Page 1: User Guide
Dell™ PowerConnect™ 5324 System User Guide w w w . d e l l . c o m | s u p p o r t . d e l l . c o m...
Page 2 Other trademarks and trade names may be used in this document to refer to either the entities claiming the marks and names or their products. Dell Inc. disclaims any proprietary interest in trademarks and trade names other than its own.
Page 3: Table Of Contents
........PowerConnect 5324 Front Panel Port Description ....
Page 4 Installing the PowerConnect Device ......Installation Precautions ......Site Requirements .
Page 5 ....Software Download Through TFTP Server Using Dell OpenManage Switch Administrator ......
Page 6 User EXEC Mode ........... . Privileged EXEC Mode Global Configuration Mode .
Page 7 Managing Device Security ..........Defining Access Profiles Defining Authentication Profiles .
Page 8 Configuring GARP ........... . Defining GARP Timers .
Page 9 Defining RMON Device Alarms ..........Viewing Charts .
Page 10 System LEDs ..Figure 3-9. Connection Rack Mounting Brackets Figure 3-10. Connecting to PowerConnect 5324 Console Port ..Figure 3-11. Connecting to Device Power Connector Figure 4-12. Installation and Configuration Flow .
Page 11 Figure 6-27. SNTP Servers Table ......Figure 6-28. Add SNTP Interface Page ... . . Figure 6-29.
Page 12 Figure 6-55. Authentication Profiles ..... . Figure 6-56. Add Authentication Profile Page ... . . Figure 6-57.
Page 13 Figure 7-83. Multiple Hosts Table ......Figure 7-84. Authenticated Users ... Figure 7-85.
Page 14 Figure 7-111. Bridge Multicast Group ......Figure 7-112. Add Bridge Multicast Group ..Figure 7-113.
Page 15 Table 2-2. SFP Port LED Indications ......Table 2-3. System LED Indications ..Table 3-4.
Page 16 Table 6-29. DNS Server CLI Commands ....Table 6-30. DNS Domain Name CLI Commands ..Table 6-31.
Page 17 Table 7-57. Static Address CLI Commands ....Table 7-58. Query and Sort CLI Commands ... Table 7-59.
Page 18 Table 8-83. GVRP Statistics CLI Commands ....Table 8-84. RMON Statistics CLI Commands ..Table 8-85.
Page 19: Introduction
PowerConnect device. PowerConnect 5324 The PowerConnect 5324 has 24 Gigabit Ethernet ports. There are also four SFP fiber ports that are designated as combo port alternatives to Ethernet ports 21-24. The combo ports are single ports with two physical connections. When one is connected the other is disabled.
Page 20: General Features
General Features Head of Line Blocking Head of Line (HOL) blocking results in traffic delays and frame loss caused by traffic competing for the same egress port resources. HOL blocking queues packets, and the packets at the head of the queue are forwarded before packets at the end of the queue. Virtual Cable Testing (VCT) VCT detects and reports copper link cabling occurrences, such as open cables and cable shorts.
Page 21: Mac Address Supported Features
MAC Address Supported Features MAC Address Capacity Support The device supports up to eight thousand MAC addresses. The device reserves specific MAC addresses for system use. Self-Learning MAC Addresses The device enables automatic MAC address learning from incoming packets. The MAC addresses are stored in the Bridging Table.
Page 22: Vlan Supported Features
Port Mirroring Port mirroring monitors and mirrors network traffic by forwarding copies of incoming and outgoing packets from a monitored port to a monitoring port. Users specify which target port receives copies of all traffic passing through a specified source port. For more information, see "Defining Port Mirroring Sessions".
Page 23: Spanning Tree Protocol Features
GVRP Support GARP VLAN Registration Protocol (GVRP) provides IEEE 802.1Q-compliant VLAN pruning and dynamic VLAN creation on 802.1Q trunk ports. When GVRP is enabled, the device registers and propagates VLAN membership on all ports that are part of the active underlying "Spanning Tree Protocol Features"...
Page 24: Table
LAG is composed of ports with the same speed, set to full-duplex operation. For more information, see "Defining LAG Membership". Link Aggregation and LACP LACP uses peer exchanges across links to determine, on an ongoing basis, the aggregation capability of various links, and continuously provides the maximum level of aggregation capability achievable between a given pair of systems.
Page 25: Device Management Features
Device Management Features SNMP Alarms and Trap Logs The system logs events with severity codes and timestamps. Events are sent as Simple Network Management Protocol (SNMP) traps to a Trap Recipient List. For more information on SNMP Alarms and Traps, see "Defining SNMP Parameters". SNMP Version 1 and Version 2 Simple Network Management Protocol (SNMP) over the UDP/IP protocol.
Page 26: Security Features
Syslog Syslog is a protocol that allows event notifications to be sent to a set of remote servers, where they can be stored, examined and acted upon. Multiple mechanisms are implemented to send notification of significant events in real time, and keep a record of these events for after-the-fact usage.
Page 27: Additional Cli Documentation
RADIUS Client RADIUS is a client/server-based protocol. A RADIUS server maintains a user database, which contains per-user authentication information, such as user name, password and accounting information. For more information, see "Configuring RADIUS Global Parameters". Secure Shell (SSH) is a protocol that provides a secure, remote connection to a device. SSH version 1 is currently available.
Page 28 Introduction...
Page 29: Hardware Description
Hardware Description Device Port Configurations PowerConnect 5324 Front Panel Port Description The PowerConnect 5324 device is configured with the following ports: • 24 Copper ports — RJ-45 ports designated as 10/100/1000 BaseT Gigabit Ethernet ports • 4 Fiber ports — Designated as Gigabit ports •...
Page 30: Powerconnect Back Panel Port Description
The device automatically detects whether the cable connected to an RJ-45 port is crossed or straight through, and functions either way. PowerConnect Back Panel Port Description The device back panel contains connectors for power, as illustrated in the Figure 2-4. Figure 2-4.
Page 31: Physical Dimensions
Combo Ports A combo port is a single logical port with two physical connections: • A RJ-45 connection for Twisted Pair copper cabling • A SFP connection for various fiber-based modules Only one of the two physical connections of a combo port may be used at any one time. Port features and available port controls are determined by the physical connection used.
Page 32: System Leds
The RJ-45 LED indications are described in the following table: Table 2-1. RJ-45 Copper based 10/100/1000BaseT LED Indications Color Description Left LED Green Static The port is linked at 1000 Mbps. Green Flashing The port is transmitting or receiving data at 1000 Mbps.
Page 33: Hardware Components
Figure 2-8. System LEDs The following table describes the system LED indications. Table 2-3. System LED Indications Color Description Diagnostics (DIAG) Green Flashing The system is currently running a diagnostic test. Green Static The system passed the diagnostic test. Red Static The system failed the diagnostic test.
Page 34: Reset Button
Power supply LEDs indicate the power supply status. For more information on LEDs, see "LED Definitions". AC Power Supply Unit The AC power supply unit converts standard 220/110V AC 50/60 Hz to 5V DC at 5A, 12V DC at 3A. The unit automatically senses the available voltage rating (110 or 220V) and no setting is required.
Page 35: Installing The Powerconnect Device
Installation Precautions CAUTION Before performing any of the following procedures, read and follow the safety instructions located in the System Information Guide included in the Dell Documentation. CAUTION Observe the following points before performing the procedures in this section: •...
Page 36: Site Requirements
Site Requirements The device can be mounted in a standard 19-inch rack or placed on a tabletop. Before installing the device, verify that the location chosen for installation meets the site requirements. • General — Ensure that the power supply is correctly installed. •...
Page 37: Mounting The Device
Inspect the device for damage. Report any damage immediately. Mounting the Device Overview The power connectors for the device are positioned on the back panel. Connecting a DC Redundant Power Supply (UPS) is optional, but is recommended. The UPS DC connector is located on the back panel of the device.
Page 38: Installing The Device Without A Rack
Insert the supplied screws into the rack mounting holes and tighten with a screwdriver. Repeat the process for the rack-mounting bracket on the other side of the device. Insert the unit into the 19-inch rack ensuring the rack-mounting holes on the device line up to the mounting hole on the rack.
Page 39: Connecting A Device To A Power Supply
The device Console port is located on the front panel. Figure 3-10. Connecting to PowerConnect 5324 Console Port Connecting a Device to a Power Supply Using a 5-foot (1.5 m) standard power cable with safety ground connected, connect the power cable to the AC connector located on the back panel.
Page 40: Port Connections, Cables, And Pinout Information
Figure 3-11. Connecting to Device Power Connector Confirm that the device is connected and operating correctly by examining the LEDs on the front panel. Port Connections, Cables, and Pinout Information This section explains the device’s physical interfaces, and provides information about port connections.
Page 41: Port Default Settings
Table 3-4. Ports, Connectors and Cables Connector Port/Interface Cable RJ-45 10/100/1000BaseT Port Cat.5 The RJ-45pin number allocation for the 10/100/1000BaseT ports is listed in the table following. Table 3-5. RJ-45 Pin Number Allocation for 10/100/1000BaseT Ethernet Port Function Pin No TxRx 1+ TxRx 1- TxRx 2+...
Page 42: Mdi/Mdix
MDI/MDIX The device supports auto-detection of straight through and crossed cables on all switching 10/100/1000BaseT ports. The feature is part of the Auto-negotiation and is enabled when Auto- negotiation is enabled. When the MDI/MDIX (Media Dependent Interface with Crossover) is enabled, the automatic correction of errors in cable selection is possible, making the distinction between a straight through cable and a crossover cable irrelevant.
Page 43: Starting And Configuring The Device
For initial configuration, the standard device configuration is performed. NOTE: Before proceeding, read the release notes for this product. The release notes can be downloaded from www.support.dell.com. Figure 4-12. Installation and Configuration Flow Configure the Terminal To configure the device, the terminal must be running terminal emulation software.
Page 44: Booting The Device
Ensure that the terminal emulation software is set as follows: Select the appropriate serial port (serial port 1 or serial port 2) to connect to the console. Set the data rate to 9600 baud. Set the data format to 8 data bits, 1 stop bit, and no parity. Set flow control to none.
Page 45 ------ Performing the Power-On Self Test (POST) ------ UART Channel Loopback Test......PASS Testing the System SDRAM......PASS Boot1 Checksum Test.......PASS Boot2 Checksum Test.......PASS Flash Image Validation Test.......PASS BOOT Software Version 1.0.0.20 Built 22-Jan-2004 15:09:28 Processor: FireFox 88E6218 ARM946E-S , 64 MByte SDRAM. I-Cache 8 KB.
Page 46 HW version is 00.01.07 Base Mac address is: 00:00:07:77:77:77 Dram size is : 64M bytes Dram first block size is : 40960K bytes Dram first PTR is : 0x1800000 Flash size is: 16M Device configuration: Prestera based system Slot 1 - Neyland24 HW Rev. 0.1 Tapi Version: v1.2.9 Core Version: v1.2.9 01-Jan-2000 01:01:32 %INIT-I-InitCompleted: Initialization task is...
Page 47 01-Jan-2000 01:01:36 %LINK-W-Down: 01-Jan-2000 01:01:36 %LINK-W-Down: 01-Jan-2000 01:01:36 %LINK-W-Down: 01-Jan-2000 01:01:36 %LINK-W-Down: 01-Jan-2000 01:01:36 %LINK-W-Down: 01-Jan-2000 01:01:36 %LINK-I-Up: Vlan 3000 01-Jan-2000 01:01:36 %LINK-I-Up: Vlan 1 01-Jan-2000 01:01:36 %LINK-I-Up: 01-Jan-2000 01:01:36 %LINK-I-Up: 01-Jan-2000 01:01:36 %LINK-I-Up: 01-Jan-2000 01:01:36 %LINK-I-Up: 01-Jan-2000 01:01:36 %LINK-I-Up: 01-Jan-2000 01:01:36 %LINK-I-Up: 01-Jan-2000 01:01:36 %LINK-W-Down: 01-Jan-2000 01:01:36 %LINK-W-Down:...
Page 48: Configuration Overview
The initial configuration consists of the following: • Setting the user name 'admin', password as 'dell' with the highest privilege level of 15. • Configuring the static IP address and the default gateway. •...
Page 49: Static Ip Address And Subnet Mask
• The read/write SNMP community string is "private" console> enable console# configure console(config)# username admin password dell level 15 console(config)# interface VLAN 1 console (config-if) # ip address 192.168.1.123 /24 console (config-if) # exit console (config) # ip default-gateway 192.168.1.1...
Page 50: Verifying The Ip And Default Gateway Addresses
NOTE: It is recommended that the most recent revision of the user documentation is downloaded from the Dell support website at support.dell.com. User Name To manage the device remotely, for example through SSH, Telnet, or the Web interface, a user name must be configured.
Page 51: Snmp Community Strings
SNMP Community Strings Simple Network Management Protocol (SNMP) provides a method for managing network devices. Devices supporting SNMP run a local software (agent). The SNMP agents maintain a list of variables, used to manage the device. The variables are defined in the Management Information Base (MIB).
Page 52: Configuring Snmp
– Read Only — Indicates that the community members can view configuration information, but cannot change any information. – Read/Write — Indicates that the community members can view and modify configuration information. – Super — Indicates that the community members have administration access. •...
Page 53: Advanced Configuration
Console# show snmp Community- Community-Access IP address String --------------- ---------------- ----------------------------- private read write 11.1.1.2 Traps are enabled. Authentication trap is enabled. Trap-Rec- Trap-Rec- Version Address Community System Contact: System Location: Advanced Configuration This section provides information about dynamic allocation of IP addresses and security management based on the authentication, authorization, and accounting (AAA) mechanism, and includes the following topics: •...
Page 54 Enter the following commands to use the selected port for receiving the IP address. In the following example, the commands are based on the port type used for configuration. • Assigning Dynamic IP Addresses: console# configure console(config)# interface ethernet g1 console(config-if)# ip address dhcp hostname device console(config-if)# exit console(config)#...
Page 55: Receiving An Ip Address From A Bootp Server
Console# show ip interface Gateway IP Address Activity status --------------------- ------------------ 10.7.1.1 Active IP address Interface Type ------------------- ------------ ------------ 10.7.1.192/24 VLAN 1 Static 10.7.2.192/24 VLAN 2 DHCP NOTE: It is not necessary to delete the device configuration to retrieve an IP address from the DHCP server.
Page 56: Security Management And Password Configuration
console# delete startup-config Startup file was deleted console# reload You haven’t saved your changes. Are you sure you want to continue (y/n) [n]? This command will reset the whole system and disconnect your current session. Do you want to continue (y/n) [n]? ****************************************************** /* the switch reboots */ To verify the IP address, enter the show ip interface command.
Page 57: Configuring An Initial Terminal Password
Configuring an Initial Terminal Password To configure an initial terminal password, enter the following commands: console(config)# aaa authentication login default line console(config)# aaa authentication enable default line console(config)# line console console(config-line)# login authentication default console(config-line)# enable authentication default console(config-line)# password george •...
Page 58: Configuring An Initial Http Password
• When initially logging onto a device through a SSH session, enter jones at the password prompt. • When changing a device’s mode to enable, enter jones. Configuring an Initial HTTP Password To configure an initial HTTP password, enter the following commands: console(config)# ip http authentication local console(config)# username admin password user1 level 15 Configuring an Initial HTTPS Password...
Page 59 ************************************************** ------ Performing the Power-On Self Test (POST) ------ UART Channel Loopback Test......PASS Testing the System SDRAM......PASS Boot1 Checksum Test.......PASS Boot2 Checksum Test.......PASS Flash Image Validation Test.......PASS BOOT Software Version 1.0.0.20 Built 22-Jan-2004 15:09:28 Processor: FireFox 88E6218 ARM946E-S , 64 MByte SDRAM. I-Cache 8 KB.
Page 60: Software Download
The following sections describe the available Startup menu options. NOTE: When selecting an option form the Startup menu, time out must be taken into account: if no selection is made within 35 seconds (default), the device times out. This default value can be changed through CLI.
Page 61: Password Recovery
Password Recovery If a password is lost, the Password Recovery procedure can be called from the Startup menu. The procedure enables entry to the device once without password. To recover a lost password for the local terminal only: From the Startup menu, type 3 and press <Enter>. The password is deleted.
Page 62 Enter copy tftp://{tftp address}/{file name} image to copy a new system image to the device. When the new image is downloaded, it is saved in the area allocated for the other copy of system image (image-2, as given in the example). The following is an example of the information that appears: console# copy tftp://176.215.31.3/file1.ros image Accessing file ‘file1’...
Page 63 Ensure that the file to be downloaded is saved on the TFTP server (the rfb file). Enter show version to verify which software version is currently running on the device. The following is an example of the information that appears: console# sh ver SW version 1.0.0.42 (date 22-Jul-2004 time 13:42:41)
Page 64 Starting and Configuring the Device...
Page 65: Using Dell Openmanage Switch Administrator
Device View — Located on the right side of the home page, the device view provides a view of the device, an information or table area, and configuration instructions. Figure 5-13. Switch Administrator Components Table 5-7 lists the interface components with their corresponding numbers. Using Dell OpenManage Switch Administrator...
Page 66: Device Representation
The components list contains a list of the feature components. Components can also be viewed by expanding a feature in the tree view. The information buttons provide access to information about the device and access to Dell Support. For more information, see "Information Buttons." Device Representation The PowerConnect home page contains a graphical device representation of the front panel.
Page 67: Using The Switch Administrator Buttons
For example, if the IP Addressing page is open, the help topic for that page opens when Help is clicked. About Contains the version and build number and Dell copyright information. Log Out Logs out of the application and closes the browser window.
Page 68: Starting The Application
Passwords are both case sensitive and alpha-numeric. Click OK. The Dell PowerConnect OpenManage™ Switch Administrator home page opens. Accessing the Device Through the CLI The device can be managed over a direct connection to the console port or via a Telnet connection.
Page 69: Console Connection
To start a Telnet session: Select Start > Run. The Run window opens. In the Run window, type Telnet <IP address > in the Open field. Click OK to begin the Telnet session. Using Dell OpenManage Switch Administrator...
Page 70: Using The Cli
At the prompt type enable and press <Enter>. When a password prompt displays, enter the password and press <Enter>. The Privileged EXEC mode prompt displays as the device host name followed by #. For example: Using Dell OpenManage Switch Administrator...
Page 71: Global Configuration Mode
To return from Global Configuration mode to Privileged EXEC mode, type the exit command or use the <Ctrl><Z> command. The following example illustrates how to access Global Configuration Mode and return back to the Privileged EXEC Mode: console# console#configure console(config)#exit console# Using Dell OpenManage Switch Administrator...
Page 72: Interface Configuration Mode
The following example shows how to create an access-list called "mlist", configure two management interfaces ethernet g1 and ethernet g9, and make the access-list the active list: Console (config)# management access-list mlist Console (config-macl)# permit ethernet g1 Console (config-macl)# permit ethernet g9 Using Dell OpenManage Switch Administrator...
Page 73: Cli Examples
Console(config)# crypto key pubkey-chain ssh Console(config-pubkey-chain)# CLI Examples CLI commands are provided as configuration examples. For a full description of the CLI commands, including examples, refer to the "CLI Reference Guide" included on the Documentation CD. Using Dell OpenManage Switch Administrator...
Page 74 Using Dell OpenManage Switch Administrator...
Page 75: Configuring System Information
Configuring System Information This section provides information for defining system parameters including security features, downloading device software, and resetting the device. To open the System page, click System in the tree view. Figure 6-15. System Configuring System Information...
Page 76: Defining General Device Information
Defining General Device Information The General page contains links to pages for configuring device parameters. Viewing the Asset Page The Asset page contains parameters for configuring general device information, including the system name, location, and contact, the system MAC Address, System Object ID, date, time, and System Up Time.
Page 77 20:12:03 is eight twelve and three seconds in the evening. System Up Time — Specifies the amount of time since the last device reset. The system time is displayed in the following format: Days, Hours, Minutes and Seconds. For example, 41 days, 2 hours, 22 minutes and 15 seconds.
Page 78: Asset Cli Commands
Displays system information. show system Sets the device asset tag. asset-tag The following is an example of the CLI commands: Console (config)# hostname dell Console (config)# snmp-server contact Dell_Tech_Supp Console (config)# snmp-server location New_York Console (config)# exit Console # exit Console (config)# asset-tag 1qwepot Console>...
Page 79 DELL Switch# show system System Description: Ethernet Routing Switch System Up Time (days,hour:min:sec): 0,00:04:17 System Contact: System Name: DELL Switch System Location: R&D System MAC Address: 00:10:b5:f4:00:01 Sys Object ID: 1.3.6.1.4.1.674.10895.3000 Type: PowerConnect 5324 Power Supply Status ------------- -------- Main...
Page 80 • Belarus — Last weekend of March until the last weekend of October. • Belgium — Last weekend of March until the last weekend of October. • Brazil — From the 3rd Sunday in October until the 3rd Saturday in March. During the period of Daylight Saving Time, Brazilian clocks go forward one hour in most of the Brazilian southeast.
Page 81: Figure 6-17. Time Synchronization
• Norway — Last weekend of March until the last weekend of October. • Paraguay — From 6th April until 7th September. • Poland — Last weekend of March until the last weekend of October. • Portugal — Last weekend of March until the last weekend of October. •...
Page 82 Clock Source — The source used to set the system clock. The possible field values: SNTP — Specifies that the system time is set via an SNTP server. For more information, see "Configuring SNTP Settings" . None — Specifies that the system time is not set by an external source. Local Settings Date —...
Page 83 Time — The time at which DST starts. The field format is Hour:Minute, for example, 05:30. Recurring — Defines the time that DST starts in countries other than USA or European where the DST is constant year to year. The possible field values are: From —...
Page 84: Clock Setting Cli Commands
Defining the External SNTP Clock Settings Open the Time Synchronization page. Define the fields. Click Apply Changes. The external clock settings are applied. Defining Clock Settings Using CLI Commands The following table summarizes the equivalent CLI commands for setting fields displayed in the Time Synchronization page.
Page 85: Viewing System Health Information
Viewing System Health Information The System Health page shows physical device hardware information. To open the System Health page, click System General Health in the tree view. Figure 6-18. System Health Power Supply Status — The main power supply state. The possible field values are: —...
Page 86: System Health Cli Commands
The following table summarizes the equivalent CLI command for viewing fields displayed in the System Health page. Table 6-13. System Health CLI Commands CLI Command Description show system Displays system information. DELL Switch# show system System Description: Ethernet Routing Switch System Up Time (days,hour:min:sec): 0,00:04:17 System Contact: System Name:...
Page 87: Viewing The Versions Page
Viewing the Versions Page The Versions page contains information about the hardware and software versions currently running. To open the Versions page, click System General Versions in the tree view. Figure 6-19. Versions Configuring System Information...
Page 88: Versions Cli Commands
Software Version — The current software version running on the device. Boot Version — The current Boot version running on the device. Hardware Version — The current hardware versions running on the device. Displaying Device Versions Using the CLI The following table summarizes the equivalent CLI commands for viewing fields displayed in the Versions page.
Page 89: Resetting The Device
Resetting the Device The Reset page enables the device to be reset from a remote location. To open the Reset page, click System General Reset in the tree view. Figure 6-20. Reset NOTE: Save all changes to the Running Configuration file before resetting the device. This prevents the current device configuration from being lost.
Page 90: Configuring Sntp Settings
Resetting the Device Using the CLI The following table summarizes the equivalent CLI commands for performing a reset of the device via the CLI:. Table 6-15. Reset CLI Command CLI Command Description reload Reloads the operating system. The following is an example of the CLI command: Console >reload This command will reset the whole system and disconnect your current...
Page 91: Polling For Unicast Time Information
Information received from SNTP servers is evaluated based on the Time level and server type. SNTP time definitions are assessed and determined by the following time levels: • T1 — The time at which the original request was sent by the client. •...
Page 92: Defining Sntp Global Parameters
Defining SNTP Global Parameters The SNTP Global Settings page provides information for defining SNTP parameters globally. To open the SNTP Global Settings page, click System SNTP SNTP Global Settings in the tree view. Figure 6-21. SNTP Global Settings Configuring System Information...
Page 93: Defining Sntp Authentication Methods
Poll Interval (60-86400) — Defines the interval (in seconds) at which the SNTP server is polled for Unicast information. Receive Broadcast Servers Updates — Polls the SNTP servers for Broadcast server time information on the selected interfaces. Receive Anycast Servers Updates — Polls the SNTP server for Anycast server time information, when enabled.
Page 94: Figure 6-22. Sntp Authentication
Figure 6-22. SNTP Authentication SNTP Authentication — Enables authenticating an SNTP session between the device and an SNTP server, when enabled. Encryption Key ID — Defines the Key Identification used to authenticate the SNTP server and device. The field value is upto 4294967295 characters. Authentication Key (1-8 Characters) —...
Page 95: Figure 6-23. Add Authentication Key
Adding an SNTP Authentication Key Open the SNTP Authentication page. Click Add. The Add Authentication Key page opens: Figure 6-23. Add Authentication Key Define the fields. Click Apply Changes. The SNTP Authentication Key is added, and the device is updated. Displaying the Authentication Key Table Open the SNTP Authentication page.
Page 96: Defining Sntp Servers
Click Apply Changes. The entry is removed, and the device is updated. Defining SNTP Authentication Settings Using CLI Commands The following table summarizes the equivalent CLI commands for setting fields displayed in the SNTP Authentication page. Table 6-17. SNTP Authentication CLI Commands CLI Command Description sntp authenticate...
Page 97: Figure 6-25. Sntp Servers
Figure 6-25. SNTP Servers SNTP Server — Enter a user-defined SNTP server IP addresses or hostname. Up to eight SNTP servers can be defined. This field can contain 1 - 158 characters. Poll Interval — Enables polling the selected SNTP Server for system time information, when enabled.
Page 98: Figure 6-26. Add Sntp Server
Adding an SNTP Server Open the SNTP Servers page. Click Add. The Add SNTP Server page opens: Figure 6-26. Add SNTP Server Define the fields. Click Apply Changes. The SNTP Server is added, and the device is updated. The following table summarizes the equivalent CLI commands for setting fields displayed in the Add SNTP Server page.
Page 99: Sntp Servers Table
Figure 6-27. SNTP Servers Table Modifying an SNTP Server Open the SNTP Servers page. Click Show All. The SNTP Servers Table opens. Select an SNTP Server entry. Modify the relevant fields. Click Apply Changes. The SNTP Server information is updated. Deleting the SNTP Server Open the SNTP Servers page.
Page 100: Sntp Server Cli Commands
Defining SNTP Servers Settings Using CLI Commands The following table summarizes the equivalent CLI commands for setting fields displayed in the SNTP Servers page. Table 6-19. SNTP Server CLI Commands CLI Command Description sntp server ip-address|hostname [poll] [key keyid] Configures the device to use SNTP to request and accept NTP traffic from as server.
Page 101: Defining Sntp Interfaces
console> enable console# configure Console(config)# sntp server 100.1.1.1 poll key 10 Console# show sntp status Clock is synchronized, stratum 4, reference is 176.1.1.8 Reference time is AFE2525E.70597B34 (00:10:22.438 PDT Jul 5 1993) Unicast servers: Server Preference Status Last response Offset Delay [mSec] [mSec]...
Page 102: Add Sntp Interface
Receive Server Updates — Remove — Removes SNTP from a specific interface, when selected. Adding an SNTP Interface Open the SNTP Broadcast Interface Table page. Click Add. The Add SNTP Interface page opens: Figure 6-28. Add SNTP Interface Page Define the relevant fields. Click Apply Changes.
Page 103 Console# show sntp configuration Polling interval: 7200 seconds. MD5 Authentication keys: 8, 9 Authentication is required for synchronization. Trusted Keys: 8,9 Unicast Clients Polling: Enabled. Server Polling Encryption Key ----------- -------- ----------------- 176.1.1.8 Enabled 176.1.8.179 Disabled Disabled Broadcast Clients: Enabled Broadcast Clients Poll: Enabled Broadcast Interfaces: g1, g3 Configuring System Information...
Page 104: Managing Logs
Provides device information. Debug Provides detailed information about the log. If a Debug error occurs, contact Dell Online Technical Support The Global Log Parameters page contains fields for defining which events are recorded to which logs. It contains fields for enabling logs globally, and parameters for defining log parameters. The Severity log messages are listed from the highest severity to the lowest.
Page 105: Global Log Parameters
Figure 6-29. Global Log Parameters Logging — Enables device global logs for Cache, File, and Server Logs. Console logs are enabled by default. Severity — The following are the available severity logs: Emergency — The highest warning level. If the device is down or not functioning properly, an emergency log message is saved to the specified logging location.
Page 106 The Global Log Parameters page also contains check boxes which correspond to a distinct logging system: Console — The minimum severity level from which logs are sent to the console. RAM Logs — The minimum severity level from which logs are sent to the Log File kept in RAM (Cache).
Page 107: Global Log Parameters Cli Commands
Enabling Logs Using CLI Commands The following table summarizes the equivalent CLI commands for setting fields displayed in the Global Log Parameters page. Table 6-22. Global Log Parameters CLI Commands CLI Command Description Enables error message logging. logging on Logs messages to a syslog server. For a list of the logging {ip-address | Severity levels, see "Log Severity Levels"...
Page 108: Displaying Ram Log Table
Displaying RAM Log Table The RAM Log Table contains information about log entries kept in RAM, including the time the log was entered, the log severity, and a description of the log. To open the RAM Log Table, click System Logs RAM Log in the tree view. Figure 6-30.
Page 109 The log information is removed from the RAM Log Table, and the device is updated. Configuring System Information...
Page 110: Ram Log Table Cli Commands
Viewing and Clearing the RAM Log Table Using the CLI Commands The following table summarizes the equivalent CLI commands for viewing and clearing fields displayed in the RAM Log Table. Table 6-23. RAM Log Table CLI Commands CLI Command Description show logging Displays the state of logging and the syslog messages stored in the internal buffer.
Page 111: Displaying The Log File Table
The following is an example of the CLI commands: console# show logging Logging is enabled. Console Logging: Level info. Console Messages: 0 Dropped. Buffer Logging: Level info. Buffer Messages: 26 Logged, 26 Displayed, 200 Max. File Logging: Level error. File Messages: 157 Logged, 26 Dropped.
Page 112: Log File Table
including the time the log was entered, the log severity, and a description of the log message. To open the Log File Table, click System Logs Log File in the tree view. Figure 6-31. Log File Table Log Index — The log number in the Log File Table. Log Time —...
Page 113: Log File Table Cli Commands
Displaying the Log File Table Using the CLI Commands The following table summarizes the equivalent CLI commands for viewing and setting fields displayed in the Log File Table. Table 6-24. Log File Table CLI Commands CLI Command Description Displays the logging state and the syslog show logging file messages stored in the logging file.
Page 114 The following is an example of the CLI commands: Console # show logging file Logging is enabled. Console Logging: Level info. Console Messages: 0 Dropped. Buffer Logging: Level info. Buffer Messages: 62 Logged, 62 Displayed, 200 Max. File Logging: Level debug. File Messages: 11 Logged, 51 Dropped.
Page 115: Configuring The Remote Log Server Settings Page
Configuring the Remote Log Server Settings Page The Remote Log Server Settings page contains fields for viewing and configuring the available Log Servers. In addition, new log servers can be defined, and the log severity sent to each sever. To open the Remote Log Server Settings page, click System Logs Remote Log Server in the tree view.
Page 116: Add A Log Server
Description (0-64 Characters) — The user-defined server description. Delete Server — Deletes the currently selected server from the Available Servers list, when selected. The Remote Log Server Settings page also contains a severity list. The severity definitions are the same as the severity definitions in the Global Log Parameters page. Sending Logs to a Server: Open the Remote Log Server Settings page.
Page 117: Remote Log Servers Table
New Log Server IP Address — Defines the IP address of the new Log Server. Define the fields. Click Apply Changes. The server is defined and added to the Available Servers list. Displaying the Remote Log Servers Table: Open the Remote Log Server Settings page. Click Show All.
Page 118: Remote Log Server Cli Commands
Working with Remote Server Logs Using the CLI Commands The following table summarizes the equivqlent CLI command for working with remote server logs. Table 6-25. Remote Log Server CLI Commands CLI Command Description logging (ip-address | hostname) Logs messages to a remote server. [port port] [severity level] [facility facility] description text] no logging...
Page 119: Defining Device Ip Addresses
Defining Device IP Addresses The IP Addressing page contains links for assigning interface and default gateway IP addresses, and defining ARP and DHCP parameters for the interfaces. To open the IP Addressing page, click System IP Addressing in the tree view. Defining Default Gateways The Default Gateway page contains fields for assigning Gateway devices.
Page 120: Defining Ip Interfaces
The following is an example of the CLI commands: Console (config)# ip default-gateway 196.210.10.1 Console (config)# no ip default-gateway Defining IP Interfaces The IP Interface Parameters page contains fields for assigning IP parameters to interfaces. To open the IP Interface Parameters page, click System IP Addressing Interface Parameters in the tree view.
Page 121: Add A Static Interface
Remove — When selected, removes the interface from the IP Address drop-down menu. Adding an IP Interface Open the IP Interface Parameters page. Click Add. The Add a Static Interface page opens: Figure 6-36. Add a Static Interface Complete the fields on the page. Network Mask specifies the subnetwork mask of the source IP address.
Page 122: Ip Interface Parameter Table
Figure 6-37. IP Interface Parameter Table Select an IP address and select the Remove check box. Click Apply Changes. The selected IP address is deleted, and the device is updated. Configuring System Information...
Page 123: Defining Dhcp Ip Interface Parameters
Defining IP Interfaces Using CLI Commands The following table summarizes the equivalent CLI commands for setting fields displayed in the IP Interface Parameters page. Table 6-27. IP Interface Parameters CLI Commands CLI Command Description ip address ip-address {mask | Sets an IP address. prefix-length} no ip address [ip-address] Removes an IP address...
Page 124: Dhcp Ip Interface
Gateway IP Address Activity status --------------------- ------------------ 192.168.1.1 Active IP address Interface Type ------------------- ------------ ------------ 192.168.1.123 /24 VLAN 1 Static The DHCP IP Interface page contains fields for specifying the DHCP clients connected to the device. Click System IP Addressing DHCP IP Interface in the tree view. To open the DHCP IP Interface page.
Page 125 Interface — The specific interface connected to the device. Click the option button next to Port, LAG, or VLAN and select the interface connected to the device. Host Name — The system name. This field can contain up to 20 characters. Remove —...
Page 126: Dhcp Ip Interface Cli Commands
Click Show All. The DHCP Client Table opens. Select a DHCP client entry. Select the Remove check box. Click Apply Changes. The selected entry is deleted, and the device is updated. Defining DHCP IP Interfaces Using CLI Commands The following table summarizes the equivalent CLI commands for defining DHCP clients. Table 6-28.
Page 127: Configuring Domain Name Systems
Configuring Domain Name Systems Domain Name System (DNS) converts user-defined domain names into IP addresses. Each time a domain name is assigned the DNS service translates the name into a numeric IP address. For example, www.ipexample.com is translated to 192.87.56.2. DNS servers maintain domain name databases and their corresponding IP addresses.
Page 128: Add Dns Server
Figure 6-40. Add DNS Server Define the relevant fields. Click Apply Changes. The new DNS server is defined, and the device is updated. Displaying the DNS Servers Table Open the Domain Naming System (DNS) page. Click Show All. The DNS Server Table opens: Figure 6-41.
Page 129: Dns Server Cli Commands
Configuring DNS Servers Using the CLI Commands The following table summarizes the CLI commands for configuring device system information. Table 6-29. DNS Server CLI Commands CLI Command Description ip name-server server-address Sets the available name servers. Up to eight name servers can be set.
Page 130: Defining Default Domains
The following is an example of the CLI commands: console> enable Console# configure console (config)# ip name-server 176.16.1.18 Defining Default Domains The Default Domain Name page provides information for defining default DNS domain names. To open the Default Domain Name page, click System IP Addressing Default Domain Name in the tree view.
Page 131: Dns Domain Name Cli Commands
Displays the default domain name, list of name server hosts, the static and the cached list of host names and addresses. The following is an example of the CLI commands: console> enable console# configure console (config)# ip domain-name www.dell.com Configuring System Information...
Page 132: Mapping Domain Host
Mapping Domain Host The Host Name Mapping page provides parameters for assigning static host names IP addresses. The Host Name Mapping page provides up to eight IP addresses per host. To open the Host Name Mapping page, click System IP Addressing Host Name Mapping. Figure 6-43.
Page 133: Add Host Name Mapping
Figure 6-44. Add Host Name Mapping Define the relevant fields. Click Apply Changes. The IP address is mapped to the Host Name, and the is updated. Displaying the Hosts Name Mapping Table Open the Host Name Mapping page. Click Show All. The Hosts Name Mapping Table opens: Figure 6-45.
Page 134: Configuring Arp
Mapping IP address to Domain Host Names Using the CLI Commands The following table summarizes the equivalent CLI commands for mapping Domain Host names to IP addresses. Table 6-31. Domain Host Name CLI Commands CLI Command Description ip host name address1 Defines the static host name-to-address mapping [address2 …...
Page 135: Arp Settings
Figure 6-46. ARP Settings Global Settings — Select this option to activate the fields for ARP global settings. ARP Entry Age Out (1-40000000) — For all devices, the amount of time (seconds) that pass between ARP requests about an ARP table entry. After this period, the entry is deleted from the table.
Page 136: Add Arp Entry
Remove ARP Entry — When selected, removes an ARP entry. Adding a Static ARP Table Entry: Open the ARP Settings page. Click Add. The Add ARP Entry page opens: Figure 6-47. Add ARP Entry Page Select an interface. Define the fields. Click Apply Changes.
Page 137: Arp Table
Displaying the ARP Table Open the ARP Settings page. Click Show All. The ARP Table opens: Figure 6-48. ARP Table Page Deleting ARP Table Entry Open the ARP Settings page Click Show All. The ARP Table page opens. Select a table entry. Select the Remove check box.
Page 138: Arp Settings Cli Commands
Configuring ARP Using the CLI Commands The following table summarizes the equivalent CLI commands for setting fields displayed in the ARP Settings page. Table 6-32. ARP Settings CLI Commands CLI Command Description arp ip_addr hw_addr Adds a permanent entry in the ARP cache. {ethernet interface-number | vlan vlan-id | port-channel number}...
Page 139: Running Cable Diagnostics
Running Cable Diagnostics The Diagnostics page contains links to pages for performing virtual cable tests on copper and fiber optics cables. To open the Diagnostics page, click System Diagnostics in the tree view. Viewing Copper Cable Diagnostics The Integrated Cable Test for Copper Cables page contains fields for performing tests on copper cables.
Page 140 Cable Fault Distance — The distance from the port where the cable error occurred. Last Update — The last time the port was tested. Approximate Cable Length — The approximate cable length. This test can only be performed when the port is up and operating at 1 Gbps. Performing a Cable Test Ensure that both ends of the copper cable are connected to a device.
Page 141: Viewing Optical Transceiver Diagnostics
Performing Copper Cable Tests Using CLI Commands The following table summarizes the equivalent CLI commands for performing copper cable tests. Table 6-33. Copper Cable Test CLI Commands CLI Command Description test copper-port tdr Performs VCT tests. interface show copper-port tdr Shows results of last VCT tests on ports.
Page 142: Optical Transceiver Diagnostics
Figure 6-50. Optical Transceiver Diagnostics Port — The port to which the fiber cable is connected. Temperature — The temperature (in Celsius) at which the cable is operating. Voltage — The voltage at which the cable is operating. Current — The current at which the cable is operating. Output Power —...
Page 143: Fiber Optic Cable Test Cli Commands
Table 6-34. Fiber Optic Cable Test CLI Commands CLI Command Description show fiber-ports optical-transceiver Displays the optical transceiver [interface][detailed] diagnostics. The following is an example of the CLI command: console> enable Console# show fiber-ports optical-transceiver Power Port Temp Voltage Current Output Input (Volt)
Page 144 • LOS — Loss of signal. • Data Ready — The transceiver has archived power up and data is ready. • N/A — Not Available, N/S - Not Supported, W - Warning, E - Error. NOTE: Fiber Optic analysis feature works only on SFPs that support the digital diagnostic standard SFF- 4872.
Page 145: Managing Device Security
Managing Device Security The Management Security page provides access to security pages that contain fields for setting security parameters for ports, device management methods, user, and server security. To open the Management Security page, click System Management Security in the tree view. Defining Access Profiles The Access Profiles page contains fields for defining profiles and rules for accessing the device.
Page 146 Access Profile — User-defined Access Profile lists. The Access Profile list contains a default value of Console List, to which user-defined access profiles are added. Selecting Console Only as the Access Profile name disconnects the session, and enables accessing the device from the console only.
Page 147: Add An Access Profile
Figure 6-52. Add An Access Profile Page Access Profile Name (1-32 Characters) — User-defined name for the access profile. Rule Priority (1-65535) — The rule priority. When the packet is matched to a rule, user groups are either granted or denied device management access. The rule order is set by defining a rule number within the Profile Rules Table.
Page 148: Add An Access Profile Rule
Adding Rules to Access Profile NOTE: The first rule must be defined to beginning matching traffic to access profiles. Open the Access Profiles page. Click Add Profile to Rule. The Add An Access Profile Rule page opens: Figure 6-53. Add An Access Profile Rule Complete the fields.
Page 149: Profile Rules Table
Figure 6-54. Profile Rules Table Page Removing a Rule Open the Access Profiles page. Click Show All. The Profile Rules Table opens. Select a rule. Select the Remove check box. Click Apply Changes. The selected rule is deleted, and the device is updated. Defining Access Profiles Using CLI Commands The following table summarizes the equivalent CLI commands for setting fields displayed in the Access Profiles page.
Page 150 Access Profiles CLI Commands Table 6-35. CLI Command Description deny [ethernet interface- Sets port denying conditions for the management number | vlan vlan-id | port- access list, and the selected management channel number] [service method. service] deny ip-source ip-address Sets port denying conditions for the management [mask mask | prefix-length] access list, and the selected management [ethernet interface-number |...
Page 151: Defining Authentication Profiles
The following is an example of the CLI commands: Console (config)# management access-list mlist Console (config-macl)# permit ethernet g1 Console (config-macl)# permit ethernet g9 Console (config-macl)# deny ethernet g2 Console (config-macl)# deny ethernet g10 Console (config-macl)# exit Console (config)# management access-class mlist Console (config)# exit Console# show management access-list mlist...
Page 152: Authentication Profiles
User authentication can also be set to None. User authentication occurs in the order the methods are selected. For example, if both the Local and RADIUS options are selected, the user is authenticated first locally. If the local user database is empty, the user is then authenticated via the RADIUS server.
Page 153: Add Authentication Profile
Selecting an Authentication Profile: Open the Authentication Profiles page. Select a profile in the Authentication Profile Name field. Select the authentication method using the navigation arrows. Click Apply Changes. The user authentication profile is updated to the device. Adding an Authentication Profile: Open the Authentication Profiles page.
Page 154: Authentication Profile Cli Commands
Figure 6-57. Authentication Profiles Deleting an Authentication Profiles: Open the Authentication Profiles page. Click Show All. The Authentication Profile page opens. Select an authentication profile. Select the Remove check box. Click Apply Changes. The selected authenticating profile is deleted. Configuring an Authentication Profile Using CLI Commands The following table summarizes the equivalent CLI commands for setting fields displayed in the Authentication Profiles page.
Page 155: Assigning Authentication Profiles
The following is an example of the CLI commands: Console (config)# aaa authentication login default radius local enable none Console (config)# no aaa authentication login default Assigning Authentication Profiles After Authentication Profiles are defined, the Authentication Profiles can be applied to Management Access methods.
Page 156 TACACS+ — Authentication occurs at the TACACS+ server. Applying an Authentication List to Console Sessions Open the Select Authentication page. Select an Authentication Profile in the Console field. Click Apply Changes. Console sessions are assigned an Authentication List. Applying an Authentication Profile to Telnet Sessions Open the Select Authentication page.
Page 157: Select Authentication Cli Commands
Assigning Access Authentication Profiles or Sequences Using CLI Commands The following table summarizes the equivalent CLI commands for setting fields displayed in the Select Authentication page. Table 6-37. Select Authentication CLI Commands CLI Command Description enable authentication Specifies the authentication method list when [default | list-name] accessing a higher privilege level from a remote Telnet or console.
Page 158 Console (config-line)# enable authentication default Console (config-line)# login authentication default Console (config-line)# exit Console (config)# ip http authentication radius local Console (config)# ip https authentication radius local Console (config)# exit Console# show authentication methods Login Authentication Method Lists --------------------------------- Default: Radius, Local, Line Console_Login: Line, None Enable Authentication Method Lists ----------------------------------...
Page 159: Defining The Local User Databases
Defining the Local User Databases The Local User Database page contains fields for defining users, passwords and access levels. To open the Local User Database page click System > Management Security > Local User Database in the tree view. Figure 6-59. Local User Database User Name —...
Page 160: Add User
Defining a New User: Open the Local User Database page. Click Add. The Add User page opens: Figure 6-60. Add User Define the fields. Click Apply Changes. The new user is defined, and the device is updated. Displaying the Local User Table: Open the Local User Database page.
Page 161: Local User Database Cli Commands
Select a User Name. Select the Remove check box. Click Apply Changes. The selected user is deleted, and the device is updated. Assigning Users Using CLI Commands The following table summarizes the equivalent CLI commands for setting fields displayed in the Local User Database page.
Page 162: Defining Line Passwords
Defining Line Passwords The Line Password page contains fields for defining line passwords for management methods. To open the Line Password page, click System Management Security Line Passwords in the tree view. Figure 6-62. Line Password Line Password for Console/Telnet/Secure Telnet (0-159 Characters) — The line password for accessing the device via a console, Telnet, or Secure Telnet session.
Page 163: Line Password Cli Commands
The following table summarizes the equivalent CLI commands for setting fields displayed in the Line Password page. Table 6-39. Line Password CLI Commands CLI Command Description password password Specifies a password on a line. [encrypted] The following is an example of the CLI commands: Console (config-line)# password dell Configuring System Information...
Page 164: Defining Enable Password
Defining Enable Password The Modify Enable Password page sets a local password to control access to Normal, Privilege, and Global Configuration. To open the Modify Enable Password page, click System Management Security Enable Passwords in the tree view. Figure 6-63. Modify Enable Password Select Enable Access Level —...
Page 165: Defining Tacacs+ Settings
The following table summarizes the equivalent CLI commands for setting fields displayed in the Modify Enable Password page. Table 6-40. Modify Enable Password CLI Commands CLI Command Description enable password [level level] Sets a local password to control access to user and password [encrypted] privilege levels.
Page 166: Tacacs+ Settings
Figure 6-64. TACACS+ Settings Host IP Address — Specifies the TACACS+ Server IP address. Priority (0-65535) — Specifies the order in which the TACACS+ servers are used. The default is 0. Source IP Address — The device source IP address used for the TACACS+ session between the device and the TACACS+ server.
Page 167: Add Tacacs+ Host
The TACACS+ default parameters are user-defined defaults. The default settings are applied to newly defined TACACS+ servers. If default values are not defined, the system defaults are applied to the new TACACS+ new servers. The following are the TACACS+ defaults: Source IP Address —...
Page 168: Tacacs+ Cli Commands
Removing a TACACS+ Server Open the TACACS+ Settings page. Click Show All. The TACACS+ Table opens. Select a TACACS+ Table entry. Select the Remove check box. Click Apply Changes. The TACACS+ server is removed, and the device is updated. Defining TACACS+ Settings Using CLI Commands The following table summarizes the equivalent CLI commands for setting fields displayed in the TACACS+ Settings page.
Page 169 Table 6-41. TACACS+ CLI Commands CLI Command Description tacacs-server source-ip source Specifies the source IP address. (Range: Valid IP Address.) show TACACS [ip-address] Displays configuration and statistics for a TACACS+ server. Configuring System Information...
Page 170: Configuring Radius Global Parameters
The following is an example of the CLI commands: Console# show tacacs Router Configuration ----------- --------- ----- ---------- ---------- --------- --------- IP address Status Port Single TimeOut Source IP Priority Connection ----------- --------- ----- ---------- ---------- --------- --------- 12.1.1.2 12.1.1.1 Connected Global values -----------------...
Page 171: Radius Settings
Figure 6-67. RADIUS Settings IP Address — The list of Authentication Server IP addresses. Priority (1-65535) — Specifies the server priority. The possible values are 1-65535, where 1 is the highest value. This is used to configure the order in which servers are queried. Authentication Port —...
Page 172 Source IP Address — Specifies the source IP address that is used for communication with RADIUS servers. The following fields set the RADIUS default values: Default Timeout for Reply (1-30) — Specifies the default amount of the time (in seconds) the device waits for an answer from the RADIUS server before timing out.
Page 173: Add Radius Server
Figure 6-68. Add RADIUS Server Page Define the fields. Click Apply Changes. The new RADIUS server is added, and the device is updated. Displaying the RADIUS Server List: Open the RADIUS Settings page. Click Show All. The Show all RADIUS Servers page opens: Figure 6-69.
Page 174 Deleting a RADIUS Server for the RADIUS Servers List: Open the RADIUS Settings page. Click Show All. The RADIUS Servers List page opens. Select a RADIUS Server in the RADIUS Servers List. Select the Remove check box. Click Apply Changes. The RADIUS server is removed from the RADIUS Servers List.
Page 175: Radius Settings Cli Commands
The following is an example of the CLI commands: Console (config)# radius-server timeout 5 Console (config)# radius-server retransmit 5 Console (config)# radius-server deadtime 10 Console (config)# radius-server key dell-server Console (config)# radius-server host 196.210.100.1 auth-port 1645 timeout 20 Configuring System Information...
Page 176 Console# show radius-servers Port IP address Auth Acct TimeOut Retransmit Deadtime Source Priority Usage --------- ---- ---- ------- ---------- ------- ----- ------- ----- 33.1.1.1 1812 1813 0.0.0.0 172.16.1.2 1645 1646 Global Global Global values -------------- TimeOut: 5 Retransmit: 5 Deadtime: 10 Source IP: 0.0.0.0 Configuring System Information...
Page 177: Defining Snmp Parameters
Defining SNMP Parameters Simple Network Management Protocol (SNMP) provides a method for managing network devices. Devices supporting SNMP run a local software (agent). The SNMP agents maintain a list of variables, which are used to manage the device. The variables are defined in the Management Information Base (MIB).
Page 178: Add Snmp Community
SNMP Management Station — A list of management station IP addresses. Community String — Functions as a password and used to authenticate the selected management station to the device. Access Mode — Defines the access rights of the community. The possible field values are: Read Only —...
Page 179: Community Table
Displaying all Communities Open the SNMP Community page. Click Show All. The Community Table opens: Figure 6-72. Community Table Deleting Communities Open the SNMP Community page. Click Show All. The Community Table opens. Select a community from the Community Table. Select the Remove check box.
Page 180: Snmp Community Cli Commands
Configuring Communities Using CLI Commands The following table summarizes the equivalent CLI commands for setting fields displayed in the SNMP Community page. Table 6-43. SNMP Community CLI Commands CLI Command Description snmp-server community Sets up the community access string to permit string [ro | rw | su] [ip- access to SNMP protocol.
Page 181 ----------------- ------------------- --------- 1.1.1.1 public_1 2.2.2.2 public_2 System Contact: 345 6789 System Location: 1234 5678 console# Configuring System Information...
Page 182: Defining Traps
Defining Traps From the SNMP Trap Settings page, the user can enable or disable the device to send SNMP traps or notifications. To open the SNMP Trap Settings page, click System SNMP Traps in the tree view. Figure 6-73. SNMP Trap Settings SNMP Trap —...
Page 183: Add Trap Receiver/Manager
SNMP traps are enabled on the device. Enabling Authentication Traps on the Device Open the SNMP Trap Settings page. Select Enable in the Authentication Trap drop-down list. Define the fields. Click Apply Changes. Authentication traps are enabled on the device. Adding a New Trap Recipient: Open the SNMP Trap Settings page.
Page 184: Trap Managers Table
Figure 6-75. Trap Managers Table Deleting a Trap Manager Table Entry Open SNMP Trap Settings page. Click Show All. The Trap Managers Table page opens. Select a Trap Managers Table entry. Select the Remove check box. Click Apply Changes. The selected trap manager is deleted, and the device is updated. Configuring Traps Using CLI Commands The following table summarizes the equivalent CLI commands for setting fields displayed in the SNMP Trap Settings page.
Page 185 The following is an example of the CLI commands: console(config)# snmp-server community public_1 su 1.1.1.1 console(config)# snmp-server community public_2 rw 2.2.2.2 console(config)# snmp-server community public_3 ro 3.3.3.3 console(config)# snmp-server host 1.1.1.1 public_1 1 console(config)# snmp-server host 2.2.2.2 public_2 2 console(config)# snmp-server enable traps console(config)# snmp-server trap authentication console(config)# console# show snmp...
Page 186: Managing Files
Managing Files The File Management page contains fields for managing device software, the Image Files, and the Configuration Files. Files can be downloaded from a TFTP server. File Management Overview The configuration file structure consists of the following configuration files: •...
Page 187: Downloading Files
Downloading Files The File Download From Server page contains fields for downloading system image and Configuration files from the TFTP server to the device. To open the File Download From Server page, click System File Management File Download in the tree view. Figure 6-76.
Page 188 Active Image — The Image file that is currently active. Active Image After Reset — The Image file that is active after the device is reset. Configuration Download File TFTP Server IP Address — The TFTP Server IP Address from which the configuration files are downloaded.
Page 189: Uploading Files
Downloading Files Using CLI Commands The following table summarizes the equivalent CLI commands for setting fields displayed in the File Download From Server page. Table 6-45. File Download CLI Commands CLI Command Description copy source-url destination- Copies any file from a source to a destination. url [snmp] The following is an example of the CLI commands: console# copy running-config tftp://11.1.1.2/pp.txt...
Page 190: File Upload To Server
Figure 6-77. File Upload to Server Firmware Upload — The Firmware file is uploaded. If Firmware Upload is selected, the Configuration Upload fields are grayed out. Configuration Upload — The Configuration file is uploaded. If Configuration Upload is selected, the Software Image Upload fields are grayed out. Software Image Upload TFTP Server IP Address —...
Page 191: Copying Files
Define the file type to upload. Define the fields. Click Apply Changes. The software is uploaded to the device. Uploading Files Using CLI Commands The following table summarizes the equivalent CLI commands for setting fields displayed in the File Upload to Server page. Table 6-46.
Page 192: Copy Files Cli Commands
Source — Copies either the Running Configuration, Startup Configuration or Backup Configuration files. Destination — The file to which the Running Configuration, Startup Configuration or Backup Configuration file is copied. Restore Configuration Factory Defaults — When selected, specifies that the factory configuration default files should be reset.
Page 193: Defining Advanced Settings
The following is an example of the CLI commands: Console # copy tftp://172.16.101.101/file1 image Accessing file 'file1' on 172.16.101.101. Loading file1 from 172.16.101.101: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!! [OK] Copy took 0:01:11 [hh:mm:ss] Console# delete startup-config Console# copy running-config startup-config 01-Jan-2000 01:55:03 %COPY-W-TRAP: The copy operation was completed successfully Copy succeeded Defining Advanced Settings...
Page 194: General Settings
Figure 6-79. General Settings Attribute — The general setting attribute. Current — The currently configured value. After Reset — The future (after reset) value. By entering a value in the After Reset column, memory is allocated to the field table. Max RAM Log Entries (20-400) —...
Page 195 The following is an example of the CLI commands: Console (config)# logging buffered size 300 Configuring System Information...
Page 196 Configuring System Information...
Page 197: Configuring Device Information
Configuring Device Information This section provides all system operation and general information for configuring network security, ports, Address tables, GARP, VLANs, Spanning Tree, Port Aggregation, and Multicast Support. Configuring Network Security The device enables network security through both Access Control Lists and Locked Ports. To open the Network Security page select Switch Network Security.
Page 198 The device currently supports Port Based Authentication via RADIUS servers. Advanced Port Based Authentication Advanced Port Based Authentication enables multiple hosts to be attached to a single port. Advanced Port Based Authentication requires only one host to be authorized for all hosts to have system access.
Page 199: Configuring Port Based Authentication
Configuring Port Based Authentication The Port Based Authentication page contains fields for configuring port based authentication. To open the Port Based Authentication page, click Switch Network Security Port Based Authentication. Figure 7-80. Port Based Authentication Port Based Authentication State — Permits port based authentication on the device. The possible field values are: Enable —...
Page 200 Unauthorized — Set the interface state to unauthorized (deny traffic). Auto — Authorize state is set by the authorization method. Current Interface Control — The currently configured port authorization state. Periodic Reauthentication — Reauthenticates the selected port periodically, when enabled. The reauthentication period is defined in the Reauthentication Period (300-4294967295) field.
Page 201: Port Based Authentication Table
Figure 7-81. Port Based Authentication Table Termination Cause — The reason for which the port authentication was terminated. Copy To Checkbox — Copies port parameters from one port to the selected ports. Select All — Selects all ports in the Port Based Authentication Table. Copying Parameters in the Port Based Authentication Table Open the Port Based Authentication page.
Page 202: Port Authentication Cli Commands
Enabling Port Based Authentication Using the CLI Commands The following table summarizes the equivalent CLI commands for enabling the port based authentication as displayed in the Port Based Authentication page. Table 7-49. Port Authentication CLI Commands CLI Command Description aaa authentication dot1x Specifies one or more authentication, default method1 [method2.] authorization, and accounting (AAA) methods...
Page 203: Configuring Advanced Port Based Authentication
The following is an example of the CLI commands: console> enable Console# show dot1x Interface Admin Mode Oper Mode Reauth Reauth Username Control Period --------- ---------- ---------- -------- ------ -------- Auto Authorized 3600 Auto Authorized 3600 John Auto Unauthorized 3600 Clark Force-auth Authorized 3600...
Page 204 Port — The port number for which Advanced Port Based Authentication is enabled. Multiple Hosts — Enables or disables a single host to authorize multiple hosts for system access. This setting must be enabled in order to either disable the ingress-filter, or to use port-lock security on the selected port.
Page 205: Multiple Hosts Table
Figure 7-83. Multiple Hosts Table Enabling Multiple Hosts Using the CLI Commands The following table summarizes the equivalent CLI commands for enabling the advanced port based authentication as displayed in the Multiple Hosts page. Configuring Device Information...
Page 206: Multiple Hosts Cli Commands
Table 7-50. Multiple Hosts CLI Commands CLI Command Description dot1x multiple-hosts Allows multiple hosts (clients) on an 802.1X- authorized port that has the dot1x port-control interface configuration command set to auto. dot1x single-host- Configures the action to be taken when a station, violation {forward whose MAC address is not the client (supplicant) |discard |discard-...
Page 207: Authenticating Users
Authenticating Users The Authenticated Users page displays user port access lists. The User Access Lists are defined in the Add User Name page. To open the Authenticated Users page, click Switch Network Security Authenticated Users. Figure 7-84. Authenticated Users User Name — List of users authorized via the RADIUS Server. Port —...
Page 208: Authenticated Users Table
Authentication Method — The method by which the last session was authenticated. The possible field values are: Remote — The user was authenticated from a remote server. None — The user was not authenticated. MAC Address — The client (supplicant) MAC address. Displaying the Authenticated Users Table Open the Add User Name page.
Page 209: Configuring Port Security
The following is an example of the CLI commands: console# show dot1x users Username Session Last Auth MAC Address Interface Time Auth Method -------- -------- ----- -------- ----------------- -------- 1d3h Remote 00:08:3b:79:87:87 John 8h19m None 00:08:3b:89:31:27 Configuring Port Security Network security can be increased by limiting access on a specific port only to users with specific MAC addresses.
Page 210: Port Security
Locked port security also enables storing a list of MAC addresses in the configuration file. The MAC address list can be restored after the device has been reset. Disabled ports are activated from the Port Parameters page, see "Defining Port Parameters". To open the Port Security page, click Switch Network Security Port Security.
Page 211 Trap — Enables traps being sent when a packet is received on a locked port. Trap Frequency (1-1000000) — The amount of time (in seconds) between traps. This field only applies to Locked ports. The default value is 10 seconds. Defining a Locked Port Open the Port Security page.
Page 212: Port Security Table
Figure 7-87. Port Security Table Configuring Device Information...
Page 213: Port Security Cli Commands
Configuring Locked Port Security with CLI Commands The following table summarizes the equivalent CLI commands for configuring Locked Port security as displayed in the Port Security page. Table 7-52. Port Security CLI Commands CLI Command Description shutdown Disables interfaces. set interface active {ethernet Reactivates an interface that is shutdown due to interface | port-channel port- port security reasons.
Page 214: Configuring Ports
Configuring Ports The Ports page contians links to port functionality pages including advanced features, such as Storm Control and Port Mirroring. To open the Ports page, click Switch Ports. Defining Port Parameters The Port Configuration page contains fields for defining port parameters. To open the Port Configuration page, click Switch Ports Port Configuration in the tree view.
Page 215 Current Port Status — Specifies whether the port is currently operational or non-operational. Re-Activate Port — Reactivates a port if the port has been disabled through the locked port security option. Operational Status — The port operational status. Possible field values are: Suspended —...
Page 216 Current MDI/MDIX— The currently configured device MDI/MDIX settings. LAG — Specifies if the port is part of a LAG. Defining Port Parameters Open the Port Configuration page. Select a port in the Port Field. Define the remaining fields. Click Apply Changes. The port parameters are saved to the device.
Page 217: Ports Configuration Table
Figure 7-89. Ports Configuration Table Configuring Ports with CLI Commands The following table summarizes the equivalent CLI commands for configuring ports as displayed in the Ports Configuration Table page. Table 7-53. Port Configuration CLI Commands CLI Command Description interface ethernet interface Enters the interface configuration mode to configure an ethernet type interface.
Page 218 Table 7-53. Port Configuration CLI Commands CLI Command Description shutdown Disables interfaces that are part of the currently set context. set interface active {ethernet Reactivates an interface that is interface | port-channel port-channel- shutdown due to security reasons. number} speed bps Configures the speed of a given ethernet interface when not using auto negotiation.
Page 219 The following is an example of the CLI commands: Console (config)# interface ethernet g5 Console (config-if)# description RD SW#3 Console (config-if)# shutdown Console (config-if)# no shutdown Console (config-if)# speed 100 Console (config-if)# duplex full Console (config-if)# negotiation Console (config-if)# back-pressure Console (config-if)# flowcontrol on Console (config-if)# mdix auto Console (config-if)# exit...
Page 220 Console# show interfaces status Port Type Duplex Speed Flow Link Back Mdix Control State Pressure Mode ---- ----- ------ ------ ---- ------ ----- ------ ---- Full Auto Enable Full Down Disable Full 1000 Disable Type Duplex Speed Flow Back Link Control Pressure State...
Page 221: Defining Lag Parameters
Defining LAG Parameters The LAG Configuration page contains fields for configuring parameters for configured LAGs. The device supports up to eight ports per LAG, and eight LAGs per system. For information about Link Aggregated Groups (LAG) and assigning ports to LAGs, refer to Aggregating Ports.
Page 222 Operational Status — Operational status of the LAG. Admin Auto Negotiation — Enables or disables Auto Negotiation on the LAG. Auto-negotiation is a protocol between two link partners that enables a LAG to advertise its transmission rate, duplex mode and flow control (the flow control default is disabled) abilities to its partner. Current Auto Negotiation —...
Page 223: Lag Configuration Table
Figure 7-91. LAG Configuration Table Configuring LAGs with CLI Commands The following table summarizes the equivalent CLI commands for configuring LAGs as displayed in the LAG Configuration page. Table 7-54. LAG Configuration CLI Commands CLI Command Description interface port-channel port- Enters the interface configuration mode of a channel-number specific port-channel.
Page 224 Table 7-54. LAG Configuration CLI Commands CLI Command Description flowcontrol {auto | on | off | rx | Configures the Flow Control on a given interface. show interfaces configuration Displays the configuration for all configured [ethernet interface| port-channel interfaces. port-channel-number] show interfaces status [ethernet Displays the status for all configured interface |port-channel port-...
Page 225: Enabling Storm Control
console# Enabling Storm Control A Broadcast Storm is a result of an excessive amount of broadcast messages simultaneously transmitted across a network by a single port. Forwarded message responses are heaped onto the network, straining network resources or causing the network to time out. The system measures the incoming Broadcast and Multicast frame rate separately on each port, and discard frames when the rate exceeds a user-defined rate.
Page 226 – Disable — Counts only Broadcast traffic. Broadcast Rate Threshold (1-1000000)— The maximum rate (packets per second) at which unknown packets are forwarded. The range is 0-1000000. The default value is zero. All values are rounded to the nearest 64Kbps. If the field value is under 64Kbps, the value is rounded up to 64Kbps, with the exception of the value zero.
Page 227: Storm Control Settings Table
Figure 7-93. Storm Control Settings Table Configuring Storm Control with CLI Commands The following table summarizes the equivalent CLI commands for configuring Storm Control as displayed on the Storm Control page. Table 7-55. Storm Control CLI Commands CLI Command Description port storm-control include- Enables the device to count Multicast multicast...
Page 228: Defining Port Mirroring Sessions
The following is an example of the CLI commands: console> enable console# configure Console(config)# port storm-control include-multicast Console(config)# port storm-control broadcast rate 8000 Console(config)# interface ethernet g1 Console(config-if)# port storm-control broadcast enable Console(config-if)# end Console# show ports storm-control Port Broadcast Storm control [Packets/sec] ----- ------------------------------------- 8000...
Page 229: Port Mirroring
The following restrictions apply to ports configured to be source ports: • Source Ports cannot be a LAG member. • Ports cannot be configured as a destination port. • All packets are transmitted tagged from the destination port. • Monitored all RX/TX packets to the same port. To open the Port Mirroring page, click Switch Ports Port Mirroring in the tree view.
Page 230: Port Mirroring Cli Commands
Select the source port from the Source Port drop-down menu. Define the Type field. Click Apply Changes. The new source port is defined, and the device is updated. Deleting a Copy Port from a Port Mirroring Session Open the Port Mirroring page. Select the Remove check box.
Page 231: Configuring Address Tables
Configuring Address Tables MAC addresses are stored in either the Static Address or the Dynamic Address databases. A packet addressed to a destination stored in one of the databases is forwarded immediately to the port. The Static and Dynamic Address Tables can be sorted by interface, VLAN, and interface type. MAC addresses are dynamically learned as packets from sources arrive at the device.
Page 232 Interface — The specific port or LAG to which the static MAC address is applied. MAC Address — The MAC address listed in the current static address list. VLAN ID — The VLAN ID attached to the MAC Address. VLAN Name — User-defined VLAN name. Status —...
Page 233 Configuring Static Address Parameters Using CLI Commands The following table summarizes the equivalent CLI commands for configuring static address parameters as displayed in the Static MAC Address page. Table 7-57. Static Address CLI Commands CLI Command Description bridge address mac-address {ethernet Adds a static MAC-layer station source interface | port-channel port-channel- address to the bridge table.
Page 234: Viewing Dynamic Addresses
Viewing Dynamic Addresses The Dynamic Address Table contains fields for querying information in the dynamic address table, including the interface type, MAC addresses, VLAN, and table sorting. Packets forwarded to an address stored in the address table are forwarded directly to those ports. The Dynamic Address Table also contains information about the aging time before a dynamic MAC address is erased, and includes parameters for querying and viewing the Dynamic Address list.
Page 235 MAC Address — Specifies the MAC address for which the table is queried. VLAN ID — The VLAN ID for which the table is queried. Address Table Sort Key — Specifies the means by which the Dynamic Address Table is sorted. Redefining the Aging Time Open the Dynamic Address Table.
Page 236 Querying and Sorting Dynamic Addresses Using CLI Commands The following table summarizes the equivalent CLI commands for querying and sorting dynamic addresses as displayed in the Dynamic Address Table. Table 7-58. Query and Sort CLI Commands CLI Command Description bridge aging-time seconds Sets the address table aging time. Displays classes of dynamically created show bridge address-table entries in the bridge-forwarding database.
Page 237: Configuring Garp
Configuring GARP Generic Attribute Registration Protocol (GARP) is a general-purpose protocol that registers any network connectivity or membership-style information. GARP defines a set of devices interested in a given network attribute, such as VLAN or Multicast address. When configuring GARP, ensure the following: •...
Page 238 GARP Leave Timer (10 - 2147483640) — Time lapse, in milliseconds, that the device waits before leaving its GARP state. Leave time is activated by a Leave All Time message sent/received, and cancelled by the Join message received. Leave time must be greater than or equal to three times the join time.
Page 239 The following is an example of the CLI commands: console(config)# interface ethernet g1 console(config-if)# garp timer leave 900 console(config-if)# end console# show gvrp configuration ethernet g1 GVRP Feature is currently Disabled on the device. Maximum VLANs: 223 Port(s) GVRP- Registration Dynamic VLAN Timers (milliseconds)
Page 240: Configuring The Spanning Tree Protocol
Configuring the Spanning Tree Protocol Spanning Tree Protocol (STP) provides tree topography for any arrangement of bridges. STP also provides one path between end stations on a network, eliminating loops. Loops occur when alternate paths exist between hosts. Loops in an extended network can cause bridges to forward traffic indefinitely, resulting in increased traffic and reducing network efficiency.
Page 241 – Enable — Enables Spanning Tree – Disable — Disables Spanning Tree STP Operation Mode — The STP mode by which STP is enabled on the device. The possible field values are: Classic STP — Enables Classic STP on the device. This is the default value. Rapid STP —...
Page 242 Last Topology Change — The amount of time that has elapsed since the bridge was initialized or reset, and the last topographic change occurred. The time is displayed in a day hour minute second format, for example, hour minutes and seconds.
Page 243 Table 7-60. STP Global Parameter CLI Commands CLI Command Description show spanning-tree [ethernet Displays spanning tree configuration interface | port-channel port- identifier. channel-number] show spanning-tree [detail] [active Displays spanning tree configuration | blockedports] information - detailed information or active ports or blocked ports. The following is an example of the CLI commands: console(config)# spanning-tree console(config)# spanning-tree mode rstp...
Page 244: Defining Stp Port Settings
Interfaces Name State Prio. Cost Role PortFast Type ----- ------ ----- ---- ------ ------ --------- ------ enabled 128.1 DSBL Dsbl P2p (STP) enabled 128.2 DSBL Dsbl P2p (STP) enabled 128.3 DSBL Dsbl P2p (STP) Defining STP Port Settings The STP Port Settings page contains fields for assigning STP properties to individual ports. To open the STP Port Settings page, click Switch Spanning Tree Port Settings in the tree view.
Page 245 Select a Port — Port on which STP is enabled. STP — Enables or disables STP on the port. Fast Link — When selected, enables Fast Link mode for the port. If Fast Link mode is enabled for a port, the Port State is automatically placed in the Forwarding state when the port link is up. Fast Link mode optimizes the time it takes for the STP protocol to converge.
Page 246 Priority (0-240, in steps of 16) — The priority value of the port. The priority value influences the port choice when a bridge has two ports connected in a loop. The priority value is between 0-240. The priority value is provided in increments of 16. Designated Bridge ID —...
Page 247 Defining STP Port Settings Using CLI Commands The following table summarizes the equivalent CLI commands for defining STP port parameters as displayed in the STP Port Settings page. Table 7-61. STP Port Settings CLI Commands CLI Command Description spanning-tree disable Disables spanning tree on a specific port.
Page 248 The following is an example of the CLI commands: console(config)# interface ethernet g5 console(config-if)# spanning-tree disable console(config-if)# spanning-tree cost 35000 console(config-if)# spanning-tree port-priority 96 console(config-if)# exit console(config)# exit console# show spanning-tree ethernet g5 Port g5 disabled Role: disabled State: disabled Port cost: 35000 Port id: 96.5...
Page 249: Defining Stp Lag Settings
Defining STP LAG Settings The STP LAG Settings page contains fields for assigning STP aggregating port parameters. To open the STP LAG Settings page, click Switch Spanning Tree LAG Settings in the tree view. Figure 7-100. STP LAG Settings Select a LAG — The user-defined LAG. For more information, see "Defining LAG Membership". STP —...
Page 250 Forwarding — The LAG is currently in the forwarding mode, and it can forward traffic and learn new MAC addresses. Broken — The LAG is currently malfunctioning and cannot be used for forwarding traffic. Path Cost (1-200000000) — Amount the LAG contributes to the root path cost. The path cost is adjusted to a higher or lower value, and is used to forward traffic when a path being rerouted.
Page 251: Configuring Rapid Spanning Tree
Table 7-62. STP LAG Settings CLI Commands CLI Command Description show spanning-tree [ethernet interface Displays spanning tree configuration. | port-channel port-channel-number] show spanning-tree [detail] [active | Displays detailed spanning tree blockedports] information on active or blocked ports The following is an example of the CLI commands: console(config)# interface port-channel 1 console(config-if)# spanning-tree port-priority 16 Configuring Rapid Spanning Tree...
Page 252: Rapid Spanning Tree (Rstp)
Figure 7-101. Rapid Spanning Tree (RSTP) Interface — Port or LAG on which Rapid STP is enabled. Role — The port role assigned by the STP algorithm in order to provide to STP paths. The possible field values are: Root — Provides the lowest cost path to forward packets to root device. Designated —...
Page 253 protocol can be sent over the link. The link remains configured for communications until explicit LCP or NCP packets close the link, or until some external event occurs. This is the actual device port link type. It may differ from the administrative state. Point-to-Point Operational Status —...
Page 254: Configuring Vlans
Configuring VLANs VLANs are logical subgroups of a Local Area Network (LAN) created via software rather than defining a hardware solution. VLANs combine user stations and network devices into a single domain regardless of the physical LAN segment to which they are attached. VLANs allow network traffic to flow more efficiently within subgroups.
Page 255: Defining Vlan Members
Defining VLAN Members The VLAN Membership page contains fields for defining VLAN groups. The device supports the mapping of 4094 VLAN IDs to 256 VLANs. All ports must have a defined PVID. If no other value is configured the default VLAN PVID is used. VLAN number 1 is the default VLAN, and cannot be deleted from the system.
Page 256 Adding New VLANs Open the VLAN Membership page. Click Add. The Create New VLAN page opens. Enter the VLAN ID and name. Click Apply Changes. The new VLAN is added, and the device is updated. Modifying VLAN Membership Groups Open the VLAN Membership page. Select a VLAN from the Show VLAN drop-down menu.
Page 257 The following is an example of the CLI commands: console(config)# vlan database console(config-vlan)# vlan 1972 console(config-vlan)# exit console(config)# interface vlan 1972 console(config-if)# name Marketing console(config-if)# exit console(config)# VLAN Port Membership Table The VLAN Port Membership Table contains a Port Table for assigning ports to VLANs. Ports are assigned VLAN membership by toggling through the Port Control settings.
Page 258: Port-To-Vlan Group Assignments Cli
The VLAN Port Membership Table displays the ports and the ports states, as well as LAGs. Assigning Ports to a VLAN Group Open the VLAN Membership page. Click the VLAN ID or VLAN Name option button and select a VLAN from the drop-down menu.
Page 259 Table 7-66. Port-to-VLAN Group Assignments CLI Commands CLI Command Description switchport general allowed vlan add Adds or removes VLANs from a general vlan-list [tagged | untagged] port. switchport general pvid vlan-id Configures the PVID when the interface is in general mode. Configuring Device Information...
Page 260 The following is an example of the CLI commands: Console (config)# vlan database Console (config-vlan)# vlan 23-25 Console (config-vlan)# exit Console (config)# interface vlan 23 Console (config-if)# name Marketing Console (config-if)# exit Console (config)# interface ethernet g8 Console (config-if)# switchport mode access Console (config-if)# switchport access vlan 23 Console (config-if)# exit Console (config)# interface ethernet g9...
Page 261: Defining Vlan Ports Settings
Defining VLAN Ports Settings The VLAN Port Settings page contains fields for managing ports that are part of a VLAN. The port default VLAN ID (PVID) is configured on the VLAN Port Settings page. All untagged packets arriving to the device are tagged by the ports PVID. To open the VLAN Port Settings page, click Switch VLAN Port Settings in the tree view.
Page 262 Ingress Filtering — Enables or disables Ingress filtering on the port. Ingress filtering discards packets that are destined to VLANs of which the specific LAG is not a member. Current Reserve VLAN — The VLAN currently designated by the system as the reserved VLAN. Reserve VLAN for Internal Use —...
Page 263 Table 7-67. VLAN Port CLI Commands CLI Command Description shutdown Disables interfaces. set interface active {ethernet Reactivates an interface that is shutdown due interface | port-channel port- to security reasons. channel-number } The following is an example of the CLI commands: Console (config)# interface range ethernet g18-20 Console (config-if)# switchport mode access Console (config-if)# switchport general pvid 234...
Page 264: Defining Vlan Lag Settings
Defining VLAN LAG Settings The VLAN LAG Setting page provides parameters for managing LAGs that are part of a VLAN. VLANs can either be composed of individual ports or of LAGs. Untagged packets entering the device are tagged with the LAGs ID specified by the PVID. To open the VLAN LAG Setting page, click Switch VLAN LAG Settings in the tree view.
Page 265 Ingress Filtering — Enables or disables Ingress filtering by the LAG. Ingress filtering discards packets that are destined to VLANs of which the specific port is not a member. Current Reserve VLAN — The VLAN currently designated as the reserved VLAN. Reserve VLAN for Internal Use —...
Page 266 The following is an example of the CLI commands: console(config)# interface port-channel 1 console(config-if)# switchport mode access console(config-if)# switchport access vlan 2 console(config-if)# exit console(config)# interface port-channel 2 console(config-if)# switchport mode general console(config-if)# switchport general allowed vlan add 2-3 tagged console(config-if)# switchport general pvid 2 console(config-if)# switchport general acceptable-frame-type tagged-only...
Page 267: Defining Vlan Protocol Groups
Defining VLAN Protocol Groups The Protocol Group page provides parameters for configuring frame types to specific protocol groups. To open the Protocol Group page, click Switch VLAN Protocol Group in the tree view. Figure 7-105. Protocol Group Frame Type — The packet type. Possible field values are Ethernet, RFC1042, and LLC Other. Protocol Value —...
Page 268 Assigning VLAN Protocol Group Settings Open the Protocol Group page. Complete the fields on the page. Click Apply Changes. The VLAN protocol group parameters are defined, and the device is updated. Removing Protocols From the Protocol Group Table Open the Protocol Group page. Click Show All.
Page 269: Adding Protocol Ports
Adding Protocol Ports The Protocol Port page adds interfaces to Protocol groups. To open the Protocol Port page, click Switch VLAN Protocol Port in the tree view. Figure 7-106. Protocol Port Interface — Port or LAG number added to a protocol group. Group ID —...
Page 270: Configuring Gvrp
Defining Protocol Ports Using CLI Commands The following table summarizes the equivalent CLI command for for defining Protocol Ports. Table 7-70. Protocol Port CLI Commands CLI Command Description switchport general map Sets a protocol-based classification rule. protocols-group group vlan vlan-id The following example sets a protocol-based classification rule of protocol group 1 to VLAN 8: Console (config-if)# switchport general map protocols-group 1 vlan 8...
Page 271: Gvrp Parameters
The GVRP Global Parameters page enables GVRP globally. GVRP can also be enabled on a per- interface basis. To open the GVRP Parameters page, click Switch VLAN GVRP Parameters in the tree view. Figure 7-107. GVRP Parameters GVRP Global Status — Enables or disables GVRP on the device. GVRP is disabled by default. Interface —...
Page 272 GVRP VLAN Registration is enabled on the port, and the device is updated. Configuring GVRP Using CLI Commands The following table summarizes the equivalent CLI commands for configuring GVRP as displayed in the GVRP Global Parameters page. Table 7-71. GVRP Global Parameters CLI Commands CLI Command Description gvrp enable (global)
Page 273 console(config)# gvrp enable console(config)# interface ethernet g1 console(config-if)# gvrp enable console(config-if)# gvrp vlan-creation-forbid console(config-if)# gvrp registration-forbid console(config-if)# end console# show gvrp configuration GVRP Feature is currently Enabled on the device. Maximum VLANs: 223 Port(s) GVRP- Registration Dynamic Timers Leave Leave Status VLAN (milliseconds)
Page 274: Aggregating Ports
Aggregating Ports Port Aggregation optimizes port usage by linking a group of ports together to form a single Link Aggregated Groups (LAGs). Port Aggregation multiplies the bandwidth between the devices, increases port flexibility, and provides link redundancy. The device supports up to eight LAGs per system, and eight ports per LAG per device.
Page 275: Defining Lacp Parameters
Each Aggregated Link has an Aggregated Link Port Type, including Gigabit Ethernet ports. Ports can be added to an Aggregated Link only if they are the same port type. When ports are removed from an Aggregated Links, the ports revert to the original port settings. To open the Link Aggregation page, click Switch Link Aggregation in the tree view.
Page 276 Defining Link Aggregation Global Parameters Open the LACP Parameters page. Complete the LACP System Priority field. Click Apply Changes. The parameters are defined, and the device is updated. Defining Link Aggregation Port Parameters Open the LACP Parameters page. Complete the fields in the Port Parameters area. Click Apply Changes.
Page 277 The following is an example of the CLI commands: Console (config)# lacp system-priority 120 Console (config)# interface ethernet g1 Console (config-if)# lacp port-priority 247 Console (config-if)# lacp timeout long Console (config-if)# end Console# show lacp ethernet g1 statistics Port g1 LACP Statistics: LACP PDUs sent:2 LACP PDUs received:2 Configuring Device Information...
Page 278: Defining Lag Membership
Defining LAG Membership The LAG Membership page contains fields for assigning ports to LAGs. LAGs can include up to 8 ports.When a port is added to a LAG, the port acquires the LAG’s properties. The LAG Membership page contains fields for assigning ports to LAGs. To open the LAG Membership page, click Switch Link Aggregation LAG Membership in the tree view.
Page 279: Multicast Forwarding Support
Assigning Ports to LAGs Using CLI Commands The following table summarizes the equivalent CLI commands for assigning ports to LAGs as displayed in the LAG Membership page. Table 7-73. LAG Membership CLI Commands CLI Command Description interface port-channel port- Enters the interface configuration mode of a channel-number specific port-channel.
Page 280: Multicast Global Parameters
Layer 2 switching forwards Multicast packets to all relevant VLAN ports by default, treating the packet as a Multicast transmission. While this is functional, in the sense that all relevant ports/nodes receive a copy of the frame, it is potentially wasteful as ports/nodes may receive irrelevant frames only needed by a subset of the ports of that VLAN.
Page 281 Bridge Multicast is enabled on the device. Enabling IGMP Snooping on the Device Open the Multicast Global Parameters page. Select Enable in the IGMP Snooping Status field. Click Apply Changes. IGMP Snooping is enabled on the device. Enabling Multicast Forwarding and IGMP Snooping Using CLI Commands The following table summarizes the equivalent CLI commands for enabling Multicast forwarding and IGMP Snooping as displayed on the Multicast Global Parameters page.
Page 282: Adding Bridge Multicast Address Members
Adding Bridge Multicast Address Members The Bridge Multicast Group page displays the ports and LAGs attached to the Multicast service group in the Ports and LAGs tables. The Port and LAG tables also reflect the manner in which the port or LAGs joined the Multicast group. Ports can be added either to existing groups or to new Multicast service groups.
Page 283: Add Bridge Multicast Group
Table 7-75. IGMP Port/LAG Members Table Control Settings Port Control Definition The port/LAG has joined the Multicast group dynamically in the Current Row. Attaches the port to the Multicast group as static member in the Static Row. The port/LAG has joined the Multicast group statically in the Current Row.
Page 284 Click Apply Changes. The bridge Multicast address is assigned to the Multicast group, and the device is updated. Defining Ports to Receive Multicast Service Open the Bridge Multicast Group page. Define the VLAN ID and the Bridge Multicast Address fields. Toggle a port to S to join the port to the selected Multicast group.
Page 285 The following is an example of the CLI commands: Console> enable Console# config console(config)#vlan database console(config-if)#vlan 8 console(config-if)#exit console(config)#interface range ethernet g1-9 console(config-if)# switchport mode general console(config-if)# switchport general allow vlan add 8 console(config)#interface vlan 8 console (config-if)# exit Console(config-if)# bridge multicast address 0100.5e02.0203 add ethernet g1,g2 Console(config-if)# exit Console(config)# exit...
Page 286 Console # show bridge multicast address-table format ip Vlan IP Address Type Ports ---- ----------- ----- ---------- 224-239.130|2.2.3 static g1, g2 224-239.130|2.2.8 static g1-8 224-239.130|2.2.8 dynamic g9-11 Forbidden ports for multicast addresses: Vlan IP Address Ports ---- ----------- ---------- 224-239.130|2.2.3 224-239.130|2.2.8 Configuring Device Information...
Page 287: Assigning Multicast Forward All Parameters
Assigning Multicast Forward All Parameters The Bridge Multicast Forward All page contains fields for attaching ports or LAGs to a device that is attached to a neighboring Multicast router/switch. Once IGMP Snooping is enabled, Multicast packets are forwarded to the appropriate port or VLAN. To open the Bridge Multicast Forward All page, click Switch Multicast Support Bridge Multicast Bridge Multicast Forward All page in the tree view.
Page 288 Attaching a Port to a Multicast Router or Switch Open Bridge Multicast Forward All page. Define the VLAN ID field. Select a port in the Ports table, and assign the port a value. Click Apply Changes. The port is attached to the Multicast router or switch. Attaching a LAG to a Multicast Router or Switch Open Bridge Multicast Forward All page.
Page 289 The following is an example of the CLI commands: console(config)#vlan database console(config-if)#vlan 8 console(config-vlan)#exit console(config)#interface range ethernet g1-9 console(config-if)# switchport mode general console(config-if)# switchport general allow vlan add 8 Console(config-if)# exit console(config)#interface vlan 8 Console(config-if)# bridge multicast address 0100.5e02.0203 add ethernet g1-9 Console(config-if)# exit Console (config)# interface VLAN 1 Console (config-if)# bridge multicast forward-all add ethernet...
Page 290: Igmp Snooping
IGMP Snooping The IGMP Snooping page contains fields for adding IGMP members. To open the IGMP Snooping page, click Switch Multicast Support IGMP Snooping in the tree view. Figure 7-114. IGMP Snooping VLAN ID — Specifies the VLAN ID. IGMP Snooping Status — Enables or disables IGMP snooping on the VLAN. Auto Learn —...
Page 291 IGMP snooping is enabled on the device. Displaying the IGMP Snooping Table Open the IGMP Snooping. Click Show All. The IGMP Snooping Table opens. Configuring IGMP Snooping with CLI Commands The following table summarizes the equivalent CLI commands for configuring IGMP Snooping on the device: Table 7-79.
Page 292 Console> enable Console# config Console (config)# ip igmp snooping Console (config)# interface vlan 1 Console (config-if)# ip igmp snooping mrouter learn-pim-dvmrp Console (config-if)# ip igmp snooping host-time-out 300 Console (config-if)# ip igmp snooping mrouter-time-out 200 Console (config-if)# exit Console (config)# interface vlan 1 Console (config-if)# ip igmp snooping leave-time-out 60 Console (config-if)# exit Console (config)# exit...
Page 293 VLAN Ports ---- ------ Configuring Device Information...
Page 294 Configuring Device Information...
Page 295: Viewing Statistics
Viewing Statistics The Statistic pages contains device information for interface, GVRP, etherlike, RMON, and device utilization. To open the Statistics page, click Statistics in the tree view. NOTE: CLI commands are not available for all the Statistics pages. Viewing Statistics...
Page 296: Viewing Tables
Viewing Tables The Table Views page contains links for displaying statistics in a chart form. To open the page, click Statistics Table in the tree view. Viewing Utilization Summary The Utilization Summary page contains statistics for interface utilization. To open the page, click Statistics Table Views Utilization Summary in the tree view.
Page 297 Refresh Rate — The amount of time that passes before the interface statistics are refreshed. Interface — The interface number. Interface Status — Status of the interface. % Interface Utilization — Network interface utilization percentage based on the duplex mode of the interface.
Page 298: Viewing Counter Summary
Viewing Counter Summary The Counter Summary page contains statistics for port utilization in numeric sums as opposed to percentages. To open the Counter Summary page, click Statistics/RMON Table Views Counter Summary in the tree view. Figure 8-116. Counter Summary Refresh Rate — The amount of time that passes before the interface statistics are refreshed. Interface —...
Page 299: Viewing Interface Statistics
Viewing Interface Statistics The Interface Statistics page contains statistics for both received and transmitted packets. The fields for both received and transmitted packets are identical. To open the Interface Statistics page, click Statistics/RMON Table Views Interface Statistics in the tree view. Figure 8-117.
Page 300 Interface — Specifies whether statistics are displayed for a port or LAG. Refresh Rate — Amount of time that passes before the interface statistics are refreshed. Receive Statistics Total Bytes (Octets) — of octets received on the selected interface. Unicast Packets — of Unicast packets received on the selected interface.
Page 301 The following is an example of the CLI commands. Console> enable Console# show interfaces counters Port InOctets InUcastPkts InMcastPkts InBcastPkts ------- ------------- ---------------- ---------------- ------------ 183892 1289 123899 1788 Port OutOctets OutUcastPkts OutMcastPkts OutBcastPkts ------- ------------- ---------------- ---------------- ------------ 9188 8789 InOctets InUcastPkts...
Page 302: Viewing Etherlike Statistics
Viewing Etherlike Statistics The Etherlike Statistics page contains interface statistics. To open the Etherlike Statistics page, click Statistics/RMON Table Views Etherlike Statistics in the tree view. Figure 8-118. Etherlike Statistics Viewing Statistics...
Page 303 Interface — Specifies whether statistics are displayed for a port or LAG. Refresh Rate — Amount of time that passes before the interface statistics are refreshed. Frame Check Sequence (FCS) Errors — Number of FCS errors received on the selected interface. Single Collision Frames —...
Page 304 Viewing Etherlike Statistics Using the CLI Commands The following table summarizes the equivalent CLI commands for viewing etherlike statistics. Table 8-81. Etherlike Statistics CLI Commands CLI Command Description show interfaces counters [ethernet Displays traffic seen by the physical interface | port-channel port-channel- interface.
Page 305 183892 1289 Port OutOctets OutUcastPkts OutMcastPkts OutBcastPkts ------- ------------- ---------------- ---------------- ------------ 9188 FCS Errors: 8 Single Collision Frames: 0 Multiple Collision Frames: 0 SQE Test Errors: 0 Deferred Transmissions: 0 Late Collisions: 0 Excessive Collisions: 0 Internal MAC Tx Errors: 0 Carrier Sense Errors: 0 Oversize Packets: 0 Internal MAC Rx Errors: 0...
Page 306: Viewing Gvrp Statistics
Viewing GVRP Statistics The GVRP Statistics page contains device statistics for GVRP. To open the page, click Statistics/RMON Table Views GVRP Statistics in the tree view. Figure 8-119. GVRP Statistics Viewing Statistics...
Page 307 Interface — Specifies whether statistics are displayed for a port or LAG. Refresh Rate — Amount of time that passes before the interface statistics are refreshed. Join Empty — Device GVRP Join Empty statistics. Empty — Device GVRP Empty statistics. Leave Empty —...
Page 308 The following is an example of the CLI commands: Console# show gvrp statistics GVRP statistics: ---------------- : Join Empty Received rJIn : Join In Received rEmp : Empty Received rLIn : Leave In Received : Leave Empty Received : Leave All Received : Join Empty Sent sJIn : Join In Sent sEmp : Empty Sent...
Page 309 INVAVAL : Invalid Attribute Value INVEVENT : Invalid Event Port INVPROT INVATYP INVAVAL INVALEN INVEVENT ---- ------- ------- ------- ------- -------- Viewing Statistics...
Page 310: Eap Statistics
Viewing EAP Statistics The EAP Statistics page contains information about EAP packets received on a specific port. For more information about EAP, see "Port Based Authentication (802.1x)" . To open the EAP Statistics page, click Statistics/RMON > Table Views > EAP Statistics in the tree view. Figure 8-120.
Page 311: Gvrp Statistics Cli Commands
Length Error Frames Receive — The number of EAPOL frames with an invalid Packet Body Length received on this port. Last Frame Version — The protocol version number attached to the most recently received EAPOL frame. Last Frame Source — The source MAC address attached to the most recently received EAPOL frame.
Page 312 The following is an example of the CLI commands: Switch# show dot1x statistics ethernet g1 EapolFramesRx: 11 EapolFramesTx: 12 EapolStartFramesRx: 1 EapolLogoffFramesRx: 1 EapolRespIdFramesRx: 3 EapolRespFramesRx: 6 EapolReqIdFramesTx: 3 EapolReqFramesTx: 6 InvalidEapolFramesRx: 0 EapLengthErrorFramesRx: 0 LastEapolFrameVersion: 1 LastEapolFrameSource: 0008.3b79.8787 Viewing Statistics...
Page 313: Viewing Rmon Statistics
Viewing RMON Statistics Remote Monitoring (RMON) contins links for viewing network information from a remote location. To open the RMON page, click Statistics/RMON RMON in the tree view. Viewing RMON Statistics Group The RMON Statistics page contains fields for viewing information about device utilization and errors that occurred on the device.
Page 314 Interface — Specifies the port or LAG for which statistics are displayed. Refresh Rate — Amount of time that passes before the statistics are refreshed. Drop Events — Number of dropped events that have occurred on the interface since the device was last refreshed.
Page 315: Rmon Statistics Cli Commands
Viewing RMON Statistics Using the CLI Commands The following table summarizes the equivalent CLI commands for viewing RMON statistics. Table 8-84. RMON Statistics CLI Commands CLI Command Description show rmon statistics {ethernet Displays RMON Ethernet statistics. interface | port-channel port- channel-number} The following is an example of the CLI commands: console>...
Page 316: Viewing Rmon History Control Statistics
Viewing RMON History Control Statistics The RMON History Control page contains information about samples of data taken from ports. For example, the samples may include interface definitions or polling periods. To open the RMON History Control page, click Statistics/RMON History Control in the tree view. Figure 8-122.
Page 317: Rmon History Cli Commands
Modifying a History Control Table Entry Open the RMON History Control page. Select an entry in the History Entry No. field. Modify the fields as required. Click Apply Changes. The table entry is modified, and the device is updated. Deleting a History Control Table Entry Open the RMON History Control page.
Page 318: Viewing The Rmon History Table
Viewing the RMON History Table The RMON History Table contains interface specific statistical network samplings. Each table entry represents all counter values compiled during a single sample. To open the RMON History Table, click Statistics/RMON RMON History Table in the tree view. Figure 8-123.
Page 319 Sample No. — The specific sample the information in the table reflects. Drop Events — The number of dropped packets due to lack of network resources during the sampling interval. This may not represent the exact number of dropped packets, but rather the number of times dropped packets were detected.
Page 320: Rmon History Control Cli Commands
Viewing RMON History Control Using the CLI Commands The following table summarizes the equivalent CLI commands for viewing RMON history. Table 8-86. RMON History Control CLI Commands CLI Command Description show rmon history index Displays RMON Ethernet statistics history. {throughput | errors | other} [period seconds] The following is an example of the CLI commands for displaying RMON ethernet statistics for throughput on index 1:.
Page 321: Defining Device Rmon Events
Defining Device RMON Events The RMON Events Control page contains fields for defining RMON events. To open the RMON Events Control page, click Statistics/RMON RMON Events Control in the tree view. Figure 8-124. RMON Events Control Event Entry — The event. Community —...
Page 322: Device Event Definition Cli Commands
The Add an Event Entry page opens. Complete the information in the dialog and click Apply Changes. The Event Table entry is added, and the device is updated. Modifying an RMON Event Open the RMON Events Control page Select an entry in the Event Table. Modify the fields in the dialog and click Apply Changes.
Page 323 The following is an example of the CLI commands: console> enable console# config console (config)# rmon event 1 log console (config)# exit Console# show rmon events Index Description Type Community Owner Last time sent ----- ----------- -------- --------- ------- -------------------- Errors Jan 18 2002 23:58:17 High...
Page 324: Viewing The Rmon Events Log
Viewing the RMON Events Log The RMON Events Log page contains a list of RMON events. To open the RMON Events Log page, click Statistics/RMON RMON Events in the tree view. Figure 8-125. RMON Events Log Event — The RMON Events Log entry number. Log No.—...
Page 325 The following is an example of the CLI commands: console> enable console# config console (config)# rmon event 1 log console (config)# exit Console# show rmon log Maximum table size: 500 Event Description Time ------- -------------- --------- Errors Jan 18 2002 23:48:19 Errors Jan 18 2002 23:58:17 High Broadcast...
Page 326: Defining Rmon Device Alarms
Defining RMON Device Alarms The RMON Alarms page contains fields for setting network alarms. Network alarms occur when a network problem, or event, is detected. Rising and falling thresholds generate events. To open the RMON Alarms page, click Statistics/RMON RMON Alarms in the tree view. Figure 8-126.
Page 327: Add An Alarm Entry
Rising Threshold — The rising counter value that triggers the rising threshold alarm. The rising threshold is presented on top of the graph bars. Each monitored variable is designated a color. Rising /Falling Event — The mechanism in which the alarms are reported — LOG, TRAP, or a combination of both.
Page 328: Device Alarm Cli Commands
Click Apply Changes. The RMON alarm is added, and the device is updated. Modifying an Alarm Table Entry Open the RMON Alarms page. Select an entry in the Alarm Entry drop-down menu. Modify the fields in the dialog as required. Click Apply Changes.
Page 329 The following is an example of the CLI commands: console> enable console# config Console (config)# rmon alarm 1000 dell 360000 1000000 1000000 10 20 Console# show rmon alarm-table Index Owner ------ ------------------- -------------- 1.3.6.1.2.1.2.2.1.1 1.3.6.1.2.1.2.2.1.1 Manager 1.3.6.1.2.1.2.2.1.1 Viewing Statistics...
Page 330: Viewing Charts
Viewing Charts The Chart page contains links for displaying statistics in a chart form. To open the page, click Statistics Charts in the tree view. Viewing Port Statistics The Port Statistics page contains fields for opening statistics in a chart form for port elements. To open the Port Statistics page, click Statistics Charts Ports in the tree view.
Page 331: Port Statistic Cli Commands
The graph for the selected statistic is displayed. Viewing Port Statistics Using the CLI Commands The following table summarizes the equivalent CLI commands for viewing port statistics. Table 8-90. Port Statistic CLI Commands CLI Command Description show interfaces counters [ethernet Displays traffic seen by the physical interface | port-channel port-channel-...
Page 332: Viewing Lag Statistics
Viewing LAG Statistics The LAG Statistics page contains fields for opening statistics in a chart form for LAGs. To open the LAG Statistics page, click Statistics Charts LAGs in the tree view. Figure 8-129. LAG Statistics Interface Statistics — Selects the type of interface statistics to open. Etherlike Statistics —...
Page 333: Lag Statistic Cli Commands
Viewing LAG Statistics Using the CLI Commands The following table summarizes the equivalent CLI commands for viewing LAG statistics. Table 8-91. LAG Statistic CLI Commands CLI Command Description show interfaces counters [ethernet Displays traffic seen by the physical interface | port-channel port-channel- interface.
Page 334 Viewing Statistics...
Page 335: Configuring Quality Of Service
Configuring Quality of Service This section provides information for defining and configuring Quality of Service (QoS) parameters. To open the Click Quality of Service in the tree view. Configuring Quality of Service...
Page 336: Quality Of Service (Qos) Overview
Quality of Service (QoS) Overview Quality of Service (QoS) provides the ability to implement QoS and priority queuing within a network. QoS improves network traffic flow based on policies, frame counters and context. An implementation example that requires QoS include certain types of traffic such as Voice, Video and real-time traffic which can be assigned a high priority queue, while other traffic can be assigned a lower priority queue.
Page 337: Cos Services
Packets arriving untagged are assigned a default VPT that is set on a per port basis. The assigned VPT is used to map the packet to the output queue and as the egress VPT. DSCP values can be mapped to priority queues. The following table contains the default DSCP mapping to forwarding queue values: Table 9-93.
Page 338 When changing to WRR mode the default weight value is one. Queue weight values can be assigned in any order using WRR. WRR values can be assigned system-wide. Best effort traffic is always assigned to the first queue. WRR values must be assigned so that Queue 1 remains best effort.
Page 339: Defining Cos Global Parameters
Defining CoS Global Parameters Class of Service global parameters are set from the CoS Global Parameter pages. To open the QoS Settings page, click Quality of Service CoS Global Parameters CoS Settings in the tree view. Figure 9-130. QoS Settings Quality of Service —...
Page 340 Click Apply Changes. Class of Service is enabled on the device. Enabling Trust: Open the QoS Settings page. Select Trust in the Trust Mode field. Click Apply Changes. Trust is enabled on the device. Enabling Trust Using the CLI Commands Configuring Quality of Service...
Page 341: Defining Qos Interface Settings
The following table summarizes the equivalent CLI commands for configuring fields in the QoS Settings page. Table 9-94. CoS Setting CLI Commands CLI Command Description qos trust [cos | dscp] Configures the system to basic mode and the "trust" state. no cos trust Returns to the non-trusted state.
Page 342 Interface — The specific port or LAG to configure: Disable "Trust" Mode on Interface — Set Default CoS For Incoming Traffic To — Sets the default CoS tag value untagged packets. The CoS tag values are 0-7. The default value is 0. Queue —...
Page 343: Cos Interface Cli Commands
Assigning CoS Interfaces Using the CLI Commands The following table summarizes the equivalent CLI commands for configuring fields in the Interface Cos/QoS Settings page. Table 9-95. CoS Interface CLI Commands CLI Command Description qos trust Enables trust state for each. qos cos default-cos Configures the default port CoS value.
Page 344: Defining Queue Settings
Defining Queue Settings The Global Queue Setting page contains fields for configuring the scheduling method by which the queues are maintained. To open the Global Queue Setting page click Quality of Service CoS Global Parameters Queue Settings in the tree view. Figure 9-132.
Page 345: Queue Settings Cli Commands
Assigning Queue Setting Using the CLI Commands The following table summarizes the equivalent CLI commands for configuring fields in the Global Queue Setting page. Table 9-96. Queue Settings CLI Commands CLI Command Description wrr-queue bandwidth weight1 Assigns Weighted Round Robin weight2 .
Page 346 Console (config)# wrr-queue bandwidth 10 20 30 40 Console (config)# exit Console # exit Console> show qos interface ethernet g1 queueing Ethernet g1 wrr bandwidth weights and EF priority: weights Priority ----- -------- ----- ---------- Disable Disable Disable Disable Cos queue map: Cos qid Configuring Quality of Service...
Page 347: Mapping Cos Values To Queues
Mapping CoS Values to Queues The CoS to Queue Mapping Table page contains fields for classifying CoS settings to traffic queues. To open the CoS to Queue Mapping Table page, click Quality of Service CoS Global Parameters CoS to Queue in the tree view. Figure 9-133.
Page 348: Cos To Queue Settings Cli Commands
Assigning CoS Values to Queues Using the CLI Commands The following table summarizes the equivalent CLI commands for configuring fields in the CoS to Queue Mapping Table page. Table 9-97. CoS to Queue Settings CLI Commands CLI Command Description wrr-queue cos-map queue-id Maps assigned CoS values to the egress cos1..cos8 queues.
Page 349: Mapping Dscp Values To Queues
Mapping DSCP Values to Queues The DSCP Mapping page provides fields for defining output queue to specific DSCP fields. To open the DSCP Mapping page, click Quality of Service CoS Global Parameters DSCP Mapping in the tree view. NOTE: For the list of the DSCP default queue settings, see "DSCP to Queue Mapping Table Default Values".
Page 350: Dscp Value To Queue Cli Commands
Assigning DSCP Values Using the CLI Commands The following table summarizes the equivalent CLI commands for configuring fields in the DSCP Mapping page. Table 9-98. DSCP Value to Queue CLI Commands CLI Command Description qos map dscp-queue dscp- Modifies the DSCP to queue mapping. list to queue-id The following is an example of the CLI commands: Console (config)# qos map dscp-queue 33 40 41 to 1...
Page 351: Device Specifications
Port Specifications The following table describes the device port types, as well as, a description of the port types. Table 10-99. Port Specifications Device Specification PowerConnect 5324 • 24 GE ports • 4 SFP ports • RS-232 Console port Port Types RJ-45 •...
Page 352: Operating Conditions
Operating Conditions This section details operating conditions including operating temperatures and humidity. Table 10-100. Operating Conditions Feature Specification Operating Temperature 0 to 40 C / 32 to 104 F Operating Humidity 10% - 90% (non-condensing) Physical Device Specifications This section details operating conditions including operating temperatures and humidity. Table 10-101.
Page 353: Feature Specifications
Feature Specifications VLAN • VLAN support for Tagging and Port Based as per IEEE 802.1Q • Up to 4094 VLANs Supported • Reserved VLANs for internal system use • Dynamic VLANs with GVRP support • Protocol based VLANs Quality of Service •...
Page 354: Device Management
Device Management • Web Based Management Interface • CLI Accessibility via Telnet • SNMPv1 and SNMP v2 are supported • 4 RMON Groups Supported • TFTP Transfers of Firmware and Configuration Files • Dual Firmware Images On-Board • Multiple Configuration File Upload/Download Supported •...
Page 355: Glossary
Glossary This glossary contains key technical words of interest. Access Mode Specifies the method by which user access is granted to the system. Access Profiles Allows network managers to define profiles and rules for accessing the device. Access to management functions can be limited to user groups, which are defined by the following criteria: •...
Page 356 A mechanism used with Half Duplex mode that enables a port not to receive a message. Backplane The main BUS that carries information in the device. Backup Configuration Files Contains a backup copy of the device configuration. The Backup file changes when the Running Configuration file or the Startup file is copied to the Backup file.
Page 357 An excessive amount of broadcast messages simultaneously transmitted across a network by a single port. Forwarded message responses are heaped onto the network, overloading network resources or causing the network to time out. For more information about broadcast storms, see "Defining LAG Parameters". Configuration Data Base.
Page 358 • Full Duplex Mode — Permits for bisynchronous communication, for example, a telephone. Two parties can transmit information at the same time. • Half Duplex Mode — Permits asynchronous communication, for example, a walkie-talkie. Only one party can transmit information at a time. Egress Ports Ports from which network traffic is transmitted.
Page 359 GARP General Attributes Registration Protocol. Registers client stations into a Multicast domain. Gigabit Ethernet Gigabit Ethernet transmits at 1000 Mbps, and is compatible with existing 10/100 Mbps Ethernet standards. GVRP GARP VLAN Registration Protocol. Registers client stations into a VLANs. Head of Line.
Page 360 System images are saved in two Flash sectors called images (Image 1 and Image 2). The active image stores the active copy; while the other image stores a second copy. Ingress Port Ports on which network traffic is received. Internet Protocol. Specifies the format of packets and there addressing method. IP addresses packets and forwards the packets to the correct port.
Page 361 MAC Address Media Access Control Address. The MAC Address is a hardware specific address that identifies each network node. MAC Address Learning MAC Address Learning characterizes a learning bridge, in which the packet’s source MAC address is recorded. Packets destined for that address are forwarded only to the bridge interface on which that address is located. Packets addressed to unknown addresses are forwarded to every bridge interface.
Page 362 • Workstations Object Identifier. Used by SNMP to identify managed objects. In the SNMP Manager/ Agent network management paradigm, each managed object must have an OID to identify it. Packets Blocks of information for transmission in packet switched systems. Protocol Data Unit. A data unit specified in a layer protocol consisting of protocol control information and layer user data.
Page 363 Quality of Service. QoS allows network managers to decide how and what network traffic is forwarded according to priorities, application types, and source and destination addresses. Query Extracts information from a database and presents the information for use. RADIUS Remote Authentication Dial-In User Service. A method for authenticating system users, and tracking connection time.
Page 364 System on a Chip. An ASIC that contains an entire system. For example, a telecom SoC application can contain a microprocessor, digital signal processor, RAM, and ROM. Spanning Tree Protocol Prevents loops in network traffic. The Spanning Tree Protocol (STP) provides tree topography for any arrangement of bridges.
Page 365 User Data Protocol. Transmits packets but does not guarantee their delivery. Unicast A form of routing that transmits one packet to one user. VLAN Virtual Local Area Networks. Logical subgroups with a Local Area Network (LAN) created via software rather than defining a hardware solution.
Page 367 Index Numerics BGP, 356 BootP, 356 802.1d, 23 DC unit, 33-34 BPDU, 356 802.1Q, 23, 261, 264 Debug, 105 Bridge Protocol Data Default Gateway, 119 Unit, 356 Default settings, 192 Broadcast, 120 Defining device AC unit, 33-34 Buttons, 67 information, 76 Access mode, 178 Device installation, 37-38 Access profiles, 145...
Page 368 Error, 105 IPX, 360 Ethernet, 267 ISIS, 360 Hardware version, 88 Extensible Authentication Height, 31 Protocol, 26, 197 HMP, 359 HOL, 359 Jumbo frames, 360 HTTP, 145 HTTPS, 145 Fans, 34 Fast Link, 23 L2TP, 360 Fast link, 245 LACP, 275 File Transfer Protocol, 359 ICMP, 359 LAG, 221, 360...
Page 369 MAC addresses, 209 Rapid Spanning Tree Protocol, 363 MAN, 361 OSPF, 362 RDP, 363 Management Access Lists, 145 Remote Authentication Dial In User Service, 26 Management Access Methods, 155 Remote Authentication Dial- Package Contents, 36 In User Service, 363 Management Information Package contents, 36 Base., 361 Reset, 89, 119...
Page 370 SNMP traps, 182 Trust, 340-341 SNTP, 26, 90 Software version, 88 Spanning Tree Protocol, 240, UDP, 365 Understanding the SPF LEDs, 32 interface, 65 SSH, 155, 364 Unicast, 90 Startup file, 186 Uploading files, 189 Storm control, 225 User Data Protocol, 365 STP, 23, 240-241, 247 System, 75 Ventilation System, 34...

Dell PowerConnect 5324 User Manual

1 Introduction

2 Hardware Description

3 Installing the Powerconnect Device

4 Starting and Configuring the Device

5 Using Dell Openmanage Switch Administrator

6 Configuring System Information

7 Configuring Device Information

Figure

Quick Links

User Guide

Related Manuals for Dell PowerConnect 5324

Summary of Contents for Dell PowerConnect 5324