1. Manuals
  2. Brands
  3. Planet Manuals
  4. Switch
  5. WGSW-24000
  6. User manual

Planet WGSW-24000 User Manual

24-port 10/100/1000mbps ethernet security switch
Hide thumbs Also See for WGSW-24000:
Table of Contents

Advertisement

Quick Links

Download this manual See also: User Manual
24-Port 10/100/1000Mbps
Ethernet Security Switch
WGSW-24000
User's Manual

Advertisement

Table of Contents
loading

Related Manuals for Planet WGSW-24000

Summary of Contents for Planet WGSW-24000

  • Page 1 24-Port 10/100/1000Mbps Ethernet Security Switch WGSW-24000 User's Manual...

  • Page 2: Fcc Warning

    PLANET has made every effort to ensure that this User's Manual is accurate; PLANET disclaims liability for any inaccuracies or omissions that may have occurred.

  • Page 3: Table Of Contents

    Table of Contents 1. INTRODUCTION ......................... 12 Packet Contents....................12 How to Use This Manual..................12 Product Feature ....................12 Product Specification ..................13 2. INSTALLATION........................15 2.1 Product Description....................15 2.1.1 Product Overview..................15 2.1.2 Switch Front Panel ..................15 2.1.3 LED Indications .....................
  • Page 4 6.2 Mode-based Command Hierarchy................33 6.3 Flow of Operation...................... 35 6.4 "No" Form of a Command..................36 6.4.1 Support for "No" Form................... 36 6.4.2 Behavior of Command Help ("?") ..............36 7. CLI Commands: Base ......................38 7.1 System Information and Statistics Commands ............38 7.1.1 show arp switch.....................
  • Page 5 7.5.10 serial baudrate .................... 53 7.5.11 serial timeout ....................53 7.5.12 set prompt ....................54 7.5.13 show forwardingdb agetime ................ 54 5.7.14 show network ....................54 7.5.15 show remotecon..................55 7.5.16 show serial ....................55 7.5.17 show snmpcommunity................. 56 7.5.18 show snmptrap.................... 56 7.5.19 show trapflags .....................
  • Page 6 7.6.14 port lacpmode all..................67 7.6.15 port-channel ....................67 7.6.16 port-channel adminmode ................67 7.6.17 port-channel linktrap..................67 7.6.18 port-channel name ..................68 7.6.19 protocol group ..................... 68 7.6.20 protocol vlan group..................68 7.6.21 protocol vlan group all ................. 69 7.6.22 set garp timer join..................
  • Page 7 7.6.52 show vlan port ..................... 82 7.6.53 shutdown ..................... 83 7.6.54 shutdown all ....................83 7.6.55 snmp trap link-status ................... 83 7.6.56 snmp trap link-status all ................83 7.6.57 spanning-tree ....................84 7.6.58 spanning-tree bpdumigrationcheck ............. 84 7.6.59 description ....................84 7.6.60 speed......................
  • Page 8 7.8.1 clear config ....................95 7.8.2 clear counters....................95 7.8.3 clear igmpsnooping ..................95 7.8.4 clear pass ...................... 95 7.8.5 clear port-channel ..................96 7.8.6 clear traplog....................96 7.8.7 clear vlan ....................... 96 7.8.8 copy....................... 96 7.8.9 logout......................97 7.8.10 ping......................97 7.8.11 reload......................
  • Page 9 8.5.2 bandwidth percent..................109 8.5.3 class ......................110 8.5.4 expedite kbps ....................110 8.5.5 expedite percent...................111 8.5.6 mark ip-dscp....................111 8.5.7 mark ip-precedence ..................111 8.5.8 police-simple ....................112 8.5.9 police-single-rate..................112 8.5.10 police-two-rate....................113 8.5.11 policy-map ....................113 8.5.12 policy-map rename..................114 8.5.13 randomdrop ....................114 8.5.14 shape bps-average ..................115 8.5.15 shape bps-peak..................115 8.6 Service Commands....................116 8.6.1 service-policy....................116...
  • Page 10 9.1.9 dot1x port-control All ................... 127 9.1.10 dot1x re-authenticate ................128 9.1.11 dot1x re-authentication................128 9.1.12 dot1x system-auth-control................. 128 9.1.13 dot1x timeout..................... 128 9.1.15 radius accounting mode ................130 9.1.16 radius server host..................130 9.1.17 radius server key..................131 9.1.18 radius server msgauth................131 9.1.19 radius server primary ................
  • Page 11 10.1.2 show spanning-tree interface ..............143 10.1.3 show spanning-tree mst detailed .............. 143 10.1.4 show spanning-tree mst port detailed ............144 10.1.5 show spanning-tree mst port summary............. 145 10.1.6 show spanning-tree mst summary ............145 10.1.7 show spanning-tree summary ..............145 10.1.8 show spanning-tree vlan ................

  • Page 12: Introduction

    The section contains specifications of the Switch. Appendices The section contains cable information of the Switch. In the following section, terms "SWITCH" with upper case denotes the WGSW-24000 Ethernet switch. Terms with lower case "switch" means any Ethernet switches. 1.3 Product Feature ▫...

  • Page 13: Product Specification

    ▫ Supports mirroring to monitor the incoming or outgoing traffic on a particular port. 1.4 Product Specification Model WGSW-24000 Network Ports 24-port RJ-45 for 10/100TX 2 mini-GBIC Speed 24-Port:10/100Mbps at half duplex, 20/200Mbps at full duplex...
  • Page 14 Storage Humidity 20% to 90%, relative humidity, non-condensing Operating Temperature 0℃~40℃, Dimension 430mm(W) x 350mm(D) x 44.5mm(H) Weight 5.0 kg FCC Class A, CE Standard Compliance IEEE802.3 10BASE-T IEEE802.3u 100BASE-TX/100BASE-FX IEEE802.3z Gigabit SX/LX IEE802.3ab Gigabit 1000T IEEE802.3x Flow Control and Back pressure IEEE802.3ad Port trunk with LACP IEEE802.1d Spanning tree protocol IIEEE802.1w Rapid spanning tree protocol...

  • Page 15: Installation

    Simple Network Management Protocol (SNMP) and can be managed via any standard-based management software. For text-based management, the WGSW-24000 can also be accessed via Telnet and the console port. For secure remote management, the WGSW-24000 support SSL and SSH connection which encrypt the packet content at each session.

  • Page 16: Led Indications

    Figure 2-2 shows the rear panel of the switch 100 ~ 240V AC 50 / 60 Hz Figure 2-2 WGSW-24000 rear panel. Power Notice: The device is a power-required device, it means, it will not work till it is powered. If your networks should active all the time, please consider using UPS (Uninterrupted Power Supply) for your device.

  • Page 17: Rack Mounting

    Step4: Connect the Switch to network devices. A. Connect one end of a standard network cable to the 10/100/1000 RJ-45 ports on the front of the Switch B. Connect the other end of the cable to the network devices such as printer servers, workstations or routers…etc.
  • Page 18 Figure 2-6 Mounting the Switch in a Rack Step6: Proceeds with the steps 4 and steps 5 of session 2.2.1 Desktop Installation to connect the network cabling and supply power to the switch.

  • Page 19: Configuration

    3. CONFIGURATION This chapter explains the methods that you can use to configure management access to the switch. It describes the types of management applications and the communication and management protocols that deliver data between your management device (work-station or personal computer) and the system. It also contains information about port connection options.

  • Page 20: Administration Console

    ‧Most visually appealing ‧May encounter lag times on poor connections ‧Communicates with switch functions at ‧Requires SNMP manager software SNMP Agent ‧Least visually appealing of all three the MIB level ‧Based on open standards methods ‧Some settings require calculations ‧Security can be compromised (hackers need only know the community name) Table 3-1 Management Methods Comparison...

  • Page 21: Snmp-Based Network Management

    you set up your IP address for the switch, you can access the switch's Web interface applications directly in your Web browser by entering the IP address of the switch. You can then use your Web browser to list and manage switch configuration parameters from one central location, just as if you were directly connected to the switch's console port.
  • Page 22 (MAPI). By unifying management methods with a single MAPI, configuration parameters set using one method (console port, for example) are immediately displayable by the other management methods (for example, SNMP agent of Web browser). The management architecture of the switch adheres to the IEEE open standard. This compliance assures customers that the switch is compatible with, and will interoperate with other solutions that adhere to the same open standard.

  • Page 23: Command Structure

    4. COMMAND STRUCTURE The Command Line Interface (CLI) syntax, conventions and terminology are described in this section. Each CLI command is illustrated using the structure outlined below. 4.1 Format Commands are followed by values, parameters, or both. Example 1 network parms <ipaddr> <netmask> [<gateway>] ▫...

  • Page 24: Values

    4.1.3 Values ipaddr This parameter is a valid IP address, made up of four decimal bytes ranging from 0 to 255. The default for all IP parameters consists of zeros (that is, 0.0.0.1). The interface IP address of 0.0.0.0 is invalid.
  • Page 25 of a comment. The comment flag character can begin a word anywhere on the command line and all input following this character is ignored. Any command line that begins with the character '!' is recognized as a comment line and ignored by the parser. Some examples are provided below: ! Script file for displaying the ip interface ! Display information about interfaces show ip interface 0/1 !Displays the information about the first interface...

  • Page 26: Quick Start Up

    5. QUICK START UP The CLI Quick Start up details procedures to quickly become acquainted with the software. 5.1 Quick Starting the Switch Read the device Installation Guide for the connectivity procedure. In-band connectivity allows access to the software locally or from a remote workstation. The device must be configured with IP information (IP address, subnet mask, and default gateway).
  • Page 27 (in Privileged EXEC) slot/port Type - Indicates if the port is a special type of port Admin Mode - Selects the Port Control Administration State Physical Mode - Selects the desired port speed and duplex mode Physical Status - Indicates the port speed and duplex mode Link Status - Indicates whether the link is up or down Link Trap - Determines whether or not to send a trap when link status changes...
  • Page 28 Privileged EXEC) Table 5-3 Quick Start up Account Management Quick Start up IP Address To view the network parameters the operator can access the device by the following three methods. ▫ Simple Network Management Protocol - SNMP ▫ Telnet ▫ Web Browser Note Helpful Hint: The user should do a “copy system:running-config nvram:startup-config”...

  • Page 29: Command Details

    IP Address range from 0.0.0.0 to 255.255.255.255 Subnet Mask range from 0.0.0.0 to 255.255.255.255 Gateway Address range from 0.0.0.0 to 255.255.255.255 Table 5-4 Quick Start up IP Address Quick Start up Uploading from Switch to Out-of-Band PC (Only XMODEM) Command Details The types are: copy {...
  • Page 30 {nvram:startup-config | or a configuration file (nvram:startup-config). system: image} The URL must be specified as: tftp://ipAddr/filepath/fileName. The nvram:startup-config option downloads the configuration file using tftp and system:image option downloads the code file. Table 5-6 Quick Start up Downloading from TFTP Server Quick Start up Factory Defaults Command Details...

  • Page 31: Mode-Based Cli

    6. MODE-BASED CLI The CLI groups all the commands in appropriate modes according to the nature of the command. A sample of the CLI command modes are described below. Each of the command modes supports specific software commands. ▫ User Exec Mode ▫...

  • Page 32: Mode-Based Topology

    user exec mode. Interface Config From the Global (Switching) (Interface-"if To exit to the Global Mode Configuration mode, number")# Config mode enter enter the interface exit. To return to user <slot/port> command EXEC mode enter ctrl-Z. Line Config Mode From the Global (Switching) (line) # To exit to the Global Configuration mode,...

  • Page 33: Mode-Based Command Hierarchy

    Root The User Exec commands are also accessible in the Privileged Exec mode User Exec Enable Password Return to Exec Correct? Prompt Privileged Exec VLAN Global Config Interface Class Map Policy Map Line Config Config Policy Class Figure 6-1 Mode-Based CLI Accessing to all commands in the Privileged Exec mode and below is restricted through a password.
  • Page 34 contains a limited set of commands. The command prompt shown at this level is: Command Prompt: (Switching) > Privileged Exec Mode To have access to the full suite of commands, the operator must enter the Privileged Exec mode. The Privileged Exec mode requires password authentication. From Privileged Exec mode, the operator can issue any Exec command, enter the VLAN mode or enter the Global Configuration mode.

  • Page 35: Flow Of Operation

    prompt at this level is: Command Prompt: (Switching) (Line) # Policy Map Mode Use the policy-map <policy-name>command to access the QoS policy map configuration mode to configure the QoS policy map. (Switching) (Config)# policy-map <policy-name> Command Prompt: (Switching) (Config policy-map) # Policy Class Mode Use the class <class-name>...

  • Page 36: No" Form Of A Command

    After all the mandatory parameters are entered, any additional parameters entered are treated as optional parameters. If any of the parameters are not recognized a syntax error message will be displayed. After the command is successfully parsed and validated, the control of execution goes to the corresponding CLI callback function.
  • Page 37 case when the "no" token is not specified as in (interface) and (inte?).

  • Page 38: Cli Commands: Base

    7. CLI Commands: Base This chapter provides detailed explanation of the Switching commands. The commands are divided into four functional groups: ▫ Show commands display switch settings, statistics, and other information. ▫ Configuration Commands configure features and options of the switch. For every configuration command there is a show command that displays the configuration setting.

  • Page 39: Show Hardware

    ▫ Task Id The task ID of the event. ▫ Code The event code. ▫ Time The time this event occurred. Note Event log information is retained across a switch reset. 7.1.3 show hardware This command displays inventory information for the switch. ▫...

  • Page 40: Show Interface Ethernet

    interface. ▫ Transmit Packets Errors The number of outbound packets that could not be transmitted because of errors. ▫ Collisions Frames The best estimate of the total number of collisions on this Ethernet segment. ▫ Time Since Counters Last Cleared The elapsed time, in days, hours, minutes, and seconds since the statistics for this port were last cleared.
  • Page 41 etherStatsOctets objects should be sampled before and after a common interval. ----- The result of this equation is the value Utilization which is the percent utilization of the ethernet segment on a scale of 0 to 100 percent. ▫ Packets Received < 64 Octets - The total number of packets (including bad packets) received that were <...
  • Page 42 deliverable to a higher-layer protocol. ▫ Jabbers Received - The total number of packets received that were longer than 1518 octets (excluding framing bits, but including FCS octets), and had either a bad Frame Check Sequence (FCS) with an integral number of octets (FCS Error) or a bad FCS with a non-integral number of octets (Alignment Error).
  • Page 43 FF:FF:FF:FF:FF:FF when Broadcast Storm Recovery is enabled. ▫ CFI Discards - The number of frames discarded that have CFI bit set and the addresses in RIF are in non-canonical format. ▫ Upstream Threshold - The number of frames discarded due to lack of cell descriptors available for that packet's priority level.
  • Page 44 requested be transmitted to the Broadcast address, including those that were discarded or not sent. Transmit Errors ▫ Total Errors - The sum of Single, Multiple, and Excessive Collisions. ▫ Tx FCS Errors - The total number of packets transmitted that had a length (excluding framing bits, but including FCS octets) of between 64 and 1518 octets, inclusive, but had a bad Frame Check Sequence (FCS) with an integral number of octets ▫...
  • Page 45 ▫ GMRP PDU's Transmitted - The count of GMRP PDU's transmitted from the GARP layer. ▫ GMRP Failed Registrations - The number of times attempted GMRP registrations could not be completed. ▫ STP BPDUs Transmitted - Spanning Tree Protocol Bridge Protocol Data Units sent ▫...

  • Page 46: Show Logging

    requested be transmitted to a Multicast address, including those that were discarded or not sent. ▫ Broadcast Packets Transmitted - The total number of packets that higher-level protocols requested be transmitted to the Broadcast address, including those that were discarded or not sent.

  • Page 47: Show Mac-Addr-Table

    7.1.7 show mac-addr-table This command displays the forwarding database entries. If the command is entered with no parameter, the entire table is displayed. This is the same as entering the optional all parameter. Alternatively, the administrator can enter a MAC Address to display the table entry for the requested MAC address and all entries following the requested MAC address.

  • Page 48: Show Sysinfo

    is displayed in the script format, which can be used to configure another switch with same configuration. ▫ Format show running-config ▫ Mode Privileged EXEC 7.1.10 show sysinfo This command displays switch information. ▫ Format show sysinfo ▫ Mode Privileged EXEC ▫...

  • Page 49: Show Classofservice Dot1Pmapping

    class mapping on a 'per-port' basis, and the number of available traffic classes may vary with the platform. ▫ Format classofservice dot1pmapping <userpriority> <trafficclass> ▫ Mode Global Config or Interface Config 7.3.2 show classofservice dot1pmapping This command displays the current 802.1p priority mapping to internal traffic classes for a specific interface.

  • Page 50: Show Port-Channel Brief

    This command disables the support of static port-channels (link aggregations - LAGs) on the device. ▫ Default Disabled ▫ Format no port-channel staticcapability ▫ Mode Global Config 7.4.2 show port-channel brief This command displays the static capability of all port-channels (LAGs) on the device as well as a summary of individual port-channels.

  • Page 51: Mtu

    7.5.2 mtu This command sets the maximum transmission unit (MTU) size (in bytes) for physical and port-channel (LAG) interfaces. For the standard implementation, the range of <mtusize> is a valid integer between 1522-9216. ▫ Default 1522 ▫ Format mtu <1522-9216> ▫...

  • Page 52: Network Mac-Type

    7.5.5 network mac-type This command specifies whether the burned in MAC address or the locally-administered MAC address is used. ▫ Default burnedin ▫ Format network mac-type {local | burnedin} ▫ Mode Privileged EXEC 7.5.5.1 no network mac-type This command resets the value of MAC address to its default. Format no network mac-type Mode...

  • Page 53: Remotecon Timeout

    ▫ Format no remotecon maxsessions ▫ Mode Privileged EXEC 7.5.9 remotecon timeout This command sets the remote connection session timeout value, in minutes. A session is active as long as the session has been idle for the value set. A value of 0 indicates that a session remains active indefinitely.

  • Page 54: Set Prompt

    ▫ Default ▫ Format serial timeout <0 - 160> ▫ Mode Line Config 7.5.11.1 no serial timeout This command sets the maximum connect time (in minutes) without console activity to 5. ▫ Format no serial timeout ▫ Mode Line Config 7.5.12 set prompt This command changes the name of the prompt.

  • Page 55: Show Remotecon

    configured for in-band connectivity. To take effect, 'MAC Address Type' must be set to 'Locally Administered'. Enter the address as twelve hexadecimal digits (6 bytes) with a colon between each byte. Bit 1 of byte 0 must be set to a 1 and bit 0 to a 0, i.e. byte 0 should have the following mask 'xxxx xx10'.

  • Page 56: Show Snmpcommunity

    Flow Control - Whether Hardware Flow-Control is enabled or disabled. Hardware Flow Control is always disabled. Stop Bits - The number of Stop bits per character. The number of Stop bits is always 1. Parity Type - The Parity Method used on the Serial Port. The Parity Method is always None. 7.5.17 show snmpcommunity This command displays SNMP community information.

  • Page 57: Show Trapflags

    and 255 separated by periods. ▫ Status - A pull down menu that indicates the receiver's status (enabled or disabled) and allows the administrator/user to perform actions on this user entry: Enable - send traps to the receiver Disable - do not send traps to the receiver. Delete - remove the table entry.

  • Page 58: Snmp-Server Community Ipaddr

    entries using the same community name, the first entry is kept and processed and all duplicate entries are ignored. ▫ Default Two default community names: Public and Private. You can replace these default community names with unique identifiers for each community. The default values for the remaining four community names are blank.

  • Page 59: Snmp-Server Community Mode

    ▫ Format snmp-server community ipmask <ipmask> <name> ▫ Mode Global Config 7.5.22.1 no snmp-server community ipmask This command sets a client IP mask for an SNMP community to 0.0.0.0. The name is the applicable community name. The community name may be up to 16 alphanumeric characters. ▫...

  • Page 60: Snmp-Server Enable Traps Linkmode

    ▫ Default Enabled ▫ Format snmp-server enable traps ▫ Mode Global Config 7.5.26.1 no snmp-server enable traps This command disables the Authentication Flag. ▫ Format no snmp-server enable traps ▫ Mode Global Config 7.5.27 snmp-server enable traps bcaststorm This command enables the broadcast storm trap. When enabled, broadcast storm traps are sent only if the broadcast storm recovery mode setting associated with the port is enabled.

  • Page 61: Snmp-Server Enable Traps Stpmode

    ▫ Format snmp-server enable traps multiusers ▫ Mode Global Config 7.5.29.1 no snmp-server enable traps multiusers This command disables Multiple User traps. ▫ Format no snmp-server enable traps multiusers ▫ Mode Global Config 7.5.30 snmp-server enable traps stpmode This command enables the sending of new root traps and topology change notification traps. ▫...

  • Page 62: Snmptrap Mode

    ▫ Mode Global Config 7.5.33 snmptrap mode This command activates or deactivates an SNMP trap. Enabled trap receivers are active (able to receive traps). Disabled trap receivers are inactive (not able to receive traps). ▫ Format snmptrap mode <name> <ipaddr> ▫...

  • Page 63: Auto-Negotiate

    7.6.2 auto-negotiate This command enables automatic negotiation on a port. The default value is enable. ▫ Format auto-negotiate ▫ Mode Interface Config 7.6.2.1 no auto-negotiate This command disables automatic negotiation on a port. ▫ Format no auto-negotiate ▫ Mode Interface Config 7.6.3 auto-negotiate all This command enables automatic negotiation on all ports.

  • Page 64: Macfilter Adddest

    The <vlanid> parameter must identify a valid VLAN. Up to 100 static MAC filters may be created. ▫ Format macfilter <macaddr> <vlanid> ▫ Mode Global Config 7.6.6.1 no macfilter This command removes all filtering restrictions and the static MAC filter entry for the MAC address <macaddr>...

  • Page 65: Macfilter Addsrc

    This command removes all ports from the destination filter set for the MAC filter with the given <macaddr> and VLAN of <vlanid>. The <macaddr> parameter must be specified as a 6-byte hexadecimal number in the format of b1:b2:b3:b4:b5:b6. The <vlanid> parameter must identify a valid VLAN. ▫...

  • Page 66: Monitor Session

    7.6.11 monitor session This command configures a probe port and a monitored port for monitor session (port monitoring). The first slot/port is the source monitored port and the second slot/port is the destination probe port. If this command is executed while port monitoring is enabled, it will have the effect of changing the probe and monitored port values.

  • Page 67: Port Lacpmode All

    ▫ Mode Interface Config 7.6.14 port lacpmode all This command enables Link Aggregation Control Protocol (LACP) on all ports. ▫ Format port lacpmode all ▫ Mode Global Config 7.6.14.1 no port lacpmode all This command disables Link Aggregation Control Protocol (LACP) on all ports. ▫...

  • Page 68: Port-Channel Name

    ▫ Default Enabled ▫ Format port-channel linktrap {<logical slot/port> | all} ▫ Mode Global Config 7.6.17.1 no port-channel linktrap This command disables link trap notifications for the port-channel (LAG). The interface is a logical slot and port for a configured port-channel. The option all sets every configured port-channel with the same administrative mode setting.

  • Page 69: Protocol Vlan Group All

    ▫ Format protocol vlan group <groupid> ▫ Mode Interface Config 7.6.20.1 no protocol vlan group This command removes the <interface> from this protocol-based VLAN group that is identified by this <groupid>. If <all> is selected, all ports will be removed from this protocol group. ▫...

  • Page 70: Set Garp Timer Join All

    ▫ Mode Interface Config 7.6.23 set garp timer join all This command sets the GVRP join time for all ports and per GARP. Join time is the interval between the transmission of GARP Protocol Data Units (PDUs) registering (or re-registering) membership for a VLAN or multicast group.

  • Page 71: Set Garp Timer Leaveall

    considered a buffer time for another station to assert registration for the same attribute in order to maintain uninterrupted service time is 20 to 600 (centiseconds). Note This command has an effect only when GVRP is enabled. ▫ Default 60 centiseconds (0.6 seconds) ▫...

  • Page 72: Set Gmrp Adminmode

    6000 (centiseconds). Note This command has an effect only when GVRP is enabled. ▫ Default 1000 centiseconds (10 seconds) ▫ Format set garp timer leaveall all <200-6000> ▫ Mode Global Config 7.6.27.1 no set garp timer leaveall all This command sets how frequently Leave All PDUs are generated for all ports to 1000 centiseconds (10 seconds).

  • Page 73: Set Gmrp Interfacemode All

    which has GARP enabled is enabled for routing or is enlisted as a member of a port-channel (LAG), GARP functionality will be disabled on that interface. GARP functionality will subsequently be re-enabled if routing is disabled and portchannel (LAG) membership is removed from an interface that has GARP enabled.

  • Page 74: Set Gvrp Interfacemode All

    7.6.32.1 no set gvrp interfacemode This command disables GVRP (GARP VLAN Registration Protocol) for a specific port. If GVRP is disabled, Join Time, Leave Time and Leave All Time have no effect. ▫ Format no set gvrp interfacemode ▫ Mode Interface Config 7.6.33 set gvrp interfacemode all This command enables GVRP (GARP VLAN Registration Protocol) for all ports.

  • Page 75: Show Gvrp Configuration

    ▫ Join Timer - Specifies the interval between the transmission of GARP PDUs registering (or re-registering) membership for an attribute. Current attributes are a VLAN or multicast group. There is an instance of this timer on a per-Port, per-GARP participant basis. Permissible values are 10 to 100 centiseconds (0.1 to 1.0 seconds).

  • Page 76: Show Igmpsnooping

    attribute before deleting the attribute. Current attributes are a VLAN or multicast group. This may be considered a buffer time for another station to assert registration for the same attribute in order to maintain uninterrupted service. There is an instance of this timer on a per-Port, per-GARP participant basis.

  • Page 77: Show Mac-Address-Table Gmrp

    processed by the CPU. 7.6.39 show mac-address-table gmrp This command displays the GARP Multicast Registration Protocol (GMRP) entries in the Multicast Forwarding Database (MFDB) table. ▫ Format show mac-address-table gmrp ▫ Mode Privileged EXEC ▫ Mac Address - A unicast MAC address for which the switch has forwarding and or filtering information.

  • Page 78: Show Mac-Address-Table Static

    user. Dynamic entries are added to the table as a result of a learning process or protocol. ▫ Component - The component that is responsible for this entry in the Multicast Forwarding Database. Possible values are IGMP Snooping, GMRP, and Static Filtering. ▫...

  • Page 79: Show Monitor

    ▫ Most MFDB Entries Ever Used - This displays the largest number of entries that have been present in the Multicast Forwarding Database table. This value is also known as the MFDB high-water mark. ▫ Current Entries - This displays the current number of entries in the Multicast Forwarding Database table.

  • Page 80: Show Port Protocol

    factory default is enabled. ▫ LACP Mode - Displays whether LACP is enabled or disabled on this port. 7.6.47 show port protocol This command displays the Protocol-Based VLAN information for either the entire system, or for the indicated Group. ▫ Format show port protocol {<groupid>...

  • Page 81: Show Storm-Control

    7.6.49 show storm-control This command displays switch configuration information. ▫ Format show storm-control ▫ Mode Privileged EXEC ▫ Broadcast Storm Recovery Mode - May be enabled or disabled. The factory default is disabled. ▫ 802.3x Flow Control Mode - May be enabled or disabled. The factory default is disabled. 7.6.50 show vlan This command displays detailed information, including interface information, for a specific VLAN.

  • Page 82: Show Vlan Brief

    ▫ Tagging - Select the tagging behavior for this port in this VLAN. Tagged - specifies to transmit traffic for this VLAN as tagged frames. Untagged - specifies to transmit traffic for this VLAN as untagged frames. 7.6.51 show vlan brief This command displays a list of all configured VLANs.

  • Page 83: Shutdown

    7.6.53 shutdown This command disables a port. ▫ Default Enabled ▫ Format shutdown ▫ Mode Interface Config 7.6.53.1 no shutdown This command enables a port. ▫ Format no shutdown ▫ Mode Interface Config 7.6.54 shutdown all This command disables all ports. ▫...

  • Page 84: Spanning-Tree

    Note: This command is valid only when the Link Up/Down Flag is enabled (see "snmpserver enable traps linkmode"). ▫ Format snmp trap link-status all ▫ Mode Global Config 7.6.56.1 no snmp trap link-status all This command disables link status traps for all interfaces. Note: This command is valid only when the Link Up/Down Flag is enabled (see "snmpserver enable traps linkmode").

  • Page 85: Speed

    string of up to 64 characters. To use spaces as part of a description, enclose it in double quotes like: "Port 1 connect to Ln 1" ▫ Format description <description> ▫ Mode Interface Config 7.6.60 speed This command sets the speed and duplex setting for the interface. ▫...

  • Page 86: Storm-Control Flowcontrol

    1000M Table 7-1 Broadcast Storm Recovery Thresholds 7.6.62.1 no storm-control broadcast This command disables broadcast storm recovery mode. The threshold implementation follows a percentage pattern. If the broadcast traffic on any Ethernet port exceeds the high threshold percentage (as represented in "Broadcast Storm Recovery Thresholds" table) of the link speed, the switch discards the broadcasts traffic until the broadcast traffic returns to the low threshold percentage or less.

  • Page 87: Vlan Acceptframe

    7.6.64.1 no vlan This command deletes an existing VLAN. The ID is a valid VLAN identification number (ID 1 is reserved for the default VLAN). VLAN range is 2-4094. ▫ Format no vlan <2-4094> ▫ Mode VLAN database 7.6.65 vlan acceptframe This command sets the frame acceptance mode per interface.

  • Page 88: Vlan Makestatic

    7.6.67 vlan makestatic This command changes a dynamically created VLAN (one that is created by GVRP registration) to a static VLAN (one that is permanently configured and defined). The ID is a valid VLAN identification number. VLAN range is 2-4094. ▫...

  • Page 89: Vlan Port Acceptframe All

    ▫ Mode Global Config Participation options are: ▫ include - The interface is always a member of this VLAN. This is equivalent to registration fixed. ▫ Exclude - The interface is never a member of this VLAN. This is equivalent to registration forbidden.

  • Page 90: Vlan Port Pvid All

    to ports that are members of that VLAN. ▫ Format no vlan port ingressfilter all ▫ Mode Global Config 7.6.73 vlan port pvid all This command changes the VLAN ID for all interfaces. ▫ Default ▫ Format vlan port pvid all <1-4094> ▫...

  • Page 91: Vlan Protocol Group Remove

    associated with one group. If adding a protocol to a group causes any conflicts with interfaces currently associated with the group, this command will fail and the protocol will not be added to the group. The possible values for protocol are ip, arp, and ipx. ▫...

  • Page 92: User Account Management Commands

    disabled, traffic is transmitted as untagged frames. The ID is a valid VLAN identification number. ▫ Format no vlan tagging <1-4094> ▫ Mode Interface Config 7.7 User Account Management Commands These commands manage user accounts. 7.7.1 disconnect This command closes a telnet session. ▫...

  • Page 93: Users Name

    and up to five Read Only users. ▫ SNMPv3 AccessMode - This field displays the SNMPv3 Access Mode. If the value is set to Read-Write, the SNMPv3 user will be able to set and retrieve parameters on the system. If the value is set to ReadOnly, the SNMPv3 user will only be able to retrieve parameter information.

  • Page 94: Users Snmpv3 Accessmode

    ▫ Format no users passwd <username> ▫ Mode Global Config 7.7.6 users snmpv3 accessmode This command specifies the snmpv3 access privileges for the specified login user. The valid accessmode values are readonly or readwrite. The <username> is the login user name for which the specified access mode will apply.

  • Page 95: System Utilities

    key. When using the des protocol, the user login password is also used as the snmpv3 encryption password and therefore must be at least eight characters in length. If none is specified, a key must not be provided. The <username> is the login user name associated with the specified encryption.

  • Page 96: Clear Port-Channel

    prompted to confirm that the password reset should proceed. ▫ Format clear pass ▫ Mode Privileged EXEC 7.8.5 clear port-channel This command clears all port-channels (LAGs). ▫ Format clear port-channel ▫ Mode Privileged EXEC 7.8.6 clear traplog This command clears the trap log. ▫...

  • Page 97: Logout

    copy system:running-config nvram:startup-config copy <url> nvram:sslpem-root copy <url> nvram:sslpem-server copy <url> nvram:sslpem-dhweak copy <url> nvram:sslpem-dhstrong copy <url> nvram:sshkey-rsa1 copy <url> nvram:sshkey-rsa2 copy <url> nvram:sshkey-dsa ▫ Mode Privileged EXEC 7.8.9 logout This command closes the current telnet connection or resets the current serial connection. Note Save configuration changes before logging out.

  • Page 98: Cli Commands: Quality Of Service

    8. CLI COMMANDS: QUALITY OF SERVICE This chapter provides a detailed explanation of the Quality of Service (QOS) commands. The following QOS CLI commands are available in the software QOS Package. The commands are divided into these different groups: ▫ Show commands are used to display device settings, statistics and other information.

  • Page 99: Ip Access-Group

    <accesslistnumber>. The ACL number is an integer from 1 to 199. The range 1 to 99 is for normal ACL List and 100 to 199 is for extended ACL List. The ACL rule is created with the option of permit or deny. The protocol to filter for an ACL rule is specified by giving the protocol to be used like cmp, igmp, ip, tcp, udp.

  • Page 100: Cli Commands: Differentiated Services

    ▫ Mode Global Config 8.3 CLI Commands: Differentiated Services This chapter contains the CLI commands used for the QOS Differentiated Services (DiffServ) package. The user configures DiffServ in several stages by specifying: 1. Class ▫ creating and deleting classes ▫ defining match criteria for a class.

  • Page 101: Diffserv

    ▫ i.e., ACL rules copied as class match criteria at time of class creation, with class type 'any' ▫ implicit ACL 'deny all' rule also copied ▫ no nesting of class type 'acl' Regarding nested classes, referred to here as class references, a given class definition can contain at most one reference to another class, which can be combined with other match criteria.

  • Page 102: Class-Map

    8.4.1 class-map This command defines a new DiffServ class of type match-all, match-any or match-access-group. The <classname> parameter is a case sensitive alphanumeric string from 1 to 31 characters uniquely identifying the class (Note: the class name 'default' is reserved and must not be used here). When used without any match condition, this command enters the class-map mode.

  • Page 103: Class-Map Rename

    8.4.2 class-map rename This command changes the name of a DiffServ class. The <classname> is the name of an existing DiffServ class. The <newclassname> parameter is a case-sensitive alphanumeric string from 1 to 31 characters uniquely identifying the class (Note: the class name 'default' is reserved and must not be used here).

  • Page 104: Match Destination-Address Mac

    8.4.4.1 no match class-map This command removes from the specified class definition the set of match conditions defined for another class. The <refclassname> is the name of an existing DiffServ class whose match conditions are being referenced by the specified class definition. Note: there is no [not] option for this match command. ▫...

  • Page 105: Match Ip Dscp

    To specify the match condition using a numeric notation, one layer 4 port number is required. The port number is an integer from 0 to 65535. To specify the match condition using a numeric range notation, two layer 4 port numbers are required and together they specify a contiguous port range.

  • Page 106: Match Ip Tos

    Note To specify a match on all Precedence values, use the match [not] ip tos <tosbits> <tosmask> command with <tosbits> set to 0 and <tosmask> set to 1F (hex). ▫ Default None ▫ Format match [not] ip precedence <0-7> ▫ Mode Class-Map Config 8.4.10 match ip tos...

  • Page 107: Match Source-Address Mac

    ▫ Format match [not] protocol {<protocol-name> | <0-255>} ▫ Mode Class-Map Config 8.4.12 match source-address mac This command adds to the specified class definition a match condition based on the source MAC address of a packet. The <address> parameter is any layer 2 MAC address formatted as six, two-digit hexadecimal numbers separated by colons (e.g., 00:11:22:dd:ee:ff).

  • Page 108: Match Vlan

    has the effect of negating this match condition for the class (i.e., match all source layer 4 ports except for those within the range specified here). The optional [not] parameter has the effect of negating this match condition for the class (i.e., match all source layer 4 port numbers except for the one specified here).

  • Page 109: Bandwidth Kbps

    8.5.1 bandwidth kbps This command identifies a minimum amount of bandwidth to be reserved for the specified class instance within the named policy using an absolute rate notation. The committed information rate is specified in kilobits-per-second (Kbps) and is an integer from 1 to 4294967295. Note: The actual bandwidth allocation does not occur until the policy is attached to an interface in a particular direction.

  • Page 110: Class

    8.5.3 class This command creates an instance of a class definition within the specified policy for the purpose of defining treatment of the traffic class through subsequent policy attribute statements. The <classname> is the name of an existing DiffServ class. Note that this command causes the specified policy to create a reference to the class definition.

  • Page 111: Expedite Percent

    8.5.5 expedite percent This command identifies the maximum guaranteed amount of bandwidth to be reserved for the specified class instance within the named policy using a relative rate notation. The committed information rate is specified as a percentage of total link capacity and is an integer from 1 to 100. The optional committed burst size is specified in kilobytes (KB) as an integer from 1 to 128, with a default of 4.

  • Page 112: Police-Simple

    8.5.8 police-simple This command is used to establish the traffic policing style for the specified class. The simple form of the police command uses a single data rate and burst size, resulting in two outcomes: conform and nonconform. The conforming data rate is specified in kilobits-per-second (Kbps) and is an integer from 1 to 4294967295.

  • Page 113: Police-Two-Rate

    set-prec-transmit <0-7> | set-dscp-transmit <0-63> | transmit} [violate-action {drop | set-prec-transmit <0-7> | set-dscp-transmit <0-63> | transmit}]} ▫ Mode Policy-Class-Map Config ▫ Restrictions - Only one style of police command (simple, singlerate, tworate) is allowed for a given class instance in a particular policy. ▫...

  • Page 114: Policy-Map Rename

    alphanumeric string from 1 to 31 characters uniquely identifying the policy. The type of policy is specific to either the inbound or outbound traffic direction as indicated by the {in | out} parameter. Note The policy type dictates which of the individual policy attribute commands are valid within the policy definition.

  • Page 115: Shape Bps-Average

    Note The last two parameters, namely sampling rate and decay exponent, are hierarchically specified in this command. That is, in order to provide a value for the decay exponent <0-16>, the user is required to also specify a sampling rate <0-1000000> for proper command interpretation. ▫...

  • Page 116: Service Commands

    8.6 Service Commands The 'service' command set is used in DiffServ to define: ▫ Traffic Conditioning Assign a DiffServ traffic conditioning policy (as specified by the policy commands) to an interface in the incoming direction ▫ Service Provisioning Assign a DiffServ service provisioning policy (as specified by the policy commands) to an interface in the outgoing direction The service commands attach a defined policy to a directional interface.

  • Page 117: Show Commands

    Note This command effectively disables DiffServ on an interface (in a particular direction). There is no separate interface administrative 'mode' command for DiffServ. ▫ Format no service-policy {in | out} <policymapname> ▫ Modes Global Config (for all system interfaces) Interface Config (for a specific interface) 8.7 Show Commands The 'show' command set is used in DiffServ to display configuration and status information for: 。...

  • Page 118: Show Diffserv

    following fields are displayed: ▫ Class Name - The name of this class. (Note that the order in which classes are displayed is not necessarily the same order in which they were created.) ▫ Class Type - The class type (all, any, or acl) indicating how the match criteria are evaluated for this class.
  • Page 119 ▫ Format how policy-map [<policyname>] ▫ Mode Privileged EXEC If the Policy Name is specified the following fields are displayed: ▫ Policy Name - The name of this policy. ▫ Type - The policy type, namely whether it is an inbound or outbound policy definition. The following information is repeated for each class associated with this policy (only those policy attributes actually configured are displayed): ▫...

  • Page 120: Show Diffserv Service

    ▫ Non-Conform DSCP Value - This field displays the DSCP mark value if this action is markdscp. ▫ Non-Conform IP Precedence Value - This field displays the IP Precedence mark value if this action is markprec. ▫ Bandwidth - This field displays the minimum amount of bandwidth reserved in either percent or kilobits-per-second.

  • Page 121: Show Diffserv Service Brief

    ▫ DiffServ Admin Mode - The current setting of the DiffServ administrative mode. An attached policy is only in effect on an interface while DiffServ is in an enabled mode. ▫ Interface - The slot number and port number of the interface (slot/port). ▫...

  • Page 122: Show Service-Policy

    service interface in the specified direction for any reason due to DiffServ treatment. ▫ Interface Sent Octets/Packets - A cumulative count of the octets/packets forwarded by this service interface in the specified direction after the defined DiffServ treatment was applied. In this case, forwarding means the traffic stream was passed to the next functional element in the data path, such as the switching or routing function or an outbound link transmission element.

  • Page 123: Rate-Limiting Commands

    with an attached policy are shown): ▫ Interface - The slot number and port number of the interface (slot/port). ▫ Dir - The traffic direction of this interface service, either in or out. ▫ Operational Status - The current operational status of this DiffServ service interface. ▫...
  • Page 124 ▫ Mode Privileged EXEC and User EXEC...

  • Page 125: Cli Commands: Security

    9. CLI COMMANDS: SECURITY 9.1 Security Commands This section describes commands used for configuring security settings for login users and port users. 9.1.1 authentication login This command creates an authentication login list. The <listname> is up to 15 alphanumeric characters and is not case sensitive.

  • Page 126: Clear Dot1X Statistics

    9.1.2 clear dot1x statistics This command resets the 802.1x statistics for the specified port or for all ports. ▫ Format clear dot1x statistics {<slot/port> | all} ▫ Mode Privileged EXEC 9.1.3 clear radius statistics This command is used to clear all RADIUS statistics. ▫...

  • Page 127: No Dot1X Max-Req

    9.1.7.1 no dot1x max-req This command sets the maximum number of times the authenticator state machine on this port will transmit an EAPOL EAP Request/Identity frame before timing out the supplicant to the default value, i.e. ▫ Format no dot1x max-req ▫...

  • Page 128: Dot1X Re-Authenticate

    ▫ Mode Global Config 9.1.10 dot1x re-authenticate This command begins the re-authentication sequence on the specified port. This command is only valid if the control mode for the specified port is 'auto'. If the control mode is not 'auto' an error will be returned. ▫...
  • Page 129 be a value in the range 1 - 65535. ▫ quiet-period: Sets the value, in seconds, of the timer used by the authenticator state machine on this port to define periods of time in which it will not attempt to acquire a supplicant. The quiet-period must be a value in the range 0 - 65535.

  • Page 130: Radius Accounting Mode

    9.1.15 radius accounting mode This command is used to enable the RADIUS accounting function. ▫ Default Disabled ▫ Format radius accounting mode ▫ Mode Global Config 9.1.15.1 no radius accounting mode This command is used to set the RADIUS accounting function to the default value - i.e. the RADIUS accounting function is disabled.

  • Page 131: Radius Server Key

    ▫ Format no radius server host {auth | acct} <ipaddress> ▫ Mode Global Config 9.1.17 radius server key This command is used to configure the shared secret between the RADIUS client and the RADIUS accounting / authentication server. Depending on whether the 'auth' or 'acct' token is used, the shared secret will be configured for the RADIUS authentication or RADIUS accounting server.

  • Page 132: Radius Server Timeout

    ▫ Format no radius server retransmit ▫ Mode Global Config 9.1.21 radius server timeout This command sets the timeout value (in seconds) after which a request must be retransmitted to the RADIUS server if no response is received. The timeout value is an integer in the range of 1 to 30. ▫...

  • Page 133: Show Authentication

    RADIUS accounting server. ▫ Responses - The number of RADIUS packets received on the accounting port from this server. ▫ Malformed Responses - The number of malformed RADIUS Accounting-Response packets received from this server. Malformed packets include packets with an invalid length. Bad authenticators and unknown types are not included as malformed accounting responses.
  • Page 134 <slot/port>}] ▫ Mode Privileged EXEC If none of the optional parameters are used, the global dot1x configuration summary is displayed. ▫ Administrative mode - Indicates whether authentication control on the switch is enabled or disabled. If the optional parameter 'summary {<slot/port> | all}' is used, the dot1x configuration for the specified port or all ports are displayed.
  • Page 135 will retransmit an EAPOL EAP Request/Identity before timing out the supplicant. The value will be in the range of 1 and 10. ▫ Reauthentication Period - The timer used by the authenticator state machine on this port to determine when reauthentication of the supplicant takes place. The value is expressed in seconds and will be in the range of 1 and 65535.

  • Page 136: Show Dot1X Users

    9.1.26 show dot1x users This command displays 802.1x port security user information for locally configured users. ▫ Format show dot1x users <slot/port> ▫ Mode Privileged EXEC ▫ User - Users configured locally to have access to the specified port. 9.1.27 show radius This command is used to display the various RADIUS configuration items for the switch as well as the configured RADIUS servers.

  • Page 137: Show Users Authentication

    authentication server. ▫ Access Requests - The number of RADIUS Access-Request packets sent to this server. This number does not include retransmissions. ▫ Access Retransmission - The number of RADIUS Access-Request packets retransmitted to this RADIUS authentication server. ▫ Access Accepts - The number of RADIUS Access-Accept packets, including both valid and invalid packets, which were received from this server.

  • Page 138: Users Login

    log in to the system. This setting is overridden by the authentication login list assigned to a specific user if the user is configured locally. If this value is not configured, users will be authenticated using local authentication only. ▫ Format users defaultlogin <listname>...

  • Page 139: Show Ip Ssh

    9.2.3 show ip ssh This command displays the ssh settings. ▫ Format show ip ssh ▫ Mode Privileged EXEC ▫ Administrative Mode - This field indicates whether the administrative mode of SSH is enabled or disabled. ▫ Protocol Level - The protocol level may have the values of version 1, version 2 or both versions 1 and version 2.

  • Page 140: Ip Http Server

    ▫ Default Disabled ▫ Format ip http secure-server ▫ Mode Privileged EXEC 9.3.3.1 no ip http secure-server This command is used to disable the secure socket layer for secure HTTP. ▫ Format ip http secure-server ▫ Mode Privileged EXEC 9.3.4 ip http server This command enables access to the switch through the Web interface.

  • Page 141: Mac Lock Commands

    9.4 MAC Lock Commands 9.4.1 mac-lock This command adds the specified MAC address with <vlanid> to a specified interface. The <macaddr> parameter must be specified as a 6-byte hexadecimal number in the format of b1:b2:b3:b4:b5:b6. The <vlanid> parameter must identify a valid VLAN. ▫...

  • Page 142: Cli Commands: Switching

    10. CLI COMMANDS: SWITCHING 10.1 Spanning Tree Commands This section provides detailed explanation of the spanning tree commands. The commands are divided into two functional groups: ▫ Show commands display spanning tree settings, statistics, and other information. ▫ Configuration Commands configure features and options of the switch. For every configuration command there is a show command that displays the configuration setting.

  • Page 143: Show Spanning-Tree Interface

    ▫ Bridge Identifier ▫ Bridge Max Age - Configured value. ▫ Bridge Hello Time - Configured value. ▫ Bridge Forward Delay - Configured value. ▫ Bridge Hold Time - Minimum time between transmission of Configuration Bridge Protocol Data Units (BPDUs) 10.1.2 show spanning-tree interface This command displays the settings and parameters for a specific switch port within the common and internal spanning tree.

  • Page 144: Show Spanning-Tree Mst Port Detailed

    ▫ Root Port Identifier - Port to access the Designated Root for this multiple spanning tree instance ▫ Associated FIDs - List of forwarding database identifiers associated with this instance. ▫ Associated VLANs - List of VLAN IDs associated with this instance. 10.1.4 show spanning-tree mst port detailed This command displays the detailed settings and parameters for a specific switch port within a particular multiple spanning tree instance.

  • Page 145: Show Spanning-Tree Mst Port Summary

    ▫ Point To Point MAC Status - Derived value indicating if this port is part of a point to point link. ▫ CST Regional Root - The regional root identifier in use for this port. ▫ CST Port Cost - The configured path cost for this port. 10.1.5 show spanning-tree mst port summary This command displays the settings of one or all ports within the specified multiple spanning tree instance.

  • Page 146: Show Spanning-Tree Vlan

    ▫ Configuration Name - Configured name. ▫ Configuration Revision Level - Configured value. ▫ Configuration Digest Key - Calculated value. ▫ Configuration Format Selector - Configured value. ▫ MST Instances - List of all multiple spanning tree instances configured on the switch 10.1.8 show spanning-tree vlan This command displays the association between a VLAN and a multiple spanning tree instance.

  • Page 147: Spanning-Tree Configuration Revision

    ▫ Format no spanning-tree configuration name ▫ Mode Global Config 10.1.11 spanning-tree configuration revision This command sets the Configuration Identifier Revision Level for use in identifying the configuration that this switch is currently using. The Configuration Identifier Revision Level is a number in the range of 0 to 65535.

  • Page 148: Spanning-Tree Forward-Time

    10.1.13.1 no spanning-tree forceversion This command sets the Force Protocol Version parameter to the default value, i.e. 802.1s. ▫ Format no spanning-tree forceversion ▫ Mode Global Config 10.1.14 spanning-tree forward-time This command sets the Bridge Forward Delay parameter to a new value for the common and internal spanning tree.

  • Page 149: Spanning-Tree Mst

    ▫ Format spanning-tree max-age <6-40> ▫ Mode Global Config 10.1.16.1 no spanning-tree max-age This command sets the Bridge Max Age parameter for the common and internal spanning tree to the default value, i.e. 20. ▫ Format no spanning-tree max-age ▫ Mode Global Config 10.1.17 spanning-tree mst...

  • Page 150: Spanning-Tree Mst Instance

    parameter, to the default value, i.e. 128. ▫ Format no spanning-tree mst <mstid> {cost | port-priority} ▫ Mode Interface Config 10.1.18 spanning-tree mst instance This command adds a multiple spanning tree instance to the switch. The instance <mstid> is a number within a range of 1 to 4094, that corresponds to the new instance ID to be added.

  • Page 151: Spanning-Tree Mst Vlan

    10.1.20 spanning-tree mst vlan This command adds an association between a multiple spanning tree instance and a VLAN. The VLAN will no longer be associated with the common and internal spanning tree. The instance <mstid> is a number that corresponds to the desired existing multiple spanning tree instance. The <vlanid> corresponds to an existing VLAN ID.

  • Page 152: Using The Web Interface

    11. USING THE WEB INTERFACE This chapter is a brief introduction to the web. You can manage your switch through a Web browser and Internet connection. This is referred to as Web-based management. To access the switch, the Web browser must support: ▫...

  • Page 153: Starting The Web Interface

    11.1.2 Starting the Web Interface Note You must configure the IP address of the switch before using the Web interface. Follow these steps to bring up the switch Web interface: Enter the IP address of the switch in the Web browser address field. When the Login panel is displayed, enter the appropriate User Name and Password.

  • Page 154: Switch Operation

    12. SWITCH OPERATION 12.1 Address Table The Switch is implemented with an address table. This address table composed of many entries. Each entry is used to store the address information of some node in network, including MAC address, port no, etc.

  • Page 155: Auto-Negotiation

    subsequently used to filter packets whose destination address is on the same segment as the source address. This confines network traffic to its respective domain and reduce the overall load on the network. The Switch performs "Store and forward" therefore, no error packets occur. More reliably, it reduces the re-transmission rate.

  • Page 156: Trouble Shooting

    13. TROUBLE SHOOTING This chapter contains information to help you solve problems. If the Ethernet Switch is not functioning properly, make sure the Ethernet Switch was set up according to instructions in this manual. The Link LED is not lit Solution: Check the cable connection and remove duplex mode of the Ethernet Switch Some stations cannot talk to other stations located on the other port...

  • Page 157: Appendex A

    APPENDEX A A.1 Switch's RJ-45 Pin Assignments 1000Mbps, 1000Base T Contact MDI-X BI_DA+ BI_DB+ BI_DA- BI_DB- BI_DB+ BI_DA+ BI_DC+ BI_DD+ BI_DC- BI_DD- BI_DB- BI_DA- BI_DD+ BI_DC+ BI_DD- BI_DC- Implicit implementation of the crossover function within a twisted-pair cable, or at a wiring panel, while not expressly forbidden, is beyond the scope of this standard.
  • Page 158 The standard RJ-45 receptacle/connector There are 8 wires on a standard UTP/STP cable and each wire is color-coded. The following shows the pin allocation and color of straight cable and crossover cable connection: Straight Cable SIDE 1 SIDE2 1 = White / Orange 1 = White / Orange SIDE 1 2 = Orange...

Table of Contents