Level One GTL-2872 User Manual
GTL-2872
28-Port L3 Lite Managed Gigabit Fiber Switch
Web Management Guide
V1.0
Digital Data Communications Asia Co., Ltd.
http://www.level1.com
Web Management Guide
GTL-2872
28-Port L3 Lite Managed Gigabit Fiber Switch
with 20 100/1000 SFP Ports,
4 10/100/1000 BASE-T (RJ-45) / 100/1000 SFP Combo Ports,
4 10 Gigabit SFP+ Ports ,
and DC Power Supply
E112017-KS-R01
How to Use This Guide
This guide includes detailed information on the switch software, including how to
operate and use the management functions of the switch. To deploy this switch
effectively and ensure trouble-free operation, you should first read the relevant
sections in this guide so that you are familiar with all of its software features.
Who Should Read This
Guide?
How This Guide is
Organized
Related
Documentation
This guide is for network administrators who are responsible for operating and
maintaining network equipment. The guide assumes a basic working knowledge of
LANs (Local Area Networks), the Internet Protocol (IP), and Simple Network
Management Protocol (SNMP).
This guide describes the switch’s web browser interface. For more detailed
information on the switch’s key features refer to the Administrator’s Guide.
The guide includes these sections:
Section I “Getting Started” — Includes an introduction to switch management,
?
and the basic settings required to access the management interface.
Section II “Web Configuration” — Includes all management options available
?
through the web browser interface.
Section III “Ap pe nd ices” — Includes information on troubleshooting switch
?
management access.
This guide focuses on switch software configuration through the web browser.
For information on how to manage the switch through the command line interface,
see the following guide:
CLI Reference Guide
Note:
For a description of how to initialize the switch for management access via
the CLI, web interface or SNMP, refer to “Initial Switch Configuration” in the CLI
Reference Guide.
– 3 –
How to Use This Guide
Conventions The following conventions are used throughout this guide to show information:
For information on how to install the switch, see the following guide:
Installation Guide
For all safety information and regulatory statements, see the following documents:
Quick Start Guide
Safety and Regulatory Information
Note:
Emphasizes important information or calls your attention to related features
or instructions.
Caution:
the system or equipment.
Alerts you to a potential hazard that could cause loss of data, or damage
Revision History This section summarizes the changes in each revision of this guide.
Revision Date Change Description
v1.0.2.32 11/2017 Initial release
– 4 –
Contents
How to Use This Guide 3
Contents 5
Figures 17
Tables 31
Section I Getting Started 33
1 Introduction 35
Key Features 35
Description of Software Features 36
Address Resolution Protocol 40
Operation, Administration, and Maintenance 41
Multicast Filtering 41
Link Layer Discovery Protocol 41
System Defaults 42
Section II Web Configuration 45
2 Using the Web Interface 47
Connecting to the Web Interface 47
Navigating the Web Browser Interface 48
Dashboard 48
Home Page 50
Configuration Options 50
Panel Display 51
Main Menu 52
3 Basic Management Tasks 73
– 5 –
Contents
Displaying System Information 74
Displaying Hardware/Software Versions 75
Configuring Support for Jumbo Frames 76
Displaying Bridge Extension Capabilities 77
Managing System Files 79
Copying Files via FTP/ TFTP or HTTP 79
Saving the Running Configuration to a Local File 81
Setting the Start-up File 82
Showing System Files 83
Automatic Operation Code Upgrade 83
Setting the System Clock 87
Setting the Time Manually 88
Setting the SNTP Polling Interval 89
Configuring NTP 89
Configuring Time Servers 90
Setting the Time Zone 94
Configuring Summer Time 95
Configuring the Console Port 97
Configuring Telnet Settings 99
Displaying CPU Utilization 100
Configuring CPU Guard 101
Displaying Memory Utilization 102
Resetting the System 103
4 Interface Configuration 107
Port Configuration 108
Configuring by Port List 108
Configuring by Port Range 111
Displaying Connection Status 112
Showing Port or Trunk Statistics 113
Displaying Statistical History 118
Transceiver Data and Thresholds 122
Displaying Transceiver Data 122
Configuring Transceiver Thresholds 123
Performing Cable Diagnostics 125
– 6 –
Contents
Trunk Configuration 127
Configuring a Static Trunk 128
Configuring a Dynamic Trunk 131
Displaying LACP Port Counters 137
Displaying LACP Settings and Status for the Local Side 138
Displaying LACP Settings and Status for the Remote Side 140
Configuring Load Balancing 141
Saving Power 143
Configuring Local Port Mirroring 144
Configuring Remote Port Mirroring 146
Sampling Traffic Flows 150
Configuring sFlow Receiver Settings 151
Configuring an sFlow Polling Instance 153
Traffic Segmentation 155
Enabling Traffic Segmentation 155
Configuring Uplink and Downlink Ports 156
VLAN Trunking 158
5 VLAN Configuration 161
IEEE 802.1Q VLANs 161
Configuring VLAN Groups 165
Adding Static Members to VLANs 167
Configuring Dynamic VLAN Registration 172
IEEE 802.1Q Tunneling 175
Enabling QinQ Tunneling on the Switch 179
Creating CVLAN to SPVLAN Mapping Entries 180
Adding an Interface to QinQ Tunnel 182
L2PT Tunneling 183
Configuring the L2PT Tunnel Address 185
Enabling L2PT for Selected Interfaces 186
Protocol VLANs 187
Configuring Protocol VLAN Groups 188
Mapping Protocol Groups to Interfaces 189
Configuring IP Subnet VLANs 191
Configuring MAC-based VLANs 193
– 7 –
Contents
Configuring VLAN Translation 195
6 Address Table Settings 199
Dynamic Address Cache 199
Displaying the Dynamic Address Table 199
Clearing the Dynamic Address Table 200
Changing the Aging Time 201
Configuring MAC Address Learning 202
Setting Static Addresses 203
Issuing MAC Address Traps 205
7 Spanning Tree Algorithm 207
Overview 207
Configuring Loopback Detection 210
Configuring Global Settings for STA 211
Displaying Global Settings for STA 217
Configuring Interface Settings for STA 218
Displaying Interface Settings for STA 222
Configuring Multiple Spanning Trees 225
Configuring Interface Settings for MSTP 229
8 Congestion Control 233
Rate Limiting 233
Storm Control 234
Automatic Traffic Control 236
Setting the ATC Timers 238
Configuring ATC Thresholds and Responses 239
9 Class of Service 243
Layer 2 Queue Settings 243
Setting the Default Priority for Interfaces 243
Selecting the Queue Mode 244
Mapping CoS Values to Egress Queues 247
Layer 3/4 Priority Settings 250
Setting Priority Processing to IP Precedence/DSCP or CoS 250
Mapping Ingress DSCP Values to Internal DSCP Values 251
Mapping CoS Priorities to Internal DSCP Values 254
– 8 –
Contents
Mapping Internal DSCP Values to Egress CoS Values 256
Mapping IP Precedence Values to Internal DSCP Values 258
Mapping IP Port Priority to Internal DSCP Values 260
10 Quality of Service 263
Overview 263
Configuring a Class Map 264
Creating QoS Policies 267
Attaching a Policy Map to a Port 277
11 VoIP Traffic Configuration 279
Overview 279
Configuring VoIP Traffic 280
Configuring Telephony OUI 281
Configuring VoIP Traffic Ports 282
12 Security Measures 285
AAA Authentication, Authorization and Accounting 286
Configuring Local/Remote Logon Authentication 287
Configuring Remote Logon Authentication Servers 288
Configuring AAA Accounting 293
Configuring AAA Authorization 298
Configuring User Accounts 301
Web Authentication 303
Configuring Global Settings for Web Authentication 303
Configuring Interface Settings for Web Authentication 304
Network Access (MAC Address Authentication) 306
Configuring Global Settings for Network Access 308
Configuring Network Access for Ports 309
Configuring Port Link Detection 311
Configuring a MAC Address Filter 312
Displaying Secure MAC Address Information 314
Configuring HTTPS 315
Configuring Global Settings for HTTPS 315
Replacing the Default Secure-site Certificate 317
Configuring the Secure Shell 318
– 9 –
Contents
Configuring the SSH Server 321
Generating the Host Key Pair 322
Importing User Public Keys 324
Access Control Lists 326
Showing TCAM Utilization 327
Setting the ACL Name and Type 329
Configuring a Standard IPv4 ACL 331
Configuring an Extended IPv4 ACL 332
Configuring a Standard IPv6 ACL 335
Configuring an Extended IPv6 ACL 336
Configuring a MAC ACL 338
Configuring an ARP ACL 340
Binding a Port to an Access Control List 342
Showing ACL Hardware Counters 343
Filtering IP Addresses for Management Access 344
Configuring Port Security 346
Configuring 802.1X Port Authentication 349
Configuring 802.1X Global Settings 350
Configuring Port Authenticator Settings for 802.1X 351
Displaying 802.1X Statistics 355
DoS Protection 357
DHCPv4 Snooping 358
DHCP Snooping Global Configuration 361
DHCP Snooping VLAN Configuration 363
Configuring Interfaces for DHCP Snooping 364
Displaying DHCP Snooping Binding Information 366
DHCPv6 Snooping 367
DHCPv6 Snooping Global Configuration 369
DHCPv6 Snooping VLAN Configuration 371
Configuring Interfaces for DHCPv6 Snooping 372
Displaying DHCPv6 Snooping Binding Information 374
Displaying DHCPv6 Snooping Statistics 375
IPv4 Source Guard 376
Configuring Ports for IPv4 Source Guard 376
Configuring Static Bindings for IPv4 Source Guard 378
– 10 –
Contents
Displaying Information for Dynamic IPv4 Source Guard Bindings 381
IPv6 Source Guard 382
Configuring Ports for IPv6 Source Guard 382
Configuring Static Bindings for IPv6 Source Guard 384
Displaying Information for Dynamic IPv6 Source Guard Bindings 387
ARP Inspection 388
Configuring Global Settings for ARP Inspection 389
Configuring VLAN Settings for ARP Inspection 391
Configuring Interface Settings for ARP Inspection 392
Displaying ARP Inspection Statistics 394
Displaying the ARP Inspection Log 395
Application Filter 396
13 Basic Administration Protocols 397
Configuring Event Logging 398
System Log Configuration 398
Remote Log Configuration 400
Sending Simple Mail Transfer Protocol Alerts 401
Link Layer Discovery Protocol 403
Setting LLDP Timing Attributes 403
Configuring LLDP Interface Attributes 405
Configuring LLDP Interface Civic-Address 409
Displaying LLDP Local Device Information 411
Displaying LLDP Remote Device Information 415
Displaying Device Statistics 423
Simple Network Management Protocol 424
Configuring Global Settings for SNMP 427
Setting Community Access Strings 427
Setting the Local Engine ID 429
Specifying a Remote Engine ID 430
Setting SNMPv3 Views 431
Configuring SNMPv3 Groups 434
Configuring Local SNMPv3 Users 440
Configuring Remote SNMPv3 Users 442
Specifying Trap Managers 445
– 11 –
Contents
Creating SNMP Notification Logs 449
Showing SNMP Statistics 451
Remote Monitoring 453
Configuring RMON Alarms 453
Configuring RMON Events 456
Configuring RMON History Samples 458
Configuring RMON Statistical Samples 461
Switch Clustering 463
Configuring General Settings for Clusters 464
Cluster Member Configuration 465
Managing Cluster Members 467
Setting a Time Range 468
Ethernet Ring Protection Switching 470
ERPS Global Configuration 475
ERPS Ring Configuration 475
ERPS Forced and Manual Mode Operations 491
OAM Configuration 495
Enabling OAM on Local Ports 495
Displaying Statistics for OAM Messages 498
Displaying the OAM Event Log 498
Displaying the Status of Remote Interfaces 499
Configuring a Remote Loopback Test 500
Displaying Results of Remote Loopback Testing 502
Connectivity Fault Management 503
Configuring Global Settings for CFM 507
Configuring Interfaces for CFM 510
Configuring CFM Maintenance Domains 511
Configuring CFM Maintenance Associations 515
Configuring Maintenance End Points 520
Configuring Remote Maintenance End Points 521
Transmitting Link Trace Messages 523
Transmitting Loop Back Messages 525
Transmitting Delay-Measure Requests 527
Displaying Local MEPs 529
Displaying Details for Local MEPs 530
– 12 –
Contents
Displaying Local MIPs 532
Displaying Remote MEPs 533
Displaying Details for Remote MEPs 534
Displaying the Link Trace Cache 536
Displaying Fault Notification Settings 537
Displaying Continuity Check Errors 538
OAM Configuration 539
Enabling OAM on Local Ports 539
Displaying Statistics for OAM Messages 542
Displaying the OAM Event Log 543
Displaying the Status of Remote Interfaces 544
Configuring a Remote Loopback Test 545
Displaying Results of Remote Loopback Testing 547
UDLD Configuration 548
Configuring UDLD Protocol Intervals 549
Configuring UDLD Interface Settings 550
Displaying UDLD Neighbor Information 552
LBD Configuration 553
Configuring Global Settings for LBD 554
Configuring Interface Settings for LBD 556
14 Multicast Filtering 557
Overview 557
Layer 2 IGMP (Snooping and Query for IPv4) 558
Configuring IGMP Snooping and Query Parameters 560
Specifying Static Interfaces for a Multicast Router 564
Assigning Interfaces to Multicast Services 566
Setting IGMP Snooping Status per Interface 568
Filtering IGMP Query Packets and Multicast Data 574
Displaying Multicast Groups Discovered by IGMP Snooping 575
Displaying IGMP Snooping Statistics 576
Filtering and Throttling IGMP Groups 580
Enabling IGMP Filtering and Throttling 581
Configuring IGMP Filter Profiles 581
Configuring IGMP Filtering and Throttling for Interfaces 584
– 13 –
Contents
MLD Snooping (Snooping and Query for IPv6) 585
Configuring MLD Snooping and Query Parameters 586
Setting Immediate Leave Status for MLD Snooping per Interface 587
Specifying Static Interfaces for an IPv6 Multicast Router 588
Assigning Interfaces to IPv6 Multicast Services 590
Showing MLD Snooping Groups and Source List 592
Displaying MLD Snooping Statistics 593
Multicast VLAN Registration for IPv4 601
Configuring MVR Global Settings 603
Configuring MVR Domain Settings 605
Configuring MVR Group Address Profiles 606
Configuring MVR Interface Status 609
Assigning Static MVR Multicast Groups to Interfaces 611
Displaying MVR Receiver Groups 613
Displaying MVR Statistics 614
Multicast VLAN Registration for IPv6 618
Configuring MVR6 Global Settings 619
Configuring MVR6 Domain Settings 621
Configuring MVR6 Group Address Profiles 622
Configuring MVR6 Interface Status 625
Assigning Static MVR6 Multicast Groups to Interfaces 627
Displaying MVR6 Receiver Groups 629
Displaying MVR6 Statistics 630
15 Basic IP Functions 635
Using the Ping Function 635
Using the Trace Route Function 637
Address Resolution Protocol 638
Basic ARP Configuration 639
Configuring Static ARP Addresses 640
Displaying Dynamic or Local ARP Entries 642
Displaying ARP Statistics 642
16 IP Configuration 645
Setting the Switch’s IP Address (IP Version 4) 645
Configuring IPv4 Interface Settings 645
– 14 –
Contents
Setting the Switch’s IP Address (IP Version 6) 649
Configuring the IPv6 Default Gateway 649
Configuring IPv6 Interface Settings 650
Configuring an IPv6 Address 655
Showing IPv6 Addresses 658
Showing the IPv6 Neighbor Cache 659
Showing IPv6 Statistics 660
Showing the MTU for Responding Destinations 666
17 General IP Routing 667
Overview 667
Initial Configuration 667
IP Routing and Switching 668
Routing Path Management 669
Routing Protocols 669
Configuring IP Routing Interfaces 670
Configuring Local and Remote Interfaces 670
Configuring Static Routes 671
Displaying the Routing Table 672
18 IP Services 675
Domain Name Service 675
Configuring General DNS Service Parameters 675
Configuring a List of Domain Names 676
Configuring a List of Name Servers 678
Configuring Static DNS Host to Address Entries 679
Displaying the DNS Cache 680
Dynamic Host Configuration Protocol 681
Specifying a DHCP Client Identifier 681
Configuring DHCP Layer 3 Relay Service 683
Configuring DHCP L2 Relay Service with Option 82 684
Enabling DHCP Dynamic Provision 688
Configuring the PPPoE Intermediate Agent 689
Configuring PPPoE IA Global Settings 689
Configuring PPPoE IA Interface Settings 690
Showing PPPoE IA Statistics 692
– 15 –
Contents
Section III Appendices 695
A Software Specifications 697
Software Features 697
Management Features 699
Standards 699
Management Information Bases 700
B Troubleshooting 703
Problems Accessing the Management Interface 703
Using System Logs 704
C License Information 705
The GNU General Public License 705
Glossary 709
Index 717
– 16 –
Figures
Figure 1: Dashboard 48
Figure 2: Home Page 50
Figure 3: Front Panel Indicators 51
Figure 4: System Information 74
Figure 5: General Switch Information 76
Figure 6: Configuring Support for Jumbo Frames 77
Figure 7: Displaying Bridge Extension Configuration 78
Figure 8: Copy Firmware 80
Figure 9: Saving the Running Configuration 82
Figure 10: Setting Start-Up Files 82
Figure 11: Displaying System Files 83
Figure 12: Configuring Automatic Code Upgrade 87
Figure 13: Manually Setting the System Clock 88
Figure 14: Setting the Polling Interval for SNTP 89
Figure 15: Configuring NTP 90
Figure 16: Specifying SNTP Time Servers 91
Figure 17: Adding an NTP Time Server 92
Figure 18: Showing the NTP Time Server List 92
Figure 19: Adding an NTP Authentication Key 93
Figure 20: Showing the NTP Authentication Key List 94
Figure 21: Setting the Time Zone 95
Figure 22: Configuring Summer Time 97
Figure 23: Console Port Settings 98
Figure 24: Telnet Connection Settings 100
Figure 25: Displaying CPU Utilization 101
Figure 26: Configuring CPU Guard 102
Figure 27: Displaying Memory Utilization 103
Figure 28: Restarting the Switch (Immediately) 105
Figure 29: Restarting the Switch (In) 105
– 17 –
Figures
Figure 30: Restarting the Switch (At) 106
Figure 31: Restarting the Switch (Regularly) 106
Figure 32: Configuring Connections by Port List 111
Figure 33: Configuring Connections by Port Range 112
Figure 34: Displaying Port Information 113
Figure 35: Showing Port Statistics (Table) 117
Figure 36: Showing Port Statistics (Chart) 117
Figure 37: Configuring a History Sample 119
Figure 38: Showing Entries for History Sampling 120
Figure 39: Showing Status of Statistical History Sample 120
Figure 40: Showing Current Statistics for a History Sample 121
Figure 41: Showing Ingress Statistics for a History Sample 122
Figure 42: Displaying Transceiver Data 123
Figure 43: Configuring Transceiver Thresholds 125
Figure 44: Performing Cable Tests 127
Figure 45: Configuring Static Trunks 128
Figure 46: Creating Static Trunks 129
Figure 47: Adding Static Trunks Members 130
Figure 48: Configuring Connection Parameters for a Static Trunk 130
Figure 49: Showing Information for Static Trunks 131
Figure 50: Configuring Dynamic Trunks 131
Figure 51: Configuring the LACP Aggregator Admin Key 134
Figure 52: Enabling LACP on a Port 135
Figure 53: Configuring LACP Parameters on a Port 135
Figure 54: Showing Members of a Dynamic Trunk 136
Figure 55: Configuring Connection Settings for a Dynamic Trunk 136
Figure 56: Displaying Connection Parameters for Dynamic Trunks 137
Figure 57: Displaying LACP Port Counters 138
Figure 58: Displaying LACP Port Internal Information 139
Figure 59: Displaying LACP Port Remote Information 141
Figure 60: Configuring Load Balancing 142
Figure 61: Enabling Power Savings 144
Figure 62: Configuring Local Port Mirroring 144
Figure 63: Configuring Local Port Mirroring 145
Figure 64: Displaying Local Port Mirror Sessions 146
– 18 –
Figures
Figure 65: Configuring Remote Port Mirroring 146
Figure 66: Configuring Remote Port Mirroring (Source) 149
Figure 67: Configuring Remote Port Mirroring (Intermediate) 150
Figure 68: Configuring Remote Port Mirroring (Destination) 150
Figure 69: Configuring an sFlow Receiver 152
Figure 70: Showing sFlow Receivers 153
Figure 71: Configuring an sFlow Instance 154
Figure 72: Showing sFlow Instances 154
Figure 73: Enabling Traffic Segmentation 156
Figure 74: Configuring Members for Traffic Segmentation 157
Figure 75: Showing Traffic Segmentation Members 158
Figure 76: Configuring VLAN Trunking 158
Figure 77: Configuring VLAN Trunking 159
Figure 78: VLAN Compliant and VLAN Non-compliant Devices 163
Figure 79: Using GVRP 164
Figure 80: Creating Static VLANs 166
Figure 81: Modifying Settings for Static VLANs 167
Figure 82: Showing Static VLANs 167
Figure 83: Configuring Static Members by VLAN Index 170
Figure 84: Configuring Static VLAN Members by Interface 171
Figure 85: Configuring Static VLAN Members by Interface Range 171
Figure 86: Configuring Global Status of GVRP 173
Figure 87: Configuring GVRP for an Interface 174
Figure 88: Showing Dynamic VLANs Registered on the Switch 174
Figure 89: Showing the Members of a Dynamic VLAN 175
Figure 90: QinQ Operational Concept 176
Figure 91: Enabling QinQ Tunneling 180
Figure 92: Configuring CVLAN to SPVLAN Mapping Entries 181
Figure 93: Showing CVLAN to SPVLAN Mapping Entries 181
Figure 94: Adding an Interface to a QinQ Tunnel 183
Figure 95: Configuring the L2PT Tunnel Address 186
Figure 96: Enabling L2PT on Required Interfaces 187
Figure 97: Configuring Protocol VLANs 189
Figure 98: Displaying Protocol VLANs 189
Figure 99: Assigning Interfaces to Protocol VLANs 190
– 19 –
Figures
Figure 100: Showing the Interface to Protocol Group Mapping 191
Figure 101: Configuring IP Subnet VLANs 193
Figure 102: Showing IP Subnet VLANs 193
Figure 103: Configuring MAC-Based VLANs 194
Figure 104: Showing MAC-Based VLANs 195
Figure 105: Configuring VLAN Translation 195
Figure 106: Configuring VLAN Translation 196
Figure 107: Showing the Entries for VLAN Translation 197
Figure 108: Displaying the Dynamic MAC Address Table 200
Figure 109: Clearing Entries in the Dynamic MAC Address Table 201
Figure 110: Setting the Address Aging Time 202
Figure 111: Configuring MAC Address Learning 203
Figure 112: Configuring Static MAC Addresses 204
Figure 113: Displaying Static MAC Addresses 205
Figure 114: Issuing MAC Address Traps (Global Configuration) 206
Figure 115: Issuing MAC Address Traps (Interface Configuration) 206
Figure 116: STP Root Ports and Designated Ports 208
Figure 117: MSTP Region, Internal Spanning Tree, Multiple Spanning Tree 209
Figure 118: Spanning Tree – Common Internal, Common, Internal 209
Figure 119: Configuring Port Loopback Detection 211
Figure 120: Configuring Global Settings for STA (STP) 215
Figure 121: Configuring Global Settings for STA (RSTP) 216
Figure 122: Configuring Global Settings for STA (MSTP) 216
Figure 123: Displaying Global Settings for STA 218
Figure 124: Determining the Root Port 219
Figure 125: Configuring Interface Settings for STA 222
Figure 126: STA Port Roles 224
Figure 127: Displaying Interface Settings for STA 225
Figure 128: Creating an MST Instance 226
Figure 129: Displaying MST Instances 227
Figure 130: Modifying the Priority for an MST Instance 227
Figure 131: Displaying Global Settings for an MST Instance 228
Figure 132: Adding a VLAN to an MST Instance 228
Figure 133: Displaying Members of an MST Instance 229
Figure 134: Configuring MSTP Interface Settings 230
– 20 –
Figures
Figure 135: Displaying MSTP Interface Settings 231
Figure 136: Configuring Rate Limits 234
Figure 137: Configuring Storm Control 236
Figure 138: Storm Control by Limiting the Traffic Rate 236
Figure 139: Storm Control by Shutting Down a Port 237
Figure 140: Configuring ATC Timers 239
Figure 141: Configuring ATC Interface Attributes 241
Figure 142: Setting the Default Port Priority 244
Figure 143: Setting the Queue Mode (Strict) 246
Figure 144: Setting the Queue Mode (WRR) 246
Figure 145: Setting the Queue Mode (Strict and WRR) 247
Figure 146: Mapping CoS Values to Egress Queues 249
Figure 147: Showing CoS Values to Egress Queue Mapping 249
Figure 148: Setting the Trust Mode 251
Figure 149: Configuring DSCP to DSCP Internal Mapping 253
Figure 150: Showing DSCP to DSCP Internal Mapping 253
Figure 151: Configuring CoS to DSCP Internal Mapping 255
Figure 152: Showing CoS to DSCP Internal Mapping 255
Figure 153: Configuring DSCP to CoS Egress Mapping 257
Figure 154: Showing DSCP to CoS Egress Mapping 257
Figure 155: Configuring IP Precedence to DSCP Internal Mapping 259
Figure 156: Showing the IP Precedence to DSCP Internal Map 260
Figure 157: Configuring IP Port Number to DSCP Internal Mapping 261
Figure 158: Showing IP Port Number to DSCP Internal Mapping 262
Figure 159: Configuring a Class Map 265
Figure 160: Showing Class Maps 266
Figure 161: Adding Rules to a Class Map 267
Figure 162: Showing the Rules for a Class Map 267
Figure 163: Configuring a Policy Map 275
Figure 164: Showing Policy Maps 275
Figure 165: Adding Rules to a Policy Map 276
Figure 166: Showing the Rules for a Policy Map 276
Figure 167: Attaching a Policy Map to a Port 278
Figure 168: Configuring a Voice VLAN 281
Figure 169: Configuring an OUI Telephony List 282
– 21 –
Figures
Figure 170: Showing an OUI Telephony List 282
Figure 171: Configuring Port Settings for a Voice VLAN 284
Figure 172: Configuring the Authentication Sequence 288
Figure 173: Authentication Server Operation 288
Figure 174: Configuring Remote Authentication Server (RADIUS) 291
Figure 175: Configuring Remote Authentication Server (TACACS+) 292
Figure 176: Configuring AAA Server Groups 292
Figure 177: Showing AAA Server Groups 293
Figure 178: Configuring Global Settings for AAA Accounting 295
Figure 179: Configuring AAA Accounting Methods 296
Figure 180: Showing AAA Accounting Methods 296
Figure 181: Configuring AAA Accounting Service for 802.1X Service 297
Figure 182: Configuring AAA Accounting Service for Exec Service 297
Figure 183: Displaying a Summary of Applied AAA Accounting Methods 297
Figure 184: Displaying Statistics for AAA Accounting Sessions 298
Figure 185: Configuring AAA Authorization Methods 299
Figure 186: Showing AAA Authorization Methods 300
Figure 187: Configuring AAA Authorization Methods for Exec Service 300
Figure 188: Displaying the Applied AAA Authorization Method 301
Figure 189: Configuring User Accounts 302
Figure 190: Showing User Accounts 303
Figure 191: Configuring Global Settings for Web Authentication 304
Figure 192: Configuring Interface Settings for Web Authentication 305
Figure 193: Configuring Global Settings for Network Access 309
Figure 194: Configuring Interface Settings for Network Access 311
Figure 195: Configuring Link Detection for Network Access 312
Figure 196: Configuring a MAC Address Filter for Network Access 313
Figure 197: Showing the MAC Address Filter Table for Network Access 313
Figure 198: Showing Addresses Authenticated for Network Access 315
Figure 199: Configuring HTTPS 317
Figure 200: Downloading the Secure-Site Certificate 318
Figure 201: Configuring the SSH Server 322
Figure 202: Generating the SSH Host Key Pair 323
Figure 203: Showing the SSH Host Key Pair 324
Figure 204: Copying the SSH User’s Public Key 325
– 22 –
Figures
Figure 205: Showing the SSH User’s Public Key 326
Figure 206: Showing TCAM Utilization 329
Figure 207: Creating an ACL 330
Figure 208: Showing a List of ACLs 331
Figure 209: Configuring a Standard IPv4 ACL 332
Figure 210: Configuring an Extended IPv4 ACL 335
Figure 211: Configuring a Standard IPv6 ACL 336
Figure 212: Configuring an Extended IPv6 ACL 338
Figure 213: Configuring a MAC ACL 340
Figure 214: Configuring a ARP ACL 342
Figure 215: Binding a Port to an ACL 343
Figure 216: Showing ACL Statistics 344
Figure 217: Creating an IP Address Filter for Management Access 346
Figure 218: Showing IP Addresses Authorized for Management Access 346
Figure 219: Configuring Port Security 348
Figure 220: Configuring Port Authentication 349
Figure 221: Configuring Global Settings for 802.1X Port Authentication 351
Figure 222: Configuring Interface Settings for 802.1X Port Authenticator 355
Figure 223: Showing Statistics for 802.1X Port Authenticator 357
Figure 224: Protecting Against DoS Attacks 358
Figure 225: Configuring Global Settings for DHCP Snooping 363
Figure 226: Configuring DHCP Snooping on a VLAN 364
Figure 227: Configuring the Port Mode for DHCP Snooping 365
Figure 228: Displaying the Binding Table for DHCP Snooping 367
Figure 229: Configuring Global Settings for DHCPv6 Snooping 371
Figure 230: Configuring DHCPv6 Snooping on a VLAN 372
Figure 231: Showing VLANs Enabled for DHCPv6 Snooping 372
Figure 232: Configuring the Trust Sate for DHCPv6 Snooping 373
Figure 233: Displaying the Binding Table for DHCPv6 Snooping 374
Figure 234: Displaying Statistics for DHCPv6 Snooping 375
Figure 235: Setting the Filter Type for IP Source Guard 378
Figure 236: Configuring Static Bindings for IPv4 Source Guard 380
Figure 237: Displaying Static Bindings for IPv4 Source Guard 381
Figure 238: Showing the IPv4 Source Guard Binding Table 382
Figure 239: Setting the Filter Type for IPv6 Source Guard 384
– 23 –
Figures
Figure 240: Configuring Static Bindings for IPv6 Source Guard 386
Figure 241: Displaying Static Bindings for IPv6 Source Guard 386
Figure 242: Showing the IPv6 Source Guard Binding Table 388
Figure 243: Configuring Global Settings for ARP Inspection 391
Figure 244: Configuring VLAN Settings for ARP Inspection 392
Figure 245: Configuring Interface Settings for ARP Inspection 393
Figure 246: Displaying Statistics for ARP Inspection 395
Figure 247: Displaying the ARP Inspection Log 396
Figure 248: Configuring Discarding or Forwarding of CDP/PVST Packets 396
Figure 249: Configuring Settings for System Memory Logs 399
Figure 250: Showing Error Messages Logged to System Memory 400
Figure 251: Configuring Settings for Remote Logging of Error Messages 401
Figure 252: Configuring SMTP Alert Messages 403
Figure 253: Configuring LLDP Timing Attributes 405
Figure 254: Configuring LLDP Interface Attributes 409
Figure 255: Configuring the Civic Address for an LLDP Interface 410
Figure 256: Showing the Civic Address for an LLDP Interface 411
Figure 257: Displaying Local Device Information for LLDP (General) 414
Figure 258: Displaying Local Device Information for LLDP (Port) 414
Figure 259: Displaying Local Device Information for LLDP (Port Details) 414
Figure 260: Displaying Remote Device Information for LLDP (Port) 421
Figure 261: Displaying Remote Device Information for LLDP (Port Details) 422
Figure 262: Displaying LLDP Device Statistics (General) 424
Figure 263: Displaying LLDP Device Statistics (Port) 424
Figure 264: Configuring Global Settings for SNMP 427
Figure 265: Setting Community Access Strings 428
Figure 266: Showing Community Access Strings 429
Figure 267: Configuring the Local Engine ID for SNMP 430
Figure 268: Configuring a Remote Engine ID for SNMP 431
Figure 269: Showing Remote Engine IDs for SNMP 431
Figure 270: Creating an SNMP View 432
Figure 271: Showing SNMP Views 433
Figure 272: Adding an OID Subtree to an SNMP View 433
Figure 273: Showing the OID Subtree Configured for SNMP Views 434
Figure 274: Creating an SNMP Group 439
– 24 –
Figures
Figure 275: Showing SNMP Groups 439
Figure 276: Configuring Local SNMPv3 Users 441
Figure 277: Showing Local SNMPv3 Users 441
Figure 278: Changing a Local SNMPv3 User Group 442
Figure 279: Configuring Remote SNMPv3 Users 444
Figure 280: Showing Remote SNMPv3 Users 444
Figure 281: Configuring Trap Managers (SNMPv1) 448
Figure 282: Configuring Trap Managers (SNMPv2c) 448
Figure 283: Configuring Trap Managers (SNMPv3) 448
Figure 284: Showing Trap Managers 449
Figure 285: Creating a Trap Host 450
Figure 286: Showing the Notification Filter 450
Figure 287: Creating SNMP Notification Logs 450
Figure 288: Showing SNMP Notification Logs 451
Figure 289: Showing SNMP Statistics 453
Figure 290: Configuring an RMON Alarm 455
Figure 291: Showing Configured RMON Alarms 456
Figure 292: Configuring an RMON Event 457
Figure 293: Showing Configured RMON Events 458
Figure 294: Configuring an RMON History Sample 459
Figure 295: Showing Configured RMON History Samples 460
Figure 296: Showing Collected RMON History Samples 460
Figure 297: Configuring an RMON Statistical Sample 462
Figure 298: Showing Configured RMON Statistical Samples 462
Figure 299: Showing Collected RMON Statistical Samples 463
Figure 300: Configuring a Switch Cluster 465
Figure 301: Configuring a Cluster Members 466
Figure 302: Showing Cluster Members 466
Figure 303: Showing Cluster Candidates 466
Figure 304: Managing a Cluster Member 467
Figure 305: Setting the Name of a Time Range 469
Figure 306: Showing a List of Time Ranges 469
Figure 307: Add a Rule to a Time Range 470
Figure 308: Showing the Rules Configured for a Time Range 470
Figure 309: ERPS Ring Components 472
– 25 –
Figures
Figure 310: Ring Interconnection Architecture (Multi-ring/Ladder Network) 473
Figure 311: Setting ERPS Global Status 475
Figure 312: Sub-ring with Virtual Channel 485
Figure 313: Sub-ring without Virtual Channel 485
Figure 314: Non-ERPS Device Protection 486
Figure 315: Creating an ERPS Ring 489
Figure 316: Creating an ERPS Ring 490
Figure 317: Showing Configured ERPS Rings 491
Figure 318: Blocking an ERPS Ring Port 495
Figure 319: Enabling OAM for Local Ports 497
Figure 320: Displaying Statistics for OAM Messages 498
Figure 321: Displaying the OAM Event Log 499
Figure 322: Displaying Status of Remote Interfaces 500
Figure 323: Running a Remote Loop Back Test 502
Figure 324: Displaying the Results of Remote Loop Back Testing 503
Figure 325: Single CFM Maintenance Domain 504
Figure 326: Multiple CFM Maintenance Domains 505
Figure 327: Configuring Global Settings for CFM 510
Figure 328: Configuring Interfaces for CFM 511
Figure 329: Configuring Maintenance Domains 514
Figure 330: Showing Maintenance Domains 515
Figure 331: Configuring Detailed Settings for Maintenance Domains 515
Figure 332: Creating Maintenance Associations 518
Figure 333: Showing Maintenance Associations 519
Figure 334: Configuring Detailed Settings for Maintenance Associations 519
Figure 335: Configuring Maintenance End Points 521
Figure 336: Showing Maintenance End Points 521
Figure 337: Configuring Remote Maintenance End Points 523
Figure 338: Showing Remote Maintenance End Points 523
Figure 339: Transmitting Link Trace Messages 525
Figure 340: Transmitting Loopback Messages 526
Figure 341: Transmitting Delay-Measure Messages 528
Figure 342: Showing Information on Local MEPs 529
Figure 343: Showing Detailed Information on Local MEPs 531
Figure 344: Showing Information on Local MIPs 532
– 26 –
Figures
Figure 345: Showing Information on Remote MEPs 533
Figure 346: Showing Detailed Information on Remote MEPs 535
Figure 347: Showing the Link Trace Cache 537
Figure 348: Showing Settings for the Fault Notification Generator 538
Figure 349: Showing Continuity Check Errors 539
Figure 350: Enabling OAM for Local Ports 542
Figure 351: Displaying Statistics for OAM Messages 543
Figure 352: Displaying the OAM Event Log 544
Figure 353: Displaying Status of Remote Interfaces 545
Figure 354: Running a Remote Loop Back Test 547
Figure 355: Displaying the Results of Remote Loop Back Testing 548
Figure 356: Configuring UDLD Protocol Intervals 550
Figure 357: Configuring UDLD Interface Settings 552
Figure 358: Displaying UDLD Neighbor Information 553
Figure 359: Configuring Global Settings for LBD 555
Figure 360: Configuring Interface Settings for LBD 556
Figure 361: Multicast Filtering Concept 558
Figure 362: Configuring General Settings for IGMP Snooping 564
Figure 363: Configuring a Static Interface for a Multicast Router 565
Figure 364: Showing Static Interfaces Attached a Multicast Router 566
Figure 365: Showing Current Interfaces Attached a Multicast Router 566
Figure 366: Assigning an Interface to a Multicast Service 567
Figure 367: Showing Static Interfaces Assigned to a Multicast Service 568
Figure 368: Configuring IGMP Snooping on a VLAN 573
Figure 369: Showing Interface Settings for IGMP Snooping 574
Figure 370: Dropping IGMP Query or Multicast Data Packets 575
Figure 371: Showing Multicast Groups Learned by IGMP Snooping 576
Figure 372: Displaying IGMP Snooping Statistics – Query 578
Figure 373: Displaying IGMP Snooping Statistics – VLAN 579
Figure 374: Displaying IGMP Snooping Statistics – Port 580
Figure 375: Enabling IGMP Filtering and Throttling 581
Figure 376: Creating an IGMP Filtering Profile 582
Figure 377: Showing the IGMP Filtering Profiles Created 583
Figure 378: Adding Multicast Groups to an IGMP Filtering Profile 583
Figure 379: Showing the Groups Assigned to an IGMP Filtering Profile 584
– 27 –
Figures
Figure 380: Configuring IGMP Filtering and Throttling Interface Settings 585
Figure 381: Configuring General Settings for MLD Snooping 587
Figure 382: Configuring Immediate Leave for MLD Snooping 588
Figure 383: Configuring a Static Interface for an IPv6 Multicast Router 589
Figure 384: Showing Static Interfaces Attached an IPv6 Multicast Router 589
Figure 385: Showing Current Interfaces Attached an IPv6 Multicast Router 590
Figure 386: Assigning an Interface to an IPv6 Multicast Service 591
Figure 387: Showing Static Interfaces Assigned to an IPv6 Multicast Service 591
Figure 388: Showing Current Interfaces Assigned to an IPv6 Multicast Service 592
Figure 389: Showing IPv6 Multicast Services and Corresponding Sources 593
Figure 390: Displaying MLD Snooping Statistics – Input 597
Figure 391: Displaying MLD Snooping Statistics – Output 597
Figure 392: Displaying MLD Snooping Statistics – Query 598
Figure 393: Displaying MLD Snooping Statistics – Summary (Port/Trunk) 599
Figure 394: Displaying MLD Snooping Statistics – Summary (VLAN) 600
Figure 395: Clearing MLD Snooping Statistics 601
Figure 396: MVR Concept 602
Figure 397: Configuring Global Settings for MVR 604
Figure 398: Configuring Domain Settings for MVR 606
Figure 399: Configuring an MVR Group Address Profile 607
Figure 400: Displaying MVR Group Address Profiles 608
Figure 401: Assigning an MVR Group Address Profile to a Domain 608
Figure 402: Showing the MVR Group Address Profiles Assigned to a Domain 609
Figure 403: Configuring Interface Settings for MVR 611
Figure 404: Assigning Static MVR Groups to an Interface 613
Figure 405: Showing the Static MVR Groups Assigned to a Port 613
Figure 406: Displaying MVR Receiver Groups 614
Figure 407: Displaying MVR Statistics – Query 616
Figure 408: Displaying MVR Statistics – VLAN 617
Figure 409: Displaying MVR Statistics – Port 618
Figure 410: Configuring Global Settings for MVR6 620
Figure 411: Configuring Domain Settings for MVR6 622
Figure 412: Configuring an MVR6 Group Address Profile 623
Figure 413: Displaying MVR6 Group Address Profiles 624
Figure 414: Assigning an MVR6 Group Address Profile to a Domain 624
– 28 –
Figures
Figure 415: Showing MVR6 Group Address Profiles Assigned to a Domain 625
Figure 416: Configuring Interface Settings for MVR6 627
Figure 417: Assigning Static MVR6 Groups to a Port 628
Figure 418: Showing the Static MVR6 Groups Assigned to a Port 629
Figure 419: Displaying MVR6 Receiver Groups 630
Figure 420: Displaying MVR6 Statistics – Query 632
Figure 421: Displaying MVR6 Statistics – VLAN 633
Figure 422: Displaying MVR6 Statistics – Port 634
Figure 423: Pinging a Network Device 636
Figure 424: Tracing the Route to a Network Device 638
Figure 425: Proxy ARP 639
Figure 426: Configuring General Settings for ARP 640
Figure 427: Configuring Static ARP Entries 641
Figure 428: Displaying Static ARP Entries 642
Figure 429: Displaying ARP Entries 642
Figure 430: Displaying ARP Statistics 643
Figure 431: Configuring a Static IPv4 Address 647
Figure 432: Configuring a Dynamic IPv4 Address 648
Figure 433: Showing the Configured IPv4 Address for an Interface 649
Figure 434: Configuring the IPv6 Default Gateway 650
Figure 435: Configuring General Settings for an IPv6 Interface 654
Figure 436: Configuring RA Guard for an IPv6 Interface 655
Figure 437: Configuring an IPv6 Address 657
Figure 438: Showing Configured IPv6 Addresses 659
Figure 439: Showing IPv6 Neighbors 660
Figure 440: Showing IPv6 Statistics (IPv6) 664
Figure 441: Showing IPv6 Statistics (ICMPv6) 665
Figure 442: Showing IPv6 Statistics (UDP) 665
Figure 443: Showing Reported MTU Values 666
Figure 444: Virtual Interfaces and Layer 3 Routing 668
Figure 445: Configuring Static Routes 672
Figure 446: Displaying Static Routes 672
Figure 447: Displaying the Routing Table 673
Figure 448: Configuring General Settings for DNS 676
Figure 449: Configuring a List of Domain Names for DNS 677
– 29 –
Figures
Figure 450: Showing the List of Domain Names for DNS 677
Figure 451: Configuring a List of Name Servers for DNS 678
Figure 452: Showing the List of Name Servers for DNS 679
Figure 453: Configuring Static Entries in the DNS Table 680
Figure 454: Showing Static Entries in the DNS Table 680
Figure 455: Showing Entries in the DNS Cache 681
Figure 456: Specifying A DHCP Client Identifier 683
Figure 457: Layer 3 DHCP Relay Service 683
Figure 458: Configuring DHCP Relay Service 684
Figure 459: Layer 2 DHCP Relay Service 685
Figure 460: Configuring DHCP Relay Information Option 82 Service 688
Figure 461: Enabling Dynamic Provisioning via DHCP 689
Figure 462: Configuring Global Settings for PPPoE Intermediate Agent 690
Figure 463: Configuring Interface Settings for PPPoE Intermediate Agent 692
Figure 464: Showing PPPoE Intermediate Agent Statistics 693
– 30 –
Loading...