Page 1 MaxiiNet VI3010 Operational Manual 10 Port Series PoE+ L2 Plus Managed Switch Release V1.00  2014 Vigitron, Inc. All rights reserved. All brand and product names are trademarks or registered trademarks of their respective companies.
Page 2: About This Manual
Copyright © 2014 Vigitron, Inc. All rights reserved. The products and programs Copyright described in this user’s manual are licensed products of Vigitron, Inc. This user’s manual contains proprietary information protected by copyright, and this user’s manual and all accompanying hardware, software and documentation are copyrighted.
Page 3 Vigitron does not warrant that the hardware will work properly in all environments Disclaimer and applications, and makes no warranty and representation, either implied or expressed, with respect to the quality, performance, merchantability, or fitness for a particular purpose. Vigitron disclaims liability for any inaccuracies or omissions that may have occurred.
Page 4: Table Of Contents
Contents About This Manual................................. 1 Introduction ................................... 8 Chapter 1: Operation of Web-Based Management ....................... 9 Chapter 2: System Configuration ..........................11 2-1 System Information ............................11 2-1.1 Information ............................... 11 2-1.2 Configuration ............................13 2-2 Time .................................. 14 2-2.1 Manual ..............................14 2-2.2 NTP ................................
Page 5 3-2 ACL ..................................49 3-2.1 Ports ................................49 3-2.2 Rate Limiters ............................. 51 3-2.3 Access Control List ............................ 52 3-2.4 ACL Status ..............................55 3-3 Aggregation ............................... 57 3-3.1 Static Trunk ............................... 57 3-3.2 LACP ................................59 3-4 Spanning Tree ..............................64 3-4.1 Bride Settings ............................
Page 6 3-8.4 LLDP-MED Neighbors ..........................112 3-8.5 EEE ................................115 3-8.6 Port Statistics ............................117 3-9 PoE .................................. 119 3-9.1 Configuration ............................119 3-9.2 Status ..............................121 3-9.3 Power Delay ............................123 3-9.4 Auto Checking ............................124 3-9.5 Scheduling ............................... 126 3-10 Filtering Data Base ............................
Page 7 3-15.10 QoS Control List Configuration ......................173 3-15.11 QCL Status ............................177 3-15.12 Storm Control ............................179 3-16 S-Flow Agent ..............................180 3-16.1 Collector ..............................180 3-16.2 Sampler ..............................182 3-17 Loop Protection ............................184 3-17.1 Configuration ............................184 3-17.2 Status ..............................186 3-18 Single IP.................................
Page 8 4-7.1 Limit Control ............................233 4-7.2 Switch Status ............................236 4-7.3 Port Status ............................... 238 4-8 Access Management ............................239 4-8.1 Configuration ............................239 4-8.2 Statistics ..............................241 4-9 SSH .................................. 242 4-10 HTTPs ................................243 4-11 Auth Method ..............................244 Chapter 5: Maintenance ............................
Page 9: Introduction
There are also examples of web-based interface and command-line interface (CLI) operations. The Vi3010 series is the next generation of L2+ managed switches from Vigitron. They are affordable managed switch that provides a reliable infrastructure for your business network.
Page 10: Chapter 1: Operation Of Web-Based Management
Chapter 1: Operation of Web-Based Management This chapter instructs you how to configure and manage the Vi3010 through the Initial web user interface. With this facility through any switch port, you can easily access Configuration and monitor the complete status of the switch, including MIBs status, port activity, Spanning tree status, port aggregation status, multicast traffic, VLAN and priority status, even illegal access record and so on.
Page 11 NOTE: The Vi3010 enables DHCP, so you do not need to have a DHCP server to provide IP addresses to the switch. The switch’s default IP is 192.168.1.1. The server 192.168.20.15 at Vi3010 requires a username and password. Figure 1: Login Page...
Page 12: Chapter 2: System Configuration
Chapter 2: System Configuration 2-1 System This chapter describes all of the basic configuration tasks, including system information and any management of the switch (e.g. Time, Account, IP, Syslog and Information SNMP). 2-1.1 Information After you login, the switch shows the system information. This is the default startup page.
Page 13 Model name: The model name of this device. Parameter Description System description: This describes the device. This device is “8 port 10/100/1000 Base-T + 2-Port TP/(100/1G) SFP Combo PoE L2 Plus Managed Switch”. Location: This is the location of the switch (User-defined). Contact: To easily manage and maintain the device, write down the contact information of the person you would go to for help.
Page 14: 2-1.2 Configuration
You can identify the system by configuring the contact information, name, and 2-1.2 Configuration location of the switch. Web interface To configure System Information in the web interface: 1. Click System, System Information, Configuration. 2. Write System Contact , System Name, System Location information on this page.
Page 15: Time
2-2 Time This page configure the switch’s time. Time configure includes Manual Configuration and NTP Configuration. The switch provides manual and automatic options to set the system time via NTP. 2-2.1 Manual Manual setting is simple. All you have to input is the “Year”, “Month”, “Day”, “Hour”, “Minute”...
Page 16 Clock Source: Click to choose the clock source for the Vi3010. You can select “Use Parameter local Settings” or “Use NTP Server” for Vi3010 time clock source. Description Date and Time Format: The drop bar is for choose appropriate time format. Three selections are provided.
Page 17: 2-2.2 Ntp
NTP is Network Time Protocol and is used to sync the network time based on 2-2.2 NTP Greenwich Mean Time (GMT). If you use the NTP mode and select a built-in NTP time server, or manually specify a user-defined NTP server and Time Zone, the switch will sync the time in a short period after pressing <Apply>...
Page 18: Account
In this function, only the administrator can create, modify or delete the username 2-3 Account and password. The administrator can modify other guest identities’ password without confirming the password, but it is necessary to modify the administrator- equivalent identity. Guest-equivalent identity can modify his password only. Please note that you must confirm administrator/guest identity in the field of Authorization in advance before configuring the username and password.
Page 19 User Name: The name identifying the user. This is also a link to Add/Edit User. Parameter Description Password: To type the password. The allowed string length is 0 to 255 and the allowed content is the ASCII characters from 32 to 126. Password (again): To type the password again.
Page 20: 2-3.2 Privilege Level
2-3.2 Privilege This page provides an overview of the privilege levels. The switch provides user set Level Account, Aggregation, Diagnostics, EEE, GARP, GVRP, IP, IPMC Snooping, LACP, LLDP, LLDP MED, MAC Table, MRP, MVR, MVRP Maintenance Mirroring, POE Ports, Private VLANs, QoS, SMTP, SNMP, Security, Spanning Tree, System Trap Event, VCL, VLANs, Voice VLAN, and Privilege Levels from 1 to 15.
Page 21 Group Name: The name identifying the privilege group. In most cases, a privilege Parameter level group consists of a single module (e.g. LACP, RSTP or QoS), but a few of them Description contain more than one. The following description defines these privilege level groups in details: ...
Page 22: 2-4.1 Ipv4
2-4 IP IP is an acronym for Internet Protocol. It is a protocol used for communicating data across an internet network. 2-4.1 IPV4 IP is a "best effort" system, which means that no packet of information sent over is assured to reach its destination in the same condition it was sent. Each device connected to a Local Area Network (LAN) or Wide Area Network (WAN) is given an Internet Protocol address, and this IP address is used to identify the device uniquely among all other devices connected to the extended network.
Page 23 DHCP Client: Enables the DHCP client by checking this box. If DHCP fails and the Parameter configured IP address is zero, DHCP will retry. If the DHCP fails and the configured IP Description address is non-zero, the DHCP will stop and the configured IP settings will be used. The DHCP client will announce the configured system name as hostname to provide DNS lookup.
Page 24: 2-4.2 Ipv6
This section describes how to configure the switch-managed IPv6 information. The 2-4.2 IPV6 “Configured” column is used to view or change the IPv6 configuration. The “Current” column is used to show the active IPv6 configuration.  Configure the switch-managed IPv6 information on this page. ...
Page 25: Syslog
The syslog is a standard for logging program messages. It allows separation of the 2-5 Syslog software that generates messages from the system that stores them and the software that reports and analyzes them. It can be used as generalized informational, analysis and debugging messages.
Page 26: 2-5.2 Log
This section describes the system log information of the switch. 2-5.2 Log Web Interface To display the log configuration in the web interface: 1. Click Syslog, Log. 2. Display the log information. Figure 2- 5.2: The System Log Configuration Parameter Auto-refresh: To evoke the auto-refresh icon, then the device will refresh the log automatically.
Page 27: 2-5.3 Detailed Log
This section describes the detailed log information of the switch. 2-5.3 Detailed Log Web Interface To display the detailed log configuration in the web interface: 1. Click Syslog, Detailed Log. 2. Display the log information. Figure 2- 5.3: The Detailed System Log Information ID: The ID (>= 1) of the system log entry.
Page 28: Snmp
Any Network Management System (NMS) running the Simple Network Management 2-6 SNMP Protocol (SNMP) can manage the Managed devices equipped with SNMP agent, provided that the Management Information Base (MIB) is installed correctly on the managed devices. SNMP is a protocol that is used to govern the transfer of information between SNMP manager and agent, and traverses the object identity (OID) of the management Information base (MIB), described in the form of SMI syntax.
Page 29: 2-6.2 Configuration
The function is used to configure SNMP communities. To enable a new community 2-6.2 Configuration statistics, please check the button ▼, and choose <Enable> to configure SNMP function. Web Interface To display the SNMP Configuration in the web interface: 1. Click SNMP, Configuration. 2.
Page 30: 2-6.3 Communities
The function is used to configure SNMPv3 communities. The Community and User 2-6.3 Communities Name are unique. To create a new community account, please check the <Add new community> button and enter the account information. Click <Save> when you’re finish. Max Group Number: 4. Web Interface To display the configure SNMP Communities in the web interface: 1.
Page 31: 2-6.4 Users
The function is used to configure SNMPv3 user. The Entry index key is UserName. 2-6.4 Users To create a new User Name account, please check the <Add New User> button and enter the user information. Check <Save> when you’re finish. Max Group Number: Web Interface To display the configure SNMP Users in the web interface: 1.
Page 32 Authentication Password: A string identifying the authentication password phrase. For MD5 authentication protocol, the allowed string length is 8 to 32. For SHA authentication protocol, the allowed string length is 8 to 40. The allowed content is ASCII characters from 33 to 126. Privacy Protocol: Indicates the privacy protocol that this entry should belong to.
Page 33: 2-6.5 Groups
The function is used to configure SNMPv3 group. The entry index keys are Security 2-6.5 Groups Model and Security Name. To create a new group account, please check <Add New Group> button. Enter the group information, then check <Save>. Max Group Number: v1:2, v2:2, v3:10.
Page 34: 2-6.6 Views
The function is used to configure SNMPv3 view. The Entry index keys are OID 2-6.6 Views Subtree and View Name. To create a new view account, please check <Add New View> button. Enter the view information, then check <Save>. Max Group Number: Configure the SNMPv3 view table on this page.
Page 35: 2-6.7 Access
The function is used to configure SNMPv3 accesses. The entry index key are Group 2-6.7 Access Name, Security Model, and Security level. To create a new access account, please check <Add New Access> button. Enter the access information, then check <Save>. Max Group Number: 14.
Page 36 The name of the MIB view defines the MIB objects so this request may potentially set new values. The allowed string length is 1 to 32, and the allowed content is ASCII characters from 33 to 126. Write View Name: The name of the MIB view defines the MIB objects so this request may potentially set new values.
Page 37: 2-6.8 Trap
The function is used to configure SNMP trap. To create a new trap account, please 2-6.8 Trap check <No number> button. Enter the trap information, then check <Apply>. Max Group Number: 6. Web Interface To configure SNMP Trap setting: 1. Click SNMP, Trap. 2.
Page 38 Security Level: Indicates what kind of message will send to security level. Possible modes are:  Error: Send errors.  Warning: Send warnings and errors.  Info: Send information, warnings, and errors. Security Level: There are three kinds of choices. ...
Page 39: Chapter 3: Configuration
Chapter 3: Configuration This chapter describes the basic network configuration tasks which includes the Ports, Layer 2 network protocol (e.g. VLANs, QoS, IGMP, ACLs, PoE, and so on), and any settings of the switch. The section describes to configure the port detail parameters of the switch. You 3-1 Port could also use the port configuration to enable or disable the port of the switch.
Page 40 Port: This is the logical port number for this row. Parameter Description Link: The current link state is displayed graphically. Green indicates the link is up and red that it is down. Current Link Speed: Provides the current link speed of the port. Configured Link Speed: Selects any available link speed for the given switch port.
Page 41: 3-1.2 Port Description
The section configures the port’s alias or any descriptions for the port identity. It 3-1.2 Port allows the user to write down an alphanumeric string to describe the full name and Description version identification for the system’s hardware type, software version, and networking application.
Page 42: 3-1.3 Traffic Overview
The section describes to the port statistics information and provides an overview of 3-1.3 Traffic the general traffic statistics for all switch ports. The ports belong to the current Overview selected stack unit, as reflected by the page header. Web Interface To display the Port Statistics Overview in the web interface: 1.
Page 43: 3-1.4 Detailed Statistics
3-1.4 Detailed The section provides detailed traffic statistics for a specific switch port. Use the port Statistics select box to select which switch port details to display. The selected port belongs to the current selected stack unit, as reflected by the page header. The displayed counters are the totals for receive and transmit, the size counters for receive and transmit, and the error counters for receive and transmit.
Page 44 Rx and Tx Pause: A count of the MAC Control frames received or transmitted on this port that have an opcode to include a PAUSE operation. Receive and Transmit Size Counters: The number of received and transmitted (good and bad) packets split into categories based on their respective frame sizes. Receive and Transmit Queue Counters: The number of received and transmitted packets per input and output queue.
Page 45: 3-1.5 Qos Statistics
The section describes how the switch could display the QoS detailed queuing 3-1.5 QoS Statistics counters for a specific switch port. The ports belong to the currently selected stack unit, as reflected by the page header. Web Interface To display the Queuing Counters in the web interface: 1.
Page 46: 3-1.6 Sfp Information
The section describes how the switch could display the detailed information of the 3-1.6 SFP SFP module. The information includes: Connector type, Fiber type, Wavelength, Information Baud Rate, Vendor OUI, and more. Web Interface To display the SFP information in the web interface: 1.
Page 47 Temperature: Shows the current temperature of SFP module. Vcc: Shows the working DC voltage of SFP module. Mon1(Bias) mA: Shows the Bias current of SFP module. Mon2(TX PWR): Shows the transmit power of SFP module. Mon3(RX PWR): Shows the receiver power of SFP module. NOTE: Only SFP modules that are UL and CDRH Certified and have an international certification such as...
Page 48: 3-1.7 Eee
3-1.7 EEE The section allows the user to inspect and configure the current EEE port settings. EEE is a power saving option that reduces power usage when there is very low traffic utilization (or no traffic). EEE works by powering down circuits when there is no traffic. When a port gets data to be transmitted, all circuits are powered up.
Page 49 EEE Port Configuration: The EEE port settings relate to the currently selected stack Parameter unit, as reflected by the page header. Description Port: The switch port number of the logical EEE port. EEE Enabled: Controls whether EEE is enabled for this switch port. EEE Urgent Queues: Queues set will activate transmission of frames as soon as any data is available.
Page 50: Acl
3-2 ACL The Vi3010 switch access control list (ACL) is probably the most commonly used object in the IOS. It is used for packet filtering. It also selects the types of traffic to be analyzed, forwarded, or influenced in some way. The ACLs are divided into EtherTypes - IPv4, ARP protocol, MAC, and VLAN parameters.
Page 51 Port: The logical port for the settings contained in the same row. Parameter Description Policy ID: Selects the policy to apply to this port. The allowed values are 0 through 255. The default value is 0. Action: Selects whether forwarding is permitted ("Permit") or denied ("Deny"). The default value is "Permit".
Page 52: 3-2.2 Rate Limiters
The section describes how to configure the switch’s ACL rate limiter parameters. 3-2.2 Rate Limiters The “Rate Limiter Level” from 1 to 16 allows the user to set the rate limiter value and units with pps or kbps. Web Interface To configure ACL Rate Limiter in the web interface: 1.
Page 53: 3-2.3 Access Control List
3-2.3 Access The section describes how to configure the Access Control List rule. An Access Control List Control List (ACL) is a sequential list of permit or deny conditions that apply to IP addresses, MAC addresses, or other more specific criteria. This switch tests ingress packets against the conditions in an ACL one by one.
Page 54 Ingress Port: Selects the ingress port for which this ACE applies. Parameter Description  All: The ACE applies to all port.  Port n: The ACE applies to this port number, where “n” is the number of the switch port. Policy Filter: Specifies the policy number filter for this ACE.
Page 55 VLAN Parameters 802.1Q Tagged: Specifies whether frames can hit the action according to the 802.1Q tagged. The allowed values are:  Any: Any value is allowed ("don't-care").  Enabled: Tagged frame only.  Disabled: Untagged frame only.  The default value is "Any". VLAN ID Filter: Specifies the VLAN ID filter for this ACE.
Page 56: 3-2.4 Acl Status
The section shows the ACL status by different ACL users. Each row describes the ACE 3-2.4 ACL Status defined. It is a conflict if a specific ACE is not applied to the hardware due to hardware limitations. The maximum number of ACEs is 256 on each switch. Web Interface To display the ACL status in the web interface: 1.
Page 57 Mirror: Specifies the mirror operation of this port. The allowed values are:  Enabled: Frames received on the port are mirrored.  Disabled: Frames received on the port are not mirrored.  The default value is "Disabled". CPU: Forward packet that matched the specific ACE to CPU. CPU Once: Forward first packet that matched the specific ACE to CPU.
Page 58: Aggregation
The aggregation is used to configure the settings of “Link Aggregation”. You can 3-3 Aggregation bundle more than one port with the same speed, full duplex, and the same MAC to be a single logical port. Thus, the logical port aggregates the bandwidth of these ports.
Page 59 Hash Code Contributors Parameter Description Source MAC Address: The Source MAC address can be used to calculate the destination port for the frame. Check to enable the use of the source MAC address or uncheck to disable. By default, the source MAC address is enabled. Destination MAC Address: The destination MAC Address can be used to calculate the destination port for the frame.
Page 60: 3-3.2 Lacp
3-3.2 LACP Ports using Link Aggregation Control Protocol (according to IEEE 802.3ad specification) as their trunking method can choose their unique LACP Group ID to form a logic “trunked port”. The benefit of using LACP is that a port makes an agreement with its peer port before it becomes a ready member of a “trunk group”...
Page 61 Port: The switch port number. Parameter Description LACP Enabled: Controls whether LACP is enabled on this switch port. LACP will form an aggregation when 2 or more ports are connected to the same partner. LACP can form a max of 12 LLAGs per switch and 2 GLAGs per stack. Key: The key value incurred by the port, ranging from 1 to 65535.
Page 62 This section describes how the status overview for all LACP instances is provided 3-3.2.2 System when you complete setting the LACP function on the switch. Status Web Interface To display the LACP System status in the web interface: 1. Click Configuration, LACP, System Status. 2.
Page 63 This section describes how the port status overview for all LACP instances is 3-3.2.3 Port Status provided when you complete setting the LACP function on the switch. Web Interface To display the LACP Port status in the web interface: 1. Click Configuration, LACP, Port Status. 2.
Page 64 This section describes how the port statistics overview is provided when you 3-3.2.4 Port complete setting the LACP function on the switch. Statistics Web Interface To display the LACP Port Status in the web interface: 1. Click Configuration, LACP, Port Statistics. 2.
Page 65: Spanning Tree
The Spanning Tree Protocol (STP) can be used to detect and disable network loops, 3-4 Spanning Tree and to provide backup links between switches, bridges, or routers. This allows the switch to interact with other bridging devices (e.g. an STP-compliant switch, bridge, or router) in your network to ensure that only one route exists between any two stations on the network.
Page 66 Figure 3-4.1: The STP Bridge Configuration Basic Settings Parameter Description Protocol Version: The STP protocol version setting. Valid values are STP, RSTP, and MSTP. Bridge Priority: Controls the bridge priority. Lower numeric values have better priority. The bridge priority plus the MSTI instance number, concatenated with the 6- byte MAC address of the switch forms a Bridge Identifier.
Page 67 Port Error Recovery: Controls whether a port in the error-disabled state automatically will be enabled after a certain time. If recovery is not enabled, ports have to be disabled and re-enabled for normal STP operation. The condition is also cleared by a system reboot. Port Error Recovery Timeout: The time to pass before a port in the error-disabled state can be enabled.
Page 68: 3-4.2 Msti Mapping
3-4.2 MSTI MSTI Mapping is when you implement a Spanning Tree protocol on the switch that Mapping the bridge instance. The CIST is not available for explicit mapping because it will receive the VLANs not explicitly mapped. Due to this reason, you need to set the list of VLANs mapped to the MSTI.
Page 69 Configuration Identification Parameter Description Configuration Name: Configuration Name is the name identifying the VLAN to MSTI mapping. Bridges must share the name and revision (see below), and the VLAN-to- MSTI mapping configuration in order to share spanning trees for MSTI's (Intra- region).
Page 70: 3-4.3 Msti Priorities
When you implement an Spanning Tree protocol on the switch that the bridge 3-4.3 MSTI instance. The CIST is the default instance and is always active. For controls the bridge Priorities priority. Lower numeric values have better priority. The bridge priority plus the MSTI instance number, concatenated with the 6-byte MAC address of the switch forms a Bridge Identifier.
Page 71: 3-4.4 Cist Ports
When you implement a Spanning Tree protocol on the switch that the bridge 3-4.4 CIST Ports instance, you need to configure the CIST Ports. The section allows the user to inspect and change the current STP CIST port configurations. Web Interface To configure the Spanning Tree CIST Ports parameters in the web interface: 1.
Page 72 AutoEdge: Controls whether the bridge should enable automatic edge detection on the bridge port. This allows operEdge to be derived from whether BPDU's are received on the port or not. Restricted Role: If enabled, it causes the port not to be selected as Root Port for the CIST or any MSTI, even if it has the best spanning tree priority vector.
Page 73: 3-4.5 Msti Ports
3-4.5 MSTI Ports The section allows the user to inspect and change the current STP MSTI port configurations. An MSTI port is a virtual port, which is instantiated separately for each active CIST (physical) port for each MSTI instance configured on and applicable to the port. The MSTI instance must be selected before displaying actual MSTI port configuration options.
Page 74 Port: The switch port number of the corresponding STP CIST (and MSTI) port. Parameter Description Path Cost: Controls the path cost incurred by the port. The auto setting will set the path cost as appropriate by the physical link speed, using the 802.1D recommended values.
Page 75: 3-4.6 Bridge Status
After the MSTI Port configuration is completed, the switch can now display the 3-4.6 Bridge Status Bridge Status. The section provides a status overview of all STP bridge instances. The displayed table contains a row for each STP bridge instance, where the column displays the following information: Web Interface To display the STP Bridges status in the web interface:...
Page 76: 3-4.7 Port Status
After the STP configuration is completed, the switch can now display the STP Port 3-4.7 Port Status Status. The section provides the STP CIST port status for physical ports of the currently selected switch. Web Interface To display the STP Port status in the web interface: 1.
Page 77: 3-4.8 Port Statistics
After the STP configuration is completed, the switch can now display the STP 3-4.8 Port Statistics. The section provides the STP Statistics detail counters of bridge ports in Statistics the currently selected switch. Web Interface To display the STP Port status in the web interface: 1.
Page 78: Igmp Snooping
3-5 IGMP Snooping The function is used to establish the multicast groups to forward the multicast packet to the member ports. It also avoid wasting bandwidth while IP multicast packets are running over the network. This happens because a switch that does not support IGMP or IGMP Snooping cannot tell the multicast packet from the broadcast packet, so it can only treat them all as the broadcast packet.
Page 79 Figure 3-5.1: The IGMP Snooping Configuration. Snooping Enabled: Enables the Global IGMP Snooping. Parameter Description Unregistered IPMC Flooding enabled: Enables unregistered IPMC traffic flooding. IGMP SSM Range: SSM (Source-Specific Multicast) Range allows the SSM-aware hosts and routers to run the SSM service model for the groups in the address range. Format: (IP address/ sub mask).
Page 80: 3-5.2 Vlan Configuration
The section describes the VLAN configuration setting process integrated with IGMP 3-5.2 VLAN Snooping function. Each setting page shows up to 99 entries from the VLAN table. Configuration The default is 20 and can be selected through the "entries per page" input field. During the initial visit, the web page will show the first 20 entries from the beginning of the VLAN Table.
Page 81 LLQI (LMQI for IGMP): Last Member Query Interval. The Last Member Query Time is the time value represented by the Last Member Query Interval, multiplied by the Last Member Query Count. The allowed range is 0 to 31744 in tenths of seconds. The default last member query interval is 10 in tenths of seconds (1 second).
Page 82: 3-5.3 Port Group Filtering
3-5.3 Port Group The section describes how to set the IGMP Port Group Filtering. With the IGMP Filtering filtering feature, an user can exert this type of control. In some network Application environments, as like the metropolitan or multiple-dwelling unit (MDU) installations, an user might want to control the multicast groups to which a user on a switch port can belong.
Page 83 Delete: Check to delete the entry. It will be deleted during the next save. Parameter Descriptions Port: To evoke the port enable the IGMP Snooping Port Group Filtering function. Filtering Groups: The IP Multicast Group that will be filtered. Buttons: ...
Page 84: 3-5.4 Status
3-5.4 Status After the IGMP Snooping configuration is completed, the switch can display the IGMP Snooping Status. The section provides the IGMP Snooping detail status. Web Interface To display the IGMP Snooping status in the web interface: 1. Click Configuration, IGMP Snooping, Status. 2.
Page 85: 3-5.5 Group Information
After the IGMP Snooping function setting is completed, the switch can display the 3-5.5 Group IGMP Snooping Group Information. Entries in the IGMP Group Table are shown on Information this page. The IGMP Group Table is sorted first by VLAN ID and then by group. The switch will use the last entry of the currently displayed table as a basis for the next lookup.
Page 86: 3-5.6 Ipv4 Ssm Information
3-5.6 IPV4 SSM Source Specific Multicast (SSM) is a datagram delivery model that best supports one- Information to-many applications, also known as broadcast applications. SSM is a core network technology of IP multicast targeted for audio and video broadcast application environments.
Page 87 Navigating the IGMPv3 Information Table Parameter Description Each page shows up to 99 entries from the IGMPv3 SSM (Source Specific Multicast) Information Table. The default is 20. This can be selected through the "entries per page" input field. During the initial visit, the web page will show the first 20 entries from the beginning of the IGMPv3 Information Table.
Page 88: Mld Snooping
A network node that acts as a source of IPv6 multicast traffic is only an indirect 3-6 MLD Snooping participant in MLD snooping. It provides multicast traffic and MLD doesn’t interact with it. Please note that in an application, like desktop conferencing, a network node may act as both a source and an MLD host.
Page 89 Scroll the MLD Snooping type with Proxy, Snooping…etc. Figure 3-6.1: The MLD Snooping Basic Configuration Parameter Snooping Enabled: Enables the Global MLD Snooping. Description Unregistered IPMC Flooding enabled: Enables unregistered IPMCv6 traffic flooding. Please note that disabling unregistered IPMCv6 traffic flooding may lead to failure of Neighbor Discovery.
Page 90 Throttling: Enables to limit the number of multicast groups to which a switch port can belong. Buttons:  Apply – Click “Apply” to save changes.  Reset- Click “Reset” to undo any changes made locally and revert to previously saved values.
Page 91: 3-6.2 Vlan Configuration
3-6.2 VLAN When MLD snooping is enabled on a VLAN, the switch minimizes unnecessary Configuration multicast traffic. If the switch receives multicast traffic destined for a given multicast address, it forwards that traffic to ports on the VLAN that have MLD hosts for that address.
Page 92 LLQI (LMQI for IGMP): Last Listener Query Interval. The Last Listener Query Interval is the Maximum Response Delay used to calculate the Maximum Response Code inserted into Multicast Address Specific Queries. It is sent in response to Version 1 Multicast Listener Done messages. It is also the Maximum Response Delay used to calculate the Maximum Response Code inserted into Multicast Address and Source Specific Query messages.
Page 93: 3-6.3 Port Group Filtering
3-6.3 Port Group The section describes how to set up the Port Group Filtering in the MLD Snooping Filtering function. On the UI, you could add new filtering group and safety policy. Web Interface To configure the MLD Snooping Port Group Configuration in the web interface: 1.
Page 94: 3-6.4 Status
The section describes how to display the MLD Snooping Status and detail 3-6.4 Status information after completing the MLD Snooping. It will help you find the detail information of MLD Snooping status. Web Interface To display the MLD Snooping Status in the web interface: 1.
Page 95: 3-6.5 Group Information
The section describes how to set up the MLD Snooping Groups Information. The 3-6.5 Group "Start from VLAN" and "Group" input fields allow the user to select the starting Information point in the MLD Group Table. Each page shows up to 99 entries from the MLD Group table. The default is 20 and can be selected through the "Entries Per Page"...
Page 96: 3-6.6 Ipv6 Ssm Information
The section configures the Entries in the MLDv2 Information Table. The MLDv2 3-6.6 IPV6 SSM Information Table is sorted first by VLAN ID, by Group, and then by Port No. Information Different source addresses belong to the same group are treated as single entry. Each page shows up to 64 entries from the MLDv2 SSM (Source Specific Multicast) Information Table.
Page 97: Mvr
The MVR feature enables multicast traffic forwarding on the Multicast VLAN. In a 3-7 MVR multicast television application, a PC or a television with a set-top box, can receive the multicast stream. Multiple set-top boxes or PCs can be connected to one subscriber port, which is a switch port configured as an MVR receiver port.
Page 98 MVR Mode: Enables/Disables the Global MVR. Parameter Description VLAN ID: Specifies the Multicast VLAN ID. Mode: Enables MVR on the port. Type: Specifies the MVR port type on the port. Immediate Leave: Enables the fast leave on the port. Buttons: ...
Page 99: 3-7.2 Port Group Allow
The section describes how to allow the IP Multicast Group to receive the multicast 3-7.2 Port Group stream. Entries in the MVR port group allow table is shown on this page. The MVR Allow Port Group Table is sorted first by port and then by IP address. Web Interface To display the MVR Groups Information in the web interface: 1.
Page 100: 3-7.3 Groups Information
The section describes how to display the MVR Groups detail information on the 3-7.3 Groups switch. Entries in the MVR Group Table are shown on this page. The MVR Group Information Table is sorted first by VLAN ID and then by group. Web Interface To display the MVR Groups Information in the web interface: 1.
Page 101: 3-7.4 Statistics
The section describes how to display the MVR detail statistics after the MVR is 3-7.4 Statistics configured on the switch. It provides the detail MVR Statistics Information. Web Interface To display the MVR Statistics Information in the web interface: 1. Click Configuration, MVR, Statistics. 2.
Page 102: Lldp
3-8 LLDP The switch supports LLDP. For current information on your switch model, the Link Layer Discovery Protocol (LLDP) provides a standards-based method. This method enables switches to advertise themselves to adjacent devices and learn about adjacent LLDP devices. The Link Layer Discovery Protocol (LLDP) is a vendor-neutral Link Layer protocol in the Internet Protocol Suite.
Page 103 LLDP Parameters Parameter Description Tx Interval: The switch periodically transmits LLDP frames to its neighbors to keep the network discovery information up-to-date. The interval between each LLDP frame is determined by the Tx Interval value. Valid values are restricted to 5 to 32768 seconds.
Page 104  CDP TLV "Version and Platform" is mapped to the LLDP "System Description" field.  Both the CDP and LLDP support "system capabilities", but the CDP capabilities cover capabilities that are not part of the LLDP. These capabilities are shown as "others" in the LLDP neighbors' table. ...
Page 105: 3-8.2 Lldp Neighbors
This page provides a status overview for all LLDP neighbors. The displayed table 3-8.2 LLDP contains a row for each port on which an LLDP neighbor is detected. The columns Neighbors hold the following information: Web Interface To show LLDP neighbors: 1.
Page 106 Auto-refresh: Check “Auto-Refresh” so the device can refresh the information automatically. Upper right icon (Refresh): Click “Refresh” to refresh the LLDP neighbors information manually.
Page 107: 3-8.3 Lldp-Med Configuration
Media Endpoint Discovery is an enhancement of LLDP, also known as LLDP-MED, 3-8.3 LLDP-MED that provides the following facilities: Configuration Auto-discovery of LAN policies (such as VLAN, Layer 2 Priority and Differentiated services – Diffserv - settings) enable plug and play networking. Device location discovery allows creation of location databases and in the case of Voice over Internet Protocol (VoIP), enhanced 911 services.
Page 108 Fast start repeat count Parameter Description Rapid Startup and Emergency Call Service Location Identification Discovery of endpoints are critical aspects of VoIP systems. In addition, it is best to advertise only those pieces of information which are specifically relevant to particular endpoint types (e.g.
Page 109 Map Datum: The Map Datum is used for the coordinates given in these options:  WGS84: (Geographical 3D) - World Geodesic System 1984, CRS Code 4327, Prime Meridian Name: Greenwich.  NAD83/NAVD88: North American Datum 1983, CRS Code 4269, Prime Meridian Name: Greenwich.
Page 110 P.O. Box: Post office box (P.O. BOX) - Example: 12345 Additional code: Additional code - Example: 1320300003 Emergency Call Service: Emergency Call Service (e.g. E911 and others), such as defined by TIA or NENA. Emergency Call Service: Emergency Call Service ELIN identifier data format is defined to carry the ELIN identifier used during emergency call setup to a traditional CAMA or ISDN trunk-based PSAP.
Page 111 Policy ID: ID for the policy. This is auto generated and shall be used when selecting the policies that shall be mapped to the specific ports. Application Type: Intended use of the application types:  Voice - For use by dedicated IP Telephony handsets and other similar appliances that support interactive voice services.
Page 112 L2 Priority: L2 Priority is the Layer 2 priority to be used for the specified application type. L2 Priority may specify one of eight priority levels (0 through 7), as defined by IEEE 802.1D-2004. A value of 0 represents use of the default priority as defined in IEEE 802.1D-2004.
Page 113: 3-8.4 Lldp-Med Neighbors
This page provides a status overview of all LLDP-MED neighbors. The displayed table 3-8.4 LLDP-MED contains a row for each port on which an LLDP neighbor is detected. This function Neighbors applies to VoIP devices which support LLDP-MED. The columns hold the following information: Web Interface To show LLDP-MED neighbors:...
Page 114 LLDP-MED Generic Endpoint (Class I): The LLDP-MED Generic Endpoint (Class I) definition is applicable to all endpoint products that require the base LLDP discovery services defined in TIA-1057. However, it does not support IP media or act as an end-user communication appliance. Such devices may include (but are not limited to) IP communication controllers, other communication related servers, or any device requiring basic services as defined in TIA-1057.
Page 115 Application Type: Application Type indicates the primary function of the application(s) defined for this network policy. It is advertised by an endpoint or network connectivity device. The possible application types are shown below: 1. Voice - For use by dedicated IP Telephony handsets and other similar appliances that support interactive voice services.
Page 116: 3-8.5 Eee
By using EEE, power savings can be achieved at the expense of traffic latency. This 3-8.5 EEE latency occurs because the circuits, that EEE turn off to save power, need time to boot up before sending traffic over the link. This time is called "wakeup time". To achieve minimal latency, devices can use LLDP to exchange information about their respective TX and RX "wakeup time "...
Page 117 Echo Rx Tw: The link partner's Echo Rx Tw value. Resolved Tx Tw: The resolved Tx Tw for this link. Note: It is not the link partner. The resolved value that is the actual "Tx wakeup time" used for this link (based on EEE information exchanged via LLDP).
Page 118: 3-8.6 Port Statistics
There are two types of counters for port statistics: global counters and local 3-8.6 Port counters. Global counters are counters that refer to the whole stack switch. While Statistics local counters refer to per port counters for the currently selected switch. Web Interface To show LLDP Statistics: 1.
Page 119 Rx Errors: The number of received LLDP frames containing some kind of error. Frames Discarded: If an LLDP frame is received on a port and the switch's internal table is full, the LLDP frame is counted and discarded. This situation is known as "Too Many Neighbors"...
Page 120: Poe
Power over Ethernet is used to transmit electrical power to remote devices over 3-9 PoE standard Ethernet cable. It could be used to power IP telephones, wireless LAN access points, and other equipment, where it would be difficult or expensive to connect the equipment to main power supply.
Page 121 Power Available for PoE: Power Available for PoE. PD Power consumption: Shows PD power consumption. Retry Time: The period (in seconds) for trying to turn on an overloaded PoE port. 1. The retry time function is for per port overload recovery. It is not for over power budget turned off ports recovery.
Page 122: 3-9.2 Status
This page allows the user to inspect the current status for all PoE ports. The section 3-9.2 Status shows all Port Power Over Ethernet Status. Web Interface To display Power over Ethernet Status in the web interface: 1. Click Status. 2.
Page 123 2. When the current is still unstable while PD connect to PSE, and the PD class already has been defined, it may result inconsistency because the PD class is not able to actively adjust. The PD class will adjust after PD unplug and then plug in.
Page 124: 3-9.3 Power Delay
This section allows the user to set the delay time of power providing after device 3-9.3 Power Delay rebooted. Web Interface To display Power over Ethernet Status in the web interface: 1. Click Configuration, PoE, and Power delay. 2. Enable the port to the power device. 3.
Page 125: 3-9.4 Auto Checking
This page specifies the auto detection parameters to check the linking status 3-9.4 Auto between PoE ports and PDs. When it detects a fail connection, the remote PD will Checking automatically reboot. Web Interface To display Power over Ethernet Auto Checking in the web interface: 1.
Page 126 Ping Check: Enables the Ping Check function to detect the connection between PoE Parameter port and power device. Disable will turn off the detection. Description Port: This is the logical port number for this row. Ping IP Address: The PD’s IP Address the system should ping. Interval Time (sec): Device will send checking message to PD each interval time.
Page 127: 3-9.5 Scheduling
This section allows the user to make a perfect schedule of PoE power supply. PoE 3-9.5 Scheduling Scheduling not only makes PoE management easier, but also saves more energy. Web Interface To display Power Over Ethernet Scheduling in the web interface: 1.
Page 128: Filtering Data Base
Filtering Data Base Configuration gathers many functions, including MAC Table 3-10 Filtering Data Information and Static MAC Learning, which cannot be categorized to some function Base type. MAC table Switching of frames is based upon the DMAC address contained in the frame. The switch builds a table that mapped MAC addresses to switch ports to know which ports the frames should go to (based upon the DMAC address in the frame).
Page 129 Figure 3-10.1: The MAC Address Table Configuration Parameter Aging Configuration: By default, the dynamic entries are removed from the MAC table after 300 seconds. This removal is called aging. Configure aging time by Description entering a value in seconds. For example, age time seconds. The allowed range is 10 to 1000000 seconds.
Page 130 Static MAC Table Configuration The static entries in the MAC table are shown in this table. The static MAC table can contain 64 entries. The maximum of 64 entries is for the whole stack and not per switch. The MAC table is sorted first by VLAN ID and then by MAC address. Delete: Check to delete the entry.
Page 131: 3-10.2 Dynamic Mac Table
Entries in the MAC table are shown on this page. The MAC table contains up to 8192 3-10.2 Dynamic entries. It is sorted first by VLAN ID, and then by MAC address. MAC Table Web Interface To display MAC Address Table in the web interface: 1.
Page 132: Vlan
To assign a specific VLAN for management purpose. The management VLAN is used 3-11 VLAN to establish an IP connection to the switch from a workstation connected to a port in the VLAN. This connection supports a VSM, SNMP, and Telnet session. By default, the active management VLAN is VLAN 1.
Page 133 Adding a New VLAN: Click to add a new VLAN ID. An empty row is added to the table and the VLAN can be configured as needed. Legal values for a VLAN ID are 1 through 4095. The VLAN is enabled on the selected stack switch unit when you click on "Save". The VLAN is, thereafter, presented on the other stack switch units but with no port members.
Page 134: 3-11.2 Ports
As a function in VLAN Tag Rule Setting, the user can input VID number to each port. 3-11.2 Ports The range of VID number is from 1 to 4094. The user also can choose ingress filtering rules for each port. There are two ingress filtering rules which can be applied to the switch.
Page 135 Ingress Filtering: Enables ingress filtering on a port by checking the box. This parameter affects VLAN ingress processing. If ingress filtering is enabled and the ingress port is not a member of the classified VLAN of the frame, the frame is discarded.
Page 136: 3-11.3 Switch Status
The function of the switch status is to gather all information about the VLAN status 3-11.3 Switch and report it by the order of static – NAS, MVRP, MVP, Voice VLAN, MSTP, and GVRP Status Combined. Web Interface To display VLAN membership status in the web interface: 1.
Page 137 information for all the VLAN Users. This is by default. VLAN membership allows the frames classified to the VLAN ID to be forwarded on the respective VLAN member ports. Auto-refresh: Check “Auto-Refresh” so the device can refresh the information automatically. Upper right icon (Refresh): Click “Refresh”...
Page 138: 3-11.4 Port Status
The function of the port status is to gather all information about the VLAN status 3-11.4 Port Status and reports it by the order of static – NAS, MVRP, MVP, Voice VLAN, MSTP, and GVRP Combined. Web Interface To display VLAN Port Status n the web interface: 1.
Page 139  Direct conflict between user modules. Auto-refresh: Check “Auto-Refresh” so the device can refresh the information automatically. Upper right icon (Refresh): Click “Refresh” to refresh the VLAN Port Status information manually.
Page 140: 3-11.5 Private Vlans
In a private VLAN, communication between ports in that private VLAN is not 3-11.5 Private permitted. A VLAN can be configured as a private VLAN. VLANs 3-11.5.1 Private The private VLAN membership configurations for the switch can be monitored and modified.
Page 141 Port Isolation provides for an apparatus and method to isolate ports on layer 2 3-11.5.2 Port switches on the same VLAN to restrict traffic flow. The apparatus comprises of a Isolation switch that has plurality of ports. Each port is configured as a protected port or a non-protected port.
Page 142: 3-11.6 Mac-Based Vlan
3-11.6 MAC-Based MAC address-based VLAN decides the VLAN for forwarding an untagged frame, VLAN based on the source MAC address of the frame. A most common way of grouping the VLAN members is by port, hence the name “Port-Based VLAN”. Typically, the device adds the same VLAN tag to untagged packets that are received through the same port.
Page 143 Delete: To delete a MAC-based VLAN entry, check this box and press save. The entry Parameter will be deleted on the selected switch in the stack. Description MAC Address: Indicates the MAC address. VLAN ID: Indicates the VLAN ID. Port Members: A row of check boxes for each port is displayed for each MAC-based VLAN entry.
Page 144 This section shows MAC-based VLAN entries configured by various MAC-based VLAN 3-11.6.2 Status users. Currently, we support the following VLAN user types: NAS: NAS provides port-based authentication, which involves communications between a Supplicant, an Authenticator, and an Authentication Server. Web Interface To display MAC-based VLAN configured in the web interface: 1.
Page 145: 3-11.7 Protocol-Based Vlan
Protocol-based VLAN is described in details in this section. The switch supports 3-11.7 Protocol- Protocol and Ethernet LLC SNAP Protocol. Based VLAN LLC: The Logical Link Control (LLC) data communication protocol layer is the upper sub-layer of the Data Link Layer (which is layer 2; just above the Physical Layer) in the seven-layer OSI reference model.
Page 146 Delete: To delete a protocol from Group Name map entry, check this box. The entry Parameter will be deleted on the switch during the next save. Description Frame Type: Frame Type can have one of the following values: 1. Ethernet 2.
Page 147 Buttons:  Apply – Click “Apply” to save changes.  Reset- Click “Reset” to undo any changes made locally and revert to previously saved values. Upper right icon (Refresh): Click “Refresh” to refresh the Protocol Group Mapping information manually.
Page 148 The user can map an already configured Group Name to a VLAN for the selected 3-11.7.2 Group to stack unit switch. VLAN Web Interface To display Group Name to VLAN mapping table configured in the web interface: 1. Click Group Name VLAN configuration and add new entry. 2.
Page 149 Buttons:  Apply – Click “Apply” to save changes.  Reset- Click “Reset” to undo any changes made locally and revert to previously saved values. Auto-refresh: Check “Auto-Refresh” so the device can refresh the information automatically. Upper right icon (Refresh): Click “Refresh” to refresh the Protocol Group Mapping information manually.
Page 150: Voice Vlan
Voice VLAN is VLAN configured specifically for voice traffic. By adding the ports with 3-12 Voice VLAN voice devices attached to voice VLAN, we can perform QoS-related configuration for voice data to ensure the transmission priority of voice traffic and voice quality. The Voice VLAN feature enables voice traffic forwarding on the Voice VLAN, then the 3-12.1 switch can classify and schedule network traffic.
Page 151 Mode: Indicates the Voice VLAN mode operation. We must disable MSTP feature Parameter before we enable Voice VLAN. It can avoid the conflict of ingress filtering. Possible Description modes are:  Enabled: Enables Voice VLAN mode operation.  Disabled: Disables Voice VLAN mode operation. VLAN ID: Indicates the Voice VLAN ID.
Page 152: 3-12.2 Oui
The section describes how to configure the VOICE VLAN OUI table. The maximum 3-12.2 OUI entry number is 16. Modifying the OUI table will restart auto detection of the OUI process. Web Interface To configure Voice VLAN OUI Table in the web interface: 1.
Page 153: Garp
The Generic Attribute Registration Protocol (GARP) provides a generic framework, 3-13 GARP whereby devices in a bridged LAN (e.g. end stations and switches) can register and de-register attribute values (e.g. VLAN Identifiers) with each other. In doing so, the attributes are propagated to devices in the bridged LAN, and these devices form a reachability tree that is a subset of an active topology.
Page 154 Port: The port column shows the list of ports for which you can configure GARP Parameter settings. There are 2 types of configuration settings that can be configured on per Description port bases.  Timer Values  Application  Attribute Type ...
Page 155: 3-13.2 Statistics
The port statistics of GARP for all switch ports are described in details in this section. 3-13.2 Statistics The port statistics are related to the currently selected stack units, as reflected by the page header. Web Interface To display GARP Port statistics in the web interface: 1.
Page 156: Gvrp
GVRP is an application based on Generic Attribute Registration Protocol (GARP). It is 3-14 GVRP mainly used to automatically and dynamically maintain the group membership information of the VLANs. The GVRP offers the function to provide the VLAN registration service through a GARP application. It makes use of the GARP Information Declaration (GID) to maintain ports associated with their attribute database and GARP Information Propagation (GIP) in order to communicate among switches and end stations.
Page 157 GVRP Mode: GVRP Mode is a global setting. To enable the GVRP globally, select Parameter “Enable” from menu. To disable GVRP globally, select “Disable”. In stacking, this Description configuration command sends a message to all the slaves connected in stack. The default value of Global MVRP Mode is “Disable”.
Page 158: 3-14.2 Statistics
The section shows the basic GVRP port statistics for all switch ports. The statistics 3-14.2 Statistics relate to the currently selected stack unit, as reflected by the page header. Web Interface To display GVRP Port statistics in the web interface: 1.
Page 159: Qos
3-15 QoS The switch support four QoS queues per port with strict or weighted fair queuing scheduling. It supports QoS Control Lists (QCL) for advance programmable QoS classification, based on IEEE 802.1p, Ethertype, VID, IPv4/IPv6 DSCP, and UDP/TCP ports and ranges. High flexibility in the classification of incoming frames to a QoS class.
Page 160 Port: The port number for which the configuration below applies. Parameter Description QoS class: Controls the default QoS class (e.g. the QoS class for frames not classified in any other way). There is a one-to-one mapping between QoS class, queue, and priority.
Page 161: 3-15.2 Port Policing
This section provides an overview of the QoS Ingress Port Policers for all switch 3-15.2 Port ports. The Port Policing is useful in constraining traffic flows and marking frames Policing above specific rates. Policing is primarily useful for data flows and voice or video flows because voice and video usually maintains a steady rate of traffic.
Page 162: 3-15.3 Port Schedulers
3-15.3 Port This section provides an overview of QoS Egress Port Schedulers for all switch ports Schedulers and the ports belong to the currently selected stack unit, as reflected by the page header. Web Interface To display the QoS Port Schedulers in the web interface: 1.
Page 163 Port: The logical port for the settings contained in the same row. Click on the port Parameter number in order to configure the schedulers. Description Mode: Shows the scheduling mode for this port. Weight (Qn): Shows the weight for this queue and port. Scheduler Mode: Controls whether the scheduler mode is "Strict Priority"...
Page 164: 3-15.4 Port Shaping
3-15.4 Port This section provides an overview of QoS Egress Port Shapers for all switch ports. Shaping The user could also get all detail information to the ports that belong to the currently selected stack unit, as reflected by the page header. Web Interface To display the QoS Port Shapers in the web interface: 1.
Page 165 Port: The logical port for the settings contained in the same row. Click on the port Parameter number in order to configure the shapers. Description Shapers (Qn): Shows "Disabled" or actual queue shaper rate (e.g. "800 Mbps"). Shapers (Port): Shows "Disabled" or actual port shaper rate (e.g. "800 Mbps"). Scheduler Mode: Controls whether the scheduler mode is "Strict Priority"...
Page 166 Queue Scheduler Weight: Controls the weight for this queue. The default value is "17". This value is restricted to 1-100. This parameter is only show if "Scheduler Mode" is set to "Weighted". Queue Scheduler Percent: Shows the weight in percent for this queue. This parameter is only shown if "Scheduler Mode"...
Page 167: 3-15.5 Port Tag Remarking
The section provides an overview of QoS Egress Port Tag Remarking for all switch 3-15.5 Port Tag ports that belong to the currently selected stack unit, as reflected by the page Remarking header. Web Interface To display the QoS Port Tag Remarking in the web interface: 1.
Page 168: 3-15.6 Port Dscp
3-15.6 Port DSCP The section helps the user to set the basic QoS Port DSCP Configuration settings for all switch ports to the currently selected stack unit, as reflected by the page header. Web Interface To configure the QoS Port DSCP parameters in the web interface: 1.
Page 169 Port: The port column shows the list of ports that you can configure DSCP ingress Parameter and egress settings. Description Ingress: In Ingress settings, you can change ingress translation and classification settings for individual ports. There are two configuration parameters available in Ingress: 1.
Page 170: 3-15.7 Dscp-Based Qos
The section helps the user configure the basic QoS, DSCP based, QoS Ingress 3-15.7 DSCP-Based Classification settings for all switches. Web Interface To configure the DSCP –Based QoS Ingress Classification parameters in the web interface: 1. Click Configuration, QoS, DSCP-Based QoS. 2.
Page 171: 3-15.8 Dscp Translation
3-15.8 DSCP The section allows you to configure the basic QoS DSCP Translation settings for all Translation switches. DSCP translation can be done in Ingress or Egress. Web Interface To configure the DSCP Translation parameters in the web interface: 1. Click Configuration, QoS, DSCP Translation. 2.
Page 172 DSCP: The maximum number of supported DSCP values is 64 and the valid DSCP Parameter value ranges from 0 to 63. Description Ingress: Ingress side DSCP can be first translated to new DSCP before using the DSCP for QoS class and DPL map. There are two configuration parameters for DSCP Translation –...
Page 173: 3-15.9 Dscp Classification
The section describes how to configure and map the DSCP value to a QoS class and 3-15.9 DSCP DPL value. The settings relate to the currently selected stack unit, as reflected by the Classification page header. Web Interface To configure the DSCP Classification parameters in the web interface: 1.
Page 174: 3-15.10 Qos Control List Configuration
3-15.10 QoS The section shows the QoS Control List(QCL), which is made up of the QCEs. Each Control List row describes a QCE that is defined. The maximum number of QCEs is 256 on each Configuration switch. Click on the lowest plus sign to add a new QCE to the list. Web Interface To configure the QoS Control List parameters in the web interface: 1.
Page 175 QCE#: Indicates the index of QCE. Parameter Description Port: Indicates the list of ports configured with the QCE. Frame Type: Indicates the type of frame to look for incoming frames. Possible frame types are:  Any: The QCE will match all frame type. ...
Page 176 : Deletes the QCE. : The lowest plus sign adds a new entry at the bottom of the QCE listings. Port Members: Check the checkbox button to make any port member of the QCL entry. By default, all ports will be checked. Key Parameters: Key configurations are described as below: Tag Value of Tag field can be 'Any', 'Untag', or 'Tag'.
Page 177 NOTE: All frame types are explained below: Any: Allow all types of frames. Ethernet: Ethernet Type Valid Ethernet type can have value within 0x600-0xFFFF or 'Any'. The default value is 'Any'. LLC: SSAP Address Valid SSAP (Source Service Access Point) can vary from 0x00 to 0xFF or 'Any'. The default value is 'Any'.
Page 178: 3-15.11 Qcl Status
The section configures and shows the QCL status by different QCL users. Each row 3-15.11 QCL Status describes the QCE that is defined. It is a conflict if a specific QCE is not applied to the hardware due to hardware limitations. The maximum number of QCEs is 256 on each switch.
Page 179 Conflict: Displays QCE status. Resources required to add a QCE may not be available. In that case, it shows the conflict status as 'Yes'. Otherwise, it is always be 'No'. Please note that that conflict can be resolved by releasing the resource required by the QCE and pressing 'Refresh' button.
Page 180: 3-15.12 Storm Control
The section configures the storm control for the switch. The types of controls are the 3-15.12 Storm unicast storm rate control, the multicast storm rate control, and the broadcast storm Control rate control. These only affect flooded frames (e.g. frames with a [VLAN ID, DMAC] pair not present on the MAC Address table).
Page 181: S-Flow Agent
3-16 S-Flow Agent The sFlow Collector configuration for the switch can be monitored and modified. Up to 1 Collector is supported. This page allows configurations for the sFlow collector IP type, sFlow collector IP Address, Port Number, and for each sFlow Collector. 3-16.1 Collector The "Current”...
Page 182 Receiver Id: The "Receiver ID" input fields allow the user to select the Collector ID. Parameter Indicates the ID of this particular sFlow Collector. Currently, one ID is supported as Description one collector is supported. IP Type: A drop down list to select the type of IP of Collector is displayed. By default, IPv4 is the type of Collector IP type.
Page 183: 3-16.2 Sampler
You can set or edit the sFlow sampler to meet your requirements based on a 3-16.2 Sampler defined sampling rate. An average of 1 out of N packets/operations is randomly sampled. This type of sampling does not provide a 100% accurate result, but it does provide a result with quantifiable accuracy.
Page 184 sFlow Ports: Lists of the port numbers on which sFlow is configured. Parameter Description sFlow Instance: Configures sFlow instance for the port number. Sampler Type: Configures sampler type on the port and could be any of the types: None, Rx, Tx, or All. You can scroll to choose one for your sampler type. By default, the value is “None”.
Page 185: Loop Protection
3-17 Loop The Loop Protection is used to detect the presence of traffic. When switch receives Protection the packet’s (looping detection frame) MAC address (the same as oneself from the port), the loop protection happens. The port will be locked when it received the looping protection frames.
Page 186 General Settings: Parameter Description Enable Loop Protection: Controls whether loop protections is enabled (as a whole). Transmission Time: The interval between each loop protection PDU sent on each port. Valid values are 1 to 10 seconds. Shutdown Time: The period (in seconds) for which a port will be kept disabled in the event of a loop is detected (and the port action shuts down the port).
Page 187: 3-17.2 Status
This page displays the loop protection port status of the switch. 3-17.2 Status Web Interface To configure the loop protection status parameters in the web interface: 1. Click Configuration, Loop Protection, Status. 2. Evoke the auto-refresh or click to refresh the loop protection port status manually.
Page 188: Single Ip
Provides a single IP address management of up to 32 switches. It is not limited to 3-18 Single IP specific models, distance barriers, specialized cables, or stacking method. Each single IP group consists of one master switch and up to 32 slave switches. The 3-18.1 master switch is used as an agent to manage all the switches in the same group.
Page 189: 3-18.2 Information
Displays the active Slave Switch information. 3-18.2 Information Web Interface To configure the Single IP parameters in the web interface: 1. Click Configuration, Single IP, Information. 2. Evoke the auto-refresh or click to refresh the Single IP slave member manually. Figure 3-19.2: The Single IP Information.
Page 190: Easy Port
Easy Port provides a convenient way to save and share common configurations. You 3-19 Easy Port can use it to enable features and settings, based on the location of a switch in the network and for mass configuration deployments across the network. You could easily implement Voice IP Phones, Wireless Access Points, IP Cameras, and more.
Page 191 Port Members: To evoke which port wants to enable the Easy Port function. Parameter Description Role: Scroll to select what kind device you want to connect and implement with the Easy Port setting. Access VLAN: To set the Access VLAN ID means that the switch port access VLAN ID (AVID).
Page 192: Mirroring
3-20 Mirroring You can mirror traffic from any source port to a target port for real-time analysis. You can then attach a logic analyzer or RMON probe to the target port and study the traffic crossing the source port in a completely unobtrusive manner. Mirror Configuration is to monitor the traffic of the network.
Page 193 Port to mirror on: Port to mirror, also known as, the mirror port. Frames from ports Parameter that have either source (Rx) or destination (Tx) mirroring enabled are mirrored on Description this port. Disabled disables mirroring. Mirror Port Configuration The following table is used for Rx and Tx enabling. Port: The logical port for the settings contained in the same row.
Page 194: Trap Event Severity
3-21 Trap Event The Trap Event Severity function is used to set an alarm trap and get the event log. Severity The Trap Events Configuration function is used to enable the switch to send out the trap information, while pre-defined trap events occurred. Web Interface To configure the Trap Event Severity Configuration in the web interface: 1.
Page 195 Group Name: The field describes the Trap Event definition. Parameter Description Severity Level: Every group has a severity level. The following level types are supported: <0> Emergency: System is unusable. <1> Alert: Action must be taken immediately. <2> Critical: Critical conditions <3>...
Page 196: Upnp
UPnP is an acronym for Universal Plug-and-Play. The goals of UPnP are to allow 3-22 UpnP devices to connect seamlessly, and to simplify the implementation of networks in the home (data sharing, communications, and entertainment) and in corporate environments for simplified installation of computer components. Web Interface To configure the UPnP Configuration in the web interface: 1.
Page 197: Chapter 4: Security
Chapter 4: Security This chapter describes all of the switch security configuration tasks to enhance the security of local network including IP Source Guard, ARP Inspection, DHCP Snooping, AAA, and so on. The section describes the IP Source Guard detail parameters of the switch. You could 4-1 Source Guard use the IP Source Guard configuration to enable or disable with the port of the switch.
Page 198 Mode of IP Source Guard Configuration: Enables or disables the Global IP Source Parameter Guard. All configured ACEs will be lost when the mode is enabled. Description Port Mode Configuration: Specifies which port the IP Source Guard is enabled on. Only when both Global Mode and Port Mode on a given port are enabled, then the IP Source Guard is enabled on this given port.
Page 199: 4-1.2 Static Table
The section describes the Static IP Source Guard Table parameters of the switch. You 4-1.2 Static Table could use the Static IP Source Guard Table configuration to manage the entries. Web Interface To configure a Static IP Source Guard Table Configuration in the web interface: 1.
Page 200: 4-1.3 Dynamic Table
The section describes the Dynamic IP Source Guard Table parameters of the switch. 4-1.3 Dynamic You could use the Dynamic IP Source Guard Table configure to manage the entries. Table Web Interface To configure a Dynamic IP Source Guard Table Configuration in the web interface: 1.
Page 201: Arp Inspection
The section describes the ARP Inspection parameters of the switch. You could use 4-2 ARP Inspection the ARP Inspection configuration to manage the ARP table. 4-2.1 Configuration This section describes how to configure the ARP Inspection setting including:  Mode (Enabled and Disabled) ...
Page 202: 4-2.2 Static Table
The section describes the Static ARP Inspection Table parameters of the switch. You 4-2.2 Static Table could use the Static ARP Inspection Table configuration to manage the ARP entries. Web Interface To configure the Static ARP Inspection Table Configuration in the web interface: 1.
Page 203: 4-2.3 Dynamic Table
The section describes the Dynamic ARP Inspection Table parameters of the switch. 4-2.3 Dynamic The Dynamic ARP Inspection Table contains up to 1024 entries. The table is sorted Table first by port, then by VLAN ID, then by MAC address, and then by IP address. Web Interface To configure a Dynamic ARP Inspection Table Configuration in the web interface: 1.
Page 204: Dhcp Snooping
The section describes the DHCP Snooping parameters of the switch. The DHCP 4-3 DHCP Snooping Snooping can prevent attackers from adding their own DHCP servers to the network. 4-3.1 Configuration This section describes how to configure the DHCP Snooping setting including: ...
Page 205: 4-3.2 Statistics
The section describes to show the DHCP Snooping Statistics information of the 4-3.2 Statistics switch. The statistics show only packet counters when DHCP snooping mode is enabled and relay mode is disabled. It doesn't count the DHCP packets for DHCP client.
Page 206 Rx and Tx Lease Unknown: The number of lease unknown (option 53 with value 12) packets received and transmitted. Rx and Tx Lease Active: The number of lease active (option 53 with value 13) packets received and transmitted. Auto-refresh: Check “Auto-Refresh” so the device can refresh the information automatically.
Page 207: Dhcp Relay
The section describes how to forward the DHCP requests to another specific DHCP 4-4 DHCP Relay server via DHCP relay. The DHCP servers may be on another network. 4-4.1 Configuration This section describes how to configure DHCP Relay setting including: ...
Page 208 Relay Mode: Indicates the DHCP relay mode operation. Possible modes are: Parameter Description  Enabled: Enables the DHCP relay mode operation. When the DHCP relay mode operation is enabled, the agent forwards and transfers the DHCP messages between the clients and the server when they are not in the same subnet domain.
Page 209: 4-4.2 Statistics
The section describes the DHCP Relay Statistics information of the switch. The 4-4.2 Statistics statistics show both of the server and client packet counters when the DHCP Relay mode is enabled. Web Interface To configure a DHCP Snooping Statistics Configuration in the web interface: 1.
Page 210 Replace Agent Option: The number of packets which were replaced with the relay agent information option. Keep Agent Option: The number of packets whose relay agent information was retained. Drop Agent Option: The number of packets that were dropped, which were received with relay agent information.
Page 211: Nas
The section describes the NAS parameters of the switch. The NAS server can be 4-5 NAS employed to connect users to a variety of resources including internet access, conference calls, printing documents on shared printers, or by simply logging on to the internet.
Page 212 Mode: Indicates if the NAS is globally enabled or disabled on the switchstack. If it is Parameter globally disabled, all ports are allowed to forward the frames. Description Reauthentication Enabled: If checked, successfully authenticated supplicants/clients are reauthenticated after the interval specified by the “Reauthentication Period”. Reauthentication for 802.1X-enabled ports can be used to detect if a new device is plugged into a switch port or if a supplicant is no longer attached.
Page 213 In “MAC-based Auth.” mode, the switch will ignore any new frames coming from the client during the hold time. The hold time can be set to a number between 10 and 1000000 seconds. RAUDIUS-Assigned QoS Enabled: The RADIUS-assigned QoS provides a means to centrally control the traffic class, to which traffic coming from a successfully authenticated supplicant is assigned on the switch.
Page 214 EAPOL frame has been received on the port for the lifetime of the port. The value can only be changed if the Guest VLAN option is globally enabled. Port Configuration: The table has one row for each port on the selected switch in the stack and a number of columns, which are: Port: The port number for which the configuration below applies.
Page 215 NOTE: Supposed two backend servers are enabled and that the server timeout is configured to X seconds (using the AAA configuration page). Also supposed that the first server in the list is currently down (but not considered dead). Now, if the supplicant retransmits EAPOL start frames at a rate faster than X seconds, then it will never get authenticated because the switch will cancel on-going backend authentication server requests whenever it...
Page 216 In the Multi 802.1X mode, it is not possible to use the multicast BPDU MAC address as destination MAC address for EAPOL frames sent from the switch towards the supplicant. This would cause all supplicants attached to the port to reply to requests sent from the switch. Instead, the switch uses the supplicant's MAC address, which is obtained from the first EAPOL start or EAPOL response identity frame sent by the supplicant.
Page 217 This option is only available for single-client modes: Port-Based 802.1X Single 802.1X RADIUS attributes used in identifying a QoS Class: Refer to the written documentation for a description of the RADIUS attributes needed in order to successfully identify a QoS Class. The User- Priority-Table attribute defined in RFC4675 forms the basis for identifying the QoS Class in an Access-Accept packet.
Page 218  The value of Tunnel-Private-Group-ID must be a string of ASCII chars in the range 0 to 9, which is interpreted as a decimal string to represent the VLAN ID. Leading '0's are discarded. The final value must be in the range of 1 to 4095. ...
Page 219  Restart: Two buttons are available for each row. The buttons are only enabled when authentication is globally enabled and the port's Admin State is in an EAPOL-based or MAC-based mode. Clicking these buttons will not cause settings changed on the page to take effect.
Page 220: 4-5.2 Switch Status
The section describes each port’s NAS status information of the switch. The status 4-5.2 Switch Status includes Admin State Port State, Last Source, Last ID, QoS Class, and Port VLAN ID. Web Interface To configure a NAS Switch Status Configuration in the web interface: 1.
Page 221 If the port is moved to the Guest VLAN, "(Guest)" is appended to the VLAN ID. Read more about Guest VLANs here. Auto-refresh: Check “Auto-Refresh” so the device can refresh the information automatically. Upper right icon (Refresh): Click “Refresh” to refresh the NAS Switch Status manually.
Page 222: 4-5.3 Port Status
The section provides detailed NAS statistics for a specific switch port running EAPOL- 4-5.3 Port Status based IEEE 802.1X authentication. Web Interface To configure a NAS Port Status Configuration in the web interface: 1. Specify the port you want to check. 2.
Page 223: Aaa
4-6 AAA This section shows you how to use an AAA (Authentication, Authorization, Accounting) server to provide control access to your network. The AAA server can be a TACACS+ or RADIUS server to create and manage objects that contain settings to use AAA servers.
Page 224 Figure 4-5.3.1: The Common Server Configuration Figure 4-5.3.2: The TACACS+ Accounting Configuration Figure 4-5.3.3: The RADIUS Configuration Figure 4-5.3.4: The RADIUS Accounting Configuration Figure 4-5.3.5: The TACACS+ Authentication Configuration...
Page 225 Timeout: The timeout, which can be set to a number between 3 and 3600 seconds, Parameter is the maximum time to wait for a reply from a server. Description If the server does not reply within this timeframe, it will be considered as dead and continue with the next enabled server (if any).
Page 226 RADIUS Accounting Server Configuration The table has one row for each RADIUS accounting server and a number of columns, which are: #: The RADIUS accounting server number for which the configuration below applies. Enabled: Enables the RADIUS accounting server by checking this box. IP Address/Hostname: The IP address or hostname of the RADIUS accounting server.
Page 227: 4-6.2 Radius Overview
This section gives an overview of the RADIUS authentication and accounting servers 4-6.2 Radius status to ensure the function works. Overview Web Interface To configure a RADIUS Overview Configuration in the web interface: Checked “Auto-Refresh”. Figure 4-6.2: The RADIUS Authentication Server Status Overview #: The RADIUS server number.
Page 228  Disabled: The server is disabled.  Not Ready: The server is enabled, but the IP communication is not yet up and running.  Ready: The server is enabled, the IP communication is up and running and the RADIUS module is ready to accept accounting attempts. ...
Page 229: 4-6.3 Radius Details
This section shows a detailed statistics of the RADIUS authentication and accounting 4-6.3 Radius servers. The statistics map closely to those specified in RFC4668 - RADIUS Details Authentication Client MIB. Web Interface To configure a RADIUS Details Configuration in the web interface: 1.
Page 230 RADIUS Authentication Statistics Parameter The statistics map closely to those specified in RFC4668 - RADIUS Authentication Client MIB. Description Use the server select box to switch between the backend servers to show details for. Packet Counters RADIUS authentication server packet counter. There are seven receive and four transmit counters.
Page 231 Other Info This section contains information about the state of the server and the latest round- trip time. RFC4668 Name Description Name IP address and UDP port for the authentication server in question. Address Shows the state of the server. It takes one of the following values: Disabled: The selected server is disabled.
Page 232 RADIUS Accounting Statistics The statistics map closely to those specified in RFC4670 - RADIUS Accounting Client MIB. Use the server select box to switch between the backend servers to show details for. Packet Counters RADIUS accounting server packet counter. There are five receive and four transmit counters.
Page 233 Other Info This section contains information about the state of the server and the latest round- trip time. Name RFC4670 Name Description IP address and UDP port for the accounting server IP Address - in question. Shows the state of the server. It takes one of the following values: Disabled: The selected server is disabled.
Page 234: Port Security
4-7 Port Security This section helps you configure the port security settings of the switch. You can use the port security feature to restrict input to an interface by limiting and identifying MAC addresses. 4-7.1 Limit Control This section helps you configure the port security settings of the switch. You can use the port security feature to restrict input to an interface by limiting and identifying MAC addresses.
Page 235 Parameter System Configuration Description Mode: Indicates if “Limit Control” is globally enabled or disabled on the switchstack. If globally disabled, the other modules may still use the underlying functionality, but limit checks and corresponding actions are disabled. Aging Enabled: If checked, secured MAC addresses are subject to aging as discussed under “Aging Period”.
Page 236  Shutdown: If Limit + 1 MAC addresses is seen on the port, it shuts down the port. This implies that all secured MAC addresses will be removed from the port and no new address will be learned. Even if the link is physically disconnected and reconnected on the port (by disconnecting the cable), the port will remain shut down.
Page 237: 4-7.2 Switch Status
This section shows the port security status. Port Security is a module with no direct 4-7.2 Switch Status configuration. Configuration comes indirectly through other modules - the user modules. When a user module has enabled port security on a port, the port is set up for software-based learning.
Page 238 User Module Legend: The legend shows all user modules that may request port Parameter security services. Description User Module Name: The full name of a module that may request port security services. Abbr: A one-letter abbreviation of the user module. This is used in the “Users” column in the port status table.
Page 239: 4-7.3 Port Status
This section shows the MAC addresses secured by the port security module. Port 4-7.3 Port Status Security is a module with no direct configuration. Configuration comes indirectly from other modules - the user modules. When a user module has enabled port security on a port, the port is set up for software-based learning.
Page 240: Access Management
4-8 Access This section helps you configure the access management table of the switch, Management including HTTP/HTTPS, SNMP, and TELNET/SSH. You can manage the switch over an Ethernet LAN, or over the internet. 4-8.1 Configuration This section helps you configure access management table of the switch. The maximum entry number is 16.
Page 241 Mode: Indicates the access management mode operation. Possible modes are: Parameter  Description Enabled: Enables access management mode operation.  Disabled: Disables access management mode operation. Delete: Check to delete the entry. It will be deleted during the next save. Start IP address: Indicates the start IP address for the access management entry.
Page 242: 4-8.2 Statistics
This section shows a detailed statistics of the Access Management including HTTP, 4-8.2 Statistics HTTPS, SSH. TELNET, and SSH. Web Interface To configure an Assess Management Configuration in the web interface: 1. Checked “Auto-Refresh”. Figure 4-8.2: The Access Management Statistics Interface: The interface type through which the remote host can access the switch.
Page 243: Ssh
This section shows you how to use SSH (Secure Shell) to securely access the switch. 4-9 SSH SSH is a secure communication protocol that combines authentication and data encryption to provide secure encrypted communication. Web Interface To configure a SSH Configuration in the web interface: 1.
Page 244: Https
This section shows you how to use HTTPS to securely access the switch. HTTPS is a 4-10 HTTPs secure communication protocol that combines authentication and data encryption to provide secure encrypted communication via the browser. Web Interface To configure a HTTPS Configuration in the web interface: 1.
Page 245: Auth Method
This page shows how to authenticate a user when he logs into the switchstack, via 4-11 Auth Method one of the management client interfaces. Web Interface To configure a Authentication Method Configuration in the web interface: 1. Specify the Client (Console, Telnet, SSH, Web) which you want to monitor. 2.
Page 246: Chapter 5: Maintenance
Chapter 5: Maintenance Chapter 5 describes all of the switch’s maintenance configuration tasks to enhance the performance of local network including Restart Device, Firmware upgrade, Save/Restore, Import/Export, and Diagnostics. This section describes how to restart the switch for any maintenance needs. Any 5-1 Restart configuration files or scripts that you saved in the switch should still be available afterwards.
Page 247: Firmware
This section describes how to upgrade firmware for the device. The switch can be 5-2 Firmware enhanced with more value-added functions by installing firmware upgrades. 5-2.1 Firmware This section describes how to upgrade firmware for the device. The switch can be enhanced with more value-added functions by installing firmware upgrades.
Page 248: 5-2.2 Firmware Selection
5-2.2 Firmware The switch supports dual image for firmware redundancy purpose. You can select Selection what firmware image for your device: start firmware or operating firmware. This page provides information about the active and alternate (backup) firmware images in the device, and allows you to revert to the alternate image. Web Interface To configure a firmware selection in the web interface: 1.
Page 249 Activate Alternate Image: Click to use the alternate image. This button may be Parameter disabled, depending on the system state. Description Cancel: Cancel activating the backup image. Navigates away from this page. Image: The flash index name of the firmware image. The name of primary (preferred) image is “image”.
Page 250: Save/Restore
5-3 Save/Restore This section describes how to save and restore the switch configuration including Reset to Factory Defaults, Save Start, Save Users, and Restore Users for any maintenance needs. 5-3.1 Factory This section describes how to reset the switch configuration to factory defaults. Defaults Any configuration files or scripts will recover to factory default values.
Page 251: 5-3.2 Save Start
5-3.2 Save Start This section describes how to save the Switch Start Configuration. Any current configuration files will be saved as XML format. Web Interface To configure a Save Start Configuration in the web interface: 1. Click “Save Start”. 2. Click “Yes”. Figure 5-3.2: “Save Start”...
Page 252: 5-3.3 Save User
5-3.3 Save User This section describes how to save users information. Any current configuration files will be saved as XML format. Web Interface To configure a Save User Configuration in the web interface: 1. Click “Save User”. 2. Click “Yes”. Figure 5-3.3: “Save”...
Page 253: 5-3.4 Restore User
5-3.4 Restore User This section describes how to restore the users information back to the switch. Any current configuration files will be restored via XML format. Web Interface To configure a Restore User Configuration in the web interface: 1. Click “Restore User”. 2.
Page 254: Export/Import
5-4 Export/Import This section describes how to export and import the switch configuration. Any current configuration files will be exported as XML format. 5-4.1 Export Config This section describes to export the swith configuration for maintenance needs. Any current configuration files will be exported as XML format. Web Interface To configure the Export Config Configuration in the web interface: 1.
Page 255: 5-4.2 Import Config
5-4.2 Import This section describes to export the switch configuration for maintenance needs. Config Any current configuration files will be exported as XML format. Web Interface To configure an Import Config Configuration in the web interface: 1. Click “Browse” to select the config file in your device. 2.
Page 256: Diagnostics
This section provides a set of basic system diagnosis. It indicates whether the 5-5 Diagnostics system is healthy or if it needs to be fixed. The basic system check includes ICMP Ping, ICMPv6, and VeriPHY Cable Diagnostics. This section allows you to issue ICMP PING packets to troubleshoot IPv6 connectivity 5-5.1 Ping issues.
Page 257: 5-5.2 Ping6
This section allows you to issue ICMPv6 PING packets to troubleshoot IPv6 5-5.2 Ping6 connectivity issues. Web Interface To configure an ICMPv6 PING Configuration in the web interface: 1. Specify ICMPv6 PING IP Address. 2. Specify ICMPv6 PING Size. 3. Click “Start”. Figure 5-5.2: The ICMPv6 Ping IP Address: The destination IP Address with IPv6.
Page 258: 5-5.3 Veriphy
This section is used to run the VeriPHY Cable Diagnostics. Press to run the 5-5.3 VeriPHY diagnostics. This will take approximately 5 seconds. If all ports are selected, this can take up to 15 seconds. When completed, the page refreshes automatically and the cable diagnostics results will be viewable in the cable status table.
Page 259: Battery Replacement
It is recommended that only qualified service personnel replace the internal battery. 5-6 Battery Replacement CAUTION: Risk of explosion if battery is replaced by an incorrect type. Dispose of used batteries according to the instructions.
Page 260: Glossary Of Web-Based Management
Glossary of Web-Based Management ACE: ACE is an acronym for Access Control Entry. It describes the access permission associated with a particular ACE ID. There are three ACE frame types (Ethernet Type, ARP, and IPv4) and two ACE actions (Permit and Deny). The ACE also contains different detailed parameter options that are available for individual application.
Page 261 ACL|Rate Limiters: Under this page you can configure the rate limiters. There can be 15 different rate limiters, ranging from 1-1024K packets per seconds. Under the "Ports" and "Access Control List" webpages, you can assign a rate limiter ID to the ACE(s) or ingress port(s). AES: AES is an acronym for Advanced Encryption Standard.
Page 262 DES: DES is an acronym for Data Encryption Standard. It provides a complete description of a mathematical algorithm for encrypting (enciphering) and decrypting (deciphering) binary coded information. Encrypting data converts it to an unintelligible form called cipher. Decrypting cipher converts the data back to its original form called plaintext. The algorithm described in this standard specifies both enciphering and deciphering operations, which are based on a binary number called a key.
Page 263 DHCP Snooping: DHCP Snooping is used to block intruders on the untrusted ports of the switch device. The intruder gets blocked when it tries to inject a bogus DHCP reply packet to a legitimate conversation between the DHCP client and server.
Page 264 HTTP: HTTP is an acronym for Hypertext Transfer Protocol. It is a protocol that used to transfer or convey information on the World Wide Web (WWW). HTTP defines how messages are formatted and transmitted, and what actions the web servers and browsers should take in response to various commands. For example, when you enter a URL in your browser, it sends a HTTP command to the web server.
Page 265 IGMP: IGMP is an acronym for Internet Group Management Protocol. It is a communications protocol used to manage the membership of Internet Protocol multicast groups. IGMP is used by IP hosts and adjacent multicast routers to establish multicast group memberships. It is an integral part of the IP multicast specification, like ICMP for unicast connections.
Page 266 LLDP: LLDP is an IEEE 802.1ab standard protocol. The Link Layer Discovery Protocol (LLDP) specified in this standard allows stations that are attached to an IEEE 802 LAN to advertise to other stations attached to the same IEEE 802 LAN. The major capabilities provided by the system incorporating that station, the management address or addresses of the entity or entities that provide management of those capabilities, and the identification of the stations point...
Page 267 MLD: MLD is an acronym for Multicast Listener Discovery for IPv6. MLD is used by IPv6 routers to discover multicast listeners on a directly attached link, such as IGMP is used in IPv4. The protocol is embedded in ICMPv6, instead of using a separate protocol.
Page 268 Optional TLVs: A LLDP frame contains multiple TLVs. For some TLVs, it is configurable if the switch includes the TLV in the LLDP frame. These TLVs are known as optional TLVs. If an optional TLV is disabled, the corresponding information is not included in the LLDP frame. OUI: OUI is the organizationally unique identifier.
Page 269 QCE: QCE is an acronym for QoS Control Entry. It describes QoS class associated with a particular QCE ID. There are six QCE frame types: Ethernet Type, VLAN, UDP/TCP Port, DSCP, TOS, and Tag Priority. Frames can be classified by one of 4 different QoS classes: "Low", "Normal", "Medium", and "High"...
Page 270 SHA: SHA is an acronym for Secure Hash Algorithm. It designed by the National Security Agency (NSA) and published by the NIST as a U.S. Federal Information Processing Standard. Hash algorithms compute a fixed-length digital representation (known as a message digest) of an input data sequence (the message) of any length.
Page 271 SSM: SSM is an abbreviation for Synchronization Status Message. It is contains a QL indication. STP: Spanning Tree Protocol is an OSI layer-2 protocol, which ensures a loop free topology for any bridged LAN. The original STP protocol is now obsolete by RSTP.
Page 272 TELNET: TELNET is an acronym for TELetype NETwork. It is a terminal emulation protocol that uses the Transmission Control Protocol (TCP). It provides a virtual connection between TELNET server and TELNET client. TELNET lets the client control the server and communicate with other servers on the network.
Page 273 VLAN aware switching: This is based on the IEEE 802.1Q standard. All ports are VLAN aware. Ports connected to VLAN aware switches are members of multiple VLANs and transmit tagged frames. Other ports are members of one VLAN, set up with this Port VLAN ID, and transmit untagged frames. Provider switching: This is also known as Q-in-Q switching.
Page 274: Contact Information
Contact Information Vigitron, Inc. 7810 Trade Street, Suite 100 San Diego, CA 92121 support@vigitron.com Tel: (858) 484-5209 Fax: (858) 484-1205 www.vigitron.com...

Vigitron MAXIINET VI3010 Operational Manual

Chapter 1: Operation of Web-Based Management

Chapter 2: System Configuration

Chapter 3: Configuration

Chapter 4: Security

Chapter 5: Maintenance

Quick Links

Need help?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for Vigitron MAXIINET VI3010

Summary of Contents for Vigitron MAXIINET VI3010