Matrix E7 Series and SmartSwitch 6000 Series Modules (6H2xx, 6E2xx, 6H3xx, and 6G3xx) Local Management User’s Guide 9033528-06
NOTICE Enterasys Networks reserves the right to make changes in specifications and other information contained in this document and its web site without prior notice. The reader should in all cases consult Enterasys Networks to determine whether any such changes have been made. The hardware, firmware, or software described in this document is subject to change without notice.
ENTERASYS NETWORKS, INC. PROGRAM LICENSE AGREEMENT BEFORE OPENING OR UTILIZING THE ENCLOSED PRODUCT, CAREFULLY READ THIS LICENSE AGREEMENT. This document is an agreement (“Agreement”) between the end user (“You”) and Enterasys Networks, Inc.
3. APPLICABLE LAW. This Agreement shall be interpreted and governed under the laws and in the state and federal courts of New Hampshire without regard to its conflicts of laws provisions. You accept the personal jurisdiction and venue of the New Hampshire courts.
8. AUDIT RIGHTS. You hereby acknowledge that the intellectual property rights associated with the Program are of critical value to Enterasys and, accordingly, You hereby agree to maintain complete books, records and accounts showing (i) license fees due and paid, and (ii) the use, copying and deployment of the Program.
Contents Figures ...........................................................................................................................................xii Tables.............................................................................................................................................xv ABOUT THIS GUIDE Using This Guide...........................................................................................................xiv Structure of This Guide .................................
3.4 3.5 3.6 3.7 3.8 3.9 3.10 3.11 3.12 3.13 3.14 3.15 4 CHASSIS MENU SCREENS 4.1 4.2 4.3 4.4 4.5 vi Module Selection Screen ................................................................................ 3-9 3.4.1 Selecting a Module ....................................................................... 3-11 Module Menu Screen .................................................................................... 3-12 Overview of Security Methods .......................................................
4.6 4.7 4.8 4.9 5 Chassis Environmental Information Screen .................................................. 4-16 Redirect Configuration Menu Screen (Chassis)............................................ 4-18 Port Redirect Configuration Screen .............................................................. 4-19 4.8.1 Changing Source and Destination Ports....................................... 4-22 VLAN Redirect Configuration Screen............................................................ 4-23 4.9.
6 PORT CONFIGURATION MENU SCREENS 6.1 6.2 6.3 6.4 6.5 6.6 6.7 6.8 6.9 7 802.1 CONFIGURATION MENU SCREENS 7.1 7.2 7.3 7.4 7.5 viii Port Configuration Menu Screen..................................................................... 6-2 Ethernet Interface Configuration Screen......................................................... 6-4 Ethernet Port Configuration Screen ................................................................ 6-8 6.3.1 Selecting Field Settings ..................................
8 802.1Q VLAN CONFIGURATION MENU SCREENS 8.1 8.2 8.3 8.4 8.5 8.6 8.7 8.8 8.9 9 Summary of VLAN Local Management........................................................... 8-2 8.1.1 Preparing for VLAN Configuration .................................................. 8-2 802.1Q VLAN Configuration Menu Screen ..................................................... 8-3 Static VLAN Configuration Screen .................................................................. 8-6 8.3.1 Creating a Static VLAN .......
9.7 9.8 10 LAYER 3 EXTENSIONS MENU SCREENS 10.1 10.2 11 11.4 11.5 Network Tools ............................................................................................... 12-1 Built-in Commands........................................................................................ 12-4 Example, Effects of Aging Time on Dynamic Egress.................................. 12-39 Example, Using Dynamic Egress to Control Traffic .................................... 12-40 Special Commands ................
.6 13.7 13.8 13.9 13.10 13.11 13.12 13.13 13.14 13.15 13.16 13.17 A GENERIC ATTRIBUTE REGISTRATION PROTOCOL (GARP) A.1 A.2 B Configuration Process................................................................................... 13-8 13.6.1 Defining a VLAN ........................................................................... 13-8 13.6.2 Classifying Frames to a VLAN ...................................................... 13-8 13.6.3 Customizing the VLAN Forwarding List ......................
Figures Figure 1-1 2-1 2-2 3-1 3-2 3-3 3-4 3-5 3-6 3-7 3-8 3-9 3-10 3-11 3-12 3-13 3-14 3-15 3-16 3-17 3-18 3-19 4-1 4-2 4-3 4-4 4-5 4-6 4-7 4-8 4-9 5-1 5-2 5-3 5-4 5-5 xii Page Example of a Local Management Screen ....................................................................... 1-5 Management Terminal Connection................................................................................. 2-2 Uninterruptible Power Supply (UPS) Connection .........................................................
Figure 5-6 5-7 5-8 5-9 5-10 5-11 5-12 6-1 6-2 6-3 6-4 6-5 6-6 6-7 6-8 6-9 6-10 6-11 6-12 6-13 6-14 6-15 7-1 7-2 7-3 7-4 7-5 8-1 8-2 8-3 8-4 8-5 8-6 8-7 8-8 8-9 9-1 9-2 9-3 9-4 9-5 9-6 Page Clear NVRAM Warning ................................................................................................. 5-17 SNMP Configuration Menu Screen ............................................................................... 5-19 SNMP Community Names Configuration Screen..........................................
Figure Page 9-7 9-8 9-9 9-10 10-1 10-2 11-1 11-2 11-3 11-4 11-5 12-1 12-2 13-1 13-2 13-3 13-4 13-5 13-6 13-7 13-8 13-9 13-10 13-11 13-12 13-13 13-14 13-15 13-16 13-17 13-18 13-19 A-1 Datagram, Layer 2 and Layer 3 .....................................................................................9-29 Protocol Port Configuration Screen ...............................................................................9-33 Prioritizing Network Traffic According to Classification Rule .........................
Tables Table 1-1 1-2 2-1 3-1 3-2 3-3 3-4 3-5 3-6 3-7 3-8 3-9 3-10 3-11 3-12 3-13 3-14 3-15 3-16 3-17 4-1 4-2 4-3 4-4 4-5 4-6 4-7 4-8 4-9 5-1 5-2 5-3 5-4 5-5 5-6 5-7 5-8 Page Event Messages ........................................................................................................... 1-6 Keyboard Conventions ................................................................................................. 1-8 VT Terminal Setup......................................................................
Table Page 5-9 6-1 6-2 6-3 6-4 6-5 6-6 6-7 6-8 6-9 6-10 6-11 6-12 6-13 6-14 7-1 7-2 7-3 7-4 7-5 8-1 8-2 8-3 8-4 8-5 8-6 8-7 8-8 8-9 8-10 9-1 9-2 9-3 9-4 9-5 9-6 9-7 9-8 9-9 9-10 10-1 10-2 Flash Download Configuration Screen Field Descriptions..........................................5-34 Port Configuration Menu Screen Menu Item Descriptions ...........................................6-3 Ethernet Interface Configuration Screen Field Descriptions ........................................
Table Page 11-1 11-2 11-3 11-4 11-5 12-1 12-2 13-1 Module Statistics Menu Screen Menu Item Descriptions ........................................... 11-3 Switch Statistics Screen Field Descriptions................................................................ 11-5 Interface Statistics Screen Field Descriptions ............................................................ 11-7 RMON Statistics Screen Field Descriptions ............................................................
About This Guide Welcome to the Enterasys Networks Matrix E7 Series and SmartSwitch 6000 Series Modules (6H2xx, 6E2xx, 6H3xx and 6G3xx) Local Managment User’s Guide. This manual explains how to access and use the Local Management screens to monitor and manage the switch modules, the attached segments, and the SmartSwitch 6C105 or Matrix E7 6C107 chassis.
Structure of This Guide STRUCTURE OF THIS GUIDE The guide is organized as follows: Chapter 1, Introduction, provides an overview of the tasks that may be accomplished using Local Management (LM), and an introduction to LM screen navigation, in-band and out-of-band network management, screen elements, and LM keyboard conventions.
Structure of This Guide Chapter 7, 802.1 Configuration Menu Screens, describes how to access the Spanning Tree Configuration Menu, 802.1Q VLAN Configuration Menu, and 802.1p Configuration Menu, screens. This chapter also introduces and describes how to use the Spanning Tree screens to create a separate Spanning Tree topology for each VLAN configured in the module. Chapter 8, 802.
Related Documents RELATED DOCUMENTS The following Enterasys Networks documents may help to set up, control, and manage the switch module: • 6C105 SmartSwitch 6000 Overview and Setup Guide • Matrix E7 Chassis Overview and Setup Guide • SmartTrunk User’s Guide • WAN Series Local Management User’s Guide Documents associated with the optional HSIM and VHSIM interface modules, module installation user’s guides, and the manuals listed above, can be obtained from the World Wide Web in Adobe Acrobat Portable Docu
Typographical and Keystroke Conventions TYPOGRAPHICAL AND KEYSTROKE CONVENTIONS bold type Bold type can denote either a user input or a highlighted screen selection. RETURN Indicates either the ENTER or RETURN key, depending on your keyboard. ESC Indicates the keyboard Escape key. SPACE bar Indicates the keyboard space bar key. BACKSPACE Indicates the keyboard backspace key. arrow keys Refers to the four keyboard arrow keys. [-] Indicates the keyboard – key.
1 Introduction This chapter provides an overview of the tasks that may be accomplished using Local Management (LM), and an introduction to LM screen navigation, in-band and out-of-band network management, screen elements, and LM keyboard conventions. Important Notices Depending on the firmware version used in the switch module, some features described in this document may not be supported. Refer to the Release Notes shipped with the switch module to determine which features are supported.
Overview • Assign ports to operate in the standard or full duplex mode. • Configure ports to perform load sharing using SmartTrunking. Refer to the SmartTrunk User’s Guide for details. • Control the number of receive broadcasts that are switched to the other interfaces. • Set flow control on a port-by-port basis. • Configure ports to prioritize incoming frames at Layer 2, Layer 3, and Layer 4. • Clear NVRAM. • Set 802.1Q VLAN memberships and port configurations.
Navigating Local Management Screens 1.1.1 The Management Agent The management agent is an entity within the switch module that collects statistical information (e.g., frames received, errors detected) about the operational performance of the managed network. Local Management communicates with the management agent for the purpose of viewing statistics or issuing management commands. Local Management provides a wide range of screens used to monitor and configure the switch module. 1.1.2 In-Band vs.
Local Management Requirements 1.3 LOCAL MANAGEMENT REQUIREMENTS The switch module provides one communication port, labeled COM, which supports a management terminal connection. To access Local Management, connect one of the following systems to the COM port: • Digital Equipment Corporation VT series terminal. • VT type terminal running emulation programs for the Digital Equipment Corporation VT series. • IBM or compatible PC running a VT series emulation software package.
Local Management Screen Elements Figure 1-1 Example of a Local Management Screen Display Fields Event Message Field Module Type & Slot Number Event Message Line Display Field Input Fields Heading See Note XXXX-XX LOCAL MANAGEMENT General Configuration Firmware Revision: XX.XX.XX BOOTPROM Revision: XX.XX.XX Module Type: XXXX-XX Slot Number: X MAC Address: 00-00-ID-00-00-00 Device Date: 10/11/97 IP Address: 0.0.0.0 Device Time: 14:23:00 Subnet Mask: 255.255.0.0 Screen Refresh Time: 30 sec.
Local Management Screen Elements Event Message Field This field briefly displays messages that indicate if a Local Management procedure was executed correctly or incorrectly, that changes were saved or not saved to Non-Volatile Random Access Memory (NVRAM), or that a user did not have access privileges to an application. Table 1-1 describes the most common event messages. Event messages related to specific Local Management applications are described with those applications throughout this manual.
Local Management Screen Elements Display Fields Display fields cannot be edited. These fields may display information that never changes, or information that may change as a result of Local Management operations, user selections, or network monitoring information. In the screens shown in this guide, the characters in the display fields are in plain type (not bold). In the field description, the field is identified as being “read-only”. Input Fields Input Fields require the entry of keyboard characters.
Local Management Keyboard Conventions 1.5 LOCAL MANAGEMENT KEYBOARD CONVENTIONS All key names appear as capital letters in this manual. Table 1-2 explains the keyboard conventions and the key functions that are used. Table 1-2 Keyboard Conventions Key Function ENTER Key Used to enter data or commands. These keys perform the same Local Management function. For example, “Press ENTER” means that you can press either ENTER or RETURN, unless this manual specifically instructs you otherwise.
Getting Help 1.6 GETTING HELP For additional support related to the module or this document, contact Enterasys Networks using one of the following methods: World Wide Web http://www.enterasys.com/ Phone (603) 332-9400 Internet mail support@enterasys.com FTP Login ftp://ftp.enterasys.com anonymous Password your email address To send comments or suggestions concerning this document, contact the Technical Writing Department via the following email address: TechWriting@enterasys.
2 Local Management Requirements This chapter provides the following information: • Management Terminal Setup (Section 2.1), which describes how to attach a Local Management terminal to the switch module. NOTE: When the 6C105 chassis is set to operate in the distributed mode, you can connect the terminal to the COM port of any module in the chassis to access Local Management of any module, unless the module is set to operate in the standalone mode.
Management Terminal Setup 2.1.1 Console Cable Connection Use the Console Cable Kit provided with the chassis to attach the management terminal to the switch module COM port as shown in Figure 2-1. To connect the switch module to a PC or compatible device running the VT terminal emulation, proceed as follows: 1. Connect the RJ45 connector at one end of the cable (supplied in the kit) to the COM port on the switch module. 2.
Management Terminal Setup 2.1.2 Management Terminal Setup Parameters Table 2-1 lists the setup parameters for the local management terminal.
Telnet Connections 2.2 TELNET CONNECTIONS Once the switch module has a valid IP address, the user can establish a Telnet session from any TCP/IP based node on the network. Telnet connections to the switch module require the community name passwords assigned in the SNMP Community Names Configuration screen. For information about setting the IP address, refer to Section 5.2. For information about assigning community names, refer to Section 5.4.
Monitoring an Uninterruptible Power Supply Figure 2-2 Uninterruptible Power Supply (UPS) Connection Fast Enet 6H252-17 1 2 3 4 PS1 5 Fast Enet PS2 6H252-17 COM Port RESET COM RESET COM 1 RX TX 2 RX TX 3 RX TX 4 RX TX 5 RX TX 6 RX TX 7 RX TX 8 RX TX 9 RX TX 10 RX TX 11 RX TX 12 RX TX 13 RX TX 14 RX TX 15 RX TX 16 RX TX CPU DB9 Port UPS Device RJ45-to-DB9 UPS Adapter UTP Cable With RJ45 Connectors 4046-02 Local Management Requirements 2-5
3 Accessing Local Management This chapter provides information about the following: • Navigating through the Local Management screen hierarchy for 802.1Q Switching (Section 3.1). • Accessing the Password screen to enter a Local Management session (Section 3.2). • Accessing the Main Menu screen and its menu items to gain access to the Local Management screens for the 6C105 or 6C107 chassis and the modules installed in the chassis (Section 3.3).
Navigating Local Management Screens Figure 3-1 802.1Q Switching Mode, Chassis, LM Screen Hierarchy (Page 1 of 3) Password The 6C107 chassis does not support the screens in this shaded area.
Navigating Local Management Screens Figure 3-2 802.1Q Switching Mode, Module, LM Screen Hierarchy (Page 2 of 3) Module Configuration Menu General Configuration SNMP Configuration Menu SNMP Community Names Configuration SNMP Traps Configuration System Resources Information Flash Download Configuration Access Control List Port Configuration Menu 802.
Navigating Local Management Screens Figure 3-3 802.1Q Switching Mode, Chassis, LM Screen Hierarchy (Page 3 of 3) B Security Passwords Radius Configuration Name Services Configuration System Authentication Configuration EAP Configuration 3.1.
Navigating Local Management Screens Using the RETURN Command To exit LM using the RETURN command, proceed as follows: 1. Use the arrow keys to highlight the RETURN command at the bottom of the Local Management screen. 2. Press ENTER. The previous screen in the Local Management hierarchy displays. NOTE: The user can also exit Local Management screens by pressing ESC twice. This exit method does not warn about unsaved changes and all unsaved changes are lost. 3.
Password Screen 3.2 PASSWORD SCREEN When to Use To start a Local Management session, which is controlled through the Local Management Password screen. Whenever a connection is made to the switch module the Local Management Password screen displays. Before continuing, you must enter a password, which is compared to the previously stored passwords and associated management level access policy configured using the Security screen described in Section 3.7.
Password Screen Screen Example Figure 3-4 Local Management Chassis/Module Password Screen xxxxxxxx LOCAL MANAGEMENT Enterasys Networks, Inc. P.O. Box 5005 Rochester, NH 03866-5005 USA (603) 332-9400 c Copyright Enterasys Networks, Inc. 2001 Device Serial Number: Device Hardware Revision: Device Firmware Revision: Device BOOTPROM Revision: xxxxxxxxxxxx xxx xx.xx.xx xx.xx.xx Enter Password: 3650_10 Enter the Password and press ENTER. The default super-user access password is “public” or press ENTER.
Main Menu Screen 3.3 MAIN MENU SCREEN NOTE: This screen does not display when using the 6C107 chassis. The Module Selection screen is displayed instead of this screen. When to Use To access the two major sets of Local Management screens used to configure the chassis and the switch modules installed in the chassis. How to Access Enter a valid password in the Local Management Password screen as described in Section 3.2, and press ENTER. The Main Menu screen, Figure 3-5, displays.
Module Selection Screen NOTE: If the terminal is idle for several minutes the Local Management Password screen redisplays and the session ends. This idle time can be changed in the General Configuration screen in Section 5.2.9.
Module Selection Screen How to Access Use the arrow keys to highlight the MODULES menu item in the Module Selection screen, and press ENTER. The Module Selection screen, Figure 3-6, displays.
Module Selection Screen Field Descriptions Refer to Table 3-2 for a functional description of each screen field. Table 3-2 Module Selection Screen Field Descriptions Use this field… To… Module # (Selectable) Display the slot in which the module is installed. The module number enclosed in angle brackets (< >) indicates the module to which the management terminal or Telnet session is currently connected. Module Type (Read-Only) Display the type of interface module that is installed in each slot.
Module Menu Screen 3.5 MODULE MENU SCREEN Screen Navigation Path For 6C105 chassis: Password > Main Menu > Module Selection > Module Menu For 6C107 chassis: Password > Module Selection > Module Menu When to Use To access the Local Management screens for the switch module selected in the Module Selection screen. How to Access Use the procedure described in Section 3.4.1.
Module Menu Screen NOTE: If the terminal is idle for several minutes, the Local Management Password screen redisplays and the session ends. This idle time can be changed in the Chassis Configuration screen described in Section 4.2. Menu Descriptions Refer to Table 3-3 for a functional description of each menu item.
Module Menu Screen Table 3-3 Module Menu Screen Menu Item Descriptions (Continued) Menu Item Screen Function SECURITY Provides access to the following screens: • • • • • • • • Module Login Passwords Radius Configuration Name Services Configuration System Authentication Configuration EAP Configuration EAP Statistics Menu MAC Port Configuration MAC Supplicant Configuration The Module Login Passwords screen allows you to set a login password for the device according to access policy (read-only, read-w
Overview of Security Methods Table 3-3 Module Menu Screen Menu Item Descriptions (Continued) Menu Item Screen Function SECURITY (cont’d) The MAC Port Configuration screen enables you to monitor the authentication state of the supplicants associated with each port and enable/disable, initialize, and force a revalidation of the port MAC credential. For more information about MAC port configuration, refer to Section 3.14.
Overview of Security Methods • Host Access Control Authentication (HACA) – authenticates user access of Telnet management, console local management and WebView via a central Radius Client/Server application using the Password screen described in Section 3.8. For an overview of HACA and a description of how to set the access policy using the Radius Configuration screen, refer to Section 3.6.1 and Section 3.9.
Overview of Security Methods The access level can be set to one of the following levels for each user name: • super-user • read-write • read-only To support multiple access levels per user name, it involves sending back a different “FilterID” attribute using some server feature to differentiate between the same user name with different prefixes/suffixes. For example, “username@engineering” and “username@home” could each return different access levels. NOTE: This is a server-dependent feature.
Overview of Security Methods When the Radius Client is active on the switch module, the user is presented with an authorization screen, prompting for a user login name and password when attempting to access the host IP address via the local console LM, Telnet to LM, or WebView application. The embedded Radius Client encrypts the information entered by the user and sends it to the Radius Server for validation.
Overview of Security Methods 3.6.2 802.1X Port Based Network Access Control This section provides • a brief description of 802.1X Port Based Network Access Control, • definitions of common terms and abbreviations, and • an overview of the tasks that may be accomplished using the 802.1X (EAP security and authentication features. When using the physical access characteristics of IEEE 802 LAN infrastructures, the 802.
Overview of Security Methods Table 3-4 Authentication Terms and Abbreviations (Continued) Term Definition Authentication Server Provides authentication service to an authenticator. This service determines, by the credentials the supplicant provides, whether a supplicant is authorized to access services provided by the authenticator. The authentication server can be co-located with an authenticator or can be accessed remotely.
Overview of Security Methods 3.6.3 MAC Authentication Overview This section discusses a method for a user to gain access to the network by validating the MAC address of their connected device. Network management statically provisions MAC addresses in a central radius server. Those pre-configured MAC addresses are allowed access to the network through the usual RADIUS validation process. This section further discusses how MAC Authentication and 802.
Overview of Security Methods Authentication This section defines the precedence rules to determine which authentication method, 802.1X (EAP) or MAC Authentication has control over an interface. Setting the 802.1X and MAC port authentication is described in Section 3.11. When both methods are enabled, 802.1X takes precedence over MAC Authentication when a user is authenticated using the 802.1X method. If the port or MAC remains unauthenticated in 802.
Overview of Security Methods Table 3-5 MAC / 802.1X Precedence States 802.1X Port Control MAC Port Control Authenticated? Force Authorized Don’t Care Don’t Care Default Policy Exists? Yes Authorized Policy Exists? Don’t Care Action • Neither method performs authentication. • Frames are forwarded according to default policy. Force Authorized Don’t Care Don’t Care No Don’t Care • Neither method performs authentication. • Frames are forwarded.
Overview of Security Methods Table 3-5 MAC / 802.1X Precedence States (Continued) 802.1X Port Control MAC Port Control Authenticated? Auto Disabled Yes Default Policy Exists? Don’t Care Authorized Policy Exists? Action Yes • 802.1X performs authentication. • Frames are forwarded according to authorized policy. Auto Disabled Yes Yes No • 802.1X performs authentication. • Frames are forwarded according to default policy. Auto Disabled Yes No No • 802.1X performs authentication.
Overview of Security Methods Table 3-5 MAC / 802.1X Precedence States (Continued) 802.1X Port Control MAC Port Control Authenticated? Default Policy Exists? Force Unauthorization Enabled No No Force Unauthorization Disabled 3.6.4 Don’t Care Don’t Care Authorized Policy Exists? Action Don’t Care • MAC performs authentication. Don’t Care • Neither method performs • Frames are discarded. authentication. • Frames are discarded.
Security Menu Screen 3.7 SECURITY MENU SCREEN Screen Navigation Path For 6C105 chassis: Password > Main Menu > Module Selection > Module Menu > Security Menu For 6C107 chassis: Password > Module Selection > Module Menu > Security Menu When to Use To access the Passwords, Radius Configuration, Name Services Configuration, System Authentication Configuration, EAP Configuration, EAP Statistics Menu, MAC Port Configuration, and MAC Supplicant Configuration screens.
Security Menu Screen Screen Example Figure 3-8 Security Menu Screen PASSWORDS RADIUS CONFIGURATION NAME SERVICES CONFIGURATION SYSTEM AUTHENTICATION CONFIGURATION CONFIGURATION EAP CONFIGURATION EAP STATISTICS MENU MAC PORT CONFIGURATION MAC SUPPLICANT CONFIGURATION EXIT RETURN 3528_14 Menu Descriptions Refer to Table 3-6 for a functional description of each menu item.
Security Menu Screen Table 3-6 Security Menu Screen Menu Item Descriptions (Continued) Menu Item Screen Function SYSTEM AUTHENTICATION CONFIGURATION Used to enable or disable an authentication type for the device, and to display the authentication type and authentication status (enabled or disabled) for all ports. For details, refer to Section 3.11. EAP CONFIGURATION Used to configure authentication settings for each port. For details, refer to Section 3.12.
Passwords Screen 3.8 PASSWORDS SCREEN When to Use To provide additional security by using login passwords associated to access policy. This screen allows the use of passwords to provide three levels of Local Management access (super-user, read-write and read-only) via serial console or telnet connection. This screen is also used to disable the function of hardware switch 8 to prevent the clearing of the login passwords.
Passwords Screen Field Descriptions Refer to Table 3-7 for a functional description of each screen field. Table 3-7 Module Login Passwords Screen Field Descriptions Use this field… To… Password (Modifiable) Enter the password used to access the device according to an access policy. For information on how to set the login password, refer to Section 3.8.1. Access Policy (Read-Only) See the access given each password.
Radius Configuration Screen 3.8.1 Setting the Module Login Password Setting the Module Login Password provides additional security by assigning each switch module its own password and allowing you to disable the function of switch S8 so that the password cannot be cleared. To assign the password and disable switch S8, proceed as follows: 1. Use the arrow keys to highlight the appropriate Password field. A different password can be assigned to each Access Policy. 2. Press ENTER. 3.
Radius Configuration Screen How to Access Use the arrow keys to highlight the RADIUS CONFIGURATION menu item on the Security Menu screen and press ENTER. The Radius Configuration screen, Figure 3-10, displays. Screen Example Figure 3-10 Radius Configuration Screen Timeout: 20 Retries: 03 Local Remote Last Resort Action: [CHALLENGE] [CHALLENGE] Radius Client: [DISABLED] IP Address: 0.0.0.0 0.0.0.
Radius Configuration Screen Table 3-8 Radius Configuration Screen Field Descriptions (Continued) Use this field… To… Last Resort Action/Local (Selectable) Accept, Challenge, and Reject, which do the following: ACCEPT: Allows local access (via COM port) at the super-user level with no further attempt at authentication. CHALLENGE: Reverts to local module (legacy) passwords. REJECT: Does not allow local access. For more details, refer to Section 3.9.1. To set local and remote servers, refer to Section 3.
Radius Configuration Screen 3.9.1 Setting the Last Resort Authentication The Radius client can be configured to use primary and secondary servers. If the primary server does not respond within the specified number of retries during the specified time-out period, the client will then attempt to authenticate using the secondary server. If the secondary server also does not respond, then the client returns a time-out condition.
Name Services Configuration Screen 3.10 NAME SERVICES CONFIGURATION SCREEN When to Use Use this screen when enabling Port-based Web authentication. This screen can also be used to configure the global Secure Harbour name and IP address. The user can Enable/Disable Name Services and associate the switch name with the Secure Harbour IP address. How to Access Use the arrow keys to highlight the NAME SERVICES CONFIGURATION menu item on the Security Menu screen and press ENTER.
Name Services Configuration Screen Field Descriptions Refer to Table 3-9 for a functional description of each screen field. Table 3-9 Name Services Configuration Screen Field Descriptions Use this field… To… Switch Name (Modifiable) Create a textual name to bind to the IP address. Secure Harbour IP (Read-Only) See the IP address used to access services. Name Services (Toggle) Enable or disable the name services function. Web Authentication (Toggle) Enable or disable Web Authentication.
System Authentication Configuration Screen 3.11 SYSTEM AUTHENTICATION CONFIGURATION SCREEN When to Use To enable or disable an authentication type for the device, and to display the authentication type and authentication status (enabled or disabled) for all ports. How to Access Use the arrow keys to highlight the SYSTEM AUTHENTICATION CONFIGURATION menu item on the Security Menu screen and press ENTER. The System Authentication Configuration screen, Figure 3-12, displays.
System Authentication Configuration Screen Field Descriptions Refer to Table 3-10 for a functional description of each screen field. Table 3-10 System Authentication Configuration Screen Field Descriptions Use this field… To… System Authentication (Selectable) Enable or disable an authentication type for the device, or turn off the port authentication function on all ports.
EAP (Port) Configuration Screen 3.12 EAP (PORT) CONFIGURATION SCREEN When to Use To configure authentication settings for each port. How to Access Use the arrow keys to highlight the EAP CONFIGURATION menu item on the Security Menu screen and press ENTER. The EAP Port Configuration screen, Figure 3-13, displays.
EAP (Port) Configuration Screen Field Descriptions Refer to Table 3-11 for a functional description of each screen field. . Table 3-11 EAP Port Configuration Screen Field Descriptions Use this field… To… Port (Read-Only) See the port number of all ports known to the device. Up to 10 ports can be displayed as a time. Highlight NEXT and press ENTER to display the next set of ports. Authentication State (Read-Only) See the current authentication state of each port.
EAP (Port) Configuration Screen Table 3-11 EAP Port Configuration Screen Field Descriptions (Continued) Use this field… To… Authentication State (Cont’d) • aborting: The port enters this state from authenticating when any event occurs that interrupts the login exchange. • held: After any login failure, this state is entered where the port remains for the number of seconds equal to quietPeriod (can be set using mib). • forceAuth: Management has set this in “Port Control”.
EAP (Port) Configuration Screen Table 3-11 EAP Port Configuration Screen Field Descriptions (Continued) Use this field… To… Backend State (Cont’d) • idle: The port is currently not involved in any authentication, but is ready to begin one. Move to idle after completion. • initialize: The port is initializing the relevant backend variables and is not ready to begin an authentication. Move to idle after completion.
EAP (Port) Configuration Screen Table 3-11 EAP Port Configuration Screen Field Descriptions (Continued) Use this field… To… Port Control (Cont’d) • Forced Authenticated Mode: The Forced Authenticated Mode is meant to disable authentication on a port. It is intended for ports that support ISLs and devices that cannot authenticate, such as printers and file servers.
EAP Statistics Menu Screen 3.13 EAP STATISTICS MENU SCREEN Screen Navigation Path For 6C105 chassis: Password > Main Menu > Module Selection > Module Menu > Security Menu > EAP Statistics Menu For 6C107 chassis: Password > Module Selection > Module Menu > Security Menu > EAP Statistics Menu When to Use To access the EAP Session Statistics, EAP Authenticator Statistics, and EAP Diagnostic Statistics screens.
EAP Statistics Menu Screen Menu Descriptions Refer to Table 3-12 for a functional description of each menu item. Table 3-12 EAP Statistics Menu Screen Descriptions Menu Item Screen Function EAP SESSION STATISTICS Used to review and clear EAP session statistics for each port. For details, refer to Section 3.13.1. EAP AUTHENTICATOR STATISTICS Used to review authenticator statistics for each port, including EAP frame types received and transmitted, and frame version number and source MAC address.
EAP Statistics Menu Screen 3.13.1 EAP Session Statistics Screen When to Use To review and clear EAP session statistics for each port. How to Access Use the arrow keys to highlight the EAP SESSION STATISTICS menu item on the EAP Statistics Menu screen and press ENTER. The EAP Session Statistics screen, Figure 3-15, displays.
EAP Statistics Menu Screen Table 3-13 EAP Session Statistics Screen Field Descriptions Use this field… To… SessionID (Read-Only) See the unique ASCII string identifier for a particular session. SessionOctetsRx (Read-Only) See counts of user data octets received on the port during a particular session. SessionOctetsTx (Read-Only) See counts of octets of transmitted on the port during a particular session.
EAP Statistics Menu Screen Table 3-13 EAP Session Statistics Screen Field Descriptions (Continued) Use this field… To… Session User Name (Read-Only) See the user name associated with the PAE (Point of Access Entity). Port Number (Selectable) Select the port number to display the associated EAP Session Statistics. To select a port number, use the arrow keys to highlight the Port Number field.
EAP Statistics Menu Screen Screen Example Figure 3-16 EAP Authenticator Statistics Screen Total Frames Rx: Total Frames Tx: Start Frames Rx: Logoff Frames Rx: Response Id Frames Rx: Response Frames Rx: Request Id Frames Tx: Request Frames Tx: Invalid Frames Rx: Length Error Frames Rx: Port Number: [ 1] 0 0 0 0 0 0 0 0 0 0 Frame Version: Frame Source: CLEAR COUNTERS EXIT 0 00-00-00-00-00-00 RETURN 3783_06 Field Descriptions Refer to Table 3-14 for a functional description of each screen field.
EAP Statistics Menu Screen Table 3-14 EAP Authenticator Statistics Screen Field Descriptions (Continued) Use this field… To… Response Id Frames Rx (Read-Only) See counts of EAP response identification type frames received by the authenticator. Response Frames Rx (Read-Only) See counts of EAP response type frames received by the authenticator. Request Id Frames Tx (Read-Only) See counts of EAP request identification type frames transmitted by the authenticator.
EAP Statistics Menu Screen 3.13.3 EAP Diagnostic Statistics Screen When to Use To view port counters useful for EAP troubleshooting, including logoffs and timeouts while authenticating, and to view authorization failure messages from the authentication server. The counters on this screen refresh automatically. How to Access Use the arrow keys to highlight the EAP DIAGNOSTIC STATISTICS menu item on the EAP Statistics Menu screen and press ENTER. The EAP Diagnostic Statistics screen, Figure 3-17, displays.
EAP Statistics Menu Screen Field Descriptions Refer to Table 3-15 for a functional description of each screen field. Table 3-15 EAP Diagnostic Statistics Screen Field Descriptions Use this field… To… Enters Connecting (Read-Only) See counts of transitions to connecting state from any other state. Logoffs Connecting (Read-Only) See counts of transitions from connecting to disconnected state after an EAPOL logoff message.
EAP Statistics Menu Screen Table 3-15 EAP Diagnostic Statistics Screen Field Descriptions (Continued) Use this field… To… Reauths Authenticated (Read-Only) See counts of transitions from authenticated to connecting state due to a reauthentication request. Starts Authenticated (Read-Only) See counts of transitions from authenticated to connecting state due to a start from the supplicant (end-user requesting authentication).
MAC Port Configuration Screen Table 3-15 EAP Diagnostic Statistics Screen Field Descriptions (Continued) Use this field… To… CLEAR COUNTERS (Command) Set the octets and frame counters to zero for a particular port. To clear the counters, use the arrow keys to highlight CLEAR COUNTERS and press ENTER. NOTE: This command clears the counters for this LM screen, but it does not clear the associated MIB objects. 3.
MAC Port Configuration Screen Screen Example Figure 3-18 MAC Port Configuration Screen Port Authentication Port Initialize Force State Enable Port Reauth ----------------------------------------------------------------------------------------------1 authenticated [Enabled] [FALSE] [FALSE] 2 authenticated [Disabled] [FALSE] [FALSE] 3 unauthenticated [Enabled] [FALSE] [FALSE] 4 unauthenticated [Enabled] [FALSE] [FALSE] 5 authenticated [Enabled] [FALSE] [FALSE] 6 authenticated [Enabled] [FALSE] [FALSE] 7 a
MAC Supplicant Configuration Screen Table 3-16 MAC Port Configuration Screen Field Descriptions (Continued) Use this field… To… Initialize Port (Single Setting) Initialize the authentication status of the port. When this field is set to TRUE, the current authentication session is terminated, the port returns to its initial authentication status, and the field returns to FALSE. Force Reauth (Single Setting) Force the revalidation of the MAC credential for the port.
MAC Supplicant Configuration Screen Screen Example Figure 3-19 MAC Supplicant Configuration Screen Port Duration MAC Initialize Reauthenticate (dd:hh:mm:ss) Address Supplicant Supplicant -----------------------------------------------------------------------------------------------------------1 00:12:23:58 nn-nn-nn-nn-nn-nn [FALSE] [FALSE] 2 54:02:56:00 nn-nn-nn-nn-nn-nn [FALSE] [FALSE] SAVE PREVIOUS NEXT EXIT RETURN 35281_93 Field Descriptions Refer to Table 3-17 for a functional description of e
MAC Supplicant Configuration Screen Table 3-17 MAC Supplicant Configuration Screen Field Descriptions (Continued) Use this field… To… Initialize Supplicant (Single Setting) Terminate the current session with a supplicant. When set to TRUE, the current session is terminated. It always displays a value of FALSE. Reauthenticate Supplicant (Single Setting) Force a revalidation of the MAC credential for the supplicant. When set to TRUE, the switch forces the revalidation.
4 Chassis Menu Screens NOTE: The screens described in this chapter apply only to the 6C105 chassis. This chapter provides the information to access the following: • Chassis Configuration screen to set the chassis operating parameters (Section 4.2), • SNMP Configuration Menu screen and its menu items to access other screens to modify the SNMP community names and set SNMP traps (Section 4.
Chassis Menu Screen 4.1 CHASSIS MENU SCREEN When to Use To access the Local Management screens that allow you to configure and monitor operating parameters, modify SNMP community names, set SNMP traps, monitor the chassis environmental status, and to perform port redirect functions. How to Access Use the arrow keys to highlight the CHASSIS menu item on the Main Menu screen and press ENTER. The Chassis Menu screen, Figure 4-1, displays.
Chassis Menu Screen Menu Descriptions Refer to Table 4-1 for a functional description of each menu item. Table 4-1 Chassis Menu Screen Menu Item Descriptions Menu Item Screen Function CHASSIS CONFIGURATION Allows the user to configure operating parameters for the chassis. For details, refer to Section 4.2. SNMP CONFIGURATION MENU Used to access the SNMP Community Names Configuration screen and the SNMP Traps Configuration screen.
Chassis Configuration Screen 4.2 CHASSIS CONFIGURATION SCREEN When to Use To set the chassis date and time, IP address and Subnet Mask, the operational mode of all modules installed in the chassis, view the chassis uptime, screen refresh time and lockout time, and view the chassis uptime. How to Access Use the arrow keys to highlight the CHASSIS CONFIGURATION menu item on the Chassis Menu screen and press ENTER. The Chassis Configuration screen, Figure 4-2, displays.
Chassis Configuration Screen Field Descriptions Refer to Table 4-2 for a functional description of each screen field. Table 4-2 Chassis Configuration Screen Field Descriptions Use this field… To… MAC Address (Read-Only) Display the base physical address of the chassis. IP Address (Modifiable) Set the IP address for the chassis.
Chassis Configuration Screen Table 4-2 Chassis Configuration Screen Field Descriptions (Continued) Use this field… To… Screen Lockout Time (Modifiable) Set the maximum number of minutes that the Local Management application displays a module’s screen while awaiting input or action from a user. For example, if the number 5 is entered in this field, the user has up to five minutes to respond to each of the specified module’s Local Management screens.
Chassis Configuration Screen 4.2.2 Setting the Subnet Mask If the management workstation that is to receive SNMP traps from the 6C105 is located on a separate subnet, the subnet mask for the 6C105 chassis must be changed from its default. To change the subnet mask from its default, perform the following steps: 1. Use the arrow keys to highlight the Subnet Mask field. 2. Enter the subnet mask into this field using Decimal Dotted Notation (DDN) format. For example: 255.255.255.0 3. Press ENTER.
Chassis Configuration Screen 4.2.4 Setting the Chassis Time To set the chassis clock, perform the following steps: 1. Use the arrow keys to highlight the Chassis Time field. 2. Enter the time in this 24-hour format: HH:MM:SS NOTE: When entering the time in the system time field, separators between hours, minutes, and seconds do not need to be added as long as each entry uses two numeric characters. For example, to set the time to 6:45 A.M., type “064500” in the Chassis Time field. 3.
Chassis Configuration Screen 4.2.6 Setting the Screen Lockout Time The screen lockout time can be set from 1 to 30 minutes with a default of 15 minutes. To set a new lockout time, perform the following steps: 1. Use the arrow keys to highlight the Screen Lockout Time field. 2. Enter a number from 1 to 30. 3. Press ENTER to set the lockout time in the input field. 4. Use the arrow keys to highlight the SAVE command at the bottom of the screen and press ENTER.
SNMP Configuration Menu Screen 4.3 SNMP CONFIGURATION MENU SCREEN When to Use To access the SNMP Community Names Configuration screen and the SNMP Traps Configuration screen. These screens are used to modify SNMP community names and set SNMP traps. How to Access Use the arrow keys to highlight the SNMP CONFIGURATION MENU item on the Chassis Menu screen and press ENTER. The SNMP Configuration Menu screen, Figure 4-3, displays.
SNMP Configuration Menu Screen Menu Descriptions Refer to Table 4-3 for a functional description of each menu item. Table 4-3 SNMP Configuration Menu Screen Menu Item Descriptions Menu Item Screen Function SNMP COMMUNITY NAMES CONFIGURATION Used to enter new, change, or review the community names used as access passwords for module management operation. Access is limited based on the password level of the user. For details, refer to Section 4.4.
SNMP Community Names Configuration Screen 4.4 SNMP COMMUNITY NAMES CONFIGURATION SCREEN When to Use To set the Local Management community names. Community names act as passwords to Local/Remote Management and provide security access to the chassis. Access to the chassis is controlled by enacting any of three different levels of security authorization (read-only, read-write, and super-user).
SNMP Community Names Configuration Screen Field Descriptions Refer to Table 4-4 for a functional description of each screen field. Table 4-4 SNMP Community Names Configuration Screen Field Descriptions Use this field… To… Community Name (Modifiable) Enter the user-defined name used to access chassis management. Any community name assigned here acts as a password to Local Management. Access Policy (Read-Only) See the access given each community name. Possible selections are as follows: 4.4.
SNMP Traps Configuration Screen To establish community names, proceed as follows: 1. Use the arrow keys to highlight the Community Name field adjacent to the selected access level. 2. Enter the password in the field (maximum 31 characters). 3. Press ENTER. 4. Repeat steps 1 through 3 to modify the other community names. 5. Use the arrow keys to highlight SAVE at the bottom of the screen and press ENTER. The message “SAVED OK” displays.
SNMP Traps Configuration Screen Screen Example Figure 4-5 SNMP Traps Configuration Screen Trap Destination Trap Community Name Enable Traps 0.0.0.0 public [NO] 0.0.0.0 public [NO] 0.0.0.0 public [NO] 0.0.0.0 public [NO] 0.0.0.0 public [NO] 0.0.0.0 public [NO] 0.0.0.0 public [NO] 0.0.0.0 public [NO] EXIT SAVE RETURN 4046-36 Field Descriptions Refer to Table 4-5 for a functional description of each screen field.
Chassis Environmental Information Screen 4.5.1 Configuring the Trap Table To configure the Trap table, proceed as follows: 1. Using the arrow keys, highlight the appropriate Trap Destination field. 2. Enter the IP Address of the workstation that is to receive traps. IP address entries must follow the DDN format (nnn.nnn.nnn.nnn). 3. Press ENTER. If an invalid entry is entered “INVALID IP ENTERED” is displayed in the Event Message Line. 4. Using the arrow keys, highlight the Trap Community Name field.
Chassis Environmental Information Screen Screen Example Figure 4-6 Chassis Environmental Information Screen Chassis Power Redundancy Not Available Power Supply #1 Status Normal Power Supply #2 Status Not Installed Chassis Fan Status Normal EXIT RETURN 4046_37 Field Descriptions Refer to Table 4-6 for a functional description of each screen field.
Redirect Configuration Menu Screen (Chassis) 4.7 REDIRECT CONFIGURATION MENU SCREEN (CHASSIS) When to Use To access the Port Redirect Configuration and VLAN Redirect Configuration screens at the chassis level. Any combination, up to 128, of port and/or VLAN redirect instances can be configured per installed module, giving a maximum of 640 instances for a chassis with 5 modules. Up to 24 instances per module can be configured as remote instances to other modules in the chassis.
Port Redirect Configuration Screen Menu Descriptions Refer to Table 4-7 for a functional description of each menu item. Table 4-7 Redirect Configuration Menu Screen Menu Item Descriptions Menu Item Screen Function PORT REDIRECT CONFIGURATION Used to redirect traffic from a source switch port to a destination switch port. For details, refer to Section 4.8. VLAN REDIRECT CONFIGURATION Used to configure the device to direct traffic from a VLAN to a particular switch port.
Port Redirect Configuration Screen Screen Example Figure 4-8 Port Redirect Configuration Screen Destination ------------------------ Source ---------------------Module Module Port Frame Format -------------------- Redirect Errors -------------------- Port 1 1 2 1 NORMAL ON 1 2 2 2 TAGGED ON 1 3 2 3 UNTAGGED ON 1 4 2 4 NORMAL ON 1 5 2 5 NORMAL ON 1 6 2 6 NORMAL ON 1 7 2 7 NORMAL ON 1 8 2 8 NORMAL ON Src Port [ 2] Src Module [ 1 ] SAVE Dest Port [
Port Redirect Configuration Screen Table 4-8 Port Redirect Configuration Screen Field Descriptions (Continued) Use this field… To… Frame Format (Read-Only) See the current frame format setting: NORMAL, TAGGED, or UNTAGGED. The default is NORMAL. • NORMAL – Frames are redirected in the format that they were received or transmitted on the source port. • TAGGED – Frames are transmitted on the destination port with a VLAN tag inserted according to the frame classification.
Port Redirect Configuration Screen Table 4-8 Port Redirect Configuration Screen Field Descriptions (Continued) Use this field… To… Redirect Errors (Toggle) Set each source port to either ON, to send errored frames to its destination port, or OFF to drop errored frames, and send only valid traffic to its destination port. The default setting is OFF. Status (Toggle) Add or delete source and destination ports selected in the Source Port [n] and Destination Port [n] fields. 4.8.
VLAN Redirect Configuration Screen 14. Use the SPACE bar to select either the ADD or DELETE option. Press ENTER. This adds or deletes the selections for the Source Port, Destination Port, Frame Format, and Redirect Errors made in steps 1 through 12 and also updates the screen. TIP: If more than one port is being redirected, repeat steps 1 through 14 for each additional setting. Then go to step 15 to save all the new settings at once.
VLAN Redirect Configuration Screen How to Access Use the arrow keys to highlight the VLAN REDIRECT CONFIGURATION menu item on the Redirect Configuration Menu screen and press ENTER. The VLAN Redirect Configuration screen, Figure 4-9, displays.
VLAN Redirect Configuration Screen Table 4-9 VLAN Redirect Configuration Screen Field Descriptions (Continued) Use this field… To… Destination Module (Read-Only) See which modules are currently set as destination modules. Destination Port (Read-Only) See which ports are currently set as destination ports. Multiple VLAN IDs may be assigned to a destination port. Frame Format (Read-Only) Display the current frame format setting: RECEIVED, TAGGED, or UNTAGGED. The default is RECEIVED.
VLAN Redirect Configuration Screen 4.9.1 Changing Source VLAN and Destination Ports To add or delete source VLAN and destination port entries and set the Frame Format and Redirect Errors functions, proceed as follows: 1. Use the arrow keys to highlight the Src VLAN ID field near the bottom of the screen. 2. Press the SPACE bar or BACKSPACE key one or more times to increment or decrement the VLAN ID number displayed in the brackets [n] until the desired VLAN ID number displays. 3.
5 Module Configuration Menu Screens The chapter describes the Module Configuration Menu screen and the following screens that can be selected: • General Configuration screen (Section 5.2) • SNMP Configuration Menu screen (Section 5.3) • SNMP Community Names Configuration screen (Section 5.4) • SNMP Traps Configuration screen (Section 5.5) • Access Control List screen (Section 5.6) • System Resources Information screen (Section 5.7) • Flash Download Configuration screen (Section 5.
Module Configuration Menu Screen 5.1 MODULE CONFIGURATION MENU SCREEN When to Use To access a series of Local Management screens used to establish an Access Control List for SNMP to provide additional security, configure and monitor operating parameters, modify SNMP community names, set SNMP traps, configure switch parameters and configure the switch module ports. How to Access Use the arrow keys to highlight the MODULE CONFIGURATION MENU item on the Module Menu screen, and press ENTER.
Module Configuration Menu Screen Menu Descriptions Refer to Table 5-1 for a functional description of each menu item. Table 5-1 Module Configuration Menu Screen Menu Item Descriptions Menu Item Screen Function GENERAL CONFIGURATION Used to monitor and configure the switch module operating parameters. For details, refer to Section 5.2. SNMP CONFIGURATION MENU Used to access the SNMP Community Names Configuration, SNMP Traps Configuration, and Access Control List screens.
General Configuration Screen 5.2 GENERAL CONFIGURATION SCREEN When to Use To set the system date and time, IP address and subnet mask, the default gateway, the TFTP and gateway IP address. This screen can also be used to clear the NVRAM, set the screen refresh time, the screen lockout time, the IP fragmentation, the COM port configuration, and monitor the total time (uptime) that the module has been running.
General Configuration Screen Field Descriptions Refer to Table 5-2 for a functional description of each screen field. . Table 5-2 General Configuration Screen Field Descriptions Use this field… To… MAC Address (Read-Only) See the base physical address of the switch module. IP Address (Modifiable) See the IP address for the switch module. To set the IP address, refer to Section 5.2.1. The IP address can also be set through Runtime IP Address Discovery.
General Configuration Screen Table 5-2 General Configuration Screen Field Descriptions (Continued) Use this field… To… Screen Refresh Time (Modifiable) Enter a new update time. This setting determines how frequently (in seconds) information is updated on the screen. To enter the refresh time, refer to Section 5.2.8. Screen Lockout Time (Modifiable) Enter a new lockout time.
General Configuration Screen Table 5-2 General Configuration Screen Field Descriptions (Continued) Use this field… To… Com (Toggle) Enable or disable the COM port. The selection toggles between ENABLED and DISABLED. The default is ENABLED. For details about setting up the COM port, refer to Section 5.2.10. Application (Toggle) Set the application that the COM port will support. The field toggles between LM (Local Management) and UPS (Uninterruptible Power Supply). The default is LM.
General Configuration Screen Table 5-2 General Configuration Screen Field Descriptions (Continued) Use this field… To… Agg Mode (Toggle) Select the trunking method that the switch will use to create a trunk consisting of a group of ports to increase the bandwidth between switches. You can select either the Enterasys Networks’ SmartTrunking (Huntgroup) or the IEEE 802.3ad protocol. This field toggles between HUNTGROUP and IEEE8023ad. The default is HUNTGROUP.
General Configuration Screen Figure 5-3 Configuration Warning Screen, IP Address WARNING! YOU HAVE ELECTED TO SAVE ONE OR MORE CONFIGURATION ITEMS THAT REQUIRE RESETTING THIS DEVICE. ARE YOU SURE YOU WANT TO CONTINUE? NO YES 19601-84 5. Use the arrow keys to highlight the YES command, then press ENTER. The changes are saved and the module reboots. 5.2.
General Configuration Screen 4. Use the arrow keys to highlight the SAVE command, then press ENTER. The warning screen shown in Figure 5-4 displays. Figure 5-4 Configuration Warning Screen, Subnet Mask WARNING! YOU HAVE ELECTED TO SAVE ONE OR MORE CONFIGURATION ITEMS THAT REQUIRE RESETTING THIS DEVICE. ARE YOU SURE YOU WANT TO CONTINUE? YES NO 19601-84 5. Use the arrow keys to highlight the YES command, then press ENTER. The changes are saved and the module reboots. 5.2.
General Configuration Screen 3. Press ENTER. If the default gateway entered is in the correct format, the cursor returns to the beginning of the Default Gateway field. If the format is not correct, the screen displays “INVALID DEFAULT GATEWAY OR FORMAT ENTERED”. Local Management does not alter the current value, but it does refresh the Default Gateway field with the previous value. 4. Use the arrow keys to highlight the SAVE command. 5. Press ENTER. The message “SAVED OK” displays at the top of the screen.
General Configuration Screen 5.2.5 Setting the Module Name To set the module name, perform the following steps: 1. Use the arrow keys to highlight the Module Name field. 2. Enter the name of your system (maximum of 19 characters). 3. Press ENTER to set the name in the input field. 4. Use the arrow keys to highlight the SAVE command and press ENTER. The message “SAVED OK” displays on the screen. 5.2.
General Configuration Screen 5.2.7 Setting the Module Time NOTE: If the 6C105 or 6C107 chassis has been assigned a chassis time, it is not necessary to assign a module time to the switch module. All installed modules recognize the chassis time. To set the switch module time, perform the following steps: 1. Use the arrow keys to highlight the Module Time field. 2.
General Configuration Screen 5.2.9 Setting the Screen Lockout Time The screen lockout time can be set from 1 to 30 minutes with a default of 15 minutes. To set a new lockout time, perform the following steps: 1. Use the arrow keys to highlight the Screen Lockout Time field. 2. Enter a number from 1 to 30. 3. Press ENTER to set the lockout time in the input field. 4. Use the arrow keys to highlight the SAVE command at the bottom of the screen and press ENTER.
General Configuration Screen 2. Press the SPACE bar to choose either ENABLED or DISABLED. The COM port must be ENABLED for the LM or UPS application. Selecting DISABLED prevents a connection via the COM port thus providing additional module security. CAUTION: If the COM port is reconfigured without a valid IP address set on the switch module or chassis, the message shown in Figure 5-5 displays. Do not continue unless the outcome of the action is fully understood.
General Configuration Screen 5.2.10.1 Changing the COM Port Application After enabling the COM port as described in Section 5.2.10, one of the applications supported by the COM port (LM or UPS) can be selected. The default application is LM. To change the COM port application: 1. Use the arrow keys to highlight the Application field. 2. Use the SPACE bar or BACKSPACE key to step to the desired setting. Table 5-3 lists the available settings and their corresponding applications.
General Configuration Screen 3. Use the arrow keys to highlight SAVE at the bottom of the screen. 4. Press ENTER. The warning shown in Figure 5-6 displays. Figure 5-6 Clear NVRAM Warning WARNING YOU HAVE ELECTED TO CLEAR NVRAM. THIS WILL CLEAR ALL SYSTEM DEFAULTS INCLUDING BUT NOT LIMITED TO IP ADDRESS, INTERFACE CONFIGURATION, AND COM PORT CONFIGURATION, THEN REBOOT THIS DEVICE. ARE YOU SURE YOU WANT TO CLEAR NVRAM? NO YES 17426_1 5.
SNMP Configuration Menu Screen 5.3 SNMP CONFIGURATION MENU SCREEN Screen Navigation Paths For 6C105 chassis: Password > Main Menu > Module Selection > Module Menu > Module Configuration Menu > SNMP Configuration Menu For 6C107 chassis: Password > Module Selection > Module Menu > Module Configuration Menu > SNMP Configuration Menu When to Use To provide access to the SNMP Community Names Configuration, SNMP Traps Configuration, and Access Control List screens.
SNMP Configuration Menu Screen Screen Example Figure 5-7 SNMP Configuration Menu Screen SNMP COMMUNITY NAMES CONFIGURATION SNMP TRAPS CONFIGURATION ACCESS CONTROL LIST SAVE RETURN EXIT 4046_107w Menu Descriptions Refer to Table 5-4 for a functional description of each menu item.
SNMP Community Names Configuration Screen 5.4 SNMP COMMUNITY NAMES CONFIGURATION SCREEN When to Use To set SNMP Management community names. Community names act as passwords to Local/Remote Management and are agents of security access to the switch module. Access is controlled by enacting any of three different levels of security authorization (read-only, read-write, and super-user).
SNMP Community Names Configuration Screen Screen Example Figure 5-8 SNMP Community Names Configuration Screen Community Name Access Policy public read-only public read-write public super-user SAVE RETURN EXIT 2504-16w Field Descriptions Refer to Table 5-5 for a functional description of each screen field.
SNMP Community Names Configuration Screen Table 5-5 SNMP Community Names Configuration Screen Field Descriptions (Continued) Use this field… To… Access Policy (Read-Only) Indicate the access accorded each community name. The available access levels are as follows: 5.4.1 read-only This community name gives the user read-only access to the switch module MIB objects, and excludes access to security-protected fields of read-write or super-user authorization.
SNMP Traps Configuration Screen 5.5 SNMP TRAPS CONFIGURATION SCREEN When to Use To assign SNMP traps to eight different IP addresses. Since the switch module is an SNMP compliant module, it can send messages to multiple Network Management Stations to alert users of status changes. NOTE: It is only necessary to assign SNMP traps when the user needs the traps sent to different addresses than those assigned for the chassis. Refer to Section 4.4, which details how to set SNMP Traps for the 6C105 chassis.
SNMP Traps Configuration Screen Field Descriptions Refer to Table 5-6 for a functional description of each screen field. Table 5-6 SNMP Traps Configuration Screen Field Descriptions Use this field… To… Trap Destination (Modifiable) Display/enter the IP address of the workstation to receive trap alarms. Up to eight different destinations can be defined.
Access Control List Screen 7. Use the arrow keys to highlight the SAVE command and press ENTER. The message “SAVED OK” displays on the screen. NOTE: Exiting without saving causes a “NOT SAVED?” message to display above the SAVE command. Edits are lost if they are not saved before exiting. The designated workstations will now receive traps from the switch module as long as the communication path to the designated workstations are not inhibited (for example, by subnets or VLANs). 5.
Access Control List Screen Screen Example Figure 5-10 Access Control List Screen Access Control Lists: [ENABLED] IP Addr Mask IP Addr Mask 131.130.12.0 182.15.2.1 12.1.6.1 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 255.255.255.0 255.255.0.0 255.0.0.0 255.255.255.255 255.255.255.255 255.255.255.255 255.255.255.255 255.255.255.255 180.150.200.3 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 255.255.255.255 255.255.255.255 255.255.255.255 255.255.255.255 255.255.255.255 255.255.255.255 255.255.
Access Control List Screen Table 5-7 Access Control List Screen Field Descriptions Use this field… To… Access Control Lists (Toggle) Enable or disable ACL to restrict SNMP/IP access to a limited number of IP addresses. This field toggles between ENABLED and DISABLED. DISABLED is the default setting. When ACL is enabled, all module access is limited to the 16 IP addresses and /or range of addresses as shown in the screen example.
Access Control List Screen 5.6.1 Entering IP Addresses To enter a single or range of IP addresses into the ACL, proceed as follows: Entering Single Addresses 1. Use the arrow keys to highlight one of the place holders (0.0.0.0) under IP Addresses. 2. Enter the IP address of a device that you want to have access to Local Management using the following format: nnn.nnn.nnn.nnn (where n is an alphanumeric character). 3. In the adjacent Mask column, the value must be the default value of 255.255.255.255.
Access Control List Screen 4. Repeat steps 1 through 3 if more than one range of addresses is being entered. Up to 16 ranges of IP addresses, including any single IP Addresses entered. If an invalid format is used to enter an IP address, one of the following messages may display in the Event Message Line: • “INVALID IP FORMAT” if more than 3 periods are used, • “INVALID IP” if numbers > 255 are used. • “DUPLICATE IP” if the same IP is entered. • “INTERNAL IP” if the module’s IP is entered.
System Resources Information Screen 5.7 SYSTEM RESOURCES INFORMATION SCREEN When to Use To monitor the current switch utilization and the peak switch utilization. This screen provides information concerning the processor used in the switch module and the amount of FLASH memory, DRAM, and NVRAM that is installed and how much of that memory is available. How to Access Use the arrow keys to highlight the SYSTEM RESOURCES INFORMATION menu item on the Module Configuration Menu screen, and press ENTER.
System Resources Information Screen Field Descriptions Refer to Table 5-8 for a functional description of each screen field. Table 5-8 System Resources Information Screen Field Descriptions Use this field… To… CPU Type (Read-Only) See which microprocessor is used in the switch module. Flash Memory Installed (Read-Only) See the amount of FLASH memory that is installed in the switch module and how much is currently available.
FLASH Download Configuration Screen 5.8 FLASH DOWNLOAD CONFIGURATION SCREEN Important Notice There are restrictions on the version of firmware required for 6H302-48 modules with a serial number starting with 3655xxxxxx. The serial number is visible on the top ejector tab of the switch, or by querying the PIC MIB. For firmware in the 5.x track, version 5.03.05 or higher must be used on 6H302-48 modules with a serial number starting with 3655. For the 4.x firmware track, 4.08.
FLASH Download Configuration Screen NOTE: Configuration files cannot be downloaded or uploaded directly from one switch module to another. How to Access Use the arrow keys to highlight the FLASH DOWNLOAD CONFIGURATION menu item on the Module Configuration Menu screen, and press ENTER. The Flash Download Configuration screen, Figure 5-12, displays. Screen Example Figure 5-12 Flash Download Configuration Screen Download Method: Reboot After Download: [YES] TFTP Gateway IP Addr: nnn.nnn.nnn.
FLASH Download Configuration Screen Table 5-9 Flash Download Configuration Screen Field Descriptions Use this field… To… Download Method (Selectable) Select a method (RUNTIME, DOWNLOAD CONFIG, or UPLOAD CONFIG) to download (receive) an image file from a TFTP server, or upload (transmit) or download a configuration file to/from a TFTP server.
FLASH Download Configuration Screen Table 5-9 Flash Download Configuration Screen Field Descriptions (Continued) Use this field… To… Reboot After Download (Toggle) Set the switch module so it will either reboot or not reboot after completing the download of an image. This field toggles between YES and NO, when the Download Method field is set to RUNTIME. If YES is selected, the module reboots after the download is completed.
FLASH Download Configuration Screen 5.8.1 Image File Download Using Runtime To download a firmware image file to the switch module using Runtime, proceed as follows: 1. Use the arrow keys to highlight the Reboot After Download field. 2. Use the SPACE bar to select either YES or NO. Select YES if you want the module to reboot after the download is completed. Select NO if you want the switch module to store the new image in FLASH memory until the module is reset or during the next power-up. 3.
FLASH Download Configuration Screen 5.8.2 Configuration File Download Using TFTP To download a configuration file from a TFTP server to the switch module, proceed as follows: 1. Use the arrow keys to highlight the Download Method field. 2. Use the SPACE bar to select DOWNLOAD CONFIG. NOTE: When DOWNLOAD CONFIG is selected, the Reboot After Download field is automatically set to YES (and cannot be changed), so that the switch module automatically reboots after a successful download. 3.
FLASH Download Configuration Screen 5.8.3 Configuration File Upload Using TFTP To upload a configuration file to a TFTP server, proceed as follows: 1. Use the arrow keys to highlight the Download Method field. 2. Use the SPACE bar to select UPLOAD CONFIG. NOTE: When UPLOAD CONFIG is selected, the Reboot After Download field is automatically set to NO (and cannot be changed). 3. Use the arrow keys to highlight the TFTP Gateway IP Addr field. 4.
6 Port Configuration Menu Screens This chapter describes the Port Configuration Menu screen and the following screens that can be selected: • Ethernet Interface Configuration screen (Section 6.2) • Ethernet Port Configuration screen (Section 6.3) • HSIM/VHSIM Configuration screen (Section 6.4) • Redirect Configuration Menu screen (Section 6.5) • Port Redirect Configuration screen (Section 6.6) • VLAN Redirect Configuration screen (Section 6.
Port Configuration Menu Screen 6.1 PORT CONFIGURATION MENU SCREEN When to Use To select screens to perform port configuration tasks on the switch module. How to Access Use the arrow keys to highlight the PORT CONFIGURATION MENU item on the Module Configuration Menu screen and press ENTER. The Port Configuration Menu screen, Figure 6-1, displays. The list of menu items differs depending on the Aggregation (Agg) Mode selected in the General Configuration screen described in Section 5.2.
Port Configuration Menu Screen Figure 6-2 Port Configuration Menu Screen (in Agg Mode, IEEE8023ad) ETHERNET INTERFACE CONFIGURATION HSIM/VHSIM CONFIGURATION REDIRECT CONFIGURATION MENU LINK AGGREGATION MENU BROADCAST SUPPRESSION CONFIGURATION EXIT RETURN 3650_13 Field Descriptions Refer to Table 6-1 for a functional description of each menu item.
Ethernet Interface Configuration Screen Table 6-1 Port Configuration Menu Screen Menu Item Descriptions (Continued) Menu Item Screen Function SMARTTRUNK CONFIGURATION Used to logically group interfaces together to permit aggregation of multiple links. This menu item appears when the Agg Mode field is set to “HUNTGROUP” in the General Configuration screen. Refer to the SmartTrunk User’s Guide for information about how to access and use the SmartTrunk screens.
Ethernet Interface Configuration Screen Screen Example Figure 6-3 Ethernet Interface Configuration Screen Intf Port PortType Link Speed Duplex Config FDX FC HDX FC 1 2 3 4 5 6 7 8 9 10 11 12 1 1 1 1 1 1 1 1 1 1 1 1 FE-100TX FE-100TX FE-100TX FE-100TX FE-100TX FE-100TX FE-100TX FE-100TX FE-100TX FE-100TX FE-100TX FE-100TX No Link No Link No Link No Link Link No Link No Link Link Link Link Link Link 100 10 100 10 10 100 100 100 100 100 100 100 Full Half Full Half Full Full Full Half Full Full
Ethernet Interface Configuration Screen Table 6-2 Ethernet Interface Configuration Screen Field Descriptions (Continued) Use this field… To… Link (Read-Only) See whether or not there is a physical connection from the port to another device. One of the following values is displayed: Link – There is a link signal present and a valid physical connection to another device. No Link – There is no link signal present and there is no valid physical connection to another device.
Ethernet Interface Configuration Screen Table 6-2 Ethernet Interface Configuration Screen Field Descriptions (Continued) Use this field… To… HDX FC (Read-Only) See the current half duplex flow control setting. Half duplex flow control, also known as back pressure, is a collision based flow control mechanism used in half duplex configurations. The port will display On, Off, or NA. NA is displayed when the port does not support flow control.
Ethernet Port Configuration Screen 6.3 ETHERNET PORT CONFIGURATION SCREEN When to Use To change the operating mode of a specific Ethernet interface, such as the speed, duplex, auto-negotiation, advertised ability, and the flow control settings. Configuring optional Fast Ethernet or Gigabit Ethernet ports is also done on this screen. How to Access Use the arrow keys to highlight the desired Ethernet port on the Ethernet Interface Configuration screen and press ENTER.
Ethernet Port Configuration Screen Field Descriptions Refer to Table 6-3 for a functional description of each screen field. Table 6-3 Ethernet Port Configuration Screen Field Descriptions Use this field… To… Interface (Read-Only) See the Interface number. Physical Port (Read-Only) See the number of the physical port on the interface. Default Speed (Selectable) See the current operational speed in Mbps. Display options are 10, 100, and 1000.
Ethernet Port Configuration Screen Table 6-3 Ethernet Port Configuration Screen Field Descriptions (Continued) Use this field… To… Advertised Ability (Selectable) Select the port “advertised” mode of operation. In normal operation, with all capabilities enabled, the port “advertises” that it has the ability to operate in any mode. The user may choose to set up the port so that only a portion of the available capabilities are advertised and the others are disabled.
Ethernet Port Configuration Screen Table 6-3 Ethernet Port Configuration Screen Field Descriptions (Continued) Use this field… To… Full Duplex Flow Control (Selectable) Set the flow control feature on each port for a specific mode. The choices are as follows: Symmetric – the port operates in Symmetric mode, causing the port to interpret received PAUSE frames and allow the port to transmit PAUSE frames when necessary at any speed connection.
Ethernet Port Configuration Screen 6.3.1 Selecting Field Settings All selectable or toggle fields other than Advertised Ability can be changed by following this procedure: 1. Use the arrow keys to highlight the field to be changed. 2. Use the SPACE bar or BACKSPACE key to step or toggle through the selections. 3. Press the ENTER key when the desired selection is displayed. 4. Use the arrow keys to highlight the SAVE command at the bottom of the screen. Press ENTER.
HSIM/VHSIM Configuration Screen 6.4 HSIM/VHSIM CONFIGURATION SCREEN When to Use To configure an optional HSIM or VHSIM. NOTE: The HSIM/VHSIM Configuration menu item can only be selected when a non-Ethernet HSIM or VHSIM is installed in the switch module. The applicable setup screen for that interface displays. This only applies to HSIMs and VHSIMs that can support WAN, FDDI or ATM. Refer to the appropriate HSIM or VHSIM user’s guide to set its operating parameters.
Redirect Configuration Menu Screen 6.5 REDIRECT CONFIGURATION MENU SCREEN For 6C105 chassis: Password > Main Menu > Module Selection > Module Menu > Module Configuration Menu > Port Configuration Menu > Redirect Configuration Menu For 6C107 chassis: Password > Module Selection > Module Menu > Module Configuration Menu > Port Configuration Menu > Redirect Configuration Menu When to Use To access the Port Redirect Configuration and VLAN Redirect Configuration screens.
Redirect Configuration Menu Screen Screen Example Figure 6-5 Redirect Configuration Menu Screen PORT REDIRECT CONFIGURATION VLAN REDIRECT CONFIGURATION EXIT RETURN 2504_94w Field Descriptions Refer to Table 6-4 for a functional description of each menu item. Table 6-4 Redirect Configuration Menu Screen Field Menu Item Descriptions Menu Item Screen Function PORT REDIRECT CONFIGURATION Used to redirect traffic from a source switch port to a destination switch port. For details, refer to Section 6.
Port Redirect Configuration Screen 6.6 PORT REDIRECT CONFIGURATION SCREEN When to Use (for 6C105 Chassis) To redirect frames from one source port to many destination ports or many source ports to one destination port on a switch module in a 6C105 chassis. Frames received on a source port can be redirected and transmitted in the frame format in which they are received (normal), or they can be redirected with a VLAN Tag (TAGGED) or without a VLAN Tag (UNTAGGED).
Port Redirect Configuration Screen • You can redirect frames between any Ethernet 6X2XX series module ports and any other Ethernet ports. • The VLAN tag in the frame, as it is being mirrored, is maintained and forwarded to the destination mirrored port. • You can add a new port redirect entry to a destination port that is already saved and active. However, this will cause a Local Management warning to appear at the top left corner of the screen.
Port Redirect Configuration Screen Table 6-5 Port Redirect Configuration Screen Field Descriptions Use this field… To… Source Port (Read-Only) See which ports are currently set as source ports. Destination Port (Read-Only) See which ports are currently set as destination ports. Frame Format (Read-Only) See the current frame format setting: NORMAL, TAGGED, or UNTAGGED. The default is NORMAL. NORMAL – Frames are redirected in the format that they were received or transmitted on the source port.
Port Redirect Configuration Screen Table 6-5 Port Redirect Configuration Screen Field Descriptions (Continued) Use this field… To… Redirect Errors (Toggle) Set each source port to either ON, to send errored frames to its destination port, or OFF to drop errored frames and send only valid traffic to its destination port. The default setting is OFF. Status (Toggle) Add or delete source and destination ports selected in the Source Port [n] and Destination Port [n] fields. 6.6.
VLAN Redirect Configuration Screen 10.Use the SPACE bar to select either the ADD or DEL (delete) option. Press ENTER. This adds or deletes the selections for the Source Port, Destination Port, Frame Format, and Redirect Errors made in steps 1 through 8 and also updates the screen. TIP: If more than 1 port is being redirected, repeat steps 1 through 10 for each additional setting. Then go to step 11 to save all the new settings at once.
VLAN Redirect Configuration Screen The VLAN redirect function is very useful for troubleshooting purposes. It allows all inbound and outbound traffic from one or more source VLANs to be sent to a destination VLAN where all current traffic from the source VLANs can be examined using analyzers, RMON probes, or IDS sensors. NOTE: Although traffic associated with a particular VLAN is sent to the destination port, normal switching is still performed for all frames on the source port.
VLAN Redirect Configuration Screen Field Descriptions Refer to Table 6-6 for a functional description of each screen field. Table 6-6 VLAN Redirect Configuration Screen Field Descriptions Use this field… To… Source VLAN (Read-Only) See the VLAN ID of the VLANs that are currently set as source VLANs. (Multiple VLANs may be assigned to one destination port.) Destination Port (Read-Only) See which ports are currently set as destination ports.
VLAN Redirect Configuration Screen 6.7.1 Changing Source VLAN and Destination Ports To add or delete source VLAN and destination port entries and set the Frame Format, proceed as follows: 1. Use the arrow keys to highlight the Source VLAN field near the bottom of the screen. 2. Type in the VLAN ID number of the source VLAN to be configured. 3. Use the arrow keys to highlight the Destination Port field near the bottom of the screen. 4.
Link Aggregation Screen (802.3ad Main Menu Screen) 6.8 LINK AGGREGATION SCREEN (802.3ad MAIN MENU SCREEN) CAUTION: These screens should be used only by personnel who are knowledgeable about Spanning Tree and Link Aggregation and fully understand the ramifications of modifications beyond defaults. Otherwise, the proper operation of the network could be at risk.
Link Aggregation Screen (802.3ad Main Menu Screen) According to the IEEE 802.3ad standard, a port does not detach from an aggregator because of link loss. If a port is attached to an aggregator and the link is removed, the port’s mux machine will transition from COLLECTING to ATTACHED; however, it will remain attached to the same aggregator. Ports that are attached to an aggregator will enter a Spanning Tree state of AGGREGATING on the Spanning Tree screens, just as they do when manually placed in a trunk.
Link Aggregation Screen (802.3ad Main Menu Screen) The STP is able to calculate which ports on a switch can be allowed to forward traffic to eliminate the possibility of looping in a network. So, if multiple links were attached between two switches, only one would be used. The remaining links would be placed in a disabled state called “Blocking.” Link Aggregation It is desirable to have a way to use multiple interswitch links simultaneously to increase interswitch bandwidth.
Link Aggregation Screen (802.3ad Main Menu Screen) Proprietary Aggregation Methods Most switch vendors provide a way to group these ports together manually. For example, the user could configure Ports 1, 2 and 3 in a trunk on switch X and connect to ports 4, 5 and 6 that are in a trunk on switch Y. By interconnecting the switches together, the effective bandwidth can be aggregated to the sum of the parts. The Enterasys Networks’ implementation is called SmartTrunking. IEEE 802.
Link Aggregation Screen (802.3ad Main Menu Screen) Screen Example Figure 6-8 802.3ad Main Menu Screen PORT AGGREGATOR SYSTEM EXIT RETURN 3650_14 Menu Descriptions Refer to Table 6-7 for a functional description of each menu item.
Link Aggregation Screen (802.3ad Main Menu Screen) Table 6-7 802.3ad Main Menu Screen Menu Item Descriptions Menu Item Screen Function PORT Used to access the 802.3ad Port screen, described in Section 6.8.1, to view port instances and to access the 802.3ad Port Details screen, described in Section 6.8.1.1, and the Port Statistics screen, described in Section 6.8.1.2. AGGREGATOR Used to access the 802.
Link Aggregation Screen (802.3ad Main Menu Screen) Screen Example Figure 6-9 802.3ad Port Screen Port Aggregator OperKey 1 1 1 Attached 2 23 1 Distributing 3 23 1 Distributing 4 4 1 Attached 5 5 1 Attached 6 6 1 Attached 7 7 1 Distributing 8 8 1 Distributing 9 9 1 Attached 1 23 1 Distributing 11 11 1 Attached 12 12 1 Attached NEXT MUX EXIT RETURN 3650_15 Field Descriptions Refer to Table 6-8 for a functional description of each screen field.
Link Aggregation Screen (802.3ad Main Menu Screen) Figure 6-9 shows the four columns of information: The Port Instance; the Aggregator that the Port is attached to; the operational key of the Port, and the state of the port’s MUX state machine. Viewing and Editing 802.3ad Port Parameters To view the 802.3ad related port parameters of any port displayed on the screen, proceed as follows: 1. Use the arrow keys to highlight the port number of interest under the Port field. 2. Press ENTER. The 802.
Link Aggregation Screen (802.3ad Main Menu Screen) Screen Example Figure 6-10 802.
Link Aggregation Screen (802.3ad Main Menu Screen) Table 6-9 802.3ad Port Details Screen Field Descriptions (Continued) Use this field… To… ActorPortPriority (Modifiable) Set the priority value of this port (not used in this implementation). ActorAdminKey See the administratively assigned key value for this port. Only ports with matching keys may aggregate.
Link Aggregation Screen (802.3ad Main Menu Screen) Table 6-9 802.3ad Port Details Screen Field Descriptions (Continued) Use this field… To… ActorOperState See the current (operational) value of the port’s Actor_State. The hex value is displayed as well as the individual bit fields. The fields are as follows. (Read-Only) bit 0 LACP_Activity, 1 indicates Active, 0 indicates passive. If a port is Active, it will always transmit LACP PDUs.
Link Aggregation Screen (802.3ad Main Menu Screen) Table 6-9 802.3ad Port Details Screen Field Descriptions (Continued) Use this field… To… ActorOperState bit 5 Distributing, 1 indicates that this port is Distributing. (Read-Only) (Continued) “Distributing” means that a port is ready to transmit traffic. If Distributing is true a ‘D’ is displayed, otherwise a ‘-’ is displayed in this bit position. bit 6 Defaulted, 1 indicates that this port has deFaulted.
Link Aggregation Screen (802.3ad Main Menu Screen) Table 6-9 802.3ad Port Details Screen Field Descriptions (Continued) Use this field… To… SelectedAggID See the instance of the aggregator that this port has selected. (Read-Only) AttachedAggID (Read-Only) See the instance of the aggregator to which this port is attached. LAGID (Read-Only) See the complete link aggregation group identifier for the port. Ports with identical LAG IDs will be connected to the same aggregator.
Link Aggregation Screen (802.3ad Main Menu Screen) 6.8.1.2 802.3ad Port Statistics Screen When to Use To view all the port-related LACP parameters about a port instance shown in the 802.3ad Port Details screen described back in Section 6.8.1.1. How to Access Use the arrow keys to highlight the STATS command in the 802.3ad Port Details screen and press ENTER. The 802.3ad Port Statistics screen (Figure 6-11) displays.
Link Aggregation Screen (802.3ad Main Menu Screen) Table 6-10 802.3ad Port Statistics Screen Field Descriptions Use this field… To… Port Instance (Read-Only) See a unique number used to identify this port. This corresponds to the port numbering scheme seen in other screens. LACPDUsRx (Read-Only) See the number of valid Marker PDUs that this Aggregation Port can receive. IllegalRx (Read-Only) See the number of received frames carrying the Slow Protocol’s Ethernet Type value (34B.
Link Aggregation Screen (802.3ad Main Menu Screen) Table 6-10 802.3ad Port Statistics Screen Field Descriptions (Continued) Use this field… To… LastRxTime(delta) (Read-Only) See the amount of time since the last LACP PDU has been received on this port. ActorChurnState (Read-Only) See the state of the Actor Churn state machine for this port. Values can be noChurn, churn, or churnMonitor. Churn indicates that the port is unable to find an aggregator to attach to.
Link Aggregation Screen (802.3ad Main Menu Screen) 6.8.2 802.3ad Aggregator Screen When to Use To see a summary of all the available aggregators and other basic information, including the aggregator interface instance, operational key, system priority, and the number of ports currently attached to the aggregator. How to Access Use the arrow keys to highlight the AGGREGATOR menu item in 802.3ad Main Menu screen and press ENTER. The 802.3ad Aggregator screen, Figure 6-12, displays.
Link Aggregation Screen (802.3ad Main Menu Screen) Table 6-11 802.3ad Aggregator Screen Field Descriptions Use this field… To… AggInst (Read-Only) See dot3adAggIndex, a unique number that identifies this aggregator. OperKey (Read-Only) See dot3adAggActorOperKey, the associated operational key value. SysPri (Read-Only) See dot3adAggActorSystemPriority, the priority value associated with this aggregator. NumPorts (Read-Only) See the number of ports that are currently attached to this aggregator.
Link Aggregation Screen (802.3ad Main Menu Screen) 6.8.2.1 802.3ad Aggregator Details Screen When to Use To see the current parameter details of the Aggregator Instance selected on the 802.3ad Aggregator screen described in Section 6.8.2. How to Access Use the arrow keys to highlight the line containing the Aggregator of interest on the 802.3ad Aggregator screen and press ENTER. The 802.3ad Aggregator Details screen, Figure 6-13, displays. Screen Example Figure 6-13 802.
Link Aggregation Screen (802.3ad Main Menu Screen) Table 6-12 802.3ad Aggregator Details Screen Field Descriptions Use this field… To… Aggregator Instance See the instance of the aggregator being viewed. The instance is a numerical value used to uniquely identify an aggregator in a system and matches the aggregator’s logical port number. Actor System Identifier See the System associated with the aggregator. (Read-Only) System Priority See the system priority value of this aggregator.
Link Aggregation Screen (802.3ad Main Menu Screen) 6.8.3 802.3ad System Screen When to Use To see basic system-level information, such as System Identifier, Number of Ports and Number of Aggregators. How to Access Use the arrow keys to highlight the SYSTEM menu item in 802.3ad Main Menu screen and press ENTER. The 802.3ad System screen, Figure 6-14, displays. Screen Example Figure 6-14 802.
Link Aggregation Screen (802.3ad Main Menu Screen) Field Descriptions Refer to Table 6-13 for a functional description of each screen field. Table 6-13 802.3ad System Screen Field Descriptions Use this field… To… System Identifier (Read-Only) See the uniquely identified system-to-protocol partner. Number of Ports (Read-Only) See the number of ports that are participating in 802.3ad on this switch. Number of Aggregators (Read-Only) See the number of aggregators that exist on this switch.
Broadcast Suppression Configuration Screen 6.9 BROADCAST SUPPRESSION CONFIGURATION SCREEN NOTE: Broadcast frames received above the threshold setting are dropped. When to Use To set a limit for the receive broadcast frames that are switched out to the other ports. How to Access Use the arrow keys to highlight the BROADCAST SUPPRESSION CONFIGURATION menu item on the Port Configuration Menu screen and press ENTER. The Broadcast Suppression Configuration screen, Figure 6-15, displays.
Broadcast Suppression Configuration Screen Field Descriptions Refer to Table 6-14 for a functional description of each screen field. Table 6-14 Broadcast Suppression Configuration Screen Field Descriptions Use this field… To… PORT # (Read-Only) Identify the number of the port. Total RX (Read-Only) See the total number of broadcast frames received. Peak Rate (Read-Only) See the highest number of broadcast frames received in a one-second interval.
Broadcast Suppression Configuration Screen 6.9.2 Setting the Reset Peak To set the Reset Peak field to YES or NO, proceed as follows: 1. Use the arrow keys to highlight the Reset Peak field for the selected port. 2. Press the SPACE bar to select YES or NO. 3. Use the arrow keys to highlight the SAVE command at the bottom of the screen. 4. Press ENTER. The message “SAVED OK” displays and the Time Since Peak field is also reset.
7 802.1 Configuration Menu Screens This chapter discusses the Enterasys Networks Rapid Reconvergence Spanning Tree implementation as well as the implementation of IEEE 802.3AD. The following screens are discussed: • 802.1 Configuration Menu screen (Section 7.1) • 802.3ad Configuration screens (Chapter 6) • Spanning Tree Configuration Menu screen (Section 7.2) • Spanning Tree Configuration screen (Section 7.3) • Spanning Tree Port Configuration screen (Section 7.
802.1 Configuration Menu Screen 7.1 802.1 CONFIGURATION MENU SCREEN When to Use To access the Spanning Tree Configuration Menu, 802.1Q VLAN Configuration Menu, or 802.1p Configuration Menu screen. How to Access Use the arrow keys to highlight the 802.1 CONFIGURATION MENU item on the Module Configuration Menu screen and press ENTER. The 802.1 Configuration Menu screen, Figure 7-1, displays. Screen Example Figure 7-1 802.1 Configuration Menu Screen SPANNING TREE CONFIGURATION MENU 802.
802.1 Configuration Menu Screen Menu Descriptions Refer to Table 7-1 for a functional description of each menu item. Table 7-1 802.1 Configuration Menu Screen Menu Item Descriptions Menu Item Screen Function SPANNING TREE CONFIGURATION MENU Used to select the Spanning Tree Configuration and Spanning Tree Port Configuration screens. These screens are used for the following functions: • Create a separate Spanning Tree topology for each VLAN configured in the switch module.
Spanning Tree Configuration Menu Screen 7.2 SPANNING TREE CONFIGURATION MENU SCREEN CAUTION: These screens should be used only by personnel who are very knowledgeable about Spanning Trees and how to develop them. Otherwise, the proper operation of the network could be at risk. For 6C105 chassis: Password > Main Menu > Module Selection > Module Menu > Module Configuration Menu > 802.
Spanning Tree Configuration Menu Screen Screen Example Figure 7-2 Spanning Tree Configuration Menu Screen SPANNING TREE CONFIGURATION SPANNING TREE PORT CONFIGURATION EXIT RETURN 4046_86 Menu Descriptions Refer to Table 7-2 for a functional description of each menu item.
Spanning Tree Configuration Screen Table 7-2 Spanning Tree Configuration Menu Screen Menu Item Descriptions (Continued) Menu Item Screen Function PVST PORT CONFIGURATION Used to allow Multiple Spanning Trees. 7.3 This screen displays when you select a port of interest on the Spanning Tree Port Configuration screen. For details, refer to Section 7.
Spanning Tree Configuration Screen Screen Example Figure 7-3 Spanning Tree Configuration Screen Spanning Tree Configuration VLAN AgeTime Priority VLAN AgeTime Priority 1 300 32768 2 300 32768 Current STP Mode: [ IEEE ] VLAN: 2 Operation: [ Add ] SAVE ADD ALL CONFIGURED VLAN EXIT RETURN 3650_04-2 Field Descriptions Refer to Table 7-3 for a functional description of each screen field.
Spanning Tree Configuration Screen Table 7-3 Spanning Tree Configuration Screen Field Descriptions (Continued) Use this field… To… AgeTime (Modifiable) Enter the age time (10 to 1 million seconds) for the associated VLAN. This is the amount of time that the entry remains in the bridge forwarding table. The default is 300. Priority (Selectable) Select the VLAN’s 802.1D bridge priority using the SPACE bar. Valid values are in multiples of 4096, with 0 indicating high priority. Default value is 32768.
Spanning Tree Configuration Screen Table 7-3 Spanning Tree Configuration Screen Field Descriptions (Continued) Use this field… To… ADD ALL CONFIGURED VLAN (Toggle) Implement the new configuration to all static VLANs and update the VLAN list to include those new static VLANs. 7.3.1 Configuring a VLAN Spanning Tree To configure a VLAN Spanning Tree, proceed as follows: 1. Use the arrow keys to highlight the Current STP Mode field near the bottom of the screen. 2.
Spanning Tree Port Configuration Screen 13.Use the arrow keys to highlight the SAVE command and press ENTER to save all your settings at once. 14.If you want to add all the VLANs configured on the switch to the screen with a default age time of 300 seconds and a bridge priority of 32768, use the arrow keys to highlight the ADD ALL CONFIGURED VLAN command and press ENTER. 7.
Spanning Tree Port Configuration Screen Screen Example Figure 7-4 Spanning Tree Port Configuration Screen State Status 1 00-00-1D-00-00-00 forwarding [Enable] 2 00-00-1D-00-00-01 forwarding [Enable] 3 00-00-1D-00-00-02 forwarding [Enable] 4 00-00-1D-00-00-03 forwarding [Enable] 5 00-00-1D-00-00-04 forwarding [Enable] 6 00-00-1D-00-00-05 forwarding [Enable] 7 00-00-1D-00-00-06 forwarding [Enable] 8 00-00-1D-00-00-07 forwarding [Enable] Port # MAC Address Switch Address:
Spanning Tree Port Configuration Screen Table 7-4 Spanning Tree Port Configuration Screen Field Descriptions (Continued) Use this field… To… Status (Toggle/Read-Only) Enable or disable the physical state of the ports. The Status field toggles between Enable and Disable using the SPACE bar. When you step to an STP VLAN ID other than Default, this field becomes a read-only field that shows the status of the ports associated with the VLAN shown in the STP VLAN ID field.
PVST Port Configuration Screen 7.4.2 Viewing Status of Spanning Tree Ports Ports and their status associated with an STP VLAN can be viewed, as follows: 1. Use the arrow keys to highlight the STP VLAN ID field near the bottom of the screen. 2. Use the SPACE bar to step to the appropriate STP VLAN ID and press ENTER. The ports, MAC Address, port state, port status, age time, and number of ports associated with the STP VLAN ID are displayed. 3.
PVST Port Configuration Screen Field Descriptions Refer to Table 7-5 for a functional description of each screen. Table 7-5 PVST Port Configuration Screen Field Descriptions Use this field… To… Port # (Read-Only) View the bridge port number of this port. Corresponding ifindex (Read-Only) View the corresponding interface number for this port. Corresponding idDescr (Read-Only) View the interface description for this port.
PVST Port Configuration Screen Table 7-5 PVST Port Configuration Screen Field Descriptions (Continued) Use this field… To… Port Path Cost (Modifiable) View the cost contribution of this port in the path to the Spanning Tree root. STP Vlan ID (Read-Only) View the Id of the VLAN in which this port belongs. 802.
PVST Port Configuration Screen 7-16 802.
8 802.1Q VLAN Configuration Menu Screens NOTE: It is strongly recommended that you read Chapter 13 to gain an understanding of VLANs and the associated terminology; how to use the VLAN Configuration screens to create VLANs; examples of how to configure VLANs in switches to solve a problem; and details on how frames are handled as they travel through the network. This chapter describes the 802.1Q VLAN Configuration Menu screen (Section 8.
Summary of VLAN Local Management 8.1 SUMMARY OF VLAN LOCAL MANAGEMENT The VLAN configuration process is an extension of normal Local Management operations. A series of Local Management screens provides access to the functions and commands necessary to add, change, or delete VLANs and to assign ports to those VLANs. The VLAN Configuration screens are a standard part of the Local Management hierarchy when the switch is configured to operate in 802.1Q Mode.
802.1Q VLAN Configuration Menu Screen 8.2 802.1Q VLAN CONFIGURATION MENU SCREEN When to Use To select screens to assign switched network ports to static VLANs, define new static VLANs, and configure port filtering according to a VLAN list. Network users can be logically grouped into VLANs even if they span long physical distances over a vast, intricate physical network. The VLAN Local Management menu items listed on the 802.
802.1Q VLAN Configuration Menu Screen Screen Example Figure 8-2 802.1Q VLAN Configuration Menu Screen STATIC VLAN CONFIGURATION CURRENT VLAN CONFIGURATION VLAN PORT CONFIGURATION VLAN CLASSIFICATION CONFIGURATION EXIT RETURN 4046_93 Menu Descriptions Refer to Table 8-1 for a functional description of each menu item. Table 8-1 802.
802.1Q VLAN Configuration Menu Screen Table 8-1 802.1Q VLAN Configuration Menu Screen Menu Item Descriptions (Continued) Menu Item Screen Function CURRENT VLAN CONFIGURATION Displays a list of the current VLANs along with their VLAN IDs, FDB IDs, VLAN Type, and if they have ports on the egress list. Each VLAN ID on the list may be highlighted to access the Current VLAN Egress Configuration screen. This screen provides a list and Egress status of each port associated with the selected VLAN.
Static VLAN Configuration Screen 8.3 STATIC VLAN CONFIGURATION SCREEN When to Use To create, modify, and/or delete one or more Static VLANs and associated VLAN names. This screen also provides access to the Static VLAN Egress Configuration screen to modify the port list of a VLAN selected from this screen, as described in Section 8.3.2. NOTE: Static VLANs are those VLANs that you create manually using this screen and can only be deleted using this screen.
Static VLAN Configuration Screen Field Descriptions Refer to Table 8-2 for a functional description of each screen field. Refer to Section 8.3.1 through Section 8.3.5 for the application of these fields. Table 8-2 Static VLAN Configuration Screen Field Descriptions Use this field… To… VLAN ID – top of screen (Read-Only) See the assigned VLAN IDs that are configured in the switch module. Initially, only the Default VLAN (VLAN ID: 1) is listed. Up to ten VLANs can be displayed in the screen.
Static VLAN Configuration Screen 8.3.1 Creating a Static VLAN To create a VLAN, proceed as follows: 1. Use the arrow keys to highlight the VLAN ID field near the bottom of the screen. 2. Enter the VLAN ID using a unique number between 2 and 4094. The VLAN IDs of 0, 1, and 4095 may not be used for user-defined VLANs. NOTE: Each VLAN ID must be unique. If a duplicate VLAN ID is entered, the switch assumes that the Administrator intends to modify the existing VLAN. 3. Press ENTER.
Static VLAN Configuration Screen 8.3.3 Renaming a Static VLAN To change the name of an existing VLAN, proceed as follows: 1. Use the arrow keys to highlight the VLAN ID field near the bottom of the screen. 2. Type the VLAN ID number of the VLAN to be changed. Press ENTER. 3. Use the arrow keys to highlight the VLAN Name field near the bottom of the screen. 4. Type the new VLAN name of up to 32 ASCII characters in the VLAN Name field. 5. Press ENTER. 6.
Static VLAN Egress Configuration Screen 8.3.5 Paging Through the VLAN List To display additional VLANs that do not display in the current VLAN List as shown on the screen, use the NEXT or PREVIOUS commands located at the bottom of the screen, as follows: NOTE: The NEXT and PREVIOUS fields will only display if there are further VLAN List entries to page through. 1. To display the next screen, use the arrow keys to highlight NEXT. Press ENTER to view the entries on the next screen. 2.
Static VLAN Egress Configuration Screen Screen Example Figure 8-4 Static VLAN Egress Configuration Screen VLAN ID: 2 Port ---1 2 3 4 5 6 7 8 FDB ID: 4 Egress ---------[ UNTAGGED ] [ TAGGED ] [ NO ] [ TAGGED ] [ TAGGED ] [ TAGGED ] [ UNTAGGED ] [ UNTAGGED ] VLAN NAME: Test Port Egress ------------9 [ UNTAGGED ] 10 [ UNTAGGED ] 11 [ UNTAGGED ] 12 [ TAGGED ] 13 [ NO ] 14 [ TAGGED ] 15 [ TAGGED ] 16 [ TAGGED ] Port Egress ------------17 [ UNTAGGED ] 18 [ TAGGED ] 19 [ NO ] 20 [ TAGGED ] 21 [ TAGGED ] 2
Static VLAN Egress Configuration Screen Table 8-3 Static VLAN Egress Configuration Screen Field Descriptions (Continued) Use this field… To… Egress (Selectable) Select the type of VLAN frame transmission (egress) for each port. You can select UNTAGGED, TAGGED, or NO, using the SPACE bar. UNTAGGED – the port will only transmit the VLAN frames as untagged. TAGGED – the port will only transmit the VLAN frames as tagged.
Static VLAN Egress Configuration Screen 3. To change the egress type on more than one port, repeat the first two steps for each port. 4. After the changes are complete, use the arrow keys to highlight the SAVE command at the bottom of the screen. 5. Press ENTER. The message “SAVED OK” displays and the settings are saved. Setting the Same Egress Type on All Ports Simultaneously 1. Use the arrow keys to highlight the SET ALL PORTS field.
Current VLAN Configuration Screen 8.5 CURRENT VLAN CONFIGURATION SCREEN When to Use To see the current VLANs and the associated FDB ID, VLAN type, and if the ports are on the egress list. The egress list is how the switch keeps track of all VLANs that it will recognize. How to Access Use the arrow keys to highlight the CURRENT VLAN CONFIGURATION menu item on the 802.1Q VLAN Configuration Menu screen, and press ENTER. The Current VLAN Configuration screen, Figure 8-5, displays.
Current VLAN Configuration Screen Field Descriptions Refer to Table 8-4 for a functional description of each screen field. NOTE: These fields are read-only fields, however, highlighting a line using the arrow keys and pressing ENTER causes the Current VLAN Egress Configuration screen to display. That screen shows the egress setting for each port associated with the VLAN ID in the highlighted line.
Current VLAN Egress Configuration Screen 8.6 CURRENT VLAN EGRESS CONFIGURATION SCREEN When to Use To see the egress settings of all ports associated with the VLAN ID selected from the Current VLAN Configuration screen. How to Access Use the arrow keys to highlight the line item with the VLAN ID of interest on the Current VLAN Configuration screen and press ENTER. The Current VLAN Egress Configuration screen, Figure 8-6, displays, showing the egress setting of each port associated with the VLAN ID.
VLAN Port Configuration Screen Field Descriptions Refer to Table 8-5 for a functional description of each screen field. Table 8-5 Current VLAN Egress Configuration Screen Field Descriptions Use this field… To… Port (Read-Only) See a list of the ports associated with the VLAN ID shown in the line above the Port and Egress lists. Egress (Read-Only) See the current egress setting (UNTAGGED, TAGGED, or NO) for each port. 8.
VLAN Port Configuration Screen How to Access Use the arrow keys to highlight the VLAN PORT CONFIGURATION menu item on the 802.1Q Configuration Menu screen and press ENTER. The VLAN Port Configuration screen, Figure 8-7, displays.
VLAN Port Configuration Screen Field Descriptions Refer to Table 8-6 for a functional description of each screen field. Table 8-6 VLAN Port Configuration Screen Field Descriptions Use this field… To… Policy PVID Override is (Read-Only) See the active override to a port as a result of an application policy. When a port number has an asterisk next to it, selecting that Port field will cause this field to display with the application policy number.
VLAN Port Configuration Screen Table 8-6 VLAN Port Configuration Screen Field Descriptions (Continued) Use this field… To… Ingress Filtering (Toggle) Enable or disable the ingress filtering on a port. When ENABLED, the module will discard the incoming frames for VLANs which do not include this Port in its Member set. When DISABLED, the port will forward the frames. This control does not affect VLAN independent BPDU frames, such as GVRP and STP. It does affect VLAN dependent BPDU frames.
VLAN Classification Configuration Screen 8.7.2 Configuring the VLAN Ports To configure a VLAN port, proceed as follows: NOTE: In the following steps, you only need to step to the fields that you are going to change. 1. Use the arrow keys to highlight the PVID field. 2. Type the PVID number to be assigned to the port. 3. Use the arrow keys to highlight the Port Mode field. 4. Press the SPACE bar to select appropriate Port Mode: HYBRID, 1Q TRUNK, or 1D TRUNK. The default is HYBRID. 5.
VLAN Classification Configuration Screen • Assign VLANs according to Classification rules. • Add/delete a VID and associated classification entry. • Access the Protocol Port Configuration screen. When a frame is received that already contains an 802.1Q frame tag, frame classification is not implemented. Instead, the frame is processed by the switch module according to the information contained in the 802.1Q frame tag.
VLAN Classification Configuration Screen Table 8-7 VLAN Classification Configuration Screen Field Descriptions Use this field … To … VID – top of screen (Selectable) See the VLAN Identifications (VIDs) currently associated with a protocol classification. To see which ports are assigned to a VID/Classification, or to add/remove a port from a VID/Classification, use the Protocol Port Configuration screen. For details, refer to Section 8.8.2.
VLAN Classification Configuration Screen Table 8-7 VLAN Classification Configuration Screen Field Descriptions (Continued) Use this field … To … DEL ALL/DEL MARKED (Command) Delete all or one or more marked Classification Rule entries on the screen. The DEL ALL command is the default and it is used to simultaneously delete all the configured Classification Rules. The DEL MARKED command appears in place of the DEL ALL command when one or more lines are marked for deletion.
VLAN Classification Configuration Screen Table 8-8 Classification List (Continued) Classification Subclassification and Options 802.3 SAP> SSAP/DSAP (802.
VLAN Classification Configuration Screen Table 8-8 Classification List (Continued) Classification Subclassification and Options Custom or Mask Value Dest IP Address IP Address: Mask: 000.000.000.000 000.000.000.000 IP Address: Mask: 000.000.000.000 000.000.000.
VLAN Classification Configuration Screen Table 8-8 Classification List (Continued) Classification Subclassification and Options Dest UDP Port IP UDP Port: Same selection as for Src UDP Port Classification Bil UDP Port TCP Port Number: 00000 TCP Port: Same selection as for Src TCP Port Classification Bil TCP Port UDP Port Number: 00000 TCP Port: - FTP Data - FTP - BOOTP Server - BOOTP Client - RIP - Telnet - TFTP - HTTP - DNS - SMTP - POP3 - IMAP2 - IMAP3 - NETBIOS Name Serv - NETBIOS Datagram -
VLAN Classification Configuration Screen Table 8-8 Classification List (Continued) Classification Subclassification and Options Src IPX Socket IPX Socket: - NCP - SAP - RIP - NETBIOS - Diagnostics - NLSP - IPX WAN - CUSTOM > Dest IPX Socket IPX Socket Type: 00000 IPX Socket: Same selection as for Src IPX Socket Classification Bil IPX Socket Custom or Mask Value IPX Socket Type: 00000 IPX Socket: Same selection as for Src IPX Socket Classification Src MAC Address MAC Address: 00-00-00-00-00-00
VLAN Classification Configuration Screen Table 8-8 Classification List (Continued) Classification Subclassification and Options Custom or Mask Value Bil UDP Range3 Start: End: 00000 00000 Start: End: 00000 00000 Start: End: 00000 00000 Start: End: 00000 00000 Src TCP Range3 Dest TCP Range3 Bil TCP Range3 1. Bold type indicates a user entry. 2.
VLAN Classification Configuration Screen NOTE: In Table 8-9, the following applies: – Highest precedence is 1a. – Lowest precedence is 6. – Exact Match indicates a match of an explicitly defined address. – Best Match indicates a match of an entire subnet, or range of addresses within a subnet.
VLAN Classification Configuration Screen Table 8-9 Classification Precedence (Continued) Classification Type Precedence Level Destination IPX Network Number 2b IP Fragments 3 Layer 4 UDP Port Source 4a UDP Port Destination 4b TCP Source Port 4a TCP Destination Port 4b IPX Socket Source 4a IPX Socket Destination 4b UDP Source Port 4a UDP Source Port Range 4b UDP Dest Port 4c UDP Dest Port Range 4d TCP Source Port 4a TCP Source Port Range 4b 802.
VLAN Classification Configuration Screen Table 8-9 Classification Precedence (Continued) Classification Type Precedence Level TCP Dest Port 4c TCP Dest Port Range 4d The following example shows how the precedence concept can be applied: Example A network administrator has defined the following two classifications involving VLANs: • All frames with a UDP Port Source number of 55 (Layer 4, precedence level 4a) are assigned to the Red VLAN. • All frames sourced from the 134.141.28.
VLAN Classification Configuration Screen 8.8.3 Assigning a Classification to a VID NOTE: It is strongly recommended that you read Section 8.8.1 for more information concerning classification before configuring the switch module. Incorrect configuration will affect network operation. To assign a Classification to a VID, proceed as follows: 1. Use the arrow keys to highlight the VID (VLAN identification) field. 2. Type in the appropriate VID. Press ENTER. 3.
VLAN Classification Configuration Screen 8.8.4 Deleting Line Items All, or one or more, line items can be deleted as follows: Deleting All Classification Rules To delete all the Classification Rules in the top half of the screen, use the arrow keys to highlight the DEL ALL command field and press ENTER. Deleting One or More Classification Rules To delete one or more Classification Rules, mark each one and then delete them, as follows: 1.
Protocol Port Configuration Screen 8.9 PROTOCOL PORT CONFIGURATION SCREEN When to Use To perform the following: • Display the ports. • Show which ports are set to the line item containing the VID/Classification (Classification Rule) of interest in the VLAN Classification Configuration screen described in Section 8.8. • Add or remove ports from being associated with the Classification Rule. • Add ports to the VLAN Forwarding List of the switch module.
Protocol Port Configuration Screen Screen Example Figure 8-9 Protocol Port Configuration Screen Classification Rule Field 1 Ether II Type Port 1 2 3 4 5 6 7 8 0x0800 (DOD IP) Classify [NO ] [NO ] [NO ] [NO ] [NO ] [NO ] [NO ] [NO ] Port 9 10 11 12 13 14 15 16 SET ALL PORTS: [NO ] SAVE Classify [NO ] [NO ] [NO ] [NO ] [NO ] [NO ] [NO ] [NO ] Port 17 18 19 20 21 22 23 24 Classify [NO ] [NO ] [NO ] [NO ] [NO ] NO [NO ] [NO ] Port 25 26 27 28 29 30 31 32 Class
Protocol Port Configuration Screen Table 8-10 Protocol Port Configuration Screen Field Descriptions (Continued) Use this field … To … Port (Read-Only) See the number of each port. Classify (Toggle) See which ports are set to the VID/Classification displayed in the Classification Rule field above the Port and Classify column headings. This field toggles between YES and NO, which determines whether or not the associated port is set to the VID/Classification indicated in the Classification Rule field.
Protocol Port Configuration Screen Assigning One or More Ports Individually 1. Use the arrow keys to highlight the Classify field adjacent to the Port number. 2. Press the SPACE bar to toggle the Classify field to YES or NO. YES assigns the port to the VID/Classification shown in the Classification Rule field. NO removes the port from the Classification Rule. 3. If more than one port is to be added to the Classification Rule, repeat the first two steps for each port. 4.
9 802.1p Configuration Menu Screens This chapter describes the 802.1p Configuration Menu screen and the following screens that may be selected from its menu: • Port Priority Configuration screen (Section 9.2) • Traffic Class Information screen (Section 9.3) • Traffic Class Configuration screen (Section 9.4) • Transmit Queues Configuration screen (Section 9.5) • Priority Classification Configuration screen (Section 9.6) • Protocol Port Configuration screen (Section 9.
802.1p Configuration Menu Screen 9.1 802.1p CONFIGURATION MENU SCREEN When to Use To select the screens used for setting port priority, priority classifications, or configuring rate limiting. How to Access Use the arrow keys to highlight the 802.1p CONFIGURATION MENU item on the 802.1 Configuration Menu screen and press ENTER. The 802.1p Configuration Menu screen, Figure 9-1, displays. Screen Example Figure 9-1 802.
802.1p Configuration Menu Screen Menu Descriptions Refer to Table 9-1 for a functional description of each menu item. Table 9-1 802.1p Configuration Menu Screen Menu Item Descriptions Menu Item Screen Function PORT PRIORITY CONFIGURATION Used to view or change the port default transmit priority (0 through 7) of each port for frames that are received (ingress) without priority information in their tag header. For additional information, refer to Section 9.2.
Port Priority Configuration Screen 9.2 PORT PRIORITY CONFIGURATION SCREEN When to Use To set the priority (0 through 7) on each port. A port receiving a frame without priority information in its tag header is assigned a priority according to the priority setting on the port. For example, if the priority of a port is set to 5, the frames received through that port without a priority indicated in their tag header are classified as a priority 5.
Port Priority Configuration Screen Screen Example Figure 9-2 Port Priority Configuration Screen Port # Priority Policy Override Port # Priority Policy Override 1 [0] NONE 11 [4] NONE 2 [2] NONE 12 [4] NONE 3 [2] NONE 13 [4] NONE 4 [3] NONE 14 [4] NONE 5 [3] NONE 15 [4] NONE 6 [4] NONE 16 [6] NONE 7 [4] NONE 17 [6] NONE 8 [0] NONE 18 [6] NONE 9 [5] NONE 19 [1] NONE 10 [6] NONE 20 [1] NONE Set : [ INDIVIDUAL ] NEXT SAVE PREVIOUS EXIT RE
Port Priority Configuration Screen Field Descriptions Refer to Table 9-2 for a functional description of each screen field. Table 9-2 Port Priority Configuration Screen Field Descriptions Use this field… To… Port # (Read-Only) See the port number. Up to 10 rows of port numbers can be displayed per screen with a maximum of 4 columns. The list of ports can include both physical and virtual ports.
Traffic Class Information Screen 5. If more than one port is to be changed, repeat steps 3 and 4 to change the setting for each port, then perform step 6 to save all the changes. 6. Use the arrow keys to highlight the SAVE command at the bottom of the screen. 7. Press ENTER. The message “SAVED OK” displays and the setting is saved. 9.2.2 Setting Switch Port Priority on All Ports To set the port priority on all ports simultaneously, proceed as follows: 1. Use the arrow keys to highlight the Set field. 2.
Traffic Class Information Screen Priority-to-Traffic Class Mapping is used to assign 802.1p priority values to a Traffic Class (0 through 3 with 0 being the lowest level Traffic Class) for each frame priority. For example, if the Traffic Class is set to 3 for those frames with a priority 7, then those frames would be transmitted before any frames contained in Traffic Classes 2 through 0. How to Access Use the arrow keys to highlight the TRAFFIC CLASS INFORMATION menu item on the 802.
Traffic Class Information Screen Field Descriptions Refer to Table 9-3 for a functional description of each screen field. Table 9-3 Traffic Class Information Screen Field Descriptions Use this field… To… Priority (Read-Only) View eight priority levels of a port that can be associated with Traffic Class settings. When the screen is displayed the current default Traffic Class-to-priority settings are shown for each port.
Traffic Class Configuration Screen 9.4 TRAFFIC CLASS CONFIGURATION SCREEN When to Use To change the Traffic Class setting of one or more priorities on each port. The new Traffic Class settings may be applied only to the port selected or to all ports, simultaneously. How to Access Use the arrow keys to highlight the appropriate port number field above the column of the Traffic Class settings in the Traffic Class Information screen. Press ENTER.
Traffic Class Configuration Screen Field Descriptions Refer to Table 9-4 for a functional description of each screen field. Table 9-4 Traffic Class Configuration Screen Field Descriptions Use this field… To… Priority (Read-Only) See the list of eight priority levels (0 through 7) that can be associated with the Traffic Class settings. Priority 0 is the lowest priority. When the screen is displayed, the current default Traffic Class-to-priority settings are shown for the selected port.
Transmit Queues Configuration Screen 3. If more than one Traffic Class setting is to be changed, repeat steps 1 and 2 until all of the changes in the Traffic Class settings have been made. 4. To save and apply the settings to only the port shown on the screen, proceed to step 5. To save the Traffic Class selections and apply them to all front panel Ethernet ports, proceed to step 6. 5. Use the arrow keys to highlight the SAVE command at the bottom of the screen and press ENTER.
Transmit Queues Configuration Screen How to Access Use the arrow keys to highlight the TRANSMIT QUEUES CONFIGURATION menu item on the 802.1p Configuration Menu screen and press ENTER. The Transmit Queues Configuration screen, Figure 9-5, displays.
Transmit Queues Configuration Screen Field Descriptions Refer to Table 9-5 for a functional description of each screen field. Table 9-5 Transmit Queues Configuration Screen Field Descriptions Use this field … To… Current Queueing Mode (Toggle) Toggle between the STRICT 802.1 and WEIGHTED mode. The default setting is STRICT 802.1. To set the mode, refer to Section 9.5.1.
Transmit Queues Configuration Screen 9.5.1 Setting the Current Queueing Mode To set the current queueing mode for a particular port, proceed as follows: 1. Use the arrow keys to highlight the Port field. 2. Press the SPACE bar to step to the appropriate port number. The port type displays to the right of the Port number field. TIP: To display the current port settings, press ENTER after selecting the port number. 3. Use the arrow keys to highlight the Current Queueing Mode field. 4.
Priority Classification Configuration Screen 9.6 PRIORITY CLASSIFICATION CONFIGURATION SCREEN When to Use To perform the following functions: • Display the current Priority, Classification, and Description entries of each classification rule. • Assign priorities according to Classification Rules. • Add/delete a priority and associated protocol entry. • Access the Protocol Port Configuration screen. • Assign an 8-bit TOS (also known as DF) value to incoming IP frames.
Priority Classification Configuration Screen Screen Example Figure 9-6 Priority Classification Configuration Screen PID 7 6 1 1 5 Description IP: 123.123.030.006 Mask: 255.255.255.255 IP: 123.123.030.007 Mask: 255.255.255.255 0x8137 0x0800 0x9999 Classification Bilateral IP Address Dest IP Address Ethernet II Type Ethernet II Type 802.3 SAP PID: CLASSIFICATION: 5 ADD IP ADDRESS: [ Bil IP Address ] 123.123.030.
Priority Classification Configuration Screen Table 9-6 Priority Classification Configuration Screen Field Descriptions (Continued) Use this field … To… PID – bottom of screen (Modifiable) Enter the priority value that will be associated with the classification selected in the Classification field. A PID from 0 to 7 may be typed into the field, where 0 is the lowest priority and 7 is the highest priority.
Priority Classification Configuration Screen Table 9-7 provides a list of the classifications that can be selected in the Classification field and the associated subclassifications. Table 9-7 Classification List Classification Subclassification and Options Ethernet II Type> Ethernet II Type: - IPX - DOD IP - ARP - RARP - AppleTalk - Banyan Vines - DECNET - CUSTOM > 802.3 SAP> SSAP/DSAP (802.
Priority Classification Configuration Screen Table 9-7 Classification List (Continued) Classification Subclassification and Options IP TOS Type of Service: New IP TOS: - NO CHANGE - TOS=PID - CUSTOM> 0x0000 IP Protocol Type IP Protocol Type: New IP TOS: - NO CHANGE - TOS=PID - CUSTOM> TCP Same Same Same Same Same - UDP - ICMP - IGMP - OSPF - CUSTOM > IPX COS IPX Class of Service: Custom or Mask Value TOS: Value = 0x00 (Range: 0 - 255) TOS: Value = 0x00 (Range: 0 - 255) Protocol Type: 000
Priority Classification Configuration Screen Table 9-7 Classification List (Continued) Classification Subclassification and Options Custom or Mask Value Src IP Address IP Address: Mask: New IP TOS: - NO CHANGE - TOS=PID - CUSTOM> 000.000.000.000 000.000.000.000 Dest IP Address IP Address: Mask: New IP TOS: - NO CHANGE - TOS=PID - CUSTOM> 000.000.000.000 000.000.000.000 Bil IP Address IP Address: Mask: New IP TOS: - NO CHANGE - TOS=PID - CUSTOM> 000.000.000.000 000.000.000.
Priority Classification Configuration Screen Table 9-7 Classification List (Continued) Classification Subclassification and Options Src UDP Port IP UDP Port: New IP TOS: - NO CHANGE - TOS=PID - CUSTOM> - FTP Data Same Same Same Same Same Same Same Same Same Same Same Same Same Same Same Same - FTP - BOOTP Server - BOOTP Client - RIP - Telnet - TFTP - HTTP - DNS - SMTP - POP3 - IMAP2 - IMAP3 - NETBIOS Name Serv - NETBIOS Datagram - NETBIOS Sess Serv - CUSTOM > Dest UDP Port IP UDP Port: Same sel
Priority Classification Configuration Screen Table 9-7 Classification List (Continued) Classification Subclassification and Options Src TCP Port TCP Port: New IP TOS: - NO CHANGE - TOS=PID - CUSTOM> - FTP Data Same Same Same Same Same Same Same Same Same Same Same Same Same Same Same Same - FTP - BOOTP Server - BOOTP Client - RIP - Telnet - TFTP - HTTP - DNS - SMTP - POP3 - IMAP2 - IMAP3 - NETBIOS Name Serv - NETBIOS Datagram - NETBIOS Sess Serv - CUSTOM > Dest TCP Port TCP Port: Same selection
Priority Classification Configuration Screen Table 9-7 Classification List (Continued) Classification Subclassification and Options Src IPX Socket IPX Socket: - NCP - SAP - RIP - NETBIOS - Diagnostics - NLSP - IPX WAN - CUSTOM > Dest IPX Socket Src MAC Address MAC Address: 00-00-00-00-00-00 Dest MAC Address MAC Address: 00-00-00-00-00-00 Bil MAC Address MAC Address: 00-00-00-00-00-00 IP Fragments2 9-24 IPX Socket Type: 00000 IPX Socket: Same selection as for Src IPX Socket Classification N
Priority Classification Configuration Screen Table 9-7 Classification List (Continued) Classification Subclassification and Options Custom or Mask Value IP Fragments2 Start: End: New IP TOS: - NO CHANGE - TOS=PID - CUSTOM> 00000 00000 Dest UDP Range Start: End: New IP TOS: - NO CHANGE - TOS=PID - CUSTOM> 00000 00000 Bil UDP Range Start: End: New IP TOS: - NO CHANGE - TOS=PID - CUSTOM> 00000 00000 Src TCP Port Start: End: New IP TOS: - NO CHANGE - TOS=PID - CUSTOM> 00000 00000 D
Priority Classification Configuration Screen Table 9-7 Classification List (Continued) Classification Subclassification and Options Custom or Mask Value Bil TCP Port Start: End: New IP TOS: - NO CHANGE - TOS=PID - CUSTOM> 00000 00000 TOS: Value = 0x00 (Range: 0 - 255) 1. Bold type indicates a user entry. 2. Any fragmented IP frame received is Classified to the priority identification (PID) and forwarded out the ports configured in the Protocol Port Configuration screen. 9.6.
Priority Classification Configuration Screen Table 9-8 Classification Precedence Classification Type Precedence Level Layer 2 Source MAC Address Best Match 1a Destination MAC Address Best Match 1b EtherType 6 SAP 6 IP TOS 5a IP Type 5b IPX COS 5a IPX Type 5b Layer 3 Source IP Address Exact Match 2a Source IP Address Best Match 2b Destination IP Address Exact Match 2c Destination IP Address Best Match 2d Source IPX Network Number 2a Destination IPX Network Number 2b IP Fragme
Priority Classification Configuration Screen Table 9-8 Classification Precedence (Continued) Classification Type Precedence Level Layer 4 9-28 UDP Port Source 4a UDP Port Destination 4b TCP Source Port 4a TCP Destination Port 4b IPX Socket Source 4a IPX Socket Destination 4b UDP Source Port 4a UDP Source Port Range 4b UDP Dest Port 4c UDP Dest Port Range 4d TCP Source Port 4a TCP Source Port Range 4b TCP Dest Port 4c TCP Dest Port Range 4d 802.
Priority Classification Configuration Screen The following example shows how the precedence concept can be applied: Example A network administrator has defined the following two classifications involving priorities: • All frames with an IP TOS value of AA (Layer 3, precedence level 5a) are assigned to priority 7. • All frames with a TCP source port number of 80 (Layer 4, precedence level 4a) are assigned to priority 3.
Priority Classification Configuration Screen The IP TOS Rewrite feature enables you to configure the switch to: • Insert a user-defined 8-bit value into the layer-3 TOS field. • Write over an existing TOS value. This is useful when the Network Administrator wants to enforce a specific priority policy in the network. The IP TOS Rewrite parameters are set using the Priority Classification screen. The screen enables you to configure the new IP TOS field for any IP frame classification.
Priority Classification Configuration Screen 4. Press the SPACE bar to step to the appropriate Classification. Table 9-7 lists the subclassification associated with each Classification (examples of classifications: Ethernet II Type, 802.3 SAP, IP TOS, IP Protocol Type, etc.). 5. Use the arrow keys to highlight the subclassification field to the immediate right of the Classification field.
Protocol Port Configuration Screen 3. If more than one line item is to be deleted, repeat steps 1 and 2 to mark each line. NOTE: To remove a mark, perform steps 1 and 2. Pressing M when a marked line is highlighted will remove the mark. If all marks are removed, the DEL MARKED command is changed back to DEL ALL. 4. After the lines are marked, use the arrow keys to highlight the DEL MARKED command field. 5. Press ENTER.
Protocol Port Configuration Screen Screen Example Figure 9-8 Protocol Port Configuration Screen Classification Rule Field 1 Ether II Type Port 1 2 3 4 5 6 7 8 Classify [NO ] [NO ] [NO ] [NO ] [NO ] [NO ] [NO ] [NO ] 0x0800 (DOD IP) Port 9 10 11 12 13 14 15 16 Classify [NO ] [NO ] [NO ] [NO ] [NO ] [NO ] [NO ] [NO ] Port 17 18 19 20 21 22 23 24 Classify [NO ] [NO ] [NO ] [NO ] [NO ] NO [NO ] [NO ] Port 25 26 27 28 29 30 31 32 Classify [NO ] [NO ] [NO ]
Protocol Port Configuration Screen Table 9-9 Protocol Port Configuration Screen Field Descriptions (Continued) Use this field… To… Port (Read-Only) See the number of each port. Classify (Toggle) See which ports are set to the PID/Classification indicated in the Classification Rule field (see Figure 9-8). The Classify field toggles between YES and NO, which determines whether or not the associated port is set to the Classification Rule.
Protocol Port Configuration Screen Assigning All Ports Simultaneously 1. Use the arrow keys to highlight the SET ALL PORTS command field. 2. Press the SPACE bar to toggle the SET ALL PORTS field to YES or NO and press ENTER. This setting determines whether or not all the ports are set to the PID/Classification shown in the Classification Rule field. 3. Use the arrow keys to highlight the SAVE command at the bottom of the screen. 4. Press ENTER. The message “SAVED OK” displays and the setting is saved. 9.
Protocol Port Configuration Screen Switch 1 The following settings are done using the Priority Classification Configuration screen to assign the classification to the priority. Then the Protocol Port Configuration screen is used to assign the ports to the appropriate priority and classification. NOTE: In the two settings below, the subnet mask is set to 255.255.255.255. This means that frames with a source or destination address of 123.123.30.6 or 123.123.30.
Rate Limiting Configuration Screen 9.8 RATE LIMITING CONFIGURATION SCREEN NOTE: The Inbound Rate Limiting function is not supported on ports connected to SmartTrunk segments. When to Use To limit the rate of traffic entering and leaving the switch module on a per port/priority basis. Up to three inbound rules and three outbound rules can be programmed per port to control traffic according to the priority entries. The rules also contain the programmed traffic rate.
Rate Limiting Configuration Screen Screen Example Figure 9-10 Rate Limiting Configuration Screen Maximum Port # Priority List Direction Dropped Events 1 0, 1, 2, 3, 4 500 kbps Inbound 4294967295 1 0, 1, 2, 3, 4 500 kbps Outbound 1 5, 6, 7 500 kbps Inbound 1 5, 6, 7 500 kbps Outbound 0 5 1, 2, 3 500 kbps Outbound 0 5 1, 2, 3 500 kbps Outbound 10 5, 6, 7 1000 kbps Feature: [ Port Number ] ENABLED ADD Max Traffic Rate Port: DEL ALL 1 NEXT 1638067 Inbound Priority Li
Rate Limiting Configuration Screen Table 9-10 Rate Limiting Configuration Screen Field Descriptions (Continued) Use this field… To… Max Traffic Rate (Read-Only) See the maximum traffic rate set for each port entry. There can be up to six entries (three for Inbound and three for Outbound traffic) for the same port. However, there must be a different priority for each Inbound entry on a port, and the same holds true for the Outbound entries.
Rate Limiting Configuration Screen Table 9-10 Rate Limiting Configuration Screen Field Descriptions (Continued) Use this field… To… Priority List – bottom of screen (Selectable) Assign one or more priorities to the port being configured. The settings available are 0, 1, 2, 3, 4, 5, 6, 7, or ALL. When the Priority List is highlighted, the SPACE bar is used to step to the priority, which must be marked with an asterisk (*) using the M key. More than one priority may be selected and marked for each port.
Rate Limiting Configuration Screen Table 9-10 Rate Limiting Configuration Screen Field Descriptions (Continued) Use this field… To… Max Rate: kbps (Modifiable) Enter the maximum transmission rate for this entry. The maximum transmission rate includes all frames associated with the priorities selected in the Priority List field. The default high setting is 100 Kbps maximum interface speed. The high range setting is 100 Kbps to 1 Gbps. The low range setting is 50 to 40000 Kbps.
Rate Limiting Configuration Screen 3. Use the arrow keys to highlight the field below the Priority List field, near the bottom of the screen. 4. Select the priority setting(s) for the port as follows: a. Use the SPACE bar to step to a priority setting: ALL, 0, 1, 2, 3, 4, 5, 6, or 7. b. Press the M key to mark the desired priority with an asterisk. c. If more than one priority is to be selected for the port being configured, repeat steps a and b for each additional selection.
Rate Limiting Configuration Screen 9.8.2 Changing/Deleting Port Line Items All, or one or more, line items containing the configured port and its priority, maximum rate, and associated dropped frames can be changed/replaced or deleted as follows: Changing One or More Line Items To change the configuration values in a line item, that line item must be deleted and replaced with a new entry with the correct configuration values. The new settings can then be configured and added.
Rate Limiting Configuration Screen 9.8.3 More About Rate Limiting Rate Limiting enables Service Providers in Multi-Dwelling-Unit (MDU) and similar environments to offer varied bandwidth to customers using low cost Ethernet connections. Another solution for the enterprise, is to provide high priority bandwidth on the network for guaranteed service level agreements. NOTE: When allocating the maximum rate per port, the maximum bandwidth of the uplink must be kept in mind.
Rate Limiting Configuration Screen To solve this problem, the Rate Limiting feature can be configured on each port to provide each user with 5 Mbps of high priority bandwidth into the fabric. Now the maximum possible amount of traffic attempting to leave the chassis at high priority is 5 x 100 = 500 Mbps. The gigabit link has ample capacity to carry this load out of the chassis.
10 Layer 3 Extensions Menu Screens This chapter describes the Layer 3 Extensions Menu screen and the IGMP/VLAN Configuration screen (Section 10.2).
Layer 3 Extensions Menu Screen 10.1 LAYER 3 EXTENSIONS MENU SCREEN When to Use To access the IGMP/VLAN Configuration screen. How to Access Use the arrow keys to highlight the LAYER 3 EXTENSIONS MENU item on the Module Configuration Menu screen and press ENTER. The Layer 3 Extensions Menu screen, Figure 10-1, displays.
IGMP/VLAN Configuration Screen Menu Descriptions Refer to Table 10-1 for a functional description of each menu item (at this time there is only one menu item). Table 10-1 Layer 3 Extensions Menu Screen Menu Item Descriptions Menu Item Screen Function IGMP/VLAN CONFIGURATION Used to enable or disable IGMP (Internet Group Management Protocol) on selected VLANs. For details, refer to Section 10.2. 10.
IGMP/VLAN Configuration Screen The following multicast routing protocols are transparently supported and are used only to detect the location of routers (See the Release Notes for any changes or additions to this list): • DVMRP (Distance Vector Multicast Routing Protocol, RFC 1075) • PIM (Protocol Independent Multicast) version 1 and 2 • CBT (Core Based Trees) • MOSPF (Multicast OSPF, RFC 1583) For additional information about IGMP, refer to Appendix B.
IGMP/VLAN Configuration Screen Field Descriptions Table 10-2 describes each field of the IGMP/VLAN Configuration screen: Table 10-2 IGMP/VLAN Configuration Screen Field Descriptions Use this field… To… IGMP Version (Toggle) See the current configured IGMP version running on the VLAN selected in the VLAN ID field (version 1 or 2). The default is version 2. The IGMP Version field can be toggled to configure the switch in either version 1 or 2 to match the router configuration.
IGMP/VLAN Configuration Screen Table 10-2 IGMP/VLAN Configuration Screen Field Descriptions (Continued) Use this field… To… Last Member Query Interval (Modifiable) Modify the leave latency of the network.The Last Member Query Interval is the Max Response Time inserted into Group-Specific Queries sent in response to Leave Group messages, and is also the amount of time between Group-Specific Query messages. This value may be tuned to modify the leave latency of the network.
IGMP/VLAN Configuration Screen Table 10-2 IGMP/VLAN Configuration Screen Field Descriptions (Continued) Use this field… To… VLAN ID (Selectable) See the Identifying number of the VLANs available to be modified. If there are no VLANs available, NONE is displayed in this field and asterisks (*) will display in the Configuration, Statistics, and IGMP State fields. The information under Configuration and Statistics applies only to this VLAN ID. Use the SPACE bar to step through all available VLAN IDs.
IGMP/VLAN Configuration Screen 3. Use the SPACE bar to select ENABLED, DISABLED, or DELETE. If a specific VLAN was chosen in step 1, ENABLED and DISABLED are used to enable or disable the IGMP configuration of the chosen VLAN. (DELETE will remove the IGMP configuration of the VLAN.) 4. Use the arrow keys to highlight the IGMP Version field. Then use the SPACE bar to select the proper IGMP version for the VLAN shown in the VLAN ID field.
11 Module Statistics Menu Screens This chapter describes how to use the Module Statistics Menu screen and the following screens that may be selected from its menu: • Switch Statistics screen (Section 11.2) • Interface Statistics screen (Section 11.3) • RMON Statistics screen (Section 11.4) • An HSIM or VHSIM Statistics screen may be selected from the Module Statistics Menu screen when an optional HSIM or VHSIM is installed in the switch module.
Module Statistics Menu Screen 11.1 MODULE STATISTICS MENU SCREEN When to Use To obtain the following information: • Statistics concerning frame traffic through each switch port. • MIB II statistics for each switched interface. • Statistics gathered by the embedded RMON agent on the switch. • Statistics on any optional Fast Ethernet or Gigabit Ethernet HSIM or VHSIM installed in the module. NOTE: An HSIM or VHSIM Statistics menu item does not display for non-Ethernet HSIMs or VHSIMs.
Module Statistics Menu Screen Screen Example Figure 11-1 Module Statistics Menu Screen SWITCH STATISTICS INTERFACE STATISTICS RMON STATISTICS HSIM/VHSIM STATISTICS CHASSIS ENVIRONMENTAL STATISTICS RETURN EXIT 3528-01 Menu Descriptions Refer to Table 11-1 for a functional description of each menu item.
Switch Statistics Screen Table 11-1 Module Statistics Menu Screen Menu Item Descriptions (Continued) Menu Item Screen Function HSIM/VHSIM STATISTICS Displays the statistics screen when an optional Fast Ethernet or Gigabit Ethernet HSIM or VHSIM is installed in the switch module. An HSIM or VHSIM Statistics menu item does not display for non-Ethernet HSIMs or VHSIMs. If a non-Ethernet HSIM or VHSIM is installed, refer to its user’s guide for more information.
Switch Statistics Screen Screen Example Figure 11-2 Switch Statistics Screen Port # Frames Rcvd Frames Txmtd Frames Fltrd Frames Frwded 1 100 100 0 100 2 100 100 0 100 3 100 100 0 100 4 100 100 0 100 5 100 100 0 100 6 100 100 0 100 7 100 100 0 100 8 100 100 0 100 9 100 100 0 100 10 100 100 0 100 11 100 100 0 100 12 100 100 0 100 13 100 100 0 CLEAR COUNTERS PREVIOUS NEXT EXIT 100 RETURN 25041-26w Field Descriptions Refer to Table 11
Interface Statistics Screen Table 11-2 Switch Statistics Screen Field Descriptions Use this field… To… Frames Fltrd (Read-Only) See the number of frames filtered by the interface since the last power-up or reset. Frames Frwded (Read-Only) See the number of frames forwarded by the interface since the last power-up or reset. CLEAR COUNTERS (Command) Temporarily reset all counters of a screen to zero, allowing the user to observe counter activity over a period of time.
Interface Statistics Screen Screen Example Figure 11-3 Interface Statistics Screen Name: Fast Ethernet Frontpanel Interface: 1 7500456 InOctets: InUnicast: Address: 00-00-00-00-00-00 6789 Last Change: InNonUnicast: 0 Admin Status: xx days 00:00:00 InDiscards: 0 Oper Status: Up InErrors: 0 InUnknownProtos: 0 MTU: OutOctets: 0 Speed: OutUnicast: 0 OutNonUnicast: 0 OutDiscards: 0 OutErrors: 0 OutQLen: 0 Down CLEAR COUNTERS Interface: [nn] 1514 100000000 EXIT RETURN 250
Interface Statistics Screen Table 11-3 Interface Statistics Screen Field Descriptions (Continued) Use this field… To… InUnicast (Read-Only) See the total number of frames that have been received that were sent to a single address. InNonUnicast (Read-Only) See the total number of frames that have been received that were delivered to a broadcast or multicast address. InDiscards (Read-Only) See the total number of inbound frames that were discarded, even though the frames contained no errors.
Interface Statistics Screen Table 11-3 Interface Statistics Screen Field Descriptions (Continued) Use this field… To… Address (Read-Only) See the MAC address of the interface that is currently being displayed. Last Change (Read-Only) See the last time that the interface was reset. Admin Status (Read-Only) See the current status of the interface. If this field displays “Testing”, no frames may be passed on this interface. Oper Status (Read-Only) See the current status of the interface.
RMON Statistics Screen 11.4 RMON STATISTICS SCREEN When to Use To obtain RMON statistics for each interface, on an interface-by-interface basis. NOTE: The RMON Statistics screen provides statistics for all the switch module front panel Ethernet Interfaces, and any Ethernet HSIM/VHSIM installed in the switch module. How to Access Use the arrow keys to highlight the RMON STATISTICS field on the Module Statistics Menu screen and press ENTER. The RMON Statistics screen, Figure 11-4, displays.
RMON Statistics Screen Field Descriptions Refer to Table 11-4 for a functional description of each screen field. Table 11-4 RMON Statistics Screen Field Descriptions Use this field… To… RMON Index (Read-Only) See the current Ethernet interface for which statistics are being shown. The switch module has an embedded RMON agent that gathers statistics for each interface on the switch module. Data Source (Read-Only) See the source of the statistics data that is currently being displayed on the screen.
RMON Statistics Screen Table 11-4 RMON Statistics Screen Field Descriptions (Continued) Use this field… To… Undersized Pkts (Read-Only) See the number of frames received containing less than the minimum Ethernet frame size of 64 bytes, not including the preamble, but have a valid CRC. Oversized Pkts (Read-Only) See the number of frames received that exceeded 1518 data bytes, not including preamble, but have a valid CRC.
RMON Statistics Screen Table 11-4 RMON Statistics Screen Field Descriptions (Continued) Use this field… To… 512 – 1023 Octets (Read-Only) See the total number of frames, including bad frames, received that were between 512 and 1023 bytes in length (excluding framing bits, but including FCS bytes). 1024 – 1518 Octets (Read-Only) See the total number of frames, including bad frames, received that were between 1024 and 1518 bytes in length (excluding framing bits, but including FCS bytes).
Chassis Environmental Statistics Configuration Screen 11.5 CHASSIS ENVIRONMENTAL STATISTICS CONFIGURATION SCREEN When to Use To obtain Chassis statistics for fan and power supplies. How to Access Use the arrow keys to highlight the Chassis Environmental Statistics Configuration screen on the Module Statistics menu screen and press ENTER. The Chassis Environmental Statistics Configuration screen Figure 11-5 displays.
Chassis Environmental Statistics Configuration Screen Field Descriptions Refer to Table 11-5 for a functional description of each screen field. Table 11-5 Chassis Environmental Statistics Configuration Screen Field Descriptions Use this field… To… Chassis Power Redundancy Determine whether there is power redundancy available. Chassis Power #1 Status Determine the status of the redundant power supply. Chassis Power #2 Status Determine the status of this power supply.
12 Network Tools Screens This chapter describes the Network Tools Help screen and how to use it and the Network Tools commands to access and manage network devices. An example of each command is also included. Screen Navigation Paths Password > Main Menu > Module Selection > Module Menu > Network Tools 12.1 NETWORK TOOLS When to Use To access and manage network devices using the Network Tools command set.
Network Tools Screen Example Figure 12-1 Network Tools Help Screen Welcome to Network Tools -> help Commands Available to the User: Built in Commands: arp netstat show bridge ping traceroute defroute reset ev telnet arp_learn timed_reset stpForceVersion stpLegacyPathCost lg_frame_admin igmpv3_drop dynamic_egress suppress_topology_traps radius link_trap non_bridge_if_num stpPort stpPointToPointMAC passiveStp sat_size rate_limit_mode maclock soft_reset cdp timed_soft_reset stpEdgePort stpRealTimeMsgAg
Network Tools Refer to Table 12-1 for a list of the commands.
Built-in Commands command Description: Briefly describes the command and its uses. Syntax: Shows the required command format. It indicates where arguments, if any, must be specified. Options: Lists any additional fields in the appropriate format that may be added to the command. Example: Shows an example of the command. 12.2 BUILT-IN COMMANDS The built-in commands listed in this section activate functions on the LM managed device or devices being accessed through Network Tools.
Built-in Commands alias (Continued) Examples: -> alias disable 1-4 Snooping is disabled on port 1. Snooping is disabled on port 2. Snooping is disabled on port 3. Snooping is disabled on port 4. -> alias status 1 Snooping is disabled on port 1. -> alias stats Pkts Sent [ <= 64]: 0 Pkts Sent [ 65...128]: 0 Pkts Sent [129...256]: 0 Pkts Sent [257...512]: 0 Pkts Sent [512..
Built-in Commands arp Description: Provides access to the ARP (Address Resolution Protocol) cache, enabling you to view cache data, delete entries, or add a static route. Super-user access is required to delete an entry or add a static route. Each ARP cache entry lists the network interface that the switch module is connected to, the device’s network address or IP address, the device’s physical address or MAC address, and the media type of connection to the device.
Built-in Commands arp_learn Description: Sets how the ARP cache entry will be affected under different conditions as described in the options below, and displays current ARP cache settings. Syntax: arp_learn [normal | limited | status] Options: normal – Changes the ARP cache entry for a given IP Address, if the source address (SA) in the entry does not match that of any received IP Packet. limited – Causes the ARP entry to change only by ARP request and ARP response packets.
Built-in Commands cdp Description: Enables, disables or displays the status of the CDP Discovery Protocol. Syntax: cdp [enable/disable/status] Options: enable — Enables CDP discovery protocol on the device. disable — Disables CDP discovery prototol on the device. status — Displays the status of the CDP discovery protocol.
Built-in Commands dynamic_egress Description: Enables, disables or displays the status of the dynamic_egress control function. The command requires a corresponding VLAN Identifier (VID). The dynamic_egress control function allows or disallows VLANs to be dynamically added to the dynamic Port VLAN Lists of a port. The default is that no dynamic Port VLAN Lists will be modified. The lists are modified based on the inbound traffic on a port.
Built-in Commands dynamic_egress (Continued) Examples: -> dynamic_egress status 1 Dynamic Egress Disabled for VLAN ID 0x0001 -> dynamic_egress enable 1 Dynamic Egress Enabled for VLAN ID 0x0001 -> dynamic_egress disable 1 Dynamic Egress Disabled for VLAN ID 0x0001 ev Description: Enables or disables groups of events or all events concerning logging functions.
Built-in Commands ev (Continued) Options: ENABLE – Enables Group or events or all DISABLE – Disables Group or events or all Commands to Control Logging Functions: ev STARt [Logging] [Trapping] – begin logging events/traps ev STOp [Logging] [Trapping] – stop logging events/traps ev Clear – clear the log ev SEverity – set/show current logging severity ev filter [get | set ] – get/set search string ev logsize [get|set <#(50-5000)>] – get/set dynamic log buffer size Commands for Listi
Built-in Commands gigabit_port_mode Description: Configures or displays the status of Gigabit Ethernet ports. Changing the mode will cause a reset and loss of all data in NVRAM with the exception of the IP Address and Subnet IP Address. NOTE: This field is displayed only when the switch module supports an installed Gigabit Ethernet VHSIM. Syntax: gigabit_port_mode [active | redundant | status] Options: active – Enables both gigabit ports.
Built-in Commands lg_frame_admin Description: Enables large frame support on a per port basis. allowing the user to determine if large frames can be forwarded out a particular port. Syntax: lg_frame_admin [ set ] [ LARGE | FRAG_IF_POSS | SMALL | AUTO ] [ PORT | ALL_BPLANE | ALL_FDDI ] lg_frame_admin [ status ] [ port # ] Options: set – Sets the size of transmitted frames for a port or a group of ports. status – Causes the display of the current settings for one port or a group of ports (e.g., 1– 15).
Built-in Commands link_trap Description: Enables, disables, or displays the status of link traps on one or all ports. Syntax: link_trap [enable/disable/status] Options: enable — Enables a link trap. disable — Disables a link trap. status — Displays link trap status. PORT/ all — Specifies a port or all ports.
Built-in Commands maclock Description: Configures the MAC locking feature per port. When enabled, either a static MAC is locked to the port, or the first MAC seen on the port is locked to that port. Only incoming traffic with the locked MAC as the source MAC address shall be forwarded. If traps are enabled, then the first MAC that differs from the locked MAC is sent as a trap to management.
Built-in Commands maclock (Continued) Syntax: (Continued) maclock set enable [ port# | all | global ] Enables MAC locking globally or on one or more ports. When enabled and configured for a specific MAC address and port string, this locks a port so that only one end station address is allowed to participate in frame relay. maclock set disable [ port# | all | global] Disables MAC locking globally or on one or more ports.
Built-in Commands maclock (Continued) Options: port# | all — Applies MAC locking parameters to a specific ports or to all ports on the device. global — Applies MAC locking parameters globally. firstarrival — Displays MAC locking information about first arrival end stations connected to the device. static — Displays MAC locking information about managment defined end stations connected to the device.
Built-in Commands maclock (Continued) Examples: (Continued) -> maclock set enable global MAC locking is globally enabled. -> maclock set disable global MAC locking is globally disabled. -> maclock set 00:a0:c9:0d:32:11 3 create MAC_locking for MAC 00:A0:C9:0D:32:11 created on Port 3. -> maclock set firstarrival 3 6 MAC-Locking Dynamic entry changed to 6 on port 3. -> maclock set static 3 4 MAC-Locking Static entry changed to 3 on port 4. -> maclock settrap 3 enable Enabling MAC-Locking traps on Port 3.
Built-in Commands netstat (Continued) Example: -> netstat -i Interface + DescriptionMTU Speed Admin Oper MAC Addr #1 #2 #3 #4 10000000 10000000 10000000 10000000 up up up up (ethernet (ethernet (ethernet (ethernet - csmacd) csmacd) csmacd) csmacd) 1514 1514 1514 1514 up up up up -> netstat -r Destination Next-hop # Default Route # 134.141.0.0 # 134.141.0.
Built-in Commands passiveStp Description: Enables, disables, or displays the status of Passive Mode Spanning Tree on the device. Passive Mode Spanning tree allows ports on leaf bridges to transition very quickly and not invoke a global network re-span through requesting root elections by: • • • • • Not allowing switches to become the root node; Not allowing switches to send configuration BPDUs; Expiring the message age timer when a link transitions to a down state; Moving the 802.
Built-in Commands policy Description: Displays the policy table and configures policy-port mappings.
Built-in Commands policy (Continued) Examples: (Contiued) -> policy show port 1-4 -----------------------------------------------------------------------------Port DefaultPolicy CurrentPolicy AuthType AuthStatus AuthInfo -----------------------------------------------------------------------------1 Guest Guest Static N/A N/A 2 Guest Admin MAC Auth 00:00:1D:AA:AA:AA 3 N/A N/A 4 Guest Employee EAP Auth john.
Built-in Commands radius Description: Enables, disables, and configures RADIUS authentication, which can only be used when the client has been properly configured and enabled. When the RADIUS Client is not enabled, the legacy password authentication will run as before. For more about Radius Client, refer to Section 3.6.1.
Built-in Commands radius (Continued) Options: radius — Shows RADIUS help. radius status — Shows all RADIUS client settings. radius [enable | disable] — Enables or disables the RADIUS Client. radius prim_ip — Shows the primary RADIUS server’s IP, in decimal-dotted format. radius sec_ip — Shows the secondary RADIUS server’s IP, in decimal-dotted format. radius timeout — Shows RADIUS server timeout in seconds.
Built-in Commands radius (Continued) Options: (Cont’d) radius prim_secret — Sets the primary RADIUS server’s shared secret. radius sec_secret — Sets the secondary RADIUS server’s shared secret. NOTES: The secret is NOT encrypted in transit; if this command is used over TELNET then the secret may be compromised. Examples:For maximum security, it is recommend to use a 16 to 32 character string for the shared secret code. For security reasons, the entered code appears as asterisks (*) on the screen.
Built-in Commands radius (Continued) Examples: (Cont’d) NOTE: The following shows examples of when 3, 7, and 32 characters are entered as the secret code (16 to 32 characters are recommended).
Built-in Commands rate_limit_mode Description: Displays the status of rate limiting or configures the exit-rate limit range to either the default high_range (100 Kbps to 1 Gbps) or the low range (50 Kbps to 400 Mbps). This mode is stored in non-volatile memory and is retained by normal resetting. Changing from one mode to the other mode may result in current settings being removed if their range is no longer valid. Changing rate limit mode will require a reset.
Built-in Commands reset Description: Initiates a hardware reset of the device. This command initializes the CPU processor, runs the onboard diagnostics, and restarts the software image, which restores the user configuration settings from NVRAM. The user will be queried to confirm the reset command to ensure against unwanted resets. NOTE: The Network Tools connection to the device will be terminated upon execution of this command.
Built-in Commands show Description: Displays information concerning various components of the device. Protocols currently supported are IP, IPX, DECnet, and AppleTalk. Components of those protocols that are currently supported are ARP caches, route tables, FIB tables, server tables, and interface tables. The number of valid entries in the table will be outputted at the end of the table display. NOTE: The Network Tools connection to the device will be terminated upon execution of this command.
Built-in Commands show (Continued) Options: PROTOCOL — Specifies a protocol for which information will be displayed. TABLE — Specifies a type of table to display. fid – Show MAC addresses for the filter database identifier (fdbId). address – Show the address (mac) if it is known by the device. port – Show the addresses for the port (portNumber) only. type – Show addresses of the specified type only.
Built-in Commands show (Continued) -> show Appletalk interfaces # Interface # 1 # 2 AdminStatus enabled disabled OperStatus enabled disabled MTU 1500 1500 Forwarding enabled disabled Framing ethernet ethernet > show IP ARP # Interface MediaType #3 3(dynamic) #4 3(dynamic) # Number of valid entries: 2 Physical|Address 00:00:1d:04:40:5d 08:00:20:0e:d8:31 NetworkAddress 123.456.40.1 123.456.40.
Built-in Commands stpEdgePort Description: Sets a port to EDGE PORT (enable) or BRIDGE PORT (disable). Syntax: stpEdgePort [ status ] stpEdgePort [ enable ] [ vlan id ] [ port range ] stpEdgePort [ disable ] [ vlan id ] [ port range ] Options: status — Displays STP edge port status. enable — Enables one or more ports as STP edge ports. disable — Disables one or more ports as STP edge ports. vlan id — Specifies a VLAN ID. port range — Specifies a range of ports.
Built-in Commands stpLegacyPathCost Description: Enables or disables the use of 802.1D or 802.1t Path Cost bridging values on the device. The default is legacy 802.1D standard Path Cost values. NOTE: When connecting ports between devices, it is recommended that the devices are all set to run either 802.1D or 802.1t. The path costs must be consistent between bridge ports of all the devices. Table 12-2 shows the path cost values when running 802.1t bridging.
Built-in Commands stpLegacyPathCost (Continued) Examples: To set the device to use the 802.1D legacy path costs, enter: -> stpLegacyPathCost enable To set the device to use the 802.1t path costs (default setting), enter: -> stpLegacyPathCost disable To determine if the device is currently operating using 802.1t or 802.1D path costs values, enter: -> stpLegacyPathCost status stpPointToPointMAC Description: Displays the current values or sets the value of stpPointToPointMAC to TRUE, FALSE or AUTO.
Built-in Commands stpPort Description: Enables, disables, or displays which physical ports are enabled as Spanning Tree ports. This command does not apply to virtual interfaces such as ATM. To enable, disable, or view the status of ATM ports, use the atm_stp_state command. Syntax: stpPort [status] stpPort [enable] [port#] stpPort [disable] [port#] Options: status — Displays a list of the physical ports that are enabled as Spanning Tree ports. enable port# — Enables a specific port.
Built-in Commands stpRealTimeMsgAge (Continued) Example: stpRealTimeMsgAge disable disabled suppress_topology_traps Description: Enables or disables the generation of topology traps on inter switch links. Only inter switch link ports that transition to forwarding or blocking cause the switch to issue a topology trap. By default, this feature is disabled and will allow the generation of topology traps.
Built-in Commands timed_soft_reset Description: Configures a soft reset in number of seconds, or displays when a soft reset will occur. The reset_nv and dont_reset_nv commands tell the timed reset if non-volatile memory should be reset or not. If reset non_volatile is chosen, ip will be retained. Entering a time of 0 will disable any currently enabled timed_reset.
Built-in Commands timed_reset (Continued) Examples: -> timed_reset status timed_reset 10 -> timed_reset 30 -> timed_reset 60 reset_nv traceroute Description: Generates a TRACEROUTE request to a specified IP address and provides a display of all next-hop routers in the path to the device. If the device is not reached, the command displays all next-hop routers to the point of failure.
Example, Effects of Aging Time on Dynamic Egress vrrpPort (Continued) Syntax: vrrpPort [ get ] vrrpPort [ set ] [ port# ] vrrpPort [ unset ] [ port# ] vrrpPort [ set ] [ all ] vrrpPort [ unset ] [ all ] Options: get – Displays a list of all port numbers of VRRP Ports currently set. set port# – Sets a specific port as a VRRP Port. set all – Sets all front panel as VRRP Ports. unset port# – Terminates the VRRP setting on a specific port. unset all – Terminates the VRRP setting on all front panel ports.
Example, Using Dynamic Egress to Control Traffic 12.4 EXAMPLE, USING DYNAMIC EGRESS TO CONTROL TRAFFIC In this simple example (Figure 12-2), assume that there are four ports on the switch module attached to PCs supporting both protocols AppleTalk (809B and 80F3) and IP. Two PCs support IP only. The AppleTalk frame traffic is to be contained so only the users running the AppleTalk protocol can communicate with each other and not flood the network with AppleTalk frames.
Special Commands that port. The Port VLAN List contains a list of all VLANs whose frames can be transmitted out that port. In this example, the AppleTalk traffic is routed only to AppleTalk users (Ports 1, 2, 5, and 6), while IP traffic is allowed to be seen by IP users (Ports 3, 4, and 7) and by IP/AppleTalk users (Ports 1, 2, 5, and 6). 12.5 SPECIAL COMMANDS done, quit, exit Description: The done, quit, or exit command enables the user to exit from Network Tools and return to the Main Menu screen.
Special Commands 12-42 Network Tools Screens
13 VLAN Operation and Network Applications NOTE: It is recommended to read this chapter to gain an understanding of VLANs before configuring the switch. This chapter provides the following information: • Definition of VLANs (Section 13.1) • Types of VLANs (Section 13.2) • Benefits and Restrictions (Section 13.3) of VLANs • VLAN Terms (Section 13.4) • VLAN Operation (Section 13.5) • Configuration Process (Section 13.6) • VLAN Switch Operation (Section 13.7) • VLAN Configuration (Section 13.
Defining VLANs 13.1 DEFINING VLANs A Virtual Local Area Network is a group of devices that function as a single Local Area Network segment (broadcast domain). The devices that make up a particular VLAN may be widely separated, both by geography and location in the network. The creation of VLANs allows users located in separate areas or connected to separate ports to belong to a single VLAN group.
Defining VLANs Figure 13-1 Example of a VLAN Building One S S F Building Two S S F A F 1 10 9 trunk SmartSwitch S S Member of Sales Network 8 7 6 S F B SmartSwitch F Member of Finance Network 22631-01 In this example, the Sales and Finance workstations have been placed on two separate VLANs. In a plain Ethernet environment, the entire network is a broadcast domain, and the SmartSwitches follow the IEEE 802.1D bridging specification to send data between stations.
Types of VLANs 13.2 TYPES OF VLANs There are a number of different strategies for creating Virtual Local Area Networks, each with their own approaches to defining a station’s membership in a particular VLAN. 13.2.1 802.1Q VLANs An 802.1Q VLAN switch determines the VLAN membership of a data frame by its Tag Header, described later in this chapter. If the frame received is not tagged, the switch classifies the frame into the VLAN that is assigned as the default VLAN of the switch.
VLAN Terms 13.4 VLAN TERMS To fully understand the operation and configuration of port based VLANs, it is essential to understand the definitions of several key terms. Table 13-1 VLAN Terms and Definitions VLAN Term Definition VLAN ID A unique number (between 1 and 4094) that identifies a particular VLAN. Up to 1000 VLANs can be created on one SmartSwitch. VLAN Name A 32-character alphanumeric name associated with a VLAN ID.
VLAN Terms Table 13-1 VLAN Terms and Definitions (Continued) VLAN Term Definition Default VLAN The VLAN to which all ports are assigned upon initialization. The Default VLAN has a VLAN ID of 1 and cannot be deleted or renamed. Forwarding List A list of the ports on a particular device that are eligible to transmit frames for a selected VLAN.
VLAN Operation Table 13-1 VLAN Terms and Definitions (Continued) VLAN Term Definition Generic Attribute Registration Protocol (GARP) A protocol used to propagate state information throughout a switched network. GARP VLAN Registration Protocol (GVRP) A GARP application used to dynamically create VLANs across a switched network.
Configuration Process Switches In order to configure a group of stations into a VLAN, the stations must be connected to VLAN-aware switches. It is the job of the switch to classify received frames into VLAN memberships and transmit frames, according to VLAN membership, with or without a VLAN Tag Header. 13.6 CONFIGURATION PROCESS Before a VLAN can operate, steps must be performed to configure the switch to establish and configure a VLAN.
VLAN Switch Operation 13.7 VLAN SWITCH OPERATION IEEE 802.1Q VLAN switches act on the classification of frames into VLANs. Sometimes, VLAN classification is based on tags in the headers of data frames. These VLAN tags are added to data frames by the switch as the frames are transmitted out certain ports, and are later used to make forwarding decisions by the switch and other VLAN-aware switches.
VLAN Switch Operation 13.7.1 Receiving Frames from VLAN Ports When a switch is placed in 802.1Q Operational Mode, every frame received by the switch must belong, or be assigned, to a VLAN. The switch will now make a forwarding decision on the frame, as described in Section 13.7.2. Untagged Frames The switch receives a frame from Port 1 and examines the frame. The switch notices that this frame does not currently have a VLAN tag.
VLAN Configuration 13.7.2.2 Known Unicasts When a VLAN switch receives a frame with a known MAC address as its destination address, the action taken by the switch to determine how the frame is transmitted depends on the VLAN, the VLAN associated FDB ID, and if the port identified to send the frame is enabled to do so. When a frame is received it is classified into a VLAN. The destination address is looked up in the FDB ID associated with the VLAN.
VLAN Configuration Figure 13-3 Switch Management with Only Default VLAN 802.1Q Switch 1 2 Host Data Port 3 4 5 6 NOTE: All ports, including the virtual Host Data Port, are members of the default VLAN. Therefore, any station shown may be used as the management station. 2599_14 13.8.3 Switch with VLANs If the switch is to be configured for multiple VLANs, it may be desirable to configure a management-only VLAN.
VLAN Configuration Figure 13-4 Switch Management with VLANs Management VLAN VLAN A VLAN A 802.1Q Switch 1 2 3 Set as an 802.1Q Trunk port. 4 Host Data Port 7 5 6 VLAN B VLAN B VLAN C 25992_15 To set up the switch (Figure 13-4) to establish a management VLAN on port 1, use the following process: 1. Use the Static VLAN Configuration screen to define a new VLAN named “Management VLAN” (or other suitable name) and its VLAN ID. In this example, the VLAN ID is set to 2.
Summary of VLAN Local Management 5. Use the VLAN Port Configuration screen to enter the VLAN ID, 2, of the new Management VLAN as the Port VLAN ID (PVID) to the Host Data Port. The port number will depend on the device. This port is not a physical port and will usually be one number above the maximum number of physical ports on the device, including the ports on any optional interfaces installed. In this example, it will be port 8.
Summary of VLAN Local Management Figure 13-5 802.1Q VLAN Screen Hierarchy 802.1Q VLAN Configuration Menu Static VLAN Configuration Static VLAN Egress Configuration Current VLAN Configuration Current VLAN Egress Configuration VLAN Port Configuration VLAN Classification Configuration Protocol Port Configuration 40462_95 For details about each screen and how to use them, refer to Chapter 8. 13.9.
Quick VLAN Walkthrough 13.10 QUICK VLAN WALKTHROUGH The procedures below provide a short tutorial walkthrough that presents each of the steps necessary to configure a new Static VLAN. These steps include the following: • Assigning a VLAN ID and VLAN Name • Assigning ports to the VLAN Egress list • Configuring the port parameters You may want to follow this walkthrough from start to finish before attempting to configure your own VLANs. This walkthrough begins at the 802.1Q VLAN Configuration Menu screen.
Quick VLAN Walkthrough Figure 13-6 Walkthrough Stage One, Static VLAN Configuration Screen VLAN Name VLAN ID FDB ID 1 1 Default VLAN 2 2 Test VLAN VLAN ID: 2 ADD VLAN Name: [ Test VLAN ] DEL MARKED NEXT EXIT RETURN 40461_80 Assigning Ports to the VLAN Egress list 1. Use the arrow keys to highlight the line in the list that has VLAN ID 2. As shown in Figure 13-6, the Static VLAN Egress Configuration screen displays showing all ports.
Quick VLAN Walkthrough 4. Use the arrow keys to highlight the SAVE command at the bottom of the screen. Press ENTER. Port 3 is added to the Egress list of VLAN 2 with a frame format of UNTAGGED. The screen should now look like Figure 13-7.
Quick VLAN Walkthrough Figure 13-8 Walkthrough Stage Three, Port 10 Egress Setting VLAN ID: 2 Port Egress ------------1 [ NO ] 2 [ NO ] 3 [UNTAGGED ] 4 [ NO ] 5 [ NO ] 6 [ NO ] 7 [ NO ] 8 [ NO ] FDB ID: 2 VLAN NAME: Test Port Egress ------------9 [ NO ] 10 [ TAGGED ] 11 [ NO ] 12 [ NO ] 13 [ NO ] 14 [ NO ] 15 [ NO ] 16 [ NO ] Port ---17 18 19 20 21 22 23 24 SET ALL PORTS: Egress ---------[ NO ] [ NO ] [ NO ] [ NO ] [ NO ] [ NO ] [ NO ] [ NO ] Port ---25 26 27 Egress ---------[ NO ] [ NO ] [ NO ]
Quick VLAN Walkthrough 4. Use the arrow keys to highlight the Acceptable Frame Types field for Port 3. 5. Use the SPACE bar to step to ADMIT ALL FRAMES. 6. Leave the INGRESS FILTERING field for Port 3 in the default setting of DISABLED. This prevents frames from being filtered out according to the Port VLAN List. 7. Leave the GVRP STATUS field for Port 3 in the default setting of ENABLED. This sets Port 10 as a GVRP port to receive registrations of dynamically created VLANs. 8.
Examples Figure 13-9 Walkthrough Stage Four, VLAN Port Configuration Port 1 2 3 4 5 6 7 8 9 10 11 12 PVID 1 1 2 1 1 1 1 1 1 1 1 1 SAVE Acceptable Frame Types [ ADMIT ALL FRAMES ] [ ADMIT ALL FRAMES ] [ ADMIT ALL FRAMES ] [ ADMIT ALL FRAMES ] [ ADMIT ALL FRAMES ] [ ADMIT ALL FRAMES ] [ ADMIT ALL FRAMES ] [ ADMIT ALL FRAMES ] [ ADMIT ALL FRAMES ] [ ADMIT VLAN TAGGED ONLY ] [ ADMIT ALL FRAMES ] [ ADMIT ALL FRAMES ] NEXT Ingress Filtering [ DISABLED ] [ DIS
Example 1, Single Switch Operation 13.12 EXAMPLE 1, SINGLE SWITCH OPERATION This first example looks at the configuration of a single Ethernet switch for VLAN operation. In this example, two groups of three users are to be assigned to two VLANs to isolate them from one another. The blue users (B1, B2, B3) are to be kept completely separate from the red users (R1, R2, R3). Figure 13-10 shows the initial state of the switch. Figure 13-10 Example 1, Single Switch Operation R1 802.
Example 1, Single Switch Operation 4. The ports 1 through 6 are configured as follows using the VLAN Port Configuration screen: • Ports 1, 2, and 3 are set as follows: PVID: 2 Acceptable Frame Types: ADMIT ALL FRAMES Ingress Filtering: ENABLED GVRP Status: DISABLED • Ports 4, 5, and 6 are set as follows: PVID: 3 Acceptable Frame Types: ADMIT ALL FRAMES Ingress Filtering: ENABLED GVRP Status: DISABLED 5. The VLANs and ports are now configured and enabled.
Example 2, VLANs Across Multiple Switches 13.12.2 Frame Handling This section describes the operations of the switch when two frames are received. The first frame is a broadcast sent by station R1. 1. Station R1 transmits the broadcast frame. The switch receives this frame on Port 1. As the frame is received, the switch classifies it. The frame is untagged, so the switch classifies it as belonging to the VLAN that Port 1 is assigned to, the Red VLAN. 2.
Example 2, VLANs Across Multiple Switches Figure 13-12 Example 2, VLANs Across Multiple Switches Redco Blue Industries User A 2 Bridge 1 Red VLAN 1 4 Bridge 2 3 Blue VLAN 4 Floor 4 Floor 3 Redco Blue Industries File Server 2 Bridge 3 Blue VLAN 1 2 Bridge 4 File Server 3 Red VLAN Floor 2 Floor 1 User 802.1D Legacy Bridge 802.
Example 2, VLANs Across Multiple Switches 13.13.1 Solving the Problem To solve the problem in this example, the users are assigned to VLANs using Switch 4 and Switch 2 as shown in Figure 13-12. Redco users are assigned to the Red VLAN and Blue Industries users to the Blue VLAN. The following information shows how Switch 4 and Switch 2 are configured to create the two VLANs to isolate the users of the two companies from one another on the network using the existing infrastructure.
Example 2, VLANs Across Multiple Switches 4. Port 4 is configured as a trunk port by setting the Egress type for both VLAN ID 2, Port 4 and VLAN ID 3, Port 4 to TAGGED using the Static VLAN Egress Configuration screen. This means that these ports will only transmit tagged VLAN frames. • Port 4, Egress: TAGGED 5.
Example 2, VLANs Across Multiple Switches • Port 3 is set as follows: PVID: 2 Acceptable Frame Types: ADMIT ALL FRAMES Ingress Filtering: ENABLED GVRP Status: DISABLED This causes the switch to classify all untagged frames received as belonging to the VLAN specified by each port PVID and to replace the previous PVID information in the port VLAN List with the new PVID information. This makes Port 1 part of the Blue VLAN, Port 3 part of the Red VLAN, and both are set to the VLAN frame format of untagged. 4.
Example 2, VLANs Across Multiple Switches 13.13.2 Frame Handling The following describes how, when User A attempts to log on to the File Server on Bridge 4, the frames from User A are classified on Switch 4 and traverse the network. In this example, the MAC address of User A is “Y” and the MAC address for the File Server is “Z”. The following description includes illustrations to help understand how the frames flow through the network. 1.
Example 2, VLANs Across Multiple Switches Figure 13-14 Transmitting to Switch 4 Redco Blue Industries 2 User A Bridge 1 1 4 Red VLAN Bridge 2 3 Blue VLAN 4 Floor 4 Floor 3 Redco Blue Industries 2 Bridge 3 Blue VLAN 1 Bridge 4 2 File Server 3 Red VLAN Floor 2 22631_15 3. When Switch 2 receives the tagged frame on its Port 2, it checks the frame’s VLAN Tag Header and determines that the frame is classified as belonging to the Red VLAN, and that the frame is a broadcast frame.
Example 2, VLANs Across Multiple Switches Figure 13-15 Transmitting to Bridge 4 Floor 3 Redco Blue Industries 2 Bridge 3 Blue VLAN 1 2 3 Bridge 4 File Server Red VLAN Floor 2 2263_16 4. The File Server responds with a unicast frame to User A. All switches between the File Server and User A have an entry in their respective Source Address Tables identifying which port to use for forwarding the frame to User A, MAC address “Y” in FDB ID 2.
Example 3, Filtering Traffic According to a Layer 4 Classification Rule 13.14 EXAMPLE 3, FILTERING TRAFFIC ACCORDING TO A LAYER 4 CLASSIFICATION RULE This example illustrates how to filter out broadcast transmissions at Layer 4 from other parts of a network. In this example, illustrated in Figure 13-16, switches S1 and S2 have already been configured and operating.
Example 4, Securing Sensitive Information According to Subnet 2. The VLAN Classification Configuration screen is used to configure the switch to detect and classify the incoming RIP broadcast frames on Port 25 to the Null VLAN. Since the Null VLAN is not assigned to any port, the frame is dropped (not transmitted out any port). The VLAN Classification Configuration screen is set as follows: • VID: 99 • Classification: Dest UDP Port • IP UDP Port: 520 Port 520 is a well known port number used by RIP. 13.
Example 5, Using Dynamic Egress to Control Traffic 13.15.1 Solving the Problem In this example, Switch 1 (S1) has already been configured and is operating. To isolate the Finance Department traffic, Subnet 28 will be isolated from the Engineering Department subnet 50 and other users on the company’s network (123.123.xx.xx). The following covers only those steps needed to configure the switch to solve the problem.
Example 5, Using Dynamic Egress to Control Traffic Figure 13-18 Example 7, Dynamic Egress Application PCs IP IP AppleTalk IP AppleTalk IP AppleTalk IP AppleTalk IP 123456 S1 7 Web Server 3069_106 Solving the Problem In this example, Switch 1 (S1) has already been configured with a default VLAN 0001 associated with FDB ID 0001 as the PVID on all ports. The following additional steps are required to configure the switch to solve this problem. 1.
Example 6, Locking a MAC Address to a Port Using Classification Rules In this example, the AppleTalk traffic is routed only to AppleTalk users (ports 1, 2, 5, and 6), while IP traffic is allowed to be seen by IP users (ports 3, 4, and 7) and by IP/AppleTalk users (ports 1, 2, 5, and 6). 13.17 EXAMPLE 6, LOCKING A MAC ADDRESS TO A PORT USING CLASSIFICATION RULES The following example illustrates how to add security by “locking” an individual MAC address to a port on the switch module (S1).
Example 6, Locking a MAC Address to a Port Using Classification Rules The frames received on Port 2 will be handled in the same way except that S1 will only allow frames with the MAC address 00.00.00.00.00.0B frames to be forwarded out the desired ports and discard all other frames received on Port 2 that are not MAC address 00.00.00.00.00.0B frames. This is accomplished using the screens as follows: • The Static VLAN Configuration screen to create one VLAN, which will be named Red VLAN in this example.
Example 6, Locking a MAC Address to a Port Using Classification Rules 3. Remove all ports from the Default VLAN Egress List as follows: • The Default VLAN is selected from the Static VLAN Configuration screen to display the Static VLAN Egress Configuration screen.
A Generic Attribute Registration Protocol (GARP) This appendix describes the switch operation when its ports are operating under the Generic Attribute Registration Protocol (GARP) application – GARP VLAN Registration Protocol (GVRP). NOTE: There is a global setting for GVRP that is enabled by default. Access to these settings is only available through a MIB. A.1 OPERATION The process of the forwarding decision and tagging frames is the same as for 802.1Q as described in Chapter 13.
How It Works A.2 HOW IT WORKS In Figure A-1, Switch 4, port 1 is registered as being a member of VLAN Blue and then declares this fact out all its ports (2 and 3) to Switch 1 and Switch 2. These two switches register this in the Port VLAN Lists of the ports (Switch 1, port 1 and Switch 2, port 1) that received the frames with the information.
B About IGMP This appendix provides information about the following: • IGMP Overview (Section B.1) • Supported Features and Functions (Section B.2) • Detecting Multicast Routers (Section B.3) B.1 IGMP OVERVIEW Internet Group Management Protocol (IGMP) is a multicast protocol used by routers. This protocol is supported by Enterasys Networks SmartSwitches when operating in the 802.1Q mode to “snoop” the IGMP frames.
Supported Features and Functions B.2 SUPPORTED FEATURES AND FUNCTIONS The following lists the features and functions supported when using IGMP: • Runs only when the switch is operating in the 802.1Q mode. • Supports multiple multicast and non-multicast routers on the same VLAN. • Supports standalone multicast servers only if a router is present on the network. • Multicast forwarding rate is dependent on the number of ports to which the multicast stream is forwarded. More ports degrade the performance.
Detecting Multicast Routers B.3 DETECTING MULTICAST ROUTERS The location of a router needs to be known in order to forward IGMP report frames back to the router. The router(s) sends multicast routing protocol frames that get flooded throughout the network. By snooping on these protocol, the switch will mark ports as connected to a router. The port is put in a “forward all” mode where all multicast frames will be flooded.
Index Numerics 1D Connection 13-6 1D Trunk 8-20 1Q Connection 13-6 1Q Trunk 8-20 802.1 Configuration Menu screen 7-2 802.1p Configuration Menu screen 9-2 802.1Q switching mode hierarchy of 3-3 802.1Q VLAN Configuration Menu screen 8-3 802.
MuxReason 6-39 MuxState 6-39 PartnerChangeCount 6-39 PartnerChurnCount 6-39 PartnerChurnState 6-39 Port Instance 6-38 PsyncTransCount 6-39 RxState 6-38 UnknownRx 6-38 802.
Configuration VLAN Spanning Tree 7-9 VLAN Spanning Tree ports 7-12, 7-13 Configuration Process 13-8 Confining Network Traffic According to Priority and VLAN 9-35 Controlling Traffic example of 12-40 Current VLAN Configuration screen 8-14 screen fields FDB ID 8-15 Ports on Egress 8-15 VLAN ID 8-15 VLAN Type 8-15 Current VLAN Egress Configuration screen screen fields Egress 8-17 Port 8-17 Cursor movement 1-3 D Default gateway 5-5 Default VLAN 13-6 Display field 1-7 Distributed Chassis Management 1-6 Document
SessionFramesRx 3-47 SessionFramesTx 3-47 SessionID 3-47 SessionOctetsRx 3-47 SessionOctetsTx 3-47 EAP Statistics Menu screen 3-44 Egress Types on Ports setting of 8-12 Ethernet Interface Configuration screen 6-4 screen fields Config 6-6 Duplex 6-6 FDX FC 6-6 HDX FC 6-7 Intf 6-5 Link 6-6 Port 6-5 Port Type 6-5 Speed 6-6 Ethernet Port Configuration screen 6-8 screen fields Advertised Ability 6-10 Auto-Negotiation State 6-9 Default Duplex 6-9 Default Speed 6-9 Full Duplex Flow Control 6-11 Half Duplex Flow Co
Subnet Mask 5-5 Telnet 5-7 TFTP Gateway IP Addr 5-5 WebView 5-7 screen lockout time 5-6, 5-14 screen refresh time 5-13 subnet mask 5-9 Getting help 1-9 GVRP enabling or disabling on port 8-21 purpose of A-1 H Heading Field 1-6 Hierarchy 802.
L Layer 3 Expansion Menu screen 10-2 Lists Forwarding 13-6 Port VLAN 13-6 Local Management clearing counters 3-5 exiting from 3-4 navigating the screens 3-1 paging to next or previous screen 3-5 requirements 1-4 screen elements 1-4 See also managing the switch Local Management screens selection of 3-4 M MAC Locking 12-15 MAC Port Configuration screen 3-54 screen fields Authentication State 3-55 Force Reauth 3-56 Initialize Port 3-56 Port # 3-55 Port Enable 3-55 SET ALL PORTS 3-56 MAC Supplicant Configurati
dynamic_egress 12-9 ev 12-10 gigabit_port_mode 12-12 igmpv3_drop 12-12 lg_frame_admin 12-13 link_trap 12-14 loopback_detect 12-14 MAC lock 12-15 netstat 12-18 non_bridge_if_num 12-19 passiveStp 12-20 ping 12-20 policy 12-21 radius 12-23 rate_limit_mode 12-27 reset 12-28 sat_size 12-28 show 12-29, 12-33 soft_reset 12-31 stpEdgePort 12-32 stpForceVersion 12-32 stpPointToPointMAC 12-34 stpPort 12-35 stpRealTimeMsgAge 12-35 suppress_topology_traps 12-36 telnet 12-36 timed_reset 12-37 timed_soft_reset 12-37 trac
Src Port [n] (Selectable) 4-21 Status 4-22 Port Redirect Configuration screen (module) 6-16 Port Security setup example 13-36 Port VLAN list 13-6 Ports setting Egress types on 8-12 PREVIOUS command how to use 3-5 Primary and Secondary Servers function of 3-16 Priority and VLAN isolating network according to 9-35 Priority Classification Configuration screen 9-16 screen fields ADD 9-18 CLASSIFICATION 9-18 Classification (top of screen) 9-17 DEL 9-18 Description 9-17 PID 9-18 PID (top of screen) 9-17 Protocol
example of 9-44 more about 9-44 Rate Limiting Configuration screen 9-37 screen fields ADD 9-41 DEL 9-41 Direction 9-40 Direction (top of screen) 9-39 Dropped Events 9-39 Feature 9-39 Max Rate: Kbps 9-41 Max Traffic Rate 9-39 Port 9-38 Port Number 9-39 Port Type 9-39 Priority List 9-40 Priority List (top of screen) 9-38 Redirect Configuration Menu screen 6-14 Related manuals xvii Remote Management See also managing the switch Reset Peak Switch Utilization setting of 5-31 RMON Statistics screen 11-10 65 – 127
802.3ad Port Details screen 6-31 802.3ad Port screen 6-29 802.3ad Port Statistics screen 6-37 802.
SNMP Community Names Configuration screen screen fields Access Policy 4-13 Community Name 4-13 SNMP Community Names screen screen fields Access Policy 5-22 community name 5-21 SNMP Configuration Menu screen 5-18 SNMP Traps Configuration screen 5-23 screen fields Enable Traps 4-15, 5-24 Trap Community Name 4-15, 5-24 Trap Destination 4-15, 5-24 trap table configuration 4-16, 5-24 Spanning Tree Configuration Menu screen 7-4 Spanning Tree Configuration screen screen fields ADD ALL CONFIGURED VLAN 7-9 Age Time
Reset Peak Switch Utilization 5-31 T Tag 13-5 Tag Header 13-5 Tagged frame 13-5, 13-10 Telnet connections 2-4 TFTP Gateway IP Addr 5-35 TFTP gateway IP addr 5-5 Traffic Class Configuration screen 9-10 screen fields Priority 9-11 SAVE 9-11 SAVE TO ALL PORTS 9-11 Traffic Class 9-11 Traffic Class Information screen 9-7 screen fields Port 9-9 Priority 9-9 Traffic Class to Port Priority assignment of 9-11 Transmit Queues Configuration screen 9-12 screen fields Current Queueing Mode 9-14 Number of Queues 9-14 Po
Redirect Errors 6-22 redirect errors 6-22 Source VLAN (Read-Only) 6-22 Source VLAN [n] 6-22 status 6-22 VLAN Redirect Configuration screen (chassis) 4-23 screen fields Dest Module [n] (Selectable) 4-25 Dest Port [n] (Selectable) 4-25 Destination Module (Read-Only) 4-25 Destination Port (Read-Only) 4-25 Frame Format (Read-Only) 4-25 Frame Format (Selectable) 4-25 Redirect Errors 4-25 Source Module (Read-Only) 4-24 Source VLAN ID 4-24 Src Module [n] (Selectable) 4-25 Src VLAN ID [n] (Selectable) 4-25 Status (
