Switch User Manual
Table Of Contents
- 00-1Cover.pdf
- 01-CLI Operation.pdf
- 02-Login Operation.pdf
- 1 Logging In to the Switching Engine
- 2 Logging In Through OAP
- 3 Logging In Through Telnet
- 4 Logging In from the Web-Based Network Management System
- 5 Logging In from NMS
- 6 Configuring Source IP Address for Telnet Service Packets
- 7 User Control
- 03-Configuration File Management Operation.pdf
- 04-VLAN Operation.pdf
- 1 VLAN Overview
- 2 VLAN Configuration
- 05-Auto Detect Operation.pdf
- 06-Voice VLAN Operation.pdf
- 07-GVRP Operation.pdf
- 08-Basic Port Configuration Operation.pdf
- 1 Basic Port Configuration
- Ethernet Port Overview
- Configuring Ethernet Ports
- Making Basic Port Configuration
- Configuring Port Auto-Negotiation Speed
- Setting the Ethernet Port Broadcast Suppression Ratio
- Enabling Flow Control on a Port
- Configuring Access Port Attribute
- Configuring Hybrid Port Attribute
- Configuring Trunk Port Attribute
- Disabling Up/Down Log Output on a Port
- Copying Port Configuration to Other Ports
- Configuring a Port Group
- Setting Loopback Detection for an Ethernet Port
- Configuring the Ethernet Port to Run Loopback Test
- Enabling the System to Test Connected Cable
- Configuring the Interval to Perform Statistical Analysis on Port Traffic
- Displaying and Maintaining Ethernet Ports
- Ethernet Port Configuration Example
- Troubleshooting Ethernet Port Configuration
- 1 Basic Port Configuration
- 09-Link Aggregation Operation.pdf
- 1 Link Aggregation Configuration
- 10-Port Isolation Operation.pdf
- 11-Port Security-Port Binding Operation.pdf
- 1 Port Security Configuration
- Port Security Overview
- Port Security Configuration
- Displaying and Maintaining Port Security Configuration
- Port Security Configuration Example
- 2 Port Binding Configuration
- 1 Port Security Configuration
- 12-DLDP Operation.pdf
- 13-MAC Address Table Management Operation.pdf
- 14-MSTP Operation.pdf
- 1 MSTP Configuration
- STP Overview
- MSTP Overview
- Configuring Root Bridge
- Configuration Prerequisites
- Configuring an MST Region
- Specifying the Current Device as a Root Bridge/Secondary Root Bridge
- Configuring the Bridge Priority of the Current Device
- Configuring the Mode a Port Recognizes and Sends MSTP Packets
- Configuring the MSTP Operation Mode
- Configuring the Maximum Hop Count of an MST Region
- Configuring the Network Diameter of the Switched Network
- Configuring the MSTP Time-related Parameters
- Configuring the Timeout Time Factor
- Configuring the Maximum Transmitting Speed on the Current Port
- Configuring the Current Port as an Edge Port
- Specifying Whether the Link Connected to a Port Is Point-to-point Link
- Enabling MSTP
- Configuring Leaf Nodes
- Configuration Prerequisites
- Configuring the MST Region
- Configuring the Mode a Port Recognizes and Sends MSTP Packets
- Configuring the Timeout Time Factor
- Configuring the Maximum Transmitting Speed on the Current Port
- Configuring a Port as an Edge Port
- Configuring the Path Cost for a Port
- Configuring Port Priority
- Specifying Whether the Link Connected to a Port Is a Point-to-point Link
- Enabling MSTP
- Performing mCheck Operation
- Configuring Guard Functions
- Configuring Digest Snooping
- Configuring Rapid Transition
- Configuring VLAN-VPN Tunnel
- STP Maintenance Configuration
- Enabling Trap Messages Conforming to 802.1d Standard
- Displaying and Maintaining MSTP
- MSTP Configuration Example
- VLAN-VPN tunnel Configuration Example
- 1 MSTP Configuration
- 15-802.1x and System Guard Operation.pdf
- 1 802.1x Configuration
- Introduction to 802.1x
- Introduction to 802.1x Configuration
- Basic 802.1x Configuration
- Advanced 802.1x Configuration
- Displaying and Maintaining 802.1x
- Configuration Example
- 2 Quick EAD Deployment Configuration
- 3 System-Guard Configuration
- 1 802.1x Configuration
- 16-AAA Operation.pdf
- 1 AAA Overview
- 2 AAA Configuration
- AAA Configuration Task List
- RADIUS Configuration Task List
- Creating a RADIUS Scheme
- Configuring RADIUS Authentication/Authorization Servers
- Configuring RADIUS Accounting Servers
- Configuring Shared Keys for RADIUS Messages
- Configuring the Maximum Number of RADIUS Request Transmission Attempts
- Configuring the Type of RADIUS Servers to be Supported
- Configuring the Status of RADIUS Servers
- Configuring the Attributes of Data to be Sent to RADIUS Servers
- Configuring the Local RADIUS Authentication Server Function
- Configuring Timers for RADIUS Servers
- Enabling Sending Trap Message when a RADIUS Server Goes Down
- Enabling the User Re-Authentication at Restart Function
- HWTACACS Configuration Task List
- Displaying and Maintaining AAA
- AAA Configuration Examples
- Troubleshooting AAA
- 3 EAD Configuration
- 17-MAC Address Authentication Operation.pdf
- 18-IP Address and Performance Operation.pdf
- 19-DHCP Operation.pdf
- 1 DHCP Overview
- 2 DHCP Relay Agent Configuration
- Introduction to DHCP Relay Agent
- Configuring the DHCP Relay Agent
- Displaying and Maintaining DHCP Relay Agent Configuration
- DHCP Relay Agent Configuration Example
- Troubleshooting DHCP Relay Agent Configuration
- 3 DHCP Snooping Configuration
- DHCP Snooping Overview
- DHCP Snooping Configuration
- Configuring DHCP Snooping
- Configuring DHCP Snooping to Support Option 82
- DHCP-Snooping Option 82 Support Configuration Task List
- Enable DHCP-snooping Option 82 support
- Configure a handling policy for DHCP packets with Option 82
- Configure the storage format of Option 82
- Configure the circuit ID sub-option
- Configure the remote ID sub-option
- Configure the padding format for Option 82
- Configuring IP Filtering
- DHCP Snooping Configuration Example
- Displaying and Maintaining DHCP Snooping Configuration
- 4 DHCP/BOOTP Client Configuration
- 20-ACL Operation.pdf
- 1 ACL Configuration
- ACL Overview
- ACL Configuration
- ACL Assignment
- Displaying and Maintaining ACL
- Examples for Upper-layer Software Referencing ACLs
- Examples for Applying ACLs to Hardware
- 1 ACL Configuration
- 21-QoS-QoS Profile Operation.pdf
- 1 QoS Configuration
- Overview
- QoS Supported by Devices
- QoS Configuration
- QoS Configuration Task List
- Configuring Priority Trust Mode
- Configuring Priority Mapping
- Setting the Priority of Protocol Packets
- Marking Packet Priority
- Configuring Traffic Policing
- Configuring Traffic Shaping
- Configuring Traffic Redirecting
- Configuring VLAN Mapping
- Configuring Queue Scheduling
- Collecting/Clearing Traffic Statistics
- Enabling the Burst Function
- Configuring Traffic Mirroring
- Displaying and Maintaining QoS
- QoS Configuration Example
- 2 QoS Profile Configuration
- 1 QoS Configuration
- 22-Mirroring Operation.pdf
- 23-ARP Operation.pdf
- 24-SNMP-RMON Operation.pdf
- 25-Multicast Operation.pdf
- 1 Multicast Overview
- 2 IGMP Snooping Configuration
- IGMP Snooping Overview
- IGMP Snooping Configuration
- IGMP Snooping Configuration Task List
- Enabling IGMP Snooping
- Configuring the Version of IGMP Snooping
- Configuring Timers
- Configuring Fast Leave Processing
- Configuring a Multicast Group Filter
- Configuring the Maximum Number of Multicast Groups on a Port
- Configuring IGMP Querier
- Suppressing Flooding of Unknown Multicast Traffic in a VLAN
- Configuring Static Member Port for a Multicast Group
- Configuring a Static Router Port
- Configuring a Port as a Simulated Group Member
- Configuring a VLAN Tag for Query Messages
- Configuring Multicast VLAN
- Displaying and Maintaining IGMP Snooping
- IGMP Snooping Configuration Examples
- Troubleshooting IGMP Snooping
- 3 Common Multicast Configuration
- 26-NTP Operation.pdf
- 1 NTP Configuration
- Introduction to NTP
- NTP Configuration Task List
- Configuring NTP Implementation Modes
- Configuring Access Control Right
- Configuring NTP Authentication
- Configuring Optional NTP Parameters
- Displaying and Maintaining NTP Configuration
- NTP Configuration Examples
- 1 NTP Configuration
- 27-SSH Operation.pdf
- 1 SSH Configuration
- SSH Overview
- Configuring the SSH Server
- SSH Server Configuration Tasks
- Configuring the Protocol Support for the User Interface
- Generating/Destroying a RSA or DSA Key Pair
- Exporting the RSA or DSA Public Key
- Creating an SSH User and Specify an Authentication Type
- Specifying a Service Type for an SSH User
- Configuring SSH Management
- Configuring the Client Public Key on the Server
- Assigning a Public Key to an SSH User
- Specifying a Source IP Address/Interface for the SSH Server
- Configuring the SSH Client
- Displaying and Maintaining SSH Configuration
- SSH Configuration Examples
- When the Device Acts as the SSH Server and the Authentication Type is Password
- When the Device Acts as an SSH Server and the Authentication Type is Publickey
- When the Switch Acts as an SSH Client and the Authentication Type is Password
- When the Device Acts as an SSH Client and the Authentication Type is Publickey
- When the Device Acts as an SSH Client and First-time authentication is not Supported
- 1 SSH Configuration
- 28-File System Management Operation.pdf
- 29-FTP-SFTP-TFTP Operation.pdf
- 1 FTP and SFTP Configuration
- Introduction to FTP and SFTP
- FTP Configuration
- SFTP Configuration
- 2 TFTP Configuration
- 1 FTP and SFTP Configuration
- 30-Information Center Operation.pdf
- 1 Information Center
- Information Center Overview
- Information Center Configuration
- Introduction to the Information Center Configuration Tasks
- Configuring Synchronous Information Output
- Configuring to Display the Time Stamp with the UTC Time Zone
- Setting to Output System Information to the Console
- Setting to Output System Information to a Monitor Terminal
- Setting to Output System Information to a Log Host
- Setting to Output System Information to the Trap Buffer
- Setting to Output System Information to the Log Buffer
- Setting to Output System Information to the SNMP NMS
- Displaying and Maintaining Information Center
- Information Center Configuration Examples
- 1 Information Center
- 31-System Maintenance and Debugging Operation.pdf
- 1 Host Configuration File Loading
- 2 Basic System Configuration and Debugging
- 3 Network Connectivity Test
- 4 Device Management
- Introduction to Device Management
- Device Management Configuration
- Displaying and Maintaining the Device Management Configuration
- 32-VLAN-VPN Operation.pdf
- 33-HWPing Operation.pdf
- 34-DNS Operation.pdf
- 35-Smart Link-Monitor Link Operation.pdf
- 36-PoE-PoE Profile Operation.pdf
- 1 PoE Configuration
- PoE Overview
- PoE Configuration
- PoE Configuration Task List
- Enabling the PoE Feature on a Port
- Setting the Maximum Output Power on a Port
- Setting PoE Management Mode and PoE Priority of a Port
- Setting the PoE Mode on a Port
- Configuring the PD Compatibility Detection Function
- Upgrading the PSE Processing Software Online
- Displaying and Maintaining PoE Configuration
- PoE Configuration Example
- 2 PoE Profile Configuration
- 1 PoE Configuration
- 37-Routing Protocol Operation.pdf
- 1 IP Routing Protocol Overview
- 2 Static Route Configuration
- 3 RIP Configuration
- 4 IP Route Policy Configuration
- 38-UDP Helper Operation.pdf
- 39-Appendix.pdf
1-2
Port Security Modes
Table 1-1 describes the available port security modes.
Table 1-1 Description of port security modes
Security mode Description Feature
noRestriction
Port security is disabled on the port and access to the port is
not restricted.
In this mode,
neither the
NTK nor the
intrusion
protection
feature is
triggered.
autolearn
In this mode, a port can learn a specified number of MAC
addresses and save those addresses as secure MAC
addresses.
When the number of secure MAC addresses reaches the
upper limit, the port changes to work in secure mode and
permits only frames whose source MAC addresses are
secure MAC addresses or static MAC addresses configured
by using the mac-address static command.
secure
In this mode, the port is disabled from learning MAC
addresses.
Only those packets whose source MAC addresses are
security MAC addresses learned and static or dynamic MAC
addresses can pass through the port.
In either mode,
the device will
trigger NTK
and intrusion
protection
upon detecting
an illegal
packet.
userlogin
In this mode, port-based 802.1x authentication is performed
for access users.
In this mode,
neither NTK
nor intrusion
protection will
be triggered.