AT-8000/8POE Layer 2 Fast Ethernet Switch AT-8000/8POE Layer 2 Fast Ethernet Switch User Guide AT-S81 Version 1.3.0 (V1.1.1.90) 613-001675 Rev.
Copyright © 2012 Allied Telesis, Inc. All rights reserved. No part of this publication may be reproduced without prior written permission from Allied Telesis, Inc. Allied Telesis and the Allied Telesis logo are trademarks of Allied Telesis, Incorporated. All other product names, company names, logos or other designations mentioned herein are trademarks or registered trademarks of their respective owners. Allied Telesis, Inc.
Contents Safety Symbols................................................................................................................................................. 14 Contacting Allied Telesis .................................................................................................................................. 15 Section I: Chapter 1: Overview ................................................................................................................ 19 Management Overview............
Contents Enabling Authentication Traps .......................................................................................................................... 75 Changing the Default SNMP Community Names ............................................................................................. 76 Working with Trap Receivers ............................................................................................................................ 77 Adding a Trap Receiver.............................
AT-S81 Management Software User’s Guide Untagged VLAN ....................................................................................................................................... 117 Tagged VLAN Example............................................................................................................................ 119 Working with VLANS ......................................................................................................................................
Contents Displaying the RADIUS Server Settings .........................................................................................................194 Chapter 15: Broadcast Storm Control ........................................................................................................195 Broadcast Storm Control Overview.................................................................................................................196 Configuring Broadcast Storm Control ..........................
AT-S81 Management Software User’s Guide Chapter 22: Port Trunking .......................................................................................................................... 261 Setting Up a Port Trunk .................................................................................................................................. 262 Creating a Port Trunk...............................................................................................................................
Contents Setting the Aging Time....................................................................................................................................321 Chapter 33: Working With System Files ....................................................................................................323 Downloading a New Management Software Image Using TFTP....................................................................324 Uploading or Downloading the Configuration File.............................
Figures Figure 1. Connecting the Management Cable to the Console Port .....................................................................................26 Figure 2. Login Menu...........................................................................................................................................................27 Figure 3. Main Menu............................................................................................................................................................
Figures Figure 51. Storm Control Configuration Menu ...................................................................................................................197 Figure 52. MAC Address Table Menu................................................................................................................................202 Figure 53. Display MAC Addresses by Port Menu.............................................................................................................203 Figure 54.
Tables Table 1. Menus Interface Operations .................................................................................................................................28 Table 2. Power Classes for Powered Devices ..................................................................................................................105 Table 3. Port Numbers for VLAN Example 2 ....................................................................................................................117 Table 4.
Tables 12
Preface This guide contains instructions on how to use the AT-S81 management software to manage and monitor the AT-8000/8POE Layer 2 Fast Ethernet Switch. The AT-S81 management software has three management interfaces: menus, web browser, and CLI. You access the menus and CLI interfaces through the console port on the switch or through Telnet, and the web browser interface from any management workstation on your network that has a web browser application.
Preface Safety Symbols This document uses the following conventions: Note Notes provide additional information. Caution Cautions inform you that performing or omitting a specific action may result in equipment damage or loss of data. Warning Warnings inform you that performing or omitting a specific action may result in bodily injury. Warning Warnings inform you that an eye and skin hazard exists due to the presence of a Class 1 laser device.
AT-8000/8POE Layer 2 Fast Ethernet Switch User Guide Contacting Allied Telesis If you need assistance with this product, you may contact Allied Telesis technical support by going to the Support & Services section of the Allied Telesis web site at www.alliedtelesis.com/support.
Preface 16
Section I Using the Menus Interface The chapters in this section explain how to manage the switch using the menus interface of the AT-S81 management software.
Section I: Using the Menus Interface
Chapter 1 Overview This chapter provides an overview of the AT-S81 management software for the AT-8000/8POE Fast Ethernet switch. This chapter describes the different methods for accessing the software and the management access levels.
Chapter 1: Overview Management Overview The AT-S81 management software allows you to view and adjust the operating parameters of the AT-8000/8POE Fast Ethernet switch. Here are a few examples of the functions that you can perform with the management software: Enable and disable ports Configure a port’s speed and duplex mode Create port trunks Configure a port mirror Configure Quality of Service (QoS) Create and tagged virtual LANs Configure 802.
AT-S81 Management Software User’s Guide Local Connection To establish a local connection with a switch, you connect a terminal or a PC with a terminal emulator program to the terminal port on the front of the switch using the management cable included with the unit. This type of connection is referred to as “local” because you must be physically close to the switch, such as in the wiring closet where the switch is located.
Chapter 1: Overview Remote Connection You can use any management station on your network that has the Telnet application to manage an AT-8000/8POE Fast Ethernet switch. This is referred to as a remote connection. A remote connection allows you to use any of the AT-S81 software user interfaces: menus, CLI, web browser, or SNMP. In order for you to manage a switch using the web browser interface, the switch must have an IP address and subnet mask.
AT-S81 Management Software User’s Guide Management Access Level The AT-S81 management software has one level of management access: manager. When you log in as a manager, you can view and configure all of a switch’s operating parameters. You log in as a manager by entering the appropriate username and password when you start an AT-S81 management session. The default username is “manager” and the default password is “friend”.
Chapter 1: Overview 24
Chapter 2 Getting Started with the Menus Interface This chapter provides information and instructions on how to access the menus interface of the AT-S81 management software by starting a local management session.
Chapter 2: Getting Started with the Menus Interface Starting a Local Management Session You establish a local management session with the AT-8000/8POE switch by connecting a terminal or personal computer with a terminal emulation program to the RS-232 console port on the front panel of the switch. Note You do not need to assign an IP address to the switch to manage the unit from a local management session. To start a local management session, perform the following procedure: 1.
AT-S81 Management Software User’s Guide The Login Menu is shown in Figure 2. ============================================================== AT-8000/8POE Management System Local - Console Allied Telesis International Corp. Copyright 2007 ============================================================== Login Menu Login: Figure 2. Login Menu 4. Enter the manager login name and press Return. The default name is “manager”. You are prompted for a password. 5. Enter the manager password.
Chapter 2: Getting Started with the Menus Interface Using the Menus Interface If you are using a DEC VT00 or ANSI (the default) terminal configuration, refer to Table 1 for instructions on how to move through the menus and select menu options. Table 1. Menus Interface Operations When directed to You must Make a menu selection Type the menu option letter enclosed in brackets, such as typing P to select [P]ort Configuration. Enter information (for example, entering a port number) Enter the information.
AT-S81 Management Software User’s Guide Quitting from a Local Management Session To quit a local management session, return to the Main Menu and type Q for Quit. When you are finished managing the switch, make sure to exit from a management session. Quitting from a local session prevents unauthorized changes to the switch’s configuration if you leave your workstation unattended.
Chapter 2: Getting Started with the Menus Interface 30 Section I: Using the Menus Interface
Chapter 3 Basic Switch Parameters This chapter contains the following sections: Section I: Using the Menus Interface “Configuring the IP Address, Subnet Mask, and Gateway Address” on page 32 “Enabling and Disabling the DHCP Client” on page 35 “Configuring System Administration Information” on page 36 “Setting the User Interface Configuration” on page 38 “Disabling or Enabling the Web Server” on page 42 “Disabling or Enabling the Telnet Server” on page 43 “Viewing Switch Inform
Chapter 3: Basic Switch Parameters Configuring the IP Address, Subnet Mask, and Gateway Address This procedure explains how to manually assign an IP address, subnet mask, and gateway address to the switch. Before performing the procedure, note the following: An IP address and subnet mask are not required for normal network operations of the switch. Values for these parameters are only required if you want to remotely manage the device with a web browser.
AT-S81 Management Software User’s Guide 2. From the Basic Switch Configuration Menu, type I to select System IP Configuration. The System IP Configuration Menu is shown in Figure 5. AT-8000/8POE Local Management System Basic Switch Configuration -> System IP Configuration Menu MAC Address: IP Address: Subnet Mask: Gateway: DHCP Mode: 00:06:5H:B2:65:84 0.0.0.0 0.0.0.0 0.0.0.
Chapter 3: Basic Switch Parameters b. Enter the subnet mask for the switch. 5. To set the switch’s gateway address, do the following: a. Type G to select Set Default Gateway. The following prompt is displayed: Enter new gateway IP address> b. Enter the gateway IP address for the switch.
AT-S81 Management Software User’s Guide Enabling and Disabling the DHCP Client This procedure explains how to activate and deactivate the DHCP client on the switch. When the client is activated, the switch obtains its IP configuration, such as its IP address and subnet mask, from a DHCP server on your network. Before performing the procedure, note the following: An IP address and subnet mask are not required for normal network operations of the switch.
Chapter 3: Basic Switch Parameters Configuring System Administration Information This section explains how to assign a name to the switch, as well as specify the location of the switch and the name of the switch’s administrator. Entering this information is optional. To set a switch’s administration information, perform the following procedure: 1. From the Main Menu, type B to select Basic Switch Configuration. The Basic Switch Configuration Menu is shown in Figure 4 on page 32. 2.
AT-S81 Management Software User’s Guide b. Type a name for the switch (for example, Sales). The name is optional and can contain up to 50 characters. Note Allied Telesis recommends that you assign names to the switches. Names can help you identify the switches when you manage them and can also help you avoid performing a configuration procedure on the wrong switch. 4. To enter the system’s location, do the following: a. Type L to select Set System Location.
Chapter 3: Basic Switch Parameters Setting the User Interface Configuration This procedure explains how to adjust the user interface and security features on the switch. With this procedure you can change various settings that control user access to the switch. To set the switch’s user interface configuration, perform the following procedure: 1. From the Main Menu, type B to select Basic Switch Configuration. The Basic Switch Configuration Menu is shown in Figure 4 on page 32. 2.
AT-S81 Management Software User’s Guide The SNMP option is described in “Enabling or Disabling the SNMP Agent” on page 74. The RADIUS Server Configuration option is described Chapter 14, “RADIUS Authentication Protocol” on page 189. 3. To configure the console UI idle time out parameter, do the following: a. Type C to select Set Console UI Time Out. The following prompt is displayed: Enter console idle timeout> b. Enter a number for the timeout value.
Chapter 3: Basic Switch Parameters The Telnet UI idle time out parameter specifies the length of time a remote Telnet management session can be inactive before the management software automatically ends it. This feature prevents unauthorized individuals from configuring the switch if you leave your management workstation unattended. This parameter applies to a local management session but not to a remote SNMP or web management session.
AT-S81 Management Software User’s Guide c. Enter the new password. The password can be from 0 to 12 characters. Allied Telesis recommends not using special characters, such as spaces and exclamation points. The password is case sensitive. Not entering a new password deletes the current password without assigning a new one. The following prompt is displayed: Retype new password> d. Retype the new password. You must use the new login password the next time you start a local or remote management session.
Chapter 3: Basic Switch Parameters Disabling or Enabling the Web Server The AT-S81 management software is shipped with web server software. The software is available so that you can remotely manage the switch with a web browser from any management station on your network. (The instructions for managing a switch with a web browser are described in Chapter 18, “Starting a Web Browser Management Session” on page 217.
AT-S81 Management Software User’s Guide Disabling or Enabling the Telnet Server This procedure describes how to enable or disable the Telnet server on the switch. The default setting for the Telnet server is enabled, To disable or enable the Telnet server, perform the following procedure: 1. From the Main Menu, type B to select Basic Switch Configuration. The Basic Switch Configuration Menu is shown in Figure 4 on page 32. 2.
Chapter 3: Basic Switch Parameters Configuring SNTP The AT-S81 software is shipped with the client version of the Simple Network Time Protocol (SNTP). You can configure AT-S81 to obtain the current time and date from an SNTP or Network Time Protocol (NTP) server located on your network or on the internet. SNTP is a reduced version of the NTP. However, the SNTP client software is interoperable with NTP servers. To configure SNTP, perform the following procedure: 1.
AT-S81 Management Software User’s Guide Enter new IP address> b. Type the IP address for the SNTP server you want to use. 4. To set the SNTP interval: a. Type I to select Set SNTP Interval. The following prompt is displayed: Enter Interval Time> b. Type a number to specify the number of minutes between occurrences of polling the SNTP server. The range is 1 to 60 minutes and the default is 1 minute. 5. To set the time zone: a. Type Z to select Set Time Zone.
Chapter 3: Basic Switch Parameters c. Type S to choose Set Time Zone. The following message is prompt is displayed: Select time zone> d. Type the number that corresponds to the time zone you want. If you selected a time zone that observes daylight saving time, the following prompt is displayed: Enable or Disable Daylight Saving (E/D)> e. Type D to disable the daylight saving time or E to enable it. Note You must set the time zone in order to display the daylight saving time option.
AT-S81 Management Software User’s Guide Viewing Switch Information To view general information about the switch, perform the following procedure: 1. From the Main Menu, type G to select General Information. The General Information menu is shown in Figure 10. AT-8000/8POE Local Management System Main Menu -> General Information System up for : 24min(s), 36sec(s) Runtime Image : Version 1.0 Boot Loader : Version 1.
Chapter 3: Basic Switch Parameters Hardware Information Section Version The hardware version number. Fixed Baud Rate The baud rate of the console port. You cannot change this parameter. DRAM Size The size of the DRAM, in megabytes. Flash Size The size of the flash memory, in megabytes. Administration Information Section Switch Name The name assigned to the switch. To assign the switch a name, refer to “Configuring System Administration Information” on page 36. Switch Location The location of the switch.
AT-S81 Management Software User’s Guide Automatic Network Features Section DHCP Mode The status of the DHCP client on the switch. For information about setting this parameter, refer to “Enabling and Disabling the DHCP Client” on page 35. 2. Press any key to return to the previous menu.
Chapter 3: Basic Switch Parameters Rebooting the Switch This procedure reboots the switch and reloads the AT-S81 management software from flash memory. You might reboot the device if you believe it is experiencing a problem. Rebooting the device does not change any of the device’s parameter settings. Caution The switch does not forward network traffic during the reboot process. Some network traffic may be lost. To reboot the switch, perform the following procedure: 1.
AT-S81 Management Software User’s Guide The System Reboot Menu is shown in Figure 12. AT-8000/8POE Local Management System Main Menu -> System Reboot Menu Reboot Status: Reboot Type: Stop Normal ---------------------- ---------------------------Set Reboot [O]ption Start [R]eboot Process [Q]uit to previous menu Command> Figure 12. System Reboot Menu 3. From the System Reboot menu, type O to select Set Reboot Option. The following prompt is displayed: Select reboot option (F/I/N)> 4.
Chapter 3: Basic Switch Parameters Pinging a Remote System This procedure instructs the switch to ping a node on your network. This procedure is useful in determining whether an active link exists between the switch and another network device. Note the following before performing the procedure: The switch where you are initiating the ping must have an IP address and subnet mask. The device you are pinging must be a member of the Default VLAN.
AT-S81 Management Software User’s Guide 3. Type I to select Set Target IP Address. The following prompt is displayed: Enter new target IP address> 4. Enter the IP address of the node you want the switch to ping. 5. Type N to select Set Number of Requests. The following prompt is displayed: Enter new number of requests> 6. Enter the number of ping requests you want the switch to perform. The range is 1 to 10. The default is 10. 7. Type T to select Set Timeout Value.
Chapter 3: Basic Switch Parameters 10. Type E to execute the ping or C to clear previous ping data before performing this ping. Figure 14 shows an example of the results of a ping. AT-8000/8POE Local Management System Switch Tools Configuration -> Ping Execution Target IP Address: 149.35.8.33 Number of Requests: 4 Timeout Value (sec): 3 ================Result================= No. 1 20 ms No. 2 20 ms No. 3 20 ms No.
AT-S81 Management Software User’s Guide Working with the System Log The system log displays system-level events in the switch, such as logging in to the management software. You can view the system log locally, or send the system log file to a remote location. This section contains the following procedures: Viewing the System Log “Viewing the System Log,” next “Sending the System Log to a Remote Server” on page 57 To view the system log, perform the following procedure: 1.
Chapter 3: Basic Switch Parameters ID An indentifying number for the event. Date The date that the event occurred. Time The time that the event occurred. Note When you enable the SNTP protocol, switch startup events show the default system date until SNTP polls for the current date and time. L Severity level of the event. The severity levels are: (I)nformation - Useful information that you can ignore during normal operation. (W)arning - An issue that may require a manager’s attention.
AT-S81 Management Software User’s Guide 3. To remove the current log entries, type L to select Clear the Log Entries. Sending the System Log to a Remote Server The syslog protocol allows you to collect messages and events produced by a wide variety of network equipment in a single place. For instance, instead of viewing the event logs of several separate AT-8000/8POE Fast Ethernet switches, you can have those events sent to a single syslog server on your network.
Chapter 3: Basic Switch Parameters 6. Type a number from 0 to 7 that corresponds to the facility number on your network. 7. Type E to select Enable/Disable Remote System Log. The following prompt is displayed: Enable or Disable remote system log (E/D)> 8. Type E to enable events to be sent to the remote system log, or D to disable this feature.
AT-S81 Management Software User’s Guide Returning the AT-S81 Management Software to the Factory Default Values This procedure returns all AT-S81 management software parameters to their default values and deletes all tagged and VLANs on the switch. The AT-S81 management software default values are listed in Appendix A, ”AT-8000/POE Default Settings” on page 345. Caution This procedure causes the switch to reboot. The switch does not forward network traffic during the reboot process.
Chapter 3: Basic Switch Parameters 5. Type R to select Start Reboot Process. The following prompt is displayed: Are you sure you want to reboot the system (Y/N)> 6. Type Y to start the reboot process. The switch returns its operating parameters to the default values and begins to reload the AT-S81 management software. This process takes approximately one minute to complete. You can not manage the device during the reboot.
Chapter 4 Port Configuration This chapter contains the procedures for viewing and adjusting the parameter settings for the ports on the switch.
Chapter 4: Port Configuration Displaying the Port Parameters To display the parameter settings for the ports on the switch, perform the following procedure: 1. From the Main Menu, type B to select Basic Switch Configuration. The Basic Switch Configuration Menu is shown in Figure 4 on page 32. 2. From the Basic Switch Configuration Menu, type P to select Port Configuration. The Port Configuration Menu is shown in Figure 17.
AT-S81 Management Software User’s Guide The Port Configuration Menu displays the following columns of information about the status of the ports: Port The port number. Trunk The trunk group number. This column contains the number of the port trunk if the port is a member of a trunk. To configure a trunk, refer to Chapter 6, “Port Trunking” on page 81. Type The port type. The type for an RJ-45 copper port is 10/100TX. The port type for the fiber optic ports is 1000BaseX.
Chapter 4: Port Configuration Enabling and Disabling a Port This procedure enables and disables a port. You may want to disable a port and prevent packets from being forwarded if a problem occurs with the node or cable connected to the port. After the problem has been fixed, you can enable the port to resume normal operation. You can also disable an unused port to secure it from unauthorized connections. The default setting for a port is enabled.
AT-S81 Management Software User’s Guide Setting a Port’s Speed and Duplex Mode To change a port’s speed or duplex mode, perform the following procedure: 1. From the Main Menu, type B to select Basic Switch Configuration. The Basic Switch Configuration Menu is shown in Figure 4 on page 32. 2. From the Basic Switch Configuration Menu, type P to select Port Configuration. The Port Configuration Menu is shown in Figure 17 on page 62. 3. Type M to select Set Mode.
Chapter 4: Port Configuration connecting an end node with a fixed duplex mode of full-duplex to a switch port, disable Auto-Negotiation on the port and set the port’s speed and duplex mode manually. 66 The only valid setting for an SFP port is AutoNegotiation.
AT-S81 Management Software User’s Guide Changing the Flow Control Setting Flow control applies to ports operating in full-duplex mode. A switch port uses flow control to control the flow of ingress packets from its end node. A port using flow control issues a special frame, referred to as a PAUSE frame, as specified in the IEEE 802.3x standard, to stop the transmission of data from an end node. When a port needs to stop an end node from transmitting data, it issues this frame.
Chapter 4: Port Configuration Displaying Port Statistics To display statistics about a port, perform the following procedure: 1. From the Main Menu, select Statistics. The Statistics menu is shown in Figure 18. AT-8000/8POE Local Management System Main Menu -> Statistics Menu Port: 1 Elapsed Time Since System Up: 003.23.27.17
AT-S81 Management Software User’s Guide Good Broadcast Number of valid broadcast packets received on the port. Good Multicast Number of valid multicast packets received on the port. CRC/Align Errors Number of packets with a cyclic redundancy check (CRC) error but with the proper length (64-1518 bytes) received on the port. Undersize Pkts Number of packets that were less than the minimum length specified by IEEE 902.3 (64 bytes including the CRC) received on the port.
Chapter 4: Port Configuration The following prompt is displayed: Select port number> b. Type the number of the port whose statistics you want to view. 3. Type N for Next or P for Previous to move between ports. 4. To view the statistics for a particular port since the switch was last reset, select the port and then type R for Since Reset. 5. To stop refreshing the statistics, type T for Stop Refresh.
Chapter 5 SNMP This chapter contains the following sections: Section I: Using the Menus Interface “SNMP Overview” on page 72 “Enabling or Disabling the SNMP Agent” on page 74 “Enabling Authentication Traps” on page 75 “Changing the Default SNMP Community Names” on page 76 “Working with Trap Receivers” on page 77 71
Chapter 5: SNMP SNMP Overview The Simple Network Management Program (SNMP) is another way for you to manage the switch. This type of management involves viewing and changing the management information base (MIB) objects on the device using an SNMP application program. The AT-S81 management software supports SNMPv1 and SNMPv2c which is always disabled on the switch.
AT-S81 Management Software User’s Guide device. You can enable it again later, or even delete it. When a community string is enabled, then it is available for use. Trap Receivers A trap is a signal sent to one or more management workstations by the switch to indicate the occurrence of a particular operating event on the device. There are numerous operating events that can trigger a trap.
Chapter 5: SNMP Enabling or Disabling the SNMP Agent To disable or enable the SNMP agent, perform the following procedure: 1. From the Main Menu, type B to select Basic Switch Configuration. The Basic Switch Configuration Menu is shown in Figure 4 on page 32. 2. From the Basic Switch Configuration Menu, type U to select User Interface Configuration. The User Interface Configuration Menu is shown in Figure 7 on page 38. 3.
AT-S81 Management Software User’s Guide Enabling Authentication Traps To enable SNMP authentication traps, perform the following procedure: 1. From the Main Menu, type B to select Basic Switch Configuration. The Basic Switch Configuration Menu is shown in Figure 4 on page 32. 2. From the Basic Switch Configuration menu, type N to select SNMP Configuration. The SNMP Configuration menu is shown in Figure 19.
Chapter 5: SNMP Changing the Default SNMP Community Names To change the names of the default SNMP communities, perform the following procedure: 1. From the Main Menu, type B to select Basic Switch Configuration. The Basic Switch Configuration Menu is shown in Figure 4 on page 32. 2. From the Basic Switch Configuration menu, type N to select SNMP Configuration. The SNMP Configuration menu is shown in Figure 19 on page 75. 3. Type R to select Set SNMP Read Community.
AT-S81 Management Software User’s Guide Working with Trap Receivers This section contains procedures for working with SNMP trap receivers and includes the following topics: Adding a Trap Receiver “Adding a Trap Receiver,” next “Enabling or Disabling Trap Receivers” on page 77 “Modifying a Trap Receiver” on page 78 “Deleting a Trap Receiver” on page 79 You must add a trap receiver before you can enable it. To add a trap receiver, perform the following procedure. 1.
Chapter 5: SNMP The Basic Switch Configuration Menu is shown in Figure 4 on page 32. 2. From the Basic Switch Configuration menu, type N to select SNMP Configuration. The SNMP Configuration menu is shown in Figure 19 on page 75. 3. Type T to select Enable/Disable SNMP Trap Receiver. The following prompt is displayed: Set SNMP trap receivers status->Enter entry number> 4. Enter the number of the trap receiver you want to enable or disable.
AT-S81 Management Software User’s Guide Note The trap receiver must be one whose status is not “deleted.” 4. Enter the number for the trap you want to modify. The following prompt is displayed: Modify trap receiver entry number (I/C/B)> The options are: I - Modify the IP address of the trap receiver. To modify only the IP address, type I and follow the prompts. C - Modify the community name of the trap receiver. To modify only the community name, type C and follow the prompts.
Chapter 5: SNMP 80 Section I: Using the Menus Interface
Chapter 6 Port Trunking This chapter provides information and procedures for creating a port trunk and contains the following sections: Section I: Using the Menus Interface “Port Trunking Overview” on page 82 “LACP Trunks” on page 84 “Setting Up a Port Trunk” on page 87 “Setting Up an LACP Trunk” on page 92 81
Chapter 6: Port Trunking Port Trunking Overview Port trunking is an economical way for you to increase the bandwidth between two Ethernet switches. A port trunk is 2 to 8 ports that have been grouped together to function as one logical path. A port trunk increases the bandwidth between switches and is useful in situations where a single physical data link between switches is insufficient to handle the traffic load.
AT-S81 Management Software User’s Guide backup. If a port in a static trunk loses its link, the trunk’s total bandwidth is diminished. Though the traffic carried by the lost link is shifted to one of the remaining ports in the trunk, the bandwidth remains reduced until the lost link is reestablished or you reconfigure the trunk by adding another port to it.
Chapter 6: Port Trunking LACP Trunks An LACP (Link Aggregation Control Protocol) trunk is another type of port trunk. It performs the same function as a static trunk. It increases the bandwidth between two network devices by distributing the traffic load over multiple physical links. The advantage of an LACP trunk over a static port trunk is its flexibility. While implementations of static trunking tend to be vendor specific, the AT-S81 implementation of LACP is compliant with the IEEE 802.3ad standard.
AT-S81 Management Software User’s Guide highest priorities are designated as the active ports in an aggregate trunk. For example, if both 802.3ad-compliant devices support up to four active ports and there are a total of eight ports in the trunk, the four ports with the lowest priority settings are designated as the active ports, and the others are placed in standby mode. If an active link goes down on a active port, the standby port with the highest priority is automatically activated to take its place.
Chapter 6: Port Trunking 86 The ports of an trunk group must be untagged members of the same VLAN. An LACP trunk does not forward VLAN ID information. 10/100Base-TX twisted pair ports must be set to AutoNegotiation or 100 Mbps, full-duplex mode. LACP trunking is not supported in half-duplex mode. 1000Base-X fiber optic ports must be set to full-duplex mode. You can create a trunk group that includes transceivers with 1000Base-X fiber optic ports.
AT-S81 Management Software User’s Guide Setting Up a Port Trunk This section contains the following procedures for working with port trunks: Creating a Port Trunk “Creating a Port Trunk” on page 87 “Modifying a Port Trunk” on page 89 “Enabling or Disabling a Port Trunk” on page 90 This procedure explains how to create a port trunk. Caution Do not connect the cables to the ports on the switches until after you have configured and enabled the trunk with the management software.
Chapter 6: Port Trunking 2. From the Advanced Switch Configuration Menu, type T to select Trunk Configuration. The Trunk Configuration Menu is shown in Figure 22.
AT-S81 Management Software User’s Guide The following prompt is displayed: Set trunk group n status (A/P/M/D)> 8. Type M to select Manual Trunk for a basic trunk without LACP handling. The A and P options apply to LACP trunks. See “Setting Up an LACP Trunk” on page 92 for more information. The trunk is now operational on the switch. 9. Configure the port trunk on the other switch and connect the cables. Modifying a Port Trunk This procedure adds and removes ports from a port trunk.
Chapter 6: Port Trunking You can specify the ports individually, separated by commas (for example, 1,2,5), as a range of ports separated by a hyphen (for example, 2-4), or both (for example, 1,3, 6-8). 6. Modify the port trunk on the other switch and reconnect the cables. Enabling or Disabling a Port Trunk This procedure enables and disables a port trunk. Note the following before performing this procedure: Do not enable a port trunk until after you have configured the trunk on both switches.
AT-S81 Management Software User’s Guide 4. Type the number of the trunk group you want to enable or disable. The following prompt is displayed: Set trunk group n status (A/P/M/D)> 5. Type M to enable a manual trunk, or D to disable the trunk.
Chapter 6: Port Trunking Setting Up an LACP Trunk This section contains the following procedures to work with LACP trunks: “Creating an LACP Trunk,” next “Configuring the LACP Port Priority” on page 93 “Viewing the LACP Group Settings” on page 94 “Disabling an LACP Trunk” on page 95 Note Create the trunk before you make it an LACP trunk. For more information, see “Setting Up a Port Trunk” on page 87. Creating an LACP Trunk To create an LACP trunk, perform the following procedure: 1.
AT-S81 Management Software User’s Guide Note LACP must be enabled at both ends of the link to be operational. Configuring the LACP Port Priority LACP port priority determines which port is the backup port to another port when the link to that port is down. The port with the lowest value has the highest value, and is selected to join the link aggregation group first. To configure the LACP port priority, perform the following procedure: 1. From the Main Menu, type A to select Advanced Switch Configuration.
Chapter 6: Port Trunking Enter port no> 5. Type the number of the port whose priority you want to set. The following prompt is displayed: Enter port priority> 6. Enter a number for the priority of the port. The range is 1 to 255, and the default is 1. Viewing the LACP Group Settings To view the LACP group settings, perform the following procedure: 1. From the Main Menu, type A to select Advanced Switch Configuration. The Advanced Switch Configuration Menu is shown in Figure 21 on page 87. 2.
AT-S81 Management Software User’s Guide 4. Type a number from 1 to 4 to specify the admin key of the trunk you want to view. The LACP Group Status Menu opens, as shown in Figure 24.
Chapter 6: Port Trunking The Advanced Switch Configuration Menu is shown in Figure 21 on page 87. 2. From the Advanced Switch Configuration Menu, type T to select Trunk Configuration. The Trunk Configuration Menu is shown in Figure 22 on page 88. 3. From the Trunk Configuration Menu, type O to select S to select Set Trunk Status. The following prompt is displayed: Enter trunk group number> 4. Enter the trunk group number. Set trunk group n status (A/P/M/D)> 5. Type D to select Disabled.
Chapter 7 Port Mirroring This chapter contains the procedure for setting up port mirroring. Port mirroring allows you to unobtrusively monitor the ingress and egress traffic on a port by having the traffic copied to another port.
Chapter 7: Port Mirroring Port Mirroring Overview The port mirroring feature allows you to unobtrusively monitor the ingress and egress traffic on a port on the switch by having the traffic copied to another switch port. By connecting a network analyzer to the port where the traffic is being copied to, you can monitor the traffic on the other port without impacting its performance or speed. The port whose traffic you want to mirror is called the mirrored port.
AT-S81 Management Software User’s Guide Configuring Port Mirroring To set up port mirroring, perform the following procedure: 1. From the Main Menu, type A to select Advanced Switch Configuration. The Advanced Switch Configuration Menu is shown in Figure 21 on page 87. 2. From the Advanced Switch Configuration Menu, type M to select Port Mirroring Configuration. The Port Mirroring Configuration Menu is shown in Figure 25.
Chapter 7: Port Mirroring 7. To enable or disable Port Mirroring, See “Enabling or Disabling Port Mirroring” on page 101.
AT-S81 Management Software User’s Guide Enabling or Disabling Port Mirroring To enable or disable port mirroring, perform the following procedure: 1. From the Main Menu, type A to select Advanced Switch Configuration. The Advanced Switch Configuration Menu is shown in Figure 21 on page 87. 2. From the Advanced Switch Configuration Menu, type M to select Port Mirroring Configuration. The Port Mirroring Menu is shown in Figure 25 on page 99. 3. Type E to select Enable/Disable Port Mirroring.
Chapter 7: Port Mirroring 102 Section I: Using the Menus Interface
Chapter 8 Power Over Ethernet This chapter contains the following sections: Section I: Using the Menus Interface “PoE Overview” on page 104 “Configuring PoE” on page 107 103
Chapter 8: Power Over Ethernet PoE Overview The twisted pair ports on the AT-8000/8POE Fast Ethernet Switch feature Power over Ethernet (PoE). PoE is a mechanism for supplying power to network devices over the same twisted pair cables used to carry network traffic. This feature can simplify network installation and maintenance by allowing you to use the switch as a central power source for other network devices. A device that receives its power over an Ethernet cable is called a powered device.
AT-S81 Management Software User’s Guide Port Prioritization for Power Allocation The AT-S81 management software also allows you to prioritize the ports in the event that the powered devices require more power than the switch can deliver. This feature ensures that the most important powered devices connected to the switch are guaranteed to have power.
Chapter 8: Power Over Ethernet Note The standard specifies five classes, but the fifth is reserved for future use. Manufacturers set the power class of their PoE powered devices. You cannot adjust this. You can view the power class of each device in the Power Over Ethernet menu, shown in Figure 26 on page 107. Even though each port is capable of supplying up to 15.4 W, the standard calls for a maximum power consumption of 12.95 W, 2.45 W less than the port can supply.
AT-S81 Management Software User’s Guide Configuring PoE This section contains the following procedures: Displaying the PoE Configuration “Displaying the PoE Configuration,” next “Changing the PoE Port’s Admin Setting” on page 108 “Setting the PoE Port’s Priority” on page 109 To display the current PoE Configuration, perform the following procedure: 1. From the Main Menu, type A to select Advanced Switch Configuration. The Advanced Switch Configuration Menu is shown in Figure 21 on page 87. 2.
Chapter 8: Power Over Ethernet port’s status and priority. The table includes the following items of information: Admin The status of the port, either up or down. To change the Admin selection, refer to “Changing the PoE Port’s Admin Setting” on page 108. Status The status of PoE power on that port, including: Powered - The port is providing power to a powered device. Not Powered - The device is not a powered device or that no device is connected to the port.
AT-S81 Management Software User’s Guide 3. Type U to change the status to Up (online), or type D to change the status to Down (offline). Setting the PoE Port’s Priority The priority defines which port and its attached PoE powered device should receive priority for the available power over other PoE devices. For more information about port priority, refer to “Port Prioritization for Power Allocation” on page 105. To set the port priority, perform the following procedure: 1.
Chapter 8: Power Over Ethernet 110 Section I: Using the Menus Interface
Chapter 9 Virtual LANs and GVRP This chapter contains the procedures for creating, modifying, and deleting and tagged Virtual Local Area Networks (VLANs).
Chapter 9: Virtual LANs and GVRP VLAN Features A Virtual Local Area Network (VLAN) is a logical grouping of devices on different physical LAN segments that allows users to communicate as if they were physically connected to a single LAN, independent of the physical configuration of the network. With VLANs, you can segment your network and group end-nodes with related functions into their own separate, logical LAN segments.
AT-S81 Management Software User’s Guide VLANs can be used to control the flow of data in your network, since the traffic generated by an end-node in a VLAN is restricted to the other endnodes in the same VLAN.
Chapter 9: Virtual LANs and GVRP VLAN Overview This VLAN overview contains the following sections: “VLAN Name,” next “VLAN Identifier” on page 114 “VLAN Port Members” on page 114 “Port VLAN Identifier” on page 114 “Incoming and Outgoing Tagged and Untagged Frames” on page 115 “Guidelines for Creating a VLAN” on page 116 VLAN Name To create a port-based VLAN, you must give it a name. The name should reflect the function of the network devices that are be members of the VLAN.
AT-S81 Management Software User’s Guide Note The switch is preconfigured with the Default_VLAN only. All ports on the switch are initially members of the Default_VLAN. If a port is assigned to be a new member of a VLAN, its membership can be defined as either tagged or untagged. Tagged Port Members A port is a tagged member of a VLAN when the PVID does not equal the VID. In this case, the port must be a member of two or more VLANs.
Chapter 9: Virtual LANs and GVRP Outgoing Frames Frames being transmitted from the switch retain their VLAN tag information in the frame header if the frame’s tag does not match the PVID of the port (a tagged member of that VLAN). These frames are untagged after transmission from the switch. The VLAN tag information in the header of the frame is stripped from the frame’s header if the tag matches the PVID of the port (an untagged member of the VLAN).
AT-S81 Management Software User’s Guide Untagged VLAN Figure 27 illustrates how VLANs with untagged port members can be interconnected. In this example, the Sales VLAN spans two AT-8000/8POE Fast Ethernet switches via a router , while the Production VLAN is limited to just one switch. Figure 27. VLAN - Example 2 The table below lists the port numbers for the Sales, Engineering, and Production VLANs on the switches. In this example, all ports are untagged members of their respective VLANS. Table 3.
Chapter 9: Virtual LANs and GVRP 118 Sales VLAN - This VLAN spans both switches. It has a VID value of 2 and consists of four untagged port members on the top switch and three untagged port members on the bottom switch. The two parts of the VLAN are connected by a direct link from port 4 on the top switch to port 1 on the bottom switch. This direct link allows the two parts of the Sales VLAN to function as one logical LAN segment.
AT-S81 Management Software User’s Guide Tagged VLAN Example Figure 28 illustrates how tagged and untagged ports can be used to interconnect IEEE 802.1Q-based products. Figure 28. Example of a Tagged VLAN The port assignments for the VLANs are as follows: Table 4.
Chapter 9: Virtual LANs and GVRP Ports 1 and 3 on the top switch and ports 2 and 4 on the bottom switch are assigned a PVID of 2 and are untagged members of only VLAN 2. These ports are connected to workstations from Sales. Ports 2 and 4 on the top switch and ports, 3, 6, and 8 on the bottom switch are assigned a PVID of 3 and are untagged members of VLAN 3 only. These ports are connected to workstations from Engineering.
AT-S81 Management Software User’s Guide Working with VLANS This section contains the following procedures: Creating a VLAN “Creating a VLAN,” next “Configuring the Port PVID” on page 124 “Restricting Management VLAN Access” on page 125 “Displaying the VLANs” on page 126 “Modifying a VLAN” on page 128 “Deleting a VLAN” on page 129 “Resetting to the Default VLAN” on page 130 This section contains the procedure for creating a new VLAN.
Chapter 9: Virtual LANs and GVRP The VLAN Management Menu, which displays any existing VLANs, is shown in Figure 29.
AT-S81 Management Software User’s Guide The VLAN Creation Menu is shown in Figure 30. AT-8000/8POE Local Management System VLAN Management -> VLAN Creation Menu VLAN ID : VLAN Name : Port Member ---------------------------------------------------------------------- ------------------------- ---------------------------------Set VLAN [I]D/[I]ndex S[e]lect Port Member Set VLAN [N]ame [A]pply [Q]uit to Previous Menu Command> Figure 30. VLAN Creation Menu 4.
Chapter 9: Virtual LANs and GVRP a. Type S to select Select Port Number. The following prompt is displayed: Enter port number > b. Enter the ports of the VLAN. You can specify the ports individually separated by commas, for example, 2,7,15, as a range of ports separated by a hyphen, for example, 2-4, or both, for example, 2-7,15,17. 7. When the VLAN is complete, type A to select Apply and apply the VLAN settings. The VLAN Management Menu is displayed again with information about the VLAN you just created.
AT-S81 Management Software User’s Guide The VLAN Port Configuration Menu is shown in Figure 29 on page 122 4. Type V to select Set Port VID. The following prompt is displayed: Set PVID->Enter port number 5. Type the number of the port whose PVID value you want to configure. You can configure only one port at a time. The following prompt is displayed: Enter PVID for port n 6. Enter the new PVID for the port. The PVID should equal the VID of the VLAN where you want the port to be an untagged member.
Chapter 9: Virtual LANs and GVRP Displaying the VLANs To display a list of the VLANs on the switch, perform the following procedure: 1. From the Main Menu, type A to select Advanced Switch Configuration. The Advanced Switch Configuration Menu is shown in Figure 21 on page 87. 2. From the Advanced Switch Configuration Menu, type V to select VLAN Management. The VLAN Management Menu is shown in Figure 29 on page 122.
AT-S81 Management Software User’s Guide The Config VLAN Member Menu is shown in Figure 31. AT-8000/8POE Local Management System VLAN Management -> Config VLAN Member VLAN ID : 3 VLAN Name: Marketing Port Tagging ---------------------------------------------------------------------4 No 5 No 6 Yes 7 No 8 No ----------------------- -----------------------------------[N]ext Page [C]hange VLAN Name [A]dd VLAN Member [P]revious page [R]emove VLAN Member [Q]uit to Previous Menu Command> Figure 31.
Chapter 9: Virtual LANs and GVRP Modifying a VLAN The topics in this section include: Before performing this procedure, note the following: You cannot change the VID of a VLAN. You cannot add an untagged port to a VLAN with this procedure. That function requires changing a port’s VID value, as explained in “Configuring the Port PVID” on page 124 You cannot remove an untagged port from a VLAN with this procedure.
AT-S81 Management Software User’s Guide To add a tagged port to the VLAN, perform the following procedure: 1. From the Main Menu, type A to select Advanced Switch Configuration. The Advanced Switch Configuration Menu is shown in Figure 21 on page 87. 2. From the Advanced Switch Configuration Menu, type V to select VLAN Management. The VLAN Management Menu is shown in Figure 29 on page 122. 3. To add a tagged port, type A for Add Member. The following prompt is displayed: Add member->Enter port number > 4.
Chapter 9: Virtual LANs and GVRP 4. Enter the VLAN ID of the VLAN you want to delete. You can enter only one VID. Note The VLAN is immediately deleted with no confirmation prompt. Note You cannot delete the Default VLAN which has a VID of 1. The VLAN Management Menu is updated to show that the VLAN is deleted. The untagged port members of a deleted VLAN are automatically returned to the Default_VLAN with a PVID of 1.
AT-S81 Management Software User’s Guide GVRP This section describes GVRP and contains the following topics: GVRP Overview “GVRP Overview,” next “Enabling or Disabling GVRP” on page 132 The GARP VLAN Registration Protocol (GVRP) allows network devices to share VLAN information. The main purpose of GVRP is to allow switches to automatically discover some of the VLAN information that would otherwise need to be manually configured in each switch.
Chapter 9: Virtual LANs and GVRP Enabling or Disabling GVRP GVRP is only aware of those VLANs that have active nodes, or where at least one end node of a VLAN has established a valid link with a switch. GVRP is not aware of a VLAN if there are no active end nodes or if no end nodes have established a link with the switch. GVRP is disabled by default. To enable or disable GVRP, perform the following procedure: 1. From the Main Menu, type A to select Advanced Switch Configuration.
Chapter 10 Quality of Service (QoS) This chapter contains the procedures for configuring the Quality of Service (QoS) parameters of the switch.
Chapter 10: Quality of Service (QoS) QoS Overview When a port on an Ethernet switch becomes oversubscribed—its egress queues contain more packets than the port can handle in a timely manner—the port may be forced to delay the transmission of some packets, resulting in the delay of packets from reaching their destinations.
AT-S81 Management Software User’s Guide Each port on the switch has four priority queues, 0 (low) to 3 (high). When a tagged packet enters a switch port, the switch responds by placing the packet into one of the queues according to the assignments shown in Table 5. A packet in a high priority queue is typically transmitted out a port sooner than a packet in a low priority queue. Table 5. Default Mappings of IEEE 802.1p Priority Levels to Egress Port Priority Queues IEEE 802.
Chapter 10: Quality of Service (QoS) One last thing to note is that CoS does not change the priority level in a tagged packet. The packet leaves the switch with the same priority it had when it entered. This is true even if you change the default priority-toegress queue mappings. The default setting for Quality of Service is disabled. When the feature is disabled, all tagged packets are stored in the lowest priority queue of a port.
AT-S81 Management Software User’s Guide Mapping CoS Priorities to Egress Queues This procedure explains how to change the default mappings of CoS priorities to egress priority queues, shown in Table 5 on page 135. This is set at the switch level and applies to all ports. This procedure also enables and disables QoS. To change the mappings, perform the following procedure: 1. From the Main Menu, type A to select Advanced Switch Configuration.
Chapter 10: Quality of Service (QoS) 3. From the Quality of Service Configuration Menu, type T to select Traffic Class Configuration. The Traffic Class Configuration Menu is shown in Figure 34.
AT-S81 Management Software User’s Guide 5. To change the egress priority queue assignment of an 802.1p traffic class, do the following: a. Type P to select Set Priority Queue. The following prompt is displayed: Enter traffic class> b. Enter the traffic class whose egress priority queue you want to change. The range is 0 to 7. You can specify only one traffic class at a time. The following prompt is displayed: Enter queue for traffic class n> c. Enter the new egress queue number for the traffic class.
Chapter 10: Quality of Service (QoS) Configuring CoS As explained in “QoS Overview” on page 134, a packet received on a port is placed it into one of four priority queues on the egress port according to the switch’s mapping of 802.1p priority levels to egress priority queues. The default mappings are shown in Table 5 on page 135. You can override the mappings at the port level by assigning a different egress queue to a port.
AT-S81 Management Software User’s Guide 3. From the Quality of Service Configuration Menu, type P to select Port Priority Configuration. The Port Priority Configuration Menu is shown in Figure 35.
Chapter 10: Quality of Service (QoS) 4. To configure a port that is not a member of a trunk, type R to select Set Traffic Class. To configure the ports of a port trunk, type T to select Set Trunk Traffic Class. The following prompt is displayed if you are configuring a port: Set Traffic Class->Enter port number> The following prompt is displayed if you are configuring a trunk: Enter trunk group number> 5. Enter the port or trunk number that you want to configure.
AT-S81 Management Software User’s Guide Note The tagged information in a frame is not changed as the frame traverses the switch. A tagged frame leaves a switch with the same priority level that it had when it entered. The default for this parameter is disabled, meaning that the priority level of tagged frames is determined by the priority level specified in the frames themselves.
Chapter 10: Quality of Service (QoS) 144 Section I: Using the Menus Interface
Chapter 11 IGMP Snooping This chapter describes how to configure the OGMP snooping feature on the switch and includes the following sections: Section I: Using the Menus Interface “IGMP Snooping Overview” on page 146 “Configuring IGMP” on page 148 “Viewing the Multicast Groups” on page 150 145
Chapter 11: IGMP Snooping IGMP Snooping Overview The Internet Group Management Protocol (IGMP) enables routers to create lists of nodes that are members of multicast groups. (A multicast group is a group of end nodes that want to receive multicast packets from a multicast application.) The router creates a multicast membership list by periodically sending out queries to the local area networks connected to its ports.
AT-S81 Management Software User’s Guide network security by restricting the flow of multicast packets only to those switch ports connected to host nodes. Without IGMP snooping a switch would have to flood multicast packets out all of its ports, except the port on which it received the packet. Such flooding of packets can negatively impact switch and network performance.
Chapter 11: IGMP Snooping Configuring IGMP To configure IGMP, perform the following procedure: 1. From the Main Menu, type A to select Advanced Switch Configuration. The Advanced Switch Configuration Menu is shown in Figure 4 on page 32. 2. From the Advanced Switch Configuration Menu, type I to select IGMP Snooping Configuration. The IGMP Configuration Menu is shown in Figure 36.
AT-S81 Management Software User’s Guide 6. Specify the age-out time in seconds. The range is 280 to 420 seconds and the default is 280 seconds.
Chapter 11: IGMP Snooping Viewing the Multicast Groups To view the IGMP snooping multicast groups, perform the following procedure: 1. From the Main Menu, type A to select Advanced Switch Configuration. The Advanced Switch Configuration Menu is shown in Figure 4 on page 32. 2. From the Advanced Switch Configuration Menu, type I to select IGMP Snooping Configuration. The IGMP Configuration Menu is shown in Figure 36 on page 148. 3. Start your viewing application. 4. Type V to select View group members.
AT-S81 Management Software User’s Guide The following prompt is displayed: Enter MAC Address (xx.xx.xx.xx.xx.xx)> 6. Enter the MAC address as shown on the menu. The View Group Members Menu is shown in Figure 38.
Chapter 11: IGMP Snooping 152 Section I: Using the Menus Interface
Chapter 12 Rapid Spanning Tree Protocol (RSTP) This chapter describes how to configure the Rapid Spanning Tree Protocol (RSTP) on the switch and includes the following sections: Section I: Using the Menus Interface “RSTP Overview” on page 154 “Enabling or Disabling RSTP” on page 161 “Configuring the RSTP Bridge Settings” on page 164 “Configuring STP Compatibility” on page 166 “Configuring RSTP Port Settings” on page 167 “Displaying the RSTP Topology” on page 172 153
Chapter 12: Rapid Spanning Tree Protocol (RSTP) RSTP Overview The performance of a Ethernet network can be negatively impacted by the formation of a data loop in the network topology. A data loop exists when two or more nodes on a network can transmit data to each other over more than one data path.
AT-S81 Management Software User’s Guide You can designate which switch on your network you want as the root bridge by giving it the lowest bridge priority number. You might also consider which bridge should function as the backup root bridge in the event you need to take the primary root bridge offline, and assign that bridge the second lowest bridge identifier number. You can change the bridge priority number for the switch.
Chapter 12: Rapid Spanning Tree Protocol (RSTP) Table 6 lists the RSTP port costs with Auto-Detect. Table 6. RSTP Auto-Detect Port Costs Port Speed Port Cost 10 Mbps 2,000,000 100 Mbps 200,000 1000 Mbps 20,000 Table 7 lists the RSTP port costs with Auto-Detect when the port is part of a port trunk. Table 7. RSTP Auto-Detect Port Trunk Costs Port Speed No.
AT-S81 Management Software User’s Guide Table 8 lists the values. The default value is 0. Table 8. Port Priority Value Increments Port Priority Port Priority 0 128 16 144 32 160 48 176 64 192 80 208 96 224 112 240 If two paths have the same port cost and the same priority, then the ports with the lowest port MAC addresses become the root ports of their respective bridges.
Chapter 12: Rapid Spanning Tree Protocol (RSTP) Point-to-Point and Edge Ports Part of the task of configuring RSTP is defining the port types on the bridge. This relates to the device(s) connected to the port. With the port types defined, RSTP can quickly reconfigure a network when a change in network topology is detected. There are two possible selections: Point-to-point port Edge port The default setting for the RSTP port point-to-point status is automatic.
AT-S81 Management Software User’s Guide Figure 40. Edge Port A port can be both a point-to-point and an edge port at the same time. Figure 41 illustrates a port functioning as both a point-to-point and edge port. You must manually configure the edge port status. Figure 41. Point-to-Point and Edge Port Determining whether a bridge port is point-to-point, edge, or both, can be a bit confusing.
Chapter 12: Rapid Spanning Tree Protocol (RSTP) compatible mode, the ports can receive either RSTP or STP BPDU packets. Rapid Spanning Tree and VLANs The spanning tree implementation in the AT-S81 management software is a single-instance spanning tree. The switch supports just one spanning tree. You cannot define multiple spanning trees. The single spanning tree encompasses all ports on the switch. If the ports are divided into different VLANs, the spanning tree crosses the VLAN boundaries.
AT-S81 Management Software User’s Guide Enabling or Disabling RSTP To enable or disable RSTP, perform the following procedure: 1. From the Main Menu, type B to select Basic Switch Configuration. The Basic Switch Configuration Menu is shown in Figure 4 on page 32. 2. From the Basic Switch Configuration Menu, type S to select Rapid Spanning Tree Configuration. The Rapid Spanning Tree Configuration Menu is shown in Figure 43.
Chapter 12: Rapid Spanning Tree Protocol (RSTP) switch’s root port and the root bridge including the switch’s root port cost. Time Since Topology Change The time in seconds since the last topology change took place. When RSTP detects a change to the LAN’s topology or when the switch is rebooted, this parameter is reset to 0 seconds and begins incrementing until the next topology change is detected.
AT-S81 Management Software User’s Guide 3. Type E to select Enable/Disable Global RSTP. The following prompt is displayed: Enable or Disable Global RSTP (E/D)> 4. Type E to enable RSTP or D to disable RSTP.
Chapter 12: Rapid Spanning Tree Protocol (RSTP) Configuring the RSTP Bridge Settings To configure the RSTP bridge settings, perform the following procedure: 1. From the Main Menu, type B to select Basic Switch Configuration. The Basic Switch Configuration Menu is shown in Figure 4 on page 32. 2. From the Basic Switch Configuration Menu, type S to select Rapid Spanning Tree Configuration. The Rapid Spanning Tree Configuration Menu is shown in Figure 43 on page 161. 3. Type P to select Set Bridge Priority.
AT-S81 Management Software User’s Guide The bridge maximum age is the length of time after which stored bridge protocol data units (BPDUs) are deleted by the bridge. All bridges in a bridged LAN use this aging time to test the age of stored configuration messages called bridge protocol data units (BPDUs). For example, if you use the default value 20, all bridges delete current configuration messages after 20 seconds. This parameter can be from 6 to 40 seconds.
Chapter 12: Rapid Spanning Tree Protocol (RSTP) Configuring STP Compatibility Choosing an RSTP protocol version allows you to determine if the switch ports will operate in RSTP-only mode or are STP-compatible. This setting applies to all of the ports; you cannot set this on a per-port basis. To configure the STP compatibility, perform the following procedure: 1. From the Main Menu, type B to select Basic Switch Configuration. The Basic Switch Configuration Menu is shown in Figure 4 on page 32. 2.
AT-S81 Management Software User’s Guide Configuring RSTP Port Settings This section contains the following topics: Configuring the Basic RSTP Port Settings “Configuring the Basic RSTP Port Settings,” next “Configuring the Advanced RSTP Port Settings” on page 169 To configure the basic RSTP port settings, perform the following procedure: 1. From the Main Menu, type B to select Basic Switch Configuration. The Basic Switch Configuration Menu is shown in Figure 4 on page 32. 2.
Chapter 12: Rapid Spanning Tree Protocol (RSTP) 4. Type I to select Set Port Priority. The following prompt is displayed: Select port number to be changed> Port number is in range from 1 to 9, 0 to set all ports 5. Enter the number of the port you want to change, or type 0 (zero) to apply the settings to all ports on the switch.
AT-S81 Management Software User’s Guide Select port number to be changed> Port number is in range from 1 to 9, 0 to set all ports This parameter enables or disables RSTP on a specified port or a group of ports in a trunk. 11. Enter the number of the port you want to change, or type 0 (zero) to apply the settings to all ports on the switch. The following prompt is displayed: Enable or Disable STP for port n (E/D)> 12. Type E to enable or D to disable STP on the port.
Chapter 12: Rapid Spanning Tree Protocol (RSTP) AT-8000/8POE Local Management System Rapid Spanning Tree Configuration -> RSTP Advanced Port Configuration Port ---1 2 3 4 5 6 7 8 9 Trunk ----------------------- Link ---Down Down Down Down Down Down Down Down Down State ---------Forwarding Forwarding Forwarding Forwarding Forwarding Forwarding Forwarding Forwarding Forwarding Role Admin/OperEdge --------- -------------Disabled False/False Disabled False/False Disabled False/False Disabled False/False Di
AT-S81 Management Software User’s Guide Select port number to be changed> Port number is in range from 1 to 9, 0 to set all ports 8. Enter the number of the port you want to change, or type 0 (zero) to apply the settings to all ports on the switch. The following prompt is displayed: Set point-to-point for port n >(A/T/F) This parameter defines whether the port is functioning as a point-topoint port. The possible settings are Auto, True, and False.
Chapter 12: Rapid Spanning Tree Protocol (RSTP) Displaying the RSTP Topology To display the RSTP topology, perform the following procedure: 1. From the Main Menu, type B to select Basic Switch Configuration. The Basic Switch Configuration Menu is shown in Figure 4 on page 32. 2. From the Basic Switch Configuration Menu, type S to select Rapid Spanning Tree Configuration. The Rapid Spanning Tree Configuration Menu is shown in Figure 43 on page 161. 3.
AT-S81 Management Software User’s Guide Desig. Root The designated root bridge to which the switch’s root port is actively connected. Desig. Cost The sum of all the root port costs on all bridges, including the switch, between the switch and the root bridge. Desig. Bridge An adjacent bridge to which the root port of the switch is actively connected. Desig. Port The root bridge to which the root port of the switch is actively connected.
Chapter 12: Rapid Spanning Tree Protocol (RSTP) 174 Section I: Using the Menus Interface
Chapter 13 802.1x Network Access Control This chapter contains information about and the procedure for configuring 802.1x Network Access Control. It includes the following sections: Section I: Using the Menus Interface “802.1x Network Access Control Overview” on page 176 “Configuring 802.
Chapter 13: 802.1x Network Access Control 802.1x Network Access Control Overview 802.1x Network Access Control (IEEE 802.1x) is used to control who can send traffic through and receive traffic from a switch port. With this feature, the switch will not allow an end node to send or receive traffic through a port until the user of the node logs on by entering a username and password.
AT-S81 Management Software User’s Guide Authentication Process Authenticator Ports Below is a brief overview of the authentication process that occurs between a supplicant, authenticator, and authentication server. For further details, refer to the IEEE 802.1x standard. Either the authenticator (that is, a switch port) or the supplicant can initiate an authentication prompt exchange.
Chapter 13: 802.1x Network Access Control EAPOL frames. All other frames, including multicast and broadcast frames, are discarded. The authentication process begins when the link state of the port changes or the port receives an EAPOL-Start packet from a supplicant. The switch requests the identity of the client and begins relaying authentication prompts between the client and the authentication server.
AT-S81 Management Software User’s Guide Section I: Using the Menus Interface Port 2 is set to Auto. The end node connected to the port must use its 802.1x client software and provide a username and password to send or receive traffic from the switch. Port 8 is set to the Force-authorized setting so that the end node connected to the port does not have to provide a user name or password to send or receive traffic from the switch. In the example, the node is the RADIUS authentication server.
Chapter 13: 802.1x Network Access Control As mentioned earlier, the switch itself does not authenticate the user names and passwords from the clients. That is the responsibility of the authentication server, which contains the RADIUS server software. Instead, a switch acts as an intermediary for the authentication server by denying access to the network by the client until the client has provided a valid username and password, which the authentication server validates.
AT-S81 Management Software User’s Guide Note Connecting multiple supplicants to a switch port set to the Auto setting does not conform to the IEEE 802.1x standard. This can introduce security risks and can result in undesirable switch behavior. To avoid this, Allied Telesis recommends use the Forceauthorized setting on those ports that are connected to more than one end node, such as a port connected to another switch or to a hub.
Chapter 13: 802.1x Network Access Control Figure 48.
AT-S81 Management Software User’s Guide Configuring 802.1x Network Access Control To configure 802.1x network access control, perform the following procedure: 1. From the Main Menu, type A to select Advanced Switch Configuration. The Advanced Switch Configuration Menu is shown in Figure 21 on page 87. 2. From the Advanced Switch Configuration Menu, type X to select 802.1x Port Based Access Control Configuration. The Port Based Access Control Configuration Menu is shown in Figure 49.
Chapter 13: 802.1x Network Access Control 3. Type P to select Port No. The following prompt is displayed: Enter port number> 4. Enter the number of the port on the switch you want to configure. You can configure only one port at a time. The Port Based Access Control Configuration Menu is updated with the current settings of the selected port. 5. Type N to select NAS ID. This parameter assigns an 802.1x identifier to the switch that applies to all ports. The NAS ID can be up to sixteen characters.
AT-S81 Management Software User’s Guide F (Force-authorized) - Disables IEEE 802.1x authentication and causes the port to transition to the authorized state without any authentication exchange required. The port transmits and receives normal traffic without 802.1x-based authentication of the client. This is the default setting. b. Type A, U, or F. 8. To configure the transmission period, do the following: a. Type T to select Transmission Period.
Chapter 13: 802.1x Network Access Control The following prompt is displayed: Enter maximum request count > This parameter sets the maximum number of times that the switch retransmits an EAP Request packet to the client before it times out the authentication session. The default value for this parameter is 2 retransmissions. The range is 1 to 10 retransmissions. b. Type a number for the maximum request count. 12. To configure the quiet period, do the following: a. Type U to select Quiet Period.
AT-S81 Management Software User’s Guide 15. If the port control setting is Auto and you want to return the EAPOL machine state on the port to the initialized state, do the following: a. Type I to select Initialize. The following prompt is displayed: Would you initialize authenticator? (Y/N)> b. Typing Y returns the EAPOL machine state on the port to the initialize state. Typing N cancels the step. 16.
Chapter 13: 802.
Chapter 14 RADIUS Authentication Protocol This chapter describes how to configure the RADIUS client software on the switch. You can use the RADIUS client with 802.1x network access control to control who can forward packets through the switch.
Chapter 14: RADIUS Authentication Protocol RADIUS Overview RADIUS (Remote Authentication Dial In User Services) is an authentication protocol for enhancing the security of your network. The protocol transfers the task of authenticating network access from a network device to an authentication protocol server. The AT-S81 management software comes with RADIUS client software. You can use the client software together with 802.1x network access control, described in Chapter 13, “802.
AT-S81 Management Software User’s Guide Note For more information on the RADIUS authentication protocol, refer to the RFC 2865 standard.
Chapter 14: RADIUS Authentication Protocol Configuring the RADIUS Server To configure the RADIUS client, perform the following procedure: 1. From the Main Menu, type B to select Basic Switch Configuration. The Basic Switch Configuration Menu is shown in Figure 4 on page 32. 2. From the Basic Switch Configuration Menu, type U to select User Interface Configuration. The User Interface Configuration Menu is shown in Figure 7 on page 38. 3. Type R to select RADIUS Server Configuration.
AT-S81 Management Software User’s Guide The following prompt is displayed: Enter secret string for server> b. Enter the encryption key of the RADIUS server. 6. To set the response time, do the following: a. Type R to select Set Response Time. The following prompt is displayed: Enter response time> b. Enter the amount of time in seconds the switch should wait for a response from the RADIUS server. The range is 1 to 120 seconds. The default is 10 seconds. 7.
Chapter 14: RADIUS Authentication Protocol Displaying the RADIUS Server Settings To display the RADIUS client status and settings, perform the following procedure: 1. From the Main Menu, type B to select Basic Switch Configuration. The Basic Switch Configuration Menu is shown in Figure 4 on page 32. 2. From the Basic Switch Configuration Menu, type U to select User Interface Configuration. The User Interface Configuration Menu is shown in Figure 7 on page 38. 3.
Chapter 15 Broadcast Storm Control This chapter describes how to configure the broadcast storm control feature on the switch and includes the following sections: Section I: Using the Menus Interface “Broadcast Storm Control Overview” on page 196 “Configuring Broadcast Storm Control” on page 197 195
Chapter 15: Broadcast Storm Control Broadcast Storm Control Overview The broadcast storm control feature limits the number of broadcast frames forwarded by the switch. The feature can help improve network performance in situations where broadcast frames are consuming a significant portion of network bandwidth, to a degree where the remaining bandwidth is insufficient for efficiently carrying the unicast and multicast frames. This feature can also protect your network from broadcast storms.
AT-S81 Management Software User’s Guide Configuring Broadcast Storm Control To configure the broadcast storm control feature, perform the following procedure: 1. From the Main Menu, type B to select Basic Switch Configuration. The Basic Switch Configuration Menu is shown in Figure 4 on page 32. 2. From the Basic Switch Configuration Menu, type C to select Storm Control Configuration. The Storm Control Configuration Menu is shown in Figure 51.
Chapter 15: Broadcast Storm Control 198 L - Low (100 broadcast packets per second) Section I: Using the Menus Interface
Chapter 16 MAC Address Tables This chapter contains the procedures for viewing the MAC address table and contains the following sections: Section I: Using the Menus Interface “MAC Address Overview” on page 200 “Displaying the MAC Address Tables” on page 202 “Setting the Age-Out Time” on page 206 199
Chapter 16: MAC Address Tables MAC Address Overview Each hardware device that you connect to your Ethernet network has a unique MAC address assigned to it by the device’s manufacturer. For example, every network interface card (NIC) that you use to connect your computers to your network has a MAC address assigned to it by the adapter’s manufacturer. The switch contains a MAC address table with a storage capacity of up to 16,000 entries.
AT-S81 Management Software User’s Guide Dynamic MAC addresses are not stored indefinitely in the MAC address table. The switch deletes a dynamic MAC address from the table if it does not receive any frames from the node after a specified period of time. The switch assumes that the node with that MAC address is no longer active and that its MAC address can be purged from the table. This prevents the MAC address table from becoming filled with addresses of nodes that are no longer active.
Chapter 16: MAC Address Tables Displaying the MAC Address Tables To display the MAC address tables, perform the following procedure: 1. From the Main Menu, type B to select Basic Switch Configuration. The Basic Switch Configuration Menu is shown in Figure 4 on page 32. 2. From the Basic Switch Configuration Menu, type M to select MAC Address Table Menu. The MAC Address Table menu is shown in Figure 52.
AT-S81 Management Software User’s Guide AT-8000/8POE Local Management System MAC Address Table Menu -> Display MAC Address by Port Age-Out Time: 300 Sec.
Chapter 16: MAC Address Tables AT-8000/8POE Local Management System MAC Address Table Menu -> Display MAC Addresses by MAC Age-Out Time: 300 Sec. MAC AddressPort ------------------------00:00:46:F2:E2:BC 5 00:C0:8F:11:AA:D31 CPU ----------------------- -----------------------------------[N]ext Page Set [A]ge-Out Time [P]revious Page [Q]uit to previous menu Command> Figure 54.
AT-S81 Management Software User’s Guide AT-8000/8POE Local Management System MAC Address Table Menu -> Display MAC Addresses by VLAN ID Age-Out Time: 300 Sec.VLAN ID: 2 MAC AddressPort ------------------------00:00:46:F2:E2:BC 5 ----------------------- -----------------------------------[N]ext Page Set [A]ge-Out Time [P]revious Page [Q]uit to previous menu Command> Figure 55.
Chapter 16: MAC Address Tables Setting the Age-Out Time The switch uses the age-out time to delete inactive MAC addresses from the MAC address table. When the switch detects that no packets have been sent to or received from a particular MAC address in the table after the period specified by the aging time, the switch deletes the address. This prevents the table from becoming full of addresses of nodes that are no longer active. The default for the age-out time is 300 seconds (5 minutes).
Chapter 17 Working With System Files The procedures in this chapter explain how to work with system files on the AT+8000/8POE Fast Ethernet switch, including software image files and the system configuration file. The procedures include: “Downloading a New Management Software Image Using TFTP” on page 208 Note For information on how to obtain new releases of the AT-S81 management software, refer to “Contacting Allied Telesis” on page 15.
Chapter 17: Working With System Files Downloading a New Management Software Image Using TFTP Before downloading a new version of the AT-S81 management software onto the switch, note the following: The current configuration of a switch is retained when a new AT-S81 software image is installed. To return a switch to its default configuration values, refer to “Returning the AT-S81 Management Software to the Factory Default Values” on page 59. Your network must have a node with TFTP server software.
AT-S81 Management Software User’s Guide AT-8000/8POE Local Management System Switch Tools Configuration -> Software Upgrade Menu [T]FTP Software Upgrade [Q]uit to previous menu Command> Figure 56. Software Upgrade Menu (1 of 2) 3. Type T to select TFTP Upgrade. The Software Upgrade Menu (2 of 2) is shown in Figure 57. AT-8000/8POE Local Management System Main Menu -> Software Upgrade Menu Image Version/Date: 0.0.0/Jul 29 2006 20:57:07 TFTP Server IP: Image File Name: Retry Count: 0.0.0.
Chapter 17: Working With System Files 4. Type S to select Set TFTP Server IP Address. The following prompt is displayed: Enter IP address of TFTP server: 5. Enter the IP address of the TFTP server. 6. Type F to select Set Image File Name. The following prompt is displayed: Enter file name> 7. Enter the file name of the AT-S81 image file on the TFTP server. 8. Type R to select Set Retry Count. The following prompt is displayed: Enter retry count> 9.
AT-S81 Management Software User’s Guide Uploading or Downloading the Configuration File The procedure in this section allows you to download a different configuration file onto the switch from a TFTP server, or upload the file to a TFTP server. To return a switch to its default configuration values, refer to “Returning the AT-S81 Management Software to the Factory Default Values” on page 59.
Chapter 17: Working With System Files AT-8000/8POE Local Management System Switch Tools Configuration -> Configuration File Upload/Download Menu [T]FTP Configuration File Upload/Download [Q]uit to previous menu Command> Figure 58. Configuration File Upload/Download Menu 3. From the Configuration File Upload/Download Menu, type T to select TFTP Configuration File Upload/Download. The TFTP Configuration File Upload/Download Menu is shown in Figure 59.
AT-S81 Management Software User’s Guide 5. Enter the IP address of the TFTP server. 6. Type F to select Set Configuration File Name. The following prompt is displayed: Enter file name> 7. Enter a name for the configuration file. Note There is no default name for the configuration file. 8. Type R to select Set Retry Count. The following prompt is displayed: Enter retry count> 9. Enter the number of times you want the switch to retry in the event a problem occurs during the upload process.
Chapter 17: Working With System Files 4. Type S to select Set TFTP Server IP Address. The following prompt is displayed: Enter IP address of TFTP server: 5. Enter the IP address of the TFTP server. 6. Type F to select Set Configuration File Name. The following prompt is displayed: Enter file name> 7. Enter the file name of the configuration file on the TFTP server. 8. Type R to select Set Retry Count. The following prompt is displayed: Enter retry count> 9.
Section II Using the Web Browser Interface The chapters in this section provide information and procedures for using the web browser interface in the AT-S81 management software.
Section II: Using the Web Browser Interface
Chapter 18 Starting a Web Browser Management Session This chapter contains the procedures for starting, using, and quitting a web browser management session on an AT-8000/8POE Fast Ethernet switch.
Chapter 18: Starting a Web Browser Management Session Establishing a Remote Connection to Use the Web Browser Interface In order for you to manage a switch using the web browser interface, the switch must have an IP address and subnet mask. To manually assign an IP address, refer to “Configuring the IP Address, Subnet Mask, and Gateway Address” on page 32. To configure the switch to obtain its IP configuration from a DHCP server, refer to “Enabling and Disabling the DHCP Client” on page 35.
AT-S81 Management Software User’s Guide The AT-S81 management software displays the login dialog box, shown in Figure 61. Figure 61. AT-S81 Login Dialog Box 3. Enter the AT-S81 management login user name and password. The default user name is “manager” and the default password is “friend.” The login name and password are case-sensitive. To change the user name and password, refer to “Configuring System Administration Information” on page 227. The AT-S81 management software displays the home page.
Chapter 18: Starting a Web Browser Management Session The main menu is on the top of the home page. It consists of the following selections: General Info. Basic Config. Advanced Config. Tools Statistics A web browser management session remains active even if you link to other sites. You can return to the management web pages anytime as long as you do not quit the browser.
AT-S81 Management Software User’s Guide Web Browser Tools You can use the web browser tools to move around the management pages. Selecting Back on your browser’s toolbar returns you to the previous display. You can also use the browser’s bookmark feature to save the link to the switch.
Chapter 18: Starting a Web Browser Management Session Quitting a Web Browser Management Session To exit a web browser management session, close the web browser.
Chapter 19 Basic Switch Parameters This chapter contains the following sections: Section II: Web Browser Interface “Configuring an IP Address, Subnet Mask and Gateway Address” on page 224 “Enabling and Disabling the DHCP Client” on page 226 “Configuring System Administration Information” on page 227 “Setting the User Interface Configuration” on page 229 “Enabling or Disabling the Web Server” on page 232 “Enabling or Disabling the Telnet Server” on page 233 “Configuring SNTP” o
Chapter 19: Basic Switch Parameters Configuring an IP Address, Subnet Mask and Gateway Address This procedure explains how to change the IP address, subnet mask, and gateway address of the switch. Before performing the procedure, note the following: An IP address and subnet mask are not required for normal network operations of the switch. Values for these parameters are only required if you want to remotely manage the device using the web browser interface.
AT-S81 Management Software User’s Guide System IP Address Enter the IP address for the switch. System Subnet Mask Enter the subnet mask for the switch. System Default Gateway Enter the default gateway’s IP address. DHCP Mode For information about setting this parameter, refer to “Enabling and Disabling the DHCP Client” on page 226. 3. Click Apply. Note Changing the IP address ends your management session.
Chapter 19: Basic Switch Parameters Enabling and Disabling the DHCP Client This procedure explains how to activate and deactivate the DHCP client on the switch. When the client is activated, the switch obtains its IP configuration, such as its IP address and subnet mask, from a DHCP server on your network. Before performing the procedure, note the following: An IP address and subnet mask are not required for normal network operations of the switch.
AT-S81 Management Software User’s Guide Configuring System Administration Information This section explains how to assign a name to the switch, as well as the location of the switch and the name of the switch’s administrator. Entering this information is optional. To set a switch’s administration information, perform the following procedure: 1. From the Basic Config menu, select Admin. Config. The Administration Configuration page opens, as shown in Figure 64. Figure 64.
Chapter 19: Basic Switch Parameters 3. Click Apply.
AT-S81 Management Software User’s Guide Setting the User Interface Configuration This procedure explains how to adjust the user interface and security features on the switch. With this procedure you can: Change the console timer, used to automatically end inactive local management sessions. Change the AT-S81 management login user name and password. Enable and disable the web server, used to manage the switch from a remote management station with a web browser.
Chapter 19: Basic Switch Parameters Note For information about the SNMP Agent selection, refer to “Enabling or Disabling the SNMP Agent” on page 256. 2. To configure the console UI time out parameters, do the following: a. In the Console UI Time Out field, enter a new value. The range is 0 to 60 minutes. The default is 5 minutes. A timeout value of 0 causes the console connection to never times out.
AT-S81 Management Software User’s Guide c. Click the New Password field and enter a new login password or, if you do not want to change the password, enter the current password. The password can be from 0 to 12 characters. Allied Telesis recommends not using special characters, such as spaces and exclamation points. The password is case sensitive. Leaving this field empty deletes the current password without assigning a new one. d.
Chapter 19: Basic Switch Parameters Enabling or Disabling the Web Server To enable or disable the web server, perform the following procedure: 1. From the Basic Config menu, select User Interface > User Interface. The User Interface page is shown in Figure 65 on page 229. 2. For the Web Server parameter, choose Enable or Disable from the list. The default is Enable. When you enable this parameter, an individual can manage the switch remotely using a web browser.
AT-S81 Management Software User’s Guide Enabling or Disabling the Telnet Server To enable or disable the Telnet server, perform the following procedure: 1. From the Basic Config menu, select User Interface > User Interface. The User Interface page is shown in Figure 65 on page 229. 2. For the Telnet Server parameter, choose Enable or Disable from the list. The default is Enable. When you enable this parameter, a Telnet connection to the switch is available. 3. Click Apply.
Chapter 19: Basic Switch Parameters Configuring SNTP To configure SNTP, perform the following procedure: 1. From the Basic Configuration menu, select SNTP Configuration. The SNTP Configuration page opens, as shown in Figure 66. Figure 66. SNTP Configuration Page 2. In the SNTP Server IP field, type the IP address for the SNTP server you want to use. 3. In the Set SNTP Interval field, type a number to specify the number of minutes between occurrences of polling the SNTP server.
AT-S81 Management Software User’s Guide Viewing System Information To view general information about the switch, perform the following procedure: 1. From General Info. menu, select Switch Information. The Switch Information page opens, as shown in Figure 67. Figure 67. Switch Information Page The Switch Information page displays the following information: System Up For The number of days, hours, and minutes that the switch has been running since it was last rebooted.
Chapter 19: Basic Switch Parameters Hardware Information Section: Revision The hardware version number. DRAM Size The size of the DRAM, in megabytes. Flash Size The size of the flash memory, in megabytes. Console Baud Rate The baud rate of the console port. You cannot change this setting. Administration Information Section: System Name The name assigned to the switch. To give the switch a name, refer to “Configuring System Administration Information” on page 227.
AT-S81 Management Software User’s Guide DHCP Mode The status of the DHCP client on the switch. For information about setting this parameter, refer to “Enabling and Disabling the DHCP Client” on page 226.
Chapter 19: Basic Switch Parameters Rebooting a Switch This procedure reboots the switch and reloads the AT-S81 management software from flash memory. You might reboot the device if you believe it is experiencing a problem. Rebooting the device does not change any of the device’s parameter settings. Caution The switch does not forward network traffic during the reboot process. Some network traffic may be lost. To reboot a switch, perform the following procedure: 1.
AT-S81 Management Software User’s Guide Pinging a Remote System This procedure instructs the switch to ping a node on your network. This procedure is useful in determining whether an active link exists between the switch and another network device. Note the following before performing the procedure: The switch where you are initiating the ping must have an IP address. The device you are pinging must be a member of the Default VLAN.
Chapter 19: Basic Switch Parameters 3. Click Start. 4. To view the ping results, click Show Ping Results. A sample Ping Test Results page is shown in Figure 70. Figure 70. Ping Test Results Page 5. Click Back to Ping Test to return to the Ping Test Configuration page.
AT-S81 Management Software User’s Guide Working with the System Log The system log displays system-level events in the switch, such as logging in to the management software. You can view the system log locally, or send the system log file to a remote location.
Chapter 19: Basic Switch Parameters Time The time that the event occurred. Note When you enable the SNTP protocol, switch startup events show the default system date until SNTP polls for the current date and time. L Severity level of the event. The severity levels are: (I)nformation - Useful information that you can ignore during normal operation. W)arning - An issue that may require a manager’s attention. (E)rror - Switch operation is severely impaired.
AT-S81 Management Software User’s Guide Sending the System Log to a Remote Server The syslog protocol allows you to collect messages and events produced by a wide variety of network equipment in a single place. For instance, instead of viewing the event logs of several separate AT-8000/8POE Fast Ethernet switches, you can have those events sent to a single syslog server on your network. The destination for the events is referred to as a facility.
Chapter 19: Basic Switch Parameters Returning the AT-S81 Management Software to the Factory Default Values This procedure returns all AT-S81 management software parameters to their default values and deletes all tagged and VLANs on the switch. The AT-S81 management software default values are listed in Appendix A, “AT-8000/POE Default Settings” on page 345. Caution This procedure causes the switch to reboot. The switch does not forward network traffic during the reboot process.
Chapter 20 Port Configuration The sections in this chapter explain the two methods to viewing and changing the parameter settings of the individual ports on the switch. The first method shows how to use the Port Configuration page to view and configure multiple ports at one time. The second is typically used to configure just one port at a time. There is also a section for viewing port statistics.
Chapter 20: Port Configuration Viewing and Configuring Multiple Ports This procedure allows you to configure the ports on the switch using the Port Configuration page. This page allows you to view and configure the parameter settings of all the switch ports at one time. To configure the ports, perform the following procedure: 1. From the Basic Config menu, select Port Config. The Port Configuration page opens, as shown in Figure 73. The page lists all the ports on the switch and their current settings.
AT-S81 Management Software User’s Guide Admin. Status The operating status of the port. You can use this parameter to enable or disable a port. You may want to disable a port and prevent packets from being forwarded if a problem occurs with the node or cable connected to the port. After the problem has been fixed, you can enable the port to resume normal operation. You can also disable an unused port to secure it from unauthorized connections.
Chapter 20: Port Configuration pause packet to notify the end node to stop transmitting for a specified period of time. The possible values are: Enabled - The port is allowed to use flow control. This is the default setting for all ports on the switch. Disabled - The port does not use flow control. 3. Click Apply to save the configuration.
AT-S81 Management Software User’s Guide Viewing and Configuring a Single Port The procedure in this section allows you to view or configure the parameter settings of one port on the switch. To view and configure the parameter settings for more than one port at a time, refer to “Viewing and Configuring Multiple Ports” on page 246. To view or configure the parameter settings of a single port, perform the following procedure: 1.
Chapter 20: Port Configuration Operation Status The status of the link between the port and the end node connected to the port. You must use the Port Configuration page to configure this parameter. For information, refer to “Viewing and Configuring Multiple Ports” on page 246. Admin. Status The operating status of the port. You can use this parameter to enable or disable a port.
AT-S81 Management Software User’s Guide speed and duplex mode manually. Allied Telesis does not recommend manually setting a 10/100/1000Base-T twisted pair port to either 1000 Mbps full duplex or 1000 Mbps half duplex. For 1000 Mbps operation, Allied Telesis recommends setting the port to Auto-Negotiation. The only valid setting for an optional SFP port is AutoNegotiation. Flow Ctrl The current flow control setting on the port.
Chapter 20: Port Configuration Displaying Port Statistics To display port statistics, perform the following procedure: 1. From the Main Menu, select Statistics. The Statistics page opens, as shown in Figure 75. Figure 75. Statistics Page 2. To view statistics for a port, select a port from the Select Port list and click Apply. The statistics are displayed in a table that contains the following items of information: Total RX Bytes Number of bytes received on the port.
AT-S81 Management Software User’s Guide Good Multicast Number of valid multicast packets received on the port. CRC/Align Errors Number of packets with a cyclic redundancy check (CRC) error but with the proper length (64-1518 bytes) received on the port. Undersize Pkts Number of packets that were less than the minimum length specified by IEEE 902.3 (64 bytes including the CRC) received on the port. Oversize Pkts Number of packets that exceeded the maximum length specified by IEEE 902.
Chapter 20: Port Configuration 254 Section II: Web Browser Interface
Chapter 21 SNMP This chapter contains the following procedures for working with the Simple Network Management Protocol (SNMP): “Enabling or Disabling the SNMP Agent” on page 256 “Changing the Default SNMP Community Names” on page 257 “Working with Trap Receivers” on page 258 Note For background information on SNMP, refer to “SNMP Overview” on page 72.
Chapter 21: SNMP Enabling or Disabling the SNMP Agent To enable or disable the SNMP agent, perform the following procedure: 1. From the Basic Config menu, select User Interface. 2. From the User Interface menu, select User Interface. The User Interface page is shown in Figure 65 on page 229. 3. For the SNMP Agent parameter, choose Enable or Disable from the list. The default is Enable. When you enable this parameter, SNMP access is allowed. 4. Click Apply.
AT-S81 Management Software User’s Guide Changing the Default SNMP Community Names To configure the SNMP settings, perform the following procedure: 1. From the Basic Config menu, select SNMP Config. The SNMP Configuration page opens, as shown in Figure 76. Figure 76. SNMP Configuration Page 2. Click the SNMP Read Community field and type the name of the read community. The default is “public.” 3. Click the SNMP Write Community field and type the name of the write community. The default is “private.” 4.
Chapter 21: SNMP Working with Trap Receivers This section contains the following procedures: Adding and Enabling a Trap Receiver “Adding and Enabling a Trap Receiver,” next “Disabling a Trap Receiver” on page 258 “Deleting a Trap Receiver” on page 258 To add and enable a trap receiver, perform the following procedure: 1. From the Basic Config menu, select SNMP Config. The SNMP Configuration page is shown in Figure 76 on page 257. 2.
AT-S81 Management Software User’s Guide The SNMP Configuration page is shown in Figure 76 on page 257. 2. Click Restore.
Chapter 21: SNMP 260 Section II: Web Browser Interface
Chapter 22 Port Trunking This chapter contains the following procedures for working with port trunking: “Setting Up a Port Trunk” on page 262 “Setting Up an LACP Trunk” on page 265 Note For background information on trunking, refer to “Port Trunking Overview” on page 82.
Chapter 22: Port Trunking Setting Up a Port Trunk This section contains the following procedures for working with port trunks: Creating a Port Trunk “Creating a Port Trunk” on page 262 “Modifying a Port Trunk” on page 263 “Enabling or Disabling a Port Trunk” on page 264 This procedure explains how to configure a port trunk. Note Do not connect the cables of a port trunk to the ports on the switch until after you have configured the ports on both the switch and the end node.
AT-S81 Management Software User’s Guide 4. Click Apply. The trunk is now operational on the switch. 5. Configure the port trunk on the other switch and connect the cables. Modifying a Port Trunk This procedure adds and removes ports from a port trunk. Note You should disconnect the cables from the ports of the trunk on the switch before modifying it.
Chapter 22: Port Trunking Enabling or Disabling a Port Trunk This procedure enables and disables a port trunk. Note the following before performing this procedure: Do not enable a port trunk until after you have configured the trunk on both switches. Do not connect the cables to the ports on the switches until after you have configured and enabled the trunk on both switches. Note If you are disabling a port trunk, be sure to first disconnect all cables from the ports of the trunk.
AT-S81 Management Software User’s Guide Setting Up an LACP Trunk This section contains the following procedures: “Creating an LACP Trunk,” next “Configuring the LACP Port Priority” on page 266 “Viewing the LACP Group Settings” on page 267 “Disabling an LACP Trunk” on page 267 Note Create the trunk before you make it an LACP trunk. For more information, see “Setting Up a Port Trunk” on page 262. Creating an LACP Trunk To create an LACP trunk, perform the following procedure: 1.
Chapter 22: Port Trunking Configuring the LACP Port Priority LACP port priority determines which port is the backup port to another port when the link to that port is down. The port with the lowest value has the highest value, and is selected to join the link aggregation group first. To configure the LACP port priority, perform the following procedure: 1. From the Advanced Config menu, select Trunk Config > Port Priority Config. The LACP Port Priority page opens, as shown in Figure 78. Figure 78.
AT-S81 Management Software User’s Guide Viewing the LACP Group Settings To view the LACP group settings, perform the following procedure: 1. From the Advanced Config menu, select Trunk Config > LACP Group Status. The LACP Group Status page opens, as shown in Figure 79. Figure 79. LACP Group Status Page The LACP Group Status page displays the following information about each LACP group: System Priority The system priority as defined by IEE 802.3ad. You cannot change this.
Chapter 22: Port Trunking 2. On the row that corresponds to the trunk you want to disable as an LACP trunk, from the list, choose Disabled. 3. Click Apply.
Chapter 23 Port Mirroring This chapter contains the procedure for setting up port mirroring. Port mirroring allows you to unobtrusively monitor the ingress and egress traffic on a port by having the traffic copied to another port. This chapter contains the following sections: “Configuring Port Mirroring” on page 270 “Disabling Port Mirroring” on page 271 Note For background information on port mirroring, refer to “Port Mirroring Overview” on page 98.
Chapter 23: Port Mirroring Configuring Port Mirroring To set up port mirroring, perform the following procedure: 1. From the Advanced Config menu, select Port Mirroring. The Port Mirroring page opens, as shown in Figure 80. Figure 80. Port Mirroring Page 2. In the Mirroring Port section, select the port where the network analyzer is connected. 3. In the Port Being Mirrored section, select the port whose ingress and egress traffic you want to monitor. You can select only one port. 4. Click Apply. 5.
AT-S81 Management Software User’s Guide Disabling Port Mirroring To disable port mirroring, perform the following procedure: 1. From the Advanced Config menu, select Port Mirroring. The Port Mirroring page is shown in Figure 80 on page 270. 2. From the Mirroring Status list, select Disable and click Apply. Port mirroring is immediately disabled on the switch. You can now use the mirroring port for regular network operations.
Chapter 23: Port Mirroring 272 Section II: Web Browser Interface
Chapter 24 Power Over Ethernet This chapter contains the following procedure for working with Power Over Ethernet (PoE): “Configuring PoE” on page 274 Note For background information on PoE, refer to “PoE Overview” on page 104.
Chapter 24: Power Over Ethernet Configuring PoE To configure the PoE settings, perform the following procedure: 1. From the Advanced Config menu, select Power Over Ethernet. The Power Over Ethernet Configuration page opens, as shown in Figure 81. Figure 81. Power Over Ethernet Configuration Page The Power Over Ethernet Configuration page displays information about the PoE status of each port and also allows you to configure the port’s status and priority.
AT-S81 Management Software User’s Guide information about port priority, refer to “Port Prioritization for Power Allocation” on page 105. To set the priority, refer to “Setting the PoE Port’s Priority” on page 275. Power (mW) The amount of power being delivered to the device, in Milliwatts. Voltage (V) The amount of voltage being delivered to the device, in Volts. Current (mA) The amount of current being delivered to the device, in Milliamps.
Chapter 24: Power Over Ethernet 276 Section II: Web Browser Interface
Chapter 25 Virtual LANs This chapter contains the procedures for creating, modifying, and deleting and tagged Virtual Local Area Networks (VLANs) from a web browser management session.
Chapter 25: Virtual LANs Creating a VLAN This section contains the procedure for creating a new or tagged VLAN. This procedure assigns the VLAN a name, a VID number, and the untagged and tagged member ports. After performing this procedure, the PVID values of the untagged ports of the VLAN must be adjusted to match the virtual LAN’s VID number. In order for a port to be considered an untagged member of a VLAN, its PVID value must be changed to match the VID of the virtual LAN.
AT-S81 Management Software User’s Guide If the VLAN will be part of a larger VLAN that spans multiple switches, then the name for the VLAN should be the same on each switch where nodes of the VLAN are connected. 4. In the Static Tagged row, click the buttons of those ports on the switch that are to be tagged or untagged members of the new VLAN.
Chapter 25: Virtual LANs Configuring the PVID of Untagged Ports This procedure adjusts a port’s VID value. The PVID value determines the VLAN in which the port is an untagged member. A port is an untagged member of the VLAN whose VID value matches its PVID. A port can be an untagged member of only one VLAN at a time. The ports of a new VLAN are initially designated as tagged ports. Their PVID values retain their previous settings when they are assigned to a new VLAN.
AT-S81 Management Software User’s Guide Note If you specify a PVID that does not correspond to any VIDs on the switch, the management software creates a new VLAN with a VID that equals the PVID. The VLAN is not assigned any name. 3. Click Apply. 4. Repeat steps 2 and 3 to change the PVID values of other ports.
Chapter 25: Virtual LANs Displaying the VLANs To display the VLANs, perform the following procedure: 1. From the Advanced Config menu, select VLAN Config. > VLAN Info. The VLAN Information page opens, as shown in Figure 84. Figure 84. VLAN Information Page For GVRP Status, see See “Enabling or Disabling GVRP” on page 289. For Management VLAN, see See “Restricting Management VLAN Access” on page 284. 2. The VLAN Information page provides the following columns of information: VLAN ID The VLAN ID number.
AT-S81 Management Software User’s Guide Figure 85. VLAN Configuration - Members Page Untagged ports of the VLAN are indicated with a “U” and tagged ports with a “T”.
Chapter 25: Virtual LANs Restricting Management VLAN Access Management access can be restricted to the default vlan (VLAN 1) or made available on any VLAN. This feature is activated when you select ENABLE in the Management VLAN field. If this field is set to DISABLED, the management access is available on any VLAN. 1. From the Advanced Config menu, select VLAN Config. > VLAN Info. The VLAN Information page opens, as shown in Figure 84 on page 282. 2.
AT-S81 Management Software User’s Guide Modifying a VLAN This procedure allows you to perform the following functions: Change the name of a VLAN. Add or remove tagged ports from a VLAN. Before performing this procedure, note the following: You cannot change the VID of an existing VLAN. You cannot add an untagged port to a VLAN using this procedure.
Chapter 25: Virtual LANs Figure 86. Modify VLAN Page 3. To change the VLAN’s name, click the VLAN Name field and enter the new name. The name can contain up to 32 characters including spaces but not including special characters such as asterisks (*) or exclamation points (!). 4. To add a new tagged port to the VLAN, click the button in the Static Tagged row of the port to be added as a tagged port. 5. To remove a tagged port from the VLAN, click the button in the Not Member row of the port to be removed.
AT-S81 Management Software User’s Guide Deleting a VLAN To delete a VLAN, perform the following procedure: 1. From the Advanced Config menu, select VLAN Info. The VLAN Information page is shown in Figure 84 on page 282. 2. In the VLAN Action column, click Delete next to the VLAN you want to delete. A confirmation prompt is displayed. 3. Click OK to delete the VLAN or Cancel to cancel the deletion. Note You cannot delete the Default VLAN which has a VID of 1.
Chapter 25: Virtual LANs Deleting All VLANs The following procedure for deletes all VLANs, except the Default_VLAN, on a switch. To delete selected VLANs, refer to “Deleting a VLAN” on page 287. To reset to the default VLAN, perform the following procedure: 1. From the Advanced Config menu, select VLAN Info. The VLAN Information page is shown in Figure 84 on page 282. 2. Click Reset to Default. The following prompt is displayed: Reset VLAN configuration to default? 3.
AT-S81 Management Software User’s Guide Enabling or Disabling GVRP The GARP VLAN Registration Protocol (GVRP) allows network devices to share VLAN information. For more information about GVRP, refer to “GVRP” on page 131. To enable or disable GVRP, perform the following procedure: 1. From the Advanced Config menu, select VLAN Config. > VLAN Info. The VLAN Information page is shown in Figure 84 on page 282. 2. From the GVRP Status list, choose Enable or Disable. 3. Click Apply.
Chapter 25: Virtual LANs 290 Section II: Web Browser Interface
Chapter 26 Quality of Service (QoS) This chapter contains the procedure for configuring Quality of Service (QoS).
Chapter 26: Quality of Service (QoS) Mapping CoS Priorities to Egress Queues This procedure explains how to change the default mappings of CoS priorities to egress priority queues, as shown in Table 5 on page 135. This is set at the switch level. You cannot set this at the per-port level. This procedure also enables and disables QoS. To change the default mappings of CoS priorities to egress priority queues or to enable or disable QoS, perform the following procedure: 1.
AT-S81 Management Software User’s Guide Configuring CoS As explained in “QoS Overview” on page 134, a packet received on a port is placed it into one of four priority queues on the egress port according to the switch’s mapping of 802.1p priority levels to egress priority queues. The default mappings are shown in Table 5 on page 135. You can override the mappings at the port level by assigning a new default egress queue to a port.
Chapter 26: Quality of Service (QoS) The columns in the menu display the following information: Port Displays the port number. Trunk Displays the trunk number if the port is a member of a trunk. Traffic Class Enter the traffic class’s current egress priority. Queue Displays the number of the queue where untagged packets received on the port are stored on the egress queue. Override Displays whether the priority level in ingress tagged frames is being used or not.
Chapter 27 IGMP This chapter contains the following procedures for working with the Internet Group Management Protocol (IGMP): “Configuring IGMP” on page 296 Note For background information on IGMP, refer to “IGMP Snooping Overview” on page 146.
Chapter 27: IGMP Configuring IGMP To configure the IGMP settings, perform the following procedure: 1. From the Advanced Config menu, select IGMP Snooping. The IGMP Snooping page opens, as shown in Figure 89. Figure 89. IGMP Snooping Page 2. To enable or disable IGMP, select Enable or Disable from the IGMP Snooping Status list. 3. To set the age-out timer, type a number in the IGMP Snooping AgeOut Timer field. The range is 280 to 420 seconds and the default is 360 seconds.
AT-S81 Management Software User’s Guide Viewing the Multicast Group Members 1. From the Advanced Config menu, select IGMP Snooping. The IGMP Snooping page is shown in Figure 89 on page 296. 2. Click on the Mac address in the Multicast group address column that you want to view. The IGMP Snooping - Group Members page opens, as shown in Figure 90. Figure 90.
Chapter 27: IGMP 298 Section II: Web Browser Interface
Chapter 28 RSTP This chapter contains the following procedures for working with the Remote Spanning Tree Protocol (RSTP): “Basic RSTP Configuration” on page 301 “Configuring RSTP Port Settings” on page 303 “Viewing the RSTP Topology” on page 306 Note For background information on RSTP, refer to “RSTP Overview” on page 154.
Chapter 28: RSTP Enabling or Disabling RSTP and STP Compatibility To enable or disable RSTP globally for all ports, and set the STP compatibility, perform the following procedure: 1. From the Basic Config menu, select Rapid Spanning Tree > RSTP Config. The Rapid Spanning Tree Configuration page opens, as shown in Figure 91. Figure 91. Rapid Spanning Tree Configuration Page 2. From the Global RSTP Status list, choose one of the following: Enable - Enables RSTP. Disable - Disables RSTP. 3.
AT-S81 Management Software User’s Guide Basic RSTP Configuration To configure the RSTP settings, perform the following procedure: 1. From the Basic Config menu, select Rapid Spanning Tree > RSTP Config. The Rapid Spanning Tree Configuration page is shown in Figure 91 on page 300.
Chapter 28: RSTP Forward Delay The time interval between generating and sending configuration messages by the root bridge. The lower section provides information about the bridge and the following parameters refer to the switch. Bridge ID The MAC address of the bridge. The bridge identifier is use as a tie breaker in the selection of the root bridge when two or more bridges have the same bridge priority. You cannot change this setting.
AT-S81 Management Software User’s Guide Configuring RSTP Port Settings This section contains the following topics: Configuring the Basic RSTP Port Settings “Configuring the Basic RSTP Port Settings,” next “Configuring the Advanced RSTP Port Settings” on page 304 To configure the basic RSTP port settings, perform the following procedure: 1. From the Basic Config menu, select Rapid Spanning Tree > RSTP Basic Port Config. The RSTP Basic Port Configuration page opens, as shown in Figure 92.
Chapter 28: RSTP 6. To configure all of the ports to the same settings, in the All row, configure one, two, or all of the following settings: STP Status, Priority, and Path Cost. Click Apply. Configuring the Advanced RSTP Port Settings To configure the advanced RSTP port settings, perform the following procedure: 1. From the Basic Config menu, select Rapid Spanning Tree > RSTP Adv. Port Config. The RSTP Advanced Port Configuration page opens, as shown in Figure 93. Figure 93.
AT-S81 Management Software User’s Guide 5. Click Apply. 6. To configure all of the ports to the same settings, in the All row, configure one, two, or all of the following settings: Admin/OperEdge, Admin/OperPtoP, and Migration. Click Apply.
Chapter 28: RSTP Viewing the RSTP Topology To view the current RSTP topology, perform the following procedure: 1. From the Basic Config menu, select Rapid Spanning Tree > RSTP Topology. The Designated Topology Information page opens, as shown in Figure 94. Figure 94. Designated Topology Information Page This page displays the following information about the ports: Trunk The trunk of which the port is a member. Link Status Whether the link on the port is up or down.
Chapter 29 802.1x Network Access Control This chapter contains the procedure for configuring 802.1x network access control: “Configuring 802.1x Network Access Control” on page 308 Note For background information, refer to “802.1x Network Access Control Overview” on page 176.
Chapter 29: 802.1x Network Access Control Configuring 802.1x Network Access Control To configure 802.1x network access control, perform the following procedure: 1. From the Advanced Config menu, select 802.1x. The 802.1x Configuration page opens, as shown in Figure 95. Figure 95. 802.1x Configuration Page Note The Initialize and Re-auth Initialize parameters are described in Steps 5 and 6, respectively. 2. To select a port, do the following: a.
AT-S81 Management Software User’s Guide NAS ID This parameter assigns an 802.1x identifier to the switch that applies to all ports. The NAS ID can be up to sixteen characters. Valid characters are 0 to 9, a to z, and A to Z. Spaces are allowed. Specifying an NAS ID is optional. Port Status Displays the current 802.1 status of the port as either authorized or unauthorized. You cannot adjust this parameter. Port Control Sets the 802.1x port control setting. The possible settings are: Auto - Enables 802.
Chapter 29: 802.1x Network Access Control Maximum Request Sets the maximum number of times that the switch retransmits an EAP Request packet to the client before it times out the authentication session. The default value for this parameter is 2 retransmissions. The range is 1 to 10 retransmissions. Re-auth Period Specifies the time period between periodic reauthentication of the client. The default value is 3600 seconds. The range is 1 to 65,535 seconds.
Chapter 30 RADIUS Authentication Protocol This chapter explains how to configure the RADIUS client on the switch. You can use the RADIUS client with 802.1x network access control to control who can forward packets through the switch. The chapter contains the following section: “Configuring the RADIUS Client” on page 312 Note For background information, refer to “802.1x Network Access Control Overview” on page 176 and “RADIUS Overview” on page 190.
Chapter 30: RADIUS Authentication Protocol Configuring the RADIUS Client To configure the RADIUS client, perform the following procedure: 1. From the Basic Config menu, select User Interface > RADIUS Config. The RADIUS Configuration page opens, as shown in Figure 96. Figure 96. RADIUS Configuration Page 2. Enter the RADIUS server’s IP address in the Server IP Address field. 3. To specify the server’s encryption key, enter the encryption key in the Shared Secret field. 4.
Chapter 31 Broadcast Storm Control This chapter contains the procedure for configuring the broadcast storm control feature on the switch: “Configuring Broadcast Storm Control” on page 314 Note For background information on broadcast storm control, refer to “Broadcast Storm Control Overview” on page 196.
Chapter 31: Broadcast Storm Control Configuring Broadcast Storm Control To configure the broadcast storm control feature, perform the following procedure: 1. From the Basic Config menu, select Storm Control. The Broadcast Storm Control page opens, as shown in Figure 97. Figure 97. Broadcast Storm Control Page 2. From the Storm Control Status list, select Enable to activate the feature or Disable to deactivate it. The default setting is disabled. 3.
Chapter 32 MAC Address Tables This chapter contains the procedures for viewing the MAC address table and contains the following sections: Section II: Web Browser Interface “Displaying the MAC Address Tables” on page 316 “Setting the Aging Time” on page 321 315
Chapter 32: MAC Address Tables Displaying the MAC Address Tables To display the MAC address tables, perform the following procedure: 1. From the Basic Config. menu, select MAC Address Table > Sort by Port. The MAC Address by Port page opens, as shown Figure 98. Figure 98. MAC Address by Port Page 2. From the Port Number list, select the port and click Apply. The list of MAC addresses for that port is displayed, as shown in Figure 99 on page 317.
AT-S81 Management Software User’s Guide Figure 99. MAC Address Table by Port Page 3. To locate a specific MAC address, in the Search MAC Address field, enter the MAC address you want to search for and click Apply. If the MAC address exists in the MAC address table, a message is displayed stating the MAC address and its associated port number. If the MAC address does not exist, a “Not Found” message is displayed.
Chapter 32: MAC Address Tables Displaying the MAC Addresses by MAC To display the MAC addresses in alphanumeric order, perform the following procedure. 1. From the Basic Config. menu, select MAC Address Table > Sort by MAC. The MAC Address by MAC page opens, as shown in Figure 100. . Figure 100. MAC Address by MAC Page 2. To locate a specific MAC address, in the Search MAC Address field, enter the MAC address you want to search for and click Apply.
AT-S81 Management Software User’s Guide Displaying the MAC Addresses by VLAN ID To display the MAC addresses associated with a particular VLAN ID, perform the following procedure: 1. From the Basic Config. menu, select MAC Address Table > Sort by VLAN. The Sort by VLAN page is displayed, as shown in Figure 101, with information for the default VLAN, VLAN ID 1. Figure 101. MAC Addresses by VLAN Page 2. In the VLAN ID field, enter the VLAN ID for the VLAN you want to search and click Apply.
Chapter 32: MAC Address Tables Figure 102. MAC Addresses by VLAN Page 3. To locate a specific MAC address, in the Search MAC Address field, enter the MAC address you want to search for and click Apply. If the MAC address exists in the MAC address table, a message is displayed stating the MAC address and its associated port number. If the MAC address does not exist, a “Not Found” message is displayed.
AT-S81 Management Software User’s Guide Setting the Aging Time To set the aging time, perform the following procedure: 1. From the Basic Config. menu, select MAC Address Table and one of MAC address table display options. 2. On the MAC address display page, for the aging time, type a number and click Apply. The default is 300 seconds (5 minutes) and the range is 15 to 3000 seconds.
Chapter 32: MAC Address Tables 322 Section II: Web Browser Interface
Chapter 33 Working With System Files The procedures in this chapter include: “Downloading a New Management Software Image Using TFTP” on page 324 Note For information on how to obtain new releases of the AT-S81 management software, refer to “Contacting Allied Telesis” on page 15.
Chapter 33: Working With System Files Downloading a New Management Software Image Using TFTP Before downloading a new version of the AT-S81 management software onto the switch, note the following: The current configuration of a switch is retained when a new AT-S81 software image is installed. To return a switch to its default configuration values, refer to “Returning the AT-S81 Management Software to the Factory Default Values” on page 59. Your network must have a node with TFTP server software.
AT-S81 Management Software User’s Guide To download the AT-S81 image software onto the switch, perform the following procedure: 1. From the Tools menu, select Image Upgrade. The Image Upgrade page opens, as shown in Figure 103. Figure 103. Image Upgrade Page The Image/Version Date shows the current version and date of software installed on the switch. 2. In the Download Server IP field, enter The IP address of the TFTP server from which you are downloading the new software. 3.
Chapter 33: Working With System Files Uploading or Downloading the Configuration File The procedure in this section allows you to download a different configuration file onto the switch from a TFTP server, or upload the file to a TFTP server. To return a switch to its default configuration values, refer to “Returning the AT-S81 Management Software to the Factory Default Values” on page 244.
AT-S81 Management Software User’s Guide To download or upload a configuration file, perform the following procedure: 1. From the Tools menu, select Config. File Upload/Download. The Configuration File Upload/Download page opens, as shown in Figure 104. Figure 104. Configuration File Upload/Download Page 2. From the Download/Upload Config File list, choose Upload to upload a file to the TFTP server, or Download to download the configuration file from the TFTP server to the switch. 3.
Chapter 33: Working With System Files 328 Section II: Web Browser Interface
Section III Using the Command Line Interface The chapter in this section provides information for using the command line interface in the AT-S81 management software. Note The menus interface is described in Section I, “Using the Menus Interface” on page 17, and the web browser interface is described in Section II, “Using the Web Browser Interface” on page 215.
Section III: Using the Command Line Interface
Chapter 32 Getting Started with the Command Line Interface This chapter describes the command modes of the AT-S81 management software command line interface and how to access them.
Chapter 32: Getting Started with the Command Line Interface CLI Command Modes Introduction The Command Line interface in the AT-S81 software is accessible from the Main Menu. The commands offer the same functionality as the Menu interface. For instructions on how to access the command line interface, see “Starting the Command Line Interface” on page 342. This chapter describes the CLI command modes and how to access the command line interface. In addition, it provides command formatting information.
AT-S63 Management Software Menus Interface User’s Guide EXEC command mode, but you cannot enter this command from the VLAN Configuration mode. Command Formatting Conventions The following formatting conventions are used in this manual: screen text font - This font illustrates the format of a command and command examples. screen text font - Italicized screen text indicates a variable for you to enter. [ ] - Brackets indicate optional parameters.
Chapter 32: Getting Started with the Command Line Interface Table 11. Command Modes (Continued) Command Mode Interface Configuration VLAN Configuration Prompt Enter and Exit Commands Switch(config-if)# Switch(config-vlan)# User EXEC Command Mode From the Global Configuration mode, type: interface Ethernet1/port Enter the END or EXIT commands to return to the Global Configuration mode. Enter the LOGOUT command to quit the command mode and return to the Main Menu.
AT-S63 Management Software Menus Interface User’s Guide Privileged EXEC Command Mode The commands in the Privileged EXEC command mode permit you to perform system level commands such as rebooting the system, copying configuration files, and clearing statistics. To access this mode, you must first access the User EXEC command mode. The prompt changes to Switch# to indicate the Privileged EXEC mode. See Table 13 for a list of commands that can be access from the Privileged EXEC command mode. Table 13.
Chapter 32: Getting Started with the Command Line Interface Table 14. Global Configuration Command Mode Commands Command 336 Description BACKPRESSURE Sets the back pressure feature. CONSOLE Sets the console configuration. DOT1X Sets the 802.1x Port-based Network Access Control configuration. END Exits from the Global Configuration Command Mode to the Privileged EXEC Command Mode. EXIT Exits from the Global Configuration command mode to the Privileged EXEC command mode.
AT-S63 Management Software Menus Interface User’s Guide Table 14. Global Configuration Command Mode Commands (Continued) Command Description TELNETSERVER Sets the Telnet server. TRUNK Add ports to a trunk group. USERNAME Sets a system user name and password.
Chapter 32: Getting Started with the Command Line Interface Interface Configuration Command Mode The Interface Configuration command mode allows you to configure features that pertain to the ports on the system such as flow control, port mirroring, and duplex mode. To access this mode, you must first access the User EXEC, Privileged EXEC, and Global Configuration modes. From the Global Configuration mode, type: interface ethernet1/port You can specify a port or a range of ports.
AT-S63 Management Software Menus Interface User’s Guide Table 15. Interface Configuration Command Mode Commands Commands Description PING Pings a specified IP address to check connectivity to another system. PORT Sets port mirroring parameters. PVID Sets the PVID. SHUTDOWN Disables a port. SPANNINGTREE Sets the parameters for the STP feature. SPEEDDUPLEX Sets the speed and duplex mode for a port.
Chapter 32: Getting Started with the Command Line Interface VLAN Configuration Command Mode The VLAN Configuration command mode allows you to configure VLAN commands. To access this mode, you must first access the User EXEC, Privileged EXEC, and Global Configuration modes. From the Global Configuration command mode, type: interface vlanid The prompt changes to Switch(config-vlan)# to indicate the VLAN Configuration mode. Then enter VLAN commands.
AT-S63 Management Software Menus Interface User’s Guide VLAN Example To create a new VLAN with a VLAN ID of 2, access the Interface Configuration mode and specify the VLAN ID. Perform the following procedure. 1. From the User EXEC mode, enter: enable You now have access to the Privileged EXEC Configuration mode as indicated by the Switch(config)# prompt. 2.
Chapter 32: Getting Started with the Command Line Interface Starting the Command Line Interface To start the command line interface, perform the following procedure: 4. From the Main Menu (see Figure 105), type C to choose Command Line Interface.
AT-S63 Management Software Menus Interface User’s Guide Command Formatting The AT-S81 command line interface follows same formatting conventions for all of the command modes. There are command line interface features which apply to the general use of the command line and command syntax conventions which apply when entering the commands. See the following sections.
Chapter 32: Getting Started with the Command Line Interface Table 17. Command Line Syntax Conventions (Continued) 344 Subnet mask 255.255.240.
Appendix A AT-8000/POE Default Settings This appendix lists the AT-S81 factory default settings. It contains the following sections: “Basic Switch Default Settings” on page 346 “SNMP Default Settings” on page 348 “Port Configuration Default Settings” on page 349 “Quality of Service” on page 350 “IGMP Snooping Default Settings” on page 351 “RSTP Default Settings” on page 352 “802.
Appendix A: AT-8000/POE Default Settings Basic Switch Default Settings This section lists the default settings for basic switch parameters.
AT-S81 Management Software User’s Guide Note Login names and passwords are case sensitive. Ping Default Settings The following table lists the ping default settings. Setting System IP Configuration Default Settings System Administration Configuration Default Settings Default Target IP Address 0.0.0.0 Number of Requests 10 Timeout Value (sec.) 3 The following table lists the system IP configuration default settings. Setting Default IP Address 0.0.0.0 Subnet Mask 0.0.0.0 Gateway 0.0.0.
Appendix A: AT-8000/POE Default Settings SNMP Default Settings The following table describes the SNMP default settings.
AT-S81 Management Software User’s Guide Port Configuration Default Settings The following table lists the port configuration default settings.
Appendix A: AT-8000/POE Default Settings Quality of Service The following table lists the default mappings of IEEE 802.1p priority levels to egress port priority queues. IEEE 802.
AT-S81 Management Software User’s Guide IGMP Snooping Default Settings The following table lists the IGMP Snooping default settings.
Appendix A: AT-8000/POE Default Settings RSTP Default Settings The following table describes the RSTP default settings. Setting 352 Default Global RSTP Status Disabled Hello Time 2 Sec. Bridge Forwarding 15 Maximum Age 20 Sec. Forward Delay 15 Sec. Hello Time 2 Sec. Bridge Maximum Age 20 Sec. Bridge Forward Delay 15 Sec.
AT-S81 Management Software User’s Guide 802.1x Network Access Control Default Settings The following table describes the access control default settings per port.
Appendix A: AT-8000/POE Default Settings RADIUS Server Default Settings The following table lists the default settings for the RADIUS server. Settings 354 Default Server IP Address 0.0.0.
AT-S81 Management Software User’s Guide Broadcast Storm Control Default Settings The following table lists the default settings for broadcast storm control.
Appendix A: AT-8000/POE Default Settings 356 Section: Reference
Index Numerics 802.
Index L LACP group settings, viewing 94, 267 LACP port priority configuring 93, 266 described 84 LACP trunk creating 92, 265 described 84 disabling 95, 267 guidelines 85 Link Aggregation Control Protocol.
AT-S81 Management Software User’s Guide default setting for remote management 346 default settings 348 SNMP agent, enabling or disabling 74, 256 SNMP authentication traps, enabling 75 SNMP community string access mode 72 default 73, 76 default name 348 default, changing 257 name 72, 257 operating status 72 SNMP management, default setting 348 SNMP trap receiver adding 77, 258 deleting 79, 258 enabling or disabling 77, 258 modifying 78 restoring 258 SNTP, configuring 44, 234 software information 47, 235 sta
Index 360