SM8T2DPA 6-Port 10/100/1000Base-T plus 2 RJ-45/100/1000 SFP Combo Ports Managed Switch User Guide...
Page 3
For prompt response when calling for service information, have the following information ready: - Product serial number and revision - Date of purchase - Vendor or place of purchase You can reach Transition Networks technical support at: E-mail: techsupport@transition.com Transition Networks 10900 Red Circle Drive Minnetonka, MN 55344 United States of America Telephone: +1.800.526.9267...
2-1-3-1. Cabling Requirements for TP Ports................. 18 2-1-3-2. Switch Cascading in Topology................18 2-1-4. Configuring the Management Agent of SM8T2DPA...........21 2-1-4-1. Configuring the Management Agent of SM8T2DPA through the Serial RS-232 Port .............................. 21 2-1-4-2. Configuring the Management Agent of SM8T2DPA through the Ethernet Port..24 2-1-5.
Page 5
3-4-5. MAC Table ......................78 3-5. GVRP ...........................79 3-5-1. Config........................79 3-5-2. Counter ........................82 3-5-3. Group ........................84 3-6. Q ..............85 UALITY OF ERVICE ONFIGURATION 3-6-1. Ports........................85 3-6-2. Qos Control List ....................87 3-6-3.Rate Limiters......................92 3-6-4.Storm Control......................93 3-6-5.Wizard ........................94 3-7. SNMP C .....................104 ONFIGURATION 3-8.
Warning: Self-demolition on Product is strictly prohibited. Damage caused by self- demolition will be charged for repairing fees. Do not place product at outdoor or sandstorm. Before installation, please make sure input power supply and product specifications are compatible to each other. ...
Page 9
In this user’s manual, it will not only tell you how to install and connect the switch to your network system but also can configure and monitor the SM8T2DPA through the built-in CLI and web by RS-232 serial interface and Ethernet ports step- by-step.
1. Introduction 1-1. Overview of SM8T2DPA SM8T2DPA, a 8-port Layer 2 Gigabit Managed Switch, is a standard switch that meets all IEEE 802.3/u/x/z Gigabit Ethernet specifications. The switch has 6- Port 10/100/1000Mbps TP and 2-Port 100/1000 Dual Speed SFP/RJ-45 Combo ports.
Page 11
• Key Features QoS: Support Quality of Service by the IEEE 802.1P standard. There are two priority queue and packet transmission schedule. Spanning Tree: Support IEEE 802.1D, IEEE 802.1w (RSTP: Rapid Spanning Tree Protocol) standards. VLAN: Support Port-based VLAN and IEEE802.1Q Tag VLAN. Support 256 active VLANs and VLAN ID 1~4094.
Page 12
with the router on its upstream interface through the exchange of IGMP messages. However, when acting as the proxy, the system performs the host portion of the IGMP task on the upstream interface as follows: When queried, sends group membership reports to the group.
Page 13
SSL and SSH for secure Management: (Optional by Project Requirement, Refer to device’s FW v5.0x upper) Secure Sockets Layer (SSL) supports the encryption for all HTTP traffic, allowing secure access to the browser-based management GUI in the switch. And Secure Shell (SSH) which supports the encryption for all transmitted data for secure, remote command-line interface (CLI) access over IP networks Note: The SSL only provide the CLI for switch management and SSH...
Please notify your sales representative immediately if any of the aforementioned items is missing or damaged. 1-3. Features The SM8T2DPA provides the comprehensive features listed below for users to perform system network administration efficiently and securely serve your network. •...
Page 15
crashed • Supports to send the trap event while monitored events happened • Supports Link Layer Discovery Protocol (LLDP) • Supports default configuration which can be restored to overwrite the current configuration which is working on via web browser and CLI •...
1-4. Full View of SM8T2DPA 1-4-1. User Interfaces on the Front Panel (Button, LEDs and Plugs) Fig. 1-1 Full View of SM8T2DPA There are 6 TP Gigabit Ethernet ports and 2 SFP fiber ports for optional removable modules for optional removable modules on the front panel of the switch.
Off when module connection is not good Table1-1 1-4-2. AC Power Input on the Rear Panel One socket on the rear panel is for AC power input. AC Line 100-240V 50/60 Hz Fig. 1-3 Rear View of SM8T2DPA Rev.A0 1-May-11...
Be sure that power switch is OFF before you insert the power cord to power source • Installing Optional SFP Fiber Transceivers to the SM8T2DPA Note: If you have no modules, please skip this section. Fig. 2-1 Installation of Optional SFP Fiber Transceiver •...
Page 19
• TP Port and Cable Installation In the switch, TP port supports MDI/MDI-X auto-crossover, so both types of cable, straight-through (Cable pin-outs for RJ-45 jack 1, 2, 3, 6 to 1, 2, 3, 6 in 10/100M TP; 1, 2, 3, 4, 5, 6, 7, 8 to 1, 2, 3, 4, 5, 6, 7, 8 in Gigabit TP) and crossed-over (Cable pin-outs for RJ-45 jack 1, 2, 3, 6 to 3, 6, 1, 2) can be used.
2-1-2. Installing Chassis to a 19-Inch Wiring Closet Rail Fig. 2-2 Caution: Allow a proper spacing and proper air ventilation for the cooling fan at both sides of the chassis. Wear a grounding device for electrostatic discharge. Screw the mounting accessory to the front side of the switch (See Fig. 2-2). ...
Page 21
OSI layer 2 protocols such as 802.1d, 802.1q, LACP and so on. The fiber, TP cables and devices’ bit-time delay (round trip) are as follows: 1000Base-X TP, Fiber 100Base-TX TP 100Base-FX Fiber Round trip Delay: 4096 Round trip Delay: 512 Cat.
Page 22
Fig. 2-4 Port-based VLAN Diagram 1. The same VLAN members could not be in different switches. 2. Every VLAN members could not access VLAN members each other. 3. The switch manager has to assign different names for each VLAN groups at one switch.
RS-232 console, CLI, and Web. Users can use any one of them to monitor and configure the switch. You can touch them through the following procedures. Section 2-1-4-1: Configuring the Management Agent of SM8T2DPA through the Serial RS-232 Port...
Page 24
RS-232 DB-9 Connector SM8T2DPA L2 Managed Switch Default IP Setting: RS-232 cable IP address = 192.168.1.77 with female Subnet Mask = 255.255.255.0 DB-9 Default Gateway = 192.168.1.254 connector at Terminal or Terminal Emulator Fig. 2-7 To configure the switch, please follow the procedures below: Find the RS-232 DB-9 cable with female DB-9 connector bundled.
Page 25
255.255.255.0. You can change the switch’s default IP address 192.168.1.77 to 10.1.1.1 and set the subnet mask to be 255.255.255.0. Then, choose your default gateway, may be it is 10.1.1.254. Default Value SM8T2DPA Your Network Setting IP Address 192.168.1.77 10.1.1.1 Subnet 255.255.255.0...
2-1-4-2. Configuring the Management Agent of SM8T2DPA through the Ethernet Port There are three ways to configure and monitor the switch through the switch’s Ethernet port. They are CLI, Web browser and SNMP manager. The user interface for the last one is NMS dependent and does not cover here. We just introduce the first two types of management interface.
2-1-5. IP Address Assignment For IP address configuration, there are three parameters needed to be filled in. They are IP address, Subnet Mask, Default Gateway and DNS. IP address: The address of the network device in the network is used for internetworking communication.
Page 28
Bit # 01 2 15 16 Network address Host address Class C: IP address range between 192.0.0.0 and 223.255.255.255. Each class C network has a 24-bit network prefix followed 8-bit host address. There are 2,097,152 (2^21)/24 networks able to be defined with a maximum of 254 (2^8 –2) hosts per network.
Page 29
Not all IP address is available in the sub-netted network. Two special addresses are reserved. They are the addresses with all zero’s and all one’s host number. For example, an IP address 128.1.2.128, what IP address reserved will be looked like? All 0s mean the network itself, and all 1s mean IP broadcast. 128.1.2.128/25 Network Subnet...
Page 30
According to the scheme above, a subnet mask 255.255.255.0 will partition a network with the class C. It means there will have a maximum of 254 effective nodes existed in this sub-netted network and is considered a physical network in an autonomous network.
2-2. Typical Applications The SM8T2DPA implements 8 Gigabit Ethernet TP ports with auto MDIX and two slots for the removable module supporting comprehensive fiber types of connection, including LC and BiDi-LC SFP modules. For more details on the specification of the switch, please refer to Appendix A.
Page 32
Fig. 2-13 is a system wide basic reference connection diagram. This diagram demonstrates how the switch connects with other network devices and hosts. Fig. 2-14 Peer-to-peer Network Connection Fig. 2-15 Office Network Connection Rev.A0 1-Mar-11...
Operation of Web-based Management This chapter instructs you how to configure and manage the SM8T2DPA through the web user interface it supports, to access and manage the 6-Port 10/100/1000Mbps TP and 2-Port Gigabit TP/SFP Fiber management Ethernet switch. With this facility, you can easily access and monitor through any one port of...
Page 34
To optimize the display effect, we recommend you use Microsoft IE above, Netscape V7.1 above or FireFox V1.00 above and have the resolution 1024x768. The switch supported neutral web browser interface. In Fig. 3-2, for example, left section is the whole function tree with web user interface and we will travel it through this chapter.
3-1. Web Management Home Overview After you login, the switch shows you the system information as Fig. 3-2. This page is default and tells you the basic information of the system, including “Model Name”, “System Description”, “Location”, “Contact”, “Device Name”, “System Up Time”, “Current Time”, “BIOS Version”, “Firmware Version”, “Hardware-Mechanical Version”, “Serial Number”, “Host IP Address”, “Host Mac Address”, “Device Port”, “RAM Size”...
Page 36
• The Information of Page Layout On the top side, it shows the front panel of the switch. In the front panel, the linked ports will display green; as to the ports, which are link off, they will be dark.
Page 37
Root System Port VLAN GVRP SNMP IP MAC Binding 802.1X Trunk MSTP Mirroring Multicast Alam DHCP Snooping LLDP Save/Restore Export/ Import Diagnostics Maintenance Logout Rev.A0 1-May-11...
You can configure this parameter through the device’s user interface or SNMP. Device name: SM8T2DPA The name of the switch. User-defined. Default is System up time: The time accumulated since this switch is powered up. Its format is day, hour, minute, second.
Page 39
hours : minutes : seconds, year. For instance, Wed, Apr. 23, 12:10:10, 2004. BIOS version: The version of the BIOS in this switch. Firmware version: The firmware version in this switch. Hardware-Mechanical version: The version of Hardware and Mechanical. The figure before the hyphen is the version of electronic hardware;...
3-1-2. Account Configuration In this function, only administrator can create, modify or delete the username and password. Administrator can modify other guest identities’ password without confirming the password but it is necessary to modify the administrator-equivalent identity. Guest-equivalent identity can modify his password only. Please note that you must confirm administrator/guest identity in the field of Authorization in advance before configuring the username and password.
3-1-3. Time Configuration The switch provides manual and automatic ways to set the system time via NTP. Manual setting is simple and you just input “Year”, “Month”, “Day”, “Hour”, “Minute” and “Second” within the valid value range indicated in each item. If you input an invalid value, for example, 61 in minute, the switch will clamp the figure to NTP is a well-known protocol used to synchronize the clock of the switch system time over a network.
Page 42
is no time zone setting in Manual mode. Default: Year = 2000, Month = 1, Day = 1 Hour = 0, Minute = 0, Second = 0 NTP: NTP is Network Time Protocol and is used to sync the network time based Greenwich Mean Time (GMT).
Page 43
Default: 0 Day Light Saving End : This is used to set when to stop performing the daylight saving time. Mth: Range is 1 ~ 12. Default: 1 Day: Range is 1 ~ 31. Default: 1 Hour: Range is 0 ~ 23. Default: 0 Rev.A0 1-May-11...
3-1-4. IP Configuration IP configuration is one of the most important configurations in the switch. Without the proper setting, network manager will not be able to manage or view the device. The switch supports both manual IP address setting and automatic IP address setting via DHCP server.
Page 45
IP address: Users can configure the IP settings and fill in new values if users set the DHCP function “Disable”. Then, click <Apply> button to update. When DHCP is disabled, Default: 192.168.1.77 If DHCP is enabled, this field is filled by DHCP server and will not allow user manually set it any more.
Page 46
DNS: It is Domain Name Server used to serve the translation between IP address and name address. The switch supports DNS client function to re-route the mnemonic name address to DNS server to get its associated IP address for accessing Internet.
3-1-5. Loop Detection The loop detection is used to detect the presence of traffic. When switch receives packet’s(looping detection frame) MAC address the same as oneself from port, show Loop detection happens. The port will be locked when it received the looping detection frames.
3-1-6. Management Policy Through the management security configuration, the manager can do the strict setup to control the switch and limit the user to access this switch. The following rules are offered for the manager to manage the switch: Rule 1) : When no lists exists, then it will accept all connections. Accept ----------------------------------------------------------------------- Rule 2) : When only “accept lists”...
Page 49
Function name: Management Security Configuration Function description: The switch offers Management Security Configuration function. With this function, the manager can easily control the mode that the user connects to the switch. According to the mode, users can be classified into two types: Those who are able to connect to the switch (Accept) and those who are unable to connect to the switch (Deny).
Page 50
Name: A name is composed of any letter (A-Z, a-z) and digit (0-9) with maximal 8 characters. VID: The switch supports two kinds of options for managed valid VLAN VID, including “Any” and “Custom”. Default is “Any”. When you choose “Custom”, you can fill in VID number.
3-1-7. System Log The System Log provides information about system logs, including information when the device was booted, how the ports are operating, when users logged in, when sessions timed out, as well as other system information. Function name: System Log Function description: The Trap Log Data is displaying the log items including all SNMP Private Trap events, SNMP Public traps and user logs occurred in the system.
3-1-8. Virtual Stack Function name: Virtual Stack Function description: Virtual Stack Management(VSM) is the group management function. Through the proper configuration of this function, switches in the same LAN will be grouped automatically. And among these switch, one switch will be a master machine, and the others in this group will become the slave devices.
Page 53
Parameter description: State: It is used for the activation or de-activation of VSM. Default is Enable. Role: The role that the switch would like to play in virtual stack. Two types of roles, including master and slave are offered for option. Default is Master. Group ID: It is the group identifier (GID) which signs for VSM.
3-2. Port Configuration Four functions, including Port Status, Port Configuration, Simple Counter and Detail Counter are contained in this function folder for port monitor and management. Each of them will be described in detail orderly in the following sections. Port Configuration Configuration Status Simple Counter...
Page 55
Parameter description: Speed: Set the speed and duplex of the port. In speed, if the media is 1Gbps fiber, it is always 1000Mbps and the duplex is full only. If the media is TP, the Speed/Duplex is comprised of the combination of speed mode, 10/100/1000Mbps, and duplex mode, full duplex and half duplex.
3-2-2.Port Status The function Port Status gathers the information of all ports’ current status and reports it by the order of port number, media, link status, port state, Auto- Negotiation status, speed/duplex, Rx Pause and Tx Pause. An extra media type information for the module ports 21 and 24 is also offered (See Fig.
Page 57
supported is half duplex and full duplex. If the media is 1Gbps fiber, it is 1000Mbps supported only. The status of speed/duplex mode is determined by 1) the negotiation of both local port and link partner in “Auto Speed” mode or 2) user setting in “Force” mode. The local port has to be preset its capability.
Page 58
Parameter description of Port 7 ~ Port 8: Connector Type: Display the connector type, for instance, UTP, SC, ST, LC and so Fiber Type: Display the fiber mode, for instance, Multi-Mode, Single-Mode. Tx Central Wavelength: Display the fiber optical transmitting central wavelength, for instance, 850nm, 1310nm, 1550nm and so on.
3-2-3. Simple Counter The function of Simple Counter collects any information and provides the counting about the traffic of the port, no matter the packet is good or bad. In the Fig. 3-15, the window can show all ports’ counter information at the same time.
Page 60
Errors: Transmit:: Number of bad packets transmitted. Receive: Number of bad packets received. Drops Transmit:: Number of packets transmitted drop. Receive: Number of packets received drop. Auto-refresh: The simple counts will be refreshed automatically on the UI screen. Refresh: The simple counts will be refreshed manually when user use mouse to click on “Refresh”...
3-2-4. Detail Counter The function of Detail Counter collects any information and provides the counting about the traffic of the port, no matter the packet is good or bad. In the Fig. 3-16, the window can show only one port counter information at the same time.
Page 62
Rx Broadcast: Show the counting number of the received broadcast packet. Rx Multicast: Show the counting number of the received multicast packet. Tx Packets: The counting number of the packet transmitted. TX Octets: Total transmitted bytes. Tx High Priority Packets: Number of Tx packets classified as high priority.
Page 63
Number of 256 ~ 511-byte frames in good and bad packets transmitted. Tx 512-1023 Bytes: Number of 512 ~ 1023-byte frames in good and bad packets transmitted. Tx 1024-Bytes: Number of 1024-max_length-byte frames in good and bad packets transmitted. Rx CRC/Alignment: Number of Alignment errors and CRC error packets received.
3-2-5. Power Saving The function of Power Saving and provides the Power saving for reduce the power consumption with "ActiPHY Power Management" and "PerfectReach Power Management" two technique.It could efficient saving the switch Power when the client idle and detec the cable length to provide different power. Function name: Power Saving Function description:...
3-3. VLAN The switch supports Tag-based VLAN (802.1Q) and Port-based VLAN Support 4094 active VLANs and VLAN ID 1~4094. VLAN configuration is used to partition your LAN into small ones as your demand. Properly configuring it, you can gain not only improving security and increasing performance but greatly reducing VLAN management.
3-3-2. Tag-based Group Function name: Tag-based Group Configuration Function description: It shows the information of existed Tag-based VLAN Groups, You can also easily create, edit and delete a Tag-based VLAN group by pressing <Add>, <Edit> and <Delete> function buttons. User can add a new VLAN group by inputting a new VLAN name and VLAN ID.
Page 67
Member Port: This is used to enable or disable if a port is a member of the new added VLAN, “Enable” means it is a member of the VLAN. Just tick the check ) box ( beside the port x to enable it. Add new VLAN: Please click on <Add new VLAN>...
Page 68
Fig. 3-20-1 c. You need to assign these ports for member of port isolation. Fig. 3-20-2 d. Press the “Save” to complete the PVLAN configuration process. Rev.A0 1-Mar-11...
3-3-3. Port-based Group Function name: Port-based Group Configuration Function description: It shows the information of the existed Port-based VLAN Groups. You can easily create, edit and delete a Port-based VLAN group by pressing <Add>, <Edit> and <Delete> function buttons. User can add a new VLAN group by inputting a new VLAN name.
Page 70
Delete Group: Just press the <Delete> button to remove the selected group entry from the Port-based group table. Fig. 3-23 Rev.A0 1-Mar-11...
3-3-4. Ports Function name: VLAN Port Configuration Function description: In VLAN Tag Rule Setting, user can input VID number to each port. The range of VID number is from 1 to 4094. User also can choose ingress filtering rules to each port. There are two ingress filtering rules which can be applied to the switch.
Page 72
Role: This is an egress rule of the port. Here you can choose Access, Trunk or Hybrid. Trunk means the outgoing packets must carry VLAN tag header. Access means the outgoing packets carry no VLAN tag header. If packets have double VLAN tags, one will be dropped and the other will still be left.
3-3-5. Port Isolation Function name: Port Isolation Function description: Port Isolation provides for an apparatus and method to isolate ports on layer 2 switches on the same VLAN to restrict traffic flow. The apparatus comprises a switch having said plurality of ports, each port configured as a protected port or a non-protected port.
3-3-6. Management VLAN Function name: Management VLAN Function description: To assign a specific VLAN for management purpose. Fig. 3-25 Parameter description: VID: Specific Management VLAN ID. May., 2011 Revision A0...
3-4. MAC MAC Table Configuration gathers many functions, including MAC Table Information, MAC Table Maintenance, Static Forward, Static Filter and MAC Alias, which cannot be categorized to some function type. They are described below. 3-4-1. Mac Address Table Function name: MAC Address Table Information Function Description: This function can allow the user to set up the processing mechanism of MAC...
Page 76
Disable automatic aging: Stop the MAC table aging timer, the learned MAC address will not age out automatically Auto: Enable this port MAC address dynamic learning mechanism. Disable: Disable this port MAC address dynamic learning mechanism, only support static MAC address setting. Secure: Disable this port MAC address dynamic learning mechanism and copy the dynamic learning packets to CPU...
3-4-2. Static Filter Function name: Static Filter Function Description: Static Filter is a function that denies the packet forwarding if the packet’s MAC Address is listed in the filtering Static Filter table. User can very easily maintain the table by filling in MAC Address, VID (VLAN ID) and Alias fields individually.
3-4-3. Static Forward Function Name: Static Forward Function Description: Static Forward is a function that allows the user in the static forward table to access a specified port of the switch. Static Forward table associated with a specified port of a switch is set up by manually inputting MAC address and its alias name.
3-4-4. MAC Alias Function name: MAC Alias Function description: MAC Alias function is used to let you assign MAC address a plain English name. This will help you tell which MAC address belongs to which user in the illegal access report. At the initial time, it shows all pairs of the existed alias name and MAC address.
3-4-5. MAC Table Function name: MAC Table Function Description: Display the static or dynamic learning MAC entry and the state for the selected port. Fig. 3-30 Parameter description: Alias: MAC alias name you assign. MAC address: Display the MAC address of one entry you selected from the searched MAC entries table.
3-5. GVRP GVRP is an application based on Generic Attribute Registration Protocol (GARP), mainly used to automatically and dynamically maintain the group membership information of the VLANs. The GVRP offers the function providing the VLAN registration service through a GARP application. It makes use of GARP Information Declaration (GID) to maintain the ports associated with their attribute database and GARP Information Propagation (GIP) to communicate among switches and end stations.
Page 82
Join Time: Used to declare the Join Time in unit of centisecond. Valid time range: 20 –100 centisecond, Default: 20 centisecond. Leave Time: Used to declare the Leave Time in unit of centisecond. Valid time range: 60 –300 centisecond, Default: 60 centisecond. Leave All Time: A time period for announcement that all registered device is going to be de-registered.
Page 83
Disabled: In this mode, the switch dynamic VLAN will be created when this port received GVRP PDU. The default setting is Normal. Enabled: In this mode, the switch does not create dynamic VLAN when this port received GVRP PDU. Except received dynamic VLAN message of the GVRP PDU is an existed static VLAN in the switch, this port will be added into the static VLAN members dynamically.
3-5-2. Counter Function name: GVRP Counter Function description: All GVRP counters are mainly divided into Received and Transmitted two categories to let you monitor the GVRP actions. Actually, they are GARP packets. Fig. 3-32 Parameter description: Received: Total GVRP Packets: Total GVRP BPDU is received by the GVRP application.
Page 85
Empty Message Packets: Number of GARP BPDU with Empty message is received by the GARP application. Transmitted: Total GVRP Packets: Total GARP BPDU is transmitted by the GVRP application. Invalid GVRP Packets: Number of invalid GARP BPDU is transmitted by the GVRP application.
3-5-3. Group Function name: GVRP Group VLAN Information Function description: To show the dynamic group member and their information. Fig. 3-33 Parameter description: VID: VLAN identifier. When GVRP group creates, each dynamic VLAN group owns its VID. Valid range is 1 ~ 4094. Member Port: Those are the members belonging to the same dynamic VLAN group.
3-6. QoS(Quality of Service) Configuration support four QoS queues per port with strict or weighted fair switch queuing scheduling. There are 8 QoS Control Lists (QCL) for advance programmable QoS classification, based on IEEE 802.1p, Ethertype, VID, IPv4/IPv6 DSCP and UDP/TCP ports and ranges. High flexibility in the classification of incoming frames to a QoS class.
Page 88
Parameter description: Number of Classes: 1 / 2 / 4 Port: User can choose the port (1~8) respectively with Priority Class on Per Port Priority function. Default Class: User can set up High Priority or Low Priority for each port respectively. Low / Normal / Medium / High QCL: The number of QCL rule 1~8, each port have to apply one of the QCL...
3-6-2. Qos Control List Function name: Qos Control List Configuration Function description: support four QoS queues per port with strict or weighted fair switch queuing scheduling. There are 8 QoS Control Lists (QCL) for advance programmable QoS classification, based on IEEE 802.1p, Ether Type, VID, IPv4/IPv6 DSCP and UDP/TCP ports and ranges.
Page 92
Parameter description: QCL#: QCL number : 1~8 QCE Type: Ethernet Type / VLAN ID / UDP/TCP Port / DSCP / ToS / Tag Priority Ethernet Type Value: The configurable range is 0x600~0xFFFF. Well known protocols already assigned EtherType values. The commonly used values in the EtherType field and corresponding protocols are listed below: Ethertype Protocol...
Page 93
MPLS, Multi-Protocol Label Switching 0x8847 (unicast). MPLS, Multi-Protocol Label Switching 0x8848 (multicast). PPPoE, PPP Over Ethernet (Discovery 0x8863 Stage). PPPoE, PPP Over Ethernet (PPP Session 0x8864 Stage). 0x88BB LWAPP, Light Weight Access Point Protocol. 0x88CC LLDP, Link Layer Discovery Protocol. 0x8E88 EAPOL, EAP over LAN.
3-6-3.Rate Limiters Function name: Rate Limit Configuration Function description: Each port includes an ingress policer, and an egress shaper, which can limit the bandwidth of received and transmitted frames. Ingress policer or egress shaper operation is controlled per port in the Rate Limit Configuration. Fig.
3-6-4.Storm Control Function name: Storm Control Configuration Function description: The switch support storm ingress policer control function to limit the Flooded, Multicast and Broadcast to prevent storm event happen. Fig. 3-44 Parameter description: Frame Type: There three frame types of storm can be controlled: Flooded unicast / Multicast / Broadcast Status: Enable/Disable Selection:...
3-6-5.Wizard Function name: Wizard Function description: The QCL configuration Wizard is targeted on user can easy to configure the QCL rules for QoS configuration. The wizard provide the typical network application rules, user can apply these application easily. Fig. 3-45 Parameter description: Please select an Action: User need to select one of action from following items, then click on...
Page 97
Fig. 3-46 Set up Port Policies Parameter description: QCL ID: QoS Control List (QCL): 1~19 Port Member: Port Member: 1~8 Fig. 3-47 Set up Port Policies Parameter description: Wizard Again: Click on the <Wizard Again> , back to QCL Configuration Wizard. Finish: When you click on <Finish>, the parameters will be set according to the wizard configuration and shown on the screen, then ask you to click on...
Page 98
Fig. 3-48 Set up Port Policies Finish Fig. 3-49 Set up Typical Network Application Rules Fig. 3-50 Set up Typical Network Application Rules Rev.A0 1-Mar-11...
Page 99
Fig. 3-51 Set up Typical Network Application Rules Parameter description: Audio and Video: QuickTime 4 Server / MSN Messenger Phone / Yahoo Messenger Phone / Napster / Real Audio Games: Blizzard Battlenet (Diablo2 and StarCraft) / Fighter Ace II / Quake2 / Quake3 / MSN Game Zone User Definition: Ethernet Type / VLAN ID / UDP/TCP Port / DSCP...
Page 100
Fig. 3-52 Set up Typical Network Application Rules Parameter description: QCL ID: QCL ID Range: 1~8 Traffic Class: There are four classes: Low / Normal / Medium / High Fig. 3-53 Set up Typical Network Application Rules Rev.A0 1-Mar-11...
Page 101
Fig. 3-54 Set up Typical Network Application Rules Finish Fig. 3-55 Set up Typical Network Application Rules Finish Rev.A0 1-May-11...
Page 102
Fig. 3-56 Set up Typical Network Application Rules Finish Parameter description: QCL #: QoS Control List (QCL): 1~8 Fig. 3-57 Set up TOS Precedence Mapping Parameter description: QCL ID: QoS Control List (QCL): 1~8 TOS Precedence 0~7 Class: Low / Normal / Medium / High Rev.A0 1-Mar-11...
Page 103
Fig. 3-58 Set up TOS Precedence Mapping Fig. 3-59 Set up TOS Precedence Mapping Finish Fig. 3-60 Set up VLAN Tag Priority Mapping Parameter description: QCL ID: QoS Control List (QCL): 1~8 Tag Priority 0~7 Class: Low / Normal / Medium / High Rev.A0 1-May-11...
Page 104
Fig. 3-61 Set up VLAN Tag Priority Mapping Rev.A0 1-Mar-11...
Page 105
Fig. 3-62 Set up VLAN Tag Priority Mapping Finish Rev.A0 1-May-11...
3-7. SNMP Configuration Any Network Management System (NMS) running the Simple Network Management Protocol (SNMP) can manage the Managed devices equipped with SNMP agent, provided that the Management Information Base (MIB) is installed correctly on the managed devices. The SNMP is a protocol that is used to govern the transfer of information between SNMP manager and agent and traverses the Object Identity (OID) of the management Information Base (MIB), described in the form of SMI syntax.
Page 107
Get/Set/Trap Community: Community name is used as password for authenticating if the requesting network management unit belongs to the same community group. If they both don’t have the same community name, they don’t belong to the same group. Hence, the requesting network management unit can not access the device with different community name via SNMP protocol;...
3-8. ACL The SM8T2DPA switch access control list (ACL) is probably the most commonly used object in the IOS. It is used for packet filtering but also for selecting types of traffic to be analyzed, forwarded, or influenced in some way.
Page 109
Policy ID: Policy ID range:1~8 Action: Permit or Deny forwarding the met ACL packets Rate Limiter ID: Disabled: Disable Rate Limitation Rate Limiter ID Range: 1~16. To select one of rate limiter ID for this port, it will limit met ACL packets by rate limiter ID configuration. Port Copy: Disabled: Disable to copy the met ACL packets to specific port Port number: 1~8.
3-8-2.Rate Limiters Function name: ACL Rate Limiter Configuration Function description: There are 16 rate limiter ID. You can assign one of the limiter ID for each port. The rate limit configuration unit is Packet Per Second (pps). Fig. 3-65 Parameter description: Rate Limiter ID: ID Range: 1~16 Rate(pps):...
3-8-3.Access Control List Function name: ACL Rate Limiter Configuration Function description: The switch ACL function support up to 128 Access Control Entries (ACEs), using the shared 128 ACEs for ingress classification. You can create an ACE and assign this ACE for each port with <Any> or assign this ACE for a policy or assign this ACE for a port.
Page 112
Ingress Port Fig. 3-67 Fig. 3-68 Parameter description: Frame Type: Range: Any / Ethernet Type / ARP / IPv4 Any: It is including all frame type Ethernet Type: It is including all Ethernet frame type ARP: It is including all ARP protocol frame type IPv4: It is including all IPv4 protocol frame type Rev.A0 1-Mar-11...
Page 113
Fig. 3-69 Frame Type Fig. 3-70 Rev.A0 1-May-11...
Page 129
Fig. 3-122 VLAN ID Filter Fig. 3-123 VLAN ID Filter Fig. 3-124 Tag Priority Rev.A0 1-May-11...
Page 130
Function name: ACE Configuration Function description: The switch ACL function support up to 128 Access Control Entries (ACEs), using the shared 128 ACEs for ingress classification. You can create an ACE and assign this ACE for each port with <Any> or assign this ACE for a policy or assign this ACE for a port.
Page 131
MAC Parameters: (When Frame Type = ARP) SMAC Filter: Range: Any / Specific Any: It is including all source MAC address Specific: It is according to SMAC Value specific the source MAC address DMAC Filter: Range: Any / MC / BC / UC Any: It is including all destination MAC address MC: It is including all Multicast MAC address BC: It is including all Broadcast MAC address...
Page 132
Sender IP Filter: Range: Any / Host / Network Any: Including all sender IP address Host: Only one specific sender host IP address Network: A specific IP subnet segment under the sender IP mask Sender IP Address: Default: 192.168.1.77 Sender IP Mask: Default: 255.255.255.0 Target IP Filter: Range: Any / Host / Network...
Page 133
Both 0 and 1 The ingress ARP/PARP frames where the Hardware size is not equal "0x6" or the Protocol size is not equal "0x4" The ingress ARP/PARP frames where the Hardware size is equal "0x6" and the Protocol size is "0x4" Range: Any / 0 / 1 Any: Both 0 and 1...
Page 134
No: The ingress frames is not fragmented packet IP Option: A list of optional specifications for security restrictions, route recording, and source routing. Not every datagram specifies an options field. Range: Any / Yes / No Any: Including all IP option case Yes: The ingress frame is specified IP options No: The ingress frame is not specified IP options SIP Filter: (SIP Source IP Address)
Page 135
Specific: According to following ICMP code value setting for ingress classification ICMP Code Value: Range: 0-255 IP Parameters: (Frame Type = IPv4 and IP Protocol Filter = UDP) Source Port Filter: Range: Any / Specific / Range Any: Including all UDP source ports Specific: According to following Source Port No.
Page 136
Range: 0-65535 Source Port Range.: Range: 0-65535 Dest. Port Filter: Range: Any / Specific / Range Any: Including all TCP destination ports Specific: According to following Dest. Port No. setting for ingress classification Range: According to following Dest. Port Range setting for ingress classification Dest.
Page 137
0: The TCP control bit PSH is 0 1: The TCP control bit PSH is 1 TCP ACK: TCP Control Bit ACK: Means Acknowledgment field significant Range: Any / 0 / 1 Any: Including all TCP ACK case 0: The TCP control bit ACK is 0 1: The TCP control bit ACK is 1 TCP URG: TCP Control Bit URG: Means Urgent Pointer field significant...
Page 138
Controls datagram fragmentation together with the identification field. The flags indicate whether the datagram may be fragmented, whether the datagram is fragmented, and whether the current fragment is the final one. Range: Any / Yes / No Any: Including all IP fragment case Yes: The ingress frame is fragmented packet No: The ingress frames is not fragmented packet IP Option:...
Page 139
ingress classification VLAN ID: Range: 1-4094 Tag Priority: Range: Any / 0-7 Any: Including all Tag Priority values 0-7: The Tag Priority Value is one of number (0-7) Action Parameters: When the ingress frame meet above ACL ingress classification rule you can do the following actions: Action: Range: Permit / Deny...
3-8-4.Wizard Function name: Wizard Function description: The wizard function is provide 4 type of typical application for user easy to configure their application with ACL function. Fig. 3-125 Wizard Parameter description: Please select an Action: Set up Policy Rules / Set up Port Policies / Set up Typical Network Application Rules / Set up Source MAC and Source IP Binding Next: Click on <Next>...
Page 141
Fig. 3-126 Set up Policy Rules Fig. 3-127 Set up Policy Rules Fig. 3-128 Set up Policy Rules Rev.A0 1-May-11...
Page 142
Fig. 3-129 Set up Policy Rules Finish Fig. 3-130 Set up Port Policies Fig. 3-131 Set up Port Policies Rev.A0 1-Mar-11...
Page 143
Fig. 3-132 Set up Port Policies Fig. 3-133 Set up Port Policies Finish Fig. 3-134 Set up Typical Network Application Rules Rev.A0 1-May-11...
Page 144
Fig. 3-135 Set up Typical Network Application Rules Fig. 3-136 Set up Typical Network Application Rules Fig. 3-137 Set up Typical Network Application Rules Rev.A0 1-Mar-11...
Page 145
Fig. 3-138 Set up Typical Network Application Rules Finish Parameter description: Common Server: DHCP / DNS / FTP / HTTP / IMAP / NFS / POP3 / SAMBA / SMTP / TELNET / TFTP Instant Messaging: Google Talk / MSN Messenger / Yahoo Messenger User Definition: Ethernet Type / UDP Port / TCP Port Others:...
3-9. IP MAC Binding The IP network layer uses a four-byte address. The Ethernet link layer uses a six-byte MAC address. Binding these two address types together allows the transmission of data between the layers. The primary purpose of IP-MAC binding is to restrict the access to a switch to a number of authorized users.
Page 147
Server/Client: The maximum number of IP-MAC binding client table is 512 entries. The maximum number of IP-MAC Binding server table is 64 entries. MAC: Six-byte MAC Address: xx-xx-xx-xx-xx-xx For example: 00-40-c7-00-00-01 Four-byte IP Address: xxx.xxx.xxx.xxx For example: 192.168.1.100 Port No: Port no.: 1-8 VID: VLAN ID: 1-4094...
3-10. 802.1X Configuration 802.1X port-based network access control provides a method to restrict users to access network resources via authenticating user’s information. This restricts users from gaining access to the network resources through a 802.1X- enabled port without authentication. If a user wishes to touch the network through a port under 802.1X control, he (she) must firstly input his (her) account name for authentication and waits for gaining authorization before sending or receiving any packets from a 802.1X-enabled port.
Page 149
The overview of operation flow for the Fig. 3-53 is quite simple. When Supplicant PAE issues a request to Authenticator PAE, Authenticator and Supplicant exchanges authentication message. Then, Authenticator passes the request to RADIUS server to verify. Finally, RADIUS server replies if the request is granted or denied.
Page 150
Authentication server Fig. 3-54 Authenticator Supplicant A The Fig. 3-55 shows the procedure of 802.1X authentication. There are steps for the login based on 802.1X port access control management. The protocol used in the right side is EAPOL and the left side is EAP. At the initial stage, the supplicant A is unauthenticated and a port on switch acting as an authenticator is in unauthorized state.
Page 151
If user ID and password is correct, the authentication server will send a Radius-Access-Accept to the authenticator. If not correct, the authentication server will send a Radius-Access-Reject. When the authenticator PAE receives a Radius-Access-Accept, it will send an EAP-Success to the supplicant. At this time, the supplicant is authorized and the port connected to the supplicant and under 802.1X control is in the authorized state.
Port Mode Port Control Authentication Port Status Disable Don’t Care Don’t Care Port Uncontrolled Multihost Auto Successful Port Authorized Multihost Auto Failure Port Unauthorized Multihost ForceUnauthorized Don’t Care Port Unauthorized Multihost ForceAuthorized Don’t Care Port Authorized Table 3-3 3-10-1.Server Function name: 802.1X Server Configuration Function description: This function is used to configure the global parameters for RADIUS...
Page 153
Secret Key: The secret key between authentication server and authenticator. It is a string with the length 1 – 31 characters. The character string may contain upper case, lower case and 0-9. It is character sense. It is not allowed for putting a blank between any two characters. Default: Radius Accounting Server Server IP Server:...
3-10-2.Port Configuration Function name: 802.1X Port Configuration Function description: This function is used to configure the parameters for each port in 802.1X port security application. Refer to the following parameters description for details. Fig. 3-145 Parameter description: Port: It is the port number to be selected for configuring its associated 802.1X parameters which are Port control, reAuthMax, txPeriod, Quiet Period, reAuthEnabled, reAuthPeriod, max.
Page 155
Advanced: Each clients under this port have to do 802.1X authentication by himself. Clientless: The clients don’t need to install 802.1X client function, that means the client PC (for example WINDOW XP) does not need to enable 802.1X client function also can do 802.1X authentication. But the network maintainer need to configure the Radius server using each client’s MAC address for Radius account ID and password.
Page 156
max. Request(1-10): The maximum of number times that the authenticator will retransmit an EAP Request to the supplicant before it times out the authentication session. The valid range: 1 – 10. Default: 2 times suppTimeout(1-65535 s): A timeout condition in the exchange between the authenticator and the supplicant.
3-10-3.Status Function name: 802.1X Status Function description: Show the each port IEEE 802.1X authentication current operating mode and status. Fig. 3-146 Parameter description: Port: Port number: 1-8 Mode: Show this port IEEE 802.1X operating mode: There are four modes Disable, Normal, Advance and Clientless Status: Show this port IEEE 802.1X security current status: Authorized or Unauthorized May., 2011...
3-10-4. Statistics Function name: 802.1X Port Statistics Port1 Function description: Show the IEEE 802.1X authentication related counters for manager monitoring authenticator status. Fig. 3-147 Parameter description: Port: Port Number: 1-8 Auto - refresh: Refresh the authenticator counters in the web UI automatically Refresh: Click on the <Refresh>...
3-11. TACACS+ TACACS+ (Terminal Access Controller Access-Control System Plus) is a protocol which provides access control for the switch via one or more centralized servers. It provides separate authentication, authorization and accounting services. TACACS+ utilizes TCP port 49. It consists of three separate protocols, which can, if desired, be implemented on separate servers.
3-11-2. Authentication Function name: Authentication Configuration Function description: The switch supports including Console, Telnet and Web authentication method via TACACS+ server . Fig. 3-147-1 Parameter description: Console: To set console authentication method with Login primary or Login secondary. Default: Primary is “Local” and Secondary is “None” Telnet: To set Telnet authentication method with Login primary or Login secondary.
3-11-3. Authorization Function name: Authorization Configuration Function description: The switch supports TACACS+ server Authorization method with “State” and “Fallback to Local Authorization “. Fig. 3-147-1 Parameter description: State: To enable or disable the State Authorization via TACACS+ Server. Default: Disable Fallback to Local Authorization: To enable or disable the switch Fallback to Local Authorization.
3-11-4. Accounting Function name: Accounting Configuration Function description: The switch supports TACACS+ server Accounting method with “Enable” and “Disable “ for manage login traffic accounting. Fig. 3-147-1 Parameter description: State: To enable or disable the accounting via TACACS+ Server. Default: Disable May., 2011 Revision A0...
3-12. Trunking Configuration The Port Trunking Configuration is used to configure the settings of Link Aggregation. You can bundle more than one port with the same speed, full duplex and the same MAC to be a single logical port, thus the logical port aggregates the bandwidth of these ports.
Per Trunking Group supports a maximum of 4 ready member-ports. Please note that some decisions will automatically be made by the system while you are configuring your trunking ports. Some configuration examples are listed below: 8 ports have already used Static Trunk Group ID 1, the 13th port willing to use the same Static Trunk Group ID will be automatically set to use the “None”...
Page 165
Method: This determines the method a port uses to aggregate with other ports. None: A port does not want to aggregate with any other port should choose this default setting. LACP: A port use LACP as its trunk method to get aggregated with other ports also using LACP.
3-12-2 Aggregator View Function name: Aggregator View Function description: To display the current port trunking information from the aggregator point of view. Fig.3-149 Parameter description: Aggregator: It shows the aggregator ID (from 1 to 8) of every port. In fact, every port is also an aggregator, and its own aggregator ID is the same as its own Port No..
3-12-3 Aggregation Hash Mode Function name: Aggregation Hash Mode Configuration Function description: To configure the current port aggregate mode with 4 types. Fig.3-149-1 Parameter description: Source MAC Address: To evoke to enable source MAC address for Aggregate Mode . Destination MAC Address: To evoke to enable destination MAC address for Aggregate Mode .
3-12-4 LACP System Priority Function name: LACP System Priority Function description: It is used to set the priority part of the LACP system ID. LACP will only aggregate together the ports whose peer link partners are all on a single system.
3-13 STP Configuration The Spanning Tree Protocol (STP) is a standardized method (IEEE 802.1D) for avoiding loops in switched networks. When STP is enabled, ensure that only one path is active between any two nodes on the network at a time. User can enable Spanning Tree Protocol on switch’s web management and then set up other advanced items.
Page 170
Designated Priority: Show the current root bridge priority. Root Port: Show port number connected to root bridge with the lowest path cost. Root Path Cost: Show the path cost between the root port and the designated port of the root bridge. Current Max.
If you want to have the SM8T2DPA as root bridge, you can set this value lower than that of bridge in the LAN. The valid value is 0 ~ 61440. The default is 32768.
Page 172
Default is 2 seconds. Max. Age: When the SM8T2DPA is the root bridge, the whole LAN will apply this figure set by this switch as their maximum age time. When a bridge received a BPDU originated from the root bridge and if the message age conveyed in the BPDU exceeds the Max.
3-13-3. STP Port Configuration Function name: STP Port Setting Function description: In the STP Port Setting, one item selection and five parameters settings are offered for user’s setup. User can disable and enable each port by selecting each Port Status item. User also can set “Path Cost” and “Priority” of each port by filling in the desired value and set “Admin Edge Port”...
Page 174
Configured Path Cost: The range is 0 – 200,000,000. In the switch, if path cost is set to be zero, the STP will get the recommended value resulted from auto-negotiation of the link accordingly and display this value in the field of Path Cost Status.
Page 175
Default: Auto M Check: Migration Check. It forces the port sending out an RSTP BPDU instead of a legacy STP BPDU at the next transmission. The only benefit of this operation is to make the port quickly get back to act as an RSTP port. Click <M Check>...
3-14 MSTP The implementation of MSTP is according to IEEE 802.1Q 2005 Clause 13 – Multiple Spanning Tree Protocol. MSTP allows frames assigned to different VLANs to follow separate paths, each based on an independent Multiple Spanning Tree Instance (MSTI), within Multiple Spanning Tree (MST) Regions composed of LANs and or MST Bridges.
3-14-2 Region Config Function name: MSTP Region Config Function description: To configure the basic identification of a MSTP bridge. Bridges participating in a common MST region must have the same Region Name and Revision Level. Fig. 3-155 Parameter description: Region Name: 0-32 characters.(A variable length text string encoded within a fixed field of 32 octets , conforming to RFC 2271’s definition of SnmpAdminString.) Revision Level:...
3-14-3 Instance View Function name: MSTP Instance Config Function description: Providing an MST instance table which include information(vlan membership of a MSTI ) of all spanning instances provisioned in the particular MST region which the bridge belongs to. Through this table, additional MSTP configuration data can be applied and MSTP status can be retrieved.
Page 179
To delete an MSTI. Del All MSTI: Deleting all provisioned MSTIs at a time. Fig. 3-158 Instance Configuration: To provision spanning tree performance parameters per instance. Fig. 3-159 Port Config: To provision spanning tree performance parameters per instance per port. Fig.
Page 181
Fig. 3-159 Port Config Parameter description: Port: 1- 8 Path Cost: 1 – 200,000,000 The same definition as in the RSTP specification. But in MSTP, this parameter can be respectively applied to ports of CIST and ports of any MSTI. Priority: 0 / 16 / 32 / 48 / 64 / 80 / 96 / 112 / 128 / 144 / 160 / 176 / 192 / 208 / 224 / 240...
Page 182
Restricted Role: Yes / No If “Yes” causes the Port not to be selected as Root Port for the CIST or any MSTI, even it has the best spanning tree priority vector. Such a Port will be selected as an Alternate Port after the Root Port has been selected.
Page 183
Parameter description: MSTP State: MSTP protocol is Enable or Disable. Force Version: It shows the current spanning tree protocol version configured. Bridge Max Age: It shows the Max Age setting of the bridge itself. Bridge Forward Delay: It shows the Forward Delay setting of the bridge itself. Bridge Max Hops: It shows the Max Hops setting of the bridge itself.
Page 184
Mac Address of the CIST regional root bridge. CIST INTERNAL ROOT PATH COST: Root path cost value from the point of view of the bridges inside the IST. CIST CURRENT MAX AGE: Max Age of the CIST Root bridge. CIST CURRENT FORWARD DELAY: Forward Delay of the CIST Root bridge.
Page 185
particular spanning tree instance. Priority: Display port priority value for each port in a particular spanning tree instance. Hello: per port Hello Time display. It takes the following form: Current Hello Time/Hello Time Setting Oper. Edge: Whether or not a port is an Edge Port in reality. Oper.
3-15. Mirror Function name: Mirror Configuration Function description: Mirror Configuration is to monitor the traffic of the network. For example, we assume that Port A and Port B are Monitoring Port and Monitored Port respectively, thus, the traffic received by Port B will be copied to Port A for monitoring.
Multicast 3-16. The function, is used to establish the multicast groups to forward the multicast packet to the member ports, and, in nature, avoids wasting the bandwidth while IP multicast packets are running over the network. This is because a switch that does not support IGMP or IGMP Snooping can not tell the multicast packet from the broadcast packet, so it can only treat them all as the broadcast packet.
3-16-2 IGMP Proxy Function name: IGMP Proxy Configuration Function description: IGMP proxy enables the switch to issue IGMP host messages on behalf of hosts that the system discovered through standard IGMP interfaces. The switch acts as a proxy for its hosts. You enable IGMP proxy on the switch, which connects to a router closer to the root of the tree.
Page 189
General Query Max Response Time : To set the max response code value of the general query packet . (Available : 1~25 secs) Last Member Query Count : To set the frequency. When Switch received IGMP leave then switch send specific query frequency. (Available : 1~16 secs) Last Member Query Interval : To set the frequency what the Switch send specific query period time.
3-16-3 IGMP Snooping Function name: IGMP Snooping Configuration Function description: IGMP Snooping enables the switch to issue IGMP host messages on behalf of hosts that the system discovered through standard IGMP interfaces. The switch acts with Snooping mode for its hosts. You enable IGMP Snooping on the switch, Fig.
3-16-4 IGMP Group Allow Function name: IGMP Group Allow Function description: The Group Allow function allows the Multicast VLAN Registration to set up the IP multicast group filtering conditions. IGMP join behavior that meet the items you set up will be joined or formed the multicast group. Fig.
3-16-5 IGMP Group Membership Function name: IGMP Group Membership Function description: To show the IGMP group members information, the you can edit the parameters for IGMP groups and members in the web user interface. Fig. 3-164 Parameter description: Index: To display current built-up multicast group entry index. Group Address: To display current built-up multicast Group Address .
3-16-6 MVR Function name: MVR configuration (Multicast VLAN Registration) Function description: Multicast VLAN Registration (MVR) routes packets received in a multicast source VLAN to one or more receive VLANs. Clients are in the receive VLANs and the multicast server is in the source VLAN. Multicast routing has to be disabled when MVR is enabled.
3-16-7 MVID Function name: MVID configuration (Multicast VLAN Registration ID assign entry) Function description: To set the MVR Group member ID (MVID) entry with the Member port and Router Port. Fig. 3-164-2 MVID configuration Fig. 3-164-3 MVID configuration Parameter description: Add new MVID: To create a new MVID entry.
3-16-8 MVR Group Allow Function name: MVR Group Allow Function description: The Group Allow function allows the Multicast VLAN Registration to set up the IP multicast group filtering conditions. IGMP join behavior that meet the items you set up will be joined or formed the multicast group. Fig.
3-16-9 MVR Group Membership Function name: MVR Group Membership Function description: To display the MVR Group Membership information. Fig. 3-164-4 MVID Group Membership Parameter description: Refresh: Refresh function can help you to see current MVR group Membership status Previous Page: Move to the previous page.
3-17. Alarm Configuration Alarm Configuration Events Configuration Email Configuration Function name: Events Configuration Function description: The Trap Events Configuration function is used to enable the switch to send out the trap information while pre-defined trap events occurred. The switch offers 24 different trap events to users for switch management. The trap information can be sent out in two ways, including email and trap.
3-17-1 Events Function name: Email Configuration Function description: Alarm configuration is used to configure the persons who should receive the alarm message via email. An email address has to be set in the web page of alarm configuration (See Fig. 3-61). Then, user can read the trap information from the email.
3-17-2 Email Parameter description: Email: Mail Server: the IP address of the server transferring your email. Username: your username on the mail server. Password: your password on the mail server. Email Address 1 – 6: email address that would like to receive the alarm message.
3-18. DHCP Snooping DHCP Snooping DHCP Snooping State DHCP Snooping Entry DHCP Snooping Client Fig.3-62 3-18-1. DHCP Snooping State Function name: DHCP Snooping State Function description: The addresses assigned to DHCP clients on unsecure ports can be carefully controlled using the dynamic bindings registered with DHCP Snooping. DHCP snooping allows a switch to protect a network from rogue DHCP servers or other devices which send port-related information to a DHCP server.
3-18-2. DHCP Snooping Entry Function name: DHCP Snooping Entry Function description: DHCP snooping Entry allows a switch to add the an trust DHCP server and 2 trust port to build the DHCP snooping available entry. This information can be useful in tracking an IP address back to a physical port and enable or disable the DHCP Option 82.
* If the DHCP packet is a reply packet from a DHCP server, the packet is dropped. * If the DHCP packet is from a client, such as a DISCOVER, REQUEST INFORM, DECLINE or RELEASE message, the packet is forwarded if MAC address verification is disabled.
3-19. LLDP The switch supports the LLDP. For current information on your switch model, The Link Layer Discovery Protocol (LLDP) provides a standards-based method for enabling switches to advertise themselves to adjacent devices and to learn about adjacent LLDP devices. 3-19-1 .
Page 204
reinitializing LLDP transmission. (Default: 2 secs) Notification Interval: A network management application can periodically check the switch MIB to detect any missed change notification traps. Refer to IEEE 802.1AB-2005 or later for more information. (Default: 5 secs) Mode To enable or disable the LLDP mode per port. There are four type includes Disable, Tx_Rx, Tx only and Rx only Port Descr : To evoke the outbound LLDP advertisements, includes an alphanumeric string describing the port.
3-19-2 . LLDP Entry Function name: LLDP Entry Function description: The LLDP Entry function allows a switch to display per port which build the LLDP available entry. This information can be useful in tracking LLDP packets back to a physical port and enable or disable the LLDP. Fig.
Page 206
that are supported. Also includes information on whether the capabilities are enabled. Management Address: To display include a specific IP address in the outbound LLDP advertisements for specific ports. Auto - refresh: Refresh the authenticator counters in the web UI automatically Refresh: Click on the <Refresh>...
3-19-3 . LLDP Statistics Function name: LLDP Statistics Function description: Display the detailed counting number of each port’s LLDP traffic Fig. 3-18-3 LLDP statistics Parameter description: Neighbor entries were last changed at : The time period which neighbor entries were be changed . Total Neighbors Entries Added: The total neighbors entries added be received.
Page 208
Show the local port on the switch. Tx Frames: The counting number of the frames transmitted. Rx Frames: The counting number of the frames transmitted. Frames Discarded: Show the number of frame discarded. TLVs Discarded: Show the number of TLVs discarded. TLVs Unrecognized: Show the number of TLVs unrecognized.
3-20. Save/Restore The switch supports three copies of configuration, including the default configuration, working configuration and user configuration for your configuration management. All of them are listed and described below respectively. Default Configuration: This is ex-factory setting and cannot be altered. In Web UI, two restore default functions are offered for the user to restore to the default setting of the switch.
3-20-1. Factory Defaults Function name: Restore Default Configuration (includes default IP address) Function description: Restore Default Configuration function can retrieve ex-factory setting to replace the start configuration. And the IP address of the switch will also be restored to 192.168.1.77. Fig.
Fig. 3-169 3-20-4 . Restore User Function name: Restore User Configuration Function description: Restore User Configuration function can retrieve the previous confirmed working configuration stored in the flash memory to update start configuration. When completing to restore the configuration, the system’s start configuration is updated and will be changed its system settings after rebooting the system.
3-21. Export/ Import Function name: Export / Import Function description: With this function, user can back up or reload the configuration files of Save As Start or Save As User via TFTP. Parameter description: Export File Path: Export Start: Export Save As Start’s config file stored in the flash. Export User-Conf: Export Save As User’s config file stored in the flash.
3-22. Diagnostics Three functions, including Diagnostics, Loopback Test and Ping Test are contained in this function folder for device self-diagnostics. Each of them will be described in detail orderly in the following sections. Diagnostics Diagnostics Ping Test 3-22-1 . Diag Function name: Diagnostics Function description:...
3-22-2 .Ping Function name: Ping Test Function description: Ping Test function is a tool for detecting if the target device is alive or not through ICMP protocol which abounds with report messages. The switch provides Ping Test function to let you know that if the target device is available or not.
Software Upload Function description: Click on <Browse> to select a specific SM8T2DPA firmware file from the Web management PC, then click on <Upload> to confirm the upgrade firmware action. The new firmware will be uploaded into the switch and write into flash memory.
3-24. Logout You can manually logout by performing Logout function. In the switch, it provides another way to logout. You can configure it to logout automatically. Function name: Logout Function description: The switch allows you to logout the system to prevent other users from the system without the permission.
4. Operation of CLI Management 4-1. CLI Management Refer to Chapter 2 for basic installation. The following description is the brief of the network connection. -- Locate the correct DB-9 null modem cable with female DB-9 connector. Null modem cable comes with the management switch. Refer to the Appendix B for null modem cable configuration.
4-2. Commands of CLI To see the commands of the mode, please input “?” after the prompt, then all commands will be listed in the screen. All commands can be divided into two categories, including global commands and local commands. Global commands can be used wherever the mode you are.
When you enter this command, your current position would move to the top mode. If you use this command in the top mode, you are still in the position of the top mode. Argument: None. Possible value: None. Example: SM8T2DPA# alarm SM8T2DPA(alarm)# events SM8T2DPA(alarm-events)# end SM8T2DPA# exit Syntax: exit Description: Back to the previous mode.
Page 221
Argument: None. Possible value: None. Example: SM8T2DPA# ip SM8T2DPA(ip)# help Commands available: ------------<< Local commands >>------------ set ip Set ip,subnet mask and gateway set dns Set dns...
Page 222
[#]: show last number of history records. (optional) Possible value: [#]: 1, 2, 3, …., 256 Example: SM8T2DPA(ip)# history Command history: 0. trunk 1. exit 2. SM8T2DPA# trunk 3. SM8T2DPA(trunk)# exit 4. SM8T2DPA# 5. ? 6. trunk 7. exit 8. alarm 9. events 10.
Page 223
CLI system. After restoring default configuration, all the changes in the startup configuration would be lost. After rebooting, the entire startup configuration would reset to factory default. Argument: None. Possible value: None. Example: SM8T2DPA# restore default Restoring ... Restore Default Configuration Successfully Press any key to reboot system. Rev.A0 1-May-11...
Page 224
After rebooting, the entire startup configuration would replace as user defined one. Argument: None. Possible value: None. Example: SM8T2DPA# restore user Restoring ... Restore User Configuration Successfully Press any key to reboot system. save start Syntax: save start Description: To save the current configuration as the start one.
Page 225
To save the current configuration as the user-defined configuration. When you enter this command, the CLI would save your current configuration into the non-volatile FLASH as user-defined configuration. Argument: None. Possible value: None. Example: SM8T2DPA# save user Saving user... Save Successfully SM8T2DPA# Rev.A0 1-May-11...
<port range> : syntax 1,5-7, available from 1 to 8 <value>: max-times , range 1-10 Possible value: <port range> : 1 to 8 <value>: 1-10, default is 2 Example: SM8T2DPA(802.1X)# set maxReq 2 2 set mode Syntax: set mode <port-range> <mode> Description: To set up the 802.1X mode of each port.
Page 227
2:Auto Possible value: <port range> : 1 to 8 <authorized> : 0, 1 or 2 Example: SM8T2DPA(802.1X)# set port-control 2 2 set quietPeriod Syntax: set quietPeriod <port-range> <value> Description: A timer used by the Authenticator state machine to define periods of time during when it will not attempt to acquire a Supplicant.
Page 228
Possible value: <port range> : 1 to 8 <value> : 1-10, default is 2 Example: SM8T2DPA(802.1X)# set reAuthMax 2 2 set reAuthPeriod Syntax: set reAuthPeriod <port-range> <value> Description: A constant that defines a nonzero number of seconds between periodic reauthentication of the supplicant.
Page 229
<secret-key> : set up the value of secret-key, and the length of secret-key is from 1 to 31 Possible value: <udp-port > : 1~65535, default is 1812 Example: SM8T2DPA(802.1X)# set auth-server 192.168.1.115 1812 WinRadius set suppTimeout Syntax: set suppTimeout <port-range> <value> Description:...
Page 230
To display the parameter settings of each port. Argument: <port range> : syntax 1,5-7, available from 1 to 8 Possible value: <port range> : 1 to 8 Example: SM8T2DPA(802.1X)# show port-config 1, 2 port 1) Mode : Disabled port control : Auto reAuthMax txPeriod...
Page 231
Syntax: show server Description: Show the Radius server configuration Argument: None Possible value: None Example: SM8T2DPA(802.1X)# show server Authentication Server ________________________________________ IP Address: 192.168.1.77 UDP Port : 1812 Secret Key : Radius Accounting Server _________________________________________ IP Address: 192.168.1.77...
Page 232
SM8T2DPA(account)# add aaaaa Password: Confirm Password: SM8T2DPA(account)# Syntax: del <name> Description: To delete an existing account. Argument: <name> : existing user account Possible value: None. Example: SM8T2DPA(account)# del aaaaa Account aaaaa deleted modify Syntax: modify <username> Description: To change the username and password of an existing account.
Page 233
To set SSL function for secure encryption web manage traffic. Argument: <0/1> : 0: disable 1: enable Possible value: <0/1> : 0: disable 1: enable, default is 0 Example: SM8T2DPA(https)# set state 1 SM8T2DPA(https)# set redirect Syntax: set redirect <0|1> Description: To set SSL function for secure encryption web manage traffic and redirect automatically to Https login page of IE browser.
Page 234
To create a new guest user. When you create a new guest user, you must type in password and confirm password. Argument: <name> : new account name Possible value: A string must be at least 5 character. Example: SM8T2DPA(account)# add aaaaa Password: Confirm Password: SM8T2DPA(account)# Syntax: del <name> Description: To delete an existing account.
Page 235
Possible value: None. Example: SM8T2DPA(account)# modify aaaaa username/password: the length is from 5 to 15. Current username (aaaaa):bbbbb New password: Confirm password: Username changed successfully. Password changed successfully. show Syntax: show Description: To show system account, including account name and identity.
Page 236
tag_prio: any dmac: any frame type: arp arp type: Request/Reply (opcode): any source ip: any destination ip: any ARP flag ARP SMAC Match: any RARP DMAC Match: any IP/Ethernet Length: any IP: any Ethernet: any action: 1 rate limiter: 0 copy port: 0 Rev.A0 1-Mar-11...
Page 237
<port copy> : 0-8 (0:disable) Possible value: <port> : 1-8 <permit/deny>: 0-1 <rate_limiter>: 0-16 <port copy> : 0-8 Example: SM8T2DPA(acl)# action 5 0 2 2 SM8T2DPA(acl)# show port policy id action rate limiter port copy counter a class map ……. ….
Page 238
Description: To move the ACE ( Access Control Entry) configuration between index1 and index2.. Argument: None. Possible value: None. Example: SM8T2DPA(account)# move 1 2 policy Syntax: policy <policy> <ports> Description: To set acl port policy on switch Argument: <policy> : 1-8 <ports>...
Page 239
Syntax: show Description: To show all access control entry setting on switch Argument: none Possible value: none Example: SM8T2DPA(acl)# show port policy id action rate limiter port copy counter a class map ……. …. … deny rate limiter rate(pps) Rev.A0...
Page 240
To remove the configuration of E-mail address. Argument: <#>: email address number, range: 1 to 6 Possible value: <#>: 1 to 6 Example: SM8T2DPA(alarm-email)# del mail-address 2 del server-user Syntax: del server-user Description: To remove the configuration of server, user account and password.
Page 241
<mail address>:email address Possible value: <#>: 1 to 6 Example: SM8T2DPA(alarm-email)# set mail-address 1 abc@mail.abc.com set server Syntax: set server <ip> Description: To set up the IP address of the email server. Argument: <ip>:email server ip address or domain name Possible value: None.
Page 242
Description: To disable email and trap of events. Argument: <range>:del the range of events, syntax 1,5-7 Possible value: <range>: 1~24 Example: SM8T2DPA(alarm-events)# del all 1-3 del email Syntax: del email <range> Description: To disable the email of the events. Argument: <range>:del the range of email, syntax 1,5-7...
Page 243
Description: To enable email and trap of events. Argument: <range>:set the range of events, syntax 1,5-7 Possible value: <range>: 1~24 Example: SM8T2DPA(alarm-events)# set all 1-3 set email Syntax: set email <range> Description: To enable the email of the events. Argument: <range>:set the range of email, syntax 1,5-7...
Page 244
27 IP MAC Binding Server Authenticate error show (alarm) Syntax: show Description: The Show for alarm here is used to display the configuration of Events, or E-mail. Argument: None. Possible value: None. Example: SM8T2DPA(alarm)# show events SM8T2DPA(alarm)# show email Rev.A0 1-Mar-11...
Page 245
Argument: < Usage> set up current or user < ip address> the TFTP server ip address Possible value: none Example: SM8T2DPA(config-file)# export current 192.168.1. 63 Export successful. import Syntax: import <current | user> < ip address> Description: To run the import start function.
Page 246
< ip address> : TFTP server ip address <filepath>: upgrade file path Possible value: < ip address> : TFTP server ip address <filepath>: upgrade file path Example: SM8T2DPA(firmware)# upgrade 192.168.2.4 fgs2924R_SM8T2DPA_v2.03.img gvrp set state Syntax: set state < 0 | 1> Description: To disable/ enable the gvrp function.
Page 247
Example: SM8T2DPA(gvrp)# group applicant 2 5 0 GVRP group information Current Dynamic Group Number: 1 VID Member Port ---- -------------------------------------------------- set applicant Syntax: set applicant <port> < 0 | 1 > Description: To set default applicant mode for each port.
Page 248
Leave Time must equal double Join Time at least. Possible value: <port> : 1 to 8 <JoinTime>: 20 to 100 <LeaveTime>: 60 to 300 <LeaveAllTime>: 1000 to 5000 Example: SM8T2DPA(gvrp)# set timer 2-8 25 80 2000 show Syntax: show Description: To display the gvrp configuration. Argument: None May., 2011...
Page 249
Description: To display the counter number of the port. Argument: <port>: port number Possible value: <port>: available from 1 to 8 Example: SM8T2DPA(gvrp)# counter 2 Received Total GVRP Packets Invalid GVRP Packets : 0 LeaveAll message JoinEmpty message JoinIn message...
Page 250
igmp set drp Syntax: set drp <port > Description: Set router ports to disable. Argument: <port >: syntax 1,5-7, available from 1 to 8 Possible value: <port >: 1 to 8 Example: SM8T2DPA(igmp)# set drp 1- 8 Rev.A0 1-Mar-11...
Page 251
Set router ports to enable Argument: <port>: syntax 1,5-7, available from 1 to 8 Possible value: <port>: 1 to 8 Example: SM8T2DPA(igmp)# set erp 1 set flood Syntax: set flood <state> Description: To set up disable / enable unregister ipmc flooding.
Page 252
<manual|auto> : manual or auto Example: SM8T2DPA(ip)# enable dhcp manual set dns Syntax: set dns <ip> Description: To set the IP address of DNS server. Argument: <ip> : dns ip address Possible value: 168.95.1.1 Example: SM8T2DPA (ip)# set dns 168.95.1.1 Rev.A0 1-Mar-11...
Page 253
Possible value: <ip> : 192.168.1.2 or others <mask> : 255.255.255.0 or others <gateway> : 192.168.1.253 or others Example: SM8T2DPA(ip)# set ip 192.168.1.2 255.255.255.0 192.168.1.253 show Syntax: show Description: To display the system’s DHCP function state, IP address, subnet mask, default gateway, DNS mode, DNS server IP address and current IP address.
Page 254
< ip > : ip address < port > : 1 to 8 < vid > : 1 to 4094 Example: SM8T2DPA(ip_mac_binding)# set entry 1 00-11-2f-de-7b-a9 192.168.2.2 1 1 delete ip Syntax: delete ip < 0 | 1> <ip> Description: Delete ip mac binding entry by ip.
Page 255
Argument: <#> : set up the range of the ports to search for, syntax 1,5-7, available form 1 to 8 Possible value: <#> :1 to 8 Example: SM8T2DPA(loop-detection)# disable 1-24 SM8T2DPA(loop-detection)# show Detection Port Locked Port Port Status Port Status...
Page 256
Argument: <#> : set up the range of the ports to search for, syntax 1,5-7, available form 1 to 8 Possible value: <#> :1 to 8 Example: SM8T2DPA (loop-detection)# resume 1-24 SM8T2DPA (loop-detection)# show Detection Port Locked Port Port Status...
Page 257
<#> :1 to 8 Example: SM8T2DPA (loop-detection)# resume 1-24 SM8T2DPA (loop-detection)# show Detection Port Locked Port Port Status Port Status --------------------------------- 1 Enable 1 Normal 2 Enable 2 Normal 3 Enable 3 Normal 4 Enable 4 Normal 5 Enable 5 Normal...
Page 258
= 3 disabled = 0 port range syntax : 1,5-7, available from 1 to 8 Possible value: <Port range> : 1 to 8 Example: SM8T2DPA(lldp)# set mode 1 15 SM8T2DPA(lldp)# set notification Syntax: set notification <state> <range> Description:...
Page 259
: 1,5-7, available from 1 to 8 Possible value: <Port Range> : syntax : 1,5-7, available from 1 to 8 Example: SM8T2DPA(lldp)# set tlv test SM8T2DPA swtich 5 122 5 SM8T2DPA(lldp)# set txDelay Syntax: set txDelay <time>...
Page 260
<time> Description: To set lldp txHold Argument: <time>: from 2 to 10 second(s) Possible value: <time>: from 2 to 10 second(s) Example: SM8T2DPA(lldp)# set txHold 5 SM8T2DPA(lldp)# set txInterval Syntax: set txInterval <time> Description: To set lldp txInterval Argument: <time>: from 5 to 32768 second(s)
Page 261
To display LLDP detail counter Argument: <port>: 1,5-9, available from 1 to 8 Possible value: <port>: 1,5-9, available from 1 to 8 Example: SM8T2DPA(lldp)# show detail-counter 15 LLDP Port Statistics Detail Port Name : 15 Frames Discarded : Frames Invalid Frames REceived...
Page 262
SM8T2DPA(lldp)# show local-device LLDP Local Devices Information Chassis Type : MAC-address Chassis Id : 00-A0-57-15-2A-F7 System name = SM8T2DPA System Description : 24-Port GbE L2 Plus Managed Switch with 4 SFP Dual Media System Capabilities Supported : bridge System Capabilities Enabled : bridge...
Page 263
To display LLDPport config Argument: <port>: 1,5-9, available from 1 to 8. Possible value: <port>: 1,5-9, available from 1 to 8. Example: SM8T2DPA(lldp)# show port-config 5 LLDP Port Configuration Detail Port : AdminStatus [Tx_Rx] : Disable NotificationEnabled [False] : True TLVs Advertised :...
Page 264
<mac> Description: To del mac alias entry. Argument: <mac> : set up the MAC format: xx-xx-xx-xx-xx-xx Possible value: <mac> : set up the MAC format: xx-xx-xx-xx-xx-xx Example: SM8T2DPA(mac-alias)# set 23-56-r5-55-3f-03 test3 SM8T2DPA(mac-alias)# show MAC Alias Alias =========================================== 23-56-00-55-3F-03 test3 23-56-00-55-EF-03...
Page 265
<mac> : mac address, xx-xx-xx-xx-xx-xx <alias> : mac alias name, max 15 characters Possible value: <mac> : set up the MAC format: xx-xx-xx-xx-xx-xx <alias> : mac alias name, max 15 characters Example: SM8T2DPA(mac-alias)# set 23-56-r5-55-3f-03 test3 SM8T2DPA(mac-alias)# show MAC Alias Alias =========================================== 23-56-00-55-3F-03...
Page 266
To set mac table age out time of dynamic learning mac. Argument: <#>: age-timer in seconds, 0, 10 1000000. The value zero disables aging Possible value: <#>: 0, 10 to 1000000. Example: SM8T2DPA(mac-table-maintain)# set age-time 300 SM8T2DPA(mac-maintenance)# show E api_ai 26/vtss_ Aging Configuration: Enter into sta Rev.A0...
Page 267
<range syntax> : 1,5-7, available from 1 to 8 <auto >: auto learning <disable >: disable learning <secure >: learn frames are discarded. Example: SM8T2DPA(mac-table-maintain)# set learning 1-24 auto SM8T2DPA(mac-maintenance)# show E api_ai 26/vtss_ Aging Configuration: Enter into sta Age time: 300mode...
Page 268
<vid> : vlan id. 0, 1-4094. VID must be zero if vlan mode is not tag-based [alias] : mac alias name, max. 15 characters Possible value: <mac> : mac address <port> : 0-8 <vid> : 0, 1-4094 [alias] : mac alias name Example: SM8T2DPA(mac-static-mac)# add 00-02-03-04-05-06 3 0 aaa SM8T2DPA(mac-static-mac)# May., 2011 Revision A0...
Page 269
<mac> : mac address, format: 00-02-03-04-05-06 <vid> : vlan id. 0, 1-4094. VID must be zero if vlan mode is not tag-based Possible value: <mac> : mac address <vid> : 0, 1-4094 Example: SM8T2DPA(mac-static-mac)# del 00-02-03-04-05-06 0 SM8T2DPA(mac-static-mac)# show filter Syntax: show filter Description: To display the static filtering mac entry.
Page 270
1 to 8: available port number 0: disable mirror function Possible value: <#>: 1 to 8 Example: SM8T2DPA(mirror)# set mirror 2 set monitor-destination Syntax: set monitor-destination <range> Description: To set monitor destination port. The packets sent by this port will be copied to the monitoring port.
Page 271
<range>: the monitoring port that is chosen for the mirror function. Only one port is allowed to configure, available from 1 to 8 Possible value: <range>:1 to 8 Example: SM8T2DPA(mirror)# set monitor-source 18 SM8T2DPA(mirror)# show Port to mirror to: 1 Port Source Enable...
Page 272
1,5-7, available from 1 to 8 Possible value: Usage: migrate-check <port range> port range syntax: 1,5-7, available from 1 to 8 Example: SM8T2DPA (mstp)# migrate-check 1-2 set config Syntax: set config <Max Age><Forward Delay><Max Hops> Description: To set max age,forward delay,max hops.
Page 273
<Max Age> : available from 6 to 40. Recommended value is 20 <Forward Delay(sec)> : available from 4 to 30. Recommended value is 15 <Max Hops> : available from 6 to 40. Recommended value is 20 Example: SM8T2DPA(mstp)# set config 20 15 20 SM8T2DPA(mstp)# set msti-vlan Syntax: set msti-vlan <instance-id><vid-string>...
Page 274
<admin edge> : 0->non-edge port,1->edge ports Possible value: <port range> syntax: 1,5-7, available from 1 to 8 <admin edge> : 0->non-edge port,1->edge ports Example: SM8T2DPA(mstp)# set p-edge 10-12 0 SM8T2DPA(mstp)# set p-hello Syntax: set p-hello <port range> <hello time> Description:...
Page 275
<Instance Priority> : must be a multiple of 4096,available from 0 to 61440 Possible value: <instance-id> : 0->CIST; 1-4095->MSTI <Instance Priority> : 0 to 61440 Example: SM8T2DPA(mstp)# set priority 0 4096 SM8T2DPA(mstp)# enable MSTP started SM8T2DPA(mstp)# show instance 0 mstp status : enabled...
Page 276
<port range> syntax: 1,5-7, available from 1 to 8 <restricted tcn> : 0->false,1->True Possible value: <port range> : 1 to 8 <restricted tcn> : 0->false,1->True Example: SM8T2DPA(mstp)# set r-tcn 1-5 1 SM8T2DPA(mstp)# set r-tcn 6-8 1 SM8T2DPA(mstp)# show pconf 0 Port Path Cost Priority Hello Edge-Port Role system Enter in ==== ========= ======== ===== ========= ===== ====== =====...(q to quit)
Page 277
Possible value: <string> :1-32 Example: SM8T2DPA(mstp)# set region-name test2 SM8T2DPA(mstp)# show region-info Name : test2 Revision : 0 Instances : 0 SM8T2DPA(mstp)# set revision-level Syntax: set rev <revision-level> Description: To set mstp revision-level(0~65535) Argument: <revision-level> :0~65535 Possible value: <revision-level> :0~65535...
Page 278
<instance-id> :0->CIST;1-4095->MSTI Possible value: <instance-id> :0->CIST;1-4095->MSTI Example: SM8T2DPA(mstp)# show instance 0 mstp status : enabled force version : 2 instance id: 0 bridge max age : 20 bridge forward delay : 15 bridge max hops : 20 instance priority : 4096...
Page 279
Syntax: show ports <instance-id> Description: To show port status Argument: instance-id:0->CIST;1-4095->MSTI Possible value: <instance-id> :0->CIST;1-4095->MSTI Example: SM8T2DPA(mstp)# show ports 0 show region-info Syntax: show region-info Description: To show region config Argument: none Possible value: none Example: SM8T2DPA(mstp)# show region-info...
Page 280
Synopsis: add name George ip 192.168.1.1-192.168.1.90 port 2-5,8 type h,s action a Synopsis: add name Mary ip 192.168.2.1-192.168.2.90 action deny Possible value: None Example: SM8T2DPA(policy)# add name Mary ip 192.168.3.1-192.168.3.4 action deny SM8T2DPA(policy)# show 1) Name : george IP Range : 192.168.1.1-192.168.1.90...
Page 281
: rule2 IP Range : 192.168.4.23-192.168.4.33 Action : Deny Access Type : TELENT SNMP Port : 6 7 8 SM8T2DPA(policy)# delete 2 SM8T2DPA(policy)# show 1) Name : rule1 IP Range : 192.168.4.5-192.168.4.22 Action : Deny Access Type : HTTP TELENT SNMP...
Page 282
<port range> syntax : 1,5-7, available from 1 to 8 <description> : set port description, max 47 characters Possible value: <port range> : 1 to 8 <description> : max 47 characters Example: SM8T2DPA(port)# set description 3-8 salesdepartment SM8T2DPA(port)# show config Speed/ Flow Maximum ExcessiveSynopsis: add name George ip 192.168.1.77-...
Page 283
Argument: <port range> syntax : 1,5-7, available from 1 to 8 Possible value: <port range> : 1 to 8 Example: SM8T2DPA(port)# set excessive-collision 6-8 restart SM8T2DPA(port)# show config Speed/ Flow Maximum Excessive Port Duplex Control Frame Collision Description a list of...
Page 284
<port range> syntax : 1,5-7, available from 1 to 8 <value> : Allowed value are 1518-9600 bytes. Possible value: <port range> syntax : 1 to 8 <value> : 1518-9600 bytes. Example: SM8T2DPA(port)# set max-frame 3-6 1518 SM8T2DPA(port)# show config Speed/ Flow Maximum Excessiveommands 2 Auto...
Page 285
1,5-7, available from 1 to 8 0: Disable, 1: Enable Possible value: <port-index>: 1 to 8 <power saving>:0: Disable, 1: Enable Example: SM8T2DPA(port)# set powersaving 2 1 SM8T2DPA(port)# show config Syntax: show config Description: To display the each port’s configuration information.
Page 286
Description: To display the display detail port counter. Argument: <port>: port, available from 1 to 8 Possible value: <port>:1 ~ 8 Example: SM8T2DPA (port)# show detail-counter 3 Rx Multicast Tx Multicast Rx Broadcast Tx Broadcast 5251 Rx Pause Tx Pause...
Page 287
: none Mon3 (RX PWR) : none show simple-counter Syntax: show simple-counter Description: To display the summary counting of each port’s traffic. Argument: None. Possible value: None. Example: SM8T2DPA (port)# show simple-counter set max-frame Set per-port maximum frame size Rev.A0 1-May-11...
Page 288
Syntax: show status Description: To display the port’s current status. Argument: None. Possible value: None. Example: SM8T2DPA(port)# show status Speed/1G/Full Disable Port Link Duplex Rx Pause Tx Pause Description 3 Auto Disabled 9600 Discard 2 Down Down Disabled Disabled...
Page 289
Argument: #: Number of classes, available 1, 2, 4 Possible value: <#>: 1,2,4 Example: SM8T2DPA(qos-ports)# set class 2 SM8T2DPA(qos-ports)# set port Syntax: set port <range> <default class> <qcl> <user priority> <queuing mode> <lo w queue weighted> <normal queue weighted> <medium queue weighted> <high queue we ighted>...
Page 290
<medium queue weighted> : 1 / 2 / 4 / 8 <high queue weighted>: 1 / 2 / 4 / 8 Example: SM8T2DPA(qos-ports)# set port 2 medium 1 3 weithted 2 2 2 2 SM8T2DPA(qos-ports)# show 2 Medium Weighted Fair...
Page 291
< tagpriority> : tag priority, available from 1 to 8 <qce type> : ethernet <value> : 0xfff0 <class> : high Example: SM8T2DPA(qos-qcl)# set 2 0 3 ethernet 0xfff0 high SM8T2DPA(qos-qcl)# show 2 1 QCE Type: Ethernet Type Ethernet Type Value:0xfff0...
Page 292
'k' means kbps and 'm' means mbps shaper enabled: 1 means enable and 0 means disable rate: allowed values are 500kbps-1Gkps unit: 'k' means kbps and 'm' means mbps Example: SM8T2DPA(qos-rate)# set 2 1 1000 m 1 1000 m SM8T2DPA(qos-rate)# show 1000 Mbps 1000...
Page 293
<status> : 1 means enable and 0 means disable <rate> : 1, 2, 4, 8, 16, 32, 64, 128, 256, 512, 1k, 2k, 4k, 8k, 16k, 32k, 64k, 128k , 256k, 512k Example: SM8T2DPA(qos-storm)# set broadcast 1 512 SM8T2DPA(qos-storm)# show Frame Type Status...
Page 294
<status> : 1 means enable and 0 means disable <rate> : 1, 2, 4, 8, 16, 32, 64, 128, 256, 512, 1k, 2k, 4k, 8k, 16k, 32k, 64k, 128k , 256k, 512k Example: SM8T2DPA(qos-storm)# set unicast 1 128 SM8T2DPA(qos-storm)# show Frame Type Status...
Page 295
Description: The Disable here is used for the de-activation of snmp or set-community. Argument: None. Possible value: None. Example: SM8T2DPA(snmp)# disable snmp SM8T2DPA(snmp)# disable set-ability <<enable>> Syntax: enable set-ability enable snmp Description: The Enable here is used for the activation snmp or set-community.
Page 296
<community>:trap community name Possible value: <#>: 1 to 6 <port>:1~65535 Example: SM8T2DPA(snmp)# set get-community public SM8T2DPA(snmp)# set set-community private SM8T2DPA(snmp)# set trap 1 192.168.1.77 162 public show Syntax: show Description: The Show here is to display the configuration of SNMP. Argument: None.
Page 297
MCheck <range> Description: To force the port to transmit RST BPDUs. Argument: <range>: syntax 1,5-7, available from 1 to 8 Possible value: <range>: 1 to 8 Example: SM8T2DPA(stp)# Mcheck 1-8 disable Syntax: disable Description: To disable the STP function. Argument: None.
Page 298
<path cost>: 0, 1-200000000 <priority>: 0 to 240 <edge_port>: yes / no <admin p2p>: auto / true / false Example: SM8T2DPA(stp)# set port 1-16 0 128 yes auto set version Syntax: set version <stp|rstp> Description: To set up the version of STP.
Page 299
Description: To display the configuration of STP. Argument: None. Possible value: None. Example: SM8T2DPA(stp)# show config STP State Configuration Spanning Tree Protocol : Enabled Bridge Priority (0-61440) : 61440 Hello Time (1-10 sec) Max. Age (6-40 sec) : 20...
Page 300
Argument: <contact>:string length up to 40 characters. Possible value: <contact>: A, b, c, d, ... ,z and 1, 2, 3, …. etc. Example: SM8T2DPA(system)# set contact Taipei set device-name Syntax: set device-name <device-name string> Description: To set the device name description of the switch.
Page 301
Argument: <location>: string length up to 40 characters. Possible value: <location>: A, b, c, d, ... ,z and 1, 2, 3, …. etc. Example: SM8T2DPA(system)# set location Taipei show Syntax: show Description: To display the basic information of the switch.
Page 302
traplog clear Syntax: clear Description: To clear trap log. Argument: none Possible value: none Example: SM8T2DPA(traplog)# clear SM8T2DPA(traplog)# show time desc ---- --------------------------- ------------------------------------ show Syntax: show Description: To display the trap log. Argument: None. Possible value: None. Example: SM8T2DPA(tftp)# show 2 Mon Mar 17 15:18:38 2008gvrp mode>...
Page 303
: -5 to +5 : (01-12) : (01-31) : (00-23) : (01-12) : (01-31) : (00-23) Example: SM8T2DPA(time)# set daylightsaving 3 10/12/01 11/12/01 Save Successfully set manual Syntax: set manual <YYYY/MM/DD> <hh:mm:ss> Description: To set up the current time manually. Argument:...
Page 304
To set up the current time via NTP server. Argument: <ip>: ntp server ip address or domain name <timezone>: time zone (GMT), range: -12 to +13 Possible value: <timezone>: -12,-11…,0,1…,13 Example: SM8T2DPA(time)# set ntp clock.via.net 8 Synchronizing...(1) Synchronization success show Syntax: show Description: To show the time configuration, including “Current Time”, “NTP Server”,”...
Page 305
: set the LACP to passive mode Possible value: <port-range> : 1 to 8 <method>: static / lacp <group>: 1-8. <active LACP>: active / passive Example: SM8T2DPA(trunk)# set trunk 1-4 lacp 1 active show aggtr-view Syntax: show aggtr-view Description: To display the aggregator list. Argument: None.
Page 306
To display the detailed information of the LACP trunk group. Argument: <aggtr>: aggregator, available from 1 to 8 Possible value: <aggtr>: 1 to 8 Example: SM8T2DPA(trunk)# show lacp-detail 2 Aggregator 2 Information: Actor Partner --------------------------------- --------------------------------- System Priority MAC Address...
Page 307
Description: To delete the port-based vlan group. Argument: <name>: which vlan group you want to delete. Possible value: <name>: port-vlan name Example: SM8T2DPA(vlan)# del port-group VLAN-2 del tag-group Syntax: del tag-group <vid> Description: To delete the tag-based vlan group. Argument: <vid>: which vlan group you want to delete, available from 1 to 4094...
Page 308
Possible value: <vid>: 1 to 4094 Example: SM8T2DPA(vlan)# del tag-group 2 disable drop-untag Syntax: disable drop-untag <range> Description: Don’t drop the untagged frames. Argument: <range> : which port(s) you want to set, syntax 1,5-7, available from 1 to 8 Possible value: <range>: 1 to 8...
Page 309
To set double-tag per port and enable Q-in-Q VLAN function on switch. Argument: <range >: 1,5-7, available from 1 to 8 0: disable 1: service provider port 2: customer port Possible value: <range>: 1 to 8 Example: SM8T2DPA(vlan)# set double-tag 3 1 SM8T2DPA(vlan)# May., 2011 Revision A0...
Page 310
<hybrid>: Tag all frames except a specific VID <vid>: untag-vid for hybrid port Possible value: <range>: 1 to 8 <vid>: 1 to 4094 Example: SM8T2DPA(vlan)# set port-role 5 hybrid 6 set pvid Syntax: set pvid <range> <pvid> Description: To set the pvid of vlan.
Page 311
<#>: sym/asym vlan setting. 1: symmetric vlan, 0: asymmetric vlan Possible value: <vid>: 1 to 4094 <range>: 1 to 8 <#>: 0 or 1 Example: SM8T2DPA(vlan)# set tag-group 2 VLAN-2 2-5,6,7-8 0 show group Syntax: show group Description: To display the vlan mode and vlan group.
Page 312
2 - None (for method2 only) Possible value: <method>: 0 - Local 1 - TACACS (Authentication) 2 - None (for method2 only). Example: SM8T2DPA(tac-plus)# set console-authentication 0 1 删除的内容: ES-2226C Server connect! Set host Syntax: set host <#> <ip> Description:...
Page 313
<#>: Host number, range: 1 to 2 <ip>: xxx.xxx.xxx.xxx Example: SM8T2DPA(tac-plus)# set host 1 192.168.30.200 Server connect! Set key Syntax: set key <secret-key> Description: To set TACACS+ Key Argument: <secret-key>: The length of secret-key is from 1 to 31 Possible value: <secret-key>: The length of secret-key is from 1 to 31...
Page 314
2 - None (for method2 only) Example: SM8T2DPA(tac-plus)# set telnet-authentication 0 1 Server connect! Set web-authentication Syntax: set web-authentication <method1> <method2> Description: To set web-authentication method Argument: <method>: available from 0 to 2 0 - Local 1 - TACACS (Authentication)
Page 315
Example: SM8T2DPA(tac-plus)# enable authorization Server connect! Enable fallback-author Syntax: enable fallback-author Description: To enable fallback to Local Authorization Argument: None Possible value: None Example: SM8T2DPA(tac-plus)# enable fallback-author Server connect! Show authentication Syntax: show authentication Description: To show authentication config Argument:...
5. Maintenance 5-1. Resolving No Link Condition The possible causes for a no link LED status are as follows: The attached device is not powered on The cable may not be the correct type or is faulty The installed building premise cable is faulty ...
Appendix A Technical Specifications Features 2 fiber (SFP) switching ports are compliant with SX/LX..etc-LC. 8 Gigabit TP/SFP fiber are dual media ports with auto detected function. Non-blocking store-and-forward shared-memory Web-Smart switched. Supports auto-negotiation for configuring speed, duplex mode. ...
Page 319
Voltage 100240 V Frequency 5060 Hz Consumption Ambient Temperature : 0 to 40C Humidity : 5% to 90% Dimensions : 44(H) 280(W) 166(D) mm Comply with FCC Part 15 Class A & CE Mark Approval Management Software Specifications Auto-negotiation support on 10/100/1000 Base- TX ports, Web browser or console interface can...
Appendix B Null Modem Cable Specifications The DB-9 cable is used for connecting a terminal or terminal emulator to the Managed Switch’s RS-232 port to access the command-line interface. The table below shows the pin assignments for the DB-9 cable. Function Mnemonic Carrier...
Page 321
10900 Red Circle Drive Minnetonka, MN 55344 Tel.: +1.952.941.7600 techsupport@transition.com...
Need help?
Do you have a question about the SM8T2DPA and is the answer not in the manual?
Questions and answers