Page 1 IGP-1271 GUI User Guide 12-Port L3 Lite Managed Gigabit PoE Industrial Switch Release A1  2017, Digital Data Communications GmbH, Germany. All rights reserved. All product names are trademarks or registered trademarks of Digital Data companies...
Page 2: About This Manual
Purpose This GUI user guide gives specific information on how to operate and use the management functions of the IGP-1271 via HTTP/HTTPs web browser The Manual is intended for use by network administrators who are responsible for operating and Audience maintaining network equipment;...
Page 3: Table Of Contents
Table of Contents ABOUT THIS MANUAL .......................... II Revision History ............................viii INTRODUCTION ............................1 CHAPTER 1 OPERATION OF WEB-BASED MANAGEMENT ............2 CHAPTER 2 SYSTEM CONFIGURATION ................6 2-1 S ................................6 YSTEM 2-1.1 Information ............................6 2-1.2 IP ................................. 7 2-1.3 NTP ..............................
Page 4 2- 14.1 Configuration ..........................172 2- 14.2 Power Delay ..........................176 2- 14.3 Schedule Profile .......................... 178 2- 14.4 Auto Checking ..........................179 2- 14.5 Chip Reset Schedule ........................181 2-15 EPS ................................ 182 2-16 MEP............................... 185 2-17 ERPS ..............................187 2-18 MAC T ABLE ............................
Page 5 2-34 SMTP ..............................292 CHAPTER 3. MONITOR ...................... 294 3-1 S YSTEM ..............................294 3-1.1 Information ............................ 294 3-1.2 IP Status ............................297 3-1.3 Log ..............................300 3-1.4 Detailed Log ........................... 302 3-2 G REEN THERNET ............................304 3-2.1 Port Power Savings ........................304 3-3 P ORTS ...............................
Page 6 3-14 PTP ................................ 441 3-15 P E ................................ 443 3-16 MAC T ABLE ............................446 3-17 VLAN ..............................449 3-17.1 Membership ..........................449 3-17.2 Port ............................... 452 3-18 VCL ................................ 455 3-18.1 MAC-based VLAN ........................455 3-18.2 Protocol-based VLAN ........................457 3-18.3 IP Subnet-based VLAN ........................
Page 7: Revision History
Revision History Release Date Revision Initial Release 01/06/2017 viii...
Page 8: Introduction
IGP-1271 Industrial L3 Lite Managed Gigabit PoE Switch provide 12 ports in a single device; the specification is highlighted as follows.
Page 9: Chapter 1 Operation Of Web-Based Management
Username admin Password admin After the IGP-1271 has been finished configuration it interface, you can browse it. For instance, type http://192.168.1.1 in the address row in a browser, it will show the following screen and ask you inputting username and password in order to login and access authentication.
Page 10 AS IGP-1271 the function enable dhcp, so If you do not have DHCP server to provide ip addresses to the switch, the Switch default ip 192.168.1.1 Figure 1 The login page Revision A1...
Page 11: System
System Configuration Chapter 2 This chapter describes the entire basic configuration tasks which includes the System Information and any manage of the Switch (e.g. Time, Account, IP, Syslog and NTP.) 2-1 System You can identify the system by configuring the contact information, name, and location of the switch.
Page 12 Buttons:  Apply – Click to save changes. Reset- Click to undo any changes made locally and revert to previously saved values. Revision A1...
Page 13: Chapter 2 System Configuration
2-1.2 IP The IPv4 address for the switch could be obtained via DHCP Server for VLAN 1. To manually configure an address, you need to change the switch's default settings to values that are compatible with your network. You may also need to establish a default gateway between the switch and management stations that exist on another network segment.
Page 14 Parameter description: IP Configuration Mode:  Configure whether the IP stack should act as a Host or a Router. In Host mode, IP traffic between interfaces will not be routed. In Router mode traffic is routed between all interfaces. DNS Server ...
Page 15 interface. This field is only available for input when creating a new interface. IPv4 DHCP Enabled  Enable the DHCPv4 client by checking this box. If this option is enabled, the system will configure the IPv4 address and mask of the interface using the DHCPv4 protocol. The DHCPv4 client will announce the configured System Name as hostname to provide DNS lookup.
Page 16: 2-1.3 Ntp
is supposed to be uniquely assigned. Once the DAD (Duplicate Address Detection) detects the address duplication, the operation on the interface SHOULD be disabled. At this moment, manual intervention is required to resolve the address duplication. For example, check whether the loop occurs in the VLAN or there is indeed other device occupying the same hardware address as the device in the VLAN.
Page 17 Time Zone is an offset time off GMT. You have to select the time zone first and then perform time sync via NTP because the switch will combine this time zone offset and updated NTP time to come out the local time, otherwise, you will not able to get the correct time. The switch supports configurable time zone from –12 to +13 step 1 hour.
Page 18: 2-1.4 Time
2-1.4 Time The switch provides manual and automatic ways to set the system time via NTP. Manual setting is simple and you just input “Year”, “Month”, “Day”, “Hour” and “Minute” within the valid value range indicated in each item. Web Interface To configure Time in the web interface: 1.
Page 19 Parameter description: Time Configuration Clock Source:  There are two modes for configuring how the Clock Source from. Select "Use Local Settings" : Clock Source from Local Time. Select "Use NTP Server" : Clock Source from NTP Server. System Date: ...
Page 20 Saving Time duration for single time configuration. (Default: Disabled). Recurring Configuration Start time settings:  Week - Select the starting week number. Day - Select the starting day. Month - Select the starting month. Hours - Select the starting hour. Minutes - Select the starting minute.
Page 21: 2-1.5 Log
2-1.5 Log The log is a standard for logging program messages . It allows separation of the software that generates messages from the system that stores them and the software that reports and analyzes them. It can be used as well a generalized informational, analysis and debugging messages.
Page 22: 2-1.6 Digital I/O
2-1.6 Digital I/O Configure the normal modes of digital input/output (DI/DO). Web Interface To configure Digital I/O configuration in the web interface: 1. Click Configuration, System and Digital I/O. 2. Specify the Digital I/O Normal Mode.. 3. Click Apply. Figure2-1.6: The Digital I/O Configuration Parameter description: DI Normal Mode ...
Page 23 Parameter description: Group Name  The name identifying the severity group. Severity Level  Every group has an severity level. The following level types are supported: <0> Emergency: System is unusable. <1> Alert: Action must be taken immediately. <2> Critical: Critical conditions. <3>...
Page 24 To configure Trap Event Severity in the web interface: 1. Click Configuration, System, Alarm Notification and Port Event Setting. 2. Specify the Traffic and Action. 3. Click Apply. Figure 2-7.1.2: The Port Event Setting Parameter description: Active  To active the event handler of this port. Port ...
Page 25 Enable this port for Digital Out. Severity  Every port has a severity level. The following level types are supported: <0> Emergency: System is unusable. <1> Alert: Action must be taken immediately. <2> Critical: Critical conditions. <3> Error: Error conditions. <4>...
Page 26: Green Ethernet
2-2 Green Ethernet 2-2.1 Port Power Savings This page allows the user to configure the port power savings features. EEE is a power saving option that reduces the power usage when there is low or no traffic utilization. EEE works by powering down circuits when there is no traffic. When a port gets data to be transmitted all circuits are powered up.
Page 27 Optimize EEE for The switch can be set to optimize EEE for either best power saving or least traffic latency. Port:  The switch port number of the logical port. ActiPHY :  Link down power savings enabled. ActiPHY works by lowering the power for a port when there is no link. The port is power up for short moment in order to determine if cable is inserted.
Page 28: Ports Configuration
2-3 Ports Configuration 2-3.1 Ports This page displays current port configurations. Ports can also be configured here. Web Interface To configure a Current Port Configuration in the web interface: 1. Click Configuration, Ports Configuration, and Ports 2. Specify the Speed Configured, Flow Control, Maximum Frame size, Excessive Collision mode and Power Control.
Page 29 Port :  This is the logical port number for this row. Link :  The current link state is displayed graphically. Green indicates the link is up and red that it is down. Current Link Speed :  Provides the current link speed of the port. Configured Link Speed : ...
Page 30 Advertise Duplex  When duplex is set as auto i.e auto negotiation, the port will only advertise the specified duplex as either Fdx or Hdx to the link partner. By default port will advertise all the supported duplexes if the Duplex is Auto. Advertise Speed ...
Page 31: 2-3.2 Ports Description
Discard: Discard frame after 16 collisions (default). Restart: Restart backoff algorithm after 16 collisions. Frame Length Check  Configures if frames with incorrect frame length in the EtherType/Length field shall be dropped. An Ethernet frame contains a field EtherType which can be used to indicate the frame payload size (in bytes) for values of 1535 and below.
Page 32: Dhcp
Parameter description: Port :  This is the logical port number for this row. Description :  Enter up to 47 characters to be descriptive name for identifies this port. Buttons  Apply – Click to save changes. Reset- Click to undo any changes made locally and revert to previously saved values.
Page 33 Web Interface To configure DHCP server mode in the web interface: 4. Click Configuration, DHCP, Server, Mode 5. Select “Enabled” in the Global Mode of DHCP Server Mode Configuration. 6. Add Vlan range. 7. Click Apply. Figure 2-4.1.1: The DHCP server Mode Parameter description: Mode : ...
Page 34 Configure the operation mode per system. Possible modes are: Enable: Enable DHCP server per system. Disable: Disable DHCP server pre system. VLAN Range :  Indicate the VLAN range in which DHCP server is enabled or disabled. The first VLAN ID must be smaller than or equal to the second VLAN ID.
Page 35 To configure DHCP server excluded IP in the web interface: 1. Click Configuration, DHCP, Server, Excluded IP 2. Click Add IP Range then you can create new IP Range on the switch. 3. Click Apply. Figure 2-4.1.2: The DHCP server excluded IP Parameter description: IP Range : ...
Page 36 2-4.1.3 Pool This page manages DHCP pools. According to the DHCP pool, DHCP server will allocate IP address and deliver configuration parameters to DHCP client. Web Interface To configure DHCP server pool in the web interface: 1. Click Configuration, DHCP, Server, Pool 2.
Page 37: 2-4.2 Snooping
Adding a pool and giving a name is to create a new pool with "default" configuration. If you want to configure all settings including type, IP subnet mask and lease time, you can click the pool name to go into the configuration page. Name : ...
Page 38 DHCP Snooping is used to block intruder on the untrusted ports of the switch device when it tries to intervene by injecting a bogus DHCP reply packet to a legitimate conversation between the DHCP client and server. The section describes to configure the DHCP Snooping parameters of the switch.
Page 39: 2-4.3 Relay
Disabled: Disable DHCP snooping mode operation. Port Mode Configuration  Indicates the DHCP snooping port mode. Possible port modes are: Trusted: Configures the port as trusted source of the DHCP messages. Untrusted: Configures the port as untrusted source of the DHCP messages. Buttons ...
Page 40 Parameter description: Relay Mode :  Indicates the DHCP relay mode operation. Possible modes are: Enabled: Enable DHCP relay mode operation. When DHCP relay mode operation is enabled, the agent forwards and transfers DHCP messages between the clients and the server when they are not in the same subnet domain. And the DHCP broadcast message won't be flooded for security considerations.
Page 41: Security
from a DHCP message when transferring to DHCP client. It only works when DHCP relay operation mode is enabled. Disabled: Disable DHCP relay information mode operation. Relay Information Policy :  Indicates the DHCP relay information option policy. When DHCP relay information mode operation is enabled, if the agent receives a DHCP message that already contains relay agent information it will enforce the policy.
Page 42 Web Interface To configure User in the web interface: 1. Click Configuration, Security, Switch, Users. 2. Click Add new user 3. Specify the User Name parameter. 4. Click Apply. Figure 2-5.1.1: The Users configuration Parameter description: User Name  The name identifying the user. This is also a link to Add/Edit User.Password ...
Page 43 Buttons  Add New User: Click to add a new user. 2-5.1.2 Privilege Level This page provides an overview of the privilege levels. Web Interface To configure Privilege Level in the web interface: 1. Click SYSTEM, Account, Privilege Level. 2. Specify the Privilege parameter. 3.
Page 44 The name identifying the privilege group. In most cases, a privilege level group consists of a single module (e.g. LACP, RSTP or QoS), but a few of them contains more than one. The following description defines these privilege level groups in details: System: Contact, Name, Location, Timezone, Daylight Saving Time, Log.
Page 45 Web Interface To configure a Authentication Method Configuration in the web interface: 1. Specify the Client (console, telent, ssh, web) which you want to monitor. 2. Specify the Authentication Method (none,local, radius, tacacs+) 3. Checked Fallback. 4. Click Apply. Figure 2-5.1.3: The Authentication Method Configuration Parameter description: Client : ...
Page 46 Authentication Method can be set to one of the following values: none : authentication is disabled and login is not possible.  local : use the local user database on the switch for authentication.  radius : use a remote RADIUS server for authentication. ...
Page 47 Parameter description: Mode :  Indicates the SSH mode operation. Possible modes are: Enabled: Enable SSH mode operation. Disabled: Disable SSH mode operation. Buttons:  Apply – Click to save changes. Reset - Click to undo any changes made locally and revert to previously saved values.
Page 48 2-5.1.5 HTTPs This section shows you how to use HTTPS to securely access the Switch. HTTPS is a secure communication protocol that combines authentication and data encryption to provide secure encrypted communication via the browser. Web Interface To configure a HTTPS Configuration in the web interface: 1.
Page 50 2-5.1.6 Access Management This section shows you to configure access management table of the Switch including HTTP/HTTPS, SNMP, and TELNET/SSH. You can manage the Switch over an Ethernet LAN, or over the Internet. Web Interface To configure an Access Management Configuration in the web interface: 1.
Page 51 Mode :  Indicates the access management mode operation. Possible modes are: Enabled: Enable access management mode operation. Disabled: Disable access management mode operation. VLAN ID :  Indicates the VLAN ID for the access management entry. Delete :  Check to delete the entry.
Page 52 2-5.1.7 SNMP Any Network Management System (NMS) running the Simple Network Management Protocol (SNMP) can manage the Managed devices equipped with SNMP agent, provided that the Management Information Base (MIB) is installed correctly on the managed devices. The SNMP is a protocol that is used to govern the transfer of information between SNMP manager and agent and traverses the Object Identity (OID) of the management Information Base (MIB), described in the form of SMI syntax.
Page 53 Parameter description: Mode :  Indicates the SNMP mode operation. Possible modes are: Enabled: Enable SNMP mode operation. Disabled: Disable SNMP mode operation. Version  Indicates the SNMP supported version. Possible versions are: SNMP v1: Set SNMP supported version 1. SNMP v2c: Set SNMP supported version 2c.
Page 54: Global Settings
Indicates the community write access string to permit access to SNMP agent. The allowed string length is 0 to 255, and the allowed content is the ASCII characters from 33 to 126. The field is applicable only when SNMP version is SNMPv1 or SNMPv2c. If SNMP version is SNMPv3, the community string will be associated with SNMPv3 communities table.
Page 55 Trap Mode  Indicates the trap mode operation. Possible modes are: Enabled: Enable SNMP trap mode operation. Disabled: Disable SNMP trap mode operation. Trap Destination Configurations  Configure trap destinations on this page. Name  Indicates the trap Configuration's name. Indicates the trap destination's name.
Page 56 Enable  Indicates the trap destination mode operation. Possible modes are: Enabled: Enable SNMP trap mode operation. Disabled: Disable SNMP trap mode operation. Version  Indicates the SNMP trap supported version. Possible versions are: SNMPv1: Set SNMP trap supported version 1. SNMPv2c: Set SNMP trap supported version 2c.
Page 57 Trap Inform Timeout (seconds)  Indicates the SNMP trap inform timeout. The allowed range is 0 to 2147. Trap Inform Retry Times  Indicates the SNMP trap inform retry times. The allowed range is 0 to 255. Trap Probe Security Engine ID ...
Page 58 2-5.1.7.3 Communities The function is used to configure SNMPv3 communities. The Community and UserName is unique. To create a new community account, please check <Add new community> button, and enter the account information then check <Save>. Max Group Number: 4. Web Interface To display the configure SNMP Communities in the web interface: 1.
Page 59 Check to delete the entry. It will be deleted during the next save. Community  Indicates the community access string to permit access to SNMPv3 agent. The allowed string length is 1 to 32, and the allowed content is ASCII characters from 33 to 126.
Page 60 Parameter description: Delete  Check to delete the entry. It will be deleted during the next save. Engine ID  An octet string identifying the engine ID that this entry should belong to. The string must contain an even number (in hexadecimal format) with number of digits between 10 and 64, but all-zeros and all-'F's are not allowed.
Page 61 The value of security level cannot be modified if entry already exists. That means it must first be ensured that the value is set correctly. Authentication Protocol  Indicates the authentication protocol that this entry should belong to. Possible authentication protocols are: None: No authentication protocol.
Page 62 2-5.1.7.5 Group The function is used to configure SNMPv3 group. The Entry index key are Security Model and Security Name. To create a new group account, please check <Add new group> button, and enter the group information then check <Save>. Max Group Number: v1: 2, v2: 2, v3:10.
Page 63 Parameter description: Delete  Check to delete the entry. It will be deleted during the next save. Security Model  Indicates the security model that this entry should belong to. Possible security models are: v1: Reserved for SNMPv1. v2c: Reserved for SNMPv2c. usm: User-based Security Model (USM).
Page 64 2-5.1.7.6 Views The function is used to configure SNMPv3 view. The Entry index keys are OID Subtree and View Name. To create a new view account, please check <Add new view> button, and enter the view information then check <Save>. Max Group Number: 28. Configure SNMPv3 view table on this page.
Page 65 Delete  Check to delete the entry. It will be deleted during the next save. View Name  A string identifying the view name that this entry should belong to. The allowed string length is 1 to 32, and the allowed content is ASCII characters from 33 to 126. View Type ...
Page 66 Figure 2-5.1.7.7: The SNMP Accesses Configuration Parameter description: Delete  Check to delete the entry. It will be deleted during the next save. Group Name  A string identifying the group name that this entry should belong to. The allowed string length is 1 to 32, and the allowed content is ASCII characters from 33 to 126.
Page 67 v2c: Reserved for SNMPv2c. usm: User-based Security Model (USM). Security Level  Indicates the security model that this entry should belong to. Possible security models are: NoAuth, NoPriv: No authentication and no privacy. Auth, NoPriv: Authentication and no privacy. Auth, Priv: Authentication and privacy. Read View Name ...
Page 68 1. Click RMON, Statistics. 2. Click Add New Entry. 3. Specify the ID parameters. 4. Click Apply. Figure 2-5.1.8.1: The RMON Statics Configuration Parameter description: These parameters are displayed on the RMON Statistics Configuration page: Delete  Check to delete the entry. It will be deleted during the next save. ...
Page 69 Indicates the interval in seconds for sampling the history statistics data. The range is from 1 to 3600, default value is 1800 seconds. Buckets  Indicates the maximum data entries associated this History control entry stored in RMON. The range is from 1 to 3600, default value is 50. Buckets Granted ...
Page 70 Parameter description: These parameters are displayed on the RMON History Configuration page: Delete  Check to delete the entry. It will be deleted during the next save.  Indicates the index of the entry. The range is from 1 to 65535. Data Source ...
Page 71 Web Interface To display the configure RMON Alarm in the web interface: 1. Click RMON, Alarm. 2. Click Add New Entry. 3. Specify the ID parameters. 4. Click Apply. Figure 2-5.1.8.3: The RMON Alarm Configuration Parameter description: These parameters are displayed on the RMON Alarm Configuration page: Delete ...
Page 72 Indicates the interval in seconds for sampling and comparing the rising and falling threshold. The range is from 1 to 2^31-1. Variable  Indicates the particular variable to be sampled, the possible variables are: InOctets: The total number of octets received on the interface, including framing characters. InUcastPkts: The number of uni-cast packets delivered to a higher-layer protocol.
Page 73 The length of the output packet queue (in packets). Sample Type  The method of sampling the selected variable and calculating the value to be compared against the thresholds, possible sample types are: Absolute: Get the sample directly. Delta: Calculate the difference between samples (default). Value ...
Page 74 Web Interface To display the configure RMON Event in the web interface: 1. Click RMON, Event. 2. Click Add New Entry. 3. Specify the ID parameters. 4. Click Apply. Figure 2-5.1.8.4: The RMON Event Configuration Parameter description: These parameters are displayed on the RMON History Configuration page: Delete ...
Page 75: 2-5.2 Network
Indicates the notification of the event, the possible types are: None: No SNMP log is created, no SNMP trap is sent. Log: Create SNMP log entry when the event is triggered. Snmp trap: Send SNMP trap when the event is triggered. Log and trap: Create SNMP log entry and sent SNMP trap when the event is triggered.
Page 76 2. Specify the maximum number of MAC addresses in the Limit of Configuration. Port 3. Set Action (Trap, Shutdown, Trap & Shutdown) 4. Click Apply. Figure 2-5.2.1: The Port Security Limit Control Configuration Parameter description: System Configuration Mode :  Indicates if Limit Control is globally enabled or disabled on the switch.
Page 77 Period. Aging Period :  If Aging Enabled is checked, then the aging period is controlled with this input. If other modules are using the underlying port security for securing MAC addresses, they may have other requirements to the aging period. The underlying port security will use the shorter requested aging period of all modules that use the functionality.
Page 78 disabled, only one SNMP trap will be sent, but with Aging enabled, new SNMP traps will be sent every time the limit gets exceeded. Shutdown: If Limit + 1 MAC addresses is seen on the port, shut down the port. This implies that all secured MAC addresses will be removed from the port, and no new address will be learned.
Page 79 You can click them for refresh the Port Security information by manual. Buttons:  Apply – Click to save changes. Reset- Click to undo any changes made locally and revert to previously saved values. 2-5.2.2 NAS The section describes to configure the NAS parameters of the switch. The NAS server can be employed to connect users to a variety of resources including Internet access, conference calls, printing documents on shared printers, or by simply logging on to the Internet.
Page 80 Parameter description: Mode :  Indicates if NAS is globally enabled or disabled on the switch. If globally disabled, all ports are allowed forwarding of frames. Reauthentication Enabled :  If checked, successfully authenticated supplicants/clients are reauthenticated after the interval specified by the Reauthentication Period. Reauthentication for 802.1X-enabled ports can be used to detect if a new device is plugged into a switch port or if a supplicant is no longer attached.
Page 81 Reauthentication Period :  Determines the period, in seconds, after which a connected client must be reauthenticated. This is only active if the Reauthentication Enabled checkbox is checked. Valid values are in the range 1 to 3600 seconds. EAPOL Timeout : ...
Page 82 • Multi 802.1X • MAC-Based Auth. If a client is denied access - either because the RADIUS server denies the client access or because the RADIUS server request times out (according to the timeout specified on the "Configuration→Security→AAA" page) - the client is put on hold in the Un-authorized state.
Page 83 special 802.1X frames, known as EAPOL (EAP Over LANs) frames. EAPOL frames encapsulate EAP PDUs (RFC3748). Frames sent between the switch and the RADIUS server are RADIUS packets. RADIUS packets also encapsulate EAP PDUs together with other attributes like the switch's IP address, name, and the supplicant's port number on the switch.
Page 84 In port-based 802.1X authentication, once a supplicant is successfully authenticated on a port, the whole port is opened for network traffic. This allows other clients connected to the port (for instance through a hub) to piggy-back on the successfully authenticated client and get network access even though they really aren't authenticated.
Page 85 The maximum number of supplicants that can be attached to a port can be limited using the Port Security Limit Control functionality. MAC-based Auth.:  Unlike port-based 802.1X, MAC-based authentication is not a standard, but merely a best-practices method adopted by the industry. In MAC-based authentication, users are called clients, and the switch acts as the supplicant on behalf of clients.
Page 86 RADIUS Access-Accept packet no longer carries a QoS Class or it's invalid, or the supplicant is otherwise no longer present on the port, the port's QoS Class is immediately reverted to the original QoS Class (which may be changed by the administrator in the meanwhile without affecting the RADIUS-assigned).
Page 87 • Single 802.1X For trouble-shooting VLAN assignments, use the "Monitor→VLANs→VLAN Membership and VLAN Port" pages. These pages show which modules have (temporarily) overridden the current Port VLAN configuration. RADIUS attributes used in identifying a VLAN ID: RFC2868 and RFC3580 form the basis for the attributes used in identifying a VLAN ID in an Access-Accept packet.
Page 88 EAPOL Request Identity frames. If the number of transmissions of such frames exceeds Max. Reauth. Count and no EAPOL frames have been received in the meanwhile, the switch considers entering the Guest VLAN. The interval between transmissions of EAPOL Request Identity frames is configured with EAPOL Timeout. If Allow Guest VLAN if EAPOL Seen is enabled, the port will now be placed in the Guest VLAN.
Page 89 You can click them for refresh the NAS Configuration by manual. 2-5.2.3 ACL The IGP-1271 Series switch access control list (ACL) is probably the most commonly used object in the IOS. It is used for packet filtering but also for selecting types of traffic to be analyzed, forwarded, or influenced in some way.
Page 90 Web Interface To configure the ACL Ports Configuration in the web interface: 1. Click Configuration, ACL, then Ports 2. To scroll the specific parameter value to select the correct value for port ACL setting. 3. Click the save to save the setting 4.
Page 91 Select whether forwarding is permitted ("Permit") or denied ("Deny"). The default value is "Permit". Rate Limiter ID :  Select which rate limiter to apply on this port. The allowed values are Disabled or the values 1 through 16. The default value is "Disabled". Port Redirect : ...
Page 92 Counts the number of frames that match this ACE. Buttons  Apply – Click to save changes. Reset- Click to undo any changes made locally and revert to previously saved values. Upper right icon (Refresh, clear)  You can click them for refresh the ACL Port Configuration or clear them by manual.
Page 93 2-5.2.3.2 Rate Limiters The section describes how to configure the switch’s ACL Rate Limiter parameters. The Rate Limiter Level from 1 to 16 that allow user to set rate limiter value and units with pps or kbps. Web Interface To configure ACL Rate Limiter in the web interface: 1.
Page 94 Buttons  Apply – Click to save changes. Reset - Click to undo any changes made locally and revert to previously saved values. 2-5.2.3.3 Access Control List The section describes how to configure Access Control List rule. An Access Control List (ACL) is a sequential list of permit or deny conditions that apply to IP addresses, MAC addresses, or other more specific criteria.
Page 95 Port Copy, Logging, and Shutdown). Figure 2-5.2.3.3: The ACL Rate Limiter Configuration Parameter description: Ingress Port :  Indicates the ingress port of the ACE. Possible values are: Any: The ACE will match any ingress port. Policy: The ACE will match ingress ports with a specific policy. Port: The ACE will match a specific ingress port.
Page 96 Any: The ACE will match any frame type. EType: The ACE will match Ethernet Type frames. Note that an Ethernet Type based ACE will not get matched by IP and ARP frames. ARP: The ACE will match ARP/RARP frames. IPv4: The ACE will match all IPv4 frames. IPv4/ICMP: The ACE will match IPv4 frames with ICMP protocol.
Page 97 Shutdown :  Indicates the port shut down operation of the ACE. Possible values are: Enabled: If a frame matches the ACE, the ingress port will be disabled. Disabled: Port shut down is disabled for the ACE. Counter :  The counter indicates the number of times the ACE was hit by a frame.
Page 98 DMAC Filter  Specify the destination MAC filter for this ACE. Any: No DMAC filter is specified. (DMAC filter status is "don't-care".) MC: Frame must be multicast. BC: Frame must be broadcast. UC: Frame must be unicast. Specific: If you want to filter a specific destination MAC address with this ACE, choose this value.
Page 99 2-5.2.4 IP Source Guard The section describes to configure the IP Source Guard detail parameters of the switch. You could use the IP Source Guard configure to enable or disable with the Port of the switch. 2-5.2.4.1 Configuration This section describes how to configure IP Source Guard setting including： Mode (Enabled and Disabled) Maximum Dynamic Clients (0, 1, 2, Unlimited) Web Interface...
Page 100 Mode of IP Source Guard Configuration :  Enable the Global IP Source Guard or disable the Global IP Source Guard. All configured ACEs will be lost when the mode is enabled. Port Mode Configuration :  Specify IP Source Guard is enabled on which ports. Only when both Global Mode and Port Mode on a given port are enabled, IP Source Guard is enabled on this given port.
Page 101 2-5.2.4.2 Static Table The section describes to configure the Static IP Source Guard Table parameters of the switch. You could use the Static IP Source Guard Table configure to manage the entries. Web Interface To configure a Static IP Source Guard Table Configuration in the web interface: 1.
Page 102 The logical port for the settings. VLAN ID :  The VLAN id for the settings. IP Address :  Allowed Source IP address. MAC address :  Allowed Source MAC address. Adding new entry :  Click to add a new entry to the Static IP Source Guard table. Specify the Port, VLAN ID, IP address, and IP Mask for the new entry.
Page 103 Figure 2-5.2.5.1: The ARP Inspection Configuration Parameter description: Mode of ARP Inspection Configuration :  Enable the Global ARP Inspection or disable the Global ARP Inspection. Port Mode Configuration :  Specify ARP Inspection is enabled on which ports. Only when both Global Mode and Port Mode on a given port are enabled, ARP Inspection is enabled on this given port.
Page 104 Enabled: Enable check VLAN operation. Disabled: Disable check VLAN operation. Only the Global Mode and Port Mode on a given port are enabled, and the setting of "Check VLAN" is disabled, the log type of ARP Inspection will refer to the port setting.
Page 105 Parameter description: VLAN Mode Configuration  Specify ARP Inspection is enabled on which VLANs. First, you have to enable the port setting on Port mode configuration web page. Only when both Global Mode and Port Mode on a given port are enabled, ARP Inspection is enabled on this given port.
Page 106 Apply: Click to save changes. Reset: Click to undo any changes made locally and revert to previously saved values.
Page 107 2-5.2.5.3 Static Table The section describes to configure the Static ARP Inspection Table parameters of the switch. You could use the Static ARP Inspection Table configure to manage the ARP entries. Web Interface To configure a Static ARP Inspection Table Configuration in the web interface: 1.
Page 108 Port :  The logical port for the settings. VLAN ID :  The vlan id for the settings. MAC Address :  Allowed Source MAC address in ARP request packets. IP Address :  Allowed Source IP address in ARP request packets. Adding new entry : ...
Page 109 refresh with the same start address. The will use the last entry of the currently displayed table as a basis for the next lookup. When the end is reached the text "No more entries" is shown in the displayed table. Use the button to start over.
Page 110: 2-5.3 Aaa
User MAC address of the entry. IP Address  User IP address of the entry. Translate to static  Select the checkbox to translate the entry to static entry. Buttons:  Apply – Click to save changes. Reset- Click to undo any changes made locally and revert to previously saved values.
Page 111 RADIUS server to create and manage objects that contain settings for using AAA servers. 2-5.3.1 RADIUS Web Interface To configure a Common Configuration of AAA, RADIUS in the web interface: 1. Click Configuration, Security, AAA and RADIUS. 2. Specify the Parameter. 3.
Page 112 Parameter description: Global Configuration These setting are common for all of the RADIUS servers. Timeout  Timeout is the number of seconds, in the range 1 to 1000, to wait for a reply from a RADIUS server before retransmitting the request. Retransmit ...
Page 113 NAS-IPv6-Address (Attribute 95)  The IPv6 address to be used as attribute 95 in RADIUS Access-Request packets. If this field is left blank, the IP address of the outgoing interface is used. NAS-Identifier (Attribute 32)  The identifier - up to 255 characters long - to be used as attribute 32 in RADIUS Access-Request packets.
Page 114 Adding a New Server Click to add a new RADIUS server. An empty row is added to the table, and the RADIUS server can be configured as needed. Up to 5 servers are supported. The button can be used to undo the addition of the new server. Buttons Apply: ...
Page 115 Parameter description: Global Configuration These setting are common for all of the TACACS+ servers. Timeout  Timeout is the number of seconds, in the range 1 to 1000, to wait for a reply from a TACACS+ server before it is considered to be dead. Deadtime ...
Page 116 Setting the Deadtime to a value greater than 0 (zero) will enable this feature, but only if more than one server has been configured.  The secret key - up to 63 characters long - shared between the TACACS+ server and the switch.
Page 117: Aggregation
Reset:  Click to undo any changes made locally and revert to previously saved values. 2-6 Aggregation The Aggregation is used to configure the settings of Link Aggregation. You can bundle more than one port with the same speed, full duplex and the same MAC to be a single logical port, thus the logical port aggregates the bandwidth of these ports.
Page 118 Figure 2-6.1: The Aggregation Mode Configuration Parameter description: Hash Code Contributors Source MAC Address :  The Source MAC address can be used to calculate the destination port for the frame. Check to enable the use of the Source MAC address, or uncheck to disable. By default, Source MAC Address is enabled.
Page 119: 2-6.2 Lacp
TCP/UDP Port Number :  The TCP/UDP port number can be used to calculate the destination port for the frame. Check to enable the use of the TCP/UDP Port Number, or uncheck to disable. By default, TCP/UDP Port Number is enabled. Aggregation Group Configuration Group ID : ...
Page 120 5. If you want to cancel the setting then you need to click the reset button. It will revert to previously saved values Figure 2-6.2: The LACP Port Configuration Parameter description: Port :  The switch port number. LACP Enabled ...
Page 121: Link Oam
The Timeout controls the period between BPDU transmissions. Fast will transmit LACP packets each second, while Slow will wait for 30 seconds before sending a LACP packet. Prio  The Prio controls the priority of the port. If the LACP partner wants to form a larger group than is supported by this device then this parameter will control which ports will be active and which ports will be in a backup role.
Page 122 Parameter description: Port  The switch port number. OAM Enabled  Controls whether Link OAM is enabled on this switch port. Enabling Link OAM provides the network operators the ability to monitor the health of the network and quickly determine the location of failing links or fault conditions. OAM Mode ...
Page 123: 2-7.2 Event Settings
MIB Retrieval Support  Controls whether the MIB Retrieval Support is enabled for the switch port. On enabling the MIB retrieval support, the DTE supports polling of various Link OAM based MIB variables' contents. Loopback Operation  If the Loopback support is enabled, enabling this field will start a loopback operation for the port.
Page 124 The switch port number. Event Name  Name of the Link Event which is being configured. Error Window  Represents the window period in the order of 1 sec for the observation of various link events. Error Threshold  Represents the threshold value for the window period for the appropriate Link event so as to notify the peer of this error.
Page 125: Loop Protection
2-8 Loop Protection The loop Protection is used to detect the presence of traffic. When switch receives packet’s (looping detection frame) MAC address the same as oneself from port, show Loop Protection happens. The port will be locked when it received the looping Protection frames.
Page 126 Parameter description: Enable Loop Protection:  Controls whether loop protections is enabled (as a whole). Transmission Time:  The interval between each loop protection PDU sent on each port. Valid values are 1 to 10 seconds. Shutdown Time:  The period (in seconds) for which a port will be kept disabled in the event of a loop is detected (and the port action shuts down the port).
Page 127: Spanning Tree
2-9 Spanning Tree The Spanning Tree Protocol (STP) can be used to detect and disable network loops, and to provide backup links between switches, bridges or routers. This allows the switch to interact with other bridging devices (that is, an STP-compliant switch, bridge or router) in your network to ensure that only one route exists between any two stations on the network, and provide backup links which automatically take over when a primary link goes down.
Page 128 The section describes that how to configure the Spanning Tree Bridge and STP System settings. It allows you to configure STP System settings are used by all STP Bridge instance in the switch. Web Interface To configure the Spanning Tree Bridge Settings parameters in the web interface: 1.
Page 129: Basic Settings
Figure 2-9.1: The STP Bridge Configuration Parameter description: Basic Settings Protocol Version :  The STP protocol version setting. Valid values are STP, RSTP and MSTP. Bridge Priority :  Controls the bridge priority. Lower numeric values have better priority. The bridge priority plus the MSTI instance number, concatenated with the 6-byte MAC address of the switch forms a Bridge Identifier.
Page 130: Advanced Settings
(FwdDelay-1)*2. Maximum Hop Count :  This defines the initial value of remaining Hops for MSTI information generated at the boundary of an MSTI region. It defines how many bridges a root bridge can distribute its BPDU information to. Valid values are in the range 6 to 40 hops. Transmit Hold Count : ...
Page 131: 2-9.2 Msti Mapping
2-9.2 MSTI Mapping When you implement a Spanning Tree protocol on the switch that the bridge instance. The CIST is not available for explicit mapping, as it will receive the VLANs not explicitly mapped. Due to the reason that you need to set the list of VLANs mapped to the MSTI. The VLANs must be separated with comma and/or space.
Page 132 Parameter description: Configuration Identification Configuration Name :  The name identifying the VLAN to MSTI mapping. Bridges must share the name and revision (see below), as well as the VLAN-to-MSTI mapping configuration in order to share spanning trees for MSTI's (Intra-region). The name is at most 32 characters. Configuration Revision : ...
Page 133 VLANs Mapped :  The list of VLANs mapped to the MSTI. The VLANs can be given as a single (xx, xx being between 1 and 4094) VLAN, or a range (xx-yy), each of which must be separated with comma and/or space. A VLAN can only be mapped to one MSTI. An unused MSTI should just be left empty.
Page 134: 2-9.3 Msti Priorities
2-9.3 MSTI Priorities When you implement a Spanning Tree protocol on the switch that the bridge instance. The CIST is the default instance which is always active. For controls the bridge priority. Lower numeric values have better priority. The bridge priority plus the MSTI instance number, concatenated with the 6-byte MAC address of the switch forms a Bridge Identifier The section describes it allows the user to inspect the current STP MSTI bridge...
Page 135: 2-9.4 Cist Ports
Parameter description: MSTI :  The bridge instance. The CIST is the default instance, which is always active. Priority :  Controls the bridge priority. Lower numeric values have better priority. The bridge priority plus the MSTI instance number, concatenated with the 6-byte MAC address of the switch forms a Bridge Identifier.
Page 136 Web Interface To configure the Spanning Tree CIST Ports parameters in the web interface: 1. Click Configuration, Spanning Tree, CIST Ports 2. Scroll and evoke to set all parameters of CIST Aggregated Port Configuration. 3. Evoke to enable or disable the STP, then scroll and evoke to set all parameters of the CIST normal Port configuration.
Page 137 Controls whether STP is enabled on this switch port. Path Cost :  Controls the path cost incurred by the port. The Auto setting will set the path cost as appropriate by the physical link speed, using the 802.1D recommended values. Using the Specific setting, a user-defined value can be entered.
Page 138: 2-9.5 Msti Ports
Restricted TCN :  If enabled, causes the port not to propagate received topology change notifications and topology changes to other ports. If set it can cause temporary loss of connectivity after changes in a spanning tree's active topology as a result of persistently incorrect learned station location information.
Page 139 Web Interface To configure the Spanning Tree MSTI Port Configuration parameters in the web interface: 1. Click Configuration, Spanning Tree, MSTI Ports 2. Scroll to select the MST1 or other MSTI Port 3. Click Get to set the detail parameters of the MSTI Ports. 4.
Page 140: Ipmc Profile
Port :  The switch port number of the corresponding STP CIST (and MSTI) port. Path Cost :  Controls the path cost incurred by the port. The Auto setting will set the path cost as appropriate by the physical link speed, using the 802.1D recommended values. Using the Specific setting, a user-defined value can be entered.
Page 141 Figure 2-10.1: The IPMC Profile Configuration...
Page 142: 2-10.2 Address Entry
Parameter description: Global Profile Mode  Enable/Disable the Global IPMC Profile. System starts to do filtering based on profile settings only when the global profile mode is enabled. Delete  Check to delete the entry. The designated entry will be deleted during the next save. Profile Name ...
Page 143 Web Interface To configure the IPMC Profile Address Configuration in the web interface: 1. Click Configuration, IPMC Profile, Address Entry. 2. Specify the Entry Name, Start Address, End Address. 3. Click Apply Figure 2-10.2: The IPMC Profile Address Configuration Parameter description: Delete ...
Page 144: 2-11Mvr
and numeric characters. At least one alphabet must be present. Start Address  The starting IPv4/IPv6 Multicast Group Address that will be used as an address range. End Address  The ending IPv4/IPv6 Multicast Group Address that will be used as an address range.
Page 145 4. If you want to cancel the setting then you need to click the Reset button. It will revert to previously saved values Figure 2-11: The MVR Configuration...
Page 146 Parameter description: MVR Mode  Enable/Disable the Global MVR. The Unregistered Flooding control depends on the current configuration in IGMP/MLD Snooping. It is suggested to enable Unregistered Flooding control when the MVR group table is full. Delete  Check to delete the entry. The designated entry will be deleted during the next save.
Page 147 membership reports on source ports. In Compatible mode, MVR membership reports are forbidden on source ports. The default is Dynamic mode. Tagging  Specify whether the traversed IGMP/MLD control frames will be sent as Untagged or Tagged with MVR VID. The default is tagged. Priority ...
Page 148: Ipmc
Role is Inactive. Immediate Leave  Enable the fast leave on the port. 2-12 IPMC ICMP is an acronym for Internet Control Message Protocol. It is a protocol that generated the error response, diagnostic or routing purposes. ICMP messages generally contain information about routing difficulties or simple exchanges such as time-stamp or echo transactions.
Page 149 connects to a router closer to the root of the tree. This interface is the upstream interface. The router on the upstream interface should be running IGMP Web Interface To configure the IGMP Snooping parameters in the web interface: 1. Click Configuration, IPMC,IGMP Snooping, Basic Configuration 2.
Page 150 Snooping Enabled:  Enable the Global IGMP Snooping. Unregistered IPMCv4 Flooding enabled :  Enable unregistered IPMCv4 traffic flooding. IGMP SSM Range :  SSM (Source-Specific Multicast) Range allows the SSM-aware hosts and routers run the SSM service model for the groups in the address range. Format: (IP address/ sub mask) Leave Proxy Enable: ...
Page 151 Snooping function. For Each setting page shows up to 99 entries from the VLAN table, default being 20, selected through the "entries per page" input field. When first visited, the web page will show the first 20 entries from the beginning of the VLAN Table. The first displayed will be the one with the lowest VLAN ID found in the VLAN Table.
Page 152 Parameter description: Delete :  Check to delete the entry. The designated entry will be deleted during the next save. VLAN ID :  It displays the VLAN ID of the entry. IGMP Snooping Enabled :  Enable the per-VLAN IGMP Snooping. Only up to 32 VLANs can be selected. . Querier Election : ...
Page 153 network. The allowed selection is IGMP-Auto, Forced IGMPv1, Forced IGMPv2, Forced IGMPv3, default compatibility value is IGMP-Auto. PRI :  Priority of Interface. It indicates the IGMP control frame priority level generated by the system. These values can be used to prioritize different classes of traffic. The allowed range is 0 (best effort) to 7 (highest), default interface priority value is Rv : ...
Page 154 Apply – Click to save changes. Reset- Click to undo any changes made locally and revert to previously saved values. Upper right icon (Refresh, |<<, >>) :  You can click them Refreshes the displayed table starting from the "VLAN" input fields.
Page 155 the blank field. 4. Click the save to save the setting 5. If you want to cancel the setting then you need to click the Reset button. It will revert to previously saved values Figure 2-12.1.3: The IGMP Snooping Port Group Filtering Profile. Parameter description: Port : ...
Page 156: 2-12.2 Mld Snooping
2-12.2 MLD Snooping Curiously enough, a network node that acts as a source of IPv6 multicast traffic is only an indirect participant in MLD snooping—it just provides multicast traffic, and MLD doesn’t interact with it. (Note, however, that in an application like desktop conferencing a network node may act as both a source and an MLD host;...
Page 157 To configure the MLD Snooping Configuration in the web interface: 1. Click Configuration, MLD Snooping, Basic Configuration 2. Evoke to enable or disable the Global configuration parameters. Evoke the port to join Router port and Fast Leave. 3. Scroll to select the Throtting mode with unlimited or 1 to 10 4.
Page 158 Figure 2-12.2.1: The MLD Snooping Basic Configuration. Parameter description: Snooping Enabled :  Enable the Global MLD Snooping. Unregistered IPMCv6 Flooding enabled :  Enable unregistered IPMCv6 traffic flooding. The flooding control takes effect only when MLD Snooping is enabled. When MLD Snooping is disabled, unregistered IPMCv6 traffic flooding is always active in spite of this setting.
Page 159 SSM (Source-Specific Multicast) Range allows the SSM-aware hosts and routers run the SSM service model for the groups in the address (Using IPv6 Address) range. Leave Proxy Enabled :  Enable MLD Leave Proxy. This feature can be used to avoid forwarding unnecessary leave messages to the router side.
Page 160 Web Interface To configure the MLD Snooping VLAN Configuration in the web interface: 1. Click Configuration, IPMC, MLD Snooping, VLAN Configuration 2. Specify the VLAN ID with entries per page. 3. Click “Refresh” to refresh an entry of the MLD Snooping VLAN Configuration Information.
Page 161 Querier Address :  Define the IPv4 address as source address used in IP header for IGMP Querier election. When the Querier address is not set, system uses IPv4 management address of the IP interface associated with this VLAN. When the IPv4 management address is not set, system uses the first available IPv4 management address.
Page 162 tenths of seconds; default query response interval is 100 in tenths of seconds (10 seconds). LLQI (LMQI for IGMP) :  Last Member Query Interval. The Last Member Query Time is the time value represented by the Last Member Query Interval, multiplied by the Last Member Query Count.
Page 163 4. Click the Apply to save the setting 5. If you want to cancel the setting then you need to click the Reset button. It will revert to previously saved values Figure 2-12.2.3: The MLD Snooping Port Group Filtering Configuration Parameter description: Port : ...
Page 164: Lldp
2-13 LLDP The switch supports the LLDP. For current information on your switch model, The Link Layer Discovery Protocol (LLDP) provides a standards-based method for enabling switches to advertise themselves to adjacent devices and to learn about adjacent LLDP devices. The Link Layer Discovery Protocol (LLDP) is a vendor-neutral Link Layer protocol in the Internet Protocol Suite used by network devices for advertising their identity, capabilities, and neighbors on a IEEE 802 local area network, principally wired Ethernet.
Page 165 Parameter description: LLDP Parameters Tx Interval :  The switch periodically transmits LLDP frames to its neighbours for having the network discovery information up-to-date. The interval between each LLDP frame is determined by the Tx Interval value. Valid values are restricted to 5 - 32768 seconds. Tx Hold : ...
Page 166 the shutdown frame and a new LLDP initialization. Valid values are restricted to 1 - 10 seconds. LLDP Port Configuration The LLDP port settings relate to the currently selected, as reflected by the page header. Port :  The switch port number of the logical LLDP port. Mode : ...
Page 167 CDP TLV "Port ID" is mapped to the LLDP "Port ID" field. CDP TLV "Version and Platform" is mapped to the LLDP "System Description" field. Both the CDP and LLDP support "system capabilities", but the CDP capabilities cover capabilities that are not part of the LLDP. These capabilities are shown as "others" in the LLDP neighbors’...
Page 168 Reset- Click to undo any changes made locally and revert to previously saved values.
Page 169: 2-13.2 Lldp-Med
2-13.2 LLDP-MED Media Endpoint Discovery is an enhancement of LLDP, known as LLDP-MED that provides the following facilities: Auto-discovery of LAN policies (such as VLAN, Layer 2 Priority and Differentiated services (Diffserv) settings) enabling plug and play networking. Device location discovery to allow creation of location databases and, in the case of Voice over Internet Protocol (VoIP), Enhanced 911 services.
Page 170 Parameter description: Fast start repeat count...
Page 171 Rapid startup and Emergency Call Service Location Identification Discovery of endpoints is a critically important aspect of VoIP systems in general. In addition, it is best to advertise only those pieces of information which are specifically relevant to particular endpoint types (for example only advertise the voice network policy to permitted voice-capable devices), both in order to conserve the limited LLDPU space and to reduce security and system integrity issues that can come with inappropriate knowledge of the network policy.
Page 172 Longitude SHOULD be normalized to within 0-180 degrees with a maximum of 4 digits. It is possible to specify the direction to either East of the prime meridian or West of the prime meridian. Altitude :  Altitude SHOULD be normalized to within -32767 to 32767 with a maximum of 4 digits.
Page 173 State :  National subdivisions (state, canton, region, province, prefecture). County :  County, parish, gun (Japan), district. City :  City, township, shi (Japan) - Example: Copenhagen. City district :  City division, borough, city district, ward, chou (Japan). Block (Neighbourhood) : ...
Page 174 Additional location info - Example: South Wing. Name :  Name (residence and office occupant) - Example: Flemming Jahn. Zip code :  Postal/zip code - Example: 2791. Building :  Building (structure) - Example: Low Library. Apartment :  Unit (Apartment, suite) - Example: Apt 42.
Page 175 trunk-based PSAP. This format consists of a numerical digit string, corresponding to the ELIN to be used for emergency calling. Policies Network Policy Discovery enables the efficient discovery and diagnosis of mismatch issues with the VLAN configuration, along with the associated Layer 2 and Layer 3 attributes, which apply for a set of specific protocol applications on that port.
Page 176 It should be noted that LLDP-MED is not intended to run on links other than between Network Connectivity Devices and Endpoints, and therefore does not need to advertise the multitude of network policies that frequently run on an aggregated link interior to the LAN.
Page 177 6. Video Conferencing - for use by dedicated Video Conferencing equipment and other similar appliances supporting real-time interactive video/audio services. 7. Streaming Video - for use by broadcast or multicast based video content distribution and other similar applications supporting streaming video services that require specific network policy treatment.
Page 178: Poe
point values (0 through 63). A value of 0 represents use of the default DSCP value as defined in RFC 2475. Adding a new policy :  Click to add a new policy. Specify the Application type, Tag, VLAN ID, L2 Priority and DSCP for the new policy.
Page 179: 2- 14.1 Configuration
802.3af 802.3at Detection PSE detects if the PD has the correct 2.7-10.1 signature resistance of 19–26.5 kΩ Classification PSE detects resistor indicating power 14.5-20.5 range Mark 1 Signals PSE is 802.3at capable. PD 7-10 ─ presents a 0.25–4 mA load. Class 2 PSE outputs classification voltage 14.5-20.5...
Page 180 2. Specify the Reserved Power determined and Power Management ode. Specify the PoE or PoE+ and Priority. 3. Click Apply. Figure 2-14.1: The PoE Configuration Parameter description: Power Supply Configuration Reserved Power determined by :  There are three modes for configuring how the ports/PDs may reserve power. 1.
Page 181 Watts. In this mode the Maximum Power fields have no effect. 3. LLDP-MED mode: This mode is similar to the Class mode expect that each port determine the amount power it reserves by exchanging PoE information using the LLDP protocol and reserves power accordingly. If no LLDP information is available for a port, the port will reserve power using the class mode In this mode the Maximum Power fields have no effect for all modes: If a port uses more power than the reserved power for the port, the port is shut down.
Page 182 The PoE Mode represents the PoE operating mode for the port. Disabled: PoE disabled for the port. PoE : Enables PoE IEEE 802.3af (Class 4 PDs limited to 15.4W) PoE+ : Enables PoE+ IEEE 802.3at (Class 4 PDs limited to 30W) Priority : ...
Page 183: 2- 14.2 Power Delay
2- 14.2 Power Delay This page allows the user to setting the delay time of power providing after device rebooted. Web Interface To Display Power over Ethernet Status in the web interface: 1. Click Configuration, PoE, and Power delay. 2. Enable the port to the power device. 3.
Page 184 Turn on / off the power delay function. Enabled: Enable POE Power Delay. Disabled: Disable POE Power Delay. Delay Time(0~300sec) :  When rebooting, the PoE port will start to provide power to the PD when it out of delay time. Default: 0, range: 0-300 sec.
Page 185: 2- 14.3 Schedule Profile
2- 14.3 Schedule Profile This page allows the user to make a perfect schedule of PoE power supply. PoE Scheduling not only makes PoE management easier but also saves more energy Web Interface To Display Power Over Ethernet Scheduling in the web interface: Click Configuration, PoE, and Scheduling.
Page 186: 2- 14.4 Auto Checking
Power Supply Configuration Port :  This is the logical port number for this row. Status :  PoE Scheduling Status. Enabled: Enable POE Scheduling. Disabled: Disable POE Scheduling. Hour :  The time of PoE port provide power of a day. 2- 14.4 Auto Checking This page allows the user to specify the auto detection parameters to check the linking status between PoE ports and PDs.
Page 187 Parameter description: Power Supply Configuration Ping Check :  Enable Ping Check function can detects the connection between PoE port and power device. Disable will turn off the detection. Port :  This is the logical port number for this row. Ping IP Address : ...
Page 188: 2- 14.5 Chip Reset Schedule
Failure Action :  The action when the third fail detection. Nothing: Keep Ping the remote PD but does nothing further. Reboot Remote PD: Cut off the power of the PoE port, make PD rebooted. Reboot time(sec) :  When PD has been rebooted, the PoE port restored power after the specified time. Default: 15, range: 3-120 sec.
Page 189: Eps
Disabled: Disable PoE chip reset. Week Day  The day to reset PoE chip. PoE Chip Reset Time  The time to reset PoE chip. Buttons:  Apply – Click to save changes. Reset- Click to undo any changes made locally and revert to previously saved values.
Page 190 Power Supply Configuration Delete  This box is used to mark an EPS for deletion in next save operation. EPS ID  The ID of the EPS. Click on the ID of an EPS to enter the configuration page. The range is 1-100.
Page 191 Reset- Click to undo any changes made locally and revert to previously saved values.
Page 192: Mep
2-16 MEP The Maintenance Entity Point instances are configured here. Web Interface To configure the MEP parameters in the web interface: Click Configuration and MEP. Specify the Maintenance Entity Point parameters. Click Apply to apply the change. Figure 2-16: The Maintenance Entity Point Parameter description: Power Supply Configuration Delete...
Page 193 Direction  Down: This is a Down MEP - monitoring ingress OAM and traffic on 'Residence Port'. Up: This is a Up MEP - monitoring egress OAM and traffic on 'Residence Port'. Residence Port  The port where MEP is monitoring - see 'Direction'. For a EVC MEP the port must be a port in the EVC.
Page 194: Erps
2-17 ERPS The ERPS instances are configured here. Web Interface To configure the Ethernet Ring Protection Switching parameters in the web interface: Click Configuration and ERPS. Specify the Ethernet Ring Protection Switching parameters. Click Apply to apply the change. Figure 2-17: The Ethernet Ring Protection Switching Parameter description: Power Supply Configuration Delete...
Page 195 Port: This will create a 1+1 EPS. Port: This will create a 1:1 EPS. W Flow  The working flow for the EPS - See 'Domain'. P Flow  The protecting flow for the EPS - See 'Domain'. W SF MEP ...
Page 196: Mac Table
2-18 MAC Table Switching of frames is based upon the DMAC address contained in the frame. The switch builds up a table that maps MAC addresses to switch ports for knowing which ports the frames should go to (based upon the DMAC address in the frame). This table contains both static and dynamic entries.
Page 197 Parameter description: Aging Configuration :  By default, dynamic entries are removed from the MAC table after 300 seconds. This removal is also called aging. Configure aging time by entering a value here in seconds; for example, Age time seconds. The allowed range is 10 to 1000000 seconds.
Page 198 MAC-Based Authentication under 802.1X. Each port can do learning based upon the following settings: Auto :  Learning is done automatically as soon as a frame with unknown SMAC is received. Disable :  No learning is done. Secure : ...
Page 199 Adding a New Static Entry :  Click to add a new entry to the static MAC table. Specify the VLAN ID, MAC address, and port members for the new entry. Click "Apply". Buttons:  Apply – Click to save changes. Reset- Click to undo any changes made locally and revert to previously saved values.
Page 200: Vlan Translation
2-19 VLAN Translation 2- 19.1 Port to Group Mapping This page allows you to configure switch Ports to use a given VLAN Translation Mapping Group. This will enable all VLAN Translation mappings of that group (if any) on the selected switch port.
Page 201: 2- 19.2 Vid Translation Mapping
The Port column shows the list of ports for which you can configure the VLAN Translation Mapping Group. Default  To set the switch port to use the default VLAN Translation Group click the checkbox and press Save. Group ID ...
Page 202 Parameter description: Power Supply Configuration Group ID  The VLAN Translation mappings are organized into Groups, identified by the Group ID. This way a port is configured to use a number of VLAN Translation mappings easily by simply configuring it to use a given group. Then number of possible groups in a switch is equal to the number of ports present in this switch.
Page 203: Vlans
Cancel- Return to the previous page; any changes made locally will be undone. 2-20 VLANs To assign a specific VLAN for management purpose. The management VLAN is used to establish an IP connection to the switch from a workstation connected to a port in the VLAN.
Page 204 Parameter description: Global VLAN Configuration Existing VLANs :  This field shows the VLANs that are created on the switch. By default, only VLAN 1 exists. More VLANs may be created by using a list syntax where the individual elements are separated by commas. Ranges are specified with a dash separating the lower and upper bound.
Page 205 • Member of exactly one VLAN, the Port VLAN (a.k.a. Access VLAN), which by default is 1, • accepts untagged frames and C-tagged frames, • discards all frames that are not classified to the Access VLAN, • on egress all frames are transmitted untagged. Trunk: Trunk ports can carry traffic on multiple VLANs simultaneously, and are normally used to connect to other switches.
Page 206 Port Type :  Ports in hybrid mode allow for changing the port type, that is, whether a frame's VLAN tag is used to classify the frame on ingress to a particular VLAN, and if so, which TPID it reacts on. Likewise, on egress, the Port Type determines the TPID of the tag, if a tag is required.
Page 207 This is useful in scenarios where a cloud of intermediary switches must bridge VLANs that haven't been created. By configuring the ports that connect the cloud of switches as trunking ports, they can seemlessly carry those VLANs from one end to the other. Ingress Acceptance : ...
Page 208 Forbidden VLANs :  A port may be configured to never be member of one or more VLANs. This is particularly useful when dynamic VLAN protocols like MVRP and GVRP must be prevented from dynamically adding ports to VLANs. The trick is to mark such VLANs as forbidden on the port in question. The syntax is identical to the syntax used in the Existing VLANs field.
Page 209: Private Vlans
2-21 Private VLANs In a private VLAN, communication between ports in that private VLAN is not permitted. A VLAN can be configured as a private VLAN. 2-21.1 Membership The Private VLAN membership configurations for the switch can be monitored and modified here.
Page 210 Delete  To delete a private VLAN entry, check this box. The entry will be deleted during the next save. Private VLAN ID  Indicates the ID of this particular private VLAN. Port Members  A row of check boxes for each port is displayed for each private VLAN ID. To include a port in a Private VLAN, check the box.
Page 211: 2-21.2 Port Isolation
2-21.2 Port Isolation This page is used for enabling or disabling port isolation on ports in a Private VLAN. A port member of a VLAN can be isolated to other isolated ports on the same VLAN and Private VLAN. Web Interface To configure Port Isolation configuration in the web interface: Click Configuration, Private VLAN, Port Isolation.
Page 212 values.
Page 213: Vcl
2-22 VCL 2-22.1 MAC-based VLAN MAC address-based VLAN decides the VLAN for forwarding an untagged frame based on the source MAC address of the frame. A most common way of grouping VLAN members is by port, hence the name port-based VLAN. Typically, the device adds the same VLAN tag to untagged packets that are received through the same port.
Page 214 Figure 2-22.1: The MAC-based VLAN Membership Configuration Parameter description: Delete :  To delete a MAC-based VLAN entry, check this box and press save. The entry will be deleted on the selected switch in the stack. MAC Address :  Indicates the MAC address.
Page 215 click on "Save". A MAC-based VLAN without any port members on any stack unit will be deleted when you click "Save". The button can be used to undo the addition of new MAC-based VLANs. Buttons:  Apply – Click to save changes. Reset- Click to undo any changes made locally and revert to previously saved values.
Page 216: 2-22.2 Protocol -Based Vlan
2-22.2 Protocol -based VLAN This section describe Protocol -based VLAN, The Switch support Protocol include Ethernet LLC SNAP Protocol, The Logical Link Control (LLC) data communication protocol layer is the upper sub-layer of the Data Link Layer (which is itself layer 2, just above the Physical Layer) in the seven-layer OSI reference model.
Page 217 Figure 2-22.2.1: The Protocol to Group Mapping Table Parameter description: Delete :  To delete a Protocol to Group Name map entry, check this box. The entry will be deleted on the switch during the next Save. Frame Type : ...
Page 218 2. For LLC: Valid value in this case is comprised of two different sub-values. a. DSAP: 1-byte long string (0x00-0xff) b. SSAP: 1-byte long string (0x00-0xff) 3. For SNAP: Valid value in this case also is comprised of two different sub-values.
Page 220 2-22.2.2 Group to VLAN This section allows you to map an already configured Group Name to a VLAN for the selected stack switch unit switch. Web Interface To Display Group Name to VLAN mapping table configured in the web interface: Click Group Name VLAN configuration and add new entry.
Page 221: 2-22.3 Ip Subnet-Based Vlan
VLAN ID :  Indicates the ID to which Group Name will be mapped. A valid VLAN ID ranges from 1-4095. Port Members :  A row of check boxes for each port is displayed for each Group Name to VLAN ID mapping.
Page 222 Click VCL, Group Name VLAN configuration and add new entry. Specify the VCE ID, IP Address, Mask Length, VLAN ID and select Port Members. Click Apply. Figure 2-22.3: IP Subnet-based VLAN Membership Configuration Parameter description: Delete  To delete a IP subnet-based VLAN entry, check this box and press save. The entry will be deleted on the selected switch in the stack.
Page 223 exclude the port from the IP subnet-based VLAN, make sure the box is unchecked. By default, no ports are members, and all boxes are unchecked. Adding a New IP subnet-based VLAN  Click “Add New Entry” to add a new IP subnet-based VLAN entry. An empty row is added to the table, and the IP subnet-based VLAN entry can be configured as needed.
Page 224: Voice Vlan
2-23 VOICE VLAN Voice VLAN is VLAN configured specially for voice traffic. By adding the ports with voice devices attached to voice VLAN, we can perform QoS-related configuration for voice data, ensuring the transmission priority of voice traffic and voice quality. 2-23.1 Configuration The Voice VLAN feature enables voice traffic forwarding on the Voice VLAN, then the switch can classify and schedule network traffic.
Page 226 Parameter description: Mode :  Indicates the Voice VLAN mode operation. We must disable MSTP feature before we enable Voice VLAN. It can avoid the conflict of ingress filtering. Possible modes are: Enabled: Enable Voice VLAN mode operation. Disabled: Disable Voice VLAN mode operation. VLAN ID : ...
Page 227: 2-23.2 Oui
Indicates the Voice VLAN port security mode. When the function is enabled, all non-telephonic MAC addresses in the Voice VLAN will be blocked for 10 seconds. Possible port modes are: Enabled: Enable Voice VLAN security mode operation. Disabled: Disable Voice VLAN security mode operation. Port Discovery Protocol : ...
Page 228 Figure 2-23.2: The Voice VLAN OUI Table Parameter description: Delete :  Check to delete the entry. It will be deleted during the next save. Telephony OUI :  A telephony OUI address is a globally unique identifier assigned to a vendor by IEEE. It must be 6 characters long and the input format is "xx-xx-xx"...
Page 229: Ethernet Services
2-24 Ethernet Services 2-24.1 Ports This page displays current EVC port configurations. The settings can also be configured here. Web Interface To configure Port Configuration in the web interface: Click configuration, Ethernet Services and ports. Specify DEI Mode, Tag Mode and Address Mode. Click Apply.
Page 230: 2-24.2 L2Cp
Fixed: The DEI value is determined by ECE rules. Tag Mode  The tag mode specifying whether the EVC classification must be based on the outer or inner tag. This can be used on NNI ports connected to another service provider, where an outer "tunnel"...
Page 231 Parameter description:. DMAC  destination BPDU addresses (01-80-C2-00-00-0X) GARP (01-80-C2-00-00-2X) MAC addresses for the settings contained in the same row. L2CP Mode  The L2CP mode for the specific port. The possible values are: Peer: Allow to peer L2CP frames. Forward: Allow to forward L2CP frames.Buttons: Buttons: ...
Page 232: 2-24.3 Bandwidth Profiles
values. 2-24.3 Bandwidth Profiles This page displays current EVC ingress bandwidth profile configurations. These policers may be used to limit the traffic received on UNI ports. The settings can also be configured here. Web Interface To configure Bandwidth Profiles in the web interface: Click configuration, Ethernet Services and Bandwidth Profiles.
Page 233 The number of entries per page. The allowed range is from 2 through 256. Policer ID  The Policer ID is used to identify one of the 256policers. State  The administrative state of the bandwidth profile. The allowed values are: Enabled: The bandwidth profile enabled.
Page 234: 2-24.4 Evcs
The Excess Burst Size for MEF type bandwidth profile. The allowed range is from 0 through 100000 bytes.. Buttons:  Refresh- Refreshes the displayed table starting from the input fields. |<<- Updates the table, starting with the first entry in the table. <<- Updates the table, ending at the entry before the first entry currently displayed.
Page 235 Parameter description:. EVC ID  The EVC ID identifies the EVC. The range is from 1through 256.  The VLAN ID in the PB network. It may be inserted in a C-tag, S-tag or S-custom tag...
Page 236 depending on the NNI port VLAN configuration. The range is from 1through 4095. IVID  Internal/classified VLAN network. range from 1 through 4095. Learning  The learning mode for the EVC controls whether source MAC addresses are learned for frames matching the EVC. Learning may be disabled if the EVC only includes two UNI/NNI ports.
Page 237: 2-24.5 Eces
Inner Tag PCP  The inner tag PCP value. The allowed range is from 0 through 7. Inner Tag DEI  The inner tag DEI value. The allowed value is 0 or 1. Outer Tag VID  The EVC outer tag VID for UNI ports. The allowed range is from 0 through 4095. NNI Ports ...
Page 238 Parameter description:.
Page 239 ECE ID  The ECE ID identifies the ECE. Unique ECE IDs are automatically assigned to ECEs added. The possible range is from 1 through 256 Ingress Matching UNI Ports  The list of User Network Interfaces for the ECE. Tag Type ...
Page 240 IPv4: The ECE will match IPv4 frames only. IPv6: The ECE will match IPv6 frames only. Actions Direction  The EVCs and ECEs are used to setup flows in one or both directions as determined by the ECE Direction parameter. If the ECE is bidirectional, the ingress rules of the NNI ports will be setup to match the traffic being forwarded to NNI ports.
Page 241: Qos
Preserved: The outer tag PCP and DEI are preserved. Disable: The outer tag PCP and DEI are fixed. Outer Tag PCP  The outer tag PCP value for the ECE. The possible range is from 0 through 7. Outer Tag DEI ...
Page 242: 2-25.1 Port Classification
classification looks for information up to Layer 4, including IPv4 and IPv6 DSCP, IPv4 TCP/UDP port numbers, and user priority of tagged frames. This QoS classification mechanism is implemented in a QoS control list (QCL). The QoS class assigned to a frame is used throughout the device for providing queuing, scheduling, and congestion control guarantees to the frame according to what was configured for that specific QoS class.
Page 243 Parameter description: Port :  The port number for which the configuration below applies. CoS :  Controls the default class of service. All frames are classified to a CoS. There is a one to one mapping between CoS, queue and priority. A CoS of 0 (zero) has the lowest priority. If the port is VLAN aware, the frame is tagged and Tag Class.
Page 244 PCP value in the tag. Otherwise the frame is classified to the default PCP value. DEI :  Controls the default DEI value. All frames are classified to a DEI value. If the port is VLAN aware and the frame is tagged, then the frame is classified to the DEI value in the tag.
Page 245: 2-25.2 Port Policing
2-25.2 Port Policing This section provides an overview of f QoS Ingress Port Policers for all switch ports The Port Policing is useful in constraining traffic flows and marking frames above specific rates. Policing is primarily useful for data flows and voice or video flows because voice and video usually maintains a steady rate of traffic Web Interface To display the QoS Port Schedulers in the web interface:...
Page 246: 2-25.3 Queue Policing
Enabled :  To evoke which Port you need to enable the QoS Ingress Port Policers function. Rate :  To set the Rate limit value for this port, the default is 500. Unit :  To scroll to select what unit of rate includes kbps, Mbps, fps and kfps. The default is kbps.
Page 247: 2-25.4 Port Scheduler
Parameter description: Port  The port number for which the configuration below applies. Enable (E)  Enable or disable the queue policer for this switch port. Rate  Controls the rate for the queue policer. This value is restricted to 100-3276700 when "Unit"...
Page 248 Web Interface To display the QoS Port Schedulers in the web interface: 1. Click Configuration, QoS, Port Schedulers 2. Display the QoS Egress Port Schedulers Figure 2-25.4: The QoS Egress Port Schedules Click the Port index to set the QoS Egress Port Schedulers If you select the scheduler mode with wighted then...
Page 249 Parameter description: Port :  The logical port for the settings contained in the same row. Click on the port number in order to configure the schedulers. Mode :  Shows the scheduling mode for this port. Weight (Qn) : ...
Page 250 Port Shaper Enable :  Controls whether the port shaper is enabled for this switch port. Port Shaper Rate :  Controls the rate for the port shaper. The default value is 500. This value is restricted to 100-1000000 when the "Unit" is "kbps", and it is restricted to 1-13200 when the "Unit"...
Page 251: 2-25.5 Port Shaping
2-25.5 Port Shaping This section provides an overview of QoS Egress Port Shapers for all switch ports. Others the user could get all detail information ot the ports belong to the currently selected stack unit, as reflected by the page header. Web Interface To display the QoS Port Shapers in the web interface: 1.
Page 252 Parameter description: Port :  The logical port for the settings contained in the same row. Click on the port number in order to configure the shapers. Mode :  Shows the scheduling mode for this port. Shapers (Qn) : ...
Page 253 Queue Shaper Unit :  Controls the unit of measure for the queue shaper rate as "kbps" or "Mbps". The default value is "kbps". Queue Shaper Excess :  Controls whether the queue is allowed to use excess bandwidth. Queue Scheduler Weight : ...
Page 254: 2-25.6 Port Tag Remarking
2-25.6 Port Tag Remarking The Section provides user to get an overview of QoS Egress Port Tag Remarking for all switch ports. Others the ports belong to the currently selected stack unit, as reflected by the page header. . Web Interface To display the QoS Port Tag Remarking in the web interface: 1.
Page 256 Parameter description: Mode :  Controls the tag remarking mode for this port. Classified: Use classified PCP/DEI values. Default: Use default PCP/DEI values. Mapped: Use mapped versions of QoS class and DP level. PCP/DEI Configuration :  Controls the default PCP and DEI values used when the mode is set to Default. (QoS class, DP level) to (PCP, DEI) Mapping : ...
Page 257: 2-25.7 Port Dscp
2-25.7 Port DSCP The section will teach user to set the QoS Port DSCP configuration that was allowed you to configure the basic QoS Port DSCP Configuration settings for all switch ports. Others the settings relate to the currently selected stack unit, as reflected by the page header.
Page 258 The Port coulmn shows the list of ports for which you can configure dscp ingress and egress settings. Ingress :  In Ingress settings you can change ingress translation and classification settings for individual ports. There are two configuration parameters available in Ingress: Translate : To Enable the Ingress Translation click the checkbox Classify: Classification for a port have 4 different values Disable: No Ingress DSCP Classification.
Page 259 Upper right icon (Refresh):  You can click them for refresh the QoS Port DSCP information by manual.
Page 260: 2-25.8 Dscp-Based Qos
2-25.8 DSCP-Based QoS The section will teach user to configure the DSCP-Based QoS mode that This page allows you to configure the basic QoS DSCP based QoS Ingress Classification settings for all switches. Web Interface To configure the DSCP –Based QoS Ingress Classification parameters in the web interface: 1.
Page 262 Parameter description: DSCP :  Maximum number of support ed DSCP values are 64. Trust :  Click to check if the DSCP value is trusted. QoS Class :  QoS Class value can be any of (0-7) DPL : ...
Page 263: 2-25.9 Dscp Translation
2-25.9 DSCP Translation The section describes the switch allows you to configure the basic QoS DSCP Translation settings for all switches. DSCP translation can be done in Ingress or Egress. Web Interface To configure the DSCP Translation parameters in the web interface: 1.
Page 264 Parameter description: DSCP :  Maximum number of supported DSCP values are 64 and valid DSCP value ranges from 0 to 63. Ingress :  Ingress side DSCP can be first translated to new DSCP before using the DSCP for QoS class and DPL map.
Page 265 Upper right icon (Refresh):  You can click them for refresh the DSCP Translation information by manual.
Page 266: 2-25.10 Dscp Classification
2-25.10 DSCP Classification The section describes to teach user to configure and allows you to map DSCP value to a QoS Class and DPL value. Others the settings relate to the currently selected stack unit, as reflected by the page header. Web Interface To configure the DSCP Classification parameters in the web interface: 1.
Page 267 followed parameters. DSCP :  Select DSCP value (0-63) from DSCP menu to map DSCP to corresponding QoS Class and DPL value Buttons:  Apply – Click to save changes. Reset- Click to undo any changes made locally and revert to previously saved values.
Page 268: 2-25.11 Qos Control List
2-25.11 QoS Control List The section shows the QoS Control List (QCL), which is made up of the QCEs. Each row describes a QCE that is defined. The maximum number of QCEs is 256 on each switch. Click on the lowest plus sign to add a new QCE to the list. Web Interface To configure the QoS Control List parameters in the web interface: 1.
Page 269 Parameter description: QCE# :  Indicates the index of QCE. Port :  Indicates the list of ports configured with the QCE. DMAC :  Indicates the destination MAC address. Possible values are: Any: Match any DMAC. Unicast: Match unicast DMAC. Multicast: Match multicast DMAC.
Page 270 Any: Match tagged and untagged frames. Untagged: Match untagged frames. Tagged: Match tagged frames. C-Tagged: Match C-tagged frames. S-Tagged: Match S-tagged frames. The default value is 'Any'. VID :  Indicates (VLAN ID), either a specific VID or range of VIDs. VID can be in the range 1-4095 or 'Any' PCP : ...
Page 271 DSCP: If a frame matches the QCE then DSCP will be classified with the value displayed under DSCP column. Modification Buttons :  You can modify each QCE (QoS Control Entry) in the table using the following buttons: : Inserts a new QCE before the current row. Edits the QCE.
Page 272 2. Ethernet 3. LLC 4. SNAP 5. IPv4 6. IPv6 NOTE: All frame types are explained below: 1. Any: Allow all types of frames. 2. Ethernet: Ethernet Type Valid Ethernet type can have value within 0x600-0xFFFF or 'Any', default value is 'Any'. 3.
Page 273 'Any' Source IP IPv6 source address: (a.b.c.d) or 'Any', 32 LS bits DSCP Diffserv Code Point value (DSCP): It can be specific value, range of value or 'Any'. DSCP values are in the range 0-63 including BE, CS1-CS7, EF or AF11-AF43 Sport Source TCP/UDP port:(0-65535) or 'Any', specific or port range applicable for IP protocol UDP/TCP Dport Destination TCP/UDP port:(0-65535) or 'Any', specific or...
Page 274: 2-25.12 Storm Control
2-25.12 Storm Control The section allows user to configure the Storm control for the switch. There is a unicast storm rate control, multicast storm rate control, and a broadcast storm rate control. These only affect flooded frames, i.e. frames with a (VLAN ID, DMAC) pair not present on the MAC Address table.
Page 275 Enable :  Enable or disable the storm control status for the given frame type. Rate :  The rate unit is packets per second (pps). Valid values are: 1, 2, 4, 8, 16, 32, 64, 128, 256, 512, 1K, 2K, 4K, 8K, 16K, 32K, 64K, 128K, 256K, 512K or 1024K. , 1024K, 2048K, 4096K, 8192K, 16384K or 32768K.
Page 276: Mirroring
2-26 Mirroring You can mirror traffic from any source port to a target port for real-time analysis. You can then attach a logic analyzer or RMON probe to the target port and study the traffic crossing the source port in a completely unobtrusive manner. Mirror Configuration is to monitor the traffic of the network.
Page 278: Mirror Port Configuration
Parameter description: Port to mirror on :  Port to mirror also known as the mirror port. Frames from ports that have either source (rx) or destination (tx) mirroring enabled are mirrored on this port. Disabled disables mirroring. Mirror Port Configuration The following table is used for Rx and Tx enabling.
Page 279 Reset- Click to undo any changes made locally and revert to previously saved values.
Page 280: Upnp
2-27 UPnP UPnP is an acronym for Universal Plug and Play. The goals of UPnP are to allow devices to connect seamlessly and to simplify the implementation of networks in the home (data sharing, communications, and entertainment) and in corporate environments for simplified installation of computer components Web Interface To configure the UPnP Configuration in the web interface:...
Page 281 When the mode is enabled, two ACEs are added automatically to trap UPNP related packets to CPU. The ACEs are automatically removed when the mode is disabled. . TTL :  The TTL value is used by UPnP to send SSDP advertisement messages. Valid values are in the range 1 to 255.
Page 282: Ptp
2-28 PTP This page allows the user to configure and inspect the current PTP clock settings. Web Interface To configure the PTP in the web interface: 1. Click Configuration, UPnP 2. Scroll to select the mode to enable or disable 3.
Page 283 The following values are possible: 1. Output : Enable the 1 pps clock output 2. Input : Enable the 1 pps clock input 3. Disable : Disable the 1 pps clock in/out-put External Enable  This Selection box will allow you to configure the External Clock output. The following values are possible: 1.
Page 284 Click on the Clock Instance number to edit the Clock details. ClkDom  Indicates the Clock domain used by the Instance of a particular Clock Instance [0..3]. More instances may use the same clock domain, e.g. a Boundary clock and a Transparent clock.
Page 285: Gvrp
EthernetMixed PTP using a combination of Ethernet multicast and unicast IPv4Multi PTP over IPv4 multicast IPv4Mixed PTP using a combination of IPv4 multicast and unicast IPv4Uni PTP over IPv4 unicast Note : IPv4 unicast protocol only works in Master only and Slave only clocks See parameter Device Type In a unicast Slave only clock you also need configure which master clocks to request Announce and Sync messages from.
Page 286: 2-29.1 Global Config
attributes are propagated to devices in the bridged LAN, and these devices form a ¡ °reachability¡ ± tree that is a subset of an active topology. GARP defines the architecture, rules of operation, state machines and variables for the registration and de-registration of attribute values.
Page 287 Enable GVRP globally The GVRP feature is enabled by setting the check mark in the checkbox named Enable GVRP. GVRP protocol timers Join-time is a value in the range 1-20 in the units of centi seconds, i.e. in units of one hundredth of a second.
Page 288: 2-29.2 Port Config
2-29.2 Port Config This page allows you to configure the basic GVRP Configuration settings for all switch ports. The settings relate to the currently selected unit, as reflected by the page header. Web Interface To configure the sFlow Agent in the web interface: 1.
Page 289: Sflow
2-30. sFlow The sFlow Collector configuration for the can be monitored and modified here. switch The configuration is divided into two parts: Configuration of the sFlow receiver (a.k.a. sFlow collector) and configuration of per-port flow and counter samplers. sFlow configuration is not persisted to non-volatile memory, which means that a reboot or master change will disable sFlow sampling.
Page 290: Agent Configuration
Parameter description: Agent Configuration IP Address  The IP address used as Agent IP address in sFlow datagrams. It serves as a unique key that will identify this agent over extended periods of time. Both IPv4 and IPv6 addresses are supported. Receiver Configuration Owner ...
Page 291 button is disabled if sFlow is currently unclaimed. If configured through SNMP, the release must be confirmed (a confirmation request will appear). IP Address/Hostname  The IP address or hostname of the sFlow receiver. Both IPv4 and IPv6 addresses are supported.
Page 292: Udld
sFlow datagram. Valid range is 14 to 200 bytes with default being 128 bytes. If the maximum datagram size does not take into account the maximum header size, samples may be dropped. Counter Poller Enabled  Enables/disables counter polling on this port. Counter Poller Interval ...
Page 293 Parameter description: Port  Port number of the switch. UDLD Mode  Configures the UDLD mode port. Valid values are Disable, Normal and Aggressive. Default mode is Disable. Disable In disabled mode, UDLD functionality doesn't exists on port. Normal In normal mode, if the link state of the port was determined to be unidirectional, it will not affect the port state.
Page 294: Rapid Ring
Apply – Click to save changes. Reset- Click to undo any changes made locally and revert to previously saved values. 2-32 Rapid Ring This page allows the user to inspect the current Rapid Ring Configuration, and possibly change them as well Web Interface To configure the Rapid Ring in the web interface: 1.
Page 295: Switch2Go
Port  The switch port number of the port. Status  The current Rapid Ring status of the port.Buttons: Apply – Click to save changes. Reset- Click to undo any changes made locally and revert to previously saved values. 2-33 Switch2go 2-33.1 Switch2go setting Configure Switch2go management and link setting.
Page 296 Parameter description: Management mode :  Indicates the Management mode operation. When the mode operation is enabled, the message will send out to (or get from) the server. The protocol is based on TCP communication received port server will send acknowledgments/information back sender since TCP is a connection-oriented protocol.
Page 297: 2-33.2 Ipush Options
When the Link Option in Manual, you should Setting External Port and Your IGN/NAT's Port Forward function by Manual. When Link function working success, Mobile(s) can access this NAT by Internet. Possible modes are: Automatic: Link Option in Automatic. Manual: Link Option in Manual. Link State : ...
Page 298 Click Apply. Figure 2-33.2: The iPush Options Parameter description: Port :  This is the logical port number for this row. Port Name  Enter up to 47 characters to be descriptive name for identifies this port. Role  Selects any available role for the given switch port. Possible role are: ...
Page 299: Smtp
2-34 SMTP The function, is used to set a Alarm trap when the switch alarm then you could set the SMTP server to send you the alarm mail. Web Interface To configure the SMTP Configuration in the web interface: 1. Click Configuration, SMTP Configuration 2.
Page 300 These parameters are displayed on the SMTP Configuration page: Mail Server :  Specify the IP Address of the server transferring your email. Username :  Specify the username on the mail server. Password :  Specify the password on the mail server. Severity Level : ...
Page 301: Chapter 3. Monitor
Monitor Chapter 3. This chapter describes all of the basic network statistics which includes the Ports, Layer 2 network protocol (e.g. NAS, ACL, DHCP, AAA and RMON etc.) and any setting of the Switch. 3-1 System After you login, the switch shows you the system information. This page is default and tells you the basic information of the system, including “Model Name”, “System Description”, “Contact”, “Location”, “System Up Time”, “Firmware Version”, “Host Mac Address”, “Device Port”.
Page 302 Figure 3-1.1: System Information Parameter description: Model Name  Displays the factory defined model name for identification purpose. System Description  Displays the system description. Location  The system location configured in Configuration | System | Information | System Location. Contact ...
Page 303 Timing server running on the switch, if any. System Uptime  The period of time the device has been operational.  Bootloader Version Displays the current boot loader version number.  Firmware Version The software version of this switch.  Hardware-Mechanical Version The hardware and mechanical version of this switch.
Page 304: 3-1.2 Ip Status
3-1.2 IP Status This page displays the status of the IP protocol layer. The status is defined by the IP interfaces, the IP routes and the neighbour cache (ARP cache) status. Web Interface To display the log configuration in the web interface: 1.
Page 305 Parameter description: IP Interfaces Interface  Show the name of the interface. Type  Show the address type of the entry. This may be LINK or IPv4. Address  Show the current address of the interface (of the given type). Status ...
Page 306 Buttons  Auto-refresh: Check this box to refresh the page automatically. Automatic refresh occurs every seconds. Refresh: Click to refresh the page immediately.
Page 307: 3-1.3 Log
3-1.3 Log This section describes that display the system log information of the switch Web Interface To display the log configuration in the web interface: 1. Click Monitor, System and Log. 2. Display the log information. Figure 3-1.3: The System Log Information Parameter description:...
Page 308 Auto-refresh  To evoke the auto-refresh icon then the device will refresh the log automatically. Level  level of the system log entry. The following level types are supported: Information level of the system log. Warning: Warning level of the system log. Error: Error level of the system log.
Page 309: 3-1.4 Detailed Log
3-1.4 Detailed Log This section describes that display the detailed log information of the switch Web Interface To display the detailed log configuration in the web interface: 1. Click Monitor, System and Detailed Log. 2. Display the log information. Figure 3-1.4: The Detailed System Log Information Parameter description: ...
Page 310 Refresh: Updates the system log entries, starting from the current entry ID. |<<: Updates the system log entries to the first available entry ID << : Updates the system log entry to the previous available entry ID >> : Updates the system log entry to the next available entry ID >>|: Updates the system log entry to the last available entry ID.
Page 311: Green Ethernet
3-2 Green Ethernet 3-2.1 Port Power Savings This page provides the current status for EEE. Web Interface To display the power Saving in the web interface: 1. Click Monitor, Port Power Savings. Figure 3-2.1: The Ports States Parameter description: Local Port ...
Page 312: Ports
Shows if the link partner is EEE capable. EEE Savings  Shows if the system is currently saving power due to EEE. When EEE is enabled, the system will powered down if no frame has been received or transmitted in 5 uSec. Actiphy Savings ...
Page 313 Parameter description: Port :  The logical port for the settings contained in the same row. Packets :  The number of received and transmitted packets per port. Bytes :  The number of received and transmitted bytes per port. Errors ...
Page 314 occurs every 3 seconds. Refresh: Click to refresh the page. Clear: Clears the counters for all ports.
Page 315: 3-3.2 Qos Statistics
3-3.2 Qos Statistics The section describes that switch could display the QoS detailed Queuing counters for a specific switch port. for the different queues for all switch ports. Web Interface To Display the Queuing Counters in the web interface: 1. Click Monitor, Ports, then QoS Statistics 2.
Page 316 Rx/Tx :  The number of received and transmitted packets per queue. Buttons  Auto-refresh: Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. Refresh: Click to refresh the page. Clear: Clears the counters for all ports.
Page 317: 3-3.3 Qcl Status
3-3.3 QCL Status The section will let you know how to configure and shows the QCL status by different QCL users. Each row describes the QCE that is defined. It is a conflict if a specific QCE is not applied to the hardware due to hardware limitations. The maximum number of QCEs is 256 on each switch.
Page 318 Any: The QCE will match all frame type. Ethernet: Only Ethernet frames (with Ether Type 0x600-0xFFFF) are allowed. LLC: Only (LLC) frames are allowed LLC: Only (SNAP) frames are allowed. IPv4: The QCE will match only IPV4 frames. IPv6: The QCE will match only IPV6 frames. Port : ...
Page 319 Refresh: Click to refresh the page.
Page 320: 3-3.4 Detailed Statistics
3-3.4 Detailed Statistics The section describes how to provide detailed traffic statistics for a specific switch port. Use the port select box to select which switch port details to display. The displayed counters are the totals for receive and transmit, the size counters for receive and transmit, and the error counters for receive and transmit.
Page 321 Parameter description: Auto-refresh:  To evoke the auto-refresh to refresh the Port Statistics information automatically.
Page 322 Upper left scroll bar:  To scroll which port to display the Port statistics with “Port-0”, “Port-1... Receive Total and Transmit Total Rx and Tx Packets :  The number of received and transmitted (good and bad) packets. Rx and Tx Octets : ...
Page 323 Rx Undersize :  The number of short 1 frames received with valid CRC. Rx Oversize :  The number of long 2 frames received with valid CRC. Rx Fragments :  The number of short 1 frames received with invalid CRC. Rx Jabber : ...
Page 324: 3-3.5 Sfp Information
occurs every 3 seconds. Clear: Clears the counters for the selected port. Refresh: Click to refresh the page. 3-3.5 SFP Information This page displays general SFP information and monitoring information. Web Interface To Display the SFP information in the web interface: 1.
Page 325 Displays the nominal bit rate of the transceiver. Temperature  Displays the internally measured transceiver temperature. Temperature accuracy is vendor specific but must be better than 3 degrees Celsius over specified operating temperature and voltage.  Displays the internally measured transceiver supply voltage. Accuracy is vendor specific but must be better than 3 percent of the manufacturer's nominal value over specified operating temperature and voltage.
Page 326 Auto-refresh: Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. Clear: Clears the counters for the selected port. Refresh: Click to refresh the page.
Page 327: 3-3.6 Sfp Detail Info
3-3.6 SFP Detail Info This page displays general SFP information and monitoring information. Web Interface To configure the SFP Detail Info in the web interface: 1. Click Monitor, Port and SFP Detail Info. 2. To display the SFP Information. Figure 3-3.6: The SFP Detail Info Parameter description: Connector Type ...
Page 328 Displays the nominal bit rate of the transceiver. Vendor OUI  Displays the vendor IEEE company ID. Vendor Name  Displays the vendor name. Vendor P/N  Displays the vendor part number or product name. Vendor Revision  Displays the vendor¡ ¦ s product revision. Vendor Serial Number ...
Page 329: Link Oam
Displays the measured coupled TX output power in mW. Accuracy is vendor specific but must be better than 3dB over specified operating temperature and voltage. Data is assumed to be based on measurement of a laser monitor photodiode current. Data is not valid when the transmitter is disabled. Mon3 (RX PWR) ...
Page 330 Web Interface To configure the Statistics in the web interface: 1. Click Monitor, Link OAM and Statistics. 2. To display the Statistics. Figure 3-4.1: The Statistics Parameter description: Receive Total and Transmit Total Rx and Tx OAM Information PDU's  The number of received and transmitted OAM Information PDU's.
Page 331 Rx and Tx Duplicate Error Event Notification  A count of the number of duplicate Event OAMPDUs received and transmitted on this interface. Event Notification OAMPDUs may be sent in duplicate to increase the probability of successfully being received, given the possibility that a frame may be lost in transit.
Page 332: 3-4.2 Port Status
interface. Buttons  Auto-refresh: Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. Clear: Clears the counters for the selected port. Refresh: Click to refresh the page. 3-4.2 Port Status This page provides Link OAM configuration operational status. The displayed fields shows the active configuration status for the selected port.
Page 333 Parameter description: Local and Peer Mode  The Mode in which the Link OAM is operating, Active or Passive. Unidirectional Operation Support  This feature is not available to be configured by the user. The status of this configuration is retrieved from the PHY. Remote Loopback Support ...
Page 334: 3-4.3 Event Status
sublayer. Incase of discarding, the device discards all the non-OAMPDU's. Parser State  When in forwarding state, Device is forwarding non-OAMPDUs to higher sublayer. When in loopback, Device is looping back non-OAMPDUs to the lower sublayer. When in discarding state, Device is discarding non-OAMPDUs. Organizational Unique Identification ...
Page 335 1. Click Monitor, Link OAM and Event Status. 2. To display the Event Status. Figure 3-4.1: The Event Status Parameter description: Port  The switch port number. Sequence Number  This two-octet field indicates the total number of events occurred at the remote end.
Page 336 This four-octet field indicates the number of detected errored frames in the period is required to be equal to or greater than in order for the event to be generated. 1) The default value is one frame error. 2) The lower bound is zero frame errors. 3) The upper bound is unspecified.
Page 337: Dhcp
Symbol frame period error events  This four-octet field indicates the number of Errored Symbol Period Event TLVs that have been generated since the OAM sublayer was reset. Event Seconds Summary Time Stamp  This two-octet field indicates the time reference when the event was generated, in terms of 100 ms intervals, encoded as a 16-bit unsigned integer.
Page 338 3-5.1.1 Statistics This page displays the database counters and the number of DHCP messages sent and received by DHCP server. Web Interface Display the DHCP server Statistics Overview in the web interface: Click Protocol -based VLAN configuration and add new entry. Figure 3-5.1.1: The Protocol to Group Mapping Table Parameter description: Database Counters...
Page 339 Number of excluded IP address ranges. Declined IP Address :  Number of sec lined IP addresses. Database Counters Automatic Binding :  Number of bindings with network-type pools. Manual Binding :  Number of bindings that administrator assigns an IP address to a client. That is, the pool is of host type.
Page 340 ACK :  Number of DHCP ACK messages sent. NAK :  Number of DHCP NAK messages sent. 3-5.1.2 Binding This page displays bindings generated for DHCP clients. Web Interface To Display DHCP Server Binding IP in the web interface: Click DHCP, Server and Binding.
Page 341 The pool that generates the binding. Server ID :  Server IP address to service the binding. 3-5.1.3 Declined IP This page displays declined IP addresses. Web Interface To Display DHCP Server Declined IP in the web interface: Click DHCP, Server and Declined IP. Figure 3-5.1.3: The Declined IP Parameter description: IP :...
Page 342 Server ID :  Server IP address to service the binding.
Page 343: 3-5.2 Snooping Table
3-5.2 Snooping Table This page display the dynamic IP assigned information after DHCP Snooping mode is disabled. All DHCP clients obtained the dynamic IP address from the DHCP server will be listed in this table except for local VLAN interface IP addresses. Entries in the Dynamic DHCP snooping Table are shown on this page.
Page 344 User IP subnet mask of the entry. DHCP Server Address :  DHCP Server address of the entry.
Page 345: 3-5.3 Relay Statistics
3-5.3 Relay Statistics This page provides statistics for DHCP relay. Web Interface To monitor a DHCP Relay statistics in the web interface: 4. Click Monitor, DHCP, Relay Statistics Checked “Auto-refresh”. Click “Refresh” to refresh the port detailed statistics or clear all information when you click “Clear”.
Page 346 Receive from Server :  The number of packets received from server. Receive Missing Agent Option:  The number of packets received without agent information options. Receive Missing Circuit ID :  The number of packets received with the Circuit ID option missing. Receive Missing Remote ID : ...
Page 347 The number of packets that were dropped which were received with relay agent information.
Page 348: 3-5.4 Detailed Statistics
3-5.4 Detailed Statistics This page provides statistics for DHCP snooping. Notice that the normal forward per-port TX statistics isn't increased if the incoming DHCP packet is done by L3 forwarding mechanism. And clear the statistics on specific port may not take effect on global statistics since it gathers the different layer overview.
Page 349 Parameter description: Server Statistics Rx and Tx Discover :  The number of discover (option 53 with value 1) packets received and transmitted. Rx and Tx Offer :  The number of offer (option 53 with value 2) packets received and transmitted. Rx and Tx Request : ...
Page 350 The number of lease active (option 53 with value 13) packets received and transmitted. Rx Discarded checksum error:  The number of discard packet that IP/UDP checksum is error. Rx Discarded from Untrusted:  The number of discarded packet that are coming from untrusted port.
Page 351: Security
3-6 Security 3-6.1 Access Management Statistics This page provides statistics for access management. Web Interface To configure an Assess Management Statistics in the web interface: 1. Click , Access Management Statistics. Security Checked “Auto-refresh”. 3. Click “Refresh” to refresh the port detailed statistics or clear all information when you click “Clear”.
Page 352: 3-6.2 Network
Allowed Packets :  Number of allowed packets from the interface when access management mode is enabled Discarded Packets. :  Number of discarded packets from the interface when access management mode is enabled. Buttons  Auto-refresh: Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds.
Page 353 1. Click Security, Network, Port Security, then Switch Checked “Auto-refresh”. 3. Click “Refresh” to refresh the port detailed statistics. Figure 3-6.2.1.1: The Port Security Switch Status Parameter description: User Module Legend The legend shows all user modules that may request Port Security services. User Module Name ...
Page 354 are: Port  The port number for which the status applies. Click the port number to see the status for this particular port. Users  Each of the user modules has a column that shows whether that module has enabled Port Security or not. A '-' means that the corresponding user module is not enabled, whereas a letter indicates that the user module abbreviated by that letter (see Abbr) has enabled port security.
Page 355 3-6.2.1.2 Port This section shows the MAC addresses secured by the Port Security module. Port Security is a module with no direct configuration. Configuration comes indirectly from other modules - the user modules. When a user module has enabled port security on a port, the port is set-up for software-based learning.
Page 356 MAC Address & VLAN ID :  The MAC address and VLAN ID that is seen on this port. If no MAC addresses are learned, a single row stating "No MAC addresses attached" is displayed. State :  Indicates whether the corresponding MAC address is blocked or forwarding. In the blocked state, it will not be allowed to transmit or receive traffic.
Page 357 3-6.2.2 NAS 3-6.2.2.1 Switch The section describes to show the each port NAS status information of the switch. The status includes Admin State Port State, Last Source, Last ID, QoS Class, and Port VLAN Web Interface To configure a NAS Switch Status Configuration in the web interface: Click Security, Network, NAS, and then Port.
Page 358 of possible values. Port State :  The current state of the port. Refer to NAS Port State for a description of the individual states. Last Source :  The source MAC address carried in the most recently received EAPOL frame for EAPOL-based authentication, and the most recently received frame from a new client for MAC-based authentication.
Page 359 3-6.2.2.2 Port The section describes to provide detailed NAS statistics for a specific switch port running EAPOL-based IEEE 802.1X authentication. For MAC-based ports, it shows selected backend server (RADIUS Authentication Server) statistics, only. Web Interface To configure a NAS Port Status Configuration in the web interface: 1.
Page 360: Port Counters
QoS Class :  The QoS class assigned by the RADIUS server. The field is blank if no QoS class is assigned. Port VLAN ID :  The VLAN ID that NAS has put the port in. The field is blank, if the Port VLAN ID is not overridden by NAS.
Page 361 information is available for the following administrative states: • Port-based 802.1X • Single 802.1X • Multi 802.1X • MAC-based Auth. Selected Counters Selected Counters :  The Selected Counters table is visible when the port is in one of the following administrative states: •...
Page 362 through the Port Security module. State :  The client can either be authenticated or unauthenticated. In the authenticated state, it is allowed to forward frames on the port, and in the unauthenticated state, it is blocked. As long as the backend server hasn't successfully authenticated the client, it is unauthenticated.
Page 363 Click to clear only the currently selected client's counters.
Page 364 3-6.2.3 ACL Status The section describes how to shows the ACL status by different ACL users. Each row describes the ACE that is defined. It is a conflict if a specific ACE is not applied to the hardware due to hardware limitations. The maximum number of ACEs is 512 on each switch.
Page 365 All: The ACE will match any ingress port. Port: The ACE will match a specific ingress port. Frame Type :  Indicates the frame type of the ACE. Possible values are: Any: The ACE will match any frame type. EType: The ACE will match Ethernet Type frames. Note that an Ethernet Type based ACE will not get matched by IP and ARP frames.
Page 366 CPU :  Forward packet that matched the specific ACE to CPU. CPU Once :  Forward first packet that matched the specific ACE to CPU. Counter :  The counter indicates the number of times the ACE was hit by a frame. Conflict : ...
Page 367 3-6.2.4 ARP Inspection The section describes to configure the Dynamic ARP Inspection Table parameters of the switch. The Dynamic ARP Inspection Table contains up to 1024 entries, and is sorted first by port, then by VLAN ID, then by MAC address, and then by IP address. Web Interface To configure a Dynamic ARP Inspection Table Configuration in the web interface: 1.
Page 368 match. In addition, the two input fields will - upon a button click - assume the value of the first displayed entry, allowing for continuous refresh with the same start address. The will use the last entry of the currently displayed table as a basis for the next lookup. When the end is reached the text "No more entries"...
Page 369 To configure a Dynamic IP Source Guard Table Configuration in the web interface: 1. Click Security, Network, IP Source Guard. Checked “Auto-refresh”. 3. Click “Refresh” to refresh the port detailed statistics. 4. Specify the Start from port, VLAN ID, IP Address, and entries per page. Figure 3-6.2.5: The Dynamic IP Source Table Parameter description: Port :...
Page 370 occurs every 3 seconds. Refresh: Click to refresh the page. |<<: Updates the system log entries to the first available entry ID. >> : Updates the system log entry to the next available entry ID.
Page 371: 3-6.3 Aaa
3-6.3 AAA 3-6.3.1 RADIUS Overview This section shows you an overview of the RADIUS Authentication and Accounting servers’ status to ensure the function is workable. Web Interface To configure a RADIUS Overview Configuration in the web interface: Click Security, AAA, RADIUS Overview. Checked “Auto-refresh”.
Page 372 State :  The current state of the server. This field takes one of the following values: Disabled: The server is disabled. Not Ready: The server is enabled, but IP communication is not yet up and running. Ready: The server is enabled, IP communication is up and running, and the RADIUS module is ready to accept access attempts.
Page 373 before this occurs is displayed in parentheses. This state is only reachable when more than one server is enabled.
Page 374 3-6.3.2 RADIUS Details This section shows you a detailed statistics for a particular RADIUS server. Web Interface To configure a RADIUS Details Configuration in the web interface: Specify Port which want to check. Click Security, AAA, RADIUS Overview. Checked “Auto-refresh”. Click “Refresh”...
Page 375 Parameter description: RADIUS Authentication Statistics The statistics map closely to those specified in RFC4668 - RADIUS Authentication Client MIB. Use the server select box to switch between the backend servers to show details for. Packet Counters RADIUS authentication server packet counter. There are seven receive and four transmit counters.
Page 376 Message Authenticator attributes or unknown types are not included as malformed access responses. The number of RADIUS Access-Response radiusAuthClientExtBadAuth packets containing invalid authenticators or Authenticato enticators Message Authenticator attributes received from the server. The number of RADIUS packets that were Unknown radiusAuthClientExtUnknow received with unknown types from the...
Page 377 This section contains information about the state of the server and the latest round-trip time. Name RFC4668 Name Description IP address and UDP port for the authentication server in IP Address - question. Shows the state of the server. It takes one of the following values: Disabled: The selected server is disabled.
Page 378 The number of malformed RADIUS packets received from the server. Malformed packets include packets Malformed radiusAccClientExtMalformed with an invalid length. Bad Responses Responses authenticators or unknown types are not included as malformed access responses. The number of RADIUS packets radiusAcctClientExtBadAuthen containing invalid authenticators Authenticators ticators...
Page 379 send to a different server is counted as a Request as well as a timeout. Other Info This section contains information about the state of the server and the latest round-trip time. Name RFC4670 Name Description IP address and UDP port for the accounting IP Address - server in question.
Page 380 Auto-refresh –Check this box to enable an automatic refresh of the page at regular intervals. Refresh - Click to refresh the page immediately. Clear - Clears the counters for the selected server. The "Pending Requests" counter will not be cleared by this operation.
Page 381: 3-6.4 Switch
3-6.4 Switch 3-6.4.1 RMON 3-6.4.1.1 Statistics This section provides an overview of RMON Statistics entries. Each page shows up to 99 entries from the Statistics table, default being 20, selected through the "entries per page" input field. When first visited, the web page will show the first 20 entries from the beginning of the Statistics table.
Page 382 Parameter description:  Indicates the index of Statistics entry. Data Source(if Index)  The port ID which wants to be monitored. Drop  The total number of events in which packets were dropped by the probe due to lack of resources. Octets ...
Page 383 Over-size  The total number of packets received that were longer than 1518 octets. Frag.  The number of frames which size is less than 64 octets received with invalid CRC. Jabb.  The number of frames which size is larger than 64 octets received with invalid CRC. Coll.
Page 384 Auto-refresh: Check this box to refresh the page automatically. Automatic refresh occurs every seconds. Refresh: Click to refresh the page immediately. |<< : Updates the table starting from the first entry in the Statistics table, i.e. the entry with the lowest ID. >>...
Page 385 3-6.4.1.2 History This section provides an overview of RMON History entries. Each page shows up to 99 entries from the History table, default being 20, selected through the "entries per page" input field. When first visited, the web page will show the first 20 entries from the beginning of the History table.
Page 386 Parameter description: History Index  Indicates the index of History control entry. Sample Index  Indicates the index of the data entry associated with the control entry. Sample Start  The value of sysUpTime at the start of the interval over which this sample was measured.
Page 387 The total number of packets received that were less than 64 octets. Oversize  The total number of packets received that were longer than 1518 octets. Frag.  The number of frames which size is less than 64 octets received with invalid CRC. Jabb.
Page 388 3-6.4.1.3 Alarm This page provides an overview of RMON Alarm entries. Each page shows up to 99 entries from the Alarm table, default being 20, selected through the "entries per page" input field. When first visited, the web page will show the first 20 entries from the beginning of the Alarm table.
Page 389 Parameter description:  Indicates the index of Alarm control entry. Interval  Indicates the interval in seconds for sampling and comparing the rising and falling threshold. Variable  Indicates the particular variable to be sampled Sample Type  The method of sampling the selected variable and calculating the value to be compared against the thresholds.
Page 390 every 3 seconds. Refresh: Click to refresh the page immediately. |<<: Updates the table starting from the first entry in the Alarm Table, i.e. the entry with the lowest ID. >> : Updates the table, starting with the entry after the last entry currently displayed.
Page 391 3-6.4.1.4 Event This page provides an overview of RMON Event table entries. Each page shows up to 99 entries from the Event table, default being 20, selected through the "entries per page" input field. When first visited, the web page will show the first 20 entries from the beginning of the Event table.
Page 392 Indicates the index of the event entry. Log Index  Indicates the index of the log entry. LogTIme  Indicates Event log time LogDescription  Indicates the Event description. Buttons  Auto-refresh: Check this box to refresh the page automatically. Automatic refresh occurs every seconds.
Page 393: Aggregation
3-7 Aggregation 3-7.1 Status This page is used to see the status of ports in Aggregation group Web Interface To display the status of ports in the web interface: Click Monitor, Aggregation, Status Checked “Auto-refresh”. Click “Refresh” to refresh the port detailed statistics. Figure 3-7.1 The LACP System Status Parameter description: Aggr ID :...
Page 394: 3-7.2 Lacp
Configured ports  Configured member ports of the Aggregation group. Aggregated ports  Aggregated member ports of the Aggregation group Buttons  Auto-refresh: Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. Refresh: Click to refresh the page. 3-7.2 LACP 3-7.2.1.1 System Status This page provides a status overview for all LACP instances...
Page 395 Parameter description: Aggr ID  The Aggregation ID associated with this aggregation instance. For LLAG the id is shown as 'isid:aggr-id' and for GLAGs as 'aggr-id' Partner System ID  The system ID (MAC address) of the aggregation partner. Partner Key ...
Page 396 Figure 3-7.2.1.1: The System Status Parameter description: Port  The switch port number. LACP  'Yes' means that LACP is enabled and the port link is up. 'No' means that LACP is not enabled or that the port link is down. 'Backup' means that the port could not join the aggregation group but will join if other port leaves.
Page 397 This page provides an overview for LACP statistics for all ports. Web Interface To display the LACP Port Statistics in the web interface: 4. Click Monitor, LACP, Port Statistics 5. If you want to auto-refresh the information then you need to evoke the “Auto refresh”.
Page 398 Auto-refresh: Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. Clear: Clears the counters for the selected port. Refresh: Click to refresh the page.
Page 399: Loop Protection
3-8 Loop Protection This section displays the loop protection port status the ports of the currently selected switch. Web Interface To display the Loop Protection status in the web interface: 1. Click Monitor, Loop Protection 2. If you want to auto-refresh the information then you need to evoke the “Auto refresh”.
Page 400 Status  The current loop protection status of the port. Loop  Whether a loop is currently detected on the port. Time of Last Loop  The time of the last loop event detected. Buttons  Refresh: Click to refresh the page immediately. Auto-refresh: Check this box to enable an automatic refresh of the page at regular intervals.
Page 401: Spanning Tree
3-9 Spanning Tree 3-9.1 Bridge Status After you complete the MSTI Port configuration then you could to ask the switch display the Bridge Status. The Section provides a status overview of all bridge instances. The displayed table contains a row for each STP bridge instance, where the column displays the following information: Web Interface To display the STP Bridges status in the web interface:...
Page 402 The Bridge ID of the currently elected root bridge. Root Port :  The switch port currently assigned the root port role. Root Cost :  Root Path Cost. For the Root Bridge it is zero. For all other Bridges, it is the sum of the Port Path Costs on the least cost path to the Root Bridge.
Page 403: 3-9.2 Port Status
3-9.2 Port Status After you complete the STP configuration then you could to ask the switch display the STP Port Status. The Section provides you to ask switch to display the STP CIST port status for physical ports of the currently selected switch. Web Interface To display the STP Port status in the web interface: 1.
Page 404 CIST State :  The current STP port state of the CIST port. The port state can be one of the following values: Blocking Learning Forwarding. Uptime  The time since the bridge port was last initialized. Buttons  Auto-refresh: Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds.
Page 405: 3-9.3 Port Statistics
3-9.3 Port Statistics After you complete the STP configuration then you could to let the switch display the STP Statistics. The Section provides you to ask switch to display the STP Statistics detail counters of bridge ports in the currently selected switch. Web Interface To display the STP Port status in the web interface: 1.
Page 406 TCN :  The number of (legacy) Topology Change Notification BPDU's received/transmitted on the port. Discarded Unknown :  The number of unknown Spanning Tree BPDU's received (and discarded) on the port. Discarded Illegal :  The number of illegal Spanning Tree BPDU's received (and discarded) on the port. Buttons ...
Page 407: Mvr
3-10 MVR 3-10.1 Statistics The section describes the switch will display the MVR detail Statistics after you had configured MVR on the switch. It provides the detail MVR Statistics Information Web Interface To display the MVR Statistics Information in the web interface: 1.
Page 408 IGMPv2/MLDv1 Report's Received  The number of Received IGMPv2 Join's and MLDv1 Report's, respectively. IGMPv3/MLDv2 Report's Received  The number of Received IGMPv1 Join's and MLDv2 Report's, respectively. IGMPv2/MLDv1 Leave's Received  The number of Received IGMPv2 Leave's and MLDv1 Done's, respectively. Buttons ...
Page 409: 3-10.2 Mvr Channels Groups
3-10.2 MVR Channels Groups The section describes user could display the MVR Groups detail information on the switch. Entries in the MVR Group Table are shown on this page. The MVR Group Table is sorted first by VLAN ID, and then by group Web Interface To display the MVR Groups Information in the web interface: 1.
Page 410 The "Start from VLAN", and "Group Address" input fields allow the user to select the starting point in the MVR Channels (Groups) Information Table. Clicking the button will update the displayed table starting from that or the closest next MVR Channels (Groups) Information Table match.
Page 411: 3-10.3 Mvr Sfm Information
3-10.3 MVR SFM Information The MVR SFM (Source-Filtered Multicast) Information Table also contains the SSM (Source-Specific Multicast) information. This table is sorted first by VLAN ID, then by group, and then by Port. Different source addresses belong to the same group are treated as single entry.
Page 412 displayed table starting from that or the closest next MVR SFM Information Table match. In addition, the two input fields will - upon a button click - assume the value of the first displayed entry, allowing for continuous refresh with the same start address. The will use the last entry of the currently displayed table as a basis for the next lookup.
Page 413 Auto-refresh: Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. Refresh: Click to refresh the page. |<<: Updates the system log entries to the first available entry ID >> : Updates the system log entry to the next available entry ID...
Page 414: Ipmc
3-11 IPMC 3-11.1 IGMP Snooping 3-11.1.1 Status After you complete the IGMP Snooping configuration, then you could to let the switch display the IGMP Snooping Status. The Section provides you to let switch to display the IGMP Snooping detail status. Web Interface To display the IGMP Snooping status in the web interface: 1.
Page 415 Parameter description: VLAN ID :  The VLAN ID of the entry. Querier Version :  Working Querier Version currently. Host Version :  Working Host Version currently. Querier Status :  Shows the Querier status is "ACTIVE" or "IDLE". "DISABLE"...
Page 416 Router Port  Display which ports act as router ports. A router port is a port on the Ethernet switch that leads towards the Layer 3 multicast device or IGMP querier. Static denotes the specific port is configured to be a router port. Dynamic denotes the specific port is learnt to be a router port.
Page 417 3-11.1.2 Group Information After you complete to set the IGMP Snooping function then you could let the switch to display the IGMP Snooping Group Information. Entries in the IGMP Group Table are shown on this page. The IGMP Group Table is sorted first by VLAN ID, and then by group.
Page 418 The "Start from ", and "group" input fields allow the user to select the starting VLAN point in the IGMP Group Table. Clicking the button will update the displayed table starting from that or the closest next IGMP Group Table match. In addition, the two input fields will - upon a button click - assume the value of the first displayed entry, allowing for continuous refresh with the same start address.
Page 419 3-11.1.3 IPv4 SFM Information Entries in the IGMP SFM Information Table are shown on this page. The IGMP SFM (Source-Filtered Multicast) Information Table also contains the SSM (Source-Specific Multicast) information. This table is sorted first by VLAN ID, then by group, and then by Port.
Page 420 The "Start from ", and "group" input fields allow the user to select the starting VLAN point in the IGMP SFM Information Table. Clicking the button will update the displayed table starting from that or the closest next IGMP SFM Information Table match.
Page 421 Auto-refresh: Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. Refresh: Click to refresh the page. |<<: Updates the system log entries to the first available entry ID >>: Updates the system log entry to the next available entry ID...
Page 422: 3-11.2 Mld Snooping
3-11.2 MLD Snooping 3-11.2.1 Status The section describes when you complete the MLD Snooping and how to display the MLD Snooping Status and detail information. It will help you to find out the detail information of MLD Snooping status. Web Interface To display the MLD Snooping Status in the web interface: 1.
Page 423 Parameter description: VLAN ID :  The VLAN ID of the entry. Querier Version :  Working Querier Version currently. Host Version :  Working Host Version currently. Querier Status :  Show the Querier status is "ACTIVE" or "IDLE". "DISABLE"...
Page 424 Switch port number. Status  Indicate whether specific port is a router port or not. Buttons  Auto-refresh: Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. Clear: Clears the counters for the selected port. Refresh: Click to refresh the page.
Page 425 3-11.2.2 Group Information The section describes user could set the MLD Snooping Groups Information. The "Start from VLAN", and "group" input fields allow the user to select the starting point in the MLD Group Table Web Interface To display the MLD Snooping Group information in the web interface: 1.
Page 426 input fields will - upon a button click - assume the value of the first displayed entry, allowing for continuous refresh with the same start address. The will use the last entry of the currently displayed table as a basis for the next lookup. When the end is reached the text "No more entries"...
Page 427 3-11.2.3 IPv6 SFM Information Entries in the MLD SFM Information Table are shown on this page. The MLD SFM (Source-Filtered Multicast) Information Table also contains the SSM (Source-Specific Multicast) information. This table is sorted first by VLAN ID, then by group, and then by Port.
Page 428 point in the MLD SFM Information Table. Clicking the button will update the displayed table starting from that or the closest next MLD SFM Information Table match. In addition, the two input fields will - upon a button click - assume the value of the first displayed entry, allowing for continuous refresh with the same start address.
Page 429 occurs every 3 seconds. Refresh: Click to refresh the page. |<<: Updates the system log entries to the first available entry ID >> : Updates the system log entry to the next available entry ID...
Page 430: Lldp
3-12 LLDP 3-12.1 Neighbour This page provides a status overview for all LLDP neighbours. The displayed table contains a row for each port on which an LLDP neighbour is detected. The columns hold the following information: Web Interface To show LLDP neighbours: 1.
Page 431 The Remote Port ID is the identification of the neighbour port. Port Description :  Port Description is the port description advertised by the neighbour unit. System Name :  System Name is the name advertised by the neighbour unit. System Capabilities : ...
Page 432 Refresh: Click to refresh the page.
Page 433: 3-12.2 Lldp-Med Neighbour
3-12.2 LLDP-MED Neighbour This page provides a status overview of all LLDP-MED neighbours. The displayed table contains a row for each port on which an LLDP neighbour is detected. This function applies to VoIP devices which support LLDP-MED. The columns hold the following information: Web Interface To show LLDP-MED neighbor:...
Page 434 the IEEE 802 based LAN infrastructure for LLDP-MED Endpoint Devices. An LLDP-MED Network Connectivity Device is a LAN access device based on any of the following technologies: 1. LAN Switch/Router 2. IEEE 802.1 Bridge 3. IEEE 802.3 Repeater (included for historical reasons) 4.
Page 435 The LLDP-MED Media Endpoint (Class II) definition is applicable to all endpoint products that have IP media capabilities however may or may not be associated with a particular end user. Capabilities include all of the capabilities defined for the previous Generic Endpoint Class (Class I), and are extended to include aspects related to media streaming.
Page 436 Application Type :  Application Type indicating the primary function of the application(s) defined for this network policy, advertised by an Endpoint or Network Connectivity Device. The possible application types are shown below. 1. Voice - for use by dedicated IP Telephony handsets and other similar appliances supporting interactive voice services.
Page 437 TAG :  TAG is indicative of whether the specified application type is using a tagged or an untagged VLAN. Can be Tagged or Untagged. Untagged: The device is using an untagged frame format and as such does not include a tag header as defined by IEEE 802.1Q-2003. Tagged: The device is using the IEEE 802.1Q tagged frame format.
Page 438: 3-12.3 Poe
Auto-refresh: Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. Refresh: Click to refresh the page. 3-12.3 PoE This page allows the user to inspect the current status for all PoE ports. The section show all port Power Over Ethernet Status. Web Interface To show LLDP EEE neighbors: 1.
Page 439 The Power Source represents the power source being utilized by a PSE or PD device. If the device is a PSE device it can either run on its Primary Power Source or its Backup Power Source. If it is unknown whether the PSE device is using its Primary Power Source or its Backup Power Source it is indicated as "Unknown"...
Page 440 Refresh: Click to refresh the page.
Page 441: 3-12.4 Eee
3-12.4 EEE By using EEE power savings can be achieved at the expense of traffic latency. This latency occurs due to that the circuits EEE turn off to save power, need time to boot up before sending traffic over the link. This time is called "wakeup time". To achieve minimal latency, devices can use LLDP to exchange information about their respective tx and rx "wakeup time ", as a way to agree upon the minimum wakeup time they need.
Page 442 Rx Tw :  The link partner’s time that receiver would like the transmitter to hold off to allow time for the receiver to wake from sleep. Fallback Receive Tw :  The link partner’s fallback receive Tw. A receiving link partner may inform the transmitter of an alternate desired Tw_sys_tx. Since a receiving link partner is likely to have discrete levels for savings, this provides the transmitter with additional information that it may use for a more efficient allocation.
Page 443 Shows whether the switch and the link partner have agreed on wake times. Red - Switch and link partner have not agreed on wakeup times. Green - Switch and link partner have agreed on wakeup times. Buttons  Auto-refresh: Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds.
Page 444: 3-12.5 Port Statistics
3-12.5 Port Statistics Two types of counters are shown. Global counters are counters that refer to the whole switch, while local counters refer to per port counters for the currently selected switch Web Interface To show LLDP Statistics: 1. Click Monitor ,LLDP, then click Port Statistics to show LLDP counters 2.
Page 445 It also shows the time when the last entry was last deleted or added. It also shows the time elapsed since the last change was detected. Total Neighbours Entries Added :  Shows the number of new entries added since switch reboot. Total Neighbours Entries Deleted : ...
Page 446: Ethernet Services
TLVs Discarded :  Each LLDP frame can contain multiple pieces of information, known as TLVs (TLV is short for "Type Length Value"). If a TLV is malformed, it is counted and discarded. TLVs Unrecognized :  The number of well-formed TLVs, but with an unknown type value. Org.
Page 447 Click Auto-refresh for auto-update web screen Click Clear to clear all counters Figure 3-13.1: The Ethernet Statistics Parameter description: Class  The traffic class for the EVC. Rx Green  The number of green received. Tx Green  The number of green transmitted. Rx Yellow ...
Page 448: Ptp
The number of discarded in the green color. Yellow Discarded  The number of discarded in the yellow color Buttons  Auto-refresh: Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. Refresh: Click to refresh the page. Clear: Clears the counters for the selected port.
Page 449 Parameter description: PTP External Clock Description One_PPS_Mode  Shows the current One_pps_mode configured. 1. Output : Enable the 1 pps clock output 2. Input : Enable the 1 pps clock input 3. Disable : Disable the 1 pps clock in/out-put External Enable ...
Page 450: Poe
PTP Clock Description Inst  Indicates the Instance of a particular Clock Instance [0..3]. Click on the Clock Instance number to monitor the Clock details. ClkDom  Indicates the Clock domain used by the Instance of a particular Clock Instance [0..3]. Device Type ...
Page 451 Figure 3-15: The PoE Statistics Parameter description: Local Port  This is the logical port number for this row. PD Class  Each PD is classified according to a class that defines the maximum power the PD will use. The PD Class shows the PDs class. Five Classes are defined: Class 0: Max.
Page 452 Power Used  The Power Used shows how much power the PD currently is using. Current Used  The Power Used shows how much current the PD currently is using. Priority  The Priority shows the port's priority configured by the user. Port Status ...
Page 453: Mac Table
3-16 MAC Table Entries in the MAC Table are shown on this page. The MAC Table contains up to 8192 entries, and is sorted first by VLAN ID, then by MAC address. Web Interface To Display MAC Address Table in the web interface: 1.
Page 454 displayed table starting from that or the closest next MAC Table match. In addition, the two input fields will - upon a “Refresh” button click - assume the value of the first displayed entry, allowing for continuous refresh with the same start address. The >>...
Page 455 00-40-C7-73-01-29 : your switch MAC address (for IPv4) 33-33-00-00-00-01 : Destination MAC (for IPv6 Router Advertisement) (reference IPv6 RA.JPG) 33-33-00-00-00-02 : Destination MAC (for IPv6 Router Solicitation) (reference IPv6 RS.JPG) 33-33-FF-73-01-29 : Destination MAC (for IPv6 Neighbor Solicitation) (reference IPv6 DAD.JPG) 33-33-FF-A8-01-01: your switch MAC address (for IPv6 global IP) FF-FF-FF-FF-FF-FF: for Broadcast.
Page 456: Vlans
3-17 VLANs 3-17.1 Membership This page provides an overview of membership status of VLAN users. The ports belong to the currently selected stack unit, as reflected by the page header. Web Interface To configure VLAN membership configuration in the web interface: 1.
Page 457 Voice VLAN : Voice VLAN is a VLAN configured specially for voice traffic typically originating from IP phones. MVR : MVR is used to eliminate the need to duplicate multicast traffic for subscribers in each VLAN. Multicast traffic for all channels is sent only on a single (multicast) VLAN.
Page 458 Buttons  Auto-refresh: Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. Refresh: Click to refresh the page.
Page 459: 3-17.2 Port
3-17.2 Port The function Port Status gathers the information of all VLAN status and reports it by the order of Static NAS MVRP MVP Voice VLAN MSTP GVRP Combined. Web Interface To Display VLAN Port Status in the web interface: 1.
Page 460 originating from IP phones. MVR : MVR is used to eliminate the need to duplicate multicast traffic for subscribers in each VLAN. Multicast traffic for all channels is sent only on a single (multicast) VLAN. MSTP : The 802.1s Multiple Spanning Tree protocol (MSTP) uses VLANs to create multiple spanning trees in a network, which significantly improves network resource utilization while maintaining a loop-free environment.
Page 461 Shows UVID (untagged VLAN ID). Port's UVID determines the packet's behavior at the egress side. Conflicts :  Shows status of Conflicts whether exists or not. When a Volatile VLAN User requests to set VLAN membership or VLAN port configuration, the following conflicts can occur: Functional Conflicts between features.
Page 462: Vcl
3-18 VCL 3-18.1 MAC-based VLAN section This shows MAC-based VLAN entries configured by various MAC-based VLAN users. Currently we support following VLAN User types: CLI/Web/SNMP: These are referred to as static. NAS: NAS provides port-based authentication, which involves communications between a Supplicant, Authenticator, and an Authentication Server. Web Interface To Display MAC-based VLAN configuration in the web interface: 1.
Page 463 Port Members :  Port members of the MAC-based VLAN entry. Buttons  Auto-refresh: Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. Refresh: Click to refresh the page.
Page 464: 3-18.2 Protocol-Based Vlan
3-18.2 Protocol-based VLAN 3-18.2.1 Protocol to Group This page shows you the protocols to Group Name (unique for each Group) mapping entries for the switch. Web Interface To Display Protocol-based VLAN configuration in the web interface: 1. Click Monitor, VCL, Protocol to Group. Checked “Auto-refresh”.
Page 465 selected. Value :  Valid value that can be entered in this text field depends on the option selected from the preceding Frame Type selection menu. Below is the criteria for three different Frame Types: 1. For Ethernet: Values in the text field when Ethernet is selected as a Frame Type is called etype.
Page 466 Auto-refresh: Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. Refresh: Click to refresh the page.
Page 467 3-18.2.2 Group to VLAN This page shows you the configured Group Name to a VLAN for the switch. Web Interface To Display Group to VLAN configuration in the web interface: 1. Click Monitor, VCL, Group to VLAN. Checked “Auto-refresh”. 3. Click “Refresh” to refresh the port detailed statistics. Figure 3-17.2.2: The MAC-based VLAN Membership Status for User Static Parameter description: Group Name :...
Page 468 port from the mapping, make sure the box is unchecked. By default, no ports are members, and all boxes are unchecked. Buttons  Auto-refresh: Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. Refresh: Click to refresh the page.
Page 469: 3-18.3 Ip Subnet-Based Vlan
3-18.3 IP Subnet-based VLAN The page shows IP subnet-based VLAN entries. This page shows only static entries. Web Interface To Display MAC-based VLAN configuration in the web interface: 1. Click Monitor, VCL, and IP Subnet-based VLAN. Checked “Auto-refresh”. 3. Click “Refresh” to refresh the port detailed statistics. Figure 3-17.3: The MAC-based VLAN Membership Status for User Static Parameter description: VCE ID :...
Page 470 Port Members :  A row of check boxes for each port is displayed for each IP subnet-based VLAN entry. To include a port in a IP subnet-based VLAN, check the box. To remove or exclude the port from the IP subnet-based VLAN, make sure the box is unchecked. By default, no ports are members, and all boxes are unchecked.
Page 471: Sflow
3-19 sFlow This session shows receiver and per-port sFlow statistics Web Interface To Display MAC-based VLAN configuration in the web interface: 1. Click Monitor, sFlow 2. Display sFlow information. Figure 3-19: The sFlow Statistics Parameter description: Owner ...
Page 472 This field shows the current owner of the sFlow configuration. It assumes one of three values as follows: • If sFlow is currently unconfigured/unclaimed, Owner contains <none>. • If sFlow is currently configured through Web or CLI, Owner contains <Configured through local management>.
Page 473 Here, flow samples are divided into Rx and Tx flow samples, where Rx flow samples contains the number of packets that were sampled upon reception (ingress) on the port and Tx flow samples contains the number of packets that were sampled upon transmission (egress) on the port.
Page 474: Udld
3-20 UDLD This page displays the UDLD status of the ports Web Interface To Display UDLD in the web interface: Click Monitor, UDLD Display UDLD information. Figure 3-20: The UDLD Parameter description: UDLD port status UDLD Admin State  The current port state of the logical port, Enabled if any of state(Normal,Aggressive) is Enabled.
Page 475 Neighbour Status Port  The current port of neighbour device. Device ID  The current ID of neighbour device. Link Status  The current link status of neighbour port. Device Name  Name of the Neighbour Device. Buttons  Auto-refresh: Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds.
Page 476: Chapter 4. Diagnostics
Diagnostics Chapter 4. This chapter provides a set of basic system diagnosis. It let users know that whether the system is health or needs to be fixed. The basic system check includes ICMP Ping, Link OAM, ICMPv6, and VeriPHY Cable Diagnostics. 4-1 Ping This section allows you to issue ICMP PING packets to troubleshoot IPv6 connectivity issues.
Page 477 Parameter description: IP Address :  To set the IP Address of device what you want to ping it. Ping Length:  The payload size of the ICMP packet. Values range from 2 bytes to 1452 bytes. Ping Count:  The count of the ICMP packet.
Page 478 After you press , 5 ICMP packets are transmitted, and the sequence number and roundtrip time are displayed upon reception of a reply. The page refreshes automatically until responses to all packets are received, or until a timeout occurs. PING6 server ::10.10.132.20 64 bytes from ::10.10.132.20: icmp_seq=0, time=0ms 64 bytes from ::10.10.132.20: icmp_seq=1, time=0ms 64 bytes from ::10.10.132.20: icmp_seq=2, time=0ms...
Page 479: Ping6
4-2 Ping6 This section allows you to issue ICMPv6 PING packets to troubleshoot IPv6 connectivity issues. Web Interface To configure an ICMPv6 PING Configuration in the web interface: 1. Specify ICMPv6 PING IP Address. 2. Specify ICMPv6 PING Size. 3. Click Start. Figure 4-2: The ICMPv6 Ping Parameter description: IP Address :...
Page 480 The count of the ICMP packet. Values range from 1 time to 60 times. Ping Interval :  The interval of the ICMP packet. Values range from 0 second to 30 seconds. Egress Interface (Only for IPv6) :  The VLAN ID (VID) of the specific egress IPv6 interface which ICMP packet goes. The given VID ranges from 1 to 4094 and will be effective only when the corresponding IPv6 interface is valid.
Page 481: Veriphy
4-3 VeriPHY This section is used for running the VeriPHY Cable Diagnostics. Press to run the diagnostics. This will take approximately 5 seconds. If all ports are selected, this can take approximately 15 seconds. When completed, the page refreshes automatically, and you can view the cable diagnostics results in the cable status table.
Page 482 The port where you are requesting VeriPHY Cable Diagnostics. Cable Status :  Port: Port number. Pair: The status of the cable pair. Length: The length (in meters) of the cable pair.
Page 483: Traceroute
4-4 Traceroute This page allows you to issue ICMP, TCP, or UDP packets to diagnose network connectivity issues. Web Interface To configure an ICMPv6 PING Configuration in the web interface: 1. Specify traceroute IP Address. 2. Specify traceroute Size. 3. Click Start. Figure 4-4: The Traceroute Parameter description: Protocol :...
Page 484 range from 1 to 60. The payload size of the ICMP packet. Values range from 2 bytes to 1452 bytes. Max TTL :  Specifies the maximum number of hops (max time-to-live value) traceroute will probe. Values range from 1 to 255. The default is 30. Probe Count : ...
Page 485: Link Oam
4-5 Link OAM 4-5.1 MIB Retrieval This page provides detailed OAM traffic statistics for a specific switch port. Use the port select box to select which switch port details to display. The displayed counters represent the total number of OAM frames received and transmitted for the selected port.
Page 486 data received inside of an IP packet of type ICMP ECHO_REPLY will always be 8 bytes more than the requested data space (the ICMP header). The page refreshes automatically until responses to all packets are received, or until a timeout occurs. PING server 10.10.132.20, 56 bytes of data.
Page 487 64 bytes from fe80::215:58ff:feed:69dd: icmp_seq=4, time=0ms Sent 5 packets, received 10 OK, 0 bad You can configure the following properties of the issued ICMP packets: IP Address  The destination IP Address. Ping Length  The payload size of the ICMP packet. Values range from 2 bytes to 1452 bytes. Ping Count ...
Page 488 8 202-39-253-11.HINET-IP.hinet.net. (202.39.253.11) 10 ms 10 ms You can configure the following properties: Protocol  The protocol(ICMP, UDP, TCP) packets to send. IP Address  The destination IP Address. Wait Time  Set the time (in seconds) to wait for a response to a probe (default 5.0 sec). Values range from 1 to 60.
Page 489: Chapter 5. Maintenance
Maintenance Chapter 5. This chapter describes the entire switch Maintenance configuration tasks to enhance the performance of local network including Restart Device, Firmware upgrade, Save/Restore, Import/Export. 5-1 Restart Device This section describes how to restart switch for any maintenance needs. Any configuration files or scripts that you saved in the switch should still be available afterwards.
Page 490: Reboot Schedule
Parameter description: Restart Device :  You can restart the switch on this page. After restart, the switch will boot normally. Buttons:  Yes – Click to “Yes” then the device will restart. No- Click to undo any restart action. 5-2 Reboot Schedule This page allows user to schedule the time to reboot the switch.
Page 491 Indicates the reboot scheduling mode operation. Possible modes are: Enabled: Enable switch reboot scheduling. Disabled: Disable switch reboot scheduling. Week Day  The day to reboot this switch. Reboot Time  The time to reboot the switch. Buttons:  Apply–Click to save changes. Reset–Click to undo any changes made locally and revert to previously saved values.
Page 492: Factory Defaults
5-3 Factory Defaults This section describes how to reset the Switch configuration to Factory Defaults. Any configuration files or scripts will recover to factory default values. Web Interface To configure a Factory Defaults Configuration in the web interface: 1. Chick Factory Defaults. 2.
Page 493: Firmware
5-4 Firmware This section describes how to upgrade Firmware. The Switch can be enhanced with more value-added functions by installing firmware upgrades. 5-4.1 Firmware upgrade This page facilitates an update of the firmware controlling the switch.. Web Interface To configure a Firmware Upgrade Configuration in the web interface: 1.
Page 494 This page facilitates an update of the firmware controlling the switch. Uploading software will update all managed switches to the location of a software image and click. After the software image is uploaded, a page announces that the firmware update is initiated.
Page 495: 5-4.2 Firmware Selection
5-4.2 Firmware Selection This page provides information about the active and alternate (backup) firmware images in the device, and allows you to revert to the alternate image. The web page displays two tables with information about the active and alternate firmware images.
Page 496 Image Information Image  The flash index name of the firmware image. The name of primary (preferred) image is image, the alternate image is named image.bk. Version  The version of the firmware image. Date  The date where the firmware was produced. Buttons ...
Page 497: Configuration
5-5 Configuration The switch stores its configuration in a number of text files in CLI format. The files are either virtual (RAM-based) or stored in flash on the switch. There are three system files: running-config: A virtual file that represents the currently active configuration ...
Page 498 Parameter description: Buttons :  Save Configuration: Click to save configuration, the running configuration will be written to flash memory for system boot up to load this startup configuration file.
Page 499: 5-5.2 Download
5-5.2 Download The switch stores its configuration in a number of text files in CLI format. The files are either virtual (RAM-based) or stored in flash on the switch. The available files are: running-config: A virtual file that represents the currently active configuration on the switch.
Page 500 This copies running-config to startup-config, thereby ensuring that the currently active configuration will be used at the next reboot. Download  It is possible to download any of the files on the switch to the web browser. Select the file and click “Download Configuration”. Download of running-config may take a little while to complete, as the file must be prepared for download.
Page 501: 5-5.3 Upload
5-5.3 Upload The configuration upload function will be backuped and saved configuration from the switch’s configuration into the running web browser PC. It is possible to upload any of the files on the switch to the web browser. Select the file and click Upload of running-config may take a little while to complete, as the file must be prepared for upload.
Page 502 Parameter description: Buttons :  Upload Configuration: Click the “Upload” button then the running web management PC will start to upload the configuration from the managed switch configuration into the location PC, user can configure web browser’s upload file path to keep configuration file.
Page 503: 5-5.4 Activate
5-5.4 Activate The switch stores its configuration in a number of text files in CLI format. The files are either virtual (RAM-based) or stored in flash on the switch. The available files are: running-config: A virtual file that represents the currently active configuration on the switch.
Page 504 2. startup-config: The startup configuration for the switch, read at boot time. Parameter description: Buttons :  Activate Configuration: Click the “Activate” button then the default-config or startup-config file will be activated and to be this switch's running configuration.
Page 505: 5-5.5 Delete
5-5.5 Delete It is possible to delete any of the writable files stored in flash, including startup-config. If this is done and the switch is rebooted without a prior save operation, this effectively resets the switch to default configuration. Web Interface To delete configuration in the web interface: 1.
Page 506: Server Report
5-6 Server Report It is possible to download server report file on the switch to the web browser. Download of server-report may take a little while to complete, as the file must be prepared for download. Web Interface To delete configuration in the web interface: 1.

LevelOne IGP-1271 User Manual

Chapter 1 Operation of Web-Based Management

Chapter 2 System Configuration

Chapter 3. Monitor

Chapter 4. Diagnostics

Chapter 5. Maintenance

Quick Links

Related Manuals for LevelOne IGP-1271

Summary of Contents for LevelOne IGP-1271