Order toll-free in the U.S.: Call 877-877-BBOX (outside U.S. call 724-746-5500) Customer FREE technical support 24 hours a day, 7 days a week: Call 724-746-5500 or fax 724-746-0746 Support Mailing address: Black Box Corporation, 1000 Park Drive, Lawrence, PA 15055-1018 Information Web site: www.blackbox.com • E-mail: info@blackbox.com...
LGB5128A User's Manual SFP Managed Switch Eco Firmware version 1.59 Compatible Black Box SFPs. Part Number Product Name LFP401–LFP404 155-Mbps Extended Diagnostic SFP LFP411–LFP414, LFP416* 1250-Mbps Extended Diagnostic SFP LSP421–LSP422 10GBASE-SR SFP, 10GBASE-LR SFP *Supports LFP416 with auto mode of link speed on Ports 1–20 and does not support LFP415.
Internet Protocol (IP), and Simple Network Management Protocol (SNMP). Disclaimer Black Box Network Services shall not be liable for damages of any kind, including, but not limited to, punitive, consequential or cost of cover damages, resulting from any errors in the production information or specifications set forth in this document and Black Box Network Services may revise this document at any time without notice.
Page 4
Alerts you to a potential hazard that could cause AUTION loss of data, or damage the system or equipment. LGB5128A User Manual...
Table of Contents INTRODUCTION ..............................1 CHAPTER 1 OPERATION OF WEB-BASED MANAGEMENT .............. 2 CHAPTER 2 SYSTEM CONFIGURATION ..................... 4 2-1 S ..........................4 YSTEM NFORMATION 2-1.1 Information ............................4 2-1.2 Configuratio ............................6 2-2 T ................................7 2-2.1 Manual ..............................7 2-2.2 NTP ...............................
Page 6
3-16.1 Port Classification .......................... 131 3-16.2 Port Policing ..........................133 3-16.3 Port Scheduler ..........................134 3-16.4 Port Shaping ........................... 136 3-16.5 Port Tag Remarking ........................139 3-16.6 Port DSCP ............................140 3-16.7 DSCP-Based QoS ........................... 141 3-16.8 DSCP Translation .......................... 143 LGB5128A User Manual...
Page 7
3-16.9 DSCP Classification ........................145 3-16.10 QoS Control List Configuration ....................146 3-16.11 QCL Status ........................... 149 3-16.12 Storm Control ..........................150 3-18 ............................151 GENT 3-18.1 Collector ............................151 3-18.2 Sampler ............................153 3-19 M ............................. 154 IRRORING 3-20 T ...........................
Page 8
I ..................................238 L ..................................239 M ..................................240 N ..................................240 O ..................................241 P ..................................241 Q ..................................242 R ..................................243 S ..................................243 T ..................................245 U ..................................246 V ..................................246 LGB5128A User Manual viii...
Overview This user’s manual explains how to install and connect your network system to configure and monitor the LGB5128A through its built-in CLI and Web via the RS-232 serial interface and Ethernet ports. Examples of hardware and software functions are shown as well as the examples of the operation for Web-based interface and command- line interface (CLI).
MIBs status, each port activity, Spanning tree status, port aggregation status, multicast traffic, VLAN and priority status, illegal access record, and so on. he default values of the LGB5128A are listed in the table below: IP Address 192.168.1.1 Subnet Mask 255.255.255.0...
Page 13
DHCP is enabled on the LGB5128A, but if you do not have a DHCP server to provide IP addresses to the switch, use the switch default ip 192.168.1.1 Figure 1 The login page...
2. Specify the contact information for the system administrator, as well as the name and location of the switch. Also indicate the local time zone by configuring the appropriate offset. 3. Click Refresh. Figure 2-1.1: System Information LGB5128A User Manual...
Page 15
The version of hardware and mechanical. The figure before the hyphen is the version of electronic firmware; the figure after the hyphen is the version of hardware. Serial number: The serial number is assigned by Black Box. Host IP address: The IP address of the switch.
0 to 255. System Location : The physical location of this node (e.g., telephone closet, 3rd floor). The allowed string length is 0 to 255, and the allowed content is the ASCII characters from 32 to 126. LGB5128A User Manual...
Figure 2-2.1: The time configuration Parameter description: Clock Source: Select the clock source for the LGB5128A. You can choose “Use local Settings” or “Use NTP Server” for the LGB5128A time clock source. Local Time: Shows the current time of the system.
Page 18
To configure Daylight saving start date and time, use the format “YYYY-MM-DD HH:MM.” To configure Daylight saving end date and time, use the format “YYYY-MM-DD HH:MM.” The “from” and “to” fields display the values you set. LGB5128A User Manual...
16-bit groups of contiguous zeros; but it can only appear once. It can also represent a legally valid IPv4 address.For example, '::192.1.2.34'. Buttons These buttons are displayed on the NTP page: Save—Click to save changes. Reset—Click to undo any changes made locally and revert to previously saved values. LGB5128A User Manual...
Type in the password. The allowed string length is 0 to 255, and the allowed content includes ASCII characters from 32 to 126. Password (again) Type the password again. You must type the same password again in the field. LGB5128A User Manual...
Privilege Level : The privilege level of the user. The allowed range is 1 to 15. If the privilege level value is 15, the user can access all groups, i.e. he is granted the full control of the device. Other values need to refer to each group privilege level. A user’s privilege should be same or greater than the group privilege level to access that group.
Page 22
Security: Authentication, System Access Management, Port (contains Dot1x port, MAC based and the MAC Address Limit), ACL, HTTPS, SSH, ARP Inspection, and IP source guard. IP: Everything except “ping.” Port: Everything except “VeriPHY.” Diagnostics: “ping” and “VeriPHY.” LGB5128A User Manual...
Maintenance: CLI: System Reboot, System Restore Default, System Password, Configuration Save, Configuration Load, and Firmware Load. Web: Users, Privilege Levels, and everything in Maintenance. Debug: Only present in CLI. Privilege Levels Every group has an authorization Privilege level for the following sub groups: configuration read-only, configuration/execute...
Page 24
Provide the managed VLAN ID. The allowed range is 1 to 4095. DNS Proxy : When DNS proxy is enabled, DUT will relay DNS requests to the current configured DNS server on DUT, and reply as a DNS resolver to the client device on the network. LGB5128A User Manual...
2-4.2 IPV6 This section describes how to configure the switch-managed IPv6 information. The Configured column is used to view or change the IPv6 configuration. The Current column is used to show the active IPv6 configuration. Configure the switch-managed IPv6 information on this page. The Configured column is used to view or change the IPv6 configuration.
If the switch provides a DNS feature, it also can be a host name. Syslog Level : Indicates what kind of message will be sent to syslog server. Possible modes are: Info: Send information, warnings, and errors. Warning: Send warnings and errors. Error: Send errors. LGB5128A User Manual...
2-5.2 Log This section how to display the system log information of the switch Web Interface To display the log configuration in the Web interface: 1. Click Syslog, Log. 2. Display the log information. Figure 2-5.2: The System Log configuration Parameter description: Auto-refresh ...
The ID (>= 1) of the system log entry. Message The detailed message of the system log entry. Upper right icon (Refresh, clear,….) Click to refresh the system log or clear them manually, use the other icons for next/up page or entry. LGB5128A User Manual...
2-6 SNMP Any Network Management System (NMS) running the Simple Network Management Protocol (SNMP) can manage the Managed devices equipped with SNMP agent, provided that the Management Information Base (MIB) is installed correctly on the managed devices. The SNMP is a protocol that is used to govern the transfer of information between SNMP manager and agent and traverses the Object Identity (OID) of the management Information Base (MIB), described in the form of SMI syntax.
Source IP Indicates the SNMP access source address. A particular range of source addresses can be used to restrict source subnet when combined with source mask. Source Mask Indicates the SNMP access source address mask. LGB5128A User Manual...
2-6.3 Users The function is used to configure SNMPv3 user. The Entry index key is UserName. To create a new UserName account, click on the <Add new user> button, and enter the user information then check <Save>. Max Group Number : 10. Web Interface To display the configure SNMP Users in the Web interface: 1.
Page 32
DES: An optional flag to indicate that this user uses DES authentication protocol. Privacy Password A string identifying the privacy password phrase. The allowed string length is 8 to 32, and the allowed content is ASCII characters from 33 to 126. LGB5128A User Manual...
2-6.4 Groups The function is used to configure SNMPv3 group. The Entry index key are Security Model and Security Name. To create a new group account, please check <Add new group> button, and enter the group information then check <Save>. Max Group Number : v1: 2, v2: 2, v3:10. Web Interface To display the configure SNMP Groups in the web interface: 1.
An optional flag to indicate that this view subtree should be excluded. In general, if a view entry's view type is 'excluded', there should be another view entry existing with view type as 'included' and its OID subtree should overstep the 'excluded' view entry. LGB5128A User Manual...
OID Subtree The OID defining the root of the subtree to add to the named view. The allowed OID length is 1 to 128. The allowed string content is digital number or asterisk(*). Save Click the Save icon to save the configuration to ROM. 2-6.6 Access The function is used to configure SNMPv3 accesses.
2. Display the SNMP Trap Hosts information table. 3. Choose a entry to display and modify the detail parameters or click on the delete button to delete the trap hosts entry. Figure 2-6.7: The SNMP Trap Host Configuration LGB5128A User Manual...
Page 37
Parameters description: Delete: Check <Delete> entry then click on the <Save> button, and the entry will be deleted. Trap Version: You may choose v1, v2c, or v3 trap. Server IP: Assign the SNMP Host IP address. UDP Port: ...
Page 38
Privacy Protocol: You can set DES encryption for UserName. Privacy Password: The length of “Privacy Password” is restricted to 8–32. LGB5128A User Manual...
Configuration Chapter 3. This chapter describes all of the basic network configuration tasks, including the Ports, Layer 2 network protocol (e.g., VLANs, QoS, IGMP, ACLs, and PoE, etc.), and any setting of the switch. 3-1 Port The section describes how to configure the Port detail parameters of the switch, to enable or disable switch Ports, and monitor the ports’...
Page 40
Enabled: Both link up and link down power savings enabled. Buttons Save – Click to save changes. Reset- Click to undo any changes made locally and revert to previously saved values. Upper right icon (Refresh) Click to refresh the Port link Status manually. LGB5128A User Manual...
3-1.2 Port Description The section describes how to configure the Port’s alias or any description for the Port Identity. The user can write down an alphanumeric string describing the full name and version identification for the system’s hardware type, software version, and networking application. Web Interface To configure a Port Description in the Web interface: 1.
Click the box next to auto-refresh and the device will refresh the information automatically. Upper right icon (Refresh, Clear): C click to refresh the Port Statistics information manually. Click Clear to clean up all Port Statistics. LGB5128A User Manual...
3-1.4 Detailed Statistics The section describes how to provide detailed traffic statistics for a specific switch port. Use the port select box to select which switch port details to display. The selected port belongs to the currently selected stack unit, as reflected by the page header. The displayed counters are the totals for receive and transmit, the size counters for receive and transmit, and the error counters for receive and transmit.
Page 44
The number of frames dropped due to excessive or late collisions. Auto-refresh: To evoke the auto-refresh to refresh the Queuing Counters automatically. Upper right icon (Refresh, clear) Click on these buttons for refresh the Port Detail Statistics or clear them manually. LGB5128A User Manual...
3-1.5 Qos Statistics The section describes how a switch displays the QoS detailed Queuing counters for a specific switch port, and for the different queues for all switch ports. The ports belong to the currently selected stack unit, as reflected by the page header. Web Interface To Display the Queueing Counters in the Web interface: 1.
10M, 100M, 1G, and so on. Vendor OUI: Display the OUI code, which is assigned by IEEE. Vendor Name: Display the company name of the module manufacturer. Vendor P/N: Display the product name of the naming by module manufacturer. LGB5128A User Manual...
Vendor Rev (Revision): Display the module revision. Vendor SN (Serial Number): Show the serial number assigned by the manufacturer. Date Code: Show the date this SFP module was made. Temperature: Show the current temperature of SFP module. Vcc: ...
3-2 ACL The LGB5128A switch access control list (ACL) is probably the most commonly used object in the IOS. It is used for packet filtering but also for selecting types of traffic to be analyzed, forwarded, or influenced in some way. The ACLs are divided into EtherTypes, IPv4, ARP protocol, MAC and VLAN parameters etc.
3-2.1 Ports The section describes how to configure the ACL parameters (ACE) of each switch port. These parameters will affect frames received on a port unless the frame matches a specific ACE. Web Interface To configure the ACL Ports Configuration in the Web interface: 1.
3. Scroll the Unit with pps or kbps. 4 . Click the save button to save the setting 5. If you want to cancel the setting, then you need to click the reset button. It will revert to previously saved values. LGB5128A User Manual...
Figure 3-2.2: The ACL Rate Limiter Configuration Parameter description: Rate Limiter ID : The rate limiter ID for the settings contained in the same row. Rate The allowed values are: 0-3276700 in pps or 0, 100, 200, 300, ..., 1000000 in kbps.
Page 52
Ethernet Type: The ACE will match Ethernet Type frames. NOTE: An Ethernet Type based ACE will not get matched by IP and ARP frames. ARP: The ACE will match ARP/RARP frames. IPv4: The ACE will match all IPv4 frames. LGB5128A User Manual...
Page 53
Action : Indicates the forwarding action of the ACE. Permit: Frames matching the ACE may be forwarded and learned. Deny: Frames matching the ACE are dropped. Rate Limiter : Indicates the rate limiter number of the ACE. The allowed range is 1 to 16. When Disabled is displayed, the rate limiter operation is disabled.
NOTE: Ethernet Type based ACE will not get matched by IP and ARP frames. ARP: The ACE will match ARP/RARP frames. IPv4: The ACE will match all IPv4 frames. Action : Indicates the forwarding action of the ACE. Permit: Frames matching the ACE may be forwarded and learned. LGB5128A User Manual...
Deny: Frames matching the ACE are dropped. Rate Limiter : Indicates the rate limiter number of the ACE. The allowed range is 1 to 16. When Disabled is displayed, the rate limiter operation is disabled. Port Copy : Indicates the port copy operation of the ACE.
Page 56
The TCP/UDP port number can be used to calculate the destination port for the frame. Check to enable the use of the TCP/UDP Port Number, or uncheck to disable. By default, TCP/UDP Port Number is enabled. LGB5128A User Manual...
Aggregation Group Configuration Locality : Indicates the aggregation group type. This field is only valid for stackable switches. Global: The group members may reside on different units in the stack. The device supports two 8-port global aggregations. Local: The group members reside on the same unit. Each local aggregation may consist of up to 16 members.
Page 58
Passive will wait for a LACP packet from a partner (speak if spoken to). Buttons Save – Click to save changes. Reset- Click to undo any changes made locally and revert to previously saved values. LGB5128A User Manual...
3-3.2.2 System Status This section describes how to set LACP function on the switch to provide a status overview for all LACP instances. Web Interface To display the LACP System status in the Web interface: 1. Click Configuration, LACP, System Status. 2.
The partner's port number connected to this port. Auto-refresh: Set the auto-refresh to refresh the information automatically. Upper right icon (Refresh) : You can click this icon to refresh the LACP port status information manually. LGB5128A User Manual...
3-3.2.4 Port Statistics This section describes how to set LACP function on the switch to provide a Port Statistics overview for all LACP instances. Web Interface To display the LACP Port status in the Web interface: 1. Click Configuration, LACP, Port Statistics. 2.
Advanced settings. 4. Click the save button to save the setting. 5. If you want to cancel the setting, then you need to click the Reset button. It will revert to previously saved values LGB5128A User Manual...
Page 63
Figure 3-4.1: The STP Bridge Configuration Parameter description: Basic Settings Protocol Version : The STP protocol version setting. Valid values are STP, RSTP, and MSTP. Bridge Priority : Controls the bridge priority. Lower numeric values have better priority. The bridge priority plus the MSTI instance number, concatenated with the 6-byte MAC address of the switch, forms a Bridge Identifier.
2. Specify the configuration identification parameters in the field. Specify the VLANs Mapped blank field. 3. Click the save button to save the setting 4. If you want to cancel the setting, then you need to click the Reset button. It will revert to previously saved values LGB5128A User Manual...
Figure 3-4.2: The MSTI Configuration Parameter description: Configuration Identification Configuration Name : The name identifying the VLAN to MSTI mapping. Bridges must share the name and revision (see below), as well as the VLAN-to-MSTI mapping configuration in order to share spanning trees for MSTI's (Intra-region). The name is at most 32 characters.
3. Enable or disable the STP, then scoll to set all parameters of the CIST normal Port configuration. 4. Click the save button to save the setting. 5. If you want to cancel the setting, then you need to click the Reset button. It will revert to previously saved values LGB5128A User Manual...
Page 67
Figure 3-4.4: The STP CIST Port Configuration Parameter description: Port : The switch port number of the logical STP port. STP Enabled : Controls whether STP is enabled on this switch port. Path Cost : Controls the path cost incurred by the port. The Auto setting will set the path cost as appropriate by the physical link speed, using the 802.1D recommended values.
4. Scroll to set all parameters of the MSTI Port configuration. 5. Click the save button to save the setting. 6. If you want to cancel the setting, then you need to click the Reset button. It will revert to previously saved values LGB5128A User Manual...
Page 69
Figure 3-4.5: The MSTI Port Configuration Parameter description: Port : The switch port number of the corresponding STP CIST (and MSTI) port. Path Cost : Controls the path cost incurred by the port. The Auto setting will set the path cost as appropriate by the physical link speed, using the 802.1D recommended values.
Topology Change Last : The time since last Topology Change occurred. Auto-refresh: Select to refresh the information automatically. Upper right icon (Refresh) You can click on this icon to refresh the STP Bridges status information manually. LGB5128A User Manual...
3-4.7 Port Status After you complete the STP configuration, you could to ask the switch to display the STP Port Status. The section explains how to ask the switch to display the STP CIST port status for physical ports of the currently selected switch.: Web Interface To display the STP Port status in the Web interface: 1.
Click the auto-refresh box to refresh the information automatically. Upper right icon (Refresh, Clear) Click on these icons to refresh the STP Statistics information or clear manually. 3-5 MRSTP The MRSTP (Multiple Rapid Spanning Tree Protocol) is not standard Spanning tree protocol. LGB5128A User Manual...
It means the switch supports the MRSTP. Several spanning trees exist at the same time and these spanning trees won’t affect each other. A switch supports MRSTP and accepts two or more RSTP in signal equipment. These two RSTP group have different ports to join them and between different Hello Time, Max Age, Forwarding Delay.
Page 74
Available value range: 4-30 sec. The same definition was as in the RSTP protocol. Buttons Save – Click to save changes. Reset- Click to undo any changes made locally and revert to previously saved values. LGB5128A User Manual...
4. Click the save button to save the setting 6. If you want to cancel the setting, then you need to click the Reset button. It will revert to previously saved values Figure 3-5.2: The MRSTP Port Configuration. LGB5128A User Manual...
Page 76
False, fast transition to Forwarding state will not happen on this port. Default: Auto Buttons Save – Click to save changes. Reset- Click to undo any changes made locally and revert to previously saved values. LGB5128A User Manual...
3-5.3 Port Status The section describes how to configure a MRSTP Port status table. You will see the MRSTP configuration result, each port that joins the MRSTP group, and its statistics. Web Interface To view the MRSTP Port status in the Web interface: 1.
4. Scroll to set the Throttling parameter. 5. Click the save button to save the setting 6. If you want to cancel the setting, then you need to click the Reset button. It will revert to previously saved values LGB5128A User Manual...
Page 79
Figure 3-5.1: The IGMP Snooping Configuration. Parameter description: Snooping Enabled: Enable the Global IGMP Snooping. Unregistered IPMCv4 Flooding enabled : Enable unregistered IPMCv4 traffic flooding. IGMP SSM Range : SSM (Source-Specific Multicast) Range allows the SSM-aware hosts and routers to run the SSM service model for the groups in the address range.
The allowed range is 1 to 255; default robustness variable value is 2. QI : Query Interval. The Query Interval is the interval between General Queries sent by the Querier. The allowed range is 1 to 31744 seconds; default query interval is 125 seconds. LGB5128A User Manual...
QRI : Query Response Interval. The Max. Response Time used to calculate the Max. Resp. Code inserted into the periodic General Queries. The allowed range is 0 to 31744 in tenths of seconds; default query response interval is 100 in tenths of seconds (10 seconds). LLQI (LMQI for IGMP) : ...
Page 82
Enable the IGMP Snooping Port Group Filtering function on the port. Filtering Groups : The IP Multicast Group that will be filtered. Buttons: Save—Click to save changes. Reset—Click to undo any changes made locally and revert to previously saved values. LGB5128A User Manual...
3-5.4 Status After you complete the IGMP Snooping configuration, the switch can display the IGMP Snooping Status. The section explains how to display the IGMP Snooping detail status. Web Interface To display the IGMP Snooping status in the Web interface: 1.
To refresh the log automatically, check the auto-refresh box. Upper right icon (Refresh, <<, >> ) Click the “Refresh” icon to them refresh the IGMP Group Status manually. Click the other icons for next/up page or entry. LGB5128A User Manual...
3-5.6 IPv4 SSM information Source Specific Multicast (SSM) is a datagram delivery model that best supports one-to-many applications, also known as broadcast applications. SSM is a core network technology of IP multicast targeted for audio and video broadcast application environments. For the SSM delivery mode, an IP multicast receiver host must use IGMP Version 3 (IGMPv3) to subscribe to channel (S, G).
If the switch receives multicast traffic destined for a given multicast address, it forwards that traffic only to ports on the VLAN that have MLD hosts for that address. It drops that traffic for ports on the VLAN that have no MLD hosts. LGB5128A User Manual...
3-6.1 Basic Configuration The section explains how to configure the MLD Snooping basic configuration and the parameters. Web Interface To configure the MLD Snooping Configuration in the Web interface: 1. Click Configuration, MLD Snooping, Basic Configuration. 2. Enable or disable the Global configuration parameters. Select the port to join Router port and Fast Leave.
Enable the per-VLAN MLD Snooping. Up to 32 VLANs can be selected. MLD Querier : A router sends MLD Query messages onto a particular link. This Router is called the Querier. Enable the MLD Querier in the VLAN. LGB5128A User Manual...
Compatibility : Compatibility is maintained by hosts and routers taking appropriate actions depending on the versions of MLD operating on hosts and routers within a network. The allowed selection is MLD-Auto, Forced MLDv1, Forced MLDv2, default compatibility value is MLD- Auto.
1. Click Configuration, MLD Snooping, Status. 2. To auto-refresh the information, click on the “Auto-refresh” button. 3. Click “ Refresh“ to refresh a entry of the MLD Snooping Status Information. 4. Click “ Clear“ to clear the MLD Snooping Status. LGB5128A User Manual...
Figure 3-6.4: The MLD Snooping Status Parameter description: VLAN ID : The VLAN ID of the entry. Querier Version : The currently working Querier Version. Host Version : The currently working Host Version. Querier Status : Show the Querier status is "ACTIVE"...
Page 92
Check on the auto-refresh box to refresh the log automatically. Upper right icon (Refresh, <<, >> ): Click on these icons to refresh the IGMP Group Status manually or go to the next/up page or entry. LGB5128A User Manual...
3-6.6 IPv6 SSM Information The section describes how to configure the Entries in the MLDv2 Information Table are shown on this page. The MLDv2 Information Table is sorted first by VLAN ID, then by group, and then by Port No. Different source addresses that belong to the same group are treated as a single entry.
Parameter description: MVR Mode : Enable/Disable the Global MVR. VLAN ID : Specify the Multicast VLAN ID. Mode : Enable MVR on the port. Type : Specify the MVR port type on the port. LGB5128A User Manual...
Immediate Leave : Enable the fast leave on the port. Buttons: Save – Click to save changes. Reset- Click to undo any changes made locally and revert to previously saved values. 3-7.2 Groups Information The section describes how to display the MVR Groups detail information on the switch. Entries in the MVR Group Table are shown on this page.
Auto-refresh : Check the auto-refresh box to refresh the information automatically. Upper right icon (Refresh, <<, >> ): Click to refresh the MVR Group information manually or to go to the next/up page or entry. LGB5128A User Manual...
3-8 LLDP The switch supports the LLDP. For current information on your switch model, the Link Layer Discovery Protocol (LLDP) provides a standards-based method for enabling switches to advertise themselves to adjacent devices and to learn about adjacent LLDP devices. The Link Layer Discovery Protocol (LLDP) is a vendor-neutral Link Layer protocol in the Internet Protocol Suite used by network devices for advertising their identity, capabilities, and neighbors on a IEEE 802 local area network, principally wired Ethernet.
Page 98
LLDP. These capabilities are shown as "others" in the LLDP neighbors’ table. If all ports have CDP awareness disabled, the switch forwards CDP frames received from neighbor devices. If at least one port has CDP awareness enabled, all CDP frames are terminated by the switch. LGB5128A User Manual...
When CDP awareness on a port is disabled, the CDP information isn't removed immediately, but gets when the hold time is exceeded. Port Descr : Optional TLV: When checked the "port description" is included in LLDP information transmitted. Sys Name : ...
This could, for instance, hold the neighbor's IP address. Auto-refresh : Check the auto-refresh box and the device will refresh the information automatically. Upper right icon (Refresh): Click on this icon to refresh the LLDP Neighbors information manually. LGB5128A User Manual...
3-8.3 LLDP-MED Configuration Media Endpoint Discovery is an enhancement of LLDP, known as LLDP-MED, that provides the following facilities: Auto-discovery of LAN policies (such as VLAN, Layer 2 Priority, and Differentiated services (Diffserv) settings) enabling plug-and-play networking. Device location discovery to allow creation of location databases and, in the case of Voice over Internet Protocol (VoIP), Enhanced 911 services.
Page 102
NAD83/NAVD88: North American Datum 1983, CRS Code 4269, Prime Meridian Name: Greenwich; The associated vertical datum is the North American Vertical Datum of 1988 (NAVD88). This datum pair is to be used when referencing locations on land, not near tidal water (which would use Datum = NAD83/MLLW). LGB5128A User Manual...
Page 103
NAD83/MLLW: North American Datum 1983, CRS Code 4269, Prime Meridian Name: Greenwich; The associated vertical datum is Mean Lower Low Water (MLLW). This datum pair is to be used when referencing locations on water/sea/ocean. Civic Address Location IETF Geopriv Civic Address based Location Configuration Information (Civic Address LCI). Country code : ...
Page 104
LLDP-MED allows multiple policies to be advertised per port, each corresponding to a different application type. Different ports on the same Network Connectivity Device may advertise different sets of policies, based on the authenticated user identity or port configuration. LGB5128A User Manual...
Page 105
NOTE: LLDP-MED is not intended to run on links other than between Network Connectivity Devices and Endpoints, so it does not need to advertise the multitude of network policies that frequently run on an aggregated link interior to the LAN. Delete : ...
Parameter description: Port : The port on which the LLDP frame was received. Device Type : LLDP-MED Devices are comprised of two primary Device Types: Network Connectivity Devices and Endpoint Devices. LLDP-MED Network Connectivity Device Definition LGB5128A User Manual...
Page 107
LLDP-MED Network Connectivity Devices, as defined in TIA-1057, provide access to the IEEE 802 based LAN infrastructure for LLDP-MED Endpoint Devices. An LLDP-MED Network Connectivity Device is a LAN access device based on any of the following technologies: 1. LAN Switch/Router 2.
Page 108
1 through 4094 is used to define a valid VLAN ID. A value of 0 (Priority Tagged) is used if the device is using priority tagged frames as defined by IEEE 802.1Q-2003, meaning that only the IEEE 802.1D priority level is significant and the default PVID of the ingress port is used instead. LGB5128A User Manual...
Priority : Priority is the Layer 2 priority to be used for the specified application type. Choose one of the eight priority levels (0 through 7). DSCP : DSCP is the DSCP value to be used to provide Diffserv node behavior for the specified application type as defined in IETF RFC 2474.
Page 110
The resolved value that is the actual "tx wakeup time” used for this link (based on EEE information exchanged via LLDP). Auto-refresh : Check the auto-refresh box and the device will refresh the information automatically. Upper right icon (Refresh): Click on this icon to refresh the LLDP Neighbors information by manual. LGB5128A User Manual...
3-8.6 Port Statistics Two types of counters are shown. Global counters are counters that refer to the whole stack of switches, while local counters refer to per port counters for the currently selected switch. Web Interface To show LLDP Statistics: 1.
Page 112
Auto-refresh : Check the auto-refresh box and the device will refresh the information automatically. Upper right icon (Refresh, Clear): Click on these icons to refresh the LLDP Port Statistics information manually or to clear the entries. LGB5128A User Manual...
3- 9 Filtering Data Base Filtering Data Base Configuration gathers many functions that cannot be categorized to some function type, including MAC Table Information and Static MAC Learning. MAC table Frame switching is based upon the DMAC address contained in the frame. The switch builds up a table that maps MAC addresses to switch ports for knowing which ports the frames should go to (based upon the DMAC address in the frame).
Click to add a new entry to the static MAC table. Specify the VLAN ID, MAC address, and port members for the new entry. Click "Save". Buttons: Save – Click to save changes. Reset- Click to undo any changes made locally and revert to previously saved values. LGB5128A User Manual...
3- 9.2 Dynamic MAC Table Entries in the MAC Table are shown on this page. The MAC Table contains up to 8192 entries, and is sorted first by VLAN ID, then by MAC address. Web Interface To Display the MAC Address Table in the Web interface: 1.
Indicates the name of VLAN. VLAN Name can only contain alphabets or numbers. VLAN name should contain at least one alphabet. VLAN name can be edited for the existing VLAN entries or it can be added to the new entries. LGB5128A User Manual...
Port Members : A row of check boxes for each port is displayed for each VLAN ID. To include a port in a VLAN, check the box. To remove or exclude the port from the VLAN, make sure the box is unchecked.
VLAN ingress and egress processing. If None is selected, a VLAN tag with the classified VLAN ID is inserted in frames transmitted on the port. This mode is normally used for ports connected to VLAN-aware switches. LGB5128A User Manual...
If Specific (the default value) is selected, a Port VLAN ID can be configured (see below). Untagged frames received on the port are classified to the Port VLAN ID. If VLAN awareness is disabled, all frames received on the port are classified to the Port VLAN ID. If the classified VLAN ID of a frame transmitted on the port is different from the Port VLAN ID, a VLAN tag with the classified VLAN ID is inserted in the frame.
If Port Type is Unaware, all frames are classified to the Port VLAN ID and tags are not removed. C-port is Customer Port. S-port is Service port. Custom S-port is S-port with Custom TPID. Ingress Filtering : Shows the ingress filtering on a port. This parameter affects VLAN ingress processing. If LGB5128A User Manual...
ingress filtering is enabled and the ingress port is not a member of the classified VLAN, the frame is discarded. Frame Type : Shows whether the port accepts all frames or only tagged frames. This parameter affects VLAN ingress processing. If the port only accepts tagged frames, untagged frames received on that port are discarded.
VLAN can be isolated to other isolated ports on the same VLAN and Private VLAN. Web Interface To configure Port Isolation configuration in the Web interface: 1. Click VLAN, Port Isolation. Check the box(es) below the port(s) you want to isolate. 3. Click Save. LGB5128A User Manual...
Figure 3-10.5.2: The Port Isolation Configuration Parameter description: Port Members : A check box is provided for each port of a private VLAN. When checked, port isolation is enabled on that port. When unchecked, port isolation is disabled on that port. By default, port isolation is disabled on all ports.
Page 124
"Save." The button can be used to undo the addition of new MAC-based VLANs. Buttons: Save – Click to save changes. Reset- Click to undo any changes made locally and revert to previously saved values. LGB5128A User Manual...
3-10.6.2 Status This section shows MAC-based VLAN entries configured by various MAC-based VLAN users. Currently, we support following VLAN User types: NAS : NAS provides port-based authentication, which involves communications between a Supplicant, Authenticator, and an Authentication Server. Web Interface To Display MAC-based VLAN configured in the Web interface: 1.
To delete a Protocol to Group Name map entry, check this box. The entry will be deleted on the switch during the next Save. Frame Type : Frame Type can have one of the following values: Ethernet LGB5128A User Manual...
Page 127
SNAP On changing the Frame type field, valid value of the following text field will vary depending on the new frame type you selected. Value : Valid value that can be entered in this text field depends on the option selected from the preceding Frame Type selection menu.
Click to add a new entry in mapping table. An empty row is added to the table, the Group Name, VLAN ID, and port members can be configured as needed. Legal values for a VLAN ID are 1 through 4095. The button can be used to undo the addition of new entry. LGB5128A User Manual...
Buttons: Save – Click to save changes. Reset- Click to undo any changes made locally and revert to previously saved values. Auto-refresh : Check the box next to auto-refresh and the device will refresh the information automatically. Upper right icon (Refresh): ...
Page 130
In this mode the Applicant state machine will not participate in the protocol operation. The default configuration is normal participant. Buttons: Save – Click to save changes. Reset- Click to undo any changes made locally and revert to previously saved values. LGB5128A User Manual...
3-12.2 Statistics http://192.0.2.1/help/glossary.htm - qos The section describes GARP port statistics for all switch ports. The port statistics relate to the currently selected stack unit, as reflected by the page header. Web Interface To display GARP Port statistics in the Web interface: 1.
The Port column shows the list of ports for which you can configure per port GVRP settings. There are three configuration settings that can be configured on per port bases. GVRP Mode: GVRP rrole: LGB5128A User Manual...
Page 133
1. GVRP Mode This configuration is to enable/disable GVRP Mode on particular port locally. Disable: Select to Disable GVRP mode on this port. Enable: Select to Enable GVRP mode on this port. The default value of configuration is disable. 2.
Leave Tx Count here... Auto-refresh : Click the box next to auto-refresh and the device will refresh the information automatically. Upper right icon (Refresh): Click on this button to refresh the GVRP Port Statistics information manually. LGB5128A User Manual...
3-14 MRP This standard specifies protocols, procedures, and managed objects to support the Multiple Registration Protocol (MRP). MRP allows participants in a MRP Application to register attributes with other participants in a Bridged Local Area Network. The definition of attribute types, their values, and the semantics associated with values when registered are specific to each MRP application.
Page 136
Upper right icon (Refresh): Click on this button to refresh the MRP Port configuration information manually. Buttons: Save – Click to save changes. Reset- Click to undo any changes made locally and revert to previously saved values. LGB5128A User Manual...
3-14.2 Statistics This page provides MRP port statistics for all switch ports. The port statistics relate to the currently selected stack unit, as reflected by the page header. Web Interface To display MRP Port statistics in the Web interface: 1. Click MRP statistics. 2.
The Port column lists ports for which you can configure per-port MVRP settings. There are three configuration settings that can be configured on per port bases. MVRP Mode: MVRP rrole: 1. MVRP Mode This configuration is to enable/disable MVRP Mode on particular port locally. LGB5128A User Manual...
Page 139
Disable: Select to Disable MVRP mode on this port. Enable: Select to Enable MVRP mode on this port. The default value of configuration is disable. 2. MVRP rrole This configuration is used to configure restricted role on an interface. ...
Auto-refresh : Click the box next to auto-refresh and the device will refresh the information automatically. Upper right icon (Refresh, Clear): Click on these icons to refresh the MVRP Port Statistics information or clear manually. LGB5128A User Manual...
3-16 QoS The switch supports four QoS queues per port with strict or weighted fair queuing scheduling. It supports QoS Control Lists (QCL) for advanced programmable QoS classification, based on IEEE 802.1p, Ethertype, VID, IPv4/IPv6, DSCP, and UDP/TCP ports and ranges. Classifying incoming frames to a QoS class is very flexible.
Page 142
Click on the mode in order to configure the mode and/or mapping. DSCP Based : Click to Enable DSCP Based QoS Ingress Port Classification. Buttons: Save – Click to save changes. Reset- Click to undo any changes made locally and revert to previously saved values. LGB5128A User Manual...
3-16.2 Port Policing This section provides an overview of QoS Ingress Port Policers for all switch ports The Port Policing is useful in constraining traffic flows and marking frames above specific rates. Policing is primarily useful for data flows and voice or video flows because voice and video usually maintain a steady rate of traffic.
Figure 3-18.4: The QoS Egress Port Shapers Click
t he
P ort
i ndex
t o
s et
t he
Q oS
Egress
P ort
S hapers
LGB5128A User Manual...
Page 147
If
y ou
s elect
t he
s cheduler
mode
w ith
w ighted
t hen
the
s creen
w ill
c hange
a s
the
f igure.
...
Page 148
Controls the unit of measure for the port shaper rate as "kbps" or "Mbps". The default value is "kbps". . Buttons: Save – Click to save changes. Reset- Click to undo any changes made locally and revert to previously saved values. LGB5128A User Manual...
3-16.5 Port Tag Remarking The Section provides user to get an overview of QoS Egress Port Tag Remarking for all switch ports. Others the ports belong to the currently selected stack unit, as reflected by the page header. Web Interface To display the QoS Port Tag Remarking in the Web interface: 1.
Disable: No Ingress DSCP Classification. • DSCP=0: Classify if incoming (or translated if enabled) DSCP is 0. • Selected: Classify only selected DSCP for which classification is enabled as specified in DSCP Translation window for the specific DSCP. LGB5128A User Manual...
• All: Classify all DSCP. Egress : Port Egress Rewriting can be one of these parameters: • Disable: No Egress rewrite. • Enable: Rewrite enable without remapped. • Remap: DSCP from analyzer is remapped and frame is remarked with remapped DSCP value.
Page 152
QoS Class value can be between 0–7. • DPL : Drop Precedence Level can be between 0 and 3. • Buttons: Save – Click to save changes. Reset- Click to undo any changes made locally and revert to previously saved values. LGB5128A User Manual...
3-16.8 DSCP Translation The section describes how to configure the basic QoS DSCP Translation settings for all switches. DSCP translation can be done in Ingress or Egress. Web Interface To configure the DSCP Translation parameters in the Web interface: 1. Click Configuration, QoS, DSCP Translation. 2.
Page 154
Remap: Select the DSCP value from the menu that you want to remap. DSCP value ranges from 0 to 63. Buttons: Save – Click to save changes. Reset- Click to undo any changes made locally and revert to previously saved values. LGB5128A User Manual...
3-16.9 DSCP Classification This section describes how to configure and map a DSCP value to a QoS Class and DPL value. The settings relate to the currently selected stack unit, as reflected by the page header. Web Interface To configure the DSCP Classification parameters in the Web interface: 1.Click Configuration, QoS, DSCP Translation.
Port : Indicates the list of ports configured with the QCE. Frame Type : Indicates the type of frame to look for incoming frames. Possible frame types are: Any: The QCE will match all frame type. LGB5128A User Manual...
Page 157
Ethernet: Only Ethernet frames (with Ether Type 0x600-0xFFFF) are allowed. LLC: Only (LLC) frames are allowed. SNAP: Only (SNAP) frames are allowed IPv4: The QCE will match only IPV4 frames. IPv6: The QCE will match only IPV6 frames. SMAC : ...
Page 158
BE, CS1-CS7, EF or AF11-AF43. Sport Source TCP/UDP port: (0–65535) or “Any,” specific or port range applicable for IP protocol UDP/TCP. Dport Destination TCP/UDP port: (0–65535) or Any,” specific or port “ range applicable for IP protocol UDP/TCP. LGB5128A User Manual...
Action Configuration : Class QoS Class: "class (0-7)", default- basic classification. DP: Valid DP Level can be (0-3)", default- basic classification. DSCP: Valid dscp value can be (0-63, BE, CS1-CS7, EF or AF11-AF43) . Buttons: Save – Click to save changes. Reset- Click to undo any changes made locally and revert to previously saved values.
3. Scroll to set the Rate Parameters. 4. Click the save button to save the setting. 5. To cancel the setting, click the Reset button. It will revert to previously saved values. Figure 3-16.12: The Storm Control Configuration LGB5128A User Manual...
Parameter description: Frame Type : The settings in a particular row apply to the frame type listed here: Unicast, Multicast, or Broadcast. Enable : Enable or disable the storm control status for the given frame type. Rate : ...
Page 162
The value accepted is within the range of 200–1500 bytes. The default is 1400 bytes. Buttons: Save – Click to save changes. Reset- Click to undo any changes made locally and revert to previously saved values. LGB5128A User Manual...
3-18.2 Sampler The section displays the sFlow sampler what you set or you can edit it for your requirement. That will help user based on a defined sampling rate, an average of 1 out of N packets/operations is randomly sampled. This type of sampling does not provide a 100% accurate result, but it does provide a result with quantifiable accuracy Web Interface To configure the sFlow Agent in the Web interface:...
3. Scroll to disabled, enable, TX Only, and RX Only to set the Port mirror mode. 4. Click the save button to save the setting. 5. To cancel the setting, click the Reset button. It will revert to previously saved values LGB5128A User Manual...
Page 165
Figure 3-20.1: The Mirror Configuration Parameter description: Port to mirror on : Port to mirror is also known as the mirror port. Frames from ports that have either source (rx) or destination (tx) mirroring enabled are mirrored on this port. Disabled disables mirroring.
Scroll to select the event type: “Emerg, Alert, Crit, Error, Warming, Notice, Info and Debug”, . Buttons: Save – Click to save changes. Reset- Click to undo any changes made locally and revert to previously saved values. LGB5128A User Manual...
3-21 SMTP Configuration Use this function to set a Alarm trap. When the switch alarm goes off, you can set the SMTP server to send you the alarm mail. Web Interface To configure the SMTP Configuration in the Web interface: 1.
4. Select the port that will support Loopback, Link monitor, MIB Retrieval, or Loopback operation. 4. Click the save button to save the setting 5. To cancel the setting, click the Reset button. It will revert to previously saved values Figure 3- 22.1: The Link OAM Port Configuration LGB5128A User Manual...
Page 169
Parameter description: Port Members : The switch port number and index for port configuration IEEE 802.3ah OAM. OAM Enabled : You can set OAM enable or disable on the Port. Controls whether Link OAM is enabled on this switch port. Enabling Link OAM enables the network operators to monitor the health of the network and quickly determine the location of failing links or fault conditions.
The period is specified by the number of symbols that can be received in a time interval on the underlying physical layer. This event is generated if the symbol error count is equal to or greater than the specified threshold for that period. LGB5128A User Manual...
Page 171
Frame Period Error Event: The Errored Frame Period Event TLV counts the number of errored frames detected during the specified period. The period is specified by a number of received frames. This event is generated if the errored frame count is greater than or equal to the specified threshold for that period (for example, if the errored frame count is greater than or equal to 10 for the last 1,000,000 frames received).
The field will show the status of this configuration is retrieved from the PHY. Users cannot configure this feature. Remote Loopback Support : If status is enabled, DTE is capable of OAM remote loopback mode. The field will show enabled. LGB5128A User Manual...
Page 173
Link Monitoring Support : If status is enabled, DTE supports interpreting Link Events. The field will show enabled. MIB Retrieval Support : If status is enabled, DTE supports sending Variable Response OAMPDUs.. The field will show enabled. MTU Size : ...
The field shows this four-octet field indicates the number of detected errored frames in the period. Total Frame Errors : This eight-octet field indicates the sum of errored frames that have been detected since the OAM sub-layer was reset. LGB5128A User Manual...
Page 175
Total Frame Error Events : This four-octet field indicates the number of Errored Frame Event TLVs that have been generated since the OAM sub-layer was reset. Frame Period Error Event Timestamp : This two-octet field indicates the time reference when the event was generated, in 100 ms intervals.
Page 176
OAM sub-layer was reset, encoded as a 32bit unsigned integer.. Auto-refresh : Click the box next to auto-refresh and the device will refresh the information automatically. Upper right icon (Refresh, clear): Click on these icons to refresh or clear information manually. LGB5128A User Manual...
A count of the number of Loopback Control OAMPDUs received and transmitted on this interface. Rx and Tx Variable Request : A count of the number of Variable Request OAMPDUs received and transmitted on this interface. LGB5128A User Manual...
Page 178
A count of the number of Critical event PDUs received and transmitted on this interface. Auto-refresh : Click the box next to auto-refresh and the device will refresh the information automatically. Upper right icon (Refresh, clear): Click on these icons to refresh or clear information manually. LGB5128A User Manual...
3-23 Ethernet OAM The chapter describes the Ethernet OAM configuration. Before you configure the Ethernet OAM, you need to understand MEP (Maintenance Entity Point). The MEP means the Points at the edge of the domain define the boundary for the domain. A MEP sends and receives CFM frames through the relay function, and drops all CFM frames of its level or lower that come from the wire side.
Page 180
Add new MEP - Click to add a new MEP entry. Save – Click to save changes. Reset- Click to undo any changes made locally and revert to previously saved values. Upper right icon (Refresh): Click on these icons to refresh the information manually. LGB5128A User Manual...
3-23 EPS The chapter describes the Ethernet Protection Switching (EPS). Ethernet (Linear) Protection Switch instances are configured here. Web Interface To configure the EPS in the Web interface: 1. Click Configuration, EPS. 2. Click “Add new EPS,” then you can create a new EPS entry on the switch. 3.
Page 182
Add new EPS - Click to add a new EPS entry. Save – Click to save changes. Reset- Click to undo any changes made locally and revert to previously saved values. Upper right icon (Refresh): Click on these icons to refresh the information manually. LGB5128A User Manual...
3-23 ERPS The chapter describes Ethernet Ring Protection Switching (ERPS). ITU-T under G.8032 recommended this to provide sub-50ms protection and recovery switching for Ethernet traffic in a ring topology, and at the same time ensuring that there are no loops formed at the Ethernet layer.
Page 184
Add new ERPS - Click to add a new ERPS entry. Save – Click to save changes. Reset- Click to undo any changes made locally and revert to previously saved values. Upper right icon (Refresh): Click on these icons to refresh the information by manually. LGB5128A User Manual...
3-22 PTP For Carrier Ethernet application, PTP is an acronym for Precision Time Protocol, a network protocol for synchronizing the clocks of computer systems. The chapter explains how to configure and inspect the current clock settings. 3-22.1 Configuration This chapter allows the user to configure the PTP clock setting on the switch and the parameters’...
The master always responds to delay requests. Protocol: Transport protocol used by the PTP protocol engine. You can scroll to select the following protocols: ethernet PTP over Ethernet multicast ip4multi PTP over IPv4 multicast ip4uni PTP over IPv4 unicast LGB5128A User Manual...
Page 187
IPv4 unicast protocol only works in Master only and Slave only clocks. See parameter Device Type. In a unicast Slave, the only clocks you need to configure are the master clocks to request Announce and Sync messages from. See: Unicast Slave Configuration. VLAN Tag Enable: ...
Indicates the Type of the Clock Instance. There are five Device Types. 1.Ord-Bound - Clock's Device Type is Ordinary-Boundary Clock. 2.P2p Transp - Clock's Device Type is Peer-to-Peer Transparent Clock. 3.E2e Transp - Clock's Device Type is End-to-End Transparent Clock. 4.MastrOnly - Clock's Device Type is Master Only. LGB5128A User Manual...
Page 189
5.SlaveOnly - Clock's Device Type is Slave Only. Port List: Shows the ports configured for that Clock Instance. Auto-refresh : Click the box next to auto-refresh and to enable an automatic refresh of the page at regular intervals. Upper right icon (Refresh): ...
2. Select “Enabled” of the specific port in the Mode of Port Mode Configuration. 3. Select Maximum Dynamic Clients (0, 1, 2, Unlimited) of the specific port in the Port Mode Configuration. 4. Click Save. Figure 4-1.1: The IP Source Guard Configuration LGB5128A User Manual...
Page 191
Parameter description: Mode of IP Source Guard Configuration : Enable the Global IP Source Guard or disable the Global IP Source Guard. All configured ACEs will be lost when the mode is enabled. Port Mode Configuration : Specify which ports IP Source Guard is enabled on. Only when both Global Mode and Port Mode on a given port are enabled, IP Source Guard is enabled on this given port.
Click to add a new entry to the Static IP Source Guard table. Specify the Port, VLAN ID, IP address, and IP Mask for the new entry. Click "Save.” Buttons: Save – Click to save changes. Reset- Click to undo any changes made locally and revert to previously saved values. LGB5128A User Manual...
4-1.3 Dynamic Table The section describes hhow to configure the Dynamic IP Source Guard Table parameters of the switch. You could use the Dynamic IP Source Guard Table configure to manage the entries. Web Interface To configure a Dynamic IP Source Guard Table Configuration in the Web interface: 1.
Mode on a given port are enabled, ARP Inspection is enabled on this given port. Buttons: Save – Click to save changes. Reset- Click to undo any changes made locally and revert to previously saved values. LGB5128A User Manual...
4-2.2 Static Table The section describes how to configure the Static ARP Inspection Table parameters of the switch. You could use the Static ARP Inspection Table configure to manage the ARP entries. Web Interface To configure a Static ARP Inspection Table Configuration in the Web interface: 1.
Click the box next to auto-refresh and the device will refresh the information automatically. Upper right icon (Refresh, <<, >> ): Click on these icons to refresh the Dynamic ARP Inspection Table manually or to go to the next/up page or entry LGB5128A User Manual...
4-3 DHCP Snooping The section describes how to configure the DHCP Snooping parameters of the switch. The DHCP Snooping can prevent attackers from adding their own DHCP servers to the network. 4-3.1 Configuration This section describes how to configure DHCP Snooping setting including: Snooping Mode (Enabled and Disabled) Port Mode Configuration (Trusted, Untrusted) Web Interface...
Rx and Tx Lease Unassigned : The number of lease unassigned (option 53 with value 11) packets received and transmitted. Rx and Tx Lease Unknown : The number of lease unknown (option 53 with value 12) packets received and transmitted. LGB5128A User Manual...
Page 199
Rx and Tx Lease Active : The number of lease active (option 53 with value 13) packets received and transmitted. Auto-refresh : Click the box next to auto-refresh and the device will refresh the information automatically. Upper right icon (Refresh, Clear ): ...
DHCP server and removes it from a DHCP message when transferring to DHCP client. It only works when DHCP relay operation mode is enabled. Disabled: Disable DHCP relay information mode operation. Relay Information Policy : LGB5128A User Manual...
Page 201
Indicates the DHCP relay information option policy. When DHCP relay information mode operation is enabled, if agent receives a DHCP message that already contains relay agent information it will enforce the policy. And it only works under DHCP if relay information operation mode is enabled.
The number of packets that resulted in error while being sent to servers. Receive from Client : The number of received packets from server. Receive Agent Option : The number of received packets with relay agent information option. Replace Agent Option : LGB5128A User Manual...
Page 203
The number of packets that were replaced with relay agent information option. Keep Agent Option : The number of packets whose relay agent information was retained. Drop Agent Option : The number of packets that were dropped which were received with relay agent information.
Page 205
Mode : Indicates if NAS is globally enabled or disabled on the switch stack. If globally disabled, all ports are allowed to forward frames. Reauthentication Enabled : If checked, successfully authenticated supplicants/clients are reauthenticated after the interval specified by the Reauthentication Period. Reauthentication for 802.1X-enabled ports can be used to detect if a new device is plugged into a switch port or if a supplicant is no longer attached.
Page 206
Port : The port number for which the configuration below applies. Admin State : If NAS is globally enabled, this selection controls the port's authentication mode. The following modes are available: Force Authorized : LGB5128A User Manual...
Page 207
In this mode, the switch will send one EAPOL Success frame when the port link comes up, and any client on the port will be allowed network access without authentication. Force Unauthorized : In this mode, the switch will send one EAPOL Failure frame when the port link comes up, and any client on the port will be disallowed network access.
Page 208
This option is only available for single-client modes, i.e. • Port-based 802.1X • Single 802.1X RADIUS attributes used in identifying a QoS Class: Refer to the written documentation for a description of the RADIUS attributes needed in LGB5128A User Manual...
Page 209
order to successfully identify a QoS Class. The User-Priority-Table attribute defined in RFC4675 forms the basis for identifying the QoS Class in an Access-Accept packet. Only the first occurrence of the attribute in the packet will be considered, and to be valid, it must follow this rule: •...
Page 210
Buttons: Save – Click to save changes. Reset- Click to undo any changes made locally and revert to previously saved values. Upper right icon (Refresh): Click on these icons to refresh the NAS Configuration manually. LGB5128A User Manual...
4-5.2 Switch Status The section describes each switch port’s NAS status information. The status includes Admin State Port State, Last Source, Last ID, QoS Class, and Port VLAN ID. Web Interface To configure a NAS Switch Status Configuration in the Web interface: 1.Check “Auto-refresh,”...
Page 212
Auto-refresh : Click the box next to auto-refresh and the device will refresh the information automatically. Upper right icon (Refresh): Click on these icons to refresh the NAS Switch Status manually. LGB5128A User Manual...
4-5.3 Port Status The section provides detailed NAS statistics for a specific switch port running EAPOL-based IEEE 802.1X authentication. Web Interface To configure a NAS Port Status Configuration in the Web interface: 1. Specify the Port that you want to check. 2.
Page 214
If an authentication fails for one or the other reason, the client will remain in the unauthenticated state for Hold Time seconds. Last Authentication : LGB5128A User Manual...
Page 215
Shows the date and time of the last authentication of the client (successful as well as unsuccessful). Auto-refresh : Click the box next to auto-refresh and the device will refresh the information automatically. Upper right icon (Refresh, Clear): Click on these icons to refresh the NAS Statistics manually or to clear all entries.
2. Specify IP address or Hostname for TACACS+ Server. 3. Specify Authentication Port for TACACS+ Server (Default is 49). 4. Specify the Secret with TACACS+ Server. Figure 4-5.3.1: The Common Server Configuration Figure 4-5.3.2: The TACACS+ Accounting Configuration LGB5128A User Manual...
Page 217
Figure 4-5.3.3: The RADIUS Configuration Figure 4-5.3.4: The RADIUS Accounting Configuration Figure 4-5.3.4: The TACACS+ Authentication Configuration Parameter description: Timeout : The Timeout, which can be set to a number between 3 and 3600 seconds, is the maximum time to wait for a reply from a server. If the server does not reply within this timeframe, we will consider it to be dead and continue with the next enabled server (if any).
Page 218
Port : The TCP port to use on the TACACS+ Authentication Server. If the port is set to 0 (zero), the default port (49) is used on the TACACS+ Authentication Server. LGB5128A User Manual...
Secret : The secret—up to 29 characters long—shared between the TACACS+ Authentication Server and the switch stack. Buttons: Save – Click to save changes. Reset- Click to undo any changes made locally and revert to previously saved values. 4-6.2 Radius Overview This section shows you an overview of the RADIUS Authentication and Accounting servers status to ensure the function is workable.
The statistics map closely to those specified in RFC4668—RADIUS Authentication Client MIB. Web Interface To configure a RADIUS Details Configuration in the Web interface: 1. Specify the Port you want to check. 2. Check “Auto-refresh.” Figure 4-6.3: The RADIUS Authentication Statistics Server LGB5128A User Manual...
Parameter description: Auto-refresh : Click the box next to auto-refresh and the device will refresh the information automatically. Upper right icon (Refresh, Clear): Click on these icons to refresh the RADIUS Statistics information by manual or to clear all entries.
Page 222
MAC addresses will be removed from the port, and no new address will be learned. Even if the link is physically disconnected and reconnected on the port (by disconnecting the cable), the port will remain shut down. There are three ways to re-open the port: LGB5128A User Manual...
Page 223
1) Boot the stack or elect a new master switch, 2) Disable and re-enable Limit Control on the port or the switch stack. 3) Click the Reopen button. Trap & Shutdown: If Limit + 1 MAC addresses is seen on the port, both the "Trap" and the "Shutdown"...
The table has one row for each port on the selected switch in the stack and a number of columns, which are: Port : The port number for which the status applies. Click the port number to see the status for this particular port. Users : LGB5128A User Manual...
Page 225
Each of the user modules has a column that shows whether that module has enabled Port Security or not. A '-' means that the corresponding user module is not enabled, whereas a letter indicates that the user module abbreviated by that letter (see Abbr) has enabled port security.
(-) will be shown. Auto-refresh : Click the box next to auto-refresh and the device will refresh the information automatically. Upper right icon (Refresh): Click on these icons to refresh the Port Security Port Status information manually. LGB5128A User Manual...
4-8 Access Management This section shows you to configure access management table of the Switch including HTTP/HTTPS, SNMP, and TELNET/SSH. You can manage the Switch over an Ethernet LAN, or over the Internet. 4-8.1 Configuration This section shows you how to configure access management table of the Switch. The maximum entry number is 16.
Page 228
Indicates that the host can access the switch from TELNET/SSH interface if the host IP address matches the IP address range provided in the entry. Buttons: Save – Click to save changes. Reset- Click to undo any changes made locally and revert to previously saved values. LGB5128A User Manual...
4-8.2 Statistics This section describes detailed statistics for the Access Management including HTTP, HTTPS, SSH. TELNET, and SSH. Web Interface To configure an Assess Management Statistics in the Web interface: 1. Check “Auto-refresh.” Figure 4-8.2: The Access Management Statistics Parameter description: Interface : ...
Indicates the SSH mode operation. Possible modes are: Enabled: Enable SSH mode operation. Disabled: Disable SSH mode operation. Buttons: Save – Click to save changes. Reset- Click to undo any changes made locally and revert to previously saved values. LGB5128A User Manual...
4-10 HTTPs This section shows you how to use HTTPS to securely access the Switch. HTTPS is a secure communication protocol that combines authentication and data encryption to provide secure encrypted communication via the browser. Web Interface To configure a HTTPS Configuration in the Web interface: 1.
This is only possible if the Authentication Method is set to a value other than “none” or “local.” Buttons: Save – Click to save changes. Reset- Click to undo any changes made locally and revert to previously saved values. LGB5128A User Manual...
Maintenance Chapter 5. This chapter describes switch Maintenance configuration tasks to enhance the performance of the local network, including Restart Device, Firmware upgrade, Save/Restore, Import/Export, and Diagnostics. 5-1 Restart Device This section describes how to restart switch for any maintenance needs. Any configuration files or scripts that you saved in the switch should still be available afterwards.
The front LED flashes Green/Off with a frequency of 10 Hz while the firmware update is in progress. Do not restart or power off the device at this time or the switch may fail to function afterwards. LGB5128A User Manual...
5-2.2 Firmware Selection The switch supports Dual image for firmware redundancy purpose. You can select the firmware image for your device start firmware or operating firmware. This page provides information about the active and alternate (backup) firmware images in the device, and allows you to revert to the alternate image.
Page 236
The firmware version and date information may be empty for older firmware releases. This does not constitute an error. LGB5128A User Manual...
5-3 Save / Restore This section describes how to save and restore the Switch configuration, including reset to Factory Defaults, Save Start, Save Users, or Restore Users for any maintenance needs. 5-3.1 Factory Defaults This section describes how to reset the Switch configuration to Factory Defaults. Any configuration files or scripts will recover to factory default values.
To configure a Restore User Configuration in the Web interface: 1. Click Restore User. 2. Click Yes. Figure 5-3.4: The Restore the Backup Configuration Parameter description: Buttons: Save – Click the “Save” button to restore the Backup Configuration to the switch. LGB5128A User Manual...
5-4 Export / Import This section describes how to export and import the Switch configuration. Any current configuration files will be exported as XML format. 5-4.1 Export Config This section describes how to export the Switch Configuration for maintenance needs. Any current configuration files will be exported as XML format.
Parameter description: Browse : Click the “Browse...” button to search the Configuration URL and filename. Upload: Click the “Upload” button and the switch will start to upload the configuration from the stored location PC or Server. LGB5128A User Manual...
5-5 Diagmostics This section provides a set of basic system diagnosis. It let users know that whether the system is healthy or needs to be fixed. The basic system check includes ICMP Ping, ICMPv6, and VeriPHY Cable Diagnostics 5-5.1 Ping This section allows you to issue ICMP PING packets to troubleshoot IPv6 connectivity issues.
64 bytes from 10.10.132.20: icmp_seq=2, time=0ms 64 bytes from 10.10.132.20: icmp_seq=3, time=0ms 64 bytes from 10.10.132.20: icmp_seq=4, time=0ms Sent 5 packets, received 5 OK, 0 bad You can configure the following properties of the issued ICMP packets: LGB5128A User Manual...
5-5.3 VeriPHY This section is used for running the VeriPHY Cable Diagnostics. Press to run the diagnostics. This will take approximately 5 seconds. If all ports are selected, this can take approximately 15 seconds. When completed, the page refreshes automatically, and you can view the cable diagnostics results in the cable status table.
A. Glossary of Web-based Management ACE is an acronym for Access Control Entry. It describes access permission associated with a particular ACE ID. There are three ACE frame types (Ethernet Type, ARP, and IPv4) and two ACE actions (permit and deny). The ACE also contains many detailed, different parameter options that are available for individual application.
Aggregation Using multiple ports in parallel to increase the link speed beyond the limits of a port and r higher availability. to increase the redundancy fo (Also Port Aggregation, Link Aggregation). ARP is an acronym for Address Resolution Protocol. It is a protocol used to convert an IP address into a physical address, such as an Ethernet address.
An IPv4 dotted decimal address has the form x.y.z.w, where x, y, z, and w are decimal numbers between 0 and 255. DSCP DSCP is an acronym for Differentiated Services Code Point. It is a field in the header of IP packets for packet classification purposes. LGB5128A User Manual...
EEE is an abbreviation for Energy Efficient Ethernet defined in IEEE 802.3az. EPS is an abbreviation for Ethernet Protection Switching defined in ITU/T G.8031. Ethernet Type Ethernet Type, or EtherType, is a field in the Ethernet MAC header, defined by the Ethernet networking standard.
If you wish to remove your messages from the server, you must use your mail client to generate local folders, copy messages to your local hard drive, and then delete and expunge the messages from the server. LGB5128A User Manual...
Page 249
IP is an acronym for Internet Protocol. It is a protocol used for communicating data across an Internet network. IP is a "best effort" system, which means that no packet of information sent over is assured to reach its destination in the same condition it was sent. Each device connected to a Local Area Network (LAN) or Wide Area Network (WAN) is given an Internet Protocol address, and this IP address is used to identify the device uniquely among all other devices connected to the extended network.
A client connects to the NAS, and the NAS connects to another resource asking whether the client's supplied credentials are valid. Based on the answer, the NAS then allows or disallows access to the protected resource. An example of a NAS implementation is IEEE 802.1X. NetBIOS LGB5128A User Manual...
NetBIOS is an acronym for Network Basic Input/Output System. It is a program that allows applications on separate computers to communicate within a Local Area Network (LAN), and it is not supported on a Wide Area Network (WAN). The NetBIOS gives each computer in the network both a NetBIOS name and an IP address corresponding to a different host name, and provides the session and transport services described in the Open Systems Interconnection (OSI) model.
QCE ID. There are six QCE frame types: Ethernet Type, VLAN, UDP/TCP Port, DSCP, TOS, and Tag Priority. Frames can be classified by one of 4 different QoS classes: “Low,” “Normal,” “Medium,” and “High” for individual applications. LGB5128A User Manual...
Page 253
QCL is an acronym for QoS Control List. It is the list table of QCEs that contains QoS control entries to classify a specific QoS class on specific traffic objects. Each accessible traffic object contains an identifier to its QCL. The privileges determine specific traffic object to specific QoS class.
Page 254
Switch IDs (1–16) are used to uniquely identify the switches within a stack. The Switch ID of each switch is shown on the display on the front of the switch and is used widely in the Web pages as well as in the CLI commands. LGB5128A User Manual...
SyncE SyncE Is an abbreviation for Synchronous Ethernet. It is used to sychronize a network “clock frequency.” Do not confuse this with real-time clock synchronized (IEEE 1588). TACACS+ TACACS+ is an acronym for Terminal Acess Controller Access Control System Plus. It is a networking protocol that provides access control for routers, network access servers, and other networked computing devices via one or more centralized servers.
Voice VLAN is VLAN configured specially for voice traffic. By adding the ports with voice devices attached to voice VLAN, we can perform QoS-related configuration for voice data, ensuring the transmission priority of voice traffic and voice quality. LGB5128A User Manual...
Page 257
About Black Box Black Box provides an extensive range of networking and infrastructure products. You’ll find everything from cabinets and racks and power and surge protection products to media converters and Ethernet switches all supported by free, live 24/7 Tech support available in 60 seconds or less.
Need help?
Do you have a question about the LGB5128A and is the answer not in the manual?
Questions and answers