Dell™ PowerConnect™ 28xx Systems User Guide w w w. d e l l . c o m | s u p p o r t . d e l l .
Notes, Notices, and Cautions NOTE: A NOTE indicates important information that helps you make better use of your computer. NOTICE: A NOTICE indicates either potential damage to hardware or loss of data and tells you how to avoid the problem. CAUTION: A CAUTION indicates a potential for property damage, personal injury, or death. ____________________ Information in this document is subject to change without notice. © 2012 Dell Inc. All rights reserved.
Contents 1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . System Description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . PowerConnect 2808 . . . . . . . . PowerConnect 2816 . . . . . . . . PowerConnect 2824 . . . . . . . . PowerConnect 2848 . . . . . . . . Summary of PowerConnect Models Features . 9 . . . . . . . . . . . . . . . . . . . 9 9 10 10 11 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 . . . . . . . . . . . . . . .
Power Connectors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Internal Power Supply Connector 3 . . . . . . . . . . . . . . . . . . . . Installing the PowerConnect Device Installation Precautions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28 Mounting the Device . . . . . . . . . . . . . . . . . . . . . . . . . . 28 28 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29 . . . . . .
Initial Configuration Through the Web . . . . . . . . . . . . . . . . . . . . Basic Configuration . . . . . . . . . . . . . . Retrieving an IP Address From a DHCP Server Startup Menu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50 Software Download . . . . . . . . . . . . Erase FLASH File . . . . . . . . . . . . . Erasing the Device Configuration . . . . . Password Recovery . . . . . . . . . . . . Software Download Through TFTP Server 5 . . . . . . . .
Defining SNMP Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . Defining SNMP Global Parameters . . . Defining Communities . . . . . . . . . . Defining SNMP Notification Recipients . Managing Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79 . . . . . . . . . . . . . . . . Downloading Files . . . . . Uploading Files . . . . . . Restoring Default Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Configuring VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . Defining VLAN Members . . . VLAN Port Membership Table Defining VLAN Ports Settings . Defining VLAN LAG Settings . Aggregating Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131 Defining LAG Membership Multicast Forwarding Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132 . . . . .
Using the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Command Mode Overview . User EXEC Mode . . . . . . Privileged EXEC Mode . . . Global Configuration Mode . Interface Configuration Mode CLI Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Command: copy . . . . . . . . . . . . .
1 Introduction This User’s Guide contains the information needed for installing, configuring and maintaining the PowerConnect 2808, PowerConnect 2816, PowerConnect 2824, and PowerConnect 2848 Webmanaged Gigabit Ethernet switches. The PowerConnect 28xx switches can be used to connect workstations and other network devices, such as: • Servers • Hubs • Routers The PowerConnect devices are primarily designated for the Small Office/Home Office (SOHO) that require high performance edge connectivity.
Figure 1-2. PowerConnect 2816 Front Panel The PowerConnect 2816 supports the following ports: • 16 Gigabit Ethernet copper ports PowerConnect 2824 The following figure illustrates the PowerConnect 2824 front panel. Figure 1-3. PowerConnect 2824 Front Panel The PowerConnect 2824 supports the following ports: • 24 Gigabit Ethernet copper ports • 2 SFP combo ports (1000BASE-SX or 1000BASE-LX) PowerConnect 2848 The following figure illustrates the PowerConnect 2848 front panel. Figure 1-4.
Summary of PowerConnect Models The following table summarizes the PowerConnect models. Table 1-1.
Auto Negotiation Auto negotiation allows an Ethernet switch to advertise modes of operation. The auto negotiation function provides the means to exchange information between two Ethernet switches that share a pointto-point link segment, and to automatically configure both Ethernet switches to take maximum advantage of their transmission capabilities. Port advertisement allows the system administrator to configure the port speeds advertised.
MAC Address Supported Features MAC Address Capacity Support The PowerConnect 2808, 2816, 2824 switches support a total of 8K MAC addresses, and the PowerConnect 2848 supports a total of 16K MAC addresses. Auto-Learning MAC Addresses The switch enables MAC address auto-learning from incoming packets. The MAC addresses are stored in the Bridging Table. Automatic Aging for MAC Addresses MAC addresses from which no traffic is received for a given period of time are aged out.
• Short-Reach — Reduction of power over Ethernet cables shorter than 40m. IGMP Snooping Internet Group Membership Protocol (IGMP) Snooping examines IGMP frame contents, when they are forwarded by the device from work stations to an upstream Multicast router. From the frame, the device identifies work stations configured for Multicast sessions, and which Multicast routers are sending Multicast frames.
• Higher bandwidth connections • Improved bandwidth granularity • High bandwidth server connectivity A LAG is composed of ports with the same speed set to full-duplex operation. DHCP Server Dynamic Host Configuration Protocol is a method of managing network parameter assignment from a single DHCP server. The Dynamic Host Configuration Protocol (DHCP) automates the assignment of IP addresses, subnet masks, default gateway, and other IP parameters.
Class of Service (CoS) Features The PowerConnect 28xx system enables users to define various services for traffic classes of service. The underlying mechanism for supporting bandwidth management and control is based on the use of multiple priority queues for classifying traffic. The switches support four queues per port. A CoS is defined by the user, whereby packets are related to the same Class of Service. After a packet has been classified, it is assigned to one of the queues.
2 Hardware Description Switch Port Configurations PowerConnect 28xx Front and Back Panel Port Description The Dell™ PowerConnect™ 28xx switches use 10/100/1000BASE-T ports on the front panel for connecting to a network. The Gigabit Ethernet ports can operate at 10, 100 or 1000 Mbps. These ports support autonegotiation, duplex mode (Half or Full duplex), and flow control. The combo 1000 Mbps optical ports can only operate at 1000 Mbps, full-duplex mode.
Figure 2-2. PowerConnect 2808 Back Panel Figure 2-3. PowerConnect 2816 Front Panel On the front panel there are 16 ports which are numbered 1 to 16, top down and left to right. On each port there are LEDs to indicate the port status. On the left side of the front panel is the Managed Mode LED which indicates the Ethernet switch operational status and the management mode. The Power LED on the front panel indicates whether the device is powered on or not.
Figure 2-5. PowerConnect 2824 Front Panel On the front panel there are 24 ports which are numbered 1 to 24, top down and left to right. On each port there are LEDs to indicate the port status. There are two SFP (Small Form-Factor Plugable) ports, designated as ports 23 and 24, for fiber connection.
Figure 2-6. PowerConnect 2824 Back Panel Figure 2-7. PowerConnect 2848 Front Panel On the front panel there are 48 ports, which are numbered 1 to 48, top down and left to right. On each port, there are LEDs to indicate the port status. There are four SFP (Small Form-Factor Plugable) ports, designated as ports 45, 46, 47 and 48, for fiber connection. The four combo ports are logical ports with two physical connections: • An RJ-45 connection for Twisted Pair (TP) copper cabling.
button, located on the right side on the front panel is used to transition between management modes and to reset the device. For more information about management modes and transitioning between them, see "Management Modes" on page 49. Fans are provided on the side panel. The back panel contains an AC Power Supply Interface. The following figure illustrates the back panel of the PowerConnect 2848 device. Figure 2-8.
Power LED On the PowerConnect 28xx front panel there is a Power LED. The following table describes the Power Supply status LED indications. Table 2-1. Power LED Indications LED Color Description Green Solid The switch is turned on. Off The switch is not turned on. Managed Mode LED On the PowerConnect 28xx front panel there is a Managed Mode LED monitoring the switch node as well as indicating diagnostic test results. The following table describes the Managed Mode LED indications.
Figure 2-9. RJ-45 Copper-based 10/100/1000BASE-T LEDs The RJ-45 LED indications are described in the following table: Table 2-4. RJ-45 Copper based 10/100/ 1000BASE-T LED Indications LED Color Description Left LED Green Solid The port is linked at 1000 Mbps. Green Flashing The port is transmitting or receiving data at 1000 Mbps. Amber Solid The port is linked at either 10 or 100 Mbps. Amber Flashing The port is transmitting or receiving data at 10 or 100 Mbps. Off No link is established.
Cables, Port Connections, and Pinout Information This section explains the switch physical interfaces, and provides information about cables and port connections. Copper cable diagnostics are supported. High-speed workstations, hubs, routers, or other switches are connected through standard RJ-45 connectors to the switch physical interface ports, located on the front panel. For each device, the supported mode is set to Half Duplex, Full Duplex, and Auto.
Table 2-7. RJ-45 Pin Number Allocation for 10/100/ 1000BASE-T Ethernet Port Pin No Function 6 TxRx 3- 7 TxRx 4+ 8 TxRx 4- SFP Ports The PowerConnect 2824 switch supports two SFP transceivers combo ports, and the PowerConnect 2848 switch supports four SFP transceivers combo ports for various fiber-based modules (1000BASE-SX or 1000BASE-LX). Only one of the two physical connections of a combo port can be used at any time.
Table 2-8. SFP Pin Connections Pin No Use 15 Receiver power supply 16 Transmitter power supply 17 Transmitter ground (common with receiver ground) 18 Transmitter non-inverted data in 19 Transmitter inverted data in 20 Transmitter ground (common with receiver ground) Power Connectors The PowerConnect 28xx is powered by using the AC internal power supply. Internal Power Supply Connector The PowerConnect 28xx supports a single internal power supply to provide power for switching operations.
3 Installing the PowerConnect Device This section contains information about device unpacking, location, installation, and cable connections. Installation Precautions CAUTION Before performing any of the following procedures, read and follow the safety instructions located in the System Information Guide included in the Dell Documentation.
Site Requirements The PowerConnect 28xx can be mounted in a standard equipment rack, placed on a tabletop, or mounted on the wall. Before installing the device, verify that the site selected for the device meets the following site requirements: • Power — The device is installed within 1.5 m (5 feet) of a grounded, easily accessible outlet 220/110 VAC, 50/60 Hz. If the device has two power supplies, the site should have two power outlets with different power feeders.
5 Inspect the product for damage. Report any damage immediately. Mounting the Device Overview There are three device mounting options: • Installing in a Rack • Installing on a Flat Surface • Installing on a Wall Device Rack Installation CAUTION Read the safety information in the Product Information Guide as well as the safety information for other devices that connect to or support the switch. CAUTION Disconnect all cables from the device before mounting the device in a rack or cabinet.
Figure 3-1. Bracket Installation for Rack Mounting 2 Insert the supplied screws into the rack mounting holes and tighten with a screwdriver. 3 Repeat the process for the rack-mounting bracket on the other side of the device. 4 Insert the device into the rack, ensuring the rack-mounting holes on the device line up to the mounting hole on the rack. 5 Secure the device to the rack with the rack screws (not provided). Fasten the lower pair of screws before the upper pair of screws.
Installing on a Wall To mount the device on a wall: 1 Ensure that the mounting location meets the following requirements: • The surface of the wall must be capable of supporting the device. • Allow at least 2 inches (5.1 cm) space on the sides for proper ventilation and 5 inches (12.7 cm) at the back for power cable clearance. • The location must not be exposed to direct sunlight.
6 On the wall mark the locations where the screws to hold the device must be prepared. 7 On the marked locations, drill the holes and place all plugs (not provided) in the holes. 8 Secure the device to the wall with screws (not provided). Ensure that the ventilation holes are not obstructed. Figure 3-3.
Connecting the Device To configure the device, the device must be connected to a terminal. Connecting the Device to the Network To connect to an uplink port, use Category 5 Unshielded Twisted-Pair (UTP) cables with RJ-45 connectors at both ends. The RJ-45 ports on the Ethernet device support automatic Media-Dependent Interface/Media-Dependent Interface with internal crossover wiring (MDI/MDIX) operation under Auto-Negotiation mode.
b Set the data rate to 9600 baud. c Set the data format to 8 data bits, 1 stop bit, and no parity. d Set flow control to none. e Under Properties, select VT100 for Emulation mode. f Select Terminal keys for Function, Arrow, and Ctrl keys. Ensure that the setting is for Terminal keys (not Windows keys). NOTE: When using HyperTerminal with Microsoft® Windows 2000, Windows XP, or Windows Vista, ensure that you have the latest service packs installed.
Figure 3-4. Connecting to Power Supply 3 After connecting the device to a power source, confirm that the device is connected and operating correctly by examining the LEDs on the front panel. Port Connections, Cables, and Pinout Information This section explains the device’s physical interfaces, and provides information about port connections. Connector types, ports and cables are summarized in Ports, Connectors, and Cables. Copper Cable and Optical Transceiver Diagnostics are supported.
Table 3-1. Ports, Connectors and Cables Connector Port/Interface RJ-45 10/100/1000BaseT Port Cable Cat.5 The RJ-45pin number allocation for the 10/100/1000BaseT ports is listed in the table following. Table 3-2.
Port Default Settings The general information for configuring the device ports includes the short description of the autonegotiation mechanism and the default settings for switching ports. Auto-Negotiation Auto-negotiation enables automatic detection of speed, duplex mode and flow control on switching 10/100/1000BaseT ports. Auto-negotiation is enabled per port by default.
Switching Port Default Settings The following table gives the port default settings. Table 3-3.
Starting and Configuring the Device 4 43+ After completing all external connections, the device must be configured. This section describes various methods of configuring the device. NOTE: The PowerConnect 2808 has an internal serial port. NOTE: Before proceeding, read the release notes for this product. The release notes can be downloaded from http://support.dell.com. It is recommended that you obtain the most recent revision of the user documentation from the Dell support website at http://support.dell.
Figure 4-1.
– The current running configuration is automatically saved to local storage. If the system is switched to unmanaged mode via the Managed Mode button, the system does not load the saved configuration, but it is still maintained in the device’s local storage. – From Managed mode, you can move to Unmanaged mode by pressing the Mode button on the device, or you can move to Secure mode using the web interface (see "Entering Secure Mode" on page 62).
Transitioning Between Modes Figure 4-5 shows the transition between Managed, Secure and Unmanaged operating modes: Figure 4-2. Transitioning Between Management Modes D evice is in M anagem ent M ode U ser presses M anaged M ode button for less than 7 seconds. D evice reboots in Unm anaged m ode and switch operates as a true unm anaged switch (M anaged M ode LED is O FF). U ser presses M anaged M ode button. Device reboots in M anaged m ode.
• Power cycle returns the switch to the same state that existed prior to the power cycle, and configuration is preserved. • The user can only save or restore configurations while in Managed mode. There is no management interface available in Secure or Unmanaged mode to enable the user to modify, save or restore configurations. • Since the device can only enter Secure mode via an option from the web interface, it can only transition into Secure mode from Managed mode.
– Use Saved IP/User Name/Password — When restoring local configuration, this option uses the IP address, user name and password that were automatically saved when you exited Managed mode. When restoring a saved configuration, this option uses the IP address, user name and password inside the saved configuration. – Use Current IP/User Name/Password — When restoring local configuration, this option uses the system default IP address, user name and password.
• The PowerConnect device booted successfully. • The console connection is established and the console prompt is displayed on the screen of a VT100 terminal device. (Press the key several times to verify that the prompt displays correctly.) The system prompts you to use the Set-up wizard when the device boots up for the first time or if the configuration file is empty.
Wizard Step 1 The following information displays: The system is not setup for SNMP management by default. To manage the switch using SNMP (required for Dell Network Manager) you can: *Setup the initial SNMP Version 2 account now *Return later and setup additional SNMP v1/v2 accounts For more information on setting up SNMP accounts, please see the user documentation. Would you like to setup the SNMP management interface now? (Y/N)[Y] Y Enter [N] to skip to Step 2. Enter [Y] to continue the Set-up wizard.
Enter the user name<1-20>:[admin] Please enter the user password:***** Please reenter the user password:***** Wizard Step 3 The following information displays: Next, an IP address is set up. The IP address is defined on the default VLAN,(VLAN #2). This is the IP address you use to access the Telnet, Web interface, or SNMP interface for the switch. To setup an IP address: Please enter the IP address of the device (A.B.C.D):10.6.22.100 Please enter the IP subnet mask (A.B.C.D or nn):[255.255.255.
Wizard Step 4 The following information displays: Finally, setup the default gateway. Please enter the IP address of the gateway from which this network is reachable(e.g. 192.168.1.1).Default gateway (A.B.C.D):[10.6.22.97] Enter the default gateway. Press Enter. The following is displayed (as per the example parameters described): This is the configuration information that has been collected: ============================================================== SNMP Interface = Dell_Network_Manager@0.0.0.
1 Connect the switch to a PC via Ethernet, and set a static IP address of 192.168.2.x 255.255.255.0 (where x is between 2 and 254) on the PC. 2 Connect to the switch using IP address 192.168.2.1 in your web browser. The login is: username = admin with no password. 3 After connecting to the device, use the IP Interface Parameters page to define the required IP address (static or DHCP) for the device and its default gateway.
Startup Menu The procedures called from the Startup menu cover software download, flash handling and password recovery. The diagnostics procedures are for use by technical support personnel only and are not disclosed in the document. The Startup menu can be entered when booting the device, user input must be entered immediately after the POST test. To enter the Startup menu: 1 Turn the power on and watch for the auto-boot message.
[4] Enter Diagnostic Mode [5] Set Terminal Baud-Rate [6] Back Enter your choice or press 'ESC' to exit The following sections describe the available Startup menu options. NOTE: When selecting an option form the Startup menu, time out must be taken into account: if no selection is made within 35 seconds (default), the device times out. This default value can be changed through CLI.
3 Enter config as the name of the flash file. The configuration is erased and the device reboots. 4 Repeat the device initial configuration. Password Recovery If a password is lost, the Password Recovery procedure can be called from the Startup menu. The procedure enables entry to the device once without a password. To recover a lost password for the local terminal only: 1 From the Startup menu, type 3 and press . The password is deleted.
4 Enter the reload command. The following message is displayed: console# reload This command will reset the whole system and disconnect your current session. Do you want to continue (y/n) [n]? 5 Enter y. The device reboots. Boot Image Download Loading a new boot image from the TFTP server and programming it into the flash updates the boot image. The boot image is loaded when the device is powered on. A user has no control over the boot image copies.
5 Using Dell OpenManage Switch Administrator This section provides an introduction to the user interface. Understanding the Interface The home page contains the following views: • Tree View — Located on the left side of the home page, the tree view provides an expandable view of the features and their components. • Device View — Located on the right side of the home page, the device view provides an information or table area, and configuration instructions. Figure 5-1.
Table 5-1. Interface Components Component Name 1 The tree view contains a list of the different device features. The branches in the tree view can be expanded to view all the components under a specific feature, or retracted to hide the feature's components. By dragging the vertical bar to the right, the tree area can be expanded to display the full name of a component. 2 The information buttons provide access to information about the device and access to Dell Support.
Device Management Buttons Device Management buttons provide an easy method of configuring device information, and includes the following: Table 5-3. Device Management Buttons Button Description Apply Changes Applies changes to the device. Add Adds information to tables or dialogs. Telnet Starts a Telnet session. Query Queries tables. Show All Displays the device tables. Left arrow/Right arrow Moves information between lists. Refresh Refreshes device information.
• Management — This is a read-write mode where you can see and edit all pages of the interface. • Monitor — This is a read-only mode where you can see a subset of the interface pages, but you cannot edit them. For more information about setting the access level, see ("Defining the Local User Databases" on page 68).
6 Configuring System Information This section provides information for defining system parameters including security features, downloading device software, and resetting the device. To open the System page, click System in the tree view. Figure 6-1. System Defining General Device Information The General page contains links to pages for configuring device parameters.
Figure 6-2. Asset • System Name (0- Characters) — Defines the user-defined device name. • System Contact (0- Characters) — Specifies the name of the contact person. • System Location (0- Characters) — Specifies the location where the system is currently running. • MAC Address — Specifies the device MAC address. • Sys Object ID — Specifies the vendor's authoritative identification of the network management subsystem contained in the entity.
3 Click Apply Changes. The system parameters are defined, and the device is updated. Initiating a Telnet Session: 1 Open the Asset page. 2 Click Telnet. A Telnet session is initiated. Viewing the Versions Page The Versions page contains information about the hardware and software versions currently running. To open the Versions page, click System General Versions in the tree view. Figure 6-3. Versions 60 • Software Version — The current software version running on the device.
Resetting the Device The Reset page enables the device to be reset from a remote location. For more information about saved Configuration files, see "Managing Files" on page 79. To open the Reset page, click System General Reset in the tree view. Figure 6-4. Reset Resetting the Device 1 Open the Reset page 2 Click reset. A confirmation message displays. 3 Click OK. The device is reset. After the device is reset, a prompt for a user name and password displays.
Entering Secure Mode The Secure Mode page allows you to put the device in the Secure management mode. Once enabled, it prevents users from making any further configuration changes to the switch. This is done by removing the IP address of the switch so that it becomes inaccessible. In Secure Mode the switch retains configuration through power cycles just like in Managed Mode. To use Secure Mode, configure the device in Managed Mode, and then switch to Secure Mode via the web interface.
Defining Device IP Addresses The IP Addressing page contains a link to the IP Interface Parameters page that is used to assign the device IP address, subnet mask and default gateway, and for enabling or disabling DHCP. To open the IP Addressing page, click System IP Addressing in the tree view. Defining IP Interface Parameters To open the IP Interface Parameters page, click System IP Addressing IP Interface Parameters in the tree view. Figure 6-6.
Running Cable Diagnostics The Diagnostics section contains links to pages for performing virtual cable tests on copper cables and optical transceivers. To open the Diagnostics page, click System Diagnostics in the tree view. • Viewing Optical Transceiver Diagnostics (Applicable only for 24, 48 port devices) Viewing Copper Cable Diagnostics The Integrated Cable Test for Copper Cables page contains fields for performing tests on copper cables.
• Cable Fault Distance — The distance from the port where the cable error occurred. • Last Update — The last time the port was tested. • Approximate Cable Length — The approximate cable length. This test can only be performed when the port is up and operating at 1 Gbps. Performing a Cable Test 1 Ensure that both ends of the copper cable are connected to a device. 2 Open the Integrated Cable Test page. 3 Click Test Now.
Figure 6-8. Optical Transceiver Diagnostics The Optical Transceiver Diagnostics page contains the following fields: • Port — The port to which the fiber cable is connected. • Temperature — The temperature (in Celsius) at which the cable is operating. • Voltage — The voltage at which the cable is operating. • Current — The current at which the cable is operating. • Output Power — The rate at which the output power is transmitted. • Input Power — The rate at which the input power is transmitted.
• Port — The port to which the fiber cable is connected. • Temperature — Internally measured transceiver temperature. • Voltage — Internally measured supply voltage. • Current — Measured TX bias current. • Output Power — Measured TX output power in milliwatts. • Input Power — Measured RX received power in milliwatts. • TXTransmitter Fault — Transmitter fault. Finisair transceivers do not support the transmitter fault diagnostic testing. • LOSLoss of Signal — Loss of signal.
Managing Device Security The Management Security page provides access to security pages that contain fields for setting security parameters for user database, password and RADIUS security. To open the Management Security page, click SystemManagement Security in the tree view. Defining the Local User Databases The Local User Database page contains fields for defining users, passwords and access levels.
4 Click Apply Changes. The user access rights and passwords are defined, and the device is updated. Defining a New User: 1 Open the Local User Database page. 2 Click Add. The Add User page opens: Figure 6-10. Add a User 3 Define the fields. 4 Click Apply Changes. The new user is defined, and the device is updated. Displaying the Local User Table: 1 Open the Local User Database page. 2 Click Show All. The Local User Table opens: Figure 6-11.
Deleting Users: 1 Open the Local User Database page. 2 Click Show All. The Local User Table opens. 3 Select a User Name. 4 Select the Remove check box. 5 Click Apply Changes. The selected user is deleted and the device is updated. Configuring RADIUS Global Parameters Remote Authorization Dial-In User Service (RADIUS) servers provide additional security for networks. To open the RADIUS Settings page, click System Management Security RADIUS in the tree view. Figure 6-12.
• Authentication Port — Identifies the authentication port. The authentication port is used to verify the RADIUS server authentication. • Number of Retries (1-10) — Specifies the number of transmitted requests sent to RADIUS server before a failure occurs. The possible field values are 1 - 10. Three is the default value.
Figure 6-13. Add RADIUS Server Page 3 Define the fields. 4 Click Apply Changes. The new RADIUS server is added, and the device is updated. Displaying the RADIUS Server List: 1 Open the RADIUS Settings page. 2 Click Show All. The Show all RADIUS Servers page opens: Figure 6-14. Show all RADIUS Servers Modifying the RADIUS Server Settings: 1 Open the RADIUS Settings page. 2 Click Show All. The RADIUS Servers List page opens.
3 Modify the relevant fields. 4 Click Apply Changes. The RADIUS Server settings are modified, and the device is updated. Deleting a RADIUS Server for the RADIUS Servers List: 1 Open the RADIUS Settings page. 2 Click Show All. The RADIUS Servers List page opens. 3 Select a RADIUS Server in the RADIUS Servers List. 4 Select the Remove check box. 5 Click Apply Changes. The RADIUS server is removed from the RADIUS Servers List.
Defining SNMP Global Parameters The SNMP Global Parameters page permits enabling both SNMP and Authentication notifications.To open the SNMP Global Parameters page, click System SNMP Global Parameters in the tree view. Figure 6-15. Global Parameters • SNMP Notifications — Enables or disables the sending SNMP notifications. • Authentication Notifications — Enables or disables the sending SNMP traps when authentication fails. Enabling SNMP Notifications 1 Open the SNMP Global Parameters page.
Defining Communities Access rights are managed by defining communities in the Community Table. When the community names are changed, access rights are also changed.To open the SNMP Community page, click System SNMP Community in the tree view. Figure 6-16. SNMP Community • SNMP Management Station — A list of management station IP addresses. • Community String — Functions as a password and used to authenticate the selected management station to the device.
Figure 6-17. Add SNMP Community 3 Select one of the following: – SNMP Management Station — Defines an SNMP community for a specific management station. – All — Defines an SNMP community for all management stations. 4 Define the remaining fields. 5 Click Apply Changes. The new community is saved, and the device is updated. Displaying all Communities 1 Open the SNMP Community page. 2 Click Show All. The Community Table opens: Figure 6-18.
3 Select a community from the Community Table. 4 Select the Remove check box. 5 Click Apply Changes. The selected community entry is deleted, and the device is updated. Defining SNMP Notification Recipients The Notification Recipients page contains information for defining filters that determine whether traps are sent to specific users, and the trap type sent.
Adding a new Trap Recipients 1 Open Notification Recipients page. 2 Click Add. The Add Notification Recipients page opens: 3 Define the relevant fields. 4 Click Apply Changes. The notification recipient is added, and the device is updated. Displaying Notification Recipients Tables 1 Open Notification Recipients page. 2 Click Show All. The Notification Recipients Tables page opens: Figure 6-20. Notification Recipients Tables Deleting Notification Recipients 1 Open Notification Recipients page.
4 Check the Remove checkbox. 5 Click Apply Changes. The recipient is deleted, and the device is updated. Managing Files The File Management section contains fields for managing device software, the Image Files, and the Configuration Files. Files can be downloaded from a TFTP server.
Figure 6-21. File Download From Server • Firmware Download — The Firmware file is downloaded. If Firmware Download is selected, the Configuration Download fields are grayed out. • Configuration Download — The Configuration file is downloaded. If Configuration Download is selected, the Firmware Download fields are grayed out. • Download via TFTP — Enables initiating an image download via the TFTP server. • Download via HTTP — Enables initiating an image download via the HTTP server.
Configuration Download • Server IP Address — The Server IP Address from which the configuration files are downloaded. • Source File Name — Indicates the configuration files to be downloaded. During the image file download, a dialog box opens which displays the download progress. Downloading Files 1 Open the File Download From Server page. 2 Define the fields. 3 Click Apply Changes. The software is downloaded to the device.
The File Upload to Server page contains the following fields: • Upload via TFTP — Enables initiating upload via the TFTP server. • Upload via HTTP — Enables initiating upload via the FTP server. • Server IP Address — The Server IP Address to which the file is uploaded. • Destination File Name (1-64 Characters) — Indicates the file path to which the file is uploaded. Uploading Files 1 Open the File Upload to Server page. 2 Define the fields. 3 Click Apply Changes.
Defining DHCP Server Settings The DHCP server is used mainly for centralized control over assignment of IP addresses to attached hosts. A switch can operate as either a DHCP client (obtaining its own IP from a DHCP server) as a DHCP server. The DHCP server uses a fined pool of IP addresses (user-defined) from which it allocates IP addresses to DHCP clients.
Figure 6-24. DHCP Server Properties • • • DHCP Server Status — Indicates if the DHCP server is enabled. The possible field values are: – Enable — Enables the DHCP server. – Disable — Disables the DHCP server. This is the default value. DHCP Ping — Indicates if the DHCP server is set to ping the offered IP address before responding to a client request, to ensure that the address is not in use. The possible field values are: – Enable — Enables ping on the DHCP server.
5 Define the amount of time (in milliseconds) the DHCP server waits for a ping reply in the DHCP Ping Timeout field, or click Use Default to select the default timeout of 500 milliseconds. 6 Click Apply Changes. The server is enabled. Defining Network Pool The Network Pool page displays the DHCP Server's created pool name. The pool name, which is typically assigned to a network segment, consists of an IP address range from which the DHCP Server allocates IP addresses to DHCP clients.
– Days — Specifies the duration of the lease in number of days. The range is 0 to 49710 days. – Hours — Specifies the number of hours in the lease. A days value must be supplied before an hours value can be added. The range is 0 to 23 hours. – Minutes — Specifies the number of minutes in the lease. A days value and an hours value must be added before a minutes value can be added. The range is 0 to 59 minutes. – Infinite — Specifies that the duration of the lease is unlimited.
The Excluded Addresses page lists the excluded addresses. To open the Excluded Addresses page, click System DHCP Server Excluded Addresses in the tree view. Figure 6-26. Excluded Addresses • Start IP Address — Displays the first IP address in the range of excluded IP addresses. • End IP Address — Displays the last IP address in the range of excluded IP addresses. Adding an Excluded Address 1 Open the Excluded Addresses page. 2 Click Add. The Add Excluded page opens: Figure 6-27.
2 Check the Remove checkbox next to an address. 3 Click Apply Changes. The address is deleted, and the device is updated. Manually Allocating IP Addresses (Static Hosts) The Static Hosts page is used to manually allocate IP addresses to network hosts. To open the Static Hosts page, click System DHCP Server Static Hosts in the tree view. Figure 6-28. Static Hosts 88 • Host Name — Indicates the host pool name, which can be a string of symbols and an integer (for example, piy4).
• Domain Name Server — Specifies the DNS server available to the DHCP client. • Domain Name— Specifies • NetBIOS WINS Server — Specifies the NetBIOS WINS server available to a Microsoft DHCP static host. • NetBIOS Node Type — Informs the workstation how to resolve the NetBIOS name. Valid node types are: – Broadcast — IP broadcast messages are used to register and resolve NetBIOS names to IP addresses.
Figure 6-29. Add Static Host 3 Define the relevant fields. 4 Click Apply Changes. The static host is added, and the device is updated. Displaying Static Hosts Tables 1 Open the Static Hosts page. 2 Click Show All. The Static Hosts Table page opens: Figure 6-30.
Deleting Static Hosts 1 Open the Static Hosts page. 2 Click Show All. The Static Hosts Table page opens. 3 Check the Remove checkbox next to a static host. 4 Click Apply Changes. The host is deleted, and the device is updated. Address Binding The Address Binding page displays a list of the DHCP server’s allocated IP addresses and each IP address’s client identifier, lease expiration time, and allocation type. Open the Address Binding page, click System DHCP Server Address Binding in the tree view.
Defining Advanced Settings The Advanced Settings page contains information for configuring general settings. Use Advanced Settings to set miscellaneous global attributes for the device. The changes to these attributes are applied only after the device is reset. To open the Advanced Settings page, click System Advanced Settings in the tree view. Configuring General Device Parameters The General Settings page provides information for defining general device parameters.
7 Configuring Device Switching This section provides all system operation and general information for configuring network security, ports, Address tables, GARP, VLANs, Spanning Tree, Port Aggregation, and Multicast Support. Configuring Network Security The device enables network security through both Access Control Lists and Locked Ports. Port Based Authentication (802.1x) Port based authentication enables authenticating system users on a per-port basis via a external server.
Advanced Port Based Authentication is implemented in the following modes: • Single Host Mode — Enables only the authorized host for single-session access to the port. • Multiple Host Mode — Enables multiple hosts to be attached to a single port, for single-session access. Only one host must be authorized for all hosts to access the network. If the host authentication fails or an EAPOL-logoff message is received, all attached clients are denied network access.
• – None — No authentication method is used to authenticate the port. – RADIUS — Port authentication is performed using the RADIUS server. – RADIUS, None — Port authentication is performed first using the RADIUS server. If the port is not authenticated, then no authentication method is used, and the session is permitted. Guest VLAN — Specifies whether the Guest VLAN is enabled on the device. The possible field values are: – Enable — Enables using a Guest VLAN for unauthorized ports.
Figure 7-2. Port Based Authentication Table Termination Cause — The reason for which the port authentication was terminated. Copy To Checkbox — Copies port parameters from one port to the selected ports. Select All — Selects all ports in the Port Based Authentication Table. Copying Parameters in the Port Based Authentication Table 1 Open the Port Based Authentication page. 2 Click Show All. The Port Based Authentication Table opens. 3 Select the interface in the Copy Parameters from field.
Configuring Advanced Port Based Authentication The Multiple Hosts page provides information for defining advanced port based authentication settings for specific ports. To open the Multiple Hosts, click Switch Network Security Multiple Hosts. Figure 7-3. Multiple Hosts • Port — The port number for which Advanced Port Based Authentication is enabled. • Host Authentication — Defines the host authentication type.
• Trap Frequency (1-1000000) (Sec) — Defines the time period by which traps are sent to the host. The Trap Frequency (1-1000000) field can be defined only if the Multiple Hosts field is defined as Disable. The default is 10 seconds. • Status — The host status. The possible field values are: • – Unauthorized — Clients (supplicants) have full port access. – Authorized — Cents (supplicants) have limited port access.
Authenticating Users The Authenticated Users page displays user port access lists. To open the Authenticated Users page, click Switch Network Security Authenticated Users. Figure 7-5. Authenticated Users • User Name — List of users authorized via the RADIUS Server. • Port — The port number(s) used for authentication - per user name. • Session Time — The amount of time the user was logged on to the device.
Figure 7-6.
Configuring Ports The Ports page contains links to port functionality pages including advanced features, such as Green Ethernet, Storm Control and Port Mirroring. To open the Ports page, click Switch Ports. Defining Port Parameters The Port Configuration page contains fields for defining port parameters. To open the Port Configuration page, click Switch Ports Port Configuration in the tree view. Figure 7-7. Port Configuration • Port — The port number for which port parameters are defined.
– Active — The port is currently active and is currently receiving and transmitting traffic. – Disable — The port is currently disabled, and is not currently receiving or transmitting traffic. • Admin Speed — The configured rate for the port. The port type determines what speed setting options are available. Admin speed can only be designated when auto negotiation is disabled on the configured port. • Current Port Speed — The actual currently configured port speed (bps).
• LAG — Specifies if the port is part of a LAG. Defining Port Parameters 1 Open the Port Configuration page. 2 Select a port in the Port Field. 3 Define the remaining fields. 4 Click Apply Changes. The port parameters are saved to the device. Modifying Port Parameters 1 Open the Port Configuration page. 2 Select a port in the Port Field. 3 Modify the remaining fields. 4 Click Apply Changes. The port parameters are saved to the device.
LAGs can be configured according to the following load balancing types: Layer 2, Layer 2 and Layer 3 or Layer 3. The LAG Configuration page contains fields for configuring parameters for configured LAGs. The device supports up to eight LAGs, and each LAG can have up to eight members. For information about To open the LAG Configuration page, click SwitchPorts LAG Configuration in the tree view.
• Description (0-64 Characters) — Provides a user-defined description of the configured LAG. • LAG Type — The port types that comprise the LAG. • Admin Status — Enables or disables traffic forwarding through the selected LAG. • Current LAG Status — Indicates if the LAG is currently operating. • Operational Status — Operational status of the LAG. • Admin Auto Negotiation — Enables or disables Auto Negotiation on the LAG.
Displaying the LAG Configuration Table: 1 Open the LAG Configuration page. 2 Click Show All. The LAG Configuration Table opens: Figure 7-10. LAG Configuration Table Configuring Green Ethernet Green Ethernet, also known as Energy Efficient Ethernet, is an effort to make networking equipment environmentally friendly, specifically by reducing power usage of Ethernet connections.
Figure 7-11. Green Ethernet Configuration • Cumulative Energy Saved — The total amount of energy saved since the last reset. This amount is equal to the saved power multiplied by the time period in hours. – Reset — Click to set the Cumulative Power Saved counter back to 0. • — Indicates whether the Energy-Detect saving mode is on or off for the device ports. • Link Short-Reach Energy Mode — Indicates whether the Short-Reach energy saving mode is on or off for the device ports.
• • – Oper — Whether Energy-Detect is currently in force for the port. – Reason — If Admin indicates that Energy-Detect is enabled and Oper indicates it is not in force, this column gives the reason. Reasons may include that the Link Type is not supported, or that the Port Link is up. Short-Reach — The status of the Short-Reach mode on the link: – Admin — Whether the Short-Reach has been enabled for the port. – Oper — Whether Short-Reach is currently in force for the port.
Figure 7-12. Storm Control • Port — The port from which storm control is enabled. • Broadcast Control — Enables or disables forwarding broadcast packet types on the device. • Mode — Specifies the Broadcast mode currently enabled on the device. The possible field value are: • – Unknown Unicast, Multicast & Broadcast — Counts unknown Unicast, Multicast, and Broadcast traffic. – Multicast & Broadcast — Counts Broadcast and Multicast traffic together.
Figure 7-13. Storm Control Table Defining Port Mirroring Sessions Port mirroring monitors and mirrors network traffic by forwarding copies of incoming and outgoing packets from one port to a monitoring port. Port mirroring is configured by selecting a specific port to copy all packets, and different ports from which the packets copied. Before configuring Port Mirroring, note the following: When a port is set to be a target port for a port-mirroring session, all normal operations on it are suspended.
The following restrictions apply to ports configured to be source ports: • Source ports cannot be a LAG member. • Source ports cannot be configured as a destination port. • All packets are transmitted tagged from the destination port. • Monitored all RX/TX packets to the same port. To open the Port Mirroring page, click Switch Ports Port Mirroring in the tree view. Figure 7-14. Port Mirroring • Destination Port — The port number to which port traffic is copied.
5 Define the Type field. 6 Click Apply Changes. The new source port is defined, and the device is updated. Deleting a Copy Port from a Port Mirroring Session 1 Open the Port Mirroring page. 2 Select the Remove check box. 3 Click Apply Changes. The selected port mirroring session is deleted, and the device is updated. Configuring Address Tables MAC addresses are stored in the Dynamic Address database. A packet addressed to a destination stored in the database is forwarded immediately to the port.
Figure 7-15. Dynamic Address Table • Address Aging (10-630) — Specifies the amount of time the MAC Address remains in the Dynamic Address Table before it is timed out if no traffic from the source is detected. The default value is 300 seconds. • Interface — Specifies the interface for which the table is queried. There are two interface types from which to select. – Port — Specifies the port numbers for which the table is queried. – LAG — Specifies the LAG for which the table is queried.
Querying the Dynamic Address Table 1 Open the Dynamic Address Table. 2 Define the parameter by which to query the Dynamic Address Table. Entries can be queried by Port, MAC Address, or VLAN ID. 3 Click Query. The Dynamic Address Table is queried. Sorting the Dynamic Address Table 1 Open the Dynamic Address Table. 2 From the Address Table Sort Key drop-down menu, select whether to sort addresses by address, VLAN ID, or interface. 3 Click Query. The Dynamic Address Table is sorted.
Figure 7-16. STP Global Settings • • • • Spanning Tree State — Enables or disables Spanning Tree on the device. The possible field values are: – Enable — Enables Spanning Tree – Disable — Disables Spanning Tree STP Operation Mode — The STP mode by which STP is enabled on the device. The possible field values are: – Classic STP — Enables Classic STP on the device. This is the default value. – Rapid STP — Enables Rapid STP on the device.
• Priority (0-61440 in steps of 4096) — Specifies the bridge priority value. When switches or bridges are running STP, each is assigned a priority. After exchanging BPDUs, the switch with the lowest priority value becomes the Root Bridge. The default value is 32768. The bridge priority value is provided in increments of 4096 (4K increments). For example, 0, 4096, 8192, etc. • Hello Time (1-10) — Specifies the device Hello Time.
Defining STP Port Settings The STP Port Settings page contains fields for assigning STP properties to individual ports. To open the STP Port Settings page, click Switch Spanning Tree Port Settings in the tree view. Figure 7-17. STP Port Settings • Select a Port — Port on which STP is enabled. • STP — Enables or disables STP on the port. • Fast Link — When selected, enables Fast Link mode for the port.
• • Port State — The current port STP state. If enabled, the port state determines what forwarding action is taken on traffic. Possible port states are: – Disabled — The port link is currently down. – Blocking — The port is currently blocked and cannot be used to forward traffic or learn MAC addresses. Blocking is displayed when Classic STP is enabled. – Listening — The port is currently in the listening mode. The port cannot forward traffic nor can it learn MAC addresses.
• Priority — The priority value of the port. The priority value influences the port choice when a bridge has two ports connected in a loop. The priority value is between 0-240. The priority value is provided in increments of 16. • Designated Bridge ID — The bridge priority and the MAC Address of the designated bridge. • Designated Port ID — The selected port’s priority and interface. • Designated Cost — The cost of the port participating in the STP topology.
Defining STP LAG Settings The STP LAG Settings page contains fields for assigning STP aggregating port parameters. To open the STP LAG Settings page, click Switch Spanning Tree LAG Settings in the tree view. Figure 7-18. STP LAG Settings 120 • Select a LAG — The user-defined LAG. For more information, see "Defining LAG Membership" on page 132. • STP — Enables or disables STP on the LAG. • Fast Link — Enables Fast Link mode for the LAG.
• • LAG State — Current STP state of a LAG. If enabled, the LAG state determines what forwarding action is taken on traffic. If the bridge discovers a malfunctioning LAG, the LAG is placed in the Broken state. Possible LAG states are: – Disabled — The LAG link is currently down. – Blocking — The LAG is blocked and cannot be used to forward traffic or learn MAC addresses. – Listening — The LAG is in the listening mode and cannot forward traffic or learn MAC addresses.
Modifying the LAG STP Parameters 1 Open the STP LAG Settings page. 2 Select a LAG from the Select a LAG drop-down menu. 3 Modify the fields as desired. 4 Click Apply Changes. The STP LAG parameters are modified, and the device is updated. Configuring Rapid Spanning Tree While Classic Spanning Tree guarantees preventing L2 forwarding loops in a general network topology, convergence can take up to 30-60 seconds. The convergence time is considered too long for many applications.
Figure 7-19. Rapid Spanning Tree (RSTP) • Interface — Port or LAG on which Rapid STP is enabled. • Role — The port role assigned by the STP algorithm in order to provide to STP paths. The possible field values are: • • – Root — Provides the lowest cost path to forward packets to root device. – Designated — The port or LAG via which the designated device is attached to the LAN. – Alternate — Provides an alternate path to the root device from the root interface.
3 Click Apply Changes. Rapid STP is enabled, and the device is updated. Configuring VLANs VLANs are logical subgroups of a Local Area Network (LAN) created via software rather than defining a hardware solution. VLANs combine user stations and network devices into a single domain regardless of the physical LAN segment to which they are attached. VLANs allow network traffic to flow more efficiently within subgroups.
Figure 7-20. VLAN Membership • Show VLAN — Lists and displays specific VLAN information according to VLAN ID or VLAN name. • VLAN Name — The user-defined VLAN name. • Unauthorized Users — Enables or disables unauthorized users from accessing a VLAN. • Remove VLAN — When selected, removes the VLAN from the VLAN Membership Table. Adding New VLANs 1 Open the VLAN Membership page. 2 Click Add. The Create New VLAN page opens.
Figure 7-21. Create New VLAN 3 Enter the VLAN ID and name. 4 Click Apply Changes. The new VLAN is added, and the device is updated. Modifying VLAN Membership Groups 1 Open the VLAN Membership page. 2 Select a VLAN from the Show VLAN drop-down menu. 3 Modify the fields as desired. 4 Click Apply Changes. The VLAN membership information is modified, and the device is updated. Deleting VLAN Membership Groups 1 Open the VLAN Membership page. 2 Select a VLAN in the Show VLAN field.
Table 7-1. VLAN Port Membership Table Port Control Definition U The interface is a VLAN member. Packets forwarded by the interface are untagged. F The interface is denied membership to a VLAN. Blank The interface is not a VLAN member. Packets associated with the interface are not forwarded. The VLAN Port Membership Table displays the ports and the ports states, as well as LAGs. Ports which are LAG members are not displayed in the VLAN Port Membership Table.
Defining VLAN Ports Settings The VLAN Port Settings page contains fields for managing ports that are part of a VLAN. The port default VLAN ID (PVID) is configured on the VLAN Port Settings page. All untagged packets arriving to the device are tagged by the ports PVID. To open the VLAN Port Settings page, click SwitchVLANPort Settings in the tree view. Figure 7-22. VLAN Port Settings • Port — The port number included in the VLAN. • PVID (1-4095) — Assigns a VLA N ID to untagged packets.
The VLAN port settings are defined, and the device is updated. Displaying the VLAN Port Table 1 Open the VLAN Port Settings page. 2 Click Show All. The VLAN Port Table opens. Figure 7-23. VLAN Port Table Defining VLAN LAG Settings The VLAN LAG Setting page provides parameters for managing LAGs that are part of a VLAN. VLANs can either be composed of individual ports or of LAGs. Untagged packets entering the device are tagged with the LAGs ID specified by the PVID.
Figure 7-24. VLAN LAG Setting • LAG — The LAG number included in the VLAN. • PVID — Assigns a VLAN ID to untagged packets. The possible field values are 1-4095. VLAN 4095 is defined as per standard and industry practice, as the Discard VLAN. Packets classified to this VLAN are dropped. • Frame Type — Packet type accepted by the LAG. Possible values are: • – Admit Tag Only — Only tagged packets are accepted by the LAG. – Admit All — Tagged and untagged packets are both accepted by the LAG.
Aggregating Ports Port Aggregation optimizes port usage by linking a group of ports together to form a single Link Aggregated Group (LAG). Port Aggregation multiplies the bandwidth between the devices, increases port flexibility, and provides link redundancy. The device supports up to eight LAGs, and each LAG can have up to eight members. Each LAG is composed of ports of the same speed, set to full-duplex operations.
Defining LAG Membership The LAG Membership page contains fields for assigning ports to LAGs. LAGs can include up to eight ports. When a port is added to a LAG, the port acquires the LAG’s properties. If the port cannot be configured with the LAG properties, a trap is generated and the port operates with its default settings. The LAG Membership page contains fields for assigning ports to LAGs. To open the LAG Membership page, click Switch Link Aggregation LAG Membership in the tree view. Figure 7-25.
Defining Multicast Global Parameters Layer 2 switching forwards Multicast packets to all relevant VLAN ports by default, treating the packet as a Multicast transmission. While this is functional, in the sense that all relevant ports/nodes receive a copy of the frame, it is potentially wasteful as ports/nodes may receive irrelevant frames only needed by a subset of the ports of that VLAN.
Enabling IGMP Snooping on the Device 1 Open the Multicast Global Parameters page. 2 Select Enable in the IGMP Snooping Status field. 3 Click Apply Changes. IGMP Snooping is enabled on the device. Adding Bridge Multicast Address Members The Bridge Multicast Group page displays the ports and LAGs attached to the Multicast service group in the Ports and LAGs tables. The Port and LAG tables also reflect the manner in which the port or LAGs joined the Multicast group.
The following table contains the IGMP port and LAG members management settings: D The port/LAG has joined the Multicast group dynamically in the Current Row. F The port/LAG is excluded from this Multicast group. S Attaches the port to the Multicast group as static member in the Static Row. The port/LAG has joined the Multicast group statically in the Current Row. Blank The port is not attached to a Multicast group. Adding Bridge Multicast Addresses 1 Open the Bridge Multicast Group page.
6 Click Apply Changes. The bridge Multicast address is assigned to the Multicast group, and the device is updated. Defining Ports to Receive Multicast Service 1 Open the Bridge Multicast Group page. 2 Define the VLAN ID and the Bridge Multicast Address fields. 3 Toggle a port to S to join the port to the selected Multicast group. 4 Toggle a port to F to forbid adding specific Multicast addresses to a specific port. 5 Click Apply Changes.
Figure 7-29. Bridge Multicast Forward All • VLAN ID — Identifies a VLAN. • Ports — Ports that can be added to a Multicast service. • LAGs — LAGs that can be added to a Multicast service. The contains the settings for managing router and port settings. Port Control Definition F The port/LAG is excluded from this Multicast group. S Attaches the port to the Multicast router or switch as a static port. Blank The port is not attached to a Multicast router or switch.
Attaching a Port to a Multicast Router or Switch 1 Open Bridge Multicast Forward All page. 2 Define the VLAN ID field. 3 Select a port in the Ports table, and assign the port a value. 4 Click Apply Changes. The port is attached to the Multicast router or switch. Attaching a LAG to a Multicast Router or Switch 1 Open Bridge Multicast Forward All page. 2 Define the VLAN ID field. 3 Select a port in the LAGs table, and assign the LAG a value. 4 Click Apply Changes.
IGMP Snooping The IGMP Snooping page contains fields for adding IGMP members. To open the IGMP Snooping page, click Switch Multicast Support IGMP Snooping in the tree view. Figure 7-30. IGMP Snooping • VLAN ID — Specifies the VLAN ID. • IGMP Snooping Status — Enables or disables IGMP snooping on the VLAN. • Auto Learn — Enables or disables Auto Learn on the device. • IGMP Querier Status — Enables or disables the IGMP Querier.
Enabling IGMP Snooping on the Device 1 Open the IGMP Snooping page. 2 Select the VLAN ID for the device on which IGMP snooping needs to be enabled. 3 Select Enable in the IGMP Snooping Status field. 4 Complete the fields on the page. 5 Click Apply Changes. IGMP snooping is enabled on the device. Displaying the IGMP Snooping Table 1 Open the IGMP Snooping. 2 Click Show All. The IGMP Snooping Table opens. Figure 7-31.
8 Viewing Statistics The Statistic pages contain links to device information for RMON, and CPU utilization. Viewing RMON Statistics Remote Monitoring (RMON) contains links for viewing network information from a remote location. To open the RMON page, click Statistics/RMON RMON in the tree view. Viewing RMON Statistics Group The RMON Statistics Group page contains fields for viewing information about device utilization and errors that occurred on the device.
• Received Bytes (Octets) — Number of octets received on the interface since the device was last refreshed. This number includes bad packets and FCS octets, but excludes framing bits. • Received Packets — Number of packets received on the interface, including bad packets, Multicast and broadcast packets, since the device was last refreshed. • Broadcast Packets Received — Number of good broadcast packets received on the interface since the device was last refreshed.
Figure 8-2. CPU Utilization The CPU Utilization page contains the following information: • Refresh Rate — Amount of time that passes before the statisticsare refreshed.
9 Configuring Quality of Service This section provides information for defining and configuring Quality of Service (QoS) parameters. To open the Quality of Service page, click Quality of Service in the tree view. An implementation example that requires QoS includes certain types of traffic such as Voice, Video and real-time traffic which can be assigned a high priority queue, while other traffic can be assigned a lower priority queue. The result is an improved traffic flow for traffic with high demand.
DSCP values can be mapped to priority queues. The following table contains the default DSCP mapping to forwarding queue values: Table 9-2. DSCP to Queue Mapping Table Default Values DSCP Value Forwarding Queue Values 0- q1 q2 q3 q4 DSCP mapping is enabled on a per-system basis. CoS Services After packets are assigned to a specific queue, CoS services can be assigned to the queue(s).
Defining CoS Global Parameters This section contains the following topics: • Defining CoS Settings • Defining QoS Interface Settings • Defining Queue Settings • Mapping CoS Values to Queues • Mapping DSCP Values to Queues Defining CoS Settings Defining CoS Settings Class of Service (CoS) global parameters are set from the CoS Settings page. To open the CoS Settings page, click Quality of Service CoS Global Parameters CoS Settings in the tree view. Figure 9-1.
1 Open the CoS Settings page. 2 Select Enable in the CoS Mode field. 3 Click Apply Changes. Class of Service is enabled on the device. Selecting Trust: 1 Open the CoS Settings page. 2 Select Trust in the Trust Mode field. 3 Click Apply Changes. Trust is selected. Defining QoS Interface Settings The Interface Settings page contains fields for defining, per interface, if the selected Trust mode is to be activated.
Assigning QoS/CoS settings for an interface: 1 Open the Interface Settings page. 2 Select an interface in the Interface field. 3 Define the fields. 4 Click Apply Changes. The CoS settings are assigned to the interface. Displaying the QoS Interface Settings Table: 1 Open the Interface Settings page. 2 Click Show All. The QoS Interface Settings Table page opens: Figure 9-3.
• Queues — The Queue number. • Strict Priority — Specifies if traffic scheduling is based strictly on the queue priority. • WRR — Specifies if traffic scheduling is based on the Weighted Round Robin (WRR) weights to egress queues. The default values are: – 1 for Queue 1 – 2 for Queue 2 – 8 for Queue 3 – 16 for Queue 4 • WRR Weights — The WRR weight assigned to each queue. • WRR Percentage — The WRR percentage of each queue. Defining the Queue Settings 1 Open the QoS Queue Settings page.
Mapping CoS Values to Queues The CoS to Queue Mapping Table page contains fields for classifying CoS settings to traffic queues. To open the CoS to Queue Mapping Table page, click Quality of ServiceCoS Global Parameters CoS to Queue in the tree view. Figure 9-5. CoS to Queue Mapping Table • Class of Service — Specifies the CoS priority tag values, where zero is the lowest value and 7 is the highest value. • Queue — The traffic forwarding queue to which the CoS priority is mapped.
Mapping DSCP Values to Queues The DSCP to Queue page provides fields for defining output queue to specific DSCP fields. For the list of the DSCP default queue settings, see "DSCP to Queue Mapping Table Default Values" on page 145. To open the DSCP to Queue page, click Quality of ServiceCoS Global Parameters DSCP to Queue in the tree view. Figure 9-6. DSCP to Queue • DSCP In — The values of the DSCP field within the incoming packet.
1 Open the DSCP to Queue page. 2 Check the Restore Defaults checkbox. 3 Click Apply Changes. The default values are restored.
A Managing the Device Using the CLI A limited number of CLI commands are available for managing the device. These commands are a subset of the options available via the web interface. Accessing the Device Through the CLI The device can be managed over a direct connection to the console port or via a Telnet connection. Using the CLI is similar to entering commands on a Linux system.
2 In the Run window, type Telnet in the Open field. 3 Click OK to begin the Telnet session. Using the CLI This section provides information for using the CLI. Command Mode Overview The CLI is divided into command modes. Each command mode has a specific command set. Entering a question mark at the console prompt displays a list of commands available for that particular command mode. In each mode, a specific command is used to navigate from one command mode to another.
Privileged EXEC Mode Privileged access can be protected to prevent unauthorized access and ensure operating parameters. Passwords are displayed in the ***** format on the screen, and are case sensitive. To access and list the Privileged EXEC Mode commands: 1 At the prompt type enable and press . 2 When a password prompt displays, enter the password and press . The Privileged EXEC mode prompt displays as the device host name followed by #.
The following example illustrates how to access Global Configuration Mode and return back to the Privileged EXEC Mode: console# console#configure console(config)#exit console# Interface Configuration Mode Interface configuration commands modify specific IP interface settings, including bridge-group, description, etc. Interface Mode The Interface mode contains commands that configure the interface. The Global Configuration mode command interface ethernet is used to enter the interface configuration mode.
CLI Commands Command: copy To copy any file from a source to a destination, use the copy Privileged EXEC command. copy source-url destination-url Syntax Description • source-url — The location URL or reserved keyword of the source file to be copied. • destination-url — The destination URL or reserved keyword of the destination file. Parameters Range • source-url — 1 - 160 characters • destination-url — 1 - 160 characters The following table shows keywords and URL prefixes: Table A-1.
Understanding Invalid Combinations of Source and Destination Some invalid combinations of source and destination exist. Specifically, you cannot copy the following: • If the source file and destination file are the same file. • xmodem: can't be destination. Can be copied to image, boot and null: only. • tftp: can't be source and destination on the same copy. • *.prv files can't be copied. • Copy to or from the slave units is for image and boot files only. copy Character Descriptions Table A-2.
Command modes All configuration modes Command: end To end the current configuration session and return to privileged EXEC mode, use the end global configuration command. end Syntax Description This command has no arguments or key words Command Mode All configuration modes Default value This command has no default setting.
Console# Command: exit (EXEC) To close an active terminal session by logging off the router, use the exit command in EXEC mode. exit Syntax Description This command has no arguments or key words Command Mode EXEC Default value This command has no default setting. Example Console> exit Command: help To display a brief description of the help system, enter the help command. help Syntax Description This command has no arguments or key words Command Mode All command modes.
Parameters range • interface — Valid Ethernet port. Command Modes Global Configuration Example Console(config)# interface ethernet g1 Console(config-if)# Command: interface port-channel To configure a port-channel type and enter port-channel configuration mode, use the interface portchannel global configuration command. interface port-channel port-channel-number Syntax Description • port-channel-number — Port channel index.
Syntax Description • vlan-id — VLAN ID Parameters range • vlan-id — Valid VLAN Command Modes Global Configuration Usage Guidelines In case the VLAN doesn't exist ("ghost VLAN") only partial list of the commands would be available under the interface VLAN context. The commands that are supported for VLAN that doesn't exist are: 1 IGMP snooping control 2 Bridge multicast configuration Example In the following example, for VLAN 1, the address is 131.108.1.27 and the subnet mask is 255.255.255.
• prefix-length —Range: 8-30 • default-gateway ip-address —Valid IP address Defaults No IP address is defined for interfaces Command Modes Interface Configuration VLAN mode. User Guidelines • Assigning an IP address to an interface does not disable L2 protocols, such as STP. • Defining a static IP address on an interface implicitly removes the DHCP client configuration on the interface.
• packet_count — 0 - 65535 • time_out — 50 - 65535 Command Mode EXEC Default value This command has no default setting. Usage Guidelines Press Esc to stop pinging. Following are sample results of the ping command: Destination does not respond-If the host does not respond, a "no answer from host" appears in ten seconds. Destination unreachable-The gateway for this destination indicates that the destination is unreachable.
64 bytes from 10.1.1.1: icmp_seq=1. time=8 ms 64 bytes from 10.1.1.1: icmp_seq=2. time=8 ms 64 bytes from 10.1.1.1: icmp_seq=3. time=7 ms ----10.1.1.1 PING Statistics---4 packets transmitted, 4 packets received, 0% packet loss round-trip (ms) min/avg/max = 7/8/11 Command: show tech-support command To display system and configuration information you can provide to the Technical Assistance Center when reporting a problem, use the show tech-support command.
show system mode show ip interface show interfaces configuration show interfaces status show interfaces port-channel show vlan show interfaces switchport show spanning tree show bridge multicast address-table show ip igmp snooping groups show dot1x show dot1x users show interfaces counters show users show sessions show logging file show logging If you specify the memory keyword, the show tech-support command displays the output of the following commands: flash info (dir if existed, or flash mapping) buffers
• rw — Specifies read-write access • su — Specifies SNMP administrator access • ipv4-address — Management station IPv4 address. Default is all IP addresses. Parameters range • community — 1 - 20 chars • ip-address — Valid IP address Default No community is defined Command Mode Global configuration Usage Guidelines The logical key of the command is the pair (community, ip-address). If ip-address is omitted then the key is (community, All-Ips).
Default No user is defined.
Glossary This glossary contains key technical words of interest. A B C D E F G H I J L M N O P Q R S T U V W Auto-negotiation A Access Mode Specifies the method by which user access is granted to the system. Allows 10/100 Mpbs or 10/100/1000 Mbps Ethernet ports to establish for the following features: • Duplex/ Half Duplex Mode Access Profiles • Flow Control Allows network managers to define profiles and rules for accessing the device.
Baud Broadcasting The number of signaling elements transmitted each second. A method of transmitting packets to all ports on a network. Best Effort Broadcast Storm Traffic is assigned to the lowest priority queue, and packet delivery is not guaranteed. An excessive amount of broadcast messages simultaneously transmitted across a network by a single port. Forwarded message responses are heaped onto the network, overloading network resources or causing the network to time out.
CLI • Command Line Interface. A set of line commands used to configure the system. Communities Specifies a group of users which retains the same system access rights. CPU Central Processing Unit. The part of a computer that processes information. CPUs are composed of a control unit and an ALU. Half Duplex Mode — Permits asynchronous communication. Only one party can transmit information at a time.
FIFO First In First Out. A queuing process where the first packet in the queue is the first packet out of the packet. Flapping Flapping occurs when an interfaces state is constantly changing. For example, an STP port constantly changes from listening to learning to forwarding. This may cause traffic loss. Flow Control Enables lower speed devices to communicate with higher speed devices, that is, that the higher speed device refrains from sending packets. Fragment Ethernet packets smaller than 576 bits.
IEEE 802.1p Prioritizes network traffic at the data-link/MAC sublayer. IEEE 802.1Q Defines the operation of VLAN Bridges that permit the definition, operation, and administration of VLANs within Bridged LAN infrastructures. L LAG Link Aggregated Group. Aggregates ports or VLANs into a single virtual port or VLAN. For more information on LAGs, see Defining LAG Membership. LAN Image File Local Area Networks. A network contained within a The system image is saved in a Flash sector called image.
MAC Address Learning MIB MAC Address Learning characterizes a learning bridge, in which the packet’s source MAC address is recorded. Packets destined for that address are forwarded only to the bridge interface on which that address is located. Packets addressed to unknown addresses are forwarded to every bridge interface. MAC Address Learning minimizes traffic on the attached LANs. Management Information Base. MIBs contain MAC Layer NMS A sub-layer of the Data Link Control (DTL) layer.
PDU Protocol Data Unit. A data unit specified in a layer protocol consisting of protocol control information and layer user data. PING Packet Internet Groper. Verifies if a specific IP address is available. A packet is sent to another IP address and waits for a reply. Port Physical ports provide connecting components that allow microprocessors to communicate with peripheral equipment.
Running Configuration File Spanning Tree Protocol Contains all Startup file commands, as well as all commands entered during the current session. After the device is powered down or rebooted, all commands stored in the Running Configuration file are lost. Prevents loops in network traffic. The Spanning Tree Protocol (STP) provides tree topography for any arrangement of bridges. STP provides one path between end stations on a network, eliminating loops.
Telnet Teletype Network Protocol. A network protocol used on the Internet or local area networks to provide bidirectional interactive communications. Enables system users to log in and use resources on remote networks. TFTP Trivial File Transfer Protocol. Uses User Data Protocol (UDP) without security features to transfer files. W WAN Wide Area Networks. Networks that cover a large geographical area. Wildcard Mask Specifies which IP address bits are used, and which bits are ignored.
Index Numerics Community table, 75 Firmware, 80 802.
IEEE 802.
T W TFTP, 177 Web management system icons, 55 Time Domain Reflectometry, 64 Tree view, 54 Weighted Round Robin, 148 Width, 21 Trivial File Transfer Protocol, 177 Trunk Configuration Page, 104 Trust, 147 U UDP, 177 Understanding the interface, 54 Uploading files, 81 User Data Protocol, 177 V Virtual Local Area Networks, 177 VLAN, 124, 128, 136, 177 VLAN ID, 113 VLAN membership, 124 VLAN Port Membership Table, 126 VLAN priority, 144 VLANs, 124 181
A Internal Revision History for Online Help and User Guide Rev Date Updated by A04 27-Feb-12 Yosi Katan Description of Change • Updated the Config section to distinguish between PC2808 devices and PC2816/24/48 devices when performing a transition to managed mode from unmanned or secured modes A03 10-Jan-12 Yosi Katan • Updated the Config section to support automatic config file saving when switching from managed mode to Unmanaged or Secure modes (Yosi Katan) • Deleted default IP gateway command •
Dell PowerConnect 28xx Systems User Guide