AT-8100 Series Fast Ethernet Switches AT-8100L/8 AT-8100L/8POE AT-8100L/8POE-E AT-8100S/24C AT-8100S/24 AT-8100S/24POE AT-8100S/16F8-SC AT-8100S/16F8-LC AT-8100S/24F-LC AT-8100S/48 AT-8100S/48POE AT-8100S/24POE 25 26R 26 49R 49 50R 50 CONSOLE plus AT-8100S/48POE AT-8100S/16F8-SC AT-8100S/24F-BiDi 25R S1 LINK / ACT S2 LINK / ACT S2 LINK / ACT S2 LINK / ACT S2 CONSOLE plus 1 3 TX L/A RX 5 TX 2 L/A RX 4 TX L/A RX 7 TX L/A RX 6 TX L/A RX 9 TX L/
Copyright Copyright © 2012, Allied Telesis, Inc. All rights reserved. This product includes software licensed under the BSD License. As such, the following language applies for those portions of the software licensed under the BSD License: Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
Allied Telesis is committed to meeting the requirements of the open source licenses including the GNU General Public License (GPL) and will make all required source code available. If you would like a copy of the GPL source code contained in this product, please send us a request by registered mail including a check for US$15 to cover production and shipping costs, and a CD with the GPL code will be mailed to you. GPL Code Request Allied Telesis, Inc.
Contents Preface ............................................................................................................................................................ 15 Document Conventions .................................................................................................................................... 16 Downloading Management Software and Web-based Guides......................................................................... 17 Contacting Allied Telesis ......................
Contents Downloading a Configuration File onto Your PC ........................................................................................ 51 Deleting a Configuration ............................................................................................................................. 52 Managing Local User Accounts ........................................................................................................................ 53 Adding a New User Account................................
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Adding Static Trunks ...................................................................................................................................... 131 Modifying the Static Trunk Settings ................................................................................................................ 134 Deleting Static Trunks ....................................................................................................
Contents Remote Manager Accounts ......................................................................................................................200 Accounting Information.............................................................................................................................201 Configuring RADIUS and TACACS+ ........................................................................................................201 Placing RADIUS and TACACS+ Servers in the Client’s List ..........
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Classifier Number Ranges ....................................................................................................................... 268 Filtering Criteria........................................................................................................................................ 269 Actions ........................................................................................................................
Contents Configuring sFlow on a Port............................................................................................................................344 Specifying an sFlow Collector .........................................................................................................................346 Enabling sFlow on the Switch .........................................................................................................................348 Displaying the sFlow Settings ........
Figures Figure 1: Login Page ............................................................................................................................................................26 Figure 2: Login Page with Entries.........................................................................................................................................27 Figure 3: Dashboard Page .............................................................................................................................
Figures Figure 51: VLANs Page ......................................................................................................................................................142 Figure 52: Add VLAN Page ................................................................................................................................................143 Figure 53: Modify VLAN Page ...............................................................................................................................
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Figure 111: Traffic Classifier Page .....................................................................................................................................277 Figure 112: Traffic Classifiers Page....................................................................................................................................278 Figure 113: Layer 3 Tab ....................................................................
Figures 14
Preface This manual is the web browser management guide for the AT-8100 Series of Fast Ethernet switches. The instructions in this guide explain how to start a management session, use the web interface of the AlliedWare Plus™ Management Software, and configure the features of the switch. For hardware installation instructions, refer to the AT-8100L and 8100S Series Fast Ethernet Stand-alone Installation Guide and AT-8100 Series Fast Ethernet Switches Stack Installation Guide.
Document Conventions This document uses the following conventions: Note Notes provide additional information. Caution Cautions inform you that performing or omitting a specific action may result in equipment damage or loss of data. Warning Warnings inform you that performing or omitting a specific action may result in bodily injury.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Downloading Management Software and Web-based Guides Both new releases of management software and product documentation are available from the Allied Telesis web sites. The management software is available at www.alliedtelesis.com/support/software. To display all of the network management software for a product, use the pull-down menu labeled “All” to select a hardware product model such as “AT-8100S/24.
Contacting Allied Telesis This section provides Allied Telesis contact information for technical support and for sales and corporate information. Online Support Email and Telephone Support For Technical Support via email or telephone, refer to the Allied Telesis web site at www.alliedtelesis.com. Select your country from the list on the web site and then select the appropriate tab. Returning Products Products for return or repair must first be assigned a return materials authorization (RMA) number.
Chapter 1 AlliedWare Plus™ Version 2.2.4 Web Browser Interface This chapter describes the types of management sessions using the AlliedWare Plus™ management software and the Web interface manager accounts.
Chapter 1: AlliedWare Plus™ Version 2.2.4 Web Browser Interface Management Sessions The AT-8100 series switches provide two management interfaces: the AlliedWare Plus™ Web interface and Command Line Interface (CLI). This manual provides procedures that guide you through the AlliedWare Plus™ Web interface. The initial management session of the switch can be from a management session either through the Web interface or the CLI.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Web Manager Accounts You must log on to manage the switch. This requires a valid username and password. The switch comes with one manager account with a username of “manager” and the default password of “friend.” Both the username and password are case sensitive. This account gives you access to all management modes and commands. In the Web interface, you can create two additional remote manager accounts.
Chapter 1: AlliedWare Plus™ Version 2.2.
Chapter 2 Starting a Management Session This chapter describes how to start a management session using the AlliedWare Plus™ Web interface as well as how to select fields, save your changes, and end a management session.
Chapter 2: Starting a Management Session Non-secure HTTP and Secure HTTPS Modes The switch has a web browser server so that you can remotely manage the switch over the network from a web browser on your PC. The server can operate in either plain-text HTTP mode or encrypted HTTPS mode. To access the switch through a web browser on your PC, either HTTP service or HTTPS service must be enabled.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Starting the Initial Web Management Session This section explains how to start a management session for the first time using the AlliedWare Plus™ Web interface. The switch shipped from the factory is configured with an IP address assigned and the Web interface (HTTP service) enabled.
Chapter 2: Starting a Management Session 3. Open a web browser on the PC and enter the following: http://169.254.1.1 The AT-8100 Login page is displayed as shown in Figure 1. Figure 1.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Logging on to the Switch Once you start the Web interface, the AT-8100 Login page is displayed. Enter “manager” in the User Name field and “friend” in the Password field as shown in Figure 2. Then click the Login button. . Figure 2. Login Page with Entries The Dashboard page is displayed. See Figure 3. The Dashboard page is the home page of the switch.
Chapter 2: Starting a Management Session Figure 3. Dashboard Page The following fields are displayed: Up Time— Indicates the length of time since the switch was last reset or power cycled in days, hours, minutes and seconds. Note Up Time is displayed on the top-right corner of the screen. The System section displays the following information: MAC Address— Indicates the MAC address of the switch. Serial No.— Lists the unique serial number of the switch.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Version— Indicates the software version number of the AlliedWare Plus Management Software. Contact— Indicates the contact person for the switch. To specify this field, see Setting the Switch Information. Location— Indicates the location of the switch. To specify this field, see Setting the Switch Information.
Chapter 2: Starting a Management Session What to Configure First Here are a few suggestions on what to configure during your initial management session on the switch through the Web interface. The initial management session can be performed through the Command Line Interface (CLI) as well as the Web interface. For instructions on how to start a local management session through the CLI, refer to AlliedWare Plus Management Software Version 2.2.4 Command Line Interface User’s Guide.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Setting System Time The management IPv4 address can be any IPv4 address assigned on the switch. The switch can have only one IPv6 address. Your PC must have an IP address that belongs to the network where the management IP address belongs, or have access to the network where the management IP address belongs. To set the system time either manually or with an NTP server, see “Setting the System Date and Time” on page 40.
Chapter 2: Starting a Management Session Starting a Web Management Session This section provides how to start a Web management session when the switch does not have the factory default configuration. To log on to the switch through the Web interface, enter the IP address of the switch on the Web browser, such as Windows Explorer, on the PC or laptop that can access to the switch. If the AlliedWare Plus™ Web interface comes up, you can skip the rest of this section and continue a Web management session.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide When the Switch Does Not Display the Login Page When the switch does not display the Web interface even though you enter the IP address of the switch on the Web browser, you must enable HTTP or HTTPS service on the switch through the CLI by performing the following steps: 1. “Logging on to the CLI through the Console Port” on page 33. Or Log on to the CLI using the Telnet or SSH protocol.
Chapter 2: Starting a Management Session The local management session is started when the AlliedWare Plus™ command line prompt is displayed as shown in Figure 4 on page 34. awplus> Figure 4. AlliedWare Plus™ Command Line Prompt Checking for the IP Addresses of the Switch in the CLI To check for IP addresses assigned to the switch, enter the following commands: awplus> enable awplus# show ip interface For a display of this command, see Figure 5.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide awplus# show ip http HTTP server disabled. Figure 6. Displaying the Status of HTTP Service To check whether HTTPS service is enabled, enter the following commands: awplus> enable awplus# show ip https Figure 7 shows an example of the command output. HTTPS server enabled.
Chapter 2: Starting a Management Session Saving your Changes in the CLI Save your changes to the startup configuration file by entering the following commands: awplus# copy running-config startup-config Or awplus# write 36
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Saving Your Changes The changes you have made are temporarily stored in the running configuration file. When you reboot the switch, the information in the running configuration file is lost. To save your changes after you reboot the switch, do the following: 1. Click SAVE. Figure 8 shows the SAVE at the upper right corner of the Web page. Clicking SAVE saves the changes to the startup configuration file. Figure 8.
Chapter 2: Starting a Management Session Ending a Web Management Session To end a web management session, select LOGOUT at the top of the web page. For an example, see the System Contact Information page in Figure 8 on page 37.
Chapter 3 Basic Switch Parameters This chapter describes how to set up basic switch operations in the web interface.
Chapter 3: Basic Switch Parameters Setting the System Date and Time This procedure explains how to set the switch’s date and time. Setting the date and time is important if you plan to view the events in the switch’s event log or send events to a syslog server. The correct date and time are also important if the management software sends traps to a management workstation or if you plan to create a self-signed SSL certificate.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Figure 9. System Settings Tab 3. From the System tab, select System Settings. 4. Move the cursor to the right and select Time. The System Time Settings page is displayed.See Figure 10. Figure 10. System Time Settings Page with Network Time Settings Tab 5.
Chapter 3: Basic Switch Parameters Server IP Address— Specify the IPv4 address of an SNTP or NTP server. The IPv4 format is: xxx.xxx.xxx.xxx where x is a decimal number from 0 to 255. Note If the local interface on the switch is obtaining its IP address and subnet mask from a DHCP server, you can configure the server to provide the interface with an IP address of an NTP or SNTP server. If you configured the server to provide this address, then you do not need to enter it here.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide 4. Select the Date & Time tab. The System Time Settings page with the Date & Time tab is displayed. See Figure 11. Figure 11. System Time Settings Page with Date & Time Tab 5. You have two ways to set the date and time in the Date & Time field. Use either step 6 or 7. 6. Type in the time and date in the following format: yyyy-dd-mm hh:mm:ss 7. Select the calendar icon next to he Date & Time field. The Calendar page is displayed.
Chapter 3: Basic Switch Parameters Figure 12. Calendar Page a. Use the arrows at the top of the Calendar to select the month and year. b. Set the time of day using the following format: hh:mm:ss c. Click on the day of the month. 8. Click Apply. 9. Click SAVE to save your changes to the startup configuration file.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Configuring a Telnet or SSH Server The AlliedWare Plus Web Browser interface allows you to configure the switch as a Telnet or SSH server. You can use the web browser interface to enable a Telnet server, but not as a Telnet client. The Telnet client is only supported from the CLI. For information about how to use a Telnet client, see the AlliedWare Plus Management Software Version 2.2.4 Command Line Interface User’s Guide.
Chapter 3: Basic Switch Parameters 3. Specify the following fields as necessary: Telnet— Check the checkbox to enable the Telnet server on the switch. To disable the server on the switch, uncheck the checkbox. SSH— Check the checkbox to enable the SSH server on the switch. To disable the server on the switch, uncheck the checkbox. Note Both the Remote Log and Server IP Address fields are used only to set a remote log server.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Configuring a Remote Log Server You can use the AlliedWare Plus Web browser interface to assign the switch to a remote log server, which is part of the Syslog feature. However, you must use the CLI to view or clear the event log. For information about the Syslog features, see the SysLog chapters in the AlliedWare Plus Management Software Version 2.2.4 Command Line Interface User’s Guide.
Chapter 3: Basic Switch Parameters Setting the Switch Information This procedure allows you to set information about the switch such as a switch name, contact person, and location. Assigning a name to the switch helps you identify your switches when you manage them and help you avoid performing a configuration procedure on the wrong switch. To assign a name, contact person, and location to the switch, perform the following procedure: 1. From the home page, select the System tab. 2.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Specify the following fields as necessary: System Name— Enter a name for the switch, for example, S1 or Switch2. The name is displayed on the Dashboard page. See Figure 3 on page 28. The name can be from 1 to 39 characters in length. Special characters, except spaces and quotation marks, are allowed. By default, no system name is specified. This field is optional.
Chapter 3: Basic Switch Parameters Managing the Configuration File Within the web browser interface, you can upload a configuration file on to the switch, download a configuration file from the switch, delete a configuration file, and save your changes to the current configuration file. However, to create a new configuration file, you need to access the switch through the CLI.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide The following fields are displayed: Setting the Active Configuration File Startup Config— Displays the name of the active boot configuration file, which for the switch of the example is “boot.cfg.” File Name— Indicates the name of the configuration file. File Size— Lists the file size in bytes. Last Modify— Indicates the date the configuration file was last modified. The format is year, month, date.
Chapter 3: Basic Switch Parameters 4. Follow the instructions of your Web browser to select a location and save the file. Deleting a Configuration To delete a configuration file, do the following: 1. Click the System tab. For an example of the System tab, see Figure 9 on page 41. 2. From the System tab, select Configuration Files. For an example of the Configuration Files page, See Figure 15 on page 50. 3. Click Delete next to the file name that you want to download. The file is deleted. 4.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Managing Local User Accounts The switch comes with one local manager account. The account, which has the user name “manager” and default password “friend,” is referred to as a local account because it is the switch that authenticates the user name and password when a manager logs on using the account.
Chapter 3: Basic Switch Parameters Figure 17. User Management Page 3. Add a new user, do the following: 54 User Name— Enter a new logon name for the new account. The name is case sensitive and can contain up to 15 alphanumeric characters. Spaces and special characters are not allowed. Password— Enter the password for the new account in plain text. The password can consist of up to 16 alphanumeric characters and is case-sensitive. Spaces and special characters are not allowed.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide 4. Click Add User. 5. Click SAVE to save your changes to the startup configuration file. Changing a User Password To change a user password, do the following: 1. From the home page, click the System tab. The System Settings Tab is displayed. See Figure 9 on page 41. 2. From the System Settings tab, select User Management. The User Management page is displayed. See Figure 17 on page 54. 3.
Chapter 3: Basic Switch Parameters 5. Enter a new password in plaintext in the New Password field. A password can consist of up to 16 alphanumeric characters and is case-sensitive. Spaces and special characters are not allowed. 6. Re-enter the new password in the Confirm New Password field. 7. Click Set Password. 8. Click SAVE to save your changes to the startup configuration file. Changing the User Privilege To change a privilege of a user, do the following: 1. From the home page, click the System tab.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide 4. Use the pull-down menu next to the User Name field to select a user. 5. Use the pull-down menu next the New Privilege field to select a user privilege level. Choose from the following: Level 15— Management accounts with a user level of 15 have unrestricted access to the management software. Level 1— Management accounts with a user level of 1 have restricted access to the management software.
Chapter 3: Basic Switch Parameters Figure 20. User Management Page with Delete User Tab 4. Use the pull-down menu to select a user. 5. Click Delete User. 6. Click SAVE to save your changes to the startup configuration file.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Rebooting a Switch Resetting the switch ends your web browser management session. To continue managing the switch, you must login again. Note All unsaved changes are discarded when you reset a switch. To save your changes to the startup configuration file, click SAVE. To reboot a switch, perform the following procedure: 1. Select the System Tab. The System Settings Tab is displayed. See Figure 9 on page 41. 2.
Chapter 3: Basic Switch Parameters Upgrading the Software The latest version of the AlliedWare Plus™ software is available from the Allied Telesis web site. You can download the software image file on your workstation and upload the file onto the switch. To upgrade the AlliedWare Plus software, perform the following procedure: 1. Open a new browser and enter the following: http://www.alliedtelesis.com/support/software The Allied Telesis Software Download page is displayed. 2.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide 4. Enter your email address and password, then click the Sign In button. Note If you do not know your password, click the Create Account link and follow the instructions on the page. 5. Download the software image file to your workstation. 6. Go back to the AT-8100 Web interface and select Dashboard from the System Settings tab. The Dashboard Page is displayed. See Figure 3 on page 28.
Chapter 3: Basic Switch Parameters Note Upgrading the system software on the switch ends your current web browser management session. To continue managing the switch, you must login again.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Returning the AlliedWare Plus Management Software to the Factory Default Values To reset the AlliedWare Plus Management Software parameters to their default values, you must use the Command Line Interface (CLI). You cannot reset the management software to its factory settings in the web interface. For instructions, see Chapter 7: Basic Switch Management in the AlliedWare Plus Management Software Version 2.2.
Chapter 3: Basic Switch Parameters Displaying System Information To view basic information about the switch, select the System Tab. The Dashboard Page is displayed as shown in Figure 3 on page 28. The following fields are displayed: Up Time— Indicates the length of time since the switch was last reset or power cycled in days, hours, minutes and seconds. The System section displays the following information: MAC Address— Indicates the MAC address of the switch.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Remote Logging— Indicates if the remote log is enabled or disabled on the switch. IGMP Snooping Querier— Indicates if IGMP Snooping Querier is enabled or disabled on the switch. The Administration Options section displays the following information: System Upgrade— Click this link to go to the System Upgrade page to upgrade your system software. See “Upgrading the Software” on page 60.
Chapter 3: Basic Switch Parameters 66
Chapter 4 Setting Port Parameters This chapter describes how to display and modify the port settings such as back pressure and flow control. In addition, it provides procedures to display and modify storm control settings.
Chapter 4: Setting Port Parameters Port Numbers on the Switch The ports on the switch are identified in the format shown in Figure 23. Figure 23. Port Number The variables in the parameter are defined here: 68 Switch ID: When the switch is a stand-alone switch, the Web interface displays number 1 as the switch ID even though the stand-alone switch displays number 0 on the Stack ID LED. The format of the port for stand-alone AT-8100 Series switches is PORT1.0.n.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Displaying the Port Parameters To display the settings for all of the switch ports, do the following: 1. Select the Switching tab. The Switching tab is displayed. See Figure 24. Figure 24. Switching Tab with Port Tab 2. From the Switching tab, select Port. The Port tab expands to the right. 3. From the Port tab, select Port Configuration. The Port Configuration page is displayed. See Figure 25 on page 70.
Chapter 4: Setting Port Parameters Figure 25. Port Configuration Page 4. The following fields are displayed: 70 Interface— Indicates the port ID. Type— Indicates the transmission speed and medium, copper or fiber optic, of the port. For example, 1000Base-SX indicates that the port is a fiber optic gigabit standard. Status— Indicates if the port is enabled or disabled. The default setting is “Enabled.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Back Pressure— Indicates if back pressure is enabled or disabled on the port. Back pressure is used by a port during periods of packet congestion to temporarily stop its network counterpart from transmitting more packets. This prevents a buffer overrun and the subsequent loss and retransmission of network packets.
Chapter 4: Setting Port Parameters Changing the Port Settings You can change the settings of one port at a time. Use the following procedure to change the port settings or reset a port to its default value, To change the port settings, do the following: 1. Select the Switching tab. The Switching tab is displayed. See Figure 24 on page 69. 2. From the Switching tab, select Port. The Port tab expands to the right. 3. From the Port tab, select Port Configuration. The Port Configuration page is displayed.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Figure 26. Port Configuration Modify Page 5. Specify the following fields as needed: Interface— Indicates the port ID. Port Type— Indicates the transmission speed and medium, copper or fiber, that the port supports. Port Description— Enter a description of the port. You can enter up to 80 alphanumeric characters; however, only 30 characters are displayed in the Port Configuration List page.
Chapter 4: Setting Port Parameters Negotiation— Select the state of Auto Negotiation from the pulldown menu. Setting “Auto” enables Auto Negotiation and setting “Manual” disables Auto Negotiation. The default setting is “Auto.” When the setting for this field is “Auto,” the Configure Speed and Configure Duplex fields change from white to brown and you cannot select them. To change the Configure Speed and Configure Duplex fields, change the Negotiation setting to “Manual.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide To enable and disable back pressure on a port, the speed and duplex mode must be specified manually. You cannot set back pressure on a port that is using Auto-Negotiation. Back Pressure Limit (1 - 7935)— Enter a threshold level for back pressure on the port. Enter the number of cells for back pressure. A cell represents 128 bytes. The range is 1 to 7935 cells. The default value is 7935 cells.
Chapter 4: Setting Port Parameters Displaying the Storm Control Settings To display the storm control settings, do the following: 1. Select the Switching tab. The Switching tab is displayed. See Figure 24 on page 69. 2. From the Switching tab, select Port. The Port tab expands to the right. 3. From the Port tab, select Storm Control. The Storm Control List page is displayed. See Figure 27. Figure 27. Storm Control List Page The following fields are displayed: 76 Interface— Indicates the port ID.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Multicast— Indicates whether the Multicast threshold setting is enabled or disabled. Multicast Level— Indicates the maximum number of ingress packets per second of multicast packets the port receives. Multicast packets that exceed the threshold are discarded by the port. The range is 0 to 33,554,431 packets. The default is 33,554,431 packets.
Chapter 4: Setting Port Parameters Modifying the Storm Control Settings To modify the storm control settings, do the following: 1. Select the Switching tab. The Switching tab is displayed. See Figure 24 on page 69. 2. From the Switching tab, select Port. The Port tab expands to the right. 3. From the Port tab, select Storm Control. The Storm Control List page is displayed. See Figure 25 on page 70. 4. Click Edit on the port that you want to modify. The Storm Control Settings page is displayed.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide 5. Change the following fields as needed: Broadcast— Enable or disable the broadcast storm control feature. When this feature is enabled, the port discards ingress packets that exceed the specified level. This feature is disabled by default. Enter the Level— Enter the maximum number of ingress packets per second of broadcast packets the port receives.
Chapter 4: Setting Port Parameters 80
Chapter 5 Setting Port Statistics This chapter describes how to display and clear port statistics. Within the AlliedWare Plus™ software, you can display and clear transmit, receive, and interface port statistics.
Chapter 5: Setting Port Statistics Displaying Port Statistics You can display several types of port statistics. See the following sections: Displaying Transmit and Receive Port Statistics “Displaying Transmit and Receive Port Statistics” on page 82 “Displaying Receive Statistics” on page 83 “Displaying Transmit Statistics” on page 85 “Displaying Interface Statistics” on page 87 To display the transmit and receive statistics for all of the switch ports, do the following: 1.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide The following fields are displayed: Displaying Receive Statistics Interface— Indicates the port ID. 0-64 Byte Frames— Indicates the number of frames transmitted by the port that contain 0 to 64 bytes. 65-127 Byte Frames— Indicates the number of frames transmitted by the port that contain 65 to 127 bytes. 128-255 Byte Frames— Indicates the number of frames transmitted by the port that contain 128 to 255 bytes.
Chapter 5: Setting Port Statistics Figure 30. Port Statistics with the Receive Tab The following fields are displayed: 84 Interface— Indicates the port ID. Total Bytes— Indicates the number of received bytes. Total Frames— Indicates the number of received frames. Total Error Frames— Indicates the total number of received frames with errors. Multicast Frames— Indicates the number of received multicast frames. Broadcast Frames— Indicates the number of received broadcast frames.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Jabber Frames— Indicates the number of occurrences of corrupted data or useless signals the port has encountered. Note The following fields are not displayed in Figure 30 on page 84. Displaying Transmit Statistics Undersize Frames— Indicates the number of received frames that were less than the minimum length as specified by IEEE 802.3 (64 bytes including the CRC).
Chapter 5: Setting Port Statistics Figure 31. Port Statistics with the Transmit Tab The following fields are displayed: 86 Interface— Indicates the port ID. Total Bytes— Indicates the number of transmitted bytes. Total Frames— Indicates the number of transmitted frames. Total Error Frames— Indicates the number of transmitted frames with errors. Multicast Frames— Indicates the number of transmitted multicast frames.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Displaying Interface Statistics Total Collision Frames— Indicates the total number of collisions on the port. MAC Error Frames— Indicates the number of frames not transmitted correctly or dropped due to an internal MAC transmit error. To display the interface statistics, do the following: 1. Select the Switching tab. The Switching tab is displayed. See Figure 24 on page 69. 2. From the Switching tab, select Port. 3.
Chapter 5: Setting Port Statistics 88 Rx Discard Packets— Indicates the number of ingress packets that were discarded prior to transmission because of an error. Rx IP Header Error Packets— Indicates the number of ingress packets that were discarded because of a hardware error. Tx Unicast Packets— Indicates the number of egress unicast packets. Tx Discard Packets— Indicates the number of egress packets that were discarded prior to transmission because of an error.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Clearing Port Statistics To clear the statistics for a port, do the following: 1. Select the Switching tab. The Switching tab is displayed. See Figure 24 on page 69. 2. From the Switching tab, select Port. 3. Move the cursor to the right and select Statistics. The Port Statistics Page with Tx + Rx tab selected is displayed. See Figure 29 on page 82. 4. Select the desired Port Statistics tab.
Chapter 5: Setting Port Statistics Reloading Statistics Port statistics are constantly counting and the values are changing so that the data that is displayed in the Port Statistics pages is not the most recent. To display the latest data possible, click on the Reload Page button on a Port Statistics page. Figure 33 shows the Reload Page button on Port Statistics page as an example. Figure 33.
Chapter 6 Port Mirroring The port mirror is a management tool that allows you to monitor the traffic on one or more ports on the switch. It works by copying the traffic from source ports to a destination port where the traffic can be monitored with a network analyzer. The port mirror can be used to troubleshoot network problems or to investigate possible unauthorized network access. The performance and speed of the switch is not affected by the port mirror.
Chapter 6: Port Mirroring Overview To use the port mirroring feature, you must designate one or more source ports and one destination port. The source ports are the ports whose packets are mirrored and monitored. The destination port is the port where the packets from the source ports are copied and where the network analyzer is connected. There can be only one destination port on the switch. Here are guidelines for setting the port mirroring feature: 92 The switch supports only one port mirror.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Displaying Port Mirroring Settings To display the port mirroring assignments for all of the switch ports, do the following: 1. Select the Switching tab. The Switching tab is displayed. See Figure 24 on page 69. 2. From the Switching tab, select Port. The Port tab is displayed. 3. From the Port tab, select Mirroring. 4. Move the cursor to the right and select Mirroring. The Port Mirroring List page is displayed. See Figure 34.
Chapter 6: Port Mirroring 94 Mirror Receive— Indicates a source port whose received, or ingress, packets are mirrored and monitored. There can be multiple source ports on the switch.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Assigning a Destination Port You must assign the destination port before adding source ports. Also, you are allowed to assign only one destination port to the switch. To assign a destination port, do the following: 1. Select the Switching tab. The Switching tab is displayed. See Figure 24 on page 69. 2. From the Switching tab, select Port. The Port tab is displayed. 3. From the Port tab, select Mirroring.
Chapter 6: Port Mirroring Assigning Source Ports and Port Mirroring Values To assign mirrored ports and mirroring ports, do the following: 1. Select the Switching tab. The Switching tab is displayed. See Figure 24 on page 69. 2. From the Switching tab, select Port. The Port tab is displayed. 3. From the Port tab, select Mirroring. The Port Mirroring List page is displayed. See Figure 34 on page 93. 4. Click Edit next to the port that you want to assign as a transmitting or receiving port mirror.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Receive— Specifies the ingress traffic on this port to be copied to the destination port. Both— Specifies both the egress and ingress traffic on this port to be copied to the destination port. By default, there is no port assigned to port mirroring. 6. Click Apply. 7. Click SAVE to save your changes to the startup configuration file.
Chapter 6: Port Mirroring Deleting Port Mirroring Settings You have two ways to delete existing port mirroring settings. When you assign a new port as the destination port, existing port mirroring settings are removed because you can only assign one destination port to the switch. Assigning the port to “None” deletes the existing port mirroring settings as well. To delete the existing port mirroring settings, assign the port to “None.” To delete the port mirroring settings, do the following: 1.
Chapter 7 Spanning Tree Protocol on a Port The Spanning Tree Protocol (STP) and Rapid Spanning Tree Protocol (RSTP) guard against the formation of loops in an Ethernet network topology. A topology has a loop when two or more nodes can transmit packets to each other over more than one data path. Packets can become caught in repeating cycles, referred to as broadcast storms, that AlliedWare Plus™ Version 2.2.4 needlessly consume network bandwidth and that can significantly reduce network performance.
Chapter 7: Spanning Tree Protocol on a Port Overview STP and RSTP prevent loops from forming by ensuring that only one path is available at a time between the switches in your network. Where multiple paths exist, these spanning tree protocols place the extra paths in a standby or blocking mode. In addition, these protocols can activate redundant paths if primary paths go down.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Displaying Port Spanning Tree Protocol Settings To display the Spanning Tree Protocol settings for all of the switch ports, do the following: 1. Select the Switching tab. The Switching tab is displayed. See Figure 24 on page 69. 2. From the Switching tab, select Port. 3. Move the cursor to the right and select Spanning Tree. The Port Spanning Tree Settings page is displayed. See Figure 36. Figure 36.
Chapter 7: Spanning Tree Protocol on a Port Version— Indicates the Spanning Tree Protocol version: STP, RSTP, or MSTP. The default setting is RSTP. Portfast— Indicates if the port is designated as an edge port. If a port on the switch is not connected to a switch or a network that is running the spanning tree protocol, you can designate it as an edge port.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Modifying Port Spanning Tree Protocol Settings To modify port settings for Spanning Tree Protocol, do the following: 1. Select the Switching tab. The Switching tab is displayed. See Figure 24 on page 69. 2. From the Switching tab, select Port. 3. Move the cursor to the right and select Spanning Tree. The Port Spanning Tree page is displayed. See Figure 36 on page 101. 4. Click Edit on the port that you want to change.
Chapter 7: Spanning Tree Protocol on a Port 5. Change the following settings as needed: Interface— Indicates the port ID. Version— Indicates the Spanning Tree Protocol version. The default setting is RSTP. Configured Path Cost— Enter the cost of the port to the root bridge. This cost is combined with the costs of the other ports in the path to the root bridge, to determine the total path cost. The lower the numeric value, the higher the priority of the path. The range is 1 to 200,000,000.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide When an edge port starts to receive BPDUs, the switch no longer considers the port as an edge port. Link Type— Choose from the following settings: AUTO: The switch determines the link type of the port is either PTP or Shared. If a port is set to full-duplex mode, the link type is point-to-point. If a port is set to half-duplex mode, the link type is shared.
Chapter 7: Spanning Tree Protocol on a Port 106
Chapter 8 Setting the MAC Address The procedures in this chapter describe how to display the MAC address table that resides on the switch as well as how to add a unicast or multicast MAC addresses to the table. Procedures to modify and delete MAC addresses within the table are also included in this chapter.
Chapter 8: Setting the MAC Address Displaying the Unicast MAC Addresses To display the unicast MAC addresses, do the following: 1. Select the Switching Tab. The Switching Tab is displayed. See Figure 38. Figure 38. Switching Tab 2. Select Mac Table and then move the cursor to the right to select Unicast. The Unicast MACs page is displayed. See Figure 39. Figure 39.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide The following fields are displayed: MAC Address— Indicates the dynamic and static unicast MAC addresses learned on or assigned to the port. Vlan— Indicates the ID number of the VLAN that the node designated by the MAC address belongs to. The default VLAN is Vlan1. Port— Indicates the port number where the address was learned on or assigned to. Type— Indicates the type of MAC address entry, static or dynamic.
Chapter 8: Setting the MAC Address Displaying the Multicast MAC Addresses To display the multicast MAC addresses, do the following: 1. Select the Switching Tab. The Switching Tab is displayed. See Figure 38 on page 108. 2. Select Mac Table and then move the cursor to the right to select Multicast. The Multicast MACs Page is displayed. See Figure 40. Figure 40.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Assigning a Unicast MAC Address To assign a unicast MAC address to the MAC address table, do the following: 1. Select the Switching tab. The Switching tab is displayed. See Figure 24 on page 69. 2. Select Mac Table and then move the cursor to the right to select Unicast. The Unicast MACs page is displayed. See Figure 39 on page 108. 3. Click Add. The Unicast MAC Page is displayed. See Figure 41. Figure 41.
Chapter 8: Setting the MAC Address VLAN— Select a VLAN where the port is a member. Action— Select one of the following options: Forward: Specifies the port to forward packets that have the designated source MAC address. Discard: Specifies the port to discard packets that have the designated source MAC address. 5. Click Add. 6. Click SAVE to save your changes to the startup configuration file.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Assigning a Multicast MAC Address To assign a multicast MAC address to the MAC address table, do the following: 1. Select the Switching tab. The Switching tab is displayed. See Figure 24 on page 69. 2. Select Mac Table and then move the cursor to the right to select Multicast. The Multicast MACs page is displayed. See Figure 40 on page 110. 3. Click Add. The Multicast MAC Address page is displayed. See Figure 42. Figure 42.
Chapter 8: Setting the MAC Address VLAN— Select a VLAN where the port is a member. Action— Select one of the following options: Forward: Specifies the port to forward packets that have the designated source MAC address. Discard: Specifies the port to discard packets that have the designated source MAC address. 5. Click Add. 6. Click SAVE to save your changes to the startup configuration file.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Deleting a Unicast MAC Address To delete a unicast address or clear all static or dynamic unicast addresses, do the following: 1. Select the Switching tab. The Switching tab is displayed. See Figure 38 on page 108. 2. Select MAC Table and then move the cursor to the right to select Unicast. The Unicast MACs page is displayed. See Figure 39 on page 108. 3.
Chapter 8: Setting the MAC Address Deleting a Multicast MAC Address To delete a multicast address or clear all static or dynamic multicast addresses, do the following: 1. Select the Switching Tab. The Switching Tab is displayed. See Figure 38 on page 108. 2. Select Mac Table and then move the cursor to the right to select Multicast. The Multicast MACs page is displayed. See Figure 40 on page 110. 3.
Chapter 9 Link Aggregation Control Protocol (LACP) LACP is used to increase the bandwidth between the switch and other LACP-compatible devices by grouping ports together to form single virtual links. This chapter provides a brief description of LACP and explains how to display and set LACP.
Chapter 9: Link Aggregation Control Protocol (LACP) Overview LACP trunks are similar in function to static port trunks, but they are more flexible. The implementations of static trunks tend to be vendor specific and may not always be compatible. In contrast, the implementation of LACP in the switch is compliant with the IEEE 802.3ad standard. It is interoperable with equipment from other vendors that also comply with the standard.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Displaying LACP Trunks To display the LACP trunk assignments for all of the switch ports, do the following: 1. Select the Switching tab. The Switching tab is displayed. See Figure 24 on page 69. 2. From the Switching tab, select Link Aggregation. For an example of the Link Aggregation selection, see Figure 43. Figure 43. Switching Tab with Link Aggregation Selected 3. Move the cursor to the right and select LACP.
Chapter 9: Link Aggregation Control Protocol (LACP) 4. The following fields are displayed: 120 Aggregator ID— The Aggregator ID number is the base port number (or lowest port number) of an aggregator. For instance, an aggregator of ports 12,16 and 17 is assigned the ID number 12. Load Balance Method— Indicates the load distribution methods of the aggregators. An aggregator can have only one load distribution method.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Adding an LACP Trunk To create an LACP trunk, do the following: 1. Select the Switching tab. The Switching tab is displayed. See Figure 24 on page 69. 2. From the Switching tab, select Link Aggregation. For an example of the Link Aggregation selection, see Figure 43 on page 119. 3. Move the cursor to the right and select LACP. The LACP Trunks page is displayed. See Figure 44 on page 119. 4. From the LACP Trunks page, click Add.
Chapter 9: Link Aggregation Control Protocol (LACP) 5. Enter an aggregator ID number in the Aggregator ID field. The number must be the base port number (or lowest port number) of an aggregator. For instance, an aggregator of ports 12,16 and 17 is assigned the ID number 12. 6. Select the Load Balance Method. Choose from the following: Src MAC— Specifies source MAC address as the load distribution method. Dst MAC— Specifies destination MAC address as the load distribution method.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Modifying an LACP Trunk To modify the LACP Trunk settings, see the following procedure: 1. Select the Switching tab. The Switching tab is displayed. See Figure 24 on page 69. 2. From the Switching tab, select Link Aggregation. For an example of the Link Aggregation selection, see Figure 43 on page 119. 3. Move the cursor to the right and select LACP. The LACP Trunks page is displayed. See Figure 44 on page 119. 4.
Chapter 9: Link Aggregation Control Protocol (LACP) 5. Select the Load Balance Method. Choose from the following: Src MAC— Specifies source MAC address as the load distribution method. Dst MAC— Specifies destination MAC address. Src-Dst MAC— Specifies source address/destination MAC address. Src IP— Specifies source IP address. Dst IP— Specifies destination IP address. Src-Dst IP— Specifies source address/destination IP address. 6.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Deleting an LACP Trunk To delete an LACP trunk, do the following: 1. Select the Switching tab. The Switching tab is displayed. See Figure 24 on page 69. 2. From the Switching tab, select Link Aggregation. For an example of the Link Aggregation selection, see Figure 43 on page 119. 3. Move the cursor to the right and select LACP. The LACP Trunks page is displayed. See Figure 44 on page 119. 4.
Chapter 9: Link Aggregation Control Protocol (LACP) 126
Chapter 10 Setting Static Port Trunks Static port trunks are groups of two to eight ports that act as single virtual links between the switch and other network devices. This chapter describes how to display, create, and modify static trunks.
Chapter 10: Setting Static Port Trunks Overview Static port trunks are commonly used to improve network performance by increasing the available bandwidth between the switch and other network devices as well as to enhance the reliability of the connections between network devices. When you create a static port trunk, you can designate how the traffic is distributed across the physical links of the switch by defining the load distribution method.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Displaying Static Trunk Settings To display the static port trunks for all of the switch ports, do the following: 1. Select the Switching tab. The Switching tab is displayed. See Figure 24 on page 69. 2. From the Switching tab, select Link Aggregation. For an example of the Link Aggregation tab, see Figure 47. Figure 47. Switching Tab with Static Trunks 3. Move the cursor to the right and select Static Trunks.
Chapter 10: Setting Static Port Trunks The following fields are displayed: Trunk ID— Indicates the ID number of the static trunk. Load Balance Method— Indicates one of the following: Src MAC: Specifies source MAC address as the load distribution method. Dst MAC: Specifies destination MAC address as the load distribution method. Src -Dst MAC: Specifies source address and destination MAC address as the load distribution method. Src IP: Specifies source IP address as the load distribution method.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Adding Static Trunks Review the following information before creating a new static port trunk: When you create a new trunk, the settings of the lowest numbered port are copied to the other ports so that all the ports have the same settings. Therefore, you must examine and verify that the speed, duplex mode, and flow control settings of the lowest numbered port are correct for the network device to which the trunk is connected.
Chapter 10: Setting Static Port Trunks Figure 49. Add Static Trunk Page 5. Assign an ID number of a new static trunk in the Trunk ID field. The range is 1 to 32. 6. Select the Load Balance Method. You can assign different load distribution methods to different static trunks on the same switch. Choose from the following: 132 Src MAC— Specifies source MAC address as the load distribution method. Dst MAC— Specifies destination MAC address as the load distribution method.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide 7. Select a member port in the Member Port table by clicking a box that indicates a port number. You can select multiple ports. A green check mark indicates a port has been selected. To deselect a port, click the box that indicates the port number. 8. Click Add. A confirmation message is displayed. 9. Click SAVE to save your changes to the startup configuration file.
Chapter 10: Setting Static Port Trunks Modifying the Static Trunk Settings Review the following information if you are adding ports to an existing trunk: The ports of a static trunk must be members of the same VLAN. If the new port added to a trunk is already a member of another static trunk, you must first remove it from its current trunk assignment. To add or remove member ports from a static port trunk, or modify the load balance method, do the following: 1. Select the Switching tab.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Figure 50. Modify Static Trunk Page 5. Change the Load Balance Method as needed. You can assign different load distribution methods to different static trunks on the same switch. Choose from the following: Src MAC— Specifies source MAC address as the load distribution method. Dst MAC— Specifies destination MAC address as the load distribution method.
Chapter 10: Setting Static Port Trunks Caution To prevent the formation of network loops in your network topology, do not remove ports from a static port trunk without first disconnecting their network cable. Network loops can result in broadcast storms that can adversely affect network performance. Note You cannot have a trunk that contains only one port. There must be a minimum of two ports in a trunk. 7. Click Apply. A confirmation message is displayed. 8.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Deleting Static Trunks To delete a static port trunk, do the following: 1. Select the Switching tab. The Switching tab is displayed. See Figure 24 on page 69. 2. From the Switching tab, select Link Aggregation. For an example of the Link Aggregation selection, see Figure 47 on page 129. 3. Move the cursor to the right and select Static Trunks. The Static Trunks page is displayed. See Figure 48 on page 129. 4.
Chapter 10: Setting Static Port Trunks 138
Chapter 11 Setting Port-based and Tagged VLANs This chapter provides a brief description of VLANs and explains how to display, create, and modify port-based and tagged VLANs.
Chapter 11: Setting Port-based and Tagged VLANs Overview A VLAN is a group of ports that form a logical Ethernet segment on an Ethernet switch. The ports of a VLAN form an independent broadcast domain in which the traffic generated by the nodes remains within the VLAN. VLANs let you segment your network through the switch’s management software so that you can group nodes with related functions into their own separate, logical LAN segments.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide The VLAN information within an Ethernet frame is referred to as a tag or tagged header. A tag, which follows the source and destination addresses in a frame, contains the VID of the VLAN to which the frame belongs (IEEE 802.3ac standard). This number uniquely identifies each VLAN in a network.
Chapter 11: Setting Port-based and Tagged VLANs Displaying VLANs To display the VLAN assignments for all of the switch ports, do the following: 1. Select the Switching tab. The Switching tab is displayed. See Figure 24 on page 69. 2. From the Switching tab, select VLANs. The VLANs page is displayed. For an example of the VLANs page, see Figure 51. Figure 51. VLANs Page The following fields are displayed: Vlan ID— Indicates a VLAN identifier. The range is 1 to 4094. The VID of 1 is the default VLAN.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Adding an VLAN To create an VLAN, do the following: 1. Select the Switching tab. The Switching tab is displayed. See Figure 24 on page 69. 2. From the Switching tab, select VLANs. The VLANs page is displayed. See Figure 51 on page 142. 3. From the VLANs page, click Add. The Add VLAN page is displayed. See Figure 52. Figure 52.
Chapter 11: Setting Port-based and Tagged VLANs 4. Enter the following settings as needed: VLAN ID— Assign a VLAN identifier. The range is 2 to 4094. The VID 1 is reserved for the Default_VLAN. The VID cannot be the same as the VID of an existing VLAN on the switch. If this VLAN is unique in your network, its VID must also be unique. However, if this VLAN is part of a larger VLAN that spans multiple switches, the VID value for the VLAN must be the same on each switch.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Modifying VLANs To modify the LACP Trunk settings, see the following procedure: Caution Modifying the VLAN membership of active ports may cause loss of connectivity to the switch. 1. Select the Switching tab. The Switching tab is displayed. See Figure 24 on page 69. 2. From the Switching tab, select VLANs. The VLANs page is displayed. See Figure 51 on page 142. 3.
Chapter 11: Setting Port-based and Tagged VLANs Figure 53. Modify VLAN Page 4. Change the following fields as needed: VLAN Name— Change the name of a VLAN. The name can be from 1 to 20 characters in length. The first character must be a letter; it cannot be a number. A name cannot contain spaces or special characters, such as asterisks (*) or exclamation points (!). You cannot assign the name of an existing VLAN on the switch.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Note When a port does not have any mark, the port belongs to the default VLAN. When you assign an “H” to a port, the switch removes the untagged port from the VLAN and also removes the untagged port from the default VLAN. For more information, see “Removing an Untagged Port from a VLAN” on page 150. All Tagged— Click this button to make all ports on the switch tagged ports.
Chapter 11: Setting Port-based and Tagged VLANs Assigning a Native VLAN A VLAN can be assigned to a tagged port so that untagged ingress traffic is placed on the VLAN. This VLAN is referred to as the native VLAN. To assign a native VLAN to a tagged port, perform the following procedure: 1. Select the Switching tab. The Switching tab is displayed. See Figure 24 on page 69. 2. From the Switching tab, select VLANs. The VLANs page is displayed. See Figure 51 on page 142. 3. From the VLANs page, click Add.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide 5. Change the following fields as needed: VLAN Interface— Select a VLAN ID from the pull-down menu.The selected VLAN Interface is assigned to a port as a native VLAN, which untagged frames are placed on. Port ID— Select a port ID from the pull-down menu. You can only select a tagged port. 6. Click Create. A confirmation message is displayed. 7. Click SAVE to save your changes to the startup configuration file.
Chapter 11: Setting Port-based and Tagged VLANs Removing an Untagged Port from a VLAN By default, all the ports on the switch belong to the default-VLAN, VLAN1 as untagged ports. When you assign a port to another VLAN as an untagged port, the switch removes the untagged port from the original VLAN, and then assigns it to the new VLAN. Caution Modifying the VLAN membership of active ports may cause loss of connectivity to the switch.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Figure 55. Modify VLAN Page 4. Click a port number a couple of times to check the port with an “H” mark. An “H” indicates the port is removed from all VLANs on the switch as an untagged port. Note When you remove a “U” mark from a port and leave no mark on the port, and then click Apply, the switch removes the port from the VLAN and assigns it to the default-VLAN as an untagged port.
Chapter 11: Setting Port-based and Tagged VLANs Deleting VLANs Caution Deleting VLANs that active ports belong to may cause loss of connectivity to the switch. To delete an VLAN, do the following: 1. Select the Switching tab. The Switching tab is displayed. See Figure 24 on page 69. 2. From the Switching tab, select VLANs. For an example of the Virtual LANs page is displayed, see Figure 51 on page 142. 3. From the VLANs page, click Delete next to the VLAN that you want to remove.
Chapter 12 Spanning Tree Protocols on the Switch This chapter provides a brief description of both the Spanning Tree Protocol (STP) and the Rapid Spanning Tree Protocol (RSTP) and explains how to set the spanning tree protocols on the switch.
Chapter 12: Spanning Tree Protocols on the Switch Overview Both STP and RSTP guard against the formation of loops in an Ethernet network topology. A topology has a loop when two or more nodes can transmit packets to each other over more than one data path. Packets can become caught in repeating cycles, referred to as broadcast storms, that needlessly consume network bandwidth and that can significantly reduce network performance.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Displaying and Modifying Spanning Tree Protocol Settings on the Switch To display and modify Spanning Tree Protocol settings on the switch, do the following: 1. Select the Switching tab. The Switching tab is displayed. See Figure 24 on page 69. 2. From the Switching tab, select Spanning Tree. The Spanning Tree Settings page is displayed. See Figure 56. Figure 56.
Chapter 12: Spanning Tree Protocols on the Switch The following fields are displayed. Change the settings as needed: Active Protocol— Select the spanning tree protocol from the pulldown menu. The options are STP and RSTP. The default setting is RSTP. Status— Enable or disable the spanning tree protocol on the switch. By default, the spanning tree protocol is enabled. Bridge Priority— Assign the switch a bridge priority number.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide This value is active only when the switch is acting as the root bridge of the spanning tree domain. Switches that are not acting as the root bridge use a dynamic value supplied by the root bridge. Forward Delay— Enter the forward delay time in seconds. The forward delay specifies how long the ports remain in the listening and learning or discarding states before they transition to the forwarding state.
Chapter 12: Spanning Tree Protocols on the Switch 158
Chapter 13 Internet Group Management Protocol (IGMP) Snooping This chapter provides a brief description of IGMP Snooping and explains how to set this feature on the switch.
Chapter 13: Internet Group Management Protocol (IGMP) Snooping Overview IGMP snooping allows the switch to control the flow of multicast packets from its ports. It enables the switch to forward packets of a multicast group to only ports connected to members of the multicast group. When the switch is not using IGMP snooping and receives multicast packets, it floods the packets out all its ports, except the port on which it received the packets.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Displaying and Modifying IGMP Snooping Configuration To display and modify the IGMP Configuration settings, do the following: 1. Select the Switching tab. The Switching Tab is displayed. See Figure 57. Figure 57. Switching IGMP Tab 2. Select IGMP and then move the cursor to the right to select IGMP Snooping. The IGMP Snooping Configuration page is displayed. See Figure 58 on page 162.
Chapter 13: Internet Group Management Protocol (IGMP) Snooping Figure 58. IGMP Snooping Page with Configuration Tab 3. Change the following settings as needed: 162 Status— Enable or disable IGMP Snooping. When you enable IGMP, the switch begins to build its multicast tables as queries from the multicast router and reports from the host nodes arrive on its ports. When you disable IGMP, the switch floods the multicast packets on all of the ports except the port that received the packet.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Maximum Groups— Specify the maximum number of multicast addresses the switch is allowed to learn. The range is 0 to 255 multicast addresses. The default is 64. Router Ports Mode— Check a radio button to select the router ports mode. Choose from the following: Auto: Specifies the switch to automatically detect ports that are connected to multicast routers.
Chapter 13: Internet Group Management Protocol (IGMP) Snooping Disabling IGMP Snooping To disable the IGMP Configuration on the switch, do the following: 1. Select the Switching tab. The Switching tab is displayed. See Figure 57 on page 161. 2. Select IGMP and then move the cursor to the right to select IGMP Snooping. The IGMP Snooping page is displayed with the Configuration tab selected by default. See Figure 58 on page 162. 3. Use the pull-down menu next to the Status field to select “Disabled.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Displaying the Routers List To display the IGMP Routers List, do the following: 1. Select the Switching tab. The Switching tab is displayed. See Figure 57 on page 161. 2. Select IGMP and then move the cursor to the right to select IGMP Snooping. The IGMP Snooping page is displayed with the Configuration tab selected by default. See Figure 58 on page 162. 3. Click the Routers List tab. The Routers List page is displayed.
Chapter 13: Internet Group Management Protocol (IGMP) Snooping 166 Time to Expiry— Indicates the number of seconds remaining before the switch times out a multicast router if there is no further IGMP query from it.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Clearing the Routers List To clear the group membership on the IGMP Routers List, do the following: 1. Select the Switching tab. The Switching tab is displayed. See Figure 57 on page 161. 2. Select IGMP and then move the cursor to the right to select IGMP Snooping. The IGMP Snooping page is displayed with the Configuration tab selected by default. See Figure 58 on page 162. 3. Click the Routers List tab.
Chapter 13: Internet Group Management Protocol (IGMP) Snooping Displaying the Hosts List To display the IGMP Hosts List, do the following: 1. Select the Switching tab. The Switching tab is displayed. See Figure 57 on page 161. 2. Select IGMP and then move the cursor to the right to select IGMP Snooping. The IGMP Snooping page is displayed with the Configuration tab selected by default. See Figure 58 on page 162. 3. Click the Hosts List tab. The Hosts List page is displayed. See Figure 60. Figure 60.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide IGMP Version— Indicates the IGMP versions used by the host node. Time to Expiry— Indicates the number of seconds remaining before the host node is timed out if it does not send an IGMP report.
Chapter 13: Internet Group Management Protocol (IGMP) Snooping 170
Chapter 14 IGMP Snooping Querier This chapter provides a brief description of IGMP Snooping Querier and explains how to set this feature on the switch. See the following sections: “Overview” on page 172 “Guidelines” on page 176 “Displaying IGMP Snooping Querier” on page 177 “Modifying IGMP Snooping Query Interval” on page 179 For more information about IGMP, see the following chapters in the AlliedWare Plus Management Software Version 2.2.
Chapter 14: IGMP Snooping Querier Overview Multicast routers are an essential part of IP multicasting. They send out queries to the network nodes to determine group memberships, route the multicast packets across networks, and maintain lists of the multicast groups and the ports where group members are located. IGMP snooping querier can be used in place of multicast routers in situations where IP multicasting is restricted to a single LAN, without the need for routing.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Switch 1: VLAN: Default_VLAN Routing interface: 149.123.48.2 Multicast source: IP address: 149.123.48.1 Host nodes: IP addresses: 149.123.48.3 to 149.123.48.24 Figure 61. IGMP Snooping Querier with One Querier Table 3 lists the switch settings that are illustrated in Figure 61. Table 3. IGMP Snooping Querier with One Querier Switch 1 Assigning Multiple Queriers Routing Address 149.123.48.
Chapter 14: IGMP Snooping Querier with the second lowest IP address is made the standby querier, again by switch 2. In the case where there are three queriers, the switch in the network with IGMP snooping enabled and IGMP querier disabled determines the standby querier and then the second standby querier by comparing their IP addresses. The following example consists of a LAN with three switches. See Figure 62. IGMP snooping is enabled on all three switches.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Table 4 lists the switch settings that are illustrated in Figure 62. Table 4. IGMP Snooping Querier with Two Queriers Switch Routing Address IGMP Snooping IGMP Snooping Querier Querier Status 1 149.123.48.2 Enabled Enabled Active 2 149.123.48.3 Enabled Disabled None 3 149.123.48.
Chapter 14: IGMP Snooping Querier Guidelines The guidelines for IGMP snooping querier are listed here: 176 The network can have only one LAN. The network cannot have any multicast routers. IGMP snooping must be enabled on the switch. IGMP snooping querier should be enabled on only one switch. Other switches in the LAN should use IGMP snooping. IGMP snooping querier must be applied to the VLAN on which the queries are to be sent.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Displaying IGMP Snooping Querier To display a list of IGMP Snooping Querier, do the following: 1. Select the Switching tab. The Switching Tab is displayed. See Figure 63. Figure 63. Switching IGMP Tab 2. Select IGMP and then move the cursor to the right to select IGMP Querier. The IGMP Snooping Querier page is displayed. See Figure 64. Figure 64.
Chapter 14: IGMP Snooping Querier 3. The following settings are displayed: 178 VLAN— Indicates the VLAN ID. Query Interval— Indicates the time interval in seconds at which IGMP General Query messages are transmitted.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Modifying IGMP Snooping Query Interval To modify the value of Query interval, do the following: 1. Select the Switching tab. The Switching Tab is displayed. See Figure 63 on page 177. 2. Select IGMP and then move the cursor to the right to select IGMP Querier. The IGMP Snooping Querier page is displayed. See Figure 64 on page 177. 3. From the IGMP Snooping Querier page, click Add.or Edit.
Chapter 14: IGMP Snooping Querier 5. Click Apply. 6. Click SAVE to save your changes to the startup configuration file.
Chapter 15 Power Over Ethernet (PoE) This chapter provides brief descriptions of PoE and explains how to change the configuration of a port on the PoE featured switch. See the following sections: “Overview” on page 182 “Displaying PoE Port Settings” on page 184 “Modifying PoE Settings on a Port” on page 188 For more information about PoE, see the following chapters in the AlliedWare Plus Management Software Version 2.2.
Chapter 15: Power Over Ethernet (PoE) Overview The AT-8100L/8PoE, AT-8100S/24PoE, and AT-8100S/48PoE switches feature Power over Ethernet (PoE) on the 10/100Base-Tx ports. PoE is used to supply power to network devices over the same twisted pair cables that carry the network traffic. The main advantage of PoE is that it can make installing a network easier. The selection of a location for a network device is often limited by whether there is a power source nearby.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Port Prioritization As long as the total power requirements of the PDs is less than the total available power of the switch, it can supply power to all of the PDs. However, when the PD power requirements exceed the total available power, the switch denies power to some ports based on a process called port prioritization. The ports on the PoE switch are assigned to one of three priority levels.
Chapter 15: Power Over Ethernet (PoE) Displaying PoE Port Settings To display a list of the PoE port settings, do the following: Note The PoE pull-down menu item appears only when you are accessing a PoE featured switch. 1. Select the Switching tab. The Switching tab is displayed. See Figure 66. Figure 66. Switching Tab 2. From the Switching tab, select PoE. A list of PoE settings on the ports is displayed. See Figure 67 on page 185.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Figure 67. PoE Port List Page The following fields are displayed: Status— Enable or disable PoE on the ports globally. By default, PoE is enabled on all ports. Note This status does not indicate that the PoE status of all the ports is the same. To find out the PoE status, you must examine the PoE status for a port individually.
Chapter 15: Power Over Ethernet (PoE) 186 Power Status— Indicates if a powered device that is connected to the port is powered on or off. When no powered device is connected to the port, indicates Off. Power Class— Indicates the class of the connected PD. The switch automatically detects which class the connected PD belong to. For more details, see “PD Classes” on page 182.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Modifying PoE Settings Globally To modify PoE settings on the switch, do the following: 1. Select the Switching tab. The Switching tab is displayed. See Figure 66 on page 184. 2. From the Switching tab, select PoE. Note The PoE pull-down menu item appears only when you are accessing an AT-8100 PoE switch. The PoE setting page is displayed. See Figure 67 on page 185. 3.
Chapter 15: Power Over Ethernet (PoE) Modifying PoE Settings on a Port To display a list of the IPv4 interfaces, do the following: 1. Select the Switching tab. The Switching tab is displayed. See Figure 68. 2. From the Switching tab, select PoE. A list of PoE settings on the ports is displayed. See Figure 67 on page 185. 3. From the PoE page, click Edit next to the port number that you want to modify. The following page is displayed. See Figure 68. Figure 68.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide 4. Change the following fields as needed: Interface— Indicates the port ID. PoE Port Status— Enable or disable the PoE port status. PoE Device Description— Enter the description of the PoE device that is connected to the port. The description can contain up to 256 alphanumeric characters. Spaces and special characters are allowed.
Chapter 15: Power Over Ethernet (PoE) 190
Chapter 16 MAC Address-based Port Security This chapter provides a brief description of MAC address-based port security and explains how to set this feature on the switch.
Chapter 16: MAC Address-based Port Security Overview This feature lets you control access to the ports on the switch based on the source MAC addresses of the network devices. You specify the maximum number of source MAC addresses that ports can learn. Ports that learn their maximum number of addresses discard packets that have new, unknown addresses, preventing access to the switch by any additional devices.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Guidelines Here are the guidelines to MAC address-based port security: The filtering of a packet occurs on the ingress port, not on the egress port. You cannot use MAC address-based port security and 802.1x portbased access control on the same port. To specify a port as an Authenticator or Supplicant in 802.1x port-based access control, you must remove MAC address-based port security.
Chapter 16: MAC Address-based Port Security Displaying the MAC Address-based Port Security Settings To display the MAC address-based port security settings, do the following: 1. Select the Security tab. The Security tab is displayed. See Figure 69. Figure 69. Security Tab 2. From the Security tab, select MAC Based Security. The MAC Based Port Security page is displayed. See Figure 70. Figure 70. MAC Based Port Security Page The following fields are displayed: 194 Interface— Indicates the port ID.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Aging— Indicates one of the following: Yes: Saves the source MAC addresses as dynamic addresses in the MAC address table. No: Saves the source MAC addresses as static addresses in the MAC address table. This is the default setting. MAX MACs— Indicates maximum number of dynamic MAC addresses the port is permitted to learn. The range is 0 to 255. By default, this field is set to 0.
Chapter 16: MAC Address-based Port Security Modifying the MAC Address-based Port Security Settings To the modify the MAC address-based port security settings, do the following: 1. Select the Security tab. The Security tab is displayed. See Figure 69 on page 194. 2. From the Security tab, select MAC Based Security. The MAC Based Port Security page is displayed. See Figure 70 on page 194. 3. Click Edit next to the port that you want to modify. The Modify MAC Based Port Security page is displayed.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide 4. Change the following settings as needed: Interface— Indicates the port number. MAC Security— Select between “Enabled” and “Disabled” to activate or deactivate MAC address-based security on the port. Aging— Select how the switch saves source MAC addresses to the MAC address table. Choose from the following options: Yes: Saves the source MAC addresses as dynamic addresses in the MAC address table.
Chapter 16: MAC Address-based Port Security Disabling MAC Address-based Port Security Settings To deactivate MAC address-based port security settings, do the following: 1. Select the Security tab. The Security tab is displayed. See Figure 69 on page 194. 2. From the Security tab, select MAC Based Security. The MAC Based Port Security page is displayed. See Figure 70 on page 194. 3. Click Edit next to the port that you want to remove. The Modify MAC Based Port Security page is displayed.
Chapter 17 RADIUS and TACACS+ Clients This chapter provides a brief description of both the RADIUS and TACACS+ clients and explains how to configure these clients on the switch.
Chapter 17: RADIUS and TACACS+ Clients Overview The switch has RADIUS and TACACS+ clients for remote authentication. Here are the features that use remote authentication: 802.1x port-based network access control. This feature lets you increase network security by requiring that network users log on with user names and passwords before the switch forwards their packets. This feature is described in Chapter 18, “802.1x Port-based Network Access” on page 215. Remote manager accounts.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide The following steps illustrate the authentication process that occurs between the switch and an authentication server when a manager logs on: 1. The switch uses its RADIUS or TACACS+ client to transmit the user name and password to an authentication server on the network. 2. The server checks to see if the user name and password are valid. 3.
Chapter 17: RADIUS and TACACS+ Clients When you delete Server 1, the server with an IP address of 192.168.10.12 remains Server 2; the server with an IP address of 192.168.10.13 remains Server 3. As a result, the next server that you add to the switch becomes Server 1.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Configuring RADIUS for Remote Manager Authentication To configure remote manager authentication using RADIUS and add RADIUS servers to the switch, perform the following: Configuring Remote Manager Authentication Using RADIUS “Configuring Remote Manager Authentication Using RADIUS” on page 203 “Adding a RADIUS Server” on page 206 To configure the RADIUS server, do the following: 1. Select the Security tab.
Chapter 17: RADIUS and TACACS+ Clients Figure 72. Authentication Server Configuration Page with RADIUS Tab 3. Change the following fields as needed: 204 Timeout Value— Enter the length of the time, in seconds, that the switch waits for a response from a RADIUS server to an authentication request, before querying the next server in the list. The range is 1 to 1,000 seconds. The default value is 5 seconds. Key Value— Enter the value of the global encryption key of the RADIUS servers.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Caution To define two or three servers that use different encryption keys, do not enter a global encryption key value on this web page. Instead, define the individual keys when you add the IP addresses of the servers to the client on the RADIUS Server Configuration Page. See “Adding a RADIUS Server” on page 206. RADIUS Authentication Login— Enable or disable RADIUS to authenticate user login.
Chapter 17: RADIUS and TACACS+ Clients None: Indicates that sending accounting messages is disabled. 4. Click Apply. The Active Authentication Server field shown on the upper middle of the page indicates “RADIUS.” 5. Click SAVE to save your changes to the startup configuration file. Adding a RADIUS Server To add a RADIUS server, do the following: 6. Click Add near the RADIUS server list. The Authentication Server Configuration page with the RADIUS tab selected is displayed. See Figure 73. Figure 73.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Accounting Port— Specify the UDP destination port for RADIUS accounting requests. If you select 0, the server is not used for accounting. The default UDP port for accounting is 1813. Authentication Port— Specify the UDP destination port for RADIUS authentication requests. If you select 0, the server is not used for authentication. The default UDP port for authentication is 1812.
Chapter 17: RADIUS and TACACS+ Clients Configuring TACACS+ for Remote Manager Authentication To configure remote manager authentication using TACACS+ and add TACACS+ servers to the switch, perform the following: Configuring Remote Manager Authentication Using TACACS+ “Configuring Remote Manager Authentication Using TACACS+” on page 208 “Adding a TACACS+ Server” on page 211 To configure a TACACS+ server, do the following: 1. Select the Security tab. The Security tab is displayed.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Figure 74. Authentication Server Configuration Page with TACACS+ Tab 4. Change the following fields as needed: Timeout Value— Enter the length of the time, in seconds, that the switch waits for a response from a TACACS+ server to an authentication request, before querying the next server in the list. The range is 1 to 1,000 seconds. The default value is 5.
Chapter 17: RADIUS and TACACS+ Clients Caution To define two or three servers that use different encryption keys, do not enter a global encryption key value on this web page. Instead, define the individual keys when you add the IP addresses of the servers to the switch on the TACACS+ Add page. See “Adding a RADIUS Server” on page 206. TACACS+ Authentication Login— Enable or disable TACACS+ to authenticate user login. Choose from the following: Enabled: The TACACS+ servers authenticate user login.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Disabled: The TACACS+ servers do not use its enable password. Authentication is attempted using the password specified using the ENABLE PASSWORD command in the CLI. AAA Authentication Enable Local— Enable or disable TACACS+ to authenticate users requesting the Privileged Exec mode. Choose from the following: Enabled: The TACACS+ determines whether users can access the Privileged EXEC level using TACACS+ enable password.
Chapter 17: RADIUS and TACACS+ Clients Figure 75. TACACS+ Add Page 2. Enter the following settings: IP Address— Enter the IP address of the TACACS+ server. The IP address must be in the following IPv4 format: xxx.xxx.xxx.xxx. Key— Enter the encryption key for TACACS+ communications between the switch and TACACS+ server. The key must match the encryption key used by the TACACS+ server. The maximum length is 39 characters. Special characters are allowed, but spaces are not permitted. 3. Click Save.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Deleting an Authentication Server To delete either an TACACS+ or RADIUS authentication server, do the following: 1. Select the Security tab. The Security tab is displayed. See Figure 69 on page 194. 2. From the Security tab, select Authentication Servers. The Authentication Server Configuration page is displayed. See Figure 72 on page 204. 3.
Chapter 17: RADIUS and TACACS+ Clients 214
Chapter 18 802.1x Port-based Network Access This chapter provides a brief description of the 802.1x Port-based Authentication feature and explains how to enable this feature on the switch, and specify authentication on a port. See the following sections: “Overview” on page 216 “Enabling 802.1x Port-based Authentication on the Switch” on page 221 “Configuring 802.1x Port-based Authentication” on page 222 “Disabling 802.
Chapter 18: 802.1x Port-based Network Access Overview The 802.1x port-based network access control feature lets you control who can send traffic through and receive traffic from the individual switch ports. The switch does not allow an end node to send or receive traffic through a port until the user of the node has been authenticated by a RADIUS server.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Authenticator Role: The authenticator role activates port access control on a port. Ports in this role do not forward network traffic to or from network devices until the clients are authenticated by a RADIUS server. The authenticator role is appropriate when you want the switch to authenticate the clients of network devices before they can use the network. Figure 76 illustrates the none role and authentication role.
Chapter 18: 802.1x Port-based Network Access Multiple host mode This mode permits multiple clients on an authenticator port. An authenticator mode forwards packets from all clients once one client has successfully logged on. This mode is typically used in situations where you want to add 802.1x port-based network access control to a switch port that is supporting multiple clients, but do not want to create individual accounts for all the clients on the RADIUS server.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide An example of this authenticator operating mode is illustrated in Figure 79 on page 219. The clients are connected to a hub or non-802.1xcompliant switch which is connected to an authenticator port on the switch. If the authenticator port is set to the 802.1x authentication method, the clients must provide their username and password combinations before they can forward traffic through the switch.
Chapter 18: 802.1x Port-based Network Access Guest VLAN An authenticator port in the unauthorized state typically accepts and transmits only 802.1x packets while waiting to authenticate a client. However, you can specify an authenticator port to be a member of a Guest VLAN when no authenticated client is logged on. Any guest user using the port is not required to log on and has full access to the resources of the Guest VLAN. If the switch receives 802.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Enabling 802.1x Port-based Authentication on the Switch To enable the 802.1x port-based Authentication feature on a switch, do the following: 1. Select the Security tab. The Security tab is displayed. See Figure 69 on page 194. 2. From the Security tab, select 802.1x Port Authentication. The 802.1x Authentication page is displayed. See Figure 80. Figure 80. 802.1x Authentication Page 3.
Chapter 18: 802.1x Port-based Network Access Configuring 802.1x Port-based Authentication To set 802.1x port authentication on a port, do the following: 1. Select the Security tab. The Security tab is displayed. See Figure 69 on page 194. 2. From the Security tab, select 802.1x Port Authentication. The 802.1x Authentication page is displayed. See Figure 80 on page 221. 3. Click Edit next to the port that you want to modify. The Modify 802.1x Authentication page is displayed. See Figure 81. Figure 81.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Figure 82. Modify 802.1x Authentication Page Expanded 5. Modify the following fields as needed: Interface— Indicates the port ID. Port Role— Indicates that you’ve selected the port as an Authenticator.
Chapter 18: 802.1x Port-based Network Access Authentication Mode— Select the authentication mode. Choose from the following: Unauthorized: Sets the port in the unauthorized state. Although the port is in the authenticator role, the switch blocks all authentication on the port. If you set all the ports on the switch to this setting, then no clients can log on and forward packets through them. Force-authorized: Sets port in the force-authorized state.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Port Control Direction— Select whether the authenticator port that is in the unauthorized state should forward egress broadcast and multicast traffic. Choose from the following: In: Specifies that the authenticator port in the unauthorized state should forward egress broadcast and multicast traffic and discard the ingress broadcast and multicast traffic. This is the default setting.
Chapter 18: 802.1x Port-based Network Access This authentication method does not require 802.1x client software on client nodes. Re-Auth Learning— Select the checkbox to force the port that is using MAC address authentication into the unauthorized state. You may use this setting to reauthenticate the nodes on the authenticator port. 6. Click Apply. 7. Click SAVE to save your changes to the startup configuration file.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Disabling 802.1x Port-based Authentication on the Switch To disable the 802.1x port-based Authentication feature on a switch, do the following: 1. Select the Security tab. The Security tab is displayed. See Figure 69 on page 194. 2. From the Security tab, select 802.1x Port Authentication. The 802.1x Authentication page with the Status field set to “Enabled” is displayed. See Figure 83. Figure 83. 802.
Chapter 18: 802.1x Port-based Network Access Disabling 802.1x Port-based Authentication on a Port To disable 802.1x port authentication on a port, do the following: 1. Select the Security tab. The Security tab is displayed. See Figure 69 on page 194. 2. From the Security tab, select 802.1x Port Authentication. The 802.1x Authentication page is displayed. See Figure 80 on page 221. 3. Click Edit next to the port that you want to modify. The Modify 802.1x Authentication page is displayed.
Chapter 19 Setting IPv4 and IPv6 Addresses This chapter provides brief descriptions of management IPv4 and IPv6 addresses and explains how to specify both types of IP addresses on the switch.
Chapter 19: Setting IPv4 and IPv6 Addresses Overview The management IP address is an IP address that the switch uses to identify itself to other network devices, such as TFTP servers and Telnet clients. The management address can be any IPv4 address, or an IPv6 address for some features, that is assigned to a VLAN on the switch. The features listed in Table 7 require that the switch is assigned a management IP address. You can assign an IP address only to a VLAN interface.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Table 7. Web Interface Features that Require an IP Management Address (Continued) Feature Description HTTP client IP Management Guidelines Used for a Web browser to bring the AT-8100 Web interface on your network. Supported by IPv4 Address yes Supported by IPv6 Address yes See the following list for guidelines about assigning a management IPv4 or IPv6 address to the switch: You can assign one IPv4 address per VLAN.
Chapter 19: Setting IPv4 and IPv6 Addresses Displaying IPv4 Interfaces To display a list of the IPv4 interfaces, do the following: 1. Select the Layer 3 tab. The Layer 3 tab is displayed. See Figure 84. Figure 84. Layer 3 Tab 2. From the Layer 3 tab, select IPv4 Interfaces. A list of IPv4 interfaces is displayed. See Figure 85. Figure 85.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide The following fields are displayed: VLAN— Indicates the VLAN number that has an IP interface. IP Address— Indicates the IP address that the VLAN is assigned to. Subnet Mask— Indicates the subnet mask of the IP address. Status— Indicates the status of the link.
Chapter 19: Setting IPv4 and IPv6 Addresses Adding an IPv4 Address To assign an IPv4 address, do the following: 1. Select the Layer 3 tab. The Layer 3 tab is displayed. See Figure 84 on page 232. 2. From the Layer 3 tab, select IPv4 Interfaces. A list of IPv4 interfaces is displayed. See Figure 85 on page 232. 3. Click Add. The IP Address Configuration Page is displayed. See Figure 86. Figure 86. IP Address Configuration Page 4.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide VLAN— Select the VLAN ID that you want to assign the IPv4 address to. 5. Click Add. 6. Click SAVE to save your changes to the startup configuration file.
Chapter 19: Setting IPv4 and IPv6 Addresses Changing an IPv4 Address To display a list of the IPv4 interfaces, do the following: 1. Select the Layer 3 tab. The Layer 3 tab is displayed. See Figure 84 on page 232. 2. From the Layer 3 tab, select IPv4 Interfaces. A list of IPv4 interfaces is displayed. See Figure 85 on page 232. 3. From the VLANs page, click Edit next to the VLAN ID that you want to modify. The following page is displayed. See Figure 87. Figure 87. Edit IP Address Configuration Page 4.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Note If you change the IP address that you use to access the Web interface, you lose the connection to the switch. Start a management session again by opening a web browser on your PC and entering the new IP address of the switch. 5. Click Apply. 6. Click SAVE to save your changes to the startup configuration file.
Chapter 19: Setting IPv4 and IPv6 Addresses Deleting an IPv4 Address To delete an IPv4 address, do the following: 1. Select the Layer 3 tab. The Layer 3 tab is displayed. See Figure 84 on page 232. 2. From the Layer 3 tab, select IPv4 Interfaces. A list of IPv4 interfaces is displayed. See Figure 85 on page 232. 3. From the IPv4 Interfaces page, click Delete on the same line as the IPv4 address that you want to delete. The selected IPv4 address is removed from the VLAN.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Displaying the IPv6 Interface To display a list of the IPv6 interface, do the following: 1. Select the Layer 3 tab. The Layer 3 tab is displayed. See Figure 88. Figure 88. Layer 3 Tab 2. From the Layer 3 tab, select IPv6 Interface. The IPv6 interface is displayed if one has already been assigned. See Figure 89. Figure 89.
Chapter 19: Setting IPv4 and IPv6 Addresses The following fields are displayed: 240 VLAN— Indicates the VLAN number that the management IPv6 address is assigned to. IP Address— Indicates the management IPv6 address. Subnet Mask— Indicates the subnet mask of the management IPv6 address. Status— Indicates the status of the link.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Adding an IPv6 Address The switch supports only one IPv6 address. As a result, you can add an IPv6 address only when no IPv6 address is assigned to the switch. To assign an IPv6 address, do the following: 1. Select the Layer 3 tab. The Layer 3 tab is displayed. See Figure 88 on page 239. 2. From the Layer 3 tab, select IPv6 Interface. The IPv6 Interface page is displayed. Ensure that no IPv6 address is displayed. 3. Click Add.
Chapter 19: Setting IPv4 and IPv6 Addresses You can only select a VLAN that you have configured previously. For information about how to assign a VLAN, see Chapter 11, “Setting Port-based and Tagged VLANs” on page 139. 5. Enter an IPv6 address in the IP Address field in the following format: nnnn:nnnn:nnnn:nnnn:nnnn:nnnn:nnnn:nnnn Where n is a hexadecimal digit from 0 to F. The eight groups of digits must be separated by colons. Groups where all four digits are “0” can be omitted.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Changing IPv6 Addresses To edit the management IPv6 interface, do the following: 1. Select the Layer 3 tab. The Layer 3 tab is displayed. See Figure 88 on page 239. 2. From the Layer 3 tab, select IPv6 Interface. The IPv6 interface is displayed if one has already been assigned. See Figure 89 on page 239. 3. From the IPv6 Interface page, click Edit. The following page is displayed. See Figure 91. Figure 91.
Chapter 19: Setting IPv4 and IPv6 Addresses Subnet Mask— Enter the subnet mask of the management IPv6 address. Default Gateway IP— Enter the default gateway IPv6 address. 5. Click Apply. 6. Click SAVE to save your changes to the startup configuration file.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Deleting IPv6 Addresses To delete an IPv6 address, do the following: 1. Select the Layer 3 tab. The Layer 3 tab is displayed. See Figure 88 on page 239. 2. From the Layer 3 tab, select IPv6 Interface. The IPv6 interface is displayed if any. See Figure 89 on page 239. 3. From the IPv6 Interface page, click Delete. The management IPv6 address is removed from the switch.
Chapter 19: Setting IPv4 and IPv6 Addresses 246
Chapter 20 Access Control Lists (ACL) This chapter provides a brief description of the ACL feature and explains how to use these features on the switch and on a port. See the following sections: “Overview” on page 248 “Creating an ACL” on page 251 “Assigning an ACL to Ports” on page 255 “Displaying a List of ACLs” on page 257 For information about the QoS feature, see Chapter 22, “Quality of Service (QoS)” on page 267.
Chapter 20: Access Control Lists (ACL) Overview Access Control Lists (ACLs) act as filters to control the ingress packets on ports. They are commonly used to restrict the types of packets that ports accept to increase port security and create physical links dedicated to carrying specific types of traffic. For instance, you can configure ACLs to permit ports to accept only ingress packets that have a source or destination IP address. You create an ACL first and then assign it to a port.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide IPv4 Address and Mask Actions How Ingress Packets are Compared Against ACLs Source and destination UDP ports VLAN IDs The mask of an IPv4 address is a decimal number that represents the number of bits in the address, from left to right, that constitute the network portion of the address. For example, the subnet address 149.11.11.0/24 has a mask of “24” for first the twenty-four bits of the network portion of the address.
Chapter 20: Access Control Lists (ACL) Guidelines 250 Here are the ACL guidelines: An ACL can have a permit, deny, or copy-to-mirror action. The permit action allows ports to forward ingress packets of the designated traffic flow while the deny action causes ports to discard packets. The copyto-mirror action causes a port to copy all ingress packets that match the ACL to the destination port of the mirror port. A port can have more than one ACL. An ACL can be assigned to more than one port.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Creating an ACL To create an ACL, do the following: 1. Select the ACLs &QoS tab. The ACLs & QoS tab is displayed. See Figure 92. Figure 92. ACLs and QoS Tab 2. From the ACLs & QoS tab, select Traffic Classifiers. The Traffic Classifiers page is displayed. See Figure 93. Figure 93. Traffic Classifiers Page 3. Click Add on the right above the table. The Traffic Classification page is displayed. See Figure 94 on page 252.
Chapter 20: Access Control Lists (ACL) Figure 94. Traffic Classification Page 4. Enter and select the following fields as needed: Classifier #— Enter a classifier number to identify an ACL. Choose a number from the following ranges: IPv4 ACL: 3000 to 3699 MAC ACL: 4000 to 4699 Actions— Click a radio button to select an action from the following options: Deny: Instructs ports to discard the ingress packets that match the specified filtering criteria.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Permit: Instructs ports to forward ingress packets that match the specified filtering criteria. By default, all ingress packets are forwarded by the ports. Mirror: Instructs ports to copy all ingress packets that match the filtering criteria to the mirror port. When you select Mirror, a text box appears below the action icons. Enter a port number (for example, port1.0.5) in the text box.
Chapter 20: Access Control Lists (ACL) Destination Address— Enter a destination address to match ingress packets. Enter one of the following: The keyword “any:” Matches all packets on the destination address. IPv4 Address and mask: Enter an IPv4 source address followed by an slash (/) and a mask if you are creating an IPv4 ACL. MAC Address and mask: Enter an MAC source address followed by an slash (/) and a mask if you are creating a MAC ACL.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Assigning an ACL to Ports Before assigning ACLs to ports, ACLs must be available on the switch. To create an ACL, see “Creating an ACL” on page 251. To assign an ACL to ports, do the following: 1. Select the ACLs &QoS tab. The ACLs & QoS tab is displayed. See Figure 92 on page 251. 2. From the ACLs & QoS tab, select Policies/ACLs. The Policies/ACLs page is displayed. See Figure 96. Figure 96. Policies/ACLs Page 3.
Chapter 20: Access Control Lists (ACL) Figure 97. Traffic Classifiers Page 4. Click a radio button to select an ACL. 5. Check one or multiple checkboxes to select ports to apply the ACL. 6. Click Apply. 7. Click SAVE to save your changes to the startup configuration file.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Displaying a List of ACLs To display a list of ACLs, do the following: 1. Select the ACLs &QoS tab. The ACLs & QoS tab is displayed. See Figure 92 on page 251. 2. From the ACLs & QoS tab, select Traffic Classifiers. The Traffic Classifiers page is displayed. See Figure 98. Figure 98. Traffic Classifiers Page 3. The following fields are displayed: Classifier Number— Indicates an ACL or QoS classifier number.
Chapter 20: Access Control Lists (ACL) 258
Chapter 21 Setting Static Routes To make remote networks communicate, you must add static routes or dynamic routes, or both to the routing table. Static routes are configured manually to add routing information to the routing table. This chapter provides information about static routes. The procedures in this chapter describe how to display a list of static routes on the switch, and how to add and delete a static route.
Chapter 21: Setting Static Routes Displaying Static Routes To display the static routes, do the following: 1. Select the Layer 3 tab. The Layer 3 tab is displayed. See Figure 99. Figure 99. Layer 3 Tab 2. From the Layer 3 tab, select Static Routes. A list of static routes is displayed. See Figure 100. Figure 100. Static Routes Page The following fields are displayed: 260 Network Address— Indicates the IP address of the destination network. The IP address for a default route is 0.0.0.0.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Network Mask— Indicates the subnet mask of the destination network. Next Hop— Indicates the IP address of the next hop to the route. AD— Indicates the value of the administrative distance specified to the route.
Chapter 21: Setting Static Routes Adding a Static Route To add a static route, do the following: 1. Select the Layer 3 tab. The Layer 3 tab is displayed. See Figure 99 on page 260. 2. From the Layer 3 tab, select Static Routes. A list of static routes is displayed. See Figure 100 on page 260. 3. Click Add. The Add Static Route Page is displayed. See Figure 101. Figure 101. Add Static ARP Page 4. Enter the destination network address in the Network Address field. 5.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide 7. Enter the value of the metric for the route in the AD field. The range is 1 to 255. The field is optional. The default is 1. 8. Click Add. 9. Click SAVE.
Chapter 21: Setting Static Routes Deleting a Static Route To delete a static route entry, do the following: 1. Select the Layer 3 tab. The Layer 3 tab is displayed. See Figure 99 on page 260. 2. From the Layer 3 tab, select Static Routes. A list of static routes is displayed. See Figure 100 on page 260. 3. Click Delete next to the network address that you want to delete.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Displaying the Routing Table The routing table includes static routes and dynamic routes. The switch decides which route is the best based on the routing table. To display the routing table, do the following: 1. Select the Layer 3 tab. The Layer 3 tab is displayed. See Figure 99. Figure 102. Layer 3 Tab 2. From the Layer 3 tab, select Routing Table. A list of routes is displayed. See Figure 103. Figure 103.
Chapter 21: Setting Static Routes The following fields are displayed: Destination— Indicates the destination network address. Network Mask— Indicates the subnet mask of the destination network address. Nexthop— Indicates the IP address of the next hop to the route. Interface— Indicates the VLAN ID of the interface. Protocol— Indicates how this route is established.
Chapter 22 Quality of Service (QoS) This chapter provides a brief description of the QoS feature and explains how to use the feature on the switch and on a port. See the following sections: “Overview” on page 268 “Creating a QoS Policy” on page 271 “Assigning a QoS Policy to Ports” on page 276 “Displaying a List of QoS Policies” on page 278 For information about the ACL feature, see Chapter 20, “Access Control Lists (ACL)” on page 247.
Chapter 22: Quality of Service (QoS) Overview Quality of Service (QoS) is a feature that classifies and prioritizes traffic to guarantee a certain level of performance in converged networks, which run voice and video services on data networks. Without QoS, all traffic types are equally likely to be dropped when congestion occurs. QoS can give certain traffic types preferential treatment.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Table 9. Classifier Number Ranges for QoS Filtering Criterion Filtering Criteria Actions How Ingress Packets are Selected with Filtering Criteria Guidelines Classifier Number Range Specifying an IPv4 address 3000 - 3699 Specifying an MAC address 4000 - 4699 Specifying no address 3000 - 3699 and 4000 - 4699 QoS policies identify packets using filtering criteria.
Chapter 22: Quality of Service (QoS) DSCP action causes a port to change the DSCP value of all ingress packets that match the filtering criteria with the specified DSCP value. The mark CoS action causes a port to change the CoS value of all ingress packets that match the filtering criteria with the specified Cos value. 270 A port can have only one QoS policy. A QoS policy can be assigned to more than one port. QoS classifies ingress packets, but does not process egress packets.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Creating a QoS Policy To create an QoS, do the following: 1. Select the ACLs &QoS tab. The ACLs & QoS tab is displayed. See Figure 104. Figure 104. ACLs and QoS Tab 2. From the ACLs & QoS tab, select Traffic Classifiers. The Traffic Classifiers page is displayed. See Figure 105. Figure 105. Traffic Classifiers Page 3. Click Add on the right above the table. The Traffic Classification page is displayed. See Figure 106 on page 272.
Chapter 22: Quality of Service (QoS) Figure 106. Traffic Classification Page 4. Enter and select the following fields as needed: Classifier #— Enter a classifier number to identify a QoS policy. Choose a classifier number according to the following conditions: When specifying an IPv4 address as a filtering criterion: Choose from 3000 to 3699. When specifying a MAC Address as a filtering criterion: Choose from 4000 to 4699.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Actions— Click a radio button to select an action from the following options: Priority Queue: Instructs ports to place all ingress packets that match the filtering criteria into a specified priority queue. When you select Priority Queue, a text box appears below the action icons as shown in Figure 107. Enter a priority queue number. Choose from 0 to 7. Figure 107.
Chapter 22: Quality of Service (QoS) Figure 109. Text box for CoS Note The action options of Deny, Permit, and Mirror are for the Access Control List (ACL) feature. For information about creating an ACL, see “Creating an ACL” on page 251. Match The following parameters are under the “Match” heading on the Traffic Classification Page. Note You can specify one or more match criteria to create a QoS policy. Source Address— Specify a source address to match ingress packets as needed.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide MAC Address and mask: Enter an MAC source address followed by an slash (/) and a mask if you are creating a MAC ACL. Source Port— Select TCP or UDP from the pull-down menu and enter a source port number as needed. Destination Port— Select TCP or UDP from the pull-down menu and enter a source port number as needed. VLAN ID— Enter a VLAN ID. Use this field if you want the ACL to filter tagged packets.
Chapter 22: Quality of Service (QoS) Assigning a QoS Policy to Ports Before assigning QoS policies to ports, QoS policies must be available on the switch. For how to create a QoS policy, see “Creating a QoS Policy” on page 271. To assign a QoS policy to ports, do the following: 1. Select the ACLs &QoS tab. The ACLs & QoS tab is displayed. See Figure 104 on page 271. 2. From the ACLs & QoS tab, select Policies/ACLs. The Policies/ACLs page is displayed. See Figure 110. Figure 110. Policies/ACLs Page 3.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Figure 111. Traffic Classifier Page 4. Click a radio button to select a QoS policy. 5. Check one or multiple checkboxes to select ports to apply the QoS policy. 6. Click Apply. 7. Click SAVE to save your changes to the startup configuration file.
Chapter 22: Quality of Service (QoS) Displaying a List of QoS Policies To display a list of ACLs, do the following: 1. Select the ACLs &QoS tab. The ACLs & QoS tab is displayed. See Figure 104 on page 271. 2. From the ACLs & QoS tab, select Traffic Classifiers. The Traffic Classifiers page is displayed. See Figure 112. Figure 112. Traffic Classifiers Page 3. The following fields are displayed: Classifier Number— Indicates an ACL or QoS classifier number. Type— Indicates either ACL or QoS.
Chapter 23 Setting Dynamic Routes Using RIP The chapter provides a brief description of the RIP feature and explains how to display the RIP settings, enable RIP on a VLAN interface, change the RIP settings, delete a VLAN interface, and display RIP statistics.
Chapter 23: Setting Dynamic Routes Using RIP Overview To make remote networks communicate, you must add either static routes, dynamic routes, or both. The AlliedWare Plus™ Management Software supports RIP as the routing protocol to add dynamic routes. By enabling RIP, the switch can learn about remote networks and add the routing information to its routing table dynamically. For information about static routes, refer to Chapter 21, “Setting Static Routes” on page 259.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Displaying the RIP Configuration To check how the RIP is configured on the switch, do the following: 1. Select the Layer 3 tab. The Layer 3 tab is displayed. See Figure 113. Figure 113. Layer 3 Tab 2. From the Layer 3 tab, select or move the cursor over RIP and select Configuration. The RIP configuration page is displayed. See Figure 114. Figure 114.
Chapter 23: Setting Dynamic Routes Using RIP The following fields are displayed: 282 VLAN— Indicates the ID number of the VLAN. This VLAN interface receives and sends RIP packets and the network that the VLAN belongs to is advertised through RIP. IP Interface— Indicates the IP address that the VLAN interface is assigned to. Authentication Type— Indicates the ID number of the VLAN where the host is a member. Authentication Key— Indicates the port number where the host is connected.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Enabling RIP on a VLAN Interface To enable RIP and connect remote networks dynamically, you must enable RIP on VLAN interfaces. When RIP is enabled on a VLAN interface, the VLAN interface sends and receives RIP packets, and the network where the VLAN belongs is advertised through RIP. To enable RIP on a VLAN interface, you must add the VLAN to the RIP routing process by performing the following procedure: 1. Select the Layer 3 tab.
Chapter 23: Setting Dynamic Routes Using RIP Figure 116. RIP Interface Page 3. Specify the following fields as needed: 284 VLAN Interface— Select the VLAN interface to associate with the RIP routing process. This VLAN interface receives and sends RIP packets and the network where the VLAN belongs is advertised through RIP. Authentication Mode— Select the authentication mode for the VLAN interface. Choose MD5, Text, or None.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide 4. Click Add. 5. Click SAVE to save your changes to the startup configuration file. Note There is another way to go to the RIP Interface page to enable RIP on a VLAN interface. Go to the RIP Configuration page from the RIP Configuration page shown in Figure 114 on page 281 and click Add. To go to the RIP Configuration page, see the procedure in “Displaying the RIP Configuration” on page 281.
Chapter 23: Setting Dynamic Routes Using RIP Changing the RIP Settings To change the RIP settings of the VLAN interface, perform the following: 1. Select the Layer 3 tab. The Layer 3 tab is displayed. See Figure 113 on page 281. 2. From the Layer 3 tab, select or move the cursor over RIP and select Configuration. The RIP Configuration page is displayed. See Figure 114 on page 281. 3. Click Edit next to the VLAN that you want to edit. The RIP Interface page is displayed. See Figure 116 on page 284.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Removing a VLAN Interface from the RIP Configuration To remove a VLAN interface from the RIP configuration, do the following: 1. Select the Layer 3 tab. The Layer 3 tab is displayed. See Figure 113 on page 281. 2. From the Layer 3 tab, select RIP or move the cursor over RIP and select Configuration. The RIP configuration page is displayed. See Figure 114 on page 281. 3. Click Delete next to the VLAN that you want to remove.
Chapter 23: Setting Dynamic Routes Using RIP Displaying RIP Statistics To display counters for RIP packets on the switch, do the following: 1. Select the Layer 3 tab. The Layer 3 tab is displayed. See Figure 117. Figure 117. Layer 3 Tab 2. From the Layer 3 tab, select RIP or move the cursor over RIP and select Statistics. The RIP statistics page is displayed. See Figure 118. Figure 118.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide The following fields are displayed: Input— Indicates that the counters displayed under this column are for incoming RIP packets. inResponses— Indicates the number of response packets received. inRequests— Indicates the number of request packets received. inDiscards— Indicates the number of packets discarded.
Chapter 23: Setting Dynamic Routes Using RIP Reloading RIP Statistics RIP statistics are constantly counting up so that the data that has been displayed in the RIP Statistics pages is not the most recent. To display the latest data possible, click on the Refresh button on the RIP Statistics page. Figure 119 shows the Refresh button on the RIP Statistics page. Figure 119.
Chapter 24 Managing the ARP Table The procedures in this chapter describe how to display the ARP table that resides on the switch, how to add static ARP entries to the table, and how to delete static ARP entries. See the following sections: “Overview” on page 292 “Displaying the ARP Table” on page 293 “Adding a Static ARP Entry” on page 295 “Deleting ARP Entries” on page 297 For more information about ARP, see the following chapters in the AlliedWare Plus Management Software Version 2.2.
Chapter 24: Managing the ARP Table Overview The Address Resolution Protocol (ARP) is used to associate an IPv4 address with a MAC address used by network nodes including the AT-8100 switches. ARP gathers information about mapping between an IPv4 address and a MAC address and stores them in the ARP table. When the node receives a packet from the Network layer, then the node encapsulates the packet into a frame. The node looks up the ARP cache to find out the MAC address of the destination node.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Displaying the ARP Table To display the ARP table, do the following: 1. Select the Layer 3 tab. The Layer 3 tab is displayed. See Figure 120. Figure 120. Switching Tab 2. From the Layer 3 tab, select ARP Table. The ARP table is displayed. See Figure 121. Figure 121.
Chapter 24: Managing the ARP Table The following fields are displayed: 294 IP Address— Indicates the IP address of the host that is connected to the switch. MAC Address— Indicates MAC address of the host. Vlan— Indicates the ID number of the VLAN where the host is a member. Interface— Indicates the port number where the host is connected. Type— Indicates the type of the ARP entry: static or dynamic.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Adding a Static ARP Entry To add a static ARP entry, do the following: 1. Select the Layer 3 tab. The Layer 3 tab is displayed. See Figure 120 on page 293. 2. From the Layer 3 tab, select ARP Table. The ARP table is displayed. See Figure 121 on page 293. 3. Click Add. The Add Static ARP Page is displayed. See Figure 122. Figure 122. Add Static ARP Page 4.
Chapter 24: Managing the ARP Table Port— Enter a port ID where the host is connected to, for example, port1.0.8. 5. Click Add. 6. Click SAVE to save your changes to the startup configuration file.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Deleting ARP Entries To delete a static ARP entry, do the following: 1. Select the Layer 3 tab. The Layer 3 tab is displayed. See Figure 120 on page 293. 2. From the Layer 3 tab, select ARP Table. The ARP table is displayed. See Figure 121 on page 293. 3. Do one of the following: To clear all of the dynamic ARP entries in the ARP address table, click Clear Dynamic.
Chapter 24: Managing the ARP Table 298
Chapter 25 LLDP and LLDP-MED This chapter provides a brief description of the Link Layer Discovery Protocol (LLDP) and Link Layer Discovery Protocol for Media Endpoint Devices (LLDP-MED) features and explains how to enable these features on the switch.
Chapter 25: LLDP and LLDP-MED Overview Link Layer Discovery Protocol (LLDP) and Link Layer Discovery Protocol for Media Endpoint Devices (LLDP-MED) allow Ethernet network devices such as switches and routers to receive and/or transmit device-related information to directly connected devices on the network that are also using the protocols, and store the information that is learned about other devices. The data sent and received by LLDP and LLDP-MED are useful for many reasons.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Optional LLDP-MED TLVs You can select LLDP-MED TLVs that are included in an LLDPDU. The switch sends selected TLVs along with the mandatory TLVs in an LLDPDU.
Chapter 25: LLDP and LLDP-MED Enabling and Configuring LLDP on the Switch To enable LLDP and set the basic LLDP configuration to the switch, do the following: 1. Select the Discovery & Monitoring tab. The Discovery & Monitoring tab is displayed. See Figure 123. Figure 123. Discovery & Monitoring Tab 2. From the Discovery & Monitoring tab, select LLDP. The LLDP tab appears to the right. 3. From the LLDP tab, select the Basic Configuration tab. The LLDP Configuration page is displayed.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Figure 124. LLDP Configuration Page 4. Change the following fields as needed: Status— Enable LLDP on the switch. By default, LLDP is disabled. Timer— Enter the transmit interval of LLDP advertisements. The transmit interval must be at least four times the transmission delay timer (Tx Delay). The range is 5 to 32,768 seconds. The default value is 30 seconds. Fast Start Count— Enter a fast start count for LLDP-MED.
Chapter 25: LLDP and LLDP-MED advertisements, for instance when it detects a new LLDP-MED capable device. The default value is 3. Holdtime Multiplier— Enter a holdtime multiplier value. The transmit interval is multiplied by the holdtime multiplier to give the Time To Live (TTL) the switch advertises to the neighbors. The range is 2 to 10.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Disabling LLDP on the Switch To disable the LLDP feature on a switch, do the following: 1. Select the Discovery & Monitoring tab. The Discovery & Monitoring tab is displayed. See Figure 123 on page 302. 2. From the Discovery & Monitoring tab, select LLDP. The LLDP tab appears to the right. 3. From the LLDP tab, select the Basic Configuration tab. The LLDP Configuration page is displayed. See Figure 124 on page 303. 4.
Chapter 25: LLDP and LLDP-MED Configuring LLDP on a Port To assign LLDP to a port, do the following: 1. Select the Discovery & Monitoring tab. The Discovery & Monitoring tab is displayed. See Figure 123 on page 302. 2. From the Discovery & Monitoring tab, select LLDP and then select Port Configurations. The LLDP Port Config page is displayed. See Figure 125. Figure 125. LLDP Port Config Page 3. Select Edit next to the port that you want to modify. The Modify LLDP Port Configuration page is displayed.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Figure 126. Modify LLDP Port Configuration Page 4. Change the settings as needed: Interface— Indicates the port ID. Notifications— Check the checkbox to activate the switch to send LLDP-MED topology change notifications when a device is connected to or disconnected from the port. By default, this field is not selected. Advertisement Transmit— Check the checkbox to activate the port to send LLDP advertisements.
Chapter 25: LLDP and LLDP-MED Selecting LLDP TLVs on a Port To enable LLDP TLV, do the following: 1. Select the Discovery & Monitoring tab. The Discovery & Monitoring tab is displayed. See Figure 123 on page 302. 2. From the Discovery & Monitoring tab, select LLDP. The LLDP tab is displayed. 3. From the LLDP tab, select TLV. The LLDP TLV tab is displayed in Figure 127. Figure 127. LLDP TLV Tab 4. Move your cursor to the right and select TLV again. The LLDP TLV page is displayed.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Figure 128. LLDP TLV Page 5. Click Edit next to the port that you want to modify. The Modify LLDP TLV page is displayed. See Figure 129 on page 310.
Chapter 25: LLDP and LLDP-MED Figure 129. Modify LLDP TLV Page 6. Change the settings as needed: 310 Interface— Indicates the port ID. Port Description— Check the checkbox to select the port description to be included in LLDPDUs. System Name— Check the checkbox to select the system name to be included in LLDPDUs. System Description— Check the checkbox to select the model number of the AT-8100 switch to be included in LLDPDUs.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Management Address— Check the checkbox to select the IP address of the local LLDP agent to be included in LLDPDUs.Indicates. Port VLAN— Check the checkbox to select the VID of the untagged VLAN in which the transmitting port a member to be included in LLDPDUs.
Chapter 25: LLDP and LLDP-MED Setting a Location Entry for the LLDP-MED Location TLV You can define location information about a network device as a LLDPMED TLV and include the TLV in an LLDPDU, which the switch sends to its neighbors. Unlike some of the other LLDP-MED LLDP TLVs, such as capabilities and network policy TLVs, which have pre-set values, a location TLV must be specified before a port sends it to the neighbors.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Figure 130. Locations Tab 4. From the Locations tab, select Civic. The LLDP Civic Location page is displayed. See Figure 131. Figure 131.
Chapter 25: LLDP and LLDP-MED 5. Click Add. The LLDP Civic Location Page is displayed. See Figure 132. Figure 132.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide 6. Enter the ID and Country fields: ID— Enter an LLDP Civic Location ID. The range is 1 to 256. (This range is separate from the ranges for coordinate and ELIN entries.) Country— Enter the county code. It must contain two uppercase characters (for example, US or FR). Note You must define the ID and Country fields. The remaining fields are optional. 7.
Chapter 25: LLDP and LLDP-MED Post Office Box— 102 Additional Code— 1234 Seat— cube-411a Primary Road Name— Zanker Road Selection— North Branch Road Name— State-Lane Sub Branch Road Name— Boulder-Creek-Avenue Street Name Pre Modifier— West Street Name Pre Modifier— Div 8. Click Apply. 9. Click SAVE to save your changes to the startup configuration file. Creating a Coordinate Location To create an LLDP Coordinate Location, do the following: 1.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Figure 133. LLDP Coordinate Location Page 5. From the LLDP Coordinate Location page, click Add. The LLDP Coordinate Location page is displayed. See Figure 134 on page 318.
Chapter 25: LLDP and LLDP-MED Figure 134. LLDP Coordinate Location Page— Modify 6. Specify the following fields as needed: 318 ID— Enter an LLDP Coordinate Location ID. The range is 1 to 256. (This range is separate from the ranges for civic and ELIN entries.) Latitude— Enter a latitude value in decimal degrees. The range is -90.0º to 90.0º. The field accepts up to two digits to the right of the decimal point. Latitude Resolution— Enter latitude resolution as the number of valid bits.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Altitude— Enter an altitude in meters or floors. For the altitude in meters, the range is -2097151.0 to 2097151.0 meters. The parameter accepts up to eight digits to the right of the decimal point. For altitude in the number of floors, the range is -2097151.0 to 2097151.0. Use the Altitude Type field to specify meters or floors. Altitude Type— Choose between meters and floors.
Chapter 25: LLDP and LLDP-MED Figure 135. LLDP ELIN Location List Page 5. From the LLDP ELIN Location page, click Add. The LLDP ELIN Location page is displayed. See Figure 136. Figure 136.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide 6. Enter values in the following fields: ID— Enter an ID number for a LLDP-MED coordinate location entry on the switch. The range is 1 to 256. (This range is separate from the ranges for civic and coordinate entries.) ELIN-LOCATION— Enter an ELIN location of 10 to 25 digits. 7. Click Apply.
Chapter 25: LLDP and LLDP-MED Assigning LLDP Locations to a Port Use a Civic, Coordinate, or ELIN location IDA port location to assign to a port. You must create these location IDs before you assign a port location to a port. For instructions to create location IDs, see “Setting a Location Entry for the LLDP-MED Location TLV” on page 312. To set an LLDP port location, do the following: 1. Select the Discovery & Monitoring tab. The Discovery & Monitoring tab is displayed. See Figure 123 on page 302. 2.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Figure 138. Modify LLDP Port Location Page 5. Select values in the fields as needed: Interface — Indicates the port ID. Civic Location ID— Select a Civic Location ID from the pull-down menu. By default, none is selected. Coordinate Location ID— Select a Coordinate Location ID from the pull-down menu. By default, none is selected. ELIN Location ID— Select an ELIN Location ID from the pulldown menu.
Chapter 25: LLDP and LLDP-MED Selecting LLDP-MED TLVs on a Port To enable LLDP-MED TLV, do the following: 1. Select the Discovery & Monitoring tab. The Discovery & Monitoring tab is displayed. See Figure 123 on page 302. 2. From the Discovery & Monitoring tab, select LLDP and then select TLV. The LLDP TLV tab is displayed. See Figure 127 on page 308. 3. From the LLDP TLV tab, select TLV-MED. The LLDP-MED TLV page is displayed. See Figure 139. Figure 139. LLDP-MED TLV Page 4.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Figure 140. Modify LLDP-MED TLV Page 5. Change the fields as needed: Interface— Indicates the port ID. Capabilities— Check the checkbox to select the capabilities to be included in LLDPDUs. Network-policy— Check the checkbox to select the network policy TLV to be included in LLDPDUs. The network policy TLV includes the network policy information specified on the port for connected media endpoint devices.
Chapter 25: LLDP and LLDP-MED Location— Check the checkbox to select the location TLV to be included in LLDPDUs. The location TLV is in one or more of the following formats: - Civic location - Coordinate location - Emergency Location Identification Number (ELIN) Inventory-management— Check the checkbox to select the current hardware and the software information to be included in LLDPDUs.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Displaying LLDP Neighbor Information To display LLDP Statistical information, do the following: 1. Select the Discovery & Monitoring tab. The Discovery & Monitoring tab is displayed. See Figure 123 on page 302. 2. From the Discovery & Monitoring tab, select LLDP and then select Neighbors. The LLDP Neighbors Information page is displayed. See Figure 141. Figure 141.
Chapter 25: LLDP and LLDP-MED B= Bridge W = Wireless Access Point R = Router T = Telephone C= Cable Device S = Station only Med Device class and Power Source code— Indicates whether or not the MED device Classes I through III are supported. Power Source code indicates the current power source which is either the Primary Power Source or the Backup Power Source.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Displaying LLDP Statistics To display LLDP Statistics, do the following: 1. Select the Discovery & Monitoring tab. The Discovery & Monitoring tab is displayed. See Figure 123 on page 302. 2. From the Discovery & Monitoring tab, select LLDP 3. From the LLDP tab, select Statistics. The LLDP Statistics page is displayed with the Port Statistics tab selected automatically. See Figure 142. Figure 142.
Chapter 25: LLDP and LLDP-MED Discarded— Indicates the number of discarded TLVs. New Entries— Indicates the number of times the information advertised by neighbors has been inserted into the neighbor table. Deleted Entries— Indicates the number of times the information advertised by neighbors has been removed from the neighbor table.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide The fields are described in step 3. These fields list the statistics for all of the ports. 5. Click OK to return to the LLDP Statistics Page with the Port Statistics Tab selected.
Chapter 25: LLDP and LLDP-MED Displaying Location Entries To display the LLDP Civic, Coordinate, and ELIN locations, use the following procedures: “Displaying Civic Locations” on page 332 “Displaying Coordinate Locations” on page 333 “Displaying ELIN Locations” on page 334 For information about creating LLDP locations, see “Enabling and Configuring LLDP on the Switch” on page 302. Displaying Civic Locations To display a Civic Location, do the following: 1.
AlliedWare Plus Version 2.2.
Chapter 25: LLDP and LLDP-MED The following fields are displayed: ID— Indicates the LLDP Coordinate Location ID. Latitude— Indicates the latitude value in decimal degrees. Latitude Resolution— Indicates the latitude resolution as the number of valid bits. Longitude— Indicates the longitude value in decimal degrees. Longitude Resolution— Indicates the longitude resolution as the number of valid bits. Altitude— Indicates the altitude.
AlliedWare Plus Version 2.2.
Chapter 25: LLDP and LLDP-MED Displaying LLDP Port Assignments Notification Interval— Indicates the notification interval. This is the minimum interval between LLDP SNMP notifications (traps). Reinit— Indicates the reinitialization delay. This is the number of seconds that must elapse after LLDP is disabled on a port before it can be reinitialized. Tx Delay— Indicates the transmission delay.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Displaying Port Locations To display the LLDP port locations, do the following: 1. Select the Discovery & Monitoring tab. The Discovery & Monitoring tab is displayed. See Figure 123 on page 302. 2. From the Discovery & Monitoring tab, select LLDP. The LLDP tab appears on the right. 3. From the LLDP tab, select Port Locations. The LLDP Port Location page is displayed. See Figure 137 on page 322. The following fields are displayed.
Chapter 25: LLDP and LLDP-MED System Capabilities— Indicates the device’s router and bridge functions, and whether or not these functions are currently enabled. Management Address— Indicates the IP address of the local LLDP agent. This is used to obtain information related to the local device. Port VLAN— Indicates the VID of the VLAN in which the transmitting port is an untagged member.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Displaying LLDP-MED TLV To display LLDP-MED TLV settings, do the following: 1. Select the Discovery & Monitoring tab. The Discovery & Monitoring tab is displayed. See Figure 123 on page 302. 2. From the Discovery & Monitoring tab, select LLDP and then select TLV. The LLDP TLV tab is displayed. See Figure 127 on page 308. 3. From the LLDP TLV tab, select TLV-MED. The LLDP-Med TLV page is displayed. See Figure 139 on page 324.
Chapter 25: LLDP and LLDP-MED - Model Name - Asset ID 340
Chapter 26 sFlow This chapter provides a brief description of the sFlow feature and explains how to enable this feature on the switch and on a port.
Chapter 26: sFlow Overview The sFlow agent allows the switch to gather data about the traffic on the ports and to send the data to sFlow collectors on your network for analysis. You can use the information to monitor the performance of your network or identify traffic bottlenecks.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide To configure the agent to forward these port statistics to the collectors, you have to specify polling rates, which define the maximum amount of time permitted between successive queries of the counters of a port by the agent. Different ports can have different polling rates. Ports to which critical network devices are connected can be assigned low polling rates, so that the information on the collector is kept up-to-date.
Chapter 26: sFlow Configuring sFlow on a Port To configure the sFlow feature on a port, do the following: 1. Select the Discovery & Monitoring tab. The Discovery & Monitoring tab is displayed. See Figure 144. Figure 144. Discovery &Monitoring Tab 2. From the Discovery & Monitoring tab, select sFlow. The sFlow page is displayed with the Port Configurations tab selected. See Figure 145. Figure 145.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide 3. Click Edit next to the port that you want to modify. The sFlow Port Modify page is displayed. See Figure 146. Figure 146. sFlow Port Modify Page 4. Change the following fields as needed: Interface— Indicates the port ID. Polling Interval— Enter the polling interval for the port. This controls the maximum amount of time permitted between successive pollings of the packet counter on the port by the sFlow agent.
Chapter 26: sFlow Specifying an sFlow Collector Use this procedure to specify the IP address and the UDP port of an sFlow collector on your network. The packet sampling data and the packet counters are sent by the switch to the collector specified. You can specify only one collector. To select the Collector tab from the sFlow page, do the following: 1. Select the Discovery & Monitoring tab. The Discovery & Monitoring tab is displayed. See Figure 144 on page 344. 2.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Figure 148. sFlow Collector Page 5. Enter the following fields: IP Address— Enter the IPv4 address of the sFlow collector on your network. Enter the IPv4 address in the following format: xxx.xxx.xxx.xxx where x is a number from 0 to 255. There are four groups of numbers that are separated by periods. UDP Port— Enter the UDP port number of the sFlow collector. The default is UDP port 6343. 6. Click Apply. 7.
Chapter 26: sFlow Enabling sFlow on the Switch Before enabling the sFlow feature on the switch, you must configure sFlow on the ports. The port configurations cannot be edited if the sFlow feature is enabled. For how to configure sFlow on the ports, see “Configuring sFlow on a Port” on page 344. To enable the sFlow feature on a switch, do the following: 1. Select the Discovery & Monitoring tab. The Discovery & Monitoring tab is displayed. See Figure 144 on page 344. 2.
AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide Displaying the sFlow Settings To display the sFlow settings, do the following: 1. Select the Discovery & Monitoring tab. The Discovery & Monitoring tab is displayed. See Figure 144 on page 344. 2. From the Discovery & Monitoring tab, select sFlow. The sFlow page is displayed with the Port Configurations tab selected. See Figure 145 on page 344.
Chapter 26: sFlow End of Document 350
