5 600 brands
1 870 000 user's guides |
|
|
|||||||||||||||
|
Search a brand
Advanced Search
|
Our partners wish to propose you the following products
|
User manual ALCATEL-LUCENT OMNISTACK LS 6200
Diplodocs help download the user guide ALCATEL-LUCENT OMNISTACK LS 6200.
You may also download the following manuals related to this product:
This product, although classified under the brand ALCATEL-LUCENT, may have been manufactured by ALCATEL, LUCENT after mergers, acquisitions, or a change in name.
Preview of the first 3 pages of manual
You either have JavaScript turned off or an old version of Adobe Flash Player Get the latest Flash Player.
User guide ALCATEL-LUCENT OMNISTACK LS 6200
Detailed instructions for use are in the User's Guide. Part No. 060202-10 , Rev. D June 2007
Alcatel OS-LS-6200
User Guide
www.alcatel.com
An Alcatel service agreement brings your company the assurance of 7x24 no-excuses technical support. You'll also receive regular software updates to maintain and maximize your Alcatel product's features and functionality and on-site hardware replacement through our global network of highly qualified service delivery partners. Additionally, with 24-hour-a-day access to Alcatel's Service and Support web page, you'll be able to view and update any case (open or closed) that you have reported to Alcatel's technical support, open a new case or access helpful release notes, technical bulletins, and manuals. For more information on Alcatel's Service Programs, see our web page at www.ind.alcatel.com, call us at 1-800-995-2696, or email us at support@ind.alcatel.com.
This Manual documents Alcatel 6200 hardware and software. The functionality described in this Manual is subject to change without notice.
Copyright© 2007 by Alcatel Internetworking, Inc. All rights reserved. This document may not be reproduced in whole or in part without the express written permission of Alcatel Internetworking, Inc. Alcatel®and the Alcatel logo are registered trademarks of Compagnie Financiére Alcatel, Paris, France. OmniSwitch® and OmniStack® are registered trademarks of Alcatel Internetworking, Inc. Omni Switch/RouterTM, SwitchExpertSM, the Xylan logo are trademarks of Alcatel Internetworking, Inc. All other brand and product names are trademarks of their respective companies.
26801 West Agoura Road Calabasas, CA 91301 (818) 880-3500 FAX (818) 880-3505 info@ind.alcatel.com US Customer Support-(800) 995-2696 International Customer Support-(818) 878-4507 Internet-http://eservice.ind.alcatel.com
Warning This equipment has been tested and found to comply with the limits for Class A digital device pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment. This equipment generates, uses, and can radiate radio frequency energy and, if not installed and used in accordance with the instructions in this guide, may cause interference to radio communications. Operation of this equipment in a residential area is likely to cause interference, in which case the user will be required to correct the interference at his own expense. The user is cautioned that changes and modifications made to the equipment without approval of the manufacturer could void the user's authority to operate this equipment. It is suggested that the user use only shielded and grounded cables to ensure compliance with FCC Rules. This digital apparatus does not exceed the Class A limits for radio noise emissions from digital apparatus set out in the radio interference regulations of the Canadian department of communications. Le present appareil numerique níemet pas de bruits radioelectriques depassant les limites applicables aux appareils numeriques de la Class A prescrites dans le reglement sur le brouillage radioelectrique edicte par le ministere des communications du Canada. Utilice sólo adaptadores con las siguientes características eléctricas y que estén debidamente certificados de acuerdo a la legislación vigente. El uso de otros adaptadores podría dañar el dispositivo y anular la garantía además de provocar riesgos al usuario. Características de entrada: AC100/115/220/230V; 50/60Hz; 2.0/1.7/0.9/ 0.9A; Clase I AC100/115/220/230V; 50/60Hz; 4.0/3.4/1.8/ 1.8A; Clase I AC 100/115/220/230V; 50/60Hz; 0.4/0.4/0.2/ 0.2A; Clase I AC100/115/220/230V; 50/60Hz; 0.6/0.6/0.4/ 0.4A; Clase I AC 100/115/220/230V 50/60Hz 1.0/1.0/0.5/ 0.5A Clase I Características de salida: DC 12V, 4.0A; -50V, 3.6A DC 12V, 7.5A; -50V, 7.5A DC 12V, 4.5A DC 12V, 4.5A DC 12V , 4.5A
OS-LS-6224P OS-LS-6248P OS-LS-6224 OS-LS-6248 OS-LS-6224U
Adaptador: OS-LS-6224P OS-LS-6248P OS-LS-6248 OS-LS-6224 Modelo: OS-LS-62BP-P OS-LS-62BP-P OS-LS-62BP-DC & OS-LS-62BP OS-LS-62BP-DC & OS-LS-62BP Marca comercial: 3Y Power Alcatel Accton & 3Y Power Accton & 3Y Power
Contents
Contents
Chapter 1: Introduction 1 Key Features ........................................................................................................ 1 Description of Software Features ......................................................................... 3 System Defaults ................................................................................................... 9 Chapter 2: Initial Configuration 13 General Configuration Information ..................................................................... 14 Auto-Negotiation 15 Device Port Default Settings 15 Booting the Switch .............................................................................................. 16 Configuration Overview ...................................................................................... 18 Initial Configuration ............................................................................................. 18 Static IP Address and Subnet Mask 18 User Name 19 SNMP Community Strings 19 Advanced Configuration ..................................................................................... 21 Retrieving an IP Address From a DHCP Server 21 Receiving an IP Address From a BOOTP Server 22 Security Management and Password Configuration .......................................... 23 Configuring Security Passwords Introduction 23 Configuring an Initial Console Password 24 Configuring an Initial Telnet Password 24 Configuring an Initial SSH password 24 Configuring an Initial HTTP Password 25 Configuring an initial HTTPS Password 25 Software Download and Reboot ......................................................................... 25 Software Download through XModem 25 Software Download Through TFTP Server 26 Boot Image Download 27 Startup Menu Functions ..................................................................................... 28 Chapter 3: Configuring the Switch 33 Using the Web Interface ..................................................................................... 33 Navigating the Web Browser Interface ............................................................... 33 Home Page 33 Configuration Options 34 Panel Display 35 Main Menu 35 Managing Device Information ............................................................................. 36 Managing Stacking ............................................................................................. 37 Understanding the Stack Topology 38 Stacking Failover Topology 38
v
Contents Stacking Members and Unit ID 38 Removing and Replacing Stacking Members 39 Exchanging Stacking Members 40 Switching between the Stacking Master and the Secondary Master 40 Configuring Stacking 41 Resetting the Stack 42 Managing System Logs ......................................................................................43 Enabling System Logs 43 Viewing Memory Logs 45 Viewing the Device FLASH Logs 47 Remote Log Configuration 48 Configuring SNTP ...............................................................................................51 Polling for Unicast Time Information 51 Polling for Anycast Time Information 51 Polling For Broadcast Time Information 52 Defining SNTP Global Settings 52 Defining SNTP Authentication 53 Defining SNTP Servers 54 Defining SNTP Interface Settings 56 Configuring System Time ...................................................................................57 Configuring Daylight Savings Time 57 Managing System Files ......................................................................................61 Downloading System Files 62 Uploading System Files 64 Copying Files 65 Active Image 66 TCAM Resources ...............................................................................................67 Configuring Interfaces .........................................................................................69 Configuring Interface Connections 69 Creating Trunks (LAGs) 72 Configuring LACP 73 Displaying Port Statistics ....................................................................................75 Interface Statistics 76 Etherlike Statistics 77 Configuring IP Information ..................................................................................80 Defining IP Addresses 80 Defining Default Gateways 81 Configuring DHCP 82 Configuring ARP 83 Configuring Domain Name Service ....................................................................85 Configuring General DNS Server Parameters 86 Configuring Static DNS Host to Address Entries 87 Configuring SNMP ..............................................................................................88 Enabling SNMP 89 Defining SNMP Users 90
vi
Contents Defining SNMP Group Profiles 92 Defining SNMP Views 93 Defining SNMP Communities 95 Defining SNMP Notification Recipients 96 Defining SNMP Notification Global Parameters 98 Defining SNMP Notification Filters 100 Configuring User Authentication ....................................................................... 101 Defining Local Users Passwords 101 Defining Line Passwords 102 Defining Enable Passwords 103 Configuring Authentication Methods ................................................................ 104 Defining Access Profiles 104 Defining Profile Rules 107 Defining Authentication Profiles 109 Mapping Authentication Methods 112 Defining TACACS+ Methods 114 Defining RADIUS Settings 115 Managing RMON Statistics .............................................................................. 118 Viewing RMON Statistics 118 Defining RMON History Control 120 Viewing the RMON History Table 121 Defining RMON Events Control 124 Viewing the RMON Events Logs 125 Defining RMON Alarms 126 Alcatel Mapping Adjacency Protocol (AMAP) ................................................... 128 Configuring AMAP 128 Viewing Adjacent Devices 130 Configuring LLDP ............................................................................................. 131 Defining LLDP Port Settings 132 Defining Media Endpoint Discovery Network Policy 133 Defining LLDP MED Port Settings 134 Viewing the LLDP Neighbor Information 135 Viewing Neighbor Information Details 136 Managing Power-over-Ethernet Devices .......................................................... 139 Defining PoE System Information 139 Defining PoE Interfaces 140 Device Diagnostic Tests ................................................................................... 142 Configuring Port Mirroring 142 Viewing Integrated Cable Tests 144 Viewing Optical Transceivers 145 Viewing Device Health 147 Configuring Traffic Control ............................................................................... 149 Enabling Storm Control 149 Configuring Port Security 151 802.1X Port-Based Authentication ................................................................... 153
vii
Contents Advanced Port-Based Authentication 154 Defining Network Authentication Properties 155 Defining Port Authentication 157 Modify Port Authentication Page 158 Configuring Multiple Hosts 160 Defining Authentication Hosts 162 Viewing EAP Statistics 164 Defining Access Control Lists ...........................................................................167 Configuring Access Control Lists 167 Binding Device Security ACLs 168 Defining IP Based Access Control Lists 169 Defining MAC Based Access Control Lists 171 DHCP Snooping ...............................................................................................173 DHCP Snooping Properties 174 Defining DHCP Snooping on VLANs 175 Defining Trusted Interfaces 176 Binding Addresses to the DHCP Snooping Database 177 Configuring Option 82 .......................................................................................178 Dynamic ARP Inspection ..................................................................................179 ARP Inspection Properties 180 ARP Inspection Trusted Interface Settings 181 Defining ARP Inspection List 182 Assigning ARP Inspection VLAN Settings 183 IP Source Guard ...............................................................................................184 Configuring IP Source Guard Properties 185 Defining IP Source Guard Interface Settings 185 Adding Interfaces to the IP Source Guard Database 186 Defining the Forwarding Database ...................................................................188 Defining Static Forwarding Database Entries 188 Defining Dynamic Forwarding Database Entries 189 Configuring Spanning Tree ...............................................................................191 Defining Spanning Tree 192 Defining STP on Interfaces 194 Defining Rapid Spanning Tree 197 Defining Multiple Spanning Tree 199 Defining MSTP Instance Settings 200 Defining MSTP Interface Settings 201 Configuring VLANs ...........................................................................................204 Assigning Ports to VLANs 204 Tagged/Untagged VLANs 206 Displaying Basic VLAN Information 206 Defining VLAN Membership 207 Defining VLAN Interface Settings 210 Defining Customer Mapping for Multicast TV 211 Mapping CPE VLANs 212
viii
Contents Defining VLAN Groups ..................................................................................... 213 Configuring MAC Based VLAN Groups 213 Configuring Subnet Based VLAN Groups 214 Configuring Protocol Based VLAN Groups 215 Mapping Groups to VLANs 216 Defining GARP 217 Defining GVRP 219 Viewing GVRP Statistics 220 Multicast Filtering ............................................................................................ 223 Defining IGMP Snooping 223 Specifying Static Interfaces for a Multicast Group 225 Displaying Interfaces Attached to a Multicast Router 227 Configuring Multicast TV 228 Defining Multicast TV Membership 229 Configuring Triple Play ..................................................................................... 230 Configuring Quality of Service .......................................................................... 231 Access Control Lists 232 Mapping to Queues 233 QoS Modes 234 Enabling QoS 235 Defining Global Queue Settings 236 Defining Bandwidth Settings 237 Configuring VLAN Rate Limit 239 Mapping CoS Values to Queues 240 Mapping DSCP Values to Queues 241 Defining Basic QoS Settings 242 Defining QoS DSCP Rewriting Settings 243 Defining QoS DSCP Mapping Settings 244 Defining QoS Class Maps 245 Defining Policies 246 Defining Tail Drop 248 Viewing the Policy Table 248 Viewing Policy Bindings 250 Chapter 4: Command Line Interface 253 Using the Command Line Interface .................................................................. 253 Accessing the CLI 253 Console Connection 253 Telnet Connection 253 Entering Commands ......................................................................................... 255 Keywords and Arguments 255 Minimum Abbreviation 255 Command Completion 255 Getting Help on Commands 255
ix
Contents Partial Keyword Lookup 257 Negating the Effect of Commands 257 Using Command History 257 Understanding Command Modes 257 Exec Commands 258 Configuration Commands 258 Command Line Processing 259 Command Groups ............................................................................................261 802.1x Commands ............................................................................................263 aaa authentication dot1x 264 dot1x system-auth-control 265 dot1x port-control 266 dot1x re-authentication 267 dot1x timeout re-authperiod 268 dot1x re-authenticate 269 dot1x timeout quiet-period 269 dot1x timeout tx-period 270 dot1x max-req 271 dot1x timeout supp-timeout 272 dot1x timeout server-timeout 273 show dot1x 274 show dot1x users 277 show dot1x statistics 279 ADVANCED FEATURES 281 dot1x auth-not-req 281 dot1x multiple-hosts 282 dot1x single-host-violation 283 dot1x guest-vlan 284 dot1x guest-vlan enable 285 dot1x mac-authentication 285 show dot1x advanced 286 AAA Commands ...............................................................................................288 aaa authentication login 288 aaa authentication enable 290 login authentication 291 enable authentication 292 ip http authentication 293 ip https authentication 294 show authentication methods 294 password 296 enable password 296 username 297 show users accounts 298 ACL Commands ...............................................................................................300 ip-access-list 300
x
Contents permit (ip) 301 deny (IP) 304 mac access-list 306 permit (MAC) 307 deny (MAC) 308 service-acl 310 show access-lists 310 show interfaces access-lists 311 Address Table Commands ............................................................................... 313 bridge address 314 bridge multicast filtering 315 bridge multicast address 316 bridge multicast forbidden address 317 bridge multicast forward-all 318 bridge multicast forbidden forward-all 319 bridge aging-time 320 clear bridge 320 port security 321 port security mode 321 port security max 322 port security routed secure-address 323 show bridge address-table 324 show bridge address-table static 325 show bridge address-table count 326 show bridge multicast address-table 327 show bridge multicast address-table static 328 show bridge multicast filtering 329 show ports security 330 show ports security addresses 331 LLDP Commands ............................................................................................. 333 lldp optional-tlv 333 lldp med enable 334 lldp med network-policy (global) 334 lldp med network-policy (interface) 335 lldp med location 335 clear lldp rx 336 show lldp configuration 337 show lldp med configuration 337 show lldp local 338 show lldp neighbors 340 AMAP Commands ............................................................................................ 345 amap enable 345 amap discovery time 346 amap common time 346 show amap 346
xi
Contents Clock Commands .............................................................................................348 349 clock set 349 clock source 350 clock timezone 350 clock summer-time 351 sntp authentication-key 353 sntp authenticate 353 sntp trusted-key 354 sntp client poll timer 355 sntp broadcast client enable 356 sntp anycast client enable 357 sntp client enable (Interface) 357 sntp unicast client enable 358 sntp unicast client poll 359 sntp server 360 show clock 361 show sntp configuration 362 show sntp status 363 Configuration and Image File Commands ........................................................365 copy 365 delete 368 dir 369 more 370 rename 371 boot system 372 show running-config 373 show startup-config 373 show bootvar 374 Ethernet Configuration Commands ..................................................................376 interface ethernet 376 interface range ethernet 377 shutdown 378 description 379 speed 380 duplex 381 negotiation 382 flowcontrol 383 mdix 383 back-pressure 384 clear counters 385 set interface active 386 show interfaces advertise 386 show interfaces configuration 388 show interfaces status 390
xii
Contents show interfaces description 392 show interfaces counters 392 port storm-control broadcast enable 395 port storm-control broadcast rate 396 show ports storm-control 397 GVRP Commands ............................................................................................ 399 gvrp enable (Global) 399 gvrp enable (Interface) 400 garp timer 401 gvrp vlan-creation-forbid 402 gvrp registration-forbid 402 clear gvrp statistics 403 show gvrp configuration 404 show gvrp statistics 405 show gvrp error-statistics 406 IGMP Snooping Commands ............................................................................. 408 ip igmp snooping (Global) 408 ip igmp snooping (Interface) 409 ip igmp snooping host-time-out 410 ip igmp snooping mrouter-time-out 410 ip igmp snooping leave-time-out 411 ip igmp snooping multicast-tv 412 ip igmp snooping querier enable 413 ip igmp snooping querier address 413 ip igmp snooping querier version 414 show ip igmp snooping mrouter 414 show ip igmp snooping interface 415 show ip igmp snooping groups 416 IP Addressing Commands ................................................................................ 418 ip address 418 ip address dhcp 419 ip default-gateway 420 show ip interface 421 arp 422 arp timeout 423 clear arp-cache 424 show arp 424 ip domain-lookup 425 ip domain-name 426 ip name-server 426 ip host 427 clear host 428 clear host dhcp 429 show hosts 429 LACP Commands ............................................................................................. 431
xiii
Contents lacp system-priority 431 lacp port-priority 432 lacp timeout 432 show lacp ethernet 433 show lacp port-channel 435 Line Commands ................................................................................................437 line 437 speed 438 autobaud 439 exec-timeout 439 history 440 history size 440 terminal history 441 terminal history size 442 show line 443 Management ACL Commands .........................................................................445 management access-list 445 permit (Management) 446 deny (Management) 447 management access-class 448 show management access-list 449 show management access-class 450 PHY Diagnostics Commands ...........................................................................451 test copper-port tdr 451 show copper-ports tdr 452 show copper-ports cable-length 452 show fiber-ports optical-transceiver 453 Port Channel Commands .................................................................................455 interface port-channel 455 interface range port-channel 455 channel-group 456 show interfaces port-channel 457 Port Monitor Commands ...................................................................................458 port monitor 458 show ports monitor 459 Power over Ethernet Commands ......................................................................460 power inline 460 power inline powered-device 461 power inline priority 462 power inline usage-threshold 462 power inline traps enable 463 show power inline 464 QoS Commands ...............................................................................................467 qos 468 show qos 469
xiv
Contents class-map 469 show class-map 470 match 471 policy-map 472 class 472 rate-limit 473 rate-limit (VLAN) 474 show policy-map 474 trust cos-dscp 475 set 476 police 477 service-policy 478 qos aggregate-policer 478 show qos aggregate-policer 480 police aggregate 481 wrr-queue cos-map 481 priority-queue out num-of-queues 482 traffic-shape 483 show qos interface 484 qos wrr-queue threshold 486 qos map dscp-dp 487 qos map policed-dscp 487 qos map dscp-queue 488 qos trust (Global) 489 qos trust (Interface) 490 qos cos 490 qos dscp-mutation 491 qos map dscp-mutation 492 show qos map 493 RADIUS Commands ........................................................................................ 495 radius-server host 495 radius-server key 497 radius-server retransmit 497 radius-server source-ip 498 radius-server timeout 499 radius-server deadtime 500 show radius-servers 501 RMON Commands ........................................................................................... 503 show rmon statistics 503 rmon collection history 505 show rmon collection history 506 show rmon history 507 rmon alarm 510 show rmon alarm-table 511 show rmon alarm 512
xv
Contents rmon event 514 show rmon events 514 show rmon log 515 rmon table-size 517 SNMP Commands ............................................................................................518 snmp-server community 519 snmp-server view 520 snmp-server group 521 snmp-server user 522 snmp-server engineID local 523 snmp-server enable traps 525 snmp-server filter 525 snmp-server host 526 snmp-server v3-host 528 snmp-server trap authentication 529 snmp-server contact 529 snmp-server location 530 snmp-server set 531 show snmp 531 show snmp engineid 533 show snmp views 534 show snmp groups 535 show snmp filters 536 show snmp users 536 Spanning-Tree Commands ...............................................................................538 spanning-tree 539 spanning-tree mode 540 spanning-tree forward-time 541 spanning-tree hello-time 542 spanning-tree max-age 543 spanning-tree priority 544 spanning-tree disable 544 spanning-tree cost 545 spanning-tree port-priority 546 spanning-tree portfast 547 spanning-tree link-type 548 spanning-tree pathcost method 549 spanning-tree bpdu 550 clear spanning-tree detected-protocols 551 spanning-tree mst priority 551 spanning-tree mst max-hops 552 spanning-tree mst port-priority 553 spanning-tree mst cost 554 spanning-tree mst configuration 556 instance (mst) 556
xvi
Contents name (mst) 558 revision (mst) 558 show (mst) 559 exit (mst) 561 abort (mst) 561 spanning-tree guard root 562 spanning-tree bpduguard 563 dot1x bpdu 563 show dot1x bpdu 564 show spanning-tree 564 SSH Commands ............................................................................................... 580 ip ssh port 580 ip ssh server 581 crypto key generate dsa 581 crypto key generate rsa 582 ip ssh pubkey-auth 583 crypto key pubkey-chain ssh 584 user-key 585 key-string 586 show ip ssh 587 show crypto key mypubkey 588 show crypto key pubkey-chain ssh 589 Syslog Commands ........................................................................................... 591 logging on 591 logging 592 logging console 593 logging buffered 594 logging buffered size 595 clear logging 595 logging file 596 clear logging file 597 aaa logging 597 file-system logging 598 management logging 598 show logging 599 show logging file 601 show syslog-servers 603 System Management Commands .................................................................... 604 ping 604 traceroute 606 telnet 608 resume 611 reload 612 hostname 612 stack master 613
xvii
Contents stack reload 614 stack display-order 614 show stack 615 show users 617 show sessions 617 show system 618 show version 619 service cpu-utilization 620 show cpu utilization 621 TACACS+ Commands ......................................................................................622 tacacs-server host 622 tacacs-server key 623 tacacs-server timeout 624 tacacs-server source-ip 625 show tacacs 625 Triple Play Commands .....................................................................................627 switchport customer vlan 627 switchport customer multicast-tv vlan 627 ip igmp snooping map cpe vlan 628 show ip igmp snooping cpe vlans 629 show ip igmp snooping interface 629 DHCP Snooping, IP Source Guard and ARP Inspection Commands ..............631 ip dhcp snooping 632 ip dhcp snooping vlan 633 ip dhcp snooping trust 634 ip dhcp information option allowed-untrusted 634 ip dhcp information option 635 ip dhcp snooping verify 635 ip dhcp snooping database 636 ip dhcp snooping database update-freq 636 ip dhcp snooping binding 637 clear ip dhcp snooping database 638 show ip dhcp snooping 638 show ip dhcp snooping binding 639 ip source-guard (global) 640 ip source-guard (interface) 640 ip source-guard binding 641 ip source-guard tcam retries-freq 642 ip source-guard tcam locate 643 show ip source-guard 643 show ip source-guard inactive 644 ip arp inspection 645 ip arp inspection vlan 646 ip arp inspection trust 646 ip arp inspection validate 647
xviii
Contents ip arp inspection list create 648 ip mac 648 ip arp inspection list assign 649 ip arp inspection logging interval 650 show ip arp inspection 650 show ip arp inspection list 651 User Interface Commands ............................................................................... 652 do 652 enable 653 disable 654 login 654 configure 655 exit (Configuration) 655 exit 656 end 657 help 657 terminal datadump 658 show history 659 show privilege 659 VLAN Commands ............................................................................................. 661 vlan database 662 vlan 663 default-vlan vlan 664 interface vlan 664 interface range vlan 665 name 666 map protocol protocols-group 666 switchport general map protocols-group vlan 667 switchport mode 668 switchport access vlan 669 switchport trunk allowed vlan 670 switchport trunk native vlan 671 switchport general allowed vlan 672 switchport general pvid 673 switchport general ingress-filtering disable 674 switchport general acceptable-frame-type tagged-only 675 switchport forbidden vlan 676 map mac macs-group 677 switchport general map macs-group vlan 677 map subnet subnets-group 678 switchport general map subnets-group vlan 679 switchport protected 680 ip internal-usage-vlan 681 show vlan 682 show vlan internal usage 683
xix
Contents show interfaces switchport 684 switchport access multicast-tv vlan 687 show vlan protocols-groups 688 show vlan macs-groups 688 show vlan subnets-groups 689 show vlan multicast-tv 690 Web Server Commands ...................................................................................691 ip http server 691 ip http port 692 ip http exec-timeout 693 ip https server 693 ip https port 694 ip https exec-timeout 695 crypto certificate generate 695 crypto certificate request 696 crypto certificate import 698 ip https certificate 699 show crypto certificate mycertificate 699 show ip http 700 show ip https 701 Appendix A. Configuration Examples 703 Configuring QinQ ..............................................................................................704 Configuring Customer VLANs using the CLI ....................................................707 Configuring Multicast TV ..................................................................................709 Configuring Customer VLANs ...........................................................................716 Configuring Customer VLANs Using the Web Interface ...................................716 Appendix B. Software Specifications 721 Software Features ............................................................................................721 Management Features ......................................................................................722 Standards .........................................................................................................722 Management Information Bases .......................................................................723 Appendix C. Troubleshooting 725 Problems Accessing the Management Interface ..............................................725 Using System Logs ...........................................................................................726 Appendix D. Glossary 727
xx
Figures
Figures
Figure 2-1. Figure 2-2. Figure 3-3. Figure 3-4. Figure 3-5. Figure 3-6. Figure 3-7. Figure 3-8. Figure 3-9. Figure 3-10. Figure 3-11. Figure 3-12. Figure 3-13. Figure 3-14. Figure 3-15. Figure 3-16. Figure 3-17. Figure 3-18. Figure 3-19. Figure 3-20. Figure 3-21. Figure 3-22. Figure 3-23. Figure 3-24. Figure 3-25. Figure 3-26. Figure 3-27. Figure 3-28. Figure 3-29. Figure 3-30. Figure 3-31. Figure 3-32. Figure 3-33. Figure 3-34. Figure 3-35. Figure 3-36. Figure 3-37. Figure 3-38. Figure 3-39. Figure 3-40. Figure 3-41. Figure 3-42. Installation and Configuration Send File window Home Page Ports Panel System Information Page Stack Management Topology Page Stack Management - Reset Page Logs Settings Page Memory Page FLASH Logs Page Remote Log Page SNTP Configuration Page SNTP Authentication Page SNTP Servers Page SNTP Interface Page Clock Time Zone Page File Download Page File Upload Page Copy Files Page Active image Page TCAM Resources Page Interface Configuration Page LAG Membership Page Interface LACP Configuration Page Statistics Interface Page Statistics Etherlike Page IP Interface Page Default Gateway Page DHCP Page ARP Page DNS Server Page DNS Host Mapping Page Engine ID Page SNMP Users Page SNMP Groups Page SNMP Views Page SNMP Communities Page SNMP Trap Station Management Page SNMP Global Trap Settings Page Trap Filter Settings Page Local Users Page Line Page 14 29 34 35 37 41 42 44 46 48 49 53 54 55 56 61 63 65 66 67 69 71 73 75 77 78 81 82 83 84 86 88 90 92 93 94 96 98 99 100 102 103
xxi
Figures Figure 3-43. Figure 3-44. Figure 3-45. Figure 3-46. Figure 3-47. Figure 3-48. Figure 3-49. Figure 3-50. Figure 3-51. Figure 3-52. Figure 3-53. Figure 3-54. Figure 3-55. Figure 3-56. Figure 3-57. Figure 3-58. Figure 3-59. Figure 3-60. Figure 3-61. Figure 3-62. Figure 3-63. Figure 3-64. Figure 3-65. Figure 3-66. Figure 3-67. Figure 3-68. Figure 3-69. Figure 3-70. Figure 3-71. Figure 3-72. Figure 3-73. Figure 3-74. Figure 3-75. Figure 3-76. Figure 3-77. Figure 3-78. Figure 3-79. Figure 3-80. Figure 3-81. Figure 3-82. Figure 3-83. Figure 3-84. Figure 3-85. Figure 3-86. Figure 3-87.
xxii
Enable Page Access Profiles Page Profiles Rules Page Authentication Profiles Page Authentication Mapping Page TACACS+ Page RADIUS Page RMON Statistics Page History Control Page History Table Page Events Control Page Events Logs Page Alarm Page AMAP Settings Page AMAP Adjacencies Page LLDP Properties Page LLDP Port Settings Page MED Networking Policy Page MED Port Settings Page LLDP Neighbor Information Page Details Neighbor Information Page Properties Page PoE Interface Page Port Mirroring Page Copper Cable Page Optical Transceiver Page Health Page Storm Control Page Port Security Page System Information Page Port Authentication Page Multiple Hosts Page Authentication Host Page Statistics Page ACL Binding Page IP Based ACL Page MAC Based ACL Page DHCP Snooping Properties Page VLAN Settings Page Trusted Interface Page Binding Database Page DHCP Option 82 Page ARP Inspection Properties Page ARP Inspection Trusted Interface Page ARP Inspection List Page
104 107 109 110 113 115 117 119 121 122 125 126 128 129 130 132 133 134 135 136 138 140 142 144 145 146 148 150 153 156 160 162 163 166 169 171 173 175 176 177 178 179 181 182 183
Figures Figure 3-88. VLAN Settings Page Figure 3-89. IP Source Guard Properties Page Figure 3-90. Interface Settings Page Figure 3-91. IP Source Guard Binding Database Page Figure 3-92. Static Addresses Page Figure 3-93. Dynamic Addresses Page Figure 3-94. STP General Page Figure 3-95. Interface Configuration Page Figure 3-96. RSTP Page Figure 3-97. MSTP General Page Figure 3-98. MSTP Instance Settings Page Figure 3-99. MSTP Interface Settings Page Figure 3-100. VLAN Basic Information Page Figure 3-101. Current Table Page Figure 3-102. Interface Configuration Page Figure 3-103. Customer Multicast TV VLAN Page Figure 3-104. CPE VLANs Mapping Page Figure 3-105. MAC-Based Groups Page Figure 3-106. Subnet-Based Groups Page Figure 3-107. Protocol Based Groups Page Figure 3-108. Mapping Groups to VLAN Page Figure 3-109. GARP Configuration Page Figure 3-110. GVRP Parameters Page Figure 3-111. GVRP Statistics Page Figure 3-112. IGMP Snooping Page Figure 3-113. Multicast Group Page Figure 3-114. Multicast Forward All Page Figure 3-115. IGMP Snooping Mapping Page Figure 3-116. Multicast TV Membership Page Figure 3-117. CoS Mode Page Figure 3-118. Queue Priority Page Figure 3-119. Bandwidth Configuration Page Figure 3-120. VLAN Rate Limit Page Figure 3-121. CoS to Queue Page Figure 3-122. DSCP Priority Page Figure 3-123. QoS General Page Figure 3-124. DSCP Rewrite Page Figure 3-125. DSCP Mapping Page Figure 3-126. Class Map Page Figure 3-127. Aggregate Policer Page Figure 3-128. Tail Drop Page Figure 3-129. Policy Table Page Figure 3-130. Policy Binding Page Figure 1. VLAN Basic Information Page Figure 2. Add 802.1q VLAN Page 184 185 186 187 189 190 194 197 199 200 201 203 207 209 211 212 213 214 215 216 217 218 220 221 225 226 228 229 230 236 237 239 240 241 242 243 244 245 246 247 248 249 251 704 705
xxiii
Figures Figure 3. Figure 4. Figure 5. Figure 6. Figure 7. Figure 8. Figure 9. Figure 10. Figure 11. Figure 12. Figure 13. Figure 14. Figure 15. Figure 16. Figure 17. VLAN Interface Configuration Page Modify VLAN Interface Configuration Page VLAN Current Table QinQ Configuration Example Triple Play Configuration Add VLAN Membership Page CPE VLAN Mapping Page CPE VLAN Mapping Page VLAN Interface Settings Page Customer Multicast TV VLAN Page VLAN Basic Information Page Add VLAN Page VLAN Interface Configuration Page Modify VLAN Interface Configuration Page VLAN Current Table 705 706 707 707 709 712 713 714 715 716 717 717 718 718 719
xxiv
Chapter 1: Introduction
The OmniStack® 6200 series has seven platforms: · OS-LS-6212 Ethernet based switch with 12 RJ-45 10/100Base-TX ports, two Gigabit combo uplink ports (with SFP or 10/100/1000Base-TX interfaces) and two ports full-duplex Gigabit stacking · OS-LS-6212P Ethernet based switch with 12 RJ-45 10/100Base-TX ports providing
standard-based Power over Ethernet, two Gigabit combo uplink ports (with SFP or 10/ 100/1000Base-TX interfaces) and two ports full-duplex Gigabit stacking
· OS-LS-6224 Ethernet based switch with 24 RJ-45 10/100Base-TX ports, two Gigabit combo uplink ports (with SFP or 10/100/1000Base-TX interfaces) and two ports full-duplex Gigabit stacking (optional DC power source) · OS-LS-6224P Ethernet based switch with 24 RJ-45 10/100Base-TX ports providing standard-based Power over Ethernet, two Gigabit combo uplink ports (with SFP or 10/100/1000Base-TX interfaces) and two ports full-duplex Gigabit stacking · OS-LS-6248 Ethernet based switch with 48 RJ-45 10/100Base-TX ports, two Gigabit combo uplink ports (with SFP or 10/100/1000Base-TX interfaces) and two ports full-duplex Gigabit stacking (optional DC power source) · OS-LS-6248P Ethernet based switch with 48 RJ-45 10/100Base-TX ports providing standard-based Power over Ethernet, two Gigabit combo uplink ports (with SFP or 10/100/1000Base-TX interfaces) and two ports full-duplex Gigabit stacking · OS-LS-6224U Ethernet based switch with 24 100Base-FX external SFP ports, two Gigabit combo ports with assicuated Mini-GBIC slots or RJ-45 ports and two 1000Base-T stacking ports All devices have a management port which is used for debugging and management purposes. This switch provides a broad range of features for switching. It includes a management agent that allows you to configure the features listed in this manual. The default configuration can be used for most of the features provided by this switch. However, there are many options that you should configure to maximize the switch's performance for your particular network environment.
Key Features
Table 1-1. Key Features Feature Configuration Backup and Restore Description Backup to TFTP server
1
1
Introduction
Table 1-1. Key Features
Feature Authentication
Description Console, Telnet, web User name / password, RADIUS, TACACS+ Web HTTPS; Telnet SSH SNMP v1/2c - Community strings SNMP version 3 MD5 or SHA password Port IEEE 802.1x Supports up to 1K IP or MAC ACLs Supported Supported Speed, duplex mode and flow control Input and output rate limiting per port One or more ports mirrored to single analysis port Supports up to 8 trunks using either static or dynamic trunking (LACP) Supported Up to 16K MAC addresses in the forwarding table Supports dynamic data switching and addresses learning Supported to ensure wire-speed switching while eliminating bad frames Supports standard STP, Rapid Spanning Tree Protocol (RSTP), Multiple Spanning Trees (MSTP). Up to 255 using IEEE 802.1Q, port-based, protocol-based, or private VLANs GVRP Default port priority, traffic class map, queue scheduling, IP Precedence, or Differentiated Services Code Point (DSCP) and TCP/UDP Port Prevents devices outside the network core from being assigned the spanning tree root. Used as a security mechanism to protect the network from invalid configurations. MAC authentication ensures that end-user stations meet security policies criteria, and protects networks from viruses. Expands network security by providing a firewall security between untrusted interfaces and DHCP servers. Enables to add information for the DHCP server on request. Restricts IP traffic on non-routed, Layer 2 interfaces by filtering traffic. This feature is based on the DHCP snooping binding database and on manually configured IP source bindings. Classic Address Resolution Protocol is a TCP/IP protocol that translates IP addresses into MAC addresses.
Access Control Lists DHCP Client DNS Server Port Configuration Rate Limiting Port Mirroring Port Trunking Broadcast Storm Control Static Address IEEE 802.1D Bridge Store-and-Forward Switching Spanning Tree Protocol Virtual LANs Traffic Prioritization STP Root Guard STP BPDU Guard 802.1x - MAC Authentication DHCP Snooping DHCP Option 82 IP Source Address Guard ARP Inspection
2
Description of Software Features
Table 1-1. Key Features Feature LLDP-MED QoS Multicast Filtering Power over Ethernet Multicast TV VLAN IP Subnet-Based VLANs MAC-Based VLANs Jumbo Frames QinQ Description
1
Increases network flexibility by allowing different IP systems to co-exist on a single network. Supports Quality of Service (QoS). Supports IGMP snooping and query. Enables PoE support. Supplies multicast transmissions to L2-isolated subscribers, without replicating the multicast transmissions for each subscriber VLAN. Packets are classified according to the packet's source IP subnet in its IP header Packets are classified according to MAC address Support of mini jumbo frames allows forwarding of packets up to 1632 bytes. Allows network managers to add an additional tag to previously tagged packets
Description of Software Features
The switch provides a wide range of advanced performance enhancing features. Flow control eliminates the loss of packets due to bottlenecks caused by port saturation. Broadcast storm suppression prevents broadcast traffic storms from engulfing the network. Port-based and protocol-based VLANs, plus support for automatic GVRP VLAN registration provide traffic security and efficient use of network bandwidth. CoS priority queueing ensures the minimum delay for moving real-time multimedia data across the network. While multicast filtering provides support for real-time network applications. Some of the management features are briefly described below. Configuration Backup and Restore You can save the current configuration settings to a file on a TFTP server, and later download this file to restore the switch configuration settings. Authentication This switch authenticates management access via the console port, Telnet or web browser. User names and passwords can be configured locally or can be verified via a remote authentication server (i.e., RADIUS or TACACS+). Port-based and MAC-based authentication is also supported via the IEEE 802.1x protocol. This protocol uses the Extensible Authentication Protocol over LANs (EAPOL) to request user credentials from the 802.1x client, and then verifies the client's right to access the network via an authentication server. Other authentication options include HTTPS for secure management access via the web, SSH for secure management access over a Telnet-equivalent connection, SNMP version 3, IP address filtering for SNMP/web/Telnet management access, and MAC address filtering for port access.
3
1
Introduction
MAC Address Capacity Support The device supports up to 16K MAC addresses. The device reserves specific MAC addresses for system use. Self-Learning MAC Addresses The device enables automatic MAC addresses learning from incoming packets. Automatic Aging for MAC Addresses MAC addresses from which no traffic is received for a given period are aged out. This prevents the Bridging Table from overflowing. Static MAC Entries User defined static MAC entries are stored in the Bridging Table, in addition to the Self Learned MAC addresses. VLAN-Aware MAC-based Switching Packets arriving from an unknown source address are sent to the CPU. When source addresses are added to the Hardware Table, packets addressed to this address are then forwarded straight to corresponding port. MAC Multicast Support Multicast service is a limited broadcast service, which allows one-to-many and many-to-many connections for information distribution. Layer 2 multicast service is where a single frame is addressed to a specific multicast address, and copies of the frame transmitted to relevant all relevant ports. Address Resolution Protocol IP routing generally utilizes routers and Layer 3 switches to inter-communicate using various routing protocols to discover network topology and define Routing tables. Device Next-Hop MAC addresses are automatically derived by ARP. This includes directly attached end systems. Users can override and supplement this by defining additional ARP Table entries. QinQ tagging QinQ tagging allows network managers to add an additional tag to previously tagged packets. Adding additional tags to the packets helps create more VLAN space. The added tag provides an VLAN ID to each customer, this ensures private and segregated network traffic. Port Configuration You can manually configure the speed, duplex mode, and flow control used on specific ports, or use auto-negotiation to detect the connection settings used by the attached device. Use the full-duplex mode on ports whenever possible to double the throughput of switch connections. Flow control should also be enabled to control network traffic during periods of congestion and prevent the loss of packets when port buffer thresholds are exceeded. The switch supports flow control based on the IEEE 802.3x standard. Rate Limiting This feature controls the maximum rate for traffic transmitted or received on an interface. Rate limiting is configured on interfaces at the edge of a network to limit traffic into or out of the network. Traffic that falls within the rate limit is transmitted, while packets that exceed the acceptable amount of traffic are dropped. Port Mirroring The switch can unobtrusively mirror traffic from any port to a monitor port. You can then attach a protocol analyzer or RMON probe to this port to perform traffic analysis and verify connection integrity. Port Trunking Ports can be combined into an aggregate connection. Trunks can be manually set up or dynamically configured using IEEE 802.3ad Link Aggregation
4
Description of Software Features
1
Control Protocol (LACP). The additional ports dramatically increase the throughput across any connection, and provide redundancy by taking over the load if a port in the trunk should fail. The switch supports up to 6 trunks. Broadcast Storm Control Broadcast suppression prevents broadcast traffic from overwhelming the network. When enabled on a port, the level of broadcast traffic passing through the port is restricted. If broadcast traffic rises above a pre-defined threshold, it will be throttled until the level falls back beneath the threshold. Static Addresses A static MAC address can be assigned to a specific interface on this switch. Static addresses are bound to the assigned interface and will not be moved. When a static address is seen on another interface, the address will be ignored and will not be written to the address table. Static addresses can be used to provide network security by restricting access for a known host to a specific port. STP BPDU Guard Bridge Protocol Data Units (BPDU) Guard expands network adminstrator's ablility to enforce STP borders and maintain STP topologies realibility. BPDU is utilized when Fast Link ports is enabled and/or if the Spanning Tree Protocol is disabled on ports. If a BPDU message is sent to a port on which STP is disabled, BPDU Guard shuts down the port, and generates a SNMP message. STP Root Guard Spanning Tree Root Guard is used to prevent an unauthorized device from becoming the root of a spanning tree. Root guard functionality enables detection and resolution of misconfigurations, while preventing loops or loss of connectivity. 802.1x - MAC Authentication MAC authentication like the 802.1X allows network access to a device, for example, printers and IP phones, that do not have the 802.1X supplicant capability. MAC authentication uses the MAC address of the connecting device to grant or deny network access. To support MAC authentication, the RADIUS authentication server maintains a database of MAC addresses for devices that require access to the network. In order for the feature to be active, 802.1x must be in auto-mode. User then can enable the MAC authentication feature in one of following modes: · MAC Only Where only MAC authentication is enabled · MAC + 802.1x (In that case 802.1x takes precedence) The feature can be enabled per port. The port must be a member of a guest VLAN prior of activating the feature. DHCP Snooping DHCP Snooping expands network security by providing a firewall security between untrusted interfaces and DHCP servers. By enabling DHCP Snooping network administrators can identify between trusted interfaces connected to end-users or DHCP Servers, and untrusted interface located beyond the network firewall. DHCP Snooping creates and maintains a DHCP Snooping Table which contains information received from untrusted packets. Interfaces are untrusted if the packet is received from an interface from outside the network or from a interface beyond the network firewall.
5
1
Introduction
DHCP Option 82 DHCP server can insert information into DHCP requests. The DHCP information is used to assign IP addresses to network interfaces. IP Source Address Guard IP source guard stops malignant network users from using unallocated network IP addresses. IP Source Guard ensures that only packets with an IP address stored in the DHCP Database are forwarded. IP address stored in the DHCP Snooping Database are either statically configured by the network administrator or are retrieved using DHCP. IP source guard can be enabled only on DHCP snooping untrusted interface. Dynamic ARP Inspection ARP Inspection eliminates man-in-the-middle attacks, where false ARP packets are inserted into the subnet. ARP requests and responses are inspected, and their MAC Address to IP Address binding is checked. Packets with invalid ARP Inspection Bindings are logged and dropped. Packets are classified as: · Trusted -- Indicates that the interface IP and MAC address are recognized, and recorded in the ARP Inspec-tion List. Trusted packets are forward without ARP Inspection. · Untrusted -- Indicates that the packet arrived from an interface that does not have a recognized IP and MAC addresses. The packet is checked for: · Source MAC -- Compares the packet's source MAC address against the sender's MAC address in the ARP request. This check is performed on both ARP requests and responses. · Destination MAC -- Compares the packet's destination MAC address against the destination interface's MAC address. This check is performed for ARP responses. · IP Addresses -- Compares the ARP body for invalid and unexpected IP addresses. Addresses include 0.0.0.0, 255.255.255.255, and all IP Multicast addresses. If the packet's IP address was not found in the ARP Inspection List, and DHCP snooping is enabled for a VLAN, a search of the DHCP Snooping Database is performed. If the IP address is found the packet is valid, and is forwarded. ARP inspection is performed only on untrusted interfaces. LLDP - The Link Layer Discovery Protocol (LLDP) allows network managers to troubleshoot and enhance network management by discovering and maintaining network topologies over multi-vendor environments. LLDP discovers network neighbors by standardizing methods for network devices to advertise themselves to other system, and to store discovered information. Device discovery information includes: · Device Identification · Device Capabilities · Device Configuration The advertising device transmits multiple advertisement message sets in a single LAN packet. The multiple advertisement sets are sent in the packet Type Length Value (TLV) field. LLDP devices must support chassis and port ID advertisement, as well as system name, system ID, system description, and system capability
6
Description of Software Features
advertisements
1
LLDP-MED LLDP Media Endpoint Discovery (LLDP-MED) increases network flexibility by allowing different IP systems to co-exist on a single network. Provides detailed network topology information, including what device are located on the network, and where the devices are located. For example, which IP phone is connect to what port, which software is running on what switch, and which port is connected to what PC. Spanning Tree Protocol The switch supports these spanning tree protocols: Spanning Tree Protocol (STP, IEEE 802.1D) This protocol adds a level of fault tolerance by allowing two or more redundant connections to be created between a pair of LAN segments. When there are multiple physical paths between segments, this protocol will choose a single path and disable all others to ensure that only one route exists between any two stations on the network. This prevents the creation of network loops. However, if the chosen path should fail for any reason, an alternate path will be activated to maintain the connection. Rapid Spanning Tree Protocol (RSTP, IEEE 802.1w) This protocol reduces the convergence time for network topology changes to about 10% of that required by the older IEEE 802.1D STP standard. It is intended as a complete replacement for STP, but can still interoperate with switches running the older standard by automatically reconfiguring ports to STP-compliant mode if they detect STP protocol messages from attached devices. Multiple Spanning Tree Protocol (MSTP, IEEE 802.1s) This protocol is a direct extension of RSTP. It can provide an independent spanning tree for different VLANs. It simplifies network management, provides for even faster convergence than RSTP by limiting the size of each region, and prevents VLAN members from being segmented from the rest of the group (as sometimes occurs with IEEE 802.1D STP). Virtual LANs The switch supports up to 255 VLANs. A Virtual LAN is a collection of network nodes that share the same broadcast domain regardless of their physical location or connection point in the network. The switch supports tagged VLANs based on the IEEE 802.1Q standard. Members of VLAN groups can be dynamically learned via GVRP, or ports can be manually assigned to a specific set of VLANs. This allows the switch to restrict traffic to the VLAN groups to which a user has been assigned. By segmenting your network into VLANs, you can: · Eliminate broadcast storms which severely degrade performance in a flat network. · Simplify network management for node changes/moves by remotely configuring VLAN membership for any port, rather than having to manually change the network connection. · Provide data security by restricting all traffic to the originating VLAN. · Use private VLANs to restrict traffic to pass only between data ports and the uplink ports, thereby isolating adjacent ports within the same VLAN, and allowing you to limit the total number of VLANs that need to be configured. · Use protocol VLANs to restrict traffic to specified interfaces based on protocol type.
7
1
Introduction
Traffic Prioritization This switch prioritizes each packet based on the required level of service, using eight priority queues with strict or Weighted Round Robin Queuing. It uses IEEE 802.1p and 802.1Q tags to prioritize incoming traffic based on input from the end-station application. These functions can be used to provide independent priorities for delay-sensitive data and best-effort data. This switch also supports several common methods of prioritizing layer 3/4 traffic to meet application requirements. Traffic can be prioritized based on the priority bits in the IP frame's Type of Service (ToS) octet or the number of the TCP/UDP port. When these services are enabled, the priorities are mapped to a Class of Service value by the switch, and the traffic then sent to the corresponding output queue. Multicast Filtering Specific multicast traffic can be assigned to its own VLAN to ensure that it does not interfere with normal network traffic and to guarantee real-time delivery by setting the required priority level for the designated VLAN. The switch uses IGMP Snooping and Query to manage multicast group registration. Virtual Cable Testing (VCT) VCT detects and reports copper link cabling occurrences, such as open cables and cable shorts. MDI/MDIX Support The device supports auto-detection between crossed and straight-through cables. Standard wiring for end stations is Media-Dependent Interface (MDI) and the standard wiring for hubs and switches is known as Media-Dependent Interface with Crossover (MDIX). Quality of Service (QoS) Support Network traffic is usually unpredictable, and the only basic assurance that can be offered is Best Effort traffic delivery. To overcome this challenge, Quality of Service (QoS) is applied throughout the network. This ensures that network traffic is prioritized according to specified criteria, and that specific traffic receives preferential treatment. QoS in the network optimizes network performance. The device supports the following QoS modes: · Basic · Advanced Class Of Service 802.1p Support The IEEE 802.1p signaling technique is an OSI Layer 2 standard for marking and prioritizing network traffic at the data link/MAC sub-layer. 802.1p traffic is classified and sent to the destination. No bandwidth reservations or limits are established or enforced. 802.1p is a spin-off of the 802.1Q (Vlans) standard. 802.1p establishes eight levels of priority, similar to the IP Precedence IP Header bit-field. Quality of Service Basic Mode In the Basic QoS mode, it is possible to activate a trust mode (to trust VPT, DSCP, TCP/UDP or none). In addition, a single Access Control List can be attached to an interface. Web Based Management With web based management, the system can be managed from any web browser. The system contains an Embedded Web Server (EWS), which serves HTML pages, through which the system can be monitored and configured. The system internally converts web-based input into configuration commands, MIB variable settings and other management-related settings.
8
System Defaults
1
Remote Monitoring Remote Monitoring (RMON) is an extension to SNMP, which provides comprehensive network traffic monitoring capabilities (as opposed to SNMP which allows network device management and monitoring). RMON is a standard MIB that defines current and historical MAC-layer statistics and control objects, allowing real-time information to be captured across the entire network. VLAN Groups Provides VLAN classification by MAC address, subnet, and protocol groups. Multicast TV Supplies multicast transmissions to L2-isolated subscribers, without replicating the multicast transmissions for each subscriber VLAN Port Based Authentication Port based authentication enables authenticating system users on a per-port basis via an external server. Only authenticated and approved system users can transmit and receive data. Ports are authenticated via the Remote Authentication Dial In User Service (RADIUS) server using the Extensible Authentication Protocol (EAP).
System Defaults
The device is configured with default settings. To reset the device to the default settings, delete the startup configuration. The following table lists some of the basic system defaults.
Table 1-2. System Defaults Function Console Port Connection Parameter Baud Rate Data bits Stop bits Parity Local Console Timeout Authentication Privileged Exec Level Normal Exec Level Default 9600 8 1 0 10 no password no password
Enable Privileged Exec from Normal no password Exec Level RADIUS Authentication TACACS Authentication 802.1x Port Authentication HTTPS SSH Port Security disabled disabled disabled disabled disabled disabled
9
1
Introduction
Table 1-2. System Defaults
Function SNMP
Parameter Community Strings Traps SNMP V3 View:
Default no SNMP communities disabled local engine ID of device is comprised of IANA Private Enterprise number & MAC address of device enabled on off list of all capabilities on port enabled 300 sec. 30 sec. disabled up to 8 port in 8 trunks can be defined 1 1 long disabled 100 kbps enabled STP enabled 300 seconds 1 1 all on hybrid (tagged/untagged) disabled disabled
Port Configuration
Admin Status Auto-negotiation Flow Control Port Capability
AMAP
Status Common Phase Timeout Interval Discovery Phase Timeout Interval
Rate Limiting Port Trunking
Input and output limits Static Trunks LACP system priority LACP Port-priority LACP
Broadcast Storm Protection Spanning Tree Protocol
Status Broadcast Limit Rate Status Spanning Tree Mode Fast Forwarding (Edge Port)
Address Table Virtual LANs
Aging Time Default VLAN PVID Acceptable Frame Type Ingress Filtering Switchport Mode (Egress Mode) GVRP (global) GVRP (port interface)
10
System Defaults
Table 1-2. System Defaults Function Quality of Service Parameter QoS Mode CoS Mapping Default disabled
1
Cos 0 - queue 1; CoS 1 - queue 1; Cos 2 queue 1 Cos 3 - queue 1; CoS 4 - queue 2; Cos 5 queue 2 Cos 6 - queue 3; CoS 7 - queue 3; all queues are expedite queues none none none disabled enabled if configuration is empty and there is no command line activity within 60 seconds enabled disabled on 200 200 0:00 Jan 1, 2000 internal disabled no servers defined disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled enabled
Scheduling IP Settings IP Address Subnet Mask Default Gateway DHCP BOOTP DNS Server Multicast Filtering System Log Domain Lookup IGMP Snooping Status Messages Logged Messages Logged to Flash SNTP Clockset Clock source Daylight Savings SNTP Port Security Port Lock DHCP Snooping DHCP Option 82 STP BPDU Guard ARP Inspection IP Source Address Guard Root Guard Multicast Forwarding IGMP Snooping (Global) IGMP Snooping (Interface) Multicast TV VLAN SSH Server
11
1
SSL
Introduction
Table 1-2. System Defaults
Function
Parameter Server RADIUS server TACACS+ server
Default enabled none defined none defined
RADIUS TACACS+
12
Chapter 2: Initial Configuration
This section describes the initial device configuration and includes the following topics: · General Configuration Information · Booting the Switch · Configuration Overview · Advanced Configuration · Software Download and Reboot · Startup Menu Functions After completing all external connections, connect a terminal to the device to monitor the boot and other procedures. The order of installation and configuration procedures is illustrated in the following figure. For the initial configuration, the standard device configuration is performed. Other functions can be performed, but doing so suspends the installation process and causes a system reboot. Performing other functions is described later in this section.
13
2
Initial Configuration
Figure 2-1. Installation and Configuration
General Configuration Information
Your device has predefined features and setup configuration.
14
General Configuration Information
2
Auto-Negotiation
Auto-negotiation allows a device to advertise modes of operation and share information with another device that shares a point-to-point link segment. This automatically configures both devices to take maximum advantage of their abilities. Auto-negotiation is performed completely within the physical layers during link initiation, without any additional overhead to either the MAC or higher protocol layers. Auto-negotiation allows the ports to do the following: · Advertise their abilities · Acknowledge receipt and understanding of the common modes of operation that both devices share · Reject the use of operational modes that are not shared by both devices · Configure each port for the highest-level operational mode that both ports can support If connecting a port of the switch to the network interface card (NIC) of a terminal that does not support auto-negotiation or is not set to auto-negotiation, both the device port and the NIC must be manually set with the Web browser interface or CLI commands to the same speed and duplex mode. Note: If the station on the other side of the link attempts to auto-negotiate with a port that
is manually configured to full duplex, the auto-negotiation results in the station attempting to operate in half duplex. The resulting mismatch may lead to significant frame loss. This is inherent in the auto-negotiation standard.
Device Port Default Settings
The following table describes the device port default settings.
Function Port speed and mode Port forwarding state Head of line blocking prevention Flow Control Back Pressure Default Settings 100 M or 1000M Auto-negotiation Enabled On (Enabled) Off Off
Note: These default settings can be modified once the device is installed. The following is an example for changing the port speed on port g1 using CLI commands:
Console (config)# interface ethernet g1 Console (config-if)# speed 100 4-376 4-380
15
2
Initial Configuration
The following is an example for enabling flow control on port e1 using CLI commands:
Console (config)# interface ethernet e1 Console (config-if)# flowcontrol on 4-376 4-383
The following is an example for enabling back pressure on port e1 using CLI commands.
Console (config)# interface ethernet e1 Console (config-if)# speed 10 Console (config-if)# back-pressure 4-376 4-380 4-384
Booting the Switch
To boot the switch, perform the following: 1. 2. 3. 4. Ensure that the device console is connected to a VT100 terminal device or VT100 terminal emulator. Deactivate the AC power receptacle. Connect the device to the AC receptacle. Activate the AC power receptacle.
When the power is turned on with the local terminal already connected, the switch goes through Power On Self Test (POST). POST runs every time the device is initialized and checks hardware components to determine if the device is fully operational before completely booting. If a critical problem is detected, the program flow stops. If POST passes successfully, a valid executable image is loaded into RAM. POST messages are displayed on the terminal and indicate test success or failure. As the switch boots, the bootup test first counts the device memory availability and then continues to boot. The following screen is an example of the displayed POST.
------ Performing the Power-On Self Test (POST) -----Boot1 Checksum Test...............................PASS Boot2 Checksum Test...............................PASS Flash Image Validation Test.......................PASS BOOT Software Version x.x.x.xx Built 07-Jan-200x 10:53:05 Processor: xxxxxx xxxxx xxxx, xx MByte SDRAM. I-Cache 8 KB. D-Cache 8 KB. Cache Enabled. Autoboot in 2 seconds - press RETURN or Esc. to abort and enter prom.
The boot process runs approximately 30 seconds.
16
Booting the Switch
The auto-boot message that appears at the end of POST (see the last lines) indicates that no problems were encountered during boot.
2
During boot, the Startup menu can be accessed if necessary to run special procedures. To enter the Startup menu, press
If this document matches the user guide, instructions manual or user manual, feature sets, schematics you are looking for, download it now. Diplodocs provides you a fast and easy access to the user manual ALCATEL-LUCENT OMNISTACK LS 6200. ALCATEL-LUCENT offer a product for which we do not have the user manual? Let us know what you are looking for: user guide, owner's manual, online manual, operating instructions, quick start guide, mounting instructions, schematics, service manual, installation instructions, RTFM. Diplodocs allows you to download user manual ALCATEL-LUCENT OMNISTACK LS 6200, user guide ALCATEL-LUCENT OMNISTACK LS 6200, instructions ALCATEL-LUCENT OMNISTACK LS 6200, owner's manual ALCATEL-LUCENT OMNISTACK LS 6200, online manual ALCATEL-LUCENT OMNISTACK LS 6200.ALCATEL-LUCENT OMNISTACK LS 6200, ALACATEL, ALCALTEL, ALISET, OMNIPCX, SPEEDTOUCH, Landline Phone & Answering Machine. |
 |
Include the add-on to download manuals from your site, forum or blog |  |
Frequently Asked Questions |  |
Contact Diplodocs team |  |
Last searches Last additions |
 |
Sitemap |  |
|||
| Brands starting with A B C D E F G H I J K L M N O P Q R S T U V W X Y Z # | |||||||||||||
|
|
Copyright © 2005 - 2008 - Diplodocs -
All Rights Reserved. Designated trademarks and brands are the property of their respective owners. |