Black Box LEH8814 User's Manual

Add to My manuals
161 Pages

advertisement

Black Box LEH8814 User's Manual | Manualzz

Black Box Hardened Managed Ethernet Switch

Hardened Managed

Ethernet Switch

LEH8814,

LEH813 Series,

LEH812 Series,

LEH808 Series

CUSTOMER

SUPPORT

INFORMATION

Order toll-free in the U.S. 24 hours, 7 A.M. Monday to midnight Friday: 877-877-BBOX

FREE technical support, 24 hours a day, 7 days a week: Call 724-746-5500 or Fax

724-746-0746

Mail order: Black Box Corporation, 1000 Park Drive, Lawrence, PA 15055-1018

Web site: www.blackbox.com • E-mail: [email protected]

User’s Manual 1

Black Box Hardened Managed Ethernet Switc h

Quick Start Guide

This quick start guide describes how to install and use the

Hardened Managed Ethernet Switch. This is th choice for harsh environments constrained by spa e switch of ce.

Physical Description

The Port Status LEDs and Power Inputs

10/100Base-TX, 100Base-FX

Link/ACT

Steady A valid network connection established.

Flashing

Transmitting or receiving data.

ACT stands for ACTIVITY.

Steady Communication speed is 100Mbps.

10/100

Off Communication speed is 10Mbps.

10/100/1000Base-TX, 1000Base-SX/LX

Link/ACT

Steady A valid network connection established.

Flashing

Transmitting or receiving data.

ACT stands for ACTIVITY.

Steady Communication speed is 1000Mbps.

1000

Off Communication speed is 10/100Mbps.

SFP Link

Steady A valid network connection established.

Off No valid network connection established.

2 User’s Manual

Black Box Hardened Managed Ethernet Switch

Power Input Assignment

Power3 12VDC DC

Power1

+ 12-32VDC

- Power Ground

Terminal Block

Power2

+ 12-32VDC

Earth Ground

DC Terminal Block Power Input power inputs can be used t s: There are two pairs of o power up this switch. Redundant power supplies function is supported .

Functional Description

z Meets NEMA TS1/TS2 Environmental requirements such as temperature, shock, and vibration for traffic control equipment. z Meets EN61000-6-2 EMC Generic Standard Immunity for industrial environment. z Manageable via SNMP, Web-based, Telnet, and RS-232 console port. z Support 802.3/802.3u/802.3ab/802.3z/802.3x. Auto-negotiation:

10/100/1000Mbps, full/half-duplex; Auto MDI/MDIX. z 100Base-FX: Multi mode SC or ST type; Single mode SC or ST type;

WDM Single mode SC type. z 1000Base-SX/LX: Multi mode or Single mode SC type; WDM Single mode SC type. z Support 8192 MAC addresses. Provides 2M bits memory buffer. z Operating voltage and Max. current consumption: 1.25A @ 12VDC,

0.625A @ 24VDC. Power consumption: 15W Max. z Power Supply: Redundant DC Terminal Block power inputs or 12VDC

DC JACK with 100-240VAC external power supply. z -40 to 75 (-40℉ to 167℉) operating temperature range.

Tested for functional operation @ -40 to 85 (-40℉ to 185℉). z Supports Din-Rail, Panel, or Rack Mounting installation.

User’s Manual 3

Black Box Hardened Managed Ethernet Switch

Console Configuration

z Connect to the switch console:

Connect the DB9 null-modem or cross over cable to the RS-232 serial port of the device and the RS-232 serial port of the terminal or computer running the terminal emulation application. Direct access to the administration console is achieved by directly connecting a terminal or a

PC equipped with a terminal-emulation program (such as HyperTerminal) to the switch console port. z Configuration settings of the terminal-emulation program:

Baud rate: 115,200bps

Data bits: 8

Parity: none

Stop bit: 1

Flow control: none. z Press the “Enter” key. The Command Line Interface (CLI) screen should appear as below: z Logon to Exec Mode (View Mode):

At the “switch_a login: prompt just type in “root” and press <Enter> to logon to Exec Mode (or View Mode). And the “switch_a>” prompt will show on the screen.

4 User’s Manual

Black Box Hardened Managed Ethernet Switch z Logon to Privileged Exec Mode (Enable Mode):

At the “switch_a>” prompt just type in “enable” and press <Enter> to logon to Privileged Exec Mode (or Enable Mode) . And the “switch_a#” prompt will show on the screen. z Logon to Configure Mode (Configure Terminal Mode):

At the “switch_a#” prompt just type in “ configure terminal” and press

<Enter> to logon to Configure Mode (or C onfigure Terminal Mode). And the “switch_a(config)#” prompt will show on the screen.

Web Configuration

z Login the switch:

Specify the default IP address (192.168.1.10) of the switch in the web browser. A login window will be shown as below:

User’s Manual 5

Black Box Hardened Managed Ethernet Switch z Enter the factory default login ID: root.

Enter the factory default password (no password).

Then click on the “Login” button to log on to the switch.

6 User’s Manual

Black Box Hardened Managed Ethernet Switch

Preface

This manual describes how to install and use the Blakc Box

Hardened Managed Ethernet Switch. This switch introduced here is designed to deliver full scalability with SNMP/RMON web-based management functions by providing:

To get the most out of this manual, you should have an understanding of Ethernet networking concepts.

In this manual, you will find:

Features on the Hardened Managed Ethernet Switch z Illustrative LED functions z Installation z Management z SNMP, DHCP, IGMP… z Specifications

User’s Manual 7

Black Box Hardened Managed Ethernet Switch

Table of Contents

Q

UICK

S

TART

G

UIDE

..................

...................................2

P HYSICAL D ESCRIPTION ..................................

........................................................

The Port Status LEDs and Power Inputs ........................

........................................................... 2

F UNCTIONAL D ESCRIPTION .....................

C ONSOLE C ONFIGURATION ....................

.................................................................

.................................................................

W EB C ONFIGURATION

.................................

............................................................

P

REFACE

....................................

....................................7

T

ABLE OF

C

ONTENTS

.................

....................................8

P

RODUCT

O

VERVIEW

.................

...

.............. ...............1

0

B LACK B OX H ARDENED M ANAGED E

THER NET S WITCH .............................................

P ACKAGE C ONTENTS .............................

.................................................................

P RODUCT H IGHLIGHTS ............................................................................................

Basic Features ......................................................................................................................... 11

Management Support .............................................................................................................. 11

F RONT P ANEL D ISPLAY ...........................................................................................

P HYSICAL P ORTS ....................................................................................................

S WITCH M ANAGEMENT ............................................................................................

Web-based browser interface .................................................................................................. 15

Administration console via RS-232 serial port (CLI)................................................................. 15

External SNMP-based network management application ........................................................ 15

I

NSTALLATION

..............................................................16

S ELECTING A S ITE FOR THE S WITCH ........................................................................

C ONNECTING TO P OWER .........................................................................................

12VDC DC Jack....................................................................................................................... 16

DC Terminal Block power input................................................................................................ 16

C ONNECTING TO Y OUR N ETWORK ...........................................................................

Cable Type & Length ............................................................................................................... 17

Cabling..................................................................................................................................... 19

S

WITCH

M

ANAGEMENT

................................................20

M ANAGEMENT A CCESS O VERVIEW ..........................................................................

A DMINISTRATION C ONSOLE (CLI) ............................................................................

Direct Access ........................................................................................................................... 21

Modem Access ........................................................................................................................ 22

W EB M ANAGEMENT ................................................................................................

SNMP-B ASED N ETWORK M ANAGEMENT .................................................................

P ROTOCOLS ...........................................................................................................

M ANAGEMENT A RCHITECTURE ................................................................................

W

EB

-B

ASED

B

ROWSER

M

ANAGEMENT

......................24

8 User’s Manual

Black Box Hardened Managed Ethernet Switch

SNMP & RMON M

ANAGEMENT

.................................25

O VERVIEW ..................................................

............................................................

SNMP A GENT AND MIB-2 (RFC

1213) .......

............................................................

RMON MIB (RFC 1757) AND B RIDGE MIB (

RFC 1493) ..........................................

RMON Groups Supported.........................................

............................................................... 26

Bridge Groups Supported .........................................

............................................................... 27

W

EB

-B

ASED

B

ROWSER

M

ANAG EMENT

......................28

L OGGING ON TO THE SWITCH ..................

.................................................................

U NDERSTANDING THE B ROWSER I NTERFACE

...................

........................................

S YSTEM .................................................

.................................................................

P ORT .....................................................................................................................

S WITCHING ............................................

.................................................................

T RUNKING .............................................

.................................................................

STP / R ING .............................................................................................................

VLAN.....................................................................................................................

Q O S.......................................................................................................................

SNMP....................................................................................................................

802.1

X ...................................................................................................................

O THER P ROTOCOLS ................................................................................................

C

OMMAND

L

INE

C

ONSOLE

M

ANAGEMENT

..................79

A DMINISTRATION C ONSOLE .....................................................................................

Exec Mode (View Mode) .......................................................................................................... 80

Privileged Exec Mode (Enable Mode)...................................................................................... 84

Configure Mode (Configure Terminal Mode)............................................................................ 88

S YSTEM ..................................................................................................................

P ORT .....................................................................................................................

S WITCHING .............................................................................................................

T RUNKING ..............................................................................................................

STP / R ING .............................................................................................................

VLAN.....................................................................................................................

Q O S.......................................................................................................................

SNMP....................................................................................................................

802.1

X ...................................................................................................................

O

THER

P

ROTOCOLS

................................................................................................

S

PECIFICATIONS

.........................................................152

A

PPENDIX

A ...............................................................154

A

PPENDIX

B ...............................................................155

User’s Manual 9

Black Box Hardened Managed Ethernet Switch

Product Overview

Black Box Hardened Managed Ethernet Switch

Front View

Package Contents

When you unpack the product package, you shall find the items listed below. Please inspect the contents, and report any apparent damage or missing items immediately to your authorized reseller.

The Black Box Hardened Managed Ethernet Switch

• User’s

• RS232

• Panel-mount brackets with screws

10 User’s Manual

Black Box Hardened Managed Ethernet Switch

Product Highlights

Basic Features

z Complies with NEMA TS1 & TS2 Environmental requirements for Traffic control equipment z Complies with EN61000-6-2 EMC Generic standard immunity for

Industrial environment z Supports 8192 MAC addresses z Provides 2M bits memory buffer z Auto-negotiation for speed and duplexity on all TX ports z Auto-MDIX on all TX ports z Full wire-speed forwarding rate z Store-and-forward z Half-duplex back-pressure and IEE E802.3x full-duplex compliant flow control z Redundant power inputs: 12VDC (DC Jack) and 12 to 32VDC (Terminal

Block) z -40 to 75 (-40 to 167 ) operating temperature range

Tested for functional operation @ -40 to 85 (-40 to 185 ) z Front panel reset button z Front panel port status LEDs z Hardened aluminum case z Supports DIN-Rail, Panel, or Rack Mounting installation

Management Support

VLAN z VLAN z IEEE802.1Q tagged VLAN

TRUNKING z MAC-based Trunking with automatic link fail-over

PORT-SECURITY z Per-port programmable MAC address locking z Up to 24 Static Secure MAC addresses per port z IEEE802.1x Port-based Network Access Control

PORT-MIRRORING z Port-mirroring

QOS

(IEEE802.1p Quality of Service) z 4 priority queues

User’s Manual 11

Black Box Hardened Managed Ethernet Switch

INTERNETWORKING PROTOCOLS z Bridging:

IEEE802.1w Rapid Spanning Tree

IEEE802.1D Spanning Tree compatible

IEEE802.1Q – GVRP

Ring z IP

IGMP Snooping z Rate z NTP

NETWORK MANAGEMENT METHODS z Console port access via RS-232 cable (CLI, Command Line Interface) z Telnet remote access z SNMP

MIB-2 (RFC1213)

Bridge MIB (RFC1493)

RMON MIB (RFC1757) – statistics, history, alarm and events

VLAN MIB (IEEE802.1Q/RFC2674) z

Private MIB browser z TFTP software-upgrade capability

12 User’s Manual

Black Box Hardened Managed Ethernet Switch

Front Panel Display

c POWER

This LED comes on when the switch is properly connected to power and turned on. d Port Status LEDs

The LEDs are located at the left side of the front panel, displaying status for each respective port. Please refer to the following table for more details.

10/100TX

Link/ACT

10/100

On

Flashing

On

Off

A valid network connection established

Transmitting or receiving data

ACT stands for ACTIVITY

Communication speed is 100Mbps

Communication speed is 10Mbps

10/100/1000TX, 1000SX/LX

On

Link/ACT

Flashing

On

A valid network connection established

Transmitting or receiving data

ACT stands for ACTIVITY

Communication speed is 1000Mbps

1000

Off Communication speed is 10/100Mbps

SFP Link

On

Off

A valid network connection established

No valid network connection established

User’s Manual 13

Black Box Hardened Managed Ethernet Switch

Physical Ports

The Black Box Hardened Managed Ethernet Switch provides:

14-port 10/100Base-TX Hardened Managed Ethernet Switch

13-port 10/100Base-TX + 1-port 1 00Base-FX

Hardened Managed Ethernet Sw itch

12-port 10/100Base-TX + 2-port 100Base-FX

Hardened Managed Ethernet Switch

8-port 10/100Base-TX + 2-port 100Base-FX

Hardened Managed Ethernet Switch

12-port 10/100Base-TX + 2-port SFP/RJ-45 combo Gigabit

Hardened Managed Ethernet Switch

12-port 10/100Base-TX + 1-port Gigabit

Hardened Managed Ethernet Switch

12-port 10/100Base-TX + 2-port Gigabit

Hardened Managed Ethernet Switch

8-port 10/100Base-TX + 1-port Gigabit

Hardened Managed Ethernet Switch

8-port 10/100Base-TX + 2-port Gigabit

Hardened Managed Ethernet Switch

CONNECTIVITY z z z

SC connectors on 1000SX/LX ports

SC and ST connectors on 100FX ports

RJ-45 connectors on TX ports

MODE SELECTION z z z z z z

10Base-T full-duplex mode

10Base-T half-duplex mode

100Base-TX/FX full-duplex mode

100Base-TX half-duplex mode

1000Base-T/SX/LX full-duplex mode

Auto-negotiating mode

14 User’s Manual

Black Box Hardened Managed Ethernet Switch

Switch Management

Web-based browser interface

The switch also boasts a point-and-click browser-based interface that lets user access full switch configuration and functionality from a

Netscape or Internet Explorer browser.

Administration console via RS-232 serial port (CLI)

The switch provides an onboard serial port, which allows the switch to be configured via a directly connected terminal.

External SNMP-based network management application

The switch can also be configured via SNMP.

User’s Manual 15

Black Box Hardened Managed Ethernet Switch

Installation

This chapter gives step-by-step in install the switch: structions about how to

As with any electric device, yo where it will not be subjected u should place the switch

to extreme temperatures, humidity, or electromagnetic interferenc e. Specifically, the site you select should meet the following r equirements:

-The ambient temperature should be betw een -40°C to 75℃ (-40 to 167 ).

-The relative humidity should be less than 95 percent, non-condensing.

-Surrounding electrical devices should not exceed the electromagnetic field

(RFC) standards.

-Make sure that the switch receives adequate ventilation. Do not block the ventilation holes on each side of the switch.

Connecting to Power

12VDC DC Jack

Step 1: Connect the supplied AC to DC power adapter to the receptacle on the back of the switch.

Step 2: Connect the power cord to the AC to DC power adapter and attach the plug into a standard AC outlet with the appropriate AC voltage.

DC Terminal Block power input

Step 1: Connect the supplied DC power cord to the terminal block on the back of the switch, and then plug it into a standard DC outlet with a voltage range from 12 to 32 VDC. Turn on the DC power supply.

Step 2: Turn off the DC power supply if you want to shut down the switch.

16 User’s Manual

Black Box Hardened Managed Ethernet Switch

Rear view

Connecting to Your Network

Cable Type & Length

It is necessary to follow the cable specifications below when connecting the switch to your network. Use appropriate cables that meet your speed and cabling requirements.

Cable Specifications

User’s Manual 17

Black Box Hardened Managed Ethernet Switch

Spee d

Half/F ull

Duple x

Cable Ma x.

Distan

100 m

UTP/STP

Cat. 3, 4, 5

100Base-TX RJ-45 100/200

Mbps UTP/STP

Cat. 5

100Base-FX

(*Wavelength of

1300nm)

100Base-FX

(*Wavelength of

1300nm)

1000Base-SX

(*Wavelength of

850nm)

1000Base-LX

(*Wavelength of

1300nm)

ST, SC

SC

SC

SC

100 m

100 m

UTP/STP

Cat. 5

200 Mbps 50 or

62.5/125µm multi-mode fiber

2 km

200 Mbps 9 or

10/125µm single-mode fiber

75 km

2000 Mbps 50 or

62.5/125µm multi-mode fiber

2000 Mbps 9 or

10/125µm single-mode fiber

550 m

50 km

ce

18 User’s Manual

Black Box Hardened Managed Ethernet Switch

Cabling

Step 1: First, ensure the power of the switch and end devices are turned off.

<Note> Always ensure that the power is off before any installation.

Step 2: Prepare cable with corresponding connectors for each type of port in use.

Step 3: Consult Cable Specifications Table on previous page for cabling requirements based on connectors and speed.

Step 4: Connect one end of the cable to the switch and the other end to a desired device.

Step 5: Once the connections between two end devices are made successfully, turn on the power and the switch is operational.

User’s Manual 19

Black Box Hardened Managed Ethernet Switch

Switch Management

This chapter explains the meth configure management access to types of management applicatio and the communication and management protocols that ods that you can use to

the switch. It describes the ns

deliver data between your management device (workstation the system. It also contains inform options.

or personal computer) and ation about port connection

This chapter covers the following topics:

Management Access Overview

Key Concepts

Key Guidelines for Implementation

Web Management Access

Administration Console Access

SNMP Access

Standards, Protocols, and Related Reading

Management Access Overview

The switch gives you the flexibility to access and manage the switch using any or all of the following methods.

The web browser interface and administration console (CLI) support are embedded in the switch software and are available for immediate use.

20 User’s Manual

Black Box Hardened Managed Ethernet Switch

Administration Console (C LI)

The administration cons

Command Line Interface administration such as di settings. ole is an internal, character-o

(CLI) for performin splaying statistics or chan riented, g system ging option

Using this method, you can view from a terminal, personal comp workstation connected to the swit

the administration console uter, Apple Macintosh, or ch’s console port.

There are two ways to use this m access or modem access. The these methods. anagement method: direct following sections describe

Direct Access

Direct access to the administration console is achieved by directly connecting a terminal or a PC equipped with a terminal-emulation program (such as HyperTerminal) to the switch console port.

When using the management method, configure the terminal-emulation program to use the following parameters (you can change these settings after login):

[DEFAULT PARAMETERS]

♦ 115,200bps

♦ 8 data bits

♦ No parity

♦ 1 stop bit

This management method is often preferred because you can remain connected and monitor the system during system reboots. Also, certain error messages are sent to the serial port, regardless of the interface through which the associated action was initiated. A Macintosh or PC attachment can use any terminal-emulation program for connecting to the terminal serial port. A workstation attachment under UNIX can use an emulator such as TIP.

User’s Manual 21

Black Box Hardened Managed Ethernet Switch

Modem Access

You can access the switch’s adminis tration console from a PC or

Macintosh using an external modem a ttached to the console port. The switch management program provides Co nsole Port

screen, accessible from the Basic Management screen that lets you configure parameters for modem access.

When you have configured the external modem from the administration console, the switch transmits character on the modem port. The switch echoe s that you have entered as output s characters that it receives as input on the modem port to the curren t administration console session.

The console appears to be directly conn ected to the external modem.

Web Management

The switch provides a browse r interface that lets you configure and manage the switch re motely.

After you set up your IP address for the switch, you can access the switch’s web interface applications directly in your web browser by entering the IP address of the switch. You can then use your web browser to list and manage switch configuration parameters from one central location, just as if you were directly connected to the switch’s console port.

SNMP-Based Network Management

You can use an external SNMP-based application to configure and manage the switch. This management method requires the SNMP agent on the switch and the SNMP

Network Management Station to use the same community string. This management method, in fact, uses two community strings: the get community string and the set community string. If the SNMP Network management station only knows the set community string, it can read and write to the MIBs. However, if it only knows the get community string, it can only read MIBs. The default get and set community strings for the switch are public.

22 User’s Manual

Black Box Hardened Managed Ethernet Switch

Protocols

The switch supports the following protocols:

VIRTUAL TERMINAL PROTOCOLS, SUCH AS TELNET

A virtual terminal protocol is a software p you to establish a management session f rogram, such as Telnet, that allows rom a Macintosh, a PC, or a UNIX workstation. Because Telnet runs over TC P/IP, you must have at least one IP address configured on the switch before y ou can establish access to it with a virtual terminal protocol.

<Note> Terminal emulation is different from a virtual terminal protocol in that you must connect a terminal directly to the console port.

SIMPLE NETWORK MANAGEMENT PROTOCOL (SNMP)

SNMP is the standard management protocol for multivendor IP networks.

SNMP supports transaction-based queries that allow the protocol to format messages and to transmit information between reporting devices and data-collection programs. SNMP runs on top of the User Datagram Protocol

(UDP), offering a connectionless-mode service.

Management Architecture

All of the management application modules use the same

Messaging Application Programming Interface (MAPI). By unifying management methods with a single MAPI, configuration parameters set using one method (e.g. console port) are immediately displayed the other management methods (e.g. SNMP agent of web browser).

The management architecture of the switch adheres to the

IEEE open standard. This compliance assures customers that the switch is compatible with, and will interoperate with other solutions that adhere to the same open standard.

User’s Manual 23

Black Box Hardened Managed Ethernet Switch

Web-Based Browser Management

The switch provides a web-based browser interface for configuring and managing the switch. This interface allows you to access the switch using a preferred web browser.

This chapter describes how to configure the switch using its web-based browser interface.

24 User’s Manual

SNMP & RMON M anagement

This chapter describes the

Management Protocol (SNMP)

(RMON) capabilities. switch’s Simple Network

and Remote Monitoring

Overview

RMON is an abbreviation for the Remote Monitoring MIB

(Management Information Base).

by the Internet Engineering Task

1757, which defines how networks can be monitored remotely.

RMON is a system defined

Force (IETF) document RFC

RMONs typically consist of two components: an RMON probe and a management workstation:

- The RMON probe is an intelligent device or software agent that continually collects statistics about a LAN segment or VLAN. The RMON probe transfers the collected data to a management workstation on request or when a pre-defined threshold is reached.

- The management workstation collects the statistics that the RMON probe gathers. The workstation can reside on the same network as the probe, or it can have an in-band or out-of-band connection to the probe.

The switch provides RMON capabilities that allow network administrators to set parameters and view statistical counters defined in MIB-II, Bridge MIB, and RMON MIB. RMON activities are performed at a Network Management Station running an SNMP network management application with graphical user interface.

SNMP Agent and MIB-2 (RFC 1213)

The SNMP Agent running on the switch manager CPU is responsible for:

User’s Manual 25

Black Box Hardened Managed Etherne t S witch

- Retrieving MIB counters from various lay to the SNMP GET/GET NEXT frame me ers of software modules according ssages.

- Setting MIB variables according to the SNMP SET frame message.

- Generating an SNMP TRAP frame mes

Station if the threshold of a certain MIB sage to the Network Management

counter is reached or if other trap conditions (such as the following) are m et:

WARM START

COLD START

LINK UP

LINK DOWN

AUTHENTICATION FAILURE

RISING ALARM

FALLING ALARM

TOPOLOGY ALARM

MIB-II defines a set of manageable objects in various layers of the TCP/IP protocol suites. MIB-II covers all manageable objects from layer 1 to layer 4, and, as a result, is the major

SNMP MIB supported by all vendors in the networking industry. The switch supports a complete implementation of

SNMP Agent and MIB-II.

RMON MIB (RFC 1757) and Bridge MIB (RFC

1493)

The switch provides hardware-based RMON counters in the switch chipset. The switch manager CPU polls these counters periodically to collect the statistics in a format that complies with the RMON MIB definition.

RMON Groups Supported

The switch supports the following RMON MIB groups defined in RFC 1757:

- RMON Statistics Group – maintains utilization and error statistics for the switch port being monitored.

26 User’s Manual

Black Box Hardened Managed Ethernet Switch

- RMON History Group – gathers and stores the previous Statistics Group.

periodic statis tical samples from

- RMON Alarm Group – allow s a network administrator to define alarm thresholds for any MIB variable.

An alarm can be associated with Low

Threshold, High Threshold, or both. A trigger can trigger an alarm when the value of a specific MIB variable exceeds a threshold, falls below a threshold, or exceeds or falls below a threshold.

- RMON Event Group – allows a network administrator to define actions based on alarms. SNMP Traps are generated when RMON Alarms are triggered. The action taken in the Network Management Station depends on the specific network management application.

Bridge Groups Supported

The switch supports the following four groups of Bridge MIB (RFC 1493):

- The dot1dBase Group – a mandatory group that contains the objects applicable to all types of bridges.

- The dot1dStp Group – contains objects that denote the bridge’s state with respect to the Spanning Tree Protocol. If a node does not implement the

Spanning Tree Protocol, this group will not be implemented. This group is applicable to any transparent only, source route, or SRT bridge that implements the Spanning Tree Protocol.

- The dot1dTp Group – contains objects that describe the entity’s transparent bridging status. This group is applicable to transparent operation only and

SRT bridges.

- The dot1dStatic Group – contains objects that describe the entity’s destination-address filtering status. This group is applicable to any type of bridge which performs destination-address filtering.

User’s Manual 27

Black Box Hardened Managed Ethernet Switch

Web-Based Browser Management

The switch provides a web-based browser interface for configuring and managing the switch. This interface allows you to access the switch using a preferred web browser.

This chapter describes how to configure the switch using its web-based browser interface.

Logging on to the switch

SWITCH IP ADDRESS

In your web browser, specify the IP address of the switch. Default IP address is 192.168.1.10.

LOGIN

Enter the factory default login ID: root.

28 User’s Manual

Black Box Hardened Managed Ethernet Switch

PASSWORD

Enter the factory default password (no password).

Or enter a user-defined password if you followed the instructions later and changed the factory default password.

Then click on the “Login” button to log on to the switch.

User’s Manual 29

Black Box Hardened Managed Ethernet Switch

Understanding the Browser Interface

The web browser interface provid buttons at the left field of the es gro ups of point-and-click screen for configuring and managing the switch.

SYSTEM

System Information, System/Password, IP Address, Save Configuration,

Firmware Upgrade, Reboot, Logout

PORT

Configuration, Port Status, Rate Control, RMON Statistics, Per Port Vlan

Activities

SWITCHING

Bridging, Static MAC Entry, Port Mirroring

TRUNKING

Port Trunking

STP

Global Configuration, RSTP Port Setting, Ring Setting

30 User’s Manual

Black Box Hardened Managed Ethernet Switch

VLAN

VLAN Mode Setting, 802.1Q VLAN Port Setting, 802.1Q Port Setting, Port

Based VLAN

QOS

Global Configuration, 802.1p priority, DSCP

SNMP

SNMP General Setting, SNMP v1/v2c, SNMP v3

802.1X

Radius Configuration, Port-Based Authentication

OTHER PROTOCOLS

GVRP, IGMP Snooping, NTP

User’s Manual 31

Black Box Hardened Managed Ethernet Switch

System

System Information

View System information, VLAN ID, IP Address, and IP Subnet Mask of the

Switch.

32 User’s Manual

Black Box Hardened Managed Ethernet Switch

System Name/Password

1. System Name: Click in “System Name” text box. Type a system name if it is blank, or replace the current system name with a new one.

2. Updating setting: Click “Updating setting” button to update your settings.

3. Password: Click in “Password” text box. Type a password.

4. Retype Password: Click in “Retype Password” text box. Type the same password in “Password” text box again to verify it.

5. Updating setting: Click “Updating setting” button to update your settings.

User’s Manual 33

Black Box Hardened Managed Ethernet Switch

IP Address

1. IP Address: Click in “IP Address” text box and type a new address to change the IP Address.

2. IP Subnet Mask: Click in “IP Subnet Mask” text box and type a new address to change the IP Subnet Mask.

3. Submit: Click “Submit” button when you finished these selections.

4. You need to enter the new IP address on the browser and reconnect to the switch after IP or subnet mask are changed.

5. Default Gateway: Click “Default Gateway” drop-down menu to choose

“Disable” or “Enable” from the “Default Gateway” drop-down list to disable or enable Default Gateway Setting for the switch.

Click the text box and type a new address to change the Default

Gateway. (Need to choose “Enable” from the “Default Gateway” drop-down menu.)

6. Submit: Click “Submit” button when you finished Default Gateway.

7. DNS Server: Click “DNS Server” drop-down menu to choose “Disable” or “Enable” from the “DNS Server” drop-down list to disable or enable

DNS Server Setting for the switch.

Click the text box and type a new address to change the DNS Server.

(Need to choose “Enable” from the “DNS Server” drop-down menu.)

8. Submit: Click “Submit” button when you finished DNS Server.

34 User’s Manual

Black Box Hardened Managed Ethernet Switch

Save Configuration

1. Load config from TFTP server:

Click in “TFTP Server” text box and type the TFTP server IP address from where the file will be obtained.

Click in “FILE” text box and type the name of the file that will be obtained.

Click “Load” button to load the file from the TFTP server.

2. Backup config to TFTP server:

Click in “TFTP Server” text box and type the TFTP server IP address to where the file will be back upped.

Click in “FILE” text box and type the name of the file that will be back upped.

Click “Backup” button to backup the file to the TFTP server.

3. Save Configuration: Click “Save Configuration” button to save your configuration settings.

4. Restore Default: Click “Restore Default” button to restore the default settings of the switch.

5. Auto save: Click “Auto save” drop-down menu to choose “Disable” or

“Enable” from the “Auto save” drop-down list to disable or enable Auto save for the switch.

6. Auto save interval (5~65536 sec): Click in “Auto save interval” text box and type a decimal number between 5 and 65536.

7. Submit: Click “Submit” button when you finished Auto save configuration.

User’s Manual 35

Black Box Hardened Managed Ethernet Switch

Firmware Upgrade

1. Filename: Click in “Filename” text box and type the name of the file that you intend to upgrade it to the switch.

2. TFTP server IP: Click in “TFTP server IP” text box and type the TFTP server IP address from where the file will be obtained.

3. Upgrade: Click “upgrade” button to upgrade firmware to the switch.

Please follow the message on the screen during the firmware upgrade process. Do not turn off the power or perform other functions during this period of time. Reboot the switch after completing the upgrade process.

36 User’s Manual

Black Box Hard ened Managed Ethernet Switch

Please follow the message on the screen during the firmware upgrade process. Do not turn off the power or perform other functions during this period of time.

User’s Manual 37

Black Box Hardened Managed Ethernet Switch

38 User’s Manual

Black Box Hardened Managed Ethernet Switch

Firmware has been upgraded successfully to the switch. Reboot the switch after completing the upgrade process.

User’s Manual 39

Black Box Hardened Managed Etherne t S witch

Reboot

Reboot: Click “Reboot” button to restart the switch.

40 User’s Manual

Black Box Hardened Managed Ethernet Switch

Logout

Logout: Click “Logout” button to logout of the switch.

User’s Manual 41

Black Box Hardened Managed Ethernet Switch

Port

Configuration

1. Admin Setting: Click “Admin Setting” drop-down menu to choose “Link down” or “Link up” from the “Admin Setting” drop-down list to disable or enable Admin Setting for the port.

2. Speed: Click “Speed” drop-down menu to change the line speed and duplex settings from the “Speed” drop-down list for the port.

3. Flow control: Click “Flow control” drop-down menu to choose “Disable” or “Enable” from the “Flow control” drop-down list to disable or enable

Flow control for the port.

4. Submit: Click “Submit” button when you finished configurations.

42 User’s Manual

Black Box Hardened Managed Ethernet Switch

Port Status

View the Link Status, Speed, Duplex, and Flow control status for all ports.

User’s Manual 43

Black Box Hardened Managed Ethernet Switch

Rate Control

1. Ingress: Click in “Ingress” text box and type a new Rate to change the

Ingress Rate Control for the port.

Rate Values: 64kbps, 128kbps, 192kbps, … , 1.792mbps; 2mbps,

3mbps, 4mbps, … , 100mbps; 104mbps, 112mbps, 120mbps, … ,

1000mbps.

2. Egress: Click in “Egress” text box and type a new Rate to change the

Egress Rate Control for the port.

Rate Values: 64kbps, 128kbps, 192kbps, … , 1.792mbps; 2mbps,

3mbps, 4mbps, … , 100mbps; 104mbps, 112mbps, 120mbps, … ,

1000mbps.

3. Update setting: Click “Update setting” button when you finished these

Rate Control settings.

44 User’s Manual

Black Box Hardened Managed Ethernet Switch

RMON Statistics

Click Port 1 ~ Port 14 to view corresponding RMON Statistics.

User’s Manual 45

Black Box Hardened Managed Ethernet Switch

Per Port Vlan Activities

Click Port 1 ~ Port 14 to view corresponding vlan activities.

46 User’s Manual

Switching

Black Box Hardened Managed Ethernet Switch

Bridging

1. Aging Time (seconds): Click the text box and type a decimal number as

Bridging Aging Time in seconds.

2. Update setting: Click “update setting” button when you finished Aging

Time settings.

3. Threshold level (0-100): Click in “Level” text box and type a decimal number for the port. Need to choose “Broadcast” and/or

“DFL-Multicast“ from “Storm-control enabled type” for the port. DLF

(Destination Lookup Failure).

4. Storm-control enabled type: Choose “Broadcast” and/or “DLF-Multicast” from “Storm-control enabled type” for the port.

5. Update Setting: Click “Update Setting” button when you finished

Threshold level and Storm-control enabled type settings.

User’s Manual 47

Black Box Hardened Managed Ethernet Switch

Static MAC Entry

Static-MAC-Entry Forward:

1. Add MAC address: Click in “Add MAC address” text box and type a locked forwarding MAC address for the port.

2. VLAN ID: Click “VLAN ID” drop-down menu and choose a VLAN ID from the “VLAN ID” drop-down list.

3. Delete MAC address: Click “Delete MAC address” drop-down menu and choose a locked forwarding MAC address from the “Delete MAC address” drop-down list to be deleted from the port.

4. Submit: Click “Submit” button when you finished Static-MAC-Entry

Forward settings.

Static-MAC-Entry Discard:

1. Add MAC address: Click in “Add MAC address” text box and type a

MAC address to be discarded for the port.

2. VLAN ID: VLAN ID: Click “VLAN ID” drop-down menu and choose a

VLAN ID from the “VLAN ID” drop-down list.

48 User’s Manual

Black Box Hardened Managed Ethernet Switch

3. Delete MAC address: Click “Delete MAC address” drop-down menu and choose a MAC address from the “Delete MAC address” drop-down list to be discarded from the port.

4. Submit: Click “Submit” button when you finished Static-MAC-Entry

Discard settings.

Port Mirroring

1. Mirror From: Choose Mirror From port from Port 1 ~ Port 14.

2. Mirror To: Click “Mirror To” drop-down menu to Choose Mirror To port

(Port 1 ~ Port 14) from “Mirror To” drop-down list.

3. Mirror Mode: Click “Mirror Mode” drop-down menu to Choose “Tx/Rx”,

“Tx”, or “Rx” from “Mirror Mode” drop-down list.

4. Submit: Click “Submit” button when you finished Port Mirroring settings.

User’s Manual 49

Black Box Hardened Managed Ethernet Switch

Trunking

Port Trunking

Static Channel Group:

1. Trunk 1: Click Port 1 ~ Port 12 to assign ports to Trunk 1. (Maximum 4 ports in Trunk 1.)

GE Trunking:

1. Trunk 3: Click “Static” or “Disable” for Trunk 3.

2. Submit: Click “Submit” button when you finished Port Trunking settings.

50 User’s Manual

STP / Ring

Black Box Hardened Managed Ethernet Switch

Global Configuration

1. Spanning Tree Protocol: Click “Spanning Tree Protocol” drop-down menu to Choose “Enable” or “Disable” from “Spanning Tree Protocol” drop-down list to enable or disable Spanning Tree Protocol.

2. Bridge Priority (0..61440): Click in “Bridge Priority” text box and type a decimal number between 0 and 61440.

3. Hello Time (sec) (1..9): Click in “Hello Time” text box and type a decimal number between 1 and 9.

4. Max Age (sec) (6..28): Click in “Max Age” text box and type a decimal number between 6 and 28.

5. Forward Delay (sec) (4..30): Click in “Forward Delay” text box and type a decimal number between 4 and 30.

6. STP Version: Click “STP Version” drop-down menu to choose “RSTP” or

“STP compatible” from “STP Version” drop-down list.

7. Update setting: Click “Update setting” button when you finished Global

User’s Manual 51

Black Box Hardened Managed Ethernet Switch

Configuration.

RSTP Port Setting

1. STP Version: Click “STP Version” drop-down menu to choose “RSTP” from “STP Version” drop-down list.

2. Port: Click “Port” drop-down menu to Choose Port 1 ~ Port 14 from

“Port” drop-down list.

3. Priority(Granularity 16): Click in “Priority” text box and enter a value between 0 and 240 to set the priority for the port. A higher priority will designate the port to forward packets first. A lower number denotes a higher priority. This entry must be divisible by 16. The default priority setting is 128.

4. Admin. Path Cost: Click in “Admin. Path Cost” text box and enter a value between 0 and 2000000 to set the Admin. Path Cost for the port. 0 (auto)

- Setting 0 for the Admin. Path Cost will automatically set the speed for forwarding packets to the port for optimal efficiency. Default port cost:

100Mbps port = 200000. Gigabit port = 20000.

5. Point to Point Link: Click “Point to Point Link” drop-down menu to

Choose “Enable” or “Disable” from “Point to Point Link” drop-down list to enable or disable Point to Point Link for the port.

6. Edge Port: Click “Edge Port” drop-down menu to Choose “Enable”,

“Disable”, or “Auto” from “Edge Port” drop-down list to set Enable,

Disable, or Auto Edge Port for the port.

7. Update setting: Click “Update setting” button when you finished RSTP

52 User’s Manual

Port Setting.

Black Box Hardened Managed Ethernet Switch

Ring Setting

Ring state

1. Click “Ring state” drop-down menu from “Ring state” drop-down list to choose “Enable” or “Disable” to enable or disable Ring state.

2. Update setting: Click “Update setting” button when you finished Ring state setting.

Set ring port

1. Ring port 1: Click “Ring port 1” drop-down menu to choose Ring port 1 from “Ring port 1” drop-down list.

2. Ring port 2: Click “Ring port 2” drop-down menu to choose Ring port 2 from “Ring port 2” drop-down list.

3. Update setting: Click “Update setting” button when you finished Set ring port.

User’s Manual 53

Black Box Hardened Managed Etherne t S witch

VLAN

VLAN Mode Setting

1. VLAN Mode Setting: Click “VLAN Mode Setting” drop-down menu to

Choose “Tag-based VLAN” or “Port-based VLAN” from “VLAN Mode

Setting” drop-down list.

2. Update Setting: Click “Update Setting” button when you finished VLAN

Mode Setting.

54 User’s Manual

Black Box Hardened Managed Ethernet Switch

User’s Manual 55

Black Box Hardened Managed Etherne t S witch

802.1Q VLAN Setting

Add VLAN:

1. VLAN setting: Click “VLAN setting”. The “VLAN Setting” window appears.

2. Add VLAN: Click “Add VLAN” button to create a new VLAN from “VLAN

Setting” window.

3. VLAN ID(2-4094): Click in the “VLAN ID” textbox and specify a new

VLAN ID number from 2 ~ 4094.

4. VLAN Name: Click in the “VLAN Name” textbox and type a name for this newly created VLAN.

Add port to or delete port from VLAN:

1. VLAN Member: Choose the port to be added to or deleted from the

VLAN.

2. Tag or Untag: Click “Tag or Untag” drop-down menu to Choose “Tag” or

“Untag” from “Tag or Untag” drop-down list for a “Hybrid” port.

3. Submit: Click “Submit” button when you finished VLAN setting.

56 User’s Manual

Black Box Hardened Managed Ethernet Switch

Delete VLAN:

1. VLAN setting: Click “VLAN setting”. The “VLAN Setting” window appears.

2. Delete VLAN: Click “Delete VLAN” button.

3. Select a VLAN ID: Click “Select a VLAN ID” drop-down menu from

“Select a VLAN ID” drop-down list to choose the VLAN to be deleted.

4. Submit: Click “Submit” button when you finished VLAN setting.

User’s Manual 57

Black Box Hardened Managed Ethernet Switch

802.1Q Port Setting

1. VLAN Port Setting: Click “VLAN Port Setting”. The “VLAN Port Setting” window appears.

2. Mode: Click “Mode” drop-down menu to Choose “Access”, “Trunk”, or

“Hybrid” from “Mode” drop-down list for the port. The port will be Tag port if you choose “Trunk” Mode for the port. And the port will be Tag or

Untag port if you choose “Hybrid” Mode for the port.

3. PVID: Click in the “PVID” textbox and specify a new PVID number for the port.

4. Update Setting: Click “Update Setting” button when you finished VLAN

Port Setting.

58 User’s Manual

Black Box Hardened Managed Ethernet Switch

Port Based VLAN

1. VLAN: Choose the port to be added to or deleted from the VLAN.

User’s Manual 59

Black Box Hardened Managed Ethernet Switch

2. Select all: Click “select all” button to choose Port 1 ~ Port 14 all to be added to the VLAN.

3. Delete all: Click “delete all” button to choose Port 1 ~ Port 14 all to be deleted from the VLAN.

4. Submit: Click “Submit” button when you finished Port Based VLAN setting.

60 User’s Manual

QoS

Black Box Hardened Managed Ethernet Switch

Global Configuration

1. QoS: Click “QoS” drop-down menu from “QoS” drop-down list to choose

“Enable” or “Disable” to enable or disable QoS.

2. Trust: Enable or disable the switch port to trust the CoS (Class of

Service) labels of all traffic received on that port. Enable or disable a routed port to trust the DSCP (Differentiated Service Code Point) labels of all traffic received on that port.

3. Policy: Choose “Strict Priority(Queue3) + WRR(Queue0-2)” or

“WRR(Queue0-3)”. A strict priority queue is always emptied first. The queues that are used in the WRR (Weighted Round Robin) are emptied in a round−robin fashion, and you can configure the weight for each queue.

4. Weighted Round Robin: Click in the “Weight(1~55)” textbox and specify a new number from 1 ~ 55 for Queue 0 ~ 3.

5. Submit: Click “Submit” button when you finished Global Configuration.

User’s Manual 61

Black Box Hardened Managed Ethernet Switch

802.1p Priority

1. Priority: Click “Priority” drop-down menu from “Priority” drop-down list to choose 0 ~ 3 for VLAN Priority 0 ~ 7.

2. Submit: Click “Submit” button when you finished 802.1p priority.

62 User’s Manual

Black Box Hardened Managed Ethernet Switch

DSCP

1. Priority: Click “Priority” drop-down menu from “Priority” drop-down list to choose 0 ~ 3 for DSCP Priority 0 ~ 63.

2. Submit: Click “Submit” button when you finished DSCP.

User’s Manual 63

Black Box Hardened Managed Ethernet Switch

SNMP

SNMP General Setting

1. SNMP Status: Click “SNMP Status” drop-down menu from “SNMP

Status” drop-down list to choose “Enable” or “Disable” to enable or disable SNMP.

2. Description: Click in the “Description” textbox and specify a new description for SNMP.

3. Location: Click in the “Location” textbox and specify a new location for

SNMP.

4. Contact: Click in the “Contact” textbox and specify a new contact for

64 User’s Manual

Black Box Hardened Managed Ethernet Switch

SNMP.

5. Trap Community Name: For each “Trap Community Name”, Click in the

“Trap Community Name” textbox and specify a trap community name.

6. Trap Host IP Address: For each “Trap Host IP Address”, Click in the

“Trap Host IP Address” textbox and specify a trap host IP address.

7. Cold Start Trap: Click “Cold Start Trap” drop-down menu from “Cold

Start Trap” drop-down list to choose “Enable” or “Disable” to enable or disable cold start trap.

8. Warm Start Trap: Click “Warm Start Trap” drop-down menu from “Warm

Start Trap” drop-down list to choose “Enable” or “Disable” to enable or disable warm start trap.

9. Link Down Trap: Click “Link Down Trap” drop-down menu from “Link

Down Trap” drop-down list to choose “Enable” or “Disable” to enable or disable link down trap.

10. Link Up Trap: Click “Link Up Trap” drop-down menu from “Link Up Trap” drop-down list to choose “Enable” or “Disable” to enable or disable link up trap.

11. Authentication Failure Trap: Click “Authentication Failure Trap” drop-down menu from “Authentication Failure Trap” drop-down list to choose “Enable” or “Disable” to ena trap. ble or disable authentication failure

12. Topology Change Trap: Click “Topology Change Trap” drop-down menu from “Topology Change Trap” drop-down list to choose “Enable” or

“Disable” to enable or disable topology change trap.

13. Update Setting: Click “Update Setting” button when you finished SNMP

General Setting.

User’s Manual 65

Black Box Hardened Managed Ethernet Switch

SNMP v1/v2c

1. Get Community Name: Click in the “Get Community Name” textbox and specify a get community name.

2. Set Community Name: Click in the “Set Community Name” textbox and specify a set community name.

3. Update Setting: Click “Update Setting” button when you finished SNMP

V1/V2c Setting.

66 User’s Manual

Black Box Hardened Managed Ethernet Switch

SNMP v3

Add User:

1. Add User: Click “Add User” button. The “SNMP V3 Setting” window appears.

2. SNMP Version: Click “SNMP Version” drop-down menu from “SNMP

Version” drop-down list to choose “SNMPv3 No-Auth”, “SNMPv3

Auth-MD5”, “SNMPv3 Auth-SHA”, “SNMPv3 Priv Auth-MD5”, or

“SNMPv3 Priv Auth-SHA”. y SNMPv3 No-Auth: Add a user using SNMP v3 without authentication. y SNMPv3 Auth-MD5: Add a user using SNMP v3 with authentication.

Click in the “Auth. Password” textbox and specify an authentication password. y SNMPv3 Auth-SHA: Add a user using SNMP v3 with authentication.

Click in the “Auth. Password” textbox and specify an authentication password. y SNMPv3 Priv Auth-MD5: Add a user using SNMP v3 with authentication and privacy. Click in the “Auth. Password” textbox and specify an authentication password. Click in the “Privacy

PassPhrase” textbox and specify a privacy pass phrase. y SNMPv3 Priv Auth-SHA: Add a user using SNMP v3 with authentication and privacy. Click in the “Auth. Password” textbox and specify an authentication password. Click in the “Privacy

PassPhrase” textbox and specify a privacy pass phrase.

3. User Name: Click in the “User Name” textbox and specify a user name for user using SNMP v3.

4. Access Mode: Click “Access Mode” drop-down menu from “Access

Mode” drop-down list to choose “Read Only” or “Read/Write”. y Read Only: Add a user using SNMP v3 with read-only access mode.

User’s Manual 67

Black Box Hardened Managed Ethernet Switch y Read/Write: Add an user using SNMP v3 with read-write access mode

5. Sumit: Click “Sumit” button when you finished SNMP V3 Setting.

Delete User:

1. Delete User: Click “Delete User” button. The “Select User Name” window appears.

2. Select User Name: Click “Select User Name” drop-down menu from

“Select User Name” drop-down list to choose the user to be deleted from using SNMP v3.

3. Sumit: Click “Sumit” button when you finished user deletion.

68 User’s Manual

802.1x

Black Box Hard ened Managed Ethern et Switch

Radius Configuration

1. Radius Status: Click “Radius Status” drop-down menu from “Radius

Status” drop-down list to choose “Enable” or “Disable” to globally enable or disable authentication.

2. Update Setting: Click “Update Setting” button when you finished Radius

Status Setting.

User’s Manual 69

Black Box Hardened Managed Ethernet Switch

Add Radius:

1. Add Radius: Click “Add Radius” button. The “Radius Server Setting” window appears.

2. Radius Server IP: Click in the “Radius Server IP” textbox and specify the

IP address of the remote radius server host.

3. Radius Server Port: Click in the “Radius Server Port” textbox and specify the UDP destination port for authentication requests. The host is not used for authentication if set to 0.

4. Secret Key: Click in the “Secret Key” textbox and specify the authentication and encryption key for all radius communications between the Switch and radius server. This key must match the encryption used on the radius daemon. All leading spaces are ignored, but spaces within and at the end of the key are used. If spaces are used in the key, do not enclose the key in quotaion marks unless the quotation marks themselves are part of the key.

5. Timeout <1-1000>: Click in the “Timeout” textbox and specify the time interval (in seconds) that the Switch waits for the radius server to reply before retransmitting. Enter a value in the range 1 to 1000.

6. Retransmit <1-100>: Click in the “Retransmit” textbox and specify the number of times a radius request is resent to a server if that server is not responding or responding slowly. Enter a value in the range 1 to 100.

7. Sumit: Click “Sumit” button when you finished Radius Server Setting.

70 User’s Manual

Black Box Hardened Managed Ethernet Switch

Delete Radius:

1. Delete Radius: Click “Delete Radius” button. The “Select Radius Server

IP” window appears.

2. Select Radius Server IP: Click “Select Radius Server IP” drop-down menu from “Select Radius Server IP” drop-down list to choose the IP address of the remote radius server host to be deleted.

3. Sumit: Click “Sumit” button when you finished radius server deletion.

User’s Manual 71

Black Box Hardened Managed Ethernet Switch

Port-Based Authentication

1. Interface: Click “Interface” drop-down menu from “Interface” drop-down list to choose the port to be set port-based authentication.

2. Authentication State: Click “Authentication State” drop-down menu from

“Authentication State” drop-down list to choose “Enable” or “Disable” to enable or disable authentication state.

3. Port Control: Click “Port Control” drop-down menu from “Port Control” drop-down list to choose “Auto”, “Force Authorized”, or “Force

Unauthorized” to force a port state. “Auto” specifies to enable authentication on port. “Force Authorized” specifies to force a port to always be in an authorized state. “Force Unauthorized” specifies to force a port to always be in an unauthorized state.

4. Periodic Reauthentication: Click “Periodic Reauthentication” drop-down menu from “Periodic Reauthentication” drop-down list to choose

“Enable” or “Disable” to enable or disable periodic reauthentication.

5. Reauthentication Period <1-4294967295>: Click in the

“Reauthentication Period” textbox and specify the seconds between reauthorization attempts. The default time is 3600 seconds.

72 User’s Manual

Black Box Hardened Managed Ethernet Switch

6. Update Setting: Click “Update Setting” button when you finished port-based authentication setting.

User’s Manual 73

Black Box Hardened Managed Ethernet Switch

Other Protocols

GVRP

GVRP Global Setting:

1. GVRP: Click “GVRP” drop-down menu from “GVRP” drop-down list to choose “Enable” or “Disable” to enable or disable GVRP (GARP VLAN

Registration Protocol).

2. Dynamic VLAN creation: Click “Dynamic VLAN creation” drop-down menu from “Dynamic VLAN creation” drop-down list to choose “Enable” or “Disable” to enable or disable Dynamic VLAN creation. GARP

(Generic Attribute Registration Protocol) provides IEEE802.1Q compliant VLAN pruning and dynamic VLAN creation on IEEE802.1Q trunk ports.

74 User’s Manual

Black Box Hardened Managed Ethernet Switch

3. Update Setting: Click “Update Setting” button when you finished GVRP

Global Setting.

Per port setting (include LAG):

1. GVRP: Click “GVRP” drop-down menu from “GVRP” drop-down list to choose “Enable” or “Disable” to enable or disable GVRP for the port.

2. GVRP applicant: Click “GVRP applicant” drop-down menu from “GVRP applicant” drop-down list to choose “Active” or “Normal” to the port.

Ports in the GVRP active applicant state send GVRP VLAN declarations when they are in the STP (Spanning Tree Protocol) blocking state, which prevents the STP bridge protocol data units (BPDUs) from being pruned from the other port. Ports in the GVRP normal applicant state do not declare GVRP VLANs when in the STP blocking state.

3. GVRP registration: Click “GVRP registration” drop-down menu from

“GVRP registration” drop-down list to choose “Enable” or “Disable enable or disable GVRP registration to the port. Co

” to nfiguring an

IEEE802.1Q trunk port in registratio n mode allows dynamic creation (if dynamic VLAN creation is enable d), registration, and deregistration of

VLANs on the trunk port.

4. Update Setting: Click “Update port setting.

Setting” button when you finished Per

IGMP Snooping

1. IGMP mode: Click “IGMP mode” drop-down menu from “IGMP mode” drop-down list to choose “Disable”, “Passive”, or “querier” for the switch.

Disable: Disable IGMP on the switch. Passive: The switch with only multicast-data-forwarding capability. Querier: The switch acts as the

User’s Manual 75

Black Box Hardened Managed Ethernet Switch querier for the network. There is onl y one querier on a network at any time.

2. Update Setting: Click “Update Se tting” button when you finished IGMP mode settings.

3. VLAN ID: Click “VLAN ID” drop -down menu from “VLAN ID” drop-down list to choose the VLAN under con figuration for the switch.

4. IGMP version: Click “IGMP ve rsion” drop-down menu from “IGMP version” drop-down list to choose “1”, “2”, or “3” for the switch.

5. Fast-leave: Click “fast-leave” drop-d own menu from “fast-leave” drop-down list to choose “Enable” function will allow members of or “Disable” for the switch. Enable this a multicast group to leave the group immediately when an IGMP Leave Report Packet is received by the

Switch.

IGMP querier:

1. Query-interval: Click in the “query-interval” textbox and specify a new number from 1 ~ 18000. The query-interval field is used to set the time

(in seconds) between transmitting IGMP queries. Entries between 1 and

18000 seconds are allowed. Default = 125.

2. Max-response-time: Click in the “max-response-time” textbox and specify a new number from 1 ~ 124. This determines the maximum amount of time in seconds allowed before sending an IGMP response report. The max-response-time field allows an entry between 1 and 124

(seconds). Default = 10.

IGMP passive snooping:

1. Report suppression: Click “report suppression” drop-down menu from

“report suppression” drop-down list to choose “Enable” or “Disable” for the switch. Use this command to enable report suppression for IGMP version 1 and version 2. Report suppression does not apply to IGMP version 3, and is turned off by default for IGMP versionn1 and IGMP version 2 reports. The switch uses IGMP report suppression to forward only one IGMP report per multicast router query to multicast devices.

When IGMP router suppression is enabled, the switch sends the first

IGMP report from all hosts for a group to all the multicast routers. The switch does not send the remaining IGMP reports for the group to the multicast routers. This feature prevents duplicate reports from being sent to the multicast devices.

2. Update Setting: Click “Update Setting” button when you finished IGMP

Snooping.

76 User’s Manual

Black Box Hardened Managed Ethernet Switch

NTP

NTP Setting:

1. NTP Status: Click “NTP Status” drop-down menu from “NTP Status” drop-down list to choose “Enable” or “Disable” to enable or disable NTP for the Switch.

2. NTP Server (IP Address or Domain name): Click in the “NTP Server” textbox and specify the IP address or Domain name of NTP server.

3. Sync Time: Click “Sync Time” button to synchronize time with NTP server.

4. Time Zone: Click “Tmie Zone” drop-down menu from “Tmie Zone” drop-down list to set time zone.

5. Polling Interval (1-10080 min): Click in the “Polling Interval” textbox and specify the polling interval.

6. Update Setting: Click “Update Setting” button when you finished NTP

Setting.

Daylight Saving Setting:

1. Daylight Saving Mode: Click “Daylight Saving Mode” drop-down menu from “Daylight Saving Mode” drop-down list to choose “Disable”,

User’s Manual 77

Black Box Hardened Managed Ethernet Switch

“Weekday”, or “Date” to choose disable, weekday, or date daylight saving for the Switch.

2. Time Set Offset (1-1440 min): Click in the “Time Set Offset” textbox and specify the offset time of daylight saving.

3. Daylight Saving Tmiezone: Click in the “Daylight Saving Tmiezone” textbox and specify the daylight saving timezone.

4. Weekday: Click in the textboxes and specify the daylight saving period.

5. Date: Click in the textboxes and specify the daylight saving period.

6. Update Setting: Click “Update Setting” button when you finished

Daylight Saving Setting.

78 User’s Manual

Black Box Hardened Managed Ethernet Switch

Command Line Conso le M anagement

The switch provides a comman configuration purposes. The swit d line console interface fo ch can be r

configured either locally through its RS-232 port or remotely via a Telnet session. For the later, you must s pecify an IP address for the switch first.

This chapter describes how to configure the switch using its console by Commend Line.

Administration Console

Connect the DB9 null-modem or cross over cable to the RS-232 serial port of the device to the RS-232 serial port of the terminal or computer running the terminal emulation application.

Direct access to the administration console is achieved by directly connecting a terminal or a PC equipped with a terminal-emulation program (such as

HyperTerminal) to the switch console port.

When using the management method, configure the terminal-emulation program to use the following parameters (you can change these settings after login):

[Default parameters]

115,200bps

8 data bits

No parity

1 stop bit

User’s Manual 79

Black Box Hardened Managed Ethernet Switch

Exec Mode (View Mode)

Logon to Exec Mode (View Mode)

At the switch_a login: prompt just type in “root” and press <Enter> to logon to Exec Mode (or View Mode). switch_a login: root

80 User’s Manual

Black Box Hardened Managed Ethernet Switch

Basic commands

Exec Mode (or View Mode) is the base mode from where users can perform basic commands like: clear, debug, disable, enable, exit, help, logout, no, quit, show, terminal

The CLI contains a text-based help facilit full or partial command string then typi y. Access this help by typing in the ng a question mark “?”. The CLI displays the command keywords or parameters along with a sh ort description.

At the switch_a> prompt just press <?> to list the above basic commands. switch_a>?

At the switch_a> prompt just type in the full or partial command string then typing a question mark “?” to display the command keywords or parameters along with a short description. switch_a>show ?

User’s Manual 81

Black Box Hardened Managed Ethernet Switch

Login timed out

The login session to Exec Mode (or View Mode) has timed out due to an extended period of inactivity (60 seconds) to indicate authentication attempt timed out. And the switch_a login: prompt will show on the screen.

Logon back to Exec Mode (View Mode)

At the switch_a login: prompt just type in “root” and press <Enter> to logon

82 User’s Manual

Black Box Harden ed Managed E thernet Switch back to Exec Mode (or View Mode). switch_a login: root

Exit from Exec Mode (View Mode)

At the switch_a> prompt just type in “exit” and press <Enter> to exit from

Exec Mode (or View Mode). switch_a>exit

User’s Manual 83

Black Box Hardened Managed Ethernet Switch

Privileged Exec Mode (Enab le Mode)

Logon to Privileged Exec Mode (Enable Mode)

At the switch_a> prompt just type in “ena ble” and press <Enter> to logon to

Privileged Exec Mode (or Enable Mode). show on the screen.

And the switch_a# prompt will switch_a>enable

Commands

Privileged Exec Mode (or Enable Mode) allows users to run commands as following.

At the switch_a# prompt just press <?> to list the commands. switch_a#?

84 User’s Manual

Black Box Hardened Managed Ethernet Switch

At the switch_a# prompt just type in the full or partial command string then typing a question mark “?” to display the command keywords or parameters along with a short description. switch_a#show ?

User’s Manual 85

Black Box Hardened Managed Ethernet Switch

Login timed out

The login session to Privileged Exec Mode (or Enable Mode) has timed out due to an extended period of inactivity (60 seconds) to indicate authentication attempt timed out. And the switch_a login: prompt will show on the screen.

Logon back to Exec Mode (View Mode)

At the switch_a login: prompt just type in “root” and press <Enter> to logon

86 User’s Manual

Black Box Harden ed Managed E thernet Switch back to Exec Mode (or View Mode). switch_a login: root

Exit from Privileged Exec Mode (or Enable Mode)

At the switch_a# prompt just type in “exit” and press <Enter> to exit from

Privileged Exec Mode (or Enable Mode). switch_a#exit

User’s Manual 87

Black Box Hardened Managed Ethernet Switch

Configure Mode (Configure Terminal Mode)

Logon to Configure Mode (Configure T erminal Mode)

At the switch_a# prompt just type in “con figure terminal” and press <Enter> to logon to Configure Mode (or Config ure Terminal Mode ). And the switch_a(config)#

prompt will show on the screen. switch_a#configure terminal

Commands

Configure Mode (or Configure Terminal Mode) serves as a gateway into the modes as following.

At the switch_a(config)# prompt just press <?> to list the commands. switch_a(config)#?

88 User’s Manual

Black Box Hardened Managed Ethernet Switch

At the switch_a(config)# prompt just type in the full or partial command string then typing a question mark “?” to display the command keywords or parameters along with a short description. switch_a(config)#show ?

User’s Manual 89

Black Box Hardened Managed Ethernet Switch

Login timed out

The login session to Configure Mode (or Configure Terminal Mode) has timed out due to an extended period of inactivity (60 seconds) to indicate authentication attempt timed out. And the switch_a login: prompt will show on the screen.

Logon back to Exec Mode (View Mode)

At the switch_a login: prompt just type in “root” and press <Enter> to logon back to Exec Mode (or View Mode). switch_a login: root

90 User’s Manual

Black Box Hardened Managed Ethernet Switch

Exit from Configure Mode (or Configure Terminal Mode)

At the switch_a(config)# prompt just type in “exit” and press <Enter> to exit from Configure Mode (or Configure Terminal Mode). switch_a(config)#exit

User’s Manual 91

Black Box Hardened Managed Ethernet Switch

System

System Information, System Name/ Password, IP Address, Save

Configuration, Firmware Upgrade, Reboot, L ogout.

System Name/Password

System Name:

1. Command Mode: Configure mode

Logon to Configure Mode (Configure Terminal Mode).

The switch_a(config)# prompt w ill show on the screen. switch_a(config)#

2. Usage:

Use hostname command to set o r change the network serve r name.

Use the no hostname command to disab le this function.

Syntax:

(no) hostname HOSTNAME

HOSTNAME specifies the network name of the system.

4. Example:

The following example sets the hostname to switch, and shows the change in the prompt: switch_a(config)#hostname switch switch(config)#

Password:

1. Command Mode: Configure mode

Logon to Configure Mode (Configure Terminal Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

2. Usage:

Use enable password command to modify or create a password to be used when entering the Enable mode.

Syntax: enable password PASSWORD

PASSWORD specifies the new password of the system.

4. Example:

The following example sets the new password mypasswd to switch: switch_a(config)#enable password mypasswd switch_a(config)#

92 User’s Manual

Black Box H ardened Managed E thernet Switch

IP Address

IP Address/IP Subnet Mask:

1. Command Mode: Interface mode

Logon to Configure Mode (Configure Terminal Mode).

Then logon to Interface mode. vlan1.1 means vlan 1.

The switch_a(config-if)# prompt will sho w on the screen. switch_a(config)#interface vlan1.1 switch_a(config-if)#

2. Usage:

Use ip address command to set the IP ad dress of an interface.

Use the no ip address command to remove the IP address from an interface.

: no ip address

IP-ADDRESS A.B.C.D/M specifies the IP address and prefix length of an

4. Example:

Default Gateway:

1. Command Mode: Configure mode

Logon to Configure Mode (Configure Terminal Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

2. Usage:

Use ip default-gateway command to set the IP address of the default gateway.

Use the no ip default-gateway command to remove the IP address of the default gateway.

User’s Manual 93

Black Box Hardened Managed Ethernet Switch ip default-gateway IP-ADDRESS no ip default-gateway

IP-ADDRESS A.B.C.D specifies the IP address of the default gateway.

4. Example:

The following example sets the default ga teway 192.168.1.254 to switch: switch_a(config)#ip default-gate way 192.168.1.254 switch_a(config)#

DNS Server:

1. Command Mode: Configure mode

Logon to Configure Mode (Configure Terminal Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

2. Usage:

Use ip dns command to set the IP address of the DNS server.

Use the no ip dns command to remove the IP address of the DNS server.

Save Configuration

Load config from TFTP server:

1. Command Mode: Privileged Exec mode

Logon to Privileged Exec Mode (Enable Mode).

The switch_a# prompt will show on the screen. switch_a#

2. Usage:

Use install image command to load configuration file from tftp server to switch.

Syntax: install image IP-ADDRESS WORD

IP-ADDRESS specifies the IP address of tftp server.

WORD specifies the file name to be loaded to switch.

94 User’s Manual

Black Box Hardened Managed Ethernet Switch

4. Example:

The following example specifies loadi g from tftp server (IP address: 192.168.1.10 0) to switch: switch_a#install image 192.168.1.100 W ORD switch_a#

Load config to TFTP server:

1. Command Mode: Privileged Exec mo de

Logon to Privileged Exec Mode (Enable Mode).

The switch_a# prompt will show on the screen. switch_a#

2. Usage:

Use write config-file command to backup configuration file to tftp server. write config-file IP-ADDRESS

IP-ADDRESS specifies the IP address of tftp server.

4. Example:

The following example backups configuration file to tftp server (IP address:

192.168.1.100) : switch_a#write config-file 192.168.1.100 switch_a#

Save Configuration:

1. Command Mode: Privileged Exec mode

Logon to Privileged Exec Mode (Enable Mode).

The switch_a# prompt will show on the screen. switch_a#

2. Usage:

Use copy running-config startup-config command to write configurations to the file to be used at startup. This is the same as the write memory command.

Syntax: copy running-config startup-config

4. Example:

The following example specifies writing configurations to the file to be used at startup to switch: switch_a#copy running-config startup-config switch_a#

User’s Manual 95

Black Box Hardened Managed Ethernet Switch

Restore Default:

1. Command Mode: Privileged Exec mode

Logon to Privileged Exec Mode (Enable Mode).

The switch_a# prompt will show on the s creen. switch_a#

2. Usage:

Use restore default command to restore default setting of the switch. restore default

4. Example:

The following example restores default setting of the switch: switch_a#restore default switch_a#

Auto Save:

1. Command Mode: Configure mode

Logon to Configure Mode (Configure Terminal Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

2. Usage:

Use this command to enable auto save configuration function. The configuration will be automatically saved at every configured interval while this command is enabled. Use the no form of this command to disable this feature. service auto-config enable no service auto-config enable

4. Example:

The following example enables or disables auto save configuration to switch: switch_a(config)#service auto-config enable switch_a(config)#no service auto-config enable switch_a(config)#

Auto Save Interval (5~65536 sec):

1. Command Mode: Configure mode

Logon to Configure Mode (Configure Terminal Mode).

The switch_a(config)# prompt will show on the screen.

96 User’s Manual

Black Box Hardened Managed Ethernet Switch switch_a(config)#

2. Usage:

Use this command to set the interval wh en the configuration would be automatically saved. The range of interval value is from 5 to 65535. And the default value is 30 seconds.

Syntax: service auto-config interval WORD

WORD specifies the interval value.

4. Example:

The following example sets the interval W ORD (10) whe n the configuration would be automatically saved to switch: switch_a(config)#service auto-config interval 10 switch_a(config)#

Firmware Upgrade

1. Command Mode: Privileged Exec mode

Logon to Privileged Exec Mode (Enable Mode).

The switch_a# prompt will show on the screen. switch_a#

2. Usage:

Use install image command to upgrade firmware from tftp server to switch. install image IP-ADDRESS WORD

IP-ADDRESS specifies the IP address of tftp server.

WORD specifies the file name to be upgraded to switch.

4. Example:

The following example specifies upgrading firmware (file name: flash.tgz) from tftp server (IP address: 192.168.1.100) to switch: switch_a#install image 192.168.1.100 flash.tgz switch_a#

Please follow the message on the screen during the firmware upgrade process. Do not turn off the power or perform other functions during this period of time.

User’s Manual 97

Black Box Hardened Managed Ethernet Switch

At the “switch_a# prompt just type in “reload” and press <Enter> to reboot the switch after completing the upgrade process.

98 User’s Manual

Black Box H ardened Managed Ethernet Switch

Reboot

1. Command Mode: Privileg ed Exec mode

Logon to Privileged Exec Mode (Enable M ode).

The switch_a# prompt will show on the screen. switch_a#

2. Usage:

Use reload command to restart switch. reload

4. Example:

The following example specifies restarting switch: switch_a#reload switch_a login:

Logout

1. Command Mode: Exec mode or Privileged Exec mode

Logon to Exec Mode (View Mode) or Privileged Exec Mode (Enable Mode).

The switch_a> or switch_a# prompt will show on the screen. switch_a> switch_a#

2. Usage:

Use logout command to exit from the Exec mode or Privileged Exec mode.

Syntax: logout

4. Example:

The following example specifies to exit from the Exec mode or Privileged

Exec mode. switch_a>logout switch_a login:

User’s Manual 99

Black Box Hardened Managed Ethernet Switch

Port

Configuration, Port Status, Rate Control, RMON Statistics, Per Port Vlan

Activities.

Configuration

Admin Setting:

1. Command Mode: Interface mode

Logon to Configure Mode (Configure Termin al Mode).

Then logon to Interface mode. fe1 means port 1.

The switch_a(config-if)# prompt will show on the screen. switch_a(config)#interface fe1 switch_a(config-if)#

2. Usage:

Use the shutdown command to shut do wn the selected interface.

Use the no shutdown to disable this function.

(no) shutdown

4. Example:

The following example shows the use of the shutdown command to shut down the interface fe1 (port 1): switch_a(config)#interface fe1 switch_a(config-if)#shutdown switch_a(config-if)#

Duplex:

1. Command Mode: Interface mode

Logon to Configure Mode (Configure Terminal Mode).

Then logon to Interface mode. fe1 means port 1.

The switch_a(config-if)# prompt will show on the screen. switch_a(config)#interface fe1 switch_a(config-if)#

2. Usage:

Use duplex command to specify the duplex mode to be used for each interface.

Use the no duplex to disable this function.

100 User’s Manual

Black Box Hard ened Managed Ethern et Switch

(no) duplex MODE

MODE specifies the duplex m ode: auto, full, half.

4. Example:

The following example shows the use of du fe1 (port 1): plex MODE (full) to the interface switch_a(config)#interface fe1 switch_a(config-if)#duplex full switch_a(config-if)#

Flow control:

1. Command Mode: Interface mode

Logon to Configure Mode (Configure Termin al Mode).

Then logon to Interface mode. fe1 means port 1.

The switch_a(config-if)# prompt will show on the screen. switch_a(config)#interface fe1 switch_a(config-if)#

2. Usage:

Use flowcontrol on command to enable flow control, and configure the flow control mode for the port.

Use the no flowcontrol to disable this function. flowcontrol on no flowcontrol

4. Example:

The following example shows the use of flowcontrol on to the interface fe1

(port 1): switch_a(config)#interface fe1 switch_a(config-if)#flowcontrol on switch_a(config-if)#

Port Status

1. Command Mode: Exec mode or Privileged Exec mode

Logon to Exec Mode (View Mode) or Privileged Exec Mode (Enable Mode).

The switch_a> or switch_a# prompt will show on the screen. switch_a> switch_a#

2. Usage:

Use the show interface command to display interface configuration and

User’s Manual 101

Black Box Hardened Managed Ethernet Switch status. show interface IFNAME

IFNAME specifies the name of the configuration information is desired. interface for which status and

4. Example:

The following example shows the use of s how interface to display interface configuration and status of the interface fe 1 (port 1): switch_a>show interface fe1

Rate Control

1. Command Mode: Interface mode

Logon to Configure Mode (Configure Term

Then logon to Interface mode. inal Mode). fe1 means port 1.

The switch_a(config-if)# prompt will sho w on the screen. switch_a(config)#interface fe1 switch_a(config-if)#

2. Usage:

Use this command to specify the ingress/egress rate to be used for each interface. The bandwidth value is in bits.

Use the no parameter with this command to remove the ingress/egress rate to be used for each interface.

Syntax:

(no) rate-control ingress/egress VALUE

VALUE

<1-10000000000 bits> (usable units: k, m, g)

<1-999>k|m for 1 to 999 kilo bits or mega bits.

1g for 1 giga bits.

4. Example:

The following example shows the use of rate-control ingress VALUE (10 mega bits ) to the interface fe1 (port 1): switch_a(config)#interface fe1 switch_a(config-if)#rate-control ingress 10m switch_a(config-if)#

RMON Statistics

1. Command Mode: Exec mode or Privileged Exec mode

Logon to Exec Mode (View Mode) or Privileged Exec Mode (Enable Mode).

The switch_a> or switch_a# prompt will show on the screen.

102 User’s Manual

Black Box Hardene d Manage d Ethernet Switch switch_a> switch_a#

2. Usage:

Use the show interface statistics comm and to display RMON statistics of interface. show interface statistics IFNAME

IFNAME specifies the name of the inter face for which RMON statistics is desired.

4. Example:

The following example shows the use of show interface statistics to display

RMON statistics of the interface fe1 (port 1): switch_a>show interface statistics fe1

Per Port Vlan Activities

1. Command Mode: Exec mode or Privileged Exec mode

Logon to Exec Mode (View Mode) or Privileged Exec Mode (Enable Mode).

The switch_a> or switch_a# prompt will show on the screen. switch_a> switch_a#

2. Usage:

Use show vlan command to display information about a particular VLAN by specifying the VLAN ID.

Syntax: show vlan <2-4094>

<2-4094> VLAN ID.

4. Example:

The following is an output of show vlan command displaying information about VLAN 2: switch_a>show vlan 2

User’s Manual 103

Black Box Hardened Managed Ethernet Switch

Switching

Bridging, Static MAC Entry, Port Mirroring

Bridging

Aging Time (seconds):

1. Command Mode: Configure mode

Logon to Configure Mode (Configure Termin al Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

2. Usage:

Use this command to specify an ageing-o ut time for a learned MAC address.

The learned MAC address will persist till this specified time.

Bridge GROUP ageing-time AGEINGTIME no bridge GROUP ageing-time

Group = <1-1> The ID of the bridge-group that this ageing time is for.

AGEINGTIME = <10-1000000> The number of seconds of persistence.

4. Example:

The following example sets the new AGEINGTIME (1000) to bridge GROUP

(1): switch_a(config)#bridge 1 ageing-time 1000 switch_a(config)#

Threshold level (0-100):

1. Command Mode: Interface mode

Logon to Configure Mode (Configure Terminal Mode).

Then logon to Interface mode. fe1 means port 1.

The switch_a(config-if)# prompt will show on the screen. switch_a(config)#interface fe1 switch_a(config-if)#

2. Usage:

Use storm-control level command to specify the rising threshold level for broadcasting, multicast, or destination lookup failure traffic. The storm control action occurs when traffic utilization reaches this level.

Syntax: storm-control level LEVEL

LEVEL <0-100> specifies the percentage of the threshold; percentage of the

104 User’s Manual

Black Box Hardened Managed Ethernet Switch maximum speed (pps) of the interface.

4. Example:

The following example shows setting storm -control level LEVEL (30) to the interface fe1 (port 1): switch_a(config)#interface fe1 switch_a(config-if)#storm-control level 30 switch_a(config-if)#

Broadcast:

1. Command Mode: Interface mode

Logon to Configure Mode (Configure Term inal Mode).

Then logon to Interface mode. fe1 means port 1.

The switch_a(config-if)# prompt will show on the screen. switch_a(config)#interface fe1 switch_a(config-if)#

2. Usage:

Use storm-control broadcast enable command to enable broadcast traffic.

Use no storm-control broadcast command to disable broadcast traffic.

Syntax: storm-control broadcast enable no storm-control broadcast

4. Example:

The following example shows setting storm-control broadcast enable to the interface fe1 (port 1): switch_a(config)#interface fe1 switch_a(config-if)#storm-control broadcast enable switch_a(config-if)#

Multicast:

1. Command Mode: Interface mode

Logon to Configure Mode (Configure Terminal Mode).

Then logon to Interface mode. fe1 means port 1.

The switch_a(config-if)# prompt will show on the screen. switch_a(config)#interface fe1 switch_a(config-if)#

2. Usage:

Use storm-control multicast enable command to enable multicast traffic.

Use no storm-control multicast command to disable multicast traffic.

User’s Manual 105

Black Box Hardened Managed Etherne t Switch storm-control multicast enable no storm-control multicast

4. Example:

The following example shows setting stor m-control multicast enable to the interface fe1 (port 1): switch_a(config)#interface fe1 switch_a(config-if)#storm-control multicas t enable switch_a(config-if)#

DLF:

1. Command Mode: Interface mode

Logon to Configure Mode (Config

Then logon to Interface mode. ure Terminal Mode). fe1 means port 1.

The switch_a(config-if)# prompt will show on the screen. switch_a(config)#interface fe1 switch_a(config-if)#

2. Usage:

Use storm-control dlf enable command to enable destination lookup failure traffic.

Use no storm-control dlf command to disable destination lookup failure traffic.

Syntax: storm-control dlf enable no storm-control dlf

dlf destination lookup failure

4. Example:

The following example shows setting storm-control dlf enable to the interface fe1 (port 1): switch_a(config)#interface fe1 switch_a(config-if)#storm-control dlf enable switch_a(config-if)#

Static MAC Entry

Static-MAC-Entry Forward:

1. Command Mode: Configure mode

Logon to Configure Mode (Configure Terminal Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

106 User’s Manual

Black Box Hardened Managed Ethernet Switch

2. Usage:

Use this command to statically configure a bridge entry to forward matching frames.

Syntax: bridge GROUP address MAC forward IFN AME VLANID no bridge GROUP address MAC forward IFNAME VLANID

GROUP <1-1> Bridge-group ID used for b ridging.

MAC the Media Access Control (MAC) ad format. dress in the HHHH.HHHH.HHHH

IFNAME the interface on which the frame comes in.

VLANID The VID of the VLAN that will be enabled or disabled on the bridge

<2-4094>.

4. Example:

The following example configures a bridge GROUP (1) to forward matching frames (MAC address 2222.2222.2222) to the interface fe1 (p ort 1) in vlan

VLANID (2): switch_a(config)#bridge 1 address 2222.2222.2222 forward fe1 vlan 2 switch_a(config)#

Static-MAC-Entry Discard:

1. Command Mode: Configure mode

Logon to Configure Mode (Configure Terminal Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

2. Usage:

Use this command to statically configure a bridge entry to discard matching frames.

Syntax: bridge GROUP address MAC discard IFNAME no bridge GROUP address MAC discard IFNAME

GROUP <1-1> Bridge-group ID used for bridging.

MAC the Media Access Control (MAC) address in the HHHH.HHHH.HHHH format.

IFNAME the interface on which the frame comes in.

4. Example:

The following example configures a bridge GROUP (1) to discard matching frames (MAC address 2222.2222.2222) to the interface fe1 (port 1): switch_a(config)#bridge 1 address 2222.2222.2222 discard fe1 switch_a(config)#

User’s Manual 107

Black Box Hardened Managed Ethernet Switch

Port Mirroring

1. Command Mode: Interface mode

Logon to Configure Mode (Configure Terminal Mode).

Then logon to Interface mode. fe1 means port 1.

The switch_a(config-if)# prompt will show on the screen. switch_a(config)#interface fe1 switch_a(config-if)#

2. Usage:

Use this command to define a mirror source port and its direction.

Use the no parameter with this command to disable port mirroring by the destination port on the specified source port. mirror interface SOURCEPORT direction SNOOPDIRECTION no mirror interface SOURCEPORT

SOURCEPORT Name of the Source interface to be used.

SNOOPDIRECTION [both|receive|transmit] both Specifies mirroring of traffic in both directions. receive Specifies mirroring of received traffic. transmit Specifies mirroring of transmitted traffic.

4. Example:

The following example enables port mirroring by the destination port fe1 (port

1) on the specified source port fe2 (port 2): switch_a(config)#interface fe1 switch_a(config-if)#mirror interface fe2 direction both switch_a(config-if)#

108 User’s Manual

Black Box Hardened Managed Ethernet Switch

Trunking

Port Trunking

Port Trunking

1. Command Mode: Interface mode

Logon to Configure Mode (Configure Terminal Mode).

Then logon to Interface mode. fe1 means port 1.

The switch_a(config-if)# prompt will show on the screen. switch_a(config)#interface fe1 switch_a(config-if)#

2. Usage:

Use static-channel-group command to create a static aggregator, or add a member port to an already-existing static aggregator.

Use the no static-channel-group command to detach the port from the static aggregator. static-channel-group <1-3> no static-channel-group

<1-3> Channel group number.

Maximum 4 ports in static-channel-group 1 and static-channel-group 2.

Maximum 2 ports in static-channel-group 3

4. Example:

The following example adding the interface fe1 (port 1) to static-channel-group 1

: switch_a(config)#interface fe1 switch_a(config-if)#static-channel-group 1 switch_a(config-if)#

User’s Manual 109

Black Box Hardened Managed Ethernet Switch

STP / Ring

Global Configuration, RSTP Port Setting, Ring Setting

Global Configuration

STP Version:

1. Command Mode: Configure mode

Logon to Configure Mode (Config ure Terminal Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

2. Usage:

Use this command to choose the Spanni

Tree protocol on a bridge. ng Tree protocol or Rapid Sp anning bridge GROUP protocol PROTOCOL vlanbridge

GROUP <1-1> Bridge group name used for bridging.

PROTOCOL

ieee IEEE 802.1Q spanning-tree protocol.

rstp IEEE 802.1w rapid spanning-tree protocol.

4. Example:

The following example chooses the PROTOCOL (rstp) on bridge GROUP

(1): switch_a(config)#bridge 1 protocol rstp vlan-bridge switch_a(config)#

Rapid Spanning Tree Protocol:

1. Command Mode: Configure mode

Logon to Configure Mode (Configure Terminal Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

2. Usage:

Use this command to enable the Rapid Spanning Tree protocol on a bridge.

Use the no form of the command to disable the Rapid Spanning Tree protocol on a bridge. bridge GROUP rapid-spanning-tree enable no bridge GROUP rapid-spanning-tree enable BRIDGE-FORWARD

GROUP <1-1> Bridge group name used for bridging.

BRIDGE-FORWARD Puts all ports of the specified bridge into the

110 User’s Manual

Black Box Harde ned Managed Et hernet Switch forwarding state.

4. Example:

The following example enables or disabl es the rapid-spanning-tree on bridge GROUP (1): switch_a(config)#bridge 1 rapid-spanningtree enable switch_a(config)#no bridge 1 rapid-spanning-tree enable bridge-forward switch_a(config)#

Spanning Tree Protocol:

5. Command Mode: Configure mode

Logon to Configure Mode (Configure Termin al Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

6. Usage:

Use this command to enable the Spanning Tree protocol on a bridge.

Use the no form of the command bridge.

to disable the Spanning Tree protoc ol on a ax: bridge GROUP spanning-tree enable no bridge GROUP spanning-tree enable BRIDGE-FORWARD

GROUP <1-1> Bridge group name used for bridging.

8. Example:

The following example enables or disables the spanning-tree on bridge switch_a(config)#bridge 1 spanning-tree enable switch_a(config)#no bridge 1 spanning-tree enable bridge-forward

Bridge Priority (0..61440):

1. Command Mode: Configure mode

Logon to Configure Mode (Configure Terminal Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

2. Usage:

Use this command to set bridge priority for the common instance. Using a lower priority indicates a greater likelihood of the bridge becoming root.

User’s Manual 111

Black Box Hardened Managed Ethernet Switch bridge GROUP priority PRIORITY no bridge GROUP priority

GROUP <1-1> The ID of the b ridge group for which the prio rity is set.

PRIORITY <0-61440> The bridge priority .

4. Example:

The following example sets the priority PRI ORITY (4096) of bridge GROUP

(1): switch_a(config)#bridge 1 priority 4096 switch_a(config)#

Hello Time (sec) (1..9):

1. Command Mode: Configure mode

Logon to Configure Mode (Configure Terminal Mode).

The switch_a(config)# prompt w ill show on the screen. switch_a(config)#

2. Usage:

Use this command to set the hello-time, the time in seconds after which (if this bridge is the root bridge) all the bridges in a bridged LAN exchange

Bridge Protocol Data Units (BPDUs).

Syntax: bridge GROUP hello-time HELLOTIME no bridge GROUP hello-time

GROUP <1-1> The ID of the bridge group to which this hello time is assigned.

HELLOTIME <1-9> The hello BPDU interval in seconds.

4. Example:

The following example sets the hello-time HELLOTIME (9) of bridge GROUP

(1): switch_a(config)#bridge 1 hello-time 9 switch_a(config)#

Max Age (sec) (6..28):

1. Command Mode: Configure mode

Logon to Configure Mode (Configure Terminal Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

2. Usage:

Use this command to set the max-age for a bridge.

Use the no parameter with this command to restore the default value of max-age.

112 User’s Manual

Black Box Hardened Managed Ethernet Switch bridge GROUP max-age MAXAGE no bridge GROUP max-age

GROUP <1-1> The ID of the bridge group is assigned.

to which this maximum age time

MAXAGE <6-28> The maximum time, in seconds, to lis bridge. ten for the root

4. Example:

The following example sets the max-age M AXAGE (28) of br idge GROUP

(1): switch_a(config)#bridge 1 max-age 28 switch_a(config)#

Forward Delay (sec) (4..30):

1. Command Mode: Configure mode

Logon to Configure Mode (Configure Term inal Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

2. Usage:

Use this command to set the time (in seconds) after which (if this bridge is the root bridge) each port changes states to learning and forwarding.

Use the no parameter with this command to restore the default value. bridge GROUP forward-time FORWARD_DELAY no bridge GROUP forward-time

GROUP <1-1> The ID of the bridge group to which this delay time is assigned.

FORWARD_DELAY <4-30> the forwarding time delay in seconds.

4. Example:

The following example sets the forward-time FORWARD_DELAY (30) of bridge GROUP (1): switch_a(config)#bridge 1 forward-time 30 switch_a(config)#

RSTP Port Setting

Priority(Granularity 16):

1. Command Mode: Interface mode

Logon to Configure Mode (Configure Terminal Mode).

Then logon to Interface mode. fe1 means port 1.

User’s Manual 113

Black Box Hardened Managed Ethernet Switch

The switch_a(config-if)# prompt will show on the screen. switch_a(config)#interface fe1 switch_a(config-if)#

2. Usage:

Use this command to set the port priorit y for a bridge. The lower priori indicates a greater likelihood of the bridge becoming root. ty bridge GROUP priority PRIORITY

GROUP <1-1> the ID of the bridge group.

PRIORITY <0-240> The priority to be assi gned to the group.

4. Example:

The following example sets the priority P RIORITY (100) of the interface fe1

(port 1) of bridge GROUP (1): switch_a(config)#interface fe1 switch_a(config-if)#bridge 1 priority 100 switch_a(config-if)#

Admin. Path Cost:

1. Command Mode: Interface mode

Logon to Configure Mode (Configure Terminal Mode).

Then logon to Interface mode. fe1 means port 1.

The switch_a(config-if)# prompt will show on the screen. switch_a(config)#interface fe1 switch_a(config-if)#

2. Usage:

Use this command to set the cost of a path associated with a bridge-group.

Use the no parameter with this command to restore the default cost of a path associated with a bridge-group.

Syntax: bridge GROUP path-cost PATHCOST no bridge GROUP path-cost

GROUP <1-1> the ID of the bridge group.

PATHCOST <1-200000000> The cost to be assigned to the group.

4. Example:

The following example sets the cost (123) of the interface fe1 (port 1) of bridge GROUP (1): switch_a(config)#interface fe1 switch_a(config-if)#bridge 1 path-cost 123 switch_a(config-if)#

114 User’s Manual

Black Box Hardened Managed Ethernet Switch

Point to Point Link:

1. Command Mode: Interface mode

Logon to Configure Mode (Config

Then logon to Interface mode. ure Terminal Mode). fe1 means port 1.

The switch_a(config-if)# prompt will sho w on the screen. switch_a(config)#interface fe1 switch_a(config-if)#

2. Usage:

Use spanning-tree link-type command to set the link type of a port to enable or disable rapid transition.

Use the no spanning-tree link-type co mmand to set a p ort to its default state and to disable rapid transition.

Syntax:

(no) spanning-tree link-type LINKTYPE

shared Disable rapid transition.

Autoedge:

1. Command Mode: Interface mode

Logon to Configure Mode (Configure Terminal Mode).

Then logon to Interface mode. fe1 means port 1.

The switch_a(config-if)# prompt will show on the screen. switch_a(config)#interface fe1 switch_a(config-if)#

2. Usage:

Use spanning-tree autoedge command to assist in automatic identification of the edge port.

Use the no spanning-tree autoedge command to disable this feature.

Syntax:

(no) spanning-tree autoedge

User’s Manual 115

Black Box Hardened Managed Ethernet Switch

4. Example:

The following example enables the spannin g-tree autoedge of the interface fe1 (port 1): switch_a(config)#interface fe1 switch_a(config-if)#spanning-tree autoedge switch_a(config-if)#

Edgeport:

1. Command Mode: Interface mode

Logon to Configure Mode (Configure Term

Then logon to Interface mode. inal Mode). fe1 means port 1.

The switch_a(config-if)# prompt will show on the screen. switch_a(config)#interface fe1 switch_a(config-if)#

2. Usage:

Use spanning-tree edgeport command t enable rapid transitions. o set a port as an edge-port and to

Syntax:

(no) spanning-tree edgeport

Ring Setting

Ring state:

1. Command Mode: Configure mode

Logon to Configure Mode (Configure Terminal Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

2. Usage:

Use this command to enable Ring state. Use the no parameter with this command to disable Ring state. bridge GROUP ring enable

116 User’s Manual

Black Box Harden ed Managed Ethe rnet Switch no bridge GROUP ring enable bridge-forward

GROUP <1-1> Specify the bridge-group ID.

4. Example:

The following example enables Ring state in bridge GROUP (1): switch_a(config)#bridge 1 ring enable switch_a(config)#

Set ring port:

1. Command Mode: Configure mode

Logon to Configure Mode (Configure Terminal Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

2. Usage:

Use this command to set Ring port 1 and Ring port 2.

Syntax: ring set-port RING_PORT_1 RING_PORT_2

RING_PORT_1 Specify the Ring port 1.

RING_PORT_2 Specify the Ring port 2.

4. Example:

The following example sets the fe1 and fe2 as Ring port 1 and Ring port 2: switch_a(config)#ring set-port fe1 fe2 switch_a(config)#

User’s Manual 117

Black Box Hardened Managed Etherne t S witch

VLAN

VLAN Mode Setting, 802.1Q VLAN Setting, 802.1Q Port Setting, Port Based

VLAN

802.1Q VLAN Setting

VLAN Database:

1. Command Mode: Configure mode

Logon to Configure Mode (Configure Term inal Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

2. Usage:

Use vlan database command to enter the VLAN configuration mode. vlan database

4. Example:

The following example changes to VLAN configuration mode from Configure mode: switch_a(config)#vlan database switch_a(config-vlan)#

Add VLAN/Delete VLAN:

1. Command Mode: VLAN Configure mode

Logon to Configure Mode (Configure Terminal Mode).

Logon to VLAN Configure Mode.

The switch_a(config-vlan)# prompt will show on the screen. switch_a(config)#vlan database switch_a(config-vlan)#

2. Usage:

This command enables or disables the state of a particular VLAN on a bridge basis. Specifying the disable state causes all forwarding over the specified

VLAN ID on the specified bridge to cease. Specifying the enable state allows forwarding of frames on the specified VLAN-aware bridge. vlan VLANID bridge GROUP name VLAN_NAME state enable/disable no vlan VLANID bridge GROUP

VLANID The VID of the VLAN that will be enabled or disabled on the bridge

<2-4094>.

GROUP <1-1> The ID of the bridge-group on which the VLAN will be

118 User’s Manual

Black Box Hardened Managed Ethernet Switch affected.

VLAN_NAME The ASCII name of the VLAN. Maximum length: 16 characters. enable Sets VLAN into an enable state. disable Sets VLAN into a disable state.

4. Example:

The following example enables the vlan V LANID (2) and name VL AN_NAME

(vlan2) of bridge GROUP (1): switch_a(config-vlan)#vlan 2 bridge 1 nam e vlan2 state enable switch_a(config-vlan)#

802.1Q Port Setting

Switchport mode access:

1. Command Mode: Interface mode

Logon to Configure Mode (Configure Term inal Mode).

Then logon to Interface mode. fe1 means port 1.

The switch_a(config-if)# prompt will show on the screen. switch_a(config)#interface fe1 switch_a(config-if)#

2. Usage:

Use switchport mode access command to set the switching characteristics of the Layer-2 interface to access mode, and classify untagged frames only.

Use the no switchport access command to reset the mode of the Layer-2 interface to access (default).

Syntax: switchport mode access no switchport access

4. Example:

The following example sets the switchport mode access of the interface fe1

(port 1): switch_a(config)#interface fe1 switch_a(config-if)#switchport mode access switch_a(config-if)#

Switchport mode hybrid:

1. Command Mode: Interface mode

Logon to Configure Mode (Configure Terminal Mode).

Then logon to Interface mode. fe1 means port 1.

The switch_a(config-if)# prompt will show on the screen.

User’s Manual 119

Black Box Hardened Managed Ethernet Switch switch_a(config)#interface fe1 switch_a(config-if)#

2. Usage:

Use switchport mode hybrid command to set the switching cha racteristics of the Layer-2 interface as hybrid, and classify both tagged and untagged frames.

Use the no switchport hybrid command to reset the mode of the Layer-2 interface to access (default). switchport mode hybrid switchport mode hybrid acceptabl e-frame-type all/vlan-tagged no switchport hybrid

all Set all frames can be received.

vlan-tagged Set vlan-tagged frames can only be received.

4. Example:

The following example sets the switchpo rt mode h

(port 1) and all frames to be received on inte ybrid

of the interface fe1 rface fe1 (port 1): switch_a(config)#interface fe1 switch_a(config-if)#switchport mode hybrid acceptable-frame-type all switch_a(config-if)#

Switchport mode trunk:

1. Command Mode: Interface mode

Logon to Configure Mode (Configure Terminal Mode).

Then logon to Interface mode. fe1 means port 1.

The switch_a(config-if)# prompt will show on the screen. switch_a(config)#interface fe1 switch_a(config-if)#

2. Usage:

Use switchport mode trunk command to set the switching characteristics of the Layer-2 interface as trunk, and specify only tagged frames.

Use the no switchport trunk command to reset the mode of the Layer-2 interface to access (default).

Syntax: switchport mode trunk no switchport trunk

4. Example:

The following example sets the switchport mode trunk of the interface fe1

(port 1): switch_a(config)#interface fe1

120 User’s Manual

Black Box Hardened Managed Ethernet Switch switch_a(config-if)#switchport mode trun k switch_a(config-if)#

Switchport hybrid allowed vlan:

1. Command Mode: Interface mode

Logon to Configure Mode (Configure Termina l Mode).

Then logon to Interface mode. fe1 means port 1.

The switch_a(config-if)# prompt will show on the screen. switch_a(config)#interface fe1 switch_a(config-if)#

2. Usage:

Use this command to set the switching chara cteristics of the Layer-2 interface to hybrid. Both tagged and untagged fra mes will be classifie interfaces. d over hybrid

Use the no parameter to turn off allowed h ybrid switching.

3. Command switchport hybrid allowed vlan remove VLANID no switchport hybrid vlan remove Remove a VLAN from the member set.

VLANID <2-4094> The ID of the VLAN or VLANs that will be added to, or number in the range, separated by a hyphen.

For a VLAN list, specify the VLAN numbers separated by commas.

4. Example:

The following example specifies to add the interface fe1 (port 1) to VLANID switch_a(config)#interface fe1 switch_a(config-if)#switchport hybrid allowed vlan add 2 egress-tagged enable

Switchport trunk allowed vlan:

User’s Manual 121

Black Box Hardened Managed Ethernet Switch

1. Command Mode: Interface mode

Logon to Configure Mode (Configure Termi nal Mode).

Then logon to Interface mode. fe1 means port 1.

The switch_a(config-if)# prompt will show on the screen. switch_a(config)#interface fe1 switch_a(config-if)#

2. Usage:

Use this command to set the switching cha racteristics of the Layer-2 interface to trunk. The all parameter indicates tha t any VLAN ID is part of member set. The none parameter indicates

its port’s that no VLAN ID is configured on this port. The add and remove parameters to/from the port’s member set.

will add and remove VLAN IDs

Use the no parameter to remove all VLAN IDs configured on this port.

: switchport trunk allowed vlan all switchport trunk allowed vlan except VLANID no switchport trunk vlan remove Remove a VLAN from transmit and receive through the Layer-2 interface. removed from, the Layer-2 interface. A single VLAN, VLAN range, or VLAN list can be set.

4. Example: switch_a(config)#interface fe1 switch_a(config-if)#switchport trunk allowed vlan add 2

Port Based VLAN

Switchport portbase add/remove vlan:

1. Command Mode: Interface mode

122 User’s Manual

Black Box Hardened Managed Ethernet Switch

Logon to Configure Mode (Configure Terminal Mode).

Then logon to Interface mode. fe1 means port 1.

The switch_a(config-if)# prompt will show on the screen. switch_a(config)#interface fe1 switch_a(config-if)#

2. Usage:

Use this command to set or remove the default VLAN for the interface. switchport portbase add|remove vlan VLANID

VLANID The ID of the VLAN will be added to or removed from the Layer-2 interface.

4. Example:

The following example specifies to add the interface fe1 (port 1) to VLANID

(2): switch_a(config)#interface fe1 switch_a(config-if)#switchport portbase add vlan 2 switch_a(config-if)#

User’s Manual 123

Black Box Hardened Managed Etherne t S witch

QoS

Global Configuration, 802.1p Priority, DSCP

Global Configuration

QoS:

1. Command Mode: Configure mode

Logon to Configure Mode (Config ure Terminal Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

2. Usage:

Use mls qos enable command t o globally enable QoS.

Use the no mls qos command to globally disable QoS. mls qos enable

(no) mls qos

4. Example:

The following example globally enables QoS on the switch: switch_a(config)#mls qos enable switch_a(config)#

Trust:

1. Command Mode: Configure mode

Logon to Configure Mode (Configure Terminal Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

2. Usage:

Use mls qos trust command to turn on QoS trust CoS or DSCP.

Use the no mls qos trust command to turn off QoS trust CoS or DSCP.

Syntax:

(no) mls qos trust cos/dscp

cos Class of Service.

dscp Differentiated Service Code Point.

4. Example:

The following example turns on QoS trust CoS on the switch: switch_a(config)#mls qos trust cos switch_a(config)#

124 User’s Manual

Black Box Harden ed Managed Ethe rnet Switch

Strict Priority:

1. Command Mode: Configure mode

Logon to Configure Mode (Config ure Terminal Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

2. Usage:

Use priority-queue out command to enable the egress expe dite queue.

Use the no priority-queue out comma nd to disable the egress expedite queue.

Syntax:

(no) priority-queue out

4. Example:

The following example enables the egress expedite queue o n the switch: switch_a(config)#priority-queue o ut switch_a(config)#

Weighted Round Robin:

1. Command Mode: Configure mode

Logon to Configure Mode (Configure Terminal Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

2. Usage:

Use wrr-queue bandwidth command to specify the bandwidth ratios of the transmit queues. wrr-queue bandwidth WRR_WTS

WRR_WTS Weighted Round Robin (WRR) weights for the 4 queues (4 values separated by spaces). Range is 1-55.

4. Example:

The following example specifies the bandwidth ratios of the transmit queues on the switch: switch_a(config)#wrr-queue bandwidth 1 2 4 8 switch_a(config)#

802.1p Priority

1. Command Mode: Configure mode

Logon to Configure Mode (Configure Terminal Mode).

User’s Manual 125

Black Box Hardened Managed Ethernet Switch

The switch_a(config)# prompt will show on the screen. switch_a(config)#

2. Usage:

Use wrr-queue cos-map command to spe cify CoS v alues for a queue.

Syntax: wrr-queue cos-map QUEUE_ID C OS_VALUE

QUEUE_ID Queue ID. Range is 0-3.

COS_VALUE CoS values. Up to 8 values (separated by spaces). Range is

0-7.

4. Example:

The following example shows mapping CoS values 0 and 1 to queue 1 on the switch: switch_a(config)#wrr-queue cos-map 1 0 1 switch_a(config)#

DSCP

1. Command Mode: Configure mode

Logon to Configure Mode (Configure Terminal Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

2. Usage:

Use mls qos map dscp-queue command to map the DSCP values to a queue.

mls qos map dscp-queue DSCP_VALUE to QUEUE_ID

DSCP_VALUE DSCP values. Up to 8 values (separated by spaces). Range is 0-63.

QUEUE_ID Queue ID. Range is 0-3.

4. Example:

The following example shows mapping DSCP values 0 to 3 to queue 1 on the switch: switch_a(config)#mls qos map dscp-queue 0 1 2 3 to 1 switch_a(config)#

126 User’s Manual

Black Box Hardened Managed Ethernet Switch

SNMP

SNMP General Setting, SNMP v1/v2c, SNMP v3

SNMP General Setting

SNMP Status:

1. Command Mode: Configure mo de

Logon to Configure Mode (Configure Term inal Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

2. Usage:

Use snmp-server enable command to e command to disable SNMP to the switch. nable and no snmp-server enable

(no) snmp-server enable

4. Example:

The following example enables SNMP to the switch: switch_a(config)#snmp-server enable switch_a(config)#

Description:

1. Command Mode: Configure mode

Logon to Configure Mode (Configure Terminal Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

2. Usage:

Use snmp-server description command to specify and no snmp-server description command to remove description for SNMP. snmp-server description DESCRIPTION no snmp-server description

DESCRIPTION The description for SNMP.

4. Example:

The following example specifies description (description) for SNMP: switch_a(config)#snmp-server description description switch_a(config)#

User’s Manual 127

Black Box Hardened Managed Ethernet Switch

Location:

1. Command Mode: Configure mode

Logon to Configure Mode (Configure Terminal Mode).

The switch_a(config)# prompt w ill show on the screen. switch_a(config)#

2. Usage:

Use snmp-server location command to specify and no snmp-server location command to remove loc ation for SNMP.

Syntax: snmp-server location LOCATION no snmp-server location

LOCATION The location for SNMP.

4. Example:

The following example specifies location ( loca ion

) for SNMP: switch_a(config)#snmp-server location l ocation switch_a(config)#

Contact:

1. Command Mode: Configure mode

Logon to Configure Mode (Configure Terminal Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

2. Usage:

Use snmp-server contact command to specify and no snmp-server contact

command to remove contact for SNMP. snmp-server contact CONTACT no snmp-server contact

CONTACT The contact for SNMP.

4. Example:

The following example specifies contact (contact) for SNMP: switch_a(config)#snmp-server contact contact switch_a(config)#

Trap Community Name:

1. Command Mode: Configure mode

Logon to Configure Mode (Configure Terminal Mode).

The switch_a(config)# prompt will show on the screen.

128 User’s Manual

Black Box Hardened Managed Ethernet Switch switch_a(config)#

2. Usage:

Use this command to specify trap commu nity name for SNMP.

Use the no parameter with this command to remove trap community name for

SNMP.

Syntax: snmp-server trap-community <1-5> NAME no snmp-server trap-communit y <1-5>

<1-5> The trap community 1-5.

NAME The trap community name for SN MP.

4. Example:

The following example specifies trap communit y name 1 (name ) for SNMP: switch_a(config)#snmp-server trap-community 1 name switch_a(config)#

Trap Host IP Address:

1. Command Mode: Configure mode

Logon to Configure Mode (Configure Terminal Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

2. Usage:

Use this command to specify trap host IP address for SNMP.

Use the no parameter with this command to remove trap host IP address for

SNMP.

Syntax: snmp-server trap-ipaddress <1-5> IP-ADDRESS no snmp-server trap-ipaddress <1-5>

<1-5> The trap host IP address 1-5.

IP-ADDRESS The trap host IP address for SNMP. A.B.C.D specifies the IP address.

4. Example:

The following example specifies trap host 1 IP address (192.168.1.20) for

SNMP: switch_a(config)#snmp-server trap-ipaddress 192.168.1.20 switch_a(config)#

Cold Start Trap:

1. Command Mode: Configure mode

Logon to Configure Mode (Configure Terminal Mode).

User’s Manual 129

Black Box Hardened Managed Ethernet Switch

The switch_a(config)# prompt will show on the screen. switch_a(config)#

2. Usage:

Use snmp-server trap-type enable cold Start trap for SNMP.

command to enable cold start

Use the no snmp-server trap-type ena cold start trap for SNMP. ble coldStart command to disable

(no) snmp-server trap-type enable coldStart

4. Example:

The following example enables f switch_a(config)#snmp-server trap-type enable coldStart switch_a(config)#

Warm Start Trap:

1. Command Mode: Configure mode

Logon to Configure Mode (Configure Terminal Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

2. Usage:

Use snmp-server trap-type enable warmStart command to enable warm start trap for SNMP.

Use the no snmp-server trap-type enable warmStart command to disable warm start trap for SNMP.

Syntax:

(no) snmp-server trap-type enable warmStart

4. Example:

The following example enables warm start trap for SNMP: switch_a(config)#snmp-server trap-type enable warmStart switch_a(config)#

Link Down Trap:

1. Command Mode: Configure mode

Logon to Configure Mode (Configure Terminal Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

2. Usage:

Use snmp-server trap-type enable linkDown command to enable link

130 User’s Manual

Black Box Hardened Managed Ethernet Switch down trap for SNMP.

Use the no snmp-server trap-type enab le linkDown command to disable link down trap for SNMP.

Syntax:

(no) snmp-server trap-type enable linkDow n

4. Example:

The following example enables link down trap f or SNMP: switch_a(config)#snmp-server trap-type enable linkDown switch_a(config)#

Link Up Trap:

1. Command Mode: Configure mode

Logon to Configure Mode (Configure Term inal Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

2. Usage:

Use snmp-server trap-type enable linkUp command to enable link up trap for SNMP.

Use the no snmp-server trap-type enable linkUp command to disable link up trap for SNMP.

(no) snmp-server trap-type enable linkUp

4. Example:

The following example enables link up trap for SNMP: switch_a(config)#snmp-server trap-type enable linkUp switch_a(config)#

Authentication Failure Trap:

1. Command Mode: Configure mode

Logon to Configure Mode (Configure Terminal Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

2. Usage:

Use snmp-server trap-type enable authenticationFailure command to enable authentication failure trap for SNMP.

Use the no snmp-server trap-type enable authenticationFailure command to disable authentication failure trap for SNMP.

User’s Manual 131

Black Box Hardened Managed Ethernet Switch

(no) snmp-server trap-type enable authenticationFailure

4. Example:

The following example enables authentica tion failure trap for SNMP : switch_a(config)#snmp-server tr ap-type enable authenticationFailure switch_a(config)#

Topology Change Trap:

1. Command Mode: Configure mode

Logon to Configure Mode (Configure Term inal Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

2. Usage:

Use snmp-server trap-type enable top ologyChange command to enab topology change trap for SNMP. le

Use the no snmp-server trap-type ena disable topology change trap fo r SNMP. ble topologyChange command to

(no) snmp-server trap-type enable topologyChange

4. Example: switch_a(config)#snmp-server trap-type enable topologyChange switch_a(config)#

SNMP v1/v2c

Get Community Name:

1. Command Mode: Configure mode

Logon to Configure Mode (Configure Terminal Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

2. Usage:

Use snmp-server community get command to specify and no snmp-server community get command to remove get community name for

SNMP.

Syntax: snmp-server community get NAME no snmp-server community get

NAME The get community name for SNMP.

4. Example:

132 User’s Manual

Black Box Hardened Managed Ethernet Switch

The following example specifies get comm unity name (name) for SNMP: switch_a(config)#snmp-server commun ity get name switch_a(config)#

Set Community Name:

1. Command Mode: Configure mo de

Logon to Configure Mode (Configure Term inal Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

2. Usage:

Use snmp-server community set c snmp-server community set

command to

SNMP. ommand to specify and no

remove get community nam e for snmp-server community set NAME no snmp-server community set

NAME The set community name for SNMP.

4. Example:

The following example specifies set community name (name) for SNMP: switch_a(config)#snmp-server community set name switch_a(config)#

SNMP v3

SNMPv3 No-Auth:

1. Command Mode: Configure mode

Logon to Configure Mode (Configure Terminal Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

2. Usage:

Add a user using snmp v3 with read-only or read-write access mode and without authentication. Use the no form of the command to delete this user.

(no) snmp-server v3-user USERNAME (ro|rw) noauth

USERNAME Specify a user name. ro read-only access mode rw read-write access mode

4. Example:

The following example adds a user (myuser) using snmp v3 with read-only access mode and without authentication:

User’s Manual 133

Black Box Hardened Managed Ethernet Switch switch_a(config)#snmp-server v3-user my user ro noauth switch_a(config)#

SNMPv3 Auth-MD5, SNMPv3 Auth-SHA:

1. Command Mode: Configure mo de

Logon to Configure Mode (Configure Term inal Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

2. Usage:

Add a user using snmp v3 with read-only o r read-write access mode and with

MD5 or SHA authentication. Use the no f orm of the command to delete this user.

AUTH_PASSWORD

USERNAME Specify a user name. sha authentication method

AUTH_PASSWORD authentication password

SNMPv3 Priv Auth-MD5, SNMPv3 Priv Auth-SHA:

1. Command Mode: Configure mode

Logon to Configure Mode (Configure Terminal Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

2. Usage:

Add a user using snmp v3 with read-only or read-write access mode, MD5 or

SHA authentication, and privacy. Use the no form of the command to delete this user.

(no) snmp-server v3-user USERNAME (ro | rw) priv auth (md5 | sha)

AUTH_PASSWORD des PRIV_PASS_PHRASE

USERNAME Specify a user name.

134 User’s Manual

Black Box Hardened Managed Ethernet Switch ro read-only access mode rw read-write access mode md5 authentication method sha authentication method

AUTH_PASSWORD authentication password

PRIV_PASS_PHRASE encryption pass phrase

4. Example:

The following example adds a user (myuser) using snmp v3 with read-write access mode, MD5 authentication (mypassword), and encryption pass phrase (mypassphrase): switch_a(config)#snmp-server v3-user myuser rw priv md5 mypassword des mypassphrase switch_a(config)#

User’s Manual 135

Black Box Hardened Managed Ethernet Switch

802.1x

Radius Configuration, Port-Based Authentication

Radius Configuration

Radius Status:

1. Command Mode: Configure mode

Logon to Configure Mode (Config ure Terminal Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

2. Usage:

Use dot1x system-auth-ctrl command to globally enable authentication.

Use no dot1x system-auth-ctrl command to globally disable authentication.

(no) dot1x system-auth-ctrl

4. Example:

The following example globally enables authentication: switch_a(config)#dot1x system-auth-ctrl switch_a(config)#

Radius Server IP:

Radius Server Port:

1. Command Mode: Configure mode

Logon to Configure Mode (Configure Terminal Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

2. Usage:

Use this command to specify the IP address of the remote radius server host and assign authentication and accounting destination port number.

Syntax:

(no) radius-server host IP-ADDRESS auth-port PORT

IP-ADDRESS A.B.C.D specifies the IP address of the radius server host.

PORT specifies the UDP destination port for authentication requests. The host is not used for authentication if set to 0.

4. Example:

The following example specifies the IP address (192.168.1.100) of the remote radius server host and assigns authentication and accounting destination port number (1812):

136 User’s Manual

Black Box Hardened Managed Ethernet Switch switch_a(config)#radius-server host 192.168.1.100 auth-port 1812 switch_a(config)#

Secret Key:

1. Command Mode: Configure mode

Logon to Configure Mode (Config ure Terminal Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

2. Usage:

Use this command to set the shared secre t key between a Radius serv er and a client.

Syntax:

(no) radius-server host IP-ADDRESS key KE Y remote radius server host and set the secret key (ipi) shared among the radius server and the 802.1x client:

Timeout:

1. Command Mode: Configure mode

Logon to Configure Mode (Configure Terminal Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

2. Usage:

Use this command to specify the number of seconds a Switch waits for a reply to a radius request before retransmitting the request.

Syntax: radius-server timeout SEC no radius-server timeout

SEC <1-1000> The number of seconds for a Switch to wait for a server host to reply before timing out. Enter a value in the range 1 to 1000.

4. Example:

The following example specifies 20 seconds for the Switch to wait for a server host to reply before timing out:

User’s Manual 137

Black Box Hardened Managed Etherne t S witch switch_a(config)#radius-server timeout 20 switch_a(config)#

Retransmit:

1. Command Mode: Configure mode

Logon to Configure Mode (Configure Termin al Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

2. Usage:

Use this command to specify the number of time s the Switch transmits each radius request to the server before giving up.

Syntax: radius-server retransmit RETRIES no radius-server retransmit

RETRIES <1-100> Specifies the retransm it value. Enter a value in the range

1 to 100.

4. Example:

The following example specifies the retransmit value 12: switch_a(config)#radius-server retransmit 12 switch_a(config)#

Port-Based Authentication

Authentication State:

1. Command Mode: Interface mode

Logon to Configure Mode (Configure Terminal Mode).

Then logon to Interface mode. fe1 means port 1.

The switch_a(config-if)# prompt will show on the screen. switch_a(config)#interface fe1 switch_a(config-if)#

2. Usage:

Use dot1x reauthetication command to enable reauthentication on a port.

Use no dot1x reauthetication command to disable reauthentication on a port.

(no) dot1x reauthentication

4. Example:

The following example specifies to enable reauthetication on the interface fe1

(port 1):

138 User’s Manual

Black Box Hardene d Mana ged Ethernet Switch switch_a(config)#interface fe1 switch_a(config-if)#dot1x reauthenticati on switch_a(config-if)#

Port Control:

1. Command Mode: Interface mode

Logon to Configure Mode (Configure Term inal Mode).

Then logon to Interface mode. fe1 means port 1.

The switch_a(config-if)# prompt will sho w on the screen. switch_a(config)#interface fe1 switch_a(config-if)#

2. Usage:

Use this command to force a port state.

Use no dot1x port-control command to remove a port from the 802.1x management.

Syntax: dot1x port-control auto|force-authorized|force-unauthorized no dot1x port-control

auto Specify to enable authentication on port.

force-authorized Specify to force a port to always be in an authorized state.

force-unauthorized Specify to force a port to always be in an unauthorized state.

4. Example:

The following example specifies to enable authetication on the interface fe1

(port 1): switch_a(config)#interface fe1 switch_a(config-if)#dot1x port-control auto switch_a(config-if)#

Periodic Reauthentication:

Reauthentication Period:

1. Command Mode: Interface mode

Logon to Configure Mode (Configure Terminal Mode).

Then logon to Interface mode. fe1 means port 1.

The switch_a(config-if)# prompt will show on the screen. switch_a(config)#interface fe1 switch_a(config-if)#

2. Usage:

Use this command to set the interval between reauthorization attempts.

User’s Manual 139

Black Box Hardened Managed Ethernet Switch

Use no dot1x timeout re-authperiod command to delete the interval between reauthorization attempts. dot1x timeout re-authperiod SECS no dot1x timeout re-authperiod

SECS <1-4294967295> Specify the seconds between reauthorization attempts. The default time is 3600 seconds.

4. Example:

The following example specifies to set the interval 25 seconds between reauthorization attempts: switch_a(config)#interface fe1 switch_a(config-if)#dot1x timeout re-authperiod 25 switch_a(config-if)#

140 User’s Manual

Black Box Hardened Managed Ethernet Switch

Other Protocols

GVRP, IGMP Snooping, NTP

GVRP

GVRP:

1. Command Mode: Configure mode

Logon to Configure Mode (Config ure Terminal Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

2. Usage:

Use set gvrp enable bridge com mand to enable (set) and set gvrp d bridge

command to disable (reset) GVR isable

P globally for the bridge instance.

This command does not enable/disable G VRP in all ports of the bridge. After enabling GVRP globally, use the set port gvrp enable command to enable

GVRP on individual ports of the bridge. set gvrp enable bridge GROUP set gvrp disable bridge GROUP

GROUP Bridge-group ID used for bridging.

4. Example:

The following example globally enables GVRP to bridge GROUP (1): switch_a(config)#set gvrp enable bridge 1 switch_a(config)#

Dynamic VLAN creation:

1. Command Mode: Configure mode

Logon to Configure Mode (Configure Terminal Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

2. Usage:

Use set gvrp dynamic-vlan-creation enable bridge command to enable and set gvrp dynamic-vlan-creation disable bridge command to disable dynamic VLAN creation for a specific bridge instance. set gvrp dynamic-vlan-creation enable bridge GROUP set gvrp dynamic-vlan-creation disable bridge GROUP

GROUP Bridge-group ID used for bridging.

User’s Manual 141

Black Box Hardened Managed Ethernet Switch

4. Example:

The following example enables dynamic VLAN creation for bridge GROUP

(1): switch_a(config)#set gvrp dynamic-vlan -creation enable b ridge 1 switch_a(config)#

Per port setting:

GVRP:

1. Command Mode: Configure mo de

Logon to Configure Mode (Configure Term inal Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

2. Usage:

Use set port gvrp enable command to e nable and set port gv rp disable command to disable GVRP on a port or all ports in a bridge.

: set port gvrp enable all/IFNAME

4. Example: switch_a(config)#set port gvrp enable fe1 switch_a(config)#

Per port setting:

GVRP applicant:

1. Command Mode: Configure mode

Logon to Configure Mode (Configure Terminal Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

2. Usage:

Use this command to set the GVRP applicant state to normal or active. set gvrp applicant state active/normal IFNAME active Active state normal Normal state

IFNAME Name of the interface.

4. Example:

142 User’s Manual

Black Box Hardened Managed Ethernet Switch

The following example sets GVRP applica nt state to active on the interface fe1 (port 1): switch_a(config)#set gvrp applicant state active fe1 switch_a(config)#

Per port setting:

GVRP registration:

1. Command Mode: Configure mode

Logon to Configure Mode (Configure Terminal Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

2. Usage:

Use this command to set GVRP registrat ion to normal, fixed, and forbidden registration mode for a given port. set gvrp registration normal IF_NAME set gvrp registration fixed IF_NAME set gvrp registration forbidden IF_NAME normal Specify dynamic GVRP multicast registration and deregistration on the port. fixed Specify the multicast groups currently registered on the switch are applied to the port, but any subsequent registrations or deregistrations do any further GVRP multicast registration on the port.

IF_NAME The name of the interface.

The following example sets GVRP registration to fixed registration mode on the interface fe1 (port 1):

IGMP Snooping

IGMP mode:

Querier:

1. Command Mode: Interface mode

Logon to Configure Mode (Configure Terminal Mode).

Then logon to Interface mode. vlan1.1 means vlan 1.

The switch_a(config-if)# prompt will show on the screen. switch_a(config)#interface vlan1.1

User’s Manual 143

Black Box Hardened Managed Ethernet Switch switch_a(config-if)#

2. Usage:

Use ip igmp snooping querier command t o enable IGMP querie r operation on a subnet (VLAN) when no multicast r outing p rotocol is configured in the subnet (VLAN). When enabled , the IGMP Snooping q uerier sends out periodic IGMP queries for all interfaces on

Use the no ip igmp snooping querier

that VLAN. command to disable IGMP querier configuration.

(no) ip igmp snooping querier

4. Example:

The following example enables IGMP sno oping querier on vlan1.1: switch_a(config)#interface vlan1.1 switch_a(config-if)#ip igmp s nooping querier

IGMP mode:

Passive:

1. Command Mode: Configure mode or Interface mode

Logon to Configure Mode (Configure Terminal Mode).

The switch_a(config)# prompt will show on the screen.

Then logon to Interface mode. vlan1.1 means vlan 1.

The switch_a(config-if)# prompt will show on the screen. switch_a#configure terminal switch_a(config)# switch_a(config)#interface vlan1.1 switch_a(config-if)#

2. Usage:

Use ip igmp snooping command to enable IGMP Snooping. When this command is given in the Global Config mode, IGMP Snooping is enabled at the switch level. When this command is given at the VLAN interface level,

IGMP Snooping is enabled for that VLAN.

Use the no ip igmp snooping command to globally disable IGMP Snooping, or for the specified interface.

(no) ip igmp snooping

4. Example:

The following example enables IGMP snooping on the switch or vlan1.1: switch_a#configure terminal switch_a(config)# ip igmp snooping

144 User’s Manual

Black Box Harden ed Managed Ethernet Switch switch_a(config)#interface vlan1.1 switch_a(config-if)#ip igmp snooping

IGMP version:

1. Command Mode: Interface mode

Logon to Configure Mode (Configure Term inal Mode).

Then logon to Interface mode. fe1 means port 1.

The switch_a(config-if)# prompt will show on the screen. switch_a(config)#interface fe1 switch_a(config-if)#

2. Usage:

Use ip igmp version command to set th e current IGMP protocol version on an interface.

To return to the default version, use the n o ip igm p version command.

Syntax: ip igmp version VERSION no ip igmp version

4. Example:

The following example sets the IGMP protocol version 3 on the interface fe1 switch_a(config)#interface fe1 switch_a(config-if)#ip igmp version 3

Fast-leave:

1. Command Mode: Interface mode

Logon to Configure Mode (Configure Terminal Mode).

Then logon to Interface mode. vlan1.1 means vlan 1.

The switch_a(config-if)# prompt will show on the screen. switch_a(config)#interface vlan1.1 switch_a(config-if)#

2. Usage:

Use ip igmp snooping fast-leave command to enable IGMP Snooping fast-leave processing. Fast-leave processing is analogous to immediate leave processing; the IGMP group-membership is removed, as soon as an

IGMP leave group message is received without sending out a group-specific query.

Use the no ip igmp snooping fast-leave command to disable fast-leave processing.

User’s Manual 145

Black Box Hardened Managed Ethernet Switch

(no) ip igmp snooping fast-leave

4. Example:

The following example enables IGMP sno oping fast-leave on vlan1.1: switch_a(config)#interface vlan1.1 switch_a(config-if)#ip igmp snooping fast-l eave

IGMP querier:

Query-interval:

1. Command Mode: Interface mode

Logon to Configure Mode (Config ure Terminal Mode).

Then logon to Interface mode. fe1 means port 1.

The switch_a(config-if)# prompt will sho w on the screen. switch_a(config)#interface fe1 switch_a(config-if)#

2. Usage:

Use ip igmp query-interval command to configure the frequency of sending

IGMP host query messages.

To return to the default frequency, use the no ip igmp query-interval command. ip igmp query-interval INTERVAL no ip igmp query-interval

INTERVAL <1-18000> Frequency (in seconds) at which IGMP host query messages are sent.

4. Example:

The following example changes the frequency of sending IGMP host-query messages to 2 minutes on the interface fe1 (port 1): switch_a(config)#interface fe1 switch_a(config-if)#ip igmp query-interval 120

IGMP querier:

Max-response-time:

1. Command Mode: Interface mode

Logon to Configure Mode (Configure Terminal Mode).

Then logon to Interface mode. fe1 means port 1.

The switch_a(config-if)# prompt will show on the screen. switch_a(config)#interface fe1

146 User’s Manual

Black Box Hard ened Managed Ethern et Switch switch_a(config-if)#

2. Usage:

Use ip igmp query-max-resp onse-time

command frequency of sending IGMP host query me ssages. to configure the

To return to the default frequen cy, use the no ip igmp query-max-response-time command. ip igmp query-max-response-time RESPONSETIME no ip igmp query-max-response -time

RESPONSETIME <1-240> Maximum advertised in IGMP queries.

response time (in seconds)

4. Example:

The following example configures a maxim um response time of 8 seconds on the interface fe1 (port 1): switch_a(config)#interface fe1 switch_a(config-if)#ip igmp query-max-res ponse-time 8

IGMP passive snooping:

Static mc router port:

1. Command Mode: Interface mode

Logon to Configure Mode (Configure Terminal Mode).

Then logon to Interface mode. vlan1.1 means vlan 1.

The switch_a(config-if)# prompt will show on the screen. switch_a(config)#interface vlan1.1 switch_a(config-if)#

2. Usage:

Use ip igmp snooping mrouter interface command to statically configure the specified VLAN constituent interface as a multicast router interface for

IGMP Snooping in that VLAN.

Use the no ip igmp snooping mrouter interface command to remove the static configuration of the interface as a multicast router interface.

(no) ip igmp snooping mrouter interface IFNAME

IFNAME Specify the name of the interface

4. Example:

The following example shows interface fe1 (port 1) statically configured to be a multicast router interface on vlan1.1: switch_a(config)#interface vlan1.1 switch_a(config-if)#ip igmp snooping mrouter interface fe1

User’s Manual 147

Black Box Hardened Managed Etherne t S witch

IGMP passive snooping:

Report suppression:

1. Command Mode: Interface mode

Logon to Configure Mode (Configure Term inal Mode).

Then logon to Interface mode. vlan1.1 means vlan 1.

The switch_a(config-if)# prompt will show on the screen.

switch_a(config)#interface vlan1.1 switch_a(config-if)#

2. Usage:

Use ip igmp snooping report-suppre ssion command to enable report suppression for IGMP versions 1 and 2.

Use the no ip igmp snoopin g report-suppression comm and to disable report suppression. ax:

4. Example:

The following example enables report suppression for IGMPv2 reports on vlan1.1

: switch_a(config-if)#ip igmp version 2 switch_a(config-if)#ip igmp snooping report-suppression

NTP

NTP Status:

1. Command Mode: Configure mode

Logon to Configure Mode (Configure Terminal Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

2. Usage:

Use ntp enable command to enable NTP for the Switch.

Use no ntp enable command to disable NTP for the Switch.

3. Command

(no) ntp enable

4. Example:

The following example enables NTP for the Switch: switch_a(config)#ntp enable switch_a(config)#

148 User’s Manual

Black Box Hardened Managed Ethernet Switch

NTP Server:

1. Command Mode: Configure mode

Logon to Configure Mode (Config ure Terminal Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

2. Usage:

Use this command to specify the IP addres s or Domain name of NTP server. ntp server IP-ADDRESS|DOMAIN-NAME

IP-ADDRESS A.B.C.D specifies the IP address of NTP server.

DOMAIN-NAME Specifies the Domain n ame of NTP s erver.

4. Example:

The following example specifies the IP address (192.168.1.100) of NTP server: switch_a(config)#ntp server 192.168.1.100 switch_a(config)#

Sync Time:

1. Command Mode: Configure mode

Logon to Configure Mode (Configure Terminal Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

2. Usage:

Use ntp sync-time command to synchronize time with NTP server. ntp sync-time

4. Example:

The following example synchronizes time with NTP server: switch_a(config)#ntp sync-time switch_a(config)#

Time Zone:

1. Command Mode: Configure mode

Logon to Configure Mode (Configure Terminal Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

User’s Manual 149

Black Box Hardened Managed Etherne t S witch

2. Usage:

Use this command to to set time zone. clock timezone TIMEZONE

TIMEZONE Specifies the time zo ne. (Please refer the Appendix B)

4. Example:

The following example sets time zone (Ca nada/Yukon): switch_a(config)#clock timezone YST9Y DT switch_a(config)#

Polling Interval:

1. Command Mode: Configure mode

Logon to Configure Mode (Config ure Terminal Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

2. Usage:

Use this command to specify the polling interval. ntp polling-interval MINUTE

MINUTE <1-10080> The polling interval. Enter a value in the range 1 to

10080 minutes.

4. Example:

The following example specifies the polling interval 60 minutes: switch_a(config)#ntp polling interval 60 switch_a(config)#

Daylight Saving Mode:

1. Command Mode: Configure mode

Logon to Configure Mode (Configure Terminal Mode).

The switch_a(config)# prompt will show on the screen. switch_a(config)#

2. Usage:

Use this command to enable daylight saving.

Use no clock summer-time command to disable daylight saving. clock summer-time TIMEZONE weekday WEEK DAY MONTH HOUR

MINUTE WEEK DAY MONTH HOUR MINUTE OFFSET

TIMEZONE Specifies the daylight saving timezone.

150 User’s Manual

Black Box Hardened Managed Ethernet Switch

WEEK <1-5> Specifies weekdays from Monday to Friday.

DAY <0-6> Specifies from Sunday to Saturday.

MONTH <1-12> Specifies from January to December.

HOUR <0-23> Specifies from 0 to 23.

MINUTE <0-59> Specifies from 0 to 59.

OFFSET <1-1440> Specifies from 1 to 1440 minutes. clock summer-time TIMEZONE date DAY MONTH HOUR MINUTE DAY

MONTH HOUR MINUTE OFFSET

TIMEZONE Specifies the daylight saving timezone.

DAY <1-31> Specifies from 1 to 31.

MONTH <1-12> Specifies from January to December.

HOUR <0-23> Specifies from 0 to 23.

MINUTE <0-59> Specifies from 0 to 59.

OFFSET <1-1440> Specifies from 1 to 1440 minutes. no clock summer-time

4. Example:

The following example sets clock summer-time TIMEZONE (onehour) as daylight saving offset 60 minutes from 4 April AM0:00 to 31 October AM0:00: switch_a(config)#clock summer-time onehour date 4 4 0 0 31 10 0 0 60 switch_a(config)#

User’s Manual 151

Black Box Hardened Managed Ethernet Switch

Specifications

Applicable Standards

Switching Method

Forwarding Rate

10Base-T

100Base-TX

100Base-FX

1000Base-T

1000Base-SX/LX

Performance

Cable

10Base-T

100Base-TX

1000Base-T

100Base-FX

1000Base-SX

1000Base-LX

LED Indicators

Dimensions

Net Weight

Power Input

Power Consumption

Operating

Temperature

Storage Temperature

Humidity

Safety

EMI

IEEE 802.3 10Base-T

IEEE 802.3u 100Base-TX/FX

IEEE 802.3ab 1000Base-T

IEEE 802.3z 1000Base-SX/LX

Store-and-Forward

10 / 20Mbps half / full-duplex

100 / 200Mbps half / full-duplex

200Mbps full-duplex

2000Mbps full-duplex

2000Mbps full-duplex

14,880pps for 10Mbps

148,810pps for 100Mbps

1,488,100pps for 1000Mbps

2-pair UTP/STP Cat. 3, 4, 5 Up to 100m (328ft)

2-pair UTP/STP Cat. 5 Up to 100m (328ft)

4-pair UTP/STP Cat. 5 Up to 100m (328ft)

50 or 62.5/125µm multi-mode fiber (1300nm) up to 2km

9 or 10/125µm single-mode fiber (1300nm) up to 75km

50 or 62.5/125µm multi-mode fiber (850nm) up to 550m

9 or 10/125µm single-mode fiber (1300nm) up to 50km

Per unit – Power status (Power 1, 2, 3)

Per port –

10/100TX or 100FX: Link/ACT, 10/100 Mbps

10/100/1000TX or 1000SX/LX: Link/ACT, 1000 Mbps

SFP Gigabit: Link/ACT, 1000 Mbps, SFP Link

235mm (W) x 125mm (D) x 50mm (H)

(9.25” (W) x 4.92” (D) x 1.97” (H))

1.5Kg (3.3lbs.)

DC Jack: 12VDC

Terminal Block: 12~32VDC

15W Max. 1.25A @ 12VDC, 0.625A @ 24VDC

-40°C to 75℃ (-40 to 167 )

Tested for functional operation @

-40 to 85 (-40 to 185 )

-40°C to 85℃ (-40 to 185 )

5%-95% non-condensing

UL508, EN60950-1, IEC60950-1

FCC Part 15, Class A

EN61000-6-3: EN55022, EN61000-3-2, EN61000-3-3

152 User’s Manual

Black Box Hardened Managed Ethernet Switch

EMS

Environmental Test

Compliance

EN61000-6-2:

EN61000-4-2 (ESD Standard)

EN61000-4-3 (Radiated RFI Standards)

EN61000-4-4 (Burst Standards)

EN61000-4-5 (Surge Standards)

EN61000-4-6 (Induced RFI Standards)

EN61000-4-8 (Magnetic Field Standards)

EN61000-4-11 (Voltage Dips Standards)

IEC60068-2-6 Fc (Vibration Resistance)

IEC60068-2-27 Ea (Shock)

IEC60068-2-32 Ed (Free Fall)

NEMA TS1/2 Environmental requirements for traffic control equipment

User’s Manual 153

Black Box Hardened Managed Ethernet Switch

Appendix A

B9 DCE pin assignment

Pin no. Name

1 DCD

2 RxD

3 TxD

4 ---

5 GND

6 DSR

7 ---

8 CTS

9 ---

RS232 Signal name

Data Carrier detect

N/C

Data set Ready

N/C

Clear to send

N/C

154 User’s Manual

Appendix B

Time Zone

Europe

MET-1METDST

EET-2EETDST

WET0WETDST

Black Box Hardened Managed Ethernet Switch

Country and City Lists

Europe/Zuri ch

Africa/Tunis

Europe/And

, CET, MET, Euro orra, Europe/Brus pe/Tirane, sels,

Europe/Pra gue, Europe/Cope nhagen,

Europe/Pari

Europe/Bud s, Europe/Gibralta r, apest, Europe/Ro me,

Europe/Vad

Europe/Malt

Europe/Ams uz, Europe/Luxembou rg, a, Europe/Mona co, terdam, Europe/Oslo,

Europe/War

Europe/Mad saw, Europe/Belg rade, rid, Africa/Ceuta,

Europe/Stockholm, Europe/Vatican,

Europe/San _Marino, Arctic/L ongyearbyen ,

Atlantic/Jan_Mayen, Europe/Ljubljana,

Europe/Sarajevo, Europe/Skopje,

Europe/Zagreb, Europe/Bratislava, Poland

Asia/Nicosia, EET, Europe/Minsk,

Europe/Sofia, Europe/Athens,

Europe/Vilnius, Europe/Chisinau,

Europe/Istanbul, Europe/Kiev,

Europe/Uzhgorod, Europe/Zaporozhye,

Europe/Nicosia, Asia/Istanbul,

Europe/Tiraspol, Turkey

Europe/Belfast, GB, GB-Eire

WET, Atlantic/Faeroe, Atlantic/Madeira,

Atlantic/Canary

EUT-3EUTDST Asia/Tbilisi

EUT-4EUTDST Europe/Samara

EUT-8EUTDST Asia/Ulaanbaatar

Russian Federation

RFT-2RFTDST Europe/Kaliningrad

RFT-3RFTDST Europe/Moscow

RFT-4RFTDST Asia/Yerevan, Asia/Baku, Asia/Oral,

Asia/Ashkhabad

User’s Manual 155

Black Box Hardened Managed Ethernet Switch

Asia/Yekaterinburg

Asia/Ulan_Bator

RFT-10RFTDST Asia/Vladivostok

RFT-12RFTDST Asia/Kamch Asia/Anad yr

North America

PST8PDT, U S/Pacific, Syst emV/PST8PDT

MST7

America/Cambridge_Bay,

America/Shi prock, MST7MDT, Navajo,

US/Mountai n, Syste mV/MST7MDT

America/Phoenix, MST, US/Arizona,

SystemV/MST7

CST6CDT America/Chicago,

America/North_Dakota/Center,

America/Menominee, America/Costa_Rica,

America/Managua, CST6CDT, US/Central,

SystemV/CST6CDT

EST5EDT America/New_York,

America/Kentucky/Louisville,

America/Kentucky/Monticello,

America/Detroit, America/Pangnirtung,

America/Louisville, EST5EDT, US/Eastern,

US/Michigan, SystemV/EST5EDT

SystemV/AST4ADT

America/Jamaica,

America/Panama, EST, Jamaica,

SystemV/EST5

YST9YDT Canada/Yukon

America/Yakutat, America/Anchorage,

America/Nome, US/Alaska,

SystemV/YST9YDT, SystemV/PST8

South America & Central America

TTST4 America/Port_of_Spain

SAT3 America/Argentina/Buenos_Aires,

America/Argentina/Cordoba,

America/Argentina/Tucuman,

156 User’s Manual

Black Box Harde ned Man aged Ethernet Swi tch

America/Argentin a/La_Rioja,

America/Argentina/San_Juan,

America/Argentina/Jujuy,

America/Argentina/Catamarca,

America/Arg entina/Me ndoza,

America/Arg entina/Rio_Gall egos,

America/Arg entina/Ushuaia,

America/Arg entina/Comod Rivadavia,

America/Bu enos_Aires, A merica/Cordoba

America/Jujuy, America/Mendoza

,

America/Araguaina, America/Maceio,

America/Bahia, America/Sao_Paulo,

America/Cuiaba, America/Montevideo,

America/Cat amarca, America/R osario,

Brazil/East

WBST4WBDT America/Ca mpo_Grande,

America/Bo a_Vista, America/M anaus,

Atlantic/Stan ley, America/Asun cion,

Brazil/West

ACRE5 America/Rio

Brazil/Acre

_Branco, America/Porto_Acre,

Chile/Continental

Asia

Asia/Chongqing, Asia/Urumqi,

Asia/Kashgar, Asia/Hong_Kong,

Asia/Macau, Asia/Macao, Hongkong, PRC,

ROC

Oceania

Australia/Broken_Hill,

Australia/South, Australia/Yancowinna

Australia/Currie, Australia/Melbourne,

Australia/Sydney, Australia/ACT,

Australia/Canberra, Australia/NSW,

Australia/Queensland, Australia/Tasmania,

Australia/Victoria

TST-10TDT Australia/Hobart

Antarctica/South_Pole, NZ

Africa

User’s Manual 157

Black Box Hardened Managed Ethernet Switch

Africa/Mbabane

UAEST-4 Asia/Dubai

IST-3IDT Asia/Baghdad

JST-2JDT Asia/Amman

SST-2SDT Asia/Damascus

Universal

Africa/Banjul, Africa/Accra, Africa/Conakry ,

Africa/Bissa u, Africa /Monrovia,

Africa/Bamako, Africa/Nouakchott,

Africa/Casablanca, Africa/El_Aaiun,

Atlantic/St_Helena, Africa/Sao_Tome,

Africa/Dakar, Africa/Freetown, Africa/Lome ,

America/Da nmarksh avn, Atlantic/Reykjavi

Etc/GMT, Etc/UTC, Etc/UCT, GMT, k,

Etc/Univers al, Etc/Z ulu, Etc/Greenwich,

Etc/GMT-0, Etc/ GM T+0, Etc/GMT0,

Africa/Timbu ktu, GMT +0, GMT-0, GMT0,

Greenwich, Iceland, UCT, UTC, Universal

Zulu

,

America/Cayenne, America/Paramaribo,

Etc/GMT+3

America/Barbados, America/Dominica,

America/Grenada, America/Guadeloupe,

America/Martinique, America/Montserrat,

America/Puerto_Rico, America/St_Kitts,

America/St_Lucia, America/St_Vincent,

America/Tortola, America/St_Thomas,

America/Aruba, America/La_Paz,

America/Porto_Velho, America/Curacao,

America/Caracas, America/Guyana,

Etc/GMT+4, America/Virgin,

SystemV/AST4

America/Lima, Etc/GMT+5

America/Tegucigalpa, Pacific/Galapagos,

Etc/GMT+6

UCT7 Etc/GMT+7

UCT8 Etc/GMT+8

SystemV/YST9

Pacific/Fakaofo, Pacific/Johnston,

158 User’s Manual

Black Box Harde ned Ma naged Ethernet Swi tch

Pacific/Honolulu, Etc/GMT+10, HST,

US/Hawaii, SystemV/HST10

Pacific/Apia, Pacific/Midway, Etc/GMT+11

Pacific/Samoa, US/Samoa

,

Africa/Luanda,

Africa/Porto-Novo, Africa/Douala,

Africa/Bangui, Africa/Ndjamena,

Africa/Kinsh asa, Africa/Br azzaville,

Africa/Malabo, Africa/Libreville,

Africa/Windhoek, Africa/Niamey,

Africa/Lagos, Etc/GMT-1

UCT-2 Africa/Gabor Afr ica/Bujumbura,

Africa/Lubumbashi, Africa/Tripoli,

Africa/Blantyre, Africa/Maputo, Africa/Kiga

Africa/Lusaka, Africa/Harare, Etc/GMT-2,

Libya li,

UCT-3 Indian/Comor ca/Djibouti,

Africa/Asmera, Africa/Addis_Ababa,

Africa/Nairo bi, Indian/ A ntananarivo,

Indian/Mayo tte, Africa/Mogadishu,

Africa/Khartoum, Africa/Dar_es_Salaam,

Africa/Kampala, Antarctica/Syowa,

Asia/Bahrain, Asia/Kuwait, Asia/Qatar,

Asia/Riyadh, Asia/Aden, Etc/GMT-3

Indian/Mahe, Asia/Muscat, Etc/GMT-4

Asia/Karachi, Asia/Dushanbe,

Asia/Ashgabat, Asia/Samarkand,

Asia/Tashkent, Etc/GMT-5

UCT-5:45 Asia/Katmandu

Antarctica/Vostok,

Asia/Dhaka, Asia/Thimphu, Indian/Chagos,

Asia/Colombo, Etc/GMT-6, Asia/Dacca,

Asia/Thimbu

Asia/Jakarta, Asia/Pontianak,

Asia/Vientiane, Asia/Bangkok, Asia/Saigon,

Indian/Christmas, Etc/GMT-7

Asia/Makassar, Asia/Manila,

Asia/Singapore, Etc/GMT-8,

Asia/Ujung_Pandang, Singapore

Etc/GMT-9

User’s Manual 159

Black Box Hardened Managed Ethernet Switch

Pacific/Saip an, Pacific/Truk,

Pacific/Noumea, Pacific/Port_Moresby,

Etc/GMT-10 , Pacific/Yap

Pacific/Gua dalcanal, Etc/GMT-11

UCT-11:30 Pacific/Norfolk

Pacific/Enderbury, Pacific/Majuro,

Pacific/Kwajalein , Pacific/Nauru,

Pacific/Tong atapu, Pacific/Fu nafuti,

Pacific/Wake, Pacific/Efate, Pacific/Wallis,

Etc/GMT-12 , Kwajalein

UCT-13 Etc/GMT-13

UCT-4:30 Asia/Kabul l_Aviv ,

Israel

CST6MEX America/Ca America/M erida,

America/Monterrey, America/Mexico_City,

America/Lima, Mexico/General

Canada/East-Saskatchewan,

Canada/Saskatchewan, SystemV/CST6

EET-2EETDST2 Europe/Bucharest

Europe/Helsinki,

Europe/Riga, Europe/Mariehamn

EET-2EETDST2W2K Europe/Istanbul

UCT9:30 Pacific/Marquesas

UCT12 Etc/GMT+12

North America (Canada)

PST8PDT_CA America/Vancouver,

America/Dawson_Creek,

America/Whitehorse, America/Dawson,

Canada/Pacific

America/Yellowknife,

America/Inuvik, Canada/Mountain

America/Rankin_Inlet, Canada/Central

America/Thunder_Bay, America/Nipigon,

America/Iqaluit, Canada/Eastern

America/Halifax,

America/Glace_Bay, Canada/Atlantic

North America (Cuba)

160 User’s Manual

Black Box Hardened Managed Ethernet Switch

North America (Haiti)

America/Santo_Domingo,

America/Port-au-Prince, America/Bogota

North America (Mexico)

America/Ensenada,

Mexico/BajaNorte

America/Mazatlan, Mexico/BajaSur

CST6CDT_MX America/Guatemala

North America (Turks and Caicos)

EST5EDT_TC America/Grand_Turk

Additions Since 10g RTM

EST5EDT_INDIANA America/Indiana/Indianapolis,

America/Indiana/Marengo,

America/Indiana/Vevay,

America/Fort_Wayne,

America/Indianapolis,

America/Indiana/Knox, America/Knox_IN,

US/Indiana-Starke, US/East-Indiana

User’s Manual 161

advertisement

Related manuals

Download PDF

advertisement

Table of contents