Black Box LGB1002A-R2 User Manual
  1. Manuals
  2. Brands
  3. Black Box Manuals
  4. Network Router
  5. LGB1002A-R2
  6. User manual

Black Box LGB1002A-R2 User Manual

16-port 1000base-tx l2 plus managed ethernet switch
Hide thumbs
Table of Contents

Advertisement

Quick Links

16-Port 1000BASE-TX L2 Plus
Managed Ethernet Switch
i

Advertisement

Table of Contents
loading

Related Manuals for Black Box LGB1002A-R2

Summary of Contents for Black Box LGB1002A-R2

  • Page 1 16-Port 1000BASE-TX L2 Plus Managed Ethernet Switch...

  • Page 2: Table Of Contents

    2-1-3-3. Switch Cascading in Topology ....................14 2-1-4. Configuring the Management Agent of LGB1002A-R2 .............17 2-1-4-1. Configuring the Management Agent of LGB1002A-R2 through the Serial RS-232 Port..17 2-1-4-2. Configuring the Management Agent of LGB1002A-R2 through the Ethernet Port....19 2-1-5.
  • Page 3 3-4-5. MAC Table .........................72 3-5. GVRP............................73 3-5-1. Config ..........................73 3-5-2. Counter ..........................76 3-5-3. Group ..........................78 3-6. Q ................79 UALITY OF ERVICE ONFIGURATION 3-6-1. Ports...........................79 3-6-2. Qos Control List.........................81 3-6-3.Rate Limiters........................87 3-6-4.Storm Control........................89 3-6-5.Wizard ..........................90 3-7. SNMP C ......................100 ONFIGURATION 3-8. ACL............................102 3-8-1.Ports..........................102 3-8-2.Rate Limiters........................104 3-8-3.Access Control List ......................105...
  • Page 4 3-20-2 .VeriPHY .........................194 3-21 M ........................195 AINTENANCE 3-21-1 .Reset Device........................195 3-21-2 .Software Upload ......................195 3-22 L ...........................196 OGOUT OPERATION OF CLI MANAGEMENT................197 4-1. CLI M ........................197 ANAGEMENT 4-1-1. Login..........................197 4-2. C CLI ........................199 OMMANDS OF 4-2-1. Global Commands of CLI ....................200 4-2-2.

  • Page 5: Revision History

    Revision History Release Date Revision 0.91 2008/03/12 0.95 2008/06/30...

  • Page 6: Caution

    Caution Circuit devices are sensitive to static electricity, which can damage their delicate electronics. Dry weather conditions or walking across a carpeted floor may cause you to acquire a static electrical charge. To protect your device, always: • Touch the metal chassis of your computer to ground the static electrical charge before you pick up the circuit device.
  • Page 7 About this user’s manual In this user’s manual, it will not only tell you how to install and connect your network system but configure and monitor the LGB1002A-R2 through the built-in CLI and web by RS-232 serial interface and Ethernet ports step-by-step. Many...

  • Page 8: Introduction

    1. Introduction 1-1. Overview of LGB1002A-R2 LGB1002A-R2, a 16-port Layer 2 Plus Gigabit Managed Switch, is a standard switch that meets all IEEE 802.3/u/x/z Gigabit, Fast Ethernet specifications. The switch included 12-Port 10/100/1000Mbps TP and 4-Port Gigabit TP/SFP Fiber management Ethernet switch. The switch can be managed through RS-232 serial port via directly connection, or through Ethernet port using CLI or Web-based management unit, associated with SNMP agent.
  • Page 9 • Key Features in the Device QoS: Support Quality of Service by the IEEE 802.1P standard. There are two priority queue and packet transmission schedule. Spanning Tree: Support IEEE 802.1D, IEEE 802.1w (RSTP: Rapid Spanning Tree Protocol) standards. VLAN: Support Port-based VLAN and IEEE802.1Q Tag VLAN. Support 256 active VLANs and VLAN ID 1~4094.
  • Page 10 • When queried, sends group membership reports to the group. • When one of its hosts joins a multicast address group to which none of its other hosts belong, sends unsolicited group membership reports to that group. • When the last of its hosts in a particular multicast group leaves the group, sends an unsolicited leave group membership report to the all-routers group (244.0.0.2).

  • Page 11: Checklist

    1-2. Checklist Before you start installing the switch, verify that the package contains the following: ⎯ LGB1002A-R2 16-port Layer 2 Plus Gigabit Managed Switch ⎯ SFP Modules (optional) ⎯ Mounting Accessory (for 19” Rack Shelf) ⎯ This User's Manual in CD-ROM ⎯...
  • Page 12 • Supports 802.1Q VLAN • Supports user management and limits three users to login • Maximal packet length can be up to 9600 bytes for jumbo frame application • Supports DHCP Broadcasting Suppression to avoid network suspended or crashed • Supports to send the trap event while monitored events happened •...

  • Page 13: Full View Of Lgb1002A-R2

    16 ports working status of the switch. One RS-232 DB-9 interface is offered for configuration or management. Gigabit Ethernet Port RS-232 DB-9 Connector SFP Fiber Port RESET Button: Power Indication LED Fiber Port Status Indication LEDs RESET button is used to reset the management system. Fig. 1-2 Front View of LGB1002A-R2...

  • Page 14: Ac Power Input On The Rear Panel

    Blinks when any traffic is present Off when module connection is not good Table1-1 1-4-2. AC Power Input on the Rear Panel One socket on the rear panel is for AC power input. AC Line 100-240V 50/60 Hz Fig. 1-3 Rear View of LGB1002A-R2...

  • Page 15: View Of The Optional Modules

    1-5. View of the Optional Modules In the switch, Port 13~16 includes two types of media --- TP and SFP Fiber (LC, BiDi LC…); this port supports 10/100/1000Mbps TP or 1000Mbps SFP Fiber with auto-detected function. 1000Mbps SFP Fiber transceiver is used for high- speed connection expansion;...

  • Page 16: Installation

    ⇒ Be sure that power switch is OFF before you insert the power cord to power source • Installing Optional SFP Fiber Transceivers to the LGB1002A-R2 Note: If you have no modules, please skip this section. Fig. 2-1 Installation of Optional SFP Fiber Transceiver •...
  • Page 17 • TP Port and Cable Installation ⇒ In the switch, TP port supports MDI/MDI-X auto-crossover, so both types of cable, straight-through (Cable pin-outs for RJ-45 jack 1, 2, 3, 6 to 1, 2, 3, 6 in 10/100M TP; 1, 2, 3, 4, 5, 6, 7, 8 to 1, 2, 3, 4, 5, 6, 7, 8 in Gigabit TP) and crossed-over (Cable pin-outs for RJ-45 jack 1, 2, 3, 6 to 3, 6, 1, 2) can be used.

  • Page 18: Installing Chassis To A 19-Inch Wiring Closet Rail

    2-1-2. Installing Chassis to a 19-Inch Wiring Closet Rail Fig. 2-2 Caution: Allow a proper spacing and proper air ventilation for the cooling fan at both sides of the chassis. ⇒ Wear a grounding device for electrostatic discharge. ⇒ Screw the mounting accessory to the front side of the switch (See Fig. 2-2). ⇒...

  • Page 19: Cabling Requirements For Tp Ports

    2-1-3-1. Cabling Requirements for TP Ports ⇒ For Fast Ethernet TP network connection ⎯ The grade of the cable must be Cat. 5 or Cat. 5e with a maximum length of 100 meters. ⇒ Gigabit Ethernet TP network connection ⎯ The grade of the cable must be Cat. 5 or Cat. 5e with a maximum length of 100 meters.

  • Page 20: Switch Cascading In Topology

    2-1-3-3. Switch Cascading in Topology • Takes the Delay Time into Account Theoretically, the switch partitions the collision domain for each port in switch cascading that you may up-link the switches unlimitedly. In practice, the network extension (cascading levels & overall diameter) must follow the constraint of the IEEE 802.3/802.3u/802.3z and other 802.1 series protocol specifications, in which the limitations are the timing requirement from physical signals defined by 802.3 series specification of Media Access Control (MAC) and PHY, and timer from some...
  • Page 21 Case1: All switch ports are in the same local area network. Every port can access each other (See Fig. 2-3). Fig. 2-3 No VLAN Configuration Diagram If VLAN is enabled and configured, each node in the network that can communicate each other directly is bounded in the same VLAN area. Here VLAN area is defined by what VLAN you are using.
  • Page 22 Case 2b: Port-based VLAN (See Fig.2-5). Fig. 2-5 Port-based VLAN Diagram 1. VLAN1 members could not access VLAN2, VLAN3 and VLAN4 members. 2. VLAN2 members could not access VLAN1 and VLAN3 members, but they could access VLAN4 members. VLAN3 members could not access VLAN1, VLAN2 and VLAN4. 4.

  • Page 23: Configuring The Management Agent Of Lgb1002A-R2

    RS-232 console, CLI, and Web. Users can use any one of them to monitor and configure the switch. You can touch them through the following procedures. Section 2-1-4-1: Configuring the Management Agent of LGB1002A-R2 through the Serial RS-232 Port...
  • Page 24 255.255.255.0. You can change the switch’s default IP address 192.168.1.1 to 10.1.1.1 and set the subnet mask to be 255.255.255.0. Then, choose your default gateway, may be it is 10.1.1.254. Default Value LGB1002A-R2 Your Network Setting IP Address 192.168.1.1 10.1.1.1 Subnet 255.255.255.0...

  • Page 25: Configuring The Management Agent Of Lgb1002A-R2 Through The Ethernet Port

    2-1-4-2. Configuring the Management Agent of LGB1002A-R2 through the Ethernet Port There are three ways to configure and monitor the switch through the switch’s Ethernet port. They are CLI, Web browser and SNMP manager. The user interface for the last one is NMS dependent and does not cover here. We just introduce the first two types of management interface.

  • Page 26: Ip Address Assignment

    Fig. 2-10 the Login Screen for Web 2-1-5. IP Address Assignment For IP address configuration, there are three parameters needed to be filled in. They are IP address, Subnet Mask, Default Gateway and DNS. IP address: The address of the network device in the network is used for internetworking communication.
  • Page 27 With the classful addressing, it divides IP address into three classes, class A, class B and class C. The rest of IP addresses are for multicast and broadcast. The bit length of the network prefix is the same as that of the subnet mask and is denoted as IP address/X, for example, 192.168.1.0/24.
  • Page 28 Class D and E: Class D is a class with first 4 MSB (Most significance bit) set to 1-1-1-0 and is used for IP Multicast. See also RFC 1112. Class E is a class with first 4 MSB set to 1-1-1-1 and is used for IP broadcast. According to IANA (Internet Assigned Numbers Authority), there are three specific IP address blocks reserved and able to be used for extending internal network.
  • Page 29 In this diagram, you can see the subnet mask with 25-bit long, 255.255.255.128, contains 126 members in the sub-netted network. Another is that the length of network prefix equals the number of the bit with 1s in that subnet mask. With this, you can easily count the number of IP addresses matched.
  • Page 30 For different network applications, the subnet mask may look like 255.255.255.240. This means it is a small network accommodating a maximum of 15 nodes in the network. Default gateway: For the routed packet, if the destination is not in the routing table, all the traffic is put into the device with the designated IP address, known as default router.

  • Page 31: Typical Applications

    2-2. Typical Applications The LGB1002A-R2 implements 12 Gigabit Ethernet TP ports with auto MDIX and 4 slots for the removable module supporting comprehensive fiber types of connection, including LC and BiDi-LC SFP modules. For more details on the specification of the switch, please refer to Appendix A.
  • Page 32 Fig. 2-14 Peer-to-peer Network Connection Fig. 2-15 Office Network Connection...

  • Page 33: Operation Of Web-Based Management

    3. Operation of Web-based Management This chapter instructs you how to configure and manage the LGB1002A-R2 through the web user interface it supports, to access and manage the 12-Port 10/100/1000Mbps TP and 4-Port Gigabit TP/SFP Fiber management Ethernet switch. With this facility, you can easily access and monitor through any one port of...
  • Page 34 To optimize the display effect, we recommend you use Microsoft IE above, Netscape V7.1 above or FireFox V1.00 above and have the resolution 1024x768. The switch supported neutral web browser interface. In Fig. 3-2, for example, left section is the whole function tree with web user interface and we will travel it through this chapter.

  • Page 35: Web Management Home Overview

    3-1. Web Management Home Overview After you login, the switch shows you the system information as Fig. 3-2. This page is default and tells you the basic information of the system, including “Model Name”, “System Description”, “Location”, “Contact”, “Device Name”, “System Up Time”, “Current Time”, “BIOS Version”, “Firmware Version”, “Hardware-Mechanical Version”, “Serial Number”, “Host IP Address”, “Host Mac Address”, “Device Port”, “RAM Size”...
  • Page 36 Fig. 3-3 port detail information In Fig. 3-3, it shows the basic information of the clicked port. With this, you’ll see the information about the port status, traffic status and bandwidth rating for egress and ingress respectively. ⎯ On the left-top corner, there is a pull-down list for Auto Logout. For the sake of security, we provide auto-logout function to protect you from illegal user as you are leaving.
  • Page 37 Root System Port VLAN GVRP SNMP IP MAC Binding 802.1X Trunk MSTP Mirroring IGMP Alam Save/Restore Export/Import Diagnostics Maintenance Logout...

  • Page 38: System Information

    You can configure this parameter through the device’s user interface or SNMP. Device name: The name of the switch. User-defined. Default is LGB1002A-R2. System up time: The time accumulated since this switch is powered up. Its format is day, hour, minute, second.
  • Page 39 Host IP address: The IP address of the switch. Host MAC address: It is the Ethernet MAC address of the management agent in this switch. Device Port: Show all types and numbers of the port in the switch. RAM size: The size of the DRAM in this switch.

  • Page 40: Account Configuration

    3-1-2. Account Configuration In this function, only administrator can create, modify or delete the username and password. Administrator can modify other guest identities’ password without confirming the password but it is necessary to modify the administrator-equivalent identity. Guest-equivalent identity can modify his password only. Please note that you must confirm administrator/guest identity in the field of Authorization in advance before configuring the username and password.

  • Page 41: Time Configuration

    3-1-3. Time Configuration The switch provides manual and automatic ways to set the system time via NTP. Manual setting is simple and you just input “Year”, “Month”, “Day”, “Hour”, “Minute” and “Second” within the valid value range indicated in each item. If you input an invalid value, for example, 61 in minute, the switch will clamp the figure to NTP is a well-known protocol used to synchronize the clock of the switch system time over a network.
  • Page 42 Daylight Saving: Daylight saving is adopted in some countries. If set, it will adjust the time lag or in advance in unit of hours, according to the starting date and the ending date. For example, if you set the day light saving to be 1 hour. When the time passes over the starting time, the system time will be increased one hour after one minute at the time since it passed over.
  • Page 43 Fig. 3-6...

  • Page 44: Ip Configuration

    3-1-4. IP Configuration IP configuration is one of the most important configurations in the switch. Without the proper setting, network manager will not be able to manage or view the device. The switch supports both manual IP address setting and automatic IP address setting via DHCP server.
  • Page 45 IP address: Users can configure the IP settings and fill in new values if users set the DHCP function “Disable”. Then, click <Apply> button to update. When DHCP is disabled, Default: 192.168.1.1 If DHCP is enabled, this field is filled by DHCP server and will not allow user manually set it any more.
  • Page 46 DNS: It is Domain Name Server used to serve the translation between IP address and name address. The switch supports DNS client function to re-route the mnemonic name address to DNS server to get its associated IP address for accessing Internet.

  • Page 47: Loop Detection

    3-1-5. Loop Detection The loop detection is used to detect the presence of traffic. When switch receives packet’s(looping detection frame) MAC address the same as oneself from port, show Loop detection happens. The port will be locked when it received the looping detection frames.

  • Page 48: Management Policy

    3-1-6. Management Policy Through the management security configuration, the manager can do the strict setup to control the switch and limit the user to access this switch. The following rules are offered for the manager to manage the switch: Rule 1) : When no lists exists, then it will accept all connections. Accept ----------------------------------------------------------------------- Rule 2) : When only “accept lists”...
  • Page 49 Function name: Management Security Configuration Function description: The switch offers Management Security Configuration function. With this function, the manager can easily control the mode that the user connects to the switch. According to the mode, users can be classified into two types: Those who are able to connect to the switch (Accept) and those who are unable to connect to the switch (Deny).
  • Page 50 A name is composed of any letter (A-Z, a-z) and digit (0-9) with maximal 8 characters. VID: The switch supports two kinds of options for managed valid VLAN VID, including “Any” and “Custom”. Default is “Any”. When you choose “Custom”, you can fill in VID number. The valid VID range is 1~4094. IP Range: The switch supports two kinds of options for managed valid IP Range, including “Any”...

  • Page 51: Virtual Stack

    3-1-7. Virtual Stack Function name: Virtual Stack Function description: Virtual Stack Management(VSM) is the group management function. Through the proper configuration of this function, switches in the same LAN will be grouped automatically. And among these switch, one switch will be a master machine, and the others in this group will become the slave devices.
  • Page 52 Parameter description: State: It is used for the activation or de-activation of VSM. Default is Enable. Role: The role that the switch would like to play in virtual stack. Two types of roles, including master and slave are offered for option. Default is Master. Group ID: It is the group identifier (GID) which signs for VSM.

  • Page 53: System Log

    3-1-7. System Log The System Log provides information about system logs, including information when the device was booted, how the ports are operating, when users logged in, when sessions timed out, as well as other system information. Fig. 3-11 Function name: System Log Function description: The Trap Log Data is displaying the log items including all SNMP Private Trap...

  • Page 54: Port Configuration

    3-2. Port Configuration Four functions, including Port Status, Port Configuration, Simple Counter and Detail Counter are contained in this function folder for port monitor and management. Each of them will be described in detail orderly in the following sections. Port Configuration Configuration Status Simple Counter...
  • Page 55 Function name: Port Configuration Function description: It is used to set each port’s operation mode. The switch supports 3 parameters for each port. They are state, mode and flow control. Parameter description: Speed: Set the speed and duplex of the port. In speed, if the media is 1Gbps fiber, it is always 1000Mbps and the duplex is full only.

  • Page 56: 3-2-2.Port Status

    3-2-2.Port Status The function Port Status gathers the information of all ports’ current status and reports it by the order of port number, media, link status, port state, Auto- Negotiation status, speed/duplex, Rx Pause and Tx Pause. An extra media type information for the module ports 12 and 16 is also offered (See Fig.
  • Page 57 Speed / Duplex Mode: Display the speed and duplex of all port. There are three speeds 10Mbps, 100Mbps and 1000Mbps supported for TP media, and the duplex supported is half duplex and full duplex. If the media is 1Gbps fiber, it is 1000Mbps supported only.
  • Page 58 Connector Type: Display the connector type, for instance, UTP, SC, ST, LC and so Fiber Type: Display the fiber mode, for instance, Multi-Mode, Single-Mode. Tx Central Wavelength: Display the fiber optical transmitting central wavelength, for instance, 850nm, 1310nm, 1550nm and so on. Baud Rate: Display the maximum baud rate of the fiber module supported, for instance, 10M, 100M, 1G and so on.

  • Page 59: Simple Counter

    3-2-3. Simple Counter The function of Simple Counter collects any information and provides the counting about the traffic of the port, no matter the packet is good or bad. In the Fig. 3-15, the window can show all ports’ counter information at the same time.
  • Page 60 Error: Transmit:: Number of bad packets transmitted. Receive: Number of bad packets received. Drops Transmit:: Number of packets transmitted drop. Receive: Number of packets received drop. Auto-refresh: The simple counts will be refreshed automatically on the UI screen. Refresh: The simple counts will be refreshed manually when user use mouse to click on “Refresh”...

  • Page 61: Detail Counter

    3-2-4. Detail Counter The function of Detail Counter collects any information and provides the counting about the traffic of the port, no matter the packet is good or bad. In the Fig. 3-16, the window can show only one port counter information at the same time.
  • Page 62 Rx Low Priority Packets: Number of Rx packets classified as low priority. Rx Broadcast: Show the counting number of the received broadcast packet. Rx Multicast: Show the counting number of the received multicast packet. Tx Packets: The counting number of the packet transmitted. TX Octets: Total transmitted bytes.
  • Page 63 Tx 256-511 Bytes: Number of 256 ~ 511-byte frames in good and bad packets transmitted. Tx 512-1023 Bytes: Number of 512 ~ 1023-byte frames in good and bad packets transmitted. Tx 1024-Bytes: Number of 1024-max_length-byte frames in good and bad packets transmitted.

  • Page 64: Vlan

    3-3. VLAN The switch supports Tag-based VLAN (802.1Q) and Port-based VLAN Support 4094 active VLANs and VLAN ID 1~4094. VLAN configuration is used to partition your LAN into small ones as your demand. Properly configuring it, you can gain not only improving security and increasing performance but greatly reducing VLAN management.

  • Page 65: Tag-Based Group

    3-3-2. Tag-based Group Function name: Tag-based Group Configuration Function description: It shows the information of existed Tag-based VLAN Groups, You can also easily create, edit and delete a Tag-based VLAN group by pressing <Add>, <Edit> and <Delete> function buttons. User can add a new VLAN group by inputting a new VLAN name and VLAN ID.
  • Page 66 Add new VLAN: Please click on <Add new VLAN> to create a new Tag-based VLAN. Input the VLAN name as well as VID, configure the SYM-VLAN function and choose the member by ticking the check box beside the port No., then, press the <Apply>...
  • Page 67 c. You need to assign these ports for member of port isolation. Press the “Save” to complete the PVLAN configuration process.

  • Page 68: Port-Based Group

    3-3-3. Port-based Group Function name: Port-based Group Configuration Function description: It shows the information of the existed Port-based VLAN Groups. You can easily create, edit and delete a Port-based VLAN group by pressing <Add>, <Edit> and <Delete> function buttons. User can add a new VLAN group by inputting a new VLAN name.
  • Page 69 Delete Group: Just press the <Delete> button to remove the selected group entry from the Port-based group table. Fig. 3-23...

  • Page 70: Ports

    3-3-4. Ports Function name: VLAN Port Configuration Function description: In VLAN Tag Rule Setting, user can input VID number to each port. The range of VID number is from 1 to 4094. User also can choose ingress filtering rules to each port. There are two ingress filtering rules which can be applied to the switch.
  • Page 71 Fig. 3-24...

  • Page 72: Management

    3-3-5. Management Function name: Management Function description: To assign a specific VLAN for management purpose. Parameter description: VID: Specific Management VLAN ID. Fig. 3-25...

  • Page 73: Mac

    3-4. MAC MAC Table Configuration gathers many functions, including MAC Table Information, MAC Table Maintenance, Static Forward, Static Filter and MAC Alias, which cannot be categorized to some function type. They are described below. 3-4-1. Mac Address Table Function name: MAC Address Table Information Function Description: This function can allow the user to set up the processing mechanism of MAC...
  • Page 74 Auto: Enable this port MAC address dynamic learning mechanism. Disable: Disable this port MAC address dynamic learning mechanism, only support static MAC address setting. Secure: Disable this port MAC address dynamic learning mechanism and copy the dynamic learning packets to CPU Save: Save MAC Address Table configuration Reset:...

  • Page 75: Static Filter

    3-4-2. Static Filter Function name: Static Filter Function Description: Static Filter is a function that denies the packet forwarding if the packet’s MAC Address is listed in the filtering Static Filter table. User can very easily maintain the table by filling in MAC Address, VID (VLAN ID) and Alias fields individually.

  • Page 76: Static Forward

    3-4-3. Static Forward Function Name: Static Forward Function Description: Static Forward is a function that allows the user in the static forward table to access a specified port of the switch. Static Forward table associated with a specified port of a switch is set up by manually inputting MAC address and its alias name.

  • Page 77: Mac Alias

    3-4-4. MAC Alias Function name: MAC Alias Function description: MAC Alias function is used to let you assign MAC address a plain English name. This will help you tell which MAC address belongs to which user in the illegal access report. At the initial time, it shows all pairs of the existed alias name and MAC address.

  • Page 78: Mac Table

    3-4-5. MAC Table Function name: Dynamic MAC Table Function Description: Display the static or dynamic learning MAC entry and the state for the selected port. Fig. 3-30 Parameter description: Type: Dynamic or Static. VLAN: VLAN identifier. This will be filled only when tagged VLAN is applied. Valid range is 1 ~ 4094.

  • Page 79: Gvrp

    3-5. GVRP GVRP is an application based on Generic Attribute Registration Protocol (GARP), mainly used to automatically and dynamically maintain the group membership information of the VLANs. The GVRP offers the function providing the VLAN registration service through a GARP application. It makes use of GARP Information Declaration (GID) to maintain the ports associated with their attribute database and GARP Information Propagation (GIP) to communicate among switches and end stations.
  • Page 80 Parameter description: GVRP State: This function is simply to let you enable or disable GVRP function. You can pull down the list and click the <Downward> arrow key to choose “Enable” or “Disable”. Then, click the <Apply> button, the system will take effect immediately.
  • Page 81 Restricted Mode: This function is used to restrict dynamic VLAN be created when this port received GVRP PDU. There are two modes, disable and enable, provided for the user’s choice. Disabled: In this mode, the switch dynamic VLAN will be created when this port received GVRP PDU.

  • Page 82: Counter

    3-5-2. Counter Function name: GVRP Counter Function description: All GVRP counters are mainly divided into Received and Transmitted two categories to let you monitor the GVRP actions. Actually, they are GARP packets. Fig. 3-32 Parameter description: Received: Total GVRP Packets: Total GVRP BPDU is received by the GVRP application.
  • Page 83 Transmitted: Total GVRP Packets: Total GARP BPDU is transmitted by the GVRP application. Invalid GVRP Packets: Number of invalid GARP BPDU is transmitted by the GVRP application. LeaveAll Message Packets: Number of GARP BPDU with Leave All message is transmitted by the GARP application.

  • Page 84: Group

    3-5-3. Group Function name: GVRP Group VLAN Information Function description: To show the dynamic group member and their information. Fig. 3-33 Parameter description: VID: VLAN identifier. When GVRP group creates, each dynamic VLAN group owns its VID. Valid range is 1 ~ 4094. Member Port: Those are the members belonging to the same dynamic VLAN group.

  • Page 85: Qos(Quality Of Service) Configuration

    3-6. QoS(Quality of Service) Configuration support four QoS queues per port with strict or weighted fair switch queuing scheduling. There are 24 QoS Control Lists (QCL) for advance programmable QoS classification, based on IEEE 802.1p, Ethertype, VID, IPv4/IPv6 DSCP and UDP/TCP ports and ranges. High flexibility in the classification of incoming frames to a QoS class.
  • Page 86 Parameter description: Number of Classes: 1 / 2 / 4 Port: User can choose the port (1~16) respectively with Priority Class on Per Port Priority function. Default Class: User can set up High Priority or Low Priority for each port respectively. Low / Normal / Medium / High QCL: The number of QCL rule 1~24, each port have to apply one of the QCL...

  • Page 87: Qos Control List

    3-6-2. Qos Control List Function name: Qos Control List Configuration Function description: support four QoS queues per port with strict or weighted fair switch queuing scheduling. There are 24 QoS Control Lists (QCL) for advance programmable QoS classification, based on IEEE 802.1p, Ether Type, VID, IPv4/IPv6 DSCP and UDP/TCP ports and ranges.
  • Page 88 QCE Configuration: The QCL consists of 12 QoS Control Entries (QCEs) that are searched from the top of the list to the bottom of the list for a match. The first matching QCE determines the QoS classification of the frame. The QCE ordering is therefore important for the resulting QoS classification algorithm.
  • Page 89 Fig. 3-39 Fig. 3-40 Fig. 3-41...
  • Page 90 Fig. 3-42 Parameter description: QCL#: QCL number : 1~24 QCE Type: Ethernet Type / VLAN ID / UDP/TCP Port / DSCP / ToS / Tag Priority Ethernet Type Value: The configurable range is 0x600~0xFFFF. Well known protocols already assigned EtherType values. The commonly used values in the EtherType field and corresponding protocols are listed below: Ethertype Protocol...
  • Page 91 DRARP, Dynamic RARP. RARP, 0x8035 Reverse Address Resolution Protocol. 0x8037 Novell Netware IPX 0x809B EtherTalk (AppleTalk over Ethernet) 0x80D5 IBM SNA Services over Ethernet AARP, AppleTalk Address Resolution 0x 80F3 Protocol. IEEE Std 802.1Q - Customer VLAN Tag 0x8100 Type. 0x8137 IPX, Internet Packet Exchange.
  • Page 92 The configurable ports range: 0~65535 You can refer to following UDP/TCP port-numbers information. http://www.iana.org/assignments/port-numbers UDP/TCP Port No.: The configurable specific port value: 0~65535 DSCP Value: The configurable DSCP value: 0~63 Traffic Class: Low / Normal / Medium / High...

  • Page 93: 3-6-3.Rate Limiters

    3-6-3.Rate Limiters Function name: Rate Limit Configuration Function description: Each port includes an ingress policer, and an egress shaper, which can limit the bandwidth of received and transmitted frames. Ingress policer or egress shaper operation is controlled per port in the Rate Limit Configuration. Fig.
  • Page 94 There are two units for ingress policer rate limit: kbps / Mbps Shaper Enabled: Shaper enabled to limit egress bandwidth by shaper rate. Shaper Rate: The configurable shaper rate range: 500 Kbps ~ 1000000 Kbps 1 Mbps ~ 1000 Mbps Shaper Unit: There are two units for egress shaper rate limit: kbps / Mbps...

  • Page 95: 3-6-4.Storm Control

    3-6-4.Storm Control Function name: Storm Control Configuration Function description: The switch support storm ingress policer control function to limit the Flooded, Multicast and Broadcast to prevent storm event happen. Fig. 3-44 Parameter description: Frame Type: There three frame types of storm can be controlled: Flooded unicast / Multicast / Broadcast Status: Enable/Disable Selection:...

  • Page 96: 3-6-5.Wizard

    3-6-5.Wizard Function name: Wizard Function description: The QCL configuration Wizard is targeted on user can easy to configure the QCL rules for QoS configuration. The wizard provide the typical network application rules, user can apply these application easily. Fig. 3-45 Parameter description: Please select an Action: User need to select one of action from following items, then click on...
  • Page 97 Set up Port Policies Fig. 3-46 Parameter description: QCL ID: QoS Control List (QCL): 1~24 Port Member: Port Member: 1~16 Set up Port Policies Fig. 3-47 Parameter description: Wizard Again: Click on the <Wizard Again> , back to QCL Configuration Wizard. Finish: When you click on <Finish>, the parameters will be set according to the wizard configuration and shown on the screen, then ask you to click on...
  • Page 98 Set up Port Policies Finish Fig. 3-48 Fig. 3-49 Set up Typical Network Application Rules Fig. 3-50 Set up Typical Network Application Rules...
  • Page 99 Fig. 3-51 Set up Typical Network Application Rules Parameter description: Audio and Video: QuickTime 4 Server / MSN Messenger Phone / Yahoo Messenger Phone / Napster / Real Audio Games: Blizzard Battlenet (Diablo2 and StarCraft) / Fighter Ace II / Quake2 / Quake3 / MSN Game Zone User Definition: Ethernet Type / VLAN ID / UDP/TCP Port / DSCP...
  • Page 100 Fig. 3-52 Set up Typical Network Application Rules Parameter description: QCL ID: QCL ID Range: 1~24 Traffic Class: There are four classes: Low / Normal / Medium / High Fig. 3-53 Set up Typical Network Application Rules...
  • Page 101 Fig. 3-54 Set up Typical Network Application Rules Finish Fig. 3-55 Set up Typical Network Application Rules Finish...
  • Page 102 Fig. 3-56 Set up Typical Network Application Rules Finish Parameter description: QCL #: QoS Control List (QCL): 1~24 Fig. 3-57 Set up TOS Precedence Mapping...
  • Page 103 Parameter description: QCL ID: QoS Control List (QCL): 1~24 TOS Precedence 0~7 Class: Low / Normal / Medium / High Fig. 3-58 Set up TOS Precedence Mapping Fig. 3-59 Set up TOS Precedence Mapping Finish...
  • Page 104 Fig. 3-60 Set up VLAN Tag Priority Mapping Parameter description: QCL ID: QoS Control List (QCL): 1~24 Tag Priority 0~7 Class: Low / Normal / Medium / High Fig. 3-61 Set up VLAN Tag Priority Mapping...
  • Page 105 Fig. 3-62 Set up VLAN Tag Priority Mapping Finish...

  • Page 106: Snmp Configuration

    3-7. SNMP Configuration Any Network Management System (NMS) running the Simple Network Management Protocol (SNMP) can manage the Managed devices equipped with SNMP agent, provided that the Management Information Base (MIB) is installed correctly on the managed devices. The SNMP is a protocol that is used to govern the transfer of information between SNMP manager and agent and traverses the Object Identity (OID) of the management Information Base (MIB), described in the form of SMI syntax.
  • Page 107 Default SNMP function : Enable Default community name for GET: public Default community name for SET: private Default community name for Trap: public Default Set function : Enable Default trap host IP address: 0.0.0.0 Default port number :162 Trap: In the switch, there are 6 trap hosts supported. Each of them has its own community name and IP address;...

  • Page 108: Acl

    3-8. ACL The LGB1002A-R2 switch access control list (ACL) is probably the most commonly used object in the IOS. It is used for packet filtering but also for selecting types of traffic to be analyzed, forwarded, or influenced in some way.
  • Page 109 Parameter description: Port #: Port number: 1~16 Policy ID: Policy ID range:1~8 Action: Permit or Deny forwarding the met ACL packets Rate Limiter ID: Disabled: Disable Rate Limitation Rate Limiter ID Range: 1~16. To select one of rate limiter ID for this port, it will limit met ACL packets by rate limiter ID configuration.

  • Page 110: 3-8-2.Rate Limiters

    3-8-2.Rate Limiters Function name: ACL Rate Limiter Configuration Function description: There are 16 rate limiter ID. You can assign one of the limiter ID for each port. The rate limit configuration unit is Packet Per Second (pps). Fig. 3 Parameter description: Rate Limiter ID: ID Range: 1~16 Rate(pps):...

  • Page 111: 3-8-3.Access Control List

    3-8-3.Access Control List Function name: ACL Rate Limiter Configuration Function description: The switch ACL function support up to 128 Access Control Entries (ACEs), using the shared 128 ACEs for ingress classification. You can create an ACE and assign this ACE for each port with <Any> or assign this ACE for a policy or assign this ACE for a port.
  • Page 112 Ingress Port Fig. 3-67 Fig. 3-68 Parameter description: Frame Type: Range: Any / Ethernet Type / ARP / IPv4 Any: It is including all frame type Ethernet Type: It is including all Ethernet frame type ARP: It is including all ARP protocol frame type IPv4: It is including all IPv4 protocol frame type...
  • Page 113 Fig. 3-69 Frame Type Fig. 3-70...
  • Page 114 Fig. 3-71 Fig. 3-72 Fig. 3-73 ARP...
  • Page 115 Fig. 3-74 ARP Fig. 3-75 ARP Fig. 3-76 ARP Fig. 3-77 ARP...
  • Page 116 Fig. 3-78 ARP Fig. 3-79 ARP Fig. 3-80 ARP Fig. 3-81 ARP...
  • Page 117 Fig. 3-83 ARP Fig. 3-84 ARP Fig. 3-85 ARP Fig. 3-86 ARP Fig. 3-87 ARP...
  • Page 118 Fig. 3-88 IPv4 Fig. 3-89 IPv4 Fig. 3-90 IPv4...
  • Page 119 Fig. 3-91 IPv4 Fig. 3-92 IPv4 Fig. 3-93 IPv4 Fig. 3-94 IPv4 Fig. 3-95 IPv4...
  • Page 120 Fig. 3-96 IPv4 Fig. 3-97 IPv4 Fig. 3-98 IPv4 Fig. 3-99 IPv4 Fig. 3-100 IPv4...
  • Page 121 Fig. 3-101 IPv4 Fig. 3-102 IPv4 Fig. 3-103 IPv4...
  • Page 122 Fig. 3-104 IPv4 Fig. 3-105 IPv4 Fig. 3-106 IPv4...
  • Page 123 Fig. 3-107 IPv4 Fig. 3-108 IPv4 Fig. 3-109 IPv4...
  • Page 124 Fig. 3-110 IPv4 Fig. 3-111 IPv4 Fig. 3-112 IPv4...
  • Page 125 Fig. 3-113 IPv4 Fig. 3-114 IPv4 Fig. 3-115 IPv4...
  • Page 126 Fig. 3-116 IPv4 Fig. 3-117 IPv4 Fig. 3-118 Action...
  • Page 127 Fig. 3-119 Rate Limiter Fig. 3-120 Port Copy...
  • Page 128 Fig. 3-121 DMAC Filter Fig. 3-122 VLAN ID Filter Fig. 3-123 VLAN ID Filter...
  • Page 129 Fig. 3-124 Tag Priority Function name: ACE Configuration Function description: The switch ACL function support up to 128 Access Control Entries (ACEs), using the shared 128 ACEs for ingress classification. You can create an ACE and assign this ACE for each port with <Any> or assign this ACE for a policy or assign this ACE for a port.
  • Page 130 Range: Any / MC / BC / UC Any: It is including all destination MAC address MC: It is including all Multicast MAC address BC: It is including all Broadcast MAC address UC: It is including all Unicast MAC address MAC Parameters: (When Frame Type = Ethernet Type) SMAC Filter: Range: Any / Specific...
  • Page 131 Specific: It is according to specific Ethernet Type Value. Ethernet Type Value: The Ethernet Type Range: 0x600-0xFFFF ARP Parameters: (When Frame Type = ARP) ARP/RARP: Range: Any / ARP / RARP / Other Any: Including all ARP/RARP protocol frame types ARP: Including all ARP protocol frame types RARP: Including all RARP frame types Other: Including other frame types except ARP/RARP protocol...
  • Page 132 Range: Any / 0 / 1 Any: Both 0 and 1 The ingress RARP frames where the Destination MAC address is not equal DMAC address under MAC parameter setting The ingress RARP frames where the Destination MAC address is equal DMAC address under MAC parameter setting IP/Ethernet Length: Range: Any / 0 / 1...
  • Page 133 Any: Including all conditions for IPTTL Non-Zero: Including IPTTL is Non-Zero Zero: Including IPTTL is zero IP Fragment: (IP Fragmentation Flag) Controls datagram fragmentation together with the identification field. The flags indicate whether the datagram may be fragmented, whether the datagram is fragmented, and whether the current fragment is the final one.
  • Page 134 Range: Any / Specific Any: Including all types of ICMP type values Specific: According to following ICMP type value setting for ingress classification ICMP Type Value: Range: 0-255 ICMP Code Filter: Range: Any / Specific Any: Including all of ICMP code values Specific: According to following ICMP code value setting for ingress classification ICMP Code Value:...
  • Page 135 Source Port Filter: Range: Any / Specific / Range Any: Including all TCP source ports Specific: According to following Source Port No. setting for ingress classification Range: According to following Source Port Range setting for ingress classification Source Port No.: Range: 0-65535 Source Port Range.: Range: 0-65535...
  • Page 136 Any: Including all TCP RST case 0: The TCP control bit RST is 0 1: The TCP control bit RST is 1 TCP PSH: TCP Control Bit PSH: Means Push Function Range: Any / 0 / 1 Any: Including all TCP PSH case 0: The TCP control bit PSH is 0 1: The TCP control bit PSH is 1 TCP ACK:...
  • Page 137 Internet forever Range: Any / Non-zero / Zero Any: Including all conditions for IPTTL Non-Zero: Including IPTTL is Non-Zero Zero: Including IPTTL is zero IP Fragment: (IP Fragmentation Flag) Controls datagram fragmentation together with the identification field. The flags indicate whether the datagram may be fragmented, whether the datagram is fragmented, and whether the current fragment is the final one.
  • Page 138 VLAN Parameters: VLAN ID Filter: Range: Any / Specific Any: Including all VLAN IDs Specific: According to following VLAN ID and Tag Priority setting for ingress classification VLAN ID: Range: 1-4094 Tag Priority: Range: Any / 0-7 Any: Including all Tag Priority values 0-7: The Tag Priority Value is one of number (0-7) Action Parameters: When the ingress frame meet above ACL ingress classification rule you...

  • Page 139: 3-8-4.Wizard

    3-8-4.Wizard Function name: Wizard Function description: The wizard function is provide 4 type of typical application for user easy to configure their application with ACL function. Fig. 3-125 Wizard Parameter description: Please select an Action: Set up Policy Rules / Set up Port Policies / Set up Typical Network Application Rules / Set up Source MAC and Source IP Binding Next: Click on <Next>...
  • Page 140 Fig. 3-126 Set up Policy Rules Fig. 3-127 Set up Policy Rules Fig. 3-128 Set up Policy Rules...
  • Page 141 Fig. 3-129 Set up Policy Rules Finish Fig. 3-130 Set up Port Policies Fig. 3-131 Set up Port Policies...
  • Page 142 Fig. 3-132 Set up Port Policies Fig. 3-133 Set up Port Policies Finish Fig. 3-134 Set up Typical Network Application Rules...
  • Page 143 Fig. 3-135 Set up Typical Network Application Rules Fig. 3-136 Set up Typical Network Application Rules Fig. 3-137 Set up Typical Network Application Rules...
  • Page 144 Fig. 3-138 Set up Typical Network Application Rules Finish Parameter description: Common Server: DHCP / DNS / FTP / HTTP / IMAP / NFS / POP3 / SAMBA / SMTP / TELNET / TFTP Instant Messaging: Google Talk / MSN Messenger / Yahoo Messenger User Definition: Ethernet Type / UDP Port / TCP Port Others:...
  • Page 145 Fig. 3-139 Set up Source MAC and Source IP Binding Fig. 3-140 Set up Source MAC and Source IP Binding Fig. 3-141 Set up Source MAC and Source IP Binding...
  • Page 146 Fig. 3-142 Set up Source MAC and Source IP Binding Finish Parameter description: Port #: 1-16 Binding Enabled: Use the switch ACL function to support IP/MAC Binding function, the maximum is up to 128 entries. Source MAC Address: xx-xx-xx-xx-xx-xx For example: 00-40-c7-00-00-01 Source IP Address: xxx.xxx.xxx.xxx For example: 192.168.1.100...

  • Page 147: Ip Mac Binding

    3-9. IP MAC Binding The IP network layer uses a four-byte address. The Ethernet link layer uses a six-byte MAC address. Binding these two address types together allows the transmission of data between the layers. The primary purpose of IP-MAC binding is to restrict the access to a switch to a number of authorized users.
  • Page 148 For example: 00-40-c7-00-00-01 Four-byte IP Address: xxx.xxx.xxx.xxx For example: 192.168.1.100 Port No: Port no.: 1-16 VID: VLAN ID: 1-4094 Add: Input MAC, IP, Port and VID, then click on <Add> to create a new entry into the IP MAC Binding table Delete: Select one of entry from the table, then click on <Delete>...

  • Page 149: Configuration

    3-10. 802.1X Configuration 802.1X port-based network access control provides a method to restrict users to access network resources via authenticating user’s information. This restricts users from gaining access to the network resources through a 802.1X- enabled port without authentication. If a user wishes to touch the network through a port under 802.1X control, he (she) must firstly input his (her) account name for authentication and waits for gaining authorization before sending or receiving any packets from a 802.1X-enabled port.
  • Page 150 The overview of operation flow for the Fig. 3-53 is quite simple. When Supplicant PAE issues a request to Authenticator PAE, Authenticator and Supplicant exchanges authentication message. Then, Authenticator passes the request to RADIUS server to verify. Finally, RADIUS server replies if the request is granted or denied.
  • Page 151 Authentication server Fig. 3-54 Authenticator Supplicant A The Fig. 3-55 shows the procedure of 802.1X authentication. There are steps for the login based on 802.1X port access control management. The protocol used in the right side is EAPOL and the left side is EAP. At the initial stage, the supplicant A is unauthenticated and a port on switch acting as an authenticator is in unauthorized state.
  • Page 152 If user ID and password is correct, the authentication server will send a Radius-Access-Accept to the authenticator. If not correct, the authentication server will send a Radius-Access-Reject. When the authenticator PAE receives a Radius-Access-Accept, it will send an EAP-Success to the supplicant. At this time, the supplicant is authorized and the port connected to the supplicant and under 802.1X control is in the authorized state.
  • Page 153 the device’s MAC address and its VID. The following table is the summary of the combination of the authentication status and the port status versus the status of port mode, set in 802.1X Port mode, port control state, set in 802.1X port setting. Here Entry Authorized means MAC entry is authorized.

  • Page 154: 3-10-1.Server

    3-10-1.Server Function name: 802.1X Server Configuration Function description: This function is used to configure the global parameters for RADIUS authentication in 802.1X port security application. Fig. 3-144 Parameter description: Authentication Server Server IP Server: Server IP address for authentication. Default: 192.168.1.1 UDP Port: Default port number is 1812.
  • Page 155 UDP Port: Default port number is 1812. Secret Key: The secret key between authentication server and authenticator. It is a string with the length 1 – 31 characters. The character string may contain upper case, lower case and 0-9. It is character sense. It is not allowed for putting a blank between any two characters.

  • Page 156: 3-10-2.Port Configuration

    3-10-2.Port Configuration Function name: 802.1X Port Configuration Function description: This function is used to configure the parameters for each port in 802.1X port security application. Refer to the following parameters description for details. Fig. 3-145 Parameter description: Port: It is the port number to be selected for configuring its associated 802.1X parameters which are Port control, reAuthMax, txPeriod, Quiet Period, reAuthEnabled, reAuthPeriod, max.
  • Page 157 himself. Clientless: The clients don’t need to install 802.1X client function, that means the client PC (for example WINDOW XP) does not need to enable 802.1X client function also can do 802.1X authentication. But the network maintainer need to configure the Radius server using each client’s MAC address for Radius account ID and password.
  • Page 158 session. The valid range: 1 – 10. Default: 2 times suppTimeout(1-65535 s): A timeout condition in the exchange between the authenticator and the supplicant. The valid range: 1 –65535. Default: 30 seconds. serverTimeout(1-65535 s): A timeout condition in the exchange between the authenticator and the authentication server.

  • Page 159: 3-10-3.Status

    3-10-3.Status Function name: 802.1X Status Function description: Show the each port IEEE 802.1X authentication current operating mode and status. Fig. 3-146 Parameter description: Port: Port number: 1-16 Mode: Show this port IEEE 802.1X operating mode: There are four modes Disable, Normal, Advance and Clientless Status: Show this port IEEE 802.1X security current status: Authorized or Unauthorized...

  • Page 160: Statistics

    3-10-4. Statistics Function name: 802.1X Port Statistics Port1 Function description: Show the IEEE 802.1X authentication related counters for manager monitoring authenticator status. Fig. 3-147 Parameter description: Port: Port Number: 1-16 Auto - refresh: Refresh the authenticator counters in the web UI automatically Refresh: Click on the <Refresh>...

  • Page 161: Trunking Configuration

    3-11. Trunking Configuration The Port Trunking Configuration is used to configure the settings of Link Aggregation. You can bundle more than one port with the same speed, full duplex and the same MAC to be a single logical port, thus the logical port aggregates the bandwidth of these ports.

  • Page 162: 3-11-1.Port

    Per Trunking Group supports a maximum of 12 ready member-ports. Please note that some decisions will automatically be made by the system while you are configuring your trunking ports. Some configuration examples are listed below: 12 ports have already used Static Trunk Group ID 1, the 13th port willing to use the same Static Trunk Group ID will be automatically set to use the “None”...
  • Page 163 Parameter description: Port: Port Number: 1-16 Method: This determines the method a port uses to aggregate with other ports. None: A port does not want to aggregate with any other port should choose this default setting. LACP: A port use LACP as its trunk method to get aggregated with other ports also using LACP.

  • Page 164: Aggregator View

    3-11-2 Aggregator View Function name: Aggregator View Function description: To display the current port trunking information from the aggregator point of view. Fig.3-149 Parameter description: Aggregator: It shows the aggregator ID (from 1 to 16) of every port. In fact, every port is also an aggregator, and its own aggregator ID is the same as its own Port No..

  • Page 165: Lacp System Priority

    3-11-3 LACP System Priority Function name: LACP System Priority Function description: It is used to set the priority part of the LACP system ID. LACP will only aggregate together the ports whose peer link partners are all on a single system.

  • Page 166: Stp Configuration

    3-12 STP Configuration The Spanning Tree Protocol (STP) is a standardized method (IEEE 802.1D) for avoiding loops in switched networks. When STP is enabled, ensure that only one path is active between any two nodes on the network at a time. User can enable Spanning Tree Protocol on switch’s web management and then set up other advanced items.
  • Page 167 bridge, the “Designated Root” will show this switch’s bridge ID. Designated Priority: Show the current root bridge priority. Root Port: Show port number connected to root bridge with the lowest path cost. Root Path Cost: Show the path cost between the root port and the designated port of the root bridge.

  • Page 168: Configuration

    If you want to have the LGB1002A-R2 as root bridge, you can set this value lower than that of bridge in the LAN. The valid value is 0 ~ 61440. The default is 32768.
  • Page 169 Default is 2 seconds. Max. Age: When the LGB1002A-R2 is the root bridge, the whole LAN will apply this figure set by this switch as their maximum age time. When a bridge received a BPDU originated from the root bridge and if the message age conveyed in the BPDU exceeds the Max.

  • Page 170: Stp Port Configuration

    3-12-3. STP Port Configuration Function name: STP Port Setting Function description: In the STP Port Setting, one item selection and five parameters settings are offered for user’s setup. User can disable and enable each port by selecting each Port Status item. User also can set “Path Cost” and “Priority” of each port by filling in the desired value and set “Admin Edge Port”...
  • Page 171 It is the contribution value of the path through this port to Root Bridge. STP algorithm determines a best path to Root Bridge by calculating the sum of path cost contributed by all ports on this path. A port with a smaller path cost value would become the Root Port more possibly.
  • Page 172 transit to Forwarding state. If it is set as True, the port is treated as point- to-point link by RSTP and unconditionally transited to Forwarding state. If it is set as False, fast transition to Forwarding state will not happen on this port.

  • Page 173: Mstp

    3-13 MSTP The implementation of MSTP is according to IEEE 802.1Q 2005 Clause 13 – Multiple Spanning Tree Protocol. MSTP allows frames assigned to different VLANs to follow separate paths, each based on an independent Multiple Spanning Tree Instance (MSTI), within Multiple Spanning Tree (MST) Regions composed of LANs and or MST Bridges.

  • Page 174: Region Config

    3-13-2 Region Config Function name: MSTP Region Config Function description: To configure the basic identification of a MSTP bridge. Bridges participating in a common MST region must have the same Region Name and Revision Level. Fig. 3-155 Parameter description: Region Name: 0-32 characters.(A variable length text string encoded within a fixed field of 32 octets , conforming to RFC 2271’s definition of SnmpAdminString.) Revision Level:...

  • Page 175: Instance View

    3-13-3 Instance View (Fig. 3-156) Function name: MSTP Instance Config Function description: Providing an MST instance table which include information(vlan membership of a MSTI ) of all spanning instances provisioned in the particular MST region which the bridge belongs to. Through this table, additional MSTP configuration data can be applied and MSTP status can be retrieved.
  • Page 176 Del All MSTI: Deleting all provisioned MSTIs at a time. Fig. 3-158 Instance Configuration: To provision spanning tree performance parameters per instance. Fig. 3-159 Port Config: To provision spanning tree performance parameters per instance per port. Fig. 3-160 Instance Status: To show the status report of a particular spanning tree instance.
  • Page 177 Parameter description: Priority: The priority parameter used in the CIST(Common and Internal Spanning Tree) connection. 0 / 4096 / 8192 / 12288 / 16384 / 20480 / 24576 / 28672 / 32768 / 36864 / 40960 / 45056 / 49152 / 53248 / 57344 / 61440 MAX.
  • Page 178 Parameter description: Port: 1-16 Path Cost: 1 – 200,000,000 The same definition as in the RSTP specification. But in MSTP, this parameter can be respectively applied to ports of CIST and ports of any MSTI. Priority: 0 / 16 / 32 / 48 / 64 / 80 / 96 / 112 / 128 / 144 / 160 / 176 / 192 / 208 / 224 / 240 The same definition as in the RSTP specification.
  • Page 179 changes in a spanning trees active topology as a result of persistent incorrectly learned station location information. It is set by a network administrator to prevent bridges external to a core region of the network, causing address flushing in that region, possibly because those bridges are not under the full control of the administrator.
  • Page 180 Bridge Mac Address: The Mac Address of the bridge itself. CIST ROOT PRIORITY: Spanning tree priority value of the CIST root bridge CIST ROOT MAC: Mac Address of the CIST root bridge CIST EXTERNAL ROOT PATH COST: Root path cost value from the point of view of the bridge’s MST region. CIST ROOT PORT ID: The port ID of the bridge’s root port.
  • Page 181 Fig. 3-161 Port Status Parameter description: Port No: 1-16 Status: The forwarding status.Same definition as of the RSTP specification Possible values are “FORWARDING” , “LEARNING” , “DISCARDING” Status: The role that a port plays in the spanning tree topology. Possible values are “dsbl”(disable port) , ”alt”(alternate port) , “bkup”(backup port) , “ROOT”(root port) , “DSGN”(designated port) , “MSTR”(master port).
  • Page 182 Whether or not a port is a Point-to-Point Port in reality. Restricted Role: Same as mentioned in “Port Config” Restricted Tcn: Same as mentioned in “Port Config”...

  • Page 183: Mirror

    3-14. Mirror Function name: Mirror Configuration Function description: Mirror Configuration is to monitor the traffic of the network. For example, we assume that Port A and Port B are Monitoring Port and Monitored Port respectively, thus, the traffic received by Port B will be copied to Port A for monitoring.
  • Page 184 Source Enable: The source enable means the monitored port ingress traffic will be copied to monitoring port. Destination Enable: The destination enable means the monitored port egress traffic will be copied to monitoring port.

  • Page 185: Igmp Snooping

    3-15. IGMP Snooping The function, IGMP Snooping, is used to establish the multicast groups to forward the multicast packet to the member ports, and, in nature, avoids wasting the bandwidth while IP multicast packets are running over the network. This is because a switch that does not support IGMP or IGMP Snooping can not tell the multicast packet from the broadcast packet, so it can only treat them all as the broadcast packet.
  • Page 186 Parameter description: IGMP snooping mode selection: The switch supports three kinds of IGMP Snooping status, including “Passive”, “Active” and “Disable”. Disable: Set “Disable” mode to disable IGMP Snooping function. Default: Disable Active: In Active mode, IGMP snooping switch will periodically issue the Membership Query message to all hosts attached to it and gather the Membership report message to update the database of the Multicast table.

  • Page 187: Group Membership

    3-15-2 Group Membership Function name: Group Membership Function description: To show the IGMP group members information, the you can edit the parameters for IGMP groups and members in the web user interface. Fig. 3-164 Parameter description: IP Range: The switch supports two kinds of options for managed valid IP range, including “Any”...

  • Page 188: Alarm Configuration

    3-16. Alarm Configuration Alarm Configuration Events Configuration Email/SMS Configuration Function name: Events Configuration Function description: The Trap Events Configuration function is used to enable the switch to send out the trap information while pre-defined trap events occurred. The switch offers 24 different trap events to users for switch management. The trap information can be sent out in three ways, including email, mobile phone SMS (short message system) and trap.

  • Page 189: Events

    3-16-1 Events Function name: Email/SMS Configuration Function description: Alarm configuration is used to configure the persons who should receive the alarm message via either email or SMS, or both. It depends on your settings. An email address or a mobile phone number has to be set in the web page of alarm configuration (See Fig.

  • Page 190: Email

    3-16-2 Email Parameter description: Email: Mail Server: the IP address of the server transferring your email. Username: your username on the mail server. Password: your password on the mail server. Email Address 1 – 6: email address that would like to receive the alarm message.

  • Page 191: Dhcp Snooping

    3-17. DHCP Snooping DHCP Snooping DHCP Snooping State DHCP Snooping Entry DHCP Snooping Client Fig.3-62 3-17-1. DHCP Snooping State Function name: DHCP Snooping State Function description: The addresses assigned to DHCP clients on unsecure ports can be carefully controlled using the dynamic bindings registered with DHCP Snooping. DHCP snooping allows a switch to protect a network from rogue DHCP servers or other devices which send port-related information to a DHCP server.

  • Page 192: Dhcp Snooping Entry

    3-17-2. DHCP Snooping Entry Function name: DHCP Snooping Entry Function description: DHCP snooping Entry allows a switch to add the an trust DHCP server and 2 trust port to build the DHCP snooping available entry. This information can be useful in tracking an IP address back to a physical port and enable or disable the DHCP Option 82.

  • Page 193: Dhcp Snooping Client

    processed as follows: * If the DHCP packet is a reply packet from a DHCP server, the packet is dropped. * If the DHCP packet is from a client, such as a DISCOVER, REQUEST INFORM, DECLINE or RELEASE message, the packet is forwarded if MAC address verification is disabled.

  • Page 194: Configuration

    3-18. Configuration The switch supports three copies of configuration, including the default configuration, working configuration and user configuration for your configuration management. All of them are listed and described below respectively. Default Configuration: This is ex-factory setting and cannot be altered. In Web UI, two restore default functions are offered for the user to restore to the default setting of the switch.

  • Page 195: Save Start

    3-18-2 . Save Start Function name: Save As Start Configuration Function description: Save the current configuration as a start configuration file in flash memory. Fig. 3-168 3-18-3 . Save User Function name: Save As User Configuration Function description: Save the current configuration as a user configuration file in flash memory. Fig.
  • Page 196 Fig. 3-170...

  • Page 197: Config File

    3-19. Config File Function name: Config File Function description: With this function, user can back up or reload the configuration files of Save As Start or Save As User via TFTP. Fig. 3-171 Parameter description: Export File Path: Export Start: Export Save As Start’s config file stored in the flash.

  • Page 198: Diagnostics

    3-20. Diagnostics Three functions, including Diagnostics, Loopback Test and Ping Test are contained in this function folder for device self-diagnostics. Each of them will be described in detail orderly in the following sections. Diagnostics Diagnostics Ping Test VeriPHY 3-20-1 . Diag Function name: Diagnostics Function description:...

  • Page 199: Ping

    3-20-2 .Ping Function name: Ping Test Function description: Ping Test function is a tool for detecting if the target device is alive or not through ICMP protocol which abounds with report messages. The switch provides Ping Test function to let you know that if the target device is available or not.

  • Page 200: Veriphy

    3-20-2 .VeriPHY Function name: VeriPHY Function description: The switch device includes a comprehensive suite of cable diagnostic function that are available using SMI reads and writes. These functions enable a variety of cable operating conditions and status to be accessed and checked. The VeriPHY suite has the ability to identify the cable and operating conditions and to isolate a variety of common faults that can occur the Cat5 twisted pair cabling.

  • Page 201: Maintenance

    Software Upload Function description: Click on <Browse> to select a specific LGB1002A-R2 firmware file from the Web management PC, then click on <Upload> to confirm the upgrade firmware action. The new firmware will be uploaded into the switch and write into flash memory.

  • Page 202: Logout

    3-22 Logout You can manually logout by performing Logout function. In the switch, it provides another way to logout. You can configure it to logout automatically. Function name: Logout Function description: The switch allows you to logout the system to prevent other users from the system without the permission.

  • Page 203: Operation Of Cli Management

    4. Operation of CLI Management 4-1. CLI Management Refer to Chapter 2 for basic installation. The following description is the brief of the network connection. -- Locate the correct DB-9 null modem cable with female DB-9 connector. Null modem cable comes with the management switch. Refer to the Appendix B for null modem cable configuration.
  • Page 204 LGB1002A-R2 LGB1002A-R2 Fig. 4-1 LGB1002A-R2 LGB1002A-R2 Fig. 4-2...

  • Page 205: Commands Of Cli

    For example, “show” in IP mode performs displaying the IP information; however, it performs displaying the system information in system mode. For more details, please refer to Section 4-2-2. LGB1002A-R2 LGB1002A-R2 Fig. 4-3...

  • Page 206: Global Commands Of Cli

    When you enter this command, your current position would move to the top mode. If you use this command in the top mode, you are still in the position of the top mode. Argument: None. Possible value: None. Example: LGB1002A-R2# alarm LGB1002A-R2(alarm)# events LGB1002A-R2(alarm-events)# end LGB1002A-R2# exit Syntax: exit Description: Back to the previous mode.
  • Page 207 Argument: None. Possible value: None. Example: LGB1002A-R2# ip LGB1002A-R2(ip)# help Commands available: ------------<< Local commands >>------------ set ip Set ip,subnet mask and gateway set dns Set dns...
  • Page 208 [#]: show last number of history records. (optional) Possible value: [#]: 1, 2, 3, …., 256 Example: LGB1002A-R2(ip)# history Command history: 0. trunk 1. exit 2. LGB1002A-R2# trunk 3. LGB1002A-R2(trunk)# exit 4. LGB1002A-R2# 5. ? 6. trunk 7. exit 8. alarm 9. events 10.
  • Page 209 CLI system. After restoring default configuration, all the changes in the startup configuration would be lost. After rebooting, the entire startup configuration would reset to factory default. Argument: None. Possible value: None. Example: LGB1002A-R2# restore default Restoring ... Restore Default Configuration Successfully Press any key to reboot system.
  • Page 210 After rebooting, the entire startup configuration would replace as user defined one. Argument: None. Possible value: None. Example: LGB1002A-R2# restore user Restoring ... Restore User Configuration Successfully Press any key to reboot system. save start Syntax: save start Description: To save the current configuration as the start one.
  • Page 211 To save the current configuration as the user-defined configuration. When you enter this command, the CLI would save your current configuration into the non-volatile FLASH as user-defined configuration. Argument: None. Possible value: None. Example: LGB1002A-R2# save user Saving user... Save Successfully LGB1002A-R2#...

  • Page 212: Local Commands Of Cli

    <port range> : syntax 1,5-7, available from 1 to 16 <times>: max-times , range 1-10 Possible value: <port range> : 1 to 16 <times>: 1-10, default is 2 Example: LGB1002A-R2(802.1X)# set max-request 2 2 set mode Syntax: set mode <port-range> <mode> Description: To set up the 802.1X mode of each port.
  • Page 213 2:Auto Possible value: <port range> : 1 to 16 <authorized> : 0, 1 or 2 Example: LGB1002A-R2(802.1X)# set port-control 2 2 set quiet-period Syntax: set quiet-period <port-range> <sec> Description: A timer used by the Authenticator state machine to define periods of time during when it will not attempt to acquire a Supplicant.
  • Page 214 <max> : max. value , range 1-10 Possible value: <port range> : 1 to 16 <max> : 1-10, default is 2 Example: LGB1002A-R2(802.1X)# set reAuthMax 2 2 set reAuthPeriod Syntax: set reAuthPeriod <port-range> <sec> Description: A constant that defines a nonzero number of seconds between periodic reauthentication of the supplicant.
  • Page 215 <secret-key> : set up the value of secret-key, and the length of secret-key is from 1 to 31 Possible value: <port-number> : 1~65535, default is 1812 Example: LGB1002A-R2(802.1X)# set state 192.168.1.115 1812 WinRadius set suppTimeout Syntax: set suppTimeout <port-range> <sec> Description:...
  • Page 216 Syntax: show mode Description: To display the mode of each port. Argument: None Possible value: None Example: LGB1002A-R2(802.1X)# show mode Port Mode ====== ============ Disable Multi-host Disable Disable Disable Disable show parameter Syntax: show parameter Description: To display the parameter settings of each port.
  • Page 217 : 30 show security Syntax: show security Description: To display the status of each port. authentication Argument: None Possible value: None Example: LGB1002A-R2(802.1X)# show security Port Mode Status ====== ============ ============== Disable Multi-host Unauthorized Disable Disable Disable Disable show state...
  • Page 218 Description: To display the ace configuration. Argument: <index> : the access control rule index value Possible value: None. Example: LGB1002A-R2(acl)# ace 2 index: 2 rule: switch vid: any tag_prio: any dmac: any frame type: arp arp type: Request/Reply (opcode): any...
  • Page 219 Example: LGB1002A-R2(acl)# action 5 0 2 2 LGB1002A-R2(acl)# show port policy id action rate limiter port copy counter a class map ……. …. … deny permit permit rate limiter rate(pps) ------------ ------------ …… …… LGB1002A-R2(acl)# delete Syntax: delete <index> Description: To delete the ACE ( Access Control Entry) configuration on the switch.
  • Page 220 To set acl port policy on switch Argument: <policy> : 1-8 <ports> : 1-24 Possible value: <policy> : 1-8 <ports> : 1-24 Example: LGB1002A-R2(acl)# policy 3 10 LGB1002A-R2(acl)# ratelimiter Syntax: ratelimiter <id> <rate> Description: To set access control rule with rate limiter on switch Argument: <id>...
  • Page 221 Syntax: show Description: To show all access control entry setting on switch Argument: none Possible value: none Example: LGB1002A-R2(acl)# show port policy id action rate limiter port copy counter a class map ……. …. … deny permit permit rate limiter...
  • Page 222 To create a new guest user. When you create a new guest user, you must type in password and confirm password. Argument: <name> : new account name Possible value: A string must be at least 5 character. Example: LGB1002A-R2(account)# add aaaaa Password: Confirm Password: Save Successfully LGB1002A-R2(account)# Syntax: del <name>...
  • Page 223 Username changed successfully. Password changed successfully. show Syntax: show Description: To show system account, including account name and identity. Argument: None. Possible value: None. Example: LGB1002A-R2(account)# show Account Name Identity ----------------- --------------- admin Administrator guest guest...
  • Page 224 LGB1002A-R2(alarm-email)# del server-user set mail-address Syntax: set mail-address <#> <mail address> Description: To set up the email address. Argument: <#> :email address number, range: 1 to 6 <mail address>:email address Possible value: <#>: 1 to 6 Example: LGB1002A-R2(alarm-email)# set mail-address 1 abc@mail.abc.com...
  • Page 225 Description: To set up the account and password of the email server. Argument: <username>: email server account and password Possible value: None. Example: LGB1002A-R2 (alarm-email)# set user admin show Syntax: show Description: To display the configuration of e-mail. Argument: None.
  • Page 226 To disable email, sms and trap of events. Argument: <range>:del the range of events, syntax 1,5-7 Possible value: <range>: 1~16 Example: LGB1002A-R2(alarm-events)# del all 1-3 del email Syntax: del email <range> Description: To disable the email of the events. Argument: <range>:del the range of email, syntax 1,5-7...
  • Page 227 To disable the trap of the events. Argument: <range>:del the range of trap, syntax 1,5-7 Possible value: <range>: 1~24 Example: LGB1002A-R2(alarm-events)# del trap 1-3 set all Syntax: set all <range> Description: To enable email, sms and trap of events. Argument: <range>:set the range of events, syntax 1,5-7...
  • Page 228 Description: To enable the sms of the events. Argument: <range>:set the range of sms, syntax 1,5-7 Possible value: <range>: 1~24 Example: LGB1002A-R2(alarm-events)# set sms 1-3 set trap Syntax: set trap <range> Description: To enable the trap of the events. Argument: <range>:set the range of trap, syntax 1,5-7...
  • Page 229 LGB1002A-R2(alarm)# show sms <<sms>> del phone-number Syntax: del phone-number <#> Description: To delete sms phone number. Argument: <#>: mobile phone number, range: 1 to 6 Possible value: <#>: 1 to 6 Example: LGB1002A-R2(alarm-sms)# del phone-number 3 del server-user Syntax: del server-user Description:...
  • Page 230 Argument: <#>: mobile phone number, range: 1 to 6 <phone-number>: phone number Possible value: <#>: 1 to 6 Example: LGB1002A-R2(alarm-sms)# set phone-number 1 0968777777 set server Syntax: set server <ip> Description: To set up the IP address of sms server.
  • Page 231 Syntax: show Description: To display the configuration of SMS trap event. Argument: None. Possible value: None. Example: LGB1002A-R2(alarm-sms)# show SMS Server : 192.168.1.7 Username : ABC Password : **************** Mobile Phone 1: 0968777777 Mobile Phone 2: Mobile Phone 3:...
  • Page 232 <time> Description: To set up the timer of autologout. Argument: <time>: range 1 to 3600 seconds, 0 for autologout off, current setting is 180 seconds. Possible value: <time>: 0,1-3600 Example: LGB1002A-R2# autologout 3600 Set autologout time to 3600 seconds...
  • Page 233 To cancel the egress-rate of the port. Argument: <range>:syntax 1,5-7, available from 1 to 16 Possible value: <range>: 1 to 16 Example: LGB1002A-R2(bandwidth)# disable egress-rate 1-8 disable ingress-rate Syntax: disable ingress-rate <range> Description: To cancel the Ingress-rate of the port.
  • Page 234 <range>:syntax 1,5-7, available from 1 to 16 <data_rate>: 0-1000 Possible value: <range>: 1 to 16 <data_rate>: 0-1000 Example: LGB1002A-R2(bandwidth)# enable egress-rate 1-16 200 enable ingress-rate Syntax: enable ingress-rate <range> <data_rate> Description: To set up the Ingress-rate of the ports. Argument: <range>:syntax 1,5-7, available from 1 to 16...
  • Page 235 Syntax: show Description: To display all current settings of the bandwidth. Argument: None Possible value: None Example: LGB1002A-R2(bandwidth)# show Ingress Egress Port ================================================= ====================== All State All Rate Storm State Storm Rate All state All Rate ====== =========== ========== ============= ============ =========== ==========...
  • Page 236 Syntax: export start Description: To run the export start function. Argument: None Possible value: None Example: LGB1002A-R2(config-file)# export start Export successful. export user-conf Syntax: export user-conf Description: To run the export user-conf function. Argument: None Possible value: None...
  • Page 237 To set up the filepath and filename that will be exported. Argument: <filepath>:filepath and filename Possible value: <filepath>:filepath and filename Example: LGB1002A-R2(config-file)# set export-path log/21511.txt set import-path Syntax: set import-path <filepath> Description: To set up the filepath and filename that will be imported.
  • Page 238 Syntax: show Description: To display the config-file information. Argument: None Possible value: None Example: LGB1002A-R2(config-file)# show TFTP Server IP Address: 192.168.3.111 Export Path and Filename: nmap/123.ts Import Path and Filename: user123.txt...
  • Page 239 To set up the delay time for DHCP Boot. Argument: <sec>:range syntax: 0, 1-30. The value “0” is to disable dhcp-boot delay Possible value: <sec>:0-30 Example: LGB1002A-R2(dhcp-boot)# set dhcp-boot 30 show Syntax: show Description: To display the status of DHCP Boot.
  • Page 240 To confirm that whether the remote end-station or switch itself is alive or not. Argument: <ip> : ip address or domain name Possible value: IP address, e.g. 192.168.2.65 or domain name, e.g. tw.yahoo.com Example: LGB1002A-R2(diag)# ping 192.168.1.115 Gateway : 192.168.1.253 192.168.1.115 is alive.
  • Page 241 To set up the image file that will be upgraded. Argument: <filepath>: upgrade file path Possible value: <filepath>: upgrade file path Example: LGB1002A-R2(firmware)# set upgrade-path LGB1003A-R2_LGB1002A-R2_v2.03.img show Syntax: show Description: To display the information of tftp server and upgrade-path. Argument:...
  • Page 242 <group number>: enter which gvrp group you had created, using value is vid. Available range: 1 to 4094 Possible value: <group number>: 1~4094 Example: LGB1002A-R2(gvrp)# show group GVRP group information Current Dynamic Group Number: 1 VID Member Port ---- --------------------------------------------------...
  • Page 243 LGB1002A-R2(gvrp)# group 2 LGB1002A-R2(gvrp-group-2)# set applicant 1-6 non-participant LGB1002A-R2(gvrp-group-2)# show GVRP group VID: 2 Port Applicant Registrar ---- --------------- --------- Non-Participant Normal Non-Participant Normal Non-Participant Normal Non-Participant Normal Non-Participant Normal Non-Participant Normal Normal Normal Normal Normal Normal Normal Normal Normal...
  • Page 244 <normal>: set applicant as normal mode <non-participant>: set applicant as non-participant mode Possible value: <range>: 1 to 16 <normal|non-participant>: normal or non-participant Example: LGB1002A-R2(gvrp)# set applicant 1-10 non-participant set registrar Syntax: set registrar <range> <normal|fixed|forbidden> Description: To set default registrar mode for each port.
  • Page 245 <enable>: set restricted enabled <disable>: set restricted disabled Possible value: <range>: 1 to 16 <enable|disable>: enable or disable Example: LGB1002A-R2(gvrp)# set restricted 1-10 enable LGB1002A-R2(gvrp)# show config GVRP state: Enable Port Join Time Leave Time LeaveAll Time Applicant Registrar Restricted...
  • Page 246 Leave Time must equal double Join Time at least. Possible value: <range> : 1 to 16 <join>: 20 to 100 <leave>: 60 to 300 <leaveall>: 1000 to 5000 Example: LGB1002A-R2(gvrp)# set timer 2-8 25 80 2000 show config Syntax: show config Description: To display the gvrp configuration. Argument:...
  • Page 247 Description: To display the counter number of the port. Argument: <port>: port number Possible value: <port>: available from 1 to 16 Example: LGB1002A-R2(gvrp)# show counter 2 GVRP Counter port: 2 Counter Name Received Transmitted -------------------- -------- ----------- Total GVRP Packets...
  • Page 248 <port-range>: syntax 1,5-7, available from 1 to 16 Possible value: <ip-multicast>: ex: 224.1.1.1-225.2.3.3 or any <vid>: 0-4094 or any <port-range>: 1 to 16 Example: LGB1002A-R2(igmp-snooping)# add allowed-group 224.1.1.1-225.2.3.3 100 1-10 del allowed-group Syntax: del allowed-group <index> Description: To remove the entry of allowed ip multicast group Argument: <index>: the index of the allowed-group.
  • Page 249 To set up the mode of IGMP Snooping. Argument: <status>: 0:disable, 1:active, 2:passive Possible value: <status>: 0,1or 2 Example: LGB1002A-R2(igmp-snooping)# set mode 2 show igmp-snooping Syntax: show igmp-snooping Description: To display IGMP snooping mode and allowed IP multicast entry. Argument: None.
  • Page 250 <manual|auto> : manual or auto Example: LGB1002A-R2(ip)# enable dhcp manual set dns Syntax: set dns <ip> Description: To set the IP address of DNS server. Argument: <ip> : dns ip address Possible value: 168.95.1.1 Example: LGB1002A-R2 (ip)# set dns 168.95.1.1...
  • Page 251 Possible value: <ip> : 192.168.1.2 or others <mask> : 255.255.255.0 or others <gateway> : 192.168.1.253 or others Example: LGB1002A-R2(ip)# set ip 192.168.1.2 255.255.255.0 192.168.1.253 show Syntax: show Description: To display the system’s DHCP function state, IP address, subnet mask, default gateway, DNS mode, DNS server IP address and current IP address.
  • Page 252 LGB1002A-R2(log)# clear disable auto-upload Syntax: disable auto-upload Description: To disable the auto-upload function. Argument: None. Possible value: None. Example: LGB1002A-R2(log)# disable auto-upload enable auto-upload Syntax: enable auto-upload Description: To enable the auto-upload function. Argument: None. Possible value: None. Example: LGB1002A-R2(log)# enable auto-upload...
  • Page 253 Argument: None. Possible value: None. Example: LGB1002A-R2(log)# show Tftp Server : 0.0.0.0 Auto Upload : Disable 1) Wed Apr 13 12:13:27 2005 Link Up [Port 1] 2) Wed Apr 13 12:13:26 2005 Link Down [Port 1] 3) Wed Apr 13 11:58:31 2005 Login [admin]...
  • Page 254 < ip > : ip address < port > : 1 to 16 < vid > : 1 to 4094 Example: LGB1002A-R2(ip_mac_binding)# set entry 1 00-11-2f-de-7b-a9 192.168.2.2 1 1 delete ip Syntax: delete ip < 0 | 1> <ip> Description: Delete ip mac binding entry by ip.
  • Page 255 MAC Address Alias ----- ----------------- ---------------- 00-02-03-04-05-06 aaa 00-33-03-04-05-06 ccc 00-44-33-44-55-44 www...
  • Page 256 Argument: <#> : set up the range of the ports to search for, syntax 1,5-7, available form 1 to 16 Possible value: <#> :1 to 24 Example: LGB1002A-R2(loop-detection)# disable 1-16 LGB1002A-R2(loop-detection)# show Detection Port Locked Port Port Status Port Status...
  • Page 257 Argument: <#> : set up the range of the ports to search for, syntax 1,5-7, available form 1 to 16 Possible value: <#> :1 to 16 Example: LGB1002A-R2 (loop-detection)# resume 1-16 LGB1002A-R2 (loop-detection)# show Detection Port Locked Port Port Status...
  • Page 258 6 Enable 6 Normal 7 Enable 7 Normal 8 Enable 8 Normal ………….
  • Page 259 To set up the mac alias entry. Argument: <mac> : mac address, format: 00-02-03-04-05-06 <alias> : mac alias name, max. 15 characters Possible value: None Example: LGB1002A-R2(mac-table-alias)# set 00-44-33-44-55-44 www show Syntax: show Description: To display the mac alias entry. Argument:...
  • Page 260 <vid> : vlan id, from 1 to 4094; '?' as don't care, 0 as untagged Possible value: <port> :1 to 16 <vid> : 0, 1 ~4094 Example: LGB1002A-R2(mac-table-information)# search 1-16 ??-??-??-??-??-?? ? MAC Table List Alias MAC Address Port VID State...
  • Page 261 Argument: <#>: age-timer in seconds, 0, 10 to 65535. The value “0” means to disable aging Possible value: <#>: 0, 10 to 65535. Example: LGB1002A-R2(mac-table-maintain)# set aging 300 set flush Syntax: set flush Description: To delete all of the MACs that is learned dynamically.
  • Page 262 [alias] : mac alias name, max. 15 characters Possible value: <mac> : mac address <port> : 0-16 <vid> : 0, 1-4094 [alias] : mac alias name Example: LGB1002A-R2(mac-table-static-mac)# add 00-02-03-04-05-06 3 0 aaa LGB1002A-R2(mac-table-static-mac)# Syntax: del <mac> <vid> Description: To remove the static mac entry. Argument: <mac>...
  • Page 263 Syntax: show filter Description: To display the static filter table. Argument: None Possible value: None Example: LGB1002A-R2(mac-table-static-mac)# show filter Static Filtering Etnry: (Total 1 item(s)) 1) mac: 00-33-03-04-05-06, vid: -, alias: ccc LGB1002A-R2(mac-table-static-mac)# show forward Syntax: show forward Description: To display the static forward table.
  • Page 264 [<type> <value>] For example, h(ttp),s(nmp),t(elnet) or any. <action> <value> No default and it must be set. Example: LGB1002A-R2(management-add)# set name Mary vid 20 ip 192.168.1.1- 192.168.1.90 port 2-5,8 type h,s action a LGB1002A-R2(management-add)# show #: 1 Name : Mary VlanID : 20 IP : 192.168.1.1-192.168.1.90...
  • Page 265 <#>: a specific or range management security entry(s) Possible value: None Example: LGB1002A-R2(management)# show #: 1 Name : Tom VlanID : 2 IP : 192.168.1.30-192.168.1.80 Type : SNMP Action : Deny Port : 1,2 LGB1002A-R2(management)# delete 1 LGB1002A-R2(management)# show Security rule list is empty now...
  • Page 266 For example, h(ttp),s(nmp),t(elnet) or any <action> <value> No default and it must be set. Example: LGB1002A-R2(management)# edit 1 LGB1002A-R2(management-edit-1)# set name Tom vid 2 ip 192.168.1.30- 192.168.1.80 port 1-2 type s action d LGB1002A-R2(management-edit-1)# show #: 1 Name : Tom VlanID : 2 IP : 192.168.1.30-192.168.1.80...
  • Page 267 Syntax: show Description: To show the specific management policy record. Argument: None Possible value: None Example: LGB1002A-R2(management)# show #: 1 Name : Tom VlanID : 2 IP : 192.168.1.30-192.168.1.80 Type : SNMP Action : Deny Port : 1,2...
  • Page 268 <range>: port range, syntax 1,5-7, available from 1 to 16 <length (bytes)>: maximum packet length Possible value: <range> : 1 to 16 <length (bytes)>: 1518/1532/9216 Example: LGB1002A-R2(max-pkt-len)# set len 1-8 9216 show Syntax: show Description: To show current setting of maximum packet length setting.
  • Page 269 : enable the mode of mirror(Only mirror the packets that is received) disable: end the function of mirror Possible value: <rx | disable>: rx or disable Example: LGB1002A-R2(mirror)# set mirror-mode rx set monitored-port Syntax: set monitored-port <range> Description: To set up the port that will be monitored. The packets received by this port will be copied to the monitoring port.
  • Page 270 Syntax: show Description: To display the setting status of Mirror function. Argument: None Possible value: None Example: LGB1002A-R2(mirror)# show Mirror Mode : rx Monitoring Port : 2 Monitored Port : 3 4 5 7 10...
  • Page 271 1,5-7, available from 1 to 16 Possible value: Usage: migrate-check <port range> port range syntax: 1,5-7, available from 1 to 16 Example: LGB1002A-R2 (mstp)# migrate-check 1-2 set config Syntax: set config <Max Age><Forward Delay><Max Hops> Description: To set max age,forward delay,max hops.
  • Page 272 <Max Age> : available from 6 to 40. Recommended value is 20 <Forward Delay(sec)> : available from 4 to 30. Recommended value is 15 <Max Hops> : available from 6 to 40. Recommended value is 20 Example: LGB1002A-R2(mstp)# set config 20 15 20 LGB1002A-R2(mstp)# set msti-vlan Syntax: set msti-vlan <instance-id><vid-string>...
  • Page 273 <admin edge> : 0->non-edge port,1->edge ports Possible value: <port range> syntax: 1,5-7, available from 1 to 16 <admin edge> : 0->non-edge port,1->edge ports Example: LGB1002A-R2(mstp)# set p-edge 10-12 0 LGB1002A-R2(mstp)# set p-hello Syntax: set p-hello <port range> <hello time> Description:...
  • Page 274 <Instance Priority> : must be a multiple of 4096,available from 0 to 61440 Possible value: <instance-id> : 0->CIST; 1-4095->MSTI <Instance Priority> : 0 to 61440 Example: LGB1002A-R2(mstp)# set priority 0 4096 LGB1002A-R2(mstp)# enable MSTP started LGB1002A-R2(mstp)# show instance 0 mstp status : enabled...
  • Page 275 <port range> syntax: 1,5-7, available from 1 to 16 <restricted tcn> : 0->false,1->True Possible value: <port range> : 1 to 16 <restricted tcn> : 0->false,1->True Example: LGB1002A-R2(mstp)# set r-tcn 9-10 1 LGB1002A-R2(mstp)# set r-tcn 14 1 LGB1002A-R2(mstp)# show pconf 0 Port Path Cost Priority Hello Edge-Port Role system Enter in ==== ========= ======== ===== ========= ===== ====== =====...(q to quit)
  • Page 276 <string> Description: To set mstp region name(0~32 bytes) Argument: <string> :a null region name Possible value: <string> :1-32 Example: LGB1002A-R2(mstp)# set region-name test2 LGB1002A-R2(mstp)# show region-info Name : test2 Revision : 0 Instances : 0 LGB1002A-R2(mstp)# set revision-level Syntax: set rev <revision-level>...
  • Page 277 To show instance status Argument: <instance-id> :0->CIST;1-4095->MSTI Possible value: <instance-id> :0->CIST;1-4095->MSTI Example: LGB1002A-R2(mstp)# show instance 0 mstp status : enabled force version : 2 instance id: 0 bridge max age : 20 bridge forward delay : 15 bridge max hops : 20...
  • Page 278 Possible value: <instance-id> :0->CIST;1-4095->MSTI Example: LGB1002A-R2(mstp)# show pconf 0 set r-role true auto false false true auto false true true auto false true true auto false false true auto false false true auto false false ……. true auto true false ………...
  • Page 279 Syntax: show vlan-map <instance-id> Description: To show vlan mapping of an instance Argument: <nstance-id> :0->CIST;1-4095->MSTI Possible value: <instance-id> :0->CIST;1-4095->MSTI Example: LGB1002A-R2(mstp)# show vlan-map 0 instance 0 has those vlans : 0-4095 LGB1002A-R2(mstp)#...
  • Page 280 Synopsis: add name George ip 192.168.1.1-192.168.1.90 port 2-5,8 type h,s action a Synopsis: add name Mary ip 192.168.2.1-192.168.2.90 action deny Possible value: None Example: LGB1002A-R2(policy)# add name Mary ip 192.168.3.1-192.168.3.4 action deny LGB1002A-R2(policy)# show 1) Name : george IP Range : 192.168.1.1-192.168.1.90...
  • Page 281 : rule2 IP Range : 192.168.4.23-192.168.4.33 Action : Deny Access Type : TELENT SNMP Port : 6 7 8 LGB1002A-R2(policy)# delete 2 LGB1002A-R2(policy)# show 1) Name : rule1 IP Range : 192.168.4.5-192.168.4.22 Action : Deny Access Type : HTTP TELENT SNMP...
  • Page 282 To disable the flow control function of the port. Argument: <range>: syntax 1,5-7, available from 1 to 16 Possible value: <range>: 1 ~ 16 Example: LGB1002A-R2 (port)# disable flow-control 6 disable state Syntax: disable state <range> Description: To disable the communication capability of the port.
  • Page 283 To enable the flow control function of the port. Argument: <range>: syntax 1,5-7, available from 1 to 16 Possible value: <range>: 1 ~ 16 Example: LGB1002A-R2 (port)# enable flow-control 3-8 enable state Syntax: enable state <range> Description: To enable the communication capability of the port.
  • Page 284 To display the detailed counting number of each port’s traffic. Argument: <#>: port, available from 1 to 16 Possible value: <#>:1 ~ 16 Example: LGB1002A-R2 (port)# show detail-counter 5 show sfp Syntax: show sfp <port> Description: To display the SFP module information.
  • Page 285 Syntax: show simple-counter Description: To display the summary counting of each port’s traffic. Argument: None. Possible value: None. Example: LGB1002A-R2 (port)# show simple-counter show status Syntax: show status Description: To display the port’s current status. Argument: None. Possible value: None.
  • Page 286 <#>: 1-10 <tcp/udp port range>: 0-65535 <default>: 1 or 0 <match>: 1 or 0 Example: LGB1002A-R2(qos)# set advance-layer4 5 2 80 1 0 set default Syntax: set default <class> Description: To set priority class of the packets that qos won’t affect.
  • Page 287 <ds-range>: dscp field, syntax 1,5-7, available from 0 to 63 <class>: class of service setting. 1: high, 0: low Possible value: <ds-range>: 0 to 63 <class>: 1or 0 Example: LGB1002A-R2(qos)# set diffserv 0-20 1 set mode Syntax: set mode <port/pri_tag/tos/layer4/diffserv> Description: To set qos priority mode of the switch.
  • Page 288 <class>: class of service setting. 1: high, 0: low Possible value: <port-range>: 1 to 16 <tag-range>: 0 to 7 <class>: 1or 0 Example: LGB1002A-R2(qos)# set pri-tag 1-15 1-2 1 set simple-layer4 Syntax: set simple-layer4 <#> Description: To set class of ports on simple mode of Layer 4 qos.
  • Page 289 <class>: class of service setting. 1: high, 0: low Possible value: <port-range>: 1 to 16 <tos-range>: 0 to 7 <class>: 1or 0 Example: LGB1002A-R2(qos)# set tos 1-5 0-3 0 show Syntax: show Description: To display the information of the mode you choose.
  • Page 290 Description: The Disable here is used for the de-activation of snmp or set-community. Argument: None. Possible value: None. Example: LGB1002A-R2(snmp)# disable snmp LGB1002A-R2(snmp)# disable set-ability enable Syntax: enable set-ability enable snmp Description: The Enable here is used for the activation snmp or set-community.
  • Page 291 <community>:trap community name Possible value: <#>: 1 to 6 <port>:1~65535 Example: LGB1002A-R2(snmp)# set get-community public LGB1002A-R2(snmp)# set set-community private LGB1002A-R2(snmp)# set trap 1 192.168.1.1 162 public show Syntax: show Description: The Show here is to display the configuration of SNMP. Argument: None.
  • Page 292 MCheck <range> Description: To force the port to transmit RST BPDUs. Argument: <range>: syntax 1,5-7, available from 1 to 16 Possible value: <range>: 1 to 16 Example: LGB1002A-R2(stp)# Mcheck 1-8 disable Syntax: disable Description: To disable the STP function. Argument: None.
  • Page 293 <admin p2p>: Admin point to point, <auto|true|false> Possible value: <range>:1 to 16 <path cost>: 0, 1-200000000 <priority>: 0 to 240 <edge_port>: yes / no <admin p2p>: auto / true / false Example: LGB1002A-R2(stp)# set port 1-16 0 128 yes auto...
  • Page 294 <stp|rstp> Description: To set up the version of STP. Argument: <stp|rstp>:stp / rstp Possible value: <stp|rstp>:stp / rstp Example: LGB1002A-R2(stp)# set version rstp show config Syntax: show config Description: To display the configuration of STP. Argument: None. Possible value: None.
  • Page 295 To display the port information of STP. Argument: None. Possible value: None. Example: LGB1002A-R2# stp LGB1002A-R2(stp)# show port Port Port Status Path Cost Priority Admin Edge Port Admin Point To Point ==== =========== ========= ======== =============== ==================== 1 DISCARDING 2000000 Auto 2 DISCARDING...
  • Page 296 Syntax: show status Description: To display the status of STP. Argument: None. Possible value: None. Example: LGB1002A-R2(stp)# show status STP Status : STP State : Enabled Bridge ID : 00:40:C7:D8:09:1D Bridge Priority : 61440 Designated Root : 00:40:C7:D8:09:1D...
  • Page 297 Argument: <contact>:string length up to 40 characters. Possible value: <contact>: A, b, c, d, ... ,z and 1, 2, 3, …. etc. Example: LGB1002A-R2(system)# set contact Taipei set device-name Syntax: set device-name <device-name string> Description: To set the device name description of the switch.
  • Page 298 Syntax: show Description: To display the basic information of the switch. Argument: None. Possible value: None. Example: LGB1002A-R2(system)# show Model Name : LGB1002A-R2 System Description : L2 Managed Switch Location Contact Device Name : LGB1002A-R2 System Up Time : 0 Days 0 Hours 4 Mins 14 Secs...
  • Page 299 Syntax: clear Description: To clear trap log. Argument: none Possible value: none Example: LGB1002A-R2(traplog)# clear LGB1002A-R2(traplog)# show time desc ---- --------------------------- ------------------------------------ show Syntax: show Description: To display the trap log. Argument: None. Possible value: None. Example: LGB1002A-R2(tftp)# show 2 Mon Mar 17 15:18:38 2008gvrp mode>...
  • Page 300 To set up the IP address of tftp server. Argument: <ip>: the IP address of tftp server Possible value: <ip>: tftp server ip Example: LGB1002A-R2(tftp)# set server 192.168.3.111 show Syntax: show Description: To display the information of tftp server. Argument: None.
  • Page 301 : -5 to +5 : (01-12) : (01-31) : (00-23) : (01-12) : (01-31) : (00-23) Example: LGB1002A-R2(time)# set daylightsaving 3 10/12/01 11/12/01 Save Successfully set manual Syntax: set manual <YYYY/MM/DD> <hh:mm:ss> Description: To set up the current time manually. Argument:...
  • Page 302 To set up the current time via NTP server. Argument: <ip>: ntp server ip address or domain name <timezone>: time zone (GMT), range: -12 to +13 Possible value: <timezone>: -12,-11…,0,1…,13 Example: LGB1002A-R2(time)# set ntp clock.via.net 8 Synchronizing...(1) Synchronization success show Syntax: show Description: To show the time configuration, including “Current Time”, “NTP Server”,”...
  • Page 303 : set the LACP to active mode passive : set the LACP to passive mode Possible value: <port-range> : 1 to 16 <method>: static / lacp <group>: 1-8. <active LACP>: active / passive Example: LGB1002A-R2(trunk)# set trunk 1-4 lacp 1 active...
  • Page 304 To display the detailed information of the LACP trunk group. Argument: <aggtr>: aggregator, available from 1 to 16 Possible value: <aggtr>: 1 to 16 Example: LGB1002A-R2(trunk)# show lacp-detail 2 Aggregator 2 Information: Actor Partner --------------------------------- --------------------------------- System Priority MAC Address...
  • Page 305 Description: To display the value of LACP Priority. Argument: None. Possible value: None. Example: LGB1002A-R2(trunk)# show lacp-priority LACP System Priority : 32768 show status Syntax: show status Description: To display the aggregator status and the settings of each port. Argument: None.
  • Page 306 Description: To delete the port-based vlan group. Argument: <name>: which vlan group you want to delete. Possible value: <name>: port-vlan name Example: LGB1002A-R2(vlan)# del port-group VLAN-2 del tag-group Syntax: del tag-group <vid> Description: To delete the tag-based vlan group. Argument: <vid>: which vlan group you want to delete, available from 1 to 4094...
  • Page 307 To drop frames from the non-member port. Argument: <range>: which port(s) you want to set, syntax 1,5-7, available from 1 to 16 Possible value: <range>: 1 to 16 Example: LGB1002A-R2(vlan)# disable sym-vlan 5-10 enable drop-untag Syntax: enable drop-untag <range> Description: To drop the untagged frames.
  • Page 308 Syntax: set port-group <name> <range> Description: To add or edit a port-based VLAN group. Argument: <name>: port-vlan name <range>: syntax 1,5-7, available from 1 to 16 Possible value: <range>: 1 to 16 Example: LGB1002A-R2(vlan)# set port-group VLAN-1 2-5,6,15-13...
  • Page 309 <hybrid>: Tag all frames except a specific VID <vid>: untag-vid for hybrid port Possible value: <range>: 1 to 16 <vid>: 1 to 4094 Example: LGB1002A-R2(vlan)# set port-role 5 hybrid 6 set pvid Syntax: set pvid <range> <pvid> Description: To set the pvid of vlan.
  • Page 310 <#>: sym/asym vlan setting. 1: symmetric vlan, 0: asymmetric vlan Possible value: <vid>: 1 to 4094 <range>: 1 to 16 <#>: 0 or 1 Example: LGB1002A-R2(vlan)# set tag-group 2 VLAN-2 2-5,6,15-13 0 show group Syntax: show group Description: To display the vlan mode and vlan group.
  • Page 311 Syntax: show pvid Description: To display pvid, ingress/egress rule. Argument: None. Possible value: None. Example: LGB1002A-R2(vlan)# show pvid Port PVID Rule1 Rule2 Port Rule Untag Vid ------ ------ --------- --------- ----------- ----------- Disable Disable Access Disable Disable Access...

  • Page 312: Maintenance

    5. Maintenance 5-1. Resolving No Link Condition The possible causes for a no link LED status are as follows: The attached device is not powered on The cable may not be the correct type or is faulty The installed building premise cable is faulty The port may be faulty 5-2.

  • Page 313: Appendix A Technical Specifications

    Appendix A Technical Specifications Features • 12 (10/100/1000Mbps) Gigabit Ethernet (TP) switching ports are compliant with IEEE802.3, 802.3u, 802.3z and 802.3ab. • 4 Gigabit TP/SFP fiber are dual media ports with auto detected function. • Non-blocking store-and-forward shared-memory Web-Smart switched. •...
  • Page 314 Hardware Specifications Standard Compliance: IEEE802.3/802.3ab / 802.3z / 802.3u / 802.3x Network Interface: Configuration Mode Connector Port 10/100/1000Mbps Gigabit TP NWay TP (RJ-45) 1 - 16 1000Base-SX Gigabit Fiber 13 to 16(Option) 1000 FDX *SFP 1000Base-LX Gigabit Fiber 13 to 16(Option) 1000 FDX *SFP 1000Base-LX Single Fiber WDM (BiDi) 1000 FDX...
  • Page 315 Diagnostic LED: System LED : Power Per Port LED: 10/100/1000M TP Port 1 to 16 : LINK/ACT, 10/100/1000Mbps 1000M SFP Fiber Port 13 to 16 : SFP(LINK/ACT) Power Requirement AC Line Voltage 100∼240 V Frequency 50∼60 Hz Consumption Ambient Temperature 0°...

  • Page 316: Management Software Specifications

    Management Software Specifications Auto-negotiation support on 10/100/1000 Base- TX ports, Web browser or console interface can set transmission speed (10/100/1000Mbps) and System Configuration operation mode (Full/Half duplex) on each port, enable/disable any port, set VLAN group, set Trunk Connection. Management Agent SNMP support;...

  • Page 317: Appendix B Null Modem Cable Specifications

    Appendix B Null Modem Cable Specifications The DB-9 cable is used for connecting a terminal or terminal emulator to the Managed Switch’s RS-232 port to access the command-line interface. The table below shows the pin assignments for the DB-9 cable. Function Mnemonic Carrier...

Table of Contents