Page 1 NS3500-28T-4S User Manual P/N 1072835 • REV 00.01 • ISS 14JUL14...
Page 2 © 2014 United Technologies Corporation Copyright Interlogix is part of UTC Building & Industrial Systems, Inc. a unit of United Technologies Corporation. All rights reserved. The NS3702-24P-4S name and logo are trademarks of United Technologies. Trademarks and patents Other trade names used in this document may be trademarks or registered trademarks of the manufacturers or vendors of the respective products.
Page 3: Table Of Contents
TABLE OF CONTENTS 1. INTRODUCTION ............................10 ............................10 ACKET ONTENTS ............................11 RODUCT DESCRIPTION ..........................12 OW TO SE HIS ANUAL ............................13 RODUCT EATURES ..........................16 RODUCT PECIFICATIONS 2. INSTALLATION ............................19 ...........................19 ARDWARE ...
Page 4 4.2.5.1 System Time..............................49 4.2.5.2 SNTP Server Settings ............................52 4.2.6 Log Management..........................54 4.2.6.1 Local Log ................................54 4.2.6.2 Local Log ................................55 4.2.6.3 Remote Syslog..............................56 4.2.6.4 Log Message..............................58 4.2.7 SNMP Management..........................61 4.2.7.1 SNMP Overview ............................... 61 4.2.7.2 SNMP System Information ..........................62 4.2.7.3 SNMP View ..............................63 4.2.7.4 SNMP Access Group ............................64 ...
Page 5 4.5.1 VLAN Overview ...........................109 4.5.2 IEEE 802.1Q VLAN ..........................110 4.5.3 Management VLAN..........................114 4.5.4 Create VLAN ............................115 4.5.5 Interface Settings ..........................116 4.5.6 Port to VLAN............................121 4.5.7 Port VLAN Membership........................122 4.5.8 Protocol VLAN Group Setting ......................123 4.5.9 Protocol VLAN Port Setting .........................125 4.5.10 GVRP Setting .............................126 4.5.11 GVRP Port Setting ..........................128 4.5.12 GVRP VLAN ............................130 4.5.13 GVRP Statistics ..........................130 4.5.14 VLAN setting example: ........................132 4.5.14.1 Two separate 802.1Q VLANs ........................
Page 6 4.7.4 MLD Snooping.............................181 4.7.4.1 MLD Setting..............................181 4.7.4.2 MLD Static Group ............................183 4.7.4.3 MLD Group Table ............................184 4.7.4.4 MLD Router Setting............................185 4.7.4.5 MLD Router Table............................186 4.7.4.6 MLD Forward All ............................187 4.7.5 MLD Snooping Statics .........................189 4.7.6 Multicast Throttling Setting ........................191 4.7.7 Multicast Filter............................192 4.7.7.1 Multicast Profile Setting..........................193 4.7.7.2 IGMP Filter Setting............................194 4.7.7.3 MLD Filter Setting ............................196 ...
Page 7 4.9.1.2 802.1X Setting ..............................225 4.9.1.3 802.1X Port Setting ............................226 4.9.1.4 Guest VLAN Setting ............................229 4.9.1.5 Authenticed Host ............................231 4.9.2 RADIUS Server .............................232 4.9.3 TACACS+ Server ...........................235 4.9.4 AAA ..............................238 4.9.4.1 Login List ................................ 239 4.9.4.2 Enable List ..............................240 4.9.5 Access..............................241 4.9.5.1 Telnet ................................241 4.9.5.2 SSH .................................
Page 8 4.9.9.2 Binding Table..............................278 4.9.10 Port Security............................279 4.9.11 DoS ..............................281 4.9.11.1 Global DoS Setting ............................281 4.9.11.2 DoS Port Setting ............................285 4.9.12 Storm Control ............................286 4.9.12.1 Global Setting............................... 286 4.9.12.2 Port Setting ..............................287 4.10 ACL................................290 4.10.1 MAC‐based ACL ..........................290 4.10.2 MAC‐based ACE..........................291 4.10.3 IPv4‐based ACL..........................294 4.10.4 IPv4‐based ACE..........................295 4.10.5 IPv6‐based ACL..........................301 ...
Page 9 4.14 RMON ..............................342 4.14.1 RMON Statistics ..........................342 4.14.2 RMON Event............................344 4.14.3 RMON Event Log ..........................347 4.14.4 RMON Alarm.............................348 4.14.5 RMON History ...........................351 4.14.6 RMON History Log..........................353 4.15 .............................353 AINTENANCE 4.15.1 Factory Default..........................353 4.15.2 Reboot Switch ...........................354 4.15.3 Backup Manager..........................355 4.15.4 Upgrade Manager..........................355 5. SWITCH OPERATION ..........................357 ..............................357 DDRESS ...
Page 10: Introduction
1. INTRODUCTION Thank you for purchasing NS3500-28P-4S -- 28-Port 10/100/1000Mbps with 4 Shared SFP Managed Gigabit Switch, NS3500-28T-4S. “Managed Switch” mentioned in this Guide refers to the NS3500-28T-4S 1.1 Packet Contents Open the box of the Managed Switch and carefully unpack it. The box should contain the following items: ...
Page 11: Product Description
1.2 Product description The NS3500-28T-4S is a 28-Port 10/100/1000Mbps with 4 Shared SFP Managed Gigabit Switch specially designed to build a full Gigabit backbone to transmit reliable and forward data to remote network through fiber optic. It provides 28-Port 10/100/1000Base-T copper with 4 Shared 100/1000Base-X SFP fiber optic interfaces with inner power system.
Page 12: How To Use This Manual
Form-factor Pluggable) fiber transceiver and then to backbone switch and monitoring center over a long distance. The distance can be extended from 550 meters to 2 kilometers (multi-mode fiber) and up to above 10/20/30/40/50/70/120 kilometers (single-mode fiber or WDM fiber). They are well suited for applications within the enterprise data centers and distributions.
Page 13: Product Features
1.4 Product Features Physical Ports ■ 28-Port 10/100/1000Base-T Gigabit RJ-45 copper ■ 4 100/1000Base-X mini-GBIC/SFP slots, shared with Port-25 to Port-28 ■ RJ-45 console interface for switch basic management and setup Layer 2 Features ■ Prevents packet loss with back pressure (half-duplex) and IEEE 802.3x pause frame flow control (full-duplex) ■...
Page 14 Quality of Service ■ Ingress / Egress Rate Limit per port bandwidth control ■ Storm Control support  Broadcast / Unknown-Unicast / Unknown-Multicast ■ Traffic classification: IEEE 802.1p CoS TOS / DSCP / IP Precedence of IPv4/IPv6 packets ■ Strict priority and Weighted Round Robin (WRR) CoS policies Multicast ■...
Page 15 ■ Link Layer Discovery Protocol (LLDP) Protocol and LLDP-MED ■ SNMP trap for interface Link Up and Link Down notification ■ Event message logging to remote Syslog server ■ Four RMON groups (history, statistics, alarms, and events) ■ INTERLOGIX Smart Discovery Utility...
Page 16: Product Specifications
1.5 Product Specifications Product NS3500-28T-4S Hardware Specifications 28 10/ 100/1000Base-T RJ-45 Auto-MDI/MDI-X ports Copper Ports 4 100/1000Base-X SFP interfaces, shared with Port-25 to Port-28. SFP/mini-GBIC Slots Supports 100/1000Mbps dual mode and DDM Store-and-Forward Switch Architecture 56Gbps / non-blocking Switch Fabric 41.67Mpps @64Bytes...
Page 17 Voice VLAN Protocol VLAN Private VLAN (Protected port) GVRP IEEE 802.3ad LACP and static trunk Link Aggregation Supports 8 groups of 8-port trunk STP / RSTP / MSTP Spanning Tree Protocol IGMP (v2/v3) Snooping IGMP Querier IGMP Snooping Up to 256 multicast groups MLD (v1/v2) Snooping, up to 256 multicast groups MLD Snooping IPv4/IPv6 IP-based ACL / MAC-based ACL...
Page 18 RFC 1493 Bridge MIB Standards Conformance FCC Part 15 Class A, CE Regulation Compliance IEEE 802.3 10Base-T IEEE 802.3u 100Base-TX/100Base-FX IEEE 802.3z Gigabit SX/LX IEEE 802.3ab Gigabit 1000T IEEE 802.3x Flow Control and Back pressure IEEE 802.3ad Port Trunk with LACP IEEE 802.1D Spanning Tree protocol IEEE 802.1w Rapid Spanning Tree protocol IEEE 802.1s Multiple Spanning Tree protocol...
Page 19: Installation
Figure 2-1-1 shows the front panel of the Managed Switch. Front Panel Figure 2-1-1 NS3500-28T-4S front panel ■ Gigabit TP Interface 10/100/1000Base-T Copper, RJ-45 Twist-Pair: Up to 100 meters. ■ 100/1000Base-X SFP Slots Each of the SFP (Small Form-factor Pluggable) slot supports Dual-speed, 1000Base-SX / LX or 100Base-FX For 1000Base-SX/LX SFP transceiver module: From 550 meters (Multi-mode fiber), up to 10/30/50/60/70 kilometers (Single-mode fiber).
Page 20: Led Indications
2.1.2 LED Indications The front panel LEDs indicates instant status of port links, data activity and system power; helps monitor and troubleshoot when needed. Figure 2-1-2 shows the LED indications of these Managed Switches. LED Indication Figure 2-1-2 NS3500-28T-4S LED panel...
Page 21: Switch Rear Panel
The rear panel of the Managed Switch indicates an AC inlet power socket, which accepts input power from 100 to 240V AC, 50-60Hz. Figure 2-1-3 shows the rear panel of these Managed Switches Rear Panel Figure 2-1-3 Rear panel of NS3500-28T-4S...
Page 22 ■ AC Power Receptacle For compatibility with electric service in most areas of the world, the Managed Switch’s power supply automatically adjusts to line power in the range of 100-240V AC and 50/60 Hz. Plug the female end of the power cord firmly into the receptacle on the rear panel of the Managed Switch. Plug the other end of the power cord into an electric service outlet and the power will be ready.
Page 23: Installing The Switch
2.2 Installing the Switch This section describes how to install your Managed Switch and make connections to the Managed Switch. Please read the following topics and perform the procedures in the order being presented. To install your Managed Switch on a desktop or shelf, simply complete the following steps.
Page 24: Rack Mounting
Connect one end of the power cable to the Managed Switch. Connect the power plug of the power cable to a standard wall outlet. When the Managed Switch receives power, the Power LED should remain solid Green. 2.2.2 Rack Mounting To install the Managed Switch in a 19-inch standard rack, please follow the instructions described below.
Page 25: Installing The Sfp Transceiver
Figure 2-1-7 shows. Figure 2-1-7 Plug in the SFP transceiver  Approved INTERLOGIX SFP Transceivers Managed Switch supports both Single mode and Multi-mode SFP transceiver. The following list of approved IFS SFP transceivers is correct at the time of publication:...
Page 26 Fast Ethernet Transceiver (100Base-X SFP) Gigabit Ethernet Transceiver (1000Base-X SFP) It is recommended to use INTERLOGIX SFP on the Managed Switch. If you insert an SFP transceiver that is not supported, the Managed Switch will not recognize it.
Page 27 In the installation steps below, this Manual uses Gigabit SFP transceiver as an example. However, the steps for Fast Ethernet SFP transceiver are similar. Before you connect Managed Switch to the other network device, you have to make sure both sides of the SFP transceivers are with the same media type, for example: 1000Base-SX to 1000Base-SX, 1000Bas-LX to 1000Base-LX.
Page 28 Figure 2-1-8 How to Pull Out the SFP Transceiver Never pull out the module without lifting up the lever of the module and turning it to a horizontal position. Directly pulling out the module could damage the module and the SFP module slot of the Managed Switch.
Page 29: Switch Management
3. SWITCH MANAGEMENT This chapter explains the methods that you can use to configure management access to the Managed Switch. It describes the types of management applications and the communication and management protocols that deliver data between your management device (workstation or personal computer) and the system. It also contains information about port connection options. This chapter covers the following topics: ...
Page 30: Management Access Overview
3.2 Management Access Overview The Managed Switch gives you the flexibility to access and manage it using any or all of the following methods:  An administration console  Web browser interface An external SNMP-based network management application  The administration console and Web browser interface support are embedded in the Managed Switch software and are available for immediate use.
Page 31: Administration Console
3.3 Administration Console The administration console is an internal, character-oriented, and command line user interface for performing system administration such as displaying statistics or changing option settings. Using this method, you can view the administration console from a terminal, personal computer, Apple Macintosh, or workstation connected to the Managed Switch's console port. Figure 3-1-1: Console Management Direct Access Direct access to the administration console is achieved by directly connecting a terminal or a PC equipped with a terminal-emulation...
Page 32: Web Management
 115200 bps  8 data bits  No parity  1 stop bit Figure 3-1-2: Terminal Parameter Settings You can change these settings, if desired, after you log on. This management method is often preferred because you can remain connected and monitor the system during system reboots.
Page 33: Snmp-Based Network Management
You can then use your Web browser to list and manage the Managed Switch configuration parameters from one central location, just as if you were directly connected to the Managed Switch's console port. Web Management requires Microsoft Internet Explorer 8.0 or later, Google Chrome, Safari or Mozilla Firefox 1.5 or later. Figure 3-1-4 Web Main Screen of Managed Switch 3.5 SNMP-based Network Management You can use an external SNMP-based application to configure and manage the Managed Switch, such as SNMPc Network Manager,...
Page 34: Web Configuration
4. WEB CONFIGURATION This section introduces the configuration and functions of the Web-based management. About Web-based Management The Managed Switch offers management features that allow users to manage the Managed Switch from anywhere on the network through a standard browser such as Microsoft Internet Explorer. The Web-based Management supports Internet Explorer 8.0.
Page 35 factory-default IP Address as following: http://192.168.0.100 When the following login screen appears, please enter the default username "admin" with password “admin” (or the username/password you have changed via console) to login the main screen of Managed Switch. The login screen in Figure 4-1-2 appears.
Page 36 interface. The Switch Menu on the left of the web page let you access all the commands and statistics the Managed Switch provides.  It is recommended to use Internet Explorer 8.0 or above to access Managed Switch.  The changed IP address takes effect immediately after clicking on the Save button. You need to use the new IP address to access the Web interface.
Page 37: Main Web Page
4.1 Main Web Page The Managed Switch provides a Web-based browser interface for configuring and managing it. This interface allows you to access the Managed Switch using the Web browser of your choice. This chapter describes how to use the Managed Switch’s Web browser interface to configure and manage it.
Page 38: Save Button
Main Menu Using the onboard web agent, you can define system parameters, manage and control the Managed Switch, and all its ports, or monitor network conditions. Via the Web-Management, the administrator can setup the Managed Switch by select the functions those listed in the Main Function.
Page 39: Configuration Manager
4-1-6 appears. Figure 4-1-6 Save Button screenshot The page includes the following fields: Object Description  Save Configuration to Click to save the configuration. For more detail information; please refer to the chapter 4.1.2 FLASH  Restore to Default Click to reset switch in default parameter. For more detail information; please refer to the chapter 4.15.1 4.1.2 Configuration Manager The system file folder contains configuration settings.
Page 40: Saving Configuration
up configuration file, which is called configuration save. To prevent illicit file upload and easier configuration, switch mandates the name of running configuration file to be running-config.  Startup Configuration Refers to the configuration sequence used in switch startup. Startup configuration file stores in nonvolatile storage, corresponding to the so-called configuration save.
Page 41 Press the “Apply” button to save running configuration to startup configuration.
Page 42: System
4.2 System Use the System menu items to display and configure basic administrative details of the Managed Switch. Under System the following topics are provided to configure and view the system information: This section has the following items: The switch system information is provided here. ■...
Page 43: Ip Configurations
 Display the current system contact System Contact  The MAC Address of this Managed Switch. MAC Address  The IP Address of this Managed Switch. IP Address  The subnet mask of this Managed Switch. Subnet Mask  Gateway The gateway of this Managed Switch.
Page 44 The page includes the following fields: Object Description  Indicates the IP address mode operation. Possible modes are: Mode Static: Enable NTP mode operation. When enable NTP mode operation, the agent forward and to transfer NTP messages between the clients and the server when they are not on the same subnet domain.
Page 45: Ipv6 Configuration
Object Description  DHCP State Display the current DHCP state.  IP Address Display the current IP address.  Subnet Mask Display the current subnet mask.  Gateway Display the current gateway.  DNS Server 1/2 Display the current DNS server. 4.2.3 IPv6 Configuration The IPv6 Configuration includes the Auto Configuration, IPv6 Address and Gateway.
Page 46 representing multiple 16-bit groups of contiguous zeros; but it can only appear once. It also used a following legally IPv4 address. For example, ': 192.1.2.34’. Provide the IPv6 Prefix of this switch. The allowed range is 1 through 128.  Provide the IPv6 gateway address of this switch.
Page 47  IPv6 In Use Router Display the current in-use gateway  IPv6 Static Address Display the current IPv6 static address  IPv6 Static Router Display the current IPv6 static gateway  DHCPv6 Client Display the current DHCPv6 client status.
Page 48: User Configuration
4.2.4 User Configuration This page provides an overview of the current users and privilege type. Currently the only way to login as another user on the web server is to close and reopen the browser. After setup completed, please press “Apply” button to take effect. Please login web interface with new user name and password, the screens in Figure 4-2-6 &...
Page 49: Time Settings
The page includes the following fields: Object Description  Username Display the current username.  Password Type Display the current password type.  Privilege Type Display the current privilege type.  Modify Click to modify the local user entry. : Delete the current user 4.2.5 Time Settings 4.2.5.1 System Time Configure SNTP on this page.
Page 50 The page includes the following fields: Object Description  Enable SNTP Enabled: Enable SNTP mode operation. When enable SNTP mode operation, the agent forward and to transfer SNTP messages between the clients and the server when they are not on the same subnet domain. Disabled: Disable SNTP mode operation.
Page 51  Day - Select the starting day.  Month - Select the starting month.  Hours - Select the starting hour.  Minutes - Select the starting minute.  Non-recurring To  Week - Select the starting week number.  Day - Select the starting day. ...
Page 52: Sntp Server Settings
 Daylight Saving Time Display the current daylight saving time offset state. Offset  From Display the current daylight saving time from.  To Display the current daylight saving time to. 4.2.5.2 SNTP Server Settings The SNTP Server Configuration screens in Figure 4-2-10 &...
Page 53 The page includes the following fields: Object Description  SNTP Server Address Display the current SNTP server address.  Server Port Display the current SNTP server port.
Page 54: Log Management
4.2.6 Log Management The Managed Switch log management is provided here. The local logs allow you to configure and limit system messages that are logged to flash or RAM memory. The default is for event levels 0 to 3 to be logged to flash and levels 0 to 6 to be logged to RAM.
Page 55: Local Log
: Click to apply changes. Figure 4-2-13 Logging Information Page Screenshot The page includes the following fields: Object Description  Logging Service Display the current logging service status. 4.2.6.2 Local Log The switch system local log information is provided here. The local Log screens in Figure 4-2-14 &...
Page 56: Remote Syslog
 Severity The severity of the local log entry. The following severity types are supported:  emerg: Emergency level of the system unusable for local log.  alert: Alert level of the immediate action needed for local log.  crit: Critical level of the critical conditions for local log. ...
Page 57 The Remote Syslog screens in Figure 4-2-16 & Figure 4-2-17 appear. Figure 4-2-16 Remote Log Target Page Screenshot The page includes the following fields: Object Description  Server Address Provide the remote syslog IP address of this switch.  Server Port Provide the port number of remote syslog server.
Page 58: Log Message
 notice: Notice level of the normal but significant conditions for local log.  info: Informational level of the informational messages for local log.  debug: Debug level of the debugging messages for local log.  Facility Local0~7: local user 0~7 Buttons : Click to apply changes.
Page 59 The page includes the following fields: Object Description  Target The target of the log view entry. The following target types are supported:  Buffered: Target the buffered of the log view.  File: Target the file of the log view. ...
Page 60 The page includes the following fields: Object Description  Target Display the current log target.  Severity Display the current log severity.  Category Display the current log category  Total Entries Display the current log entries Figure 4-2-20 Logging Messages Page Screenshot The page includes the following fields: Object Description...
Page 61: Snmp Management
4.2.7 SNMP Management 4.2.7.1 SNMP Overview The Simple Network Management Protocol (SNMP) is an application layer protocol that facilitates the exchange of management information between network devices. It is part of the Transmission Control Protocol/Internet Protocol (TCP/IP) protocol suite. SNMP enables network administrators to manage network performance, find and solve network problems, and plan for network growth.
Page 62: Snmp System Information
4.2.7.2 SNMP System Information Configure SNMP setting on this page. The SNMP System global setting screens in Figure 4-2-21 & Figure 4-2-22 appear. Figure 4-2-21 SNMP Global Setting Page Screenshot The page includes the following fields: Object Description  Status Indicates the SNMP mode operation.
Page 63: Snmp View
4.2.7.3 SNMP View Configure SNMPv3 view table on this page. The entry index keys are View Name and OID Subtree. The SNMPv3 View Table Setting screens in Figure 4-2-23 Figure 4-2-24 appear. Figure 4-2-23 SNMPv3 View Table Setting Page Screenshot The page includes the following fields: Object Description...
Page 64: Snmp Access Group
Figure 4-2-24 SNMP View Table Status Page Screenshot The page includes the following fields: Object Description  Display the current SNMP view name View Name  Display the current SNMP subtree OID Subtree OID  OID Mask Display the current SNMP OID mask ...
Page 65 Object Description  A string identifying the group name that this entry should belong to. Group Name The allowed string length is 1 to 16.  Indicates the security model that this entry should belong to. Security Model Possible security models are: ...
Page 66 The page includes the following fields: Object Description  Display the current SNMP access group name Group Name  Security Model Display the current security model  Security Level Display the current security level  Display the current read view name Read View Name ...
Page 67: Snmp Community
4.2.7.5 SNMP Community Configure SNMP Community on this page. The SNMP Community screens in Figure 4-2-27 & Figure 4-2-28 appear. Figure 4-2-27 Community Setting Page Screenshot The page includes the following fields: Object Description  Indicates the community read/write access string to permit access to SNMP Community Name agent.
Page 68: Snmp User
Figure 4-2-28 Community Status Page Screenshot The page includes the following fields: Object Description  Community Name Display the current community type.  Group Name Display the current SNMP access group’s name.  View Name Display the current view name. ...
Page 69 should belong to.  Indicates the security model that this entry should belong to. Possible security Privilege Mode models are:  NoAuth: None authentication and none privacy.  Auth: Authentication and none privacy.  Priv: Authentication and privacy. The value of security level cannot be modified if entry already exists. That means you must first ensure that the value is set correctly.
Page 70: Snmpv1, 2 Notification Recipients
Figure 4-2-30 SNMPv3 Users Status Page Screenshot The page includes the following fields: Object Description  Display the current user name. User Name  Group Display the current group.  Display the current privilege mode. Privilege Mode  Display the current authentication protocol. Authentication Protocol ...
Page 71 The page includes the following fields: Object Description  Indicates the SNMP trap destination address. It allows a valid IP address in Server Address dotted decimal notation ('x.y.z.w'). It can also represent a legally valid IPv4 address. For example, '::192.1.2.34'. ...
Page 72: Snmpv3 Notification Recipients
 UDP Port Display the current UDP port.  Time Out Display the current time out.  Retries Display the current retry times.  Action : Delete the SNMPv1, 2 host entry. 4.2.7.9 SNMPv3 Notification Recipients Configure SNMPv3 notification recipients on this page. The SNMPv1, 2 Notification Recipients screens in Figure 4-2-33 &...
Page 73: Snmp Engine Id
: Click to add a new SNMPv3 host entry. Figure 4-2-34 SNMPv3 Host Status Page Screenshot The page includes the following fields: Object Description  Display the current server address. Server Address  Notify Type Display the current notify type. ...
Page 74: Snmp Remote Engine Id
Object Description  An octet string identifying the engine ID that this entry should belong to. The Engine ID string must contain an even number between 10 and 64 hexadecimal digits, but all-zeros and all-'F's are not allowed. Buttons : Click to apply changes. Figure 4-2-36 SNMPv3 Engine ID Status Page Screenshot The page includes the following fields: Object...
Page 75 The page includes the following fields: Object Description  Remote IP Address Indicates the SNMP remote engine ID address. It allows a valid IP address in dotted decimal notation ('x.y.z.w').  An octet string identifying the engine ID that this entry should belong to. Engine ID Buttons : Click to apply changes.
Page 76: Port Management
4.3 Port Management Use the Port Menu to display or configure the Managed Switch's ports. This section has the following items:  Configures port configuration settings Port Configuration  Lists Ethernet and RMON port statistics Port Counters  Display current bandwidth utilization Bandwidth Utilization ...
Page 77  Select port number for this drop down list. Port Select  Enabled Indicates the port state operation. Possible state are: Enabled - Start up the port manually. Disabled – Shut down the port manually.  Speed Select any available link speed for the given switch port. Draw the menu bar to select the mode.
Page 78 Figure 4-3-2 Port Status Page Screenshot The page includes the following fields: Object Description  This is the logical port number for this row. Port  Description Click to indicate the port name.  Enable State Display the current port state. ...
Page 79: Port Counters
4.3.2 Port Counters This page provides an overview of traffic and trunk statistics for all switch ports. The Port Statistics screens in Figure 4-3-3, Figure 4-3-4, Figure 4-3-5 & Figure 4-3-6 appear. Figure 4-3-3 Port MIB Counters Page Screenshot The page includes the following fields: Object Description ...
Page 80 Figure 4-3-4 Interface Counters Page Screenshot Object Description  Received Octets The total number of octets received on the interface, including framing characters.  Received Unicast The number of subnetwork-unicast packets delivered to a higher-layer protocol. Packets  Received Unknown The number of packets received via the interface which was discarded because of an unknown or unsupported protocol.
Page 81 Figure 4-3-5 Ethernet link Counters Page Screenshot Object Description  Alignment Errors The number of alignment errors (miss synchronized data packets).  FCS Errors A count of frames received on a particular interface that are an integral number of octets in length but do not pass the FCS check. This count does not include frames received with frame-too-long or frame-too-short error.
Page 82  Symbol Errors The number of received and transmitted symbol errors.  Control In Unknown The number of received control unknown opcodes Opcodes  In Pause Frames The number of received pause frames  Out Pause Frames The number of transmitted pause frames Figure 4-3-6 RMON Counters Page Screenshot Object Description...
Page 83 address. Note that this does not include multicast packets.  Multicast Packets The total number of good frames received that were directed to this multicast address.  CRC / Alignment The number of CRC/alignment errors (FCS or alignment errors). Errors ...
Page 84: Bandwidth Utilization
4.3.3 Bandwidth Utilization The Bandwidth Utilization page displays the percentage of the total available bandwidth being used on the ports. Bandwidth utilization statistics can be viewed using a line graph. The Bandwidth Utilization screen in Figure 4-3-7 appears. To view the port utilization, click on the Port Management folder and then the Bandwidth Utilization link: Figure 4-3-7 Port Bandwidth Utilization Page Screenshot The page includes the following fields: Object...
Page 85: Port Mirroring
4.3.4 Port Mirroring Configure port Mirroring on this page. This function provide to monitoring network traffic that forwards a copy of each incoming or outgoing packet from one port of a network Switch to another port where the packet can be studied. It enables the manager to keep close track of switch performance and alter it if necessary.
Page 86 Figure 4-3-9 Port Mirroring Settings Page Screenshot The page includes the following fields: Object Description  Session ID Set the port mirror session ID. Possible ID are: 1 to 4.  Monitor Session Enable or disable the port mirroring function. State ...
Page 87: Jumbo Frame
Figure 4-3-10 Mirroring Status Page Screenshot The page includes the following fields: Object Description  Session ID Display the session ID.  Destination Port This is the mirroring port entry.  Ingress State Display the ingress state.  Source TX Port Display the current TX ports.
Page 88: Port Error Disabled Configuration
Buttons : Click to apply changes. Figure 4-3-12 Jumbo Frame Information Page Screenshot The page includes the following fields: Object Description  Jumbo Display the current maximum frame size. 4.3.7 Port Error Disabled Configuration This page provides to set port error disable function. The Port Error Disable Configuration screens in Figure 4-3-13 &...
Page 89 The page includes the following fields: Object Description  Recovery Interval The period (in seconds) for which a port will be kept disabled in the event of a port error is detected (and the port action shuts down the port). ...
Page 90: Port Error Disabled
Figure 4-3-14 Error Disabled Information Page Screenshot The page includes the following fields: Object Description  Recovery Interval Display the current recovery interval time.  BPDU Guard Display the current BPDU guard status.  Self Loop Display the current self loop status. ...
Page 91: Protected Ports
appears. Figure 4-3-15 Port Error Disable Page Screenshot The displayed counters are: Object Description  Display the port for error disable. Port Name  Display the error disabled reason of the port. Error Disable Reason  Time Left (Seconds) Display the time left. 4.3.9 Protected Ports Overview When a switch port is configured to be a member of protected group (also called Private VLAN), communication...
Page 92 For protected port group to be applied, the Managed switch must first be configured for standard VLAN operation. Ports in a protected port group fall into one of these two groups:  Promiscuous (Unprotected) ports — Ports from which traffic can be forwarded to all ports in the private VLAN —...
Page 93 The port settings relate to the currently unit, as reflected by the page header. The Port Isolation Configuration screens Figure 4-3-16 & Figure 4-3-17 appear. Figure 4-3-16 Protected Ports Settings Page Screenshot The page includes the following fields: Object Description ...
Page 94: Eee
The page includes the following fields: Object Description  Protected Ports Display the current protected ports.  Unprotected Ports Display the current unprotected ports. 4.3.10 EEE What is EEE? EEE is a power saving option that reduces the power usage when there is low or no traffic utilization. EEE works by powering down circuits when there is no traffic.
Page 95 The page includes the following fields: Object Description  Port Select port number for this drop down list.  Enable Enable or disable the EEE function. Buttons : Click to apply changes. Figure 4-3-19 Port Isolation Status Page Screenshot The page includes the following fields: Object Description ...
Page 96: Link Aggregation
4.4 Link Aggregation Port Aggregation optimizes port usage by linking a group of ports together to form a single Link Aggregated Groups (LAGs). Port Aggregation multiplies the bandwidth between the devices, increases port flexibility, and provides link redundancy. Each LAG is composed of ports of the same speed, set to full-duplex operations. Ports in a LAG, can be of different media types (UTP/Fiber, or different fiber types), provided they operate at the same speed.
Page 97 Figure 4-4-1 Link Aggregation The Link Aggregation Control Protocol (LACP) provides a standardized means for exchanging information between Partner Systems that require high speed redundant links. Link aggregation lets you group up to eight consecutive ports into a single dedicated connection. This feature can expand bandwidth to a device on the network. LACP operation requires full-duplex mode, more detail information refer to the IEEE 802.3ad standard.
Page 98  None of the ports in a link aggregation can be configured as a mirror source port or a mirror target port.  All of the ports in a link aggregation have to be treated as a whole when moved from/to, added or deleted from a VLAN.
Page 99: Lag Setting
4.4.1 LAG Setting This page allows configuring load balance algorithm configuration settings. The LAG Setting screens in Figure 4-4-2 & Figure 4-4-3 appear. Figure 4-4-2 LAG Setting Page Screenshot The page includes the following fields: Object Description  Select load balance algorithm mode: Load Balance ...
Page 100: Lag Management
4.4.2 LAG Management This page is used to configure the LAG management. The LAG Management screens in Figure 4-4-4 & Figure 4-4-5 appear. Figure 4-4-4 LAG Management Page Screenshot The page includes the following fields: Object Description  Select LAG number for this drop down list. ...
Page 101 Figure 4-4-5 LAG Management Information Page Screenshot The page includes the following fields: Object Description  The LAG for the settings contained in the same row.  Name Display the current name  Type Display the current type  Link State Display the link state ...
Page 102: Lag Port Setting
4.4.3 LAG Port Setting This page allows setting configuration for per LAG. The LAG Port setting screens in Figure 4-4-6 & Figure 4-4-7 appear. Figure 4-4-6 LAG Port Setting Information Page Screenshot The page includes the following fields: Object Description ...
Page 103 Current Rx column indicates whether pause frames on the port are obeyed. Current Tx column indicates whether pause frames on the port are transmitted. The Rx and Tx settings are determined by the result of the last Auto-Negotiation. Check the configured column to use flow control. This setting is related to the setting for Configured Link Speed.
Page 104: Lacp Setting
4.4.4 LACP Setting This page is used to configure the LACP system priority setting. The LACP Setting screens in Figure 4-4-8 & Figure 4-4-9 appear. Figure 4-4-8 LACP Setting Page Screenshot The page includes the following fields: Object Description  A value which is used to identify the active LACP.
Page 105: Lacp Port Setting
4.4.5 LACP Port Setting This page is used to configure the LACP port setting. The LACP Port Setting screen in Figure 4-4-10 & Figure 4-4-11 appears. Figure 4-4-10 LACP Port Setting Page Screenshot The page includes the following fields: Object Description ...
Page 106: Lag Status
Figure 4-4-11 LACP Port Information Page Screenshot The page includes the following fields: Object Description  Port Name The switch port number of the logical port.  Display the current LACP priority parameter. Priority  Display the current timeout parameter. Timeout 4.4.6 LAG Status This page displays LAG status.
Page 107 The page includes the following fields: Object Description  LAG Display the current trunk entry.  Name Display the current LAG name.  Type Display the current trunk type.  Link State Display the current link state.  Display the current active member. Active Member ...
Page 108  “DSTRBT” means distributing state  Receive LACP receive state machine status of the port.  “INIT” means the port is in initialize state  “PORTds” means port disabled state  “EXPR” means expired state  “LACPds” means LACP disabled state ...
Page 109: Vlan
4.5 VLAN 4.5.1 VLAN Overview A Virtual Local Area Network (VLAN) is a network topology configured according to a logical scheme rather than the physical layout. VLAN can be used to combine any collection of LAN segments into an autonomous user group that appears as a single LAN.
Page 110: Ieee 802.1Q Vlan
No matter what basis is used to uniquely identify end nodes and assign these nodes VLAN membership, packets cannot cross VLAN without a network device performing a routing function between the VLAN. The Managed Switch supports IEEE 802.1Q VLAN. The port untagging function can be used to remove the 802.1 tag from packet headers to maintain compatibility with devices that are tag-unaware.
Page 111: Q Vlan Tags
VLANs help to simplify network management by allowing you to move devices to a new VLAN without having to change any physical connections. VLANs can be easily organized to reflect departmental groups (such as Marketing or R&D), usage groups (such as e-mail), or multicast groups (used for multimedia applications such as videoconferencing).
Page 112 0x8100, the packet carries the IEEE 802.1Q/802.1p tag. The tag is contained in the following two octets and consists of 3 bits of user priority, 1 bit of Canonical Format Identifier (CFI - used for encapsulating Token Ring packets so they can be carried across Ethernet backbones), and 12 bits of VLAN ID (VID).
Page 113: Default Vlans
Every physical port on a switch has a PVID. 802.1Q ports are also assigned a PVID, for use within the switch. If no VLAN are defined on the switch, all ports are then assigned to a default VLAN with a PVID equal to 1. Untagged packets are assigned the PVID of the port on which they were received.
Page 114: Management Vlan
VLAN-tagged frames can pass through VLAN-aware or VLAN-unaware network interconnection devices, but the VLAN tags should be stripped off before passing it on to any end-node host that does not support VLAN tagging. ■ VLAN Classification When the switch receives a frame, it classifies the frame in one of two ways. If the frame is untagged, the switch assigns the frame to an associated VLAN (based on the default VLAN ID of the receiving port).
Page 115: Create Vlan
Buttons : Click to apply changes. Figure 4-5-2 Management VLAN State Page Screenshot The page includes the following fields: Object Description  Management VLAN Display the current management VLAN. 4.5.4 Create VLAN Create/delete VLAN on this page. The screens in Figure 4-5-3 &...
Page 116: Interface Settings
The page includes the following fields: Object Description  Indicates the ID of this particular VLAN. VLAN List  VLAN Action This column allowed users to add or delete VLAN s.  VLAN Name Prefix Indicates the name of this particular VLAN. Buttons : Click to apply changes.
Page 117 ■ IEEE 802.1Q Tagged and Untagged Every port on an 802.1Q compliant switch can be configured as tagged or untagged.  Tagged: Ports with tagging enabled will put the VID number, priority and other VLAN information into the header of all packets that flow into those ports. If a packet has previously been tagged, the port will not alter the packet, thus keeping the VLAN information intact.
Page 118 The Managed Switch supports multiple VLAN tags and can therefore be used in MAN applications as a provider bridge, aggregating traffic from numerous independent customer LANs into the MAN (Metro Access Network) space. One of the purposes of the provider bridge is to recognize and use VLAN tags so that the VLANs in the MAN space can be used independent of the customers’...
Page 119 Object Description  Select port number for this drop down list to set VLAN port setting. Port Select  Interface VLAN Mode Set the port in access, trunk, hybrid, tunnel mode.  Trunk means the port allows traffic of multiple VLAN. ...
Page 120 Figure 4-5-6 Edit Interface Setting Page Screenshot The page includes the following fields: Object Description  The switch port number of the logical port. Port  Interface VLAN Mode Display the current interface VLAN mode.  PVID Display the current PVID. ...
Page 121: Port To Vlan
4.5.6 Port to VLAN Use the VLAN Static Table to configure port members for the selected VLAN index. This Page allows for adding and deleting port members of each VLAN. The screen in Figure 4-5-7 appears. Figure 4-5-7 Port to VLAN Setting Page Screenshot The page includes the following fields: Object Description...
Page 122: Port Vlan Membership
the port will be untagged, that is, not carry a tag and therefore not carry VLAN or CoS information. Note that an interface must be assigned to at least one group as an untagged port.  PVID Display the current PVID Buttons : Click to apply changes.
Page 123: Protocol Vlan Group Setting
4.5.8 Protocol VLAN Group Setting The network devices required to support multiple protocols cannot be easily grouped into a common VLAN. This may require non-standard devices to pass traffic between different VLANs in order to encompass all the devices participating in a specific protocol. This kind of configuration deprives users of the basic benefits of VLANs, including security and easy accessibility.
Page 124 The page includes the following fields: Object Description  Protocol Group ID assigned to the Special Protocol VLAN Group. Group ID  Frame Type Frame Type can have one of the following values:  Ethernet II  IEEE802.3_LLC_Other  RFC_1042 On changing the Frame type field, valid value of the following text field Note: will vary depending on the new frame type you selected.
Page 125: Protocol Vlan Port Setting
4.5.9 Protocol VLAN Port Setting This Page allows you to map a already configured Group Name to a VLAN/port for the switch. The Protocol VLAN Port Setting/State screens in Figure 4-5-11 & Figure 4-5-12 appear. Figure 4-5-11 Protocol VLAN Port Setting Page Screenshot The page includes the following fields: Object Description...
Page 126: Gvrp Setting
 VLAN ID Display the current VLAN ID  Delete Click to delete the group ID entry. 4.5.10 GVRP Setting GARP VLAN Registration Protocol (GVRP) defines a way for switches to exchange VLAN information in order to register VLAN members on ports across the network. VLANs are dynamically configured based on join messages issued by host devices and propagated throughout the network.
Page 127 Figure 4-5-13 GVRP Global Setting Page Screenshot The page includes the following fields: Object Description  Controls whether GVRP is enabled or disabled on this switch. GVRP  Join Timeout The interval between transmitting requests/queries to participate in a VLAN group.
Page 128: Gvrp Port Setting
Buttons : Click to apply changes. Figure 4-5-14 GVRP Global Setting Page Screenshot The page includes the following fields: Object Description  Display the current GVRP status. GVRP Status  Join Timeout Display the current join timeout parameter.  Leave Timeout Display the current leave timeout parameter.
Page 129 The page includes the following fields: Object Description  Select port for this drop down list to assign protocol VLAN port. Port Select  GVRP Enabled Controls whether GVRP is enabled or disabled on port.  Registration Mode By default GVRP ports are in normal registration mode. These ports use GVRP join messages from neighboring switches to prune the VLANs running across the 802.1Q trunk link.
Page 130: Gvrp Vlan
Object Description  The switch port number of the logical port. Port  Enable Status Display the current GVRP port staste.  Registration Mode Display the current registration mode.  VLAN Creation Status Display the current VLAN creation status. 4.5.12 GVRP VLAN The GVRP VLAN Database screen in Figure 4-5-17 appears.
Page 131 Figure 4-5-18 GVRP Port Statistics Page Screenshot The page includes the following fields: Object Description  The switch port number of the logical port. Port  Join Empty (Rx/Tx) Display the current join empty (TX/RX) packets.  Empty (Rx/Tx) Display the current empty (TX/RX) packets. ...
Page 132: Vlan Setting Example
Figure 4-5-19 GVRP Port Error Statistics Page Screenshot The page includes the following fields: Object Description  The switch port number of the logical port. Port  Invaild Protocol ID Display the current invalid protocol ID.  Invalid Attribute Type Display the current invalid attribute type.
Page 133 Figure 4-5-20 Two Separate VLAN Diagrams VLAN Group Untagged Members Tagged Members VLAN Group 1 Port-7~Port-8 VLAN Group 2 Port-1,Port-2 Port-3 VLAN Group 3 Port-4,Port-5 Port-6 Table 4-5-2 VLAN and Port Configuration The scenario described as follows:  Untagged packet entering VLAN 2 While [PC-1] transmit an untagged packet enters Port-1, the Managed Switch will tag it with a VLAN Tag=2.
Page 134  Tagged packet entering VLAN 2 While [PC-3] transmit a tagged packet with VLAN Tag=2 enters Port-3, [PC-1] and [PC-2] will received the packet through Port-1 and Port-2. While the packet leaves Port-1 and Port-2, it will be stripped away it tag becoming an untagged packet. ...
Page 135 Assign Tagged/Untagged for each port: VLAN ID = 2: Port-1 & 2 = Untagged, Port-3 = Tagged, Port -4~6 = Excluded. VLAN ID = 3: Port-4 & 5 = Untagged, Port -6 = Tagged, Port-1~3 = Excluded.
Page 136: Vlan Trunking Between Two 802.1Q Aware Switch
4.5.14.2 VLAN Trunking between two 802.1Q aware switch The most cases are used for “Uplink” to other switches. VLANs are separated at different switches, but they need to access with other switches within the same VLAN group. The screen in Figure 4-5-21 appears.
Page 137 Create VLAN Group 2 and 3 Add VLAN group 2 and group 3 Assign VLAN mode and PVID for each port: Port-1,Port-2 and Port-3 : VLAN Mode = Hybrid, PVID=2 Port-4,Port-5 and Port-6 : VLAN Mode = Hybrid, PVID=3 Port-7 : VLAN Mode = Hybrid, PVID=1 Assign Tagged/Untagged for each port: VLAN ID = 1: Port-1~6 = Untagged,...
Page 138 Port -7 = Excluded. VLAN ID = 2: Port-1 & 2 = Untagged, Port-3 & 7 = Tagged, Port -4~6 = Excluded. VLAN ID = 3: Port-4 & 5 = Untagged, Port -6 & 7= Tagged, Port-1~3 = Excluded.
Page 139: Spanning Tree Protocol
4.6 Spanning Tree Protocol 4.6.1 Theory The Spanning Tree Protocol can be used to detect and disable network loops, and to provide backup links between switches, bridges or routers. This allows the switch to interact with other bridging devices in your network to ensure that only one route exists between any two stations on the network, and provide backup links which automatically take over when a primary link goes down.
Page 140  The path cost to the root associated with each switch port  The port identifier STP communicates between switches on the network using Bridge Protocol Data Units (BPDUs). Each BPDU contains the following information:  The unique identifier of the switch that the transmitting switch currently believes is the root switch ...
Page 141 after a topology change. Each port on a switch using STP exists is in one of the following five states:  Blocking – the port is blocked from forwarding or receiving packets  Listening – the port is waiting to receive BPDU packets that may tell the port to go back to the blocking state ...
Page 142 You can modify each port state by using management software. When you enable STP, every port on every switch in the network goes through the blocking state and then transitions through the states of listening and learning at power up. If properly configured, each port stabilizes to the forwarding or blocking state. No packets (except BPDUs) are forwarded from, or received by, STP enabled ports until the forwarding state is enabled for that port.
Page 143 blocking state. The following are the user-configurable STP parameters for the port or port group level: Variable Description Default Value A relative priority for each Port Priority port –lower numbers give a higher priority and a greater chance of a given port being elected as the root port A value used by STP to evaluate paths –...
Page 144 become the Root Bridge. If it turns out that your Switch has the lowest Bridge Identifier, it will become the Root Bridge. Forward Delay Timer – The Forward Delay can be from 4 to 30 seconds. This is the time any port on the Switch spends in the listening state while moving from the blocking state to the forwarding state.
Page 145 Figure 4-6-2 Before Applying the STA Rules In this example, only the default STP values are used.
Page 146 Figure 4-6-3 After Applying the STA Rules The switch with the lowest Bridge ID (switch C) was elected the root bridge, and the ports were selected to give a high port cost between switches B and C. The two (optional) Gigabit ports (default port cost = 20,000) on switch A are connected to one (optional) Gigabit port on both switch B and C.
Page 147: Stp Global Settings
4.6.2 STP Global Settings This page allows you to configure STP system settings. The settings are used by all STP Bridge instances in the Switch. The Managed Switch support the following Spanning Tree protocols: ‧ Compatiable -- Spanning Tree Protocol (STP):Provides a single path between end stations, avoiding and eliminating loops.
Page 148  Force Version The STP protocol version setting. Valid values are STP-Compatible, RSTP-Operation and MSTP-Operation.  Configuration Name Identifier used to identify the configuration currently being used.  Configuration Identifier used to identify the configuration currently being used. The values allowed are between 0 and 65535.
Page 149: Stp Port Setting
4.6.3 STP Port Setting This page allows you to configure per port STP settings. The STP Port Setting screens in Figure 4-6-6 & Figure 4-6-7 appear. Figure 4-6-6 STP Port Configuration Page Screenshot The page includes the following fields: Object Description ...
Page 150 (This applies to physical ports only. Aggregations are always forced Point2Point).  Migrate If at any time the switch detects STP BPDUs, including Configuration or Topology Change Notification BPDUs, it will automatically set the selected interface to forced STP-compatible mode. However, you can also use the Protocol Migration button to manually re-check the appropriate BPDU format (RSTP or STP-compatible) to send on the selected interfaces.
Page 151 Port Type Link Type IEEE 802.1w-2001 Half Duplex 2,000,000 Ethernet Full Duplex 1,000,000 Trunk 500,000 Half Duplex 200,000 Fast Ethernet Full Duplex 100,000 Trunk 50,000 Full Duplex 10,000 Gigabit Ethernet Trunk 5,000 Table 4-6-3 Default STP Path Costs Figure 4-6-7 STP Port Status Page Screenshot The page includes the following fields: Object Description...
Page 152: Cist Instance Setting
4.6.4 CIST Instance Setting This Page allows you to configure CIST instance settings. The CIST Instance Setting and Information screens in Figure 4-6-8 & Figure 4-6-9 appear. Figure 4-6-8: CIST Instance Setting Page Screenshot The Page includes the following fields: Object Description ...
Page 153  The maximum age of the information transmitted by the Bridge when it is the Max Age Root Bridge. Valid values are in the range 6 to 40 seconds. -Default: -Minimum: The higher of 6 or [2 x (Hello Time + 1)]. -Maximum: The lower of 40 or [2 x (Forward Delay -1)] ...
Page 154  Display the current Max. age. Max Age  Display the current Tx hold count. Tx Hold Count  Hello Time Display the current hello time.
Page 155: Cist Port Setting
4.6.5 CIST Port Setting This page allows you to configure per port CIST priority and cost. The CIST Port Setting and Status screens in Figure 4-6-10 & Figure 4-6-11 appear. Figure 4-6-10 CIST Port Setting Page Screenshot The page includes the following fields: Object Description ...
Page 156 Figure 4-6-11 CIST Port Status Page Screenshot The page includes the following fields: Object Description  The switch port number of the logical STP port. Port  Indentifier (Priority / Display the current indentifier (Priority / Port ID). Port ID) ...
Page 157: Mst Instance Configuration
 Edge Port Conf/Oper Display the current edge port conf/oper  P2P MAC Conf/Oper Display the current P2P MAC conf/oper  Port Role Display the current prot role  Port State Display the current port state 4.6.6 MST Instance Configuration This page allows the user to configure MST Instance Configuration.
Page 158 Figure 4-6-13 MSTI Instance Setting Information Page Screenshot The page includes the following fields: Object Description  MSTI Display the current MSTI entry.  Status Display the current MSTI status  VLAN List Display the current VLAN list.  VLAN Count Display the current VLAN count.
Page 159  Regional Root Bridge Display the current designated root bridge.  Internal Root Cost Display the current internal root cost.  Designated Bridge Display the current designated bridge.  Root Port Display the current root port.  Max Age Display the current max. age. ...
Page 160: Mst Port Setting
4.6.7 MST Port Setting This page allows the user to inspect the current STP MSTI port configurations, and possibly change them as well. A MSTI port is a virtual port, which is instantiated separately for each active CIST (physical) port for each MSTI instance configured and applicable for the port.
Page 161 : Click to apply changes. Figure 4-6-16 MST Port Status Page Screenshot The page includes the following fields: Object Description  MSTI ID Display the current MSTI ID.  Port The switch port number of the logical STP port.  Indentifier (Priority / Display the current indentifier (priority / port ID) Port ID) ...
Page 162: Stp Statistics
4.6.8 STP Statistics This page displays STP statistics. The STP statistics screen in Figure 4-6-17 appears. Figure 4-6-17 STP Statistics Page Screenshot The page includes the following fields: Object Description  Port The switch port number of the logical STP port. ...
Page 163: Multicast
4.7 Multicast This section has the following items:  Configures multicast properties. Properties  Configures IGMP snooping settings. IGMP Snooping  Display the IGMP snooping statistics. IGMP Snooping Statistics  Configures MLD snooping settings MLD Snooping  Display the MLD snooping statistics. MLD Snooping Statistics ...
Page 164: Igmp Snooping
: Click to apply changes. Figure 4-7-2 Properties Information Page Screenshot The page includes the following fields: Object Description  Display the current unknown multicast action status. Unknow Multicast Action  Forward Method For IPv4 Display the current IPv4 multicast forward method. ...
Page 165 network or not. The router can check, using IGMP, to see if there is at least one member of a multicast group on a given subnet work. If there are no members on a sub network, packets will not be forwarded to that sub network. Figure 4-7-3 Multicast Service...
Page 166 Figure 4-7-4 Multicast Flooding...
Page 167 Figure 4-7-5 IGMP Snooping Multicast Stream Control IGMP Versions 1 and 2 Multicast groups allow members to join or leave at any time. IGMP provides the method for members and multicast routers to communicate when joining or leaving a multicast group. IGMP version 1 is defined in RFC 1112.
Page 168 The IGMP Type codes are shown below: Type Meaning Membership Query (if Group Address is 0.0.0.0) 0x11 Specific Group Membership Query (if Group Address is 0x11 Present) 0x16 Membership Report (version 2) 0x17 Leave a Group (version 2) 0x12 Membership Report (version 1) IGMP packets enable multicast routers to keep track of the membership of multicast groups, on their respective sub networks.
Page 169: Igmp Setting
Figure 4-7-6 IGMP State Transitions  IGMP Querier – A router, or multicast-enabled switch, can periodically ask their hosts if they want to receive multicast traffic. If there is more than one router/switch on the LAN performing IP multicasting, one of these devices is elected “querier”...
Page 170 Figure 4-7-7 IGMP Snooping Page Screenshot The page includes the following fields: Object Description  IGMP Snooping Status Enable or disable the IGMP snooping. The default value is "Disabled".  IGMP Snooping Version Sets the IGMP Snooping operation version. Possible versions are: ...
Page 171 Object Description  IGMP Snooping Status Dipaly the current IGMP snooping status.  IGMP Snooping Version Display the current IGMP snooping version.  Display the current IGMP snooping v2 report suppression. IGMP Snooping V2 Report Suppression Figure 4-7-9 IGMP Snooping Information Page Screenshot The page includes the following fields: Object Description...
Page 172: Igmp Querier Setting
4.7.2.2 IGMP Querier Setting This page provides IGMP Querier Setting. The IGMP Querier Setting screens in Figure 4-7-10 & Figure 4-7-11 appear. Figure 4-7-10 IGMP VLAN Setting Page Screenshot The page includes the following fields: Object Description  Select VLAN ID for this drop down list. VLAN ID ...
Page 173: Igmp Static Group
The page includes the following fields: Object Description  Display the current VLAN ID. VLAN ID  Querier State Display the current querier state.  Querier Status Display the current querier stauts.  Querier Version Display the current querier version. ...
Page 174 The page includes the following fields: Object Description  VLAN ID Select VLAN ID for this drop down list.  Group IP Address The IP address for a specific multicast service  Member Ports Select port number for this drop down list. Buttons : Click to add IGMP router port entry.
Page 175: Igmp Group Table
4.7.2.4 IGMP Group Table This page provides Multicast Database. The IGMP Group Table screen in Figure 4-7-14 appears. Figure 4-7-14 IGMP Group Table Page Screenshot The page includes the following fields: Object Description  VLAN ID Display the current VID. ...
Page 176 Figure 4-7-15 Add Router Port Page Screenshot The page includes the following fields: Object Description  Selects the VLAN to propagate all multicast traffic coming from the attached VLAN ID multicast router.  Type Sets the Router port type. The types of Router port as below: ...
Page 177: Igmp Router Table
 Forbidden Ports Display the current forbidden ports  Modify Click to edit parameter. Click to delete the group ID entry. 4.7.2.6 IGMP Router Table This page provides Router Table. The Dynamic, Static and Forbidden Router Table screens in Figure 4-7-17, Figure 4-7-18...
Page 178: Igmp Forward All
 Port Mask Display the current port mask. Figure 4-7-19 Forbidden Router Table Page Screenshot The page includes the following fields: Object Description  Display the current VLAN ID. VLAN ID  Port Mask Display the current port mask. 4.7.2.7 IGMP Forward All This page provides IGMP Forward All.
Page 179: Igmp Snooping Statics
 Select VLAN ID for this drop down list to assign IGMP membership. VLAN ID  Port The switch port number of the logical port.  Membership Select IGMP membership for each interface: Interface is forbidden from automatically joining the IGMP via Forbidden: MVR.
Page 180 The page includes the following fields: Object Description  Total RX Display current total RX  Valid RX Display current valid RX  Invalid RX Display current invalid RX  Other RX Display current other RX  Leave RX Display current leave RX ...
Page 181: Mld Snooping
4.7.4 MLD Snooping 4.7.4.1 MLD Setting This page provides MLD Snooping related configuration. Most of the settings are global, whereas the Router Port configuration is related to the current unit, as reflected by the page header. The MLD Snooping Setting, Information and Table screens in Figure 4-7-21, Figure 4-7-22...
Page 182 Figure 4-7-22 MLD Snooping information Page Screenshot The page includes the following fields: Object Description  MLD Snooping Status Display the current MLD snooping status  MLD Snooping Version Display the current MLD snooping version  Display the current MLD snooping report suppression MLD Snooping Report Suppression Figure 4-7-23 MLD Snooping Table Page Screenshot...
Page 183: Mld Static Group
 Query Interval (sec.) Display the current query interval.  Query Max Response Display the current query max response interval. Interval (sec.)  Last Member Query Display the current last member query count. conut  Last Member Query Display the current last member query interval. Interval (sec) ...
Page 184: Mld Group Table
Figure 4-7-25 MLD Static Groups Page Screenshot The page includes the following fields: Object Description  VLAN ID Display the current VLAN ID  Group IPv6 Address Display the current group IPv6 address  Member Ports Display the current member ports ...
Page 185: Mld Router Setting
 Type Member types displayed include Static or Dynamic, depending on selected options.  Life(Sec) Display the current life. 4.7.4.4 MLD Router Setting Depending on your network connections, MLD snooping may not always be able to locate the MLD querier. Therefore, if the MLD querier is a known multicast router/ switch connected over the network to an interface (port or trunk) on your Managed Switch, you can manually configure the interface (and a specified VLAN) to join all the current multicast groups supported by the attached router.
Page 186: Mld Router Table
: Click to add MLD router port entry. Figure 4-7-28 Router Port Status Page Screenshot The page includes the following fields: Object Description  Display the current VLAN ID. VLAN ID  Static Ports Display the current static ports  Forbidden Ports Display the current forbidden ports ...
Page 187: Mld Forward All
 Port Display the current dynamic router ports  Expiry Time (Sec) Display the current expiry time Figure 4-7-30 Static Router Table Page Screenshot The page includes the following fields: Object Description  Display the current VLAN ID. VLAN ID ...
Page 188 Figure 4-7-32 Forward All Setting Page Screenshot The page includes the following fields: Object Description  Select VLAN ID for this drop down list to assign MLD membership. VLAN ID  Port The switch port number of the logical port. ...
Page 189: Mld Snooping Statics
4.7.5 MLD Snooping Statics This page provides MLD Snooping Statics. The MLD Snooping Statics screen in Figure 4-7-33 appears. Figure 4-7-33 Forward All Setting Page Screenshot The page includes the following fields: Object Description  Total RX Display current total RX ...
Page 190  Special Group Query Display current special group query RX  Special Group & Display current special group & source query RX Source Query RX  Leave TX Display current leave TX  Report TX Display current report TX  General Query TX Display current general query TX ...
Page 191: Multicast Throttling Setting
4.7.6 Multicast Throttling Setting Multicast throttling sets a maximum number of multicast groups that a port can join at the same time. When the maximum number of groups is reached on a port, the switch can take one of two actions; either “deny” or “replace”. If the action is set to deny, any new multicast join reports will be dropped.
Page 192: Multicast Filter
Buttons : Click to apply changes. Figure 4-7-35 IGMP Port Max Groups Information Page Screenshot The page includes the following fields: Object Description  The switch port number of the logical port. Port  Max Groups Display the current Max groups. ...
Page 193: Multicast Profile Setting
access mode. Command Usage  Each profile has only one access mode; either permit or deny.  When the access mode is set to permit, multicast join reports are processed when a multicast group falls within the controlled range.  When the access mode is set to deny, multicast join reports are only processed when the multicast group is not in the controlled range.
Page 194: Igmp Filter Setting
When the access mode is set to, multicast join reports are only - Deny processed when the multicast group is not in the controlled range. Buttons : Click to add multicast profile entry. Figure 4-7-37 IGMP/MLD Profile Status Page Screenshot The page includes the following fields: Object Description...
Page 195 Figure 4-7-38 Filter Setting Page Screenshot The page includes the following fields: Object Description  Port Select Select port number for this drop down list.  Filter Profile ID Select filter profile ID for this drop down list. Buttons : Click to apply changes. Figure 4-7-39 Port Filter Status Page Screenshot The page includes the following fields: Object...
Page 196: Mld Filter Setting
4.7.7.3 MLD Filter Setting The Filter Setting and Status screens in Figure 4-7-40 & Figure 4-7-41 appear. Figure 4-7-40 Filter Setting Page Screenshot The page includes the following fields: Object Description  Port Select Select port number for this drop down list. ...
Page 197: Quality Of Service
 Action Click to display detail profile parameter. Click to delete the MLD filter profile entry. 4.8 Quality of Service 4.8.1 Understand QoS Quality of Service (QoS) is an advanced traffic prioritization feature that allows you to establish control over network traffic.
Page 198: Qos Properties
The QoS page of the Managed Switch contains three types of QoS mode - the 802.1p mode, DSCP mode or Port-base mode can be selected. Both the three mode rely on predefined fields within the packet to determine the output queue. ...
Page 199: Qos Port Settings
Figure 4-8-2 QoS Information Page Screenshot The page includes the following fields: Object Description  QoS Mode Display the current QoS mode. 4.8.2.2 QoS Port Settings The QoS Port Settings and Status screen in Figure 4-8-2 & Figure 4-8-3 appear. Figure 4-8-2 QoS Port Setting Page Screenshot The page includes the following fields: Object...
Page 200: Queue Settings
 Remark IP Precedence Disable or enable remark IP Precedence Buttons : Click to apply changes. Figure 4-8-3 QoS Port Status Page Screenshot The page includes the following fields: Object Description  Port The switch port number of the logical port. ...
Page 201 Figure 4-8-4 Queue Table Page Screenshot The page includes the following fields: Object Description  Queue Display the current queue ID.  Strict Priority Controls whether the scheduler mode is "Strict Priority" on this switch port.  WRR Controls whether the scheduler mode is "Weighted" on this switch port. ...
Page 202: Cos Mapping
Figure 4-8-5 Queue Information Page Screenshot The page includes the following fields: Object Description  Information Name Display the current queue method information  Information Value Display the current queue vlaue information 4.8.2.4 CoS Mapping The CoS to Queue and Queue to CoS Mapping screens in Figure 4-8-6 &...
Page 203 : Click to apply changes. Figure 4-8-7 CoS Mapping Page Screenshot The page includes the following fields: Object Description  CoS Display the current CoS value  Mapping to Queue Display the current mapping to queue  Queue Display the current queue value ...
Page 204: Dscp Mapping
4.8.2.5 DSCP Mapping The DSCP to Queue and Queue to DSCP Mapping screens in Figure 4-8-8 & Figure 4-8-9 appear. Figure 4-8-8 DSCP to Queue and Queue to DSCP Mapping Page Screenshot The page includes the following fields: Object Description ...
Page 205 Figure 4-8-9 DSCP Mapping Page Screenshot The page includes the following fields: Object Description  DSCP Display the current CoS value  Mapping to Queue Display the current mapping to queue  Queue Display the current queue value  Mapping to DSCP Display the current mapping to DSCP...
Page 206: Ip Precedence Mapping
4.8.2.6 IP Precedence Mapping The IP Precedence to Queue and Queue to IP Precedence Mapping screens in Figure 4-8-10 & Figure 4-8-11 appear. Figure 4-8-10 IP Precedence to Queue and Queue to IP Precedence Mapping Page Screenshot The page includes the following fields: Object Description ...
Page 207 Figure 4-8-11 IP Precedence Mapping Page Screenshot The page includes the following fields: Object Description  IP Precedence Display the current CoS value  Mapping to Queue Display the current mapping to queue  Queue Display the current queue value ...
Page 208: Qos Basic Mode
4.8.3 QoS Basic Mode 4.8.3.1 Global Settings The Basic Mode Global Settings and QoS Information screen in Figure 4-8-12 & Figure 4-8-13 appear. Figure 4-8-12 Basic Mode Global Settings Page Screenshot The page includes the following fields: Object Description  Trust Mode Set the QoS mode Buttons : Click to apply changes.
Page 209: Port Settings
Figure 4-8-13 QoS Information Page Screenshot The page includes the following fields: Object Description  Trust Mode Display the current QoS mode 4.8.3.2 Port Settings The QoS Port Setting and Status screen in Figure 4-8-14 & Figure 4-8-15 appear. Figure 4-8-14 Basic Mode Global Settings Page Screenshot The page includes the following fields: Object Description...
Page 210: Rate Limit
Buttons : Click to apply changes. Figure 4-8-15 QoS Port Status Page Screenshot The page includes the following fields: Object Description  Port The switch port number of the logical port.  Trust Mode Display the current trust type. 4.8.4 Rate Limit Configure the switch port rate limit for the switch port on this page.
Page 211: Ingress Bandwidth Control
4.8.4.1 Ingress Bandwidth Control This page provides to select the ingress bandwidth preamble. The Ingress Bandwidth Control Setting and Status screens in Figure 4-8-16 & Figure 4-8-17 appear. Figure 4-8-16 Ingress Bandwidth Control Settings Page Screenshot The page includes the following fields: Object Description ...
Page 212: Egress Bandwidth Control
The page includes the following fields: Object Description  Port The switch port number of the logical port.  Display the current ingress rate limit. Ingress Rate Limit (Kbps) 4.8.4.2 Egress Bandwidth Control This page provides to select the egress bandwidth preamble. The Egress Bandwidth Control Setting and Status screens in Figure 4-8-18 &...
Page 213 Buttons : Click to apply changes. Figure 4-8-19 Egress Bandwidth Control Status Page Screenshot The page includes the following fields: Object Description  Port The switch port number of the logical port.  Display the current egress rate limit. Egress Rate Limit (Kbps)
Page 214: Egress Queue
4.8.4.3 Egress Queue The Egress Queue Badwidth Control Settings and Status screens in Figure 4-8-20 & Figure 4-8-21 appear. Figure 4-8-20 Egress Queue BandwidthSettings Page Screenshot The page includes the following fields: Object Description  Port Select port number for this drop down list. ...
Page 215: Voice Vlan
The page includes the following fields: Object Description  Queue ID Display the current queue ID  Rate Limit (Kbps) Display the current rate limit. 4.8.5 Voice VLAN 4.5.8.1 Introduction to Voice VLAN Configure the switch port rate limit for the switch port on this page. Voice VLAN is specially configured for the user voice data traffic.
Page 216: Properties
Before connecting the IP device to the switch, the IP phone should configure the voice VLAN ID correctly. It should be configured through its own GUI. 4.8.5.2 Properties The Voice VLAN feature enables voice traffic to forward on the Voice VLAN, and then the switch can be classified and scheduled to network traffic.
Page 217 The allowed range is 1 to 4095.  Remark CoS/802.1p Select 802.1p value for this drop down list.  1p remark Enable or disable 802.1p remark.  The time after which a port is removed from the Voice VLAN when VoIP traffic Aging Time (30-65536 is no longer received on the port.
Page 218: Telephony Oui Mac Setting
4.8.5.3 Telephony OUI MAC Setting Configure VOICE VLAN OUI table on this Page. The Telephony OUI MAC Setting screens in Figure 4-8-24 & Figure 4-8-25 appear. Figure 4-8-24 Voice VLAN OUI Settings Page Screenshot The page includes the following fields: Object Description ...
Page 219: Telephony Oui Port Setting
The page includes the following fields: Object Description  OUI Address Display the current OUI address  Display the current description Description  Modify Click to edit voice VLAN OUI group parameter. Click to delete voice VLAN OUI group parameter. 4.8.5.4 Telephony OUI Port Setting The Voice VLAN feature enables voice traffic forwarding on the Voice VLAN, then the switch can classify and schedule network traffic.
Page 220: Security
Figure 4-8-27 Voice VLAN Port State Page Screenshot The page includes the following fields: Object Description  Port The switch port number of the logical port.  State Display the current state.  Display the current CoS mode. CoS Mode 4.9 Security This section is to control the access of the Managed Switch, including the user access and management control.
Page 221: 221
  Strom Control 4.9.1 802.1X Overview of 802.1X (Port-based) Authentication In the 802.1X-world, the user is called the supplicant, the switch is the authenticator, and the RADIUS server is the authentication server. The switch acts as the man-in-the-middle, forwarding requests and responses between the supplicant and the authentication server.
Page 222 LAN. Until the client is authenticated, 802.1X access control allows only Extensible Authentication Protocol over LAN (EAPOL) traffic through the port to which the client is connected. After authentication is successful, normal traffic can pass through the port. This section includes this conceptual information: ...
Page 223  Authentication server—performs the actual authentication of the client. The authentication server validates the identity of the client and notifies the switch whether or not the client is authorized to access the LAN and switch services. Because the switch acts as the proxy, the authentication service is transparent to the client. In this release, the Remote Authentication Dial-In User Service (RADIUS) security system with Extensible Authentication Protocol (EAP) extensions is the only supported authentication server;...
Page 224 When the client supplies its identity, the switch begins its role as the intermediary, passing EAP frames between the client and the authentication server until authentication succeeds or fails. If the authentication succeeds, the switch port becomes authorized. The specific exchange of EAP frames depends on the authentication method being used. “Figure 4-9-2”...
Page 225: Setting
initiates the authentication process by sending the EAPOL-start frame. When no response is received, the client sends the request for a fixed number of times. Because no response is received, the client begins sending frames as if the port is in the authorized state If the client is successfully authenticated (receives an Accept frame from the authentication server), the port state changes to authorized, and all frames from the authenticated client are allowed through the port.
Page 226: Port Setting
Buttons : Click to apply changes. Figure 4-9-4 802.1X Information Page Screenshot The page includes the following fields: Object Description  802.1X Display the current 802.1X state. 4.9.1.3 802.1X Port Setting This page allows you to configure the IEEE 802.1X Port Setting. The 802.1X Port Setting screens in Figure 4-9-5 &...
Page 227 Figure 4-9-5 802.1X Port Setting Page Screenshot The page includes the following fields: Object Description  Port Select port for this drop down list.  Mode If NAS is globally enabled, this selection controls the port's authentication mode. The following modes are available: ...
Page 228 switch port or if a supplicant is no longer attached.  Reauthentication Determines the period, in seconds, after which a connected client must be reauthenticated. This is only active if the Reauthentication Enabled checkbox is Period checked. Valid values are in the range 30 to 65535 seconds. ...
Page 229: Guest Vlan Setting
The page includes the following fields: Object Description  Port The switch port number of the logical port.  Mode (pps) Display the current mode.  Status (pps) Display the current status.  Periodic Display the current periodic reauthentication. Reauthentication ...
Page 230 immediately takes the port out of the Guest VLAN and starts authenticating the supplicant according to the port mode. If an EAPOL frame is received, the port will never be able to go back into the Guest VLAN if the "Allow Guest VLAN if EAPOL Seen"...
Page 231: Authenticed Host
 Guest VLAN Port When Guest VLAN is both globally enabled and enabled (checked) for a given port, the switch considers moving the port into the Guest VLAN according to the Setting rules outlined below. This option is only available for EAPOL-based modes, i.e.: •...
Page 232: Radius Server
Figure 4-9-9 Authenticated Host Table Page Screenshot The page includes the following fields: Object Description  User Name Display the current user name.  Port Display the current port number.  Session Time Display the current session time.  Authentication Method Display the current authentication method.
Page 233 a RADIUS server before retransmitting the request.  Timeout for Reply Retransmit is the number of times, in the range 1 to 30, a RADIUS request is retransmitted to a server that is not responding. If the server has not responded after the last retransmit it is considered to be dead.
Page 234 The page includes the following fields: Object Description  Server Definition Set the server definition.  Server IP Address of the Radius server IP/name.  Authetication Port The UDP port to use on the RADIUS Authentication Server. If the port is set to 0 (zero), the default port (1812) is used on the RADIUS Authentication Server.
Page 235: Tacacs+ Server
Buttons : Click to add Radius server setting. Figure 4-9-12 Login Authentication List Page Screenshot The page includes the following fields: Object Description  IP Address Display the current IP address  Auth Port Display the current auth port  Acct Port Display the current acct port ...
Page 236 Figure 4-9-13 Guest VLAN Setting Page Screenshot The page includes the following fields: Object Description  Key String The secret key - up to 63 characters long - shared between the TACACS+ server and the switch.  Timeout for Reply Retransmit is the number of times, in the range 1 to 30, a TACACS+ request is retransmitted to a server that is not responding.
Page 237 Object Description  Server Definition Set the server definition.  Server IP Address of the TACACS+ server IP/name.  Server Port Network (TCP) port of TACACS+ server used for authentication messages. (Range: 1-65535; Default: 49)  Server Key The key- shared between the TACACS+ Authentication Server and the switch. ...
Page 238: Aaa
 Modify Click to edit login authentication list parameter. Click to delete login authentication list entry. 4.9.4 AAA Authentication, authorization, and accounting (AAA) provides a framework for configuring access control on the Managed Switch. The three security functions can be summarized as follows: ...
Page 239: Login List
This guide assumes that RADIUS and TACACS+ servers have already been configured to support AAA. The configuration of RADIUS and TACACS+ server software is beyond the scope of this guide, refer to the documentation provided with the RADIUS or TACACS+ server software.
Page 240: Enable List
The page includes the following fields: Object Description  List Name Display the current list name.  Method List Display the current method list.  Modify Click to edit login authentication list parameter. Click to delete login authentication list entry. 4.9.4.2 Enable List This page is to login list parameters.
Page 241: Access
Figure 4-9-20 Login Authentication List Screenshot The page includes the following fields: Object Description  List Name Display the current list name.  Method List Display the current method list.  Modify Click to edit login authentication list parameter. Click to delete login authentication list entry.
Page 242 Figure 4-9-21 Telnet Settings Page Screenshot The page includes the following fields: Object Description  Telnet Service Disable or enable telnet service  Login Authentication List Select login authentication list for this drop down list.  Enable Authentication List Select enable authentication list for this drop down list. ...
Page 243: Ssh
Figure 4-9-21 Telnet Information Page Screenshot The page includes the following fields: Object Description  Telnet Service Display the current telent service.  Login Authentication List Display the current login authentication list  Enable Authentication List Display the current enable authentication list ...
Page 244 enabled port security on a port, the port is set-up for software-based learning. In this mode, frames from unknown MAC addresses are passed on to the port security module, which in turn asks all user modules whether to allow this new MAC address to forward or block it.
Page 245: Http
Figure 4-9-24 SSH Information Page Screenshot The page includes the following fields: Object Description  SSH Service Display the current SSH service.  Login Authentication List Display the current login authentication list  Enable Authentication List Display the current enable authentication list ...
Page 246 Figure 4-9-25 HTTP Settings Page Screenshot The page includes the following fields: Object Description  HTTP Service Disable or enable HTTP service  Login Authentication List Select login authentication list for this drop down list.  Session Timeout Set the session timeout value. Buttons : Click to apply changes.
Page 247: Https
The page includes the following fields: Object Description  HTTP Service Display the current HTTP service.  Login Authentication List Display the current login authentication list  Session Timeout Display the current session timeout. 4.9.5.4 HTTPs The HTTPs Settings and Information screen in Figure 4-9-27 &...
Page 248: Management Access Method
Figure 4-9-28 HTTPs Information Page Screenshot The page includes the following fields: Object Description  HTTPs Service Display the current HTTPs service.  Login Authentication List Display the current login authentication list  Session Timeout Display the current session timeout. 4.9.6 Management Access Method 4.9.6.1 Profile Rules The Profile Rule Table Setting and Table screens in...
Page 249 The page includes the following fields: Object Description  Access Profile Name Indicates the access profile name. (1-32 charaters)  Priority (1-65535) Set priority. The allowed value is from 1 to 65535.  Management Method Indicates the host can access the switch from HTTP/HTTPs/telnet/SSH/SNMP/All interface that the host IP address matched the entry.
Page 250: Access Rules
 Action Display the current action  Port Display the current port list  Source IPv4 Display the current source IPv4 address  Source IPv4 Mask Display the current source IPv4 mask  Source IPv6 Display the current source IPv6 address ...
Page 251 The page includes the following fields: Object Description  Access Profile Display the current access profile.  Delete Click to delete access profile entry.
Page 252: Dhcp Snooping
4.9.7 DHCP Snooping 4.9.7.1 DHCP Snooping Overview The addresses assigned to DHCP clients on unsecure ports can be carefully controlled using the dynamic bindings registered with DHCP Snooping. DHCP snooping allows a switch to protect a network from rogue DHCP servers or other devices which send port-related information to a DHCP server.
Page 253  When DHCP snooping is enabled, DHCP messages entering an untrusted interface are filtered based upon dynamic entries learned via DHCP snooping.  Filtering rules are implemented as follows:  If the global DHCP snooping is disabled, all DHCP packets are forwarded. ...
Page 254: Global Setting
4.9.7.2 Global Setting DHCP Snooping is used to block intruder on the untrusted ports of switch when it tries to intervene by injecting a bogus DHCP reply packet to a legitimate conversation between the DHCP client and server. Configure DHCP Snooping on this page.
Page 255 The page includes the following fields: Object Description  DHCP Snooping Display the current DHCP snooping status...
Page 256: Vlan Setting
4.9.7.3 VLAN Setting Command Usage  When DHCP snooping is enabled globally on the switch, and enabled on the specified VLAN, DHCP packet filtering will be performed on any untrusted ports within the VLAN.  When the DHCP snooping is globally disabled, DHCP snooping can still be configured for specific VLANs, but the changes will not take effect until DHCP snooping is globally re-enabled.
Page 257: Port Setting
Figure 4-9-36 DHCP Snooping VLAN Setting Page Screenshot The page includes the following fields: Object Description  VLAN List Display the current VLAN list  Status Display the current DHCP snooping status 4.9.7.4 Port Setting Configures switch ports as trusted or untrusted. Command Usage ...
Page 258 Figure 4-9-37 DHCP Snooping Port Setting Page Screenshot The page includes the following fields: Object Description  Port Select port for this drop down list.  Type Indicates the DHCP snooping port mode. Possible port modes are:  Trusted: Configures the port as trusted sources of the DHCP message. ...
Page 259: Statistics
Object Description  Port The switch port number of the logical port.  Type Display the current type  Chaddr Check Display the current chaddr check 4.9.7.5 Statistics The DHCP Snooping Statistics screen in Figure 4-9-39 appears. Figure 4-9-39 DHCP Snooping Statistics Page Screenshot The page includes the following fields: Object Description...
Page 260 Buttons : Click to clear the statistics. : Click to refresh the statistics.
Page 261: Database Agent
4.9.7.6 Database Agent Overview of the DHCP Snooping Database Agent When DHCP snooping is enabled, the switch uses the DHCP snooping binding database to store information about untrusted interfaces. The database can have up to 8192 bindings. Each database entry (binding) has an IP address, an associated MAC address, the lease time (in hexadecimal format), the interface to which the binding applies, and the VLAN to which the interface belongs.
Page 262 The page includes the following fields: Object Description  Database Type Select database type.  File Name The name of file image.  Remote Server Fill in your remote server IP address.  Write Delay Specify the duration for which the transfer should be delayed after the binding database changes.
Page 263: Rate Limit
 Write Delay Display the current write delay.  Timeout Display the current timeout. 4.9.7.7 Rate Limit After enabling DHCP snooping, the switch will monitor all the DHCP messages and implement software transmission. The DHCP Rate Limit Setting and Config screens in Figure 4-9-42 &...
Page 264: Option82 Global Setting
Figure 4-9-43 DHCP Rate Limit Setting Page Screenshot The page includes the following fields: Object Description  Port The switch port number of the logical port.  Rate Limit (pps) Display the current rate limit. 4.9.7.8 Option82 Global Setting DHCP provides a relay mechanism for sending information about the switch and its DHCP clients to DHCP servers. Known as DHCP Option 82, it allows compatible DHCP servers to use the information when assigning IP addresses, or to set other services or policies for clients.
Page 265 The definition of Circuit ID in the switch is 4 bytes in length and the format is "vlan_id" "module_id" "port_no". The parameter of "vlan_id" is the first two bytes represent the VLAN ID. The parameter of "module_id" is the third byte for the module ID (in standalone switch it always equal 0, in switch it means switch ID).
Page 266: Option82 Port Setting
The page includes the following fields: Object Description  Option82 Remote ID Display the current option82 remite ID. 4.9.7.9 Option82 Port Setting This function is used to set the retransmitting policy of the system for the received DHCP request message which contains option82.
Page 267: Option82 Circuit-Id Setting
Figure 4-9-47 Option82 Global Setting Page Screenshot The page includes the following fields: Object Description  Port The switch port number of the logical port.  Enable Display the current status  Allow Untrusted Display the current untrusted mode 4.9.7.10 Option82 Circuit-ID Setting Set creation method for option82, users can define the parameters of circute-id suboption by themselves.
Page 268: Dynamic Arp Inspection
The page includes the following fields: Object Description  Port Select port for this drop down list.  VLAN Indicates the ID of this particular VLAN.  Circuit ID Set the option1 (Circuit ID) content of option 82 added by DHCP request packets.
Page 269: Global Setting
A Dynamic ARP prevents the untrust ARP packets based on the DHCP Snooping Database. 4.9.8.1 Global Setting DAI Setting and Information screens in Figure 4-9-50 & Figure 4-9-51 appear. Figure 4-9-50 DAI Setting Page Screenshot The page includes the following fields: Object Description ...
Page 270: Vlan Setting
The page includes the following fields: Object Description  DAI Display the current DAI status. 4.9.8.2 VLAN Setting DAI VLAN Setting screens in Figure 4-9-52 & Figure 4-9-53 appear. Figure 4-9-52 DAI VLAN Setting Page Screenshot The page includes the following fields: Object Description ...
Page 271: Port Setting
The page includes the following fields: Object Description  VLAN List Display the current VLAN list.  Status Display the current status. 4.9.8.3 Port Setting Configures switch ports as DAI trusted or untrusted and check mode. DAI Port Setting screens in Figure 4-9-54 &...
Page 272 classified as invalid and are dropped.  IP Chk Enable or disable to checks the source and destination IP addresses of ARP packets. The all-zero, all-one or multicast IP addresses are considered invalid and the corresponding packets are discarded.  IP Allow Zero Enable or disable to checks all-zero IP addresses.
Page 273: Statistics
4.9.8.4 Statistics Configures switch ports as DAI trusted or untrusted and check mode. DAI Port Setting screen in Figure 4-9-56 appears. Figure 4-9-56 DAI Port Setting Page Screenshot The page includes the following fields: Object Description  Port The switch port number of the logical port. ...
Page 274: Rate Limit
Buttons : Click to clear the statistics. : Click to refresh the statistics. 4.9.8.5 Rate Limit The ARP Rate Limit Setting and Config screens in Figure 4-9-57 & Figure 4-9-58 appear. Figure 4-9-57 ARP Rate Limit Setting Page Screenshot The page includes the following fields: Object Description ...
Page 275: Ip Source Guard
Figure 4-9-58 ARP Rate Limit Setting Page Screenshot The page includes the following fields: Object Description  Port The switch port number of the logical port.  Rate Limit (pps) Display the current rat limit. 4.9.9 IP Source Guard IP Source Guard is a secure feature used to restrict IP traffic on DHCP snooping untrusted ports by filtering traffic based on the DHCP Snooping Table or manually configured IP Source Bindings.
Page 276: Port Settings
4.9.9.1 Port Settings IP Source Guard is a secure feature used to restrict IP traffic on DHCP snooping untrusted ports by filtering traffic based on the DHCP Snooping Table or manually configured IP Source Bindings. It helps prevent IP spoofing attacks when a host tries to spoof and use the IP address of another host.
Page 277 The page includes the following fields: Object Description  Port Select port for this drop down list.  Status Enable or disable the IP source guard.  Verify Source Configures the switch to filter inbound traffic based IP address, or IP address and MAC address.
Page 278: Binding Table
 Verify Source Display the current verify source  Max Binding Entry Display the current max binding entry.  Current Binding Entry Display the current binding entry. 4.9.9.2 Binding Table The IP Source Guard Static Binding Entry and Table Status screens in Figure 4-9-62 &...
Page 279: Port Security
The page includes the following fields: Object Description  Port Display the current port  VLAN ID Display the current VLAN  MAC Address Display the current MAC address  IP Address Display the current IP Address  Type Display the current entry type ...
Page 280 The page includes the following fields: Object Description  Port Select port for this drop down list.  Security Enable or disable the port security.  Mac L2 Entry The maximum number of MAC addresses that can be secured on this port. If the limit is exceeded, the corresponding action is taken.
Page 281: Dos
Figure 4-9-65 Port Security Status Page Screenshot The page includes the following fields: Object Description  Port Name The switch port number of the logical port.  Enable State Display the current per port security status  L2 Entry Num Display the current L2 entry number.
Page 282 Figure 4-9-66 Global DoS Setting Page Screenshot...
Page 283 The page includes the following fields: Object Description  DMAC = SMAC Enable or disable DoS check mode by DMAC = SMAC  Land Enable or disable DoS check mode by land  UDP Blat Enable or disable DoS check mode by UDP blat ...
Page 284 Figure 4-9-67 DoS Information Page Screenshot The page includes the following fields: Object Description  DMAC = SMAC Display the current DMAC = SMAC status  Land Attach Display the current land attach status  UDP Blat Display the current UDP blat status ...
Page 285: Dos Port Setting
 TCP SYN-RST Attack Display the current TCP syn-rst attack status  TCP Fragment (Offset = 1) Display the TCP fragment (offset = 1) status 4.9.11.2 DoS Port Setting The DoS Port Setting and Status screens in Figure 4-9-68 & Figure 4-9-69 appear.
Page 286: Storm Control
Figure 4-9-68 Port Security Setting Page Screenshot The page includes the following fields: Object Description  Port The switch port number of the logical port.  DoS Protection Display the current DoS protection. 4.9.12 Storm Control Storm control for the switch is configured on this Page. There is an unknown unicast storm rate control, unknown multicast storm rate control, and a broadcast storm rate control.
Page 287: Port Setting
The page includes the following fields: Object Description  Unit Controls the unit of measure for the storm control rate as "pps" or "bps". The default value is "bps".  Preamble & IFG Set the excluded or included interframe gap Buttons : Click to apply changes.
Page 288 Figure 4-9-71 Storm Control Setting Page Screenshot The page includes the following fields: Object Description  Port Select port for this drop down list.  Enable or disable the storm control status for the given storm type. Port State  Action Configures the action performed when storm control is over rate on a port.
Page 289 Figure 4-9-72 Storm Control Information Page Screenshot The page includes the following fields: Object Description  Port The switch port number of the logical port.  Display the current port state. Port State  Broadcast (Kbps/pps) Display the current brocast storm control rate. ...
Page 290: Acl
4.10 ACL ACL is an acronym for Access Control List. It is the list table of ACEs, containing access control entries that specify individual users or groups permitted or denied to specific traffic objects, such as a process or a program. Each accessible traffic object contains an identifier to its ACL.
Page 291: Mac-Based Ace
Figure 4-10-1 MAC-based ACL Page Screenshot The page includes the following fields: Object Description  ACL Name Create a named MAC-based ACL list Figure 4-10-2 ACL Table Page Screenshot The page includes the following fields: Object Description  Delete Click to delete ACL name entry.
Page 292 Figure 4-10-3 MAC-based ACE Page Screenshot The page includes the following fields: Object Description  ACL Name Select ACL name for this drop down list.  Sepuence Set the ACL sequence.  Action Indicates the forwarding action of the ACE. ...
Page 293 this ACE, choose this value. A field for entering a DA MAC value appears.  DA MAC Value When "User Defined" is selected for the DA MAC filter, you can enter a specific destination MAC address. The legal format is "xx-xx-xx-xx-xx-xx". A frame that hits this ACE matches this DA MAC value.
Page 294: Ipv4-Based Acl
Figure 4-10-4 MAC-based ACE Table Page Screenshot The page includes the following fields: Object Description  ACL Name Display the current ACL name  Sepuence Display the current sequence  Action Display the current action  Destination MAC Address Display the current destination MAC address ...
Page 295: Ipv4-Based Ace
Figure 4-10-6 appear. Figure 4-10-5 IPv4-based ACL Page Screenshot The page includes the following fields: Object Description  ACL Name Create a named IPv4-based ACL list Buttons : Click to add ACL name list. Figure 4-10-6 ACL Table Page Screenshot The page includes the following fields: Object Description...
Page 297 Figure 4-10-7 IP-based ACE Page Screenshot The page includes the following fields: Object Description  ACL Name Select ACL name for this drop down list.  Sepuence Set the ACL sequence.  Action Indicates the forwarding action of the ACE. ...
Page 298 frame that hits this ACE matches this destination IP address value.  Destination IP When "User Defined" is selected for the destination IP filter, you can enter a specific DIP mask in dotted decimal notation. Wildcard Mask  Source Port Specify the source port for this ACE.
Page 299 to match this entry.  Don’t Care: Any value is allowed ("don't-care"). Specify the TCP "Push Function" (PSH) value for this ACE.  Set: TCP frames where the PSH field is set must be able to match this entry.  Unset: TCP frames where the PSH field is set must not be able to match this entry.
Page 300  IP Recedence: If you want to filter a specific IP recedence with this ACE, you can enter a specific IP recedence value. A field for entering an IP recedence value appears. The allowed range is 0 to 7. A frame that hits this ACE matches this IP recedence value.
Page 301: Ipv6-Based Acl
The page includes the following fields: Object Description  ACL Name Display the current ACL name  Sepuence Display the current sequence  Action Display the current action  Protocol Display the current protocol  Source IP Address Display the current source IP address ...
Page 302: Ipv6-Based Ace
Figure 4-10-9 IPv6-based ACL Page Screenshot The page includes the following fields: Object Description  ACL Name Create a named IPv6-based ACL list Buttons : Click to add ACL name list. Figure 4-10-10 ACL Table Page Screenshot The page includes the following fields: Object Description ...
Page 304 Figure 4-10-11 IP-based ACE Page Screenshot The page includes the following fields: Object Description  ACL Name Select ACL name for this drop down list.  Sepuence Set the ACL sequence.  Action Indicates the forwarding action of the ACE. ...
Page 305 this destination IP address value.  Destination IP Prefix When "User Defined" is selected for the destination IP filter, you can enter a specific DIP prefix length in dotted decimal notation. Length  Source Port Specify the source port for this ACE. ...
Page 306 to match this entry.  Don’t Care: Any value is allowed ("don't-care"). Specify the TCP "Push Function" (PSH) value for this ACE.  Set: TCP frames where the PSH field is set must be able to match this entry.  Unset: TCP frames where the PSH field is set must not be able to match this entry.
Page 307 you can enter a specific IP recedence value. A field for entering a IP recedence value appears. The allowed range is 0 to 7. A frame that hits this ACE matches this IP recedence value.  ICMP Specify the ICMP for this ACE. ...
Page 308  Sepuence Display the current sequence  Action Display the current action  Protocol Display the current protocol  Source IP Address Display the current source IP address  Source IP Address Display the current source IP address wildcard mask Wildcard Mask ...
Page 309: Acl Binding
4.10.7 ACL Binding This page allows you to bind the Policy content to the appropriate ACLs. The ACL Policy screens in Figure 4-10-13 & Figure 4-10-14 appears. Figure 4-10-13 ACL Binding Page Screenshot The page includes the following fields: Object Description ...
Page 310: Mac Address Table
 IPv6 ACL Display the current IPv6 ACL  Modify Click to edit ACL binding table parameter. Click to delete ACL binding entry. 4.11 MAC Address Table Switching of frames is based upon the DMAC address contained in the frame. The Managed Switch builds up a table that maps MAC addresses to switch ports for knowing which ports the frames should go to (based upon the DMAC address in the frame).
Page 311: Mac Filtering
 VLAN Select VLAN for this drop down list.  Port Select port for this drop down list. Buttons : Click to add new static MAC address. Figure 4-11-2 Statics MAC Status Page Screenshot The page includes the following fields: Object Description ...
Page 312: Dynamic Address Setting
The page includes the following fields: Object Description  MAC Address Physical address associated with this interface.  VLAN (1~4096) Indicates the ID of this particular VLAN. Buttons : Click to add new MAC filtering setting. Figure 4-11-4 Statics MAC Status Page Screenshot The page includes the following fields: Object Description...
Page 313: Dynamic Learned
Figure 4-11-5 Dynamic Addresses Setting Page Screenshot The page includes the following fields: Object Description  The time after which a learned entry is discarded. Aging Time (Range: 10-630 seconds; Default: 300 seconds) Buttons : Click to apply changes. Figure 4-11-6 Dynamic Addresses Status Page Screenshot The page includes the following fields: Object Description...
Page 314 address. The Dynamic Learned screens in Figure 4-11-6 & Figure 4-11-7 appear. Figure 4-11-6 Dynamic Learned Page Screenshot The page includes the following fields: Object Description  Port Select port for this drop down list.  VLAN Select VLAN for this drop down list. ...
Page 315  VLAN The VLAN ID of the entry.  Type Indicates whether the entry is a static or dynamic entry.  Port The ports that are members of the entry. Buttons Click to add dynamic MAC address to static MAC address.
Page 316: Lldp
4.12 LLDP 4.12.1 Link Layer Discovery Protocol Link Layer Discovery Protocol (LLDP) is used to discover basic information about neighboring devices on the local broadcast domain. LLDP is a Layer 2 protocol that uses periodic broadcasts to advertise information about the sending device.
Page 317 Object Description  Enable Globally enable or disable LLDP function  LLDP PDU Disable Set LLDP PDU disable action: include “Filtering”, “Bridging” and “Flooding”.  Filtering: discrad all LLDP PDU. Action  Bridging: transmit LLDP PDU in the same VLAN. ...
Page 318 (4 * Delay Interval) ≤Transmission Interval  Configures the amount of LLDP MED Fast Start LLDPDUs to transmit during LLDP-MED Fast Start the activation process of the LLDP-MED Fast Start mechanisim. Repeat Count Range: 1-10 packets; Default: 3 packets The MED Fast Start Count parameter is part of the timer which ensures that the LLDP-MED Fast Start mechanism is active for the port.
Page 319: Lldp Port Setting
 Holdtime Multiplier Display the current holdtime multiplier  Reinitialization Delay Display the current reinitialization delay  Transmit Delay Display the current transmit delay  Display the current LLDP-MED Fast Start Repeat Count LLDP-MED Fast Start Repeat Count 4.12.3 LLDP Port Setting Use the LLDP Port Setting to specify the message attributes for individual interfaces, including whether messages are transmitted, received, or both transmitted and received.
Page 320  Rx only  TxRx  Disabled  Port Select Select port for this drop down list.  Optional TLV Select Configures the information included in the TLV field of advertised messages.  System Name: When checked the "System Name" is included in LLDP information transmitted.
Page 321 Figure 4-12-4 LLDP Port Status Page Screenshot The page includes the following fields: Object Description  Port The switch port number of the logical port.  State Display the current LLDP status  Selected Optional Display the current selected optional TLVs TLVs The VLAN Name TLV VLAN Selection and LLDP Port VLAN TLV Status screens in Figure 4-12-5...
Page 322: Lldp Local Device
The page includes the following fields: Object Description  Port Select Select port for this drop down list.  VLAN Select Select VLAN for this drop down list. Buttons : Click to apply changes. Figure 4-12-6 LLDP Port VLAN TLV Status Page Screenshot The page includes the following fields: Object Description...
Page 323 Figure 4-12-7 Local Device Summary Page Screenshot The page includes the following fields: Object Description  Chassis ID Subtype Display the current chassis ID subtype  Chassis ID Display the current chassis ID  System Name Display the current system name ...
Page 324: Lldp Remove Device
Figure 4-12-8 Port Status Page Screenshot The page includes the following fields: Object Description  Interface The switch port number of the logical port.  LLDP Status Display the current LLDP status  LLDP MED Status Display the current LLDP MED Status 4.12.5 LLDP Remove Device This Page provides a status overview for all LLDP remive devices.
Page 325: Med Network Policy
The page includes the following fields: Object Description  Local Port Display the current local port  Chassis ID Subtype Display the current chassis ID subtype  Chassis ID The Chassis ID is the identification of the neighbor's LLDP frames. ...
Page 326 given port. The application types specifically addressed are: 1. Voice 2. Guest Voice 3. Softphone Voice 4. Video Conferencing 5. Streaming Video 6. Control / Signaling (conditionally support a separate network policy for the media types above) A large network may support multiple VoIP policies across the entire organization, and different policies per application type.
Page 327 The page includes the following fields: Object Description  LLDP MED Policy for Set the LLDP MED policy for voice application mode. Voice Application  Network Policy Select network policy number for this drop down list. Number  Application Type Intended use of the application types: Voice - for use by dedicated IP Telephony handsets and other similar appliances supporting interactive voice services.
Page 328 Video Signaling - for use in network topologies that require a separate policy for the video signaling than for the video media. This application type should not be advertised if all the same network policies apply as those advertised in the Video Conferencing application policy.
Page 329: Med Port Setting
The page includes the following fields: Object Description  Network Policy Display the current network policy number Number  Application Display the current application  VLAN ID Display the current VLAN ID  VLAN Tag Display the current VLAN tag status ...
Page 330 messages. -Network Policy – This option advertises network policy configuration information, aiding in the discovery and diagnosis of VLAN configuration mismatches on a port. Improper network policy configurations frequently result in voice quality degradation or complete service disruption. -Location – This option advertises location identification details. -Inventory –...
Page 331 Display the current application  Application Display the current location  Location Display the current inventory  Inventory The MED Location Configuration and LLDP MED Port Location Table screens in Figure 4-12-14 & Figure 4-12-15 appear. Figure 4-12-14 Port LLDP MED Configuration Page Screenshot The page includes the following fields: Object Description...
Page 332 Figure 4-12-15 LLDP MED Port Location Table Page Screenshot The page includes the following fields: Object Description  Port The switch port number of the logical port.  Coordinate Display the current coordinate.  Civic Address Display the current civic address. ...
Page 333: Lldp Overloading
4.12.8 LLDP Overloading The LLDP Port Overloading screen in Figure 4-12-16 appears. Figure 4-12-16 LLDP Port Overloading Table Page Screenshot The page includes the following fields: Object Description  Interface The switch port number of the logical port.  Toltal (Bytes) Total number of bytes of LLDP information that is normally sent in a packet.
Page 334: Lldp Statistics
Displays if the network policies packets were transmitted or overloaded.  MED Network Policy Displays if the extended power via MDI packets were transmitted or  MED Extended Power overloaded. via MDI Displays if the 802.3 TLVs were transmitted or overloaded. ...
Page 335 : Click to clear the statistics. : Click to refresh the statistics. Figure 4-12-18 LLDP Port Statistics Page Screenshot The page includes the following fields: Object Description  Port The port on which LLDP frames are received or transmitted.  TX Frame – Total The number of LLDP frames transmitted on the port.
Page 336: Diagnostics
 RX TLVs – The number of well-formed TLVs, but with an unknown type value. Unrecognized  RX Ageout - Total The number of organizationally TLVs received. 4.13 Diagnostics This section provide the Physical layer and IP layer network diagnostics tools for troubleshoot. The diagnostic tools are designed for network manager to help them quickly diagnose problems between point to point and better service customers.
Page 337: Cable Diagnistics
4.13.1 Cable Diagnistics The Cable Diagnostics performs tests on copper cables. These functions have the ability to identify the cable length and operating conditions, and to isolate a variety of common faults that can occur on the Cat5 twisted-pair cabling. There might be two statuses as follow: ...
Page 338 The Copper test and test result screens in Figure 4-13-1 & Figure 4-13-2 appear. Figure 4-13-1 Copper Test Page Screenshot The page includes the following fields: Object Description  Port Select port for this drop down list. Buttons : Click to run the diagnostics. Figure 4-13-2 Test Results Page Screenshot The page includes the following fields: Object...
Page 339: Ping
4.13.2 Ping The ping and IPv6 ping allow you to issue ICMP PING packets to troubleshoot IP connectivity issues. The Managed Switch transmits ICMP packets, and the sequence number and roundtrip time are displayed upon reception of a reply. 4.13.3 Ping Test This page allows you to issue ICMP PING packets to troubleshoot IP connectivity issues.
Page 340: Ipv6 Ping Test
The page includes the following fields: Object Description  The destination IP Address. IP Address  Count Number of echo requests to send.  Interval (in sec) Send interval for each ICMP packet.  The payload size of the ICMP packet. Values range from 8bytes to 5120bytes. Size (in bytes) ...
Page 341 Figure 4-13-4 ICMPv6 Ping Page Screenshot The page includes the following fields: Object Description  The destination IPv6 Address. IP Address  Count Number of echo requests to send.  Interval (in sec) Send interval for each ICMP packet.  The payload size of the ICMP packet.
Page 342: Rmon
4.14 RMON RMON is the most important expansion of the standard SNMP. RMON is a set of MIB definitions, used to define standard network monitor functions and interfaces, enabling the communication between SNMP management terminals and remote monitors. RMON provides a highly efficient method to monitor actions inside the subnets. MID of RMON consists of 10 groups.
Page 343 Figure 4-14-1: RMON Statistics Detail Page Screenshot The Page includes the following fields: Object Description  Port Select port for this drop down list.  Drop Events The total number of events in which packets were dropped by the probe due to lack of resources.
Page 344: Rmon Event
 CRC/Alignment Errors The total number of packets received that had a length (excluding framing bits, but including FCS octets) of between 64 and 1518 octets.  Undersize Packets The total number of packets received that were less than 64 octets. ...
Page 345 Figure 4-14-2: RMON Event Configuration Page Screenshot The Page includes the following fields: Object Description  Select Index Select index for this drop down list to create new index or modify index.  Index Indicates the index of the entry. The range is from 1 to 65535. ...
Page 346 Buttons : Click to apply changes. Figure 4-14-3: RMON Event Status Page Screenshot The Page includes the following fields: Object Description  Index Display the current event index  Event Type Display the current event type  Community Display the current community for SNMP trap ...
Page 347: Rmon Event Log
4.14.3 RMON Event Log This Page provides an overview of RMON Event Log. The RMON Event Log Table screen in Figure 4-14-4 appears. Figure 4-14-4: RMON Event Log Table Page Screenshot The Page includes the following fields: Object Description  Select Index Select index for this drop down list ...
Page 348: Rmon Alarm
4.14.4 RMON Alarm Configure RMON Alarm table on this Page. The RMON Alarm screens in Figure 4-14-5 & Figure 4-14-6 appear. Figure 4-14-5: RMON Alarm Table Page Screenshot The Page includes the following fields: Object Description  Select Index Select index for this drop down list to create the new index or modify the index ...
Page 349 Includes FCS, but excludes framing bits.  Pkts: The total number of frames (bad, broadcast and multicast) received and transmitted.  BroadcastPkts: The total number of good frames received that were directed to the broadcast address. Note that this does not include multicast packets.
Page 350 specified range (excluding framing bits but including FCS octets).  Pkts512to1023Octets: The total number of frames (including bad packets) received andtransmitted where the number of octets fall within the specified range (excluding framing bits but including FCS octets).  Pkts1024to1518Octets: The total number of frames (including bad packets) received andtransmitted where the number of octets fall within the specified range (excluding framing bits but including FCS octets).
Page 351: Rmon History
The Page includes the following fields: Object Description  Index Indicates the index of Alarm control entry.  Sample Port Display the current sample port.  Sample Variable Display the current sample variable  Sample Interval Display the current interval ...
Page 352 The Page includes the following fields: Object Description  Select Index Select index for this drop down list to create the new index or modify the index  Index Indicates the index of the history entry.  Sample Port Select port for this drop down list ...
Page 353: Rmon History Log
4.14.6 RMON History Log This Page provides a detail of RMON history entries; screen in Figure 4-14-9 appears. Figure 4-14-9: RMON History Status Page Screenshot The Page includes the following fields: Object Description  History Index Select history index for this drop down list 4.15 Maintenance Use the Maintenance menu items to display and configure basic configurations of the Managed Switch.
Page 354: Reboot Switch
Figure 4-15-1 Factory Default Page Screenshot After the “Factory” button is pressed and rebooted, the system will load the default IP settings as follows: Default IP address: 192.168.0.100 。 Subnet mask: 255.255.255.0 。 Default Gateway: 192.168.0.254 。 The other setting value is back to disable or none. 。...
Page 355: Backup Manager
4.15.3 Backup Manager This function allows backup of the current image or configuration of the Managed Switch to the local management station. The Backup Manager screen in Figure 4-15-3 appears. Figure 4-15-3 Backup Manager Page Screenshot The page includes the following fields: Object Description ...
Page 356 Figure 4-15-4 Upgrade Manager Page Screenshot The page includes the following fields: Object Description  Select upgrade method for this drop down list. Upgrade Method  Fill in your TFTP server IP address. Server IP  The name of firmware image or configuration. File Name ...
Page 357: Switch Operation
5. SWITCH OPERATION 5.1 Address Table The Switch is implemented with an address table. This address table composed of many entries. Each entry is used to store the address information of some node in network, including MAC address, port no, etc. This in-formation comes from the learning process of Ethernet Switch.
Page 358: Auto-Negotiation
incoming and outgoing packet are stored in a routing table. This information is subsequently used to filter packets whose destination address is on the same segment as the source address. This confines network traffic to its respective domain and reduce the overall load on the network. The Switch performs "Store and forward"...
Page 359: Troubleshooting
6. TROUBLESHOOTING This chapter contains information to help you solve your issue. If the Managed Switch is not functioning properly, make sure the Managed Switch is set up according to instructions in this manual. ■ The Link LED is not lit Solution: Check the cable connection and remove duplex mode of the Managed Switch ■...
Page 360 Solution: AC power cord not inserted or faulty Check whether the AC power cord is inserted correctly Replace the power cord if the cord is inserted correctly, check that the AC power source is working by connecting a different device in place of the switch. If that device works, refer to the next step.
Page 361: 10/100Mbps, 10/100Base-Tx
APPENDIX A A.1 Switch's RJ-45 Pin Assignments 1000Mbps, 1000Base T Contact MDI-X BI_DA+ BI_DB+ BI_DA- BI_DB- BI_DB+ BI_DA+ BI_DC+ BI_DD+ BI_DC- BI_DD- BI_DB- BI_DA- BI_DD+ BI_DC+ BI_DD- BI_DC- Implicit implementation of the crossover function within a twisted-pair cable, or at a wiring panel, while not expressly forbidden, is beyond the scope of this standard.
Page 362 Rx + (receive) Tx + (transmit) 4, 5 Not used Rx - (receive) Tx - (transmit) 7, 8 Not used The standard cable, RJ-45 pin assignment The standard RJ-45 receptacle/connector There are 8 wires on a standard UTP/STP cable and each wire is color-coded. The following shows the pin allocation and color of straight cable and crossover cable connection: Straight-through Cable SIDE 1...
Page 363 SIDE 1 1 = White / 1 = White / Green Orange 2 = Green 2 = Orange 3 = White / Orange 3 = White / Green 4 = Blue 4 = Blue 5 = White / Blue 5 = White / Blue 6 = Orange 6 = Green 7 = White / Brown...

Interlogix NS3500-28T-4S User Manual

1 Introduction

2 Installation

3 Switch Management

4 Web Configuration

5 Switch Operation

AppendixA

6 Troubleshooting

Quick Links

Related Manuals for Interlogix NS3500-28T-4S

Summary of Contents for Interlogix NS3500-28T-4S