Management Software AT-S79 User’s Guide For use with the AT-GS950/16 and AT-GS950/24 Gigabit Ethernet Smart Switches Version 1.1 613-000207 Rev.
Copyright © 2006 Allied Telesyn, Inc. All rights reserved. No part of this publication may be reproduced without prior written permission from Allied Telesyn, Inc. Microsoft and Internet Explorer are registered trademarks of Microsoft Corporation. Netscape Navigator is a registered trademark of Netscape Communications Corporation. All other product names, company names, logos or other designations mentioned herein are trademarks or registered trademarks of their respective owners. Allied Telesyn, Inc.
Contents Preface ............................................................................................................................................................ 11 Where to Find Web-based Guides ................................................................................................................... 12 Document Conventions .................................................................................................................................... 13 Contacting Allied Telesyn .
Contents Chapter 6: Port Mirroring .............................................................................................................................. 65 Port Mirroring Overview .................................................................................................................................... 66 Configuring Port Mirroring ................................................................................................................................. 67 Disabling Port Mirroring .
AT-S79 Management Software User’s Guide Authenticator Ports................................................................................................................................... 131 General Steps .......................................................................................................................................... 133 Port-based Network Access Control Guidelines ...................................................................................... 133 Configuring 802.
Contents Configuring CoS..............................................................................................................................................212 Chapter 21: Rapid Spanning Tree Protocol (RSTP) ..................................................................................215 Basic RSTP Configuration ..............................................................................................................................216 Configuring RSTP Port Settings .....................
Figures Figure 1. Connecting the Management Cable to the Console Port .....................................................................................24 Figure 2. Login Menu...........................................................................................................................................................25 Figure 3. Main Menu............................................................................................................................................................
Figures Figure 51. Figure 52. Figure 53. Figure 54. Figure 55. Figure 56. Figure 57. Figure 58. Figure 59. Figure 60. Figure 61. Figure 62. Figure 63. Figure 64. Figure 65. Figure 66. Figure 67. Figure 68. Figure 69. Figure 70. 8 Port Configuration Page ...................................................................................................................................180 Configuration of Port Page ..............................................................................................
Tables Table 1. Table 2. Table 3. Table 4. Table 5. Table 6. Table 7. Table 8. Menus Interface Operations .................................................................................................................................26 Default Mappings of IEEE 802.1p Priority Levels to Egress Port Priority Queues ...............................................97 RSTP Auto-Detect Port Costs ...................................................................................................................
Tables 10
Preface This guide contains instructions on how to use the AT-S79 management software to manage and monitor the AT-GS950/16 and AT-GS950/24 Gigabit Ethernet Smart switches. The AT-S79 management software has two management interfaces: a menus interface and a web browser interface. You access the menus interface through the console port on the switch. You access the web browser interface from any management workstation on your network that has a web browser application.
Preface Where to Find Web-based Guides The installation and user guides for all Allied Telesyn products are available in portable document format (PDF) on our web site at www.alliedtelesyn.com. You can view the documents online or download them onto a local workstation or server.
AT-S79 Management Software User’s Guide Document Conventions This document uses the following conventions: Note Notes provide additional information. Caution Cautions inform you that performing or omitting a specific action may result in equipment damage or loss of data. Warning Warnings inform you that performing or omitting a specific action may result in bodily injury.
Preface Contacting Allied Telesyn This section provides Allied Telesyn contact information for technical support as well as sales and corporate information. Online Support You can request technical support online by accessing the Allied Telesyn Knowledge Base: http://kb.alliedtelesyn.com. You can use the Knowledge Base to submit questions to our technical support staff and review answers to previously asked questions.
Chapter 1 Overview This chapter provides an overview of the AT-S79 management software for the AT-GS950/16 and AT-GS950/24 switches. The chapter describes the different methods for accessing the software and the management access levels.
Chapter 1: Overview Management Overview The AT-S79 management software allows you to view and adjust the operating parameters of the AT-GS950/16 and AT-GS950/24 Smart Switches. Here are a few examples of the functions that you can perform with the management software: Enable and disable ports Configure a port’s speed and duplex mode Create port trunks Configure a port mirror Configure Quality of Service (QoS) Create port-based and tagged virtual LANs Configure 802.
AT-S79 Management Software User’s Guide Local Management Connection To establish a local management connection with an AT-GS950/16 or AT-GS950/24 Smart Switch, you connect a terminal or a PC with a terminal emulator program to the terminal port on the front of the switch using the management cable included with the unit. This type of connection is referred to as “local” because you must be physically close to the switch, such as in the wiring closet where the switch is located.
Chapter 1: Overview Remote Management Connection The AT-S79 management software has a web browser interface that you can use to manage an AT-GS950/16 or AT-GS950/24 Smart Switch from any management station on your network that has a web browser application. This is referred to as a remote connection. The switch must have an IP address in order for you to manage it remotely with a web browser.
AT-S79 Management Software User’s Guide Management Access Level The AT-S79 management software has one level of management access: manager. When you log in as a manager, you can view and configure all of a switch’s operating parameters. You log in as a manager by entering the appropriate username and password when you start an AT-S79 management session. The default username and password are both “manager”.
Chapter 1: Overview Ports 15 and 16 on the AT-GS950/16 Switch and Ports 23 and 24 on the AT-GS950/24 Switch This section applies to the twisted pair and optional SFP ports 15 and 16 on the AT-GS950/16 switch and ports 23 and 24 on the AT-GS950/24 switch. Note the following when configuring these ports: 20 The twisted pair ports are, by default, the active ports.
Section I Using the Menus Interface The chapters in this section explain how to manage the switch using the menus interface of the AT-S79 management software.
Section I: Using the Menus Interface
Chapter 2 Getting Started with the Menus Interface This chapter provides information and instructions on how to access the menus interface of the AT-S79 management software by starting a local management session.
Chapter 2: Getting Started with the Menus Interface Starting a Local Management Session You establish a local management session with the switch by connecting a terminal or personal computer with a terminal emulation program to the the RS-232 console port on the front panel of the switch. Note You do not need to assign an IP address to the switch to manage the unit from a local management session. To start a local management session, perform the following procedure: 1.
AT-S79 Management Software User’s Guide The Login Menu is shown in Figure 2. AT-GS950/16 Local Management System Enter the character in square brackets to select option Login Menu Login: Figure 2. Login Menu 4. Enter the manager login name and press Return. The default name is “manager”. You are prompted for a password. 5. Enter the manager password. The default password is “manager”. Note To change the login name or password, refer to “Setting the User Interface Configuration” on page 36.
Chapter 2: Getting Started with the Menus Interface Using the Menus Interface If you are using a DEC VT00 or ANSI (the default) terminal configuration, refer to Table 1 for instructions on how to move through the menus and select menu options. Table 1. Menus Interface Operations When directed to You must Enter your selection Type the menu option letter. Enter information (for example, entering a port number) Type the information and press Enter.
AT-S79 Management Software User’s Guide Quitting from a Local Management Session To quit a local management session, return to the Main Menu and type Q for Quit. When you are finished managing the switch, make sure you exit from a management session. Quitting from a local session prevents unauthorized changes to the switch’s configuration if you leave your workstation unattended.
Chapter 2: Getting Started with the Menus Interface 28 Section I: Using the Menus Interface
Chapter 3 Basic Switch Parameters This chapter contains the following sections: Section I: Using the Menus Interface “Configuring the IP Address, Subnet Mask, and Gateway Address” on page 30 “Enabling and Disabling the DHCP Client” on page 33 “Configuring System Administration Information” on page 34 “Setting the User Interface Configuration” on page 36 “Viewing Switch Information” on page 39 “Rebooting the Switch” on page 42 “Pinging a Remote System” on page 44 “Returning
Chapter 3: Basic Switch Parameters Configuring the IP Address, Subnet Mask, and Gateway Address This procedure explains how to manually assign an IP address, subnet mask, and gateway address to the switch. Before performing the procedure, note the following: An IP address and subnet mask are not required for normal network operations of the switch. Values for these parameters are only required if you want to remotely manage the device with a web browser.
AT-S79 Management Software User’s Guide 2. From the Basic Switch Configuration Menu, type I to select System IP Configuration. The System IP Configuration Menu is shown in Figure 5. AT-GS950/16 Local Management System Basic Switch Configuration -> System IP Configuration Menu MAC Address: IP Address: Subnet Mask: Gateway: DHCP Mode: 00:06:5H:B2:65:84 0.0.0.0 0.0.0.0 0.0.0.
Chapter 3: Basic Switch Parameters b. Type the subnet mask for the switch and press Enter. 5. To set the switch’s gateway address, do the following: a. Type G to select Set Default Gateway. The following prompt is displayed: Enter new gateway IP address> b. Type the gateway IP address for the switch and press Enter. 6. Type Q to select Quit to previous menu and save your changes.
AT-S79 Management Software User’s Guide Enabling and Disabling the DHCP Client This procedure explains how to activate and deactivate the DHCP client on the switch. When the client is activated, the switch obtains its IP configuration, such as its IP address and subnet mask, from a DHCP server on your network. Before performing the procedure, note the following: An IP address and subnet mask are not required for normal network operations of the switch.
Chapter 3: Basic Switch Parameters Configuring System Administration Information This section explains how to assign a name to the switch, as well as specify the location of the switch and the name of the switch’s administrator. Entering this information is optional. To set a switch’s administration information, perform the following procedure: 1. From the Main Menu, type B to select Basic Switch Configuration. The Basic Switch Configuration Menu is shown in Figure 4 on page 30. 2.
AT-S79 Management Software User’s Guide b. Type a name for the switch (for example, Sales). The name is optional and can contain up to 50 characters. Note Allied Telesyn recommends that you assign names to the switches. Names can help you identify the switches when you manage them and can also help you avoid performing a configuration procedure on the wrong switch. 4. To enter the system’s location, do the following: a. Type L to select Set System Location.
Chapter 3: Basic Switch Parameters Setting the User Interface Configuration This procedure explains how to adjust the user interface and security features on the switch. With this procedure you can: Change the console timer, used to automatically end inactive local management sessions. Change the AT-S79 management login user name and password. Enable and disable the web server, used to manage the switch from a remote management station with a web browser.
AT-S79 Management Software User’s Guide 3. To configure the console idle time out parameter, do the following: a. Type C to select Set Console UI Time Out. The following prompt is displayed: Enter console idle timeout> b. Enter a number for the timeout value. The range is 0 to 60 minutes. The default is 5 minutes. A timeout value to 0 causes the switch to never timeout a local management session.
Chapter 3: Basic Switch Parameters c. Type the new user name and press Enter. The default name is “manager.” The name can be from 0 to 12 characters. Spaces are allowed. The login name is case sensitive. Not entering a new login name deletes the current login name without assigning a new one. The new user name appears in the User Field in the top portion of the menu. You must use the new login user name the next time you start a local or web browser management session. 6.
AT-S79 Management Software User’s Guide Viewing Switch Information To view general information about the switch, perform the following procedure: 1. From the Main Menu, type G to select General Information. The General Information menu is shown in Figure 8. AT-GS950/16 Local Management System Main Menu -> General Information System up for : 24min(s), 36sec(s) Runtime Image : Version 1.0 Boot Loader : Version 1.
Chapter 3: Basic Switch Parameters Hardware Information Section Version The hardware version number. Fixed Baud Rate The baud rate of the console port. DRAM Size The size of the DRAM, in megabytes. Flash Size The size of the flash memory, in megabytes. Administration Information Section Switch Name The name assigned to the switch. To assign the switch a name, refer to “Configuring System Administration Information” on page 34. Switch Location The location of the switch.
AT-S79 Management Software User’s Guide Automatic Network Features Section DHCP Mode The status of the DHCP client on the switch. For information about setting this parameter, refer to “Enabling and Disabling the DHCP Client” on page 33. 2. Press any key to return to the previous menu.
Chapter 3: Basic Switch Parameters Rebooting the Switch This procedure reboots the switch and reloads the AT-S79 management software from flash memory. You might reboot the device if you believe it is experiencing a problem. Rebooting the device does not change any of the device’s parameter settings. Caution The switch does not forward network traffic during the reboot process. Some network traffic may be lost. To reboot the switch, perform the following procedure: 1.
AT-S79 Management Software User’s Guide The System Reboot Menu is shown in Figure 10. AT-GS950/24 Local Management System Main Menu -> System Reboot Menu Reboot Status: Reboot Type: Stop Normal ---------------------- ---------------------------Set Reboot [O]ption Start [R]eboot Process [Q]uit to previous menu Command> Figure 10. System Reboot Menu 3. From the System Reboot menu, type O to select Set Reboot Option. The following prompt is displayed: Select reboot option (F/I/N)> 4.
Chapter 3: Basic Switch Parameters Pinging a Remote System This procedure instructs the switch to ping a node on your network. This procedure is useful in determining whether an active link exists between the switch and another network device. Note the following before performing the procedure: The switch where you are initiating the ping must have an IP address and subnet mask. The device you are pinging must be a member of the Default VLAN.
AT-S79 Management Software User’s Guide 3. Type I to select Set Target IP Address. The following prompt is displayed: Enter new target IP address> 4. Type the IP address of the node you want the switch to ping and press Enter. 5. Type N to select Set Number of Requests. The following prompt is displayed: Enter new number of requests> 6. Enter the number of ping requests you want the switch to perform. The range is 1 to 10. The default is 10. 7. Type T to select Set Timeout Value.
Chapter 3: Basic Switch Parameters Figure 12 shows an example of the results of a ping. AT-GS950/16 Local Management System Switch Tools Configuration -> Ping Execution Target IP Address: 149.35.8.33 Number of Requests: 4 Timeout Value (sec): 3 ================Result================= No. 1 20 ms No. 2 20 ms No. 3 20 ms No.
AT-S79 Management Software User’s Guide Returning the AT-S79 Management Software to the Factory Default Values This procedure returns all AT-S79 management software parameters to their default values and deletes all tagged and port-based VLANs on the switch. The AT-S79 management software default values are listed in Appendix A, ”AT-S79 Software Default Settings” on page 237. Caution This procedure causes the switch to reboot. The switch does not forward network traffic during the reboot process.
Chapter 3: Basic Switch Parameters 5. Type R to select Start Reboot Process. The following prompt is displayed: Are you sure you want to reboot the system (Y/N)> 6. Type Y to start the reboot process. The switch returns its operating parameters to the default values and begins to reload the AT-S79 management software. This process takes approximately one minute to complete. You can not manage the device during the reboot.
Chapter 4 Port Configuration This chapter contains the procedures for viewing and adjusting the parameter settings for the ports on the switch.
Chapter 4: Port Configuration Displaying the Port Parameters To display the parameter settings for the ports on the switch, perform the following procedure: 1. From the Main Menu, type B to select Basic Switch Configuration. The Basic Switch Configuration Menu is shown in Figure 4 on page 30. 2. From the Basic Switch Configuration Menu, type P to select Port Configuration. The Port Configuration Menu is shown in Figure 13.
AT-S79 Management Software User’s Guide The Port Configuration Menu displays the following columns of information about the status of the ports: Port The port number. Trunk The trunk group number. This column contains the number of the port trunk if the port is a member of a trunk. To configure a trunk, refer to Chapter 5, “Port Trunking” on page 57. Type The port type. The type for a 10/100/1000Base-TX port is 1000TX. The port type for an optional fiber optic SFP module is 1000BaseX.
Chapter 4: Port Configuration 1000-HDx - 1000 Mbps in half-duplex mode To change a port’s speed and duplex mode setting, see “Setting a Port’s Speed and Duplex Mode” on page 54. Flow Ctrl Whether flow control is enabled on the port. Flow control is enabled by default. To disable flow control, refer to “Changing the Flow Control Setting” on page 56. 3. Type Q to select Quit to previous menu.
AT-S79 Management Software User’s Guide Enabling and Disabling a Port This procedure enables and disables a port. You may want to disable a port and prevent packets from being forwarded if a problem occurs with the node or cable connected to the port. After the problem has been fixed, you can enable the port to resume normal operation. You can also disable an unused port to secure it from unauthorized connections. The default setting for a port is enabled.
Chapter 4: Port Configuration Setting a Port’s Speed and Duplex Mode To change a port’s speed or duplex mode, perform the following procedure: 1. From the Main Menu, type B to select Basic Configuration. The Basic Switch Configuration Menu is shown in Figure 4 on page 30 2. From the Basic Switch Configuration Menu, type P to select Port Configuration. The Port Configuration Menu is shown in Figure 13 on page 50. 3. Type M to select Set Mode.
AT-S79 Management Software User’s Guide full-duplex. To avoid this problem when connecting an end node with a fixed duplex mode of full-duplex to a switch port, disable Auto-Negotiation on the port and set the port’s speed and duplex mode manually. Allied Telesyn does not recommend manually setting a 10/100/ 1000Base-T twisted pair port to either 1000 Mbps full duplex or 1000 Mbps half duplex. For 1000 Mbps operation, Allied Telesyn recommends setting a port to Auto-Negotiation.
Chapter 4: Port Configuration Changing the Flow Control Setting Flow control applies to ports operating in full-duplex mode. A switch port uses flow control to control the flow of ingress packets from its end node. A port using flow control issues a special frame, referred to as a PAUSE frame, as specified in the IEEE 802.3x standard, to stop the transmission of data from an end node. When a port needs to stop an end node from transmitting data, it issues this frame.
Chapter 5 Port Trunking This chapter provides information and procedures for creating a port trunk and contains the following sections: Section I: Using the Menus Interface “Port Trunking Overview” on page 58 “Creating a Port Trunk” on page 59 “Modifying a Port Trunk” on page 62 “Enabling and Disabling a Port Trunk” on page 63 57
Chapter 5: Port Trunking Port Trunking Overview Port trunking is an economical way for you to increase the bandwidth between two Ethernet switches. A port trunk is 2 to 8 ports that have been grouped together to function as one logical path. A port trunk increases the bandwidth between switches and is useful in situations where a single physical data link between switches is insufficient to handle the traffic load.
AT-S79 Management Software User’s Guide Creating a Port Trunk This procedure explains how to create a port trunk. Caution Do not connect the cables to the ports on the switches until after you have configured the trunk with the management software. Connecting the cables before configuring the software creates a loop in your network topology, which can result in broadcast storms and poor network performance. To create a port trunk, perform the following procedure: 1.
Chapter 5: Port Trunking The Trunk Configuration Menu is shown in Figure 15.
AT-S79 Management Software User’s Guide The following prompt is displayed: Enable or Disable trunk group number n (E/D)> 8. Type E to enable the trunk. 9. Type Q to select Quit to previous menu and save your changes. The trunk is now operational on the switch. 10. Configure the port trunk on the other switch and connect the cables.
Chapter 5: Port Trunking Modifying a Port Trunk This procedure adds and removes ports from a port trunk. Note You should disconnect the cables from the ports of the trunk on the switch before modifying it. Adding or removing ports from a trunk without first disconnecting the cables can create loops in your network topology, which can cause broadcast storms and poor network performance. To add or remove ports from a trunk, perform the following procedure: 1.
AT-S79 Management Software User’s Guide Enabling and Disabling a Port Trunk This procedure enables and disables a port trunk. Note the following before performing this procedure: Do not enable a port trunk until after you have configured the trunk on both switches. Do not connect the cables to the ports on the switches until after you have configured and enabled the trunk on both switches. Note If you are disabling a port trunk, be sure to first disconnect all cables from the ports of the trunk.
Chapter 5: Port Trunking 64 Section I: Using the Menus Interface
Chapter 6 Port Mirroring This chapter contains the procedure for setting up port mirroring. Port mirroring allows you to unobtrusively monitor the ingress and egress traffic on a port by having the traffic copied to another port.
Chapter 6: Port Mirroring Port Mirroring Overview The port mirroring feature allows you to unobtrusively monitor the ingress and egress traffic on a port on the switch by having the traffic copied to another switch port. By connecting a network analyzer to the port where the traffic is being copied to, you can monitor the traffic on the other port without impacting its performance or speed. The port whose traffic you want to mirror is called the mirrored port.
AT-S79 Management Software User’s Guide Configuring Port Mirroring To set up port mirroring, perform the following procedure: 1. From the Main Menu, type A to select Advanced Switch Configuration. The Advanced Switch Configuration Menu is shown in Figure 14 on page 59. 2. From the Advanced Switch Configuration Menu, type M to select Port Mirroring Configuration. The Port Mirroring Menu is shown in Figure 16.
Chapter 6: Port Mirroring 7. Type E to select Enable/Disable Port Mirroring. The following prompt is displayed: Enable or Disable monitoring (E/D)> 8. Type E to enable port mirroring. You can now connect your data analyzer to the mirroring port. 9. Type Q to select Quit to previous menu and save your changes.
AT-S79 Management Software User’s Guide Disabling Port Mirroring To disable port mirroring, perform the following procedure: 1. From the Main Menu, type A to select Advanced Switch Configuration. The Advanced Switch Configuration Menu is shown in Figure 14 on page 59. 2. From the Advanced Switch Configuration Menu, type M to select Port Mirroring Configuration. The Port Mirroring Menu is shown in Figure 16 on page 67. 3. Type E to select Enable/Disable Port Mirroring.
Chapter 6: Port Mirroring 70 Section I: Using the Menus Interface
Chapter 7 Virtual LANs This chapter contains the procedures for creating, modifying, and deleting port-based and tagged Virtual Local Area Networks (VLANs).
Chapter 7: Virtual LANs VLAN Features A Virtual Local Area Network (VLAN) is a logical grouping of devices on different physical LAN segments that allows users to communicate as if they were physically connected to a single LAN, independent of the physical configuration of the network. With VLANs, you can segment your network and group end-nodes with related functions into their own separate, logical LAN segments. For example, the marketing personnel in you company may be spread throughout a building.
AT-S79 Management Software User’s Guide VLANs can be used to control the flow of data in your network, since the traffic generated by an end-node in a VLAN is restricted to the other endnodes in the same VLAN. In addition, VLANs can prevent data from flowing to unauthorized end-nodes. Types of VLANs The AT-GS950/16 and AT-GS950/24 switches support the following types of VLANs: Port-based VLANs Tagged VLANs The VLANs are described in the following sections.
Chapter 7: Virtual LANs Port-based VLAN Overview As explained in “VLAN Features” on page 72, a VLAN consists of a group of ports on one or more Ethernet switches that form an independent traffic domain. Traffic generated by the end nodes of a VLAN remains within the VLAN and does not cross over to the end nodes of other VLANs unless there is an interconnection device, such as a router or Layer 3 switch. A port-based VLAN is a group of ports on a Gigabit Ethernet switch that form a logical Ethernet segment.
AT-S79 Management Software User’s Guide For example, if you had a port-based VLAN titled Marketing that spanned three AT-GS950 Series switches, you would assign the Marketing VLAN on each switch the same VID. You can assign this number manually or allow the AT-S79 management software to do it automatically. If you allow the management software to do it automatically, it selects the next available VID. This is acceptable when you are creating a new, unique VLAN.
Chapter 7: Virtual LANs Drawbacks of Port-based VLANs 76 Each port must be assigned a PVID. This value must match the VLAN’s VID and it must be the same for all the ports in a port-based VLAN. You must manually configure this value on a port after you assign the port to a VLAN. For instructions, refer to “Configuring the PVID of Untagged Ports” on page 87.
AT-S79 Management Software User’s Guide Port-based Example 1 Figure 17 illustrates an example of one AT-GS950/24 Gigabit Ethernet Switch with three port-based VLANs. (For purposes of the following examples, the Default VLAN is not shown.) Engineering VLAN (VID 3) Production VLAN (VID 4) Sales VLAN (VID 2) 1 3 5 7 9 11 13 15 17 19 21 23 2 4 6 8 10 12 14 16 18 20 22 24 AT-GS950/24 Gigabit Ethernet Switch WAN Router Figure 17.
Chapter 7: Virtual LANs Port-based Example 2 Each VLAN has one port connected to the router. The router interconnects the various VLANs and functions as a gateway to the WAN. Figure 18 illustrates more port-based VLANs. In this example, Sales and Engineering VLANs span two AT-GS950/24 Gigabit Ethernet switches, while Production VLAN is limited to just one switch.
AT-S79 Management Software User’s Guide The table below lists the port assignments for the Sales, Engineering, and Production VLANs on the switches: Sales VLAN (VID 2) Engineering VLAN (VID 3) Production VLAN (VID 4) AT-GS950/24 Switch (top) Ports 1 - 6 (PVID 2) Ports 9 - 13 (PVID 3) Ports 17, 19 - 21 (PVID 4) AT-GS950/24 Switch (bottom) Ports 2 - 4, 6, 8 (PVID 2) Ports 16, 18-20, 22 (PVID 3) none Note the following concerning the example: Sales VLAN - This VLAN spans both switches.
Chapter 7: Virtual LANs Tagged VLAN Overview The second type of VLAN supported by the AT-S79 management software is the tagged VLAN. VLAN membership in a tagged VLAN is determined by information within the frames that are received on a port. This differs from a port-based VLAN, where the PVIDs assigned to the ports determine VLAN membership. The VLAN information within an Ethernet frame is referred to as a tag or tagged header.
AT-S79 Management Software User’s Guide Note For explanations of VLAN name and VLAN identifier, refer back to “VLAN Name” on page 74 and “VLAN Identifier” on page 74. Tagged and Untagged Ports You need to specify which ports will be members of the VLAN. In the case of a tagged VLAN, the ports usually consist of both untagged and tagged ports. You specify which ports are tagged and which untagged when you create the VLAN.
Chapter 7: Virtual LANs Tagged VLAN Example Figure 19 illustrates how tagged ports can be used to interconnect IEEE 802.1Q-based products. Engineering VLAN (VID 3) Sales VLAN (VID 2) Production VLAN (VID 4) Legacy Server 1 3 5 7 9 11 13 15 17 19 21 23 2 4 6 8 10 12 14 16 18 20 22 24 AT-GS950/24 Gigabit Ethernet Switch IEEE 802.
AT-S79 Management Software User’s Guide The port assignments for the VLANs are as follows: Sales VLAN (VID 2) Engineering VLAN (VID 3) Production VLAN (VID 4) Untagged Ports Tagged Ports Untagged Ports Tagged Ports Untagged Ports Tagged Ports AT-GS950/ 24 Switch (top) 1, 3, 5, 6 (PVID 2) 2, 10 9, 11 to 13 (PVID 3) 2, 10 17, 19 to 21 (PVID 4) 2 AT-GS950/ 24 Switch (bottom) 2, 4, 6, 8 (PVID 2) 9 16, 18, 20, 22 (PVID 3) 9 none none This example is nearly identical to the “Port-based Exa
Chapter 7: Virtual LANs Creating a VLAN This section contains the procedure for creating a new port-based or tagged VLAN. This procedure assigns the VLAN a name, a VID number, and the untagged and tagged member ports. After you have performed this procedure, you must configure the untagged ports of the VLAN by adjusting their PVID values to match the virtual LAN’s VID number. The PVID value of a port must match its virtual LAN’s VID in order for a port to be considered an untagged member of the VLAN.
AT-S79 Management Software User’s Guide 3. From the VLAN Management Menu, type C to select Create VLAN. The VLAN Creation Menu is shown in Figure 21. AT-GS950/16 Local Management System VLAN Management -> VLAN Creation Menu VLAN ID : VLAN Name: Port Member ---------------------------------------------------------------------- ------------------------- ---------------------------------Set VLAN [I]D/[I]ndex S[e]lect Port Member Set VLAN [N]ame [A]pply [Q]uit to Previous Menu Command> Figure 21.
Chapter 7: Virtual LANs The following prompt is displayed: Enter port number > 9. Enter the untagged and tagged ports of the VLAN. You can specify the ports individually separated by commas, for example, 2,7,15, as a range of ports separated by a hyphen, for example, 2-4, or both, for example, 2-7,15,17. 10. When the VLAN is complete, type A to select Apply and apply the VLAN settings. The VLAN Management Menu is displayed again with information about the VLAN you just created.
AT-S79 Management Software User’s Guide Configuring the PVID of Untagged Ports This procedure adjusts a port’s VID value. The PVID value determines the VLAN in which the port is an untagged member. A port can be an untagged member of only one VLAN at a time. A port is an untagged member of the VLAN whose VID value matches its PVID. The ports of a new VLAN are initially designated as tagged ports. Their PVID values retain their previous settings when they are assigned to a new VLAN.
Chapter 7: Virtual LANs Note If you specify a PVID that does not correspond to any VIDs on the switch, the management software creates a new VLAN with a VID that equals the PVID. The VLAN is not assigned any name. 7. Repeat steps 4 through 6 to configure additional ports. 8. Type Q to select Quit to previous menu and save your changes.
AT-S79 Management Software User’s Guide Displaying the VLANs To display a list of the port-based and tagged VLANs on the switch, perform the following procedure: 1. From the Main Menu, type A to select Advanced Switch Configuration. The Advanced Switch Configuration Menu is shown in Figure 14 on page 59. 2. From the Advanced Switch Configuration Menu, type V to select VLAN Management. The VLAN Management Menu is shown in Figure 20 on page 84.
Chapter 7: Virtual LANs The Config VLAN Member Menu is shown in Figure 22. AT-GS950/16 Local Management System VLAN Management -> Config VLAN Member VLAN ID : 3 VLAN Name: Marketing Port Tagging ---------------------------------------------------------------------4 No 5 No 6 No 7 No 8 No 24 Yes ----------------------- -----------------------------------[N]ext Page [C]hange VLAN Name [A]dd VLAN Member [P]revious page [R]emove VLAN Member [Q]uit to Previous Menu Command> Figure 22.
AT-S79 Management Software User’s Guide Modifying a VLAN This procedure allows you to perform the following functions: Change the name of a VLAN. Add or remove tagged ports from a VLAN. Before performing this procedure, note the following: You cannot change the VID of a VLAN. You cannot add an untagged port to a VLAN with this procedure.
Chapter 7: Virtual LANs b. Type the new name for the VLAN and press Enter. A VLAN name can be up to 32 characters and can include spaces. 6. To add a tagged port to the VLAN, do the following: a. Type A for Add Member and press Enter. The following prompt is displayed: Add member->Enter port number > b. Enter the number of the port and press Enter. You can add more than one port at a time. You can specify the ports individually (i.e., 2,5,11), as a range (i.e., 4-7), or both (i.e., 2,5,11-15). 7.
AT-S79 Management Software User’s Guide Deleting a VLAN To delete a VLAN, perform the following procedure: 1. From the Main Menu, type A to select Advanced Switch Configuration. The Advanced Switch Configuration Menu is shown in Figure 14 on page 59. 2. From the Advanced Switch Configuration Menu, type V to select VLAN Management. The VLAN Management Menu is shown in Figure 20 on page 84. 3. Type D to select Delete VLAN. The following prompt is displayed: Enter VLAN ID > 4.
Chapter 7: Virtual LANs 94 Section I: Using the Menus Interface
Chapter 8 Quality of Service (QoS) This chapter contains the procedures for configuring the Quality of Service (QoS) parameters of the switch.
Chapter 8: Quality of Service (QoS) QoS Overview When a port on an Ethernet switch becomes oversubscribed—its egress queues contain more packets than the port can handle in a timely manner—the port may be forced to delay the transmission of some packets, resulting in the delay of packets from reaching their destinations.
AT-S79 Management Software User’s Guide Table 2. Default Mappings of IEEE 802.1p Priority Levels to Egress Port Priority Queues AT-GS950 Series Egress Port Priority Queue IEEE 802.1p Traffic Class 0 0 1 0 2 0 3 1 4 2 5 2 6 3 7 3 For example, a tagged packet with a priority tag of 6 is placed in the egress port’s highest priority queue of 3, while a packet with a priority tag of 1 is placed in the lowest priority queue. Note QoS is disabled by default on the switch.
Chapter 8: Quality of Service (QoS) One last thing to note is that CoS does not change the priority level in a tagged packet. The packet leaves the switch with the same priority it had when it entered. This is true even if you change the default priority-toegress queue mappings. The default setting for Quality of Service is disabled. When the feature is disabled, all tagged packets are stored in the lowest priority queue of a port.
AT-S79 Management Software User’s Guide Mapping CoS Priorities to Egress Queues This procedure explains how to change the default mappings of CoS priorities to egress priority queues, shown in Table 2 on page 97. This is set at the switch level and applies to all ports. This procedure also enables and disables QoS. To change the mappings, perform the following procedure: 1. From the Main Menu, type A to select Advanced Switch Configuration.
Chapter 8: Quality of Service (QoS) The Traffic Class Configuration Menu is shown in Figure 24. AT-GS950/16 Local Management System Quality of Service Configuration -> Traffic Class Configuration Menu QoS Status : Disabled Traffic Class ------------0 1 2 3 4 5 6 7 Queue ----0 0 0 1 2 2 3 3 3 : Highest 0 : Lowest ----------------------- -----------------------------------Set [S]tatus Set [P]riority Queue [Q]uit to previous Page Command> Figure 24. Traffic Class Configuration Menu 4.
AT-S79 Management Software User’s Guide The following prompt is displayed: Enter queue for traffic class n> c. Enter the new egress queue number for the traffic class. The range is 0 to 3. 0 is the lowest priority queue and 3 is the highest. You can specify only one egress queue. 6. Type Q to select Quit to previous menu and save your changes.
Chapter 8: Quality of Service (QoS) Configuring CoS As explained in “QoS Overview” on page 96, a packet received on a port is placed it into one of four priority queues on the egress port according to the switch’s mapping of 802.1p priority levels to egress priority queues. The default mappings are shown in Table 2 on page 97. You can override the mappings at the port level by assigning a different egress queue to a port.
AT-S79 Management Software User’s Guide The Port Priority Configuration Menu is shown in Figure 25.
Chapter 8: Quality of Service (QoS) 4. To configure a port that is not a member of a trunk, type R to select Set Priority Queue. To configure the ports of a port trunk, type T to select Set Trunk Priority Queue. The following prompt is displayed if you are configuring a port: Set Priority Queue->Enter port number> The following prompt is displayed if you are configuring a trunk: Enter trunk group number> 5. Enter the port or trunk number that you want to configure.
AT-S79 Management Software User’s Guide Note The tagged information in a frame is not changed as the frame traverses the switch. A tagged frame leaves a switch with the same priority level that it had when it entered. The default for this parameter is disabled, meaning that the priority level of tagged frames is determined by the priority level specified in the frames themselves.
Chapter 8: Quality of Service (QoS) 106 Section I: Using the Menus Interface
Chapter 9 Rapid Spanning Tree Protocol (RSTP) This chapter describes how to configure the Rapid Spanning Tree Protocol (RSTP) on the switch and includes the following sections: Section I: Using the Menus Interface “RSTP Overview” on page 108 “Enabling or Disabling RSTP” on page 115 “Configuring the RSTP Bridge Settings” on page 118 “Configuring STP Compatibility” on page 120 “Configuring RSTP Port Settings” on page 121 “Displaying the RSTP Topology” on page 126 107
Chapter 9: Rapid Spanning Tree Protocol (RSTP) RSTP Overview The performance of a Ethernet network can be negatively impacted by the formation of a data loop in the network topology. A data loop exists when two or more nodes on a network can transmit data to each other over more than one data path.
AT-S79 Management Software User’s Guide You can designate which switch on your network you want as the root bridge by giving it the lowest bridge priority number. You might also consider which bridge should function as the backup root bridge in the event you need to take the primary root bridge offline, and assign that bridge the second lowest bridge identifier number. You can change the bridge priority number for the switch.
Chapter 9: Rapid Spanning Tree Protocol (RSTP) Table 3 lists the RSTP port costs with Auto-Detect. Table 3. RSTP Auto-Detect Port Costs Port Speed Port Cost 10 Mbps 2,000,000 100 Mbps 200,000 1000 Mbps 20,000 Table 4 lists the RSTP port costs with Auto-Detect when the port is part of a port trunk. Table 4. RSTP Auto-Detect Port Trunk Costs Port Speed No.
AT-S79 Management Software User’s Guide Table 5 lists the values. The default value is 0. Table 5. Port Priority Value Increments Port Priority Port Priority 0 128 16 144 32 160 48 176 64 192 80 208 96 224 112 240 If two paths have the same port cost and the same priority, then the ports with the lowest port MAC addresses become the root ports of their respective bridges.
Chapter 9: Rapid Spanning Tree Protocol (RSTP) There are two possible selections: Point-to-point port Edge port The default setting for the RSTP port point-to-point status is automatic. With the automatic setting, the point-to-point status is True of the port is operating in full-duplex mode. If the port is operating in half-duplex mode, then the point-to-point status is False. Figure 26 illustrates two AT-GS950/24 switches that have been connected with one data link.
AT-S79 Management Software User’s Guide AT-GS950/24 1 3 5 24-Port 10/100/1000Mbps + 2 SFP Combo WebSmart Switch 7 9 11 13 15 17 19 21 23 SPEED LINK/ACT SPEED LINK/ACT LINK/ACT POWER 2 4 6 8 10 12 14 16 18 20 22 24 23 24 732 Edge Port Hub 1 2 3 4 5 6 7 8 1 2 3 4 5 6 7 8 Figure 27. Edge Port A port can be both a point-to-point and an edge port at the same time. Figure 28 illustrates a port functioning as both a point-to-point and edge port.
Chapter 9: Rapid Spanning Tree Protocol (RSTP) compatible mode, the ports can receive either RSTP or STP BPDU packets. Rapid Spanning Tree and VLANs The spanning tree implementation in the AT-S79 management software is a single-instance spanning tree. The switch supports just one spanning tree. You cannot define multiple spanning trees. The single spanning tree encompasses all ports on the switch. If the ports are divided into different VLANs, the spanning tree crosses the VLAN boundaries.
AT-S79 Management Software User’s Guide Enabling or Disabling RSTP To enable or disable RSTP, perform the following procedure: 1. From the Main Menu, type B to select Basic Switch Configuration. The Basic Switch Configuration Menu is shown in Figure 4 on page 30. 2. From the Basic Switch Configuration Menu, type S to select Rapid Spanning Tree Configuration. The Rapid Spanning Tree Configuration Menu is shown in Figure 30.
Chapter 9: Rapid Spanning Tree Protocol (RSTP) switch’s root port and the root bridge including the switch’s root port cost. Time Since Topology Change The time in seconds since the last topology change took place. When RSTP detects a change to the LAN’s topology or when the switch is rebooted, this parameter is reset to 0 seconds and begins incrementing until the next topology change is detected.
AT-S79 Management Software User’s Guide 3. Type E to select Enable/Disable Global RSTP. The following prompt is displayed: Enable or Disable Global RSTP (E/D)> 4. Type E to enable RSTP or D to disable RSTP.
Chapter 9: Rapid Spanning Tree Protocol (RSTP) Configuring the RSTP Bridge Settings To configure the RSTP bridge settings, perform the following procedure: 1. From the Main Menu, type B to select Basic Switch Configuration. The Basic Switch Configuration Menu is shown in Figure 4 on page 30. 2. From the Basic Switch Configuration Menu, type S to select Rapid Spanning Tree Configuration. The Rapid Spanning Tree Configuration Menu is shown in Figure 30 on page 115. 3. Type P to select Set Bridge Priority.
AT-S79 Management Software User’s Guide The following prompt is displayed: Enter bridge maximum age> The bridge maximum age is the length of time after which stored bridge protocol data units (BPDUs) are deleted by the bridge. All bridges in a bridged LAN use this aging time to test the age of stored configuration messages called bridge protocol data units (BPDUs). For example, if you use the default value 20, all bridges delete current configuration messages after 20 seconds.
Chapter 9: Rapid Spanning Tree Protocol (RSTP) Configuring STP Compatibility Choosing an RSTP protocol version allows you to determine if the switch ports will operate in RSTP-only mode or are STP-compatible. This setting applies to all of the ports; you cannot set this on a per-port basis. To configure the STP compatibility, perform the following procedure: 1. From the Main Menu, type B to select Basic Switch Configuration. The Basic Switch Configuration Menu is shown in Figure 4 on page 30. 2.
AT-S79 Management Software User’s Guide Configuring RSTP Port Settings This section contains the following topics: Configuring the Basic RSTP Port Settings “Configuring the Basic RSTP Port Settings,” next “Configuring the Advanced RSTP Port Settings” on page 123 To configure the basic RSTP port settings, perform the following procedure: 1. From the Main Menu, type B to select Basic Switch Configuration. The Basic Switch Configuration Menu is shown in Figure 4 on page 30. 2.
Chapter 9: Rapid Spanning Tree Protocol (RSTP) 4. Type I to select Set Port Priority. The following prompt is displayed: Select port number to be changed> Port number is in range from 1 to 9, 0 to set all ports 5. Enter the number of the port you want to change, or type 0 (zero) to apply the settings to all ports on the switch. The following prompt is displayed: Enter priority for port n> This parameter is used as a tie breaker when two or more ports are determined to have equal costs to the root bridge.
AT-S79 Management Software User’s Guide Select port number to be changed> Port number is in range from 1 to 9, 0 to set all ports This parameter enables or disables RSTP on a specified port or a group of ports in a trunk. 11. Enter the number of the port you want to change, or type 0 (zero) to apply the settings to all ports on the switch. The following prompt is displayed: Enable or Disable STP for port n (E/D)> 12. Type E to enable or D to disable STP on the port.
Chapter 9: Rapid Spanning Tree Protocol (RSTP) The RSTP Advanced Port Configuration menu is shown in Figure 31. AT-GS950/16 Local Management System Rapid Spanning Tree Configuration -> RSTP Advanced Port Configuration Port Trunk Link State Role Admin/OperEdge Admin/OperPtoP Migrat ---- ----- ---- ---------- --------- ---------------------------------1 --Down Forwarding Disabled False/False Auto/False Init. 2 --Down Forwarding Disabled False/False Auto/False Init.
AT-S79 Management Software User’s Guide The following prompt is displayed: Select port number to be changed> Port number is in range from 1 to 9, 0 to set all ports 8. Enter the number of the port you want to change, or type 0 (zero) to apply the settings to all ports on the switch. The following prompt is displayed: Set point-to-point for port n >(A/T/F) This parameter defines whether the port is functioning as a point-topoint port. The possible settings are Auto, True, and False.
Chapter 9: Rapid Spanning Tree Protocol (RSTP) Displaying the RSTP Topology To display the RSTP topology, perform the following procedure: 1. From the Main Menu, type B to select Basic Switch Configuration. The Basic Switch Configuration Menu is shown in Figure 4 on page 30. 2. From the Basic Switch Configuration Menu, type S to select Rapid Spanning Tree Configuration. The Rapid Spanning Tree Configuration Menu is shown in Figure 30 on page 115. 3.
AT-S79 Management Software User’s Guide Link Whether the link on the port is up or down. Desig. Root The designated root bridge is the switch that is directly connected to the local switch. The MAC address of the designated root bridge is displayed. In the network topology, the designated bridge is located between the local switch and the root bridge. Desig. Cost The sum of all the root port costs on all bridges, including the switch, between the switch and the root bridge. Desig.
Chapter 9: Rapid Spanning Tree Protocol (RSTP) 128 Section I: Using the Menus Interface
Chapter 10 802.1x Port-based Network Access Control This chapter contains information about and the procedure for configuring 802.1x Port-based Network Access Control. It includes the following sections: Section I: Using the Menus Interface “802.1x Port-based Network Access Control Overview” on page 130 “Configuring 802.
Chapter 10: 802.1x Port-based Network Access Control 802.1x Port-based Network Access Control Overview 802.1x Port-based Network Access Control (IEEE 802.1x) is used to control who can send traffic through and receive traffic from a switch port. With this feature, the switch will not allow an end node to send or receive traffic through a port until the user of the node logs on by entering a username and password.
AT-S79 Management Software User’s Guide Authentication Process Authenticator Ports Below is a brief overview of the authentication process that occurs between a supplicant, authenticator, and authentication server. For further details, refer to the IEEE 802.1x standard. Either the authenticator (that is, a switch port) or the supplicant can initiate an authentication prompt exchange.
Chapter 10: 802.1x Port-based Network Access Control Force-unauthorized - Places the port in the unauthorized state, ignoring all attempts by the client to authenticate. This port control setting blocks all users from accessing the network through the port and is similar to disabling a port and can be used to secure a port from use. The port continues to forward EAPOL packets, but discards all other packets, including multicast and broadcast packets. Force-authorized - Disables IEEE 802.
AT-S79 Management Software User’s Guide As mentioned earlier, the switch itself does not authenticate the user names and passwords from the clients. That is the responsibility of the authentication server, which contains the RADIUS server software. Instead, a switch acts as an intermediary for the authentication server by denying access to the network by the client until the client has provided a valid username and password, which the authentication server validates.
Chapter 10: 802.1x Port-based Network Access Control Allied Telesyn does not support connecting more than one supplicant to an authenticator port on the switch. The switch allows only one supplicant to log on per port. Note Connecting multiple supplicants to a switch port set to the Auto setting does not conform to the IEEE 802.1x standard. This can introduce security risks and can result in undesirable switch behavior.
AT-S79 Management Software User’s Guide Ports used to interconnect switches should be set to the port control setting of Force-authorized. This is illustrated in Figure 35. Switch A Port 22: 802.1x Port Control Setting: Force-authorized Port 6: 802.1x Port Control Setting: Force-authorized RADIUS Authentication Server Port 15: 802.1x Port Control Setting: Force-authorized Switch B Ports 1 to 12: 802.1x Port Control Setting: Auto Supplicants with 802.1x Client Software Figure 35.
Chapter 10: 802.1x Port-based Network Access Control Configuring 802.1x Port-based Network Access Control To configure 802.1x port-based network access control, perform the following procedure: 1. From the Main Menu, type A to select Advanced Switch Configuration. The Advanced Switch Configuration Menu is shown in Figure 14 on page 59. 2. From the Advanced Switch Configuration Menu, type X to select 802.1x Port Based Access Control Configuration.
AT-S79 Management Software User’s Guide 3. Type P to select Port No. The following prompt is displayed: Enter port number> 4. Enter the number of the port on the switch you want to configure. You can configure only one port at a time. The Port Based Access Control Configuration Menu is updated with the current settings of the selected port. 5. Configure the 802.1x settings for the port. A change to a parameter takes affect immediately on the port. The settings are described here: NAS ID.
Chapter 10: 802.1x Port-based Network Access Control Supplicant Timeout. Sets the switch-to-client retransmission time for the EAP-request frame. The default value for this parameter is 30 seconds. The range is 1 to 600 seconds. Server Timeout. Sets the timer used by the switch to determine authentication server timeout conditions. The default value for this parameter is 10 seconds. The range is 1 to 60 seconds. Maximum Request.
AT-S79 Management Software User’s Guide b. Typing Y returns the port to the unauthenticated state and the reauthentication period to zero. The user must enter a valid username and password to continue to use the switch port. Typing N cancels the reauthentication. 8. Type Q to select Quit to previous menu and save the settings.
Chapter 10: 802.
Chapter 11 RADIUS Authentication Protocol This chapter describes how to configure the RADIUS client software on the switch. You can use the RADIUS client with 802.1x port-based network access control to control who can forward packets through the switch.
Chapter 11: RADIUS Authentication Protocol RADIUS Overview RADIUS (Remote Authentication Dial In User Services) is an authentication protocol for enhancing the security of your network. The protocol transfers the task of authenticating network access from a network device to an authentication protocol server. The AT-S79 management software comes with RADIUS client software. You can use the client software together with 802.1x port-based network access control, described in Chapter 10, “802.
AT-S79 Management Software User’s Guide Configuring the RADIUS Client To configure the RADIUS client, perform the following procedure: 1. From the Main Menu, type B to select Basic Switch Configuration. The Basic Switch Configuration Menu is shown in Figure 4 on page 30. 2. From the Basic Switch Configuration Menu, type U to select User Interface Configuration. The User Interface Configuration Menu is shown in Figure 7 on page 36. 3. Type R to select RADIUS Server Configuration.
Chapter 11: RADIUS Authentication Protocol 7. Enter the encryption key of the RADIUS server. 8. Type R to select Set Response Time. The following prompt is displayed: Enter response time> 9. Enter the amount of time in seconds the switch should wait for a response from the RADIUS server. The range is 1 to 120 seconds. The default is 10 seconds. 10. Type M to select Max Retransmission. The following prompt is displayed: Enter maximum retransmissions> 11.
AT-S79 Management Software User’s Guide Displaying the RADIUS Client Settings To display the RADIUS client status and settings, perform the following procedure: 1. From the Main Menu, type B to select Basic Switch Configuration. The Basic Switch Configuration Menu is shown in Figure 4 on page 30. 2. From the Basic Switch Configuration Menu, type U to select User Interface Configuration. The User Interface Configuration Menu is shown in Figure 7 on page 36. 3. Type R to select RADIUS Server Configuration.
Chapter 11: RADIUS Authentication Protocol 146 Section I: Using the Menus Interface
Chapter 12 Broadcast Storm Control This chapter describes how to configure the broadcast storm control feature on the switch and includes the following sections: Section I: Using the Menus Interface “Broadcast Storm Control Overview” on page 148 “Configuring Broadcast Storm Control” on page 149 147
Chapter 12: Broadcast Storm Control Broadcast Storm Control Overview The broadcast storm control feature limits the number of broadcast frames forwarded by the switch. The feature can help improve network performance in situations where broadcast frames are consuming a significant portion of network bandwidth, to a degree where the remaining bandwidth is insufficient for efficiently carrying the unicast and multicast frames. This feature can also protect your network from broadcast storms.
AT-S79 Management Software User’s Guide Configuring Broadcast Storm Control To configure the broadcast storm control feature, perform the following procedure: 1. From the Main Menu, type B to select Basic Switch Configuration. The Basic Switch Configuration Menu is shown in Figure 4 on page 30. 2. From the Basic Switch Configuration Menu, type C to select Storm Control Configuration. The Storm Control Configuration Menu is shown in Figure 38.
Chapter 12: Broadcast Storm Control L for Low (100 broadcast packets per second) 7. Type Q to quit to the previous menu and save your changes.
Chapter 13 Management Software Updates The procedure in this chapter explains how to download a new version of the AT-S79 management software onto the switch. The procedure is: “Downloading a New Management Software Image Using TFTP” on page 152 Note For information on how to obtain new releases of the AT-S79 management software, refer to “Management Software Updates” on page 14.
Chapter 13: Management Software Updates Downloading a New Management Software Image Using TFTP Before downloading a new version of the AT-S79 management software onto the switch, note the following: Both models of the AT-GS950 series use the same AT-S79 management software image. The current configuration of a switch is retained when a new AT-S79 software image is installed.
AT-S79 Management Software User’s Guide The Software Upgrade Menu is shown in Figure 39. AT-GS950/16 Local Management System Switch Tools Configuration -> Software Upgrade Menu [T]FTP Software Upgrade [Q]uit to previous menu Command> Figure 39. Software Upgrade Menu (1 of 2) 3. Type T to select TFTP Upgrade. The Software Upgrade Menu (2 of 2) is shown in Figure 40. AT-GS950/16 Local Management System Main Menu -> Software Upgrade Menu Image Version/Date: 0.0.
Chapter 13: Management Software Updates 4. Type S to select Set TFTP Server IP Address. The following prompt is displayed: Enter IP address of TFTP server: 5. Type the IP address of the TFTP server and press Enter. 6. Type F to select Set Image File Name. The following prompt is displayed: Enter file name> 7. Enter the file name of the AT-S79 image file on the TFTP server and press Enter. 8. Type R to select Set Retry Count. The following prompt is displayed: Enter retry count> 9.
Section II Using the Web Browser Interface The chapters in this section provide information and procedures for using the web browser interface in the AT-S79 management software.
Section II: Using the Web Browser Interface
Chapter 14 Starting a Web Browser Management Session This chapter contains the procedures for starting, using, and quitting a web browser management session on the AT-GS950/16 and AT-GS950/24 Smart Switches.
Chapter 14: Starting a Web Browser Management Session Establishing a Remote Connection to Use the Web Browser Interface In order for you to manage an AT-GS950/16 or AT-GS950/24 Smart Switch using the web browser interface, the switch must have an IP address and subnet mask. To manually assign an IP address, refer to “Configuring the IP Address, Subnet Mask, and Gateway Address” on page 30.
AT-S79 Management Software User’s Guide The AT-S79 management software displays the login dialog box, shown in Figure 42. Figure 42. AT-S79 Login Dialog Box 3. Enter the AT-S79 management login user name and password. The default user name and password are both “manager”. The login name and password are case-sensitive. To change the user name and password, refer to “Configuring System Administration Information” on page 167. The AT-S79 management software displays the home page.
Chapter 14: Starting a Web Browser Management Session The main menu is on the top of the home page. It consists of the following selections: General Info. Basic Config. Advanced Config. Tools Statistics A web browser management session remains active even if you link to other sites. You can return to the management web pages anytime as long as you do not quit the browser.
AT-S79 Management Software User’s Guide Web Browser Tools You can use the web browser tools to move around the management pages. Selecting Back on your browser’s toolbar returns you to the previous display. You can also use the browser’s bookmark feature to save the link to the switch.
Chapter 14: Starting a Web Browser Management Session Quitting a Web Browser Management Session To exit a web browser management session, close the web browser.
Chapter 15 Basic Switch Parameters This chapter contains the following sections: “Configuring an IP Address, Subnet Mask and Gateway Address” on page 164 “Enabling and Disabling the DHCP Client” on page 166 “Configuring System Administration Information” on page 167 “Setting the User Interface Configuration” on page 169 “Viewing System Information” on page 172 “Rebooting a Switch” on page 175 “Pinging a Remote System” on page 176 “Returning the AT-S79 Management Software to
Chapter 15: Basic Switch Parameters Configuring an IP Address, Subnet Mask and Gateway Address This procedure explains how to change the IP address, subnet mask, and gateway address to the switch. Before performing the procedure, note the following: An IP address and subnet mask are not required for normal network operations of the switch. Values for these parameters are only required if you want to remotely manage the device with a web browser.
AT-S79 Management Software User’s Guide System IP Address Enter the IP address for the switch. System Subnet Mask Enter the subnet mask for the switch. System Default Gateway Enter the default gateway’s IP address. DHCP Mode For information about setting this parameter, refer to “Enabling and Disabling the DHCP Client” on page 166. 3. Click Apply. Note Changing the IP address ends your management session.
Chapter 15: Basic Switch Parameters Enabling and Disabling the DHCP Client This procedure explains how to activate and deactivate the DHCP client on the switch. When the client is activated, the switch obtains its IP configuration, such as its IP address and subnet mask, from a DHCP server on your network. Before performing the procedure, note the following: An IP address and subnet mask are not required for normal network operations of the switch.
AT-S79 Management Software User’s Guide Configuring System Administration Information This section explains how to assign a name to the switch, as well as the location of the switch and the name of the switch’s administrator. Entering this information is optional. To set a switch’s administration information, perform the following procedure: 1. From the Basic Config menu, select Admin. Config. The Administration Configuration page is shown in Figure 45. Figure 45. Administration Configuration Page 2.
Chapter 15: Basic Switch Parameters System Contact Specifies the name of the network administrator responsible for managing the switch. This contact name is optional and may contain up to 50 characters. 3. Click Apply.
AT-S79 Management Software User’s Guide Setting the User Interface Configuration This procedure explains how to adjust the user interface and security features on the switch. With this procedure you can: Change the console timer, used to automatically end inactive local management sessions. Change the AT-S79 management login user name and password. Enable and disable the web server, used to manage the switch from a remote management station with a web browser.
Chapter 15: Basic Switch Parameters 2. To configure the console idle time out parameter, do the following: a. Click the Console UI Time Out field and enter a new value. The range is 0 to 60 minutes. The default is 5 minutes. A timeout value to 0 causes the console connection to never times out. The console idle time out parameter specifies the length of time a local management session can be inactive before the management software automatically ends it.
AT-S79 Management Software User’s Guide c. Click the New Password field and enter a new login password or, if you do not want to change the password, enter the current password. The password can be from 0 to 12 characters. Allied Telesyn recommends not using special characters, such as spaces and exclamation points. The password is case sensitive. Leaving this field empty deletes the current password without assigning a new one. d.
Chapter 15: Basic Switch Parameters Viewing System Information To view general information about the switch, perform the following procedure: 1. From General Info. menu, select Switch Information. The Switch Information page is shown in Figure 47. Figure 47. Switch Information Page The Switch Information page displays the following information: System Up Time The number of days, hours, and minutes that the switch has been running since it was last rebooted.
AT-S79 Management Software User’s Guide Hardware Information Section: Reversion The hardware version number. DRAM Size The size of the DRAM, in megabytes. Flash Size The size of the flash memory, in megabytes. Fixed Baud Rate The baud rate of the console port. Administration Information Section: Switch Name The name assigned to the switch. To give the switch a name, refer to “Configuring System Administration Information” on page 167. Switch Location The location of the switch.
Chapter 15: Basic Switch Parameters DHCP Mode The status of the DHCP client on the switch. For information about setting this parameter, refer to “Enabling and Disabling the DHCP Client” on page 166.
AT-S79 Management Software User’s Guide Rebooting a Switch This procedure reboots the switch and reloads the AT-S79 management software from flash memory. You might reboot the device if you believe it is experiencing a problem. Rebooting the device does not change any of the device’s parameter settings. Caution The switch does not forward network traffic during the reboot process. Some network traffic may be lost. To reboot a switch, perform the following procedure: 1.
Chapter 15: Basic Switch Parameters Pinging a Remote System This procedure instructs the switch to ping a node on your network. This procedure is useful in determining whether an active link exists between the switch and another network device. Note the following before performing the procedure: The switch where you are initiating the ping must have an IP address. The device you are pinging must be a member of the Default VLAN.
AT-S79 Management Software User’s Guide 4. To view the ping results, click Show Ping Results. A sample Ping Test Results page is shown in Figure 50. Figure 50. Ping Test Results Page 5. Click Back to Ping Test to return to the Ping Test Configuration page.
Chapter 15: Basic Switch Parameters Returning the AT-S79 Management Software to the Factory Default Values This procedure returns all AT-S79 management software parameters to their default values and deletes all tagged and port-based VLANs on the switch. The AT-S79 management software default values are listed in Appendix A, “AT-S79 Software Default Settings” on page 237. Caution This procedure causes the switch to reboot. The switch does not forward network traffic during the reboot process.
Chapter 16 Port Configuration The sections in this chapter explain the two methods to viewing and changing the parameter settings of the individual ports on the switch. The first method shows how to use the Port Configuration page to view and configure multiple ports at one time. The second is typically used to configure just one port at a time. There is also a section for viewing port statistics.
Chapter 16: Port Configuration Viewing and Configuring Ports Using the Port Configuration Page This procedure explains how to configure the ports on the switch using the Port Configuration page. This page allows you to view and configure the parameter settings of all the switch ports at one time. To configure the ports, perform the following procedure: 1. From the Basic Config menu, select Port Config. The Port Configuration page is shown in Figure 51.
AT-S79 Management Software User’s Guide Type The port type. The port type is 1000TX for 10/100/1000Base-T twisted pair ports and 1000BaseF for an optional SFP fiber port. Link Status The status of the link between the port and the end node connected to the port. The possible values are: Up - A valid link exists between the port and the end node. Down - The port and the end node have not established a valid link. Admin. Status The operating status of the port.
Chapter 16: Port Configuration prevent a duplex mode mismatch. A switch port using AutoNegotiation defaults to half-duplex if it detects that the end node is not using Auto-Negotiation. This can result in a mismatch if the end node is operating at a fixed duplex mode of full-duplex. To avoid this problem when connecting an end node with a fixed duplex mode of full-duplex to a switch port, disable Auto-Negotiation on the port and set the port’s speed and duplex mode manually.
AT-S79 Management Software User’s Guide Viewing and Configuring Ports Using the Configuration of Port Page The procedure in this section is used to view or configure the parameter settings of a port on the switch. To view and configure the parameter settings for more than one port at a time, refer to “Viewing and Configuring Ports Using the Port Configuration Page” on page 180. To view or configure the parameter settings of a port, perform the following procedure: 1.
Chapter 16: Port Configuration Port Type The port type. The port type is 1000TX for 10/100/1000Base-T twisted pair ports and 1000BaseF for an optional SFP fiber optic port. Trunk ID The trunk group number. A number in this column indicates that the port is a member of a port trunk. For information about configuring a trunk, refer to Chapter 17, “Port Trunking” on page 189. Operational Status The status of the link between the port and the end node connected to the port.
AT-S79 Management Software User’s Guide When selecting a setting, note the following: When a twisted pair port is set to Auto-Negotiation, the default setting, the end node should also be using Auto-Negotiation to prevent a duplex mode mismatch. A switch port using AutoNegotiation defaults to half-duplex if it detects that the end node is not using Auto-Negotiation. This can result in a mismatch if the end node is operating at a fixed duplex mode of full-duplex.
Chapter 16: Port Configuration Displaying Port Statistics To display port statistics, perform the following procedure: 1. Select Statistics. The Statistics page opens as shown in Figure 53. Figure 53. Statistics Page 2. To view statistics for a port, select a port from the Select Port pulldown menu and click Apply. The statistics are displayed in a table that contains the following items of information: Total RX Bytes Number of bytes received on the port.
AT-S79 Management Software User’s Guide Good Broadcast Number of valid broadcast packets received on the port. Good Multicast Number of valid multicast packets received on the port. CRC/Align Errors Number of packets with a cyclic redundancy check (CRC) error but with the proper length (64-1518 bytes) received on the port. Undersize Packets Number of packets that were less than the minimum length specified by IEEE 902.3 (64 bytes including the CRC) received on the port.
Chapter 16: Port Configuration 188 Section II: Using the Web Browser Interface
Chapter 17 Port Trunking This chapter contains the following procedures for working with port trunking: “Creating a Port Trunk” on page 190 “Modifying a Port Trunk” on page 192 “Enabling and Disabling a Port Trunk” on page 193 Note For background information, refer to “Port Trunking Overview” on page 58.
Chapter 17: Port Trunking Creating a Port Trunk This procedure explains how to create a port trunk. Note Do not connect the cables of a port trunk to the ports on the switch until after you have configured the ports on both the switch and the end node. Connecting the cables prior to configuring the ports can create loops in your network topology. Loops can result in broadcast storms, which can adversely affect the operation of your network. To create a port trunk, perform the following procedure: 1.
AT-S79 Management Software User’s Guide 2. In any one of the unused Trunk ID rows, click the dialog boxes of the ports that will make up the port trunk. A check in a box indicates the port is a member of the trunk. No check means the port is not a member. A port trunk can contain up to eight ports. 3. Change the status of the trunk from Disable to Enable. 4. Click Apply. The trunk is now operational on the switch. 5. Configure the port trunk on the other switch and connect the cables.
Chapter 17: Port Trunking Modifying a Port Trunk This procedure adds and removes ports from a port trunk. Note You should disconnect the cables from the ports of the trunk on the switch before modifying it. Adding or removing ports from a trunk without first disconnecting the cables can create loops in your network topology, which can cause broadcast storms and poor network performance. To add or remove ports from a trunk, perform the following procedure: 1.
AT-S79 Management Software User’s Guide Enabling and Disabling a Port Trunk This procedure enables and disables a port trunk. Note the following before performing this procedure: Do not enable a port trunk until after you have configured the trunk on both switches. Do not connect the cables to the ports on the switches until after you have configured and enabled the trunk on both switches. Note If you are disabling a port trunk, be sure to first disconnect all cables from the ports of the trunk.
Chapter 17: Port Trunking 194 Section II: Using the Web Browser Interface
Chapter 18 Port Mirroring This chapter contains the procedure for setting up port mirroring. Port mirroring allows you to unobtrusively monitor the ingress and egress traffic on a port by having the traffic copied to another port. This chapter contains the following sections: “Configuring Port Mirroring” on page 196 “Disabling Port Mirroring” on page 197 Note For background information, refer to “Port Mirroring Overview” on page 66.
Chapter 18: Port Mirroring Configuring Port Mirroring To set up port mirroring, perform the following procedure: 1. From the Advanced Config menu, select Port Mirroring. The Port Mirroring page is shown in Figure 55. Figure 55. Port Mirroring Page 2. In the Mirroring Port section, click Port and from the pull-down menu select the port where the network analyzer is connected. 3.
AT-S79 Management Software User’s Guide Disabling Port Mirroring To disable port mirroring, perform the following procedure: 1. From the Advanced Config menu, select Port Mirroring. The Port Mirroring page is shown in Figure 55 on page 196. 2. From the Mirroring Status list, select Disable and click Apply. Port mirroring is immediately disabled on the switch. You can now use the mirroring port for regular network operations.
Chapter 18: Port Mirroring 198 Section II: Using the Web Browser Interface
Chapter 19 Virtual LANs This chapter contains the procedures for creating, modifying, and deleting port-based and tagged Virtual Local Area Networks (VLANs) from a web browser management session.
Chapter 19: Virtual LANs Creating a VLAN This section contains the procedure for creating a new port-based or tagged VLAN. This procedure assigns the VLAN a name, a VID number, and the untagged and tagged member ports. After performing this procedure, the PVID values of the untagged ports of the VLAN must be adjusted to match the virtual LAN’s VID number. In order for a port to be considered an untagged member of a VLAN, its PVID value must be changed to match the VID of the virtual LAN.
AT-S79 Management Software User’s Guide If the VLAN will be unique in you network, then the name should be unique as well. If the VLAN will be part of a larger VLAN that spans multiple switches, then the name for the VLAN should be the same on each switch where nodes of the VLAN are connected. 4. In the Static Tagged row, click the dialog circles of those ports on the switch that are to be tagged or untagged members of the new VLAN.
Chapter 19: Virtual LANs Configuring the PVID of Untagged Ports This procedure adjusts a port’s VID value. The PVID value determines the VLAN in which the port is an untagged member. A port is an untagged member of the VLAN whose VID value matches its PVID. A port can be an untagged member of only one VLAN at a time. The ports of a new VLAN are initially designated as tagged ports. Their PVID values retain their previous settings when they are assigned to a new VLAN.
AT-S79 Management Software User’s Guide 2. Click the PVID field of the port whose value you want to change and enter the new PVID value for the port. The PVID must be equal to the VID of the VLAN where you want the port to be an untagged member. For example, to make Port 10 an untagged member of a VLAN that has a VID of 12, you would change its PVID to 12.
Chapter 19: Virtual LANs Displaying the VLANs To display the VLANs, perform the following procedure: 1. From the Advanced Config menu, select VLAN Config and then VLAN Port Config. The VLAN Information page is shown in Figure 59 on page 205 and provides the following columns of information: VLAN ID The VLAN ID number. Name The VLAN’s name. VLAN Type The VLAN type as either permanent or static. The Default VLAN is permanent and port-based and tagged VLANs are static. 2.
AT-S79 Management Software User’s Guide Modifying a VLAN This procedure allows you to perform the following functions: Change the name of a VLAN. Add or remove tagged ports from a VLAN. Before performing this procedure, note the following: You cannot change the VID of an existing VLAN. You cannot add an untagged port to a VLAN using this procedure.
Chapter 19: Virtual LANs The Modify VLAN page is shown in Figure 60. Figure 60. Modify VLAN Page 3. To change the VLAN’s name, click the VLAN Name field and enter the new name. The name can contain up to 32 characters including spaces but not including special characters such as asterisks (*) or exclamation points (!). 4. To add a new tagged port to the VLAN, click the dialog circle in the Static Tagged row of the port to be added as a tagged port. 5.
AT-S79 Management Software User’s Guide Deleting a VLAN To delete a VLAN, perform the following procedure: 1. From the Advanced Config menu, select VLAN Info. The VLAN Information page is shown in Figure 59 on page 205. 2. In the VLAN Action column, click Delete next to the VLAN you want to delete. A confirmation prompt is displayed. 3. Click OK to delete the VLAN or Cancel to cancel the deletion. Note You cannot delete the Default VLAN which has a VID of 1.
Chapter 19: Virtual LANs 208 Section II: Using the Web Browser Interface
Chapter 20 Quality of Service (QoS) This chapter contains the procedure for configuring Quality of Service (QoS).
Chapter 20: Quality of Service (QoS) Mapping CoS Priorities to Egress Queues This procedure explains how to change the default mappings of CoS priorities to egress priority queues, as shown in Table 2 on page 97. This is set at the switch level. You cannot set this at the per-port level. This procedure also enables and disables QoS. To change the default mappings of CoS priorities to egress priority queues or to enable or disable QoS, perform the following procedure: 1.
AT-S79 Management Software User’s Guide Note The switch does not alter the original priority level in tagged frames. Frames leave the switch with the same priority level they had when they entered the switch.
Chapter 20: Quality of Service (QoS) Configuring CoS As explained in “QoS Overview” on page 96, a packet received on a port is placed it into one of four priority queues on the egress port according to the switch’s mapping of 802.1p priority levels to egress priority queues. The default mappings are shown in Table 2 on page 97. You can override the mappings at the port level by assigning a new default egress queue to a port.
AT-S79 Management Software User’s Guide The columns in the menu display the following information: Port Displays the port number. Trunk Displays the trunk number if the port is a member of a trunk. QoS Priority Displays the number of the queue where untagged packets received on the port are stored on the egress queue. Override Displays whether the priority level in ingress tagged frames is being used or not.
Chapter 20: Quality of Service (QoS) 214 Section II: Using the Web Browser Interface
Chapter 21 Rapid Spanning Tree Protocol (RSTP) This chapter contains the following procedures for working with the Remote Spanning Tree Protocol (RSTP): “Basic RSTP Configuration” on page 216 “Configuring RSTP Port Settings” on page 219 “Viewing the RSTP Topology” on page 222 Note For background information on RSTP, refer to “RSTP Overview” on page 108.
Chapter 21: Rapid Spanning Tree Protocol (RSTP) Basic RSTP Configuration To configure the RSTP settings, perform the following procedure: 1. From the Basic Config menu, select Rapid Spanning Tree and then RSTP Config. The Rapid Spanning Tree Configuration page is shown in Figure 63. Figure 63.
AT-S80 Management Software User’s Guide switch’s root port and the root bridge including the switch’s root port cost. Time Since Topology Change The time in seconds since the last topology change took place. When RSTP detects a change to the LAN’s topology or when the switch is rebooted, this parameter is reset to 0 seconds and begins incrementing until the next topology change is detected.
Chapter 21: Rapid Spanning Tree Protocol (RSTP) Bridge Forward Delay This is the time interval between generating and sending configuration messages by the bridge.
AT-S80 Management Software User’s Guide Configuring RSTP Port Settings This section contains the following topics: Configuring the Basic RSTP Port Settings “Configuring the Basic RSTP Port Settings,” next “Configuring the Advanced RSTP Port Settings” on page 220 To configure the basic RSTP port settings, perform the following procedure: 1. From the Basic Config menu, select Rapid Spanning Tree and then RSTP Basic Port Config. The RSTP Basic Port Configuration page is shown in Figure 64.
Chapter 21: Rapid Spanning Tree Protocol (RSTP) Path cost is described in “Path Costs and Port Costs” on page 109. 5. Click Apply. 6. To configure all of the ports to the same settings, in the All row, configure one, two, or all of the following settings: STP Status, Priority, and Path Cost. Click Apply. Configuring the Advanced RSTP Port Settings To configure the advanced RSTP port settings, perform the following procedure: 1. From the Basic Config menu, select Rapid Spanning Tree and then RSTP Adv.
AT-S80 Management Software User’s Guide 3. In the Admin/OperPtoP column for the port you want to configure, choose a setting based on the information in Table 7. Table 7. RSTP Point-to-Point Status Admin Auto Operation Port Duplex Operation True Full False Half True True Full or Half False False Full or Half 4. In the Migration column for the port you want to configure, click Restart to reset the port. 5. Click Apply. 6.
Chapter 21: Rapid Spanning Tree Protocol (RSTP) Viewing the RSTP Topology To view the current RSTP topology, perform the following procedure: 1. From the Basic Config menu, select Rapid Spanning Tree and then RSTP Topology. The Designated Topology Information page is shown in Figure 66. Figure 66. Designated Topology Information Page This page displays the following information about the ports: Trunk The trunk of which the port is a member. Link Status Whether the link on the port is up or down.
AT-S80 Management Software User’s Guide Designated Port The root bridge to which the root port of the switch is actively connected.
Chapter 21: Rapid Spanning Tree Protocol (RSTP) 224 Section II: Web Browser Interface
Chapter 22 802.1x Port-based Network Access Control This chapter contains the procedure for configuring 802.1x port-based network access control: “Configuring 802.1x Port-based Network Access Control” on page 226 Note For background information, refer to “802.1x Port-based Network Access Control Overview” on page 130.
Chapter 22: 802.1x Port-based Network Access Control Configuring 802.1x Port-based Network Access Control To configure 802.1x port-based network access control, perform the following procedure: 1. From the Advanced Config menu, select 802.1x. The 802.1x Configuration page is shown in Figure 67. Figure 67. 802.1x Configuration Page Note The Initialize and Re-auth Initialize parameters are described in Steps 5 and 6, respectively. 2. To select a port, do the following: a.
AT-S79 Management Software User’s Guide 3. Configure the following parameters as needed. The parameters are defined here: NAS ID. This parameter assigns an 802.1x identifier to the switch that applies to all ports. The NAS ID can be up to sixteen characters. Valid characters are 0 to 9, a to z, and A to Z. Spaces are allowed. Specifying an NAS ID is optional. Port Status. Displays the current 802.1 status of the port as either authorized or unauthorized. This is not an adjustable parameter. Port Control.
Chapter 22: 802.1x Port-based Network Access Control timeout conditions. The default value for this parameter is 10 seconds. The range is 1 to 60 seconds. Maximum Request. Sets the maximum number of times that the switch retransmits an EAP Request packet to the client before it times out the authentication session. The default value for this parameter is 2 retransmissions. The range is 1 to 10 retransmissions. Re-auth Period. Specifies the time period between periodic reauthentication of the client.
Chapter 23 RADIUS Authentication Protocol This chapter explains how to configure the RADIUS client on the switch. You can use the RADIUS client with 802.1x port-based network access control to control who can forward packets through the switch. The chapter contains the following section: “Configuring the RADIUS Client” on page 230 Note For background information, refer to “802.1x Port-based Network Access Control Overview” on page 130 and “RADIUS Overview” on page 142.
Chapter 23: RADIUS Authentication Protocol Configuring the RADIUS Client To configure the RADIUS client, perform the following procedure: 1. From the Basic Config menu, select RADIUS Config. The RADIUS Server Configuration Menu is shown in Figure 68. Figure 68. RADIUS Configuration Menu 2. To enter the RADIUS server’s IP address, enter the address in the Server IP Address field. 3. To specify the server’s encryption key, click the Shared Secret field and enter the encryption key. 4.
Chapter 24 Broadcast Storm Control This chapter contains the procedure for configuring the broadcast storm control feature on the switch. The procedure is: “Configuring Broadcast Storm Control” on page 232 Note For background information, refer to “Broadcast Storm Control Overview” on page 148.
Chapter 24: Broadcast Storm Control Configuring Broadcast Storm Control To configure the broadcast storm control feature, perform the following procedure: 1. From the Basic menu, select Storm Control. The Broadcast Storm Control page is shown in Figure 69. Figure 69. Broadcast Storm Control Page 2. From the Storm Control Status list, select Enable to activate the feature or Disable to deactivate it. The default setting is disabled. 3.
Chapter 25 Management Software Updates The procedure in this chapter explains how to download a new version of the AT-S79 management software update onto the switch. The procedure is: “Downloading a New Management Software Image Using TFTP” on page 234 Note For information on how to obtain new releases of the AT-S79 management software, refer to “Management Software Updates” on page 14.
Chapter 25: Management Software Updates Downloading a New Management Software Image Using TFTP Before downloading a new version of the AT-S79 management software onto the switch, note the following: Both models of the AT-GS950 Series use the same AT-S79 software image. The current configuration of a switch is retained when a new AT-S79 software image is installed.
AT-S79 Management Software User’s Guide The Image Upgrade page is shown in Figure 70. Figure 70. IP Configuration Page The Image/Version Date shows the current version and date of software installed on the switch. 2. Change the following parameters as necessary: Download Server IP The IP address of the TFTP server from which you are downloading the new software. Download File Name The name of the AT-S79 file you are downloading. 3. Click Apply. The software immediately begins to download onto the switch.
Chapter 25: Management Software Updates 236 Section II: Using the Web Browser Interface
Appendix A AT-S79 Software Default Settings Table 8 lists the factory default settings for the management software. Table 8. AT-S79 Default Settings Parameter Default Setting IP Configuration IP Address 0.0.0.0 Subnet Mask 0.0.0.0 Default Gateway Address 0.0.0.
Appendix A: AT-S79 Software Default Settings Table 8. AT-S79 Default Settings (Continued) Parameter Default Setting Flow Control (Full-duplex Mode) Enabled Back pressure (Half-duplex Mode) Enabled (not adjustable) Port Mirroring Status Disabled VLAN Name Default VLAN VID 1 Ports All Ports (Untagged) Quality of Service Status Disabled Mappings of IEEE 802.1p Priority See Table 2 on page 97.
AT-S79 Management Software User’s Guide Table 8. AT-S79 Default Settings (Continued) Parameter Default Setting Response Time 10 seconds Maximum Retransmissions 3 Broadcast Storm Control Status Disabled Threshold Low Upgrade Configuration TFTP Server IP Address 0.0.0.
Appendix A: AT-S79 Software Default Settings 240
Index Numerics H 802.
Index guidelines 58 modifying 62, 192 port VLAN identifier (PVID) configuring 87, 202 described 75 port-based VLAN described 74 drawbacks 76 examples 77, 78 guidelines 75 PVID.
