Download Print this page

Planet MGSW-28240F User Manual

Planet MGSW-28240F User Manual

24-port 100/1000base-x sfp with 4-port 10g sfp+ managed metro ethernet switch

Hide thumbs Also See for MGSW-28240F:

Quick installation manual (16 pages)

,

Command manual (433 pages)

,

User manual (643 pages)

Table Of Contents

Table of Contents

Advertisement

Quick Links

Download this manual See also: Command Manual

User's Manual

24-Port 100/1000Base-X SFP with

4-Port 10G SFP+ Managed

Metro Ethernet Switch

MGSW-28240F

www.PLANET.com.tw

Table of Contents

Advertisement

Table of Contents

Need help?

Need help?

Do you have a question about the MGSW-28240F and is the answer not in the manual?

Questions and answers

Summary of Contents for Planet MGSW-28240F

Page 1 User’s Manual 24-Port 100/1000Base-X SFP with 4-Port 10G SFP+ Managed Metro Ethernet Switch MGSW-28240F www.PLANET.com.tw...
Page 2: Fcc Warning
PLANET is a registered trademark of PLANET Technology Corp. All other trademarks belong to their respective owners. Disclaimer PLANET Technology does not warrant that the hardware will work properly in all environments and applications, and makes no warranty and representation, either implied or expressed, with respect to the quality, performance, merchantability, or fitness for a particular purpose.
Page 3: Table Of Contents
3.2 Management Access Overview ......................... 51 3.3 CLI Mode Management ..........................52 3.4 Web Management ............................54 3.5 SNMP-Based Network Management ......................55 3.6 PLANET Smart Discovery Utility ......................55 4. WEB CONFIGURATION ...................... 57 4.1 Main Web Page ............................60...
Page 4 User’s Manual of MGSW-28240F 4.2 System ................................. 62 4.2.1 System Information .............................. 62 4.2.2 IP Configuration ..............................63 4.2.3 IPv6 Configuration ............................... 64 4.2.4 Users Configuration ............................. 65 4.2.5 Privilege Levels ..............................68 4.2.6 NTP Configuration ............................... 70 4.2.7 UPnP ................................... 71 4.2.8 DHCP Relay ................................
Page 5 User’s Manual of MGSW-28240F 4.4.4 SFP Information ..............................109 4.4.5 Port Mirror ................................110 4.5 Link Aggregation ............................113 4.5.1 Static Aggregation .............................. 116 4.5.2 LACP Configuration ............................118 4.5.3 LACP System Status ............................120 4.5.4 LACP Port Status ............................... 121 4.5.5 LACP Port Statistics ............................
Page 6 User’s Manual of MGSW-28240F 4.8.1 IGMP Snooping ..............................177 4.8.2 IGMP Snooping Configuration ........................... 181 4.8.3 IGMP Snooping VLAN Configuration ......................... 183 4.8.4 IGMP Snooping Port Group Filtering ......................... 184 4.8.5 IGMP Snooping Status ............................185 4.8.6 IGMP Group Information ............................ 187 4.8.7 IGMPv3 Information ............................
Page 7 User’s Manual of MGSW-28240F 4.10 Access Control Lists ..........................236 4.10.1 Access Control List Status ..........................236 4.10.2 Access Control List Configuration ........................238 4.10.3 ACE Configuration ............................240 4.10.4 ACL Ports Configuration ..........................249 4.10.5 ACL Rate Limiter Configuration ........................252 4.11 Authentication ............................
Page 8 User’s Manual of MGSW-28240F 4.14.2 LLDP Configuration ............................327 4.14.3 LLDP-MED Configuration ..........................331 4.14.4 LLDP-MED Neighbor ............................338 4.14.5 Neighbor ................................342 4.14.6 Port Statistics ..............................343 4.15 Diagnostics ............................. 345 4.15.1 Ping ................................. 346 4.15.2 IPv6 Ping ................................. 347 4.15.3 Remote IP Ping Test ............................
Page 9 User’s Manual of MGSW-28240F 6.1 System Command ............................ 384 System Configuration ............................384 System Log Configuration ........................... 384 System Timezone Configuration .......................... 385 System Version ..............................385 System Log Server Mode ............................ 386 System Name ..............................386 System Timezone Offset ............................. 387 System Contact ..............................
Page 10 User’s Manual of MGSW-28240F 6.3 Port Management Command ........................403 Port Configuration ............................... 403 Port Mode ................................403 Port Flow Control ..............................404 Port State ................................405 Port Maximum Frame ............................405 Port Power ................................406 Port Excessive ..............................406 Port Statistics ...............................
Page 11 User’s Manual of MGSW-28240F VLAN Name Delete ............................. 422 VLAN Name Lookup ............................423 VLAN Status ................................ 423 6.6 Private VLAN Configuration Command ....................425 PVLAN Configuration ............................425 PVLAN Add ................................. 426 PVLAN Delete ..............................426 PVLAN Lookup ..............................426 PVLAN Isolate ..............................
Page 12 User’s Manual of MGSW-28240F Security Switch SNMP Trap Destination ......................442 Security Switch SNMP Trap IPv6 Destination ..................... 442 Security Switch SNMP Trap Authentication Failure ..................... 443 Security Switch SNMP Trap Link-up ........................444 Security Switch SNMP Trap Inform Mode ......................444 Security Switch SNMP Trap Inform Timeout ......................
Page 13 User’s Manual of MGSW-28240F Security Network Psec Port ..........................461 Security Network Limit Configuration ........................462 Security Network Limit Mode ..........................463 Security Network Limit Aging ..........................463 Security Network Limit Agetime ........................... 464 Security Network Limit Port ..........................464 Security Network Limit Limit ..........................
Page 14 User’s Manual of MGSW-28240F Security Network DHCP Snooping Port Mode ..................... 485 Security Network DHCP Snooping Statistics ....................... 485 Security Network IP Source Guard Configuration ....................486 Security Network IP Source Guard Mode ......................486 Security Network IP Source Guard Port Mode ....................487 Security Network IP Source Guard Limit ......................
Page 15 User’s Manual of MGSW-28240F STP Port AutoEdge ............................. 506 STP Port P2P ..............................506 STP Port RestrictedRole ............................. 507 STP Port RestrictedTcn ............................507 STP Port bpduGuard ............................508 STP Port Statistic..............................508 STP Port Mcheck..............................509 STP MSTI Port Configuration ..........................509 STP MSTI Port Cost ............................
Page 16 User’s Manual of MGSW-28240F LLDP MED Configuration ............................ 526 LLDP MED Civic ..............................526 LLDP MED ECS ..............................527 LLDP MED Policy Delete ............................. 528 LLDP MED Policy Add ............................528 LLDP MED Port Policy ............................529 LLDP MED Coordinates ............................529 LLDP MED Datum ...............................
Page 17 User’s Manual of MGSW-28240F QoS DSCP Classification Mode .......................... 546 QoS DSCP EgressRemap ........................... 547 QoS Storm Unicast .............................. 547 QoS Storm Multicast ............................548 QoS Storm Broadcast ............................548 QoS QCL Add ..............................549 QoS QCL Delete ..............................550 QoS QCL Lookup ..............................
Page 18 User’s Manual of MGSW-28240F MVR Groups ................................ 564 MVR SFM ................................564 6.19 Voice VLAN Command ........................... 566 Voice VLAN Configuration ........................... 566 Voice VLAN Mode ............................... 567 Voice VLAN ID ..............................568 Voice VLAN Agetime ............................568 Voice VLAN Traffic Class ............................. 569 Voice VLAN OUI Add ............................
Page 19 User’s Manual of MGSW-28240F IPMC Filtering ..............................583 IPMC Router ................................ 583 IPMC Status ................................ 584 IPMC Group ................................ 584 IPMC Version ..............................585 IPMC SFM ................................585 IPMC Parameter RV ............................585 IPMC Parameter QI ............................. 586 IPMC Parameter QRI ............................586 IPMC Parameter LLQI ............................
Page 20 User’s Manual of MGSW-28240F SMTP Test ................................598 6.24 DIDO Command ............................599 DIDO DI Act ................................. 599 DIDO DI Desciption ............................. 599 DIDO DI Enable ..............................600 DIDO DO Act ............................... 600 DIDO DO Enable ..............................601 DIDO DO Port Alarm ............................601 DIDO DO Power Alarm ............................
Page 21 User’s Manual of MGSW-28240F Show UPnP ................................. 609 Show Users ................................. 609 Show VLAN ................................. 610 Show Voice VLAN ............................... 610 Show Firmware ..............................610 Show STP ................................610 6.26 MEP Command ............................611 mep config ................................611 mep peer ................................611 mep cc .................................
Page 22: Introduction
PLANET MGSW-28240F is a 24-port 100/1000Base-X SFP + 4-port 10G SFP+ L2/L4 Managed Metro Ethernet Switch. The MGSW-28240F is all multiple Gigabit SFP mini-GBIC slots switch plus four Gigabit Copper combo ports with connective ability and robust layer 2 features. The descriptions of the MGSW-28240F is shown below:...
Page 23: Product Descriptions
10Gb Ethernet which adopts full-duplex technology instead of low-speed, half-duplex CSMA/CD protocol, is a big leap in the evolution of Ethernet. 10Gb Ethernet can be deployed in star or ring topologies. With 10Gb Ethernet, MGSW-28240F switch provide broad bandwidth and powerful processing capacity. It is suitable for metropolitan networks and wide area networks.
Page 24 Digital Input and Digital Output for External Alarm PLANET MGSW-28240F supports Digital Input, and Digital Output on the front panel. This external alarm offers technicians the ability to use Digital Input to detect, and log external device status (such as door intrusion detector) for the alarm. As Digital Output could be used to alarm if the MGSW-28240F has port link down, link up or power failure.
Page 25 AC and DC Redundant Power to Ensure Continuous Operation PLANET MGSW-28240F is equipped with one 100~240V AC power supply unit and one additional 36 ~ 72V DC power supply unit for redundant power supply installation. A redundant power system is also provided to enhance the reliability with either the 100~240V AC power supply unit or the DC 36 ~ 72V power supply unit.
Page 26: How To Use This Manual
User’s Manual of MGSW-28240F 1.3 How to Use This Manual This User Manual is structured as follows: Section 2, INSTALLATION The section explains the functions of the Managed Switch and how to physically install the Managed Switch. Section 3, SWITCH MANAGEMENT The section contains the information about the software function of the Managed Switch.
Page 27: Product Features
User’s Manual of MGSW-28240F 1.4 Product Features  Physical Port  24 100/1000Base-X SFP mini-GBIC slots  4 1/10GBase-SR/LR SFP mini-GBIC slots  4 10/100/1000Base-T Gigabit Ethernet RJ-45 combo ports  One RJ-45 Console Interface for Basic Management and Setup ...
Page 28 User’s Manual of MGSW-28240F − STP, IEEE 802.1D Spanning Tree Protocol − RSTP, IEEE 802.1w Rapid Spanning Tree Protocol − MSTP, IEEE 802.1s Multiple Spanning Tree Protocol, Spanning Tree by VLAN − BPDU Guard  Supports Link Aggregation − 802.3ad Link Aggregation Control Protocol (LACP) −...
Page 29  Link Layer Discovery Protocol (LLDP) Protocol  SFP-DDM (Digital Diagnostic Monitor)  Cable Diagnostic technology provides the mechanism to detect and report potential cabling issues  Reset Button for System Reboot or Reset to Factory Default  PLANET Smart Discovery Utility for Deploy Management...
Page 30: Product Specifications
User’s Manual of MGSW-28240F 1.5 Product Specifications Product MGSW-28240F Hardware Specification 24 1000Base-SX/LX/BX SFP interfaces SFP/mini-GBIC Slots (Compatible with 100Base-FX SFP Transceiver) 10Gbps Fiber Ports 4 1/10GBase-SR/LR SFP+ slots Copper Ports 4 10/ 100/1000Base-T TP/SFP combo ports Console Port 1 x RS-232 RJ45 serial port (115200, 8, N, 1)
Page 31 User’s Manual of MGSW-28240F Up to 256 VLAN groups, out of 4094 VLAN IDs IEEE 802.3ad LACP / Static Trunk Port Trunking 12 groups of 16-Port trunk support Traffic classification based, Strict priority and WRR 4-level priority for switching - Port Number - 802.1p priority...
Page 32 User’s Manual of MGSW-28240F RFC 791 IP RFC 792 ICMP RFC 2068 HTTP RFC 1112 IGMP version 1 RFC 2236 IGMP version 2 RFC 3376 IGMP version 3 Environment Temperature: -10 ~ 60 degrees C for DC power input Operating...
Page 33: Installation
Switch, read this chapter carefully. 2.1.1 Front Panel Figure 2-1 shows the front panel of Managed Switch. Figure 2-1: MGSW-28240F Switch Front Panel ■ Gigabit TP interface 10/100/1000Base-T Copper, RJ-45 Twist-Pair: Up to 100 meters. ■ Gigabit SFP slots 1000Base-SX/LX mini-GBIC slot, SFP (Small Factor Pluggable) Transceiver Module supports from 550 meters (Multi-mode Fiber), up to 10/30/50/70/120 kilometers (Single Mode Fiber).
Page 34 User’s Manual of MGSW-28240F Reset Button Pressed and Released Function < 5 sec: System Reboot Reboot the Managed Switch Reset the Managed Switch to Factory Default configuration. The Managed Switch will then reboot and load the default settings as shown below: 。...
Page 35: Led Indications
User’s Manual of MGSW-28240F voltage from -36V to -72V DC. Connect the power cable to the Managed Switch at the input terminal block. The size of the two screws in the terminal block is M3.5. ■ Digital Input The digitail input of the Managed Switch can be activated by the external sensor that senses physical changes. These changes can include intrusion detection or certain physical change in the monitored area.
Page 36 User’s Manual of MGSW-28240F Indicates the link through that SFP port is successfully established with speed Lights 10Mbps or 100Mbps. Orange Blink Indicates that the switch is actively sending or receiving data over that port. Indicates that the SFP port is link down.
Page 37: Wiring The Ac Power Input
User’s Manual of MGSW-28240F 2.1.3 Wiring the AC Power Input The front panel of the MGSW-28240F indicates an AC inlet power socket, which accepts input power from 100 to 240V AC, 50/60Hz. 2.1.4 Wiring the DC Power Input The 6-contact terminal block connector on the front panel of MGSW-28240F is used for two DC redundant powers input. Please follow the steps below to insert the power wire.
Page 38: Wiring The Faulty Alarm Contact
User’s Manual of MGSW-28240F Figure 2-3: MGSW-28240F Upper Panel Tighten the wire-clamp screws for preventing the wires from loosening. DC 1 DC 2 Figure 2-4 6-Pin Terminal Block Power Wiring Input 1. The wire gauge for the terminal block should be in the range of 12 ~ 24 AWG.
Page 39: Wiring The Digital Input / Output
The 6-contact terminal block connector on the front panel of MGSW-28240F is used for Digital Input and Digital Output. Please follow the steps below to insert wire. The MGSW-28240F offers two DI and DO groups. 1 and 2 are DI groups, 3 and 4 are DO groups and 5 and 6 are GND (ground).
Page 40 There are two Digital Input groups for you to monitor two different devices. The following topology shows how to wire DI0 and DI1. We use the MGSW-28240F to be an example for describing DI application. Figure 2-7 Wires DI0 and DI1 to Open Detector...
Page 41 User’s Manual of MGSW-28240F There are two Digital Output groups for you to sense MGSW-28240F port failure or power failure and issue a high or low signal to external device. The following topology shows how to wire DO0 and DO1.
Page 42: Installing The Managed Switch
User’s Manual of MGSW-28240F 2.2 Installing the Managed Switch This section describes how to install your Managed Switch and make connections to the Managed Switch. Please read the following topics and perform the procedures in the order being presented. To install your Managed Switch on a desktop or shelf, simply complete the following steps.
Page 43: Rack Mounting
User’s Manual of MGSW-28240F When the Managed Switch receives power, the Power LED should remain solid Green. 2.2.2 Rack Mounting To install the Managed Switch in a 19-inch standard rack, please follow the instructions described below. Step1: Place the Managed Switch on a hard flat surface, with the front panel positioned towards the front side.
Page 44 User’s Manual of MGSW-28240F Figure 2-6 Mounting the Managed Switch on a Rack Step6: Proceeds with steps 4 and 5 of session 2.2.1 Desktop Installation to connect the network cabling and supply power to the Managed Switch.
Page 45: Cabling
User’s Manual of MGSW-28240F 2.3 Cabling  10/100/1000Base-T and 100Base-FX / 1000Base-SX/LX All 10/100/1000Base-T ports come with Auto-Negotiation capability. They automatically support 1000Base-T, 100Base-TX and 10Base-T networks. Users only need to plug a working network device into one of the 10/100/1000Base-T ports, and then turn on the Managed Switch.
Page 46: Installing The Sfp Transceiver
Figure 2-9: Plugging in the SFP Transceiver  Approved PLANET SFP Transceivers PLANET Managed Switch supports 100/1000 dual mode with both single mode and multi-mode SFP transceivers. The following list of approved PLANET SFP transceivers is correct at the time of publication: Gigabit SFP Transceiver Modules MGB-GT SFP-Port 1000Base-T Module –...
Page 47 MFB-TF20 SFP-Port 100Base-FX Transceiver (1310nm) - 20KM (-40~75 degrees C) It is recommended to use PLANET SFPs on the Managed Switch. If you insert an SFP transceiver that is not supported, the Managed Switch will not recognize it. Please choose the SFP transceiver which can be operated under -40~75 degrees C temperature if the switch device is working in an 0~50 degrees C temperature environment.
Page 48: Removing The Module
User’s Manual of MGSW-28240F 100Base-FX: Before connecting the other switches, workstation or media converter. Make sure both sides of the SFP transceiver are with the same media type or WDM pair, for example, 100Base-FX to 100Base-FX, 100Base-BX20-U to 100Base-BX20-D. Check the fiber-optic cable type that matches the SFP transceiver model.
Page 49 User’s Manual of MGSW-28240F Never pull out the module without lifting up the lever of the module and turning it to a horizontal position. Directly pulling out the module could damage the module and the SFP module slot of the...
Page 50: Switch Management
User’s Manual of MGSW-28240F 3. SWITCH MANAGEMENT This chapter explains the methods that you can use to configure management access to the Managed Switch. It describes the types of management applications and the communication and management protocols that deliver data between your management device (workstation or personal computer) and the system.
Page 51: Management Access Overview
User’s Manual of MGSW-28240F 3.2 Management Access Overview The Managed Switch gives you the flexibility to access and manage it using any or all of the following methods:  Remote Telnet Interface  Web browser Interface  An external SNMP-based network management application The Remote Telnet and Web browser interface support are embedded in the Managed Switch software and are available for immediate use.
Page 52: Cli Mode Management
There are two ways for CLI mode management, one is remote telnet, and the other is operating from console port. Remote telnet is an IP-based protocol, and console port is for user to operate the MGSW-28240F on local only, however their operation is the same.
Page 53 User’s Manual of MGSW-28240F Figure 3-2: Remote Telnet Interface Main Screen of Managed Switch For more information about using the Remote Telnet interface, refer to Chapter 5 Remote Telnet Interface Management.
Page 54: Web Management
User’s Manual of MGSW-28240F 3.4 Web Management The Managed Switch offers management features that allow users to manage the Managed Switch from anywhere on the network through a standard browser such as Microsoft Internet Explorer. After you set up your IP address for the Managed Switch, you can access the Managed Switch’s Web interface applications directly in your Web browser by entering the IP...
Page 55: Snmp-Based Network Management
For easily listing the Managed Switch in your Ethernet environment, the Planet Smart Discovery Utility from user’s manual CD-ROM is an ideal solution. The following installation instructions are to guide you to running the Planet Smart Discovery Utility. 1.Deposit the Planet Smart Discovery Utility in administrator PC.
Page 56 To click the “Control Packet Force Broadcast” function, it can allow assign new setting value to the Web Smart Switch under a different IP subnet address. Press “Connect to Device” button and the Web login screen appears in Figure 3-4. Press “Exit” button to shutdown the planet Smart Discovery Utility.
Page 57: Web Configuration
User’s Manual of MGSW-28240F 4. WEB CONFIGURATION This section introduces the configuration and functions of the Web-based management. About Web-based Management The Managed Switch offers management features that allow users to manage the Managed Switch from anywhere on the network through a standard browser such as Microsoft Internet Explorer.
Page 58 User’s Manual of MGSW-28240F  Logging on the Managed Switch Use Internet Explorer 7.0 or above Web browser. Enter the factory-default IP address to access the Web interface. The factory-default IP Address is shown as follows: http://192.168.0.100 When the following login screen appears, please enter the default username "admin" with password “admin” (or the username/password you have changed via console) to login the main screen of Managed Switch.
Page 59 User’s Manual of MGSW-28240F Figure 4-1-3: Default Main Page Now, you can use the Web management interface to continue the switch management or manage the Managed Switch by Web interface. The Switch Menu on the left of the web page let you access all the commands and statistics the Managed Switch provides.
Page 60: Main Web Page
User’s Manual of MGSW-28240F 4.1 Main Web Page The Managed Switch provides a Web-based browser interface for configuring and managing it. This interface allows you to access the Managed Switch using the Web browser of your choice. This chapter describes how to use the Managed Switch’s Web browser interface to configure and manage it.
Page 61 User’s Manual of MGSW-28240F Main Menu Using the onboard web agent, you can define system parameters, manage and control the Managed Switch, and all its ports, or monitor network conditions. Via the Web-Management, the administrator can setup the Managed Switch by selecting the functions those listed in the Main Function.
Page 62: System
User’s Manual of MGSW-28240F 4.2 System Use the System menu items to display and configure basic administrative details of the Managed Switch. Under the System the following topics are provided to configure and view the system information. 4.2.1 System Information The System Info page provides information for the current device information.
Page 63: Ip Configuration
User’s Manual of MGSW-28240F configured SNTP Server, if any. • System Uptime The period of time the device has been operational. • Software Version The software version of the Managed Switch. • Software Date The date when the switch software was produced.
Page 64: Ipv6 Configuration
User’s Manual of MGSW-28240F The Current column is used to show the active IP configuration. Object Description • DHCP Client Enable the DHCP client by checking this box. If DHCP fails and the configured IP address is zero, DHCP will retry. If DHCP server does not respond around 35 seconds and the configured IP address is non-zero, DHCP will stop and the configured IP settings will be used.
Page 65: Users Configuration
User’s Manual of MGSW-28240F The page includes the following fields: Object Description • Auto Configuration Enable IPv6 auto-configuration by checking this box. If system cannot obtain the stateless address in time, the configured IPv6 settings will be used. The router may delay responding to a router solicitation for a few seconds, the total time needed to complete auto-configuration can be significantly longer.
Page 66 User’s Manual of MGSW-28240F Figure 4-2-4: Users Configuration Page Screenshot The page includes the following fields: Object Description • User Name The name identifying the user. • Privilege Level The privilege level of the user. The allowed range is 1 to 15. If the privilege level value is 15, it can access all groups, i.e.
Page 67 User’s Manual of MGSW-28240F The page includes the following fields: Object Description • User Name A string identifying the user name that this entry should belong to. The allowed string length is 1 to 32. The valid user name is a combination of letters, numbers and underscores.
Page 68: Privilege Levels
User’s Manual of MGSW-28240F 4.2.5 Privilege Levels This page provides an overview of the privilege levels. After setup is completed, please press “Save” button to take effect. Please login web interface with new user name and password and the screen in Figure 4-2-7 appears.
Page 69 User’s Manual of MGSW-28240F The page includes the following fields: Object Description • Group Name The name identifying the privilege group. In most cases, a privilege level group consists of a single module (e.g. LACP, RSTP or QoS), but a few of them contains more than one.
Page 70: Ntp Configuration
User’s Manual of MGSW-28240F 4.2.6 NTP Configuration Configure NTP on this page. NTP is an acronym for Network Time Protocol, a network protocol for synchronizing the clocks of computer systems. NTP uses UDP (data grams) as transport layer. You can specify NTP Servers and set GMT Time zone. The NTP Configuration...
Page 71: Upnp
User’s Manual of MGSW-28240F 4.2.7 UPnP Configure UPnP on this page. UPnP is an acronym for Universal Plug and Play. The goals of UPnP are to allow devices to connect seamlessly and to simplify the implementation of networks in the home (data sharing, communications, and entertainment) and in corporate environments for simplified installation of computer components.
Page 72: Dhcp Relay
User’s Manual of MGSW-28240F Figure 4-2-10: UPnP Devices shows on Windows My Network Places 4.2.8 DHCP Relay Configure DHCP Relay on this page. DHCP Relay is used to forward and to transfer DHCP messages between the clients and the server when they are not on the same subnet domain.
Page 73 User’s Manual of MGSW-28240F means the port number. The Remote ID is 6 bytes in length, and the value is equal the DHCP relay agent’s MAC address. The DHCP Relay Configuration screen in Figure 4-2-11 appears. Figure 4-2-11: DHCP Relay Configuration Page Screenshot...
Page 74: Dhcp Relay Statistics
User’s Manual of MGSW-28240F  Keep: Keep the original relay information when receiving a DHCP message that already contains it.  Drop: Drop the package when receiving a DHCP message that already contains relay information. Buttons : Click to save changes.
Page 75: Cpu Load
User’s Manual of MGSW-28240F • Receive Bad Remote The number of packets whose Remote ID option did not match known Remote Client Statistics Object Description • Transmit to Client The number of relayed packets from server to client. • Transmit Error The number of packets that resulted in error while being sent to servers.
Page 76 User’s Manual of MGSW-28240F Figure 4-2-13: CPU Load Page Screenshot Buttons Auto-refresh : Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. If your browser cannot display anything on this page, please download Adobe SVG tool and...
Page 77: System Log
User’s Manual of MGSW-28240F 4.2.11 System Log The switch system log information is provided here. The System Log screen in Figure 4-2-14 appears. Figure 4-2-14: System Log Page Screenshot The page includes the following fields: Object Description • ID The ID (>= 1) of the system log entry.
Page 78: Detailed Log
User’s Manual of MGSW-28240F : Updates the system log entries, starting from the first available entry ID. : Updates the system log entries, ending at the last entry currently displayed. : Updates the system log entries, starting from the last entry currently displayed.
Page 79: Remote Syslog
User’s Manual of MGSW-28240F : Click this button to print out system log. 4.2.13 Remote Syslog Configure remote syslog on this page. The Remote Syslog screen in Figure 4-2-16 appears. Figure 4-2-16: Remote Syslog Page Screenshot The page includes the following fields:...
Page 80: Smtp Configuration
User’s Manual of MGSW-28240F 4.2.14 SMTP Configuration Configure SMTP Configuration on this page. The SMTP Configuration screen in Figure 4-2-17 appears. Figure 4-2-17: SMTP Configuration Page Screenshot The page includes the following fields: Object Description • SMTP Mode Enabled It is for you to enable SMTP mode function. This mode offers you to configure...
Page 81: Digital Input/Output
User’s Manual of MGSW-28240F • E-mail Subject It is for you to input mail subject. • E-mail 1 To It is for you to input recipient mail address. • E-mail 2 To It is for you to input secondary recipient mail address.
Page 82 User’s Manual of MGSW-28240F The page includes the following fields: Object Description • Enable Checks the Enable checkbox will enable Digital Input / output function. Unchecks the Enable checkbox will disable Digital input / output function. • As Digital Input: Condition Allows user selecting to High to Low or Low to High.
Page 83: Faulty Alarm
User’s Manual of MGSW-28240F 4.2.16 Faulty Alarm The Faulty Relay Alarm function provides the Power Failure and Port Link Down/Broken detection. With both power input 1 and power input 2 installed and the check boxes of power 1/power 2 ticked, the FAULTY LED indicator will then be possible to light up when any one of the power failures occurs.
Page 84: Web Firmware Upgrade
User’s Manual of MGSW-28240F 4.2.17 Web Firmware Upgrade This page facilitates an update of the firmware controlling the Managed Switch. The Web Firmware Upgrade screen in Figure 4-2-20 appears. Figure 4-2-20: Web Firmware Upgrade Page Screenshot To open Firmware Upgrade screen perform the folling: Click System ->...
Page 85: Tftp Firmware Upgrade
User’s Manual of MGSW-28240F 4.2.18 TFTP Firmware Upgrade The Firmware Upgrade page provides the functions to allow a user to update the Managed Switch firmware from the TFTP server in the network. Before updating, make sure you have your TFTP server ready and the firmware image is on the TFTP server.
Page 86 User’s Manual of MGSW-28240F Save configuration except IP Address feature is almost the same with Save configuration, except the IP address will not be saved. You can save/view or load the switch configuration. The configuration file is in XML format with a hierarchy of tags: Header tags: <?xml version="1.0"?>...
Page 87: Configuration Upload
User’s Manual of MGSW-28240F Chose the file save path in management workstation. Figure 4-2-25: File Save Screen 4.2.20 Configuration Upload This function allows backup and reload the current configuration of the Managed Switch to the local management station. The Configuration Upload screen in Figure 4-2-26 appears.
Page 88 User’s Manual of MGSW-28240F Figure 4-2-27: Windows File Selection Menu Popup Select on the configuration file and then click “ ”,.The bottom of the browser shows the upload status. After down, the main screen appears “Transfer Completed”.
Page 89: Image Select
User’s Manual of MGSW-28240F 4.2.21 Image Select This function provides dual image deposit in the Managed Switch. User can select any one of the image as Active image of Managed Switch. The Image Select screen in Figure 4-2-28 appears. Figure 4-2-28: Image Select Page Screenshot Button : Click to choose Alternate Image as Activate Image.
Page 90: Factory Default
User’s Manual of MGSW-28240F Figure 4-2-31: Image Select Page Screenshot After the system reboot, you can use the Alternate Image of Managed Switch. 4.2.22 Factory Default You can reset the configuration of the stack switch on this page. Only the IP configuration is retained. The new configuration is available immediately, which means that no restart is necessary.
Page 91: System Reboot
User’s Manual of MGSW-28240F After the “Factory” button be pressed and rebooted, the system will be loaded default settings, except IP address. To reset the Managed Switch to the Factory default setting, you can also press the hardware reset button at the front panel for about 5 seconds.
Page 92: Simple Network Management Protocol
User’s Manual of MGSW-28240F 4.3 Simple Network Management Protocol 4.3.1 SNMP Overview The Simple Network Management Protocol (SNMP) is an application layer protocol that facilitates the exchange of management information between network devices. It is part of the Transmission Control Protocol/Internet Protocol (TCP/IP) protocol suite.
Page 93: Snmp System Configuration
User’s Manual of MGSW-28240F  SNMPv3 Groups Configure SNMPv3 groups table on this page.  SNMPv3 Views Configure SNMPv3 views table on this page.  SNMPv3 Accesses Configure SNMPv3 accesses table on this page. 4.3.2 SNMP System Configuration Configure SNMP on this page. The SNMP System Configuration screen in Figure 4-3-1 appears.
Page 94: Trap Configuration
User’s Manual of MGSW-28240F SNMP version is SNMPv3, the community string will be associated with SNMPv3 communities table. It provides more flexibility to configure security name than a SNMPv1 or SNMPv2c community string. In addition to community string, a particular range of source addresses can be used to restrict source subnet.
Page 95 User’s Manual of MGSW-28240F • Trap Destination Indicates the SNMP trap destination address. It allows a valid IP address in Address dotted decimal notation ('x.y.z.w'). And it also allows a valid hostname. A valid hostname is a string drawn from the alphabet (A-Za-z), digits (0-9), dot (.), dash (-).
Page 96: Snmp System Information
User’s Manual of MGSW-28240F 4.3.4 SNMP System Information The switch system information is provided here. The SNMP System Information screen in Figure 4-3-3 appears. Figure 4-3-3: System Information Configuration Page Screenshot The page includes the following fields: Object Description •...
Page 97: Snmpv3 Configuration
User’s Manual of MGSW-28240F 4.3.5 SNMPv3 Configuration 4.3.5.1 SNMPv3 Communities Configure SNMPv3 communities table on this page. The entry index key is Community. The SNMPv3 Communities screen in Figure 4-3-4 appears. Figure 4-3-4: SNMPv3 Communities Configuration Page Screenshot The page includes the following fields:...
Page 98: Snmpv3 Users
User’s Manual of MGSW-28240F 4.3.5.2 SNMPv3 Users Configure SNMPv3 users table on this page. The entry index keys are Engine ID and User Name. The SNMPv3 Users screen in Figure 4-3-5 appears. Figure 4-3-5: SNMPv3 Users Configuration Page Screenshot The page includes the following fields:...
Page 99: Snmpv3 Groups
User’s Manual of MGSW-28240F authentication protocol.  SHA: An optional flag to indicate that this user using SHA authentication protocol.  The value of security level cannot be modified if entry already exists. That means must first ensure that the value is set correctly.
Page 100: Snmpv3 Views
User’s Manual of MGSW-28240F The page includes the following fields: Object Description • Check to delete the entry. It will be deleted during the next save. Delete • Indicates the security model that this entry should belong to. Possible security...
Page 101: Snmpv3 Access
User’s Manual of MGSW-28240F • View Name A string identifying the view name that this entry should belong to. The allowed string length is 1 to 32, and the allowed content is the ASCII characters from 33 to 126. •...
Page 102 User’s Manual of MGSW-28240F • Group Name A string identifying the group name that this entry should belong to. The allowed string length is 1 to 32, and the allowed content is the ASCII characters from 33 to 126. •...
Page 103: Port Management
User’s Manual of MGSW-28240F 4.4 Port Management Use the Port Menu to display or configure the Managed Switch's ports. This section has the following items:  Port Configuration Configures port connection settings  Port Statistics Overview Lists Ethernet and RMON port statistics ...
Page 104 User’s Manual of MGSW-28240F The page includes the following fields: Object Description • Port This is the logical port number for this row, means selection all ports of Managed Switch. • Port Description This function provides input per port description and the available letters is 12.
Page 105 User’s Manual of MGSW-28240F  Disabled: All power savings mechanisms disabled.  ActiPHY: Link down power savings enabled.  PerfectReach: Link up power savings enabled.  Enabled: Both link up and link down power savings enabled. When setting each port to run at 100M Full, 100M Half, 10M Full, and 10M Half-speed modes, the Auto-MDIX function will disable.
Page 106: Port Statistics Overview
User’s Manual of MGSW-28240F 4.4.2 Port Statistics Overview This page provides an overview of general traffic statistics for all switch ports. The Port Statistics Overview screen in Figure 4-4-2 appears. Figure 4-4-2: Port Statistics Overview Page Screenshot The displayed counters are:...
Page 107: Detailed Port Statistics
User’s Manual of MGSW-28240F Buttons : Click to refresh the page immediately. : Clears the counters for all ports. Auto-refresh : Check this box to enable an automatic refresh of the page at regular intervals. 4.4.3 Detailed Port Statistics This page provides detailed traffic statistics for a specific switch port. Use the port select box to select which switch port details to display.
Page 108 User’s Manual of MGSW-28240F • Rx and Tx Broadcast The number of received and transmitted (good and bad) broadcast packets. • Rx and Tx Pause A count of the MAC Control frames received or transmitted on this port that have an opcode indicating a PAUSE operation.
Page 109: Sfp Information
User’s Manual of MGSW-28240F Buttons : Click to refresh the page immediately. : Clears the counters for all ports. Auto-refresh : Check this box to enable an automatic refresh of the page at regular intervals. 4.4.4 SFP Information You can check the physical or operational status of an SFP module via the SFP Module Information page. This page shows the operational status, such as the transceiver type, speed, and wavelength and supports distance of SFP module on a specific interface.
Page 110: Port Mirror
User’s Manual of MGSW-28240F  1000Base-LX  100Base-FX • Speed Display the speed of current SFP module. The speed value or description is gotten from the SFP module. Different vendors of SFP modules might show different speed information. • Wave Length(nm) Display the wavelength of current SFP module.
Page 111 User’s Manual of MGSW-28240F Figure 4-4-5: Port Mirror Application The traffic to be copied to the mirror port is selected as follows: • All frames received on a given port (also known as ingress or source mirroring). • All frames transmitted on a given port (also known as egress or destination mirroring).
Page 112 User’s Manual of MGSW-28240F Figure 4-4-6: Mirror Configuration Page Screenshot...
Page 113: Link Aggregation
User’s Manual of MGSW-28240F The page includes the following fields: Object Description • Port to mirror on Port to mirror also known as the mirror port. Frames from ports that have either source (rx) or destination (tx) mirroring enabled are mirrored on this port. Disabled disables mirroring.
Page 114 User’s Manual of MGSW-28240F The device supports the following Aggregation links :  Static LAGs (Port Trunk) – Force aggregared selected ports to be a trunk group.  Link Aggregation Control Protocol (LACP) LAGs - LACP LAG negotiate Aggregated Port links with other LACP ports located on a different device.
Page 115 User’s Manual of MGSW-28240F • The ports that can be assigned to the same link aggregation have certain other restrictions (see below). • Ports can only be assigned to one link aggregation. • The ports at both ends of a connection must be configured as link aggregation ports.
Page 116: Static Aggregation
User’s Manual of MGSW-28240F 4.5.1 Static Aggregation This page is used to configure the Aggregation hash mode and the aggregation group. The aggregation hash mode settings are global, whereas the aggregation group relates to the currently selected stack unit, as reflected by the page header.
Page 117 User’s Manual of MGSW-28240F Static Aggregation Group Configuration The Aggregation Group Configuration screen in Figure 4-5-3 appears. Figure 4-5-3: Aggregation Group Configuration Page Screenshot The page includes the following fields: .Object Description • Indicates the group ID for the settings contained in the same row. Group ID Group ID "Normal"...
Page 118: Lacp Configuration
User’s Manual of MGSW-28240F 4.5.2 LACP Configuration Link Aggregation Control Protocol (LACP) - LACP LAG negotiate Aggregated Port links with other LACP ports located on a different device. LACP allows switches connected to each other to discover automatically whether any ports are member of the same LAG.
Page 119 User’s Manual of MGSW-28240F Figure 4-5-4 : LACP Port Configuration Page Screenshot...
Page 120: Lacp System Status
User’s Manual of MGSW-28240F The page includes the following fields: Object Description • Port The switch port number, means selection of all ports of Managed Switch. • Controls whether LACP is enabled on this switch port. LACP will form an LACP Enabled aggregation when 2 or more ports are connected to the same partner.
Page 121: Lacp Port Status
User’s Manual of MGSW-28240F Figure 4-5-5: LACP System Status Page Screenshot The page includes the following fields: Object Description • The Aggregation ID associated with this aggregation instance. Aggr ID For LLAG the id is shown as 'isid:aggr-id' and for GLAGs as 'aggr-id' •...
Page 122 User’s Manual of MGSW-28240F Figure 4-5-6: LACP Status Page Screenshot The page includes the following fields: Object Description • Port The switch port number. • LACP 'Yes' means that LACP is enabled and the port link is up. 'No' means that LACP is not enabled or that the port link is down.
Page 123: Lacp Port Statistics
User’s Manual of MGSW-28240F • Partner System ID The partners System ID (MAC address). • Partner Port The partner port number connected to this port. Buttons : Click to refresh the page immediately. Auto-refresh : Automatic refresh occurs every 3 seconds.
Page 124 User’s Manual of MGSW-28240F Object Description • The switch port number. Port • Shows how many LACP frames have been sent from each port. LACP Received • Shows how many LACP frames have been received at each port. LACP Transmitted •...
Page 125: Vlan
User’s Manual of MGSW-28240F 4.6 VLAN 4.6.1 VLAN Overview A Virtual Local Area Network (VLAN) is a network topology configured according to a logical scheme rather than the physical layout. VLAN can be used to combine any collection of LAN segments into an autonomous user group that appears as a single LAN.
Page 126: Ieee 802.1Q Vlan
User’s Manual of MGSW-28240F 4.6.2 IEEE 802.1Q VLAN In large networks, routers are used to isolate broadcast traffic for each subnet into separate domains. This Managed Switch provides a similar service at Layer 2 by using VLANs to organize any group of network nodes into separate broadcast domains.
Page 127 User’s Manual of MGSW-28240F Untagging - The act of stripping 802.1Q VLAN information out of the packet header. ■ 802.1Q VLAN Tags The figure below shows the 802.1Q VLAN tag. There are four additional octets inserted after the source MAC address. Their presence is indicated by a value of 0x8100 in the Ether Type field.
Page 128 User’s Manual of MGSW-28240F ■ Port VLAN ID Packets that are tagged (are carrying the 802.1Q VID information) can be transmitted from one 802.1Q compliant network device to another with the VLAN information intact. This allows 802.1Q VLAN to span network devices (and indeed, the entire network –...
Page 129: Vlan Basic Information
User’s Manual of MGSW-28240F ■ VLAN Classification When the switch receives a frame, it classifies the frame in one of two ways. If the frame is untagged, the switch assigns the frame to an associated VLAN (based on the default VLAN ID of the receiving port). But if the frame is tagged, the switch uses the tagged VLAN ID to identify the port broadcast domain of the frame.
Page 130: Vlan Port Configuration
User’s Manual of MGSW-28240F • Current number of Display the current number of VLANs VLANs • VLAN Learning Display the VLAN learning mode. The Managed Switch supports IVL (IVL Independent vlan learning). • Configurable PVID Indicates whether or not configurable PVID tagging is implemented.
Page 131 User’s Manual of MGSW-28240F QinQ tunneling is used to maintain customer-specific VLAN and Layer 2 protocol configurations even when different customers use the same internal VLAN IDs. This is accomplished by inserting Service Provider VLAN (SPVLAN) tags into the customer’s frames when they enter the service provider’s network, and then stripping the tags when the frames leave the network.
Page 132 User’s Manual of MGSW-28240F VLAN Port Configuration The VLAN Port Configuration screen in Figure 4-6-2 appears. Figure 4-6-2 : VLAN Port Configuration Page Screenshot...
Page 133 User’s Manual of MGSW-28240F The page includes the following fields: Object Description • Port This is the logical port number for this row. • PVID Allow assign PVID for selected port. The range for the PVID is 1-4094. The PVID will be inserted into all untagged frames entering the ingress port. The PVID must as same as the VLAN ID that the port belong to VLAN group, or the untagged traffic will be dropped.
Page 134: Vlan Membership
User’s Manual of MGSW-28240F The port must be a member of the same VLAN as the Port VLAN ID. Buttons : Click to save changes. : Click to undo any changes made locally and revert to previously saved values. 4.6.5 VLAN Membership ...
Page 135: Vlan Membership Status
User’s Manual of MGSW-28240F entries or it can be added to the new entries. • Port Members A row of check boxes for each port is displayed for each VLAN ID. To include a port in a VLAN, check the box. To remove or exclude the port from the VLAN, make sure the box is unchecked.
Page 136 User’s Manual of MGSW-28240F Figure 4-6-4: VLAN Membership Status for Static User Page Screenshot The page includes the following fields: Object Description • VLAN ID Indicates the ID of this particular VLAN. • Port Members The VLAN Membership Status Page will show the current VLAN port members for all VLANs configured by a selected VLAN User (selection will be allowed by a Combo Box).
Page 137: Vlan Port Status
User’s Manual of MGSW-28240F : Select VLAN Users from this drop down list. Auto-refresh : Check this box to enable an automatic refresh of the page at regular intervals. : Click to refresh the page immediately. : Updates the table starting from the first entry in the VLAN Table, i.e. the entry with the lowest VLAN ID.
Page 138 User’s Manual of MGSW-28240F The page includes the following fields: Object Description • Port The logical port for the settings contained in the same row. • PVID Shows the VLAN identifier for that port. The allowed values are 1 through 4095.
Page 139: Private Vlan
User’s Manual of MGSW-28240F 4.6.8 Private VLAN The Private VLAN membership configurations for the switch can be monitored and modified here. Private VLANs can be added or deleted here. Port members of each Private VLAN can be added or removed here.
Page 140: Port Isolation
User’s Manual of MGSW-28240F : Click to refresh the page immediately. 4.6.9 Port Isolation Overview When a VLAN is configured to be a private VLAN, communication between ports within that VLAN can be prevented. Two application examples are provided in this section: •...
Page 141: Vlan Setting Example
User’s Manual of MGSW-28240F  Isolated ports — Ports from which traffic can only be forwarded to promiscuous ports in the private VLAN — Ports which can receive traffic from only promiscuous ports in the private VLAN The configuration of promiscuous and isolated ports applies to all private VLANs. When traffic comes in on a promiscuous port in a private VLAN, the VLAN mask from the VLAN table is applied.
Page 142: Two Separate 802.1Q Vlans
User’s Manual of MGSW-28240F 4.6.10.1 Two separate 802.1Q VLANs The diagram shows how the Managed Switch handles Tagged and Untagged traffic flow for two VLANs. VLAN Group 2 and VLAN Group 3 are separated VLAN. Each VLAN isolate network traffic so only members of the VLAN receive traffic from the same VLAN members.
Page 143 User’s Manual of MGSW-28240F  Tagged packet entering VLAN 2 While [PC-3] transmits a tagged packet with VLAN Tag=2 enters Port-3, [PC-1] and [PC-2] will receive the packet through Port-1 and Port-2. While the packet leaves Port-1 and Port-2, it will be stripped away it tag becoming an untagged packet.
Page 144 User’s Manual of MGSW-28240F It’s important to remove the VLAN members from VLAN 1 configuration. Or the ports would become overlap setting. ( About the overlapped VLAN configuration, see next VLAN configure sample) Assign PVID for each port: Port-1,Port-2 and Port-3 : PVID=2...
Page 145: Vlan Trunking Between Two 802.1Q Aware Switches
User’s Manual of MGSW-28240F 4.6.10.2 VLAN Trunking between two 802.1Q aware Switches The most cases are used for “Uplink” to other switches. VLANs are separated at different switches, but they need to access with other switches within the same VLAN group. The screen in Figure 4-6-11 appears.
Page 146 User’s Manual of MGSW-28240F Specify Port-8 to be the 802.1Q VLAN Trunk port. Assign Port-8 to both VLAN 2 and VLAN 3 on the VLAN Member configuration page. Define a VLAN 1 as a “Public Area” that overlaps with both VLAN 2 members and VLAN 3 members.
Page 147: Port Isolate
User’s Manual of MGSW-28240F 4.6.10.3 Port Isolate The diagram shows how the Managed Switch handles isolate and promiscuous ports, and the each PC is not able to access each other PCs of each isolate port. But they all need to access with the same server/AP/Printer. The screen in Figure 4-6-14 appears.
Page 148: Mac-Based Vlan
User’s Manual of MGSW-28240F Figure 4-6-16: Private VLAN Port Setting 4.6.11 MAC-based VLAN The MAC-based VLAN entries can be configured here. This page allows for adding and deleting MAC-based VLAN entries and assigning the entries to different ports. This page shows only static entries. The MAC-based VLAN screen in Figure 4-6-17 appears.
Page 149: Mac-Based Vlan Status
User’s Manual of MGSW-28240F : Click to undo any changes made locally and revert to previously saved values. Auto-refresh : Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. : Click to refresh the page immediately.
Page 150: Ip Subnet-Based Vlan
User’s Manual of MGSW-28240F 4.6.13 IP Subnet-based VLAN This page allows for adding, updating and deleting IP subnet-based VLAN entries and assigning the entries to different ports. The IP subnet-based VLAN screen in Figure 4-6-19 appears. Figure 4-6-19: IP Subnet-based VLAN Page Screenshot...
Page 151: Protocol-Based Vlan
User’s Manual of MGSW-28240F 4.6.14 Protocol-based VLAN This page allows you to add new protocols to Group Name (unique for each Group) mapping entries as well as allow you to see and delete already mapped entries for the switch. The Protocol-based VLAN screen in Figure 4-6-20 appears.
Page 152: Protocol-Based Vlan Mambership
User’s Manual of MGSW-28240F a.OUI: OUI (Organizationally Unique Identifier) is value in format of xx-xx-xx where each pair (xx) in string is a hexadecimal value ranges from 0x00-0xff. b. PID: If the OUI is hexadecimal 000000, the protocol ID is the Ethernet type (EtherType) field value for the protocol running on top of SNAP;...
Page 153 User’s Manual of MGSW-28240F The page includes the following fields: Object Description • Delete To delete a Group Name to VLAN map entry, check this box. The entry will be deleted on the switch during the next Save • Group Name...
Page 154: Spanning Tree Protocol
User’s Manual of MGSW-28240F 4.7 Spanning Tree Protocol 4.7.1 Theory The Spanning Tree protocol can be used to detect and disable network loops, and to provide backup links between switches, bridges or routers. This allows the switch to interact with other bridging devices in your network to ensure that only one route exists between any two stations on the network, and provide backup links which automatically take over when a primary link goes down.
Page 155 User’s Manual of MGSW-28240F  The port identifier of the transmitting port The switch sends BPDUs to communicate and construct the spanning-tree topology. All switches connected to the LAN on which the packet is transmitted will receive the BPDU. BPDUs are not directly forwarded by the switch, but the receiving switch uses the information in the frame to calculate a BPDU, and, if the topology changes, initiates a BPDU transmission.
Page 156 User’s Manual of MGSW-28240F  From disabled to blocking Figure 4-7-1: STP Port State Transitions You can modify each port state by using management software. When you enable STP, every port on every switch in the network goes through the blocking state and then transitions through the states of listening and learning at power up. If properly configured, each port stabilizes to the forwarding or blocking state.
Page 157 User’s Manual of MGSW-28240F The following are the user-configurable STP parameters for the switch level: Parameter Description Default Value Bridge Identifier(Not user A combination of the User-set priority and 32768 + MAC configurable the switch’s MAC address. except by setting priority...
Page 158 User’s Manual of MGSW-28240F Port priority Port cost Bridge Priority 32,768 User-Changeable STA Parameters The Switch’s factory default setting should cover the majority of installations. However, it is advisable to keep the default settings as set at the factory; unless, it is absolutely necessary. The user changeable parameters in the Switch are as follows: Priority –...
Page 159 User’s Manual of MGSW-28240F STP breaks the loop by blocking the connection between switch B and C. The decision to block a particular connection is based on the STP calculation of the most current Bridge and Port settings. Now, if switch A broadcasts a packet to switch C, then switch C will drop the packet at port 2 and the broadcast will end there.
Page 160: Stp System Configuration
User’s Manual of MGSW-28240F In this example, only the default STP values are used. Figure 4-7-3: After Applying the STA Rules The switch with the lowest Bridge ID (switch C) was elected the root bridge, and the ports were selected to give a high port cost between switches B and C.
Page 161 User’s Manual of MGSW-28240F ‧ Extension – Multiple Spanning Tree Protocol (MSTP) : Defines an extension to RSTP to further develop the usefulness of virtual LANs (VLANs). This "Per-VLAN" Multiple Spanning Tree Protocol configures a separate Spanning Tree for each VLAN group and blocks all but one of the possible alternate paths within each Spanning Tree.
Page 162 User’s Manual of MGSW-28240F • Max Age The maximum age of the information transmitted by the Bridge when it is the Root Bridge. Valid values are in the range 6 to 40 seconds. -Default: -Minimum: The higher of 6 or [2 x (Hello Time + 1)].
Page 163: Bridge Status
User’s Manual of MGSW-28240F 4.7.3 Bridge Status This page provides a status overview for all STP bridge instances. The displayed table contains a row for each STP bridge instance, where the column displays the following information: The Bridge Status screen in Figure 4-7-5 appears.
Page 164 User’s Manual of MGSW-28240F Figure 4-7-6 : STP CIST Port Configuration Page Screenshot...
Page 165 User’s Manual of MGSW-28240F The page includes the following fields: Object Description • Port The switch port number of the logical STP port. • STP Enabled Controls whether RSTP is enabled on this switch port, means to select all ports of Managed Switch.
Page 166 User’s Manual of MGSW-28240F administrator to prevent bridges external to a core region of the network, causing address flushing in that region, possibly because those bridges are not under the full control of the administrator or the physical link state of the attached LANs transits frequently.
Page 167: Msti Priorities
User’s Manual of MGSW-28240F Port Type Link Type IEEE 802.1w-2001 Ethernet Half Duplex 2,000,000 Full Duplex 1,000,000 Trunk 500,000 Fast Ethernet Half Duplex 200,000 Full Duplex 100,000 Trunk 50,000 Gigabit Ethernet Full Duplex 10,000 Trunk 5,000 Table 4-7-3: Default STP Path Costs 4.7.5 MSTI Priorities...
Page 168 User’s Manual of MGSW-28240F bridge priority plus the MSTI instance number, concatenated with the 6-byte MAC address of the switch forms a Bridge Identifier, means all MSTI items will have one priority setting. Buttons : Click to save changes. : Click to undo any changes made locally and revert to previously saved values.
Page 169: Msti Configuration
User’s Manual of MGSW-28240F 4.7.6 MSTI Configuration This page allows the user to inspect the current STP MSTI bridge instance priority configurations, and possibly change them as well. The MSTI Configuration screen in Figure 4-7-8 appears. Figure 4-7-8: MSTI Configuration Page Screenshot...
Page 170: Msti Ports Configuration
User’s Manual of MGSW-28240F The page includes the following fields: Configuration Identification Object Description • Configuration Name The name identifiying the VLAN to MSTI mapping. Bridges must share the name and revision (see below), as well as the VLAN-to-MSTI mapping configuration in order to share spanning trees for MSTI's.
Page 171 User’s Manual of MGSW-28240F The page includes the following fields: MSTI Port Configuration Object Description • Select MSTI Select the bridge instance and set more detail configuration.
Page 172 User’s Manual of MGSW-28240F Figure 4-7-10: MST1 MSTI Port Configuration Page Screenshot...
Page 173: Port Status
User’s Manual of MGSW-28240F The page includes the following fields: MSTx MSTI Port Configuration Object Description • Port The switch port number of the corresponding STP CIST (and MSTI) port. • Path Cost The Configuration All with available values will assign to whole items.
Page 174 User’s Manual of MGSW-28240F Figure 4-7-11: STP Port Status Page Screenshot The page includes the following fields: Object Description • Port The switch port number of the logical STP port. • CIST Role The current STP port role of the ICST port. The port role can be one of the following values: ...
Page 175: Port Statistics
User’s Manual of MGSW-28240F  Forwarding  Non-STP • Uptime The time since the bridge port was last initialized. Buttons Auto-refresh : Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. : Click to refresh the page immediately.
Page 176 User’s Manual of MGSW-28240F : Click to refresh the page immediately. : Click to clear the information immediately.
Page 177: Multicast
User’s Manual of MGSW-28240F 4.8 Multicast 4.8.1 IGMP Snooping The Internet Group Management Protocol (IGMP) lets host and routers share information about multicast groups memberships. IGMP snooping is a switch feature that monitors the exchange of IGMP messages and copies them to the CPU for feature processing.
Page 178 User’s Manual of MGSW-28240F Figure 4-8-2: Multicast Flooding Figure 4-8-3: IGMP Snooping Multicast Stream Control...
Page 179 User’s Manual of MGSW-28240F IGMP Versions 1 and 2 Multicast groups allow members to join or leave at any time. IGMP provides the method for members and multicast routers to communicate when joining or leaving a multicast group. IGMP version 1 is defined in RFC 1112. It has a fixed packet size and no optional data.
Page 180 User’s Manual of MGSW-28240F message, and query messages that are specific to a given group. The states a computer will go through to join or to leave a multicast group are shown below: Figure 4-8-4: IGMP State Transitions  IGMP Querier –...
Page 181: Igmp Snooping Configuration
User’s Manual of MGSW-28240F 4.8.2 IGMP Snooping Configuration This page provides IGMP Snooping related configuration. The IGMP Snooping Configuration screen in Figure 4-8-5 appears. Figure 4-8-5: IGMP Snooping Configuration Page Screenshot...
Page 182 User’s Manual of MGSW-28240F The page includes the following fields: Object Description • Snooping Enabled Enable the Global IGMP Snooping. • Unregistered IPMCv4 Enable unregistered IPMCv4 traffic flooding. Flooding enabled • IGMP SSM Range SSM (Source-Specific Multicast) Range allows the SSM-aware hosts and routers run the SSM service model for the groups in the address range.
Page 183: Igmp Snooping Vlan Configuration
User’s Manual of MGSW-28240F 4.8.3 IGMP Snooping VLAN Configuration Each page shows up to 99 entries from the VLAN table, default being 20, selected through the "entries per page" input field. When first visited, the web page will show the first 20 entries from the beginning of the VLAN Table. The first displayed will be the one with the lowest VLAN ID found in the VLAN Table.
Page 184: Igmp Snooping Port Group Filtering
User’s Manual of MGSW-28240F represented by the Last Member Query Interval, multiplied by the Last Member Query Count. The allowed range is 0 to 31744 in tenths of seconds, default last member query interval is 10 in tenths of seconds (1 second).
Page 185: Igmp Snooping Status
User’s Manual of MGSW-28240F Figure 4-8-7: IGMP Snooping Port Group Filtering Configuration Page Screenshot The page includes the following fields: Object Description • Check to delete the entry. It will be deleted during the next save. Delete • Port The logical port for the settings.
Page 186 User’s Manual of MGSW-28240F Figure 4-8-8: IGMP Snooping Status Page Screenshot The page includes the following fields: Object Description • The VLAN ID of the entry. VLAN ID • Querier Version Working Querier Version currently. • Host Version Working Host Version currently.
Page 187: Igmp Group Information
User’s Manual of MGSW-28240F • V1 Reports Received The number of Received V1 Reports. • V2 Reports Received The number of Received V2 Reports. • V3 Reports Received The number of Received V3 Reports. • V2 Leaves Received The number of Received V2 Leave.
Page 188: Igmpv3 Information
User’s Manual of MGSW-28240F : Click to refresh the page immediately> : Updates the table, starting with the first entry in the IGMP Group Table. : Updates the table, starting with the entry after the last entry currently displayed. 4.8.7 IGMPv3 Information Entries in the IGMP SFM Information Table are shown on this page.
Page 189: Mld Snooping Configuration
User’s Manual of MGSW-28240F Buttons Auto-refresh : Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. : Click to refresh the page immediately. : Updates the table, starting with the first entry in the IGMP Group Table.
Page 190: Mld Snooping Vlan Configuration
User’s Manual of MGSW-28240F Figure 4-8-11: MLD Snooping Configuration Page Screenshot The page includes the following fields: Object Description • Enable the Global MLD Snooping. Snooping Enabled • Enable unregistered IPMCv6 traffic flooding. Please note that disabling Unregistered IPMCv6 Flooding Enabled unregistered IPMCv6 traffic flooding may lead to failure of Neighbor Discovery.
Page 191 User’s Manual of MGSW-28240F Figure 4-8-12: IGMP Snooping VLAN Configuration Page Screenshot The page includes the following fields: Object Description • VLAN ID The VLAN ID of the entry. • MLD Snooping Enable Enable the per-VLAN MLD Snooping. Only up to 64 VLANs can be selected.
Page 192: Mld Snooping Port Group Filtering
User’s Manual of MGSW-28240F range is 0 to 31744 seconds, default unsolicited report interval is 1 second. Buttons : Refreshes the displayed table starting from the "VLAN" input fields. : Updates the table starting from the first entry in the VLAN Table, i.e. the entry with the lowest VLAN ID.
Page 193: Mld Snooping Status
User’s Manual of MGSW-28240F • Port The logical port for the settings. • Filtering Group The IP Multicast Group that will be filtered. Buttons : Click to add a new entry to the Group Filtering table. : Click to save changes.
Page 194: Mld Groups Information
User’s Manual of MGSW-28240F The page includes the following fields: Object Description • VLAN ID The VLAN ID of the entry. • Working Querier Version currently. Querier Version • Host Version Working Host Version currently. • Querier Status Show the Querier status is "ACTIVE" or "IDLE".
Page 195 User’s Manual of MGSW-28240F Object Description • VLAN ID VLAN ID of the group. • Groups Group address of the group displayed. • Port Members Ports under this group. Buttons Auto-refresh : Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds.
Page 196: Mldv2 Information
User’s Manual of MGSW-28240F 4.8.13 MLDv2 Information Entries in the MLD SFM Information Table are shown on this page. The MLD SFM (Souce-Filtered Multicast) Information Table also contains the SSM (Source-Specific Multicast) information. This table is sorted first by VLAN ID, then by group, and then by Port No.
Page 197: Mvr
User’s Manual of MGSW-28240F 4.8.14 MVR The MVR feature enables multicast traffic forwarding on the Multicast VLANs. In a multicast television application, a PC or a network television or a set-top box can receive the multicast stream. Multiple set-top boxes or PCs can be connected to one subscriber port, which is a switch port configured as an MVR receiver port.
Page 198 User’s Manual of MGSW-28240F The page includes the following fields: Object Description • MVR Mode Enable/Disable the Global MVR. The Unregistered Flooding control depends on the current configuration in IGMP/MLD Snooping. It is suggested to enable Unregistered Flooding control when the MVR group table is full.
Page 199: Mvr Status
User’s Manual of MGSW-28240F ports.  Receiver: Configure a port as a receiver port if it is a subscriber port and should only receive multicast data. It does not receive data unless it becomes a member of the multicast group by issuing IGMP/MLD messages.
Page 200: Mvr Groups Information
User’s Manual of MGSW-28240F • IGMPv2/MLDv1 The number of Received IGMPv2 Joins and MLDv1 Reports, respectively. Reports Received • IGMPv3/MLDv2 The number of Received IGMPv3 Joins and MLDv2 Reports, respectively. Reports Received • IGMPv2/MLDv1 Leaves The number of Received IGMPv2 Leaves and MLDv1 Dones, respectively.
Page 201: Mvr Sfm Information
User’s Manual of MGSW-28240F Auto-refresh : Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. : Click to refresh the page immediately. : Updates the table starting from the first entry in the MVR Channels (Groups) Information Table.
Page 202 User’s Manual of MGSW-28240F : Click to refresh the page immediately. : Updates the table starting from the first entry in the MVR SFM Information Table. : Updates the table, starting with the entry after the last entry currently displayed.
Page 203: Quality Of Service
User’s Manual of MGSW-28240F 4.9 Quality of Service 4.9.1 Understand QOS Quality of Service (QoS) is an advanced traffic prioritization feature that allows you to establish control over network traffic. QoS enables you to assign various grades of network service to different types of traffic, such as multi-media, video, protocol-specific, time critical, and file-backup traffic.
Page 204: Port Policing
User’s Manual of MGSW-28240F 4.9.2 Port Policing This page allows you to configure the Policer settings for all switch ports. The Port Policing screen in Figure 4-9-1 appears. Figure 4-9-1: QoS Ingress Port Policers Page Screenshot...
Page 205: Port Shaping
User’s Manual of MGSW-28240F The page includes the following fields: Object Description • Port The port number for which the configuration below applies. • Enabled Controls whether the policer is enabled on this switch port, means selection all ports of Managed Switch.
Page 206: Qos Egress Port Schedule And Shapers
User’s Manual of MGSW-28240F Figure 4-9-2: QoS Egress Port Shapers Page Screenshot The page includes the following fields: Object Description • Port The logical port for the settings contained in the same row. Click on the port number in order to configure the shapers.
Page 207 User’s Manual of MGSW-28240F Figure 4-9-3: QoS Egress Port Schedule and Shapers Page Screenshot The page includes the following fields: Object Description • Schedule Mode Controls whether the scheduler mode is "Strict Priority" or "Weighted" on this switch port. • Queue Shaper Enable Controls whether the queue shaper is enabled for this queue on this switch port.
Page 208: Port Classification
User’s Manual of MGSW-28240F • Port Shaper Rate Controls the rate for the port shaper. The default value is 500. This value is restricted to 100-1000000 when the "Unit" is "kbps", and it is restricted to 1-3300 when the "Unit" is "Mbps".
Page 209 User’s Manual of MGSW-28240F Figure 4-9-4 : QoS Ingress Port Classification Page Screenshot The page includes the following fields: Object Description • Port The port number for which the configuration below applies. • QoS Class The Configuration All with available values will assign to whole ports.
Page 210: Qos Ingress Port Tag Classification
User’s Manual of MGSW-28240F Controls the default QoS class, i.e., the QoS class for frames not classified in any other way. There is a one to one mapping between QoS class, queue and priority. A QoS class of 0 (zero) has the lowest priority.
Page 211 User’s Manual of MGSW-28240F Figure 4-9-5 : QoS Ingress Port Tag Classification Page Screenshot The page includes the following fields: Object Description • Tag Classification Controls the classification mode for tagged frames on this port.  Disabled: Use default QoS class and DP level for tagged frames.
Page 212: Port Scheduler
User’s Manual of MGSW-28240F 4.9.5 Port Scheduler This page provides an overview of QoS Egress Port Schedulers for all switch ports. The Port Scheduler screen in Figure 4-9-6 appears. Figure 4-9-6: QoS Egress Port Schedule Page Screenshot The page includes the following fields:...
Page 213: Port Tag Remarking
User’s Manual of MGSW-28240F • Q0 ~ Q5 Shows the weight for this queue and port. 4.9.6 Port Tag Remarking This page provides an overview of QoS Egress Port Tag Remarking for all switch ports. The Port Tag Remarking screen in Figure 4-9-7 appears.
Page 214: Qos Egress Port Tag Remarking
User’s Manual of MGSW-28240F  Default: Use default PCP/DEI values.  Mapped: Use mapped versions of QoS class and DP level. 4.9.6.1 QoS Egress Port Tag Remarking The QoS Egress Port Tag Remarking for a specific port are configured on this page. The QoS Egress Port Tag Remarking...
Page 215: Port Dscp
User’s Manual of MGSW-28240F 4.9.7 Port DSCP This page allows you to configure the basic QoS Port DSCP Configuration settings for all switch ports. The Port DSCP screen in Figure 4-9-9 appears. Figure 4-9-9: QoS Port DSCP Configuration Page Screenshot...
Page 216 User’s Manual of MGSW-28240F The page includes the following fields: Object Description • Port The Port coulmn shows the list of ports for which you can configure dscp ingress and egress settings. • Ingress In Ingress settings you can change ingress translation and classification settings for individual ports.
Page 217: Dscp-Based Qos
User’s Manual of MGSW-28240F 4.9.8 DSCP-Based QoS This page allows you to configure the basic QoS DSCP based QoS Ingress Classification settings for all switches. The DSCP-Based QoS screen in Figure 4-9-10 appears. Figure 4-9-10: DSCP-Based QoS Ingress Classification Page Screenshot...
Page 218: Dscp Translation
User’s Manual of MGSW-28240F The page includes the following fields: Object Description • DSCP Maximum number of support ed DSCP values are 63. • Trust Click to check if the DSCP value is trusted. means to select all ports of Managed Switch.
Page 219 User’s Manual of MGSW-28240F Figure 4-9-11: DSCP Translation Page Screenshot...
Page 220 User’s Manual of MGSW-28240F The page includes the following fields: Object Description • DSCP Maximum numbers of supported DSCP values are 64 and valid DSCP value ranges from 0 to 63. • Ingress Ingress side DSCP can be first translated to new DSCP before using the DSCP for QoS class and DPL map.
Page 221: Dscp Classification
User’s Manual of MGSW-28240F 4.9.10 DSCP Classification This page allows you to map DSCP value to a QoS Class and DPL value. The DSCP Classification screen in Figure 4-9-12 appears. Figure 4-9-12: DSCP Classification Page Screenshot The page includes the following fields:...
Page 222: Qos Control List
User’s Manual of MGSW-28240F 4.9.11 QoS Control List This page shows the QoS Control List (QCL), which is made up of the QCEs. Each row describes a QCE that is defined. The maximum number of QCEs is 256 on each switch.
Page 223: Qos Control Entry Configuration
User’s Manual of MGSW-28240F • DEI Drop Eligible Indicator: Valid value of DEI can be any of values between 0, 1 or 'Any'. • Indicates the classification action taken on ingress frame if parameters Action configured are matched with the frame's content.
Page 224 User’s Manual of MGSW-28240F The page includes the following fields: Object Description • Port Members Check the checkbox button in case you what to make any port member of the QCL entry. By default all ports will be checked •...
Page 225: Qos Status
User’s Manual of MGSW-28240F DSCP Diffserv Code Point value(DSCP): It can be specific value, range of value or 'Any'. DSCP values are in the range 0-63 including BE, CS1-CS7, EF or AF11-AF43  IP Fragment IPv4 frame fragmented option: yes|no|any ...
Page 226 User’s Manual of MGSW-28240F Figure 4-9-15: QoS Control List Status Page Screenshot The page includes the following fields: Object Description • User Indicates the QCL user. • Indicates the index of QCE. QCE# • Indicates the type of frame to look for incomming frames. Possible frame types...
Page 227 User’s Manual of MGSW-28240F Buttons : Select the QCL status from this drop down list. Auto-refresh : Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. : Click to release the resources required to add QCL entry, incase conflict status for any QCL entry is 'yes'.
Page 228: Storm Control Configuration
User’s Manual of MGSW-28240F 4.9.13 Storm Control Configuration Storm control for the switch is configured on this page. There is a unicast storm rate control, multicast storm rate control, and a broadcast storm rate control. These only affect flooded frames, i.e. frames with a (VLAN ID, DMAC) pair not present on the MAC Address table.
Page 229: Wred
User’s Manual of MGSW-28240F The page includes the following fields: Object Description • Frame Type The settings in a particular row apply to the frame type listed here:  unicast  multicast  Broadcast • Enable Enable or disable the storm control status for the given frame type.
Page 230 User’s Manual of MGSW-28240F This page allows you to configure the Random Early Detection (RED) settings for queue 0 to 5. RED cannot be applied to queue 6 and 7. Through different RED configuration for the queues (QoS classes) it is possible to obtain Weighted Random Early Detection (WRED) operation between queues.
Page 231: Qos Statistics
User’s Manual of MGSW-28240F 4.9.15 QoS Statistics This page provides statistics for the different queues for all switch ports. The QoS Statistics screen in Figure 4-9-18 appears. Figure 4-9-18: Queuing Counters Page Screenshot The page includes the following fields: Object Description •...
Page 232 User’s Manual of MGSW-28240F Buttons Auto-refresh : Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. : Click to refresh the page immediately. : Clears the counters for all ports.
Page 233: Voice Vlan Configuration
User’s Manual of MGSW-28240F 4.9.16 Voice VLAN Configuration The Voice VLAN feature enables voice traffic forwarding on the Voice VLAN, then the switch can classify and schedule network traffic. It is recommended that there be two VLANs on a port - one for voice, one for data. Before connecting the IP device to the switch, the IP phone should configure the voice VLAN ID correctly.
Page 234 User’s Manual of MGSW-28240F The page includes the following fields: Object Description • Mode Indicates the Voice VLAN mode operation. We must disable MSTP feature before we enable Voice VLAN. It can avoid the conflict of ingress filter. Possible modes are: ...
Page 235: Voice Vlan Oui Table
User’s Manual of MGSW-28240F  All means all ports will have one specific setting. Buttons : Click to save changes. : Click to undo any changes made locally and revert to previously saved values. 4.9.17 Voice VLAN OUI Table Configure VOICE VLAN OUI table on this page. The maximum entry number is 16. Modifying the OUI table will restart auto detection of OUI process.
Page 236: Access Control Lists
User’s Manual of MGSW-28240F Buttons Click to add a new access management entry. : Click to save changes. : Click to undo any changes made locally and revert to previously saved values. 4.10 Access Control Lists ACL is an acronym for Access Control List. It is the list table of ACEs, containing access control entries that specify individual users or groups permitted or denied to specific traffic objects, such as a process or a program.
Page 237 User’s Manual of MGSW-28240F The page includes the following fields: Object Description • User Indicates the ACL user. • Ingress Port Indicates the ingress port of the ACE. Possible values are:  All: The ACE will match all ingress port.
Page 238: Access Control List Configuration
User’s Manual of MGSW-28240F Buttons Select the ACL status from this drop down list. Auto-refresh : Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. : Click to refresh the page immediate 4.10.2 Access Control List Configuration This page shows the Access Control List (ACL), which is made up of the ACEs defined on this switch.
Page 239 User’s Manual of MGSW-28240F  IPv4/Other: The ACE will match IPv4 frames, which are not ICMP/UDP/TCP.  IPv6: The ACE will match all IPv6 standard frames. • Action Indicates the forwarding action of the ACE.  Permit: Frames matching the ACE may be forwarded and learned.
Page 240: Ace Configuration
User’s Manual of MGSW-28240F 4.10.3 ACE Configuration Configure an ACE (Access Control Entry) on this page. An ACE consists of several parameters. These parameters vary according to the frame type that you select. First select the ingress port for the ACE, and then select the frame type. Different parameter options are displayed depending on the frame type selected.
Page 241 User’s Manual of MGSW-28240F The allowed range is 0 to 255. • Policy Bitmask When "Specific" is selected for the policy filter, you can enter a specific policy bitmask. The allowed range is 0x0 to 0xff. • Select the frame type for this ACE. These frame types are mutually exclusive.
Page 242 User’s Manual of MGSW-28240F  MAC Parameters Object Description • SMAC Filter (Only displayed when the frame type is Ethernet Type or ARP.) Specify the source MAC filter for this ACE.  Any: No SMAC filter is specified. (SMAC filter status is "don't-care".) ...
Page 243 User’s Manual of MGSW-28240F priority. The allowed number range is 0 to 7. The value Any means that no tag priority is specified (tag priority is "don't-care".)  ARP Parameters The ARP parameters can be configured when Frame Type "ARP" is selected.
Page 244 User’s Manual of MGSW-28240F • ARP SMAC Match Specify whether frames can hit the action according to their sender hardware address field (SHA) settings.  0: ARP frames where SHA is not equal to the SMAC address.  1: ARP frames where SHA is equal to the SMAC address.
Page 245 User’s Manual of MGSW-28240F defining UDP parameters will apper. These fields are explained later in this help file.  TCP: Select TCP to filter IPv4 TCP protocol frames. Extra fields for defining TCP parameters will appear. These fields are explained later in this help file.
Page 246 User’s Manual of MGSW-28240F • DIP Filter Specify the destination IP filter for this ACE.  Any: No destination IP filter is specified. (Destination IP filter is "don't-care".)  Host: Destination IP filter is set to Host. Specify the destination IP address in the DIP Address field that appears.
Page 247 User’s Manual of MGSW-28240F  Specific: If you want to filter a specific TCP/UDP source filter with this ACE, you can enter a specific TCP/UDP source value. A field for entering a TCP/UDP source value appears.  Range: If you want to filter a specific TCP/UDP source range filter with this ACE, you can enter a specific TCP/UDP source range value.
Page 248 User’s Manual of MGSW-28240F • TCP RST Specify the TCP "Reset the connection" (RST) value for this ACE.  0: TCP frames where the RST field is set must not be able to match this entry.  1: TCP frames where the RST field is set must be able to match this entry.
Page 249: Acl Ports Configuration
User’s Manual of MGSW-28240F Buttons : Click to save changes. : Click to undo any changes made locally and revert to previously saved values. : Return to the previous page. 4.10.4 ACL Ports Configuration Configure the ACL parameters (ACE) of each switch port. These parameters will affect frames received on a port unless the frame matches a specific ACE.
Page 250 User’s Manual of MGSW-28240F Figure 4-10-4: ACL Ports Configuration Page Screenshot The page includes the following fields: Object Description • Port The logical port for the settings contained in the same row. • Select the policy to apply to this port. The allowed values are 1 through 8. The Policy ID default value is 1.
Page 251 User’s Manual of MGSW-28240F value is "Permit". All means all ports will have one specific setting. • Select which rate limiter to apply to this port. The allowed values are Disabled Rate Limiter ID or the values 1 through 15. The default value is "Disabled". All means all ports will have one specific setting.
Page 252: Acl Rate Limiter Configuration
User’s Manual of MGSW-28240F : Click to clear the counters. 4.10.5 ACL Rate Limiter Configuration Configure the rate limiter for the ACL of the switch. The ACL Rate Limiter Configuration screen in Figure 4-10-5 appears. Figure 4-10-5: ACL Rate Limiter Configuration Page Screenshot...
Page 253 User’s Manual of MGSW-28240F Buttons : Click to save changes. : Click to undo any changes made locally and revert to previously saved values.
Page 254: Authentication
User’s Manual of MGSW-28240F 4.11 Authentication This section is to control the access of the Managed Switch, includes the user access and management control. The Authentication section contains links to the following main topics:  IEEE 802.1X Port-Based Network Access Control ...
Page 255: Understanding Ieee 802.1X Port-Based Authentication
User’s Manual of MGSW-28240F is a valid RADIUS user can be used by anyone, and only the MD5-Challenge method is supported. The 802.1X and MAC-Based Authentication configuration consists of two sections, a system- and a port-wide. Overview of User Authentication It is allowed to configure the Managed Switch to authenticate users logging into the system for management access using local or remote authentication methods, such as telnet and Web browser.
Page 256 User’s Manual of MGSW-28240F  Device Roles With 802.1X port-based authentication, the devices in the network have specific roles as shown below. Figure 4-11-1  Client—the device (workstation) that requests access to the LAN and switch services and responds to requests from the switch.
Page 257 User’s Manual of MGSW-28240F Authentication Protocol (EAP) frames and interacting with the authentication server. When the switch receives EAPOL frames and relays them to the authentication server, the Ethernet header is stripped and the remaining EAP frame is re-encapsulated in the RADIUS format. The EAP frames are not modified or examined during encapsulation, and the authentication server must support EAP within the native frame format.
Page 258 User’s Manual of MGSW-28240F Figure 4-11-2: EAP Message Exchange  Ports in Authorized and Unauthorized States The switch port state determines whether or not the client is granted access to the network. The port starts in the unauthorized state. While in this state, the port disallows all ingress and egress traffic except for 802.1X protocol packets. When a client is successfully authenticated, the port transitions to the authorized state, allowing all traffic for the client to flow normally.
Page 259: Authentication Configuration
User’s Manual of MGSW-28240F 4.11.2 Authentication Configuration This page allows you to configure how a user is authenticated when he logs into the switch via one of the management client interfaces. The Authentication Method Configuration screen in Figure 4-11-3 appears.
Page 260: Network Access Server Configuration
User’s Manual of MGSW-28240F 4.11.3 Network Access Server Configuration This page allows you to configure the IEEE 802.1X and MAC-based authentication system and port settings. The IEEE 802.1X standard defines a port-based access control procedure that prevents unauthorized access to a network by requiring users to first submit credentials for authentication.
Page 261 User’s Manual of MGSW-28240F Figure 4-11-4: Network Access Server Configuration Page Screenshot...
Page 262 User’s Manual of MGSW-28240F The page includes the following fields: System Configuration Object Description • Mode Indicates if NAS is globally enabled or disabled on the switch. If globally disabled, all ports are allowed forwarding of frames. • Reauthentication If checked, successfully authenticated supplicants/clients are reauthenticated Enabled after the interval specified by the Reauthentication Period.
Page 263 User’s Manual of MGSW-28240F the entry. • Hold Time This setting applies to the following modes, i.e. modes using the Port Security functionality to secure MAC addresses:  Single 802.1X  Multi 802.1X  MAC-Based Auth. If a client is denied access - either because the RADIUS server denies the client access or because the RADIUS server request times out (according to the timeout specified on the "Configuration→Security→AAA"...
Page 264 User’s Manual of MGSW-28240F timeout. The switch follows a set of rules for entering and leaving the Guest VLAN as listed below. The "Guest VLAN Enabled" checkbox provides a quick way to globally enable/disable Guest VLAN functionality. When checked, the individual ports' ditto setting determines whether the port can be moved into Guest VLAN.
Page 265 User’s Manual of MGSW-28240F Force Unauthorized In this mode, the switch will send one EAPOL Failure frame when the port link comes up, and any client on the port will be disallowed network access. Port-based 802.1X In the 802.1X-world, the user is called the supplicant, the switch is the authenticator, and the RADIUS server is the authentication server.
Page 266 User’s Manual of MGSW-28240F other clients connected to the port (for instance through a hub) to piggy-back on the successfully authenticated client and get network access even though they really aren't authenticated. To overcome this security breach, use the Single 802.1X variant.
Page 267 User’s Manual of MGSW-28240F limited using the Port Security Limit Control functionality. MAC-based Auth. Unlike port-based 802.1X, MAC-based authentication is not a standard, but merely a best-practices method adopted by the industry. In MAC-based authentication, users are called clients, and the switch acts as the supplicant on behalf of clients.
Page 268 User’s Manual of MGSW-28240F the RADIUS-assigned). This option is only available for single-client modes, i.e. • Port-based 802.1X • Single 802.1X RADIUS attributes used in identifying a QoS Class: Refer to the written documentation for a description of the RADIUS attributes needed in order to successfully identify a QoS Class.
Page 269 User’s Manual of MGSW-28240F attributes must all be present at least once in the Access-Accept packet. - The switch looks for the first set of these attributes that have the same Tag value and fulfil the following requirements (if Tag == 0 is used, the Tunnel-Private-Group-ID does not need to include a Tag): - Value of Tunnel-Medium-Type must be set to "IEEE-802"...
Page 270 User’s Manual of MGSW-28240F While in the Guest VLAN, the switch monitors the link for EAPOL frames, and if one such frame is received, the switch immediately takes the port out of the Guest VLAN and starts authenticating the supplicant according to the port mode.
Page 271: Network Access Overview
User’s Manual of MGSW-28240F 4.11.4 Network Access Overview This page provides an overview of the current NAS port states for the selected switch. The Network Access Overview screen in Figure 4-11-5 appears. Figure 4-11-5: Network Access Server Switch Status Page Screenshot...
Page 272: Network Access Statistics
User’s Manual of MGSW-28240F EAPOL-based authentication, and the most recently received frame from a new client for MAC-based authentication. • Last ID The user name (supplicant identity) carried in the most recently received Response Identity EAPOL frame for EAPOL-based authentication, and the source MAC address from the most recently received frame from a new client for MAC-based authentication.
Page 273 User’s Manual of MGSW-28240F The page includes the following fields: Port State Object Description • Admin State The port's current administrative state. Refer to NAS Admin State for a description of possible values. • Port State The current state of the port. Refer to NAS Port State for a description of the individual states.
Page 274 User’s Manual of MGSW-28240F Response Identity frames) that have been received by the switch. Start dot1xAuthEapolStartFra The number of EAPOL Start mesRx frames that have been received by the switch. Logoff dot1xAuthEapolLogoffFr The number of valid EAPOL amesRx Logoff frames that have been received by the switch.
Page 275 User’s Manual of MGSW-28240F  Single 802.1X  Multi 802.1X  MAC-based Auth. Direction Name IEEE Name Description Access dot1xAuthBackendAcce 802.1X-based: Challenges ssChallenges Counts the number of times that the switch receives the first request from the backend server following the first response from the supplicant.
Page 276 User’s Manual of MGSW-28240F that the switch receives a failure message. This indicates that the supplicant/client has not authenticated to the backend server. Responses dot1xAuthBackendResp 802.1X-based: onses Counts the number of times that the switch attempts to send a supplicant's first response packet to the backend server.
Page 277 User’s Manual of MGSW-28240F Version dot1xAuthLastEapolF 802.1X-based: rameVersion The protocol version number carried in the most recently received EAPOL frame. MAC-based: Not applicable. Identity 802.1X-based: The user name (supplicant identity) carried in the most recently received Response Identity EAPOL frame.
Page 278 User’s Manual of MGSW-28240F through the Port Security module. • State The client can either be authenticated or unauthenticated. In the authenticated state, it is allowed to forward frames on the port, and in the unauthenticated state, it is blocked. As long as the backend server hasn't successfully authenticated the client, it is unauthenticated.
Page 279: Authentication Server Configuration
User’s Manual of MGSW-28240F 4.11.6 Authentication Server Configuration This page allows you to configure the Authentication Servers. The Authentication Server Configuration screen in Figure 4-11-7 appears. Figure 4-11-7: Authentication Server Configuration Page Screenshot...
Page 280 User’s Manual of MGSW-28240F The page includes the following fields: Port State These setting are common for all of the Authentication Servers. Object Description • Timeout The Timeout, which can be set to a number between 3 and 3600 seconds, is the maximum time to wait for a reply from a server.
Page 281 User’s Manual of MGSW-28240F RADIUS Accounting Server Configuration The table has one row for each RADIUS Accounting Server and a number of columns, which are: Object Description • # The RADIUS Accounting Server number for which the configuration below applies.
Page 282: Radius Overview
User’s Manual of MGSW-28240F 4.11.7 RADIUS Overview This page provides an overview of the status of the RADIUS servers configurable on the Authentication configuration page. The RADIUS Authentication/Accounting Server Overview screen in Figure 4-11-8 appears. Figure 4-11-8: RADIUS Authentication/Accounting Server Overview Page Screenshot...
Page 283 User’s Manual of MGSW-28240F expires. The number of seconds left before this occurs is displayed in parentheses. This state is only reachable when more than one server is enabled. RADIUS Accounting Server Object Description • # The RADIUS server number. Click to navigate to detailed statistics for this server.
Page 284: Radius Details
User’s Manual of MGSW-28240F 4.11.8 RADIUS Details This page provides detailed statistics for a particular RADIUS server. The RADIUS Authentication/Accounting for Server Overview screen in Figure 4-11-9 appears. Figure 4-11-9: RADIUS Authentication/Accounting for Server Overview Page Screenshot The page includes the following fields: RADIUS Authentication Servers The statistics map closely to those specified in RFC4668 - RADIUS Authentication Client MIB.
Page 285 User’s Manual of MGSW-28240F or invalid) received from the server. Access Rejects radiusAuthClientExtA The number of RADIUS ccessRejects Access-Reject packets (valid or invalid) received from the server. Access radiusAuthClientExtA The number of RADIUS Challenges ccessChallenges Access-Challenge packets (valid or invalid) received from the server.
Page 286 User’s Manual of MGSW-28240F reason. Access radiusAuthClientExtA The number of RADIUS Requests ccessRequests Access-Request packets sent to the server. This does not include retransmissions. Access radiusAuthClientExtA The number of RADIUS Retransmissio ccessRetransmission Access-Request packets retransmitted to the RADIUS authentication server.
Page 287 User’s Manual of MGSW-28240F State Shows the state of the server. It takes one of the following values: Disabled: The selected server is disabled. Not Ready: The server is enabled, but IP communication is not yet up and running. Ready: The server is enabled, IP communication is up and running, and the RADIUS module is ready to accept access attempts.
Page 288 User’s Manual of MGSW-28240F an invalid length. Bad authenticators or or unknown types are not included as malformed access responses. radiusAcctClientExt The number of RADIUS Authenticators BadAuthenticators packets containing invalid authenticators received from the server. Unknown Types radiusAccClientExt The number of RADIUS...
Page 289 User’s Manual of MGSW-28240F the same server, send to a different server, or give up. A retry to the same server is counted as a retransmit as well as a timeout. A send to a different server is counted as a Request as well as a timeout.
Page 290: Windows Platform Radius Server Configuration
User’s Manual of MGSW-28240F Buttons Auto-refresh : Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. : Click to refresh the page immediately. : Clears the counters for the selected server. The "Pending Requests" counter will not be cleared by this operation.
Page 291 User’s Manual of MGSW-28240F Add New RADIUS Cleint on the Windows 2003 server Figure 4-11-11: Windows Server – Add New RADIUS Client Setting Assign the client IP address to the Managed Switch. Figure 4-11-12: Windows Server RADIUS Server Setting...
Page 292 User’s Manual of MGSW-28240F The shared secret key should be as same as the key configured on the Managed Switch. Figure 4-11-13: Windows Server RADIUS Server Setting Configure ports attribute of 802.1X, the same as “802.1X Port Configuration”. Figure 4-11-14: 802.1x Port Configuration Create user data.
Page 293 User’s Manual of MGSW-28240F Figure 4-11-15: Windows 2003 AD Server Setting Path...
Page 294 User’s Manual of MGSW-28240F Enter ” Active Directory Users and Computers”, create legal user data, the next, right-click a user what you created to enter properties, and what to be noticed: Figure 4-11-16: Add User Properties Screen Figure 4-11-17: Add User Properties Screen...
Page 295: Client Configuration
User’s Manual of MGSW-28240F Set the Ports Authenticate Status to “Force Authorized” if the port is connected to the RADIUS server or the port is an uplink port that is connected to another switch. Or once the 802.1X status works, the switch might not be able to access the RADIUS server.
Page 296 User’s Manual of MGSW-28240F Select “Authentication” tab. Select “Enable network access control using IEEE 802.1X” to enable 802.1x authentication. Select “MD-5 Challenge” from the drop-down list box for EAP type. Figure 4-11-19 Click “OK”. When client has associated with the Managed Switch, a user authentication notice appears in system tray. Click on the notice to continue.
Page 297 User’s Manual of MGSW-28240F Enter the user name, password and the logon domain that your account belongs. 10. Click “OK” to complete the validation process. Figure 4-11-21...
Page 298: Security
User’s Manual of MGSW-28240F 4.12 Security This section is to control the access of the Managed Switch, includes the user access and management control. The Security page contains links to the following main topics:  Port Limit Control  Access Management ...
Page 299 User’s Manual of MGSW-28240F...
Page 300 User’s Manual of MGSW-28240F Figure 4-12-1: Port Limit Control Configuration Overview Page Screenshot The page includes the following fields: System Configuration Object Description • Mode Indicates if Limit Control is globally enabled or disabled on the switchstack. If globally disabled, other modules may still use the underlying functionality, but limit checks and corresponding actions are disabled.
Page 301 User’s Manual of MGSW-28240F modules may still use the underlying port security features without enabling Limit Control on a given port. • Limit The maximum number of MAC addresses that can be secured on this port. This number cannot exceed 1024. If the limit is exceeded, the corresponding action is taken.
Page 302 User’s Manual of MGSW-28240F Note, that clicking the reopen button causes the page to be refreshed, so non-committed changes will be lost. Buttons : Click to save changes. Click to undo any changes made locally and revert to previously saved values.
Page 303: Access Management
User’s Manual of MGSW-28240F 4.12.2 Access Management Configure access management table on this page. The maximum entry number is 16. If the application's type match any one of the access management entries, it will allow access to the switch. The Access Management Configuration screen in...
Page 304: Access Management Statistics
User’s Manual of MGSW-28240F 4.12.3 Access Management Statistics This page provides statistics for access management. The Access Management Statistics screen in Figure 4-12-3 appears. Figure 4-12-3: Access Management Statistics Overview Page Screenshot The page includes the following fields: Object Description •...
Page 305: Https
User’s Manual of MGSW-28240F 4.12.4 HTTPs Configure HTTPS on this page. The HTTPS Configuration screen in Figure 4-12-4 appears. Figure 4-12-4: HTTPS Configuration Screen Page Screenshot The page includes the following fields: Object Description • Mode Indicates the HTTPS mode operation. Possible modes are: ...
Page 306: Ssh
User’s Manual of MGSW-28240F 4.12.5 SSH Configure SSH on this page. This page shows the Port Security status. Port Security is a module with no direct configuration. Configuration comes indirectly from other modules - the user modules. When a user module has enabled port security on a port, the port is set-up for software-based learning.
Page 307: Port Security Status
User’s Manual of MGSW-28240F 4.12.6 Port Security Status This page shows the Port Security status. Port Security is a module with no direct configuration. Configuration comes indirectly from other modules - the user modules. When a user module has enabled port security on a port, the port is set-up for software-based learning.
Page 308 User’s Manual of MGSW-28240F The page includes the following fields: User Module Legend The legend shows all user modules that may request Port Security services. Object Description • User Module Name The full name of a module that may request Port Security services.
Page 309: Port Security Detail
User’s Manual of MGSW-28240F Buttons Auto-refresh : Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. : Click to refresh the page immediately. 4.12.7 Port Security Detail This page shows the MAC addresses secured by the Port Security module. Port Security is a module with no direct configuration.
Page 310: Dhcp Snooping
User’s Manual of MGSW-28240F If aging is disabled or a user module has decided to hold the MAC address indefinitely, a dash (-) will be shown. Buttons Auto-refresh : Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds.
Page 311 User’s Manual of MGSW-28240F Figure 4-12-8: DHCP Snooping Configuration Screen Page Screenshot...
Page 312: Dhcp Snooping Statistics
User’s Manual of MGSW-28240F The page includes the following fields: Object Description • Snooping Mode Indicates the DHCP snooping mode operation. Possible modes are: Enabled: Enable DHCP snooping mode operation. When enable DHCP snooping mode operation, the request DHCP messages will be forwarded to trusted ports and only allowed reply packets from trusted ports.
Page 313 User’s Manual of MGSW-28240F The page includes the following fields: Object Description • Rx and Tx Discover The number of discover (option 53 with value 1) packets received and transmitted. • Rx and Tx Offer The number of offer (option 53 with value 2) packets received and transmitted.
Page 314: Ip Source Guard Configuration
User’s Manual of MGSW-28240F 4.12.10 IP Source Guard Configuration IP Source Guard is a secure feature used to restrict IP traffic on DHCP snooping untrusted ports by filtering traffic based on the DHCP Snooping Table or manually configured IP Source Bindings. It helps prevent IP spoofing attacks when a host tries to spoof and use the IP address of another host.
Page 315 User’s Manual of MGSW-28240F Figure 4-12-10: IP Source Guard Configuration Screen Page Screenshot...
Page 316: Ip Source Guard Static Table
User’s Manual of MGSW-28240F The page includes the following fields: Object Description • Mode of IP Source Enable the Global IP Source Guard or disable the Global IP Source Guard. All Guard Configuration configured ACEs will be lost when the mode is enabled.
Page 317: Arp Inspection
User’s Manual of MGSW-28240F The page includes the following fields: Object Description • Delete Check to delete the entry. It will be deleted during the next save. • Port The logical port for the settings. • VLAN ID The VLAN ID for the settings.
Page 318 User’s Manual of MGSW-28240F Figure 4-12-12: ARP Inspection Configuration Screen Page Screenshot...
Page 319: Arp Inspection Static Table
User’s Manual of MGSW-28240F The page includes the following fields: Object Description • Mode of ARP Enable the Global ARP Inspection or disable the Global ARP Inspection. Inspection Configuration • Port Mode Specify ARP Inspection is enabled on which ports. Only when both Global Mode...
Page 320 User’s Manual of MGSW-28240F Buttons : Click to add a new entry. : Click to save changes. Click to undo any changes made locally and revert to previously saved values.
Page 321: Mac Address Table
User’s Manual of MGSW-28240F 4.13 MAC Address Table Switching of frames is based upon the DMAC address contained in the frame. The Managed Switch builds up a table that maps MAC addresses to switch ports for knowing which ports the frames should go to (based upon the DMAC address in the frame).
Page 322 User’s Manual of MGSW-28240F The page includes the following fields: Aging Configuration By default, dynamic entries are removed from the MAC table after 300 seconds. This removal is also called aging. Object Description • Disable Automatic Enables/disables the the automatic aging of dynamic entries Aging •...
Page 323: Mac Address Table Status
User’s Manual of MGSW-28240F Buttons : Click to add a new entry. : Click to save changes. Click to undo any changes made locally and revert to previously saved values. 4.13.2 MAC Address Table Status Dynamic MAC Table Entries in the MAC Table are shown on this page. The MAC Table contains up to 8192 entries, and is sorted first by VLAN ID, then by MAC address.
Page 324: Dynamic Arp Inspection Table
User’s Manual of MGSW-28240F The page includes the following fields: Object Description • Type Indicates whether the entry is a static or dynamic entry. • VLAN The VLAN ID of the entry. • The MAC address of the entry. MAC Address •...
Page 325: Dynamic Ip Source Guard Table
User’s Manual of MGSW-28240F the value of the first displayed entry, allowing for continuous refresh with the same start address. The “>>” will use the last entry of the currently displayed as a basis for the next lookup. When the end is reached the text "No more entries"...
Page 326 User’s Manual of MGSW-28240F starting point in the Dynamic IP Source Guard Table. Clicking the “Refresh” button will update the displayed table starting from that or the closest next Dynamic IP Source Guard Table match. In addition, the two input fields will - upon a “Refresh” button click - assume the value of the first displayed entry, allowing for continuous refresh with the same start address.
Page 327: Lldp
User’s Manual of MGSW-28240F 4.14 LLDP 4.14.1 Link Layer Discovery Protocol Link Layer Discovery Protocol (LLDP) is used to discover basic information about neighboring devices on the local broadcast domain. LLDP is a Layer 2 protocol that uses periodic broadcasts to advertise information about the sending device. Advertised information is represented in Type Length Value (TLV) format according to the IEEE 802.1ab standard, and can include details...
Page 328 User’s Manual of MGSW-28240F Figure 4-14-1: LLDP Configuration Page Screenshot...
Page 329 User’s Manual of MGSW-28240F The page includes the following fields: LLDP Parameters Object Description • Tx Interval The switch is periodically transmitting LLDP frames to its neighbors for having the network discovery information up-to-date. The interval between each LLDP frame is determined by the Tx Interval value. Valid values are restricted to 5 - 32768 seconds.
Page 330 User’s Manual of MGSW-28240F from neighbor units is analyzed.  Tx only The switch will drop LLDP information received from neighbors, but will send out LLDP information.  Disabled The switch will not send out LLDP information, and will drop LLDP information received from neighbors.
Page 331: Lldp-Med Configuration
User’s Manual of MGSW-28240F by this TLV is described in IEEE 802.1AB. • Management Address Optional TLV: When checked the "management address" is included in LLDP information transmitted. The management address protocol packet includes the IPv4 address of the switch. If no management address is available, the address should be the MAC address for the CPU or for the port sending this advertisement.
Page 332 User’s Manual of MGSW-28240F The page includes the following fields: Fast start repeat count Object Description • Fast start repeat count Rapid startup and Emergency Call Service Location Identification Discovery of endpoints is a critically important aspect of VoIP systems in general.In addition, it...
Page 333 User’s Manual of MGSW-28240F It is possible to specify the direction to either North of the equator or South of the equator. • Longitude Longitude SHOULD be normalized to within 0-180 degrees with a maximum of 4 digits. It is possible to specify the direction to either East of the prime meridian or West of the prime meridian.
Page 334 User’s Manual of MGSW-28240F • City district City division, borough, city district, ward, chou (Japan) • Block (Neighborhood) Neighborhood, block • Street Street - Example: Poppelvej • Leading street Leading street direction - Example: N direction • Trailing street suffix Trailing street suffix - Example: SW •...
Page 335 User’s Manual of MGSW-28240F Policies Network Policy Discovery enables the efficient discovery and diagnosis of mismatch issues with the VLAN configuration, along with the associated Layer 2 and Layer 3 attributes, which apply for a set of specific protocol applications on that port. Improper network policy configurations are a very significant issue in VoIP environments that frequently result in voice quality degradation or loss of service.
Page 336 User’s Manual of MGSW-28240F different policy for the voice signaling than for the voice media. This application type should not be advertised if all the same network policies apply as those advertised in the Voice application policy. Guest Voice - support a separate 'limited feature-set' voice service for guest users and visitors with their own IP Telephony handsets and other similar appliances supporting interactive voice services.
Page 337 User’s Manual of MGSW-28240F • L2 Priority L2 Priority is the Layer 2 priority to be used for the specified application type. L2 Priority may specify one of eight priority levels (0 through 7), as defined by IEEE 802.1D-2004. A value of 0 represents use of the default priority as defined in IEEE 802.1D-2004.
Page 338: Lldp-Med Neighbor
User’s Manual of MGSW-28240F 4.14.4 LLDP-MED Neighbor This page provides a status overview for all LLDP-MED neighbors. The displayed table contains a row for each port on which an LLDP neighbor is detected. The LLDP-MED Neighbor Information screen in Figure 4-14-3 appears.
Page 339 User’s Manual of MGSW-28240F Within the LLDP-MED Endpoint Device category, the LLDP-MED scheme is broken into further Endpoint Device Classes, as defined in the following. Each LLDP-MED Endpoint Device Class is defined to build upon the capabilities defined for the previous Endpoint Device Class. Fore-example will any...
Page 340 User’s Manual of MGSW-28240F communication appliances that directly support the end user. Discovery services defined in this class include provision of location identifier (including ECS / E911 information), embedded L2 switch support, inventory management • LLDP-MED LLDP-MED Capabilities describes the neighbor unit's LLDP-MED capabilities.
Page 341 User’s Manual of MGSW-28240F Video Signaling - for use in network topologies that require a separate policy for the video signaling than for the video media. • Policy Policy Unknown: The network policy for the specified application type is currently unknown.
Page 342: Neighbor
User’s Manual of MGSW-28240F 4.14.5 Neighbor This page provides a status overview for all LLDP neighbors. The displayed table contains a row for each port on which an LLDP neighbor is detected. The LLDP Neighbor Information screen in Figure 4-14-4 appears.
Page 343: Port Statistics
User’s Manual of MGSW-28240F 4.14.6 Port Statistics This page provides an overview of all LLDP traffic. Two types of counters are shown. Global counters are counters that refer to the whole stack, switch, while local counters refer to counters for the currently selected switch. The LLDP Statistics screen in Figure 4-14-5 appears.
Page 344 User’s Manual of MGSW-28240F Entries Deleted • Total Neighbors Shows the number of LLDP frames dropped due to that the entry table was full. Entries Dropped • Shows the number of entries deleted due to Time-To-Live expiring. Total Neighbors Entries Aged Out Local Counters The displayed table contains a row for each port.
Page 345: Diagnostics
User’s Manual of MGSW-28240F 4.15 Diagnostics This section provide the Physical layer and IP layer network diagnostics tools for troubleshoot. The diagnostic tools are designed for network manager to help them quickly diagnose problems between point to point and better service customers.
Page 346: Ping
User’s Manual of MGSW-28240F 4.15.1 Ping This page allows you to issue ICMP PING packets to troubleshoot IP connectivity issues. After you press “Start”, 5 ICMP packets are transmitted, and the sequence number and roundtrip time are displayed upon reception of a reply. The page refreshes automatically until responses to all packets are received, or until a timeout occurs. The...
Page 347: Ipv6 Ping
User’s Manual of MGSW-28240F 4.15.2 IPv6 Ping This page allows you to issue ICMPv6 PING packets to troubleshoot IPv6 connectivity issues. After you press “Start”, 5 ICMPv6 packets are transmitted, and the sequence number and roundtrip time are displayed upon reception of a reply.
Page 348 User’s Manual of MGSW-28240F Figure 4-15-3: Remote IP Ping Test Page Screenshot...
Page 349: Cable Diagnostics
User’s Manual of MGSW-28240F The page includes the following fields: Object Description • Port The logical port for the settings. • Remote IP Address The destination IP Address. • The payload size of the ICMP packet. Values range from 8 bytes to 1400 bytes.
Page 350: Loop Protection
User’s Manual of MGSW-28240F The page includes the following fields: Object Description • Port The port where you are requesting Cable Diagnostics. Please be noticed that it is only affect to copper port, not fiber port. • Cable Status Port: Port number.
Page 351 User’s Manual of MGSW-28240F Figure 4-16-1: Loop Protection Configuration Page Screenshot...
Page 352: Status
User’s Manual of MGSW-28240F The page includes the following fields: General Settings: Object Description • Enable Loop Controls whether loop protections is enabled (as a whole). Protection • Transmission Time The interval between each loop protection PDU sent on each port. valid values are 1 to 10 seconds.
Page 353 User’s Manual of MGSW-28240F The page includes the following fields: Object Description • Port The switch port number of the logical port. • The currently configured port action. Action • Transmit The currently configured port transmit mode. • Loops The number of loops detected on this port.
Page 354: Rmon
User’s Manual of MGSW-28240F 4.17 RMON RMON is the most important expansion of the standard SNMP. RMON is a set of MIB definitions, used to define standard network monitor functions and interfaces, enabling the communication between SNMP management terminals and remote monitors.
Page 355 User’s Manual of MGSW-28240F framing characters.  InUcastPkts: The number of uni-cast packets delivered to a higher-layer protocol.  InNUcastPkts: The number of broad-cast and multi-cast packets delivered to a higher-layer protocol.  InDiscards: The number of inbound packets that are discarded even the packets are normal.
Page 356: Rmon Alarm Status
User’s Manual of MGSW-28240F Buttons : Click to add a new community entry. : Click to save changes. Click to undo any changes made locally and revert to previously saved values. 4.17.2 RMON Alarm Status This page provides an overview of RMON Alarm entries. Each page shows up to 99 entries from the Alarm table, default being 20, selected through the "entries per page"...
Page 357: Rmon Event Configuration
User’s Manual of MGSW-28240F Buttons Auto-refresh : Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. : Click to refresh the page immediate. Updates the table starting from the first entry in the Alarm Table, i.e. the entry with the lowest ID.
Page 358: Rmon Event Status
User’s Manual of MGSW-28240F Buttons : Click to add a new community entry. : Click to save changes. Click to undo any changes made locally and revert to previously saved values. 4.17.4 RMON Event Status This page provides an overview of RMON Event table entries.Each page shows up to 99 entries from the Event table, default being 20, selected through the "entries per page"...
Page 359: Rmon History Configuration
User’s Manual of MGSW-28240F 4.17.5 RMON History Configuration Configure RMON History table on this page. The entry index key is ID; screen in Figure 4-17-5 appears. Figure 4-17-5: RMON history configuration page screenshot The page includes the following fields: Object Description •...
Page 360 User’s Manual of MGSW-28240F Figure 4-17-6: RMON history overview page screenshot The page includes the following fields: Object Description • History Index Indicates the index of History control entry. • Sample Index Indicates the index of the data entry associated with the control entry •...
Page 361: Rmon Statistics Configuration
User’s Manual of MGSW-28240F Buttons Auto-refresh : Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. : Click to refresh the page immediate. Updates the table starting from the first entry in the Alarm Table, i.e. the entry with the lowest ID.
Page 362 User’s Manual of MGSW-28240F Figure 4-17-8 appears. Figure 4-17-8: RMON Statistics Status page screenshot The page includes the following fields: Object Description • ID Indicates the index of Statistics entry. • Data Source (iflndex) The port ID which wants to be monitored.
Page 363 User’s Manual of MGSW-28240F • 65~127 The total number of packets (including bad packets) received that were from 65 to 127 octets in length. • 128~255 The total number of packets (including bad packets) received that were from 128 to 255 octets in length.
Page 364: Ptp
User’s Manual of MGSW-28240F 4.18 PTP 4.18.1 PTP Configuration PTP is an acronym for Precision Time Protocol, a network protocol for synchronizing the clocks of computer systems. This page allows the user to configure and inspect the current PTP clock settings.
Page 365: Ptp Status
User’s Manual of MGSW-28240F • Clock Frequency This will allow setting the Clock Frequency. The possible range of values are 1 - 25000000 (1 - 25MHz) 4.18.2 PTP Status PTP is an acronym for Precision Time Protocol, a network protocol for synchronizing the clocks of computer systems. This page allows the user to configure and inspect the current PTP clock settings.
Page 366 User’s Manual of MGSW-28240F • Clock Instance Indicates the Instance of a particular Clock Instance [0..3]. Click on the Clock Instance number to monitor the Clock details • Device Type Indicates the Type of the Clock Instance. There are five Device Types.
Page 367: Ring
User’s Manual of MGSW-28240F 4.19 Ring ITU-T G.8032 Ethernet Ring protection switching (ERPS) is a link layer protocol applied on Ethernet loop protection to provide sub-50ms protection and recovery switching for Ethernet traffic in a ring topology. ERPS provides a faster redundant recovery than Spanning Tree topology. The action is similar to STP or RSTP, but the algorithms between them are not the same.
Page 368: Mep Configuration
User’s Manual of MGSW-28240F 4.19.1 MEP Configuration The Maintenance Entity Point instances are configured here as screen in Figure 4-19-1 is shown below: Figure 4-19-1: MEP configuration page screenshot The page includes the following fields: Object Description • Delete This box is used to mark an MEP for deletion in next Save operation.
Page 369: Detailed Mep Configuration
User’s Manual of MGSW-28240F • Domain Port: This is an MEP in the Port Domain. 'Flow Instance' is a Port. Esp: Future use Evc: This is an MEP in the EVC Domain. 'Flow Instance' is an EVC Mpls: Future use •...
Page 370 User’s Manual of MGSW-28240F Figure 4-19-2: Detailed MEP configuration page screenshot The page includes the following fields: Instance Data: Object Description • MEP Instance The ID of the MEP. • Domain See help on MEP create WEB. • Mode See help on MEP create WEB.
Page 371 User’s Manual of MGSW-28240F • Format This is the configuration of the two possible Maintenance Association Identifier formats. ITU ICC: This is defined by ITU. 'ICC' can be max. 6 char. 'MEG id' can be max. 7 char. IEEE String: This is defined by IEEE. 'Domain Name' can be max. 8 char. 'MEG id' can be max.
Page 372 User’s Manual of MGSW-28240F Buttons : Click to add a new peer MEP. Functional Configuration Instance Data: Object Description • Enable Continuity Check based on transmitting/receiving CCM PDU can be enabled/disabled. The CCM PDU is always transmitted as Multi-cast Class 1.
Page 373: Ethernet Ring Protocol Switch
User’s Manual of MGSW-28240F in G.8032. • Type R-APS: APS PDU is transmitted as R-APS - this is for ERPS. L-APS: APS PDU is transmitted as L-APS - this is for ELPS. • Last Octet This is the last octet of the transmitted and expected RAPS multi-cast MAC. In G.8031 (03/2010) a RAPS multi-cast MAC is defined as 01-19-A7-00-00-XX.
Page 374: Ethernet Ring Protocol Switch Configuration
User’s Manual of MGSW-28240F • Port 1 SF MEP The Port 1 Signal Fail reporting MEP. As only one SF MEP is associated with interconnected sub-ring without virtual channel, it is configured as "0" for such ring instances. "0" in this field indicates that no Port 1 SF MEP is associated with this instance.
Page 375 User’s Manual of MGSW-28240F Figure 4-19-4: Ethernet Ring Protocol Switch Configuration page screenshot The page includes the following fields: Instant Data: Object Description • ERPS ID The ID of the Protection group. • Port 0 See help on ERPS create WEB.
Page 376 User’s Manual of MGSW-28240F R-APS messages. The period of the guard timer can be configured in 10 ms steps between 10 ms and 2 seconds, with a default value of 500 ms • WTR Time The Wait To Restore timing value to be used in revertive switching.
Page 377 User’s Manual of MGSW-28240F • Protection State ERPS state according to State Transition Tables in G.8032. • Port 0 OK: State of East port is ok SF: State of East port is Signal Fail • Port 1 OK: State of West port is ok SF: State of West port is Signal Fail •...
Page 378: Ring Wizard
User’s Manual of MGSW-28240F 4.19.5 Ring Wizard This page allows the user to configure the ERPS by wizard; screen in Figure 4-19-4 appears. Figure 4-19-5: Ring Wizard page screenshot The page includes the following fields: Object Description • All Switch Numbers Set all the switch numbers for the ring group.
Page 379: Ring Wizard Example
User’s Manual of MGSW-28240F 4.19.6 Ring Wizard Example: Figure 4-19-6: Ring Example Diagram The above topology often occurs on using ERPS protocol. The multi switch constitutes a single ERPS ring; all of the switches only are configured as an ERPS in VLAN 3001, thereby constituting a single MRPP ring.
Page 380 User’s Manual of MGSW-28240F Setup steps Set ERPS Configuration on Switch 1 Connect PC to switch 1 directly; don’t connect to port 1 & 2 Log-in on the Switch 1 and click “Ring > Ring Wizard” Set “All Switch Number” = 3 and “Number ID” = 1; click “Next” button to set the ERPS configuration for Switch 1.
Page 381 User’s Manual of MGSW-28240F To avoid loop, please don’t connect switch 1, 2 & 3 together in the ring topology before configuring the end of ERPS . Follow the configuration or ERPS wizard to connect the Switch 1, 2 & 3 together to establish ERPS application: MEP2 ←→...
Page 382: Command Line Interface
User’s Manual of MGSW-28240F 5. COMMAND LINE INTERFACE 5.1 Accessing the CLI When accessing the management interface for the Managed Switch via a Telnet connection, the Managed Switch can be managed by entering command keywords and parameters at the prompt. Using the Managed Switch's command-line interface (CLI) is very similar to entering commands on a UNIX system.
Page 383: Command Line Mode
User’s Manual of MGSW-28240F 6. COMMAND LINE MODE The CLI groups all the commands in appropriate modes according to the nature of the command. A sample of the CLI command modes are described below. Each of the command modes supports specific software commands.
Page 384: System Command
User’s Manual of MGSW-28240F 6.1 System Command System Configuration Description: Show system configuration. Syntax: System Configuration [all] [<port_list>] Parameters: : Show all switch configuration, default: Show system configuration port : Show switch port configuration <port_list>: Port list or 'all', default: All ports...
Page 385: System Timezone Configuration
User’s Manual of MGSW-28240F Example: To display system log information: MGSW-28240F:/>System log configuration System Log Configuration: ========================= System Log Server Mode : Disabled System Log Server Address : System Log Level : Info MGSW-28240F:/> System Timezone Configuration Description: Show System Timezone configuration.
Page 386: System Log Server Mode
User’s Manual of MGSW-28240F System Log Server Mode Description: Show or set the system log server mode. Syntax: System Log Server Mode [enable|disable] Parameters: enable : Enable system log server mode disable: Disable system log server mode (default: Show system Log server mode)
Page 387: System Timezone Offset
User’s Manual of MGSW-28240F System Timezone Offset Description: Set or show the system timezone offset. Syntax: System Timezone Offset [<offset>] Parameters: <offset>: Time zone offset in minutes (-7200 to 7201) relative to UTC System Contact Description: Set or show the system contact.
Page 388: System Timezone Acronym
User’s Manual of MGSW-28240F Default Setting: empty Example: To set log server address: MGSW-28240F:/> log server address 192.168.0.21 System Timezone Acronym Description: Set or show the system timezone acronym. Syntax: System Timezone Acronym [<acronym>] Parameters: <acronym>: Time zone acronym ( 0 - 16 characters )
Page 389: System Log Level
User’s Manual of MGSW-28240F Parameters: <location>: System location string. (1-255) Use 'clear' or "" to clear the string In CLI, no blank or space characters are permitted as part of a location. Default Setting: empty Example: To set device location: MGSW-28240F:/>System location MyOffice...
Page 390: System Dst Start
User’s Manual of MGSW-28240F Syntax: System DST Mode [disable|recurring|non-recurring] Parameters: disable: Disable Daylight Saving Time recurring : Enable Daylight Saving Time as recurring mode non-recurring : Enable Daylight Saving Time as non-recurring mode Default Setting: Disabled System DST Start Description: Set or show the daylight saving time start time settings.
Page 391: System Dst End
User’s Manual of MGSW-28240F : Show all levels (default) info : Show informations warning : Show warnings error : Show errors System DST End Description: end: Set or show the daylight saving time end time settings. Syntax: System DST end <week> <day> <month> <date> <year> <hour> <minute>...
Page 392: System Reboot
User’s Manual of MGSW-28240F System Reboot Description: Reboot the system. Syntax: System Reboot Example: To reboot device without changing any of the settings: MGSW-28240F:/>system reboot System DST Offset Description: Set or show the daylight saving time offset. Syntax: System DST Offset [<dst_offset>] Parameters: <dst_offset>: DST offset in minutes (1 to 1440)
Page 393: System Load
User’s Manual of MGSW-28240F System Load Description: Show current CPU load: 100ms, 1s and 10s running average (in percent, zero is idle). Syntax: System Load Example: To show current CPU load: MGSW-28240F:/>system load Load average(100ms, 1s, 10s):...
Page 394: Ip Command
User’s Manual of MGSW-28240F 6.2 IP Command IP Configuration Description: Show IP configuration. Syntax: IP Configuration Example: Show IP configuration: MGSW-28240F:/>ip configuration IP Configuration: ================= DHCP Client : Disabled IP Address : 192.168.0.101 IP Mask : 255.255.255.0 IP Router : 192.168.0.253 DNS Server : 0.0.0.0...
Page 395: Ip Setup
User’s Manual of MGSW-28240F Parameters: enable : Enable or renew DHCP client disable: Disable DHCP client Default Setting: Disable Example: Disable DHCP sever: MGSW-28240F:/>ip dhcp disable IP Setup Description: Set or show the IP setup. Syntax: IP Setup [<ip_addr>] [<ip_mask>] [<ip_router>] [<vid>] Parameters: <ip_addr>...
Page 396: Ip Ping
User’s Manual of MGSW-28240F IP Ping Description: Ping IP address (ICMP echo). Syntax: IP Ping <ip_addr_string> [(Length <ping_length>)] [(Count <ping_count>)] [(Interval <ping_interval>)] Parameters: <ip_addr_string>: IPv4 host address (a.b.c.d) or a host name string length : PING Length keyword <ping_length> : Ping ICMP data length (2-1452; Default is 56), excluding MAC, IP and ICMP headers...
Page 397: Ip Dns Proxy
User’s Manual of MGSW-28240F IP DNS Proxy Description: Set or show the IP DNS Proxy mode. Syntax: IP DNS_Proxy [enable|disable] Parameters: enable : Enable DNS Proxy disable: Disable DNS Proxy Default Setting: disable Example: Enable DNS proxy function: MGSW-28240F:/>ip dns_proxy enable...
Page 398: Ipv6 Setup
IPv6 Link-Local Address: fe80::6082:cdb9:19ab:c0e2 IPv6 Address : ::192.168.0.100 IPv6 Prefix : 96 IPv6 Router : :: Example: Set IPv6 address: MGSW-28240F:/>ip ipv6 setup 2001::0002 64 2100::0001 IPv6 State Description: Set or show the IPv6 Interface operational state. Syntax: IP IPv6 State <ipv6_addr> [enable|disable]...
Page 399: Ipv6 Ping6
User’s Manual of MGSW-28240F Parameters: <ipv6_addr>: IPv6 address is in 128-bit records represented as eight fields of up to four hexadecimal digits with a colon separates each field (:). For example, four hexadecimal digits with a colon separates each field (:). For example, 'fe80::215:c5ff:fe03:4dc7'.
Page 400: Ip Ntp Mode
User’s Manual of MGSW-28240F IP NTP Configuration Default Setting: IP NTP Configuration: ===================== NTP Mode : Disabled Server IP host address (a.b.c.d) or a host name string ------------------------------------------------------ pool.ntp.org europe.pool.ntp.org north-america.pool.ntp.org asia.pool.ntp.org oceania.pool.ntp.org IP NTP Mode Description: Set or show the NTP mode.
Page 401: Ip Ntp Server Add
'::' is a special syntax that can be used as a shorthand way of representing multiple 16-bit groups of contiguous zeros; but it can only appear once. It also used a following legally IPv4 address. For example,'::192.1.2.34'. Example: To add IPv6 NTP server: MGSW-28240F:/>ip ntp server ipv6 add 1 2001:7b8:3:2c::123...
Page 402: Ip Ntp Server Delete
User’s Manual of MGSW-28240F IP NTP Server Delete Description: Delete NTP server entry. Syntax: IP NTP Server Delete <server_index> Parameters: <server_index>: The server index (1-5) Example: To delete NTP server: MGSW-28240F:/>ip ntp server delete 1...
Page 403: Port Management Command
User’s Manual of MGSW-28240F 6.3 Port Management Command Port Configuration Description: Show port configuration. Syntax: Port Configuration [<port_list>] [up|down] Parameters: <port_list>: Port list or 'all', default: All ports : Show ports, which are up down : Show ports, which are down...
Page 404: Port Flow Control
Port Flow Control [<port_list>] [enable|disable] Parameters: <port_list>: Port list or 'all', default: All ports enable : Enable flow control disable : Disable flow control (default: Show flow control mode) Default Setting: Disable Example: Enable flow control function for port1 MGSW-28240F:/>port flow control 1 enable...
Page 405: Port State
User’s Manual of MGSW-28240F Port State Description: Set or show the port administrative state. Syntax: Port State [<port_list>] [enable|disable] Parameters: <port_list>: Port list or 'all', default: All ports enable : Enable port disable : Disable port (default: Show administrative mode)
Page 406: Port Power
User’s Manual of MGSW-28240F Port Power Description: Set or show the port PHY power mode. Syntax: Port Power [<port_list>] [enable|disable|actiphy|dynamic] Parameters: <port_list>: Port list or 'all', default: All ports enable : Enable all power control disable: Disable all power control...
Page 407: Port Statistics
User’s Manual of MGSW-28240F Example: MGSW-28240F:/>port excessive 1 restart Port Statistics Description: Show port statistics. Syntax: Port Statistics [<port_list>] [<command>] [up|down] Parameters: <port_list>: Port list or 'all', default: All ports <command> : The command parameter takes the following values: clear...
Page 408: Port Sfp
User’s Manual of MGSW-28240F Port SFP Description: Show SFP port information. Syntax: Port SFP [<port_list>] Parameters: <port_list>: Port list or 'all', default: All ports Example: Show SFP information for port9-10 MGSW-28240F:/>port sfp Port Type Speed Wave Length(nm) Distance(m) ---- --------------...
Page 409: Mac Address Table Command
User’s Manual of MGSW-28240F 6.4 MAC Address Table Command MAC Configuration Description: Show MAC address table configuration. Syntax: MAC Configuration [<port_list>] Parameters: <port_list>: Port list or 'all', default: All ports Example: Show Mac address state MGSW-28240F:/>mac configuration MAC Configuration: ==================...
Page 410: Mac Delete
<port_list>: Port list or 'all' or 'none' <vid> : VLAN ID (1-4095), default: 1 Example: Add Mac address 00-30-4F-01-01-02 in port1 and vid1 MGSW-28240F:/>mac add 00-30-4f-01-01-02 1 1 MAC Delete Description: Delete MAC address entry. Syntax: MAC Delete <mac_addr> [<vid>] Parameters: <mac_addr>: MAC address (xx-xx-xx-xx-xx-xx)
Page 411: Mac Age Time
User’s Manual of MGSW-28240F Parameters: <mac_addr>: MAC address (xx-xx-xx-xx-xx-xx) <vid> : VLAN ID (1-4095), default: 1 Example: Lookup state of Mac address 00-30-4F-01-01-02 MGSW-28240F:/>mac lookup 00-30-4f-01-01-02 MAC Age Time Description: Set or show the MAC address age timer. Syntax: MAC Agetime [<age_time>] Parameters: <age_time>: MAC address age time (0,10-1000000) 0=disable,...
Page 412: Mac Dump
User’s Manual of MGSW-28240F auto : Automatic learning disable: Disable learning secure : Secure learning (default: Show learn mode) Default Setting: Auto Example: Set secure learning mode in port1 MGSW-28240F:/>mac learning 1 secure MAC Dump Description: Show sorted list of MAC address entries.
Page 413: Mac Statistics
User’s Manual of MGSW-28240F MAC Statistics Description: Show MAC address table statistics. Syntax: MAC Statistics [<port_list>] Parameters: <port_list>: Port list or 'all', (default: All ports) Example: Set all of MAC statistics MGSW-28240F:/>mac statistics Port Dynamic Addresses ---- ----------------- Total Dynamic Addresses: 1 Total Static Addresses : 6 MGSW-28240F:/>...
Page 414: Vlan Configuration Command
User’s Manual of MGSW-28240F 6.5 VLAN Configuration Command VLAN Configuration Description: Show VLAN configuration. Syntax: VLAN Configuration [<port_list>] Parameters: <port_list>: Port list or 'all', (default: All ports) Example: Show VLAN status of port1 MGSW-28240F:/>vlan configuration 1 VLAN Configuration: =================== Mode : IEEE 802.1Q...
Page 415: Vlav Pvid
User’s Manual of MGSW-28240F VLAV PVID Description: Set or show the port VLAN ID. Syntax: VLAN PVID [<port_list>] [<vid>|none] Parameters: <port_list>: Port list or 'all', default: All ports <vid>|none : Port VLAN ID (1-4095) or 'none', (default: Show port VLAN ID)
Page 416: Vlan Ingress Filter
User’s Manual of MGSW-28240F MGSW-28240F:/>vlan frametype 10 tagged VLAN Ingress Filter Description: Set or show the port VLAN ingress filter. Syntax: VLAN IngressFilter [<port_list>] [enable|disable] Parameters: <port_list>: Port list or 'all', default: All ports enable : Enable VLAN ingress filtering...
Page 417: Vlan Link Type
User’s Manual of MGSW-28240F IEEE 802.1Q Example: Set VLAN mode in port base MGSW-28240F:/>vlan mode portbased VLAN Link Type Description: Set or show the port VLAN link type. Syntax: VLAN LinkType [<port_list>] [untagged|tagged] Parameters: <port_list>: Port list or 'all', default: All ports...
Page 418: Vlan Ethernet Type
User’s Manual of MGSW-28240F Parameters: <port_list>: Port list or 'all', default: All ports disable : Disable Q-in-Q VLAN Mode : Q-in-Q MAN Port Mode customer : Q-in-Q Customer Port Mode (default: Show VLAN QinQ Mode) Example: Set port2 in man port MGSW-28240F:/>vlan qinq 2 man...
Page 419: Vlan Add
User’s Manual of MGSW-28240F Syntax: VLAN untagVID [<port_list>] [<untagvid>] Parameters: <port_list>: Port list or 'all', default: All ports <untagvid> : Port VLAN ID (0-4095) or 'none', default: Show port VLAN ID If Untag VID = 0 ,then disable untag VID function.
Page 420: Vlan Delete
Parameters: <vid>|<name>: VLAN ID (1-4095) or VLAN Name <port_list> : Port list or 'all', default: All ports Example: Frobidden add port1 to port4 in VLAN10 MGSW-28240F:/>vlan forbidden add 10 1-4 VLAN Delete Description: Delete VLAN entry. Syntax: VLAN Delete <vid>|<name>...
Page 421: Vlan Forbidden Lookup
User’s Manual of MGSW-28240F VLAN Forbidden Lookup Description: Lookup VLAN Forbidden port entry. Syntax: VLAN Forbidden Lookup [<vid>] [(name <name>)] Parameters: <vid> : VLAN ID (1-4095), default: Show all VLANs name : VLAN name string <name>: VLAN name - Maximum of 32 characters. VLAN Name can only contain alphabets or numbers.
Page 422: Vlan Name Add
<name>: VLAN name - Maximum of 32 characters. VLAN Name can only contain alphabets or numbers. VLAN name should contain atleast one alphabet. <vid> : VLAN ID (1-4095) Example: Add VLAN name for VLAN 1 MGSW-28240F:/>vlan name add test 1 VLAN Name Delete Description: Delete VLAN Name to VLAN ID Mapping. Syntax: VLAN Name Delete <name>...
Page 423: Vlan Name Lookup
User’s Manual of MGSW-28240F VLAN Name Lookup Description: Show VLAN Name table. Syntax: VLAN Name Lookup [<name>] Parameters: <name>: VLAN name - Maximum of 32 characters. VLAN Name can only contain alphabets or numbers. VLAN name should contain atleast one alphabet.
Page 424 User’s Manual of MGSW-28240F Promiscous Example: Show VLAN configuration of port10 MGSW-28240F:/>status 1 Port VLAN User PortType PVID Frame Type Ing Filter Tx Tag UVID Conflicts ---- ----------- ------------- ---- ---------- ----------- ----------- ----- --------- Static Unaware Disabled Untag This...
Page 425: Private Vlan Configuration Command
User’s Manual of MGSW-28240F 6.6 Private VLAN Configuration Command PVLAN Configuration Description: Show Private VLAN configuration. Syntax: PVLAN Configuration [<port_list>] Parameters: <port_list>: Port list or 'all', default: All ports Example: Show private VLAN configuration MGSW-28240F:/> pvlan configuration Private VLAN Configuration:...
Page 426: Pvlan Add
User’s Manual of MGSW-28240F PVLAN Add Description: Add or modify Private VLAN entry. Syntax: PVLAN Add <pvlan_id> [<port_list>] Parameters: <pvlan_id> : Private VLAN ID. The allowed range for a Private VLAN ID is the same as the switch port number range.
Page 427: Pvlan Isolate
User’s Manual of MGSW-28240F PVLAN Lookup [<pvlan_id>] Parameters: <pvlan_id>: Private VLAN ID, default: Show all PVLANs. The allowed range for a Private VLAN ID is the same as the switch port number range. Example: Lookup PVLAN MGSW-28240F:/>pvlan lookup PVLAN ID Ports...
Page 428: Security Command
User’s Manual of MGSW-28240F 6.7 Security Command Security Switch User Configuration Description: Show users configuration. Syntax: Security Switch Users Configuration Default Setting: User Name Privilege admin Example: Show users configuration MGSW-28240F:/>security switch user configuration Users Configuration: ==================== User Name Privilege Level...
Page 429: Security Switch User Delete
User’s Manual of MGSW-28240F Example: Add new user: username: test, password: test & privilege: 10 MGSW-28240F:/>security switch users add test test 10 Security Switch User Delete Description: Delete users entry. Syntax: Security Switch Users Delete <user_name> Parameters: <user_name>: A string identifying the user name that this entry should belong to. The allowed string length is (1-32). The...
Page 430: Security Switch Privilege Level Current
: Status/Statistics read-only privilege level (1-15) <srw> : Status/Statistics read-write privilege level (1-15) Example: Change privilege level of MVR group. MGSW-28240F:/>security switch privilege level group mvr 15 15 15 15 Security Switch Privilege Level Current Description: Show the current privilege level. Syntax:...
Page 431: Security Switch Auth Method
: Enable local authentication if remote authentication fails disable : Disable local authentication if remote authentication fails (The parameter is effective when it is typed) Default Setting: Disable Example: Use RADIUS authentication method for telnet. MGSW-28240F:/>security switch auth method telnet radius enable...
Page 432: Security Switch Ssh Configuration
Security Switch SSH Mode Description: Set or show the SSH mode. Syntax: Security Switch SSH Mode [enable|disable] Parameters: enable : Enable SSH disable: Disable SSH (default: Show SSH mode) Default Setting: enable Example: Enable SSH function. MGSW-28240F:/>security switch ssh mode enable...
Page 433: Security Switch Https Configuration
Security Switch HTTPs Mode Description: Set or show the HTTPS mode. Syntax: Security Switch HTTPS Mode [enable|disable] Parameters: enable : Enable HTTPs disable: Disable HTTPs (default: Show HTTPs mode) Default Setting: Enable Example: Enable HTTPs function. MGSW-28240F:/>security switch https mode enable...
Page 434: Security Switch Https Redirect
: Enable HTTPs redirect disable: Disable HTTPs redirect (default: Show HTTPs redirect mode) Default Setting: disable Example: Enable HTTPs redirect function. MGSW-28240F:/>security switch https redirect enable Security Switch Access Configuration Description: Show access management configuration. Syntax: Security Switch Access Configuration Example: Show access management configuration.
Page 435: Security Switch Access Mode
(default: Show access management mode) Default Setting: disable Example: Enable access management function. MGSW-28240F:/>security switch access mode enable Security Switch Access Add Description: Add access management entry, default: Add all supported protocols. Syntax: Security Switch Access Add <access_id> <start_ip_addr> <end_ip_addr> [web] [snmp] [telnet] Parameters: <access_id>...
Page 436: Security Switch Access Ipv6 Add
User’s Manual of MGSW-28240F MGSW-28240F:/>security switch access add 1 192.168.0.1 192.168.0.200 web Security Switch Access IPv6 Add Description: Add access management IPv6 entry, default: Add all supported protocols. Syntax: Security Switch Access Ipv6 Add <access_id> <start_ipv6_addr> <end_ipv6_addr> [web] [snmp] [telnet] Parameters: <access_id>...
Page 437: Security Switch Access Lookup
User’s Manual of MGSW-28240F Syntax: Security Switch Access Delete <access_id> Parameters: <access_id>: entry index (1-16) Example: Delete access management ID 1 MGSW-28240F:/>security switch access delete 1 Security Switch Access Lookup Description: Lookup access management entry. Syntax: Security Switch Access Lookup [<access_id>] Parameters: <access_id>...
Page 438: Security Switch Access Statistics
User’s Manual of MGSW-28240F Security Switch Access Statistics Description: Show or clear access management statistics. Syntax: Security Switch Access Statistics [clear] Parameters: clear: Clear access management statistics Example: Show access management statistics. MGSW-28240F:/>security switch access statistics Access Management Statistics: -----------------------------...
Page 439: Security Switch Snmp Version
: Enable SNMP disable: Disable SNMP (default: Show SNMP mode) Default Setting: enable Example: Disable SNMP mode. MGSW-28240F:/>security switch snmp mode disable Security Switch SNMP Version Description: Set or show the SNMP protocol version. Syntax: Security Switch SNMP Version [1|2c|3] Parameters:...
Page 440: Security Switch Snmp Write Community
(default: Show SNMP read community) Default Setting: public Example: Set SNMP read community private. MGSW-28240F:/>security switch snmp read community private Security Switch SNMP Write Community Description: Set or show the community string for SNMP write access. Syntax: Security Switch SNMP Write Community [<community>] Parameters: <community>: Community string.
Page 441: Security Switch Snmp Trap Version
(default: Show SNMP trap mode) Default Setting: disable Example: Enable SNMP trap mode. MGSW-28240F:/>security switch snmp trap mode enable Security Switch SNMP Trap Version Description: Set or show the SNMP trap protocol version. Syntax: Security Switch SNMP Trap Version [1|2c|3]...
Page 442: Security Switch Snmp Trap Community
(default: Show SNMP trap community) Default Setting: public Example: Set private value for SNMP trap community. MGSW-28240F:/>security switch snmp trap community private Security Switch SNMP Trap Destination Description: Set or Show the SNMP trap destination address. Syntax: Security Switch SNMP Trap Destination [<ip_addr_string>] Parameters: <ip_addr_string>: IP host address (a.b.c.d) or a host name string...
Page 443: Security Switch Snmp Trap Authentication Failure
16-bit groups of contiguous zeros; but it can only appear once. It also used a following legally IPv4 address. For example,'::192.1.2.34'. Example: Set SNMP trap IPv6 destination address for 2001::0001 MGSW-28240F:/>security switch snmp trap ipv6 destination 2001::0001 Security Switch SNMP Trap Authentication Failure Description: Set or show the SNMP authentication failure trap mode.
Page 444: Security Switch Snmp Trap Link-Up
Security Switch SNMP Trap Inform Mode [enable|disable] Parameters: enable : Enable SNMP trap inform disable: Disable SNMP trap inform (default: Show SNMP inform mode) Default Setting: enable Example: Disable SNMP trap inform mode. MGSW-28240F:/>security switch snmp trap inform mode disable...
Page 445: Security Switch Snmp Trap Inform Timeout
Security Switch SNMP Trap Inform Retry Times [<retries>] Parameters: <retries>: SNMP trap inform retransmited times (0-255) (default: Show SNMP trap inform retry times) Default Setting: Example: Set SNMP trap inform retry times in 10. MGSW-28240F:/>security switch snmp trap inform retry times 10...
Page 446: Security Switch Snmp Trap Probe Security Engine Id
(default: Show SNMP trap security engine ID probe mode) Default Setting: enable Example: Disable SNMP trap probe security engine ID MGSW-28240F:/>security switch snmp trap probe security engine id disable Security Switch SNMP Trap Security Engine ID Description: Set or show SNMP trap security engine ID. Syntax: Security Switch SNMP Trap Security Engine ID [<engineid>]...
Page 447: Security Switch Snmp Trap Security Name
(1-32), and the allowed content is ASCII characters from 33 to 126 Example: Set the SNMP trap security name MGSW-28240F:/>security switch snmp trap security name 12345678 Security Switch SNMP Engine ID Description: Set or show SNMPv3 local engine ID.
Page 448: Security Switch Snmp Community Delete
<ip_addr> : IP address (a.b.c.d), default: Show IP address <ip_mask> : IP subnet mask (a.b.c.d), default: Show IP mask Example: Add SNMPv3 community entry. MGSW-28240F:/>security switch snmp community add public 192.168.0.20 255.255.255.0 Security Switch SNMP Community Delete Description: Delete SNMPv3 community entry.
Page 449: Security Switch Snmp User Add
User’s Manual of MGSW-28240F Parameters: <index>: entry index (1-64) Example: Lookup SNMPv3 community entry MGSW-28240F:/>security switch snmp community lookup Idx Community Source IP Source Mask --- -------------------------------- --------------- --------------- public 192.168.0.20 255.255.255.0 private 0.0.0.0 0.0.0.0 Number of entries: 2 Security Switch SNMP User Add Description: Add SNMPv3 user entry.
Page 450: Security Switch Snmp User Delete
User’s Manual of MGSW-28240F MGSW-28240F:/>security switch snmp user add 800007e5017f000003 admin_snmpv3 md5 12345678 des abcdefgh Security Switch SNMP User Delete Description: Delete SNMPv3 user entry. Syntax: Security Switch SNMP User Delete <index> Parameters: <index>: entry index (1-64) Example: Delete SNMPv3 user entry MGSW-28240F:/>security switch snmp user delete 1...
Page 451: Security Switch Snmp User Lookup
Description: Lookup SNMPv3 user entry. Syntax: Security Switch SNMP User Lookup [<index>] Parameters: <index>: entry index (1-64) Example: Lookup SNMPv3 user entry MGSW-28240F:/>security switch snmp user lookup Idx Engine ID User Name Level Auth Priv --- --------- -------------------------------- -------------- ----...
Page 452: Security Switch Snmp Group Delete
User’s Manual of MGSW-28240F (1-32), and the allowed content is ASCII characters from 33 to 126 Example: Add SNMPv3 group entry MGSW-28240F:/>security switch snmp group add usm admin_snmpv3 group_snmpv3 Security Switch SNMP Group Delete Description: Delete SNMPv3 group entry. Syntax: Security Switch SNMP Group Delete <index>...
Page 453: Security Switch Snmp View Add
: An optional flag to indicate that this view subtree should excluded <oid_subtree>: The OID defining the root of the subtree to add to the named view Example: Add SNMPv3 view entry MGSW-28240F:/>security switch snmp view add snmpv3_view include .1 Security Switch SNMP View Delete Description: Delete SNMPv3 view entry.
Page 454: Security Switch Snmp View Lookup
User’s Manual of MGSW-28240F <index>: entry index (1-64) Example: Delete SNMPv3 view entry MGSW-28240F:/>security switch snmp view delete 3 Security Switch SNMP View Lookup Description: Lookup SNMPv3 view entry. Syntax: Security Switch SNMP View Lookup [<index>] Parameters: <index>: entry index (1-64)
Page 455: Security Switch Snmp Access Delete
The name of "None" is reserved. The allowed string length is (1-32), and the allowed content is ASCII characters from 33 to 126 Example: Add SNMPv3 access entry MGSW-28240F:/>security switch snmp access add group_snmpv3 usm authpriv snmpv3_view snmpv3_view Security Switch SNMP Access Delete Description: Delete SNMPv3 access entry.
Page 456: Security Switch Snmp Access Lookup
Lookup SNMPv3 access entry. Syntax: Security Switch SNMP Access Lookup [<index>] Parameters: <index>: entry index (1-64) Example: Lookup SNMPv3 access entry MGSW-28240F:/>security switch snmp access lookup Idx Group Name Model Level --- -------------------------------- ----- -------------- default_ro_group NoAuth, NoPriv default_rw_group NoAuth, NoPriv...
Page 457: Security Switch Rmon Statistics Lookup
User’s Manual of MGSW-28240F Syntax: Security Switch RMON Statistics Delete <stats_id> Parameters: <stats_id>: Statistics ID (1-65535). Security Switch RMON Statistics Lookup Description: Show RMON Statistics entries. Syntax: Security Switch RMON Statistics Lookup [<stats_id>] Parameters: <stats_id>: Statistics ID (1-65535). Security Switch RMON History Add Description: Add or modify RMON Hisotry entry.
Page 458: Security Switch Rmon History Lookup
User’s Manual of MGSW-28240F Syntax: Security Switch RMON History Delete <history_id> Parameters: <history_id> : History ID (1-65535). Security Switch RMON History Lookup Description: Show RMON History entries. Syntax: Security Switch RMON History Lookup [<history_id>] Parameters: <history_id> : History ID (1-65535).
Page 459: Security Switch Rmon Alarm Delete
User’s Manual of MGSW-28240F .1.3.6.1.2.1.2.2.1.18.xxx – ifOutNUcastPkts .1.3.6.1.2.1.2.2.1.19.xxx – ifOutDiscards .1.3.6.1.2.1.2.2.1.20.xxx – ifOutErrors .1.3.6.1.2.1.2.2.1.21.xxx – ifOutQLen "xxx" means the interface identified by a particular value of this index is the same interface as identified by the same value of OID 'ifIndex'.
Page 460: Security Switch Rmon Event Add
User’s Manual of MGSW-28240F Security Switch RMON Event Add Description: Add or modify RMON Event entry. The entry index key is <event_id>. Syntax: Security Switch RMON Event Add <event_id> [none|log|trap|log_trap] [<community>] [<description>] Parameters: <event_id> : Event ID (1-65535). none : Get the sample directly.
Page 461: Security Network Psec Switch
User’s Manual of MGSW-28240F Security Network Psec Switch Description: Show Port Security status. Syntax: Security Network Psec Switch [<port_list>] Parameters: <port_list>: Port list or 'all', default: All ports Example: Show port security status. MGSW-28240F:/>security network psec switch Users: L = Limit Control 8 = 802.1X...
Page 462: Security Network Limit Configuration
User’s Manual of MGSW-28240F Security Network Psec Port [<port_list>] Parameters: <port_list>: Port list or 'all', default: All ports Example: Show MAC address learned on port 1 MGSW-28240F:/>security network psec port 1 Port 1: ------- MAC Address State Added Age/Hold Time...
Page 463: Security Network Limit Mode
: Globally enable port security disable : Globally disable port security (default: Show current global enabledness of port security limit control) Default Setting: disable Example: Enable the limit mode MGSW-28240F:/>security network limit mode enable Security Network Limit Aging Description: Set or show aging enabledness.
Page 464: Security Network Limit Agetime
(default: Show current enabledness of aging) Default Setting: disable Example: Enable limit aging MGSW-28240F:/>security network limit aging enable Security Network Limit Agetime Description: Time in seconds between check for activity on learned MAC addresses. Syntax: Security Network Limit Agetime [<age_time>] Parameters: <age_time>: Time in seconds between checks for activity on a MAC address (10-10000000 seconds)
Page 465: Security Network Limit Limit
Default Setting: disable Example: Enable port limit for port 1 MGSW-28240F:/>security network limit port 1 enable Security Network Limit Limit Description: Set or show the max. number of MAC addresses that can be learned on this set of ports. Syntax: Security Network Limit Limit [<port_list>] [<limit>]...
Page 466: Security Network Limit Action
(default: Show current action) Default Setting: none Example: Set trap mode for limit action for port 1 MGSW-28240F:/>security network limit action 1 trap Security Network Limit Reopen Description: Reopen one or more ports whose limit is exceeded and shut down. Syntax: Security Network Limit Reopen [<port_list>]...
Page 467: Security Network Nas Configuration
Show 802.1X configuration. Syntax: Security Network NAS Configuration [<port_list>] Parameters: <port_list>: Port list or 'all', default: All ports Example: Show 802.1X configuration of port 1 MGSW-28240F:/>security network nas configuration 1 802.1X Configuration: ===================== Mode : Disabled Reauth. : Disabled Reauth. Period...
Page 468: Security Network Nas State
Globally disable 802.1X (default: Show current 802.1X global enabledness) Default Setting: disable Example: Enable IEEE802.1X function MGSW-28240F:/>security network nas mode enable Security Network NAS State Description: Set or show the port security state. Syntax: Security Network NAS State [<port_list>] [auto|authorized|unauthorized|single|multi|macbased] Parameters: <port_list>: Port list or 'all', default: All ports...
Page 469: Security Network Nas Reauthentication
User’s Manual of MGSW-28240F MGSW-28240F:/>security network nas state 1 Port Admin State Port State Last Source Last ID ---- ------------------ --------------------- ----------------- ------------------ Force Authorized Globally Disabled Security Network NAS Reauthentication Description: Set or show Reauthentication enabledness. Syntax: Security Network NAS Reauthentication [enable|disable]...
Page 470: Security Network Nas Eapoltimeout
Disable RADIUS-assigned VLAN either globally or on one or more ports (default: Show current RADIUS-assigned VLAN enabledness) Default Setting: disable Example: Enable RADIUS-assigned VLAN. MGSW-28240F:/>security network nas radius_vlan enable Security Network NAS EapolTimeout Description: Set or show the time between EAPOL retransmissions. Syntax: Security Network NAS EapolTimeout [<eapol_timeout>] Parameters: <eapol_timeout>: Time between EAPOL retransmissions (1-65535 seconds)
Page 471: Security Network Nas Holdtime
<age_time>: Time between checks for activitiy on a MAC address that succeeded autentication (default: Show current age time) Default Setting: Example: Set NAS age time in 1000sec MGSW-28240F:/>security network nas agetime 1000 Security Network NAS Holdtime Description: Time in seconds before a MAC-address that failed authentication gets a new authentication chance. Syntax: Security Network NAS Holdtime [<hold_time>]...
Page 472: Security Network Nas Radius_Vlan
(default: Show current RADIUS-assigned QoS enabledness) Default Setting: disable Example: Enable NAS RADIUS QoS MGSW-28240F:/>security network nas radius_qos enable Security Network NAS RADIUS_VLAN Description: Set or show either global enabledness (use the global keyword) or per-port enabledness of RADIUS-assigned VLAN. Syntax: Security Network NAS RADIUS_VLAN [global|<port_list>] [enable|disable]...
Page 473: Security Network Nas Guest_Vlan
User’s Manual of MGSW-28240F MGSW-28240F:/>security network nas radius_vlan enable Security Network NAS Guest_VLAN Description: Set or show either global enabledness and parameters (use the global keyword) or per-port enabledness of Guest VLAN Unless the 'global' keyword is used, the <reauth_max> and <allow_if_eapol_seen> parameters will not be unused..
Page 474: Security Network Nas Authenticate
Parameters: <port_list>: Port list or 'all', default: All ports now: Force reauthentication immediately Example: Start NAS authentication now for port 1. MGSW-28240F:/>security network nas authenticate 1 now Security Network NAS Statistics Description: Show or clear 802.1X statistics. Syntax: Security Network NAS Statistics [<port_list>] [clear|eapol|radius] Parameters: <port_list>: Port list or 'all', default: All ports...
Page 475: Security Network Acl Configuration
User’s Manual of MGSW-28240F Rx Response: Tx Request: Rx Start: Rx Logoff: Rx Invalid Type: Rx Invalid Length: Port 1 Backend Server Statistics: Rx Access Challenges: Tx Responses: Rx Other Requests: Rx Auth. Successes: Rx Auth. Failures: Security Network ACL Configuration Description: Show ACL Configuration.
Page 476: Security Network Acl Policy
<policy> : Policy number (1-8) Default Setting: Example: Set ACL policy 2 for port 1 MGSW-28240F:/>security network acl policy 1 2 Security Network ACL Rate Description: Set or show the ACL rate limiter. Syntax: Security Network ACL Rate [<rate_limiter_list>] [<rate_unit>] [<rate>]...
Page 477: Security Network Acl Add
: Rate in pps (0-100) or kbps (0, 100, 2*100, 3*100, ..., 1000000) Default Setting: Example: Set rate limit value in 100 for port 1 MGSW-28240F:/>security network acl rate 1 100 Security Network ACL Add Description: Add or modify Access Control Entry (ACE).
Page 478: Security Network Acl Delete
User’s Manual of MGSW-28240F <tagged> : Tagged of frames: any|enable|disable <vid> : VLAN ID (1-4095) or 'any' <tag_prio> : VLAN tag priority (0-7) or 'any' <dmac_type> : DMAC type: any|unicast|multicast|broadcast etype : Ethernet Type keyword <etype> : Ethernet Type: 0x600 - 0xFFFF or 'any' but excluding, 0x800(IPv4) 0x806(ARP) and 0x86DD(IPv6) <smac>...
Page 479: Security Network Acl Lookup
User’s Manual of MGSW-28240F Security Network ACL Delete <ace_id> Parameters: <ace_id>: ACE ID (1-256) Example: Delete ACE 1 MGSW-28240F:/>security network acl delete 1 Security Network ACL Lookup Description: Show ACE, default: All ACEs. Syntax: Security Network ACL Lookup [<ace_id>] Parameters: <ace_id>: ACE ID (1-256)
Page 480: Security Network Acl Status
User’s Manual of MGSW-28240F Security Network ACL Status Description: Show ACL status. Syntax: Security Network ACL Status [combined|static|dhcp|upnp|arp_inspection|ipmc|ip_source_guard|conflicts] Parameters: combined : Shows the combined status static : Shows the static user configured status dhcp : Shows the status by DHCP...
Page 481: Security Network Dhcp Relay Configuration
Security Network DHCP Relay Configuration Description: Show DHCP relay configuration. Syntax: Security Network DHCP Relay Configuration Example: Show DHCP relay configuration. MGSW-28240F:/>security network dhcp relay configuration DHCP Relay Configuration: ========================= DHCP Relay Mode : Disabled DHCP Relay Server : NULL...
Page 482: Security Network Dhcp Relay Server
User’s Manual of MGSW-28240F Enable DHCP relay mode MGSW-28240F:/>security network dhcp relay mode enable Security Network DHCP Relay Server Description: Show or set DHCP relay server. Syntax: Security Network DHCP Relay Server [<ip_addr>] Parameters: <ip_addr>: IP address (a.b.c.d), default: Show IP address...
Page 483: Security Network Dhcp Relay Information Policy
User’s Manual of MGSW-28240F disable Example: Enable DHCP relay agent information option mode. MGSW-28240F:/>security network dhcp relay information mode enable Security Network DHCP Relay Information Policy Description: Set or show the DHCP relay mode. When enable DHCP relay information mode operation, if agent receive a DHCP message that already contains relay agent information.
Page 484: Security Network Dhcp Snooping Configuration
When enable DHCP snooping mode operation, the request DHCP messages will be forwarded to trusted ports and only allowed reply packets from trusted ports. disable: Disable DHCP snooping mode (default: Show flow DHCP snooping mode) Default Setting: disable Example: Enable DHCP snooping mode MGSW-28240F:/>security network dhcp snooping mode enable...
Page 485: Security Network Dhcp Snooping Port Mode
(default: Show flow DHCP snooping port mode) Default Setting: trusted Example: Set untrusted DHCP snooping port mode in port 1 MGSW-28240F:/>security network dhcp snooping port mode 1 untrusted Security Network DHCP Snooping Statistics Description: Show or clear DHCP snooping statistics. Syntax: Security Network DHCP Snooping Statistics [<port_list>] [clear]...
Page 486: Security Network Ip Source Guard Configuration
User’s Manual of MGSW-28240F Rx Discover: Tx Discover: Rx Offer: Tx Offer: Rx Request: Tx Request: Rx Decline: Tx Decline: Rx ACK: Tx ACK: Rx NAK: Tx NAK: Rx Release: Tx Release: Rx Inform: Tx Inform: Rx Lease Query: Tx Lease Query:...
Page 487: Security Network Ip Source Guard Port Mode
Default Setting: disable Example: Enable IP source guard port mode for port1~4 MGSW-28240F:/>security network ip source guard port mode 1-4 enable Security Network IP Source Guard Limit Description: Set or show the IP Source Guard port limitation for dynamic entries.
Page 488: Security Network Ip Source Guard Entry
<allowed_mac>: MAC address (xx-xx-xx-xx-xx-xx), MAC address allowed for doing IP source guard Example: Add IP source guard static entry. MGSW-28240F:/>security network ip source guard entry 1 add 1 192.168.0.20 Security Network IP Source Guard Status Description: Show IP source guard static and dynamic entries.
Page 489: Security Network Ip Source Guard Translation
User’s Manual of MGSW-28240F Show IP source guard static and dynamic entries. MGSW-28240F:/>security network ip source guard status Security Network IP Source Guard Translation Description: Translate IP source guard dynamic entries into static entries. Syntax: Security Network IP Source Guard Translation...
Page 490: Security Network Arp Inspection Port Mode
(default: Show ARP Inspection port mode) Default Setting: Disable Example: Enable the ARP inspection mode of port 1 MGSW-28240F:/>security network arp inspection port mode 1 Security Network ARP Inspection Entry Description: Add or delete ARP inspection static entry. Syntax: Security Network ARP Inspection Entry [<port_list>] add|delete <vid> <allowed_mac> <allowed_ip>...
Page 491: Security Network Arp Inspection Status
<allowed_mac>: MAC address (xx-xx-xx-xx-xx-xx), MAC address allowed for doing ARP request <allowed_ip> : IP address (a.b.c.d), IP address allowed for doing ARP request Example: Add ARP inspection static entry. MGSW-28240F:/>security network arp inspection entry 1 add 1 00-30-4f-00-00-11 192.168.0.11 Security Network ARP Inspection Status Description: Show ARP inspection static and dynamic entries.
Page 492 User’s Manual of MGSW-28240F Show Auth configuration. Syntax: Security AAA Configuration Example: Show Auth configuration. MGSW-28240F:/>security aaa configuration AAA Configuration: ================== Server Timeout : 15 seconds Server Dead Time : 300 seconds RADIUS Authentication Server Configuration: =========================================== Server Mode IP Address...
Page 493: Security Aaa Timeout
User’s Manual of MGSW-28240F ------ -------- --------------- ------------------------------ ----- Disabled Disabled Disabled Disabled Disabled Security AAA Timeout Description: Set or show server timeout. Syntax: Security AAA Timeout [<timeout>] Parameters: <timeout>: Server response timeout (3-3600 seconds) (default: Show server timeout configuration)
Page 494: Security Aaa Radius
Quotes in the secret are not allowed. <server_port> : Server UDP port. Use 0 to use the default RADIUS port (1812) Example: Set RADIUS authentication server configuration. MGSW-28240F:/>security aaa radius 1 enable 192.168.0.20 12345678 1812 Security AAA ACCT_RADIUS Description: Set or show RADIUS accounting server setup.
Page 495: Security Aaa Tacacs
Quotes in the secret are not allowed. <server_port> : Server UDP port. Use 0 to use the default RADIUS port (1813) Example: Set RADIUS accounting server configuration. MGSW-28240F:/>security acct_radius 1 enable 192.168.0.20 12345678 1813 Security AAA TACACS+ Description: Set or show TACACS+ authentication server setup. Syntax: Security AAA TACACS+ [<server_index>] [enable|disable] [<ip_addr_string>] [<secret>] [<server_port>]...
Page 496: Security Aaa Statistics
User’s Manual of MGSW-28240F <server_port> : Server TCP port. Use 0 to use the default TACACS+ port (49) Example: Set TACACS+ authentication server configuration. MGSW-28240F:/>security aaa tacacs+ 1 enable 192.168.0.20 12345678 49 Security AAA Statistics Description: Show RADIUS statistics. Syntax: Security AAA Statistics [<server_index>]...
Page 497: Spanning Tree Protocol Command
User’s Manual of MGSW-28240F 6.8 Spanning Tree Protocol Command STP Configuration Description: Show STP configuration. Syntax: STP Configuration Example: Show STP configuration. MGSW-28240F:/>stp cofiguration STP Configuration: ================== Protocol Version: MSTP Max Age : 20 Forward Delay : 15 Tx Hold Count...
Page 498: Stp Tx Hold
User’s Manual of MGSW-28240F Example: Set the STP Bridge protocol version. MGSW-28240F:/> stp version rstp STP Tx Hold Description: Set or show the STP Bridge Transmit Hold Count parameter. Syntax: STP Txhold [<holdcount>] Parameters: <holdcount>: STP Transmit Hold Count (1-10)
Page 499: Stp Maxage
User’s Manual of MGSW-28240F Set STP maximum hops in 25 MGSW-28240F:/>stp maxhops 25 STP MaxAge Description: Set or show the bridge instance maximum age. Syntax: STP MaxAge [<max_age>] Parameters: <max_age>: STP maximum age time (6-40, and max_age <= (forward_delay-1)*2) Default Setting:...
Page 500: Stp Cname
User’s Manual of MGSW-28240F MGSW-28240F:/>stp fwddelay 25 STP CName Description: Set or Show MSTP configuration name and revision. Syntax: STP CName [<config-name>] [<integer>] Parameters: <config-name>: MSTP Configuration name. A text string up to 32 characters long. Use quotes (") to embed spaces in name.
Page 501: Stp Bpdu Guard
User’s Manual of MGSW-28240F Example: Set edge port BPDU filtering MGSW-28240F:/>stp bpdufilter enable STP BPDU Guard Description: Set or show edge port BPDU Guard. Syntax: STP bpduGuard [enable|disable] Parameters: enable|disable: enable or disable BPDU Guard for Edge ports Default Setting:...
Page 502: Stp Status
User’s Manual of MGSW-28240F Example: Set STP recovery value in 30 sec. MGSW-28240F:/>stp recovery 30 STP Status Description: Show STP Bridge status. Syntax: STP Status [<msti>] [<port_list>] Parameters: <msti> : STP bridge instance no (0-7, CIST=0, MSTI1=1, ...) <port_list>: Port list or 'all', default: All ports...
Page 503: Stp Msti Priority
: STP bridge instance no (0-7, CIST=0, MSTI1=1, ...) <priority> : STP bridge priority (0/16/32/48/.../224/240) Default: Example: Set MST1 priority value in 48. MGSW-28240F:/>stp msti priority 1 48 STP MSTI Map Description: Show or clear MSTP MSTI VLAN mapping configuration. Syntax: STP Msti Map [<msti>] [clear]...
Page 504: Stp Msti Add
STP Msti Add <msti> <vid> Parameters: <msti>: STP bridge instance no (0-7, CIST=0, MSTI1=1, ...) <vid> : VLAN ID (1-4095) Example: Add MST1 in vlan1. MGSW-28240F:/>stp msti add 1 1 STP Port Configuration Description: Show STP Port configuration. Syntax: STP Port Configuration [<port_list>] Parameters: <port_list>: Port list or 'all'.
Page 505: Stp Port Mode
: Enable MSTP protocol Disable : Disable MSTP protocol Default: disable Example: Enable STP function on port1 MGSW-28240F:/>stp port mode 1 enable STP Port Edge Description: Set or show the STP adminEdge port parameter. Syntax: STP Port Edge [<port_list>] [enable|disable] Parameters: <port_list>: Port list or 'all', default: All ports...
Page 506: Stp Port Autoedge
User’s Manual of MGSW-28240F MGSW-28240F:/>stp port edge 1 enable STP Port AutoEdge Description: Set or show the STP autoEdge port parameter. Syntax: STP Port AutoEdge [<port_list>] [enable|disable] Parameters: <port_list>: Port list or 'all', default: All ports Enable : Enable MSTP autoEdge...
Page 507: Stp Port Restrictedrole
User’s Manual of MGSW-28240F Default: auto Example: Disable STP P2P function on port1 MGSW-28240F:/>stp port p2p 1 disable STP Port RestrictedRole Description: Set or show the MSTP restrictedRole port parameter. Syntax: STP Port RestrictedRole [<port_list>] [enable|disable] Parameters: <port_list>: Port list or 'all', default: All ports...
Page 508: Stp Port Bpduguard
: Enable MSTP restricted TCN disable : Disable MSTP restricted TCN Default: disable Example: Eisable STP restricted TCN on port1 MGSW-28240F:/>stp port restrictedtcn 1 enable STP Port bpduGuard Description: Set or show the bpduGuard port parameter. Syntax: STP Port bpduGuard [<port_list>] [enable|disable] Parameters: <port_list>: Port list or 'all', default: All ports...
Page 509: Stp Port Mcheck
User’s Manual of MGSW-28240F Syntax: STP Port Statistics [<port_list>] [clear] Parameters: <port_list>: Port list or 'all', default: All ports clear : Clear the selected port statistics Example: Show STP port statistics. MGSW-28240F:/>stp port statistics Port Rx MSTP Tx MSTP Rx RSTP...
Page 510: Stp Msti Port Cost
<port_list>: Port list or 'all'. Port zero means aggregations. <path_cost>: STP port path cost (1-200000000) or 'auto' Default: auto Example: Set MSTI7 in port1 MGSW-28240F:/>stp msti port cost 7 1 MSTI Port Path Cost ---- ---- ---------- MST7 1 Auto...
Page 511 User’s Manual of MGSW-28240F <port_list>: Port list or 'all'. Port zero means aggregations. <priority> : STP port priority (0/16/32/48/.../224/240) Default:...
Page 512: Link Aggregation Command
User’s Manual of MGSW-28240F 6.9 Link Aggregation Command Aggregation Configuration Description: Show link aggregation configuration. Syntax: Aggr Configuration Aggregation Add Description: Add or modify link aggregation. Syntax: Aggr Add <port_list> [<aggr_id>] Parameters: <port_list>: Port list or 'all', default: All ports <aggr_id>...
Page 513: Aggregation Lookup
User’s Manual of MGSW-28240F Example: Delete Group2 MGSW-28240F:/>aggr delete 2 Aggregation Lookup Description: Lookup link aggregation. Syntax: Aggr Lookup [<aggr_id>] Parameters: <aggr_id>: Aggregation ID Aggregation Mode Description: Set or show the link aggregation traffic distribution mode. Syntax: Aggr Mode [smac|dmac|ip|port] [enable|disable]...
Page 514 User’s Manual of MGSW-28240F Example: Disable SMAC mode MGSW-28240F:/>Aggr mode smac disable...
Page 515: Link Aggregation Control Protocol Command
User’s Manual of MGSW-28240F 6.10 Link Aggregation Control Protocol Command LACP Configuration Description: Show LACP configuration. Syntax: LACP Configuration [<port_list>] Parameters: <port_list>: Port list or 'all', default: All ports Example: Show LACP configuration MGSW-28240F:/>lacp configuration Port Mode Role ---- --------...
Page 516: Lacp Key
User’s Manual of MGSW-28240F <port_list>: Port list or 'all', default: All ports enable : Enable LACP protocol disable: Disable LACP protocol (default: Show LACP mode) Default Setting: disable Example: Enable LACP for port1~4 MGSW-28240F:/>lacp mode 1-4 enable LACP Key Description: Set or show the LACP key.
Page 517: Lacp System Prio
User’s Manual of MGSW-28240F LACP Prio [<port_list>] [<prio>] Parameters: <port_list>: Port list or 'all', default: All ports <prio> : LACP Prio (0-65535) Default Setting: 32768 LACP System Prio Description: Set or show the LACP System prio. Syntax: LACP System Prio [<sysprio>] Parameters: <sysprio>: LACP System Prio (0-65535)
Page 518: Lacp Status
User’s Manual of MGSW-28240F active Example: Set passive for port1~4 MGSW-28240F:/>lacp role 1-4 passive LACP Status Description: Show LACP Status. Syntax: LACP Status [<port_list>] Parameters: <port_list>: Port list or 'all', default: All ports Example: Show LACP status of port1~4 MGSW-28240F:/>lacp status 1-4...
Page 519: Lacp Timeout
User’s Manual of MGSW-28240F Parameters: <port_list>: Port list or 'all', default: All ports clear : Clear LACP statistics Example: Show LACP statistics of port1~4 MGSW-28240F:/>lacp statistics 1-4 Port Rx Frames Tx Frames Rx Unknown Rx Illegal ------ --------------- --------------- ---------------...
Page 520: Lldp Command
User’s Manual of MGSW-28240F 6.11 LLDP Command LLDP Configuration Description: Show LLDP configuration. Syntax: LLDP Configuration [<port_list>] Parameters: <port_list>: Port list or 'all', default: All ports Example: Show LLDP configuration of port1~4 MGSW-28240F:/>lldp configuration 1-4 LLDP Configuration: =================== Interval : 30...
Page 521: Lldp Optional Tlv
User’s Manual of MGSW-28240F Parameters: <port_list>: Port list or 'all', default: All ports enable : Enable LLDP reception and transmission disable: Disable LLDP : Enable LLDP reception only : Enable LLDP transmission only (default: Show LLDP mode) Default Setting: disable Example: Enable port1 LLDP function.
Page 522: Lldp Interval
User’s Manual of MGSW-28240F System capabilities: Enable Master's IP address: Enable Example: Disable description of the port for port1 MGSW-28240F:/>lldp optional_tlv 1 port_descr disable LLDP Interval Description: Set or show LLDP Tx interval. Syntax: LLDP Interval [<interval>] Parameters: <interval>: LLDP transmission interval (5-32768)
Page 523: Lldp Delay
User’s Manual of MGSW-28240F Example: Set LLDP hold value in 10 MGSW-28240F:/>lldp hold 10 LLDP Delay Description: Set or show LLDP Tx delay. Syntax: LLDP Delay [<delay>] Parameters: <delay>: LLDP transmission delay (1-8192) Default Setting: Example: Set LLDP delay value in 1 MGSW-28240F:/>lldp delay 1...
Page 524: Lldp Statistics
User’s Manual of MGSW-28240F Example: Set LLDP reinit delay value in 3 MGSW-28240F:/>lldp reinit 3 LLDP Statistics Description: Show LLDP Statistics. Syntax: LLDP Statistics [<port_list>] [clear] Parameters: <port_list>: Port list or 'all', default: All ports clear : Clear LLDP statistics...
Page 525: Lldp Cdp Aware
User’s Manual of MGSW-28240F Syntax: LLDP Info [<port_list>] Parameters: <port_list>: Port list or 'all', default: All ports LLDP CDP Aware Description: Set or show if discovery information from received CDP ( Cisco Discovery Protocol ) frames is added to the LLDP neighbor table.
Page 526: Lldp Med Command
User’s Manual of MGSW-28240F 6.12 LLDP MED Command LLDP MED Configuration Description: Show LLDP-MED configuration. Syntax: LLDPMED Configuration [<port_list>] Parameters: <port_list>: Port list or 'all', default: All ports Example: Show LLDP-MED configuration of port1~4 MGSW-28240F:/>lldpmed configuration 1-4 LLDP-MED Configuration: =======================...
Page 527: Lldp Med Ecs
User’s Manual of MGSW-28240F Syntax: LLDPMED Civic [country|state|county|city|district|block|street|leading_street_direction|trailing_street_suffix|str_suf|house_no|house_no_s uffix|landmark|additional_info|name|zip_code|building|apartment|floor|room_number|place_type|postal_com_name|p_o_ box|additional_code] [<civic_value>] Parameters: country : Country state : National subdivisions (state, caton, region, province, prefecture) county : County, parish,gun (JP), district(IN) city : City, townchip, shi (JP) district : City division,borough, city, district, ward,chou (JP)
Page 528: Lldp Med Policy Delete
User’s Manual of MGSW-28240F Syntax: LLDPMED ecs [<ecs_value>] Parameters: <ecs_value>: lldpmed The value for the Emergency Call Service LLDP MED Policy Delete Description: Delete the selected policy. Syntax: LLDPMED policy delete [<policy_list>] Parameters: <policy_list>: List of policies to delete Example: Delete the policy 1 MGSW-28240F:/>lldpmed policy delete 1...
Page 529: Lldp Med Port Policy
User’s Manual of MGSW-28240F visitors with their own IP Telephony handsets and other similar appliances supporting interactive voice services. guest_voice_signaling : Guest Voice Signaling (conditional) for use in network topologies that require a different policy for the guest voice signaling than for the guest voice media.
Page 530: Lldp Med Datum
User’s Manual of MGSW-28240F Set or show LLDP-MED Location. Syntax: LLDPMED Coordinates [latitude|longitude|altitude] [north|south|west|east|meters|floor] [coordinate_value] Parameters: latitude : Latitude, 0 to 90 degress with max. 4 digits (Positive numbers are north of the equator and negative numbers are south of the equator).
Page 531: Lldp Med Fast
User’s Manual of MGSW-28240F LLDP MED Fast Description: Set or show LLDP-MED Fast Start Repeat Count. Syntax: LLDPMED Fast [<count>] Parameters: <count>: The number of times the fast start LLDPDU are being sent during the activation of the fast start mechanism defined by LLDP-MED (1-10).
Page 532: Quality Of Service Command
Set or show the default QoS class. Syntax: QoS Port Classification Class [<port_list>] [<class>] Parameters: <port_list>: Port list or 'all', default: All ports <class> : QoS class (0-7) Default Setting: Example: Set default QoS class in 1 for port 1 MGSW-28240F:/>qos Port Classification Class 1 1...
Page 533: Qos Port Classification Dpl
: Drop Precedence Level (0-1) Default Setting: Example: Set the default Drop Precedence Level in 1 for port1 MGSW-28240F:/>qos Port Classification dpl 1 1 QoS Port Classification PCP Description: Set or show the default PCP for an untagged frame. Syntax: QoS Port Classification PCP [<port_list>] [<pcp>]...
Page 534: Qos Port Classification Dei
Default Setting: Example: Set the default DEI for an untagged frame in 1 for port1. MGSW-28240F:/>qos Port Classification dei 1 1 QoS Port Classification Tag Description: Set or show if the classification is based on the PCP and DEI values in tagged frames.
Page 535: Qos Port Classification Map
User’s Manual of MGSW-28240F MGSW-28240F:/>qos Port Classification tag 1-10 enable QoS Port Classification Map Description: Set or show the port classification map. This map is used when port classification tag is enabled,and the purpose is to translate the Priority Code Point (PCP) and Drop Eligible Indicator (DEI) from a tagged frame to QoS class and DP level.
Page 536: Qos Port Policer Mode
User’s Manual of MGSW-28240F MGSW-28240F:/>qos Port Classification dscp 1-10 enable QoS Port Policer Mode Description: Set or show the port policer mode Syntax: QoS Port Policer Mode [<port_list>] [enable|disable] Parameters: <port_list>: Port list or 'all', default: All ports enable : Enable port policer...
Page 537: Qos Port Policer Unit
User’s Manual of MGSW-28240F Example: Set the port policer rate in 1000 MGSW-28240F:/>qos Port Policer Rate 1-10 1000 QoS Port Policer Unit Description: Set or show the port policer unit. Syntax: QoS Port Policer Unit [<port_list>] [kbps|fps] Parameters: <port_list>: Port list or 'all', default: All ports...
Page 538: Qos Port Queuepolicer Mode
User’s Manual of MGSW-28240F enable : Enable port policer flow control disable : Disable port policer flow control (default: Show port policer flow control mode) Default Setting: disable QoS Port QueuePolicer Mode Description: Set or show the port queue policer mode.
Page 539: Qos Port Scheduler Mode
(default: Show port scheduler mode) Default Setting: strict Example: Set the port schedule mode in weighted mode MGSW-28240F:/>qos Port Scheduler Mode 1-10 weighted QoS Port Scheduler Weight Description: Set or show the port scheduler weight. Syntax: QoS Port Scheduler Weight [<port_list>] [<queue_list>] [<weight>] Parameters: <port_list>...
Page 540: Qos Port Queueshaper Mode
(default: Show port queue shaper mode) Default Setting: disable Example: Enable port queue shaper for all port & queue MGSW-28240F:/>qos Port QueueShaper Mode 1-10 0-7 enable QoS Port QueueShaper Rate Description: Set or show the port queue shaper rate. Syntax: QoS Port QueueShaper Rate [<port_list>] [<queue_list>] [<bit_rate>]...
Page 541: Qos Port Queueshaper Excess
User’s Manual of MGSW-28240F Set the port queue shaper rate in 1000 MGSW-28240F:/>qos Port QueueShaper rate 1-10 0-7 1000 QoS Port QueueShaper Excess Description: Set or show the port queue excess bandwidth mode. Syntax: QoS Port QueueShaper Excess [<port_list>] [<queue_list>] [enable|disable] Parameters: <port_list>...
Page 542: Qos Port Tagremarking Pcp
Example: Set the port tag remarking mode in mapped. MGSW-28240F:/>qos Port TagRemarking Mode 1-10 mapped QoS Port TagRemarking PCP Description: Set or show the default PCP. This value is used when port tag remarking mode is set to 'default'.
Page 543: Qos Port Tagremarking Map
Default Setting: Example: Set the default EDI in 1. MGSW-28240F:/>qos Port TagRemarking EDI 1-10 1 QoS Port TagRemarking Map Description: Set or show the port tag remarking map. This map is used when port tag remarking mode is set to 'mapped', and the purpose is to translate the classified QoS class (0-7) and DP level (0-1) to PCP and DEI.
Page 544: Qos Port Dscp Classification
: Classify DSCP for which class. mode is 'enable' : Classify all DSCP (default: Show port DSCP ingress classification mode) Default Setting: none Example: Set DSCP classification based on QoS class and DP level in zero MGSW-28240F:/> QoS Port DSCP Classification 1-10 zero...
Page 545: Qos Port Dscp Egressremark
Default Setting: disable Example: Enable DSCP egress rewrite MGSW-28240F:/> QoS Port DSCP EgressRemark 1-10 enable QoS DSCP Map Description: Set or show DSCP mapping table. This table is used to map QoS class and DP level based on DSCP value.
Page 546: Qos Dscp Translation
User’s Manual of MGSW-28240F QoS DSCP Translation Description: Set or show global ingress DSCP translation table. If port DSCP translation is enabled, translation table is used to translate incoming frames DSCP value and translated value is used to map QoS class and DP level.
Page 547: Qos Dscp Egressremap
User’s Manual of MGSW-28240F If port DSCP classification is 'selected', DSCP will be classified based on QoS class and DP level only for DSCP value with classification mode 'enabled'. DSCP may be translated DSCP if translation is enabled for the port.
Page 548: Qos Storm Multicast
<packet_rate>: Rate in fps (1, 2, 4, ..., 512, 1k, 2k, 4k, ..., 32768k) Default Setting: disable Example: Enable unicast storm control in 2fps MGSW-28240F:/> QoS Storm Unicast enable 2 QoS Storm Multicast Description: Set or show the multicast storm rate limiter. Syntax: QoS Storm Multicast [enable|disable] [<packet_rate>]...
Page 549: Qos Qcl Add
User’s Manual of MGSW-28240F Syntax: QoS Storm Broadcast [enable|disable] [<packet_rate>] Parameters: enable : Enable broadcast storm control disable : Disable broadcast storm control <packet_rate>: Rate in fps (1, 2, 4, ..., 512, 1k, 2k, 4k, ..., 1024k) Default Setting: disable...
Page 550: Qos Qcl Delete
QoS QCL Delete Description: Delete QCE entry from QoS Control list. Syntax: QoS QCL Delete <qce_id> Parameters: <qce_id>: QCE ID (1-256), default: Next available ID Default Setting: disable Example: Enable multicast storm control in 2fps MGSW-28240F:/> QoS Storm multicast enable 2...
Page 551: Qos Qcl Lookup
Default Setting: disable Example: Enable multicast storm control in 2fps MGSW-28240F:/> QoS Storm multicast enable 2 QoS QCL Status Description: Show QCL status. This can be used to display if there is any conflict in QCE for differnet user types.
Page 552 : Shows the static user configured status voice_vlan : Shows the status by Voice VLAN conflicts : Shows all conflict status (default : Shows the combined status) Default Setting: disable Example: Enable multicast storm control in 2fps MGSW-28240F:/> QoS Storm multicast enable 2...
Page 553: Mirror Command
User’s Manual of MGSW-28240F 6.14 Mirror Command Mirror Configuration Description: Show mirror configuration. Syntax: Mirror Configuration [<port_list>] Parameters: <port_list>: Port list or 'all', default: All ports Example: Show mirror configuration. MGSW-28240F:/>mirror configuration Mirror Port Description: Set or show the mirror port.
Page 554: Mirror Mode
User’s Manual of MGSW-28240F Mirror Mode Description: Set or show the mirror mode. Syntax: Mirror Mode [<port_list>] [enable|disable|rx|tx] Parameters: <port_list>: Port list or 'all', default: All ports enable : Enable Rx and Tx mirroring disable: Disable Mirroring : Enable Rx mirroring...
Page 555: Configuration Command
User’s Manual of MGSW-28240F 6.15 Configuration Command Configuration Save Description: Save configuration to TFTP server. Syntax: Config Save <ip_server> <file_name> Parameters: <ip_server>: TFTP server IP address (a.b.c.d) <file_name>: Configuration file name Configuration Load Description: Load configuration from TFTP server. Syntax: Config Load <ip_server>...
Page 556: Firmware Command
User’s Manual of MGSW-28240F 6.16 Firmware Command Firmware Load Description: Load new firmware from TFTP server. Syntax: Firmware Load <ip_addr_string> <file_name> Parameters: <ip_addr_string>: IP host address (a.b.c.d) or a host name string <file_name> : Firmware file name Firmware IPv6 Load Description: Load new firmware from IPv6 TFTP server.
Page 557: Firmware Swap
User’s Manual of MGSW-28240F Firmware Swap Description: Activate the alternate firmware image.. Syntax: Firmware Swap...
Page 558: Upnp Command
User’s Manual of MGSW-28240F 6.17 UPnP Command UPnP Configuration Description: Show UPnP configuration. Syntax: UPnP Configuration Example: Show UPnP configuration. MGSW-28240F:/>upnp configuration UPnP Configuration: =================== UPnP Mode : Disabled UPnP TTL UPnP Advertising Duration : 100 UPnP Mode Description: Set or show the UPnP mode.
Page 559: Upnp Ttl
User’s Manual of MGSW-28240F MGSW-28240F:/>upnp mode enable UPnP TTL Description: Set or show the TTL value of the IP header in SSDP messages. Syntax: UPnP TTL [<ttl>] Parameters: <ttl>: ttl range (1..255), default: Show UPnP TTL Default Setting: Example: Set the value 10 for TTL value of the IP header in SSDP messages.
Page 560: Mvr Command
User’s Manual of MGSW-28240F 6.18 MVR Command MVR Configuration Description: Show the MVR configuration. Syntax: MVR Configuration Example: Show the MVR configuration. MGSW-28240F:/>mvr configuration MVR Configuration: ================== MVR Mode: Disabled Muticast VLAN ID: 100 Port Port Mode Port Type Immediate Leave...
Page 561: Mvr Vlan Setup
User’s Manual of MGSW-28240F MVR Mode [enable|disable] Parameters: enable : Enable MVR mode disable : Disable MVR mode (default: Show MVR mode) Default Setting: disable Example: Enable MVR mode. MGSW-28240F:/>mvr mode enable MVR VLAN Setup Description: Set or show per MVR VLAN configuration.
Page 562: Mvr Vlan Port
User’s Manual of MGSW-28240F Parameters: <vid>|<mvr_name>: MVR VLAN ID (1-4095) or Name (Maximum of 32 characters) dynamic : Dynamic MVR mode compatible: Compatible MVR mode (default: Show MVR VLAN mode) MVR VLAN Port Description: Set or show per MVR VLAN port role.
Page 563: Mvr Vlan Channel
User’s Manual of MGSW-28240F MVR VLAN Channel Description: Set or show per MVR VLAN channel. Syntax: MVR VLAN Channel [<vid>|<mvr_name>] [add|del|upd] [channel] [channel_bound] [(Name <grp_name>)] Parameters: <vid>|<mvr_name>: MVR VLAN ID (1-4095) or Name (Maximum of 32 characters) : Add operation...
Page 564: Mvr Status
User’s Manual of MGSW-28240F MVR Immediate Leave [<port_list>] [enable|disable] Parameters: <<port_list>: Port list or 'all', default: All ports enable : Enable Immediate Leave disable : Disable Immediate Leave (default: Show MVR Immediate Leave) MVR Status Description: Show/Clear MVR operational status.
Page 565 User’s Manual of MGSW-28240F MVR SFM [<vid>] [<port_list>] Parameters: <vid> : VLAN ID (1-4095) <port_list>: Port list or 'all', default: All ports...
Page 566: Voice Vlan Command
User’s Manual of MGSW-28240F 6.19 Voice VLAN Command Voice VLAN Configuration Description: Show Voice VLAN configuration. Syntax: Voice VLAN Configuration Example: Show Voice VLAN configuration. MGSW-28240F:/>voice vlan configuration V oice VLAN Configuration: ========================= Voice VLAN Mode : Disabled Voice VLAN VLAN ID...
Page 567: Voice Vlan Mode
User’s Manual of MGSW-28240F Port Mode Security Discovery Protocol ---- -------- -------- ------------------ Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Voice VLAN Mode Description: Set or show the Voice VLAN mode.
Page 568: Voice Vlan Id
User’s Manual of MGSW-28240F Voice VLAN ID Description: Set or show Voice VLAN ID. Syntax: Voice VLAN ID [<vid>] Parameters: <vid>: VLAN ID (1-4095) Default Setting: 1000 Example: Set ID 2 for Voice VLAN ID. MGSW-28240F:/>voice vlan id 2 Voice VLAN Agetime Description: Set or show Voice VLAN age time.
Page 569: Voice Vlan Traffic Class
: OUI address (xx-xx-xx). The null OUI address isn't allowed <description>: Entry description. Use 'clear' or "" to clear the string No blank or space characters are permitted as part of a contact. (only in CLI) Example: Add Voice VLAN OUI entry. MGSW-28240F:/>voice vlan oui add 00-11-22 test...
Page 570: Voice Vlan Oui Delete
Parameters: <oui_addr>: OUI address (xx-xx-xx). The null OUI address isn't allowed Example: Delete Voice VLAN OUI entry. MGSW-28240F:/>voice vlan oui delete 00-11-22 Voice VLAN OUI Clear Description: Clear Voice VLAN OUI entry. Modify OUI table will restart auto detect OUI process.
Page 571: Voice Vlan Port Mode
Example: Set auto mode for port 1-4 of Voice VLAN port mode. MGSW-28240F:/>voice vlan port mode 1-4 auto Voice VLAN Security Description: Set or show the Voice VLAN port security mode. When the function is enabled, all non-telephone MAC address in Voice VLAN will be blocked 10 seconds.
Page 572: Voice Vlan Discovery Protocol
Example: Enable the Voice VLAN port security mode for port 1-4. MGSW-28240F:/>voice vlan security 1-4 enable Voice VLAN Discovery Protocol Description: Set or show the Voice VLAN port discovery protocol mode. It only work under auto detect mode is enabled. We should enable LLDP feature before configure discovery protocol to 'LLDP' or 'Both'.
Page 573: Loop Protect Command
User’s Manual of MGSW-28240F 6.20 Loop Protect Command Loop Protect Configuration Description: Show Loop Protection configuration. Syntax: Loop Protect Configuration Loop Protect Mode Description: Set or show the Loop Protection mode. Syntax: Loop Protect Mode [enable|disable] Parameters: enable : Enable Loop Protection...
Page 574: Loop Protect Shutdown
User’s Manual of MGSW-28240F Loop Protect Shutdown Description: Set or show the Loop Protection shutdown time. Syntax: Loop Protect Shutdown [<shutdown-time>] Parameters: Shutdown time interval (0-604800 seconds) A value of zero disables re-enabling the port Default Setting: Loop Protect Port Configuration Description: Show Loop Protection port configuration.
Page 575: Loop Protect Port Action
User’s Manual of MGSW-28240F Loop Protect Port Action Description: Set or show the Loop Protection port action. Syntax: Loop Protect Port Action [<port_list>] [shutdown|shut_log|log] Parameters: <port_list>: Port list or 'all', default: All ports shutdown : Shutdown the port shut_log : Shutdown the port and Log event...
Page 576: Ipmc Command
User’s Manual of MGSW-28240F 6.21 IPMC Command IPMC Configuration Description: Show IPMC snooping configuration. Syntax: IPMC Configuration [mld|igmp] Parameters: mld|igmp: mld : IPMC for IPv6 MLD igmp: IPMC for IPv4 IGMP IPMC Mode Description: Set or show the IPMC snooping mode.
Page 577: Ipmc Flooding
User’s Manual of MGSW-28240F IPMC Flooding Description: Set or show the IPMC unregistered addresses flooding operation. Syntax: IPMC Flooding [mld|igmp] [enable|disable] Parameters: mld|igmp: mld : IPMC for IPv6 MLD igmp: IPMC for IPv4 IGMP enable : Enable IPMC flooding disable: Disable IPMC flooding...
Page 578: Ipmc Proxy
User’s Manual of MGSW-28240F disable Example: Enable IGMP Leave Proxy MGSW-28240F:/>ipmc leave proxy igmp enable IPMC Proxy Description: Set or show the mode of IPMC Proxy. Syntax: IPMC Proxy [mld|igmp] [enable|disable] Parameters: mld|igmp: mld : IPMC for IPv6 MLD igmp: IPMC for IPv4 IGMP...
Page 579: Ipmc Vlan Add
User’s Manual of MGSW-28240F Parameters: mld|igmp : mld : IPMC for IPv6 MLD igmp: IPMC for IPv4 IGMP range : SSM Range keyword <prefix> : IPv4/IPv6 multicast group address, accordingly <mask_len>: Mask length for IPv4(4 ~ 32)/IPv6(8 ~ 128) ssm range, accordingly...
Page 580: Ipmc State
: Enable MLD snooping disable: Disable MLD snooping Default Setting: disable Example: Enable IGMP snooping state for VLAN 1 MGSW-28240F:/>ipmc state igmp 1 enable IPMC Querier Description: Set or show the IPMC snooping querier mode for VLAN. Syntax: IPMC Querier [mld|igmp] [<vid>] [enable|disable]...
Page 581: Ipmc Compatibility
User’s Manual of MGSW-28240F Default Setting: disable Example: Enable IGMP querier for VLAN 1 MGSW-28240F:/>ipmc querier igmp 1 enable IPMC Compatibility Description: Set or show the IPMC Compatibility. Syntax: IPMC Compatibility [mld|igmp] [<vid>] [auto|v1|v2|v3] Parameters: mld|igmp mld : IPMC for IPv6 MLD igmp: IPMC for IPv4 IGMP <vid>...
Page 582: Ipmc Throttling
Disable MLD fast leave (default: Show IPMC fast leave mode) Default Setting: disable Example: Enable IGMP fast leave for all port MGSW-28240F:/>ipmc fastleave igmp 1-10 enable IPMC Throttling Description: Set or show the IPMC port throttling status. Syntax: IPMC Throttling [mld|igmp] [<port_list>] [limit_group_number]...
Page 583: Ipmc Filtering
IPMC for IPv4 IGMP <port_list>: Port list or 'all', default: All ports enable : Enable IPMC router port disable : Disable IPMC router port (default: Show IPMC router port mode) Example: Enable port 1 in IPMC router port MGSW-28240F:/>ipmc riuter igmp 1 enable...
Page 584: Ipmc Status
User’s Manual of MGSW-28240F IPMC Status Description: Show IPMC operational status, accordingly. Syntax: IPMC Status [mld|igmp] [<vid>] Parameters: mld|igmp: mld : IPMC for IPv6 MLD igmp: IPMC for IPv4 IGMP <vid> : VLAN ID (1-4095) or 'any', default: Show all VLANs...
Page 585: Ipmc Version
User’s Manual of MGSW-28240F IPMC Version Description: Show IPMC Versions. Syntax: IPMC Version [mld|igmp] [<vid>] Parameters: mld|igmp: mld : IPMC for IPv6 MLD igmp: IPMC for IPv4 IGMP <vid> : VLAN ID (1-4095) or 'any', default: Show all VLANs Example: Show VLAN 1 IPMC Versions.
Page 586: Ipmc Parameter Qi
User’s Manual of MGSW-28240F Syntax: IPMC Parameter RV [mld|igmp] [<vid>] [ipmc_param_rv] Parameters: mld|igmp mld : IPMC for IPv6 MLD igmp: IPMC for IPv4 IGMP <vid> : VLAN ID (1-4095) or 'any', default: Show all VLANs ipmc_param_rv: : Default Value (2)
Page 587: Ipmc Parameter Llqi
User’s Manual of MGSW-28240F Parameters: mld|igmp mld : IPMC for IPv6 MLD igmp: IPMC for IPv4 IGMP <vid> : VLAN ID (1-4095) or 'any', default: Show all VLANs ipmc_param_qri: : Default Value (100) 0~31744 : Query Response Interval in tenths of seconds...
Page 588 User’s Manual of MGSW-28240F mld : IPMC for IPv6 MLD igmp: IPMC for IPv4 IGMP <vid> : VLAN ID (1-4095) or 'any', default: Show all VLANs ipmc_param_uri: : Default Value (1) 0~31744 : Unsolicited Report Interval in seconds (default: Show IPMC Interface Unsolicited Report Interval)
Page 589: Vlan Control List Command
<vid> : VLAN ID (1-4095) <port_list>: Port list or 'all', default: All ports Example: Add 00-11-22-33-44-55-66 in VLAN 20 for all port MGSW-28240F:/>vcl macvlan add 00-11-22-33-44-55-66 20 1-10 VCL MAC-based VLAN Delete Description: Delete VCL MAC-based VLAN entry. Syntax: VCL Macvlan Del <mac_addr>...
Page 590: Vcl Stasus
User’s Manual of MGSW-28240F Delete 00-11-22-33-44-55-66 in MAC-based VLAN list MGSW-28240F:/> vcl macvlan del 00-11-22-33-44-55-66 VCL Stasus Description: Show VCL MAC-based VLAN users configuration. Syntax: VCL Status [combined|static|nas|all] Parameters: combined|static|nas|all: VCL User VCL Protocol-based VLAN Add Ethernet II Description: Add VCL protocol-based VLAN Ethernet-II protocol to group mapping.
Page 591: Vcl Protocol-Based Vlan Add Llc
User’s Manual of MGSW-28240F VCL Protocol-based VLAN Add LLC Description: Add VCL protocol-based VLAN LLC protocol to group mapping. Syntax: VCL ProtoVlan Protocol Add Llc <dsap> <ssap> <group_id> Parameters: <dsap> : DSAP value (0x00-0xFF) <ssap> : SSAP value (0x00-0xFF) <group_id>: Protocol group ID...
Page 592: Vcl Protocol-Based Vlan Delete Llc
User’s Manual of MGSW-28240F VCL Protocol-based VLAN Delete LLC Description: Delete VCL protocol-based VLAN LLC protocol to group mapping. Syntax: VCL ProtoVlan Protocol Delete Llc <dsap> <ssap> Parameters: <dsap>: DSAP value (0x00-0xFF) <ssap>: SSAP value (0x00-0xFF) VCL Protocol-based VLAN Add Description: Add VCL protocol-based VLAN group to VLAN mapping.
Page 593: Vcl Protocol-Based Vlan Configuration
User’s Manual of MGSW-28240F VCL Protocol-based VLAN Configuration Description: Show VCL protocol-based VLAN entries. Syntax: VCL ProtoVlan Conf VCL IP Subnet-based Vlan Configuration Description: Show VCL IP Subnet-based VLAN configuration. Syntax: VCL IPVlan Configuration [<vce_id>] Parameters: <vce_id>: Unique VCE ID (1-128) for each VCL entry...
Page 594 User’s Manual of MGSW-28240F Delete VCL IP Subnet-based VLAN entry. Syntax: VCL IPVlan Delete <vce_id> Parameters: <vce_id>: Unique VCE ID (1-128) for each VCL entry...
Page 595: Smtp Command
User’s Manual of MGSW-28240F 6.23 SMTP Command SMTP Configuration Description: Show SMTP configure. Syntax: SMTP Configuration Default Setting: disable SMTP Mode Description: Enable or disable SMTP configure. Syntax: SMTP Mode [enable|disable] Parameters: enable : Enable SMTP mode disable : Disable SMTP mode...
Page 596: Smtp Auth
User’s Manual of MGSW-28240F <server>: SMTP server address <port> : SMTP server port Default Setting: disable SMTP Auth Description: Enable or disable SMTP authentication configure. Syntax: SMTP Auth [enable|disable] Parameters: enable : Enable SMTP Authentication disable : Disable SMTP Authentication...
Page 597: Smtp Auth_Pass
User’s Manual of MGSW-28240F SMTP Auth_pass Description: Set or to show SMTP authentication password configure. Syntax: SMTP Auth_pass [<auth_pass_text>] Parameters: <auth_pass_text>: SMTP Authentication Password Default Setting: disable SMTP Mail from Description: Set or show SMTP e-mail from configure. Syntax: SMTP Mailfrom [<mailfrom_text>] Parameters: <mailfrom_text>: SMTP E-mail From address...
Page 598: Smtp Mail To 1
User’s Manual of MGSW-28240F Default Setting: Disable SMTP Mail to 1 Description: Set or show SMTP e-mail 1 to configure. Syntax: SMTP Mailto1 [<mailto1_text>] Parameters: <mailto1_text>: SMTP e-mail 1 to address Default Setting: Disable SMTP Mail to 2 Description: Set or show SMTP e-mail 2 to configure.
Page 599: Dido Command
User’s Manual of MGSW-28240F 6.24 DIDO Command DIDO DI Act Description: Set or show the system digital input0/1 action. Syntax: DIDO Di_act [first|second] [1|2] [enable|disable] Parameters: first : Digital Input/Output 0 second : Digital Input/Output 1 (default: Set or show digital input/output first(0)/second(1) select)
Page 600: Dido Di Enable
User’s Manual of MGSW-28240F DIDO DI Enable Description: Set or show the system digital input0/1. Syntax: DIDO Di_en [first|second] [enable|disable] [hightolow|lowtohigh] Parameters: first : Digital Input/Output 0 second : Digital Input/Output 1 (default: Set or show digital input/output first(0)/second(1) select)
Page 601: Dido Do Enable
User’s Manual of MGSW-28240F enable : Enable digital input0/1 function disable : Disable digital input0/1 function (default: Set or show digital input/output/fault alarm 0/1 status) DIDO DO Enable Description: Set or show the system digital output0/1. Syntax: DIDO Do_en [first|second] [enable|disable] [hightolow|lowtohigh]...
Page 602: Dido Do Power Alarm
User’s Manual of MGSW-28240F DIDO DO Power Alarm Description: Set or show the system digital output0/1 power alarm. Syntax: DIDO Do_pwr_alr [first|second] [dc1|dc2] [enable|disable] Parameters: first : Digital Input/Output 0 second : Digital Input/Output 1 (default: Set or show digital input/output first(0)/second(1) select)
Page 603: Dido Fault Enable
User’s Manual of MGSW-28240F DIDO Fault Enable Description: Set or show the system fault alarm. Syntax: DIDO Fault_en [enable|disable] Parameters: enable : Enable digital input0/1 function disable : Disable digital input0/1 function (default: Set or show digital input/output/fault alarm 0/1 status)
Page 604: Show Command
User’s Manual of MGSW-28240F (default: Set or show digital input/output/fault alarm 0/1 status) 6.25 Show Command Show Access Description: Show access management configuration. Syntax: Show access Show ACL Description: Show ACL Configuration. Syntax: Show acl Show Aggregation Description: Show link aggregation configuration.
Page 605: Show Auth
User’s Manual of MGSW-28240F Show Auth Description: Show Auth configuration. Syntax: Show auth Show DHCP Relay Description: Show DHCP relay configuration. Syntax: Show DHCP relay Show HTTPs Description: Show HTTPS configuration. Syntax: Show https Show IGMP Description: Show IPMC snooping configuration.
Page 606: Show Lacp
User’s Manual of MGSW-28240F Syntax: Show ip Show LACP Description: Show LACP configuration. Syntax: Show lacp Show Limit Control Description: Show Limit Control configuration. Syntax: Show limit control Show LLDP Description: Show LLDP configuration. Syntax: Show lldp Show LLDP-MED Description: Show LLDP-MED configuration.
Page 607: Show Loop Protect
User’s Manual of MGSW-28240F Show Loop Protect Description: Show Loop Protection configuration. Syntax: Show Loop Protect Show MAC Description: Show MAC address table configuration. Syntax: Show MAC Show Mirror Description: Show mirror configuration. Syntax: Show mirror Show MVR Description: Show MVR configuration.
Page 608: Show Privilege
User’s Manual of MGSW-28240F Syntax: Show port Show Privilege Description: Show privilege configuration. Syntax: Show privilege Show Private VLAN Description: Show Private VLAN configuration. Syntax: Show pvlan Show QoS Description: Show QoS Configuration. Syntax: Show QoS Show SNMP Description: Show SNMP configuration.
Page 609: Show Ssh
User’s Manual of MGSW-28240F Show SSH Description: Show SSH configuration. Syntax: Show ssh Show System Description: Show system configuration. Syntax: Show system Show Timezone Description: Show System Timezone configuration. Syntax: Show timezone Show UPnP Description: Show UPnP configuration. Syntax: Show upnp...
Page 610: Show Vlan
User’s Manual of MGSW-28240F Syntax: Show users Show VLAN Description: Show VLAN configuration. Syntax: Show vlan Show Voice VLAN Description: Show Voice VLAN configuration. Syntax: Show voice vlan Show Firmware Description: Display information about active and alternate firmware images. Syntax:...
Page 611: Mep Command
1 for flow instance, and Tagged ID is 3001. MEP Peer set to 3 for MEP instance 1. MGSW-28240F:/MEP>mep config 1 mep ingress 1 0 itu meg000 3 3001 1 enable mep peer Description: MEP Peer MEP id configuration.
Page 612: Mep Cc
Before configure this setting, please make sure MEP and ERPS setting has been finished and the connection has established. Syntax: MEP cc config [<inst>] [<prio>] [300s|100s|10s|1s|6m|1m|6h] [enable|disable] Parameters: <inst> : Instance number. <prio> : OAM PDU priority. 300s|100s|10s|1s|6m|1m|6h: OAM period (100s -> 100 PDU pr. second). enable|disable : enable/disable. Example: MGSW-28240F:/>mep cc config 1 0 300s enable...
Page 613: Erps Command
: Set for interconnected node. virtual_channel: Set for virtual channel. <major-ring-id>: major ring of a sub-ring, when configuring as an interconnected node. Example: MGSW-28240F:/>erps add 1 1 2 major erps mep Description: Associating Port 0/1 MEP to a protection group.
Page 614: Erps Vlan
<east_raps_mep>: CC/RAPS mep id for Port 0. <west_raps_mep>: CC/RAPS mep id for Port 1. <group-id> : protection group id 1 – 64. Example: MGSW-28240F:/>erps mep 1 2 1 2 1 erps vlan Description: Add or deflete VLAN ID for ERPS. Syntax: Erps vlan add <vid>...
Page 615: Erps Hold Off Time Out
: hold-off timeout. <group-id> : protection group id for configuring hold-off time. Syntax: Erps hold off timeout <hold_timeout> <group-id> Parameters: <hold_timeout>: timer timeout values. <group-id> : protection group id 1 – 64. Example: MGSW-28240F:/> erps hold off timeout 0 1...
Page 616: Erps Guard-Timeout
User’s Manual of MGSW-28240F erps guard-timeout Description: Configuring guard timeout for a protection group guard timeout should be configured in the increments of 10 milliseconds minimum guard timeout 10ms and maximum 2 seconds. <guard_timeout> : guard timeout. <group-id> : protection group id for configuring guard time.
Page 617: Erps Delete
User’s Manual of MGSW-28240F Example: MGSW-28240F:/> erps wtr-timeout 1 1 erps delete Description: Deletion of a protection group. <group-id> : protection group id for deletion. Syntax: Erps delete <group-id> Parameters: <group-id>: protection group id 1 – 64. Example: MGSW-28240F:/> erps delete 1...
Page 618: Erps Configuration
User’s Manual of MGSW-28240F MGSW-28240F:/> erps topologychange nopropagate 1 erps configuration Description: Deletion of a protection group. <group-id> : protection group id. <statistics> : for displaying R-APS statistics. <clear> : for clearing R-APS statistics. Syntax: Erps configuration [group-id] [<statistics|clear>] Parameters: <group-id>...
Page 619: Switch Operation
User’s Manual of MGSW-28240F 7. SWITCH OPERATION 7.1 Address Table The Managed Switch is implemented with an address table. This address table composed of many entries. Each entry is used to store the address information of some node in network, including MAC address, port no, etc. This in-formation comes from the learning process of Managed Switch.
Page 620: Auto-Negotiation
User’s Manual of MGSW-28240F 7.5 Auto-Negotiation The STP ports on the Managed Switch have built-in “Auto-negotiation”. This technology automatically sets the best possible bandwidth when a connection is established with another network device (usually at Power On or Reset). This is done by detect the modes and speeds at the second of both device is connected and capable of, both 10Base-T and 100Base-TX devices can connect with the port in either Half- or Full-Duplex mode.
Page 621: Trouble Shooting
Solution: Yes, it does. However, since the MGB-SX and other non wide temperature SFP module cannot operate under -40 to 75 Degree C. Please pay attention to this point and consider use PLANET wide temperature SFP module for Managed Switch.
Page 622 User’s Manual of MGSW-28240F  While IP Address be changed or forgotten admin password – To reset the IP address to the default IP Address “192.168.0.100” or reset the password to default value. Press the hardware reset button at the front panel about 5 seconds. After the device is rebooted, you can login the management WEB interface within the same subnet of 192.168.0.xx.
Page 623: Appendex A
User’s Manual of MGSW-28240F APPENDEX A A.1 Switch's Data RJ-45 Pin Assignments - 1000Mbps, 1000Base-T PIN NO MDI-X BI_DA+ BI_DB+ BI_DA- BI_DB- BI_DB+ BI_DA+ BI_DC+ BI_DD+ BI_DC- BI_DD- BI_DB- BI_DA- BI_DD+ BI_DC+ BI_DD- BI_DC- Implicit implementation of the crossover function within a twisted-pair cable, or at a wiring panel, while not expressly forbidden, is beyond the scope of this standard.
Page 624 User’s Manual of MGSW-28240F The standard cable, RJ-45 pin assignment The standard RJ-45 receptacle/connector There are 8 wires on a standard UTP/STP cable and each wire is color-coded. The following shows the pin allocation and color of straight cable and crossover cable connection:...
Page 625: Appendex B: Glossary
User’s Manual of MGSW-28240F APPENDEX B: GLOSSARY ACE is an acronym for Access Control Entry. It describes access permission associated with a particular ACE ID. There are three ACE frame types (Ethernet Type, ARP, and IPv4) and two ACE actions (permit and deny). The ACE also contains many detailed, different parameter options that are available for individual application.
Page 626 User’s Manual of MGSW-28240F Rate Limiter ID to the ACE(s) or ingress port(s). AES is an acronym for Advanced Encryption Standard. The encryption key protocol is applied in 802.1i standard to improve WLAN security. It is an encryption standard by the U.S. government, which will replace DES and 3DES. AES has a fixed block size of 128 bits and a key size of 128, 192, or 256 bits.
Page 627 User’s Manual of MGSW-28240F transmitting CCM frames to a peer MEP. CCM is an acronym for Continuity Check Message. It is a OAM frame transmitted from a MEP to it's peer MEP and used to implement CC functionality. CDP is an acronym for Cisco Discovery Protocol.
Page 628 User’s Manual of MGSW-28240F The DHCP option 82 enables a DHCP relay agent to insert specific information into a DHCP request packets when forwarding client DHCP packets to a DHCP server and remove the specific information from a DHCP reply packets when forwarding server DHCP packets to a DHCP client.
Page 629 User’s Manual of MGSW-28240F EPS is an abbreviation for Ethernet Protection Switching defined in ITU/T G.8031. ERPS Ethernet Ring Protection Switching, or ERPS, is an effort at ITU-T under G.8032 Recommendation to provide sub-50ms protection and recovery switching for Ethernet...
Page 630 User’s Manual of MGSW-28240F connection to a particular port on a remote host (port 80 by default). An HTTP server listening on that port waits for the client to send a request message. HTTPS HTTPS is an acronym for Hypertext Transfer Protocol over Secure Socket Layer. It is used to indicate a secure HTTP connection.
Page 631 User’s Manual of MGSW-28240F from a mail server. IMAP is the protocol that IMAP clients use to communicate with the servers, and SMTP is the protocol used to transport mail to an IMAP server. The current version of the Internet Message Access Protocol is IMAP4. It is similar to Post Office Protocol version 3 (POP3), but offers additional and more complex features.
Page 632 User’s Manual of MGSW-28240F The IEEE 802.2 Logical Link Control (LLC) protocol provides a link mechanism for upper layer protocols. It is the upper sub-layer of the Data Link Layer and provides multiplexing mechanisms that make it possible for several network protocols (IP, IPX) to coexist within a multipoint network.
Page 633 User’s Manual of MGSW-28240F MEP is an acronym for Maintenance Entity Endpoint and is an endpoint in a Maintenance Entity Group (ITU-T Y.1731). MD5 is an acronym for Message-Digest algorithm 5. MD5 is a message digest algorithm, used cryptographic hash function with a 128-bit hash value.
Page 634 User’s Manual of MGSW-28240F NetBIOS is an acronym for Network Basic Input/Output System. It is a program that allows applications on separate computers to communicate within a Local Area Network (LAN), and it is not supported on a Wide Area Network (WAN).
Page 635 User’s Manual of MGSW-28240F PHY is an abbreviation for Physical Interface Transceiver and is the device that implements the Ethernet physical layer (IEEE-802.3). PING ping is a program that sends a series of packets over a network or the Internet to a specific computer in order to generate a response from that computer.
Page 636 User’s Manual of MGSW-28240F configured as part of PVLAN cannot communicate with each other. Member ports of a PVLAN can communicate with each other. QCE is an acronym for QoS Control Entry. It describes QoS class associated with a particular QCE ID.
Page 637 User’s Manual of MGSW-28240F RARP is an acronym for Reverse Address Resolution Protocol. It is a protocol that is used to obtain an IP address for a given hardware address, such as an Ethernet address. RARP is the complement of ARP.
Page 638 User’s Manual of MGSW-28240F SNAP The SubNetwork Access Protocol (SNAP) is a mechanism for multiplexing, on networks using IEEE 802.2 LLC, more protocols than can be distinguished by the 8-bit 802.2 Service Access Point (SAP) fields. SNAP supports identifying protocols by Ethernet type field values; it also supports vendor-private protocol identifier.
Page 639 User’s Manual of MGSW-28240F TACACS+ TACACS+ is an acronym for Terminal Acess Controller Access Control System Plus. It is a networking protocol which provides access control for routers, network access servers and other networked computing devices via one or more centralized servers.
Page 640 User’s Manual of MGSW-28240F determine the priority from the 6-bit ToS field in the IP header. The most significant 6 bits of the ToS field are fully decoded into 64 possibilities, and the singular code that results is compared against the corresponding bit in the IPv4 ToS priority control bit (0~63).
Page 641 User’s Manual of MGSW-28240F It is Virtual LAN. It is a method to restrict communication between switch ports. VLANs can be used for the following applications: VLAN unaware switching: This is the default configuration. All ports are VLAN unaware with Port VLAN ID 1 and members of VLAN 1.
Page 642 User’s Manual of MGSW-28240F necessarily with first generation wireless access points. WPA2 implements the full standard, but will not work with some older network cards (Wikipedia). WPA-PSK WPA-PSK is an acronym for Wi-Fi Protected Access - Pre Shared Key. WPA was designed to enhance the security of wireless networks.
Page 643: Ec Declaration Of Conformity
24-Port 100/1000Base-X SFP + 4-Port 10G SFP+ L2/L4 Managed Metro Ethernet Switch * Produced by: Manufacturer‘s Name : Planet Technology Corp. Manufacturer‘s Address: 10F., No.96, Minquan Rd., Xindian Dist., New Taipei City 231, Taiwan (R.O.C.). Is here with confirmed to comply with the requirements set out in the Council Directive on the Approximation of the Laws of the Member States relating to Electromagnetic Compatibility Directive on (2004/108/EC).