Vigitron MAXIINET VI3010 Operational Manual

Download

MaxiiNet

VI3010

Operational Manual

10 Port Series PoE+ L2 Plus Managed Switch

Release V1.00

their respective companies.

NOTE: Emphasizes important information or calls your

attention to related features or instructions.

WARNING:

Alerts you to a potential hazard that could

cause personal injury.

CAUTION:

Alerts you to a potential hazard that could cause loss of data, or damage the system or equipment.

Purpose

Audience

Conventions

About This Manual

Copyright © 2014 Vigitron, Inc. All rights reserved. The products and programs described in this user’s manual are licensed products of Vigitron, Inc. This user’s manual contains proprietary information protected by copyright, and this user’s manual and all accompanying hardware, software and documentation are copyrighted. No parts of this user’s manual may be copied, photocopied, reproduced, translated or reduced to any electronic medium or machine-readable from by any means electronic or mechanical. This also Includes photocopying, recording, or information storage and retrieval systems, for any purpose other than the purchaser’s personal use, and without the prior express written permission of Vigitron, Inc.

This manual gives specific information on how to operate and use the management functions of the Vi3010.

The manual is intended for use by network administrators who are responsible for operating and maintaining network equipment. Consequently, it assumes a basic working knowledge of general switch functions, the Internet Protocol (IP), and Simple Network Management Protocol (SNMP).

The following conventions are used throughout this manual to show information.

Warranty

See the Customer Support/Warranty booklet included with the product. A copy of the specific warranty terms applicable to Vigitron’s products and replacement parts can be obtained from Vigitron’s Sales and Service Office or an authorized dealer.

Disclaimer

FCC Warning

FCC Caution

CE Mark Warning

UL Mark

Vigitron does not warrant that the hardware will work properly in all environments and applications, and makes no warranty and representation, either implied or expressed, with respect to the quality, performance, merchantability, or fitness for a particular purpose. Vigitron disclaims liability for any inaccuracies or omissions that may have occurred. Information in this user’s manual is subject to change without notice and does not represent a commitment on the part of Vigitron. Vigitron assumes no responsibility for any inaccuracies that may be contained in

this user’s manual. Vigitron makes no commitment to update or keep current the information in this user’s manual, and reserves the rights to make improvements to this user’s manual and/or to the products described in this user’s manual, at any

time without notice.

This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment. This equipment generates, uses, and can radiate radio frequency energy, and if not installed and used in accordance with the instruction manual, may cause harmful interference to radio communications.

To assure continued compliance (example-use only shielded interface cables when connection to computer or peripheral devices). Any changes or modifications not

expressly approved by the party responsible for compliance could void the user’s

authority to operate the equipment. This device complies with Part 15 of the FCC Rules. Operation is subject to the Following two conditions: (1) This device may not cause harmful interference, and (2) this device must accept any interference received, including interference that may cause undesired operation.

This is a Class B device. In a domestic environment, this product may cause radio interference. In which case, the user may be required to take adequate measures.

Ul 60950-1 Information Technology Equipment - Safety - Part 1: General Requirements - Edition 2 - Revision Date 2014/05/13

Contents

About This Manual......................................................................................................................................................... 1

Introduction ................................................................................................................................................................... 8

Chapter 1: Operation of Web-Based Management ....................................................................................................... 9

Chapter 2: System Configuration ................................................................................................................................. 11

2-1 System Information ........................................................................................................................................... 11

2-1.1 Information ............................................................................................................................................... 11

2-1.2 Configuration ............................................................................................................................................ 13

2-2 Time .................................................................................................................................................................. 14

2-2.1 Manual ...................................................................................................................................................... 14

2-2.2 NTP ............................................................................................................................................................ 16

2-3 Account ............................................................................................................................................................. 17

2-3.1 Users ......................................................................................................................................................... 17

2-3.2 Privilege Level ........................................................................................................................................... 19

2-4 IP ....................................................................................................................................................................... 21

2-4.1 IPV4 ........................................................................................................................................................... 21

2-4.2 IPV6 ........................................................................................................................................................... 23

2-5 Syslog ................................................................................................................................................................ 24

2-5.1 Configuration ............................................................................................................................................ 24

2-5.2 Log ............................................................................................................................................................. 25

2-5.3 Detailed Log .............................................................................................................................................. 26

2-6 SNMP ................................................................................................................................................................ 27

2-6.1 System ....................................................................................................................................................... 27

2-6.2 Configuration ............................................................................................................................................ 28

2-6.3 Communities ............................................................................................................................................. 29

2-6.4 Users ......................................................................................................................................................... 30

2-6.5 Groups ....................................................................................................................................................... 32

2-6.6 Views ......................................................................................................................................................... 33

2-6.7 Access ........................................................................................................................................................ 34

2-6.8 Trap ........................................................................................................................................................... 36

Chapter 3: Configuration ............................................................................................................................................. 38

3-1 Port ................................................................................................................................................................... 38

3-1.1 Configuration ............................................................................................................................................ 38

3-1.2 Port Description ........................................................................................................................................ 40

3-1.3 Traffic Overview ........................................................................................................................................ 41

3-1.4 Detailed Statistics ...................................................................................................................................... 42

3-1.5 QoS Statistics ............................................................................................................................................. 44

3-1.6 SFP Information ......................................................................................................................................... 45

3-1.7 EEE ............................................................................................................................................................ 47

3-2 ACL .................................................................................................................................................................... 49

3-2.1 Ports .......................................................................................................................................................... 49

3-2.2 Rate Limiters ............................................................................................................................................. 51

3-2.3 Access Control List .................................................................................................................................... 52

3-2.4 ACL Status ................................................................................................................................................. 55

3-3 Aggregation ....................................................................................................................................................... 57

3-3.1 Static Trunk ............................................................................................................................................... 57

3-3.2 LACP .......................................................................................................................................................... 59

3-4 Spanning Tree ................................................................................................................................................... 64

3-4.1 Bride Settings ............................................................................................................................................ 64

3-4.2 MSTI Mapping ........................................................................................................................................... 67

3-4.3 MSTI Priorities ........................................................................................................................................... 69

3-4.4 CIST Ports .................................................................................................................................................. 70

3-4.5 MSTI Ports ................................................................................................................................................. 72

3-4.6 Bridge Status ............................................................................................................................................. 74

3-4.7 Port Status ................................................................................................................................................. 75

3-4.8 Port Statistics ............................................................................................................................................ 76

3-5 IGMP Snooping ................................................................................................................................................. 77

3-5.1 Basic Configuration ................................................................................................................................... 77

3-5.2 VLAN Configuration ................................................................................................................................... 79

3-5.3 Port Group Filtering .................................................................................................................................. 81

3-5.4 Status ........................................................................................................................................................ 83

3-5.5 Group Information .................................................................................................................................... 84

3-5.6 IPV4 SSM Information ............................................................................................................................... 85

3-6 MLD Snooping ................................................................................................................................................... 87

3-6.1 Basic Configuration ................................................................................................................................... 87

3-6.2 VLAN Configuration ................................................................................................................................... 90

3-6.3 Port Group Filtering .................................................................................................................................. 92

3-6.4 Status ........................................................................................................................................................ 93

3-6.5 Group Information .................................................................................................................................... 94

3-6.6 IPV6 SSM Information ............................................................................................................................... 95

3-7 MVR .................................................................................................................................................................. 96

3-7.1 Configuration ............................................................................................................................................ 96

3-7.2 Port Group Allow ....................................................................................................................................... 98

3-7.3 Groups Information ................................................................................................................................... 99

3-7.4 Statistics .................................................................................................................................................. 100

3-8 LLDP ................................................................................................................................................................ 101

3-8.1 LLDP Configuration .................................................................................................................................. 101

3-8.2 LLDP Neighbors ....................................................................................................................................... 104

3-8.3 LLDP-MED Configuration ......................................................................................................................... 106

3-8.4 LLDP-MED Neighbors .............................................................................................................................. 112

3-8.5 EEE .......................................................................................................................................................... 115

3-8.6 Port Statistics .......................................................................................................................................... 117

3-9 PoE .................................................................................................................................................................. 119

3-9.1 Configuration .......................................................................................................................................... 119

3-9.2 Status ...................................................................................................................................................... 121

3-9.3 Power Delay ............................................................................................................................................ 123

3-9.4 Auto Checking ......................................................................................................................................... 124

3-9.5 Scheduling ............................................................................................................................................... 126

3-10 Filtering Data Base ........................................................................................................................................ 127

3-10.1 Configuration ........................................................................................................................................ 127

3-10.2 Dynamic MAC Table .............................................................................................................................. 130

3-11 VLAN ............................................................................................................................................................. 131

3-11.1 VLAN Membership ................................................................................................................................ 131

3-11.2 Ports ...................................................................................................................................................... 133

3-11.3 Switch Status ......................................................................................................................................... 135

3-11.4 Port Status ............................................................................................................................................. 137

3-11.5 Private VLANs ........................................................................................................................................ 139

3-11.6 MAC-Based VLAN .................................................................................................................................. 141

3-11.6.1 Configuration ..................................................................................................................................... 141

3-11.7 Protocol-Based VLAN ............................................................................................................................ 144

3-12 Voice VLAN .................................................................................................................................................... 149

3-12.1 Configuration ........................................................................................................................................ 149

3-12.2 OUI ........................................................................................................................................................ 151

3-13 GARP ............................................................................................................................................................. 152

3-13.1 Configuration ........................................................................................................................................ 152

3-13.2 Statistics ................................................................................................................................................ 154

3-14 GVRP ............................................................................................................................................................. 155

3-14.1 Configuration ........................................................................................................................................ 155

3-14.2 Statistics ................................................................................................................................................ 157

3-15 QoS ............................................................................................................................................................... 158

3-15.1 Port Classification .................................................................................................................................. 158

3-15.2 Port Policing .......................................................................................................................................... 160

3-15.3 Port Schedulers ..................................................................................................................................... 161

3-15.4 Port Shaping .......................................................................................................................................... 163

3-15.5 Port Tag Remarking ............................................................................................................................... 166

3-15.6 Port DSCP .............................................................................................................................................. 167

3-15.7 DSCP-Based QoS ................................................................................................................................... 169

3-15.8 DSCP Translation ................................................................................................................................... 170

3-15.9 DSCP Classification ................................................................................................................................ 172

3-15.10 QoS Control List Configuration ............................................................................................................ 173

3-15.11 QCL Status ........................................................................................................................................... 177

3-15.12 Storm Control ...................................................................................................................................... 179

3-16 S-Flow Agent ................................................................................................................................................. 180

3-16.1 Collector ................................................................................................................................................ 180

3-16.2 Sampler ................................................................................................................................................. 182

3-17 Loop Protection ............................................................................................................................................ 184

3-17.1 Configuration ........................................................................................................................................ 184

3-17.2 Status .................................................................................................................................................... 186

3-18 Single IP......................................................................................................................................................... 187

3-18.1 Configuration ........................................................................................................................................ 187

3-18.2 Information ........................................................................................................................................... 188

3-19 Easy Port ....................................................................................................................................................... 189

3-20 Mirroring ....................................................................................................................................................... 191

3-21 Trap Event Severity ....................................................................................................................................... 193

3-22 UpnP ............................................................................................................................................................. 195

Chapter 4: Security .................................................................................................................................................... 196

4-1 Source Guard .................................................................................................................................................. 196

4-1.1 Configuration .......................................................................................................................................... 196

4-1.2 Static Table .............................................................................................................................................. 198

4-1.3 Dynamic Table ......................................................................................................................................... 199

4-2 ARP Inspection ................................................................................................................................................ 200

4-2.1 Configuration .......................................................................................................................................... 200

4-2.2 Static Table .............................................................................................................................................. 201

4-2.3 Dynamic Table ......................................................................................................................................... 202

4-3 DHCP Snooping ............................................................................................................................................... 203

4-3.1 Configuration .......................................................................................................................................... 203

4-3.2 Statistics .................................................................................................................................................. 204

4-4 DHCP Relay ..................................................................................................................................................... 206

4-4.1 Configuration .......................................................................................................................................... 206

4-4.2 Statistics .................................................................................................................................................. 208

4-5 NAS ................................................................................................................................................................. 210

4-5.1 Configuration .......................................................................................................................................... 210

4-5.2 Switch Status ........................................................................................................................................... 219

4-5.3 Port Status ............................................................................................................................................... 221

4-6 AAA ................................................................................................................................................................. 222

4-6.1 Configuration .......................................................................................................................................... 222

4-6.2 Radius Overview ..................................................................................................................................... 226

4-6.3 Radius Details .......................................................................................................................................... 228

4-7 Port Security ................................................................................................................................................... 233

4-7.1 Limit Control ........................................................................................................................................... 233

4-7.2 Switch Status ........................................................................................................................................... 236

4-7.3 Port Status ............................................................................................................................................... 238

4-8 Access Management ....................................................................................................................................... 239

4-8.1 Configuration .......................................................................................................................................... 239

4-8.2 Statistics .................................................................................................................................................. 241

4-9 SSH .................................................................................................................................................................. 242

4-10 HTTPs ............................................................................................................................................................ 243

4-11 Auth Method ................................................................................................................................................ 244

Chapter 5: Maintenance ............................................................................................................................................ 245

5-1 Restart ............................................................................................................................................................. 245

5-2 Firmware ......................................................................................................................................................... 246

5-2.1 Firmware Upgrade .................................................................................................................................. 246

5-2.2 Firmware Selection ................................................................................................................................. 247

5-3 Save/Restore ................................................................................................................................................... 249

5-3.1 Factory Defaults ...................................................................................................................................... 249

5-3.2 Save Start ................................................................................................................................................ 250

5-3.3 Save User................................................................................................................................................. 251

5-3.4 Restore User ............................................................................................................................................ 252

5-4 Export/Import ................................................................................................................................................. 253

5-4.1 Export Config ........................................................................................................................................... 253

5-4.2 Import Config .......................................................................................................................................... 254

5-5 Diagnostics ...................................................................................................................................................... 255

5-5.1 Ping ......................................................................................................................................................... 255

5-5.2 Ping6 ....................................................................................................................................................... 256

5-5.3 VeriPHY.................................................................................................................................................... 257

5-6 Battery Replacement ...................................................................................................................................... 258

Glossary of Web-Based Management ....................................................................................................................... 259

Contact Information .................................................................................................................................................. 273

Overview

Introduction

This user’s manual tells you how to install and connect the Vi3010 to your network system. It also explains how to configure and monitor the Vi3010 through the builtin CLI and web by (RJ-45) serial interface and Ethernet ports step-by-step. There are many detailed explanations of hardware and software functions. There are also examples of web-based interface and command-line interface (CLI) operations.

The Vi3010 series is the next generation of L2+ managed switches from Vigitron. They are affordable managed switch that provides a reliable infrastructure for your business network. These switches deliver more intelligent features you need to improve the availability of your critical business applications, protect your sensitive information, and optimize your network bandwidth to deliver information and applications more effectively. They provides the ideal combination of affordability and capabilities for entry level networking for the small business or enterprise application and helps you create a more efficient, better-connected workforce.

Vi3010 L2+ Managed Switches provide 10 ports in a single device. The specifications are highlighted as follows:

 L2+ features provide better manageability, security, QoS, and

performance.

 High port count design with all Gigabit Ethernet ports  Support guest VLAN, voice VLAN, Port based, tag-based and Protocol

based VLANs.

 Support 802.3az Energy Efficient Ethernet standard  Support 802.3at High power PoE Plus standard  Support IPv6/ IPv4 Dual stack  Support s-Flow  Support Easy-Configuration-Port for easy implement the IP Phone, IP

Camera or Wireless environment.

Overview of this user’s manual

 Chapter 1 “Operation of Web-based Management”  Chapter 2 “System Configuration”  Chapter 3 “Configuration”  Chapter 4 “Security”  Chapter 5 “Maintenance”

Chapter 1: Operation of Web-Based

IP Address

192.168.1.1

Subnet Mask

255.255.255.0

Default Gateway

192.168.1.254

Username

admin

Password

NOTE: When you log into the switch, you must first type the

admin’s username and password. There is no default password so initially it should be left blank. After you type the username, please press enter. When you login Vi3010 series switch Web UI management, you can use either ipv4 or ipv6 to log into the switch.

To optimize the display effect, we recommend you use Microsoft IE 6.0 above, Netscape V7.1 above or FireFox V1.00 above and have the resolution 1024x768. The switch supports neutral web browser interface.

Management

Initial Configuration

This chapter instructs you how to configure and manage the Vi3010 through the web user interface. With this facility through any switch port, you can easily access and monitor the complete status of the switch, including MIBs status, port activity, Spanning tree status, port aggregation status, multicast traffic, VLAN and priority status, even illegal access record and so on.

The default values of the Vi3010 are listed in the table below:

To access the Vi3010 through a network connection, type the IP address of the Vi3010 into the address box of a web browser and press "Enter". The default address of the Vi3010 is 192.168.1.1. The computer must be on the same network. If necessary, a computer can be connected directly to one of the switch ports. The computer must be setup with the same network as the Vi3010, for example,

192.168.1.100.

The default username is “admin” and password should be left empty. The first time logging in, enter the default username, and then click the <Login> button.

The Vi3010 supports a simple user management function to allow only one administrator to configure the system at any one time. The use of simultaneous administrators could result in unpredictable operation. Additional users, even with administrator’s identity, should only monitor the system. Those who have no administrator’s identity can only monitor the system. It is suggested, regardless of security level, that viewing is limited to one client at a time. Also, after accessing the Vi3010 and viewing is complete, log out.

NOTE: The Vi3010 enables DHCP, so you do not need

to have a DHCP server to provide IP addresses to the switch. The switch’s default IP is 192.168.1.1.

The server 192.168.20.15 at Vi3010 requires a username and password.

Figure 1: Login Page

Chapter 2: System Configuration

2-1 System Information

2-1.1 Information

This chapter describes all of the basic configuration tasks, including system information and any management of the switch (e.g. Time, Account, IP, Syslog and SNMP).

After you login, the switch shows the system information. This is the default startup page. It lists the basic information of the system, including “Model Name”, “System Description”, “Contact”, “Device Name”, “System Up Time”, “BIOS Version”, “Firmware Version”, “Hardware-Mechanical Version”, “Serial Number”, “Host IP Address”, “Host Mac Address”, “Device Port”, “RAM Size”, and “Flash Size”. With this information, you will know the software version used, MAC address, serial number, how many ports good and so on. This is helpful if the switch malfunctions.

The switch system information is provided here.

Web interface

To configure System Information in the web interface:

1. Click SYSTEM, System, Information.

2. Specify the contact information for the system administrator, the name and

location of the switch. Also indicate the local time zone by configuring the appropriate offset.

3. Click “Refresh”.

Figure 2-1.1: System Information

Parameter Description

Model name: The model name of this device.

System description: This describes the device. This device is “8 port 10/100/1000

Base-T + 2-Port TP/(100/1G) SFP Combo PoE L2 Plus Managed Switch”.

Location: This is the location of the switch (User-defined).

Contact: To easily manage and maintain the device, write down the contact

information of the person you would go to for help. This parameter can be configured through the device’s user interface or SNMP.

Device name: The name of the switch (User-defined).

System Date: This shows the system time of the switch. The format is day of week,

month, day, hours: minutes: seconds, year.

System up time: The time accumulated since this switch is powered up. The format is day, hour, minute, second.

BIOS version: The version of the BIOS in this switch.

Firmware version: The firmware version in this switch.

Hardware-Mechanical version: The version of hardware and mechanical. The figure

before the hyphen is the version of electronic hardware. The one after the hyphen is the version of mechanical.

Serial number: The serial number is assigned by the manufacture.

Host IP address: The IP address of the switch is displayed here.

Subnet Mask: Displays the IP subnet mask assigned to the device.

Gateway IP Address: Displays the default gateway IP address assigned to the device

Host MAC address: This is the Ethernet MAC address of the management agent in

this switch.

Console Baud rate: Displays the baud rate of RS232 (COM) port.

RAM size: The size of the RAM in this switch.

Flash size: The size of the flash memory in this switch.

CPU Load: Displays the load is measured as averaged over the last 100ms, 1sec and

10 seconds intervals.

Bridge FDB size: Displays the bridge FDB size information.

Transmit Queue: Displays the device’s transmit hardware priority queue

information.

Maximum Frame size: Displays the device’s maximum frame size information.

2-1.2 Configuration

You can identify the system by configuring the contact information, name, and location of the switch.

Web interface

Parameter Description

To configure System Information in the web interface:

1. Click System, System Information, Configuration.

2. Write System Contact , System Name, System Location information on this

page.

3. Click “Apply”.

Figure 2-1.2: System Information Configuration

System Contact: The textual identification of the contact person for this managed node and information on how to contact this person. The allowed string length is 0 to 255, and the allowed content is the ASCII characters from 32 to 126.

System Name: An administratively assigned name for this managed node. By convention, this is the node's fully-qualified domain name. A domain name is a text string drawn from the alphabet (A-Z a-z), digits (0-9), minus sign (-). No space characters are permitted as part of a name. The first character must be an alpha character. The first or last character must not be a minus sign. The allowed string length is 0 to 255.

System Location: The physical location of this node (e.g., telephone closet, 3rd floor). The allowed string length is 0 to 255, and the allowed content is the ASCII characters from 32 to 126.

2-2 Time

This page configure the switch’s time. Time configure includes Manual Configuration and NTP Configuration.

2-2.1 Manual

The switch provides manual and automatic options to set the system time via NTP. Manual setting is simple. All you have to input is the “Year”, “Month”, “Day”, “Hour”, “Minute” and “Second” within the valid value range indicated in each item.

Web Interface

To configure Time in the web interface:

1. Click Time, Manual.

2. Specify the time parameter in manual parameters.

3. Click “Apply”.

Figure 2-2.1: The Time Configuration

Parameter

NOTE:

1. The “From” and “To” display what you set on

the “From” and “To” field information.

2. The local time column and daylight saving

column will not actively change by the date time format selection.

Description

Clock Source: Click to choose the clock source for the Vi3010. You can select “Use

local Settings” or “Use NTP Server” for Vi3010 time clock source.

Date and Time Format: The drop bar is for choose appropriate time format. Three selections are provided.

YYYY-MM-DD HH:MM:SS

MM-DD-YYYY HH:MM:SS

DD-MM-YYYY HH:MM:SS

24 hours: The time is always represented in the 24-hour system.

12 hours: The time is always represented in the 12-hour system.

Local Time: Shows the current time of the system. The local time column can only

be filled out or inserted in 24 hours format.

Time Zone Offset: Provides the time zone offset relative to UTC/GMT. The offset is given in minutes east of GMT. The valid range is from -720 to 720 minutes.

Daylight Saving: Daylight saving is adopted in some countries. If set, it will adjust the time lag or advance by the unit of hours, according to the starting date and the ending date. For example, if you set the daylight saving to be 1 hour. When the time passes over the starting time, the system time will be increased one hour after one minute at the time since it passed over. And when the time passes over the ending time, the system time will be decreased one hour after one minute at the time since it passed over.

The valid configurable daylight saving time is –5 to +5 step one hour. A zero for this parameter means it doesn’t have to adjust current time, equivalent to in-act daylight saving. You don’t have to set the starting/ending date. If you set daylight saving to be non-zero, you have to set the starting/ending date as well. Otherwise, the daylight saving function will not be activated.

Time Set Offset: Provides the daylight saving time set offset. The offset is given in minutes east of GMT. The valid range is from 1 to 1440 minutes. The default is 60 minutes.

Daylight Savings Type: Provides the daylight savings type selection. You can select “By Dates” or “Recurring” two types for daylight saving type.

From: To configure the daylight saving start date and time, the format is “YYYY-MMDD HH:MM”. The column “HH: MM” can only be set up in 24 hour format.

To: To configure the daylight saving end date and time, the format is “YYYY-MM-DD HH:MM”. The column “HH: MM” can only be set up in 24 hour format.

2-2.2 NTP

NTP is Network Time Protocol and is used to sync the network time based on Greenwich Mean Time (GMT). If you use the NTP mode and select a built-in NTP time server, or manually specify a user-defined NTP server and Time Zone, the switch will sync the time in a short period after pressing <Apply> button. Though it synchronizes the time automatically, NTP does not update the time periodically without user’s processing.

Time Zone is an offset time of GMT. You have to select the time zone first and then perform time sync via NTP because the switch will combine this time zone offset and updated NTP time to come out the local time. Otherwise, you will not able to get the correct time. The switch supports configurable time zone from –12 to +13 in 1 hour steps.

Parameter Description

Default Time Zone: +8 Hrs.

Web Interface

To configure Time in the web interface:

1. Click SYSTEM, NTP.

2. Specify the Time parameter in manual parameters.

3. Click “Apply”.

Figure 2-2.2: The NTP Configuration

Server 1 to 5: Provides the NTP IPv4 or IPv6 address of this switch. IPv6 address is in 128-bit records represented as eight fields of up to four hexadecimal digits with a colon separating each field (:). For example, 'fe80::215:c5ff:fe03:4dc7'. The symbol '::' is a special syntax that can be used as a shorthand way of representing multiple 16-bit groups of contiguous zero’s. However, it can only appear once. It can also represent a legally valid IPv4 address. For example, '::192.1.2.34'.

Buttons: These buttons are displayed on the NTP page:

 Apply – Click “Apply” to save changes.  Reset – Click “Reset” to undo any changes made locally and reverts to

previously saved values.

2-3 Account

In this function, only the administrator can create, modify or delete the username and password. The administrator can modify other guest identities’ password without confirming the password, but it is necessary to modify the administratorequivalent identity. Guest-equivalent identity can modify his password only. Please note that you must confirm administrator/guest identity in the field of Authorization in advance before configuring the username and password. Only one administrator is allowed to exist and cannot be deleted. In addition, up to 4 guest accounts can be created.

2-3.1 Users

This page provides an overview of the current users. Currently, the only way to login as another user on the web server is to close and reopen the browser.

Web Interface

To configure Account in the web interface:

1. Click SYSTEM, Account, Users.

2. Click “Add New User”.

3. Specify the user name parameter.

4. Click “Apply”.

Figure 2- 3.1: The Users Account Configuration

Parameter Description

User Name: The name identifying the user. This is also a link to Add/Edit User.

Password: To type the password. The allowed string length is 0 to 255 and the

allowed content is the ASCII characters from 32 to 126.

Password (again): To type the password again. You must type the same password again in the field.

Privilege Level: The privilege level of the user. The allowed range is 1 to 15. If the privilege level value is 15, it can access all groups (e.g. Level 15 is granted the full control of the device. But others value need to refer to each group privilege level). User's privilege should be same or greater than the group privilege level to have the access of that group. By default setting, most group privilege is level 5 and has the read-only access and privilege level 10 has the read-write access. The system maintenance (software upload, factory defaults and so on) need user privilege level

15. Generally, the privilege level 15 can be used for an administrator account, privilege level 10 for a standard user account and privilege level 5 for a guest account.

2-3.2 Privilege Level

This page provides an overview of the privilege levels. The switch provides user set Account, Aggregation, Diagnostics, EEE, GARP, GVRP, IP, IPMC Snooping, LACP, LLDP, LLDP MED, MAC Table, MRP, MVR, MVRP Maintenance Mirroring, POE Ports, Private VLANs, QoS, SMTP, SNMP, Security, Spanning Tree, System Trap Event, VCL, VLANs, Voice VLAN, and Privilege Levels from 1 to 15.

Web Interface

To configure Privilege Level in the web interface:

1. Click SYSTEM, Account, Privilege Level.

2. Specify the privilege parameter.

3. Click “Apply”.

Figure 2- 3.2: The Privilege Level Configuration

Parameter Description

Group Name: The name identifying the privilege group. In most cases, a privilege

level group consists of a single module (e.g. LACP, RSTP or QoS), but a few of them contain more than one. The following description defines these privilege level groups in details:

 System: Contact, Name, Location, Time zone, Log.  Security: Authentication, System Access Management, Port (contains Dot1x

port, MAC-based, and the MAC Address Limit), ACL, HTTPS, SSH, ARP Inspection, and IP source guard.

 IP: Everything except 'ping'.  Port: Everything except 'VeriPHY'.  Diagnostics: 'ping' and 'VeriPHY'.  Maintenance: CLI- System Reboot, System Restore Default, System Password,

Configuration Save, Configuration Load and Firmware Load. Web-Users, Privilege Levels and everything in Maintenance.

 Debug: Only present in CLI.

Privilege Levels: Every group has an authorization privilege level for the following

sub groups: configuration read-only, configuration/execute read-write, status/statistics read-only, status/statistics read-write (e.g. for clearing of statistics). User privilege should be same or greater than the authorization privilege level to have the access to that group.

2-4 IP

2-4.1 IPV4

IP is an acronym for Internet Protocol. It is a protocol used for communicating data across an internet network.

IP is a "best effort" system, which means that no packet of information sent over is assured to reach its destination in the same condition it was sent. Each device connected to a Local Area Network (LAN) or Wide Area Network (WAN) is given an Internet Protocol address, and this IP address is used to identify the device uniquely among all other devices connected to the extended network.

The current version of the Internet protocol is IPv4, which has 32-bits Internet Protocol addresses allowing for in excess of four billion unique addresses. This number is reduced drastically by the practice of webmasters taking addresses in large blocks, the bulk of which remain unused. There is a rather substantial movement to adopt a new version of the Internet Protocol, IPv6, which would have 128-bits Internet Protocol addresses. This number can be represented roughly by a three with thirty-nine zeroes after it. However, IPv4 is still the protocol of choice for most of the Internet.

The IPv4 address for the switch could be obtained via DHCP Server for VLAN 1. To manually configure an address, you need to change the switch's default settings to values that are compatible with your network. You may also need to establish a default gateway between the switch and management stations that exist on another network segment.

 Configure the switch-managed IP information on this page.  The “Configured” column is used to view or change the IP configuration.  The “Current” column is used to show the active IP configuration.

Web Interface

To configure an IP address in the web interface:

1. Click System, IP Configuration.

2. Specify the IPv4 settings and enable DNS proxy service, if required.

3. Click “Apply”.

Figure 2-4.1: The IP Configuration

Parameter Description

DHCP Client: Enables the DHCP client by checking this box. If DHCP fails and the

configured IP address is zero, DHCP will retry. If the DHCP fails and the configured IP address is non-zero, the DHCP will stop and the configured IP settings will be used. The DHCP client will announce the configured system name as hostname to provide DNS lookup.

IP Address: Provides the IP address of this switch in dotted decimal notation.

IP Mask: Provides the IP mask of this switch dotted decimal notation.

IP Gateway: Provides the IP address of the router in dotted decimal notation.

VLAN ID: Provides the managed VLAN ID. The allowed range is 1 to 4095.

DNS Server: Provides the IP address of the DNS Server in dotted decimal notation.

DNS Proxy: When DNS proxy is enabled, DUT will relay DNS requests to the current

configured DNS server on DUT and reply as a DNS resolver to the client device on the network.

2-4.2 IPV6

This section describes how to configure the switch-managed IPv6 information. The “Configured” column is used to view or change the IPv6 configuration. The “Current” column is used to show the active IPv6 configuration.

 Configure the switch-managed IPv6 information on this page.  The “Configured” column is used to view or change the IPv6 configuration.  The “Current” column is used to show the active IPv6 configuration.

Web Interface

To configure management IPv6 of the switch in the web interface:

1. Click System, IPv6 Configuration.

2. Specify the IPv6 settings and enable Auto Configuration service, if required.

3. Click “Apply”.

Figure 2- 4.2: The IPv6 Configuration

Parameter Description

Auto Configuration: Enables IPv6 auto-configuration by checking this box. If fails,

the configured IPv6 address is zero. The router may delay responding to a router solicitation for a few seconds, the total time needed to complete auto-configuration can be significantly longer.

Address: Provides the IPv6 address of this switch. IPv6 address is in 128-bit records represented as eight fields of up to four hexadecimal digits with a colon separating each field (:). For example, 'fe80::215:c5ff:fe03:4dc7'. The symbol '::' is a special syntax that can be used as a shorthand way of representing multiple 16-bit groups of contiguous zero’s. However, it can only appear once. It can also represent a legally valid IPv4 address. For example, '::192.1.2.34'.

Prefix: Provides the IPv6 Prefix of this switch. The allowed range is 1 to 128.

Gateway: Provides the IPv6 gateway address of this switch. IPv6 address is in 128-bit

records represented as eight fields of up to four hexadecimal digits with a colon separating each field (:). For example, 'fe80::215:c5ff:fe03:4dc7'. The symbol '::' is a special syntax that can be used as a shorthand way of representing multiple 16-bit groups of contiguous zero’s. However, it can only appear once. It can also represent a legally valid IPv4 address. For example, '::192.1.2.34'.

2-5 Syslog

2-5.1 Configuration

The syslog is a standard for logging program messages. It allows separation of the software that generates messages from the system that stores them and the software that reports and analyzes them. It can be used as generalized informational, analysis and debugging messages. It is supported by a wide variety of devices and receivers across multiple platforms.

This section describes how to configure the system log to a wide variety of devices and receivers across multiple platforms.

Web Interface

Parameter Description

To configure Syslog configuration in the web interface:

1. Click SYSTEM, Syslog.

2. Specify the syslog parameters, including IP Address of the syslog server

and port number.

3. Evoke the sylog to enable it.

4. Click “Apply”.

Figure 2- 5.1: The System Log Configuration

Server Mode: Indicates the server mode operation. When the mode operation is enabled, the syslog message will send out to syslog server. The syslog protocol is based on UDP communication and received on UDP port 514. The syslog server will not send acknowledgments back sender since UDP is a connectionless protocol and it does not provide acknowledgments. The syslog packet will always send out, even if the syslog server does not exist. Possible modes are:

 Enabled: Enables server mode operation.  Disabled: Disables server mode operation.

Server Address 1 and 2: Indicates the IPv4 host addresses of syslog server 1 and server 2 (for redundancy). If the switch provide DNS feature, it also can be a host name.

Syslog Level: Indicates what kind of message will send to syslog server. Possible modes are:

 Info: Sends information, warnings and errors.  Warning: Sends warnings and errors.  Error: Sends errors.

2-5.2 Log

This section describes the system log information of the switch.

Web Interface

To display the log configuration in the web interface:

1. Click Syslog, Log.

2. Display the log information.

Parameter Description

Figure 2- 5.2: The System Log Configuration

Auto-refresh: To evoke the auto-refresh icon, then the device will refresh the log automatically.

Level: Level of the system log entry. The following level types are supported: Information level of the system log.

 Warning: Warning level of the system log.  Error: Error level of the system log. All: All levels.

ID: ID (>= 1) of the system log entry.

Time: It will display the log record by device time. The time of the system log entry.

Message: It will display the log detail message. The message of the system log entry.

Upper right icon (Refresh, clear…): Click “Refresh” to refresh the system log or clear

them manually. Click other buttons to move to the next or previous page.

2-5.3 Detailed Log

This section describes the detailed log information of the switch.

Web Interface

To display the detailed log configuration in the web interface:

1. Click Syslog, Detailed Log.

2. Display the log information.

Parameter Description

Figure 2- 5.3: The Detailed System Log Information

ID: The ID (>= 1) of the system log entry.

Message: The detailed message of the system log entry.

Upper right icon (Refresh, clear…): Click “Refresh” to refresh the system log or clear

them manually. Click other buttons to move to the next or previous page.

2-6 SNMP

Any Network Management System (NMS) running the Simple Network Management Protocol (SNMP) can manage the Managed devices equipped with SNMP agent, provided that the Management Information Base (MIB) is installed correctly on the managed devices. SNMP is a protocol that is used to govern the transfer of information between SNMP manager and agent, and traverses the object identity (OID) of the management Information base (MIB), described in the form of SMI syntax. SNMP agent is running on the switch to response the request issued by SNMP manager.

Basically, it is passive except issuing the trap information. The switch supports a switch to turn on or off the SNMP agent. If you set the field SNMP to “Enable”, the SNMP agent will be started up. All supported MIB OIDs, including RMON MIB, can be accessed via SNMP manager. If the field SNMP is set to “Disable”, the SNMP agent will be de-activated, and the related Community Name, Trap Host IP Address, Trap and all MIB counters will be ignored.

2-6.1 System

This section describes how to configure SNMP System on the switch. This function is used to configure SNMP settings including community name, trap host, public traps, and the throttle of SNMP. A SNMP manager must pass the authentication by identifying both community names, and then it can access the MIB information of the target device. So, both parties must have the same community name. Once the setting is complete, click <Apply> button so the setting can take effect.

Web Interface

To display the configure SNMP System in the web interface:

1. Click SNMP, System.

2. Evoke SNMP State to enable or disable the SNMP function.

3. Specify the “Engine ID”.

4. Click “Apply”.

Figure 2- 6.1: The SNMP System Configuration

Parameter Description

These parameters are displayed on the SNMP System Configuration page:

SNMP State: The SNMP state is used for the activation or de-activation of SNMP.

 Enable: Enables SNMP state operation.  Disable: Disables SNMP state operation.  Default: Enable.

Engine ID: SNMPv3 engine ID. syntax: 0-9, a-f, A-F, min 5 octet, max 32 octet, fifth octet, can't input 00. If the Engine ID is changed, that will clear all original users.

2-6.2 Configuration

The function is used to configure SNMP communities. To enable a new community statistics, please check the button ▼, and choose <Enable> to configure SNMP function.

Parameter Description

Web Interface

To display the SNMP Configuration in the web interface:

1. Click SNMP, Configuration.

2. Evoke “SNMP State” to enable or disable the SNMP function.

3. Click “Apply”.

Figure2- 6.2: The SNMP Configuration

These parameters are displayed on the SNMP System Configuration page:

Get Community: Indicates the community read access string to permit access to SNMP agent. The allowed string length is 1 to 32. The allowed content is the ASCII characters from 33 to 126. The field is applicable only when SNMP version is SNMPv1 or SNMPv2c. If SNMP version is SNMPv3, the community string will be associated with SNMPv3 communities table. It provides more flexibility to configure the security name than a SNMPv1 or SNMPv2c community string. In addition to the community string, a particular range of source addresses can be used to restrict source subnet.

Set Community: Indicates the community write access string to permit access to SNMP agent. The allowed string length is 1 to 32, and the allowed content is the ASCII characters from 33 to 126. The field is applicable only when SNMP version is SNMPv1 or SNMPv2c. If SNMP version is SNMPv3, the community string will be associated with SNMPv3 communities table. It provides more flexibility to configure the security name than a SNMPv1 or SNMPv2c community string. In addition to community string, a particular range of source addresses can be used to restrict source subnet.

Mode: Indicates the “Set Community” mode operation. Possible modes are:

 Enabled: Enables Set Community.  Disabled: Disables Set Community.

2-6.3 Communities

The function is used to configure SNMPv3 communities. The Community and User Name are unique. To create a new community account, please check the <Add new community> button and enter the account information. Click <Save> when you’re finish. Max Group Number: 4.

Web Interface

To display the configure SNMP Communities in the web interface:

1. Click SNMP, Communities.

2. Click “Add new community”.

3. Specify the SNMP community’s parameters.

4. Click “Apply”.

5. If you want to modify or clear the setting, then click “Reset”.

Parameter Description

Figure 2- 6.2: The SNMPv1/v2 Communities Security Configuration

Delete: Check to delete the entry. It will be deleted during the next save.

Community: Indicates the community access string to permit access to SNMPv3

agent. The allowed string length is 1 to 32, and the allowed content is ASCII characters from 33 to 126. The community string will be treated as the security name and map a SNMPv1 or SNMPv2c community string.

User Name: The user Name access string to permit access to SNMPv3 agent. The length of “user Name” string is restricted to 1-32.

Source IP: Indicates the SNMP access source address. A particular range of source addresses can be used to restrict source subnet when combined with source mask.

Source Mask: Indicates the SNMP access source address mask.

2-6.4 Users

The function is used to configure SNMPv3 user. The Entry index key is UserName. To create a new User Name account, please check the <Add New User> button and enter the user information. Check <Save> when you’re finish. Max Group Number:

10.

Web Interface

To display the configure SNMP Users in the web interface:

1. Click SNMP, Users.

2. Specify the Privilege parameter.

3. Click “Apply”.

Parameter Description

Figure 2-6.3: The SNMP Users Configuration

Delete: Check to delete the entry. It will be deleted during the next save.

User Name: A string identifying the user name that this entry should belong to. The

allowed string length is 1 to 32, and the allowed content is ASCII characters from 33 to 126.

Security Level: Indicates the security model that this entry should belong to. Possible security models are:

 NoAuth, NoPriv: No authentication and no privacy.  Auth, NoPriv: Authentication and no privacy.  Auth, Priv: Authentication and privacy.  The value of security level cannot be modified if entry already exists. It

must first be ensured that the value is set correctly.

Authentication Protocol: Indicates the authentication protocol that this entry should belong to. Possible authentication protocols are:

 MD5: An optional flag to indicate that this user uses MD5 authentication

protocol.

 SHA: An optional flag to indicate that this user uses SHA authentication

protocol.

 The value of security level cannot be modified if entry already exists. That

means must first ensure that the value is set correctly.

Authentication Password: A string identifying the authentication password phrase. For MD5 authentication protocol, the allowed string length is 8 to 32. For SHA authentication protocol, the allowed string length is 8 to 40. The allowed content is ASCII characters from 33 to 126.

Privacy Protocol: Indicates the privacy protocol that this entry should belong to. Possible privacy protocols are:

 DES: An optional flag to indicate that this user uses DES authentication

protocol.

Privacy Password: A string identifying the privacy password phrase. The allowed string length is 8 to 32, and the allowed content is ASCII characters from 33 to 126.

2-6.5 Groups

The function is used to configure SNMPv3 group. The entry index keys are Security Model and Security Name. To create a new group account, please check <Add New Group> button. Enter the group information, then check <Save>. Max Group Number: v1:2, v2:2, v3:10.

Web Interface

To display the configure SNMP Groups in the web interface:

1. Click SNMP, Groups.

2. Specify the privilege parameter.

3. Click “Apply”.

Parameter Description

Figure 2-6.4: The SNMP Groups Configuration

Delete: Check to delete the entry. It will be deleted during the next save.

Security Model: Indicates the security model that this entry should belong to.

Possible security models are:

 v1: Reserved for SNMPv1.  v2c: Reserved for SNMPv2c.  usm: User-based Security Model (USM).

Security Name: A string identifying the security name that this entry should belong to. The allowed string length is 1 to 32, and the allowed content is ASCII characters from 33 to 126.

Group Name: A string identifying the group name that this entry should belong to. The allowed string length is 1 to 32, and the allowed content is ASCII characters from 33 to 126.

2-6.6 Views

The function is used to configure SNMPv3 view. The Entry index keys are OID Subtree and View Name. To create a new view account, please check <Add New View> button. Enter the view information, then check <Save>. Max Group Number:

28.

Configure the SNMPv3 view table on this page. The entry index keys are View Name and OID Subtree.

Web Interface

1. Click SNMP, Views.

2. Click “Add New View”.

3. Specify the SNMP view parameters.

4. Click “Apply”.

5. If you want to modify or clear the setting, then click “Reset”.

Figure 2-6.5: The SNMP Views Configuration

Parameter Description

Delete: Check to delete the entry. It will be deleted during the next save.

View Name: A string identifying the view name that this entry should belong to. The

allowed string length is 1 to 32, and the allowed content is ASCII characters from 33 to 126.

View Type: Indicates the view type that this entry should belong to. Possible view types are:

 Included: An optional flag to indicate that this view subtree should be

included.

 Excluded: An optional flag to indicate that this view subtree should be

excluded.

 In general, if a view entry's view type is 'excluded', there should be another

view entry existing with view type as 'included' and its OID subtree should overstep the 'excluded' view entry.

OID Subtree: The OID defines the root of the subtree to add to the named view. The allowed OID length is 1 to 128. The allowed string content is a digital number or asterisk (*).

Apply: Click “Save” to save the configuration to ROM.

2-6.7 Access

The function is used to configure SNMPv3 accesses. The entry index key are Group Name, Security Model, and Security level. To create a new access account, please check <Add New Access> button. Enter the access information, then check <Save>. Max Group Number: 14.

Web Interface

To display the configure SNMP Access in the web interface:

1. Click SNMP, Accesses.

2. Click “Add New Access”.

3. Specify the SNMP access parameters.

4. Click “Apply”.

5. If you want to modify or clear the setting, then click “Reset”.

Parameter Description

Figure 2-6.6: The SNMP Accesses Configuration

Delete: Check to delete the entry. It will be deleted during the next save.

Group Name: A string identifying the group name that this entry should belong to.

The allowed string length is 1 to 32, and the allowed content is ASCII characters from 33 to 126.

Security Model: Indicates the security model that this entry should belong to. Possible security models are:

 Any: Any security model accepted (v1|v2c|usm).  V1: Reserved for SNMPv1.  V2C: Reserved for SNMPv2c.  USM: User-based Security Model (USM).

Security Level: Indicates the security model that this entry should belong to. Possible security models are:

 NoAuth, NoPriv: No authentication and no privacy.  Auth, NoPriv: Authentication and no privacy.  Auth, Priv: Authentication and privacy.

Read View Name: The name of the MIB view defines the MIB objects so it may request the current values. The allowed string length is 1 to 32, and the allowed content is ASCII characters from 33 to 126. Write view name.

The name of the MIB view defines the MIB objects so this request may potentially set new values. The allowed string length is 1 to 32, and the allowed content is ASCII characters from 33 to 126.

Write View Name: The name of the MIB view defines the MIB objects so this request may potentially set new values. The allowed string length is 1 to 32, and the allowed content is ASCII characters from 33 to 126.

Button:

 Add new access - Click to add a new access entry.  Apply - Click “Apply” to apply changes.

2-6.8 Trap

The function is used to configure SNMP trap. To create a new trap account, please check <No number> button. Enter the trap information, then check <Apply>. Max Group Number: 6.

Web Interface

To configure SNMP Trap setting:

1. Click SNMP, Trap.

2. Display the SNMP trap hosts information table.

3. Choose an entry to display and modify the detail parameters, or click

the delete button to delete the trap hosts entry.

Parameter Description

Figure 2-6.7: The SNMP Trap Host Configuration

Delete: Check <Delete> entry, then check <Save> button to delete the entry.

Trap Version: You may choose V2C or V3 trap.

Server IP: To assign the SNMP Host IP address.

UDP Port: To assign a port number. The default is 162.

Community / Security Name: The length of “Community / Security Name” string is

restricted to 1-32.

Security Level: Indicates what kind of message will send to security level. Possible modes are:

 Error: Send errors.  Warning: Send warnings and errors.  Info: Send information, warnings, and errors.

Security Level: There are three kinds of choices.

 NoAuth, NoPriv: No authentication and no privacy.  Auth, NoPriv: Authentication and no privacy.  Auth, Priv: Authentication and privacy.

Authentication Protocol: You can choose MD5 or SHA for authentication.

Authentication Password: The length of 'MD5 Authentication Password' is restricted to 8 – 32. The length of 'SHA Authentication Password' is restricted to 8 – 40.

Privacy Protocol: You can set DES encryption for User Name.

Privacy Password: The length of ' Privacy Password ' is restricted to 8 – 32.

Chapter 3: Configuration

NOTE: The flow control will be enabled only when the PD

supports flow control function.

3-1 Port

3-1.1 Configuration

This chapter describes the basic network configuration tasks which includes the Ports, Layer 2 network protocol (e.g. VLANs, QoS, IGMP, ACLs, PoE, and so on), and any settings of the switch.

The section describes to configure the port detail parameters of the switch. You could also use the port configuration to enable or disable the port of the switch. Monitor the ports content or status in the function.

This chapter describes how to view the current port configuration and how to configure ports to non-default settings, including:

 Linkup/Linkdown  Speed (Current and Configured)  Flow Control (Current Rx, Current Tx, and Configured)  Maximum Frame Size  Excessive Collision Mode  Power Control

Web Interface

To configure a Current Port Configuration in the web interface:

1. Click Configuration, Port, and then Configuration.

2. Specify the Speed Configured, Flow Control , Maximum Frame size,

Excessive Collision mode, and Power Control.

3. Click “Apply”.

Figure 3-1.1: The Port Configuration

Parameter Description

Port: This is the logical port number for this row.

Link: The current link state is displayed graphically. Green indicates the link is up and

red that it is down.

Current Link Speed: Provides the current link speed of the port.

Configured Link Speed: Selects any available link speed for the given switch port.

 “Auto Speed” selects the highest speed that is compatible with a link

partner.

 “Disabled” turns off the switch port operation.

Flow Control: When “Auto Speed” is selected on a port, this section indicates the flow control capability that is advertised to the link partner. When a fixed-speed setting is selected, that is what is used. The “Current Rx” column indicates whether the pause frames on the port are obeyed, and the “Current Tx” column indicates whether pause frames on the port are transmitted. The Rx and Tx settings are determined by the result of the last “Auto-Negotiation”.

Check the configured column to use flow control. This setting is related to the setting for configured link speed.

Maximum Frame Size: Enter the maximum frame size allowed for the switch port, including FCS.

Excessive Collision Mode: Configure port transmit collision behavior.

 Discard: Discards frame after 16 collisions (default).  Restart: Restarts backoff algorithm after 16 collisions.

Power Control: The usage column shows the current percentage of the power consumption per port. The configured column allows for changing the power savings mode parameters per port.

 Disabled: All power savings mechanisms disabled.  ActiPHY: Link down power savings enabled.  PerfectReach: Link up power savings enabled.  Enabled: Both link up and link down power savings enabled.

3-1.2 Port Description

The section configures the port’s alias or any descriptions for the port identity. It allows the user to write down an alphanumeric string to describe the full name and version identification for the system’s hardware type, software version, and networking application.

Web Interface

To configure a port description in the web interface:

1. Click Configuration, Port, and then Port Description.

2. Specify the detailed port alias or description - an alphanumeric string

describing the full name and version identification for the system’s hardware type, software version, and networking application.

3. Click “Apply”.

Parameter Description

Figure 3-1.2: The Port Configuration

Port: This is the logical port number for this row.

Description: Description of the device ports cannot include the following: “ # % &

‘ + \.

3-1.3 Traffic Overview

The section describes to the port statistics information and provides an overview of the general traffic statistics for all switch ports. The ports belong to the current selected stack unit, as reflected by the page header.

Web Interface

Parameter Description

To display the Port Statistics Overview in the web interface:

1. Click Configuration, Port, and then Traffic Overview.

2. If you want to auto-refresh, then you need to evoke the “Auto-Refresh”.

3. Click “Refresh“ to refresh the port statistics or clear all information by

pressing “Clear”.

Figure 3-1.3: The Port Statistics Overview

Port: The logical port for the settings contained in the same row.

Packets: The number of received and transmitted packets per port.

Bytes: The number of received and transmitted bytes per port.

Errors: The number of frames received in error and the number of incomplete

transmissions per port.

Drops: The number of frames discarded due to ingress or egress congestion.

Filtered: The number of received frames filtered by the forwarding.

3-1.4 Detailed Statistics

The section provides detailed traffic statistics for a specific switch port. Use the port select box to select which switch port details to display. The selected port belongs to the current selected stack unit, as reflected by the page header.

The displayed counters are the totals for receive and transmit, the size counters for receive and transmit, and the error counters for receive and transmit.

Web Interface

To display the Per Port Detailed Statistics Overview in the web interface:

1. Click Configuration, Port, then Detailed Statistics.

2. Scroll the port index to select which port you want to show the detailed

port statistic overview.

3. If you want to auto-refresh the information, then you need to evoke the

“Auto-Refresh”.

4. Click “Refresh“ to refresh the port detailed statistics or clear all information

by pressing “Clear”.

Figure 3-1.4: The Port Detail Statistics Overview

Parameter Description

Receive Total and Transmit Total

Auto-refresh: Evoke to refresh the port statistics information automatically.

Upper left scroll bar: To scroll which port to display the port statistics with “Port-0”,

“Port-1...

Rx and Tx Packets: The number of received and transmitted (good and bad) packets.

Rx and Tx Octets: The number of received and transmitted (good and bad) bytes.

Includes FCS, but excludes framing bits.

Rx and Tx Unicast: The number of received and transmitted (good and bad) unicast packets.

Rx and Tx Multicast: The number of received and transmitted (good and bad) multicast packets.

Rx and Tx Broadcast: The number of received and transmitted (good and bad) broadcast packets.

Rx and Tx Pause: A count of the MAC Control frames received or transmitted on this port that have an opcode to include a PAUSE operation.

Receive and Transmit Size Counters: The number of received and transmitted (good and bad) packets split into categories based on their respective frame sizes.

Receive and Transmit Queue Counters: The number of received and transmitted packets per input and output queue.

Receive Error Counters

Transmit Error Counters

Rx Drops: The number of frames dropped due to lack of receive buffers or egress

congestion.

Rx CRC/Alignment: The number of frames received with CRC or alignment errors.

Rx Undersize: The number of short 1 frames received with valid CRC.

Rx Oversize: The number of long 2 frames received with valid CRC.

Rx Fragments: The number of short 1 frames received with invalid CRC.

Rx Jabber: The number of long 2 frames received with invalid CRC.

Rx Filtered: The number of received frames filtered by the forwarding process. Short

frames are frames that are smaller than 64 bytes.

Long frames are frames that are longer than the configured maximum frame length for this port.

Tx Drops: The number of frames dropped due to output buffer congestion.

Tx Late/Exc. Coll.: The number of frames dropped due to excessive or late collisions.

3-1.5 QoS Statistics

The section describes how the switch could display the QoS detailed queuing counters for a specific switch port. The ports belong to the currently selected stack unit, as reflected by the page header.

Parameter Description

Web Interface

To display the Queuing Counters in the web interface:

1. Click Configuration, Port, and then QoS Statistics.

2. If you want to auto-refresh the information, then you need to evoke the

“Auto-Refresh”.

3. Click “Refresh“ to refresh the queuing counters or clear all information by

pressing “Clear”.

Figure 3-1.5: The Queuing Counters Overview

Port: The logical port for the settings contained in the same row.

Qn: Qn is the QoS queue number per port. Q0 is the lowest priority queue.

Rx/Tx: The number of received and transmitted packets per queue.

Auto-refresh: To evoke the auto-refresh to refresh the queuing counters

automatically.

Upper right icon (Refresh, clear): Click “Refresh” to refresh the queuing counters or clear them manually.

3-1.6 SFP Information

The section describes how the switch could display the detailed information of the SFP module. The information includes: Connector type, Fiber type, Wavelength, Baud Rate, Vendor OUI, and more.

Web Interface

To display the SFP information in the web interface:

1. Click Configuration, Port, and then SFP Information.

2. To display the SFP Information.

Parameter Description

Figure 3-1.6: The SFP Information Overview

Connector Type: Displays the connector type (e.g. UTP, SC, ST, LC and so on).

Fiber Type: Displays the fiber mode (e.g. Multi-Mode or Single-Mode).

Tx Central Wavelength: Displays the fiber optical transmitting central wavelength

(e.g. 850nm, 1310nm, 1550nm, and so on).

Baud Rate: Displays the maximum baud rate of the fiber module supported (e.g. 10M, 100M, 1G, and so on).

Vendor OUI: Displays the manufacturer's OUI code, which is assigned by IEEE.

Vendor Name: Displays the company name of the module manufacturer.

Vendor P/N: Displays the product name of the naming by module manufacturer.

Vendor Revision: Displays the module revision.

Vendor Serial Number: Shows the serial number assigned by the manufacturer.

Date Code: Shows the date this SFP module was made.

Temperature: Shows the current temperature of SFP module.

NOTE: Only SFP modules that are UL and CDRH

Certified and have an international certification such as TUV, VDE, or DEMKO are recommended. Use only Class 1 SFP modules.

Vcc: Shows the working DC voltage of SFP module.

Mon1(Bias) mA: Shows the Bias current of SFP module.

Mon2(TX PWR): Shows the transmit power of SFP module.

Mon3(RX PWR): Shows the receiver power of SFP module.

3-1.7 EEE

The section allows the user to inspect and configure the current EEE port settings.

EEE is a power saving option that reduces power usage when there is very low traffic utilization (or no traffic).

EEE works by powering down circuits when there is no traffic. When a port gets data to be transmitted, all circuits are powered up. The time it takes to power up the circuits is called wakeup time. The default wakeup time is 17 us for 1Gbit links and 30 us for other link speeds. EEE devices must agree upon the value of the wakeup time in order to make sure that both the receiving and transmitting devices have all circuits powered up when traffic is transmitted. The devices can exchange information about the wakeup time using the LLDP protocol.

To maximize power saving, the circuit doesn’t start once the transmit data is ready for a port. Instead, it’s queued until 3000 bytes of data are ready to be transmitted. To avoid a large delay in case there is data less than 3000 bytes waiting to be transmitted, data are always transmitted after 48 us, giving a maximum latency of 48 us + the wakeup time.

If desired, it is possible to minimize the latency for specific frames, by mapping the frames to a specific queue through QOS, and then mark the queue as an urgent queue. When an urgent queue gets data ready to be transmitted, the circuits will be powered up at once and the latency will be reduced to the wakeup time.

Web Interface

To configure the EEE Configuration in the web interface:

1. Click Configuration, Port, and then EEE.

2. To evoke which port you want to enable the EEE function.

3. To evoke which “EEE Urgent Queues” level, ranging from 1 to 8. The queue

will postpone the transmission until 3000 bytes of data are ready to be transmitted.

4. Click “Save” to save the setting.

5. If you want to cancel the setting, click the reset button to revert back to

previously saved values.

Figure 3-1.7: The EEE Configuration

Parameter Description

EEE Port Configuration: The EEE port settings relate to the currently selected stack

unit, as reflected by the page header.

Port: The switch port number of the logical EEE port.

EEE Enabled: Controls whether EEE is enabled for this switch port.

EEE Urgent Queues: Queues set will activate transmission of frames as soon as any

data is available. Otherwise, the queue will postpone the transmission until 3000 bytes of data are ready to be transmitted.

3-2 ACL

3-2.1 Ports

The Vi3010 switch access control list (ACL) is probably the most commonly used object in the IOS. It is used for packet filtering. It also selects the types of traffic to be analyzed, forwarded, or influenced in some way. The ACLs are divided into EtherTypes - IPv4, ARP protocol, MAC, and VLAN parameters. This section will go over the standard and extended access lists for TCP/IP. As you create ACEs for ingress classification, you can assign a policy for each port. The policy number is 1-8. However, each policy can be applied to any port. This makes it very easy to determine what type of ACL policy you will be working with.

The section describes how to configure the ACL parameters (ACE) of the each switch port. These parameters will affect frames received on a port, unless the frame matches a specific ACE.

Web Interface

To configure the ACL Ports Configuration in the web interface:

1. Click Configuration, ACL, and then Ports.

2. Scroll the specific parameter value to select the correct value for port ACL

setting.

3. Click “Save” to save the setting.

4. If you want to cancel the setting, click the reset button to revert back to

previously saved values.

5. After the configuration is complete, then you could see the counter of the

port. You could click refresh to update the counter or clear the information.

Figure 3-2.1: The ACL Ports Configuration

Parameter Description

Port: The logical port for the settings contained in the same row.

Policy ID: Selects the policy to apply to this port. The allowed values are 0 through

255. The default value is 0.

Action: Selects whether forwarding is permitted ("Permit") or denied ("Deny"). The default value is "Permit".

Rate Limiter ID: Selects which rate limiter to apply on this port. The allowed values are “Disabled” or the values from 1 through 16. The default value is "Disabled".

Port Redirect: Selects which port frames are redirected on. The allowed values are “Disabled” or a specific port number. The default value is "Disabled".

Mirror: Specifies the mirror operation of this port. The allowed values are:

 Enabled: Frames received on the port are mirrored.  Disabled: Frames received on the port are not mirrored.  The default value is "Disabled".

Logging: Specifies the logging operation of this port. The allowed values are:

 Enabled: Frames received on the port are stored in the system log.  Disabled: Frames received on the port are not logged.  The default value is "Disabled". Please note that the system log memory

size and logging rate is limited.

Shutdown: Specifies the port shut down operation of this port. The allowed values are:

 Enabled: If a frame is received on the port, the port will be disabled.  Disabled: The port shut down is disabled.  The default value is "Disabled".

State: Specifies the port state of this port. The allowed values are:

 Enabled: To reopen ports, change the volatile port configuration of the ACL

user module.

 Disabled: To close ports, change the volatile port configuration of the ACL

user module.

 The default value is "Enabled".

Counter: Counts the number of frames that match this ACE.

Buttons

 Apply – Click to apply changes.

 Reset- Click “Reset” to undo any changes made locally and revert to

previously saved values.

Upper right icon (Refresh, clear): Click “Refresh” to refresh the ACL Port Configuration or clear them manually.

3-2.2 Rate Limiters

The section describes how to configure the switch’s ACL rate limiter parameters. The “Rate Limiter Level” from 1 to 16 allows the user to set the rate limiter value and units with pps or kbps.

Web Interface

To configure ACL Rate Limiter in the web interface:

1. Click Configuration, ACL, and then Rate Limiter.

2. Specify the “Rate” field. The range is from 0 to 3276700.

3. Scroll the “Unit” to pps or kbps.

4. Click “Save” to save the setting.

5. If you want to cancel the setting, click the reset button to revert back to

previously saved values.

Parameter Description

Figure 3-2.2: The ACL Rate Limiter Configuration

Rate Limiter ID: The rate limiter ID for the settings contained in the same row.

Rate: The allowed values are: “0-3276700” in pps or “0, 100, 200, 300... 1000000” in

kbps.

Unit: Specifies the rate unit. The allowed values are:

 Pps: Packets per second  Kbps: Kbits per second

Buttons

 Apply – Click to apply changes.  Reset - Click “Reset” to undo any changes made locally and revert to

previously saved values.

3-2.3 Access Control List

The section describes how to configure the Access Control List rule. An Access Control List (ACL) is a sequential list of permit or deny conditions that apply to IP addresses, MAC addresses, or other more specific criteria. This switch tests ingress packets against the conditions in an ACL one by one. A packet will be accepted as soon as it matches a permit rule, or dropped as soon as it matches a deny rule. If no rules match, the frame is accepted. Other actions can also be invoked when a matching packet is found, including rate limiting, copying matching packets to another port or to the system log, or shutting down a port.

This page shows the Access Control List (ACL), which is made up of the ACEs defined on this switch. Each row describes the ACE that is defined. The maximum number of ACEs is 256 on each switch. Click on the lowest plus sign to add a new ACE to the list. The reserved ACEs, used for internal protocol, cannot be edited or deleted. The order sequence cannot be changed and the priority is highest.

Web Interface

To configure Access Control List in the web interface:

1. Click Configuration, ACL, and then Access Control List.

2. Click the button to add a new ACL, or use the other ACL modification

buttons to specify the editing action (e.g. edit, delete, or moving the relative position of entry in the list).

3. Specifies the parameter of the ACE.

4. Click “Save” to save the setting.

5. If you want to cancel the setting, click the reset button to revert back to

previously saved values.

6. When editing an entry on the ACE Configuration page, note that the items

displayed depends on various selections, such as frame type and IP protocol type. Specifies the relevant criteria to be matched for this rule, and set the actions to take when a rule is matched (such as rate limiter, port copy, logging, or shutdown).

Figure 3-2.3: The ACL Rate Limiter Configuration

Parameter Description

Ingress Port: Selects the ingress port for which this ACE applies.

 All: The ACE applies to all port.  Port n: The ACE applies to this port number, where “n” is the number of the

switch port.

Policy Filter: Specifies the policy number filter for this ACE.

 Any: No policy filter is specified (the policy filter status is "don't-care").  Specific: If you want to filter a specific policy with this ACE, choose this

value. Two field for entering a policy value and bitmask appears.

Frame Type: Indicates the frame type of the ACE. Possible values are:

 Any: The ACE will match any frame type.  Ethernet Type: Only Ethernet type frames can match this ACE. The IEEE

802.3 describes the value of “Length/Type Field” specifications to be greater than or equal to 1536 decimal (equals to 0600 hexadecimal).

 ARP: Only ARP frames can match this ACE. Notice the ARP frames won't

match the ACE with Ethernet type.

 IPv4: Only IPv4 frames can match this ACE. Notice the IPv4 frames won't

match the ACE with Ethernet type.

Action: Specifies the action to take with a frame that hits this ACE.

 Permit: The frame that hits this ACE is granted permission for the ACE

operation.

 Deny: The frame that hits this ACE is dropped.

Rate Limiter: Indicates the rate limiter number of the ACE. The allowed range is 1 to

16. When “Disabled” is displayed, the rate limiter operation is disabled.

Port Redirect: Frames that hit the ACE are redirected to the port number specified here. The allowed range is the same as the switch port number range. “Disabled” indicates that the port redirect operation is disabled.

Mirror: Specifies the mirror operation of this port. Frames matching the ACE are mirrored to the destination mirror port. The allowed values are:

 Enabled: Frames received on the port are mirrored.  Disabled: Frames received on the port are not mirrored.  The default value is "Disabled".

Logging: Indicates the logging operation of the ACE. Possible values are:

 Enabled: Frames matching the ACE are stored in the system log.  Disabled: Frames matching the ACE are not logged.  Please note that the system log memory size and logging rate is limited.

Shutdown: Indicates the port shut down operation of the ACE. Possible values are:

 Enabled: If a frame matches the ACE, the ingress port will be disabled.  Disabled: Port shut down is disabled for the ACE.

Counter: The counter indicates the number of times the ACE was hit by a frame.

VLAN Parameters

802.1Q Tagged: Specifies whether frames can hit the action according to the 802.1Q

tagged. The allowed values are:

 Any: Any value is allowed ("don't-care").  Enabled: Tagged frame only.  Disabled: Untagged frame only.  The default value is "Any".

VLAN ID Filter: Specifies the VLAN ID filter for this ACE.

 Any: No VLAN ID filter is specified (VLAN ID filter status is "don't-care").  Specific: If you want to filter a specific VLAN ID with this ACE, choose this

value. A field for entering a VLAN ID number appears.

VLAN ID: When "Specific" is selected for the VLAN ID filter, you can enter a specific VLAN ID number. The allowed range is 1 to 4094. A frame that hits this ACE matches this VLAN ID value.

Tag Priority: Specifies the tag priority for this ACE. A frame that hits this ACE matches this tag priority. The allowed number range is 0 to 7. The value “Any” means that no tag priority is specified (tag priority is "don't-care").

Modification Buttons: You can modify each ACE (Access Control Entry) in the table using the following buttons:

: Inserts a new ACE before the current row.

: Edits the ACE row.

: Moves the ACE up the list.

: Moves the ACE down the list.

: Deletes the ACE.

: The lowest plus sign adds a new entry at the bottom of the ACE

listings.

Buttons:

 Apply – Click to apply changes.  Reset- Click “Reset” to undo any changes made locally and revert to

previously saved values.

Auto-refresh: To evoke the auto-refresh to refresh the information automatically.

Upper right icon (Refresh, Clear, Remove All): Click “Refresh” to refresh the ACL

configuration or clear them manually. You can also remove or clean up all ACL configurations in the table.

3-2.4 ACL Status

The section shows the ACL status by different ACL users. Each row describes the ACE defined. It is a conflict if a specific ACE is not applied to the hardware due to hardware limitations. The maximum number of ACEs is 256 on each switch.

Parameter Description

Web Interface

To display the ACL status in the web interface:

1. Click Configuration, ACL, and then ACL status.

2. If you want to auto-refresh the information, then you need to evoke the

“Auto-Refresh”.

3. Click “Refresh” to refresh the ACL Status.

Figure 3-2.4: The ACL Rate Limiter Configuration

User: Indicates the ACL user.

Ingress Port: Indicates the ingress port of the ACE. Possible values are:

 All: The ACE will match all ingress port.  Port: The ACE will match a specific ingress port.

Frame Type: Indicates the frame type of the ACE. Possible values are:

 Any: The ACE will match any frame type.  EType: The ACE will match Ethernet Type frames. Note that an Ethernet

Type based ACE will not get matched by IP and ARP frames.

 ARP: The ACE will match ARP/RARP frames.  IPv4: The ACE will match all IPv4 frames.  IPv4/ICMP: The ACE will match IPv4 frames with ICMP protocol.  IPv4/UDP: The ACE will match IPv4 frames with UDP protocol.  IPv4/TCP: The ACE will match IPv4 frames with TCP protocol.  IPv4/Other: The ACE will match IPv4 frames, which are not ICMP/UDP/TCP.

IPv6: The ACE will match all IPv6 standard frames.

Action: Indicates the forwarding action of the ACE.

 Permit: Frames matching the ACE may be forwarded and learned.  Deny: Frames matching the ACE are dropped.

Rate Limiter: Indicates the rate limiter number of the ACE. The allowed range is 1 to

16. When “Disabled” is displayed, the rate limiter operation is disabled.

Port Redirect: Indicates the port redirect operation of the ACE. Frames matching the ACE are redirected to the port number. The allowed values are “Disabled” or a specific port number. When “Disabled” is displayed, the port redirect operation is disabled.

Mirror: Specifies the mirror operation of this port. The allowed values are:

Combined

 Enabled: Frames received on the port are mirrored.  Disabled: Frames received on the port are not mirrored.  The default value is "Disabled".

CPU: Forward packet that matched the specific ACE to CPU.

CPU Once: Forward first packet that matched the specific ACE to CPU.

Counter: The counter indicates the number of times the ACE was hit by a frame.

Conflict: Indicates the hardware status of the specific ACE. The specific ACE is not

applied to the hardware due to hardware limitations.

Auto-refresh: To evoke the auto-refresh to refresh the information automatically.

: Select the ACL status from this drop down list.

Upper right icon (Refresh): Click “Refresh” to refresh the ACL status information manually.

3-3 Aggregation

The aggregation is used to configure the settings of “Link Aggregation”. You can bundle more than one port with the same speed, full duplex, and the same MAC to be a single logical port. Thus, the logical port aggregates the bandwidth of these ports. This means you can apply your current Ethernet equipment to build the bandwidth aggregation. For example, if there are three fast Ethernet ports aggregated in a logical port, then this logical port has bandwidth three times as high as a single fast Ethernet port has.

3-3.1 Static Trunk

3-3.1.1 Static Trunk

The aggregation configuration is used to configure the settings of link aggregation. You can bundle more than one port with the same speed, full duplex and the same MAC to be a single logical port. Thus, the logical port aggregates the bandwidth of these ports. This means you can apply your current Ethernet equipment to build the bandwidth aggregation.

Ports using static trunk as their trunk method can choose their unique static Group ID to form a logic “trunked port”. The benefit of using “Static Trunk” method is that a port can immediately become a member of a trunk group without any handshaking with its peer port. This is also a disadvantage because the peer ports of your static trunk group may not know that they should be aggregate together to

form a “logic trunked port”. Using static trunk on both end of a link is strongly recommended. Please also note that low speed links will stay in “not ready” state

when using static trunk to aggregate with high speed links.

Web Interface

To configure the Trunk Aggregation Hash mode and Aggregation Group in the web interface:

1. Click Configuration, Aggregation, then Static Trunk.

2. Evoke to enable or disable the aggregation Hash mode function. Evoke

“Aggregation Group ID” and port members.

3. Click “Save” to save the setting.

4. If you want to cancel the setting, click the reset button to revert back to

previously saved values.

Figure 3-3.1.1: The Aggregation Mode Configuration

Parameter Description

Hash Code Contributors

Source MAC Address: The Source MAC address can be used to calculate the

destination port for the frame. Check to enable the use of the source MAC address or uncheck to disable. By default, the source MAC address is enabled.

Destination MAC Address: The destination MAC Address can be used to calculate the destination port for the frame. Check to enable the use of the destination MAC Address or uncheck to disable. By default, the destination MAC Address is disabled.

IP Address: The IP address can be used to calculate the destination port for the frame. Check to enable the use of the IP address or uncheck to disable. By default, the IP Address is enabled.

TCP/UDP Port Number: The TCP/UDP port number can be used to calculate the destination port for the frame. Check to enable the use of the TCP/UDP port number or uncheck to disable. By default, the TCP/UDP port number is enabled.

Aggregation Group Configuration

Group ID: Indicates the group ID for the settings contained in the same row. Group

ID "Normal" indicates there is no aggregation. Only one group ID is valid per port.

Port Members: Each switch port is listed for each group ID. Select a radio button to include a port in an aggregation or clear the radio button to remove the port from the aggregation. By default, no ports belong to any aggregation group. Only full duplex ports can join an aggregation and ports must be in the same speed in each group.

3-3.2 LACP

Ports using Link Aggregation Control Protocol (according to IEEE 802.3ad specification) as their trunking method can choose their unique LACP Group ID to form a logic “trunked port”. The benefit of using LACP is that a port makes an agreement with its peer port before it becomes a ready member of a “trunk group” (also called aggregator). LACP is safer than the other trunking method - static trunk.

3-3.2.1 Configuration

This page allows the user to inspect and change the current LACP port configurations. A LACP trunk group with more than one ready member-ports is a “Real Trunked” group. A LACP trunk group with only one or less than one ready member-ports is not a “Real Trunked” group.

Web Interface

To configure the Trunk Aggregation LACP parameters in the web interface:

1. Click Configuration, LACP, Configuration.

2. Evoke to enable or disable the LACP on the port of the switch. Scroll the Key

parameter with Auto or Specific. The default is “Auto”.

3. Scroll the role with “Active” or “Passive”. The default is “Active”.

4. Click “Save” to save the setting.

5. If you want to cancel the setting, then you need to click the reset button. It

will revert to previously saved values.

Figure 3-3.2.1: The LACP Port Configuration

Parameter Description

Port: The switch port number.

LACP Enabled: Controls whether LACP is enabled on this switch port. LACP will form

an aggregation when 2 or more ports are connected to the same partner. LACP can form a max of 12 LLAGs per switch and 2 GLAGs per stack.

Key: The key value incurred by the port, ranging from 1 to 65535. The auto setting will set the key as appropriate by the physical link speed, 10Mb = 1, 100Mb = 2, 1 GB = 3. By using the “Specific” setting, a user-defined value can be entered. Ports with the same key value can participate in the same aggregation group, while ports with different keys cannot.

Role: The “Role” shows the LACP activity status. The “Active” will transmit LACP packets each second; while “Passive” will wait for a LACP packet from a partner (speak if spoken to).

3-3.2.2 System Status

This section describes how the status overview for all LACP instances is provided when you complete setting the LACP function on the switch.

Web Interface

To display the LACP System status in the web interface:

1. Click Configuration, LACP, System Status.

2. If you want to auto-refresh the information, then you need to evoke the

“Auto-Refresh”.

3. Click “Refresh“ to refresh the LACP System Status.

Parameter Description

Figure 3-3.2.2: The LACP System Status

Aggr ID: The aggregation ID associated with this aggregation instance. For LLAG, the id is shown as 'isid:aggr-id' and for GLAGs as 'aggr-id'.

Partner System ID: The system ID (MAC address) of the aggregation partner.

Partner Key: The key that the partner has assigned to this aggregation ID.

Last changed: The time since this aggregation changed.

Local Ports: Shows which ports are a part of this aggregation for this switch/stack.

The format is: "Switch ID:Port".

3-3.2.3 Port Status

This section describes how the port status overview for all LACP instances is provided when you complete setting the LACP function on the switch.

Web Interface

To display the LACP Port status in the web interface:

1. Click Configuration, LACP, Port Status.

2. If you want to auto-refresh the information, then you need to evoke the

“Auto-Refresh”.

3. Click “Refresh“ to refresh the LACP Port Status.

Figure 3-3.2.3: The LACP Status

Parameter Description

Port: The switch port number.

LACP: 'Yes' means that LACP is enabled and the port link is up. 'No' means that LACP

is not enabled or that the port link is down. 'Backup' means that the port could not join the aggregation group but will join if other port leaves. Meanwhile, the LACP status is disabled.

Key: The key assigned to this port. Only ports with the same key can aggregate together.

Aggr ID: The aggregation ID assigned to this aggregation group. IDs 1 and 2 are GLAGs, while IDs 3-14 are LLAGs.

Partner System ID: The partner's system ID (MAC address).

Partner Port: The partner's port number connected to this port.

3-3.2.4 Port Statistics

This section describes how the port statistics overview is provided when you complete setting the LACP function on the switch.

Web Interface

To display the LACP Port Status in the web interface:

1. Click Configuration, LACP, Port Statistics.

2. If you want to auto-refresh the information, then you need to evoke the

“Auto refresh”.

3. Click “Refresh“ to refresh the LACP Statistics.

Parameter Description

Figure 3-3.2.4: The LACP Statistics

Port: The switch port number.

LACP Received: Shows how many LACP frames have been received at each port.

LACP Transmitted: Shows how many LACP frames have been sent from each port.

Discarded: Shows how many unknown or illegal LACP frames have been discarded at

each port.

3-4 Spanning Tree

The Spanning Tree Protocol (STP) can be used to detect and disable network loops, and to provide backup links between switches, bridges, or routers. This allows the switch to interact with other bridging devices (e.g. an STP-compliant switch, bridge, or router) in your network to ensure that only one route exists between any two stations on the network. It also provides backup links, which automatically take over when the primary link goes down.

STP - STP uses a distributed algorithm to select a bridging device (STP- compliant switch, bridge, or router) that serves as the root of the spanning tree network. It selects a root port on each bridging device (except for the root device), which incurs the lowest path cost when forwarding a packet from that device to the root device. Then, it selects a designated bridging device from each LAN, which incurs the lowest path cost when forwarding a packet from that LAN to the root device. All ports connected to the designated bridging devices are assigned as designated ports. After determining the lowest cost spanning tree, it enables all root ports and designated ports, and disables all other ports. Therefore, the network packets are only forwarded between root ports and designated ports to eliminate any possible network loops.

3-4.1 Bride Settings

Once a stable network topology had been established, all bridges listen for Hello BPDUs (Bridge Protocol Data Units) transmitted from the Root Bridge. If a bridge does not get a Hello BPDU after a predefined interval (Maximum Age), the bridge assumes that the link to the Root Bridge is down. This bridge will then initiate negotiations with other bridges to reconfigure the network to reestablish a valid network topology.

The section describes how to configure the Spanning Tree Bridge and STP System settings. It allows you to configure STP System settings used by all STP Bridge instance in the Switch Stack.

Web Interface

To configure the Spanning Tree Bridge Settings parameters in the web interface:

1. Click Configuration, Spanning Tree, Bridge Settings.

2. Scroll to select the parameters and write down available value of

parameters in blank field in Basic Settings.

3. Evoke to enable or disable the parameters and write down available value

of parameters in blank field in Advanced settings.

4. Click “Save” to save the setting.

5. If you want to cancel the setting, click the reset button to revert back to

previously saved values.

Figure 3-4.1: The STP Bridge Configuration

Parameter Description

Basic Settings

Protocol Version: The STP protocol version setting. Valid values are STP, RSTP, and

MSTP.

Bridge Priority: Controls the bridge priority. Lower numeric values have better priority. The bridge priority plus the MSTI instance number, concatenated with the 6byte MAC address of the switch forms a Bridge Identifier. For MSTP operation, this is the priority of the CIST. Otherwise, this is the priority of the STP/RSTP bridge.

Forward Delay: The delay used by STP Bridges to transit Root and Designated Ports to Forwarding (used in STP compatible mode). Valid values are in the range 4 to 30 seconds.

Max Age: The maximum age of the information transmitted by the Bridge when it is the Root Bridge. Valid values are in the range 6 to 40 seconds, and MaxAge must be <= (FwdDelay-1)*2.

Maximum Hop Count: This defines the initial value of remaining Hops for MSTI information generated at the boundary of an MSTI region. It defines how many bridges a root bridge can distribute its BPDU information to. Valid values are in the range 6 to 40 hops.

Transmit Hold Count: The number of BPDU's a bridge port can send per second. When exceeded, transmission of the next BPDU will be delayed. Valid values are in the range 1 to 10 BPDU's per second.

Advanced Settings

Edge Port BPDU Filtering: Controls whether a port explicitly configured as Edge will

transmit and receive BPDUs.

Edge Port BPDU Guard: Controls whether a port explicitly configured as Edge will disable itself upon reception of a BPDU. The port will enter the error-disabled state, and will be removed from the active topology.

Port Error Recovery: Controls whether a port in the error-disabled state automatically will be enabled after a certain time. If recovery is not enabled, ports have to be disabled and re-enabled for normal STP operation. The condition is also cleared by a system reboot.

Port Error Recovery Timeout: The time to pass before a port in the error-disabled state can be enabled. Valid values are between 30 and 86400 seconds (24 hours).

3-4.2 MSTI

F0-00

Mapping

MSTI Mapping is when you implement a Spanning Tree protocol on the switch that the bridge instance. The CIST is not available for explicit mapping because it will receive the VLANs not explicitly mapped. Due to this reason, you need to set the list of VLANs mapped to the MSTI. The VLANs must be separated with comma and/or space. A VLAN can only be mapped to one MSTI. An unused MSTI should be left empty (e.g. not having any VLANs mapped to it).

This section allows the user to inspect and change the current STP MSTI bridge instance priority configuration.

Web Interface

To configure the Spanning Tree MSTI Mapping parameters in the web interface:

1. Click Configuration, Spanning Tree, MSTI Mapping.

2. Specifies the configuration identification parameters in the field. Specifies

the VLANs Mapped blank field.

3. Click “Save” to save the setting.

4. If you want to cancel the setting, click the reset button to revert back to

previously saved values.

Figure 3-4.2: The MSTI Configuration

Parameter Description

Configuration Identification

Configuration Name: Configuration Name is the name identifying the VLAN to MSTI

mapping. Bridges must share the name and revision (see below), and the VLAN-toMSTI mapping configuration in order to share spanning trees for MSTI's (Intraregion). The name is at most 32 characters.

Configuration Revision: The revision of the MSTI configuration named above. This must be an integer between 0 and 65535.

MSTI Mapping

MSTI: The bridge instance. The CIST is not available for explicit mapping, as it will

receive the VLANs not explicitly mapped.

VLANs Mapped: The list of VLANs mapped to the MSTI. The VLANs must be separated with comma and/or space. A VLAN can only be mapped to one MSTI. An unused MSTI should just be left empty (e.g. not having any VLANs).

3-4.3 MSTI Priorities

When you implement an Spanning Tree protocol on the switch that the bridge instance. The CIST is the default instance and is always active. For controls the bridge priority. Lower numeric values have better priority. The bridge priority plus the MSTI instance number, concatenated with the 6-byte MAC address of the switch forms a Bridge Identifier.

The section allows the user to inspect and change the current STP MSTI bridge instance priority configurations.

Web Interface

To configure the Spanning Tree MSTI Priorities parameters in the web interface:

1. Click Configuration, Spanning Tree, MSTI Priorities.

2. Scroll the Priority maximum is 240. Default is 128.

3. Click “Save” to save the setting.

4. If you want to cancel the setting, click the reset button to revert back to

previously saved values.

Parameter Description

Figure 3-4.3: The MSTI Configuration

MSTI: The bridge instance. The CIST is the default instance. It is always active.

Priority: Controls the bridge priority. Lower numeric values have better priority. The

bridge priority plus the MSTI instance number, concatenated with the 6-byte MAC address of the switch forms a Bridge Identifier.

3-4.4 CIST Ports

When you implement a Spanning Tree protocol on the switch that the bridge instance, you need to configure the CIST Ports. The section allows the user to inspect and change the current STP CIST port configurations.

Web Interface

To configure the Spanning Tree CIST Ports parameters in the web interface:

1. Click Configuration, Spanning Tree, CIST Ports.

2. Scroll and evoke to set all parameters of CIST Aggregated Port

Configuration.

3. Evoke to enable or disable the STP, then scroll and evoke to set all

parameters of the CIST normal Port configuration.

4. Click “Save” to save the setting.

5. If you want to cancel the setting, click the reset button to revert back to

previously saved values.

Parameter Description

Figure 3-4.4: The STP CIST Port Configuration

Port: The switch port number of the logical STP port.

STP Enabled: Controls whether STP is enabled on this switch port.

Path Cost: Controls the path cost incurred by the port. The “Auto” setting will set the

path cost as appropriate by the physical link speed, using the 802.1D recommended values. Using the “Specific” setting, a user-defined value can be entered. The path cost is used when establishing the active topology of the network. Lower path cost ports are chosen as forwarding ports in favor of higher path cost ports. Valid values are in the range 1 to 200000000.

Priority: Controls the port priority. This can be used to control priority of ports having identical port cost (see above).

AdminEdge: Controls whether the operEdge flag should start as set or cleared (the initial operEdge state when a port is initialized).

AutoEdge: Controls whether the bridge should enable automatic edge detection on the bridge port. This allows operEdge to be derived from whether BPDU's are received on the port or not.

Restricted Role: If enabled, it causes the port not to be selected as Root Port for the CIST or any MSTI, even if it has the best spanning tree priority vector. Such port will be selected as an Alternate Port after the Root Port has been selected. If set, it can cause lack of spanning tree connectivity. It can be set by a network administrator to prevent bridges external to a core region of the network influence the spanning tree active topology because those bridges are not under the full control of the administrator. This feature is also known as Root Guard.

Restricted TCN: If enabled, it causes the port not to propagate received topology change notifications and topology changes to other ports. If set, it can cause temporary loss of connectivity after changes in a spanning tree's active topology as a result of persistently incorrect learned station location information. It is set by a network administrator to prevent bridges external to a core region of the network, causing address flushing in that region because those bridges are not under the full control of the administrator or the physical link state of the attached LANs transits frequently.

BPDU Guard: If enabled, it causes the port to disable itself upon receiving valid BPDU's. Contrary to the similar bridge setting, the port Edge status does not effect this setting.

A port, entering error-disabled state due to this setting, is also subject to the bridge Port Error Recovery setting.

Point to Point: Controls whether the port connects to a point-to-point LAN rather than to a shared medium. This can be automatically determined, or forced either true or false. Transition to the forwarding state is faster for point-to-point LANs than for shared media.

3-4.5 MSTI Ports

The section allows the user to inspect and change the current STP MSTI port configurations.

An MSTI port is a virtual port, which is instantiated separately for each active CIST (physical) port for each MSTI instance configured on and applicable to the port. The MSTI instance must be selected before displaying actual MSTI port configuration options. It contains MSTI port settings for physical and aggregated ports. The aggregation settings are stack global.

Web Interface

To configure the Spanning Tree MSTI Port Configuration parameters in the web interface:

1. Click Configuration, Spanning Tree, MSTI Ports.

2. Scroll to select the MST1 or other MSTI Port.

3. Click Get to set the detail parameters of the MSTI Ports.

4. Scroll to set all parameters of the MSTI Port configuration.

5. Click “Save” to save the setting.

6. If you want to cancel the setting, click the reset button to revert back to

previously saved values.

Figure 3-4.5: The MSTI Port Configuration

Parameter Description

Port: The switch port number of the corresponding STP CIST (and MSTI) port.

Path Cost: Controls the path cost incurred by the port. The auto setting will set the

path cost as appropriate by the physical link speed, using the 802.1D recommended values. Using the “Specific setting”, a user-defined value can be entered. The path cost is used when establishing the active topology of the network. Lower path cost ports are chosen as forwarding ports in favor of higher path cost ports. Valid values are in the range 1 to 200000000.

Priority: Controls the port priority. This can be used to control priority of ports having identical port cost (see above).

Buttons:

 Apply – Click “Apply” to save changes.

 Reset- Click “Reset” to undo any changes made locally and revert to

previously saved values.

3-4.6 Bridge Status

After the MSTI Port configuration is completed, the switch can now display the Bridge Status. The section provides a status overview of all STP bridge instances. The displayed table contains a row for each STP bridge instance, where the column displays the following information:

Web Interface

To display the STP Bridges status in the web interface:

1. Click Configuration, Spanning Tree, and Bridges status.

2. If you want to auto-refresh the information, then you need to evoke the

“Auto-Refresh”.

3. Click “Refresh” to refresh the STP Bridges.

Parameter Description

Figure 3-4.6: The STP Bridges status

MSTI: The Bridge Instance. This is also a link to the STP Detailed Bridge Status.

Bridge ID: The Bridge ID of this Bridge instance.

Root ID: The Bridge ID of the currently elected root bridge.

Root Port: The switch port currently assigned the root port role.

Root Cost: Root Path Cost. For the Root Bridge it is zero. For all other bridges, it is

the sum of the Port Path Costs on the least cost path to the Root Bridge.

Topology Flag: The current state of the Topology Change Flag of this Bridge instance.

Topology Change Last: The time since last Topology Change occurred.

3-4.7 Port Status

After the STP configuration is completed, the switch can now display the STP Port Status. The section provides the STP CIST port status for physical ports of the currently selected switch.

Web Interface

To display the STP Port status in the web interface:

1. Click Configuration, Spanning Tree, Port Status.

2. If you want to auto-refresh the information, then you need to evoke the

“Auto-Refresh”.

3. Click “Refresh” to refresh the STP Bridges.

Figure 3-4.7: The STP Port status

Parameter Description

Port: The switch port number of the logical STP port.

CIST Role: The current STP port role of the CIST port. The port role can be one of the

following values: Alternate Port Backup, Port Root, Port Designated, or Port Disabled.

CIST State: The current STP port state of the CIST port. The port state can be one of the following values: Blocking, Learning, Forwarding.

Uptime: The time since the bridge port was last initialized.

3-4.8 Port Statistics

After the STP configuration is completed, the switch can now display the STP Statistics. The section provides the STP Statistics detail counters of bridge ports in the currently selected switch.

Web Interface

Parameter Description

To display the STP Port status in the web interface:

1. Click Configuration, Spanning Tree, Port Statistics.

2. If you want to auto-refresh the information, then you need to evoke the

“Auto-Refresh”.

3. Click “Refresh” to refresh the STP Bridges.

Figure 3-4.8: The STP Statistics

Port: The switch port number of the logical STP port.

MSTP: The number of MSTP Configuration BPDU's received/transmitted on the port.

RSTP: The number of RSTP Configuration BPDU's received/transmitted on the port.

STP: The number of legacy STP Configuration BPDU's received/transmitted on the

port.

TCN: The number of (legacy) Topology Change Notification BPDU's received/transmitted on the port.

Discarded Unknown: The number of unknown Spanning Tree BPDU's received (and discarded) on the port.

Discarded Illegal: The number of illegal Spanning Tree BPDU's received (and discarded) on the port.

3-5 IGMP Snooping

The function is used to establish the multicast groups to forward the multicast packet to the member ports. It also avoid wasting bandwidth while IP multicast packets are running over the network. This happens because a switch that does not support IGMP or IGMP Snooping cannot tell the multicast packet from the broadcast packet, so it can only treat them all as the broadcast packet. Without IGMP Snooping, the multicast packet forwarding function is plain and nothing is different from broadcast packet.

3-5.1 Basic Configuration

A switch supported IGMP Snooping with the functions of query, report and leave. It is a type of packet exchanged between IP Multicast Router/Switch and IP Multicast Host. It can update the information of the Multicast table when a member (port) joins or leaves an IP Multicast Destination Address. Once a switch receives an IP multicast packet, it will forward the packet to the members who joined in a specified IP multicast group before.

The packets will be discarded by the IGMP Snooping if the user transmits multicast packets to the multicast group that had not been built up in advance. IGMP mode enables the switch to issue IGMP function that you enable IGMP proxy or snooping on the switch, which connects to a router closer to the root of the tree. This interface is the upstream interface. The router on the upstream interface should be running IGMP.

The section describes how to set the basic IGMP snooping on the switch, which connects to a router closer to the root of the tree. This interface is the upstream interface. The router on the upstream interface should be running IGMP.

Web Interface

To configure the IGMP Snooping parameters in the web interface:

1. Click Configuration, IGMP Snooping, Basic Configuration.

2. Evoke to select enable or disable which Global configuration.

3. Evoke which port wants to become a Router Port or enable/disable the Fast

Leave function.

4. Scroll to set the “Throttling” parameter.

5. Click “Save” to save the setting.

6. If you want to cancel the setting, click the reset button to revert back to

previously saved values.

Parameter Description

Figure 3-5.1: The IGMP Snooping Configuration.

Snooping Enabled: Enables the Global IGMP Snooping.

Unregistered IPMC Flooding enabled: Enables unregistered IPMC traffic flooding.

IGMP SSM Range: SSM (Source-Specific Multicast) Range allows the SSM-aware

hosts and routers to run the SSM service model for the groups in the address range. Format: (IP address/ sub mask).

Proxy Enabled: Enables IGMP Proxy. This feature can be used to avoid forwarding unnecessary join and leave messages to the router side.

Router Port: Specifies which ports act as router ports. A router port is a port on the Ethernet switch that leads towards the Layer 3 multicast device or IGMP querier.

If an aggregation member port is selected as a router port, the whole aggregation will act as a router port.

Fast Leave: Enables the fast leave on the port.

Throttling: Enables to limit the number of multicast groups to which a switch port

can belong.

Buttons:

 Apply – Click “Apply” to save changes.  Reset- Click “Reset” to undo any changes made locally and revert to

previously saved values.

3-5.2 VLAN Configuration

The section describes the VLAN configuration setting process integrated with IGMP Snooping function. Each setting page shows up to 99 entries from the VLAN table. The default is 20 and can be selected through the "entries per page" input field. During the initial visit, the web page will show the first 20 entries from the beginning of the VLAN Table. The first displayed will be the one with the lowest VLAN ID found in the VLAN Table. The "VLAN" input fields allow the user to select the starting point in the VLAN Table. Clicking the button will update the displayed table, starting from that or the next closest VLAN Table match.

Web Interface

Parameter Descriptions

To configure the IGMP Snooping VLAN Configuration in the web interface:

1. Click Configuration, IGMP Snooping, and VLAN Configuration.

2. Evoke to select enable or disable Snooping, IGMP Querier. Specify the

parameters in the blank field.

3. Click the refresh to update the data or click << or >> to display previous

entry or next entry.

4. Click “Save” to save the setting.

5. If you want to cancel the setting, click the reset button to revert back to

previously saved values.

Figure 3-5.2: The IGMP Snooping VLAN Configuration.

VLAN ID: This displays the VLAN ID of the entry.

Snooping Enabled: Enables the per-VLAN IGMP Snooping. Only up to 32 VLANs can

be selected.

IGMP Querier: A router sends IGMP Query messages onto a particular link. This Router is called the Querier. Enables the IGMP Querier in the VLAN.

Compatibility: Compatibility is maintained by hosts and routers taking appropriate actions, depending on the versions of IGMP operating on hosts and routers within a network. The allowed selection is IGMP-Auto, Forced IGMPv1, Forced IGMPv2, and Forced IGMPv3. The default compatibility value is IGMP-Auto.

Rv: Robustness Variable. The Robustness Variable allows tuning for the expected packet loss on a network. The allowed range is 1 to 255. The default robustness variable value is 2.

QI: Query Interval. The Query Interval is the interval between General Queries sent by the Querier. The allowed range is 1 to 31744 seconds. The default query interval is 125 seconds.

QRI: Query Response Interval. The Max Response Time used to calculate the Max Resp Code inserted into the periodic General Queries. The allowed range is 0 to 31744 in tenths of seconds. The default query response interval is 100 in tenths of seconds (10 seconds).

LLQI (LMQI for IGMP): Last Member Query Interval. The Last Member Query Time is the time value represented by the Last Member Query Interval, multiplied by the Last Member Query Count. The allowed range is 0 to 31744 in tenths of seconds. The default last member query interval is 10 in tenths of seconds (1 second).

URI: Unsolicited Report Interval. The Unsolicited Report Interval is the time between repetitions of a host's initial report of membership in a group. The allowed range is 0 to 31744 seconds. The default unsolicited report interval is 1 second.

Buttons:

 Apply – Click to apply changes.  Reset- Click “Reset” to undo any changes made locally and revert to

previously saved values.

Upper right icon (Refresh, |<<, >>): You can click the icons to refresh the displayed table starting from the "VLAN" input fields. Or click “|<<” to update the table, starting from the first entry in the VLAN table (e.g. the entry with the lowest VLAN ID). Click “>>” to update the table, starting with the entry after the last entry currently displayed.

3-5.3 Port Group Filtering

The section describes how to set the IGMP Port Group Filtering. With the IGMP filtering feature, an user can exert this type of control. In some network Application environments, as like the metropolitan or multiple-dwelling unit (MDU) installations, an user might want to control the multicast groups to which a user on a switch port can belong. It allows the user to control the distribution of multicast services, such as IP/TV, based on some type of subscription or service plan.

With this feature, you can filter multicast joins on a per-port basis by configuring IP multicast profiles and associating them with individual switch ports. An IGMP profile can contain one or more multicast groups. It can specify whether access to the group is permitted or denied. If an IGMP profile denies access to a multicast group on a switch port, the IGMP join report requesting the stream of IP multicast traffic is dropped and the port is not allowed to receive IP multicast traffic from that group. If the filtering action permits access to the multicast group, the IGMP report from the port is forwarded for normal processing.

IGMP filtering controls only IGMP membership join reports and has no relationship to the function that directs the forwarding of IP multicast traffic.

Web Interface

To configure the IGMP Snooping Port Group Configuration in the web interface:

1. Click Configuration, IGMP Snooping, Port Group Filtering.

2. Click Add new Filtering Group.

3. Scroll the Port to enable the Port Group Filtering. Specify the Filtering

Groups in the blank field.

4. Click “Save” to save the setting.

5. If you want to cancel the setting, click the reset button to revert back to

previously saved values.

Figure 3-5.3: The IGMP Snooping Port Group Filtering Configuration

Parameter Descriptions

Delete: Check to delete the entry. It will be deleted during the next save.

Port: To evoke the port enable the IGMP Snooping Port Group Filtering function.

Filtering Groups: The IP Multicast Group that will be filtered.

Buttons:

 Apply – Click “Apply” to save changes.  Reset- Click “Reset” to undo any changes made locally and revert to

previously saved values.

3-5.4 Status

After the IGMP Snooping configuration is completed, the switch can display the IGMP Snooping Status. The section provides the IGMP Snooping detail status.

Web Interface

To display the IGMP Snooping status in the web interface:

1. Click Configuration, IGMP Snooping, Status.

2. If you want to auto-refresh the information, then you need to evoke the

“Auto-Refresh”.

3. Click “Refresh” to refresh the IGMP Snooping Status.

4. Click “ Clear“ to clear the IGMP Snooping Status.

Parameter Descriptions

Figure 3-5.4: The IGMP Snooping Status.

VLAN ID: The VLAN ID of the entry.

Querier Version: Working Querier Version currently.

Host Version: Current Working Host Version.

Querier Status: Shows the Querier status is "ACTIVE" or "IDLE".

Queries Transmitted: The number of Transmitted Queries.

Queries Received: The number of Received Queries.

V1 Reports Received: The number of Received V1 Reports.

V2 Reports Received: The number of Received V2 Reports.

V3 Reports Received: The number of Received V3 Reports.

V2 Leaves Received: The number of Received V2 Leaves.

Port: Switch port number.

Status: Indicates whether specific port is a router port or not.

Auto-refresh: To evoke the auto-refresh icon then the device will refresh the log

automatically.

Upper right icon (Refresh, clear): Click “Refresh” to refresh the status or clear them manually.

3-5.5 Group Information

After the IGMP Snooping function setting is completed, the switch can display the IGMP Snooping Group Information. Entries in the IGMP Group Table are shown on this page. The IGMP Group Table is sorted first by VLAN ID and then by group. The switch will use the last entry of the currently displayed table as a basis for the next lookup. When the end is reached, the text "No more entries" appears. Use the button to start over.

Parameter Description

Web Interface

To display the IGMP Snooping Group Information in the web interface:

1. Click Configuration, IGMP Snooping, Group Information.

2. If you want to auto-refresh the information, then you need to evoke the

“Auto-Refresh”.

3. Click “Refresh” to refresh a entry of the IGMP Snooping Groups

Information.

4. Click “<< or >>” to move to previous or next entry.

Figure 3-5.5: The IGMP Snooping Groups Information.

Navigating the IGMP Group Table

The "Start from VLAN" and "Group" input fields allow the user to select the starting point in the IGMP Group Table. The switch will use the last entry of the currently displayed table as a basis for the next lookup. When the end is reached, the text "No More Entries" appears.

IGMP Group Table Columns

VLAN ID: VLAN ID of the group.

Groups: Group address of the group displayed.

Port Members: Ports under this group.

Auto-refresh: To evoke the auto-refresh icon then the device will refresh the log

automatically.

Upper right icon (Refresh, <<, >>): Click “Refresh” to refresh the IGMP Group Status manually. Click “<<” or “>>” to move to the next or previous page.

3-5.6 IPV4 SSM Information

Source Specific Multicast (SSM) is a datagram delivery model that best supports oneto-many applications, also known as broadcast applications. SSM is a core network technology of IP multicast targeted for audio and video broadcast application environments.

For the SSM delivery mode, an IP multicast receiver host must use IGMP Version 3 (IGMPv3) to subscribe to channel (S, G). By subscribing to this channel, the receiver host indicates that it wants to receive IP multicast traffic sent by source host S to group G. The network will deliver IP multicast packets from source host S to group G to all hosts in the network that have subscribed to the channel (S, G).

SSM does not require group address allocation within the network, only within each source host. Different applications running on the same source host must use different SSM groups. Different applications running on different source hosts can arbitrarily reuse SSM group addresses without causing any excess traffic on the network.

Addresses in the range 232.0.0.0/8 (232.0.0.0 to 232.255.255.255) are reserved for SSM by IANA. In the switch, you can configure SSM for arbitrary IP multicast addresses too.

Web Interface

To display the IGMPv3 IPv4 SSM Information in the web interface:

1. Click Configuration, IGMP Snooping, IPv4 SSM Information.

2. If you want to auto-refresh the information, then you need to evoke the

“Auto-Refresh”.

3. Click “Refresh” to refresh a entry of the IGMPv3 IPv4 SSM Information.

4. Click “<< or >>” to move to previous or next entry.

Figure 3-5.6: The IGMPv3 IPv4 SSM Information.

Parameter Description

Navigating the IGMPv3 Information Table

Each page shows up to 99 entries from the IGMPv3 SSM (Source Specific Multicast) Information Table. The default is 20. This can be selected through the "entries per page" input field. During the initial visit, the web page will show the first 20 entries from the beginning of the IGMPv3 Information Table.

The "Start from VLAN", and "Group" input fields allow the user to select the starting point in the IGMPv3 Information Table. Clicking the button will update the displayed table, starting from that or the closest next IGMPv3 Information Table match. In addition, the two input fields will - upon a button click - assume the value of the first displayed entry to allow continuous refresh with the same start address.

The switch will use the last entry of the currently displayed table as a basis for the next lookup. When the end is reached, the text "No More Entries" appears. Use the button to start over.

IGMPv3 Information Table Columns

VLAN ID: VLAN ID of the group.

Group: Group address of the group displayed.

Port: Switch port number.

Mode: Indicates the filtering mode maintained per (VLAN ID, port number, Group

Address) basis. It can be either Include or Exclude.

Source Address: IP Address of the source. Currently, the system limits the total number of IP source addresses for filtering to be 128.

Type: Indicates the Type. It can be either Allow or Deny.

Auto-refresh: To evoke the auto-refresh icon, then the device will refresh the log

automatically.

Upper right icon (Refresh, <<, >>): Click “Refresh” to refresh the IGMP Group Status manually. Click “<<” or “>>” to move to the next or previous page.

3-6 MLD Snooping

A network node that acts as a source of IPv6 multicast traffic is only an indirect participant in MLD snooping. It provides multicast traffic and MLD doesn’t interact with it. Please note that in an application, like desktop conferencing, a network node may act as both a source and an MLD host. However, MLD interacts with that node only in its role as an MLD host.

A source node creates multicast traffic by sending packets to a multicast address. In IPv6, addresses with the first eight bits set (e.g. “FF” as the first two characters of the address) are multicast addresses, and any node that listens to such an address will receive the traffic sent to that address. Application software running on the source and destination systems cooperates to determine what multicast address to use. This is a function of the application software, not of MLD.

When MLD snooping is enabled on a VLAN, the switch acts to minimize unnecessary multicast traffic. If the switch receives multicast traffic destined for a given multicast address, it forwards that traffic to ports on the VLAN that have MLD hosts for that address. It drops traffic for ports on the VLAN that have no MLD hosts.

3-6.1 Basic Configuration

The section helps you configure the MLD Snooping basic configuration and the parameters.

Web Interface

To configure the MLD Snooping Configuration in the web interface:

1. Click Configuration, MLD Snooping, Basic Configuration.

2. Evoke to enable or disable the Global configuration parameters. Evoke the

port to join Router Port and Fast Leave.

3. Scroll to select the Throttling mode with unlimited or 1 to 10.

4. Click “Save” to save the setting.

5. If you want to cancel the setting, click the reset button to revert back to

previously saved values.

Scroll the MLD Snooping type with Proxy, Snooping…etc.

Figure 3-6.1: The MLD Snooping Basic Configuration

Parameter Description

Snooping Enabled: Enables the Global MLD Snooping.

Unregistered IPMC Flooding enabled: Enables unregistered IPMCv6 traffic flooding.

Please note that disabling unregistered IPMCv6 traffic flooding may lead to failure of Neighbor Discovery.

MLD SSM Range: SSM (Source-Specific Multicast) Range allows the SSM-aware hosts and routers to run the SSM service model for the groups in the address (using IPv6 Address) range.

Proxy Enabled: Enables MLD Proxy. This feature can be used to avoid forwarding unnecessary join and leave messages to the router side.

Port: The Port index what you enable or disable the MLD Snooping function.

Router Port: Specifies which ports act as router ports. A router port is a port on the

Ethernet switch that leads towards the Layer 3 multicast device or MLD querier. If an aggregation member port is selected as a router port, the whole aggregation will act as a router port.

Fast Leave: To evoke to enable the fast leave on the port.

Throttling: Enables to limit the number of multicast groups to which a switch port can belong.

Buttons:

 Apply – Click “Apply” to save changes.  Reset- Click “Reset” to undo any changes made locally and revert to

previously saved values.

3-6.2 VLAN Configuration

Parameter Description

When MLD snooping is enabled on a VLAN, the switch minimizes unnecessary multicast traffic. If the switch receives multicast traffic destined for a given multicast address, it forwards that traffic to ports on the VLAN that have MLD hosts for that address. It drops traffic for ports on the VLAN that have no MLD hosts.

The switch will use the last entry of the currently displayed entry as a basis for the next lookup. When the end is reached, the text "No More Entries" appears. Use the button to start over.

Web Interface

To configure the MLD Snooping VLAN Configuration in the web interface:

1. Click Configuration, MLD Snooping, VLAN Configuration.

2. Specify the VLAN ID with entries per page.

3. Click “Refresh” to refresh a entry of the MLD Snooping VLAN Configuration

Information.

4. Click “<< or >>” to move to previous or next entry.

Figure 3-6.2: The MLD Snooping VLAN Configuration.

VLAN ID: The VLAN ID of the entry.

Snooping Enabled: Enables the per-VLAN MLD Snooping. Only up to 32 VLANs can

be selected.

MLD Querier: A router sends MLD Query messages onto a particular link. This Router is called the Querier. It enables the MLD Querier in the VLAN.

Compatibility: Compatibility is maintained by hosts and routers taking appropriate actions, depending on the versions of MLD operating on hosts and routers within a network. The allowed selection is MLD-Auto, Forced MLDv1, and Forced MLDv2. The default compatibility value is MLD-Auto.

Rv: Robustness Variable. The Robustness Variable allows tuning for the expected packet loss on a network. The allowed range is 1 to 255. The default robustness variable value is 2.

QI: Query Interval. The Query Interval is the interval between General Queries sent by the Querier. The allowed range is 1 to 31744 seconds. The default query interval is 125 seconds.

QRI: Query Response Interval. The Maximum Response Delay used to calculate the Maximum Response Code inserted into the periodic General Queries. The allowed range is 0 to 31744 in tenths of seconds. The default query response interval is 100 in tenths of seconds (10 seconds).

LLQI (LMQI for IGMP): Last Listener Query Interval. The Last Listener Query Interval is the Maximum Response Delay used to calculate the Maximum Response Code inserted into Multicast Address Specific Queries. It is sent in response to Version 1 Multicast Listener Done messages. It is also the Maximum Response Delay used to calculate the Maximum Response Code inserted into Multicast Address and Source Specific Query messages. The allowed range is 0 to 31744 in tenths of seconds. The default last listener query interval is 10 in tenths of seconds (1 second).

URI: Unsolicited Report Interval. The Unsolicited Report Interval is the time between repetitions of a node's initial report of interest in a multicast address. The allowed range is 0 to 31744 seconds. The default unsolicited report interval is 1 second.

Upper right icon (Refresh, <<, >>): Click “Refresh” to refresh the IGMP Group Status manually. Click “<<” or “>>” to move to the next or previous page.

Buttons:

 Apply – Click to apply changes.  Reset- Click “Reset” to undo any changes made locally and revert to

previously saved values.

3-6.3 Port Group Filtering

Parameter Description

The section describes how to set up the Port Group Filtering in the MLD Snooping function. On the UI, you could add new filtering group and safety policy.

Web Interface

To configure the MLD Snooping Port Group Configuration in the web interface:

1. Click Configuration, MLD Snooping, Port Group Filtering Configuration.

2. Click the Add new Filtering Group.

3. Specify the Filtering Groups with entries per page.

4. Click “Save” to save the setting.

5. If you want to cancel the setting, click the reset button to revert back to

previously saved values.

Figure 3-6.3: The MLD Snooping Port Group Filtering Configuration

Delete: Check to delete the entry. It will be deleted during the next save.

Port: The logical port for the settings. You can evoke to enable the port to join

filtering Group

Filtering Groups: The IP Multicast Group that will be filtered.

Buttons:

 Apply – Click “Apply” to save changes.  Reset- Click “Reset” to undo any changes made locally and revert to

previously saved values.

3-6.4 Status

The section describes how to display the MLD Snooping Status and detail information after completing the MLD Snooping. It will help you find the detail information of MLD Snooping status.

Web Interface

To display the MLD Snooping Status in the web interface:

1. Click Configuration, MLD Snooping, Status.

2. If you want to auto-refresh the information, then you need to evoke the

“Auto-Refresh”.

3. Click “Refresh” to refresh a entry of the MLD Snooping Status Information.

4. Click “ Clear“ to clear the MLD Snooping Status.

Figure 3-6.4: The MLD Snooping Status

Parameter Description

VLAN ID: The VLAN ID of the entry.

Querier Version: Working Querier Version currently.

Host Version: Current working Host Version.

Querier Status: Shows the Querier status is "ACTIVE" or "IDLE".

Queries Transmitted: The number of Transmitted Queries.

Queries Received: The number of Received Queries.

V1 Reports Received: The number of Received V1 Reports.

V2 Reports Received: The number of Received V2 Reports.

V1 Leaves Received: The number of Received V1 Leaves.

Port: Switch port number.

Status: Indicates whether specific port is a router port or not.

Auto-refresh: To evoke the auto-refresh icon then the device will refresh the log

automatically.

Upper right icon (Refresh, <<, >>): Click “Refresh” to refresh the IGMP Group Status manually. Click “<<” or “>>” to move to the next or previous page.

3-6.5 Group Information

The section describes how to set up the MLD Snooping Groups Information. The "Start from VLAN" and "Group" input fields allow the user to select the starting point in the MLD Group Table.

Each page shows up to 99 entries from the MLD Group table. The default is 20 and can be selected through the "Entries Per Page" input field. During the initial visit, the web page will show the first 20 entries from the beginning of the MLD Group Table.

Web Interface

To display the MLD Snooping Group information in the web interface:

Parameter Description

1. Click Configuration, MLD Snooping, Group Information.

2. If you want to auto-refresh the information, then you need to evoke the

“Auto-Refresh”.

3. Click “Refresh” to refresh a entry of the MLD Snooping Group Information.

4. Click “ Clear“ to clear the MLD Snooping Groups information.

Figure 3-6.5: The MLD Snooping Groups Information

Navigating the MLD Group Table

Each page shows up to 99 entries from the MLD Group table. The default is 20 and can be selected through the “Entries Per Page “ input field. During the initial visit, the web page will show the first 20 entries from the beginning of the MLD Group Table. The "Start from VLAN" and "Group" input fields allow the user to select the starting point in the MLD Group Table. Clicking the button will update the displayed table, starting from that or the next closest.

MLD Group Table Match. In addition, the two input fields will - upon a button click assume the value of the first displayed entry to allow continuous refresh with the same start address. The switch will use the last entry of the currently displayed as a basis for the next lookup. When the end is reached, the text “No More Entries” appears. Use the button to start over.

MLD Snooping Information Table Columns

VLAN ID: VLAN ID of the group.

Groups: Group address of the group displayed.

Port Members: Ports under this group.

Auto-refresh: To evoke the auto-refresh icon then the device will refresh the log

automatically.

Upper right icon (Refresh, <<, >>): Click “Refresh” to refresh the IGMP Group Status

manually. Click “<<” or “>>” to move to the next or previous page.

3-6.6 IPV6 SSM Information

The section configures the Entries in the MLDv2 Information Table. The MLDv2 Information Table is sorted first by VLAN ID, by Group, and then by Port No. Different source addresses belong to the same group are treated as single entry.

Each page shows up to 64 entries from the MLDv2 SSM (Source Specific Multicast) Information Table. The default is 20 and can be selected through the "Entries Per Page" input field. During the initial visit, the web page will show the first 20 entries from the beginning of the MLDv2 Information Table. The "Start from VLAN" and "Group" input fields allow the user to select the starting point in the MLDv2 Information Table.

Parameter Description

Web Interface

To display the MLDv2 IPv6 SSM Information in the web interface:

1. Click Configuration, MLD Snooping, IPv6 SSM Information.

2. If you want to auto-refresh the information, then you need to evoke the

“Auto-Refresh”.

3. Click “Refresh” to refresh a entry of the MLDv2 IPv6 SSM Information.

4. Click “<< or >>” to move to previous or next entry.

Figure 3-6.6: The IPv6 SSM Information

MLDv2 Information Table Columns

VLAN ID: VLAN ID of the group.

Group: Group address of the group displayed.

Port: Switch port number.

Mode: Indicates the filtering mode maintained per (VLAN ID, port number, Group

Address) basis. It can be either Include or Exclude.

Source Address: IP Address of the source. Currently, the system limits the total number of IP source addresses for filtering to be 128.

Type: Indicates the Type. It can be either Allow or Deny.

3-7 MVR

The MVR feature enables multicast traffic forwarding on the Multicast VLAN. In a multicast television application, a PC or a television with a set-top box, can receive the multicast stream. Multiple set-top boxes or PCs can be connected to one subscriber port, which is a switch port configured as an MVR receiver port. When a subscriber selects a channel, the set-top box or PC sends an IGMP join message to Switch A to join the appropriate multicast. Uplink ports that send and receive multicast data to and from the multicast VLAN are called MVR source ports.

3-7.1 Configuration

The section describes how the user could set the MVR basic conifguration and some parameters on the switch.

Web Interface

To configure the MLD Snooping Port Group Configuration in the web interface:

1. Click Configuration, MVR, Configuration.

2. Scroll the MVR mode to enable or disable and scroll to set all parameters.

3. Click “Save” to save the setting.

4. If you want to cancel the setting, click the reset button to revert back to

previously saved values.

Figure 3-7.1: The MVR Configuration

Parameter Description

MVR Mode: Enables/Disables the Global MVR.

VLAN ID: Specifies the Multicast VLAN ID.

Mode: Enables MVR on the port.

Type: Specifies the MVR port type on the port.

Immediate Leave: Enables the fast leave on the port.

Buttons:

 Apply – Click “Apply” to save changes.  Reset- Click “Reset” to undo any changes made locally and revert to

previously saved values.

3-7.2 Port Group Allow

The section describes how to allow the IP Multicast Group to receive the multicast stream. Entries in the MVR port group allow table is shown on this page. The MVR Port Group Table is sorted first by port and then by IP address.

Web Interface

To display the MVR Groups Information in the web interface:

1. Click Configuration, MVR, Port Groups Allow.

2. If you want to add the new allowed group, you need to click the “Add New

Allow Group” button.

3. Evoke the “Port No.”, “Start Address” and “End Address”.

4. To click the “Apply” to apply the configuration of MVR Port Group Allow

Table.

Parameter Description

Figure 3-7.2: The MVR Groups Information

Delete: Check to delete the entry. It will be deleted during the next apply.

Port: The logical port for the settings.

Allow Groups: The IP Multicast Group that will be allowed.

Adding New Allow Group: Click “Add New Allow Group” to add a new entry to the

Group Allow table. Specifies the Port and Allow Group of the new entry. Click "Apply".

Buttons:

 Apply – Click “Apply” to save changes.  Reset- Click “Reset” to undo any changes made locally and revert to

previously saved values.

3-7.3 Groups Information

The section describes how to display the MVR Groups detail information on the switch. Entries in the MVR Group Table are shown on this page. The MVR Group Table is sorted first by VLAN ID and then by group.

Web Interface

Parameter Description

To display the MVR Groups Information in the web interface:

1. Click Configuration, MVR, Groups Information.

2. If you want to auto-refresh the information, then you need to evoke the

“Auto-Refresh”.

3. To Click the “Refresh” to refresh a entry of the MVR Groups Information.

4. Click “<< or >>” to move to previous or next entry.

Figure 3-7.2: The MVR Groups Information

MVR Group Table Columns

VLAN ID: VLAN ID of the group.

Groups: Group ID of the group displayed.

Port Members: Ports under this group.

Auto-refresh: To evoke the auto-refresh icon then the device will refresh the

information automatically.

Upper right icon (Refresh, <<, >>): Click “Refresh” to refresh the MVR Group information manually. Click “<<” or “>>” to move to the next or previous page.

Vigitron MAXIINET VI3010 Operational Manual

Specifications and Main Features

Frequently Asked Questions

User Manual