Smc-networks SMC EZ 10/100/1000 SMCGS8P-Smart Uživatelský manuál

TigerSwitch 10/100/1000Gigabit Ethernet Switch◆ 12 auto-MDI/MDI-X 10/100/1000BASE-T ports◆ 4 ports shared with 4 SFP transceiver slots◆ Non-blocking s

CONTENTSxdisable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-15configure . . . . . . . . . . . . . . . . . . . . . . .

CONFIGURING THE SWITCH2-68• Admin Edge Port — You can enable this option if an interface is attached to a LAN segment that is at the end of a bridged

SPANNING TREE PROTOCOL CONFIGURATION2-69Web – Click Spanning Tree, STP Port Configuration or STP Trunk Configuration. Modify the required attributes,

CONFIGURING THE SWITCH2-70VLAN ConfigurationIn conventional networks with routers, broadcast traffic is split up into separate domains. Switches do no

VLAN CONFIGURATION2-71• End stations can belong to multiple VLANs• Passing traffic between VLAN-aware and VLAN-unaware devices • Priority tagging Assi

CONFIGURING THE SWITCH2-72Port Overlapping – Port overlapping can be used to allow access to commonly shared network resources among different VLAN gr

VLAN CONFIGURATION2-73hosts, and core switches in the network, enable GVRP on the links between these devices. You should also determine security boun

CONFIGURING THE SWITCH2-74Displaying Basic VLAN InformationCommand Attributes• VLAN Version Number – The VLAN version used by this switch as specified

VLAN CONFIGURATION2-75Displaying Current VLANsThe VLAN Current Table shows the current port members of each VLAN and whether or not the port supports

CONFIGURING THE SWITCH2-76Web – Click VLAN, VLAN Current Table. Select any ID from the scroll-down list.Command Attributes for CLI Interface• VLAN – I

VLAN CONFIGURATION2-77• Status – Shows if this VLAN is enabled or disabled. - Active: VLAN is operational.- Suspend: VLAN is suspended; i.e., does not

CONTENTSxishow users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-53show version . . . . . . . . . . . . . . . . . . . . . . .

CONFIGURING THE SWITCH2-78• Status – Shows if this VLAN is enabled or disabled (Web). - Enable: VLAN is operational.- Disable: VLAN is suspended; i.e.

VLAN CONFIGURATION2-79Adding Interfaces Based on Membership TypeUse the VLAN Static Table to modify the settings for an existing VLAN. You can add or

CONFIGURING THE SWITCH2-80• Membership Type – Select VLAN membership for each interface by marking the appropriate radio button for a port or trunk: -

VLAN CONFIGURATION2-81Web – Click VLAN, VLAN Static Table. Select a VLAN ID from the scroll-down list. Modify the VLAN name and status if required. Se

CONFIGURING THE SWITCH2-82Adding Interfaces Based on Static MembershipUse the VLAN Static Membership by Port menu to assign VLAN groups to the selecte

VLAN CONFIGURATION2-83CLI – This example adds Port 3 to VLAN 1 as a tagged port, and removes Port 3 from VLAN 2.Configuring VLAN Behavior for Interfac

CONFIGURING THE SWITCH2-84• Acceptable Frame Type – Sets the interface to accept all frame types, including tagged or untagged frames, or only tagged

VLAN CONFIGURATION2-85• GARP Leave Timer* – The interval a port waits before leaving a VLAN group. This time should be set to more than twice the join

CONFIGURING THE SWITCH2-86Web – Click VLAN, VLAN Port Configuration or VLAN Trunk Configuration. Fill in the required settings for each interface, cli

CLASS OF SERVICE CONFIGURATION2-87Class of Service ConfigurationClass of Service (CoS) allows you to specify which data packets have greater precedenc

CONTENTSxiiparity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-88speed . . . . . . . . . . . . . . . . . . . . . . . .

CONFIGURING THE SWITCH2-88Command Attributes• Default Priority – The priority that is assigned to untagged frames received on the specified port. (Ran

CLASS OF SERVICE CONFIGURATION2-89Mapping CoS Values to Egress QueuesThis switch processes Class of Service (CoS) priority tagged traffic by using fou

CONFIGURING THE SWITCH2-90• Priority – CoS value. (Range: 0 to 7, where 7 is the highest priority)• Traffic Class – Output queue buffer. (Range: 0 - 3

CLASS OF SERVICE CONFIGURATION2-91Web – Click Priority, Traffic Classes. Assign priorities to the output queues, then click Apply.CLI – The following

CONFIGURING THE SWITCH2-92Setting the Service Weight for Traffic ClassesThis switch uses the Weighted Round Robin (WRR) algorithm to determine the fre

CLASS OF SERVICE CONFIGURATION2-93CLI – The following example shows how to assign WRR weights of 1, 4, 16 and 64 to the CoS priority queues 0, 1, 2 an

CONFIGURING THE SWITCH2-94Selecting IP Precedence/DSCP PriorityThe switch allows you to choose between using IP Precedence or DSCP priority. Select o

CLASS OF SERVICE CONFIGURATION2-95network control, and the other bits for various application types. ToS bits are defined in the following table.Comma

CONFIGURING THE SWITCH2-96Web – Click Priority, IP Precedence Priority. Select an IP Precedence value from the IP Precedence Priority Table by clickin

CLASS OF SERVICE CONFIGURATION2-97CLI – The following example globally enables IP Precedence service on the switch, maps IP Precedence value 1 to CoS

CONTENTSxiiispanning-tree protocol-migration . . . . . . . . . . . . . . . 3-126spanning-tree link-type . . . . . . . . . . . . . . . . . . . . . .

CONFIGURING THE SWITCH2-98that all the DSCP values that are not specified are mapped to CoS value 0.Command Attributes• DSCP Priority Table – Shows th

CLASS OF SERVICE CONFIGURATION2-99Web – Click Priority, IP DSCP Priority. Select a DSCP priority value from the DSCP Priority Table by clicking on it

CONFIGURING THE SWITCH2-100CLI – The following example globally enables DSCP Priority service on the switch, maps DSCP value 1 to CoS value 0 on port

PORT TRUNK CONFIGURATION2-101another device are also configured as LACP, the switch and the other device will negotiate a trunk link between them. If

CONFIGURING THE SWITCH2-102• All the ports in a trunk have to be treated as a whole when moved from/to, added or deleted from a VLAN.• STP, VLAN, and

PORT TRUNK CONFIGURATION2-103Web – Click Trunk, LACP Configuration. Select any of the switch ports from the scroll-down port list and click Add. After

CONFIGURING THE SWITCH2-104CLI – The following example enables LACP for ports 10 and 11. Just connect these ports to two LACP-enabled trunk ports on a

PORT TRUNK CONFIGURATION2-105Web – Click Trunk, Trunk Configuration. Enter a trunk ID of 1-6 in the Trunk field, select any of the switch ports from t

CONFIGURING THE SWITCH2-106CLI – This example creates trunk 1 with ports 11 and 12. Just connect these ports to two static trunk ports on another swit

CONFIGURING SNMP2-107submit a valid community string for authentication. The options for configuring community strings and related trap functions are

CONTENTSxivqueue cos-map . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-163show queue bandwidth . . . . . . . . . . . . . . . . . . . .

CONFIGURING THE SWITCH2-108Web – Click SNMP, SNMP Configuration. Enter a new string in the Community String box and select the access rights from the

CONFIGURING SNMP2-109Specifying Trap Managers You can specify up to five management stations that will receive authentication failure messages and oth

CONFIGURING THE SWITCH2-110Web – Click SNMP, SNMP Configuration. Fill in the Trap Manager IP Address box and the Trap Manager Community String box, ma

CONFIGURING SNMP2-111IP address 192.168.1.1 and mask 255.255.255.255 — Specifies a valid IP address of 192.168.1.1 only.Note: IP filtering does not af

CONFIGURING THE SWITCH2-112Web – Click SNMP, SNMP IP Filtering. To add an IP address, type the new IP address in the IP Address box, type the appropri

MULTICAST CONFIGURATION2-113Multicast ConfigurationMulticasting is used to support real-time applications such as video conferencing or streaming audi

CONFIGURING THE SWITCH2-114Command Usage• IGMP Snooping – This switch can passively snoop on IGMP Query and Report packets transferred between IP mult

MULTICAST CONFIGURATION2-115• IGMP Query Count — Sets the maximum number of queries issued for which there has been no response before the switch take

CONFIGURING THE SWITCH2-116Web – Click IGMP, IGMP Configuration. Adjust the IGMP settings as required, and then click Apply. (The default settings are

MULTICAST CONFIGURATION2-117Interfaces Attached to a Multicast RouterMulticast routers use the information obtained from IGMP Query, along with a mult

1-1CHAPTER 1SWITCH MANAGEMENTConnecting to the SwitchConfiguration OptionsThe TigerSwitch 10/100/1000 includes a built-in network management agent. Th

CONFIGURING THE SWITCH2-118CLI – This example shows that Port 11 has been statically configured as a port attached to a multicast router.Specifying In

MULTICAST CONFIGURATION2-119Web – Click IGMP, Static Multicast Router Port Configuration. Specify the interfaces attached to a multicast router, indic

CONFIGURING THE SWITCH2-120• Multicast Group Port List – Ports propagating a multicast service; i.e., ports that belong to the indicated VLAN group.We

MULTICAST CONFIGURATION2-121Adding Multicast Addresses to VLANsMulticast filtering can be dynamically configured using IGMP Snooping and IGMP Query me

CONFIGURING THE SWITCH2-122Web – Click IGMP, IGMP Member Port Table. Specify the interface attached to a multicast service (via an IGMP-enabled switch

SHOWING DEVICE STATISTICS2-123each port. This information can be used to identify potential problems with the switch (such as a faulty port or unusual

CONFIGURING THE SWITCH2-124Received Errors The number of inbound packets that contained errors preventing them from being deliverable to a higher-laye

SHOWING DEVICE STATISTICS2-125FCS Errors A count of frames received on a particular interface that are an integral number of octets in length but do n

CONFIGURING THE SWITCH2-126RMON StatisticsDrop Events The total number of events in which packets were dropped due to lack of resources.Jabbers The to

SHOWING DEVICE STATISTICS2-12764 Bytes Frames The total number of frames (including bad packets) received and transmitted that were 64 octets in lengt

SWITCH MANAGEMENT1-2The switch’s CLI configuration program, Web interface, and SNMP agent allow you to perform the following management functions:• Se

CONFIGURING THE SWITCH2-128Web – Click Statistics, Port Statistics. Select the required interface, and then click Query. You can also use the Refresh

801.1X PORT AUTHENTICATION2-129CLI – This example shows statistics for port 13.801.1X Port AuthenticationNetwork switches can provide open and easy ac

CONFIGURING THE SWITCH2-130The IEEE 802.1x (dot1x) standard defines a port-based access control procedure that prevents unauthorized access to a netwo

801.1X PORT AUTHENTICATION2-131and the password, as well as selecting MD5 as the authentication method.• An accessible and functioning RADIUS server.8

CONFIGURING THE SWITCH2-132plugged into a switch port. (Default: Disabled)• Max Req — Sets the maximum number of times the switch port will retransmit

801.1X PORT AUTHENTICATION2-133• Trunk — Indicates if the port is configured as a trunk port.To save any changes you make in this page, click Apply Ch

CONFIGURING THE SWITCH2-134802.1x StatisticsThe 802.1x protocol includes statistics for 802.1x protocol exchanges for any port.Statistical Values Para

801.1X PORT AUTHENTICATION2-135b_mgmt.book Page 135 Tuesday, July 8, 2003 5:24 PM

CONFIGURING THE SWITCH2-136b_mgmt.book Page 136 Tuesday, July 8, 2003 5:24 PM

3-1CHAPTER 3COMMAND LINE INTERFACEThis chapter describes how to use the Command Line Interface (CLI).Using the Command Line InterfaceAccessing the CLI

CONNECTING TO THE SWITCH1-3Required ConnectionsThe switch provides an RS-232 serial port that enables a connection to a PC or terminal for monitoring

COMMAND LINE INTERFACE3-23. When finished, exit the session with the “quit” or “exit” command.After connecting to the system through the console port,

USING THE COMMAND LINE INTERFACE3-3After you configure the switch with an IP address, you can open a Telnet session by performing these steps.1. From

COMMAND LINE INTERFACE3-4Entering CommandsThis section describes how to enter CLI commands.Keywords and ArgumentsA CLI command is a series of keywords

ENTERING COMMANDS3-5Command CompletionIf you terminate input with a Tab key, the CLI will print the remaining characters of a partial keyword up to th

COMMAND LINE INTERFACE3-6keywords for a specific command. For example, the command “show ?” displays a list of possible show commands:The command “sho

ENTERING COMMANDS3-7not to leave a space between the command and question mark.) For example “s?” shows all the keywords starting with “s.”Negating th

COMMAND LINE INTERFACE3-8the commands available for the current mode. The command classes and associated modes are displayed in the following table:Ex

ENTERING COMMANDS3-9 Configuration CommandsConfiguration commands are privileged level commands used to modify switch settings. These commands modify

COMMAND LINE INTERFACE3-10To enter the Global Configuration mode, enter the command configure in Privileged Exec mode. The system prompt will change t

ENTERING COMMANDS3-11character to display a list of possible matches. You can also use the following editing keystrokes for command-line processing:Ke

SWITCH MANAGEMENT1-4Note: When using HyperTerminal with Microsoft® Windows® 2000, make sure that you have Windows 2000 Service Pack 2 or later install

COMMAND LINE INTERFACE3-12Command GroupsThe system commands can be broken down into the functional groups shown below.Command GroupDescription PageGen

COMMAND GROUPS3-13Note that the access mode shown in the following tables is indicated by these abbreviations: NE (Normal Exec) PE (Privileged Exec) G

COMMAND LINE INTERFACE3-14General CommandsenableUse this command to activate Privileged Exec mode. In privileged mode, additional commands are availab

GENERAL COMMANDS3-15Command ModeNormal ExecCommand Usage • “super” is the default password required to change the command mode from Normal Exec to Pri

COMMAND LINE INTERFACE3-16Command Mode Privileged ExecCommand Usage The “>” character is appended to the end of the prompt to indicate that the sys

GENERAL COMMANDS3-17show historyUse this command to show the contents of the command history buffer.Default Setting NoneCommand Mode Normal Exec, Priv

COMMAND LINE INTERFACE3-18reloadUse this command to restart the system.Note: When the system is restarted, it will always run the Power-On Self-Test.

GENERAL COMMANDS3-19Example This example shows how to return to the Privileged Exec mode from the Interface Configuration mode:exitUse this command to

COMMAND LINE INTERFACE3-20Command Mode Normal Exec, Privileged ExecCommand Usage The quit and exit commands can both exit the configuration program.Ex

FLASH/FILE COMMANDS3-21copyUse this command to move (upload/download) a code image or configuration file between the switch’s Flash memory and a TFTP

BASIC CONFIGURATION1-5browser (Internet Explorer 5.0 or above, or Netscape Navigator 6.2 or above), or from a network computer using network managemen

COMMAND LINE INTERFACE3-22Command Usage • The system prompts for data required to complete the copy command. • The file names are case sensitive. The

FLASH/FILE COMMANDS3-23The following example shows how to copy the running configuration to a startup file.The following example shows how to download

COMMAND LINE INTERFACE3-24Command Mode Privileged ExecCommand Usage • If the file type is used for system startup, then this file cannot be deleted. •

FLASH/FILE COMMANDS3-25Command Mode Privileged ExecCommand Usage • If you enter the command dir without any parameters, the system displays all files.

COMMAND LINE INTERFACE3-26Command Mode Privileged ExecExampleThis example shows the information displayed by the whichboot command. See the table on t

SYSTEM MANAGEMENT COMMANDS3-27Command Usage • A colon (:) is required after the specified file type. • If the file contains an error, it cannot be set

COMMAND LINE INTERFACE3-28ip http server Allows the switch to be monitored or configured from a browser GC 3-34ip http secure-serverEnables the HTTPS

SYSTEM MANAGEMENT COMMANDS3-29hostnameUse this command to specify or modify the host name for this device. Use the no form to restore the default host

COMMAND LINE INTERFACE3-30usernameUse this command to require user name authentication at login. Use the no form to remove a user name.Syntax username

SYSTEM MANAGEMENT COMMANDS3-31Command Usage The encrypted password is required for compatiblity with legacy password settings (i.e., plain text or enc

b_mgmt.book Page ii Tuesday, July 8, 2003 5:24 PM

SWITCH MANAGEMENT1-6Setting PasswordsNote: If this is your first time to log into the CLI program, you should define new passwords for both default us

COMMAND LINE INTERFACE3-32Default Setting This default password is “super”Command Mode Global ConfigurationCommand Usage The encrypted password is req

SYSTEM MANAGEMENT COMMANDS3-33Command Usage • This switch provides more efficient throughput for large sequential data transfers by supporting jumbo f

COMMAND LINE INTERFACE3-34Command Mode Global ConfigurationExampleRelated Commandsip http server (3-34)ip http serverUse this command to allow this de

SYSTEM MANAGEMENT COMMANDS3-35ip http secure-serverUse this command to enable the secure hypertext transfer protocol (HTTPS) over the Secure Socket La

COMMAND LINE INTERFACE3-36• The following Web browsers and operating systems currently support HTTPS:* To specify a secure-site certificate, see“Repla

SYSTEM MANAGEMENT COMMANDS3-37Command Usage • You cannot configure the HTTP and HTTPS servers to use the same port. • If you change the HTTPS port num

COMMAND LINE INTERFACE3-38Command Usage The timeout specifies the interval the switch will wait for a response from the client during the SSH negotiat

SYSTEM MANAGEMENT COMMANDS3-39• The SSH server uses RSA for key exchange when the client first establishes a connection with the switch, and then nego

COMMAND LINE INTERFACE3-40show sshUse this command to display the current Secure Shell (SSH) server connections.Command Mode Privileged ExecCommand Us

SYSTEM MANAGEMENT COMMANDS3-41Example Related Commandsip ssh (3-37)logging onUse this command to control logging of error messages. This command sends

BASIC CONFIGURATION1-7Setting an IP AddressYou must establish IP address information for the switch to obtain management access through the network. T

COMMAND LINE INTERFACE3-42Example Related Commandslogging history (3-42)logging trap (3-45)clear logging (3-47)logging historyUse this command to limi

SYSTEM MANAGEMENT COMMANDS3-43* There are only Level 2, 5 and 6 error messages for the current firmware release.Default Setting Flash: errors (level 3

COMMAND LINE INTERFACE3-44logging hostUse this command to add a syslog server host IP address that will receive logging messages. Use the no form to r

SYSTEM MANAGEMENT COMMANDS3-45logging facilityUse this command to set the facility type for remote logging of syslog messages. Use the no form to retu

COMMAND LINE INTERFACE3-46Messages sent include the selected level up through level 0.Default Setting Level 3 - 0Command Mode Global ConfigurationExam

SYSTEM MANAGEMENT COMMANDS3-47clear loggingUse this command to clear messages from the log buffer.Syntax clear logging [flash | ram]• flash - Event hi

COMMAND LINE INTERFACE3-48Default Setting NoneCommand Mode Privileged ExecExample show startup-configUse this command to display the configuration fil

SYSTEM MANAGEMENT COMMANDS3-49Command Mode Privileged ExecCommand Usage• Use this command in conjunction with the show running-config command to compa

COMMAND LINE INTERFACE3-50Example Related Commandsshow running-config (3-51)Console#show startup-configbuilding startup-config, please wait...!!snm

SYSTEM MANAGEMENT COMMANDS3-51show running-configUse this command to display the configuration information currently in use.Default Setting NoneComman

SWITCH MANAGEMENT1-8Before you can assign an IP address to the switch, you must obtain the following information from your network administrator:• IP

COMMAND LINE INTERFACE3-52Example Related Commandsshow startup-config (3-48)show systemUse this command to display system information.Default Setting

SYSTEM MANAGEMENT COMMANDS3-53Command Usage• For a description of the items shown by this command, refer to “Displaying System Information” on page 2-

COMMAND LINE INTERFACE3-54Command UsageThe session used to execute this command is indicated by a “*” symbol next to the Line (i.e., session) index nu

AUTHENTICATION COMMANDS3-55Example Authentication CommandsYou can configure the switch to authenticate users logging into the system for management ac

COMMAND LINE INTERFACE3-56authentication loginUse this command to define the login authentication method and precedence. Use the no form to restore th

AUTHENTICATION COMMANDS3-57Command Mode Global ConfigurationCommand Usage • RADIUS uses UDP while TACACS+ uses TCP. UDP only offers best effort delive

COMMAND LINE INTERFACE3-58radius-server hostUse this command to specify the RADIUS server. Use the no form to restore the default.Syntax radius-server

AUTHENTICATION COMMANDS3-59Example radius-server keyUse this command to set the RADIUS encryption key. Use the no form to restore the default.Syntax r

COMMAND LINE INTERFACE3-60radius-server retransmitUse this command to set the number of retries. Use the no form to restore the default.Syntax radius-

AUTHENTICATION COMMANDS3-61Command Mode Global ConfigurationExample show radius-serverUse this command to display the current settings for the RADIUS

BASIC CONFIGURATION1-9broadcasting service requests. Requests will be sent periodically in an effort to obtain IP configuration information. (BOOTP an

COMMAND LINE INTERFACE3-62Default Setting 10.11.12.13Command Mode Global ConfigurationExample tacacs-server portUse this command to specify the TACACS

AUTHENTICATION COMMANDS3-63tacacs-server keyUse this command to set the TACACS+ encryption key. Use the no form to restore the default.Syntax tacacs-s

COMMAND LINE INTERFACE3-64Example SNMP CommandsControls access to this switch from SNMP management stations, as well as the error types sent to trap m

SNMP COMMANDS3-65snmp-server communityUse this command to define the community access string for the Simple Network Management Protocol. Use the no fo

COMMAND LINE INTERFACE3-66snmp-server contactUse this command to set the system contact string. Use the no form to remove the system contact informati

SNMP COMMANDS3-67Default Setting NoneCommand Mode Global ConfigurationExample Related Commandssnmp-server contact (3-66)snmp-server hostUse this comma

COMMAND LINE INTERFACE3-68Default Setting Host Address: NoneSNMP Version: 1Command Mode Global ConfigurationCommand Usage • If you do not enter an snm

SNMP COMMANDS3-69snmp-server enable trapsUse this command to enable this device to send Simple Network Management Protocol traps (SNMP notifications).

COMMAND LINE INTERFACE3-70Example Related Commandssnmp-server host (3-67)snmp ip filterSets the IP addresses of clients that are allowed management ac

SNMP COMMANDS3-71• If the IP is the address of a single management station, the bitmask should be set to 255.255.255.255. Otherwise, the IP address gr

SWITCH MANAGEMENT1-106. Then save your configuration changes by typing “copy running-config startup-config.” Enter the startup file name and press <

COMMAND LINE INTERFACE3-72Command Usage This command provides information on the community access strings, counter information for SNMP input and outp

IP COMMANDS3-73IP CommandsAn IP address may be used for management access to the switch over your network. By default, the switch uses DHCP to assign

COMMAND LINE INTERFACE3-74ip addressUse this command to set the IP address for this device. Use the no form to restore the default IP address.Syntax i

IP COMMANDS3-75• You can start broadcasting BOOTP or DHCP requests by entering an ip dhcp restart command, or by rebooting the switch. Note: Only one

COMMAND LINE INTERFACE3-76• If the BOOTP or DHCP server has been moved to a different domain, the network portion of the address provided to the clien

IP COMMANDS3-77Command Usage A gateway must be defined if the management station is located in a different IP segment.Example The following example de

COMMAND LINE INTERFACE3-78show ip redirectsUse this command to show the default gateway configured for this device.Default Setting NoneCommand Mode Pr

IP COMMANDS3-79Command Mode Normal Exec, Privileged ExecCommand Usage • Use the ping command to see if another site on the network can be reached. • F

COMMAND LINE INTERFACE3-80Line CommandsYou can access the onboard configuration program by attaching a VT100 compatible device to the server’s serial

LINE COMMANDS3-81lineUse this command to identify a specific line for configuration, and to process subsequent line configuration commands.Syntax line

BASIC CONFIGURATION1-11The default strings are:• public - with read-only access. Authorized management stations are only able to retrieve MIB objects.

COMMAND LINE INTERFACE3-82loginUse this command to enable password checking at login. Use the no form to disable password checking and allow connectio

LINE COMMANDS3-83• This command controls login authentication via the switch itself. To configure user names and passwords for remote authentication s

COMMAND LINE INTERFACE3-84Command Usage • When a connection is started on a line with password protection, the system prompts for the password. If you

LINE COMMANDS3-85Default Setting CLI: No timeoutTelnet: 10 minutesCommand Mode Line Configuration Command Usage • If input is detected, the system res

COMMAND LINE INTERFACE3-86Command Mode Line Configuration Command Usage • When the logon attempt threshold is reached, the system interface becomes si

LINE COMMANDS3-87Default Setting The default value is no silent-time.Command Mode Line Configuration Command Usage If the password threshold was not s

COMMAND LINE INTERFACE3-88Command Mode Line Configuration Command Usage The databits command can be used to mask the high bit on input from devices th

LINE COMMANDS3-89Command Usage Communication protocols provided by devices such as terminals and modems often require a specific parity bit setting.Ex

COMMAND LINE INTERFACE3-90Example To specify 57600 bps, enter this command:stopbitsUse this command to set the number of the stop bits transmitted per

INTERFACE COMMANDS3-91Default Setting Shows all linesCommand Mode Normal Exec, Privileged ExecExample To show all lines, enter this command:Interface

SWITCH MANAGEMENT1-12Trap ReceiversYou can also specify SNMP stations that are to receive traps from the switch.To configure a trap receiver, complete

COMMAND LINE INTERFACE3-92interfaceUse this command to configure an interface type and enter interface configuration mode. Use the no form to remove a

INTERFACE COMMANDS3-93Default Setting NoneCommand Mode Global Configuration Example To specify the Ethernet port, enter the following command:descript

COMMAND LINE INTERFACE3-94speed-duplexUse this command to configure the speed and duplex mode of a given interface when autonegotiation is disabled. U

INTERFACE COMMANDS3-95Example The following example configures port 5 to 100 Mbps, half-duplex operation.Related Commands negotiation (3-95)capabiliti

COMMAND LINE INTERFACE3-96Example The following example configures port 11 to use autonegotiation.Related Commandscapabilities (3-96)speed-duplex (3-9

INTERFACE COMMANDS3-97Default Setting • 100BASE-TX: 10half, 10full, 100half, 100full• 1000BASE-T: 10half, 10full, 100half, 100full, 1000full• 1000BASE

COMMAND LINE INTERFACE3-98Command Mode Interface Configuration (Ethernet, Port Channel)Command Usage • Flow control can eliminate frame loss by “block

INTERFACE COMMANDS3-99shutdown Use this command to disable an interface. To restart a disabled interface, use the no form.Syntax shutdownno shutdownDe

COMMAND LINE INTERFACE3-100switchport broadcastUse this command to configure broadcast storm control. Use the no form to disable broadcast storm contr

INTERFACE COMMANDS3-101port securityUse this command to enable and configure port security on a port. Use the no form to disable port security or rese

MANAGING SYSTEM FILES1-132. Enter the name of the start-up file. Press <Enter>.Managing System FilesThe switch’s flash memory supports three typ

COMMAND LINE INTERFACE3-102• A secure port has the following restrictions:- Cannot be connected to a network interconnection device.- Cannot be a memb

INTERFACE COMMANDS3-103Command Mode Privileged ExecCommand Usage Statistics are only initialized for a power reset. This command sets the base value f

COMMAND LINE INTERFACE3-104Command Usage • If no interface is specified, information on all interfaces is displayed.• For a description of the items d

INTERFACE COMMANDS3-105Default Setting Shows the counters for all interfaces.Command Mode Normal Exec, Privileged ExecCommand Usage • If no interface

COMMAND LINE INTERFACE3-106show interfaces switchportUse this command to display the administrative and operational status of the specified interfaces

ADDRESS TABLE COMMANDS3-107• Priority for untagged traffic – Indicates the default priority for untagged frames (page 3-160).• Gvrp status – Shows if

COMMAND LINE INTERFACE3-108mac-address-table staticUse this command to map a static address to a port in a VLAN. Use the no form to remove an address.

ADDRESS TABLE COMMANDS3-109Command Mode Global ConfigurationCommand Usage The static address for a host device can be assigned to a specific port with

COMMAND LINE INTERFACE3-110• interface • ethernet unit/port- unit - This is device 1. - port - Port number. • port-channel channel-id (Range: 1-4) • v

ADDRESS TABLE COMMANDS3-111Exampleclear mac-address-table dynamicUse this command to remove any learned entries from the forwarding database and to cl

SWITCH MANAGEMENT1-14Due to the size limit of the flash memory, the switch supports only two operation code files. However, you can have as many diagn

COMMAND LINE INTERFACE3-112Command Mode Global ConfigurationCommand Usage The aging time is used to age out dynamically learned forwarding information

SPANNING TREE COMMANDS3-113Spanning Tree CommandsThis section includes commands that configure the Spanning Tree Protocol (STP) for the overall switch

COMMAND LINE INTERFACE3-114spanning-treeUse this command to enable the Spanning Tree Protocol globally for this switch. Use the no form to disable it.

SPANNING TREE COMMANDS3-115spanning-tree modeUse this command to select the Spanning Tree mode for this switch. Use the no form to disable it.Syntax s

COMMAND LINE INTERFACE3-116Example The following example configures the switch to use Rapid Spanning Tree:spanning-tree forward-timeUse this command t

SPANNING TREE COMMANDS3-117Example spanning-tree hello-timeUse this command to configure the Spanning Tree bridge hello time globally for this switch.

COMMAND LINE INTERFACE3-118spanning-tree max-ageUse this command to configure the Spanning Tree bridge maximum age globally for this switch. Use the n

SPANNING TREE COMMANDS3-119spanning-tree priorityUse this command to configure the Spanning Tree priority globally for this switch. Use the no form to

COMMAND LINE INTERFACE3-120spanning-tree pathcost methodUse this command to configure the path cost method used for the Rapid Spanning Tree. Use the n

SPANNING TREE COMMANDS3-121spanning-tree transmission-limitUse this command to configure the minimum interval between the transmission of consecutive

SYSTEM DEFAULTS1-15Web ManagementHTTP Server EnabledHTTP Port Number 80SNMP Community Strings “public” (read only) “private” (read/write)Authenticatio

COMMAND LINE INTERFACE3-122spanning-tree costUse this command to configure the Spanning Tree path cost for the specified interface. Use the no form to

SPANNING TREE COMMANDS3-123Example Related Commandsspanning-tree port-priority (3-123)spanning-tree port-priorityUse this command to configure the pri

COMMAND LINE INTERFACE3-124Example Related Commandsspanning-tree cost (3-122)spanning-tree portfastUse this command to set an interface to fast forwar

SPANNING TREE COMMANDS3-125• This command is the same as spanning-tree edge-port, and is only included for backward compatibility with earlier product

COMMAND LINE INTERFACE3-126cause the Spanning Tree to initiate reconfiguration when the interface changes state, and also overcomes other STP-related

SPANNING TREE COMMANDS3-127STP-compatible mode. However, you can also use the spanning-tree protocol-migration command at any time to manually re-chec

COMMAND LINE INTERFACE3-128• RSTP only works on point-to-point links between two bridges. If you designate a port as a shared link, RSTP is forbidden.

SPANNING TREE COMMANDS3-129• For a description of the items displayed under “Spanning-tree information,” see “STP Configuration” on page 2-57. For a

COMMAND LINE INTERFACE3-130VLAN CommandsA VLAN is a group of ports that can be located anywhere in the network, but communicate as though they belong

VLAN COMMANDS3-131vlan databaseUse this command to enter VLAN database mode. All commands in this mode will take effect immediately.Default Setting No

38 TeslaIrvine, CA 92618Phone: (949) 679-8000TigerSwitch 10/100/1000Management GuideFrom SMC’s Tiger line of feature-rich workgroup LAN solutionsJuly

SWITCH MANAGEMENT1-16Port Status Admin Status EnabledAuto-negotiation EnabledFlow Control Disabled10/100/1000 Mbps Port Capability10 Mbps half duplex1

COMMAND LINE INTERFACE3-132Related Commands show vlan (3-140)vlanUse this command to configure a VLAN. Use the no form to restore the default settings

VLAN COMMANDS3-133• VLAN 1 cannot be suspended, but any other VLAN can be suspended.• You can configure up to 255 VLANs on the switch.Example The foll

COMMAND LINE INTERFACE3-134Example The following example shows how to set the interface configuration mode to VLAN 1, and then assign an IP address to

VLAN COMMANDS3-135Example The following shows how to set the configuration mode to port 1, and then set the switchport mode to hybrid:Related Commands

COMMAND LINE INTERFACE3-136Example The following example shows how to restrict the traffic passed on port 1 to tagged frames:Related Commandsswitchpor

VLAN COMMANDS3-137• Ingress filtering does not affect VLAN independent BPDU frames, such as GVRP or STP. However, they do affect VLAN dependent BPDU f

COMMAND LINE INTERFACE3-138• If acceptable frame types is set to all or switchport mode is set to hybrid, the PVID will be inserted into all untagged

VLAN COMMANDS3-139Command Usage • If switchport mode is set to trunk, then you can only assign an interface to VLAN groups as a tagged member.• Frames

COMMAND LINE INTERFACE3-140• vlan-list - Separate nonconsecutive VLAN identifiers with a comma and no spaces; use a hyphen to designate a range of IDs

GVRP AND BRIDGE EXTENSION COMMANDS3-141Default SettingShows all VLANs.Command ModeNormal Exec, Privileged ExecExample The following example shows how

SYSTEM DEFAULTS1-17Class of Service Ingress Port Priority 0Weighted Round Robin Class 0: 16Class 1: 64Class 2: 128Class 3: 240IP Precedence Priority D

COMMAND LINE INTERFACE3-142switchport gvrpUse this command to enable GVRP for a port. Use the no form to disable it.Syntax switchport gvrpno switchpor

GVRP AND BRIDGE EXTENSION COMMANDS3-143show gvrp configurationUse this command to show if GVRP is enabled.Syntax show gvrp configuration [interface]in

COMMAND LINE INTERFACE3-144garp timerUse this command to set the values for the join, leave and leaveall timers. Use the no form to restore the timers

GVRP AND BRIDGE EXTENSION COMMANDS3-145Note: Set GVRP timers on all Layer 2 devices connected in the same network to the same values. Otherwise, GVRP

COMMAND LINE INTERFACE3-146Example Related Commandsgarp timer (3-144)bridge-ext gvrpUse this command to enable GVRP. Use the no form to disable it.Syn

GVRP AND BRIDGE EXTENSION COMMANDS3-147show bridge-extUse this command to show the configuration for bridge extension commands.Default Setting NoneCom

COMMAND LINE INTERFACE3-148IGMP Snooping CommandsThis switch uses IGMP (Internet Group Management Protocol) to query for any attached hosts that want

IGMP SNOOPING COMMANDS3-149ip igmp snoopingUse this command to enable IGMP snooping on this switch. Use the no form to disable it.Syntax ip igmp snoop

COMMAND LINE INTERFACE3-150ip igmp snooping vlan staticUse this command to add a port to a multicast group. Use the no form to remove the port.Syntax

IGMP SNOOPING COMMANDS3-151ip igmp snooping versionUse this command to configure the IGMP snooping version. Use the no form to restore the default.Syn

SWITCH MANAGEMENT1-18b_mgmt.book Page 18 Tuesday, July 8, 2003 5:24 PM

COMMAND LINE INTERFACE3-152show ip igmp snoopingUse this command to show the IGMP snooping configuration.Default Setting NoneCommand Mode Privileged E

IGMP SNOOPING COMMANDS3-153Default Setting NoneCommand Mode Privileged ExecCommand Usage Member types displayed include IGMP or USER, depending on sel

COMMAND LINE INTERFACE3-154Command Usage If enabled, the switch will serve as querier if elected. The querier is responsible for asking hosts if they

IGMP SNOOPING COMMANDS3-155Example The following shows how to configure the query count to 10:ip igmp snooping query-intervalUse this command to confi

COMMAND LINE INTERFACE3-156ip igmp snooping query-max-response-timeUse this command to configure the snooping report delay. Use the no form of this co

IGMP SNOOPING COMMANDS3-157Related Commands ip igmp snooping version (3-151)ip igmp snooping router-port-expire-timeUse this command to configure the

COMMAND LINE INTERFACE3-158ip igmp snooping vlan mrouterUse this command to statically configure a multicast router port. Use the no form to remove th

IGMP SNOOPING COMMANDS3-159show ip igmp snooping mrouter Use this command to display information on statically configured and dynamically learned mult

COMMAND LINE INTERFACE3-160Priority CommandsThe commands described in this section allow you to specify which data packets have greater precedence whe

PRIORITY COMMANDS3-161switchport priority defaultUse this command to set a priority for incoming untagged frames, or the priority of frames received b

2-1CHAPTER 2CONFIGURING THE SWITCHUsing the Web InterfaceThis switch provides an embedded HTTP Web agent. Using a Web browser you can configure the sw

COMMAND LINE INTERFACE3-162• This switch provides four priority queues for each port. It is configured to use Weighted Round Robin, which can be viewe

PRIORITY COMMANDS3-163Command Mode Global ConfigurationCommand Usage WRR allows bandwidth sharing at the egress port by defining scheduling weights.Ex

COMMAND LINE INTERFACE3-164Default Setting This switch supports Class of Service by using four priority queues, with Weighted Round Robin for each por

PRIORITY COMMANDS3-165Example The following example shows how to map CoS values 0, 1 and 2 to CoS priority queue 0, value 3 to CoS priority queue 1, v

COMMAND LINE INTERFACE3-166show queue cos-mapUse this command to show the class of service priority map.Syntax show queue cos-map [interface]interface

PRIORITY COMMANDS3-167Default Setting DisabledCommand Mode Global ConfigurationCommand Usage • The precedence for priority mapping is IP Precedence or

COMMAND LINE INTERFACE3-168Default Setting The list below shows the default priority mapping.Command Mode Interface Configuration (Ethernet, Port Chan

PRIORITY COMMANDS3-169map ip dscp (Global Configuration)Use this command to enable IP DSCP mapping (i.e., Differentiated Services Code Point mapping).

COMMAND LINE INTERFACE3-170map ip dscp (Interface Configuration)Use this command to set IP DSCP priority (i.e., Differentiated Services Code Point pri

PRIORITY COMMANDS3-171Command Usage • The precedence for priority mapping is IP Port, IP Precedence or IP DSCP, and default switchport priority. • DSC

CONFIGURING THE SWITCH2-2Notes: 1. You are allowed three attempts to enter the correct password; on the third failed attempt the current connection is

COMMAND LINE INTERFACE3-172Example Related Commands map ip precedence (Global Configuration) (3-166)map ip precedence (Interface Configuration) (3-167

PRIORITY COMMANDS3-173Example Related Commands map ip dscp (Global Configuration) (3-169)map ip dscp (Interface Configuration) (3-170)Console#show map

COMMAND LINE INTERFACE3-174Mirror Port CommandsThis section describes how to configure port mirror sessions. port monitorUse this command to configure

MIRROR PORT COMMANDS3-175Command Usage • You can mirror traffic from any source port to a destination port for real-time analysis. You can then attach

COMMAND LINE INTERFACE3-176Default Setting Shows all sessions.Command Mode Privileged ExecCommand Usage This command displays the currently configured

PORT TRUNKING COMMANDS3-177Port Trunking CommandsPorts can be statically grouped into an aggregate link to increase the bandwidth of a network connect

COMMAND LINE INTERFACE3-178• All ports in a trunk must consist of the same media type (i.e., twisted-pair or fiber).• All ports in a trunk must be con

PORT TRUNKING COMMANDS3-179• The maximum number of ports that can be combined as a static trunk is four 10/100 Mbps ports, and two 1000 Mbps ports.• A

COMMAND LINE INTERFACE3-180• If the target switch has also enabled LACP on the connected ports, the trunk will be activated automatically. • If more t

A-1APPENDIX ATROUBLESHOOTINGTroubleshooting ChartTroubleshooting ChartSymptom ActionCannot connect using Telnet, Web browser, or SNMP software• Be sur

NAVIGATING THE WEB BROWSER INTERFACE2-3Home PageWhen your Web browser connects with the switch’s Web agent, the home page is displayed as shown below.

TROUBLESHOOTINGA-2Cannot access the on-board configuration program via a serial port connection• Be sure to have set the terminal emulator program to

B-1APPENDIX BUPGRADING FIRMWARE VIATHE SERIAL PORTThe switch contains three firmware components that can be upgraded; the diagnostics (or Boot-ROM) co

UPGRADING FIRMWARE VIA THE SERIAL PORTB-24. When the switch initialization screen appears, enter firmware-download mode by pressing <Ctrl><u&

B-3You can store a maximum of only two runtime and two diagnostic code files in the switch’s flash memory. Use the [D]elete File command to remove a r

UPGRADING FIRMWARE VIA THE SERIAL PORTB-4For example, the following screen text shows the download procedure for a runtime code file: 12. To set the n

Glossary-1GLOSSARY10BASE-TIEEE 802.3 specification for 10 Mbps Ethernet over two pairs of Category 3, 4, or 5 UTP cable.100BASE-TXIEEE 802.3u specific

GLOSSARYGlossary-2Collision DomainSingle CSMA/CD LAN segment.CSMA/CDCarrier Sense Multiple Access/Collision Detect is the communication method employe

GLOSSARYGlossary-3GARP VLAN Registration Protocol (GVRP)Defines a way for switches to exchange VLAN information in order to register necessary VLAN me

GLOSSARYGlossary-4IEEE 802.1pAn IEEE standard for providing quality of service (QoS) in Ethernet networks. The standard uses packet tags that define u

GLOSSARYGlossary-5Internet Control Message Protocol (ICMP)Commonly used to send echo messages (i.e., Ping) for monitoring purposes.Internet Group Mana

CONFIGURING THE SWITCH2-4new setting. The following table summarizes the Web page configuration buttons. Notes: 1. To ensure proper screen refresh, be

GLOSSARYGlossary-6Media Access Control (MAC)A portion of the networking protocol that governs access to the transmission medium, facilitating the exch

GLOSSARYGlossary-7Spanning Tree Protocol (STP)A technology that checks your network for any loops. A loop can often occur in complicated or backup lin

GLOSSARYGlossary-8b_mgmt.book Page 8 Tuesday, July 8, 2003 5:24 PM

Index-1Numerics802.1xconfigure 2-131, 2-134Aaddress table 2-47BBOOTP 2-13broadcast storm, threshold 2-41CClass of Serviceconfiguring 2-87queue mapping

INDEXIndex-2Ppasswordsadministrator setting 2-14path cost, method 3-120path cost, STP 3-120, 3-122port priorityconfiguring 2-87default ingress 2-87por

b_mgmt.book Page 1 Tuesday, July 8, 2003 5:24 PM

38 TeslaIrvine, CA 92618Phone: (949) 679-8000FOR TECHNICAL SUPPORT, CALL:From U.S.A. and Canada (24 hours a day, 7 days a week)(800) SMC-4-YOU; (949)

MAIN MENU2-5Main Menu Using the onboard Web agent, you can define system parameters, manage and control the switch, and all its ports, or monitor netw

CONFIGURING THE SWITCH2-6Trunk Configuration Configures trunk connection settings 2-38Broadcast Storm Protect ConfigurationSets the broadcast storm th

MAIN MENU2-7VLAN Current Table Shows the current port members of each VLAN and whether or not the port supports VLAN tagging2-75VLAN Static List Use

Information furnished by SMC Networks, Inc. (SMC) is believed to be accurate and reliable. However, no responsibility is assumed by SMC for its use, n

CONFIGURING THE SWITCH2-8Basic ConfigurationDisplaying System InformationYou can easily identify the system by providing a descriptive name, location

BASIC CONFIGURATION2-9Command Attributes• System Name – Name assigned to the switch system.• Object ID – MIB II object ID for switch’s network managem

CONFIGURING THE SWITCH2-10Web – Click System, System Information. Specify the system name, location, and contact information for the system administra

BASIC CONFIGURATION2-11CLI – Specify the hostname, location and contact information.Setting the IP Address An IP address may be used for management ac

CONFIGURING THE SWITCH2-12You can manually configure a specific IP address, or direct the device to obtain an address from a BOOTP or DHCP server when

BASIC CONFIGURATION2-13Manual ConfigurationWeb – Click System, IP. Specify the management interface, IP address and default gateway, then click Apply.

CONFIGURING THE SWITCH2-14If you lose your management connection, use a console connection and enter show ip interface to determine the new switch add

SECURITY2-15administrator password as soon as possible, and store it in a safe place. (If for some reason your password is lost, you can reload the fa

CONFIGURING THE SWITCH2-16CLI – Assign a user name to access-level 15 (i.e., administrator), then specify the password.Configuring RADIUS/TACACS+ Logo

SECURITY2-17• RADIUS uses UDP while TACACS+ uses TCP. UDP only offers best effort delivery, while TCP offers a connection-oriented transport. Also, no

vLIMITED WARRANTYLimited Warranty Statement: SMC Networks, Inc. (“SMC”) warrants its products to be free from defects in workmanship and materials, un

CONFIGURING THE SWITCH2-18Command Attributes• Authentication – Select the authentication, or authentication sequence required:- RADIUS – User authenti

SECURITY2-19TACACS+ Settings• Server IP Address – Address of the TACACS+ server. (Default: 10.1.0.1)• Server Port Number – Network (TCP) port of TACAC

CONFIGURING THE SWITCH2-20Web – Click System, Authentication Settings. To configure local or remote authentication preferences, specify the authentica

SECURITY2-21CLI CommandsCLI – Specify all the required parameters to enable logon authentication. Configuring HTTPSYou can configure the switch to ena

CONFIGURING THE SWITCH2-22The following Web browsers and operating systems currently support HTTPS:* To specify a secure-site certificate, see “Replac

SECURITY2-23CLI CommandsCLI – Enter the following commands to specify the secure port number and to enable HTTPS.Replacing the Default Secure-site Cer

CONFIGURING THE SWITCH2-24Note: The switch must be reset for the new certificate to be activated. To reset the switch, type: Console#reloadConfiguring

SECURITY2-25Web – Click System, SSH Settings. Select Enabled for the SSH Server Status, specify the authentication timeout and number of retries, then

CONFIGURING THE SWITCH2-26Managing FirmwareYou can upload/download firmware to or from a TFTP server. By saving runtime code to a file on a TFTP serve

MANAGING FIRMWARE2-27Web – Click System, Firmware. Enter the IP address of the TFTP server, enter the file name of the software to download, select a

LIMITED WARRANTYviFOREGOING WARRANTIES AND REMEDIES ARE EXCLUSIVE AND ARE IN LIEU OF ALL OTHER WARRANTIES OR CONDITIONS, EXPRESS OR IMPLIED, EITHER IN

CONFIGURING THE SWITCH2-28CLI – Enter the IP address of the TFTP server, select config or opcode file type, then enter the source and destination file

MANAGING FIRMWARE2-29You can save the configuration file under a new file name and then set it as the startup file, or you can specify the current sta

CONFIGURING THE SWITCH2-30CLI – Enter the IP address of the TFTP server, specify the source file on the server, and set the startup file name on the s

MANAGING FIRMWARE2-31CLI – If you copy the running configuration to a file, you can set this file as the startup file at a later time, and then restar

CONFIGURING THE SWITCH2-32• Configurable PVID Tagging – This switch allows you to override the default Port VLAN ID (PVID used in frame tags) and egre

MANAGING FIRMWARE2-33Web – Click System, Bridge Extension.CLI – Enter the following command. Console#show bridge-ext 3-147 Max support vlan numbers: 2

CONFIGURING THE SWITCH2-34Displaying Switch Hardware/Software Versions Command AttributesMain Board• Serial Number – The serial number of the switch.•

MANAGING FIRMWARE2-35Web – Click System, Switch Information.CLI – Use the following command to display version information.Console#show version 3-54Un

CONFIGURING THE SWITCH2-36Port ConfigurationDisplaying Connection StatusYou can use the Port Information or Trunk Information pages to display the cur

PORT CONFIGURATION2-37Web – Click Port, Port Information or Trunk Information. Modify the required interface settings, and click Apply.CLI – This exam

viiCONTENTS1 Switch Management 1-1Connecting to the Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-1Configuration Options . . . .

CONFIGURING THE SWITCH2-38Configuring Interface ConnectionsYou can use the Trunk Configuration or Port Configuration page to enable/disable an interfa

PORT CONFIGURATION2-39- Sym (Gigabit only) – Check this item to transmit and receive pause frames, or clear it to auto-negotiate the sender and receiv

CONFIGURING THE SWITCH2-40Web – Click Port, Port Configuration or Trunk Configuration. Modify the required interface settings, and click Apply.CLI – S

PORT CONFIGURATION2-41Setting Broadcast Storm ThresholdsBroadcast storms may occur when a device on your network is malfunctioning, or if application

CONFIGURING THE SWITCH2-42Web – Click Port, Port Broadcast Control. Set the threshold for all ports, and then click Apply.CLI – Specify the required i

PORT CONFIGURATION2-43Command Usage• The mirror port and monitor port speeds must match, otherwise traffic may be dropped from the monitor port.• The

CONFIGURING THE SWITCH2-44CLI – Use the interface command to select the target port, then use the port monitor command to specify the source port. Not

PORT CONFIGURATION2-45• It can be configured as an LACP trunk port, but the switch does not allow the LACP trunk to be enabled.Note: A port that is al

CONFIGURING THE SWITCH2-46Port Security ConfigurationOn the Port/Port Security Status page, you can enable/disable security for any switch port. For e

ADDRESS TABLE SETTINGS2-47Address Table SettingsSwitches store the addresses for all known devices. This information is used to route traffic directly

CONTENTSviiiCopying the Running Configuration to a File . . . . . . . 2-30Displaying Bridge Extension Capabilities . . . . . . . . . . 2-31Displ

CONFIGURING THE SWITCH2-48Web – Click Address able, Static Addresses. Specify the interface, the MAC address and VLAN, then click Add Static Address.C

ADDRESS TABLE SETTINGS2-49Displaying the Address TableThe Dynamic Address Table contains the MAC addresses learned by monitoring the source address fo

CONFIGURING THE SWITCH2-50Web – Click Address Table, Dynamic Addresses. Specify the search type (i.e., Interface, MAC Address, or VLAN), the method of

SPANNING TREE PROTOCOL CONFIGURATION2-51Changing the Aging TimeYou can set the aging time for entries in the dynamic address table. Command UsageThe r

CONFIGURING THE SWITCH2-52The Spanning Tree Protocols supported by the switch include the following standards:• STP – Spanning Tree Protocol (IEEE 802

SPANNING TREE PROTOCOL CONFIGURATION2-53STP InformationThe Spanning Tree, STP Information page contains information on the current status of the Spann

CONFIGURING THE SWITCH2-54• Designated Root — Identifies the priority and MAC address of the device in the Spanning Tree that the switch has accepted

SPANNING TREE PROTOCOL CONFIGURATION2-55• Root Hold Time* – The interval (in seconds) during which no more than two bridge configuration protocol dat

CONFIGURING THE SWITCH2-56CLI – This example shows the current Spanning Tree settings.Console#show spanning-tree 3-128Spanning-tree information-------

SPANNING TREE PROTOCOL CONFIGURATION2-57STP ConfigurationGlobal settings apply to the entire switch.Command UsageRSTP supports connections to either S

CONTENTSixStatically Configuring a Trunk . . . . . . . . . . . . . . . . . . 2-104Configuring SNMP . . . . . . . . . . . . . . . . . . . . . . . . .

CONFIGURING THE SWITCH2-58• Priority — Bridge priority is used in selecting the root device, root port, and designated port. The device with the highe

SPANNING TREE PROTOCOL CONFIGURATION2-59• Forward Delay — The maximum time (in seconds) the switch will wait before changing states (i.e., discarding

CONFIGURING THE SWITCH2-60Web – Click Spanning Tree, STP Configuration. Modify the required attributes, then click Apply.CLI – This example enables Sp

SPANNING TREE PROTOCOL CONFIGURATION2-61STP Port and Trunk InformationThe Spanning Tree, STP Port Information and Spanning Tree, STP Trunk Information

CONFIGURING THE SWITCH2-62• Designated Bridge — The priority and MAC address of the device through which this port must communicate to reach the root

SPANNING TREE PROTOCOL CONFIGURATION2-63These additional parameters are only displayed for the CLI:• Admin status – Shows if STA has been enabled on t

CONFIGURING THE SWITCH2-64• Admin Edge Port – You can enable this option if an interface is attached to a LAN segment that is at the end of a bridged

SPANNING TREE PROTOCOL CONFIGURATION2-65CLI – This example displys the current Spanning Tree status of a port. STP Port and Trunk ConfigurationYou can

CONFIGURING THE SWITCH2-66Command Attributes• STP State — Displays current state of this port within the Spanning Tree:- Discarding — Port receives ST

SPANNING TREE PROTOCOL CONFIGURATION2-67• Path Cost — This parameter is used by the STP to determine the best path between devices. Therefore, lower v