High-Density Layer 3 Stackable Gigabit Ethernet Switch AT-9724TS Installation and User’s Guide PN D617/10032 Rev 1 Copyright. 2004 Allied Telesyn, Inc. 19800 North Creek Parkway, Suite 200, Bothell WA 98011, USA All rights reserved. No part of this publication may be reproduced without prior written permission from Allied Telesyn, Inc.All product names, company names, logos or other designations mentioned herein are trademarks or registered trademarks of their respective owners.Allied Telesyn, Inc.
Electrical Safety and Emission Statement Standards:This product meets the following standards. CE Marking Warning: This is a Class A product. In a domestic environment this product may cause radio interference in which case the user may be required to take adequate measures. Important: Appendix B contains translated safety statements for installing this equipment.When you see the go to Appendix A for the translated safety statement in your language.
Table of Contents Electrical Safety and Emission Statement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
MSTI Port Information. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48 STP Instance Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Security Management. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133 Security IP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Preface Purpose of This Guide This guide is intended for network administrators who are responsible for installing and maintaining the AT-9724TS Gigabit Switch. How This Guide is Organized This guide contains the following chapters and appendices: Chapter 1, Introduction, describes the features, functions, LEDs, and ports on the Gigabit Switch. Chapter 3 Connecting the Switch. Chapter 2 Chapter 4. Chapter 5. Chapter 6. Chapter 7. Chapter 8. Chapter 9. Chapter 10.
Document Conventions This guide uses several conventions that you should become familiar with before you begin to install the product: Note A note provides additional information. c Warning A warning indicates that performing or omitting a specific action may result in bodily injury. m Caution A caution indicates that performing or omitting a specific action may result in equipment damage or loss of data. [] In a command line, square brackets indicate an optional entry.
Where to Find Related Guides The Allied Telesyn web site at www.alliedtelesyn.com under the support section contains the most recent documentation for all of our products.All webbased documents relating to this product and other Allied Telesyn products can be downloaded from the web site. Contacting Allied Telesyn Technical Support You can contact Allied Telesyn technical support through the company’s web site www.alliedtelesyn.com under the support section or by telephone or fax.
Returning Products Products for return or repair must first be assigned a Return Materials Authorization (RMA) number. RMA policy varies from country to country. Please check the applicable RMA policy at www.alliedtelesyn.com. For Europe, you can also contact our European Customer Service centre by e-mail at rma_europe@alliedtelesyn.com. FTP Server If you need management software for an Allied Telesyn managed device, you can download the software by connecting directly to our FTP server at ftp.
Tell Us What You Think If you have any comments or suggestions on how we might improve this or other Allied Telesyn documents, please contact us at www.alliedtelesyn.com.
Chapter 1 - Introduction 1-1 Ethernet Technology 1-2 Switch Description 1-3 Features 1-4 Ports 1-5 Front Panel Components 1-6 Rear-Panel Description 1-7 Side-Panel Description 1-8 Gigabit Combo Ports 1-9 Ethernet Technology 1-10 Fast Ethernet Technology 1-1 Ethernet Technology Fast Ethernet The growing importance of LANs and the increasing complexity of desktop computing applications are fueling the need for high performance networks.
1-2 Switch Description The AT-9724TS has 24 1000T Gigabit ports that may be used in uplinking various network devices to the Switch, including PCs, hubs and other switches to provide a gigabit Ethernet uplink in full-duplex mode. In addition, the AT-9724TS is equipped with 4 SFP (Small Form Factor Portable) combo ports, which are to be used with fibre-optical transceiver cabling in order to uplink various other networking devices for a gigabit link that may span great distances.
• SNMP support • Port Mirroring support • • Secure Sockets Layer (SSL) and Secure Shell (SSH) support MIB support for: RFC1213 MIB II RFC1493 Bridge RFC1757 RMON RFC1643 Ether-like MIB RFC2233 Interface MIB IF MIB Private MIB RFC2674 for 802.1p • • IEEE 802.1x MIB RS-232 DCE console port for Switch management Provides parallel LED display for port status such as link/act, speed, etc.
LED Indicators The Switch supports LED indicators for Power, Master, Console, RPS, SIO (stacking indicators), a seven-segment Stack ID LED and Port LEDs.The following shows the LED indicators for the Switch along with an explanation of each indicator. LED Description Power Master Console RPS Port LEDs Figure 1- 3. LED Indicators This LED will light green after the Switch is powered on to indicate the ready state of the device.The indicator is dark when the Switch is powered off.
Chapter 2 - Installation 2-1 Package Contents 2-2 Before You Connect to the Network 2-3 Installing the Switch Without the Rack 2-4 Rack Installation 2-5 Power On 2-6 Power Failure 2-7 Redundant Power System 2-1 Package Contents Open the shipping carton of the Switch and carefully unpack its contents.The carton should contain the following items: • One AT-9724TS Switch • One Stacking Cable • • • • • • • One AC power cord One CD which includes the AT-9724TS Manual, and Net.
Figure 2- 1. Prepare Switch for installation on a desktop or shelf 2-4 Installing the Switch in a Rack The Switch can be mounted in a standard 19" rack. Use the following diagrams to guide you. Fasten the mounting brackets to the Switch using the screws provided.With the brackets attached securely, you can mount the Switch in a standard rack as shown in Figure 2-2.
2-5 Mounting the Switch in a Standard 19" Rack Figure 2- 2. Installing Switch in a rack 2-5 Power On Plug one end of the AC power cord into the power connector of the Switch and the other end into the local power source outlet. After the Switch is powered on, the LED indicators will momentarily blink.This blinking of the LED indicators represents a reset of the system. 2-6 Power Failure As a precaution, in the event of a power failure, unplug the Switch.When power is resumed, plug the Switch back in.
Chapter 3 - Connecting the Switch • 3-1 Switch to End Node • 3-3 Connecting to Network Backbone or Server • • 3-2 Switch to Hub or Switch 3-4 Stacking and the AT-9724TS 3-1 Switch To End Node End nodes include PCs outfitted with a 10, 100 or 1000Mbps RJ45 Ethernet Network Interface Card (NIC) and most routers. An end node can be connected to the Switch via a twisted-pair UTP/STP cable.The end node should be connected to any of the 24 1000T ports of the Switch. Figure 3- 1.
1 3 5 7 9 11 13 15 17 19 21 23 4 6 8 10 12 14 16 18 20 22 24 Power AT-9724TS 1000 Master Link 1 Act Console 1000 RPS Link 2 Act 3 5 7 9 11 13 15 17 19 21 23 SIO Stack ID 1 4 6 8 10 12 14 16 18 20 22 24 21 23 22 24 2 2 Optical fibre cable 1 3 5 7 9 11 13 15 17 19 21 23 4 6 8 10 12 14 16 18 20 22 24 Power AT-9724TS 1000 Master Link 1 Act Console 1000 RPS Link 2 Act 3 5 7 9 11 13 15 17 19 21 23 SIO 4 6 8 10 12 14 16 18
Figure 3- 8. Stacking in a Ring Architecture Note: The Do not connect the stacked Switch group to the network until you have properly configured all Switches for stacking. An improperly configured Switch stack can cause a broadcast storm. Stacking Limitations Utilizing a Ring Topology There is a limit to the number of AT-9724TS Switches that can be stacked in a ring topology. A maximum of 12 switches can be stacked. Note: All Switches must have the same firmware rev.
Chapter 4 - Introduction to Switch Management 4-1 AT-9724TS Gigabit Layer 3 Switch Management Options 4-2 Web-based Management Interface 4-3 SNMP-Based Management 4-4 Command Line Console Interface Through The Serial Port 4-5 Connecting the Console Port (RS-232 DCE) 4-6 First Time Connecting to The Switch 4-7 Password Protection 4-8 SNMP Settings 4-9 IP Address Assignment 4-10 Connecting Devices to the Switch 4-1 AT-9724TS Gigabit Layer 3 Switch Management Options This system may be managed out-of-band
9. 10. 11. 12. 13. After you have correctly set up the terminal, plug the power cable into the power receptacle on the back of the Switch.The boot sequence appears in the terminal. After the boot sequence completes, the console login screen displays. If you have not logged into the command line interface (CLI) program, press the Enter key at the User name and password prompts.There is one default user name and password for the Switch. User names and passwords must first be created by the administrator.
Figure 4- 2. Command Prompt Note: Switch. The first user automatically gets Administrator level privileges. It is recommended to create at least one Admin-level user account for the 4-7 Password Protection One of the first tasks when settings up the Switch is to create user accounts. If you log in using a predefined administrator-level user name, you have privileged access to the Switch's management software.
The AT-9724TS supports SNMP versions 1, 2c, and 3.You can specify which version of SNMP you want to use to monitor and control the Switch.The three versions of SNMP vary in the level of security provided between the management station and the network device. In SNMP v.1 and v.2, user authentication is accomplished using 'community strings', which function like passwords.The remote user SNMP application and the Switch SNMP must use the same community string.
Alternatively, you can enter config ipif System ipaddress xxx.xxx.xxx.xxx/z.Where the x's represent the IP address to be assigned to the IP interface named System and the z represents the corresponding number of subnets in CIDR notation. The IP interface named System on the Switch can be assigned an IP address and subnet mask which can then be used to connect a management station to the Switch's Telnet or Web-based management agent. Figure 4- 4.
Chapter 5 - Introduction to Web-based Switch Configuration 5-1 Introduction 5-2 Login to Web manager 5-3 Web-Based User Interface 5-4 Basic Setup 5-5 Reboot 5-6 Basic Switch Setup 5-7 Network Management 5-8 Switch Utilities 5-9 Network Monitoring 5-10 IGMP Snooping Status 5-1 Introduction All software functions of the AT-9724TS can be managed, configured and monitored via the embedded web-based (HTML) interface.
5-3 Web-based User Interface The user interface provides access to various Switch configuration and management screens, allows you to view performance statistics, and permits you to graphically monitor the system status. Areas of the User Interface The figure below shows the user interface.The user interface is divided into 3 distinct areas as described in the table. Figure 5- 2. Main Web-Manager Screen Area Function 1 2 3 m Select the menu or window to be displayed.
Web Pages Configurations – Contains screens concerning configurations for IP Address, Switch Information,Advanced Settings, Port Configuration, IGMP, Spanning Tree, Forwarding Filtering,VLANs, Port Bandwidth, SNTP Settings, Port Security, QoS, MAC Notification, LACP,Access Profile Table, System Log Servers, PAE Access Entity, and Layer 3 IP Networking.
Chapter 6 - Configuring The Switch 6-1 Switch Information 6-2 IP Address 6-3 Box Information 6-4 Advanced Settings 6-5 Port Configuration 6-6 Port Description 6-7 Port Mirroring 6-8 Link Aggregation 6-9 LACP Port Setting 6-10MAC Notification 6-11GMP 6-12 Spanning Tree 6-13 Forward & Filtering 6-14 VLANs 6-15 Traffic Control 6-16 Port Security 6-17 Port Lock Entries 6-18 QoS 6-19 System Log Servers 6-20 SNTP Setting 6-21 Access Profile Table 6-22 Port Access Entity 6-23 Layer 3 IP Networking 6-
6-2 IP Address The IP Address may initially be set using the console interface prior to connecting to it through the Ethernet. If the Switch IP address has not yet been changed, read the introduction of the AT-9724TS Command Line Interface Reference Manual or return to Chapter 4 of this manual for more information. To change IP settings using the web manager you must access the IP Address menu located in the Configuration folder.
VLAN Name This allows the entry of a VLAN Name from which a management station will be allowed to manage the Switch using TCP/IP (in-band via web manager or Telnet). Management stations that are on VLANs other than the one entered here will not be able to manage the Switch in-band unless their IP addresses are entered in the Security IP Management menu. If VLANs have not yet been configured for the Switch, the default VLAN contains all of the Switch's ports.
Parameter Description Serial Port Auto Logout Time Select the logout time used for the console interface.This automatically logs the user out after an idle period of time, as defined. Choose from the following options: 2 Minutes, 5 Minutes, 10 Minutes, 15 Minutes or Never.The default setting is 10 minutes.
Parameter Description Current Box ID The current Box ID of the Master switch in the stack. Box Type The user may choose the model name of the Master switch in a stack to be the main configuring switch of that stack. New Box ID Priority The new box ID of the Master switch in the stack. Displays the priority ID of the Switch.The lower the number, the higher the priority.The box (switch) with the lowest priority number in the stack is the Master switch.
Parameter Description State Toggle the State field to either enable or disable a given port or group of ports. Speed/Duplex Toggle the Speed/Duplex field to either select the speed and duplex/half-duplex state of the port. Auto denotes auto-negotiation between 10 and 100Mbps devices, in full- or half-duplex.The Auto setting allows the port to automatically determine the fastest settings the device the port is connected to can handle, and then to use those settings.
6-6 Port Mirroring The Switch allows you to copy frames transmitted and received on a port and redirect the copies to another port.You can attach a monitoring device to the mirrored port, such as a sniffer or an RMON probe, to view details about the packets passing through the first port.This is useful for network monitoring and troubleshooting purposes.To view the Setup Port Mirroring window, click Port Mirroring in the Configuration folder. Figure 6- 7.
The Switch treats all ports in a trunk group as a single port. Data transmitted to a specific host (destination address) will always be transmitted over the same port in a trunk group.This allows packets in a data stream to arrive in the same order they were sent. Note: If any ports within the trunk group become disconnected, packets intended for the disconnected port will be load shared among the other uplinked ports of the link aggregation group.
Figure 6- 11. Link Aggregation Group Configuration window – Modify The user-changeable parameters are as follows: Parameter Description Group ID Select an ID number for the group, between 1 and 32. Master Port Choose the Master Port for the trunk group using the pull down menu. State Member Ports Flooding Port Active Port Type Trunk groups can be toggled between Enabled and Disabled.This is used to turn a port trunking group on or off.
The user may set the following parameters: Parameter Description Unit Choose the switch in the switch stack to be configured by using the pull-down menu. Mode Active – Active LACP ports are capable of processing and sending LACP control frames.This allows LACP compliant devices to negotiate the aggregated link so the group may be changed dynamically as needs require.
MAC Notification Port Settings To change MAC notification settings for a port or group of ports on the Switch, click Port Settings in the MAC Notification folder, which will display the following screen: Figure 6- 14. MAC Notification Port Settings and Port State Table The following parameters may be set: Parameter Description Unit Choose the Switch ID number of the Switch in the switch stack to be modified. State Enable MAC Notification for the ports selected using the pull down menu.
The format of an IGMP packet is shown below: IGMP Message Format Octets 0 8 Type 31 16 Response Time Checksum Group Address (all zeros if this is a query) Figure 6- 15. IGMP Message Format The IGMP Type codes are shown below: Type Meaning 0x11 Membership Query (if Group Address is 0.0.0.0) 0x16 Membership Report (version 2) 0x11 0x17 0x12 Specific Group Membership Query (if Group Address is Present) Leave a Group (version 2) Membership Report (version 1) Table 6- 1.
IGMP Snooping Internet Group Management Protocol (IGMP) snooping allows the Switch to recognize IGMP queries and reports sent between network stations or devices and an IGMP host.When enabled for IGMP snooping, the Switch can open or close a port to a specific device based on IGMP messages passing through the Switch. In order to use IGMP Snooping it must first be enabled for the entire Switch (see Advanced Settings).
Robustness Value Last Member Query Interval Host Timeout Router Timeout Leave Timer Querier State Querier Router Behavior State Adjust this variable according to expected packet loss. If packet loss on the VLAN is expected to be high, the Robustness Variable should be increased to accommodate increased packet loss.This entry field allows an entry of 1 to 255. Default = 2.
Figure 6- 20. Static Router Ports Settings window The following parameters can be set: Parameter Description VID (VLAN ID) This is the VLAN ID that, along with the VLAN Name, identifies the VLAN where the multicast router is attached. VLAN Name Unit Member Ports This is the name of the VLAN where the multicast router is attached. Choose the Switch ID number of the Switch in the switch stack to be modified. These are the ports on the Switch that will have a multicast router attached to them.
802.1w Rapid Spanning Tree The Switch implements three versions of the Spanning Tree Protocol, the Multiple Spanning Tree Protocol (MSTP) as defined by the IEEE 802.1s, the Rapid Spanning Tree Protocol (RSTP) as defined by the IEEE 802.1w specification and a version compatible with the IEEE 802.1d STP. RSTP can operate with legacy equipment implementing IEEE 802.1d, however the advantages of using RSTP will be lost. The IEEE 802.1w Rapid Spanning Tree Protocol (RSTP) evolved from the 802.1d STP standard.
Figure 6- 21. STP Bridge Global Settings – STP compatible Figure 6- 22. STP Bridge Global Settings – RSTP (default) Figure 6- 23.
Parameter Description STP Status Use the pull-down menu to enable or disable STP globally on the Switch.The default is Disabled. STP Version Use the pull-down menu to choose the desired version of STP to be implemented on the Switch.There are three choices: STP – Select this parameter to set the Spanning Tree Protocol (STP) globally on the switch. RSTP – Select this parameter to set the Rapid Spanning Tree Protocol (RSTP) globally on the Switch.
The window above contains the following information: Parameter Description Configuration Name A previously configured name set on the Switch to uniquely identify the MSTI (Multiple Spanning Tree Instance). If a configuration name is not set, this field will show the MAC address to the device running MSTP. Revision Level MSTI ID VID List This value, along with the Configuration Name will identify the MSTP region configured on the Switch. This field shows the MSTI IDs currently set on the Switch.
The user may configure the following parameters to configure the CIST on the Switch. Parameter Description MSTI ID The MSTI ID of the CIST is 0 and cannot be altered. VID List (1-4094) This field is used to specify the VID range from configured VLANs set on the Switch. Supported VIDs on the Switch range from ID number 1 to 4094. Type The type of configuration about to be processed.This window is used to add or delete VIDs to the configured MSTI or internal CIST.
MSTI Port Information This window displays the current MSTI configuration settings and can be used to update the port configuration for an MSTI ID. If a loop occurs, the MSTP function will use the port priority to select an interface to put into the forwarding state. Set a higher priority value for interfaces to be selected for forwarding first.
STP Instance Settings The following window displays MSTIs currently set on the Switch.To view the following table, click Configuration > Spanning Tree > STP Instance Settings: Figure 6- 30. STP Instance Settings The following information is displayed: Parameter Description Instance Type Displays the instance type(s) currently configured on the Switch. Each instance type is classified by a MSTI ID. CIST refers to the default MSTI configuration set on the Switch.
Figure 6- 32. STP Instance Operational Status – Previously Configured MSTI The following parameters may be viewed in the STP Instance Operational Status windows: Parameter Description Designated Root Bridge This field will show the priority and MAC address of the Root Bridge. External Root Cost This defines a metric that indicates the relative cost of forwarding packets to the specified port list. Port cost can be set automatically or as a metric value.The default value is 0 (auto).
STP Port Settings STP can be set up on a port per port basis.To view the following window click Configuration > Spanning Tree > STP Port Settings: Figure 6- 33. STP Port Settings and MSTP Port Information Table In addition to setting Spanning Tree parameters for use on the switch level, the Switch allows for the configuration of groups of ports, each port-group of which will have its own spanning tree, and will require some of its own configuration settings.
0 (auto) – Setting 0 for the external cost will automatically set the speed for forwarding packets to the specified port(s) in the list for optimal efficiency. Default port cost: 100Mbps port = 200000. Gigabit port = 20000. value 1-200000000 – Define a value between 1 and 200000000 to determine the external cost.The lower the number, the greater the probability the port will be chosen to forward packets.
Static Multicast Forwarding The following figure and table describe how to set up Multicast Forwarding on the Switch. Open the Forwarding Filtering folder and click on the Multicast Forwarding link to see the entry screen below: Figure 6- 35. Static Multicast Forwarding Settings and Current Multicast Forwarding Entries The Static Multicast Forwarding Settings page displays all of the entries made into the Switch's static multicast forwarding table.
6-14 VLANs Understanding IEEE 802.1p Priority Priority tagging is a function defined by the IEEE 802.1p standard designed to provide a means of managing traffic on a network where many different types of data may be transmitted simultaneously. It is intended to alleviate problems associated with the delivery of time critical data over congested networks.
The main characteristics of IEEE 802.1Q are as follows: • Assigns packets to VLANs by filtering. • Uses an explicit tagging scheme with one-level tagging. • • • Assumes the presence of a single global spanning tree. 802.1Q VLAN Packet Forwarding Packet forwarding decisions are made based upon the following three types of rules: • Ingress rules – rules relevant to the classification of received frames belonging to a VLAN. • Egress rules – determines if the packet must be sent tagged or untagged.
IEEE 802.1Q Tag Octets 0 1 2 4 3 Destination Address (6 Octets) Source Address (6 Octets) Ether Type = 0x8100 Tag Control Information MAC Length/Type Beginning of Data Cyclic Redundancy Check (4 Octets) User Priority 3 bits VLAN ID (VID) CFI 1 bit 12 bits Figure 6- 38. IEEE 802.1Q Tag The EtherType and VLAN ID are inserted after the MAC source address, but before the original EtherType/Length or Logical Link Control.
Port VLAN ID Packets that are tagged (are carrying the 802.1Q VID information) can be transmitted from one 802.1Q compliant network device to another with the VLAN information intact.This allows 802.1Q VLANs to span network devices (and indeed, the entire network, if all network devices are 802.1Q compliant). Unfortunately, not all network devices are 802.1Q compliant.These devices are referred to as tag-unaware. 802.1Q devices are referred to as tag-aware. Prior to the adoption of 802.
An example is presented below: VLAN Name VID Switch Ports System (default) 1 5, 6, 7, 8, 21, 22, 23, 24 Marketing 3 13, 14, 15, 16 Sales 5 1, 2, 3, 4 Engineering Finance 2 9, 10, 11, 12 4 17, 18, 19, 20 Table 6- 3.VLAN Example – Assigned Ports Port-based VLANs Port-based VLANs limit traffic that flows into and out of switch ports.
Protocol Type Header in Hexadecimal Form IP over Ethernet 0x0800 IPX 802.3 IPX 802.2 0xFFFF 0xE0E0 IPX SNAP 0x8137 DecLAT 0x6000 IPX over Ethernet2 DecOther SNA 802.2 0x8137 0x6009 0x0404 NetBios 0xF0F0 VINES 0x0BAD XNS IPv6 AppleTalk RARP 0x0600 0x86DD 0x809B 0x8035 Table 6- 4. Protocol VLAN and the corresponding type header In configuring the user-defined protocol, the administrator must make sure that the pre-defined user type header does not match any other type header.
The 802.1Q Static VLANs menu lists all previously configured VLANs by VLAN ID and VLAN Name.To delete an existing 802.1Q VLAN, click the corresponding button under the Delete heading. To create a new 802.1Q VLAN, click the Add button in the 802.1Q Static VLANs menu. A new menu will appear, as shown below, to configure the port settings and to assign a unique name and number to the new VLAN. See the table below for a description of the parameters in the new menu. Figure 6- 41. 802.
Parameter Description Unit Choose the Switch ID number of the Switch in the switch stack to be modified. VLAN Name Allows the entry of a name for the new VLAN in the Add dialog box, or for editing the VLAN name in the Modify dialog box. VID (VLAN ID) Advertisement Type Protocol ID Allows the entry of a VLAN ID in the Add dialog box, or displays the VLAN ID of an existing VLAN in the Modify dialog box.VLANs can be identified by either the VID or the VLAN name.
User Defined Pid – Specifies that the VLAN will only accept packets with this hexadecimal 802.1Q Ethernet type value in the packet header.The user may define an entry, in the hexadecimal form (ffff) to define the packet identification. (The user only need enter the final four integers of the hexadecimal format to define the packet ID –{hex 0x0 0xffff}) This field is only operable if userDefined is selected in the Protocol ID field.
The following fields can be set: Parameter Description Unit Choose the Switch ID number of the Switch in the switch stack to be modified. GVRP The Group VLAN Registration Protocol (GVRP) enables the port to dynamically become a member of a VLAN. GVRP is Disabled by default. From/To Ingress Check Acceptable Frame Type PVID These two fields allow you to specify the range of ports that will be included in the Port-based VLAN that you are creating using the 802.1Q Static VLANs page.
To configure Traffic Control, first select the Switch’s Unit ID number from the pull down menu and then a group of ports by using the Group pull down menu. Finally, enable or disable the Broadcast Storm, Multicast Storm and Destination Unknown using their corresponding pull-down menus. The purpose of this window is to limit too many broadcast, multicast or unknown unicast packets folding the network.
6-17 Port Lock Entries The Port Lock Entry Delete window is used to remove an entry from the port security entries learned by the Switch and entered into the forwarding database.To view the following window, click Configuration > Port Lock Entries: Figure 6- 46. Port Lock Entries Table This function is only operable if the Mode in the Port Security window is selected as Permanent or DeleteOnReset, or in other words, only addresses that are permanently learned by the Switch can be deleted.
6-18 QoS The AT-9724TS supports 802.1p priority queuing Quality of Service.The following section discusses the implementation of QoS (Quality of Service) and benefits of using 802.1p priority queuing. The Advantages of QoS QoS is an implementation of the IEEE 802.
A~H with their respective weight value: 8~1, the packets are sent in the following sequence:A1, B1, C1, D1, E1, F1, G1, H1,A2, B2, C2, D2, E2, F2, G2,A3, B3, C3, D3, E3, F3,A4, B4, C4, D4, E4,A5, B5, C5, D5,A6, B6, C6,A7, B7,A8,A1, B1, C1, D1, E1, F1, G1, H1. For weighted round-robin queuing, if each CoS queue has the same weight value, then each CoS queue has an equal opportunity to send packets just like roundrobin queuing.
Click Apply to set the bandwidth control for the selected ports. Results of configured Bandwidth Settings will be displayed in the Port Bandwidth Table. QoS Scheduling Mechanism This drop-down menu allows you to select between a Weight Fair and a Strict mechanism for emptying the classes of service. In the Configuration folder open the QoS folder and click QoS Scheduling Mechanism, to view the screen shown below. Figure 6- 49.
You may assign the following values to the QoS classes to set the scheduling. Parameter Description Max. Packets Specifies the maximum number of packets the above specified hardware priority queue will be allowed to transmit before allowing the next lowest priority queue to transmit its packets.A value between 0 and 15 can be specified. Click Apply to implement changes made.
802.1p Default Priority The Switch allows the assignment of a default 802.1p priority to each port on the Switch. In the Configuration folder open the QoS folder and click 802.1p Default Priority, to view the screen shown below. Figure 6- 52. Port Default Priority Assignment and The Port Priority Table window This page allows you to assign a default 802.1p priority to any given port on the Switch.The priority queues are numbered from 0, the lowest priority, to 7, the highest priority.
Once you have assigned a priority to the port groups on the Switch, you can then assign this Class to each of the7 levels of 802.1p priorities. Click Apply to set your changes. Traffic Segmentation Traffic segmentation is used to limit traffic flow from a single port to a group of ports on either a single Switch (in standalone mode) or a group of ports on another switch in a switch stack.This method of segmenting the flow of traffic is similar to using VLANs to limit traffic, but is more restrictive.
Clicking the Apply button will enter the combination of transmitting port and allowed receiving ports into the Switch's Traffic Segmentation Table. 6-19 System Log Server The Switch can send Syslog messages to up to four designated servers using the System Log Server. In the Configuration folder, click System Log Server, to view the screen shown below. Figure 6- 56. System Log Servers window The parameters configured for adding and editing System Log Server settings are the same.
Parameter Description Index Syslog server settings index (1-4). Severity This drop-down menu allows you to select the level of messages that will be sent.The options are Warning, Informational, and All. Server IP Facility The IP address of the Syslog server. Some of the operating system daemons and processes have been assigned Facility values. Processes and daemons that have not been explicitly assigned a Facility may use any of the "local use" facilities or they may use the "user-level" Facility.
6-20 SNTP Settings Current Time Settings To configure the time settings for the Switch, open the Configuration folder, then the SNTP folder and click on the Current Time Setting link, revealing the following screen for the user to configure. Figure 6- 58.Time Settings Page The following parameters can be set or are displayed: Parameter Description Current Time: Status System Boot Time Displays the time when the Switch was initially started for this session.
Time Zone and DST The following are screens used to configure time zones and Daylight Savings time settings for SNTP. Open the Configuration folder, then the SNTP folder and click on the Time Zone and DST link, revealing the following screen. Figure 6- 59.Time Zone and DST Settings Page The following parameters can be set: Parameter Description Daylight Saving Time State Use this pull-down menu to Enable or Disable the DST Settings.
6-21 Access Profile Table Configuring the Access Profile Table Access profiles allow you to establish criteria to determine whether or not the Switch will forward packets based on the information contained in each packet's header.These criteria can be specified on a basis of VLAN, MAC address or IP address. Creating an access profile is divided into two basic parts.The first is to specify which part or parts of a frame the Switch will examine, such as the MAC source address or the IP destination address.
The following parameters can be set, for the Ethernet type: Parameter Description Profile ID (1-8) Type in a unique identifier number for this profile set.This value can be set from 1 - 8. Type Select profile based on Ethernet (MAC Address), IP address or packet content mask.This will change the menu according to the requirements for the type of profile. Select Ethernet to instruct the Switch to examine the layer 2 part of each packet header.
Source IP Mask Enter an IP address mask for the source IP address. DSCP Selecting this option instructs the Switch to examine the DiffServ Code part of each packet header and use this as the, or part of the criterion for forwarding. Destination IP Mask Protocol Enter an IP address mask for the destination IP address. Selecting this option instructs the Switch to examine the protocol type value in each frame's header.
This screen will aid the user in configuring the Switch to mask packet headers beginning with the offset value specified.The following fields are used to configure the Packet Content Mask: Parameter Description Profile ID (1-8) Type in a unique identifier number for this profile set.This value can be set from 1 - 8. Type Select profile based on Ethernet (MAC Address), IP address or packet content mask.This will change the menu according to the requirements for the type of profile.
Figure 6- 65.Access Rule Configuration window (IP) Configure the following Access Rule Configuration settings for IP: Parameter Description Profile ID This is the identifier number for this profile set. Mode Access ID Type Select Permit to specify that the packets that match the access profile are forwarded by the Switch, according to any additional rule added (see below). Select Deny to specify that packets that do not match the access profile are not forwarded by the Switch and will be filtered.
Figure 6- 66.Access Rule Display window (IP) To configure the Access Rule for Ethernet, open the Access Profile Table and click Modify for an Ethernet entry.This will open the following screen: Figure 6- 67.Access Rule Table To remove a previously created rule, select it and click the 8 button.To add a new Access Rule, click the Add button: Figure 6- 68.Access Rule Configuration window – Ethernet To set the Access Rule for Ethernet, adjust the following parameters and click Apply.
Parameter Description Profile ID This is the identifier number for this profile set. Mode Access ID Type Select Permit to specify that the packets that match the access profile are forwarded by the Switch, according to any additional rule added (see below). Select Deny to specify that packets that do not match the access profile are not forwarded by the Switch and will be filtered. Type in a unique identifier number for this access.This value can be set from 1 - 50.
Figure 6- 70.Access Rule Table (Packet Content Mask) To remove a previously created rule, select it and click the 8 button.To add a new Access Rule, click the Add button: Figure 6- 71.Access Rule Configuration – Packet Content Mask To set the Access Rule for the Packet Content Mask, adjust the following parameters and click Apply. Parameter Description Profile ID This is the identifier number for this profile set.
Priority This parameter is specified if you want to re-write the 802.1p default priority previously set in the Switch, which is used to determine the CoS queue to which packets are forwarded to. Once this field is specified, packets accepted by the Switch that match this priority are forwarded to the CoS queue specified previously by the user. Replace priority with – Click the corresponding box if you want to re-write the 802.
Port-Based Network Access Control AT-9724TS Switch Uncontrolled Port Controlled Port - port blocked 802.1X Client 802.1X Client 802.1X Client 802.1X Client RADIUS Server Figure 6- 73. Example of Typical Port-Based Configuration Once the connected device has successfully been authenticated, the Port then becomes Authorized, and all subsequent traffic on the Port is not subject to access control restriction until an event occurs that causes the Port to become Unauthorized.
Configure Authenticator To configure the 802.1X Authenticator Settings, click PAE Access Entity > Configure Authenticator: Figure 6- 75. 802.1X Authenticator Settings window To view the 802.1X Authenticator settings on a different switch in the switch stack, use the Unit pull-down menu to select that switch by its ID number in the switch stack.To configure the settings by port, click on the hyperlinked port number under the Port heading, which will display the following table to configure: Figure 6- 76.
This screen allows you to set the following features: Parameter Description Unit Choose the Switch ID number of the Switch in the switch stack to be modified. AdmCtrlDir Sets the administrative-controlled direction to either in or both. From [ ] To [ ] PortControl Enter the port or ports to be set. If in is selected, control is only exerted over incoming traffic through the port you selected in the first field.
PAE System Control Existing 802.1x port settings are displayed and can be configured using the windows below. Port Capability Settings Click Port Access Entity > PAE System Control > 802.1X Capability Settings to view the following window: Figure 6- 78. 802.1x Capability Settings and Table window To set up the Switch's 802.1x port-based authentication, select the switch in the switch stack by using the Unit pull-down menu and then select which ports are to be configured in the From and To fields.
Initializing Ports for Port Based 802.1x Existing 802.1x port settings are displayed and can be configured using the window below. Note: Ensure Port Based 802.1x is enabled under Configuration > Advanced Settings. Click Port Access Entity > PAE System Control > Initialize Port(s) to open the following window: Figure 6- 79. Initialize Port window (Port-based) This window allows you to initialize a port or group of ports.
Initializing Ports for MAC Based 802.1x To initialize ports for the MAC side of 802.1x, the user must first enable 802.1x by MAC address in the Advanced Settings window. Click Port Access Entity > PAE System Control > Initialize Port(s) to open the following window: Figure 6- 80. Initialize Ports window (MAC based 802.1x) To initialize ports, first choose the switch in the switch stack by using the Unit pull-down menu, then the range of ports in the From and To field.
This window displays the following information: Parameter Description Unit Choose the Switch ID number of the Switch in the switch stack to be modified. Auth State The Authenticator State will display one of the following: Initialize, Disconnected, Connecting, Authenticating, Authenticated, Aborting, Held, ForceAuth, ForceUnauth, and N/A. Port BackendState OpenDir PortStatus The port number of the reauthenticated port.
RADIUS Server The RADIUS feature of the Switch allows you to facilitate centralized user administration as well as providing protection against a sniffing, active hacker.The Web Manager offers three windows. Click Port Access Entity > RADIUS Server > Authentic Radius Server to open the RADIUS Server Authentication Setting window shown below: Figure 6- 83.
6-23 Layer 3 IP Networking Layer 3 Global Advanced Settings The L3 Global Advanced Settings window allows the user to enable and disable Layer 3 settings and functions from a single window.The full settings and descriptions for these functions will appear later in this section.To view this window, open the Configuration folder and then the Layer 3 IP Networking folder and click on the L3 Global Advanced Settings link to access the following window. Figure 6- 84.
VLAN Name VID Network Number IP Address System (default) 1 10.32.0.0 10.32.0.1 3 10.96.0.0 10.96.0.1 5 10.160.0.0 10.160.0.1 Engineer Marketing Finance Sales Backbone 2 10.64.0.0 4 10.128.0.0 6 10.192.0.0 10.64.0.1 10.128.0.1 10.192.0.1 Table 6- 6.VLAN Example – Assigned IP Interfaces The 6 IP interfaces, each with an IP address (listed in the table above), and a subnet mask of 255.224.0.0 can be entered into the Setup IP Interface window.
Figure 6- 87. IP Interface Configuration – Edit window Choose a name for the interface to be added and enter it in the Interface Name field (if you are editing an IP Interface, the Interface Name will already be in the top field as seen in the window above). Enter the interface’s IP address and subnet mask in the corresponding fields. Pull the State pull-down menu to Enabled and click Apply to enter to make the IP interface effective.
The following fields can be set: Parameter Description Key ID A number from 1 to 255 used to identify the MD5 Key. Key A alphanumeric string of between 1 and 16 case-sensitive characters used to generate the Message Digest which is in turn, used to authenticate OSPF packets within the OSPF routing domain. Click Apply to enter the new Key ID settings.To delete a Key ID entry, click the corresponding 8 under the Delete heading.
The following parameters may be set or viewed: Parameter Description Dest Protocol Allows for the selection of the protocol for the destination device. Choose between RIP and OSPF. Type Allows for the selection of one of six methods of calculating the metric value.The user may choose between All, Internal, External, ExtType1, ExtType2, Inter-E1, Inter-E2. See the table above for available metric value types for each source protocol.
Figure 6- 91. Static/Default Route Settings – Add window The following fields can be set: Parameter Description IP Address Allows the entry of an IP address that will be a static entry into the Switch’s Routing Table. Gateway IP Allows the entry of an IP address of a gateway for the IP address above. Subnet Mask Metric (1-65535) Backup State Allows the entry of a subnet mask corresponding to the IP address above.
3. After changing the route preference value for a specific routing protocol, that protocol needs to be restarted because the previously learned routes have been dropped from the Switch.The Switch must learn the routes again before the new settings can take effect. To view the Route Preference Settings window, click Configuration > Layer 3 IP Networking > Route Preference Settings: Figure 6- 92.
Static ARP Table The Address Resolution Protocol (ARP) is a TCP/IP protocol that converts IP addresses into physical addresses.This table allows network managers to view, define, modify and delete ARP information for specific devices. Static entries can be defined in the ARP Table.When static entries are defined, a permanent entry is entered and is used to translate IP address to MAC addresses.
To maximize stability, the hop count RIP uses to measure distance must have a low maximum value. Infinity (that is, the network is unreachable) is defined as 16 hops. In other words, if a network is more than 16 routers from the source, the local router will consider the network unreachable. RIP can also be slow to converge (to remove inconsistent, unreachable or looped routes from the routing table) because RIP messages propagate relatively slowly through a network.
To setup RIP for the IP interfaces configured on the Switch, the user must enable RIP and then configure RIP settings for the individual IP interfaces.To globally enable RIP on the Switch, open the Configuration folder to Layer 3 Networking and then open the RIP folder and click on the RIP Configuration link to access the following screen: Figure 6- 95. RIP Global Setting window To enable RIP, simply use the pull down menu, select Enabled and click Apply.
Parameter Description Interface Name The name of the IP interface on which RIP is to be setup.This interface must be previously configured on the Switch. IP Address TX Mode RX Mode Authentication Password State Interface Metric The IP address corresponding to the Interface Name showing in the field above. Toggle among Disabled, v1 Only, v1 Compatible, and v2 Only.This entry specifies which version of the RIP protocol will be used to transmit RIP packets.
Shortest Path Tree To build Router A’s shortest path tree for the network diagrammed below, Router A is put at the root of the tree and the smallest cost link to each destination network is calculated. Router A 1 2 3 5 7 9 11 13 15 17 19 21 23 25 27 29 31 33 35 4 6 8 10 12 14 16 18 20 22 24 26 28 30 32 34 36 10 128.213.0.
Router A 0 10 128.213.0.0 10 Router B Router C 5 10 192.213.11.0 222.211.10.0 Figure 6- 99. Constructing a Shortest Path Tree – Completed Note that this shortest path tree is only from the viewpoint of Router A.The cost of the link from Router B to Router A, for instance is not important to constructing Router A’s shortest path tree, but is very important when Router B is constructing its shortest path tree.
OSPF Authentication OSPF packets can be authenticated as coming from trusted routers by the use of predefined passwords.The default for routers is to use not authentication. There are two other authentication methods – simple password authentication (key) and Message Digest authentication (MD-5). Message Digest Authentication (MD-5) MD-5 authentication is a cryptographic method.A key and a key-ID are configured on each router.
Adjacencies Adjacent routers go beyond the simple Hello exchange and participate in the link-state database exchange process. OSPF elects one router as the Designated Router (DR) and a second router as the Backup Designated Router (BDR) on each multi-access segment (the BDR is a backup in case of a DR failure).All other routers on the segment will then contact the DR for link-state database updates and exchanges.This limits the bandwidth required for link-state database updates.
OSPF Packet Header Octets 0 1 2 Version No. 3 4 Packet Length Type Router ID Area ID Checksum Authentication Type Authentication Authentication Figure 6- 100. OSPF Packet Header Format Field Description Version No. The OSPF version number. Packet Length The length of the packet in bytes.This length includes the 24-byte header. Type Router ID Area ID Checksum Authentication Type Authentication The OSPF packet type.
OSPF Hello Packet Octets 0 1 Version No. 2 4 3 Packet Length 1 Router ID Area ID Authentication Type Checksum Authentication Authentication Network Mask Hello Interval Options Router Priority Router Dead Interval Designated Router Backup Designated Router Neighbour Figure 6- 101. Hello Packet Field Description Network Mask The network mask associated with this interface. Hello Interval The number of seconds between this router’s Hello packets.
OSPF Database Description Packet Octets 0 1 Version No. 2 3 4 Packet Length 2 Router ID Area ID Checksum Authentication Type Authentication Authentication Reserved I M MS Reserved Options DD Sequence No. Link-State Advertisement Header Figure 6- 102. Database Description Packet Field Description Options The optional capabilities supported by the router. M – bit The More bit.When set to 1, this indicates that more Database Description packets will follow.
OSPF Link-State Request Packet Octets 0 1 Version No. 2 3 4 Packet Length 3 Router ID Area ID Checksum Authentication Type Authentication Authentication Link-State Type Link-State ID Advertising Router Figure 6- 103. Link-State Request Packet Each advertisement requested is specified by its Link-State Type, Link-State ID, and Advertising Router.This uniquely identifies the advertisement, but not its instance. Link-State Request packets are understood to be requests for the most recent instance.
Link-State Acknowledgment Packet Link-State Acknowledgment packets are OSPF packet type 5.To make the folding of link-state advertisements reliable, flooded advertisements are explicitly acknowledged.This acknowledgment is accomplished through the sending and receiving of Link-State Acknowledgment packets. Multiple link-state advertisements can be acknowledged in a single Link-State Acknowledgment packet.
Link State Advertisement Header All link state advertisements begin with a common 20-byte header.This header contains enough information to uniquely identify the advertisements (Link State Type, Link State ID, and Advertising Router). Multiple instances of the link state advertisement may exist in the routing domain at the same time. It is then necessary to determine which instance is more recent.
Router Links Advertisements Octets 0 1 2 Link-State Age 4 3 Options Link-State Type Link-State ID Advertising Router Link-State Sequence Number Link-State Checksum Reserved V E B Length Reserved Number of Links Link-ID Link Data Type No. of TOS TOS 0 Metric TOS 0 Metric ... TOS 0 Metric ... Link-ID Link Data Figure 6- 107. Routers Links Advertisements In router links advertisements, the Link State ID field is set to the router’s OSPF Router ID.
For each link, separate metrics may be specified for each Type of Service (TOS).The metric for TOS 0 must always be included, and was discussed above. Metrics for non-zero TOS are described below. Note that the cost for non-zero TOS values that are not specified defaults to the TOS 0 cost. Metrics must be listed in order of increasing TOS encoding. For example, the metric for TOS 16 must always follow the metric for TOS 8 when both are specified.
Summary Link Advertisements Octets 0 1 2 4 3 Link-State Age Options 2 Link-State ID Advertising Router Link-State Sequence Number Link-State Checksum Length Network Mask TOS Metric Figure 6- 109. Summary Link Advertisements For stub area,Type 3 summary link advertisements can also be used to describe a default route on a per-area basis. Default summary routes are used in stub area instead of flooding a complete set of external routes.
Field Description Network Mask The IP address mask for the advertised destination. Forwarding Address Data traffic for the advertised destination will be forwarded to this address. If the Forwarding Address is set to 0.0.0.0, data traffic will be forwarded instead to the advertisement’s originator. E – bit TOS Metric External Route Tag The type of external metric. If the E - bit is set, the metric specified is a Type 2 external metric.
To add an OSPF Area to the table, type a unique Area ID (see below) select the Type from the drop-down menu. For a Stub type, choose Enabled or Disabled from the Stub Import Summary LSA drop-down menu and determine the Stub Default Cost. Click the Add/Modify button to add the Area ID set to the table. To remove an Area ID configuration set, simply click 8 in the Delete column for the configuration.
Figure 6- 115. OSPF Interface Settings – Edit window Configure each IP interface individually using the OSPF Interface Settings – Edit menu. Click the Apply button when you have entered the settings.The new configuration appears listed in the OSPF Interface Settings table.To return to the OSPF Interface Settings table, click the Show All OSPF Interface Entries link. OSPF interface settings are described below. Some OSPF interface settings require previously configured OSPF settings.
OSPF Virtual Interface Settings Click the OSPF Virtual Interface Settings link to view the current OSPF Virtual Interface Settings.There are not virtual interface settings configured by default, so the first time this table is viewed there will be not interfaces listed.To add a new OSPF virtual interface configuration set to the table, click the Add button.A new menu appears (see below).To change an existing configuration, click on the hyperlinked Transit Area ID for the set you want to change.
OSPF Area Aggregation Settings Area Aggregation allows all of the routing information that may be contained within an area to be aggregated into a summary LSDB advertisement of just the network address and subnet mask.This allows for a reduction in the volume of LSDB advertisement traffic as well as a reduction in the memory overhead in the Switch used to maintain routing tables. Click the OSPF Area Aggregation Settings link to view the current settings.
To configure OSPF host routes, click the OSPF Host Route Settings link.To add a new OSPF Route, click the Add button. Configure the setting in the menu that appears.The Add and Modify menus for OSPF host route setting are nearly identical.The difference being that if you are changing an existing configuration you will be unable to change the Host Address.
Figure 6- 122. DHCP/BootP Global Settings window The following fields can be set: Parameter Description BOOTP Relay Status This field can be toggled between Enabled and Disabled using the pull-down menu. It is used to enable or disable the BOOTP/DHCP Relay service on the Switch.The default is Disabled. BOOTP HOPS Count Limit (1-16) This field allows an entry between 1 and 16 to define the maximum number of router hops BOOTP messages can be forwarded across.The default hop count is 4.
Mapping Domain Names to Addresses Name-to-address translation is performed by a program called a Name server.The client program is called a Name resolver.A Name resolver may need to contact several Name servers to translate a name to an address. The Domain Name System (DNS) servers are organized in a somewhat hierarchical fashion.A single server often holds names for a single network, which is connected to a root DNS server – usually maintained by an ISP.
Figure 6- 125. DNS Relay Static Settings and Table window To add an entry into the DNS Relay Static Table, simply enter a Domain Name with its corresponding IP address and click Add.A successful entry will be presented in the table below, as shown in the example above.To erase an entry from the table, click the corresponding 8 of the entry you wish to delete.
VRRP Interface Settings The following window will allow the user to view the parameters for the VRRP function on the Switch.To view this window, click Configuration > Layer 3 IP Networking > VRRP > VRRP Configuration: Figure 6- 127.VRRP Configuration window The following fields are displayed in the window above: Parameter Description Interface Name An IP interface name that has been enabled for VRRP.This entry must have been previously set in the IP Interfaces table.
Parameter Description Interface Name Enter the name of a previously configured IP interface to create a VRRP entry for.This IP interface must be assigned to a VLAN on the Switch. VRID (1-255) IP Address Admin. State Priority (1-254) Enter a value between 1 and 255 to uniquely identify this VRRP group on the Switch.All routers participating in this group must be assigned the same VRID value.This value MUST be different from other VRRP groups set on the Switch.
Figure 6- 129.VRRP Interface Entry Display window This window displays the following information: Parameter Description Interface Name An IP interface name that has been enabled for VRRP.This entry must have been previously set in the IP Interface Settings table. Authentication type Displays the type of authentication used to compare VRRP packets received by a virtual router.
IP Multicast Routing Protocol The functions supporting IP multicasting are added under the IP Multicast Routing Protocol folder, from the Layer 3 IP Networking folder. IGMP Snooping, DVMRP, and PIM-DM can be enabled or disabled on the Switch without changing the individual protocol’s configuration. IGMP Interface Configuration The Internet Group Multicasting Protocol (IGMP) can be configured on the Switch on a per-IP interface basis.
DVMRP Interface Configuration The Distance Vector Multicast Routing Protocol (DVMRP) is a hop-based method of building multicast delivery trees from multicast sources to all nodes of a network. Because the delivery trees are ‘pruned’ and ‘shortest path’, DVMRP is relatively efficient. Because multicast group membership information is forwarded by a distance-vector algorithm, propagation is slow.
The following fields can be set: Parameter Description Interface Name Displays the name of the IP interface for which DVMRP is to be configured.This must be a previously defined IP interface. IP Address Neighbor Timeout Interval (1-65535) Probe Interval (1-65535) Metric (1-31) State Displays the IP address corresponding to the IP Interface name entered above.
To view the PIM-DM Table, open the IP Multicasting folder under Configuration and click PIM-DM Interface Configuration.This window allows the PIM-DM to be configured for each IP interface defined on the Switch. Each IP interface configured on the Switch is displayed in the below PIM-DM Interface Table dialog box.To configure PIM-DM for a particular interface, click the corresponding hyperlink for that IP interface.This will open the PIMDM Interface Configuration window: Figure 6- 136.
Chapter 7 - Security Management 7-1 Security IP 7-2 User Accounts 7-3 Access Authentication Control (TACACS) 7-4 Secure Sockets Layer (SSL) 7-5 Secure Shell (SSH) The following section will aid the user in configuring security functions for the Switch.The Switch includes various functions for security, including TACACS, Security IPs, SSL, and SSH, all discussed in detail in the following section.
Figure 7- 3. User Accounts Modify Table – Add Add a new user by typing in a User Name, and New Password and retype the same password in the Confirm New Password. Choose the level of privilege (Admin or User) from the Access Right drop-down menu. Figure 7- 4. User Account Modify Table – Modify Modify or delete an existing user account in the User Account Modify Table.To delete the user account, click on the Delete button.
7-3 Access Authentication Control The TACACS / XTACACS / TACACS+ / RADIUS commands let you secure access to the Switch using the TACACS / XTACACS / TACACS+ / RADIUS protocols.When a user logs in to the Switch or tries to access the administrator level privilege, he or she is prompted for a password. If TACACS / XTACACS / TACACS+ / RADIUS authentication is enabled on the Switch, it will contact a TACACS / XTACACS / TACACS+ / RADIUS server to verify the user.
The following parameters can be set: Parameter Description Authentication Policy Use the pull down menu to enable or disable the Authentication Policy on the Switch. User Attempts (1-255) This command will configure the maximum number of times the Switch will accept authentication attempts. Users failing to be authenticated after the set amount of attempts will be denied access to the Switch and will be locked out of further authentication attempts.
Figure 7- 7.Authentication Server Group Settings window This screen displays the Authentication Server Groups on the Switch.The Switch has four built-in Authentication Server Groups that cannot be removed but can be modified.To modify a particular group, click its hyperlinked Group Name, which will then display the following window. Figure 7- 8.Add a Server Host to Server Group (XTACACS) window.
Authentication Server Hosts This window will set user-defined Authentication Server Hosts for the TACACS / XTACACS / TACACS+ / RADIUS security protocols on the Switch.When a user attempts to access the Switch with Authentication Policy enabled, the Switch will send authentication packets to a remote TACACS / XTACACS / TACACS+ / RADIUS server host on a remote host.The TACACS / XTACACS / TACACS+ / RADIUS server host will then verify or deny the request and return the appropriate message to the Switch.
Note: More than one authentication protocol can be run on the same physical server host but, remember that TACACS/XTACACS/TACACS+ are separate entities and are not compatible with each other. Login Method Lists This command will configure a user-defined or default Login Method List of authentication techniques for users logging on to the Switch.The sequence of techniques implemented in this command will affect the authentication result.
To define a Login Method List, set the following parameters and click Apply: Parameter Description Method List Name Enter a method list name defined by the user of up to 15 characters. Method 1, 2, 3, 4 The user may add one, or a combination of up to four (4) of the following authentication methods to this method list: tacacs – Adding this parameter will require the user to be authenticated using the TACACS protocol from a remote TACACS server.
Figure 7- 16. Enable Method List – Edit window Figure 7- 17. Enable Method List – Add window To define an Enable Login Method List, set the following parameters and click Apply: Parameter Description Method List Name Enter a method list name defined by the user of up to 15 characters.
Figure 7- 18. Configure Local Enable Password window To set the Local Enable Password, set the following parameters and click Apply. Parameter Description Old Local Enable Password If a password was previously configured for this entry, enter it here in order to change it to a new password. New Local Enable Password Enter the new password that you wish to set on the Switch to authenticate users attempting to access Administrator Level privileges on the Switch.
7-4 Secure Socket Layer (SSL) Secure Sockets Layer or SSL is a security feature that will provide a secure communication path between a host and client through the use of authentication, digital signatures and encryption.These security functions are implemented through the use of a ciphersuite, which is a security string that determines the exact cryptographic parameters, specific encryption algorithms and key sizes to be used for an authentication session and consists of three levels: 1. 2.
Configuration This screen will allow the user to enable SSL on the Switch and implement any one or combination of listed ciphersuites on the Switch.A ciphersuite is a security string that determines the exact cryptographic parameters, specific encryption algorithms and key sizes to be used for an authentication session.The Switch possesses four possible ciphersuites for the SSL function, which are all enabled by default.
7-5 Secure Shell (SSH) SSH is an abbreviation of Secure Shell, which is a program allowing secure remote login and secure network services over an insecure network. It allows a secure login to remote host computers, a safe method of executing commands on a remote end node, and will provide secure encrypted and authenticated communication between two non-trusted hosts. SSH, with its array of unmatched security features is an essential tool in today’s networking environment.
Figure 7- 24. SSH Algorithms window The following algorithms may be set: Parameter Description Authentication Mode Configuration Password Public Key Host-based Encryption Algorithm 3DES-CBC Blow-fish CBC AES128-CBC AES192-CBC AES256-CBC ARC4 Cast128-CBC Twofish128 Twofish192 Twofish256 This field may be enabled or disabled to choose if the administrator wishes to use a locally configured password for authentication on the Switch.This field is Enabled by default.
Data Integrity Algorithm HMAC-SHA1 HMAC-MD5 Public Key Algorithm HMAC-RSA HMAC-DSA Use the pull-down to enable or disable the HMAC (Hash for Message Authentication Code) mechanism utilizing the Secure Hash algorithm.The default is Enabled. Use the pull-down to enable or disable the HMAC (Hash for Message Authentication Code) mechanism utilizing the MD5 Message Digest encryption algorithm.The default is Enabled.
Parameter Description User Name Enter a User Name of no more than 15 characters to identify the SSH user.This User Name must be a previously configured user account on the Switch. Auth. Mode The administrator may choose one of the following to set the authorization for users attempting to access the Switch. Host Based – This parameter should be chosen if the administrator wishes to use a remote SSH server for authentication purposes.
Chapter 8 - SNMP Manager SNMP Settings Simple Network Management Protocol (SNMP) is an OSI Layer 7 (Application Layer) designed specifically for managing and monitoring network devices. SNMP enables network management stations to read and modify the settings of gateways, routers, switches, and other network devices. Use SNMP to configure system features for proper operation, monitor performance and detect potential problems in the Switch, switch group or network.
To display the detailed entry for a given user, click on the hyperlinked User Name.This will open the SNMP User Table Display page, as shown below. Figure 8- 2. SNMP User Table Display window The following parameters are displayed: Parameter Description User Name An alphanumeric string of up to 32 characters.This is used to identify the SNMP users. SNMP Version V1 – Indicates that SNMP version 1 is in use.
Parameter Description User Name Enter an alphanumeric string of up to 32 characters.This is used to identify the SNMP user. SNMP Version V1 – Specifies that SNMP version 1 will be used. Group Name Auth-Protocol Priv-Protocol Encrypted This name is used to specify the SNMP group created can request SNMP messages. V2 – Specifies that SNMP version 2 will be used. V3 – Specifies that SNMP version 3 will be used. MD5 – Specifies that the HMAC-MD5-96 authentication level will be used.
Figure 8- 5. SNMP View Table Configuration window The SNMP Group created with this table maps SNMP users (identified in the SNMP User Table) to the views created in the previous menu. The following parameters can be set: Parameter Description View Name Type an alphanumeric string of up to 32 characters.This is used to identify the new SNMP view being created. View Type Select Included to include this object in the list of objects that an SNMP manager can access.
Figure 8- 7. SNMP Group Table Configuration window The following parameters can be set: Parameter Description Group Name Type an alphanumeric string of up to 32 characters.This is used to identify the new SNMP group of SNMP users. Read View Name Write View Name Notify View Name Security Model Security Level This name is used to specify the SNMP group created can request SNMP messages. Specify a SNMP group name for users that are allowed SNMP write privileges to the Switch's SNMP agent.
Figure 8- 8. SNMP Community Table Configuration and Table window The following parameters can be set: Parameter Description Community Name Type an alphanumeric string of up to 33 characters that is used to identify members of an SNMP community. This string is used like a password to give remote SNMP managers access to MIB objects in the Switch's SNMP agent.
Figure 8-10. SNMP Host Table Configuration window The following parameters can be set: Parameter Description Host IP Address Type the IP address of the remote management station that will serve as the SNMP host for the Switch. SNMP Version V1 – To specifies that SNMP version 1 will be used. V2 – To specify that SNMP version 2 will be used. V3-NoAuth-NoPriv – To specify that the SNMP version 3 will be used, with a NoAuth-NoPriv security level.
Chapter 9 - Monitoring 9-1 Port Utilization The Port Utilization page displays the percentage of the total available bandwidth being used on the port. To view the port utilization, open the Monitoring folder and then the Port Utilization link: Figure 9- 1. Port Utilization window To select a port to view these statistics for, first select the Switch in the switch stack by using the Unit pull-down menu and then select the port by using the Port pull down menu.
Figure 9- 2. CPU Utilization graph Click Apply to implement the configured settings.The window will automatically refresh with new updated statistics. The information is described as follows: Parameter Description Time Interval Select the desired setting between 1s and 60s, where "s" stands for seconds.The default value is one second. Utilization Check whether or not to display Utilization. Record Number Select number of times the Switch will be polled between 20 and 200.The default value is 200.
Figure 9- 3. Rx Packets Analysis window (line graph for Bytes and Packets) To view the Received Packets Table, click the link View Table, which will show the following table: Figure 9- 4.
Parameter Description Time Interval Select the desired setting between 1s and 60s, where "s" stands for seconds.The default value is one second. Bytes Counts the number of bytes received on the port. Record Number Packets Unicast Multicast Broadcast Show/Hide Clear View Table View Line Select number of times the Switch will be polled between 20 and 200.The default value is 200. Counts the number of packets received on the port.
Figure 9- 6. Rx Packets Analysis window (table for Unicast, Multicast, and Broadcast Packets) The following fields may be set or viewed: Parameter Description Time Interval Select the desired setting between 1s and 60s, where "s" stands for seconds.The default value is one second. Unicast Counts the total number of good packets that were received by a unicast address.
Figure 9- 7.Tx Packets Analysis window (line graph for Bytes and Packets) To view the Transmitted (TX) Table, click the link View Table, which will show the following table: Figure 9- 8.
The following fields may be set or viewed: Parameter Description Time Interval Select the desired setting between 1s and 60s, where "s" stands for seconds.The default value is one second. Bytes Counts the number of bytes successfully sent from the port. Record Number Packets Unicast Multicast Broadcast Show/Hide Clear View Table View Line Chart Select number of times the Switch will be polled between 20 and 200.The default value is 200. Counts the number of packets successfully sent on the port.
Figure 9- 10. Rx Error Analysis window (table) The following fields can be set: Parameter Description Time Interval Select the desired setting between 1s and 60s, where "s" stands for seconds.The default value is one second. Crc Error Counts otherwise valid packets that did not end on a byte (octet) boundary. Record Number Under Size Over Size Fragment Jabber Drop Show/Hide Clear View Table View Line Select number of times the Switch will be polled between 20 and 200.The default value is 200.
Figure 9- 11.Tx Error Analysis window (line graph) To view the Transmitted Error Packets Table, click the link View Table, which will show the following table: Figure 9- 12.
Parameter Description Time Interval Select the desired setting between 1s and 60s, where "s" stands for seconds.The default value is one second. ExDefer Counts the number of packets for which the first transmission attempt on a particular interface was delayed because the medium was busy. Record Number LateColl ExColl SingColl Coll Show/Hide Clear View Table View Line Select number of times the Switch will be polled between 20 and 200.The default value is 200.
Figure 9- 14. Rx Size Analysis window (table) The following fields can be set or viewed: Parameter Description Time Interval Select the desired setting between 1s and 60s, where "s" stands for seconds.The default value is one second. 64 The total number of packets (including bad packets) received that were 64 octets in length (excluding framing bits but including FCS octets).
Figure 9- 15. Stacking Information window The Stacking Information window holds the following information: Parameter Description Box ID Displays the Switch’s order in the stack. Type Displays the model name of the corresponding switch in a stack. User Set Exist Priority Prom Version Runtime Version H/W Version Topology My Box ID Current State Box Count Box ID can be assigned automatically (Auto), or can be assigned statically. Default is Auto.
Figure 9- 16. Device Status window The following fields may be viewed in this window: Parameter Description ID The Box ID of the Switch in the switch stack. External Power A read only field denoting the current status of the external power supply.Active will suggest the mechanism is functioning correctly while Fail will show the mechanism is not functioning correctly. Internal Power Side Fan Back Fan A read only field denoting the current status of the internal power supply.
The following fields can be viewed or set: Parameter Description VLAN Name Enter a VLAN Name for the forwarding table to be browsed by. Unit – Port Select the switch Unit ID of the switch in the Switch stack and then the port by using the corresponding pulldown menus. MAC Address Find VID MAC Address Unit Port Type Next Clear Dynamic Entry View All Entry Clear All Entry Enter a MAC address for the forwarding table to be browsed by.
Parameter Description Sequence A counter incremented whenever an entry to the Switch's history log is made.The table displays the last entry (highest sequence number) first. Time Log Text Displays the time in days, hours, and minutes since the Switch was last restarted. Displays text describing the event that triggered the history log entry. 9-8 IGMP Snooping Group This window allows the Switch’s IGMP Snooping Table to be viewed.
The user may search the IGMP Snooping Forwarding Table by VLAN Name using the top left hand corner Search. The following fields can be viewed: Parameter Description VLAN Name The VLAN Name of the multicast group. Multicast Group The IP address of the multicast group. Source IP Port Map The Source IP address of the multicast group. These are the ports where the IP multicast packets are being forwarded to.
Figure 9- 23.Authenticator State – MAC Based 802.1X This window displays the Authenticator State for individual ports on a selected device.To select unit within the switch stack, use the pull-down menu at the top of the window and click Apply.A polling interval between 1 and 60 seconds can be set using the drop-down menu at the top of the window and clicking OK.
Figure 9- 24.Authenticator Statistics window The user can specify a switch in a switch stack using that switch’s Unit ID by using the pull down menu in the top left hand corner.The user may also select the desired time interval to update the statistics, between 1s and 60s, where “s” stands for seconds.The default value is one second. The following fields can be viewed: Parameter Description Port The identification number assigned to the Port by the System in which the Port resides.
Authenticator Session Statistics This table contains the session statistics objects for the Authenticator PAE associated with each port.An entry appears in this table for each port that supports the Authenticator function.To view the Authenticator Session Statistics, click Monitoring > Port Access Control > Authenticator Session Statistics. Figure 9- 25.
Authenticator Diagnostics This table contains the diagnostic information regarding the operation of the Authenticator associated with each port.An entry appears in this table for each port that supports the Authenticator function.To view the Authenticator Diagnostics, click Monitoring > Port Access Control > Authenticator Diagnostics. Figure 9- 26.
Authed Start Authed LogOff Responses AccessChallenges OtherReqToSupp NonNakRespFromSup Bac Auth Success Bac Auth Fail Counts the number of times that the state machine transitions from AUTHENTICATED to CONNECTING, as a result of an EAPOL-Start message being received from the Supplicant. Counts the number of times that the state machine transitions from AUTHENTICATED to DISCONNECTED, as a result of an EAPOL-Logoff message being received from the Supplicant.
BadAuthenticators PendingRequests Timeouts UnknownTypes PacketsDropped The number of RADIUS Access-Response packets containing invalid authenticators or Signature attributes received from this server. The number of RADIUS Access-Request packets destined for this server that have not yet timed out or received a response.This variable is incremented when an Access-Request is sent and decremented due to receipt of an Access-Accept,Access-Reject or Access-Challenge, a timeout or retransmission.
Note: To configure 802.1x features for the AT-9724TS, go to the Configuration folder and select Port Access Entity. Configuration and other information concerning 802.1x may be found in Section 6 of this manual under Port Access Entity. 9-12 Layer 3 Feature This folder in the Monitoring section will display information concerning settings configured in Layer 3 IP Networking of the Configuration folder.
Browse Routing Table The Browse Routing Table window may be found in the Monitoring menu in the Layer 3 Feature folder.This screen shows the current IP routing table of the Switch.To find a specific IP route, enter an IP address into the Destination Address field along with a proper subnet mask into the Mask field and click Find. Figure 9- 30. Browse Routing Table window Browse ARP Table The Browse ARP Table window may be found in the Monitoring menu in the Layer 3 Feature folder.
Figure 9- 32. Browse IP Multicast Forwarding Table Browse IGMP Group Table The Browse IGMP Group Table window may be found in the Monitoring menu in the Layer 3 Feature folder.This window will show current IGMP group entries on the Switch.To search a specific IGMP group entry, enter an interface name into the Interface Name field or a Multicast Group IP address and click Find. OSPF Monitoring Figure 9- 33.
The following fields are displayed in the OSPF LSDB Table: Parameter Description Area ID Allows the entry of an OSPF Area ID.This Area ID will then be used to search the table, and display an entry – if there is one. LSDB Type Adv.
Figure 9- 36 .OSPF Virtual Neighbor Table DVMRP Monitoring This menu allows the DVMRP (Distance-Vector Multicast Routing Protocol) to be monitored for each IP interface defined on the Switch.This folder, found in the Monitoring folder, offers 3 screens for monitoring; Browse DVMRP Routing Table, Browse DVMRP Neighbor Address Table and Browse DVMRP Routing Next Hop Table. Information on DVMRP and its features in relation to the AT-9724TS can be found in Chapter 6, under IP Multicast Routing Protocol.
Browse DVMRP Routing Next Hop Table The DVMRP Routing Next Hop Table contains information regarding the next-hop for forwarding multicast packets on outgoing interfaces. Each entry in the DVMRP Routing Next Hop Table refers to the next-hop of a specific source to a specific multicast group address.This table is found in the Monitoring menu under DVMRP Monitoring, with the heading Browse DVMRP Routing Next Hop Table.
Chapter 10 - Switch Maintenance 10-1 TFTP Services 10-2 Multiple Image Services 10-3 CF Services 10-4 Ping Test 10-5 Save Changes 10-6 Reset 10-7 Reboot Services 10-8 Logout 10-1 TFTP Service Trivial File Transfer Protocol (TFTP) services allow the Switch’s firmware to be upgraded by transferring a new firmware file from a TFTP server to the Switch.
Enter the IP address of the TFTP server and specify the location of the switch configuration file on the TFTP server. Click Start to initiate the file transfer. Upload Configuration To upload the Switch’s settings to a TFTP server, click on the TFTP Service folder in the Maintenance folder and then click the Save Settings link: Figure 10- 3. Upload Configuration window Enter the IP address of the TFTP server and the path and filename for the configuration file on the TFTP server.
Figure 10- 5. Firmware Information window This window holds the following information: Parameter Description BOX States the stacking ID number of the switch in the switch stack. Version States the firmware version. ID Size Update Time From States the image ID number of the firmware in the Switch’s memory.The Switch can store 2 firmware images for use. Image ID 1 will be the default boot up firmware for the Switch unless otherwise configured by the user.
This window offers the following information: Parameter Description Image Select the firmware image to be configured using the pull-down menu.The Switch allows two firmware images to be stored in the Switch’s memory. Active This field has two options for configuration. Delete – Select this option to delete the firmware image specified in the Image field above. Boot – Select this option to set the firmware image specified above as the boot up firmware for the Switch.
10-5 Save Changes The AT-9724TS has two levels of memory; normal RAM and non-volatile or NV-RAM. Configuration changes are made effective clicking the Apply button.When this is done, the settings will be immediately applied to the switching software in RAM, and will immediately take effect. Some settings, though, require you to restart the Switch before they will take effect. Restarting the Switch erases all settings in RAM and reloads the stored settings from the NV-RAM.
10-7 Reboot Device The following menu is used to restart the Switch. Figure 10- 10. Restart System window Clicking the Yes click-box will instruct the Switch to save the current configuration to non-volatile RAM before restarting the Switch. Clicking the No click-box instructs the Switch not to save the current configuration before restarting the Switch.All of the configuration information entered from the last time Save Changes was executed, will be lost. Click the Restart button to restart the Switch.
Appendix A - Technical Specifications General Standard IEEE 802.3u 100TX Fast Ethernet IEEE 802.3ab 1000T Gigabit Ethernet IEEE 802.1 P/Q VLAN IEEE 802.3x Full-duplex Flow Control IEEE 802.3 Nway auto-negotiation Protocols CSMA/CD Data Transfer Rates: Half-duplex Fast Ethernet 100Mbps Ethernet Gigabit Ethernet Fibre Optic Full-duplex 10Mbps 20Mbps 1000Mbps 2000Mbps 200Mbps IEC 793-2: 1992 Type A1a - 50/125um multi-mode Type A1b - 62.
Performance Transmission Method: Store-and-forward Filtering Address Table: 16 K MAC address per device RAM Buffer: Packet Filtering/ Forwarding Rate: MAC Address Learning: Forwarding Table Age Time: 2 MB per device Full-wire speed for all connections. 148,810 pps per port (for 100Mbps) 1,488,100 pps per port (for 1000Mbps) Automatic update. Max age: 10 – 1000000 seconds. Default = 300.
Appendix B - Translated Electrical Safety and Emission Information Important: This appendix contains multiple-language translations for the safety statements in this guide. Wichtig: Dieser Anhang enthält Übersetzungen der in diesem Handbuch enthaltenen Sicherheitshinweise in mehreren Sprachen. Vigtigt: Dette tillæg indeholder oversættelser i flere sprog af sikkerhedsadvarslerne i denne håndbog. Belangrijk: Deze appendix bevat vertalingen in meerdere talen van de veiligheidsopmerkingen in deze gids.
Die Entlüftungsöffnungen dürfen nicht versperrt sein und müssen zum Kühlen freien Zugang zur Raumluft haben. 6 m BETRIEBSTEMPERATUR: Dieses Produkt wurde für den Betrieb in einer Umgebungstemperatur von nicht mehr als 40° C entworfen. 7 m ALLE LÄNDER: Installation muß örtlichen und nationalen elektrischen Vorschriften entsprechen. Standarder: Dette produkt tilfredsstiller de følgende standarder. 1 c FARE UNDER UVEJR 2 c ADVARSEL: DEN STRØMFØRENDE LEDNING BRUGES TIL AT AFBRYDE STRØMMEN.
3 c ÉQUIPEMENT DE CLASSE 1 ÉLECTRIQUE CE MATÉRIEL DOIT ÊTRE MIS A LA TERRE. La prise de courant doit être branchée dans une prise femelle correctement mise à la terre car des tensions dangereuses risqueraient d’atteindre les pièces métalliques accessibles à l’utilisateur. 4 m EQUIPEMENT POUR BRANCHEMENT ELECTRIQUE, la prise de sortie doit être placée près de l’équipement et facilement accessible".
Sikkerhetsnormer: Dette produktet tilfredsstiller følgende sikkerhetsnormer. 1 c FARE FOR LYNNEDSLAG 2 c FORSIKTIG: STRØMLEDNINGEN BRUKES TIL Å FRAKOBLE UTSTYRET. FOR Å DEAKTIVISERE UTSTYRET, må strømforsyningen kobles fra. 3 c ELEKTRISK – TYPE 1- KLASSE UTSTYR DETTE UTSTYRET MÅ JORDES. Strømkontakten må være tilkoplet en korrekt jordet kontakt. En kontakt som ikke er korrekt jordet kan føre til farlig spenninger i lett t ilgjengelige metalldeler. 4 m UTSTYR FOR STIKKONTAKT.
4 m EQUIPO CONECTABLE, el tomacorriente se debe instalar cerca del equipo, en un lugar con acceso fácil". 5 m ATENCION: Las aberturas para ventilación no deberán bloquearse y deberán tener acceso libre al aire ambiental de la sala para su enfriamiento. 6 m TEMPERATURA REQUERIDA PARA LA OPERACIÓN: Este producto está diseñado para una temperatura ambiental máxima de 40 grados C. 7 m PARA TODOS LOS PAÍSES: Monte el producto de acuerdo con los Códigos Eléctricos locales y nacionales.
