Page 1 Kommunikation RY-LGSO25-24 User’s Manual...
Page 2 Kommunikation RY-LGSO25-24 User's Manual 24-Port L2 PoE Plus Managed Switch Release 6.38 Publication date: Sept., 2015 Revision A2...
Page 3 Manufacture Technology. Purpose This manual gives specific information on how to operate and use the management functions of the RY-LGSO25-24 The Manual is intended for use by network administrators who are Audience responsible for operating and maintaining network equipment;...
Page 4 Kommunikation accordance with the Instruction manual, may cause harmful interference to radio communications. To assure continued compliance (example-use only shielded FCC Caution interface cables when connection to computer or peripheral devices). Any changes or modifications not expressly approved by the party responsible for compliance could void the user’s authority to operate...
Page 5: Table Of Contents
Kommunikation Table of Contents Revision History ..............................ix INTRODUCTION ........................... 1 CHAPTER 1 OPERATION OF WEB-BASED MANAGEMENT ............. 2 CHAPTER 2 SYSTEM CONFIGURATION .................. 6 2-1 System ............................... 6 2-1.1 Information ............................... 6 2-1.2 IP ................................7 2-1.3 NTP ................................. 10 2-1.4 Time ................................
Page 6 Kommunikation 2-8 Spanning Tree ............................107 2-8.1 Bridge Setting ............................107 2-8.2 MSTI Mapping ............................110 2-8.3 MSTI Priorities............................112 2-8.4 CIST Ports .............................. 113 2-8.5 MSTI Ports ............................. 116 2-9 IPMC Profile ............................118 2-9.1 Profile Table ............................118 2-9.1.1 IPMC Profile Rule Settings Table ...................
Page 7 Kommunikation 2-19 Mirror ..............................197 2-20 UPnP ..............................199 2-21. GVRP ..............................201 2-21.1 Global Config ............................201 2-21.2 Port Config ............................203 2-22. sFlow ..............................204 2-23 Switch2go ............................207 2-23.1 Switch2go setting ..........................207 2-23.2 User Link Management ........................208 2-23.3 Port Name Service ...........................
Page 8 Kommunikation 3-6.3 Port Statistics ............................271 3-7 Loop Protection ............................. 272 3-8 Spanning Tree ............................273 3-8.1 Bridge Status ............................273 3-8.2 Port Status ............................275 3-8.3 Port Statistics ............................276 3-9 MVR ............................... 278 3-9.1 Statistics ..............................278 3-9.2 MVR Channels Groups ..........................
Page 9 Kommunikation 5-2 Factory Defaults ............................. 324 5-3 Firmware ............................... 325 5-3.1 Firmware upgrade ..........................325 5-3.2 Firmware Selection ..........................326 5-4 Configuration ............................328 5-4.1 Save startup-config ..........................328 5-4.2 Upload ..............................329 5-4.3 Download .............................. 330 5-4.5 Delete..............................332 viii Publication date: Sept., 2015...
Page 10: Revision History
Kommunikation Revision History Release Date Revision V6.05 12/08//2014 V6.38 09/30/2015 Publication date: Sept., 2015 Revision A2...
Page 11: Introduction
In this user’s manual, it will not only tell you how to install and connect your network system but configure and monitor the RY-LGSO25-24 through the web by (RJ-45) serial interface and Ethernet ports step-by-step. Many explanations in detail of hardware and software functions are shown as well as the examples of the operation for web-based interface.
Page 12: Chapter 1 Operation Of Web-Based Management
MIBs status, each port activity, Spanning tree status, port aggregation status, multicast traffic, VLAN and priority status, even illegal access record and so on. he default values of the RY-LGSO25-24 are listed in the table below: IP Address 192.168.1.1 Subnet Mask 255.255.255.0...
Page 13 AS RY-LGSO25-24 the function enable dhcp, so If you do not have DHCP server to provide ip addresses to the switch, the Switch default ip 192.168.1.1 Figure 1 The login page Publication date: Sept., 2015 Revision A2...
Page 14: Chapter 2 System Configuration
Kommunikation System Configuration Chapter 2 This chapter describes the entire basic configuration tasks which includes the System Information and any manage of the Switch (e.g. Time, Account, IP, Syslog and NTP.) System You can identify the system by configuring the contact information, name, and location of the switch.
Page 15: 2-1.2 Ip
Kommunikation 2-1.2 IP The IPv4 address for the switch could be obtained via DHCP Server for VLAN 1. To manually configure an address, you need to change the switch's default settings to values that are compatible with your network. You may also need to establish a default gateway between the switch and management stations that exist on another network segment.
Page 16 Kommunikation between interfaces will not be routed. In Router mode traffic is routed between all interfaces. DNS Server  This setting controls the DNS name resolution done by the switch. The following modes are supported:  From any DHCP interfaces The first DNS server offered from a DHCP lease to a DHCP-enabled interface will be used.
Page 17 Kommunikation IPv6 Mask  The IPv6 network mask, in number of bits (prefix length). Valid values are between 1 and 128 bits for a IPv6 address. The field may be left blank if IPv6 operation on the interface is not desired.
Page 18: 2-1.3 Ntp
Kommunikation 2-1.3 NTP NTP is Network Time Protocol and is used to sync the network time based Greenwich Mean Time (GMT). If use the NTP mode and select a built-in NTP time server or manually specify an user-defined NTP server as well as Time Zone, the switch will sync the time in a short after pressing <Apply>...
Page 19 Kommunikation These buttons are displayed on the NTP page: Apply – Click to save changes. Reset - Click to undo any changes made locally and revert to previously saved values. Publication date: Sept., 2015 Revision A2...
Page 20: 2-1.4 Time
2-1.4 Time The switch provides manual and automatic ways to set the system time via NTP. Manual setting is simple and you just input “Year”, “Month”, “Day”, “Hour” and “Minute” within the valid value range indicated in each item. Web Interface To configure Time in the web interface: 1.
Page 21 Kommunikation Parameter description: Time Configuration Clock Source:  There are two modes for configuring how the Clock Source from. Select "Use Local Settings" : Clock Source from Local Time. Select "Use NTP Server" : Clock Source from NTP Server.
Page 22 Kommunikation Recurring Configuration Start time settings:  Week - Select the starting week number. Day - Select the starting day. Month - Select the starting month. Hours - Select the starting hour. Minutes - Select the starting minute. End time settings: ...
Page 23: 2-1.5 Log
Kommunikation 2-1.5 Log The log is a standard for logging program messages . It allows separation of the software that generates messages from the system that stores them and the software that reports and analyzes them. It can be used as well a generalized informational, analysis and debugging messages.
Page 24: Green Ethernet
Kommunikation Reset - Click to undo any changes made locally and revert to previously saved values. 2-2 Green Ethernet EEE is a power saving option that reduces the power usage when there is low or no traffic utilization. EEE works by powering down circuits when there is no traffic. When a port gets data to be transmitted all circuits are powered up.
Page 25 Kommunikation Parameter description: Optimize EEE for The switch can be set to optimize EEE for either best power saving or least traffic latency. Port:  The switch port number of the logical port. ActiPHY :  Link down power savings enabled.
Page 26: Ports Configuration
2-3 Ports Configuration The section describes to configure the Port detail parameters of the switch. Others you could using the Port configure to enable or disable the Port of the switch. Monitor the ports content or status in the function. 2-3.1 Ports This page displays current port configurations.
Page 27 Kommunikation This is the logical port number for this row. Link :  The current link state is displayed graphically. Green indicates the link is up and red that it is down. Current Link Speed :  Provides the current link speed of the port.
Page 28 Kommunikation Apply – Click to save changes. Reset- Click to undo any changes made locally and revert to previously saved values. Upper right icon (Refresh)  You can click them for refresh the Port link Status by manual Publication date: Sept., 2015...
Page 29: 2-3.2 Ports Description
Kommunikation 2-3.2 Ports Description The section describes to configure the Port’s alias or any descriptions for the Port Identity. It provides user to write down an alphanumeric string describing the full name and version identification for the system’s hardware type, software version, and networking application...
Page 30: 2-4Dhcp
Kommunikation 2-4DHCP The section describes to configure the DHCP Snooping parameters of the switch. The DHCP Snooping can prevent attackers from adding their own DHCP servers to the network. 2-4.1 Server 2-4.1.1 Mode This page configures global mode and VLAN mode to enable/disable DHCP server per system and per VLAN.
Page 31 Kommunikation Configure the operation mode per system. Possible modes are: Enabled: Enable DHCP server per system. Disabled: Disable DHCP server pre system. VLAN Range :  Indicate the VLAN range in which DHCP server is enabled or disabled. The first VLAN ID must be smaller than or equal to the second VLAN ID.
Page 32: 2-4.1.2 Excluded Ip
Kommunikation 2-4.1.2 Excluded IP This page configures excluded IP addresses. DHCP server will not allocate these excluded IP addresses to DHCP client. Web Interface To configure DHCP server excluded IP in the web interface: 1. Click Configuration, DHCP, Server, Excluded IP 2.
Page 33: 2-4.1.3 Pool
Kommunikation 2-4.1.3 Pool This page manages DHCP pools. According to the DHCP pool, DHCP server will allocate IP address and deliver configuration parameters to DHCP client. Web Interface To configure DHCP server pool in the web interface: 1. Click Configuration, DHCP, Server, Pool 2.
Page 34 Kommunikation If "-" is displayed, it means not defined. IP :  Display network number of the DHCP address pool. If "-" is displayed, it means not defined. Subnet Mask :  Display subnet mask of the DHCP address pool.
Page 35: 2-4.2 Snooping
Kommunikation 2-4.2 Snooping DHCP Snooping is used to block intruder on the untrusted ports of the switch device when it tries to intervene by injecting a bogus DHCP reply packet to a legitimate conversation between the DHCP client and server.
Page 36 Kommunikation Indicates the DHCP snooping port mode. Possible port modes are: Trusted: Configures the port as trusted source of the DHCP messages. Untrusted: Configures the port as untrusted source of the DHCP messages. Buttons  Apply – Click to save changes.
Page 37: 2-4.3 Relay
Kommunikation 2-4.3 Relay A DHCP relay agent is used to forward and to transfer DHCP messages between the clients and the server when they are not in the same subnet domain. It stores the incoming interface IP address in the GIADDR field of the DHCP packet. The DHCP server can use the value of GIADDR field to determine the assigned subnet.
Page 38 Kommunikation Enabled: Enable DHCP relay information mode operation. When DHCP relay information mode operation is enabled, the agent inserts specific information (option 82) into a DHCP message when forwarding to DHCP server and removes it from a DHCP message when transferring to DHCP client. It only works when DHCP relay operation mode is enabled.
Page 39: Security
Kommunikation 2-5 Security This section shows you to to configure the Port Security settings of the Switch. You can use the Port Security feature to restrict input to an interface by limiting and identifying MAC addresses. 2-5.1 Switch 2-5.1.1 Users This page provides an overview of the current users.
Page 40 Kommunikation content is the ASCII characters from 32 to 126. Password (again)  To type the password again. You must type the same password again in the field. Privilege Level :  The privilege level of the user. The allowed range is 1 to 15. If the privilege level value is 15, it can access all groups, i.e.
Page 41: 2-5.1.2 Privilege Level
Kommunikation 2-5.1.2 Privilege Level This page provides an overview of the privilege levels. The switch provides user set Account, Aggregation, Diagnostics, EEE, GARP, GVRP,IP, IPMC Snooping LACP LLDP LLDP MED MAC Table MRP MVR MVRP Maintenance Mirroring POE Ports Private VLANs QoS SMTP SNMP Security Spanning Tree System Trap Event VCL VLANs Voice VLAN Privilege Levels from 1 to 15 .
Page 42 Kommunikation source guard. IP: Everything except 'ping'. Port: Everything except 'VeriPHY'. Diagnostics: 'ping' and 'VeriPHY'. Maintenance: CLI- System Reboot, System Restore Default, System Password, Configuration Save, Configuration Load and Firmware Load. Web- Users, Privilege Levels and everything in Maintenance.
Page 43: 2-5.1.3 Authentication Method
Kommunikation 2-5.1.3 Authentication Method This page shows how to configure a user with authenticated when he logs into the switch via one of the management client interfaces. Web Interface To configure a Authentication Method Configuration in the web interface: 1.
Page 44: 2-5.1.4 Ssh
Kommunikation values. 2-5.1.4 SSH This section shows you to use SSH (Secure SHell) to securely access the Switch. SSH is a secure communication protocol that combines authentication and data encryption to provide secure encrypted communication. Web Interface To configure a SSH Configuration in the web interface: 1.
Page 45: 2-5.1.5 Https
Kommunikation 2-5.1.5 HTTPs This section shows you how to use HTTPS to securely access the Switch. HTTPS is a secure communication protocol that combines authentication and data encryption to provide secure encrypted communication via the browser. Web Interface To configure a HTTPS Configuration in the web interface: 1.
Page 46: 2-5.1.6 Access Management
Kommunikation 2-5.1.6 Access Management This section shows you to configure access management table of the Switch including HTTP/HTTPS, SNMP, and TELNET/SSH. You can manage the Switch over an Ethernet LAN, or over the Internet. Web Interface To configure an Access Management Configuration in the web interface: 1.
Page 47 Kommunikation Indicates that the host can access the switch from SNMP interface if the host IP address matches the IP address range provided in the entry. TELNET/SSH :  Indicates that the host can access the switch from TELNET/SSH interface if the host IP address matches the IP address range provided in the entry.
Page 48: 2-5.1.7 Snmp
Kommunikation 2-5.1.7 SNMP Any Network Management System (NMS) running the Simple Network Management Protocol (SNMP) can manage the Managed devices equipped with SNMP agent, provided that the Management Information Base (MIB) is installed correctly on the managed devices. The...
Page 49 Kommunikation Version  Indicates the SNMP supported version. Possible versions are: SNMP v1: Set SNMP supported version 1. SNMP v2c: Set SNMP supported version 2c. SNMP v3: Set SNMP supported version 3. Read Community  Indicates the community read access string to permit access to SNMP agent. The allowed string length is 0 to 255, and the allowed content is the ASCII characters from 33 to 126.
Page 50 Kommunikation 2-5.1.7.2 Trap Configure SNMP trap on this page. Global Settings Configure SNMP trap on this page. Web Interface To display the configure SNMP Trap Configuration in the web interface: 1. Click Configuration, Switch, SNMP, Trap. 2. Click Add New Entry then you can create new SNMP Trap on the switch.
Page 51 Kommunikation Trap Destination Configurations  Configure trap destinations on this page. Name  Indicates the trap Configuration's name. Indicates the trap destination's name. Enable  Indicates the trap destination mode operation. Possible modes are: Enabled: Enable SNMP trap mode operation.
Page 52 Kommunikation Trap Security Name  Indicates the SNMP trap security name. SNMPv3 traps and informs using USM for authentication and privacy. A unique security name is needed when traps and informs are enabled. Publication date: Sept., 2015 Revision A2...
Page 53 Kommunikation 2-5.1.7.3 Communities The function is used to configure SNMPv3 communities. The Community and UserName is unique. To create a new community account, please check <Add new community> button, and enter the account information then check <Save>. Max Group Number: 4.
Page 54 Kommunikation 2-5.1.7.4 Users The function is used to configure SNMPv3 user. The Entry index key is UserName. To create a new UserName account, please check <Add new user> button, and enter the user information then check <Save>. Max Group Number : 10.
Page 55 Kommunikation 126. Security Level  Indicates the security model that this entry should belong to. Possible security models are: NoAuth, NoPriv: No authentication and no privacy. Auth, NoPriv: Authentication and no privacy. Auth, Priv: Authentication and privacy. The value of security level cannot be modified if entry already exists. That means it must first be ensured that the value is set correctly.
Page 56 Kommunikation 2-5.1.7.5 Group The function is used to configure SNMPv3 group. The Entry index key are Security Model and Security Name. To create a new group account, please check <Add new group> button, and enter the group information then check <Save>. Max Group Number: v1: 2, v2: 2, v3:10.
Page 57 Kommunikation models are: v1: Reserved for SNMPv1. v2c: Reserved for SNMPv2c. usm: User-based Security Model (USM). Security Name  A string identifying the security name that this entry should belong to. The allowed string length is 1 to 32, and the allowed content is ASCII characters from 33 to 126.
Page 58 Kommunikation 2-5.1.7.6 Views The function is used to configure SNMPv3 view. The Entry index keys are OID Subtree and View Name. To create a new view account, please check <Add new view> button, and enter the view information then check <Save>. Max Group Number: 28.
Page 59 Kommunikation entry existing with view type as 'included' and it's OID subtree should overstep the 'excluded' view entry. OID Subtree  The OID defining the root of the subtree to add to the named view. The allowed OID length is 1 to 128. The allowed string content is digital number or asterisk(*).
Page 60 Kommunikation 126. Security Model  Indicates the security model that this entry should belong to. Possible security models are: any: Any security model accepted(v1|v2c|usm). v1: Reserved for SNMPv1. v2c: Reserved for SNMPv2c. usm: User-based Security Model (USM). Security Level ...
Page 61 Kommunikation 2-5.1.7.8 Trap Event Severity This page displays current trap event severity configurations. Trap event severity can also be configured here. Web Interface To display the configure Trap Event Serverity in the web interface: 1. Click SNMP, Trap Event Severity.
Page 62 Kommunikation Enable - Select this Group Name in SMTP. Publication date: Sept., 2015 Revision A2...
Page 63: 2-5.1.8 Rmon
Kommunikation 2-5.1.8 RMON An RMON implementation typically operates in a client/server model. Monitoring devices contain RMON software agents that collect information and analyze packets. These probes act as servers and the Network Management applications that communicate with them act as clients.
Page 64 Kommunikation Buckets  Indicates the maximum data entries associated this History control entry stored in RMON. The range is from 1 to 3600, default value is 50. Buckets Granted  The number of data shall be saved in the RMON.
Page 65 Kommunikation 2-5.1.8.2 History Configure RMON History table on this page. The entry index key is ID. Web Interface To display the configure RMON History in the web interface: 1. Click RMON, History. 2. Click Add New Entry. 3. Specify the ID parameters.
Page 66 Kommunikation The number of data shall be saved in the RMON. Publication date: Sept., 2015 Revision A2...
Page 67 Kommunikation 2-5.1.8.3 Alarm Configure RMON Alarm table on this page. The entry index key is ID. Web Interface To display the configure RMON Alarm in the web interface: 1. Click RMON, Alarm. 2. Click Add New Entry. 3. Specify the ID parameters.
Page 68 Kommunikation The number of inbound packets that contained errors preventing them from being deliverable to a higher-layer protocol. InUnknownProtos: the number of the inbound packets that were discarded because of the unknown or un-support protocol. OutOctets: The number of octets transmitted out of the interface , including framing characters.
Page 69 Kommunikation 2-5.1.8.4 Event Configure RMON Event table on this page. The entry index key is ID. Web Interface To display the configure RMON Event in the web interface: 1. Click RMON, Event. 2. Click Add New Entry. 3. Specify the ID parameters.
Page 70: 2-5.2 Network
Kommunikation 2-5.2 Network 2-5.2.1 Limit Control This section shows you to to configure the Port Security settings of the Switch. You can use the Port Security feature to restrict input to an interface by limiting and identifying MAC addresses.
Page 71 Kommunikation Publication date: Sept., 2015 Revision A2...
Page 72 Kommunikation Parameter description: System Configuration Mode :  Indicates if Limit Control is globally enabled or disabled on the switch. If globally disabled, other modules may still use the underlying functionality, but limit checks and corresponding actions are disabled.
Page 73 Kommunikation disconnecting the cable), the port will remain shut down. There are three ways to re-open the port: 1) Boot the switch, 2) Disable and re-enable Limit Control on the port or the switch, 3) Click the Reopen button.
Page 74: 2-5.2.2 Nas
Kommunikation 2-5.2.2 NAS The section describes to configure the NAS parameters of the switch. The NAS server can be employed to connect users to a variety of resources including Internet access, conference calls, printing documents on shared printers, or by simply logging on to the Internet.
Page 75 Kommunikation Parameter description: Mode :  Indicates if NAS is globally enabled or disabled on the switch. If globally disabled, all ports are allowed forwarding of frames. Reauthentication Enabled :  If checked, successfully authenticated supplicants/clients are reauthenticated after the interval specified by the Reauthentication Period.
Page 76 Kommunikation to secure MAC addresses: • Single 802.1X • Multi 802.1X • MAC-Based Auth. If a client is denied access - either because the RADIUS server denies the client access or because the RADIUS server request times out (according to the timeout specified on the "Configuration→Security→AAA"...
Page 77 Kommunikation Guest VLAN if an EAPOL frame has not been received on the port for the life-time of the port. If enabled (checked), the switch will consider entering the Guest VLAN even if an EAPOL frame has been received on the port for the life-time of the port.
Page 78 Kommunikation retransmission rate. Single 802.1X :  In port-based 802.1X authentication, once a supplicant is successfully authenticated on a port, the whole port is opened for network traffic. This allows other clients connected to the port (for instance through a hub) to piggy-back on the successfully authenticated client and get network access even though they really aren't authenticated.
Page 79 Kommunikation authentication is that the clients don't need special supplicant software to authenticate. The disadvantage is that MAC addresses can be spoofed by malicious users - equipment whose MAC address is a valid RADIUS user can be used by anyone. Also, only the MD5-Challenge method is supported.
Page 80 Kommunikation - Value of Tunnel-Type must be set to "VLAN" (ordinal 13). - Value of Tunnel-Private-Group-ID must be a string of ASCII chars in the range '0' - '9', which is interpreted as a decimal string representing the VLAN ID. Leading '0's are discarded.
Page 81 Kommunikation The button only has effect for successfully authenticated clients on the port and will not cause the clients to get temporarily unauthorized. Reinitialize: Forces a reinitialization of the clients on the port and thereby a reauthentication immediately. The clients will transfer to the unauthorized state while the reauthentication is in progress.
Page 82: 2-5.2.3 Acl
Kommunikation 2-5.2.3 ACL The GEPoEL2P-ESW26G Series switch access control list (ACL) is probably the most commonly used object in the IOS. It is used for packet filtering but also for selecting types of traffic to be analyzed, forwarded, or influenced in some way. The ACLs are divided into Ether Types.
Page 83 Kommunikation Select the policy to apply to this port. The allowed values are 1 through 8. The default value is 1. Action :  Select whether forwarding is permitted ("Permit") or denied ("Deny"). The default value is "Permit". Rate Limiter ID : ...
Page 84 Kommunikation manual. Publication date: Sept., 2015 Revision A2...
Page 85 Kommunikation 2-5.2.3.2 Rate Limiters The section describes how to configure the switch’s ACL Rate Limiter parameters. The Rate Limiter Level from 1 to 16 that allow user to set rate limiter value and units with pps or kbps. Web Interface To configure ACL Rate Limiter in the web interface: 1.
Page 86 Kommunikation Publication date: Sept., 2015 Revision A2...
Page 87 Kommunikation 2-5.2.3.3 Access Control List The section describes how to configure Access Control List rule. An Access Control List (ACL) is a sequential list of permit or deny conditions that apply to IP addresses, MAC addresses, or other more specific criteria. This switch tests ingress packets against the conditions in an ACL one by one.
Page 88 Kommunikation Parameter description: Ingress Port :  Indicates the ingress port of the ACE. Possible values are: Any: The ACE will match any ingress port. Policy: The ACE will match ingress ports with a specific policy. Port: The ACE will match a specific ingress port.
Page 89 Kommunikation Disabled is displayed, the rate limiter operation is disabled. Port Copy :  Indicates the port copy operation of the ACE. Frames matching the ACE are copied to the port number. The allowed values are Disabled or a specific port number.
Page 90 Kommunikation this SMAC value. DMAC Filter  Specify the destination MAC filter for this ACE. Any: No DMAC filter is specified. (DMAC filter status is "don't-care".) MC: Frame must be multicast. BC: Frame must be broadcast. UC: Frame must be unicast.
Page 91: 2-5.2.4 Ip Source Guard
Kommunikation 2-5.2.4 IP Source Guard The section describes to configure the IP Source Guard detail parameters of the switch. You could use the IP Source Guard configure to enable or disable with the Port of the switch. 2-5.2.4.1 Configuration This section describes how to configure IP Source Guard setting including：...
Page 92 Kommunikation Max Dynamic Clients :  Specify the maximum number of dynamic clients that can be learned on given port. This value can be 0, 1, 2 or unlimited. If the port mode is enabled and the value of max dynamic client is equal to 0, it means only allow the IP packets forwarding that are matched in static entries on the specific port.
Page 93 Kommunikation 2-5.2.4.2 Static Table The section describes to configure the Static IP Source Guard Table parameters of the switch. You could use the Static IP Source Guard Table configure to manage the entries. Web Interface To configure a Static IP Source Guard Table Configuration in the web interface: 1.
Page 94 Kommunikation values. Publication date: Sept., 2015 Revision A2...
Page 95: 2-5.2.5 Arp Inspection
Kommunikation 2-5.2.5 ARP Inspection The section describes to configure the ARP Inspection parameters of the switch. You could use the ARP Inspection configure to manage the ARP table. 2-5.2.5.1 Configuration This section describes how to configure ARP Inspection setting including：...
Page 96 Kommunikation Disabled: Disable ARP Inspection operation. If you want to inspect the VLAN configuration, you have to enable the setting of "Check VLAN". The default setting of "Check VLAN" is disabled. When the setting of "Check VLAN" is disabled, the log type of ARP Inspection will refer to the port setting. And the setting of "Check VLAN"...
Page 97 Kommunikation 2-5.2.5.2 VLAN Mode Configuration Each page shows up to 9999 entries from the VLAN table, default being 20, selected through the "entries per page" input field. When first visited, the web page will show the first 20 entries from the beginning of the VLAN Table.
Page 98 Kommunikation also can be configured on per VLAN setting. Possible types are: None: Log nothing. Deny: Log denied entries. Permit: Log permitted entries. ALL: Log all entries. Buttons  Add New Entry: Click to add a new VLAN to the ARP Inspection VLAN table.
Page 99 Kommunikation 2-5.2.5.3 Static Table The section describes to configure the Static ARP Inspection Table parameters of the switch. You could use the Static ARP Inspection Table configure to manage the ARP entries. Web Interface To configure a Static ARP Inspection Table Configuration in the web interface: 1.
Page 100 Kommunikation values. Publication date: Sept., 2015 Revision A2...
Page 101 Kommunikation 2-5.2.5.4 Dynamic Table Entries in the Dynamic ARP Inspection Table are shown on this page. The Dynamic ARP Inspection Table contains up to 1024 entries, and is sorted first by port, then by VLAN ID, then by MAC address, and then by IP address.
Page 102 Kommunikation Buttons:  Apply – Click to save changes. Reset- Click to undo any changes made locally and revert to previously saved values. Auto-refresh: Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. Refresh: Refreshes the displayed table starting from the input fields.
Page 103: 2-5.3 Aaa
Kommunikation 2-5.3 AAA This section shows you to use an AAA (Authentication, Authorization, Accounting) server to provide access control to your network. The AAA server can be a TACACS+ or RADIUS server to create and manage objects that contain settings for using AAA servers.
Page 104 Kommunikation Timeout is the number of seconds, in the range 1 to 1000, to wait for a reply from a RADIUS server before retransmitting the request. Retransmit  Retransmit is the number of times, in the range 1 to 1000, a RADIUS request is retransmitted to a server that is not responding.
Page 105 Kommunikation Click to add a new RADIUS server. An empty row is added to the table, and the RADIUS server can be configured as needed. Up to 5 servers are supported. The button can be used to undo the addition of the new server.
Page 106: 2-5.3.2 Tacacs
Kommunikation 2-5.3.2 TACACS+ Web Interface To configure a Common Configuration of AAA, TACACS+ in the web interface: Figure 2-5.3.2: The TACACS+ Authentication Server Configuration Parameter description: Global Configuration These setting are common for all of the TACACS+ servers. Timeout ...
Page 107 Kommunikation  The secret key - up to 63 characters long - shared between the TACACS+ server and the switch. Server Configuration The table has one row for each TACACS+ server and a number of columns, which are: Delete ...
Page 108: Aggregation
Kommunikation 2-6 Aggregation The Aggregation is used to configure the settings of Link Aggregation. You can bundle more than one port with the same speed, full duplex and the same MAC to be a single logical port, thus the logical port aggregates the bandwidth of these ports. This means you can apply your current Ethernet equipment’s to build the bandwidth aggregation.
Page 109 Kommunikation Parameter description: Hash Code Contributors Source MAC Address :  The Source MAC address can be used to calculate the destination port for the frame. Check to enable the use of the Source MAC address, or uncheck to disable.
Page 110 Kommunikation Reset- Click to undo any changes made locally and revert to previously saved values. Publication date: Sept., 2015 Revision A2...
Page 111: 2-6.2 Lacp
Kommunikation 2-6.2 LACP This page allows the user to inspect the current LACP port configurations, and possibly change them as well An LACP trunk group with more than one ready member-ports is a “real trunked” group. An LACP trunk group with only one or less than one ready member-ports is not a “real trunked”...
Page 112 Kommunikation different keys cannot. Role  The Role shows the LACP activity status. The Active will transmit LACP packets each second, while Passive will wait for a LACP packet from a partner (speak if spoken to). Timeout  The Timeout controls the period between BPDU transmissions. Fast will transmit LACP packets each second, while Slow will wait for 30 seconds before sending a LACP packet.
Page 113: Loop Protection
Kommunikation 2-7 Loop Protection The loop Protection is used to detect the presence of traffic. When switch receives packet’s (looping detection frame) MAC address the same as oneself from port, show Loop Protection happens. The port will be locked when it received the looping Proection frames. If you want to resume the locked port, please find out the looping path and take off the looping path, then select the resume the locked port and click on “Resume”...
Page 114 Kommunikation Parameter description: Enable Loop Protection:  Controls whether loop protections is enabled (as a whole). Transmission Time:  The interval between each loop protection PDU sent on each port. valid values are 1 to 10 seconds. Shutdown Time: ...
Page 115: Spanning Tree
Kommunikation 2-8 Spanning Tree The Spanning Tree Protocol (STP) can be used to detect and disable network loops, and to provide backup links between switches, bridges or routers. This allows the switch to interact with other bridging devices (that is, an STP-compliant switch, bridge or router) in your network to ensure that only one route exists between any two stations on the network, and provide backup links which automatically take over when a primary link goes down.
Page 116 Kommunikation Figure 2-8.1: The STP Bridge Configuration Parameter description: Basic Settings Protocol Version :  The STP protocol version setting. Valid values are STP, RSTP and MSTP. Bridge Priority :  Controls the bridge priority. Lower numeric values have better priority. The bridge priority plus the MSTI instance number, concatenated with the 6-byte MAC address of the switch forms a Bridge Identifier.
Page 117 Kommunikation Transmit Hold Count :  The number of BPDU's a bridge port can send per second. When exceeded, transmission of the next BPDU will be delayed. Valid values are in the range 1 to 10 BPDU's per second.
Page 118: 2-8.2 Msti Mapping
Kommunikation 2-8.2 MSTI Mapping When you implement an Spanning Tree protocol on the switch that the bridge instance. The CIST is not available for explicit mapping, as it will receive the VLANs not explicitly mapped. Due to the reason that you need to set the list of VLANs mapped to the MSTI. The VLANs must be separated with comma and/or space.
Page 119 Kommunikation Configuration Identification Configuration Name :  The name identifying the VLAN to MSTI mapping. Bridges must share the name and revision (see below), as well as the VLAN-to-MSTI mapping configuration in order to share spanning trees for MSTI's (Intra-region). The name is at most 32 characters.
Page 120: 2-8.3 Msti Priorities
Kommunikation 2-8.3 MSTI Priorities When you implement a Spanning Tree protocol on the switch that the bridge instance. The CIST is the default instance which is always active. For controls the bridge priority. Lower numeric values have better priority. The bridge priority plus the MSTI instance number,...
Page 121: 2-8.4 Cist Ports
Kommunikation values. 2-8.4 CIST Ports When you implement an Spanning Tree protocol on the switch that the bridge instance. You need to configure the CIST Ports. The section describes it allows the user to inspect the to inspect the current STP CIST port configurations, and possibly change them as well.
Page 122 Kommunikation STP Enabled :  Controls whether STP is enabled on this switch port. Path Cost :  Controls the path cost incurred by the port. The Auto setting will set the path cost as appropriate by the physical link speed, using the 802.1D recommended values.
Page 123 Kommunikation Publication date: Sept., 2015 Revision A2...
Page 124: 2-8.5 Msti Ports
Kommunikation 2-8.5 MSTI Ports The section describes it allows the user to inspect the current STP MSTI port configurations, and possibly change them as well. An MSTI port is a virtual port, which is instantiated separately for each active CIST (physical) port for each MSTI instance configured on and applicable to the port.
Page 125 Kommunikation Port :  The switch port number of the corresponding STP CIST (and MSTI) port. Path Cost :  Controls the path cost incurred by the port. The Auto setting will set the path cost as appropriate by the physical link speed, using the 802.1D recommended values.
Page 126: Ipmc Profile
Kommunikation 2-9 IPMC Profile This page provides IPMC Profile related configurations. 2-9.1 Profile Table The IPMC profile is used to deploy the access control on IP multicast streams. It is allowed to create at maximum 64 Profiles with at maximum 128 corresponding rules for each.
Page 127: 2-9.1.1 Ipmc Profile Rule Settings Table
Kommunikation Parameter description: Port :  The switch port number of the corresponding STP CIST (and MSTI) port. Global Profile Mode  Enable/Disable the Global IPMC Profile. System starts to do filtering based on profile settings only when the global profile mode is enabled.
Page 128 Kommunikation Profile Name  The name of the designated profile to be associated. This field is not editable. Entry Name  The name used in specifying the address range used for this rule. Only the existing profile address entries will be chosen in the selected box. This field is not allowed to be selected as none ("-") while the Rule Settings Table is...
Page 129: 2-9.2 Address Entry
Kommunikation 2-9.2 Address Entry This page provides address range settings used in IPMC profile. The address entry is used to specify the address range that will be associated with IPMC Profile. It is allowed to create at maximum 128 address entries in the system.
Page 130 Kommunikation values. Refresh – Refreshes the displayed table starting from the input fields. << – Updates the table starting from the first entry in the IPMC Profile Address Configuration. >> – Updates the table, starting with the entry after the last entry currently displayed.
Page 131: 2-10Mvr
Kommunikation 2-10MVR The MVR feature enables multicast traffic forwarding on the Multicast VLAN. In a multicast television application, a PC or a television with a set-top box can receive the multicast stream. Multiple set-top boxes or PCs can be connected to one subscriber port, which is a switch port configured as an MVR receiver port.
Page 132 Kommunikation Parameter description: MVR Mode  Enable/Disable the Global MVR. The Unregistered Flooding control depends on the current configuration in IGMP/MLD Snooping. It is suggested to enable Unregistered Flooding control when the MVR group table is full. Delete ...
Page 133 Kommunikation symbol. Port  The logical port for the settings. Port Role  Configure an MVR port of the designated MVR VLAN as one of the following roles. Inactive: The designated port does not participate MVR operations. Source: Configure uplink ports that receive and send multicast data as source ports.
Page 134: Ipmc
Kommunikation 2-11 IPMC ICMP is an acronym for Internet Control Message Protocol. It is a protocol that generated the error response, diagnostic or routing purposes. ICMP messages generally contain information about routing difficulties or simple exchanges such as time-stamp or echo transactions.
Page 135 Kommunikation Parameter description: Snooping Enabled:  Enable the Global IGMP Snooping. Unregistered IPMCv4 Flooding enabled :  Enable unregistered IPMCv4 traffic flooding. IGMP SSM Range :  SSM (Source-Specific Multicast) Range allows the SSM-aware hosts and routers run the SSM service model for the groups in the address range. Format: (IP...
Page 136: 2-11.1.2 Vlan Configuration
Kommunikation 2-11.1.2 VLAN Configuration The section describes the VLAN configuration setting process integrated with IGMP Snooping function. For Each setting page shows up to 99 entries from the VLAN table, default being 20, selected through the "entries per page" input field. When first visited, the web page will show the first 20 entries from the beginning of the VLAN Table.
Page 137 Kommunikation Define the IPv4 address as source address used in IP header for IGMP Querier election. When the Querier address is not set, system uses IPv4 management address of the IP interface associated with this VLAN. When the IPv4 management address is not set, system uses the first available IPv4 management address.
Page 138: 2-11.1.3 Port Filtering Profile
Kommunikation 2-11.1.3 Port Filtering Profile The section describes how to set the IGMP Port Group Filtering? With the IGMP filtering feature, an user can exert this type of control. In some network Application environments, as like the metropolitan or multiple-dwelling unit (MDU) installations, an user might want to control the multicast groups to which a user on a switch port can belong.
Page 139 Kommunikation Profile Management Button :  You can inspect the rules of the designated profile by using the following button: : List the rules associated with the designated profile. Buttons:  Apply – Click to save changes. Reset- Click to undo any changes made locally and revert to previously saved values.
Page 140: 2-11.2 Mld Snooping
Kommunikation 2-11.2 MLD Snooping Curiously enough, a network node that acts as a source of IPv6 multicast traffic is only an indirect participant in MLD snooping—it just provides multicast traffic, and MLD doesn’t interact with it. (Note, however, that in an application like desktop conferencing a network node may act as both a source and an MLD host;...
Page 141 Kommunikation Figure 2-11.2.1: The MLD Snooping Basic Configuration. Parameter description: Snooping Enabled :  Enable the Global MLD Snooping. Unregistered IPMCv6 Flooding enabled :  Enable unregistered IPMCv6 traffic flooding. The flooding control takes effect only when MLD Snooping is enabled.
Page 142 Kommunikation To evoke to enable the fast leave on the port. Router Port :  Specify which ports act as router ports. A router port is a port on the Ethernet switch that leads towards the Layer 3 multicast device or MLD querier. If an aggregation member port is selected as a router port, the whole aggregation will act as a router port.
Page 143: 2-11.2.2 Vlan Configuration
Kommunikation 2-11.2.2 VLAN Configuration When MLD snooping is enabled on a VLAN, the switch acts to minimize unnecessary multicast traffic. If the switch receives multicast traffic destined for a given multicast address, it forwards that traffic only to ports on the VLAN that have MLD hosts for that address. It drops that traffic for ports on the VLAN that have no MLD hosts The will use the last entry of the currently displayed entry as a basis for the next lookup.
Page 144 Kommunikation Compatibility is maintained by hosts and routers taking appropriate actions depending on the versions of IGMP operating on hosts and routers within a network. The allowed selection is IGMP-Auto, Forced IGMPv1, Forced IGMPv2, Forced IGMPv3, default compatibility value is IGMP-Auto.
Page 145: 2-11.2.3 Port Group Filtering
Kommunikation 2-11.2.3 Port Group Filtering The section describes that you could to set the Port Group Filtering in the MLD Snooping function. On the UI that you could add new filtering group and safety policy. Web Interface To configure the MLD Snooping Port Group Configuration in the web interface: 1.
Page 146: Lldp
Kommunikation 2-12 LLDP The switch supports the LLDP. For current information on your switch model, The Link Layer Discovery Protocol (LLDP) provides a standards-based method for enabling switches to advertise themselves to adjacent devices and to learn about adjacent LLDP devices. The Link Layer Discovery Protocol (LLDP) is a vendor-neutral Link...
Page 147 Kommunikation Parameter description: LLDP Parameters Tx Interval :  The switch periodically transmits LLDP frames to its neighbours for having the network discovery information up-to-date. The interval between each LLDP frame is determined by the Tx Interval value. Valid values are restricted to 5 - 32768 seconds.
Page 148 Kommunikation Only CDP TLVs that can be mapped to a corresponding field in the LLDP neighbors’ table are decoded. All other TLVs are discarded ( Unrecognized CDP TLVs and discarded CDP frames are not shown in the LLDP statistics.). CDP TLVs are mapped onto LLDP neighbors’...
Page 149: 2-12.2 Lldp-Med Configuration
Kommunikation 2-12.2 LLDP-MED Configuration Media Endpoint Discovery is an enhancement of LLDP, known as LLDP-MED that provides the following facilities: Auto-discovery of LAN policies (such as VLAN, Layer 2 Priority and Differentiated services (Diffserv) settings) enabling plug and play networking.
Page 150 Kommunikation Parameter description: Fast start repeat count Rapid startup and Emergency Call Service Location Identification Discovery of endpoints is a critically important aspect of VoIP systems in general. In addition, it is best to advertise only those pieces of information which are specifically relevant to particular endpoint types (for...
Page 151 Kommunikation as such does not apply to links between LAN infrastructure elements, including Network Connectivity Devices, or other types of links. Coordinates Location Latitude :  Latitude SHOULD be normalized to within 0-90 degrees with a maximum of 4 digits.
Page 152 Kommunikation Street - Example: Poppelvej. Leading street direction :  Leading street direction - Example: N. Trailing street suffix :  Trailing street suffix - Example: SW. Street suffix :  Street suffix - Example: Ave, Platz. House no. : ...
Page 153 Kommunikation Policies Network Policy Discovery enables the efficient discovery and diagnosis of mismatch issues with the VLAN configuration, along with the associated Layer 2 and Layer 3 attributes, which apply for a set of specific protocol applications on that port. Improper network policy configurations are a very significant issue in VoIP environments that frequently result in voice quality degradation or loss of service.
Page 154 Kommunikation should not be advertised if all the same network policies apply as those advertised in the Guest Voice application policy. 5. Softphone Voice - for use by softphone applications on typical data centric devices, such as PCs or laptops. This class of endpoints frequently does not support multiple VLANs, if at all, and are typically configured to use an 'untagged' VLAN or a single 'tagged' data specific VLAN.
Page 155 Kommunikation Reset- Click to undo any changes made locally and revert to previously saved values. Publication date: Sept., 2015 Revision A2...
Page 156: Mac Table
Kommunikation 2-13 MAC Table Switching of frames is based upon the DMAC address contained in the frame. The switch builds up a table that maps MAC addresses to switch ports for knowing which ports the frames should go to ( based upon the DMAC address in the frame ). This table contains both static and dynamic entries.
Page 157 Kommunikation Parameter description: Aging Configuration :  By default, dynamic entries are removed from the MAC table after 300 seconds. This removal is also called aging. Configure aging time by entering a value here in seconds; for example, Age time seconds.
Page 158 Kommunikation Reset- Click to undo any changes made locally and revert to previously saved values. Publication date: Sept., 2015 Revision A2...
Page 159: Vlans
Kommunikation 2-14 VLANs To assign a specific VLAN for management purpose. The management VLAN is used to establish an IP connection to the switch from a workstation connected to a port in the VLAN. This connection supports a VSM, SNMP, and Telnet session. By default, the active management VLAN is VLAN 1, but you can designate any VLAN as the management VLAN using the Management VLAN window.
Page 160 Kommunikation This field specifies the ethertype/TPID (specified in hexadecimal) used for Custom S-ports. The setting is in force for all ports whose Port Type is set to S-Custom-Port. Port VLAN Configuration Port :  This is the logical port number of this row.
Page 161 Kommunikation S-Port: On ingress, frames with a VLAN tag with TPID = 0x8100 or 0x88A8 get classified to the VLAN ID embedded in the tag. If a frame is untagged or priority tagged, the frame gets classified to the Port VLAN.
Page 162 Kommunikation syntax used in the Existing VLANs field. By default, the field is left blank, which means that the port may become a member of all possible VLANs. Publication date: Sept., 2015 Revision A2...
Page 163: Private Vlans
Kommunikation 2-15 Private VLANs In a private VLAN, communication between ports in that private VLAN is not permitted. A VLAN can be configured as a private VLAN. 2-15.1 VLAN Membership The VLAN membership configuration for the selected stack switch unit switch can be monitored and modified here.
Page 164 Kommunikation A VLAN without any port members on any stack unit will be deleted when you click "Save". The button can be used to undo the addition of new VLANs. Buttons:  Apply – Click to save changes. Reset- Click to undo any changes made locally and revert to previously saved values.
Page 165: 2-15.2 Port Isolation
Kommunikation 2-15.2 Port Isolation Port Isolation provides for an apparatus and method to isolate ports on layer 2 switches on the same VLAN to restrict traffic flow. The apparatus comprises a switch having said plurality of ports, each port configured as a protected port or a non-protected port. An address table memory stores an address table having a destination address and port number pair.
Page 166: Vcl
Kommunikation 2-16 VCL 2-16.1 MAC-based VLAN MAC address-based VLAN decides the VLAN for forwarding an untagged frame based on the source MAC address of the frame. A most common way of grouping VLAN members is by port, hence the name port-based VLAN.
Page 167 Kommunikation Indicates the VLAN ID. Port Members :  A row of check boxes for each port is displayed for each MAC-based VLAN entry. To include a port in a MAC-based VLAN, check the box. To remove or exclude the port from the MAC-based VLAN, make sure the box is unchecked.
Page 168: 2-16.2 Protocol -Based Vlan
Kommunikation 2-16.2 Protocol -based VLAN This section describe Protocol -based VLAN, The Switch support Protocol include Ethernet LLC SNAP Protocol, The Logical Link Control (LLC) data communication protocol layer is the upper sub-layer of the Data Link Layer (which is itself layer 2, just above the Physical Layer) in the seven-layer OSI reference model.
Page 169 Kommunikation Ethernet SNAP On changing the Frame type field, valid value of the following text field will vary depending on the new frame type you selected. Value :  Valid value that can be entered in this text field depends on the option selected from the the preceding Frame Type selection menu.
Page 170: 2-16.2.2 Group To Vlan
Kommunikation 2-16.2.2 Group to VLAN This section allows you to map a already configured Group Name to a VLAN for the selected stack switch unit switch . Web Interface To Display Group Name to VLAN mapping table configured in the web interface: Click Group Name VLAN configuration and add new entry.
Page 171: 2-16.3 Ip Subnet-Based Vlan
Kommunikation Upper right icon (Refresh):  You can click them for refresh the Protocol Group Mapping information by manual. 2-16.3 IP Subnet-based VLAN The IP subnet-based VLAN entries can be configured here. This page allows for adding, updating and deleting IP subnet-based VLAN entries and assigning the entries to different ports.
Page 172 Kommunikation The IP subnet-based VLAN entry is enabled on the selected stack switch unit when you click on "Save". The “Delete” button can be used to undo the addition of new IP subnet-based VLANs. The maximum possible IP subnet-based VLAN entries are limited to 128.
Page 173: Voice Vlan
Kommunikation 2-17 VOICE VLAN Voice VLAN is VLAN configured specially for voice traffic. By adding the ports with voice devices attached to voice VLAN, we can perform QoS-related configuration for voice data, ensuring the transmission priority of voice traffic and voice quality.
Page 174 Kommunikation Parameter description: Mode :  Indicates the Voice VLAN mode operation. We must disable MSTP feature before we enable Voice VLAN. It can avoid the conflict of ingress filtering. Possible modes are: Enabled: Enable Voice VLAN mode operation.
Page 175: 2-17.2 Oui
Kommunikation 2-17.2 OUI The section describes to Configure VOICE VLAN OUI table . The maximum entry number is 16. Modifying the OUI table will restart auto detection of OUI process. Web Interface To configure Voice VLAN OUI Table in the web interface: Select “Add new entry”...
Page 176: Qos
Kommunikation 2-18 QoS The switch support four QoS queues per port with strict or weighted fair queuing scheduling. It supports QoS Control Lists (QCL) for advance programmable QoS classification, based on IEEE 802.1p, Ethertype, VID, IPv4/IPv6 DSCP and UDP/TCP ports and ranges.
Page 177 Kommunikation priority. A CoS of 0 (zero) has the lowest priority. If the port is VLAN aware, the frame is tagged and Tag Class. is enabled, then the frame is classified to a CoS that is mapped from the PCP and DEI value in the tag. Otherwise the frame is classified to the default CoS.
Page 178 Kommunikation Publication date: Sept., 2015 Revision A2...
Page 179: 2-18.2 Port Policing
Kommunikation 2-18.2 Port Policing This section provides an overview of f QoS Ingress Port Policers for all switch ports The Port Policing is useful in constraining traffic flows and marking frames above specific rates. Policing is primarily useful for data flows and voice or video flows because voice and video usually...
Page 180: 2-18.4 Port Schedulers
Kommunikation values. 2-18.4 Port Schedulers This section provides an overview of QoS Egress Port Schedulers for all switch ports. and the ports belong to the currently selected stack unit, as reflected by the page header. Web Interface To display the QoS Port Schedulers in the web interface: 1.
Page 181 Kommunikation If you select the scheduler mode with wighted then the screen will change as the figure. Parameter description: Port :  The logical port for the settings contained in the same row. Click on the port number in order to configure the schedulers.
Page 182 Kommunikation Controls whether the queue is allowed to use excess bandwidth. Queue Scheduler Weight :  Controls the weight for this queue. The default value is "17". This value is restricted to 1-100. This parameter is only shown if "Scheduler Mode" is set to "Weighted".
Page 183: 2-18.5 Port Shaping
Kommunikation 2-18.5 Port Shaping This section provides an overview of QoS Egress Port Shapers for all switch ports. Others the user could get all detail information ot the ports belong to the currently selected stack unit, as reflected by the page header.
Page 184 Kommunikation If you select the scheduler mode with wighted then the screen will change as the figure. Parameter description: Port :  The logical port for the settings contained in the same row. Click on the port number in order to configure the shapers.
Page 185 Kommunikation value is "kbps". Queue Shaper Excess :  Controls whether the queue is allowed to use excess bandwidth. Queue Scheduler Weight :  Controls the weight for this queue. The default value is "17". This value is restricted to 1-100.
Page 186: 2-18.6 Port Tag Remarking
Kommunikation 2-18.6 Port Tag Remarking The Section provides user to get an overview of QoS Egress Port Tag Remarking for all switch ports. Others the ports belong to the currently selected stack unit, as reflected by the page header. .
Page 187 Kommunikation Parameter description: Mode :  Controls the tag remarking mode for this port. Classified: Use classified PCP/DEI values. Default: Use default PCP/DEI values. Mapped: Use mapped versions of QoS class and DP level. PCP/DEI Configuration :  Controls the default PCP and DEI values used when the mode is set to Default.
Page 188 Kommunikation (QoS class, DP level) to (PCP, DEI) Mapping :  Controls the mapping of the classified (QoS class, DP level) to (PCP, DEI) values when the mode is set to Mapped. Buttons:  Apply – Click to save changes.
Page 189: 2-18.7 Port Dscp
Kommunikation 2-18.7 Port DSCP The section will teach user to set the QoS Port DSCP configuration that was allowed you to configure the basic QoS Port DSCP Configuration settings for all switch ports. Others the settings relate to the currently selected stack unit, as reflected by the page header.
Page 190 Kommunikation Egress :  Port Egress Rewriting can be one of below parameters  Disable: No Egress rewrite.  Enable: Rewrite enable without remapped.  Remap: DSCP from analyzer is remapped and frame is remarked with remapped DSCP value.
Page 191: 2-18.8 Dscp-Based Qos
Kommunikation 2-18.8 DSCP-Based QoS The section will teach user to configure the DSCP-Based QoS mode that This page allows you to configure the basic QoS DSCP based QoS Ingress Classification settings for all switches. Web Interface To configure the DSCP –Based QoS Ingress Classification parameters in the web interface: 1.
Page 192 Kommunikation Parameter description: DSCP :  Maximum number of support ed DSCP values are 64. Trust :  Click to check if the DSCP value is trusted. QoS Class :  QoS Class value can be any of (0-7) DPL : ...
Page 193: 2-18.9 Dscp Translation
Kommunikation 2-18.9 DSCP Translation The section describes the swtich allows you to configure the basic QoS DSCP Translation settings for all switches. DSCP translation can be done in Ingress or Egress. Web Interface To configure the DSCP Translation parameters in the web interface: 1.
Page 194 Kommunikation Parameter description: DSCP :  Maximum number of supported DSCP values are 64 and valid DSCP value ranges from 0 to Ingress :  Ingress side DSCP can be first translated to new DSCP before using the DSCP for QoS class and DPL map.
Page 195: 2-18.10 Dscp Classification
Kommunikation 2-18.10 DSCP Classification The section describes to teach user to configure and allows you to map DSCP value to a QoS Class and DPL value. Others the settings relate to the currently selected stack unit, as reflected by the page header.
Page 196 Kommunikation Publication date: Sept., 2015 Revision A2...
Page 197: 2-18.11 Qos Control List Configuration
Kommunikation 2-18.11 QoS Control List Configuration The section shows the QoS Control List(QCL), which is made up of the QCEs. Each row describes a QCE that is defined. The maximum number of QCEs is 256 on each switch. Click on the lowest plus sign to add a new QCE to the list.
Page 198 Kommunikation Indicates the list of ports configured with the QCE. DMAC :  Indicates the destination MAC address. Possible values are: Any: Match any DMAC. Unicast: Match unicast DMAC. Multicast: Match multicast DMAC. Broadcast: Match broadcast DMAC. <MAC>: Match specific DMAC.
Page 199 Kommunikation : Inserts a new QCE before the current row. Edits the QCE. : Moves the QCE up the list. : Moves the QCE down the list. : Deletes the QCE. : The lowest plus sign adds a new entry at the bottom of the QCE listings.
Page 200 Kommunikation 0-63 including BE, CS1-CS7, EF or AF11-AF43 IP Fragment IPv4 frame fragmented option: yes|no|any Sport Source TCP/UDP port:(0-65535) or 'Any', specific or port range applicable for IP protocol UDP/TCP Dport Destination TCP/UDP port:(0-65535) or 'Any', specific or port range applicable for IP protocol UDP/TCP 6.
Page 201: 2-18.12 Storm Control
Kommunikation 2-18.12 Storm Control The section allows user to configure the Storm control for the switch. There is a unicast storm rate control, multicast storm rate control, and a broadcast storm rate control. These only affect flooded frames, i.e. frames with a (VLAN ID, DMAC) pair not present on the MAC Address table.
Page 202 Kommunikation Buttons:  Apply – Click to save changes. Reset- Click to undo any changes made locally and revert to previously saved values. Publication date: Sept., 2015 Revision A2...
Page 203: 2-18.13 Wred
Kommunikation 2-18.13 WRED The section allows user to configure the WRED function for the switch. This page allows you to configure the Random Early Detection (RED) settings for queue 0 to 5. RED cannot be applied to queue 6 and 7.
Page 204 Kommunikation Controls the drop probability for frames marked with Drop Precedence Level 3 when the average queue filling level is 100%. This value is restricted to 0-100. NOTE: RED Drop Probability Function The following illustration shows the drop probability function with associated parameters.
Page 205: Mirror
Kommunikation 2-19 Mirror You can mirror traffic from any source port to a target port for real-time analysis. You can then attach a logic analyzer or RMON probe to the target port and study the traffic crossing the source port in a completely unobtrusive manner.
Page 206 Kommunikation Parameter description: Port to mirror on :  Port to mirror also known as the mirror port. Frames from ports that have either source (rx) or destination (tx) mirroring enabled are mirrored on this port. Disabled disables mirroring.
Page 207: Upnp
Kommunikation 2-20 UPnP UPnP is an acronym for Universal Plug and Play. The goals of UPnP are to allow devices to connect seamlessly and to simplify the implementation of networks in the home (data sharing, communications, and entertainment) and in corporate environments for simplified installation...
Page 208 Kommunikation Reset- Click to undo any changes made locally and revert to previously saved values. Publication date: Sept., 2015 Revision A2...
Page 209: Gvrp
Kommunikation 2-21. GVRP The Generic Attribute Registration Protocol (GARP) provides a generic framework whereby devices in a bridged LAN, e.g. end stations and switches, can register and de-register attribute values, such as VLAN Identifiers, with each other. In doing so, the attributes are propagated to devices in the bridged LAN, and these devices form a ¡°reachability¡±...
Page 210 Kommunikation Enable GVRP globally The GVRP feature is enabled by setting the check mark in the checkbox named Enable GVRP. GVRP protocol timers Join-time is a value in the range 1-20 in the units of centi seconds, i.e. in units of one hundredth of a second.
Page 211: 2-21.2 Port Config
Kommunikation 2-21.2 Port Config This page allows you to configure the basic GVRP Configuration settings for all switch ports. The settings relate to the currently selected unit, as reflected by the page header. Web Interface To configure the sFlow Agent in the web interface: 1.
Page 212: Sflow
Kommunikation 2-22. sFlow The sFlow Collector configuration for the can be monitored and modified here. The switch configuration is divided into two parts: Configuration of the sFlow receiver (a.k.a. sFlow collector) and configuration of per-port flow and counter samplers.
Page 213 Kommunikation Parameter description: Agent Configuration IP Address  The IP address used as Agent IP address in sFlow datagrams. It serves as a unique key that will identify this agent over extended periods of time. Both IPv4 and IPv6 addresses are supported.
Page 214 Kommunikation Flow Sampler Max. Header  The maximum number of bytes that should be copied from a sampled packet to the sFlow datagram. Valid range is 14 to 200 bytes with default being 128 bytes. If the maximum datagram size does not take into account the maximum header size, samples may be dropped.
Page 215: Switch2Go
Kommunikation 2-23 Switch2go 2-23.1 Switch2go setting Configure Switch2go management and link setting. Web Interface To configure Switch2go setting in the web interface: Click Configuration, Switch2go and and Switch2go setting. Set the parameters Click Apply. Figure 2-23.1: The Switch2go setting...
Page 216: 2-23.2 User Link Management
Kommunikation Indicates the IPv4 host address of server. If the switch provide DNS feature, it also can be a host name. Server State :  Report network information between Switch and Server. Link Option :  Indicates the Link Option operation.
Page 217 Kommunikation Parameter description: Mobile 1 ~ 3 :  Information about the mobile devices which can access this switch. User Mode :  Assign This Activity Code Privilege Level. Activity Code :  The Activity Code to register the mobile device to the Switch2go Setting Server.
Page 218: 2-23.3 Port Name Service
Kommunikation 2-23.3 Port Name Service This page displays current port name and role. Web Interface To configure Port Name Service in the web interface: Click Configuration, Switch2go and and Port Name Servic Specify the detail Port Name and set the Role.
Page 219: Chapter 3. Monitor
2. Check the contact information for the system administrator as well as the name and location of the switch. Also indicate the local time zone by configuring the appropriate offset. 3. Click the “Refresh” Figure 3-1.1: System Information (RY-LGSO25-24 Series for example, others model the same) Publication date: Sept., 2015 Revision A2...
Page 220 Kommunikation Parameter description: Model Name  Model Name will show RY-LGSO25-24 by different models System Description  Displays the system description. Location  The system location configured in Configuration | System | Information | System Location. Contact  The system contact configured in Configuration | System | Information | System Contact.
Page 221: 3-1.3 Ip Status
Kommunikation 3-1.3 IP Status This page displays the status of the IP protocol layer. The status is defined by the IP interfaces, the IP routes and the neighbour cache (ARP cache) status. Web Interface To display the log configuration in the web interface: 1.
Page 222 Kommunikation Show the status flags of the interface (and/or address). IP Routes Network  Show the destination IP network or host address of this route. Gateway  Show the gateway address of this route. Status  Show the status flags of the route.
Page 223: 3-1.4 Log
Kommunikation 3-1.4 Log This section describes that display the system log information of the switch Web Interface To display the log configuration in the web interface: 1. Click Monitor, System and Log. 2. Display the log information. Figure 3- 1.3: The System Log Information...
Page 224 Kommunikation Auto-refresh: Check this box to refresh the page automatically. Automatic refresh occurs every seconds. Refresh: Updates the system log entries, starting from the current entry ID. Clear: Flushes the selected log entries. |<<: Updates the system log entries, starting from the first available entry ID.
Page 225: 3-1.5 Detailed Log
Kommunikation 3-1.5 Detailed Log This section describes that display the detailed log information of the switch Web Interface To display the detailed log configuration in the web interface: 1. Click Monitor, System and Detailed Log. 2. Display the log information.
Page 226: Green Ethernet
Kommunikation 3-2 Green Ethernet 3-2.1 Port Power Savings This page provides the current status for EEE. Web Interface To display the power Saving in the web interface: 1. Click Monitor, Port Power Savings. Figure 3- 2.1: The Ports States...
Page 227: Ports
Kommunikation 3-3 Ports The section describes to configure the Port detail parameters of the switch. Others you could using the Port configure to enable or disable the Port of the switch. Monitor the ports content or status in the function.
Page 228 Kommunikation The number of received frames filtered by the forwarding Buttons  Auto-refresh: Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. Refresh: Click to refresh the page. Clear: Clears the counters for all ports.
Page 229: 3-3.2 Qos Statistics
Kommunikation 3-3.2 Qos Statistics The section describes that switch could display the QoS detailed Queuing counters for a specific switch port. for the different queues for all switch ports. Web Interface To Display the Queuing Counters in the web interface: 1.
Page 230: 3-3.3 Qcl Status
Kommunikation 3-3.3 QCL Status The section will let you know how to configure and shows the QCL status by different QCL users. Each row describes the QCE that is defined. It is a conflict if a specific QCE is not applied to the hardware due to hardware limitations. The maximum number of QCEs is 256 on each switch.
Page 231 Kommunikation DPL: Drop Precedence Level; if a frame matches the QCE then DP level will set to value displayed under DPL column. DSCP: If a frame matches the QCE then DSCP will be classified with the value displayed under DSCP column.
Page 232: 3-3.4 Detailed Statistics
Kommunikation 3-3.4 Detailed Statistics The section describes how to provide detailed traffic statistics for a specific switch port. Use the port select box to select which switch port details to display. The displayed counters are the totals for receive and transmit, the size counters for receive and transmit, and the error counters for receive and transmit.
Page 233 Kommunikation Parameter description: Auto-refresh:  To evoke the auto-refresh to refresh the Port Statistics information automatically. Upper left scroll bar:  To scroll which port to display the Port statistics with “Port-0”, “Port-1... Receive Total and Transmit Total Rx and Tx Packets : ...
Page 234 Kommunikation A count of the MAC Control frames received or transmitted on this port that have an opcode indicating a PAUSE operation. Receive and Transmit Size Counters The number of received and transmitted (good and bad) packets split into categories based on their respective frame sizes.
Page 235 Kommunikation Refresh: Click to refresh the page. Publication date: Sept., 2015 Revision A2...
Page 236: Dhcp
Kommunikation 3-4 DHCP 3-4.1 Server DHCP Server is used to allocate network addresses and deliver configuration parameters to dynamically configured hosts called DHCP client. 3-4.1.1 Statistics This page displays the database counters and the number of DHCP messages sent and received by DHCP server.
Page 237: 3-4.1.2 Binding
Kommunikation Manual Binding :  Number of bindings that administrator assigns an IP address to a client. That is, the pool is of host type. Expired Binding :  Number of bindings that their lease time expired or they are cleared from Automatic/Manual type bindings.
Page 238: 3-4.1.3 Declined Ip
Kommunikation Type of binding. Possible types are Automatic, Manual, Expired. State :  State of binding. Possible states are Committed, Allocated, Expired. Pool Name :  The pool that generates the binding. Server ID :  Server IP address to service the binding.
Page 239: 3-4.2 Snooping Table
Kommunikation 3-4.2 Snooping Table This page display the dynamic IP assigned information after DHCP Snooping mode is disabled. All DHCP clients obtained the dynamic IP address from the DHCP server will be listed in this table except for local VLAN interface IP addresses. Entries in the Dynamic DHCP snooping Table are shown on this page.
Page 240: 3-4.3 Relay Statistics
Kommunikation 3-4.3 Relay Statistics This page provides statistics for DHCP relay. Web Interface To monitor an DHCP Relay statistics in the web interface: Click Monitor, DHCP, Relay Statistics Figure 3-4.3: The DHCP relay statistics Parameter description: Server Statistics Transmit to Server : ...
Page 241 Kommunikation Transmit Error :  The number of packets that resulted in error while being sent to servers. Receive from Client :  The number of received packets from server. Receive Agent Option :  The number of received packets with relay agent information option.
Page 242: 3-4.4 Detailed Statistics
Kommunikation 3-4.4 Detailed Statistics This page provides statistics for DHCP snooping. Notice that the normal forward per-port TX statistics isn't increased if the incoming DHCP packet is done by L3 forwarding mechanism. And clear the statistics on specific port may not take effect on global statistics since it gathers the different layer overview.
Page 243 Kommunikation The number of NAK (option 53 with value 6) packets received and transmitted. Rx and Tx Release:  The number of release (option 53 with value 7) packets received and transmitted. Rx and Tx Inform:  The number of inform (option 53 with value 8) packets received and transmitted.
Page 244: Security
Kommunikation 3-5 Security 3-5.1 Access Management Statistics This section shows you a detailed statistics of the Access Management including HTTP, HTTPS, SSH. TELNET, ans SSH. Web Interface To configure an Assess Management Statistics in the web interface: 1. Click , Access Management Statistics.
Page 245: 3-5.2 Network
Kommunikation 3-5.2 Network 3-5.2.1 Port Security 3-5.2.1.1 Switch This section shows the Port Security status. Port Security is a module with no direct configuration. Configuration comes indirectly from other modules - the user modules. When a user module has enabled port security on a port, the port is set-up for software-based learning.
Page 246 Kommunikation A one-letter abbreviation of the user module. This is used in the Users column in the port status table. Port Status :  The table has one row for each port on the selected switch and a number of columns, which...
Page 247 Kommunikation 3-5.2.1.2 Port This section shows the MAC addresses secured by the Port Security module. Port Security is a module with no direct configuration. Configuration comes indirectly from other modules - the user modules. When a user module has enabled port security on a port, the port is set-up for software-based learning.
Page 248 Kommunikation Auto-refresh: Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. Refresh: Click to refresh the page. Publication date: Sept., 2015 Revision A2...
Page 249: 3-5.2.2 Nas
Kommunikation 3-5.2.2 NAS 3-5.2.2.1 Switch The section describes to show the each port NAS status information of the switch.The status includes Admin State Port State, Last Source, Last ID, QoS Class, and Port VLAN ID. Web Interface To configure a NAS Switch Status Configuration in the web interface: Click Security, Network, NAS,then Port.
Page 250 Kommunikation overridden by NAS. If the VLAN ID is assigned by the RADIUS server, "(RADIUS-assigned)" is appended to the VLAN ID. Read more about RADIUS-assigned VLANs here. If the port is moved to the Guest VLAN, "(Guest)" is appended to the VLAN ID. Read more about Guest VLANs here.
Page 251 Kommunikation 3-5.2.2.2 Port The section describes to provides detailed NAS statistics for a specific switch port running EAPOL-based IEEE 802.1X authentication. For MAC-based ports, it shows selected backend server (RADIUS Authentication Server) statistics, only Web Interface To configure a NAS Port Status Configuration in the web interface: 1.
Page 252 Kommunikation • Single 802.1X • Multi 802.1X Backend Server Counters :  These backend (RADIUS) frame counters are available for the following administrative states: • Port-based 802.1X • Single 802.1X • Multi 802.1X • MAC-based Auth. Last Supplicant/Client Info : ...
Page 253 Kommunikation Last Authentication :  Shows the date and time of the last authentication of the client (successful as well as unsuccessful). Buttons  Auto-refresh: Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds.
Page 254 Kommunikation 3-5.2.3 ACL Status The section describes how to shows the ACL status by different ACL users. Each row describes the ACE that is defined. It is a conflict if a specific ACE is not applied to the hardware due to hardware limitations. The maximum number of ACEs is 512 on each switch.
Page 255 Kommunikation Deny: Frames matching the ACE are dropped. Filter: Frames matching the ACE are filtered. Rate Limiter :  Indicates the rate limiter number of the ACE. The allowed range is 1 to 16. When Disabled is displayed, the rate limiter operation is disabled.
Page 256: 3-5.2.3 Acl Status
Kommunikation 3-5.2.3 ACL Status The section describes how to shows the ACL status by different ACL users. Each row describes the ACE that is defined. It is a conflict if a specific ACE is not applied to the hardware due to hardware limitations.
Page 257: 3-5.2.4 Arp Inspection
Kommunikation IPv6: The ACE will match all IPv6 standard frames. Action :  Indicates the forwarding action of the ACE. Permit: Frames matching the ACE may be forwarded and learned. Deny: Frames matching the ACE are dropped. Filter: Frames matching the ACE are filtered.
Page 258: 3-5.2.5 Ip Source Guard
Kommunikation Figure 3-5.2.4: The Dynamic ARP Inspection Table Parameter description: Navigating the ARP Inspection Table : Each page shows up to 99 entries from the Dynamic ARP Inspection table, default being 20, selected through the "entries per page" input field. When first visited, the web page will show the first 20 entries from the beginning of the Dynamic ARP Inspection Table.
Page 259 Kommunikation To configure a Dynamic IP Source Guard Table Configuration in the web interface: 1. Click Security, Network, IP Source Guard. Checked “Auto-refresh”. 3. Click “ Refresh“ to refresh the port detailed statistics. 4. Specify the Start from port, VLAN ID, IP Address, and entries per page.
Page 260: 3-5.3 Aaa
Kommunikation 3-5.3 AAA 3-5.3.1 RADIUS Overview This section shows you an overview of the RADIUS Authentication and Accounting servers status to ensure the function is workable. Web Interface To configure a RADIUS Overview Configuration in the web interface: Click Security, AAA, then RADIUS Overview.
Page 261 Kommunikation Not Ready: The server is enabled, but IP communication is not yet up and running. Ready: The server is enabled, IP communication is up and running, and the RADIUS module is ready to accept access attempts. Dead (X seconds left): Access attempts were made to this server, but it did not reply within the configured timeout.
Page 262: 3-5.3.2 Radius Details
Kommunikation 3-5.3.2 RADIUS Details This section shows you an detailed statistics for a particular RADIUS server. Web Interface To configure a RADIUS Details Configuration in the web interface: Specify Port which want to check. Click Security, AAA, then RADIUS Overview.
Page 263 Kommunikation Parameter description: RADIUS Authentication Statistics The statistics map closely to those specified in RFC4668 - RADIUS Authentication Client MIB. Use the server select box to switch between the backend servers to show details for. Packet Counters RADIUS authentication server packet counter. There are seven receive and four transmit counters.
Page 264 Kommunikation authentication server. The number of RADIUS Access-Request packets destined for the server that have not yet timed out or received a response. This variable Pending radiusAuthClientExtPendingR is incremented when an Access-Request is sent Requests equests and decremented due to receipt of an Access-Accept, Access-Reject, Access-Challenge, timeout, or retransmission.
Page 265 Kommunikation cators containing invalid authenticators received Authenticators from the server. The number of RADIUS packets of radiusAccClientExtUnknownTy Unknown Types unknown types that were received from the server on the accounting port. The number of RADIUS packets that radiusAccClientExtPacketsDrop were received from the server on the...
Page 266 Kommunikation Auto-refresh –Check this box to enable an automatic refresh of the page at regular intervals. Refresh - Click to refresh the page immediately. Clear - Clears the counters for the selected server. The "Pending Requests" counter will not be cleared by this operation.
Page 267: 3-5.4 Switch
Kommunikation 3-5.4 Switch 3-5.4.1 RMON 3-5.4.1.1 Statistics This section provides an overview of RMON Statistics entries. Each page shows up to 99 entries from the Statistics table, default being 20, selected through the "entries per page" input field. When first visited, the web page will show the first 20 entries from the beginning of the Statistics table.
Page 268 Kommunikation Broad-cast  he total number of good packets received that were directed to the broadcast address. Multi-cast  The total number of good packets received that were directed to a multicast address. CRC Errors  The total number of packets received that had a length (excluding framing bits, but including...
Page 269 Kommunikation >> : Updates the table, starting with the entry after the last entry currently displayed. Publication date: Sept., 2015 Revision A2...
Page 270 Kommunikation 3-5.4.1.2 History This section provides an overview of RMON History entries. Each page shows up to 99 entries from the History table, default being 20, selected through the "entries per page" input field. When first visited, the web page will show the first 20 entries from the beginning of the History table.
Page 271 Kommunikation The total number of packets (including bad packets, broadcast packets, and multicast packets) received. Broadcast  The total number of good packets received that were directed to the broadcast address. Multicast  The total number of good packets received that were directed to a multicast address.
Page 272 Kommunikation 3-5.4.1.3 Alarm This page provides an overview of RMON Alarm entries. Each page shows up to 99 entries from the Alarm table, default being 20, selected through the "entries per page" input field. When first visited, the web page will show the first 20 entries from the beginning of the Alarm table.
Page 273 Kommunikation Rising Index  Rising event index. Falling Threshold  Falling threshold value. Falling Index  Falling event index. Buttons  Auto-refresh: Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. Refresh: Click to refresh the page immediately.
Page 274 Kommunikation 3-5.4.1.4 Event This page provides an overview of RMON Event table entries.Each page shows up to 99 entries from the Event table, default being 20, selected through the "entries per page" input field. When first visited, the web page will show the first 20 entries from the beginning of the Event table.
Page 275 Kommunikation >>: Updates the table, starting with the entry after the last entry currently displayed Publication date: Sept., 2015 Revision A2...
Page 276: Lacp
Kommunikation 3-6 LACP 3-6.1 System Status This section describes that when you complete to set LACP function on the switch then it provides a status overview for all LACP instances Web Interface To display the LACP System status in the web interface: Click Monitor, LACP, System Status Checked “Auto-refresh”.
Page 277: 3-6.2 Port Status
Kommunikation 3-6.2 Port Status This section describes that when you complete to set LACP function on the switch then it provides a Port Status overview for all LACP instances Web Interface To display the LACP Port status in the web interface: 1.
Page 278 Kommunikation Auto-refresh: Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. Refresh: Click to refresh the page. Publication date: Sept., 2015 Revision A2...
Page 279: 3-6.3 Port Statistics
Kommunikation 3-6.3 Port Statistics This section describes that when you complete to set LACP function on the switch then it provides a Port Statistics overview for all LACP instances Web Interface To display the LACP Port status in the web interface: 1.
Page 280: Loop Protection
Kommunikation 3-7 Loop Protection This section displays the loop protection port status the ports of the currently selected switch. Web Interface To display the Loop Protection status in the web interface: 1. Click Monitor, Loop Protection 2. If you want to auto-refresh the information then you need to evoke the “Auto refresh”.
Page 281: Spanning Tree
Kommunikation 3-8 Spanning Tree 3-8.1 Bridge Status After you complete the MSTI Port configuration the you could to ask the switch display the Bridge Status. The Section provides a status overview of all bridge instances. The displayed table contains a row for each STP bridge instance, where the column displays the...
Page 282 Kommunikation Refresh: Click to refresh the page. Publication date: Sept., 2015 Revision A2...
Page 283: 3-8.2 Port Status
Kommunikation 3-8.2 Port Status After you complete the STP configuration the you could to ask the switch display the STP Port Status. The Section provides you to ask switch to display the STP CIST port status for physical ports of the currently selected switch.:...
Page 284: 3-8.3 Port Statistics
Kommunikation 3-8.3 Port Statistics After you complete the STP configuration then you could to let the switch display the STP Statistics. The Section provides you to ask switch to display the STP Statistics detail counters of bridge ports in the currently selected switch.
Page 285 Kommunikation Publication date: Sept., 2015 Revision A2...
Page 286: Mvr
Kommunikation 3-9 MVR 3-9.1 Statistics The section describes the switch will display the MVR detail Statistics after you had configured MVR on the switch. It provides the detail MVR Statistics Information Web Interface To display the MVR Statistics Information in the web interface: 1.
Page 287: 3-9.2 Mvr Channels Groups
Kommunikation 3-9.2 MVR Channels Groups The section describes user could display the MVR Groups detail information on the switch. Entries in the MVR Group Table are shown on this page. The MVR Group Table is sorted first by VLAN ID, and then by group...
Page 288 Kommunikation Auto-refresh: Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. Refresh: Click to refresh the page. |<<: Updates the system log entries to the first available entry ID >> : Updates the system log entry to the next available entry ID Publication date: Sept., 2015...
Page 289: 3-9.3 Mvr Sfm Information
Kommunikation 3-9.3 MVR SFM Information The MVR SFM (Source-Filtered Multicast) Information Table also contains the SSM (Source-Specific Multicast) information. This table is sorted first by VLAN ID, then by group, and then by Port. Different source addresses belong to the same group are treated as single entry.
Page 290 Kommunikation Indicates the filtering mode maintained per (VLAN ID, port number, Group Address) basis. It can be either Include or Exclude. Source Address  IP Address of the source. Currently, system limits the total number of IP source addresses for filtering to be 128. When there is no any source filtering address, the text "None"...
Page 291: Ipmc
Kommunikation 3-10 IPMC 3-10.1 IGMP Snooping 3-10.1.1 Status After you complete the IGMP Snooping configuration, then you could to let the switch display the IGMP Snooping Status. The Section provides you to let switch to display the IGMP Snooping detail status.
Page 292 Kommunikation The number of Transmitted Queries. Queries Received :  The number of Received Queries. V1 Reports Received :  The number of Received V1 Reports. V2 Reports Received :  The number of Received V2 Reports. V3 Reports Received : ...
Page 293: 3-10.1.2 Group Information
Kommunikation 3-10.1.2 Group Information After you complete to set the IGMP Snooping function then you could let the switch to display the IGMP Snooping Group Information. Entries in the IGMP Group Table are shown on this page. The IGMP Group Table is sorted first by VLAN ID, and then by group. The will use the last entry of the currently displayed table as a basis for the next lookup.
Page 294 Kommunikation Buttons  Auto-refresh: Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. Refresh: Click to refresh the page. |<<: Updates the system log entries to the first available entry ID >> : Updates the system log entry to the next available entry ID Publication date: Sept., 2015...
Page 295: 3-10.1.3 Ipv4 Sfm Information
Kommunikation 3-10.1.3 IPv4 SFM Information Entries in the IGMP SFM Information Table are shown on this page. The IGMP SFM (Source-Filtered Multicast) Information Table also contains the SSM (Source-Specific Multicast) information. This table is sorted first by VLAN ID, then by group, and then by Port. Different source addresses belong to the same group are treated as single entry.
Page 296 Kommunikation can be either Include or Exclude. Source Address :  IP Address of the source. Currently, system limits the total number of IP source addresses for filtering to be 128. Type :  Indicates the Type. It can be either Allow or Deny.
Page 297: 3-10.2 Mld Snooping
Kommunikation 3-10.2 MLD Snooping 3-10.2.1 Status The section describes when you complete the MLD Snooping and how to display the MLD Snooping Status and detail information. It will help you to find out the detail information of MLD Snooping status.
Page 298 Kommunikation The number of Received Queries. V1 Reports Received :  The number of Received V1 Reports. V2 Reports Received :  The number of Received V2 Reports. V1 Leaves Received :  The number of Received V1 Leaves.
Page 299: 3-10.2.2 Group Information
Kommunikation 3-10.2.2 Group Information The section describes user could set the MLD Snooping Groups Information. The "Start from VLAN", and "group" input fields allow the user to select the starting point in the MLD Group Table Web Interface To display the MLD Snooping Group information in the web interface: 1.
Page 300 Kommunikation Buttons  Auto-refresh: Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. Refresh: Click to refresh the page. |<<: Updates the system log entries to the first available entry ID >> : Updates the system log entry to the next available entry ID Publication date: Sept., 2015...
Page 301: 3-10.2.3 Ipv6 Sfm Information
Kommunikation 3-10.2.3 IPv6 SFM Information Entries in the MLD SFM Information Table are shown on this page. The MLD SFM (Source-Filtered Multicast) Information Table also contains the SSM (Source-Specific Multicast) information. This table is sorted first by VLAN ID, then by group, and then by Port. Different source addresses belong to the same group are treated as single entry.
Page 302 Kommunikation can be either Include or Exclude. Source Address :  IP Address of the source. Currently, system limits the total number of IP source addresses for filtering to be 128. Type :  Indicates the Type. It can be either Allow or Deny.
Page 303: Lldp
Kommunikation 3-11 LLDP 3-11.1 Neighbour This page provides a status overview for all LLDP neighbours. The displayed table contains a row for each port on which an LLDP neighbour is detected. The columns hold the following information: Web Interface To show LLDP neighbours: 1.
Page 304 Kommunikation 5. Router 6. Telephone 7. DOCSIS cable device 8. Station only 9. Reserved When a capability is enabled, the capability is followed by (+). If the capability is disabled, the capability is followed by (-). Management Address : ...
Page 305: 3-11.2 Lldp-Med Neighbour
Kommunikation 3-11.2 LLDP-MED Neighbour This page provides a status overview of all LLDP-MED neighbours. The displayed table contains a row for each port on which an LLDP neighbour is detected. This function applies to VoIP devices which support LLDP-MED. The columns hold the following information:...
Page 306 Kommunikation the previous Endpoint Device Class. For-example will any LLDP-MED Endpoint Device claiming compliance as a Media Endpoint (Class II) also support all aspects of TIA-1057 applicable to Generic Endpoints (Class I), and any LLDP-MED Endpoint Device claiming compliance as a Communication Device (Class III) will also support all aspects of TIA-1057 applicable to both Media Endpoints (Class II) and Generic Endpoints (Class I).
Page 307 Kommunikation 3. Guest Voice - to support a separate limited feature-set voice service for guest users and visitors with their own IP Telephony handsets and other similar appliances supporting interactive voice services. 4. Guest Voice Signalling - for use in network topologies that require a different policy for the guest voice signalling than for the guest voice media.
Page 308: 3-11.3 Eee
Kommunikation Auto-refresh: Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. Refresh: Click to refresh the page. 3-11.3 EEE By using EEE power savings can be achieved at the expense of traffic latency. This latency occurs due to that the circuits EEE turn off to save power, need time to boot up before sending traffic over the link.
Page 309 Kommunikation Echo Tx Tw :  The link partner's Echo Tx Tw value. The respective echo values shall be defined as the local link partners reflection (echo) of the remote link partners respective values. When a local link partner receives its echoed values from the remote link partner it can determine whether or not the remote link partner has received, registered and processed its most recent values.
Page 310: 3-11.4 Port Statistics
Kommunikation 3-11.4 Port Statistics Two types of counters are shown. Global counters are counters that refer to the whole switch, while local counters refer to per port counters for the currently selected switch Web Interface To show LLDP Statistics: 1.
Page 311 Kommunikation Total Neighbours Entries Aged Out :  Shows the number of entries deleted due to Time-To-Live expiring. Local Counters The displayed table contains a row for each port. The columns hold the following information: Local Port : ...
Page 312: Mac Table
Kommunikation 3-12 MAC Table Entries in the MAC Table are shown on this page. The MAC Table contains up to 8192 entries, and is sorted first by VLAN ID, then by MAC address. Web Interface To Display MAC Address Table in the web interface: 1.
Page 313 Kommunikation The VLAN ID of the entry. MAC address :  The MAC address of the entry. Port Members :  The ports that are members of the entry. Buttons  Auto-refresh: Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds.
Page 314: Vlans
Kommunikation 3-13 VLANs 3-13.1 VLAN Membership This page provides an overview of membership status of VLAN users. The ports belong to the currently selected stack unit, as reflected by the page header. Web Interface To configure VLAN membership configuration in the web interface: 1.
Page 315 Kommunikation The VLAN Membership Status Page shall show the current VLAN port members for all VLANs configured by a selected VLAN User (selection shall be allowed by a Combo Box). When ALL VLAN Users are selected, it shall show this information for all the VLAN Users, and this is by default.
Page 316: 3-13.2 Vlan Port
Kommunikation 3-13.2 VLAN Port The function Port Status gathers the information of all VLAN status and reports it by the order of Static NAS MVRP MVP Voice VLAN MSTP GVRP Combined. Web Interface To Display VLAN Port Status in the web interface: 1.
Page 317 Kommunikation Custom TPID. Ingress Filtering :  Shows the ingress filtering on a port. This parameter affects VLAN ingress processing. If ingress filtering is enabled and the ingress port is not a member of the classified VLAN, the frame is discarded.
Page 318: Vcl
Kommunikation 3-14 VCL 3-14.1 MAC-based VLAN section This shows MAC-based VLAN entries configured by various MAC-based VLAN users. Currently we support following VLAN User types: CLI/Web/SNMP : These are referred to as static. NAS : NAS provides port-based authentication, which involves communications between a Supplicant, Authenticator, and an Authentication Server.
Page 319: 3-14.2 Protocol-Based Vlan
Kommunikation 3-14.2 Protocol-based VLAN 3-14.2.1 Protocol to Group This page shows you the protocols to Group Name (unique for each Group) mapping entries for the switch . Web Interface To Display Protocol-based VLAN configuration in the web interface: 1. Click Monitor, VCL, Protocol to Group.
Page 320 Kommunikation organization, the protocol ID is a value assigned by that organization to the protocol running on top of SNAP. In other words, if value of OUI field is 00-00-00 then value of PID will be etype (0x0600-0xffff) and if value of OUI is other than 00-00-00 then valid value of PID will be any value from 0x0000 to 0xffff.
Page 321: 3-14.2.2 Group To Vlan
Kommunikation 3-14.2.2 Group to VLAN This page shows you the configured Group Name to a VLAN for the switch . Web Interface To Display Group to VLAN configuration in the web interface: 1. Click Monitor, VCL, Group to VLAN.
Page 322: 3-14.3 Ip Subnet-Based Vlan
Kommunikation 3-14.3 IP Subnet-based VLAN The page shows IP subnet-based VLAN entries. This page shows only static entries. Web Interface To Display MAC-based VLAN configuration in the web interface: 1. Click Monitor, VCL, IP Subnet-based VLAN. Checked “Auto-refresh”. 3. Click “Refresh“ to refresh the port detailed statistics.
Page 323: Sflow
Kommunikation 3-15 sFlow This session shows receiver and per-port sFlow statistics Web Interface To Display MAC-based VLAN configuration in the web interface: 1. Click Monitor, sFlow 2. Display sFlow information. Figure 3-15: The sFlow Statistics Parameter description: Owner ...
Page 324 Kommunikation Timeout  The number of seconds remaining before sampling stops and the current sFlow owner is released. Tx Successes  The number of UDP datagrams successfully sent to the sFlow receiver. Tx Errors  The number of UDP datagrams that has failed transmission.
Page 325: Chapter 4. Diagnostics
Kommunikation Diagnostics Chapter 4. This chapter provides a set of basic system diagnosis. It let users know that whether the system is health or needs to be fixed. The basic system check includes ICMP Ping, Link OAM, ICMPv6, and VeriPHY Cable Diagnostics.
Page 326 Kommunikation The VLAN ID (VID) of the specific egress IPv6 interface which ICMP packet goes. The given VID ranges from 1 to 4094 and will be effective only when the corresponding IPv6 interface is valid. When the egress interface is not given, PING6 finds the best match interface for destination.
Page 327: Ping6
Kommunikation 4-2 Ping6 This section allows you to issue ICMPv6 PING packets to troubleshoot IPv6 connectivity issues. Web Interface To configure an ICMPv6 PING Configuration in the web interface: 1. Specify ICMPv6 PING IP Address. 2. Specify ICMPv6 PING Size.
Page 328 Kommunikation PING server 10.10.132.20 64 bytes from 10.10.132.20: icmp_seq=0, time=0ms 64 bytes from 10.10.132.20: icmp_seq=1, time=0ms 64 bytes from 10.10.132.20: icmp_seq=2, time=0ms 64 bytes from 10.10.132.20: icmp_seq=3, time=0ms 64 bytes from 10.10.132.20: icmp_seq=4, time=0ms Sent 5 packets, received 5 OK, 0 bad You can configure the following properties of the issued ICMP packets: Publication date: Sept., 2015...
Page 329: Veriphy
Kommunikation 4-3 VeriPHY This section is used for running the VeriPHY Cable Diagnostics. Press to run the diagnostics. This will take approximately 5 seconds. If all ports are selected, this can take approximately 15 seconds. When completed, the page refreshes automatically, and you can view the cable diagnostics results in the cable status table.
Page 330: Traceroute
Kommunikation 4-4 Traceroute This page allows you to issue ICMP, TCP, or UDP packets to diagnose network connectivity issues. Web Interface To configure an ICMPv6 PING Configuration in the web interface: 1. Specify traceroute IP Address. 2. Specify traceroute Size.
Page 331: Chapter 5. Maintenance
Kommunikation Maintenance Chapter 5. This chapter describes the entire switch Maintenance configuration tasks to enhance the performance of local network including Restart Device, Firmware upgrade, Save/Restore, Import/Export. 5-1 Restart Device This section describes how to restart switch for any maintenance needs. Any configuration files or scripts that you saved in the switch should still be available afterwards.
Page 332: Factory Defaults
Kommunikation 5-2 Factory Defaults This section describes how to reset the Switch configuration to Factory Defaults. Any configuration files or scripts will recover to factory default values. Web Interface To configure a Factory Defaults Configuration in the web interface: 1.
Page 333: Firmware
Kommunikation 5-3 Firmware This section describes how to upgrade Firmware. The Switch can be enhanced with more value-added functions by installing firmware upgrades. 5-3.1 Firmware upgrade This page facilitates an update of the firmware controlling the switch.. Web Interface To configure a Firmware Upgrade Configuration in the web interface: 1.
Page 334: 5-3.2 Firmware Selection
Kommunikation 5-3.2 Firmware Selection This page provides information about the active and alternate (backup) firmware images in the device, and allows you to revert to the alternate image. The web page displays two tables with information about the active and alternate firmware images.
Page 335 Kommunikation Cancel: Cancel activating the backup image. Navigates away from this page. Publication date: Sept., 2015 Revision A2...
Page 336: Configuration
Kommunikation 5-4 Configuration The switch stores its configuration in a number of text files in CLI format. The files are either virtual (RAM-based) or stored in flash on the switch. There are three system files:  running-config: A virtual file that represents the currently active configuration on the switch.
Page 337: 5-4.2 Upload
Kommunikation 5-4.2 Upload The configuration upload function will be backuped and saved configuration from the switch’s configuration into the running web browser PC. It is possible to upload any of the files on the switch to the web browser. Select the file and click Upload of running-config may take a little while to complete, as the file must be prepared for upload.
Page 338: 5-4.3 Download
Kommunikation 5-4.3 Download This section describes to export the Switch Configuration for maintenance needs. Any current configuration files will be exported as text format. It is possible to download a file from the web browser to all the files on the switch, except default-config, which is read-only.
Page 339 Kommunikation 5-4.4 Activate It is possible to activate any of the configuration files present on the switch, except for running-config which represents the currently active configuration. Select the file to activate and click . This will initiate the process of completely replacing the existing configuration with that of the selected file.
Page 340: 5-4.5 Delete
Kommunikation 5-4.5 Delete It is possible to delete any of the writable files stored in flash, including startup-config. If this is done and the switch is rebooted without a prior Save operation, this effectively resets the switch to default configuration.

Barox RY-LGSO25-24 User Manual

Chapter 1 Operation of Web-Based Management

Chapter 2 System Configuration

Chapter 3. Monitor

Chapter 4. Diagnostics

Chapter 5. Maintenance

Quick Links

Need help?

Questions and answers

Related Manuals for Barox RY-LGSO25-24

Summary of Contents for Barox RY-LGSO25-24