Level One GEL-1061 operation manual
GEL-1061
10-Port L2 Managed Gigabit Switch, 2 x SFP
GEP-1061
10-Port L2 Managed Gigabit PoE Switch, 2 x SFP,
802.3at PoE+, 125W
User Manual
V1.0
Digital Data Communications Asia Co., Ltd.
http://www.level1.com
User Manual
GEL-1061
10-Port L2 Managed Gigabit Switch
with 8 10/100/1000BASE-T (RJ-45) Ports
and 2 Gigabit SFP Ports
GEP-1061
10-Port L2 Managed Gigabit PoE Switch
with 8 10/100/1000BASE-T (RJ-45) 802.3 af/at PoE Ports
and 2 Gigabit SFP Ports
(PoE Power Budget: 125 W)
E032016-CS-R01
How to Use This Guide
This guide includes detailed information on the switch software, including how to
operate and use the management functions of the switch. To deploy this switch
effectively and ensure trouble-free operation, you should first read the relevant
sections in this guide so that you are familiar with all of its software features.
Who Should Read
this Guide?
How this Guide
is Organized
This guide is for network administrators who are responsible for operating and
maintaining network equipment. The guide assumes a basic working knowledge of
LANs (Local Area Networks), the Internet Protocol (IP), and Simple Network
Management Protocol (SNMP).
This guide provides detailed information about the switch’s key features. It also
describes the switch’s web browser interface. For information on the command line
interface refer to the CLI Reference Guide.
The guide includes these sections:
◆ Section I “Getting Started” — Includes an introduction to switch management,
and the basic settings required to access the management interface.
◆ Section II “Web Configuration” — Includes all management options available
through the web browser interface.
◆ Section III “Ap pe nd ices” — Includes information on troubleshooting switch
management access.
Related
Documentation
This guide focuses on switch software configuration through the web browser.
For information on how to manage the switch through the command line interface,
see the following guide:
CLI Reference Guide
Note:
For a description of how to initialize the switch for management access via
the CLI, web interface or SNMP, refer to “Initial Switch Configuration” in the CLI
Reference Guide.
– 3 –
How to Use This Guide
Conventions The following conventions are used throughout this guide to show information:
For information on how to install the switch, see the following guide:
Installation Guide
For all safety information and regulatory statements, see the following documents:
Quick Start Guide
Safety and Regulatory Information
Note:
Emphasizes important information or calls your attention to related features
or instructions.
Caution:
the system or equipment.
Warning:
Alerts you to a potential hazard that could cause loss of data, or damage
Alerts you to a potential hazard that could cause personal injury.
Revision History This section summarizes the changes in each revision of this guide.
March 2016 Revision
This is the first version of this guide. This guide is valid for software release v1.1.2.0.
– 4 –
Contents
How to Use This Guide 3
Contents 5
Figures 15
Tables 25
Section I Getting Started 27
1 Introduction 29
Key Features 29
Description of Software Features 30
Address Resolution Protocol 34
System Defaults 35
Section II Web Configuration 39
2 Using the Web Interface 41
Connecting to the Web Interface 41
Navigating the Web Browser Interface 42
Dashboard 42
Home Page 44
Configuration Options 44
Panel Display 45
Main Menu 46
3 Basic Management Tasks 61
Displaying System Information 62
Displaying Hardware/Software Versions 63
Configuring Support for Jumbo Frames 64
– 5 –
Contents
Displaying Bridge Extension Capabilities 65
Managing System Files 67
Copying Files via FTP/ TFTP or HTTP 67
Saving the Running Configuration to a Local File 69
Setting the Start-up File 70
Showing System Files 71
Automatic Operation Code Upgrade 71
Setting the System Clock 75
Setting the Time Manually 76
Setting the SNTP Polling Interval 77
Configuring NTP 77
Configuring Time Servers 78
Setting the Time Zone 82
Configuring Summer Time 83
Configuring the Console Port 85
Configuring Telnet Settings 87
Displaying CPU Utilization 88
Configuring CPU Guard 89
Displaying Memory Utilization 90
Resetting the System 91
4 Interface Configuration 95
Port Configuration 96
Configuring by Port List 96
Configuring by Port Range 98
Displaying Connection Status 99
Showing Port or Trunk Statistics 100
Displaying Statistical History 104
Displaying Transceiver Data 108
Configuring Transceiver Thresholds 109
Trunk Configuration 111
Configuring a Static Trunk 113
Configuring a Dynamic Trunk 115
Displaying LACP Port Counters 121
Displaying LACP Settings and Status for the Local Side 122
– 6 –
Contents
Displaying LACP Settings and Status for the Remote Side 124
Configuring Load Balancing 125
Saving Power 127
Configuring Local Port Mirroring 129
Configuring Remote Port Mirroring 130
Traffic Segmentation 135
Enabling Traffic Segmentation 135
Configuring Uplink and Downlink Ports 136
5 VLAN Configuration 139
IEEE 802.1Q VLANs 139
Configuring VLAN Groups 142
Adding Static Members to VLANs 144
Protocol VLANs 148
Configuring Protocol VLAN Groups 149
Mapping Protocol Groups to Interfaces 150
Configuring MAC-based VLANs 152
6 Address Table Settings 155
Configuring MAC Address Learning 155
Setting Static Addresses 157
Changing the Aging Time 159
Displaying the Dynamic Address Table 159
Clearing the Dynamic Address Table 161
Issuing MAC Address Traps 162
7 Spanning Tree Algorithm 165
Overview 165
Configuring Loopback Detection 167
Configuring Global Settings for STA 169
Displaying Global Settings for STA 174
Configuring Interface Settings for STA 175
Displaying Interface Settings for STA 180
Configuring Multiple Spanning Trees 183
Configuring Interface Settings for MSTP 187
8 Congestion Control 189
– 7 –
Contents
Rate Limiting 189
Storm Control 190
9 Class of Service 193
Layer 2 Queue Settings 193
Setting the Default Priority for Interfaces 193
Selecting the Queue Mode 194
Layer 3/4 Priority Settings 197
Setting Priority Processing to DSCP or CoS 198
Mapping Ingress DSCP Values to Internal DSCP Values 199
Mapping CoS Priorities to Internal DSCP Values 201
10 Quality of Service 205
Overview 205
Configuring a Class Map 206
Creating QoS Policies 210
Attaching a Policy Map to a Port 214
11 VoIP Traffic Configuration 217
Overview 217
Configuring VoIP Traffic 218
Configuring Telephony OUI 219
Configuring VoIP Traffic Ports 220
12 Security Measures 223
AAA (Authentication, Authorization and Accounting) 224
Configuring Local/Remote Logon Authentication 225
Configuring Remote Logon Authentication Servers 226
Configuring AAA Accounting 231
Configuring AAA Authorization 237
Configuring User Accounts 241
Network Access (MAC Address Authentication) 243
Configuring Global Settings for Network Access 245
Configuring Network Access for Ports 246
Configuring a MAC Address Filter 248
Displaying Secure MAC Address Information 249
Configuring HTTPS 251
– 8 –
Contents
Configuring Global Settings for HTTPS 251
Replacing the Default Secure-site Certificate 252
Configuring the Secure Shell 254
Configuring the SSH Server 256
Generating the Host Key Pair 258
Importing User Public Keys 259
Access Control Lists 261
Showing TCAM Utilization 262
Setting the ACL Name and Type 264
Configuring a Standard IPv4 ACL 266
Configuring an Extended IPv4 ACL 267
Configuring a Standard IPv6 ACL 269
Configuring an Extended IPv6 ACL 271
Configuring a MAC ACL 273
Configuring an ARP ACL 275
Binding a Port to an Access Control List 277
Showing ACL Hardware Counters 278
ARP Inspection 279
Configuring Global Settings for ARP Inspection 280
Configuring VLAN Settings for ARP Inspection 282
Configuring Interface Settings for ARP Inspection 284
Displaying ARP Inspection Statistics 285
Displaying the ARP Inspection Log 286
Filtering IP Addresses for Management Access 287
Configuring Port Security 289
Configuring 802.1X Port Authentication 291
Configuring 802.1X Global Settings 293
Configuring Port Authenticator Settings for 802.1X 294
Displaying 802.1X Statistics 298
DHCP Snooping 299
DHCP Snooping Global Configuration 302
DHCP Snooping VLAN Configuration 303
Configuring Ports for DHCP Snooping 304
Displaying DHCP Snooping Binding Information 306
DoS Protection 307
– 9 –
Contents
IPv4 Source Guard 308
Configuring Ports for IPv4 Source Guard 308
Configuring Static Bindings for IPv4 Source Guard 311
Displaying Information for Dynamic IPv4 Source Guard Bindings 313
13 Basic Administration Protocols 315
Configuring Event Logging 316
System Log Configuration 316
Remote Log Configuration 318
Sending Simple Mail Transfer Protocol Alerts 319
Link Layer Discovery Protocol 321
Setting LLDP Timing Attributes 321
Configuring LLDP Interface Attributes 323
Configuring LLDP Interface Civic-Address 327
Displaying LLDP Local Device Information 329
Displaying LLDP Remote Device Information 333
Displaying Device Statistics 341
Power over Ethernet 343
Setting the Switch’s Overall PoE Power Budget 344
Setting the Port PoE Power Budget 345
Simple Network Management Protocol 347
Configuring Global Settings for SNMP 349
Setting the Local Engine ID 350
Specifying a Remote Engine ID 351
Setting SNMPv3 Views 353
Configuring SNMPv3 Groups 355
Setting Community Access Strings 362
Configuring Local SNMPv3 Users 363
Configuring Remote SNMPv3 Users 365
Specifying Trap Managers 368
Creating SNMP Notification Logs 372
Showing SNMP Statistics 374
Remote Monitoring 376
Configuring RMON Alarms 377
Configuring RMON Events 379
– 10 –
Contents
Configuring RMON History Samples 381
Configuring RMON Statistical Samples 384
Setting a Time Range 387
LBD Configuration 389
Configuring Global Settings for LBD 390
Configuring Interface Settings for LBD 392
14 Multicast Filtering 393
Overview 393
Layer 2 IGMP (Snooping and Query for IPv4) 394
Configuring IGMP Snooping and Query Parameters 396
Specifying Static Interfaces for a Multicast Router 400
Assigning Interfaces to Multicast Services 402
Setting IGMP Snooping Status per Interface 404
Filtering IGMP Query Packets and Multicast Data 410
Displaying Multicast Groups Discovered by IGMP Snooping 411
Displaying IGMP Snooping Statistics 412
Filtering and Throttling IGMP Groups 416
Enabling IGMP Filtering and Throttling 416
Configuring IGMP Filter Profiles 417
Configuring IGMP Filtering and Throttling for Interfaces 419
MLD Snooping (Snooping and Query for IPv4) 421
Configuring MLD Snooping and Query Parameters 421
Setting Immediate Leave Status for MLD Snooping per Interface 423
Specifying Static Interfaces for an IPv6 Multicast Router 424
Assigning Interfaces to IPv6 Multicast Services 426
Showing MLD Snooping Groups and Source List 428
15 IP Tools 431
Using the Ping Function 431
Using the Trace Route Function 432
Address Resolution Protocol 434
Displaying Dynamic or Local ARP Entries 435
16 IP Services 437
Domain Name Service 437
– 11 –
Contents
Configuring General DNS Service Parameters 437
Configuring a List of Domain Names 438
Configuring a List of Name Servers 440
Configuring Static DNS Host to Address Entries 441
Displaying the DNS Cache 442
Dynamic Host Configuration Protocol 443
Specifying a DHCP Client Identifier 444
Configuring DHCP Relay Service 445
Enabling DHCP Dynamic Provision 449
17 IP Configuration 451
Setting the Switch’s IP Address (IP Version 4) 451
Configuring the IPv4 Default Gateway 451
Configuring IPv4 Interface Settings 452
Setting the Switch’s IP Address (IP Version 6) 455
Configuring the IPv6 Default Gateway 456
Configuring IPv6 Interface Settings 457
Configuring an IPv6 Address 461
Showing IPv6 Addresses 464
Showing the IPv6 Neighbor Cache 465
Showing IPv6 Statistics 466
Showing the MTU for Responding Destinations 472
Section III Appendices 473
A Software Specifications 475
Software Features 475
Management Features 476
Standards 477
Management Information Bases 477
B Troubleshooting 479
Problems Accessing the Management Interface 479
Using System Logs 480
C License Information 481
– 12 –
Contents
The GNU General Public License 481
Glossary 485
Index 493
– 13 –
Contents
– 14 –
Figures
Figure 1: Dashboard 42
Figure 2: Home Page 44
Figure 3: Front Panel Indicators 45
Figure 4: System Information 62
Figure 5: General Switch Information 64
Figure 6: Configuring Support for Jumbo Frames 65
Figure 7: Displaying Bridge Extension Configuration 66
Figure 8: Copy Firmware 68
Figure 9: Saving the Running Configuration 70
Figure 10: Setting Start-Up Files 70
Figure 11: Displaying System Files 71
Figure 12: Configuring Automatic Code Upgrade 75
Figure 13: Manually Setting the System Clock 76
Figure 14: Setting the Polling Interval for SNTP 77
Figure 15: Configuring NTP 78
Figure 16: Specifying SNTP Time Servers 79
Figure 17: Adding an NTP Time Server 80
Figure 18: Showing the NTP Time Server List 80
Figure 19: Adding an NTP Authentication Key 81
Figure 20: Showing the NTP Authentication Key List 82
Figure 21: Setting the Time Zone 83
Figure 22: Configuring Summer Time 85
Figure 23: Console Port Settings 86
Figure 24: Telnet Connection Settings 88
Figure 25: Displaying CPU Utilization 89
Figure 26: Configuring CPU Guard 90
Figure 27: Displaying Memory Utilization 91
Figure 28: Restarting the Switch (Immediately) 93
Figure 29: Restarting the Switch (In) 93
– 15 –
Figures
Figure 30: Restarting the Switch (At) 94
Figure 31: Restarting the Switch (Regularly) 94
Figure 32: Configuring Connections by Port List 98
Figure 33: Configuring Connections by Port Range 99
Figure 34: Displaying Port Information 100
Figure 35: Showing Port Statistics (Table) 103
Figure 36: Showing Port Statistics (Chart) 104
Figure 37: Configuring a History Sample 106
Figure 38: Showing Entries for History Sampling 106
Figure 39: Showing Status of Statistical History Sample 107
Figure 40: Showing Current Statistics for a History Sample 107
Figure 41: Showing Ingress Statistics for a History Sample 108
Figure 42: Displaying Transceiver Data 109
Figure 43: Configuring Transceiver Thresholds 111
Figure 44: Configuring Static Trunks 113
Figure 45: Creating Static Trunks 114
Figure 46: Adding Static Trunks Members 114
Figure 47: Configuring Connection Parameters for a Static Trunk 115
Figure 48: Showing Information for Static Trunks 115
Figure 49: Configuring Dynamic Trunks 115
Figure 50: Configuring the LACP Aggregator Admin Key 118
Figure 51: Enabling LACP on a Port 119
Figure 52: Configuring LACP Parameters on a Port 120
Figure 53: Showing Members of a Dynamic Trunk 120
Figure 54: Configuring Connection Settings for a Dynamic Trunk 121
Figure 55: Showing Connection Parameters for Dynamic Trunks 121
Figure 56: Displaying LACP Port Counters 122
Figure 57: Displaying LACP Port Internal Information 124
Figure 58: Displaying LACP Port Remote Information 125
Figure 59: Configuring Load Balancing 127
Figure 60: Enabling Power Savings 128
Figure 61: Configuring Local Port Mirroring 129
Figure 62: Configuring Local Port Mirroring 130
Figure 63: Displaying Local Port Mirror Sessions 130
Figure 64: Configuring Remote Port Mirroring 131
– 16 –
Figures
Figure 65: Configuring Remote Port Mirroring (Source) 134
Figure 66: Configuring Remote Port Mirroring (Intermediate) 134
Figure 67: Configuring Remote Port Mirroring (Destination) 134
Figure 68: Enabling Traffic Segmentation 136
Figure 69: Configuring Members for Traffic Segmentation 137
Figure 70: Showing Traffic Segmentation Members 138
Figure 71: VLAN Compliant and VLAN Non-compliant Devices 140
Figure 72: Creating Static VLANs 143
Figure 73: Modifying Settings for Static VLANs 143
Figure 74: Showing Static VLANs 144
Figure 75: Configuring Static Members by VLAN Index 146
Figure 76: Configuring Static VLAN Members by Interface 147
Figure 77: Configuring Static VLAN Members by Interface Range 148
Figure 78: Configuring Protocol VLANs 150
Figure 79: Displaying Protocol VLANs 150
Figure 80: Assigning Interfaces to Protocol VLANs 152
Figure 81: Showing the Interface to Protocol Group Mapping 152
Figure 82: Configuring MAC-Based VLANs 154
Figure 83: Showing MAC-Based VLANs 154
Figure 84: Configuring MAC Address Learning 156
Figure 85: Configuring Static MAC Addresses 158
Figure 86: Displaying Static MAC Addresses 158
Figure 87: Setting the Address Aging Time 159
Figure 88: Displaying the Dynamic MAC Address Table 160
Figure 89: Clearing Entries in the Dynamic MAC Address Table 161
Figure 90: Issuing MAC Address Traps (Global Configuration) 162
Figure 91: Issuing MAC Address Traps (Interface Configuration) 163
Figure 92: STP Root Ports and Designated Ports 166
Figure 93: MSTP Region, Internal Spanning Tree, Multiple Spanning Tree 166
Figure 94: Spanning Tree – Common Internal, Common, Internal 167
Figure 95: Configuring Port Loopback Detection 169
Figure 96: Configuring Global Settings for STA (STP) 173
Figure 97: Configuring Global Settings for STA (RSTP) 173
Figure 98: Configuring Global Settings for STA (MSTP) 174
Figure 99: Displaying Global Settings for STA 175
– 17 –
Figures
Figure 100: Determining the Root Port 177
Figure 101: Configuring Interface Settings for STA 180
Figure 102: STA Port Roles 181
Figure 103: Displaying Interface Settings for STA 182
Figure 104: Creating an MST Instance 184
Figure 105: Displaying MST Instances 184
Figure 106: Modifying the Priority for an MST Instance 185
Figure 107: Displaying Global Settings for an MST Instance 185
Figure 108: Adding a VLAN to an MST Instance 186
Figure 109: Displaying Members of an MST Instance 186
Figure 110: Configuring MSTP Interface Settings 188
Figure 111: Displaying MSTP Interface Settings 188
Figure 112: Configuring Rate Limits 190
Figure 113: Configuring Storm Control 191
Figure 114: Setting the Default Port Priority 194
Figure 115: Setting the Queue Mode (Strict) 196
Figure 116: Setting the Queue Mode (WRR) 196
Figure 117: Setting the Queue Mode (Strict and WRR) 197
Figure 118: Setting the Trust Mode 199
Figure 119: Configuring DSCP to DSCP Internal Mapping 200
Figure 120: Showing DSCP to DSCP Internal Mapping 201
Figure 121: Configuring CoS to DSCP Internal Mapping 202
Figure 122: Showing CoS to DSCP Internal Mapping 203
Figure 123: Configuring a Class Map 207
Figure 124: Showing Class Maps 208
Figure 125: Adding Rules to a Class Map 209
Figure 126: Showing the Rules for a Class Map 209
Figure 127: Configuring a Policy Map 212
Figure 128: Showing Policy Maps 212
Figure 129: Adding Rules to a Policy Map 213
Figure 130: Showing the Rules for a Policy Map 214
Figure 131: Attaching a Policy Map to a Port 215
Figure 132: Configuring a Voice VLAN 219
Figure 133: Configuring an OUI Telephony List 220
Figure 134: Showing an OUI Telephony List 220
– 18 –
Figures
Figure 135: Configuring Port Settings for a Voice VLAN 222
Figure 136: Configuring the Authentication Sequence 226
Figure 137: Authentication Server Operation 226
Figure 138: Configuring Remote Authentication Server (RADIUS) 229
Figure 139: Configuring Remote Authentication Server (TACACS+) 230
Figure 140: Configuring AAA Server Groups 230
Figure 141: Showing AAA Server Groups 231
Figure 142: Configuring Global Settings for AAA Accounting 233
Figure 143: Configuring AAA Accounting Methods 234
Figure 144: Showing AAA Accounting Methods 235
Figure 145: Configuring AAA Accounting Service for 802.1X Service 235
Figure 146: Configuring AAA Accounting Service for Command Service 236
Figure 147: Configuring AAA Accounting Service for Exec Service 236
Figure 148: Displaying a Summary of Applied AAA Accounting Methods 237
Figure 149: Displaying Statistics for AAA Accounting Sessions 237
Figure 150: Configuring AAA Authorization Methods 239
Figure 151: Showing AAA Authorization Methods 239
Figure 152: Configuring AAA Authorization Methods for Exec Service 240
Figure 153: Displaying the Applied AAA Authorization Method 240
Figure 154: Configuring User Accounts 242
Figure 155: Showing User Accounts 243
Figure 156: Configuring Global Settings for Network Access 246
Figure 157: Configuring Interface Settings for Network Access 247
Figure 158: Configuring a MAC Address Filter for Network Access 248
Figure 159: Showing the MAC Address Filter Table for Network Access 249
Figure 160: Showing Addresses Authenticated for Network Access 250
Figure 161: Configuring HTTPS 252
Figure 162: Downloading the Secure-Site Certificate 254
Figure 163: Configuring the SSH Server 257
Figure 164: Generating the SSH Host Key Pair 258
Figure 165: Showing the SSH Host Key Pair 259
Figure 166: Copying the SSH User’s Public Key 260
Figure 167: Showing the SSH User’s Public Key 261
Figure 168: Showing TCAM Utilization 264
Figure 169: Creating an ACL 265
– 19 –
Figures
Figure 170: Showing a List of ACLs 265
Figure 171: Configuring a Standard IPv4 ACL 267
Figure 172: Configuring an Extended IPv4 ACL 269
Figure 173: Configuring a Standard IPv6 ACL 270
Figure 174: Configuring an Extended IPv6 ACL 273
Figure 175: Configuring a MAC ACL 275
Figure 176: Configuring a ARP ACL 277
Figure 177: Binding a Port to an ACL 278
Figure 178: Showing ACL Statistics 279
Figure 179: Configuring Global Settings for ARP Inspection 282
Figure 180: Configuring VLAN Settings for ARP Inspection 283
Figure 181: Configuring Interface Settings for ARP Inspection 284
Figure 182: Displaying Statistics for ARP Inspection 286
Figure 183: Displaying the ARP Inspection Log 287
Figure 184: Creating an IP Address Filter for Management Access 288
Figure 185: Showing IP Addresses Authorized for Management Access 289
Figure 186: Configuring Port Security 291
Figure 187: Configuring Port Authentication 292
Figure 188: Configuring Global Settings for 802.1X Port Authentication 293
Figure 189: Configuring Interface Settings for 802.1X Port Authenticator 297
Figure 190: Showing Statistics for 802.1X Port Authenticator 299
Figure 191: Configuring Global Settings for DHCP Snooping 303
Figure 192: Configuring DHCP Snooping on a VLAN 304
Figure 193: Configuring the Port Mode for DHCP Snooping 305
Figure 194: Displaying the Binding Table for DHCP Snooping 307
Figure 195: Protecting Against DoS Attacks 308
Figure 196: Setting the Filter Type for IPv4 Source Guard 310
Figure 197: Configuring Static Bindings for IPv4 Source Guard 313
Figure 198: Configuring Static Bindings for IPv4 Source Guard 313
Figure 199: Showing the IPv4 Source Guard Binding Table 314
Figure 200: Configuring Settings for System Memory Logs 317
Figure 201: Showing Error Messages Logged to System Memory 318
Figure 202: Configuring Settings for Remote Logging of Error Messages 319
Figure 203: Configuring SMTP Alert Messages 320
Figure 204: Configuring LLDP Timing Attributes 323
– 20 –
Figures
Figure 205: Configuring LLDP Interface Attributes 327
Figure 206: Configuring the Civic Address for an LLDP Interface 328
Figure 207: Showing the Civic Address for an LLDP Interface 329
Figure 208: Displaying Local Device Information for LLDP (General) 332
Figure 209: Displaying Local Device Information for LLDP (Port) 332
Figure 210: Displaying Local Device Information for LLDP (Port Details) 332
Figure 211: Displaying Remote Device Information for LLDP (Port) 339
Figure 212: Displaying Remote Device Information for LLDP (Port Details) 340
Figure 213: Displaying Remote Device Information for LLDP (End Node) 341
Figure 214: Displaying LLDP Device Statistics (General) 343
Figure 215: Displaying LLDP Device Statistics (Port) 343
Figure 216: Setting the Switch’s PoE Budget 345
Figure 217: Setting a Port’s PoE Budget 347
Figure 218: Configuring Global Settings for SNMP 350
Figure 219: Configuring the Local Engine ID for SNMP 351
Figure 220: Configuring a Remote Engine ID for SNMP 352
Figure 221: Showing Remote Engine IDs for SNMP 352
Figure 222: Creating an SNMP View 354
Figure 223: Showing SNMP Views 354
Figure 224: Adding an OID Subtree to an SNMP View 355
Figure 225: Showing the OID Subtree Configured for SNMP Views 355
Figure 226: Creating an SNMP Group 361
Figure 227: Showing SNMP Groups 361
Figure 228: Setting Community Access Strings 362
Figure 229: Showing Community Access Strings 363
Figure 230: Configuring Local SNMPv3 Users 364
Figure 231: Showing Local SNMPv3 Users 365
Figure 232: Changing a Local SNMPv3 User Group 365
Figure 233: Configuring Remote SNMPv3 Users 367
Figure 234: Showing Remote SNMPv3 Users 368
Figure 235: Configuring Trap Managers (SNMPv1) 371
Figure 236: Configuring Trap Managers (SNMPv2c) 371
Figure 237: Configuring Trap Managers (SNMPv3) 372
Figure 238: Showing Trap Managers 372
Figure 239: Creating SNMP Notification Logs 374
– 21 –
Figures
Figure 240: Showing SNMP Notification Logs 374
Figure 241: Showing SNMP Statistics 376
Figure 242: Configuring an RMON Alarm 378
Figure 243: Showing Configured RMON Alarms 379
Figure 244: Configuring an RMON Event 381
Figure 245: Showing Configured RMON Events 381
Figure 246: Configuring an RMON History Sample 383
Figure 247: Showing Configured RMON History Samples 383
Figure 248: Showing Collected RMON History Samples 384
Figure 249: Configuring an RMON Statistical Sample 385
Figure 250: Showing Configured RMON Statistical Samples 386
Figure 251: Showing Collected RMON Statistical Samples 386
Figure 252: Setting the Name of a Time Range 388
Figure 253: Showing a List of Time Ranges 388
Figure 254: Add a Rule to a Time Range 389
Figure 255: Showing the Rules Configured for a Time Range 389
Figure 256: Configuring Global Settings for LBD 391
Figure 257: Configuring Interface Settings for LBD 392
Figure 258: Multicast Filtering Concept 393
Figure 259: Configuring General Settings for IGMP Snooping 399
Figure 260: Configuring a Static Interface for a Multicast Router 401
Figure 261: Showing Static Interfaces Attached a Multicast Router 401
Figure 262: Showing Current Interfaces Attached a Multicast Router 402
Figure 263: Assigning an Interface to a Multicast Service 403
Figure 264: Showing Static Interfaces Assigned to a Multicast Service 404
Figure 265: Configuring IGMP Snooping on a VLAN 409
Figure 266: Showing Interface Settings for IGMP Snooping 409
Figure 267: Dropping IGMP Query or Multicast Data Packets 410
Figure 268: Showing Multicast Groups Learned by IGMP Snooping 411
Figure 269: Displaying IGMP Snooping Statistics – Query 414
Figure 270: Displaying IGMP Snooping Statistics – VLAN 415
Figure 271: Displaying IGMP Snooping Statistics – Port 415
Figure 272: Enabling IGMP Filtering and Throttling 417
Figure 273: Creating an IGMP Filtering Profile 418
Figure 274: Showing the IGMP Filtering Profiles Created 418
– 22 –
Figures
Figure 275: Adding Multicast Groups to an IGMP Filtering Profile 419
Figure 276: Showing the Groups Assigned to an IGMP Filtering Profile 419
Figure 277: Configuring IGMP Filtering and Throttling Interface Settings 421
Figure 278: Configuring General Settings for MLD Snooping 423
Figure 279: Configuring Immediate Leave for MLD Snooping 424
Figure 280: Configuring a Static Interface for an IPv6 Multicast Router 425
Figure 281: Showing Static Interfaces Attached an IPv6 Multicast Router 425
Figure 282: Showing Current Interfaces Attached an IPv6 Multicast Router 425
Figure 283: Assigning an Interface to an IPv6 Multicast Service 427
Figure 284: Showing Static Interfaces Assigned to an IPv6 Multicast Service 427
Figure 285: Showing Current Interfaces Assigned to an IPv6 Multicast Service 428
Figure 286: Showing IPv6 Multicast Services and Corresponding Sources 429
Figure 287: Pinging a Network Device 432
Figure 288: Tracing the Route to a Network Device 434
Figure 289: Displaying ARP Entries 435
Figure 290: Configuring General Settings for DNS 438
Figure 291: Configuring a List of Domain Names for DNS 439
Figure 292: Showing the List of Domain Names for DNS 440
Figure 293: Configuring a List of Name Servers for DNS 441
Figure 294: Showing the List of Name Servers for DNS 441
Figure 295: Configuring Static Entries in the DNS Table 442
Figure 296: Showing Static Entries in the DNS Table 442
Figure 297: Showing Entries in the DNS Cache 443
Figure 298: Specifying a DHCP Client Identifier 445
Figure 299: Layer 3 DHCP Relay Service 446
Figure 300: Configuring DHCP Relay Service 449
Figure 301: Enabling Dynamic Provisioning via DHCP 450
Figure 302: Configuring the IPv4 Default Gateway 452
Figure 303: Configuring a Static IPv4 Address 454
Figure 304: Configuring a Dynamic IPv4 Address 454
Figure 305: Showing the Configured IPv4 Address for an Interface 455
Figure 306: Configuring the IPv6 Default Gateway 456
Figure 307: Configuring General Settings for an IPv6 Interface 461
Figure 308: Configuring an IPv6 Address 463
Figure 309: Showing Configured IPv6 Addresses 465
– 23 –
Figures
Figure 310: Showing IPv6 Neighbors 466
Figure 311: Showing IPv6 Statistics (IPv6) 470
Figure 312: Showing IPv6 Statistics (ICMPv6) 471
Figure 313: Showing IPv6 Statistics (UDP) 471
Figure 314: Showing Reported MTU Values 472
– 24 –
Tables
Table 1: Key Features 29
Table 2: System Defaults 35
Table 3: Web Page Configuration Buttons 44
Table 4: Switch Main Menu 46
Table 5: Predefined Summer-Time Parameters 84
Table 6: Port Statistics 100
Table 7: LACP Port Counters 121
Table 8: LACP Internal Configuration Information 122
Table 9: LACP Remote Device Configuration Information 124
Table 10: Traffic Segmentation Forwarding 136
Table 11: Recommended STA Path Cost Range 176
Table 12: Default STA Path Costs 177
Table 13: Default Mapping of DSCP Values to Internal PHB/Drop Values 200
Table 14: Default Mapping of CoS/CFI to Internal PHB/Drop Precedence 202
Table 15: Dynamic QoS Profiles 244
Table 16: HTTPS System Support 251
Table 17: ARP Inspection Statistics 285
Table 18: ARP Inspection Log 286
Table 19: 802.1X Statistics 298
Table 20: Logging Levels 316
Table 21: LLDP MED Location CA Types 327
Table 22: Chassis ID Subtype 329
Table 23: System Capabilities 330
Table 24: Port ID Subtype 331
Table 25: Remote Port Auto-Negotiation Advertised Capability 334
Table 26: Maximum Number of Ports Providing Simultaneous Power 345
Table 27: SNMPv3 Security Models and Levels 348
Table 28: Supported Notification Messages 357
Table 29: Address Resolution Protocol 434
– 25 –
Tabl es
Table 30: Options 60, 66 and 67 Statements 444
Table 31: Options 55 and 124 Statements 444
Table 32: Show IPv6 Neighbors - display description 465
Table 33: Show IPv6 Statistics - display description 467
Table 34: Show MTU - display description 472
Table 35: Troubleshooting Chart 479
– 26 –
Section I
Getting Started
This section provides an overview of the switch, and introduces some basic
concepts about network switches. It also describes the basic settings required to
access the management interface.
This section includes these chapters:
◆ "Introduction" on page 29
– 27 –
Section I
| Getting Started
– 28 –
1 Introduction
This switch provides a broad range of features for Layer 2 switching and Layer 3
routing. It includes a management agent that allows you to configure the features
listed in this manual. The default configuration can be used for most of the features
provided by this switch. However, there are many options that you should
configure to maximize the switch’s performance for your particular network
environment.
Key Features
Table 1: Key Features
Feature Description
Configuration Backup and
Restore
Authentication Console, Telnet, web – user name/password, RADIUS, TACACS+
General Security Measures AAA
Access Control Lists Supports up to 256 ACLs, 128 rules per ACL, and 512 rules per system
DHCP/DHCPv6 Client, Relay, Relay Option 82
Port Configuration Speed, duplex mode, and flow control
Port Trunking Supports up to 8 trunks – static or dynamic trunking (LACP)
Port Mirroring 3 sessions, one or more source ports to an analysis port
Congestion Control Rate Limiting
Using management station or TFTP server
Port – IEEE 802.1X, MAC address filtering
SNMP v1/2c - Community strings
SNMP version 3 – MD5 or SHA password
Telnet – SSH
Web – HTTPS
ARP Inspection
DHCP Snooping (with Option 82 relay information)
DoS Protection
IP Source Guard
Port Authentication – IEEE 802.1X
Port Security – MAC address filtering
Throttling for broadcast, multicast, unknown unicast storms
Address Table 8K MAC addresses in the forwarding table
IP Version 4 and 6 Supports IPv4 and IPv6 addressing and management
(shared with L2 unicast, L2 multicast, IPv4 multicast, IPv6 multicast);
1K static MAC addresses;
512 L2 IPv4 multicast groups (shared with MAC address table)
– 29 –
Chapter 1
Description of Software Features
| Introduction
Table 1: Key Features (Continued)
Feature Description
IEEE 802.1D Bridge Supports dynamic data switching and addresses learning
Store-and-Forward
Switching
Spanning Tree Algorithm Supports standard STP, Rapid Spanning Tree Protocol (RSTP), and
Virtual LANs Up to 4094 using IEEE 802.1Q, port-based, protocol-based, voice VLANs,
Traffic Prioritization Default port priority, traffic class map, queue scheduling, IP Precedence,
Qualify of Service Supports Differentiated Services (DiffServ)
Link Layer Discovery
Protocol
Multicast Filtering Supports IGMP snooping and query for Layer 2
Description of Software Features
The switch provides a wide range of advanced performance enhancing features.
Flow control eliminates the loss of packets due to bottlenecks caused by port
saturation. Storm suppression prevents broadcast, multicast, and unknown unicast
traffic storms from engulfing the network. Untagged (port-based), tagged, and
protocol-based VLANs, plus support for automatic GVRP VLAN registration provide
traffic security and efficient use of network bandwidth. CoS priority queueing
ensures the minimum delay for moving real-time multimedia data across the
network. While multicast filtering provides support for real-time network
applications.
Supported to ensure wire-speed switching while eliminating bad
frames
Multiple Spanning Trees (MSTP)
and QinQ tunnel
or Differentiated Services Code Point (DSCP)
Used to discover basic information about neighboring devices
Configuration Backup
and Restore
Authentication This switch authenticates management access via the console port, Telnet, or a web
Some of the management features are briefly described below.
You can save the current configuration settings to a file on the management station
(using the web interface) or an TFTP server (using the web or console interface),
and later download this file to restore the switch configuration settings.
browser. User names and passwords can be configured locally or can be verified via
a remote authentication server (i.e., RADIUS or TACACS+). Port-based
authentication is also supported via the IEEE 802.1X protocol. This protocol uses
Extensible Authentication Protocol over LANs (EAPOL) to request user credentials
from the 802.1X client, and then uses the EAP between the switch and the
authentication server to verify the client’s right to access the network via an
authentication server (i.e., RADIUS or TACACS+ server).
– 30 –
Loading...