Page 2 Ruijie Networks reserves the right to modify the content of the document without any notice or prompt. This manual is designed merely as a user guide. Ruijie Networks has tried its best to ensure the accuracy and reliability of the content when compiling this manual, but it does not guarantee that the content of the manual is completely free of errors or omissions, and all the information in this manual does not constitute any explicit or implicit warranties.
Page 3: Preface
Intended Audience This document is intended for:  Network engineers  Technical support and servicing engineers  Network administrators Technical Support  The official website of Ruijie Reyee: https://reyee.ruijie.com  Technical Support Website: https://reyee.ruijie.com/en-global/support  Case Portal: https://www.ruijienetworks.com/support/caseportal  Community: https://community.ruijienetworks.com...
Page 4 Note The manual offers configuration information (including model, description, port type, software interface) for indicative purpose only. In case of any discrepancy or inconsistency between the manual and the actual version, the actual version prevails.
Page 5: Table Of Contents
Contents Preface ..............................I 1 Change Description ..........................1 1.1 ReyeeOS 2.280.0.1718;SWITCH_3.0(1)B11P280,Release(11171809) ........1 1.1.1 Hardware Change ......................1 1.1.2 Software Feature Change ....................1 1.2 ReyeeOS 2.280.0.1621;SWITCH_3.0(1)B11P280,Release(11162101) ........1 1.2.1 Hardware Change ......................1 1.2.2 Software Feature Change ....................1 1.3 ReyeeOS 2.260 .........................
Page 6 2.5 Switching the Management Mode ................... 14 3 Network-Wide Management ......................16 3.1 Viewing Networking Information ....................16 3.2 Adding Devices ........................18 3.2.1 Adding a Device Through Wired Connection............... 18 3.2.2 AP Mesh ........................20 3.3 Configuring VLANs ........................28 3.3.1 Configuring a Wired VLAN ...................
Page 7 4.1 Basic information about the One-Device ................. 48 4.2 Smart Monitoring ........................49 4.3 Port Info............................ 50 5 VLAN ..............................52 5.1 VLAN Overview ........................52 5.2 Configuring a VLAN ......................... 52 5.2.1 Adding a VLAN ......................52 5.2.2 Modifying VLAN Description ..................53 5.2.3 Deleting a VLAN ......................
Page 8 7.2 Port Configuration ........................70 7.2.1 Basic Settings ......................70 7.2.2 Physical Settings ......................73 7.3 Aggregate Ports ........................76 7.3.1 Aggregate Port Overview ..................... 76 7.3.2 Overview ........................77 7.3.3 Aggregate Port Configuration ..................78 7.3.4 Configuring a Load Balancing Mode ................80 7.3.5 Configuring LACP Settings ..................
Page 9 8.3 IGMP Snooping ........................97 8.3.1 Overview ........................97 8.3.2 Enabling Global IGMP Snooping ................. 97 8.3.3 Configuring Protocol Packet Processing Parameters ..........98 8.4 Configuring MVR ........................100 8.4.1 Overview ........................100 8.4.2 Configuring Global MVR Parameters ................ 101 8.4.3 Configuring the MVR Ports ..................
Page 10 9.4.2 Configuring a Static RP ..................... 113 9.4.3 Configuring a Candidate RP ..................113 9.5 Configuring BSR ........................114 9.5.1 Overview ........................114 9.5.2 Configuring BSR ......................115 9.5.3 Viewing BSR Routing Info..................115 9.6 Configuring IGMP ........................115 9.6.1 Overview ........................115 9.6.2 Enabling IGMP ......................
Page 11 11.1 Configuring Static Routes ....................133 11.2 Configuring the IPv6 Static Route ..................135 11.3 Configuring RIP ........................136 11.3.1 Configuring RIP Basic Functions ................136 11.3.2 Configuring the RIP Port ..................138 11.3.3 Configuring the RIP Global Configuration ..............140 11.3.4 Configuring the RIP Route Redistribution List ............
Page 12 11.6.1 Configuring OSPFv3 Basic Parameters ..............164 11.6.2 Adding an OSPFv3 Interface ................... 173 11.6.3 Managing OSPFv3 Stub Areas ................174 11.6.4 Viewing OSPFv3 Neighbor Information ..............175 11.7 Routing Table Info ....................... 175 12 Security ............................176 12.1 DHCP Snooping........................176 12.1.1 Overview ........................
Page 13 12.6.3 Enabling Port IP Source Guard ................187 12.6.4 Configuring Exceptional VLAN Addresses .............. 188 12.7 Configure 802.1x authentication ..................189 12.7.1 Function introduction....................189 12.7.2 Configuration 802.1x ....................190 12.7.3 View the list of wired authentication users ............... 195 12.8 Anti-ARP Spoofing .......................
Page 14 13.4.2 Control VLAN and Data VLAN ................. 209 13.4.3 Basic Model of an Ethernet Ring ................210 13.4.4 RPL and Nodes ......................212 13.4.5 ERPS Packet ......................213 13.4.6 ERPS Timer ......................213 13.4.7 Ring Protection ......................214 13.4.8 Protocols and Standards ..................214 13.4.9 Configuring ERPS ....................
Page 15 14.1 Info Center ........................... 239 14.1.1 Port Info ........................239 14.1.2 VLAN Info ......................... 240 14.1.3 Routing Info ......................240 14.1.4 DHCP Clients ......................241 14.1.5 ARP List ........................241 14.1.6 MAC Address ......................242 14.1.7 DHCP Snooping ....................... 242 14.1.8 IP-MAC Binding .......................
Page 16 15.4 Configuring SNMP ....................... 253 15.4.1 Overview ........................253 15.4.2 Global Configuration ....................254 15.4.3 View/Group/Community/Client Access Control ............255 15.4.4 SNMP Service Typical Configuration Examples ............262 15.4.5 Trap service configuration ..................267 15.4.6 Typical configuration examples of the trap service ..........271 15.5 Configuration Backup and Import ..................
Page 17: Change Description
Configuration Guide Change Description Change Description This chapter describes the major changes in software and hardware of different versions and related documentation. For details about hardware changes, see the release notes published with software versions. ReyeeOS 2.280.0.1718;SWITCH_3.0(1)B11P280,Release(11171809) 1.1.1 Hardware Change The following table lists the applicable hardware models of this version.
Page 18: Reyeeos 2.260
Configuration Guide Change Description ReyeeOS 2.260 1.3.1 Hardware Change This baseline version has no hardware change. The following table lists the applicable hardware models of this version. Model Hardware Version RG-NBS3100-8GT2SFP 1.0x, 1.1x, 1.2x RG-NBS3100-8GT2SFP-P 1.0x, 1.1x, 1.2x, 1.3x, 1.4x, 1.5x RG-NBS3100-24GT4SFP 1.0x, 1.1x, 1.2x, 2.0x, 2.1x, 2.2x, 3.0x, 3.1x, 3.2x RG-NBS3100-24GT4SFP-P...
Page 19: Software Feature Change
Configuration Guide Change Description 1.3.2 Software Feature Change This baseline version has no software feature change.
Page 20: Login
Configuration Guide Login Login Configuration Environment Requirements  Google Chrome, Internet Explorer 9.0, 10.0, and 11.0, and some Chromium/Internet Explorer kernel-based browsers (such as 360 Extreme Explorer) are supported. Exceptions such as garble characters or format error may occur if an unsupported browser is used. ...
Page 21 Configuration Guide Login You can use the default password admin to log in to the device for the first time. For security purposes, you are advised to change the default password as soon as possible after logging in, and to regularly update your password thereafter.
Page 22: Layout Configuration
Configuration Guide Login Layout Configuration 2.2.3 ① ② ⑦ ③ ⑥ ⑤ ④ Table 2-2 Layout Configuration Description Search for frequently used device functions, including network-wide management, egress gateway, and device and system related functionalities. Quick view of device alarms, change the web interface language, and exit the web interface. Device information and device restart button.
Page 23: Quick Setup
Configuration Guide Login Quick Setup 2.3.1 Configuration Preparations Connect the device to the power supply, and connect the device port to an uplink device with an Ethernet cable. 2.3.2 Procedure 1. Change the Web Interface Language Click English in the top right corner of the web interface. Select the desired language from the drop-down list to change the language of the web interface.
Page 24 Configuration Guide Login 3. Creating a Web Project (1) Click Start Setup to configure the Internet connection type.  Internet: Configure the Internet connection type according to requirements of the local Internet Service Provider (ISP). ○ PPPoE: Click PPPoE, and enter the username, password, and service name. Click Next. ○...
Page 25 Configuration Guide Login (2) Click Next. On the page that is displayed, set the project name and management password.  Project Name: Identifies the network project where the device is located.  Management Password: The password is used for logging in to the web interface. Click Finish.
Page 26: Procedure For Configuring Hot Standby (Vcs)
Configuration Guide Login The device can access the Internet now. Bind the device to a Ruijie Cloud account for remote management. Follow the instruction to log in to Ruijie Cloud for further configuration. Note  If your device is not connected to the Internet, click Exit to exit the configuration wizard.
Page 27 Configuration Guide Login (1) Connect two switches with cables to form a VCS group. Caution Only one link is required between devices before VCS is configured, for example, connect Port 50 of Device 1 to Port 50 of Device 2, as shown in Figure 2-1.
Page 28 Configuration Guide Login (3) Click Start Setup. (4) Connect the 10GE interfaces of the two switches using a cable (for example, connect Interface 50 of Device 1 to Interface 50 of Device 2, as shown in Figure 2-1). Then, choose Dual-Device Config, and click Next.
Page 29 Configuration Guide Login (5) Select the standby switch. (6) Select another VCS interface (Interface 49 in the following figure), or multiple VCS interfaces. You are advised to select two adjacent interfaces on a switch. Up to four VCS interfaces on a switch can be selected. These VCS interfaces must be 10GE interfaces.
Page 30: Work Mode
Configuration Guide Login Caution To delete the hot standby configuration, ensure that the network cable connecting the hot standby interfaces is disconnected. Failure to do so may result in a loop that can cause network disconnection. Work Mode The device supports two work modes: Standalone and Self-Organizing Network. It works in Self-Organizing Network mode by default.
Page 31 Configuration Guide Login Figure 2-2 Web Interface in Standalone Mode In SON mode, you can batch set the commonly used functions of all wired and wireless Reyee products on the self-organizing network, including the currently logged-in device, as shown in Figure 2-3.
Page 32: Network-Wide Management
Configuration Guide Network-Wide Management Network-Wide Management Choose Network-Wide > Workspace > Topology. The Topology page displays the current network topology, real-time uplink and downlink traffic, connection status, and number of clients on the current network. It also provides quick actions for network and device setup. On the current page, you can monitor, configure, and manage the entire network.
Page 33 Configuration Guide Network-Wide Management  Click the egress gateway to view real-time traffic information of the device.  Click a device in the topology to view the running status and configuration of the device, and to configure functions on the device. The device name is the product model by default. You can click to change the device name.
Page 34: Adding Devices
Configuration Guide Network-Wide Management  The update time is displayed in the lower left corner of the topology page. Click Refresh to refresh the topology. It takes some time to refresh the topology. Adding Devices 3.2.1 Adding a Device Through Wired Connection (1) When a new device joins the network through a wired connection, the system displays a prompt that a device not in SON is detected.
Page 35 Configuration Guide Network-Wide Management (2) On the Network List page, click the downward arrow next to Other Network to expand this list. Select the desired device(s) and click Add to My Network. You do not need to enter the password if the device to be added has not been configured before. If a password is required, enter the management password of the device.
Page 36: Ap Mesh
Configuration Guide Network-Wide Management 3.2.2 AP Mesh Note This function is only supported on Reyee APs that support AP Mesh function. 1. Overview After being powered on and enabled with the AP Mesh feature, a Mesh-capable new AP can be paired with other Mesh-capable wireless devices on the target network through multiple ways.
Page 37 Configuration Guide Network-Wide Management 3. One-Touch Pairing Caution  The uplink device must be an EGW router.  The new AP must be in factory-reset configuration.  It can be scanned only when the network is enabled with AP Mesh. ...
Page 38 Configuration Guide Network-Wide Management (6) Click View Details next to the icon to obtain information about the uplink device and RSSI. 4. Search-based Pairing Caution  The uplink device must be an EGW router.  The new AP must be in factory-reset configuration. ...
Page 39 Configuration Guide Network-Wide Management (3) On the AP Mesh page, click Scan to scan devices that are not connected to the network via an Ethernet cable. (4) Select the APs to be added and click Add to My Network. Up to eight APs can be added at a time. Wait until the mesh process finishes.
Page 40 Configuration Guide Network-Wide Management (5) Check the topology on the Physical Topology page to make sure that the new AP has connected to the uplink device in wireless mode. (6) Power off the new AP and install it to the planned location. (7) Log in to the web interface of a device on the target network.
Page 41 Configuration Guide Network-Wide Management 5. Wired Pairing Caution  The uplink device can be an AP, EG router, or EGW router.  The new AP must be in factory-reset configuration.  It can be scanned only when the live network is enabled with AP Mesh. (1) Plug one end of the Ethernet cable to the uplink port of the new AP, and the other end to the downlink port of an AP, EG router, or EGW router on the target network.
Page 42 Configuration Guide Network-Wide Management (5) Click View Details next to the icon to obtain information about the uplink device and RSSI. 6. Enabling WAN Port The WAN port works as the wired uplink port of the AP by default. For the AP added to the target network through Mesh pairing, the WAN port is disabled by default.
Page 43 Configuration Guide Network-Wide Management (2) Choose Config > Advanced > Enable WAN, toggle on Enable, and click Save. 7. Viewing Mesh APs and Mesh Details (1) Log in to the web interface of a device on the target network. (2) View Mesh APs. ...
Page 44: Configuring Vlans
Configuration Guide Network-Wide Management (3) View Mesh details. In SON mode, choose Devices > AP. Select the target AP, and click View Details in the Relay Information column to view the Mesh details. Configuring VLANs Choose Network-Wide > Workspace > Network Planning. 3.3.1 Configuring a Wired VLAN Choose Network-Wide...
Page 45 Configuration Guide Network-Wide Management Alternatively, you can select an existing wired VLAN and click Setup to edit the VLAN. (1) Configure the VLAN ID, address pool server, and DHCP pool. The gateway is configured as the address pool server by default to assign IP addresses to clients. If an access switch exists on the network, you can select the access switch as the address pool server.
Page 46 Configuration Guide Network-Wide Management (2) Select the target switch in the topology and all member ports in the VLAN, and click Next. (3) Confirm the configurations and click Save. The configurations will take effect in a few minutes.
Page 47: Configuring A Wi-Fi Vlan
Configuration Guide Network-Wide Management 3.3.2 Configuring a Wi-Fi VLAN Choose Network-Wide > Workspace > Network Planning. On the Network Planning page, click Add Wi-Fi LAN. Alternatively, you can select an existing wireless VLAN and click Setup to edit the VLAN. (1) Configure the SSID, Wi-Fi password and band.
Page 48 Configuration Guide Network-Wide Management (2) Configure the VLAN ID, address pool server and DHCP pool. The gateway is configured as the address pool server by default to assign IP addresses to clients. If an access switch exists on the network, you can select the access switch as the address pool server.
Page 49: Network-Wide Wireless Management
Configuration Guide Network-Wide Management Network-wide Wireless Management Choose Network-Wide > Workspace > Wireless. The functions supported by Network-wide Wireless Management depend on the APs on the network. Detailed information on the supported functions can be found in the Web-based Configuration Guide of RG-RAP and RG-EAP devices.
Page 50: Device Management
Configuration Guide Network-Wide Management Device Management View all devices on the current network. You can configure and manage the devices simply by logging into one device on the network. The methods to access device management are as follows: Method 1: Click the device icon in the top right corner of the Physical Topology to switch to the device list view. Method 2: Choose Network-Wide >...
Page 51: Online Client Management
Configuration Guide Network-Wide Management Online Client Management Choose Network-Wide > Clients. The client list displays wired, wireless, and users not connected on the current network, including the username, connection mode, associated device, IP/MAC address, IP address binding status, rate, and related operations. ...
Page 52 Configuration Guide Network-Wide Management Table 3-1 Online Client Management Configuration Parameters Parameter Description Username Name of the connected client. Indicates the access mode of the client, which can be wireless or wired. The SSID SSID and Band and frequency band is displayed when a client is connected wirelessly. The Wi-Fi signal strength of the client and the associated channel.
Page 53: Configuring Client Ip Binding
Configuration Guide Network-Wide Management User not connected Click the User not connected tab to see details about clients waiting to connect. This list includes clients tagged manually or recognized as devices previously connected to the network but not currently listed in device management or online client lists.
Page 54: Configuring Client Access Control
Configuration Guide Network-Wide Management Select the clients to be bound, click Bind IP, and click OK in the pop-up box to bind the selected clients to a static IP address.  Unbind an IP address Select the client to be unbound from the list, click Bound, and click OK in the pop-up box. 3.6.2 Configuring Client Access Control Note...
Page 55: Blocking Clients
Configuration Guide Network-Wide Management 3.6.3 Blocking Clients Choose Network-Wide > Clients. An unauthorized client may occupy network bandwidth and pose security risks. You can block specified clients to solve the unauthorized access problem. Note Client block is available only for wireless clients. ...
Page 56: Configuring Client Rate Limiting
Configuration Guide Network-Wide Management 3.6.4 Configuring Client Rate Limiting Choose Network-Wide > Clients > Wireless. To ensure fair resource allocation, the network administrator can implement wireless rate limiting to prevent some users or devices from occupying a large amount of bandwidth and affecting the network experience of other users.
Page 57: Firewall Management
Configuration Guide Network-Wide Management Click the Wireless tab, click the LimitSpeed column in the table, and click Disable. Firewall Management After a firewall is added to the network, you can manage and configure the firewall on the Web management system. 3.7.1 Viewing Firewall Information You can view the basic information and license of the firewall on the Web management system.
Page 58: Configuring Firewall Port
Configuration Guide Network-Wide Management Click Manage Firewall to go to the Web management interface of the firewall. Configure the security policy and license activation for the firewall. For details, see the Web-based configuration guide of the firewall. 3.7.2 Configuring Firewall Port If the firewall is set to transparent mode, the Firewall Port Config page appears.
Page 59 Configuration Guide Network-Wide Management Caution After unfollowing a specified alert type, you will not discover and process all alerts of this type promptly. Therefore, exercise caution when performing this operation. Click View Unfollowed Alert to view the unfollowed alert. You can follow the alert again in the pop-up window.
Page 60: Smart Device Network
Configuration Guide Network-Wide Management Smart Device Network Caution Currently, the function is supported by RG-NBS6002 Series, RG-NBS7003 Series and RG-NBS7006 Series devices. 3.9.1 Overview The smart device network is used to quickly plan and set up an isolation network for smart clients, so as to isolate the client network from the normal service network and other types of clients, and improve the stability of the network.
Page 61 Configuration Guide Network-Wide Management (3) Display the identified client and client server information, including IP address, MAC address, SN number of the connected switch and connection port. Click to view the detailed information. If the connection information to the client server is not identified, you need to click Configure and fill in the relevant information manually. After confirming that the client device information is correct, click Isolate Client.
Page 62 Configuration Guide Network-Wide Management (5) After confirming the configuration, click Deliver Config. If you need to modify it, you can click Previous to return to the setting page. (6) The page displays that the configuration has been delivered successfully, indicating that the settings have been completed.
Page 63 Configuration Guide Network-Wide Management (7) After completing the smart device network settings, you can view the client monitoring information on the page, including client online status, connection information, device information, and online and offline time. Select the client entry and click Delete Client to remove the specified client from the current network. Click Batch Edit Hostnames to import a txt file containing client IP and client name (one line for each client, each line contains an IP and a name, and the IP and the name are separated by the Tab key), and modify the client names in batches.
Page 64: One-Device Information
Configuration Guide One-Device Information One-Device Information Basic information about the One-Device Choose Local Device > Home > Basic Info. Basic information includes device name, device model, SN number, software version, management IP, MAC address, networking status, system time, working mode, etc. 1.
Page 65: Smart Monitoring
Configuration Guide One-Device Information 2. Switching the Work Mode Click the current work mode to change the work mode. 3. Setting MGMT IP Click current management IP address to jump to the management IP configuration page. For more information, Smart Monitoring Caution Only RG-NBS6002 Series, RG-NBS7003 Series and RG-NBS7006 Series devices support displaying this type of information.
Page 66: Port Info
Configuration Guide One-Device Information Port Info Choose Local Device > Home > Port Info.  The port info page displays the details of all ports currently on the switch. Click Panel View to view the port roles and statuses corresponding to port icons of different colors or shapes. ...
Page 67 Configuration Guide One-Device Information port will be displayed, including the port ID, port status, port rate, uplink and downlink traffic, transmission rate, and optical/electrical attribute of the port.  Traffic data is automatically updated every five minutes. You can click Refresh above the port panel to obtain the latest port traffic and status information simultaneously.
Page 68: Vlan
Configuration Guide VLAN VLAN VLAN Overview A virtual local area network (VLAN) is a logical network created on a physical network. A VLAN has the same properties as a normal physical network except that it is not limited by its physical location. Each VLAN has an independent broadcast domain.
Page 69: Modifying Vlan Description
Configuration Guide VLAN Create a VLAN: Click Add. Enter the VLAN ID and description for the VLAN, and click OK. The VLAN added will be displayed in VLAN List. Note  The range of a VLAN ID is from 1 to 4094. ...
Page 70: Deleting A Vlan
Configuration Guide VLAN 5.2.3 Deleting a VLAN Batch delete VLANs: In VLAN List, select the VLAN entries to be deleted and click Delete Selected to delete VLANs in a batch. Delete a VLAN: In VLAN List, click Delete in the Action column to delete the specified VLAN. Note The default VLAN (VLAN 1), management VLAN, native VLAN, and access VLAN cannot be deleted.
Page 71 Configuration Guide VLAN Port List displays the VLAN division of the current port. Create VLANs in VLAN List page (see 3.5.2 Creating VLAN) and then configure the port based on the VLANs. You can configure the port mode and VLAN members for a port to determine VLANs that are allowed to pass through the port and whether packets to be forwarded by the port carry the tag field.
Page 72 Configuration Guide VLAN Port mode Function Tag VLAN carry tags, and the frames forwarded by the hybrid port from an Untagged VLAN do not carry tags. The frames forwarded by the hybrid port from Native VLAN must not carry tags, therefore Native VLAN can only belong to Untagged VLAN List.
Page 73: Batch Switch Configuration
Configuration Guide VLAN Note  VLAN ID range is from 1 to 4094, among which VLAN 1 is the default VLAN that cannot be deleted.  When hardware resources are insufficient, the system displays a VLAN creation failure message.  Improper configuration of VLANs on a port (especially uplink port) may cause the failure to log in to the web interface.
Page 74 Configuration Guide VLAN (2) Click Add VLAN to create a VLAN for the selected devices in a batch. If you want to create multiple VLANs, click Batch Add and enter the VLAN ID range, such as 3-5,100. After setting the VLANs, click Next. (3) Configure port attributes for the ports selected in Step 1 in a batch.
Page 75 Configuration Guide VLAN 3. Verifying Configuration View the VLAN and port information of switches to check whether the batch configurations are successfully delivered.
Page 76: Monitoring
Configuration Guide Monitoring Monitoring Port Flow Choose Local Device > Monitor > Port Flow. This page displays traffic statistics such as the rate of the device port, the number of sent and received packets, and the number of error packets. The rate of the port is updated every five seconds. Other traffic statistics are updated every five minutes.
Page 77: Displaying The Mac Address Table
Configuration Guide Monitoring packet through the interface corresponding to the entry in unicast mode. If the device does not find such an entry, it forwards the packet through all interfaces other than the receiving interface in broadcast mode. MAC address entries are classified into the following types: ...
Page 78: Configuring Static Mac Binding
Configuration Guide Monitoring Note The MAC address entry capacity depends on the product. For example, the MAC address entry capacity of the device shown in the preceding figure is 32000. 6.2.3 Configuring Static MAC Binding The switch forwards data based on the MAC address table. You can set a static MAC address entry to manually bind the MAC address of a downlink network device to the port of the device.
Page 79: Displaying Dynamic Mac Address
Configuration Guide Monitoring 2. Deleting Static MAC Address Entries Choose Local Device > Monitor > Clients > Static MAC. Batch delete: In MAC List, select the MAC address entries to be deleted and click Delete Selected. In the displayed dialog box, click OK. Delete an entry: In MAC List, select the entry to be deleted, click Delete in the Action column.
Page 80: Configuring Mac Address Filtering
Configuration Guide Monitoring Delete dynamic MAC address: Select the clear type (by MAC address, by VLAN, or by port), enter a string for matching the dynamic MAC address entry, and click Clear. The device will clear MAC address entries that meet the conditions.
Page 81 Configuration Guide Monitoring 1. Adding Filtering MAC Address Choose Local Device > Monitor > Clients > MAC Filter. Click Add. In the dialog box that appears, enter the MAC address and VLAN ID, and then click OK. 2. MAC Filter Choose Local Device >...
Page 82: Configuring Mac Address Aging Time
Configuration Guide Monitoring 6.2.6 Configuring MAC Address Aging Time Set the aging time of dynamic MAC address entries learned by the device. Static MAC address entries and filtering MAC address entries do not age. The device deletes useless dynamic MAC address entries based on the aging time to save entry resources on the device.
Page 83: Viewing Optical Transceiver Info
Configuration Guide Monitoring send data frames to the physical network. The process of obtaining MAC addresses based on IP addresses is called address resolution. The Address Resolution Protocol (ARP) is used to resolve IP addresses into MAC addresses. ARP can obtain the MAC address associated with an IP address.
Page 84 Configuration Guide Monitoring...
Page 85: Ports
Configuration Guide Ports Ports Overview Ports are important components for data exchange on network devices. The port management module allows you to configure basic settings for ports, and configure port aggregation, switched port analyzer (SPAN), port rate limiting, management IP address, etc. Table 7-1 Description of Port Type Port Type...
Page 86: Port Configuration
Configuration Guide Ports Port Type Note Remarks An L3 aggregate port is a logical aggregate port group composed of multiple physical member ports, just like an L2 aggregate port. The ports to be aggregated must be L3 ports of the same type. An aggregate port serves as the gateway interface of L3 switching.
Page 87 Configuration Guide Ports Batch configure: Click Batch Edit, select the port to be configured In the displayed dialog box, select the port switch, rate, work mode, and flow control mode, and click OK to deliver the configuration. In batch configuration, optional configuration items are a common collection of selected ports (that is, attributes supported the selected ports).
Page 88 Configuration Guide Ports Configure one port: In Port List, select a port entry and click Edit in the Action column. In the displayed dialog box, select port status, rate, work mode, and flow control mode, and click OK. Table 7-2 Description of Basic Port Configuration Parameters Parameter Description...
Page 89: Physical Settings
Configuration Guide Ports Parameter Description Default Value lost, but the PoE power supply function of the port will not be affected. Set the rate at which the Ethernet physical interface works. Set to Auto means that the port rate is determined by the Rate Auto auto-negotiation between the local and peer devices.
Page 90 Configuration Guide Ports Batch configure: Click Batch Edit. In the displayed dialog box, select the port to be configured, configure the EEE switch, MTU, enter the port description, and click OK. Note Copper ports and SFP ports cannot be both configured during batch configuration.
Page 91 Configuration Guide Ports Configure one port: Click Edit in the Action column of the list. In the displayed configuration box, configure the EEE switch, port mode, enter the port description, and click OK. Table 7-3 Description of Physical Configuration Parameters Parameter Description Default Value...
Page 92: Aggregate Ports
Configuration Guide Ports Parameter Description Default Value standard IEEE 802.3az protocol. When enabled, EEE saves energy by making the interface enter LPI (Low Power Idle) mode when the Ethernet connection is idle. Value: Disable/Enable The port attribute indicates whether the port is a copper port or an SFP port.
Page 93: Overview
Configuration Guide Ports 7.3.2 Overview 1. Static AP Address In static AP mode, you can manually add a physical interface to an aggregate port. An aggregate port in static AP mode is called a static aggregate port and the member ports are called member ports of the static aggregate port.
Page 94: Aggregate Port Configuration
Configuration Guide Ports 4. LACP Link Aggregation Control Protocol (LACP) is a standardized protocol for dynamically aggregating multiple physical links into a single logical link to enhance network bandwidth and reliability. LACP defines the negotiation process and parameters of link aggregation, which enables the exchange of link aggregation information and the negotiation of link aggregation parameters among network devices and ensures the reliability and stability of the link aggregation.
Page 95 Configuration Guide Ports 2. Modifying Member Ports of a Static Aggregate Port Click an added static aggregate port. Member ports of the aggregate port will become selected. Click a port to deselect it; or select other ports to join the current aggregate port. Click Save to modify the member ports of the aggregate port.
Page 96: Configuring A Load Balancing Mode
Configuration Guide Ports 7.3.4 Configuring a Load Balancing Mode Choose Local Device > Ports > Aggregate Port > Global Settings. Select Load Balance Algorithm and click Save. The Device distributes incoming packets among member links by using the specified load balancing algorithm. The packet flow with the consistent feature is transmitted by one member link, whereas different packet flows are evenly distributed to various links.
Page 97 Configuration Guide Ports You can select a specific port and click Edit, or select multiple ports and click Batch Edit to modify the port priority, mode, and timeout mode in the pop-up window. Then, click OK to confirm and apply the changes. Table 7-4 Description of LACP Port List Configuration Parameters Default...
Page 98: Port Mirroring
Configuration Guide Ports Default Parameter Description Value The purpose of the timeout mode is to determine the timeout period and mechanism for LACP link aggregation. When no LACP frames are received from the peer device within the specified timeout duration, it is assumed that the peer device has experienced a failure.
Page 99: Procedure
Configuration Guide Ports Figure 7-1 Port Mirroring Principles Figure The SPAN function not only realizes the data traffic analysis of suspicious network nodes or device ports, but also does not affect the data forwarding of the monitored device. It is mainly used in network monitoring and troubleshooting scenarios.
Page 100 Configuration Guide Ports Table 7-5 Description of Port Mirroring Parameters Default Parameter Description Value A source port is also called a monitored port. Data flows on the source port are monitored for network analysis or troubleshooting. Src Port Support selecting multiple source ports and mirroring multiple ports to one destination port The destination port is also called the monitoring port, that is, the port Dest Port...
Page 101: Rate Limiting
Configuration Guide Ports Default Parameter Description Value The type of packets (data flow direction) to be monitored by a source port. Both: All packets passing through the port, including incoming and outgoing packets Monitor Direction Both Incoming: All packets received by a source port are copied to the destination port Outgoing: All packets transmitted by a source port are copied to the destination port...
Page 102 Configuration Guide Ports 1. Rate Limiting Configuration Click Batch Edit. In the displayed dialog box, select ports and enter the rate limits, and click OK. You must configure at least the ingress rate or egress rate. After the configuration is completed, it will be displayed in the list of port rate limiting rules.
Page 103: Mgmt Ip Configuration
Configuration Guide Ports 3. Deleting Rate Limiting Batch configure: Select multiple records in Port List, click Delete Selected and click OK in the confirmation dialog box. Configure one port: In Port List, click Delete on the corresponding port entry, and click OK in the confirmation dialog box.
Page 104: Configuring The Management Ipv6 Address
Configuration Guide Ports The device can be networked in two modes:  DHCP: Uses a temporary IP address dynamically assigned by the upstream DHCP server for Internet access.  Static IP: Uses a static IP address manually configured by users for Internet access. If you select DHCP, the device obtains parameters from the DHCP Server.
Page 105: Out-Of-Band Ip Configuration
Configuration Guide Ports Click Save. Out-of-Band IP Configuration Caution Only the RG-NBS6002 Series, RG-NBS7003 Series and RG-NBS7006 Series support this function. Choose Local Device > Ports > Out-of-Band IP. Set the MGMT management port IP of the chassis to centrally manage the modules in multiple slots of the device.
Page 106: Poe Configuration
Configuration Guide Ports Note No IP address is configured for the MGMT port by default. Currently, only a static IP address can be configured for the MGMT port but DHCP is not supported. PoE Configuration Caution Only PoE switches (model name containing –P, -LP, -HP, and -UP) support this function. Choose Local Device >...
Page 107: Poe Global Settings
Configuration Guide Ports 7.9.1 PoE Global Settings Choose Local Device > Ports > PoE > PoE Settings. PoE Transmit Power Mode refers to the way that a device allocates power to a connected PD (Powered Device). It supports Auto mode and Energy-saving mode. In Auto mode, the system allocates power based on the classes of PDs detected on ports.
Page 108: Power Supply Configuration Of Ports
Configuration Guide Ports PoE watchdog: This feature is mainly applicable to security surveillance scenarios. After this feature is enabled, when a PoE port of the device suddenly stops receiving packets during the ping interval, the powered device (PD) will be restarted after the ping interval expires to restore normal operation. Table 7-7 PoE Watchdog Configuration Description Packet Receiving Status...
Page 109 Configuration Guide Ports Table 7-8 Description of Parameters for Power Supply Configuration of Ports Parameter Description Default Value Whether to enable the power supply function on the ports Enable By default, the device only supplies power to PDs that comply with the standard IEEE 802.3af and 802.3at protocols.
Page 110: Displaying Global Poe Information
Configuration Guide Ports Parameter Description Default Value The maximum power that the port can transmit, ranging Max Transmit Power Not limit from 0 to 30, in watts (W). A blank value indicates no limit 7.9.3 Displaying Global PoE Information Choose Local Device > Ports > PoE > PoE Overview. Displays the global power supply information of the PoE function, including the total system power, used power, reserved power, remaining available power, peak maximum power, and the number of ports currently powered.
Page 111 Configuration Guide Ports Field Description The power supply priority of the port is divided into three levels: High, Medium, Priority and Low. Current Transmit Power Indicates the power output by the current port, in watts (W). Non-Standard Indicates whether the non-standard compatibility mode is enabled. Work Status Current work status of PoE ports.
Page 112: L2 Multicast
Configuration Guide L2 Multicast L2 Multicast Multicast Overview IP transmission methods are categorized into unicast, multicast, and broadcast. In IP multicast, an IP packet is sent from a source and forwarded to a specific group of receivers. Compared with unicast and broadcast, IP multicast saves bandwidth and reduces network loads.
Page 113: Igmp Snooping
Configuration Guide L2 Multicast Parameter Description Default Value After this function is enabled, to reduce the number of packets on the network, save network bandwidth and ensure the IGMP Report performance of the IGMP multicast device, the switch forwards Disable Suppression only one report packet to the multicast router if multiple downlink clients connected to the switch simultaneously send...
Page 114: Configuring Protocol Packet Processing Parameters
Configuration Guide L2 Multicast 8.3.3 Configuring Protocol Packet Processing Parameters By controlling protocol packet processing, an L2 multicast device can establish static or dynamic multicast forwarding entries. In addition, the device can adjust parameters to refresh dynamic multicast forwarding entries and IGMP snooping membership quickly.
Page 115 Configuration Guide L2 Multicast Table 8-2 Description of VLAN Configuration Parameters of IGMP Snooping Parameter Description Default Value Whether to enable or disable the VLAN multicast function. The multicast function of a VLAN takes effect only when both the Multicast Status Disable global IGMP snooping and VLAN multicast functions are enabled.
Page 116: Configuring Mvr
Configuration Guide L2 Multicast Parameter Description Default Value After it is enabled, when the port receives the Leave packets, it will immediately delete the port from the multicast group without waiting for the aging timeout. After that, when the device receives the corresponding specific group query packets and multicast data packets, the device will no longer Fast Leave Disable...
Page 117: Configuring Global Mvr Parameters
Configuration Guide L2 Multicast 8.4.2 Configuring Global MVR Parameters Choose Local Device > L2 Multicast > MVR. Click to enable the MVR, select the MVR VLAN, set the multicast group supported by the VLAN, and click Save. Multiple multicast groups can be specified by entering the start and end multicast IP addresses. Table 8-3 Description of Configuring Global MVR Parameters Parameter...
Page 118 Configuration Guide L2 Multicast Configure one port: Click the drop-down list box to select the MVR role type of the port. Click the switch in the Fast Leave column to set whether the port enables the fast leave function. Table 8-4 Description of MVR Configuration Parameters of Ports Parameter Description...
Page 119: Configuring Multicast Group
Configuration Guide L2 Multicast Configuring Multicast Group Choose Local Device > L2 Multicast > Multicast Group. A multicast group consists of the destination ports, to which multicast packets are to be sent. Multicast packets are sent to all ports in the multicast group. You can view the Multicast List on the current page.
Page 120: Configuring A Port Filter
Configuration Guide L2 Multicast Parameter Description Default Value Multicast IP On-demand multicast IP address Address If the VLAN ID is a multicast VLAN and the multicast address is within the multicast IP address range of the MVR, the Protocol protocol is MVR. In other cases, the protocol is IGMP snooping.
Page 121: Configuring Profile
Configuration Guide L2 Multicast 8.6.1 Configuring Profile Choose Local Device > L2 Multicast > IGMP Filter > Profile List. Click Add to create a Profile. A profile is used to define a range of multicast groups that permit or deny user access for reference by other functions.
Page 122: Configuring A Range Of Multicast Groups For A Profile
Configuration Guide L2 Multicast Parameter Description Default Value DENY: Forbids demanding multicast IP addresses in a specified range. Behavior PERMIT: Only allows demanding multicast IP addresses in a specified range. Start Multicast IP address of the range of multicast group Start IP Address addresses End Multicast IP address of the range of multicast group...
Page 123: Setting An Igmp Querier
Configuration Guide L2 Multicast Table 8-7 Description of Port Filter Configuration Parameters Parameter Description Default Value Profile that takes effect on a port. If it is not set, no profile rule Profile ID is bound to the port. Maximum number of multicast groups that a port can join. If too much multicast traffic is requested concurrently, the Max Multicast multicast device will be severely burdened.
Page 124: Procedure
Configuration Guide L2 Multicast 8.7.2 Procedure Choose Local Device > L2 Multicast > Querier. One querier is set for each VLAN. The number of queriers is the same as that of device VLANs. In Querier List, click Edit in the Action column. In the displayed dialog box, select whether to enable the querier, set the querier version, querier source IP address, and packet query interval, and click OK.
Page 125 Configuration Guide L2 Multicast Parameter Description Default Value Query Interval Packet transmission interval, of which the value range is from 30 to 60 seconds (Sec) 18000, in seconds. Note  The querier version cannot be higher than the global IGMP version. When the global IGMP version is lowered, the querier version is lowered accordingly.
Page 126: L3 Multicast
Configuration Guide L3 Multicast L3 Multicast Caution This section is applicable only to NBS Series Switches that support L3 functions. Products that do not support L3 functions such as RG-NBS3100 Series Switches, RG-NBS3200 Series Switches, do not support the functions mentioned in this section. Overview Layer 3 multicast is a communication method that uses multicast addressing at the network layer for sending data.
Page 127: Configuring Pim
Configuration Guide L3 Multicast Parameter Description Default Value Incoming Interface receiving the multicast packets Interface When the router receives a multicast packet, it forwards the Outgoing multicast packet to the appropriate outgoing interface according to Interface the value in the Outgoing Interface field in the routing table. The TTL value is the duration for which a routing table entry remains valid.
Page 128: Viewing Pim Neighbor Table
Configuration Guide L3 Multicast 9.3.3 Viewing PIM Neighbor Table In the PIM protocol, routers discover neighboring routers and establish neighbor relationships through the exchange of Hello messages. Once a neighbor relationship is established between two PIM-enabled routers, they can exchange multicast information, including multicast group memberships and multicast forwarding states. By continuously updating and maintaining the PIM neighbor table, PIM-enabled routers are able to efficiently forward and process multicast packets based on the neighbor information, thereby achieving effective multicast communication.
Page 129: Configuring Rp
Configuration Guide L3 Multicast Configuring RP 9.4.1 Overview The Rendezvous Point (RP) is a crucial concept in the PIM protocol. In multicast communication, when a sender sends a multicast data packet, it needs to identify a specific point as the rendezvous point, from which multiple receivers can receive the multicast packet.
Page 130: Configuring Bsr
Configuration Guide L3 Multicast Table 9-3 Description of Candidate RP Configuration Parameters Parameter Description Default Value The priority determines which candidate RP will become the RP during the election process. The priority value ranges from 0 to 255, Priority where a smaller value indicates a higher priority. A candidate RP with a higher priority has a greater chance of being elected as the A candidate RP announces its presence and availability by sending PIM messages.
Page 131: Configuring Bsr
Configuration Guide L3 Multicast BSR serves as the management core of the PIM-SM domain, responsible for collecting and advertising RP information within the domain. BSR is elected by candidate BSRs. Note A PIM-SM domain can have only one BSR, but can have multiple candidate BSRs. 9.5.2 Configuring BSR >>Choose Local Device >...
Page 132: Enabling Igmp
Configuration Guide L3 Multicast 9.6.2 Enabling IGMP >>Choose Local Device > L3 Multicast > IGMP > IGMP-enabled Interface List. The IGMP-enabled Interface List page displays basic information of IGMP-enabled interfaces, including the interface and the IGMP version. Add: Click Add. The Select Interfaces pop-up window is displayed. On the pop-up window, select an interface on which IGMP will be enabled.
Page 133 Configuration Guide L3 Multicast...
Page 134: L3 Management
Configuration Guide L3 Management L3 Management Caution This section is applicable only to NBS Series Switches that support L3 functions. Products that do not support L3 functions such as RG-NBS3100 Series Switches, RG-NBS3200 Series Switches, do not support the functions mentioned in this section. 10.1 Setting an L3 Interface Choose Local Device >...
Page 135: Configuring The Ipv6 Address For The L3 Interface
Configuration Guide L3 Management Table 10-1 Description of Configuration Parameters of L3 Interfaces Parameter Description The type of a created L3 interface. It can be an SVI, routed port, or L3 aggregate port. For details, Port Type Table 4-1 Networking Specifies DHCP or static mode for a port to obtain the IP address.
Page 136 Configuration Guide L3 Management inside and outside the gateway. In addition, you need to add a mapping to enable access to the intranet devices from the Internet.  Design defect: IP addresses cannot be formed using network topology mapping, and a large-scale routing table is needed. ...
Page 137 Configuration Guide L3 Management  If no upstream DHCPv6 server is available to assign the IP address, configure the IPv6 information as follows: Table 10-2 IPv6 Address Configuration Parameters of the L3 Interface Parameter Description Obtain an IPv6 address If no upstream DHCPv6 server is available, do not select Auto Obtained IP. via DHCPv6 Instead, manually add the IPv6 address.
Page 138: Configuring The Dhcp Service
Configuration Guide L3 Management Parameter Description Length IPv6 addresses. If the primary IP address is empty, the configured secondary IP address is invalid. For manual configuration, the prefix length ranges from 1 to 128. For auto configuration, the prefix length ranges from 1 to 64. If the IPv6 prefix length of the L3 interface is between 48 and 64, this address can be assigned.
Page 139 Configuration Guide L3 Management Table 10-3 Description of DHCP Server Configuration Parameters Parameter Description DHCP Mode To choose DHCP server The DHCP server assigns the Start IP address automatically, which is the Start IP address of the DHCP address pool. A client obtains an IP address Start from the address pool.
Page 140: Viewing The Dhcp Client
Configuration Guide L3 Management Parameter Description inputting a single IP address or IP network segment, and add up to 20 address segments. The lease of the address, in minutes. Lease Time(Min): When a downlink client is connected, the leased IP address is automatically renewed. If a leased IP address is not renewed due to client disconnection or network Lease Time(Min) instability, the IP address will be reclaimed after the lease term expires.
Page 141: Configuring The Dhcp Server Options
Configuration Guide L3 Management Click Add. In the displayed static IP address binding dialog box, enter the MAC address and IP address of the client to be bound, and click OK. After a static IP address is bound, the bound IP address will be obtained each time the corresponding downlink client connects to the network.
Page 142: Configuring The Dhcpv6 Server
Configuration Guide L3 Management Table 10-4 Description of the DHCP Server Options Configuration Parameters Parameter Description DNS server address provided by an ISP. Multiple IP addresses can be entered and DNS Server separated by spaces. When the AC (wireless controller) and the AP are not in the same LAN, the AP cannot discover the AC through broadcast after obtaining an IP address from the Option 43 DHCP server.
Page 143 Configuration Guide L3 Management Compared with other IPv6 address assignment methods (such as manual configuration and stateless address autoconfiguration), DHCPv6 provides the functions of address assignment, Prefix Delegation (PD), and configuration parameter assignment.  DHCPv6 is both a stateful address autoconfiguration protocol and a stateless address configuration protocol. It supports flexible addition and reuse of network addresses, and can record the assigned addresses, thus enhancing network management.
Page 144: Viewing Dhcpv6 Clients
Configuration Guide L3 Management Table 10-5 IPv6 Address Configuration Parameters of the L3 Interface Parameter Description L3 Interfaces Select the L3 interface for which the DHCPv6 server needs to be added. If this parameter is set to Auto, both DHCPv6 and SLAAC are used to assign IPv6 Assignment IPv6 addresses.
Page 145 Configuration Guide L3 Management You can view the DHCPv6 client information on this page.
Page 146: Configuring The Ipv6 Neighbor List
Configuration Guide L3 Management 10.5 Configuring the IPv6 Neighbor List In IPv6, Neighbor Discovery Protocol (NDP) is an important basic protocol. NDP replaces the ARP and ICMP route discovery protocols of IPv4, and supports the following functions: address resolution, neighbor status tracking, duplicate address detection, router discovery, and redirection.
Page 147: Configuring A Static Arp Entry
Configuration Guide L3 Management 10.6 Configuring a Static ARP Entry Choose Local Device > L3 Interfaces > ARP List. The device learns the IP address and MAC address of the network devices connected to its interfaces and generates the corresponding ARP entries. Supports binding ARP mappings or manually specifying the IP address and MAC address mapping to prevent devices from learning wrong ARP entries and improve network security.
Page 148 Configuration Guide L3 Management To remove the binding between a static IP address and a MAC address, click Delete in the Action column.
Page 149: Configuring Route
Configuration Guide Configuring Route Configuring Route Caution This section is applicable only to NBS Series Switches that support L3 functions. Products that do not support L3 functions such as RG-NBS3100 Series Switches, RG-NBS3200 Series Switches, do not support the functions mentioned in this section. 11.1 Configuring Static Routes Choose Local Device >...
Page 150 Configuration Guide Configuring Route Table 11-1 Description of Static Routes Configuration Parameters Parameter Description Specify the destination network to which the data packet Dest IP Address is to be sent. The device matches the data packet based on the destination address and subnet mask. Specify the subnet mask of the destination network.
Page 151: Configuring The Ipv6 Static Route
Configuration Guide Configuring Route 11.2 Configuring the IPv6 Static Route Choose Local Device > Routing > IPv6 Static Routing. You need to manually configure an IPv6 static route. When the packet matches the static route, the packet will be forwarded according to the specified forwarding method. Caution The static route cannot automatically adapt to changes on the network topology.
Page 152: Configuring Rip
Configuration Guide Configuring Route Parameter Description address and prefix length. Outbound Interface Interface that forwards the packet. IP address of the next routing node to which the packet Next Hop is sent. 11.3 Configuring RIP Routing Information Protocol (RIP) is applicable to small and medium-sized networks and is a dynamic routing protocol that is easy to configure.
Page 153 Configuration Guide Configuring Route...
Page 154: Configuring The Rip Port
Configuration Guide Configuring Route Table 11-3 RIP Configuration Parameters Parameter Description Network Segment: Enable RIP in the specified network segment. The IP addresses of this network segment are added to the RIP routing table. The device and its RIP- enabled neighbor devices learn the routing table from each other. Type Port: Enable RIP on the specified port.
Page 155 Configuration Guide Configuring Route Table 11-4 Configuration Parameters in the Port List Parameter Description Port Name Name of the port where RIP is enabled. Rx Status RIP version of packets currently received. Tx Status RIP version of packets currently transmitted. After the port learns the route, the route overhead is set to 16 (indicating that Poison Reverse the route is unreachable), and the route is sent back to the neighbor from the...
Page 156: Configuring The Rip Global Configuration
Configuration Guide Configuring Route 11.3.3 Configuring the RIP Global Configuration Choose Local Device > Routing > RIP Settings > Advanced, click Edit Config, and configure RIP global configuration parameters.
Page 157: Configuring The Rip Route Redistribution List
Configuration Guide Configuring Route Table 11-5 RIP Global Configuration Parameters Parameter Description Default: Select RIPv2 for sending packets and RIPv1/v2 for receiving packets. RIP Version V1: Select RIPv1 for sending and receiving packets. V2: Select RIPv2 for sending and receiving packets. After route advertisement is enabled, the current device generates a default Route Advertisement route and sends it to the neighbor.
Page 158 Configuration Guide Configuring Route Table 11-6 RIP Route Redistribution Parameters Parameter Description Direct Routing Type OSPF Routing Static Routing A smaller administrative distance indicates a higher priority. The default value Administrative Distance is 0. The value ranges from 0 to 16. Select the instance ID of OSPF that needs to be redistributed.
Page 159: Configuring The Passive Interface
Configuration Guide Configuring Route 11.3.5 Configuring the Passive Interface If an interface is configured as a passive interface, it will suppress RIP update packets. If the connected peer device does not run RIP, you are advised to enable the passive interface. Choose Local Device >...
Page 160: Configuring The Neighbor Route
Configuration Guide Configuring Route 11.3.6 Configuring the Neighbor Route When the router cannot process broadcast packets, another router can be designated as the neighbor to establish a RIP direct link. Choose Local Device > Routing > RIP Settings > Advanced > Neighbor Route, click Add, and enter the IP address of the neighbor router.
Page 161: Configuring Ripng
Configuration Guide Configuring Route 11.4 Configuring RIPng 11.4.1 Configuring RIPng Basic Functions RIP Next Generation (RIPng) provides the routing function for IPv6 networks. RIPng uses UDP port 512 to exchange the routing information. Choose Local Device > Routing > RIPng Settings. Click Add, set Type to Network Segment or Port, and specify the network segment or port accordingly.
Page 162 Configuration Guide Configuring Route RIPng (Routing Information Protocol next generation) is a unicast routing protocol applied to IPv6 networks. Network Segment/Port List Enable RIPng in the specified network segment or on the specified port. If the address length is between 48 and 64, the address will be used as a prefix. Alternatively, enable RIPng on a specified port:...
Page 163: Configuring The Ripng Port
Configuration Guide Configuring Route Table 11-7 RIPng Configuration Parameters Parameter Description Network Segment: Enable RIP in the specified network segment. The IP addresses of this network segment are added to the RIP routing table, and the device and its RIP- enabled neighbor devices learn the routing table from each other.
Page 164: Configuring The Ripng Global Configuration
Configuration Guide Configuring Route 11.4.3 Configuring the RIPng Global Configuration Choose Local Device > Routing > RIPng Settings > Advanced > RIPng Global Config, and click Edit Config.
Page 165: Configuring The Ripng Route Redistribution List
Configuration Guide Configuring Route Table 11-8 RIPng Global Configuration Parameters Parameter Description After route advertisement is enabled, the current device generates a default Route Advertisement route and sends it to the neighbor. Redistribute routes of other protocols to the RIP domain so that RIP can Administrative Distance interwork with other routing domains.
Page 166: Configuring The Ripng Passive Interface
Configuration Guide Configuring Route Table 11-9 RIP Route Redistribution Parameters Parameter Description Direct Routing Type OSPF Routing Static Routing Value range: 0-16. The default value is 0. Administrative Distance 11.4.5 Configuring the RIPng Passive Interface If an interface is configured as a passive interface, it will suppress RIPng update packets. If the connected peer device does not run RIP, you are advised to enable the passive interface.
Page 167 Configuration Guide Configuring Route...
Page 168: Configuring The Ripng Aggregate Route
Configuration Guide Configuring Route 11.4.6 Configuring the RIPng Aggregate Route Choose Local Device > Routing > RIP Settings > Advanced > RIPng Aggregate Route, click Add, and enter the IPv6 address and prefix length (value range: 0–128). 11.5 OSPFv2 Open Shortest Path First (OSPF) can be applied to large-scale networks. IPv4 uses OSPFv2, and IPv6 uses OSPFv3.
Page 169 Configuration Guide Configuring Route (1) Configure an instance.
Page 170 Configuration Guide Configuring Route Table 11-10 Instance Configuration Parameters Parameter Description Create an OSPF instance based on the service type. Instance ID The instance only takes effect locally, and does not affect packet exchange with other devices. It identifies a router in an OSPF domain. Caution Router ID Router IDs within the same domain must be unique.
Page 171 Configuration Guide Configuring Route Parameter Description Redistribute routes of other protocols to the OSPF domain to interwork with other routing domains. If Static Route Redistribution is selected, enter the metric, which is 20 by default. Import External Route If Direct Route Redistribution is selected, enter the metric, which is 20 by default.
Page 172 Configuration Guide Configuring Route Table 11-11 Parameters in the Instance Detailed Configuration Parameter Description It is used for protocol selection. By default, the intra-area, inter-area, and external Distance distances are all 110. Frequent network changes and route flapping may occupy too much network bandwidth and device resources.
Page 173 Configuration Guide Configuring Route Table 11-12 Interface Configuration Parameters Parameter Description Interface Select the OSPF-enabled L3 interface. Area Configure the area ID. Value range: 0-4294967295 If Stub Area is enabled, you need to configure the area type and inter-area route isolation.
Page 174 Configuration Guide Configuring Route Table 11-13 Parameters in the Interface Detailed Configuration Parameter Description Priority It is 1 by default. Broadcast Unicast Network Type Multicast Non-Broadcast Multiple Access...
Page 175: Adding An Ospfv2 Interface
Configuration Guide Configuring Route Parameter Description Interval for periodic transmission, which is used to discover and maintain Hello Packets OSPF neighbor relationship. The default value is 10 seconds. Time after which the neighbor becomes invalid. The default value is 40 Dead Interval seconds.
Page 176 Configuration Guide Configuring Route...
Page 177: Redistributing Ospfv2 Instance Routes
Configuration Guide Configuring Route 11.5.3 Redistributing OSPFv2 Instance Routes Choose Local Device > Routing > OSPFv2, click More in the Action column, and select V2 Instance Route Redistribution.
Page 178: Managing Ospfv2 Stub Areas
Configuration Guide Configuring Route 11.5.4 Managing OSPFv2 Stub Areas Choose Local Device > Routing > OSPFv2, click More in the Action column, and select V2 Stub Area Management.
Page 179: Managing Ospfv2 Neighbors
Configuration Guide Configuring Route 11.5.5 Managing OSPFv2 Neighbors Choose Local Device > Routing > OSPFv2, click More in the Action column, and select V2 Neighbor Management. 11.5.6 Viewing OSPFv2 Neighbor Information Choose Local Device > Routing > OSPFv2, and click Neighbor Info in the Action column.
Page 180: Ospfv3
Configuration Guide Configuring Route 11.6 OSPFv3 Open Shortest Path First (OSPF) can be applied to large-scale networks. IPv4 uses OSPFv2, and IPv6 uses OSPFv3. 11.6.1 Configuring OSPFv3 Basic Parameters Choose Local Device > Routing > OSPFv3, click Start Setup, and then configure an instance and an interface respectively.
Page 181 Configuration Guide Configuring Route Table 11-14 Instance Configuration Parameters Parameter Description Create an OSPF instance based on the service type. Instance ID The instance only takes effect locally, and does not affect packet exchange with other devices. It identifies a router in an OSPF domain. Caution Router ID Router IDs within the same domain must be unique.
Page 182 Configuration Guide Configuring Route Parameter Description default. If RIP Redistribution is selected, enter the metric, which is 20 by default. Details Expand the detailed configuration.
Page 183 Configuration Guide Configuring Route Table 11-15 Parameters in the Instance Detailed Configuration Parameter Description It is used for protocol selection. By default, the intra-area, inter-area, and external Distance distances are all 110. Frequent network changes and route flapping may occupy too much network bandwidth and device resources.
Page 184 Configuration Guide Configuring Route Parameter Description Max Interval: When the calculated interval reaches the maximum interval, the subsequent interval is always equal to the maximum interval. If the time from the last calculation exceeds the maximum interval and the LSDB is not updated, the timer is disabled.
Page 185 Configuration Guide Configuring Route Table 11-16 Interface Configuration Parameters Parameter Description Interface Select the OSPF-enabled L3 interface. Area Configure the area ID. Value range: 0-4294967295 If Stub Area is enabled, you need to configure the area type and inter-area route isolation. Stub area: Routers at the edge of the area do not Stub Area advertise routes outside the area, and the routing...
Page 186 Configuration Guide Configuring Route...
Page 187 Configuration Guide Configuring Route Table 11-17 Parameters in the Interface Detailed Configuration Parameter Description Priority It is 1 by default. Broadcast Unicast Network Type Multicast Non-Broadcast Multiple Access Interval for periodic transmission, which is used to discover and Hello Packets maintain OSPF neighbor relationship.
Page 188 Configuration Guide Configuring Route Parameter Description key is encrypted through MD5 and transmitted together with the protocol message. SHA1 auth: Verifies the protocol message. The authentication secret key is encrypted through SHA1 and transmitted together with the protocol message. SHA256 auth: Verifies the protocol message. The authentication secret key is encrypted through SHA256 and transmitted together with the protocol message.
Page 189: Adding An Ospfv3 Interface
Configuration Guide Configuring Route 3. Complete the configuration. After completing the configuration, you can choose Local Device > Routing > OSPFv3 and view the instance list. 11.6.2 Adding an OSPFv3 Interface Choose Local Device > Routing > OSPFv3, click More in the Action column, and select V3 Interface.
Page 190: Managing Ospfv3 Stub Areas
Configuration Guide Configuring Route 11.6.3 Managing OSPFv3 Stub Areas Choose Local Device > Routing > OSPFv3, click More in the Action column, and select V3 Stub Area Management.
Page 191: Viewing Ospfv3 Neighbor Information
Configuration Guide Configuring Route 11.6.4 Viewing OSPFv3 Neighbor Information Choose Local Device > Routing > OSPFv3, and click Neighbor Info in the Action column. 11.7 Routing Table Info...
Page 192: Security
Configuration Guide Security Security 12.1 DHCP Snooping 12.1.1 Overview The Dynamic Host Configuration Protocol (DHCP) snooping function allows a device to snoop DHCP packets exchanged between clients and a server to record and monitor the IP address usage and filter out invalid DHCP packets, including request packets from the clients and response packets from the server.
Page 193 Configuration Guide Security Enabling DHCP Snooping on network switches can ensure that users can only obtain network configuration parameters from the DHCP server within the control range, and avoid a host on the original network obtaining an IP address assigned by an unauthorized router, so as to guarantee the stability of the network. (1) Click Enable to access the DHCP Snooping Config page.
Page 194 Configuration Guide Security (3) After the configuration is delivered, if you need to modify the effective range of the anti-private connection function, click Configure to reselect the switch that enables the anti-private connection in the topology. After the configuration is delivered, if you want to modify the effective range of the DHCP Snooping function, click Configure to select desired switches in the topology again.
Page 195: Storm Control
Configuration Guide Security 12.2 Storm Control 12.2.1 Overview When a local area network (LAN) has excess broadcast, multicast, or unknown unicast data flows, the network speed will slow down and packet transmission will have an increased timeout probability. This is called LAN storm, which may be caused by topology protocol execution errors or incorrect network configuration.
Page 196: Acl
Configuration Guide Security the configured kilobytes-per-second threshold, excess data flows are discarded until the rate falls within the threshold. 12.3 12.3.1 Overview An access control list (ACL) is commonly referred to as packet filter in some documents. An ACL defines a series of permit or deny rules and applies these rules to device interfaces to control packets sent to and from the interfaces, so as to enhance security of the network device.
Page 197 Configuration Guide Security Based on MAC address: To control the L2 packets entering/leaving the port, and deny or permit specific L2 packets destined to a network. Based on IP address: To control the Ipv4 packets entering/leaving a port, and deny or permit specific Ipv4 packets destined to a network.
Page 198 Configuration Guide Security Table 12-1 Description of ACL Rule Configuration Parameters Parameter Description Configuring ACL Rules Action Block: If packets match this rule, the packets are denied. Allow: If packets match this rule, the packets are permitted. Match IP protocol number The value ranges from 0 to 255. Check All to match all IP IP Protocol Number protocols.
Page 199: Applying Acl Rules
Configuration Guide Security 12.3.3 Applying ACL Rules Choose Local Device > Security > ACL > ACL List. Click Batch Add or Edit in the Action column, select the desired MAC ACL and IP ACL for ports, and click OK. Note Currently, ACLs can be applied only in the inbound direction of ports, that is, to filter incoming packets.
Page 200: Port Protection
Configuration Guide Security 12.4 Port Protection Choose Local Device > Security > Port Protection. In some scenarios, it is required that communication be disabled between some ports on the device. For this purpose, you can configure some ports as protected ports. Ports that enable port protection (protected ports) cannot communicate with each other, users on different ports are L2-isolated.
Page 201: Procedure
Configuration Guide Security 12.5.2 Procedure Choose Local Device > Security > IP-MAC Binding. 1. Adding an IP-MAC Binding Entry Click Add, select the desired port, enter the IP address and MAC address to be bound, and click OK. At least one of the IP address and MAC address needs to be entered.
Page 202: Ip Source Guard
Configuration Guide Security 3. Deleting an IP-MAC Binding Entry Batch Configure: In IP-MAC Binding List, select an entry to be deleted and click Delete Selected. In the displayed dialog box, click OK. Delete one binding entry: click Delete in the Action column of the entry in the list. In the displayed dialog box, click OK.
Page 203: Enabling Port Ip Source Guard
Configuration Guide Security The search box in the upper-right corner supports finding the specified entry in Binding List based on IP addresses, MAC addresses, VLANs or ports. Click the drop-down list box to select the search type, enter the search string, and click Search. 12.6.3 Enabling Port IP Source Guard Choose Local Device >...
Page 204: Configuring Exceptional Vlan Addresses
Configuration Guide Security 12.6.4 Configuring Exceptional VLAN Addresses Choose Local Device > Security > IP Source Guard > Excluded VLAN. When IP Source Guard is enabled on an interface, it is effective to all the virtual local area networks (VLANs) under the interface by default.
Page 205: Configure 802.1X Authentication
Configuration Guide Security 12.7 Configure 802.1x authentication 12.7.1 Function introduction IEEE802.1x (Port-Based Network Access Control) is a port-based network access control standard that provides secure access services for LANs. IEEE 802 LAN, as long as users can connect to network devices, they can directly access network resources without authentication and authorization.
Page 206: Configuration 802.1X
Configuration Guide Security  The client is generally a user terminal device, and the user can initiate 802.1X authentication by starting the client software. The client must support the Extensible Authentication Protocol over LANs (EAPoL).  AP or switching device) that supports the 802.1x protocol. It provides a port for the client to access the LAN.
Page 207 Configuration Guide Security parameter Description If the server disconnection is detected, all users will be allowed to access Server Escape the Internet Require clients to re-authenticate at certain intervals to ensure network Re-authentication security Guest VLAN Provide a VLAN for unauthenticated clients to restrict their access EAP-Request Packet Define the number of times the EAP request message will be Retransmission Count...
Page 208 Configuration Guide Security Reference without parameter Description translation Server group name Server group name Server IP server address Radius server address. The port number used for accessing user Auth Port authentication port authentication on the Radius server. The port number used to access the accounting Accounting Port billing port process on the Radius server.
Page 209 Configuration Guide Security Parameter Description Configure the interval for the device to send request packets before Packet Retransmission Interval confirming that there is no response from RADIUS Configure the number of times the device sends request packets Packet Retransmission Count before confirming that there is no response from RADIUS If this function is enabled, you need to set "Server Detection Period", "Server Detection Times"...
Page 210 Configuration Guide Security parameter Description 802.1x Authentication When enabled, the selected interface will enable 8.02.1x authentication. disable: Turn off the authentication method, which has the same effect as turning off the 802.1x authentication switch force-auth: Mandatory authentication, the client can directly access the Internet without a password Auth Method force-unauth: force no authentication, the client cannot authenticate and...
Page 211: View The List Of Wired Authentication Users
Configuration Guide Security parameter Description Product Difference Description The value range of NBS3100 series switches is 1-256, and other switches are 1-1000 12.7.3 View the list of wired authentication users 8.02.1x function is configured on the entire network and a terminal is authenticated and connected to the network, you can view the list of authenticated users.
Page 212 Configuration Guide Security 2. Disabling Anti-ARP Spoofing Batch disable: Select an entry to be deleted in the list and click Delete Selected. Disable one port: click Delete in the Action column of the corresponding entry.
Page 213: Advanced Configuration
Configuration Guide Advanced Configuration Advanced Configuration 13.1 STP (Spanning Tree Protocol) is an L2 management protocol that eliminates L2 loops by selectively blocking redundant links on the network. It also provides the link backup function. 13.1.1 STP Global Settings Choose Local Device > Advanced > STP > STP. (1) Click to enable the STP function, and click OK in the displayed box.
Page 214: Applying Stp To A Port
Configuration Guide Advanced Configuration Table 13-1 Description of STP Global Configuration Parameters Default Parameter Description Value Whether to enable the STP function. It takes effect globally. STP attributes Disable can be configured only after STP is enabled. Bridge priority. The device compares the bridge priority first during root Priority 32768 bridge selection.
Page 215 Configuration Guide Advanced Configuration Table 13-2 Description of STP Configuration Parameters of Ports Default Parameter Description Value Root: A port with the shortest path to the root Alternate: A backup port of a root port. Once the root port fails, the alternate port becomes the root port immediately.
Page 216 Configuration Guide Advanced Configuration Default Parameter Description Value Disable: The port is closed manually or due to a fault, does not participate in spanning tree and does not forward data, and can be turned into a blocking state after initialization or opening. Blocking: A port in the blocking state cannot forward data packets or learn addresses, but can send or receive configuration BPDUs and send them to the CPU.
Page 217: Lldp
Configuration Guide Advanced Configuration Note  It is recommended to enable Port Fast on the port connected to a PC.  A port switches to the forwarding state after STP is enabled more than 30 seconds. Therefore transient disconnection may occur and packets cannot be forwarded. 13.2 LLDP 13.2.1...
Page 218: Applying Lldp To A Port
Configuration Guide Advanced Configuration Parameter Description Default Value TTL multiplier of LLDP In LLDP packets, TTL TLV indicates the TTL of local information on a neighbor. The value of TTL TLV is calculated using the following Hold Multiplier formula: TTL TLV = TTL multiplier x Packet transmission interval + 1. The TTL TLV value can be modified by configuring the TTL multiplier and LLDP packet transmission interval.
Page 219: Displaying Lldp Information
Configuration Guide Advanced Configuration Send LLDPDU: After Send LLDPDU is enabled on a port, the port can send LLDPDUs. Receive LLDPDU: After Receive LLDPDU is enabled on a port, the port can receive LLDPDUs. LLDPMED: After LLDPMED is enabled, the device is capable of discovering neighbors when its peer endpoint supports LLDP-MED (the Link Layer Discovery Protocol-Media Endpoint Discovery).
Page 220: Rldp
Configuration Guide Advanced Configuration 13.3 RLDP 13.3.1 Overview The Rapid Link Detection Protocol (RLDP) is an Ethernet link failure detection protocol, which is used to rapidly detect unidirectional link failures, bidirectional link failures, and downlink loop failures. When a failure is found, RLDP automatically shuts down relevant ports or asks users to manually shut down the ports according to the configured failure handling methods, to avoid wrong forwarding of traffic or Ethernet L2 loops.
Page 221: Standalone Device Configuration
Configuration Guide Advanced Configuration 13.3.2 Standalone Device Configuration 1. RLDP Global Settings Choose Local Device > Advanced > RLDP > RLDP Settings. (1) Enable the RLDP function and click OK in the displayed dialog box. The RLDP function is disabled by default. (2) Configure RLDP global parameters and click Save.
Page 222 Configuration Guide Advanced Configuration  Block: After alerting the fault, set the faulty port not to forward the received packets  Shutdown port: After alerting the fault, shutdown the port. Caution  When RLDP is applied to an aggregate port, the Action can only be set to Warning and Shutdown. ...
Page 223: Batch Configuring Network Switches
Configuration Guide Advanced Configuration 13.3.3 Batch Configuring Network Switches Choose Network-Wide > Workspace > Wired > RLDP (1) Click Enable to access the RLDP Config page. (2) On the networking topology, you can select the access switches on which you want to enable RLDP in either recommended or custom mode.
Page 224 Configuration Guide Advanced Configuration (3) After the configuration is delivered, if you want to modify the effective range of the RLDP function, click Configure to select desired switches in the topology again. Turn off RLDP to disable RLDP on all the switches with one click.
Page 225: Erps
Configuration Guide Advanced Configuration 13.4 ERPS Note  RG-NIS3100, RG-NBS3100, RG-NBS3200, RG-NBS5100, RG-NBS5200, and RG-NBS5300 series switches running ReyeeOS 2.280.0.1621 or later support ERPS.  RG-NBS6000 and RG-NBS7000 series switches running ReyeeOS 2.280.0.1718 or later support ERPS. 13.4.1 Overview Ethernet Ring Protection Switching (ERPS), also known as G.8032, is a ring protection protocol developed by the International Telecommunication Union (ITU).
Page 226: Basic Model Of An Ethernet Ring
Configuration Guide Advanced Configuration  Control VLAN: Also known as the Ring Auto Protection Switching VLAN (R-APS VLAN) for transmitting ERPS protocol packets. On a device, the ports connecting to an ERPS ring belong to a control VLAN, and only such ports can be added to a control VLAN.
Page 227 Configuration Guide Advanced Configuration In practice, a network is a combination of multiple basic topologies, with multiple major rings and multiple subrings. 3. Node According to the different topological relationships between nodes and Ethernet rings, nodes are classified into single-ring nodes, tangent nodes, and intersecting nodes by role. ...
Page 228: Rpl And Nodes
Configuration Guide Advanced Configuration 13.4.4 RPL and Nodes An Ethernet ring can be in either of the following two states regardless of whether it is a major ring or subring:  Idle state: The physical links in the entire ring network are connected. ...
Page 229: Erps Packet
Configuration Guide Advanced Configuration Figure 13-3 Typical Topology of Intersecting Rings RPL owner for ERPS4 G0/1 G0/2 Node 1 Node 7 Node 4 Node 6 G0/5 G0/5 ERPS4 G0/1 G0/2 G0/1 G0/4 G0/1 RPL owner for ERPS3 RPL owner ERPS3 G0/2 G0/3 G0/2...
Page 230: Ring Protection
Configuration Guide Advanced Configuration device detects that a link failure is cleared, it sends link recovery packets and starts the Guard timer. Before the timer expires, all packets except Flush packets indicating a subring topology change will be discarded.  WTR timer: The timer is effective only for RPL owner nodes.
Page 231 Configuration Guide Advanced Configuration Figure 13-4 Adding an ERPS Ring Table 13-6 Parameter Description Default Parameter Description Value Specifies the ID of an ERPS instance. Control VLAN It is used to forward ERPS protocol packets. Indicates the type of the ERPS ring. The ring can be a major ring or Type a sub ring.
Page 232 Configuration Guide Advanced Configuration The values of a port role include: NORMAL: Indicates a normal node. RPL OWNER: Indicates an RPL owner node. RPL NEIGHBOR: Indicates an RPL neighbor node. Sub Ring VLAN Specifies the control VLAN of a sub ring. WTR Timer Specifies the interval of the WTR timer.
Page 233: Erps Typical Configuration Examples
Configuration Guide Advanced Configuration Figure 13-6 Link Switch Table 13-7 Parameter Description Parameter Description Default Value Specifies the ID of an ERPS instance. Specifies the port in the ERPS ring. The values include West Port Port and East Port. Specifies the link state of the selected port. The values include Clear and Block.
Page 234 Configuration Guide Advanced Configuration Topology 3. Notes To prevent loops, configure ERPS before performing cable connections. For an ERPS ring, only one interface can be the RPL Owner, and its peer interface must be the RPL Neighbor. 4. Procedure (1) Choose Network-Wide > Workspace > Wired > ERPS Ring to access the ERPS Ring configuration page. (2) Click +Add on the page to add an ERPS ring.
Page 235 Configuration Guide Advanced Configuration (3) As shown in the following figure, set the ERPS ring parameters (only ID and Control VLAN are mandatory, and should be configured according to the user's network setup. Other parameters can be left at their default values).
Page 236 Configuration Guide Advanced Configuration (4) As shown in the following figure, select a device for the ERPS ring, set the Gi5 to RPL OWNER, and Gi6 to NORMAL. Click Next. (5) As shown in the following figure, click Save to save the configuration. (6) As shown in the following figure, choose Network-Wide >...
Page 237 Configuration Guide Advanced Configuration (7) As shown in the following figure, click Next to access the ERPS Ring Configuration page. (8) As shown in the following figure, add the remaining devices on the ERPS Ring Configuration page. Select the optical ports on the devices and configure the interfaces connected to the RPL OWNER as RPL NEIGHBOR, following the example of Gi52 in the figure below.
Page 238 Configuration Guide Advanced Configuration (9) As shown in the following figure, click Save to apply all configurations.
Page 239: Qos
Configuration Guide Advanced Configuration (10) As shown in the figure below, after all cables are connected according to the topology, the devices will automatically form an ERPS ring. 13.5 Note  RG-NIS3100, RG-NBS3100, RG-NBS3200, RG-NBS5100, RG-NBS5200, and RG-NBS5300 series switches running ReyeeOS 2.280.0.1621 or later support QoS. ...
Page 240: Principles
Configuration Guide Advanced Configuration 13.5.2 Principles 1. Basic Concepts  DiffServ model The differentiated services (DiffServ) model classifies all packets transmitted on a network into different types. The classification information related to QoS priority marking is recorded in some fields of L2 or L3 packets, for example, the PRI field of IEEE 802.1Q frames, type of service (ToS) field of IPv4 packets, traffic class (TC) field of IPv6 packets, and the MPLS experimental bits (EXP) field of multiprotocol label switching (MPLS) packets.
Page 241 Configuration Guide Advanced Configuration IPv4 packets use the ToS field in the IP header to indicate the priority of the packets, as shown in Figure 13-9. Figure 13-9 ToS Field in the IP Header 6 bits DSCP Precedence 8 bits Header Version Type of Service...
Page 242 Configuration Guide Advanced Configuration Table 13-8 Interface Trust Mode and Priority Mapping Trust Mode Priority Mapping The device does not trust any priority information carr ed in the packet. A packet received by the interface is assigned to a queue based on the 802.1p-queue mapping table using the 802.1p value (interface priority) configured for the interface.
Page 243: Configuring Qos
Configuration Guide Advanced Configuration  SP scheduling policy In strict-priority (SP) scheduling, packets are scheduled strictly based on their queue priorities from high to low (a larger queue ID indicates a higher priority). Before sending a packet, check whether there is a packet to be sent in a high-priority queue.
Page 244 Configuration Guide Advanced Configuration Table 13-9 Global Configuration Parameter Description Default Parameter Description Value Priority designations of an inbound packet: Untrusted Mode: The device does not trust any priority information carried in the packet, and uses the interface priority as the 802.1p value of the packet.
Page 245 Configuration Guide Advanced Configuration Default Parameter Description Value An output queue mapping table, which contains the mappings between the queue ID and the DSCP value. The DSCP value of packets in the output As shown Queue-DSCP queue is re-marked based on the mapping. For example, if the queue ID is inTable Mapping Table 0, and the mapped DSCP value is 8, then the DSCP value of packets in...
Page 246 Configuration Guide Advanced Configuration DSCP Value Queue ID 56–63 Table 13-12 Default Queue–802.1p Mapping Table of the Device Queue ID 802.1p Value After Remarking Table 13-13 Default Queue-DSCP Mapping Table of the Device Queue ID DSCP Value After Re-marking Port Settings In local device mode, choose Advanced >...
Page 247 Configuration Guide Advanced Configuration Table 13-14 Port Configuration Parameter Description Default Parameter Description Value Interface priority. When the device is in untrusted mode, packets are Priority assigned to a queue based on this priority, which is equivalent to the 802.1p value of a packet. Priority designations of an inbound packet: Disable: The device does not trust any priority information carried in the packet, and uses the interface priority as the 802.1p value of the packet.
Page 248: Configuring The Local Dns
Configuration Guide Advanced Configuration Enable: The 802.1p value of packets in the queue is re-marked based on the Queue-802.1p Mapping Table. 802.1p Remarking Enable Disable: The device does not re-mark the 802.1p value of packets in the queue based on the Queue-802.1p Mapping Table, and marks the priority of the outgoing packets based on the priority of the input queue.
Page 249: Voice Vlan
Configuration Guide Advanced Configuration 13.7 Voice VLAN 13.7.1 Overview A voice virtual local area network (VLAN) is a VLAN dedicated to voice traffic of users. By creating a voice VLAN and adding ports connected to voice devices to the voice VLAN, you can have voice data transmitted in the voice VLAN and deliver specified policy of the quality of service (QoS) for voice streams, to improve the transmission priority of voice traffic and ensure the call quality.
Page 250: Configuring A Voice Vlan Oui
Configuration Guide Advanced Configuration Table 13-16 Description of VLAN Global Configuration Parameters Parameter Description Default Value Voice VLAN Whether to enable the Voice VLAN function Disable VLAN VLAN ID as Voice VLAN Aging time of voice VLAN, in minutes. In automatic mode, after the MAC address in a voice packet ages, if the port does not receive any Max Age 1440 minutes...
Page 251: Configuring The Voice Vlan Function On A Port
Configuration Guide Advanced Configuration 13.7.4 Configuring the Voice VLAN Function on a Port Choose Local Device > Advanced > Voice VLAN > Port Settings. Click Edit in the port entry or click Batch Edit on the upper -right corner. In the displayed dialog box, select whether to enable the voice VLAN function on the port, voice VLAN mode to be applied, and whether to enable the security mode, and Click OK.
Page 252 Configuration Guide Advanced Configuration Table 13-17 Description of the Voice VLAN Configuration Parameters on a Port Parameter Description Default Value Based on different ways the Voice VLAN function is enabled on the port, the Voice VLAN Mode can be Auto Mode or Manual Mode: Auto Mode: In this mode, the device checks whether the permit VLANs of a port contain the voice VLAN after the voice VLAN function is enabled on the port.
Page 253: Configuring Smart Hot Standby (Vcs)
Configuration Guide Advanced Configuration  After the voice VLAN function is enabled on a port, do not switch the L2 mode (trunk or access mode) of the port to ensure normal operation of the function. If you need to switch the L2 mode of the port, disable the voice VLAN function on the port first.
Page 254: Active/Standby Switchover
Configuration Guide Advanced Configuration 13.8.3 Active/Standby Switchover Active/Standby Switchover allow manual switching between the active and standby supervisor engines. Clicking the Switch button will restart the supervisor engine. Please exercise caution.
Page 255: Diagnostics
Configuration Guide Diagnostics Diagnostics 14.1 Info Center Choose Local Device > Diagnostics > Info Center. In Info Center, you can view port traffic, VLAN information, routing information, client list, ARP list, MAC address, DHCP snooping, IP-MAC binding, IP Source Guard, and CPP statistics of the device and relevant configurations. 14.1.1 Port Info Choose Local Device >...
Page 256: Vlan Info
Configuration Guide Diagnostics 14.1.2 VLAN Info Choose Local Device > Diagnostics > Info Center > VLAN Info. Display SVI port and routed port information, including the port information included in the VLAN, the port IP address, and whether the DHCP address pool is enabled. Note ...
Page 257: Dhcp Clients
Configuration Guide Diagnostics Note To set up static routes, see 6.3. 14.1.4 DHCP Clients Caution If the device does not support L3 functions (such as RG-NBS3100 Series and RG-NBS3200 Series Switches), this type of information is not displayed. Choose Local Device > Diagnostics > Info Center > DHCP Clients. Displays the IP address information assigned to endpoints by the device as a DHCP server.
Page 258: Mac Address
Configuration Guide Diagnostics 14.1.6 MAC Address Choose Local Device > Diagnostics > Info Center > MAC. Displays the MAC address information of the device, including the static MAC address manually configured by the user, the filtering MAC address, and the dynamic MAC address automatically learned by the device. Note To configure and manage the MAC address, see 3.3.
Page 259: Ip-Mac Binding
Configuration Guide Diagnostics 14.1.8 IP-MAC Binding Choose Local Device > Diagnostics > Info Center > IP-MAC Binding. Displays the configured IP-MAC binding entries. The device checks whether the source IP addresses and source MAC addresses of IP packets match those configured for the device and filters out IP packets not matching the binding.
Page 260: Poe
Configuration Guide Diagnostics 14.1.10 Caution Only PoE switches (model name containing –P, -LP, -HP, and -UP) support this function. Choose Local Device > Diagnostics > Info Center > PoE. 14.1.11 CPP Info Choose Local Device > Diagnostics > Info Center > CPP. Displays the current total CPU bandwidth and statistics of various packet types, including the bandwidth, current rate, and total number of packets.
Page 261: Network Tools
Configuration Guide Diagnostics 14.2 Network Tools The Network Tools page provides three tools to detect the network status: Ping, Traceroute, and DNS Lookup. 14.2.1 Ping Choose Local Device > Diagnostics > Network Tools. The Ping command is used to detect the network connectivity. Select Ping as the diagnosis mode, enter the destination IP address or website address, configure the ping count and packet size, and click Start to test the network connectivity between the device and the IP address or website.
Page 262: Traceroute
Configuration Guide Diagnostics 14.2.2 Traceroute Choose Local Device > Diagnostics > Network Tools. The Traceroute function is used to identify the network path from one device to another. On a simple network, the network path may pass through only one routing node or none at all. On a complex network, packets may pass through dozens of routing nodes before reaching their destination.
Page 263: Dns Lookup
Configuration Guide Diagnostics 14.2.3 DNS Lookup Choose Local Device > Diagnostics > Network Tools. DNS Lookup is used to query the information of network domain name or diagnose DNS server problems. If the device can ping through the IP address of the Internet from your web page but the browser cannot open the web page, you can use the DNS lookup function to check whether domain name resolution is normal.
Page 264: Fault Collection
Configuration Guide Diagnostics 14.3 Fault Collection Choose Local Device > Diagnostics > Fault Collection. When an unknown fault occurs on the device, you can collect fault information by one click on this page. Click Start. The configuration files of the device will be packed into a compressed file. Download the compressed file locally and provide it to R&D personnel for fault locating.
Page 265: System Logs
Configuration Guide Diagnostics Caution  The SPF port does not support the function.  If a detected port contains an uplink port, the network may be intermittently disconnected. Exercise caution when performing this operation. 14.5 System Logs Choose Local Device > Diagnostics > System Logs. System logs record device operations, operation time, and operation modules.
Page 266 Configuration Guide Diagnostics Displays possible problems on the network environment to facilitate fault prevention and troubleshooting. You can view the alert occurrence time, port, alert impact, and handling suggestions, and rectify device faults according to handling suggestions. All types of alerts are concerned by default. You can click Unfollow to unfollow this type of alert. The system will no longer display this type of alert.
Page 267 Configuration Guide Diagnostics Alert Type Description Support Description function. (The device models are marked with "-P".) It is applicable only to NBS Series Switches that support the PoE The total PoE power of the device is The total PoE power is function.
Page 268: System Configuration
Configuration Guide System Configuration System Configuration 15.1 Setting the System Time Choose Local Device > System > System Time. You can view the current system time. If the time is incorrect, check and select the local time zone. If the time zone is correct but time is still incorrect, click Edit to manually set the time.
Page 269: Setting The Session Timeout Duration
Configuration Guide System Configuration Enter the old password and new password. After saving the configuration, use the new password to log in. Caution When self-organizing network discovery is enabled, the login password of all devices on the network will be changed synchronously.
Page 270: Global Configuration
Configuration Guide System Configuration 15.4.2 Global Configuration 1. Overview The purpose of global configuration is to enable the SNMP service and make the SNMP protocol version (v1/v2c/v3) take effect, so as to achieve basic configuration of local port, device location, and contact information. SNMP v1: As the earliest version of SNMP, SNMP v1 has poor security, and only supports simple community string authentication.
Page 271: View/Group/Community/Client Access Control
Configuration Guide System Configuration Table 15-1 Global Configuration Parameters Parameter Description SNMP Server Indicates whether SNMP service is enabled. SNMP Version Indicates the SNMP protocol version, including v1, v2c, and v3 versions. Local Port The port range is 1 to 65535. 1-64 characters.
Page 272 Configuration Guide System Configuration A view can have multiple subtrees. The management system can only access MIB nodes in these subtrees, and cannot access other unauthorized MIB nodes. This can prevent unauthorized system administrators from accessing sensitive MIB nodes, thereby protecting the security of network devices. Moreover, views can also improve the efficiency of network management and speed up the response from the management system.
Page 273 Configuration Guide System Configuration Parameter Description Excluded rules allow access to all OIDs except those in the OID range. Click Add Excluded Rule to configure this type of view. Note At least one OID rule must be configured for a view. Otherwise, an alarm message will appear. (1) Click OK.
Page 274 Configuration Guide System Configuration (2) Add a v1/v2c user. Table 15-3 v1/v2c User Configuration Parameters Parameter Description At least 8 characters. It must contain at least three character categories, including uppercase and lowercase letters, digits, and special characters. Community Name Admin, public or private community names are not allowed.
Page 275 Configuration Guide System Configuration 3. Configuring v3 Groups  Overview SNMP v3 introduces the concept of grouping to achieve better security and access control. A group is a group of SNMP users with the same security policies and access control settings. With SNMP v3, multiple groups can be configured, each with its own security policies and access control settings.
Page 276 Configuration Guide System Configuration Table 15-4 v3 Group Configuration Parameters Parameter Description Indicates the name of the group. 1-32 characters. Group Name Chinese characters, full-width characters, question marks, and spaces are not allowed. Indicates the minimum security level (authentication and encryption, Security Level authentication but no encryption, no authentication and encryption) of the group.
Page 277 Configuration Guide System Configuration Note Select the SNMP protocol version, and click Save. The corresponding configuration options will appear on the View/Group/Community/User Access Control page.  Configuration Steps Choose Local Device > System > SNMP > View/Group/Community/Client Access Control (2) Click Add in the SNMP v3 Client List pane to add a v3 user. (3) Configure v3 user parameters.
Page 278: Snmp Service Typical Configuration Examples
Configuration Guide System Configuration Parameter Description Group Name Indicates the group to which the user belongs. Indicates the security level (authentication and encryption, authentication Security Level but no encryption, and no authentication and encryption) of the user. Authentication protocols supported: MD5/SHA/SHA224/SHA256/SHA384/SHA512.
Page 279 Configuration Guide System Configuration Item Description "system". For SNMP v2c, the custom community name is "public", and the default Version port number is 161. Read & write permission Read-only permission.  Configuration Steps (1) Choose Local Device > System > SNMP > Global Config, select v2c and set other settings as default. Then, click Save.
Page 280 Configuration Guide System Configuration (2) Click Add in the SNMP v1/v2c community name list, fill in the community name, access mode and view in the pop-up window, and click OK after the operation is completed. 2. v3 version SNMP service configuration ...
Page 281 Configuration Guide System Configuration According to the user's application scenario, the requirements are shown in the following table: Table 15-7 User Requirements Description Form Item Description Included rule: the OID is .1.3.6.1.2.1, and the custom view name is View range "public_view".
Page 282 Configuration Guide System Configuration Click Add in the View List pane. Enter the view name and OID in the pop-up window, and click Add Included Rule. Click OK. (3) Click Add in the SNMP v3 group list, fill in the group name and security level in the pop-up window, the user has read and write permissions, select "public _view"...
Page 283: Trap Service Configuration
Configuration Guide System Configuration (4) Click Add in the SNMP v3 user list, fill in the user name and group name in the pop-up window, the user security level adopts authentication and encryption mode, fill in the corresponding authentication protocol, authentication password, encryption protocol, and encryption password, and click OK.
Page 284 Configuration Guide System Configuration performance reports, configuration reports and security management. Trap can provide real-time network monitoring and fault diagnosis to help administrators find and solve network problems in time. 1. Trap open settings Enable the trap service and select the effective trap protocol version, including v1, v2c, and v3. Choose Local Device >...
Page 285 Configuration Guide System Configuration  Prerequisites When the trap service version selects v1 or v2c, a trap v1v2c user needs to be created.  Configuration Steps Choose Local Device > System > SNMP > Trap setting. (1) Click Add in the Trap v1v2c User list to create a trap v1v2c user. (2) Configure trap v1v2c user-related parameters.
Page 286 Configuration Guide System Configuration Parameter Description Question marks, spaces, and Chinese characters are not allowed. Note  The destination host IP address of trap v1/ v1/v2c users cannot be the same.  Community names of trap v1/ v1/v2c users cannot be the same. (3) Click OK.
Page 287: Typical Configuration Examples Of The Trap Service
Configuration Guide System Configuration Table 15-9 trap v3 user information description table Parameter Description Dest Host IP IP address of the trap peer device. An IPv4 or IPv6 address is supported. Port ID The port range of the trap peer device is 1 to 65535. Name of the trap v3 user.
Page 288 Configuration Guide System Configuration destination ip 1 92.1 68.110.85 and port number 1 66, so that the device sends a trap of the v2c version in case of an exception.  Configuration Specification According to the analysis of the user's usage scenario, the requirements are shown in the table: Table 15-10 User Requirements Description Form Item...
Page 289 Configuration Guide System Configuration 2. V3 version trap configuration  Application Scenarios When the user is monitoring the device, if the device is suddenly interrupted or abnormal, the third-party monitoring software cannot detect and deal with the abnormal situation in time, and the device with the destination ip of 1 92.1 68.110.87 and the port number of 1 67 is configured, and use the more secure v3 version to send traps.
Page 290: Configuration Backup And Import
Configuration Guide System Configuration (2) Click Add in the trap v3 user list. (3) Fill in the target host IP, port number, user name and other information, and click OK after the configuration is complete. 15.5 Configuration Backup and Import Choose Local Device >...
Page 291: Reset
Configuration Guide System Configuration 15.6 Reset 15.6.1 Resetting the Device Choose Local Device > System > Management > Reset. Click Reset, and click OK to restore factory settings. Caution Resetting the device will clear current settings and reboot the device. If a useful configuration exists in the current system, you can export the current configuration (see 10.4) before restoring the factory settings.
Page 292: Rebooting The Device
Configuration Guide System Configuration Caution Resetting the network will clear current settings of all devices on the network and reboot the devices. Exercise caution when performing this operation. 15.7 Rebooting the Device 15.7.1 Rebooting the Device Choose Self-Organizing Mode > Network > System > Management > Reset. Choose Standalone Mode >...
Page 293: Rebooting Specified Devices On The Network
Configuration Guide System Configuration Caution It will take some time for the network to reboot, please be patient. The network operation will affect the entire network. Therefore, exercise caution when performing this operation. 15.7.3 Rebooting Specified Devices on the Network Choose Network >...
Page 294: Upgrade
Configuration Guide System Configuration Choose Self-Organizing Mode > Network > System> Scheduled Reboot. Choose Standalone Mode > System > Scheduled Reboot. Click Enable, and select the date and time of scheduled reboot every week. Click Save. When the system time matches the scheduled reboot time, the device will restart.
Page 295: Local Upgrade
Additionally, it also offers various components such as real-name authentication, dedicated Wi-Fi, and passenger flow analysis, allowing for flexible expansion of network services. By configuring Cloud Service, you can conveniently mange networks through Ruijie Cloud or the Ruijie Reyee app.
Page 296: Configuration Steps
If the device is not currently associated with a cloud account, simply follow the on-screen instructions to add it to the network. Open up the Ruijie Reyee app, click the scan icon at the upper left corner on the Project page, and enter the device's management password.
Page 297: Unbinding Cloud Service
Configuration Guide System Configuration To change the Cloud Service configurations, select the cloud server from the Cloud Server drop-down list, enter the domain name and IP address, and click Save. Note If the server selected is not Other Cloud, the system automatically fills in the domain name and IP address of the cloud server.

This manual is also suitable for:

Reyee nis3100 series Reyee rg-nbs3100-8gt2sfp Reyee rg-nbs3100-8gt2sfp-p Reyee rg-nbs3100-24gt4sfp Reyee rg-nbs3100-24gt4sfp-p Reyee rg-nbs3100-48gt4sfp ... Show all

Ruijie Reyee RG-NBS Series Configuration Manual

Quick Links

Need help?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for Ruijie Reyee RG-NBS Series

Summary of Contents for Ruijie Reyee RG-NBS Series