◆ Layer 2/3/4 CoS support through four priority queues
◆ Full support for VLANs with GVRP
◆ IGMP multicast filtering and snooping
◆ Manageable via console, Web, SNMP/RMON
Management Guide
SMC6750L2
TigerSwitch 10/100
Management Guide
From SMC’s Tiger line of feature-rich workgroup LAN solutions
38 Tesla
Irvine, CA 92618
Phone: (949) 679-8000
June 2002
Pub. # 150200016800A
Information furnished by SMC Networks, Inc. (SMC) is believed to be
accurate and reliable. However, no responsibility is assumed by SMC for its
use, nor for any infringements of patents or other rights of third parties
which may result from its use. No license is granted by implication or otherwise under any patent or patent rights of SMC. SMC reserves the right to
change specifications at any time without notice.
SMC is a registered trademark; and EZ Switch, TigerStack and TigerSwitch are trademarks of SMC
Networks, Inc. Other product and company names are trademarks or registered trademarks of their
respective holders.
L
IMITED
Limited Warranty Statement: SMC Networks, Inc. (“SMC”) warrants its products to be
free from defects in workmanship and materials, under normal use and service, for the
applicable warranty term. All SMC products carry a standard 90-day limited warranty from
the date of purchase from SMC or its Authorized Reseller. SMC may, at its own discretion,
repair or replace any product not operating as warranted with a similar or functionally
equivalent product, during the applicable warranty term. SMC will endeavor to repair or
replace any product returned under warranty within 30 days of receipt of the product.
The standard limited warranty can be upgraded to a Limited Lifetime* warranty by registering
new products within 30 days of purchase from SMC or its Authorized Reseller. Registration
can be accomplished via the enclosed product registration card or online via the SMC web
site. Failure to register will not affect the standard limited warranty. The Limited Lifetime
warranty covers a product during the Life of that Product, which is defined as the period of
time during which the product is an “Active” SMC product. A product is considered to be
“Active” while it is listed on the current SMC price list. As new technologies emerge, older
technologies become obsolete and SMC will, at its discretion, replace an older product in its
product line with one that incorporates these newer technologies. At that point, the obsolete
product is discontinued and is no longer an “Active” SMC product. A list of discontinued
products with their respective dates of discontinuance can be found at:
http://www.smc.com/index.cfm?action=customer_service_warranty.
All products that are replaced become the property of SMC. Replacement products may be
either new or reconditioned. Any replaced or repaired product carries either a 30-day limited
warranty or the remainder of the initial warranty, whichever is longer. SMC is not responsible
for any custom software or firmware, configuration information, or memory data of
Customer contained in, stored on, or integrated with any products returned to SMC pursuant
to any warranty. Products returned to SMC should have any customer-installed accessory or
add-on components, such as expansion modules, removed prior to returning the product for
replacement. SMC is not responsible for these items if they are returned with the product.
Customers must contact SMC for a Return Material Authorization number prior to returning
any product to SMC. Proof of purchase may be required. Any product returned to SMC
without a valid Return Material Authorization (RMA) number clearly marked on the outside
of the package will be returned to customer at customer’s expense. For warranty claims within
North America, please call our toll-free customer support number at (800) 762-4968.
Customers are responsible for all shipping charges from their facility to SMC. SMC is
responsible for return shipping charges from SMC to customer.
W
ARRANTY
i
WARRANTIES EXCLUSIVE: IF AN SMC PRODUCT DOES NOT OPERATE AS
WARRANTED ABOVE, CUSTOMER’S SOLE REMEDY SHALL BE REPAIR OR
REPLACEMENT OF THE PRODUCT IN QUESTION, AT SMC’S OPTION. THE
FOREGOING WARRANTIES AND REMEDIES ARE EXCLUSIVE AND ARE IN
LIEU OF ALL OTHER WARRANTIES OR CONDITIONS, EXPRESS OR IMPLIED,
EITHER IN FACT OR BY OPERATION OF LAW, STATUTORY OR OTHERWISE,
INCLUDING WARRANTIES OR CONDITIONS OF MERCHANTABILITY AND
FITNESS FOR A PARTICULAR PURPOSE. SMC NEITHER ASSUMES NOR
AUTHORIZES ANY OTHER PERSON TO ASSUME FOR IT ANY OTHER
LIABILITY IN CONNECTION WITH THE SALE, INSTALLATION,
MAINTENANCE OR USE OF ITS PRODUCTS. SMC SHALL NOT BE LIABLE
UNDER THIS WARRANTY IF ITS TESTING AND EXAMINATION DISCLOSE THE
ALLEGED DEFECT IN THE PRODUCT DOES NOT EXIST OR WAS CAUSED BY
CUSTOMER’S OR ANY THIRD PERSON’S MISUSE, NEGLECT, IMPROPER
INSTALLATION OR TESTING, UNAUTHORIZED ATTEMPTS TO REPAIR, OR
ANY OTHER CAUSE BEYOND THE RANGE OF THE INTENDED USE, OR BY
ACCIDENT, FIRE, LIGHTNING, OR OTHER HAZARD.
LIMITATION OF LIABILITY: IN NO EVENT, WHETHER BASED IN CONTRACT
OR TORT (INCLUDING NEGLIGENCE), SHALL SMC BE LIABLE FOR
INCIDENTAL, CONSEQUENTIAL, INDIRECT, SPECIAL, OR PUNITIVE
DAMAGES OF ANY KIND, OR FOR LOSS OF REVENUE, LOSS OF BUSINESS, OR
OTHER FINANCIAL LOSS ARISING OUT OF OR IN CONNECTION WITH THE
SALE, INSTALLATION, MAINTENANCE, USE, PERFORMANCE, FAILURE, OR
INTERRUPTION OF ITS PRODUCTS, EVEN IF SMC OR ITS AUTHORIZED
RESELLER HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
SOME STATES DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES
OR THE LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES FOR
CONSUMER PRODUCTS, SO THE ABOVE LIMITATIONS AND EXCLUSIONS
MAY NOT APPLY TO YOU. THIS WARRANTY GIVES YOU SPECIFIC LEGAL
RIGHTS, WHICH MAY VARY FROM STATE TO STATE. NOTHING IN THIS
WARRANTY SHALL BE TAKEN TO AFFECT YOUR STATUTORY RIGHTS.
* SMC will provide warranty service for one year following discontinuance from the active
SMC price list. Under the limited lifetime warranty, internal and external power supplies, fans,
and cables are covered by a standard one-year warranty from date of purchase.
Console Port to 9-Pin DTE Port on PC . . . . . . . . . . . . . . . . . . . B-2
Console Port to 25-Pin DTE Port on PC . . . . . . . . . . . . . . . . . . B-2
Glossary
Index
x
C
HAPTER
S
WITCH
M
ANAGEMENT
Connecting to the Switch
Configuration Options
The TigerSwitch 10/100 SMC6750L2 includes a built-in network
management agent. The agent offers a variety of management options,
including SNMP, RMON and a Web-based interface. A PC may also be
connected directly to the switch for configuration and monitoring via a
command line interface (CLI).
Note: The IP address for this switch is assigned via DHCP by default. To
change this address, see “Setting an IP Address” on page 1-6.
The switch’s HTTP Web agent allows you to configure switch parameters,
monitor port connections, and display statistics graphically using a
standard Web browser such as Netscape Navigator version 6.2 and higher
or Microsoft IE version 5.0 and higher. The switch’s Web management
interface can be accessed from any computer attached to the network.
1
The switch’s management agent is based on SNMP (Simple Network
Management Protocol). This SNMP agent permits the switch to be
managed from any system in the network using management software,
such as such as SMC’s free EliteView software.
The CLI program can be accessed by a direct connection to the RS-232
serial console port on the switch, or remotely by a Telnet connection over
the network.
1-1
S
WITCH MANAGEMENT
The switch’s CLI configuration program, Web interface, and SNMP agent
allow you to perform the following management functions:
•Set user names and passwords for up to 16 users
•Set an IP interface for a management VLAN
•Configure SNMP parameters
•Enable/disable any port
•Set the speed/duplex mode for any port
•Configure up to 255 IEEE 802.1Q VLANs
•Enable GVRP automatic VLAN registration
•Configure IGMP multicast filtering
•TFTP upload and download of system firmware
•TFTP upload and download of switch configuration files
•Configure Spanning Tree parameters
•Configure Class of Service (CoS) priority queuing
•Configure up to six static or LACP trunks
•Enable port mirroring
•Set broadcast storm control on any port
•Display system information and statistics
Required Connections
The switch provides an RS-232 serial port that enables a connection to a
PC or terminal for monitoring and configuring the switch. A null-modem
console cable is provided with the switch.
1-2
C
ONNECTING TO THE SWITCH
Attach a VT100-compatible terminal, or a PC running a terminal
emulation program to the switch. You can use the console cable provided
with this package, or use a null-modem cable that complies with the wiring
assignments shown in Appendix B.
To connect a terminal to the console port, complete the following steps:
1. Connect the console cable to the serial port on a terminal, or a PC
running terminal emulation software, and tighten the captive retaining
screws on the DB-9 connector.
2. Connect the other end of the cable to the RS-232 serial port on the
switch.
3. Make sure the terminal emulation software is set as follows:
•Select the appropriate serial port (COM port 1 or COM port 2).
•Set the data rate to 9600 baud.
•Set the data format to 8 data bits, 1 stop bit, and no parity.
•Set flow control to none.
•Set the emulation mode to VT100.
•When using HyperTerminal, select Terminal keys, not Windows
keys.
®
Notes: 1. When using HyperTerminal with Microsoft
make sure that you have Windows 2000 Service Pack 2 or later
installed. Windows 2000 Service Pack 2 fixes the problem of
arrow keys not functioning in HyperTerminal’s VT100
emulation. See www.microsoft.com for information on
Windows 2000 service packs.
2. Refer to “Line Commands” on page 3-56 for a complete
description of console configuration options.
Windows® 2000,
1-3
S
WITCH MANAGEMENT
4. Once you have set up the terminal correctly, the console login screen
will be displayed.
For a description of how to use the CLI, see “Using the Command Line
Interface” on page 3-1. For a list of all the CLI commands and detailed
information on using the CLI, refer to “Command Groups” on page 3-10.
Remote Connections
Prior to accessing the switch’s onboard agent via a network connection,
you must first configure it with a valid IP address, subnet mask, and default
gateway using a console connection, DHCP or BOOTP protocol.
The IP address for this switch is assigned via DHCP by default. To
manually configure this address or enable dynamic address assignment via
DHCP or BOOTP, see “Setting an IP Address” on page 1-6.
Note: This switch supports four concurrent Telnet sessions.
After configuring the switch’s IP parameters, you can access the onboard
configuration program from anywhere within the attached network. The
onboard configuration program can be accessed using Telnet from any
computer attached to the network. The switch can also be managed by any
computer using a Web browser (Internet Explorer 5.0 or above, or
Netscape Navigator 6.2 or above), or from a network computer using
network management software such as EliteView.
Note: The onboard program only provides access to basic configuration
functions. To access the full range of SNMP management
functions, you must use SNMP-based network management
software, such as EliteView.
1-4
B
ASIC CONFIGURATION
Basic Configuration
Console Connection
The CLI program provides two different command levels — normal
access level (Normal Exec) and privileged access level (Privileged Exec).
The commands available at the Normal Exec level are a limited subset of
those available at the Privileged Exec level and allow you to only display
information and use basic utilities. To fully configure switch parameters,
you must access the CLI at the Privileged Exec level.
Access to both CLI levels are controlled by user names and passwords.
The switch has a default user name and password for each level. To log
into the CLI at the Privileged Exec level using the default user name and
password, perform these steps:
1. To initiate your console connection, press <Enter>. The “User Access
Verification” procedure starts.
2. At the Username prompt, enter “admin.”
3. At the Password prompt, also enter “admin.” (The password
characters are not displayed on the console screen.)
4. The session is opened and the CLI displays the “Console#” prompt
indicating you have access at the Privileged Exec level.
Setting Passwords
Note: If this is your first time to log into the CLI program, you should
define new passwords for both default user names using the
“username” command, record them and put them in a safe place.
1-5
S
WITCH MANAGEMENT
Passwords can consist of up to 8 alphanumeric characters and are case
sensitive. To prevent unauthorized access to the switch, set the passwords
as follows:
1. Open the console interface with the default user name and password
“admin” to access the Privileged Exec level.
2. Type “configure” and press <Enter>.
3. Type “username guest password 0 password,” for the Normal Exec
level, where password is your new password. Press <Enter>.
4. Type “username admin password 0 password,” for the Privileged Exec
level, where password is your new password. Press <Enter>.
Username: admin
Password:
CLI session with the host is opened.
To end the CLI session, enter [Exit].
Console#configure
Console(config)#username guest password 0 [password]
Console(config)#username admin password 0 [password]
Console(config)#
Setting an IP Address
You must establish IP address information for the switch to obtain
management access through the network. This can be done in either of the
following ways:
Manual — You have to input the information, including IP address and
subnet mask. If your management station is not in the same IP subnet as
the switch, you will also need to specify the default gateway router.
Dynamic — The switch sends IP configuration requests to BOOTP or
DHCP address allocation servers on the network.
1-6
B
ASIC CONFIGURATION
Note: Only one VLAN interface can be assigned an IP address (the
default is VLAN 1). This defines the management VLAN, the only
VLAN through which you can gain management access to the
switch. If you assign an IP address to any other VLAN, the new IP
address overrides the original IP address and this becomes the new
management VLAN.
Manual Configuration
You can manually assign an IP address to the switch. You may also need to
specify a default gateway that resides between this device and management
stations that exist on another network segment. Valid IP addresses consist
of four decimal numbers, 0 to 255, separated by periods. Anything outside
this format will not be accepted by the CLI program.
Note: The IP address for this switch is assigned via DHCP by default.
Before you can assign an IP address to the switch, you must obtain the
following information from your network administrator:
•IP address for the switch
•Default gateway for the network
•Network mask for this network
To assign an IP address to the switch, complete the following steps:
1. From the Privileged Exec level global configuration mode prompt,
type “interface vlan 1” to access the interface-configuration mode.
Press <Enter>.
2. Type “ip address ip-address netmask,” where “ip-address” is the switch
IP address and “netmask” is the network mask for the network. Press
<Enter>.
3. Type “exit” to return to the global configuration mode prompt. Press
<Enter>.
1-7
S
WITCH MANAGEMENT
4. To set the IP address of the default gateway for the network to which
the switch belongs, type “ip default-gateway gateway,” where “gateway”
is the IP address of the default gateway. Press <Enter>.
If you select the “bootp” or “dhcp” option, IP will be enabled but will not
function until a BOOTP or DHCP reply has been received. You therefore
need to use the “ip dhcp restart” command to start broadcasting service
requests. Requests will be sent periodically in an effort to obtain IP
configuration information. (BOOTP and DHCP values can include the IP
address, subnet mask, and default gateway.)
If the “bootp” or “dhcp” option is saved to the startup-config file, then
the switch will start broadcasting service requests as soon as it is powered
on.
To automatically configure the switch by communicating with BOOTP or
DHCP address allocation servers on the network, complete the following
steps:
1. From the Privileged Exec level global configuration mode prompt,
type “interface vlan 1” to access the interface-configuration mode.
Press <Enter>.
2. At the interface-configuration mode prompt, use one of the following
commands:
•To obtain IP settings through DHCP, type “ip address dhcp” and
press <Enter>.
•To obtain IP settings through BOOTP, type “ip address bootp”
and press <Enter>.
1-8
B
ASIC CONFIGURATION
3. Type “exit” to return to the global configuration mode. Press
<Enter>.
4. Type “ip dhcp restart” to begin broadcasting service requests. Press
<Enter>.
5. Wait a few minutes, and then check the IP configuration settings, by
typing the “show ip interface” command. Press <Enter>.
6. Then save your configuration changes by typing “copy running-config
startup-config.” Enter the startup file name and press <Enter>.
Console(config)#interface vlan 1
Console(config-if)#ip address dhcp
Console(config-if)#exit
Console#ip dhcp restart
Console#show ip interface
IP interface vlan
IP address and netmask: 10.1.0.54 255.255.255.0 on VLAN 1,
and address mode: User specified.
Console#copy running-config startup-config
Startup configuration file name []: startup
Console#
Enabling SNMP Management Access
The switch can be configured to accept management commands from
Simple Network Management Protocol (SNMP) applications such as
EliteView. You can configure the switch to (1) respond to SNMP requests
or (2) generate SNMP traps.
When SNMP management stations send requests to the switch (either to
return information or to set a parameter), the switch provides the
requested data or sets the specified parameter. The switch can also be
configured to send information to SNMP managers (without being
requested by the managers) through trap messages, which inform the
manager that certain events have occurred.
1-9
S
WITCH MANAGEMENT
Community Strings
Community strings are used to control management access to SNMP
stations, as well as to authorize SNMP stations to receive trap messages
from the switch. You therefore need to assign community strings to
specified users or user groups, and set the access level.
The default strings are:
•public - with read-only access. Authorized management stations are
only able to retrieve MIB objects.
•private - with read-write access. Authorized management stations are
able to both retrieve and modify MIB objects.
Note: If you do not intend to utilize SNMP, it is recommended that you
delete both of the default community strings. If there are no
community strings, then SNMP management access to the switch
is disabled.
To prevent unauthorized access to the switch via SNMP, it is
recommended that you change the default community strings.
To configure a community string, complete the following steps:
1. From the Privileged Exec level global configuration mode prompt,
type “snmp-server community string mode,” where “string” is the
community access string and “mode” is rw (read/write) or ro (read
only). Press <Enter>.
2. To remove an existing string, simply type “no snmp-server community
string,” where “string” is the community access string to remove. Press
<Enter>.
Console(config)#snmp-server community smc rw
Console(config)#snmp-server community private
Console(config)#
1-10
B
ASIC CONFIGURATION
Trap Receivers
You can also specify SNMP stations that are to receive traps from the
switch.
To configure a trap receiver, complete the following steps:
1. From the Privileged Exec level global configuration mode prompt,
type “snmp-server host host-address community-string,” where
“host-address” is the IP address for the trap receiver and
“community-string” is the string associated with that host. Press
<Enter>.
2. In order to configure the switch to send SNMP notifications, you must
enter at least one snmp-server enable traps command. Type
“snmp-server enable traps type,” where “type” is either
authentication or link-up-down. Press <Enter>.
Configuration commands only modify the running configuration file and
are not saved when the switch is rebooted. To save all your configuration
changes in nonvolatile storage, you must copy the running configuration
file to the start-up configuration file using the “copy” command.
To save the current configuration settings, enter the following command:
1. From the Privileged Exec mode prompt, type “copy running-config
startup-config” and press <Enter>.
2. Enter the name of the start-up file. Press <Enter>.
Console#copy running-config startup-config
Startup configuration file name []: startup
Console#
1-11
S
WITCH MANAGEMENT
Managing System Files
The switch’s flash memory supports three types of system files that can be
managed by the CLI program, Web interface, or SNMP. The switch’s file
system allows files to be uploaded and downloaded, copied, deleted, and
set as a start-up file.
The three types of files are:
•Configuration — These files store system configuration
information and are created when configuration settings are saved.
Saved configuration files can be selected as a system start-up file or can
be uploaded via TFTP to a server for backup. A file named
“Factory_Default_Config.cfg” contains all the system default settings
and cannot be deleted from the system. See “Saving or Restoring
Configuration Settings” on page 2-18 for more information.
•Operation Code — System software that is executed after boot-up,
also known as run-time code. This code runs the switch operation and
provides the CLI, Web and SNMP management interfaces. See
“Managing Firmware” on page 2-16 for more information.
•Diagnostic Code — Software that is run during system boot-up,
also known as POST (Power On Self-Test). This code also provides a
facility to upload firmware files to the system directly through the
console port. See “Upgrading Firmware via the Serial Port” on page
A-2.
Due to the size limit of the flash memory, the switch supports only two
operation code files. However, you can have as many diagnostic code files
and configuration files as available flash memory space allows.
In the system flash memory, one file of each type must be set as the
start-up file. During a system boot, the diagnostic and operation code files
set as the start-up file are run, and then the start-up configuration file is
loaded. Configuration files can also be loaded while the system is running,
without rebooting the system.
1-12
S
System Defaults
The switch’s system defaults are provided in the configuration file
“Factory_Default_Config.cfg.” To reset the switch defaults, this file
should be set as the startup configuration file. See “Setting the Startup
Configuration File” on page 2-19.
The following table lists some of the basic system defaults.
FunctionParameterDefault
IP SettingsManagement. VLAN1
DHCPEnabled
BOOTPDisabled
User SpecifiedDisabled
IP Address0.0.0.0
Subnet Mask255.0.0.0
Default Gateway0.0.0.0
Web Management HTTP ServerEnabled
HTTP Port Number80
SNMPCommunity Strings“public” (read only)
“private” (read/write)
Authentication Failure
Traps
Link-up-Down TrapsEnabled
SecurityPrivileged Exec LevelUsername “admin”
Normal Exec LevelUsername “guest”
Enable Privileged Exec
from Normal Exec Level
RADIUS Authentication Disabled
Enabled
Password “admin”
Password “guest”
Password “super”
YSTEM DEFAULTS
1-13
S
WITCH MANAGEMENT
FunctionParameterDefault
Console Port
Connection
Port StatusAdmin StatusEnabled
Link AggregationStatic Trunksnone
Spanning Tree
Protocol
Address TableAging Time300 seconds
Baud Rate9600
Data bits8
Stop bits1
Paritynone
Local Console Timeout0 (disabled)
Auto-negotiationEnabled
Flow ControlDisabled
10/100 Mbps Port
Capability
10/100/1000 Mbps Port
Capability
LACP (all ports)Disabled
StatusEnabled
Fast ForwardingDisabled
10 Mbps half duplex
10 Mbps full duplex
100 Mbps half duplex
100 Mbps full duplex
Full-duplex flow control disabled
10 Mbps half duplex
10 Mbps full duplex
100 Mbps half duplex
100 Mbps full duplex
1000 Mbps full duplex
Symmetric flow control disabled
(Defaults: All parameters based
on IEEE 802.1D)
1-14
FunctionParameterDefault
Virtual LANsDefault VLAN1
PVID1
Acceptable Frame TypeAll
Ingress FilteringDisabled
GVRP (global)Disabled
GVRP (port interface)Disabled
Class of ServiceIngress Port Priority0
Weighted Round RobinClass 0: 1
Class 1: 4
Class 2: 16
Class 3: 64
IP Precedence PriorityDisabled
IP DSCP PriorityDisabled
IP Port PriorityDisabled
Multicast Filtering IGMP SnoopingEnabled
Act as QuerierEnabled
Broadcast Storm
Protection
System LogStatusEnabled
StatusEnabled (all ports)
Broadcast Limit Rate500 packets per second
Messages LoggedLevels 0-7 (all)
Messages Logged to Flash Levels 0-3
S
YSTEM DEFAULTS
1-15
S
WITCH MANAGEMENT
1-16
Loading...
+ 242 hidden pages
You need points to download manuals.
1 point = 1 manual.
You can buy points or you can get point for every manual you upload.