Vigitron MaxiiNet VI3026 Operational Manual

Download

MaxiiNet

VI3026

Operational Manual

20 GE PoE-Plus + 4 GE PoE-Plus Combo SFP + 2 GE SFP L2 26 Port Managed Switch

Release 2.44

their respective companies.

NOTE: Emphasizes important information or calls your

attention to related features or instructions.

WARNING:

Alerts you to a potential hazard that could

cause personal injury.

CAUTION:

Alerts you to a potential hazard that could

cause loss of data, or damage the system or equipment.

Purpose

Audience

Conventions

Warranty

Disclaimer

About This Manual

Copyright © 2013 Vigitron, Inc. All rights reserved. The products and programs described in this User’s Manual are licensed products of Vigitron Inc. This User’s Manual contains proprietary information protected by copyright, and this User’s Manual and all accompanying hardware, software, and documentation are copyrighted. No parts of this User’s Manual may be copied, photocopied, reproduced, translated or reduced to any electronic medium or machine-readable from any means by electronic or mechanical. This includes photocopying, recording, or information storage and retrieval systems, for any purpose other than the purchaser’s personal use, and without the prior express written permission of Vigitron, Inc.

This Manual gives specific information on how to operate and use the management functions of the Vi3026.

The Manual is intended for use by network administrators who are responsible for

operating and maintaining network equipment. Consequently, it assumes a basic working knowledge of general switch functions, the Internet Protocol (IP), and

Simple Network Management Protocol (SNMP).

The following conventions are used throughout this guide to show information:

See the Customer Support/Warranty booklet included with the product. A copy of the specific warranty terms applicable to your manufacture products and replacement parts can be obtained from Vigitron, Inc.

Vigitron, Inc. does not warrant that the hardware will work properly in all environments and applications, and marks no warranty and representation, either implied or expressed, with respect to the quality, performance, merchantability, or fitness for a particular purpose. Vigitron disclaims liability for any inaccuracies or

omissions that may have occurred. Information in this User’s Manual is subject to

change without notice and does not represent a commitment on the part of Vigitron. Vigitron assumes no responsibility for any inaccuracies that may be contained in this User’s Manual. Vigitron makes no commitment to update or keep

current the information in this User’s Manual, and reserves the rights to make improvements to this User’s Manual and /or to the products described in this

FCC Warning

FCC Caution

CE Mark Warning

User’s Manual, at any time without notice.

This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to Part 15 of the CE/FCC remove Rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment. This equipment generates, uses, and can radiate radio frequency energy and, if not installed and used in accordance with the instruction manual, may cause harmful interference to radio communications.

To assure continued compliance (example: use only shielded interface cables when connection to computer or peripheral devices). Any changes or modifications not expressly approved by the party responsible for compliance could void the user’s authority to operate the equipment. This device complies with Part 15 of the FCC Rules. Operation is subject to the following two conditions: (1) This device may not cause harmful interference, and (2) this device must accept any interference received, including interference that may cause undesired operation.

This is a Class A device. In a domestic environment, this product may cause radio interference, in which case the user may be required to take adequate measures.

Contents

About This Manual ................................................................................................................................................ 2

Introduction ......................................................................................................................................................... 10

Overview ................................................................................................................................................................. 10

Chapter 1: Operation of Web-Based Management............................................................................................... 11

Connecting Network Devices .................................................................................................................................. 14

Twisted-Pair Devices ............................................................................................................................................... 14

Cabling Guidelines .................................................................................................................................................. 14

Chapter 2: System Configuration .......................................................................................................................... 16

2-1 System Information ........................................................................................................................................... 16

2-1.1 Information ............................................................................................................................................... 16

2-1.2 Configuration ............................................................................................................................................ 18

2-2 Time .................................................................................................................................................................. 19

2-2.1 Manual ...................................................................................................................................................... 19

2-2.2 NTP ............................................................................................................................................................ 21

2-3 Account ............................................................................................................................................................. 22

2-3.1 Users ......................................................................................................................................................... 22

2-3.2 Privilege Level ........................................................................................................................................... 24

2-4 IP ....................................................................................................................................................................... 26

2-4.1 IPv4 ........................................................................................................................................................... 26

2-4.2 IPv6 ........................................................................................................................................................... 28

2-5 Syslog ................................................................................................................................................................ 29

2-5.1 Configuration ............................................................................................................................................ 29

2-5.2 Log ............................................................................................................................................................. 30

2-5.3 Detailed ..................................................................................................................................................... 31

2-6 SNMP ................................................................................................................................................................ 32

2-6.1 System ....................................................................................................................................................... 32

2-6.2 Configuration ............................................................................................................................................ 33

2-6.3 Communities ............................................................................................................................................. 34

2-6.4 Users ......................................................................................................................................................... 35

2-6.5 Groups ....................................................................................................................................................... 37

2-6.6 Views ......................................................................................................................................................... 38

2-6.7 Access ........................................................................................................................................................ 39

2-6.8 Trap ........................................................................................................................................................... 41

Chapter 3: Configuration ...................................................................................................................................... 43

3-1 Port ................................................................................................................................................................... 43

3-1.1 Configuration ............................................................................................................................................ 43

3-1.2 Port Description ........................................................................................................................................ 46

3-1.3 Traffic Overview ........................................................................................................................................ 47

3-1.4 Detailed Statistics ...................................................................................................................................... 48

3-1.5 QoS Statistics ............................................................................................................................................. 50

3-1.6 SFP Information ......................................................................................................................................... 51

3-1.7 EEE ............................................................................................................................................................ 53

3-2 ACL .................................................................................................................................................................... 55

3-2.1 Ports .......................................................................................................................................................... 55

3-2.2 Rate Limiters ............................................................................................................................................. 57

3-2.3 Access Control List .................................................................................................................................... 58

3-2.4 ACL Status ................................................................................................................................................. 67

3-3 Aggregation ....................................................................................................................................................... 69

3-3.1 Static Trunk ............................................................................................................................................... 69

3-3.2 LACP .......................................................................................................................................................... 71

3-4 Spanning Tree ................................................................................................................................................... 76

3-4.1 Bridge Settings .......................................................................................................................................... 76

2-4.2 MSTI Mapping ........................................................................................................................................... 79

3-4.3 MSTI Priorities ........................................................................................................................................... 81

3-4.4 CIST Ports .................................................................................................................................................. 82

3-4.5 MSTI Ports ................................................................................................................................................. 84

3-4.6 Bridge Status ............................................................................................................................................. 86

3-4.7 Port Status ................................................................................................................................................. 87

3-4.8 Port Statistics ............................................................................................................................................ 88

3-5 IGMP Snooping ................................................................................................................................................. 89

3-5.1 Basic Configuration ................................................................................................................................... 89

3-5.2 VLAN Configuration ................................................................................................................................... 91

3-5.3 Port Group Filtering .................................................................................................................................. 93

3-5.4 Status ........................................................................................................................................................ 95

3-5.5 Group Information .................................................................................................................................... 97

3-5.6 IPv4 SSM Information ............................................................................................................................... 98

3-6 MLD Snooping ................................................................................................................................................. 100

3-6.1 Basic Configuration ................................................................................................................................. 100

3-6.2 VLAN Configuration ................................................................................................................................. 103

3-6.3 Port Group Filtering ................................................................................................................................ 105

3-6.4 Status ...................................................................................................................................................... 106

3-6.5 Group Information .................................................................................................................................. 108

3-6.6 IPv6 SSM Information ............................................................................................................................. 109

3-7 MVR ................................................................................................................................................................ 110

3-7.1 Configuration .......................................................................................................................................... 110

3-7.2 Port Group Allow ..................................................................................................................................... 112

3-7.3 Groups Information ................................................................................................................................. 113

3-7.4 Statistics .................................................................................................................................................. 114

3-8 LLDP ................................................................................................................................................................ 115

3-8.1 LLDP Configuration .................................................................................................................................. 115

3-8.2 LLDP Neighbours ..................................................................................................................................... 118

3-8.3 LLDP-MED Configuration ......................................................................................................................... 120

3-8.4 LLPD-MED Neighbours ............................................................................................................................ 125

3-8.5 EEE .......................................................................................................................................................... 128

3-8.6 Port Statistics .......................................................................................................................................... 130

3-9 PoE .................................................................................................................................................................. 132

3-9.1 Configuration .......................................................................................................................................... 132

3-9.2 Status ...................................................................................................................................................... 134

3-9.3 Power Delay ............................................................................................................................................ 136

3-9.4 Auto Checking ......................................................................................................................................... 138

3-9.5 Scheduling ............................................................................................................................................... 140

3-10 Filtering Data Base ........................................................................................................................................ 141

3-10.1 Configuration ........................................................................................................................................ 141

3-10.2 Dynamic MAC Table .............................................................................................................................. 144

3-11 VLAN ............................................................................................................................................................. 145

3-11.1 VLAN Membership ................................................................................................................................ 145

3-11.2 Ports ...................................................................................................................................................... 147

3-11.3 Switch Status ......................................................................................................................................... 149

3-11.4 Port Status ............................................................................................................................................. 151

3-11.5 Private VLANs ........................................................................................................................................ 153

3-11.6 MAC-Based VLAN .................................................................................................................................. 155

3-11.7 Protocol-Based VLAN ............................................................................................................................ 158

3-12 Voice VLAN .................................................................................................................................................... 162

3-12.1 Configuration ........................................................................................................................................ 162

3-12.2 OUI ........................................................................................................................................................ 164

3-13 GARP ............................................................................................................................................................. 165

3-13.1 Configuration ........................................................................................................................................ 165

3-13.2 Statistics ................................................................................................................................................ 167

3-14 GVRP ............................................................................................................................................................. 168

3-14.1 Configuration ........................................................................................................................................ 168

3-14.2 Statistics ................................................................................................................................................ 170

3-15 QoS ............................................................................................................................................................... 171

3-15.1 Port Classification .................................................................................................................................. 171

3-15.2 Port Policing .......................................................................................................................................... 174

3-15.3 Port Scheduler ....................................................................................................................................... 176

3-15.4 Port Shaping .......................................................................................................................................... 179

3-15.5 Port Tag Remarking ............................................................................................................................... 182

3-15.6 Port DSCP .............................................................................................................................................. 184

3-15.7 DSCP-Based QoS ................................................................................................................................... 186

3-15.8 DSCP Translation ................................................................................................................................... 188

3-15.9 DSCP Classification ................................................................................................................................ 190

3-15.10 QoS Control List Configuration ............................................................................................................ 191

3-15.11 QCL Status ........................................................................................................................................... 195

3-15.12 Storm Control ...................................................................................................................................... 197

3-16 S-Flow Agent ................................................................................................................................................. 198

3-16.1 Collector ................................................................................................................................................ 198

3-16.2 Sampler ................................................................................................................................................. 200

3-17 Loop Protection ............................................................................................................................................ 202

3-17.1 Configuration ........................................................................................................................................ 202

3-17.2 Status .................................................................................................................................................... 204

3-18 Single IP......................................................................................................................................................... 205

3-18.1 Configuration ........................................................................................................................................ 205

3-18.2 Information ........................................................................................................................................... 206

3-19 Easy Port ....................................................................................................................................................... 207

3-20 Mirroring ....................................................................................................................................................... 210

3-21 Trap Event Severity ....................................................................................................................................... 212

3-22 UPnP ............................................................................................................................................................. 213

Chapter 4: Security ............................................................................................................................................ 214

4-1 IP Source Guard .............................................................................................................................................. 214

4-1.1 Configuration .......................................................................................................................................... 214

4-1.2 Static Table .............................................................................................................................................. 216

4-1.3 Dynamic Table ......................................................................................................................................... 217

4-2 ARP Inspection ................................................................................................................................................ 218

4-2.1 Configuration .......................................................................................................................................... 218

4-2.2 Static Table .............................................................................................................................................. 220

4-2.3 Dynamic Table ......................................................................................................................................... 221

4-3 DHCP Snooping ............................................................................................................................................... 222

4-3.1 Configuration .......................................................................................................................................... 222

4-3.2 Statistics .................................................................................................................................................. 224

4-4 DHCP Relay ..................................................................................................................................................... 226

4-4.1 Configuration .......................................................................................................................................... 226

4-4.2 Statistics .................................................................................................................................................. 228

4-5 NAS ................................................................................................................................................................. 230

4-5.1 Configuration .......................................................................................................................................... 230

4-5.2 Switch Status ........................................................................................................................................... 238

4-5.3 Port Status ............................................................................................................................................... 240

4-6 AAA ................................................................................................................................................................. 241

4-6.1 Configuration .......................................................................................................................................... 241

4-6.2 Radius Overview ..................................................................................................................................... 245

4-6.3 Radius Details .......................................................................................................................................... 247

4-7 Port Security ................................................................................................................................................... 251

4-7.1 Limit Control ........................................................................................................................................... 251

4-7.2 Switch Status ........................................................................................................................................... 254

4-7.3 Port Status ............................................................................................................................................... 256

4-8 Access Management ....................................................................................................................................... 257

4-8.1 Configuration .......................................................................................................................................... 257

4-8.2 Statistics .................................................................................................................................................. 259

4-9 SSH .................................................................................................................................................................. 260

4-10 HTTPs ............................................................................................................................................................ 261

4-11 Auth Method ................................................................................................................................................ 262

Chapter 5: Maintenance .................................................................................................................................... 263

5-1 Restart Device ................................................................................................................................................. 263

5-2 Firmware ......................................................................................................................................................... 264

5-2.1 Firmware Upgrade .................................................................................................................................. 264

5-2.2 Firmware Selection ................................................................................................................................. 265

5-3 Save/Restore ................................................................................................................................................... 267

5-3.1 Factory Defaults ...................................................................................................................................... 267

5-3.2 Save Start ................................................................................................................................................ 268

5-3.3 Save User................................................................................................................................................. 269

5-3.4 Restore User ............................................................................................................................................ 270

5-4 Export/Import ................................................................................................................................................. 271

5-4.1 Export Config ........................................................................................................................................... 271

5-4.2 Import Config .......................................................................................................................................... 272

5-5 Diagnostics ...................................................................................................................................................... 273

5-5.1 Ping ......................................................................................................................................................... 273

5-5.2 Ping6 ....................................................................................................................................................... 274

Glossary of Web-based Management ................................................................................................................ 275

A ............................................................................................................................................................................ 275

C ............................................................................................................................................................................ 276

D ............................................................................................................................................................................ 276

E ............................................................................................................................................................................ 278

F ............................................................................................................................................................................ 278

H ............................................................................................................................................................................ 279

I ............................................................................................................................................................................. 279

L............................................................................................................................................................................. 280

M ........................................................................................................................................................................... 281

N ............................................................................................................................................................................ 282

O ............................................................................................................................................................................ 282

P ............................................................................................................................................................................ 283

Q............................................................................................................................................................................ 284

R ............................................................................................................................................................................ 284

S ............................................................................................................................................................................ 285

T ............................................................................................................................................................................ 286

U ............................................................................................................................................................................ 286

V ............................................................................................................................................................................ 287

Contact Information........................................................................................................................................... 288

Introduction

Overview

This user’s manual will not only tell you how to install and connect your network system, but how to configure and monitor the Vi3026 through the web by (RJ-45) serial interface and Ethernet ports step-by-step. Many detailed explanations of hardware and software functions are shown, as well as, the examples of the operation for web-based interface.

The Vi3026 series, the next generation web managed switches from Vigitron, is a portfolio of affordable managed switches that provides a reliable infrastructure for your business network. These switches deliver intelligent features to improve the availability of your critical business applications, protect your sensitive information, and optimize your network bandwidth to deliver information and applications effectively. It provides the ideal combination of affordability and capabilities for entry level networking, including small business or enterprise application to he lp you create a more efficient and better-connected workforce.

Vi3026 web managed switches provide 26-ports in a single device. The specifications are highlighted as follows:

 L2+ features provide better manageability, security, QoS, and

performance.

 High port count design with all Gigabit Ethernet ports.  Support guest VLAN, voice VLAN, Port based, tag-based and Protocol

based VLANs.

 Support 802.3az energy efficient Ethernet standard.  Support 8K MAC table.  Support IPv6/ IPv4 dual stack.  Support s-Flow.  Support easy-configuration-port for easy implementation of the IP

phone, IP camera or wireless environment.

Overview of This User’s Manual

 Chapter 1 “Operation of Web-based Management”  Chapter 2 “System Configuration”  Chapter 3 “Configuration”  Chapter 4 “Security”  Chapter 5 “Maintenance”

IP Address

192.168.1.1

Subnet Mask

255.255.255.0

Default Gateway

192.168.1.254

Username

admin

Password

NOTE: When you log into the Switch WEB to manage, you must first

type the username of the admin. Password is blank. So after you type in the username, please press enter. Management page will enter WEB. When you log into Vi3026 series switch Web UI management, you can use both ipv4 ipv6 login to manage. To optimize the display effect, we recommend you use Microsoft IE 6.0 above, Netscape V7.1 above, or FireFox V1.00 above, and have the resolution 1024x768. The switch supported neutral web browser interface. If the UI is not working with FireFox browser, it might result from PC security system setting.

Initial Configuration

Chapter 1: Operation of Web-Based Management

This chapter instructs you on how to configure and manage the Vi3026 through the web user interface. With this facility, you can easily access and monitor through any one port of the switch and all the status of the switch, including MIBs status, each port activity, Spanning tree status, port aggregation status, multicast traffic, VLAN and priority status, even illegal access record and so on.

The default values of the Vi3026 are listed in the table below:

After the Vi3026 has been finished configuration, you can browse the interface. For instance, if you type http://192.168.1.1 in the address row in a browser, it will show the following screen and will ask you to input in the username and password in order to login and access authentication.

The default username is “admin” and password is empty. For first time use, please enter the default username and password, and then click the <Login> button. The login process now is completed. In this login menu, you have to input the complete username and password respectively, the Vi3026 will not give you a shortcut to username automatically. This looks inconvenient, but it’s the safer option.

The Vi3026 supports a simple user management function to allow only one administrator to configure the system at any one time. The use of simultaneous administrators could result in unpredictable operation. Additional users, even with administrator’s identity, should only monitor the system. Those who have no administrator’s identity can only monitor the system. It is suggested, regardless of security level, that viewing is limited to one client at a time. Also, after accessing the Vi3026 and viewing is complete, log out.

Connections involving the input of routers and use of clients accessing servers, the internet, or other networks can result in a brief disconnection of client's access to the switch GUI. It is recommended that after programming or monitoring, clients log out and that users without administrator access be allowed only a minimal access period.

The server 192.168.20.15 at Vi3026 requires a username

and password.

NOTE: The Vi3026 function enables DHCP, so if you do not have

DHCP server to provide IP addresses to the switch, the switch’s

default IP is 192.168.1.1.

NOTE: If you need to configure the function or parameter, you can

refer to the detail in the User Guide. You could also access the switch and click on "help" under the web GUI. The switch will pop up the simple help content to teach you how to set the parameters.

Figure 1: The Login Page

00-40-D8-55-35-57

Vi3026

Vi3026 Web Help Function:

Connecting

CAUTION:

Do not plug a phone jack connector into an RJ-45 port. This will damage the

switch. Use only twisted-pair cables with RJ-45 connectors that conform to FCC standards.

Network Devices

Twisted-Pair Devices

Cabling Guidelines

The switch is designed to be connected to 10, 100, or 1,000 Mbps network cards in PCs and servers, as well as, to other switches and hubs. It may also be connected to remote devices using optional SFP transceivers.

Each device requires an unshielded twisted-pair (UTP) cable with RJ-45 connectors at both ends. Use Category 5, 5e, or 6 cables for 1000BASE-T connections, Category 5 or better for 100BASE-TX connections.

The RJ-45 ports on the switch support automatic MDI/MDI-X pin-out configuration. You can use standard straight-through twisted-pair cables to connect to any other network devices (E.g. PCs, servers, switches, routers, or hubs).

See Appendix B for further information on cabling.

Connecting to PCs, Servers, Hubs and Switches

Step 1: Attach one end of a twisted-pair cable segment to the device’s RJ-45

connector.

Figure 16: Making Twisted-Pair Connections

Switch

Equipment Rack (side view)

Patch Panel

Patch-Down Block

Wall

NOTE: Avoid using flow control on a port connected to a hub

unless it is actually required to solve a problem. Otherwise back pressure jamming signals may degrade overall performance for the segment attached to the hub.

Step 2: If the device is a network card and the switch is in the wiring closet, attach the other end of the cable segment to a modular wall outlet that is connected to the wiring closet (eee the section “Network Wiring Connections”). Otherwise, attach the other end to an available port on the switch.

Make sure each twisted pair cable does not exceed 100 meters (328 ft.) in length.

Step 3: As each connection is made, the Link LED (on the switch) corresponding to each port will light green (1,000 Mbps) or amber (100 Mbps) to indicate that the connection is valid.

Network Wiring Connection

Today, the punch-down block is an integral part of many of the newer equipment racks. It is actually part of the patch panel. Instructions for making connections in the wiring closet with this type of equipment are as follows: Step 1: Attach one end of a patch cable to an available port on the switch, and the other end to the patch panel.

Step 2: If not already in place, attach one end of a cable segment to the back of the patch panel where the punch-down block is located, and the other end to a modular wall outlet.

Step 3: Label the cables to simplify future troubleshooting.

Figure 17: Network Wiring Connections

00-40-D8-55-35-57

2-1 System Information

2-1.1 Information

Chapter 2: System Configuration

This chapter describes the entire basic configuration tasks, which includes the System Information and management of the Switch (E.g. Time, Account, IP, Syslog and SNMP).

After you login, the switch shows you the system information. This page is default and tells you the basic information of the system, including “Model Name”, “System Description”, “Contact”, “Device Name”, “System Up Time”, “BIOS Version”, “Firmware Version”, “Hardware-Mechanical Version”, “Serial Number”, “Host IP Address”, “Host Mac Address”, “Device Port”, “RAM Size” , “Flash Size” and. With this information, you will know the software version used, MAC address, serial number, how many ports are good and so on. This will be helpful during any malfunctions.

The switch system information is provided here.

Web Interface

To configure System Information in the web interface:

1. Click SYSTEM, System, and Information.

2. Specify the contact information for the system administrator, as well as, the

name and location of the switch. Also, indicate the local time zone by configuring the appropriate offset.

3. Click Refresh.

Figure 2-1.1: System Information (For example, Vi3026. Other models are the same)

Parameter Description

Model name: The model name of this device.

System description: This tells what this device is. Here, it is “20-Port

10/100/1000Base-T + 4 TP/ (100/1G) SFP Combo + 2 (100/1G) SFP PoE+ L2 Plus Managed Switch”. 26 total ports.

Location: It is the location where this switch is put. User-defined.

Contact: For easy management and maintenance of the device, you may write down

the contact person and their phone number in case you need any help or support. You can configure this parameter through the device’s user interface or SNMP.

Device name: The name of the switch. User-defined.

System Date: This how the system time of the switch. Its format is day of the week,

month, date, hours: minutes: seconds, year.

System up time: The time accumulated since this switch is powered up. Its format is day, hour, minute, second.

BIOS version: The version of the BIOS in this switch.

Firmware version: The firmware version in this switch.

Hardware-Mechanical version: The version of Hardware and Mechanical. The figure

before the hyphen is the version of electronic hardware. The one after the hyphen is the version of mechanical.

Serial number: The serial number is assigned by the Manufacture.

Host IP address: This is IP address of the switch.

Subnet Mask: This displays the IP subnet mask assigned to the device.

Gateway IP Address: This displays the default gateway IP address assigned to the

device

Host MAC address: This is the Ethernet MAC address of the management agent in this switch.

Console Baudrate: This displays the baudrate of RJ-45(COM) port.

RAM size: The size of the RAM in this switch.

Flash size: The size of the flash memory in this switch.

CPU Load: This displays the load measured as averaged over the last 100ms, 1sec

and 10 seconds intervals.

Bridge FDB size: This displays the bridge FDB size information.

Transmit Queue: This displays the device’s transmit hardware priority queue

information.

Maximum Frame size: This displays the device’s maximum frame size information.

Note: In all cases, after entering and applying settings, select either Save Start (see

page 268) if you want to save the configuration each time the switch is started or Save User (see page 269) if the you want the setting saved only for the Admin level log in.

2-1.2 Configuration

You can identify the system by configuring the contact information, name, and location of the switch.

Web Interface

To configure System Information in the web interface:

1. Click System, System Information, then Configuration.

2. Write System Contact, System Name, System Location information on this

page.

3. Click “Apply”.

Figure 2-1.2: System Information Configuration

Parameter Description

System Contact: The textual identification of the contact person for this managed

node, together with information on how to contact this person. The allowed string length is 0 to 255, and the allowed content is the ASCII characters from 32 to 126.

System Name: An administratively assigned name for this managed node. By convention, this is the node's fully-qualified domain name. A domain name is a text string drawn from the alphabet (A-Za-z), digits (0-9), minus sign (-). No space characters are permitted as part of a name. The first character must be an alpha character. And the first or last character cannot be a minus sign. The allowed string length is 0 to 255. System Location: The physical location of this node (E.g. telephone closet, 3rd floor).

The allowed string length is 0 to 255, and the allowed content is the ASCII characters from 32 to 126.

2-2 Time

2-2.1 Manual

This page configures the switch’s time. Time configure includes Time Configuration and NTP Configuration.

The switch provides manual and automatic ways to set the system time via NTP. Manual setting is simple and you just input “Year”, “Month”, “Day”, “Hour”, “Minute” and “Second” within the valid value range indicated in each item.

Web Interface

To configure Time in the web interface:

1. Click Time, then Manual.

2. Specify the time parameter in manual parameters.

3. Click “Apply”.

Figure 2-2.1: The Time Configuration

NOTE: The under “from” and “to” was

displayed what you set on the “From” and “To” field information.

NOTE: The local time column and Day light

saving column will not actively change by the date time format selection.

Parameter Description

Clock Source: To view the Vi3026’s clock source, select “Use local Settings” or “Use

NTP Server”.

Date and Time Format: The drop bar is for choose appropriate time format. Three selections are provided as below.

 YYYY-MM-DD HH:MM:SS  MM-DD-YYYY HH:MM:SS  DD-MM-YYYY HH:MM:SS  24 hours: The time is always represented in the 24-hour system  12 hours: The time is always represented in the 12-hour system

Local Time: Shows the current time of the system. The local time can only be set or filled out in 24 hours format.

Time Zone Offset: Provides the time zone offset relative to UTC/GMT. The benchmark based on GMT. The valid range is from -720 to 720 minutes

Daylight Saving: Daylight saving is adopted in some countries. If set, it will adjust the time lag or in advance in unit of hours, according to the starting date and the ending date. For example, if you set the day light saving to be 1 hour. When the time passes over the starting time, the system time will be increased one hour after one minute at the time since it passed over. And when the time passes over the ending time, the system time will be decreased one hour after one minute at the time since it passed over.

The switch supports valid configurable day light saving time is –5 ~ +5 step one hour. The zero for this parameter means it need not have to adjust current time, equivalent to in-act daylight saving. You don’t have to set the starting/ending date. If you set daylight saving to be non-zero, you have to set the starting/ending date. Otherwise, the daylight saving function will not be activated.

Time Set Offset: Provides the daylight saving time set offset. The offset is given in minutes east of GMT. The valid range is from 1 to 1440 minutes. The default setting is 60 minutes. When using NTP, make sure the correct offset to GMT is used for your time zone.

Daylight Savings Type: Provides the Daylight savings type selection. You can select “By Dates” or “Recurring”, two types for Daylight saving.

From: To configure when Daylight saving start date and time, the format is “YYYYMM-DD HH:MM”. The column “HH: MM” can only be set up in 24 hour format.

To : To configure when Daylight saving end date and time, the format is “YYYY-MMDD HH:MM”. The column “HH: MM” can only be set up in 24 hour format.

2-2.2 NTP

NTP is Network Time Protocol and is used to sync the network time based Greenwich Mean Time (GMT). If you use the NTP mode and select a built-in NTP time server or manually specify a user-defined NTP server as well as Time Zone, the switch will sync the time in a short after pressing <Apply> button. Though, it synchronizes the time automatically, NTP does not update the time periodically without user’s processing.

Time Zone is an offset time off GMT. You have to select the time zone first and then perform time sync via NTP because the switch will combine this time zone offset and updated NTP time to come out the local time. Otherwise, you will not able to get the correct time. The switch supports configurable time zone from –12 to +13 step 1 hour.

Default Time zone: +8 Hrs.

Web Interface

To configure Time in the web interface:

1. Click SYSTEM, then NTP.

2. Specify the Time parameter in manual parameters.

3. Click “Apply”.

Parameter Description

Figure 2-2.2: The NTP configuration

Server 1 to 5: Provides the NTP IPv4 or IPv6 address of this switch. IPv6 address is in 128-bit records represented as eight fields of up to four hexadecimal digits with a colon separating each field (:). For example, 'fe80::215:c5ff:fe03:4dc7'. The symbol '::' is a special syntax that can be used as a shorthand way of representing multiple 16-bit groups of contiguous zeros; but it can only appear once. It can also represent a legally valid IPv4 address. For example, '::192.1.2.34'.

To confirm your connection to the NTP server, please ping the address you assign.

Buttons: These buttons are displayed on the NTP page -

 Apply – Click “Apply” to save changes.  Reset - Click “Reset” to undo any changes made locally and revert back to

previously saved values.

2-3 Account

2-3.1 Users

In this function, only an administrator can create, modify or delete the username and password. Administrator can modify other guest identities’ password without confirming the password, but it is necessary to modify the administrator-equivalent identity. Guest-equivalent identity can modify his password only. Please note that you must confirm administrator/guest identity in the field of Authorization in advance before configuring the username and password. Only one administrator is allowed to exist and unable to be deleted. In addition, up to 4 guest accounts can be created.

This page provides an overview of the current users. Currently, the only way to login as another user on the web server is to close and reopen the browse.

Web Interface

To configure account in the web interface:

1. Click SYSTEM, Account, then Users.

2. Click “Add New User”.

3. Specify the user name parameter.

4. Click “Apply”.

Figure 2- 3.1: The Users Account Configuration

Parameter Description

User Name: The name identifying the user. This is also a link to add/edit User.

Password: To type the password. The allowed string length is 0 to 255, and the

allowed content is the ASCII characters from 32 to 126.

Password (again): To type the password again. You must type the same password again in the field.

Privilege Level: The privilege level of the user. The allowed range is 1 to 15. If the privilege level value is 15, it can access all groups (e.g. that is granted the fully control of the device). But others value need to refer to each group privilege level. User's privilege should be same or greater than the group privilege level to have the access of that group. By default setting, most groups’ privilege level 5 has the readonly access and privilege level 10 has the read-write access. For system maintenance (software upload, factory defaults, and etc.), the user privilege needs to be level 15. Generally, the privilege level 15 can be used for an administrator account, privilege level 10 for a standard user account and privilege level 5 for a guest account.

2-3.2 Privilege Level

This page provides an overview of the privilege levels. The switch provides user set Account, Aggregation, Diagnostics, EEE, GARP, GVRP, IP, IPMC Snooping, LACP, LLDP, LLDP MED, MAC Table, MRP, MVR, MVRP Maintenance, Mirroring, POE Ports, Private VLANs, QoS, SNMP, Security, Spanning Tree, System Trap Event, VCL, VLANs, and Voice VLAN Privilege Levels from 1 to 15 .

Web Interface

To configure Privilege Level in the web interface:

1. Click SYSTEM, Account, then Privilege Level.

2. Specify the privilege parameter.

3. Click “Apply”.

Figure 2- 3.2: The Privilege Level Configuration

Parameter Description

Group Name: The name identifying the privilege group. In most cases, a privilege level group consists of a single module (e.g. LACP, RSTP or QoS), but a few of them contains more than one. The following description defines these privilege level groups in details:

 System: System Information, Time, Syslog.  Security: IP Source Guard, ARP Inspection, DHCP snooping, DHCP Relay,

NAS, Authentication (AAA), Port Security, System Access Management, ACL, HTTPS, SSH and Auth Method.

 Account: Users and Privilege Level.  Diagnostics: Ping, Ping6 and VeriPHY.  Maintenance: System Reboot, System Restore Default, Configuration Save,

Export/Import Configuration and Firmware upgrade.

Privilege Levels: Every group has an authorization Privilege level for the following sub groups: configuration read-only, configuration/execute read-write, status/statistics read-only, and status/statistics read-write (e.g. for clearing of statistics). User Privilege should be same or greater than the authorization privilege level to have the access to that group.

2-4 IP

2-4.1 IPv4

IP is an acronym for Internet Protocol. It is a protocol used for communicating data across an internet network.

IP is a "best effort" system, which means that no packet of information sent over is assured to reach its destination in the same condition it was sent. Each device connected to a Local Area Network (LAN) or Wide Area Network (WAN) is given an Internet Protocol address, and this IP address is used to identify the device uniquely among all other devices connected to the extended network.

The current version of the Internet Protocol is IPv4, which has 32-bits Internet Protocol addresses, allowing for in excess of four billion unique addresses. This number is reduced drastically by the practice of webmasters taking addresses in large blocks, the bulk of which remain unused. There is a rather substantial movement to adopt a new version of the Internet Protocol, IPv6, which would have 128-bits Internet Protocol addresses. This number can be represented roughly by a three with thirty-nine zeroes after it. However, IPv4 is still the protocol of choice for most of the Internet.

The IPv4 address for the switch could be obtained via DHCP Server for VLAN 1. To manually configure an address, you need to change the switch's default settings to values that are compatible with your network. You may also need to establish a default gateway between the switch and management stations that exist on another network segment.

Configure the switch-managed IP information on this page:

 The “Configured” column is used to view or change the IP configuration.  The “Current” column is used to show the active IP configuration.

Web Interface

To configure an IP address in the web interface:

1. Click System, then IP Configuration.

2. Specify the IPv4 settings, and enable DNS proxy service if required.

3. Click “Apply”.

4. To keep any changes through a power loss, be sure to save the "Start

Configuration" as explained in section 5-3.2.

Figure 2 - 4.1: The IP Configuration

Parameter Description

DHCP Client: Enables the DHCP client by checking this box. If DHCP fails and the

configured IP address is zero, DHCP will retry. If DHCP fails and the configured IP address is non-zero, DHCP will stop and the configured IP settings will be used. The DHCP client will announce the configured System Name as hostname to provide DNS lookup.

IP Address: Provides the IP address of this switch in dotted decimal notation.

IP Mask: Provides the IP mask of this switch dotted decimal notation.

IP Gateway: Provides the IP address of the router in dotted decimal notation.

VLAN ID: Provides the managed VLAN ID. The allowed range is 1 to 4095.

DNS Server: Provides the IP address of the DNS Server in dotted decimal notation.

DNS Proxy: When DNS proxy is enabled, DUT will relay DNS requests to the current

configured DNS server on DUT, and reply as a DNS resolver to the client device on the network.

2-4.2 IPv6

This section describes how to configure the switch-managed IPv6 information. The “Configured” column is used to view or change the IPv6 configuration. The “Current” column is used to show the active IPv6 configuration.

Configure the switch-managed IPv6 information on this page:

 The “Configured” column is used to view or change the IPv6 configuration.  The “Current” column is used to show the active IPv6 configuration.

Web Interface

To configure Management IPv6 of the switch in the web interface:

1. Click System, then IPv6 Configuration.

2. Specify the IPv6 settings, and enable Auto Configuration service if required.

3. Click “Apply”.

4. To keep any changes through a power loss, be sure to save the "Start

Configuration" as explained in section 5-3.2.

Parameter Description

Figure 2- 4.2: The IPv6 Configuration

Auto Configuration: Enables IPv6 auto-configuration by checking this box. If fails, the configured IPv6 address is zero. The router may delay responding to a router solicitation for a few seconds, the total time needed to complete auto-configuration can be significantly longer.

Address: Provides the IPv6 address of this switch. IPv6 address is in 128-bit records represented as eight fields of up to four hexadecimal digits with a colon separating each field (:). For example, 'fe80::215:c5ff:fe03:4dc7'. The symbol '::' is a special syntax that can be used as a shorthand way of representing multiple 16-bit groups of contiguous zeros; but it can only appear once. It can also represent a legally valid IPv4 address. For example, '::192.1.2.34'.

Prefix: Provides the IPv6 Prefix of this switch. The allowed range is 1 to 128. Gateway: Provides the IPv6 gateway address of this switch. IPv6 address is in 128-bit

records represented as eight fields of up to four hexadecimal digits with a colon separating each field (:). For example, 'fe80::215:c5ff:fe03:4dc7'. The symbol '::' is a special syntax that can be used as a shorthand way of representing multiple 16-bit groups of contiguous zeros; but it can only appear once. It can also represent a legally valid IPv4 address. For example, '::192.1.2.34'.

2-5 Syslog

2-5.1 Configuration

The Syslog is a standard for logging program messages. It allows separation of the software that generates messages from the system that stores them and the software that reports and analyzes them. It can be used as a generalized informational, analysis, and debugging messages. It is supported by a wide variety of devices and receivers across multiple platforms.

This section describes how to configure the system log and provide a wide variety of devices and receivers across multiple platforms.

Web Interface

To configure Syslog configuration in the web interface:

1. Click SYSTEM, then Syslog.

2. Specify the syslog parameters include IP Address of Syslog server and Port

number.

3. Evoke “Sylog” to enable it.

4. Click “Apply”.

Parameter Description

Figure 2- 5.1: The System Log Configuration

Server Mode: Indicates the server mode operation. When the mode operation is enabled, the syslog message will send out to syslog server. The syslog protocol is based on UDP communication and received on UDP port 514. The syslog server will not send acknowledgments back sender since UDP is a connectionless protocol and it does not provide acknowledgments. The syslog packet will always send out even if the syslog server does not exist. Possible modes are:

 Enabled: Enables server mode operation.  Disabled: Disables server mode operation.

Server Address 1 and 2: Indicates the IPv4 host address of syslog server 1 and server 2 (For redundancy). If the switch provide DNS feature, it also can be a host name.

Syslog Level: Indicates what kind of message will send to syslog server. Possible modes are:

<0> Emergency: System is unusable. <1> Alert: Action must be taken immediately. <2> Critical: Critical conditions. <3> Error: Error conditions. <4> Warning: Warning conditions. <5> Notice: Normal but significant conditions. <6> Information: Information messages. <7> Debug: Debug-level messages.

2-5.2 Log

This section describes how to display the system log information of the switch.

Web Interface

To display the log configuration in the web interface:

1. Click Syslog, then Log.

2. Display the log information.

Figure 2- 5.2: The System Log configuration

Parameter Description

Auto-refresh: Click “Auto-Refresh” to refresh the log automatically.

ID: ID (>= 1) of the system log entry.

Level: The level of the system log entry. The following level types are supported:

Time: It will display the log record by device time. The time of the system log entry.

Message: It will display the log detail message. The message of the system log entry.

Upper right icon (Refresh, clear...): You can click them to refresh the system log or

clear them manually. Click other buttons to move to the next or previous pag.

2-5.3 Detailed Log

This section describes how to display the detailed log information of the switch.

Web Interface

To display the detailed log configuration in the web interface:

1. Click Syslog, then Detailed Log.

2. Display the log information.

Figure 2-5.3: The Detailed System Log Information

Parameter Description

ID: The ID (>= 1) of the system log entry.

Message: The detailed message of the system log entry.

Upper right icon (Refresh, clear,...): You can click them to refresh the system log or

clear them manually. Click other buttons to move to the next or previous page.

2-6 SNMP

2-6.1 System

Any Network Management System (NMS) running the Simple Network Management Protocol (SNMP) can manage the Managed devices equipped with SNMP agent, provided that the Management Information Base (MIB) is installed correctly on the managed devices. The SNMP is a protocol that is used to govern the transfer of information between SNMP manager and agent and traverses the Object Identity (OID) of the management Information Base (MIB), described in the form of SMI syntax. SNMP agent is running on the switch to response the request issued by SNMP manager.

Basically, it is passive except issuing the trap information. The switch supports a switch to turn on or off the SNMP agent. If you set the field SNMP “Enable”, SNMP agent will be started up. All supported MIB OIDs, including RMON MIB, can be accessed via SNMP manager. If the field SNMP is set “Disable”, SNMP agent will be de-activated, the related Community Name, Trap Host IP Address, Trap, and all MIB counters will be ignored.

This section describes how to configure SNMP System on the switch. This function is used to configure SNMP settings, community name, trap host and public traps, as well as, the throttle of SNMP. A SNMP manager must pass the authentication by identifying both community names, then it can access the MIB information of the target device. Both parties must have the same community name. Once the setting is completed, click <Apply> button so the setting can take effect.

Parameter Description

Web Interface

To display the configure SNMP System in the web interface:

1. Click SNMP, then System.

2. Evoke “SNMP Stat”e to enable or disable the SNMP function.

3. Specify the “Engine ID”.

4. Click “Apply”.

Figure 2- 6.1: The SNMP System Configuration

These parameters are displayed on the SNMP System Configuration page:

SNMP State: The term SNMP here is used for the activation or de-activation of SNMP.

Enable: Enables SNMP state operation. Disable: Disables SNMP state operation.

Engine ID: SNMPv3 engine ID. syntax: 0-9,a-f,A-F, min 5 octet, max 32 octet, fifth

octet can't input 00. If the Engine ID changed, it will clear all original users.

2-6.2 Configuration

Parameter Description

The function is used to configure SNMP communities. To enable a new community statistics, please check the button ▼, and choice <Enable> to configure SNMP function.

Web Interface

To display the configure SNMP Configuration in the web interface:

1. Click SNMP, then Configuration.

2. Evoke “SNMP State” to enable or disable the SNMP function.

3. Click “Apply”.

Figure 2- 6.2: The SNMP Configuration

Get Community: Indicates the community read access string to permit access to SNMP agent. The allowed string length is 1 to 32, and the allowed content is the ASCII characters from 33 to 126.

The field is applicable only when SNMP version is SNMPv1 or SNMPv2c. If SNMP version is SNMPv3, the community string will be associated with SNMPv3 communities table. It provides more flexibility to configure security name than a SNMPv1 or SNMPv2c community string. In addition to community string, a particular range of source addresses can be used to restrict source subnet.

Set Community: Indicates the community writes access string to permit access to SNMP agent. The allowed string length is 1 to 32, and the allowed content is the ASCII characters from 33 to 126.

2-6.3 Communities

The function is used to configure SNMPv3 communities. The Community and UserName are unique. To create a new community account, please check <Add

New Community> button. Enter the account information and then check <Save>.

Max Group Number: 4.

Web Interface

To display the configure SNMP Communities in the web interface:

1. Click SNMP, then Communities.

2. Click “Add New Community”.

3. Specify the SNMP communities parameters.

4. Click “Apply”.

5. If you want to modify or clear the setting, then click “Reset”.

Parameter Description

Figure 2- 6.2: The SNMPv1/v2 Communities Security Configuration

Delete: Check to delete the entry. It will be deleted during the next save.

Community: Indicates that the community access string permit access to SNMPv3

agent. The allowed string length is 1 to 32, and the allowed content is ASCII characters from 33 to 126. The community string will be treated as security name and map a SNMPv1 or SNMPv2c community string.

UserName: The UserName access string to permit access to SNMPv3 agent. The length of “UserName” string is restricted to 1-32.

Source IP: Indicates the SNMP access source address. A particular range of source addresses can be used to restrict source subnet when combined with source mask.

Source Mask: Indicates the SNMP access source address mask.

2-6.4 Users

The function is used to configure SNMPv3 user. The Entry index key is UserName. To create a new UserName account, please check <Add New User> button. Enter the user information and then check <Save>. Max Group Number: 10.

Web Interface

To display the configure SNMP Users in the web interface:

1. Click SNMP, then Users.

2. Specify the privilege parameter.

3. Click “Apply”.

Figure 2-6.3: The SNMP Users Configuration

Parameter Description

Delete: Check to delete the entry. It will be deleted during the next save.

User Name: A string identifying the user name that this entry should belong to. The

allowed string length is 1 to 32, and the allowed content is ASCII characters from 33 to 126.

Security Level: Indicates the security model that this entry should belong to. Possible security models are:

 NoAuth, NoPriv: No authentication and no privacy.  Auth, NoPriv: Authentication and no privacy.  Auth, Priv: Authentication and privacy.  The value of security level cannot be modified if entry already exists. That

means it must first be ensured that the value is set correctly.

Authentication Protocol: Indicates the authentication protocol that this entry should belong to. Possible authentication protocols are:

 None: No authentication protocol.  MD5: An optional flag to indicate that this user uses MD5 authentication

protocol.

 SHA: An optional flag to indicate that this user uses SHA authentication

protocol.

The value of security level cannot be modified if entry already exists. That means you must first ensure that the value is set correctly.

Authentication Password: A string identifying the authentication password phrase. For MD5 authentication protocol, the allowed string length is 8 to 32. For SHA authentication protocol, the allowed string length is 8 to 40. The allowed content is ASCII characters from 33 to 126.

Privacy Protocol: Indicates the privacy protocol that this entry should belong to. Possible privacy protocols are:

 None: No privacy protocol.  DES: An optional flag to indicate that this user uses DES authentication

protocol.

Privacy Password: A string of number identifies the privacy password phrase. The allowed string length is 8 to 32, and the allowed content is ASCII characters from 33 to 126.

2-6.5 Groups

The function is used to configure SNMPv3 group. The Entry index keys are Security Model and Security Name. To create a new group account, please check <Add new

group> button. Enter the group information and then check <Save>. Max Group

Number: v1: 2, v2: 2, v3:10.

Web Interface

To display the configure SNMP Groups in the web interface:

1. Click SNMP, then Groups.

2. Specify the Privilege parameter.

3. Click “Apply”.

Figure 2-6.4: The SNMP Groups Configuration

Parameter Description

Delete: Check to delete the entry. It will be deleted during the next save.

Security Model: Indicates the security model that this entry should belong to.

Possible security models are:

 V1: Reserved for SNMPv1.  V2c: Reserved for SNMPv2c.  Usm: User-based Security Model (USM).

Security Name: A string identifying the security name that this entry should belong to. The allowed string length is 1 to 32, and the allowed content is ASCII characters from 33 to 126.

Group Name: A string identifying the group name that this entry should belong to. The allowed string length is 1 to 32, and the allowed content is ASCII characters from 33 to 126.

2-6.6 Views

The function is used to configure SNMPv3 view. The entry index key is OID Subtree and View Name. To create a new view account, please check <Add New View> button, and enter the view information then check <Save>. Max Group Number: 28.

Configure SNMPv3 view table on this page. The entry index keys are View Name and OID Subtree.

Web Interface

1. Click SNMP, then Views.

2. Click “Add New View”.

3. Specify the SNMP view parameters.

4. Click “Apply”.

5. If you want to modify or clear the setting then click “Reset”.

Parameter Description

Figure 2-6.5: The SNMP Views Configuration

Delete: Check to delete the entry. It will be deleted during the next save.

View Name: A string identifying the view name that this entry should belong to. The

allowed string length is 1 to 32, and the allowed content is ASCII characters from 33 to 126.

View Type: Indicates the view type that this entry should belong to. Possible view types are:

 Included: An optional flag to indicate that this view subtree should be

included.

 Excluded: An optional flag to indicate that this view subtree should be

excluded.

In general, if a view entry's view type is 'excluded', there should be another view entry existing with view type as 'included' and its OID subtree should overstep the 'excluded' view entry.

OID Subtree: The OID defining the root of the subtree to add to the named view. The allowed OID length is 1 to 128. The allowed string content is digital number or asterisk (*).

Apply: Click the “Save” icon save the configuration to ROM.

2-6.7 Access

The function is used to configure SNMPv3 accesses. The Entry index key are Group Name, Security Model and Security level. To create a new access account, please check <Add new access> button, and enter the access information then check

<Save>. Max Group Number: 14

Web Interface

To display the configure SNMP Access in the web interface:

1. Click SNMP, then Accesses.

2. Click “Add New Access”.

3. Specify the SNMP access parameters.

4. Click “Apply”.

5. If you want to modify or clear the setting, then click “Reset”.

Parameter Description

Figure 2-6.6: The SNMP Accesses Configuration

Delete: Check to delete the entry. It will be deleted during the next save.

Group Name: A string identifying the group name that this entry should belong to.

The allowed string length is 1 to 32, and the allowed content is ASCII characters from 33 to 126.

Security Model: Indicates the security model that this entry should belong to. Possible security models are:

 Any: Any security model accepted (v1|v2c|usm).  V1: Reserved for SNMPv1.  V2c: Reserved for SNMPv2c.  Usm: User-based Security Model (USM).

Read View Name: The name of the MIB view defining the MIB objects for which this request may request the current values. The allowed string length is 1 to 32, and the allowed content is ASCII characters from 33 to 126.

The name of the MIB view defines the MIB objects for which this request may potentially set new values. The allowed string length is 1 to 32, and the allowed content is ASCII characters from 33 to 126.

Write View Name: The name of the MIB view defining the MIB objects for which this request may potentially set new values. The allowed string length is 1 to 32, and the allowed content is ASCII characters from 33 to 126.

Button:

 Add new access - Click to add a new access entry.  Apply - Click “Apply” to apply changes.

2-6.8 Trap

The function is used to configure SNMP trap. To create a new trap account, please check <No number> button and enter the trap information, then check <Apply>. Max Group Number: 6.

Web Interface

To configure SNMP Trap setting:

1. Click SNMP, then Trap.

2. Display the SNMP Trap Hosts information table.

3. Choose an entry to display and modify the detail parameters, or click

delete button to delete the trap hosts entry.

Figure 2-6.7: The SNMP Trap Host Configuration

Parameter Description

Delete: Click <Delete> to delete the entry.

Trap Version: You may choose v1, v2c, or v3 trap.

Server IP: To assign the SNMP Host IP address.

UDP Port: To assign port number. Default: 162.

Community / Security Name: The length of “Community/Security Name” string is

restricted to 1-32.

Severity Level: Indicates what kind of message will send to security level.

Possible modes are:

 Info: Send information, warnings, and errors.  Warning: Send warnings and errors.  Error: Send errors.

Security Level: There are three kinds of choices:

 NoAuth, NoPriv: No authentication and no privacy.  Auth, NoPriv: Authentication and no privacy.  Auth, Priv: Authentication and privacy.

Authentication Protocol: You can choose MD5 or SHA for authentication.

Authentication Password:

 The length of 'MD5 Authentication Password' is restricted to 8 – 32.  The length of 'SHA Authentication Password' is restricted to 8 – 40.

Privacy Protocol: You can set DES encryption for UserName.

Privacy Password: The length of ' Privacy Password ' is restricted to 8 – 32.

Chapter 3: Configuration

NOTE: The flow control will be enabled only when the PD supports

flow control function.

3-1 Port

3-1.1 Configuration

This chapter describes all of the basic network configuration tasks, which include the Ports, Layer 2 network protocol (e.g. VLANs, QoS, IGMP, ACLs, PoE, etc.) and any setting of the switch.

The section describes how to configure the port detail parameters of the switch. You could use the Port configure to enable or disable the Port of the switch. Monitor the ports content or status in the function.

This chapter describes how to view the current port configuration and how to configure ports to non-default settings, including:

 Linkup/Linkdown  Speed (Current and configured)  Flow Control (Current Rx, Current Tx, and Configured)  Maximum Frame Size  Excessive Collision Mode  Power Control.

Web Interface

To configure a Current Port Configuration in the web interface:

1. Click Configuration, Port, then Configuration

2. Specify the speed configured, flow control, maximum frame size, excessive

collision mode and power control.

3. Click “Apply”.

Parameter

Description

LED Warning of Shared Cu ports Disabled:

Figure 3-1.1: The Port Configuration

Port: This is the logical port number for this row.

Link: The current link state is displayed graphically. Green indicates the link is up and

red that it is down.

Current Link Speed: Provides the current link speed of the port.

Configured Link Speed: Selects any available link speed for the given switch port.

Only speeds supported by the specific port are shown. Possible speeds are:

 Disabled - Disables the switch port operation.  Auto - Cu port auto negotiating speed with the link partner and selects the

highest speed that is compatible with the link partner.

 10Mbps HDX - Forces the cu port in 10Mbps half-duplex mode.  10Mbps FDX - Forces the cu port in 10Mbps full duplex mode.  100Mbps HDX - Forces the cu port in 100Mbps half-duplex mode.  100Mbps FDX - Forces the cu port in 100Mbps full duplex mode.  1Gbps FDX - Forces the cu port in 1Gbps full duplex mode.  SFP_Auto_AMS - Automatically determines the speed of the SFP. Note:

There is no standardized way to do SFP auto detect, so here it is done by reading the SFP rom. Due to the missing standardized way of doing SFP auto detect some SFPs might not be detectable. The port is set in AMS mode with SFP preferred. Cu port is set in Auto mode.

 100-FX - SFP port in 100-FX speed. Cu port disabled.  100-FX_AMS - SFP port in 100-FX speed. Cu port disabled.  1000-X - SFP port in 1000-X speed. Cu port disabled.  1000-X_AMS - Port in AMS mode with SFP preferred. SFP port in 1000-X

speed. Cu port in Auto mode.

Ports 21-24 are shared between the RJ45 connectors and SFP sockets. Whenever the left LED is blinking on any of these ports with no Rj45 cable inserted the RJ45 connector is disabled. To enable the Rj45 connector, using the GUI, navigate to Configuration,Port,Configuration and change the setting under "Speed Configured".

Flow Control (Auto mode will not read Flow Control): When “Auto Speed” is selected on a port. This section indicates the flow control capability that is advertised to the link partner. When a fixed-speed setting is selected, that is what is used. The current Rx column indicates whether pause frames on the port are obeyed, and the current Tx column indicates whether pause frames on the port are transmitted. The Rx and Tx settings are determined by the result of the last “AutoNegotiation”.

Check The “Configured” column to use flow control. This setting is related to the setting for Configured Link Speed.

Maximum Frame Size: Enters the maximum frame size allowed for the switch port, including FCS.

Excessive Collision Mode: Configures port transmit collision behavior.

 Discard: Discards frame after 16 collisions (default).  Restart: Restarts back off algorithm after 16 collisions.

Power Control: The “Usage” column shows the current percentage of the power consumption per port. The “Configured” column allows for changing the power savings mode parameters per port.

 Disabled: All power savings mechanisms disabled.  ActiPHY: Link down power savings enabled.  PerfectReach: Link up power savings enabled.  Enabled: Both link up and link down power savings enabled.

Buttons

 Apply – Click “Apply” to save changes.  Reset- Click “Reset” to undo any changes made locally and revert back to

previously saved values.

Upper right icon (Refresh): You can click them to refresh the port link status manually.

3-1.2 Port Description

The section describes how to configure the port’s alias or any descriptions for the port Identity. It provides user to write down an alphanumeric string, describing the full name and version identification for the system’s hardware type, software version, and networking application.

Web Interface

To configure a Port Description in the web interface:

1. Click Configuration, Port, then Port Description.

2. Specify the detail port alias or description an alphanumeric string,

describing the full name and version identification for the system’s

hardware type, software version, and networking application.

3. Click “Apply”.

Parameter Description

Figure 3-1.2: The Port Configuration

Port: This is the logical port number for this row.

Description: Enter up to 47 characters to be descriptive name for identifies this port.

Buttons:

 Apply – Click “Apply” to save changes.  Reset- Click “Reset” to undo any changes made locally and revert back to

previously saved values.

3-1.3 Traffic Overview

The section describes how to the port statistics information and provides overview of general traffic statistics for all switch ports.

Web Interface

To display the Port Statistics Overview in the web interface:

1. Click Configuration, Port, then Traffic Overview

2. If you want to auto-refresh, select the “Auto-refresh” button.

3. Click “Refresh“ to refresh the port statistics or clear all information when

you click “Clear”.

Parameter Description

Figure 3-1.3: The Port Statistics Overview

Port: The logical port for the settings contained in the same row.

Packets: The number of received and transmitted packets per port.

Bytes: The number of received and transmitted bytes per port.

Errors: The number of frames received in error and the number of incomplete

transmissions per port.

Drops: The number of frames discarded due to ingress or egress congestion.

Filtered: The number of received frames filtered by the forwarding:

 Auto-refresh: Evoke the auto-refresh icon to refresh the information

automatically.

 Upper right icon (Refresh, Clear): You can click them to refresh the port

statistics information manually. Click “Clear” to clean up all port statistics.

3-1.4 Detailed Statistics

The section describes how to provide detailed traffic statistics for a specific switch port. Use the port select box to select which switch port details to display.

The displayed counters are the totals for receive and transmit, the size counters for receive and transmit, and the error counters for receive and transmit.

Web Interface

To display the Per Port detailed Statistics Overview in the web interface:

1. Click Configuration, Port, then Detailed Port Statistics.

2. Scroll the “Port Index” to select which port you want to show the detailed

port statistics overview”.

3. If you want to auto-refresh the information, then select “Auto-refresh”.

4. Click “Refresh” to refresh the port detailed statistics or clear all information

when you click “Clear”.

Parameter Description

Figure 3-1.4: The Port Detail Statistics Overview

Auto-refresh: Evoke the auto-refresh to refresh the port statistics information automatically.

Upper left scroll bar: To scroll which port to display the port statistics with “Port-0”, “Port-1”...

Receive Total and Transmit Total

Rx and Tx Packets: The number of received and transmitted (good and bad) packets.

Rx and Tx Octets: The number of received and transmitted (good and bad) bytes.

Includes FCS, but excludes framing bits.

Rx and Tx Unicast: The number of received and transmitted (good and bad) unicast packets.

Rx and Tx Multicast: The number of received and transmitted (good and bad) multicast packets.

Rx and Tx Broadcast: The number of received and transmitted (good and bad) broadcast packets.

Rx and Tx Pause: A count of the MAC Control frames received or transmitted on this port that have an opcode indicating a PAUSE operation.

Receive and Transmit Size Counters

The number of received and transmitted (good and bad) packets split into categories based on their respective frame sizes.

Receive and Transmit Queue Counters

The number of received and transmitted packets per input and output queue.

Receive Error Counters

Rx Drops: The number of frames dropped due to the lack of receives buffers or

egress congestion.

Rx CRC/Alignment: The number of frames received with CRC or alignment errors.

Rx Undersize: The number of short 1 frames received with valid CRC.

Rx Oversize: The number of long 2 frames received with valid CRC.

Rx Fragments: The number of short 1 frames received with invalid CRC.

Rx Jabber: The number of long 2 frames received with invalid CRC.

Rx Filtered: The number of received frames filtered by the forwarding process.

Short frames are frames that are smaller than 64 bytes.

Long frames are frames that are longer than the configured maximum frame length for this port.

Transmit Error Counters

Tx Drops: The number of frames dropped due to output buffer congestion.

Tx Late/Exc. Coll.: The number of frames dropped due to excessive or late collisions.

Auto-refresh: To evoke the auto-refresh to refresh the queuing counters

automatically.

Upper right icon (Refresh, clear): You can click them to refresh the port detail statistics or clear them manually.

3-1.5 QoS Statistics

The section describes how to the switch could display the QoS detailed queuing counters for a specific switch port for the different queues for all switch ports.

Web Interface

To display the Queuing Counters in the web interface:

1. Click Configuration, Port, then QoS Statistics

2. If you want to auto-refresh the information, then you need to evoke the

“Auto-refresh”.

3. Click “Refresh” to refresh the queuing counters or clear all information

when you click “ Clear”.

Parameter Description

Figure 3-1.5: The Queuing Counters Overview

Port: The logical port for the settings contained in the same row.

Qn: Qn is the QoS queue number per port. Q0 is the lowest priority queue.

Rx/Tx: The number of received and transmitted packets per queue.

Auto-refresh: To evoke the auto-refresh to refresh the Queuing Counters

automatically.

Upper right icon (Refresh, clear): You can click them to refresh the queuing counters or clear them manually.

3-1.6 SFP Information

The section describes how to switch could display the SFP module detail information which you connect it to the switch. The information includes: connector type, fiber type, wavelength, baud rate, vendor OUI and more.

Web Interface

To display the SFP information in the web interface:

1. Click Configuration, Port, then SFP Information.

2. To display the SFP Information.

Figure 3-1.6: The SFP Information Overview

Parameter Description

Connector Type: Displays the connector type (e.g. UTP, SC, ST, LC and so on).

Fiber Type: Displays the fiber mode (e.g. Multi-Mode or Single-Mode).

Tx Central Wavelength: Displays the fiber optical transmitting central wavelength

(e.g. 850nm, 1310nm, 1550nm, and so on).

Baud Rate: Displays the maximum baud rate of the fiber module supported (e.g. 10M, 100M, 1G and so on).

Vendor OUI: Displays the manufacturer's OUI code which is assigned by IEEE.

Vendor Name: Displays the company name of the module manufacturer.

Vendor P/N: Displays the product name of the naming by module manufacturer.

Vendor Revision: Displays the module revision.

Vendor Serial Number: Shows the serial number assigned by the manufacturer.

Date Code: Shows the date this SFP module was made.

Temperature: Shows the current temperature of SFP module.

Vcc: Shows the working DC voltage of SFP module.

Mon1 (Bias) mA: Shows the Bias current of SFP module.

Mon2 (TX PWR): Shows the transmit power of SFP module.

Mon3 (RX PWR): Shows the receiver power of SFP module.

3-1.7 EEE

The section shows the user instructions on how to inspect and configure the current EEE port settings.

EEE is a power saving option that reduces the power usage when there is very low traffic utilization (or no traffic).

EEE works by powering down circuits when there is no traffic. When a port gets data to be transmitted, all circuits are powered up. The time it takes to power up the circuits is named wakeup time. The default wakeup time is 17 us for 1Gbit links and 30 us for other link speeds. EEE devices must agree upon the value of the wakeup time to make sure that both the receiving and transmitting devices have all circuits powered up when traffic is transmitted. The devices can exchange information about the devices wakeup time using the LLDP protocol.

For maximum power saving, the circuit doesn’t start when data are ready to be transmitted. Instead, the circuit is queued until 3000 bytes of data are ready to be transmitted. To avoid a large delay in case that data less than 3000 bytes shall be transmitted, data are always transmitted after 48 us, to give a maximum latency of 48 us + the wakeup time.

If desired, it is possible to minimize the latency for specific frames by mapping the frames to a specific queue (done with QOS), and then mark the queue as an urgent queue. When an urgent queue gets data to be transmitted, the circuits will be powered up at once and the latency will be reduced to the wakeup time.

Web Interface

To configure the EEE Configuration in the web interface:

1. Click Configuration, Port, then EEE.

2. To evoke which port wants to enable the EEE function.

3. Choose EEE Urgent Queues level and the range from 1 to 8. The queue will

postpone the transmissions until 3000 bytes are ready to be transmitted.

4. Click “Apply” to save the setting.

5. If you want to cancel the setting, click the reset button to revert back to

previously saved values.

Parameter Description

Figure 3-1.7: The EEE Configuration

EEE Port Configuration: The EEE port settings relate to the currently selected, as reflected by the page header.

Port: The switch port number of the logical EEE port.

EEE Enabled: Controls whether EEE is enabled for this switch port.

EEE Urgent Queues: Queues set will activate transmission of frames as soon as any

data is available. Otherwise, the queue will postpone the transmission until 3000 bytes are ready to be transmitted.

Buttons:

 Apply – Click “Apply” to save changes.

 Reset- Click “Reset” to undo any changes made locally and revert back to

previously saved values.

3-2 ACL

3-2.1 Ports

The Vi3026 switch access control list (ACL) is probably the most commonly used object in the IOS. It is used for packet filtering but also for selecting types of traffic to be analyzed, forwarded, or influenced in some way. The ACLs are divided into EtherTypes - IPv4, ARP protocol, MAC, and VLAN parameters. In this section, we will go over the standard and extended access lists for TCP/IP. As you create ACEs for ingress classification, you can assign a policy for each port. The policy number is 1-8. However, each policy can be applied to any port. This makes it very easy to determine what type of ACL policy you will be working with.

The section describes how to configure the ACL parameters (ACE) of the each switch port. These parameters will affect frames received on a port, unless the frame matches a specific ACE.

Web Interface

To configure the ACL Ports Configuration in the web interface:

1. Click Configuration, ACL, then Ports.

2. Scroll the specific parameter value to select the correct value for port ACL

setting.

3. Click “Apply” to save the setting.

4. If you want to cancel the setting, then you need to click the reset button to

revert back to previously saved values.

5. After your configuration is complete, then you could see the counter of the

port. You could click refresh to update the counter or clear the information.

Figure 3-2.1: The ACL Ports Configuration

Parameter Description

Port: The logical port for the settings contained in the same row.

Policy ID: Selects the policy to apply to this port. The allowed values are 0 through

255. The default value is 0.

Action: Selects whether forwarding is permitted ("Permit") or denied ("Deny"). The default value is "Permit".

Rate Limiter ID: Selects which rate limiter to apply on this port. The allowed values are “Disabled” or the values 1 through 16. The default value is "Disabled".

Port Redirect: Selects which port frames are redirected on. The allowed values are “Disabled” or a specific port number. The default value is "Disabled".

Mirror: Specifies the mirror operation of this port. The allowed values are:

 Enabled: Frames received on the port are mirrored.  Disabled: Frames received on the port are not mirrored.  The default value is "Disabled".

Logging: Specifies the logging operation of this port. The allowed values are:

 Enabled: Frames received on the port are stored in the System Log.  Disabled: Frames received on the port are not logged.  The default value is "Disabled". Please note that the system log memory

size and logging rate is limited.

Shutdown: Specifies the port shut down operation of this port. The allowed values are:

 Enabled: If a frame is received on the port, the port will be disabled.  Disabled: Port shut down is disabled.  The default value is "Disabled".

State: Specifies the port state of this port. The allowed values are:

 Enabled: To reopen ports by changing the volatile port configuration of the

ACL user module.

 Disabled: To close ports by changing the volatile port configuration of the

ACL user module.

 The default value is "Enabled".

Counter: Counts the number of frames that match this ACE.

Buttons:

 Apply – Click “Apply” to apply changes.

 Reset- Click “Reset” to undo any changes made locally and revert back to

previously saved values.

Upper right icon (Refresh, clear): You can click them to refresh the ACL Port Configuration or clear them manually.

3-2.2 Rate Limiters

The section describes how to configure the switch’s ACL rate limiter parameters. The rate limiter Level from 1 to 16 allows the user to set rate limiter value and units with pps or kbps.

Web Interface

To configure ACL Rate Limiter in the web interface:

1. Click Configuration, ACL, then Rate Limiter.

2. Specify the “Rate” field and the range from 0 to 3276700.

3. To scroll the unit with pps or kbps.

4. Click “Apply” to save the setting.

5. If you want to cancel the setting, click the reset button to revert back to

previously saved values.

Parameter Description

Figure 3-2.2: The ACL Rate Limiter Configuration

Rate Limiter ID: The rate limiter ID for the settings contained in the same row.

Rate: The allowed values are: 0-3276700 in pps or 0, 100, 200, 300, .., 1000000 in

kbps.

Unit: Specify the rate unit. The allowed values are:

 Pps: Packets per second.  Kbps: Kbits per second.

Buttons

 Apply – Click “Apply” to apply changes.  Reset - Click “Reset” to undo any changes made locally and revert back to

previously saved values.

3-2.3 Access Control List

The section describes how to configure Access Control List rule. An Access Control List (ACL) is a sequential list of permitted or denied conditions that apply to IP addresses, MAC addresses, or other more specific criteria. This switch tests ingress packets against the conditions in an ACL one by one. A packet will be accepted as soon as it matches a permit rule, or dropped as soon as it matches a deny rule. If no rules match, the frame is accepted. Other actions can also be invoked when a matching packet is found, including rate limiting, copying matching packets to another port or to the system log, or shutting down a port.

This page shows the Access Control List (ACL), which is made up of the ACEs defined on this switch. Each row describes the ACE that is defined. The maximum number of ACEs is 256 on each switch. Click on the lowest plus sign to add a new ACE to the list. The reserved ACEs used for internal protocol cannot be edited or deleted. The order sequence cannot be changed and the priority is highest.

Web Interface

To configure Access Control List in the web interface:

1. Click Configuration, ACL, then Configuration.

2. Click the button to add a new ACL, or use the other ACL

modification buttons to specify the editing action (e.g. edit, delete, or moving the relative position of entry in the list).

3. To specific the parameter of the ACE.

4. Click “Apply” to save the setting.

5. If you want to cancel the setting, click the reset button to revert back to

previously saved values.

6. When editing an entry on the ACE Configuration page, please note that the

items displayed depend on various selections, such as frame type and IP protocol type. Specify the relevant criteria to be matched for this rule, and set the actions to take when a rule is matched (e.g. Rate Limiter, Port Copy, Logging, and Shutdown).

Figure 3-2.3: The ACL Rate Limiter Configuration

Parameter Description

Ingress Port: Select the ingress port for which this ACE applies.

 All: The ACE applies to all port.  Port n: The ACE applies to this port number, where “n” is the number of the

switch port.

Policy Filter: Specify the policy number filter for this ACE.

 Any: No policy filter is specified (policy filter status is "don't-care").  Specific: If you want to filter a specific policy with this ACE, choose this

value. Two field for entering a policy value and bitmask appears.

Police Value: When "Specific" is selected for the policy filter, you can enter a specific policy value. The allowed range is 0 to 255.

Policy Bitmask: When "Specific" is selected for the policy filter, you can enter a specific policy bitmask. The allowed range is 0x0 to 0xff.

Frame Type: Indicates the frame type of the ACE. Possible values are:

 Any: The ACE will match any frame type.  Ethernet type: Only Ethernet Type frames can match this ACE. The IEEE

802.3 describes the value of Length/Type Field specifications to be greater than or equal to 1536 decimal (equal to 0600 hexadecimal).

 ARP: Only ARP frames can match this ACE. Notice the ARP frames won't

match the ACE with Ethernet type.

 IPv4: Only IPv4 frames can match this ACE. Notice the IPv4 frames won't

match the ACE with Ethernet type.

 IPv6: Only IPv6 frames can match this ACE. Notice the IPv6 frames won't

match the ACE with Ethernet type.

Action: Specify the action to take with a frame that hits this ACE.

 Permit: The frame that hits this ACE is granted permission for the ACE

operation.

 Deny: The frame that hits this ACE is dropped.

Rate Limiter: Indicates the rate limiter number of the ACE. The allowed range is 1 to

16. When “Disabled” is displayed, the rate limiter operation is disabled.

Port Redirect: Frames that hit the ACE are redirected to the port number specified here. The allowed range is the same as the switch port number range. “Disabled” indicates that the port redirect operation is disabled.

Mirror: Specifies the mirror operation of this port. Frames matching the ACE are mirrored to the destination mirror port. The allowed values are:

 Enabled: Frames received on the port are mirrored.  Disabled: Frames received on the port are not mirrored.  The default value is "Disabled".

Logging: Indicates the logging operation of the ACE. Possible values are:

 Enabled: Frames matching the ACE are stored in the System Log.  Disabled: Frames matching the ACE are not logged.  Please note that the system log memory size and logging rate is limited.

Shutdown: Indicates the port shut down operation of the ACE. Possible values are:

 Enabled: If a frame matches the ACE, the ingress port will be disabled.

Disabled: Port shut down is disabled for the ACE.

Counter: The counter indicates the number of times the ACE was hit by a frame.

MAC Parameters

SMAC Filter: (Only displayed when the frame type is Ethernet Type or ARP)

Specifies the source MAC filter for this ACE:

 Any: No SMAC filter is specified (SMAC filter status is "don't-care").  Specific: If you want to filter a specific source MAC address with this ACE,

choose this value. A field for entering an SMAC value appears.

SMAC Value: When "Specific" is selected for the SMAC filter, you can enter a specific source MAC address. The legal format is "xx-xx-xx-xx-xx-xx", "xx.xx.xx.xx.xx.xx", or "xxxxxxxxxxxx" (x is a hexadecimal digit). A frame that hits this ACE matches this SMAC value.

DMAC Filter: Specifies the destination MAC filter for this ACE.

 Any: No DMAC filter is specified (DMAC filter status is "don't-care").  MC: Frame must be multicast.  BC: Frame must be broadcast.  UC: Frame must be unicast.  Specific: If you want to filter a specific destination MAC address with this

ACE, choose this value. A field for entering a DMAC value appears.

Counter: When "Specific" is selected for the DMAC filter, you can enter a specific destination MAC address. The legal format is "xx-xx-xx-xx-xx-xx", "xx.xx.xx.xx.xx.xx", or "xxxxxxxxxxxx" (x is a hexadecimal digit). A frame that hits this ACE matches this DMAC value.

VLAN Parameters

802.1Q Tagged: Specifies whether frames can hit the action according to the 802.1Q

tagged. The allowed values are:

 Any: Any value is allowed ("don't-care").  Enabled: Tagged frame only.  Disabled: Untagged frame only.  The default value is "Any".

VLAN ID Filter: Specifies the VLAN ID filter for this ACE.

 Any: No VLAN ID filter is specified (VLAN ID filter status is "don't-care").  Specific: If you want to filter a specific VLAN ID with this ACE, choose this

value. A field for entering a VLAN ID number appears.

VLAN ID: When "Specific" is selected for the VLAN ID filter, you can enter a specific VLAN ID number. The allowed range is 1 to 4094. A frame that hits this ACE matches this VLAN ID value.

Tag Priority: Specifies the tag priority for this ACE. A frame that hits this ACE matches this tag priority. The allowed number range is 0 to 7. The value “Any” means that no tag priority is specified (tag priority is "don't-care").

ARP Parameters

The ARP parameters can be configured when Frame Type "ARP" is selected.

ARP/RARP: Specifies the available ARP/RARP opcode (OP) flag for this ACE.

 Any: No ARP/RARP OP flag is specified (OP is "don't-care").  ARP: Frame must have ARP/RARP opcode set to ARP.  RARP: Frame must have ARP/RARP opcode set to RARP.  Other: Frame has unknown ARP/RARP Opcode flag.

Request/Reply: Specifies the available ARP/RARP opcode (OP) flag for this ACE.

 Any: No ARP/RARP OP flag is specified (OP is "don't-care").  Request: Frame must have ARP Request or RARP Request OP flag set.  Reply: Frame must have ARP Reply or RARP Reply OP flag.

Sender IP Filter: Specifies the sender IP filter for this ACE.

 Any: No sender IP filter is specified (sender IP filter is "don't-care").  Host: Sender IP filter is set to “Host”. Specifies the sender IP address in the

SIP Address field that appears.

 Network: Sender IP filter is set to Network. Specifies the sender IP address

and sender IP mask in the SIP Address and SIP Mask fields that appear.

Sender IP Address: When "Host" or "Network" is selected for the sender IP filter, you can enter a specific sender IP address in dotted decimal notation.

Sender IP Mask: When "Network" is selected for the sender IP filter, you can enter a specific sender IP mask in dotted decimal notation.

Target IP Filter: Specifies the target IP filter for this specific ACE.

 Any: No target IP filter is specified (target IP filter is "don't-care").  Host: Target IP filter is set to “Host”. Specifies the target IP address in the

Target IP Address field that appears.

 Network: Target IP filter is set to Network. Specify the target IP address and

target IP mask in the Target IP Address and Target IP Mask fields that appear.

Target IP Address: When "Host" or "Network" is selected for the target IP filter, you can enter a specific target IP address in dotted decimal notation.

Target IP Mask: When "Network" is selected for the target IP filter, you can enter a specific target IP mask in dotted decimal notation.

ARP SMAC Match: Specifies whether frames can hit the action according to their sender hardware address field (SHA) settings.

 0: ARP frames where SHA is not equal to the SMAC address.  1: ARP frames where SHA is equal to the SMAC address.  Any: Any value is allowed ("don't-care").

RARP DMAC Match: Specifies whether frames can hit the action according to their target hardware address field (THA) settings.

 0: RARP frames where THA is not equal to the DMAC address.  1: RARP frames where THA is equal to the DMAC address.  Any: Any value is allowed ("don't-care").

IP/Ethernet Length: Specifies whether frames can hit the action according to their ARP/RARP hardware address length (HLN) and protocol address length (PLN) settings.

 0: ARP/RARP frames where the HLN is not equal to Ethernet (0x06) or the

(PLN) is not equal to IPv4 (0x04).

 1: ARP/RARP frames where the HLN is equal to Ethernet (0x06) and the

(PLN) is equal to IPv4 (0x04).

 Any: Any value is allowed ("don't-care").

IP: Specifies whether frames can hit the action according to their ARP/RARP

hardware address space (HRD) settings.

 0: ARP/RARP frames where the HLD is not equal to Ethernet (1).  1: ARP/RARP frames where the HLD is equal to Ethernet (1).  Any: Any value is allowed ("don't-care").

Ethernet: Specifies whether frames can hit the action according to their ARP/RARP protocol address space (PRO) settings.

 0: ARP/RARP frames where the PRO is not equal to IP (0x800).  1: ARP/RARP frames where the PRO is equal to IP (0x800).  Any: Any value is allowed ("don't-care").

IP Parameters

The IP parameters can be configured when Frame Type "IPv4" is selected.

IP Protocol Filter: Specifies the IP protocol filter for this ACE.

 Any: No IP protocol filter is specified ("don't-care").  Specific: If you want to filter a specific IP protocol filter with this ACE,

choose this value. A field for entering an IP protocol filter appears.

 ICMP: Select ICMP to filter IPv4 ICMP protocol frames. Extra fields for

defining ICMP parameters will appear. These fields are explained later in this help file.

 UDP: Select UDP to filter IPv4 UDP protocol frames. Extra fields for defining

UDP parameters will appear. These fields are explained later in this help file.

 TCP: Select TCP to filter IPv4 TCP protocol frames. Extra fields for defining

TCP parameters will appear. These fields are explained later in this help file.

IP Protocol Value: When "Specific" is selected for the IP protocol value, you can enter a specific value. The allowed range is 0 to 255. A frame that hits this ACE matches this IP protocol value.

IP TTL: Specifies the “Time-to-Live” settings for this ACE.

 Zero: IPv4 frames with a “Time-to-Live” field greater than zero must not be

able to match this entry.

 Non-zero: IPv4 frames with a “Time-to-Live” field greater than zero must be

able to match this entry.

 Any: Any value is allowed ("don't-care").

IP Fragment: Specifies the fragment offset settings for this ACE. This involves the settings for the “More Fragments” (MF) bit and the “Fragment Offset” (FRAG OFFSET) field for an IPv4 frame.

 No: IPv4 frames where the MF bit is set or the FRAG OFFSET field is greater

than zero must not be able to match this entry.

 Yes: IPv4 frames where the MF bit is set or the FRAG OFFSET field is greater

than zero must be able to match this entry.

 Any: Any value is allowed ("don't-care").

IP Option: Specifies the options flag setting for this ACE.

 No: IPv4 frames where the options flag is set must not be able to match this

entry.

 Yes: IPv4 frames where the options flag is set must be able to match this

entry. Any: Any value is allowed ("don't-care").

SIP Filter: Specifies the source IP filter for this ACE.

 Any: No source IP filter is specified (source IP filter is "don't-care").  Host: Source IP filter is set to “Host”. Specifies the source IP address in the

SIP Address field that appears.

 Network: Source IP filter is set to Network. Specifies the source IP address

and source IP mask in the SIP Address and SIP Mask fields that appear.

SIP Address: When "Host" or "Network" is selected for the source IP filter, you can enter a specific SIP address in dotted decimal notation.

SIP Mask: When "Network" is selected for the source IP filter, you can enter a specific SIP mask in dotted decimal notation.

DIP Filter: Specifies the destination IP filter for this ACE.

 Any: No destination IP filter is specified (destination IP filter is "don't-

care").

 Host: Destination IP filter is set to “Host”. Specifies the destination IP

address in the DIP Address field that appears.

 Network: Destination IP filter is set to “Network”. Specifies the destination

IP address and destination IP mask in the DIP Address and DIP Mask fields that appear.

DIP Address: When "Host" or "Network" is selected for the destination IP filter, you can enter a specific DIP address in dotted decimal notation.

DIP Mask: When "Network" is selected for the destination IP filter, you can enter a specific DIP mask in dotted decimal notation.

ICMP Parameter

ICMP Type Filter: Specifies the ICMP filter for this ACE.

 Any: No ICMP filter is specified (ICMP filter status is "don't-care").  Specific: If you want to filter a specific ICMP filter with this ACE, you can

enter a specific ICMP value. A field for entering an ICMP value appears.

ICMP Type Value: When "Specific" is selected for the ICMP filter, you can enter a specific ICMP value. The allowed range is 0 to 255. A frame that hits this ACE matches this ICMP value.

ICMP Code Filter: Specifies the ICMP code filter for this ACE.

 Any: No ICMP code filter is specified (ICMP code filter status is "don't-

care").

 Specific: If you want to filter a specific ICMP code filter with this ACE, you

can enter a specific ICMP code value. A field for entering an ICMP code value appears.

ICMP Code Value: When "Specific" is selected for the ICMP code filter, you can enter a specific ICMP code value. The allowed range is 0 to 255. A frame that hits this ACE matches this ICMP code value.

TCP/UDP Parameters

TCP/UDP Source Filter: Specifies the TCP/UDP source filter for this ACE.

 Any: No TCP/UDP source filter is specified (TCP/UDP source filter status is

"don't-care").

 Specific: If you want to filter a specific TCP/UDP source filter with this ACE,

you can enter a specific TCP/UDP source value. A field for entering a TCP/UDP source value appears.

 Range: If you want to filter a specific TCP/UDP source range filter with this

ACE, you can enter a specific TCP/UDP source range value. A field for entering a TCP/UDP source value appears.

TCP/UDP Source NO.: When "Specific" is selected for the TCP/UDP source filter, you can enter a specific TCP/UDP source value. The allowed range is 0 to 65535. A frame that hits this ACE matches this TCP/UDP source value.

TCP/UDP Source Range: When "Range" is selected for the TCP/UDP source filter, you can enter a specific TCP/UDP source range value. The allowed range is 0 to 65535. A frame that hits this ACE matches this TCP/UDP source value.

TCP/UDP Destination Filter: Specifies the TCP/UDP destination filter for this ACE.

 Any: No TCP/UDP destination filter is specified (TCP/UDP destination filter

status is "don't-care").

 Specific: If you want to filter a specific TCP/UDP destination filter with this

ACE, you can enter a specific TCP/UDP destination value. A field for entering a TCP/UDP destination value appears.

 Range: If you want to filter a specific range TCP/UDP destination filter with

this ACE, you can enter a specific TCP/UDP destination range value. A field for entering a TCP/UDP destination value appears.

TCP/UDP Destination Number: When "Specific" is selected for the TCP/UDP destination filter, you can enter a specific TCP/UDP destination value. The allowed range is 0 to 65535. A frame that hits this ACE matches this TCP/UDP destination value.

TCP/UDP Destination Range: When "Range" is selected for the TCP/UDP destination filter, you can enter a specific TCP/UDP destination range value. The allowed range is 0 to 65535. A frame that hits this ACE matches this TCP/UDP destination value.

TCP FIN: Specifies the TCP "No more data from sender" (FIN) value for this ACE.

 0: TCP frames where the FIN field is set must not be able to match this entry.  1: TCP frames where the FIN field is set must be able to match this entry.

Any: Any value is allowed ("don't-care").

TCP SYN: Specifies the TCP "Synchronize sequence numbers" (SYN) value for this ACE.

 0: TCP frames where the SYN field is set must not be able to match this entry.  1: TCP frames where the SYN field is set must be able to match this entry.  Any: Any value is allowed ("don't-care").

TCP RST: Specifies the TCP "Reset the connection" (RST) value for this ACE.

 0: TCP frames where the RST field is set must not be able to match this entry.  1: TCP frames where the RST field is set must be able to match this entry.  Any: Any value is allowed ("don't-care").

TCP PSH: Specifies the TCP "Push Function" (PSH) value for this ACE.

 0: TCP frames where the PSH field is set must not be able to match this entry.  1: TCP frames where the PSH field is set must be able to match this entry.  Any: Any value is allowed ("don't-care").

TCP ACK: Specifies the TCP "Acknowledgment field significant" (ACK) value for this ACE.

 0: TCP frames where the ACK field is set must not be able to match this entry.  1: TCP frames where the ACK field is set must be able to match this entry.  Any: Any value is allowed ("don't-care").

TCP URG: Specifies the TCP "Urgent Pointer field significant" (URG) value for this ACE.

 0: TCP frames where the URG field is set must not be able to match this entry.  1: TCP frames where the URG field is set must be able to match this entry.  Any: Any value is allowed ("don't-care").

IP Parameters

The Ethernet Type parameters can be configured when Frame Type "Ethernet Type" is selected.

Ether Type Filter: Specifies the Ethernet type filter for this ACE.

 Any: No EtherType filter is specified (EtherType filter status is "don't-care").  Specific: If you want to filter a specific EtherType filter with this ACE, you

can enter a specific EtherType value. A field for entering a EtherType value appears.

Ethernet Type Value: When "Specific" is selected for the EtherType filter, you can enter a specific EtherType value. The allowed range is 0x600 to 0xFFFF but excluding 0x800(IPv4), 0x806(ARP), and 0x86DD(IPv6). A frame that hits this ACE matches this EtherType value.

Modification Buttons: You can modify each ACE (Access Control Entry) in the table using the following buttons:

: Inserts a new ACE before the current row.

: Edits the ACE row.

Buttons:

 Apply – Click “Apply” to apply changes.  Reset- Click “Reset” to undo any changes made locally and revert back to

Auto-refresh: Click “Auto-refresh” to refresh the information automatically.

Upper right icon (Refresh, clear, Remove All): You can click them to refresh the ACL

configuration or clear them manually. Click other buttons to remove all ACL configurations on the table.

: Moves the ACE up the list.

: Moves the ACE down the list.

: Deletes the ACE.

: The lowest plus sign adds a new entry at the bottom of the ACE

listings.

previously saved values.

3-2.4 ACL Status

The section describes how to show the ACL status by different ACL users. Each row describes the ACE that is defined. It is a conflict if a specific ACE is not applied to the hardware due to hardware limitations. The maximum number of ACEs is 256 on each switch.

Web Interface

To display the ACL status in the web interface:

1. Click Configuration, ACL, then ACL status.

2. If you want to auto-refresh the information, then you need to evoke the

“Auto-refresh”.

3. Click “Refresh“ to refresh the ACL Status.

Figure 3-2.4: The ACL Rate Limiter Configuration

Parameter Description

User: Indicates the ACL user.

Ingress Port: Indicates the ingress port of the ACE. Possible values are:

 All: The ACE will match all ingress port.  Port: The ACE will match a specific ingress port.

Frame Type: Indicates the frame type of the ACE. Possible values are:

 Any: The ACE will match any frame type.  EType: The ACE will match Ethernet Type frames. Note that an Ethernet

Type based ACE will not get matched by IP and ARP frames.

 ARP: The ACE will match ARP/RARP frames.  IPv4: The ACE will match all IPv4 frames.  IPv4/ICMP: The ACE will match IPv4 frames with ICMP protocol.  IPv4/UDP: The ACE will match IPv4 frames with UDP protocol.  IPv4/TCP: The ACE will match IPv4 frames with TCP protocol.  IPv4/Other: The ACE will match IPv4 frames, which are not ICMP/UDP/TCP.  IPv6: The ACE will match all IPv6 standard frames.

Action: Indicates the forwarding action of the ACE.

 Permit: Frames matching the ACE may be forwarded and learned.  Deny: Frames matching the ACE are dropped.

Rate Limiter: Indicates the rate limiter number of the ACE. The allowed range is 1 to

16. When “Disabled” is displayed, the rate limiter operation is disabled.

Port Redirect: Indicates the port redirect operation of the ACE. Frames matching the ACE are redirected to the port number. The allowed values are “Disabled” or a specific port number. When “Disabled” is displayed, the port redirect operation is disabled.

Combined

Mirror: Specifies the mirror operation of this port. The allowed values are:

 Enabled: Frames received on the port are mirrored.  Disabled: Frames received on the port are not mirrored.  The default value is "Disabled".

CPU: Forward packet that matched the specific ACE to CPU.

CPU Once: Forward first packet that matched the specific ACE to CPU.

Counter: The counter indicates the number of times the ACE was hit by a frame.

Conflict: Indicates the hardware status of the specific ACE. The specific ACE is not

applied to the hardware due to hardware limitations.

Auto-refresh: Evoke “Auto-refresh” to refresh the information automatically.

: Selects the ACL status from this drop down list.

Upper right icon (Refresh): You can click them to refresh the ACL status information manually.

3-3 Aggregation

3-3.1 Static Trunk

3-3.1.1 Static Trunk

Aggregation is used to configure the settings of Link Aggregation. You can bundle more than one port with the same speed, full-duplex and the same MAC to be a single logical port. Thus, the logical port aggregates the bandwidth of these ports. This means you can apply your current Ethernet equipment’s to build the bandwidth aggregation. For example, if there are three fast Ethernet ports aggregated in a logical port, then this logical port has bandwidth three times as high as a single fast Ethernet port has.

The Aggregation configuration is used to configure the settings of “Link Aggregation”. You can bundle more than one port with the same speed, full-duplex and the same MAC to be a single logical port. Thus, the logical port aggregates the bandwidth of these ports. This means you can apply your current Ethernet equipment’s to build the bandwidth aggregation.

Ports using “Static Trunk” as their trunk method can choose their unique Static GroupID to form a logic “trunked port”. The benefit of using “Static Trunk” method is that a port can immediately become a member of a trunk group without any handshaking with its peer port. This is also a disadvantage because the peer ports of your static trunk group may not know that they should be aggregate together to

form a “logic trunked port”. Using “Static Trunk” on both end of a link is strongly recommended. Please also note that low speed links will stay in “not ready” state

when using static trunk to aggregate with high speed links.

Web Interface

To configure the Trunk Aggregation Hash mode and Aggregation Group in the web interface:

1. Click Configuration, Static Trunk, and then Aggregation Mode

Configuration.

2. Evoke to enable or disable the aggregation mode function. Evoke

Aggregation Group ID and Port members.

3. Click “Apply” to save the setting.

4. If you want to cancel the setting, click the reset button to revert back to

previously saved values.

Figure 3-3.1.1: The Aggregation Mode Configuration

Parameter Description

Hash Code Contributors

Source MAC Address: The source MAC address can be used to calculate the

destination port for the frame. Check to enable the use of the source MAC address or uncheck to disable. By default, the source MAC Address is enabled.

Destination MAC Address: The destination MAC address can be used to calculate the destination port for the frame. Check to enable the use of the destination MAC address or uncheck to disable. By default, the destination MAC address is disabled.

IP Address: The IP address can be used to calculate the destination port for the frame. Check to enable the use of the IP address or uncheck to disable. By default, IP address is enabled.

TCP/UDP Port Number: The TCP/UDP port number can be used to calculate the destination port for the frame. Check to enable the use of the TCP/UDP Port Number or uncheck to disable. By default, the TCP/UDP Port Number is enabled.

Aggregation Group Configuration

Group ID: Indicates the group ID for the settings contained in the same row. Group

ID "Normal" indicates there is no aggregation. Only one group ID is valid per port.

Port Members: Each switch port is listed for each group ID. Select a radio button to include a port in an aggregation, or clear the radio button to remove the port from the aggregation. By default, no ports belong to any aggregation group. Only fullduplex ports can join an aggregation and ports must be in the same speed in each group.

Buttons:

 Apply – Click “Apply” to save changes.  Reset- Click “Reset” to undo any changes made locally and revert back to

previously saved values.

3-3.2 LACP

3-3.2.1 Configuration

Ports using Link Aggregation Control Protocol (according to IEEE 802.3ad specification) as their trunking method can choose their unique LACP GroupID to form a logic “trunked port”. The benefit of using LACP is that a port makes an agreement with its peer port before it becomes a ready member of a “trunk group” (also called aggregator). LACP is safer than the other trunking method - static trunk.

This section allows the user to inspect and change the current LACP port configurations. A LACP trunk group with more than one ready member-ports is a “real trunked” group. A LACP trunk group with only one or less than one ready member-ports is not a “real trunked” group.

Web Interface

To configure the Trunk Aggregation LACP parameters in the web interface:

1. Click Configuration, LACP, then Configuration.

2. Evoke to enable or disable the LACP on the port of the switch. Scroll the Key

parameter with Auto or Specific Default is Auto.

3. Scroll the Role with Active or Passive. The default is “Active”.

4. Click “Apply” to save the setting.

5. If you want to cancel the setting, click the reset button to revert back to

previously saved values.

Figure 3-3.2.1: The LACP Port Configuration

Parameter Description

Port: The switch port number.

LACP Enabled: Controls whether LACP is enabled on this switch port. LACP will form

an aggregation when 2 or more ports are connected to the same partner. LACP can form max 12 LLAGs per switch and 2 GLAGs.

Key: The key value incurred by the port, ranging from 1-65535 . The “Auto” setting will set the key as appropriate by the physical link speed, 10Mb = 1, 100Mb = 2, 1Gb = 3. Using the “Specific” setting, a user-defined value can be entered. Ports with the same key value can participate in the same aggregation group, while ports with different keys cannot.

Role: The “Role” shows the LACP activity status. “Active” will transmit LACP packets each second, while “Passive” will wait for a LACP packet from a partner (speak if spoken to).

Buttons:

 Apply – Click “Apply” to save changes.  Reset- Click “Reset” to undo any changes made locally and revert back to

previously saved values.

3-3.2.2 System Status

Parameter Description

This section describes how to set up the LACP function on the switch, then it provides a status overview for all LACP instances

Web Interface

To display the LACP System status in the web interface:

1. Click Configuration, LACP, then System Status.

2. If you want to auto-refresh the information, then you need to evoke the

“Auto-refresh”.

3. Click “Refresh” to refresh the LACP System Status.

Figure 3-3.2.2: The LACP System Status

Aggr ID: The Aggregation ID associated with this aggregation instance. For LLAG the id is shown as 'isid:aggr-id' and for GLAGs as 'aggr-id'

Partner System ID: The system ID (MAC address) of the aggregation partner.

Partner Key: The Key that the partner has assigned to this aggregation ID.

Last changed: The time since this aggregation changed.

Local Ports: Shows which ports are a part of this aggregation for this switch. The

format is: "Switch ID:Port".

Auto-refresh: Evoke “Auto-refresh” to refresh the information automatically.

Upper right icon (Refresh): You can click them to refresh the LACP System status

information manually.

3-3.2.3 Port Status

This section describes how to set up the LACP function on the switch, then it provides a Port Status overview for all LACP instances.

Web Interface

To display the LACP Port status in the web interface:

1. Click Configuration, LACP, then Port Status.

2. If you want to auto-refresh the information, then you need to evoke the

“Auto-refresh”.

3. Click “Refresh” to refresh the LACP Port Status.

Parameter Description

Figure 3-3.2.3: The LACP Status

Port: The port number of the switch.

LACP: 'Yes' means that LACP is enabled and the port link is up. 'No' means that LACP

is not enabled or that the port link is down. 'Backup' means that the port could not join the aggregation group but will join if other port leaves. Meanwhile, the LACP status is disabled.

Key: The key assigned to this port. Only ports with the same key can aggregate together.

Aggr ID: The Aggregation ID assigned to this aggregation group. IDs 1 and 2 are GLAGs while IDs 3-14 are LLAGs.

Partner System ID: The partner's system ID (MAC address).

Partner Port: The partner's port number connected to this port.

Auto-refresh: Evoke “Auto-refresh” to refresh the information automatically.

Upper right icon (Refresh): You can click them to refresh the LACP port status

information manually.

3-3.2.4 Port Statistics

This section describes how to set up the LACP function on the switch in order to provide a port statistics overview for all LACP instances.

Web Interface

To display the LACP Port status in the web interface:

1. Click Configuration, LACP, then Port Statistics.

2. If you want to auto-refresh the information, then you need to evoke the “Auto refresh”.

3. Click “Refresh” to refresh the LACP Statistics.

Parameter Description

Figure 3-3.2.4: The LACP Statistics

Port: The switch port number.

LACP Received: Shows how many LACP frames have been received at each port.

LACP Transmitted: Shows how many LACP frames have been sent from each port.

Discarded: Shows how many unknown or illegal LACP frames have been discarded at

each port.

Auto-refresh: Evoke “Auto-refresh” to refresh the information automatically.

Upper right icon (Refresh, Clear): You can click them to refresh the LACP port

statistics information or clear manually.

3-4 Spanning Tree

The Spanning Tree Protocol (STP) can be used to detect and disable network loops, and to provide backup links between switches, bridges or routers. This allows the switch to interact with other bridging devices (that is, an STP-compliant switch, bridge or router) in your network to ensure that only one route exists between any two stations on the network. It also provides backup links, which automatically take over when a primary link goes down.

STP - STP uses a distributed algorithm to select a bridging device (STP- compliant switch, bridge or router) that serves as the root of the spanning tree network. It selects a root port on each bridging device (except for the root device), which incurs the lowest path cost when forwarding a packet from that device to the root device. Then, it selects a designated bridging device from each LAN which incurs the lowest path cost when forwarding a packet from that LAN to the root device. All ports connected to designated bridging devices are assigned as designated ports. After determining the lowest cost spanning tree, it enables all root ports and designated ports, and disables all other ports. Network packets are therefore only forwarded between root ports and designated ports, eliminating any possible network loops.

3-4.1 Bridge Settings

Once a stable network topology has been established, all bridges listen for Hello BPDUs (Bridge Protocol Data Units) transmitted from the Root Bridge. If a bridge does not get a Hello BPDU after a predefined interval (Maximum Age), the bridge assumes that the link to the Root Bridge is down. This bridge will then initiate negotiations with other bridges to reconfigure the network to reestablish a valid network topology.

The section describes how to configure the Spanning Tree Bridge and STP System settings. It allows you to configure STP System settings used by all STP Bridge instance in the switch.

Web Interface

To configure the Spanning Tree Bridge Settings parameters in the web interface:

1. Click Configuration, Spanning Tree, then Bridge Settings.

2. Scroll to select the parameters and write down available value of parameter

in blank field in “Basic Settings”.

3. Evoke to enable or disable the parameters and write down available value

of parameters in blank field in advanced settings.

4. Click “Apply” to save the setting.

5. If you want to cancel the setting, click the reset button to revert back to

previously saved values.

Parameter Description

Figure 3-4.1: The STP Bridge Configuration

Basic Settings

Protocol Version: The STP protocol version setting. Valid values are STP, RSTP, and

MSTP.

Bridge Priority: Controls the bridge priority. Lower numeric values have better priority. The bridge priority plus the MSTI instance number, concatenated with the 6byte MAC address of the switch forms a Bridge Identifier. For MSTP operation, this is the priority of the CIST. Otherwise, this is the priority of the STP/RSTP bridge.

Forward Delay: The delay used by STP Bridges to transit Root and Designated Ports to Forwarding (used in STP compatible mode). Valid values are in the range 4 to 30 seconds.

Max Age: The maximum age of the information transmitted by the bridge when it is the root bridge. Valid values are in the range 6 to 40 seconds, and MaxAge must be <= (FwdDelay-1)*2.

Maximum Hop Count: This defines the initial value of remaining hops for MSTI information generated at the boundary of an MSTI region. It defines how many bridges a root bridge can distribute its BPDU information to. Valid values are in the range 6 to 40 hops.

Transmit Hold Count: The number of BPDU's a bridge port can send per second. When exceeded, transmission of the next BPDU will be delayed. Valid values are in the range 1 to 10 BPDU's per second.

Advanced Settings

Edge Port BPDU Filtering: Controls whether a port explicitly configured as “Edge”

will transmit and receive BPDUs.

Edge Port BPDU Guard: Controls whether a port explicitly configured as “Edge” will disable itself upon reception of a BPDU. The port will enter the error-disabled state, and will be removed from the active topology.

Port Error Recovery: Controls whether a port in the error-disabled state automatically will be enabled after a certain time. If recovery is not enabled, the ports have to be disabled and re-enabled for normal STP operation. The condition is also cleared by a system reboot.

Port Error Recovery Timeout: The time to pass before a port in the error-disabled state can be enabled. Valid values are between 30 and 86400 seconds (24 hours).

Buttons:

 Apply – Click “Apply” to save changes.  Reset- Click “Reset” to undo any changes made locally and revert back to

previously saved values.

2-4.2 MSTI Mapping

When you implement a Spanning Tree protocol on the switch, the CIST is not available for explicit mapping because it will receive the VLANs not explicitly mapped. Due to the reason that you need to set the list of VLANs mapped to the MSTI. The VLANs must be separated with comma and/or space. A VLAN can only be mapped to one MSTI. An unused MSTI should just be left empty (e.g. not having any VLANs mapped to it.)

This section allows the user to inspect and change the current STP MSTI bridge instance priority configurations.

Web Interface

To configure the Spanning Tree MSTI Mapping parameters in the web interface:

1. Click Configuration, Spanning Tree, then MSTI Mapping.

2. Specify the configuration identification parameters in the field. Specify the

VLANs Mapped blank field.

3. Click “Apply” to save the setting.

4. If you want to cancel the setting, click the reset button to revert back to

previously saved values.

Figure 3-4.2: The MSTI Configuration

Parameter Description

Configuration Identification

Configuration Name: The name identifying the VLAN to MSTI mapping. Bridges must

share the name and revision (see below), as well as, the VLAN-to-MSTI mapping configuration in order to share spanning trees for MSTI's (Intra-region). The name is at most 32 characters.

Configuration Revision: The revision of the MSTI configuration named above. This must be an integer between 0 and 65535.

MSTI Mapping

MSTI: The bridge instance. The CIST is not available for explicit mapping, as it will

receive the VLANs not explicitly mapped.

VLANs Mapped: The list of VLANs mapped to the MSTI. The VLANs must be separated with comma and/or space. A VLAN can only be mapped to one MSTI. An unused MSTI should just be left empty (e.g. not having any VLANs).

Buttons:

 Apply – Click “Apply” to save changes.  Reset- Click “Reset” to undo any changes made locally and revert back to

previously saved values.

3-4.3 MSTI Priorities

When you implement a Spanning Tree protocol on the switch, the CIST is the default instance which is always active. For controls the bridge priority. Lower numeric values have better priority. The bridge priority plus the MSTI instance number, concatenated with the 6-byte MAC address of the switch forms a bridge identifier.

The section describes it allows the user to inspect and change the current STP MSTI bridge instance priority configurations.

Web Interface

To configure the Spanning Tree MSTI Priorities parameters in the web interface:

1. Click Configuration, Spanning Tree, then MSTI Priorities.

2. Scroll the Priority maximum is 240. The default is 128.

3. Click “Save” to apply the setting.

4. If you want to cancel the setting, click the reset button to revert back to

previously saved values.

Parameter Description

Figure 3-4.3: The MSTI Configuration

MSTI: The bridge instance. The CIST is the default instance, which is always active.

Priority: Controls the bridge priority. Lower numeric values have better priority. The

bridge priority plus the MSTI instance number, concatenated with the 6-byte MAC address of the switch forms a Bridge Identifier.

Buttons:

 Apply – Click “Apply” to save changes.  Reset- Click “Reset” to undo any changes made locally and revert back to

previously saved values.

3-4.4 CIST Ports

When you implement a Spanning Tree protocol on the switch that the bridge instance, you need to configure the CIST Ports. The section allows the user to inspect and change the current STP CIST port configurations.

Web Interface

To configure the Spanning Tree CIST Ports parameters in the web interface:

1. Click Configuration, Spanning Tree, then CIST Ports.

2. Scroll and evoke to set all parameters of CIST Aggregated Port

Configuration.

3. Evoke to enable or disable the STP, then scroll and evoke to set all

parameters of the CIST normal Port configuration.

4. Click “Apply” to save the setting.

5. If you want to cancel the setting, click the reset button to revert back to

previously saved values.

Figure 3-4.4: The STP CIST Port Configuration

Parameter Description

Port: The switch port number of the logical STP port.

STP Enabled: Controls whether STP is enabled on this switch port.

Path Cost: Controls the path cost incurred by the port. The auto setting will set the

path cost as appropriate by the physical link speed, using the 802.1D recommended values. Using the specific setting, a user-defined value can be entered. The path cost is used when establishing the active topology of the network. Lower path cost ports are chosen as forwarding ports in favor of higher path cost ports. Valid values are in the range 1 to 200,000,000.

Priority: Controls the port priority. This can be used to control priority of ports having identical port cost (see above).

AdminEdge: Controls whether the operEdge flag should start as set or cleared (the initial operEdge state when a port is initialized).

AutoEdge: Controls whether the bridge should enable automatic edge detection on the bridge port. This allows operEdge to be derived from, whether BPDU's are received on the port or not.

Restricted Role: If enabled, it causes the port not to be selected as root port for the CIST or any MSTI, even if it has the best spanning tree priority vector. Such a port will be selected as an alternate port after the root port has been selected. If set, it can cause lack of spanning tree connectivity. It can be set by a network administrator to prevent bridges external to a core region of the network influence the spanning tree active topology, possibly because those bridges are not under the full control of the administrator. This feature is also known as “Root Guard”.

Restricted TCN: If enabled, it causes the port not to propagate received topology change notifications and topology changes to other ports. It can also cause temporary loss of connectivity after changes in a spanning tree's active topology as a result of persistently incorrect learned station location information. It is set by a network administrator to prevent bridges external to a core region of the network, causing address flushing in that region, possibly because those bridges are not under the full control of the administrator or the physical link state of the attached LANs transits frequently.

BPDU Guard: If enabled, it causes the port to disable itself upon receiving valid BPDU's. Contrary to the similar bridge setting, the port Edge status does not affect this setting. A port entering error-disabled state due to this setting is subject to the bridge port error recovery setting as well.

Point to Point: Controls whether the port connects to a point-to-point LAN rather than to a shared medium. This can be automatically determined, or forced either true or false. Transition to the forwarding state is faster for point-to-point LANs than for shared media.

Buttons:

 Apply – Click “Apply” to save changes.  Reset- Click “Reset” to undo any changes made locally and revert back to

previously saved values.

3-4.5 MSTI Ports

The section allows the user to inspect and change the current STP MSTI port configurations.

An MSTI port is a virtual port, which is instantiated separately for each active CIST (physical) port for each MSTI instance configured on and applicable to the port. The MSTI instance must be selected before displaying actual MSTI port configuration options. It contains MSTI port settings for physical and aggregated ports.

Web Interface

To configure the Spanning Tree MSTI Port Configuration parameters in the web interface:

1. Click Configuration, Spanning Tree, then MSTI Ports.

2. Scroll to select the “MST1” or other MSTI Port.

3. Click “Set” to set the detail parameters of the MSTI Ports.

4. Scroll to set all parameters of the MSTI port configuration.

5. Click “Apply” to save the setting.

6. If you want to cancel the setting, click the reset button to revert back to

previously saved values.

Figure 3-4.5: The MSTI Port Configuration

Parameter Description

Port: The switch port number of the corresponding STP CIST (and MSTI) port.

Path Cost: Controls the path cost incurred by the port. The “Auto” setting will set the

path cost as appropriate by the physical link speed, using the 802.1D recommended values. Using the “Specific” setting, a user-defined value can be entered. The path cost is used when establishing the active topology of the network. Lower path cost ports are chosen as forwarding ports in favor of higher path cost ports. Valid values are in the range 1 to 200000000.

Priority: Controls the port priority. This can be used to control priority of ports having identical port cost (see above).

Buttons:

 Apply – Click “Apply” to save changes.

 Reset- Click “Reset” to undo any changes made locally and revert back to

previously saved values.

3-4.6 Bridge Status

Parameter Description

After you complete the MSTI port configuration that you could to ask the switch display the bridge status. The section provides a status overview of all STP bridge instances. The displayed table contains a row for each STP bridge instance, where the column displays the following information:

Web Interface

To display the STP Bridges status in the web interface:

1. Click Configuration, Spanning Tree, then STP Bridges.

2. If you want to auto-refresh the information, then you need to evoke the

“Auto-refresh”.

3. Click “Refresh” to refresh the STP Bridges.

Figure 3-4.6: The STP Bridges status

MSTI: MSTI is the bridge instance. It’s also a link to the STP detailed bridge status.

Bridge ID: The bridge ID of this bridge instance.

Root ID: The bridge ID of the currently elected root bridge.

Root Port: The switch port currently assigned the root port role.

Root Cost: It’s the root path cost. It is zero for the root bridge. For all other bridges,

it is the sum of the port path costs on the least cost path to the root bridge.

Topology Flag: The current state of the topology flag change of this bridge instance.

Topology Change Last: The time since last topology change occurred.

Auto-refresh: Evoke auto-refresh to refresh the information automatically.

Upper right icon (Refresh): You can click the icon to refresh the STP bridges status

information manually.

3-4.7 Port Status

After you complete the STP configuration, you could ask the switch to display the STP port status. This section allows you to ask the switch to display the STP CIST port status for all physical ports of the currently selected switch.

Web Interface

To display the STP Port status in the web interface:

1. Click Configuration, Spanning Tree, then STP Port Status.

2. If you want to auto-refresh the information, click “Auto-refresh”.

3. Click “Refresh” to refresh the STP Bridges.

Parameter Description

Figure 3-4.7: The STP Port status

Port: The switch port number of the logical STP port.

CIST Role: The current STP port role of the CIST port. The port role can be one of the

following values: AlternatePort, Backup Port, RootPort, or DesignatedPort Disabled.

CIST State: The current STP port state of the CIST port. The port state can be one of the following values: Blocking, Learning, or Forwarding.

Uptime: The time since the bridge port was last initialized.

Auto-refresh: Evoke “Auto-refresh” to refresh the information automatically.

Upper right icon (Refresh): You can click the icon to refresh the STP Port status

information manually.

3-4.8 Port Statistics

After you complete the STP configuration, then you could let the switch display the STP Statistics. The section provides you to ask switch to display the STP Statistics detail counters of bridge ports in the currently selected switch.

Web Interface

To display the STP Port status in the web interface:

1. Click Configuration, Spanning Tree, then Port Statistics.

2. If you want to auto-refresh the information, then you need to evoke the

“Auto-refresh”.

3. Click “Refresh” to refresh the STP Bridges.

Figure 3-4.8: The STP Statistics

Parameter Description

Port: The switch port number of the logical STP port.

MSTP: The number of MSTP Configuration BPDU's received/transmitted on the port.

RSTP: The number of RSTP Configuration BPDU's received/transmitted on the port.

STP: The number of legacy STP Configuration BPDU's received/transmitted on the

port.

TCN: The number of (legacy) “Topology Change Notification” BPDU's received/transmitted on the port.

Discarded Unknown: The number of unknown spanning tree BPDU's received (and discarded) on the port.

Discarded Illegal: The number of illegal spanning tree BPDU's received (and discarded) on the port.

Auto-refresh: Evoke “Auto-refresh” to refresh the information automatically.

Upper right icon (Refresh, Clear): You can click them to refresh the STP statistics

information or clear manually.

3-5 IGMP Snooping

3-5.1 Basic Configuration

The function is used to establish the multicast groups to forward the multicast packet to the member ports, and in nature, to avoid wasting the bandwidth while IP multicast packets are running over the network. This is because a switch that does not support IGMP or IGMP Snooping cannot tell the multicast packet from the broadcast packet, so it can only treat them all as the broadcast packet. Without IGMP Snooping, the multicast packet forwarding function is plain and nothing is different from broadcast packet.

A switch that supports IGMP Snooping with the functions of query, report and leave (a type of packet exchanged between IP Multicast Router/Switch and IP Multicast Host) can update the information of the Multicast table when a member (port) joins or leaves an IP multicast destination address. With this function, once a switch receives an IP multicast packet, it will forward the packet to the members who joined in a specified IP multicast group before.

The packets will be discarded by the IGMP Snooping if the user transmits multicast packets to the multicast group that had not been built in advance. The IGMP mode enables the switch to issue IGMP functions (IGMP proxy or snooping) on the switch, which connects to a router closer to the root of the tree. This interface is the upstream interface. The router on the upstream interface should be running IGMP.

The section describes how to set the basic IGMP snooping on the switch, which connects to a router closer to the root of the tree. This interface is the upstream interface. The router on the upstream interface should be running IGMP.

Web Interface

To configure the IGMP Snooping parameters in the web interface:

1. Click Configuration, IGMP Snooping, then Basic Configuration.

2. Evoke to enable or disable a specific global configuration.

3. Evoke which port you want to become a Router Port, or enable/disable the

Fast Leave function.

4. Scroll to set the throttling parameter.

5. Click “Apply” to save the setting.

6. If you want to cancel the setting, click the reset button to revert back to

previously saved values.

Parameter Description

Figure 3-5.1: The IGMP Snooping Configuration.

Snooping Enabled: Enables the Global IGMP Snooping.

Unregistered IPMCv4 Flooding enabled: Enables unregistered IPMCv4 traffic

flooding.

IGMP SSM Range: SSM (Source-Specific Multicast) Range allows the SSM-aware hosts and routers run the SSM service model for the groups in the address range. Format: (IP address/ sub mask).

Proxy Enabled: Enables IGMP Proxy. This feature can be used to avoid forwarding unnecessary join and leave messages to the router side.

Port: It shows the physical port index of switch.

Router Port: Specifies which ports act as router ports. A router port is a port on the

Ethernet switch that leads towards the Layer 3 multicast device or IGMP querier.

If an aggregation member port is selected as a router port, the whole aggregation will act as a router port.

Fast Leave: Enables the fast leave on the port.

Throttling: Enables to limit the number of multicast groups to which a switch port

can belong.

Buttons:

 Apply – Click “Apply” to save changes.  Reset- Click “Reset” to undo any changes made locally and revert back to

previously saved values.

3-5.2 VLAN Configuration

The section describes the VLAN configuration setting process integrated with IGMP snooping function. Each setting page shows up to 99 entries from the VLAN table. The default is 20 and can be selected through the "Entries Per Page" input field. During your first visit, the web page will show the first 20 entries from the beginning of the VLAN Table. The first displayed will be the one with the lowest VLAN ID found in the VLAN Table. The "VLAN" input fields allow the user to select the starting point in the VLAN Table. By clicking the button, the displayed table will update, starting from that or the next closest VLAN table match.

Web Interface

To configure the IGMP Snooping VLAN Configuration in the web interface:

1. Click Configuration, IGMP Snooping, then VLAN Configuration.

2. Evoke to enable or disable Snooping IGMP Querier. Specify the parameters

in the blank field.

3. Click “Refresh” to update the data or click “<< or >>” to display previous

entry or next entry.

4. Click “Apply” to save the setting.

5. If you want to cancel the setting, click the reset button to revert back to

previously saved values.

Parameter Description

Figure 3-5.2: The IGMP Snooping VLAN Configuration.

VLAN ID: It displays the VLAN ID of the entry.

Snooping Enabled: Enables the per-VLAN IGMP Snooping. Only up to 32 VLANs can

be selected.

IGMP Querier: A router sends IGMP query messages onto a particular link. This router is called the “Querier”. Enables the IGMP querier in the VLAN.

Compatibility: Compatibility is maintained by hosts and routers taking appropriate actions, depending on the versions of IGMP operating on hosts and routers within a network. The allowed selection is IGMP-Auto, Forced IGMPv1, Forced IGMPv2, or Forced IGMPv3. The default compatibility value is “IGMP-Auto”.

RV: Robustness Variable. The Robustness Variable allows tuning for the expected packet loss on a network. The allowed range is 1 to 255. The default robustness variable value is 2.

QI: Query Interval. The query interval is the interval between general queries sent by the querier. The allowed range is 1 to 31744 seconds. The default query interval is 125 seconds.

QRI: Query Response Interval. The max response time used to calculate the “Max Resp Code” inserted into the periodic general queries. The allowed range is 0 to 31744 in tenths of seconds. The default query response interval is 100 in tenths of seconds (10 seconds).

LLQI (LMQI for IGMP): Last Member Query Interval. The last member query time is the time value represented by the last member query interval, multiplied by the last member query count. The allowed range is 0 to 31744 in tenths of seconds. The default last member query interval is 10 in tenths of seconds (1 second).

URI: Unsolicited Report Interval. The unsolicited report interval is the time between repetitions of a host's initial report of membership in a group. The allowed range is 0 to 31744 seconds. The default unsolicited report interval is 1 second.

Buttons:

 Apply – Click “Apply” to save changes.  Reset- Click “Reset” to undo any changes made locally and revert back to

previously saved values.

Upper right icon (Refresh, |<<, >>): You can click the icon to refresh the displayed table starting from the "VLAN" input fields. Or click “|<<” to update the table starting from the first entry in the VLAN table (e.g. the entry with the lowest VLAN ID). Click “>>” to update the table, starting with the entry after the last entry currently displayed.

3-5.3 Port Group Filtering

The section describes how to set the “IGMP Port Group Filtering”. With the IGMP filtering feature, a user can exert this type of control. In some network application environments, as like the metropolitan or multiple-dwelling unit (MDU) installations, a user might want to control the multicast groups to which a user on a switch port can belong. It allows the user to control the distribution of multicast services, such as IP/TV, based on some type of subscription or service plan.

With this feature, you can filter multicast joins on a per-port basis by configuring IP multicast profiles and associating them with individual switch ports. An IGMP profile can contain one or more multicast groups and specifies whether access to the group is permitted or denied. If an IGMP profile denying access to a multicast group is applied to a switch port, the IGMP join report requesting the stream of IP multicast traffic is dropped, and the port is not allowed to receive IP multicast traffic from that group. If the filtering action permits access to the multicast group, the IGMP report from the port is forwarded for normal processing.

IGMP filtering controls only IGMP membership join reports and has no relationship to the function that directs the forwarding of IP multicast traffic.

Web Interface

To configure the IGMP Snooping Port Group Configuration in the web interface:

1. Click Configuration, IGMP Snooping, then Port Group Filtering.

2. Click “Add New Filtering Group”.

3. Scroll the port to enable the “Port Group Filtering”. Specify the “Filtering

Groups” in the blank field.

4. Click “Apply” to save the setting.

5. If you want to cancel the setting, click the reset button to revert back to

previously saved values.

Figure 3-5.3: The IGMP Snooping Port Group Filtering Configuration.

Parameter Description

Delete: Check to delete the entry. It will be deleted during the next save.

Port: To evoke the port enable the IGMP Snooping Port Group Filtering function.

Filtering Groups: The IP multicast group that will be filtered.

Buttons:

 Apply – Click “Apply” to save changes.  Reset- Click “Reset” to undo any changes made locally and revert back to

previously saved values.

3-5.4 Status

After you complete the IGMP snooping configuration, then you could let the switch display the IGMP snooping status. The section describes how to let the switch display the IGMP snooping detail status.

Web Interface

To display the IGMP Snooping status in the web interface:

1. Click Configuration, IGMP Snooping, Status.

2. If you want to auto-refresh the information then you need to evoke the

“Auto-refresh”.

3. Click “Refresh” to refresh the IGMP Snooping Status.

4. Click “Clear” to clear the IGMP Snooping Status.

Figure 3-5.4: The IGMP Snooping Status.

Parameter Description

VLAN ID: The VLAN ID of the entry.

Querier Version: Working querier version currently.

Host Version: Working host version currently.

Querier Status: Shows the querier status is "ACTIVE" or "IDLE".

Queries Transmitted: The number of transmitted queries.

Queries Received: The number of received queries.

V1 Reports Received: The number of Received V1 Reports.

V2 Reports Received: The number of Received V2 Reports.

V3 Reports Received: The number of Received V3 Reports.

V2 Leaves Received: The number of Received V2 Leaves.

Port: Switch port number.

Status: Indicate whether specific port is a router port or not.

Auto-refresh: To evoke the auto-refresh icon then the device will refresh the log

automatically.

Upper right icon (Refresh, clear): You can click them to refresh the status or clear them manually.

3-5.5 Group Information

After you set the IGMP snooping function, then you could let the switch to display the IGMP snooping group information. Entries in the IGMP group table are shown on this page. The IGMP group table is sorted first by VLAN ID and then by group. The will use the last entry of the currently displayed table as a basis for the next lookup. When the end is reached the text "No More Entries" is shown in the displayed table. Use the button to start over.

Web Interface

To display the IGMP Snooping Group Information in the web interface:

1. Click Configuration, IGMP Snooping, then Group Information.

2. If you want to auto-refresh the information then you need to evoke the

“Auto-refresh”.

3. Click “Refresh” to refresh the entry of the IGMP Snooping Groups

Information.

4. Click “<< or >>” to move to previous or next entry.

Figure 3-5.5: The IGMP Snooping Groups Information.

Parameter Description

Navigating the IGMP Group Table

The "Start from VLAN" and "Group" input fields allow the user to select the starting point in the IGMP Group Table. This will use the last entry of the currently displayed table as a basis for the next lookup. When the end is reached, the text "No More Entries" is shown in the displayed table.

IGMP Group Table Columns

VLAN ID: VLAN ID of the group.

Groups: Group address of the group displayed.

Port Members: Ports under this group.

Auto-refresh: To evoke the auto-refresh icon then the device will refresh the log

automatically.

Upper right icon (Refresh, <<, >>): You can click them to refresh the IGMP Group Status manually. Click “<<” or “>>” to move to the next or previous page.

3-5.6 IPv4 SSM Information

Source Specific Multicast (SSM) is a datagram delivery model that best supports oneto-many applications, also known as broadcast applications. SSM is a core network technology of IP multicast targeted for audio and video broadcast application environments.

For the SSM delivery mode, an IP multicast receiver host must use IGMP Version 3 (IGMPv3) to subscribe to channel (S, G). By subscribing to this channel, the receiver host indicates that it wants to receive IP multicast traffic sent by source host S to group G. The network will deliver IP multicast packets from source host S to group G to all hosts in the network that have subscribed to the channel (S, G).

SSM does not require group address allocation within the network, only within each source host. Different applications running on the same source host must use different SSM groups. Different applications running on different source hosts can arbitrarily reuse SSM group addresses without causing any excess traffic on the network.

Addresses in the range 232.0.0.0/8 (232.0.0.0 to 232.255.255.255) are reserved for SSM by IANA. In the switch, you can configure SSM for arbitrary IP multicast addresses also.

Web Interface

To display the IGMPv3 IPv4 SSM Information in the web interface:

1. Click Configuration, IGMP Snooping, then IPv4 SSM Information.

2. If you want to auto-refresh the information, then you need to evoke the

“Auto-refresh”.

3. Click “Refresh” to refresh an entry of the IGMPv3 IPv4 SSM Information.

4. Click “<< or >>” to move to previous or next entry.

Figure 3-6.6: The IGMPv3 IPv4 SSM Information.

Parameter Description

Navigating the IGMPv3 Information Table

Each page shows up to 99 entries from the IGMPv3 SSM (Source Specific Multicast) Information table. The default is 20, selected through the "Entries Per Page" input field. During the first visit, the web page will show the first 20 entries from the beginning of the IGMPv3 Information Table.

The "Start from VLAN" and "Group" input fields allow the user to select the starting point in the IGMPv3 Information Table. Clicking the button will update the displayed table starting from that or the closest next IGMPv3 information table match. In addition, the two input fields will assume the value of the first displayed entry, allowing for continuous refresh with the same start address upon a button click.

This will use the last entry of the currently displayed table as a basis for the next lookup. When the end is reached, the text "No More Entries" is shown in the displayed table. Use the buttons to start over.

IGMPv3 Information Table Columns

VLAN ID: VLAN ID of the group.

Group: Group address of the group displayed.

Port: Switch port number.

Mode: Indicates the filtering mode maintained per (VLAN ID, Port Number, Group

Address) basis. It can be either “Include” or “Exclude”.

Source Address: IP address of the source. Currently, the system limits the total number of IP source addresses for filtering to be 128.

Type: Indicates the type. It can be either “Allow” or “Deny”.

Auto-refresh: To evoke the auto-refresh icon then the device will refresh the log

automatically.

Upper right icon (Refresh, <<, >>): You can click them to refresh the IGMP group status manually. Click “<<” or “>>” to move to the next or previous page.

3-6 MLD Snooping

Curiously enough, a network node that acts as a source of IPv6 multicast traffic is only an indirect participant in MLD snooping. It just provides multicast traffic and MLD doesn’t interact with it. Note: In an application like desktop conferencing a network node may act as both a source and an MLD host. However, MLD interacts with that node only in its role as an MLD host.

A source node creates multicast traffic by sending packets to a multicast address. In IPv6, addresses with the first eight bits set (that is, “FF” as the first two characters of the address) are multicast addresses, and any node that listens to such an address will receive the traffic sent to that address. Application software running on the source and destination systems cooperates to determine what multicast address to use. Note: This is a function of the application software, not of MLD.

When MLD snooping is enabled on a VLAN, the switch acts to minimize unnecessary multicast traffic. If the switch receives multicast traffic destined for a given multicast address, it forwards that traffic only to ports on the VLAN that have MLD hosts for that address. It drops that traffic for ports on the VLAN that have no MLD hosts.

3-6.1 Basic Configuration

The section will let you understand how to configure the MLD Snooping basic configuration and the parameters.

Web Interface

To configure the MLD Snooping Configuration in the web interface:

1. Click Configuration, MLD Snooping, then Basic Configuration.

2. Evoke to enable or disable the global configuration parameters. Evoke the

port to join router port and fast leave.

3. Scroll to select the throttling mode with “Unlimited” or 1 to 10.

4. Click “Apply” to save the setting.

5. If you want to cancel the setting, click the reset button to revert back to

previously saved values.

100

Vigitron MaxiiNet VI3026 Operational Manual

Specifications and Main Features

Frequently Asked Questions

User Manual