Page 1 24-Port 10/100/1000Base-T + 2-Port 10G SFP+ Full Management High Power PoE Switch ALL-SG8826PMX-10G User’s Manual...
Page 2 FCC Warning This Equipment has been tested and found to comply with the limits for a Class-A digital device, pursuant to Part 15 of the FCC rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation. This equipment generates, uses, and can radiate radio frequency energy.
Page 3: Table Of Contents
Table of Contents 1. Product Overview ..........................8 1.1. Major Management Features ....................9 1.2. Specification ..........................10 1.3. Packet Contents .......................... 13 2. Hardware Description ........................14 3. Preparation for Management ....................... 16 3.1. Preparation for Serial Console ....................17 3.2.
Page 4 4.5.2. LACP - Dynamic Aggregation ..................... 99 4.6. Loop Protection ........................100 4.7. Spanning Tree ..........................102 4.7.1. Spanning Tree / Bridge Setting ..................103 4.7.2. Spanning Tree / MSTI Mapping ..................105 4.7.3. Spanning Tree / MSTI Priorities ..................106 4.7.4.
Page 5 4.17.6. QoS / Port DSCP Configuration ..................160 4.17.7. QoS / DSCP based QoS Ingress Classification ............. 162 4.17.8. QoS / DSCP Translation ....................164 4.17.9. QoS / DSCP Classification ....................166 4.17.10. QoS / Control List Configuration ................. 167 4.17.11.
Page 6 6.1.2.2. Traffic Overview ......................225 6.1.2.3. QoS Statistics ........................226 6.1.2.4. QCL Status ........................227 6.1.2.5. Detailed Port Statistics ....................229 6.1.3. Monitor / Security ....................... 232 6.1.3.1. Security / Access Management Statistics ..............232 6.1.3.2. Security / Network ......................233 6.1.3.3.
Page 7 6.3.3.1. Firmware Update ......................309 6.3.3.2 Image Select ........................310 6.3.4. Configuration........................311 7. Safety Warnings ..........................313 8. CE ............................... 314 7 ...
Page 8: Product Overview
Two 10 Gigabit SFP+ Open Slots ALL-SG8826PMX-10G equips with 2 10G SFP+ open slots as the uplink ports, the 10G uplink design provides an excellent solution for expanding your network from 1G to 10G. By 10G speed, this product provides high flexibility and high bandwidth connectivity to another 10G switch or the Servers, Workstations and other attached devices which support 10G interface.
Page 9: Major Management Features
Advanced Security ALL-SG8826PMX-10G supports advanced security features. For switch management, there are secured HTTPS and SSH, the login password, configuration packets are secured. The port binding allows to bind specific MAC address to the port, only the MAC has the privilege to access the network.
Page 10: Specification
1.2. Specification Hardware Specification Total Port 10/100/1000 Mbps 1G SFP/10G SFP 10G SFP+ Port for Stacking Interface Auto-negotiation and Auto-MDIX Backpressure for half duplex, Flow Control 802.3x for full duplex Console (RS-232) System (State / Color) Port (State: Link/Act / Color) 416MHz Flash 16MB...
Page 11 Software Specification IEEE 802.3 - 10Base-T IEEE 802.3u - 100Base-TX IEEE 802.3ab - 1000Base-T IEEE 802.3z - 1000Base-SX/LX IEEE 802.3x - Flow Control IEEE 802.1Q - VLAN IEEE 802.1p - Class of Service Standard IEEE 802.1D - Spanning Tree IEEE 802.1w - Rapid Spanning Tree IEEE 802.1s - Multiple Spanning Tree IEEE 802.3ad - Link Aggregation Control Protocol (LACP) IEEE802.1v - Protocol VLAN...
Page 12 IGMP Snooping v1/v2/v3, MLD(Ipv6) Snooping v1/v2 Multicast Maximum 32 K Multicast Groups IGMP/MLD Querier, Router Port, Proxy, Immediate Leave Port Mirror (1 to 1, 1 to N, N to 1) Traffic Mirroring sFlow Dynamic MAC address management MAC Address Table Static MAC address Port Security (MAC-Port, IP-MAC-Port Binding) 802.1x authentication (Port based, MAC address based)
Page 13: Packet Contents
1.3. Packet Contents Before you start to install this switch, please verify your package that contains the following items:  One Network Switch  One Power Cord  One User Manual CD  One pair Rack-mount kit + 8 Screws 13 ...
Page 14: Hardware Description
Link Up 10/100/1000M 24(1~24) Green Blinking Data Activating linked to Power Green On 25~26 Device Green Blinking Data Activating 25~26 Rear Panel The 3-pronged power plug is placed at the rear panel of ALL-SG8826PMX-10G right side shown as below. 14 ...
Page 15 Hardware Installation ALL-SG8826PMX-10G is usually mounted in the 19” rack, the rack is usually installed in IT room or other secured place. ALL-SG8826PMX-10G supports AC power input and rack mounting. Make sure all the power cables, Ethernet cables, screws and the air circulation are well prepared and installed as below description.
Page 16: Preparation For Management
3. Preparation for Management ALL-SG8826PMX-10G provides both in-band and out-bands configuration methods. Out-band Management: You can configure ALL-SG8826PMX-10G via RS232 console cable if you don’t attach your admin PC to your network, or if you lose network connection to your switch. It wouldn’t be affected by network performance.
Page 17: Preparation For Serial Console
3.1. Preparation for Serial Console In the package, there is one RS-232 console cable. Please attach one end of the console cable to your PC COM port, the other end to the console port of the switch. 1. Go to Start -> Program -> Accessories -> Communication -> Hyper Terminal 2.
Page 18 Figure 3-3 Putty Login Screen 18 ...
Page 19: Preparation For Web Interface
3.2. Preparation for Web Interface The web management page allows you to use a standard web-browser such as Microsoft Internet Explorer, Google Chrome or Mozilla Firefox, to configure and interrogate the switch from anywhere on the network. Before you attempt to use the web user interface to manage switch operation, verify that your Switch is properly installed on your network and that every PC on this network can access the switch via the web browser.
Page 20 If you can't login the switch, the following steps can help you to identify the problem. 1. Switch to DOS command mode and type the "ipconfig" to check the NIC's setting. Type the "ping 192.168.2.1" to verify a normal response time. 2.
Page 21: Preparation For Telnet/Ssh Interface
3.3. Preparation for Telnet/SSH Interface If your Window OS is Win XP, Win 2000 or early version, you can access the Telnet console by default command. If your OS is Window 7 or later version, please download the terminal tool, such as HyperTeminal or Putty.
Page 22 3. After few seconds, the Telnet/SSH connection is established, the login page of Telnet/SSH is the same as console. The command line of Telnet, SSH and console are all the same. 22 ...
Page 23: Feature Configuration - Web Ui
4. Feature Configuration - Web UI The switch provides Abundant software features, after login the switch, you can start configuring the settings or monitoring the status. There would be a question mark on the right top of the screen, and you can also click the question mark to get help from the system. Following are the Web UI configuration guide for your reference.
Page 24: Ip Configuration
4.1.2. IP Configuration Configure the switch-managed IP information on this page. The Configured column is used to view or change the IP configuration. The Current column is used to show the active IP configuration. DHCP Client Enable the DHCP client by checking this box. If DHCP fails and the configured IP address is zero, DHCP will retry.
Page 25: Ipv6 Configuration
4.1.3. IPv6 Configuration Configure the switch-managed IPv6 information on this page: Configured column is used to view or change the IPv6 configuration. Current column is used to show the active IPv6 configuration. Auto Configuration Enable IPv6 auto-configuration by checking this box. If fails, the configured IPv6 address is zero. The router may delay responding to a router solicitation for a few seconds, the total time needed to complete auto-configuration can be significantly longer.
Page 26: Ntp Configuration
4.1.4. NTP Configuration: NTP is short of Network Time Protocol. Network Time Protocol (NTP) is used to synchronize time clocks on the internet. You can configure NTP Servers' IP address here to synchronize the clocks of the remote time server on the network. This page indicates the NTP mode operation: Mode The Possible modes are:...
Page 27: System Log Configuration
4.1.5. System Log Configuration: System Log is useful to provide system administrator monitor switch events history. The switch supports system log (syslog) server mode. User can install the syslog server in one computer, then configure the server address and event types in the switch's system log configuration. When the events occur, the switch will send information or warning message to the system log (syslog) server.
Page 28: Power Reduction
4.2. Power Reduction 4.2.1. EEE Configuration: This page allows the user to inspect and configure the current EEE port settings: EEE is a power saving option that reduces the power usage when there is very low traffic utilization (or no traffic). EEE works by powering down circuits when there is no traffic.
Page 29: Port Configuration
4.3. Port Configuration: This page displays current port configurations and link status. Some of the Ports' settings can also be configured here. Port This is the port number for this row. Link The current link state is displayed graphically. Green indicates the link is up and red that it is down. Current Link Speed Provides the current link speed of the port.
Page 30 Flow Control When Auto Speed is selected on a port, this section indicates the flow control capability that is advertised to the link partner. When a fixed-speed setting is selected, that is what is used. The Current Rx column indicates whether pause frames on the port are obeyed, and the Current Tx column indicates whether pause frames on the port are transmitted.
Page 31: Security Configuration
4.4. Security Configuration: The Security Configuration feature includes 3 sub-titles, Switch, Network and AAA. 4.4.1. Security / Switch The switch settings includes User Database, Privilege Levels, Authentication Method, SSH, HTTPs, Access Management, SNMP and RMON setting. Following are the topic and configuration guide. 4.4.1.1.
Page 32 Password The password of the user. The allowed string length is 0 to 32. Privilege Level The privilege level of the user. The allowed range is 1 to 15. If the privilege level value is 15, it can access all groups, i.e. that is granted the fully control of the device.
Page 33: Security / Switch / Privilege Levels Configuration
4.4.1.2. Security / Switch / Privilege Levels Configuration: This page provides an overview of the privilege levels. Group Name The name identifying the privilege group. In most cases, a privilege level group consists of a single module (e.g. LACP, RSTP or QoS), but a few of them contains more than one. The following description defines these privilege level groups in details: System: Contact, Name, Location, Time zone, Log.
Page 34: Security / Switch / Auth Method
4.4.1.3. Security / Switch / Auth Method This page allows you to configure how a user is authenticated when he logs into the switch via one of the management client interfaces. The table has one row for each client type and a number of columns, which are: Client The management client for which the configuration below applies.
Page 35: Security /Switch / Ssh Configuration
4.4.1.4. Security /Switch / SSH Configuration With SSH, you can remotely connect to the switch by command line interface. The SSH connection can secure all the configuration commands you sent to the switch. It is also known as secured Telnet console. To access the switch by SSH, you should install SSH client on your computer, such as PuTTY console tool.
Page 36: Security / Switch / Https Configuration
4.4.1.5. Security / Switch / HTTPS Configuration The web management page also provides secured management HTTPS login. All the configuration commands will be secured and will be hard for the hackers to sniff the login password and configuration commands. This page allows you to configure HTTPS mode. Mode Indicates the HTTPS mode operation.
Page 37: Security / Switch / Access Management Configuration
4.4.1.6. Security / Switch / Access Management Configuration The Access Management mode allows user to limit the switch access with specific range of IP address and disable some remote management service, such HTTP, HTTPS, SNMP, Telnet and SSH. This feature is important while user installed the switch on network. After enabled the Access Management, only the pre-configured IP address or a range of IP address can access the switch management interface, and only the available service can be accessed.
Page 38 Buttons Add New Entry: Click to add a new group entry Save: Click to save changes Reset: Click to undo any changes made locally and revert to previously saved values 38 ...
Page 39: Security / Switch / Snmp
4.4.1.7. Security / Switch / SNMP Simple Network Management Protocol (SNMP) is a protocol used for exchanging management information between network devices. The switch supports SNMP and equips lots of OIDs for remote management. All the OIDs are unique and corresponding to one feature/command.
Page 40 Write Community Indicates the community write access string to permit access to SNMP agent. The allowed string length is 0 to 255, and the allowed content is the ASCII characters from 33 to 126. The field is applicable only when SNMP version is SNMPv1 or SNMPv2c. If SNMP version is SNMPv3, the community string will be associated with SNMPv3 communities table.
Page 41 Trap Destination IPv6 Address Provide the trap destination IPv6 address of this switch. IPv6 address is in 128-bit records represented as eight fields of up to four hexadecimal digits with a colon separating each field (:). For example, 'fe80::215:c5ff:fe03:4dc7'. The symbol '::' is a special syntax that can be used as a shorthand way of representing multiple 16-bit groups of contiguous zeros;...
Page 42 SNMPv3 Community Configuration In SNMP V3, it is start to support User Name and its privilege. You can configure SNMPv3 community table on this page: The entry index key is Community. Delete Check to delete the entry. It will be deleted during the next save. Community Indicates the community access string to permit access to SNMPv3 agent.
Page 43 SNMPv3 User Configuration Configure SNMPv3 user table on this page. The entry index keys are Engine ID and User Name. Delete Check to delete the entry. It will be deleted during the next save. Engine ID An octet string identifying the engine ID that this entry should belong to. The string must contain an even number(in hexadecimal format) with number of digits between 10 and 64, but all-zeros and all-'F's are not allowed.
Page 44 The value of security level cannot be modified if entry already exists. That means must first ensure that the value is set correctly. Authentication Password A string identifying the authentication password phrase. For MD5 authentication protocol, the allowed string length is 8 to 32. For SHA authentication protocol, the allowed string length is 8 to 40.
Page 45 SNMPv3 Group Configuration Configure SNMPv3 group table on this page: The entry index keys are Security Mode Security Name. Delete Check to delete the entry. It will be deleted during the next save. Security Model Indicates the security model that this entry should belong to. Possible security models are: Reserved for SNMPv1.
Page 46 SNMPv3 View Configuration Configure SNMPv3 view table on this page. The entry index keys are View Name OID Sub-tree. Delete Check to delete the entry. It will be deleted during the next save. View Name A string identifying the view name that this entry should belong to. The allowed string length is 1 to 32, and the allowed content is ASCII characters from 33 to 126.
Page 47 SNMPv3 Access Configuration Configure SNMPv3 access table on this page. The entry index keys are Group Name, Security Model, Security Level. Delete Check to delete the entry. It will be deleted during the next save. Group Name A string identifying the group name that this entry should belong to. The allowed string length is 1 to 32, and the allowed content is ASCII characters from 33 to 126.
Page 48 Read View Name The name of the MIB view defining the MIB objects for which this request may request the current values. The allowed string length is 1 to 32, and the allowed content is ASCII characters from 33 to 126. Write View Name The name of the MIB view defining the MIB objects for which this request may potentially set new values.
Page 49: Rmon Statistics Configuration
4.4.1.8. RMON Statistics Configuration RMON is short of Remote Monitoring On Network. An RMON implementation typically operates in a client/server model. Monitoring device (Probe) contains RMON software agents that collect information of the system and ports. The RMON software agent acts as server, and the network management system (NMS) that communicate with it acts as client.
Page 50 RMON Statistics Configuration Configure RMON Statistics table on this page. The entry index key is Delete Check to delete the entry. It will be deleted during the next save. Indicates the index of the entry. The range is from 1 to 65535. Data Source Indicates the port ID which wants to be monitored.
Page 51 RMON History Configuration Configure RMON History table on this page. The entry index key is Delete Check to delete the entry. It will be deleted during the next save. Indicates the index of the entry. The range is from 1 to 65535. Data Source Indicates the port ID which wants to be monitored.
Page 52 RMON Alarm Configuration Configure RMON Alarm table on this page. The entry index key is Delete Check to delete the entry. It will be deleted during the next save. Indicates the index of the entry. The range is from 1 to 65535. Interval Indicates the interval in seconds for sampling and comparing the rising and falling threshold.
Page 53 Sample Type The method of sampling the selected variable and calculating the value to be compared against the thresholds, possible sample types are: Absolute: Get the sample directly. Delta: Calculate the difference between samples (default). Value The value of the statistic during the last sampling period. Startup Alarm The method of sampling the selected variable and calculating the value to be compared against the thresholds, possible sample types are:...
Page 54 RMON Event Configuration Configure RMON Event table on this page. The entry index key is ID. Delete Check to delete the entry. It will be deleted during the next save. Indicates the index of the entry. The range is from 1 to 65535. Desc Indicates this event, the string length is from 0 to 127, default is a null string.
Page 55: Security /Network
4.4.2. Security /Network 4.4.2.1. Port Security Limit Control Configuration This page allows you to configure the Port Security Limit Control system and port settings. Limit Control allows for limiting the number of users on a given port. A user is identified by a MAC address and VLAN ID.
Page 56 System Configuration Mode Indicates if Limit Control is globally enabled or disabled on the switch. If globally disabled, other modules may still use the underlying functionality, but limit checks and corresponding actions are disabled. Aging Enabled If checked, secured MAC addresses are subject to aging as discussed under Aging Period. Aging Period If Aging Period is checked, then the aging period is controlled with this input.
Page 57 Port Configuration The table allows you to configure the Port Configuration parameters, which are: Port The port number to which the configuration below applies. Mode Controls whether Limit Control is enabled on this port. Both this and the Global Mode must be set to Enabled for Limit Control to be in effect.
Page 58 State This column shows the current state of the port as seen from the Limit Control's point of view. The state takes one of four values: Disabled: Limit Control is either globally disabled or disabled on the port. Ready: The limit is not yet reached. This can be shown for all actions. Limit Reached: Indicates that the limit is reached on this port.
Page 59: Security / Network / Network Access Server Configuration
4.4.2.2. Security / Network / Network Access Server Configuration This page allows you to configure the IEEE802.1X and MAC-based authentication system and port settings. The IEEE 802.1X standard defines a port-based access control procedure that prevents unauthorized access to a network by requiring users to first submit credentials for authentication.
Page 60 System Configuration Mode Indicates if NAS is globally enabled or disabled on the switch. If globally disabled, all ports are allowed forwarding of frames. Re-authentication Enabled If checked, successfully authenticated supplicants/clients are re-authenticated after the interval specified by the Re-authentication Period. Re-authentication for 802.1X-enabled ports can be used to detect if a new device is plugged into a switch port or if a supplicant is no longer attached.
Page 61 Hold Time This setting applies to the following modes, i.e. modes using the Port Security functionality to secure MAC addresses: • Single 802.1X • Multi 802.1X • MAC-Based Auth. If a client is denied access - either because the RADIUS server denies the client access or because the RADIUS server request times out (according to the timeout specified on the "Configuration→Security→AAA"...
Page 62 Guest VLAN Enabled A Guest VLAN is a special VLAN - typically with limited network access - on which 802.1X-unaware clients are placed after a network administrator-defined timeout. The switch follows a set of rules for entering and leaving the Guest VLAN as listed below. The "Guest VLAN Enabled"...
Page 63 Port Configuration The table has number of columns which allows you to configure the port mode based on IEEE 802.1X standard. Select the port and configure the settings. Port The port number for which the configuration below applies. Admin State If NAS is globally enabled, this selection controls the port's authentication mode.
Page 64 Port-based 802.1X In the 802.1X-world, the user is called the supplicant, the switch is the authenticator, and the RADIUS server is the authentication server. The authenticator acts as the man-in-the-middle, forwarding requests and responses between the supplicant and the authentication server. Frames sent between the supplicant and the switch are special 802.1X frames, known as EAPOL (EAP Over LANs) frames.
Page 65 valid credentials within a certain amount of time, another supplicant will get a chance. Once a supplicant is successfully authenticated, only that supplicant will be allowed access. This is the most secure of all the supported modes. In this mode, the Port Security module is used to secure a supplicant's MAC address once successfully authenticated.
Page 66 RADIUS-Assigned QoS Enabled When RADIUS-Assigned QoS is both globally enabled and enabled (checked) on a given port, the switch reacts to QoS Class information carried in the RADIUS Access-Accept packet transmitted by the RADIUS server when a supplicant is successfully authenticated. If present and valid, traffic received on the supplicant's port will be classified to the given QoS Class.
Page 67 RADIUS attributes used in identifying a VLAN ID: RFC2868 and RFC3580 form the basis for the attributes used in identifying a VLAN ID in an Access-Accept packet. The following criteria are used: • The Tunnel-Medium-Type, Tunnel-Type, and Tunnel-Private-Group-IDattributes must all be present at least once in the Access-Accept packet.
Page 68 entering the Guest VLAN. While in the Guest VLAN, the switch monitors the link for EAPOL frames, and if one such frame is received, the switch immediately takes the port out of the Guest VLAN and starts authenticating the supplicant according to the port mode. If an EAPOL frame is received, the port will never be able to go back into the Guest VLAN if the "Allow Guest VLAN if EAPOL Seen"...
Page 69: Security / Network / Access Control List Configuration
4.4.2.3. Security / Network / Access Control List Configuration Configure the ACL parameters (ACE) of each switch port. These parameters will affect frames received on a port unless the frame matches a specific ACE. The settings relate to the currently selected stack unit, as reflected by the page header. Port The logical port for the settings contained in the same row.
Page 70 Rate Limiter ID Select which rate limiter to apply on this port. The allowed values are Disabled or the values through 16. The default value is "Disabled". SelectDisabledPort Copy Select which port frames are copied on. The allowed values are Disabled or a specific port number.
Page 71 ACL Rate Limiters Configuration Configure the rate limiter for the ACL of the switch Rate Limiter ID The rate limiter ID for the settings contained in the same row. Rate The allowed values are: 0-3276700 in pps 0,100,200,300,…,1000000 in kbps. Unit Specify the rate unit.
Page 72 Access Control List Configuration This page shows the Access Control List (ACL), which is made up of the ACEs defined on this switch. Each row describes the ACE that is defined. The maximum number of ACEs is each switch. Click on the lowest plus sign to add a new ACE to the list. The reserved ACEs used for internal protocol, cannot be edited or deleted, the order sequence cannot be changed and the priority is highest.
Page 73 Frame Type Indicates the frame type of the ACE. Possible values are: Any: The ACE will match any frame type. EType: The ACE will match Ethernet Type frames. Note that an Ethernet Type based ACE will not get matched by IP and ARP frames. ARP: The ACE will match ARP/RARP frames.
Page 74 Buttons Auto-refresh: Check this box to refresh the page automatically. Automatic refresh occurs at regular intervals. Refresh: Click to refresh the page. Note that non-committed changes will be lost. Clear: Click to clear the counter Remove All: Click to remove all ACEs 74 ...
Page 75 ACE Configuration Configure an ACE (Access Control Entry) on this page. An ACE consists of several parameters. These parameters vary according to the frame type that you select. First select the ingress port for the ACE, and then select the frame type. Different parameter options are displayed depending on the frame type selected.
Page 76 Frame Type Select the frame type for this ACE. These frame types are mutually exclusive. Any: Any frame can match this ACE. Ethernet Type: Only Ethernet Type frames can match this ACE. The IEEE 802.3 describes the value of Length/Type Field specifications to be greater than or equal to 1536 decimal (equal to 0600 hexadecimal).
Page 77 The default value is "Disabled". Logging Specify the logging operation of the ACE. The allowed values are: Enabled: Frames matching the ACE are stored in the System Log. Disabled: Frames matching the ACE are not logged. Please note that the System Log memory size and logging rate is limited. Shutdown Specify the port shut down operation of the ACE.
Page 78 VLAN Parameters 802.1Q Tagged Specify whether frames can hit the action according to the 802.1Q tagged. The allowed values are: Any: Any value is allowed ("don't-care"). Enabled: Tagged frame only. Disabled: Untagged frame only. The default value is "Any". VLAN ID Filter Specify the VLAN ID filter for this ACE.
Page 79 ARP Parameters The ARP parameters can be configured when Frame Type "ARP" is selected. ARP/RARP Specify the available ARP/RARP opcode (OP) flag for this ACE. Any: No ARP/RARP OP flag is specified. (OP is "don't-care".) ARP: Frame must have ARP/RARP opcode set to ARP. RARP: Frame must have ARP/RARP opcode set to RARP.
Page 80 ARP SMAC Match Specify whether frames can hit the action according to their sender hardware address field (SHA) settings. 0: ARP frames where SHA is not equal to the SMAC address. 1: ARP frames where SHA is equal to the SMAC address. Any: Any value is allowed ("don't-care").
Page 81 IP Parameters The IP parameters can be configured when Frame Type "IPv4" is selected. IP Protocol Filter Specify the IP protocol filter for this ACE. Any: No IP protocol filter is specified ("don't-care"). Specific: If you want to filter a specific IP protocol filter with this ACE, choose this value. A field for entering an IP protocol filter appears.
Page 82 SIP Filter Specify the source IP filter for this ACE. Any: No source IP filter is specified. (Source IP filter is "don't-care".) Host: Source IP filter is set to Host. Specify the source IP address in the SIP Address field that appears.
Page 83 ICMP Parameters ICMP Type Filter Specify the ICMP filter for this ACE. Any: No ICMP filter is specified (ICMP filter status is "don't-care"). Specific: If you want to filter a specific ICMP filter with this ACE, you can enter a specific ICMP value.
Page 84 TCP/UDP Parameters TCP/UDP Source Filter Specify the TCP/UDP source filter for this ACE. Any: No TCP/UDP source filter is specified (TCP/UDP source filter status is "don't-care"). Specific: If you want to filter a specific TCP/UDP source filter with this ACE, you can enter a specific TCP/UDP source value.
Page 85 TCP SYN Specify the TCP "Synchronize sequence numbers" (SYN) value for this ACE. 0: TCP frames where the SYN field is set must not be able to match this entry. 1: TCP frames where the SYN field is set must be able to match this entry. Any: Any value is allowed ("don't-care").
Page 86 Ethernet Type Parameters The Ethernet Type parameters can be configured when Frame Type "Ethernet Type" is selected. EtherType Filter Specify the Ethernet type filter for this ACE. Any: No EtherType filter is specified (EtherType filter status is "don't-care"). Specific: If you want to filter a specific EtherType filter with this ACE, you can enter a specific EtherType value.
Page 87: Switch / Network / Dhcp Configuration
4.4.2.4. Switch / Network / DHCP Configuration DHCP Snooping Configuration Configure DHCP Snooping on this page. Snooping Mode Indicates the DHCP snooping mode operation. Possible modes are: Enabled: Enable DHCP snooping mode operation. When DHCP snooping mode operation is enabled, the DHCP request messages will be forwarded to trusted ports and only allow reply packets from trusted ports.
Page 88 DHCP Relay Configuration Configure DHCP Relay on this page. Relay Mode Indicates the DHCP relay mode operation. Possible modes are: Enabled: Enable DHCP relay mode operation. When DHCP relay mode operation is enabled, the agent forwards and transfers DHCP messages between the clients and the server when they are not in the same subnet domain.
Page 89 Possible modes are: Enabled: Enable DHCP relay information mode operation. When DHCP relay information mode operation is enabled, the agent inserts specific information (option 82) into a DHCP message when forwarding to DHCP server and removes it from a DHCP message when transferring to DHCP client.
Page 90: Ip Source Guard Configuration
4.4.2.5. IP Source Guard Configuration IP Source Guard Configuration This page provides IP Source Guard related configuration. Mode of IP Source Guard Configuration Enable the Global IP Source Guard or disable the Global IP Source Guard. All configured ACEs will be lost when the mode is enabled. Port Mode Configuration Specify IP Source Guard is enabled on which ports.
Page 91 Static IP Source Guard Table Delete Check to delete the entry. It will be deleted during the next save. Port The logical port for the settings. VLAN ID The vlan id for the settings. IP Address Allowed Source IP address. MAC address Allowed Source MAC address.
Page 92: Arp Inspection
4.4.2.6. ARP Inspection ARP Inspection This page provides ARP Inspection related configuration. Mode of ARP Inspection Configuration Enable the Global ARP Inspection or disable the Global ARP Inspection. Port Mode Configuration Specify ARP Inspection is enabled on which ports. Only when both Global Mode and Port Mode on a given port are enabled, ARP Inspection is enabled on this given port.
Page 93 Static ARP Inspection Table Delete Check to delete the entry. It will be deleted during the next save. Port The logical port for the settings. VLAND ID The vlan id for the settings. MAC Address Allowed Source MAC address in ARP request packets. IP Address Allowed Source IP address in ARP request packets.
Page 94: Security / Aaa Authentication Server Configuration
4.4.3. Security / AAA Authentication Server Configuration This page allows you to configure the Authentication Servers. Common Server Configuration These setting are common for all of the Authentication Servers. Timeout The Timeout, which can be set to a number between 3 and 3600 seconds, is the maximum time to wait for a reply from a server.
Page 95 RADIUS Authentication Server Configuration The table has one row for each RADIUS Authentication Server and a number of columns, which are: The RADIUS Authentication Server number for which the configuration below applies. Enabled Enable the RADIUS Authentication Server by checking this box. IP Address/Hostname The IP address or hostname of the RADIUS Authentication Server.
Page 96 TACACS+ Authentication Server Configuration The table has one row for each TACACS+ Authentication Server and a number of columns, which are: The TACACS+ Authentication Server number for which the configuration below applies. Enabled Enable the TACACS+ Authentication Server by checking this box. IP Address/Hostname The IP address or hostname of the TACACS+ Authentication Server.
Page 97: Aggregation Configuration
4.5. Aggregation Configuration Link Aggregation is also known as Port Trunking. It allows user using multiple ports in parallel to increase the link speed beyond the limits of a port and to increase the redundancy for higher availability. The switch support both Static and Dynamic link aggregation, LACP. The switch also supports different Hash mechanism to forward traffic according to the MAC address or IP, Protocol Port Number.
Page 98 Aggregation Group Configuration Group ID Indicates the group ID for the settings contained in the same row. Group ID "Normal" indicates there is no aggregation. Only one group ID is valid per port. Port Members Each switch port is listed for each group ID. Select a radio button to include a port in an aggregation, or clear the radio button to remove the port from the aggregation.
Page 99: Lacp - Dynamic Aggregation
4.5.2. LACP - Dynamic Aggregation This page allows the user to inspect the current LACP port configurations, and possibly change them as well. Port The switch port number. LACP Enabled Controls whether LACP is enabled on this switch port. LACP will form an aggregation when 2 or more ports are connected to the same partner.
Page 100: Loop Protection
4.6. Loop Protection This page allows the user to inspect the current Loop Protection configurations, and possibly change them as well. The loop protection feature is very important to protect the unexpected network loop, especially when you install the switch on the internet. The incorrect installation, failure media, or hacker attacking may create network loop.
Page 101 Port Configuration Port The switch port number of the port. Enable Controls whether loop protection is enabled on this switch port. Action Configures the action performed when a loop is detected on a port. The valid values are: Shutdown Port: Shutdown the port until the Shutdown Time timeout. Shutdown Port and Log: Shutdown the port and log the status.
Page 102: Spanning Tree
4.7. Spanning Tree The switch supports Multiple Spanning Tree Protocol (MSTP), Rapid Spanning Tree Protocol (RSTP) and Legacy Spanning Tree Protocol (STP). The STP and RSTP is combined and defined in IEEE 802.1D-2004, Rapid Spanning Tree Protocol. The RSTP protocol is applied to single network domain no matter how many VLANs in your network. In RSTP domain, one of the switch acts as the Root Switch and block one of the link with highest path cost to avoid network loop.
Page 103: Spanning Tree / Bridge Setting
4.7.1. Spanning Tree / Bridge Setting This page allows you to configure STP system settings. The settings are used by all STP Bridge instances in the Switch. Basic Settings Protocol Version The STP protocol version setting. Valid values are STP, RSTP, and MSTP.
Page 104 Advanced Settings This section descript the advanced settings of the Spanning Tree Protocol. Edge Port BPDU Filtering Control whether a port explicitly configured as Edge will transmit and receive BPDUs. Edge Port BPDU Guard Control whether a port explicitly configured as Edge will disable itself upon reception of a BPDU. The port will enter the error-disabled state, and will be removed from the active topology.
Page 105: Spanning Tree / Msti Mapping
4.7.2. Spanning Tree / MSTI Mapping This page allows the user to inspect the current STP MSTI bridge instance priority configurations, and possibly change them as well. Configuration Identification Configuration Name The name identifying the VLAN to MSTI mapping. Bridges must share the name and revision (see below), as well as the VLAN-to-MSTI mapping configuration in order to share spanning trees for MSTI's (Intra-region).
Page 106: Spanning Tree / Msti Priorities
4.7.3. Spanning Tree / MSTI Priorities This page allows the user to inspect the current STP MSTI bridge instance priority configurations, and possibly change them as well. MSTI The bridge instance. The CIST is the default instance, which is always active Priority Controls the bridge priority.
Page 107: Spanning Tree / Cist Ports
4.7.4. Spanning Tree / CIST Ports This page allows the user to inspect the current STP CIST port configurations, and possibly change them as well. This page contains settings for physical and aggregated ports. The STP port settings relate to the currently selected stack unit, as reflected by the page header. Port The switch port number of the logical STP port.
Page 108 Restricted TCN If enabled, causes the port not to propagate received topology change notifications and topology changes to other ports. If set it can cause temporary loss of connectivity after changes in a spanning tree's active topology as a result of persistently incorrect learned station location information.
Page 109: Spanning Tree Msti Ports
4.7.5. Spanning Tree MSTI Ports STP MSTI Port Configuration This page allows the user to inspect the current STP MSTI port configurations, and possibly change them as well. An MSTI port is a virtual port, which is instantiated separately for each active CIST (physical) port for each MSTI instance configured on and applicable to the port.
Page 110: Mvr (Multicast Vlan Registration)
4.8. MVR (Multicast VLAN Registration) MVR is shot of Multicast VLAN Registration. The MVR is a protocol for layer 2 network that enables multicast traffic from a source VLAN to be shared with client/subscriber VLANs. MVR is typically used for IPTV-like service. In non-MVR environment, the IPTV source to different VLAN would be copied multiple copies based on how many client/subscriber VLANs it would deliver.
Page 111 MVR Mode Enable/Disable the Global MVR. VLAN ID Specify the Multicast VLAN ID. Mode Enable MVR on the port. Type Specify the MVR port type on the port. Immediate Leave Enable the fast leave on the port. Buttons Save: Click to save changes. Reset: Click to undo any changes made locally and revert to previously saved values.
Page 112: Ipmc (Ip Multicast)
4.9. IPMC (IP Multicast) IPMC is short of IP Multicast, the switch support IPv4 and IPv6 multicast forwarding and filtering. The IGMP Snooping defines how to manage IPv4 multicast traffic, the MLD defines how to manage IPv6 multicast traffic. 4.9.1. IGMP Snooping Configuration Internet Group Management Protocol Snooping (IGMP Snooping) is a multicast constraining mechanism that runs on Layer 2 devices to manage and control multicast groups.
Page 113 IGMP SSM Range SSM (Source-Specific Multicast) Range allows the SSM-aware hosts and routers run the SSM service model for the groups in the address range. Leave Proxy Enabled Enable IGMP Leave Proxy. This feature can be used to avoid forwarding unnecessary leave messages to the router side.
Page 114: Igmp Snooping Vlan Configuration
4.9.1.2. IGMP Snooping VLAN Configuration Navigating the IGMP Snooping VLAN Table Each page shows up to 99 entries from the VLAN table, default being 20, selected through the "entries per page" input field. When first visited, the web page will show the first 20 entries from the beginning of the VLAN Table.
Page 115 LLQI (LMQI for IGMP) Last Member Query Interval. The Last Member Query Time is the time value represented by the Last Member Query Interval, multiplied by the Last Member Query Count. The allowed range is 31744 in tenths of seconds, default last member query interval is 10 in tenths of seconds (1 second).
Page 116: Igmp Snooping / Port Group Filtering
4.9.1.3. IGMP Snooping / Port Group Filtering IGMP Snooping Port Group Filtering Configuration Delete Check to delete the entry. It will be deleted during the next save. Port The logical port for the settings. Filtering Groups The IP Multicast Group that will be filtered. Adding New Filtering Group Click to add a new entry to the Group Filtering table.
Page 117: Mld Snooping Configuration
4.9.2. MLD Snooping Configuration This section provides MLD Snooping related configuration. The MLD is for IPv6 Multicast Snooping. The difference between the 2 IGMP and MLD is that the IGMP is applied to IPv4 Multicast stream, the MLD is applied to IPv6 Multicast stream. While configuring the MLD Snooping configuration, the only thing you need to understand is the IPv6 packet format.
Page 118 Throttling Enable to limit the number of multicast groups to which a switch port can belong. Buttons Save: Click to save changes. Reset: Click to undo any changes made locally and revert to previously saved values. 118 ...
Page 119: Mld Snooping Vlan Configuration
4.9.2.2. MLD Snooping VLAN Configuration Navigating the MLD Snooping VLAN Table Each page shows up to 99 entries from the VLAN table, default being 20, selected through the "entries per page" input field. When first visited, the web page will show the first 20 entries from the beginning of the VLAN Table.
Page 120 LLQI Last Listener Query Interval. The Last Listener Query Interval is the Maximum Response Delay used to calculate the Maximum Response Code inserted into Multicast Address Specific Queries sent in response to Version 1 Multicast Listener Done messages. It is also the Maximum Response Delay used to calculate the Maximum Response Code inserted into Multicast Address and Source Specific Query messages.
Page 121: Ipmc / Mld Snooping / Port Group Filtering
4.9.2.3. IPMC / MLD Snooping / Port Group Filtering MLD Snooping Port Group Filtering Configuration Delete Check to delete the entry. It will be deleted during the next save. Port The logical port for the settings. Filtering Groups The IP Multicast Group that will be filtered. Adding New Filtering Group Click to add a new entry to the Group Filtering table.
Page 122: Lldp Parameters
4.10. LLDP Parameters The Link Layer Discovery Protocol (LLDP) is a vendor-neutral link layer protocol. LLDP information is sent by devices from each of their interfaces at a fixed interval, in the form of an Ethernet Frame. Each frame contains one LLDP Data Unit (LLDPDU). Each LLDPDU is a sequence of Type-Length-Value (TLV) structures.
Page 123 LLDP Port Configuration The LLDP port settings relate to the currently selected stack unit, as reflected by the page header. Port The switch port number of the logical LLDP port. Mode Select LLDP mode.  Rx only The switch will not send out LLDP information, but LLDP information from neighbor units is analyzed.
Page 124 Sys Name Optional TLV: When checked the "system name" is included in LLDP information transmitted. Sys Descr Optional TLV: When checked the "system description" is included in LLDP information transmitted. Sys Capa Optional TLV: When checked the "system capability" is included in LLDP information transmitted. Mgmt Addr Optional TLV: When checked the "management address"...
Page 125: Lldp Media Configuration
4.10.2. LLDP Media Configuration This page allows you to configure the LLDE-MED. This function applies to VoIP devices which support LLDP-MED. Fast start repeat count Fast start repeat count Rapid startup and Emergency Call Service Location Identification Discovery of endpoints is a critically important aspect of VoIP systems in general.
Page 126 Coordinates Location Latitude Latitude Should be normalized to within 0-90 degrees with a maximum of 4 digits. It is possible to specify the direction to either North of the equator or south of the equator. Longitude Longitude Should be normalized to within 0-180 degrees with a maximum of 4 digits. It is possible to specify the direction the either East of the prime meridian or West of the prime meridian.
Page 127 Civic Address Location IETF Geopriv Civic Address based Location Configuration Information (Civic Address LCI). Country code The two-letter ISO 3166 Country code in capital ASCII letters – Example: DK, DE, or US. State National subdivisions ( state, canton, region, province, prefecture). County County, perish, gun ( Japan), district.
Page 128 Room No. Room number – Example: 450F. Place type Place type – Example: Office. Postal community name Postal community name – Example: Leonia. P.O. Box Post office box ( P.O. Box ) Example : 12345. Additional code Additional code – Example: 1320300003. 128 ...
Page 129 Emergency Call Service Emergency Call Service (e.g. E911 and others), such as defined by TIA or NENA. Emergency Call Service Emergency Call Service ELIN identifier data format is defined to carry the ELIN identifier as used during emergency call setup to a traditional CAMA or ISDN trunk-based PSAP. This format consists of a numerical digit string, corresponding to the ELIN to be used for emergency calling.
Page 130 This network policy is potentially advertised and associated with multiple sets of application types supported on a given port. The application types specifically addressed are: 1. Voice 2. Guest Voice 3. Soft phone Voice 4. Video Conferencing 5. Streaming Video 6.
Page 131 PCs or laptops. This class of endpoints frequently does not support multiple VLANs, if at all, and are typically configured to use an 'untagged' VLAN or a single 'tagged' data specific VLAN. When a network policy is defined for use with an 'untagged' VLAN (see Tagged flag below), then the L2 priority field is ignored and only the DSCP value has relevance.
Page 132 Port Policies Configuration Every port may advertise a unique set of network policies or different attributes for the same network policies, based on the authenticated user identity or port configuration. Port The port number to which the configuration applies. Policy Id The set of policies that shall apply to a given port.
Page 133: Sflow Configuration
4.11. sFlow Configuration Sampled Flow (sFlow) is a traffic monitoring technology mainly used to collect and analyze traffic statistics. The switch supports sFlow feature. The sFlow software agent collects traffic statistics and packet information from the sFlow-enabled interfaces on the switch, encapsulates them into sFlow packets.
Page 134 sFlow Ports List of the port numbers on which sFlow is configured. sFlow Instance Configured sFlow instance for the port number. Flow Sampling Packet flow sampling refers to arbitrarily choosing some packets out of a specified number, reading the first "Max Hdr Size" bytes and exporting the sampled datagram for analysis. The attributes associated with the flow sampling are: sampler type, sampling rate, maximum header size.
Page 135: Mac Address Table Configuration
4.12. MAC Address Table Configuration The MAC Address Table is configured on this page. Set timeouts for entries in the dynamic MAC Table and configure the static MAC table here. Aging Configuration By default, dynamic entries are removed from the MAC table after 300 seconds. This removal is also called aging.
Page 136 The table is sorted first by VLAN ID and then by MAC address. Delete Check to delete the entry. It will be deleted during the next save. VLAN ID The VLAN ID of the entry. MAC Address The MAC address of the entry. Port Members Checkmarks indicate which ports are members of the entry.
Page 137: Vlan (Virtual Lan)
4.13. VLAN (Virtual LAN) The VLAN is short of Virtual LAN (Local Area Network.) The VLAN technology allows you to divide the physical ports to different logical groups. Each groups is a virtual LAN, the clients within the VLAN is a broadcast domain. While the clients in different VLANs need to communicate, the VLAN Overlapping setting or a additional upper router is needed.
Page 138 Delete To delete a VLAN entry, check this box. The entry will be deleted during the next Save. VLAN ID Indicates the ID of this particular VLAN. VLAN Name Indicates the name of the VLAN. Maximum length of the VLAN Name String is 32. VLAN Name can only contain alphabets or numbers.
Page 139 The button can be used to undo the addition of new VLANs. Buttons Save: Click to save changes. Reset: Click to undo any changes made locally and revert to previously saved values. Refreshes : Refreshes the displayed the table starting from the “VLAND ID” input fields. <<...
Page 140: Vlan Port Configuration
4.13.2. VLAN Port Configuration This page is used for configuring the selected stack switch unit port VLAN. This page is used for configuring the switch port VLAN. Ether type for Custom S-ports This field specifies the ether type used for Custom S-ports. This is a global setting for all the Custom S-ports.
Page 141 Port VLAN Mode Configures the Port VLAN Mode. The allowed values are None Specific This parameter affects VLAN ingress and egress processing. None is selected, a VLAN tag with the classified VLAN ID is inserted in frames transmitted on the port. This mode is normally used for ports connected to VLAN aware switches. Specific (the default value) is selected, a Port VLAN ID can be configured (see below).
Page 142: Private Vlans
4.14. Private VLANs The Private VLAN feature provides the ability to extend the capabilities of a "standard" VLAN. The additional concepts, Primary VLAN, Community VLAN and Isolated VLAN are introduced in Private VLAN. The Primary VLAN can be considered the master in the master/slave relationship with the other 2 sub-types, Community VLAN and Isolated VLAN.
Page 143: Port Isolation Configuration
4.14.1. Port Isolation Configuration Overview This page is used for enabling or disabling port isolation on ports in a Private VLAN.. A port member of a VLAN can be isolated to other isolated ports on the same VLAN and Private VLAN.
Page 144: Vcl
4.15. VCL 4.15.1. VCL / MAC-Based VLAN Configuration The MAC-based VLAN entries can be configured here. This page allows for adding and deleting MAC-based VLAN entries and assigning the entries to different ports. This page shows only static entries. Delete To delete a MAC-based VLAN entry, check this box and press save.
Page 145 Buttons Save: Click to save changes. Reset: Click to undo any changes made locally and revert to previously saved values. Refreshes : Refreshes the displayed the table starting from the “VLAND ID” input fields. << : Updates the table starting from the first entry in the VALN Table, i.e. the entry with the lowest VLAND ID.
Page 146: Vcl / Protocol-Based Vlan
4.15.2. VCL / Protocol-based VLAN Protocol to Group Mapping Table This page allows you to add new protocols to Group Name (unique for each Group) mapping entries as well as allow you to see and delete already mapped entries for the switch . The displayed settings are: Delete To delete a Protocol to Group Name map entry, check this box.
Page 147 if value of OUI is other than 00-00-00 then valid value of PID will be any value from 0x0000 to 0xffff. 147 ...
Page 148 Group Name A valid Group Name is a unique 16-character long string for every entry which consists of a combination of alphabets (a-z or A-Z) and integers(0-9). Note: special character and underscore(_) are not allowed. Adding a New Group to VLAN mapping entry Click to add a new entry in mapping table.
Page 149 VLC / Protocol-based VLAN / Group Name to VLAN mapping Table This page allows you to map a already configured Group Name to a VLAN for the switch. The displayed settings are: Delete To delete a Group Name to VLAN map entry, check this box. The entry will be deleted on the switch during the next Save Group Name A valid Group Name is a string of no more than 16 characters which consists of a combination of...
Page 150: Vcl / Ip Subnet-Based Vlan
4.15.3. VCL / IP Subnet-based VLAN The IP subnet-based VLAN entries can be configured here. This page allows for adding, updating and deleting IP subnet-based VLAN entries and assigning the entries to different ports. This page shows only static entries. Delete To delete a IP subnet-based VLAN entry, check this box and press save.
Page 151 Buttons Save: Click to save changes. Reset: Click to undo any changes made locally and revert to previously saved values. Auto-refresh : Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. Refresh: Refreshes the displayed table. 151 ...
Page 152: Voice Vlan Configuration
4.16. Voice VLAN Configuration 4.16.1. Voice VLAN / Configuration The Voice VLAN feature enables voice traffic forwarding on the Voice VLAN, then the switch can classify and schedule network traffic. It is recommended that there be two VLANs on a port - one for voice, one for data.
Page 153 Port Mode Indicates the Voice VLAN port mode. Possible modes are: Disabled: from Voice VLAN. Auto: Enable auto detect mode. It detects whether there is VoIP phone attached to the specific port and configures the Voice VLAN members automatically. Forced: Force join to Voice VLAN. Port Security the Voice VLAN port security mode.
Page 154: Voice Vlan / Oui Configuration
4.16.2 Voice VLAN / OUI Configuration Configure VOICE VLAN OUI table on this page. The maximum entry number is 16. Modifying the OUI table will restart auto detection of OUI process. Delete Check to delete the entry. It will be deleted during the next save. Telephony OUI A telephony OUI address is a globally unique identifier assigned to a vendor by IEEE.
Page 155: Qos
4.17. QoS 4.17.1. QoS / Ingress Port Classification This page allows you to configure the basic QoS Ingress Classification settings for all switch ports. The settings relate to the currently selected stack unit, as reflected by the page header. The displayed settings are: Port The port number for which the configuration below applies.
Page 156: Qos / Ingress Port Policy Config
4.17.2. QoS / Ingress Port Policy Config This page allows you to configure the Policy settings for all switch ports. The settings relate to the currently selected stack unit, as reflected by the page header. The displayed settings are: Port The port number for which the configuration below applies.
Page 157: Qos / Port Scheduler
4.17.3. QoS / Port Scheduler This page provides an overview of QoS Egress Port Schedulers for all switch ports. The ports belong to the currently selected stack unit, as reflected by the page header. The displayed settings are: Port The logical port for the settings contained in the same row. Click on the port number in order to configure the schedulers.
Page 158: Qos / Egress Port Shapers
4.17.4. QoS / Egress Port Shapers This page provides an overview of QoS Egress Port Shapers for all switch ports. The ports belong to the currently selected stack unit, as reflected by the page header. The displayed settings are: Port The logical port for the settings contained in the same row.
Page 159: Qos / Port Tag Remarking
4.17.5. QoS / Port Tag Remarking This page provides an overview of QoS Egress Port Tag Remarking for all switch ports. The ports belong to the currently selected stack unit, as reflected by the page header. The displayed settings are: Port The logical port for the settings contained in the same row.
Page 160: Qos / Port Dscp Configuration
4.17.6. QoS / Port DSCP Configuration This page allows you to configure the basic QoS Port DSCP Configuration settings for all switch ports. The settings relate to the currently selected stack unit, as reflected by the page header. The displayed settings are: Port The Port column shows the list of ports for which you can configure dscp ingress and egress settings.
Page 161 Egress Port Egress Rewriting can be one of - Disabled: No Egress rewrite. Enable: Rewrite enabled without remapping. Remap DP Unaware: DSCP from analyzer is remapped and frame is remarked with remapped DSCP value. The remapped DSCP value is always taken from the 'DSCP Translation->Egress Remap DP0' table.
Page 162: Qos / Dscp Based Qos Ingress Classification
4.17.7. QoS / DSCP based QoS Ingress Classification This page allows you to configure the basic QoS DSCP based QoS Ingress Classification settings for all switches. The displayed settings are: DSCP Maximum number of supported DSCP values are 64. Trust Controls whether a specific DSCP value is trusted.
Page 163 Drop Precedence Level (0-1) Buttons Save: Click to save changes. Reset: Click to undo any changes made locally and revert to previously saved values. 163 ...
Page 164: Qos / Dscp Translation
4.17.8. QoS / DSCP Translation This page allows you to configure the basic QoS DSCP Translation settings for all switches. DSCP translation can be done in Ingress or Egress. The displayed settings are: DSCP Maximum number of supported DSCP values are 64 and valid DSCP value ranges from 0 to 63. Ingress Ingress side DSCP can be first translated to new DSCP before using the DSCP for QoS class and DPL map.
Page 165 2. Classify Click to enable Classification at Ingress side. Egress There are the following configurable parameters for Egress side - 1. Remap DP0 Controls the remapping for frames with DP level 0. 2. Remap DP1 Controls the remapping for frames with DP level 1. 1.
Page 166: Qos / Dscp Classification
4.17.9. QoS / DSCP Classification This page allows you to configure the mapping of QoS class and Drop Precedence Level to DSCP value. The settings relate to the currently selected stack unit, as reflected by the page header. The displayed settings are: QoS Class Actual QoS class.
Page 167: Qos Control List Configuration
4.17.10. QoS / Control List Configuration QoS Control List Configuration This page shows the QoS Control List(QCL), which is made up of the QCEs. Each row describes a QCE that is defined. The maximum number of QCEs is on each switch. Click on the lowest plus sign to add a new QCE to the list.
Page 168 Indicates (VLAN ID), either a specific VID or range of VIDs. VID can be in the range 1-4095 or 'Any' Priority Code Point: Valid value PCP are specific(0, 1, 2, 3, 4, 5, 6, 7) or range(0-1, 2-3, 4-5, 6-7, 0-3, 4-7) or 'Any'.
Page 169 Buttons Refresh: Click to refresh the page. This will help to check the latest conflict status after releasing the resources. 169 ...
Page 170: Qos / Storm Control Configuration
4.17.11. QoS / Storm Control Configuration Storm control for the switch is configured on this page. There is a unicast storm rate control, multicast storm rate control, and a broadcast storm rate control. These only affect flooded frames, i.e. frames with a (VLAN ID, DMAC) pair not present on the MAC Address table.
Page 171: Mirroring Configuration
4.18. Mirroring Configuration Configure port Mirroring on this page. To debug network problems, selected traffic can be copied, or mirrored, on a mirror port where a frame analyzer can be attached to analyze the frame flow. The traffic to be copied on the mirror port is selected as follows: All frames received on a given port (also known as ingress or source mirroring).
Page 172: Upnp Configuration
4.19. UPnP Configuration Configure UPnP on this page. Mode Indicates the UPnP operation mode. Possible modes are: Enabled: Enable UPnP mode operation. Disabled Disable UPnP mode operation. When the mode is enabled, two ACEs are added automatically to trap UPNP related packets to CPU.
Page 173: Stack Configuration
4.20 Stack Configuration Overview: Monitor - Ports – State Configuration – Stack 173 ...
Page 174 Monitor - Stack The ALL-SG8826PMX-10G includes a stacking feature by using two SFP+ ports. This allows multiple switches (up to 16) to operate as a single unit. You can set the stack configuration here. Within a managed stack, one master switch (or just "master") must be elected. Any switch not being master is a slave switch (or just "slave").
Page 175 When the stacking mode is enabled, multiple switches will operate as one single unit. Stacking Unit Table This table displays all the switches (ALL-SG8826PMX-10G) stacked. You can check the Delete checkbox to delete the selected switch, change the Switch ID, change the Priority, or change the Stack Ports here with the scroll-down menus.
Page 176: Feature Configuration - Cli
5. Feature Configuration - CLI The Command Line Interface (CLI) is the user interface to the switch’s embedded software system. You can view the system information, show the status, configure the switch and receive a response back from the system by keying in a command. After login the switch through console CLI, you can see the ">"...
Page 177: System Configuration
5.1. System Configuration Feature Command Line System Information Enter the System Configuration Group to do further System Group configuration. >system Type 'up' to move up one level or '/' to go to root level System> System Contact Syntax: System Name [<name>] Parameters: <name>: System name string.
Page 178 IP Configuration Enter the IP Configuration Group IP Group switch:/>ip Type 'up' to move up one level or '/' to go to root level switch:/IP> Syntax: DHCP Client IP DHCP [enable|disable] switch:/IP>dhcp en IP Setting (Address, Syntax: IP Setup [<ip_addr>] [<ip_mask>] [<ip_router>] [<vid>] Mask, Gateway, Example: IP=192.168.2.2, Mask=255.255.255.0, Gateway: Managed VID)
Page 179 IPv6 Configuration IPv6 Commands Syntax: IP IPv6 AUTOCONFIG [enable|disable] IP IPv6 Setup [<ipv6_addr>] [<ipv6_prefix>] [<ipv6_router>] IP IPv6 State <ipv6_addr> [enable|disable] IP IPv6 Ping6 <ipv6_addr> [(Length <ping_length>)] [(Count <ping_count>)] [(Interval <ping_interval>)] Auto Configuration Syntax: IP IPv6 AUTOCONFIG [enable|disable] Example: switch:/IP>ipv6 auto en IPv6 Address Setting Syntax: (Address, Prefix,...
Page 180 System Log Syntax: Server Mode System Log Server Mode [enable|disable] Example: switch:/System>log server mode en Syntax: Server Address System Log Server Address [<ip_addr_string>] Example: switch:/System>log server add 192.168.2.100 Syntax: Syslog Level System Log Level [info|warning|error] Information: switch:/System>log level inf Warning: switch:/System>log level war Error: switch:/System>log level err...
Page 181: Stack Configuration
5.2. Stack Configuration Feature Command Line Enter the Stack configuration to do further configuration. Stack >stack Type 'up' to move up one level or '/' to go to root level Stack> Stack List Syntax: Stack List [detailed|productinfo] Parameters: <detailed>: Listing detailed information regarding to the stacking switches <productinfo>: Listing Stack Members’...
Page 182 Syntax: Stack Config Stack Config [enable|disable] [<stack_ports>] Parameters: [enable|disable]: To enable or disable the stack function [<stack_ports>]: The port for stacking Example: Stack Config enable 182 ...
Page 183: Power Reduction
5.3. Power Reduction Feature Command Line LED Power Reduction Syntax: LED Intensity Times led_power timers [<hour>] [<intensity>] Parameters: <hour> : The hour (0-24) at which to change LEDs intensity <intensity>: The LED intensity in % (0-100) Example: (Time=2:00, Intensity: 30%) led_power>timer 2 30 Syntax: Maintenance...
Page 184: Port Configuration
5.4. Port Configuration Feature Command Line Port Configuration switch:/>port Port Group Type 'up' to move up one level or '/' to go to root level switch:/Port> Syntax: Link State Port State [<port_list>] [enable|disable] Example: Enable/Disable Port 1 State. After port 1 disabled, the port can't access the switch.
Page 185: Port Statistic
Port State Mode Flow Control MaxFrame Power Excessive Link ---- -------- ----------- ------------ -------- -------- --------- ---- Enabled Auto Disabled 9600 Disabled Discard Down Enabled Auto Disabled 9600 Disabled Discard 1Gfdx Enabled Auto Disabled 9600 Disabled Discard Down ....switch:/Port>conf all up Status of Link UP ports Port Configuration:...
Page 186: Security Configuration
5.5. Security Configuration Feature Command Line Security-Switch Configuration >securi swi Security -Switch Type 'up' to move up one level or '/' to go to root level Group Security/Switch>? Command Groups: --------------- Security Switch Users : User management Security Switch Privilege: Privilege level Security Switch Auth : Authentication Security Switch SSH...
Page 187 Example: Set Privilege level of VLAN Group Security/Switch/Privilege>level group VLANs 10 10 10 10 (cro=10, crw=10, sro=10, srw=10) Security/Switch>pri level conf Privilege Level Configuration Table Privilege Level Configuration: ============================== Privilege Current Level: 15 Group Name Privilege Level CRO CRW SRO SRW -------------------------------- --- --- --- --- Aggregation 5 10...
Page 188 HTTPS Redirect Mode : Enabled Syntax: Access Management Security Switch Access Add <access_id> <start_ip_addr> <end_ip_addr> [web] [snmp ] [telnet] Example: Limit the IP range from the 192.168.2.1 to 192.168.2.10 can access the web UI. Security/Switch>access add 1 192.168.2.1 192.168.2.10 web Syntax: SNMP System Security Switch SNMP Mode [enable|disable]...
Page 189 Security/Switch/SNMP/Trap>community public Security/Switch/SNMP/Trap>destination 192.168.2.100 Result: Trap Mode : Enabled Trap Version : 2c Trap Community : public Trap Destination : 192.168.2.100 Trap IPv6 Destination : :: Syntax: SNMP Trap Event Security Switch SNMP Trap Authentication Failure Setting [enable|disable] Security Switch SNMP Trap Link-up [enable|disable] Security Switch SNMP Trap Inform Mode [enable|disable] Security Switch SNMP Trap Inform Timeout [<timeout>] Security Switch SNMP Trap Inform Retry Times [<retries>]...
Page 190 Security Switch RMON Statistics Delete <stats_id> Security Switch RMON Statistics Lookup [<stats_id>] History: Security Switch RMON History Add <history_id> <data_source> [<interval>] [<buckets>] Security Switch RMON History Delete <history_id> Security Switch RMON History Lookup [<history_id>] Alarm: Security Switch RMON Alarm Add <alarm_id> <interval> <alarm_vairable>...
Page 191 Time Settings Security Network NAS ReauthPeriod [<reauth_period>] Security Network NAS EapolTimeout [<eapol_timeout>] Security Network NAS Agetime [<age_time>] Security Network NAS Holdtime [<hold_time>] Radius-Assigned Security Network NAS RADIUS_QoS [global|<port_list>] [enable|disable] Security Network NAS RADIUS_VLAN [global|<port_list>] [enable|disable] Guest VLAN Security Network NAS Guest_VLAN [global|<port_list>] [enable|disable] [<vid>] [<reauth_max>] [<allow_if_eapol_seen>] Example:...
Page 192 Port Policy Action Rate L. Port C. Mirror Logging Shutdown Counter ---- ------ ------ ------- ------- -------- -------- -------- ------- Permit 10 Disabled Enabled Enabled Enabled Syntax: Rate Limiter Security Network ACL Rate [<rate_limiter_list>] [<rate_unit>] [<rate>] Parameters: <rate_limiter_list>: Rate limiter list (1-16), default: All rate limiters <rate_unit>...
Page 193 <etype> : Ethernet Type: 0x600 - 0xFFFF or 'any' but excluding 0x800(IPv4) 0x806(ARP) and 0x86DD(IPv6) <smac> : Source MAC address ('xx-xx-xx-xx-xx-xx' or 'xx.xx.xx.xx.xx.xx' or 'xxxxxxxxxxxx', x is a hexadecimal digit) or 'any' <dmac> : Destination MAC address ('xx-xx-xx-xx-xx-xx' or 'xx.xx.xx.xx.xx.xx' or 'xxxxxxxxxxxx', x is a hexadecimal digit) or 'any' : ARP keyword <sip>...
Page 194 Security/Network>dhcp snooping mode en Security/Network>dhcp snooping port mode 1 tru (Port Security/Network>dhcp snooping port mode 1-10 tru (Port 1-10) Syntax: DHCP Relay Security Network DHCP Relay Mode [enable|disable] Security Network DHCP Relay Server [<ip_addr>] Security Network DHCP Relay Information Mode [enable|disable] Security Network DHCP Relay Information Policy [replace|keep|drop]...
Page 195 Security Network ARP Inspection Mode [enable|disable] Security Network ARP Inspection Port Mode [<port_list>] [enable|disable] Security Network ARP Inspection Entry [<port_list>] add|delete <vid> <allowed_mac> <allowed_ip> Security Network ARP Inspection Status [<port_list>] Security Network ARP Inspection Translation Example: Security/Network>arp inspection mode en Security/Network>arp inspection port mode 1-10 en Security/Network>arp inspection entry 1 add 10 112233445566 192.168.2.10...
Page 196 Disabled 1812 Disabled 1812 Disabled 1812 Disabled 1812 RADIUS Accounting Server Configuration: ======================================= Server Mode IP Address Secret Port ------ -------- --------------- ------------------------------ ----- Enabled 192.168.2.200 ******** 1813 Disabled 1813 Disabled 1813 Disabled 1813 Disabled 1813 TACACS+ Authentication Server Configuration: ============================================ Server Mode IP Address...
Page 197: Aggregation Configuration
5.6. Aggregation Configuration Feature Command Line Static Aggregation Configuration Syntax: Aggregation Group Aggr Add <port_list> [<aggr_id>] Configuration Example: Add port 5-8 to Group 1 >aggr add 5-8 1 >aggr del 1 (Delete the group 1) Syntax: Hash Code Aggr Mode [smac|dmac|ip|port] [enable|disable] Contributors smac = Source MAC Address dmac = Destination MAC Address...
Page 198: Loop Protection
5.7. Loop Protection Feature Command Line General Settings Syntax: Enable Loop Loop Protect Mode [enable|disable] Protection Loop Protect Transmit [<transmit-time>] Loop Protect Shutdown [<shutdown-time>] Example: >loop protect mode en Transmission Time >loop protect trans 10 (10 seconds) Shutdown Time >loop protect shut 200 (200 seconds) Port Configuration Syntax:...
Page 199: Spanning Tree
5.8. Spanning Tree Feature Command Line Bridge Configuration Syntax: Protocol Version STP Version [<stp_version>] Parameters: <stp_version>: mstp|rstp|stp Example: STP>ver rstp Syntax: Bridge Priority STP Msti Priority [<msti>] [<priority>] Example: STP>msti pri MSTI# Bridge Priority ----- --------------- CIST 32768 STP>msti pri 4096 (The available priority parameter includes: 0, 4096, 8192, 12288, 16384, 20480, 24576, 28672, 32768, 36864, 40960, 45056, 49152, 53248, 57344, 61440)
Page 200 MSTI Mapping Syntax: MSTI/VLAN Mapping STP Msti Add <msti> <vid-range> Example: STP>mst add 1 100 Add VLAN 100 to MSTI1 STP>mst map MSTI VLANs mapped to MSTI ---- -------------------- MSTI1 100 MSTI2 No VLANs mapped MSTI3 No VLANs mapped MSTI4 No VLANs mapped MSTI5 No VLANs mapped MSTI6 No VLANs mapped MSTI7 No VLANs mapped...
Page 201 STP>msti port priority 0 5 240 (Port 5 Priority = 240) STP>msti port priority 0 all 128 (All Ports' priority = 128) Example: Configure MSTI 1 Port Priority STP>msti port priority 1 5 240 (MSTI1 port 5 priority=240) 201 ...
Page 202: Mvr
5.9. MVR Feature Command Line MVR Configuration Syntax: MVR Mode MVR Mode [enable|disable] MVR - VLAN Syntax: MVR VLAN Setup [<mvid>] [add|del|upd] [(Name Interface Setting <mvr_name>)] Example: MVR VLAN 2, MVR Name = Source2 MVR>vlan setup 2 add Name Source2 MVR - Port Role Syntax: MVR VLAN Port [<vid>|<mvr_name>] [<port_list>]...
Page 203: Ipmc
5.10. IPMC Feature Command Line IGMP Snooping Configuration IGMP Snooping Syntax: Enable IPMC Mode [mld|igmp] [enable|disable] Example: IPMC>mode igmp en Unregistered Syntax: IPMCv4 Flooding IPMC Flooding [mld|igmp] [enable|disable] Enabled Example: IPMC>flood igmp en IGMP SSM Range Syntax: IPMC SSM [mld|igmp] [(Range <prefix> <mask_len>)] (Source-Specific Example: Multicast)
Page 204 Example: IPMC>state igmp 2 en (Enable IGMP Snooping on VLAN IPMC>quer igmp 2 en (Enable IGMP Querier on VLAN 2) IPMC>compa igmp 2 v2 (Enable IGMPv2 on VLAN 2) MLD Snooping MLD Snooping Note: The MLD Snooping is applied to IPv6 Multicast. The commands are the same as above IGMP Snooping (IPv4) Commands.
Page 205: Lldp Configuration
5.11. LLDP Configuration Feature Command Line LLDP Parameters LLDP Timers Syntax: LLDP Interval [<interval>] LLDP Hold [<hold>] LLDP Delay [<delay>] LLDP Reinit [<reinit>] Example: LLDP>interval 30 LLDP>hold 4 LLDP>delay 2 LLDP>reini 2 LLDP Mode Syntax: LLDP Mode [<port_list>] [enable|disable|rx|tx] (rx=RX Only, tx=TX Only) Example: Enable LLDP on Ports LLDP>mode 1-10 en (Port 1-10 are enabled) LLDP>mode 1-26 en (Port 1-26 are enabled)
Page 206: Sflow Configuration
5.12. sFlow Configuration Feature Command Line sFlow Configuration Receiver Syntax: sFlow Receiver [release] [<timeout>] [<ip_addr_host>] Configuration [<udp_port>] [<datagram_size>] Example: sFlow>receiver 10 192.168.2.100 6343 1400 Result: Receiver Configuration: ======================= Owner : <none> Receiver : 192.168.2.100 UDP Port : 6343 Max. Datagram: 1400 bytes Time left : 0 seconds Receiver Release...
Page 207: Mac Address Table Configuration
5.13. MAC Address Table Configuration Feature Command Line MAC Address Table Configuration Aging Time Syntax: Configuration MAC Agetime [<age_time>] Parameters: <age_time>: MAC address age time (0,10-1000000) 0=disable Example: MAC>age 100 (change aging time to 100 seconds, the aging time range is 10-1000000) MAC>age 0 (0 = Disable Aging time) MAC Learning Syntax:...
Page 208: Vlan Configuration
5.14. VLAN Configuration Feature Command Line VLAN Configuration VLAN Membership Syntax: VLAN Add <vid>|<name> [<ports_list>] VLAN Name Add <name> <vid> Example: VLAN>add 3 5-8 (Add port 5-8 to VLAN 3) VLAN>name add vlan3 3 (vlan3 is the name of VLAN 3) Port Configuration Syntax: VLAN FrameType [<port_list>] [all|tagged|untagged]...
Page 209: Private Vlan Configuration
5.15. Private VLAN Configuration Feature Command Line PVLAN Configuration PVLAN Syntax: PVLAN Configuration [<port_list>] Configuration PVLAN Add <pvlan_id> [<port_list>] PVLAN Delete <pvlan_id> PVLAN Lookup [<pvlan_id>] PVLAN Isolate [<port_list>] [enable|disable] Example: PVLAN>add 10 9-12 PVLAN>add 10 1-2 PVLAN>add 20 1-2 PVLAN>add 20 13-18 PVLAN>iso 9-18 en (Enable Isolated Ports) Result:...
Page 210: Vcl Configuration
5.16. VCL Configuration Feature Command Line MAC-based VLAN Configuration MAC-based VLAN Syntax: VCL Macvlan Add <mac_addr> <vid> [<port_list>] Configuration Example: VCL/Macvlan>add 001122334455 10 1-4 Result: VCL/Macvlan>conf MAC Address Ports ----------------- ---- ----- 00-0b-16-21-2c-37 10 Protocol-based VLAN Configuration Protocol to Group Syntax: VCL ProtoVlan Protocol Add Eth2 <ether_type>|arp|ip|ipx|at <group_id>...
Page 211: Voice Vlan Configuration
5.17. Voice VLAN Configuration Feature Command Line Voice VLAN Configuration Voice VLAN Syntax: Voice VLAN Mode [enable|disable] Configuration Voice VLAN ID [<vid>] Voice VLAN Agetime [<age_time>] Voice VLAN Traffic Class [<class>] Example: Voice>vlan mode en Voice>vlan id 100 Voice>vlan age 86400 Voice>vlan traff class 7 Result: Voice VLAN Configuration:...
Page 212: Qos Configuration
5.18. QoS Configuration Feature Command Line QoS Configuration Port Syntax: QoS Port Classification Class [<port_list>] [<class>] Classification QoS Port Classification DPL [<port_list>] [<dpl>] QoS Port Classification PCP [<port_list>] [<pcp>] QoS Port Classification DEI [<port_list>] [<dei>] QoS Port Classification Tag [<port_list>] [enable|disable] QoS Port Classification Map [<port_list>] [<pcp_list>] [<dei_list>] [<class>] [<dpl>] QoS Port Classification DSCP [<port_list>] [enable|disable]...
Page 213 Port Shaping Syntax: Port Shaper: QoS Port Shaper Mode [<port_list>] [enable|disable] QoS Port Shaper Rate [<port_list>] [<bit_rate>] Querier Shaper: QoS Port QuerierShaper Mode [<port_list>] [<querier_list>] [enable|disable] QoS Port QuerierShaper Rate [<port_list>] [<querier_list>] [<bit_rate>] QoS Port QuerierShaper Excess [<port_list>] [<querier_list>] [enable|disable] Parameters: <port_list>: Port list or 'all', default: All ports <bit_rate>...
Page 214 <packet_rate>: Rate in fps (1, 2, 4, 8, 16, 32, 64, 128, 256, 512, 1k, 2k, 4k, 8k, 16k, 32k, 64k, 128k, 256k, 512k, 1024k, 2048k, 4096k, 8192k, 16384k, 32768k) Example: QoS/Storm>unic en 32768k QoS/Storm>multi en 4096k QoS/Storm>broad en 4k 214 ...
Page 215: Mirroring Configuration
5.19. Mirroring Configuration Feature Command Line Mirroring Configuration Mirror Syntax: Mirror Port [<port>|disable] Configuration Mirror Mode [<port_cpu_list>] [enable|disable|rx|tx] Example: Mirror>port 5 Mirror>mode 6-8 en Result: Mirror Configuration: ===================== Mirror Port: 5 Port Mode ---- -------- Disabled Disabled Disabled Disabled Disabled Enabled Enabled Enabled...
Page 216: Upnp Configuration
5.20. UPnP Configuration Feature Command Line UPnP Configuration UPnp Configuration Syntax: UPnP Configuration UPnP Mode [enable|disable] UPnP TTL [<ttl>] UPnP AdvertisingDuration [<duration>] Example: UPnP>mode en UPnP>ttl 5 (Default=4) UPnP>adver 200 (Default=100) Result: UPnP Configuration: =================== UPnP Mode : Enabled UPnP TTL UPnP Advertising Duration : 200 216 ...
Page 217: Diagnostic Commands
5.21 Diagnostic Commands Feature Command Line Ping Ping Test Syntax: IP Ping <ip_addr_string> [(Length <ping_length>)] [(Count <ping_count>)] [(Interval <ping_interval>)] Parameters: <ip_addr_string>: IPv4 host address (a.b.c.d) or a host name string length : PING Length keyword <ping_length> : Ping ICMP data length (2-1452; Default is 56), excluding MAC, IP and ICMP headers count...
Page 218: Maintenance Commands
5.22. Maintenance Commands Feature Command Line Maintenance Commands Restart Device Syntax: System Reboot Example: System>reb System will reboot in a few seconds Factory Defaults Syntax: System Restore Default [keep_ip] Example: Software/Firmware Syntax: Firmware Information (Firmware Version, Firmware Swap Firmware Load <ip_addr_string> <file_name> Firmware Swapping, Parameters of Firmware Load: Firmware Update)
Page 219 Note 2: While firmware uploading process is started, please don't shutdown the switch! 219 ...
Page 220: Web Configuration - Monitor, Diagnostic, Maintenance
6. Web Configuration - Monitor, Diagnostic, Maintenance 6.1. Monitor 6.1.1. Monitor / System 6.1.1.1. Monitor / System / Information The switch system information is provided here. Contact The system contact configured in Configuration | System | Information | System Contact. Name The system name configured in Configuration | System | Information | System Name.
Page 221: Cpu Load
6.1.1.2. CPU Load This page displays the CPU load, using an SVG graph. The load is measured as averaged over the last 100ms, 1sec and 10 seconds intervals. The last 120 samples are graphed, and the last numbers are displayed as text as well. In order to display the SVG graph, your browser must support the SVG format.
Page 222: System Log Information
6.1.1.3. System Log Information The switch system log information is provided here. The ID (>= 1) of the system log entry. Level The level of the system log entry. The following level types are supported: Info: Information level of the system log. Warning: Warning level of the system log.
Page 223: System / Detailed Log
6.1.1.4. System / Detailed Log The switch system detailed log information is provided here. The ID (>= 1) of the system log entry. Message The detailed message of the system log entry. Buttons Refresh : Updates the system log entry to the current entry ID. /<<: Updates the system log entry to the first available entry ID.
Page 224: Monitor / Port State
6.1.2. Monitor / Port State 6.1.2.1. Port State This page provides an overview of the current switch port states. The port states are illustrated as follows: RJ45 ports SFP ports State Disabled Down Link Buttons Auto-refresh: Check this box to refresh the page automatically. Automatic refresh occurs at regular intervals.
Page 225: Traffic Overview
6.1.2.2. Traffic Overview This page provides an overview of general traffic statistics for all switch ports. The displayed counters are: Port The logical port for the settings contained in the same row. Packets The number of received and transmitted packets per port. Bytes The number of received and transmitted bytes per port.
Page 226: Qos Statistics
6.1.2.3. QoS Statistics This page provides statistics for the different queriers for all switch ports. The displayed counters are: Port The logical port for the settings contained in the same row. There are 8 QoS queriers per port. Q0 is the lowest priority querier. Rx/Tx The number of received and transmitted packets per querier.
Page 227: Qcl Status
6.1.2.4. QCL Status This page shows the QCL status by different QCL users. Each row describes the QCE that is defined. It is a conflict if a specific QCE is not applied to the hardware due to hardware limitations. The maximum number of QCEs is on each switch.
Page 228 Buttons : Select the QCL status from this drop down list. Auto-refresh : Check this box to refresh the page automatically. Automatic refresh occurs at regular intervals. Resolve Conflict: Click to release the resources required to add QCL entry, incase conflict status for any QCL entry is 'yes'.
Page 229: Detailed Port Statistics
6.1.2.5. Detailed Port Statistics This page provides detailed traffic statistics for a specific switch port. Use the port select box to select which switch port details to display. The displayed counters are the totals for receive and transmit, the size counters for receive and transmit, and the error counters for receive and transmit.
Page 230 Receive and Transmit Size Counters The number of received and transmitted (good and bad) packets split into categories based on their respective frame sizes. Receive and Transmit Querier Counters The number of received and transmitted packets per input and output querier. Receive Error Counters Rx Drops The number of frames dropped due to lack of receive buffers or egress congestion.
Page 231 Transmit Error Counters Tx Drops The number of frames dropped due to output buffer congestion. Tx Late/Exc. Coll. The number of frames dropped due to excessive or late collisions. Buttons The port select box determines which port is affected by clicking the buttons. Refresh : Click to refresh the page immediately.
Page 232: Monitor / Security
6.1.3. Monitor / Security 6.1.3.1. Security / Access Management Statistics This page provides statistics for access management. Interface The interface type through which the remote host can access the switch. Received Packets Number of received packets from the interface when access management mode is enabled. Allowed Packets Number of allowed packets from the interface when access management mode is enabled.
Page 233: Security / Network
6.1.3.2. Security / Network Port Security Switch Status This page shows the Port Security status. Port Security is a module with no direct configuration. Configuration comes indirectly from other modules - the user modules. When a user module has enabled port security on a port, the port is set-up for software-based learning. In this mode, frames from unknown MAC addresses are passed on to the port security module, which in turn asks all user modules whether to allow this new MAC address to forward or block it.
Page 234 Port Status The table has one row for each port on the switch and a number of columns, which are: Port The port number for which the status applies. Click the port number to see the status for this particular port. Users Each of the user modules has a column that shows whether that module has enabled Port Security or not.
Page 235 MAC Address & VLAN ID The MAC address and VLAN ID that is seen on this port. If no MAC addresses are learned, a single row stating "No MAC addresses attached" is displayed. State Indicates whether the corresponding MAC address is blocked or forwarding. In the blocked state, it will not be allowed to transmit or receive traffic.
Page 236 Security / Network / NAS This page provides an overview of the current NAS port states. Port The switch port number. Click to navigate to detailed NAS statistics for this port. Admin State The port's current administrative state. Refer to NAS Admin State for a description of possible values.
Page 237 Buttons Refresh: Click to refresh the page immediately. Auto-refresh : Click this box to enable an automatic refresh of the page at regular intervals. Port State Admin State The port's current administrative state. Refer to NAS Admin State for a description of possible values.
Page 238 the switch. The number of EAPOL Start frames Start dot1xAuthEapolStartFramesRx that have been received by the switch. The number of valid EAPOL Logoff Logoff dot1xAuthEapolLogoffFramesRx frames that have been received by the switch. The number of EAPOL frames that Invalid have been received by the switch in dot1xAuthInvalidEapolFramesRx Type...
Page 239 Backend Server Counters These backend (RADIUS) frame counters are available for the following administrative states: • Port-based 802.1X • Single 802.1X • Multi 802.1X • MAC-based Auth. Backend Server Counters Direction Name IEEE Name Description 802.1X-based: Counts the number of times that the switch receives the first request from the...
Page 240 802.1X- and MAC-based: Counts the number of times that the switch receives a success Auth. dot1xAuthBackendAuthSuccesses indication. Indicates Successes that the supplicant/client has successfully authenticated to the backend server. 802.1X- and MAC-based: Counts the number of times that the switch receives a failure Auth.
Page 241 backend server for a given port (left-most table) or client (right-most table). Possible retransmissions are not counted. 241 ...
Page 242 Last Supplicant/Client Info Information about the last supplicant/client that attempted to authenticate. This information is available for the following administrative states: • Port-based 802.1X • Single 802.1X • Multi 802.1X • MAC-based Auth. Last Supplicant/Client Info Name IEEE Name Description The MAC address of the last dot1xAuthLastEapolFrameSource Address...
Page 243 Attached MAC Addresses Identity Shows the identity of the supplicant, as received in the Response Identity EAPOL frame. Clicking the link causes the supplicant's EAPOL and Backend Server counters to be shown in the Selected Counters table. If no supplicants are attached, it shows No supplicants attached. This column is not available for MAC-based Auth.
Page 244 Auto-refresh Check this box to enable an automatic refresh of the page at regular intervals. Click to refresh the page immediately. This button is available in the following modes: • Force Authorized • Force Unauthorized • Port-based 802.1X • Single 802.1X Click to clear the counters for the selected port.
Page 245 Network / ACL Status This page shows the ACL status by different ACL users. Each row describes the ACE that is defined. It is a conflict if a specific ACE is not applied to the hardware due to hardware limitations. The maximum number of ACEs is 256 on each switch. User Indicates the ACL user.
Page 246 Action Indicates the forwarding action of the ACE. Permit: Frames matching the ACE may be forwarded and learned. Deny: Frames matching the ACE are dropped. Rate Limiter Indicates the rate limiter number of the ACE. The allowed range is 1 to 16. When Disabled displayed, the rate limiter operation is disabled.
Page 247 DHCP Snooping Statistics This page provides statistics for DHCP snooping. The statistics show only packet counters when DHCP snooping mode is enabled and relay mode is disabled. And it doesn't count the DHCP packets for DHCP client. Receive and Transmit Packets Rx and Tx Discover The number of discover (option 53 with value 1) packets received and transmitted.
Page 248 Buttons Auto-refresh : Click this box to enable an automatic refresh of the page at regular intervals. Refresh: Click to refresh the page immediately. Clear : Clears the counters for the selected port. 248 ...
Page 249 DHCP Relay Statistics This page provides statistics for DHCP relay. Server Statistics Transmit to Server The number of packets that are relayed from client to server. Transmit Error The number of packets that resulted in errors while being sent to clients. Receive from Server The number of packets received from server.
Page 250 Client Statistics Transmit to Client The number of relayed packets from server to client. Transmit Error The number of packets that resulted in error while being sent to servers. Receive from Client The number of received packets from server. Receive Agent Option The number of received packets with relay agent information option.
Page 251 Network / Dynamic ARP Inspection Table Entries in the Dynamic ARP Inspection Table are shown on this page. The Dynamic ARP Inspection Table contains up to 1024 entries, and is sorted first by port, then by VLAN ID, then by MAC address, and then by IP address.
Page 252 ARP Inspection Table Columns Port Switch Port Number for which the entries are displayed. VLAN ID VLAN-ID in which the ARP traffic is permitted. MAC Address User MAC address of the entry. IP Address User IP address of the entry. Buttons Auto-refresh : Click this box to enable an automatic refresh of the page at regular intervals.
Page 253 Network / Dynamic IP Source Guard Table Entries in the Dynamic IP Source Guard Table are shown on this page. The Dynamic IP Source Guard Table is sorted first by port, then by VLAN ID, then by IP address, and then by MAC address.
Page 254 IP Source Guard Table Columns Port Switch Port Number for which the entries are displayed. VLAN ID VLAN-ID in which the IP traffic is permitted. IP Address User IP address of the entry. MAC Address Source MAC address. Buttons Auto-refresh: Click this box to enable an automatic refresh of the page at regular intervals.
Page 255: Security / Aaa
6.1.3.3. Security / AAA This page provides an overview of the status of the RADIUS servers configurable on the Authentication configuration page. RADIUS Authentication Servers The RADIUS server number. Click to navigate to detailed statistics for this server. IP Address The IP address and UDP port number (in <IP Address>:<UDP Port>...
Page 256 RADIUS Accounting Servers The RADIUS server number. Click to navigate to detailed statistics for this server. IP Address The IP address and UDP port number (in <IP Address>:<UDP Port> notation) of this server. State The current state of the server. This field takes one of the following values: Disabled: The server is disabled Not Ready:...
Page 257 RADIUS Authentication Statistics This page provides detailed statistics for a particular RADIUS server. RADIUS Authentication Statistics The statistics map closely to those specified in RFC4668-RADIUS.Authentication Client MIB. Use the server select box to switch between the backend servers to show details for. Packet Counters RADIUS authentication server packet counter.
Page 258 ators invalid authenticators or Message Authenticator attributes received from the server. The number of RADIUS packets that radiusAuthClientE were received with unknown types Unknown Types xtUnknownTypes from the server on the authentication port and dropped. The number of RADIUS packets that were received from the server on the Packets Radius Auth Client...
Page 259 Other Info This section contains information about the state of the server and the latest round-trip time. RFC4668 Name Description Name Shows the state of the server. It takes one of the following values: Disabled: The selected server is disabled. Not Ready: The server is enabled, but IP communication is not yet up and running.
Page 260 RADIUS Accounting Statistics The statistics map closely to those specified in RFC4670-RADIUS.Accounting Client MIB. Use the server select box to switch between the backend servers to show details for. Packet Counters RADIUS accounting server packet counter. There are five receive and four transmit counters. Direc Name RFC4670 Name...
Page 261 retransmissions. The number of RADIUS packets Retransmis radiusAccClientExtRet retransmitted to the RADIUS ransmissions sions accounting server. The number of RADIUS packets destined for the server that have not yet timed out or received a response. Pending radiusAccClientExtPen This variable is incremented when a Requests dingRequests Request is sent and decremented due...
Page 262 Other Info This section contains information about the state of the server and the latest round-trip time. Name RFC4670 Name Description Shows the state of the server. It takes one of the following values: Not Ready: Disabled: The selected server is disabled. Not Ready: The server is enabled, but IP communication is not yet up and running.
Page 263: Switch / Snmp / Rmon
6.1.3.4. Switch / SNMP / RMON RMON Statistics Overview This page provides an overview of RMON statistics entries. The displayed counters are: Data Source The port ID which wants to be monitored. Drop The total number of events in which packets were dropped by the probe due to lack of resources.
Page 264 CRC Errors The total number of packets received that had a length (excluding framing bits, but including FCS octets) of between 64 and 1518 octets. Under-size The total number of packets received that were less than 64 octets. Over-size The total number of packets received that were longer than 1518 octets. Frag.
Page 265 RMON History Overview This page provides an overview of RMON history entries. The displayed fields are: History Index Indicates the index of History control entry. Sample Index Indicates the index of the data entry associated with the control entry Sample Start The total number of events in which packets were dropped by the probe due to lack of resources.
Page 266 Multicast The total number of good packets received that were directed to a multicast address. CRCErrors The total number of packets received that had a length (excluding framing bits, but including FCS octets) of between 64 and 1518 octets. Undersize The total number of packets received that were less than 64 octets.
Page 267 RMON Alarm Overview This page provides an overview of RMON alarm entries. The displayed fields are: Indicates the index of Alarm control entry. Interval Indicates the interval in seconds for sampling and comparing the rising and falling threshold. Variable Indicates the particular variable to be sampled Sample Type The method of sampling the selected variable and calculating the value to be compared against the thresholds, possible sample types are:...
Page 268 RMON Event Overview This page provides an overview of RMON event entries. The displayed fields are: Event Index Indicates the index of the event entry. Log Index Indicates the index of the log entry. Log Time Indicates Event log time Log Description Indicates the Event description.
Page 269: Lacp System Status
6.1.4. LACP System Status 6.1.4.1. System Status This page provides a status overview for all LACP instances. Aggr ID The Aggregation ID associated with this aggregation instance. For LLAG the id is shown as 'isid:aggr-id' and for GLAGs as 'aggr-id' Partner System ID The system ID (MAC address) of the aggregation partner.
Page 270: Lacp Port Status
6.1.4.2. LACP Port Status This page provides a status overview for LACP status for all ports. Port The switch port number. LACP 'Yes' means that LACP is enabled and the port link is up. 'No' means that LACP is not enabled or that the port link is down.
Page 271: Lacp Statistics
6.1.4.3. LACP statistics This page provides an overview for LACP statistics for all ports. Port The switch port number. LACP Received Shows how many LACP frames have been received at each port. LACP Transmitted Shows how many LACP frames have been sent from each port. Discarded Shows how many unknown or illegal LACP frames have been discarded at each port.
Page 272: Loop Protection
6.1.5. Loop Protection This page displays the loop protection port status the ports of the switch. Loop protection port status is: Port The switch port number of the logical port. Action The currently configured port action. Transmit The currently configured port transmit mode. Loops The number of loops detected on this port.
Page 273: Stp Bridge Status
6.1.6. STP Bridge Status This page provides a status overview of all STP bridge instances. 6.1.6.1. Bridge Status The displayed table contains a row for each STP bridge instance, where the column displays the following information: MSTI The Bridge Instance. This is also a link to the STP Detailed Bridge Status Bridge ID The Bridge ID of this Bridge instance.
Page 274: Stp Port Status
6.1.6.2. STP Port Status This page displays the STP CIST port status for physical ports of the switch. STP port status is: Port The switch port number of the logical STP port. CIST Role The current STP port role of the CIST port. The port role can be one of the following values: AlternatePort BackupPort RootPort DesignatedPort Disabled.
Page 275: Stp Port Statistics
6.1.6.3. STP Port Statistics This page displays the STP port statistics counters of bridge ports in the switch. The STP port statistics counters are: Port The switch port number of the logical STP port. MSTP The number of MSTP Configuration BPDU's received/transmitted on the port. RSTP The number of RSTP Configuration BPDU's received/transmitted on the port.
Page 276: Mvr Status
6.1.7. MVR Status 6.1.7.1. Statistics This page provides MVR Statistics information. VLAN ID The Multicast VLAN ID. V1 Reports Received The number of Received V1 Reports. V2 Reports Received The number of Received V2 Reports. V3 Reports Received The number of Received V3 Reports. V2 Leaves Received The number of Received V2 Leaves.
Page 277: Mvr Group Table
6.1.7.2. MVR Group Table Entries in the MVR Group Table are shown on this page. The MVR Group Table is sorted first by VLAN ID, and then by group. Navigating the MVR Group Table Each page shows up to 99 entries from the MVR Group table, default being 20, selected through the "entries per page"...
Page 278: Monitor / Ipmc / Igmp Snooping
6.1.8. Monitor / IPMC / IGMP Snooping 6.1.8.1. IGMP Snooping IGMP Snooping Status This page provides IGMP Snooping status. VLAND ID The VLAN ID of the entry. Querier Version Working Querier Version currently. Host Version Working Host Version currently. Querier Status Shows the Querier status is "ACTIVE"...
Page 279 Router Port Display which ports act as router ports. A router port is a port on the Ethernet switch that leads towards the Layer 3 multicast device or IGMP querier. Static denotes the specific port is configured to be a router port. Dynamic denotes the specific port is learnt to be a router port.
Page 280 IGMP Group Information Entries in the IGMP Group Table are shown on this page. The IGMP Group Table is sorted first by VLAN ID, and then by group. Navigating the IGMP Group Table Each page shows up to 99 entries from the IGMP Group table, default being 20, selected through the "entries per page"...
Page 281 GMP SFM Information Table Entries in the IGMP SFM Information Table are shown on this page. The IGMP SFM (Source-Filtered Multicast) Information Table also contains the SSM (Source-Specific Multicast) information. This table is sorted first by VLAN ID, then by group, and then by Port No. Different source belong to the same group are treated as single entry.
Page 282 Source Address IP Address of the source. Currently, system limits the total number of IP source addresses for filtering to be 128. Type Indicates the Type. It can be either Allow or Deny. Buttons Auto-refresh: Check this box to enable an automatic refresh of the page at regular intervals. Refresh: Refreshes the displayed table starting from the input fields.
Page 283: Mld Snooping Status
6.1.8.2. MLD Snooping Status This page provides MLD Snooping status. VLAND ID The VLAN ID of the entry. Querier Version Working Querier Version currently. Host Version Working Host Version currently. Querier Status Show the Querier status is "ACTIVE" or "IDLE". "DISABLE"...
Page 284 MLD Group Table Entries in the MLD Group Table are shown on this page. The MLD Group Table is sorted first by VLAN ID, and then by group. Navigating the MLD Group Table Each page shows up to 99 entries from the MLD Group table, default being 20, selected through the "entries per page"...
Page 285 MLD SFM Information Table Entries in the MLD SFM Information Table are shown on this page. The MLD SFM (Source-Filtered Multicast) Information Table also contains the SSM (Source-Specific Multicast) information. This table is sorted first by VLAN ID, then by group, and then by Port No. Different source addresses belong to the same group are treated as single entry.
Page 286 Port Switch port number. Mode Indicates the filtering mode maintained per (VLAN ID, port number, Group Address) basis. It can be either Include or Exclude. Source Address IP Address of the source. Currently, system limits the total number of IP source addresses for filtering to be 128.
Page 287: Monitor / Lldp
6.1.9. Monitor / LLDP 6.1.9.1. LLDP / Neighbor This page provides a status overview for all LLDP neighbors. The displayed table contains a row for each port on which an LLDP neighbor is detected. The columns hold the following information: Local Port The port on which the LLDP frame was received.
Page 288 assist discovery by the network management. This could for instance hold the neighbor’s IP address. Buttons Refresh: Click to refresh the page immediately. Auto-refresh: Check this box to enable an automatic refresh of the page at regular intervals. 288 ...
Page 289: Lldp Med Neighbors
6.1.9.2. LLDP MED Neighbors This page provides a status overview of all LLDP-MED neighbors. The displayed table contains a row for each port on which an LLDP neighbor is detected. This function applies to VoIP devices which support LLDP-MED. The columns hold the following information: Port The port on which the LLDP frame was received.
Page 290 LLDP-MED Endpoint Device Definition LLDP-MED Endpoint Devices, as defined in TIA-1057, are located at the IEEE 802 LAN network edge, and participate in IP communication service using the LLDP-MED framework. Within the LLDP-MED Endpoint Device category, the LLDP-MED scheme is broken into further Endpoint Device Classes, as defined in the following.
Page 291 LLDP-MED Communication Endpoint (Class III) The LLDP-MED Communication Endpoint (Class III) definition is applicable to all endpoint products that act as end user communication appliances supporting IP media. Capabilities include all of the capabilities defined for the previous Generic Endpoint (Class I) and Media Endpoint (Class II) classes, and are extended to include aspects related to end user devices.
Page 292 7. Streaming Video - for use by broadcast or multicast based video content distribution and other similar applications supporting streaming video services that require specific network policy treatment. Video applications relying on TCP with buffering would not be an intended use of this application type.
Page 293: Lldp Eee
6.1.9.3. LLDP EEE By using EEE power savings can be achieved at the expense of traffic latency. This latency occurs due to that the circuits EEE turn off to save power, need time to boot up before sending traffic over the link. This time is called "wakeup time". To achieve minimal latency, devices can use LLDP to exchange information about their respective tx and rx "wakeup time ", as a way to agree upon the minimum wakeup time they need.
Page 294 Echo Tx Tw The link partner's Echo Tx Tw value The respective echo values shall be defined as the local link partner’s reflection (echo) of the remote link partners respective values. When a local link partner receives its echoed values from the remote link partner it can determine whether or not the remote link partner has received, registered and processed its most recent values.
Page 295: Lldp Statistics
6.1.9.4. LLDP Statistics This page provides an overview of all LLDP traffic. Two types of counters are shown. Global counters are counters that refer to the whole switch, while local counters refer to per port counters for the currently selected switch. Global Counters Neighbor entries were last changed on It also shows the time when the last entry was last deleted or added.
Page 296 Local Counters The displayed table contains a row for each port. The columns hold the following information: Local Port The port on which LLDP frames are received or transmitted. Tx Frames The number of LLDP frames transmitted on the port. Rx Frames The number of LLDP frames received on the port.
Page 297: Dynamic Mac Table
6.1.10. Dynamic MAC Table Entries in the MAC Table are shown on this page. The MAC Table contains up to 8192 entries, and is sorted first by VLAND ID, then by MAC address. avigating the MAC Table Each page shows up to 999 entries from the MAC table, default being 20, selected through the "entries per page"...
Page 298 MAC Table Columns Switch (stack only) The stack unit where the entry is learned. Type Indicates whether the entry is a static or a dynamic entry. MAC address The MAC address of the entry. VLAN The VLAN ID of the entry. Port Members The ports that are members of the entry.
Page 299: Vlan Membership Status
6.1.11. VLAN Membership Status This page provides an overview of membership status of VLAN users. VLAN USER VLAN User module uses services of the VLAN management functionality to configure VLAN memberships and VLAN port configurations such as PVID and UVID. Currently we support the following VLAN user types: CLI/Web/SNMP: These are referred to as static.
Page 300 Port Members A row of check boxes for each port is displayed for each VLAN ID. If a port is included in a VLAN, an image will be displayed. If a port is included in a Forbidden port list, an image will be displayed.
Page 301 VLAN Port Status This page provides VLAN Port Status. VLAN USER VLAN User module uses services of the VLAN management functionality to configure VLAN memberships and VLAN port configuration such as PVID, UVID. Currently we support following VLAN User types: ...
Page 302 ingress processing. If the port only accepts tagged frames, untagged frames received on that port are discarded. Tx Tag Shows egress filtering frame status whether tagged or untagged. UVID Shows UVID (untagged VLAN ID). Port's UVID determines the packet's behavior at the egress side. Conflicts Shows status of Conflicts whether exists or not.
Page 303: Vcl Mac-Based Vlan Status
6.1.12. VCL MAC-Based VLAN Status This page shows MAC-based VLAN entries configured by various MAC-based VLAN users. Currently we support following VLAN User types: CLI/Web/SNMP: These are referred to as static. NAS: NAS provides port-based authentication, which involves communications between a Supplicant, Authenticator, and an Authentication Server.
Page 304: Sflow
6.1.13. sFlow This page shows the sFlow Statistics. Flow Sampling Packet flow sampling refers to arbitrarily choosing some packets out of a specified number, reading the first "Max Hdr Size" bytes and exporting the sampled datagram for analysis. The attributes associated with the flow sampling are: sampler type, sampling rate, maximum header size.
Page 305: Diagnostic
6.2. Diagnostic This section provides some convenient tool for user to do switch diagnostic from remote site. 6.2.1. Ping This page allows you to issue ICMP PING packets to troubleshoot IP connectivity issues. Type the IP Address, ping length (default = 56 bytes), ping count (default=5) and ping interval (default =1).
Page 306: Ping6
6.2.2. Ping6 This page allows you to issue ICMPv6 PING packets to troubleshoot IPv6 connectivity issues. Type the IPv6 Address, ping length (default = 56 bytes), ping count (default=5) and ping interval (default =1). Then press "Start" to start ping remote host. After you press Start, 5 ICMPv6 packets are transmitted, and the sequence number and roundtrip time are displayed upon reception of a reply.
Page 307: Veriphy Cable Diagnostic
6.2.3. VeriPHY Cable Diagnostic This page is used for running the VeriPHY Cable Diagnostics. Select the port and then press Start to run the diagnostics. This will take approximately 5 seconds. If all ports are selected, this can take approximately 15 seconds. When completed, the page refreshes automatically, and you can view the cable diagnostics results in the cable status table.
Page 308: Maintenance
Length: The length (in meters) of the cable pair. 6.3. Maintenance The section allows user to maintain the switch, such as Reset Factory Default, Firmware upgrading, Configuration Save/Restore and Restart the device. 6.3.1. Restart Device You can restart the switch on this page. After restart, the switch will boot normally. Yes: Click to restart device.
Page 309: Software Upload
6.3.3. Software Upload 6.3.3.1. Firmware Update This page facilitates an update of the firmware controlling the switch. "Browse" to the location of a software image, you can see the file name in the right of the Browse command. Click "Upload" to start the process. After the software image is uploaded, a page announces that the firmware update is initiated.
Page 310: Image Select
6.3.3.2 Image Select There are 2 image saved within the switch. This page provides information about the active and alternate (backup) firmware images in the device, and allows you to revert to the alternate image. The web page displays two tables with information about the active and alternate firmware images.
Page 311: Configuration
6.3.4. Configuration You can save/view or load the switch configuration. The configuration file is in XML format with a hierarchy of tags: Header tags: <?xml version="1.0"?> and <configuration>. These tags are mandatory and must be present at the beginning of the file. Section tags: <platform>, <global>...
Page 312 <mac> <entry port="1-24" learn mode="auto"></entry> </mac> </switch> < /configuration> Save: Click to save the configuration file. Upload: Click to upload the configuration file. 312 ...
Page 313: Safety Warnings
Safety Warnings For your safety, be sure to read and follow all warning notices and instructions.  Do not open the device. Opening or removing the device cover can expose you to dangerous high voltage points or other risks. Only qualified service personnel can service the device.
Page 314 The safety advice in the documentation accompanying the products shall be obeyed. The conformity to the above directive is indicated by the CE sign on the device. The Allnet ALL-SG8826PMX-10G conforms to the Council Directives of 2004/108/EC. This equipment meets the following conformance standards: This equipment is intended to be operated in all countries.
Page 315 82110 Germering Your request should include: (i) the name of the covered binary, (ii) the version number of the ALLNET product containing the covered binary, (iii) your name, (iv) your company name (if applicable) and (v) your return mailing and email address (if available). We may charge you a nominal fee to cover the cost of the media and distribution.
Page 316 Copyright (C) 1989, 1991 Free Software Foundation, Inc. 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users.
Page 317 You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program.
Page 318 distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. If distribution of executable or object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code.
Page 319 published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission.
Page 320 Gnomovision version 69, Copyright (C) year name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c';...
Page 321 these rights. These restrictions translate to certain responsibilities for you if you distribute copies of the library or if you modify it. For example, if you distribute copies of the library, whether gratis or for a fee, you must give the recipients all the rights that we gave you.
Page 322 This License Agreement applies to any software library or other program which contains a notice placed by the copyright holder or other authorized party saying it may be distributed under the terms of this Lesser General Public License (also called "this License").
Page 323 In addition, mere aggregation of another work not based on the Library with the Library (or with a work based on the Library) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. You may opt to apply the terms of the ordinary GNU General Public License instead of this License to a given copy of the Library.
Page 324 Library. (It is understood that the user who changes the contents of definitions files in the Library will not necessarily be able to recompile the application to use the modified definitions.) b) Use a suitable shared library mechanism for linking with the Library. A suitable mechanism is one that (1) uses at run time a copy of the library already present on the user's computer system, rather than copying library functions into the executable, and (2) will operate properly with a modified version of the library, if the user installs one, as long as the modified version is interface-compatible with the version that the work was made with.
Page 325 all. For example, if a patent license would not permit royalty-free redistribution of the Library by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Library.
Page 326 If you develop a new library, and you want it to be of the greatest possible use to the public, we recommend making it free software that everyone can redistribute and change. You can do so by permitting redistribution under these terms (or, alternatively, under the terms of the ordinary General Public License).

Allnet ALL-SG8826PMX-10G User Manual

1 Product Overview

2 Hardware Description

3 Preparation for Management

4 Feature Configuration - Web UI

5 Feature Configuration - CLI

6 Web Configuration - Monitor, Diagnostic, Maintenance

Quick Links

Need help?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for Allnet ALL-SG8826PMX-10G

Summary of Contents for Allnet ALL-SG8826PMX-10G