28-Port L3 Lite Managed Gigabit Fiber Switch
with 20 100/1000 SFP Ports,
4 10/100/1000 BASE-T (RJ-45) / 100/1000 SFP Combo Ports,
4 10 Gigabit SFP+ Ports ,
and DC Power Supply
E112017-KS-R01
Page 3
How to Use This Guide
This guide includes detailed information on the switch software, including how to
operate and use the management functions of the switch. To deploy this switch
effectively and ensure trouble-free operation, you should first read the relevant
sections in this guide so that you are familiar with all of its software features.
Who Should Read This
Guide?
How This Guide is
Organized
Related
Documentation
This guide is for network administrators who are responsible for operating and
maintaining network equipment. The guide assumes a basic working knowledge of
LANs (Local Area Networks), the Internet Protocol (IP), and Simple Network
Management Protocol (SNMP).
This guide describes the switch’s web browser interface. For more detailed
information on the switch’s key features refer to the Administrator’s Guide.
The guide includes these sections:
Section I “Getting Started” — Includes an introduction to switch management,
?
and the basic settings required to access the management interface.
Section II “Web Configuration” — Includes all management options available
?
through the web browser interface.
Section III “Ap pe nd ices” — Includes information on troubleshooting switch
?
management access.
This guide focuses on switch software configuration through the web browser.
For information on how to manage the switch through the command line interface,
see the following guide:
CLI Reference Guide
Note:
For a description of how to initialize the switch for management access via
the CLI, web interface or SNMP, refer to “Initial Switch Configuration” in the CLI Reference Guide.
– 3 –
Page 4
How to Use This Guide
Conventions The following conventions are used throughout this guide to show information:
For information on how to install the switch, see the following guide:
Installation Guide
For all safety information and regulatory statements, see the following documents:
Quick Start Guide
Safety and Regulatory Information
Note:
Emphasizes important information or calls your attention to related features
or instructions.
Caution:
the system or equipment.
Alerts you to a potential hazard that could cause loss of data, or damage
Revision History This section summarizes the changes in each revision of this guide.
Revision DateChange Description
v1.0.2.3211/2017Initial release
– 4 –
Page 5
Contents
How to Use This Guide 3
Contents 5
Figures 17
Tables 31
Section IGetting Started 33
1 Introduction 35
Key Features 35
Description of Software Features 36
Address Resolution Protocol 40
Operation, Administration, and Maintenance 41
Multicast Filtering 41
Link Layer Discovery Protocol 41
System Defaults 42
Section IIWeb Configuration 45
2 Using the Web Interface 47
Connecting to the Web Interface 47
Navigating the Web Browser Interface 48
Dashboard 48
Home Page 50
Configuration Options 50
Panel Display 51
Main Menu 52
3 Basic Management Tasks 73
– 5 –
Page 6
Contents
Displaying System Information 74
Displaying Hardware/Software Versions 75
Configuring Support for Jumbo Frames 76
Displaying Bridge Extension Capabilities 77
Managing System Files 79
Copying Files via FTP/ TFTP or HTTP 79
Saving the Running Configuration to a Local File 81
Setting the Start-up File 82
Showing System Files 83
Automatic Operation Code Upgrade 83
Setting the System Clock 87
Setting the Time Manually 88
Setting the SNTP Polling Interval 89
Configuring NTP 89
Configuring Time Servers 90
Setting the Time Zone 94
Configuring Summer Time 95
Configuring the Console Port 97
Configuring Telnet Settings 99
Displaying CPU Utilization 100
Configuring CPU Guard 101
Displaying Memory Utilization 102
Resetting the System 103
4 Interface Configuration 107
Port Configuration 108
Configuring by Port List 108
Configuring by Port Range 111
Displaying Connection Status 112
Showing Port or Trunk Statistics 113
Displaying Statistical History 118
Transceiver Data and Thresholds 122
Displaying Transceiver Data 122
Configuring Transceiver Thresholds 123
Performing Cable Diagnostics 125
– 6 –
Page 7
Contents
Trunk Configuration 127
Configuring a Static Trunk 128
Configuring a Dynamic Trunk 131
Displaying LACP Port Counters 137
Displaying LACP Settings and Status for the Local Side 138
Displaying LACP Settings and Status for the Remote Side 140
Configuring Load Balancing 141
Saving Power 143
Configuring Local Port Mirroring 144
Configuring Remote Port Mirroring 146
Sampling Traffic Flows 150
Configuring sFlow Receiver Settings 151
Configuring an sFlow Polling Instance 153
Traffic Segmentation 155
Enabling Traffic Segmentation 155
Configuring Uplink and Downlink Ports 156
VLAN Trunking 158
5 VLAN Configuration 161
IEEE 802.1Q VLANs 161
Configuring VLAN Groups 165
Adding Static Members to VLANs 167
Configuring Dynamic VLAN Registration 172
IEEE 802.1Q Tunneling 175
Enabling QinQ Tunneling on the Switch 179
Creating CVLAN to SPVLAN Mapping Entries 180
Adding an Interface to QinQ Tunnel 182
L2PT Tunneling 183
Configuring the L2PT Tunnel Address 185
Enabling L2PT for Selected Interfaces 186
Protocol VLANs 187
Configuring Protocol VLAN Groups 188
Mapping Protocol Groups to Interfaces 189
Configuring IP Subnet VLANs 191
Configuring MAC-based VLANs 193
– 7 –
Page 8
Contents
Configuring VLAN Translation 195
6 Address Table Settings 199
Dynamic Address Cache 199
Displaying the Dynamic Address Table 199
Clearing the Dynamic Address Table 200
Changing the Aging Time 201
Configuring MAC Address Learning 202
Setting Static Addresses 203
Issuing MAC Address Traps 205
7 Spanning Tree Algorithm 207
Overview 207
Configuring Loopback Detection 210
Configuring Global Settings for STA 211
Displaying Global Settings for STA 217
Configuring Interface Settings for STA 218
Displaying Interface Settings for STA 222
Configuring Multiple Spanning Trees 225
Configuring Interface Settings for MSTP 229
8 Congestion Control 233
Rate Limiting 233
Storm Control 234
Automatic Traffic Control 236
Setting the ATC Timers 238
Configuring ATC Thresholds and Responses 239
9 Class of Service 243
Layer 2 Queue Settings 243
Setting the Default Priority for Interfaces 243
Selecting the Queue Mode 244
Mapping CoS Values to Egress Queues 247
Layer 3/4 Priority Settings 250
Setting Priority Processing to IP Precedence/DSCP or CoS 250
Mapping Ingress DSCP Values to Internal DSCP Values 251
Mapping CoS Priorities to Internal DSCP Values 254
– 8 –
Page 9
Contents
Mapping Internal DSCP Values to Egress CoS Values 256
Mapping IP Precedence Values to Internal DSCP Values 258
Mapping IP Port Priority to Internal DSCP Values 260
10 Quality of Service 263
Overview 263
Configuring a Class Map 264
Creating QoS Policies 267
Attaching a Policy Map to a Port 277
11 VoIP Traffic Configuration 279
Overview 279
Configuring VoIP Traffic 280
Configuring Telephony OUI 281
Configuring VoIP Traffic Ports 282
12 Security Measures 285
AAA Authentication, Authorization and Accounting 286
Table 15: Mapping Internal Per-hop Behavior to Hardware Queues 248
Table 16: Default Mapping of DSCP Values to Internal PHB/Drop Values 252
Table 17: Default Mapping of CoS/CFI to Internal PHB/Drop Precedence 254
Table 18: Mapping Internal PHB/Drop Precedence to CoS/CFI Values 256
Table 19: Mapping IP Precedence 258
Table 20: Default Mapping of IP Precedence to Internal PHB/Drop Values 259
Table 21: Dynamic QoS Profiles 307
Table 22: HTTPS System Support 316
Table 23: 802.1X Statistics 355
Table 24: ARP Inspection Statistics 394
Table 25: ARP Inspection Log 395
Table 26: Logging Levels 398
Table 27: LLDP MED Location CA Types 409
Table 28: Chassis ID Subtype 411
Table 29: System Capabilities 412
– 31 –
Page 32
Tabl es
Table 30: Port ID Subtype 413
Table 31: Remote Port Auto-Negotiation Advertised Capability 416
Table 32: SNMPv3 Security Models and Levels 425
Table 33: Supported Notification Messages 435
Table 34: ERPS Request/State Priority 492
Table 35: OAM Operation State 496
Table 36: Remote Loopback Status 501
Table 37: Remote MEP Priority Levels 512
Table 38: MEP Defect Descriptions 513
Table 39: OAM Operation State 540
Table 40: Remote Loopback Status 546
Table 41: Address Resolution Protocol 638
Table 42: ARP Statistics 642
Table 43: Show IPv6 Neighbors - display description 659
Table 44: Show IPv6 Statistics - display description 661
Table 45: Show MTU - display description 666
Table 46: Options 60, 66 and 67 Statements 682
Table 47: Options 55 and 124 Statements 682
Table 48: Troubleshooting Chart 703
– 32 –
Page 33
Section I
Getting Started
This section provides an overview of the switch, and introduces some basic
concepts about network switches. It also describes the basic settings required to
access the management interface.
This section includes these chapters:
"Introduction" on page 35
?
– 33 –
Page 34
Section I
| Getting Started
– 34 –
Page 35
1Introduction
This switch provides a broad range of features for Layer 2 switching and Layer 3
routing. It includes a management agent that allows you to configure the features
listed in this manual. The default configuration can be used for most of the features
provided by this switch. However, there are many options that you should
configure to maximize the switch’s performance for your particular network
environment.
Key Features
Table 1: Key Features
FeatureDescription
Configuration Backup and
Restore
AuthenticationConsole, Telnet, web – user name/password, RADIUS, TACACS+
General Security Measures AAA
Access Control ListsSupports up to 256 ACLs, up to 1K rules per ACL
DHCPClient, Relay
DHCPv6Client
DNS Client and Proxy service
Port ConfigurationSpeed, duplex mode and flow control
Port TrunkingSupports up to 16/27 trunks – static or dynamic trunking (LACP)
Using management station or FTP/TFTP server
Port – IEEE 802.1X, MAC address filtering
SNMP v1/2c - Community strings
SNMP version 3 – MD5 or SHA password
Telnet – SSH
Web – HTTPS
ARP inspection
DHCP Snooping (with Option 82 relay information)
IP Source Guard
PPPoE Intermediate Agent
Port Authentication – IEEE 802.1X
Port Security – MAC address filtering
Port Mirroring1 session, one or more source ports to one analysis port
Congestion ControlRate Limiting
Throttling for broadcast, multicast, unknown unicast storms
– 35 –
Page 36
Chapter 1
| Introduction
Description of Software Features
Table 1: Key Features (Continued)
FeatureDescription
Address Table16K MAC addresses in forwarding table, 1K static MAC addresses;
IP Version 4 and 6Supports IPv4 and IPv6 addressing, and management
IEEE 802.1D BridgeSupports dynamic data switching and addresses learning
1K entries in ARP cache;
2K entries in ipv6 neighbor cache;
1K L2 IPv4 multicast groups
Store-and-Forward
Switching
Spanning Tree AlgorithmSupports standard STP, Rapid Spanning Tree Protocol (RSTP), and
Virtual LANsUp to 4094 using IEEE 802.1Q, port-based, protocol-based, voice VLANs,
Traffic PrioritizationDefault port priority, traffic class map, queue scheduling, IP Precedence,
Qualify of ServiceSupports Differentiated Services (DiffServ)
Link Layer Discovery
Protocol
Switch ClusteringSupports up to 16 member switches in a cluster
Connectivity Fault
Management
ERPSSupports Ethernet Ring Protection Switching for increased availability
ARPStatic and dynamic address configuration, proxy ARP
Multicast FilteringSupports IGMP snooping and query for Layer 2, MLD snooping and
Remote Device
Management
Supported to ensure wire-speed switching while eliminating bad
frames
Multiple Spanning Trees (MSTP)
and QinQ tunnel
or Differentiated Services Code Point (DSCP), and TCP/UDP Port
Used to discover basic information about neighboring devices
Connectivity monitoring using continuity check messages, fault
verification through loop back messages, and fault isolation by
examining end-to-end connections (IEEE 802.1ag)
of Ethernet rings (G.8032)
query, IGMP for Layer 3, and Multicast VLAN Registration
The switch provides a wide range of advanced performance enhancing features.
Flow control eliminates the loss of packets due to bottlenecks caused by port
saturation. Broadcast storm suppression prevents broadcast traffic storms from
engulfing the network. Untagged (port-based), tagged, and protocol-based VLANs,
plus support for automatic GVRP VLAN registration provide traffic security and
efficient use of network bandwidth. CoS priority queueing ensures the minimum
delay for moving real-time multimedia data across the network. While multicast
filtering and routing provides support for real-time network applications.
– 36 –
Page 37
Chapter 1
Description of Software Features
Some of the management features are briefly described below.
| Introduction
Configuration Backup
and Restore
Authentication This switch authenticates management access via the console port, Telnet, or a web
You can save the current configuration settings to a file on the management station
(using the web interface) or an FTP/TFTP server (using the web or console
interface), and later download this file to restore the switch configuration settings.
browser. User names and passwords can be configured locally or can be verified via
a remote authentication server (i.e., RADIUS or TACACS+). Port-based
authentication is also supported via the IEEE 802.1X protocol. This protocol uses
Extensible Authentication Protocol over LANs (EAPOL) to request user credentials
from the 802.1X client, and then uses the EAP between the switch and the
authentication server to verify the client’s right to access the network via an
authentication server (i.e., RADIUS or TACACS+ server).
Other authentication options include HTTPS for secure management access via the
web, SSH for secure management access over a Telnet-equivalent connection,
SNMP Version 3, IP address filtering for SNMP/Telnet/web management access.
MAC address filtering and IP source guard also provide authenticated port access.
While DHCP snooping is provided to prevent malicious attacks from insecure ports.
While PPPoE Intermediate Agent supports authentication of a client for a service
provider.
Access Control Lists ACLs provide packet filtering for IP frames (based on address, protocol, TCP/UDP
port number or TCP control code) or any frames (based on MAC address or Ethernet
type). ACLs can by used to improve performance by blocking unnecessary network
traffic or to implement security controls by restricting access to specific network
resources or protocols.
DHCP Relay Since DHCP uses a broadcast mechanism, a DHCP server and its client must
physically reside on the same subnet. Since it is not practical to have a DHCP server
on every subnet, DHCP Relay is supported to allow dynamic configuration of local
clients from a DHCP server located in a different network. DHCP Relay Option 82 is
also provided to control the processing of Option 82 information in DHCP request
packets relayed by this device.
Port Configuration You can manually configure the speed, duplex mode, and flow control used on
specific ports, or use auto-negotiation to detect the connection settings used by
the attached device. Use full-duplex mode on ports whenever possible to double
the throughput of switch connections. Flow control should also be enabled to
control network traffic during periods of congestion and prevent the loss of
packets when port buffer thresholds are exceeded. The switch supports flow
control based on the IEEE 802.3x standard (now incorporated in IEEE 802.3-2002).
– 37 –
Page 38
Chapter 1
Description of Software Features
| Introduction
Rate Limiting This feature controls the maximum rate for traffic transmitted or received on an
interface. Rate limiting is configured on interfaces at the edge of a network to limit
traffic into or out of the network. Packets that exceed the acceptable amount of
traffic are dropped.
Port Mirroring The switch can unobtrusively mirror traffic from any port to a monitor port. You can
then attach a protocol analyzer or RMON probe to this port to perform traffic
analysis and verify connection integrity.
Port Trunking Ports can be combined into an aggregate connection. Trunks can be manually set
up or dynamically configured using Link Aggregation Control Protocol (LACP – IEEE
802.3-2005). The additional ports dramatically increase the throughput across any
connection, and provide redundancy by taking over the load if a port in the trunk
should fail. The switch supports up to 16/27 trunks.
Storm Control Broadcast, multicast and unknown unicast storm suppression prevents traffic from
overwhelming the network.When enabled on a port, the level of traffic passing
through the port is restricted. If traffic rises above a pre-defined threshold, it will be
throttled until the level falls back beneath the threshold.
Static MAC Addresses A static address can be assigned to a specific interface on this switch. Static
addresses are bound to the assigned interface and will not be moved. When a static
address is seen on another interface, the address will be ignored and will not be
written to the address table. Static addresses can be used to provide network
security by restricting access for a known host to a specific port.
IP Address Filtering Access to insecure ports can be controlled using DHCP Snooping which filters
ingress traffic based on static IP addresses and addresses stored in the DHCP
Snooping table. Traffic can also be restricted to specific source IP addresses or
source IP/MAC address pairs based on static entries or entries stored in the DHCP
Snooping table.
IEEE 802.1D Bridge The switch supports IEEE 802.1D transparent bridging. The address table facilitates
data switching by learning addresses, and then filtering or forwarding traffic based
on this information. The address table supports up to 16K addresses.
Store-and-Forward
Switching
The switch copies each frame into its memory before forwarding them to another
port. This ensures that all frames are a standard Ethernet size and have been
verified for accuracy with the cyclic redundancy check (CRC). This prevents bad
frames from entering the network and wasting bandwidth.
– 38 –
Page 39
Chapter 1
Description of Software Features
| Introduction
To avoid dropping frames on congested ports, the switch provides 3 Mbits for
frame buffering. This buffer can queue packets awaiting transmission on congested
networks.
Spanning Tree
Algorithm
The switch supports these spanning tree protocols:
Spanning Tree Protocol (STP, IEEE 802.1D) – This protocol provides loop
?
detection. When there are multiple physical paths between segments, this
protocol will choose a single path and disable all others to ensure that only one
route exists between any two stations on the network. This prevents the
creation of network loops. However, if the chosen path should fail for any
reason, an alternate path will be activated to maintain the connection.
Rapid Spanning Tree Protocol (RSTP, IEEE 802.1w) – This protocol reduces the
?
convergence time for network topology changes to about 3 to 5 seconds,
compared to 30 seconds or more for the older IEEE 802.1D STP standard. It is
intended as a complete replacement for STP, but can still interoperate with
switches running the older standard by automatically reconfiguring ports to
STP-compliant mode if they detect STP protocol messages from attached
devices.
Multiple Spanning Tree Protocol (MSTP, IEEE 802.1s) – This protocol is a direct
?
extension of RSTP. It can provide an independent spanning tree for different
VLANs. It simplifies network management, provides for even faster
convergence than RSTP by limiting the size of each region, and prevents VLAN
members from being segmented from the rest of the group (as sometimes
occurs with IEEE 802.1D STP).
Connectivity Fault
Management
Virtual LANs The switch supports up to 4094 VLANs. A Virtual LAN is a collection of network
The switch provides connectivity fault monitoring for end-to-end connections
within a designated service area by using continuity check messages which can
detect faults in maintenance points, fault verification through loop back messages,
and fault isolation with link trace messages.
nodes that share the same collision domain regardless of their physical location or
connection point in the network. The switch supports tagged VLANs based on the
IEEE 802.1Q standard. Members of VLAN groups can be dynamically learned via
GVRP, or ports can be manually assigned to a specific set of VLANs. This allows the
switch to restrict traffic to the VLAN groups to which a user has been assigned. By
segmenting your network into VLANs, you can:
Eliminate broadcast storms which severely degrade performance in a flat
?
network.
Simplify network management for node changes/moves by remotely
?
configuring VLAN membership for any port, rather than having to manually
change the network connection.
– 39 –
Page 40
Chapter 1
Description of Software Features
| Introduction
?
?
Provide data security by restricting all traffic to the originating VLAN, except
where a connection is explicitly defined via the switch's routing service.
Use protocol VLANs to restrict traffic to specified interfaces based on protocol
type.
IEEE 802.1Q Tunneling
(QinQ)
This feature is designed for service providers carrying traffic for multiple customers
across their networks. QinQ tunneling is used to maintain customer-specific VLAN
and Layer 2 protocol configurations even when different customers use the same
internal VLAN IDs. This is accomplished by inserting Service Provider VLAN
(SPVLAN) tags into the customer’s frames when they enter the service provider’s
network, and then stripping the tags when the frames leave the network.
Traffic Prioritization This switch prioritizes each packet based on the required level of service, using
eight priority queues with strict priority, Weighted Round Robin (WRR), or a
combination of strict and weighted queuing. It uses IEEE 802.1p and 802.1Q tags to
prioritize incoming traffic based on input from the end-station application. These
functions can
best-effort data.
This switch also supports several common methods of prioritizing layer 3/4 traffic
to meet application requirements. Traffic can be prioritized based on the priority
bits in the IP frame’s Type of Service (ToS) octet using DSCP, or IP Precedence or
TCP/UDP port numbers. When these services are enabled, the priorities are
mapped to a Class of Service value by the switch, and the traffic then sent to the
corresponding output queue.
be used to provide independent priorities for delay-sensitive data and
Quality of Service Differentiated Services (DiffServ) provides policy-based management mechanisms
used for prioritizing network resources to meet the requirements of specific traffic
types on a per-hop basis. Each packet is classified upon entry into the network
based on access lists, IP Precedence or DSCP values, or VLAN lists. Using access lists
allows you select traffic based on Layer 2, Layer 3, or Layer 4 information contained
in each packet. Based on network policies, different kinds of traffic can be marked
for different kinds of forwarding.
Ethernet Ring
Protection Switching
Address Resolution
Protocol
ERPS can be used to increase the availability and robustness of Ethernet rings, such
as those used in Metropolitan Area Networks (MAN). ERPS provides Layer 2 loop
avoidance and fast reconvergence in Layer 2 ring topologies, supporting up to 255
nodes in the ring structure. It can also function with IEEE 802.1ag to support link
monitoring when non-participating devices exist within the Ethernet ring.
The switch uses ARP to convert between IP addresses and MAC (hardware)
addresses. This switch supports conventional ARP, which locates the MAC address
corresponding to a given IP address.
– 40 –
Page 41
Chapter 1
Description of Software Features
| Introduction
Operation,
Administration,
and Maintenance
The switch provides OAM remote management tools required to monitor and
maintain the links to subscriber CPEs (Customer Premise Equipment). This section
describes functions including enabling OAM for selected ports, loopback testing,
and displaying remote device information.
Multicast Filtering Specific multicast traffic can be assigned to its own VLAN to ensure that it does not
interfere with normal network traffic and to guarantee real-time delivery by setting
the required priority level for the designated VLAN. The switch uses IGMP Snooping
and Query for IPv4, MLD Snooping and Query for IPv6, and IGMP at Layer 3 to
manage multicast group registration. It also supports Multicast VLAN Registration
(MVR for IPv4 and MVR6 for IPv6) which allows common multicast traffic, such as
television channels, to be transmitted across a single network-wide multicast VLAN
shared by hosts residing in other standard or private VLAN groups, while
preserving security and data isolation for normal traffic.
Link Layer Discovery
Protocol
LLDP is used to discover basic information about neighboring devices within the
local broadcast domain. LLDP is a Layer 2 protocol that advertises information
about the sending device and collects information gathered from neighboring
network nodes it discovers.
Advertised information is represented in Type Length Value (TLV) format according
to the IEEE 802.1ab standard, and can include details such as device identification,
capabilities and configuration settings. Media Endpoint Discovery (LLDP-MED) is an
extension of LLDP intended for managing endpoint devices such as Voice over IP
phones and network switches. The LLDP-MED TLVs advertise information such as
network policy, power, inventory, and device location details. The LLDP and LLDPMED information can be used by SNMP applications to simplify troubleshooting,
enhance network management, and maintain an accurate network topology.
– 41 –
Page 42
Chapter 1
| Introduction
System Defaults
System Defaults
The switch’s system defaults are provided in the configuration file
“Factory_Default_Config.cfg.” To reset the switch defaults, this file should be set as
the startup configuration file.
The following table lists some of the basic system defaults.
SMTP Email AlertsEvent HandlerEnabled (but no server defined)
SNTP Clock SynchronizationDisabled
Switch ClusteringStatusDisabled
CommanderDisabled
– 44 –
Page 45
Section II
Web Configuration
This section describes the basic switch features, along with a detailed description of
how to configure each feature via a web browser.
This section includes these chapters:
"Using the Web Interface" on page 47
?
"Basic Management Tasks" on page 73
?
"Interface Configuration" on page 107
?
"VLAN Configuration" on page 161
?
"Address Table Settings" on page 199
?
"Spanning Tree Algorithm" on page 207
?
"Congestion Control" on page 233
?
"Class of Service" on page 243
?
"Quality of Service" on page 263
?
"VoIP Traffic Configuration" on page 279
?
"Security Measures" on page 285
?
"Basic Administration Protocols" on page 397
?
"Multicast Filtering" on page 557
?
"Basic IP Functions" on page 635
?
"IP Configuration" on page 645
?
"General IP Routing" on page 667
?
"IP Services" on page 675
?
– 45 –
Page 46
Section II
| Web Configuration
– 46 –
Page 47
2Using the Web Interface
This switch provides an embedded HTTP web agent. Using a web browser you can
configure the switch and view statistics to monitor network activity. The web agent
can be accessed by any computer on the network using a standard web browser
(Internet Explorer 11, Mozilla Firefox 52, or Google Chrome 57, or more recent
versions).
Note:
You can also use the Command Line Interface (CLI) to manage the switch
over a serial connection to the console port or via Telnet. For more information on
using the CLI, refer to the CLI Reference Guide.
Connecting to the Web Interface
Prior to accessing the switch from a web browser, be sure you have first performed
the following tasks:
1. Configure the switch with a valid IP address, subnet mask, and default gateway
using an out-of-band serial connection, BOOTP or DHCP protocol. (See “Initial
Switch Configuration” in the CLI Reference Guide.)
2. Set user names and passwords using an out-of-band serial connection. Access
to the web agent is controlled by the same user names and passwords as the
onboard configuration program. (See the CLI Reference Guide.)
3. After you enter a user name and password, you will have access to the system
configuration program.
Note:
You are allowed three attempts to enter the correct password; on the third
failed attempt the current connection is terminated.
Note:
If you log into the web interface as guest (Normal Exec level), you can view
the configuration settings or change the guest password. If you log in as “admin”
(Privileged Exec level), you can change the settings on any page.
Note:
If the path between your management station and this switch does not pass
through any device that uses the Spanning Tree Algorithm, then you can set the
switch port attached to your management station to fast forwarding (i.e., enable
Admin Edge Port) to improve the switch’s response time to management
commands issued through the web interface. See “Configuring Interface Settings
for STA” on page 218.
– 47 –
Page 48
Chapter 2
Navigating the Web Browser Interface
| Using the Web Interface
Note:
link local address.
Connection to the web interface is not supported for HTTPS using an IPv6
Navigating the Web Browser Interface
To access the web-browser interface you must first enter a user name and
password. The administrator has Read/Write access to all configuration parameters
and statistics. The default user name and password for the administrator is “admin.”
The administrator has full access privileges to configure any parameters in the web
interface. The default user name and password for guest access is “guest.” The guest
only has read access for most configuration parameters. Refer to “Configuring User
Accounts” on page 301 for more details.
Dashboard When your web browser connects with the switch’s web agent, the Dashboard is
displayed as shown below. The Dashboard displays the main menu on the left side
of the screen. Switch Information, CPU Utilization, Switch Events, Memory
Utilization, Recent 5 Event Information, Port Utilization, Dynamic Address Count,
and LLDP Remote Device Port List are displayed on the right side. The main menu
links are used to navigate to other menus, and display configuration parameters
and statistics.
Figure 1: Dashboard
– 48 –
Page 49
Chapter 2
Navigating the Web Browser Interface
| Using the Web Interface
Note:
You can open a connection to the vendor’s web site by clicking on the logo.
– 49 –
Page 50
Chapter 2
Navigating the Web Browser Interface
| Using the Web Interface
Home Page When your web browser connects with the switch’s web agent, the home page is
displayed as shown below. The home page displays the Main Menu on the left side
of the screen and System Information on the right side. The Main Menu links are
used to navigate to other menus, and display configuration parameters and
statistics.
Figure 2: Home Page
Note:
You can open a connection to the vendor’s web site by clicking on the
Levelone logo.
Configuration Options Configurable parameters have a dialog box or a drop-down list. Once a
configuration change has been made on a page, be sure to click on the Apply
button to confirm the new setting. The following table summarizes the web page
configuration buttons.
Table 3: Web Page Configuration Buttons
ButtonAction
ApplySets specified values to the system.
RevertCancels specified values and restores current
values prior to pressing “Apply.”
Displays help for the selected page.
Refreshes the current page.
Displays the site map.
Logs out of the management interface.
– 50 –
Page 51
Chapter 2
| Using the Web Interface
Navigating the Web Browser Interface
Table 3: Web Page Configuration Buttons (Continued)
ButtonAction
Sends mail to the vendor.
Links to the vendor’s web site.
Panel Display The web agent displays an image of the switch’s ports. The Mode can be set to
display different information for the ports, including Active Ports (i.e., up or down),
Duplex State (i.e., half or full duplex), or Flow Control (i.e., with or without flow
control).
Figure 3: Front Panel Indicators
– 51 –
Page 52
Chapter 2
| Using the Web Interface
Navigating the Web Browser Interface
Main Menu Using the onboard web agent, you can define system parameters, manage and
control the switch, and all its ports, or monitor network conditions. The following
table briefly describes the selections available from this program.
Table 4: Switch Main Menu
MenuDescriptionPage
DashboardDisplay switch Information, CPU utilization, switch events, memory
utilization, recent 5 event information, port utilization, dynamic address
count, and LLDP remote device port list
System
GeneralProvides basic system description, including contact information74
SwitchShows the number of ports, hardware version, power status, and
firmware version numbers
CapabilityEnables support for jumbo frames;
shows the bridge extension parameters
File79
CopyAllows the transfer and copying files79
Set StartupSets the startup file82
ShowShows the files stored in flash memory; allows deletion of files 83
Time87
Configure General
ManualManually sets the current time88
SNTPConfigures SNTP polling interval89
NTPConfigures NTP authentication parameters89
Configure Time ServerConfigures a list of NTP or SNTP servers90
48
75
76,
77
Configure SNTP ServerSets the IP address for SNTP time servers90
Add NTP ServerAdds NTP time server and index of authentication key91
Show NTP ServerShows list of configured NTP time servers91
Add NTP Authentication KeyAdds key index and corresponding MD5 key93
Show NTP Authentication KeyShows list of configured authentication keys93
Configure Time ZoneSets the local time zone for the system clock94
Configure Summer TimeConfigures summer time settings95
ConsoleSets console port connection parameters97
TelnetSets Telnet connection parameters99
CPU UtilizationDisplays information on CPU utilization100
CPU GuardSets the CPU utilization watermark and threshold101
information option; and sets the information policy
Configure VLANEnables DHCPv4 snooping on a VLAN363
Configure InterfaceSets the trust mode for an interface364
Show InformationDisplays the DHCPv4 Snooping binding information366
361
– 60 –
Page 61
Chapter 2
| Using the Web Interface
Navigating the Web Browser Interface
Table 4: Switch Main Menu (Continued)
MenuDescriptionPage
DHCP Snooping6367
Configure GlobalEnables DHCPv6 snooping globally, information option; and sets the
information policy
Configure VLANEnables DHCPv6 snooping on a VLAN371
Configure InterfaceSets the trust mode for an interface372
Show Information
BindingDisplays the DHCPv6 Snooping binding information374
StatisticsDisplays information on client, server, and relay packets375
IP Source GuardFilters IPv4 traffic based on static entries in the IP Source Guard table, or
dynamic entries in the DHCPv4 Snooping table
GeneralEnables IP source guard, selects filter type per port, and sets maximum
binding entries
Static Binding378
Configure ACL Table378
AddAdds a static addresses to the source-guard binding table378
ShowShows static addresses in the source-guard binding table378
Configure MAC Table378
AddAdds a static addresses to the source-guard binding table378
ShowShows static addresses in the source-guard binding table378
369
376
376
Dynamic BindingDisplays the source-guard binding table for a selected interface381
IPv6 Source GuardFilters IPv6 traffic based on static entries in the IP Source Guard table, or
dynamic entries in the DHCP Snooping table
Port ConfigurationEnables IPv6 source guard and selects filter type per port382
Static Binding384
AddAdds a static addresses to the source-guard binding table384
ShowShows static addresses in the source-guard binding table384
Dynamic BindingDisplays the source-guard binding table for a selected interface387
ARP Inspection388
Configure GeneralEnables inspection globally, configures validation of additional address
components, and sets the log rate for packet inspection
Configure VLANEnables ARP inspection on specified VLANs391
Configure InterfaceSets the trust mode for ports, and sets the rate
limit for packet inspection
Show Information
Show StatisticsDisplays statistics on the inspection process394
Show LogShows the inspection log list395
Application FilterDiscards CDP or PVST packets396
382
389
392
– 61 –
Page 62
Chapter 2
| Using the Web Interface
Navigating the Web Browser Interface
Table 4: Switch Main Menu (Continued)
MenuDescriptionPage
Administration397
Log398
System398
Configure GlobalStores error messages in local memory398
Show System LogsShows logged error messages398
RemoteConfigures the logging of messages to a remote logging process400
SMTPSends an SMTP client message to a participating server401
LLDP403
Configure GlobalConfigures global LLDP timing parameters403
Configure Interface
Configure GeneralSets the message transmission mode; enables SNMP notification; and
sets the LLDP attributes to advertise
Add CA-TypeSpecifies the physical location of the device attached to an interface409
Modify CA-TypeModifies the physical location of the device attached to an interface409
Show CA-TypeShows the physical location of the device attached to an interface409
Show Local Device Information411
GeneralDisplays general information about the local device411
Port/TrunkDisplays information about each interface411
Port/Trunk DetailsDisplays detailed information about a local device connected to this
switch
Show Remote Device Information415
Port/TrunkDisplays information about a remote device connected to a port on this
switch
Port/Trunk DetailsDisplays detailed information about a remote device connected to this
switch
Show Device Statistics423
GeneralDisplays statistics for all connected remote devices423
Port/TrunkDisplays statistics for remote devices on a selected port or trunk423
SNMPSimple Network Management Protocol424
405
411
415
415
Configure GlobalEnables SNMP agent status, and sets related trap functions427
Configure Community427
Add CommunityConfigures community strings and access mode427
Show CommunityShows community strings and access mode427
Configure Engine429
Set Engine IDSets the SNMP v3 engine ID on this switch429
Add Remote EngineSets the SNMP v3 engine ID for a remote device430
– 62 –
Page 63
Chapter 2
| Using the Web Interface
Navigating the Web Browser Interface
Table 4: Switch Main Menu (Continued)
MenuDescriptionPage
Show Remote EngineShows configured engine ID for remote devices430
Configure View431
Add ViewAdds an SNMP v3 view of the OID MIB431
Show ViewShows configured SNMP v3 views431
Add OID SubtreeSpecifies a part of the subtree for the selected view431
Show OID SubtreeShows the subtrees assigned to each view431
Configure Group434
AddAdds a group with access policies for assigned users434
ShowShows configured groups and access policies434
Configure User
Add SNMPv3 Local UserConfigures SNMPv3 users on this switch440
Show SNMPv3 Local UserShows SNMPv3 users configured on this switch440
Change SNMPv3 Local User GroupAssign a local user to a new group440
Add SNMPv3 Remote UserConfigures SNMPv3 users from a remote device442
Show SNMPv3 Remote UserShows SNMPv3 users set from a remote device440
Configure Trap445
AddConfigures trap managers to receive messages on key events that occur
this switch
ShowShows configured trap managers445
Configure Notify Filter449
AddCreates an SNMP notification log449
ShowShows the configured notification logs449
Show StatisticsShows the status of SNMP communications451
RMONRemote Monitoring453
Configure Global
Add
AlarmSets threshold bounds for a monitored variable453
EventCreates a response event for an alarm456
Show
445
AlarmShows all configured alarms453
EventShows all configured events456
Configure Interface
Add
History Periodically samples statistics on a physical interface458
Statistics Enables collection of statistics on a physical interface461
– 63 –
Page 64
Chapter 2
| Using the Web Interface
Navigating the Web Browser Interface
Table 4: Switch Main Menu (Continued)
MenuDescriptionPage
Show
History Shows sampling parameters for each entry in the history group458
Statistics Shows sampling parameters for each entry in the statistics group461
Show Details
History Shows sampled data for each entry in the history group458
Statistics Shows sampled data for each entry in the history group461
Cluster463
Configure GlobalGlobally enables clustering for the switch; sets Commander status464
Configure MemberAdds switch members to the cluster465
AddAdds candidate members to the cluster465
ShowShows the cluster members465
Show CandidateShows candidate members465
Show MemberShows cluster switch member; managed switch members467
Time RangeConfigures the time to apply an ACL or PoE port468
AddSpecifies the name of a time range468
ShowShows the name of configured time ranges468
Add Rule468
AbsoluteSets exact time or time range 468
PeriodicSets a recurrent time 468
ERPSEthernet Ring Protection Switching470
Configure GlobalActivates ERPS globally475
Configure Domain475
AddCreates an ERPS ring475
ShowShows list of configured ERPS rings, status, and settings475
Configure DetailsConfigures ring parameters 475
Configure OperationBlocks a ring port using Forced Switch or Manual Switch
commands
CFMConnectivity Fault Management503
Configure GlobalConfigures global settings, including administrative status, cross-check
start delay, link trace, and SNMP traps
491
507
Configure InterfaceConfigures administrative status on an interface510
Configure MDConfigure Maintenance Domains511
AddDefines a portion of the network for which connectivity faults can
be managed, identified by an MD index, maintenance level, and the MIP
creation method
Configure DetailsConfigures the archive hold time and fault notification settings511
511
– 64 –
Page 65
Chapter 2
| Using the Web Interface
Navigating the Web Browser Interface
Table 4: Switch Main Menu (Continued)
MenuDescriptionPage
ShowShows list of configured maintenance domains511
Configure MAConfigure Maintenance Associations515
AddDefines a unique CFM service instance, identified by its parent MD, the
MA index, the VLAN assigned to the MA, and the MIP creation method
Configure DetailsConfigures detailed settings, including continuity check status and
interval level, cross-check status, and alarm indication signal
parameters
ShowShows list of configured maintenance associations515
Configure MEPConfigures Maintenance End Points520
AddConfigures MEPs at the domain boundary to provide management
access for each maintenance association
ShowShows list of configured maintenance end points520
Configure Remote MEPConfigures Remote Maintenance End Points521
AddConfigures a static list of remote MEPs for comparison against
the MEPs learned through continuity check messages
ShowShows list of configured remote maintenance end points521
Transmit Link TraceSends link trace messages to isolate connectivity faults by
tracing the path through a network to the designated target node
Transmit LoopbackSends loopback messages to isolate connectivity faults by requesting a
target node to echo the message back to the source
Transmit Delay MeasureSends periodic delay-measure requests to a specified MEP within a
maintenance association
515
515
520
521
523
525
527
Show Information
Show Local MEPShows the MEPs configured on this device529
Show Local MEP DetailsDisplays detailed CFM information about a specified local MEP in the
continuity check database
Show Local MIPShows the MIPs on this device discovered by the CFM protocol532
Show Remote MEPShows MEPs located on other devices which have been discovered
through continuity check messages, or statically configured in the MEP
database
Show Remote MEP DetailsDisplays detailed CFM information about a specified remote MEP in the
continuity check database
Show Link Trace CacheShows information about link trace operations launched from this
device
Show Fault Notification GeneratorDisplays configuration settings for the fault notification generator537
Show Continuity Check ErrorDisplays CFM continuity check errors logged on this device 538
OAM
InterfaceEnables OAM on specified port, sets the mode to active or passive, and
enables the reporting of critical events or errored frame events
CountersDisplays statistics on OAM PDUs498
Event LogDisplays the log for recorded link events498
530
533
534
536
495
– 65 –
Page 66
Chapter 2
| Using the Web Interface
Navigating the Web Browser Interface
Table 4: Switch Main Menu (Continued)
MenuDescriptionPage
Remote InterfaceDisplays information about attached OAM-enabled devices499
Remote LoopbackPerforms a loopback test on the specified port500
UDLDUniDirectional Link Detection548
Configure GlobalConfigures the message probe interval, detection interval, and recovery
interval
Configure InterfaceEnables UDLD and aggressive mode which reduces the shut-down
delay after loss of bidirectional connectivity is detected
Show InformationDisplays UDLD neighbor information, including neighbor state,
expiration time, and protocol intervals
LDBLoopback Detection553
Configure GlobalEnables loopback detection globally, specifies the interval at which to
transmit control frames, specifies the interval to wait before releasing
an interface from shutdown state, specifies response to detect
loopback, and traps to send
Configure InterfaceEnables loopback detection per interface556
Tools635
PingSends ICMP echo request packets to another node on the network635
Trace RouteShows the route packets take to the specified
destination
ARP Address Resolution Protocol638
Configure GeneralSets the protocol timeout, and enables or disables
proxy ARP for the specified VLAN
Configure Static Address640
549
550
552
554
637
639
AddStatically maps a physical address to an IP address640
ShowShows the MAC to IP address static table640
Show Information
ARP AddressShows dynamically learned entries in the IP routing table, or internal
addresses used by the switch
StatisticsShows statistics for ARP messages crossing all interfaces on this router 642
IP645
General
Routing Interface
Add AddressConfigures an IP interface for a VLAN645
Show AddressShows the IP interfaces assigned to a VLAN645
Routing
Static Routes671
AddConfigures static routing entries671
ShowShows static routing entries671
642
– 66 –
Page 67
Chapter 2
| Using the Web Interface
Navigating the Web Browser Interface
Table 4: Switch Main Menu (Continued)
MenuDescriptionPage
Routing Table672
Show InformationShows all routing entries, including local, static and dynamic routes672
IPv6 Configuration649
Configure GlobalSets an IPv6 default gateway for traffic with no known next hop649
Configure InterfaceConfigures IPv6 interface address using auto-configuration or link-local
address, and sets related protocol settings
Add IPv6 AddressAdds an global unicast, EUI-64, or link-local IPv6 address to an interface 655
Show IPv6 AddressShow the IPv6 addresses assigned to an interface658
Show IPv6 Neighbor CacheDisplays information in the IPv6 neighbor discovery cache659
Show Statistics660
IPv6Shows statistics about IPv6 traffic660
ICMPv6Shows statistics about ICMPv6 messages660
UDPShows statistics about UDP messages660
Show MTUShows the maximum transmission unit (MTU) cache for destinations
that have returned an ICMP packet-too-big message along with an
acceptable MTU to this switch
IP Service675
DNSDomain Name Service675
General675
Configure GlobalEnables DNS lookup; defines the default domain name appended to
incomplete host names
Add Domain NameDefines a list of domain names that can
be appended to incomplete host names
650
666
675
676
Show Domain NamesShows the configured domain name list676
Add Name ServerSpecifies IP address of name servers for dynamic lookup678
Show Name ServersShows the name server address list678
Static Host Table679
AddConfigures static entries for domain name to address mapping679
ShowShows the list of static mapping entries679
ModifyModifies the static address mapped to the selected host name679
CacheDisplays cache entries discovered by designated
name servers
DHCPDynamic Host Configuration Protocol681
ClientSpecifies the DHCP client identifier for an interface681
RelaySpecifies DHCP Layer 2 or Layer 3 relay service
L3 RelaySpecifies DHCP relay servers683
680
– 67 –
Page 68
Chapter 2
| Using the Web Interface
Navigating the Web Browser Interface
Table 4: Switch Main Menu (Continued)
MenuDescriptionPage
L2 RelayConfigures DHCP relay service for attached host devices, including
DHCP option 82 information
Dynamic ProvisionEnables dynamic provisioning via DHCP688
PPPoE Intermediate Agent 689
Configure GlobalEnables PPPoE IA on the switch, sets access node identifier, sets generic
error message
Configure InterfaceEnables PPPoE IA on an interface, sets trust status, enables vendor tag
stripping, sets circuit ID and remote ID
Show StatisticsShows statistics on PPPoE IA protocol messages692
Multicast557
IGMP Snooping 558
GeneralEnables multicast filtering; configures parameters for IPv4 multicast
snooping
Multicast Router564
Add Static Multicast RouterAssigns ports that are attached to a neighboring multicast router564
Show Static Multicast RouterDisplays ports statically configured as attached to a neighboring
multicast router
Show Current Multicast RouterDisplays ports attached to a neighboring multicast router, either
through static or dynamic configuration
IGMP Member566
683
689
690
560
564
564
Add Static MemberStatically assigns multicast addresses to the selected VLAN566
Show Static MemberShows multicast addresses statically configured on the selected VLAN566
Interface568
Configure VLANConfigures IGMP snooping per VLAN interface568
Show VLAN InformationShows IGMP snooping settings per VLAN interface568
Configure InterfaceConfigures the interface to drop IGMP query packets or all multicast
data packets
Forwarding EntryDisplays the current multicast groups learned through IGMP Snooping 575
Filter580
Configure GeneralEnables IGMP filtering for the switch581
Configure Profile581
AddAdds IGMP filter profile; and sets access mode581
ShowShows configured IGMP filter profiles581
Add Multicast Group RangeAssigns multicast groups to selected profile581
Show Multicast Group RangeShows multicast groups assigned to a profile581
Configure InterfaceAssigns IGMP filter profiles to port interfaces and sets throttling action 584
574
– 68 –
Page 69
Chapter 2
| Using the Web Interface
Navigating the Web Browser Interface
Table 4: Switch Main Menu (Continued)
MenuDescriptionPage
Statistics576
Show Query StatisticsShows statistics for query-related messages 576
Show VLAN StatisticsShows statistics for protocol messages and number of active groups576
Show Port StatisticsShows statistics for protocol messages and number of active groups576
Show Trunk StatisticsShows statistics for protocol messages and number of active groups576
MLD Snooping585
GeneralEnables multicast filtering; configures parameters for IPv6 multicast
snooping
InterfaceConfigures Immediate Leave status for a VLAN587
Multicast Router588
Add Static Multicast RouterAssigns ports that are attached to a neighboring multicast router588
Show Static Multicast RouterDisplays ports statically configured as attached to a neighboring
multicast router
Show Current Multicast RouterDisplays ports attached to a neighboring multicast router, either
through static or dynamic configuration
MLD Member590
Add Static MemberStatically assigns multicast addresses to the selected VLAN590
Show Static MemberShows multicast addresses statically configured on the selected VLAN590
Show Current MemberShows multicast addresses associated with the selected VLAN, either
through static or dynamic configuration
Group InformationDisplays known multicast groups, member ports, the means by which
each group was learned, and the corresponding source list
Statistics593
InputShows statistics for MLD ingress traffic593
OutputShows statistics for MLD egress traffic593
586
588
588
590
592
QueryShows statistics for query-related messages593
SummaryShows summary statistics for querier and report/leave messages593
ClearClears all MLD statics or statistics for specified VLAN/port 593
MVR Multicast VLAN Registration601
Configure GlobalConfigures proxy switching and robustness value603
Configure DomainEnables MVR for a domain, sets the MVR VLAN, forwarding priority, and
upstream source IP
Configure Profile606
AddConfigures multicast stream addresses606
ShowShows multicast stream addresses606
Associate Profile606
AddMaps an address profile to a domain606
605
– 69 –
Page 70
Chapter 2
| Using the Web Interface
Navigating the Web Browser Interface
Table 4: Switch Main Menu (Continued)
MenuDescriptionPage
ShowShows addresses profile to domain mapping606
Configure Inter faceConfigures MVR interface type and immediate leave mode; also displays
MVR operational and active status
Configure Static Group Member611
AddStatically assigns MVR multicast streams to an interface611
ShowShows MVR multicast streams assigned to an interface611
Show MemberShows the multicast groups assigned to an MVR VLAN, the source
address of the multicast services, and the interfaces with active
subscribers
Show Statistics614
Show Query StatisticsShows statistics for query-related messages 614
Show VLAN StatisticsShows statistics for protocol messages and number of active groups614
Show Port StatisticsShows statistics for protocol messages and number of active groups614
Show Trunk StatisticsShows statistics for protocol messages and number of active groups614
MVR6 Multicast VLAN Registration for IPv6618
Configure GlobalConfigures proxy switching and robustness value619
Configure DomainEnables MVR for a domain, sets the MVR VLAN, forwarding priority, and
upstream source IP
Configure Profile622
AddConfigures multicast stream addresses622
609
613
621
ShowShows multicast stream addresses622
Associate Profile622
AddMaps an address profile to a domain622
ShowShows addresses profile to domain mapping622
Configure Inter faceConfigures MVR interface type and immediate leave mode; also displays
MVR operational and active status
Configure PortConfigures MVR attributes for a port625
Configure TrunkConfigures MVR attributes for a trunk625
Configure Static Group Member627
AddStatically assigns MVR multicast streams to an interface627
ShowShows MVR multicast streams assigned to an interface627
Show MemberShows the multicast groups assigned to an MVR VLAN, the source
address of the multicast services, and the interfaces with active
subscribers
Show Statistics630
Show Query StatisticsShows statistics for query-related messages 630
Show VLAN StatisticsShows statistics for protocol messages and number of active groups630
625
629
– 70 –
Page 71
Chapter 2
| Using the Web Interface
Navigating the Web Browser Interface
Table 4: Switch Main Menu (Continued)
MenuDescriptionPage
Show Port StatisticsShows statistics for protocol messages and number of active groups630
Show Trunk StatisticsShows statistics for protocol messages and number of active groups630
– 71 –
Page 72
Chapter 2
Navigating the Web Browser Interface
| Using the Web Interface
– 72 –
Page 73
3Basic Management Tasks
This chapter describes the following topics:
Displaying System Information – Provides basic system description, including
?
contact information.
Displaying Hardware/Software Versions – Shows the hardware version, power
?
status, and firmware versions
Configuring Support for Jumbo Frames – Enables support for jumbo frames.
?
Displaying Bridge Extension Capabilities – Shows the bridge extension
?
parameters.
Managing System Files – Describes how to upgrade operating software or
?
configuration files, and set the system start-up files.
Setting the System Clock – Sets the current time manually or through specified
?
NTP or SNTP servers.
Configuring the Console Port – Sets console port connection parameters.
Resetting the System – Restarts the switch immediately, at a specified time,
?
after a specified delay, or at a periodic interval.
– 73 –
Page 74
Chapter 3
Displaying System Information
| Basic Management Tasks
Displaying System Information
Use the System > General page to identify the system by displaying information
such as the device name, location and contact information.
Parameters
These parameters are displayed:
System Description – Brief description of device type.
?
System Object ID – MIB II object ID for switch’s network management
?
subsystem.
System Up Time – Length of time the management agent has been up.
?
System Name – Name assigned to the switch system.
?
System Location – Specifies the system location.
?
System Contact – Administrator responsible for the system.
?
Web Interface
To configure general system information:
1. Click System, General.
2. Specify the system name, location, and contact information for the system
administrator.
3. Click Apply.
Figure 4: System Information
– 74 –
Page 75
Displaying Hardware/Software Versions
Use the System > Switch page to display hardware/firmware version numbers for
the main board and management software, as well as the power status of the
system.
Parameters
The following parameters are displayed:
Main Board Information
Serial Number – The serial number of the switch.
?
Number of Ports – Number of built-in ports.
?
Hardware Version – Hardware version of the main board.
?
Main Power Status – Displays the status of the internal power supply.
?
Chapter 3
Displaying Hardware/Software Versions
| Basic Management Tasks
Redundant Power Status – Displays the status of the redundant power supply.
?
Management Software Information
Role – Shows that this switch is operating as Master or Slave.
?
EPLD Version – Version number of EEPROM Programmable Logic Device.
?
Loader Version – Version number of loader code.
?
Operation Code Version – Version number of runtime code.
?
Thermal Sensors
Thermal Detector – The first detector is near the air flow intake vents. The
?
second detector is near the switch ASIC and CPU.
Te mp e ra t u re – Temperature at specified thermal detection point.
?
– 75 –
Page 76
Chapter 3
Configuring Support for Jumbo Frames
| Basic Management Tasks
Web Interface
To view hardware and software version information.
1. Click System, then Switch.
Figure 5: General Switch Information
Configuring Support for Jumbo Frames
Use the System > Capability page to configure support for layer 2 jumbo frames.
The switch provides more efficient throughput for large sequential data transfers
by supporting jumbo frames up to 10240 bytes for Gigabit Ethernet and 10 Gigabit
Ethernet ports or trunks. Compared to standard Ethernet frames that run only up to
1.5 KB, using jumbo frames significantly reduces the per-packet overhead required
to process protocol encapsulation fields.
Usage Guidelines
To use jumbo frames, both the source and destination end nodes (such as a
computer or server) must support this feature. Also, when the connection is
operating at full duplex, all switches in the network between the two end nodes
must be able to accept the extended frame size. And for half-duplex connections,
all devices in the collision domain would need to support jumbo frames.
Parameters
The following parameters are displayed:
Jumbo Frame – Configures support for jumbo frames. (Default: Disabled)
?
– 76 –
Page 77
Chapter 3
Displaying Bridge Extension Capabilities
Web Interface
To configure support for jumbo frames:
1. Click System, then Capability.
2. Enable or disable support for jumbo frames.
3. Click Apply.
Figure 6: Configuring Support for Jumbo Frames
| Basic Management Tasks
Displaying Bridge Extension Capabilities
Use the System > Capability page to display settings based on the Bridge MIB. The
Bridge MIB includes extensions for managed devices that support Multicast
Filtering, Traffic Classes, and Virtual LANs. You can access these extensions to
display default settings for the key variables.
Parameters
The following parameters are displayed:
Extended Multicast Filtering Services – This switch does not support the
?
filtering of individual multicast addresses based on GMRP (GARP Multicast
Registration Protocol).
Traffic Classes – This switch provides mapping of user priorities to multiple
?
traffic classes. (Refer to “Class of Service” on page 243.)
Static Entry Individual Port – This switch allows static filtering for unicast and
?
multicast addresses. (Refer to “Setting Static Addresses” on page 203.)
VLAN Version Number – Based on IEEE 802.1Q, “1” indicates Bridges that
?
support only single spanning tree (SST) operation, and “2” indicates Bridges
that support multiple spanning tree (MST) operation.
VLAN Learning – This switch uses Independent VLAN Learning (IVL), where
?
each port maintains its own filtering database.
Local VLAN Capable – This switch does not support multiple local bridges
?
outside of the scope of 802.1Q defined VLANs.
– 77 –
Page 78
Chapter 3
Displaying Bridge Extension Capabilities
| Basic Management Tasks
Configurable PVID Tagging – This switch allows you to override the default
?
Port VLAN ID (PVID used in frame tags) and egress status (VLAN-Tagged or
Untagged) on each port. (Refer to “VLAN Configuration” on page 161.)
Max Supported VLAN Numbers – The maximum number of VLANs supported
?
on this switch.
Max Supported VLAN ID – The maximum configurable VLAN identifier
This section describes how to upgrade the switch operating software or
configuration files, and set the system start-up files.
Chapter 3
| Basic Management Tasks
Managing System Files
Copying Files via FTP/
TFTP or HTTP
Use the System > File (Copy) page to upload/download firmware or configuration
settings using FTP, TFTP or HTTP. By backing up a file to an FTP/TFTP server or
management station, that file can later be downloaded to the switch to restore
operation. Specify the method of file transfer, along with the file type and file
names as required.
You can also set the switch to use new firmware or configuration settings without
overwriting the current version. Just download the file using a different name from
the current version, and then set the new file as the startup file.
Command Usage
When logging into an FTP server, the interface prompts for a user name and
?
password configured on the remote server. Note that “Anonymous” is set as the
default user name.
The reset command will not be accepted during copy operations to flash
?
memory.
Parameters
The following parameters are displayed:
Copy Type – The firmware copy operation includes these options:
?
?
HTTP Upload – Copies a file from a management station to the switch.
?
HTTP Download – Copies a file from the switch to a management station
?
TFTP Upload – Copies a file from a TFTP server to the switch.
?
TFTP Download – Copies a file from the switch to a TFTP server.
?
FTP Upload – Copies a file from an FTP server to the switch.
?
FTP Download– Copies a file from the switch to an FTP server.
FTP/TFTP Server IP Address – The IP address of an FTP/TFTP server.
?
User Name – The user name for FTP server access.
?
Password – The password for FTP server access.
?
File Type – Specify Operation Code to copy firmware or Config File to copy
?
configuration settings.
File Name –
?
of the file name should not be a period (.),
The file name should not contain slashes (\ or /), the leading letter
and the maximum length for file
– 79 –
Page 80
Chapter 3
Managing System Files
| Basic Management Tasks
names is 32 characters for files on the switch or 127 characters for files on the
server. (Valid characters: A-Z, a-z, 0-9, “.”, “-”, “_”)
Note:
Up to two copies of the system software (i.e., the runtime firmware) can be
stored in the file directory on the switch.
Note:
The maximum number of user-defined configuration files is limited only by
available flash memory space.
Note:
The file “Factory_Default_Config.cfg” can be copied to a file server or
management station, but cannot be used as the destination file name on the
switch.
Web Interface
To copy firmware files:
1. Click System, then File.
2. Select Copy from the Action list.
3. Select FTP Upload, HTTP Upload or TFTP Upload as the file transfer method.
4. If FTP or TFTP Upload is used, enter the IP address of the file server.
5. If FTP Upload is used, enter the user name and password for your account on
the FTP server.
6. Set the file type to Operation Code.
7. Enter the name of the file to download.
8. Select a file on the switch to overwrite or specify a new file name.
9. Click Apply.
Figure 8: Copy Firmware
– 80 –
Page 81
Chapter 3
| Basic Management Tasks
Managing System Files
If you replaced a file currently used for startup and want to start using the new file,
reboot the system via the System > Reset menu.
Saving the Running
Configuration to a
Local File
Use the System > File (Copy) page to save the current configuration settings to a
local file on the switch. The configuration settings are not automatically saved by
the system for subsequent use when the switch is rebooted. You must save these
settings to the current startup file, or to another file which can be subsequently set
as the startup file.
Parameters
The following parameters are displayed:
Copy Type – The copy operation includes this option:
?
?
Running-Config – Copies the current configuration settings to a local file on
the switch.
Destination File Name – Copy to the currently designated startup file, or to a
?
new file.
The file name should not contain slashes (\ or /),
the leading letter of
the file name should not be a period (.), and the maximum length for file names
is 32 characters. (Valid characters: A-Z, a-z, 0-9, “.”, “-”, “_”)
Note:
The maximum number of user-defined configuration files is limited only by
available flash memory space.
Web Interface
To save the running configuration file:
1. Click System, then File.
2. Select Copy from the Action list.
3. Select Running-Config from the Copy Type list.
4. Select the current startup file on the switch to overwrite or specify a new file
name.
5. Then click Apply.
– 81 –
Page 82
Chapter 3
Managing System Files
| Basic Management Tasks
Figure 9: Saving the Running Configuration
If you replaced a file currently used for startup and want to start using the new file,
reboot the system via the System > Reset menu.
Setting the
Start-up File
Use the System > File (Set Start-Up) page to specify the firmware or configuration
file to use for system initialization.
Web Interface
To set a file to use for system initialization:
1. Click System, then File.
2. Select Set Start-Up from the Action list.
3. Mark the operation code or configuration file to be used at startup
4. Then click Apply.
Figure 10: Setting Start-Up Files
To start using the new firmware or configuration settings, reboot the system via the
System > Reset menu.
– 82 –
Page 83
Chapter 3
| Basic Management Tasks
Managing System Files
Showing System Files Use the System > File (Show) page to show the files in the system directory, or to
delete a file.
Note:
Files designated for start-up, and the Factory_Default_Config.cfg file, cannot
be deleted.
Web Interface
To show the system files:
1. Click System, then File.
2. Select Show from the Action list.
3. To delete a file, mark it in the File List and click Delete.
Figure 11: Displaying System Files
Automatic Operation
Code Upgrade
Use the System > File (Automatic Operation Code Upgrade) page to automatically
download an operation code file when a file newer than the currently installed one
is discovered on the file server. After the file is transferred from the server and
successfully written to the file system, it is automatically set as the startup file, and
the switch is rebooted.
Usage Guidelines
If this feature is enabled, the switch searches the defined URL once during the
?
bootup sequence.
FTP (port 21) and TFTP (port 69) are both supported. Note that the TCP/UDP
?
port bindings cannot be modified to support servers listening on non-standard
ports.
The host portion of the upgrade file location URL must be a valid IPv4 IP
?
address. DNS host names are not recognized. Valid IP addresses consist of four
numbers, 0 to 255, separated by periods.
The path to the directory must also be defined. If the file is stored in the root
?
directory for the FTP/TFTP service, then use the “/” to indicate this (e.g., ftp://
192.168.0.1/).
– 83 –
Page 84
Chapter 3
Managing System Files
| Basic Management Tasks
The file name must not be included in the upgrade file location URL. The file
?
name of the code stored on the remote server must be level1-gtl2872.bix (using
upper case and lower case letters exactly as indicated here). Enter the file name
for other switches described in this manual exactly as shown on the web
interface.
The FTP connection is made with PASV mode enabled. PASV mode is needed to
?
traverse some fire walls, even if FTP traffic is not blocked. PASV mode cannot be
disabled.
The switch-based search function is case-insensitive in that it will accept a file
?
name in upper or lower case (i.e., the switch will accept level1-gtl2872.BIX from
the server even though level1-gtl2872.bix was requested). However, keep in
mind that the file systems of many operating systems such as Unix and most
Unix-like systems (FreeBSD, NetBSD, OpenBSD, and most Linux distributions,
etc.) are case-sensitive, meaning that two files in the same directory, level1-gtl2872.bix and level1-gtl2872.bix are considered to be unique files. Thus, if the
upgrade file is stored as level1-gtl2872.bix on a case-sensitive server, then the
switch (requesting level1-gtl2872.bix) will not be upgraded because the server
does not recognize the requested file name and the stored file name as being
equal. A notable exception in the list of case-sensitive Unix-like operating
systems is Mac OS X, which by default is case-insensitive. Please check the
documentation for your server’s operating system if you are unsure of its file
system’s behavior.
Note that the switch itself does not distinguish between upper and lower-case
?
file names, and only checks to see if the file stored on the server is more recent
than the current runtime image.
If two operation code image files are already stored on the switch’s file system,
?
then the non-startup image is deleted before the upgrade image is transferred.
The automatic upgrade process will take place in the background without
?
impeding normal operations (data switching, etc.) of the switch.
During the automatic search and transfer process, the administrator cannot
?
transfer or update another operation code image, configuration file, public key,
or HTTPS certificate (i.e., no other concurrent file management operations are
possible).
The upgrade operation code image is set as the startup image after it has been
?
successfully written to the file system.
The switch will send an SNMP trap and make a log entry upon all upgrade
?
successes and failures.
The switch will immediately restart after the upgrade file is successfully written
?
to the file system and set as the startup image.
– 84 –
Page 85
Chapter 3
| Basic Management Tasks
Managing System Files
Parameters
The following parameters are displayed:
Automatic Opcode Upgrade – Enables the switch to search for an upgraded
?
operation code file during the switch bootup process. (Default: Disabled)
Automatic Upgrade Location URL – Defines where the switch should search
?
for the operation code upgrade file. The last character of this URL must be a
forward slash (“/”). The level1-gtl2872.bix filename must not be included since it
is automatically appended by the switch. (Options: ftp, tftp)
The following syntax must be observed:
tftp://host[/filedir]/
?
tftp:// – Defines TFTP protocol for the server connection.
?
host – Defines the IP address of the TFTP server. Valid IP addresses consist of
four numbers, 0 to 255, separated by periods. DNS host names are not
recognized.
?
filedir – Defines the directory, relative to the TFTP server root, where the
upgrade file can be found. Nested directory structures are accepted. The
directory name must be separated from the host, and in nested directory
structures, from the parent directory, with a prepended forward slash “/”.
?
/ – The forward slash must be the last character of the URL.
ftp://[username[:password@]]host[/filedir]/
?
ftp:// – Defines FTP protocol for the server connection.
?
username – Defines the user name for the FTP connection. If the user name
is omitted, then “anonymous” is the assumed user name for the
connection.
If no user name nor password is required for the connection, then the “@”
character cannot be used in the path name.
?
password – Defines the password for the FTP connection. To differentiate
the password from the user name and host portions of the URL, a colon (:)
must precede the password, and an “at” symbol (@), must follow the
password. If the password is omitted, then “” (an empty string) is the
assumed password for the connection.
?
host – Defines the IP address of the FTP server. Valid IP addresses consist of
four numbers, 0 to 255, separated by periods. DNS host names are not
recognized.
?
filedir – Defines the directory, relative to the FTP server root, where the
upgrade file can be found. Nested directory structures are accepted. The
directory name must be separated from the host, and in nested directory
structures, from the parent directory, with a prepended forward slash “/”.
?
/ – The forward slash must be the last character of the URL.
– 85 –
Page 86
Chapter 3
Managing System Files
| Basic Management Tasks
Examples
The following examples demonstrate the URL syntax for a TFTP server at IP
address 192.168.0.1 with the operation code image stored in various locations:
?
tftp://192.168.0.1/
The image file is in the TFTP root directory.
?
tftp://192.168.0.1/switch-opcode/
The image file is in the “switch-opcode” directory, relative to the TFTP root.
?
tftp://192.168.0.1/switches/opcode/
The image file is in the “opcode” directory, which is within the “switches”
parent directory, relative to the TFTP root.
The following examples demonstrate the URL syntax for an FTP server at IP
address 192.168.0.1 with various user name, password and file location options
presented:
?
ftp://192.168.0.1/
The user name and password are empty, so “anonymous” will be the user
name and the password will be blank. The image file is in the FTP root
directory.
?
ftp://switches:upgrade@192.168.0.1/
The user name is “switches” and the password is “upgrade”. The image file is
in the FTP root.
The user name is “switches” and the password is “upgrade”. The image file is
in the “opcode” directory, which is within the “switches” parent directory,
relative to the FTP root.
Web Interface
To configure automatic code upgrade:
1. Click System, then File.
2. Select Automatic Operation Code Upgrade from the Action list.
3. Mark the check box to enable Automatic Opcode Upgrade.
4. Enter the URL of the FTP or TFTP server, and the path and directory containing
the operation code.
5. Click Apply.
– 86 –
Page 87
Chapter 3
| Basic Management Tasks
Setting the System Clock
Figure 12: Configuring Automatic Code Upgrade
If a new image is found at the specified location, the following type of messages
will be displayed during bootup.
.
.
.
Automatic Upgrade is looking for a new image
New image detected: current version 1.2.1.3; new version 1.2.1.6
Image upgrade in progress
The switch will restart after upgrade succeeds
Downloading new image
Flash programming started
Flash programming completed
The switch will now restart
.
.
.
Setting the System Clock
Simple Network Time Protocol (SNTP) allows the switch to set its internal clock
based on periodic updates from a time server (SNTP or NTP). Maintaining an
accurate time on the switch enables the system log to record meaningful dates and
times for event entries. You can also manually set the clock. If the clock is not set
manually or via SNTP, the switch will only record the time from the factory default
set at the last bootup.
When the SNTP client is enabled, the switch periodically sends a request for a time
update to a configured time server. You can configure up to three time server IP
addresses. The switch will attempt to poll each server in the configured sequence.
– 87 –
Page 88
Chapter 3
Setting the System Clock
| Basic Management Tasks
Setting the Time
Manually
Use the System > Time (Configure General - Manual) page to set the system time on
the switch manually without using SNTP.
Parameters
The following parameters are displayed:
Current Time – Shows the current time set on the switch.
?
Hours – Sets the hour. (Range: 0-23)
?
Minutes – Sets the minute value. (Range: 0-59)
?
Seconds – Sets the second value. (Range: 0-59)
?
Month – Sets the month. (Range: 1-12)
?
Day – Sets the day of the month. (Range: 1-31)
?
Year – Sets the year. (Range: 1970-2037)
?
Web Interface
To manually set the system clock:
1. Click System, then Time.
2. Select Configure General from the Step list.
3. Select Manual from the Maintain Type list.
4. Enter the time and date in the appropriate fields.
5. Click Apply
Figure 13: Manually Setting the System Clock
– 88 –
Page 89
Chapter 3
| Basic Management Tasks
Setting the System Clock
Setting the SNTP
Polling Interval
Use the System > Time (Configure General - SNTP) page to set the polling interval at
which the switch will query the specified time servers.
Parameters
The following parameters are displayed:
Current Time – Shows the current time set on the switch.
?
SNTP Polling Interval – Sets the interval between sending requests for a time
?
update from a time server. (Range: 16-16384 seconds; Default: 16 seconds)
Web Interface
To set the polling interval for SNTP:
1. Click System, then Time.
2. Select Configure General from the Step list.
3. Select SNTP from the Maintain Type list.
4. Modify the polling interval if required.
5. Click Apply
Figure 14: Setting the Polling Interval for SNTP
Configuring NTP Use the System > Time (Configure General - NTP) page to configure NTP
authentication and show the polling interval at which the switch will query the
specified time servers.
Parameters
The following parameters are displayed:
Current Time – Shows the current time set on the switch.
?
Authentication Status – Enables authentication for time requests and updates
?
between the switch and NTP servers. (Default: Disabled)
– 89 –
Page 90
Chapter 3
Setting the System Clock
| Basic Management Tasks
You can enable NTP authentication to ensure that reliable updates are received
from only authorized NTP servers. The authentication keys and their associated
key number must be centrally managed and manually distributed to NTP
servers and clients. The key numbers and key values must match on both the
server and client.
Polling Interval – Shows the interval between sending requests for a time
?
update from NTP servers. (Fixed: 1024 seconds)
Web Interface
To set the clock maintenance type to NTP:
1. Click System, then Time.
2. Select Configure General from the Step list.
3. Select NTP from the Maintain Type list.
4. Enable authentication if required.
Configuring
Time Servers
5. Click Apply
Figure 15: Configuring NTP
Use the System > Time (Configure Time Server) pages to specify the IP address for
NTP/SNTP time servers, or to set the authentication key for NTP time servers.
Specifying SNTP Time Servers
Use the System > Time (Configure Time Server – Configure SNTP Server) page to
specify the IP address for up to three SNTP time servers.
– 90 –
Page 91
Chapter 3
| Basic Management Tasks
Setting the System Clock
Parameters
The following parameters are displayed:
SNTP Server IP Address – Sets the IPv4 or IPv6 address for up to three time
?
servers. The switch attempts to update the time from the first server, if this fails
it attempts an update from the next server in the sequence.
Web Interface
To set the SNTP time servers:
1. Click System, then Time.
2. Select Configure Time Server from the Step list.
3. Select Configure SNTP Server from the Action list.
4. Enter the IP address of up to three time servers.
5. Click Apply.
Figure 16: Specifying SNTP Time Servers
Specifying NTP Time Servers
Use the System > Time (Configure Time Server – Add NTP Server) page to add the IP
address for up to 50 NTP time servers.
Parameters
The following parameters are displayed:
NTP Server IP Address – Adds the IPv4 or IPv6 address for up to 50 time
?
servers. The switch will poll the specified time servers for updates when the
clock maintenance type is set to NTP on the System > Time (Configure General)
page. It issues time synchronization requests at a fixed interval of 1024 seconds.
The switch will poll all the time servers configured, the responses received are
filtered and compared to determine the most reliable and accurate time update
for the switch.
Versi on – Specifies the NTP version supported by the server. (Fixed: Version 3)
?
– 91 –
Page 92
Chapter 3
Setting the System Clock
| Basic Management Tasks
Authentication Key – Specifies the number of the key in the NTP
?
Authentication Key List to use for authentication with the configured server.
NTP authentication is optional. If enabled on the System > Time (Configure
General) page, you must also configure at least one key on the System > Time
(Add NTP Authentication Key) page. (Range: 1-65535)
Web Interface
To add an NTP time server to the server list:
1. Click System, then Time.
2. Select Configure Time Server from the Step list.
3. Select Add NTP Server from the Action list.
4. Enter the IP address of an NTP time server, and specify the index of the
authentication key if authentication is required.
5. Click Apply.
Figure 17: Adding an NTP Time Server
To show the list of configured NTP time servers:
1. Click System, then Time.
2. Select Configure Time Server from the Step list.
3. Select Show NTP Server from the Action list.
Figure 18: Showing the NTP Time Server List
– 92 –
Page 93
Chapter 3
| Basic Management Tasks
Setting the System Clock
Specifying NTP Authentication Keys
Use the System > Time (Configure Time Server – Add NTP Authentication Key) page
to add an entry to the authentication key list.
Parameters
The following parameters are displayed:
Authentication Key – Specifies the number of the key in the NTP
?
Authentication Key List to use for authentication with a configured server. NTP
authentication is optional. When enabled on the System > Time (Configure
General) page, you must also configure at least one key on this page. Up to 255
keys can be configured on the switch. (Range: 1-65535)
Key Context – An MD5 authentication key string. The key string can be up to
?
32 case-sensitive printable ASCII characters (no spaces).
NTP authentication key numbers and values must match on both the server
and client.
Web Interface
To add an entry to NTP authentication key list:
1. Click System, then Time.
2. Select Configure Time Server from the Step list.
3. Select Add NTP Authentication Key from the Action list.
4. Enter the index number and MD5 authentication key string.
5. Click Apply.
Figure 19: Adding an NTP Authentication Key
To show the list of configured NTP authentication keys:
1. Click System, then Time.
2. Select Configure Time Server from the Step list.
3. Select Show NTP Authentication Key from the Action list.
– 93 –
Page 94
Chapter 3
Setting the System Clock
| Basic Management Tasks
Figure 20: Showing the NTP Authentication Key List
Setting the Time Zone Use the System > Time (Configure Time Zone) page to set the time zone. SNTP uses
Coordinated Universal Time (or UTC, formerly Greenwich Mean Time, or GMT)
based on the time at the Earth’s prime meridian, zero degrees longitude, which
passes through Greenwich, England. To display a time corresponding to your local
time, you must indicate the number of hours and minutes your time zone is east
(before) or west (after) of UTC. You can choose one of the 80 predefined time zone
definitions, or your can manually configure the parameters for your local time zone.
Parameters
The following parameters are displayed:
Predefined Configuration – A drop-down box provides access to the 80
?
predefined time zone configurations. Each choice indicates it’s offset from UTC
and lists at least one major city or location covered by the time zone.
User-defined Configuration – Allows the user to define all parameters of the
?
local time zone.
?
Direction – Configures the time zone to be before (east of) or after (west
of) UTC.
?
Name – Assigns a name to the time zone. (Range: 1-30 characters)
?
Hours (0-13) – The number of hours before or after UTC. The maximum
value before UTC is 12. The maximum value after UTC is 13.
?
Minutes (0-59) – The number of minutes before/after UTC.
Web Interface
To set your local time zone:
1. Click System, then Time.
2. Select Configure Time Zone from the Step list.
3. Set the offset for your time zone relative to the UTC in hours and minutes.
4. Click Apply.
– 94 –
Page 95
Figure 21: Setting the Time Zone
Chapter 3
| Basic Management Tasks
Setting the System Clock
Configuring
Summer Time
Use the Summer Time page to set the system clock forward during the summer
months (also known as daylight savings time).
In some countries or regions, clocks are adjusted through the summer months so
that afternoons have more daylight and mornings have less. This is known as
Summer Time, or Daylight Savings Time (DST). Typically, clocks are adjusted
forward one hour at the start of spring and then adjusted backward in autumn.
Parameters
The following parameters are displayed in the web interface:
General Configuration
Summer Time in Effect – Shows if the system time has been adjusted.
?
Status – Shows if summer time is set to take effect during the specified period.
?
Name – Name of the time zone while summer time is in effect, usually an
?
acronym. (Range: 1-30 characters)
Mode – Selects one of the following configuration modes. (The Mode option
?
can only be managed when the Summer Time Status option has been set to
enabled for the switch.)
Predefined Mode – Configures the summer time status and settings for the switch
using predefined configurations for several major regions of the world. To specify
the time corresponding to your local time when summer time is in effect, select the
predefined summer-time zone appropriate for your location.
– 95 –
Page 96
Chapter 3
Setting the System Clock
| Basic Management Tasks
Table 5: Predefined Summer-Time Parameters
RegionStart Time, Day, Week, & MonthEnd Time, Day, Week, & MonthRel.
Australia00:00:00, Sunday, Week 5 of October 23:59:59, Sunday, Week 5 of March60 min
Europe00:00:00, Sunday, Week 5 of March23:59:59, Sunday, Week 5 of October60 min
New Zealand 00:00:00, Sunday, Week 1 of October 23:59:59, Sunday, Week 3 of March60 min
USA02:00:00, Sunday, Week 2 of March02:00:00, Sunday, Week 1 of November 60 min
Offset
Date Mode – Sets the start, end, and offset times of summer time for the switch on a
one-time basis. This mode sets the summer-time zone relative to the currently
configured time zone. To specify a time corresponding to your local time when
summer time is in effect, you must indicate the number of minutes your summertime zone deviates from your regular time zone.
Offset – Summer-time offset from the regular time zone, in minutes.
?
(Range: 1-120 minutes)
From – Start time for summer-time offset.
?
To – End time for summer-time offset.
?
Recurring Mode – Sets the start, end, and offset times of summer time for the switch
on a recurring basis. This mode sets the summer-time zone relative to the currently
configured time zone. To specify a time corresponding to your local time when
summer time is in effect, you must indicate the number of minutes your summertime zone deviates from your regular time zone.
Offset – Summer-time offset from the regular time zone, in minutes.
?
(Range: 1-120 minutes)
From – Start time for summer-time offset.
?
To – End time for summer-time offset.
?
Web Interface
To specify summer time settings:
1. Click SNTP, Summer Time.
2. Select one of the configuration modes, configure the relevant attributes,
enable summer time status.
3. Click Apply.
– 96 –
Page 97
Figure 22: Configuring Summer Time
Configuring the Console Port
Use the System > Console menu to configure connection parameters for the
switch’s console port. You can access the onboard configuration program by
attaching a VT100 compatible device to the switch’s serial console port.
Management access through the console port is controlled by various parameters,
including a password (only configurable through the CLI), time outs, and basic
communication settings. Note that these parameters can be configured via the
web or CLI interface.
Chapter 3
| Basic Management Tasks
Configuring the Console Port
Parameters
The following parameters are displayed:
Login Timeout – Sets the interval that the system waits for a user to log into
?
the CLI. If a login attempt is not detected within the timeout interval, the
connection is terminated for the session. (Range: 10-300 seconds; Default: 300
seconds)
Exec Timeout – Sets the interval that the system waits until user input is
?
detected. If user input is not detected within the timeout interval, the current
session is terminated. (Range: 60-65535 seconds; Default: 600 seconds)
Password Threshold – Sets the password intrusion threshold, which limits the
?
number of failed logon attempts. When the logon attempt threshold is
reached, the system interface becomes silent for a specified amount of time
(set by the Silent Time parameter) before allowing the next logon attempt.
(Range:1-120;Default:3attempts)
Silent Time – Sets the amount of time the management console is inaccessible
?
after the number of unsuccessful logon attempts has been exceeded.
(Range: 1-65535 seconds; Default: Disabled)
Data Bits – Sets the number of data bits per character that are interpreted and
?
generated by the console port. If parity is being generated, specify 7 data bits
– 97 –
Page 98
Chapter 3
Configuring the Console Port
| Basic Management Tasks
per character. If no parity is required, specify 8 data bits per character.
(Default: 8 bits)
Stop Bits – Sets the number of the stop bits transmitted per byte.
?
(Range: 1-2; Default: 1 stop bit)
Parity – Defines the generation of a parity bit. Communication protocols
?
provided by some terminals can require a specific parity bit setting. Specify
Even, Odd, or None. (Default: None)
Speed – Sets the terminal line’s baud rate for transmit (to terminal) and receive
?
(from terminal). Set the speed to match the baud rate of the device connected
to the serial port. (Range: 9600, 19200, 38400, 57600, or 115200 baud;
Default: 115200 baud)
Note:
The password for the console connection can only be configured through
the CLI (see the “password” command in the CLI Reference Guide).
Note:
Password checking can be enabled or disabled for logging in to the console
connection (see the “login” command in the CLI Reference Guide). You can select
authentication by a single global password as configured for the password
command, or by passwords set up for specific user-name accounts. The default is
for local passwords configured on the switch.
Web Interface
To configure parameters for the console port:
1. Click System, then Console.
2. Specify the connection parameters as required.
3. Click Apply
Figure 23: Console Port Settings
– 98 –
Page 99
Configuring Telnet Settings
Use the System > Telnet menu to configure parameters for accessing the CLI over a
Telnet connection. You can access the onboard configuration program over the
network using Telnet (i.e., a virtual terminal). Management access via Telnet can be
enabled/disabled and other parameters set, including the TCP port number, time
outs, and a password. Note that the password is only configurable through the CLI.)
These parameters can be configured via the web or CLI interface.
Parameters
The following parameters are displayed:
Teln et Statu s – Enables or disables Telnet access to the switch.
?
(Default: Enabled)
TCP Port – Sets the TCP port number for Telnet on the switch. (Range: 1-65535;
?
Default: 23)
Chapter 3
| Basic Management Tasks
Configuring Telnet Settings
Max Sessions – Sets the maximum number of Telnet sessions that can
?
simultaneously connect to this system. (Range: 0-8; Default: 8)
A maximum of eight sessions can be concurrently opened for Telnet and
Secure Shell (i.e., both Telnet and SSH share a maximum number of eight
sessions).
Login Timeout – Sets the interval that the system waits for a user to log into
?
the CLI. If a login attempt is not detected within the timeout interval, the
connection is terminated for the session. (Range: 10-300 seconds; Default: 300
seconds)
Exec Timeout – Sets the interval that the system waits until user input is
?
detected. If user input is not detected within the timeout interval, the current
session is terminated. (Range: 60-65535 seconds; Default: 600 seconds)
Password Threshold – Sets the password intrusion threshold, which limits the
?
number of failed logon attempts. When the logon attempt threshold is
reached, the system interface becomes silent for a specified amount of time
(set by the Silent Time parameter) before allowing the next logon attempt.
(Range:1-120;Default:3attempts)
Silent Time – Sets the amount of time the management interface is
?
inaccessible after the number of unsuccessful logon attempts has been
exceeded. (Range: 1-65535 seconds; Default: Disabled)
Note:
The password for the Telnet connection can only be configured through the
CLI (see the “password” command in the CLI Reference Guide).
Note:
Password checking can be enabled or disabled for login to the console
connection (see the “login” command in the CLI Reference Guide). You can select
– 99 –
Page 100
Chapter 3
Displaying CPU Utilization
| Basic Management Tasks
authentication by a single global password as configured for the password
command, or by passwords set up for specific user-name accounts. The default is
for local passwords configured on the switch.
Web Interface
To configure parameters for the console port:
1. Click System, then Telnet.
2. Specify the connection parameters as required.
3. Click Apply
Figure 24: Telnet Connection Settings
Displaying CPU Utilization
Use the System > CPU Utilization page to display information on CPU utilization.
Parameters
The following parameters are displayed:
Time Interval – The interval at which to update the displayed utilization rate.