Page 1 GS108T and GS110TP Smart Switch Software Administration Manual NETGEAR, Inc. 350 E. Plumeria Drive San Jose CA 95134 USA 202-10603-02 April 2010...
Page 2: Technical Support
In the interest of improving internal design, operational function, and/or reliability, NETGEAR reserves the right to make changes to the products described in this document without notice. NETGEAR does not assume any liability that may occur due to the use or application of the product(s) or circuit layout(s) described herein.
Page 3 Voluntary Control Council for Interference (VCCI) Statement This equipment is in the Class B category (information equipment to be used in a residential area or an adjacent area thereto) and conforms to the standards set by the Voluntary Control Council for Interference by Data Processing Equipment and Electronic Office Machines aimed at preventing radio interference in such residential areas.
Page 4 v1.0, April 2010...
Page 5: Table Of Contents
Contents GS108T and GS110TP Smart Switch Software Administration Manual About This Manual Audience ........................... xi Organization ........................xi Conventions, Formats and Scope ................... xii How to Print this Manual ....................xiv Revision History ......................xiv Chapter 1 Getting Started Switch Management Interface ..................1-1 Connecting the Switch to the Network ................1-2 Switch Discovery in a Network with a DHCP Server ............1-3 Switch Discovery in a Network without a DHCP Server ..........1-5...
Page 6 GS108T and GS110TP Smart Switch Software Administration Manual System Information ....................2-1 IP Configuration .......................2-3 Time .........................2-5 Denial of Service ....................2-12 DNS ........................2-15 Green Ethernet Configuration ................2-17 PoE (GS110TP Only) ....................2-18 PoE Configuration ....................2-19 PoE Port Configuration ..................2-20 Timer Global Configuration ..................2-22 Timer Schedule Configuration ................2-23 SNMP ...........................2-25 SNMPV1/V2 ......................2-25...
Page 7 GS108T and GS110TP Smart Switch Software Administration Manual VLANs ..........................3-10 VLAN Configuration ....................3-11 VLAN Membership Configuration ................3-12 Port VLAN ID Configuration ...................3-14 Voice VLAN ........................3-16 Voice VLAN Properties ..................3-16 Voice VLAN Port Setting ..................3-18 Voice VLAN OUI ....................3-19 Auto-VoIP ........................3-20 Spanning Tree Protocol ....................3-22 STP Switch Configuration ..................3-23 CST Configuration ....................3-25...
Page 8 GS108T and GS110TP Smart Switch Software Administration Manual Defining DiffServ ....................4-10 Diffserv Configuration .....................4-11 Class Configuration ....................4-13 Policy Configuration ....................4-17 Service Configuration .....................4-23 Service Statistics ....................4-24 Chapter 5 Managing Device Security Management Security Settings ..................5-1 Change Password ....................5-2 RADIUS Configuration .....................5-3 Configuring TACACS+ ...................5-10 Authentication List Configuration ................5-13 Configuring Management Access .................5-14...
Page 9 GS108T and GS110TP Smart Switch Software Administration Manual MAC Binding Configuration ..................5-48 MAC Binding Table ....................5-49 IP ACL ........................5-50 IP Rules ........................5-52 IP Extended Rule ....................5-53 IP Binding Configuration ..................5-58 IP Binding Table .....................5-59 Chapter 6 Monitoring the System Ports ..........................6-1 Switch Statistics .......................6-1 Port Statistics ......................6-4 Port Detailed Statistics .....................6-5...
Page 10 GS108T and GS110TP Smart Switch Software Administration Manual Ping ........................7-12 Traceroute ......................7-14 Chapter 8 Help Online Help ........................8-1 Support ........................8-1 User Guide .......................8-2 Appendix A Hardware Specifications and Default Values GS108T Gigabit Smart Switch and GS110TP Gigabit Smart Switch Specifications ..A-1 GS108T and GS110TP Switch Features and Defaults ..........
Page 11: About This Manual
About This Manual The NETGEAR ® GS108T and GS110TP Software Administration Manual describes how to configure and operate the GS108T Smart Switch and GS110TP Gigabit Smart Switch by using the Web-based graphical user interface (GUI). This manual describes the software configuration procedures and explains the options available within those procedures.
Page 12: Conventions, Formats And Scope
GS108T and GS110TP Smart Switch Software Administration Manual • Chapter 4, “Configuring Quality of Service” page 4-1 describes how to manage the Access Control Lists (ACLs), and how to configure the Differentiated Services and Class of Service features. • Chapter 5, “Managing Device Security” page 5-1 contains information about configuring switch security information such as port access control, TACACS+, and RADIUS server...
Page 13 Product Version GS108T Smart Switch and GS110TP Gigabit Smart Switch Manual Publication Date April 2010 Note: Product updates for the GS108T and GS110TP Smart Switches are available on the NETGEAR, Inc. Website at http://kbserver.netgear.com/products/GS108T.asp http://kbserver.netgear.com/products/GS110TP.asp xiii v1.0, April 2010...
Page 14: How To Print This Manual
GS108T and GS110TP Smart Switch Software Administration Manual How to Print this Manual Your computer must have the free Adobe Acrobat reader installed in order to view and print PDF files. The Acrobat reader is available on the Adobe Web site at http://www.adobe.com.
Page 15: Getting Started
Chapter 1 Getting Started This chapter provides an overview of starting your NETGEAR GS108T or GS110TP Smart Switch and accessing the user interface. It also leads you through the steps to use the Smart Control Center utility. This chapter contains the following sections: •...
Page 16: Connecting The Switch To The Network
GS108T and GS110TP Smart Switch Software Administration Manual NETGEAR provides the Smart Control Center utility with this product. This program runs under Microsoft Windows XP, Windows 2000, or Windows Vista and provides a front end that ® ® ® discovers the switches on your network segment (L2 broadcast domain). When you power up your switch for the first time, use the Smart Control Center to discover the switch and view the network information that has been automatically assigned to the switch by a DHCP server;...
Page 17: Switch Discovery In A Network With A Dhcp Server
GS108T and GS110TP Smart Switch Software Administration Manual Switch Discovery in a Network with a DHCP Server This section describes how to set up your switch in a network that has a DHCP server. The DHCP client on the switch is enabled by default. When you connect it to your network, the DHCP server will automatically assign an IP address to your switch.
Page 18 GS108T and GS110TP Smart Switch Software Administration Manual 6. Make a note of the displayed IP address assigned by the DHCP server. You will need this value to access the switch directly from a Web browser (without using the Smart Control Center).
Page 19: Switch Discovery In A Network Without A Dhcp Server
GS108T and GS110TP Smart Switch Software Administration Manual Switch Discovery in a Network without a DHCP Server This section describes how to use the Smart Control Center to set up your switch in a network without a DHCP server. If your network has no DHCP service, you must assign a static IP address to your switch.
Page 20 GS108T and GS110TP Smart Switch Software Administration Manual 6. Select the switch, then click Configure Device. The page expands to display additional fields at the bottom of the page, as Figure 1-4 shows. Figure 1-4 7. Choose the Disabled radio box to disable DHCP. 8.
Page 21: Configuring The Network Settings On The Administrative System
GS108T and GS110TP Smart Switch Software Administration Manual Configuring the Network Settings on the Administrative System If you choose not to use the Smart Control Center to configure the network information on the switch, you can connect directly to the switch from an administrative system, such as a PC or laptop computer.
Page 22: Web Access
GS108T and GS110TP Smart Switch Software Administration Manual Warning: When you change the IP address of your administrative system, you will loose your connection to the rest of the network. Be sure to write down your current network address settings before you change them. To modify the network settings on your administrative system: 1.
Page 23: Smart Control Center Utilities
GS108T and GS110TP Smart Switch Software Administration Manual Figure 1-6 Smart Control Center Utilities In addition to device discovery and network address assignment, the Smart Control Center includes several maintenance features. This section describes the following Smart Control Center utilities: •...
Page 24: Configuration Upload And Download
GS108T and GS110TP Smart Switch Software Administration Manual • Change Password—Allows you to set a new password for the device. In this process, you are required to enter the old password and to confirm the new one, which can contain up to 20 ASCII characters.
Page 25 GS108T and GS110TP Smart Switch Software Administration Manual 4. Click OK. 5. Enter the switch password and click Apply. The file is uploaded to the administrative computer as a *.cfg file. You can open it and view the contents with a text editor. To restore the configuration to a previously saved version: 1.
Page 26: Firmware Upgrade
GS108T and GS110TP Smart Switch Software Administration Manual Note: Click the Tasks tab to view status information about the configuration download. Firmware Upgrade The application software for the GS108T and GS110TP Smart Switches is upgradeable, enabling your switch to take advantage of improvements and additional features as they become available. The upgrade procedure and the required equipment are described in this section.
Page 27 GS108T and GS110TP Smart Switch Software Administration Manual Figure 1-7 Optionally, you can schedule a different date and time to download and install the firmware image. To delay the upgrade process, clear the Run Now? check box and enter a date and time to complete the upgrade.
Page 28: Viewing And Managing Tasks
GS108T and GS110TP Smart Switch Software Administration Manual Viewing and Managing Tasks From the Tasks tab, you can view information about configuration downloads and firmware upgrades that have already occurred, are in progress, or are scheduled to take place at a later time. You can also delete or reschedule selected tasks.
Page 29: Understanding The User Interfaces
GS108T and GS110TP Smart Switch Software Administration Manual Understanding the User Interfaces GS108T and GS110TP software includes a set of comprehensive management functions for configuring and monitoring the system by using one of the following methods: • Web user interface •...
Page 30 GS108T and GS110TP Smart Switch Software Administration Manual Figure 1-9 shows the layout of the Smart Switch Web interface. Navigation Tab Feature Link Logout Button Help LInk Help Page Page Menu Configuration Status and Options Figure 1-9 Navigation Tabs, Feature Links, and Page Menu The navigation tabs along the top of the Web interface give you quick access to the various switch functions.
Page 31 GS108T and GS110TP Smart Switch Software Administration Manual The configuration pages for each feature are available as links in the page menu on the left side of the page. Some items in the menu expand to reveal multiple configuration pages, as Figure 1-10.
Page 32 GS108T and GS110TP Smart Switch Software Administration Manual Device View The Device View is a Java ® applet that displays the ports on the switch. This graphic provides an alternate way to navigate to configuration and monitoring options. The graphic also provides information about device ports, current configuration and status, table information, and feature components.
Page 33 GS108T and GS110TP Smart Switch Software Administration Manual Figure 1-13 If you click the graphic, but do not click a specific port, the main menu appears, as Figure 1-14 shows. This menu contains the same option as the navigation tabs at the top of the page. Figure 1-14 Getting Started 1-19...
Page 34: Using Snmp
GS108T and GS110TP Smart Switch Software Administration Manual Help Page Access Every page contains a link to the online help , which contains information to assist in configuring and managing the switch. The online help pages are context sensitive. For example, if the IP Addressing page is open, the help topic for that page displays if you click Help.
Page 35: Interface Naming Convention
GS108T and GS110TP Smart Switch Software Administration Manual 3. To enable encryption, select the DES option in the Encryption Protocol field. Then, enter an encryption code of eight or more alphanumeric characters in the Encryption Key field. 4. Click Apply. To access configuration information for SNMPv1 or SNMPv2, click System ...
Page 36 GS108T and GS110TP Smart Switch Software Administration Manual 1-22 Getting Started v1.0, April 2010...
Page 37: Configuring System Information
Chapter 2 Configuring System Information Use the features in the System tab to define the switch’s relationship to its environment. The System tab contains links to the following features: • “Management” on page 2-1 • “PoE (GS110TP Only)” on page 2-18 •...
Page 38 GS108T and GS110TP Smart Switch Software Administration Manual Figure 2-1 To define system information: 1. Open the System Information page. 2. Define the following fields: • System Name. Enter the name you want to use to identify this switch. You may use up to 31 alphanumeric characters.
Page 39: Ip Configuration
GS108T and GS110TP Smart Switch Software Administration Manual The following table describes the status information the System Page displays. Table 2-1. System Description Fields Field Description Serial Number The serial number of the switch. System Object ID The base object ID for the switch's enterprise MIB. Date &...
Page 40 GS108T and GS110TP Smart Switch Software Administration Manual Figure 2-2 To configure the network information for the management interface: 1. Select the appropriate radio button to determine how to configure the network information for the switch management interface: • Dynamic IP Address (DHCP). Specifies that the switch must obtain the IP address through a DHCP server.
Page 41: Time
GS108T and GS110TP Smart Switch Software Administration Manual • Default Gateway. The default gateway for the IP interface. The factory default value is 192.168.0.254. 3. Specify the VLAN ID for the management VLAN. The management VLAN is used to establish an IP connection to the switch from a workstation that is connected to a port in the same VLAN.
Page 42 GS108T and GS110TP Smart Switch Software Administration Manual Time sources are established by Stratums. Stratums define the accuracy of the reference clock. The higher the stratum (where zero is the highest), the more accurate the clock. The device receives time from stratum 1 and above since it is itself a stratum 2 device. The following is an example of stratums: •...
Page 43 GS108T and GS110TP Smart Switch Software Administration Manual Figure 2-3 To configure the time by using the CPU clock cycle as the source: 1. From the Clock Source field, select Local. 2. In the Date field, enter the date in the DD/MM/YYYY format. 3.
Page 44 GS108T and GS110TP Smart Switch Software Administration Manual To configure the time through SNTP: 1. From the Clock Source field, select SNTP. When the Clock Source is set to SNTP, the Date and Time fields are grayed out (disabled). The switch gets the date and time from the network. 2.
Page 45 GS108T and GS110TP Smart Switch Software Administration Manual Table 2-2. SNTP Global Status Fields (continued) Field Description Last Attempt Status Specifies the status of the last SNTP request or unsolicited message for both unicast mode. If no message has been received from a server, a status of Other is displayed.
Page 46 GS108T and GS110TP Smart Switch Software Administration Manual Figure 2-4 To configure a new SNTP Server: 1. Enter the appropriate SNTP server information in the available fields: • Server Type. Specifies whether the address for the SNTP server is an IP address (IPv4) or hostname (DNS).
Page 47 GS108T and GS110TP Smart Switch Software Administration Manual 5. To change the settings for an existing SNTP server, select the check box next to the configured server and enter new values in the available fields, and then click Apply. Configuration changes take effect immediately.
Page 48: Denial Of Service
GS108T and GS110TP Smart Switch Software Administration Manual Denial of Service Use the Denial of Service (DoS) page to configure DoS control. The GS108T and GS110TP software provides support for classifying and blocking specific types of DoS attacks. You can configure your system to monitor and block six types of attacks: •...
Page 49 GS108T and GS110TP Smart Switch Software Administration Manual To configure the Auto-DoS feature: 1. Select a radio button to enable or disable Auto-DoS: • Disable. Auto-DoS is disabled (default). • Enable. Auto-DoS is enabled. 2. Click Apply to send the updated configuration to the switch. Configuration changes occur immediately.
Page 50 GS108T and GS110TP Smart Switch Software Administration Manual To configure individual DoS settings: 1. Select the types of DoS attacks for the switch to monitor and block and configure any associated values, as the following list describes. • Denial of Service SIP=DIP. Enable or disable this option by selecting the appropriate radio button.
Page 51: Dns
2. Enter the DNS default domain name to include in DNS queries. When the system is performing a lookup on an unqualified hostname, this field is provided as the domain name (for example, if default domain name is netgear.com and the user enters test, then test is changed to test.netgear.com to resolve the name).
Page 52 GS108T and GS110TP Smart Switch Software Administration Manual 3. To specify the DNS server to which the switch sends DNS queries, enter an IP address in standard IPv4 dot notation in the DNS Server Address and click Add. The server appears in the list below.
Page 53: Green Ethernet Configuration
GS108T and GS110TP Smart Switch Software Administration Manual 2. Specify the IP address in standard IPv4 dot notation to associate with the hostname. 3. Click Add. The entry appears in the list below. 4. To remove an entry from the static DNS table, select the check box next to the entry and click Delete.
Page 54: Poe (Gs110Tp Only)
GS108T and GS110TP Smart Switch Software Administration Manual Figure 2-9 To configure the Green Ethernet feature: 1. Enable or disable the Short Cable Mode. • Enable. The switch performs a cable test on each cable connect to its ports. If the cable is less than 10m in length, the port is placed in low power mode (nominal power).
Page 55: Poe Configuration
GS108T and GS110TP Smart Switch Software Administration Manual • “Timer Global Configuration” on page 2-22 • “Timer Schedule Configuration” on page 2-23 PoE Configuration Use the PoE Configuration page to view global PoE power information and to configure PoE SNMP trap settings. To display the PoE Configuration page, click System ...
Page 56: Poe Port Configuration
GS108T and GS110TP Smart Switch Software Administration Manual 3. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. 4. Click Refresh to update the screen with the current information. The PoE Configuration page also provides the following information: Table 2-5.
Page 57 GS108T and GS110TP Smart Switch Software Administration Manual To configure PoE Port settings: 1. To configure settings for a physical port, click PORTS. 2. To configure settings for a Link Aggregation Group (LAG), click LAGS. 3. To configure settings for both physical ports and LAGs, click ALL. 4.
Page 58: Timer Global Configuration
GS108T and GS110TP Smart Switch Software Administration Manual • Timer Schedule. Select the timer schedule to use for the port. By default, no timer schedules are configured. To create a timer schedule, use the Timer Global Configuration page. • Output Voltage. Shows the current voltage being delivered to device in Volts. •...
Page 59: Timer Schedule Configuration
GS108T and GS110TP Smart Switch Software Administration Manual 3. Assign the timer to the port or LAG on the PoE Port Configuration page. Note: The Timer Schedule feature must be enabled for the settings to be applied to the ports. To display the Timer Global Configuration page, click System ...
Page 60 GS108T and GS110TP Smart Switch Software Administration Manual To display the Timer Schedule Configuration page, click System  PoE  Advanced  Timer Schedule Configuration. Figure 2-13 To configure timer schedules: 1. Select the name of the schedule created on the Timer Global Configuration page. 2.
Page 61: Snmp
GS108T and GS110TP Smart Switch Software Administration Manual SNMP From SNMP link under the System tab, you can configure SNMP settings for SNMP V1/V2 and SNMPv3. From the SNMP link, you can access the following pages: • “SNMPV1/V2” on page 2-25 •...
Page 62 GS108T and GS110TP Smart Switch Software Administration Manual Figure 2-14 To configure SNMP communities: 1. To add a new SNMP community, enter community information in the available fields described below, and then click Add. • Management Station IP. Specify the IP address of the management station.Together, the Management Station IP and the Management Station IP Mask denote a range of IP addresses from which SNMP clients may use that community to access this device.
Page 63 GS108T and GS110TP Smart Switch Software Administration Manual • Status. Specify the status of this community by selecting Enable or Disable from the pull down menu. If you select Enable, the Community Name must be unique among all valid Community Names or the set request will be rejected. If you select Disable, the Community Name will become invalid.
Page 64: Trap Flags
GS108T and GS110TP Smart Switch Software Administration Manual • Version. The trap version to be used by the receiver from the menu. • SNMP v1: Uses SNMP v1 to send traps to the receiver. • SNMP v2: Uses SNMP v2 to send traps to the receiver. •...
Page 65: Snmp V3 User Configuration
GS108T and GS110TP Smart Switch Software Administration Manual Figure 2-16 To configure the trap flags: 1. From the Authentication field, enable or disable activation of authentication failure traps by selecting the corresponding button. The factory default is Enable. 2. From the Link Up/Down field, enable or disable activation of link status traps by selecting the corresponding button.
Page 66 GS108T and GS110TP Smart Switch Software Administration Manual Figure 2-17 The SNMPv3 Access Mode is a read-only field that shows the access privileges for the user account. The admin account always has Read/Write access, and all other accounts have Read Only access. To configure SNMPv3 settings for the user account: 1.
Page 67: Lldp
GS108T and GS110TP Smart Switch Software Administration Manual LLDP The IEEE 802.1AB-defined standard, Link Layer Discovery Protocol (LLDP), allows stations on an 802 LAN to advertise major capabilities and physical descriptions. This information is viewed by a network manager to identify system topology and detect bad configurations on the LAN. From the LLDP link, you can access the following pages: •...
Page 68 GS108T and GS110TP Smart Switch Software Administration Manual Note: You can also access the LLDP Configuration page by clicking System  LLDP  Advanced  LLDP Configuration. Figure 2-18 To configure global LLDP settings: 1. Configure the following LLDP properties. •...
Page 69: Lldp Port Settings
GS108T and GS110TP Smart Switch Software Administration Manual 2. To change the LLDP-MED properties in the Fast Start Duration field, specify the number of LLDP packets sent when the LLDP-MED Fast Start mechanism is initialized, which occurs when a new endpoint device links with the LLDP-MED network connectivity device. The default value is 3, and the range is from 1–10.
Page 70: Lldp-Med Network Policy
GS108T and GS110TP Smart Switch Software Administration Manual To configure LLDP port settings: 1. Change the LLDP port settings described below: • Interface. Specifies the port to be affected by these parameters. • Admin Status. Select the status for transmitting and receiving LLDP packets: •...
Page 71 GS108T and GS110TP Smart Switch Software Administration Manual To display this page, click System  LLDP  Advanced  LLDP-MED Network Policy. Figure 2-20 From the Interface menu, select the interface with the information to view. The following table describes the LLDP-MED network policy information that displays on the screen. Table 2-6.
Page 72: Lldp-Med Port Settings
GS108T and GS110TP Smart Switch Software Administration Manual Table 2-6. LLPD-MED Network Policy Information Fields (continued) Field Description VLAN Type Specifies whether the VLAN associated with the policy is tagged or untagged. User Priority Specifies the priority associated with the policy. DSCP Specifies the DSCP associated with a particular policy type.
Page 73: Local Information
GS108T and GS110TP Smart Switch Software Administration Manual 3. From the Notification field, specify whether the port should send a topology change notification if a device is connected or removed. 4. From the Transmit Optional TLVs field, specify whether the port should transmit optional type length values (TLVs) in the LLDP PDU frames.
Page 74 GS108T and GS110TP Smart Switch Software Administration Manual Figure 2-22 The following table describes the LLDP local information that displays for each port. Table 2-7. LLDP Local Information Fields Field Description Interface Select the interface with the information to display. Port ID Subtype Identifies the type of data displayed in the Port ID field.
Page 75 GS108T and GS110TP Smart Switch Software Administration Manual Figure 2-23 The following table describes the detailed local information that displays for the selected port. Table 2-8. Local Port Information Field Description Managed Address Address SubType Displays the type of address the management interface uses, such as an IPv4 address.
Page 76: Neighbors Information
GS108T and GS110TP Smart Switch Software Administration Manual Table 2-8. Local Port Information (continued) Field Description Auto Negotiation Displays the port speed auto-negotiation capabilities such as 1000BASE-T Advertised Capabilities half-duplex mode or 100BASE-TX full-duplex mode. Operational MAU Type Displays the Medium Attachment Unit (MAU) type. The MAU performs physical layer functions, including digital data conversion from the Ethernet interface collision detection and bit injection into the network.
Page 77 GS108T and GS110TP Smart Switch Software Administration Manual Figure 2-24 The following table describes the information that displays for all LLDP neighbors that have been discovered. Table 2-9. LLDP Neighbors Information Fields Field Description MSAP Entry Displays the Media Service Access Point (MSAP) entry number for the remote device.
Page 78 GS108T and GS110TP Smart Switch Software Administration Manual A popup window displays information for the selected port. Figure 2-25 Table 2-10. LLPD-MED Local Device Information Fields Field Description Port Details Local Port Displays the interface on the local system that received LLDP information from a remote system.
Page 79 GS108T and GS110TP Smart Switch Software Administration Manual Table 2-10. LLPD-MED Local Device Information Fields (continued) Field Description Port Description Identifies the user-defined description of the port. System Name Identifies the system name associated with the remote device. System Description Specifies the description of the selected port associated with the remote system.
Page 80 GS108T and GS110TP Smart Switch Software Administration Manual Table 2-10. LLPD-MED Local Device Information Fields (continued) Field Description PoE Device Type Displays the port PoE type. For example, Powered. PoE Power Source Displays the port's power source. PoE Power Priority Displays the port's power priority.
Page 81: Services - Dhcp Filtering
GS108T and GS110TP Smart Switch Software Administration Manual Services — DHCP Filtering DHCP Filtering is a useful feature that can be employed as a security measure against unauthorized DHCP servers. A known attack is when an unauthorized DHCP server responds to a client that is requesting an IP address.
Page 82: Interface Configuration
GS108T and GS110TP Smart Switch Software Administration Manual Figure 2-26 To configure global DHCP filtering settings: 1. In the Admin Mode field, select Enable or Disable to turn the DHCP Filtering feature on or off. 2. Click Apply to apply the change to the system. Configuration changes take effect immediately.
Page 83 GS108T and GS110TP Smart Switch Software Administration Manual Figure 2-27 To configure DHCP filtering settings for an interface: 1. To configure DHCP filtering settings for a physical port, click PORTS. 2. To configure DHCP filtering settings for a Link Aggregation Group (LAG), click LAGS. 3.
Page 84 GS108T and GS110TP Smart Switch Software Administration Manual 2-48 Configuring System Information v1.0, April 2010...
Page 85: Configuring Switching Information
Chapter 3 Configuring Switching Information Use the features in the Switching tab to define Layer 2 features. The Switching tab contains links to the following features: • “Ports” on page 3-1 • “Link Aggregation Groups” on page 3-5 • “VLANs” on page 3-10 •...
Page 86 GS108T and GS110TP Smart Switch Software Administration Manual Figure 3-1 To configure port settings: 1. To configure settings for a physical port, click PORTS. 2. To configure settings for a Link Aggregation Group (LAG), click LAGS. 3. To configure settings for both physical ports and LAGs, click ALL. 4.
Page 87 GS108T and GS110TP Smart Switch Software Administration Manual • Port Speed. Use the menu to select the port’s speed and duplex mode. If you select Auto, the duplex mode and speed will be set by the auto-negotiation process. The port’s maximum capability (full duplex and 1000 Mbps) will be advertised.
Page 88: Flow Control
GS108T and GS110TP Smart Switch Software Administration Manual Flow Control IEEE 802.3x flow control works by pausing a port when the port becomes oversubscribed and dropping all traffic for small bursts of time during the congestion condition. This can lead to high- priority and/or network control traffic loss.
Page 89: Link Aggregation Groups
GS108T and GS110TP Smart Switch Software Administration Manual Link Aggregation Groups Link aggregation groups (LAGs), which are also known as port-channels, allow you to combine multiple full-duplex Ethernet links into a single logical link. Network devices treat the aggregation as if it were a single link, which increases fault tolerance and provides load sharing. You assign the LAG VLAN membership after you create a LAG.
Page 90 GS108T and GS110TP Smart Switch Software Administration Manual Figure 3-3 To configure LAG settings: 1. Select the check box next to the LAG to configure. You can select multiple LAGs to apply the same setting to the selected interfaces. Select the check box in the heading row to apply the same settings to all interfaces.
Page 91: Lag Membership
GS108T and GS110TP Smart Switch Software Administration Manual • LAG Type. Select Static or LACP. When the LAG is static, it does not transmit or process received LAGPDUs, for example the member ports do not transmit LAGPDUs and all the LAGPDUs it may receive are dropped.
Page 92: Lacp Configuration
GS108T and GS110TP Smart Switch Software Administration Manual 2. In the LAG Name field, enter the name you want assigned to the LAG. You may enter any string of up to 15 alphanumeric characters. A valid name has to be specified to create the LAG. 3.
Page 93: Lacp Port Configuration
GS108T and GS110TP Smart Switch Software Administration Manual To configure LACP: 1. From the LACP System Priority field, specify the device’s link aggregation priority relative to the devices at the other ends of the links on which link aggregation is enabled. A higher value indicates a lower priority.
Page 94: Vlans
GS108T and GS110TP Smart Switch Software Administration Manual To configure LACP port priority settings: 1. Select the check box next to the port to configure. You can select multiple ports to apply the same setting to all selected ports. Note: You cannot select ports that are not participating in a LAG. 2.
Page 95: Vlan Configuration
GS108T and GS110TP Smart Switch Software Administration Manual From the VLAN link, you can access the following pages: • “VLAN Configuration” on page 3-11 • “VLAN Membership Configuration” on page 3-12 • “Port VLAN ID Configuration” on page 3-14 VLAN Configuration Use the VLAN Configuration page to define VLAN groups stored in the VLAN membership table.
Page 96: Vlan Membership Configuration
GS108T and GS110TP Smart Switch Software Administration Manual To configure VLANs: 1. To add a VLAN, configure the VLAN ID, name, and type, and then click Add. • VLAN ID. Specify the VLAN Identifier for the new VLAN. (You can only enter data in this field when you are creating a new VLAN.) The range of the VLAN ID is 1–4093.
Page 97 GS108T and GS110TP Smart Switch Software Administration Manual Figure 3-9 To configure VLAN membership: 1. From the VLAN ID field, select the VLAN to which you want to add ports. 2. Click the orange bar below the VLAN Type field to display the physical ports on the switch. 3.
Page 98: Port Vlan Id Configuration
GS108T and GS110TP Smart Switch Software Administration Manual 5. Use the Group Operations field to select all the ports and configure them. Possible values are: • Untag All: Select all the ports on which all frames transmitted from this VLAN will be untagged.
Page 99 GS108T and GS110TP Smart Switch Software Administration Manual Figure 3-11 To configure PVID information: 1. To configure PVID settings for a physical port, click PORTS. 2. To configure PVID settings for a Link Aggregation Group (LAG), click LAGS. 3. To configure PVID settings for both physical ports and LAGs, click ALL. 4.
Page 100: Voice Vlan
GS108T and GS110TP Smart Switch Software Administration Manual 7. Specify how you want the port to handle tagged frames: • Enable: A tagged frame will be discarded if this port is not a member of the VLAN identified by the VLAN ID in the tag. In an untagged frame, the VLAN is the Port VLAN ID specified for the port that received this frame.
Page 101 GS108T and GS110TP Smart Switch Software Administration Manual Figure 3-12 To configure Voice VLAN: 1. From the Voice VLAN Status field, enable or disable Voice VLAN on the switch. If the switch does not handle traffic from IP phones, the status should be disabled. 2.
Page 102: Voice Vlan Port Setting
GS108T and GS110TP Smart Switch Software Administration Manual Voice VLAN Port Setting To display the Voice VLAN Port Setting page, click Switching Voice VLAN  Advanced  Port Setting. Figure 3-13 To configure Voice VLAN port settings: 1. Select the check box next to the port to configure. You can select multiple check boxes to apply the same setting to all selected ports.
Page 103: Voice Vlan Oui
GS108T and GS110TP Smart Switch Software Administration Manual Voice VLAN OUI The Organizational Unique Identifier (OUI) identifies the IP phone manufacturer. The switch comes preconfigured with the following OUIs: • 00:01:E3: SIEMENS • 00:03:6B: CISCO1 • 00:12:43: CISCO2 • 00:0F:E2: H3C •...
Page 104: Auto-Voip
GS108T and GS110TP Smart Switch Software Administration Manual To configure OUI settings: 1. To add a new OUI prefix, type the VOIP OUI prefix in the Telephony OUI(s) field, provide a description of the prefix, and click Add. The OUI prefix must be in the format AA:BB:CC. 2.
Page 105 GS108T and GS110TP Smart Switch Software Administration Manual Figure 3-15 To configure Auto-VoIP settings: 1. Select the check box next to the port to configure. You can select multiple check boxes to apply the same setting to all selected ports. 2.
Page 106: Spanning Tree Protocol
GS108T and GS110TP Smart Switch Software Administration Manual Spanning Tree Protocol The Spanning Tree Protocol (STP) provides a tree topology for any arrangement of bridges. STP also provides one path between end stations on a network, eliminating loops. Spanning tree versions supported include Common STP, Multiple STP, and Rapid STP.
Page 107: Stp Switch Configuration
GS108T and GS110TP Smart Switch Software Administration Manual STP Switch Configuration The Spanning Tree Switch Configuration/Status page contains fields for enabling STP on the switch. To display the Spanning Tree Switch Configuration/Status page, click SwitchingSTPBasic  STP Configuration. Figure 3-16 To configure STP settings on the switch: 1.
Page 108 GS108T and GS110TP Smart Switch Software Administration Manual 3. Specify the configuration name and revision level. • Configuration Name. Name used to identify the configuration currently being used. It may be up to 32 alphanumeric characters. • Configuration Revision Level. Number used to identify the configuration currently being used.
Page 109: Cst Configuration
GS108T and GS110TP Smart Switch Software Administration Manual Click Refresh to update the information on the screen with the most current data. CST Configuration Use the Spanning Tree CST Configuration page to configure Common Spanning Tree (CST) and Internal Spanning Tree on the switch. To display the Spanning Tree CST Configuration page, click SwitchingSTPAdvanced ...
Page 110 GS108T and GS110TP Smart Switch Software Administration Manual • Bridge Max Age (secs). Specifies the bridge maximum age time for the Common and Internal Spanning Tree (CST), which indicates the amount of time in seconds a bridge waits before implementing a topological change. The valid range is 6–40, and the value must be less than or equal to (2 * Bridge Forward Delay) –...
Page 111: Cst Port Configuration
GS108T and GS110TP Smart Switch Software Administration Manual CST Port Configuration Use the Spanning Tree CST Port Configuration page to configure Common Spanning Tree (CST) and Internal Spanning Tree on a specific port on the switch. To display the Spanning Tree CST Port Configuration page, click SwitchingSTPAdvanced  CST Port Configuration.
Page 112 GS108T and GS110TP Smart Switch Software Administration Manual • Fast Link. Specifies if the specified port is an Edge Port with the CST. Possible values are Enable or Disable. The default is Disable. • Port State. The Forwarding state of this port. This field is read-only. •...
Page 113: Cst Port Status
GS108T and GS110TP Smart Switch Software Administration Manual CST Port Status Use the Spanning Tree CST Port Status page to display Common Spanning Tree (CST) and Internal Spanning Tree on a specific port on the switch. To display the Spanning Tree CST Port Status page, click SwitchingSTPAdvanced  CST Port Status.
Page 114 GS108T and GS110TP Smart Switch Software Administration Manual Table 3-3. Spanning Tree CST Port Status Fields (continued) Field Description Designated Bridge Bridge Identifier of the bridge with the Designated Port. It is made up using the bridge priority and the base MAC address of the bridge. Designated Port Port Identifier on the Designated Bridge that offers the lowest cost to the LAN.
Page 115: Rapid Stp
GS108T and GS110TP Smart Switch Software Administration Manual Rapid STP Use the Rapid STP page to view information about Rapid Spanning Tree (RSTP) port status. To display the Rapid STP page, click SwitchingSTPAdvanced  RSTP. Figure 3-20 The following table describes the Rapid STP Status information displayed on the screen. Table 3-4.
Page 116: Mst Configuration
GS108T and GS110TP Smart Switch Software Administration Manual MST Configuration Use the Spanning Tree MST Configuration page to configure Multiple Spanning Tree (MST) on the switch. To display the Spanning Tree MST Configuration page, click SwitchingSTPAdvanced  MST Configuration. Figure 3-21 To configure an MST instance: 1.
Page 117 GS108T and GS110TP Smart Switch Software Administration Manual • VLAN ID. The menu contains all VLANs configured on the switch. Select a VLAN to associate with the MST instance. 2. To delete an MST instance, select the check box next to the instance and click Delete. 3.
Page 118: Mst Port Configuration
GS108T and GS110TP Smart Switch Software Administration Manual MST Port Configuration Use the Spanning Tree MST Port Configuration page to configure and display Multiple Spanning Tree (MST) settings on a specific port on the switch. To display the Spanning Tree MST Port Status page, click Switching  STP  Advanced  MST Port Configuration.
Page 119 GS108T and GS110TP Smart Switch Software Administration Manual Note: If no MST instances have been configured on the switch, the page displays a “No MSTs Available” message and does not display the fields shown in Table 3-6 on page 3-36. Figure 3-24 To configure MST port settings: 1.
Page 120 GS108T and GS110TP Smart Switch Software Administration Manual Table 3-6. Spanning Tree MST Port Status Fields Field Description Auto-calculated Port Path Displays whether the path cost is automatically calculated (Enabled) or not Cost (Disabled). Path cost is calculated based on the link speed of the port if the configured value for Port Path Cost is zero.
Page 121: Stp Statistics
GS108T and GS110TP Smart Switch Software Administration Manual STP Statistics Use the Spanning Tree Statistics page to view information about the number and type of bridge protocol data units (BPDUs) transmitted and received on each port. To display the Spanning Tree Statistics page, click Switching  STP  Advanced  STP Statistics.
Page 122: Multicast
GS108T and GS110TP Smart Switch Software Administration Manual Multicast Multicast IP traffic is traffic that is destined to a host group. Host groups are identified by class D IP addresses, which range from 224.0.0.0 to 239.255.255.255. From the Multicast link, you can access the following pages: •...
Page 123: Igmp Snooping
GS108T and GS110TP Smart Switch Software Administration Manual 2. Click Apply to send the updated configuration to the switch. Configuration changes take effect immediately. 3. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch IGMP Snooping Internet Group Management Protocol (IGMP) Snooping is a feature that allows a switch to...
Page 124 GS108T and GS110TP Smart Switch Software Administration Manual IGMP Snooping Configuration Use the IGMP Snooping Configuration page to configure the parameters for IGMP snooping, which is used to build forwarding lists for multicast traffic. To access the IGMP Snooping Configuration page, click Switching Multicast  IGMP Snooping ...
Page 125 GS108T and GS110TP Smart Switch Software Administration Manual The following table displays information about the global IGMP snooping status and statistics on the page. Table 3-8. IGMP Snooping Configuration Fields Field Description IGMP Snooping Status Select the administrative mode for IGMP Snooping for the switch. The default is Disable.
Page 126 GS108T and GS110TP Smart Switch Software Administration Manual Figure 3-28 To configure IGMP Snooping interface settings: 1. To configure IGMP Snooping settings for a physical port, click PORTS. 2. To configure IGMP Snooping settings for a Link Aggregation Group (LAG), click LAGS. 3.
Page 127 GS108T and GS110TP Smart Switch Software Administration Manual • Host Timeout. Specify the amount of time you want the switch to wait for a report for a particular group on a particular interface before it deletes that interface from the group. Enter a value between 2 and 3600 seconds.
Page 128 GS108T and GS110TP Smart Switch Software Administration Manual Figure 3-29 The following table describes the fields in the IGMP Snooping Table. Table 3-9. IGMP Snooping Table Fields Field Description MAC Address A multicast MAC address for which the switch has forwarding and/or filtering information.
Page 129 GS108T and GS110TP Smart Switch Software Administration Manual • Click Refresh to reload the page and display the most current information. Multicast Forwarding Database Table The Layer 2 Multicast Forwarding Database (MFDB) is used by the switch to make forwarding decisions for packets that arrive with a multicast destination MAC address.
Page 130 GS108T and GS110TP Smart Switch Software Administration Manual The following table describes the fields in the MFDB Table. Table 3-10. MFDB Table Fields Field Description MAC Address The MAC Address to which the multicast MAC address is related. To search by MAC address, enter the address with the MFDB table entry you want displayed.
Page 131 GS108T and GS110TP Smart Switch Software Administration Manual Figure 3-31 The following table describes the information available on the MFDB Statistics page: Table 3-11. Multicast Forwarding Database Statistics Fields Field Description Max MFDB Table Entries Displays the maximum number of entries that the Multicast Forwarding Database table can hold.
Page 132 GS108T and GS110TP Smart Switch Software Administration Manual IGMP Snooping VLAN Configuration Use the IGMP Snooping VLAN Configuration page to configure IGMP snooping settings for VLANs on the system. To access the IGMP Snooping VLAN Configuration page, click Switching Multicast  IGMP Snooping ...
Page 133: Igmp Snooping Querier
GS108T and GS110TP Smart Switch Software Administration Manual • Host Timeout. Sets the value for group membership interval of IGMP snooping for the specified VLAN ID. The valid range is (Maximum Response Time + 1) to 3600 seconds. • Maximum Response Time. Enter the amount of time in seconds that a switch will wait after sending a query on the VLAN because it did not receive a report for a particular group in that interface.
Page 134 GS108T and GS110TP Smart Switch Software Administration Manual IGMP Snooping Querier Configuration Use this page to enable or disable the IGMP Snooping Querier feature, specify the IP address of the router to perform the querying, and configure the related parameters. To access this page, click Switching...
Page 135 GS108T and GS110TP Smart Switch Software Administration Manual 6. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. 7. Click Apply to apply the new settings to the switch. Configuration changes take effect immediately 8.
Page 136 GS108T and GS110TP Smart Switch Software Administration Manual • Disabled. Upon seeing another querier of the same version in the VLAN, the snooping querier moves to the non-querier state. • Enabled. The snooping querier participates in querier election, in which the least IP address operates as the querier in that VLAN.
Page 137: Forwarding Database
GS108T and GS110TP Smart Switch Software Administration Manual The following table describes the information available on the Querier VLAN Status page. Table 3-12. IGMP Snooping Querier VLAN Status Fields Field Description VLAN ID Specifies the VLAN ID on which the IGMP Snooping Querier is administratively enabled and for which VLAN exists in the VLAN database.
Page 138: Mac Address Table
GS108T and GS110TP Smart Switch Software Administration Manual MAC Address Table The MAC Address Table contains information about unicast entries for which the switch has forwarding and/or filtering information. This information is used by the transparent bridging function in determining how to propagate a received frame. Use the search function of the MAC Address Table page to display information about the entries in the table.
Page 139: Dynamic Address Configuration
GS108T and GS110TP Smart Switch Software Administration Manual • Interface: Select Interface from the menu, enter the interface ID in g1, g2... format, then, click Go. If any entries learned on that interface exist, they are displayed. 2. Click Clear to clear Dynamic MAC Addresses in the table. 3.
Page 140: Static Mac Address
GS108T and GS110TP Smart Switch Software Administration Manual Figure 3-37 To configure the Dynamic Address setting: 1. Specify the number of seconds the forwarding database should wait before deleting a learned entry that has not been updated. IEEE 802.1D-1990 recommends a default of 300 seconds. You may enter any number of seconds between 10 and 1000000.
Page 141 GS108T and GS110TP Smart Switch Software Administration Manual Figure 3-38 To configure a static MAC address: 1. To add a static MAC address entry a. Select the VLAN ID corresponding to the MAC address to add. b. Specify the MAC address to add. c.
Page 142 GS108T and GS110TP Smart Switch Software Administration Manual 3-58 Configuring Switching Information v1.0, April 2010...
Page 143: Configuring Quality Of Service
Chapter 4 Configuring Quality of Service Use the features in the QoS tab to configure Quality of Service (QoS) settings on the switch. The QoS tab contains links to the following features: • “Class of Service” on page 4-1 • “Differentiated Services”...
Page 144: Basic Cos Configuration
GS108T and GS110TP Smart Switch Software Administration Manual From the Class of Service link under the QoS tab, you can access the following pages: • “Basic CoS Configuration” on page 4-2 • “CoS Interface Configuration” on page 4-4 • “Interface Queue Configuration” on page 4-5 •...
Page 145 GS108T and GS110TP Smart Switch Software Administration Manual Figure 4-1 To configure global CoS settings: 1. Select the Global radio button to configure the trust mode settings that apply to all interfaces. Alternatively, you can select the Interface radio button to apply trust mode settings to individual interfaces.
Page 146: Cos Interface Configuration
GS108T and GS110TP Smart Switch Software Administration Manual CoS Interface Configuration Use the CoS Interface Configuration page to apply an interface shaping rate to all interfaces or to a specific interface. To display the CoS Interface Configuration page, click the QoS  CoS tab, and then click the Advanced ...
Page 147: Interface Queue Configuration
GS108T and GS110TP Smart Switch Software Administration Manual 5. From the Interface Trust Mode field, specify whether or not the selected interface(s) trust a particular packet marking when the packet enters the port. • Untrusted. Do not trust any CoS packet marking at ingress. •...
Page 148 GS108T and GS110TP Smart Switch Software Administration Manual To display the Interface Queue Configuration page, click the QoS  CoS tab, and then click the Advanced  Interface Queue Configuration link. Figure 4-3 To configure CoS queue settings for an interface: 1.
Page 149: 802.1P To Queue Mapping
GS108T and GS110TP Smart Switch Software Administration Manual • Scheduler Type. Selects the type of queue processing from the drop down menu. Options are Weighted and Strict. Defining on a per-queue basis allows the user to create the desired service characteristics for different types of traffic. •...
Page 150 GS108T and GS110TP Smart Switch Software Administration Manual To map 802.1p priorities to queues: 1. Select the Global radio button to apply the same 802.1p priority mapping to all CoS configurable interfaces or select the Interface radio button to apply 802.1p priority mapping to on a per-interface basis.
Page 151: Dscp To Queue Mapping
GS108T and GS110TP Smart Switch Software Administration Manual DSCP to Queue Mapping Use the DSCP to Queue Mapping page to specify which internal traffic class to map the corresponding DSCP value. To display the IP DSCP Mapping page, click QoS  CoS  Advanced  DSCP to Queue Mapping.
Page 152: Differentiated Services
GS108T and GS110TP Smart Switch Software Administration Manual To map DSCP values to queues: 1. For each DSCP value, select a hardware queue to associate with the value. The traffic class is the hardware queue for a port. Higher traffic class values indicate a higher queue position.
Page 153: Diffserv Configuration
GS108T and GS110TP Smart Switch Software Administration Manual Packet processing begins by testing the class match criteria for a packet. A policy is applied to a packet when a class match within that policy is found. The Differentiated Services menu page contains links to the various Diffserv configuration and display features.
Page 154 GS108T and GS110TP Smart Switch Software Administration Manual Figure 4-6 To configure the global DiffServ mode: 1. Select the administrative mode for DiffServ: • Enable. Differentiated Services are active. • Disable. The DiffServ configuration is retained and can be changed, but it is not active. 2.
Page 155: Class Configuration
GS108T and GS110TP Smart Switch Software Administration Manual Table 4-1. DiffServ Status Fields (continued) Field Description Policy Table Displays the current and maximum number of rows of the policy table. Policy Instance Table Displays the current and maximum number of rows of the policy instance table.
Page 156 GS108T and GS110TP Smart Switch Software Administration Manual To configure a DiffServ class: 1. To create a new class, enter a class name, select the class type, and click Add. The switch supports only the Class Type value All, which means all the various match criteria defined for the class should be satisfied for a packet match.
Page 157 GS108T and GS110TP Smart Switch Software Administration Manual The class name is a hyperlink. Figure 4-9 shows the configuration fields for the class. Figure 4-9 2. Define the criteria to associate with a DiffServ class: • Reference Class. Selects a class to start referencing for criteria. A specified class can reference at most one other class of the same type.
Page 158 GS108T and GS110TP Smart Switch Software Administration Manual • EtherType. Select the EtherType field to compare the match criteria against the value in the header of an Ethernet frame. Select an EtherType keyword or enter an EtherType value to specify the match criteria.If you specify the EtherType value, select User Value from the menu and enter a custom protocol identifier to which packets are matched.
Page 159: Policy Configuration
GS108T and GS110TP Smart Switch Software Administration Manual • Destination L4 Port. Requires a packet’s TCP/UDP destination port to match the port you select. Select the desired L4 keyword from the list on which the rule can be based. If you select Other, the screen refreshes and a Port ID field appears.
Page 160 GS108T and GS110TP Smart Switch Software Administration Manual Figure 4-10 To configure a DiffServ policy: 1. To create a new policy, enter a policy name in the Policy Selector field, select the existing DiffServ class to associate with the policy, and click Add. The available policy type is In, which indicates the type is specific to inbound traffic.
Page 161 GS108T and GS110TP Smart Switch Software Administration Manual Figure 4-11 The policy name is a hyperlink. Figure 4-12 on page 4-20 shows the configuration fields for the policy. Configuring Quality of Service 4-19 v1.0, April 2010...
Page 162 GS108T and GS110TP Smart Switch Software Administration Manual Figure 4-12 2. Select the queue to which packets will of this policy-class will be assigned . 3. Configure the policy attributes:. • Drop. Select this option to drop packets for this policy-class. 4-20 Configuring Quality of Service v1.0, April 2010...
Page 163 GS108T and GS110TP Smart Switch Software Administration Manual • Mark CoS. Enter the specified Class of Service queue number to mark all packets for the associated traffic stream with the specified class of service value in the priority field of the 802.1p header.
Page 164 GS108T and GS110TP Smart Switch Software Administration Manual • Mark IP DSCP. These packets are marked by DiffServ with the specified DSCP value before being presented to the system forwarding element. This selection requires that the DSCP value field be set. •...
Page 165: Service Configuration
GS108T and GS110TP Smart Switch Software Administration Manual Service Configuration Use the Service Configuration page to activate a policy on an interface. To display the page, click QoS  DiffServ  Advanced  Service Configuration. Figure 4-13 To configure DiffServ policy settings on an interface: 1.
Page 166: Service Statistics
GS108T and GS110TP Smart Switch Software Administration Manual 6. To remove a policy from the selected interface(s) select None from the Policy In menu, and then click Apply. 7. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch.
Page 167 GS108T and GS110TP Smart Switch Software Administration Manual Table 4-2. Service Statistics Fields (continued) Field Description Operational Status Displays the operational status of this service interface, which is either Up or Down. Discarded Packets Displays the total number of packets discarded for all class instances in this service policy for any reason due to DiffServ treatment.
Page 168 GS108T and GS110TP Smart Switch Software Administration Manual 4-26 Configuring Quality of Service v1.0, April 2010...
Page 169: Managing Device Security
Chapter 5 Managing Device Security Use the features available from the Security tab to configure management security settings for port, user, and server security.The Security tab contains links to the following features: • “Management Security Settings” on page 5-1 • “Configuring Management Access”...
Page 170: Change Password
GS108T and GS110TP Smart Switch Software Administration Manual Change Password Use the page to change the login password. To display the page, click Security  Management Security  User Configuration  Change Password. Figure 5-1 To change the login password for the management interface: 1.
Page 171: Radius Configuration
GS108T and GS110TP Smart Switch Software Administration Manual RADIUS Configuration RADIUS servers provide additional security for networks. The RADIUS server maintains a user database, which contains per-user authentication information. The switch passes information to the configured RADIUS server, which can authenticate a user name and password before authorizing use of the network.
Page 172 GS108T and GS110TP Smart Switch Software Administration Manual The Current Server IP Address field is blank if no servers are configured (see “RADIUS Server Configuration” on page 5-5). The switch supports up to three configured RADIUS servers. If more than one RADIUS servers are configured, the current server is the server configured as the primary server.
Page 173 GS108T and GS110TP Smart Switch Software Administration Manual RADIUS Server Configuration Use the RADIUS Server Configuration page to view and configure various settings for the current RADIUS server configured on the system. To access the RADIUS Server Configuration page, click Security  Management Security, and then click the RADIUS ...
Page 174 GS108T and GS110TP Smart Switch Software Administration Manual 2. To modify settings for a RADIUS server that is already configured on the switch, select the check box next to the server address, update the desired fields, and click Apply. 3. Click Refresh to update the page with the most current information. 4.
Page 175 GS108T and GS110TP Smart Switch Software Administration Manual Table 5-1. RADIUS Server Statistics Fields (continued) Field Description Unknown Types The number of RADIUS packets of unknown type which were received from this server on the authentication port. Packets Dropped The number of RADIUS packets received from this server on the authentication port and dropped for some other reason.
Page 176 GS108T and GS110TP Smart Switch Software Administration Manual Figure 5-4 To configure the RADIUS accounting server: 1. In the Accounting Server Address field, specify the IP address of the RADIUS accounting server to add. 2. In the Port field, specify the UDP port number the server uses to verify the RADIUS accounting server authentication.
Page 177 GS108T and GS110TP Smart Switch Software Administration Manual 7. To delete a configured RADIUS Accounting server, click Delete. 8. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. The following table describes RADIUS accounting server statistics available on the page.
Page 178: Configuring Tacacs
GS108T and GS110TP Smart Switch Software Administration Manual Configuring TACACS+ TACACS+ provides a centralized user management system, while still retaining consistency with RADIUS and other authentication processes. TACACS+ provides the following services: • Authentication: Provides authentication during login and via user names and user-defined passwords.
Page 179 GS108T and GS110TP Smart Switch Software Administration Manual To configure global TACACS+ settings: 1. In the Key String field, specify the authentication and encryption key for TACACS+ communications between the GS108T or GS110TP and the TACACS+ server. The valid range is 0–128 characters.
Page 180 GS108T and GS110TP Smart Switch Software Administration Manual Note: The Add option is available if fewer than five TACACS+ servers are configured on the system, and the Server Address field is only available when Add is selected in the TACACS+ Server IP Address field. After you add one or more TACACS+ servers, additional fields appear on the TACACS+ Server Configuration page.
Page 181: Authentication List Configuration
GS108T and GS110TP Smart Switch Software Administration Manual Authentication List Configuration Use the Authentication List page to configure the default login list. A login list specifies one or more authentication methods to validate switch or port access for the admin user. Note: Admin is the only user on the system and is assigned to a preconfigured list named defaultList, which you cannot delete.
Page 182: Configuring Management Access
GS108T and GS110TP Smart Switch Software Administration Manual • RADIUS: The user's ID and password will be authenticated using the RADIUS server. If you select RADIUS or TACACS+ as the first method and an error occurs during the authentication, the switch uses Method 2 to authenticate the user. •...
Page 183: Http Configuration
GS108T and GS110TP Smart Switch Software Administration Manual HTTP Configuration Use the HTTP Configuration page to configure the HTTP server settings on the system. To access the HTTP Configuration page, click the Security tab, then click Access, and then click the HTTP ...
Page 184: Secure Http Configuration
GS108T and GS110TP Smart Switch Software Administration Manual 4. In the Maximum Number of HTTP Sessions field, specify the maximum number of HTTP sessions that can exist at the same time. The value must be in the range of (0–16). The default value is 16.
Page 185 GS108T and GS110TP Smart Switch Software Administration Manual To configure HTTPS settings: 1. Use the radio buttons in the HTTPS Admin Mode field to enable or disable the Administrative Mode of Secure HTTP. The currently configured value is shown when the Web page is displayed. The default value is Disable.
Page 186: Certificate Download
GS108T and GS110TP Smart Switch Software Administration Manual Certificate Download For the Web server on the switch to accept HTTPS connections from a management station, the Web server needs a public key certificate. You can generate a certificate externally (for example, off-line) and download it to the switch.
Page 187: Access Profile Configuration
GS108T and GS110TP Smart Switch Software Administration Manual • SSL DH Weak Encryption Parameter PEM File. SSL Diffie-Hellman Weak Encryption Parameter File (PEM Encoded). • SSL DH Strong Encryption Parameter PEM File. SSL Diffie-Hellman Strong Encryption Parameter File (PEM Encoded). 2.
Page 188 GS108T and GS110TP Smart Switch Software Administration Manual Figure 5-12 To configure an Access Profile: 1. In the Access Profile Name field, specify the name of the access profile to be added. The maximum length is 32 characters. 2. To activate an access profile, select the Activate Profile check box. You cannot add rules to an active profile.
Page 189: Access Rule Configuration
GS108T and GS110TP Smart Switch Software Administration Manual The Profile Summary table shows the rules that are configured for the profile, as the following table describes. Table 5-3. Profile Summary Fields Field Description Rule Type Identifies the action the rule takes, which is either Permit or Deny. Service Type Displays the type of service to allow or prohibit from accessing the switch management interface:...
Page 190 GS108T and GS110TP Smart Switch Software Administration Manual Figure 5-13 Before you create access rules, make sure: • An access profile exists. • The access profile is deactivated. To configure access profile rules: 1. To add an access profile rule, configure the following settings and click Add. •...
Page 191: Port Authentication
GS108T and GS110TP Smart Switch Software Administration Manual • Source IP Address. Specify the IP Address of the client originating the management traffic. • Mask. Specify the subnet mask associated with the IP address. The subnet mask is a standard subnet mask, and not an inverse (wildcard) mask that you use with IP ACLs. •...
Page 192: 802.1X Configuration
GS108T and GS110TP Smart Switch Software Administration Manual From the Port Authentication link, you can access the following pages: • Basic: • “802.1X Configuration” on page 5-24 • Advanced: • “Port Authentication” on page 5-25 • “Port Summary” on page 5-30 802.1X Configuration Use the 802.1X Configuration page to enable or disable port access control on the system.
Page 193: Port Authentication
GS108T and GS110TP Smart Switch Software Administration Manual Note: If 802.1X is enabled, authentication is performed by a RADIUS server. This means the primary authentication method must be RADIUS. To set the method, go to Security > Management Security > Authentication List and select RADIUS as method 1 for defaultList.
Page 194 GS108T and GS110TP Smart Switch Software Administration Manual Figure 5-15 Figure 5-16 5-26 Managing Device Security v1.0, April 2010...
Page 195 GS108T and GS110TP Smart Switch Software Administration Manual To configure 802.1X settings for the port: 1. Select the check box next to the port to configure. You can also select multiple check boxes to apply the same settings to the select ports, or select the check box in the heading row to apply the same settings to all ports.
Page 196 GS108T and GS110TP Smart Switch Software Administration Manual • Resending EAP. This input field allows you to configure the transmit period for the selected port. The transmit period is the value, in seconds, of the timer used by the authenticator state machine on the specified port to determine when to send an EAPOL EAP Request/Identify frame to the supplicant.
Page 197 GS108T and GS110TP Smart Switch Software Administration Manual • Aborting • Held • ForceAuthorized • ForceUnauthorized • Backend State. This field displays the current state of the backend authentication state machine. Possible values are as follows: • Request • Response •...
Page 198: Port Summary
GS108T and GS110TP Smart Switch Software Administration Manual Port Summary Use the Port Summary page to view information about the port access control settings on a specific port. To access the Port Summary page, click Security  Port Authentication  Advanced  Port Summary.
Page 199 GS108T and GS110TP Smart Switch Software Administration Manual The following table describes the fields on the Port Summary page. Table 5-4. Port Summary Fields Field Description Port The port whose settings are displayed in the current table row. Control Mode Defines the port authorization state.
Page 200: Traffic Control
GS108T and GS110TP Smart Switch Software Administration Manual Traffic Control From the Traffic Control link, you can configure MAC Filters, Storm Control, Port Security, and Protected Port settings. To display the page, click the Security  Traffic Control tab. The Traffic Control folder contains links to the following features: •...
Page 201 GS108T and GS110TP Smart Switch Software Administration Manual Figure 5-18 To configure MAC filter settings: 1. To configure a new MAC filter: a. Select Create Filter from the MAC Filter menu. If no filters have been configured, this is the only option available. b.
Page 202: Mac Filter Summary
GS108T and GS110TP Smart Switch Software Administration Manual e. Click the orange bar to display the available ports and select the port(s) you to include in the outbound filter. Packets with the MAC address and VLAN ID you selected will be transmitted only out of ports that are in the list.
Page 203: Storm Control
GS108T and GS110TP Smart Switch Software Administration Manual The following table describes the information displayed on the page: Table 5-5. MAC Filter Summary Fields Field Description MAC Address Identifies the MAC address that is filtered. VLAN ID The VLAN ID used with the MAC address to fully identify packets you want filtered. You can only change this field when you have selected the Create Filter option.
Page 204 GS108T and GS110TP Smart Switch Software Administration Manual Figure 5-20 To configure storm control settings: 1. Select the check box next to the port to configure. Select multiple check boxes to apply the same setting to all selected ports. Select the check box in the heading row to apply the same settings to all ports.
Page 205: Port Security Configuration
GS108T and GS110TP Smart Switch Software Administration Manual • Multicast. If the rate of L2 multicast traffic ingressing on an interface increases beyond the configured threshold, the traffic will be dropped. • Broadcast. If the rate of L2 broadcast traffic ingressing on an interface increases beyond the configured threshold, the traffic will be dropped.
Page 206: Port Security Interface Configuration
GS108T and GS110TP Smart Switch Software Administration Manual To configure the global port security mode: 1. In the Port Security Mode field, select the appropriate radio button to enable or disable port security on the switch. 2. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch.
Page 207 GS108T and GS110TP Smart Switch Software Administration Manual Figure 5-22 To configure port security settings: 1. To configure port security settings for a physical port, click PORTS. 2. To configure port security settings for a Link Aggregation Group (LAG), click LAGS. 3.
Page 208: Security Mac Address
GS108T and GS110TP Smart Switch Software Administration Manual • Max Allowed Statically Locked MAC. Sets the maximum number of statically locked MAC addresses on the selected interface. Valid range is 0–20. • Enable Violation Traps. Enables or disables the sending of new violation traps designating when a packet with a disallowed MAC address is received on a locked port.
Page 209: Protected Ports Membership
GS108T and GS110TP Smart Switch Software Administration Manual The Dynamic MAC Address Table shows the MAC addresses and their associated VLANs learned on the selected port. Use the Port List menu to select the interface for which you want to display data.
Page 210: Configuring Access Control Lists
GS108T and GS110TP Smart Switch Software Administration Manual 2. Click the box below each port to configure as a protected port. Protected ports are marked with an X. No traffic forwarding is possible between two protected ports. 3. Click Refresh to refresh the page with the most current data from the switch. 4.
Page 211: Acl Wizard
GS108T and GS110TP Smart Switch Software Administration Manual ACL Wizard The ACL Wizard simplifies the ACL rule configuration process. The Wizard contains a short list of access criteria that you can either permit or deny. When you select the permit or deny link associated with the access criteria, you are redirected to a page that is automatically configured with several of the settings.
Page 212: Mac Acl
GS108T and GS110TP Smart Switch Software Administration Manual • To permit or deny traffic based on the TCP or UDP Source Port ID, create an Extended ACL. • To permit or deny traffic based on the TCP or UDP Destination Port ID, create an Extended ACL.
Page 213 GS108T and GS110TP Smart Switch Software Administration Manual Figure 5-26 The MAC ACL table displays the number of ACLs currently configured in the switch and the maximum number of ACLs that can be configured. The current size is equal to the number of configured IPv4 ACLs plus the number of configured MAC ACLs.
Page 214: Mac Rules
GS108T and GS110TP Smart Switch Software Administration Manual MAC Rules Use the MAC Rules page to define rules for MAC-based ACLs. The access list definition includes rules that specify whether traffic matching the criteria is forwarded normally or discarded. A default 'deny all' rule is the last rule of every list.
Page 215 GS108T and GS110TP Smart Switch Software Administration Manual • Destination MAC. Requires an Ethernet frame’s destination port MAC address to match the address listed here. Enter a MAC address in this field. The valid format is xx:xx:xx:xx:xx:xx. • Destination MAC Mask. If desired, enter the MAC Mask associated with the Destination MAC to match.
Page 216: Mac Binding Configuration
GS108T and GS110TP Smart Switch Software Administration Manual MAC Binding Configuration When an ACL is bound to an interface, all the rules that have been defined are applied to the selected interface. Use the MAC Binding Configuration page to assign MAC ACL lists to ACL Priorities and Interfaces.
Page 217: Mac Binding Table
GS108T and GS110TP Smart Switch Software Administration Manual 3. Click the appropriate orange bar to expose the available ports or LAGs. • To add the selected ACL to a port or LAG, click the box directly below the port or LAG number so that an X appears in the box.
Page 218: Ip Acl
GS108T and GS110TP Smart Switch Software Administration Manual The following table describes the information displayed in the MAC Binding Table. Table 5-8. MAC ACL Rule Configuration Fields Field Description Interface Displays the interface to which the MAC ACL is bound. Direction Specifies the packet filtering direction for ACL.
Page 219 GS108T and GS110TP Smart Switch Software Administration Manual The IP ACL area shows the current size of the ACL table versus the maximum size of the ACL table. The current size is equal to the number of configured IPv4 plus the number of configured MAC ACLs.
Page 220: Ip Rules
GS108T and GS110TP Smart Switch Software Administration Manual IP Rules Use the IP Rules page to define rules for IP-based standard ACLs. The access list definition includes rules that specify whether traffic matching the criteria is forwarded normally or discarded. Note: There is an implicit “deny all”...
Page 221: Ip Extended Rule
GS108T and GS110TP Smart Switch Software Administration Manual • Assign Queue ID. Specifies the hardware egress queue identifier used to handle all packets matching this ACL rule. Enter an identifying number from 0–3 in the appropriate field. • Match Every. Requires a packet to match the criteria of this ACL. Select True or False from the drop down menu.
Page 222 GS108T and GS110TP Smart Switch Software Administration Manual Figure 5-31 To configure rules for an IP ACL: 1. To add an IP ACL rule, select the ACL ID to add the rule to, select the check box in the Extended ACL Rule table, and click Add. The page displays the extended ACL Rule Configuration fields, as Figure 5-32 on page 5-55 shows.
Page 223 GS108T and GS110TP Smart Switch Software Administration Manual Figure 5-32 2. Configure the new rule. • Rule ID. Specify a number from 1–10 to identify the IP ACL rule. You can create up to 10 rules for each ACL. • Action.
Page 224 GS108T and GS110TP Smart Switch Software Administration Manual • Protocol Type. Requires a packet’s protocol to match the protocol listed here. Select a type from the drop down menu or enter the protocol number in the available field. • Src IP Address. Requires a packet’s source IP address to match the address listed here. Type an IP Address in the appropriate field using dotted-decimal notation.
Page 225 GS108T and GS110TP Smart Switch Software Administration Manual • Service Type. Choose one of the Service Type match conditions for the extended IP ACL rule. The possible values are IP DSCP, IP precedence, and IP TOS, which are alternative ways of specifying a match criterion for the same Service Type field in the IP header, however each uses a different user notation.
Page 226: Ip Binding Configuration
GS108T and GS110TP Smart Switch Software Administration Manual IP Binding Configuration When an ACL is bound to an interface, all the rules that have been defined are applied to the selected interface. Use the IP Binding Configuration page to assign ACL lists to ACL Priorities and Interfaces.
Page 227: Ip Binding Table
GS108T and GS110TP Smart Switch Software Administration Manual 3. Click the appropriate orange bar to expose the available ports or LAGs. • To add the selected ACL to a port or LAG, click the box directly below the port or LAG number so that an X appears in the box.
Page 228 GS108T and GS110TP Smart Switch Software Administration Manual The following table describes the information displayed in the MAC Binding Table. Table 5-9. IP ACL Binding Table Fields Field Description Interface Displays the interface to which the IP ACL is bound. Direction Specifies the packet filtering direction for ACL.
Page 229: Monitoring The System
Chapter 6 Monitoring the System Use the features available from the Monitoring tab to view a variety of information about the switch and its ports and to configure how the switch monitors events. The Monitoring tab contains links to the following features: •...
Page 230 GS108T and GS110TP Smart Switch Software Administration Manual Figure 6-1 The following table describes the Switch Statistics displayed on the screen. Table 6-1. Switch Statistics Fields Field Description ifIndex This object indicates the ifIndex of the interface table entry associated with the processor of this switch.
Page 231 GS108T and GS110TP Smart Switch Software Administration Manual Table 6-1. Switch Statistics Fields (continued) Field Description Multicast Packets Received The total number of packets received that were directed to a multicast address. This number does not include packets directed to the broadcast address.
Page 232: Port Statistics
GS108T and GS110TP Smart Switch Software Administration Manual Table 6-1. Switch Statistics Fields (continued) Field Description VLAN Deletes The number of VLANs on this switch that have been created and then deleted since the last reboot. Time Since Counters Last The elapsed time, in days, hours, minutes, and seconds, since the statistics Cleared for this switch were last cleared.
Page 233: Port Detailed Statistics
GS108T and GS110TP Smart Switch Software Administration Manual The following table describes the per-port statistics displayed on the screen. Table 6-2. Port Statistics Fields Field Description Interface Lists the ports on the system. Total Packets Received The total number of packets received that were without errors. Without Errors Packets Received With The number of inbound packets that contained errors preventing them from...
Page 234 GS108T and GS110TP Smart Switch Software Administration Manual Figure 6-3 The following table describes the detailed port information displayed on the screen. To view information about a different port, select the port number from the Interface menu. Table 6-3. Port Detailed Statistics Fields Field Description Interface...
Page 235 GS108T and GS110TP Smart Switch Software Administration Manual Table 6-3. Port Detailed Statistics Fields (continued) Field Description ifIndex This field indicates the ifIndex of the interface table entry associated with this port on an adapter. Port Type For most ports this field is blank. Otherwise the possible values are: •...
Page 236 GS108T and GS110TP Smart Switch Software Administration Manual Table 6-3. Port Detailed Statistics Fields (continued) Field Description Physical Mode Indicates the port speed and duplex mode. In auto-negotiation mode, the duplex mode and speed are set from the auto-negotiation process. Physical Status Indicates the port speed and duplex mode status.
Page 237 GS108T and GS110TP Smart Switch Software Administration Manual Table 6-3. Port Detailed Statistics Fields (continued) Field Description Packets Received 65-127 The total number of packets (including bad packets) received that were Octets between 65 and 127 octets in length inclusive (excluding framing bits but including FCS octets).
Page 238 GS108T and GS110TP Smart Switch Software Administration Manual Table 6-3. Port Detailed Statistics Fields (continued) Field Description Fragments Received The total number of packets received that were less than 64 octets in length with ERROR CRC (excluding framing bits but including FCS octets). Undersize Received The total number of packets received that were less than 64 octets in length with GOOD CRC (excluding framing bits but including FCS octets).
Page 239 GS108T and GS110TP Smart Switch Software Administration Manual Table 6-3. Port Detailed Statistics Fields (continued) Field Description Packets Transmitted 64 The total number of packets (including bad packets) transmitted that were 64 Octets octets in length (excluding framing bits but including FCS octets). Packets Transmitted 65- The total number of packets (including bad packets) transmitted that were 127 Octets...
Page 240 GS108T and GS110TP Smart Switch Software Administration Manual Table 6-3. Port Detailed Statistics Fields (continued) Field Description Underrun Errors The total number of frames discarded because the transmit FIFO buffer became empty during frame transmission. Total Transmit Packets The sum of single collision frames discarded, multiple collision frames Discarded discarded, and excessive frames discarded.
Page 241: Eap Statistics
GS108T and GS110TP Smart Switch Software Administration Manual EAP Statistics Use the EAP Statistics page to display information about EAP packets received on a specific port. To display the EAP Statistics page, click the Monitoring  Ports tab, and then click the EAP Statistics link.
Page 242: System Logs
GS108T and GS110TP Smart Switch Software Administration Manual Table 6-4. EAP Statistics Fields (continued) Field Description Invalid Frames Received Displays the number of unrecognized EAPOL frames received on this port. Length Error Frames Displays the number of EAPOL frames with an invalid Packet Body Received Length received on this port.
Page 243: Memory Logs
GS108T and GS110TP Smart Switch Software Administration Manual Memory Logs The in-memory log stores messages in memory based upon the settings for message component and severity. Use the Memory Logs page to set the administrative status and behavior of logs in the system buffer.
Page 244 GS108T and GS110TP Smart Switch Software Administration Manual • Stop on Full: When the buffer is full, the system stops logging new messages and preserves all existing log messages. 3. If you change the buffered log settings, click Apply to apply the changes to the system and the changes will be saved.
Page 245: Flash Log Configuration
GS108T and GS110TP Smart Switch Software Administration Manual FLASH Log Configuration The FLASH log is a log that is stored in persistent storage, which means that the log messages are retained across a switch reboot. • The first log type is the system startup log. The system startup log stores the first N messages received after system reboot.
Page 246 GS108T and GS110TP Smart Switch Software Administration Manual To configure the FLASH Log settings: 1. Use the radio buttons in the Admin Status field to determine whether to log messages to persistent storage. • Enable: Enables persistent logging. • Disable: Prevents the system from logging messages in persistent storage. 2.
Page 247: Server Log Configuration
GS108T and GS110TP Smart Switch Software Administration Manual Server Log Configuration Use the Server Log Configuration page to allow the switch to send log messages to the remote logging hosts configured on the system. To access the Server Log Configuration page, click the Monitoring  Logs tab, and then click the Server Log link.
Page 248 GS108T and GS110TP Smart Switch Software Administration Manual The Server Log Configuration area also displays the following information: • The Messages Relayed field shows the number of messages forwarded by the syslog function to a syslog host. Messages forwarded to multiple hosts are counted once for each host. •...
Page 249: Trap Logs
GS108T and GS110TP Smart Switch Software Administration Manual 4. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. The Status field in the Server Configuration table shows whether the remote logging host is currently active.
Page 250: Event Logs
GS108T and GS110TP Smart Switch Software Administration Manual Table 6-6. Trap Log Statistics (continued) Field Description Trap Log Capacity The maximum number of traps stored in the log. If the number of traps exceeds the capacity, the entries will overwrite the oldest entries. Number of Traps The number of traps that have occurred since the traps were last displayed.
Page 251 GS108T and GS110TP Smart Switch Software Administration Manual Figure 6-9 The following table describes the Event Log information displayed on the screen. Table 6-8. Event Log Fields Field Description Entry The number of the entry within the event log. The most recent entry is first. Type Specifies the type of entry.
Page 252: Port Mirroring
GS108T and GS110TP Smart Switch Software Administration Manual Port Mirroring The page under the Mirroring link allows you to view and configure port mirroring on the system. Multiple Port Mirroring Port mirroring selects the network traffic for analysis by a network analyzer. This is done for specific ports of the switch.
Page 253 GS108T and GS110TP Smart Switch Software Administration Manual To configure Port Mirroring: 1. Select the check box next to a port to configure it as a source port. 2. In the Destination Port field, specify the port to which port traffic is be copied. Use the g1, g2,...format to specify the port.
Page 254 GS108T and GS110TP Smart Switch Software Administration Manual 6-26 Monitoring the System v1.0, April 2010...
Page 255: Maintenance
Chapter 7 Maintenance Use the features available from the Maintenance tab to help you manage the switch. The Maintenance tab contains links to the following features: • “Reset” on page 7-1 • “Upload File From Switch” on page 7-3 • “Download File To Switch”...
Page 256: Factory Default
GS108T and GS110TP Smart Switch Software Administration Manual Figure 7-1 To reboot the switch: 1. Select the check box on the page. 2. Click Apply. The switch resets immediately. The management interface is not available until the switch completes the boot cycle. After the switch resets, the login screen appears. Factory Default Use the Factory Default page to reset the system configuration to the factory default values.
Page 257: Upload File From Switch
GS108T and GS110TP Smart Switch Software Administration Manual To access the Factory Defaults page, click Maintenance  Reset  Factory Default. Figure 7-2 To reset the switch to the factory default settings: 1. Select the check box on the page. 2.
Page 258 GS108T and GS110TP Smart Switch Software Administration Manual To display the File Upload page, click Maintenance  Upload  File Upload. Figure 7-3 To upload a file from the switch to the TFTP server: 1. Use the File Type menu to specify the type of file you want to upload: •...
Page 259: Download File To Switch
GS108T and GS110TP Smart Switch Software Administration Manual 5. In the Transfer File Path field, specify the path on the TFTP server where you want to put the file. You may enter up to 32 characters. Include the backslash at the end of the path. A path name with a space is not accepted.
Page 260 GS108T and GS110TP Smart Switch Software Administration Manual To access the TFTP File Download page, click Maintenance  Download  TFTP File Download. Figure 7-4 Before you download a file to the switch, the following conditions must be true: • The file to download from the TFTP server is on the server in the appropriate directory.
Page 261 GS108T and GS110TP Smart Switch Software Administration Manual • Boot Code: The boot code used to automatically boot the system. • SSL Trusted Root Certificate PEM File: SSL Trusted Root Certificate File (PEM Encoded). • SSL Server Certificate PEM File: SSL Server Certificate File (PEM Encoded). •...
Page 262: Http File Download
GS108T and GS110TP Smart Switch Software Administration Manual HTTP File Download Use the HTTP File Download page to download files of various types to the switch using an HTTP session (for example, via your Web browser). To display this page, click Maintenance  Download  HTTP File Download. Figure 7-5 To download a file to the switch from by using HTTP: 1.
Page 263: File Management
GS108T and GS110TP Smart Switch Software Administration Manual • SSL Trusted Root Certificate PEM File: SSL Trusted Root Certificate File (PEM Encoded). • SSL Server Certificate PEM File: SSL Server Certificate File (PEM Encoded). • SSL DH Weak Encryption Parameter PEM File: SSL Diffie-Hellman Weak Encryption Parameter File (PEM Encoded).
Page 264: Dual Image Configuration
GS108T and GS110TP Smart Switch Software Administration Manual Dual Image Configuration The system running a legacy software version will ignore (not load) a configuration file created by the newer software version. When a configuration file created by the newer software version is discovered by the system running an older version of the software, the system will display an appropriate warning to the user.
Page 265: Dual Image Status
GS108T and GS110TP Smart Switch Software Administration Manual Note: After activating an image, you must perform a system reset of the switch in order to run the new code. 4. To remove the selected image from permanent storage on the switch, select the Delete Image check box.
Page 266: Troubleshooting
GS108T and GS110TP Smart Switch Software Administration Manual The following table describes the information on the Dual Image Status page. Table 7-1. Dual Image Status Fields Field Description Unit The unit ID of the switch is always 1. Image1 Ver Displays the version of the image1 code file.
Page 267 GS108T and GS110TP Smart Switch Software Administration Manual Figure 7-8 To configure the settings and ping a host on the network: 1. In the Hostname/IP Address field, specify the IP address or the hostname of the station you want the switch to ping. The initial value is blank. This information is not retained across a power cycle.
Page 268: Traceroute
GS108T and GS110TP Smart Switch Software Administration Manual Traceroute Use the Traceroute utility to discover the paths that a packet takes to a remote destination. To display this page, click Maintenance  Troubleshooting  Traceroute. Figure 7-9 To configure the Traceroute settings and send probe packets to discover the route to a host on the network: 1.
Page 269 GS108T and GS110TP Smart Switch Software Administration Manual • InitTTL. Specify the initial time-to-live for a packet in number of hops. The valid range is 0– 255. • MaxFail. Specify the maximum number of failures allowed in the session. The valid range is 0–255.
Page 270 GS108T and GS110TP Smart Switch Software Administration Manual 7-16 Maintenance v1.0, April 2010...
Page 271: Help
Use the Support page to connect to the Online Support site at netgear.com. To access the Support page, click Help  Support. Figure 8-1 To connect to the NETGEAR support site for the GS108T or GS110TP, click Apply. v1.0, April 2010...
Page 272: User Guide
User Guide Use the User Guide page to access the GS108T and GS110TP Smart Switch Software Administration Manual (the guide you are now reading) that is available on the NETGEAR Website. To access the User Guide page, click Help  User Guide.
Page 273: Hardware Specifications And Default Values
Appendix A Hardware Specifications and Default Values GS108T Gigabit Smart Switch and GS110TP Gigabit Smart Switch Specifications The GS108T Gigabit Smart Switch and GS110TP Gigabit Smart Switch conform to the TCP/IP, UDP, HTTP, ICMP, TFTP, DHCP, IEEE 802.1D, IEEE 802.1p, and IEEE 802.1Q standards. Table A-1.
Page 274: Gs108T And Gs110Tp Switch Features And Defaults
GS108T and GS110TP Smart Switch Software Administration Manual Table A-3. GS108T and GS110TP Switch Performance Feature Value Switching capacity Non-Blocking Full WireSpeed on all packet sizes Forwarding method Store and Forward Packet forwarding rate 10M:14,880 pps/ 100M:148,810 pps/ 1G:1,488,000 pps MAC addresses Green Ethernet Power consumption savings by cable length (<10m)
Page 275 GS108T and GS110TP Smart Switch Software Administration Manual Table A-5. Traffic Control Feature Sets Supported Default Storm control All ports Disabled Jumbo frame All ports Disabled Max = 9216 bytes Table A-6. Quality Of Service Feature Sets Supported Default Number of queues Port based 802.1p Enabled...
Page 276 GS108T and GS110TP Smart Switch Software Administration Manual Table A-8. System Setup Feature Sets Supported Default Boot code update DHCP/manual IP DHCP enabled/192.168.0.239 Default gateway 192.168.0.254 System name configuration NULL Configuration save/restore Firmware upgrade Restore defaults 1 (Web and front-panel button) Dual image support Enabled Factory reset...
Page 277 GS108T and GS110TP Smart Switch Software Administration Manual Table A-10. Other Features Feature Sets Supported Default IGMP snooping v1/v2 All ports Disabled Configurations upload/download EAPoL flooding All ports Disabled BPDU flooding All ports Disabled Static multicast groups Disabled Filter multicast control Disabled Hardware Specifications and Default Values v1.0, April 2010...
Page 278 GS108T and GS110TP Smart Switch Software Administration Manual Hardware Specifications and Default Values v1.0, April 2010...
Page 279: Appendix B Configuration Examples
Appendix B Configuration Examples This chapter contains information about how to configure the following features: • “Virtual Local Area Networks (VLANs)” on page B-1 • “Access Control Lists (ACLs)” on page B-4 • “Differentiated Services (DiffServ)” on page B-7 • “802.1X”...
Page 280 GS108T and GS110TP Smart Switch Software Administration Manual VLANs have a number of advantages: • It is easy to do network segmentation. Users that communicate most frequently with each other can be grouped into common VLANs, regardless of physical location. Each group’s traffic is contained largely within the VLAN, reducing extraneous traffic and improving the efficiency of the whole network.
Page 281: Vlan Example Configuration
GS108T and GS110TP Smart Switch Software Administration Manual VLAN Example Configuration This example demonstrates several scenarios of VLAN use and describes how the switch handles tagged and untagged traffic. In this example, you create two new VLANs, change the port membership for default VLAN 1, and assign port members to the two new VLANs: 1.
Page 282: Access Control Lists (Acls
GS108T and GS110TP Smart Switch Software Administration Manual Access Control Lists (ACLs) ACLs ensure that only authorized users have access to specific resources while blocking off any unwarranted attempts to reach network resources. ACLs are used to provide traffic flow control, restrict contents of routing updates, decide which types of traffic are forwarded or blocked, and provide security for the network.
Page 283 GS108T and GS110TP Smart Switch Software Administration Manual 2. From the MAC Rules screen, create a rule for the Sales_ACL with the following settings: • ID: 1 • Action: Permit • Assign Queue: 0 • Match Every: False • CoS: 0 •...
Page 284: Standard Ip Acl Example Configuration
GS108T and GS110TP Smart Switch Software Administration Manual You can assign an optional sequence number to indicate the order of this access list relative to other access lists if any are already assigned to this interface and direction. 4. The MAC Binding Table displays the interface and MAC ACL binding information (See “MAC Binding Table”...
Page 285: Differentiated Services (Diffserv
GS108T and GS110TP Smart Switch Software Administration Manual 6. From the IP Binding Configuration page, assign ACL ID 1 to the interface gigabit ports 2, 3, and 4, and assign a sequence number of 1 (See “IP Binding Configuration” on page 5-58).
Page 286: Class
GS108T and GS110TP Smart Switch Software Administration Manual The DiffServ feature contains a number of conceptual QoS building blocks you can use to construct a differentiated service network. Use these same blocks in different ways to build other types of QoS architectures. There are 3 key QoS building blocks needed to configure DiffServ: •...
Page 287: Creating Policies
GS108T and GS110TP Smart Switch Software Administration Manual You can combine these classifiers with logical AND or OR operations to build complex MF- classifiers (by specifying a class type of all or any, respectively). That is, within a single class, multiple match criteria are grouped together as an AND expression or a sequential OR expression, depending on the defined class type.
Page 288: Diffserv Example Configuration
GS108T and GS110TP Smart Switch Software Administration Manual • Policing: a method of constraining incoming traffic associated with a particular class so that it conforms to the terms of the TCS. Special treatment can be applied to out-of-profile packets that are either in excess of the conformance specification or are non-conformant. The DiffServ feature supports the following types of traffic policing treatments (actions): •...
Page 289 GS108T and GS110TP Smart Switch Software Administration Manual 3. Configure the following settings for Class1: • Protocol Type: UDP • Source IP Address: 192.12.1.0 • Source Mask: 255.255.255.0 • Source L4 Port: Other, and enter 4567 as the source port value •...
Page 290 GS108T and GS110TP Smart Switch Software Administration Manual On this network, traffic from streaming applications uses UDP port 4567 as the source and 4568 as the destination. This real-time traffic is time sensitive, so it is assigned to a high-priority hardware queue.
Page 291 GS108T and GS110TP Smart Switch Software Administration Manual The ports of an 802.1X authenticator switch provide the means in which it can offer services to other systems reachable via the LAN. Port-based network access control allows the operation of a switch’s ports to be controlled in order to ensure that access to its services is only permitted by systems that are authorized to do so.
Page 292: 802.1X Example Configuration
GS108T and GS110TP Smart Switch Software Administration Manual Authenticator Supplicant Switch Authentication Server (RADIUS) 192.168.10.23 Supplicant Figure B-2 802.1X Example Configuration This example shows how to configure the switch so that 802.1X-based authentication is required on the ports in a corporate conference room (g5–g8). These ports are available to visitors and need to be authenticated before granting access to the network.
Page 293: Mstp
GS108T and GS110TP Smart Switch Software Administration Manual This example uses the default values for the port authentication settings, but there are several additional settings that you can configure. For example, the EAPOL Flood Mode field allows you to enable the forwarding of EAPoL frames when 802.1X is disabled on the device. 6.
Page 294 GS108T and GS110TP Smart Switch Software Administration Manual The MSTP algorithm and protocol provides simple and full connectivity for frames assigned to any given VLAN throughout a Bridged LAN comprising arbitrarily interconnected networking devices, each operating MSTP, STP or RSTP. MSTP allows frames assigned to different VLANs to follow separate paths, each based on an independent Multiple Spanning Tree Instance (MSTI), within Multiple Spanning Tree (MST) Regions composed of LANs and or MSTP Bridges.
Page 295: Mstp Example Configuration
GS108T and GS110TP Smart Switch Software Administration Manual To support multiple spanning trees, a MSTP bridge has to be configured with an unambiguous assignment of VLAN IDs (VIDs) to spanning trees. This is achieved by: 1. Ensuring that the allocation of VIDs to FIDs is unambiguous. 2.
Page 296 GS108T and GS110TP Smart Switch Software Administration Manual Ports g1-g5 Ports g1-g5 Connected to Hosts Connected to Hosts Ports g6-g8 Connected to Switch 2 and 3 Ports g6-g8 Switch 1 Connected to Root Bridge Switch 1 and 3 Switch 2 Ports g6-g8 Connected to Switch 1 and 2 Switch 3...
Page 297 GS108T and GS110TP Smart Switch Software Administration Manual Note: Bridge priority values are multiples of 4096. If you do not specify a root bridge and all switches have the same Bridge Priority value, the switch with the lowest MAC address is elected as the root bridge (see “CST Configuration”...
Page 298 GS108T and GS110TP Smart Switch Software Administration Manual Switch 2 use VLAN 500, MST instance 2 to communicate with the hosts on Switch 3 directly. Likewise, hosts of Switch 1 use VLAN 300, MST instance 1 to communicate with the hosts on Switch 3 directly.
Page 299: Index
GS108T and GS110TP Smart Switch Software Administration Manual Index Numerics 2-15 Dual Image 7-10 802.1X 5-24 Dynamic Address 3-55 example configuration B-12 Dynamic Host 2-17 Global 3-40 access control Green Ethernet 2-17 ACL example configuration HTTP 5-15 ACLs 5-42 IGMP Snooping 3-39 management interface 5-14...
Page 300 GS108T and GS110TP Smart Switch Software Administration Manual VLAN Port Membership HTTP 3-12 5-15 management interface access customer support secure 1-ii 5-14 using to download files HTTPS 5-16 defaults factory ICMP 2-12 IEEE 802.11x 1-21 B-12 Device View IEEE 802.1AB 1-18 2-31 DHCP...
Page 301 GS108T and GS110TP Smart Switch Software Administration Manual neighbors information 2-40 packets 2-33 RADIUS port settings 2-33 server LLDP-MED 2-31 statistics reboot registering 2-39 3-29 3-39 1-ii reset 5-44 bridge identifier button 3-33 CPU Management Interface configuration to defaults 1-21 dynamic address switch 3-55...
Page 302 GS108T and GS110TP Smart Switch Software Administration Manual manager 2-28 Unicast upload configuration TACACS+ video 3-11 folder 5-10 VLAN 3-10 settings 5-10 example configuration technical support 1-ii guest 5-25 5-27 B-12 Time 3-10 configure through SNTP management managing 3-10 time Port VLAN ID 3-14 clock source...

This manual is also suitable for:

Gs108tv2 - prosafe gigabit smart switch coming soon Gs110tp Gs108t

NETGEAR GS108T-200NAS Software Administration Manual

About this Manual

Chapter 1 Getting Started

Chapter 2 Configuring System Information

Chapter 3 Configuring Switching Information

Chapter 4 Configuring Quality of Service

Chapter 5 Managing Device Security

Chapter 6 Monitoring the System

Chapter 7 Maintenance

Chapter 8 Help

Appendix A Hardware Specifications and Default Values

Appendix B Configuration Examples

Index

Quick Links

Related Manuals for NETGEAR GS108T-200NAS

Summary of Contents for NETGEAR GS108T-200NAS