MANAGEMENT GUIDE
SMC8126L2
SMC8150L2
TigerSwitchTM 10/100/1000
26-Port Gigabit Managed Switch
50-Port Gigabit Managed Switch
TigerSwitch 10/100/1000
Management Guide
From SMC’s Tiger line of feature-rich workgroup LAN solutions
20 Mason |
September 2007 |
|
Irvine, CA 92618 |
||
Pub. # 149100036100A |
||
Phone: (949) 679-8000 |
E092007-AP-R01 |
Information furnished by SMC Networks, Inc. (SMC) is believed to be accurate and reliable. However, no responsibility is assumed by SMC for its use, nor for any infringements of patents or other rights of third parties which may result from its use. No license is granted by implication or otherwise under any patent or patent rights of SMC. SMC reserves the right to change specifications at any time without notice.
Copyright © 2007 by SMC Networks, Inc.
20 Mason
Irvine, CA 92618
All rights reserved. Printed in Taiwan
Trademarks:
SMC is a registered trademark; and EZ Switch, TigerStack and TigerSwitch are trademarks of SMC Networks, Inc. Other product and company names are trademarks or registered trademarks of their respective holders.
Contents
Chapter 1: Introduction |
1-1 |
Key Features |
1-1 |
Description of Software Features |
1-2 |
System Defaults |
1-6 |
Chapter 2: Initial Configuration |
2-1 |
Connecting to the Switch |
2-1 |
Configuration Options |
2-1 |
Required Connections |
2-2 |
Remote Connections |
2-3 |
Basic Configuration |
2-3 |
Console Connection |
2-3 |
Setting Passwords |
2-4 |
Setting an IP Address |
2-4 |
Manual Configuration |
2-4 |
Dynamic Configuration |
2-5 |
Enabling SNMP Management Access |
2-6 |
Community Strings (for SNMP version 1 and 2c clients) |
2-6 |
Trap Receivers |
2-7 |
Configuring Access for SNMP Version 3 Clients |
2-8 |
Saving Configuration Settings |
2-8 |
Managing System Files |
2-9 |
Chapter 3: Configuring the Switch |
3-1 |
Using the Web Interface |
3-1 |
Navigating the Web Browser Interface |
3-2 |
Home Page |
3-2 |
Configuration Options |
3-3 |
Panel Display |
3-3 |
Main Menu |
3-4 |
Basic Configuration |
3-10 |
Displaying System Information |
3-10 |
Displaying Switch Hardware/Software Versions |
3-11 |
Displaying Bridge Extension Capabilities |
3-13 |
Setting the Switch’s IP Address |
3-14 |
Manual Configuration |
3-15 |
Using DHCP/BOOTP |
3-16 |
Enabling Jumbo Frames |
3-17 |
Managing Firmware |
3-17 |
Downloading System Software from a Server |
3-18 |
i
Contents
Saving or Restoring Configuration Settings |
3-19 |
Downloading Configuration Settings from a Server |
3-20 |
Console Port Settings |
3-21 |
Telnet Settings |
3-23 |
Configuring Event Logging |
3-25 |
Displaying Log Messages |
3-25 |
System Log Configuration |
3-26 |
Remote Log Configuration |
3-27 |
Simple Mail Transfer Protocol |
3-28 |
Renumbering the System |
3-30 |
Resetting the System |
3-30 |
Setting the System Clock |
3-31 |
Configuring SNTP |
3-31 |
Setting the Time Zone |
3-32 |
Simple Network Management Protocol |
3-33 |
Setting Community Access Strings |
3-33 |
Specifying Trap Managers and Trap Types |
3-34 |
Enabling SNMP Agent Status |
3-35 |
Configuring SNMPv3 Management Access |
3-36 |
Setting the Local Engine ID |
3-36 |
Specifying a Remote Engine ID |
3-37 |
Configuring SNMPv3 Users |
3-37 |
Configuring Remote SNMPv3 Users |
3-40 |
Configuring SNMPv3 Groups |
3-41 |
Setting SNMPv3 Views |
3-45 |
User Authentication |
3-46 |
Configuring User Accounts |
3-46 |
Configuring Local/Remote Logon Authentication |
3-48 |
Configuring HTTPS |
3-52 |
Replacing the Default Secure-site Certificate |
3-53 |
Configuring the Secure Shell |
3-54 |
Configuring the SSH Server |
3-56 |
Generating the Host Key Pair |
3-57 |
Configuring Port Security |
3-59 |
Configuring 802.1X Port Authentication |
3-60 |
Displaying 802.1X Global Settings |
3-61 |
Configuring 802.1X Global Settings |
3-62 |
Configuring Port Settings for 802.1X |
3-63 |
Displaying 802.1X Statistics |
3-66 |
Access Control Lists |
3-67 |
Configuring Access Control Lists |
3-67 |
Setting the ACL Name and Type |
3-68 |
Configuring a Standard IP ACL |
3-69 |
Configuring an Extended IP ACL |
3-69 |
Configuring a MAC ACL |
3-72 |
ii
|
|
|
|
Contents |
|
Binding a Port to an Access Control List |
3-73 |
|
Filtering IP Addresses for Management Access |
3-74 |
|
Port Configuration |
3-76 |
|
Displaying Connection Status |
3-76 |
|
Configuring Interface Connections |
3-78 |
|
Creating Trunk Groups |
3-80 |
|
Statically Configuring a Trunk |
3-81 |
|
Enabling LACP on Selected Ports |
3-82 |
|
Configuring LACP Parameters |
3-84 |
|
Displaying LACP Port Counters |
3-86 |
|
Displaying LACP Settings and Status for the Local Side |
3-88 |
|
Displaying LACP Settings and Status for the Remote Side |
3-90 |
|
Setting Broadcast Storm Thresholds |
3-91 |
|
Configuring Port Mirroring |
3-93 |
|
Configuring Rate Limits |
3-94 |
|
Rate Limit Configuration |
3-94 |
|
Showing Port Statistics |
3-95 |
|
Address Table Settings |
3-99 |
|
Setting Static Addresses |
3-99 |
|
Displaying the Address Table |
3-100 |
|
Changing the Aging Time |
3-102 |
|
Spanning Tree Algorithm Configuration |
3-102 |
|
Displaying Global Settings |
3-105 |
|
Configuring Global Settings |
3-107 |
|
Displaying Interface Settings |
3-111 |
|
Configuring Interface Settings |
3-114 |
|
Configuring Multiple Spanning Trees |
3-116 |
|
Displaying Interface Settings for MSTP |
3-118 |
|
Configuring Interface Settings for MSTP |
3-120 |
|
VLAN Configuration |
3-122 |
|
IEEE 802.1Q VLANs |
3-122 |
|
Enabling or Disabling GVRP (Global Setting) |
3-125 |
|
Displaying Basic VLAN Information |
3-126 |
|
Displaying Current VLANs |
3-126 |
|
Creating VLANs |
3-128 |
|
Adding Static Members to VLANs (VLAN Index) |
3-129 |
|
Adding Static Members to VLANs (Port Index) |
3-131 |
|
Configuring VLAN Behavior for Interfaces |
3-132 |
|
Configuring IEEE 802.1Q Tunneling |
3-133 |
|
Enabling QinQ Tunneling on the Switch |
3-137 |
|
Adding an Interface to a QinQ Tunnel |
3-138 |
|
Configuring Private VLANs |
3-141 |
|
Enabling Private VLANs |
3-141 |
|
Configuring Uplink and Downlink Ports |
3-142 |
|
Protocol VLANs |
3-142 |
|
iii
Contents
Protocol VLAN Group Configuration |
3-142 |
Configuring Protocol VLAN Interfaces |
3-143 |
Class of Service Configuration |
3-144 |
Layer 2 Queue Settings |
3-144 |
Setting the Default Priority for Interfaces |
3-144 |
Mapping CoS Values to Egress Queues |
3-145 |
Enabling CoS |
3-147 |
Selecting the Queue Mode |
3-147 |
Setting the Service Weight for Traffic Classes |
3-148 |
Layer 3/4 Priority Settings |
3-149 |
Mapping Layer 3/4 Priorities to CoS Values |
3-149 |
Selecting IP Precedence/DSCP Priority |
3-149 |
Mapping IP Precedence |
3-150 |
Mapping DSCP Priority |
3-152 |
Mapping IP Port Priority |
3-153 |
Quality of Service |
3-154 |
Configuring Quality of Service Parameters |
3-155 |
Configuring a Class Map |
3-155 |
Creating QoS Policies |
3-158 |
Attaching a Policy Map to Ingress Queues |
3-161 |
Multicast Filtering |
3-162 |
Layer 2 IGMP (Snooping and Query) |
3-162 |
Configuring IGMP Snooping and Query Parameters |
3-163 |
Enabling IGMP Immediate Leave |
3-164 |
Displaying Interfaces Attached to a Multicast Router |
3-165 |
Specifying Static Interfaces for a Multicast Router |
3-166 |
Displaying Port Members of Multicast Services |
3-167 |
Assigning Ports to Multicast Services |
3-168 |
IGMP Filtering and Throttling |
3-169 |
Enabling IGMP Filtering and Throttling |
3-170 |
Configuring IGMP Filtering and Throttling for Interfaces |
3-171 |
Configuring IGMP Filter Profiles |
3-172 |
Multicast VLAN Registration |
3-174 |
Configuring Global MVR Settings |
3-175 |
Displaying MVR Interface Status |
3-176 |
Displaying Port Members of Multicast Groups |
3-178 |
Configuring MVR Interface Status |
3-179 |
Assigning Static Multicast Groups to Interfaces |
3-180 |
Configuring Domain Name Service |
3-181 |
Configuring General DNS Service Parameters |
3-181 |
Configuring Static DNS Host to Address Entries |
3-183 |
Displaying the DNS Cache |
3-185 |
DHCP Snooping |
3-186 |
DHCP Snooping Configuration |
3-187 |
DHCP Snooping VLAN Configuration |
3-188 |
iv
|
|
|
|
|
Contents |
||
DHCP Snooping Information Option Configuration |
3-188 |
|
|
DHCP Snooping Port Configuration |
3-189 |
|
|
DHCP Snooping Binding Information |
3-190 |
|
|
IP Source Guard |
3-191 |
|
|
IP Source Guard Port Configuration |
3-191 |
|
|
Static IP Source Guard Binding Configuration |
3-192 |
|
|
Dynamic IP Source Guard Binding Information |
3-193 |
|
|
Switch Clustering |
3-194 |
|
|
Cluster Configuration |
3-195 |
|
|
Cluster Member Configuration |
3-196 |
|
|
Cluster Member Information |
3-197 |
|
|
Cluster Candidate Information |
3-198 |
|
|
|
|
|
|
Chapter 4: Command Line Interface |
4-1 |
|
|
Using the Command Line Interface |
4-1 |
|
|
Accessing the CLI |
4-1 |
|
|
Console Connection |
4-1 |
|
|
Telnet Connection |
4-2 |
|
|
Entering Commands |
4-3 |
|
|
Keywords and Arguments |
4-3 |
|
|
Minimum Abbreviation |
4-3 |
|
|
Command Completion |
4-3 |
|
|
Getting Help on Commands |
4-3 |
|
|
Showing Commands |
4-4 |
|
|
Partial Keyword Lookup |
4-5 |
|
|
Negating the Effect of Commands |
4-5 |
|
|
Using Command History |
4-5 |
|
|
Understanding Command Modes |
4-5 |
|
|
Exec Commands |
4-6 |
|
|
Configuration Commands |
4-7 |
|
|
Command Line Processing |
4-8 |
|
|
Command Groups |
4-9 |
|
|
Line Commands |
4-10 |
|
|
line |
4-11 |
|
|
login |
4-11 |
|
|
password |
4-12 |
|
|
timeout login response |
4-13 |
|
|
exec-timeout |
4-13 |
|
|
password-thresh |
4-14 |
|
|
silent-time |
4-15 |
|
|
databits |
4-15 |
|
|
parity |
4-16 |
|
|
speed |
4-17 |
|
|
stopbits |
4-17 |
|
|
v
Contents
disconnect |
4-18 |
show line |
4-18 |
General Commands |
4-19 |
enable |
4-19 |
disable |
4-20 |
configure |
4-21 |
show history |
4-21 |
reload |
4-22 |
end |
4-22 |
exit |
4-23 |
quit |
4-23 |
System Management Commands |
4-24 |
Device Designation Commands |
4-24 |
prompt |
4-24 |
hostname |
4-25 |
User Access Commands |
4-25 |
username |
4-25 |
enable password |
4-26 |
IP Filter Commands |
4-27 |
management |
4-27 |
show management |
4-28 |
Web Server Commands |
4-29 |
ip http port |
4-29 |
ip http server |
4-30 |
ip http secure-server |
4-30 |
ip http secure-port |
4-31 |
Telnet Server Commands |
4-32 |
ip telnet port |
4-32 |
ip telnet server |
4-33 |
Secure Shell Commands |
4-33 |
ip ssh server |
4-35 |
ip ssh timeout |
4-36 |
ip ssh authentication-retries |
4-37 |
ip ssh server-key size |
4-37 |
delete public-key |
4-38 |
ip ssh crypto host-key generate |
4-38 |
ip ssh crypto zeroize |
4-39 |
ip ssh save host-key |
4-39 |
show ip ssh |
4-40 |
show ssh |
4-40 |
show public-key |
4-41 |
Event Logging Commands |
4-43 |
logging on |
4-43 |
logging history |
4-44 |
logging host |
4-45 |
vi
|
|
|
|
Contents |
|
logging facility |
4-45 |
|
logging trap |
4-46 |
|
clear logging |
4-46 |
|
show logging |
4-47 |
|
show log |
4-48 |
|
SMTP Alert Commands |
4-49 |
|
logging sendmail host |
4-49 |
|
logging sendmail level |
4-50 |
|
logging sendmail source-email |
4-51 |
|
logging sendmail destination-email |
4-51 |
|
logging sendmail |
4-52 |
|
show logging sendmail |
4-52 |
|
Time Commands |
4-53 |
|
sntp client |
4-53 |
|
sntp server |
4-54 |
|
sntp poll |
4-55 |
|
show sntp |
4-55 |
|
clock timezone |
4-56 |
|
calendar set |
4-56 |
|
show calendar |
4-57 |
|
System Status Commands |
4-57 |
|
show startup-config |
4-57 |
|
show running-config |
4-59 |
|
show system |
4-61 |
|
show users |
4-61 |
|
show version |
4-62 |
|
Frame Size Commands |
4-63 |
|
jumbo frame |
4-63 |
|
Flash/File Commands |
4-64 |
|
copy |
4-64 |
|
delete |
4-67 |
|
dir |
4-68 |
|
whichboot |
4-69 |
|
boot system |
4-69 |
|
Authentication Commands |
4-70 |
|
Authentication Sequence |
4-70 |
|
authentication login |
4-71 |
|
authentication enable |
4-72 |
|
RADIUS Client |
4-73 |
|
radius-server host |
4-74 |
|
radius-server port |
4-74 |
|
radius-server key |
4-75 |
|
radius-server retransmit |
4-75 |
|
radius-server timeout |
4-76 |
|
show radius-server |
4-76 |
|
vii
Contents
TACACS+ Client |
4-77 |
tacacs-server host |
4-77 |
tacacs-server port |
4-77 |
tacacs-server key |
4-78 |
show tacacs-server |
4-78 |
Port Security Commands |
4-79 |
port security |
4-79 |
802.1X Port Authentication |
4-81 |
dot1x system-auth-control |
4-81 |
dot1x default |
4-82 |
dot1x max-req |
4-82 |
dot1x port-control |
4-82 |
dot1x operation-mode |
4-83 |
dot1x re-authenticate |
4-84 |
dot1x re-authentication |
4-84 |
dot1x timeout quiet-period |
4-84 |
dot1x timeout re-authperiod |
4-85 |
dot1x timeout tx-period |
4-85 |
show dot1x |
4-86 |
Access Control List Commands |
4-89 |
IP ACLs |
4-90 |
access-list ip |
4-90 |
permit, deny (Standard ACL) |
4-91 |
permit, deny (Extended ACL) |
4-91 |
show ip access-list |
4-93 |
ip access-group |
4-93 |
show ip access-group |
4-94 |
MAC ACLs |
4-95 |
access-list mac |
4-95 |
permit, deny (MAC ACL) |
4-96 |
show mac access-list |
4-97 |
mac access-group |
4-98 |
show mac access-group |
4-98 |
ACL Information |
4-99 |
show access-list |
4-99 |
show access-group |
4-99 |
SNMP Commands |
4-100 |
snmp-server |
4-101 |
show snmp |
4-101 |
snmp-server community |
4-102 |
snmp-server contact |
4-103 |
snmp-server location |
4-103 |
snmp-server host |
4-104 |
snmp-server enable traps |
4-106 |
snmp-server engine-id |
4-107 |
viii
|
|
|
|
Contents |
|
show snmp engine-id |
4-108 |
|
snmp-server view |
4-109 |
|
show snmp view |
4-110 |
|
snmp-server group |
4-110 |
|
show snmp group |
4-112 |
|
snmp-server user |
4-113 |
|
show snmp user |
4-115 |
|
Interface Commands |
4-116 |
|
interface |
4-116 |
|
description |
4-117 |
|
speed-duplex |
4-117 |
|
negotiation |
4-118 |
|
capabilities |
4-119 |
|
flowcontrol |
4-120 |
|
shutdown |
4-121 |
|
switchport broadcast packet-rate |
4-122 |
|
clear counters |
4-122 |
|
show interfaces status |
4-123 |
|
show interfaces counters |
4-124 |
|
show interfaces switchport |
4-125 |
|
Mirror Port Commands |
4-127 |
|
port monitor |
4-127 |
|
show port monitor |
4-128 |
|
Rate Limit Commands |
4-129 |
|
rate-limit |
4-129 |
|
Link Aggregation Commands |
4-130 |
|
channel-group |
4-131 |
|
lacp |
4-132 |
|
lacp system-priority |
4-133 |
|
lacp admin-key (Ethernet Interface) |
4-134 |
|
lacp admin-key (Port Channel) |
4-135 |
|
lacp port-priority |
4-136 |
|
show lacp |
4-136 |
|
Address Table Commands |
4-140 |
|
mac-address-table static |
4-140 |
|
clear mac-address-table dynamic |
4-141 |
|
show mac-address-table |
4-141 |
|
mac-address-table aging-time |
4-142 |
|
show mac-address-table aging-time |
4-143 |
|
Spanning Tree Commands |
4-144 |
|
spanning-tree |
4-145 |
|
spanning-tree mode |
4-145 |
|
spanning-tree forward-time |
4-146 |
|
spanning-tree hello-time |
4-147 |
|
spanning-tree max-age |
4-148 |
|
ix
Contents
spanning-tree priority |
4-148 |
spanning-tree pathcost method |
4-149 |
spanning-tree transmission-limit |
4-150 |
spanning-tree mst-configuration |
4-150 |
mst vlan |
4-151 |
mst priority |
4-151 |
name |
4-152 |
revision |
4-153 |
max-hops |
4-153 |
spanning-tree spanning-disabled |
4-154 |
spanning-tree cost |
4-154 |
spanning-tree port-priority |
4-155 |
spanning-tree edge-port |
4-156 |
spanning-tree portfast |
4-156 |
spanning-tree link-type |
4-157 |
spanning-tree mst cost |
4-158 |
spanning-tree mst port-priority |
4-159 |
spanning-tree protocol-migration |
4-160 |
show spanning-tree |
4-160 |
show spanning-tree mst configuration |
4-162 |
VLAN Commands |
4-163 |
GVRP and Bridge Extension Commands |
4-163 |
bridge-ext gvrp |
4-164 |
show bridge-ext |
4-164 |
switchport gvrp |
4-165 |
show gvrp configuration |
4-165 |
garp timer |
4-166 |
show garp timer |
4-166 |
Editing VLAN Groups |
4-167 |
vlan database |
4-167 |
vlan |
4-168 |
Configuring VLAN Interfaces |
4-169 |
interface vlan |
4-169 |
switchport mode |
4-170 |
switchport acceptable-frame-types |
4-171 |
switchport ingress-filtering |
4-171 |
switchport native vlan |
4-172 |
switchport allowed vlan |
4-173 |
switchport forbidden vlan |
4-174 |
Displaying VLAN Information |
4-175 |
show vlan |
4-175 |
Configuring IEEE 802.1Q Tunneling |
4-176 |
dot1q-tunnel system-tunnel-control |
4-176 |
switchport dot1q-tunnel mode |
4-177 |
switchport dot1q-tunnel tpid |
4-178 |
x
|
|
|
|
Contents |
|
Related Commands |
4-178 |
|
show dot1q-tunnel |
4-178 |
|
Configuring Private VLANs |
4-179 |
|
pvlan |
4-179 |
|
show pvlan |
4-180 |
|
Configuring Protocol-based VLANs |
4-181 |
|
protocol-vlan protocol-group (Configuring Groups) |
4-181 |
|
protocol-vlan protocol-group (Configuring Interfaces) |
4-182 |
|
show protocol-vlan protocol-group |
4-183 |
|
show interfaces protocol-vlan protocol-group |
4-183 |
|
Priority Commands |
4-184 |
|
Priority Commands (Layer 2) |
4-184 |
|
queue mode |
4-185 |
|
switchport priority default |
4-185 |
|
queue bandwidth |
4-186 |
|
queue cos-map |
4-187 |
|
show queue mode |
4-188 |
|
show queue bandwidth |
4-188 |
|
show queue cos-map |
4-189 |
|
Priority Commands (Layer 3 and 4) |
4-189 |
|
map ip dscp (Global Configuration) |
4-189 |
|
map ip dscp (Interface Configuration) |
4-190 |
|
show map ip dscp |
4-191 |
|
Quality of Service Commands |
4-192 |
|
class-map |
4-194 |
|
match |
4-194 |
|
policy-map |
4-195 |
|
class |
4-196 |
|
set |
4-197 |
|
police |
4-198 |
|
service-policy |
4-199 |
|
show class-map |
4-199 |
|
show policy-map |
4-200 |
|
show policy-map interface |
4-200 |
|
Example |
4-201 |
|
Multicast Filtering Commands |
4-201 |
|
IGMP Snooping Commands |
4-201 |
|
ip igmp snooping |
4-202 |
|
ip igmp snooping vlan static |
4-202 |
|
ip igmp snooping version |
4-203 |
|
ip igmp snooping leave-proxy |
4-203 |
|
ip igmp snooping immediate-leave |
4-204 |
|
show ip igmp snooping |
4-204 |
|
show mac-address-table multicast |
4-205 |
|
IGMP Query Commands (Layer 2) |
4-206 |
|
xi
Contents
ip igmp snooping querier |
4-206 |
ip igmp snooping query-count |
4-206 |
ip igmp snooping query-interval |
4-207 |
ip igmp snooping query-max-response-time |
4-208 |
ip igmp snooping router-port-expire-time |
4-208 |
Static Multicast Routing Commands |
4-209 |
ip igmp snooping vlan mrouter |
4-209 |
show ip igmp snooping mrouter |
4-210 |
IGMP Filtering and Throttling Commands |
4-211 |
ip igmp filter (Global Configuration) |
4-211 |
ip igmp profile |
4-212 |
permit, deny |
4-212 |
range |
4-213 |
ip igmp filter (Interface Configuration) |
4-213 |
ip igmp max-groups |
4-214 |
ip igmp max-groups action |
4-215 |
show ip igmp filter |
4-215 |
show ip igmp profile |
4-216 |
show ip igmp throttle interface |
4-216 |
Multicast VLAN Registration Commands |
4-217 |
mvr (Global Configuration) |
4-218 |
mvr (Interface Configuration) |
4-219 |
show mvr |
4-221 |
IP Interface Commands |
4-223 |
ip address |
4-223 |
ip default-gateway |
4-224 |
ip dhcp restart |
4-225 |
show ip interface |
4-225 |
show ip redirects |
4-226 |
ping |
4-226 |
IP Source Guard Commands |
4-227 |
ip source-guard |
4-227 |
ip source-guard binding |
4-229 |
show ip source-guard |
4-230 |
show ip source-guard binding |
4-230 |
DHCP Snooping Commands |
4-231 |
ip dhcp snooping |
4-231 |
ip dhcp snooping vlan |
4-233 |
ip dhcp snooping trust |
4-234 |
ip dhcp snooping verify mac-address |
4-235 |
ip dhcp snooping information option |
4-235 |
ip dhcp snooping information policy |
4-236 |
show ip dhcp snooping |
4-237 |
show ip dhcp snooping binding |
4-237 |
Switch Cluster Commands |
4-237 |
xii
|
|
|
|
|
Contents |
||
cluster |
4-238 |
|
|
cluster commander |
4-239 |
|
|
cluster ip-pool |
4-239 |
|
|
cluster member |
4-240 |
|
|
rcommand |
4-240 |
|
|
show cluster |
4-241 |
|
|
show cluster members |
4-241 |
|
|
show cluster candidates |
4-242 |
|
|
|
|
|
|
Appendix A: Software Specifications |
A-1 |
||
Software Features |
A-1 |
||
Management Features |
A-2 |
||
Standards |
A-2 |
||
Management Information Bases |
A-3 |
||
|
|
|
|
Appendix B: Troubleshooting |
B-1 |
||
Problems Accessing the Management Interface |
B-1 |
||
Using System Logs |
B-2 |
Glossary
Index
xiii
Contents
xiv
Tables
Table 1-1 |
Key Features |
1-1 |
Table 1-2 |
System Defaults |
1-6 |
Table 3-1 |
Configuration Options |
3-3 |
Table 3-2 |
Main Menu |
3-4 |
Table 3-3 |
Logging Levels |
3-26 |
Table 3-4 |
Supported Notification Messages |
3-41 |
Table 3-5 |
HTTPS System Support |
3-52 |
Table 3-6 |
802.1X Statistics |
3-66 |
Table 3-7 |
LACP Port Counters |
3-86 |
Table 3-8 |
LACP Internal Configuration Information |
3-88 |
Table 3-9 |
LACP Neighbor Configuration Information |
3-90 |
Table 3-10 |
Port Statistics |
3-95 |
Table 3-11 |
Mapping CoS Values to Egress Queues |
3-145 |
Table 3-12 |
CoS Priority Levels |
3-146 |
Table 3-13 |
Mapping IP Precedence |
3-150 |
Table 3-14 |
Mapping DSCP Priority Values |
3-152 |
Table 4-1 |
Command Modes |
4-6 |
Table 4-2 |
Configuration Modes |
4-7 |
Table 4-3 |
Command Line Processing |
4-8 |
Table 4-4 |
Command Groups |
4-9 |
Table 4-5 |
Line Commands |
4-10 |
Table 4-6 |
General Commands |
4-19 |
Table 4-7 |
System Management Commands |
4-24 |
Table 4-8 |
Device Designation Commands |
4-24 |
Table 4-9 |
User Access Commands |
4-25 |
Table 4-10 |
Default Login Settings |
4-26 |
Table 4-11 |
IP Filter Commands |
4-27 |
Table 4-12 |
Web Server Commands |
4-29 |
Table 4-13 |
HTTPS System Support |
4-31 |
Table 4-14 |
Telnet Server Commands |
4-32 |
Table 4-15 |
SSH Commands |
4-33 |
Table 4-16 |
show ssh - display description |
4-40 |
Table 4-17 |
Event Logging Commands |
4-43 |
Table 4-18 |
Logging Levels |
4-44 |
Table 4-19 |
show logging flash/ram - display description |
4-47 |
Table 4-20 |
show logging trap - display description |
4-48 |
Table 4-21 |
SMTP Alert Commands |
4-49 |
Table 4-22 |
Time Commands |
4-53 |
Table 4-23 |
System Status Commands |
4-57 |
Table 4-24 |
Frame Size Commands |
4-63 |
Table 4-25 |
Flash/File Commands |
4-64 |
Table 4-26 |
File Directory Information |
4-68 |
xv
Tables
Table 4-27 |
Authentication Commands |
4-70 |
Table 4-28 |
Authentication Sequence |
4-70 |
Table 4-29 RADIUS Client Commands |
4-73 |
|
Table 4-30 |
TACACS Commands |
4-77 |
Table 4-31 Port Security Commands |
4-79 |
|
Table 4-32 802.1X Port Authentication |
4-81 |
|
Table 4-33 Access Control Lists |
4-89 |
|
Table 4-34 |
IP ACLs |
4-90 |
Table 4-35 MAC ACL Commands |
4-95 |
|
Table 4-36 |
ACL Information |
4-99 |
Table 4-37 |
SNMP Commands |
4-100 |
Table 4-38 show snmp engine-id - display description |
4-108 |
|
Table 4-39 show snmp view - display description |
4-110 |
|
Table 4-40 show snmp group - display description |
4-113 |
|
Table 4-41 show snmp user - display description |
4-115 |
|
Table 4-42 |
Interface Commands |
4-116 |
Table 4-43 Interfaces Switchport Statistics |
4-126 |
|
Table 4-44 Mirror Port Commands |
4-127 |
|
Table 4-45 Rate Limit Commands |
4-129 |
|
Table 4-46 Link Aggregation Commands |
4-130 |
|
Table 4-47 show lacp counters - display description |
4-137 |
|
Table 4-48 show lacp internal - display description |
4-138 |
|
Table 4-49 show lacp neighbors - display description |
4-139 |
|
Table 4-50 show lacp sysid - display description |
4-139 |
|
Table 4-51 Address Table Commands |
4-140 |
|
Table 4-52 Spanning Tree Commands |
4-144 |
|
Table 4-53 |
VLANs |
4-163 |
Table 4-54 GVRP and Bridge Extension Commands |
4-163 |
|
Table 4-55 Editing VLAN Groups |
4-167 |
|
Table 4-56 Configuring VLAN Interfaces |
4-169 |
|
Table 4-57 Show VLAN Commands |
4-175 |
|
Table 4-58 |
Command |
4-176 |
Table 4-58 |
Function |
4-176 |
Table 4-58 |
Mode |
4-176 |
Table 4-58 |
Page |
4-176 |
Table 4-59 Private VLAN Commands |
4-179 |
|
Table 4-60 Protocol-based VLAN Commands |
4-181 |
|
Table 4-61 |
Priority Commands |
4-184 |
Table 4-62 Priority Commands (Layer 2) |
4-184 |
|
Table 4-63 Default CoS Values to Egress Queues |
4-187 |
|
Table 4-64 Priority Commands (Layer 3 and 4) |
4-189 |
|
Table 4-65 IP DSCP to CoS Vales |
4-190 |
|
Table 4-66 Quality of Service Commands |
4-193 |
|
Table 4-67 Multicast Filtering Commands |
4-201 |
|
Table 4-68 IGMP Snooping Commands |
4-201 |
xvi
|
|
|
|
|
|
|
|
Tables |
|
Table 4-69 |
IGMP Query Commands (Layer 2) |
4-206 |
|
|
Table 4-70 |
Static Multicast Routing Commands |
4-209 |
|
|
Table 4-71 |
IGMP Filtering and Throttling Commands |
4-211 |
|
|
Table 4-72 |
Multicast VLAN Registration Commands |
4-217 |
|
|
Table 4-73 |
show mvr - display description |
4-221 |
|
|
Table 4-74 |
show mvr interface - display description |
4-222 |
|
|
Table 4-75 |
show mvr members - display description |
4-222 |
|
|
Table 4-76 |
IP Interface Commands |
4-223 |
|
|
Table 4-77 |
IP Source Guard Commands |
4-227 |
|
|
Table 4-78 |
DHCP Snooping Commands |
4-231 |
|
|
Table 4-79 |
Switch Cluster Commands |
4-237 |
|
|
Table B-1 |
Troubleshooting Chart |
B-1 |
xvii
Tables
xviii
Figures
Figure 3-1 |
Home Page |
3-2 |
Figure 3-2 |
Panel Display |
3-3 |
Figure 3-3 |
System Information |
3-10 |
Figure 3-4 |
Switch Information |
3-12 |
Figure 3-5 |
Bridge Extension Configuration |
3-13 |
Figure 3-6 |
Manual IP Configuration |
3-15 |
Figure 3-7 |
DHCP IP Configuration |
3-16 |
Figure 3-8 |
Bridge Extension Configuration |
3-17 |
Figure 3-9 |
Copy Firmware |
3-18 |
Figure 3-10 |
Setting the Startup Code |
3-18 |
Figure 3-11 |
Deleting Files |
3-19 |
Figure 3-12 |
Downloading Configuration Settings for Startup |
3-20 |
Figure 3-13 |
Setting the Startup Configuration Settings |
3-21 |
Figure 3-14 |
Console Port Settings |
3-22 |
Figure 3-15 |
Enabling Telnet |
3-24 |
Figure 3-16 |
Displaying Logs |
3-25 |
Figure 3-17 |
System Logs |
3-27 |
Figure 3-18 |
Remote Logs |
3-28 |
Figure 3-19 |
Enabling and Configuring SMTP |
3-29 |
Figure 3-20 |
Renumbering the System |
3-30 |
Figure 3-21 |
Resetting the System |
3-30 |
Figure 3-22 |
SNTP Configuration |
3-31 |
Figure 3-23 |
Setting the System Clock |
3-32 |
Figure 3-24 |
Configuring SNMP Community Strings |
3-34 |
Figure 3-25 |
Configuring IP Trap Managers |
3-35 |
Figure 3-26 |
Enabling SNMP Agent Status |
3-35 |
Figure 3-27 |
Setting an Engine ID |
3-36 |
Figure 3-28 |
Setting a Remote Engine ID |
3-37 |
Figure 3-29 |
Configuring SNMPv3 Users |
3-39 |
Figure 3-30 |
Configuring Remote SNMPv3 Users |
3-40 |
Figure 3-31 |
Configuring SNMPv3 Groups |
3-44 |
Figure 3-32 |
Configuring SNMPv3 Views |
3-45 |
Figure 3-33 |
Access Levels |
3-47 |
Figure 3-34 |
Authentication Settings |
3-50 |
Figure 3-35 |
HTTPS Settings |
3-52 |
Figure 3-36 |
SSH Server Settings |
3-56 |
Figure 3-37 |
SSH Host-Key Settings |
3-58 |
Figure 3-38 |
Configuring Port Security |
3-60 |
Figure 3-39 |
802.1X Global Information |
3-62 |
Figure 3-40 |
802.1X Global Configuration |
3-62 |
Figure 3-41 |
802.1X Port Configuration |
3-64 |
Figure 3-42 |
Displaying 802.1X Port Statistics |
3-66 |
xix
Figures
Figure 3-43 Selecting ACL Type |
3-68 |
|
Figure 3-44 Configuring Standard IP ACLs |
3-69 |
|
Figure 3-45 Configuring Extended IP ACLs |
3-71 |
|
Figure 3-46 Configuring MAC ACLs |
3-73 |
|
Figure 3-47 Configuring ACL Port Binding |
3-74 |
|
Figure 3-48 Creating an IP Filter List |
3-75 |
|
Figure 3-49 Displaying Port/Trunk Information |
3-77 |
|
Figure 3-50 |
Port/Trunk Configuration |
3-79 |
Figure 3-51 Configuring Static Trunks |
3-81 |
|
Figure 3-52 LACP Trunk Configuration |
3-83 |
|
Figure 3-53 LACP Port Configuration |
3-85 |
|
Figure 3-54 LACP - Port Counters Information |
3-87 |
|
Figure 3-55 LACP - Port Internal Information |
3-89 |
|
Figure 3-56 LACP - Port Neighbors Information |
3-90 |
|
Figure 3-57 Port Broadcast Control |
3-92 |
|
Figure 3-58 Mirror Port Configuration |
3-93 |
|
Figure 3-59 Input Rate Limit Port Configuration |
3-94 |
|
Figure 3-60 |
Port Statistics |
3-98 |
Figure 3-61 Configuring a Static Address Table |
3-100 |
|
Figure 3-62 Configuring a Dynamic Address Table |
3-101 |
|
Figure 3-63 Setting the Address Aging Time |
3-102 |
|
Figure 3-64 Displaying Spanning Tree Information |
3-106 |
|
Figure 3-65 Configuring Spanning Tree |
3-110 |
|
Figure 3-66 Displaying Spanning Tree Port Information |
3-113 |
|
Figure 3-67 Configuring Spanning Tree per Port |
3-115 |
|
Figure 3-68 Configuring Multiple Spanning Trees |
3-117 |
|
Figure 3-69 Displaying MSTP Interface Settings |
3-119 |
|
Figure 3-70 Displaying MSTP Interface Settings |
3-122 |
|
Figure 3-71 Globally Enabling GVRP |
3-125 |
|
Figure 3-72 Displaying Basic VLAN Information |
3-126 |
|
Figure 3-73 Displaying Current VLANs |
3-127 |
|
Figure 3-74 Configuring a VLAN Static List |
3-129 |
|
Figure 3-75 Configuring a VLAN Static Table |
3-131 |
|
Figure 3-76 VLAN Static Membership by Port |
3-131 |
|
Figure 3-77 Configuring VLANs per Port |
3-133 |
|
Figure 3-78 802.1Q Tunnel Status |
3-137 |
|
Figure 3-79 Tunnel Port Configuration |
3-139 |
|
Figure 3-80 Private VLAN Status |
3-141 |
|
Figure 3-81 Private VLAN Link Status |
3-142 |
|
Figure 3-82 Protocol VLAN Configuration |
3-143 |
|
Figure 3-83 Protocol VLAN Port Configuration |
3-143 |
|
Figure 3-84 Port Priority Configuration |
3-145 |
|
Figure 3-85 |
Traffic Classes |
3-146 |
Figure 3-86 Enable Traffic Classes |
3-147 |
|
Figure 3-87 |
Queue Mode |
3-148 |
xx
|
|
|
|
|
|
|
|
Figures |
|
Figure 3-88 |
Configuring Queue Scheduling |
3-148 |
|
|
Figure 3-89 |
IP Precedence/DSCP Priority Status |
3-150 |
|
|
Figure 3-90 |
Mapping IP Precedence Priority Values |
3-151 |
|
|
Figure 3-91 |
Mapping IP DSCP Priority Values |
3-152 |
|
|
Figure 3-92 |
IP Port Priority Status |
3-153 |
|
|
Figure 3-93 |
IP Port Priority |
3-154 |
|
|
Figure 3-94 |
Configuring Class Maps |
3-157 |
|
|
Figure 3-95 |
Configuring Policy Maps |
3-160 |
|
|
Figure 3-96 |
Service Policy Settings |
3-161 |
|
|
Figure 3-97 |
IGMP Configuration |
3-164 |
|
|
Figure 3-98 |
IGMP Immediate Leave |
3-165 |
|
|
Figure 3-99 |
Displaying Multicast Router Port Information |
3-166 |
|
|
Figure 3-100 |
Static Multicast Router Port Configuration |
3-167 |
|
|
Figure 3-101 |
IP Multicast Registration Table |
3-168 |
|
|
Figure 3-102 |
IGMP Member Port Table |
3-169 |
|
|
Figure 3-103 |
Enabling IGMP Filtering and Throttling |
3-170 |
|
|
Figure 3-104 |
IGMP Filter and Throttling Port Configuration |
3-172 |
|
|
Figure 3-105 |
IGMP Profile Configuration |
3-173 |
|
|
Figure 3-106 |
MVR Global Configuration |
3-176 |
|
|
Figure 3-107 |
MVR Port Information |
3-177 |
|
|
Figure 3-108 |
MVR Group IP Information |
3-178 |
|
|
Figure 3-109 |
MVR Port Configuration |
3-180 |
|
|
Figure 3-110 |
MVR Group Member Configuration |
3-181 |
|
|
Figure 3-111 |
DNS General Configuration |
3-182 |
|
|
Figure 3-112 |
DNS Static Host Table |
3-184 |
|
|
Figure 3-113 |
DNS Cache |
3-185 |
|
|
Figure 3-114 |
DHCP Snooping Configuration |
3-187 |
|
|
Figure 3-115 |
DHCP Snooping VLAN Configuration |
3-188 |
|
|
Figure 3-116 |
DHCP Snooping Information Option Configuration |
3-189 |
|
|
Figure 3-117 |
DHCP Snooping Port Configuration |
3-190 |
|
|
Figure 3-118 |
DHCP Snooping Binding Information |
3-191 |
|
|
Figure 3-119 |
IP Source Guard Port Configuration |
3-192 |
|
|
Figure 3-120 |
Static IP Source Guard Binding Configuration |
3-193 |
|
|
Figure 3-121 |
Dynamic IP Source Guard Binding Information |
3-194 |
|
|
Figure 3-122 |
Cluster Member Choice |
3-195 |
|
|
Figure 3-123 |
Cluster Configuration |
3-196 |
|
|
Figure 3-124 |
Cluster Member Configuration |
3-197 |
|
|
Figure 3-125 |
Cluster Member Information |
3-197 |
|
|
Figure 3-126 |
Cluster Candidate Information |
3-198 |
|
xxi
Figures
xxii
This switch provides a broad range of features for Layer 2 switching. It includes a management agent that allows you to configure the features listed in this manual. The default configuration can be used for most of the features provided by this switch. However, there are many options that you should configure to maximize the switch’s performance for your particular network environment.
|
Table 1-1 Key Features |
|
|
Feature |
Description |
|
|
Configuration Backup and |
Backup to TFTP server |
Restore |
|
|
|
Authentication |
Console, Telnet, web – User name / password, RADIUS, TACACS+ |
|
Web – HTTPS |
|
Telnet – SSH |
|
SNMP v1/2c - Community strings |
|
SNMP version 3 – MD5 or SHA password |
|
Port – IEEE 802.1X, MAC address filtering |
|
|
Access Control Lists |
Supports up to 128 ACLs, 96 MAC rules and 96 rules per system |
|
|
DHCP Client |
Supported |
|
|
DHCP Snooping |
Supported with Option 82 relay information |
|
|
Port Configuration |
Speed, duplex mode and flow control |
|
|
Rate Limiting |
Input rate and output limiting per port |
|
|
Port Mirroring |
One or more port mirrored to a single analysis port |
|
|
Port Trunking |
Supports up to 32 trunks using either static or dynamic trunking (LACP) |
|
|
Broadcast Storm Control |
Supported |
|
|
Static Address |
Up to 8K MAC addresses in the forwarding table |
|
|
IEEE 802.1D Bridge |
Supports dynamic data switching and addresses learning |
|
|
Store-and-Forward Switching |
Supported to ensure wire-speed switching while eliminating bad frames |
|
|
Spanning Tree Algorithm |
Supports standard STP, and Rapid Spanning Tree Protocol (RSTP) and |
|
Multiple Spanning Trees(MSTP) |
|
|
Virtual LANs |
Up to 256 using IEEE 802.1Q, port-based, protocol-based or private VLANs |
|
|
Traffic Prioritization |
Default port priority, traffic class map, queue scheduling, or Differentiated |
|
Services Code Point (DSCP), and TCP/UDP Port |
|
|
Qualify of Service |
Supports Differentiated Services (DiffServ) |
|
|
Multicast Filtering |
Supports IGMP snooping and query, as well as Multicast VLAN Registration |
|
|
1-1
1 Introduction
|
Table 1-1 Key Features |
|
|
Feature |
Description |
|
|
Switch Clustering |
Supports up to 16 Member switches in a cluster |
|
|
The switch provides a wide range of advanced performance enhancing features. Flow control eliminates the loss of packets due to bottlenecks caused by port saturation. Broadcast storm suppression prevents broadcast traffic storms from engulfing the network. Port-based, private VLANs and protocol-based VLANs, plus support for automatic GVRP VLAN registration provide traffic security and efficient use of network bandwidth. CoS priority queueing ensures the minimum delay for moving real-time multimedia data across the network. While multicast filtering provides support for real-time network applications. Some of the management features are briefly described below.
Configuration Backup and Restore – You can save the current configuration settings to a file on a TFTP server, and later download this file to restore the switch configuration settings.
Authentication – This switch authenticates management access via the console port, Telnet or web browser. User names and passwords can be configured locally or can be verified via a remote authentication server (i.e., RADIUS or TACACS+). Port-based authentication is also supported via the IEEE 802.1X protocol. This protocol uses the Extensible Authentication Protocol over LANs (EAPOL) to request user credentials from the 802.1X client, and then verifies the client’s right to access the network via an authentication server.
Other authentication options include HTTPS for secure management access via the web, SSH for secure management access over a Telnet-equivalent connection, IP address filtering for SNMP/web/Telnet management access, and MAC address filtering for port access.
Access Control Lists – ACLs provide packet filtering for IP frames (based on address, protocol, or TCP/UDP port number) or any frames (based on MAC address or Ethernet type). ACLs can be used to improve performance by blocking unnecessary network traffic or to implement security controls by restricting access to specific network resources or protocols.
Port Configuration – You can manually configure the speed, duplex mode, and flow control used on specific ports, or use auto-negotiation to detect the connection settings used by the attached device. Use the full-duplex mode on ports whenever possible to double the throughput of switch connections. Flow control should also be enabled to control network traffic during periods of congestion and prevent the loss of packets when port buffer thresholds are exceeded. The switch supports flow control based on the IEEE 802.3x standard.
1-2
Description of Software Features 1
Rate Limiting – This feature controls the maximum rate for traffic transmitted or received on an interface. Rate limiting is configured on interfaces at the edge of a network to limit traffic into the network. Traffic that falls within the rate limit is transmitted while packets that exceed the acceptable amount of traffic are dropped.
Port Mirroring – The switch can unobtrusively mirror traffic from any port to a monitor port. You can then attach a protocol analyzer or RMON probe to this port to perform traffic analysis and verify connection integrity.
Port Trunking – Ports can be combined into an aggregate connection. Trunks can be manually set up or dynamically configured using IEEE 802.3ad Link Aggregation Control Protocol (LACP). The additional ports dramatically increase the throughput across any connection, and provide redundancy by taking over the load if a port in the trunk should fail. The switch supports up to 32 trunks.
Broadcast Storm Control – Broadcast suppression prevents broadcast traffic from overwhelming the network. When enabled on a port, the level of broadcast traffic passing through the port is restricted. If broadcast traffic rises above a pre-defined threshold, it will be throttled until the level falls back beneath the threshold.
Static Addresses – A static address can be assigned to a specific interface on this switch. Static addresses are bound to the assigned interface and will not be moved. When a static address is seen on another interface, the address will be ignored and will not be written to the address table. Static addresses can be used to provide network security by restricting access for a known host to a specific port.
IEEE 802.1D Bridge – The switch supports IEEE 802.1D transparent bridging. The address table facilitates data switching by learning addresses, and then filtering or forwarding traffic based on this information. The address table supports up to 8K addresses.
Store-and-Forward Switching – The switch copies each frame into its memory before forwarding them to another port. This ensures that all frames are a standard Ethernet size and have been verified for accuracy with the cyclic redundancy check (CRC). This prevents bad frames from entering the network and wasting bandwidth.
To avoid dropping frames on congested ports, the SMC8126L2 and SMC8150L2 provide 4 Mbits respectively for frame buffering. This buffer can queue packets awaiting transmission on congested networks.
Spanning Tree Algorithm – The switch supports these spanning tree protocols:
Spanning Tree Protocol (STP, IEEE 802.1D) – This protocol provides loop detection and recovery by allowing two or more redundant connections to be created between a pair of LAN segments. When there are multiple physical paths between segments, this protocol will choose a single path and disable all others to ensure that only one route exists between any two stations on the network. This prevents the creation of network loops. However, if the chosen path should fail for any reason, an alternate path will be activated to maintain the connection.
Rapid Spanning Tree Protocol (RSTP, IEEE 802.1w) – This protocol reduces the convergence time for network topology changes to 3 to 5 seconds, compared to 30
1-3
1 Introduction
seconds or more for the older IEEE 802.1D STP standard. It is intended as a complete replacement for STP, but can still interoperate with switches running the older standard by automatically reconfiguring ports to STP-compliant mode if they detect STP protocol messages from attached devices.
Multiple Spanning Tree Protocol (MSTP, IEEE 802.1s) – This protocol is a direct extension of RSTP. It can provide an independent spanning tree for different VLANs. It simplifies network management, provides for even faster convergence than RSTP by limiting the size of each region, and prevents VLAN members from being segmented from the rest of the group (as sometimes occurs with IEEE 802.1D STP).
Virtual LANs – The switch supports up to 256 VLANs. A Virtual LAN is a collection of network nodes that share the same collision domain regardless of their physical location or connection point in the network. The switch supports tagged VLANs based on the IEEE 802.1Q standard. Members of VLAN groups can be dynamically learned via GVRP, or ports can be manually assigned to a specific set of VLANs. This allows the switch to restrict traffic to the VLAN groups to which a user has been assigned. By segmenting your network into VLANs, you can:
•Eliminate broadcast storms which severely degrade performance in a flat network.
•Simplify network management for node changes/moves by remotely configuring VLAN membership for any port, rather than having to manually change the network connection.
•Provide data security by restricting all traffic to the originating VLAN.
•Use private VLANs to restrict traffic to pass only between data ports and the uplink ports, thereby isolating adjacent ports within the same VLAN, and allowing you to limit the total number of VLANs that need to be configured.
•Use protocol VLANs to restrict traffic to specified interfaces based on protocol type.
Traffic Prioritization – This switch prioritizes each packet based on the required level of service, using four priority queues with strict or Weighted Round Robin Queuing. It uses IEEE 802.1p and 802.1Q tags to prioritize incoming traffic based on input from the end-station application. These functions can be used to provide independent priorities for delay-sensitive data and best-effort data.
This switch also supports several common methods of prioritizing layer 3/4 traffic to meet application requirements. Traffic can be prioritized based on the DSCP field in the IP frame. When these services are enabled, the priorities are mapped to a Class of Service value by the switch, and the traffic then sent to the corresponding output queue.
Quality of Service – Differentiated Services (DiffServ) provides policy-based management mechanisms used for prioritizing network resources to meet the requirements of specific traffic types on a per-hop basis. Each packet is classified upon entry into the network based on access lists, IP Precedence or DSCP values, or VLAN lists. Using access lists allows you select traffic based on Layer 2, Layer 3, or Layer 4 information contained in each packet. Based on network policies, different kinds of traffic can be marked for different kinds of forwarding.
1-4