XGS3600 Series
Default Login Details
IP Address
http://192.168.0.1 (MGMT port)
User Name
admin
Password
1234
XGS3600-26F / XGS3600-28 / XGS3600-28F
GbE L2 Switch with 10G GbE uplink
Version 1.00
Edition 1, 03/2015
User’s Guide
http://192.168.1.1 (In-band ports)
Copyright © 2015 ZyXEL Communications Corporation
IMPORTANT!
READ CAREFULLY BEFORE USE.
KEEP THIS GUIDE FOR FUTURE REFERENCE.
Screenshots and graphics in this book may dif fer slightly from your product due to
differences in your product firmware or your computer ope rating system. Every effort has
been made to ensure that the information in this manual is accurate.
Table of Contents
INTRODUCTION ................................................................................................................................................ 1
CHAPTER 1 OPERATION OF WEB-BASED MANAGEMENT ........................................................ 3
CHAPTER 2 SYSTEM CONFIGURATION ......................................................................................... 4
2-1 SYSTEM INFORMATION ................................................................................................................................. 4
2-1.1 Information .......................................................................................................................................... 4
2-1.2 Configuration ....................................................................................................................................... 7
2-1.3 CPU Load ............................................................................................................................................ 8
2-2 TIME ............................................................................................................................................................. 9
2-2.1 Manual ................................................................................................................................................. 9
2-2.2 NTP .................................................................................................................................................... 11
2-3 ACCOUNT ................................................................................................................................................... 12
2-3.1 Users .................................................................................................................................................. 12
2-3.2 Privilege Level ................................................................................................................................... 14
2-4 IP ................................................................................................................................................................ 16
2-4.1 IPV4 ................................................................................................................................................... 16
2-4.2 IPV6 ................................................................................................................................................... 18
2-5 SYSLOG ...................................................................................................................................................... 19
2-5.1 Configuration .................................................................................................................................... 19
2-5.2 Log .................................................................................................................................................... 21
2-5.3 Detailed Log ..................................................................................................................................... 23
2-6 SNMP ........................................................................................................................................................ 24
2-6.1 System ............................................................................................................................................... 24
2-6.2 Configuration ..................................................................................................................................... 25
2-6.3 Communities ...................................................................................................................................... 26
2-6.4 Users .................................................................................................................................................. 27
2-6.5 Groups ............................................................................................................................................... 29
2-6.6 V iew s .................................................................................................................................................. 30
2-6.7 Access ................................................................................................................................................ 31
2-6.8 Tarp .................................................................................................................................................... 33
CHAPTER 3. CONFIGURATION ........................................................................................................ 35
3-1 PORT ........................................................................................................................................................... 35
3-1.1 Configuration ..................................................................................................................................... 35
3-1.2 Port Description ................................................................................................................................ 38
3-1.3 Port Telephone ................................................................................................................................... 40
3-1.4 Traf fic Overview................................................................................................................................. 42
3-1.5 Detailed Statistics .............................................................................................................................. 44
3-1.6 Qos Statistics ...................................................................................................................................... 47
3-1.7 SFP Information ................................................................................................................................ 49
3-2 ACL ........................................................................................................................................................... 51
3-2.1 Ports ................................................................................................................................................... 51
3-2.2 Rate Limiters ...................................................................................................................................... 54
3-2.3 Access Control List ............................................................................................................................ 55
3-2.4 ACL Status ......................................................................................................................................... 64
3-3 AGGREGATION ............................................................................................................................................ 66
3-3.1 Static Trunk ........................................................................................................................................ 66
3-3.1.1 Static Trunk .................................................................................................................................................. 66
3-3.2 Aggregati on View ............................................................................................................................... 68
3-3.3 Port View ............................................................................................................................................ 69
3-3.4 LACP ................................................................................................................................................. 71
3-3.4.1 Configuration ............................................................................................................................................... 71
3-3.4.2 System Status ............................................................................................................................................... 74
3-3.4.3 Port Sta tus .................................................................................................................................................... 75
3-3.4.4 Port Statistics ............................................................................................................................................... 77
3-4 SPANNING TREE .......................................................................................................................................... 79
3-4.1 Bridge Settings ................................................................................................................................... 79
3-4.2 MSTI Mapping ................................................................................................................................... 82
3-4.3 MSTI Priorities .................................................................................................................................. 84
3-4.4 CIST Ports ......................................................................................................................................... 85
XGS3600 Series User's Guide
iv
3-4.5 MSTI Ports ......................................................................................................................................... 88
3-4.6 Bridge Status ...................................................................................................................................... 91
3-4.7 Port Status .......................................................................................................................................... 92
3-4.8 Port Statistics ..................................................................................................................................... 94
3-5 MRSTP ...................................................................................................................................................... 95
3-5.1 Instance .............................................................................................................................................. 95
3-5.2 Port Configuration ............................................................................................................................. 97
3-5.3 Port Status .......................................................................................................................................... 99
3-6 IGMP SNOOPING ...................................................................................................................................... 101
3-6.1 Basic Configuration ......................................................................................................................... 101
3-5.2 VLAN Configuration ........................................................................................................................ 104
3-5.3 Port Group Filtering ........................................................................................................................ 106
3-5.4 Status ................................................................................................................................................ 107
3-5.5 Group Information ........................................................................................................................... 109
3-5.6 IPv4 SSM information ...................................................................................................................... 110
3-6 MLD SNOOPING ....................................................................................................................................... 112
3-6.1 Basic Configuration ......................................................................................................................... 112
3-6.2 VLAN Configuration ........................................................................................................................ 115
3-6.3 Port Group Filtering ........................................................................................................................ 117
3-6.4 Status ................................................................................................................................................ 118
3-6.5 Group Information ........................................................................................................................... 120
3-6.6 IPv6 SSM Information ..................................................................................................................... 122
3-7 MVR ........................................................................................................................................................ 123
3-7.1 Configuration ................................................................................................................................... 123
3-7.2 Port Group Allow ............................................................................................................................. 125
3-7.3 Groups Information ......................................................................................................................... 126
3-7.4 Statistics ........................................................................................................................................... 127
3-8 LLDP ....................................................................................................................................................... 128
3-8.1 LLDP Configuration ........................................................................................................................ 128
3-8.2 LLDP Neighbours ............................................................................................................................ 131
3-8.3 LLDP-MED Configuration .............................................................................................................. 133
3-8.4 LLDP-MED Neighbours .................................................................................................................. 139
3-8.5 Port Statistics ................................................................................................................................... 142
3- 9 FILTERING DATA BASE ............................................................................................................................. 144
3- 9.1 Configuration .................................................................................................................................. 144
3- 9.2 Dynamic MAC Table ....................................................................................................................... 147
3-10 VLAN .................................................................................................................................................... 148
3-10.1 VLAN Membership ......................................................................................................................... 148
3-10.2 Ports ............................................................................................................................................... 150
3-10.3 Switch Status .................................................................................................................................. 154
3-10.4 Port Status ...................................................................................................................................... 155
3-10.5 Private VLANs ............................................................................................................................... 157
3-10.5.1 Private VLANs Membership ............................................................................................................... 157
3-10.5.2 Port Isolation......................................................................................................................................... 159
3-10.6 MAC-based VLAN .......................................................................................................................... 160
3-10.6.1 Configuration ........................................................................................................................................ 160
3-10.6.2 Status ..................................................................................................................................................... 162
3-10.7 Protocol -based VLAN ................................................................................................................... 163
3-10.7.1 Protocol to Group ................................................................................................................................. 163
3-10.7.2 Group to VLAN ..................................................................................................................................... 165
3-11 VLAN TRANSLATIO N ............................................................................................................................. 167
3-11.1 Port to Group Mapping ................................................................................................................. 167
3-11 .2 VID Translation Mapping .............................................................................................................. 169
3-12 GARP..................................................................................................................................................... 170
3-12.1 Configuration ................................................................................................................................. 170
3-12.2 Statistics ......................................................................................................................................... 173
3-13 GVRP..................................................................................................................................................... 175
3-13.1 Configuration ................................................................................................................................. 175
3-13.2 Statistics ......................................................................................................................................... 178
3-14 QOS ........................................................................................................................................................ 180
3-14.1 Port Classification ......................................................................................................................... 180
3-14.2 Port Policing .................................................................................................................................. 183
3-14.3 Queue Policers ............................................................................................................................... 184
3-14.4 Port Scheduler ............................................................................................................................... 186
XGS3600 Series User's Guide
v
3-14.5 Port Shaping .................................................................................................................................. 190
3-14.6 Port Tag Remarking ....................................................................................................................... 194
3-14.7 Port DSCP ..................................................................................................................................... 196
3-14.8 DSCP-Based QoS .......................................................................................................................... 199
3-14.9 DSCP Translation .......................................................................................................................... 201
3-14.10 DSCP Classification .................................................................................................................... 203
3-14.11 QoS Control List Configuration ................................................................................................... 204
3-14.12 QCL Status ................................................................................................................................... 208
3-14.13 Storm Control ............................................................................................................................... 210
3-14.14 WRED .......................................................................................................................................... 212
3-15 EVC ....................................................................................................................................................... 214
3-15.1 Configuration ................................................................................................................................. 214
3-15.2 Ports ............................................................................................................................................... 216
3-15.3 Bandwidth Profile .......................................................................................................................... 218
3-15.4 ECE ................................................................................................................................................ 220
3-15.5 EVC Statistics................................................................................................................................. 227
3-15.6 EVE Statistics ................................................................................................................................. 228
3-16 LOOP PROTECTION ................................................................................................................................. 229
3-16.1 Configuration ................................................................................................................................. 229
3-16.2 Status .............................................................................................................................................. 231
3-17 MIRRORING ............................................................................................................................................ 233
3-18 TRAP EVENT SEVERITY .......................................................................................................................... 235
3-19 SMTP CONFIGURATION .......................................................................................................................... 237
3-20 802.3AH OAM ........................................................................................................................................ 239
3-20.1 Port Config .................................................................................................................................... 239
3-20.2 Event Config .................................................................................................................................. 241
3-20.3 Port Status ...................................................................................................................................... 243
3-20.4 Link Events ..................................................................................................................................... 245
3-20.5 Statistics ......................................................................................................................................... 248
3-21 ETHERNET OAM .................................................................................................................................... 250
3-22 EPS ........................................................................................................................................................ 252
3-23 ERPS ...................................................................................................................................................... 254
CHAPTER 4. SECURITY ............................................................................................................. 256
4-1 IP SOURCE GUARD ................................................................................................................................... 256
4-1.1 Configuration ................................................................................................................................... 256
4-1.2 Static Table ....................................................................................................................................... 259
4-1.3 Dynamic Table ................................................................................................................................. 260
4-2 ARP INSPECTION ...................................................................................................................................... 261
4-2.1 Configuration ................................................................................................................................... 261
4-2.2 Static T able ....................................................................................................................................... 262
4-2.3 Dynamic Table ................................................................................................................................. 263
4-3 DHCP SNOOPING ..................................................................................................................................... 264
4-3.1 Configuration ................................................................................................................................... 264
4-3.2 Statistics ........................................................................................................................................... 265
4-4 DHCP RELAY ........................................................................................................................................... 267
4-4.1 Configuration ................................................................................................................................... 267
4-4.2 Profile .............................................................................................................................................. 269
4-4.3 Statistics ........................................................................................................................................... 271
4-5 NAS ......................................................................................................................................................... 273
4-5.1 Configuration ................................................................................................................................... 273
4-5.2 Switch Status .................................................................................................................................... 281
4-5.3 Port Status ........................................................................................................................................ 283
4-6 AAA ......................................................................................................................................................... 286
4-6.1 Configuration ................................................................................................................................... 286
4-6.2 Radius Overview .............................................................................................................................. 290
4-6.3 Radius Details .................................................................................................................................. 292
4-7 PORT SECURITY ........................................................................................................................................ 293
4-7.1 Limit Control .................................................................................................................................... 293
4-7.2 Switch Status .................................................................................................................................... 297
4-7.3 Port Status ........................................................................................................................................ 299
4-8 ACCESS MANAGEMENT ............................................................................................................................ 300
4-8.1 Configuration ................................................................................................................................... 300
XGS3600 Series User's Guide
vi
4-8.2 Statistics ........................................................................................................................................... 302
4-9 SSH .......................................................................................................................................................... 303
4-10 HTTPS ................................................................................................................................................... 304
4-11 AUTH METHOD ....................................................................................................................................... 305
4-12 PPPOE IA ............................................................................................................................................... 306
4-13 ERROR DISABLE ..................................................................................................................................... 308
4-13.1 CPU Protection .............................................................................................................................. 308
4-13.2 Errdisable Detect ........................................................................................................................... 309
4-13.3 Errdisable Recovery ....................................................................................................................... 310
4-8.2 Errdisable Status .............................................................................................................................. 311
CHAPTER 5. MAINTENANCE .................................................................................................. 312
5-1 RESTART DEVICE ...................................................................................................................................... 312
5-2 FIRMWARE ................................................................................................................................................ 313
5-2.1 Firmware Upgrade .......................................................................................................................... 313
5-2.2 Firmware Selection .......................................................................................................................... 314
5-3 SAVE / RESTORE........................................................................................................................................ 316
5-3.1 Factory Defaults .............................................................................................................................. 316
5-3.2 Save Start ......................................................................................................................................... 316
5-3.3 Save User ......................................................................................................................................... 317
5-3.4 Restore User .................................................................................................................................... 317
5-4 EXPORT / IMPORT ...................................................................................................................................... 318
5-4.1 Export Config ................................................................................................................................... 318
5-4.2 Import Config ................................................................................................................................... 319
5-5 DIAGNOSTICS ........................................................................................................................................... 320
5-5.1 Ping .................................................................................................................................................. 320
5-5.2 Ping6 ................................................................................................................................................ 321
5-5.3 VeriPHY ........................................................................................................................................... 322
A. GLOSSARY OF WEB-BASED MANAGEMENT ................................................................................... 323
A .................................................................................................................................................................... 323
C..................................................................................................................................................................... 325
D .................................................................................................................................................................... 325
E ..................................................................................................................................................................... 326
F ..................................................................................................................................................................... 326
H .................................................................................................................................................................... 328
I ...................................................................................................................................................................... 328
L ..................................................................................................................................................................... 330
M .................................................................................................................................................................... 330
N .................................................................................................................................................................... 332
O .................................................................................................................................................................... 332
P ..................................................................................................................................................................... 333
Q .................................................................................................................................................................... 334
R..................................................................................................................................................................... 334
S ..................................................................................................................................................................... 334
T ..................................................................................................................................................................... 336
U .................................................................................................................................................................... 337
V .................................................................................................................................................................... 338
XGS3600 Series User's Guide
vii
INTRODUCTION
Overview
In this user’s manual, it will not only tell you how to install and connect your
networ k syst em but c onfig ure and m onitor the XGS3600 Series thr ough the buil t-in CLI
and web by (RS-232) serial interface and Ethernet ports step-by-step. Many
explanations in detail of hardware and software functions are shown as well as the
examples of the operation for web-based interface and com mand-line interface (CLI).
The XGS3600 Series, the next generation L2+ Ethernet Fiber switches from
Manufacture, is a 20-port GbE SFP, 4-port Combo GbE (RJ-45/SFP) and 4-port 10GbE
(SFP+) L2+ Ethernet Switch portfolio of affordable fiber switches and a standard switch
that meets all IEEE 802.3/u/x/z/ab/ae standards. The switch deliver more intelligent
features you need to improve the availability of your critical business applications,
protect your sensitive information, and optimize your network bandwidth to deliver
information and applications more effectively. It provides the ideal combination of
affordability and capabilities for fiber networking includes ITU-T G.8032 Ethernet Ring
Protection Switching for Ethernet switch management requirement. It is suitable for
Ethernet switch applications. and helps you create a more efficient, better-connected
workforce. Others it supports AC and DC Dual Power input (100~240VAC/-48VDC) for
Power Redundancy requirement.
XGS3600 SERIES L2+ Ethernet Fib er Switches provide 26 ports in a single device;
the specification is highlighted as follows.
L2+ features provide better manageability, security, QoS, and performance.
ITU-T G.8032 Ethernet Ri ng P rote ction Switc hi ng.
Support 20 Port (100M/1G SFP) Fiber high-density for scalable connect
requirement.
Support 4-port Combo GbE RJ-45/(100M/1G SFP) for flexible connection
requirement.
Support 4-port 10GbE (1G/10G SFP+) for high speed backbone uplink
requirement
Support 1-port GbE RJ-45 for out-of-band management requirement.
Support IPv4/IPv6 dual stack management
Support SSH/SSL secured management
Support SNMP v1/v2c/v3
Support RMON groups 1, 2,3, 9
Support sFlow
Support IGMP v1/v2/v3 Snooping
Support MLD v1/v2 Sno oping
Support RADIUS and TACACS+ authentication
Support I P S o urce Guard
Support DHCP Relay (Option 82)
Support DHCP Snooping
Support ACL and QCL for traffic filtering
Support 802.1d(STP), 802.1w(RSTP) and 802.1s(MSTP)
Support LACP and static link aggregation
Support Q-in-Q double tag VLAN
Support GVRP dynamic VLAN
Support AC (100~240VAC) and DC (-48VDC) dual power input for power
redundancy application
XGS3600 Series User's Guide
1
Overview of this user’s manual
Chapter 1 “Operation of Web-based Man agement”
Chapter 2 “System Configuration”
Chapter 3 “Configuration”
Chapter 4 “Security”
Chapter 5 “Maintenance”
XGS3600 Series User's Guide
2
N
:
FireFox V1.00 above and
browser interface
Chapter 1 Operation of Web-based Management
Initial
Configuration
This chapter instructs you how to configure and manage the XGS3600
Series
access and monitor through any one port o f the switch all the status of
the switch, including MIBs status, each port activity, Spanning tree status,
port aggregati on status, multi cast traffic, VLA N and priority status, even
illegal access record and so on.
T
throu gh the we b user i nterface. With this facility, you can easily
he default values of the XGS3600 Series are listed in the table below:
IP Address
Subnet Mask
Default Gateway
Username
Password
192.168.1.1
255.255.255.0
192.168.1.254
admin
1234
After the XGS3600 Series has bee n finished configur a tion the it interface,
you can browse it. For instance, type http://192.168.1.1 in the addre ss
row in a browser, it will show the following screen and ask you inputting
username and password in order to login and access authentication.
The default username is “admin” and password is 1234. For the first
time to use, please enter the default u sername and password, and then
click the <Login> button. The login process now is completed. In this
login menu, you have to input the complete username and password
respectively, the
username automatically. This looks inconvenient,
In the XGS3600 Series, it supports a simple user management function
allowing only one administrator to configure the system at the same time.
If there are two or more users using administrator’s identity, it will allow
the only one who logins first to configure the system. The rest of users,
even with administrator’s identity, can o nly monitor the system. For those
who have no adm inist rator ’s ide ntity, can o nly mo nitor t he sy stem. There
are only a maximum of three users able to login simultaneously in the
XGS3600 Series will not give you a shortcut to
but safer.
XGS3600 Series.
OTE
When you login XGS3600 Series switch Web UI management,
you can use both ipv4 ipv6 login to manage
To optimize the display effect, we recommend you use Microsoft
IE 6.0 above, Netscape V7.1 above or
have the resolution 1024x768. The switc h supported neutral web
XGS3600 Series User's Guide
3
NOTE:
switch, the Switch's default IP is 192.168.1.1
Figure 1 The login page
If you do not have DHCP server to provide IP addresses to the
XGS3600 Series User's Guide
3
Chapter 2 System Configuration
This chapter describes all of the basic configuration tasks which includes the System
Information and any management of the Switch (e.g. Time, Account, IP, Syslog and
SNMP.)
2-1 System Information
After you login, the switch shows you the s ystem information. This page is default and tells
you the basic information of the system, including “Model Name”, “System Description”,
“Contact”, “Device Name”, “System Up Time”, “BIOS Version”, “Firmware Version”,
“Hardware-Mechanical Version”, “Serial Number”, “Host IP Address”, “Host Mac Address”,
“Device Port”, “RAM Size” , “Flash Size” and. With this information, you will k now t he software
version used, MAC addres s, serial number, how many ports good and so on. This is helpful
while malfunctioning.
2-1.1 Information
The switch system information is provided here.
Web interface
To configure System Information in the web interface:
1. Click SYSTEM, System, and Information.
2. Specify the contact information for the system administrator as well as the name and
3. Click Refresh
Figure 2-1.1: System Information
location of the switch. Also indicate the local time zone by configuring the appropriate
offset.
XGS3600 Series User's Guide
4
XGS3600 Series User's Guide
5
Parameter description:
Model name:
The model name of this device.
System description:
As it is, this tells what this device is. Here, it is “24-port GbE L2 Switch with
10 GbE uplink”.
Location:
Basically, it is the location where this switch is put. User-defined.
Contact:
For easily managing and maintaining device, you may write down the contact
person and phone here for getting help soon. You can configure this pa rameter
through the device’s user interface or SNMP.
Device name:
The name of the switch. U ser-defined.
System Date:
Show the system time of the switch. Its format: day of week, month, day,
hours : minutes : seconds, yea r.
System up time:
The time accumulated since this switch is powered up. Its format is day, hour, minute,
second.
BIOS version:
The version of the BIOS in this switch.
Firmware version:
The firmware version in this switch.
Hardware-Mechanical version:
The version of Har dware and Mechanica l. The figure before th e hyphen is the vers ion of
electronic hardware; the one after the hyphen is the version of mechanical.
Serial number:
The serial number is assigned by the Manufacture.
Host IP address:
The IP address of the switch.
Host MAC address:
It is the Ethernet MAC address of the management agent in this switch.
Device Port:
Show all types and numbers of the port in the switch.
RAM size:
The size of the RAM in this switch.
Flash size:
The size of the flash memory in this switch.
Bridge FDB size :
To display the bridge FDB size information.
Transmit Queue :
To display the dev ice’s transmit hardware priority queue information.
XGS3600 Series User's Guide
6
Maximum Frame size :
To display the dev ice’s maximum frame size info rmation.
2-1.2 Configuration
You can identify the s ystem by conf iguring the c ontact inform ation, nam e, and location of the
switch.
Web interface
To configure System Information in the web interface:
1. Click System, System Information, Configuration.
2. Write System Contact , System Name, System Location information
in this page.
3. Click Apply
Figure 2-1.2: System Information configuration
Parameter description:
System Contact :
The textual identification of the contact person for this managed node, together
with information on how to contact this person. The allowed string length is 0
to 255, and the allowed content is the ASCII characters from 32 to 126.
System Name :
An administratively assigned name for this managed node. By convention, this
is the node's fully-qualified domain name. A domain name is a text string
drawn from the alphabet (A-Za-z), digits (0-9), minus sign (-). No space
characters are permitted as part of a name. The first character must be an
alpha character. And the first or last character must not be a minus sign. The
allowed string length is 0 to 255.
System Location :
The physical location of this node(e.g., telephone closet, 3rd floor). The allowed
string length is 0 to 255, and the allowed content is the ASCII characters from
32 to 126.
XGS3600 Series User's Guide
7
N
: The under “from” and “to” was displayed what yo u set
2-1.3 CPU Load
This page displays th e CPU load, using a n SVG graph. The load is measured as averag ed
over the last 100ms, 1s ec and 10 seconds intervals . The last 120 sam ples are graphed, and
the last numbers are displayed as text as well. In order to display the SVG graph, your
browser must suppor t the S VG format. Consult the SVG Wiki
support. Specifically, at the time of writing, Microsoft Internet Explorer will need to have a
plugin installed to support SVG.
Web interface
To configure System Information in the web interface:
1. Click System, System Information, CPU Load .
2. Display the CPU Load on the screen
3. Click Auto-refresh .
Figure 2-1.3: CPU L oad
for more informat ion on bro wser
Parameter description:
Auto-refresh
To evoke the auto-refresh icon then t h e d evice will refr esh t h e log automatically.
OTE
on the “From” and “To” field info r m atio n .
XGS3600 Series User's Guide
8
2-2 Time
This page configure the s witch Tim e . Tim e configure is including Time Configuration and NTP
Configuration
2-2.1 Manual
The switch provides manual and automatic ways to set the system time via NTP. Manual
setting is simple and you just input “Year”, “Month”, “Day”, “Hour”, “Minute” and “Second”
within the valid value range indicated in each item.
Web Interface
To configure Time in the web interface:
1. Click Time , Manual.
2. Specify the Time parameter in manual parameters.
3. Click Apply.
Figure 2-2.1: The ti me configuration
Parameter description:
Clock Source:
To click what clock source for the XGS3600 Series. You can select “Use l ocal
Settings” or “Use NTP Server” for XGS3600 Series time clock source.
Local Time:
Show the curren t time of the system.
Time Zone Offset:
Provide the ti mezone offset relati ve to UTC/GM T. The offs et is gi ven in m inut es
east of GMT. The valid range is from -720 to 720 minutes
Daylight Saving:
Daylight saving is adopted in some countries. If set, it will adjust the time lag
or in advance in unit of hours, according to the starting date and the ending
date. For example, if you set the day light saving to be 1 hour. When the time
passes over th e sta rti ng ti me, the s yst em ti me wi ll b e in creased on e ho ur aft er
one minute at the time since it passed over. And when the time passes over the
ending ti me, the system tim e will be decreased on e hour after one mi nute at
the time since it passed over.
XGS3600 Series User's Guide
9
The switch supports valid configurable day light saving time is –5 ~ +5 step
N
: The under “from” and “to” was displayed what yo u set
one hour. The zero for this parameter means it need not have to adjust current
time, equivalent to in-act daylight saving. You don’t have to set the
starting/ending date as well. If you set daylight saving to be non-zero, you
have to set the starting/ending date as well; otherwise, the daylight saving
function will not be activated.
Time Set Offset:
Provide the Daylight sa ving time set offset. The offset is given in minutes east
of GMT. The valid range is from 1 to 1440 minutes. default is 60 mins
Daylight Savings Type:
Provide the Daylight savings type selection. You can select “ By Dates” or
“Recurring” two type for Daylight saving type.
From:
To configure when Daylight saving start date and time, the for ma t is “YYYY-MMDD HH:MM”.
To:
To configure when Daylight saving end date and time, the format is “YYYY-MMDD HH:MM”.
OTE
on the “From” and “To” field info r m atio n .
XGS3600 Series User's Guide
10
2-2.2 NTP
NTP is Network Time Protocol and is used to sync the net work tim e based Greenwich Mea n
Time (GMT). If use the NTP mode and select a bu ilt-in NTP time server or manually spec ify
an user-defined NTP server as well as Time Zone, the switch will sync the time in a short after
pressing <Apply> button. Though it synchronizes the time automatically, NTP does not update
the time periodically without user’s processing.
Time Zone is an offset time off GMT. You have to select the time zone first and then perform
time sync via NTP because the s witch will combine this tim e zone offset and updated NTP
time to come out the loca l t i me, otherwise, you will not able to get the correct time. The switch
supports configurable time zone from –12 to +13 step 1 hour.
Default Time zone: +8 Hrs.
Web Interface
To configure Time in the web interface:
1. Click SYSTEM, NTP.
2. Specify the Time parameter in manual parameters.
3. Click Apply.
Figure 2-2.2: The NTP configuration
Parameter description:
Server 1 to 5 :
Provide the NTP IPv4 or IPv6 address of th is switch. IPv6 addr ess is in 128-bit
records represented as eight fields of up to four hexadecimal digits with a colon
separating each field (:). For example, 'fe80::215:c5ff:fe03:4dc7'. The symbol
'::' is a special syntax that can be used as a shorthand way of representing
multiple 16-bit groups of contiguous zeros; but it can only appear once.It can
also represent a legally valid IPv4 address. For example, '::192.1.2.34'.
Buttons
These buttons are displayed on the NTP page:
Apply – Click to apply changes.
Reset - Click to undo a ny changes mad e locally and revert to previ ously saved
values.
XGS3600 Series User's Guide
11
2-3 Account
In this function, only adm inistrator can create, modify or delet e the username and password.
Administrator can m odify other guest identities’ password without conf ir ming the password but
it is necessary to modify the administrator-equivalent identity. Guest-equivalent identity can
modify his password o nly. Please note that you m ust confirm administrator/guest identity in
the field of Authorization in advance before configuring the username and password. Only one
administrator is al lowed to exist and un able to b e deleted. I n additio n, up to 4 guest ac counts
can be created.
2-3.1 Users
This page provides an overview of the current users. Currently the only way to login as
another user on the web server is to close and reopen the browser
Web Interface
To configure Account in the web interface:
1. Click SYSTEM, Account, Users.
2. Click Add new user
3. Specify the User Name parameter.
4. Click Apply.
Figure2- 3.1: The Users Account config ur a tion
Parameter description:
User Name :
The name identifying the user. This is also a link to Add/Edit User.
Password
To type the password. The allowed string length is 0 to 255, and the allowed
content is the ASCII characters from 32 to 126.
Password (again)
To type the password again. You must type the same password again in the
field.
XGS3600 Series User's Guide
12
Privilege Level :
The privilege level of the user. The allowed range is 1 to 15. If the privilege
level value is 15, it can access all groups, i.e. that is granted the fully control of
the device. Bu t others valu e need to refer t o each group privileg e level. User's
privileg e should be sam e or great er than th e group pri vilege level to have the
access of that group. By defaul t setting, m ost groups p rivilege l evel 5 has th e
read-only access and privilege level 10 has the read-write access. And the
system maintenance (software upload, factory defaults and etc.) need user
privilege level 15. Generally, the privilege level 15 can be used for an
administrator account, privilege level 10 for a standard user account and
privilege level 5 for a guest account.
XGS3600 Series User's Guide
13
2-3.2 Privilege Level
This page provides an over view of the pr ivilege le vels. T he switch pr ovides user set Account,
Aggregation, Diagnostics, EEE, GARP, GVRP, I P, IPMC Snoop ing LACP LLDP LLDP MED
MAC Table MRP MVR MVRP Maintenance Mirroring Private VLANs QoS SMTP SNMP
Security Spanning Tree System Trap Event VCL VLANs Voice VLAN Privilege Levels from 1
to 15 .
Web Interface
To configure Privilege Level in the web int erface:
1. Click SYSTEM, Account, and Privilege Level.
2. Specify the Privilege parameter.
3. Click Apply.
Figure2- 3.2: The Privilege Level configuration
XGS3600 Series User's Guide
14
Parameter description:
Group Name
The name identifying the pri vi l ege grou p. In mo st c ases , a p ri vil eg e level grou p
consists of a single module (e.g. LACP, RSTP or QoS), but a few of them
contains m ore than one . The followi ng description defines th ese privilege l evel
groups in details:
System: System Information, Time, Syslog.
Security: IP Source Gu ard, AR P Insp ecti on , DH CP sn oop in g, DH CP Relay, NAS,
Authentica tion (AAA), Port S ecurity, System Access Mana gement, ACL, HTTPS,
SSH and Auth Method.
Account: Users, Privilege Level..
Diagnostics: Ping, Ping6 and VeriPHY.
Maintenance: System Reboot, System Restore Default, Configuration Save,
Export/Import Configuration and Firmware upgrade.
Privilege Levels
Every group has a n au thori zati on Pri vil ege l evel . User Priv ileg e shou ld b e sam e
or greater than the authorization Privilege level to have the access to that
group.
XGS3600 Series User's Guide
15
2-4 IP
IP is an acronym f or Internet Pr otocol. It is a protoco l used f or comm unicating da ta across an
internet network.
IP is a "best effort" s ystem, which means t hat no pac ket of inf ormation sent over i s as s ured t o
reach its destination in the same condition it was sent. Each device connected to a Local Area
Network (LAN) or W ide Area Network (WAN) is given an Internet Protoco l address, and this
IP address is used to ident ify the device uniquely among all other devices connected to t he
extended network.
The current version of the Internet protocol is IPv4, which has 32-bits Internet Protocol
addresses allowing for in excess of four billion unique addresses. This number is reduced
drastically by the pr actice of webmas ters taking addresses in large blocks, the bulk of which
remain unused. Ther e is a rather s u bs tantial movement to adop t a n e w vers ion of the Internet
Protocol, IPv6, which would have 128-bits Int ernet Protocol addresses . This number can be
represented roughly by a three with thirty-nine zeroes after it. However, IPv4 is still the
protocol of choice for most of the Internet.
2-4.1 IPV4
The IPv4 address f or th e sw itch co uld b e obtained via DHCP Server for VLAN 1. To manually
configure an address, you need to change the switch's default settings to values that are
compatible with your net work. You may also need to a establish a default gate way between
the switch and management stations that exist on another network segment.
Configure the switch-managed IP information on this page
The Configured column is used to view or change the IP configuration.
The Current column is used to show the active IP configuration.
Web Interface
To configure an IP address in the web interface:
1. Click System, IP Configuration.
2. Specify the IPv4 settings, and enable DNS proxy service if required.
3. Click Apply.
Figure2- 4.1: The IP configuration
XGS3600 Series User's Guide
16
Parameter description:
DHCP Client :
Enable the DHCP client by checking this box. If DHCP fails and the configured
IP address i s zero, DH CP wi ll ret ry. If DHCP fails and the configured IP address
is non-zero, DHCP will stop and the configured IP settings will be used. The
DHCP client will announce the configured System Name as hostname to provide
DNS lookup.
IP Address :
Provide the IP address of this switch in dotted decimal notation.
IP Mask :
Provide the IP mask of this switch dotted decimal notation.
IP Gateway :
Provide the IP address of the gateway in dotted decimal notation.
DNS Server :
Provide the IP address of the DNS Server in dotted decimal notation.
VLAN ID :
Provide the managed VLAN ID. The allowed range is 1 to 4095.
DNS Proxy :
When DNS proxy is enabled, DUT will relay DNS requests to the current
configured DNS server on DUT, and reply as a DNS resolver to the client device
on the network.
XGS3600 Series User's Guide
17
2-4.2 IPV6
This section describes how to configure the switch-managed IPv6 information. The
Configured colum n is used to v iew or cha nge the I Pv6 conf iguration. And the Current col umn
is used to show the active IPv6 configuration.
Configure the switch-managed IPv6 information on this page.
The Configured column is used to view or change the IPv6 configuration.
The Current column is used to show the active IPv6 configuration.
Web Interface
To configure Management IPv6 of the switch in the web interface:
1. Click System, IPv6 Configuration.
2. Specify the IPv6 settings, and enable Auto Configuration service
if required.
3. Click Apply.
Figure2- 4.2: The IPv6 configuration
Parameter description:
Auto Configuration :
Enable IPv6 auto-configuration by checking this box. If fails, the configured
IPv6 address is zero. The router may delay responding to a router solicitation
for a few second s, th e tot al ti me need ed to complete auto-configuration can be
signif icantly longer.
Address :
Provide the IPv6 address of this switch. IPv6 address is in 128-bit records
represented as eight fields of up to four hexadecimal digits with a colon
separating each field (:). For example, 'fe80::215:c5ff:fe03:4dc7'. The symbol
'::' is a special syntax that can be used as a shorthand way of representing
multiple 16-bit groups of contiguous zeros; but it can only appear once. It can
also represent a legally valid IPv4 address. For exampl e, '::192.1.2.34'.
Prefix :
Provide the IPv6 Prefix of this switch. The allowed range is 1 to 128.
Gateway
Provide the IPv6 gateway address of this switch. IPv6 address is in 128-bit
records rep r es en t ed as eight fi elds of up to fou r h exa decimal di gi t s with a colon
separating each field (:). For example, 'fe80::215:c5ff:fe03:4dc7'. The symbol
'::' is a special syntax that can be used as a shorthand way of representing
multiple 16-bit groups of contiguous zeros; but it can only appear once. It can
also represent a legally valid IPv4 address. . For example, '::192.1.2.34'.
XGS3600 Series User's Guide
18
2-5 Syslog
The Syslog is a standard for lo gging progr am m essages . It allows se paration o f the software
that generates mes sages f rom the s ystem that stores them and the soft ware that reports and
analyzes them. It can be used as well a generalized inform ational, analysis and debugging
messages. It is supported by a wide variety of devices and receivers across multiple platforms.
2-5.1 Configuration
This section describes how to configure the system log and provide a wide variety of devices
and receivers across multiple platforms.
Web Interface
To configure Syslog configuration in the web interface:
1. Click SYSTEM, Syslog.
2. Specify the syslog parameters includes IP Address of Syslog server
and Port number.
3. Evoke the Sylog to enable it.
4. Click Apply.
Figure2- 5.1: The Syste m Log configuration
Parameter description:
Server Mode :
Indicates the server m ode operati on. Wh en the mode op eration is enab led, th e
syslog message will send ou t to syslog server. The syslog protocol is based on
UDP communication and received on UDP port 514 and the syslog server will
not send acknowledgments back sender since UDP is a c onnectionl ess protocol
and it does not provide acknowledgments. The syslog packet will always send
out even if the syslog server does not exist. Possible modes are:
Enabled: Enable server mode operation.
Disabled: Disable server mode operation.
Server Address :
Indicates the IPv4 host address of syslog server. If the switch provide DNS
XGS3600 Series User's Guide
19
feature, it also can be a host name.
Syslog Level :
Indicates what kind of message will send to syslog server. Possible modes are:
<0> Emergency: System is unusable.
<1> Alert: Action must be taken immediately.
<2> Critical: Critical conditions.
<3> Error: Erro r conditions.
<4> W arning: Warning conditions.
<5> Notice: Normal but significant conditions.
<6> Information: Information messages.
<7> Debug: Debug-level messages.
Syslog Type :
Every trap event in th e system has i ts speci fic type for syslog. You can see the
mapping in the Tr a p Event Severity page.
Active :
Individually enable or disable the sending of syslog message to the syslog
server for a specific Syslog Type.
Facility :
Indicate the faci lity for sen din g syslog m essage for a sp ecifi c Syslog Type. Only
local_use_0 to local_use_7 can be assigned to one Syslog Type.
XGS3600 Series User's Guide
20
2-5.2 Log
This section describes that display the system log information of the switch
Web Interface
To display the log configuration in the web interface:
1. Click Syslog, Log.
2. Display the log information.
Figure2- 5.2: The System Log configuration
Parameter description:
Auto-refresh
To evoke the auto-refresh icon then t h e d evice will refr esh t h e log automatically.
Level
level of the system log entry. The following level types are supported:
Information level of the system log.
Warning: Warning level of the system log.
Error: Error level of the system log. All: All levels .
ID
ID (>= 1) of the system log entry.
Time
It will display the log record by device time. The time of the system log entry.
Message
XGS3600 Series User's Guide
21
It will display the log detail message. The mes sage of the system log entry.
Upper right icon (Refresh, clear,….)
You can click them for refresh the system log or clear them by manual, others
for next/up page or entry.
XGS3600 Series User's Guide
22
2-5.3 Detailed Log
This section describes that display the detailed log information of the switch
Web Interface
To display the detailed log configuration in the web inter f ac e:
1. Click Syslog, Detailed Log.
2. Display the log information.
Figure2- 5.3: The Detailed System Log Information
Parameter description:
ID
The ID (>= 1) of the system log entry.
Message
The detailed message of the system log entry.
Upper right icon (Refresh, clear,….)
You can click them for refresh the system log or clear them by manual, others
for next/up page or entry.
XGS3600 Series User's Guide
23
2-6 SNMP
Any Network Managem ent System (NMS) run ning the Simple Ne twork Management Protoco l
(SNMP) can manage the Managed devices equipped with SNMP agent, provided that the
Management Information Base (MIB) is installed correctly on the managed devices. The
SNMP is a protocol that is used to govern the transfer of information between SNMP manager
and agent and tra verses th e Obj ect Identi ty (OID) of the m anagem ent Inform ation Base (MIB),
described in the for m of SMI syntax. SNM P agent is running on the switc h to response the
request issued by SNMP manager.
Basically, it is passive except issuing the trap information. The switch supports a switch to turn
on or off the SNMP agent. If you set t he field SNMP “Enab le”, SNM P agent w ill be started up.
All supported MIB OIDs , including RMON MIB, can be acc essed via SNMP manager. If the
field SNMP is set “Disable ”, SNMP agent w ill be de-activated, the related Com munity Name,
Trap Host IP Address, Trap and all MIB counters will be ignored.
2-6.1 System
This section describes how to configure SNM P System on the switch. This function is used
to configure SNMP settings, community name, trap host and public traps as well as the
throttle of SNMP. A SNMP manager must pass the authentication by identifying both
community names, then it can access the MIB information of the target device. So, both
parties must have the same community name. Once completing the setting, click <Apply>
button, the setting takes effect.
Web Interface
To display the configure SNMP System in the web interface:
1. Click SNMP, System.
2. Evoke SNMP State to enable or disable the SNMP function .
3. Specify the Engine ID
4. Click Apply .
Figure2- 6.1: The SNMP System Configuration
Parameter description:
These parameters are displayed on the SNMP System Configuration page:
SNMP State :
The term SNMP here The term SNMP here is used for the activation or deactivation of SNMP.
Enable: Enable SNMP state operation.
Disable: Disable SNMP state operation.
Default: Enable.
Engine ID :
SNMPv3 en gine ID. syntax: 0-9,a-f,A-F, min 5 octet, max 32 octet, fifth octet
can't input 00. IF change the Engine ID that will clear all original user.
XGS3600 Series User's Guide
24
2-6.2 Configuration
The function is us ed to configure SNMP Community and its mode. B y enable or dis able the
function user can specify how to get or set the communities.
Web Interface
To display the setting SNMP Configuration in the web interface:
1. Click SNMP, Configuration.
2. Specify the SNMP Configuration’ parameters.
3. Enable Set Community
4. Click Apply.
Figure2-6.2: The SNMP v2C Configuration
Parameter description:
Get Community
Indicates the community read access string to permit access to SNMP agent.
The allowed string length is 0 to 255, and the allowed content is the ASCII
characters from 33 to 126.
The field is applicabl e only when SNMP version is SNMPv1 or SNM Pv2 c . If SNMP
version is SNMPv3, the community string will be associated with SNMPv3
communiti es table. It p rovides mor e flexibil ity to config ure securit y name than
a SNMPv1 or SNMPv2c community string. In addition to community string, a
particula r range of source addresses can be used to restrict source subnet.
Set Community
Indicates the community write access string to permit access to SNMP agent.
The allowed string length is 0 to 255, and the allowed content is the ASCII
characters from 33 to 126.
The field is ap plicable only when SNMP version is SNMPv1 or SNMPv2c. If SNMP
version is SNMPv3, the community string will be associated with SNMPv3
communiti es table. It p rovides mor e flexibil ity to config ure securit y name than
a SNMPv1 or SNMPv2c community string. In addition to community string, a
particular range of source addresses can be used to restrict source subnet.
Mode:
Indicates the Set Community mode operation. Possible modes are:
Enabled: Enable Set Community.
Disabled: Disable Set Community.
XGS3600 Series User's Guide
25
2-6.3 Communities
The function is used t o configure SNMPv3 c ommunities. The Community and UserNam e is
unique. To create a new community account, please check <Add new communit y> button,
and enter the account information then check <Apply>. Max Group Number : 4.
Web Interface
To display the configure SNMP Communities in the web interface:
1. Click SNMP, Communities.
2. Click Add new community .
3. Specify the SNMP communities parameters.
4. Click Apply.
5. If you want to modify or clear the setting then click Reset.
Figure2-6.3: The SNMP v1/v2 Communities Security Configuration
Parameter description:
Delete
Check to delete the entry. It will be deleted during the next apply.
Community
Indicates the c ommunity acce ss string to pe rmit access to S NMPv3 agent. Th e
allowed string length is 1 to 32, and the allowed content is ASCII characters
from 33 to 126. The community string will be treated as security name and
map a SNMPv1 or SNMPv2c community string.
User Name:
A string identifying the user name that this entry should belong to. The allowed
string length is 1 to 32, and the allowed content is ASCII characters from 33 to
126.
Source IP
Indicates the SNMP access source address. A particular range of source
addresses can be used to restrict source subnet when combined with source
mask.
Source Mask
Indicates the SNMP access source address mask
XGS3600 Series User's Guide
26
2-6.4 Users
The function is used to configure SNMPv3 user. The Entry index key is UserName. To create
a new UserName account, please check <Add new user> button, and enter the user
information then check <Apply>. Max Group Number : 10.
Web Interface
To display how to add new user to the configure SNMP Users in the web interf ac e:
1. Click SNMP, Users.
2. Click “Add new user”
3. Specify the Privilege parameter.
4. Click Apply.
Figure 2-6.4: The SNMP Users Configuration
Parameter description:
Delete
Check to delete the entry. It will be deleted during the next save.
User Name
A string identifying the user name that this entry should belong to. The allowed
string length is 1 to 32, and the allowed content is ASCII characters from 33 to
126.
Security Level
Indicates the security model that this entry should belong to. Possible security
models are:
NoAuth, NoPriv: No authentication and no privacy.
Auth, NoPriv: Authentication and no privacy.
Auth, Priv: Authentication and privacy.
The value of security level cannot be modified if entry already exists. That
means it must first be ensured that the value is set correctly.
Authentication Protocol
Indicates the authentication protocol that this entry should belong to. Possible
authentication protocols are:
None: No authentication protocol.
MD5: An optional flag to indicate that this user uses MD5 authentication
protocol.
SHA: An optional flag to indicate that this user uses SHA authentication
protocol.
The value of security level cannot be modified if entry already exists. That
XGS3600 Series User's Guide
27
means must first ensure that the value is set correctly.
Authentication Password
A string identifying the authentication password phrase. For MD5 authentication
protocol, the allowed string length is 8 to 32. For SHA authenticati on protocol,
the allowed string length is 8 to 40. The allowed content is ASCII characters
from 33 to 126.
Privacy Protocol
Indicates the privacy protocol that this entry should belong to. Possible privacy
protocols are:
None: No privacy protocol.
DES: An optional flag to indicate that this user uses DES authentication
protocol.
Privacy Password
A string identifying the privacy password phrase. The allowed string length is 8
to 32, and the allowed content is ASCII characters from 33 to 126.
XGS3600 Series User's Guide
28
2-6.5 Groups
The function is used to configure SNMPv3 grou p. The Entry index k e y are Sec ur it y M ode l a nd
Security Name. To create a new group account, plea se check <Add new gr oup> button, and
enter the group information then check <Apply>. Max Group Number : v1: 2, v2: 2, v3:10.
Web Interface
To display the configure SNMP Groups in the web inter face:
1. Click SNMP, Groups.
2. Specify the Privilege parameter.
3. Click Apply.
Figure 2-6.5: The SNMP Groups Configuration
Parameter description:
Delete
Check to delete the entry. It will be deleted during the next save.
Security Model
Indicates the security model that this entry should belong to. Possible security
models are:
v1: Reserved for SNMPv1.
v2c: Reserved for SNMPv2c.
usm: User-based Security Model (USM).
Security Name
A string identifying the security name that this entry should belong to. The
allowed string length is 1 to 32, and the allowed content is ASCII characters
from 33 to 126.
Group Name
A string identifying the group name that this entry should belong to. The
allowed string length is 1 to 32, and the allowed content is ASCII characters
from 33 to 126.
XGS3600 Series User's Guide
29
2-6.6 Views
The function is used to configure SNMPv3 view. The Entry index key are OID Subtree an d
View Name. To create a new view account, pleas e c heck <Add n ew v iew> butt on, and e nter
the view information then check <Apply>. Max Group Number : 28.
Configure SNMPv3 view table on this page. The entry index keys are View Name and OID
Subtree.
Web Interface
1. Click SNMP, Views.
2. Click Add new View.
3. Specify the SNMP View parameters.
4. Click Apply.
Figure 2-6.6: The SNMP Views Configuration
Parameter description:
Delete
Check to delete the entry. It will be delete d d uring the next save.
View Name
A string identifying the view name that this entry should belong to. The allowed
string length is 1 to 32, and the allowed content is ASCII characters from 33 to
126.
View Type
Indicates the view type that this entry should belong to. Possible view types
are:
included: An optional flag to indicate that this view subtree should be included.
excluded: An optional flag to indicate that this view subtree should be
excluded.
In general, if a view entry's view type is 'excluded', there should be another
view entry existing with view type as 'included' and it's OID subtree should
overstep the 'excluded' view entry.
OID Subtree
The OID defining the root of the subtree to add to the named view. The allowed
OID length is 1 to 128. The allowed string content is digital number or
asterisk(*).
Apply
To click the Apply icon to save the configuration to ROM.
XGS3600 Series User's Guide
30
2-6.7 Access
The function is used t o configure SNMPv3 ac cesses. The Entr y index key are G roup Name,
Security Model and Sec urity level. To create a new access account, please c heck <Add new
access> button, and ent er the access inf ormation then check <Apply>. Max G roup Number :
14
Web Interface
To display the configure SNMP Access in the web interface:
1. Click SNMP, Accesses.
2. Click Add new Access.
3. Specify the SNMP Access parameters.
4. Click Apply.
5. If you want to modify or clear the setting then click Reset.
.
Figure 2-6.7: The SNMP Accesses Configuration
Parameter description:
Delete
Check to delete the entry. It will be deleted during the next save.
Group Name
A string identifying the group name that this entry should belong to. The
allowed string length is 1 to 32, and the allowed content is ASCII characters
from 33 to 126.
Security Model
Indicates the security model that this entry should belong to. Possible security
models are:
any: Any security model accepted(v1|v2c|usm).
v1: Reserved for SNMPv1.
v2c: Reserved for SNMPv2c.
usm: User-based Security Model (USM).
Security Level
Indicates the security model that this entry should belong to. Possible security
models are:
NoAuth, NoPriv: No authentication and no privacy.
Auth, NoPriv: Authentication and no privacy.
Auth, Priv: Authentication and privacy.
Read View Name
The name of the MIB view defining the MIB objects for which this request may
request the current values. The allowed string length is 1 to 32, and the
allowed content is ASCII characters from 33 to 126.
XGS3600 Series User's Guide
31
Write View Name
The name of the MIB view defining the MIB objects for wh ich th is request may
potentially set new values. The allowed string length is 1 to 3 2, and the allowed
content is ASCII characters from 33 to 126.
XGS3600 Series User's Guide
32
2-6.8 Tarp
The function is used to configure SNMP trap. To create a new trap account, plea se check <No
number> button, and enter the trap information then check <Apply>. Max Group Number : 6.
Web Interface
To configure SNMP T ra p setti ng:
1. Click SNMP, Trap .
2. Display the SNMP Trap Hosts information table.
3. Choice a entry to display and modify the detail parameters or click
delete button to delete the trap hosts entry.
Figure 2-6.8: The SNMP Tra p H ost Configuration
Parameters description:
Delete:
Check <Delete> entry then check <Apply> button, the entry will be delete.
Trap Version:
Indicates the SNMP trap supported version. Possible versions are:
SNMP v2c: Set SNMP trap supported version 2c.
SNMP v3: Set SNMP trap supported version 3.
Server IP:
XGS3600 Series User's Guide
33
This is the IP of the trap host.
UDP Port:
This is the receiving-port number of the trap host. Range: 1 - 65535.
Community / Security Name:
Indicates the community access string when sending SNMP trap packet. The
allowed string length is 0 to 255, and the allowed content is ASCII characters
from 33 to 126.
Security Level:
The Severity Level: Emerg, Alert, Crit, Error, Warning, Notice, Info, Debug.
Security Level:
There are three kinds of choices.
NoAuth, NoPriv: No authentication and no p rivacy.
Auth, NoPriv: Authentication and no privacy.
Auth, Priv: Authentication and privacy.
Authentication Protocol:
Indicates the authentication protocol that this entry should belong to. Possible
authentication protocols are:
MD5: An optional flag to indicate that this user uses MD5 authentication
protocol.
SHA: An optional flag to indicate that this user uses SHA authentication
protocol.
Authentication Password:
A string identifying the authentication password phrase. For MD5 authentication
protocol, the allowed string length is 8 to 32. For SHA authentication protocol,
the allowed string length is 8 to 40. The allowed content is ASCII characters
from 33 to 126.
Privacy Protocol:
Indicates the privacy protocol that this entry should belong to. Possible privacy
protocols are:
DES: An optional flag to indicate that this user uses DES authentication
protocol.
Privacy Password:
A string identifying the privacy password phrase. The allowed string length is 8
to 32, and the allowed content is ASCII characters from 33 to 126.
XGS3600 Series User's Guide
34
Chapter 3. Configuration
This chapter describes all of the basic network configuration tasks which include the
Ports, Layer 2 network protocol (e.g. VLANs, QoS, IGMP and ACLs etc.) and any
setting of the Switch.
3-1 Port
The section describes to conf igure the Port detail param eters of the switch. O thers you could
using the Port configur e to enable or disable the Port of the switch. Monitor the por ts content
or status in the function.
3-1.1 Configuration
This chapter describes ho w to view the curr ent port configurat ion and how to conf igure ports to
non-default settings, including
Linkup/Linkdown
Speed (Current and configured)
Flow Control (Current Rx, Current Tx and Configured)
Maximum Frame Size
Excessive Collision Mode
Power Control.
Web Interface
To configure an Current Port Configuration in the web i nter f ac e:
1. Click Configuration, Port, then Configuration
2. Specify the Speed Configured, Flow Control , Maximum Frame sze ,
Excessive Collision mode and Power Control.
3. Click Apply.
XGS3600 Series User's Guide
35
Figure 3-1.1: The Port
Configuration
Parameter description:
Port :
This is the logical port number for this row.
Link :
The current link state is displayed graphically. Green indicates the link is up and
red that it is down.
Current Link Speed :
XGS3600 Series User's Guide
36
Provide the current link speed of the port.
Configured Link Speed :
Selects any available link speed for the given switch port. Only speeds
supported by the specific port is shown. Possible speeds are:
Disabled - Disables the switch port operation.
Auto - Cu port auto negotiating speed with the link partner and selects the
highest speed that is compatible with the link partner.
10Mbps HDX - Forces the cu port in 10Mbps half duplex mode.
10Mbps FDX - Forces the cu port in 10Mbps full duplex mode.
100Mbps HDX - Forces the cu port in 100Mbps half duplex mode.
100Mbps FDX - Forces the cu port in 100Mbps full duplex mode.
1Gbps FDX - Forces the cu port in 1Gbps full duplex mode.
Auto_AMS - Automatically determines the speed of the SFP. Note: There is no
standardized way to do SFP auto detect, so here it is done by reading the SFP
rom. Due to the missing standardized way of doing SFP auto detect some SFPs
might not be detectable. The port is set in AMS mode with SFP preferred. Cu
port is set in Auto mode.
100-FX - SFP port in 100-FX speed. Cu port disabled.
100-FX_AMS - Port in AMS mode with SFP preferred. SFP port in 100-FX
speed. Cu port in Auto mode.
1000-X - SFP port in 1000-X speed. Cu port disabled.
1000-X_AMS - Port in AMS mode with SFP preferred. SFP port in 1000-X
speed. Cu port in Auto mode.
Maximum Frame Size :
Enter the maximum frame size allowed for the switch port, including FCS.
Excessive Collision Mode :
Configure port transmit collision behavior.
Discard: Discard frame after 16 collisions (default).
Restart: Restart back of algorithm after 16 collisions.
Power Control :
The Usage col u mn shows t he cu rr ent per cen tag e of t he p owe r c onsu mp ti on per
port. The Configured column allows for changing the power savings mode
parameters per port.
Disabled: All power savings mechanisms disabled.
ActiPHY: Link down power savings enabled.
PerfectReach: Link up power savings enabled.
Enabled: Both link up and link down power savings enabled.
Buttons
Apply – Click to apply changes.
Reset- Click to undo any changes made locally and revert to previously saved
values.
Upper right icon (Refresh)
You can click them for re fresh the Port link Status by manual
XGS3600 Series User's Guide
37
3-1.2 Port Description
The section describes to configure the Port ’s alias or an y descriptions for the Port Identity. It
provides user to write down an alphanumeric string describing the full name and version
identification for the system’s hardware type, software version, and networking application
Web Interface
To configure an Port Description in the web interface:
1. Click Configuration, Port, then Port Description
2. Specify the detail Port alias or description an alphanumeric string
the full name and version identification for the system’s
hardware type, software version, and networking application.
3. Click Apply.
Figure 3-1.2: The Port Configuration
Parameter description:
Port :
This is the logical port number for this row.
Description :
Enter up to 47 characters to be descriptive name for identifies this port.
XGS3600 Series User's Guide
38
Buttons
Apply – Click to apply changes.
Reset- Click to un do any changes ma de locally a nd revert to pr eviously saved
values.
XGS3600 Series User's Guide
39
3-1.3 Port Telephone
This page displays current port telephone number.
Web Interface
To configure an Port Telephone in the web interface:
1. Click Configuration, Port, then Port telephone.
2. Specify the telephone number.
3. Click Apply.
Figure 3-1.3: The Port Telephone
XGS3600 Series User's Guide
40
Parameter description:
Port :
This is the logical port number for this row.
Description :
Enter up to 32 characters to be telephone number for identifies this port.
Buttons
Apply – Click to apply changes.
Reset- Click to undo any changes made locally and revert to previously saved
values.
XGS3600 Series User's Guide
41
3-1.4 Traffic Overview
The section describ es to the Port s tatistics inform ation and provides overview of gener al traffic
statistics for all switch ports. T he ports belong to the currently selecte d stack unit, as reflected
by the page header
Web Interface
To Display the Port Statistics Overview in the web interface:
1. Click Configuration, Port, then Traffic Overview
2. If you want to auto-refresh then you need to evoke the “Auto-refresh” .
3. Click “Refresh“ to refresh the port statistics or clear all information
when you click “ Clear”.
Figure 3-1.4: The Port Statistics Overview
Parameter description:
Port :
The logical port for the settings contained in the same row.
Packets :
The number of received and transmitted packets per port.
Bytes :
The number of received and transmitted bytes per port.
Errors
The number of frames received in error and the number of incomplete
transmissions per port.
Drops
The number of frames discarded due to ingress or egress congestion.
XGS3600 Series User's Guide
42
Filtered
The number of received frames filtered by the forwarding
Auto-refresh :
To evoke the auto-refresh icon then the device will refresh the information automatically.
Upper right icon (Refresh, Clear):
You can click them for refresh the Port Statistics information by m anual. Others c lick Clear
to clean up all Port Statistics.
XGS3600 Series User's Guide
43
3-1.5 Detailed Statistics
The section describ es ho w to provide detailed traffic statistics f or a specif ic s witch por t. Us e the
port select box to s elect which switch port details to display. The selected p ort belongs to the
currently selected stack unit, as reflected by the page header.
The displayed counter s are the totals f or rec eive and tr ansm it, the si ze count ers f or receive and
transmit, and the error counters for receive and transmit.
Web Interface
To Display per port’s detailed Statistics Overview in the web interface:
1. Click Configuration, Port, then Detailed Port Statistics
2. Scroll the Port Index to select which port you want to show the detailed
Port statistics overview” .
3. If you want to auto-refresh the information then you need to evoke the
“Auto-refresh”.
4. Click “Refresh“ to refresh the port detailed statistics or clear all
information when you click “ Clear”.
Figure 3-1.5: The Port Detail Statistics Overview
Parameter description:
Auto-refresh:
To evoke the auto-refresh to refresh the Port Statistics information
automatically.
Upper left scroll bar:
To scroll which port to display the Port statistics w ith “Port-0”, “Port-1...
XGS3600 Series User's Guide
44
Receive Total and Transmit Total
Rx and Tx Packets :
The number of received and transmitted (good and bad) packets.
Rx and Tx Octets :
The number of received and transmitted (good and bad) bytes. Includes FCS,
but excludes framing bits .
Rx and Tx Unicast
The number of received and transmitted (good and bad) unicast packets.
Rx and Tx Multicast :
The number of received and transmitted (good and bad) multicast packets .
Rx and Tx Broadcast :
The number of received and transmitted (good and bad) broadcast packets.
Rx and Tx Pa use :
A count of the MAC Control frames received or transmitted on this port that
have an opcode indicating a PAUSE operation.
Receive and Transmit Size Counters
The number of rec eived and trans mitted (goo d and bad) packets split into cat egories base d on
their respective frame sizes.
Receive and Transmit Queue Counters
The number of received and transmitted packets per input and output queue.
Receive Error Counters
Rx Drops :
The number of frames dropped due to lack of receive buffers or egress
congestion.
Rx CRC/Alignment :
The number of frames received with CRC or alignment errors.
Rx Undersize :
The number of short 1 frames received with valid CRC.
Rx Oversize :
The number of long 2 frames received with valid CRC.
Rx Fragments :
The number of short 1 frames received with invalid CRC.
Rx Jabber :
The number of long 2 frames received with invalid CRC.
Rx Filtered :
The number of received frames filtered by the forwarding process.
Short frames are frames that are smaller than 64 bytes.
Long frames are frames that are longer than the configured maximum frame
length for this port.
Transmit Error Counters
Tx Drops :
XGS3600 Series User's Guide
45
The number of frames dropped due to output buff er congestion.
Tx Late/Exc. Coll. :
The number of frames dropped due to excessive or late collisions.
Auto-refresh:
To evoke the auto-refresh to refresh the Queuing Counters auto m atically.
Upper right icon (Refresh, clear)
You can click them for refresh the Port Detail Statistics or clear them by manual.
XGS3600 Series User's Guide
46
3-1.6 Qos Statist ics
The section describes that switch could display the QoS detailed Queuing counters for a
specific switch port. for the different queues for all switch ports. The ports belong to the currently
selected stack unit, as reflected by the page header.
Web Interface
To Display the Queuing Counters in the web interface:
1. Click Configuration, Port, then QoS Statistics
2. If you want to auto-refresh the information then you need to evoke the
“Auto-refresh”.
3. Click “Refresh“ to refresh the Queuing Counters or clear all information
when you click “ Clear”.
Figure 3-1.6: The Queuing Counters Overview
Parameter description:
Port :
The logical port for the settings contained in the same row.
Qn :
There are 8 QoS queues per port. Q0 is the lowest priority queue.
Rx/Tx :
The number of received and transmitted packets per queue.
XGS3600 Series User's Guide
47
Auto-refresh:
To evoke the auto-refresh to refresh the Queuing Counters automatically.
Upper right icon (Refresh, clear)
You can click them for re fresh the Queuing Counters or clear them by manual.
XGS3600 Series User's Guide
48
3-1.7 SFP Information
The section describ es that s witch could d isplay the SF P module d etail inf ormation wh ich you
connect it to the switch. The information includes: Connector type, Fiber type, wavelength,
baud rate and Vendor OUI etc.
Web Interface
To Display the SFP information in the web interface:
1. Click Configuration, Port, then SFP Information
2. To display the SFP Information.
Figure 3-1.7: The SFP In formation Overview
Parameter description:
Connector Type:
Displays the external optical or elect rical cable connector provided as the media
interface.
Fiber Type:
Displays the fiber channel transmission media.
Tx Central Wavelength:
Display the fiber optical transmitting central wavelength, for instance, 850nm,
1310nm, 1550nm and so on.
Norminal Bit Rate:
Display the maximum baud rate of the fiber module supported, for instance,
10M, 100M, 1G and so on.
Vendor OUI:
Displays the vendor IEEE company ID.
XGS3600 Series User's Guide
49
Vendor Name:
Displays the vendor name.
Vendor P/N:
Displays the vendor part number or product name.
Vendor Rev (Revision):
Display the module revision.
Vendor SN (Serial Number):
Displays the vendor serial number for the transceiver.
Date Code:
Displays the vendor's manufacturing date code.
Temperature:
Displays the internally measured transceiver temperature. Temperature
accuracy is vendor specific but must be better than 3 degrees Celsius over
specified operating temperature and voltage.
Vcc:
Displays the internall y m easured transceiver supply vol t ag e. Accuracy is vendor
specific but must be better than 3 percent of the manufacturer's nominal value
over specified operating temperature and voltage. Note that in some
transceivers, transmitter supply voltage and receiver supply voltage are
isolated. In that case, only one supply is monitored. Refer to the device
spec ification for more detail.
Mon1(Bias) mA:
Displays the measured TX bias current in uA. Accuracy is vendor specific but
must be better than 10 percent of the manufacturer's nominal value over
specified operating temperature and voltage.
Mon2(TX PWR):
Displays the measured coupled TX output power in mW. Accuracy is vendor
specific but m ust be better than 3dB over specified operating temperature and
voltage. Data is assumed to be based on measurement of a laser monitor
photodiode current. Data is not valid when the transmitter is disabled.
Mon3(RX PWR):
Displays the measured received optical power in mW. Absolute accuracy is
dependent upon the exact optical wavelength. For the vendor specified
wavelength, accuracy should be better than 3dB over specified temperature
and voltage. This accuracy should be maintained for input power levels up to
the lesser of maxi m um transm i tted or maxi m um recei ved opti ca l power p er th e
appropriate standard. It should be maintained down to the minimum
transmitted power minus cable plant loss (insertion loss or passive loss) per the
appropriate standard. Absolute accuracy beyond this minimum required
received input optical power range is vendor specific.
XGS3600 Series User's Guide
50
3-2 ACL
The XGS3600 Series switch ac cess control list (ACL ) is probably the m ost commonly used
object in the IOS. It is used for packet filtering but also for selecting types of traffic to be
analyzed, forwarded, or inf l uenc ed in some way. The ACLs are divided into EtherTypes. IPv4,
ARP protocol, MAC and VLAN param eters etc. Here we will jus t go over the standard and
extended access lists for TCP/IP. As you create ACEs for ingress classification, you can
assign a policy for each port, the policy number is 1-8, however, each po licy can be appli ed to
any port. This mak es it very easy to determ ine what type of ACL policy you will be work ing
with.
3-2.1 Ports
The section des cribes how to configur e the ACL param eters (ACE) of the each s witch port.
These parameters will affect frames r eceived on a port un less the frame matc hes a specific
ACE
Web Interface
To configure the ACL Ports Configuration in the web interface:
1. Click Configuration, ACL, then Ports
2. To scroll the specific parameter value to select the correct value for port
ACL setting.
3. Click the Apply to save the setting
4. If you want to cancel the setting then you need to click the reset button. It
will revert to previously saved values.
5. After you configure complete then you could see the Counter of the port.
then you could click refresh to update the counter or Clear the information.
Figure 3-2.1: The ACL Ports Configuration
XGS3600 Series User's Guide
51
Parameter description:
Port :
The logical port for the settings contained in the same row.
Policy ID :
Select the policy to apply to this port. The allowed values are 1 through 8. The
default value is 1.
Action :
Select whether forwarding is permitted ("Permit") or denied ("Deny"). The
default value is "Permit".
Rate Limiter ID :
Select which rate limiter to apply on this port. The allowed values are Disabled
or the values 1 through 16. The default value is "Disabled".
Port Redirect :
Select whi ch port frames ar e redi rected on. The allow ed values a re Di sabled or
a specific port number. The default value is "Disab led".
Shutdown :
Specify the port shut down operation of this port. The allowed values are:
XGS3600 Series User's Guide
52
Enabled: If a frame is received on the port, the port will be disabled.
Disabled: Port shut down is disabled.
The de fault value is "Disabled".
State :
Specify the port state of this port. The allowed values are:
Enabled: To reopen ports by changing the volatile port configuration of the
ACL user module.
Disabled: To close ports by changing the volatile port configuration of the ACL
user module.
The default value is "Enabled".
Counter :
Counts the number of frames that match this ACE.
Buttons
Apply – Click to apply changes.
Reset- Click to undo a ny changes made loca lly and revert t o previousl y saved
values.
Upper right icon (Refresh, clear)
You can click them for refresh the ACL Port Configuration or clear them by
manual.
XGS3600 Series User's Guide
53
3-2.2 Rate Limiters
The section desc ribes how to c onfigure the s witch’s ACL R ate Limiter par ameters. T he Rate
Limiter Level from 1 to 12 that allow user to set rate limiter value and units with pps.
Web Interface
To configure ACL Rate Limiter in the web interfac e:
1. Click Configuration, ACL, then Rate Limiter
2. To specific the Rate field and the range from 0 to 131071.
3. To scroll the Unit with pps or kbps
4 . Click the Apply to save the setting
5. If you want to cancel the setting then you need to click the reset button.
It will revert to previously saved values.
Figure 3-2.2: The ACL Rate Limiter Configuration
Parameter description:
Rate Limiter ID :
The rate limiter ID for the settings contained in the same row.
Rate
The allowed values are: 0-131071 i n pps or 0, 100, 200, 300, ..., 1000000 in
kbps.
Buttons
Apply – Click to apply changes.
Reset- Click to u ndo any chan ges made loca lly and re vert to previ ously saved
values.
XGS3600 Series User's Guide
54
3-2.3 Access Control List
The section desc r ibes h o w to configure Acces s Co ntr ol List r ul e. An Access Contr ol List (ACL)
is a sequential list of permit or deny conditions that a p ply to IP addresses, MAC addres ses , or
other more specific criteria. This switch tests ingress packets against the conditions in an ACL
one by one. A p acket will be accepted as soon as it matches a perm it rule, or dropped as
soon as it matc hes a deny rule. If no rules match, the f rame is accepted. Ot her actions can
also be invoked when a m atching packet is found, including rate lim iting, copying matching
packets to another port or to the system log, or shutting down a port.
This page shows the Access Control List (ACL), which is made up of the ACEs def ined on
this switch. Each ro w describes the ACE that is d efined. The maximum num ber of ACEs is
256 on each sw itch. Click on the lowest plus si gn to add a ne w AC E to the list. T he reser ved
ACEs used for interna l protocol, cannot be ed ited or deleted, the order sequence cannot be
changed an the priority is highest
Web Interface
To configure Access Control List in the web interface:
1. Click Configuration, ACL, then Configuration
2. Click the
button to add a new ACL, or use the other ACL
modification buttons to specify the editing action (i.e., edit, delete, or
moving the relative position of entry in the list)
3. To specific the parameter of the ACE
4. Click the Apply to save the setting
5. If you want to cancel the setting then you need to click the reset button.
It will revert to previously saved values.
6. When editing an entry on the ACE Configuration page, note that the
Items displayed depend on various selec tio ns , such as Fr am e Type and IP Protocol Type.
Specify the relevant criteria to be matched for this rule,
and set the actions to take when a rule is matched (such as Rate Limiter,
Port Copy, Logging, and Shutdown).
Figure 3-2.3: The Access Control List Configuration
XGS3600 Series User's Guide
55
Parameter description:
Name :
Indicates the name of the ACE. Maximum length of the ACE Name String is 32.
All ASCII printable characters (except double quotation, less-than sign,
greater-than sign) can be used to form the ACE Name.
Ingress Port :
Select the ingress port for which this ACE applies.
All: The ACE applies to all port.
Port n: The ACE applies to this port number, where n is the number of the
switch port.
Policy Filter :
Specify the policy number filter for this ACE.
Any: No policy filter is specified. (policy filter status is "don't-care".)
Specific: If you want t o fil t er a sp eci fic p oli cy wi t h thi s ACE, ch oose th i s va lue.
Two field for enter ing an policy value and bitmask appears.
Policy Value :
When "Specifi c" is selected for the pol icy filter, you can enter a specifi c policy
value. The allowed range is 0 to 255.
Policy Bitmask :
When "Speci fic" is selected f or the policy filt er, you can ente r a specific policy
bitmask. The allowed range is 0x0 to 0xff
Frame Type :
Select the frame type for this ACE. These frame types are mutually exclusive.
Any: Any frame can match this ACE.
Ethernet Type: Only Ethernet Type frames can match this ACE. The IEEE
802.3 describes the value of Length/Type Field specifications to be greater than
or equal to 1536 decimal (equal to 0600 hexadecimal).
ARP: Only ARP frames can match this ACE. Notice the ARP frames won't match
the ACE with Ethernet type.
IPv4: Only IPv4 frames can match this ACE. Notice the IPv4 frames won't
match the ACE with Ethernet type.
Action :
Specify the action to take with a frame that hits this ACE.
Permit: The frame that hits this ACE is granted permission for the ACE
operation.
Deny: The frame that hits this ACE is dropped.
Rate Limiter :
Specify the rat e limit er in num ber of base un its. The a llowed range is 1 to 12 .
Disabled indicates that the rate limiter operation is disabled.
Port Redirect :
Frames that h it the ACE are red irected to th e port number sp ecified here. The
allowed range is the same as the switch port number range. Disabled indicates
that the port redirect operation is disabled.
Shutdown :
XGS3600 Series User's Guide
56
Specify the port shut down operation of the ACE. The allowed values are:
Enabled: If a frame matches the ACE, the ingress port will be disabled.
Disabled: Port shut down is disabled for the ACE.
Counter :
The counter indicates the number of times the ACE was hit by a f rame.
Modification Buttons
You can modify each ACE (Access Control Entry) in the table using the following
buttons:
: Inserts a new ACE before the current row.
: Edits the ACE row.
: Moves the ACE up the list.
: Moves the ACE down the list.
: Deletes the ACE.
: The lowest plus sign adds a new entry at the bottom of the ACE listings.
MAC Parameters
SMAC Filter
(Only displayed when the frame type is Ethernet Type or ARP.)
Specify the source MAC filter for this ACE.
Any: No SMAC filter is specified. (SMAC filter status is "don't-care".)
Specific: If you want to filter a specific source MAC address with this ACE,
choose this value. A field for entering an SMAC value appears.
SMAC Value
When "Specific" is selected for the SMAC filter, you can enter a specific source
MAC address. The legal format is "xx-xx-xx-xx-xx-xx" or "xx.xx.xx.xx.xx.xx" or
"xxxxxxxxxxxx" (x is a hexadecimal digit). A frame that hits this ACE matches
this SMAC value.
DMAC Filter
Specify the destination MAC filter for this ACE.
Any: No DMAC filter is specified. (DMAC filter status is "don't-care".)
MC: Frame must be multicast.
BC: Frame must be broadcast.
UC: Frame must be unicast.
Specific: If you want to filter a specific destination MAC address with this ACE,
choose this value. A field for entering a DMAC value appears.
DMAC Value
When "Specific" is selected for the DMAC filter, you can enter a specific
destination MAC address. The legal format is "xx-xx-xx-xx-xx-xx" or
"xx.xx.xx.xx.xx.xx" or "xxxxxxxxxxxx" (x is a hexadecimal digit). A frame that
hits this ACE matches this DMAC value.
VLAN Parameters
VLAN ID Filter
Specify the VLAN ID filter for this ACE.
Any: No VLAN ID filter is specified. (VLAN ID filter status is "don't-care".)
Specific: If you want to filter a specific VLAN ID with this ACE, choose this
XGS3600 Series User's Guide
57
value. A field for entering a VLAN ID number appears.
VLAN ID
When "Specific" is selected for the VLAN ID filter, you can enter a specific VLAN
ID number. The allowed range is 1 to 4094. A frame that hits this ACE matches
this VLAN ID value.
Tag Priority
Specify the tag priority for this ACE. A frame that hits this ACE matches this tag
priority. The allowed number range is 0 to 7. The value Any means that no tag
priority is specified (tag priority is " don't-care".)
MAC Parameters
The ARP parameters can be configured when Frame Type "ARP" is selected.
ARP/RARP
Specify the available ARP/RARP opcode (OP) flag for this ACE.
Any: No ARP/RARP OP flag is specified. (OP is "don't-care".)
ARP: Frame must have ARP/RARP opcode set to ARP.
RARP: Frame must have ARP/RARP opcode set to RARP.
Other: Frame has unknown ARP/RARP Opcode flag.
Request/Reply
Specify the available ARP/RARP opcode (OP) flag for this ACE.
Any: No ARP/RARP OP flag is specified. (OP is "don't-care".)
Request: Frame must have ARP Request or RARP Request OP flag set.
Reply: Frame must have ARP Reply or RA RP Reply OP flag.
Sender IP Filter
Specify the sender IP filter for this ACE.
Any: No sender IP filter is specified. (Sender IP filter is "don't-care".)
Host: Sender IP filter is set to Host. Specify the sender IP address in the SIP
Address field that appears.
Network: Sender IP filter is set to Network. Specify the sender IP address and
sender IP mask in the SIP Address and SIP Mask fields that appea r.
Sender IP Address
When "Host" or "Network" is selected for the sender IP filter, you can enter a
specific sender IP address in dotted decimal notation.
Sender IP Mask
When "Network" is selected for the sender IP filter, you can enter a specific
sender IP mask in dotted decimal notation.
Target IP Filter
Specify the target IP filter for this specific ACE.
Any: No target IP filter is specified. (Target IP filter is "don't-care".)
Host: Target IP filter is set to Host. Specify the target IP address in the Target
IP Address field that appears.
Network: Target IP filter is set to Network. Specify the target IP address and
target IP mask in the Target IP Address and Target IP Mask fields that appear.
Target IP Address
When "Host" or "Network" is selected for the target IP filter, you can enter a
XGS3600 Series User's Guide
58
specific target IP address in dotted decimal notation.
Target IP Mask
When "Network" is selected for the target IP filter, you can enter a specific
target IP mask in dotted decimal notation.
ARP SMAC Match
Specify whether frames can hit the action according to their sender hardware
address field (SHA) settings.
0: ARP frames where SHA is not equal to the SMAC address.
1: ARP frames where SHA is equal to the SMAC address.
Any: Any value is allowed ("don't-care").
RARP DMAC Match
Specify whether frames can hit the action according to their target hardware
address field (THA) settings.
0: RARP frames where THA is not equal to the DMAC address.
1: RARP frames where THA is equal to the DMAC address.
Any: Any value is allowed ("don't-care").
IP/Ethernet Length
Specify whether frames can hit the action according to their ARP/RARP
hardware address length (HLN) and protocol address length (PLN) settings.
0: ARP/RARP frames where the HLN is not equal to Ethernet (0x06) or the (PLN)
is not equal to IPv4 (0x04).
1: ARP/RARP frames where the HLN is equal to Ethernet (0x06) and the (PLN)
is equal to IPv4 (0x04).
Any: Any value is allowed ("don't-care").
IP
Specify whether frames can hit the action according to their ARP/RARP
hardware address space (HRD) settings.
0: ARP/RARP frames where the HLD is not equal to Ethernet (1).
1: ARP/RARP frames where the HLD is equal to Ether net (1).
Any: Any value is allowed ("don't-care").
Ethernet
Specify whether frames can hit the action according to their ARP/RARP protocol
address space (PRO) settings.
0: ARP/RARP frames where the PRO is not equal to IP (0x800).
1: ARP/RARP frames where the PRO is equal to IP (0x800).
Any: Any value is allowed ("don't-care").
IP Parameters
The IP parameters can be configured when Frame Type "IPv4" is selected.
IP Protocol Filter
Specify the IP protocol filter for this ACE.
Any: No IP protocol filter is specified ("don't-care").
Specific: If you want to filter a specific IP protocol filter with this ACE, choose
this value. A field for entering an IP protocol filter appears.
XGS3600 Series User's Guide
59
ICMP: Select ICMP to filter IPv4 ICMP protocol f rames. Ext ra fields for defin ing
ICMP parameters will appear. These fields are explained later in this help file.
UDP: Select UDP to filter IPv4 UDP protocol frames. Extra fields for defining
UDP parameters will appear. These fields are explained later in this help file.
TCP: Select TCP to filter IPv4 T CP protocol frames. Extra f ields f or defining TCP
parameters will appear. These fields are explained later in this help file.
IP Protocol Va lu e
When "Specific" is selected for the IP protocol value, you can enter a specific
value. The allowed range is 0 to 255. A fra me that hits this ACE matches this IP
protocol value.
IP TTL
Specify the Time-to-Live settings for this ACE.
zero: IPv4 frames with a Time-to-Live field greater than zero must not be able
to match this entry.
non-zero: IPv4 frames with a Time-to-Live field greater than zero must be
able to match this entry.
Any: Any value is allowed ("don't-care").
IP Fragment
Specify the fragment offset settings for this ACE. This involves the setti ngs for
the More Fragments (MF) bit and the Fragment Offset (FRAG OFFSET) field for
an IPv4 frame.
No: IPv4 frames where the MF bit is set or the FRAG OFFSET field is grea ter
than zero must not be able to match this entry.
Yes: IPv4 frames where the MF bit is set or the FRAG OFFSET field is greater
than zero must be able to match this entry.
Any: Any value is allowed ("don't-care").
IP Option
Specify the options flag setting for this ACE.
No: IPv4 frames where the options flag is set must not be able to match this
entry.
Yes: IPv4 frames where the options flag is set must be able to match this entry.
Any: Any value is allowed ("don't-care").
SIP Filter
Specify the source IP filter for this ACE.
Any: No source IP filter is specified. (Source IP filter is "don't-care".)
Host: Source IP filter is set to Host. Specify the source IP address in the SIP
Address field that appears.
Network: Source IP filter is set to Network. Specify the source IP address and
source IP mask in the SIP Address and SIP Mask fields that appear.
SIP Address
When "Host" or "Network" is selected for the source IP filter, you can enter a
specific SIP address in dotted decimal notation.
SIP Mask
When "Network" is selected for the source IP filter, you can enter a specific SIP
mask in dotted decimal notation.
DIP Filter
XGS3600 Series User's Guide
60
Specify the destination IP filter for this ACE.
Any: No destination IP filter is specified. (Destination IP filter is "don't-care".)
Host: Destination IP filter is set to Host. Specify the destination IP address in
the DIP Address field that appears.
Network: Destination IP filter is set to Network. Specify the destination IP
address and destination IP mask in the DIP Address a nd DIP Mask f ields that
appear.
DIP Address
When "Host" or "Network" is selected for the destination IP filter, you can enter
a specific DIP address in dotted decimal notation
DIP Mask
When "Network" is selected for the destination IP filter, you can enter a specific
DIP mask in dotted decimal notation.
ICMP Parameters
ICMP Type Filter
Specify the ICMP filter for this ACE.
Any: No ICMP filter is specified (ICMP filter status is "don't-care").
Specific: If you want to filter a specific ICMP filter with this ACE, you can enter
a specific ICMP value. A field for entering an ICMP value appears.
ICMP Type Value
When "Specific" is selected for the ICMP filter, you can enter a specific ICMP
value. The allowed range is 0 to 255. A fra me that hits this ACE matches this
ICM P value.
ICMP Code Filter
Specify the ICMP code filter for this ACE.
Any: No ICMP code filter is specified (ICMP code filter status is "don't-care").
Specific: If you want to filter a specific ICMP code filter with this ACE, y ou can
enter a specific ICMP code value. A field for entering an ICMP code value
appears.
ICMP Code Value
When "Specific" is selected for the ICMP code filter, you can enter a specific
ICMP code value. The allowed range is 0 to 255. A frame that hits this AC E
matches this ICMP code value.
TCP/UDP Parameters
TCP/UDP Source Filter
Specify the TCP/UDP source filter for this ACE.
Any: No TCP/UDP source filter is specified (TCP/UDP source filter status is
"don't-care").
Specific: If you want to filter a specific TCP/UDP source filter with this ACE,
you can enter a specific TCP/UDP source value. A field for entering a TCP/UDP
source value appears.
Range: If you want to filter a specific TCP/UDP source range filter with this
ACE, you can enter a specific TCP/UDP source range value. A field for entering
a TCP/UDP source value appears.
TCP/UDP Source No.
When "Specific" is selected for the TCP/UDP source filter, you can enter a
XGS3600 Series User's Guide
61
specific TCP/UDP source value. The allowed range is 0 to 65535. A frame that
hits this ACE matches this TCP/UDP source value.
TCP/UDP Source Range
When "Range" is selected for the TCP/UDP source filter, you can enter a specific
TCP/UDP source range value. The allowed range is 0 to 65535. A frame that
hits this ACE matches this TCP/UDP source value.
TCP/UDP Destination Filter
Specify the TCP/UDP destination filter for this ACE.
Any: No TCP/UDP destination filter is specified (TCP/UDP destination filter
status is "don't-care").
Specific: If you want to filter a specific TCP/UDP destination filter with this ACE,
you can enter a specific TCP/UDP destination value. A field for entering a
TCP/UDP destination value appears.
Range: If you want to filter a specific range TCP/UDP destination filter with this
ACE, you can enter a specific TCP/UDP destination range value. A field for
entering a TCP/UDP destination value appears.
TCP/UDP Destination Number
When "Specific" is selected for the TCP/UDP destination filter, you can enter a
specific TCP/UDP destination value. The allowed range is 0 to 65535. A frame
that hits this ACE matches this TCP/UDP destination value.
TCP/UDP Destination Range
When "Range" is selected for the TCP/UDP destination filter, you can enter a
specific TCP/UDP destination range value. The allowed range is 0 to 65535. A
frame that hits this ACE matches this TCP/UDP destination v alue.
TCP FIN
Specify the TCP "No more data from sender" (FIN) value for this ACE.
0: TCP frames where the FIN field is set must not be able to match this entry.
1: TCP frames where the FIN field is set must be able to match this entry.
Any: Any value is allowed ("don't-care"). TCP SYN
TCP SYN
Specify the T CP "Synchronize sequence numbers" (SYN ) value for this ACE.
0: TCP frames where the S YN field is set must not be able to match this entry.
1: TCP frames where the S YN field is set must be able to match this entry.
Any: Any value is allowed ("don't-care").
TCP RST
Specify the TCP "Reset the connection" (RST) value for this ACE.
0: TCP frames where the RS T field is set must not be able to match this entry.
1: TCP frames where the RST field is set must be able to match this entry.
Any: Any value is allowed ("don't-care").
TCP PSH
Specify the T CP "Push Function" (PSH) value for this ACE.
0: TCP frames where the PSH field is set must not be able to match this entry.
1: TCP frames where the PSH field is set must be able to match this entry.
Any: Any value is allowed ("don't-care").
XGS3600 Series User's Guide
62
TCP ACK
Specify the TCP "Acknowledgment field significant" (ACK) value for this ACE.
0: TCP frames where the A C K field is set must not be able to match this entry.
1: TCP frames where the A C K field is set must be able to match this entry.
Any: Any value is allowed ("don't-care").
TCP URG
Specify the TCP "Urgent Pointer field significant" (URG) value for this ACE.
0: TCP frames where the URG field is set must not be able to match this entry.
1: TCP frames where the U RG f ield is se t must be able to match this entry.
Any: Any value is allowed ("don't-care").
TCP/UDP Parameters
The Ethernet Type parameters can be configured when Frame Type "Ethernet Type" is
selected.
EtherType Filter
Specify the Ethernet type filter for this ACE.
Any: No EtherType filter is specified (Ether Type filter status is "don't-care").
Specific: If you want to filter a specific EtherType filter with this ACE, you can
enter a specific EtherType value. A field for entering a EtherType value appears.
Ethernet Type Value
When "Specific" is selected for the EtherType filter, you can enter a specific
EtherType value. The allowed range is 0x600 to 0xFFFF but excluding
0x800(IPv4), 0x806(ARP) and 0x86DD(IPv6). A frame that hits this ACE
matches this EtherType value.
Buttons
Apply – Click to apply changes.
Reset- Click to u ndo any chan ges made loca lly and re vert to previ ously saved
values.
Auto-refresh:
To evoke the auto-refresh to refresh the information automatically.
Upper right icon (Refresh, clear, Remove All)
You can click them for refresh the ACL configuration or clear them by manual.
Others remove all to clean up all ACL configurations on the ta b le.
XGS3600 Series User's Guide
63
3-2.4 ACL Status
The section describes how to shows the ACL status by different ACL users. Each row
describes the ACE that is defined. It is a conflict if a specific ACE is not applied to the
hardware due to hardware limitations. The maximum number of ACEs is 256 on each switch.
Web Interface
To display the ACL status in the web interface:
1. Click Configuration, ACL, then ACL status
2. If you want to auto-refresh the information then you need to evoke the
“Auto-refresh”.
3. Click “ Refresh“ to refresh the ACL Status
Figure 3-2.4: The ACL Status
Parameter description:
User :
Indicates the ACL user.
Name :
The name of the ACE.
Ingress Port :
Indicates the ingress port of the ACE. Possible values are:
All: The ACE will match all ingress port.
Port: The ACE will match a specific ingress port.
Frame Type :
Indicates the frame type of the ACE. Possible values are:
Any: The ACE will match any frame type.
EType: The ACE will match Ethernet Type frames. Note that an Ethernet Type
based ACE will not get matched by IP and ARP frames .
ARP: The ACE will match ARP/RARP frames.
IPv4: The ACE will match all IPv4 frames.
IPv4/ICMP: The ACE will match IPv4 frames with ICMP protocol.
IPv4/UDP: The ACE will match IPv4 frames with UDP protocol.
IPv4/TCP: The ACE will match IPv4 f rames with TCP protocol.
IPv4/Other: The ACE will match IPv4 frames, which are not ICMP/UDP/TCP.
IPv6: The ACE will match all IPv6 standard frames.
Action :
Indicates the forwarding action of the ACE.
XGS3600 Series User's Guide
64
Permit: Frames matching the ACE may be forwa rded and learned.
Deny: Frames matching the ACE are dropped.
Rate Limiter :
Indicates the rate limiter number of the ACE. The allowed range is 1 to 16.
When Disabled is displayed, the ra te limiter operation is disabled.
Port Redirect:
Indicates the port redirect operation of the ACE. Frames matching the ACE are
redirected to the port number. The allowed values are Disabled or a specific
port number. When Disabled is displayed, the port redirect operation is disabled.
CPU :
Forward packet that matched the specific ACE to CPU.
CPU Once :
Forward first pac ket that matched the specific ACE to CPU.
Counter :
The counter indicates the number of times the ACE was hit by a frame.
Conflict :
Indicates the hardware status of the specific ACE. The specific ACE is not
applied to the hardware due to hardware limitations.
Auto-refresh:
To evoke the auto-refresh to refresh the information automatically.
Upper right icon (Refresh)
You can click them for re fresh the ACL status information by manual.
XGS3600 Series User's Guide
65
3-3 Aggregation
The Aggregation is used to conf igure the settings of Link Aggregat ion. You can bund le more
than one port with t he sam e speed, f ull duplex and th e sam e MAC to be a single lo gical por t,
thus the logical port ag greg ates the band width of thes e ports . This m eans you can appl y your
current Ethernet equi pment’s to build the bandwidth aggregation. For example, if there are
three Fast Ethernet ports aggregated in a logical port, then this logical port has bandwidth
three times as high as a single Fast Ethernet port has.
3-3.1 Static Trunk
The Aggregation Conf iguration is used to c onfigur e the settings of Link Aggregati on. You ca n
bundle more than one por t w ith t he same speed, full duplex an d th e s ame MAC to be a single
logical port, thus th e logical port aggregates th e bandwidth of these ports. This means you
can apply your current Ethernet equipment’s to build the bandwidth aggregation.
3-3.1.1 Static Trunk
Ports using Static Tr unk as their trunk method can c ho os e the ir uni que Sta tic G ro upID to form
a logic “trunked por t”. The benef it of usin g Static T runk method is that a port can imm ediately
become a mem ber of a trunk group witho ut an y handshak ing with it s peer port. This is also a
disadvantage because the peer ports of your static trunk group may not know that they should
be aggregate togeth er to form a “logic trunk ed port”. Using Static T runk on both end of a link
is strongly recomm ended. Please also note that lo w speed links will stay in “not r eady” state
when using static trunk to aggregate with high speed links.
Web Interface
To configure the Trunk Aggregation Hash mode and Aggregation Group in the web interface:
1. Click Configuration, Static Trunk, and then Aggregation Mode Configuration.
2. Evoke to enable or disable the aggregation mode function.
Evoke Aggregation Group ID and Port members
3. Click the Apply to save the setting
4. If you want to cancel the setting then you need to click the reset button. It
will revert to previously saved values.
Figure 3-3.1.1: The Agg r e ga t ion Mode Configuration
XGS3600 Series User's Guide
66
Parameter description:
Hash Code Contributors
Source MAC Address :
The Source MAC address can be used to calculate the destination port for the
frame. Check to enable the use of the Source MAC address, or uncheck to
disable. By default, Source MAC Address is enabled.
Destination MAC Address :
The Destination MAC Address can be used to calculate the destination port for
the frame. Check to enable the u se of th e Destination MAC Address, or u ncheck
to disable. By default, Destination MAC Address is disabled.
IP Address :
The IP address can be used to calculate the destination port for the frame.
Check to enable the use of the IP Address, or uncheck to disable. By default, IP
Address is enabled.
TCP/UDP Port Numbe r :
The TCP/UDP port number can be used to calculate the destination port for the
frame. Check to enable the use of the TCP/UDP Port Number, or uncheck to
disable. By default, TCP/UDP Port Number is enabled.
Aggregation Group Configuration
Group ID :
Indicates the group ID for the settings contained in the same row. Group ID
"Normal" indicates there is no aggregation. Only one group ID is valid per port.
Port Members :
Each switch port is listed for each group ID. Select a radio button to include a
port in an aggregation, or clear the radio button to remove the port from the
aggregation. By default, no ports belong to any aggregation group. Only full
duplex ports can join an aggregation and ports must be in the same speed in
each group.
Buttons
Apply – Click to apply changes.
Reset- Click to undo any changes made locally and revert to previousl y saved
values.
XGS3600 Series User's Guide
67
3-3.2 Aggregation View
This page provides a status overview for Aggregation View status for all ports.
Web Interface
To configure the Trunk Aggregation Hash mode and Aggregation Group in the web interface:
1. Click Configuration, Static Trunk, and Aggregation View.
2. If you want to auto-refresh the information then you need to evoke the “Auto-refresh”.
3. Click “ Refresh“ to refresh the Aggregation view.
Figure 3-3.2: The Aggregation View
Parameter description:
Hash Code Contributors
Group ID :
Indicates the group ID for the settings contained in the same row. Only one
group ID is valid per port.
Name :
Link aggregation Group Name for its related Group ID.
Type :
This Group is Static aggregation or None (---).
Configured Ports :
Ports configured in this static tr unk group.
Aggregated Ports :
The active ports in this static trunk group.
Inactive Ports :
The inactive ports in this static trunk group. Ports that is not aggregated may
be due to link-down, management disabled, speed/duplex mismatched.
XGS3600 Series User's Guide
68
3-3.3 Port View
This page provides a statu s overview in a per-port b ased view. The re-ena ble checkbox can
be used to re-enable speed/duplex mismatched ports that are disabled by static aggregation.
Web Interface
To configure the Trunk Aggregation Hash mode and Aggregation Group in the web interface:
1. Click Configuration, Static Trunk, and Aggregation View.
2. If you want to auto-refresh the information then you need to evoke the “Auto-refresh”.
3. Click “ Refresh“ to refresh the Aggregation view.
Figure 3-3.3: The Port View
Parameter description:
Hash Code Contributors
Port :
The port number
Group ID :
The Static trunk group ID. O nly o ne gro up ID is valid per port.
Name :
Link aggregation Group Name for its related Group ID.
Inactive Reason :
Indicates why a static group port member is not activated. Possible values may
include : Linkdown, ACL, Loop(Loop Protection), ErrDis(Error Disable),
StaticTrunk(Aggregation Disable). Ports not configured in any static group or
active member ports will be blank on this field.
Re-Enable :
XGS3600 Series User's Guide
69
The re-enable checkbox can be used to re-enable speed/duplex mismatched
ports that are disabled by static aggregation. Static aggregation will
automatically disable half-duplex ports. If speed mismatch exists in a static
group, only ports with the highest speed remain enabled. Once a port is
disabled by static aggregation, Re-Enable is the only way to activ ate it.
XGS3600 Series User's Guide
70
3-3.4 LACP
Ports using Link Aggregation Control Protocol (according to IEEE 802.3ad specification) as their
trunking method can choose their unique LACP GroupID to form a logic “trunked port”. The
benefit of using LAC P is that a por t mak es an agreem ent with its p eer port b efore it bec omes a
ready member of a “t runk group” (also called aggregat or). LAC P is safer than the other trunk ing
method - static trunk.
3-3.4.1 Configuration
This page allows the user to inspect the current LACP port configurations, and possibly
change them as well An LACP trunk group with m ore than one re ady m ember-por ts is a “real
trunked” group. An LACP trunk group with onl y one or less than one rea dy member-ports is
not a “real trunked” group.
Web Interface
To configure the Trunk Aggregation LACP parameters in the web interface:
1. Click Configuration, LACP, Configuration
2. Evoke to enable or disable the LACP on the port of the switch.
Scroll the Key parameter with Auto or Specific Default is Auto.
3. Scroll the Role with Active or Passive. Default is Active
4. Click the Apply to save the setting
5. If you want to cancel the setting then you need to click the reset button.
It will revert to previously saved values
XGS3600 Series User's Guide
71
Figure 3-3.4.1: The LACP Port Configuration
Parameter description:
Port :
The switch port number.
LACP Enabled :
Controls whether LACP is enabled on this switch port. LACP will form an
aggregation when 2 or more ports are connected to the same partner. LACP
can form max 12 LLAGs per switch and 2 GLAGs per stack.
Key :
The Key value in curred by the p ort, range 1-65535 . The Auto setting will set
the key as appropriate by the physical link speed, 10Mb = 1, 100Mb = 2, 1Gb
= 3. Using the Specific setting, a user-defined value can be ent ered . Ports wi th
XGS3600 Series User's Guide
72
the same Key value can participate in the same aggregation group, while ports
with different keys cannot.
Role :
The Role shows the LACP activity status. The Active will transmit LACP packets
each second, whil e Passive wi ll wai t for a LA CP pa cket from a part ner (s peak i f
spoken to).
Buttons
Apply – Click to apply changes.
Reset- Click to u ndo any chan ges made loca lly and re vert to previ ously saved
values.
XGS3600 Series User's Guide
73
3-3.4.2 System Status
This section describes that when you complete to set LACP function on the switch then it
provides a status overview for all LACP instances
Web Interface
To display the LACP System status in the web interface:
1. Click Configuration, LACP, System Status
2. If you want to auto-refresh the information then you need to evoke the
“Auto-refresh”.
3. Click “ Refresh“ to refresh the LACP System Status.
Figure 3-3.4.2: The LACP System Status
Parameter description:
Aggr ID :
The Aggregation ID associated with this aggregation instance. For LLAG the id
is shown as 'isid:aggr-id' and for GLAGs as 'aggr-id'
Partner System ID :
The system ID (MAC address) of the aggregation partner.
Partner Key :
The Key that the partner has assigned to this aggregation ID.
Last changed :
The time since this aggregation changed.
Local Ports :
Shows which ports are a part of this aggregation for this switch/stack. The
format is: "Switch ID:Port".
Auto-refresh:
To evoke the auto-refresh to refresh the information automatically.
Upper right icon (Refresh)
You can click them for refresh the LACP System status information by manual.
XGS3600 Series User's Guide
74
3-3.4.3 Port Status
This section describes that when you complete to set LACP function on the switch then it
provides a Port Status overview for all LACP instances
Web Interface
To display the LACP Port status in the web interface:
1. Click Configuration, LACP, Port Status
2. If you want to auto-refresh the information then you need to evoke the
“Auto-refresh”.
3. Click “ Refresh“ to refresh the LACP Port Status.
Figure 3-3.4.3: The LACP Status
Parameter description:
Port :
The switch port number.
LACP :
'Yes' means that LACP is ena bled and the port li nk is up. 'No' means that LACP
is not enabled or that the port link is down. 'Backup' means that the port could
XGS3600 Series User's Guide
75
not join the aggregation group but will join if other port leaves. Meanwhile it's
LACP status is disabled.
Key :
The key assigned to this port. Only ports with the same key can aggregate
together.
Aggr ID :
The Aggregation ID assigned to this aggregation group. IDs 1 and 2 are GLAGs
while IDs 3-14 are LLAGs.
Partner System ID :
The partner's System ID (MAC address).
Partner Port :
The partner's port number connected to this port.
Auto-refresh:
To evoke the auto-refresh to refresh the information automatically.
Upper right icon (Refresh) :
You can click them for re fresh the LACP port status information by manual.
XGS3600 Series User's Guide
76
3-3.4.4 Port Statistics
This section describes that when you complete to set LACP function on the switch then it
provides a Port Statistics overview for all LACP instances
Web Interface
To display the LACP Port status in the web interface:
1. Click Configuration, LACP, Port Statistics
2. If you want to auto-refresh the information then you need to evoke the
“Auto refresh”.
3. Click “Refresh“ to refresh the LACP Statistics.
Figure 3-3.4.4: The LACP Statistics
Parameter description:
Port :
The switch port number.
LACP Received :
Shows how many LACP frames have been received at each port.
LACP Transmitted :
Shows how many LACP frames have been sent from each port.
XGS3600 Series User's Guide
77
Discarded :
Shows how many unknown or illegal LAC P frames have been disca rded at ea ch
port.
Auto-refresh:
To evoke the auto-refresh to refresh the information automatically.
Upper right icon (Refresh, Clear)
You can click them f or refresh the LACP port stati stics informati on or clear by
manual.
XGS3600 Series User's Guide
78
3-4 Spanning Tree
The Spanning Tree Protocol (STP) can be used to detect and disable network loops, and to
provide backup links between switches, bridges or routers. This allows the switch to interact
with other bridging devices (that is, an ST P-compliant switch, bridge or router) in your network
to ensure that only one route exists between any two stations on the network, and provide
backup links which automatically take over when a primary link goes down.
STP - STP uses a distribu ted algorithm to select a b ridging device (STP- co mpliant switch,
bridge or router) that ser ves as the root of the s panning tree ne twork . It selects a root port o n
each bridging device (except for the root device) which incurs the lowest path cost when
forwarding a packet from that device to the root de vice. Then it selects a des ignated bridging
device from each LAN which incurs t he lowest path c ost when forwardi ng a packet from that
LAN to the root device. A ll ports connected to designated bridging de vices are assigned as
designated ports. After determining the lowes t c ost spanning tree, it ena bl es a ll r oot por ts a nd
designated ports, and disables all other ports. Network packets are ther efore only forwarde d
between root ports and designated ports, eliminating any possible network loops.
Once a stable network topology has been established, all bridges listen for Hello BPDUs
(Bridge Protocol Data U nits ) tr ans mitted from the Root Br idge. If a br idge does not get a Hello
BPDU after a predefined interval (Maximum Age), the bridge assumes that the link to the Root
Bridge is down. This bridge wil l then init iate negot iations with other bridges t o reconf igure the
network to reestablish a valid network topology.
3-4.1 Bridge Settings
The section describes that how to configure the Spanning Tree Bridge and STP System
settings. It allows you to co nfigure STP System settings are used by all STP Bridge insta nce
in the Switch Stack.
Web Interface
To configure the Spanning Tree Bridge Settings parameters in the web interface:
1. Click Configuration, Spanning Tree, Bridge Settings
2. Scroll to select the parameters and write down available value of
parameters in blank field in Basic Settings
3. Evoke to enable or disable the parameters and write down available
value of parameters in blank field in Advanced settings
4. Click the Apply to save the setting
5. If you want to cancel the setting then you need to click the Reset button.
It will revert to previously saved values
XGS3600 Series User's Guide
79
Figure 3-4.1: The STP Bridge Configuratio n
Parameter description:
Basic Settings
Protocol Version :
The STP protocol version setting. Valid values are STP, RSTP and MSTP.
Bridge Priority :
Controls the bridge priority. Lower numeric values have better priority. The
bridge priority plus the MSTI instance number, concatenated with the 6-byte
MAC addres s of t he swi tch fo rms a B rid ge Id ent i fi er. For MSTP operation, thi s i s
the priority of the CIST. Otherwise, this is the priority of the STP/RSTP bridge.
Forward Delay :
The delay used by STP Bridges to transit Root and Designated Ports to
Forwarding (used in STP compatible mode). Valid values are in the range 4 to
30 seconds.
Max Age :
The maximu m age of the i nformation t ransmitted by the Bridge when it is the
Root Bridge. Valid values are in the range 6 to 40 seconds, and MaxAge must
be <= (FwdDelay-1)*2.
Maximum Hop Count :
This defines the initial value of remaining Hops for MSTI information generated
at the boun dary of an MSTI regi on. It defi nes how many bridges a root bridge
can distribute its BPDU information to. Valid values are in the range 6 to 40
hops.
Transmit Hold Count :
The number of BPDU's a bridge port can send per second. When exceeded,
transmission of the next BPDU will be delayed. Valid values are in t he range 1
to 10 BPDU's per second.
XGS3600 Series User's Guide
80
Advanced Settings
Edge Port BPDU Filtering :
Control whether a port explicitly configured as Edge will transmit and receive
BPDUs.
Edge Port BPDU Guard :
Control whether a port explicitly configured as Edge will disable itself upon
reception of a BPDU. The port will enter the error-disabled state, and will be
removed from the active topology .
Port Error Recovery :
Control wh ether a po rt i n the error-disabled state automatically will be enabled
after a certai n time. If re covery is not enab led, ports have t o be disabl ed and
re-enabled for normal STP op eration. Th e condi tion i s also clea red by a sy stem
reboot.
Port Error Recovery Timeout :
The time to pa ss befo re a p ort in the erro r-disabled state can be enabl ed. Valid
values are between 30 and 86400 seconds (24 hours).
Buttons
Apply – Click to apply changes.
Reset- Click to u ndo any chan ges made loca lly and re vert to previ ously saved
values.
XGS3600 Series User's Guide
81
3-4.2 MSTI Mapping
When you implement an Spanning Tree protocol on the switch that the bridge instance. The
CIST is not available for explicit m apping, as it will receive the VLANs n ot explicitly m apped.
Due to the reason that you need t o set the list of VLANs mapped to the MST I. The VLANs
must be separated with co mma and/or space. A VLAN can only be mapped to one MSTI. An
unused MSTI should just be left empty. (I.e. not having any VLANs mapped to it.)
This section describes it allows the user to inspect the current STP MSTI bridge instance
priority configurations, and possibly change them as well.
Web Interface
To configure the Spanning Tree MSTI Mapping parameters in the web interface:
1. Click Configuration, Spanning Tree, MSTI Mapping
2. Specify the configuration identification parameters in the field
Specify the VLANs Mapped blank field.
3. Click the Apply to save the setting
4. If you want to cancel the setting then you need to click the Reset button. It
will revert to previously saved values
Figure 3-4.2: The MSTI Confi gu rati o n
Parameter description:
Configuration Identification
Configuration Name :
The name identifying the VLAN to MSTI mapping. Bridges must share the name
and revision (see below), as well as the VLAN-to-MSTI mapping configuration
in order to shar e spa nn i ng t rees fo r MS TI' s ( Intra-region). The name is at most
32 characters.
Configuration Revision :
The revision of the MSTI configuration name d above. This must b e an integer
between 0 and 65535.
XGS3600 Series User's Guide
82
MSTI Mapping
MSTI :
The bridge instance. The CIST is not available for explicit mapping, as it will
receive the VLANs not explicitly mapped.
VLANs Mapped :
The list of VLANs mapped to the MSTI. The VLANs must be separated with
comma and/or space. A VLAN can only be mapped to one MSTI. An unused
MSTI should just be left empty. (I.e. not having any VLANs mapped to it.)
Buttons
Apply – Click to apply changes.
Reset- Click to u ndo any chan ges made loca lly and re vert to previ ously saved
values.
XGS3600 Series User's Guide
83
3-4.3 MSTI Priorities
When you implement an Spanning Tree protocol on the switch that the bridge instance. The
CIST is the default instance which is always active. For controls the bridge priority. Lower
numeric values have better priority. The bridge priority plus the MSTI instance number,
concatenated with the 6-byte MAC address of the switch forms a Bridge Identifier
The section describes it allows the user to inspect the current STP MSTI bridge instance
priority configurations, and possibly change them as well.
Web Interface
To configure the Spanning Tree MSTI Priorities parameters in the web interface:
1. Click Configuration, Spanning Tree, MSTI Priorities
2. Scroll the Priority maximum is 240. Default is 128.
3. Click the Apply to save the setting
4. If you want to cancel the setting then you need to click the Reset button.
It will revert to previously saved values
Figure 3-4.3: The MSTI Confi gu rati o n
Parameter description:
MSTI :
The bridge instance. The CIST is the default instance, which is always a ctive.
Priority :
Controls the bridge priority. Lower numeric values have better priority. The
bridge priority plus the MSTI instance number, concatenated with the 6-byte
MAC address of the switch forms a Bridge Identifier.
Buttons
Apply – Click to apply changes.
Reset- Click to u ndo any chan ges made loca lly and re vert to previ ously saved
values.
XGS3600 Series User's Guide
84
3-4.4 CIST Ports
When you implement an Spanning Tree protocol on the switch that the bridge instance. You
need to configure the CIST Ports. The section describes it allows the user to inspect the to
inspect the current STP CIST port configurations, and possibly change them as well.
Web Interface
To configure the Spanning Tree CIST Ports parameters in the web interface:
1. Click Configuration, Spanning Tree, CIST Ports
2. Scroll and evoke to set all parameters of CIST Aggregated Port
Configuration.
3. Evoke to enable or disable the STP, then scroll and evoke to set all
parameters of the CIST normal Port configuration.
4. Click the Apply to save the setting
5. If you want to cancel the setting then you need to click the Reset button.
It will revert to previously saved values
Figure 3-4.4: The STP CIST P ort Configuration
XGS3600 Series User's Guide
85
Parameter description:
Port :
The switch port number of the logical STP port.
STP Enabled :
Controls whether STP is enabled on this switch port.
Path Cost :
Controls the path cost incurred by the port. The Auto setting will set the path
cost as appropriate by the physical link speed, using the 802.1D recommended
values. Using the Specific setting, a user-defined value can be entered. The
path cost is used when establishing the active topology of the network. Lower
path cost ports are chosen as forwarding ports in favour of higher path cost
ports. Valid values are in the range 1 to 200000000.
Priority :
Controls the p ort priority. This can be used to control priority of p orts having
identical port cost. (See above).
operEdge (state flag) :
Operational flag describing whether the port is connecting directly to edge
devices. (No Bridges attached). Transition to the forwarding state is faster for
edge ports (having operEdge true) than for other ports.The value of this flag is
based on AdminEdge and AutoEdge fields. This flag is displayed as Edge in
Monitor->Spanning Tree -> STP Detailed Bridge Status.
AdminEdge :
Controls wh ether the oper Edge flag shoul d start as set or cleared. (T he initial
operEdge state when a port is initialized).
AutoEdge :
Controls whether the bridge should enable automatic edge detection on the
bridge port. This allows operEdge to be derived from whether BPDU's are
received on the port or not.
Restricted Role :
If enabled, ca uses the port not t o be select ed as Root Port for t he CIS T or any
MSTI, even if it has the best spanning tree priority vector. Such a port will be
selected as an Alternat e Port after the Root Port has b een selected. If set, it
can cause lack of spanning tree connectivity. It can be set by a network
administrator to prevent bridges external to a core region of the network
influence the spanning tree active topology, possibly because those bridges are
not under the full control of the administrator. This feature is also known as
Root Guard.
Restricted TCN :
If enabled, causes the port not to propagate received topology change
notifications and topology changes to other ports. If set it can cause temporary
loss of connectivity after changes in a spanning tree's active topology as a
result of persistently incorrect learned station location information. It is set by
a network administrator to prevent bridges external to a core region of the
network, causing address flushing in that region, possibly because those
bridges are n ot under the full control of the administrator or the physical link
state of the attached LANs trans its frequently.
BPDU Guard :
If enabled, causes the port to disable itself upon receiving valid BPDU's.
Contrary to the similar bridge setting, the port Edge status does not affect this
setting. A port ent eri n g erro r-disabled state due to this setting is subject to the
XGS3600 Series User's Guide
86
bridge Port Error Recovery setting as well.
Point to Point
Controls whether the port connects to a point-to-point LAN rather than to a
shared medi um. Thi s can be aut omatical ly determi ned, or fo rced eith er true or
false. Transition to the forwarding state is faster for point-to-point LANs than
for shared media.
Buttons
Apply – Click to apply changes.
Reset- Click to u ndo any chan ges made loca lly and re vert to previ ously saved
values.
XGS3600 Series User's Guide
87
3-4.5 MSTI Ports
The section describes it allows the user to i nspect the cur rent STP MSTI port configurati ons,
and possibly change them as well.
An MSTI port is a virtual port, which is instantiate d separatel y for each active CIST (ph ysical)
port for each MSTI instance configured on and applicable to the port. The MSTI instance must
be selected before displaying actual MSTI port configuration options. It contains MSTI port
settings for physical and aggregated ports. The aggregation settings are stack global.
Web Interface
To configure the Spanning Tree MSTI Port Configuration parameters in the web interfac e:
1. Click Configuration, Spanning Tree, MSTI Ports
2. Scroll to select the MST1 or other MSTI Port
3. Click Get to set the detail parameters of the MSTI Ports.
4. Scroll to set all parameters of the MSTI Port configuration.
5. Click the Apply to save the setting
6. If you want to cancel the setting then you need to click the Reset button.
It will revert to previously saved values
Figure 3-4.5: The MSTI Port Configuration
XGS3600 Series User's Guide
88
Parameter description:
Port :
The switch port number of the corresponding STP CIST (and MSTI) port.
Path Cost :
Controls the path cost incurred by the port. The Auto setting will set the path
cost as appropri ate by t he physi cal l ink spe ed, using the 802.1D recommended
XGS3600 Series User's Guide
89
values. Using the Specific setting, a user-defined value can be entered. The
path cost is used when establishing the active topology of the network. Lower
path cost ports are chosen as forwarding ports in favour of higher path cost
ports. Valid values are in the range 1 to 200000000.
Priority :
Controls the p ort priority. This can be used to control priority of p orts having
identical port cost. (See above).
Buttons
Apply – Click to apply changes.
Reset- Click to undo any changes made locally an d revert to prev iously saved
values.
XGS3600 Series User's Guide
90
3-4.6 Bridge Status
After you complete the MSTI Port configuration, you could ask the switch disp la y the Bridge
Status. The Section provides a status overview of all STP bridge instances. The displayed
table contains a row for each STP bridge instance, where the column displays the following
information:
Web Interface
To display the STP Bridges status in the web interface:
1. Click Configuration, Spanning Tree, STP Bridges
2. If you want to auto-refresh the information then you need to evoke the
“Auto-refresh”.
3. Click “ Refresh“ to refresh the STP Bridges.
Figure 3-4.6: The STP Bridges status
Parameter description:
MSTI :
The Bridge Instance. This is also a link to the STP Detailed Bridge Status.
Bridge ID :
The Bridge ID of this Bridge instance.
Root ID :
The Bridge ID of the currently elected root bridge.
Root Port :
The switch port currently assigned the root port role.
Root Cost :
Root Path Cost. For the Root Bridge it is zero. For a ll other Bridges, it is the sum of the
Port Path Costs on the least cost path to the Root Bridge.
Topology Flag :
The current state of the Topology Change Flag of this Bridge instance.
Topology Change Last :
The time since last Topology Change occurred.
Auto-refresh:
To evoke the auto-refresh to refresh the information automatically.
Upper right icon (Refresh)
You can click them for refresh the STP Bridges status information by manual.
XGS3600 Series User's Guide
91
3-4.7 Port Status
After you complete the STP configuration, you could ask the switch display the STP Port
Status. The Section provides you to ask switch to display the STP CIST port status for
physical ports of the currently selected switch.
Web Interface
To display the STP Port status in the web int er f ace:
1. Click Configuration, Spanning Tree, STP Port Status
2. If you want to auto-refresh the information then you need to evoke the
“Auto-refresh”.
3. Click “ Refresh“ to refresh the STP Bridges.
Figure 3-4.7: The STP Port status
Parameter description:
Port :
The switch port number of the logical STP port.
CIST Role :
The current STP port role o f t he CIST port. T he por t r o l e can be one of the followin g va lues :
AlternatePort, Backup Port, RootPort, Desig nat ed Por t Dis ab led.
CIST State :
The current STP port state of the CIST port. T he port state can be one of the following
XGS3600 Series User's Guide
92
values: Blocking Learning For war di ng.
Uptime
The time since the bridge port was last initialized.
Auto-refresh:
To evoke the auto-refresh to refresh the information automatically.
Upper right icon (Refresh)
You can click them for re fresh the STP Po rt status information by ma nual.
XGS3600 Series User's Guide
93
Loading...