User Guide MANAGED SWITCH LGS3XX 1
Contents Contents ............................................................................................................................................................ 2 Ethernet Switch Features ............................................................................................................................ 4 System...........................................................................................................................................................................
Dual Image ............................................................................................................................................................ 68 ACL .............................................................................................................................................................................. 69 MAC ACL ......................................................................................................................................................
Ethernet Switch Features System Summary The Summary page shows general system information for the Switch including the device name, firmware version, serial number, base MAC address, system uptime and fan status. Device Name Displays the model name of the device. FW Version Displays the installed firmware version of the device. Serial Number Displays the serial number of the device. Base MAC Address Displays the MAC base address of the device.
IP Settings This switch supports multiple IP interfaces can be configurable. There are 4 IPv4 address and 4 IPv6 link local address, and 16 global IPv6 address share with 4 IP interfaces. The IP Setting page contains fields for assigning IP addresses. IP addresses are either defined as static or are retrieved using the Dynamic Host Configuration Protocol (DHCP). DHCP assigns dynamic IP addresses to devices on a network.
Dynamic IP Address (DHCP/BOOTP) Enables the IP address to be configured automatically by the DHCP server. Select this option if you have a DHCP server that can assign the Switch an IP address, subnet mask, default gateway IP address, and a domain name server IP address automatically. Selecting this field disables the IP Address, Subnet Mask fields. Static IP Address Allows the entry of an IP address, subnet mask for the Switch.
IPv6 Management IPv6 is an upgraded version to IPv4, providing more available IP addresses as well as other benefits. To access the switch over an IPv6 network you must first configure it with IPv6 information (IPv6 address, prefix length, and LinkLocal or Global address type). To configure IPv6 for the Switch, select VLAN interface to modify or press add button to add a new IPv6 address. Interface VLAN interface need to add / modify.
VLAN Specify the VLAN ID. IP Address This field allows the entry of an IPv4 address to be assigned to this IP interface. Enter the IP address of your Switch in dotted decimal notation. A subnet mask separates the IP address into the network and host Subnet Mask addresses. A bitmask that determines the extent of the subnet that the Switch is on. This should be labeled in the form: xxx.xxx.xxx.xxx, where each xxx is a number (represented in decimals) between 0 and 255. The value should be 255.0.0.
VLAN Specify the VLAN ID. IP Address This field allows the entry of an IPv6 address/prefix to be assigned to Subnet Mask Unicast for IPv6 Global address type and LinkLocal for IPv6 link local Click the button this IP interface. address type to modify specific IPv6 interface and button to delete an IPv6 interface entry. Click the Apply button to accept the changes or the Cancel button to discard them. DNS Servers DNS (Domain Name System) can transfer host name to IP address.
Click the Apply button to accept the changes or the Cancel button to discard them. ARP Settings To access the page, click ARP Settings under the System menu. ARP Global Set retry times and age out timer for ARP table. Max retries Max ARP request retries times if switch can’t get ARP reply. Timeout Aging time for Dynamic ARP entries. Click Apply to save settings. Address Resolution Protocol (ARP) table Display ARP table and ARP entries in switch.
Move to Static Administrator can move Dynamic ARP entry as Static ARP entry. Address This field allows the entry of an IPv4 address to be IP address in ARP MAC Address This field allows the entry of a MAC address format to be MAC Interface Select or display ARP entry belongs which IP interface. Mapping To display status of ARP entry. Click the button Static ARP will not take effect by timeout timer in global settings. entry. address in ARP entry.
Static Route Switch will forward IP packets follow ARP/ND table and Static route configuration. Static route can be configurable by administrator manually. Static route can also assign a next hop for stub network, or a default gateway for whole switch. The DIP filed in packets were not in IP subnet range of switch and also not hit by any route configuration, will forward to default gateway then. All gateway fields need to be including of subnet range of switch IP interfaces.
Important—If the Destination IP is set to :: and the Prefix Length is set to 0, then this entry will be default gateway entry in route table. Destination IP The DIP field in packets need to route. Prefix Length The field decides the range that packets hit this route entry. Gateway The next hop IPv6 address with global format if packets hit route entry. Click Apply to save settings. Neighbor Discovery (ND) table ND is responsible for gathering information from nearby nodes in IPv6 format.
IPv6 Address This field allows the entry of an IPv6 address to be IP address in ND Link-layer Addr This field allows the entry of a MAC address format to be MAC Interface Select or display ND entry belongs which IP interface. State Displays the status of ARP entry. entry. address in ND entry. System Time Use the System Time screen to view and adjust date and time settings. The Switch supports Simple Network Time Protocol (SNTP).
Current time Displays the current system time. Enable SNTP Select whether to enable or disable system time Time Zone Configure the time zone setting either by setting GMT Daylight Savings Time Select from Disabled, Recurring or Non-recurring. synchronization with an SNTP server. difference or by country. Daylight Savings Time Offset Enter the time of Daylight Savings Time Offset. Recurring From Select the Day, Week, Month, and Hour from the list.
3. In the Time Zone Offset list, select by country or by the Coordinated Universal Time (UTC/GMT) time zone in which the Switch is located. 4. Next select Disabled, Recurring or Non-recurring for Daylight Savings Time. Daylight saving is a period from late spring to early fall when many countries set their clocks ahead of normal local time by one hour to give more daytime light in the evening. 5. Click Apply to update the system settings.
Port Displays the port number. Link Status Indicates whether the link is up or down. Mode Select the speed and the duplex mode of the Ethernet connection on this port. Selecting Auto (auto-negotiation) allows one port to negotiate with a peer port automatically to obtain the connection speed and duplex mode that both ends support. When auto-negotiation is turned on, a port on the Switch negotiates with the peer automatically to determine the connection speed and duplex mode.
Port The port number of SFP port to be displayed. DHCP Snooping DHCP snooping is a DHCP security feature that provides security by filtering untrusted DHCP messages and by building and maintaining a DHCP snooping binding table. An untrusted message is a message that is received from outside the network or firewall and that can cause traffic attacks within your network.
The DHCP snooping binding table contains the MAC address, IP address, lease time, binding type, VLAN number, and interface information that corresponds to the local untrusted interfaces of a switch; it does not contain information regarding hosts interconnected with a trusted interface. An untrusted interface is an interface that is configured to receive messages from outside the network or firewall. A trusted interface is an interface that is configured to receive only messages from within the network.
VLAN ID Specify the VLAN to have the DHCP Snooping function. DHCP Snooping Status Enable or Disable the DHCP snooping on the VLAN. Trust Port Settings Set the DCHP Server at trusted ports. Port Select the port as the DHCP server trusted port. State Set the port to be trust or un-trust port.
Binding list Display the DHCP client information. VID Display the VLAN id of client information. Port Display the port number of client information. MAC address Display the MAC address of client information. IP address Display the IP address of client information.
Consumed Power: Displays the total amount of power (in watts) currently being delivered to all PoE ports. NOTE: With different platform, the total power budget could be different. PoE Port Settings Port Displays the specific port for which PoE parameters are defined. PoE parameters are assigned to the powered device that is connected to the selected port. State Displays the active participating members of the trunk group. Priority Select the port priority if the power supply is low.
Power Limit Type Shows the classification of the powered device. The class defines the maximum power that can be provided to the powered device. The possible field values are: Class 0: The maximum power level at the Power Sourcing Equipment is 15.4 Watts. Class 1: The maximum power level at the Power Sourcing Equipment is 4.0 Watts. Class 2: The maximum power level at the Power Sourcing Equipment is 7.0 Watts. Class 3: The maximum power level at the Power Sourcing Equipment is 15.4 Watts.
EEE Energy Efficient Ethernet (EEE), an Institute of Electrical and Electronics Engineers (IEEE) 802.3az standard, reduces the power consumption of physical layer devices during periods of low link utilization. EEE saves energy by allowing PHY non-essential circuits shut down when there is no traffic. Network administrators have long focused on the energy efficiency of their infrastructure, and the Linksys Layer 2 Switch complies with the IEEE’s Energy-Efficient Ethernet (EEE) standard.
L2 Feature The L2 Feature tab exhibits complete standard-based Layer 2 switching capabilities, including: Link Aggregation, 802.1D Spanning Tree Protocol, 802.1w Rapid Spanning Tree Protocol, 802.1s Multiple Spanning Tree Protocol, MAC Address Table, Internet Group Management Protocol (IGMP) Snooping, Port Mirroring, 802.1ab Link Layer Discovery Protocol (LLDP), and Multicast Listener Discovery (MLD) snooping. Utilize these features to configure the Switch to your preferences.
computer networking; hence LACP should be enabled on the Switch's trunk ports initially in order for both the participating Switches/devices that support the standard to use it. Port Trunking Port Trunking allows you to assign physical links to one logical link that functions as a single, higher-speed link, providing dramatically increased bandwidth. Use Port Trunking to bundle multiple connections and use the combined bandwidth as if it were a single larger pipe.
Group Displays the number of the given trunk group. You can utilize up to 8 link aggregation groups and each group consisting up to 8 ports on the Switch. Active Ports Displays the active participating members of the trunk group. Member Port Select the ports you wish to add into the trunk group. Up to eight ports per group can be assigned. Static: The Link Aggregation is configured manually for specified trunk group. LACP: The Link Aggregation is configured dynamically for specified trunk group.
System Priority Enter the LACP priority value to the system. The default is 32768 and System Policy Select trunk load balance policy to the system. The default is src-dest- the range is from 1 to 65535. mac. Click Apply to save settings. LACP Timeout Link Aggregation Control Protocol (LACP) allows the exchange of information with regard to the link aggregation between two members of aggregation. The LACP Time Out value is measured in a periodic interval.
Timeout Select the administrative LACP timeout. Long Timeout: The LACP PDU will be sent for every 30 seconds, and the LACP timeout value is 90 seconds. Short Timeout: The LACP PDU will be sent every second. The timeout value is 3 seconds. Click Apply to save settings. Mirror Settings Mirrors network traffic by forwarding copies of incoming and outgoing packets from specific ports to a monitoring port. The packet that is copied to the monitoring port will be the same format as the original packet.
Session ID A number identifying the mirror session. This Switch only supports Destination Port Select the port for traffic purposes from source ports mirrored to Source TX/RX Port Sets the source port from which traffic will be mirrored. up to 4 mirror sessions. this port. TX Port: Only frames transmitted from this port are mirrored to the destination port. RX Port: Only frames received on this port are mirrored to the destination port.
STP The Spanning Tree Algorithm (STA) can be used to detect and disable network loops, and to provide backup links between Switches. This allows the Switch to interact with other bridging devices in your network to ensure that only one route exists between any two stations on the network and provide backup links which automatically take over when a primary link goes down. STP provides a tree topology for the Switch.
The Common Instance Spanning Tree (CIST) protocol is formed by the spanning tree algorithm running among bridges that support the IEEE 802.1w, IEEE 802.1s, and IEEE 802.1D standard. A Common and Internal Spanning Tree (CIST) represents the connectivity of the entire network and it is equivalent to a spanning tree in an STP/RSTP. The CIST inside a Multiple Spanning Tree Instance (MST) region is the same as the CST outside a region.
STP State Select enable or disable the spanning tree operation on the Switch. Force Version Select the Force Protocol Version parameter for the Switch. RSTP (Rapid Spanning Tree Protocol): IEEE 802.1w MSTP (Multiple Spanning Tree Protocol): IEEE 802.1s Configuration Name Configuration Revision Priority For the switch within the same MST region, must have the same MST configuration name and configuration revision.
Hello Time Displays the Switch Hello Time. This is the amount of time a bridge remains in a listening and learning state before forwarding packets. The default is 15 seconds. Click Apply to save settings. The Root Bridge serves as an administrative point for all Spanning Tree calculations to determine which redundant links to block in order to prevent network loops. From here, you can view all the information regarding the Root Bridge within the STP.
Bridge Address Displays the local bridge MAC address. It will be MAC address of switch. Root Address Displays the root bridge MAC address. Root in root bridge refers to the Priority Displays the priority for the bridge. When switches are running STP, base of the spanning tree, which the Switch could be configured for. each is assigned a priority. After exchanging BPDUs, the Switch with the lowest priority value becomes the root bridge. Forward Delay Displays the Switch Forward Delay Time.
Port Port or trunked port identifier. Priority Defines the priority used for this port in the Spanning Tree Algorithm. If the path cost for all ports on a Switch are the same, the port with the highest priority (i.e., lowest value) will be configured as an active link in the Spanning Tree. This makes a port with higher priority less likely to be blocked if the Spanning Tree Algorithm is detecting network loops.
CIST Port Settings Use the CIST Ports Settings page to configure and view STA attributes for interfaces when the spanning tree mode is set to MSTP. You may use a different priority or path cost for ports of the same media type to indicate a preferred path or edge port to indicate if the attached device can support fast forwarding or link type to indicate a point-to-point connection or shared-media connection.
Port Port or trunked port identifier. Priority Defines the priority used for this port in the Spanning Tree Algorithm. If the path costs for all ports on a Switch are the same, the port with the highest priority (i.e., lowest value) will be configured as an active link in the Spanning Tree. This makes a port with higher priority less likely to be blocked if the Spanning Tree Algorithm is detecting network loops.
MST Instance Settings Multiple Spanning Tree Protocol (MSTP) enables the grouping of multiple VLANs with the same topology requirements into one Multiple Spanning Tree Instance (MSTI). MSTP then builds an Internal Spanning Tree (IST) for the region containing commonly configured MSTP bridges. Instances are not supported in STP or RSTP. Instead, they have the same spanning tree in common within the VLAN. MSTP provides the capability to logically divide a Layer 2 network into regions.
MST ID VLAN List Priority Displays the ID of the MST group that is created. A maximum of 15 groups can be set for the Switch. Enter the VLAN ID range from for the configured VLANs to associate with the MST ID. The VLAN ID number range is from 1 to 4094. Select the bridge priority value for the MST. When Switches or bridges are running STP, each is assigned a priority. After exchanging BPDUs, the Switch with the lowest priority value becomes the root bridge. The default value is: 32768.
MST ID Displays the ID of the MST group that is created. A maximum of 15 Port Displays port or trunked port ID. Priority Select the bridge priority value for the MST. When switches or bridges groups can be set for the Switch. are running STP, each is assigned a priority. After exchanging BPDUs, the Switch with the lowest priority value becomes the root bridge. The bridge priority is a multiple of 4096.
Internal Path Cost Oper Regional Root Bridge Internal Root Cost Designated Bridge Internal Port Cost Displays the operation cost of the path from this bridge to the root bridge. This is the bridge identifier of the CST regional root. It is made up using the bridge priority and the base MAC address of the bridge. Displays the path cost to the designated root for the selected MST instance. Displays the bridge identifier of the bridge for the designated port.
Port State Indicates the current STP state of a port. If enabled, the port state determines what forwarding action is taken regarding traffic. The possible port states are: Disabled: STP is disabled on the port. The port forwards traffic while learning MAC addresses. Blocking: The port is blocked and cannot be used to forward traffic or learn MAC addresses. Listening: The port is in listening mode. The port cannot forward traffic or learn MAC addresses in this state. Learning: The port is in learning mode.
LBD Loopback Detection (LBD) can be used to detect loops by transmit loop protocol packets. Ports will send out loop protocol packets, once the same packet is received, the port will be shut down to prevent loop. LBD Global State All ports send loop packets out if Enabled is set, and when the same packet is received, the port will be shut down to prevent loop. Click Apply to update the system settings.
Port Port index of physical port. state Displays the state of per port LBD status. MAC Address Table The MAC address table contains address information that the Switch uses to forward traffic between the inbound and outbound ports. All MAC addresses in the address table are associated with one or more ports. When the Switch receives traffic on a port, it searches the Ethernet switching table for the MAC address of the destination.
Dynamic MAC Address The Switch will automatically learn the device's MAC address and store it to the dynamic MAC address table. If there is no packet received from the device within the aging time, the Switch adopts an aging mechanism for updating the tables from which MAC address entries will be removed from related network devices. The dynamic MAC address table shows the MAC addresses and their associated VLANs learned on the selected port.
Index Displays the index for the dynamic MAC address table. Port Select the port to which the entry refers. VID Displays the VLAN ID corresponding to the MAC address. MAC Address Displays the MAC addresses that the Switch learned from a specific port. Type Displays the MAC addresses entry is static or dynamic. Click Search to search specific MAC address from MAC address table. MAC Aging Settings To set aging time of whole MAC address table.
Global Settings Select whether to enable or disable the LLDP feature on the Switch. Next, enter the Transmission Interval, Holdtime Multiplier, Reinitialization Delay parameter, and the Transmit Delay parameter. When finished, click Apply to update the system settings. State Select Enabled or Disabled to activate LLDP for the Switch. Transmission Enter the interval at which LLDP advertisement updates are sent. Interval The default value is 30. The range is from 5 to 32768.
Local Device LLDP devices must support chassis and port ID advertisement, as well as the system name, system ID, system description, and system capability advertisements. Here, you can view detailed LLDP information for the Switch. Chassis ID Subtype Displays the chassis ID type. Chassis ID Displays the chassis ID of the device transmitting the LLDP frame. System Name Displays the administratively assigned device name. System Description Describes the device.
Port Displays the port. Chassis ID Subtype Displays the chassis ID type. Chassis ID Displays the chassis ID of the device that is transmitting the LLDP frame. Port ID Subtype Displays the port ID type. Remote ID Displays the remote ID. System Name Displays the administratively assigned device name. Time to Live Displays the time to live. Auto-Negotiation Displays state for the auto-negotiation supported. Supported Auto-Negotiation Enabled Displays state for the auto-negotiation enabled.
A multicast group is a group of end nodes that want to receive multicast packets from a multicast application. After joining a multicast group, a host node must continue to periodically issue reports to remain a member. Any multicast packets belonging to that multicast group are then forwarded by the Switch from the port.
Status Select to enable or disable IGMP Snooping on the Switch. The Switch snoops all IGMP packets it receives to determine which segments should receive packets directed to the group address when enabled. The default setting is: Disabled. Mode IP mode: Group List will be changed to IP mode, and switch will learn group by igmp join packet’s IP address, for example, 238.255.0.1 and 239.255.0.1 are different groups.
VLAN ID Displays the VLAN ID. IGMP Snooping Enables or disables the IGMP Snooping feature for the specified Status VLAN ID. Version This value will affect the igmp packets type that encode and send from switch, by the way, this value is the same as Querier Version in the “Querier Settings” page. Fast Leave Enables or disables the IGMP Snooping Fast Leave for the specified VLAN ID.
VLAN ID Displays the VLAN ID. Querier State Select whether to enable or disable the IGMP querier state for the specified VLAN ID. A querier can periodically ask their hosts if they wish to receive multicast traffic. The querier feature will check whether hosts wish to receive multicast traffic when enabled.
Router Settings The Router Settings shows the learned multicast router attached port if the port is active and a member of the VLAN. Select the VLAN ID you would like to configure and enter the Static and Forbidden ports for the specified VLAN IDs. All IGMP packets snooped by the Switch will be forwarded to the multicast router reachable from the port. VLAN ID Displays the VLAN ID. Dynamic Port List Displays router ports that have been dynamically configured.
Global Settings Status Select to enable or disable MLD Snooping on the Switch. The Switch snoops all MLD packets it receives to determine which segments should receive packets directed to the group address when enabled. The default setting is: Disabled. Mode IP mode: Group List will be changed to IP mode, and switch will learn group by MLD join packet’s IP address. MAC mode: Group List will be changed to mac mode, and switch will learn group by MLD join packet’s mac address.
VLAN ID Displays the VLAN ID. MLD Snooping Select to enable or disable the MLD snooping feature for the Status specified VLAN ID. Version This value will affect the MLD packets type that encode and send from switch, by the way, this value is the same as Querier Version in the “Querier Settings” page. Fast Leave Enables or disables the MLD snooping Fast Leave feature for the specified VLAN ID.
VLAN ID Displays the VLAN ID. Querier State Select whether to enable or disable the MLD querier state for the specified VLAN ID. A querier can periodically ask their hosts if they wish to receive multicast traffic. The querier feature will check whether hosts wish to receive multicast traffic when enabled.
VLAN ID Displays the VLAN ID. Dynamic Port List Displays router ports that have been dynamically configured. Forbidden Port List Designates a range of ports as being disconnected to multicastenabled routers. Ensure that the forbidden router port will not propagate routing packets out. Static Port List Designates a range of ports as being connected to multicastenabled routers. Ensure that all the packets will reach the multicast-enabled router.
Furthermore, all devices in the network must also be consistent on the maximum jumbo frame size, so it is important to do a thorough investigation of all your devices in the communication paths to validate their settings. Jumbo Frame Enter the size of jumbo frame. The range is from 1522 to 10240 bytes. Note: With different platforms, the max jumbo frame maybe different. Click Apply to update the system settings.
802.1Q Each VLAN in a network has an associated VLAN ID, which appears in the IEEE 802.1Q tag in the Layer 2 header of packets transmitted on a VLAN. The IEEE 802.1Q specification establishes a standard method for tagging Ethernet frames with VLAN membership information. The key for IEEE 802.1Q to perform its functions is in its tags. 802.1Q-compliant Switch ports can be configured to transmit tagged or untagged frames. A tag field containing VLAN information can be inserted into an Ethernet frame.
Port Displays the VLAN ID to which the PVID tag is assigned. Configure the PVID to assign untagged or tagged frames received on the selected port. PVID Enter the PVID value. The range is from 1 to 4094. Accept Type Select Tagged Only and Untagged Only from the list. Tagged Only: The port discards any untagged frames it receives. The port only accepts tagged frames. Untagged Only: Only untagged frames received on the port are accepted. All: The port accepts both tagged and untagged frames.
Voice VLAN Enhance your Voice over IP (VoIP) service by configuring ports to carry IP voice traffic from IP phones on a specific VLAN. Voice VLAN provides QoS to VoIP, ensuring that the quality of the call does not deteriorate if the IP traffic is received erratically or unevenly.
Voice VLAN Select Enabled or Disabled for Voice VLAN on the Switch. State Voice VLAN ID Sets the Voice VLAN ID for the network. Only one Voice VLAN is supported on the Switch. VLAN priority Set the Voice VLAN COS value for the network tag DSCP Set the DSCP value for the Voice VLAN 802.1p Remark Enable this function to have outgoing voice traffic to be marked with the selected CoS value. Remark Defines a service priority for traffic on the Voice VLAN. The priority of CoS/802.
OUI Settings The Switches determines whether a received packet is a voice packet by checking its source MAC address. VoIP traffic has a pre-configured Organizationally Unique Identifiers (OUI) prefix in the source MAC address. You can manually add specific manufacturer's MAC addresses and description to the OUI table. All traffic received on the Voice VLAN ports from the specific IP phone with a listed OUI is forwarded on the voice VLAN. Index Displays the VoIP sequence ID.
Port Settings Enhance your VoIP service further by configuring ports to carry IP voice traffic from IP phones on a specific VLAN. Voice VLAN provides QoS to VoIP, ensuring that the quality of voice does not deteriorate if the IP traffic is received unevenly. Port Displays the port to which the Voice VLAN settings are applied. State Select Enabled to enhance VoIP quality on the selected port. The default is Disabled. CoS Mode Select Src or All from the list.
Management System Information The System Information screen contains general device information including the system name, system location, and system contact for the Switch. System Name Enter the name you wish to use to identify the Switch. You can use up to 255 alphanumeric characters. System Enter the location of the Switch. You can use up to 255 alphanumeric Location characters. The factory default is: Default Location. System Enter the contact person for the Switch.
User Name Enter a username. You can use up to 18 alphanumeric characters. Password Enter a new password for accessing the Switch. Password Retype Repeat the new password used to access the Switch. Privilege Type Select Admin or User from the list to regulate access rights. Important: Note that Admin users have full access rights to the Switch when determining the authority of the user account. Click the Apply button to accept the changes or the Cancel button to discard them.
Active Selects the partition you wish to be active. Flash Partition Displays the number of the partition. Status Displays the partition which is currently active on the Switch. Image Name Displays the name/version number of the image Image Size Displays the size of the image file. Created Time Displays the time the image was created. Click Apply to update the system settings.
MAC ACL This page displays the currently defined MAC-based ACLs profiles. To add a new ACL, click Add and enter the name of the new ACL. Index Profile identifier. Name Enter the MAC based ACL name. You can use up to 32 alphanumeric characters. Click the Apply button to accept the changes or the Cancel button to discard them. MAC ACE Use this page to view and add rules to MAC-based ACLs.
ACL Name Select the ACL from the list. Sequence Enter the sequence number which signifies the order of the specified ACL relative to other ACLs assigned to the selected interface. The valid range is from 1 to 2147483647, 1 being processed first. Action Select what action taken if a packet matches the criteria. Permit: Forward packets that meet the ACL criteria. Deny: Drops packets that meet the ACL criteria. Destination MAC Enter the destination MAC address.
IPv4 ACL This page displays the currently defined IPv4-based ACLs profiles. To add a new ACL, click Add and enter the name of the new ACL. Index Displays the current number of ACLs. Name Enter the IP based ACL name. You can use up to 32 alphanumeric characters. Click the Apply button to accept the changes or the Cancel button to discard them. IPv4 ACE Use this page to view and add rules to IPv4-based ACLs.
ACL Name Select the ACL from the list for which a rule is being created. Sequence Enter the sequence number which signifies the order of the specified ACL relative to other ACLs assigned to the selected interface. The valid range is from 1 to 2147483647, 1 being processed first. Action Select what action to take if a packet matches the criteria. Permit: Forwards packets that meet the ACL criteria. Deny: Drops packets that meet the ACL criteria.
IPv6: ICMP: The Internet Control Message Protocol (ICMP) allows the gateway or destination host to communicate with the source host. OSPF: The Open Shortest Path First (OSPF) protocol is a link-state hierarchical interior gateway protocol (IGP) for network routing Layer Two (2) Tunneling Protocols. It is an extension to the PPP protocol that enables ISPs to operate Virtual Private Networks (VPNs). PIM: Matches the packet to Protocol Independent Multicast (PIM).
IPv6 ACL This page displays the currently defined IPv6-based ACLs profiles. To add a new ACL, click Add and enter the name of the new ACL. Index Displays the current number of ACLs. Name Enter the IPv6 based ACL name. You can use up to 32 alphanumeric characters. Click the Apply button to accept the changes or the Cancel button to discard them. IPv6 ACE Allows IPv6 Based Access Control Entry (ACE) to be defined within a configured ACL.
ACL Name Select the ACL from the list. Sequence Enter the sequence number which signifies the order of the specified ACL relative to other ACLs assigned to the selected interface. The valid range is from 1 to 2147483647, 1 being processed first. Action Select what action taken if a packet matches the criteria. Permit: Forward packets that meet the ACL criteria. Deny: Drops packets that meet the ACL criteria. Protocol Select the Any, Protocol ID, or Select from List from drop-down menu.
ACL Binding When an ACL is bound to an interface, all the rules that have been defined for the ACL are applied to that interface. Whenever an ACL is assigned on a port or LAG, flows from that ingress or egress interface that do not match the ACL, are matched to the default rule of dropping unmatched packets. To bind an ACL to an interface, simply select an interface and select the ACL(s) you wish to bind. Port Select the port for which the ACLs are bound to.
In a Switch, multiple queues per port are often provided to give preference to certain packets over others based on user-defined criteria. When a packet is queued for transmission within a port, the rate at which it is processed depends on how the queue is configured and the amount of traffic present within other queues on the port. If a delay is necessary, packets are held in the queue until they are authorized for transmission.
State Select whether QoS is enabled or disabled on the switch. Scheduling Selects the Strict Priority or WRR to specify the traffic scheduling method. Method Strict Priority: Specifies traffic scheduling based strictly on the queue priority. WRR: Use the Weighted Round-Robin (WRR) algorithm to handle packets in priority classes of service. It assigns WRR weights to queues. Queue 1~8 Select the queue proportion when using the WRR mode.
CoS Displays the CoS priority tag values, where 0 is the lowest and 7 is the highest. Queue Check the CoS priority tag box and select the Queue values for each CoS value in the provided fields. Eight traffic priority queues are supported and the field values are from 1 to 8, where one is the lowest priority and eight is the highest priority. Click Apply to update the system settings.
Port Settings From here, you can configure the QoS port settings for the Switch. Select a port you wish to set and choose a CoS value from the dropdown box. Next, select to enable or disable the Trust setting to let any CoS packet be marked at ingress. Port Displays the ports for which the CoS CoS Value Select the CoS priority tag values, where 0 is Trust Select Enabled to trust any CoS packet parameters are defined. the lowest and 7 is the highest. marking at ingress.
Advanced Settings Set the new 802.1p or DSCP value on specific packets.
Name Set the class policy name. Source Mac Define the source MAC address. Address Destination Mac Define the destination MAC address. Address Ethertype Value Define the specific ehtertype. VLAN ID Define the specific VLAN ID VLAN Priority Define the VLAN or 802.1p value. Protocol Define the specific protocol. (select from list or protocol ID) Source IP Address Define the source IP address. Destination IP Define the destination IP address. Address Type of Service Define the specific ToS.
Bandwidth Control The Bandwidth Control feature allows users to define the bandwidth settings for a specified port's Ingress Rate Limit and Egress Rate. Port Displays the ports for which the bandwidth settings are displayed. Ingres Select enable or disable ingress on the interface. Ingress Rate Enter the ingress rate in kilobits per second. The gigabit Ethernet ports have a maximum speed of 1000000 kilobits per second.
Storm Control Storm Control limits the amount of Broadcast, Unknown Multicast, and Unknown Unicast frames accepted and forwarded by the Switch. Storm Control can be enabled per port by defining the packet type and the rate that the packets are transmitted at. The Switch measures the incoming Broadcast, Unknown Multicast, and Unknown Unicast frames rates separately on each port, and discards the frames when the rate exceeds a user-defined rate.
Unknown Multicast Enter the Unknown Multicast rate in kilobits per second. The gigabit Ethernet ports have a maximum speed of 1000000 kilobits per second. If the rate of broadcast traffic ingress on the interface increases beyond the configured threshold, the traffic is dropped. Unknown Unicast Enter the Unknown Unicast rate in kilobits per second. The gigabit Ethernet ports have a maximum speed of 1000000 kilobits per second.
State Select authentication is Enabled or Disabled on the Switch. Guest VLAN Select Guest VLAN is Enabled or Disabled on the Switch. The default is Disabled. Guest VLAN ID Select the guest VLAN ID from the list of currently defined VLANs. Click Apply to update the system settings. Port Settings The IEEE 802.1X port-based authentication provides a security standard for network access control with RADIUS servers and holds a network port block, until authentication is completed. With 802.
Port Displays the ports for which the 802.1X information is displayed. Mode Select Auto or Force_UnAuthorized or Force_Authorized mode from the list. Re-Authentication Select port re-authentication is Enabled or Disabled. Re-authentication Enter the time span in which the selected port is re-authenticated. period The default is 3600 seconds. Quiet Period Enter the number of the device that remains in the quiet state following a failed authentication exchange. The default is 60 seconds.
User Name Display client’s username via 802.1x RADIUS server authentication. Port Display client’s authenticated port number. Session Time Display client’s 802.1x session time. Authenticate Display client’s authenticated method. Method MAC Address Display client’s MAC address. Dynamic VLAN Display client’s VLAN information. Cause Dynamic VLAN ID Display client’s VLAN ID if RADIUS server assign it. Statistics Display 802.1x related packet counters and source MAC of last received 802.
RADIUS Server RADIUS servers are used for centralized administration. Remote Authentication Dial In User Service (RADIUS) is a networking protocol that provides centralized Authentication, Authorization, and Accounting (AAA) management for users that connect and use a network service for greater convenience. RADIUS is a server protocol that runs in the application layer, using UDP as transport.
Access The Linksys switch provides a built-in browser interface that you can configure and manage the Switch via Hypertext Transfer Protocol (HTTP) and Hypertext Transfer Protocol Secure (HTTPS) requests selectively to help prevent security breaches on the network. You can manage your HTTP and HTTPS settings for the Switch further by configuring session timeouts for HTTP and HTTPS requests. Select enable or disable the HTTP service and enter the HTTP Timeout session.
HTTP Session Enter the amount of time that elapses before HTTP is timed out. Timeout The default is 5 minutes. The range is from 0 to 10000 minutes. HTTP Service Select HTTP service for the Switch is Enabled or Disabled. This is enabled by default. HTTPS Service Select the HTTP service is Enabled or Disabled. This is disabled by default. CLI Session Timeout Enter the amount of time that elapses before telnet/SSH is timed out. The default is 5 minutes. The range is from 0 to 10000 minutes.
Max MAC Address Enter the maximum number of MAC addresses that can be learned on the port. The range is from 1 to 256. Port Displays the port for which the port security is defined. State Select Enabled or Disabled for the port security feature for the selected port. Click Apply to update the system settings. Port Isolation Port Isolation feature provides L2 isolation between ports within the same broadcast domain.
DoS DoS (Denial of Service) is used for classifying and blocking specific types of DoS attacks. From here, you can configure the Switch to monitor and block different types of attacks. Global Settings On this page, the user can enable or disable the prevention of DoS attacks globally. When enabled, the switch will drop the packets matching the types of DoS attack detected. Click Apply to update the system settings.
Port Displays the port for which statistics are displayed. RXOctets Displays the number of all octets received on the port. RXUcast Displays the number of unicast packets received on the port. RXNUcast Displays the number of non-unicast packets received on the port. RXDiscard Displays the number of received packets discarded on the port. TXOctets Displays the number of all octets transmitted on the port. TXUcast Displays the number of unicast packets transmitted on port.
Index Enter the entry number for event. Data Source Select the data source from the port. Owner Enter the switch that defined the event. Click the Apply button to accept the changes or the Cancel button to discard them. Event List The Event List defines RMON events on the Switch. Index Enter the entry number for event. Event Type Select the event type. Log: The event is a log entry. SNMP Trap: The event is a trap. Log & Trap: The event is both a log entry and a trap.
Index Enter the entry number for the Alarm List. Sample Port Select the port from which the alarm samples were taken. Sample Variable Select the variable of samples for the specified alarm sample. Sample Interval Enter the alarm interval time. Sample Type Select the sampling method for the selected variable and comparing the value against the thresholds. Absolute: Compares the values with the thresholds at the end of the sampling interval.
Click the Apply button to accept the changes or the Cancel button to discard them. History Log Table From here, you can view the History Index for history logs on the Switch. Select a history index to view from the drop-down box. Statistics From here, you can view all the RMON statistics of the Switch. Port Indicates the specific port for which RMON statistics are displayed. Drop Events Displays the number of dropped events that have occurred on the port.
CRC & Align Errors Displays the number of CRC and Align errors that have occurred on the port. Undersize Pkts Displays the number of undersized packets (less than 64 octets) received on the port. Oversize Pkts Displays the number of oversized packets (over 1518 octets) received on the port. Fragments Displays the number of fragments received on the port. Jabbers Displays the total number of received packets that were longer than 1518 octets.
Code 0 Severity Description General Description EMERG System is unusable. A "panic" condition usually affecting multiple apps/servers/sites. At this level it would usually notify all tech staff on call. 1 ALERT Action must be taken immediately. Should be corrected immediately, therefore notify staff who can fix the problem. An example would be the loss of a primary ISP connection. 2 CRIT Critical conditions.
Global Settings From here, you can Enable or Disable the log settings for the Switch. Click Apply to update the system settings. Local Logging The System Log is designed to monitor the operation of the Switch by recording the event messages it generates during normal operation. These events may provide vital information about system activity that can help in the identification and solutions of system problems. The Switch supports log output to two directions: Flash and RAM.
Click the Apply button to accept the changes or the Cancel button to discard them. Log Table This page displays the most recent records in the Switch's internal log. Log entries are listed in reverse chronological order (with the latest logs at the top of the list). Click a column header to sort the contents by that category.
To verify accuracy of the test, it is recommended that you run multiple tests in case of test fault or user error. Click Test to perform the cable tests for the selected port. Ping Test The Packet Internet Groper (Ping)Test allows you to verify connectivity to remote hosts. The Ping test operates by sending Internet Control Message Protocol (ICMP) request packets to the tested host and waits for an ICMP response.
IP Enter the IP address or the host name of the station you want the Switch to Address ping to. Count Enter the number of ping to send. The range is from 1 to 5 and the default is 4. Interval Enter the number of seconds between pings sent. The range is from 1 to 5 and the default is 1. Size Enter the size of ping packet to send. The range is from 8 to 5120 and the default is 56. Result Displays the ping test results. Click Test to perform the ping test.
IP Address Enter the IPv6 address or the host name of the station you want the Switch to ping to. Count Enter the number of ping to send. The range is from 1 to 5 and the default is 4. Interval Enter the number of seconds between pings sent. The range is from 1 to 5 and the default is 1. Size Enter the size of ping packet to send. The range is from 8 to 5120 and the default is 56. Result Displays the ping test results. Click Test to perform the ping test.
IP Address Enter the IP address or the host name of the station you wish the Switch to ping to. Max Hop Enter the maximum number of hops. The range is from 2 to 255 and the default is 30. Result Displays the trace route results. Click Test to initiate the trace route. Maintenance Maintenance functions are available from the maintenance bar located on the upper right corner of the user interface.
Firmware Upgrade WARNING Backup your configuration before upgrading to prevent loss of settings information. Note: The upgrade process may require a few minutes to complete. It is advised to clear your browser cache after upgrading your firmware. Reset Restore switch to system default.
Visit linksys.com/support for award-winning 24/7 technical support. LINKSYS and many product names and logos are trademarks of the Belkin group of companies. Third-party trademarks mentioned are the property of their respective owners. Licenses and notices for third party software used in this product may be viewed here: http://support.linksys.com/en-us/license. Please contact http://support.linksys.com/enus/gplcodecenter for questions or GPL source code requests. © 2021 Linksys Holdings, Inc.