Transition Networks MIL-SM8TXAF2GPA, MIL-SM802GAF User Manual

8 10/100TX + 1 10/100/1000T/10/100 SFP Combo with

4 PoE Injectors Managed Switch

MIL-SM802GAF

8 10/100TX + 2 Gigabit Copper/SFP Combo with 8 PoE Injectors Managed Switch

MIL-SM8TXAF2GPA

User Manual

Rev.1.00 2007-07-13

Regulatory Approval

-FCC Class A

-UL 1950

-CSA C22.2 No. 950

-EN60950

-CE

-EN55022 Class A

-EN55024

Canadian EMI Notice

This Class A digital apparatus meets all the requirements of the Canadian Interference-Causing Equipment Regulations.

Cet appareil numerique de la classe A respecte toutes les exigences du Reglement sur le materiel brouilleur du Canada.

European Notice

Products with the CE Marking comply with both the EMC Directive (89/336/EEC) and the Low Voltage Directive (73/23/EEC) issued by the Commission of the European Community Compliance with these directives imply conformity to the following European Norms:

EN55022 (CISPR 22) - Radio Frequency Interference

EN61000-X - Electromagnetic Immunity

EN60950 (IEC950) - Product Safety

Five-Year Limited Warranty

Transition Networks warrants to the original consumer or purchaser that each of it's products, and all components thereof, will be free from defects in material and/or workmanship for a period of five years from the original factory shipment date. Any warranty hereunder is extended to the original consumer or purchaser and is not assignable.

Transition Networks makes no express or implied warranties including, but not limited to, any implied warranty of merchantability or fitness for a particular purpose, except as expressly set forth in this warranty. In no event shall Transition Networks be liable for incidental or consequential damages, costs, or expenses arising out of or in connection with the performance of the product delivered hereunder. Transition Networks will in no case cover damages arising out of the product being used in a negligent fashion or manner.

Trademarks

The MiLAN logo and Transition Networks trademarks are registered trademarks of Transition Networks in the United States and/or other countries.

To Contact Transition Networks

For prompt response when calling for service information, have the following information ready:

-Product serial number and revision

-Date of purchase

-Vendor or place of purchase

You can reach Transition Networks technical support at: E-mail: support@transition.com

Telephone: +1.800.260.1312 x 200 Fax: +1.952.941.2322

Transition Networks 6475 City West Parkway Eden Prairie, MN 55344 United States of America

Telephone: +1.800.526.9267

Fax: : +1.952.941.2322

http://www.milan.com info@ Transition.com

© Copyright 2007 Transition Networks

FCC Warning

This Equipment has been tested and found to comply with the limits for a Class-A digital device, pursuant to Part 15 of the FCC rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation. This equipment generates uses and can radiate radio frequency energy and, if not installed and used in accordance with the instructions, may cause harmful interference to radio communications. However, there is no guarantee that interference will not occur in a particular installation. If this equipment does cause harmful interference to radio or television reception, which can be determined by turning the equipment off and on, the user is encouraged to try to correct the interference by one or more of the following measures:

Reorient or relocate the receiving antenna.

Increase the separation between the equipment and receiver.

Connect the equipment into an outlet on a circuit different from that to which the receiver is connected.

Consult the dealer or an experienced radio/TV technician for help.

CE Mark Warning

This is a Class-A product. In a domestic environment this product may cause radio interference in which case the user may be required to take adequate measures.

Contents
FCC Warning ......................................................................................	i
CE Mark Warning...............................................................................	ii
Introduction ............................................................................	1
Features............................................................................................	2
Software Feature ..............................................................................	4
Package Contents.............................................................................	7
Hardware Description ............................................................	8
Physical Dimension...........................................................................	8
Front Panel .......................................................................................	8
LED Indicators ................................................................................	10
Rear Panel......................................................................................	12
Desktop Installation.........................................................................	13
Attaching Rubber Pads ...................................................................................	13
Power On........................................................................................	13
Network Application ............................................................	14
Small Workgroup ............................................................................	15
Segment Bridge ..............................................................................	16
Console Management ..........................................................	18
Login in the Console Interface.........................................................	18
CLI Management ............................................................................	19
Commands Level ............................................................................................	20
Commands Set List .........................................................................................	22
System Commands Set...................................................................................	22
Port Commands Set ........................................................................................	25

i

Trunk Commands Set .....................................................................................	27
VLAN Commands Set .....................................................................................	29
Spanning Tree Commands Set .......................................................................	31
QOS Commands Set.......................................................................................	33
IGMP Commands Set .....................................................................................	34
Mac / Filter Table Commands Set ...................................................................	34
SNMP Commands Set ....................................................................................	35
Port Mirroring Commands Set .........................................................................	38
802.1x Commands Set ....................................................................................	38
TFTP Commands Set......................................................................................	41
SystemLog, SMTP and Event Commands Set................................................	42
SNTP Commands Set .....................................................................................	43
X-ring Commands Set .....................................................................................	45
Web-Based Management ....................................................	46
About Web-based Management......................................................	46
Preparing for Web Management .....................................................	46
System Login ..................................................................................	46
System Information .........................................................................	47
IP Configuration ..............................................................................	48
DHCP Configuration .......................................................................	49
DHCP Server Configuration ............................................................................	50
DHCP Client Entries........................................................................................	51
Port and IP Bindings........................................................................................	51
TFTP - Update Firmware ................................................................	52
TFTP - Restore Configuration .........................................................	53
TFTP - Backup Configuration..........................................................	53
System Event Log Configuration.....................................................	54
System Event Log - SMTP Configuration ........................................	55
System Event Log - Event Configuration.........................................	56

ii

SNTP Configuration ........................................................................	58
IP Security ......................................................................................	61
User Authentication.........................................................................	62
Port Statistics ..................................................................................	63
Port Control.....................................................................................	64
Port Trunk .......................................................................................	65
Port Trunk - Aggregator setting .......................................................................	65
Port Trunk - Aggregator Information................................................................	66
Port Trunk - State Activity................................................................................	67
Port Mirroring ..................................................................................	68
Rate Limiting...................................................................................	69
VLAN configuration .........................................................................	70
VLAN configuration - Port-based VLAN ..........................................................	71
802.1Q VLAN ..................................................................................................	74
802.1Q Configuration...................................................................................	75
Group Configuration ....................................................................................	76
Rapid Spanning Tree ......................................................................	77
RSTP - System Configuration .........................................................................	77
RSTP - Port Configuration...............................................................................	79
SNMP Configuration .......................................................................	80
System Configuration ......................................................................................	80
Trap Configuration...........................................................................................	82
SNMPV3 Configuration ...................................................................................	82
QoS Configuration ..........................................................................	86
QoS Policy and Priority Type ..........................................................................	86
Port Base Priority ............................................................................................	88
COS Configuration ..........................................................................................	88
TOS Configuration...........................................................................................	88
IGMP Configuration ........................................................................	88
X-Ring.............................................................................................	91
iii

802.1X/Radius Configuration ..........................................................................	93
System Configuration ..................................................................................	93
802.1x Per Port Configuration .....................................................................	94
Misc Configuration .......................................................................................	95
MAC Address Table ........................................................................................	96
Static MAC Address.....................................................................................	96
MAC Filtering ...............................................................................................	97
All MAC Addresses......................................................................................	98
Power over Ethernet .....................................................................	100
Factory Default..............................................................................	101
Save Configuration .......................................................................	102
System Reboot .............................................................................	102
Troubleshooting.................................................................	103
Incorrect connections ....................................................................	103
Faulty or loose cables.........................................................................	103
Non-standard cables ..........................................................................	103
Improper Network Topologies.............................................................	104
Diagnosing LED Indicators............................................................	104
Technical Specification .....................................................	105
Appendix.............................................................................	108
Console Port Pin Assignments......................................................	108
100BASE-TX/10BASE-T Pin Assignments ...................................	109
RJ-45 Pin Assignment of non-802.3af standard PD with Midspan/Endspan
POE HUB/SWITCH .......................................................................................	109

iv

Introduction

Power-over-Ethernet (PoE) eliminates the need to run power to other devices on a wired LAN. Using Power-over-Ethernet systems installers needs to run only a single Category 5 Ethernet cable that carries both power and data to each device. This allows for greater flexibility in the location of network devices and significantly decreasing installation costs in many cases.

There are two system components in PoE—the Power Sourcing Equipment (PSE) initiates the connection to the second component, and the Powered Device (PD). The current is transmitted over two of the four twisted pairs of wires in a Category-5 cable.

Power over Ethernet follows the IEEE 802.3af and is completely compatible with existing Ethernet switches and networked devices. Because the Power Sourcing Equipment (PSE) tests whether a networked device is PoE-capable, power is never transmitted unless a Powered Device is at other end of the cable. It also continues to monitor the channel. If the Powered Device does not draw a minimum current, because it has been unplugged or physically turned off, the PSE shuts down the power to that port. Optionally, the standard permits Powered Devices to signal to the PSEs exactly how much power they need.

The 8 10/100TX + 2 Gigabit copper/Mini-GBIC Combo with 8 PoE Injectors Managed Switch and the 8 10/100TX + 1 10/100/1000T/100/1000 SFP Combo with 4 PoE Injectors Managed Switch are the multi-port switches that can be used to build high-performance switched workgroup networks. Both switches are a store-and-forward device that offers low latency for high-speed networking. It also features a “store-and-forward “switching scheme. This allows the switch to auto-learn and store source address in an 8K-entry MAC address table. The switch is targeted at workgroup, department or backbone computing environment.

1

Features

System Interface/Performance

RJ-45 ports support Auto MDI/MDI-X Function

Embedded 4-port or 8-port PoE injector function

Store-and-Forward Switching Architecture

Back-plane (Switching Fabric): 5.6Gbps (8 10/100TX + 2 Giga Copper/Mini-GBIC Combo model)

Back-plane (Switching Fabric): 3.6Gbps (8 10/100TX + 1 10/100/1000T/100/1000 SFP Combo model)

1Mbits Packet Buffer

8K MAC Address Table

VLAN

Port Based VLAN

Support 802.1 Q Tag VLAN

GVRP

Double Tag VLAN (Q in Q)*

Port Trunk with LACP

8 10/100TX + 2 Giga Copper/Mini-GBIC Combo model supports 802.1ab LLDP**

QoS (Quality of Service)

Support IEEE 802.1p Class of Service

Per port provides 4 priority queues

Port Base, Tag Base and Type of Service Priority

Port Mirror: Monitor traffic in switched networks.

TX Packet only

RX Packet only

Both of TX and RX Packet

Security

Port Security : MAC address entries/filter

IP Security : IP address security management to prevent unauthorized intruder.

Login Security: IEEE802.1X/RADIUS

IGMP with Query mode for Multi Media Application

2

Spanning Tree

Support IEEE802.1d Spanning Tree

Support IEEE802.1w Rapid Spanning Tree

X-ring

X-ring, Dual Homing, and Couple Ring Topology

Provide redundant backup feature and the recovery time below 300ms

Support 802.1ab LLDP **

Bandwidth Control

Ingress Packet Filter and Egress Rate Limit

Broadcast/Multicast Packet Filter Control

System Event Log

System Log Server/Client

SMTP e-mail Alert

SNMP Trap

Device cold start

Authentication failure

X-ring topology changed

Port Link up/Link down

PoE Status *

TFTP Firmware Update and System Configure Restore and Backup

* Future Release

** Optional

3

Software Feature

				SNMP v1
		Management		SNMP v2c
				SNMP v3
				Web/Telnet/Console (CLI)/Menu Driven**
				Port based VLAN
				IEEE802.1Q Tag VLAN(256 entries) / VLAN ID(Up
		VLAN		to 4K, VLAN ID can be assigned from 1 to 4094)
				GVRP (256 Groups)
				Double Tag VLAN (Q in Q)*
		Port Trunk with		LACP Port Trunk: 4 trunk groups of maximum 4
		LACP		trunk members
		LLDP**		Supports LLDP that allows switch to advertise its
				identification and capability on the LAN
		Spanning Tree		IEEE802.1d Spanning tree
				IEEE802.1w Rapid spanning tree
				Supports X-ring, Dual Homing, and Couple Ring
		X-ring		Provides redundant backup feature and recovery
				time below 300ms
		Quality of		The quality of service determined by port, Tag and
		service		IPv4 Type of service, IPv4/IPv6 Different Service
				Supports IEEE 802.1p Class of Service, per port
		Class of Service		provides 4 priority queues
				Weight Round Ratio (WRR) High: Mid-High:
				Mid-Low: Low (8:4:2:1)
				4

		Port Security		Supports100 entries of MAC address for static
				MAC and another 100 for MAC filter
		Port Mirror		Supports 3 mirroring types: “RX, TX and Both
				packet”
				Supports IGMP snooping v1 and v2
		IGMP		256 multicast groups
				IGMP query mode
				Supports 10 IP addresses that have permission to
		IP Security		access the switch management to prevent
				unauthorized intruder
				Supports ingress packet filter and egress packet
				limit
				The egress rate control supports all of packet type
				and the limit rates are 100Kbps (10/100) and
		Bandwidth		256Mbps (1000)
				Ingress filter packet type combination rules are
		Control
				Broadcast/Multicast/Unknown Unicast packet,
				Broadcast/Multicast packet, Broadcast only and all
				of packet
				The packet filter rate can be set as 100Kbps
				(10/100) and 256Mbps (1000)
		User		Supports IEEE802.1x User Authentication and can
		Authentication		report to RADIUS server
		Flow Control		Supports Flow Control for Full-duplex and Back
				Pressure for Half-duplex

5

Supports System log record and remote system

System log

log server

Supports SMTP Server and 6 email accounts for

SMTP

receiving event alert

Up to 3 Trap stations

Cold start, Port link down, Port link up,

SNMP Trap

authorization failure, PoE status, X-ring topology change

DHCP Client

DHCP

DHCP Server

Provides DNS client feature and supports Primary

DNS

and Secondary DNS server

Supports Simple Network Time Protocol to

SNTP

synchronize system clock in Internet

Firmware

Supports TFTP firmware upgrade

Upgrade

Configuration

Supports binary format configuration file for system

Upload and

quick installation (TFTP backup and restore)

Download

* Future Release

** Optional

6

Package Contents

Unpack the contents of the 8 10/100TX + 2 Gigabit copper/Mini-GBIC Combo with 8

PoE Injectors Managed Switch or 8 10/100TX + 1 10/100/1000T/100/1000 SFP Combo

with 4 PoE Injectors Managed Switch then verify them against the checklist below:

(1) 8 10/100TX + 2 Gigabit copper/Mini-GBIC Combo with 8 PoE Injectors Managed Switch or (1) 8 10/100TX + 1 10/100/1000T/100/1000 SFP Combo with 4 PoE Injectors Managed Switch

(4) Rubber Pads

(1) RS-232 cable

(1) Power Cord

(1) User Manual

or

8 10/100TX + 1 10/100/1000T/100/1000 SFP Combo with 4 PoE Injectors Managed Switch

Switch

8 10/100TX plus 2 Gigabit copper/MINI-GBIC Combo with 8 PoE Injectors Managed

Rubber Pads

RS-232 cable

Power Cord

User Manual

Compare the contents of the package with the standard checklist above. If any item is

missing or damaged, please contact the local dealer for exchanging.

7

Hardware Description

This section mainly describes the hardware of the PoE Injector Managed Switch and gives a physical and functional overview on the certain switch.

Physical Dimension

(MIL-SM802GAF) 8 10/100TX + 1 10/100/1000T/100/1000 SFP Combo with 4 PoE Injectors Managed Switch’s physical dimensions is 217mm(W) x 140mm(D) x 43mm(H).

(MIL-SM8TXAF2GPA) 8 10/100TX + 2 Gigabit copper/Mini-GBIC Combo with 8 PoE Injectors Managed Switch’s physical dimensions is 270mm(W) x 210mm(D) x 44mm(H).

Front Panel

The front panel of the 8 10/100TX + 1 10/100/1000T/100/1000 SFP Combo with 4 PoE Injectors Managed Switch consists of 8 x 10/100Base-TX RJ-45 Ethernet ports (Auto MDI/MDIX), 1 Giga port and 1 Mini-GBIC ports. The LED Indicators are also located on the front panel of the switch.

The Front panel of the 8 10/100TX + 1 10/100/1000T/100/1000 SFP Combo with 4 PoE Injectors Managed Switch

8

RJ-45 Ports: 8 x 10/100 N-way auto-sensing for 10Base-T or 100Base-TX connections. Ports 1 ~ 4 are general 10/100Base-TX Ethernet ports; Ports 5 ~ 8 are for Data in/out and Power out.

In general, MDI means connecting to another Hub or Switch while MDIX means connecting to a workstation or PC. Therefore, Auto MDI/MDIX would allow the unit to connect to another switch or workstation without changing non-crossover or crossover cabling.

1 Giga port: 1 x 10/100/1000TX N-Way auto-sensing for 10/100/1000 connection.

1 Mini-GBIC (SFP) port: 1 mini-GBIC port for Gigabit fiber connection (100/1000).

The front panel of the 8 10/100TX + 2 Gigabit copper/Mini-GBIC Combo with 8 PoE Injectors Managed Switch consists of 8 x 10/100Base-TX RJ-45 Ethernet ports (Auto MDI/MDIX), 2 Giga port and 2 Mini-GBIC ports. The LED Indicators are also located on the front panel of the switch.

The Front panel of the 8 10/100TX + 2 Gigabit copper/Mini-GBIC Combo with 8 PoE Injectors Managed Switch

RJ-45 Ports: 8 x 10/100 N-way auto-sensing for 10Base-T or 100Base-TX connections. Moreover, these ports also supply power for PDs.

In general, MDI means connecting to another Hub or Switch while MDIX means connecting to a workstation or PC. Therefore, Auto MDI/MDIX would allow connecting to another switch or workstation without changing non-crossover or crossover cabling.

2 Gigabit Ethernet port: 2 x 10/100/1000TX N-Way auto-sensing for 10/100/1000 connection.

2 Mini-GBIC port: 2 mini-GBIC ports for Gigabit or 100M fiber connection.

9

LED Indicators

The LED Indicators display real-time information of systematic operation status. The

following table provides descriptions of LED status and their meaning.

The LED indicators description of 8 10/100TX + 2 Gigabit Copper/Mini-GBIC Combo model (MIL-SM8TXAF2GPA)

		LED	Status	Description
			Green	Power On
		Power
			OFF	No power inputs
			Green	The port is supplying power to the
				connected powered-device
		FWD (port 1~8)
			OFF	No powered device attached or power
				supplying failed
		1000M	Green	The port is operating at speed of 1000M
		(RJ45 port 9~10)	OFF	The port is disconnected or not operating
				at speed of 1000M
			Green	Connected to network
		LK/ACT (port 1~ 10)	Blinking	Networking is active
			OFF	Not connected to network
			Green	The port is operating at speed of 100M
		100M
			OFF	The port is disconnected or not operating
				at speed of 100M

10

		Green	Connected to network
	LK/ACT
		Blinking	Networking is active
	(MINI GBIC 9, 10)
		OFF	Not connected to network

The LED indicators description of 8 10/100TX + 1 10/100/1000T/100/1000 SFP Combo model (MIL-SM802GAF)

		LED	Status	Description
			Green	Power On
		Power
			OFF	No power inputs
			Green	The port is operating at speed of 1000M
		COPPER 1000M
			OFF	The port is disconnected or not operating
				at speed of 1000M
			Green	Connected to network
		LNK/ACT
			Blinking	Networking is active
		(port 1~ 9)
			OFF	Not connected to network
			Green	Connected to network
		SFP	Blinking	Networking is active
			OFF	Not connected to network
		FWD (port 5~8)	Green	The port is supplying power to the
				connected powered-device

11

			OFF	No powered device attached or power
				supplying failed
			Green	The port is operating at speed of 100M
		100M
			OFF	The port is disconnected or not operating
				at speed of 100M
			Orange	Full duplex
		FDX/COL (port 1~8)	Blinking	Collision of packets occurs
			OFF	Half duplex or not connected to network

Rear Panel

The 3-pronged power plug is located on the rear panel of the 8 10/100TX + 1 10/100/1000/100/1000 SFP Combo with 4 PoE Injectors Managed Switch as shown below. The switch will work with AC in the voltage range of AC 100-240V with Frequency of 50-60Hz.

The Rear Panel of the 8 10/100TX + 1 10/100/1000/100/1000 SFP Combo with 4 PoE Injectors Managed Switch (MIL-SM802GAF)

The 3-pronged power plug and terminal block are located on the rear panel of the 8 10/100TX + 2 Gigabit copper/Mini-GBIC Combo with 8 PoE Injectors Managed Switch as shown below. The switch will work with AC in the voltage range of AC 100-240V with

12

Frequency of 50-60Hz, or work with DC 48V which is the redundant power supply for the

switch.

The Rear Panel of the 8 10/100TX + 2 Gigabit copper/ MINI GBIC Combo with 8 PoE Injector Managed Switch (MIL-SM8TXAF2GPA)

Desktop Installation

Set the switch on a sufficiently large flat space with a power outlet nearby. The surface where you put the switch should be clean, smooth, level and sturdy. Make sure there is enough clearance around the switch to allow attachment of cables, power cord and allow air circulation.

Attaching Rubber Pads

A.Make sure mounting surface on the bottom of the switch is grease and dust free.

B.Remove adhesive backing from your Rubber Pads.

C.Apply the Rubber Pads to each corner on the bottom of the switch. These footpads can prevent the switch from shock/vibration.

Power On

Connect the power cord to the power socket on the rear panel of the switch. The other side of power cord connects to the power outlet. The internal power supply of the switch works with voltage range of AC in the 100-240VAC/ Frequency of 50~60Hz, or the redundant power of DC 48V for 8 10/100TX + 2 Gigabit copper/Mini-GBIC Combo with 8 PoE Injectors Managed Switch. Check the power indicator on the front panel to see if power is properly supplied.

13

Network Application

This section provides a few samples of network topology in which the switch is used. In general, the PoE Injector Managed Switch is designed as a segment switch which has large address table (8k MAC addresses) and high performance to deal with interconnecting networking segments.

PC, workstations, and servers can communicate each other by directly connecting with PoE injector Managed Switch. The switch automatically learns nodes addresses, which are subsequently used to filter and forward all traffic based on the destination address.

Using the uplink port (Giga Combo port), the switch can connect with another switch or hub to interconnect other small-switched workgroups to form a larger switched network. Meanwhile, user can also use fiber ports to connect switches. The PoE switch also injects power into the UTP cables for supplying the power that PDs (Power Devices) need.

The Power over Ethernet Switch can provide power to PDs that follow the IEEE 802.3af standard in the network. It can solve the problem of position limitation. The network devices can be installed in more appropriate position for better performance. The following figure is an example of network application for Power over Ethernet Switch.

14

Power over Ethernet Switch network application

Small Workgroup

The PoE Injector Managed Switch can be used as a standalone switch to which personal computers, server, printer server, are directly connected to form a small workgroup.

15

Small Workgroup application

Segment Bridge

For enterprise networks where large data broadcasts are constantly processed, this switch is an ideal solution for department users to connect to the corporate backbone.

In the illustration below, two Ethernet switches with PCs, print server, and local server attached, are both connected to the switch. All the devices in this network can communicate with each other through the switch. Connecting servers to the switch allows other users to access the data on server.

16

Segment Bridge application

17

Console Management

Login in the Console Interface

When the connection between switch and PC is ready, turn on the PC and run a terminal emulation program or Hyper Terminal and configure its communication parameters to match the following default characteristics of the console port:

Baud Rate: 9600 bps

Data Bits: 8

Parity: none

Stop Bit: 1

Flow control: None

The settings of communication parameters

After finishing the parameter settings, click “OK“. When the blank screen shows up, press Enter key to bring out the login prompt. Key in the ‘root’ (default value) for both User name and Password (use Enter key to toggle), then hit Enter key and the console management appears right after. Please see the figure below for login screen.

18

Console login screen

CLI Management

The system supports console management – CLI command. After you login to the system, you will see a command prompt. To enter CLI management interface, enter “enable” command. The following table lists the CLI commands and description.

19

CLI command interface

Commands Level

	Modes		Access		Prompt		Exit		About This Mode1
			Method				Method
									The user commands
									available at the user
									level are a subset of
	User		Begin a				Enter		those available at the
			session with		switch>		logout or		privileged level.
	EXEC
			your switch.				quit.		Use this mode to
									• Perform basic tests.
									• Display system
									information.
			Enter the				Enter		The privileged
	Privileged		enable						command is in
					switch#		disable to
	EXEC		command						advanced mode
							exit.
			while in user						Privileged this mode
				20

		EXEC mode.			to
					• Display advanced
					function status
					• Save configuration
		Enter the		To exit to
	Global	configure		privileged	Use this mode to
		command	switch	EXEC	configure parameters
	Configura
		while in	(config)#	mode,	that apply to your
	tion
		privileged		enter exit or	switch as a whole.
		EXEC mode.		end
		Enter the vlan
		database		To exit to	Use this mode to
	VLAN	command	switch	user EXEC	configure
	database	while in	(vlan)#	mode,	VLAN-specific
		privileged		enter exit.	parameters.
		EXEC mode.
				To exit to
		Enter the		global
		interface		configuratio
	Interface	command	switch	n mode,	Use this mode to
		(with a specific		enter exit.	configure parameters
	configurat		(config-if)
		interface)		To exist to	for the switch and
	ion		#
		while in global		privileged	Ethernet ports.
		configuration		EXEC
		mode		mode, or
				end.

21

Commands Set List

User EXEC	E
Privileged EXEC	P
Global configuration	G
VLAN database	V
Interface configuration	I

System Commands Set

Commands	Level	Description	Example
show config	E	Show switch	switch>show config
		configuration
show terminal	P	Show console	switch#show terminal
		information
write memory	P	Save user	switch#write memory
		configuration into
		permanent memory
		(flash rom)
system name	G	Configure system	switch(config)#system name xxx
[System Name]		name
system location	G	Set switch system	switch(config)#system location
[System Location]		location string	xxx
system description	G	Set switch system	switch(config)#system
[System Description]		description string	description xxx
system contact	G	Set switch system	switch(config)#system contact
[System Contact]		contact window string	xxx
show system-info	E	Show system	switch>show system-info
		information
ip address	G	Configure the IP	switch(config)#ip address
[Ip-address]		address of switch	192.168.16.1 255.255.255.0
[Subnet-mask]			192.168.16.254

22

[Gateway]
ip dhcp	G	Enable DHCP client	switch(config)#ip dhcp
		function of switch
show ip	P	Show IP information of	switch#show ip
		switch
no ip dhcp	G	Disable DHCP client	switch(config)#no ip dhcp
		function of switch
reload	G	Halt and perform a cold	switch(config)#reload
		restart
default	G	Restore to default	switch(config)#default
admin username	G	Changes a login	switch(config)#admin username
[Username]		username.	xxxxxx
		(maximum 10 words)
admin password	G	Specifies a password	switch(config)#admin password
[Password]		(maximum 10 words)	xxxxxx
show admin	P	Show administrator	switch#show admin
		information
dhcpserver enable	G	Enable DHCP Server	switch(config)#dhcpserver enable
Dhcpserver disable	G	Disable DHCP Server	switch(config)#no dhcpserver
dhcpserver lowip	G	Configure low IP	switch(config)#dhcpserver lowip
[Low IP]		address for IP pool	192.168.1.100
dhcpserver highip	G	Configure high IP	switch(config)#dhcpserver highip
[High IP]		address for IP pool	192.168.1.200
dhcpserver subnetmask	G	Configure subnet	switch(config)#dhcpserver
[Subnet mask]		mask for DHCP clients	subnetmask 255.255.255.0
dhcpserver gateway	G	Configure gateway for	switch(config)#dhcpserver
[Gateway]		DHCP clients	gateway 192.168.1.254
dhcpserver dnsip	G	Configure DNS IP for	switch(config)#dhcpserver dnsip
[DNS IP]		DHCP clients	192.168.1.1
dhcpserver leasetime	G	Configure lease time	switch(config)#dhcpserver
[Hours]		(in hour)	leasetime 1
dhcpserver ipbinding	I	Set static IP for DHCP	switch(config)#interface

23

[IP address]		clients by port	fastEthernet 2
			switch(config)#dhcpserver
			ipbinding 192.168.1.1
show dhcpserver	P	Show configuration of	switch#show dhcpserver
configuration		DHCP server	configuration
show dhcpserver clients	P	Show client entries of	switch#show dhcpserver clients
		DHCP server
show dhcpserver	P	Show IP-Binding	switch#show dhcpserver
ip-binding		information of DHCP	ip-binding
		server
no dhcpserver	G	Disable DHCP server	switch(config)#no dhcpserver
		function
security enable	G	Enable IP security	switch(config)#security enable
		function
security http	G	Enable IP security of	switch(config)#security http
		HTTP server
security telnet	G	Enable IP security of	switch(config)#security telnet
		telnet server
security ip	G	Set the IP security list	switch(config)#security ip 1
[Index(1..10)] [IP			192.168.1.55
Address]
show security	P	Show the information	switch#show security
		of IP security
no security	G	Disable IP security	switch(config)#no security
		function
no security http	G	Disable IP security of	switch(config)#no security http
		HTTP server
no security telnet	G	Disable IP security of	switch(config)#no security telnet
		telnet server

24

Port Commands Set

Commands	Level	Description	Example
interface fastEthernet	G	Choose the port for	switch(config)#interface
[Portid]		modification.	fastEthernet 2
duplex	I	Use the duplex	switch(config)#interface
[full | half]		configuration	fastEthernet 2
		command to specify	switch(config-if)#duplex full
		the duplex mode of
		operation for Fast
		Ethernet.
speed	I	Use the speed	switch(config)#interface
[10|100|1000|auto]		configuration	fastEthernet 2
		command to specify	switch(config-if)#speed 100
		the speed mode of
		operation for Fast
		Ethernet., the speed
		can’t be set to 1000 if
		the port isn’t a giga
		port..
no flowcontrol	I	Disable flow control of	switch(config-if)#no flowcontrol
		interface
security enable	I	Enable security of	switch(config)#interface
		interface	fastEthernet 2
			switch(config-if)#security enable
no security	I	Disable security of	switch(config)#interface
		interface	fastEthernet 2
			switch(config-if)#no security
bandwidth type all	I	Set interface ingress	switch(config)#interface
		limit frame type to	fastEthernet 2
		‘accept all frame’	switch(config-if)#bandwidth type
			all

25

bandwidth type	I	Set interface ingress	switch(config)#interface
broadcast-multicast-floo		limit frame type to	fastEthernet 2
ded-unicast		‘accept broadcast,	switch(config-if)#bandwidth type
		multicast, and flooded	broadcast-multicast-flooded-uni
		unicast frame’	cast
bandwidth type	I	Set interface ingress	switch(config)#interface
broadcast-multicast		limit frame type to	fastEthernet 2
		‘accept broadcast and	switch(config-if)#bandwidth type
		multicast frame’	broadcast-multicast
bandwidth type	I	Set interface ingress	switch(config)#interface
broadcast-only		limit frame type to ‘only	fastEthernet 2
		accept broadcast	switch(config-if)#bandwidth type
		frame’	broadcast-only
bandwidth in	I	Set interface input	switch(config)#interface
[Value]		bandwidth. Rate	fastEthernet 2
		Range is from 100	switch(config-if)#bandwidth in 100
		kbps to 102400 kbps
		or to 256000 kbps for
		giga ports,
		and zero means no
		limit.
bandwidth out		Set interface output	switch(config)#interface
[Value]		bandwidth. Rate	fastEthernet 2
		Range is from 100	switch(config-if)#bandwidth out
		kbps to 102400 kbps	100
		or to 256000 kbps for
		giga ports,
		and zero means no
		limit.
show bandwidth	I	Show interfaces	switch(config)#interface
		bandwidth control	fastEthernet 2
			switch(config-if)#show bandwidth

26

state	I	Use the state interface	switch(config)#interface
[Enable | Disable]		configuration	fastEthernet 2
		command to specify	(config-if)#state Disable
		the state mode of
		operation for Ethernet
		ports. Use the disable
		form of this command
		to disable the port.
show interface	I	show interface	switch(config)#interface
configuration		configuration status	fastEthernet 2
			switch(config-if)#show interface
			configuration
show interface status	I	show interface actual	switch(config)#interface
		status	fastEthernet 2
			(config-if)#show interface status
show interface	I	show interface statistic	switch(config)#interface
accounting		counter	fastEthernet 2
			(config-if)#show interface
			accounting
no accounting	I	Clear interface	switch(config)#interface
		accounting information	fastEthernet 2
			switch(config-if)#no accounting

Trunk Commands Set

Commands	Level	Description	Example
aggregator priority	G	Set port group system	switch(config)#aggregator priority
[1~65535]		priority	22
aggregator activityport	G	Set activity port	switch(config)#aggregator
[Group ID]			activityport 2
[Port Numbers]
aggregator group	G	Assign a trunk group	switch(config)#aggregator group

27

[GroupID] [Port-list]		with LACP active.	1 1-4 lacp workp 2
lacp		[GroupID] :1~4	or
workp		[Port-list]:Member port	switch(config)#aggregator group
[Workport]		list, This parameter	2 1,4,3 lacp workp 3
		could be a port
		range(ex.1-4) or a port
		list separate by a
		comma(ex.2, 3, 6)
		[Workport]: The
		amount of work ports,
		this value could not be
		less than zero or be
		large than the amount
		of member ports.
aggregator group	G	Assign a static trunk	switch(config)#aggregator group
[GroupID] [Port-list]		group.	1 2-4 nolacp
nolacp		[GroupID] :1~4	or
		[Port-list]:Member port	switch(config)#aggregator group
		list, This parameter	1 3,1,2 nolacp
		could be a port
		range(ex.1-4) or a port
		list separate by a
		comma(ex.2, 3, 6)
show aggregator	P	Show the information	switch#show aggregator 1
		of trunk group	or
			switch#show aggregator 2
			or
			switch#show aggregator 3
no aggregator lacp	G	Disable the LACP	switch(config)#no aggreator lacp
[GroupID]		function of trunk group	1
no aggregator group	G	Remove a trunk group	switch(config)#no aggreator
[GroupID]			group 2
		28

VLAN Commands Set

Commands	Level	Description	Example
vlan database	P	Enter VLAN configure	switch#vlan database
		mode
Vlanmode	V	To set switch VLAN	switch(vlan)#vlanmode portbase
[portbase| 802.1q |		mode.	or
gvrp]			switch(vlan)#vlanmode 802.1q
			or
			switch(vlan)#vlanmode gvrp
no vlan	V	No VLAN	Switch(vlan)#no vlan
Ported based VLAN configuration
vlan port-based	V	Add new port based	switch(vlan)#vlan port-based
grpname		VALN	grpname test grpid 2 port 2-4
[Group Name]			or
grpid			switch(vlan)#vlan port-based
[GroupID]			grpname test grpid 2 port 2,3,4
port
[PortNumbers]
show vlan [GroupID]	V	Show VLAN	switch(vlan)#show vlan 23
or		information
show vlan
no vlan group	V	Delete port base group	switch(vlan)#no vlan group 2
[GroupID]		ID
		IEEE 802.1Q VLAN
vlan 8021q name	V	Change the name of	switch(vlan)#vlan 8021q name
[GroupName]		VLAN group, if the	test vid 22
vid
[VID]		group didn’t exist, this
		command can’t be
		applied.
vlan 8021q port	V	Assign a access link	switch(vlan)#vlan 8021q port 3
[PortNumber]		for VLAN by port, if the	access-link untag 33
access-link untag
[UntaggedVID]
		29

		port belong to a trunk
		group, this command
		can’t be applied.
vlan 8021q port	V	Assign a trunk link for	switch(vlan)#vlan 8021q port 3
[PortNumber]		VLAN by port, if the	trunk-link tag 2,3,6,99
trunk-link tag
[TaggedVID List]		port belong to a trunk	or
		group, this command	switch(vlan)#vlan 8021q port 3
		can’t be applied.	trunk-link tag 3-20
vlan 8021q port	V	Assign a hybrid link for	switch(vlan)#vlan 8021q port 3
[PortNumber]		VLAN by port, if the	hybrid-link untag 4 tag 3,6,8
hybrid-link untag
[UntaggedVID]		port belong to a trunk	or
tag		group, this command	switch(vlan)#vlan 8021q port 3
[TaggedVID List]
		can’t be applied.	hybrid-link untag 5 tag 6-8
vlan 8021q trunk	V	Assign a access link	switch(vlan)#vlan 8021q trunk 3
[PortNumber]		for VLAN by trunk	access-link untag 33
access-link untag
[UntaggedVID]		group
vlan 8021q trunk	V	Assign a trunk link for	switch(vlan)#vlan 8021q trunk 3
[PortNumber]		VLAN by trunk group	trunk-link tag 2,3,6,99
trunk-link tag
[TaggedVID List]			or
			switch(vlan)#vlan 8021q trunk 3
			trunk-link tag 3-20
vlan 8021q trunk	V	Assign a hybrid link for	switch(vlan)#vlan 8021q trunk 3
[PortNumber]		VLAN by trunk group	hybrid-link untag 4 tag 3,6,8
hybrid-link untag
[UntaggedVID]			or
tag			switch(vlan)#vlan 8021q trunk 3
[TaggedVID List]
			hybrid-link untag 5 tag 6-8
show vlan [GroupID]	V	Show VLAN	switch(vlan)#show vlan 23
or		information
show vlan
no vlan group	V	Delete port base group	switch(vlan)#no vlan group 2
[GroupID]		ID

30

Spanning Tree Commands Set

Commands	Level	Description	Example
spanning-tree enable	G	Enable spanning tree	switch(config)#spanning-tree
			enable
spanning-tree priority	G	Configure spanning	switch(config)#spanning-tree
[0~61440]		tree priority parameter	priority 32767
spanning-tree max-age	G	Use the spanning-tree	switch(config)#spanning-tree
[seconds]		max-age global	max-age 15
		configuration
		command to change
		the interval between
		messages the
		spanning tree receives
		from the root switch. If
		a switch does not
		receive a bridge
		protocol data unit
		(BPDU) message from
		the root switch within
		this interval, it
		recomputed the
		Spanning Tree
		Protocol (STP)
		topology.
spanning-tree	G	Use the spanning-tree	switch(config)#spanning-tree
hello-time [seconds]		hello-time global	hello-time 3
		configuration
		command to specify
		the interval between
		hello bridge protocol
		data units (BPDUs).
spanning-tree	G	Use the spanning-tree	switch(config)#spanning-tree
		31

forward-time [seconds]		forward-time global	forward-time 20
		configuration
		command to set the
		forwarding-time for the
		specified
		spanning-tree
		instances. The
		forwarding time
		determines how long
		each of the listening
		and
		learning states last
		before the port begins
		forwarding.
stp-path-cost	I	Use the spanning-tree	switch(config)#interface
[1~200000000]		cost interface	fastEthernet 2
		configuration	switch(config-if)#stp-path-cost 20
		command to set the
		path cost for Spanning
		Tree
		Protocol (STP)
		calculations. In the
		event of a loop,
		spanning tree
		considers the path
		cost when selecting
		an interface to place
		into the forwarding
		state.
stp-path-priority	I	Use the spanning-tree	switch(config)#interface
[Port Priority]		port-priority interface	fastEthernet 2
		configuration	switch(config-if)#stp-path-priority
		command to configure	128

32

		a port priority that
		is used when two
		switches tie for
		position as the root
		switch.
stp-admin-p2p	I	Admin P2P of STP	switch(config)#interface
[Auto|True|False]		priority on this	fastEthernet 2
		interface.	switch(config-if)#stp-admin-p2p
			Auto
stp-admin-edge	I	Admin Edge of STP	switch(config)#interface
[True|False]		priority on this	fastEthernet 2
		interface.	switch(config-if)#stp-admin-edge
			True
stp-admin-non-stp	I	Admin NonSTP of STP	switch(config)#interface
[True|False]		priority on this	fastEthernet 2
		interface.	switch(config-if)#stp-admin-non-s
			tp False
show spanning-tree	E	Displays a summary of	switch>show spanning-tree
		the spanning-tree
		states.
no spanning-tree	G	Disable spanning-tree.	switch(config)#no spanning-tree

QOS Commands Set

Commands	Level	Description	Example
qos policy	G	Select QOS policy	switch(config)#qos policy
[weighted-fair|strict]		scheduling	weighted-fair
qos prioritytype	G	Setting of QOS priority	switch(config)#qos prioritytype
[port-based|cos-only|tos		type
-only|cos-first|tos-first]
qos priority portbased	G	Configure Port-based	switch(config)#qos priority
[Port]		Priority	portbased 1 low
[lowest|low|middle|high]

33

qos priority cos	G	Configure COS Priority	switch(config)#qos priority cos 0
[Priority][lowest|low|mid			middle
dle|high]
qos priority tos	G	Configure TOS Priority	switch(config)#qos priority tos 3
[Priority][lowest|low|mid			high
dle|high]
show qos	P	Displays the	Switch#show qos
		information of QoS
		configuration
no qos	G	Disable QoS function	switch(config)#no qos

IGMP Commands Set

Commands	Level	Description	Example
igmp enable	G	Enable IGMP	switch(config)#igmp enable
		snooping function
Igmp-query auto	G	Set IGMP query to	switch(config)#Igmp-query auto
		auto mode
Igmp-query force	G	Set IGMP query to	switch(config)#Igmp-query force
		force mode
show igmp	P	Displays the details of	switch#show igmp configuration
configuration		an IGMP
		configuration.
show igmp multi	P	Displays the details of	switch#show igmp multi
		an IGMP snooping
		entries.
no igmp	G	Disable IGMP	switch(config)#no igmp
		snooping function
no igmp-query	G	Disable IGMP query	switch#no igmp-query

Mac / Filter Table Commands Set

Commands	Level	Description	Example
mac-address-table static	I	Configure MAC	switch(config)#interface

34

hwaddr		address table of	fastEthernet 2
[MAC]		interface (static).	switch(config-if)#mac-address-tab
			le static hwaddr 000012345678
mac-address-table filter	G	Configure MAC	switch(config)#mac-address-table
hwaddr		address table(filter)	filter hwaddr 000012348678
[MAC]
show mac-address-table	P	Show all MAC address	switch#show mac-address-table
		table
show mac-address-table	P	Show static MAC	switch#show mac-address-table
static		address table	static
show mac-address-table	P	Show filter MAC	switch#show mac-address-table
filter		address table.	filter
no mac-address-table	I	Remove an entry of	switch(config)#interface
static hwaddr		MAC address table of	fastEthernet 2
[MAC]		interface (static)	switch(config-if)#no
			mac-address-table static hwaddr
			000012345678
no mac-address-table	G	Remove an entry of	switch(config)#no
filter hwaddr		MAC address table	mac-address-table filter hwaddr
[MAC]		(filter)	000012348678
no mac-address-table	G	Remove dynamic entry	switch(config)#no
		of MAC address table	mac-address-table

SNMP Commands Set

Commands	Level	Description	Example
snmp system-name	G	Set SNMP agent	switch(config)#snmp
[System Name]		system name	system-name l2switch
snmp system-location	G	Set SNMP agent	switch(config)#snmp
[System Location]		system location	system-location lab
snmp system-contact	G	Set SNMP agent	switch(config)#snmp
[System Contact]		system contact	system-contact where

35

snmp agent-mode	G	Select the agent mode	switch(config)#snmp agent-mode
[v1v2c|v3|v1v2cv3]		of SNMP	v1v2cv3
snmp	G	Add SNMP community	switch(config)#snmp
community-strings		string.	community-strings public right
[Community]			rw
right
[RO/RW]
snmp-server host	G	Configure SNMP	switch(config)#snmp-server host
[IP address]		server host information	192.168.1.50 community public
community		and community string	trap-version v1
[Community-string]			(remove)
trap-version			Switch(config)#
[v1|v2c]			no snmp-server host
			192.168.1.50
snmpv3 context-name	G	Configure the context	switch(config)#snmpv3
[Context Name ]		name	context-name Test
snmpv3 user	G	Configure the	switch(config)#snmpv3 user
[User Name]		userprofile for	test01 group G1 password
group		SNMPV3 agent.	AuthPW PrivPW
[Group Name]		Privacy password
password		could be empty.
[Authentication
Password] [Privacy
Password]
snmpv3 access	G	Configure the access	switch(config)#snmpv3 access
context-name [Context		table of SNMPV3	context-name Test group G1
Name ]		agent	security-level AuthPriv
group			match-rule Exact views V1 V1 V1
[Group Name ]
security-level
[NoAuthNoPriv|AuthNoP
riv|AuthPriv]

36

match-rule
[Exact|Prifix]
views
[Read View Name] [Write
View Name] [Notify View
Name]
snmpv3 mibview view	G	Configure the mibview	switch(config)#snmpv3 mibview
[View Name]		table of SNMPV3	view V1 type Excluded sub-oid
type		agent	1.3.6.1
[Excluded|Included]
sub-oid
[OID]
show snmp	P	Show SNMP	switch#show snmp
		configuration
no snmp	G	Remove the specified	switch(config)#no snmp
community-strings		community.	community-strings public
[Community]
no snmp-server host	G	Remove the SNMP	switch(config)#no snmp-server
[Host-address]		server host.	192.168.1.50
no snmpv3 user	G	Remove specified user	switch(config)#no snmpv3 user
[User Name]		of SNMPv3 agent.	Test
no snmpv3 access	G	Remove specified	switch(config)#no snmpv3 access
context-name [Context		access table of	context-name Test group G1
Name ]		SNMPv3 agent.	security-level AuthPr
group			iv match-rule Exact views V1 V1
[Group Name ]			V1
security-level
[NoAuthNoPriv|AuthNoP
riv|AuthPriv]
match-rule
[Exact|Prifix]
views
		37

[Read View Name] [Write
View Name] [Notify View
Name]
no snmpv3 mibview	G	Remove specified	switch(config)#no snmpv3
view		mibview table of	mibview view V1 type Excluded
[View Name]		SNMPV3 agent.	sub-oid 1.3.6.1
type
[Excluded|Included]
sub-oid
[OID]

Port Mirroring Commands Set

Commands	Level	Description	Example
monitor rx	G	Set RX destination	switch(config)#monitor rx
		port of monitor function
monitor tx	G	Set TX destination port	switch(config)#monitor tx
		of monitor function
show monitor	P	Show port monitor	switch#show monitor
		information
monitor	I	Configure source port	switch(config)#interface
[RX|TX|Both]		of monitor function	fastEthernet 2
			switch(config-if)#monitor RX
show monitor	I	Show port monitor	switch(config)#interface
		information	fastEthernet 2
			switch(config-if)#show monitor
no monitor	I	Disable source port of	switch(config)#interface
		monitor function	fastEthernet 2
			switch(config-if)#no monitor

802.1x Commands Set

Commands	Level	Description	Example

38

8021x enable	G	Use the 802.1x global	switch(config)# 8021x enable
		configuration
		command to enable
		802.1x protocols.
8021x system radiusip	G	Use the 802.1x system	switch(config)# 8021x system
[IP address]		radius IP global	radiusip 192.168.1.1
		configuration
		command to change
		the radius server IP.
8021x system serverport	G	Use the 802.1x system	switch(config)# 8021x system
[port ID]		server port global	serverport	1815
		configuration
		command to change
		the radius server port
8021x system	G	Use the 802.1x system	switch(config)# 8021x system
accountport		account port global	accountport	1816
[port ID]		configuration
		command to change
		the accounting port
8021x system sharekey	G	Use the 802.1x system	switch(config)# 8021x system
[ID]		share key global	sharekey 123456
		configuration
		command to change
		the shared key value.
8021x system nasid	G	Use the 802.1x system	switch(config)# 8021x system
[words]		nasid global	nasid test1
		configuration
		command to change
		the NAS ID

39

8021x misc quietperiod	G	Use the 802.1x misc	switch(config)# 8021x misc
[sec.]		quiet period global	quietperiod 10
		configuration
		command to specify
		the quiet period value
		of the switch.
8021x misc txperiod	G	Use the 802.1x misc	switch(config)# 8021x misc
[sec.]		TX period global	txperiod 5
		configuration
		command to set the
		TX period.
8021x misc	G	Use the 802.1x misc	switch(config)# 8021x misc
supportimeout [sec.]		supp timeout global	supportimeout 20
		configuration
		command to set the
		supplicant timeout.
8021x misc	G	Use the 802.1x misc	switch(config)#8021x misc
servertimeout [sec.]		server timeout global	servertimeout 20
		configuration
		command to set the
		server timeout.
8021x misc maxrequest	G	Use the 802.1x misc	switch(config)# 8021x misc
[number]		max request global	maxrequest 3
		configuration
		command to set the
		MAX requests.
8021x misc	G	Use the 802.1x misc	switch(config)# 8021x misc
reauthperiod [sec.]		reauth period global	reauthperiod 3000
		configuration
		command to set the
		reauth period.
8021x portstate	I	Use the 802.1x port	switch(config)#interface
		40

[disable | reject | accept |		state interface	fastethernet 3
authorize]		configuration	switch(config-if)#8021x portstate
		command to set the	accept
		state of the selected
		port.
show 8021x	E	Displays a summary of	switch>show 8021x
		the 802.1x properties
		and also the port
		sates.
no 8021x	G	Disable 802.1x	switch(config)#no 8021x
		function

TFTP Commands Set

Commands	Level	Description	Defaults Example
backup	G	Save configuration to	switch(config)#backup
flash:backup_cfg		TFTP and need to	flash:backup_cfg
		specify the IP of TFTP
		server and the file name
		of image.
restore flash:restore_cfg	G	Get configuration from	switch(config)#restore
		TFTP server and need to	flash:restore_cfg
		specify the IP of TFTP
		server and the file name
		of image.
upgrade	G	Upgrade firmware by	switch(config)#upgrade
flash:upgrade_fw		TFTP and need to	lash:upgrade_fw
		specify the IP of TFTP
		server and the file name
		of image.

41

SystemLog, SMTP and Event Commands Set

Commands	Level	Description	Example
systemlog ip	G	Set System log server	switch(config)# systemlog ip
[IP address]		IP address.	192.168.1.100
systemlog mode	G	Specified the log mode	switch(config)# systemlog mode
[client|server|both]			both
show systemlog	E	Displays system log.	Switch>show systemlog
show systemlog	P	Show system log client	switch#show systemlog
		& server information
no systemlog	G	Disable systemlog	switch(config)#no systemlog
		functon
smtp enable	G	Enable SMTP function	switch(config)#smtp enable
smtp serverip	G	Configure SMTP	switch(config)#smtp serverip
[IP address]		server IP	192.168.1.5
smtp authentication	G	Enable SMTP	switch(config)#smtp
		authentication	authentication
smtp account	G	Configure	switch(config)#smtp account User
[account]		authentication account
smtp password	G	Configure	switch(config)#smtp password
[password]		authentication
		password
smtp rcptemail	G	Configure Rcpt e-mail	switch(config)#smtp rcptemail 1
[Index] [Email address]		Address	Alert@test.com
show smtp	P	Show the information	switch#show smtp
		of SMTP
no smtp	G	Disable SMTP function	switch(config)#no smtp
event device-cold-start	G	Set cold start event	switch(config)#event
[Systemlog|SMTP|Both]		type	device-cold-start both
event	G	Set Authentication	switch(config)#event
authentication-failure		failure event type	authentication-failure both
[Systemlog|SMTP|Both]

42

event	G	Set X-ring topology	switch(config)#event
X-ring-topology-change		changed event type	X-ring-topology-change both
[Systemlog|SMTP|Both]
event systemlog	I	Set port event for	switch(config)#interface
[Link-UP|Link-Down|Bot		system log	fastethernet 3
h]			switch(config-if)#event systemlog
			both
event smtp	I	Set port event for	switch(config)#interface
[Link-UP|Link-Down|Bot		SMTP	fastethernet 3
h]			switch(config-if)#event smtp both
show event	P	Show event selection	switch#show event
no event	G	Disable cold start	switch(config)#no event
device-cold-start		event type	device-cold-start
no event	G	Disable Authentication	switch(config)#no event
authentication-failure		failure event typ	authentication-failure
no event	G	Disable X-ring	switch(config)#no event
X-ring-topology-change		topology changed	X-ring-topology-change
		event type
no event systemlog	I	Disable port event for	switch(config)#interface
		system log	fastethernet 3
			switch(config-if)#no event
			systemlog
no event smpt	I	Disable port event for	switch(config)#interface
		SMTP	fastethernet 3
			switch(config-if)#no event smtp
show systemlog	P	Show system log client	switch#show systemlog
		& server information

SNTP Commands Set

Commands	Level	Description	Example
sntp enable	G	Enable SNTP function	switch(config)#sntp enable

43

sntp daylight	G	Enable daylight saving	switch(config)#sntp daylight
		time, if SNTP function
		is inactive, this
		command can’t be
		applied.
sntp daylight-period	G	Set period of daylight	switch(config)# sntp
[Start time] [End time]		saving time, if SNTP	daylight-period 20060101-01:01
		function is inactive,	20060202-01-01
		this command can’t be
		applied.
		Parameter format:
		[yyyymmdd-hh:mm]
sntp daylight-offset	G	Set offset of daylight	switch(config)#sntp
[Minute]		saving time, if SNTP	daylight-offset 3
		function is inactive,
		this command can’t be
		applied.
sntp ip	G	Set SNTP server IP, if	switch(config)#sntp ip 192.169.1.1
[IP]		SNTP function is
		inactive, this command
		can’t be applied.
sntp timezone	G	Set timezone index,	switch(config)#sntp timezone 22
[Timezone]		use ‘show sntp
		timzezone’ command
		to get more
		information of index
		number
show sntp	P	Show SNTP	switch#show sntp
		information
show sntp timezone	P	Show index number of	switch#show sntp timezone
		time zone list
no sntp	G	Disable SNTP function	switch(config)#no sntp
		44

no sntp daylight	G	Disable daylight saving	switch(config)#no sntp daylight
		time

X-ring Commands Set

Commands	Level	Description	Example
Xring enable	G	Enable X-ring	switch(config)#Xring enable
Xring master	G	Enable ring master	switch(config)#Xring master
Xring couplering	G	Enable couple ring	switch(config)#Xring couplering
Xring dualhoming	G	Enable dual homing	switch(config)#Xring dualhoming
Xring ringport	G	Configure 1st/2nd	switch(config)#Xring ringport 7 8
[1st Ring Port] [2nd Ring		Ring Port
Port]
Xring couplingport	G	Configure Coupling	switch(config)#Xring couplingport
[Coupling Port]		Port	1
Xring controlport	G	Configure Control Port	switch(config)#Xring controlport 2
[Control Port]
Xring homingport	G	Configure Dual	switch(config)#Xring homingport
[Dual Homing Port]		Homing Port	3
show Xring	P	Show the information	switch#show Xring
		of X - Ring
no Xring	G	Disable X-ring	switch(config)#no X ring
no Xring master	G	Disable ring master	switch(config)# no Xring master
no Xring couplering	G	Disable couple ring	switch(config)# no Xring
			couplering
no Xring dualhoming	G	Disable dual homing	switch(config)# no Xring
			dualhoming

45

Web-Based Management

This section introduces the configuration and functions of the Web-Based management.

About Web-based Management

On the CPU board of the switch there is an embedded HTML web site residing in flash memory, which offers advanced management features and allow users to manage the switch from anywhere on the network through a standard browser such as Microsoft Internet Explorer.

The Web-Based Management supports Internet Explorer 6.0. And, it is applied with Java Applets for reducing network bandwidth consumption, enhance access speed and present an easy viewing screen.

Preparing for Web Management

Before using web management, user can use console to login the switch to check the default IP of the switch. Please refer to Console Management Chapter for console login. If user needs to change IP address for the first time, user can use console mode to modify it. The default value is as below:

IP Address: 192.168.1.77

Subnet Mask: 255.255.255.0

Default Gateway: 192.168.1.254

User Name: root Password: root

System Login

Launch the Internet Explorer.

46

Key in “http://” + “IP Address” of the Switch, and then press “Enter”

Login screen will appear right after

Key in the user name and password. The default user name and password is “root”

Click “Enter” or” OK”, then the home screen of the Web-based management appears right after

Note: The web interface features shown below are introduced by the screen displays of 8 10/100 TX + 2 10/100/1000T/Mini-GBIC Combo (MIL-SM8TXAF2GPA) model. Unless specifically identified, the all of the screen displays are suitable for the models in this manual.

Main interface

System Information

Assign the system name and location and view the system information

System Name: Assign the system name of the switch (The maximum length is 64 bytes)

47

System Location: Assign the switch physical location (The maximum length is 64 bytes)

System Description: Displays the description of switch(Read only cannot be modified)

Firmware Version: Displays the switch’s firmware version

Kernel Version: Displays the kernel software version

MAC Address: Displays the unique hardware address assigned by manufacturer (default)

And than, click

Apply

System Information interface

IP Configuration

User can configure the IP Settings and DHCP client function

DHCP: Disable or enable the DHCP client function

IP Address: Assign the switch IP address. The default IP is 192.168.1.77

Subnet Mask: Assign the switch IP subnet mask

Gateway: Assign the switch gateway. The default value is 192.168.1.254

DNS1: The abbreviation of Domain Name Server—an Internet service that translates domain name into IP addresses. Domain name are alphabetic which

48

are easy to be remembered. Because the Internet is based on IP address; every time you use a domain name, therefore, a DNS service must translate the name into the corresponding IP address. For example, the domain name www.net.com might translate to 192.168.1.1

DNS2: The backup for DNS1. When DNS1 cannot function, DNS2 will then replace DNS1 immediately

	And than, click	Apply
	Save after assigning the IP address

IP Configuration interface

DHCP Configuration

DHCP is the abbreviation of Dynamic Host Configuration Protocol that is a protocol for assigning dynamic IP addresses to devices on a network. With dynamic addressing, a device can have a different IP address every time it connects to the network. In some systems, the device's IP address can even change while it is still connected. DHCP also supports a mix of static and dynamic IP addresses. Dynamic addressing simplifies network administration because the software keeps track of IP addresses rather than requiring an administrator to manage the task. This means that a new computer can be added to a network without the hassle of manually assigning it a unique IP address.

49

DHCP Server Configuration

The system provides the DHCP server function. Enable the DHCP server function, the

switch system will be a DHCP server.

DHCP Server: Enable or Disable the DHCP Server function. Enable—the switch will be the DHCP server on your local network

Low IP Address: The dynamic IP range. Low IP address is the beginning of the dynamic IP range. For example: dynamic IP range is from 192.168.1.100 ~ 192.168.1.200. In contrast, 192.168.1.100 is the Low IP address

High IP Address: The dynamic IP range. High IP address is the end of the dynamic IP range. For example: dynamic IP range is from 192.168.1.100 ~ 192.168.1.200. In comparison, 192.168.1.200 is the High IP address

Subnet Mask: The dynamic IP assign range subnet mask

Gateway: The gateway in your network

DNS: The IP Address of the Domain Name Server in your network

Lease Time (sec): It is the time period that system will reset the dynamic IP assignment to ensure the dynamic IP will not been occupied for a long time or the server doesn’t know that the dynamic IP is idle

DHCP Server Configuration interface

50

DHCP Client Entries

When the DHCP server function is active, the system will collect the DHCP client information and display it here.

DHCP Client Entries interface

Port and IP Bindings

Assign the dynamic IP address to the port. When the device is connecting to the port and asks for IP assigning, the system will assign the IP address that has been assigned before to the connected device.

51

Port and IP Bindings interface

TFTP - Update Firmware

It provides the functions that allow user to update the switch firmware. Before updating, make sure the TFTP server is ready and the firmware image is on the TFTP server.

TFTP Server IP Address: Key in the TFTP server IP
	Firmware File Name: The name of firmware image
	And then, click	Apply

Update Firmware interface

52

TFTP - Restore Configuration

Restore EEPROM value from TFTP server

TFTP Server IP Address: Key in the TFTP server IP
	Restore File Name: Key in the restore file image name
	And then, click	Apply

Restore Configuration interface

TFTP - Backup Configuration

Save current EEPROM value from the switch to TFTP server, then go to the TFTP restore configuration page to restore the EEPROM value.

TFTP Server IP Address: Key in the TFTP server IP
	Backup File Name: Key in the file image name
	And then, click	Apply

Backup Configuration interface

53

System Event Log Configuration

Configure the system event mode, which you want to collect, and system log server IP.

System Log Client Mode: Select the system log mode – client only, server only, or both S/C

System Log Server IP Address: Assign the system log server IP

	Click	Reload
	Click	Clear

to refresh the events log

to clear all current events log

System Log Configuration interface

54

System Event Log - SMTP Configuration

You can set up the mail server IP, mail account, account password, and forwarded email

account for receiving the event alert.

Email Alert: enable or disable the email alert function.

SMTP Server IP: set up the mail server IP address (when Email Alert enabled, this function will then be available).

Sender: key in a complete email address, e.g. switch101@123.com, to identify where the event log comes from.

Authentication: mark the check box to enable and configure the email account and password for authentication (when Email Alert enabled, this function will then be available).

Mail Account: set up the email account, e.g. johnadmin, to receive the alert. It must be an existing email account on the mail server, which you had set up in SMTP Server IP Address column.

Password: The email account password.

Confirm Password: reconfirm the password.

Rcpt e-mail Address 1 ~ 6: you can assign up to 6 e-mail accounts also to receive the alert.

Click Apply .

55

SMTP Configuration interface

System Event Log - Event Configuration

Select the system log and SMTP events. When selected events occur, the system will result the log information. Also, per port log and SMTP events can be selected.

System event selection: 4 selections – Device cold start, Device warm start, SNMP Authentication Failure, and X - ring topology change. Mark the checkbox to select the event. When selected events occur, the system will produce the logs

Device cold start: When the device executes cold start action, the system will produce a log event

Device warm start: When the device executes warm start, the system will produce a log event

Authentication Failure: When the SNMP authentication fails, the system will

56

produce a log event

X-Ring topology change: When the X-ring topology has changed, the system will produce a log event

And then, click

Apply

Event Configuration interface

Port event selection: Select the per port events and per port SMTP events. It has 3 selections – Link UP, Link Down, and Link UP & Link Down. Disable means no event is selected

Link UP: The system will result a log message when port connection is up only

Link Down: The system will result a log message when port connection is down only

57

Link UP & Link Down: The system will result a log message when port connection is up and down

SNTP Configuration

You can configure the SNTP (Simple Network Time Protocol) settings. The SNTP allows

you to synchronize switch clocks in the Internet.

1.SNTP Client: enable or disable SNTP function to get the time from the SNTP server.

2.Daylight Saving Time: enable or disable daylight saving time function. When daylight saving time is enabling, you need to configure the daylight saving time period.

3.UTC Timezone: set the switch location time zone. The following table lists the different location time zone for your reference.

	Local Time Zone	Conversion from UTC	Time at 12:00 UTC
	November Time Zone	- 1 hour	11am
	Oscar Time Zone	-2 hours	10 am
	ADT - Atlantic Daylight	-3 hours	9 am
	AST - Atlantic Standard	-4 hours	8 am
	EDT - Eastern Daylight
	EST - Eastern Standard	-5 hours	7 am
	CDT - Central Daylight
	CST - Central Standard	-6 hours	6 am
	MDT - Mountain Daylight
	MST - Mountain	-7 hours	5 am
	Standard
		58

	PDT - Pacific Daylight
	PST - Pacific Standard	-8 hours	4 am
	ADT - Alaskan Daylight
	ALA - Alaskan Standard	-9 hours	3 am
	HAW - Hawaiian	-10 hours	2 am
	Standard
	Nome, Alaska	-11 hours	1 am
	CET - Central European
	FWT - French Winter
	MET - Middle European	+1 hour	1 pm
	MEWT - Middle
	European Winter
	SWT - Swedish Winter
	EET - Eastern European,	+2 hours	2 pm
	USSR Zone 1
	BT - Baghdad, USSR	+3 hours	3 pm
	Zone 2
	ZP4 - USSR Zone 3	+4 hours	4 pm
	ZP5 - USSR Zone 4	+5 hours	5 pm
	ZP6 - USSR Zone 5	+6 hours	6 pm
	WAST - West Australian	+7 hours	7 pm
	Standard
	CCT - China Coast,	+8 hours	8 pm
	USSR Zone 7
	JST - Japan Standard,	+9 hours	9 pm
	USSR Zone 8
	EAST - East Australian	+10 hours	10 pm
		59

	Standard GST
	Guam Standard, USSR
	Zone 9
	IDLE - International Date
	Line
	NZST - New Zealand	+12 hours	Midnight
	Standard
	NZT - New Zealand

4.SNTP Sever URL: set the SNTP server IP address.

5.Daylight Saving Period: set up the Daylight Saving beginning time and Daylight Saving ending time. Both will be different in every year.

6.Daylight Saving Offset (mins): set up the offset time.

7.Switch Timer: Displays the switch current time.

8.Click Apply .

SNTP Configuration interface

60

IP Security

IP security function allows user to assign 10 specific IP addresses that have permission to access the switch through the web browser for the securing switch management.

IP Security Mode: when this option is in Enable mode, the Enable HTTP Server and Enable Telnet Server check boxes will then be available.

Enable HTTP Server: when this check box is checked, the IP addresses among Security IP1 ~ IP10 will be allowed to access via HTTP service.

Enable Telnet Server: when checked, the IP addresses among Security IP1 ~ IP10 will be allowed to access via telnet service.

Security IP 1 ~ 10: Assign up to 10 specific IP address. Only these 10 IP address can access and manage the switch through the Web browser

And then, click

Apply

button to apply the configuration

Note Remember to execute the ‘Save Configuration’ action, otherwise the new configuration will lose when switch power off.

61

IP Security interface

User Authentication

You can change login user name and password for the management security issue

1.	User name: Key in the new user name (The default is ‘root’)
2.	Password: Key in the new password (The default is ‘root’)
3.	Confirm password: Re-type the new password
4.	And then, click	Apply

User Authentication interface

62

Port Statistics

The following information provides the current port statistic information.

Port: The port number.

Type: Displays the current speed of connection to the port.

Link: The status of linking—‘Up’ or ‘Down’.

State: It’s set by Port Control. When the state is disabled, the port will not transmit or receive any packet.

Tx Good Packet: The counts of transmitting good packets via this port.

Tx Bad Packet: The counts of transmitting bad packets (including undersize [less than 64 bytes], oversize, CRC Align errors, fragments and jabbers packets) via this port.

Rx Good Packet: The counts of receiving good packets via this port.

Rx Bad Packet: The counts of receiving bad packets (including undersize [less than 64 bytes], oversize, CRC error, fragments and jabbers) via this port.

Tx Abort Packet: The aborted packet while transmitting.

Packet Collision: The counts of collision packet.

Packet Dropped: The counts of dropped packet.

Rx Bcast Packet: The counts of broadcast packet.

Rx Mcast Packet: The counts of multicast packet.

Click

Clear

button to clean all counts.

Port Statistics interface

63

Port Control

In Port control, you can view every port status that depends on user setting and the

negotiation result.

1.Port: select the port that you want to configure.

2.State: Current port status. The port can be set to disable or enable mode. If the port setting is disable then will not receive or transmit any packet.

3.Negotiation: set auto negotiation status of port.

4.Speed: set the port link speed.

5.Duplex: set full-duplex or half-duplex mode of the port.

6.Flow Control: set flow control function as Enable or Disable in Full Duplex mode. The default value is Enable.

7.Security: When its state is ‘On’ that means this port accepts only one MAC address which was configured to be a static MAC address.

8.Click Apply .

Port Control interface

64

Port Trunk

The Link Aggregation Control Protocol (LACP) provides a standardized means for exchanging information between Partner Systems on a link to allow their Link Aggregation Control instances to reach agreement on the identity of the Link Aggregation Group to which the link belongs, move the link to that Link Aggregation Group, and enable its transmission and reception functions in an orderly manner. Link aggregation lets you group up to 4 ports into one dedicated connection. This feature can expand bandwidth to a device on the network. LACP operation requires full-duplex mode, for more detail information please refer to IEEE 802.3ad.

Port Trunk - Aggregator setting

1.System Priority: A value used to identify the active LACP. The switch with the lowest value has the highest priority and is selected as the active LACP.

2.Group ID: There are four trunk groups to provide configuration. Choose the "Group ID" and click Select .

3.LACP: If enable, the group is LACP static trunk group. If disable, the group is local static trunk group. All ports support LACP dynamic trunk group. While connecting to the device that also supports LACP, the LACP dynamic trunk group will be created automatically.

4.Work ports: Allow up to four ports to be aggregated at the same time. With LACP static trunk group, the exceed ports are standby and can be aggregated later if work ports fail. If it is local static trunk group, the number of ports must be the same as the group member ports.

5. Select the ports to join the trunk group. Click	Add	button to add the port. To
remove unwanted ports, select the port and click	Remove		button.

6.If LACP enable, you can configure LACP Active/Passive status in each ports on State Activity page.

7.Click Apply .

65

8.	Use	Delete	button to delete Trunk Group. Select the Group ID and click	Delete
	button.

Port Trunk—Aggregator Setting interface

Port Trunk - Aggregator Information

When you have setup the aggregator setting with LACP disabled, you will see the local static trunk group information here.

66

Port Trunk – Aggregator Information interface

Port Trunk - State Activity

When you had setup the LACP aggregator, you can configure port state activity. You can mark or un-mark the port. When you mark the port and click Apply button the port state activity will change to Active. Opposite is Passive.

Active: The port automatically sends LACP protocol packets.

Passive: The port does not automatically send LACP protocol packets, and responds only if it receives LACP protocol packets from the opposite device.

Note 1. A link has either two active LACP ports or one active port can perform

dynamic LACP trunk.

2.A link has two passive LACP ports will not perform dynamic LACP trunk because both ports are waiting for an LACP protocol packet from the opposite device.

3.If you are active LACP’s actor, after you have selected trunk port, the active status will be created automatically.

67

Port Trunk – State Activity interface

Port Mirroring

The Port mirroring is a method for monitor traffic in switched networks. Traffic through ports can be monitored via one specific port. That means traffic goes in or out monitored (source) ports will be duplicated into mirror (destination) port.

Destination Port: You can select one port to be the destination (mirror) port for monitoring both RX and TX traffic which come from source port. Or, use one of two ports for monitoring RX traffic only and the other one for TX traffic only. User can connect mirror port to LAN analyzer or Netxray

Source Port: The ports that user wants to monitor. All monitored port traffic will be copied to mirror (destination) port. User can select multiple source ports by checking the RX or TX check boxes to be monitored.

And then, click

Apply

button.

68

Port Trunk – Port Mirroring interface

Rate Limiting

You can set up every port’s bandwidth rate and frame limitation type.

Ingress Limit Frame type: Select the frame type you want to filter. The frame types have 4 options for selecting: All, Broadcast/Multicast/Flooded Unicast, Broadcast/Multicast and Broadcast only.

Broadcast/Multicast/Flooded Unicast, Broadcast/Multicast and Bbroadcast only types are only for ingress frames. The egress rate only supports All type.

69

Rate Limiting interface

All the ports support port ingress and egress rate control. For example, assume port 1 is 10Mbps, users can set it’s effective egress rate as 1Mbps, ingress rate as 500Kbps. The switch performs the ingress rate by packet counter to meet the specified rate

Ingress: Enter the port effective ingress rate (The default value is ‘0’)

Egress: Enter the port effective egress rate (The default value is ‘0’)

And then, click

Apply

to apply the settings

VLAN configuration

A Virtual LAN (VLAN) is a logical network grouping that limits the broadcast domain, which would allow you to isolate network traffic, so only the members of the same VLAN will receive traffic from each other. Basically, creating a VLAN from a switch is logically equivalent of reconnecting a group of network devices to another Layer 2 switch.

70

However, all the network devices are still plugged into the same switch physically.

The switch supports port-based and 802.1Q (tagged-based) VLAN. The default configuration of VLAN operation mode is ‘Disable’.

VLAN Configuration interface

VLAN configuration - Port-based VLAN

Packets can go among only members of the same VLAN group. Note all unselected ports are treated as belonging to another single VLAN. If the port-based VLAN enabled, the VLAN-tagging is ignored.

In order for an end station to send packets to different VLAN groups, it itself has to be either capable of tagging packets it sends with VLAN tags or attached to a VLAN-aware bridge that is capable of classifying and tagging the packet with different VLAN ID based on not only default PVID but also other information about the packet, such as the protocol.

71

VLAN – Port Based interface

Click Add to add a new VLAN group (The maximum VLAN group is up to 256 VLAN groups)

Entering the VLAN name, group ID and grouping the members of VLAN group

And then, click

Apply

72

VLAN—Port Based Add interface

You will see the VLAN displays.
	Use	Delete		button to delete unwanted VLAN.
	Use	Edit	button to modify existing VLAN group.

Note Remember to execute the ‘Save Configuration’ action, otherwise the new configuration will lose when switch power off.

73

802.1Q VLAN

Tagged-based VLAN is an IEEE 802.1Q specification standard. Therefore, it is possible to create a VLAN across devices from different switch venders. IEEE 802.1Q VLAN uses a technique to insert a “tag” into the Ethernet frames. Tag contains a VLAN Identifier (VID) that indicates the VLAN numbers.

You can create Tag-based VLAN, and enable or disable GVRP protocol. There are 256 VLAN groups to provide configuring. Enable 802.1Q VLAN, the all ports on the switch belong to default VLAN, VID is 1. The default VLAN can’t be deleted.

GVRP allows automatic VLAN configuration between the switch and nodes. If the switch is connected to a device with GVRP enabled, you can send a GVRP request using the VID of a VLAN defined on the switch; the switch will automatically add that device to the existing VLAN.

74

802.1q VLAN interface

802.1Q Configuration

1.Enable GVRP Protocol: Mark the check box to enable GVRP protocol.

2.Select the port that you want to configure.

3.Link Type:

Access Link: Single switch only, allows user to group ports by setting the same VID to those ports.

Trunk Link: The extended application of Access Link. While the ports are set in this type, they can forward the packets with specified tag among the switches which are included in the same VLAN group.

Hybrid Link: Both Access Link and Trunk Link are available.

75

4.	Untagged VID: Assign the untagged frame VID.
5.	Tagged VID: Assign the tagged frame VID.
6.	Click	Apply

Group Configuration

Edit the existing VLAN Group.

1.	Select the VLAN group in the table list.
2.	Click	Apply

Group Configuration interface

3.	You can Change the VLAN group name and VLAN ID.
4.	Click Apply .

76

Group Configuration interface

Rapid Spanning Tree

The Rapid Spanning Tree Protocol (RSTP) is an evolution of the Spanning Tree Protocol and provides for faster spanning tree convergence after a topology change. The system also supports STP and the system will automatically detect the connected device that is running STP or RSTP protocol.

RSTP - System Configuration

	User can view spanning tree information about the Root Bridge
	User can modify RSTP state. After modification, click	Apply	button

RSTP mode: User must enable or disable RSTP function before configuring the related parameters

Priority (0-61440): A value used to identify the root bridge. The bridge with the lowest value has the highest priority and is selected as the root. If the value changes, user must reboot the switch. The value must be multiple of 4096 according to the protocol standard rule

77

Max Age (6-40): The number of seconds a bridge waits without receiving Spanning-tree Protocol configuration messages before attempting a reconfiguration. Enter a value between 6 through 40

Hello Time (1-10): The time that controls switch sends out the BPDU packet to check RSTP current status. Enter a value between 1 through 10

Forward Delay Time (4-30): The number of seconds a port waits before changing from its Rapid Spanning Tree Protocol learning and listening STP states to the forwarding state. Enter a value between 4 through 30

Note Follow the rule to configure the MAX Age, Hello Time, and Forward Delay

Time.

2 x (Forward Delay Time value – 1) > = Max Age value >= 2 x (Hello

Time value +1)

RSTP System Configuration interface

78

RSTP - Port Configuration

You can configure the path cost and priority of every port.

1.Select the port in Port column.

2.Path Cost: The cost of the path to the other bridge from this transmitting bridge at the specified port. Enter a number 1 through 200000000.

3.Priority: Decide which port should be blocked by priority in LAN. Enter a number 0 through 240. The value of priority must be the multiple of 16.

4.P2P: Some of the rapid state transactions that are possible within RSTP are dependent upon whether the port concerned can only be connected to exactly one other bridge (i.e. it is served by a point-to-point LAN segment), or can be connected to two or more bridges (i.e. it is served by a shared medium LAN segment). This function allows the P2P status of the link to be manipulated administratively. True is P2P enabling. False is P2P disabling.

5.Edge: The port directly connected to end stations cannot create bridging loop in the network. To configure the port as an edge port, set the port to “True” status.

6.Non STP: The state of whether the port includes the STP mathematic calculation. True is not including STP mathematic calculation. False is including the STP mathematic calculation.

7.Click Apply .

79

RSTP Port Configuration interface

SNMP Configuration

Simple Network Management Protocol (SNMP) is the protocol developed to manage nodes (servers, workstations, routers, switches and hubs etc.) on an IP network. SNMP enables network administrators to manage network performance, find and solve network problems, and plan for network growth. Network management systems learn of problems by receiving traps or change notices from network devices implementing SNMP.

System Configuration

Community Strings

Here you can define new community string set and remove unwanted community string.

80

1.String: Fill the name of string.

2.RO: Read only. Enables requests accompanied by this string to display MIB-object information.

3.RW: Read & write. Enables requests accompanied by this string to display MIB-object information and to set MIB objects.

1.Click Add .

2.To remove the community string, select the community string that you have defined and click Remove . You cannot edit the name of the default community strings.

Agent Mode: Select the SNMP version that you want to use it. And then click

Change to switch to the selected SNMP version mode.

SNMP System Configuration interface

81

Trap Configuration

A trap manager is a management station that receives traps and the system alerts generated by the switch. If no trap manager is defined, no traps will issue. Create a trap manager by entering the IP address of the station and a community string. To define management stations as trap manager, enter SNMP community strings and selects the SNMP version.

1.IP Address: Enter the IP address of trap manager.

2.Community: Enter the community string.

3.Trap Version: Select the SNMP trap version type – v1 or v2c.

4.Click Add .

5.To remove the community string, select the community string that you have defined and click Remove . You cannot edit the name of the default community string set.

Trap Managers interface

SNMPV3 Configuration

82

Configure the SNMP V3 function.

Context Table

Configure SNMP v3 context table. Assign the context name of context table. Click			Add
to add context name. Click	Remove	to remove unwanted context name.

User Profile

Configure SNMP v3 user table.

User ID: Set up the user name.

Authentication Password: Set up the authentication password.

Privacy Password: Set up the private password.

Click

Add

to add context name.

Click Remove to remove unwanted context name.

83

SNMP V3 configuration interface

84

Group Table

Configure SNMP v3 group table.

Security Name (User ID): Assign the user name that you have set up in user table.

Group Name: Set up the group name.

Click

Add

to add context name.

Click Remove to remove unwanted context name.

Access Table

Configure SNMP v3 access table.

Context Prefix: Set up the context name.
Group Name: Set up the group.
Security Level: Set up the access level.
Context Match Rule: Select the context match rule.
Read View Name: Set up the read view.
Write View Name: Set up the write view.
Notify View Name: Set up the notify view.
	Click	Add	to add context name.

Click Remove to remove unwanted context name.

MIBview Table

Configure MIB view table.

ViewName: Set up the name.

Sub-Oid Tree: Fill the Sub OID.

Type: Select the type – exclude or included.

85

Click

Add

to add context name.

Click Remove to remove unwanted context name.

QoS Configuration

You can configure QoS policy and priority setting, per port priority setting, COS and TOS setting.

QoS Policy and Priority Type

Qos Policy: select the QoS policy rule.

Using the 8,4,2,1 weight fair queue scheme: The switch will follow 8:4:2:1 rate to process priority queue from High to lowest queue. For example, when the system processes, 1 frame of the lowest queue, 2 frames of the low queue, 4 frames of the middle queue, and 8 frames of the high queue will be processed at the same time in accordance with the 8,4,2,1 policy rule.

Use the strict priority scheme: Always higher queue will be process first, except higher queue is empty.

Priority Type: There are 5 priority type selections available. Disable means no priority type is selected.

Port-base: The port priority will follow the Port-base that you have assigned – High, middle, low, or lowest.

COS only: The port priority will only follow the COS priority that you have assigned.

TOS only: The port priority will only follow the TOS priority that you have assigned.

COS first: The port priority will follow the COS priority first, and then other priority rule.

TOS first: the port priority will follow the TOS priority first, and the other priority

86

rule.

Click

Apply .

QoS Configuration interface

87

Port Base Priority

Configure per port priority level.

Port: Each port has 4 priority levels – High, Middle, Low, and Lowest.

Click Apply .

COS Configuration

Set up the COS priority level.

COS priority: Set up the COS priority level 0~7 –High, Middle, Low, Lowest.

Click Apply .

TOS Configuration

Set up the TOS priority.

TOS priority: The system provides 0~63 TOS priority level. Each level has 4 types of priority – high, middle, low, and lowest. The default value is ‘Lowest’ priority for each level. When the IP packet is received, the system will check the TOS level value in the IP packet that has received. For example, user set the TOS level 25 as high, the system will check the TOS value of the received IP packet. If the TOS value of received IP packet is 25 (priority = high), and then the packet priority will have highest priority.

Click Apply .

IGMP Configuration

The Internet Group Management Protocol (IGMP) is an internal protocol of the Internet Protocol (IP) suite. IP manages multicast traffic by using switches, routers, and hosts

88

that support IGMP. Enabling IGMP allows the ports to detect IGMP queries and report packets and manage IP multicast traffic through the switch. IGMP have three fundamental types of message as follows:

Message		Description

A message sent from the querier (IGMP router or switch) Query asking for a response from each host belonging to the

multicast group.

A message sent by a host to the querier to indicate that the

Report host wants to be or is a member of a given group indicated in the report message.

Leave	A message sent by a host to the querier to indicate that the
Group	host has quit being a member of a specific multicast group.

The switch supports IP multicast. You can enable IGMP protocol via setting IGMP configuration page to see the IGMP snooping information. IP multicast addresses are in the range of 224.0.0.0 through 239.255.255.255.

IGMP Protocol: Enable or disable the IGMP protocol.

IGMP Query: Select the IGMP query function as Enable or Auto to set the switch as a querier for IGMP version 2 multicast networks.

Click Apply .

89

IGMP Configuration interface

90

X-Ring

X-Ring provides a faster redundant recovery than Spanning Tree topology. The action is similar to STP or RSTP, but the algorithms not the same.

In the X-Ring topology, every switch should enable X-Ring function and assign two member ports in the ring. Only one switch in the X-Ring group would be set as a master switch that would be blocked, called backup port, and another port is called working port. Other switches in the X-Ring group are called working switches and their two member ports are called working ports. When the failure of network connection occurs, the backup port will automatically become a working port to recovery the failure.

The switch supports the function and interface for setting the switch as the ring master or slave mode. The ring master can negotiate and place command to other switches in the X-Ring group. If there are 2 or more switches in master mode, then software will select the switch with lowest MAC address number as the ring master. The X-Ring master ring mode will be enabled by the X-Ring configuration interface. Also, user can identify the switch as the ring master from the R.M. LED panel of the LED panel on the switch.

The system also supports the coupling ring that can connect 2 or more X-Ring group for the redundant backup function and dual homing function that prevent connection lose between X-Ring group and upper level/core switch.

Enable X-Ring: Enable the X-Ring function. Mark the check box to enable the X-Ring function.

Enable Ring Master: Mark the check box to enable this machine to be the ring master.

1st & 2nd Ring Ports: Pull down the selection menu to assign two ports as the member ports. The 1st Ring Port and 2nd Ring Port are basically assigned to be forwarding ports except for the Ring Master switch. With the Ring Master switch, one of its two Ring Ports is the blocking port and another one is the forwarding port.

91

Once its forwarding port fails, the system will automatically upgrade its blocking port

to be the forwarding port of the Ring Master switch.

Enable Coupling Ring: Enable the coupling ring function. Mark the check box to enable the coupling ring function.

Coupling port: Assign the member port which is connected to the other ring group.

Control port: When Couple Ring check box is marked, you have to assign the control port to form a couple-ring group between the two X-rings.

Enable Dual Homing: Set up one of the ports on the switch to be the Dual Homing port. For a switch, there is only one Dual Homing port. Dual Homing function only works when the X-Ring function enabled.

And then, click

Apply

to apply the configuration.

X-ring Interface

Note When the X-Ring function enable, user must disable the RSTP. The X-Ring function and RSTP function cannot exist in a switch at the same time. Remember to execute the ‘Save Configuration’ action, otherwise the new configuration will lose when switch power off.

92

Security

In this section, you can configure 802.1x and MAC address table.

802.1X/Radius Configuration

802.1x is an IEEE authentication specification prevents the client from connecting to a wireless access point or wired switch until it provides authority, like the user name and password that are verified by an authentication server.

System Configuration

After enabling the IEEE 802.1X function, you can configure the parameters of this function.

1.IEEE 802.1x Protocol: Enable or disable 802.1x protocol.

2.Radius Server IP: Set the Radius Server IP address.

3.Server Port: Set the UDP destination port for authentication requests to the specified Radius Server.

4.Accounting Port: Set the UDP destination port for accounting requests to the specified Radius Server.

5.Shared Key: Set an encryption key for using during authentication sessions with the specified radius server. This key must match the encryption key used on the Radius Server.

6.NAS, Identifier: Set the identifier for the radius client.

7.Click Apply .

93