Red Lion Series EL 326 Users Manual

Sixnet® Series EL 326

Gigabit Ethernet Switch

Software Manual | April 2015

M

ANAGEMENT

G

UIDE

COPYRIGHT

Copyright, © 2015 Red Lion Controls, Inc.

20 Willow Springs Circle

York, PA 17406

All rights reserved. Red Lion, the Red Lion logo and N-Tron are registered trademarks of Red Lion Controls, Inc. All
other company and product names are trademarks of their respective owners.

The information contained in this document is subject to change without notice. Red Lion makes no warranty of any
kind with regard to this material, including, but not limited to, the implied warranties of merchantability or fitness for
a particular purpose. In no event shall Red Lion be liable for any incidental, special, indirect or consequential
damages whatsoever included but not limited to lost profits arising out of errors or omissions in this manual or the
information contained herein.

CONTACT INFORMATION :

AMERICAS

York, PA: +1 (717) 767-6511
Mobile, AL: +1 (251) 342-2164
Ballston Lake, NY: +1 (518) 877-5173
Hours: 8am-6pm Eastern Standard Time
(UTC/GMT -5 hours)

ASIA-PACIFIC

Shanghai, P.R. China: +86 21-6113-3688 x767
Hours: 10am-6pm China Standard Time
(UTC/GMT +8 hours)

EUROPE

The Netherlands: +31 33-4723-225
Hours: 9am-6pm Central European Time
(UTC/GMT +1 hour)

R

EVISED

2015-04-10 A

BOUT THIS MANUAL

ABOUT THIS MANUAL

Purpose This manual gives specific information on how to operate and use the management

functions of the switch.

Audience The manual is intended for use by network administrators who are responsible for

operating and maintaining network equipment; consequently, it assumes a basic
working knowledge of general switch functions, the Internet Protocol (IP), and Simple
Network Management Protocol (SNMP).

Conventions The following conventions are used throughout this manual to show information:

Note:

N

OTE

:

Emphasizes important information or calls your attention

to related features or instructions.

Note:

C

AUTION

:

Alerts you to a potential hazard that could cause loss of

data, or damage the system or equipment.

Note:

W

ARNING

:

Alerts you to a potential hazard that could cause per-

sonal injury.

Related Publications The following publication details the hardware features of the switch, including the

physical and performance-related characteristics, and how to install the switch:

The Installation Guide

Also, as part of the switch’s software, there is an online web-based help that describes
all management related features.

Sixnet Series EL 326 Software Manual - 1 -

A

BOUT THIS MANUAL

Revision History The following information lists the release history of this document.

Issue / Revision Date Content Description

R

EVISED

2015-04-10

April 2015 This manual is valid for software release v1.2.2.16.

Added VRRP (Virtual Router Redundancy Protocol) support for accept mode
(RFC 5798).

- 2 - Sixnet Series EL 326 Software Manual

R

EVISED

2015-04-10 C

ONTENTS

CONTENTS

SECTION I GETTING STARTED 38

1 INTRODUCTION 39

Key Features 39

Description of Software Features 40

Configuration Backup and Restore 40

Authentication 40

Access Control Lists 41

DHC

P 41

Port Configuration 41

Rate Limiting 41

Port Mirroring 41

Port Trunking 41

Broadcast Storm Control 42

Static Addresses 42

IP Address Filtering 42

IEEE 802.1D Bridge 42

Store-and-Forward Switching 42

Spanning Tree Algorithm 42

Virtual LANs 43

IEEE 802.1Q Tunneling (QinQ) 43

Traffic Prioritization 43

Quality of Service 44

IP Routing 44

Equal-cost Multipath Load Balancing 44

Router Redundancy 44

Address Resolution Protocol 45

Multicast Filtering 45

Multicast Routing 45

System Defaults 46

2 INITIAL SWITCH CONFIGURATION 49

Sixnet Series EL 326 Software Manual - 3 -

C

ONTENTS

R

EVISED

2015-04-10

Connecting to the Switch 49

Configuration Options 49

Required Connections 50

Remote Connections 51

Stack Operations 52

Selecting the Stack Master 52

Selecting the Backup Unit 52

Recovering from Stack Failure or Topology Change 53

Renumbering the Stack 54

Ensuring Consistent Code is Used Across the Stack 54

Basic Configuration 55

Console Connection 55

Setting Passwords 55

Setting an IP Address 56

Enabling SNMP Management Access 61

Managing System Files 63

Saving or Restoring Configuration Settings 63

SECTION II WEB CONFIGURATION 65

3 USING THE WEB INTERFACE 67

Connecting to the Web Interface 67

Navigating the Web Browser Interface 68

Home Page 68

Configuration Options 69

Panel Display 69

Main Menu 70

4 BASIC MANAGEMENT TASKS 87

Displaying System Information 87

Displaying Switch Hardware/Software Versions 88

Configuring Support for Jumbo Frames 90

Displaying Bridge Extension Capabilities 91

Managing System Files 92

Copying Files via FTP/TFTP or HTTP 92

Saving the Running Configuration to a Local File 94

Setting The Start-Up File 95

- 4 - Sixnet Series EL 326 Software Manual



R

EVISED

2015-04-10 C

Showing System Files 96

Setting the System Clock 96

Setting the Time Manually 97

Configuring SNTP 98

Specifying SNTP Time Servers 99

Setting the Time Zone 99

Console Port Settings 100

Telnet Settings 102

Displaying CPU Utilization 103

Displaying Memory Utilization 104

Resetting the System 106

5 INTERFACE CONFIGURATION 109

Port Configuration 109

Configuring by Port List 109

ONTENTS

Configuring by Port Range 112

Displaying Connection Status 112

Configuring Port Mirroring 114

Showing Port or Trunk Statistics 115

Performing Cable Diagnostics 119

Trunk Configuration 121

Configuring a Static Trunk 121

Configuring a Dynamic Trunk 124

Displaying LACP Port Counters 129

Displaying LACP Settings and Status for the Local Side 130

Displaying LACP Settings and Status for the Remote Side 132

Sampling Traffic Flows 133

Configuring sFlow Parameters 134

Traffic Segmentation 135

Enabling Traffic Segmentation 135

Configuring Uplink and Downlink Ports 136

VLAN Trunking 137

6 VLAN CONFIGURATION 139

IEEE 802.1Q VLANs 139

Configuring VLAN Groups 142

Adding Static Members to VLANs 144

Configuring Dynamic VLAN Registration 148

Sixnet Series EL 326 Software Manual - 5 -



C

ONTENTS

R

EVISED

2015-04-10

Private VLANs 151

Creating Private VLANs 152

Associating Private VLANs 153

Configuring Private VLAN Interfaces 155

IEEE 802.1Q Tunneling 156

Enabling QinQ Tunneling on the Switch 160

Adding an Interface to a QinQ Tunnel 161

Protocol VLANs 162

Configuring Protocol VLAN Groups 163

Mapping Protocol Groups to Interfaces 164

Configuring IP Subnet VLANs 166

Configuring MAC-based VLANs 168

7 ADDRESS TABLE SETTINGS 170

Configuring MAC Address Learning 170

Setting Static Addresses 171

Changing the Aging Time 173

Displaying the Dynamic Address Table 174

Clearing the Dynamic Address Table 175

8 SPANNING TREE ALGORITHM 177

Overview 177

Configuring Loopback Detection 179

Configuring Global Settings for STA 181

Displaying Global Settings for STA 186

Configuring Interface Settings for STA 187

Displaying Interface Settings for STA 191

Configuring Multiple Spanning Trees 194

Configuring Interface Settings for MSTP 198

9 RATE LIMIT CONFIGURATION 200

10 STORM CONTROL CONFIGURATION 202

11 CLASS OF SERVICE 204

Layer 2 Queue Settings 204

Setting the Default Priority for Interfaces 204

Selecting the Queue Mode 205

Mapping CoS Values to Egress Queues 208

Layer 3/4 Priority Settings 210

Mapping DSCP Priority 210

- 6 - Sixnet Series EL 326 Software Manual



R

EVISED

2015-04-10 C

Mapping IP Precedence 212

Mapping IP Port Priority 213

12 QUALITY OF SERVICE 216

Overview 216

Configuring a Class Map 217

Creating QoS Policies 220

Attaching a Policy Map to a Port 229

13 VOIP TRAFFIC CONFIGURATION 230

Overview 230

Configuring VoIP Traffic 230

Configuring Telephony OUI 231

Configuring VoIP Traffic Ports 233

14 SECURITY MEASURES 235

AAA Authorization and Accounting 236

ONTENTS

Configuring Local/Remote Logon Authentication 237

Configuring Remote Logon Authentication Servers 238

Configuring AAA Accounting 242

Configuring AAA Authorization 247

Configuring User Accounts 250

Web Authentication 251

Configuring Global Settings for Web Authentication 252

Configuring Interface Settings for Web Authentication 253

Network Access (MAC Address Authentication) 254

Configuring Global Settings for Network Access 256

Configuring Network Access for Ports 257

Configuring Port Link Detection 259

Configuring a MAC Address Filter 260

Displaying Secure MAC Address Information 261

Configuring HTTPS 263

Configuring Global Settings for HTTPS 263

Replacing the Default Secure-site Certificate 264

Configuring the Secure Shell 266

Configuring the SSH Server 268

Generating the Host Key Pair 269

Importing User Public Keys 271

Access Control Lists 273

Sixnet Series EL 326 Software Manual - 7 -



C

ONTENTS

R

EVISED

2015-04-10

Setting A Time Range 274

Showing TCAM Utilization 277

Setting the ACL Name and Type 278

Configuring a Standard IPv4 ACL 279

Configuring an Extended IPv4 ACL 281

Configuring a Standard IPv6 ACL 283

Configuring an Extended IPv6 ACL 285

Configuring a MAC ACL 287

Configuring an ARP ACL 289

Binding a Port to an Access Control List 291

ARP Inspection 292

Configuring Global Settings for ARP Inspection 293

Configuring VLAN Settings for ARP Inspection 295

Configuring Interface Settings for ARP Inspection 296

Displaying ARP Inspection Statistics 298

Displaying the ARP Inspection Log 299

Filtering IP Addresses for Management Access 300

Configuring Port Security 302

Configuring 802.1X Port Authentication 303

Configuring 802.1X Global Settings 305

Configuring Port Settings for 802.1X 306

Displaying 802.1X Statistics 310

IP Source Guard 311

Configuring Ports for IP Source Guard 311

Configuring Static Bindings for IP Source Guard 313

Displaying Information for Dynamic IP Source Guard Bindings 315

DHCP Snooping 316

DHCP Snooping Configuration 318

DHCP Snooping VLAN Configuration 319

Configuring Ports for DHCP Snooping 320

Displaying DHCP Snooping Binding Information 321

15 BASIC ADMINISTRATION PROTOCOLS 323

Configuring Event Logging 323

System Log Configuration 323

Remote Log Configuration 326

Sending Simple Mail Transfer Protocol Alerts 327

- 8 - Sixnet Series EL 326 Software Manual



R

EVISED

2015-04-10 C

Link Layer Discovery Protocol 328

Setting LLDP Timing Attributes 328

Configuring LLDP Interface Attributes 330

Displaying LLDP Local Device Information 333

Displaying LLDP Remote Port Information 335

Displaying Device Statistics 339

Simple Network Management Protocol 341

Configuring Global Settings for SNMP 343

Setting the Local Engine ID 343

Specifying a Remote Engine ID 344

Setting SNMPv3 Views 346

Configuring SNMPv3 Groups 348

Setting Community Access Strings 352

Configuring Local SNMPv3 Users 353

ONTENTS

Configuring Remote SNMPv3 Users 356

Specifying Trap Managers 358

Remote Monitoring 362

Configuring RMON Alarms 363

Configuring RMON Events 365

Configuring RMON History Samples 367

Configuring RMON Statistical Samples 370

16 MULTICAST FILTERING 373

Overview 373

IGMP Protocol 374

Layer 2 IGMP (Snooping and Query) 375

Configuring IGMP Snooping and Query Parameters 377

Specifying Static Interfaces for a Multicast Router 380

Assigning Interfaces to Multicast Services 382

Setting IGMP Snooping Status per Interface 384

Filtering IGMP Query Packets and Multicast Data 389

Displaying Multicast Groups Discovered by IGMP Snooping 390

Filtering and Throttling IGMP Groups 391

Enabling IGMP Filtering and Throttling 391

Configuring IGMP Filter Profiles 392

Configuring IGMP Filtering and Throttling for Interfaces 394

Layer 3 IGMP (Query used with Multicast Routing) 396

Sixnet Series EL 326 Software Manual - 9 -



C

ONTENTS

R

EVISED

2015-04-10

Configuring IGMP Proxy Routing 396

Configuring IGMP Interface Parameters 399

Configuring Static IGMP Group Membership 401

Displaying Multicast Group Information 403

Multicast VLAN Registration 406

Configuring Global MVR Settings 408

Configuring the MVR Group Range 409

Configuring MVR Interface Status 410

Assigning Static Multicast Groups to Interfaces 412

Showing Multicast Groups Assigned to Interfaces 414

17 IP CONFIGURATION 416

Setting the Switch’s IP Address (IP Version 4) 416

Setting the Switch’s IP Address (IP Version 6) 419

Configuring the IPv6 Default Gateway 420

Configuring IPv6 Interface Settings 420

Configuring an IPv6 Address 423

Showing IPv6 Addresses 425

Showing the IPv6 Neighbor Cache 427

Showing IPv6 Statistics 428

Showing the MTU for Responding Destinations 433

18 GENERAL IP ROUTING 434

Overview 434

Initial Configuration 434

IP Routing and Switching 435

Routing Path Management 436

Routing Protocols 436

Configuring IP Routing Interfaces 437

Configuring Local and Remote Interfaces 437

Using the Ping Function 437

Using the Trace Route Function 439

Address Resolution Protocol 440

Basic ARP Configuration 441

Configuring Static ARP Addresses 442

Displaying Dynamic or Local ARP Entries 444

Displaying ARP Statistics 445

Configuring Static Routes 446

- 10 - Sixnet Series EL 326 Software Manual



R

EVISED

2015-04-10 C

Displaying the Routing Table 447

Equal-cost Multipath Routing 449

19 CONFIGURING ROUTER REDUNDANCY 451

Configuring VRRP Groups 452

Displaying VRRP Global Statistics 458

Displaying VRRP Group Statistics 458

20 IP SERVICES 461

Domain Name Service 461

Configuring General DNS Service Parameters 461

Configuring a List of Domain Names 462

Configuring a List of Name Servers 464

Configuring Static DNS Host to Address Entries 465

Displaying the DNS Cache 466

Dynamic Host Configuration Protocol 467

ONTENTS

Specifying A DHCP Client Identifier 467

Configuring DHCP Relay Service 468

Configuring the DHCP Server 470

Forwarding UDP Service Requests 477

Enabling the UDP Helper 477

Specifying UDP Destination Ports 478

Specifying The Target Server or Subnet 479

21 UNICAST ROUTING 481

Overview 481

Configuring the Routing Information Protocol 482

Configuring General Protocol Settings 483

Clearing Entries from the Routing Table 486

Specifying Network Interfaces 487

Specifying Passive Interfaces 489

Specifying Static Neighbors 490

Configuring Route Redistribution 491

Specifying an Administrative Distance 492

Configuring Network Interfaces for RIP 494

Displaying RIP Interface Settings 498

Displaying Peer Router Information 499

Resetting RIP Statistics 499

Configuring the Open Shortest Path First Protocol (Version 2) 500

Sixnet Series EL 326 Software Manual - 11 -



C

ONTENTS

R

EVISED

2015-04-10

Defining Network Areas Based on Addresses 502

Configuring General Protocol Settings 505

Displaying Administrative Settings and Statistics 507

Adding an NSSA or Stub 509

Configuring NSSA Settings 510

Configuring Stub Settings 513

Displaying Information on NSSA and Stub Areas 515

Configuring Area Ranges (Route Summarization for ABRs) 516

Redistributing External Routes 518

Configuring Summary Addresses (for External AS Routes) 520

Configuring OSPF Interfaces 521

Configuring Virtual Links 527

Displaying Link State Database Information 530

Displaying Information on Neighboring Routers 532

22 MULTICAST ROUTING 534

Overview 534

Configuring Global Settings for Multicast Routing 537

Enabling Multicast Routing Globally 537

Displaying the Multicast Routing Table 538

Configuring PIM for IPv4 541

Enabling PIM Globally 541

Configuring PIM Interface Settings 541

Displaying Neighbor Information 547

Configuring Global PIM-SM Settings 547

Configuring a BSR Candidate 549

Configuring a Static Rendezvous Point 550

Configuring an RP Candidate 552

Displaying the BSR Router 554

Displaying RP Mapping 555

Configuring PIMv6 for IPv6 556

Enabling PIM Globally 556

Configuring PIM Interface Settings 557

Displaying Neighbor Information 560

- 12 - Sixnet Series EL 326 Software Manual



R

EVISED

2015-04-10 C

ONTENTS

SECTION III COMMAND LINE INTERFACE 562

23 USING THE COMMAND LINE INTERFACE 564

Accessing the CLI 564

Console Connection 564

Telnet Connection 565

Entering Commands 566

Keywords and Arguments 566

Minimum Abbreviation 566

Command Completion 566

Getting Help on Commands 567

Partial Keyword Lookup 568

Negating the Effect of Commands 568

Using Command History 569

Understanding Command Modes 569

Exec Commands 569

Configuration Commands 570

Command Line Processing 572

CLI Command Groups 573

24 GENERAL COMMANDS 575

25 SYSTEM MANAGEMENT COMMANDS 582

Device Designation 582

System Status 583

Frame Size 590

Fan Control 591

File Management 592

Line 599

Event Logging 608

SMTP Alerts 614

Time 618

Time Range 623

26 SNMP COMMANDS 626

27 REMOTE MONITORING COMMANDS 643

28 FLOW SAMPLING COMMANDS 650

29 AUTHENTICATION COMMANDS 655

Sixnet Series EL 326 Software Manual - 13 -

C

ONTENTS

R

EVISED

2015-04-10

User Accounts 655

Authentication Sequence 657

RADIUS Client 659

TACACS+ Client 664

AAA 667

Web Server 675

Telnet Server 678

Secure Shell 680

802.1X Port Authentication 689

Management IP Filter 699

30 GENERAL SECURITY MEASURES 702

Port Security 703

Network Access (MAC Address Authentication) 705

Web Authentication 718

DHCP Snooping 724

IP Source Guard 732

ARP Inspection 736

31 ACCESS CONTROL LISTS 745

IPv4 ACLs 745

IPv6 ACLs 752

MAC ACLs 758

ARP ACLs 763

ACL Information 765

32 INTERFACE COMMANDS 767

33 LINK AGGREGATION COMMANDS 785

34 PORT MIRRORING COMMANDS 795

Local Port Mirroring Commands 795

35 RATE LIMIT COMMANDS 798

36 AUTOMATIC TRAFFIC CONTROL COMMANDS 800

37 ADDRESS TABLE COMMANDS 813

38 SPANNING TREE COMMANDS 818

39 VLAN COMMANDS 843

GVRP and Bridge Extension Commands 844

Editing VLAN Groups 848

Configuring VLAN Interfaces 850

Displaying VLAN Information 856

- 14 - Sixnet Series EL 326 Software Manual



R

EVISED

2015-04-10 C

Configuring IEEE 802.1Q Tunneling 857

Configuring Port-based Traffic Segmentation 863

Configuring Private VLANs 865

Configuring Protocol-based VLANs 870

Configuring IP Subnet VLANs 873

Configuring MAC Based VLANs 875

Configuring Voice VLANs 877

40 CLASS OF SERVICE COMMANDS 884

Priority Commands (Layer 2) 884

Priority Commands (Layer 3 and 4) 890

41 QUALITY OF SERVICE COMMANDS 898

42 MULTICAST FILTERING COMMANDS 913

IGMP Snooping 913

Static Multicast Routing 931

ONTENTS

IGMP Filtering and Throttling 932

Multicast VLAN Registration 941

IGMP (Layer 3) 948

IGMP Proxy Routing 957

MLD (Layer 3) 960

MLD Proxy Routing 968

43 LLDP COMMANDS 971

44 DOMAIN NAME SERVICE COMMANDS 988

45 DHCP COMMANDS 996

DHCP Client 996

DHCP Relay 999

DHCP Server 1000

46 VRRP COMMANDS 1013

47 IP INTERFACE COMMANDS 1022

IPv4 Interface 1022

Basic IPv4 Configuration 1023

ARP Configuration 1028

UDP Helper Configuration 1032

IPv6 Interface 1036

IPv6 to IPv4 Tunnels 1059

48 IP ROUTING COMMANDS 1067

Global Routing Configuration 1067

Sixnet Series EL 326 Software Manual - 15 -



C

ONTENTS

R

EVISED

2015-04-10

Routing Information Protocol (RIP) 1075

Open Shortest Path First (OSPFv2) 1092

Open Shortest Path First (OSPFv3) 1130

49 MULTICAST ROUTING COMMANDS 1157

General Multicast Routing 1157

Static Multicast Routing 1163

PIM Multicast Routing 1165

IPv4 PIM Commands 1165

IPv6 PIM Commands 1187

SECTION IV APPENDICES 1197

AX SOFTWARE SPECIFICATIONS 1198

Software Features 1198

Management Features 1199

Standards 1200

Management Information Bases 1201

AY TROUBLESHOOTING 1203

Problems Accessing the Management Interface 1203

Using System Logs 1204

AZ LICENSE INFORMATION 1205

The GNU General Public License 1205

- 16 - Sixnet Series EL 326 Software Manual



R

EVISED

2015-04-10 F

FIGURES

Figure 1: Home Page 68

Figure 2: Front Panel Indicators 69

Figure 3: System Information 88

Figure 4: General Switch Information 89

Figure 5: Configuring Support for Jumbo Frames 90

Figure 6: Displaying Bridge Extension Configuration 92

Figure 7: Copy Firmware 94

Figure 8: Saving the Running Configuration 95

Figure 9: Setting Start-Up Files 95

IGURES

Figure 10: Displaying System Files 96

Figure 11: Manually Setting the System Clock 97

Figure 12: Setting the Polling Interval for SNTP 98

Figure 13: Specifying SNTP Time Servers 99

Figure 14: Setting the Time Zone 100

Figure 15: Console Port Settings 102

Figure 16: Telnet Connection Settings 103

Figure 17: Displaying CPU Utilization 104

Figure 18: Displaying Memory Utilization 105

Figure 19: Renumbering the Stack 105

Figure 20: Restarting the Switch (Immediately) 107

Figure 21: Restarting the Switch (In) 107

Figure 22: Restarting the Switch (At) 108

Figure 23: Restarting the Switch (Regularly) 108

Figure 24: Configuring Connections by Port List 111

Figure 25: Configuring Connections by Port Range 112

Figure 26: Displaying Port Information 113

Figure 27: Configuring Local Port Mirroring 114

Figure 28: Configuring Local Port Mirroring 115

Figure 29: Displaying Local Port Mirror Sessions 115

Figure 30: Showing Port Statistics (Table) 118

Figure 31: Showing Port Statistics (Chart) 119

Figure 32: Performing Cable Tests 120

Sixnet EL 326 Software Manual - 17 -



F

IGURES

R

EVISED

2015-04-10

Figure 33: Configuring Static Trunks 122

Figure 34: Creating Static Trunks 123

Figure 35: Adding Static Trunks Members 123

Figure 36: Configuring Connection Parameters for a Static Trunk 124

Figure 37: Displaying Connection Parameters for Static Trunks 124

Figure 38: Configuring Dynamic Trunks 124

Figure 39: Configuring the LACP Aggregator Admin Key 126

Figure 40: Enabling LACP on a Port 127

Figure 41: Configuring LACP Parameters on a Port 128

Figure 42: Showing Members of a Dynamic Trunk 128

Figure 43: Configuring Connection Settings for Dynamic Trunks 129

Figure 44: Displaying Connection Parameters for Dynamic Trunks 129

Figure 45: Displaying LACP Port Counters 130

Figure 46: Displaying LACP Port Internal Information 132

Figure 47: Displaying LACP Port Remote Information 133

Figure 48: Sampling Traffic Flows 135

Figure 49: Enabling Traffic Segmentation 136

Figure 50: Configuring Members for Traffic Segmentation 137

Figure 51: Configuring VLAN Trunking 137

Figure 52: Configuring VLAN Trunking 138

Figure 53: VLAN Compliant and VLAN Non-compliant Devices 140

Figure 54: Using GVRP 141

Figure 55: Creating Static VLANs 143

Figure 56: Modifying Settings for Static VLANs 143

Figure 57: Showing Static VLANs 144

Figure 58: Configuring Static Members by VLAN Index 147

Figure 59: Configuring Static VLAN Members by Interface 147

Figure 60: Configuring Static VLAN Members by Interface Range 148

Figure 61: Configuring Global Status of GVRP 150

Figure 62: Configuring GVRP for an Interface 150

Figure 63: Showing Dynamic VLANs Registered on the Switch 151

Figure 64: Showing the Members of a Dynamic VLAN 151

Figure 65: Configuring Private VLANs 153

Figure 66: Showing Private VLANs 153

Figure 67: Associating Private VLANs 154

Figure 68: Showing Associated VLANs 154

- 18 - Sixnet EL 326 Software Manual



R

EVISED

2015-04-10 F

Figure 69: Configuring Interfaces for Private VLANs 156

Figure 70: QinQ Operational Concept 157

Figure 71: Enabling QinQ Tunneling 160

Figure 72: Adding an Interface to a QinQ Tunnel 162

Figure 73: Configuring Protocol VLANs 164

Figure 74: Displaying Protocol VLANs 164

Figure 75: Assigning Interfaces to Protocol VLANs 165

Figure 76: Showing the Interface to Protocol Group Mapping 166

Figure 77: Configuring IP Subnet VLANs 167

Figure 78: Showing IP Subnet VLANs 168

Figure 79: Configuring MAC-Based VLANs 169

Figure 80: Showing MAC-Based VLANs 169

Figure 81: Configuring MAC Address Learning 171

Figure 82: Configuring Static MAC Addresses 173

IGURES

Figure 83: Displaying Static MAC Addresses 173

Figure 84: Setting the Address Aging Time 174

Figure 85: Displaying the Dynamic MAC Address Table 175

Figure 86: Clearing Entries in the Dynamic MAC Address Table 176

Figure 87: STP Root Ports and Designated Ports 178

Figure 88: MSTP Region, Internal Spanning Tree, Multiple Spanning Tree 178

Figure 89: Common Internal Spanning Tree, Common Spanning Tree,

Internal Spanning Tree 179

Figure 90: Configuring Port Loopback Detection 180

Figure 91: Configuring Global Settings for STA (STP) 184

Figure 92: Configuring Global Settings for STA (RSTP) 185

Figure 93: Configuring Global Settings for STA (MSTP) 186

Figure 94: Displaying Global Settings for STA 187

Figure 95: Configuring Interface Settings for STA 191

Figure 96: STA Port Roles 192

Figure 97: Displaying Interface Settings for STA 193

Figure 98: Creating an MST Instance 195

Figure 99: Displaying MST Instances 195

Figure 100: Modifying the Priority for an MST Instance 196

Figure 101: Displaying Global Settings for an MST Instance 196

Figure 102: Adding a VLAN to an MST Instance 197

Figure 103: Displaying Members of an MST Instance 197

Figure 104: Configuring MSTP Interface Settings 199

Sixnet EL 326 Software Manual - 19 -



F

IGURES

R

EVISED

2015-04-10

Figure 105: Displaying MSTP Interface Settings 199

Figure 106: Configuring Rate Limits 201

Figure 107: Configuring Storm Control 203

Figure 108: Setting the Default Port Priority 205

Figure 109: Setting the Queue Mode (Strict) 207

Figure 110: Setting the Queue Mode (WRR) 207

Figure 111: Setting the Queue Mode (Strict and WRR) 208

Figure 112: Mapping CoS Values to Egress Queues 210

Figure 113: Mapping IP DSCP Priority Values 212

Figure 114: Mapping IP Precedence Priority Values 213

Figure 115: Mapping IP Port Number Priority Values 214

Figure 116: Showing IP Port Number Priority Map 215

Figure 117: Configuring a Class Map 218

Figure 118: Showing Class Maps 219

Figure 119: Adding Rules to a Class Map 219

Figure 120: Showing the Rules for a Class Map 220

Figure 121: Configuring a Policy Map 227

Figure 122: Showing Policy Maps 227

Figure 123: Adding Rules to a Policy Map 228

Figure 124: Showing the Rules for a Policy Map 228

Figure 125: Attaching a Policy Map to a Port 229

Figure 126: Configuring a Voice VLAN 231

Figure 127: Configuring an OUI Telephony List 232

Figure 128: Showing an OUI Telephony List 233

Figure 129: Configuring Port Settings for a Voice VLAN 234

Figure 130: Configuring the Authentication Sequence 238

Figure 131: Authentication Server Operation 238

Figure 132: Configuring Remote Authentication Server (RADIUS) 241

Figure 133: Configuring Remote Authentication Server (TACACS+) 241

Figure 134: Configuring AAA Server Groups 242

Figure 135: Showing AAA Server Groups 242

Figure 136: Configuring Global Settings for AAA Accounting 244

Figure 137: Configuring AAA Accounting Methods 245

Figure 138: Showing AAA Accounting Methods 245

Figure 139: Configuring AAA Accounting Service for 802.1X Service 246

Figure 140: Configuring AAA Accounting Service for Exec Service 246

- 20 - Sixnet EL 326 Software Manual



R

EVISED

2015-04-10 F

Figure 141: Displaying a Summary of Applied AAA Accounting Methods 246

Figure 142: Displaying Statistics for AAA Accounting Sessions 247

Figure 143: Configuring AAA Authorization Methods 248

Figure 144: Showing AAA Authorization Methods 249

Figure 145: Configuring AAA Authorization Methods for Exec Service 249

Figure 146: Displaying the Applied AAA Authorization Method 249

Figure 147: Configuring User Accounts 251

Figure 148: Showing User Accounts 251

Figure 149: Configuring Global Settings for Web Authentication 252

Figure 150: Configuring Interface Settings for Web Authentication 253

Figure 151: Configuring Global Settings for Network Access 257

Figure 152: Configuring Interface Settings for Network Access 258

Figure 153: Configuring Link Detection for Network Access 260

Figure 154: Configuring a MAC Address Filter for Network Access 261

IGURES

Figure 155: Showing the MAC Address Filter Table for Network Access 261

Figure 156: Showing Addresses Authenticated for Network Access 262

Figure 157: Configuring HTTPS 264

Figure 158: Downloading the Secure-Site Certificate 266

Figure 159: Configuring the SSH Server 269

Figure 160: Generating the SSH Host Key Pair 270

Figure 161: Showing the SSH Host Key Pair 271

Figure 162: Copying the SSH User’s Public Key 272

Figure 163: Showing the SSH User’s Public Key 273

Figure 164: Setting the Name of a Time Range 275

Figure 165: Showing a List of Time Ranges 275

Figure 166: Add a Rule to a Time Range 276

Figure 167: Showing the Rules Configured for a Time Range 276

Figure 168: Showing TCAM Utilization 278

Figure 169: Creating an ACL 279

Figure 170: Showing a List of ACLs 279

Figure 171: Configuring a Standard IPv4 ACL 281

Figure 172: Configuring an Extended IPv4 ACL 283

Figure 173: Configuring a Standard IPv6 ACL 284

Figure 174: Configuring an Extended IPv6 ACL 287

Figure 175: Configuring a MAC ACL 289

Figure 176: Configuring a ARP ACL 291

Sixnet EL 326 Software Manual - 21 -



F

IGURES

R

EVISED

2015-04-10

Figure 177: Binding a Port to an ACL 292

Figure 178: Configuring Global Settings for ARP Inspection 295

Figure 179: Configuring VLAN Settings for ARP Inspection 296

Figure 180: Configuring Interface Settings for ARP Inspection 297

Figure 181: Displaying Statistics for ARP Inspection 299

Figure 182: Displaying the ARP Inspection Log 300

Figure 183: Creating an IP Address Filter for Management Access 301

Figure 184: Showing IP Addresses Authorized for Management Access 301

Figure 185: Configuring Port Security 303

Figure 186: Configuring Port Security 304

Figure 187: Configuring Global Settings for 802.1X Port Authentication 305

Figure 188: Configuring Interface Settings for 802.1X Port Authenticator 309

Figure 189: Showing Statistics for 802.1X Port Authenticator 311

Figure 190: Setting the Filter Type for IP Source Guard 313

Figure 191: Configuring Static Bindings for IP Source Guard 314

Figure 192: Displaying Static Bindings for IP Source Guard 315

Figure 193: Showing the IP Source Guard Binding Table 316

Figure 194: Configuring Global Settings for DHCP Snooping 319

Figure 195: Configuring DHCP Snooping on a VLAN 320

Figure 196: Configuring the Port Mode for DHCP Snooping 321

Figure 197: Displaying the Binding Table for DHCP Snooping 322

Figure 198: Configuring Settings for System Memory Logs 325

Figure 199: Showing Error Messages Logged to System Memory 325

Figure 200: Configuring Settings for Remote Logging of Error Messages 327

Figure 201: Configuring SMTP Alert Messages 328

Figure 202: Configuring LLDP Timing Attributes 330

Figure 203: Configuring LLDP Interface Attributes 332

Figure 204: Displaying Local Device Information for LLDP (General) 334

Figure 205: Displaying Local Device Information for LLDP (Port) 335

Figure 206: Displaying Remote Device Information for LLDP (Port) 338

Figure 207: Displaying Remote Device Information for LLDP (Port Details) 339

Figure 208: Displaying LLDP Device Statistics (General) 340

Figure 209: Displaying LLDP Device Statistics (Port) 340

Figure 210: Configuring Global Settings for SNMP 343

Figure 211: Configuring the Local Engine ID for SNMP 344

Figure 212: Configuring a Remote Engine ID for SNMP 345

- 22 - Sixnet EL 326 Software Manual



R

EVISED

2015-04-10 F

Figure 213: Showing Remote Engine IDs for SNMP 346

Figure 214: Creating an SNMP View 347

Figure 215: Showing SNMP Views 347

Figure 216: Adding an OID Subtree to an SNMP View 348

Figure 217: Showing the OID Subtree Configured for SNMP Views 348

Figure 218: Creating an SNMP Group 351

Figure 219: Showing SNMP Groups 352

Figure 220: Setting Community Access Strings 353

Figure 221: Showing Community Access Strings 353

Figure 222: Configuring Local SNMPv3 Users 355

Figure 223: Showing Local SNMPv3 Users 355

Figure 224: Configuring Remote SNMPv3 Users 357

Figure 225: Showing Remote SNMPv3 Users 358

Figure 226: Configuring Trap Managers (SNMPv1) 361

IGURES

Figure 227: Configuring Trap Managers (SNMPv2c) 361

Figure 228: Configuring Trap Managers (SNMPv3) 362

Figure 229: Showing Trap Managers 362

Figure 230: Configuring an RMON Alarm 365

Figure 231: Showing Configured RMON Alarms 365

Figure 232: Configuring an RMON Event 367

Figure 233: Showing Configured RMON Events 367

Figure 234: Configuring an RMON History Sample 369

Figure 235: Showing Configured RMON History Samples 369

Figure 236: Showing Collected RMON History Samples 370

Figure 237: Configuring an RMON Statistical Sample 371

Figure 238: Showing Configured RMON Statistical Samples 371

Figure 239: Showing Collected RMON Statistical Samples 372

Figure 240: Multicast Filtering Concept 373

Figure 241: IGMP Protocol 375

Figure 242: Configuring General Settings for IGMP Snooping 380

Figure 243: Configuring a Static Interface for a Multicast Router 381

Figure 244: Showing Static Interfaces Attached a Multicast Router 381

Figure 245: Showing Current Interfaces Attached a Multicast Router 382

Figure 246: Assigning an Interface to a Multicast Service 383

Figure 247: Showing Static Interfaces Assigned to a Multicast Service 383

Figure 248: Showing Current Interfaces Assigned to a Multicast Service 384

Sixnet EL 326 Software Manual - 23 -



F

IGURES

R

EVISED

2015-04-10

Figure 249: Configuring IGMP Snooping on an Interface 388

Figure 250: Showing Interface Settings for IGMP Snooping 389

Figure 251: Dropping IGMP Query or Multicast Data Packets 390

Figure 252: Showing Multicast Groups Learned by IGMP Snooping 391

Figure 253: Enabling IGMP Filtering and Throttling 392

Figure 254: Creating an IGMP Filtering Profile 393

Figure 255: Showing the IGMP Filtering Profiles Created 393

Figure 256: Adding Multicast Groups to an IGMP Filtering Profile 394

Figure 257: Showing the Groups Assigned to an IGMP Filtering Profile 394

Figure 258: Configuring IGMP Filtering and Throttling Interface Settings 395

Figure 259: IGMP Proxy Routing 397

Figure 260: Configuring IGMP Proxy Routing 399

Figure 261: Configuring IGMP Interface Settings 401

Figure 262: Configuring Static IGMP Groups 402

Figure 263: Showing Static IGMP Groups 403

Figure 264: Displaying Multicast Groups Learned from IGMP (Information) 405

Figure 265: Displaying Multicast Groups Learned from IGMP (Detail) 406

Figure 266: MVR Concept 407

Figure 267: Configuring Global Settings for MVR 409

Figure 268: Configuring the Group Range for MVR 410

Figure 269: Showing the Configured Group Range for MVR 410

Figure 270: Configuring Interface Settings for MVR 412

Figure 271: Assigning Static MVR Groups to a Port 413

Figure 272: Showing the Static MVR Groups Assigned to a Port 414

Figure 273: Showing All MVR Groups Assigned to a Port 415

Figure 274: Configuring a Static IPv4 Address 418

Figure 275: Configuring a Dynamic IPv4 Address 418

Figure 276: Showing the Configured IP Address for an Interface 419

Figure 277: Configuring the IPv6 Default Gateway 420

Figure 278: Configuring General Settings for an IPv6 Interface 423

Figure 279: Configuring an IPv6 Address 425

Figure 280: Showing Configured IPv6 Addresses 427

Figure 281: Showing IPv6 Neighbors 428

Figure 282: Showing IPv6 Statistics (IPv6) 432

Figure 283: Showing IPv6 Statistics (ICMPv6) 432

Figure 284: Showing IPv6 Statistics (UDP) 433

- 24 - Sixnet EL 326 Software Manual



R

EVISED

2015-04-10 F

Figure 285: Showing Reported MTU Values 433

Figure 286: Virtual Interfaces and Layer 3 Routing 435

Figure 287: Pinging a Network Device 439

Figure 288: Tracing the Route to a Network Device 440

Figure 289: Proxy ARP 441

Figure 290: Configuring General Settings for ARP 442

Figure 291: Configuring Static ARP Entries 443

Figure 292: Displaying Static ARP Entries 444

Figure 293: Displaying Dynamic ARP Entries 444

Figure 294: Displaying Local ARP Entries 445

Figure 295: Displaying ARP Statistics 445

Figure 296: Configuring Static Routes 447

Figure 297: Displaying Static Routes 447

Figure 298: Displaying the Routing Table 449

IGURES

Figure 299: Setting the Maximum ECMP Number 450

Figure 300: Master Virtual Router with Backup Routers 451

Figure 301: Several Virtual Master Routers Using Backup Routers 451

Figure 302: Several Virtual Master Routers Configured for Mutual Backup and Load Sharing 452

Figure 303: Configuring the VRRP Group ID 455

Figure 304: Showing Configured VRRP Groups 456

Figure 305: Setting the Virtual Router Address for a VRRP Group 456

Figure 306: Showing the Virtual Addresses Assigned to VRRP Groups 457

Figure 307: Configuring Detailed Settings for a VRRP Group 457

Figure 308: Showing Counters for Errors Found in VRRP Packets 458

Figure 309: Showing Counters for Errors Found in a VRRP Group 460

Figure 310: Configuring General Settings for DNS 462

Figure 311: Configuring a List of Domain Names for DNS 463

Figure 312: Showing the List of Domain Names for DNS 463

Figure 313: Configuring a List of Name Servers for DNS 464

Figure 314: Showing the List of Name Servers for DNS 465

Figure 315: Configuring Static Entries in the DNS Table 466

Figure 316: Showing Static Entries in the DNS Table 466

Figure 317: Showing Entries in the DNS Cache 467

Figure 318: Specifying A DHCP Client Identifier 468

Figure 319: Layer 3 DHCP Relay Service 469

Figure 320: Configuring DHCP Relay Service 470

Sixnet EL 326 Software Manual - 25 -



F

IGURES

R

EVISED

2015-04-10

Figure 321: DHCP Server 470

Figure 322: Enabling the DHCP Server 471

Figure 323: Configuring Excluded Addresses on the DHCP Server 472

Figure 324: Showing Excluded Addresses on the DHCP Server 472

Figure 325: Configuring DHCP Server Address Pools (Network) 475

Figure 326: Configuring DHCP Server Address Pools (Host) 475

Figure 327: Showing Configured DHCP Server Address Pools 476

Figure 328: Shows Addresses Assigned by the DHCP Server 476

Figure 329: Enabling the UDP Helper 477

Figure 330: Specifying UDP Destination Ports 478

Figure 331: Showing the UDP Destination Ports 479

Figure 332: Specifying the Target Server or Subnet for UDP Requests 480

Figure 333: Showing the Target Server or Subnet for UDP Requests 480

Figure 334: Configuring RIP 482

Figure 335: Configuring General Settings for RIP 486

Figure 336: Clearing Entries from the Routing Table 487

Figure 337: Adding Network Interfaces to RIP 488

Figure 338: Showing Network Interfaces Using RIP 488

Figure 339: Specifying a Passive RIP Interface 489

Figure 340: Showing Passive RIP Interfaces 490

Figure 341: Specifying a Static RIP Neighbor 490

Figure 342: Showing Static RIP Neighbors 491

Figure 343: Redistributing External Routes into RIP 492

Figure 344: Showing External Routes Redistributed into RIP 492

Figure 345: Setting the Distance Assigned to External Routes 494

Figure 346: Showing the Distance Assigned to External Routes 494

Figure 347: Configuring a Network Interface for RIP 497

Figure 348: Showing RIP Network Interface Settings 498

Figure 349: Showing RIP Interface Settings 499

Figure 350: Showing RIP Peer Information 499

Figure 351: Resetting RIP Statistics 500

Figure 352: Configuring OSPF 501

Figure 353: OSPF Areas 502

Figure 354: Defining OSPF Network Areas Based on Addresses 504

Figure 355: Showing OSPF Network Areas 504

Figure 356: Showing OSPF Process Identifiers 504

- 26 - Sixnet EL 326 Software Manual



R

EVISED

2015-04-10 F

Figure 357: AS Boundary Router 506

Figure 358: Configure General Settings for OSPF 507

Figure 359: Showing General Settings for OSPF 509

Figure 360: Adding an NSSA or Stub 510

Figure 361: Showing NSSAs or Stubs 510

Figure 362: OSPF NSSA 511

Figure 363: Configuring Protocol Settings for an NSSA 513

Figure 364: OSPF Stub Area 513

Figure 365: Configuring Protocol Settings for a Stub 515

Figure 366: Displaying Information on NSSA and Stub Areas 516

Figure 367: Route Summarization for ABRs 516

Figure 368: Configuring Route Summaries for an Area Range 517

Figure 369: Showing Configured Route Summaries 518

Figure 370: Redistributing External Routes 518

IGURES

Figure 371: Importing External Routes 519

Figure 372: Showing Imported External Route Types 520

Figure 373: Summarizing External Routes 521

Figure 374: Showing Summary Addresses for External Routes 521

Figure 375: Configuring Settings for All Interfaces Assigned to a VLAN 525

Figure 376: Configuring Settings for a Specific Area Assigned to a VLAN 526

Figure 377: Showing OSPF Interfaces 526

Figure 378: Showing MD5 Authentication Keys 527

Figure 379: OSPF Virtual Link 527

Figure 380: Adding a Virtual Link 528

Figure 381: Showing Virtual Links 529

Figure 382: Configuring Detailed Settings for a Virtual Link 529

Figure 383: Showing MD5 Authentication Keys 530

Figure 384: Displaying Information in the Link State Database 532

Figure 385: Displaying Neighbor Routers Stored in the Link State Database 533

Figure 386: Enabling Multicast Routing 537

Figure 387: Displaying the Multicast Routing Table 540

Figure 388: Displaying Detailed Entries from the Multicast Routing Table 540

Figure 389: Enabling PIM Multicast Routing 541

Figure 390: Configuring PIM Interface Settings (Dense Mode) 546

Figure 391: Configuring PIM Interface Settings (Sparse Mode) 546

Figure 392: Showing PIM Neighbors 547

Sixnet EL 326 Software Manual - 27 -



F

IGURES

R

EVISED

2015-04-10

Figure 393: Configuring Global Settings for PIM-SM 549

Figure 394: Configuring a BSR Candidate 550

Figure 395: Configuring a Static Rendezvous Point 551

Figure 396: Showing Static Rendezvous Points 552

Figure 397: Configuring an RP Candidate 553

Figure 398: Showing Settings for an RP Candidate 554

Figure 399: Showing Information About the BSR 555

Figure 400: Showing RP Mapping 556

Figure 401: Enabling PIMv6 Multicast Routing 557

Figure 402: Configuring PIMv6 Interface Settings (Dense Mode) 560

Figure 403: Showing PIMv6 Neighbors 561

Figure 404: Storm Control by Limiting the Traffic Rate 801

Figure 405: Storm Control by Shutting Down a Port 802

Figure 406: Configuring VLAN Trunking 855

- 28 - Sixnet EL 326 Software Manual