Section I. Allied Telesyn International Corp AT-8516F/SC

Section I

Basic Operations

The chapters in this section cover a variety of basic switch features and functions. The chapters include:

❑ Chapter 2: Starting a Local or Telnet Management Session on page 36

❑ Chapter 3: Enhanced Stacking on page 44

❑ Chapter 4: Basic Switch Parameters on page 52

❑ Chapter 5: SNMPv1 and SNMPv2c Configuration on page 80

❑ Chapter 6: Port Parameters on page 93

❑ Chapter 7: MAC Address Table on page 108

❑ Chapter 8: Static and LACP Port Trunks on page 120

❑ Chapter 9: Port Mirroring on page 150

❑ Chapter 10: Ethernet Statistics on page 155

35

Chapter 2

Starting a Local or Telnet

Management Session

This chapter contains the procedure for starting a local or Telnet management session on an AT-8500 Series switch. The sections in the chapter are:

❑ Local Management Session on page 37

❑ Telnet Management Session on page 41

❑ Saving Your Parameter Changes on page 43

36

AT-S62 Menus Interface User’s Guide

Local Management Session

To establish a local management session, you connect a terminal or PC with a terminal emulator program to the RS-232 terminal port on the switch. The RS232 Terminal Port is located on the front panel of the

AT-8516F/SC, AT-8524M, and AT-8524POEswitches and the back panel of the AT-8550GB and AT-8550SP switches.

A local management session is so named because you must be close to the switch, usually within a few meters, to start this type of management session. This means you must be in the wiring closet where the switch is located.

A switch does not need an IP address to be managed from a local management session. A local management session will not interfere with the switch’s forwarding of packets.

Starting a local management session on a switch configured as a Master switch allows you to manage all the switches in the same enhanced stack. This relieves you of having to start a separate local management session for each switch, simplifying network management.

Starting a local management session on a switch that is not part of an enhanced stack or that is a slave switch allows you to manage just that switch.

Note

For information on enhanced stacking, refer to Enhanced Stacking

Overview on page 45.

Section I: Basic Operations 37

Chapter 2: Starting a Local or Telnet Management Session

Starting a Local

Management

Session

To start a local management session, perform the following procedure:

1. Connect one end of the straight-through RS232 management cable to the RS232 Terminal Port on the front panel of the switch.

MODE

AT-8524M

Fast Ethernet Switch

COL

100

FULL

ACT

STATUS

FAULT

MASTER

RPS

PWR

Section I: Basic Operations

Figure 1 Connecting a Terminal or PC to the RS232 Terminal Port

2. Connect the other end of the cable to an RS-232 port on a terminal or

PC with a terminal emulator program.

3. Configure the terminal or terminal emulator program as follows:

❑ Baud rate: 9600 bps

❑ Data bits: 8

❑ Parity None

❑ Stop bits: 1

❑ Flow control: None

Note

The port settings are for a DEC VT100 or ANSI terminal, or an equivalent terminal emulator program.

Note

During boot up, the switch displays the following prompt: Press

<CTRL>B to go to Boot Prompt . This message is intended for manufacturing purposes only. (If you inadvertently display the boot prompt (=>), type boot and press Return to start the switch.)

38



4. When prompted, enter a username and password.

To configure the switch settings, enter “manager” as the user name. The default password for manager access is “friend”. To just view the settings, enter “operator” as the user name. The default password for operator access is “operator”. Usernames and passwords are case-sensitive. For information on the two access

levels, refer to Management Access Levels on page 34. (For

instructions on how to change a password, refer to Configuring the Manager and Operator Passwords on page 62.)

After logging on, you will see the window in Figure 2. This is the

command prompt interface. You will see either a “#” symbol if you logged on as a manager or a “$” symbol if you logged on as an operator.

#

Allied Telesyn Ethernet Switch AT-8524M - AT-S62

<No System Name>

Figure 2 Command Prompt

For instructions on how to use the command line interface, refer to the AT-S62 Command Line User’s Guide, which is available from the Allied Telesyn web site.

5. To use the menu interface, type menu at the command prompt.

The Main Menu is shown in Figure 3.


<No System Name>

User: Manager 11:20:02 02-Jan-2004

Main Menu

1 - Port Configuration

2 - VLAN Configuration

3 - Spanning Tree Configuration

4 - MAC Address Tables

5 - System Administration

6 - Advanced Configuration

7 - Security and Services

8 - Enhanced Stacking

C - Command Line Interface

Q - Quit

Enter your selection?

Figure 3 Main Menu

39


To select a menu item, type the corresponding letter or number.

Pressing the Esc key or typing the letter R in a submenu, returns you to the previous menu.

Enhanced

Stacking

When you start a local management session on a switch configured as a

Master switch, you can manage all the switches in the enhanced stack from the same management session. This saves you the time and trouble of having to start a separate local management session each time you want to manage a switch in your network. It also saves you from having to go to the different wiring closets where the switches are located.

For information on enhanced stacking and how to manage different

switches from the same management session, refer to Chapter 3,

Enhanced Stacking on page 44.

Quitting a Local

Session

To quit a local session, return to the Main Menu and type Q for Quit.

You should always exit from a management session when you are finished managing a switch. This can prevent unauthorized individuals from making changes to a switch’s configuration should you leave your management station unattended.

Note

You cannot run both a local management session and a Telnet management session on the same switch simultaneously. Failure to properly exit from a local or Telnet management session may block future management sessions.



Telnet Management Session

You can use the Telnet application protocol from a workstation on your network to manage an AT-8500 Series switch. This type of management is referred to as remote management because you do not have to be physically close to the switch to start the session, such as with a local management session. Any workstation on your network that has the application protocol can be used to manage the unit.

In terms of functionally, there are almost no differences between managing a switch locally through the RS232 Terminal Port and remotely with the Telnet application protocol. You see the same menu selections and have nearly the same management capabilities.

To manage a switch using Telnet, it must have an IP address or be part of an enhanced stack.

Note

For background information on enhanced stacking, refer to

Enhanced Stacking Overview on page 45.

Starting a Telnet

Management

Session

To start a Telnet management session, specify the IP address of the

Master switch of the enhanced stack in the Telnet application protocol and enter a user name and password when prompted.

To configure a switch’s settings, enter “manager” as the user name. The default password for manager access is “friend”. To just view the settings, enter “operator” as the username. The default password for operator access is “operator”. User names and passwords are case-

sensitive. For information on the two access levels, refer to Management

Access Levels on page 34.

The management software displays the command line prompt shown in

Figure 2 on page 39. For instructions on how to use the command line

interface, refer to the AT-S62 Command Line User’s Guide, available from the Allied Telesyn web site.

To use the menu interface instead, type menu and press Return. The

Main Menu of a Telnet management session is the same menu for a local

management session, shown in Figure 3 on page 39. You can perform

nearly all the same functions from a Telnet management session as you can from a local management session.

The menus also function the same. To make a selection, type its corresponding number of letter. To return to a previous menu, type R or press ESC.



Note

You can run only one Telnet management session on a switch at a time. Additionally, you cannot run both a Telnet management session and a local management session on the same switch at the same time.

Quitting a Telnet

Management

Session

To end a Telnet management session, return to the Main Menu and type

Q for Quit.



Saving Your Parameter Changes

When you make a change to a switch parameter, the change is, in most cases, immediately activated on the switch as soon as you enter it.

However, most parameter changes are initially saved only to temporary memory in the switch and will be lost the next time you reset or power cycle the unit. To permanently save your changes, you must select the S -

Save Configuration Changes option from the Main Menu. You should select that menu option whenever you have made a change to a switch parameter that you want the switch to retain even when it is reset or power cycled. If you do not see the option in the Main Menu, there are no parameter changes to be saved.


Chapter 3

Enhanced Stacking

This chapter explains the enhanced stacking feature. The sections in this chapter include:

❑ Enhanced Stacking Overview on page 45

❑ Setting a Switch’s Enhanced Stacking Status on page 48

❑ Selecting a Switch in an Enhanced Stack on page 50



Enhanced Stacking Overview

The enhanced stacking feature can make it easier for you to manage the

AT-8500 Series switches in your network. It offers the following benefits:

❑ You can manage up to 24 switches from one local or remote management session. This eliminates the need of having to initiate a separate management session with each switch in your network.

❑ The switches can share the same IP address. This reduces the number of IP addresses you have to assign to your network devices for remote management.

❑ Remotely managing a new switch in your network is simplified.

You simply connect it to your network. Once connected to the network, you can begin to manage it immediately from any workstation in your network.

Guidelines

There are a few guidelines to keep in mind when implementing enhanced stacking for your network:

❑ An enhanced stack cannot span subnets.

❑ All of the switches in an enhanced stack must use the same management VLAN. For information about Management VLANs,

refer to Specifying a Management VLAN on page 546.

❑ You can create multiple enhanced stacks within a subnet by assigning the switches to different Management VLANs.

❑ An enhanced stack must have at least one master switch.

❑ The master switch can be any switch that supports enhanced stacking, such as an AT-8000 Series switch, an AT-8400 Series switch, or an AT-8500 Series switch.

❑ You should assign the master switch an IP address and subnet mask.

Note

No IP address is required if you intend to manage an enhanced stack solely through the RS232 Terminal Port on a master switch.

However, remote management of a stack using Telnet, a web browser, or an SNMP application does require assigning a master switch an IP address and subnet mask.

❑ You must set a master switch’s stacking status to Master. For

instructions, refer to Setting a Switch’s Enhanced Stacking Status on page 48.


Chapter 3: Enhanced Stacking


❑ The enhanced stacking feature uses the IP address 172.16.16.16.

Do not assign this address to any device if you intend to use the enhanced stacking feature.

There are three basic steps to implementing this feature on your network:

1. You must select a switch to function as the master switch of the enhanced stack.

The master switch can be any switch that supports enhanced stacking, such as an AT-8000 Series switch, an AT-8400 Series switch, or an AT-8500 Series switch. For networks that consist of more than one subnet, there must be at least one master switch in each subnet.

It is recommended that each enhanced stack have two master switches, each assigned a unique IP address. That way, should you remove one of the master switches from the network, such as for maintenance, you all still be able to remotely manage the switches in the stack using the other master switch.

2. You should assign each master switch a unique IP address and a subnet mask.

A master switch should have a unique IP address and a subnet mask. The other switches in an enhanced stack, referred to as slave switches, do not need an IP address. If an enhanced stack will have more than one master switch, you should assign each master switch a unique IP address.

You can set the IP address manually or activate the BOOTP and

DHCP services on a master switch and have the master switch obtain its IP information from a BOOTP or DHCP server on your network. Initially assigning an IP address or activating the BOOTP and DHCP services can only be performed through a local management session.

For instructions on how to set the IP address manually, refer to

Configuring an IP Address and Switch Name on page 55. For

instructions on activating the BOOTP and DHCP services, refer to

Activating the BOOTP or DHCP Client Software on page 59.

Note

No IP address is required if you intend to manage an enhanced stack solely through the RS232 Terminal Port on a master switch.

However, remote management of a stack using Telnet, a web browser, or an SNMP application does require assigning a master switch an IP address and subnet mask.

46

Master 1

IP Address

149.32.11.22

Master 2

IP Address

149.32.11.16


3. Change the enhanced stacking status of the master switch to Master.

This is explained in Setting a Switch’s Enhanced Stacking Status on page 48.

Figure 4 is an example of the enhanced stacking feature.

Subnet A

Router

PWR

MASTER

RS-232 TERMINAL PORT

Subnet B

Master 1

IP Address

149.32.09.18

Master 2

IP Address

149.32.09.24

Figure 4 Enhanced Stacking Example

The example consists of a network of two subnets interconnected with a router. Two AT-8524M switches in each subnet have been selected as the master switches of their respective subnets, and each has been assigned a unique IP address.

To manage the switches of a subnet, you can start a local management session or a remote Telnet management session on one of the master switches in the subnet. You would then have management access to all enhanced stacking switches in the same subnet.



Setting a Switch’s Enhanced Stacking Status

The enhanced stacking status of the switch can be master switch, slave switch, or unavailable. Each status is described below:

❑ Master switch - A master switch of a stack can be used to manage all the other switches in a subnet. Once you establish a local or remote management session with the Master switch, you can access and manage all the switches in the stack.

A master switch should have a unique IP address. You can manually assign a master switch an IP address or activate the

BOOTP and DHCP client software on the switch.

❑ Slave switch - A slave switch can be remotely managed through a master switch. It does not need an IP address or subnet mask. This is the default setting.

❑ Unavailable - A switch with an unavailable stacking status cannot be remotely managed through a master switch. A switch with this designation can be managed locally. To be managed remotely, a switch with an unavailable stacking status must be assigned a unique IP address.

Note

You cannot change the stacking status of a switch through enhanced stacking. If a switch does not have an IP address or subnet mask, such as a slave switch, you must use a local management session to set stacking status. If the switch has an IP address and subnet mask, such as a master switch, you can use either a local or a

Telnet management session.

To adjust a switch’s enhanced stacking status, perform the following procedure:

1. From the Main Menu, type 8 to select Enhanced Stacking.




The Enhanced Stacking menu is shown in Figure 5.


Production Switch


Enhanced Stacking

1 - Switch State-(M)aster/(S)lave/(U)navailable.... Master

2 - Stacking Services

R - Return to Previous Menu


Figure 5 Enhanced Stacking Menu

The menu displays the current status of the switch at the end of selection “1 - Switch State.” For example, the switch’s current status in the figure above is Master.

Note

The “2 - Stacking Services” selection in the menu is displayed only on master switches.

2. To change a switch’s stacking status, type 1 to select Switch State.

The following prompt is displayed.

Enter new setup (M/S/U) ->

3. Type M to change the switch to a master switch, S to make it a slave switch, or U to make the switch unavailable. Press Return.

A change to the status is immediately activated on the switch.

4. After making changes, type R until you return to the Main Menu. Then type S to select Save Configuration Changes.

49


Selecting a Switch in an Enhanced Stack

Before you perform a procedure on a switch in an enhanced stack, you should first check to be sure that you are performing it on the correct switch. If you assigned system names to your switches, this should be easy. The name of the switch being managed is always displayed at the top of every management menu.

When you start a local or remote management session on the Master switch of an enhanced stack, you are by default addressing that particular switch. The management tasks that you perform affect only the master switch.

To manage a slave switch or another Master switch in the stack, you need to select it from the management software.

To select a switch to manage in an enhanced stack, perform the following procedure:

1. From the Main Menu, type 8 to select Enhanced Stacking.

2. From the Enhanced Stacking menu, type 2 to select Stacking Services.

Note

The Stacking Services selection is only available on a Master switch.

The Stacking Services menu is shown in Figure 6.


Production Switch


Stacking Services

Switch Software Switch

Num MAC Address Name Mode Version Model

-------------------------------------------------------------

1 - Get/Refresh List of Switches

2 - Sort Switches in New Order

3 - Access Switch

4 - Load Image/Bootloader File

5 - Load Configuration File



Figure 6 Stacking Services Menu



3. Type 1 to select Get/Refresh List of Switches.

The Master switch polls the subnet for all slave and Master switches that are a part of the enhanced stack and displays a list of the switches in the Stacking Services menu.

The Master switch on which you started the management session is not included in the list, nor are any switches with an enhanced stacking status of Unavailable.

By default, the switches are sorted in the menu by MAC address.

You can sort the switches by name using the selection 2 - Sort

Switches in New Order.

Note

Menu option “4 - Download Image/Bootloader” downloads the

AT-S62 image from a Master switch to another AT-8500 Series

switch in the subnet. The option is explained in Uploading an

AT-S62 Image File Switch to Switch on page 183. Option “5 -

Download Configuration” allows you to download a configuration file from a Master switch to another AT8524M switch in the subnet.

This option is explained in Uploading an AT-S62 Configuration File

Switch to Switch on page 185.

4. To manage a new switch, type 3 to select Access Switch.

A prompt similar to the following is displayed:

Enter the switch number -> [1 to 24}

5. Type the number of the switch in the list you want to manage.

6. Enter the appropriate username and password for the switch.

The Main Menu of the selected switch is displayed. You now can manage the switch. Any management tasks you perform affect only the selected switch.

Returning to the

Master Switch

When you have finished managing a slave switch, return to the Main

Menu of the slave switch and type Q for Quit. This returns you to the

Stacking Services menu. Once you see that menu, you are again addressing the Master switch from which you started the management session.

You can either select another switch in the list to manage or, if you want to manage the Master switch, return to the master switch’s Main Menu by typing R twice.


Chapter 4

Basic Switch Parameters


This chapter contains a variety of information and procedures. There is a discussion on when to assign an IP address to a switch and the different ways to do it. There are also procedures for resetting the switch, activating the switch default settings, and more.

Sections in the chapter include:

❑ When Does a Switch Need an IP Address? on page 53

❑ Configuring an IP Address and Switch Name on page 55

❑ Activating the BOOTP or DHCP Client Software on page 59

❑ Rebooting a Switch on page 61

❑ Configuring the Manager and Operator Passwords on page 62

❑ Setting the System Time on page 65

❑ Configuring the Console Startup Mode on page 69

❑ Configuring the Console Timer on page 70

❑ Enabling or Disabling the Telnet Server on page 71

❑ Setting the Baud Rate of the RS-232 Terminal Port on page 72

❑ Pinging a Remote System on page 73

❑ Returning the AT-S62 Software to the Factory Default Values on page 74

❑ Viewing System Hardware and Software Information on page 77

❑ Setting the Switch’s Temperature Threshold on page 79

52


When Does a Switch Need an IP Address?

One of the tasks to building or expanding a network is deciding which managed switches need to be assigned unique IP addresses. The rule used to be that a managed switch needed an IP address if you wanted to manage it remotely, such as with the Telnet application protocol.

However, if a network contained a lot of managed switches, having to assign each one an IP address was often cumbersome and time consuming. It was also often difficult keeping track of all the IP addresses.

The enhanced stacking feature of the AT-8000 Series, AT-8400 Series, and AT-8500 Series switches simplifies all this. With enhanced stacking, you only need to assign an IP address to one switch in each subnet in your network. The switch with the IP address is referred to as the Master switch of the enhanced stack. All switches in the same subnet share the

IP address.

Starting a local or remote management session on the Master switch automatically gives you complete management access to all the other enhanced stacking switches in the same enhanced stack.

This feature has two primary benefits. First, it helps reduce the number of IP addresses you have to assign to your network devices. Second, it allows you to configure multiple switches through the same local or remote management session.

If your network consists of multiple subnets, you must assign a unique IP address to at least one switch in each subnet. The switch with the IP address will be the Master switch of that subnet.

When you assign a switch an IP address, you must also assign it a subnet mask. The switch uses the subnet mask to determine which portion of an

IP address represents the network address and which the node address.

You must also assign the switch a gateway address if there is a router between the switch and the remote management workstation. This gateway address is the IP address of the router through which the switch and management station will communicate.

Note

For further information on enhanced stacking, refer to Enhanced

Stacking Overview on page 45.


Chapter 4: Basic Switch Parameters

How Do You

Assign an IP

Address?

After you have decided which, if any, switches on your network need an

IP address, you must access the AT-S62 software on the switches and assign the addresses. There are two ways in which a switch can obtain an

IP address.

The first method is for you to assign the IP configuration information

manually. The procedure for this is explained in Configuring an IP

Address and Switch Name on page 55. Initially assigning an IP address to

a switch can only be done through a local management session.

The second method is for you to activate the BOOTP or DHCP client software on the switch and have the switch automatically download its

IP configuration information from a BOOTP or DHCP server on your

network. This procedure is explained in Activating the BOOTP or DHCP

Client Software on page 59.



Configuring an IP Address and Switch Name

The procedure in this section explains how to manually assign an IP address, subnet mask, and gateway address to the switch from a local or

Telnet management session. (If you want the switch to obtain its IP configuration from a DHCP or BOOTP server on your network, go to the

procedure Activating the BOOTP or DHCP Client Software on page 59.)

This procedure also explains how to assign a name to the switch, along with the name of the administrator responsible for maintaining the unit and the location of the switch.

To manually set a switch’s IP address, perform the following procedure:

1. From the Main Menu, type 5 to select System Administration.

The System Administration menu is shown in Figure 7.


Production Switch


System Administration

1 - System Information

2 - System Configuration

3 - Console (Serial/Telnet) Configuration

4 - Web Server Configuration

5 - SNMP Configuration

6 - Authentication Configuration

7 - Management ACL

8 - Event Log

9 - System Utilities



Figure 7 System Administration Menu



2. From the System Administration menu, type 2 to select System

Configuration.

The System Configuration menu is shown in Figure 8.


Production Switch


System Configuration

1 - BOOTP/DHCP .............. DISABLE

2 - IP Address .............. 0.0.0.0

3 - Subnet Mask ............. 0.0.0.0

4 - Default Gateway ......... 0.0.0.0

5 - System Name ............. Production Switch

6 - Location ................ Bldg. 12 Rm. 201

7 - Administrator ........... Jane Smith

8 - Configure System Time

9 - Configure System Hardware

A - ARP Cache Timeout ....... 400 seconds



Figure 8 System Configuration Menu

3. Adjust the parameters as desired.

Note

A change to any parameter in this menu, including the IP address, subnet mask, or gateway address, is activated immediately on the switch.

The parameters in the System Configuration menu are described below:

1 - BOOTP/DHCP

This selection activates and deactivates the BOOTP and DHCP client software on the switch. For information on this selection,

refer to Activating the BOOTP or DHCP Client Software on page

59.

2 - IP Address

This parameter specifies the IP address of the switch. You must specify an IP address if you want the switch to function as the

Master switch of an enhanced stack or if the switch is not part of an enhanced stack and you want to remotely manage it using a web browser, a Telnet utility, SSH, or an SNMP management program. The IP address must be entered in the format: xxx.xxx.xxx.xxx. The default value is 0.0.0.0. Alternatively, you can



AT-S62 Menus Interface User’s Guide activate the BOOTP or DHCP client software and have the switch obtain its IP configuration from a BOOTP or DHCP server on your

network. For isntructions, refer to Activating the BOOTP or DHCP

Client Software on page 59.

3 - Subnet Mask

This parameter specifies the subnet mask for the switch. You must specify a subnet mask if you assigned an IP address to the switch.

The subnet mask must be entered in the format: xxx.xxx.xxx.xxx.

The default value is 255.255.0.0.

4 - Default Gateway

This parameter specifies the default router’s IP address. This address is required if you intend to remotely manage the switch from a management station that is separated from the switch by a router. The address must be entered in the format: xxx.xxx.xxx.xxx. The default value is 0.0.0.0.

5 - System Name

This parameter specifies a name for the switch (for example, Sales

Ethernet switch). The name is displayed at the top of the AT-S62 management menus and pages. The name can be from 1 to 39 characters. The name can include spaces and special characters, such as exclamation points and asterisks. The default is no name.

This parameter is optional.

Note

Allied Telesyn recommends that you assign each switch a name.

Names can help you identify the various switches in your network and help you avoid performing a configuration procedure on the wrong switch.

6 - Location

This parameter specifies the location of the switch, (for example,

4th Floor - rm 402B). The location can be from 1 to 39 characters.

The location can include spaces and special characters, such as dashes and asterisks. The default is no location. This parameter is optional.

7 - Administrator

This parameter specifies the name of the network administrator responsible for managing the switch. The name can be from 1 to

39 characters. It can include spaces and special characters, such as dashes and asterisks. The default is no name. This parameter is optional.

57


Note

There are two other options on this menu. Option “8 - Configure

System Time” is described in Setting the System Time on page 65.

Option “9 - Configure System Hardware” is described in Setting the

Switch’s Temperature Threshold on page 79.




Activating the BOOTP or DHCP Client Software

The BOOTP and DHCP application protocols were developed to simplify network management. They are used to automatically assign IP configuration information, such as IP addresses and subnet masks, to your network devices.

An AT-8500 Series switch contains the client software for these protocols and can obtain its IP configuration information from a BOOTP or DHCP server on your network. If you activate this feature, the switch seeks its IP address and other IP configuration information from a BOOTP or DHCP server on your network whenever you reset or power ON the device.

Naturally, for this to work there must be a BOOTP or DHCP server residing on your network and you must configure the service by entering in the switch’s MAC address.

BOOTP and DHCP services allow you to specify how the IP address is to be assigned to the switch. The choices are static and dynamic. If you choose static, the server always assigns the same IP address to the switch when the switch is reset or powered ON. This is the preferred configuration. Since the switch is always assign the same IP address, you will always know which IP address to use when you need to remotely manage the device.

If you choose dynamic, the server assigns any unused IP address that it has not already assigned to another device. This means that a switch might have a different IP address each time you reset or power cycle the device, making it difficult for you to remotely manage the unit.

Note

The BOOTP and DHCP client software is disabled by default on the switch.

To activate or deactivate the BOOTP or DHCP client software, perform the following procedure:


The System Administration menu is shown in Figure 7 on page 55.


Configuration.

The System Configuration menu is shown in Figure 8 on page 56.

3. From the System Configuration menu, type 1 to select BOOTP/DHCP.



The following prompt is displayed:

DHCP/BOOTP/DISABLE (1-DHCP, 2-BOOTP, 3-DISABLE) :

4. Type 1 to activate DHCP, 2 to activate BOOTP, or 3 to disable both application protocols. The default is disabled.

Note

If you activate the BOOTP or DHCP client software, the switch immediately begins to query the network for the corresponding server. The switch continues to query the network for its IP configuration until it receives a response.

Any static IP address, subnet mask, or gateway address manually assigned to the switch is deleted from the System Configuration menu and replaced with the value the switch receives from the

BOOTP or DHCP server. If you later disable BOOTP or DHCP, these values are returned to their default settings.




Rebooting a Switch

This procedure reboots the switch.

Note

Any configuration changes not save will be lost once the switch reboots. To save your configuration changes, return to the Main

Menu and type S to select Save Configuration Changes.

To reboot the switch, perform the following procedure:




Utilities. The System Utilities menu is shown in Figure 9.


Production Switch


System Utilities

1 - File Operations

2 - Downloads and Uploads

3 - Ping a remote system

4 - Reset to Factory Defaults

5 - Reboot the switch

6 - Networking Stack



Figure 9 System Utilities Menu

3. From the System Utilities menu, type 5 to select Reboot the switch.


The switch is about to reboot. Do you want to proceed? [Yes/No] ->

4. Type Y to reboot the switch or N to cancel the procedure.

Caution

The switch will not forward traffic while it initializes its management software and reloads the active boot configuration file. This process can take several minutes to complete. Some packet traffic may be lost. Once the switch is finished rebooting, you can reestablish your management session if you want to continue managing the unit.



Configuring the Manager and Operator Passwords

There are two levels of management access on an AT-8500 Series switch: manager and operator. When you log in as manager, you can view and configure all of a switch’s operating parameters. When you log in as an operator, you can only view the operating parameters; you cannot change any values.

You log in as a manager or an operator by entering the appropriate username and password when you start an AT-S62 management session. The default password for manager access is “friend”. The default password for operator access is “operator”. Passwords are case-sensitive.

Changing the

Manager or

Operator

Password

To change the manager or operator password, perform the following procedure:



2. From the System Administration menu, type 6 to select

Authentication Configuration.

3. From the Authentication Configuration menu, type 5 to select

Passwords Configuration.

The Passwords Configuration menu is shown in Figure 10.


Production Switch


Passwords Configuration

1 - Set Manager Password

2 - Set Operator Password



Figure 10 Passwords Configuration Menu

4. Type 1 to change the Manager password or type 2 to change the

Operator password.

5. When prompted, enter the current manager password. (This step does not apply for the operator password.)

6. When prompted, enter the new manager or operator password. The new password will be case-sensitive.


7. When prompted, re-enter the new password.


Note

A password can be from 0 to 16 alphanumeric characters. Passwords are case-sensitive. You should not use spaces or special characters, such as asterisks (*) or exclamation points (!), in a password if you will be managing the switch from a web browser. Many web browsers cannot handle special characters in passwords.

Resetting the

Manager

Password

This procedure explains how to reset the manager password if you lost or forgot it.

Caution

This procedure gives any person with physical access to the switch the ability to access its management software without having to provide a username and password. For this reason, all AT-8500

Series switches should be maintained in a locked wiring closet or other secure location to prevent unauthorized management access.

Note the following about this feature:

❑ This procedure requires resetting the switch. Some network traffic may be lost.

❑ This procedure is only available through a local management session.

❑ If the AT-S62 management software detects another active management session when you perform this procedure, a message is displayed for the other user stating that the user will be logged off. Thus, this type of session takes precedence over any other user’s management session.

To reset the manager password on a switch, perform the following procedure:

1. Establish a local management session with the switch.

2. Reboot the switch. For instructions, refer to Rebooting a Switch on page 61.

3. When the switch displays “Press <Ctrl> B to go to Boot prompt,” type

S or s.

The switch continues its normal boot up and initialization process.

Once complete, the management software automatically logs you in with manager access and displays the command line prompt. You are not prompted for a login username or password.



4. Type menu to display the Main Menu.

5. Follow the procedure in Changing the Manager or Operator

Password on page 62 to reset the manager password.

This completes the procedure for resetting the manager password. You can continue to manage the switch or you can quit from the management session.



Setting the System Time

This procedure explains how to set the switch’s date and time. Setting this information is a good idea if you plan to monitor the switch by viewing the events in the event log or having the events sent to a syslog server. This is also important if the management software will be sending traps to your management workstation. Events and traps contain the date and time of when they occurred. Without them, it will be difficult for you to determine when they transpired. The current date and time are also important if you intend to use the Secure Sockets Layer

(SSL) certificate feature described in Chapter 33, Public Key

Infrastructure Certificates on page 654, because certificates must

contain the date and time of when they were created.

There are two ways to set the switch’s date and time. One method is to set it manually. The drawback to this approach is that the switch loses the information whenever it is reset or power cycled. This means that you must reset the values whenever you reset the device.

The second method uses the Simple Network Time Protocol (SNTP). The

AT-S62 management software comes with the client version of this protocol. You can configure the AT-S62 software to obtain the current date and time from an SNTP or Network Time Protocol (NTP) server located on your network or the Internet.

SNTP is a reduced version of the NTP. However, the SNTP client software in the AT-S62 management software is interoperable with NTP servers.

Note

The default system time on the switch is midnight, January 1, 1980.

To set the system time manually or to configure SNTP, do the following:




Configuration.

The System Configuration menu is shown in Figure 8 on page 56.

3. From the System Configuration menu, type 8 to select Configure

System Time.



The Configure System Time menu is shown in Figure 11.


Production Switch


Configure System Time

1 - System Time ................... 00:04:22 on 01-Jan-1980

2 - SNTP Status ................... Disabled

3 - SNTP Server ................... 0.0.0.0

4 - UTC Offset .................... +0

5 - Daylight Savings Time (DST) ... Enabled

6 - Poll Interval ................. 600 seconds

7 - Last Delta .................... +0 seconds

U - Update System Time



Figure 11 Configure System Time Menu

4. To set the system time manually, do the following: a. Type 1 to select System Time

The following prompt appears:

Enter new system time [hh:mm:ss] -> b. Enter a new time for the system in the following format: hours, minutes, and seconds all separated by colons.


Enter new system date [dd-mm-yyyy] -> c. Enter a new date for the system. Use two numbers to specify the day and month. Use four numbers to specify the year. Separate the values with hyphens. For example, December 5, 2003 is specified 05-12-2003.

The new time and date are immediately activated on the switch.

5. To configure the switch to obtain its date and time from an SNTP or

NTP server on your network or the Internet, do the following: a. Type 3 to select SNTP Server to enter the IP address of an SNTP server.




Note

If the switch is obtaining its IP address and subnet mask from a

DHCP sever, you can configure the DHCP server to provide the switch with an IP address of an NTP or SNTP server. If you configured the DHCP server to provide this address, then you do not need to enter it here, and you can skip ahead to Step C.


Enter SNTP server IP address -> b. Enter an IP address of an SNTP or NTP server.

c. Type 4 to select UTC Offset to specify the difference between the

UTC and local time.

Note

If the switch is using DHCP, it automatically attempts to determine this value. In this case, you do not need to configure a value for the

UTC Offset parameter.


Enter UTC Offset [-12 to 12] -> 0 d. Enter a UTC Offset time.

The default is 0 hours. The range is -12 to +12 hours.

e. Type 5 to select Daylight Savings Time (DST) to enable or disable the switch’s ability to adjust its system time to daylight savings time. The following prompt is displayed:

Adjust for Daylight Savings Time (E - Enabled,

D - Disabled) -> f. Select one of the following:

E - Enabled to allow the switch to adjust system time to daylight savings time. This is the default value.

D - Disabled to not allow the switch to adjust system time to daylight savings time.

Note

The switch does not set DST automatically. If the switch is in a locale that uses DST, you must remember to enable this in April when DST begins and disable it in October when DST ends. If the switch is in a locale that does not use DST, this option should be set to disabled all the time.

67

Chapter 4: Basic Switch Parameters g. Type 6 - Poll Interval to specify the time interval between queries to the SNTP server.


Enter interval to poll SNTP server [60 to 1200]

-> 600 h. Enter the number of seconds the switch waits between polling the

SNTP or NTP server. The default is 600 seconds. The range is from

60 to 1200 seconds.

i.

Type 2 to select SNTP Status to enable or disable the SNTP client.


SNTP Status (E-Enabled, D-Disabled) -> j.

Select one of the following:

E - Enables the SNTP client software on the switch.

D - Disables the SNTP client software

Once enabled, the switch immediately polls the SNTP or NTP server for the current date and time. (The switch will also automatically poll the server whenever a change is made to any of the parameters in this menu, so long as SNTP is enabled.)

The Last Delta option in the menu displays the last adjustment that was applied to system time due to a drift in the system clock between two successive queries to the SNTP server. This is a read only field.

The U - Update System Time selection in the menu allows you to prompt the switch to poll the SNTP or NTP server for the current time and date. You can use this selection to update the time and date immediately rather than wait for the switch’s next polling period. This selection has no effect if you set the date and time manually.




Configuring the Console Startup Mode

You can configure the AT-S62 software to initially display either the Main

Menu or the command line interface prompt when you start a local,

Telnet, or SSH management session. The default is the command line interface.

To change the console startup mode, perform the following procedure:



2. From the System Administration menu, type 3 to select Console

(Serial/Telnet) Configuration.

The Console (Serial/Telnet) Configuration menu is shown in

Figure 12.


Production Switch


Console (Serial/Telnet) Configuration

1 - Console Startup Mode ............ CLI

2 - Console Disconnect Interval ..... 10 minute(s)

3 - Console Baud Rate ............... 9600

4 - Telnet Server ................... Enabled



Figure 12 Console (Serial/Telnet) Configuration Menu

3. Type 1 to toggle Console Startup Mode between Menu and CLI. When set to Menu, a management session starts by displaying the Main

Menu. When set to CLI, a management session starts with the command line interface prompt. The default is CLI.


A change to the console startup mode takes effect the next time you start a management session.



Configuring the Console Timer

The AT-S62 management software uses the console timer, also referred to as the console disconnect interval, to automatically end inactive local and remote management sessions. The management software automatically ends a local or remote management session if does not detect any activity from the management station after the console timer has expired. For example, specifying two minutes for the console timer would cause the AT-S62 management software to automatically end a management session if it did not detect any activity from the local or remote management station after two minutes.

This security feature prevents unauthorized individuals from using your management station should you step away from your system while configuring a switch. The default for the console timeout value is 10 minutes.

To adjust the console timer, do the following:






Figure 12 on page 69.

3. From the Console (Serial/Telnet) Configuration menu, type 2 to select

Console Disconnect Interval and, when prompted, enter a new console timer value. The range is 1 to 60 minutes. The default is 10 minutes.

A change to the console timer is immediately activated on the switch.




Enabling or Disabling the Telnet Server

This procedure explains how to enable or disable the Telnet server on the switch. You might disable the server to prevent individuals from managing the switch with the Telnet application protocol or if you intend to use the Secure Shell (SSH) protocol.

Note

You cannot disable the Telnet server if there is an active Telnet management session on the switch.

To enable or disable the Telnet server, do the following procedure:







3. Type 4 to toggle Telnet Server between Enabled and Disabled. The default is enabled.

A change to the Telnet server is immediately activated on the switch.

4. After making the change, type R until you return to the Main Menu.

Then type S to select Save Configuration Changes.



Setting the Baud Rate of the RS-232 Terminal Port

The default baud rate of the RS-232 Terminal Port on the switch is 9600 bps. To change the baud rate, do the following:







3. From the Console (Serial/Telnet) Configuration menu, type 3 to select

Console Baud Rate.

The following message is displayed:

Supported baud rates are:

1200, 2400, 4800, 9600, 19200, 38400, 57600, or

115200

Enter new baud rate value --> [1200 to 115200]

4. Type the desired baud rate value and press Return.

The following message is displayed:

Baud rate changed to [baud rate you typed] bps.

Please change your terminal baud rate correspondingly.

Press <Enter> to continue.

Note

If you are running a local management session, be sure to change your terminal’s baud rate.

A change to the baud rate is automatically saved to permanent memory in the switch. You do not need to use the Save

Configuration Changes option in the Main Menu to permanently save this change.



Pinging a Remote System

You can instruct the switch to ping a remote device on your network.

This procedure is useful in determining whether a valid link exists between the switch and another device.

Note

The switch must have an IP address to perform this procedure.

To instruct the switch to ping a network device, perform the following procedure:




Utilities.

The System Utilities menu is shown in Figure 9 on page 61.

3. For the System Utilities menu, type 3 to select Ping a Remote System.


Please enter an IP address ->

4. Enter the IP address of the end node you want the switch to ping.

The results of the ping command are displayed on the screen.

5. To stop the ping, press any key.



Returning the AT-S62 Software to the Factory Default Values

There are two procedures for returning the settings on a switch to the factory default values. The first returns the switch’s settings to the default values, but retains all files in the switch’s file system (i.e., configuration files, SSL certificates, event logs, etc). The second method deletes all the files in the file system, including all configuration files. The

AT-S62 software default values can be found in Appendix A, AT-S62

Default Settings on page 715.

Retaining the

System Files

This procedure returns all operating parameters on the switch back to their default values, but retains the files in the file system. Please note the following before performing this procedure:

❑ A switch’s IP address and subnet mask, if assigned, are deleted.

❑ All port-based and tagged VLANs are deleted.

❑ All files in the AT-S62 file system are retained.

❑ All encryption keys stored in the key database are retained.

❑ The contents of the active boot configuration file is retained. To reset the file back to the default settings, you need to reestablish your management session after the switch reboots at the complemtion of this procedure and select Save Configuration

Changes. Otherwise, the switch will revert back to the previous configuration the next time you reset the unit.

Caution

This procedure results in a switch reset. The switch will not forward traffic while it initializes its operating software, a process that takes approximately 20 seconds to complete. Some network traffic may be lost.

To return the AT-S62 software to the default settings while retaining the files in the file system, perform the following procedure:




Utilities.

The System Utilities menu is shown in Figure 9 on page 61.

3. For the System Utilities menu, type 4 to select Reset to Factory

Defaults.



Deleting the

System Files


This operation requires a switch reboot. Continue?

[Yes/No] ->

4. Type Y for yes or N to cancel the procedure.

If you respond with yes, the following prompt is displayed:

Do you want to reset serial baud rate to 9600 bps?

[Yes/No] ->

5. Typing Y for yes will change the baud rate of the RS232 Terminal Port to its default value of 9600 bps. Typing N leaves the baud rate at its current setting.


NOTE: Please save configuration after reboot in order to make the configuration changes permanent!!!

Waiting for background file operations to complete

.....

Rebooting the Switch .....

Once the reset process is complete, the unit is again operating with its default settings.

6. Reestablish your management session.

7. From the Main Menu, type S to select Save Configuration Changes.

This step returns the active boot configuration file back to the default settings. If you omit this step, the switch will revert back to the prior configuration the next time you reset or power cycle the unit.

This procedure deletes all of the files in the switch’s file system and resets the switch. This process returns the switch’s operating parameters to their default settings.

Note

To return the switch to its default setting without deleting the files

in the file system, perform the procedure Retaining the System Files on page 74.

Please note the following before performing this procedure:

❑ A switch’s IP address and subnet mask, if assigned, are deleted.

❑ All port-based and tagged VLANs are deleted.

❑ All files in the AT-S62 file system are deleted.

❑ All encryption keys stored in the key database are deleted.



❑ The current speed setting of the RS232 console port on the switch is retained.

Caution

This procedure results in a switch reset. The switch will not forward traffic while it initializes its operating software, a process that takes approximately 20 seconds to complete. Some network traffic may be lost.

To delete all files from the file system and return the switch’s operating parameters to the default settings, perform the following procedure:


2. Form the System Administration menu, type 9 to select System

Utilities.

3. For the System Utilities menu, type 1 to select File Operations.

4. From the File Operations menu, type 9 to select Format Flash Drive.


This command will format the flash drive and requires a switch reboot.

Do you want to continue ? [Yes/No] ->

5. Type Y to proceed or N to cancel the procedure.

If you type Y for yes, the switch deletes all of the files in the file system and then resets. Once the system has reinitialized, all switch settings are returned to their default settings.



Viewing System Hardware and Software Information

The procedure in this section displays hardware and software information about the switch. The information includes the switch’s serial number and MAC address, as well as the status of the power supply and fan.

To display this information, perform the following procedure:




Information.

The System Information menu is shown in Figure 13.

User: Manager


Production Switch

11:20:02 02-Jan-2004

System Information

MAC Address ..... 00:30:84:01:00:00

Model Name ...... AT-8524M

Serial Number ... S05525A023600000

IP Address ....... 167.11.11.11

Subnet Mask ...... 255.255.255.0

Gateway .......... 0.0.0.0

System Up Time ... 6D:11H:47M:34S

Bootloader ...... ATS62_LOADER v1.0.0

Build Date ....... Dec 16 2003 15:21:03

Application ..... ATS62 v1.2.0

Build Date ....... Apr 15 2004 17:57:17

System Name ..... Production Switch

Administrator ... John Doe

Location ........ Bldg. 5, Floor 4

H - System Hardware Status

U - Uplink Information



Figure 13 System Information Menu

You cannot change the information in this menu.

3. To display system hardware information, type H to select System

Hardware Status.



The System Hardware Information menu is shown in Figure 14.


Production Switch


System Hardware Status

System 1.8V Power ............... 1.79V

System 2.5V Power ............... 2.53V

System 3.3V Power ............... 3.30V

System 5V Power ................. 5.07V

System Temperature (Celsius) .... 30C

System Fan Speed ................ 4720 RPM

Main Power Supply ............... AC - On

Redundant Power Supply .......... Not Present

U - Update Display



Figure 14 System Hardware Information Menu

You cannot change the information in this menu.



Setting the Switch’s Temperature Threshold

The switch sends an SNMP trap to your management workstation when this adjustable temperature threshold is exceeded. The default threshold is 60

°

Celsius.

To change the temperature threshold for the switch, do the following:



Configuration.

3. From the System Configuration menu, type 9 to select Configure

System Hardware.

The Configure System Hardware menu is shown in Figure 15.


Production Switch


Configure System Hardware

1 - Temperature Threshold (Celsius) .......... 60 C



Figure 15 Configure System Hardware Menu

The menu displays the current temperature threshold for the switch.

4. Type 1 to select Temperature Threshold and, when prompted, enter a new threshold value. The range is 0

° to 60° Celsius.

5. After making the change, type R until you return to the Main Menu.

Then type S to select Save Configuration Changes.


Chapter 5

SNMPv1 and SNMPv2c

Configuration

This chapter explains how to activate SNMP management on the switch and how to create, modify, and delete SNMPv1 and SNMPv2c community strings. Sections in the chapter include:

❑ SNMPv1 and SNMPv2c Overview on page 81

❑ Enabling or Disabling SNMP Management on page 84

❑ Setting the Authentication Failure Trap on page 85

❑ Creating an SNMP Community String on page 86

❑ Modifying a Community String on page 88

❑ Displaying the SNMP Community Strings on page 92

Note

For instructions on SNMPv3, refer to Chapter 22, SNMPv3

Configuration on page 348.

80


SNMPv1 and SNMPv2c Overview

The Simple Network Management Program (SNMP) is another way for you to manage the switch. This type of management involves viewing and changing the management information base (MIB) objects on the device using an SNMP application program.

The AT-S62 management software supports SNMPv1, SNMPv2c, and

SNMPv3. This chapter explains how to configure the switch’s software for SNMPv1 and SNMPv2c. For instructions on how to configure the

switch for SNMPv3, refer to Chapter 22, SNMPv3 Configuration on page

348.

The procedures in this chapter show you how to create and manage

SNMPv1 and SNMPv2c community strings through which your SNMP application program at your management workstation accesses the switch’s MIB objects.

You can also configure SNMPv1 and SNMPv2c with the SNMPv3 Table

menus described in Chapter 22, SNMPv3 Configuration on page 348.

However, because the SNMPv3 Table menus require a much more extensive configuration, Allied Telesyn recommends configuring

SNMPv1 and SNMPv2c with the procedures in this chapter.

To manage a switch using an SNMP application program, you must do the following:

❑ Activate SNMP management on the switch. The default setting for

SNMP management is disabled. The procedure for this can be

found in Enabling or Disabling SNMP Management on page 84.

❑ Load the Allied Telesyn MIBs for the switch onto your management workstation containing the SNMP application program. The MIBs are available from the Allied Telesyn web site at www.alliedtelesyn.com.

To manage a switch using SNMP, you need to know the IP address of the switch or of a master switch and at least one of the switch’s community strings. A community string is a string of alphanumeric characters that gives you access to the switch.

A community string has several attributes that you can use to control who can use the string and what the string will allow a network management to do on the switch. The community string attributes are defined here.


Chapter 5: SNMPv1 and SNMPv2 Community Strings

Community String Name

You must give the community string a name. The name can be from one to eight alphanumeric characters. Spaces are allowed.

Access Mode

This defines what the community string will allow a network manager to do. There are two access modes: Read and Read/Write. A community string with an access mode of Read can only be used to view but not change the MIB objects on a switch. A community string with a

Read/Write access can be used to both view the MIB objects and change them.

Operating Status

A community string can be enabled or disabled. When disabled, no one can use it to access the switch. You might disable a community string if you suspect an unauthorized individual is using it to access the device.

When a community string is enabled, it is available for use.

Open or Closed Access Status

You can use this feature to control which management stations on your network can use a community string. If you select the open access status, any network manager who knows the community string can use it. If you assign it a closed access status, then only those network managers working from particular workstations can use it. You specify the workstations by assigning their IP addresses to the community string. A closed community string can have up to eight IP addresses of management workstations assigned to it.

If you decide to activate SNMP management on the switch, it is a good idea to assign a closed status to all community strings that have a

Read/Write access mode and then assign the IP addresses of your management workstations to those strings. This helps reduce the chance of someone gaining management access to a switch through a community string and making unauthorized configuration changes.

Trap Receivers

A trap is a signal sent to one or more management workstations by the switch to indicate the occurrence of a particular operating event on the device. There are numerous operating events that can trigger a trap. For instance, resetting the switch or the failure of a cooling fan are two examples of occurrences that cause a switch to send a trap to the management workstations. You can use traps to monitor activities on the switch.

Trap receivers are the devices, typically management workstations or servers, that you want to receive the traps sent by the switch. You specify the trap receivers by their IP addresses. You assign the IP addresses to the community strings.



Each community string can have up to eight trap IP addresses.

It does not matter which community strings you assign your trap receivers. When the switch sends a trap, it looks at all the community strings and sends the trap to all trap receivers on all community strings.

This is true even for community strings that have a access mode of only

Read.

If you are not interested in receiving traps, then you do not need to enter any IP addresses of trap receivers.

Default SNMP

Community

Strings

The AT-S62 management software provides two default community strings: public and private. The public string has an access mode of just

Read and the private string has an access mode of Read/Write. If you activate SNMP management on the switch, you should delete or disable the private community string, which is a standard community string in the industry, or change its status from open to closed to prevent unauthorized changes to the switch.



Enabling or Disabling SNMP Management

To enable or disable SNMP management for the switch, perform the following procedure:



2. From the System Administration menu, type 5 to select SNMP

Configuration.

The SNMP Configuration menu is shown in Figure 16.


Production Switch


SNMP Configuration

1 - SNMP Status ........................ Disabled

2 - Authentication Failure Trap Status ..Disabled

3 - Configure SNMPv1 & SNMPv2c Community

4 - Display SNMPv1 & SNMPv2c Community

5 - Configure SNMPv3 Table

6 - Display SNMPv3 Table



Figure 16 SNMP Configuration Menu

3. Type 1 to toggle the SNMP Status option between its two settings of

Enabled and Disabled. When set to Disabled, the default, you cannot manage the switch using SNMP. When set to Enabled, you can manage the switch using SNMP.

A change to the SNMP status is immediately activated on the switch.




Setting the Authentication Failure Trap

As mentioned in the SNMP Overview section in this chapter, a trap is a message sent by the switch to a management workstation or server to signal an operating event, such as when the device is reset.

An authentication failure trap is similar to other the traps. It too signals an operating event on the switch. But this trap is somewhat special because it relates to SNMP management. A switch that sends this trap could be indicating an attempt by someone to gain unauthorized management access to the switch using an SNMP application program.

There are two events that can cause a switch to send this trap:

❑ An SNMP management station attempts to access the switch using an incorrect or invalid community name.

❑ An SNMP management station tried to access a closed access community string, to which its IP address is not assigned.

Given the importance of this trap to the protection of your switch, the management software allows you to disable and enable it separately from the other traps. If you enable it, the switch will send this trap if either of the above events occur. If you disable it, the switch will not send this trap. The default is disabled.

If you enable this trap, be sure to add one or more IP addresses of trap receivers to the community strings so that the switch will know where to send the trap if it needs to.

To enable or disable the authentication trap, perform the following procedure:




Configuration.

The SNMP Configuration menu is shown in Figure 16 on page 84.

3. Type 2 to toggle Authentication Failure Trap Status between enabled and disabled. The default is disabled.




Creating an SNMP Community String

To create a new SNMP community string, perform the following procedure:




Configuration.


3. From the SNMP Configuration menu, type 3 to select Configure

SNMPv1 & SNMPv2c Community.

The Configure SNMPv1 & SNMPv2c Community menu is shown in

Figure 17.


Production Switch


Configure SNMPv1 & SNMPv2c Community

Community Name AccessMode Status OpenAcc Manager IP Addr Trap Rec IP

--------------------------------------------------------------------

Private

Public

Read|Write

Read

Enabled Yes

Enabled Yes

1 - Create SNMP Community

2 - Delete SNMP Community

3 - Modify SNMP Community

U - Update Display



Figure 17 SNMPv1 & SNMPv2c Community Menu

This menu lists the current community strings on the switch and

their attributes. For attribute definitions, refer to SNMPv1 and

SNMPv2c Overview on page 81.

4. Type 1 to select Create SNMP Community.

This prompt is displayed:

Enter SNMP Community Name:




5. Enter the new SNMP community string. The name can be from one to fifteen alphanumeric characters. Spaces are allowed.


Enter Access Mode [R-Read Only, W-Read/Write]:

6. Specify the access mode for the new SNMP community string. If you specify Read, the community string will only allow you to view the

MIB objects on the switch. If you specify Read/Write, the community string will allow you to both view and change the SNMP MIB objects on the switch. This prompt is displayed:

Enter Open Access Status [Y-Yes, N-No]:

7. Specify the open access status. If you enter Yes, any network manager who knows the community string can use it. If you respond with No, making it closed access, only those management workstations whose

IP addresses you assign to the community string can use it. This prompt is displayed:

Enter SNMP Manager IP Addr:

8. If in Step 7 you responded with No making this a closed community string, specify the IP address of the management workstation that can use the string. A community string can have up to eight IP addresses of management workstations. But you can assign only one to it initially with this procedure. To add additional IP addresses, refer to

Modifying a Community String on page 88.

If you assigned the community string an access status of open, leave this field blank by pressing Return.


Enter Trap Receiver IP Addr:

9. If you want the switch to send traps to a management workstation or server, enter the IP address of the node here. A community string can have up to eight IP addresses of trap receivers. But you can assign only one initially with this procedure. To add additional IP addresses,

refer to Modifying a Community String on page 88.

If you do not want to add a IP address of a trap receiver to the community string, leave this field blank by pressing Return.

The AT-S62 software creates the new community string and adds it to the list in the SNMP Community menu. A new community string is immediately available for use to manage the switch.

10. If desired, repeat this procedure starting with Step 4 to create additional community strings.


87


Modifying a Community String

To modify a community string, perform the following procedure:




Configuration.


3. From the SNMP Configuration menu, type 3 to select Configure

SNMPv1 &SNMPv2c Community.

The Configure SNMPv1 &SNMPv2c Community menu in shown in


4. From the Configure SNMPv1 &SNMPv2c Community menu, type 3 to select Modify SNMP Community.

The Modify SNMP Community menu is shown in Figure 18.


Production Switch


Modify SNMPv1 & SNMPv2c Community

Community Name AccessMode Status OpenAcc Manager IP Addr Trap Rec IP

--------------------------------------------------------------------

Private Read|Write Enabled Yes

Public Read Enabled Yes

1 - Add Attributes to Community

2 - Delete Attributes from Community

3 - Set Community Access Mode

4 - Set Community Status

5 - Set Community Open Access

U - Update Display



Figure 18 Modify SNMP Community Menu

This menu lists the current community strings on the switch and

their attributes. For attribute definitions, refer to SNMPv1 and

SNMPv2c Overview on page 81.




The menu options are described below:

1 - Add Attributes to Community

If a community string has a closed access mode, you can use this selection to add new IP addresses of management workstations that can use the string. You can also use this option to add IP addresses of new trap receivers. To use this option, do the following:

1. From the Modify SNMP Community menu, type 1 to select Add

Attributes to Community. The following prompt is displayed:


2. Enter the community string you want to modify. Community strings are case sensitive. This prompt is displayed:


3. If you are modifying a community string with a closed access mode and you want to add an IP address of a management workstation to it, enter the workstation’s IP address at the prompt. Otherwise, just press Return. A community string can have a maximum of eight IP addresses, but you can add only one at a time with this procedure.



4. If you want the switch to send traps to a trap receiver, enter the IP address of the receiver at this prompt. Otherwise, just press Return.

The community string is modified and the Modify SNMP

Configuration menu is displayed again.

5. Repeat this procedure to modify other community strings.


2 - Delete Attributes from Community

Use this option to delete an IP address of a management workstation or a trap receiver from a community string. To use this option, do the following:

1. From the Modify SNMP Community menu, type 2 to select Delete

Attributes from Community. The following prompt is displayed:




89


3. If you want to remove the IP address of a management workstation from the community string, enter the IP address at the prompt.

Otherwise, just press Return. This prompt is displayed:


4. If you want to remove the IP address of a trap receiver from the community string, enter the IP address at the prompt. Otherwise, just press Return.


3 - Set Community Access Mode

Use this option to change a community string’s Read or Read/Write status. To use the selection, do the following:

1. From the Modify SNMP Community menu, type 3 to select Set

Community Access Mode. The following prompt is displayed:



Enter Access Mode [R-Read Only, W-Read/Write]:

3. Type R to change the string’s status to Read only, or W for Read/Write.

This confirmation prompt is displayed:

Do you want to change this Community Access Mode?

(Y/N): [Yes/No] ->

4. Type Y to change the string’s access mode or N to cancel the change.


4 - Set Community Status

Use this option to enable or disable a community string. When disabled, no one can use the community string to access the switch. To use the selection, do the following:


Community Status. The following prompt is displayed:



Enter Community Status [E-Enable, D-Disable]:

3. Type E to enable the community string or D to disable it. This confirmation prompt is displayed:




Do you want to change Community Status? (Y/N):

[Yes/No] ->

4. Type Y to change the string’s status or N to cancel the change.


5 - Set Community Open Status

Use this selection to change a string’s open status. A string with an open status can be used by any network administrator. A string with a closed status can only be used from management workstations whose IP addresses are assigned to the community string. To use the option, do the following:


Community Open Status. The following prompt is displayed:



Enter Open Access Status [Y-Yes, N-No]:

3. Type Y to assign the string an open status or N to assign it a closed status. This confirmation prompt is displayed:

Do you want to change Open Access Status? (Y/N):

[Yes/No] ->

4. Type Y to change the string’s open status or N to cancel the change.


91


Displaying the SNMP Community Strings

To display the attributes of all the SNMP community strings on the switch, use the following procedure:




Configuration.


3. From the SNMP Configuration menu, type 4 to select Display SNMPv1

& SNMPv2c Community.

The Display SNMPv1 & SNMPv2c Community menu is shown in

Figure 19.


Production Switch


Display SNMPv1 & SNMPv2c Community

Community Name Access Mode Status OpenAcc Manager IP Addr Trap Receiver IP

-----------------------------------------------------------------------------------

Private125 Read|Write Enabled No

PublicATI78

HighSchool2

Read Only

Read|Write

Enabled

Enabled

No

No

147.41.11.30

147.45.16.80

147.41.11.12

147.44.16.86

147.45.16.88

147.45.16.90

147.45.10.80

147.45.16.70

147.45.16.80

147.42.22.22

147.45.16.86

147.45.16.88

147.45.16.90

147.45.10.80

U - Update Display



Figure 19 Display SNMP Community Menu

For attribute definitions, refer to SNMPv1 and SNMPv2c Overview on page 81.


Chapter 6

Port Parameters

The chapter contains the procedures for viewing and adjusting the parameter settings for the individual ports on a switch.

This chapter contains the following procedures:

❑ Displaying Port Status on page 94

❑ Configuring Port Parameters on page 97

❑ Setting the Rate Limit on page 106

93

Chapter 6: Port Parameters

Displaying Port Status

To display the current status and settings of the ports on the switch, perform the following procedure:

1. From the Main Menu, type 1 to select Port Configuration.

The Port Configuration menu is shown in Figure 20.


Production Switch


Port Configuration

1 - Port Configuration

2 - Port Status

3 - Port Statistics

4 - Port Trunking and LACP

5 - Port Security

6 - Port Mirroring



Figure 20 Port Configuration Menu

2. From the Port Configuration Menu, type 2 to select Port Status.

An example of the Port Status menu is shown in Figure 21.


Production Switch


Port Status

3

4

5

6

Port Link Neg MDIO Speed Duplex PVID Flow Ctl

---------------------------------------------------------

1

2

Up

Up

Auto

Auto

Auto

Auto

0010

0100

Half

Full

0012

0012

Disabled

Disabled

7

8

Up

Up

Up

Up

Up

Up

Auto

Auto

Auto

Auto

Auto

Auto

Auto

Auto

Auto

Auto

Auto

Auto

0100

0100

0010

0100

0100

0010

Full

Full

Half

Full

Full

Half

0012

0023

0012

0011

0011

0011

Disabled

Disabled

Disabled

Disabled

Disabled

Disabled

N - Next Page

U - Update Display



Figure 21 Port Status Menu




Note

The speed, duplex mode, and flow control settings will be blank for ports that have not established a link with their end node.

To view the settings of a GBIC or SFP module in Port 49 or 50 of an

AT-8550GB or AT-8550SP switch, there must be a valid connection between the module’s port and the end node. Otherwise, Ports 49 and 50 in the menu represent the twisted pair ports 49R and 50R.

The information in this menu is for viewing purposes only. The columns in the menu are described below:

Port

The port number.

Link

The status of the link between the port and the end node connected to the port. Possible values are:

Up - indicates that a valid link exists between the port and the end node.

Down - indicates that the port and the end node have not established a valid link.

Neg

The status of Auto-Negotiation on the port. Possible values are:

Auto - Indicates that the port is using Auto-Negotiation to set operating speed and duplex mode.

Manual - Indicates that the operating speed and duplex mode have been set manually.

MDIO

The operating configuration of the port. Possible values are Auto,

MDI, MDI-X. The status Auto indicates that the port will automatically determine the appropriate MDI or MDI-X setting.

Speed

The operating speed of the port. Possible values are:

0010 - 10 Mbps

0100 - 100 Mbps

1000 - 1000 Mbps (Gigabit Ethernet ports only)

Duplex

The duplex mode of the port. Possible values are half-duplex and full-duplex.

95


PVID

The port’s VLAN identifier (PVID). This number corresponds to the

VID of the VLAN in which the port is an untagged member. This column will not include the VIDs of the VLANs where the port is a tagged member.

Flow Ctl

The flow control setting for the port. Possible values are:

Disabled - No flow control on the port.

Enabled - Flow control is activated.



Configuring Port Parameters

To configure the parameter settings of a port, perform the following procedure:


The Port Configuration menu is shown in Figure 20 on page 94.

2. From the Port Configuration menu, type 1 to select Port Configuration.


Enter port-list ->

3. Enter the number of the port you want to configure. You can specify more than one port at a time. You can specify the ports individually (for example, 5,7,22), as a range (for example, 18-23), or both (for example,

1,5,14-22).

To configure a GBIC or SFP module in Port 49 or 50 of an AT-8550GB or AT-8550SP switch, there must be a valid connection between the port and the end node. Otherwise, specifying Port 49 or 50 configures the twisted pair port 49R or 50R, respectively.

The Port Configuration menu is shown in Figure 22.


Production Switch


Port Configuration

Configuring Port 11

0 - Port Description ..................... Port-1

1 - Status ............................... Enabled

2 - Broadcast Filter ..................... Disabled

3 - MDI/MDIX Crossover ................... Auto

4 - Negotiation .......................... Manual

5 - Speed ................................ 0100

6 - Duplex ............................... Full

7 - HOL Blocking Prevention Threshold .... 61440 cells

8 - Flow Control

9 - Back Pressure

L - Rate Limiting

D - Set Default Port Configuration

F - Force Renegotiation

X - Reset Port



Figure 22 Port Configuration (Port) Menu



Selections 3, 5, and 6 appear in the menu only when selection 4 -

Negotiation is set to Manual. When selection 4 is set to Auto, these options are hidden.

Note

The Port Configuration menu in the figure above is for a 10/100

Mbps twisted pair port. The menu for a fiber optic port will contain a subset of the parameters.

If you are configuring multiple ports and the ports have different settings, the Port Configuration menu displays the settings of the lowest numbered port. Once you have configured the settings of the port, all of its settings are copied to the other selected ports.

4. Adjust the port parameters as necessary. You adjust a parameter by typing its number. The parameters are described below.

Note

A change to a parameter is immediately activated on the port.

0 - Port Description

You use this selection to assign a name to a port. The name can be from one to fifteen alphanumeric characters. Spaces are allowed, but you should not use special characters, such as asterisks or exclamation points. (You cannot set a port name if you are configuring more than one port.)

1 - Status

You use this selection to enable or disable a port. When disabled, a port will not forward frames to or from the node connected to the port.

You might want to disable a port and prevent packets from being forwarded if a problem occurs with the node or cable connected to the port. Once the problem has been fixed, you can enable the port again to resume normal operation.

You might also want to disable a port that is not being used to secure it from unauthorized connections.

Possible settings for this parameter are:

Enabled The port will forward packets. This is the default setting.

Disabled The port will not forward packets.




2 - Broadcast Filter

Most frames on an Ethernet network are usually unicast frames. A unicast frame is a frame that is sent to a single destination. A node sending a unicast frame intends the frame for a particular node on the network.

Broadcast frames are different. Broadcast frames are directed to all nodes on the network or all nodes within a particular virtual

LAN. Broadcast packets can perform a variety of functions. For example, some network operating systems use broadcast frames to announce the presence of devices on a network.

The problem with broadcast frames is that too many of them traversing a network can impact network performance. The more bandwidth consumed by broadcast frames, the less available for unicast frames.

Should the performance of your network be impacted by heavy broadcast traffic, you can use this parameter to limit the number of broadcast frames forwarded by the switch ports and so limit the number of broadcast frames on your network.

Activating this feature on a port discards all egress broadcast packets on the port.

It should be noted that the filtering takes place only on egress broadcast packets—packets that a port is transmitting. This filter does not apply to ingress broadcast packets.

Possible settings for this parameter are:

Disabled The port transmits egress broadcast frames. This is the default setting.

3 - MDI/MDIX Crossover

You use this selection to set the wiring configuration of a twisted pair port. This option only appears when option 4 - Negotiation, which is used to activate and deactivate Auto-Negotiation, is set to Manual.

When selection 4 - Negotiation is set to Auto, which activates

Auto-Negotiation on a port, this option is hidden in the menu and a twisted pair port uses auto-MDI/MDI-X to automatically set its wiring configuration. This feature enables a port to configure itself automatically as MDI or MDI-X when connected to an end node.

This allows you to use a straight-through twisted pair cable when connecting any type of network device to a port on the switch.

The auto-MDI/MDI-X feature is only available when a port is using

Auto-Negotiation to set its speed and duplex mode. It is also the only setting available when a port’s speed and duplex are set through Auto-Negotiation.

99



If you set option 4 - Negotiation to Manual, which disables Auto-

Negotiation on a port, the auto-MDI/MDI-X feature is disabled as well and this menu option appears with the two possible settings of MDI and MDI-X. The default is MDI-X.

4 - Negotiation

You use this selection to activate or deactivate Auto-Negotiation on a twisted pair port. This parameter has the two settings Auto and Manual. If you select Auto, a twisted pair port uses Auto-

Negotiation to set its speed, duplex mode, and MDI/MDI-X settings. This is the default setting. If you select Manual, additional options appear in the menu for manually configuring these port settings. If you are configuring a fiber optic port, the only setting available is Manual.

You should note the following concerning the operation of Auto-

Negotiation:

❑ In order for a twisted pair port to successfully Auto-Negotiate its duplex mode with an end node, the end node should also be using Auto-Negotiation. Otherwise, a duplex mode mismatch can occur. A switch port using Auto-Negotiation defaults to halfduplex if it detects that the end node is not using Auto-

Negotiation. This can result in a mismatch if the end node is operating at a fixed duplex mode of full-duplex.

To avoid this problem, when connecting an end node with a fixed duplex mode of full-duplex to a switch port, you should disable

Auto-Negotiation on the port and set the port’s speed and duplex mode manually.

❑ When the port is set to Auto-Negotiate, the MDI/MDI-X setting is locked at auto-MDI/MDI-X. The switch automatically determines the correct MDI/MDI-X setting. You cannot manually set

MDI/MDI-X manually.

❑ When Auto-Negotiation is disabled on a twisted pair port, the auto-MDI/MDI-X feature on a port is also disabled, and the port defaults to the MDI-X configuration. If you disable Auto-

Negotiation and set a port’s speed and duplex mode manually, you might also need to set the port’s MDI/MDI-X setting as well.

5 - Speed

This selection is used to set the speed of a twisted pair port. It only appears when option 4 - Negotiation is set to Manual. The possible settings are:

0010

0100

10 Mbps

100 Mbps

You cannot change the speed of a fiber optic port.

100



Note

Ports 49R and 50R on an AT-8550GB Series switch must be set to

Auto-Negotiation in order to operate at 1000Mbps. You cannot manually configure these ports to 1000Mbps.

6 - Duplex

This selection is used to set the duplex mode of a port. The option only appears when option 4 - Negotiation is set to Manual. The possible settings are:

Full

Half

Full-duplex

Half-duplex.

7 - HOL Blocking Prevention Threshold

Head of line (HOL) blocking is a problem that occurs when a port on a switch becomes oversubscribed. An oversubscribed port is receiving more packets from other switch ports than it can transmit in a timely manner.

The problem an oversubscribed port can create is that it can prevent other ports from forwarding packets to each other. This is because ingress packets on a port are buffered in a First In, First

Out (FIFO) manner. If the head of an ingress queue consists of a packet destined for an oversubscribed port, the ingress queue will not be able to forward any of its other packets to the egress queues of other ports.

A simplified version of the problem is illustrated in Figure 23. It

shows four ports on a switch. Port D is receiving packets from two ports—50% of the ingress traffic on Port A and 100% of the ingress traffic on Port B. The result is that not only is Port A unable to forward packets to Port D because the latter’s egress queues are filled with packets from Port B, but it is also unable to forward traffic to Port C because its ingress queue has frames destined to

Port D that it is unable to forward.

101


Port A Port C

50%

C C C C D D D D

Ingress Queue Egress Queue

50%

Port B Port D

100%

D D D D D D D D

Ingress Queue

D D D D D D D D

Engress Queue

Figure 23 Head of Line Blocking

The HOL Limit parameter can help prevent this problem from occurring. This parameter sets a threshold on the utilization of a port’s egress queue. When the threshold for a port is exceeded, the switch signals other ports to discard packets to the oversubscribed port.

For example, referring to the figure above, when the utilization of the storage capacity of Port D exceeds the threshold, the switch signals the other ports to discard packets destined for Port D. Port

A drops the D packets, enabling it to once again forward packets to Port C.

The number for this value represents cells. A cell is 64 bytes. The range is 1 to 61,440 cells. The default is 61,440.

8 - Flow Control

Sets flow control on the port. This option applies only to ports operating in full-duplex mode.

A switch port uses flow control to control the flow of ingress packets from its end node.

A port using flow control issues a special frame, referred to as a

PAUSE frame, as specified in the IEEE 802.3x standard, to stop the transmission of data from an end node. When a port needs to stop an end node from transmitting data, it issues this frame. The frame instructs the end node to cease transmission. The port continues to issue PAUSE frames until it is ready again to receive data from the end node.




The default setting for flow control on a switch port is disabled.

Selecting this option displays the Flow Control menu, shown in

Figure 24.


Production Switch


Flow Control

Configuring Port 11

1 - Flow Control ................. Disabled

2 - Flow Control (Cell Limit) .... 57344



Figure 24 Flow Control Menu

The options in the Flow Control menu are described below:

1 - Flow Control

Disabled - No flow control on the port. This is the default setting.

Enabled - Flow control is activated. This setting is appropriate only when the end node connected to the port is also using flow control.

Auto - The port uses flow control only if it detects that the end node is using it.

2 - Flow Control (Cell Limit)

Specifies the number of cells. A cell represents 64 bytes. The range is 1 to 57,344 cells. The default is 57,344.

B -Back Pressure

Sets backpressure on a port. This option only applies for ports operating in half-duplex mode.

Backpressure performs much the same function as flow control.

Both are used by a port to control the flow of ingress packets from the end node.

Where they differ is that while flow control applies to ports operating in full-duplex, backpressure applies to ports operating in half-duplex mode.

When a twisted pair port on the switch operating in half-duplex mode needs to stop an end node from transmitting data, it forces a collision. A collision on an Ethernet network occurs when two end nodes attempt to transmit data using the same data link at the same time. A collision causes the end nodes to stop sending data. This is called backpressure.

103



When a switch port needs to stop a half-duplex end node from transmitting data, it forces a collision on the data link, which stops the end node. Once the port is ready to receive data again, it stops forcing collisions.

The default setting for backpressure on a switch port is disabled.

Selecting this option displays the Back Pressure menu shown in

Figure 25.


Production Switch


Back Pressure

Configuring Port 11

1 - Back Pressure ................. Disabled

2 - Back Pressure Cell Limit ...... 8192



Figure 25 Back Pressure Menu

The options on the Back Pressure menu are described below:

1 - Back Pressure

Enables and disables backpressure on a port. Possible values are:

Disabled - The port will not use backpressure. This is the default setting.

Enabled - The port will use backpressure.

2 - Back Pressure Cell Limit

Specifies the number of cells. A cell represents 64 bytes. The range is 1 to 57,344 cells. The default is 8192.

Note

For an explanation of the L - Rate Limit menu option, refer to Setting the Rate Limit on page 106.

The last parameters on the Port Configuration menu are:

D - Set Default Port Configuration

Resets all port settings to the default values.

F - Force Renegotiation

If the port is already operating in Auto-Negotiation, this options prompts the port to Auto-Negotiate again with the end node. This can be helpful if you believe that a port and end node are not

104

AT-S62 Menus Interface User’s Guide operating at the same speed and duplex mode. If the port’s speed and duplex mode have been set manually, this option returns the port to Auto-Negotiation.

X - Reset Port

Resets the speed and duplex mode of the selected port to the default value of Auto-Negotiation. Also returns the MDI/MDIX setting to the default value of Auto-Detect.




Setting the Rate Limit

This feature allows you to set the maximum number of ingress packets the switch ports accept each second. Packets exceeding the threshold are discarded. You can enable the rate limiting threshold independently for multicast, broadcast, and unknown unicast packets. However, the same threshold applies to all packet types.

To configure this feature, you must enter a rate limit. This establishes the maximum number of packets the individual ports will accept per second. This limit applies to all ports and to all three packet types. There can be only one packet limit value for the switch.

Here is an example. Assume that you set a rate limit of 5,000 packets and you activate multicast and broadcast rate limiting. Each switch port will accept up to 5,000 ingress multicast packets and 5,000 ingress broadcast packets each second. If a port receives more of either type, it discards the extra packets. Since the feature was not activated for unknown unicast packets, ports do not restrict their number. (An unknown unicast packet is a packet with a MAC address not stored in the switch’s MAC address table.)

To set rate limiting, perform the following procedure:



2. From the Port Configuration menu, type 1 to select Port

Configuration.


Enter port-list ->

3. Enter any port on the switch.

This feature cannot be set on a per-port basis. You can enter any port or range of ports and the change will apply to all switch ports.


4. Type L to select Rate Limit.



The Rate Limiting menu is shown in Figure 26.


Production Switch


Rate Limiting

Configuring Port 1

1 - Broadcast Rate Limiting Status ........... Disabled

2 - Multicast Rate Limiting Status ........... Disabled

3 - Unknown Unicast Rate Limiting Status ..... Disabled

4 - Rate Limit ............................... 262143 packets/second



Figure 26 Rate Limiting Menu

5. Type 4 to select Rate Limit and, when prompted, enter the maximum number of broadcast, multicast, and unknown unicast ingress packets you want all switch ports to accept each second. This threshold is applied independently to each packet type.

6. Type 1, 2, or 3 to activate the threshold for broadcast packets, multicast packets, and unknown unicast packets, respectively. You can enable this feature on one, two, or all three packet types.

Rate limiting changes are immediately implemented on all switch ports.



Chapter 7

MAC Address Table

The chapter contains the procedures for viewing the static and dynamic

MAC address table.

This chapter contains the following sections:

❑ MAC Address Overview on page 109

❑ Displaying MAC Addresses on page 111

❑ Adding Static Unicast and Multicast MAC Addresses on page 115

❑ Deleting Unicast and Multicast MAC Addresses on page 117

❑ Deleting All Dynamic MAC Addresses on page 118

❑ Changing the Aging Time on page 119

108


MAC Address Overview

The AT-8500 Series switch contains a MAC address table with a storage capacity of 8,000 entries. The switch uses the table to store the MAC addresses of the network nodes connected to its ports, along with the port number on which each address was learned.

The switch learns the MAC addresses of the end nodes by examining the source address of each packet received on a port. It adds the address and port on which the packet was received to the MAC table if the address is not already in the table. The result is a table that contains all the MAC addresses of the devices connected to the switch’s ports, and the port number where each address was learned.

When the switch receives a packet, it also examines the destination address and, by referring to its MAC address table, determines the port where the destination node is connected. It then forwards the packet to the appropriate port and on to the end node. This increases network bandwidth by limiting each frame to the appropriate port when the intended end node is located, freeing the other switch ports for receiving and transmitting packets.

If the switch receives a packet with a destination address that is not in the MAC address table, it floods the packet to all the ports on the switch.

If the ports have been grouped into virtual LANs, the switch floods the packet only to those ports which belong to the same VLAN as the port on which the packet was received. This prevents packets from being forwarded onto inappropriate LAN segments and increases network security. When the destination node responds, the switch adds its MAC address and port number to the table.

If the switch receives a packet with a destination address that is on the same port where the packet was received, it discards the packet without forwarding it on to any port. Since both the source node and the destination node for the packet are located on the same port on the switch, there is no reason for the switch to forward the packet. This too increases network performance by preventing frames from being forwarded unnecessarily to other network devices.

The type of MAC address described above is referred to as a dynamic

MAC address. Dynamic MAC addresses are addresses that the switch learns by examining the source MAC addresses of the frames received on the ports.

Dynamic MAC addresses are not stored indefinitely in the MAC address table. The switch deletes a dynamic MAC address from the table if it does not receive any frames from the node after a specified period of time.

The switch assumes that the node with that MAC address is no longer active and that its MAC address can be purged from the table. This


Chapter 7: MAC Address Table prevents the MAC address table from becoming filled with addresses of nodes that are no longer active.

The period of time that the switch waits before purging an inactive dynamic MAC address is called the aging time. This value is adjustable on the AT-8500 Series switch. The default value is 300 seconds (5 minutes).

For instructions on changing the aging timer, refer to Changing the

Aging Time on page 119.

The MAC address table can also store static MAC addresses. A static MAC address is a MAC address of an end node that you assign to a switch port manually. A static MAC address, once entered in the table, remains in the table indefinitely and is never deleted, even when the end node is inactive.

You might need to enter static MAC addresses of end nodes the switch might not learn in its normal dynamic learning process, or if you want a

MAC address to remain permanently in the table, even when the end node is inactive.



Displaying MAC Addresses

The management software has two menu selections for displaying the

MAC addresses of a switch. One selection displays the static and dynamic unicast MAC addresses while the other displays the static and dynamic multicast addresses.

To display the MAC address tables, perform the following procedure:

1. From the Main Menu, type 4 to select MAC Address Tables.

The MAC Address Tables menu is shown in Figure 27.


Production Switch


MAC Address Tables

1 - MAC Address Aging Time ......... 300 second(s)

2 - MAC Addresses Configuration

3 - Display Unicast MAC Addresses

4 - Display Multicast MAC Addresses




Figure 27 MAC Address Tables Menu

2. From the MAC Address Tables menu, type 3 to select Display Unicast

MAC Addresses or 4 to select Display Multicast MAC Addresses.

The Display Unicast MAC Addresses menu is shown in Figure 28.

The Display Multicast MAC Addresses menu has the same selections.


Production Switch


Display Unicast MAC Addresses

1 - Display All

2 - Display Static

3 - Display Dynamic

4 - Display by Port

5 - Display Specified MAC

6 - Display by VLAN ID

7 - Display on Base Ports



Figure 28 Display Unicast MAC Addresses Menu

111

Chapter 7: MAC Address Table

3. Select the desired option. The options are explained below:

1 - Display All

This selection displays all dynamic addresses learned on the ports of the switch and all static addresses that have been assigned to the ports. An example of a unicast MAC address table is shown in

Figure 29.


Production Switch


Display All

Page 1

Total Number of MAC Addresses: 121

MAC Address Port VlanID Type

---------------------------------------------------------------------

01:80:C1:00:02:01

00:a0:d2:18:1a:c8

0

1

0

1

Static (fixed, non-aging)

Dynamic

00:a0:c4:16:3b:80

00:a0:12:c2:10:c6

00:a0:c2:09:10:d8

00:a0:33:43:a1:87

2

3

4

5

1

1

1

1

Dynamic

Dynamic

Dynamic

Dynamic

00:a0:12:a7:14:68

00:a0:d2:22:15:10

00:a0:d4:18:a6:89

6

7

8

1

1

1

Dynamic

Dynamic

Dynamic

N - Next Page

U - Update Display



Figure 29 Display All Menu - Unicast MAC Addresses

Note

The first address in the unicast MAC address table is the address of the switch.

The information in this menu is for viewing purposes only. The columns in a unicast MAC address menu are defined below.

MAC - The static or dynamic unicast MAC address.

Port - The port where the address was learned or assigned. The

MAC address with Port 0 is the address of the switch.

VlanID - The ID number of the VLAN where the port is an untagged member.

Type - The type of the address: static or dynamic.



An example of a multicast MAC address table is shown in Figure

30.

User: Manager


Production Switch

11:20:02 02-Jan-2004

Display All

Page 1

Total Number of MCAST MAC Addresses: 1

MAC Address VLAN ID Type Port Maps (U:Untagged T:Tagged)

------------------------------------------------------------------------

01:00:51:00:00:01 1 Static U:1-4

T:

U - Update Display



Figure 30 Display All Menu - Multicast MAC Addresses

The information in this menu is for viewing purposes only. The columns in a multicast MAC address menu are defined below.

MAC Address- The static or dynamic multicast MAC address.

VlanID - The ID number of the VLAN where the port is an untagged member.

Type - The type of address: static or dynamic.

Port Maps - The tagged and untagged ports on the switch that are members of a multicast group. This column is useful in determining which ports belong to different groups.

The other options in the Display Unicast MAC Addresses menu or

Display Multicast MAC Addresses menu are:

2 - Display Static

This selection displays just the static addresses assigned to the ports on the switch.

3 - Display Dynamic

This selection displays just the dynamic addresses learned on the ports on the switch.

4 - Display by Port

Displays the dynamic and static MAC addresses of a particular port. When you select this option, you are prompted for a port number. You can specify more than one port at a time.



5 - Display Specified MAC

Displays the port number on which a MAC address was assigned or learned.

In some situations, you might want to know on which port a particular MAC address was learned. You could display the MAC address table and scroll through the list looking for the MAC address. But if the switch is part of a large network, finding the address could prove difficult.

This menu option offers an easier way. You can specify the MAC address and let the management software automatically locate the port on the switch where the device is connected.

6 - Display by VLAN ID

Displays all the static and dynamic addresses learned on the tagged and untagged ports of a specific VLAN. When you select this option, you are prompted for the VLAN ID number of the

VLAN. You can specify only one VLAN at a time

7 - Display on Base Ports

This displays the static and dynamic MAC addresses learned on the base ports. Base ports are the standard ports on the switch, excluding optional expansion modules, GBIC modules, or SFP modules.



Adding Static Unicast and Multicast MAC Addresses

This section contains the procedure for adding static unicast and multicast MAC addresses to the switch. You can assign up to 255 static addresses per port on an AT-8500 Series switch.

To add a static MAC address, perform the following procedure:


The MAC Address Tables menu is shown in Figure 27 on page 111.

2. From the MAC Address Tables menu, type 2 to select MAC Addresses

Configuration.

The MAC Addresses Configuration menu is shown in Figure 31.


Production Switch


MAC Addresses Configuration

1 - Add Static MAC Address

2 - Delete MAC Address

3 - Delete All Dynamic MAC Addresses



Figure 31 Configure MAC Addresses Menu

3. From the Configure MAC Addresses menu, type 1 to select Add static

MAC address.


Please enter MAC address ->

4. Enter the static unicast or multicast MAC address in either of the following formats:

XXXXXXXXXXXX or XXXXXX XXXXXX

5. Once you have specified the MAC address, the following prompt is displayed:

Enter port-list: ->

6. Enter the number of the port on the switch where you want to assign the static address. If you are adding a static unicast address, you can specify only one port.

If you are entering a static multicast address, you must specify the port when the multicast application is located as well as the ports where the host nodes are connected. Assigning the address only


Chapter 7: MAC Address Table to the port where the multicast application is located will result in the failure of the multicast packets to be properly forwarded to the host nodes. You can specify the ports individually (e.g., 1,4,5), as a range (e.g., 11-14) or both (e.g., 15-17,22,24).


Please enter VLAN ID: [1 to 4094] -> 1

7. Enter the VLAN ID where the port is a member.

8. Repeat this procedure starting with Step 3 to enter additional static unicast or multicast MAC addresses.




Deleting Unicast and Multicast MAC Addresses

To delete a dynamic or static unicast or multicast address from the MAC address table, perform the following procedure:



2. From the MAC Address Tables menu, type 2 to select Configure MAC

Addresses.

The Configure MAC Addresses menu is shown in Figure 31 on page 115.

3. From the Configure MAC Addresses menu, type 2 to select Delete

MAC Address.


Please enter a MAC address ->

4. Enter the unicast or multicast MAC address to be deleted in either of the following formats:

XXXXXXXXXXXX or XXXXXX XXXXXX

After you have entered the MAC address, the following prompt is displayed:

Please enter VLAN ID -> [1 to 4094] -> 1

5. Enter the VLAN ID of the port where the address was assigned or learned.

The MAC address is deleted from the switch’s MAC address table.

Note

You cannot delete a switch’s MAC address, an STP BPDU MAC address, or a broadcast address.

6. Repeat the procedure to delete additional MAC addresses.




Deleting All Dynamic MAC Addresses

To delete all dynamic unicast and multicast MAC address from the MAC address table, do the following:



2. From the MAC Address Tables menu, type 2 to select MAC Addresses

Configuration.

The MAC Addresses Configuration menu is shown in Figure 31 on page 115.

3. From the MAC Addresses Configuration menu, type 3 to select Delete

All Dynamic MAC Addresses.


All learned MAC (non-static) addresses will be deleted

Do you want to continue? [Yes/No] ->

4. Enter Y to delete the addresses or N to cancel the procedure.

If you respond with yes, all dynamic unicast and multicast addresses are deleted from the table, and the switch begins to learn new addresses.



Changing the Aging Time

The switch uses the aging time to delete inactive dynamic MAC addresses from the MAC address table. When the switch detects that no packets have been sent to or received from a particular MAC address in the table after the period specified by the aging time, the switch deletes the address. This prevents the table from becoming full of addresses of nodes that are no longer active.

The default setting for the aging time is 300 seconds (5 minutes).

To adjust the aging time, perform the following procedure:



2. From the MAC Address Tables menu, type 1 to select MAC Address

Aging Time.


Enter your new value -> [0 to 1048575]

3. Enter a new value in seconds.

The range is 0 to 1048575 seconds. The default is 300 seconds (5 minutes). The value 0 (zero) disables the aging timer. When disabled, no dynamic addresses are deleted from the table, even addresses that belong to inactive nodes.

The new value is immediately activated on the switch.



Chapter 8

Static and LACP Port Trunks

This chapter contains the procedures for creating, modifying, and deleting static and LACP port trunks. Sections in the chapter include:

❑ Port Trunk Overview on page 121

❑ Managing Static Port Trunks on page 133

❑ Managing LACP Trunks on page 139

120


Port Trunk Overview

Static Port Trunk

Overview

A port trunk is an economical way for you to increase the bandwidth between the Ethernet switch and another networking device, such as a network server, router, workstation, or another Ethernet switch. A port trunk is a group of ports that have been grouped together to function as one logical path. A port trunk increases the bandwidth between the switch and the other network device and is useful in situations where a single physical link between the devices is insufficient to handle the traffic load.

The AT-8500 Series switch supports two types of port trunks:

❑ Static trunks

❑ Link Aggregate Control Protocol (LACP) IEEE 802.3ad trunks

A static port trunk consists of two to eight ports on the switch that function as a single virtual link between the switch and another device. A static port trunk improves performance by distributing the traffic across multiple ports between the devices and enhances reliability by reducing the reliance on a single physical link.

A static trunk is easy to configure. You simply designate the ports on the switch that are to be in the trunk and the management software on the switch automatically groups them together. The management software also gives you control over how the traffic is to be distributed over the

trunk ports, as described in Load Distribution Methods on page 130.

The example in Figure 32 illustrates a static port trunk of four links

between two AT-8524M switches.

LINK

MODE

LINK

MODE

MODE

AT-8524M

Fast Ethernet Switch

STATUS

FAULT

MASTER

RPS

PWR


LINK

MODE

LINK

MODE

Figure 32 Static Port Trunk Example

MODE

AT-8524M Fast Ethernet Switch

STATUS

FAULT

MASTER

RPS

PWR

Network equipment vendors tend to employ different techniques to implement static trunks. Consequently, a static trunk on one device might not be compatible with the same feature on a device from a different manufacturer. For this reason static trunks are typically employed only between devices from the same vendor. That is not to

121

Chapter 8: Port Trunking

Section I: Basic Operations say that an Allied Telesyn layer 2 managed switch cannot form a static trunk with a device from another manufacturer; but there is the possibility that the implementations of static trunking on the two devices might not be compatible.

It should also be noted that this type of trunk does not provide for redundancy or link backup. If a port in a static trunk loses its link, the trunk’s total bandwidth is reduced. Though the traffic carried by the lost link is shifted to one of the remaining ports in the trunk, the bandwidth remains reduced until the lost link is reestablished or you reconfigure the trunk by adding another port to it.

Static Port Trunk Guidelines

Here are the guidelines to creating a static trunk:

❑ Allied Telesyn recommends using static port trunks between

Allied Telesyn networking devices to ensure compatibility. While an Allied Telesyn device might be able to form a static trunk with a device from another equipment vendor, there is the possibility that the implementation of this feature on the two devices might not be compatible, resulting in undesired switch behavior.

❑ A static trunk can contain up to eight ports.

❑ The ports of a static trunk must be of the same medium type. They can be all twisted pair ports or all fiber optic ports.

❑ The ports of a trunk can be either consecutive (for example Ports

5-9) or nonconsecutive (for example, Ports 4, 8, 11, 20).

❑ Before creating a port trunk, examine the speed, duplex mode, flow control, and back pressure settings of the lowest number port that will be in the trunk. Verify that its settings are correct for the device to which the trunk will be connected. When you create a static port trunk, the management software copies the current settings of the lowest numbered port in the trunk to the other ports, because all ports in a static trunk must have the same settings. For example, if you create a port trunk consisting of ports

5 to 8, the parameter settings for port 5 are copied to ports 6, 7, and 8 so that all the ports of the trunk have the same settings.

❑ Once you have created a port trunk, do not change the speed, duplex mode, flow control or back pressure of any port in the trunk without making the same change to the other ports.

❑ A port can belong to only one static trunk at a time.

❑ A port cannot be a member of a static trunk and a LACP trunk at the same time.

122


❑ The switch can support up to six static trunks when LACP is disable and three static trunks when LACP is enabled.

❑ The ports of a static trunk must be untagged members of the same VLAN. A trunk cannot consist of untagged ports from different VLANs.

❑ The switch selects the lowest numbered port in the trunk to handle broadcast packets and packets of unknown destination.

For example, a trunk of ports 11 to 15 would use port 11 for broadcast packets.

❑ You can create a port trunk of the ports in two expansion modules in an AT-8500 Series switch, providing that the ports are of the same medium type and have the same operating specifications.

LACP Trunk

Overview

An LACP (Link Aggregation Control Protocol) trunk is another type of port trunk. Like a static trunk, it can increase the bandwidth between two network devices by distributing the traffic load over multiple physical links.

The advantage of an LACP trunk over a static port trunk is its flexibility.

While implementations of static trunks tend to be vendor specific, the

AT-8500 Series implementation of LACP is compliant with the IEEE

802.3ad standard. This makes it interoperable with equipment from other vendors that also comply with the standard. This allows you to create a trunk between an Allied Telesyn device and networking devices from other manufacturers.

Another advantage is that ports in an LACP trunk can function in a standby mode. This adds redundancy and resiliency to the trunk. Should a link in a static trunk go down, the overall bandwidth of the trunk is reduced and restoring it requires reestablishing the link or manually modifying the trunk by adding another port to it. In contrast, an LACP trunk can activate ports in a stand-by mode when an active link fails. The automatic activation of standby ports allows the switch to maintain the maximum possible bandwidth of the trunk.

For example, assume you create an LACP trunk of ports 11 to 20 on a switch and the switch is using ports 11 to 18 as the active ports and ports

19 and 20 as reserve. If an active port loses its link, the switch automatically activates one of the two reserve ports to maintain maximum bandwidth of the trunk.

The main component of an LACP trunk is an aggregator. An aggregator is a group of ports on the switch. The ports in an aggregator are further grouped into one or more trunks, referred to as aggregate trunks.



An aggregate trunk can consist of any number of ports on a switch, but only a maximum of eight ports can be active at a time. If an aggregate trunk contains more ports than can be active at one time, the extra ports are placed in a stand-by mode. Ports in the standby mode do not pass network traffic, but they do transmit and accept LACP data unit

(LACPDU) packets, which the switch uses to search for LACP-compliant devices.

Only ports on a switch that are part of an aggregator transmit LACPDU packets. If a switch port that is part of an aggregator does not receive

LACPDU packets from its corresponding port on the other device, it assumes that the other port is not part of an LACP aggregator. Instead it functions as a normal Ethernet port by forwarding network traffic.

However, it does continue to send LACPDU packets. If it begins to receive LACPDU packets, it automatically transitions to an active or standby mode as part of an aggregate trunk.

If a switch is to support more than one aggregate trunk, it may be necessary to place each trunk in a separate aggregator, while in other cases you may be able to create just one aggregator and let the switch discern the individual aggregate trunks for you, automatically. The determining factor is whether the trunks are going to the same or different devices. If the trunks are going to the same device, you need to create a different aggregator for each trunk. If they are going to different devices, you can create just one aggregator and the switch can form the aggregate trunks itself.

Here are a two examples. Figure 33 illustrates an AT-8524M switch with

two LACP trunks, each containing three links. Since both aggregate trunks go to the same 802.3ad-compliant device, in this case another

Fast Ethernet switch, each trunk requires a separate aggregator.



AT-8500 Series Switch

Ports 1 - 3 in Aggregator 1


Ports 12 -14 in Aggregator 2

Aggregate Trunks in Separate Aggregators

802.3ad-compliant Device

Ethernet Switch

Figure 33 Example of Multiple Aggregators for Multiple Aggregate

Trunks

Here is how the example might look in table format for the ports on the

AT-8500 Series switch.

Aggregator

Description

Aggregator 1

Aggregator 2

Aggregator

Ports

1-3

12-14

Aggregate

Trunk Ports

1-3

12-14

Caution

The example cited here illustrates a loop in a network. Network loops should be avoided to prevent broadcast storms.

125


If the aggregate trunks go to different devices, you can create one aggregator and let the AT-8500 Series switch form the trunks for you

automatically. This is illustrated in Figure 34. The ports of the two

aggregate trunks on the AT-8500 Series switch are members of the same aggregator. It is the switch that determines that there are actually two separate aggregate trunks.

Ports 1 - 3 and 12-14 in Aggregator 1

AT-8500 Series Switch

Aggregate Trunks in Same Aggregator

802.3ad-compliant

Ethernet Switch

802.3ad-compliant

Server

Figure 34 Example of an Aggregator with Multiple Trunks

Here is how this example looks in table format for the ports on the

AT-8500 Series switch.

Aggregator

Description

Aggregator 1

Aggregator

Ports

1-3, 12-14

Aggregate

Trunk Ports

1-3

12-14

You could, if you wanted, create separate aggregators for the different aggregate trunks in the example above. But letting the switch make the determination for you whenever possible can save you time later if you physically reassign ports to a different trunk connected to another device.




LACP System Priority

It is possible for two devices interconnected by an aggregate trunk to encounter a conflict when forming a trunk. For example, the two devices might not support the same number of active ports in an aggregate trunk or might not agree on which ports are to be active and which are to be in standby.

If a conflict occurs, the devices need a mechanism for resolving the problem, a means by which they can decide whose LACP settings are to take precedence. That is the function of the system LACP priority value.

A hexadecimal value of from 1 to FFFF, this parameter is used whenever the devices encounter a conflict creating a trunk. The lower the number, the higher the priority. The settings on the device with the higher priority takes precedence over the settings on the other device. If both devices have the same system LACP priority value, the settings on the switch with the lowest MAC address take precedence.

This parameter can prove useful when connecting an aggregate trunk between an AT-8500 Series switch and another 802.3ad-compliant device that does not have the same LACP trunking capabilities. If the other device’s capability is less than that of the AT-8500 Series’, you should give that device the higher priority so that its settings are used by both devices when forming the trunk.

For example, an aggregate trunk of six links between an AT-8500 Series switch and an 802.3ad-compliant device that supported up to four active links at one time could possibly result in a conflict. The AT-8500

Series switch would try to use all six links as active, since it can handle up to eight active links in a trunk at one time, while the other device would want to use only four ports as active. By giving the other 802.3ad device the higher priority, the conflict would be avoided because the AT-8500

Series switch would then use only four active links. The other ports would be in standby mode.

Adminkey Parameter

The adminkey is a hexadecimal value from 1 to FFFF that identifies an aggregator. Each aggregator on a switch must have a unique adminkey.

The adminkey is limited to a switch. Two aggregators on different switches can have the same adminkey without creating a conflict.

127


LACP Port Priority Parameter

The switch uses this parameter to determine which ports are to be active and which are to be in the standby mode in situations where the number of ports in an aggregate trunk exceeds the highest allowed number of active ports. This parameter can be adjusted on each port and is a hexadecimal value in a range of 1 to FFFF. The lower the number, the higher the priority. Ports with the highest priorities are designated as the active ports in an aggregate trunk.

For example, if both 802.3ad-compliant devices support up to eight active ports and there are a total of ten ports in the trunk, the eight ports with the lowest priority settings are designated as the active ports, and the others are placed in standby mode. If an active link goes down on a active port, the standby port with the highest priority is automatically activated to take its place.

The default value of a port’s priority number is equal to its port number in hexadecimal. For example, the default values for ports 2 and 11 are

0002 and 000B, respectively.

The selection of the active links in an aggregate trunk is dynamic. It changes as links are added, removed, lost or reestablished. For example, if an active port loses its link and is replaced by another port in the standby mode, the reestablishment of the link on the original active port causes it to return to the active state by virtue of its having a higher priority, while the port that replaced it is returned to the standby mode.

In the unusual event you set this parameter to the same value for some or all of the ports of an aggregate trunk, the selection of active ports is based on port numbering. The lower the port number, the higher the priority.

Two conditions must be met in order for a port that is a member of an aggregate trunk to function in the standby mode. First, the number of ports in the trunk must exceed the highest allowed number of active ports and, second, the port must be receiving LACPDU packets from the other device. A port functioning in the standby mode does not forward network traffic, but it does continue to send LACPDU packets. If a port that is part of an aggregator does not receive LACPDU packets, it functions as a normal Ethernet port and forwards network packets along with LACPDU packets.




Load Distribution Methods

The load distribution method determines the manner in which the switch distributes the traffic across the active ports of an aggregate trunk. The method is assigned to an aggregator and applies to all aggregate trunks within it. If you want to assign different load distribution methods to different aggregate trunks, you must create a separate aggregator for each trunk. For further information, refer to

Load Distribution Methods on page 130.

LACP Trunk Guidelines

Here are the guidelines to follow when creating aggregators:

❑ LACP must be activated on both the switch and the other device.

❑ The other device must be 802.3ad-compliant.

❑ An aggregator can consist of any number of ports.

❑ The AT-8500 Series switch supports up to eight active ports in an aggregate trunk at a time.

❑ The switch supports a maximum of three aggregate trunks.

❑ The ports of an aggregate trunk must be of the same medium type. They can be all twisted pair ports or all fiber optic ports.

❑ The ports of a trunk can be consecutive (for example Ports 5-9) or nonconsecutive (for example, Ports 4, 8, 11, 20).

❑ A port can belong to only one aggregator at a time.

❑ A port cannot be a member of an aggregator and a static trunk at the same time.

❑ The ports of an aggregate trunk must be untagged members of the same VLAN. (The switch’s management software does not display an error message if you create an aggregator with ports from different untagged VLANs. However, the ports are not added to the aggregate trunk when the trunk is established.)

❑ 10/100Base-TX twisted pair ports must be set to Auto-Negotiation or 100 Mbps, full-duplex mode. LACP trunking is not supported in half-duplex mode.

❑ 100Base-FX fiber optic ports must be set to full-duplex mode.

❑ You can create an aggregate trunk of expansion modules or GBIC modules with 1000Base-X fiber optic ports.

129


Load Distribution

Methods

❑ Only those ports that are members of an aggregator transmit

LACPDU packets.

❑ The load distribution method is applied at the aggregator level. If you want aggregate trunks to have different load distribution methods, you must create a separate aggregator for each trunk.

For further information, refer to Load Distribution Methods on page 130.

❑ A port that is a member of an aggregator functions as part of an aggregate trunk only if it receives LACPDU packets from the remote device. If it does not receive LACPDU packets, it functions as a regular Ethernet port, forwarding network traffic while also continuing to transmit LACPDU packets.

❑ The port with the highest priority in an aggregate trunk carries broadcast packets and packets with an unknown destination.

❑ Prior to creating an aggregate trunk between an AT-8500 Series switch and another vendor’s device, refer to the vendor’s documentation to determine the maximum number of active ports the device can support in a trunk. If the number is less than eight, the maximum number for the AT-8500 Series switch, you should probably assign it a higher system LACP priority than the

AT-8500 Series switch. If it is more than eight, assign the AT-8500

Series switch the higher priority. This can help avoid a possible conflict between the devices if some ports are placed in the standby mode when the trunk is created by the devices. For

background information, refer to LACP System Priority on page

127.

❑ LACPDU packets are transmitted as untagged packets.

This section discusses the load distribution methods and applies to both static and LACP port trunks.

One of the steps to creating a static or LACP port trunk is the selection of a load distribution method. This step determines how the switch distributes the traffic load across the ports in the trunk. The AT-S62 management software offers the following load distribution methods:

❑ Source MAC Address (Layer 2)

❑ Destination MAC Address (Layer 2)

❑ Source MAC Address / Destination MAC Address (Layer 2)

❑ Source IP Address (Layer 3)

❑ Destination IP Address (Layer 3)



❑ Source IP Address / Destination IP Address (Layer 3)

The load distribution methods examine the last three bits of a packet’s

MAC or IP address and compare the bits against mappings assigned to the ports in the trunk. The port mapped to the matching bits is selected as the transmission port for the packet.

In cases where you select a load distribution that employs either a source or destination address but not both, the last three bits of only the designated address are used in the selection of a transmission port in a trunk. If you select one of the two load distribution methods that employs both source and destination addresses, port selection is achieved through an XOR operation of the last three bits of both addresses.

As an example, assume you created a static or LACP aggregate trunk of

Ports 7 to 14 on a switch. The table below shows the mappings of the switch ports to the possible values of the last three bits of a MAC or IP address.

Last 3 Bits

Trunk Ports

000

(0)

7

001

(1)

8

010

(2)

9

011

(3)

10

100

(4)

11

101

(5)

12

110

(6)

13

111

(7)

14

Now assume you selected source MAC address as the load distribution method and that the switch needed to transmit over the trunk a packet with a source MAC address that ended in 9. The binary equivalent of 9 is

1001, making the last three bits of the address 001. An examination of the table above indicates that the switch would use Port 8 to transmit the frame because that port is mapped to the matching bits.

The same method is used for the two load distribution methods that employ both the source and destination addresses. Only here the last three bits of both addresses are combined by an XOR process to derive a single value which is then compared against the mappings of bits to ports. The XOR rules are as follows:

0 XOR 0 = 0

0 XOR 1 = 1

1 XOR 0 = 1

1 XOR 1 = 0

As an example, assume that you had selected source and destination

MAC addresses for the load distribution method in our previous example, and that a packet for transmission over the trunk had a source

MAC address that ended in 9 and a destination address that ended in 3.



The binary values would be:

9 = 1001

3 = 0011

Applying the XOR rules above on the last three bits would result in 010.

A examination of the table above shows that the packet would be transmitted from port 9.

Port trunk mappings on an AT-8500 Series switch can consist of up to eight ports. This corresponds to the maximum number of ports allowed in a static trunk and the maximum number of active ports in an LACP trunk. (Inactive ports in an LACP trunk are not applied to the mappings until they transition to the active status.)

You can assign different load distribution methods to different static trunks on the same switch. The same is true for LACP aggregators.

However, it should be noted that all aggregate trunks within an LACP aggregator must use the same load distribution method.

The load distribution methods assume that the final three bits of the source and/or destination addresses of the packets from the network nodes are varied enough to support adequate distribution of the packets over the trunk ports. A lack of variation can result in one or more ports in a trunk being used more than others, with the potential loss of a trunk’s efficiency and performance.



Managing Static Port Trunks

The following procedures explain how to create, modify, and delete static port trunks:

❑ Creating a Static Port Trunk on page 133

❑ Modifying a Static Port Trunk on page 136

❑ Deleting a Static Port Trunk on page 138

For background information, refer to Static Port Trunk Overview on page

121.

Creating a Static

Port Trunk

This section contains the procedure for creating a static port trunk on a

switch. Be sure to review the guidelines in Port Trunk Overview on page

121 before performing the procedure.

Caution

Do not connect the cables to the trunk ports on the switches until after you have configured the trunk with the management software.

Connecting the cables before configuring the software will create a loop in your network topology. Data loops can result in broadcast storms and poor network performance.

Note

Before creating a port trunk, examine the speed, duplex mode, and flow control settings of the lowest numbered port that will be a part of the trunk. Check to be sure that the settings are correct for the end node to which the trunk will be connected. When you create the trunk, the AT-S62 management software copies the settings of the lowest numbered port in the trunk to the other ports so that all the settings are the same.

You should also check to be sure that the ports are untagged members of the same VLAN. You cannot create a trunk of ports that are untagged members of different VLANs.

To create a port trunk, perform the following procedure:


2. From the Port Configuration menu, type 4 to select Port Trunking and

LACP.



The Port Trunking and LACP menu is shown in Figure 35.


Production Switch


Port Trunking and LACP

1 - Static Port Trunking

2 - LACP Configuration



Figure 35 Port Trunking and LACP Menu

3. From the Port Trunking and LACP menu, type 1 to select Static Port

Trunking.

The Static Port Trunking menu is shown in Figure 36.


Production Switch


Static Port Trunking

ID Name Ports Method Status

----------------------------------------------------

C - Create Trunk

D - Delete Trunk

M - Modify Trunk



Figure 36 Static Port Trunking Menu

This menu lists the trunks that already exist on the switch.

4. Type C to select Create Trunk.




The Create Trunk menu is shown in Figure 37.


Production Switch


Create Trunk

1 - Trunk ID ......... 1

2 - Trunk Name .......

3 - Trunk Method ..... SRC/DST MAC

4 - Trunk Ports ......

C - Create Trunk



Figure 37 Create Trunk Menu

5. Type 1 to select Trunk ID and, when prompted, enter an ID number for the trunk of from 1 to 6. A trunk must be assigned a unique ID number. The default value is the next unused ID number.

6. Type 2 to select Trunk Name and, when prompted, enter a name for the trunk. The name can be up to sixteen alphanumeric characters.

No spaces or special characters, such as asterisks and exclamation points, are allowed. Each trunk must have a unique name.

7. To set the load distribution method, type 3 to toggle the selection through the following possible settings:

❑ SRC MAC - Source MAC address

❑ DST MAC - Destination MAC address

❑ SRC/DST MAC - Source address /destination MAC address

❑ SRC IP - Source IP address trunking

❑ DST IP - Destination IP address trunking

❑ SRC/DST IP - Source address /destination IP address

The default is SRC/DST MAC. For background information, refer to


8. Type 4 to select Trunk Ports and, when prompted, enter the ports of the trunk. A trunk can contain up to eight ports. You can identify the ports individually (for example, 3,7,10), as a range (for example, 5-11), or both (for example, 2,4,11-14).

9. Type C to select Create Trunk.

The port trunk is now active on the switch.

135



11. Configure the ports on the remote switch for port trunking.

12. Connect the cables to the ports of the trunk on the switch.

The port trunk is ready for network operations.

Modifying a Static

Port Trunk

This section contains the procedure for modifying a static port trunk on

the switch. Be sure to review the guidelines in Static Port Trunk

Guidelines on page 122 before performing the procedure.

Caution

If you will be adding or removing ports from the trunk, you should disconnect all network cables from the ports of the trunk on the switch before performing the procedure. Adding or removing ports from a static port trunk without first disconnecting the cables may result in loops in your network topology, which can result in broadcast storms and poor network performance.

Note the following before performing this procedure:

❑ If you are adding a port and the port will be the lowest numbered port in the trunk, its parameter settings will overwrite the settings of the existing ports in the trunk. Consequently, you should check to see if its settings are appropriate prior to adding it.

❑ If you are adding a port and the port will not be the lowest numbered port in the trunk, its settings will be changed to match the settings of the existing ports in the trunk.

❑ If you are adding a port to a static trunk, you should check to be sure that the new port is an untagged member of the same VLAN as the other trunk ports. A trunk cannot contain ports that are untagged members of different VLANs.

To modify a port trunk, perform the following procedure:



LACP.

The Port Trunking and LACP menu is shown in Figure 35 on page 134.


Trunking.

The Static Port Trunking menu is shown in Figure 36 on page 134.

4. Type M to select Modify Trunk.





Enter Trunk ID: [1 to 6] ->

5. Enter the ID number of the trunk you want to modify.

The Modify Trunk menu is displayed. The menu displays the operating specifications of the selected trunk. An example is shown in

Figure 38.


Production Switch


Modify Trunk

1 - Trunk ID ......... 2

2 - Trunk Name ....... Server11

3 - Trunk Method ..... SRC/DST MAC

4 - Trunk Ports ...... 12-16

M - Modify Trunk



Figure 38 Modify Trunk Menu

Note

You cannot change a trunk’s ID number.

6. To modify a port trunk’s name, type 2 to select Trunk Name and, when prompted, enter the new name for the trunk. The name can be up to sixteen alphanumeric characters. No spaces or special characters, such as asterisks and exclamation points, are allowed. Each trunk must have a unique name.

7. To change the trunk’s load distribution method, type 3 to toggle the selection through the following possible settings.







For background information on these selections, refer to Load

Distribution Methods on page 130.

137


8. To change the ports of a trunk, type 4 to select Trunk Ports and, when prompted, enter the new ports of the trunk. A trunk can contain up to eight ports. You can identify the ports individually (for example,

3,7,10), as a range (for example, 5-11), or both (for example, 2,4,11-14).

The new list of ports replaces the existing ports of the trunk.

9. Type M to select Modify Trunk.

The modifications to the port trunk are activated on the switch.


11. Reconnect the cables to the ports of the trunk on the switch.

The modified port trunk is ready for network operations.

Deleting a Static

Port Trunk

To delete a static port trunk from the switch, perform the following procedure:

Caution

Disconnect the cables from the port trunk on the switch before performing the following procedure. Deleting a port trunk without first disconnecting the cables can create loops in your network topology. Data loops can result in broadcast storms and poor network performance.


2. From the Port Menu, type 4 to select Port Trunking and LACP.



Trunking.

The Static Port Trunking menu is shown in Figure 36 on page 134.

4. Type D to select Delete Trunk.


Enter Trunk ID: [1 to 6] ->

5. Enter the ID number of the trunk to be deleted.

A confirmation prompt is displayed.

6. Type Y for yes to delete the port trunk or N for no to cancel this procedure.

The port trunk is deleted from the switch.




Managing LACP Trunks

The following procedures explain how to create and manage LACP trunks:

❑ Enabling or Disabling LACP on page 139

❑ Setting a LACP System Priority on page 140

❑ Creating an Aggregator on page 141

❑ Modifying an Aggregator on page 143

❑ Deleting an Aggregator on page 145

❑ Configuring LACP Port Parameters on page 146

❑ Displaying LACP Port or Aggregator Status on page 148

For background information, refer to LACP Trunk Overview on page 123.

Enabling or

Disabling LACP

This procedure explains how to enable or disable LACP on the switch.

When you enable LACP, the switch begins to transmit LACPDU packets from ports assigned to aggregators. If ports in an aggregator receive

LACPDU packets from a remote device, the switch creates aggregate trunks. If no aggregators are defined, no LACPDU packets are transmitted. When you disable LACP, any ports in existing aggregators stop sending LACPDU packets and function as regular Fast Ethernet ports.

Caution

Do not disable LACP if there are defined aggregators. without first disconnecting all cables connected to the aggregate trunk ports.

Otherwise, a network loop might occur, resulting in a broadcast storm and poor network performance.

To enable or disable LACP, perform the following procedure:



LACP.


3. Type 2 to select LACP Configuration.



The LACP (IEEE 8023ad) Configuration menu is shown in Figure 39.


Production Switch


LACP (IEEE 802.3ad) Configuration

1 - LACP Status ....................... Disabled

2 - Priority .......................... 0x0080

3 - Create Aggregator

4 - Modify Aggregator

5 - Configure Port

6 - Delete Aggregator

7 - Show LACP Port Status

8 - Show LACP Aggregator Status



Setting a LACP

System Priority

Figure 39 LACP (IEEE 8023ad) Configuration Menu

4. Type 1 to toggle LACP Status between Disabled and Enabled. The default is disabled.


This procedure explains how to set the LACP system priority value on a switch. The switch uses this parameter if a conflict occurs when establishing an aggregate trunk with the other device. The LACP settings on the device with the higher priority take precedence over the settings on the other device. The lower the value, the higher the priority.

A switch can have only one LACP system priority. For more information,

refer to LACP System Priority on page 127.

To set the LACP system priority for the switch, perform the following procedure:



LACP.



The LACP (IEEE 8023ad) Configuration menu is shown in Figure 39 on page 140.

4. Type 2 to s elect Priority.




Creating an

Aggregator

Enter Priority [0x1 - 0xFFFF]: [0x1 to 0xffff] -> 0x

5. Enter the new value is hexadecimal. The range is 1 to FFFF. The lower the value, the higher the priority. The prefix “0x” indicates that the number is hexadecimal.

The new priority value takes effect immediately on the switch.


To create an aggregator, perform the following procedure:

Caution

Do not connect the cables to the ports of the aggregator on the switch until after you have configured the aggregator with the management software and enabled LACP. Connecting the cables before configuring the software and activating the protocol will create a loop in your network topology. Data loops can result in broadcast storms and poor network performance.

Note

Before creating an aggregator, verify that the ports that will be members of the aggregator are set to Auto-Negotiation or 100

Mbps, full-duplex. Aggregate trunks do not support half-duplex mode.



LACP.




4. Type 3 to select Create Aggregator.




The Create LACP (IEEE 8023ad) Aggregator menu is shown in Figure

39 on page 140.


Production Switch


Create LACP (IEEE 802.3ad) Aggregator

1 - Aggregator ..................

2 - Adminkey .................... 0x0000

3 - Distribution Mode ........... SRC/DST MAC

4 - Port Range ..................

C - Create Aggregator



Figure 40 Create LACP (IEEE 8023ad) Aggregator Menu

5. Configure the parameters as necessary. The parameters are defined here:

1 - Aggregator

Specifies a name for the aggregator. The name can be up to twenty alphanumeric characters. Spaces are allowed, but special characters, such as asterisks and exclamation points, are not. Each aggregator must have a unique name.

2 - Adminkey

Specifies a unique adminkey value for the aggregator. The value is entered in hexadecimal. The range is 1 to FFFF. For background

information, refer to Adminkey Parameter on page 127.

3 - Distribution Mode

Sets the load distribution method. Possible settings are:









142


4 - Port Range

Specifies the aggregator ports. An aggregator can contain any number of ports on the switch. You can identify the ports individually

(for example, 3,7,10), as a range (for example, 5-11), or both (for example, 2,4,11-14).

6. After you configure the parameters, type C to select Create

Aggregator.

The aggregator is created on the switch.

7. If LACP is not enabled on the switch, perform the procedure Enabling or Disabling LACP on page 139 and activate the protocol.

8. Configure LACP on the other network device.

9. Connect the cables to the ports of the aggregator on both the switch and the other network device.

The aggregator and its aggregate trunk(s) are now ready for network operations.

Modifying an

Aggregator

Caution

Do not connect the cables to the ports of the aggregator on the switch until after you have enabled LACP. Connecting the cables before activating the protocol will create a loop in your network topology. Data loops can result in broadcast storms and poor network performance.

10. Repeat this procedure to create additional aggregators, if needed.


This procedure explains how to modify an aggregator. You can change an aggregator’s name, adminkey, or load distribution method. You can also use this procedure to add or remove ports. To modify an aggregator, you need to know its name or adminkey key. It is

recommended that you review the section LACP Trunk Guidelines on page 129 before modifying an aggregator.

Caution

If you will be adding or removing ports from the aggregator, you should disconnect all network cables from the ports of the aggregator on the switch before performing the procedure. Adding or removing ports without first disconnecting the cables can result in loops in your network topology, which can result in broadcast storms and poor network performance.



To modify an aggregator, perform the following procedure:



LACP.




4. Type 4 to select Modify Aggregator.

The Modify LACP (IEEE 8023ad) Aggregator menu is shown in Figure

41.


Production Switch


Modify LACP (IEEE 802.3ad) Aggregator

1 - Aggregator ..................

2 - Adminkey .................... 0x0000

3 - Distribution Mode ........... SRC/DST MAC

4 - Port Range ..................

M - Modify Aggregator



Figure 41 Modify LACP (IEEE 8023ad) Aggregator Menu

5. Type 1 to select Aggregator or 2 for Adminkey and, when prompted, enter the name or adminkey of the aggregator you want to modify.

You can specify the aggregator by its name or adminkey number. The name is case-sensitive.

After you enter the aggregator’s name or adminkey, the specifications of the aggregator are displayed in the menu.

6. Adjust the settings as necessary. The parameters are defined here:

1 - Aggregator

Specifies a name for the aggregator. The name can be up to twenty alphanumeric characters. Spaces are allowed, but special characters, such as asterisks and exclamation points, are not. Each aggregator must have a unique name.



2 - Adminkey

Specifies a unique adminkey value for the aggregator. The value is entered in hexadecimal. The range is 1 to FFFF. For background

information, refer to Adminkey Parameter on page 127.

3 - Distribution Mode

Sets the load distribution method. Possible settings are:









4 - Port Range

Specifies the aggregator ports. An aggregator can contain any number of ports on the switch. You can identify the ports individually

(for example, 3,7,10), as a range (for example, 5-11), or both (for example, 2,4,11-14).

7. After configuring the parameters, type M to select Modify

Aggregator.

The aggregator is modified on the switch.

8. Reconnect the cables to the ports of the aggregator.

The modified aggregator is now ready for network operations.

Deleting an

Aggregator

This procedure deletes an aggregator from the switch. The ports that are members of the aggregator stop transmitting LACPDU packets after the aggregator is deleted.

Caution

Disconnect the cables from the ports of the aggregator before performing the following procedure. Deleting an aggregator without first disconnecting the cables can create loops in your network topology. Data loops can result in broadcast storms and poor network performance.



To delete an aggregator, perform the following procedure:



LACP.




4. Type 6 to select Delete Aggregator.


Enter Aggregator Name [Max up to 20 alphanumeric characters]:

5. Enter the name of the aggregator you want to delete. The name is case-sensitive. You can delete only one aggregator at a time.

A confirmation prompt is displayed.

6. Type Y to delete the aggregator or N to cancel the procedure.

If you entered Yes, the aggregator is deleted.

Configuring

LACP Port

Parameters

This procedure explains how to configure a port’s priority value. This parameter determines whether a port is active or in standby mode as

part of an aggregate trunk. For further information, refer to LACP Port

Priority Parameter on page 128. This procedure also shows how to

assign a port to a different aggregator.

Note

To remove a port from an aggregator without assigning it to a

different one, skip this procedure and instead perform Modifying an

Aggregator on page 143. When modifying the aggregator, reenter

its port list, omitting the port you want to remove.

To configure a port, perform the following procedure:



LACP.







4. Type 4 to select Modify Aggregator.

The Modify LACP (IEEE 8023ad) Aggregator menu is shown in Figure

41.


Production Switch


LACP (IEEE 802.3ad) Port Configuration

1 - Port Number ................. 0

2 - Adminkey .................... 0x0000

3 - Priority .................... 0x0000

4 - Aggregator ..................

M - Modify Port



Figure 42 Modify LACP (IEEE 8023ad) Aggregator Menu

5. Type 1 to select Port Number and, when prompted, enter the port you want to configure. You can configure only one port at a time.

The management software displays the port’s current aggregator settings. If the port is not a member of any aggregator, the parameters still display default values that are specific to the port and switch.

6. To set the port’s priority value, type 3 to Priority and enter the new value in hexadecimal. The range is 1 to FFFF. The default is the port number in hexadecimal.

7. To move the port to a different aggregator or to assign it to an aggregator if it is not currently a member of one, type either 2 to select Adminkey or 4 to select Aggregator and enter the adminkey value or name of the aggregator where you want to assign the port.

You can specify only one aggregator and it must already exist on the switch.

8. Type M to select Modify Port.

147


Displaying LACP

Port or

Aggregator Status

To display LACP port or aggregator status, perform the following procedure:



LACP.




4. To view port status, type 7 to select Show LACP Port Status. To view aggregator status, type 8 to select Show LACP Aggregator Status.

Figure 43 is an example of the LACP (IEEE 802.3ad Port Status menu.

The information in this window is for viewing purposes only. For definitions, refer to the IEEE 802.3ad standard.

LACP (IEEE 802.3ad) Port Status

Port ............. 01

Aggregator ....... Sales server

ACTOR PARTNER

====================================++++++++===========================

Actor Port ............. 06 Partner Port ......... 00

Selected ............... SELECTED Partner System ....... 00-30-84-00-00-02

Oper Key ............... 0x0050

Oper Port Priority .... 0x0006

Individual ............. NO

Synchronized............ YES

Oper Key ............ 0x0004

Oper Port Priority ... 0x0007

Individual ........... NO

Synchronized.......... YES

Collecting ............ YES

Distributing ........... YES

Defaulted .............. NO

Expired ................ NO

Actor Churn .......... YES

Collecting ........... YES

Distributing ......... NO

Defaulted ............ NO

Expired .............. NO

Partner Churn ........ YES

N - Next Page

U - Update Display



Figure 43 LACP (IEEE 802.3ad Port Status Menu



Figure 44 is an example of the LACP (IEEE 802.3ad) Aggregator Status

menu. The information is for viewing purposes only. An aggregator appears in the menu only if there is at least one active aggregate trunk between the switch and another network device.

User: Manager


Production Switch

11:20:02 02-Jan-2004

LACP (IEEE 802.3ad) Aggregator Status

Aggregator #1 ................. Sales server

Adminkey ...................... 0x0050

Oper Key....................... 0x1405

Speed ......................... 100 Mbps

Ports in LAGID ................ 1-4

Aggregated Port ............... 1-4

Mode .......................... SRC/DST MAC

LAG ID:

[(0080,00-30-84-00-00-00,0041,00,0000),(0080,00-30-84-00-00-02,0004,00,0000)]



Figure 44 LACP (IEEE 802.3ad) Aggregator Status Menu

If there are no active aggregate trunks on the switch, the following message is displayed:

No Aggregator with aggregatable Ports


Chapter 9

Port Mirroring

This chapter contains the procedures for creating and deleting a port mirror. Sections in the chapter include:

❑ Port Mirroring Overview on page 151

❑ Creating a Port Mirror on page 152

❑ Deleting a Port Mirror on page 154

150


Port Mirroring Overview

The port mirroring feature allows you to unobtrusively monitor the traffic being received and transmitted on one or more ports on a switch by having the traffic copied to another switch port. You can connect a network analyzer to the port where the traffic is being copied and monitor the traffic on the other ports without impacting network performance or speed.

The port(s) whose traffic you want to mirror is called the source port(s).

The port where the traffic is copied to is called the destination port.

Observe the following guidelines when you create a port mirror:

❑ You can select only one destination port.

❑ You can select more than one source port. However, the more ports you mirror, the less likely the destination port will be able to handle all the traffic. For example, if you mirror the traffic of six heavily active ports, the destination port is likely to drop packets, meaning that it will not provide an accurate mirror of the traffic of the six source ports.

❑ You can mirror either the ingress or egress traffic of the source ports, or both.

❑ The source and destination ports must be located on the same switch.

❑ For AT-8550GB Series switches, the source ports and the destination port must be located within the same port group. The port groups are:

— Ports 1 to 24 and 49

— Ports 25 to 48 and 50


Chapter 9: Port Mirroring

Creating a Port Mirror

To create a port mirror, perform the following procedure:



2. From the Port Configuration menu, type 6 to select Port Mirroring.

The Port Mirroring menu is shown in Figure 45.


Production Switch


Port Mirroring

1 - Enable/Disable .................... Disabled



Figure 45 Port Mirroring Menu #1

3. Type 1 to select Enable/Disable.


Enter Enable(E)/Disable(D):

4. Type E to enable the feature.

New options are added to the Port Mirroring menu, as shown in

Figure 46.


Production Switch


Port Mirroring

1 - Enable/Disable ...................... Enabled

2 - Mirror-To (Destination) Port ........ None

3 - Ingress (Rx) Mirror (Source) Ports .. None

4 - Egress (Tx) Mirror (Source) Ports ... None



Figure 46 Port Mirroring Menu #2



5. Type 2 to select Mirror-To Port and, when prompted, enter the number of the port to function as the destination port. This is the port where the traffic from the source ports will be copied to and where the network analyzer will be located. You can specify only one destination port.

6. If you want to mirror the ingress (received) traffic on one or more ports, type 3 to select Ingress Mirror Port and, when prompted, enter the ports. You can identify the ports individually (for example, 3,7,10), as a range (for example, 5-11), or both (for example, 2,4,11-14).

Entering “none” removes all ingress source ports.

7. If you want to mirror the egress (transmitted) traffic from one or more ports, type 4 to select Egress Mirror Port and, when prompted, enter the ports. Entering “none” removes all egress source ports.

To monitor both the ingress and egress traffic of the source ports, you must specify the ports in both menu options 3 and 4.

The port mirror is now functional. Attach a network analyzer to the destination port to monitor the traffic on the source ports.



Chapter 9: Port Mirroring

Deleting a Port Mirror

To delete a port mirror, perform the following procedure:



2. From the Port Configuration menu, type 6 to select Port Mirroring.

The Port Mirroring menu is shown in Figure 46 on page 152.

3. Type 1 to select Enable/Disable.


Enter Enable(E)/Disable(D):

4. Type D to disable the feature.

Port mirroring on the switch is now disabled. You can disconnect the network analyzer from the destination port and use the port for normal network operations.


Chapter 10

Ethernet Statistics

This chapter contains the procedures for displaying data traffic statistics.

The chapter contains the following sections:

❑ Displaying Port Statistics on page 156

❑ Clearing Port Counters on page 158

155

Chapter 10: Ethernet Statistics

Displaying Port Statistics

To display Ethernet port statistics, perform the following procedure:


2. From the Port Configuration menu, type 3 to select Port Statistics.

The Port Statistics menu is shown in Figure 47.


Production Switch


Port Statistics

1 - Display Port Statistics

3 - Clear Port Statistics



Figure 47 Port Statistics Menu

3. From the Port Statistics menu, type 1 to select Display Port Statistics.


Enter port-list:

4. Enter the port whose statistics you want to view. You can specify more than one port at a time.

A menu is displayed containing the statistics for each port. The information in this menu is for viewing purposes only. The statistics are defined below:

Bytes Received

Number of bytes received on the port.

Bytes Sent

Number of bytes transmitted from the port.

Frames Received

Number of frames received on the port.

Frames Sent

Number of frames transmitted from the port.

Broadcast Frames Received

Number of broadcast frames received on the port.

Broadcast Frames Sent

Number of broadcast frames transmitted from the port.




Multicast Frames Received

Number of multicast frames received on the port.

Multicast Frames Sent

Number of multicast frames transmitted from the port.

Frames 64 Bytes

Frames 65 - 127 Bytes




Frames 1024 - 1518 Bytes

Number of frames transmitted from the port, grouped by size.

CRC Error

Number of frames with a cyclic redundancy check (CRC) error but with the proper length (64-1518 bytes) received on the port.

Jabber

Number of occurrences of corrupted data or useless signals appearing on the port.

No. of Rx Errors

Total number of frames received on the port containing errors.

No. of Tx Errors

Total number of frames transmitted on the port containing errors.

Undersize Frames

Number of frames that were less than the minimum length specified by IEEE 802.3 (64 bytes including the CRC) received on the port.

Oversize Frames

Number of frames exceeding the maximum specified by IEEE

802.3 (1518 bytes including the CRC) received on the port.

Fragments

Number of undersized frames, frames with alignment errors, and frames with frame check sequence (FCS) errors (CRC errors) received on the port.

Tx Collisions

Number of collisions that have occurred on the port. This applies only to ports operating in half duplex.

157

Chapter 10: Ethernet Statistics

Clearing Port Counters

To return the statistics counters of a port to zero, perform the following procedure:


2. From the Port Configuration menu, type 3 to select Port Statistics.

The Port Statistics menu is shown in Figure 47 on page 156.

1. From the Port Statistics menu, type 2 to select Clear Port Statistics.


Enter port-list:

2. Enter the port whose statistics counters you want to return to zero.

You can specify more than one port at a time.

The port counters are returned to zero.


No results