SMC Networks 6824MPE INT,TigerStack III SMC6824MPE Management Manual

TigerStack III 10/100

24-

Port Fast Ethernet PoE Swi

tch

Management Guide

◆ 24 auto-MDI/MDI-X 10BASE-T/100BASE-TX ports

◆ 10BASE-T/100BASE-TX ports support PoE capabilities

◆ 2 Gigabit RJ-45 ports shared with 2 SFP transceiver slots

◆ 8.8 Gbps of aggregate bandwidth

◆ Stacks up to 8 units

◆ Non-blocking switching architecture

◆ Spanning Tree Protocol and Rapid STP

◆ Up to six LACP or static 4-port trunks

◆ RADIUS and TACACS+ authentication

◆ Rate limiting for bandwidth management

◆ CoS support for four-level priority

◆ Full support for VLANs with GVRP

◆ IP Multicasting with IGMP Snooping

◆ Manageable via console, Web, SNMP/RMON

Management Guide

SMC6824MPE

TigerStack III 10/100
Management Guide

From SMC’s Tiger line of feature-rich workgroup LAN solutions

38 Tesla
Irvine, CA 92618
Phone: (949) 679-8000

October 2004

Pub. # 150200037700A

Information furnished by SMC Networks, Inc. (SMC) is believed to be accu­rate and reliable. However, no responsibility is assumed by SMC for its use,
nor for any infringements of patents or other rights of third parties which
may result from its use. No license is granted by implication or otherwise
under any patent or patent rights of SMC. SMC reserves the right to change
specifications at any time without notice.

Copyright © 2004 by

SMC Networks, Inc.

38 Tesla

Irvine, CA 92618

All rights reserved.

Trademarks:

SMC is a registered trademark; and EZ Switch, TigerStack and TigerSwitch are trademarks of SMC Networks,
Inc. Other product and company names are trademarks or registered trademarks of their respective holders.

L

IMITED

Limited Warranty Statement: SMC Networks, Inc. (“SMC”) warrants its products to be free
from defects in workmanship and materials, under normal use and service, for the applicable
warranty term. All SMC products carry a standard 90-day limited warranty from the date of
purchase from SMC or its Authorized Reseller. SMC may, at its own discretion, repair or replace
any product not operating as warranted with a similar or functionally equivalent product, during
the applicable warranty term. SMC will endeavor to repair or replace any product returned under
warranty within 30 days of receipt of the product.

The standard limited warranty can be upgraded to a Limited Lifetime* warranty by registering
new products within 30 days of purchase from SMC or its Authorized Reseller. Registration can
be accomplished via the enclosed product registration card or online via the SMC web site.
Failure to register will not affect the standard limited warranty. The Limited Lifetime warranty
covers a product during the Life of that Product, which is defined as the period of time during
which the product is an “Active” SMC product. A product is considered to be “Active” while it is
listed on the current SMC price list. As new technologies emerge, older technologies become
obsolete and SMC will, at its discretion, replace an older product in its product line with one that
incorporates these newer technologies. At that point, the obsolete product is discontinued and is
no longer an “Active” SMC product. A list of discontinued products with their respective dates
of discontinuance can be found at:
http://www.smc.com/index.cfm?action=customer_service_warranty.

W

ARRANTY

All products that are replaced become the property of SMC. Replacement products may be
either new or reconditioned. Any replaced or repaired product carries either a 30-day limited
warranty or the remainder of the initial warranty, whichever is longer. SMC is not responsible for
any custom software or firmware, configuration information, or memory data of Customer
contained in, stored on, or integrated with any products returned to SMC pursuant to any
warranty. Products returned to SMC should have any customer-installed accessory or add-on
components, such as expansion modules, removed prior to returning the product for
replacement. SMC is not responsible for these items if they are returned with the product.

Customers must contact SMC for a Return Material Authorization number prior to returning
any product to SMC. Proof of purchase may be required. Any product returned to SMC without
a valid Return Material Authorization (RMA) number clearly marked on the outside of the
package will be returned to customer at customer’s expense. For warranty claims within North
America, please call our toll-free customer support number at (800) 762-4968. Customers are
responsible for all shipping charges from their facility to SMC. SMC is responsible for return
shipping charges from SMC to customer.

i

L

IMITED WARRANTY

WARRANTIES EXCLUSIVE: IF AN SMC PRODUCT DOES NOT OPERATE AS
WARRANTED ABOVE, CUSTOMER’S SOLE REMEDY SHALL BE REPAIR OR
REPLACEMENT OF THE PRODUCT IN QUESTION, AT SMC’S OPTION. THE
FOREGOING WARRANTIES AND REMEDIES ARE EXCLUSIVE AND ARE IN LIEU
OF ALL OTHER WARRANTIES OR CONDITIONS, EXPRESS OR IMPLIED, EITHER
IN FACT OR BY OPERATION OF LAW, STATUTORY OR OTHERWISE, INCLUDING
WARRANTIES OR CONDITIONS OF MERCHANTABILITY AND FITNESS FOR A
PARTICULAR PURPOSE. SMC NEITHER ASSUMES NOR AUTHORIZES ANY OTHER
PERSON TO ASSUME FOR IT ANY OTHER LIABILITY IN CONNECTION WITH
THE SALE, INSTALLATION, MAINTENANCE OR USE OF ITS PRODUCTS. SMC
SHALL NOT BE LIABLE UNDER THIS WARRANTY IF ITS TESTING AND
EXAMINATION DISCLOSE THE ALLEGED DEFECT IN THE PRODUCT DOES
NOT EXIST OR WAS CAUSED BY CUSTOMER’S OR ANY THIRD PERSON’S MISUSE,
NEGLECT, IMPROPER INSTALLATION OR TESTING, UNAUTHORIZED
ATTEMPTS TO REPAIR, OR ANY OTHER CAUSE BEYOND THE RANGE OF THE
INTENDED USE, OR BY ACCIDENT, FIRE, LIGHTNING, OR OTHER HAZARD.

LIMITATION OF LIABILITY: IN NO EVENT, WHETHER BASED IN CONTRACT OR
TORT (INCLUDING NEGLIGENCE), SHALL SMC BE LIABLE FOR INCIDENTAL,
CONSEQUENTIAL, INDIRECT, SPECIAL, OR PUNITIVE DAMAGES OF ANY KIND,
OR FOR LOSS OF REVENUE, LOSS OF BUSINESS, OR OTHER FINANCIAL LOSS
ARISING OUT OF OR IN CONNECTION WITH THE SALE, INSTALLATION,
MAINTENANCE, USE, PERFORMANCE, FAILURE, OR INTERRUPTION OF ITS
PRODUCTS, EVEN IF SMC OR ITS AUTHORIZED RESELLER HAS BEEN ADVISED
OF THE POSSIBILITY OF SUCH DAMAGES.

SOME STATES DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES OR
THE LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES FOR
CONSUMER PRODUCTS, SO THE ABOVE LIMITATIONS AND EXCLUSIONS MAY
NOT APPLY TO YOU. THIS WARRANTY GIVES YOU SPECIFIC LEGAL RIGHTS,
WHICH MAY VARY FROM STATE TO STATE. NOTHING IN THIS WARRANTY
SHALL BE TAKEN TO AFFECT YOUR STATUTORY RIGHTS.

* SMC will provide warranty service for one year following discontinuance from the active SMC
price list. Under the limited lifetime warranty, internal and external power supplies, fans, and
cables are covered by a standard one-year warranty from date of purchase.

SMC Networks, Inc.

38 Tesla

Irvine, CA 92618

ii

T

ABLE OF

C

ONTENTS

1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-1

Key Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-1

Description of Software Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2

System Defaults . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-7

2 Initial Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-1

Connecting to the Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-1

Configuration Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-1

Required Connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-3

Remote Connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-4

Basic Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-5

Console Connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-5

Setting Passwords . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-6

Setting an IP Address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-6

Manual Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-7

Dynamic Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-8

Enabling SNMP Management Access . . . . . . . . . . . . . . . . . . . . . 2-9

Community Strings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-10

Trap Receivers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-11

Saving Configuration Settings . . . . . . . . . . . . . . . . . . . . . . . . . . 2-11

Managing System Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-12

Configuring Power over Ethernet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-13

3 Configuring the Switch . . . . . . . . . . . . . . . . . . . . . . . . 3-1

Using the Web Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-1

Navigating the Web Browser Interface . . . . . . . . . . . . . . . . . . . . . . . . . . 3-3

Home Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-3

Configuration Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-4

Panel Display . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-4

Main Menu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-5

Basic Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-11

Displaying System Information . . . . . . . . . . . . . . . . . . . . . . . . . 3-11

Displaying Switch Hardware/Software Versions . . . . . . . . . . 3-14

Displaying Bridge Extension Capabilities . . . . . . . . . . . . . . . . . 3-16

Setting the IP Address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-18

iii

T

ABLE OF CONTENTS

Managing Firmware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-21

Saving or Restoring Configuration Settings . . . . . . . . . . . . . . . 3-24

Console Port Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-28

Telnet Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-31

Configuring Event Logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-33

Resetting the System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-41

Setting the System Clock . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-42

Configuring SNMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-44

Enabling SNMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-47

Setting Community Access Strings . . . . . . . . . . . . . . . . . . . . . . 3-47

Specifying Trap Managers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-49

Configuring SNMPv3 Management Access . . . . . . . . . . . . . . . 3-50

User Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-58

Configuring User Accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-59

Configuring Local/Remote Logon Authentication . . . . . . . . . 3-61

Configuring HTTPS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-65

Configuring the Secure Shell . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-68

Configuring Port Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-75

Configuring 802.1x Port Authentication . . . . . . . . . . . . . . . . . 3-77

Manual Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-19

Using DHCP/BOOTP . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-20

Downloading System Software from a Server . . . . . . . . . . 3-22

Downloading Configuration Settings from a Server . . . . . 3-26

System Log Configuration . . . . . . . . . . . . . . . . . . . . . . . . . 3-33

Remote Logs Configuration . . . . . . . . . . . . . . . . . . . . . . . . 3-36

Displaying System Logs . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-38

Sending Simple Mail Transfer Protocol Alerts . . . . . . . . . 3-39

SNTP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-42

Setting the Time Zone . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-43

Setting an Engine ID . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-51

Configuring SNMPv3 Users . . . . . . . . . . . . . . . . . . . . . . . . 3-52

Configuring SNMPv3 Groups . . . . . . . . . . . . . . . . . . . . . . 3-54

Setting SNMPv3 Views . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-56

Replacing the Default Secure-site Certificate . . . . . . . . . . 3-67

Generating the Host Key Pair . . . . . . . . . . . . . . . . . . . . . . 3-71

Configuring the SSH Server . . . . . . . . . . . . . . . . . . . . . . . . 3-73

Displaying 802.1x Global Settings . . . . . . . . . . . . . . . . . . . 3-79

iv

T

ABLE OF CONTENTS

Configuring 802.1x Global Settings . . . . . . . . . . . . . . . . . . 3-80

Configuring Port Settings for 802.1x . . . . . . . . . . . . . . . . . 3-81

Displaying 802.1x Statistics . . . . . . . . . . . . . . . . . . . . . . . . 3-84

Filtering IP Addresses for Management Access . . . . . . . . . . . . 3-86

Access Control Lists . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-88

Configuring Access Control Lists . . . . . . . . . . . . . . . . . . . . . . . 3-88

Setting the ACL Name and Type . . . . . . . . . . . . . . . . . . . . 3-89

Configuring a Standard IP ACL . . . . . . . . . . . . . . . . . . . . . 3-90

Configuring an Extended IP ACL . . . . . . . . . . . . . . . . . . . 3-91

Configuring a MAC ACL . . . . . . . . . . . . . . . . . . . . . . . . . . 3-94

Configuring ACL Masks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-96

Specifying the Mask Type . . . . . . . . . . . . . . . . . . . . . . . . . . 3-97

Configuring an IP ACL Mask . . . . . . . . . . . . . . . . . . . . . . 3-97

Configuring a MAC ACL Mask . . . . . . . . . . . . . . . . . . . . 3-100

Binding a Port to an Access Control List . . . . . . . . . . . . . . . . 3-102

Port Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-104

Displaying Connection Status . . . . . . . . . . . . . . . . . . . . . . . . . 3-104

Configuring Interface Connections . . . . . . . . . . . . . . . . . . . . . 3-107

Creating Trunk Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-109

Statically Configuring a Trunk . . . . . . . . . . . . . . . . . . . . . 3-111

Enabling LACP on Selected Ports . . . . . . . . . . . . . . . . . . 3-112

Configuring LACP Parameters . . . . . . . . . . . . . . . . . . . . 3-114

Displaying LACP Port Counters . . . . . . . . . . . . . . . . . . . 3-118

Displaying LACP Settings and Status for the Local Side 3-120

Displaying LACP Settings and Status for the Remote Side 3-122

Setting Broadcast Storm Thresholds . . . . . . . . . . . . . . . . . . . . 3-124

Configuring Port Mirroring . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-126

Configuring Rate Limits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-127

Showing Port Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-129

Power Over Ethernet Configuration . . . . . . . . . . . . . . . . . . . . . . . . . 3-136

Switch Power Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-137

Setting a Switch Power Budget . . . . . . . . . . . . . . . . . . . . . . . . 3-138

Displaying Port Power status . . . . . . . . . . . . . . . . . . . . . . . . . . 3-139

Configuring Port PoE Power . . . . . . . . . . . . . . . . . . . . . . . . . . 3-140

Address Table Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-142

Setting Static Addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-142

Displaying the Address Table . . . . . . . . . . . . . . . . . . . . . . . . . 3-143

v

T

ABLE OF CONTENTS

Changing the Aging Time . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-145

Spanning Tree Algorithm Configuration . . . . . . . . . . . . . . . . . . . . . . 3-146

Displaying Global Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-147

Configuring Global Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-151

Displaying Interface Settings . . . . . . . . . . . . . . . . . . . . . . . . . . 3-154

Configuring Interface Settings . . . . . . . . . . . . . . . . . . . . . . . . 3-158

VLAN Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-161

IEEE 802.1Q VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-161

Class of Service Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-177

Layer 2 Queue Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-177

Layer 3/4 Priority Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-185

Multicast Filtering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-198

Layer 2 IGMP (Snooping and Query) . . . . . . . . . . . . . . . . . . . 3-199

Enabling or Disabling GVRP (Global Setting) . . . . . . . 3-165

Displaying Basic VLAN Information . . . . . . . . . . . . . . . 3-166

Displaying Current VLANs . . . . . . . . . . . . . . . . . . . . . . . 3-167

Creating VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-169

Adding Static Members to VLANs (VLAN Index) . . . . 3-170

Adding Static Members to VLANs (Port Index) . . . . . . 3-173

Configuring VLAN Behavior for Interfaces . . . . . . . . . . 3-174

Setting the Default Priority for Interfaces . . . . . . . . . . . . 3-177

Mapping CoS Values to Egress Queues . . . . . . . . . . . . . 3-179

Traffic Classes Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-182

Selecting the Queue Mode . . . . . . . . . . . . . . . . . . . . . . . . 3-182

Setting the Service Weight for Traffic Classes . . . . . . . . . 3-183

Mapping Layer 3/4 Priorities to CoS Values . . . . . . . . . . 3-185

Selecting IP Precedence/DSCP Priority . . . . . . . . . . . . . 3-185

Mapping IP Precedence . . . . . . . . . . . . . . . . . . . . . . . . . . 3-186

Mapping DSCP Priority . . . . . . . . . . . . . . . . . . . . . . . . . . 3-188

Mapping IP Port Priority . . . . . . . . . . . . . . . . . . . . . . . . . 3-190

Copy Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-192

Mapping CoS Values to ACLs . . . . . . . . . . . . . . . . . . . . . 3-194

Changing Priorities Based on ACL Rules . . . . . . . . . . . . 3-195

Configuring IGMP Snooping and Query Parameters . . . 3-199

Displaying Interfaces Attached to a Multicast Router . . 3-202

Specifying Interfaces Attached to a Multicast Router . . . 3-203

Displaying Port Members of Multicast Services . . . . . . . 3-204

vi

T

ABLE OF CONTENTS

Assigning Ports to Multicast Services . . . . . . . . . . . . . . . 3-205

Configuring Domain Name Service . . . . . . . . . . . . . . . . . . . . . . . . . . 3-206

Configuring General DNS Server Parameters . . . . . . . . . . . . 3-207

Configuring Static DNS Host to Address Entries . . . . . . . . . 3-209

Displaying the DNS Cache . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-211

4 Command Line Interface . . . . . . . . . . . . . . . . . . . . . . . 4-1

Using the Command Line Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-1

Accessing the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-1

Console Connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-1

Telnet Connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-2

Entering Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-4

Keywords and Arguments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-4

Minimum Abbreviation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-4

Command Completion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-4

Getting Help on Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-5

Showing Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-6

Partial Keyword Lookup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-7

Negating the Effect of Commands . . . . . . . . . . . . . . . . . . . . . . . 4-7

Using Command History . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-7

Understanding Command Modes . . . . . . . . . . . . . . . . . . . . . . . . 4-7

Exec Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-8

Configuration Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-9

Command Line Processing . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-11

Command Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-12

Line Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-14

line . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-15

login . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-16

password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-17

timeout login response . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-18

exec-timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-19

password-thresh . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-20

silent-time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-21

databits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-22

parity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-23

speed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-24

stopbits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-25

vii

T

ABLE OF CONTENTS

disconnect . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-25

show line . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-26

General Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-27

enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-28

disable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-29

configure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-29

show history . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-30

reload . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-31

end . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-31

exit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-32

quit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-32

System Management Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-34

Device Designation Commands . . . . . . . . . . . . . . . . . . . . . . . . 4-34

User Access Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-36

IP Filter Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-39

Web Server Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-41

Telnet Server Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-45

Secure Shell Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-47

prompt . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-35

hostname . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-35

username . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-36

enable password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-38

management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-39

show management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-40

ip http port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-42

ip http server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-42

ip http secure-server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-43

ip http secure-port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-44

ip telnet port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-45

ip telnet server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-46

ip ssh server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-50

ip ssh timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-51

ip ssh authentication-retries . . . . . . . . . . . . . . . . . . . . . . . . 4-52

ip ssh server-key size . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-52

delete public-key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-53

ip ssh crypto host-key generate . . . . . . . . . . . . . . . . . . . . . 4-53

ip ssh crypto zeroize . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-54

viii

T

ABLE OF CONTENTS

ip ssh save host-key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-55

show ip ssh . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-56

show ssh . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-56

show public-key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-57

Event Logging Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-58

logging on . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-59

logging history . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-60

logging host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-61

logging facility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-62

logging trap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-62

clear log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-63

show logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-64

SMTP Alert Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-66

logging sendmail host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-66

logging sendmail level . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-67

logging sendmail source-email . . . . . . . . . . . . . . . . . . . . . . 4-68

logging sendmail destination-email . . . . . . . . . . . . . . . . . . 4-69

logging sendmail . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-69

show logging sendmail . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-70

Time Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-71

sntp client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-71

sntp server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-72

sntp poll . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-73

show sntp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-74

clock timezone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-74

calendar set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-75

show calendar . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-76

System Status Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-77

show startup-config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-77

show running-config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-79

show system . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-80

show users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-81

show version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-82

Flash/File Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-83

copy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-84

delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-88

dir . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-89

ix

T

ABLE OF CONTENTS

whichboot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-90

boot system . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-91

Power over Ethernet Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-92

power mainpower maximum allocation . . . . . . . . . . . . . . . . . . 4-93

power inline . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-94

power inline maximum allocation . . . . . . . . . . . . . . . . . . . . . . . 4-95

power inline priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-95

show power inline status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-96

show power mainpower . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-97

Authentication Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-99

Authentication Sequence . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-99

RADIUS Client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-102

TACACS+ Client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-107

Port Security Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-109

802.1x Port Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-112

authentication login . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-100

authentication enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-101

radius-server host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-103

radius-server port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-104

radius-server key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-104

radius-server retransmit . . . . . . . . . . . . . . . . . . . . . . . . . . 4-105

radius-server timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-105

show radius-server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-106

tacacs-server host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-107

tacacs-server port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-108

tacacs-server key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-108

show tacacs-server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-109

port security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-110

dot1x system-auth-control . . . . . . . . . . . . . . . . . . . . . . . . 4-113

dot1x default . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-113

dot1x max-req . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-114

dot1x port-control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-114

dot1x operation-mode . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-115

dot1x re-authenticate . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-116

dot1x re-authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-116

dot1x timeout quiet-period . . . . . . . . . . . . . . . . . . . . . . . . 4-117

dot1x timeout re-authperiod . . . . . . . . . . . . . . . . . . . . . . 4-117

x

T

ABLE OF CONTENTS

dot1x timeout tx-period . . . . . . . . . . . . . . . . . . . . . . . . . . 4-118

show dot1x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-119

Access Control List Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-122

IP ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-125

access-list ip . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-126

permit, deny (Standard ACL) . . . . . . . . . . . . . . . . . . . . . 4-127

permit, deny (Extended ACL) . . . . . . . . . . . . . . . . . . . . . 4-128

show ip access-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-131

access-list ip mask-precedence . . . . . . . . . . . . . . . . . . . . . 4-131

mask (IP ACL) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-132

show access-list ip mask-precedence . . . . . . . . . . . . . . . . 4-136

ip access-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-137

show ip access-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-138

map access-list ip . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-138

show map access-list ip . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-140

match access-list ip . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-141

show marking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-142

MAC ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-143

access-list mac . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-144

permit, deny (MAC ACL) . . . . . . . . . . . . . . . . . . . . . . . . . 4-145

show mac access-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-147

access-list mac mask-precedence . . . . . . . . . . . . . . . . . . . 4-147

mask (MAC ACL) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-148

show access-list mac mask-precedence . . . . . . . . . . . . . . 4-150

mac access-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-151

show mac access-group . . . . . . . . . . . . . . . . . . . . . . . . . . 4-152

map access-list mac . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-152

show map access-list mac . . . . . . . . . . . . . . . . . . . . . . . . . 4-153

match access-list mac . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-154

ACL Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-155

show access-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-155

show access-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-156

SNMP Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-156

snmp-server community . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-158

snmp-server contact . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-159

snmp-server location . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-159

snmp-server host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-160

xi

T

ABLE OF CONTENTS

snmp-server enable traps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-162

show snmp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-163

snmp-server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-164

snmp-server engine-id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-165

show snmp engine-id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-166

snmp-server view . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-166

show snmp view . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-168

snmp-server group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-169

show snmp group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-170

snmp-server user . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-171

show snmp user . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-172

Interface Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-173

interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-174

description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-175

speed-duplex . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-175

negotiation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-177

capabilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-178

flowcontrol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-179

shutdown . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-180

switchport broadcast packet-rate . . . . . . . . . . . . . . . . . . . . . . . 4-181

clear counters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-182

show interfaces status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-183

show interfaces counters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-184

show interfaces switchport . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-186

Mirror Port Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-187

port monitor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-188

show port monitor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-189

Rate Limit Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-190

Link Aggregation Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-192

channel-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-194

lacp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-195

lacp system-priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-197

lacp admin-key (Ethernet Interface) . . . . . . . . . . . . . . . . . . . . 4-198

lacp admin-key (Port Channel) . . . . . . . . . . . . . . . . . . . . . . . . . 4-199

lacp port-priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-200

show lacp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-201

Address Table Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-206

xii

T

ABLE OF CONTENTS

mac-address-table static . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-206

clear mac-address-table dynamic . . . . . . . . . . . . . . . . . . . . . . . 4-207

show mac-address-table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-208

mac-address-table aging-time . . . . . . . . . . . . . . . . . . . . . . . . . . 4-209

show mac-address-table aging-time . . . . . . . . . . . . . . . . . . . . . 4-210

Spanning Tree Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-210

spanning-tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-211

spanning-tree mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-212

spanning-tree forward-time . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-213

spanning-tree hello-time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-214

spanning-tree max-age . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-215

spanning-tree priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-216

spanning-tree pathcost method . . . . . . . . . . . . . . . . . . . . . . . . 4-217

spanning-tree transmission-limit . . . . . . . . . . . . . . . . . . . . . . . 4-218

spanning-tree spanning-disabled . . . . . . . . . . . . . . . . . . . . . . . 4-218

spanning-tree cost . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-219

spanning-tree port-priority . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-220

spanning-tree edge-port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-221

spanning-tree portfast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-222

spanning-tree link-type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-223

spanning-tree protocol-migration . . . . . . . . . . . . . . . . . . . . . . 4-224

show spanning-tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-225

VLAN Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-227

Editing VLAN Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-227

vlan database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-227

vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-228

Configuring VLAN Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . 4-230

interface vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-230

switchport mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-231

switchport acceptable-frame-types . . . . . . . . . . . . . . . . . . 4-232

switchport ingress-filtering . . . . . . . . . . . . . . . . . . . . . . . . 4-233

switchport native vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-234

switchport allowed vlan . . . . . . . . . . . . . . . . . . . . . . . . . . 4-235

switchport forbidden vlan . . . . . . . . . . . . . . . . . . . . . . . . 4-236

Displaying VLAN Information . . . . . . . . . . . . . . . . . . . . . . . . 4-237

show vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-238

GVRP and Bridge Extension Commands . . . . . . . . . . . . . . . . . . . . . 4-239

xiii

T

ABLE OF CONTENTS

bridge-ext gvrp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-239

show bridge-ext . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-240

switchport gvrp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-241

show gvrp configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-241

garp timer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-242

show garp timer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-243

Priority Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-244

Priority Commands (Layer 2) . . . . . . . . . . . . . . . . . . . . . . . . . 4-245

Priority Commands (Layer 3 and 4) . . . . . . . . . . . . . . . . . . . . 4-251

Multicast Filtering Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-260

IGMP Snooping Commands . . . . . . . . . . . . . . . . . . . . . . . . . 4-261

IGMP Query Commands (Layer 2) . . . . . . . . . . . . . . . . . . . . 4-265

queue mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-245

switchport priority default . . . . . . . . . . . . . . . . . . . . . . . . 4-246

queue bandwidth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-247

queue cos-map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-248

show queue bandwidth . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-250

show queue cos-map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-250

map ip port (Global Configuration) . . . . . . . . . . . . . . . . . 4-252

map ip port (Interface Configuration) . . . . . . . . . . . . . . . 4-252

map ip precedence (Global Configuration) . . . . . . . . . . 4-253

map ip precedence (Interface Configuration) . . . . . . . . . 4-254

map ip dscp (Global Configuration) . . . . . . . . . . . . . . . . 4-255

map ip dscp (Interface Configuration) . . . . . . . . . . . . . . . 4-256

show map ip port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-257

show map ip precedence . . . . . . . . . . . . . . . . . . . . . . . . . 4-258

show map ip dscp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-259

ip igmp snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-261

ip igmp snooping vlan static . . . . . . . . . . . . . . . . . . . . . . . 4-262

ip igmp snooping version . . . . . . . . . . . . . . . . . . . . . . . . . 4-263

show ip igmp snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-263

show mac-address-table multicast . . . . . . . . . . . . . . . . . . 4-264

ip igmp snooping querier . . . . . . . . . . . . . . . . . . . . . . . . . 4-265

ip igmp snooping query-count . . . . . . . . . . . . . . . . . . . . . 4-266

ip igmp snooping query-interval . . . . . . . . . . . . . . . . . . . . 4-267

ip igmp snooping query-max-response-time . . . . . . . . . . 4-268

ip igmp snooping router-port-expire-time . . . . . . . . . . . . 4-269

xiv

T

ABLE OF CONTENTS

Static Multicast Routing Commands . . . . . . . . . . . . . . . . . . . . 4-270

ip igmp snooping vlan mrouter . . . . . . . . . . . . . . . . . . . . 4-270

show ip igmp snooping mrouter . . . . . . . . . . . . . . . . . . . 4-271

IP Interface Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-272

ip address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-272

ip default-gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-274

ip dhcp restart . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-275

show ip interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-276

show ip redirects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-276

ping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-277

DNS Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-278

ip host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-279

clear host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-280

ip domain-name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-281

ip domain-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-282

ip name-server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-283

ip domain-lookup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-284

show hosts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-285

show dns . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-286

show dns cache . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-286

clear dns cache . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-287

A Software Specifications . . . . . . . . . . . . . . . . . . . . . . . .A-1

Software Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-1

Management Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-2

Standards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-3

Management Information Bases . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-3

B Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .B-1

Problems Accessing the Management Interface . . . . . . . . . . . . . . . . . . . B-1

Symptom . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-1

Action . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-1

Using System Logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-2

Glossary

Index

xv

T

ABLES

Table 1-1 Key Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-1

Table 1-2 System Defaults . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-7

Table 3-1 Configuration Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-4

Table 3-2 Switch Main Menu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-5

Table 3-3 Log Message Flash Levels . . . . . . . . . . . . . . . . . . . . . . . . . 3-34

Table 3-4 SNMPv3 Security Models and Levels . . . . . . . . . . . . . . . . 3-46

Table 3-5 HTTPS Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-66

Table 3-6 802.1x Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-84

Table 3-7 LACP Port Counters . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-118

Table 3-8 LACP Internal Configuration Information . . . . . . . . . . . 3-120

Table 3-9 LACP Neighbor Configuration Information . . . . . . . . . 3-122

Table 3-10 Port Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-129

Table 3-11 Mapping CoS Values to Egress Queues . . . . . . . . . . . . . 3-179

Table 3-12 CoS Priority Levels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-180

Table 3-13 Mapping IP Precedence . . . . . . . . . . . . . . . . . . . . . . . . . . 3-186

Table 3-14 Mapping DSCP Priority . . . . . . . . . . . . . . . . . . . . . . . . . . 3-189

Table 3-15 Mapping CoS Values to IP ACLs . . . . . . . . . . . . . . . . . . 3-194

Table 4-1 Command Modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-8

Table 4-2 Configuration Commands . . . . . . . . . . . . . . . . . . . . . . . . . 4-10

Table 4-3 Keystroke Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-11

Table 4-4 Command Group Index . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-12

Table 4-5 Line Command Syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-14

Table 4-6 General Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-27

Table 4-7 System Management Commands . . . . . . . . . . . . . . . . . . . . 4-34

Table 4-8 Device Designation Commands . . . . . . . . . . . . . . . . . . . . . 4-34

Table 4-9 User Access Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-36

Table 4-10 Default Login Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-37

Table 4-11 IP Filter Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-39

Table 4-12 Web Server Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-41

Table 4-13 HTTPS System Support . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-44

Table 4-14 Telnet Server Commands . . . . . . . . . . . . . . . . . . . . . . . . . . 4-45

Table 4-15 Secure Shell Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-47

Table 4-16 SSH Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-56

xvi

T

ABLES

Table 4-17 Event Logging Commands . . . . . . . . . . . . . . . . . . . . . . . . . 4-58

Table 4-18 Logging Levels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-60

Table 4-20 Remote Logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-65

Table 4-19 Show Logging Parameters . . . . . . . . . . . . . . . . . . . . . . . . . 4-65

Table 4-21 SMTP Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-66

Table 4-22 Time Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-71

Table 4-23 System Status Commands . . . . . . . . . . . . . . . . . . . . . . . . . . 4-77

Table 4-24 Flash/File Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-83

Table 4-25 File Directory Information . . . . . . . . . . . . . . . . . . . . . . . . . 4-89

Table 4-26 PoE Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-92

Table 4-27 Authentication Commands . . . . . . . . . . . . . . . . . . . . . . . . . 4-99

Table 4-28 Authentication Sequence Command . . . . . . . . . . . . . . . . . 4-99

Table 4-29 RADIUS Client Commands . . . . . . . . . . . . . . . . . . . . . . . 4-102

Table 4-30 TACACS+ Client Commands . . . . . . . . . . . . . . . . . . . . . 4-107

Table 4-31 Port Security Commands . . . . . . . . . . . . . . . . . . . . . . . . . 4-109

Table 4-32 802.1x Port Authentication Commands . . . . . . . . . . . . . 4-112

Table 4-33 Access Control List Commands . . . . . . . . . . . . . . . . . . . . 4-124

Table 4-34 IP ACL Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-125

Table 4-35 Mapping CoS Values to ACL Rules . . . . . . . . . . . . . . . . . 4-139

Table 4-36 MAC ACL Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-143

Table 4-37 Mapping CoS Values to MAC ACL Rules . . . . . . . . . . . . 4-153

Table 4-38 ACL Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-155

Table 4-39 SNMP Command Syntax . . . . . . . . . . . . . . . . . . . . . . . . . 4-157

Table 4-40 SNMP Engine ID . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-166

Table 4-41 SNMP View . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-168

Table 4-42 SNMP Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-171

Table 4-44 Interface Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-173

Table 4-43 SNMP User . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-173

Table 4-46 Mirror Port Commands . . . . . . . . . . . . . . . . . . . . . . . . . . 4-187

Table 4-45 Show Interfaces Switchport Output - Description . . . . . 4-187

Table 4-47 Rate Limit Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-190

Table 4-48 Link Aggregation Commands . . . . . . . . . . . . . . . . . . . . . . 4-192

Table 4-49 LACP Data Units . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-202

Table 4-50 Show LACP Output Contents . . . . . . . . . . . . . . . . . . . . . 4-203

Table 4-51 Show LACP Neighbours Output Contents . . . . . . . . . . . 4-204

Table 4-52 Address Table Commands . . . . . . . . . . . . . . . . . . . . . . . . 4-206

Table 4-53 Spanning Tree Commands . . . . . . . . . . . . . . . . . . . . . . . . 4-210

xvii

T

ABLES

Table 4-54 VLAN Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-227

Table 4-55 Editing VLAN Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-227

Table 4-56 Configuring VLAN Interfaces . . . . . . . . . . . . . . . . . . . . . 4-230

Table 4-57 Displaying VLAN Information . . . . . . . . . . . . . . . . . . . . 4-237

Table 4-58 GVRP and Bridge Extension Commands . . . . . . . . . . . . 4-239

Table 4-59 Priority Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-244

Table 4-60 Priority Commands (Layer 2) . . . . . . . . . . . . . . . . . . . . . . 4-245

Table 4-61 Default CoS Priority Levels . . . . . . . . . . . . . . . . . . . . . . . 4-249

Table 4-62 Priority Commands (Layer 3 and 4) . . . . . . . . . . . . . . . . . 4-251

Table 4-63 Mapping IP Precedence to CoS Values . . . . . . . . . . . . . . 4-254

Table 4-64 Mapping IP DSCP to CoS Values . . . . . . . . . . . . . . . . . . 4-256

Table 4-65 Multicast Filtering Commands . . . . . . . . . . . . . . . . . . . . . 4-260

Table 4-66 IGMP Snooping Commands . . . . . . . . . . . . . . . . . . . . . . 4-261

Table 4-67 IGMP Query Commands (Layer 2) . . . . . . . . . . . . . . . . . 4-265

Table 4-68 Static Multicast Routing Commands . . . . . . . . . . . . . . . . 4-270

Table 4-69 IP Interface Command Syntax . . . . . . . . . . . . . . . . . . . . . 4-272

Table 4-70 DNS Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-278

Table 4-71 Show DNS Output Description . . . . . . . . . . . . . . . . . . . . 4-287

Table B-1 Troubleshooting Chart . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-1

xviii

F

IGURES

Figure 3-1 Homepage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-3

Figure 3-2 Ports Panel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-4

Figure 3-3 System Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-12

Figure 3-4 General Switch Information . . . . . . . . . . . . . . . . . . . . . . 3-15

Figure 3-5 Bridge Extension Capabilities . . . . . . . . . . . . . . . . . . . . . 3-17

Figure 3-6 VLAN IP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . 3-19

Figure 3-7 IP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-20

Figure 3-8 Copy Firmware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-23

Figure 3-9 Select Start-Up File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-23

Figure 3-10 Deleting Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-24

Figure 3-11 Copy Configuration Settings . . . . . . . . . . . . . . . . . . . . . 3-26

Figure 3-12 Setting the Startup Configuration Settings . . . . . . . . . . . 3-27

Figure 3-13 Console Port Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-30

Figure 3-14 Telnet Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-32

Figure 3-15 System Logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-35

Figure 3-16 Remote Logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-37

Figure 3-17 Enabling and Configuring SMTP Alerts . . . . . . . . . . . . 3-40

Figure 3-18 Resetting the System . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-41

Figure 3-19 Configuring SNTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-43

Figure 3-20 Setting the Time Zone . . . . . . . . . . . . . . . . . . . . . . . . . . 3-44

Figure 3-21 Enabling the SNMP Agent . . . . . . . . . . . . . . . . . . . . . . . 3-47

Figure 3-22 Configuring SNMP Community Strings . . . . . . . . . . . . 3-48

Figure 3-23 Configuring SNMP Trap Managers . . . . . . . . . . . . . . . . 3-50

Figure 3-24 Setting an Engine ID . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-51

Figure 3-25 Configuring SNMPv3 Users . . . . . . . . . . . . . . . . . . . . . . 3-53

Figure 3-26 Configuring SNMPv3 Groups . . . . . . . . . . . . . . . . . . . . 3-55

Figure 3-27 Configuring SNMPv3 Views . . . . . . . . . . . . . . . . . . . . . 3-57

Figure 3-28 Configuring User Accounts . . . . . . . . . . . . . . . . . . . . . . 3-60

Figure 3-29 Authentication Server Settings . . . . . . . . . . . . . . . . . . . . 3-64

Figure 3-30 HTTPS Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-67

Figure 3-31 SSH Host-Key Settings . . . . . . . . . . . . . . . . . . . . . . . . . . 3-72

Figure 3-32 SSH Server Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-74

Figure 3-33 Port Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-77

Figure 3-34 802.1x Global Information . . . . . . . . . . . . . . . . . . . . . . . 3-79

Figure 3-35 802.1x System Authentication Control . . . . . . . . . . . . . 3-80

Figure 3-36 802.1x Port Configuration . . . . . . . . . . . . . . . . . . . . . . . 3-82

xix

F

IGURES

Figure 3-37 Displaying 802.1x Statistics . . . . . . . . . . . . . . . . . . . . . . . 3-85

Figure 3-38 IP Filter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-87

Figure 3-39 Selecting ACL Type . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-90

Figure 3-40 ACL Configuration - Standard IP . . . . . . . . . . . . . . . . . 3-91

Figure 3-41 ACL Configuration - Extended IP . . . . . . . . . . . . . . . . . 3-93

Figure 3-42 ACL Configuration - MAC . . . . . . . . . . . . . . . . . . . . . . . 3-95

Figure 3-43 Selecting ACL Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-97

Figure 3-44 ACL Mask Configuration - IP . . . . . . . . . . . . . . . . . . . . 3-99

Figure 3-45 ACL Mask Configuration - MAC . . . . . . . . . . . . . . . . . 3-101

Figure 3-46 ACL Port Binding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-103

Figure 3-47 Entering IP Addresses to be Filtered . . . . . . . . . . . . . . 3-104

Figure 3-48 Port - Port Information . . . . . . . . . . . . . . . . . . . . . . . . 3-105

Figure 3-49 Port - Port Configuration . . . . . . . . . . . . . . . . . . . . . . . 3-109

Figure 3-50 Static Trunk Configuration . . . . . . . . . . . . . . . . . . . . . . 3-111

Figure 3-51 LACP Trunk Configuration . . . . . . . . . . . . . . . . . . . . . 3-113

Figure 3-52 LACP - Aggregation Port . . . . . . . . . . . . . . . . . . . . . . . 3-116

Figure 3-53 LACP - Port Counters Information . . . . . . . . . . . . . . . 3-119

Figure 3-54 LACP - Port Internal Information . . . . . . . . . . . . . . . . 3-121

Figure 3-55 LACP - Port Neighbors Information . . . . . . . . . . . . . . 3-123

Figure 3-56 Port Broadcast Control . . . . . . . . . . . . . . . . . . . . . . . . . 3-125

Figure 3-57 Mirror Port Configuration . . . . . . . . . . . . . . . . . . . . . . 3-127

Figure 3-58 Rate Limit Configuration . . . . . . . . . . . . . . . . . . . . . . . 3-128

Figure 3-59 Port Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-134

Figure 3-60 Displaying the Global PoE Status . . . . . . . . . . . . . . . . 3-137

Figure 3-61 Setting the Switch Power Budget . . . . . . . . . . . . . . . . . 3-138

Figure 3-62 Displaying Port PoE Status . . . . . . . . . . . . . . . . . . . . . 3-139

Figure 3-63 Configuring Port PoE Power . . . . . . . . . . . . . . . . . . . . 3-141

Figure 3-64 Static Addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-143

Figure 3-65 Dynamic Addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-144

Figure 3-66 Address Aging Time . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-145

Figure 3-67 STA Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-149

Figure 3-68 STA Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-153

Figure 3-69 STA Port Information . . . . . . . . . . . . . . . . . . . . . . . . . 3-157

Figure 3-70 STA Port Configuration . . . . . . . . . . . . . . . . . . . . . . . . 3-160

Figure 3-71 Globally Enabling GVRP . . . . . . . . . . . . . . . . . . . . . . . 3-165

Figure 3-72 VLAN Basic Information . . . . . . . . . . . . . . . . . . . . . . . 3-166

Figure 3-73 VLAN Current Table . . . . . . . . . . . . . . . . . . . . . . . . . . 3-168

xx

F

IGURES

Figure 3-74 VLAN Static List - Creating VLANs . . . . . . . . . . . . . . 3-170

Figure 3-75 VLAN Static Table - Adding Static Members . . . . . . . 3-172

Figure 3-76 VLAN Static Membership by Port . . . . . . . . . . . . . . . . 3-173

Figure 3-77 VLAN Port Configuration . . . . . . . . . . . . . . . . . . . . . . 3-176

Figure 3-78 Default Port Priority . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-178

Figure 3-79 Traffic Classes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-181

Figure 3-80 Enabling Traffic Classes . . . . . . . . . . . . . . . . . . . . . . . . 3-182

Figure 3-81 Queue Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-183

Figure 3-82 Queue Scheduling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-184

Figure 3-83 IP Precedence/DSCP Priority Status . . . . . . . . . . . . . . 3-186

Figure 3-84 IP Precedence Priority. . . . . . . . . . . . . . . . . . . . . . . . . . 3-187

Figure 3-85 Mapping IP DSCP Priority to Class of Service Values 3-189

Figure 3-86 IP Port Priority Status . . . . . . . . . . . . . . . . . . . . . . . . . . 3-191

Figure 3-87 IP Port Priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-191

Figure 3-88 Mapping Priority Settings to Ports/Trunks . . . . . . . . . 3-193

Figure 3-89 ACL CoS Priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-195

Figure 3-90 ACL Marker . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-197

Figure 3-91 IGMP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-201

Figure 3-92 Multicast Router Port Information . . . . . . . . . . . . . . . 3-202

Figure 3-93 Static Multicast Router Port Configuration . . . . . . . . . 3-203

Figure 3-94 IP Multicast Registration Table . . . . . . . . . . . . . . . . . . 3-204

Figure 3-95 IGMP Member Port Table . . . . . . . . . . . . . . . . . . . . . . 3-206

Figure 3-96 DNS General Configuration . . . . . . . . . . . . . . . . . . . . . 3-208

Figure 3-97 DNS Static Host Table . . . . . . . . . . . . . . . . . . . . . . . . . 3-210

Figure 3-98 DNS Cache . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-212

xxi

F

IGURES

xxii

C

HAPTER

I

NTRODUCTION

The SMC6824MPE Power-over-Ethernet switch provides a broad range of
features for Layer 2 switching. It includes a management agent that allows
you to configure the features listed in this manual. The default
configuration can be used for most of the features provided by this switch.
However, there are many options that you should configure to maximize
the switch’s performance for your particular network environment.

The switch’s 24 10/100 Mbps ports support the IEEE 802.3af
Power-over-Ethernet (PoE) standard that enables DC power to be
supplied to attached devices over the unused pairs of wires in the

1

connecting Ethernet cable.

Key Features

Table 1-1 Key Features

Feature Description

Power over Ethernet Powers attached devices using IEEE 802.3af Power over Ethernet

(PoE)

Configuration
Backup and Restore

Authentication Console, Telnet – User name / password, RADIUS, TACACS+

DHCP Client Supported

Backup to TFTP server

Telnet – SSH
Web – SSL/HTTPS
SNMP – Community strings, IP address filtering
Port – IEEE 802.1x, MAC address filtering

1-1

I

NTRODUCTION

Table 1-1 Key Features

Feature Description

Port Configuration Speed, duplex mode and flow control

Rate Limiting Input and output rate limiting per port

Port Mirroring One or more ports mirrored to single analysis port

Port Trunking Supports port trunking using either static or dynamic trunking

(LACP)

Broadcast Storm
Control

Static Address Up to 8K MAC addresses in the forwarding table

IEEE 802.1D Bridge Supports dynamic data switching and address learning

Store-and-Forward
Switching

Spanning Tree
Protocol

Virtual LANs Up to 255 using IEEE 802.1Q VLANs

Traffic Prioritization Default port priority, traffic class map, queue scheduling,

Multicast Filtering Supports IGMP snooping and query

Supported

Supported to ensure wire-speed switching while eliminating bad
frames

Supports standard STP and Rapid Spanning Tree Protocol (RSTP)

IP Precedence, or Differentiated Services Code Point (DSCP)

Description of Software Features

The switch provides a wide range of advanced performance enhancing
features. Flow control eliminates the loss of packets due to bottlenecks
caused by port saturation. Broadcast storm suppression prevents broadcast
traffic storms from engulfing the network. Port-based VLANs provide
traffic security and efficient use of network bandwidth. CoS priority
queueing ensures the minimum delay for moving real-time multimedia data
across the network. While multicast filtering provides support for real-time
network applications. Some of the management features are briefly
described below.

1-2

D

ESCRIPTION OF SOFTWARE FEATURES

Configuration Backup and Restore – You can save the current
configuration settings to a file on a TFTP server, and later download this
file to restore the switch configuration settings.

Authentication – This switch authenticates management access via the
console port or Telnet. User names and passwords can be configured
locally or can be verified via a remote authentication server (i.e., RADIUS
or TACACS+). Port-based authentication is also supported via the IEEE

802.1x protocol. This protocol uses the Extensible Authentication
Protocol over LANs (EAPOL) to request user credentials from the 802.1x
client, and then verifies the client’s right to access the network via an
authentication server.

Other authentication options include SSH for secure management access
over a Telnet-equivalent connection, SSL/HTTPS for Web management
access, IP address filtering for SNMP/Telnet management access, and
MAC address filtering for port access.

Port Configuration – You can manually configure the speed, duplex
mode, and flow control used on specific ports, or use auto-negotiation to
detect the connection settings used by the attached device. Use the
full-duplex mode on ports whenever possible to double the throughput of
switch connections. Flow control should also be enabled to control
network traffic during periods of congestion and prevent the loss of
packets when port buffer thresholds are exceeded. The switch supports
flow control based on the IEEE 802.3x standard.

Rate Limiting – This feature controls the maximum rate for traffic
transmitted or received on an interface. Rate limiting is configured on
interfaces at the edge of a network to limit traffic into or out of the
network. Traffic that falls within the rate limit is transmitted, while packets
that exceed the acceptable amount of traffic are dropped.

1-3

I

NTRODUCTION

Port Mirroring – The switch can unobtrusively mirror traffic from any
port to a monitor port. You can then attach a protocol analyzer or RMON
probe to this port to perform traffic analysis and verify connection
integrity.

Port Trunking – Ports can be combined into an aggregate connection.
Trunks can be manually set up or dynamically configured using IEEE

802.3ad Link Aggregation Control Protocol (LACP). The additional ports
dramatically increase the throughput across any connection, and provide
redundancy by taking over the load if a port in the trunk should fail. The
switch supports one trunk with two Gigabit optional module ports.

Broadcast Storm Control – Broadcast suppression prevents broadcast
traffic from overwhelming the network. When enabled on a port, the level
of broadcast traffic passing through the port is restricted. If broadcast
traffic rises above a pre-defined threshold, it will be throttled until the level
falls back beneath the threshold.

Static Addresses – A static address can be assigned to a specific interface
on this switch. Static addresses are bound to the assigned interface and will
not be moved. When a static address is seen on another interface, the
address will be ignored and will not be written to the address table. Static
addresses can be used to provide network security by restricting access for
a known host to a specific port.

IEEE 802.1D Bridge – The switch supports IEEE 802.1D transparent
bridging. The address table facilitates data switching by learning addresses,
and then filtering or forwarding traffic based on this information. The
address table supports up to 8K addresses.

Store-and-Forward Switching – The switch copies each frame into its
memory before forwarding them to another port. This ensures that all
frames are a standard Ethernet size and have been verified for accuracy
with the cyclic redundancy check (CRC). This prevents bad frames from
entering the network and wasting bandwidth.

1-4