SMC Networks TIGERSWITCH 10/100 Management Manual
  1. Manuals
  2. Brands
  3. SMC Networks Manuals
  4. Network Router
  5. TIGERSWITCH 10/100
  6. Management manual

SMC Networks TIGERSWITCH 10/100 Management Manual

24-port fast ethernet switch
Hide thumbs Also See for TIGERSWITCH 10/100:
Table of Contents

Advertisement

Quick Links

See also: User Manual , Installation Manual
TigerSwitch 10/100
24-Port Fast Ethernet Switch
24 10BASE-T/100BASE-TX auto MDI/MDI-X ports
Optional 1000BASE-X or 100BASE-FX modules
8.8 Gbps of aggregate bandwidth
Non-blocking switching architecture
Spanning Tree Protocol
Up to four port trunks
RADIUS authentication
Rate limiting for bandwidth management
QoS support for four-level priority
Full support for VLANs with GVRP
IP Multicasting with IGMP Snooping
Manageable via console, Web, SNMP/RMON

Management Guide

SMC6724L2

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the TIGERSWITCH 10/100 and is the answer not in the manual?

Questions and answers

Related Manuals for SMC Networks TIGERSWITCH 10/100

Summary of Contents for SMC Networks TIGERSWITCH 10/100

  • Page 1: Management Guide

    TigerSwitch 10/100 24-Port Fast Ethernet Switch 24 10BASE-T/100BASE-TX auto MDI/MDI-X ports Optional 1000BASE-X or 100BASE-FX modules 8.8 Gbps of aggregate bandwidth Non-blocking switching architecture Spanning Tree Protocol Up to four port trunks RADIUS authentication Rate limiting for bandwidth management QoS support for four-level priority...
  • Page 3 TigerSwitch 10/100 Management Guide From SMC’s Tiger line of feature-rich workgroup LAN solutions 38 Tesla Irvine, CA 92618 Phone: (949) 679-8000 May 2003 Pub. # 150200033600A...
  • Page 4 Irvine, CA 92618 All rights reserved. Printed in Taiwan Trademarks: SMC is a registered trademark; and EZ Switch, TigerStack and TigerSwitch are trademarks of SMC Networks, Inc. Other product and company names are trademarks or registered trademarks of their respective holders.

  • Page 5: Limited Warranty

    IMITED ARRANTY Limited Warranty Statement: SMC Networks, Inc. (“SMC”) warrants its products to be free from defects in workmanship and materials, under normal use and service, for the applicable warranty term. All SMC products carry a standard 90-day limited warranty from the date of purchase from SMC or its Authorized Reseller.
  • Page 6 * SMC will provide warranty service for one year following discontinuance from the active SMC price list. Under the limited lifetime warranty, internal and external power supplies, fans, and cables are covered by a standard one-year warranty from date of purchase. SMC Networks, Inc. 38 Tesla Irvine, CA 92618...

  • Page 7: Table Of Contents

    Switch Management ..... . 1-1 Connecting to the Switch ......1-1 Configuration Options .
  • Page 8 ONTENTS Port Configuration ....... 2-30 Displaying Connection Status ....2-30 Configuring Interface Connections .
  • Page 9 Interfaces Attached to a Multicast Router ... 2-89 Specifying Interfaces Attached to a Multicast Router . . . 2-91 Displaying Port Members of Multicast Services ..2-92 Adding Multicast Addresses to VLANs .
  • Page 10 ONTENTS exit ........3-18 quit .
  • Page 11 show dot1x ....... . 3-51 SNMP Commands ....... . 3-54 snmp-server community .
  • Page 12 ONTENTS show queue hol-prevention ....3-87 Interface Commands ......3-88 interface .
  • Page 13 switchport acceptable-frame-types ....3-126 switchport ingress-filtering ....3-127 switchport native vlan .
  • Page 14 ONTENTS Troubleshooting ......A-1 Troubleshooting Chart ......A-1 Upgrading Firmware via the Serial Port .

  • Page 15: Switch Management

    Connecting to the Switch Configuration Options This switch includes a built-in network management agent. The agent offers a variety of management options, including SNMP, RMON and a Web-based interface. A PC may also be connected directly to the switch for configuration and monitoring via a command line interface (CLI).
  • Page 16 WITCH ANAGEMENT The switch’s CLI configuration program, Web interface, and SNMP agent allow you to perform the following management functions: • Set user names and passwords for up to 16 users • Set an IP interface for a management VLAN •...

  • Page 17: Required Connections

    • RADIUS client support • MAC filtering security Required Connections The switch provides an RS-232 serial port that enables a connection to a PC or terminal for monitoring and configuring the switch. A null-modem console cable is provided with the switch. Attach a VT100-compatible terminal, or a PC running a terminal emulation program to the switch.

  • Page 18: Remote Connections

    WITCH ANAGEMENT Note: When using HyperTerminal with Microsoft 2000, make sure that you have Windows 2000 Service Pack 2 or later installed. Windows 2000 Service Pack 2 fixes the problem of arrow keys not functioning in HyperTerminal’s VT100 emulation. See www.microsoft.com for information on Windows 2000 service packs.

  • Page 19: Basic Configuration

    browser (Internet Explorer 5.0 or above, or Netscape Navigator 6.2 or above), or from a network computer using network management software. Note: The onboard program only provides access to basic configuration functions. To access the full range of SNMP management functions, you must use SNMP-based network management software.

  • Page 20: Setting Passwords

    Privileged Exec level, where password is your new password. Press <Enter>. Username: admin Password: CLI session with the TigerSwitch 10/100 - 6724L2 Managed 24+2 Standalone Switch is opened. To end the CLI session, enter [Exit]. Console#configure Console(config)#username guest password 0 [password]...

  • Page 21: Setting An Ip Address

    Setting an IP Address You must establish IP address information for the switch to obtain management access through the network. This can be done in either of the following ways: Manual — You have to input the information, including IP address and subnet mask.

  • Page 22: Dynamic Configuration

    WITCH ANAGEMENT • Default gateway for the network • Network mask for this network To assign an IP address to the switch, complete the following steps: 1. From the Privileged Exec level global configuration mode prompt, type “interface vlan 1” to access the interface-configuration mode.
  • Page 23 If the “bootp” or “dhcp” option is saved to the startup-config file (step 6), then the switch will start broadcasting service requests as soon as it is powered on. To automatically configure the switch by communicating with BOOTP or DHCP address allocation servers on the network, complete the following steps: 1.

  • Page 24: Enabling Snmp Management Access

    WITCH ANAGEMENT 6. Then save your configuration changes by typing “copy running-config startup-config.” Enter the startup file name and press <Enter>. Console(config)#interface vlan 1 Console(config-if)#ip address dhcp Console(config-if)#exit Console#ip dhcp restart Console#show ip interface IP interface vlan IP address and netmask: 10.1.0.54 255.255.255.0 on VLAN 1, and address mode: User specified.
  • Page 25 The default strings are: • public - with read-only access. Authorized management stations are only able to retrieve MIB objects. • private - with read-write access. Authorized management stations are able to both retrieve and modify MIB objects. Note: If you do not intend to utilize SNMP, it is recommended that you delete both of the default community strings.

  • Page 26: Saving Configuration Settings

    WITCH ANAGEMENT Trap Receivers You can also specify SNMP stations that are to receive traps from the switch. To configure a trap receiver, complete the following steps: 1. From the Privileged Exec level global configuration mode prompt, type “snmp-server host host-address community-string,”...

  • Page 27: Managing System Files

    2. Enter the name of the start-up file. Press <Enter>. Console#copy running-config startup-config Startup configuration file name []: startup \Write to FLASH Programming. \Write to FLASH finish. Success. Console# Managing System Files The switch’s flash memory supports three types of system files that can be managed by the CLI program, Web interface, or SNMP.

  • Page 28: System Defaults

    WITCH ANAGEMENT also provides a facility to upload firmware files to the system directly through the console port. See “Upgrading Firmware via the Serial Port” on page B-1. Due to the size limit of the flash memory, the switch supports only one operation code file, and two diagnostic code files.
  • Page 29 Function Parameter SNMP Community Strings Traps Security Privileged Exec Level Normal Exec Level Enable Privileged Exec from Normal Exec Level RADIUS Authentication Disabled Console Port Baud Rate Connection Data bits Stop bits Parity Local Console Timeout YSTEM Default “public” (read only) “private”...
  • Page 30 WITCH ANAGEMENT Function Port Status Link Aggregation Spanning Tree Protocol Address Table 1-16 Parameter Admin Status Auto-negotiation Flow Control 10/100 Mbps Port Capability 10/100/1000 Mbps Port Capability Static Trunks Status Fast Forwarding Aging Time Default Enabled Enabled Disabled 10 Mbps half duplex 10 Mbps full duplex 100 Mbps half duplex 100 Mbps full duplex...
  • Page 31 Function Parameter Virtual LANs Default VLAN PVID Acceptable Frame Type All Ingress Filtering Switchport Mode (Egress Mode) Private VLAN GVRP (global) GVRP (port interface) Class of Service Ingress Port Priority Weighted Round Robin Class 0: 1 Broadcast Status Storm Broadcast Limit Rate Protection YSTEM Default...
  • Page 32 WITCH ANAGEMENT 1-18...

  • Page 33: Configuring The Switch

    ONFIGURING THE Using the Web Interface This switch provides an embedded HTTP Web agent. Using a Web browser you can configure the switch and view statistics to monitor network activity. The Web agent can be accessed by any computer on the network using a standard Web browser (Internet Explorer 5.0 or above, or Netscape Navigator 6.2 or above).

  • Page 34: Navigating The Web Browser Interface

    ONFIGURING THE WITCH Notes: 1. You are allowed three attempts to enter the correct password; on the third failed attempt the current connection is terminated. 2. If you log into the Web interface as guest (Normal Exec level), you can view page information but only change the guest password.

  • Page 35: Home Page

    Home Page When your Web browser connects with the switch’s Web agent, the home page is displayed as shown below. The home page displays the Main Menu on the left side of the screen and System Information on the right side. The Main Menu links are used to navigate to other menus, and display configuration parameters and statistics.

  • Page 36: Panel Display

    ONFIGURING THE WITCH new setting. The following table summarizes the Web page configuration buttons. Button Revert Refresh Apply Apply Changes Notes: 1. To ensure proper screen refresh, be sure that Internet Explorer 5.x is configured as follows: Under the menu “Tools / Internet Options / General / Temporary Internet Files / Settings,”...

  • Page 37: Main Menu

    Main Menu Using the onboard Web agent, you can define system parameters, manage and control the switch, and all its ports, or monitor network conditions. The following table briefly describes the selections available from this program. Menu System System Information Passwords Radius Firmware...
  • Page 38 ONFIGURING THE WITCH Menu Trunk Broadcast Control Mirror Address Table Static Addresses Dynamic Addresses Address Aging Spanning Tree STA Information Displays STA values used for the bridge Configuration STA Port Information STA Trunk Information STA Port Configuration STA Trunk Configuration VLAN VLAN Base Information...
  • Page 39 Menu Description VLAN Trunk Specifies default trunk VID and VLAN attributes 2-65 Configuration Private VLAN Private VLAN Shows private VLANs and associated ports Information Private VLAN Configures private VLANs Configuration Private VLAN Maps a secondary VLAN to a primary VLAN Association Private VLAN Port Shows VLAN port type, and associated primary...
  • Page 40 ONFIGURING THE WITCH Menu IGMP IGMP Configuration Multicast Router Port Information Static Multicast Router Port Configuration IP Multicast Registration Table IGMP Member Port Table Statistics - Port Statistics Rate Limit Input Rate Limit Port Configuration Input Rate Limit Trunk Configuration Output Rate Limit Port Configuration...

  • Page 41: Basic Configuration

    Menu Port Configuration Statistics Basic Configuration Displaying System Information You can easily identify the system by providing a descriptive name, location and contact information. Command Attributes • System Name – Name assigned to the switch system. • Object ID – MIB II object ID for switch’s network management subsystem.
  • Page 42 ONFIGURING THE WITCH Web – Click System, System Information. Specify the system name, location, and contact information for the system administrator, then click Apply. (This page also includes a Telnet button that allows access to the Command Line Interface via Telnet.) 2-10...

  • Page 43: Setting The Ip Address

    Console(config)#hostname R&D 5 Console(config)#snmp-server location WC 9 Console(config)#snmp-server contact Geoff Console#show system System description: TigerSwitch 10/100 - 6724L2 Managed 24+2 System OID string: 1.3.6.1.4.1.259.6.10.42 System information System Up time: 0 days, 1 hours, 1 minutes, and 41.64 seconds System Name...

  • Page 44: Command Attributes

    ONFIGURING THE WITCH Command Attributes • Management VLAN – This is the only VLAN through which you can manage the switch. By default, all ports on the switch are members of VLAN 1, so a management station can be connected to any port on the switch. However, if you change the Management VLAN to another VLAN, you will lose access to the switch unless the management port has already been configured as a member of the new VLAN.

  • Page 45: Manual Configuration

    Manual Configuration Web – Click System, IP. Specify the management interface, IP address and default gateway, then click Apply. CLI – Specify the management interface, IP address and default gateway. Console#config Console(config)#interface vlan 1 Console(config-if)#ip address 10.1.0.3 255.255.255.0 Console(config-if)#exit Console(config)#ip default-gateway 10.1.0.254 Console(config)# Using DHCP/BOOTP If your network provides DHCP/BOOTP services, you can...
  • Page 46 ONFIGURING THE WITCH Web – Click System, IP. Specify the Management VLAN, and set the IP Address Mode to DHCP or BOOTP. Click Apply to save your changes. Then click Restart DHCP to immediately request a new address. Note that the switch will also broadcast a request for IP configuration settings on the each power reset.

  • Page 47: Configuring User Authentication

    Renewing DCHP – DHCP may lease addresses to clients indefinitely or for a specific period of time. If the address expires or the switch is moved to another network segment, you will lose management access to the switch. In this case, you can reboot the switch or submit a client request to restart DHCP service.
  • Page 48 ONFIGURING THE WITCH The default guest name is “guest” with the password “guest.” The default administrator name is “admin” with the password “admin.” Note that user names can only be assigned via the CLI. Command Attributes • User Name* – The name of the user. (Maximum length: 8 characters;...

  • Page 49: Configuring Radius Logon Authentication

    Configuring RADIUS Logon Authentication Remote Authentication Dial-in User Service (RADIUS) is a logon authentication protocol that uses software running on a central server to control access to RADIUS-compliant devices on the network. An authentication server contains a database of multiple user name/password pairs with associated privilege levels for each user or group that require management access to a switch.
  • Page 50 ONFIGURING THE WITCH Command Attributes • Authentication – Select the authentication, or authentication sequence required: - Radius – User authentication is performed using a RADIUS server only. - Local – User authentication is performed only locally by the switch. - Radius, Local – User authentication is attempted first using a RADIUS server, then locally by the switch.
  • Page 51 Web – Click System, Radius. To configure local or remote authentication preferences, specify the authentication sequence (i.e., one to two methods), fill in the parameters for RADIUS authentication if selected, and click Apply. CLI – Specify all the required parameters to enable logon authentication.

  • Page 52: Managing Firmware

    ONFIGURING THE WITCH Managing Firmware You can upload/download firmware to or from a TFTP server. By saving runtime code to a file on a TFTP server, that file can later be downloaded to the switch to restore operation. Command Attributes •...
  • Page 53 Web – Click System, Firmware. Enter the IP address of the TFTP server, enter the file name of the software to download, enter the Destination File Name to overwrite the current file on the switch then click Transfer from Server. To start the new firmware, reboot the system via the Reset menu.

  • Page 54: Saving Or Restoring Configuration Settings

    ONFIGURING THE WITCH Saving or Restoring Configuration Settings You can upload/download configuration settings to/from a TFTP server. The configuration file can be later downloaded to restore the switch’s settings. Command Attributes • TFTP Server IP Address – The IP address of a TFTP server. •...
  • Page 55 Web – Click System, Configuration. Enter the IP address of the TFTP server, enter the name of the file to download, select a file on the switch to overwrite or specify a new file name, and then click Transfer from Server. If you download to a new file name, select the new file from the drop-down box for Startup Configuration File, and press Apply Changes.

  • Page 56: Resetting The System

    ONFIGURING THE WITCH If you download the startup configuration file under a new file name, you can set this file as the startup file at a later time, and then restart the switch. Console#config Console(config)#boot system config: startup-new Console(config)#exit Console#reload Resetting the System Web –...
  • Page 57 Command Attributes • Extended Multicast Filtering Services – This switch does not support the filtering of individual multicast addresses based on GMRP (GARP Multicast Registration Protocol). • Traffic Classes – This switch provides mapping of user priorities to multiple traffic classes. (Refer to “Class of Service Configuration”...
  • Page 58 ONFIGURING THE WITCH Web – Click System, Bridge Extension. CLI – Enter the following command. Console#show bridge-ext Max support vlan numbers: 127 Max support vlan ID: 4094 Extended multicast filtering services: No Static entry individual port: Yes VLAN learning: SVL Configurable PVID tagging: Yes Local VLAN capable: No Traffic classes: Enabled...

  • Page 59: Enabling Or Disabling Gvrp (Global Setting)

    Enabling or Disabling GVRP (Global Setting) GARP VLAN Registration Protocol (GVRP) defines a way for switches to exchange VLAN information in order to register VLAN members on ports across the network. VLANs are dynamically configured based on join messages issued by host devices and propagated throughout the network.

  • Page 60: Displaying Switch Hardware/Software Versions

    ONFIGURING THE WITCH Displaying Switch Hardware/Software Versions Use the Switch Information page to display hardware/firmware version numbers for the main board and management software, as well as the power status of the system. Command Attributes Main Board • Serial Number – The serial number of the switch. •...
  • Page 61 ISPLAYING Web – Click System, Switch Information. CLI – Use the following command to display version information. Console#show version Unit1 Serial number Hardware version Module A type Module B type Number of ports Main power status Agent(master) Unit id Loader version Boot rom version Operation code version :1.0.1.1 Console#...

  • Page 62: Port Configuration

    ONFIGURING THE WITCH Port Configuration Displaying Connection Status You can use the Port Information or Trunk Information pages to display the current connection status, including link state, speed/ duplex mode, flow control, and auto-negotiation. Command Attributes • Name – Interface label. •...
  • Page 63 • MAC Address – The physical layer address for this port. - CLI only; to access this on the Web, see “Setting the IP Address” on page -11. • Trunk Member – Shows if port is a trunk member. (Port Information only) •...

  • Page 64: Configuring Interface Connections

    ONFIGURING THE WITCH CLI – This example shows the connection status for Port 13. Console#show interfaces status ethernet 1/13 Information of Eth 1/13 Basic information: Port type: 100TX Mac address: 00-55-FF-FF-DD-EA Configuration: Name: Port admin: Up Speed-duplex: Auto Capabilities: 10half, 10full, 100half, 100full, Broadcast storm: Enabled Broadcast storm limit: 6 percent Flow control: Disabled...
  • Page 65 • Flow Control* – Allows you to manually enable or disable flow control. • Autonegotiation (Port Capabilities) – Allows auto-negotiation to be enabled/disabled. When auto-negotiation is enabled, you need to specify the capabilities to be advertised. When auto-negotiation is disabled, you can force the settings for speed, mode, and flow control.The following capabilities are supported.

  • Page 66: Setting Broadcast Storm Thresholds

    ONFIGURING THE WITCH Web – Click Port, Port Configuration or Trunk Configuration. Modify the required interface settings, and click Apply. CLI – Select the interface, and then enter the required settings. Console(config)#interface ethernet 1/3 Console(config-if)#description RD SW#13 Console(config-if)#shutdown Console(config-if)#no shutdown Console(config-if)#no negotiation Console(config-if)#speed-duplex 100half Console(config-if)#flowcontrol...

  • Page 67: Command Usage

    You can protect your network from broadcast storms by setting a port or trunk threshold for broadcast traffic. Any broadcast packets exceeding the specified threshold will then be dropped. Command Usage • Broadcast Storm Control is enabled by default. • The default threshold is six percent of the port bandwidth.
  • Page 68 ONFIGURING THE WITCH Web – Click Port, Port Broadcast Control or Trunk Broadcast Control. Set the threshold for each port or trunk, and then click Apply. CLI – Specify an interface, and then enter the threshold. The following sets broadcast suppression at twenty percent of the port bandwidth for Port 3.

  • Page 69: Configuring Port Mirroring

    Configuring Port Mirroring You can mirror traffic from any source port to a target port for real-time analysis. You can then attach a logic analyzer or RMON probe to the target port and study the traffic crossing the source port in a completely unobtrusive manner. Command Usage •...

  • Page 70: Address Table Settings

    ONFIGURING THE WITCH Web – Click Port, Mirror. Specify the source port, the traffic type to be mirrored, and the monitor port, then click Add. CLI – Use the interface command to select the monitor port, then use the port monitor command to specify the source port. Note that default mirroring under the CLI is for both received and transmitted packets.

  • Page 71: Setting Static Addresses

    Setting Static Addresses A static address can be assigned to a specific interface on this switch. Static addresses are bound to the assigned interface and will not be moved. When a static address is seen on another interface, the address will be ignored and will not be written to the address table.

  • Page 72: Displaying The Address Table

    ONFIGURING THE WITCH Web – Click Address Table, Static Addresses. Specify the mode, the interface, the MAC address and duration, then click Add Static Address. CLI – This example adds an address to the static address table, and sets it to permanent by default. Console(config)#mac-address-table static 00-e0-29-94-34-de interface ethernet 1/3 Console(config)#...
  • Page 73 Command Attributes • Interface – Indicates a port or trunk. • MAC Address – Physical address associated with this interface. • Address Table Sort Key – You can sort the information displayed based on interface (port or trunk) or MAC address. Web –...

  • Page 74: Changing The Aging Time

    ONFIGURING THE WITCH Changing the Aging Time You can set the aging time for entries in the dynamic address table. Command Attributes • Aging Time – The time after which a learned entry is discarded. (Range: 2-172800 seconds; Default: 300 seconds) Web –...

  • Page 75: Managing Global Settings

    device (except for the root device) which incurs the lowest path cost when forwarding a packet from that device to the root device. Then it selects a designated bridging device from each LAN which incurs the lowest path cost when forwarding a packet from that LAN to the root device.
  • Page 76 ONFIGURING THE WITCH The following global attributes display statistical values and cannot be changed: • Configuration Changes – The number of times the Spanning Tree has been reconfigured. • Last Topology Change – Time since the Spanning Tree was last reconfigured. The following global attributes can be configured: •...

  • Page 77: Displaying The Global Settings For Sta

    the network. (References to “ports” in this section means “interfaces,” which includes both ports and trunks.) - Default: 20 - Minimum: The higher of 6 or [2 x (Hello Time + 1)]. - Maximum: The lower of 40 or [2 x (Forward Delay - 1)] •...
  • Page 78 ONFIGURING THE WITCH CLI – This command displays global STA settings, followed by settings for each port. Console#show spanning-tree Bridge-group information -------------------------------------------------------------- Spanning tree protocol Spanning tree enable/disable Priority Hello Time (sec.) Max Age (sec.) Forward Delay (sec.) Designated Root Current root port Current root cost Number of topology changes...

  • Page 79: Configuring The Global Settings For Sta

    Configuring the Global Settings for STA Web – Click Spanning Tree, STA Configuration. Modify the required attributes, and click Apply. CLI – This example enables Spanning Tree Protocol, and then sets the indicated attributes. Console(config)#spanning-tree Console(config)#spanning-tree priority 40000 Console(config)#spanning-tree hello-time 5 Console(config)#spanning-tree max-age 38 Console(config)#spanning-tree forward-time 20 Console(config)#...
  • Page 80 ONFIGURING THE WITCH Command Attributes The following attributes are read-only and cannot be changed: • Port Status – Displays current state of this port within the Spanning Tree: - Disabled - The port has been disabled by the user or has failed diagnostics.
  • Page 81 • Designated Cost – The cost for a packet to travel from this port to the root in the current Spanning Tree configuration. The slower the media, the higher the cost. • Designated Bridge – The priority and MAC address of the device through which this port must communicate to reach the root of the Spanning Tree.
  • Page 82 ONFIGURING THE WITCH • Path Cost – This parameter is used by the STP to determine the best path between devices. Therefore, lower values should be assigned to ports attached to faster media, and higher values assigned to ports with slower media. (Path cost takes precedence over port priority.) - Full Range: 1-65535 - Recommended Range –...

  • Page 83: Displaying The Interface Settings For Sta

    Displaying the Interface Settings for STA Web – Click Spanning Tree, STA Port Information or STA Trunk Information. CLI – This example shows the STA attributes for port 5. Console#show spanning tree ethernet 1/5 Bridge-group information -------------------------------------------------------------- Spanning tree protocol Spanning tree enable/disable Priority Hello Time (sec.)

  • Page 84: Configuring The Interface Settings For Sta

    ONFIGURING THE WITCH Configuring the Interface Settings for STA Web – Click Spanning Tree, STA Port Configuration or STA Trunk Configuration. Modify the required attributes, then click Apply. CLI – This example sets STA attributes for port 5. Console(config)#interface ethernet 1/5 Console(config-if)#spanning-tree port-priority 0 Console(config-if)#spanning-tree cost 50 Console(config-if)#spanning-tree portfast...
  • Page 85 VLANs help to simplify network management by allowing you to move devices to a new VLAN without having to change any physical connections. VLANs can be easily organized to reflect departmental groups (such as Marketing or R&D), usage groups (such as e-mail), or multicast groups (used for multimedia applications such as videoconferencing).
  • Page 86 ONFIGURING THE WITCH traffic to the same VLAN(s), either manually or dynamically using GVRP. However, if you want a port on this switch to participate in one or more VLANs, but none of the intermediate network devices nor the host at the other end of the connection supports VLANs, then you should add this port to the VLAN as an untagged port.
  • Page 87 Automatic VLAN Registration – GVRP (GARP VLAN Registration Protocol) defines a system whereby the switch can automatically learn the VLANs to which each endstation should be assigned. If an endstation (or its network adapter) supports the IEEE 802.1Q VLAN protocol, it can be configured to broadcast a message to your network indicating the VLAN groups it wants to join.

  • Page 88: Forwarding Tagged/Untagged Frames

    ONFIGURING THE WITCH Forwarding Tagged/Untagged Frames If you want to create a small port-based VLAN for devices attached directly to a single switch, you can assign ports to the same untagged VLAN. However, to participate in a VLAN group that crosses several switches, you need to create a VLAN for that group and enable tagging on all ports.

  • Page 89: Displaying Current Vlans

    *Web Only Web – Click VLAN, VLAN Base Information. CLI – Enter the following command. Console#show bridge-ext Max support vlan numbers: 127 Max support vlan ID: 4094 Extended multicast filtering services: No Static entry individual port: Yes VLAN learning: SVL Configurable PVID tagging: Yes Local VLAN capable: No Traffic classes: Enabled...
  • Page 90 ONFIGURING THE WITCH • Status – Shows how this VLAN was added to the switch. - Dynamic GVRP: Automatically learned via GVRP. - Permanent: Added as a static entry. • Egress Ports – Shows all the VLAN port members. • Untagged Ports –...

  • Page 91: Creating Vlans

    • Ports / Channel groups – Shows the VLAN interface members. CLI – Current VLAN information can be displayed with the following command. Console#show vlan id 1 VLAN Type Name ---- ------- ----------- ------ Static DefaultVlan Console# Creating VLANs Use the VLAN Static List to create or remove VLAN groups. To propagate information about VLAN groups used on this switch to external network devices, you must specify a VLAN ID for each of these groups.
  • Page 92 ONFIGURING THE WITCH • State (CLI) – Shows if this VLAN is enabled or disabled. - Active: VLAN is operational. - Suspend: VLAN is suspended; i.e., does not pass packets. • Add – Adds a new VLAN group to the current list. •...

  • Page 93: Adding Static Members To Vlans (Vlan Index)

    Adding Static Members to VLANs (VLAN Index) Use the VLAN Static Table to configure port members for the selected VLAN index. Assign ports as tagged if they are connected to 802.1Q VLAN compliant devices, or untagged they are not connected to any VLAN-aware devices. Or configure a port as forbidden to prevent the switch from automatically adding it to a VLAN via the GVRP protocol.
  • Page 94 ONFIGURING THE WITCH • Membership Type – Select VLAN membership for each interface by marking the appropriate radio button for a port or trunk: - Tagged: Interface is a member of the VLAN. All packets transmitted by the port will be tagged, that is, carry a tag and therefore carry VLAN or CoS information.
  • Page 95 Web – Click VLAN, VLAN Static Table. Select a VLAN ID from the scroll-down list. Modify the VLAN name and status if required. Select the membership type by marking the appropriate radio button in the list of ports or trunks. Click Apply. CLI –...

  • Page 96: Adding Static Members To Vlans (Port Index)

    ONFIGURING THE WITCH Adding Static Members to VLANs (Port Index) Use the VLAN Static Membership by Port menu to assign VLAN groups to the selected interface add an interface to the selected VLAN as a tagged member. Command Attributes • Interface –...

  • Page 97: Configuring Vlan Behavior For Interfaces

    CLI – This example adds Port 3 to VLAN 1 as a tagged port. Console(config)#interface ethernet 1/3 Console(config-if)#switchport allowed vlan add 1 tagged Configuring VLAN Behavior for Interfaces You can configure VLAN behavior for specific interfaces, including the default VLAN identifier (PVID), accepted frame types, ingress filtering, GVRP status, and GARP timers.
  • Page 98 ONFIGURING THE WITCH - If ingress filtering is enabled, the interface will discard incoming frames tagged for VLANs which do not include this ingress port in their member set. - Ingress filtering does not affect VLAN independent BPDU frames, such as GVRP or STP. However, it does affect VLAN dependent BPDU frames, such as GMRP.
  • Page 99 • GARP Leave Timer* – The interval a port waits before leaving a VLAN group. This time should be set to more than twice the join time. This ensures that after a Leave or LeaveAll message has been issued, the applicants can rejoin before the port actually leaves the group.

  • Page 100: Configuring Private Vlans

    ONFIGURING THE WITCH Web – Click VLAN, VLAN Port Configuration or VLAN Trunk Configuration. Fill in the required settings for each interface, click Apply. CLI – This example sets port 3 to accept only tagged frames, assigns PVID 2 as the native VLAN ID, enables GVRP, sets the GARP timers, and then sets the switchport mode to trunk.

  • Page 101: Displaying Current Private Vlans

    ports in their own community VLAN, and with their designated promiscuous ports. (Note that private VLANs and normal VLANs can exist simultaneously within the same switch.) Each private VLAN consists of two components: a primary VLAN and one or more community VLANs. A primary VLAN allows traffic to pass between promiscuous ports, and between promiscuous ports and community ports subordinate to the primary VLAN.
  • Page 102 ONFIGURING THE WITCH Command Attributes • VLAN ID – ID of configured VLAN (1-4094, no leading zeroes). • Primary VLAN – The primary VLAN with which the selected VLAN is associated. (Note that this displays as VLAN 0 if the selected VLAN is itself a primary VLAN.) •...

  • Page 103: Configuring Private Vlans

    CLI – This example shows the switch configured with primary VLAN 5 and secondary VLAN 6. Port 3 has been configured as a promiscuous port and mapped to VLAN 5, while ports 4 and 5 have been configured as a host ports and are associated with VLAN 6.

  • Page 104: Associating Community Vlans

    ONFIGURING THE WITCH Web – Click Private VLAN, Private VLAN Configuration. Enter the VLAN ID number, select Primary or Community type, then click Add. To remove a private VLAN from the switch, highlight an entry in the Current list box and then click Remove. Note that all member ports must be removed from the VLAN before it can be deleted.

  • Page 105: Displaying Private Vlan Interface Information

    Web – Click Private VLAN, Private VLAN Association. Select the required primary VLAN from the scroll-down box, highlight one or more community VLANs in the Non-Association list box, and click Add to associate these entries with the selected primary VLAN. (A community VLAN can only be associated with one primary VLAN.) CLI –...
  • Page 106 ONFIGURING THE WITCH Command Attributes • Port/Trunk – The switch interface. • PVLAN Port Type – Displays private VLAN port types. - Normal – The port is not configured in a private VLAN. - Host – The port is a community port and can only communicate with other ports in its own community VLAN, and with the designated promiscuous port(s).

  • Page 107: Configuring Private Vlan Interfaces

    CLI – This example shows the switch configured with primary VLAN 5 and secondary VLAN 6. Port 3 has been configured as a promiscuous port and mapped to VLAN 5, while ports 4 and 5 have been configured as a host ports and associated with VLAN 6. This means that traffic for port 4 and 5 can only pass through port Console#show vlan private-vlan Primary...
  • Page 108 ONFIGURING THE WITCH • Primary VLAN – Conveys traffic between promiscuous ports, and between promiscuous ports and community ports within the associated secondary VLANs. If PVLAN type is “Promiscuous,” then specify the associated primary VLAN. For “Host” type, the Primary VLAN displayed is the one to which the selected secondary VLAN has been associated.

  • Page 109: Class Of Service Configuration

    CLI – This example shows the switch configured with primary VLAN 5 and secondary VLAN 6. Port 3 has been configured as a promiscuous port and mapped to VLAN 5, while ports 4 and 5 have been configured as a host ports and associated with VLAN 6. This means that traffic for port 4 and 5 can only pass through port Console(config)#interface ethernet 1/3 Console(config-if)#switchport mode private-vlan promiscuous...

  • Page 110: Setting The Queue Mode

    ONFIGURING THE WITCH This switch uses Weighted Round-Robin as the default mode for each port. Up to 8 separate traffic classes are defined in IEEE 802.1p. The default priority levels are assigned according to recommendations in the IEEE 802.1p standard as shown in the following table.

  • Page 111: Port Trunk Configuration

    Command Attributes • WRR – Weighted Round-Robin shares bandwidth at the egress ports by using scheduling weights of 1, 3, 12 and 48 for queue 0, 1, 2 and 3 respectively. • Strict – Services the egress queues in sequential order, transmitting all traffic in the higher priority queues before servicing lower priority queues.

  • Page 112: Command Usage

    ONFIGURING THE WITCH Command Usage Besides balancing the load across each port in the trunk, the other ports provide redundancy by taking over the load if a port in the trunk fails. However, before making any physical connections between devices, use the Web interface or CLI to specify the trunk on the devices at both ends.
  • Page 113 • New – Selects a predefined port group to add to the specified trunk. Group Number Web – Click Trunk, Trunk Configuration. Enter a trunk ID of 1-4 in the Trunk field, select any of the predefined port groups from the scroll-down list, and click Add.

  • Page 114: Configuring Snmp

    ONFIGURING THE WITCH CLI – This example creates trunk 1 with ports 5 and 17. Just connect these ports to two static trunk ports on another switch to form a trunk. Console(config)#interface port-channel 1 Console(config-if)#port-group 4 Console#show interfaces status port-channel 1 Information of Trunk 1 Basic information: Port type: 100TX...

  • Page 115: Setting Community Access Strings

    submit a valid community string for authentication. The options for configuring community strings and related trap functions are described in the following sections. Setting Community Access Strings You may configure up to five community strings authorized for management access. All community strings used for IP Trap Managers should be listed in this table.

  • Page 116: Specifying Trap Managers And Trap Types

    ONFIGURING THE WITCH Web – Click SNMP, SNMP Configuration. Add new community strings as required, select the access rights from the Access Mode drop-down list, then click Add. CLI – The following example adds the string “spiderman” with read/write access. Console(config)#snmp-server community spiderman rw Console(config)# Specifying Trap Managers and Trap Types...
  • Page 117 Command Usage • You can enable or disable authentication messages via the Web interface. • You can enable or disable authentication messages or link-up-down messages via the CLI. Command Attributes • Trap Manager Capability – Indicates that the switch supports up to five trap managers.

  • Page 118: Multicast Configuration

    ONFIGURING THE WITCH Web – Click SNMP, SNMP Configuration. Fill in the IP address and community string for each Trap Manager that will receive these messages, mark Enable Authentication Traps if required, and then click Add. CLI – This example adds a trap manager and enables authentication traps.

  • Page 119: Configuring Igmp Parameters

    This switch uses IGMP (Internet Group Management Protocol) to query for any attached hosts that want to receive a specific multicast service. It identifies the ports containing hosts requesting to join the service and sends data out to those ports only. It then propagates the service request up to any neighboring multicast switch/router to ensure that it will continue to receive the multicast service.
  • Page 120 ONFIGURING THE WITCH adjacent multicast switch/router to ensure that it will continue to receive the multicast service. Note: Multicast routers use this information, along with a multicast routing protocol such as DVMRP or PIM, to support IP multicasting across the Internet. Command Attributes •...

  • Page 121: Interfaces Attached To A Multicast Router

    Web – Click IGMP, IGMP Configuration. Adjust the IGMP settings as required, and then click Apply. (The default settings are shown below.) CLI – This example modifies the settings for multicast filtering, and then displays the current status. Console(config)#ip igmp snooping Console(config)#ip igmp snooping query-count 10 Console(config)#ip igmp snooping query-max-response-time 20 Console(config)#ip igmp snooping router-port-expire-time 300 3-64...

  • Page 122: Displaying Interfaces Attached To A Multicast Router

    ONFIGURING THE WITCH You can use the Multicast Router Port Information page to display the ports on this switch attached to a neighboring multicast router/ switch for each VLAN ID. Displaying Interfaces Attached to a Multicast Router Command Attributes • VLAN ID –...

  • Page 123: Specifying Interfaces Attached To A Multicast Router

    Specifying Interfaces Attached to a Multicast Router Depending on your network connections, IGMP snooping may not always be able to locate the IGMP querier. Therefore, if the IGMP querier is a known multicast router/switch connected over the network to an interface (port or trunk) on your switch, you can manually configure that interface to join all the current multicast groups.

  • Page 124: Displaying Port Members Of Multicast Services

    ONFIGURING THE WITCH CLI – This example configures port 11 as a multicast router port within VLAN 1. Console(config)#ip igmp snooping vlan 1 mrouter ethernet 1/11 3-164 Console(config)#exit Console#show ip igmp snooping mrouter vlan 1 VLAN M'cast Router Port Type ---- ------------------ ------- Displaying Port Members of Multicast Services You can display the port members associated with a specified...
  • Page 125 Web – Click IGMP, IP Multicast Registration Table. Select the VLAN ID and multicast IP address. The switch will display all the ports that are propagating this multicast service. CLI – This example displays all the known multicast services supported on VLAN 1, along with the ports propagating the corresponding services.

  • Page 126: Adding Multicast Addresses To Vlans

    ONFIGURING THE WITCH Adding Multicast Addresses to VLANs Multicast filtering can be dynamically configured using IGMP Snooping and IGMP Query messages as described in “Configuring IGMP Parameters” on page 2-87. For certain application that require tighter control, you may need to statically configure a multicast service on the switch.
  • Page 127 Web – Click IGMP, IGMP Member Port Table. Specify the interface attached to a multicast service (via an IGMP-enabled switch or multicast router), indicate the VLAN that will propagate the multicast service, specify the multicast IP address, and then click Add.

  • Page 128: Showing Port Statistics

    ONFIGURING THE WITCH Showing Port Statistics You can display standard statistics on network traffic from the Interfaces Group and Ethernet-like MIBs, as well as a detailed breakdown of traffic based on the RMOM MIB. Interfaces and Ethernet-like statistics display errors on the traffic passing through each port.
  • Page 129 HOWING TATISTICS Web – Click Statistics, Port Statistics. Select the required interface, and click Query. You can also use the Refresh button at the bottom of the page to update the screen. 2-97...

  • Page 130: Rate Limit Configuration

    ONFIGURING THE WITCH CLI – This example shows statistics for port 1. Console#show interfaces counters ethernet 1/13 Ethernet 1/ 1 Iftable stats: Octets input: 163138, Octets output: 2056071 Unicast input: 1564, Unicast output: 1918 Discard input: 0, Discard output: 0 Error input: 0, Error output: 0 Unknown protos input: 0, QLen output: 0 Extended iftable stats:...
  • Page 131 Rate limiting can be applied to individual ports or trunks. When an interface is configured with this feature, the traffic rate will be monitored by the hardware to verify conformity. Non-conforming traffic is dropped, conforming traffic is forwarded without any changes.

  • Page 132: Configuring 802.1X Port Authentication

    ONFIGURING THE WITCH Web - Click Rate Limit, Input/Output Rate Limit Port/Trunk Configuration. Enable the Rate Limit Status for the required interfaces, set the Rate Limit to one of the options shown in the preceding table, and click Apply. CLI - This example sets the rate limit for input and output traffic passing through port 3 to approximately 3% (i.e., 3.12 Mbps for a 100 Mbps link), and the rate limit for traffic crossing port 4 to 6% (i.e., 6.25 Mbps for a 100 Mbps link).
  • Page 133 The IEEE 802.1x (dot1x) standard defines a port-based access control procedure that prevents unauthorized access to a network by requiring users to first enter a user ID and password for authentication. Access to all switch ports in a network can be centrally controlled from a server, which means that authorized users can use a single user ID and password for authentication from any point within the network.

  • Page 134: Displaying 802.1X Global Settings

    ONFIGURING THE WITCH Displaying 802.1x Global Settings The dot1x protocol includes global parameters that control the client authentication process that runs between the client and the switch (i.e., authenticator), as well as the client identity lookup process that runs between the switch and authentication server. These parameters are described in this section.

  • Page 135: Configuring 802.1X Global Settings

    Web – Click dot1x, dot1X Information. CLI -This example shows the default protocol settings for dot1x. Console#show dot1x Global 802.1X Parameters reauth-enabled: n/a reauth-period: quiet-period: tx-period: supp-timeout: server-timeout: 30 reauth-max: max-req: 802.1X Port Summary Port Name Console# Configuring 802.1x Global Settings The dot1x protocol includes global parameters that control the client authentication process that runs between the client and the switch (i.e., authenticator), as well as the client...
  • Page 136 ONFIGURING THE WITCH identity lookup process that runs between the switch and authentication server. The configuration options for parameters are described in this section. Command Attributes • dot1X Re-authentication – Sets the client to be re-authenticated after the interval specified by the Timeout for Re-authentication Period.

  • Page 137: Configuring A Port For Authorization

    Web – Select dot1x, dot1X Configuration. Enable dot1x globally for the switch, modify any of the parameters required, and then click Apply. CLI – This example enables re-authentication and sets all of the global parameters for dot1x. Console(config)#dot1x max-req 5 Console(config)#dot1x re-authentication Console(config)#dot1x timeout quiet-period 40 Console(config)#dot1x timeout re-auth 5...
  • Page 138 ONFIGURING THE WITCH • Mode – Sets the authentication mode to one of the following options: - Force-Authorized – Configures the port to grant access to all clients, either dot1x-aware or otherwise. - Force-Unauthorized – Configures the port to deny access to all clients, either dot1x-aware or otherwise.

  • Page 139: Displaying 802.1X Statistics

    CLI – This example sets the authentication mode to enable dot1x on port 2. Console(config)#interface ethernet 1/2 Console(config-if)#dot1x port-control auto Console(config-if)# Displaying 802.1x Statistics This switch can display statistics for dot1x protocol exchanges for any port. Statistical Values Parameter Rx EXPOL Start Rx EAPOL Logoff Rx EAPOL Invalid Rx EAPOL Total...
  • Page 140 ONFIGURING THE WITCH Parameter Tx EAPOL Total Tx EAP Req/Id Tx EAP Req/Oth Web – Select dot1x followed by dot1X statistics. Select the required port and then click Query. Click Refresh to update statistics. 2-108 Description The number of EAPOL frames of any type that have been transmitted by this Authenticator.
  • Page 141 CLI – This example displays the dot1x statistics for port 1. Console#show dot1x statistics Eth 1/1 Rx: EXPOL EAPOL Start Logoff Last Last EAPOLVer EAPOLSrc 00-00-00-00-00-00 Tx: EAPOL Total Req/Id Console# 802.1 ONFIGURING EAPOL EAPOL Invalid Total Resp/Id Req/Oth UTHENTICATION Resp/Oth LenError 2-109...
  • Page 142 ONFIGURING THE WITCH 2-110...

  • Page 143: Command Line Interface

    OMMAND This chapter describes how to use the Command Line Interface (CLI). Using the Command Line Interface Accessing the CLI When accessing the management interface for the switch over a direct connection to the server’s console port, or via a Telnet connection, the switch can be managed by entering command keywords and parameters at the prompt.

  • Page 144: Telnet Connection

    After connecting to the system through the console port, the login screen displays: User Access Verification Username: admin Password: CLI session with the TigerSwitch 10/100 - 6724L2 Managed 24+2 Standalone Switch is opened. To end the CLI session, enter [Exit]. Console# Telnet Connection Telnet operates over the IP transport protocol.
  • Page 145 If your corporate network is connected to another network outside your office or to the Internet, you need to apply for a registered IP address. However, if you are attached to an isolated network, then you can use any IP address that matches the network segment to which you are attached.

  • Page 146: Entering Commands

    OMMAND NTERFACE Entering Commands This section describes how to enter CLI commands. Keywords and Arguments A CLI command is a series of keywords and arguments. Keywords identify a command, and arguments specify configuration parameters. For example, in the command “show interfaces status ethernet 1/5,”...

  • Page 147: Command Completion

    Command Completion If you terminate input with a Tab key, the CLI will print the remaining characters of a partial keyword up to the point of ambiguity. In the “logging history” example, typing log followed by a tab will result in printing the command up to “logging.” Getting Help on Commands You can display a brief description of the help system by entering the help command.

  • Page 148: Partial Keyword Lookup

    OMMAND NTERFACE The command “show interfaces ?” will display the following information: Console>show interfaces ? counters status switchport Partial Keyword Lookup If you terminate a partial keyword with a question mark, alternatives that match the initial letters are provided. (Remember not to leave a space between the command and question mark.) For example “s?”...

  • Page 149: Understanding Command Modes

    Understanding Command Modes The command set is divided into Exec and Configuration classes. Exec commands generally display information on system status or clear statistical counters. Configuration commands, on the other hand, modify interface parameters or enable certain switching functions. These classes are further divided into different modes. Available commands depend on the selected mode.

  • Page 150: Configuration Commands

    To enter Privileged Exec mode, enter the following commands and passwords: Username: admin Password: [admin login password] CLI session with the TigerSwitch 10/100 - 6724L2 Managed 24+2 Standalone Switch is opened. To end the CLI session, enter [Exit]. Console# Username: guest...
  • Page 151 • Interface Configuration - These commands modify the port configuration such as speed-duplex and negotiation. • Line Configuration - These commands modify the console port and Telnet configuration, and include command such as parity and databits. • VLAN Configuration - Includes the command to create VLAN groups.

  • Page 152: Command Line Processing

    OMMAND NTERFACE Command Line Processing Commands are not case sensitive. You can abbreviate commands and parameters as long as they contain enough letters to differentiate them from any other currently available commands or parameters. You can use the Tab key to complete partial commands, or enter a partial command followed by the “?”...
  • Page 153 Command Description Group RADIUS Client Configures RADIUS client-server authentication for logon access Port Configures IEEE 802.1x port access control Authentication SNMP Activates authentication failure traps; configures community access strings, and trap managers IGMP Configures IGMP multicast filtering, querier Snooping eligibility, query parameters, and specifies ports attached to a multicast router Line Sets communication parameters for the serial port...
  • Page 154 OMMAND NTERFACE Command Group Mirror Port Port Trunking Statically groups multiple ports into a single logical Note: Note that the access mode shown in the following tables is indicated by these abbreviations: NE (Normal Exec) PE (Privileged Exec) GC (Global Configuration) IC (Interface Configuration) LC (Line Configuration) VC (VLAN Database Configuration)

  • Page 155: General Commands

    General Commands Command Function enable Activates privileged mode disable Returns to normal mode from privileged mode configure Activates global configuration mode show Shows the command history buffer history reload Restarts the system Returns to Privileged Exec mode exit Returns to the previous configuration mode, or exits the CLI quit Exits a CLI session...

  • Page 156: Disable

    OMMAND NTERFACE Default Setting Level 15 Command Mode Normal Exec Command Usage • “super” is the default password required to change the command mode from Normal Exec to Privileged Exec. (To set this password, see the enable password command on page 3-29.) •...

  • Page 157: Configure

    Command Usage The “>” character is appended to the end of the prompt to indicate that the system is in normal access mode. Example Console#disable Console> Related Commands enable (3-13) configure Use this command to activate Global Configuration mode. You must enter this mode to modify any settings on the switch.

  • Page 158: Show History

    OMMAND NTERFACE show history Use this command to show the contents of the command history buffer. Default Setting None Command Mode Normal Exec, Privileged Exec Command Usage The history buffer size is fixed at 10 Execution commands and 10 Configuration commands. Example In this example, the show history command lists the contents of the command history buffer:...

  • Page 159: Reload

    example, the !2 command repeats the second command in the Execution history buffer (config). Console#!2 Console#config Console(config)# reload Use this command to restart the system. Note: When the system is restarted, it will always run the Power-On Self-Test. It will also retain all configuration information stored in non-volatile memory by the copy running-config startup-config command.

  • Page 160: Exit

    OMMAND NTERFACE Command Mode Global Configuration, Interface Configuration, Line Configuration, VLAN Database Configuration Example This example shows how to return to the Privileged Exec mode from the Interface Configuration mode: Console(config-if)#end Console# exit Use this command to return to the previous configuration mode or exit the configuration program.

  • Page 161: Quit

    quit Use this command to exit the configuration program. Default Setting None Command Mode Normal Exec, Privileged Exec Command Usage The quit and exit commands can both exit the configuration program. Example This example shows how to quit a CLI session: Console#quit Press ENTER to start session User Access Verification...

  • Page 162: Copy

    OMMAND NTERFACE Command Function whichboot Displays the files booted boot system Specifies the file or image used to start up the system copy Use this command to move (upload/download) a code image or configuration file between the switch’s Flash memory and a TFTP server.
  • Page 163 Command Usage • The system prompts for data required to complete the copy command. • The destination file name should not contain slashes (\ or /), the leading letter of the file name should not be a period (.), and the maximum length for file names on the TFTP server is 127 characters or 31 characters for files on the switch.

  • Page 164: Delete

    OMMAND NTERFACE The following example shows how to copy the running configuration to a startup file. Console#copy running-config file destination file name : startup Write to FLASH Programming. \Write to FLASH finish. Success. Console# The following example shows how to download a configuration file: Console#copy tftp startup-config TFTP server ip address: 10.1.0.99...

  • Page 165: Dir

    Command Usage • If the file type is used for system startup, then this file cannot be deleted. • “Factory_Default_Config.cfg” cannot be deleted. Example This example shows how to delete the test2.cfg configuration file from Flash memory. Console#delete test2.cfg Console# Related Commands dir (3-23) Use this command to display a list of files in Flash memory.

  • Page 166: Whichboot

    OMMAND NTERFACE Command Usage • If you enter the command dir without any parameters, the system displays all files. • File information is shown below: Column Heading file name file type startup size Example The following example shows how to display all file information: Console#dir ------------------------------ -------------- ------- ---------- Factory_Default_Config.cfg...

  • Page 167: Boot System

    Example This example shows the information displayed by the whichboot command. See the table under the dir command for a description of the file information displayed by this command. Console#whichboot file name ----------------- -------------- ------- ----------- diag_0060 Boot-Rom image run_0200 Operation Code startup Console# boot system...

  • Page 168: Related Commands

    OMMAND NTERFACE Example Console(config)#boot system config: startup Console(config)# Related Commands dir (3-23) whichboot (3-24) System Management Commands These commands are used to control system logs, passwords, user names, browser configuration options, and display or configure a variety of other system information. Command Device Description Command hostname...

  • Page 169: Hostname

    Command show system show users show version hostname Use this command to specify or modify the host name for this device. Use the no form to restore the default host name. Syntax hostname name no hostname name - The name of this host. (Maximum length: 255 characters) Default Setting None...
  • Page 170 OMMAND NTERFACE Syntax username name {access-level level | nopassword | password {0 | 7} password} no username name • name - The name of the user. (Maximum length: 8 characters, case sensitive. Maximum users: 16) • access-level level - Specifies the user level. •...

  • Page 171: Enable Password

    Example This example shows how the set the access level and password for a user. Console(config)#username bob access-level 15 Console(config)#username bob password 0 smith Console(config)# enable password After initially logging onto the system, you should set the Privileged Exec password. Remember to record it in a safe place. Use this command to control access to the Privileged Exec level from the Normal Exec level.

  • Page 172: Ip Http Port

    OMMAND NTERFACE password to change the command mode from Normal Exec to Privileged Exec with the enable command (page 3-13). • The encrypted password is required for compatibility with legacy password settings (i.e., plain text or encrypted) when reading the configuration file during system bootup or when downloading the configuration file from a TFTP server.

  • Page 173: Ip Http Server

    Related Commands ip http server (3-31) ip http server Use this command to allow this device to be monitored or configured from a browser. Use the no form to disable this function. Syntax ip http server no ip http server Default Setting Enabled Command Mode...

  • Page 174: Show Startup-Config

    OMMAND NTERFACE show startup-config Use this command to display the configuration file stored in non-volatile memory that is used to start up the system. Default Setting None Command Mode Privileged Exec Command Usage • Use this command in conjunction with the show running-config command to compare the information in running memory to the information stored in non-volatile memory.

  • Page 175: Related Commands

    Example Console#show startup-config building startup-config, please wait... username admin access-level 15 username admin password 0 admin username guest access-level 0 username guest password 0 guest enable password level 15 0 super snmp community public ro snmp community private rw vlan database vlan 1 name DefaultVlan media ethernet state active interface ethernet 1/1 switchport allowed vlan add 1 untagged...

  • Page 176: Show Running-Config

    OMMAND NTERFACE show running-config Use this command to display the configuration information currently in use. Default Setting None Command Mode Privileged Exec Command Usage • Use this command in conjunction with the show startup-config command to compare the information in running memory to the information stored in non-volatile memory.
  • Page 177 Example Console#show running-config building running-config, please wait... snmp-server community private rw snmp-server community public ro username admin access-level 15 username admin password 7 21232f297a57a5a743894a0e4a801fc3 username guest access-level 0 username guest password 7 084e0343a0486ff05530df6c705c8bb4 enable password level 15 7 1b3231655cebb7a1f783eddf27d254ca vlan database vlan 1 name DefaultVlan media ethernet state active.

  • Page 178: Show System

    • The POST results should all display “PASS.” If any POST test indicates “FAIL,” contact your distributor for assistance. Example Console#show system System description: TigerSwitch 10/100 - 6724L2 Managed 24+2 Standalone Switch System OID string: 1.3.6.1.4.1.259.6.10.42 System information System Up time: 0 days, 3 hours, 53 minutes, and 31.79 seconds...

  • Page 179: Show Users

    show users Shows all active console and Telnet sessions, including user name, idle time, and IP address of Telnet client. Default Setting None Command Mode Normal Exec, Privileged Exec Command Usage The session used to execute this command is indicated by a “*” symbol next to the Line (i.e., session) index number.

  • Page 180: Command Usage

    OMMAND NTERFACE Command Usage See “Displaying Switch Hardware/Software Versions” on page -28 for detailed information on software items. The meaning of hardware items are as follows: • Serial Number – Serial number of the main board. • Hardware Version – Hardware version of the main board. •...

  • Page 181: Authentication Login

    Command Authentication Method authentication login RADIUS Client radius-server host Specifies the RADIUS server radius-server port Sets the RADIUS server network port radius-server key radius-server retransmit radius-server timeout show radius-server authentication login Use this command to define the login authentication method and precedence.

  • Page 182: Radius-Server Host

    OMMAND NTERFACE Command Usage • RADIUS uses UDP which only offers best-effort delivery. Also, note that RADIUS encrypts only the password in the access-request packet from the client to the server. • RADIUS logon authentication assigns a specific privilege level for each user name and password pair.

  • Page 183: Radius-Server Port

    Command Mode Global Configuration Example Console(config)#radius-server host 192.168.1.25 Console(config)# radius-server port Use this command to set the RADIUS server network port. Use the no form to restore the default. Syntax radius-server port port_number no radius-server port port_number - RADIUS server UDP port used for authentication messages.

  • Page 184: Radius-Server Key

    OMMAND NTERFACE radius-server key Use this command to set the RADIUS encryption key. Use the no form to restore the default. Syntax radius-server key key_string no radius-server key key_string - Encryption key used to authenticate logon access for client. Do not use blank spaces in the string. (Maximum length: 20 characters) Default Setting None...

  • Page 185: Radius-Server Timeout

    Command Mode Global Configuration Example Console(config)#radius-server retransmit 5 Console(config)# radius-server timeout Use this command to set the interval between transmitting authentication requests to the RADIUS server. Use the no form to restore the default. Syntax radius-server timeout number_of_seconds no radius-server timeout number_of_seconds - Number of seconds the switch waits for a reply before resending a request.

  • Page 186: Command Mode

    OMMAND NTERFACE Command Mode Privileged Exec Example Console#show radius-server Server IP address: 10.1.0.99 Communication key with radius server: Server port number: 1812 Retransmit times: 2 Request timeout: 5 Console# Port Authentication Commands The switch supports IEEE 802.1x (dot1x) port-based access control that prevents unauthorized access to the network by requiring users to first enter a user ID and password for authentication.

  • Page 187: Authentication Dot1X

    Command dot1x timeout quiet-period dot1x timeout re-authperiod dot1x timeout tx-period show dot1x authentication dot1x Sets the default authentication server type. Use the no form to restore the default. Syntax authentication dot1x default radius no authentication dot1x Default Setting RADIUS Command Mode Global Configuration Example Console(config)#authentication dot1x default radius...

  • Page 188: Dot1X Default

    OMMAND NTERFACE dot1x default Sets all configurable dot1x global and port settings to their default values. Syntax dot1x default Command Mode Global Configuration Example Console(config)#dot1x default Console(config)# dot1x max-req Sets the maximum number of times the switch port will retransmit an EAP request packet to the client before it times out the authentication session.

  • Page 189: Dot1X Port-Control

    dot1x port-control Sets the dot1x mode on a port interface. Use the no form to reset to the default. Syntax dot1x port-control {auto | force-authorized | force-unauthorized} no dot1x port-control • auto – Requires a dot1x-aware connected client to be authorized by the RADIUS server.

  • Page 190: Dot1X Re-Authenticate

    OMMAND NTERFACE dot1x re-authenticate Forces re-authentication on all ports or a specific interface. Syntax dot1x re-authenticate [interface] interface • ethernet unit/port - unit - This is device 1. - port - Port number. Command Mode Privileged Exec Example Console#dot1x re-authenticate Console# dot1x re-authentication Enables periodic re-authentication globally for all ports.

  • Page 191: Dot1X Timeout Quiet-Period

    dot1x timeout quiet-period Sets the time that a switch port waits after the Max Request Count has been exceeded before attempting to acquire a new client. Use the no form of this command to reset the default. Syntax dot1x timeout quiet-period seconds no dot1x timeout quiet-period seconds seconds - Number of seconds.

  • Page 192: Dot1X Timeout Tx-Period

    OMMAND NTERFACE Example Console(config)#dot1x timeout re-authperiod 300 Console(config)# dot1x timeout tx-period Sets the time period during an authentication session that the switch waits before re-transmitting an EAP packet. Use the no form to reset to the default value. Syntax dot1x timeout tx-period seconds no dot1x timeout tx-period seconds - Number of seconds.

  • Page 193: Show Dot1X

    show dot1x Use this command to show general port authentication related settings on the switch or a specific interface. Syntax show dot1x [statistics] [interface interface] interface • ethernet unit/port - unit - This is device 1. - port - Port number. Command Mode Privileged Exec Command Usage...
  • Page 194 OMMAND NTERFACE • 802.1X Port Details – Displays detailed port access control settings for each interface as described in the preceeding pages, including adminstrative status for port access control, Max request (page 3-46), Quiet period (page 3-49), Reauth period (page 3-49), Tx period (page 3-50), and Port-control (page 3-47).

  • Page 195: A Uthentication C Ommands

    Example Console#show dot1x Global 802.1X Parameters reauth-enabled: yes reauth-period: 3600 quiet-period: tx-period: supp-timeout: server-timeout: 30 reauth-max: max-req: 802.1X Port Summary Port Name Status disabled enabled disabled disabled disabled 802.1X Port Details 802.1X is disabled on port 1 802.1X is enabled on port 2 Max request Quiet period Reauth period...

  • Page 196: Snmp Commands

    OMMAND NTERFACE SNMP Commands Controls access to this switch from management stations using the Simple Network Management Protocol (SNMP), as well as the error types sent to trap managers. Command snmp-server community snmp-server contact snmp-server location snmp-server host snmp-server enable traps show snmp snmp-server community Use this command to define the community access string for the...

  • Page 197: Snmp-Server Contact

    • rw - Specifies read-write access. Authorized management stations are able to both retrieve and modify MIB objects. Default Setting • public - Read-only access. Authorized management stations are only able to retrieve MIB objects. • private - Read/write access. Authorized management stations are able to both retrieve and modify MIB objects.

  • Page 198: Snmp-Server Location

    OMMAND NTERFACE Example Console(config)#snmp-server contact Geoff Console(config)# Related Commands snmp-server location snmp-server location Use this command to set the system location string. Use the no form to remove the location string. Syntax snmp-server location text no snmp-server location text - String that describes the system location. (Maximum length: 255 characters) Default Setting None...

  • Page 199: Snmp-Server Host

    snmp-server host Use this command to specify the recipient of a Simple Network Management Protocol notification operation. Use the no form to remove the specified host. Syntax snmp-server host host-addr community-string version version-number no snmp-server host host-addr • host-addr - Name or Internet address of the host (the targeted recipient).

  • Page 200: Snmp-Server Enable Traps

    OMMAND NTERFACE The snmp-server host command is used in conjunction with the snmp-server enable traps command. Use the snmp-server enable traps command to specify which SNMP notifications are sent globally. For a host to receive notifications, at least one snmp-server enable traps command and the snmp-server host command for that host must be enabled.

  • Page 201: Show Snmp

    Default Setting Issue authentication and link-up-down traps. Command Mode Global Configuration Command Usage If you do not enter an snmp-server enable traps command, no notifications controlled by this command are sent. In order to configure this device to send SNMP notifications, you must enter at least one snmp-server enable traps command.

  • Page 202: Command Mode

    OMMAND NTERFACE Command Mode Normal Exec, Privileged Exec Command Usage This command provides information on the community access strings, counter information for SNMP input and output protocol data units, and whether or not SNMP logging has been enabled with the snmp-server enable traps command. Example SNMP traps: Authentication: enable...

  • Page 203: Igmp Snooping Commands

    IGMP Snooping Commands This switch uses IGMP (Internet Group Management Protocol) to query for any attached hosts that want to receive a specific multicast service. It identifies the ports containing hosts requesting a service and sends data out to those ports only. It then propagates the service request up to any neighboring multicast switch/router to ensure that it will continue to receive the multicast service.

  • Page 204: Ip Igmp Snooping Query-Count

    OMMAND NTERFACE Default Setting Enabled Command Mode Global Configuration Example The following example enables IGMP snooping. Console(config)#ip igmp snooping Console(config)# ip igmp snooping query-count Use this command to configure the query count. Use the no form to restore the default. Syntax ip igmp snooping query-count count no ip igmp snooping query-count...

  • Page 205: Ip Igmp Snooping Query-Max-Response-Time

    response-time. If the countdown finishes, and the client still has not responded, then that client is considered to have left the multicast group. Example The following shows how to configure the query count to 10: Console(config)#ip igmp snooping query-count 10 Console(config)# Related Commands ip igmp snooping query-max-response-time (3-63)

  • Page 206: Ip Igmp Snooping Router-Port-Expire-Time

    OMMAND NTERFACE query-count, but a client has not responded, a countdown timer is started using an initial value set by this command. If the countdown finishes, and the client still has not responded, then that client is considered to have left the multicast group. Example The following shows how to configure the maximum response time to 20 seconds:...

  • Page 207: Ip Igmp Snooping Version

    Command Usage The switch must be using IGMPv2 for this command to take effect. Example The following shows how to configure the default timeout to 300 seconds: Console(config)#ip igmp snooping router-port-expire-time 300 Console(config)# Related Commands ip igmp snooping version (3-65) ip igmp snooping version Use this command to configure the IGMP snooping version.

  • Page 208: Show Ip Igmp Snooping

    OMMAND NTERFACE • Some commands are only enabled for IGMPv2, including ip igmp query-max-response-time and ip igmp query-timeout. Example The following configures the switch to use IGMP Version 1: Console(config)#ip igmp snooping version 1 Console(config)# show ip igmp snooping Use this command to show the IGMP snooping configuration. Default Setting None Command Mode...

  • Page 209: Show Mac-Address-Table Multicast

    show mac-address-table multicast Use this command to show known multicast addresses. Syntax show mac-address-table multicast [vlan vlan-id] [user | igmp-snooping] • vlan-id - VLAN ID (1 to 4094) • user - Display only the user-configured multicast entries. • igmp-snooping - Display only entries learned through IGMP snooping.

  • Page 210: Line Commands

    OMMAND NTERFACE Line Commands You can access the onboard configuration program by attaching a VT100 compatible device to the server’s serial port. These commands are used to set communication parameters for the serial port or Telnet (i.e., a virtual terminal). Command Function line...

  • Page 211: Line

    line Use this command to identify a specific line for configuration, and to process subsequent line configuration commands. Syntax line {console | vty} • console - Console terminal line. • vty - Virtual terminal for remote console access. Default Setting There is no default line.

  • Page 212: Login

    OMMAND NTERFACE login Use this command to enable password checking at login. Use the no form to disable password checking and allow connections without a password. Syntax login [local] no login local - Selects local password checking. Authentication is based on the user name specified with the username command.

  • Page 213: Password

    • This command controls login authentication via the switch itself. To configure user names and passwords for remote authentication servers, you must use the RADIUS software installed on those servers. Example Console(config-line)#login local Console(config-line)# Related Commands username (3-27) password (3-71) password Use this command to specify the password for a line.

  • Page 214: Exec-Timeout

    OMMAND NTERFACE Command Usage • When a connection is started on a line with password protection, the system prompts for the password. If you enter the correct password, the system shows a prompt. You can use the password-thresh command to set the number of times a user can enter an incorrect password before the system terminates the line connection and returns the terminal to the idle state.

  • Page 215: Password-Thresh

    Command Mode Line Configuration Command Usage • If user input is detected within the timeout interval, the session is kept open; otherwise the session is terminated. • This command applies to both the local console and Telnet connections. • The timeout for Telnet cannot be disabled. Example To set the timeout to two minutes, enter this command: Console(config-line)#exec-timeout 120...

  • Page 216: Silent-Time

    OMMAND NTERFACE Command Usage • When the logon attempt threshold is reached, the system interface becomes silent for a specified amount of time before allowing the next logon attempt. (Use the silent-time command to set this interval.) When this threshold is reached for Telnet, the Telnet logon interface shuts down.

  • Page 217: Databits

    Command Mode Line Configuration Example To set the silent time to 60 seconds, enter this command: Console(config-line)#silent-time 60 Console(config-line)# Related Commands password-thresh (3-73) databits Use this command to set the number of data bits per character that are interpreted and generated by the console port. Use the no form to restore the default value.

  • Page 218: Parity

    OMMAND NTERFACE Example To specify 7 data bits, enter this command: Console(config-line)#databits 7 Console(config-line)# Related Commands parity (3-76) parity Use this command to define generation of a parity bit. Use the no form to restore the default setting. Syntax parity {none | even | odd} no parity •...

  • Page 219: Speed

    speed Use this command to set the terminal line's baud rate. This command sets both the transmit (to terminal) and receive (from terminal) speeds. Use the no form to restore the default setting. Syntax speed bps no speed bps - Baud rate in bits per second. (Options: 9600, 57600, 38400, 19200, 115200 bps) Default Setting 9600 bps...

  • Page 220: Stopbits

    OMMAND NTERFACE stopbits Use this command to set the number of the stop bits transmitted per byte. Use the no form to restore the default setting. Syntax stopbits {1 | 2} • 1 - One stop bit • 2 - Two stop bits Default Setting 1 stop bit Command Mode...

  • Page 221: Ip Commands

    Example To show all lines, enter this command: Console#show line Console configuration: Password threshold: 3 times Interactive timeout: Disabled Silent time: Disabled Baudrate: 9600 Databits: 8 Parity: none Stopbits: 1 Vty configuration: Password threshold: 3 times Interactive timeout: 65535 Console# IP Commands There are no IP addresses assigned to this switch by default.

  • Page 222: Ip Address

    OMMAND NTERFACE ip address Use this command to set the IP address for this device. Use the no form to restore the default IP address. Syntax ip address {ip-address netmask | bootp | dhcp} no ip address • ip-address - IP address •...

  • Page 223: Ip Dhcp Restart

    • You can start broadcasting BOOTP or DHCP requests by entering an ip dhcp restart command, or by rebooting the switch. Note: Only one VLAN interface can be assigned an IP address (the default is VLAN 1). This defines the management VLAN, the only VLAN through which you can gain management access to the switch.

  • Page 224: Related Commands

    OMMAND NTERFACE • If the BOOTP or DHCP server has been moved to a different domain, the network portion of the address provided to the client will be based on this new domain. Example In the following example, the device is reassigned the same address.

  • Page 225: Show Ip Interface

    Command Usage A gateway must be defined if the management station is located in a different IP segment. Example The following example defines a default gateway for this device: Console(config)#ip default-gateway 10.1.0.254 Console(config)# Related Commands show ip redirects (3-84) show ip interface Use this command to display the settings of an IP interface.

  • Page 226: Show Ip Redirects

    OMMAND NTERFACE show ip redirects Use this command to show the default gateway configured for this device. Default Setting None Command Mode Privileged Exec Example Console#show ip redirects ip default gateway 10.1.0.254 Console# Related Commands ip default-gateway (3-82) ping Use this command to send ICMP echo request packets to another node on the network.
  • Page 227 Command Mode Normal Exec, Privileged Exec Command Usage • Use the ping command to see if another site on the network can be reached. • Following are some results of the ping command: - Normal response -The normal response occurs in one to ten seconds, depending on network traffic.

  • Page 228: Hol Blocking Prevention Commands

    OMMAND NTERFACE HOL Blocking Prevention Commands If head-of-line (HOL) Blocking Prevention is enabled it prevents the forwarding of data to a port transmit queue that is blocked. This allows for a more efficient transfer of packets across the network. Normally, when the switch sends traffic to a port it goes to the port's transmit queue and is then sent out.

  • Page 229: Show Queue Hol-Prevention

    Syntax queue hol-prevention no queue hol-prevention Default Setting Enabled Command Mode Global Configuration Command Usage • If HOL Blocking Prevention is disabled on this switch.The transmit queue may be completely filled with frames awaiting service. • If enabled, once the number of packets in the queue reaches a certain threshold, the switch will begin to randomly drop packets.

  • Page 230: Interface Commands

    OMMAND NTERFACE Example This example displays the current status. Console#show queue hol-prevention HOL blocking prevention status: Disabled Console# Interface Commands These commands are used to display or set communication parameters for an Ethernet port, aggregated link, or VLAN. Command interface description speed-duplex negotiation...

  • Page 231: Interface

    Command show interfaces counters show interfaces switchport interface Use this command to configure an interface type and enter interface configuration mode. Use the no form to remove a trunk. Syntax interface interface no interface port-channel channel-id interface • ethernet unit/port - unit - This is device 1.

  • Page 232: Description

    OMMAND NTERFACE description Use this command to add a description to an interface. Use the no form to remove the description. Syntax description string no description string - Comment or a description to help you remember what is attached to this interface. (Range: 1-64 characters) Default Setting None Command Mode...
  • Page 233 • 10full - Forces 10 Mbps full-duplex operation • 10half - Forces 10 Mbps half-duplex operation Default Setting • Auto-negotiation is enabled by default. • When auto-negotiation is disabled, the default speed-duplex setting is 100half for 100BASE-TX ports and 1000full for Gigabit Ethernet ports.

  • Page 234: Negotiation

    OMMAND NTERFACE negotiation Use this command to enable autonegotiation for a given interface. Use the no form to disable autonegotiation. Syntax negotiation no negotiation Default Setting Enabled Command Mode Interface Configuration (Ethernet, Port Channel) Command Usage • When auto-negotiation is enabled the switch will negotiate the best settings for a link based on the capabilities command.

  • Page 235: Capabilities

    capabilities Use this command to advertise the port capabilities of a given interface during autonegotiation. Use the no form with parameters to remove an advertised capability, or the no form without parameters to restore the default values. Syntax capabilities {1000full | 100full | 100half | 10full | 10half | flowcontrol | symmetric} no port-capabilities [1000full | 100full | 100half | 10full | 10half | flowcontrol | symmetric]...

  • Page 236: Flowcontrol

    OMMAND NTERFACE Command Usage When auto-negotiation is enabled with the negotiation command, the switch will negotiate the best settings for a link based on the capabilites command. When auto-negotiation is disabled, you must manually specify the link attributes with the speed-duplex and flowcontrol commands.
  • Page 237 Command Usage • Flow control can eliminate frame loss by “blocking” traffic from end stations or segments connected directly to the switch when its buffers fill. When enabled, back pressure is used for half-duplex operation and IEEE 802.3x for full-duplex operation.

  • Page 238: Shutdown

    OMMAND NTERFACE shutdown Use this command to disable an interface. To restart a disabled interface, use the no form. Syntax shutdown no shutdown Default Setting All interfaces are enabled. Command Mode Interface Configuration (Ethernet, Port Channel) Command Usage This command allows you to disable a port due to abnormal behavior (e.g., excessive collisions), and then reenable it after the problem has been resolved.

  • Page 239: Switchport Broadcast Percent

    switchport broadcast percent Use this command to configure broadcast storm control. Use the no form to disable broadcast storm control. Syntax switchport broadcast percent level no switchport broadcast level - Threshold level as a percentage of bandwidth. (Range: 6 or 20 percent) Default Setting Enabled for all ports Six percent of bandwidth...

  • Page 240: Clear Counters

    OMMAND NTERFACE clear counters Use this command to clear statistics on an interface. Syntax clear counters interface interface • ethernet unit/port - unit - This is device 1. - port - Port number. • port-channel channel-id (Range: 1-4) Default Setting None Command Mode Privileged Exec...

  • Page 241: Show Interfaces Status

    show interfaces status Use this command to display the status for an interface. Syntax show interfaces status interface interface • ethernet unit/port - unit - This is device 1. - port - Port number. • port-channel channel-id (Range: 1-4) • vlan vlan-id (Range: 1-4094) Default Setting Shows status for all interfaces.

  • Page 242: Show Interfaces Counters

    OMMAND NTERFACE Example Console#show interfaces status ethernet 1/3 Information of Eth 1/3 Basic information: Port type: 100TX Mac address: 00-55-FF-FF-DD-E0 Configuration: Name: Port admin: Up Speed-duplex: Auto Capabilities: 10half, 10full, 100half, 100full, Broadcast storm: Enabled Broadcast storm limit: 6 percent Flow control: Disabled Current status: Link status: Down...

  • Page 243: Command Usage

    Command Usage If no interface is specified, information on all interfaces is displayed. For a description of the items displayed by this command, see “Showing Port Statistics” on page -96. Example Console#show interfaces counters ethernet 1/7 Ethernet 1/ 7 Iftable stats: Octets input: 30658, Octets output: 196550 Unicast input: 6, Unicast output: 5 Discard input: 0, Discard output: 0...

  • Page 244: Show Interfaces Switchport

    OMMAND NTERFACE show interfaces switchport Use this command to display advanced interface configuration settings. Syntax show interfaces switchport [interface] interface • ethernet unit/port - unit - This is device 1. - port - Port number. • port-channel channel-id (Range: 1-4) Default Setting Shows all interfaces.
  • Page 245 • Gvrp status – Shows if GARP VLAN Registration Protocol is enabled or disabled (page 3-140). • Allowed Vlan – Shows the VLANs this interface has joined, where “(u)” indicates untagged and “(t)” indicates tagged (page 3-129). • Forbidden Vlan – Shows the VLANs this interface can not dynamically join via GVRP (page 3-130).

  • Page 246: Rate Limit Commands

    OMMAND NTERFACE This example shows the configuration for port 3 when set to promiscuous mode for private VLANs. Console#show interfaces switchport ethernet 1/3 Information of Eth 1/3 Broadcast threshold: Enabled, 6 percent VLAN membership mode: Access Ingress rule: Enabled Acceptable frame type: All frames Native VLAN: 2 Priority for untagged traffic: 0 Gvrp status: Disabled...

  • Page 247: Rate-Limit

    rate-limit Use this command to set the rate limit. Use the no form to remove the rate limit. Syntax rate-limit {input | output} percent percent no rate-limit input • input - Sets the rate limit for inbound traffic. • output - Sets the rate limit for outbound traffic •...

  • Page 248: Address Table Commands

    OMMAND NTERFACE Example This example sets the rate limit for input and output traffic on port 2 to 312K when operating at 10 Mbps or 3.12 Mbps when operating at 100 Mbps. Console(config)# Console(config)#interface ethernet 1/2 Console(config-if)#rate-limit input percent 3 Console(config-if)#rate-limit output percent 3 Console(config)# Address Table Commands...

  • Page 249: Mac-Address-Table Static

    mac-address-table static Use this command to map a static address to a destination port. Use the no form to remove an address. Syntax mac-address-table static mac-address {interface | discard} [action] no mac-address-table static mac-address [discard] • mac-address - MAC address. •...

  • Page 250: Clear Mac-Address-Table Dynamic

    OMMAND NTERFACE • Static addresses will not be removed from the address table when a given interface link is down. • Static addresses are bound to the assigned interface and will not be moved. When a static address is seen on an interface, the address will be ignored and will not be written to the address table.

  • Page 251: Show Mac-Address-Table

    show mac-address-table Use this command to view classes of entries in the bridge-forwarding database. Syntax show mac-address-table [address mac-address [mask]] [interface interface] [vlan vlan-id] [sort {address | vlan | interface}] • mac-address - MAC address. • mask - Bits to ignore in the address. •...

  • Page 252: Mac-Address-Table Aging-Time

    OMMAND NTERFACE Example Console#show mac-address-table Interface Mac Address --------- ----------------- ---- ----------------- Eth 1/ 1 00-e0-29-94-34-de Console# mac-address-table aging-time Use this command to set the aging time for entries in the address table. Use the no form to restore the default aging time. Syntax mac-address-table aging-time seconds no mac-address-table aging-time...

  • Page 253: Show Mac-Address-Table Aging-Time

    show mac-address-table aging-time Use this command to show the aging time for entries in the address table. Default Setting None Command Mode Privileged Exec Example Console#show mac-address-table aging-time Aging time: 300 sec. Console# Spanning Tree Commands This section includes commands that configure the Spanning Tree Algorithm (STA) globally for the switch, and commands that configure STA for the selected interface.

  • Page 254: Spanning-Tree

    OMMAND NTERFACE Command spanning-tree portfast show spanning-tree spanning-tree Use this command to enable the Spanning Tree Algorithm globally for the switch. Use the no form to disable it. Syntax spanning-tree no spanning-tree Default Setting Spanning tree is enabled. Command Mode Global Configuration Command Usage The Spanning Tree Algorithm (STA) can be used to detect and...

  • Page 255: Spanning-Tree Forward-Time

    Example The following example shows how to enable the Spanning Tree Algorithm for the switch: Console(config)#spanning-tree Console(config)# spanning-tree forward-time Use this command to configure the spanning tree bridge forward time globally for this switch. Use the no form to restore the default.

  • Page 256: Spanning-Tree Hello-Time

    OMMAND NTERFACE Example Console(config)#spanning-tree forward-time 20 Console(config)# spanning-tree hello-time Use this command to configure the spanning tree bridge hello time globally for this switch. Use the no form to restore the default. Syntax spanning-tree hello-time time no spanning-tree hello-time time - Time in seconds. (Range: 1-10 seconds). The maximum value is the lower of 10 or [(max-age / 2) -1].

  • Page 257: Spanning-Tree Max-Age

    spanning-tree max-age Use this command to configure the spanning tree bridge maximum age globally for this switch. Use the no form to restore the default. Syntax spanning-tree max-age seconds no spanning-tree max-age seconds - Time in seconds. (Range: 6-40 seconds) The minimum value is the higher of 6 or [2 x (hello-time + 1)].

  • Page 258: Spanning-Tree Priority

    OMMAND NTERFACE spanning-tree priority Use this command to configure the spanning tree priority globally for this switch. Use the no form to restore the default. Syntax spanning-tree priority priority no spanning-tree priority priority - Priority of the bridge. (Range: 0 - 65535) Default Setting 32768 Command Mode...

  • Page 259: Spanning-Tree Port-Priority

    The recommended range is: - Ethernet: 50-600 - Fast Ethernet: 10-60 - Gigabit Ethernet: 3-10 Default Setting • Ethernet – half duplex: 100; full duplex: 95; trunk: 90 • Fast Ethernet – half duplex: 19; full duplex: 18; trunk: 15 •...

  • Page 260: Spanning-Tree Portfast

    OMMAND NTERFACE Default Setting Command Mode Interface Configuration (Ethernet, Port Channel) Command Usage • This command defines the priority for the use of a port in the spanning-tree algorithm. If the path cost for all ports on a switch are the same, the port with the highest priority (that is, lowest value) will be configured as an active link in the spanning tree.

  • Page 261: Show Spanning-Tree

    Command Mode Interface Configuration (Ethernet, Port Channel) Command Usage • This command is used to enable/disable the fast spanning-tree mode for the selected port. In this mode, ports skip the Blocked, Listening and Learning states and proceed straight to Forwarding. •...

  • Page 262: Privileged Exec

    OMMAND NTERFACE Command Mode Privileged Exec Command Usage For a description of the items displayed under “Bridge-group information, see “Managing Global Settings” on page -43. For a description of the items displayed for specific interfaces, see “Managing STA Interface Settings” on page -47. Example Console#show spanning-tree ethernet 1/11 Bridge-group information...

  • Page 263: Vlan Commands

    VLAN Commands A VLAN is a group of ports that can be located anywhere in the network, but communicate as though they belong to the same physical segment. This section describes commands used to create VLAN groups, add port members, specify how VLAN tagging is used, and enable automatic VLAN registration for the selected interface.

  • Page 264: Vlan Database

    OMMAND NTERFACE Command Display VLAN Information show vlan show interfaces status vlan show interfaces switchport vlan database Use this command to enter VLAN database mode. All commands in this mode will take effect immediately. Default Setting None Command Mode Global Configuration Command Usage •...

  • Page 265: Vlan

    Related Commands show vlan (3-131) vlan Use this command to configure a VLAN. Use the no form to restore the default settings or delete a VLAN. Syntax vlan vlan-id [name vlan-name] media ethernet [state {active | suspend}] no vlan vlan-id [name | state] •...

  • Page 266: Interface Vlan

    OMMAND NTERFACE • VLAN 1 cannot be suspended, but any other VLAN will be suspended. • You can configure up to 127 VLANs on the switch. Example The following example adds a VLAN, using vlan-id 105 and name RD5. The VLAN is activated by default. Console(config)#vlan database Console(config-vlan)#vlan 105 name RD5 media ethernet Console(config-vlan)#...

  • Page 267: Switchport Mode

    Example The following example shows how to set the interface configuration mode to VLAN 1, and then assign an IP address to the VLAN: Console(config)#interface vlan 1 Console(config-if)#ip address 192.168.1.254 255.255.255.0 Console(config-if)# Related Commands shutdown (3-96) switchport mode Use this command to configure the VLAN membership mode for a port.

  • Page 268: Switchport Acceptable-Frame-Types

    OMMAND NTERFACE Example The following shows how to set the configuration mode to port 1, and then set the switchport mode to trunk: Console(config)#interface ethernet 1/1 Console(config-if)#switchport mode trunk Console(config-if)# switchport acceptable-frame-types Use this command to configure the acceptable frame types for a port.

  • Page 269: Switchport Ingress-Filtering

    switchport ingress-filtering Use this command to enable ingress filtering for an interface. Use the no form to restore the default. Syntax switchport ingress-filtering no switchport ingress-filtering Default Setting Disabled Command Mode Interface Configuration (Ethernet, Port Channel) Command Usage • Ingress filtering only affects tagged frames. •...

  • Page 270: Switchport Native Vlan

    OMMAND NTERFACE switchport native vlan Use this command to configure the PVID (i.e., default VLAN ID) for a port. Use the no form to restore the default. Syntax switchport native vlan vlan-id no switchport native vlan vlan-id - Default VLAN ID for a port. (Range: 1-4094, no leading zeroes) Default Setting VLAN 1...

  • Page 271: Switchport Allowed Vlan

    switchport allowed vlan Use this command to configure VLAN groups on the selected interface. Use the no form to restore the default. Syntax switchport allowed vlan {add vlan | remove vlan} no switchport allowed vlan • add vlan - VLAN identifier to add. •...

  • Page 272: Switchport Forbidden Vlan

    OMMAND NTERFACE Example The following example shows how to add VLANs 1, 2, 5 and 6 to the allowed list as tagged VLANs for port 1: Console(config)#interface ethernet 1/1 Console(config-if)#switchport allowed vlan add 1 Console(config-if)#switchport allowed vlan add 2 Console(config-if)#switchport allowed vlan add 5 Console(config-if)#switchport allowed vlan add 6 Console(config-if)# switchport forbidden vlan...

  • Page 273: Show Vlan

    Example The following example shows how to prevent port 1 from being added to VLAN 3: Console(config)#interface ethernet 1/1 Console(config-if)#switchport forbidden vlan add 3 Console(config-if)# show vlan Use this command to show VLAN information. Syntax show vlan [id vlan-id | name vlan-name] •...

  • Page 274: Private Vlan Commands

    OMMAND NTERFACE Example The following example shows how to display information for VLAN 1: Console#show vlan id 1 VLAN Type Name ---- ------- ----------- ------ Static DefaultVlan Console# Private VLAN Commands Private VLANs provide port-based security and isolation between ports within the assigned VLAN. This switch supports two types of private VLAN ports: promiscuous, and community ports.
  • Page 275 Command Function switchport Associates an interface with a private-vlan secondary VLAN host-association switchport Maps an interface to a primary VLAN private-vlan mapping Display Private VLAN Information show vlan Shows private VLAN information private-vlan To configure private VLANs, follow these steps: 1.

  • Page 276: Private-Vlan

    OMMAND NTERFACE private-vlan Use this command to create a primary or secondary (i.e., community) private VLAN. Use the no form to remove the specified private VLAN. Syntax private-vlan vlan-id {community | primary} no private-vlan vlan-id • vlan-id - ID of private VLAN. (Range: 2-4094, no leading zeroes).

  • Page 277: Private Vlan Association

    Example Console(config)#vlan database Console(config-vlan)#private-vlan 2 primary Console(config-vlan)#private-vlan 3 community Console(config)# private vlan association Use this command to associate a primary VLAN with a secondary (i.e., community) VLAN. Use the no form to remove all associations for the specified primary VLAN. Syntax private-vlan primary-vlan-id association {secondary-vlan-id | add secondary-vlan-id | remove secondary-vlan-id}...

  • Page 278: Switchport Mode Private-Vlan

    OMMAND NTERFACE Example Console(config-vlan)#private-vlan 2 association 3 Console(config)# switchport mode private-vlan Use this command to set the private VLAN mode for an interface. Use the no form to restore the default setting. Syntax switchport mode private-vlan {host | promiscuous} no switchport mode private-vlan •...

  • Page 279: Switchport Private-Vlan Host-Association

    Example Console(config)#interface ethernet 1/2 Console(config-if)#switchport mode private-vlan promiscuous Console(config)#exit Console(config)#interface ethernet 1/3 Console(config-if)#switchport mode private-vlan host Console(config)# switchport private-vlan host-association Use this command to associate an interface with a secondary VLAN. Use the no form to remove this association. Syntax switchport private-vlan host-association secondary-vlan-id no switchport private-vlan host-association secondary-vlan-id - ID of secondary (i.e, community) VLAN.

  • Page 280: Switchport Private-Vlan Mapping

    OMMAND NTERFACE switchport private-vlan mapping Use this command to map an interface to a primary VLAN. Use the no form to remove this mapping. Syntax switchport private-vlan mapping primary-vlan-id no switchport private-vlan mapping primary-vlan-id - ID of primary VLAN. (Range: 2-4094, no leading zeroes).

  • Page 281: Show Vlan Private-Vlan

    show vlan private-vlan Use this command to show the private VLAN configuration settings on this switch. Syntax show vlan private-vlan [community | primary] • community - Displays all community VLANs, along with their associate primary VLAN and assigned host interfaces. •...

  • Page 282: Gvrp And Bridge Extension Commands

    OMMAND NTERFACE GVRP and Bridge Extension Commands GARP VLAN Registration Protocol defines a way for switches to exchange VLAN information in order to automatically register VLAN members on interfaces across the network. This section describes how to enable GVRP for individual interfaces and globally for the switch, as well as how to display default configuration settings for the Bridge Extension MIB.

  • Page 283: Show Gvrp Configuration

    Default Setting Disabled Command Mode Interface Configuration (Ethernet, Port Channel) Command Usage GVRP can only be enabled for tagged ports. You must set switchport mode to “trunk” to configure a tagged port. Example Console(config)#interface ethernet 1/1 Console(config-if)#switchport gvrp Console(config-if)# Related Commands switchport mode (3-125) show gvrp configuration Use this command to show if GVRP is enabled.

  • Page 284: Garp Timer

    OMMAND NTERFACE Example Console#show gvrp configuration ethernet 1/7 Eth 1/ 7: Gvrp configuration: Disabled Console# garp timer Use this command to set the values for the join, leave and leaveall timers. Use the no form to restore the timers' default values. Syntax garp timer {join | leave | leaveall} timer_value no garp timer {join | leave | leaveall}...

  • Page 285: Show Garp Timer

    experiencing difficulties with GMRP or GVRP registration/ deregistration. • Timer values are applied to GVRP for all the ports on all VLANs. • Timer values must meet the following restrictions: - leave >= (2 x join) - leaveall > leave Note: Set GVRP timers on all Layer 2 devices connected in the same network to the same values.

  • Page 286: Bridge-Ext Gvrp

    OMMAND NTERFACE Command Mode Normal Exec, Privileged Exec Example Console#show garp timer ethernet 1/1 Eth 1/ 1 GARP timer status: Join timer: 20 centiseconds Leave timer: 60 centiseconds Leaveall timer: 1000 centiseconds Console# Related Commands garp timer (3-142) bridge-ext gvrp Use this command to enable GVRP.

  • Page 287: Show Bridge-Ext

    Example Console(config)#bridge-ext gvrp Console(config)# show bridge-ext Use this command to show the configuration for bridge extension commands. Default Setting None Command Mode Privileged Exec Command Usage See “Displaying Basic VLAN Information” on page -56 and “Displaying Bridge Extension Capabilities” on page -24 for a description of the displayed items.

  • Page 288: Priority Commands

    OMMAND NTERFACE Priority Commands Class of Service (CoS) allows data packets that have greater precedence to receive higher service priority when traffic is buffered in the switch due to congestion. This switch supports CoS with four priority queues for each port. Data packets in a port’s high-priority queues will be transmitted before those in the lower-priority queues.

  • Page 289: Queue Mode

    queue mode Use this command to set the queue mode to strict priority or Weighted Round-Robin (WRR) for the four class of service (CoS) priority queues. Use the no form to restore the default value. Syntax queue mode {strict | wrr} no queue mode •...

  • Page 290: Mirror Port Commands

    OMMAND NTERFACE Command Mode Privileged Exec Example Console#sh queue mode Wrr status: Enabled Console# Mirror Port Commands This section describes how to mirror traffic from a source port to a target port. Command port monitor show port monitor port monitor Use this command to configure a mirror session.

  • Page 291: Show Port Monitor

    Default Setting No mirror session is defined. When enabled, the default mirroring is for both received and transmitted packets. Command Mode Interface Configuration (Ethernet, destination port) Command Usage • You can mirror traffic from any source port to a destination port for real-time analysis.

  • Page 292: Port Trunking Commands

    OMMAND NTERFACE Default Setting Shows all sessions. Command Mode Privileged Exec Command Usage This command displays the currently configured source port, destination port, and mirror mode (i.e., RX, TX, RX/TX). Example The following shows mirroring configured from port 6 to port 11: Console(config)#interface ethernet 1/11 Console(config-if)#port monitor ethernet 1/6 Console(config-if)#end...
  • Page 293 Command Function interface Configures a trunk and enters port-channel interface configuration mode for the trunk port-group Adds a predefined port group to a trunk show interfaces Shows trunk information status port-channel Guidelines for Creating Trunks • Finish configuring port trunks before you connect the corresponding network cables between switches to avoid creating a loop.

  • Page 294: Port-Group

    OMMAND NTERFACE port-group Use this command to add a predefined port group to a trunk. Use the no form to remove a port group from a trunk. Syntax port-group port-group-number no port-group port-group-number - Group number (Range: 1-10) Group Number Ports Default Setting None Command Mode...
  • Page 295 Example The following example creates trunk 1 and then adds port 1 and Console(config)#interface port-channel 1 Console(config-if)#port-group 1 Console(config-if)# RUNKING OMMANDS 3-153...
  • Page 296 OMMAND NTERFACE 3-154...

  • Page 297: Troubleshooting

    Troubleshooting Chart Symptom Cannot connect using Telnet, Web browser, or SNMP software ROUBLESHOOTING Troubleshooting Chart Action • Be sure to have configured the agent with a valid IP address, subnet mask and default gateway. • Be sure that your management station has access to management VLAN (default is VLAN 1).
  • Page 298 ROUBLESHOOTING Symptom Cannot access the on-board configuration program via a serial port connection Forgot or lost the password Troubleshooting Chart Action • Be sure to have set the terminal emulator program to VT100 compatible, 8 data bits, 1 stop bit, no parity and 9600 bps.
  • Page 299 PGRADING The switch contains three firmware components that can be upgraded; the diagnostics (or Boot-ROM) code, runtime operation code and the loader code. The runtime code can be upgraded via the switch’s RS-232 serial console port, via a network connection to a TFTP server, or using SNMP management software.

  • Page 300: Upgrading Firmware Via The Serial Port

    PGRADING IRMWARE VIA THE 4. When the switch initialization screen appears, enter firmware-download mode by pressing <Esc> immediately after the diagnostic test results. Screen text similar to that shown below displays: [1]Image Update [2]System Parameters [3]Change Baud rate [4]Do all the following Test [5]Testing the System SDRAM [6]MPC 850 internal clock Timer and Interrupt Test [7]WATCHDOG Timer and Interrupt Test...
  • Page 301 9. If using Windows HyperTerminal, click the “Transfer” button, and then click “Send File...” Select the XModem Protocol and then use the “Browse” button to select the required firmware code file from your PC system. The “Xmodem file send” window displays the progress of the download procedure. 10.

  • Page 302: Restoring Switch Defaults

    PGRADING IRMWARE VIA THE For example, the following screen text shows the download procedure for a runtime code file: Image download at Baudrate [115200]. Please Change your setting Xmodem Receiving Start :: Image downloaded to buffer. [R]untime [D]iagnostic [L]oader (Warning: you sure what you are doing?) Update Image File:r Runtime Image Filename : acd Updating file system.

  • Page 303: Startup Configuration File

    2. Enter <0> to access the File Manager menu. The following screen will appear: File Name --------------------------------- ---- ---- ---------- ---------- Factory_Default_Config.cfg config1 diag_1005.bix --------------------------------- ---- ---- ---------- ---------- [X]modem Download [D]elete File [E]rase the whole flash Select> 3. Enter <S> and set the Factory_Default_config.cfg file as the startup configuration file.
  • Page 304 PGRADING IRMWARE VIA THE [0]FileManager: [1]Test Mode Set: [x] Exit ! Enter Selection:x [1]Image Update [2]System Parameters [3]Change Baud rate [4]Do all the following Test [5]Testing the System SDRAM [6]MPC 850 internal clock Timer and Interrupt Test [7]WATCHDOG Timer and Interrupt Test [8]ACD chip Test [9]Switch Loopback Test [G]oto System...

  • Page 305: Auto-Negotiation

    10BASE-T IEEE 802.3 specification for 10 Mbps Ethernet over two pairs of Category 3, 4, or 5 UTP cable. 100BASE-TX IEEE 802.3u specification for 100 Mbps Fast Ethernet over two pairs of Category 5 UTP cable. 1000BASE-T IEEE 802.3ab specification for Gigabit Ethernet over two pairs of Category 5, 5e 100-ohm UTP cable.
  • Page 306 LOSSARY Collision Domain Single CSMA/CD LAN segment. CSMA/CD Carrier Sense Multiple Access/Collision Detect is the communication method employed by Ethernet and Fast Ethernet. Dynamic Host Control Protocol (DHCP) Provides a framework for passing configuration information to hosts on a TCP/IP network. DHCP is based on the Bootstrap Protocol (BOOTP), adding the capability of automatic allocation of reusable network addresses and additional configuration options.
  • Page 307 Full Duplex Transmission method that allows switch and network card to transmit and receive concurrently, effectively doubling the bandwidth of that link. GARP VLAN Registration Protocol (GVRP) Defines a way for switches to exchange VLAN information in order to register necessary VLAN members on ports along the Spanning Tree so that VLANs defined in each switch can work automatically over a Spanning Tree network.
  • Page 308 LOSSARY LANs, and defines a standard way for VLANs to communicate across switched networks. IEEE 802.1p An IEEE standard for providing quality of service (QoS) in Ethernet networks. The standard uses packet tags that define up to eight traffic classes and allows switches to transmit packets based on the tagged priority value.
  • Page 309 IGMP Snooping Listening to IGMP Query and IGMP Report packets transferred between IP Multicast Routers and IP Multicast host groups to identify IP Multicast group members. Internet Control Message Protocol (ICMP) Commonly used to send echo messages (i.e., Ping) for monitoring purposes.
  • Page 310 LOSSARY Management Information Base (MIB) An acronym for Management Information Base. It is a set of database objects that contains information about a specific device. Multicast Switching A process whereby the switch filters incoming multicast frames for services for which no attached host has registered, or forwards them to all ports contained within the designated multicast VLAN group.
  • Page 311 into or out of the network. Traffic that falls within the rate limit is transmitted, while packets that exceed the acceptable amount of traffic are dropped. Remote Authentication Dial-in User Service (RADIUS) RADIUS is a logon authentication protocol that uses software running on a central server to control access to RADIUS-compliant devices on the network.

  • Page 312: Virtual Lan (Vlan)

    LOSSARY Virtual LAN (VLAN) A Virtual LAN is a collection of network nodes that share the same collision domain regardless of their physical location or connection point in the network. A VLAN serves as a logical workgroup with no physical barriers, and allows users to share information and resources as though located on the same LAN.

  • Page 313: Pin Assignments

    PPENDIX SSIGNMENTS Console Port Pin Assignments The DB-9 serial port on the switch’s front panel is used to connect to the switch for out-of-band console configuration. The onboard menu-driven configuration program can be accessed from a terminal, or a PC running a terminal emulation program. The pin assignments used to connect to the serial port are provided in the following tables.

  • Page 314: Db-9 Port Pin Assignments

    SSIGNMENTS DB-9 Port Pin Assignments EIA Circuit CCITT Signal No other pins are used. Console Port to 9-Pin DTE Port on PC Switch’s 9-Pin Serial Port 2 RXD 3 TXD 5 SGND No other pins are used. Console Port to 25-Pin DTE Port on PC Switch’s 9-Pin Serial Port 2 RXD...
  • Page 315 address table 2-38 BOOTP 2-13 broadcast storm, threshold 2-34 Class of Service configuring 2-77 queue mapping 2-77 community string 2-83 configuration settings, saving or restoring 2-22 console port pin assignments C-1 default settings 1-14 DHCP 2-13 dot1x commands 3-44 configure 2-103 default 3-46 downloading software 2-20 firmware upgrades 2-20...
  • Page 316 NDEX RADIUS, logon authentication 2-17 rate limit configuration 2-98 restarting the system 2-24 serial port configuring 3-61 3-68 SNMP community string 2-83 enabling traps 2-84 trap manager 2-84 software downloads 2-20 software version, displaying 2-28 Spanning Tree Protocol 2-42 startup configuration file, creating 2-22 startup files displaying 2-20...
  • Page 318 FOR TECHNICAL SUPPORT, CALL: From U.S.A. and Canada (24 hours a day, 7 days a week) (800) SMC-4-YOU; (949) 679-8000; Fax: (949) 679-1481 From Europe (8:00 AM - 5:30 PM UK Time) 44 (0) 118 974 8700; Fax: 44 (0) 118 974 8701 INTERNET E-mail addresses: techsupport@smc.com...

This manual is also suitable for:

Smc6724l2

Table of Contents