Enterasys Matrix E5 5H153-50-G User Manual
  1. Manuals
  2. Brands
  3. Enterasys Manuals
  4. Switch
  5. Matrix E5 5H153-50-G
  6. User manual
Enterasys Matrix E5 5H153-50-G User Manual

Enterasys Matrix E5 5H153-50-G User Manual

Matrix e5 series
Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
MATRIX E5 Series Modules
(5H1xx and 5G1xx)
Local Management User's Guide
9033583-02

Advertisement

Table of Contents
loading

Related Manuals for Enterasys Matrix E5 5H153-50-G

Summary of Contents for Enterasys Matrix E5 5H153-50-G

  • Page 1 MATRIX E5 Series Modules (5H1xx and 5G1xx) Local Management User’s Guide 9033583-02...
  • Page 3 Enterasys Networks reserves the right to make changes in specifications and other information contained in this document and its web site without prior notice. The reader should in all cases consult Enterasys Networks to determine whether any such changes have been made.
  • Page 4 This document is an agreement (“Agreement”) between You, the end user, and Enterasys Networks, Inc. (“Enterasys”) that sets forth your rights and obligations with respect to the Enterasys software program (“Program”) in the package. The Program may be contained in firmware, chips or other media. UTILIZING THE ENCLOSED PRODUCT, YOU ARE AGREEING TO BECOME BOUND BY THE TERMS OF THIS AGREEMENT, WHICH INCLUDES THE LICENSE AND THE LIMITATION OF WARRANTY AND DISCLAIMER OF LIABILITY.
  • Page 5 52.227-19 (a) through (d) of the Commercial Computer Software-Restricted Rights Clause and its successors, and (iii) in all respects is proprietary data belonging to Enterasys and/or its suppliers. For Department of Defense units, the Product is considered commercial computer software in accordance with DFARS section 227.7202-3 and its successors, and use, duplication, or disclosure by the Government is subject to restrictions set forth herein.

  • Page 7: Table Of Contents

    Figures ...xi Tables... xiii ABOUT THIS GUIDE Using This guide ...xv Structure of This Guide ...xv Related Documents... xvii Document Conventions... xvii Typographical and Keystroke Conventions... xviii Getting Help ...xix INTRODUCTION Overview ... 1-1 1.1.1 1.1.2 Navigating Local Management Screens ... 1-3 Local Management Requirements ...
  • Page 8 SYSTEM INFORMATION MENU SCREENS System Information Menu Screen... 5-1 System Information Screen... 5-3 Switch Information Screen ... 5-4 MANAGEMENT SETUP MENU SCREENS Management Setup Menu Screen ... 6-1 Network Configuration Menu Screen ... 6-4 6.2.1 6.2.2 6.2.3 Serial Port Configuration Screen... 6-11 SNMP Configuration Menu Screen ...
  • Page 9 Policy Override Configuration Screen ... 9-17 SYSTEM RESTART MENU SCREEN 10.1 System Restart Menu... 10-1 10.2 Logging Off the System... 10-3 CONFIGURING AND MONITORING THE SWITCH 11.1 Common Tasks ... 11-1 11.2 Setting Password Protection ... 11-2 11.3 Assigning an IP Address ... 11-3 11.4...
  • Page 10 12.2.2 12.2.3 12.2.4 12.2.5 12.2.6 12.3 Enterasys Proprietary MIB Extensions... 12-4 12.4 Compiling MIB Extensions: Enterasys Web site ... 12-4 SPANNING TREE CONCEPTS General ...A-1 A.1.1 Spanning Tree Protocol in a Network ...A-2 Spanning Tree Protocol Parameters...A-3 A.3.1 A.3.2 A.3.3 A.3.4...
  • Page 11 VIRTUAL LANs (VLANs) VLANs and Frame Tagging...B-1 VLAN Configuration ...B-2 Forwarding Tagged/Untagged Frames ...B-3 Forwarding Traffic with Unknown VLAN Tags ...B-3 CLASS OF SERVICE Overview ... C-1 IP MULTICAST FILTERING INDEX Contents...

  • Page 13: Figures

    Password Screen ... 3-4 Main Menu Screen ... 4-2 System Information Menu Screen ... 5-2 System Information Screen ... 5-3 Switch Information Screen ... 5-5 Management Setup Menu Screen... 6-2 Network Configuration Menu Screen ... 6-4 IP Configuration Screen ... 6-6 IP Connectivity Test (Ping) Screen ...
  • Page 14 IP Multicast Registration Table Screen...8-13 Security Menu Screen ...9-4 Security Configuration Screen ...9-9 Port Authentication Configuration Screen...9-13 Policy Override Configuration Screen...9-18 10-1 System Restart Menu Screen...10-2 Spanning Tree Using Switches... A-2 Example of Multi-Switch VLAN Configuration... B-3 Class of Service Example... C-2 Figures Page...
  • Page 15 Main Menu Screen Menu Item Descriptions... 4-3 System Information Menu Screen Menu Item Descriptions ...5-2 System Information Screen Field Descriptions... 5-4 Switch Information Screen Field Descriptions ... 5-5 Management Setup Menu Screen Menu Item Descriptions ...6-3 Network Configuration Menu Screen Menu Item Descriptions ... 6-5 IP Configuration Screen Field Descriptions ...
  • Page 16 Table 7-18 802.1Q VLAN Base Information Screen Field Descriptions...7-36 7-19 802.1Q VLAN Current Table Information Screen Field Descriptions ...7-38 7-20 802.1Q VLAN Static Table Configuration Screen Field Descriptions ...7-41 7-21 802.1Q VLAN Port Configuration Screen Field Descriptions ...7-43 7-22 Static Unicast Address Table Screen Field Descriptions ...7-44 7-23 Broadcast Storm Control Configuration Screen Field Descriptions ...7-48 Network Monitor Menu Screen Menu Item Descriptions...8-3...

  • Page 17: About This Guide

    Local Management (LM), and an introduction to LM screen navigation, in-band and out-of-band network management. This chapter also contains information on how to get help from Enterasys Networks if needed.
  • Page 18 Chapter 11, Configuring and Monitoring the and operating the switch using the Local Management (LM) screens. The LM screens allow you to modify the default switch settings and configure the switch for network management. The LM screens also allow you to monitor the switch performance and status.

  • Page 19: Related Documents

    RELATED DOCUMENTS The following Enterasys Networks document may help to set up, control, and manage the module: • 5C105 MATRIX E5 Overview and Setup Guide...

  • Page 20: Typographical And Keystroke Conventions

    Typographical and Keystroke Conventions TYPOGRAPHICAL AND KEYSTROKE CONVENTIONS bold type Bold type can denote either a user input or a highlighted screen selection. ENTER Indicates either the ENTER or RETURN key, depending on your keyboard. Indicates the keyboard Escape key. SPACE bar Indicates the keyboard space bar key.

  • Page 21: Getting Help

    GETTING HELP For additional support related to this product or document, contact Enterasys Networks using one of the following methods: World Wide Web http://www.enterasys.com Phone (603) 332-9400 Internet mail support@enterasys.com ftp://ftp.enterasys.com Login anonymous Password your email address To send comments or suggestions concerning this document, contact the Enterasys Networks Technical Writing Department via the following email address: TechWriting@enterasys.com...

  • Page 23: Introduction

    (out-of-band), or by a Telnet connection over the network (in-band). The Local Management is based on SNMP (Simple Network Management Protocol). This SNMP agent permits a switch to be managed from any PC in the network using in-band management software.

  • Page 24: The Management Agent

    Network management systems are often classified as either in-band or out-of-band. In-band network management passes data along the same medium (cables, frequencies) used by all other stations on the network. An example of an in-band network management system is the Enterasys Networks NetSight™.

  • Page 25: Navigating Local Management Screens

    NAVIGATING LOCAL MANAGEMENT SCREENS To navigate within a Local Management screen, use the arrow keys of the terminal or the workstation providing terminal emulation services. The Local Management screen cursor responds to the LEFT, RIGHT, UP, and DOWN arrow keys. Each time you press an arrow key, the Local Management screen cursor moves to the next available field in the direction of the arrow key.

  • Page 27: Local Management Requirements

    Local Management Requirements To change the operating parameters of the module, you must access its Local Management program by either a module COM port connection or by a Telnet connection to the module. This chapter provides the following sections on how to make these connections: •...

  • Page 28: Management Terminal Setup Parameters

    Management Terminal Setup To connect the module to a PC or compatible device running the VT terminal emulation, proceed as follows: 1. Connect the RJ45 connector at one end of the cable (supplied in the kit) to the COM port on the module.
  • Page 29 VT100, 7 Bit Controls VT100ID Normal Cursor Keys UPSS DEC Supplemental 2400, 4800, 9600, 19200 (Recommended setting is 9600, which is the default when the switch boots up.) Receive=Transmit XOFF at 64 8 bits No Parity 1 Stop Bit No Local Echo...

  • Page 30: Telnet Connections

    Telnet Connections TELNET CONNECTIONS Prior to accessing a module via a network connection, you must first configure the module with a valid IP address, subnet mask, and default gateway using an out-of-band connection or the BOOTP protocol. Once the module is configured, you can establish a Telnet session from any TCP/IP based node on the network.

  • Page 31: Accessing Local Management

    Accessing the Password screen to enter a Local Management session • The default settings for each switch configuration parameter. These are the parameters that can be changed via a terminal connected to the COM port of the module or a Telnet session (Section 3.4).
  • Page 32 Registration Table Security Menu Security Configuration Port Authentication Policy Override Configuration System Restart Menu Exit Accessing Local Management System Information Switch Information Network Configuration Network Configuration IP Configuration Menu Menu IP Connectivity Test (Ping) Serial Port Configuration HTTP Configuration SNMP Configuration...

  • Page 33: Accessing Local Management Screens

    ACCESSING LOCAL MANAGEMENT SCREENS Access to the Local Management screens menus is gained by connecting a terminal to the console port through a direct cable connection or over a modem, or using Telnet to access the Local Management over the network as detailed in module, as well as to monitor its status and performance.

  • Page 34: Password Screen

    “public,” with no passwords. The administrator has Read/Write access, which allows you to read and modify switch information. The guest has Read Only access to the management program, which allows you to view switch information, but not modify any operating parameters.

  • Page 35: Factory Defaults

    NOTE: A user is allowed three attempts to enter the correct password; on the third failed attempt, the current connection is terminated. FACTORY DEFAULTS Table 3-1 lists the default settings for switch configuration parameters. Each parameter can be changed via the console menus or Telnet. Table 3-1 Factory Default Settings Parameter...
  • Page 36 Factory Defaults Table 3-1 Factory Default Settings (Continued) Parameter System Configuration Password Screen Time-out Send Authentication Fail Traps SNMP Community Names Terminal Baud Rate User Name Virtual LANs Acceptable VLAN Frame Type Configurable PVID Tagging Untagged VLAN Group Assignment VLAN Ingress Filtering VLAN Learning Auto Backplane VLAN Configuration Module Security...

  • Page 37: Main Menu Screens

    Main Menu Screens Once you have logged into Local Management, the Main Menu screen is the first screen to display. This chapter describes the Main Menu screen, introduces the screens that you can use to obtain system operating information, change operating parameters, obtain module operating statistics, reset and exit Local Management.

  • Page 38: Main Menu Screen

    Main Menu Screen MAIN MENU SCREEN When to Use To access the Local Management screens of the switch. The Main Menu screen provides access to the five top level menu screens and the EXIT command. How to Access Enter a valid password User Name and Password in the Password screen as described in Section 3.3.

  • Page 39: Menu Descriptions

    Table 4-1 Main Menu Screen Menu Item Descriptions Menu Item System Information Menu (For details, refer to System Information Switch Information Management Setup Menu (For details, refer to Network Configuration Menu Serial Port Configuration...
  • Page 40 Displays operational status, including link state, flow control method, and duplex mode. Enables Spanning Tree Algorithm; also sets parameters for hello time, maximum message age, switch priority, and forward delay; as well as port priority and path cost. Displays full listing of parameters for the Spanning Tree Algorithm.
  • Page 41 Displays detailed statistical information for the selected port such as packet type and frame size counters. Provides full address listing, as well as search and clear functions. Displays all the multicast groups active on this switch, including multicast IP addresses and corresponding VLAN IDs. Chapter...

  • Page 43: System Information Menu Screens

    Screen Navigation Path Password > Main Menu > System Information Menu When to Use To access the System Information and Switch Information screens to display a basic description of the switch, including contact information, and hardware/firmware versions. How to Access Use the arrow keys to highlight the System Information Menu item on the Main Menu screen and press ENTER.
  • Page 44 Table 5-1 System Information Menu Screen Menu Item Descriptions Menu Item System Information Switch Information System Information Menu Screens Screen Function Provides basic system description, including system object ID, up time, name, contact, and location.

  • Page 45: System Information Screen

    System Information Screen SYSTEM INFORMATION SCREEN Screen Navigation Path Password > Main Menu > System Information Menu > System Information When to Use To display the system description, object ID, and up time; and to enter a name, contact, and location for the system.

  • Page 46: Switch Information Screen

    To display the module hardware/firmware version numbers, serial number and slot number that it occupies in the chassis. How to Access Use the arrow keys to highlight the Switch Information menu item on the System Information Menu screen and press ENTER. The Switch Information screen, System Information Menu Screens To...
  • Page 47 Figure 5-3 Switch Information Screen Field Descriptions Refer to Table 5-3 for a functional description of each screen field. Table 5-3 Switch Information Screen Field Descriptions Use this field... To... Hardware Version See the hardware version of the main board.

  • Page 49: Management Setup Menu Screens

    Management Setup Menu Screens This chapter describes the Management Setup Menu screen and the following screens that can be selected from its menu, to initially set up the module: • Management Setup Menu screen • Network Configuration Menu screen • IP Configuration screen •...
  • Page 50 Management Setup Menu Screen You can also access screens to • enable or disable extended diagnostics during power up, • download a new firmware image or configuration file from a TFTP server to the module, and • upload a configuration file from the module to a TFTP server. How to Access Use the arrow keys to highlight the Management Setup Menu item on the Main Menu screen, and press ENTER.
  • Page 51 Menu Descriptions Refer to Table 6-1 for a functional description of each menu item. Table 6-1 Management Setup Menu Screen Menu Item Descriptions Menu Item Network Configuration Menu Serial Port Configuration SNMP Configuration Menu Console Login Configuration Startup Configuration TFTP Download Management Setup Menu Screen Screen Function Provides access to three screens to perform functions that...

  • Page 52: Network Configuration Menu Screen

    Network Configuration Menu Screen NETWORK CONFIGURATION MENU SCREEN Screen Navigation Path Password > Main Menu > Management Setup Menu > Network Configuration Menu When to Use To perform the following: • Access the screens needed to set the bootup option. •...

  • Page 53: Ip Configuration Screen

    Menu Descriptions Refer to Table 6-2 for a functional description of each menu item. Table 6-2 Network Configuration Menu Screen Menu Item Descriptions Menu Item IP Configuration IP Connectivity Test (Ping) HTTP Configuration MAX Number of allowed Telnet sessions (1-4) Physical Address 6.2.1 IP Configuration Screen...
  • Page 54 Network Configuration Menu Screen Screen Example Figure 6-3 IP Configuration Screen Field Descriptions Refer to Table 6-3 for a functional description of each screen field. Table 6-3 IP Configuration Screen Field Descriptions Use this field... To... Interface Type See which IP transport protocol is being used over Ethernet. The default is Ethernet.
  • Page 55 Table 6-3 IP Configuration Screen Field Descriptions (Continued) Use this field... To... IP Address Enter the IP address of the module that you are managing when accessing the agent module over the network. The agent module supports SNMP over UDP/ IP transport protocol. In this environment, all systems on the Internet, such as network interconnection devices and any PC accessing the agent module (or running NetSight) must have an IP address.Valid IP addresses consist of four numbers, from 0 to...

  • Page 56: Ip Connectivity Test (Ping) Screen

    Network Configuration Menu Screen 6.2.2 IP Connectivity Test (Ping) Screen Screen Navigation Path Password > Main Menu > Management Setup Menu > Network Configuration Menu > IP Connectivity Test (Ping) When to Use To see if another site on the Internet can be reached. How to Access Use the arrow keys to highlight the IP Connectivity Test (Ping) menu item on the Network Configuration Menu screen and press ENTER.

  • Page 57: Http Configuration Screen

    Field Descriptions Refer to Table 6-4 for a functional description of each screen field. Table 6-4 IP Connectivity Test (Ping) Screen Field Descriptions Use this field... IP Address Test Time Interval Success/Failure [Start] command 6.2.3 HTTP Configuration Screen Screen Navigation Path Password >...
  • Page 58 Network Configuration Menu Screen Screen Example Figure 6-5 HTTP Configuration Screen Field Descriptions Refer to Table 6-5 for a functional description of each screen field. Table 6-5 HTTP Configuration Screen Field Descriptions Use this field... HTTP Server HTTP Port Number 6-10 Management Setup Menu Screens To...

  • Page 59: Serial Port Configuration Screen

    Serial Port Configuration Screen SERIAL PORT CONFIGURATION SCREEN Screen Navigation Path Password > Main Menu > Management Setup Menu > Serial Port Configuration When to Use To access the on-board configuration program via a VT100 compatible device connected to the module’s COM port.
  • Page 60 Serial Port Configuration Screen Field Descriptions Refer to Table 6-6 for a functional description of each screen field. Table 6-6 Serial Port Configuration Screen Field Descriptions Use this field... To... Management Set the console port setting for a direct console connection. The default is Mode CONSOLE MODE.

  • Page 61: Snmp Configuration Menu Screen

    SNMP Configuration Menu Screen SNMP CONFIGURATION MENU SCREEN Screen Navigation Path Password > Main Menu > Management Setup Menu > SNMP Configuration Menu When to Use To display and modify parameters for the Simple Network Management Protocol (SNMP). The module includes an on-board SNMP agent which monitors the status of its hardware, as well as the traffic passing through its ports.

  • Page 62: Snmp Communities Screen

    SNMP Configuration Menu Screen Menu Descriptions Refer to Table 6-7 for a functional description of each menu item. Table 6-7 SNMP Configuration Menu Screen Menu Item Descriptions Menu Item Send Authentication Fail Traps SNMP Communities IP Trap Managers 6.4.1 SNMP Communities Screen Screen Navigation Path Password >...
  • Page 63 Screen Example Figure 6-8 SNMP Communities Screen Field Descriptions Refer to Table 6-8 for a functional description of each screen field. Table 6-8 SNMP Communities Screen Field Descriptions Use this field... Community Name Access Status NOTE: The default community strings are “public” with Read Only access, and “private” with Read/Write access.

  • Page 64: Ip Trap Managers Screen

    SNMP Configuration Menu Screen 6.4.2 IP Trap Managers Screen Screen Navigation Path Password > Main Menu > Management Setup Menu > SNMP Configuration Menu > IP Trap Managers When to Use To specify the management stations that will receive authentication failure messages or other trap messages from the module.

  • Page 65: Console Login Configuration Screen

    Field Descriptions Refer to Table 6-9 for a functional description of each screen field. Table 6-9 IP Trap Managers Screen Field Descriptions Use this field... IP Address Community Name Status CONSOLE LOGIN CONFIGURATION SCREEN Screen Navigation Path Password > Main Menu > Management Setup Menu > Console Login Configuration When to Use To restrict management access based on the specified user names and passwords, or to set the invalid password threshold and time-out.
  • Page 66 Console Login Configuration Screen Screen Example Figure 6-10 Console Login Configuration Screen Field Descriptions Refer to Table 6-10 for a functional description of the screen fields. Table 6-10 Console Login Configuration Screen Field Descriptions Use this field... To... Password Set the password intrusion threshold which limits the number of failed logon Threshold attempts.

  • Page 67: Startup Configuration Screen

    5 (on the Mode Switch Bank) on the board and reboot the module. This changes the startup parameter to ENABLED and forces the diagnostics to run when the module is rebooted. For information on the location of the dip switch and how to set it, refer to the installation guide shipped with your module.
  • Page 68 Startup Configuration Screen Screen Example Figure 6-11 Startup Configuration Screen Field Description Refer to Table 6-11 for a functional description of the screen field. Table 6-11 Startup Configuration Screen Field Description Use this field... Startup Diagnostics 6-20 Management Setup Menu Screens To...

  • Page 69: Tftp Download Screen

    Before downloading an image to the device, copy the image to the network TFTP server. A new firmware image file must be a file from Enterasys Networks; otherwise the agent will not accept it. The success of the download operation depends on the accessibility of the TFTP server and the quality of the network connection.
  • Page 70 TFTP Download Screen Screen Example Figure 6-12 TFTP Download Screen Field Descriptions Refer to Table 6-12 for a functional description of each screen field. Table 6-12 TFTP Download Screen Field Descriptions Use this field... Download Server IP Agent Software Upgrade Download Filename Download Mode 6-22...
  • Page 71 Table 6-12 TFTP Download Screen Field Descriptions (Continued) Use this field... Download Method [Process TFTP Download] Download Status To... Select a method (DOWNLOAD IMAGE, UPLOAD CONFIG, or DOWNLOAD CONFIG) to download (receive) an image file from a TFTP server, or upload (transmit) or download a configuration file to/from a TFTP server.

  • Page 73: Device Control Menu Screens

    This chapter describes the Device Control Menu screen and the following screens that can be selected from its menu: • Port Configuration (Section • Port Information (Section • Spanning Tree Configuration Menu • STA Bridge Configuration screen • STA Port Configuration •...

  • Page 74: Device Control Menu Screen

    Device Control Menu Screen DEVICE CONTROL MENU SCREEN Screen Navigation Path Password > Main Menu > Device Control Menu When to Use To control a broad range of functions, including port configuration, Spanning Tree support for redundant switches, port mirroring, multicast filtering, and VLANs. How to Access Use the arrow keys to highlight the Device Control Menu menu item on the Main Menu screen and press ENTER.
  • Page 75 Section 7.8. Displays/configures extended bridge capabilities provided by this switch, including support for traffic classes, and VLAN extensions. For details, refer to Provides access to screens used to configure the default priority for each port, or to display the mapping for the traffic classes.

  • Page 76: Port Configuration Screen

    Password > Main Menu > Device Control Menu > Port Configuration When to Use To set or display communication parameters for any port or module on the switch. How to Access Use the arrow keys to highlight the Port Configuration menu item on the Device Control Menu screen and press ENTER.
  • Page 77 Screen Example Figure 7-2 Port Configuration Screen Field Descriptions Refer to Table 7-2 for a functional description of each screen field. Table 7-2 Port Configuration Screen Field Descriptions Use this field... To... Flow Control Enable or disable the Flow Control feature on all ports currently displayed. mode of all ports Type See port type as:...

  • Page 78: Port Information Screen

    “blocking” traffic from end stations or segments connected directly to the switch when its buffers fill. Back pressure is used for half duplex and IEEE 802.3x for full duplex. Do not use flow control if a port is connected to a hub.
  • Page 79 Screen Example Figure 7-3 Port Information Screen Field Descriptions Refer to Table 7-3 for a functional description of the screen fields. Table 7-3 Port Information Screen Field Descriptions Use this field... Type Operational Link To... See port type as: 10/100TX: 10Base-T/100Base-TX 100FX: 100Base-FX 1000SX: 1000Base-SX 1000LX: 1000Base-LX...

  • Page 80: Spanning Tree Configuration Menu Screen

    This allows the switch to interact with other bridging devices (that is, an STA-compliant switch, bridge or router) in your network to ensure that only one route exists between any two stations on the network. The Spanning Tree Configuration Menu screen menu selections to gain access to the STA Bridge Configuration and STA Port Configuration screens to configure the STA functions.
  • Page 81 Figure 7-4 Spanning Tree Configuration Menu Screen Menu Descriptions Refer to Table 7-4 for a functional description of each menu item. Table 7-4 Spanning Tree Configuration Menu Screen Menu Item Descriptions Menu Item STA Bridge Configuration STA Port Configuration Spanning Tree Configuration Menu Screen Screen Function Sets the STA Bridge parameters.

  • Page 82: Sta Bridge Configuration Screen

    Spanning Tree Configuration Menu Screen 7.4.1 STA Bridge Configuration Screen Screen Navigation Path Password > Main Menu > Device Control Menu > Spanning Tree Configuration Menu > STA Bridge Configuration When to Use To set the STA Bridge parameters. How to Access Use the arrow keys to highlight the STA Bridge Configuration menu item on the Spanning Tree Configuration Menu screen and press ENTER.
  • Page 83 Field Descriptions Refer to Table 7-5 for a functional description of each screen field. Table 7-5 STA Bridge Configuration Screen Field Descriptions Use this field... To... Spanning Tree Enable this parameter to participate in an STA compliant network. The Protocol default is ENABLED.

  • Page 84: Sta Port Configuration Screen

    Spanning Tree Configuration Menu Screen Table 7-5 STA Bridge Configuration Screen Field Descriptions (Continued) Use this field... To... Forward Delay Set the maximum time the root device will wait before changing states (i.e., (in seconds) listening to learning to forwarding). This delay is required because every device must receive information about topology changes before it starts to forward frames.
  • Page 85 Define the priority for the use of a port in the STA algorithm. If the path cost for all ports on a switch are the same, the port with the highest priority (i.e., lowest value) will be configured as an active link in the spanning tree.

  • Page 86: Spanning Tree Information Menu Screen

    Spanning Tree Information Menu Screen Table 7-6 STA Port Configuration Screen Field Descriptions (Continued) Use this field... Cost FastForwarding SPANNING TREE INFORMATION MENU SCREEN Screen Navigation Path Password > Main Menu > Device Control Menu >Spanning Tree Information Menu When to Use To select one of two screens to display a summary of the STA information for the overall bridge or for a specific port.
  • Page 87 Screen Example Figure 7-7 Spanning Tree Information Menu Screen Menu Descriptions Refer to Table 7-7 for a functional description of each menu item. Table 7-7 Spanning Tree Information Menu Screen Menu Item Descriptions Menu Item STA Bridge Information STA Port Information Spanning Tree Information Menu Screen Screen Function Displays the current information about the STA Bridge.

  • Page 88: Sta Bridge Information Screen

    Spanning Tree Information Menu Screen 7.5.1 STA Bridge Information Screen Screen Navigation Path Password > Main Menu > Device Control Menu >Spanning Tree Information Menu > STA Bridge Information When to Use To display the current information about the STA Bridge. How to Access Use the arrow keys to highlight the STA Bridge Information menu item on the Spanning Tree Information Menu screen and press ENTER.
  • Page 89 See the priority and MAC address of the device in the spanning tree that this switch has accepted as the root device. See the path cost from the root port on this switch to the root device. See the number of the port on this switch that is closest to the root.

  • Page 90: Sta Port Information Screen

    Spanning Tree Information Menu Screen 7.5.2 STA Port Information Screen Screen Navigation Path Password > Main Menu > Device Control Menu >Spanning Tree Information Menu > STA Port Information When to Use To display current information about the STA Port. The parameters shown in Table 7-9 are for port STA Information (Ports 1-12, Ports 13-24, Ports 25-36, or Ports 37-48).
  • Page 91 Spanning Tree Information Menu Screen Screen Example Figure 7-9 STA Port Information Screen Device Control Menu Screens 7-19...
  • Page 92 Spanning Tree Information Menu Screen Field Descriptions Refer to Table 7-9 for a functional description of each screen field. Table 7-9 STA Port Information Screen Field Descriptions Use this field... Status Forward Transitions 7-20 Device Control Menu Screens To... See the current state of this port within the Spanning Tree: DISABLED –...

  • Page 93: Mirror Port Configuration Screen

    Spanning Tree. See the priority and number of the port on the designated bridging device through which this switch must communicate with the root of the Spanning Tree. (Figure 7-10) to designate a single port pair (source and...
  • Page 94 Mirror Port Configuration Screen How to Access Use the arrow keys to highlight the Mirror Port Configuration menu item on the Device Control Menu screen and press ENTER. The Mirror Port Configuration screen, Screen Example Figure 7-10 Mirror Port Configuration Screen Field Descriptions Refer to Table 7-10...

  • Page 95: Smarttrunking Configuration Screen

    • Ports can only be assigned to one trunk. • The ports in a trunk must belong to the same switch chip (refer to • The ports at both ends of a connection must be configured as trunk ports. •...
  • Page 96 SmartTrunking Configuration Screen How to Access Use the arrow keys to highlight the SmartTrunking Configuration menu item on the Device Control Menu screen and press ENTER. The SmartTrunking Configuration screen, displays. Screen Example Figure 7-11 SmartTrunking Configuration Screen Field Descriptions Refer to Table 7-11 for a functional description of each screen field.
  • Page 97 SmartTrunk Protocol NO CHANGE field SAVE SHOW The ports used for each trunk must all be on the same internal switch chip, which is synonymous with the SmartTrunk Group ID. Table 7-12 SmartTrunk, Ports Associated with Group IDs Group IDs...

  • Page 98: Igmp Configuration Screen

    Password > Main Menu > Device Control Menu > IGMP Configuration When to Use To configure multicast filtering. The IGMP protocol allows a host to inform its local switch that it wants to receive transmissions addressed to a specific multicast group.

  • Page 99: Igmp Multicast Filtering

    Although this approach reduces the network overhead required by a multicast server, the broadcast traffic must be carefully pruned at every multicast switch it passes through to ensure that traffic is only passed to the hosts that subscribed to this service.

  • Page 100: Extended Bridge Configuration Screen

    Extended Bridge Configuration Screen EXTENDED BRIDGE CONFIGURATION SCREEN Screen Navigation Path Password > Main Menu > Device Control Menu > Extended Bridge Configuration When to Use To see the current settings for these extensions, select and enable or disable a VLAN Learning mode.
  • Page 101 Section This switch does not support multiple local bridges (that is, multiple Spanning Trees). Select the VLAN Learning mode (IVL or SVL) used by the switch. IVL (Independent VLAN Mode) – Allows addresses to be learned per VLAN. SVL (Shared VLAN Mode) – Allows a single address for all VLANs.

  • Page 102: P Configuration Menu

    IEEE 802.1p defines up to 8 separate traffic classes. This switch supports Quality of Service (QoS) by using two priority queues, with weighted fair queuing for each port. For information on Class of...

  • Page 103: P Port Priority Configuration Screen

    Menu Descriptions Refer to Table 7-15 for a functional description of each menu item. Table 7-15 802.1P Configuration Menu Screen Menu Item Descriptions Menu Item 802.1P Port Priority Configuration 802.1P Port Traffic Class Information 7.10.1 802.1P Port Priority Configuration Screen Screen Navigation Path Password >...
  • Page 104 7-32 Device Control Menu Screens To... See the numeric identifier for the switch port. Set the default priority. The default value can be set to any value from 0~7, where 0~3 specifies the low priority queue and 4~7 specifies the high priority queue.

  • Page 105: P Port Traffic Class Information

    To view the current mapping of the Traffic Class-to-priority for each port, which can include both physical and virtual ports. This switch provides two priority levels with weighted fair queuing for port egress. This means that any frames with a default or user priority from 0~3 are sent to the low priority queue “0”...
  • Page 106 Table 7-17 802.1P Port Traffic Class Information Screen Field Descriptions Use this field... Port User Priority 7-34 Device Control Menu Screens To... See the numeric identifier for a switch port. See that user priorities 0~3 specify the low priority queue and 4~7 specify the high priority queue.

  • Page 107: Configuring Virtual Lans

    Configuring Virtual LANs 7.11 CONFIGURING VIRTUAL LANs You can use the VLAN configuration menu to assign any port on the switch to any of up to 1024 LAN groups. In conventional networks with routers, broadcast traffic is split up into separate domains.
  • Page 108 802.1Q VLAN Base Information Screen Screen Example Figure 7-17 802.1Q VLAN Base Information Screen Field Descriptions Refer to Table 7-18 for a functional description of each screen field. Table 7-18 802.1Q VLAN Base Information Screen Field Descriptions Use this field... VLAN Version Number MAX VLAN ID MAX Supported VLANs...

  • Page 109: Q Vlan Current Table Information Screen

    7.13 802.1Q VLAN CURRENT TABLE INFORMATION SCREEN Screen Navigation Path Password > Main Menu > Device Control Menu > 802.1Q VLAN Current Table Information When to Use To see the current port members of each VLAN and whether or not the port supports VLAN tagging.
  • Page 110 See the number of times a VLAN entry has been deleted from this table. See the ID of the VLAN currently displayed. See how this VLAN was added to the switch. See which ports are associated with the Egress Ports and Forbidden Egress Ports information.

  • Page 111: Q Vlan Static Table Configuration Screen

    To create a new VLAN or modify the settings for an existing VLAN. You can add/delete port members of any VLAN in the switch. (Also, note that all ports can only belong to one untagged VLAN. This is set to VLAN 1 by default, but can be changed via the 802.1Q VLAN Port...
  • Page 112 802.1Q VLAN Static Table Configuration Screen How to Access Use the arrow keys to highlight the 802.1Q VLAN Static Table Configuration menu item on the Device Control Menu screen and press ENTER. The 802.1Q VLAN Static Table Configuration screen, Figure 7-19, displays.
  • Page 113 Table 7-20 802.1Q VLAN Static Table Configuration Screen Field Descriptions Use this field... VLAN Name Status Ports Egress Ports Forbidden Egress Ports Untagged Ports [Show] [More] [New] 802.1Q VLAN Static Table Configuration Screen To... See the ID for the VLAN currently displayed. Range: 1-2048 Enter a user-specified symbolic name for this VLAN.

  • Page 114: Q Vlan Port Configuration Screen

    802.1Q VLAN Port Configuration Screen 7.15 802.1Q VLAN PORT CONFIGURATION SCREEN Screen Navigation Path Password > Main Menu > Device Control Menu > 802.1Q VLAN Port Configuration When to Use To configure port-specific settings for IEEE 802.1Q VLAN features. How to Access Use the arrow keys to highlight the 802.1Q VLAN Port Configuration menu item on the Device Control Menu screen and press ENTER.

  • Page 115: Static Unicast Address Table Configuration Screen

    To manually configure host MAC addresses in the unicast table. You can use this screen to associate a MAC address with a specific VLAN ID and switch port. You can also lock a port to a particular MAC Address or the first MAC address received by the port to prevent other users (MAC Addresses) from using that port.
  • Page 116 (Upper part of screen) MAC Address (Upper part of screen) 7-44 Device Control Menu Screens 7-21, displays. To... See the VLAN group to which this port is assigned. See the MAC address of a host device attached to this switch.
  • Page 117 See the current Status of operation set for this static unicast address. The status settings displayed include: Permanent – Currently in use and will remain so after the next reset of the switch. DeleteOnReset – Currently in use and will remain so until the next reset.
  • Page 118 VID, MAC and Port entries: Permanent – This entry is currently in use and will remain so after the next reset of the switch. DeleteOnReset – This entry is currently in use and will remain so until the next reset.

  • Page 119: Broadcast Storm Control Configuration Screen

    7.17 BROADCAST STORM CONTROL CONFIGURATION SCREEN NOTE: Broadcast frames, per second, received above the threshold setting in this screen are dropped. Screen Navigation Path Password > Main Menu > Device Control Menu > Broadcast Storm Control Configuration When to Use To set the limit on the received broadcast frames that are switched out to other ports.
  • Page 120 Broadcast Storm Control Configuration Screen Field Descriptions Refer to Table 7-23 for a functional description of each screen field. Table 7-23 Broadcast Storm Control Configuration Screen Field Descriptions Use this field... Broadcast Storm Control Configuration: Port Broadcast control on all ports: [Enable] [Disable] Port Threshold...

  • Page 121: Network Monitoring Menu Screens

    Network Monitoring Menu Screens This chapter describes the Network Monitor Menu screen and the following screens that can be selected from its menu: • Port Statistics (Section 8.2) • RMON Statistics screen • Unicast Address Table (Section • IP Multicast Registration Table NETWORK MONITOR MENU SCREEN Screen Navigation Path Password >...
  • Page 122 Network Monitor Menu Screen How to Access Use the arrow keys to highlight the Network Monitor Menu item on the Main Menu screen and press ENTER. The Network Monitor Menu screen, Screen Example Figure 8-1 Network Monitor Menu Screen Network Monitoring Menu Screens Figure 8-1, displays.
  • Page 123 Provides full listing of all unicast addresses stored in the switch, as well as sort, search and clear functions. Displays the ports that belong to each IP Multicast group. Network Monitoring Menu Screens...

  • Page 124: Port Statistics Screen

    To display key port statistics from the Ethernet-like MIB. Error statistics on the traffic passing through each port are also displayed. This information can be used to identify potential problems with the switch (such as a faulty port or unusually heavy loading). The values displayed are those accumulated since the last system reboot.
  • Page 125 See the total number of inbound frames that were discarded, even though the frames contained no errors. This field may increment because the switch module was receiving frames during initialization and was not ready to forward them, or the switch was being overutilized.

  • Page 126: Displaying Port Statistics

    To... Display the total number of outbound frames that were discarded, even though the frames contained no errors. This field may increment, because the switch was being overutilized. Display the total number of outbound frames discarded because they contained errors. This field represents the total number of errored frames, regardless of the cause of the error.

  • Page 127: Rmon Statistics Screen

    RMON Statistics Screen RMON STATISTICS SCREEN Screen Navigation Path Password > Main Menu > Network Monitor Menu > RMON Statistics When to Use To display the key statistics for each port or media module from RMON group 1. (RMON groups 2, 3 and 4 can only be accessed using SNMP management software such as NetSight.) This screen displays the overall statistics on traffic passing through each port.
  • Page 128 RMON Statistics Screen Field Descriptions Refer to Table 8-3 for a functional description of each screen field. Table 8-3 RMON Statistics Screen Field Descriptions Use this field... RMON Statistics: Port Drop Events Total Octets Total Packets Broadcast Frames Multicast Frames CRC/Alignment Errors Undersize Frames Oversize Frames...
  • Page 129 Table 8-3 RMON Statistics Screen Field Descriptions (Continued) Use this field... Fragments Jabbers Collisions 64 Octets 65 – 127 Octets 128 – 255 Octets 256 – 511 Octets 512 – 1023 Octets 1024 – 1532 Octets To... See the number of received frames that are not the minimum number of bytes in length or received frames that had a bad or missing Frame Check Sequence (FCS), were less than 64 bytes in length (excluding framing bits, but including FCS...

  • Page 130: Displaying Rmon Statistics

    Unicast Address Table Table 8-3 RMON Statistics Screen Field Descriptions (Continued) Use this field... Refresh Statistics command Reset Counters command PORT 8.3.1 Displaying RMON Statistics To display the statistics for any index, proceed as follows: 1. Use the arrow keys to highlight the PORT field at the bottom of the screen. 2.
  • Page 131 Screen Example Figure 8-4 Unicast Address Table Screen Field Descriptions Refer to Table 8-4 for a functional description of each screen field. Table 8-4 Unicast Address Table Screen Field Descriptions Use this field... Aging Time Dynamic Counts Static Counts To... Enter the aging time-out period (in seconds) for aging out dynamically-learned forwarding information.

  • Page 132: Ip Multicast Registration Table

    Screen Navigation Path Password > Main Menu > Network Monitor Menu > IP Multicast Registration Table When to Use To display all the multicast groups active on this switch, including multicast IP addresses and the corresponding VLAN ID. How to Access Use the arrow keys to highlight the IP Multicast Registration Table menu item on the Network Monitor Menu screen and press ENTER.
  • Page 133 See the VLAN ID assigned to this multicast group. See the IP address for specific multicast services. See switch ports registered for the indicated multicast service. See if the ports were learned dynamically or via IGMP. Enter the ID of a VLAN to display its associated multicast information.
  • Page 134 IP Multicast Registration Table Table 8-5 IP Multicast Registration Table Screen Field Descriptions (Continued) Use this field... Multicast IP (Bottom of screen) [Show] [More] 8-14 Network Monitoring Menu Screens To... Enter the IP of the multicast group to display its associated multicast information.

  • Page 135: Security Menu Screens

    When configured in conjunction with NetSight Policy Manager and RADIUS server(s), Enterasys Networks’ switches can dynamically administer user-based policy that is specifically tailored to the end user’s needs.

  • Page 136: Definitions Of Terms And Abbreviations

    Authenticator Authentication Server Supplicant 9.1.2 Overview The Enterasys Networks Matrix E5 modules support the following 802.1X and EAP security and authentication features to: • Authenticate hosts that are connected to dedicated switch ports. • Authenticate based on single-user hosts. (If a host is a time-shared Unix or VMS system, successful authentication by any user will allow all users access to the network.)

  • Page 137: Security Menu Screen

    Authenticators live in edge switches. They shuffle messages and tell the switch when to grant or deny access, but do not validate logins. User validation is the job of authentication servers. This separation of functions allows network managers to put authentication servers on central servers.
  • Page 138 Security Menu Screen Screen Example Figure 9-1 Security Menu Screen Menu Descriptions Refer to Table 9-2 for a functional description of each menu item. Table 9-2 Security Menu Item Descriptions Menu Item Security Configuration Port Authentication Policy Override Security Menu Screens Screen Function Configures the Radius Client parameters on the module, primary server, and secondary server to restrict access to...

  • Page 139: Overview Of Security Methods

    OVERVIEW OF SECURITY METHODS Two security methods are available to control which users are allowed access to the switch’s host to configure the switch parameters and monitor its operation. • Switch Local Management Application Password – allows two levels of SNMP local...
  • Page 140 IP and Shared Secret. When the Radius Client is active on the switch, you are prompted by an authorization screen for a user login name and password when attempting to access the host IP address via the local console LM, Telnet to LM, or WebView application.
  • Page 141 Local Management Module password. If the user is connected remotely via telnet or WebView, the switch will continue to deny access until communication with the Radius Server is operational again. Optionally, if the switch has been configured to allow remote access, the switch can be configured to use the Local Management Module password in the event of a Radius failure.

  • Page 142: Security Configuration Screen

    Security Configuration Screen SECURITY CONFIGURATION SCREEN Screen Navigation Path Password > Main Menu > Security > Security Configuration When to Use To configure the Radius client in the module to restrict access to management functions of the Local Management screens, by way of the COM port or network TELNET connection. On this screen you can also enable/disable Radius and/or EAPOL on the module.
  • Page 143 Screen Example Figure 9-2 Security Configuration Screen Field Descriptions Refer to Table 9-3 for a functional description of each screen field. Table 9-3 Security Configuration Screen Field Descriptions Use this field… To… Timeout Enter a maximum time (from 0 to 99 seconds) to establish contact with the Radius Server before timing out.
  • Page 144 Security Configuration Screen Table 9-3 Security Configuration Screen Field Descriptions (Continued) Use this field… To… Last Resort Select Accept, Challenge, or Reject, which do the following: Action/Local The default setting is CHALLENGE. To set local and remote servers, refer to Last Resort Select Accept, Challenge, and Reject, which do the following: Action/Remote...
  • Page 145 Table 9-3 Security Configuration Screen Field Descriptions (Continued) Use this field… To… Radius /802.1X Select one of the module global settings to None, Radius, EAPOL Enable (Extensible Authentication Protocol) or Both, which do the following: The default setting is NONE. For more information about enabling Radius, refer to IP Address Enter the IP address (in decimal-dot format) of the primary and...

  • Page 146: More About Eapol

    When a VLAN is created, the module “Auto Backplane VLAN Configurator” populates the Backplane egress ports as a default. However, the inter-switch links need to be added manually to each port when configuring each VLAN. PORT AUTHENTICATION CONFIGURATION SCREEN Screen Navigation Path Password >...
  • Page 147 Screen Example Figure 9-3 Port Authentication Configuration Screen Field Descriptions Refer to Table 9-4 for a functional description of each screen field. Table 9-4 Port Authentication Configuration Screen Field Descriptions Use this field... To... Radius See the range of ports currently displayed. The Radius authentication Authentication configuration for up to 12 ports can be displayed on a screen.
  • Page 148 AUTO – Causes the module to intercept frames and process them before transmitting out the ports. FORCEAUTH – Allows frames to flow in and out the port regardless of the authentication state. FORCEUNAUTH – Except for broadcast/unknown unicast frames, all other type frames are prevented from ingressing to the switch.
  • Page 149 Table 9-4 Port Authentication Configuration Screen Field Descriptions (Continued) Use this field... To... State See the current authentication state of each port. The following nine states are the possible internal states for the authenticator. Some states are simply pass-through states causing a small action and immediately moving to a new state.
  • Page 150 Port Authentication Configuration Screen Table 9-4 Port Authentication Configuration Screen Field Descriptions (Continued) Use this field... To... • State (Cont’d) • • • Authentication Select one of the following Authentication Access modes per Access individual port: AUTO, FORCEAUTH, or FORCEUNAUTH. For a description of these access modes, refer to the Authentication Access mode of all ports parameter described in this table.

  • Page 151: Policy Override Configuration Screen

    Configuration screen. Setting the Policy Override screen to YES will cause the override function to go through and disable all policies, and in effect set the switch back to a state where only the PVID/Port Priority settings would be in use.
  • Page 152 Select YES or NO. When YES is selected, any inappropriate policy Policies? setting is undone and the switch is returned to a state where only the PVID/Port Priority settings are in use. The default is NO. This setting can only be accomplished via a console connection.

  • Page 153: System Restart Menu Screen

    System Restart Menu Screen This chapter describes the System Restart Menu screen and how to reset the switch or exit a current Local Management session. 10.1 SYSTEM RESTART MENU Screen Navigation Path Password > Main Menu > System Restart Menu When to Use To reset the module Local Management agent.
  • Page 154 System Restart Menu Screen Example Figure 10-1 System Restart Menu Screen Field Descriptions Refer to Table 10-1 for a functional description of each screen field. Table 10-1 System Restart Menu Field Descriptions Use this field... POST Reload Factory Defaults Keep IP Setting 10-2 System Restart Menu Screen To...

  • Page 155: Logging Off The System

    10.2 LOGGING OFF THE SYSTEM To log off the system, use the Exit command in the Main Menu screen to exit the configuration program and terminate communications with the switch for the current session. Refer to Section 4-1 for information about the Main Menu screen.

  • Page 157: Configuring And Monitoring The Switch

    (Section 11.2) • Assigning an IP address for the switch if you plan to manage the switch using SNMP, or if you use Telnet to access the switch • Checking network configuration status and verifying that network connections are correct (Section 11.4)

  • Page 158: Setting Password Protection

    When you configure the password parameter, the factory default setting is deactivated and the new password governs access to the console menus. If you forget your password, contact your Enterasys Networks Support Representative. NOTE: You are automatically logged out from the console menus based on the Lock-out Time setting in the Console Login Configuration Menu.

  • Page 159: Assigning An Ip Address

    Link for the port reads DOWN. 4. If you see a DOWN status for a connected port, plug the cable into another port on the switch or try another cable.

  • Page 160: Setting Snmp Management Access

    SNMP, whereas the default “Private” community name allows READ/WRITE access. The switch can send SNMP messages called traps to SNMP management stations when an important event occurs with the switch. The switch allows up to five destinations to be configured for these trap messages to be sent.

  • Page 161: Configuring Port Mirroring

    You can upgrade the operational software in the switch without physically opening the switch or being in the same location. The software storage sector in the flash memory of the switch is reprogrammed, allowing you to easily download software feature enhancements and problem fixes to the switch from a local or remote location.

  • Page 162: Downloading Via The Serial Port

    To download switch software via the serial port, proceed as follows: 1. With the console port connected, reset the switch by powering the switch off and then on. 2. After the power-on hardware and software tests are complete, the system initialization screen...

  • Page 163: Downloading Via Tftp

    To perform a TFTP download, you must first configure the switch. This consists of programming the switch with an IP address, if this has not already been done, and entering the IP address of the TFTP server and the name of the upgrade file.

  • Page 164: Configuring Spanning Tree Parameters

    1. Select the Device Control Menu from the Main Menu. 2. Select the Spanning Tree Configuration Menu and then STA Bridge Configuration. 3. Turn the switch Spanning Tree operation on or off by setting the Spanning Tree Protocol field to ENABLED.

  • Page 165: Configuring Class Of Service

    This switch uses IGMP (Internet Group Management Protocol) to query for any attached hosts who want to receive a specific multicast service. The switch looks up the IP Multicast Group used for this service and adds any port which received a similar request to that group. It then propagates the service request on to any neighboring multicast switch/router to ensure that it will continue to receive the multicast service.

  • Page 166: Configuring Port Operation

    Configuring Port Operation 4. Set the IGMP Query Count to the number of minutes that must elapse before the switch removes the port from an IGMP group. This timer is started after the number of queries are missed as defined in the IGMP Query Count.

  • Page 167: Configuring The Unicast Address Table

    There are seven types of status that can be configured for each address in the table: • Permanent, which means that the MAC address is in use and will remain so after the next switch reset. •...

  • Page 168: Port Locking

    1. From the Device Control Menu, select Static Unicast Address Table Configuration. 2. For the MAC address, specify the VLAN ID, switch port, and the Status (Permanent, Delete On Reset, Lock Port, Unlock Port, Invalid, Delete On Time Out, or Other).

  • Page 169: Setting A Default Gateway

    The default Gateway parameter defines the IP address of a router or other network device to which IP packets are to be sent if destined for a subnet outside of that which the switch is operating. To set a default gateway, proceed as follows: 1.

  • Page 170: Configuring The Radius Client

    11.18 CONFIGURING THE RADIUS CLIENT Radius client enables you to configure the switch to restrict access to the management functions of the Local Management screens, by way of the COM port or network TELNET connection. NOTE: Prior to setting security policy, all VLANs must be pre-configured.

  • Page 171: Setting The Local And Remote Servers

    Section NOTE: To configure the Radius client, EAPOL must be disabled using the Security Configuration screen, described in Section 9.1.1 9.2: Section 9.2. Configuring and Monitoring the Switch Configuring the Radius Client Section 9.1.2 for a better understanding of 11-15...
  • Page 172 1. Highlight the Timeout field and enter the maximum time in seconds to establish contact with the Radius Server before timing out. The factory set default is 5 seconds. 2. Highlight the Retries field and enter the desired maximum number of attempts (1…N) to contact the Radius Server before timing out.

  • Page 173: Setting The Limit On Received Broadcast Frames

    1. Use the Tab key to highlight the [Enable] or [Disable] field for “Broadcast control on all ports”. 2. Press ENTER. 3. Use the Tab key to highlight the <SAVE> command at the bottom of the screen. 4. Press ENTER to save the setting. Setting the Limit on Received Broadcast Frames Configuring and Monitoring the Switch 11-17...

  • Page 175: Snmp Management

    Managed entities supporting SNMP typically contain software, which runs locally on the device and is referred to as an agent. The software in the switch functions as an agent, monitoring and controlling the functionality of the switch.

  • Page 176: Mib Objects

    RFC 1213 provides management of system-level parameters, including TCP/IP protocol-related statistics, IP addressing, and interface statistics for each switch port. MIB II is the standard MIB defined by RFC 1213. All agent devices operating SNMP are required to support at least part of MIB II.

  • Page 177: Rfc 1493 (Bridge Mib)

    12.2.5 RFC 1757 (RMON MIB) RFC 1757 is a group defined under MIB II. This MIB provides management for the RMON aspects of the switch. The switch supports four of the nine groups of RMON defined for Ethernet networks on a per port basis.

  • Page 178: Ieee 802.1Q (Q Mib)

    This MIB provides management for the VLAN aspects of the switch. 12.3 ENTERASYS PROPRIETARY MIB EXTENSIONS Areas of switch functionality not covered by the standard RFC MIBs are specified in the Enterasys private MIB. This MIB definition is specified separately from MIB II. Areas covered in this MIB include various system, switch, and port level information.

  • Page 179: Spanning Tree Concepts

    A.1.1 Spanning Tree Features The switch meets the requirements of the Spanning Tree Protocol (STP) by performing the following functions: • Create a single Spanning Tree from any arrangement of switching or bridging elements.

  • Page 180: Spanning Tree Protocol In A Network

    A and B goes down, the link between A and C becomes active, thereby establishing a path between A and B through switch C. Additionally, if the connection between B and C goes down, the link between A and C becomes active, establishing a path between B and C through switch A.

  • Page 181: Spanning Tree Protocol Parameters

    SPANNING TREE PROTOCOL PARAMETERS Several configuration parameters control the operation of the Spanning Tree Protocol. describes the parameters and lists the switch default settings for each parameter. CAUTION: You can cause serious network performance degradation if you do not fully understand Spanning Tree concepts.

  • Page 182: Spanning Tree Protocol Operation

    Spanning Tree Protocol Parameters Table A-1 Spanning Tree Protocol Defaults (Continued) Parameter Description Cost The Spanning Tree Protocol calculates and ensures that an Component of active topology generates minimal cost paths. A value of Each Port 100 is generally used for 10 Mbps Ethernet networks, a value of 19 for 100 Mbps Fast Ethernet, and a value of 4 for 1000 Mbps Gigabit Ethernet.

  • Page 183: Handling Duplicate Paths

    A.3.5 Handling Duplicate Paths When the active topology of the network is determined, all packets between any two nodes in the network use only one path. Where a duplicate path exists, the non-designated port is put into a blocking state. A.3.6 Remapping Network Topology If there is a change in the network topology due to a failure or the removal or addition of any active...

  • Page 185: Virtual Lans (Vlans)

    VLANs provide greater network efficiency by reducing broadcast traffic, but also allow you to make network changes without having to update IP addresses or IP subnets. VLANs inherently provide a high level of network security, since traffic must pass through a Layer 3 switch or a router to reach a different VLAN.

  • Page 186: Vlan Configuration

    VLANs. However, if you want a port on this switch to participate in one or more VLANs, but the device at the other end of the link does not support VLANs, then you must add this port as an untagged port (that is, a port attached to a VLAN-unaware device).

  • Page 187: Forwarding Tagged/Untagged Frames

    Ports can be assigned to multiple tagged or untagged VLANs as shown in the switch is, therefore, capable of passing tagged or untagged frames. To forward a frame from a VLAN-aware device to a VLAN-unaware device, the switch first decides where to forward the frame, and then strips off the VLAN tag.

  • Page 189: Class Of Service

    • normal As traffic enters the switch, it is assigned to one of the two priority levels according to information located in the 802.1Q header tag of the frame (refer to port number. Frames are then placed into one of two transmit queues on the outbound switch port based on their priority level.
  • Page 190 Figure C-1 shows priority queuing operating within a switch. Frames entering the switch through ports 1 and 4 are tagged as normal traffic and placed in a normal priority queue on the outbound port. Frames entering through ports 2 and 5 are tagged as high priority traffic and placed in a high priority queue on the outbound port.

  • Page 191: Ip Multicast Filtering

    A router, or multicast-enabled switch, can periodically ask their hosts if they want to receive multicast traffic. If there is more than one switch on the LAN performing IP multicasting, one of these devices is elected “querier” and assumes the responsibility of querying the LAN for group members.

  • Page 193: Index

    Auto-negotiation, configuration of Class of Service operation of Class of Service, configuration of Community names, SNMP 11-4 Configuring and monitoring the switch assigning the IP address 11-3 checking the network configuration status common tasks involved in configuration of port operation...
  • Page 194 12-1 compiling extensions 12-4 definition 12-1 Proprietary 12-4 MIB objects 12-2 MIBs, introduction to Compiling MIB extensions, Enterasys web site 12-4 Enterasys Proprietary MIB Extensions RFC 1213 (MIB-II) 12-2 RFC 1757 (RMON MIB) 12-3 Mirror port configuration 11-5 Moving the cursor...
  • Page 195 Radius Client configuration of 11-14 Radius client operation rules governing 11-14 Radius client, local and remote servers setting of 11-15 RADIUS Configuration Screen Auth Port 9-11 9-11 Last-Resort Action/Local 9-10 Last-Resort Action/Remote Radius Client 9-11 Retries Secret 9-11 Time-out 9-9, 9-18 Radius Server multiple access for...
  • Page 196 11-8 Spanning Tree Protocol (IEEE 802.1D) concepts of Statistics Switch configuration parameters default settings of Switch statistics viewing of 11-4 Tags, VLAN Telnet connecting to switch using Telnet connections TFTP download process 11-7 downloading software 11-5 Traps SNMP 12-1 Index-4...

This manual is also suitable for:

Matrix e6 5g102-06-g

Table of Contents