To fill the valid figures in the fields of Year,
Month, Day, Hour, Minute and Second respectively. The
parameter Year, Month, Day, Hour, Minute and Second are
>=2000, 1-12, 1-31, 0-23, 0-59 and 0-59 respectively.
NTP – To set the switch synchronizes the time with NTP
server automatically. NTP is Network Time Protocol and is
used to sync the network time based Greenwich Mean
Time (GMT). If use the NTP mode and select a built-in NTP
time server or manually specify an user-defined NTP
server as well as Time Zone.
Daylight Saving – To set the daylight saving parameter
with unit of hours.
Daylight Saving Start – To set when to start performing
the day light saving time.
This is used to set when to start performing the day light saving time.
Mth:
Range is 1 ~ 12.
Default: 1
Day:
Range is 1 ~ 31.
Default: 1
Hour:
Range is 0 ~ 23.
Default: 0
Daylight Saving End – To set when to stop performing
the day light saving time.
This is used to set when to stop performing the daylight saving time.
Mth:
Range is 1 ~ 12.
Default: 1
Day:
Range is 1 ~ 31.
– 58 –
C
HAPTER
4 | Configuring the Switch
Setting Virtual Stack
Default: 1
Hour:
Range is 0 ~ 23.
Default: 0
Apply – To save the configuration to switch flash memory.
SETTING AN IP ADDRESS
This section describes how to configure an IP interface for management
access to the switch over the network. This switch supports IP Version
4, and can be managed simultaneously through either of the address
types. You can manually configure a specific IPv4 address or direct the
switch to obtain an IPv4 address from a DHCP server when it is
powered on.
SETTING AN
IPV4
ADDRES
S
The IPv4 address for the switch could be obtained via DHCP Server for
VLAN 1. To manually configure an address, you need to change the
switch's default settings to values that are compatible with your network.
You may also need to a establish a default gateway between the switch
and management stations that exist on another network segment.
WEB INTERFACE
To configure an IP address and SNTP in the web interface:
1. Click System, IP Configuration.
2. Specify the IPv4 settings, and enable DNS proxy service if required.
3.Click Apply.
Figure 4-4: IP & Time Configuration
NOTE: An IPv4 address for this switch could be obtained via DHCP
Server. If the switch does not receive a IP Address from a DHCP server,
it will default to the IP address 192.168.1.1 and subnet mask
255.255.255.0
You can manually configure a specific IP address, or direct the device to
obtain an address from a DHCP server. Valid IPv4 addresses consist of
four decimal numbers, 0 to 255, separated by periods. Anything other
than this format will not be accepted by the CLI program.
PARAMETERS
These parameters are displayed on the Time configuration page:
DHCP Setting – To set enable or disable the switch obtained
a IP address from DHCP Server. Default is disable
IP address – Address of the switch, Valid IP addresses
consist of four numbers, 0 to 255, separated by periods.
(Default: 192.168.1.1).
Subnet mask – This subnet mask identifies the host address
bits used for routing to specific subnet.
(Default: 255.255.255.0).
Default gateway – IP address of the gateway router between
the switch and management stations that exist on other
network segments.
(Default: 192.168.1.254).
DNS – A Domain Name Server to which client requests for
mapping host names to IP addresses are forwarded.
(Default: 0.0.0.0).
Apply – To save the configuration to switch flash memory.
CONFIGURING LOOP DETECTION
The loop detection is used to detect the presence of traffic. When switch receives
packet‘s(looping detection frame) MAC address the same as oneself from port,
show Loop detection happens. The port will be locked when it received the
looping detection frames. If you want to resume the locked port, please find out
the looping path and take off the looping path, then select the resume the locked
port and click on ―Resume‖ to turn on the locked ports.
WEB INTERFACE
To configure Loop detection in the web interface:
1.Click SYSTEM, Loop Detection.
2. Evoke which port to enable the Loop detection.
3. Click Apply.
4. When the port occur Loop and it was locked by switch then you
could resume it.
Figure 4-5: Loop Detection Configuration
PARAMETERS
These parameters are displayed on the Loop Detection configuration page:
Port No. – Display the port number. The number is 1 – 24.
Detection Port - When Port No is chosen, and enable port' s Loop
detection, the port can detect loop happens. To evoke the port to
enable auto-detect the Loop.
Locked Port – When Port No is chosen, enable port' s Loop
detection, and the port detects loop happen, the port will be
Locked. When choosing Resume, port locked will be opened and
turned into unlocked. To evoke the port to resume it.
CONFIGURING MANAGEMENT POLICY
Through the management security configuration, the manager can do the strict
NOTE: The following rules are offered for the manager to manage the switch:
Rule 1) : When no lists exists, then it will accept all connections.
Rule 2) : When only “accept lists” exist, then it will deny all connections, excluding
the connection inside of the accepting range.
setup to control the switch and limit the user to access this switch.
WEB INTERFACE
To configure Management Policy in the web interface:
1.Click SYSTEM, Management Policy.
2. Add a Management policy rule.
3. Click Add.
4. If you click delete then switch will delete a exist management
policy.
Rule 3) : When only “deny lists” exist, then it will accept all connections, excluding
the connection inside of the denying range.
Rule 4) : When both “accept and deny” lists exist, then it will deny all connections,
excluding the connection inside of the accepting range.
Rule 5) : When both “accept and deny” lists exist, then it will deny all connections,
excluding the connection inside of the accepting range and NOT inside of the
denying range at the same time.
Figure 4-6: Management Policy Configuration
PARAMETERS
These parameters are displayed on the Management Policy configuration page:
Add. – To create a new management policy. Specify new entry of
Management Security Configuration can be created after the
parameters as mentioned above had been setup
Delete – To delete a exist Management policy from the
management policy List.
Name - A name is composed of any letter (A-Z, a-z) and digit (0-9)
with maximal 8 characters.
VID - The switch supports two kinds of options for managed valid
VLAN VID, including ―Any‖ and ―Custom‖. Default is ―Any‖. When
you choose ―Custom‖, you can fill in VID number. The valid VID
range is 1~4094.
IP Range - The switch supports two kinds of options for managed
valid IP Range, including ―Any‖ and ―Custom‖. Default is ―Any‖. In
case that‖ Custom‖ had been chosen, you can assigned effective IP
range. The valid range is 0.0.0.0~255.255.255.255.
Incoming Port - The switch supports two kinds of options for
managed valid Port Range, including ―Any‖ and ―Custom‖. Default is ―Any‖. You can select the ports that you would like them to be
worked and restricted in the management security configuration
if ‖Custom‖ had been chosen.
Access Type - The switch supports two kinds of options for
managed valid Access Type, including ―Any‖ and ―Custom‖. Default is ―Any‖. ―Http‖, ―Telnet‖ and ―SNMP‖ are three ways for the access
and managing the switch in case that‖ Custom‖ had been chosen.
Action – The switch supports two kinds of options for managed
valid Action Type, including ―Deny‖ and ―Accept‖. Default is ―Deny‖.
When you choose ―Deny‖ action, you will be restricted and refused
to manage the switch due to the ―Access Type‖ you choose.
However, while you select ―Accept‖ action, you will have the
authority to manage the switch.
CONFIGURING SYSLOG
The Syslog is a standard for logging program messages . It allows separation of
the software that generates messages from the system that stores them and the
software that reports and analyzes them. It can be used as well a generalized
informational, analysis and debugging messages. It is supported by a wide
variety of devices and receivers across multiple platforms.
WEB INTERFACE
To configure Syslog in the web interface:
1.Click SYSTEM, Syslog.
2. Specify the syslog parameters includes IP Address of Syslog server
3. Evoke the Sylog to enable it.
4. Click Apply.
and Port number.
Figure 4-7: Syslog Configuration
PARAMETERS
These parameters are displayed on the Syslog configuration page:
Syslog –Evoke the ―Enable‖ to enable syslog function
IP Address – To specify the IP address of the Syslog Server.
Port - Filters the log to send syslog message with the selected port
of PC host (Syslog server , ex: 514)..
CONFIGURING SYSTEM LOG
The System Log provides information about system logs, including information
when the device was booted, how the ports are operating, when users logged in,
when sessions timed out, as well as other system information.
WEB INTERFACE
To configure System Log in the web interface:
1.Click SYSTEM, System Log.
2. Display the system log on the screen.
3. Click Clear. It will clear all record of switch system log.
Figure 4-8: System Log screen
PARAMETERS
These parameters are displayed on the System Log page:
No. – Display the order number that the trap happened.
Time - Display the time that the trap happened.
Desc - Displays a description event recorded in the System Log.
Clear – To clear the system log data.
CONFIGURING VIRTUAL STACK
Virtual Stack Management(VSM) is the group management function. Through
the proper configuration of this function, switches in the same LAN will be
grouped automatically. And among these switch, one switch will be a master
machine, and the others in this group will become the slave devices. information.
VSM offers a simple centralized management function. It is not necessary to
remember the address of all devices, manager is capable of managing the
network with knowing the address of the Master machine. Instead of SNMP or
Telnet UI, VSM is only available in Web UI. While one switch become the Master,
two rows of buttons for group device will appear on the top of its Web UI. By
pressing these buttons, user will be allowed to connect the Web UI of the devices
of the group in the same window without the login of these device.
The most top-left button is only for Master device. The background color of the
button you press will be changed to represent that the device is under your
management.
NOTE: It will remove the grouping temporarily in case that you login the
switch via the console.
NOTE: Up to 16 devices can be grouped for VSM, however, only one Master is
allowed to exist in each group. For Master redundancy, user may configure
more than two devices as Master device, however, the Master device with the
smaller MAC value will be the Master one. All of these 16 devices can become
Master device and back up with each other .
WEB INTERFACE
To configure Virtual Stack in the web interface:
1.Click SYSTEM, Virtual Stack.
2. Display the system log on the screen.
3. Click Clear. It will clear all record of switch system log.
Figure 4-9: Virtual Stack Configuration
PARAMETERS
These parameters are displayed on the Virtual Stack page:
State – It is used for the activation or de-activation of VSM. Default
is Enable.
Role - The role that the switch would like to play in virtual stack.
Two types of roles, including master and slave are offered for
option. Default is Master.
Group ID - It is the group identifier (GID) which signs for VSM.
Valid letters are A-Z, a-z, 0-9, ― - ― and ―_‖ characters. The
maximal length is 15 characters.
CONFIGURING PORT CONFIGURATION
The Port Configuration page includes configuration options for enabling
auto-negotiation or manually setting the speed and duplex mode,
enabling flow control, setting the maximum frame size, specifying the
response to excessive collisions, or enabling power saving mode. Port
Configuration is applied to change the setting of each port. In this
configuration function, you can set/reset the following functions. Four
functions, including Port Status, Port Configuration, Simple Counter and
Detail Counter are contained in this function folder for port monitor and
management
WEB INTERFACE
To configure Port Configuration in the web interface:
1.Click Port, Configuration.
2. Specify the Port Configuration parameters. Make any required
changes to the connection settings
3. Click Apply.
Figure 4-10: Port Configuration
PARAMETERS
These parameters are displayed on the Port Configuration page:
Port – It was displayed the port index.
Media – It shows the port media type with UTP or SFP.
Speed - Sets the port speed and duplex mode using auto-negotiation
or manual selection. The following options are supported:
■
Disable - Disables the interface. You can disable an interface due to
abnormal behavior (e.g., excessive collisions), and then re-enable it after
the problem has been resolved. You may also disable an interface for
security reasons.
– 70 –
C
HAPTER
4 | Configuring the Switch
Configuring Power Saving
■
Auto - Enables auto-negotiation. When using auto-negotiation, the
optimal settings will be negotiated between the link partners based on
their advertised capabilities.
(Default: Autonegotiation enabled; Advertised capabilities for RJ-45:
1000BASE-T - 10half, 10full, 100half, 100full, 1000full; SFP: Auto
/1G FDX)
NOTE:The 1000BASE-T standard does not support forced mode.
Auto- negotiation should always be used to establish a connection
over any
1000BASE-T port or trunk. If not used, the success of the link
process cannot be guaranteed when connecting to other types of
switches.
Flow Control – Flow control can eliminate frame loss by ―blocking‖
traffic from end stations or segments connected directly to the switch
when its buffers fill. When enabled, back pressure is used for halfduplex operation and IEEE 802.3-2005 (formally IEEE 802.3x) for
full- duplex operation. (Default: Disabled)
When auto-negotiation is used, this parameter indicates the flow
control capability advertised to the link partner. When the speed and
duplex mode are manually set, the Current Rx field indicates whether
pause frames are obeyed by this port, and the Current Tx field
indicates if pause frames are transmitted from this port.
Maximum Frame - Sets the maximum transfer unit for traffic
crossing the switch. Packets exceeding the maximum frame size are
dropped. (Default: 9600 bytes)
Excessive Collision Mode – Sets the response to take when
excessive transmit collisions are detected on a port. (The function
only available on UTP Ports)
■
Discard - Discards a frame after 16 collisions (default).
■
Restart - Restarts the backoff algorithm after 16 collisions.
Description – To set the description or explain of switch specific
port, but without specific character includes “ # % & „ + \.
CONFIGURING PORT STATUS
The function Port Status gathers the information of all ports‘ current
status and reports it by the order of port number, media, link status,
port state, Auto-Negotiation status, speed/duplex, Rx Pause and Tx
Pause. An extra media type information for the module ports1 to 8 is
also offered.
WEB INTERFACE
To configure Port Configuration in the web interface:
1.Click Port, Status.
2. Display the Port status.
Figure 4-11: Port Status
PARAMETERS
These parameters are displayed on the Port Status page:
Port – Display the port number. The number is 1 – 24. Both port 1 ~
8 are optional modules.
Link - Show that if the link on the port is active or not. If the link is
connected to a working-well device, the Link will show the link ―Up‖; otherwise, it will show ―Down‖. This is determined by the hardware
on both devices of the connection. No default value.
Speed/ Duplex Mode – It shows the speed and duplex mode of all
port. The local port has to be preset its capability. Default: None, depnds on the result of the negotiation.
Flow Control – It shows each port‘s flow control status. There are
two types of flow control in Ethernet, Backpressure for half-duplex
operation and Pause flow control (IEEE802.3x) for full-duplex
operation. The switch supports both of them. Default: None, depends
on the result of the negotiation.
– 72 –
C
HAPTER
4 | Configuring the Switch
Configuring Power Saving
Description - network managers provide a description of device
ports.
WEB INTERFACE
To display the Port Port 1 ~ Port 24 SFP information in the web interface:
1.Right Click Port connected icon.
2. Display the Port detail information.
Figure 4-12: Port 1~ Port 24 SFP Detail Information
PARAMETERS
These parameters are displayed on the Port Detial information page:
Connector Type – Display the connector type, for instance, UTP, SC,
ST, LC and so on.
Fiber Type - Display the fiber mode, for instance, Multi-Mode,
Single-Mode.
Tx Central Wavelength - Display the fiber optical transmitting
central wavelength, for instance, 850nm, 1310nm, 1550nm and so
on.
Baud Rate - Display the maximum baud rate of the fiber module
supported, for instance, 10M, 100M, 1G and so on.
Vendor OUI - Display the Manufacturer's OUI code which is
assigned by IEEE.
Vendor Name - Display the company name of the module
manufacturer.
Vendor P/N - Display the product name of the naming by module
manufacturer.
Vendor Rev (Revision) - Display the module revision.
Vendor SN (Serial Number) - Show the serial number assigned by
– 74 –
C
HAPTER
4 | Configuring the Switch
Configuring Power Saving
the manufacturer.
Data Code - Show the date this SFP module was made.
Temperature - Show the current temperature of SFP module.
Vcc - Show the working DC voltage of SFP module.
Mon1 (Bias) mA - Show the Bias current of SFP module.
Mon2 (TX PWR) - Show the transmit power of SFP module.
Mon3 (RX PWR) - Show the receiver power of SFP module.
CONFIGURING SIMPLE COUNTER
The function of Simple Counter collects any information and provides the
counting about the traffic of the port, no matter the packet is good or
bad.
The window can show all ports‘ counter information at the same time.
Each data field has 20-digit long. If the counting is overflow, the counter
will be reset and restart counting. The data is updated every time
interval defined by the user. The Refresh Interval is used to set the
update frequency.
WEB INTERFACE
To display the Port simple counter information in the web interface:
1.Click Port, Simple Counter.
2. Display the Port Simple Counter information.
3. Click Refresh to refresh data or Clear to clear all records
4. Evoke the Auto-refresh then the switch will refresh the data automatically
Figure 4-13: Port Simple Counter detail information
PARAMETERS
These parameters are displayed on the Port Simple Counter page:
Packets -
◆ Transmit– The counting number of the packet transmitted.
◆ Receive - The counting number of the packet received.
Bytes –
◆ Transmit– Total transmitted bytes..
◆ Receive - Total received bytes.
Errors –
◆ Transmit–Number of bad packets transmitted.
◆ Receive - Number of bad packets received.
Drops –
◆ Transmit–Number of packets transmitted drop.
◆ Receive - Number of packets received drop.
◆ Auto-refresh - The simple counts will be refreshed automatically
on the UI screen.
◆ Refresh - The simple counts will be refreshed manually when
user use mouse to click on ―Refresh‖ button.
◆ Clear - The simple counts will be reset to zero when user use
mouse to click on ―Clear‖ button.
CONFIGURING DETAIL COUNTER
The function of Detail Counter collects any information and provides the
counting about the traffic of the port, no matter the packet is good or
bad.
Each data field has 20-digit long. If the counting is overflow, the counter
will be reset and restart counting. The data is updated every time
interval defined by the user. The valid range is 3 to 10 seconds. The
Refresh Interval is used to set the update frequency. Default update time
is 3 seconds.
WEB INTERFACE
To display the Port Detail Counter information in the web interface:
1.Click Port, Simple Counter.
2. Display the Port Simple Counter information.
3. Click Refresh to refresh data or Clear to clear all records
4. Evoke the Auto-refresh then the switch will refresh the data
automatically
Figure 4-14: Port Detail Counter detail information
PARAMETERS
These parameters are displayed on the Port Detail Counter page:
Rx Packets - The counting number of the packet received.
Rx Octets - Total received bytes.
Rx High Priority Packets - Number of Rx packets classified as high
priority.
Rx Low Priority Packets - Number of Rx packets classified as low
priority.
Rx Broadcast - Show the counting number of the received
broadcast packet.
Rx Multicast - Show the counting number of the received multicast
packet.
TX Packets - The counting number of the packet transmitted.
TX Octets - Total transmitted bytes.
Tx High Priority Packets - Number of Tx packets classified as high
priority.
Tx Low Priority Packets - Number of Tx packets classified as low
priority.
Tx Broadcast - Show the counting number of the transmitted
broadcast packet.
Tx Multicast - Show the counting number of the transmitted
multicast packet.
Rx 64 Bytes - Number of 64-byte frames in good and bad packets
received.
RX 65-127 Bytes - Number of 65 ~ 126-byte frames in good and
bad packets received.
Rx 128-255 Bytes - Number of 127 ~ 255-byte frames in good and
bad packets received.
Rx 256-511 Bytes - Number of 256 ~ 511-byte frames in good and
bad packets received.
Rx 512-1023 Bytes - Number of 512 ~ 1023-byte frames in good
and bad packets received.
Rx 1024-Bytes - Number of 1024-max_length-byte frames in good
and bad packets received.
Tx 64 Bytes - Number of 64-byte frames in good and bad packets
transmitted.
Tx 65-127 Bytes - Number of 65 ~ 126-byte frames in good and
bad packets transmitted.
Tx 128-255 Bytes - Number of 127 ~ 255-byte frames in good and
bad packets transmitted.
Tx 256-511 Bytes - Number of 256 ~ 511-byte frames in good and
bad packets transmitted.
Tx 512-1023 Bytes - Number of 512 ~ 1023-byte frames in good
and bad packets transmitted.
Tx 1024-Bytes - Number of 1024-max_length-byte frames in good
and bad packets transmitted.
Rx CRC/Alignment - Number of Alignment errors and CRC error
packets received.
Rx Undersize - Number of short frames (<64 Bytes) with valid CRC.
Rx Oversize - Number of long frames(according to max_length
register) with valid CRC.
Rx Fragments - Number of short frames (< 64 bytes) with invalid
– 80 –
C
HAPTER
4 | Configuring the Switch
Configuring Power Saving
CRC.
Rx Jabber - Number of long frames(according tomax_length register)
with invalid CRC.
Rx Drops - Frames dropped due to the lack of receiving buffer.
Rx Errors - Number of the error packet received.
Tx Collisions - Number of collisions transmitting frames experienced.
Tx Drops - Number of frames dropped due to excessive collision, late
collision, or frame aging.
Tx FIFO Drops - Number of frames dropped due to the lack of
transmitting buffer.
Auto-refresh - The detail counts will be refreshed automatically on
the UI screen.
Refresh - The detail counts will be refreshed manually when user use
mouse to click on ―Refresh‖ button.
Clear –The detail counts will be reset to zero when user use mouse to
click on ―Clear‖ button.
CONFIGURING POWER SAVING
The function of Power Saving and provides the Power saving for reduce
the power consumption with "ActiPHY Power Management" and
"PerfectReach Power Management" two technique.It could efficient
saving the switch Power when the client idle and detec the cable length
to provide different power.
WEB INTERFACE
To Configure the Port Power Saving in the web interface:
1.Click Port, Power Saving.
2. Evoke which port or Selec/Unselect to enable/disable Power Saving.
3. Click Apply
Figure 4-15: Port Power Saving Configuration
PARAMETERS
These parameters are displayed on the Power Saving Configuration page:
Power Saving - The parameter will enable or disable to verify
switches have the ability to consider the length of any Ethernet cable
connected for adjustment of power usage accordingly. Shorter
lengths require less power. link-down mode removes power for each
port that does not have a device attached. Default: Disable.
IEEE 802.1Q VLANS
The switch supports Tag-based VLAN (802.1Q) and Port-based VLAN.
Support 4094 active VLANs and VLAN ID 1~4094. VLAN configuration
is used to partition your LAN into small ones as your demand. Properly
configuring it, you can gain not only improving security and increasing
performance but greatly reducing VLAN management. In large
networks, routers are used to isolate broadcast traffic for each subnet
into separate domains. This switch provides a similar service at Layer
2 by using VLANs to organize any group of network nodes into
separate broadcast domains.
VLANs help to simplify network management by allowing you to move
devices to a new VLAN without having to change any physical
connections. VLANs can be easily organized to reflect departmental
groups (such as Marketing or R&D), usage groups (such as e-mail), or
multicast groups
(used for multimedia applications such as videoconferencing).
VLANs provide greater network efficiency by reducing broadcast traffic,
and allow you to make network changes without having to update IP
addresses or IP subnets. VLANs inherently provide a high level of
network security since traffic must pass through a configured Layer 3
link to reach a different VLAN.
WEB INTERFACE
To Configure the VLAN Mode in the web interface:
1.Click VLAN, VLAN Mode.
2. Scroll the VLAN mode with Tag-based, Port-based, Segment A and
3. Click Apply
Segment B.
Figure 4-16: VLAN Mode Configuration
– 83 –
C
HAPTER
4 | Configuring the Switch
Configure SNMP
Segment
Forwarding Port Mapping
1
Port 01 Port 09
2
Port 02 Port 10
3
Port 03 Port 11
4
Port 04 Port 12
5
Port 05 Port 13
6
Port 06 Port 14
7
Port 07 Port 15
8
Port 08 Port 16
9
Port 17 Port 18
10
Port 19 Port 20
11
Port 21 Port 22
12
Port 23 Port 24
PARAMETERS
These parameters are displayed on the VLAN Mode Configuration page:
Port-based - Port-based VLAN is defined by port. Any packet
coming in or outgoing from any one port of a port-based VLAN will
be accepted. No filtering criterion applies in port-based VLAN. The
only criterion is the physical port you connect to. For example, for a
port-based VLAN named PVLAN-1 contains port members Port
1&2&3&4. If you are on the port 1, you can communicate with port
2&3&4. If you are on the port 5, then you cannot talk to them. Each
port-based VLAN you built up must be assigned a group name. This
switch can support up to maximal 24 port-based VLAN groups.
Tag-based - Tag-based VLAN identifies its member by VID. This is
quite different from port-based VLAN. If there are any more rules in
ingress filtering list or egress filtering list, the packet will be
screened with more filtering criteria to determine if it can be
forwarded. The switch supports supplement of 802.1q. For more
details.
Each tag-based VLAN you built up must be assigned VLAN name
and VLAN ID. Valid VLAN ID is 1-4094. User can create total up to
4094 Tag VLAN groups.
Segment A - The ―Segment A‖ mode is a special function for LAN
Segmentation (Converter Mode) application, it is working under
VLAN function. When the segment mode enabled, there are max.
up to 12 LAN segments on the switch and fixed two ports for each
LAN segment and each LAN segment will be isolated. The fixed
segment ports mapping as below:
Segment B - The ―Segment B‖ mode is a special function for LAN
Segmentation (Converter Mode) application, it is working under
VLAN function. When the segment mode enabled, there are max.
up to 12 LAN segments on the switch and fixed two ports for each
LAN segment and each LAN segment will be isolated. The fixed
segment ports mapping as below:
Segment
Forwarding Port Mapping
1
Port 01 Port 02
2
Port 03 Port 04
3
Port 05 Port 06
4
Port 07 Port 08
5
Port 09 Port 10
6
Port 11 Port 12
7
Port 13 Port 14
8
Port 15 Port 16
9
Port 17 Port 18
10
Port 19 Port 20
11
Port 21 Port 22
12
Port 23 Port 24
The ports in the same LAN segment will forward any packet in the same
segment ports, the received packets will be forwarded to the same segment
port member without any change (for example: VLAN tag or un- tag
frames). The L2 PDU will be passed through between two ports in the same
LAN segment. (Including: STP, MSTP, GVRP, LACP,... ; Except 802.3X
Pause Frame).
NOTE:The following L2 switch functions can not work with LAN
segmentation mode at the same time:
GVRP
MSTP/RSTP/STP
IGMP Proxy and IGMP Snooping
DHCP Snooping
IP-MAC Binding
LACP and Static Port Link Aggregation
IEEE 802.1X
CONFIGURING TAG-BASED GROUP
The function shows the information of existed Tag-based VLAN Groups,
You can also easily create, edit and delete a Tag-based VLAN group by
pressing <Add>, <Edit> and <Delete> function buttons. User can
add a new VLAN group by inputting a new VLAN name and VLAN ID.
WEB INTERFACE
To Configure the Tag-based Group in the web interface:
1.Click VLAN, Tag-based Group.
2. Add new VLAN and specify the tag-based VLAN parameters.
3. Click Apply
Figure 4-17: Tag-based Group Configuration
PARAMETERS
These parameters are displayed on the Tag-Based Group Configuration page:
VLAN Name - The name defined by administrator is associated
with a VLAN group. Valid letters are A-Z, a-z, 0-9, ― - ― and ―_‖
characters. The maximal length is 15 characters.
VLAN ID - VLAN identifier. Each tag-based VLAN group has a unique VID.
It appears only in tag-based and Double-tag mode.
IGMP Proxy - IGMP proxy enables the switch to issue IGMP host
messages on behalf of hosts that the system discovered through
standard IGMP interfaces. The system acts as a proxy for its hosts.
This switch can be set IGMP function ―Enable‖ or ―Disable‖ by VLAN
group. If the VLAN group IGMP proxy is disabled, the switch will
stop the exchange of IGMP messages in the VLAN group members.
If the VLAN group IGMP proxy is enabled, the switch will support
the exchange of IGMP messages in the VLAN group members and
follow up IGMP proxy router port configuration, which connects to a
router closer to the root of the tree. This interface is the upstream
interface. The router on the upstream interface should be running
IGMP. You enable IGMP on the interfaces that connect the system
to its hosts that are farther away from the root of the tree. These
interfaces are known as downstream interfaces.
Member Port - This is used to enable or disable if a port is a
member of the new added VLAN, ―Enable‖ means it is a member of
the VLAN. Just tick the check box () beside the port x to enable it.
Add new VLAN - Please click on <Add new VLAN> to create a
new Tag-based VLAN. Input the VLAN name as well as VID,
configure the SYM-VLAN function and choose the member by ticking
the check box beside the port No., then, press the <Apply> button
to have the setting taken effect.
Delete Group - Just press the <Delete> button to delete the
selected exist group entry from the Tag-based group table.
NOTE:If you need use PVLAN( Private VLAN) function on Switch
then you need follow up the process as below:
a. Create a VLAN as primary VLAN and the VLAN ID is 2 and evoke the
Private VLAN to enable Private VLAN service.
b. Assign port member to the VLAN2
c. You need to assign these ports for member of port isolation.
d. Press the “Save” to complete the PVLAN configuration process
– 88 –
C
HAPTER
4 | Configuring the Switch
Configure SNMP
CONFIGURING PORT-BASED GROUP
The function shows the information of the existed Port-based VLAN
Groups. You can easily create, edit and delete a Port-based VLAN group
by pressing <Add>, <Edit> and <Delete> function buttons. User can
add a new VLAN group by inputting a new VLAN name.
WEB INTERFACE
To Configure the Port-based Group in the web interface:
1.Click VLAN, Port-based Group.
2. Add new VLAN and specify the Port-based VLAN parameters.
3. Click Apply
Figure 4-18: Port-based Group Configuration
PARAMETERS
These parameters are displayed on the Port-based VLAN Configuration page:
VLAN Name - The name defined by administrator is associated
with a VLAN group. Valid letters are A-Z, a-z, 0-9, ― - ― and ―_‖
characters. The maximal length is 15 characters.
Member Port - This is used to enable or disable if a port is a
member of the new added VLAN, ―Enable‖ means it is a member of
the VLAN. Just tick the check box () beside the port x to enable it.
Add new VLAN - Create a new Port-based VLAN. Input the VLAN
name and choose the member by ticking the check box beside the
port No., then, press the <Apply> button to have the setting taken
effect.
Delete Group - Just press the <Delete> button to delete the
selected exist group entry from the Port-based group table.
– 89 –
C
HAPTER
4 | Configuring the Switch
Configure SNMP
CONFIGURING PORTS
Figure 4-19 : VLAN Ports Configuration
The function in VLAN Tag Rule Setting, user can input VID number to
each port. The range of VID number is from 1 to 4094. User also can
choose ingress filtering rules to each port. There are two ingress
filtering rules which can be applied to the switch. The Ingress Filtering
Rule 1 is ―forward only packets with VID matching this port‘s configured
VID‖. The Ingress Filtering Rule 2 is ―drop untagged frame‖. You can
also select the Role of each port as Access, Trunk, or Hybrid.
WEB INTERFACE
To Configure the Ports in the web interface:
1.Click VLAN, Ports.
2. Specify the VLAN Port Configuration parameters.
3. Click Apply
PARAMETERS
These parameters are displayed on the VLAN Ports Configuration page:
Port 1-24 - The index of Port number.
VLAN Aware - Based on IEEE 802.1Q VLAN tag to forward packet.
Ingress Filtering - Discard other VLAN group packets, only
forward this port joined VLAN group packets
Frame Type –
All: Forward all tagged and untagged packets
Tagged: Forward tagged packets only and discard untagged
packets
– 90 –
C
HAPTER
4 | Configuring the Switch
Configure SNMP
PVID - This PVID range will be 1-4094. Before you set a number x
as PVID, you have to create a Tag-based VLAN with VID x. For
example, if port x receives an untagged packet, the switch will
apply the PVID (assume as VID y) of port x to tag this packet, the
packet then will be forwarded as the tagged packet with VID y.
Role - This is an egress rule of the port. Here you can choose
Access, Trunk or Hybrid. Trunk means the outgoing packets must
carry VLAN tag header. Access means the outgoing packets carry
no VLAN tag header. If packets have double VLAN tags, one will be
dropped and the other will still be left. As to Hybrid, it is similar to
Trunk, and both of them will tag-out. When the port is set to Hybrid,
its packets will be untagged out if the VID of the outgoing packets
with tag is the same as the one in the field of Untag VID of this port.
Untag VID - Valid range is 1~4094. It works only when Role is set
to Hybrid.
Double Tag - Double-tag mode belongs to the tag-based mode,
however, it would treat all frames as the untagged ones, which
means that tag with PVID will be added into all packets. Then,
these packets will be forwarded as Tag-based VLAN. So, the
incoming packets with tag will become the double-tag ones. Scroll
to enable the function and default is Disable.
CONFIGURING PORT ISOLATION
Port Isolation provides for an apparatus and method to isolate ports on
layer 2 switches on the same VLAN to restrict traffic flow. The
apparatus comprises a switch having said plurality of ports, each port
configured as a protected port or a non-protected port. An address
table memory stores an address table having a destination address and
port number pair. A forwarding map generator generates a forwarding
map which is responsive to a destination address of a data packet. The
method for isolating ports on a layer 2 switch comprises configuring
each of the ports on the layer 2 switch as a protected port or a nonprotected port. A destination address on an data packet is matched
with a physical address on said layer 2 switch and a forwarding map is
generated for the data packet based upon the destination address on
the data packet. The data packet is then sent to the plurality of ports
pursuant to the forwarding map generated based upon whether the
ingress port was configured as a protected or non-protected port.
WEB INTERFACE
To Configure the Port Isolation in the web interface:
1.Click VLAN, Port Isolation.
2. Evoke which port want to enable Port Isolation .
3. Click Save
Figure 4-20 : Port Isolation Configuration
PARAMETERS
These parameters are displayed on the Port Isolation page:
Port 1-24 - The index of Port number. To evoke the port which you
want to enable the Port Isolation service.
Save - Press the ―Save‖ to complete the PVLAN configuration
process.
– 92 –
C
HAPTER
4 | Configuring the Switch
Configure SNMP
CONFIGURING MANAGEMENT VLAN
To assign a specific VLAN for management purpose. The management
VLAN is used to establish an IP connection to the switch from a
workstation connected to a port in the VLAN. This connection supports
a VSM, SNMP, and Telnet session. By default, the active management
VLAN is VLAN 1, but you can designate any VLAN as the management
VLAN using the Management VLAN window. Only one management
VLAN can be active at a time.
When you specify a new management VLAN, your HTTP connection to
the old management VLAN is lost. For this reason, you should have a
connection between your management station and a port in the new
management VLAN or connect to the new management VLAN through a
multi-VLAN router
WEB INTERFACE
To Configure the Management VLAN in the web interface:
1.Click VLAN, Management VLAN.
2. Specify Management VLAN ID. 0~ 4094
3. Click Apply
Figure 4-21 : Management VLAN Configuration
PARAMETERS
These parameters are displayed on the Management VLAN Configuration page:
VID - Specific Management VLAN ID.
CONFIGURING MAC
Figure 4-22 : MAC Address Table Configuration
MAC Table Configuration gathers many functions, including MAC Table
Information, MAC Table Maintenance, Static Forward, Static Filter and
MAC Alias, which cannot be categorized to some function type. They
are described below.
WEB INTERFACE
To Configure the MAC Address Table in the web interface:
1.Click MAC, MAC Address Table.
2. Specify MAC Address Table parameters and evoke which port to
enable the MAC learning
3. Click Save
PARAMETERS
These parameters are displayed on the MAC Address Table Configuration page:
Aging Time - Delete a MAC address idling for a period of time from
the MAC Table, which will not affect static MAC address. Range of
MAC Address Aging Time is 10-1000000 seconds. The default Aging
Time is 300 seconds.
Disable automatic aging - Stop the MAC table aging timer, the
learned MAC address will not age out automatically.
– 94 –
C
HAPTER
4 | Configuring the Switch
Configure SNMP
Auto - Enable this port MAC address dynamic learning mechanism.
Disable - Disable this port MAC address dynamic learning
mechanism, only support static MAC address setting.
Secure - Disable this port MAC address dynamic learning
mechanism and copy the dynamic learning packets to CPU.
Save - Save MAC Address Table configuration.
Reset - Reset MAC Address Table configuration.
Flush - Remove all non-static mac entry.
CONFIGURING STATIC FILTER
Static Filter is a function that denies the packet forwarding if the
packet‘s MAC Address is listed in the filtering Static Filter table. User
can very easily maintain the table by filling in MAC Address, VID (VLAN ID) and Alias fields individually. User also can delete the existed entry
by clicking <Delete> button.
WEB INTERFACE
To Configure the MAC Static Filter in the web interface:
1.Click MAC, Static Filter.
2. Specify Static Filter parameters includes MAC Address, VID and Alias
3. Click Apply
Figure 4-23 : MAC Static Filter Configuration
PARAMETERS
These parameters are displayed on the Static Filter Configuration page:
MAC - It is a six-byte long Ethernet hardware address and usually
expressed by hex and separated by hyphens. For example,
00 – 40 - C7 - D6 – 00 - 02
VID - VLAN identifier. This will be filled only when tagged VLAN is
applied. Valid range is 1 ~ 4094.
Alias - MAC alias name you assign.
CONFIGURING STATIC FORWARD
Static Forward is a function that allows the user in the static forward table to
access a specified port of the switch. Static Forward table associated with a
specified port of a switch is set up by manually inputting MAC address and its
alias name.
When a MAC address is assigned to a specific port, all of the switch’s traffics
sent to this MAC address will be forwarded to this port.
WEB INTERFACE
To Configure the MAC Static Forward in the web interface:
1.Click MAC, Static Forward.
2. Specify Static Forward parameters includes MAC Address, Port
No.,VID and Alias
3. Click Apply
Figure 4-24: MAC Static Forward Configuration
PARAMETERS
These parameters are displayed on the Static Filter Configuration page:
MAC - It is a six-byte long Ethernet hardware address and usually
expressed by hex and separated by hyphens. For example,
00 – 40 - C7 - D6 – 00 – 02
Port No - Port number of the switch. It is 1 ~24.
VID - VLAN identifier. This will be filled only when tagged VLAN is
applied. Valid range is 1 ~ 4094.
Alias - MAC alias name you assign.
CONFIGURING MAC ALIAS
MAC Alias function is used to let you assign MAC address a plain English name.
At the initial time, it shows all pairs of the existed alias name and MAC address.
There are three MAC alias functions in this function folder, including MAC Alias
Add, MAC Alias Edit and MAC Alias Delete. You can click <Create/Edit> button to
add/modify a new or an existed alias name for a specified MAC address, or mark
an existed entry to delete it. Alias name must be composed of A-Z, a-z and 0-9
only and has a maximal length of 15 characters.
WEB INTERFACE
To Configure the MAC Alias in the web interface:
1.Click MAC, MAC Alias.
2. Specify MAC Alias parameters includes MAC Address and Alias
3. Click Apply
Figure 4-25 : MAC Alias Configuration
PARAMETERS
These parameters are displayed on the Static Filter Configuration page:
MAC - It is a six-byte long Ethernet hardware address and usually
expressed by hex and separated by hyphens. For example,
00 – 40 - C7 - D6 – 00 – 02
Alias - MAC alias name you assign.
NOTE:If there are too many MAC addresses learned in the table, we
recommend you inputting the MAC address and alias name directly.
CONFIGURING MAC TABLE
MAC Table function is used to display the static or dynamic learning MAC entry
and the state for the selected port. There are five MAC Table information display
on the Web GUI, including MAC Alias, MAC Address, Port, VID and State.
WEB INTERFACE
To display the MAC Table in the web interface:
1.Click MAC, MAC Table.
2. Display the detail MAC Table information
3. Specify the specific MAC Address which you want to search
4. Click Search
Figure 4- 26 : MAC Table Information
PARAMETERS
These parameters are displayed on the MAC Table page:
Alias - MAC alias name you assign.
MAC address - Display the MAC address of one entry you selected
from the searched MAC entries table.
Port - The port that exists in the searched MAC Entry.
VID - VLAN identifier. This will be filled only when tagged VLAN is
applied. Valid range is 1 ~ 4094.
Status - Dynamic or Static MAC address information.
Refresh - Refresh function can help you to see current MAC Table
status.
Clear - To clear the selected entry.
Previous Page - Move to the previous page.
Next Page - Move to the next page.
CONFIGURING GVRP
GVRP is an application based on Generic Attribute Registration Protocol (GARP),
mainly used to automatically and dynamically maintain the group membership
information of the VLANs. The GVRP offers the function providing the VLAN
registration service through a GARP application. It makes use of GARP
Information Declaration (GID) to maintain the ports associated with their attribute
database and GARP Information Propagation (GIP) to communicate among
switches and end stations. With GID information and GIP, GVRP state machine
maintain the contents of Dynamic VLAN Registration Entries for each VLAN and
propagate these information to other GVRP-aware devices to setup and update
their knowledge database, the set of VLANs associated with currently active
members, and through which ports these members can be reached.
WEB INTERFACE
To display the GVRP Configuration in the web interface:
1.Click GVRP, Config.
2. Specify the GVRP Configuration Parameters
3. Click Apply
Figure 4-27 : Configure GVRP parameters
PARAMETERS
These parameters are displayed on the GVRP Configuration page:
GVRP State - This function is simply to let you enable or disable
GVRP function. You can pull down the list and click the
<Downward> arrow key to choose ―Enable‖ or ―Disable‖. Then,
click the <Apply> button, the system will take effect immediately.
Join Time - Used to declare the Join Time in unit of centisecond.
Valid time range: 20 –100 centisecond, Default: 20 centisecond.
Leave Time - Used to declare the Leave Time in unit of
centisecond. Valid time range: 60 –300 centisecond, Default: 60
centisecond.
–
C
HAPTER
4 | Configuring the Switch
Configure SNMP
Leave All Time - A time period for announcement that all
registered device is going to be de-registered. If someone still
issues a new join, then a registration will be kept in the switch.
Valid range: 1000-5000 unit time, Default: 1000 unit time.
Default Applicant Mode - The mode here means the type of
participant. There are two modes, normal participant and nonparticipant, provided for the user‘s choice.
Normal:
It is Normal Participant. In this mode, the switch participates normally
in GARP protocol exchanges. The default setting is Normal.
Non-Participant:
It is Non-Participant. In this mode, the switch does not send or reply
any GARP messages. It just listens messages and reacts for the
received GVRP BPDU.
Default Registrar Mode- The mode here means the type of
Registrar. There are three types of parameters for registrar
administrative control value, normal registrar, fixed registrar and
forbidden registrar, provided for the user‘s choice.
Normal:
It is Normal Registration. The Registrar responds normally to incoming
GARP messages. The default setting is Normal.
Fixed:
It is Registration Fixed. The Registrar ignores all GARP messages, and
all members remain in the registered (IN) state.
Forbidden:
It is Registration Forbidden. The Registrar ignores all GARP messages,
and all members remain in the unregistered (EMPTY) state.
Restricted Mode - This function is used to restrict dynamic VLAN
be created when this port received GVRP PDU. There are two modes,
disable and enable, provided for the user‘s choice.
Disabled:
In this mode, the switch dynamic VLAN will be created when this port
received GVRP PDU. The default setting is Normal.
Enabled:
In this mode, the switch does not create dynamic VLAN when this port
received GVRP PDU. Except received dynamic VLAN message of the
GVRP PDU is an existed static VLAN in the switch, this port will be
added into the static VLAN members dynamically.
CONFIGURING COUNTER
All GVRP counters are mainly divided into Received and Transmitted two
categories to let you monitor the GVRP actions. Actually, they are GARP packets.
WEB INTERFACE
To display the GVRP Counter in the web interface:
1.Click GVRP, Counter.
2. Scroll which port you want to display the GVRP Counter information.
3. Click Refresh to modify the GVRP Counter information.
Figure 4-28: Display GVRP Counter detail information
PARAMETERS
These parameters are displayed on the GVRP Counter page:
Received –
Total GVRP Packets:
Total GVRP BPDU is received by the GVRP application.
Invalid GVRP Packets:
Number of invalid GVRP BPDU is received by the GVRP
application.
LeaveAll Message Packets:
Number of GVRP BPDU with Leave All message is received by the GVRP
application.
JoinEmpty Message Packets:
Number of GVRP BPDU with Join Empty message is received by the
GVRP application.
JoinIn Message Packets:
Number of GVRP BPDU with Join In message is received by the GVRP
application.
LeaveEmpty Message Packets:
Number of GVRP BPDU with Leave Empty message is received by the
GVRP application.
Transmitted –
Total GVRP Packets:
Total GVRP BPDU is received by the GVRP application.
Invalid GVRP Packets:
Number of invalid GVRP BPDU is received by the GVRP
application.
LeaveAll Message Packets:
Number of GVRP BPDU with Leave All message is received by the GVRP
application.
JoinEmpty Message Packets:
Number of GVRP BPDU with Join Empty message is received by the
GVRP application.
JoinIn Message Packets:
Number of GVRP BPDU with Join In message is received by the GVRP
application.
LeaveEmpty Message Packets:
Number of GVRP BPDU with Leave Empty message is received by the
GVRP application.
CONFIGURING GROUP
The Function will display the dynamic group member and their detail imformation.
Others it also provide a configuration item to edit administrative Control
parameters. The detail information includes VID and Member Port.
WEB INTERFACE
To display the Group in the web interface:
1.Click GVRP, Group.
2. Display the GVRP VLAN Group Information.
3. Select a exist GVRP VLAN Group entry.
4. Click Edit Administrative Contol.
Figure 4-29: Display GVRP VLAN Group information
PARAMETERS
These parameters are displayed on the GVRP VLAN Group page:
VID - VLAN identifier. When GVRP group creates, each dynamic
VLAN group owns its VID. Valid range is 1 ~ 4094.
Member Port - Those are the members belonging to the same
dynamic VLAN group.
Edit Administrative Control - When you create GVRP group, you
can use Administrative Control function to change Applicant Mode
and Registrar Mode of GVRP group member.
CONFIGURING QoS (QUALITY OF SERVICE)
The switch support four QoS queues per port with strict or weighted fair queuing
scheduling. There are 24 QoS Control Lists (QCL) for advance programmable
QoS classification, based on IEEE 802.1p, Ethertype, VID, IPv4/IPv6 DSCP and
UDP/TCP ports and ranges.
High flexibility in the classification of incoming frames to a QoS class. The QoS
classification looks for information up to Layer 4, including IPv4 and IPv6 DSCP,
IPv4 TCP/UDP port numbers, and user priority of tagged frames. This QoS
classification mechanism is implemented in a QoS control list (QCL). The QoS
class assigned to a frame is used throughout the device for providing queuing,
scheduling, and congestion control guarantees to the frame according to what
was configured for that specific QoS class.
The switch support advanced memory control mechanisms providing excellent
performance of all QoS classes under any traffic scenario, including jumbo frame.
A super priority queue with dedicated memory and strict highest priority in the
arbitration. The ingress super priority queue allows traffic recognized as CPU
traffic to be received and queued for transmission to the CPU even when all the
QoS class queues are congested.
WEB INTERFACE
To display the QoS Configuration in the web interface:
1.Click QoS, Ports.
2. Specify the Port QoS Paramter and Scroll the setting.
3. Click Apply.
Figure 4-30: Display QoS Ports Configuration
PARAMETERS
These parameters are displayed on the QoS Ports Configuration page:
Number of Classes – Scroll the value with 1/2/4.
Port - User can choose the port (1~24) respectively with Priority
Class on Per Port Priority function.
Default Class - User can set up High Priority or Low Priority for
each port respectively. You could scroll with Low / Normal / Medium /
High
QCL - The number of QCL rule 1~24, each port have to apply one
of the QCL rule for QoS behavior. You could scroll with 1 to 24.
User priority - The user priority value 0~7 (3 bits) is used as an
index to the eight QoS class values for VLAN tagged or priority
tagged frames. You could scroll with 0 to 7.
Queuing Mode - There are two Scheduling Method, Strict Priority
and Weighted Fair. Default is Strict Priority. After you choose any of
Scheduling Method, please click Apply button to be in operation.
You could scroll with Strict Priority and Weighted Fair two mode.
Queue Weighted - There are four queues per port and four classes
weighted number (1 / 2 / 4 / 8) for each queues, you can select the
weighted number when the scheduling method be set to ―Weighted
Fair‖ mode.
NOTE: If you want to set the Queue Weighted then you must to scroll the
Queuing Mode with Weighted Fair mode first.
CONFIGURING QoS CONTROL LIST
The switch support four QoS queues per port with strict or weighted fair queuing
scheduling. There are 24 QoS Control Lists (QCL) for advance programmable
QoS classification, based on IEEE 802.1p, Ether Type, VID, IPv4/IPv6 DSCP and
UDP/TCP ports and ranges.
WEB INTERFACE
To display the QoS Control List Configuration in the web interface:
1.Click QoS, QoS Control List.
2. Scroll the QCL rule number. The value from 1 to 24
3. Press
4. Specify the QCL Parameters.
Figure 4-31: Display QoS Control List Configuration
PARAMETERS
These parameters are displayed on the QoS Control List page:
QCL# – Scroll the value with 1to 24.
QCE Type – You could scroll QCE Type with the Ethernet Type /
VLAN ID / UDP/TCP Port / DSCP / ToS / Tag Priority
Ethernet Type Value - The configurable range is 0x600~0xFFFF.
Well known protocols already assigned EtherType values. The
commonly used values in the EtherType field and corresponding
protocols are listed below:
UDP/TCP Port - To select the UDP/TCP port classification method
by Range or Specific.
UDP/TCP Port Range - The configurable ports range:
0~65535You can refer to following UDP/TCP port-numbers
information.
http://www.iana.org/assignments/port-numbers
UDP/TCP Port No - The configurable specific port value: 0~65535.
DSCP Value - The configurable DSCP value: 0~63.
Traffic Class – You could scroll traffic class with Low / Normal /
Medium / High.
CONFIGURING RATE LIMITERS
Each port includes an ingress policer, and an egress shaper, which can limit the
bandwidth of received and transmitted frames. Ingress policer or egress shaper
operation is controlled per port in the Rate Limit Configuration.
WEB INTERFACE
To display the QoS Rate Limiters Configuration in the web interface:
1.Click QoS, Rate limiters.
2. To set an rate limit on ingress traffic, check Policer Enabled box next
to the required port, set the rate limit in the Policer Rate field, and
select the unit of measure for the traffic rate.
3. To set an rate limit on egress traffic, check Shaper Enabled box next
to the required port, set the rate limit in the Shaper Rate field, and
select the unit of measure for the traffic rate.
4. Scroll the Ingress and Egress Unit with kbps or Mbps
These parameters are displayed on the QoS Rate Limiter page:
Port # – Display the Port Index.
Ingress Shaper Enabled – Evoke to enable the Ingress rate
limiter rule.
Ingress Shaper Rate (rule) - Configures the rate for the port
shaper.
(Range: 500-1000000 kbps, or 1-1000 Mbps; Default: 500 kbps)
Ingress Shaper Unit – Sets the unit of measure for the port
shaper. (Options: kbps, Mbps; Default: kbps)
Egress Shaper Enabled – Evoke to enable the Egress rate limiter
rule.
Egress Rate (rule) - - Configures the rate for the port shaper.
(Range: 500-1000000 kbps, or 1-1000 Mbps; Default: 500 kbps)
Egress Shaper Unit – Sets the unit of measure for the port shaper.
(Options: kbps, Mbps; Default: kbps)
CONFIGURING STORM CONTROL
You can configure limits on broadcast, multicast and unknown unicast traffic to
control traffic storms which may occur when a network device is malfunctioning,
the network is not properly configured, or application programs are not well
designed or properly configured. Traffic storms caused by any of these problems
can severely degrade performance or bring your network to a complete halt.
You can protect your network from traffic storms by setting a threshold for
broadcast, multicast, or unknown unicast traffic. Any packets exceeding the
specified threshold will then be dropped. Note that the limit specified on this page
applies to each port
WEB INTERFACE
To configure Storm Control:
1. Click QoS, Storm Control.
2.Enable storm control for Flooded unicast, Multicast, or
Broadcast traffic by marking the Status box next to the
required frame type.
3.Select the control rate as a function of 2
suffix for the unit of measure) or a rate in Kpps (i.e., a value
marked with the suffix ―K‖).
4.Click Apply.
n
pps (i.e., a value with no
Figure 4-33: Storm Control Configuration
PARAMETERS
These parameters are displayed on the QoS Storm Control page:
Frame Type – Specifies Broadcast, Multicast or Flooded unicast
traffic..
Status – Enables or disables storm control. (Default: Disabled)
Rate (pps) - The threshold above which packets are dropped. This
limit can be set by specifying a value of 2n packets per second (pps),
or by selecting one of the options in Kpps. 1 / 2 / 4 / 8 / 16 / 32 /
64 / 128 / 256 / 512 / 1K / 2K / 4K / 8K / 16K / 32K / 64K / 128K /
256K / 512K / 1024K
NOTE:Due to an ASIC limitation, the enforced rate limits are slightly less
than the listed options. For example: 1 Kpps translates into an enforced
threshold of 1002.1 pps. directly.
CONFIGURING QoS WIZARD
You can use the QCL configuration Wizard is targeted on user can easy to
configure the QCL rules for QoS configuration. The wizard provide the typical
network application rules, user can apply these application easily.
WEB INTERFACE
To configure QoS Wizard:
1. Click QoS, Wizard.
2.Choice one of four rules for action .
3.Click Next to next step of configuration
4.Follw up the GUI procedure to set all parameters.
Figure 4-34: Select 1 of 4 QCL Configuration Wizards
PARAMETERS
These parameters are displayed on the QCL Wizard page:
Please select an Action –User need to select one of action from
following items, then click on <Next> to finish QCL configuration:
Set up Port Policies
Set up Typical Network Application Rules
Set up TOS Precedence Mapping
Set up VLAN Tag Priority Mapping
Next –Go to next step.
Cancel - Abort current configuration back to previous step.
Back - Back to previous screen
Figure 4-35: Set up Policy Rules
PARAMETERS
These parameters are displayed on the QCL Wizard page:
QCL ID – Display the QoS Control List (QCL) Index from 1 to 24
Port Member – Evoke the port to join the QCL ID and become the
QCL Member.
Wizard Again - Click on the <Wizard Again> , back to QCL
Configuration Wizard
Finish - When you click on <Finish>, the parameters will be set
according to the wizard configuration and shown on the screen, then
ask you to click on <Apply> for changed parameters confirmation.
Figure 4-36: Set up Port Policy Finish
Figure 4-37: Set up Typical Network Application Rules
PARAMETERS
These parameters are displayed on the QCL Wizard page:
Audio and Video – QuickTime 4 Server / MSN Messenger Phone /
Yahoo Messenger Phone / Napster / Real Audio
Games - Blizzard Battlenet (Diablo2 and StarCraft) / Fighter Ace II /
Quake2 / Quake3 / MSN Game Zone
User Definition - Ethernet Type / VLAN ID / UDP/TCP Port / DSCP.
Ethernet Type Value - Type Range: 0x600~0xFFFF.
VLAN ID – To set the VLAN ID Range: 1~4094
UDP/TCP Port – Set with Two Mode: Range / Specific.
UDP/TCP Port Range – Set the Port Range: 0~65535
UDP/TCP Port No - Set the Port Range: 0~65535
DSCP Value – Set the DSCP Value Range: 0~63
Figure 4-38: Set up Typical Network Application Rules
PARAMETERS
These parameters are displayed on the QCL Wizard page:
QCL ID – Scroll to set the QCL ID from 1 to 24
Traffic Class – Scroll to set the Traffic Class with Low/ Normal/
Medium/ High
Figure 4-39: Set up TOS Precedence Mapping Rules
PARAMETERS
These parameters are displayed on the QCL Wizard page:
QCL ID – Scroll to set the QCL ID from 1 to 24
TOS Precedence 0- 7 Class – Scroll to set the TOS Precedence
Mapping Class with Low/ Normal/ Medium/ High
Figure 4-40: Set up VLAN Tag Priority Mapping Rules
PARAMETERS
These parameters are displayed on the QCL Wizard page:
QCL ID – Scroll to set the QCL ID from 1 to 24
Tag Priority 0- 7 Class – Scroll to set the Tag Priority Mapping
Simple Network Management Protocol (SNMP) is a communication
protocol designed specifically for managing devices on a network.
Equipment commonly managed with SNMP. SNMP is typically used to
configure these devices for proper operation in a network environment,
as well as to monitor them to evaluate performance or detect potential
problems.
Managed devices supporting SNMP contain software, which runs locally
on the device and is referred to as an agent. A defined set of variables,
known as managed objects, is maintained by the SNMP agent and used
to manage the device. These objects are defined in a Management
Information Base (MIB) that provides a standard presentation of the
information controlled by the agent. SNMP defines both the format of
the MIB specifications and the protocol used to access this information
over the network.
The switch includes an onboard agent that supports SNMP versions 1,
2c, and 3. This agent continuously monitors the status of the switch
hardware, as well as the traffic passing through its ports. A network
management station can access this information using software such as
LantechView. Access to the onboard agent from clients using SNMP v1
and v2c is controlled by community strings. To communicate with the
switch, the management station must first submit a valid community
string for authentication.
Access to the switch using from clients using SNMPv3 provides
additional security features that cover message integrity,
authentication, and encryption; as well as controlling user access to
specific areas of the MIB tree. The SNMPv3 security structure consists
of security models, with each model having it's own security levels.
There are three security models defined, SNMPv1, SNMPv2c, and
SNMPv3. Users are assigned to ―groups‖ that are defined by a security
model and specified security levels.
Basically, it is passive except issuing the trap information. The switch
supports a switch to turn on or off the SNMP agent. If you set the field
SNMP ―Enable‖, SNMP agent will be started up. All supported MIB OIDs,
including RMON MIB, can be accessed via SNMP manager. If the field
SNMP is set ―Disable‖, SNMP agent will be de-activated, the related
Community Name, Trap Host IP Address, Trap and all MIB counters will
be ignored.
NOTE: The predefined default groups and view can be deleted from
the system. You can then define customized groups and views for the
SNMP clients that require access.
Loading...
+ hidden pages
You need points to download manuals.
1 point = 1 manual.
You can buy points or you can get point for every manual you upload.