NETGEAR M4300 User Manual
  1. Manuals
  2. Brands
  3. NETGEAR Manuals
  4. Switch
  5. ProSAFE M4300 series
  6. User manual

NETGEAR M4300 User Manual

Fully managed stackable switches
Hide thumbs Also See for M4300:
1
2
Table Of Contents
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
Table of Contents

Advertisement

Quick Links

Download this manual See also: Software Administration Manual, Installation
M4300 Series and M4300-96X
Fully Managed Switches
Us e r Manual
Sof tware Version 1 2.0.6
June 2018
202-11865-02
350 East Plumeria Drive
San Jose, CA 95134
USA

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the M4300 and is the answer not in the manual?

Questions and answers

Related Manuals for NETGEAR M4300

Summary of Contents for NETGEAR M4300

  • Page 1 M4300 Series and M4300-96X Fully Managed Switches Us e r Manual Sof tware Version 1 2.0.6 June 2018 202-11865-02 350 East Plumeria Drive San Jose, CA 95134...
  • Page 2 Thank you for purchasing this NETGEAR product. You can visit www.netgear.com/support to register your product, get help, access the latest downloads and user manuals, and join our community. We recommend that you use only official NETGEAR support resources. Conformity For the current EU Declaration of Conformity, visit http://kb.netgear.com/app/answers/detail/a_id/11621.

  • Page 3: Table Of Contents

    Supported Switches ..........16 New Features for Switch Model M4300-96X ......16 Slot-Based Port Numbering .
  • Page 4 M4300 Series and M4300-96X Fully Managed Switches User Manual Configure the SNTP Global Settings ....... . . 66 View SNTP Global Status .
  • Page 5 Chapter 3 Stacking M4300 Series Switch Stacking Overview......161 Firmware Synchronization and Upgrade ....... 161 Stack Configuration Maintenance.
  • Page 6 M4300 Series and M4300-96X Fully Managed Switches User Manual Configure Basic VLAN Settings........178 Reset the VLAN Configuration to Default Setting .
  • Page 7 M4300 Series and M4300-96X Fully Managed Switches User Manual Configure a Multicast Router VLAN ....... . . 239 IGMP Snooping Querier Overview.
  • Page 8 M4300 Series and M4300-96X Fully Managed Switches User Manual Configure the Routing IP Settings........291 View Statistics .
  • Page 9 M4300 Series and M4300-96X Fully Managed Switches User Manual View and Clear OSPF Statistics for an Interface..... . . 363 View the OSPF Neighbor Table and Clear OSPF Neighbors .
  • Page 10 M4300 Series and M4300-96X Fully Managed Switches User Manual View the PIM Neighbor ......... . . 431 Configure the PIM Candidate Rendezvous Point .
  • Page 11 M4300 Series and M4300-96X Fully Managed Switches User Manual Chapter 9 Manage Device Security Manage User Accounts and Passwords ....... . 488 Configure User Accounts .
  • Page 12 M4300 Series and M4300-96X Fully Managed Switches User Manual Configure a Port Security Interface ....... . . 543 Convert Learned MAC Addresses to Static Addresses .
  • Page 13 M4300 Series and M4300-96X Fully Managed Switches User Manual Configure MAC Binding ......... . . 594 View and Delete MAC ACL Bindings in the MAC Binding Table .
  • Page 14 M4300 Series and M4300-96X Fully Managed Switches User Manual Reset All User Passwords to Their Default Settings ..... . 658 Upload or Export a File From the Switch .

  • Page 15: Chapter 1 Getting Started

    Firmware updates with new features and bug fixes are made Note: available from time to time at downloadcenter.netgear.com. Some products can regularly check the site and download new firmware, or you can check for and download new firmware manually. If the features or behavior of your product does not match what is described in this guide, you might need to update your firmware.

  • Page 16: Supported Switches

    This release and this user manual are for the following M4300 switch models: Full 10G models: • M4300-8X8F. Full 10G switch model with eight 10G copper ports and eight 10G fiber ports in a half-width chassis M4300-12X12F. Full 10G switch model with twelve 10G copper ports and twelve 10G fiber ports in a half-width chassis M4300-24X24F.

  • Page 17: Slot-Based Port Numbering

    Therefore, the port range is from 1 to 8. For example, the fifth port in the sixth slot of a switch model M4300-96X with a unit number 1 is designated as 1/6/5. Similarly, the very first port on the switch is 1/1/1 and the very last port is 1/12/8.

  • Page 18: Slot Configuration

    M4300 Series and M4300-96X Fully Managed Switches User Manual Slot Configuration By default, the slots of the M4300-96X are configured as empty slots, that is, as slots in which no port cards are installed. None of the slots are preconfigured. For information about...

  • Page 19: Available Publications And Online Help

    26. Register Your Product The first time you log in to the switch, you are given the option of registering with NETGEAR. Registration confirms that your e-mail alerts work, lowers technical support resolution time, and ensures that your shipping address accuracy. NETGEAR would also like to incorporate your feedback into future product development.

  • Page 20: Understanding The User Interfaces

    M4300 Series and M4300-96X Fully Managed Switches User Manual Understanding the User Interfaces The switch software includes a set of comprehensive management functions for configuring and monitoring the system by using one of the following methods: Local browser–based management interface (in this manual referred to as the local •...

  • Page 21: Use A Web Browser To Access The Switch And Log In

    M4300 Series and M4300-96X Fully Managed Switches User Manual Use a Web Browser to Access the Switch and Log In If this is the first time that you log in to the switch and you must use the default IP address of the switch, see the information in the installation guide for your switch and in the M4200 and M4300 Series ProSAFE Managed Switches Software Setup Manual.

  • Page 22: Interface Naming Conventions

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 1. Local browser interface command buttons (continued) Button Function Save Clicking the Save button saves your settings. Logout Clicking the Logout button ends the session. IMPORTANT: When you click the Apply button, your changes are saved for the web management session but are not retained by the switch when it is rebooted.

  • Page 23: Slot And Port Numbering For Switch Model M4300-96X

    Slot and Port Numbering for Switch Model M4300-96X For switch model M4300-96X, the slots in the upper row of the chassis are numbered 1 through 6 from left to right. These slots can support PoE. The slots in the lower row of the chassis are numbered 7 through 12 from left to right.
  • Page 24 M4300 Series and M4300-96X Fully Managed Switches User Manual Slot and Port Numbering on the APM408C, APM408P, and APM408F Port Cards For the APM408C, APM408P, and APM408F port cards, the ports in the port cards in the slots are numbered as described in the following table.
  • Page 25 M4300 Series and M4300-96X Fully Managed Switches User Manual For example, if a switch with unit number 1 includes an APM402XL port card in slot 9, port 1 on the port card is connected to four individual port cards, and port 2 on the port card is connected to another single 40G port, the port numbering is as follows: 1/9/1, 1/9/2, 1/9/3, 1/9/4, and 1/9/5.

  • Page 26: Online Help

    For example, if the IP Addressing page is open, the help topic for that page displays if you click the Help button. You can connect to the online support site at netgear.com when you are logged in to the switch.

  • Page 27: Local Browser Interface Device View

    As yet another example, the following figure shows a close up of the Device View page for model M4300-96X. This figure shows an APM402XL port card in slot 5 and another in slot 8. Port 1/5/6 is expanded into four 10G ports, but port 1/5/5 is in 40G mode. Both port 1/8/1 and port 1/8/5 are in the default 40G mode.

  • Page 28: Using Snmp

    M4300 Series and M4300-96X Fully Managed Switches User Manual Click a port to see a menu that displays statistics and configuration options. You can click a menu option to access the page that contains the configuration or monitoring options. If you click the graphic, but do not click a specific port, the main menu displays. This menu contains the same options as the navigation tabs at the top of the page.
  • Page 29 M4300 Series and M4300-96X Fully Managed Switches User Manual  To configure authentication and encryption settings for the SNMP v3 admin profile: Launch a web browser. In the address field of your web browser, enter the IP address of the switch.

  • Page 30: Chapter 2 Configure System Information

    Configure System Information This chapter covers the following topics: • Initial Setup • Time • Configure DNS Settings • Configure the Switch Database Management Template Preference • Configure Green Ethernet Settings • Configure and Display Bonjour Settings • Configure DHCP Server Settings •...

  • Page 31: Initial Setup

    M4300 Series and M4300-96X Fully Managed Switches User Manual Initial Setup When you log in to a switch that has its factory settings, the Initial Setup page displays.  To perform the initial system configuration: Prepare your computer with a static IP address: For access over an Ethernet network port, use a static IP address in the 169.254.0.0...

  • Page 32: Configure The Initial Ipv4 Management Vlan

    M4300 Series and M4300-96X Fully Managed Switches User Manual The new password does not display as you type it; only dots are shown to hide the entry. The password is from 8 to 64 alphanumeric characters in length and is case-sensitive.
  • Page 33 M4300 Series and M4300-96X Fully Managed Switches User Manual The default admin user name is admin and the default admin password is blank, that is, do not enter a password. Click the Login button. The System Information page displays. Select System > Management > Initial Setup.

  • Page 34: Configure The Initial Ipv6 Management Vlan

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure the Initial IPv6 Management VLAN For IPv6 management, you can use the same management VLAN that you use for IPv4 management or you can use a different VLAN. By default, the switch does not include an IPv6 management VLAN and you must set it up manually if you want to use it.

  • Page 35: Configure The Initial Service Port Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure the Initial Service Port Settings  To perform the initial service port configuration: Launch a web browser. In the address field of your web browser, enter the IP address of the switch.

  • Page 36: View Or Define System Information

    M4300 Series and M4300-96X Fully Managed Switches User Manual When Auto Config is selected, the appropriate IPv6 prefix and prefix length are displayed in this field. Specify the default IPv6 Gateway for the service port. Click the Apply button. Your settings are saved.
  • Page 37 M4300 Series and M4300-96X Fully Managed Switches User Manual Define the following fields: System Name. Enter the name to identify this switch. You can use up to 255 • alphanumeric characters. The factory default is blank. System Location. Enter the location of this switch. You can use up to 255 •...

  • Page 38: View The Fan Status

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 6. Application Information and System Information (continued) Field Description IPv6 Management Address The IPv6 address and mask assigned to the management VLAN interface. IPv4 Management Interface The IPv4 management VLAN ID of the switch. Click the displayed Management VLAN ID value to jump to the configuration page.

  • Page 39: View The Temperature Sensor Information

    M4300 Series and M4300-96X Fully Managed Switches User Manual The System Information page displays. Select Management > System Information > Fan Status. To refresh the page, click the Update button. The following table describes the nonconfigurable Fan Status information. Table 7. Fan Status...

  • Page 40: View The Device Status

    M4300 Series and M4300-96X Fully Managed Switches User Manual To refresh the page, click the Update button. The following table describes the nonconfigurable Temperature Status information. Table 8. Temperature Status information Field Description Unit ID The unit number in the switch.
  • Page 41 M4300 Series and M4300-96X Fully Managed Switches User Manual To refresh the page, click the Update button. The following table describes the nonconfigurable Device Status information. Table 9. Device Status Field Description Unit ID The unit number in the switch.

  • Page 42: View The System Cpu Status

    M4300 Series and M4300-96X Fully Managed Switches User Manual View the System CPU Status  To view the system CPU status: Launch a web browser. In the address field of your web browser, enter the IP address of the switch.

  • Page 43: Configure The Cpu Thresholds

    M4300 Series and M4300-96X Fully Managed Switches User Manual The following table describes CPU Memory Status information. Table 10. CPU Memory Status information Field Description Total System Memory The total memory of the switch in KBytes. Available Memory The available memory space for the switch in KBytes.

  • Page 44: View And Clear Switch Statistics

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure the Falling Threshold. Notification is triggered when the total CPU utilization falls below this level for a configured period of time. The falling utilization threshold must be equal to or less than the rising threshold value.
  • Page 45 M4300 Series and M4300-96X Fully Managed Switches User Manual To clear all the counters, resetting all switch summary and detailed statistics to default values, click the Clear button. The discarded packets count cannot be cleared. The following table describes Switch Statistics information.
  • Page 46 M4300 Series and M4300-96X Fully Managed Switches User Manual Table 11. Switch Statistics information (continued) Field Description Broadcast Packets Received The total number of packets received that were directed to the broadcast address. This does not include multicast packets. Receive Packets Discarded...

  • Page 47: View Usb Device Information

    M4300 Series and M4300-96X Fully Managed Switches User Manual View USB Device Information  To display the USB device information: Launch a web browser. In the address field of your web browser, enter the IP address of the switch. The login window opens.

  • Page 48: Configure And View Information About Slots And Port Cards

    Disable. By default, all slots are enabled, but you can select to disable a slot. For model M4300-96X only, from the Configured Card Model ID menu, select the port card. This option allows you to preconfigure the port card before you insert the port card.
  • Page 49 M4300 Series and M4300-96X Fully Managed Switches User Manual For model M4300-96X, if you changed the settings, click the Apply button. Your settings are saved. The following table describes the nonconfigurable information in the Slot Configuration table. Field Description Slot The unit and slot number.

  • Page 50: Configure A Loopback Interface

    M4300 Series and M4300-96X Fully Managed Switches User Manual The following table describes information in the Supported Switch table. If you preconfigure a new stack member, the switch index identifies the type of switch that is being added to the stack.
  • Page 51 M4300 Series and M4300-96X Fully Managed Switches User Manual Use the Loopback Interface Type list to select IPv4 or IPv6 loopback interface. In the Loopback ID list, select a list of currently configured loopback interfaces. In the Primary IP Address field, enter the primary address for this interface in dotted-decimal notation.

  • Page 52: Configure Management Interfaces

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure Management Interfaces The local browser interface includes separate options for interface and port-based IP management. Port-based IP management disables VLAN-based (default/existing) IP management once you configure the port-based IP management and vice versa.
  • Page 53 M4300 Series and M4300-96X Fully Managed Switches User Manual Select a Service Port Configuration Protocol radio button: BootP. During the next boot cycle, the BootP client on the device broadcasts a BootP • request in an attempt to acquire information from a BootP server on the network.
  • Page 54 M4300 Series and M4300-96X Fully Managed Switches User Manual  To configure the IPv6 service port: Launch a web browser. In the address field of your web browser, enter the IP address of the switch. The login window opens. Enter the user name and password.

  • Page 55: Management Vlan Overview

    M4300 Series and M4300-96X Fully Managed Switches User Manual The DHCPv6 Client DUID field displays the client identifier used by the DHCPv6 client (if enabled) when sending messages to the DHCPv6 server. To configure the IPv6 gateway, select the Change IPv6 Gateway check box.
  • Page 56 M4300 Series and M4300-96X Fully Managed Switches User Manual Configure an IPv4 Management VLAN  To configure an IPv4 Management VLAN: Launch a web browser. In the address field of your web browser, enter the IP address of the switch.
  • Page 57 M4300 Series and M4300-96X Fully Managed Switches User Manual Specify the IP Subnet Mask for the interface. This is also referred to as the subnet/network mask and defines the portion of the interface’s IP address that is used to identify the attached network.
  • Page 58 M4300 Series and M4300-96X Fully Managed Switches User Manual Table 15. Nonconfigurable IPv4 Management Interface Status Field Description Subnet Mask The IP subnet mask for the management interface. Gateway The specified default gateway for the management interface. Configure an IPv6 Management VLAN To configure IPv6 Management, you have the choice to configure IPv6 Management using the same VLAN as is used for IPv4 Management or using a different VLAN.
  • Page 59 M4300 Series and M4300-96X Fully Managed Switches User Manual Select the radio button to Enable or Disable Address Autoconfigure Mode. If you select Enable, the IPv6 network parameters (IPv6 prefix and prefix length) are autoconfigured for the configured management VLAN interface. The default value for VLAN 1 is Auto Config.
  • Page 60 M4300 Series and M4300-96X Fully Managed Switches User Manual The table below describes the nonconfigurable fields. Table 16. Current IPv6 Management Interface Status Field Description Management Interface Displays the current IPv6 management interface Link State Indicates whether the link status is up or down.
  • Page 61 M4300 Series and M4300-96X Fully Managed Switches User Manual Enter the user name and password. The default admin user name is admin and the default admin password is blank, that is, do not enter a password. Click the Login button.
  • Page 62 M4300 Series and M4300-96X Fully Managed Switches User Manual If you need to reset the IPv4 management interface, in the Reset IPv4 Note: Management Interface section of the page, use the Set Management Interface to Default option to delete the port-based IPv4 management interface configuration and set the IPv4 management interface back to the default VLAN 1.
  • Page 63 M4300 Series and M4300-96X Fully Managed Switches User Manual Configure an IPv6 Management Interface Use this page for port-based IP management for IPv6.  To configure an IPv6 management interface: Launch a web browser. In the address field of your web browser, enter the IP address of the switch.
  • Page 64 M4300 Series and M4300-96X Fully Managed Switches User Manual Click the Apply button. Your settings are saved. In the IPv6 Default Route Configuration section of the page, the nonconfigurable IPv6 Default Route that is displayed is the default route for the IPv6 management interface.

  • Page 65: Time

    M4300 Series and M4300-96X Fully Managed Switches User Manual Time The switch software supports the Simple Network Time Protocol (SNTP). As its name suggests, it is a less complicated version of Network Time Protocol, which is a system for synchronizing the clocks of networked computer systems, primarily when data transfer is handled through the Internet.

  • Page 66: Configure The Sntp Global Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure the SNTP Global Settings  To configure the SNTP global settings: Launch a web browser. In the address field of your web browser, enter the IP address of the switch.
  • Page 67 M4300 Series and M4300-96X Fully Managed Switches User Manual The default value is Unicast. In the Port field, specify the local UDP port that the SNTP client receives server packets on. The allowed range is 1025 to 65535 and the value 123. The default value is 123. When the default value is configured, the actual client port value used in SNTP packets is assigned by the operating system.

  • Page 68: View Sntp Global Status

    M4300 Series and M4300-96X Fully Managed Switches User Manual Use the Offset Hours field to specify the number of hours of difference from UTC. The allowed range is –12 to 13. The default value is 0. Use the Offset Minutes field to specify the number of minutes of difference from UTC.
  • Page 69 M4300 Series and M4300-96X Fully Managed Switches User Manual The following table displays the nonconfigurable SNTP Global Status information. Table 19. SNTP Global Status Field Description Version The SNTP version that the client supports. Supported mode The SNTP modes that the client supports. Multiple modes can be supported by a client.

  • Page 70: Configure An Sntp Server

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure an SNTP Server SNTP assures accurate network device clock time synchronization up to the millisecond. Time synchronization is performed by a network SNTP server. The switch software operates only as an SNTP client and cannot provide time services to other systems.
  • Page 71 M4300 Series and M4300-96X Fully Managed Switches User Manual The default admin user name is admin and the default admin password is blank, that is, do not enter a password. Click the Login button. The System Information page displays. Select System > Management > Time > SNTP Server Configuration.
  • Page 72 M4300 Series and M4300-96X Fully Managed Switches User Manual requesting order follows the lexicographical ordering of the entries in this table. The valid range is 1 to 3. The default value is 1. Specify the NTP Version running on the server.

  • Page 73: Configure Daylight Saving Time Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 20. SNTP Server Status (continued) Field Description Last Attempt Status The status of the last S9 NTP request to this server. If no packet was received from this server, a status of Other is displayed.
  • Page 74 M4300 Series and M4300-96X Fully Managed Switches User Manual Select Daylight Saving (DST) radio button: Disable. Disable daylight saving time. • Recurring. Enable Recurring daylight saving time. • Recurring EU. Enable recurring EU daylight saving time. • Recurring USA. Enable recurring USA daylight saving time.

  • Page 75: View The Daylight Saving Time Status

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 21. DayLight Saving - Recurring Field Description Offset Configure recurring offset in minutes. The valid range is 1–1440 minutes. Zone Configure the time zone. The fields in the following table are visible only when DayLight Saving is Non Recurring.
  • Page 76 M4300 Series and M4300-96X Fully Managed Switches User Manual To refresh the page, click the Update button. The following table displays the nonconfigurable Daylight Saving (DST) status information. Table 23. DayLight Saving Status Field Description Daylight Saving (DST) The Daylight Saving value, which is one of the following: •...

  • Page 77: Configure Dns Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure DNS Settings You can configure information about DNS servers that the network uses and how the switch operates as a DNS client. Configure Global DNS Settings You can configure global DNS settings and DNS server information.
  • Page 78 When the system is performing a lookup on an unqualified host name, this field is provides the domain name (for example, if default domain name is netgear.com and the user enters test, then test is changed to test.netgear.com to resolve the name). The length of the name must not be longer than 255 characters.

  • Page 79: Add A Static Entry To The Local Dns Table

    M4300 Series and M4300-96X Fully Managed Switches User Manual The following table displays DNS Server Configuration information. Table 24. DNS Server Configuration Field Description Serial No The sequence number of the DNS server. Preference Shows the preference of the DNS server. The preference is determined by the order in which they were entered.

  • Page 80: Configure The Switch Database Management Template Preference

    M4300 Series and M4300-96X Fully Managed Switches User Manual The Dynamic Host Mapping table shows host name-to-IP address entries that the switch learned. The following table describes the dynamic host fields. Table 25. DNS Dynamic Host Mapping Field Description Host Lists the host name that you assign to the specified IP address.
  • Page 81 IPv4 Data Center Plus Native • Dual IPv4 and IPv6 Data Center Native • Dual IPv4 and IPv6 Data Center Plus Mixed Native and M4300-96X • Dual IPv4 and IPv6 Data Center M4300-96X • The templates with the Native keyword are supported only on the...
  • Page 82 • Dual IPv4 and IPv6 Data Center Generic • Dual IPv4 and IPv6 Data Center Native • Dual IPv4 and IPv6 Data Center Plus Mixed Native and M4300-96X • Dual IPv4 and IPv6 Data Center M4300-96X • SDM Template Identifies the template. The possible values are as follows: IPv4 Data Center Plus Generic •...

  • Page 83: Configure Green Ethernet Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure Green Ethernet Settings  To configure the Green Ethernet settings: Launch a web browser. In the address field of your web browser, enter the IP address of the switch. The login window opens.

  • Page 84: Configure Green Ethernet Local And Remote Devices

    M4300 Series and M4300-96X Fully Managed Switches User Manual Click the Login button. The System Information page displays. Select System > Management > Green Ethernet > Green Ethernet Interface Configuration. Use one of the following methods to select an interface: In the Go To Interface field, enter the interface in the unit/slot/port format and click on •...
  • Page 85 M4300 Series and M4300-96X Fully Managed Switches User Manual Enter the user name and password. The default admin user name is admin and the default admin password is blank, that is, do not enter a password. Click the Login button.
  • Page 86 M4300 Series and M4300-96X Fully Managed Switches User Manual The following table describes the nonconfigurable fields. Table 27. Green Ethernet Local Device information Field Description Cumulative Energy Saved on this Cumulative energy saved due to all green modes enabled on this port port due to Green mode(s) (Watts in (Watts * Hours).

  • Page 87: Configure Green Ethernet Remote Device Details

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure Green Ethernet Remote Device Details  To configure the Green Ethernet remote device information: Launch a web browser. In the address field of your web browser, enter the IP address of the switch.

  • Page 88: View The Green Ethernet Statistics Summary

    M4300 Series and M4300-96X Fully Managed Switches User Manual View the Green Ethernet Statistics Summary  To view the green Ethernet statistics: Launch a web browser. In the address field of your web browser, enter the IP address of the switch.
  • Page 89 M4300 Series and M4300-96X Fully Managed Switches User Manual The following table describes the nonconfigurable fields. Table 29. Green Ethernet Statistics Summary Field Description Current Power Consumption /Stack Power Consumption by all ports in switch in mWatts (mW). (mWatts) Percentage Power Saving /Stack Percentage of power saved on all ports in switch when Green mode is enabled.

  • Page 90: Configure The Green Ethernet Eee Lpi History

    M4300 Series and M4300-96X Fully Managed Switches User Manual The following table describes the nonconfigurable fields. Table 31. Green Ethernet Interface Summary Field Description Interface Interface for which data is displayed or configured. EEE Admin mode Enable or disable Energy Efficient Ethernet mode on the port. When EEE mode is enabled, the port transitions to Low Power mode during Link Idle condition.

  • Page 91: Configure And Display Bonjour Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual Select the Interface. In the Sampling Interval field, enter the interval at which EEE LPI data is collected. This is a global setting and is applied to all interfaces. The range is 30 to 36000.The default value is 3600.

  • Page 92: Display Bonjour Information

    M4300 Series and M4300-96X Fully Managed Switches User Manual The default admin user name is admin and the default admin password is blank, that is, do not enter a password. Click the Login button. The System Information page displays. Select System > Management > Bonjour > Bonjour Configuration.

  • Page 93: Configure Dhcp Server Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual To refresh the page, click the Update button. The following table describes the nonconfigurable fields that are displayed. Table 33. Bonjour Published Services Field Description Service Name The Bonjour service names in the switch.
  • Page 94 M4300 Series and M4300-96X Fully Managed Switches User Manual Select the Admin Mode Disable or Enable radio button. This specifies whether the DHCP service is enabled or disabled. The default value is Disable. Use Ping Packet Count to specify the number of packets a server sends to a pool address to check for duplication as part of a ping operation.

  • Page 95: Configure The Dhcp Pool

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure the DHCP Pool  To configure the DHCP pool: Launch a web browser. In the address field of your web browser, enter the IP address of the switch. The login window opens.
  • Page 96 M4300 Series and M4300-96X Fully Managed Switches User Manual The following table describes the DHCP Pool Configuration fields. Table 34. DHCP Pool Configuration Field Description Pool Name* For a user with read/write permission, this field shows names of all the existing pools along with an additional option Create.

  • Page 97: Configure Dhcp Pool Options

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 34. DHCP Pool Configuration (continued) Field Description Days The number of days of the lease period. This field appears only if the user specified Specified Duration as the Lease time. The default value is 1.

  • Page 98: View Dhcp Server Statistics

    M4300 Series and M4300-96X Fully Managed Switches User Manual The default admin user name is admin and the default admin password is blank, that is, do not enter a password. Click the Login button. The System Information page displays. Select System > Services > DHCP Server> DHCP Pool Options.
  • Page 99 M4300 Series and M4300-96X Fully Managed Switches User Manual Select System > Services > DHCP Server > DHCP Server Statistics. The following table describes the DHCP Server Statistics fields. Table 35. DHCP Server Statistics Field Description Automatic Bindings The number of automatic bindings on the DHCP Server.

  • Page 100: View Dhcp Bindings Information

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 35. DHCP Server Statistics (continued) Field Description DHCPACK The number of DHCPACK messages sent by the DHCP Server. DHCPNAK The number of DHCPNAK messages sent by the DHCP Server. View DHCP Bindings Information ...

  • Page 101: View Dhcp Conflicts

    M4300 Series and M4300-96X Fully Managed Switches User Manual The following table describes the DHCP Bindings Information fields. Table 36. DHCP Bindings Information Field Description IP Address The client's IP address. Hardware Address The client's hardware address. Lease Time Left The Lease Time Left in Days, Hours and Minutes dd:hh:mm format.

  • Page 102: Configure The Dhcp Relay

    M4300 Series and M4300-96X Fully Managed Switches User Manual To display DHCP conflicts information, select one of the following radio buttons: All Address Conflicts. Specify all address conflicts to be deleted. • Specific Address Conflict. Specify a specific dynamic binding to be deleted.

  • Page 103: Dhcp L2 Relay

    M4300 Series and M4300-96X Fully Managed Switches User Manual Use Maximum Hop Count to enter the maximum number of hops a client request can take before being discarded. The range is (1 to 16). The default value is 4. Select the Admin mode Disable or Enable radio button.

  • Page 104: Configure A Dhcp L2 Relay Interface

    M4300 Series and M4300-96X Fully Managed Switches User Manual Click the Login button. The System Information page displays. Select System > Services > DHCP L2 Relay > DHCP L2 Relay Global Configuration. Select the Admin mode Disable or Enable radio button.

  • Page 105: View Dhcp L2 Relay Interface Statistics

    M4300 Series and M4300-96X Fully Managed Switches User Manual The default admin user name is admin and the default admin password is blank, that is, do not enter a password. Click the Login button. The System Information page displays. Select System > Services > DHCP L2 Relay > DHCP L2 Relay Interface Configuration.

  • Page 106: Configure Udp Relay Global Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual Select System > Services > DHCP L2 Relay > DHCP L2 Relay Interface Statistics. The following table describes the DHCP L2 Relay Interface Statistics fields. Table 39. DHCP L2 Relay Interface Statistics...
  • Page 107 M4300 Series and M4300-96X Fully Managed Switches User Manual Select the Admin mode Disable or Enable radio button. This enables or disables UDP Relay on the switch. The default value is Disable. Use Server Address to specify the UDP Relay Server Address in x.x.x.x format.

  • Page 108: Configure Udp Relay Interface Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual Your settings are saved. The Hit Count field displays the number of UDP packets that are detected on the UDP port. Configure UDP Relay Interface Settings  To configure UDP Relay Interface settings: Launch a web browser.

  • Page 109: Manage The Dhcpv6 Server

    M4300 Series and M4300-96X Fully Managed Switches User Manual pim-auto-rp. Relay PIM auto RP (UDP port 496) packets. • rip. Relay RIP (UDP port 520) packets • tacacs. Relay TACACS (UDP port 49) packet • tftp. Relay TFTP (UDP port 69) packets •...

  • Page 110: Configure The Dhcpv6 Pool

    M4300 Series and M4300-96X Fully Managed Switches User Manual Select the Admin mode Disable or Enable radio button. This specifies whether the DHCPv6 Service administrative mode is enabled or disabled The default value is Disable. Use the DHCPv6 Server DUID field to specify the DHCP Unique Identifier (DUID) of the DHCPv6 server.

  • Page 111: Configure The Dhcpv6 Prefix Delegation

    M4300 Series and M4300-96X Fully Managed Switches User Manual The Pool Name field shows the names of all the existing pools and the Create option. If you are logged in as a user with read-only permission, the Pool Note: Name field displays only the existing pool names. To create a pool, you must log in with the admin user name, which has read/write permissions.

  • Page 112: Configure Dhcpv6 Interface Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual Enter the user name and password. The default admin user name is admin and the default admin password is blank, that is, do not enter a password. Click the Login button.
  • Page 113 M4300 Series and M4300-96X Fully Managed Switches User Manual The default admin user name is admin and the default admin password is blank, that is, do not enter a password. Click the Login button. The System Information page displays. Select System > Services > DHCPv6 Server > DHCPv6 Interface Configuration.

  • Page 114: View Dhcpv6 Bindings Information

    M4300 Series and M4300-96X Fully Managed Switches User Manual View DHCPv6 Bindings Information You can view entries in the DHCP Bindings table. After a client acquires IPv6 configuration information from the DHCPv6 server, the server adds an entry to its database. The entry is called a binding.

  • Page 115: View Dhcpv6 Server Statistics

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 40. DHCPv6 Binding Information (continued) Field Description Client DUID The DHCPv6 Unique Identifier (DUID) of the client. The DUID is a combination of the client’s hardware address and client identifier.
  • Page 116 M4300 Series and M4300-96X Fully Managed Switches User Manual To view detailed DHCPv6 statistics for an interface, from the Interface list select the entry for which data is to be displayed. If you select All, data is shown for all interfaces.
  • Page 117 M4300 Series and M4300-96X Fully Managed Switches User Manual Table 41. DHCPv6 Server Statistics (continued) Field Description DHCPv6 Request Packets Received The number of requests. DHCPv6 Confirm Packets Received The number of DHCPv6 Confirm messages received on the interface. This type of message is sent by a client to all DHCPv6 servers to determine whether its configuration is valid for the connected link.

  • Page 118: Configure Dhcpv6 Relay For An Interface

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 41. DHCPv6 Server Statistics (continued) Field Description DHCPv6 Reconfig Packets The number of DHCPv6 reconfigure messages sent by the interface. Transmitted This type of message is sent by a server to a DHCPv6 client to inform the client that the server has new or updated information.

  • Page 119: Configure Power Over Ethernet

    M4300 Series and M4300-96X Fully Managed Switches User Manual Select the Interface with the information to view or configure. You take one of the following actions: In the Go To Interface field, enter the interface in unit/slot/port format and click the Go •...
  • Page 120 M4300 Series and M4300-96X Fully Managed Switches User Manual The Unit field displays the current PoE switch unit number. The Slot field displays the current PoE slot number for model M4300-96X. To configure the settings for a PoE switch unit, select the check box for the switch unit number.

  • Page 121: Configure Poe Ports

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 42. Nonconfigurable fields on the basic PoE Configuration page (continued) Field Description Power Source The source of the system power. Consumed Power Total power in watts that is being delivered to all ports.
  • Page 122 M4300 Series and M4300-96X Fully Managed Switches User Manual Legacy. Specifies that the port is powered using a high-inrush current, used by • legacy PDs for which startup power requirements exceed 15W. Pre-802.3at. Specifies that the port is powered in the IEEE 802.3af mode initially and •...

  • Page 123: Configure Poe Power Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 43. Nonconfigurable fields on the Advanced PoE Configuration page (continued) Field Description Class The Class defines the range of power a PD is drawing from the system. Class definitions: 0 – 0.44-12.95 (watts) 1 –...
  • Page 124 In the Power Status section, from the Unit ID menu, select the unit for which you want to display the power status. For switch model M4300-96X only, select the Power Auto-rebalance Enable or Disable radio button. By default, the Enable radio button is selected. However, you can disable automatic power rebalancing among the PSU bays (power module slots) on switch model M4300-96X.
  • Page 125 M4300 Series and M4300-96X Fully Managed Switches User Manual The following table describes the nonconfigurable fields in the Power Redundancy Configuration section. Field Description N+1 Active Displays whether the N+1 power redundancy feature is enabled. The possible values are Yes (enabled) and No (disabled).

  • Page 126: Configure Snmp

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure SNMP You can configure SNMP settings for SNMP V1/V2 and SNMPv3. Configure the SNMP V1/V2 Community By default, two SNMP communities exist: Private, with read/write privileges and status set to Enable.

  • Page 127: Configure Snmp V1/V2 Trap Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual Client Address. Taken together, the Client Address and Client IP Mask denote a range of IP addresses from which SNMP clients can use that community to access this device. If either (Client Address or IP Mask) value is 0.0.0.0, access is allowed from any IP address.
  • Page 128 M4300 Series and M4300-96X Fully Managed Switches User Manual In the Source Interface list, select the source interface to use for SNMP Trap receiver. Possible values are as follows: Routing interface • Routing VLAN • Routing loopback interface • Tunnel interface •...

  • Page 129: Configure Snmp V1/V2 Trap Flags

    M4300 Series and M4300-96X Fully Managed Switches User Manual Click the Apply button. Your settings are saved. Configure SNMP V1/V2 Trap Flags You can enable or disable traps. When the condition identified by an active trap is encountered by the switch, a trap message is sent to any enabled SNMP Trap Receivers, and a message is written to the trap log.

  • Page 130: View The Supported Mibs

    M4300 Series and M4300-96X Fully Managed Switches User Manual Select the Authentication Disable or Enable radio button. This enables or disables activation of authentication failure traps. The factory default is Enable. Select the Link Up/Down Disable or Enable radio button This enables or disables activation of link status traps.The factory default is Enable.

  • Page 131: Configure Snmp V3 Users

    M4300 Series and M4300-96X Fully Managed Switches User Manual The following table describes the SNMP Supported MIBs Status fields. Table 44. SNMP Supported MIBs Field Description Name The RFC number if applicable and the name of the MIB. Description The RFC title or MIB description.
  • Page 132 M4300 Series and M4300-96X Fully Managed Switches User Manual In the User Name list, select the user account to be configured. The SNMP v3 Access mode field indicates the SNMPv3 access privileges for the user account. The admin account has read/write access, and all other accounts are assigned read-only access.

  • Page 133: Configure Lldp

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure LLDP The IEEE 802.1AB-defined standard, Link Layer Discovery Protocol (LLDP), allows stations on an 802 LAN to advertise major capabilities and physical descriptions. This information is viewed by a network manager to identify system topology and detect bad configurations on the LAN.

  • Page 134: Configure The Lldp Interface

    M4300 Series and M4300-96X Fully Managed Switches User Manual Select System > LLDP > Global Configuration. In the Transmit Interval field, enter the interval in seconds to transmit LLDP frames. The range is from 5 to 32768 secs. The default value is 30 seconds.

  • Page 135: View Lldp Statistics

    M4300 Series and M4300-96X Fully Managed Switches User Manual Select System > LLDP > Interface Configuration. Use Go To Port to enter the Port in unit/slot/port format and click the Go button. The entry corresponding to the specified Port, is selected.
  • Page 136 M4300 Series and M4300-96X Fully Managed Switches User Manual The System Information page displays. Select System > LLDP > Statistics. The following table describes the LLDP Statistics fields. Table 45. LLDP Statistics Field Description Last Update The time when an entry was created, modified or deleted in the tables associated with the remote system.

  • Page 137: View Lldp Local Device Information

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 45. LLDP Statistics (continued) Field Description Discards The number of LLDP TLVs discarded for any reason by the LLDP agent on the corresponding port. Errors The number of invalid LLDP frames received by the LLDP agent on the corresponding port, while the LLDP agent is enabled.
  • Page 138 M4300 Series and M4300-96X Fully Managed Switches User Manual In Interface list, select the ports on which LLDP - 802.1AB frames can be transmitted. The following table describes the LLDP Local Device Information fields. Table 46. LLDP Local Device Information...

  • Page 139: View Lldp Remote Device Information

    M4300 Series and M4300-96X Fully Managed Switches User Manual View LLDP Remote Device Information You can view information on remote devices connected to the port.  To view LLDP remote device information: Launch a web browser. In the address field of your web browser, enter the IP address of the switch.

  • Page 140: View Lldp Remote Device Inventory

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 47. LLDP Remote Device Information (continued) Field Description System Capabilities Enabled The system capabilities of the remote system which are supported and enabled. Time to Live The Time To Live value in seconds of the received remote entry.

  • Page 141: Configure Lldp-Med Global Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 48. LLDP Remote Device Inventory (continued) Field Description MAC Address The MAC address associated with the remote system. System Name Specifies model name of the remote device. Remote Port ID The port component associated with the remote system.

  • Page 142: Configure Lldp-Med Interface

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure LLDP-MED Interface  To configure LLDP-MED Interface Launch a web browser. In the address field of your web browser, enter the IP address of the switch. The login window opens.

  • Page 143: View Lldp-Med Local Device Information

    M4300 Series and M4300-96X Fully Managed Switches User Manual Extended Power via MDI - PD. To transmit the extended PD TLV in LLDP frames. • Inventory Information. To transmit the inventory TLV in LLDP frames. • Click the Apply button.

  • Page 144: View Lldp-Med Remote Device Information

    M4300 Series and M4300-96X Fully Managed Switches User Manual The following table describes the LLDP-MED Local Device Information fields.L Table 49. LDP-MED Local Device Information Field Description Network Policy Information: Specifies if network policy TLV is present in the LLDP frames.
  • Page 145 M4300 Series and M4300-96X Fully Managed Switches User Manual Select System > LLDP > LLDP-MED > Remote Device Information. Use Interface to select the ports on which LLDP-MED is enabled. The following table describes the LLDP-MED Remote Device Information fields.
  • Page 146 M4300 Series and M4300-96X Fully Managed Switches User Manual Table 50. LLDP-MED Remote Device Information (continued) Field Description Network Policy Information: Specifies if network policy TLV is received in the LLDP frames on this port. Media Application Type The application type. Types of application types are unknown, voicesignaling, guestvoice, guestvoicesignalling, softphonevoice, videoconferencing, streammingvideo, vidoesignalling.

  • Page 147: View Lldp-Med Remote Device Inventory

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 50. LLDP-MED Remote Device Information (continued) Field Description Extended POE PD: Specifies if extended PD TLV is received in LLDP frame on this port. Required The remote port's PD power requirement.

  • Page 148: Configure Link Dependency

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure Link Dependency The link dependency feature provides the ability to enable or disable one or more ports based on the link state of one or more different ports. With link dependency enabled on a port, the link state of that port is dependent on the link state of another port.

  • Page 149: Configure A Link Dependency Interface

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure a Link Dependency Interface  To configure a link dependency interface: Launch a web browser. In the address field of your web browser, enter the IP address of the switch.
  • Page 150 M4300 Series and M4300-96X Fully Managed Switches User Manual Use All to display all physical ports and LAGs. • Use one of the following methods to select an interface: Use the Go To Interface field by entering the interface in unit/slot/port format and •...

  • Page 151: Configure Isdp

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure ISDP You can configure ISDP global and interface settings. Configure ISDP Basic Global Settings  To configure ISDP basic global settings: Launch a web browser. In the address field of your web browser, enter the IP address of the switch.

  • Page 152: Configure Isdp Global Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual This enables or disables the sending of ISDP version 2 packets from the device. The default value is Enabled. Click the Apply button. Your settings are saved. The following table describes the ISDP Basic Global Configuration fields.

  • Page 153: Configure An Isdp Interface

    M4300 Series and M4300-96X Fully Managed Switches User Manual Select the Admin mode Disable or Enable radio button. This specifies whether the ISDP Service is enabled or disabled. The default value is Enable. In the Timer field, specify the period of time between sending new ISDP packets.

  • Page 154: View An Isdp Neighbor

    M4300 Series and M4300-96X Fully Managed Switches User Manual Use Port to select the port on which the admin mode is configured. Use Admin mode to enable or disable ISDP on the port. The default value is Enable. Click the Apply button.

  • Page 155: View Isdp Statistics

    M4300 Series and M4300-96X Fully Managed Switches User Manual The following table describes the ISDP Neighbor fields. Table 56. ISDP Neighbor Field Description Device ID The device ID of the ISDP neighbor. Interface The interface on which the neighbor is discovered.
  • Page 156 M4300 Series and M4300-96X Fully Managed Switches User Manual Select System > ISDP > Advanced > Statistics. The following table describes the ISDP Statistics fields. Table 57. ISDP Statistics Field Description ISDP Packets Received The ISDP packets received including ISDPv1 and ISDPv2 packets.

  • Page 157: Timer Schedules

    M4300 Series and M4300-96X Fully Managed Switches User Manual Timer Schedules You can configure the global timer settings and set up timer schedules. Configure the Global Timer Settings  To add or delete a global timer schedule: Launch a web browser.
  • Page 158 M4300 Series and M4300-96X Fully Managed Switches User Manual The default admin user name is admin and the default admin password is blank, that is, do not enter a password. Click the Login button. The System Information page displays. Select System > Services > Timer Schedule > Advanced > Schedule Configuration.
  • Page 159 M4300 Series and M4300-96X Fully Managed Switches User Manual Daily mode. Every WeekDay selection means that the schedule is triggered every day from Monday to Friday. Every Day(s) selection means that the schedule is triggered every defined number of days. If number of days is not specified, then the schedule is triggered every day.

  • Page 160: Chapter 3 Stacking

    Stacking This chapter covers the following topics: • M4300 Series Switch Stacking Overview • Firmware Synchronization and Upgrade • Stack Configuration Maintenance • Stack Master Election • Stack Factory Defaults Reset Behavior • Stack NSF • Configure a Stack •...

  • Page 161: M4300 Series Switch Stacking Overview

    M4300 Series and M4300-96X Fully Managed Switches User Manual M4300 Series Switch Stacking Overview A stackable switch is a switch that is fully functional operating as a stand-alone unit but can also be set-up to operate together with up to seven other switches. This group of switches shows the characteristics of a single switch while having the port capacity of the sum of the combined switches.

  • Page 162: Stack Configuration Maintenance

    M4300 Series and M4300-96X Fully Managed Switches User Manual We recommend that you set the active image for all stack members Note: the same as the active image of the stack master. In other words, if image1 is the active image on the stack master, all units must use image1 as the active image.

  • Page 163: Stack Factory Defaults Reset Behavior

    M4300 Series and M4300-96X Fully Managed Switches User Manual Stack Factory Defaults Reset Behavior If the stack master is reset to the factory default settings (see Reset the Switch to Its Factory on page 657), the stack master applies the default settings to all the stack Default Settings members and resets the stack, including all participating stack members.

  • Page 164: Configure A Stack

    M4300 Series and M4300-96X Fully Managed Switches User Manual For NSF to be effective, adjacent networking devices must not reroute traffic around the restarting device. The switch uses three techniques to prevent traffic from being rerouted: A protocol can distribute a part of its control plane to stack units so that the protocol can •...

  • Page 165: Specify The Stack Sample Mode

    M4300 Series and M4300-96X Fully Managed Switches User Manual The Management Unit Selected menu displays the current primary management unit. To change the primary management unit, select another unit ID of the stack member to become the stack master. A message displays to notify you that moving stack management unconfigures the entire stack including all interfaces.

  • Page 166: Configure A Stack Member

    M4300 Series and M4300-96X Fully Managed Switches User Manual The valid range is 100 to 500. Click the Apply button. Your settings are saved. Configure a Stack Member  To configure a stack member before adding it to the stack: Launch a web browser.

  • Page 167: Change The Settings For An Existing Stack Member

    M4300 Series and M4300-96X Fully Managed Switches User Manual Change the Settings for an Existing Stack Member  To change the settings for an existing stack member: Launch a web browser. In the address field of your web browser, enter the IP address of the switch.
  • Page 168 M4300 Series and M4300-96X Fully Managed Switches User Manual The following table describes the nonconfigurable Stack Configuration fields. Table 58. Stack Configuration Field Description Hardware Management The hardware management preference of the switch. The hardware Preference management preference can be disabled or unassigned.

  • Page 169: Configure The Mode Of The Stack Ports

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 59. Stack Status nonconfigurable fields (continued) Field Description Switch Status The status of the selected unit. Possible values are as follows: OK. The unit is connected and works properly. •...
  • Page 170 M4300 Series and M4300-96X Fully Managed Switches User Manual The System Information page displays. Select System > Stacking > Advanced > Stack Port Configuration. The page is shown in two parts. Select the check box associated with the unit and port to configure: From the Configured Stack mode field, select the operating mode of the port to be either: Stack.

  • Page 171: Run Stack Port Diagnostics

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 60. Stack Port Configuration (continued) Field Description Link Speed (Gbps) The maximum speed of the stacking port. Transmit Data Rate (Mbps) The approximate transmit rate on the stacking port. Transmit Error Rate The number of errors in transmit packets per second.

  • Page 172: Configure Stack Firmware Synchronization

    M4300 Series and M4300-96X Fully Managed Switches User Manual Select Unit ID to display the packet path starting from the selected unit. Select All to display the packet path from all the units in the stack. To refresh the page with the latest information on the switch, click the Update button.

  • Page 173: View Nsf Summary Data

    M4300 Series and M4300-96X Fully Managed Switches User Manual Specify whether Stack Firmware Auto Upgrade is enabled or disabled. This feature determines what to do when a new member attempts to join the stack, and its firmware does not match the version running on the master.
  • Page 174 M4300 Series and M4300-96X Fully Managed Switches User Manual Use the Admin Status radio button to enable or disable the NSF feature on the stack. When enabled, the stack selects a backup unit. Applications on the management unit copy data to the backup unit.

  • Page 175: View Nsf Checkpoint Statistics

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 63. NSF Summary (continued) Field Description Restart In Progress Indicates whether a restart is in progress. A restart is not considered complete until all hardware tables are fully reconciled. Warm Restart Ready Indicates whether the initial full checkpoint finished.
  • Page 176 M4300 Series and M4300-96X Fully Managed Switches User Manual To refresh the page with the latest information on the switch, click the Update button. The following table describes the nonconfigurable information that is displayed. Table 64. NSF Checkpoint Statistics Field...

  • Page 177: Chapter 4 Configure Switching Information

    Configure Switching Information This chapter covers the following topics: • Configure VLANs • Auto-VoIP • iSCSI Overview • Spanning Tree Protocol • Multicast • Configure MVR • MAC Address Table • Port Settings • Link Aggregation Groups • Multiple Registration Protocol Overview •...

  • Page 178: Configure Vlans

    You can define VLAN groups stored in the VLAN membership table. Each switch in the M4300 Series and M4300-96X family supports up to 1024 VLANs. VLAN 1 is created by default and is the default VLAN of which all ports are members.
  • Page 179 M4300 Series and M4300-96X Fully Managed Switches User Manual Select Switching> VLAN > Basic > VLAN Configuration. To reset VLAN settings to their default values, select the Reset Configuration check box. The factory default values are as follows: All ports are assigned to the default VLAN of 1.

  • Page 180: Reset The Vlan Configuration To Default Setting

    M4300 Series and M4300-96X Fully Managed Switches User Manual The VLAN name can be up to 32 alphanumeric characters long, including blanks. The default is blank. VLAN ID 1 always uses the name Default. The VLAN Type field identifies the type of the VLAN you are configuring. You cannot change the type of the default VLAN (VLAN ID = 1): it is always type Default.

  • Page 181: Configure An Internal Vlan

    M4300 Series and M4300-96X Fully Managed Switches User Manual Select the Reset Configuration check box. WARNING: If you select this button and confirm your selection on the next page, all VLAN configuration parameters are reset to their factory default values.

  • Page 182: Configure Vlan Trunking

    M4300 Series and M4300-96X Fully Managed Switches User Manual Select Switching> VLAN > Advanced > VLAN Configuration. In the Internal VLAN Allocation Base field, specify the VLAN allocation base for the routing interface. You can enter a value from 1 to 4093.
  • Page 183 M4300 Series and M4300-96X Fully Managed Switches User Manual Select Switching> VLAN > Advanced > VLAN Trunking Configuration. To specify which interfaces are displayed on the page, select one of the following options: Select the Unit ID field to display physical port information for the selected unit.

  • Page 184: Configure Vlan Membership

    M4300 Series and M4300-96X Fully Managed Switches User Manual Select from the list to configure the Native VLAN ID. This is the native VLAN for the port, and is valid only when the port switchport mode is Trunk. Configure the Trunk Allowed VLANs.
  • Page 185 M4300 Series and M4300-96X Fully Managed Switches User Manual In the VLAN ID list, select the VLAN ID. In the Group Operation list, select all the ports and configure them: Untag All. Select all the ports on which all frames transmitted for this VLAN are •...

  • Page 186: View Vlan Status

    M4300 Series and M4300-96X Fully Managed Switches User Manual The following table describes the nonconfigurable information displayed on the page. Table 65. Advanced VLAN Membership Field Definition VLAN Name The name for the VLAN that you selected. It can be up to 32 alphanumeric characters long, including blanks.

  • Page 187: Configure Port Pvid Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual The following table describes the nonconfigurable information displayed on the page. Table 66. VLAN Status Field Definition VLAN ID The VLAN identifier (VID) of the VLAN. The range of the VLAN ID is 1 to 4093.
  • Page 188 M4300 Series and M4300-96X Fully Managed Switches User Manual To display information for all physical ports and LAGs, click the ALL button. Select the interfaces. Select the Interface check box next to the interfaces. You can select multiple interfaces. To select all the interfaces, select the Interface check box in the heading row.

  • Page 189: Configure A Mac-Based Vlan

    M4300 Series and M4300-96X Fully Managed Switches User Manual When disabled, all frames are forwarded in accordance with the 802.1Q VLAN bridge • specification. The factory default is disabled. In the Port Priority field, specify the default 802.1p priority assigned to untagged packets arriving at the port.

  • Page 190: Configure Protocol-Based Vlan Groups

    M4300 Series and M4300-96X Fully Managed Switches User Manual In the MAC Address field, type a valid MAC address to be bound to a VLAN ID. This field is configurable only when a MAC-based VLAN is created. In the VLAN ID field, specify a VLAN ID in the range of 1 to 4093.

  • Page 191: Configure Protocol-Based Vlan Group Membership

    M4300 Series and M4300-96X Fully Managed Switches User Manual In the Group Name field, type a name for the new group. You can enter up to 16 characters. In the Protocol field, select the protocols to be associated with the group.

  • Page 192: Configure An Ip Subnet-Based Vlan

    M4300 Series and M4300-96X Fully Managed Switches User Manual In the Group ID list, select the protocol-based VLAN group ID. Select port numbers (1, 2, 3, and so on) to select ports to add to this protocol-based VLAN group. An interface can belong to only one group for a given protocol. If you already added a port to a group for IP, you cannot add it to another group that also includes IP, although you can add it to a new group for IPX.

  • Page 193: Configure A Port Dvlan

    M4300 Series and M4300-96X Fully Managed Switches User Manual Enter the user name and password. The default admin user name is admin and the default admin password is blank, that is, do not enter a password. Click the Login button.

  • Page 194: Configure A Voice Vlan

    M4300 Series and M4300-96X Fully Managed Switches User Manual Select Switching> VLAN > Advanced > Port DVLAN Configuration. Select Interface check boxes to select the physical interface. To select all ports, select the Interface check box at the top of the column.
  • Page 195 M4300 Series and M4300-96X Fully Managed Switches User Manual The default admin user name is admin and the default admin password is blank, that is, do not enter a password. Click the Login button. The System Information page displays. Select Switching> VLAN > Advanced > Voice VLAN Configuration.

  • Page 196: Configure Garp Switch Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual In the DSCP Value field, configure the Voice VLAN DSCP value for the port. The valid range is 0 to 64. The default value is 0. The Operational State field displays the operational status of the voice VLAN on the interface.

  • Page 197: Configure Garp Port

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure GARP Port It can take up to 10 seconds for GARP configuration changes to take Note: effect.  To configure GARP port: Launch a web browser. In the address field of your web browser, enter the IP address of the switch.

  • Page 198: Auto-Voip

    M4300 Series and M4300-96X Fully Managed Switches User Manual In the Join Time (centiseconds) field, specify the time between the transmission of GARP PDUs registering (or re-registering) membership for a VLAN or multicast group in centiseconds. Enter a number between 10 and 100 (0.1 to 1.0 seconds). The factory default is 20 centiseconds (0.2 seconds).

  • Page 199: Configure Auto-Voip Oui-Based Properties

    M4300 Series and M4300-96X Fully Managed Switches User Manual In the Prioritization Type field, select Traffic Class or Remark. This specifies the type of prioritization. In the Class Value list, specify the CoS tag value to be reassigned for packets received on the voice VLAN when Remark CoS is enabled.

  • Page 200: Oui-Based Port Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual In the VoIP VLAN ID field, type the VoIP VLAN ID of the switch. There is no default VLAN for auto-VoIP, you must create a VLAN for it first. In the OUI-based priority list, select the OUI-based priority of the switch.

  • Page 201: Add A New Entry To The Oui Table

    M4300 Series and M4300-96X Fully Managed Switches User Manual Use one of the following methods to select an interface: In the Go To Interface field, enter the interface in the unit/slot/port format and click on • the Go button. Next to the Interface column, select the check box for the interface that you want to •...

  • Page 202: Delete Entries From The Oui Table

    M4300 Series and M4300-96X Fully Managed Switches User Manual Up to 128 OUIs can be configured. In the Description field, enter the description for the OUI. The maximum length of description is 32 characters. The following OUIs are present in...

  • Page 203: View The Auto-Voip Status

    M4300 Series and M4300-96X Fully Managed Switches User Manual View the Auto-VoIP Status  To view the auto-VoIP status: Launch a web browser. In the address field of your web browser, enter the IP address of the switch. The login window opens.

  • Page 204: Configure Global Iscsi Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual In networks containing iSCSI initiators and targets, iSCSI helps to monitor iSCSI sessions or give iSCSI traffic preferential Quality of Service (QoS) treatment. Dynamically-generated classifier rules are used to direct the iSCSI data traffic to queues that can be given the desired preference characteristics over other data traveling through the switch.
  • Page 205 M4300 Series and M4300-96X Fully Managed Switches User Manual This globally enables or disables the iSCSI Optimization feature. By default, iSCSI Optimization is disabled. Select the QoS Profile VLAN Priority Tag or DSCP radio button. This specifies the Quality of Service (QoS) profile that is applied to iSCSI flows. By default, iSCSI flows are assigned to the highest VLAN Priority tag (VPT)/DSCP mapped to the highest queue not used for switch management or voice VLAN.

  • Page 206: View Iscsi Sessions

    M4300 Series and M4300-96X Fully Managed Switches User Manual View iSCSI Sessions  To view active iSCSI session information: Launch a web browser. In the address field of your web browser, enter the IP address of the switch. The login window opens.

  • Page 207: View Iscsi Sessions

    M4300 Series and M4300-96X Fully Managed Switches User Manual The default admin user name is admin and the default admin password is blank, that is, do not enter a password. Click the Login button. The System Information page displays. Select Switching > iSCSI > Advanced > iSCSI Targets.

  • Page 208: View Iscsi Session Details

    M4300 Series and M4300-96X Fully Managed Switches User Manual The following describes the nonconfigurable iSCSI Sessions information that is displayed. Table 71. iSCSI Sessions Field Description Target Name The target’s name. Initiator Name The initiator’s name. Initiator Session ID (ISID)

  • Page 209: Spanning Tree Protocol

    M4300 Series and M4300-96X Fully Managed Switches User Manual To refresh the page with the latest information on the switch, click the Update button. The following table describes the nonconfigurable iSCSI Sessions Detailed information. Table 72. iSCSI Sessions Detailed Field...

  • Page 210: Configure Basic Stp Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual For two bridges to be in the same region, the force version must be Note: 802.1s and their configuration name, digest key, and revision level must match. For additional information about regions and their effect on network topology, refer to the IEEE standard.
  • Page 211 M4300 Series and M4300-96X Fully Managed Switches User Manual The options are IEEE 802.1d, IEEE 802.1w, IEEE 802.1s, PVST, and RPVST. Use Configuration Name to specify an identifier used to identify the configuration currently being used. It can be up to 32 alphanumeric characters.

  • Page 212: Configure Advanced Stp Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual The following table describes the nonconfigurable fields. Table 73. STP Configuration Field Description Configuration Digest Key Identifier used to identify the configuration currently being used. Configuration Format Selector The version of the configuration format being used in the exchange of BPDUs.
  • Page 213 M4300 Series and M4300-96X Fully Managed Switches User Manual Select the Admin Mode Disable or Enable radio button. This specifies whether spanning tree operation is enabled on the switch. The default is Enable. Use Force Protocol Version to specify the Force Protocol Version parameter for the switch.
  • Page 214 M4300 Series and M4300-96X Fully Managed Switches User Manual Select the BPDU Filter Disable or Enable radio button. This specifies whether the BPDU Filter feature is enabled. STP BPDU filtering applies to all operational edge ports. Edge Port in an operational state is supposed to be connected to hosts that typically drop BPDUs.

  • Page 215: Configure Cst Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure CST Settings You can configure Common Spanning Tree (CST) and Internal Spanning Tree on the switch.  To configure CST settings: Launch a web browser. In the address field of your web browser, enter the IP address of the switch.
  • Page 216 M4300 Series and M4300-96X Fully Managed Switches User Manual set to the next lowest priority that is a multiple of 4096. For example, if the priority is attempted to be set to any value between 0 and 4095, it is set to 0. The default priority is 32768.

  • Page 217: Configure Cst Port Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 75. STP Advanced CST Configuration Field Description Forward Delay(secs) Derived value of the Root Port Bridge Forward Delay parameter. Hold Time(secs) Minimum time between transmission of Configuration BPDUs. CST Regional Root Priority and base MAC address of the CST Regional Root.
  • Page 218 M4300 Series and M4300-96X Fully Managed Switches User Manual The port priority is set in multiples of 16. For example if the priority is attempted to be set to any value between 0 and 15, it is set to 0. If it is tried to be set to any value between 16 and (2*16-1) it is set to 16 and so on.

  • Page 219: View Cst Port Status

    M4300 Series and M4300-96X Fully Managed Switches User Manual The following table describes the nonconfigurable information displayed on the page. Table 76. CST Port Configuration Field Description Auto Calculated Port Path Cost Displays whether the path cost is automatically calculated (Enabled) or not (Disabled).
  • Page 220 M4300 Series and M4300-96X Fully Managed Switches User Manual To refresh the page with the latest information on the switch, click the Update button. The following table describes the CST Status information displayed on the page. Table 77. CST Port Status...

  • Page 221: Configure Mst Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 77. CST Port Status (continued) Field Description Topology Change Acknowledge Identifies whether the topology change acknowledgement flag is set for the next BPDU to be transmitted for this port. It is either True or False.
  • Page 222 M4300 Series and M4300-96X Fully Managed Switches User Manual To add a new MST, do the following: a. Configure the MST values, MST ID. Specify the ID of the MST to create. The valid values for this are 1 to •...

  • Page 223: View The Spanning Tree Mst Port Status

    M4300 Series and M4300-96X Fully Managed Switches User Manual For each configured instance, the information described in the following table displays on the page. Table 78. MST Configuration Field Description Bridge Identifier The bridge identifier for the selected MST instance. It is made up using the bridge priority and the base MAC address of the bridge.
  • Page 224 M4300 Series and M4300-96X Fully Managed Switches User Manual If no MST instances were configured on the switch, the page displays Note: a No MSTs Available message and does not display the fields shown in the field description table that follows.

  • Page 225: View Stp Statistics

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 79. MST Port Status (continued) Field Description Port Uptime Since Last Clear Time since the counters were last cleared, displayed in Days, Hours, Counters Minutes, and Seconds. Port Mode Spanning Tree Protocol Administrative mode associated with the port or port channel.

  • Page 226: Configure Pvst Vlan Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual To refresh the page with the latest information on the switch, click the Update button. The following table describes the information available on the STP Statistics page. Table 80. STP Statistics...
  • Page 227 M4300 Series and M4300-96X Fully Managed Switches User Manual Select Switching > STP > Advanced > PVST VLAN in the navigation menu. Select a VLAN ID, a unique VLAN identifier, from the list of VLANs with enabled STP Admin mode and PVST or RPVST.

  • Page 228: Configure The Pvst Interface Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 81. PVST/RPVST VLAN Configuration - VLAN Bridge Priority 24576 28672 32768 (default) 36864 40960 45056 49152 53248 57344 61440 The default value is 32768. If the value configured is not among the specified values, then it is rounded off to the nearest valid value.
  • Page 229 M4300 Series and M4300-96X Fully Managed Switches User Manual Select a VLAN ID from the list of VLANs with enabled STP Admin mode and PVST or RPVST. The Other option is used for configuring a VLAN which is not yet Note: created.

  • Page 230: View Pvst Statistics

    M4300 Series and M4300-96X Fully Managed Switches User Manual Your settings are saved. The following table describes the nonconfigurable information that the PVST/RPVST Interface Configuration page displays. Table 83. PVST/RPVST Interface Configuration Field Description Interface The list of physical interfaces and LAGs.

  • Page 231: Multicast

    M4300 Series and M4300-96X Fully Managed Switches User Manual To refresh the page with the latest information on the switch, click the Update button. The Status field displays Neither PVST nor Rapid-PVST is enabled. If you change the STP mode to PVST or to RPVST, the page displays statistic information.

  • Page 232: View The Mfdb Statistics

    M4300 Series and M4300-96X Fully Managed Switches User Manual Use Search by MAC Address to enter a MAC address. Enter six two-digit hexadecimal numbers separated by colons, for example 00:01:23:43:45:67. Click the GO button. If the address exists, that entry is displayed. An exact match is required.

  • Page 233: Igmp Snooping

    M4300 Series and M4300-96X Fully Managed Switches User Manual Click the Login button. The System Information page displays. Select Switching > Multicast > MFDB > MFDB Statistics. The following table describes the MFDB Statistics fields. Table 85. MFDB Statistics Field...

  • Page 234: Configure Igmp Snooping

    M4300 Series and M4300-96X Fully Managed Switches User Manual wasting bandwidth is even worse when the LAN segment is not shared, for example in full-duplex links. Allowing switches to snoop IGMP packets is a creative effort to solve this problem. The switch uses the information in the IGMP packets as they are being forwarded throughout the network to determine which segments receive packets directed to the group address.

  • Page 235: Configure Igmp Snooping For Interfaces

    M4300 Series and M4300-96X Fully Managed Switches User Manual This specifies the administrative mode for IGMP snooping for the switch. The default is Disable. Use the Validate IGMP IP header option to Enable or Disable header validation for all IGMP versions.
  • Page 236 M4300 Series and M4300-96X Fully Managed Switches User Manual The page lists all physical, VLAN, and LAG interfaces. Use the Interface check boxes to select interfaces. In the Admin Mode field, select Disable or Enable. This specifies the interface mode for the selected interface for IGMP snooping for the switch.

  • Page 237: Configure Igmp Snooping For Vlans

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure IGMP Snooping for VLANs  To configure IGMP snooping settings for VLANs: Launch a web browser. In the address field of your web browser, enter the IP address of the switch.

  • Page 238: Configure A Multicast Router

    M4300 Series and M4300-96X Fully Managed Switches User Manual Enable or Disable the Proxy Querier Mode for the specified VLAN ID. If proxy • querier mode is disabled, then IGMP proxy query with source IP 0.0.0.0 is not sent in response to an IGMP leave packet. The default is Enable.

  • Page 239: Configure A Multicast Router Vlan

    M4300 Series and M4300-96X Fully Managed Switches User Manual Use Interface to select the physical interface. In the Multicast Router field, select Enable or Disable. Click the Apply button. Your settings are saved. Configure a Multicast Router VLAN You can configure an interface to forward the snooped IGMP packets from a specific VLAN only to the multicast router that is connected to the interface.

  • Page 240: Igmp Snooping Querier Overview

    M4300 Series and M4300-96X Fully Managed Switches User Manual Use Interface to select the interface. Use VLAN ID to select the VLAN ID. In the Multicast Router field, select Enable or Disable. Click the Apply button. Your settings are saved.
  • Page 241 M4300 Series and M4300-96X Fully Managed Switches User Manual Click the Login button. The System Information page displays. Select Switching> Multicast > IGMP Snooping > Querier Configuration. Use Querier Admin Mode to select the administrative mode for IGMP snooping for the switch.

  • Page 242: Configure Igmp Snooping Querier For Vlans

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure IGMP Snooping Querier for VLANs You can configure IGMP queriers for use with VLANs on the network.  To configure querier VLAN settings: Launch a web browser. In the address field of your web browser, enter the IP address of the switch.

  • Page 243: Configure Mld Snooping

    M4300 Series and M4300-96X Fully Managed Switches User Manual The following table describes the nonconfigurable information displayed on the page. Table 87. Querier VLAN Configuration Field Description Operational State The operational state of the IGMP snooping querier on a VLAN. It can be in any of the following states: Querier: The snooping switch is the querier in the VLAN.
  • Page 244 M4300 Series and M4300-96X Fully Managed Switches User Manual Use MLD Snooping Admin Mode to select the administrative mode for MLD snooping for the switch. The default is Disable. Select the Proxy Querier Mode Enable or Disable radio button. This enables or disables an MLD proxy querier on the system. If it is disabled, then an MLD proxy query with source IP 0::0 is not sent in response to an MLD leave packet.

  • Page 245: Configure A Mld Snooping Interface

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure a MLD Snooping Interface  To configure a MLD snooping interface: Launch a web browser. In the address field of your web browser, enter the IP address of the switch.

  • Page 246: Configure Mld Vlan Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual Enter a value greater than or equal to 1 and less than the group membership interval in seconds. The default is 10 seconds. The configured value must be less than the group membership interval.
  • Page 247 M4300 Series and M4300-96X Fully Managed Switches User Manual Use VLAN ID to set the VLAN IDs for which MLD snooping is enabled. Use Fast Leave Admin Mode to enable or disable the MLD snooping Fast Leave Mode for the specified VLAN ID.

  • Page 248: Enable Or Disable A Multicast Router On An Interface

    M4300 Series and M4300-96X Fully Managed Switches User Manual Enable or Disable a Multicast Router on an Interface  To enable or disable a multicast router on an interface: Launch a web browser. In the address field of your web browser, enter the IP address of the switch.

  • Page 249: Configure Mld Snooping Querier

    M4300 Series and M4300-96X Fully Managed Switches User Manual Click the Login button. The System Information page displays. Select Switching> Multicast > MLD Snooping > Multicast Router VLAN Configuration. From the Interface menu, select the interface for which you want to enable or disable the multicast router configuration.
  • Page 250 M4300 Series and M4300-96X Fully Managed Switches User Manual Use Querier Admin Mode to select the administrative mode for MLD snooping for the switch. The default is Disable. Use Querier Address to specify the snooping querier address to be used as source address in periodic MLD queries.

  • Page 251: Configure Mld Snooping Querier Vlan Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure MLD Snooping Querier VLAN Settings  To configure MLD snooping querier VLAN settings: Launch a web browser. In the address field of your web browser, enter the IP address of the switch.

  • Page 252: Configure Mvr

    M4300 Series and M4300-96X Fully Managed Switches User Manual The following table describes the nonconfigurable information displayed on the page. Table 89. Querier VLAN Configuration Field Description Operational State The operational state of the MLD snooping querier on a VLAN. It can be in any of the following states: Querier: Snooping switch is the querier in the VLAN.
  • Page 253 M4300 Series and M4300-96X Fully Managed Switches User Manual Use MVR Running to Enable or Disable the MVR feature. The factory default is Disable. Use MVR Multicast VLAN to specify the VLAN on which MVR multicast data is received. All source ports belong to this VLAN. The value can be set in a range of 1 to 4093. The default value is 1.

  • Page 254: Configure Advanced Mvr Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure Advanced MVR Settings  To configure advanced MVR settings: Launch a web browser. In the address field of your web browser, enter the IP address of the switch. The login window opens.

  • Page 255: Configure An Mvr Group

    M4300 Series and M4300-96X Fully Managed Switches User Manual The following table describes the nonconfigurable information displayed on the page. Table 91. Advanced MVR Configuration Field Definition MVR Max Multicast Groups The maximum number of multicast groups that MVR supports.

  • Page 256: Configure An Mvr Interface

    M4300 Series and M4300-96X Fully Managed Switches User Manual The following table describes the nonconfigurable information displayed on the page. Table 92. MVR Group Configuration Field Definition Status The status of the specific MVR group. Members The list of ports that participate in the specific MVR group.

  • Page 257: Configure Mvr Group Membership

    M4300 Series and M4300-96X Fully Managed Switches User Manual The factory default is Disable. Click the Apply button. Your settings are saved. Configure MVR Group Membership  To configure MVR group membership: Launch a web browser. In the address field of your web browser, enter the IP address of the switch.

  • Page 258: View Mvr Statistics

    M4300 Series and M4300-96X Fully Managed Switches User Manual View MVR Statistics  To view MVR statistics: Launch a web browser. In the address field of your web browser, enter the IP address of the switch. The login window opens.

  • Page 259: Mac Address Table

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 93. MVR Statistics (continued) Field Definition IGMP Report V1 Transmitted The number of transmitted IGMP reports V1. IGMP Report V2 Transmitted The number of transmitted IGMP reports V2. IGMP Leave Transmitted The number of transmitted IGMP leaves.

  • Page 260: Set The Dynamic Address Aging Interval

    M4300 Series and M4300-96X Fully Managed Switches User Manual Use Search By to search for MAC addresses by MAC address, VLAN ID, or port: Searched by MAC Address. Select MAC Address, enter the 6-byte hexadecimal • MAC address in two-digit groups separated by colons, for example, 01:23:45:67:89:AB.

  • Page 261: Configure A Static Mac Address

    M4300 Series and M4300-96X Fully Managed Switches User Manual Click the Login button. The System Information page displays. Select Switching > Address Table> Advanced > Dynamic Addresses. Use Address Aging Timeout (seconds) to specify the time-out period in seconds for aging out dynamically learned forwarding information.

  • Page 262: Port Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual In the Static MAC Address field, type the MAC address. Select the VLAN ID associated with the MAC address. Take one of the following actions: Click the Add button. • The static MAC address is added to the switch.
  • Page 263 M4300 Series and M4300-96X Fully Managed Switches User Manual From the Admin Mode menu, select Enable or Disable. This sets the port control administrative mode.For the port to participate in the network, you must select Enable. The factory default is Enable.
  • Page 264 M4300 Series and M4300-96X Fully Managed Switches User Manual From the Flow Control menu, select to enable or disable IEEE 802.3 flow control. The default is Disable. The switch does not send pause frames if the port buffers become full. Flow control helps to prevent data loss when the port cannot keep up with the number of frames being switched.

  • Page 265: Configure Expandable Port Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure Expandable Port Settings You can view and configure the expandable ports.  To view and configure expandable ports information: Launch a web browser. In the address field of your web browser, enter the IP address of the switch.

  • Page 266: Configure Port Descriptions

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure Port Descriptions  To configure and display the description for all ports in the device: Launch a web browser. In the address field of your web browser, enter the IP address of the switch.

  • Page 267: View Port Transceiver Information

    M4300 Series and M4300-96X Fully Managed Switches User Manual View Port Transceiver Information You can view the transceiver information for all fiber ports on the switch  To view port transceiver information: Launch a web browser. In the address field of your web browser, enter the IP address of the switch.

  • Page 268: Link Aggregation Groups

    M4300 Series and M4300-96X Fully Managed Switches User Manual Link Aggregation Groups Link aggregation groups (LAGs), which are also known as port-channels, allow you to combine multiple full-duplex Ethernet links into a single logical link. Network devices treat the aggregation as if it were a single link, which increases fault tolerance and provides load sharing.
  • Page 269 M4300 Series and M4300-96X Fully Managed Switches User Manual When the LAG is disabled, no traffic flows and LACPDUs are dropped, but the links that form the LAG are not released. The factory default is Enable. Use Hash Mode to select the load-balancing mode used on a port-channel (LAG).

  • Page 270: Configure Lag Membership

    M4300 Series and M4300-96X Fully Managed Switches User Manual Click the Apply button. Your settings are saved. The following table describes the nonconfigurable information displayed on the page. Table 98. LAG Configuration Field Description LAG Description Enter the description string to be attached to a LAG. It can be up to 64 characters in length.
  • Page 271 M4300 Series and M4300-96X Fully Managed Switches User Manual Use LAG ID to select the identification of the LAG. Use LAG Name to enter the name to be assigned to the LAG. You can enter any string of up to 15 alphanumeric characters. A valid name must be specified for you to create the LAG.

  • Page 272: Multiple Registration Protocol Overview

    M4300 Series and M4300-96X Fully Managed Switches User Manual The link is selected by creating a binary pattern from selected fields in a packet, and associating that pattern with a particular link: Src MAC,VLAN,EType,incoming port. Source MAC, VLAN, EtherType, and incoming •...

  • Page 273: Configure Global Mrp Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual other nodes require egress traffic to be transmitted with a specific VLAN ID. With the use of MVRP on both ingress and egress, no manual VLAN configuration is required to pass tagged traffic through the network.
  • Page 274 M4300 Series and M4300-96X Fully Managed Switches User Manual The fields available on the MRP Configuration page vary based on the Note: platform and its supported features. Select the MVRP Mode Enable or Disable radio button. This specifies the global administrative mode of MVRP on the device. The default is Disable.

  • Page 275: Configure Mrp Port Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure MRP Port Settings You can configure the per-port MRP mode and timer settings. The timers control when and how often various messages are transmitted on each interface.  To configure MRP port settings: Launch a web browser.

  • Page 276: View Mmrp And Clear Statistics

    M4300 Series and M4300-96X Fully Managed Switches User Manual If the amount of time specified in this field passes before the interface receives a JoinIn message, the interface resends the Join message. The range is 10 to 100 centiseconds. The default value is 20.
  • Page 277 M4300 Series and M4300-96X Fully Managed Switches User Manual To refresh the page with the latest information on the switch, click the Update button. To clear the statistics for one or more ports, do the following: a. Select the check box next to the interface or interfaces.

  • Page 278: View And Clear Mvrp Statistics

    M4300 Series and M4300-96X Fully Managed Switches User Manual View and Clear MVRP Statistics You can view and clear information about the MVRP frames transmitted and received by the switch and by each interface.  To view and clear MVRP statistics: Launch a web browser.

  • Page 279: Loop Protection

    M4300 Series and M4300-96X Fully Managed Switches User Manual The following table describes the nonconfigurable information that the MVRP Global Statistics page displays. Table 100. MVRP Statistics Field Description Interface In the MVRP Statistics table, this field identifies the interface associated with the rest of the data in the row.

  • Page 280: Loop Protection And Pdu Packet Transmission

    M4300 Series and M4300-96X Fully Managed Switches User Manual If the source MAC address matches the MAC address of the switch, the switch can perform one of the following actions, depending on how you configure the action: The port is shut down.
  • Page 281 M4300 Series and M4300-96X Fully Managed Switches User Manual Enter the user name and password. The default admin user name is admin and the default admin password is blank, that is, do not enter a password. Click the Login button.

  • Page 282: Configure The Loop Protection Settings For Ports And View The Loop Protection State

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure the Loop Protection Settings for Ports and View the Loop Protection State Before you can configure loop protection for individual ports, you must globally enable loop protection (see on page 280).
  • Page 283 M4300 Series and M4300-96X Fully Managed Switches User Manual You can select multiple ports. You can select all ports by selecting the Note: check box in the table header. From the Keep Alive menu, select Enable to specify that loop protection must be enabled on the port.

  • Page 284: Chapter 5 Routing

    Routing This chapter covers the following topics: • Manage Routes • Configure the Routing IP Settings • Configure Routing Parameters for the Switch • IPv6 • VLAN Overview • Configure Address Resolution Protocol • Configure RIP • Configure Router Discovery •...

  • Page 285: Manage Routes

    M4300 Series and M4300-96X Fully Managed Switches User Manual Manage Routes The Routing Table collects routes from multiple sources: static routes and local routes. The Routing Table can learn multiple routes to the same destination from multiple sources. The Routing Table lists all routes.
  • Page 286 M4300 Series and M4300-96X Fully Managed Switches User Manual The next router is always one of the adjacent neighbors or the IP address of the local interface for a directly attached network. Preference displays an integer value from 1 to 255.

  • Page 287: Configure Advanced Routes

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 102. Routing Table Basic Route Configuration (continued) Field Description Preference The preference is an integer value from (0 to 255). The user can specify the preference value (sometimes called administrative distance) of an individual static route.
  • Page 288 M4300 Series and M4300-96X Fully Managed Switches User Manual Subnet Mask indicates the portion of the IP interface address that identifies the attached network. This is also referred to as the subnet/network mask. Next Hop IP Address displays the outgoing router IP address to use when forwarding traffic to the next router (if any) in the path toward the destination.

  • Page 289: Specify Route Preferences

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 103. Route Configuration - Learned Routes (continued) Field Description Preference The preference is an integer value from 0 to 255. The user can specify the preference value (sometimes called administrative distance) of an individual static route.
  • Page 290 M4300 Series and M4300-96X Fully Managed Switches User Manual Use Static to specify the static route preference value in the router. The default value is 1. The range is 1 to 255. Specify the RIP route preference value in the router.

  • Page 291: Configure The Routing Ip Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure the Routing IP Settings You can configure routing IP settings for the switch, as opposed to the IP settings for an interface.  To configure the routing IP settings: Launch a web browser.

  • Page 292: View Statistics

    M4300 Series and M4300-96X Fully Managed Switches User Manual By default, the rate limit is 100 packets/sec (the burst interval is 1000 msec). To disable ICMP Rate limiting, set this field to 0. The valid rate Interval is from 0 to 2147483647.
  • Page 293 M4300 Series and M4300-96X Fully Managed Switches User Manual The following table describes the nonconfigurable information displayed on the page. Table 105. IP Basic Statistics Field Description IpInReceives The total number of input datagrams received from interfaces, including those received in error.
  • Page 294 M4300 Series and M4300-96X Fully Managed Switches User Manual Table 105. IP Basic Statistics (continued) Field Description IpInUnknownProtos The number of locally addressed datagrams received successfully but discarded because of an unknown or unsupported protocol. IpInDiscards The number of input IP datagrams for which no problems were encountered to prevent their continued processing, but that were discarded (for lack of buffer space).
  • Page 295 M4300 Series and M4300-96X Fully Managed Switches User Manual Table 105. IP Basic Statistics (continued) Field Description IcmpInErrors The number of ICMP messages that the entity received but determined as having ICMP-specific errors (bad ICMP checksums, bad length, and so on).

  • Page 296: Configure Routing Parameters For The Switch

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure Routing Parameters for the Switch You can configure routing parameters for the switch as opposed to an interface.  To configure routing parameters for the switch: Launch a web browser.

  • Page 297: View Ip Statistics

    M4300 Series and M4300-96X Fully Managed Switches User Manual By default, the rate limit is 100 packets/sec, (the burst interval is 1000 msec). To disable ICMP Ratelimiting set this field to 0. The valid rate interval is in the range 0 to 2147483647.
  • Page 298 M4300 Series and M4300-96X Fully Managed Switches User Manual Click the Login button. The System Information page displays. Select Routing> IP > Advanced > Statistics. The following table describes the nonconfigurable information displayed on the page. Table 107. IP Statistics...
  • Page 299 M4300 Series and M4300-96X Fully Managed Switches User Manual Table 107. IP Statistics (continued) Field Description IpForwDatagrams The number of input datagrams for which this entity was not their final IP destination, as a result of which an attempt was made to find a route to forward them to that final destination.
  • Page 300 M4300 Series and M4300-96X Fully Managed Switches User Manual Table 107. IP Statistics (continued) Field Description IpRoutingDiscards The number of routing entries that were discarded even though they are valid. One possible reason for discarding such an entry could be to free up buffer space for other routing entries.

  • Page 301: Configure The Ip Interface

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 107. IP Statistics (continued) Field Description IcmpOutTimestamps The number of ICMP timestamp (request) messages. IcmpOutTimestampReps The number of ICMP timestamp reply messages sent. IcmpOutAddrMasks The number of ICMP address mask request messages sent.
  • Page 302 M4300 Series and M4300-96X Fully Managed Switches User Manual Use one of the following methods to select an interface: In the Go To Interface field, enter the interface in the unit/slot/port format and click on • the Go button. Next to the Port column, select the check box for the interface that you want to •...

  • Page 303: Configure The Secondary Ip Address

    M4300 Series and M4300-96X Fully Managed Switches User Manual Use Bandwidth (kbps) to specify the configured bandwidth on this interface. This parameter communicates the speed of the interface to higher level protocols. OSPF uses bandwidth to compute link cost. The valid range is 1 to 10000000.
  • Page 304 M4300 Series and M4300-96X Fully Managed Switches User Manual The default admin user name is admin and the default admin password is blank, that is, do not enter a password. Click the Login button. The System Information page displays. Select Routing> IP > Advanced > Secondary IP.

  • Page 305: Ipv6

    M4300 Series and M4300-96X Fully Managed Switches User Manual IPv6 Configure IPv6 Global Settings You can configure IPv6 routing parameters for the switch, as opposed to an interface.  To configure IPv6 global settings: Launch a web browser. In the address field of your web browser, enter the IP address of the switch.

  • Page 306: View The Ipv6 Route Table

    M4300 Series and M4300-96X Fully Managed Switches User Manual This value controls the ICMP error packets. The default burst size is 100 packets. When the burst interval is 0, then configuring this field is not a valid operation. The valid burst size is 1 to 200.

  • Page 307: Configure Ipv6 Interface Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 110. IPv6 Route Table Field Description Prefix Length The prefix length for the active route. Protocol The type of protocol for the active route. Next Hop Interface The interface over which the route is active. For a reject route, the next hop would be a Null0 interface.
  • Page 308 M4300 Series and M4300-96X Fully Managed Switches User Manual Use one of the following methods to select an interface: In the Go To Interface field, enter the interface in the unit/slot/port format and click on • the Go button. Next to the Interface column, select the check box for the interface that you want to •...

  • Page 309: Ipv6 Prefix Configuration

    M4300 Series and M4300-96X Fully Managed Switches User Manual Specify the router advertisement Life Time Interval sent from the interface. This value must be greater than or equal to the maximum advertisement interval. 0 means do not use the router as the default router. The range of router life time is 0 to 9000.
  • Page 310 M4300 Series and M4300-96X Fully Managed Switches User Manual In the address field of your web browser, enter the IP address of the switch. The login window opens. Enter the user name and password. The default admin user name is admin and the default admin password is blank, that is, do not enter a password.

  • Page 311: View Ipv6 Statistics

    M4300 Series and M4300-96X Fully Managed Switches User Manual Click the Apply button. Your settings are saved. The Current State field displays the state of the IPV6 address. The state is TENT if routing is disabled or DAD fails. The state is Active if the interface is active and DAD is successful.
  • Page 312 M4300 Series and M4300-96X Fully Managed Switches User Manual From the Interface list, select the interface. When the selection is changed, a page refresh occurs, causing all fields to be updated for the newly selected port. To refresh the page with the latest information on the switch, click the Update button.
  • Page 313 M4300 Series and M4300-96X Fully Managed Switches User Manual Table 112. IPv6 Advanced Interface Statistics (continued) Field Description Datagrams Successfully The number of IPv6 datagrams successfully reassembled. This counter is Reassembled incremented at the interface to which these datagrams were addressed, which might not be necessarily the input interface for some of the fragments.
  • Page 314 M4300 Series and M4300-96X Fully Managed Switches User Manual Table 113. ICMPv6 Statistics (continued) Field Description ICMPv6 Messages Prohibited The number of ICMP destination unreachable/communication Administratively Received administratively prohibited messages received by the interface. ICMPv6 Time Exceeded Messages The number of ICMP Time Exceeded messages received by the interface.

  • Page 315: View The Ipv6 Neighbor Table And Clear Ipv6 Neighbors

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 113. ICMPv6 Statistics (continued) Field Description ICMPv6 Messages Prohibited Number of ICMP Destination Unreachable/Communication Administratively Transmitted Administratively Prohibited messages sent. ICMPv6 Time Exceeded Messages The number of ICMP Time Exceeded messages sent by the interface.
  • Page 316 M4300 Series and M4300-96X Fully Managed Switches User Manual The default admin user name is admin and the default admin password is blank, that is, do not enter a password. Click the Login button. The System Information page displays. Select Routing> IPv6 > Advanced > Neighbor Table.

  • Page 317: Ipv6 Static Route Configuration

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 114. IPv6 Advanced Neighbor Table (continued) Field Description Neighbor State The state of the neighbor cache entry. Following are the states for dynamic entries in the IPv6 neighbor discovery cache: Incmp.

  • Page 318: View The Ipv6 Route Table

    M4300 Series and M4300-96X Fully Managed Switches User Manual In the IPv6 Prefix field, specify the IPv6 prefix for the configured route. In the Prefix Length field, specify the IPv6 prefix length for the configured route. In the Next Hop IPv6 Address Type list, select one of the following options: Global IPv6 Address.

  • Page 319: Ipv6 Route Preferences

    M4300 Series and M4300-96X Fully Managed Switches User Manual In the Routes Displayed field, select which routes to display from the following list: All Routes. Show all active IPv6 routes. • Best Routes Only. Show only the best active routes.
  • Page 320 M4300 Series and M4300-96X Fully Managed Switches User Manual  Configure the IPv6 route preferences: Launch a web browser. In the address field of your web browser, enter the IP address of the switch. The login window opens. Enter the user name and password.

  • Page 321: Configure Ipv6 Tunnels

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure IPv6 Tunnels You can create, configure, and delete tunnels.  To configure an IPv6 tunnel: Launch a web browser. In the address field of your web browser, enter the IP address of the switch.

  • Page 322: Vlan Overview

    VLAN spans multiple physical networks, or when additional segmentation or security is required. This section shows how to configure the NETGEAR switch to support VLAN routing. A port can be either a VLAN port or a router port, but not both. However, a VLAN port can be part of a VLAN that is a router port.
  • Page 323 M4300 Series and M4300-96X Fully Managed Switches User Manual Enables tagging on selected ports if the port is in another VLAN. Disables tagging if a • selected port does NOT exist in another VLAN. Excludes ports NOT selected from the VLAN.

  • Page 324: Configure Vlan Routing

    M4300 Series and M4300-96X Fully Managed Switches User Manual The default is No. Use IP Address to define the IP address of the VLAN interface. Use Network Mask to define the subnet mask of the VLAN interface. Click the Apply button.

  • Page 325: Configure Address Resolution Protocol

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure Address Resolution Protocol The Address Resolution Protocol (ARP) associates a Layer 2 MAC address with a Layer 3 IPv4 address. The switch software features both dynamic and manual ARP configuration.

  • Page 326: Add An Entry To The Arp Table

    M4300 Series and M4300-96X Fully Managed Switches User Manual The System Information page displays. Select Routing> ARP > Basic > ARP Cache. The page displays the following information: IP Address. Displays the IP address associated with the system’s MAC address. This •...
  • Page 327 M4300 Series and M4300-96X Fully Managed Switches User Manual Select Routing> ARP > Advanced > ARP Create. Use IP Address to enter the IP address to add. It must be the IP address of a device on a subnet attached to one of the switch's existing routing interfaces.

  • Page 328: View Or Configure The Arp Table

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 117. ARP Cache (continued) Field Description Type The type of ARP entry. Possible values are as follows: Local. An ARP entry associated with one of the switch’s routing • interface’s MAC addresses.
  • Page 329 M4300 Series and M4300-96X Fully Managed Switches User Manual Use Age Time to enter the amount of time, in seconds, that a dynamic ARP entry remains in the ARP table before aging out. The range is 15 to 21600 seconds. The default value for Age Time is 1200 seconds.

  • Page 330: Configure Rip

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 118. ARP Table Configuration Field Description Active Static Entries Total number of active static entries in the ARP table. Configured Static Entries Total number of configured static entries in the ARP table.
  • Page 331 M4300 Series and M4300-96X Fully Managed Switches User Manual The login window opens. Enter the user name and password. The default admin user name is admin and the default admin password is blank, that is, do not enter a password.

  • Page 332: Configure Advanced Rip Interface Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual This field displays the default metric if one has already been set, or 0 if one was not configured earlier. The valid values are 1 to 15. Click the Apply button.
  • Page 333 M4300 Series and M4300-96X Fully Managed Switches User Manual Use one of the following methods to select an interface: In the Go To Interface field, enter the interface in the unit/slot/port format and click on • the Go button. Next to the Interface column, select the check box for the interface that you want to •...

  • Page 334: Route Redistribution

    M4300 Series and M4300-96X Fully Managed Switches User Manual Encrypt. If you select Encrypt, you are prompted to enter both an authentication key • and an authentication ID. Encryption uses the MD5 Message-Digest algorithm. All routers on the network must be configured with the same key and ID.
  • Page 335 M4300 Series and M4300-96X Fully Managed Switches User Manual The Source list is populated by only those source routes that are already configured for redistribution by RIP. This allows you to configure another source route among the available source routes.
  • Page 336 M4300 Series and M4300-96X Fully Managed Switches User Manual destination of the route. The destination netmask in the access list serves as a wildcard mask, indicating which bits in the route's destination mask are significant for the filtering operation. Click the Apply button.

  • Page 337: Configure Router Discovery

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure Router Discovery  To configure router discovery: Launch a web browser. In the address field of your web browser, enter the IP address of the switch. The login window opens.

  • Page 338: Configure Virtual Router Redundancy Protocol

    M4300 Series and M4300-96X Fully Managed Switches User Manual Use Preference Level to specify the preference level of the router as a default router relative to other routers on the same subnet. Higher numbered addresses are preferred. You must enter an integer.

  • Page 339: Configure Advanced Vrrp Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual From the Mode menu, select the Active or Inactive mode for the new virtual router. Click the Add button. The virtual router is added to the switch configuration. Click the Apply button.
  • Page 340 M4300 Series and M4300-96X Fully Managed Switches User Manual In the Global Configuration Admin Mode field, set the administrative status of VRRP in the router by selecting the Enable or Disable radio button. By default, VRRP is disabled. Select the VRID.

  • Page 341: Configure An Advanced Vrrp Secondary Ip Address

    M4300 Series and M4300-96X Fully Managed Switches User Manual From the Status menu, select the Active or Inactive option to start or stop the operation of the virtual router. The default is inactive. Click the Add button. The virtual router is added to the switch configuration.

  • Page 342: Configure An Advanced Vrrp Tracking Interface

    M4300 Series and M4300-96X Fully Managed Switches User Manual Click the Login button. The System Information page displays. Select Routing > VRRP > Advanced > VRRP Secondary IP Address Configuration. From the VRRP Interface and VRRP ID menus, select a virtual router.
  • Page 343 M4300 Series and M4300-96X Fully Managed Switches User Manual Select Routing > VRRP > Advanced > VRRP Tracking Configuration. From the VRRP Interface and VRRP ID menus, select a virtual router. The virtual routers are listed by interface number and VRRP ID.

  • Page 344: View Advanced Vrrp Statistics

    M4300 Series and M4300-96X Fully Managed Switches User Manual Your settings are saved. The following table describes the nonconfigurable information that is displayed. Table 124. Advanced VRRP Tracking Configuration Field Description Tracked Interface State The state of the tracked interface.
  • Page 345 M4300 Series and M4300-96X Fully Managed Switches User Manual The following table describes the nonconfigurable information that is displayed. Table 125. Advanced VRRP Statistics Field Description Global Statistics Router Checksum Errors The total number of VRRP packets received with an invalid VRRP checksum value.

  • Page 346: Chapter 6 Ospf And Ospfv3

    OSPF and OSPFv3 This chapter covers the following topics: • Configure OSPF • Configure OSPFv3...

  • Page 347: Configure Ospf

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure OSPF Configure Basic OSPF Settings  To configure basic OSPF settings: Launch a web browser. In the address field of your web browser, enter the IP address of the switch.

  • Page 348: Configure The Ospf Default Route Advertise Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure the OSPF Default Route Advertise Settings  To configure default route advertise settings: Launch a web browser. In the address field of your web browser, enter the IP address of the switch.

  • Page 349: Configure Ospf Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual In the Default Information Originate field, select the Enable or Disable option. If you select Enable, OSPF originates an external LSA advertising a default route (0.0.0.0/0.0.0.0). Default Information Originate is disabled by default.
  • Page 350 M4300 Series and M4300-96X Fully Managed Switches User Manual Select Routing > OSPF > Advanced > OSPF Configuration. In the Router ID field, enter the 32-bit integer in dotted-decimal format that uniquely identifies the router within the autonomous system (AS).
  • Page 351 M4300 Series and M4300-96X Fully Managed Switches User Manual An opaque LSA is used for flooding user-defined information within an OSPF router domain. When the number of nondefault external LSAs exceeds a configured limit, the router enters an overflow state as defined in RFC 1765.
  • Page 352 M4300 Series and M4300-96X Fully Managed Switches User Manual Configuring this field overwrites any present interface level passive mode setting. OSPF does not form adjacencies on passive interfaces, but does advertise attached networks as stub networks. The default is Disabled.

  • Page 353: Configure The Ospf Common Area Id

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure the OSPF Common Area ID  To add or delete an area ID: Launch a web browser. In the address field of your web browser, enter the IP address of the switch.

  • Page 354: Configure The Ospf Stub Area

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 127. OSPF Common Area Configuration (continued) Field Description SPF Runs The number of times that the intra-area route table was calculated using this area's link state database. This is typically done using Dijkstra's algorithm.

  • Page 355: Configure The Ospf Nssa Area

    M4300 Series and M4300-96X Fully Managed Switches User Manual An area ID is a 32-bit integer in dotted-decimal format that uniquely identifies the area to which a router interface connects. Configure the Import Summary LSAs by selecting Enable or Disable from the list.
  • Page 356 M4300 Series and M4300-96X Fully Managed Switches User Manual Click the Login button. The System Information page displays. Select Routing > OSPF > Advanced > NSSA Area Configuration. Enter the OSPF Area ID. An area ID is a 32-bit integer in dotted-decimal format that uniquely identifies the area to which a router interface connects.
  • Page 357 M4300 Series and M4300-96X Fully Managed Switches User Manual b. Candidate. Cause the router to participate in the translator election process when it attains border router status. In the Translator Stability Interval field, configure the translator of the NSSA. The value is the period of time that an elected translator continues to perform its duties after it determines that its translator status was deposed by another router.

  • Page 358: Configure The Ospf Area Range

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure the OSPF Area Range  Configure the OSPF area range: Launch a web browser. In the address field of your web browser, enter the IP address of the switch. The login window opens.

  • Page 359: Configure The Ospf Interface

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure the OSPF Interface  To configure the OSPF interface: Launch a web browser. In the address field of your web browser, enter the IP address of the switch. The login window opens.
  • Page 360 M4300 Series and M4300-96X Fully Managed Switches User Manual Next to the Interface column, select the check box for the interface that you want to • configure. In the OSPF Area ID field, enter the 32-bit integer in dotted-decimal format.
  • Page 361 M4300 Series and M4300-96X Fully Managed Switches User Manual In the Iftransit Delay Interval field, enter the OSPF transit delay for the specified interface. This specifies the estimated number of seconds it takes to transmit a link state update packet over the selected interface. The valid values range from 1 to 3600 seconds (1 hour).
  • Page 362 M4300 Series and M4300-96X Fully Managed Switches User Manual The following table describes the nonconfigurable information that is displayed. Table 130. OSPF Interface Configuration Field Description IP Address The IP address of the interface. Subnet Mask The network mask, indicating the portion of the IP address that identifies the attached network.

  • Page 363: View And Clear Ospf Statistics For An Interface

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 130. OSPF Interface Configuration (continued) Field Description Number of Link Events The number of times the specified OSPF interface changed its state. Local Link LSAs The number of opaque LSAs whose flooding scope is the link on this interface.
  • Page 364 M4300 Series and M4300-96X Fully Managed Switches User Manual In the OSPF Interface Selection area of the page, from the list in the Interface field, select the interface for which you want to display statistics. To refresh the page with the latest information on the switch, click the Update button.
  • Page 365 M4300 Series and M4300-96X Fully Managed Switches User Manual Table 131. OSPF Interface Statistics (continued) Field Description Invalid Destination Address The number of OSPF packets discarded because the packet's destination IP address is not the address of the ingress interface and is not the AllDrRouters or AllSpfRouters multicast addresses.

  • Page 366: View The Ospf Neighbor Table And Clear Ospf Neighbors

    M4300 Series and M4300-96X Fully Managed Switches User Manual View the OSPF Neighbor Table and Clear OSPF Neighbors You can view the OSPF neighbor table list. When a particular neighbor ID is specified, detailed information about a neighbor is given. The information is displayed only if OSPF is enabled.
  • Page 367 M4300 Series and M4300-96X Fully Managed Switches User Manual Table 132. OSPF Neighbor Table (continued) Field Description Options An integer value that indicates the optional OSPF capabilities supported by the neighbor. The neighbor's optional OSPF capabilities are also listed in its hello packets.

  • Page 368: View The Ospf Link State Database

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 132. OSPF Neighbor Table (continued) Field Description Retransmission Queue An integer representing the current length of the retransmission queue of the Length specified neighbor router ID of the specified interface.
  • Page 369 M4300 Series and M4300-96X Fully Managed Switches User Manual The following table describes the nonconfigurable information that is displayed. Table 133. OSPF Link State Database Field Description Router ID The 32-bit integer in dotted-decimal format that uniquely identifies the router within the autonomous system (AS). The router ID is set on the IP Configuration page.
  • Page 370 M4300 Series and M4300-96X Fully Managed Switches User Manual Table 133. OSPF Link State Database (continued) Field Description Options The Options field in the link state advertisement header indicates which optional capabilities are associated with the advertisement. The options are as follows: Q.

  • Page 371: Configure The Ospf Virtual Link

    M4300 Series and M4300-96X Fully Managed Switches User Manual The following table describes the nonconfigurable information that is displayed in the AS Opaque Link State Database (LSDB) table. Table 135. OSPF AS Opaque Link State Database Table Field Description Router ID The 32-bit integer in dotted-decimal format that uniquely identifies the router within the autonomous system (AS).
  • Page 372 M4300 Series and M4300-96X Fully Managed Switches User Manual In the Area ID field, enter the OSPF area ID. An area ID is a 32-bit integer in dotted-decimal format that uniquely identifies the area to which a router interface connects.
  • Page 373 M4300 Series and M4300-96X Fully Managed Switches User Manual From the Authentication Type menu, select one of the following authentication types: None. This is the initial interface state. • Simple. If you select Simple, you are prompted to enter an authentication key. This •...
  • Page 374 M4300 Series and M4300-96X Fully Managed Switches User Manual Table 136. OSPF Virtual Link Configuration (continued) Field Description Neighbor State (continued) Designated Router. This router is the designated router on the • attached network. Adjacencies are established to all other routers attached to the network.

  • Page 375: Configure The Ospf Route Redistribution

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure the OSPF Route Redistribution You can configure the OSPF Route Redistribution parameters. The allowable values for each field are displayed next to the field. If any invalid values are entered, an alert message is displayed with the list of all the valid values.

  • Page 376: View The Nsf Ospf Summary

    M4300 Series and M4300-96X Fully Managed Switches User Manual Set the Tag field in routes redistributed. This field displays the tag if the source was preconfigured; otherwise, the tag is 0 and can be modified. The valid values are 0 to 4294967295.
  • Page 377 M4300 Series and M4300-96X Fully Managed Switches User Manual The default admin user name is admin and the default admin password is blank, that is, do not enter a password. Click the Login button. The System Information page displays. Select Routing > OSPF > Advanced > NSF OSPF Summary.

  • Page 378: Configure Ospfv3

    M4300 Series and M4300-96X Fully Managed Switches User Manual Click the Apply button. Your settings are saved. The following table describes the nonconfigurable information that is displayed. Table 137. NSF OSPF Summary Field Description Restart Status The restart status of OSPF Helper feature. The possible values are as...

  • Page 379: Configure Ospfv3 Default Route Advertise Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual Select the Admin Mode Disable or Enable radio button. If you select Enable, OSPFv3 is activated for the switch. By default, OSPFv3 is enabled. You must configure a router ID before OSPFv3 can become operational. For more information, see on page 291.

  • Page 380: Configure The Advanced Ospfv3 Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual Select the Default Information Originate Enable radio button. Selecting Enable makes it possible to specify the other settings on this page. Selecting Disable returns the other fields on this page to their default values.
  • Page 381 M4300 Series and M4300-96X Fully Managed Switches User Manual Select Routing > OSPFv3 > Advanced > OSPFv3 Configuration. Enter the Router ID in 32-bit integer, dotted-decimal format that uniquely identifies the router within the autonomous system (AS). To change the router ID you must first disable OSPFv3. After you set the new router ID, you must reenable OSPFv3 for the change to take effect.
  • Page 382 M4300 Series and M4300-96X Fully Managed Switches User Manual Use the Default Metric field to set a default for the metric of redistributed routes. This field displays the default metric if one was already set, or blank if one was not configured earlier.

  • Page 383: Configure The Ospfv3 Common Area

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 138. Advanced OSPFv3 Configuration (continued) Field Description External LSA Checksum The sum of the LS checksums of the external LSAs contained in the link state database. This sum can be used to determine if there was a change in a router's link state database, and to compare the link state databases of two routers.

  • Page 384: Configure An Ospfv3 Stub Area

    M4300 Series and M4300-96X Fully Managed Switches User Manual The area is returned to the normal state. The following table describes the nonconfigurable information that is displayed. Table 139. Advanced OSPFv3 Common Area Configuration Field Description External Routing A definition of the router's capabilities for the area, including whether or not AS-external-LSAs are flooded into or throughout the area.

  • Page 385: Configure The Ospfv3 Nssa Area

    M4300 Series and M4300-96X Fully Managed Switches User Manual In the Area ID field, enter the OSPF area ID. An area ID is a 32-bit integer in dotted-decimal format that uniquely identifies the area to which a router interface connects.
  • Page 386 M4300 Series and M4300-96X Fully Managed Switches User Manual Click the Login button. The System Information page displays. Select Routing > OSPFv3 > Advanced > NSSA Area Configuration. In the Area ID field, enter the OSPF area ID. An area ID is a 32-bit integer in dotted-decimal format that uniquely identifies the area to which a router interface connects.
  • Page 387 M4300 Series and M4300-96X Fully Managed Switches User Manual b. Candidate. Cause the router to participate in the translator election process when it attains border router status. In the Translator Stability Interval field, configure the translator of the NSSA. The value is the period of time that an elected translator continues to perform its duties after it determines that its translator status was deposed by another router.

  • Page 388: Configure The Ospfv3 Area Range

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure the OSPFv3 Area Range  To configure the OSPFv3 area range: Launch a web browser. In the address field of your web browser, enter the IP address of the switch.
  • Page 389 M4300 Series and M4300-96X Fully Managed Switches User Manual The login window opens. Enter the user name and password. The default admin user name is admin and the default admin password is blank, that is, do not enter a password.
  • Page 390 M4300 Series and M4300-96X Fully Managed Switches User Manual LSA Ack interval • Metric cost • For OSPFv3 to be fully functional, you must enter a valid IPv6 prefix/prefix length. This can be done using the CLI IPv6 address command.
  • Page 391 M4300 Series and M4300-96X Fully Managed Switches User Manual Set the OSPFv3 Network Type on the interface by selecting either Broadcast or Point-to-Point Mode from the list. OSPFv3 selects a designated router and originates network LSAs only for broadcast networks. No more than two OSPFv3 routers can be present on a point-to-point link. The default network type for Ethernet interfaces is Broadcast.

  • Page 392: View And Clear Ospfv3 Interface Statistics

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 142. Advanced OSPFv3 Interface Configuration (continued) Field Description State (continued) Backup Designated Router. This router is the backup designated router • on the attached network. It is promoted to designated router if the present designated router fails.
  • Page 393 M4300 Series and M4300-96X Fully Managed Switches User Manual In the OSPFv3 Interface Selection area of the page, in the Interface list, select the interface. To refresh the page with the latest information on the switch, click the Update button.
  • Page 394 M4300 Series and M4300-96X Fully Managed Switches User Manual Table 143. Advanced OSPFv3 Interface Statistics (continued) Field Description Area LSA Count The total number of link state advertisements in this area's link state database, excluding AS External LSAs. IPv6 Address The IPv6 address of the interface.

  • Page 395: View The Ospfv3 Neighbor Table And Clear Ospfv3 Neighbors

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 143. Advanced OSPFv3 Interface Statistics (continued) Field Description LS Requests Sent The number of LS requests sent on this interface by this router. LS Requests Received The number of LS requests received on this interface by this router.

  • Page 396: View The Ospfv3 Link State Database

    M4300 Series and M4300-96X Fully Managed Switches User Manual The following table describes the nonconfigurable information that is displayed. Table 144. Advanced OSPFv3 Neighbor Table Field Description Interface The interface for which data is to be displayed or configured. Slot 0 is the base unit.
  • Page 397 M4300 Series and M4300-96X Fully Managed Switches User Manual To refresh the page with the latest information on the switch, click the Update button. The following table describes the nonconfigurable information that is displayed. Table 145. Advanced OSPFv3 Link State Database...
  • Page 398 M4300 Series and M4300-96X Fully Managed Switches User Manual Table 145. Advanced OSPFv3 Link State Database (continued) Field Description The time since the link state advertisement was first originated, in seconds. Sequence The sequence number field is a signed 32-bit integer. It is used to detect old and duplicate link state advertisements.

  • Page 399: Configure The Ospfv3 Virtual Link

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 146. Advanced OSPFv3 External Link State Database Table (continued) Field Description LSA Type Inter-Area Router LSA. This type describes a prefix external to the • (continued) area, yet internal to the autonomous system. It is originated by an area border router.
  • Page 400 M4300 Series and M4300-96X Fully Managed Switches User Manual Enter the Area ID of the OSPF area. An area ID is a 32-bit integer in dotted-decimal format that uniquely identifies the area to which a router interface connects. Virtual links can be configured between any pair of area border routers with interfaces to a common (non-backbone) area.
  • Page 401 M4300 Series and M4300-96X Fully Managed Switches User Manual The following table describes the nonconfigurable information that is displayed. Table 147. Advanced OSPFv3 Virtual Link Configuration Field Description Neighbor State The state of the virtual neighbor relationship. The OSPFv3 interface state can be any of these values: Down.

  • Page 402: Configure Ospfv3 Route Redistribution

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 147. Advanced OSPFv3 Virtual Link Configuration (continued) Field Description State Designated Router. This router is the designated router on the • (continued) attached network. Adjacencies are established to all other routers attached to the network.

  • Page 403: View The Nsf Ospfv3 Summary

    M4300 Series and M4300-96X Fully Managed Switches User Manual From the Source menu, select from the list of available source routes that were not previously configured for redistribution by OSPFv3. The valid values are as follows: Connected • Static •...
  • Page 404 M4300 Series and M4300-96X Fully Managed Switches User Manual Select Routing > OSPFv3 > Advanced > NSF OSPFv3 Summary. From the Support mode list, select one of the following values: Always. OSPF performs a graceful restart for all planned and unplanned warm •...

  • Page 405: Multicast Routing

    Multicast Routing This chapter covers the following topics: • Multicast Overview • Configure Multicast IGMP Settings • Configure PIM Settings • Configure Multicast Static Routes • Configure the Multicast Admin Boundary • Configure IPv6 Multicast Settings...

  • Page 406: Chapter 7 Multicast Routing

    M4300 Series and M4300-96X Fully Managed Switches User Manual Multicast Overview Multicast is best suited for video and audio traffic requiring multicast packet control for optimal operation. Multicast includes support for IGMPv2 and IGMPv3. Communication from point to multipoint is called multicasting. The source host (point) transmits a message to a group of zero or more hosts (multipoint) that are identified by a single IP destination address.

  • Page 407: Configure Global Multicast Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 149. Multicast Mroute Table (continued) Field Description Incoming Interface The incoming interface on which multicast packets for this source/group arrive. Outgoing Interfaces The list of outgoing interfaces on which multicast packets for this source/group are forwarded.

  • Page 408: Configure The Multicast Interface

    M4300 Series and M4300-96X Fully Managed Switches User Manual In the Admin Mode field, select the Enable or Disable option to set the administrative status of multicast forwarding in the router. The default is Disable. Click the Apply button. Your settings are saved.

  • Page 409: Configure Global Multicast Dvmrp Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual Use one of the following methods to select an interface: In the Go To Interface field, enter the interface in the unit/slot/port format and click on • the Go button. Next to the Interface column, select the check box for the interface that you want to •...

  • Page 410: Configure The Dvmrp Interface

    M4300 Series and M4300-96X Fully Managed Switches User Manual Select the Admin Mode Disable or Enable radio button. This sets the administrative status of DVMRP to active or inactive. The default is Disable. Click the Apply button. Your settings are saved.
  • Page 411 M4300 Series and M4300-96X Fully Managed Switches User Manual Use one of the following methods to select an interface: In the Go To Interface field, enter the interface in the unit/slot/port format and click on • the Go button. Next to the Interface column, select the check box for the interface that you want to •...

  • Page 412: Search For Dvmrp Neighbors

    M4300 Series and M4300-96X Fully Managed Switches User Manual Search for DVMRP Neighbors  To search for DVMRP neighbors: Launch a web browser. In the address field of your web browser, enter the IP address of the switch. The login window opens.

  • Page 413: View The Dvmrp Next Hop Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 153. DVMRP Neighbor (continued) Field Description Expiry Time The DVMRP expiry time for the specified neighbor on the selected interface. This is the time left before this neighbor entry ages out, and is not applicable if the neighbor router's state is down.

  • Page 414: View The Multicast Dvmrp Prune

    M4300 Series and M4300-96X Fully Managed Switches User Manual The following table describes the nonconfigurable information that is displayed. Table 154. DVMRP Next Hop Field Description Source IP The IP address used with the source mask to identify the source network for this table entry.

  • Page 415: View The Dvmrp Route

    M4300 Series and M4300-96X Fully Managed Switches User Manual The following table describes the nonconfigurable information that is displayed. Table 155. DVMRP Prune Field Description Group IP The group address that was pruned. Source IP The IP address used with the source mask to identify the source network for this table entry.

  • Page 416: Configure Multicast Igmp Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual The following table describes the nonconfigurable information that is displayed. Table 156. DVMRP Route Field Description Source Address The network address that is combined with the source mask to identify the sources for this entry.

  • Page 417: Configure The Igmp Routing Interface

    M4300 Series and M4300-96X Fully Managed Switches User Manual In the Admin Mode field, select the Enable or Disable option. This sets the administrative status of IGMP in the router to active or inactive. The default is Disable. Click the Apply button.
  • Page 418 M4300 Series and M4300-96X Fully Managed Switches User Manual In the Admin Mode field, select the Enable or Disable option to set the administrative status of IGMP on the selected routing interface. The default is Disable. In the Version field, enter the version of IGMP to configure for the selected interface.

  • Page 419: View Igmp Routing Interface Statistics

    M4300 Series and M4300-96X Fully Managed Switches User Manual View IGMP Routing Interface Statistics  To view the IGMP routing interface statistics: Launch a web browser. In the address field of your web browser, enter the IP address of the switch.

  • Page 420: View Igmp Groups

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 157. Multicast IGMP Routing Interface Statistics (continued) Field Description Querier Up Time The time in seconds since the IGMP interface querier was last changed. Querier Expiry Time The time in seconds remaining before the other querier present timer expires.
  • Page 421 M4300 Series and M4300-96X Fully Managed Switches User Manual Use the Search menu to search for multicast entries by interface or group: Select Interface from the menu, enter the interface in unit/slot/port format (for • example 1/0/13), and click the Go button.

  • Page 422: View The Igmp Membership

    M4300 Series and M4300-96X Fully Managed Switches User Manual View the IGMP Membership  To view the IGMP membership: Launch a web browser. In the address field of your web browser, enter the IP address of the switch. The login window opens.

  • Page 423: Configure The Igmp Proxy Interface

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 159. Multicast IGMP Membership (continued) Field Description Source Filter Mode The source filter mode (Include, Exclude, or NA) for the specified group on this interface. When NA mode is active, the field is blank.

  • Page 424: View The Igmp Proxy Interface Statistics

    M4300 Series and M4300-96X Fully Managed Switches User Manual Select Enable or Disable from the Admin Mode list. This sets the administrative status of IGMP proxy on the selected interface. The default is Disable. Routing, IGMP and Multicast global admin modes must be enabled to enable IGMP proxy interface mode.

  • Page 425: View The Igmp Proxy Membership

    M4300 Series and M4300-96X Fully Managed Switches User Manual The default admin user name is admin and the default admin password is blank, that is, do not enter a password. Click the Login button. The System Information page displays. Select Routing> Multicast > IGMP > Proxy Interface Statistics.
  • Page 426 M4300 Series and M4300-96X Fully Managed Switches User Manual To refresh the page with the latest information on the switch, click the Update button. The following table describes the nonconfigurable information that is displayed. Table 162. Multicast IGMP Proxy Membership...

  • Page 427: Configure Pim Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure PIM Settings You can configure PIM settings and view PIM statistics. Configure the Multicast PIM Global Settings Protocol-Independent Multicast (PIM) is a standard multicast routing protocol that provides scalable interdomain multicast routing across the Internet, independent of the mechanisms provided by any particular unicast routing protocol.

  • Page 428: Configure Pim Interface

    M4300 Series and M4300-96X Fully Managed Switches User Manual PIM protocol. A range of multicast addresses, currently 232.0.0.0/8 in IPv4 and FF3x::/32 in IPv6, is reserved for SSM.  To configure PIM SSM settings: Launch a web browser. In the address field of your web browser, enter the IP address of the switch.
  • Page 429 M4300 Series and M4300-96X Fully Managed Switches User Manual Use one of the following methods to select an interface: In the Go To Interface field, enter the interface in the unit/slot/port format and click on • the Go button. Next to the Interface column, select the check box for the interface that you want to •...

  • Page 430: View The Pim Neighbor

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 163. Multicast PIM Interface Configuration (continued) Field Description Designated Router The designated router on the selected PIM interface. Neighbor Count The number of PIM neighbors on the selected interface. View the PIM Neighbor ...

  • Page 431: View The Pim Candidate Rendezvous Point

    M4300 Series and M4300-96X Fully Managed Switches User Manual View the PIM Candidate Rendezvous Point  To view the multicast PIM candidate rendezvous point (RP): Launch a web browser. In the address field of your web browser, enter the IP address of the switch.

  • Page 432: Configure The Pim Candidate Rendezvous Point

    M4300 Series and M4300-96X Fully Managed Switches User Manual The login window opens. Enter the user name and password. The default admin user name is admin and the default admin password is blank, that is, do not enter a password.

  • Page 433: Configure The Pim Bootstrap Router Candidate

    M4300 Series and M4300-96X Fully Managed Switches User Manual Select Routing> Multicast > PIM > Candidate RP Configuration. From the list of interfaces, select the Interface. Enter the Group Address transmitted in candidate-RP-advertisements. If you enter an IPv6 address, the format is prefix/prefix length.
  • Page 434 M4300 Series and M4300-96X Fully Managed Switches User Manual From the list of interfaces, select the Interface. Enter the C-BSR Hash Mask Length to be advertised in bootstrap messages. This hash mask length is used in the hash algorithm for selecting the RP for a particular group.

  • Page 435: Configure The Pim Static Rendezvous Point

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure the PIM Static Rendezvous Point You can statically configure the rendezvous point (RP) address for one or more multicast groups.  To configure the PIM static RP: Launch a web browser.

  • Page 436: Configure The Multicast Admin Boundary

    M4300 Series and M4300-96X Fully Managed Switches User Manual The login window opens. Enter the user name and password. The default admin user name is admin and the default admin password is blank, that is, do not enter a password.

  • Page 437: Configure Ipv6 Multicast Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual The default admin user name is admin and the default admin password is blank, that is, do not enter a password. Click the Login button. The System Information page displays. Select Routing> Multicast > Admin Boundary Configuration.

  • Page 438: Configure The Ipv6 Pim Global Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual Select Routing > IPv6 Multicast > Mroute Table. To refresh the page with the latest information on the switch, click the Update button. The following table describes the nonconfigurable information that is displayed.

  • Page 439: Configure Ipv6 Pim Ssm

    M4300 Series and M4300-96X Fully Managed Switches User Manual The default admin user name is admin and the default admin password is blank, that is, do not enter a password. Click the Login button. The System Information page displays. Select Routing> IPv6 Multicast > IPv6 PIM > Global Configuration.

  • Page 440: Configure The Ipv6 Pim Interface

    M4300 Series and M4300-96X Fully Managed Switches User Manual In the SSM Group Address field, enter the source-specific multicast group IP address. In the SSM Group Mask field, enter the source-specific multicast group IP address mask. Click the Add button.

  • Page 441: View The Ipv6 Pim Neighbor

    M4300 Series and M4300-96X Fully Managed Switches User Manual This sets the administrative status of PIM-SM in the router. The default is Disable. In the Hello Interval field, enter the time in seconds between the transmission of PIM hello messages on this interface.

  • Page 442: Configure The Ipv6 Pim Candidate Rendezvous Point

    M4300 Series and M4300-96X Fully Managed Switches User Manual To refresh the page with the latest information on the switch, click the Update button. The following table describes the nonconfigurable information that is displayed. Table 170. IPv6 PIM Neighbor Field...

  • Page 443: Configure The Ipv6 Pim Bootstrap Router Candidate Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual From the list of interfaces, select the Interface. In the Group Address field, enter the group IPv6 address prefix transmitted in candidate-RP-advertisements. In the Prefix Length field, enter the group IPv6 Prefix Length transmitted in...
  • Page 444 M4300 Series and M4300-96X Fully Managed Switches User Manual From the list of interfaces, select the Interface. Enter the C-BSR Hash Mask Length to be advertised in bootstrap messages. This hash mask length is used in the hash algorithm for selecting the RP for a particular group.

  • Page 445: Configure The Ipv6 Pim Static Rendezvous Point

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure the IPv6 PIM Static Rendezvous Point You can statically configure the rendezvous point (RP) address for one or more multicast groups.  To configure the IPv6 PIM static RP: Launch a web browser.

  • Page 446: Configure The Ipv6 Mld Routing Interface

    M4300 Series and M4300-96X Fully Managed Switches User Manual The login window opens. Enter the user name and password. The default admin user name is admin and the default admin password is blank, that is, do not enter a password.
  • Page 447 M4300 Series and M4300-96X Fully Managed Switches User Manual Use one of the following methods to select an interface: In the Go To Interface field, enter the interface in the unit/slot/port format and click on • the Go button. Next to the Interface column, select the check box for the interface that you want to •...

  • Page 448: View Ipv6 Mld Routing Interface Statistics

    M4300 Series and M4300-96X Fully Managed Switches User Manual Click the Apply button. Your settings are saved. The following table describes the nonconfigurable information that is displayed. Table 172. IPv6 MLD Routing Interface Configuration Field Description Operational Mode The operational status of MLD on the Interface.

  • Page 449: View The Ipv6 Mld Groups

    M4300 Series and M4300-96X Fully Managed Switches User Manual The following table describes the nonconfigurable information that is displayed. Table 173. IPv6 MLD Routing Interface Statistics Field Description Interface The interface for which data is to be displayed. Querier Status Indicates whether the selected interface is an MLD querier or non-querier on the subnet it is associated with.

  • Page 450: View And Clear Ipv6 Mld Traffic

    M4300 Series and M4300-96X Fully Managed Switches User Manual If the entry exists, it is displayed as the first entry, followed by the remaining entries. Select Group from the menu, enter the MLD group IP address, and click the Go •...

  • Page 451: Configure The Ipv6 Mld Proxy Interface

    M4300 Series and M4300-96X Fully Managed Switches User Manual Click the Login button. The System Information page displays. Select Routing> IPv6 Multicast > MLD > MLD Traffic. To refresh the page with the latest information on the switch, click the Update button.
  • Page 452 M4300 Series and M4300-96X Fully Managed Switches User Manual Enter the user name and password. The default admin user name is admin and the default admin password is blank, that is, do not enter a password. Click the Login button.

  • Page 453: View Ipv6 Mld Proxy Interface Statistics

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 176. IPv6 Multicast MLD Proxy Interface Configuration (continued) Field Description Querier Address on Proxy The querier address on the proxy interface. Interface Number of Groups The current number of multicast group entries for the MLD proxy interface in the cache table.

  • Page 454: View The Ipv6 Mld Proxy Membership

    M4300 Series and M4300-96X Fully Managed Switches User Manual The following table describes the nonconfigurable information that is displayed. Table 177. IPv6 Multicast MLD Proxy Interface Statistics Field Description Proxy Interface The interface on which MLD proxy packets received. Version The version of MLD proxy packets received.

  • Page 455: Configure Ipv6 Multicast Static Routes

    M4300 Series and M4300-96X Fully Managed Switches User Manual The following table describes the nonconfigurable information that is displayed. Table 178. IPv6 Multicast MLD Proxy Membership Field Description Proxy Interface The interface on which the MLD proxy is enabled. Group IP The IPv6 multicast group address.
  • Page 456 M4300 Series and M4300-96X Fully Managed Switches User Manual In the Source IP field, enter the IP address that identifies the multicast packet source for the entry you are creating. In the Prefix Length field, enter the prefix length to be applied to the Source IPv6 address.
  • Page 457 Configure Quality of Service This chapter covers the following topics: • QoS Overview • Class of Service • Differentiated Services Overview...

  • Page 458: Chapter 8 Configure Quality Of Service

    M4300 Series and M4300-96X Fully Managed Switches User Manual QoS Overview In a typical switch, each physical port consists of one or more queues for transmitting packets on the attached network. Multiple queues per port are often provided to give preference to certain packets over others based on user-defined criteria.

  • Page 459: Configure Global Cos Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure Global CoS Settings  To configure global CoS settings: Launch a web browser. In the address field of your web browser, enter the IP address of the switch. The login window opens.

  • Page 460: Map 802.1P Priorities To Queues

    M4300 Series and M4300-96X Fully Managed Switches User Manual The default value is untrusted. Click the Apply button. Your settings are saved. Map 802.1p Priorities to Queues The 802.1p to Queue Mapping page also displays the Current 802.1p Priority Mapping table.

  • Page 461: Map Dscp Values To Queues

    M4300 Series and M4300-96X Fully Managed Switches User Manual Click the Apply button. Your settings are saved. Map DSCP Values to Queues You can specify which internal traffic class to map the corresponding DSCP value.  To map DSCP values to queues: Launch a web browser.

  • Page 462: Configure Cos Interface Settings For An Interface

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure CoS Interface Settings for an Interface You can apply an interface shaping rate to all interfaces or to a specific interface.  To configure CoS settings for an interface: Launch a web browser.

  • Page 463: Configure Cos Queue Settings For An Interface

    M4300 Series and M4300-96X Fully Managed Switches User Manual 802.1p • IP DSCP • The default value is 802.1p. Use Interface Shaping Rate to specify the maximum bandwidth allowed. This is typically used to shape the outbound transmission rate.This value is controlled independently of any per-queue maximum bandwidth configuration.
  • Page 464 M4300 Series and M4300-96X Fully Managed Switches User Manual Select the check box next to the port or LAG to configure. You can select multiple ports and LAGs to apply the same setting to the selected interfaces. Select the check box in the heading row to apply a trust mode or rate to all interfaces.

  • Page 465: Configure Cos Drop Precedence Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure CoS Drop Precedence Settings  To configure CoS Drop Precedence settings: Launch a web browser. In the address field of your web browser, enter the IP address of the switch.

  • Page 466: Differentiated Services Overview

    M4300 Series and M4300-96X Fully Managed Switches User Manual Use WRED Drop Probability Scale to determine the packet drop probability for the current drop precedence level. The range is 0 to 100. The default is 10. Click the Apply button.

  • Page 467: Diffserv Wizard Overview

    M4300 Series and M4300-96X Fully Managed Switches User Manual Packet processing begins by testing the class match criteria for a packet. A policy is applied to a packet when a class match within that policy is found. DiffServ Wizard Overview The DiffServ wizard enables DiffServ on the switch by creating a traffic class, adding the traffic class to a policy, and then adding the policy to the ports that you select.
  • Page 468 M4300 Series and M4300-96X Fully Managed Switches User Manual Click the Login button. The System Information page displays. Select QoS> DiffServ > DiffServ Wizard. Use Traffic Type to define the DiffServ Class. Traffic type options are: VOIP, HTTP, FTP, Telnet, and Every.

  • Page 469: Configure Basic Diffserv Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure Basic DiffServ Settings Packets are filtered and processed based on defined criteria. The filtering criteria is defined by a class. The processing is defined by a policy's attributes. Policy attributes can be defined on a per–class instance basis, and it is these attributes that are applied when a match...

  • Page 470: Configure The Global Diffserv Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual Select the administrative mode for DiffServ: Enable. Differentiated Services are active. This the default mode. • Disable. The DiffServ configuration is retained and can be changed but it is not •...
  • Page 471 M4300 Series and M4300-96X Fully Managed Switches User Manual  To configure the global DiffServ mode: Launch a web browser. In the address field of your web browser, enter the IP address of the switch. The login window opens. Enter the user name and password.

  • Page 472: Configure A Diffserv Class

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 181. DiffServ Status (continued) Field Description Policy table The number of configured policies out of the total allowed on the switch. Policy Instance table The number of configured policy class instances out of the total allowed on the switch.
  • Page 473 M4300 Series and M4300-96X Fully Managed Switches User Manual To create a new class, enter a class name, select the class type, and click the Add button. This field also lists all the existing DiffServ class names, from which one can be selected.
  • Page 474 M4300 Series and M4300-96X Fully Managed Switches User Manual You can select the class type only when you are creating a new class. After you create the class, this field displays the class type, but you cannot change it. Define the criteria to associate with a DiffServ class: Match Every.
  • Page 475 M4300 Series and M4300-96X Fully Managed Switches User Manual in a match (where x is any hexadecimal number). Note that this is not a wildcard mask, which ACLs use. Source MAC Mask. This is a bit mask in the same format as a MAC address •...
  • Page 476 M4300 Series and M4300-96X Fully Managed Switches User Manual same as any destination port number within the range. After you select this option, use the following fields to configure a destination port keyword, destination port number, or destination port range for the match criteria: Protocol.

  • Page 477: Configure Diffserv Ipv6 Class Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure DiffServ IPv6 Class Settings You can add a new IPv6 DiffServ class name, or to rename or delete an existing class. You can also define the criteria to associate with a DiffServ class. As packets are received, these DiffServ classes are used to prioritize packets.
  • Page 478 M4300 Series and M4300-96X Fully Managed Switches User Manual The Class Configuration page displays, showing the configuration fields for the class. Configure Quality of Service...
  • Page 479 M4300 Series and M4300-96X Fully Managed Switches User Manual To configure the IPv6 class, complete the fields: Class Name. The name for the configured DiffServ class. • Class Type. The DiffServ class type. • You can specify the class type only when you are creating a new class. After the class is created, this field displays the class type, but you cannot change it.

  • Page 480: Configure Diffserv Policy

    M4300 Series and M4300-96X Fully Managed Switches User Manual The following table describes the nonconfigurable information displayed in the Class Summary at the bottom of the DiffServ Advanced IPv6 Class Configuration page. Table 183. DiffServ IPv6 Class Configuration - Class Summary...
  • Page 481 M4300 Series and M4300-96X Fully Managed Switches User Manual Click the Add button. The new policy is added to the switch. To configure the policy attributes, click the name of the policy. The policy name is a hyperlink. The Policy Configuration page displays, showing the configuration fields for the policy.
  • Page 482 M4300 Series and M4300-96X Fully Managed Switches User Manual • Mirror • Redirect Two Rate Policy. With the two-rate policer, you can enforce traffic policing according • to two separate rates: Committed Rate and Peak Rate. Mark IP DSCP. This lists the keywords for the known DSCP values from which one •...

  • Page 483: Configure The Diffserv Service Interface

    M4300 Series and M4300-96X Fully Managed Switches User Manual Send. These packets are presented unmodified by DiffServ to the system • forwarding element. Mark IP Precedence. These packets are marked by DiffServ with the specified IP • Precedence value before being presented to the system forwarding element. This selection requires that the Mark IP Precedence field be set.

  • Page 484: View Diffserv Service Statistics

    M4300 Series and M4300-96X Fully Managed Switches User Manual Use one of the following methods to select an interface: In the Go To Interface field, enter the interface in the unit/slot/port format and click on • the Go button. Next to the Interface column, select the check box for the interface that you want to •...
  • Page 485 M4300 Series and M4300-96X Fully Managed Switches User Manual The login window opens. Enter the user name and password. The default admin user name is admin and the default admin password is blank, that is, do not enter a password.
  • Page 486 M4300 Series and M4300-96X Fully Managed Switches User Manual Table 186. DiffServ Service Statistics (continued) Field Description Policy Name Name of the policy currently attached to the specified interface and direction. Operational Status Operational status of the policy currently attached to the specified interface and direction.
  • Page 487 Manage Device Security You can configure the login password, Remote Authorization Dial-In User Service (RADIUS) settings, Terminal Access Controller Access Control System (TACACS) settings, and authentication lists. The chapter covers the following topics: • Manage User Accounts and Passwords • Manage the RADIUS Server Settings •...

  • Page 488: Manage User Accounts And Passwords

    M4300 Series and M4300-96X Fully Managed Switches User Manual Manage User Accounts and Passwords You can configure user accounts and login passwords. Configure User Accounts By default, two user accounts exist: admin, with read/write privileges • guest, with read-only privileges •...

  • Page 489: Configure A User Password

    M4300 Series and M4300-96X Fully Managed Switches User Manual alphanumeric characters as well as the hyphen (-) and underscore (_) characters. The user name default is not valid. User names once created cannot be changed or modified. Set the Edit Password field to Enable only when you are changing the password.

  • Page 490: Enable Password Configuration

    M4300 Series and M4300-96X Fully Managed Switches User Manual Select Security> Management Security > Local User > User Password Configuration. In the Password Minimum Length field, type the minimum character length of all new local user passwords. In the Password Aging (days) field, type the maximum time for which the user passwords are valid in days, from the time the password is set.

  • Page 491: Configure A Line Password

    M4300 Series and M4300-96X Fully Managed Switches User Manual The System Information page displays. Select Security> Management Security > Enable Password. In the Password field, type the password. Passwords are a maximum of 64 alphanumeric characters. In the Confirm Password field, type the password again, to confirm that you entered it correctly.

  • Page 492: Manage The Radius Server Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual In the Console Password field, enter the console password. Passwords are a maximum of 64 alphanumeric characters. In the Confirm Console Password field, type the password again to confirm that you typed it correctly.
  • Page 493 M4300 Series and M4300-96X Fully Managed Switches User Manual Select Security > Management Security > RADIUS > Radius Configuration. The Current Server IP Address field is blank if no servers are configured (see Configure on page 495). The switch supports up to three configured RADIUS a RADIUS Server servers.
  • Page 494 M4300 Series and M4300-96X Fully Managed Switches User Manual In the Timeout Duration field, specify the time-out value, in seconds, for request retransmissions. The valid range is 1–30. The default value is 5. Consider the maximum delay time when you configure RADIUS maximum retransmit and RADIUS time-out.

  • Page 495: Configure A Radius Server

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure a RADIUS Server  To configure a RADIUS server: Launch a web browser. In the address field of your web browser, enter the IP address of the switch. The login window opens.
  • Page 496 M4300 Series and M4300-96X Fully Managed Switches User Manual The following table describes the RADIUS server statistics displayed on the page. Table 188. RADIUS statistics Field Description Radius Server The address of the RADIUS server or the name of the RADIUS server for which the statistics are displayed.

  • Page 497: Configure Radius Accounting Servers

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure RADIUS Accounting Servers  To configure a RADIUS accounting server: Launch a web browser. In the address field of your web browser, enter the IP address of the switch. The login window opens.

  • Page 498: Manage The Tacacs Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual The following table describes RADIUS accounting server statistics available on the page. Table 189. RADIUS Accounting Server Statistics Field Description Accounting Server Address The accounting server associated with the statistics. Round Trip Time(secs)

  • Page 499: Configure Global Tacacs Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure Global TACACS Settings You can configure the TACACS settings for communication between the switch and the TACACS server you configure through the inband management port.  To configure global TACACS settings: Launch a web browser.

  • Page 500: Configure Tacacs Server Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual Routing loopback interface. The primary IP address of a routing loopback interface is • used as the source address. Service port. The management port source IP is used as the source address.

  • Page 501: Configure Authentication Lists

    M4300 Series and M4300-96X Fully Managed Switches User Manual Click the Add button. The server is added to the switch. Configure Authentication Lists The switch supports various authentication lists. Configure a Login Authentication List A login list specifies the authentication methods to be used to validate switch or port access for the users associated with the list.

  • Page 502: Configure An Enable Authentication List

    M4300 Series and M4300-96X Fully Managed Switches User Manual Line. The line password is used for authentication. None. The user cannot be authenticated. RADIUS. The user's name and password are authenticated using the RADIUS server instead of local server. TACACS. The user's name and password are authenticated using the TACACS server.

  • Page 503: Configure The Dot1X Authentication List

    M4300 Series and M4300-96X Fully Managed Switches User Manual The options are as follows: Enable. The privileged EXEC password is used for authentication. Line. The line password is used for authentication. None. The user cannot be authenticated. RADIUS. The user's name and password are authenticated using the RADIUS server instead of local server.

  • Page 504: Configure An Http Authentication List

    M4300 Series and M4300-96X Fully Managed Switches User Manual Select the check box for the dot1x list name. Select the method to appear first in the selected authentication login list. The options are as follows: IAS. The user’s ID and password in internal authentication server database is used •...
  • Page 505 M4300 Series and M4300-96X Fully Managed Switches User Manual The System Information page displays. Select Security > Management Security > Authentication List > HTTP Authentication List. Select the check box for the HTTP list name. In the columns in table header (1, 2, 3, 4, 5, 6), select the method to appear first in the selected authentication enable list.

  • Page 506: Configure An Https Authentication List

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure an HTTPS Authentication List You can configure an HTTPS list. A login list specifies the authentication methods to validate the switch or port access through HTTPS for the users associated with the list. The default list is httpsList.

  • Page 507: View Login Sessions

    M4300 Series and M4300-96X Fully Managed Switches User Manual RADIUS. The user's name and password are authenticated using the RADIUS server instead of local server. TACACS. The user's name and password are authenticated using the TACACS server. Click the Apply button.

  • Page 508: Manage Hhtp, Https, And Ssh Access

    M4300 Series and M4300-96X Fully Managed Switches User Manual Manage HHTP, HTTPS, and SSH Access You can configure HTTP and Secure HTTP access to the switch’s management interface. Configure HTTP Server Settings To access the switch using a web browser, you must first configure it with IP information (IP address, subnet mask, and default gateway).

  • Page 509: Https Configuration

    M4300 Series and M4300-96X Fully Managed Switches User Manual In the HTTP Port field, enter the HTTP port number. The valid range is 80 and 1025 to 65535. The default value is 80. In the HTTP Session Soft Timeout (Minutes) field, set the inactivity time-out for HTTP sessions.
  • Page 510 M4300 Series and M4300-96X Fully Managed Switches User Manual Select the Admin Mode Disable or Enable radio button. This enables or disables the administrative mode of Secure HTTPS. The currently configured value is displayed. The default value is Disable. You can download SSL certificates only when the HTTPS admin mode is disabled.

  • Page 511: Manage Certificates

    M4300 Series and M4300-96X Fully Managed Switches User Manual Click the Apply button. Your settings are saved. The Authentication List field displays the authentication list for HTTPS. Manage Certificates You can generate or delete certificates.  To manage certificates: Launch a web browser.

  • Page 512: Download Certificates

    M4300 Series and M4300-96X Fully Managed Switches User Manual Download Certificates You can transfer a certificate file to the switch. For the web server on the switch to accept HTTPS connections from a management station, the web server needs a public key certificate. You can generate a certificate externally (for example, offline) and download it to the switch.

  • Page 513: Configure Ssh Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual In the Transfer Mode list, specify the protocol to use to transfer the file: TFTP. Trivial File Transfer Protocol • SFTP. Secure File Transfer Protocol • SCP. Secure Copy Protocol •...
  • Page 514 M4300 Series and M4300-96X Fully Managed Switches User Manual Select the SSH Admin Mode Disable or Enable radio button. This enables or disables the SSH server administrative mode. When this mode is enabled, the device can be accessed by using an SSH client on a remote system. The currently configured value is displayed.

  • Page 515: Manage Host Keys

    M4300 Series and M4300-96X Fully Managed Switches User Manual Use Enable Authentication List to select an authentication list. This list is used to authenticate users who try to get enable level privilege. Use SSH Port to enter the port range from 1 to 65535.
  • Page 516 M4300 Series and M4300-96X Fully Managed Switches User Manual Select an RSA Keys Management radio button: None. This is the default selection. • Generate RSA Keys. Begin generating the RSA host keys. To generate SSH key • files SSH must be administratively disabled and there can be no active SSH sessions.

  • Page 517: Download Host Keys

    M4300 Series and M4300-96X Fully Managed Switches User Manual The following table describes the nonconfigurable fields that display on the page. Table 192. RSA Key Management Field Description Keys Present Displays which of the following keys or both (if any) are present on the...

  • Page 518: Configure Telnet Access

    M4300 Series and M4300-96X Fully Managed Switches User Manual SSH-2 DSA Key PEM File. SSH-2 Digital Signature Algorithm (DSA) key file (PEM • Encoded) In the Transfer Mode list, select the protocol to use to transfer the file: TFTP. Trivial File Transfer Protocol •...
  • Page 519 M4300 Series and M4300-96X Fully Managed Switches User Manual For information about creating an enable authentication list, see Configure a Login on page 501. Authentication List  To configure the Telnet authentication list: Launch a web browser. In the address field of your web browser, enter the IP address of the switch.

  • Page 520: Configure Inbound Telnet

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure Inbound Telnet You can regulate new inbound Telnet sessions. If Allow New Telnet Sessions is enabled, new inbound Telnet sessions can be established until there are no more sessions available.

  • Page 521: Configure Outbound Telnet

    M4300 Series and M4300-96X Fully Managed Switches User Manual are established. An established session remains active until the session is ended or an abnormal network error ends the session. In the Session Timeout field, specify how many minutes of inactivity occur on an inbound Telnet session before the session is logged off.
  • Page 522 M4300 Series and M4300-96X Fully Managed Switches User Manual Next to Allow new telnet sessions, select the Disable or Enable radio button. This specifies whether the new outbound Telnet session is enabled or disabled. The default value is Enabled so that new outbound Telnet sessions can be established until there are no more sessions available.

  • Page 523: Configure Console Port Access

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure Console Port Access  To configure the console port: Launch a web browser. In the address field of your web browser, enter the IP address of the switch. The login window opens.

  • Page 524: Configure Denial Of Service Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual Click the Apply button. Your settings are saved. The following table describes the nonconfigurable information that is displayed. Table 193. Console Port Field Description Character Size (bits) The number of bits in a character. This is always 8.
  • Page 525 M4300 Series and M4300-96X Fully Managed Switches User Manual In the Denial of Service Min TCP Header Size field, specify the minimum TCP header size allowed. If DoS TCP Fragment is enabled, the switch drops these packets: First TCP fragments with a TCP payload: IP_Payload_Length - IP_Header_Size <...
  • Page 526 M4300 Series and M4300-96X Fully Managed Switches User Manual This enables First Fragment DoS prevention, which causes the switch to check DoS options on first fragment IP packets when switch are receiving fragmented IP packets. Otherwise, switch ignores the first fragment IP packages.The factory default is Disable.

  • Page 527: Configure Access Control Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual Select the Denial of Service UDP Port Disable or Enable radio button. Enabling UDP Port DoS prevention causes the switch to drop packets with UDP source port equal to UDP destination port. The factory default is Disable.
  • Page 528 M4300 Series and M4300-96X Fully Managed Switches User Manual In the Access Profile Name field, enter the name of the access profile to be added. The maximum length is 32 characters. Take one of the following actions: To activate an access profile, select the Activate Profile check box.

  • Page 529: Configure Access Rule Settings For The Access Control Profile

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure Access Rule Settings for the Access Control Profile After you set up an access control profile, you can configure and apply an access control rules. However, to do this, the access control profile must be in a deactivated state. AFter you added the access control rule, you can reactivate the access control profile.

  • Page 530: Manage Port Authentication

    M4300 Series and M4300-96X Fully Managed Switches User Manual The rules are validated against the incoming management request in ascending order of their priorities. If a rule matches, the action is performed and subsequent rules below that are ignored. For example, if a source IP 10.10.10.10 is configured with priority 1 to permit, and source IP 10.10.10.10 is configured with priority 2 to deny, then access is permitted if...
  • Page 531 M4300 Series and M4300-96X Fully Managed Switches User Manual Select the Administrative Mode Disable or Enable radio button. This enables or disables 802.1X administrative mode on the switch. Enable. Port-based authentication is permitted on the switch. • If 802.1X is enabled, authentication is performed by a RADIUS server. This means the primary authentication method must be RADIUS.

  • Page 532: Configure 802.1X Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure 802.1X Settings You can enable or disable 802.1X access control on the system.  To configure 802.1X settings: Launch a web browser. In the address field of your web browser, enter the IP address of the switch.

  • Page 533: Configure Port Authentication

    M4300 Series and M4300-96X Fully Managed Switches User Manual Use Users to select the user name for the selected login list for 802.1x port security. Use Login to select the login list to apply to the specified user. All configured login lists are displayed. The Authentication List field displays the list that is used by 802.1X.
  • Page 534 M4300 Series and M4300-96X Fully Managed Switches User Manual Force authorized. The authenticator PAE unconditionally sets the controlled port to authorized. Auto. The authenticator PAE sets the controlled port mode to reflect the outcome of the authentication exchanges between the supplicant, authenticator, and the authentication server.
  • Page 535 M4300 Series and M4300-96X Fully Managed Switches User Manual in the range of 1 to 65535. The default value is 30. Changing the value does not change the configuration until the Apply button is clicked. Server Timeout. Enter the server time-out for the selected port. The server time-out is •...

  • Page 536: View The Port Summary

    M4300 Series and M4300-96X Fully Managed Switches User Manual View the Port Summary You can view information about the port access control settings on a specific port.  To view the port summary: Launch a web browser. In the address field of your web browser, enter the IP address of the switch.
  • Page 537 M4300 Series and M4300-96X Fully Managed Switches User Manual Table 195. Port Summary (continued) Field Description Operating Control Mode The control mode under which the port is actually operating. Possible values are as follows: ForceUnauthorized • ForceAuthorized • Auto •...

  • Page 538: View The Client Summary

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 195. Port Summary (continued) Field Description VLAN Assigned The VLAN ID assigned to the selected interface by the authenticator. This field is displayed only when the port control mode of the selected interface is not MAC-based.

  • Page 539: Control Traffic With Mac Filtering

    M4300 Series and M4300-96X Fully Managed Switches User Manual Select Security > Port Authentication > Advanced > Client Summary. The following table describes the fields on the Client Summary page. Table 196. Client Summary Field Description Port The port to be displayed.
  • Page 540 M4300 Series and M4300-96X Fully Managed Switches User Manual The login window opens. Enter the user name and password. The default admin user name is admin and the default admin password is blank, that is, do not enter a password.

  • Page 541: Mac Filter Summary

    M4300 Series and M4300-96X Fully Managed Switches User Manual Use Source Port Members to list the ports to be included in the inbound filter. If a packet with the MAC address and VLAN ID you selected is received on a port that is not in the list, it is dropped.

  • Page 542: Configure Port Security And Private Groups

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure Port Security and Private Groups You can configure port security settings and set up port private groups. Configure the Global Port Security Mode You can lock one or more ports on the system. When a port is locked, only packets with an allowable source MAC addresses can be forwarded.

  • Page 543: Configure A Port Security Interface

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 198. Port Security Violations Field Description Last Violation MAC The source MAC address of the last packet that was discarded at a locked port. VLAN ID The VLAN ID corresponding to the last violation MAC address.

  • Page 544: Convert Learned Mac Addresses To Static Addresses

    M4300 Series and M4300-96X Fully Managed Switches User Manual Use one of the following methods to select a port: In the Go To Port field, enter the interface in the unit/slot/port format and click on the • Go button. Next to the Port column, select the check box for the port that you want to configure, •...

  • Page 545: Configure Static Mac Addresses

    M4300 Series and M4300-96X Fully Managed Switches User Manual The default admin user name is admin and the default admin password is blank, that is, do not enter a password. Click the Login button. The System Information page displays. Select Security > Traffic Control > Port Security > Dynamic MAC Address.

  • Page 546: Configure Private Groups

    M4300 Series and M4300-96X Fully Managed Switches User Manual The login window opens. Enter the user name and password. The default admin user name is admin and the default admin password is blank, that is, do not enter a password.

  • Page 547: Configure Private Group Membership

    M4300 Series and M4300-96X Fully Managed Switches User Manual In the Group Name field, enter the private group name. The name can be up to 24 bytes of non-blank characters. In the optional Group ID field, specify the private group identifier.
  • Page 548 M4300 Series and M4300-96X Fully Managed Switches User Manual In the Group ID list, select the group ID. Use Port List to add the ports you selected to this private group. The port list displays when at least one group is configured.

  • Page 549: Protect Ports

    M4300 Series and M4300-96X Fully Managed Switches User Manual Protect Ports If a port is configured as protected, it does not forward traffic to any other protected port on the switch, but it does forward traffic to unprotected ports. You can configure the ports as protected or unprotected.

  • Page 550: Set Up Private Vlans

    M4300 Series and M4300-96X Fully Managed Switches User Manual Click the Apply button. Your settings are saved. Set Up Private VLANs A private VLAN contains switch ports that cannot communicate with each other, but can access another network. These ports are called private ports. Each private VLAN contains one or more private ports and a single uplink port or uplink aggregation group.

  • Page 551: Configure Private Vlan Association Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure Private VLAN Association Settings  To configure private VLAN association: Launch a web browser. In the address field of your web browser, enter the IP address of the switch. The login window opens.

  • Page 552: Configure The Private Vlan Port Mode

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure the Private VLAN Port Mode  To configure the private VLAN port mode: Launch a web browser. In the address field of your web browser, enter the IP address of the switch.
  • Page 553 M4300 Series and M4300-96X Fully Managed Switches User Manual The login window opens. Enter the user name and password. The default admin user name is admin and the default admin password is blank, that is, do not enter a password.

  • Page 554: Configure A Private Vlan Promiscuous Interface

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure a Private VLAN Promiscuous Interface  To configure a private VLAN promiscuous interface: Launch a web browser. In the address field of your web browser, enter the IP address of the switch.

  • Page 555: Manage The Storm Control Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual The following table describes the nonconfigurable information displayed on the page. Table 203. Private VLAN Promiscuous Interface Configuration Field Description Interface Select the physical or LAG interface Operational VLAN(s) The operational VLANs.

  • Page 556: Configure Storm Control For A Port

    M4300 Series and M4300-96X Fully Managed Switches User Manual Select the storm control settings: Select the Broadcast Storm Control All Disable or Enable radio button. • This enables or disables Broadcast Storm Recovery mode on all ports. When you specify Enable and the broadcast traffic on any Ethernet port exceeds the configured threshold, the switch blocks (discards) the broadcast traffic.
  • Page 557 M4300 Series and M4300-96X Fully Managed Switches User Manual Use one of the following methods to select a port: In the Go To Port field, enter the interface in the unit/slot/port format and click on the • Go button. Next to the Port column, select the check box for the port that you want to configure, •...

  • Page 558: Configure Dhcp Snooping

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure DHCP Snooping You can configure DHCP snooping global and interface settings. Configure DHCP Snooping Global Settings  To configure DHCP snooping global settings: Launch a web browser. In the address field of your web browser, enter the IP address of the switch.

  • Page 559: Configure A Dhcp Snooping Interface

    M4300 Series and M4300-96X Fully Managed Switches User Manual Click the Apply button. Your settings are saved. Configure a DHCP Snooping Interface  To configure a DHCP snooping interface: Launch a web browser. In the address field of your web browser, enter the IP address of the switch.

  • Page 560: Configure A Static Dhcp Snooping Binding

    M4300 Series and M4300-96X Fully Managed Switches User Manual If the incoming rate of DHCP packets exceeds the value of this for consecutive burst interval seconds, the port is shut down. If this value is N/A, then burst interval has no meaning, hence it is disabled.

  • Page 561: View The Dynamic Dhcp Snooping Bindings

    M4300 Series and M4300-96X Fully Managed Switches User Manual This is the key to the binding database. c. From the VLAN ID menu, select the VLAN for the binding rule. The range of the VLAN ID is 1 to 4093.

  • Page 562: Configure Snooping Persistent Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 204. Dynamic DHCP Bindings Field Description IP Address The IP address that corresponds to the binding. Lease Time The remaining lease time for the binding. Configure Snooping Persistent Settings ...

  • Page 563: View And Clear The Dhcp Snooping Statistics

    M4300 Series and M4300-96X Fully Managed Switches User Manual View and Clear the DHCP Snooping Statistics  To view and clear the DHCP snooping statistics: Launch a web browser. In the address field of your web browser, enter the IP address of the switch.

  • Page 564: Configure Ip Source Guard Interfaces

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure IP Source Guard Interfaces You can configure IP source guard (IPSG) on each interface. IPSG is a security feature that filters IP packets based on source ID. This feature helps protect the network from attacks that use IP address spoofing to compromise or overwhelm the network.

  • Page 565: Configure Ip Source Guard Binding Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual Next to the Interface column, select the check box for the port that you want to • configure, select multiple check boxes to apply the same setting to all selected interfaces, or select the check box in the table heading to apply the same settings to all interfaces.

  • Page 566: Configure Ipv6 Source Guard Interface Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual From the Interface menu, select the interface. In the MAC Address field, type the MAC address for the binding. From the VLAN ID menu, select the VLAN for the binding rule.
  • Page 567 M4300 Series and M4300-96X Fully Managed Switches User Manual Click the Login button. The System Information page displays. Select Security > Control > IPv6 Source Guard > Interface Configuration. Use one of the following methods to select an interface: In the Go To Interface field, enter the interface in the unit/slot/port format and click on •...

  • Page 568: Configure An Ipv6 Source Guard Binding

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure an IPv6 Source Guard Binding  To configure an IPv6 source guard static binding: Launch a web browser. In the address field of your web browser, enter the IP address of the switch.

  • Page 569: Configure Dynamic Arp Inspection

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 207. IPv6 Source Guard Dynamic Binding Configuration Field Description IPv6 Address Displays valid IPv6 address for the binding entry. Filter Type Filter type used on the interface. One is source IPv6 address filter type, and the other is source IPv6 address and MAC address filter type.

  • Page 570: Configure Dai Vlans

    M4300 Series and M4300-96X Fully Managed Switches User Manual This specifies the DAI destination MAC validation mode for the switch. If you select Enable, destination MAC validation for the ARP response packets is enabled. The factory default is Disable. Select the Validate IP Disable or Enable radio button.

  • Page 571: Configure Dai Interfaces

    M4300 Series and M4300-96X Fully Managed Switches User Manual If this is set to Enable, invalid ARP packets information is logged. If it is set to Disable, dynamic ARP inspection logging is disabled. The default is Enable. Use ARP ACL Name to specify a name for the ARP access list.

  • Page 572: Configure A Dai Acl

    M4300 Series and M4300-96X Fully Managed Switches User Manual Use one of the following methods to select an interface: In the Go To Interface field, enter the interface in the unit/slot/port format and click on • the Go button. Next to the Interface column, select the check box for the port that you want to •...

  • Page 573: Configure A Dai Acl Rule

    M4300 Series and M4300-96X Fully Managed Switches User Manual Use Name to create an ARP ACL for DAI. Click the Add button. The DAI ACL is added to the switch configuration. To remove the currently selected DAI ACL from the switch configuration, click the Delete button.

  • Page 574: View Dai Statistics

    M4300 Series and M4300-96X Fully Managed Switches User Manual From the ACL Name menu, select the DAI ARP ACL for which you want to configure the rule. In the Source IP Address field, enter the source IP address that must be used as a match for the rule.

  • Page 575: Set Up Captive Portals

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 208. DAI Statistics (continued) Field Description DHCP Permits Number of ARP packets that were forwarded by DAI because there is a matching DHCP snooping binding entry found. ACL Drops Number of ARP packets that were dropped by DAI because there is no matching ARP ACL rule found for this VLAN and the static flag is set on this VLAN.
  • Page 576 M4300 Series and M4300-96X Fully Managed Switches User Manual The default admin user name is admin and the default admin password is blank, that is, do not enter a password. Click the Login button. The System Information page displays. Select Security > Control > Captive Portal > CP Global Configuration.

  • Page 577: Add A Captive Portal Instance

    M4300 Series and M4300-96X Fully Managed Switches User Manual disconnects any active TCP or SSL connection with the client. The valid range is 60 to 600 seconds. The default authentication time-out is 300 seconds. Click the Apply button. Your settings are saved.
  • Page 578 M4300 Series and M4300-96X Fully Managed Switches User Manual Click the Login button. The System Information page displays. Select Security > Control > Captive Portal > CP Configuration. In the CP Name field, enter the name of the configuration. The name can contain 1 to 31 alphanumeric characters.
  • Page 579 M4300 Series and M4300-96X Fully Managed Switches User Manual A user is logged out once the session idle time-out is reached. If you set the value to 0, then the time-out is not enforced. The valid range is 0 to 900 seconds. The default value is 0.

  • Page 580: Configure Captive Portals Bindings

    M4300 Series and M4300-96X Fully Managed Switches User Manual In the Max Total field, specify the maximum number of octets that the user is allowed to transfer, meaning the sum of octets transmitted and received. After this limit is reached, the user is disconnected. 0 indicates the limit is not enforced.

  • Page 581: View The Captive Portal Binding Table

    M4300 Series and M4300-96X Fully Managed Switches User Manual The interfaces are selected. Click the Apply button. Your settings are saved. View the Captive Portal Binding Table  To view the captive portal binding table: Launch a web browser. In the address field of your web browser, enter the IP address of the switch.

  • Page 582: Configure A Captive Portal Group

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure a Captive Portal Group  To configure a captive portal group: Launch a web browser. In the address field of your web browser, enter the IP address of the switch.
  • Page 583 M4300 Series and M4300-96X Fully Managed Switches User Manual Select Security > Control > Captive Portal > CP User Configuration. Enter the local User ID to identify the name of the user. In the User Name field, enter the name of the user.

  • Page 584: Configure The Captive Portal Trap Flag Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual In the Max Output field, enter the number of octets the user is allowed to transmit. After this limit is reached, the user is disconnected. 0 means use the global limit. The range is 0 to 4294967295.

  • Page 585: View And Clear The Captive Portal Client

    M4300 Series and M4300-96X Fully Managed Switches User Manual If you enable this, the SNMP agent sends a trap when a client attempts to authenticate with a captive portal but is unsuccessful. Select the Client Connect Disable or Enable radio button.

  • Page 586: Set Up And Manage Access Control Lists

    M4300 Series and M4300-96X Fully Managed Switches User Manual The following table describes the nonconfigurable information displayed on the page.t Table 211. Captive Portal Client Field Description MAC Address Shows the client MAC address. IP Address Drops Identifies the IP address of the client (if applicable).
  • Page 587 M4300 Series and M4300-96X Fully Managed Switches User Manual  To use the ACL Wizard to create a simple ACL: Launch a web browser. In the address field of your web browser, enter the IP address of the switch. The login window opens.

  • Page 588: Configure An Acl Based On Destination Mac Address

    M4300 Series and M4300-96X Fully Managed Switches User Manual ACL Based on Destination IPv4. To create an ACL based on the destination IPv4 • address and IPv4 address mask. ACL Based on Source IPv4. To create an ACL based on the source IPv4 address •...
  • Page 589 M4300 Series and M4300-96X Fully Managed Switches User Manual The default admin user name is admin and the default admin password is blank, that is, do not enter a password. Click the Login button. The System Information page displays. Select Security > ACL > ACL Wizard.

  • Page 590: Use The Acl Wizard To Complete The Destination Mac Acl

    M4300 Series and M4300-96X Fully Managed Switches User Manual The valid format is xx:xx:xx:xx:xx:xx. The BPDU keyword can be specified using a destination MAC mask of 00:00:00:ff:ff:ff. Specify the VLAN ID to compare against an Ethernet frame. Valid range of values is 1 to 4093. Either a VLAN range or VLAN can be configured.
  • Page 591 M4300 Series and M4300-96X Fully Managed Switches User Manual Assign the ACL by its name to a port. For information about how to view the configurations, see View and Delete MAC ACL on page 596. Bindings in the MAC Binding Table ...

  • Page 592: Configure Mac Acl Rules

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure MAC ACL Rules You can define rules for MAC-based ACLs. The access list definition includes rules that specify whether traffic matching the criteria is forwarded normally or discarded. A default deny all rule is the last rule of every list.
  • Page 593 M4300 Series and M4300-96X Fully Managed Switches User Manual This field cannot be set if a mirror interface is already configured for the ACL rule. Use Match Every to specify an indication to match every Layer 2 MAC packet. Valid values are as follows: True.

  • Page 594: Configure Mac Binding

    M4300 Series and M4300-96X Fully Managed Switches User Manual Valid format is xx:xx:xx:xx:xx:xx. Use Source MAC Mask to specify the Source MAC address mask specifying which bits in the Source MAC to compare against an Ethernet frame. Valid format is xx:xx:xx:xx:xx:xx.
  • Page 595 M4300 Series and M4300-96X Fully Managed Switches User Manual The System Information page displays. Select Security > ACL > Basic > MAC Binding Configuration. Select a MAC ACL from the ACL ID list. You can select one and bind it to the interfaces.

  • Page 596: View And Delete Mac Acl Bindings In The Mac Binding Table

    M4300 Series and M4300-96X Fully Managed Switches User Manual The following table describes the information that is displayed in the Interface Binding Status section. Table 212. Interface Binding Status Field Description Interface The interface of the ACL assigned. Direction Displays selected packet filtering direction for ACL.

  • Page 597: Configure An Ip Acl

    M4300 Series and M4300-96X Fully Managed Switches User Manual The following table describes the information displayed in the MAC Binding Table. Table 213. MAC Binding Table Field Description Interface The interface of the ACL assigned. Direction The selected packet filtering direction for the ACL.

  • Page 598: Configure Rules For An Ip Acl

    M4300 Series and M4300-96X Fully Managed Switches User Manual The IP ACL page shows the current size of the ACL table and the maximum size of the ACL table. The current size is equal to the number of configured IPv4 and IPv6 ACLs plus the number of configured MAC ACLs.
  • Page 599 M4300 Series and M4300-96X Fully Managed Switches User Manual The default admin user name is admin and the default admin password is blank, that is, do not enter a password. Click the Login button. The System Information page displays. Select Security > ACL > Advanced > IP Rules.
  • Page 600 M4300 Series and M4300-96X Fully Managed Switches User Manual Action. Specify what action is taken if a packet matches the rule’s criteria. The choice • is Permit or Deny. Logging. When set to Enable, logging is enabled for this ACL rule (subject to •...

  • Page 601: Configure Rules For An Extended Ip Acl

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure Rules for an Extended IP ACL You can view the rules for the IP access control lists that you created. What is shown on this page varies depending on the step in the rule configuration process.
  • Page 602 M4300 Series and M4300-96X Fully Managed Switches User Manual Configure the following options for the rule: Sequence Number. Enter a whole number in the range of 1 to 2147483647. This • number is used to identify the rule. An extended IP ACL can contain up to 1023 rules.
  • Page 603 M4300 Series and M4300-96X Fully Managed Switches User Manual True signifies that all packets must match the selected IP ACL and rule and are either permitted or denied. In this case, because all packets match the rule, the option of configuring other match criteria is not available.
  • Page 604 M4300 Series and M4300-96X Fully Managed Switches User Manual The relevant matching conditions for L4 port numbers are as follows: Equal. IP ACL rule matches only if the Layer 4 source port number is equal to • the specified port number or port key.
  • Page 605 M4300 Series and M4300-96X Fully Managed Switches User Manual Each of these values translates into its equivalent port number, which is used as both the start and end of the port range. Select Other from the menu to enter a port number. If you select Other from the menu but leave the field blank, it means any.
  • Page 606 M4300 Series and M4300-96X Fully Managed Switches User Manual The IPv4 ICMP message types are: echo, echo-reply, host-redirect, mobile-redirect, net-redirect, net-unreachable, redirect, packet-too-big, port-unreachable, source-quench, router-solicitation, router-advertisement, time-exceeded, ttl-exceeded, and unreachable. Fragments. Either select Enable to allow initial fragments (that is, the fragment bit is •...

  • Page 607: Configure An Ipv6 Acl

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure an IPv6 ACL An IPv6 ACL consists of a set of rules that are matched sequentially against a packet. When a packet meets the match criteria of a rule, the specified rule action (permitted or denied) is taken, and the additional rules are not checked for a match.

  • Page 608: Configure Ipv6 Rules

    M4300 Series and M4300-96X Fully Managed Switches User Manual The following table describes the nonconfigurable information displayed on the page. Table 214. IPv6 ACL Field Description Current Number of ACL The current number of the IP ACLs configured on the switch.
  • Page 609 M4300 Series and M4300-96X Fully Managed Switches User Manual Take one of the following actions: To add an IPv6 ACL rule, click the Add button. • To change an existing rule, click the rule hyperlink in the Sequence Number column •...
  • Page 610 M4300 Series and M4300-96X Fully Managed Switches User Manual of configuring other match criteria is not available. To configure specific match criteria for the rule, remove the rule and recreate it, or select False from the Match Every menu. Protocol Type. Specify the IPv6 protocol Type in one of the following ways: •...
  • Page 611 M4300 Series and M4300-96X Fully Managed Switches User Manual The relevant matching conditions for L4 port numbers are as follows:\ Equal. The IPv6 ACL rule matches only if the Layer 4 source port number is • equal to the specified port number or port key.
  • Page 612 M4300 Series and M4300-96X Fully Managed Switches User Manual Equal. The IPv6 ACL rule matches only if the Layer 4 destination port number • is equal to the specified port number or port key. Less Than. The IPv6 ACL rule matches if the Layer 4 destination port number •...

  • Page 613: Configure Ip Acl Interface Bindings

    M4300 Series and M4300-96X Fully Managed Switches User Manual This option is not valid for rules that match L4 information such as TCP port number, because that information is carried in the initial packet. Flow Label. The Flow Label field is enabled only if selection from the Protocol Type •...
  • Page 614 M4300 Series and M4300-96X Fully Managed Switches User Manual From the ACL ID menu, select an IP ACL. Binding ACLs to interface fails when the system has no resources to Note: bind a new ACL. IPv4 ACLs and IPv6 ACLs cannot be bound at the same time to an interface.

  • Page 615: View And Delete Ip Acl Bindings In The Ip Acl Binding Table

    M4300 Series and M4300-96X Fully Managed Switches User Manual The following table describes the nonconfigurable information displayed on the page. Table 215. IP Binding Configuration Field Description Interface Displays the selected interface. Direction Displays the selected packet filtering direction for the ACL.

  • Page 616: Configure Vlan Acl Bindings

    M4300 Series and M4300-96X Fully Managed Switches User Manual The following table describes the information displayed in the IP ACL Binding Table. Table 216. IP ACL Binding Table Field Description Interface Displays the selected interface. Direction Displays the selected packet filtering direction for the ACL.
  • Page 617 M4300 Series and M4300-96X Fully Managed Switches User Manual the currently attached ACL using that sequence number. If you do not specify a sequence number (the value is 0), a sequence number that is one greater than the highest sequence number currently in use for the VLAN ID and selected direction is used. The valid range is 1 to 4294967295.

  • Page 618: Chapter 10 Monitor The System

    Monitor the System This chapter covers the following topics: • View Port and EAP Packet Statistics • Manage the Buffered, Command, and Console Logs • Configure the Syslog and Syslog Host Settings • View and Clear the Trap Logs • View and Clear the Event Log •...

  • Page 619: View Port And Eap Packet Statistics

    M4300 Series and M4300-96X Fully Managed Switches User Manual View Port and EAP Packet Statistics You can view port statistics, including detailed statistics, and Extensible Authentication Protocol (EAP) packets statistics. View and Clear Port Statistics You can view a summary of per-port traffic statistics on the switch and clear the statistics.

  • Page 620: View And Clear The Detailed Port Statistics

    M4300 Series and M4300-96X Fully Managed Switches User Manual The following table describes the per-port statistics displayed on the page. Table 217. Port Statistics Field Description Interface This object indicates the interface of the interface table entry associated with this port on an adapter.
  • Page 621 M4300 Series and M4300-96X Fully Managed Switches User Manual Enter the user name and password. The default admin user name is admin and the default admin password is blank, that is, do not enter a password. Click the Login button.
  • Page 622 M4300 Series and M4300-96X Fully Managed Switches User Manual The following table describes the detailed port information displayed on the page. To view information about a different port, select the port number from the Interface menu. Table 218. Port Detailed Statistics...
  • Page 623 M4300 Series and M4300-96X Fully Managed Switches User Manual Table 218. Port Detailed Statistics (continued) Field Description Link Status Indicates whether the link is up or down. Link Trap Indicates whether or not the port sends a trap when link status changes.
  • Page 624 M4300 Series and M4300-96X Fully Managed Switches User Manual Table 218. Port Detailed Statistics (continued) Field Description Packets Received 256-511 The total number of packets (including bad packets) received that were between Octets 256 and 511 octets in length inclusive (excluding framing bits but including FCS octets).
  • Page 625 M4300 Series and M4300-96X Fully Managed Switches User Manual Table 218. Port Detailed Statistics (continued) Field Description Alignment Errors The total number of packets received with a length (excluding framing bits, but including FCS octets) of between 64 and 1518 octets, inclusive, but had a bad frame check sequence (FCS) with a nonintegral number of octets.
  • Page 626 M4300 Series and M4300-96X Fully Managed Switches User Manual Table 218. Port Detailed Statistics (continued) Field Description Maximum Frame Size The maximum Ethernet frame size the interface supports or is configured to use, including Ethernet header, CRC, and payload. (1518 to 9216). The default maximum frame size is 1518.

  • Page 627: View Eap Statistics

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 218. Port Detailed Statistics (continued) Field Description GMRP Failed Registrations The number of times attempted GMRP registrations could not be completed. EAPOL Frames Received The number of valid EAPOL frames of any type that were received by this authenticator.
  • Page 628 M4300 Series and M4300-96X Fully Managed Switches User Manual Use a button at the bottom of the page to perform one of the following actions: To clear all the EAP counters for all ports on the switch, select the check box in the •...

  • Page 629: Perform A Cable Test

    M4300 Series and M4300-96X Fully Managed Switches User Manual Table 219. EAP Statistics Field Description EAP Response Frames This displays the number of valid EAP response frames (other than resp/ID Received frames) that were received by this authenticator. EAP Request/ID Frames...

  • Page 630: Manage The Buffered, Command, And Console Logs

    M4300 Series and M4300-96X Fully Managed Switches User Manual command returns a cable length estimate if this feature is supported by the PHY for the current link speed. Note that if the link is down and a cable is attached to a 10/100 Ethernet adapter then the cable status might be Open or Short because some Ethernet adapters leave unused wire pairs unterminated or grounded.

  • Page 631: Configure The Buffered Log Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual Click the Login button. The System Information page displays. Select Monitoring > Logs > Buffered Logs. To clear the buffered log from the memory, click the Clear button. Configure the Buffered Log Settings This log stores messages in memory based upon the settings for message component and severity.

  • Page 632: Message Log Format

    M4300 Series and M4300-96X Fully Managed Switches User Manual Select the Admin Status Enable or Disable radio button. A log that is disabled does not log messages. Use Behavior to specify the behavior of the log when it is full.

  • Page 633: Enable Or Disable The Command Log

    M4300 Series and M4300-96X Fully Managed Switches User Manual <15>Aug 24 05:34:05 STK0 MSTP[2110]: mspt_api.c(318) 237%% Interface 12 • transitioned to root state on message age timer expiry. This example indicates a user-level message (1) with severity 7 (debug) on a system that is not a switch and generated by component MSTP running in thread ID 2110 on Aug 24 05:34:05 by line 318 of file mstp_api.c.

  • Page 634: Configure The Syslog And Syslog Host Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual The default admin user name is admin and the default admin password is blank, that is, do not enter a password. Click the Login button. The System Information page displays. Select Monitoring > Logs > Console Log Configuration.
  • Page 635 M4300 Series and M4300-96X Fully Managed Switches User Manual Enter the user name and password. The default admin user name is admin and the default admin password is blank, that is, do not enter a password. Click the Login button.

  • Page 636: Configure The Syslog Host Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual By default, VLAN 1 is used as source interface. Use the USB Filename field to specify the name of the USB file. The filename cannot include the following symbols: V:*?”<>!. Up to 64 characters can be entered. The 64 characters are only the filename length, the extension is automatically added.

  • Page 637: View And Clear The Trap Logs

    M4300 Series and M4300-96X Fully Managed Switches User Manual From the IP Address Type menu, select the address type of host. • IPv4 IPv6 In the Host Address field, specify the address of the host configured for the syslog. •...
  • Page 638 M4300 Series and M4300-96X Fully Managed Switches User Manual Enter the user name and password. The default admin user name is admin and the default admin password is blank, that is, do not enter a password. Click the Login button.

  • Page 639: View And Clear The Event Log

    M4300 Series and M4300-96X Fully Managed Switches User Manual View and Clear the Event Log You can view and clear the event log, which contains error messages from the system. The event log is not cleared on a system reset.

  • Page 640: Configure Multiple Port Mirroring

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure Multiple Port Mirroring Port mirroring selects the network traffic for analysis by a network analyzer. This is done for specific ports of the switch. As such, many switch ports are configured as source ports and one switch port is configured as a destination port.

  • Page 641: Configure The Port Mirroring Source Interface

    M4300 Series and M4300-96X Fully Managed Switches User Manual Select the number of the port mirroring session ID from the Session ID list. The number of sessions allowed is platform specific. Select the Administrative Mode for the selected port mirroring session using the True (enabled) or False (disabled) radio button.
  • Page 642 M4300 Series and M4300-96X Fully Managed Switches User Manual The login window opens. Enter the user name and password. The default admin user name is admin and the default admin password is blank, that is, do not enter a password.

  • Page 643: Manage An Rspan Vlan

    M4300 Series and M4300-96X Fully Managed Switches User Manual Rx. Monitors received (ingress) packets only. • Tx. Monitors transmitted (egress) packets only. • For VLANs only, the Tx and Rx and None options are applicable. Note: Tx and Rx. Specify VLAN as the source VLAN.

  • Page 644: Configure An Rspan Source Switch

    M4300 Series and M4300-96X Fully Managed Switches User Manual Select Monitoring > Mirroring > RSPAN VLAN. The VLAN ID column lists all VLANs on the device. Select the VLAN to use as the RSPAN VLAN. In the Admin Mode list, select to Enable or Disable RSPAN support on the corresponding VLAN.

  • Page 645: Configure An Rspan Source Interface

    M4300 Series and M4300-96X Fully Managed Switches User Manual Select the Session ID number from the list. Select the Admin Mode True (enabled) or False (disabled) radio button for the selected session. When a particular session is enabled, any traffic entering or leaving the source ports of the session is copied (mirrored) onto the corresponding destination port or a remote switched port analyzer (RSPAN) VLAN.
  • Page 646 M4300 Series and M4300-96X Fully Managed Switches User Manual Enter the user name and password. The default admin user name is admin and the default admin password is blank, that is, do not enter a password. Click the Login button.

  • Page 647: Configure The Rspan Destination Switch

    M4300 Series and M4300-96X Fully Managed Switches User Manual Click the Apply button. Your settings are saved. Traffic of the selected interfaces is sent to the probe port. The Status field indicates the interface status. Configure the RSPAN Destination Switch ...

  • Page 648: Configure Sflow

    M4300 Series and M4300-96X Fully Managed Switches User Manual IP or MAC ACLscan mirror traffic that matches a permit rule. Possible values are as follows: None. No filter is configured for the session. • IP ACL. Configure IP ACL. •...

  • Page 649: Configure Basic Sflow Agent Information

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure Basic sFlow Agent Information  To configure basic sFlow agent information: Launch a web browser. In the address field of your web browser, enter the IP address of the switch.

  • Page 650: Configure Sflow Agent Advanced Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual The following table describes the nonconfigurable information. Table 224. sFlow Basic Agent Information Field Description Uniquely identifies the version and implementation of this MIB. The version Agent Version string must use the following structure: MIB Version;Organization;Software Revision where: MIB Version: For example, 1.3, the version of this MIB...

  • Page 651: Configure An Sflow Receiver

    M4300 Series and M4300-96X Fully Managed Switches User Manual Routing VLAN • Routing loopback interface • Tunnel interface • Service port • By default, VLAN 1 is used as the source interface. Click the Apply button. Your settings are saved.
  • Page 652 M4300 Series and M4300-96X Fully Managed Switches User Manual Next to the Receiver Index columns, select the check box for the receiver for which data must be displayed or configured. The allowed range to 1 to 8. In the Receiver Owner field, specify the receiver owner.

  • Page 653: Configure The Sflow Interface

    M4300 Series and M4300-96X Fully Managed Switches User Manual Configure the sFlow Interface sFlow agent collects statistical packet-based sampling of switched flows and sends them to the configured receivers. A data source configured to collect flow samples is called a sampler.
  • Page 654 M4300 Series and M4300-96X Fully Managed Switches User Manual A sampling interval of 0 disables counter sampling. The Allowed range is 0 to 86400 seconds. Use Sampler Receiver Index to specify the sFlow receiver for this flow sampler. If set to 0, the sampler configuration is set to default and the sampler is deleted. Only active receivers can be set.

  • Page 655: Chapter 11 Maintenance And Troubleshooting

    Maintenance and Troubleshooting This chapter covers the following topics: • Save the Configuration • Configure Auto Save Mode • Reset the Switch to Its Factory Default Settings • Reset All User Passwords to Their Default Settings • Upload or Export a File From the Switch •...

  • Page 656: Save The Configuration

    M4300 Series and M4300-96X Fully Managed Switches User Manual Save the Configuration When you save the configuration, changes that you made are retained by the switch when it is rebooted. You can manually save the configuration or you can set up autosave.

  • Page 657: Reset The Switch To Its Factory Default Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual Click the Login button. The System Information page displays. Select Maintenance > Save Config > Auto Install Configuration. The Autoinstall State field displays the current status of the Autoinstall process. From the AutoInstall Mode menu, select the start/stop auto install mode on the switch.

  • Page 658: Reset All User Passwords To Their Default Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual Click the Login button. The System Information page displays. Select Maintenance > Reset > Factory Default. Select the check box. Click the Apply button. A confirmation pop-up window opens. Click Yes to confirm.

  • Page 659: Upload Or Export A File From The Switch

    M4300 Series and M4300-96X Fully Managed Switches User Manual Upload or Export a File From the Switch You can upload configuration (ASCII), log (ASCII), and image (binary) files from the switch to the TFTP server. Upload a File to the TFTP Server ...
  • Page 660 M4300 Series and M4300-96X Fully Managed Switches User Manual Backup Configuration. Specify Backup Configuration in text mode to retrieve the • stored backup configuration. CPU Packets Capture File. Specify CPU Packets Capture File to retrieve the stored • captured CPU packets.

  • Page 661: Http File Upload

    M4300 Series and M4300-96X Fully Managed Switches User Manual HTTP File Upload  To use HTTP file upload: Launch a web browser. In the address field of your web browser, enter the IP address of the switch. The login window opens.

  • Page 662: Upload A File From The Switch To A Usb Device

    M4300 Series and M4300-96X Fully Managed Switches User Manual Upload a File from the Switch to a USB Device  To use upload a file from the switch to a USB device: Launch a web browser. In the address field of your web browser, enter the IP address of the switch.
  • Page 663 M4300 Series and M4300-96X Fully Managed Switches User Manual  To download a file: Launch a web browser. In the address field of your web browser, enter the IP address of the switch. The login window opens. Enter the user name and password.
  • Page 664 M4300 Series and M4300-96X Fully Managed Switches User Manual Use SSL DH Weak Encryption Parameter PEM File. Select this option to transfer an • SSL Diffie-Hellman Weak Encryption Parameter File (PEM Encoded) to the device. Use SSL DH Strong Encryption Parameter PEM File. Select this option to transfer an •...

  • Page 665: Download A File To The Switch Using Http

    M4300 Series and M4300-96X Fully Managed Switches User Manual Use Server Address to enter the IP address of the TFTP server in accordance with the format indicated by the server address type, for example an IP address in the x.x.x.x format.
  • Page 666 M4300 Series and M4300-96X Fully Managed Switches User Manual The default admin user name is admin and the default admin password is blank, that is, do not enter a password. Click the Login button. The System Information page displays. Select Maintenance > Upgrade > HTTP File Upgrade.

  • Page 667: Download A File From A Usb Device

    M4300 Series and M4300-96X Fully Managed Switches User Manual Click the Apply button. The download begins. The Download Status field displays the status during transfer file to the switch. After a file transfer is started, wait until the page refreshes. When the Note: page refreshes, the Select File option is blanked out.

  • Page 668: File Management

    M4300 Series and M4300-96X Fully Managed Switches User Manual Use the File Path field to give a path for the file to download. You can enter up to 146 characters. The default is blank. Use USB File to give a name along with path for the file to download.

  • Page 669: Configure Dual Image Settings

    M4300 Series and M4300-96X Fully Managed Switches User Manual Use Switch Member to select the destination unit to which you are going to copy from the supervisor. Use Destination Image to select the image1 or image2 as the destination image.

  • Page 670: Troubleshooting

    M4300 Series and M4300-96X Fully Managed Switches User Manual After activating an image, you must perform a system reset of the Note: switch to run the new image. The following table describes the nonconfigurable information displayed on the page. Table 226. Dual Image Configuration...
  • Page 671 M4300 Series and M4300-96X Fully Managed Switches User Manual Select Maintenance > Troubleshooting > Ping IPv4. Use IP Address/Host Name to enter the IP address or host name of the station for the switch to ping. The initial value is blank.

  • Page 672: Ping Ipv6

    M4300 Series and M4300-96X Fully Managed Switches User Manual Ping IPv6 This page is used to send a ping request to a specified host name or IPv6 address. You can use this to check whether the switch can communicate with a particular IPv6 station. When you click the Apply button, the switch sends a specified number of ping requests and the results are displayed below the configurable data.

  • Page 673: Traceroute Ipv4

    M4300 Series and M4300-96X Fully Managed Switches User Manual The range is 1 to 15. The default value is 3. Enter the Interval in seconds between ping packets. The range is 1 to 60. The default value is 3. Use Datagram Size to enter the datagram size.
  • Page 674 M4300 Series and M4300-96X Fully Managed Switches User Manual Enter the user name and password. The default admin user name is admin and the default admin password is blank, that is, do not enter a password. Click the Login button.

  • Page 675: Traceroute Ipv6

    M4300 Series and M4300-96X Fully Managed Switches User Manual The default value is 33434. The range is 1- 65535. Enter the Size of the probe packets. The default value is 0. The range is 0 to 39936. Enter the Source IP address or interface to use when sending the echo request packets.
  • Page 676 M4300 Series and M4300-96X Fully Managed Switches User Manual Click the Login button. The System Information page displays. Select Maintenance > Troubleshooting > Traceroute IPv6. In the IPv6 Address/Hostname field, enter the IPv6 address or host name of the station to which you want the switch to discover a path.

  • Page 677: Packet Capturing

    M4300 Series and M4300-96X Fully Managed Switches User Manual The default value is 33434. The range is 1- 65535. The port you enter is not retained across a power cycle. Enter the Size of the probe packets. The default value is 0. The range is 0 to 39936. The size you enter is not retained across a power cycle.

  • Page 678: Perform A Full Memory Dump

    M4300 Series and M4300-96X Fully Managed Switches User Manual Next to RPCAP USB, select the Enable radio button. From the Capture Mode menu, select the CPU traffic type: All. Capture all traffic. This option is the default setting. • TX. Capture transmitted traffic only.
  • Page 679 M4300 Series and M4300-96X Fully Managed Switches User Manual The System Information page displays. Select Maintenance > Troubleshooting > Full Memory Dump. From the Protocol menu, select the protocol used to store the core dump file. Possible values are as follows: None.

  • Page 680: Appendix A Default Settings

    Default Settings This appendix describes the default settings for many of the NETGEAR switch software features. Table 227. Default Settings Feature Default IP address for management VLAN 169.254.100.100 Service port IP address 192.168.0.239 Subnet mask 255.255.0.0 Default gateway 0.0.0.0 Protocol...
  • Page 681 M4300 Series and M4300-96X Fully Managed Switches User Manual Table 227. Default Settings (continued) Feature Default Auto Save Disabled sFlow Enabled ISDP Enabled (Versions 1 and 2) RMON Enabled TACACS Not configured RADIUS Not configured SSH/SSL Disabled Telnet Enabled Denial of Service Protection...
  • Page 682 M4300 Series and M4300-96X Fully Managed Switches User Manual Table 227. Default Settings (continued) Feature Default MAC table address aging 300 seconds (dynamic addresses) DHCP Layer 2 relay Disabled Default VLAN ID Default VLAN name Default GVRP Disabled GARP timers...

  • Page 683: Appendix B Configuration Examples

    Configuration Examples This appendix contains information about how to configure the following features: • Virtual Local Area Networks (VLANs) • Access Control Lists (ACLs) • Differentiated Services (DiffServ) • 802.1X • MSTP...

  • Page 684: Virtual Local Area Networks (Vlans)

    M4300 Series and M4300-96X Fully Managed Switches User Manual Virtual Local Area Networks (VLANs) A local area network (LAN) can generally be defined as a broadcast domain. Hubs, bridges, or switches in the same physical segment or segments connect all end node devices. End nodes can communicate with each other without the need for a router.

  • Page 685: Vlan Configuration Examples

    M4300 Series and M4300-96X Fully Managed Switches User Manual Packets leaving the switch are either tagged or untagged, depending on the setting for • that port’s VLAN membership properties. A U for a given port means that packets leaving the switch from that port are untagged. Inversely, a T for a given port means that packets leaving the switch from that port are tagged with the VLAN ID that is associated with the port.

  • Page 686: Access Control Lists (Acls)

    M4300 Series and M4300-96X Fully Managed Switches User Manual Access Control Lists (ACLs) ACLs ensure that only authorized users can access specific resources while blocking off any unwarranted attempts to reach network resources. ACLs are used to provide traffic flow control, restrict contents of routing updates, decide which types of traffic are forwarded or blocked, and provide security for the network.

  • Page 687: Standard Ip Acl Sample Configuration

    M4300 Series and M4300-96X Fully Managed Switches User Manual Destination MAC Mask: 00:00:00:00:FF:FF • EtherType User Value: • Source MAC: 02:02:1A:BC:DE:EF • Source MAC Mask: 00:00:00:00:FF:FF • VLAN ID: 2 • For more information about MAC ACL rules, see Configure MAC ACL Rules page 592.

  • Page 688: Differentiated Services (Diffserv)

    M4300 Series and M4300-96X Fully Managed Switches User Manual From the IP Rules page, create a second rule for IP ACL 1 with the following settings: Rule ID: 2 • Action: Permit • Match Every: True • Click the Add button.

  • Page 689: Class

    M4300 Series and M4300-96X Fully Managed Switches User Manual The DiffServ feature contains a number of conceptual QoS building blocks you can use to construct a differentiated service network. Use these same blocks in different ways to build other types of QoS architectures.

  • Page 690: Creating Policies

    M4300 Series and M4300-96X Fully Managed Switches User Manual To configure DiffServ, you must define service levels, namely the forwarding classes/PHBs identified by a given DSCP value, on the egress interface. These service levels are defined by configuring BA classes for each.

  • Page 691: Diffserv Example Configuration

    M4300 Series and M4300-96X Fully Managed Switches User Manual Color aware mode takes into consideration the current packet marking when determining the policing outcome. An auxiliary traffic class is used in conjunction with the policing definition to specify a value for one of the 802.1p, secondary 802.1p, IP DSCP, or IP Precedence fields designating the incoming color value to be used as the conforming color.

  • Page 692: 692

    M4300 Series and M4300-96X Fully Managed Switches User Manual The policy is added. Click the Policy1 hyperlink to view the Policy Class Configuration page for this policy. Configure the Policy attributes as follows: Assign Queue: 3 • Policy Attribute: Simple Policy •...
  • Page 693 M4300 Series and M4300-96X Fully Managed Switches User Manual between the authenticator (the system that passes an authentication request to the authentication server) and the supplicant (the system that requests authentication), as well as between the authenticator and the authentication server.

  • Page 694: 802.1X Example Configuration

    M4300 Series and M4300-96X Fully Managed Switches User Manual Figure 1. 802.1X Authentication Roles 802.1X Example Configuration This example shows how to configure the switch so that 802.1X-based authentication is required on the ports in a corporate conference room (1/0/5– 1/0/8). These ports are available to visitors and must be authenticated before granting access to the network.

  • Page 695: Mstp

    M4300 Series and M4300-96X Fully Managed Switches User Manual From the RADIUS Server Configuration page, configure a RADIUS server with the following settings: Server Address: 192.168.10.23 • Secret Configured: Yes • Secret: secret123 • Active: Primary • For more information, see on page 492.
  • Page 696 M4300 Series and M4300-96X Fully Managed Switches User Manual MSTP ensures that frames with a given VLAN ID are assigned to one and only one of the MSTIs or the IST within the Region, that the assignment is consistent among all the networking devices in the Region and that the stable connectivity of each MSTI and IST at the boundary of the Region matches that of the CST.

  • Page 697: Mstp Example Configuration

    M4300 Series and M4300-96X Fully Managed Switches User Manual MSTP Example Configuration This example shows how to create an MSTP instance on the switch. The example network includes three different switches that serve different locations in the network. In this example, ports 1/0/1-1/0/5 are connected to host stations, so those links are not subject to network loops.
  • Page 698 M4300 Series and M4300-96X Fully Managed Switches User Manual If you do not specify a root bridge and all switches are assigned the same bridge priority value, the switch with the lowest MAC address is elected as the root bridge (see on page 215).

  • Page 699: Appendix C Acronyms And Abbreviations

    Bidirectional Forwarding Detection Border Gateway Protocol Boot file The software image (typically a .stk file), which is intended to download and run on the target NETGEAR ProSafe Managed device. Board Support Package Cisco Discovery Protocol Control Element Command Line Interface Class of Service.
  • Page 700 M4300 Series and M4300-96X Fully Managed Switches User Manual Table 228. Acronyms and Abbreviations (continued) Acronym Definition DAPI Destination Access Point Identifier DCVPN Data Center Virtual Private Network Default Gateway The IP address of a router that a host can use as its first hop when the host does not know a more specific route to a given destination.
  • Page 701 M4300 Series and M4300-96X Fully Managed Switches User Manual Table 228. Acronyms and Abbreviations (continued) Acronym Definition IGMP Internet Group Management Protocol In-band Interface An IP interface that could be used for in-band management. Any IP interface other than the Out-of-Band port.
  • Page 702 M4300 Series and M4300-96X Fully Managed Switches User Manual Table 228. Acronyms and Abbreviations (continued) Acronym Definition MLAG Multi-switch Link Aggregation Memory Management Unit MPLS Multiprotocol Label Switching: A standard involving IP quality. Message User Agent Multicast VLAN Registration not applicable...
  • Page 703 UDLD Uni-Directional Link Detection User Interface UPoE Universal Power over Ethernet. No IEEE standard exists yet for UPoE. NETGEAR UPoE supports power delivery of up to 60W per port. Universal Serial Bus Virtual Router An abstract object managed by VRRP that acts as a default router for hosts on a shared LAN.
  • Page 704 M4300 Series and M4300-96X Fully Managed Switches User Manual Table 228. Acronyms and Abbreviations (continued) Acronym Definition VRRP Router A router running the Virtual Router Redundancy Protocol. It can participate in one or more virtual routers. VLAN Trunking Protocol Acronyms and Abbreviations...

This manual is also suitable for:

M4300-96x

Table of Contents

Save PDF