With web-based management, you can configure the PowerConnect 5224 Gigabit Ethernet Managed Switch and monitor the system using a web browser.
Most pages for the switch include the following buttons:
Refresh — Displays the current values for the system related to the page that is open.
Apply Changes— Makes changes to the system and refreshes the page.
NOTICE: For configuration changes to persist beyond the current session, you
must either save the running-config file from the Switch/Configuration page
or use the command line interface (CLI) command copy running-config
startup-config.
When you connect to the management mode of the switch with a web browser, a login screen is displayed. Enter a user name and password to access the switch's management mode.
NOTE: The default user
names are admin and
guest, and the
corresponding passwords
are admin and guest. If
you log in as guest
(Normal Exec level), you
can only view page
information and change
the guest password. If you
log in as admin
(Privileged Exec level),
you can apply changes on
all pages.
The following menus are available from the web interface:
The System page contains a dynamic switch applet that displays the current status of the switch ports. The color of each switch port icon indicates its link status:
Green — The link is up.
Grey — The link is down.
Clicking on any port icon displays the port configuration page.
The Logspage allows you to scroll through the logged system and event messages. The switch can store up to 2 kilobytes (KB) of log entries in temporary random access memory (RAM) (memory flushed on power reset) and up to 4 KB of entries in permanent flash memory.
The following table summarizes the equivalent CLI commands for items in the Switch/General/Logs page.
Command
Usage
show logging {flash | ram}
Displays the logging configuration for system and event messages
flash — event history stored in flash memory (permanent memory)
ram — event history stored in temporary RAM (memory flushed on power reset)
NOTE: The CLI allows
you to configure and limit
system messages that are
logged to flash or RAM
memory. The show
logging command only
displays the current
logging configuration.
The system log messages are categorized by severity into eight levels, from 0 (Emergencies) to 7 (Debugging). The CLI command logging history allows you to specify which messages are logged to RAM or flash memory. The default is for messages with severity levels of 0 to 3 to be logged to flash and levels 0 to 7 to be logged to RAM.
Severe error messages that are logged to flash memory are permanently stored in the switch to assist in troubleshooting network problems. Up to 4 KB of message entries can be stored in the flash memory, with older messages being overwritten first when this memory capacity has been exceeded.
From the IP Address page, you can manage the IP-related information about the system. The page includes the following editable fields:
Management VLAN— Sets the virtual local area network (VLAN) interface that allows management access to the switch. You can set the IP address for only one VLAN interface.
IP Address Mode— Sets whether IP functionality is enabled through manual (Static) configuration or set by Dynamic Host Configuration Protocol (DHCP) or Boot Protocol (BOOTP).
IP Address— Identifies the IP address of the VLAN interface that allows management access to the switch.
Subnet Mask— Identifies the subnet mask that determines the host address bits used for routing to specific subnets.
Gateway IP Address — Identifies the IP address of the gateway router between the switch and management stations that exist on other network segments.
NOTICE: When DHCP or BOOTP has been used to set the IP information, the
IP Address, Subnet Mask, and Gateway IP Address fields display the assigned
values.
The Management VLAN is the only VLAN through which you can gain management access to the switch. By default, all ports on the switch are members of VLAN 1, so a management station can be connected to any port on the switch. If other VLANs are configured and you change the Management VLAN, you may lose management access to the switch. In this case, you should reconnect the management station to a port that is a member of the Management VLAN. For more information on the Management VLAN, see "Management VLAN Access."
To save any changes you make in this page, click Apply Changes. If you don't want to save the changes, click Refresh.
The following table summarizes the equivalent CLI commands for items in the Switch/IP Address page.
Command
Usage
ip address {ip-address netmask | bootp | dhcp}
Sets the primary IP address for this device. Use the no form command to remove the IP address, or to disable IP address assignment through BOOTP or DHCP.
ip default-gateway gateway
Establishes a static route between the switch and management stations that exist on another network segment.
show ip interface
Displays the usability status of an IP interface.
show ip redirects
Shows the default gateway configured for this device.
In the DHCP page, click Restart DHCP to release the current IP address and obtain a new one through DHCP.
NOTICE: If Restart DHCP is selected when IP settings have been configured
statically, a warning message indicating that the IP Address Mode is not set to
DHCP displays.
You should change the default passwords to be sure that your system is secure:
NOTE: The default user
names are admin and
guest, and the
corresponding passwords
are admin and guest. If
you log in as guest
(Normal Exec level), you
can only view page
information and change
the guest password. If you
log in as admin
(Privileged Exec level),
you can apply changes on
all pages.
Old Password— Type your current password.
New Password — Type the new password. Passwords are limited to eight characters and are case sensitive.
Confirm Password — Type the new password a second time to verify that you have typed it correctly.
The password entered is encrypted on the screen and is displayed as a sequence of asterisks (*).
To save any changes you make in this page, click Apply Changes. If you don't want to save the changes, click Refresh.
The following table summarizes the equivalent CLI commands for items in the Switch/Security/Passwords page.
Command
Usage
enable password [level level] {0 | 7} password
Use this command to control access to the Privileged Exec level from the Normal Exec level. For the {0 | 7} parameter, 0 means plain password and 7 means encrypted password. The Privileged Exec level is 15 and the default password is super.
Use this command to configure user name authentication at login. Use the no form command to remove a user name. The device has two predefined privilege levels: 0: Normal Exec and 15: Privileged Exec. The default user names are admin for the Privileged Exec level, and guest for the Normal Exec level.
NOTE: Only the CLI
allows user names to be
created and deleted.
Remote Authentication Dial-in User Service (RADIUS) is a system that uses a central server running RADIUS software to control access to RADIUS-aware switches on the network. A RADIUS server can be used to create a database of multiple user name/password pairs with associated privilege levels for each user or group that require management access to a switch using the console port, Telnet, or Internet.
When you are setting up privilege levels on the RADIUS server, level 0 allows Normal Exec access to the switch, and level 15 allows Privileged Exec access.
The RADIUS Settingspage contains the following editable fields:
Authentication— Select the authentication, or authentication sequence, required:
Radius — A RADIUS server authenticates the user.
Local — The switch authenticates the user.
Radius, Local — A RADIUS server attempts to authenticate the user first, and then the switch attempts to authenticate the user.
Local, Radius — The switch attempts to authenticate the user first, and then a RADIUS server attempts to authenticate the user.
Server IP Address— Identifies the IP address of the RADIUS server.
Server Port Number— Identifies the User Datagram Protocol (UDP) port number used by the RADIUS server.
Secret Text String— Specifies the text string that is shared between the switch and the RADIUS server.
Number of Server Transmits— Specifies the number of request transmits to the RADIUS server before failure.
Timeout for a reply (sec)— Specifies the number of seconds the switch waits for a reply from the RADIUS server before it resends the request.
NOTE: The local switch
user database must be set
up through the CLI by
manually entering user
names and passwords.
To save any changes you make in this page, click Apply Changes. If you don't want to save the changes, click Refresh.
From the Jumbo Frame page, you can enable and disable jumbo frame support on the switch.
The switch provides more efficient large sequential data transfers by supporting jumbo frames up to 9000 bytes. Compared to standard Ethernet frames that run only up to 1500 bytes, using jumbo frames significantly reduces the per-packet overhead required to process protocol encapsulation fields.
To use jumbo frames, both the source and destination end nodes (such as a computer or server) must support jumbo frames. In addition, when the connection is operating at full duplex, all switches in the network between the two end nodes must be able to accept the extended frame size. For half-duplex connections, all devices in the collision domain must support jumbo frames.
To enable jumbo frame support on the switch, set the Jumbo Frame Support Status to Enabled.
NOTICE: Enabling jumbo frames on the switch limits the maximum threshold
for broadcast storm control to 64 packets per second.
To save any changes you make in this page, click Apply Changes. If you don't want to save the changes, click Refresh.
From the Firmwarepage, you can configure the system to download a new version of the management software. The switch can contain two software code files, one of which is set as the Start-Up file. This allows you to try a new version of the software without overwriting the previous version.
NOTE: The switch is
shipped with one software
code file installed (the
filename is similar to
PC5224_v1.00.00.00),
which is set as the start-
up file.
The Firmware page contains the following fields:
Current Operation Code Version
It also contains the following editable fields:
TFTP Server IP Address — Specifies the server from which the system must retrieve the new version of the software.
Source File Name — Specifies the path and name of the software file to download.
Destination File Name — Specifies the file to be replaced.
Remove Operation Code Image File— Deletes a software file from the switch.
Start-Up Operation Code File Name— Indicates which Operation Code file you want to run. Select the filename from the drop-down menu.
In the Transfer Operation Code Image File to Server field, enter the
IP address of the Trivial File Transfer Protocol (TFTP) server in the
TFTP Server IP Address field.
In the Source File Name field, select the file to upload from the drop-
down menu.
In the Destination File Name field, type a name for the file.
In the Transfer Operation Code Image File from Server field, enter
the IP address of the TFTP server in the TFTP Server IP Address field.
In the Source File Name field, type the filename of the software code
file to download.
For the Destination File Name, select a filename from the drop-down
menu to replace an existing file, or specify a new filename (with no
more than 32 characters). Filenames are case sensitive and cannot
contain spaces. The switch can contain only two software code files.
You cannot download a third file; you must first replace an existing file
or remove a file.
In the Start-Up Operation Code Image File field, select the start-up
code file from the drop-down menu.
Click Apply Changes.
The following table summarizes the equivalent CLI commands for items in the Switch/Firmware page.
Command
Usage
copy tftp file
Downloads a code image to the switch's flash memory from a TFTP server
boot system {boot-rom | config | opcode}: filename
Specifies the file or image used to start up the system
dir [boot-rom | config | opcode [:filename]]
Displays a list of files in flash memory
NOTE: You cannot
upload and download
Boot-ROM files to a TFTP
server using the CLI. You
must use a direct terminal
connection to the switch's
console port and press
<Ctrl><f> after the
diagnostic test results.
See "Downloading
Firmware Through the
Console Port."
From the Configurationpage you can save and restore switch configuration settings.
NOTE: The switch is
shipped with one default
configuration file
(Factory_Default_
Config.cfg) installed,
which is set as the start-
up file. This file cannot be
removed from the system.
The Configuration page contains the following editable fields:
Transfer Configuration to Server— Copies a switch configuration file to a TFTP server.
Transfer Configuration from Server— Copies a switch configuration file from a TFTP server.
Remove Configuration File— Deletes a configuration file from the switch (selected from the drop-down menu).
Start-Up Configuration File— Selects the configuration file to be used after a system start-up (selected from the drop-down menu).
Copy Running Config to File— Saves the current session configuration settings. Specifies a new filename or the name of an existing file to be replaced.
NOTICE: For configuration changes to persist beyond the current session, you
must save the running-config file from this page, or use the CLI command copy
running-config startup-config.
Under Transfer Configuration File from Server, enter the IP address
of the TFTP server in the TFTP Server IP Address field.
In the Source File Name field, type the filename of the configuration
file to download.
In the Destination File Name field, select a configuration file to
replace from the drop-down menu, or specify a new filename (with no
more than 32 characters). Filenames are case sensitive and cannot
contain spaces. The switch can contain any number of configuration
files, limited only by available flash memory space. You can use the dir
command in the CLI to check the available flash memory space.
Click Transfer from Server.
NOTE: The CLI also
allows you to copy files
within the switch and
replace a running
configuration file without
performing a reset.
In the Copy Running Config to File field, specify a filename for the
configuration file (with no more than 32 characters). If the filename
already exists, it replaces the file. The filename cannot be the same as
the factory default configuration file, Factory_Default_Config.cfg.
On the Port Configuration page, you can view and edit port parameters. For each port number listed in the Port column, you can change the following parameters listed by column name on the screen:
Name/Type — Allows a user-defined label for the port and indicates the type of port:
1000Base-TX — 10/100/1000Base-T RJ-45 port
1000Base-SFP — gigabit SFP transceiver port
Admin/Oper— Allows the network administrator to manually disable a port and indicates the status of the link: up or down.
Speed/Duplex Mode— Allows the manual selection of port speed and duplex mode and indicates the current port speed and mode.
Flow Control— Allows automatic or manual selection of support for flow control and indicates the type of flow control currently in use.
Autonegotiation/Port Capabilities — Allows autonegotiation to be enabled/disabled and indicates the capabilities of the port that are advertised during autonegotiation:
10h — Supports 10-megabits per second (Mbps) half duplex.
10f — Supports 10-Mbps full duplex.
100h — Supports 100-Mbps half duplex.
100f — Supports 100-Mbps full duplex.
1000h — Supports 1000-Mbps half duplex.
1000f — Supports 1000-Mbps full duplex.
Sym — Supports symmetric operation of full-duplex flow control. The port can transmit and receive pause frames for flow control (gigabit ports only).
FC — Supports full-duplex flow control.
Trunk — Indicates whether a port is a member of an aggregated link or trunk.
NOTICE: If autonegotiation is disabled for an RJ-45 port, the auto-
MDI/MDI-X pin signal configuration is also disabled.
Advertises the port capabilities of a given interface during autonegotiation.
Use the no form with parameters command to remove an advertised capability, or the no form without parameters command to restore the default values.
flowcontrol
Enables flow control.
Use the no form command to disable flow control.
show interfaces status ethernet unit/port
Displays status for enabled interfaces.
show interfaces switchport [ethernet unit/port]
Displays the configuration for a port.
NOTICE: Flow control only works for ports connected to the same internal
switch chip (ports 1 to 12 and ports 13 to 24). Cross-chip flow control does not
work.
On the Trunk Configurationpage, you can enable and disable the aggregate port links that have been created on the switch. To set up trunks and select port members, use the Link Aggregation page.
For each trunk number listed in the Trunk column, you can change the following parameters listed by column name on the screen:
Name/Type — Allows a user-defined label for the trunk and also indicates the type of ports in the trunk
Admin/Oper— Allows the network administrator to manually disable a trunk and also indicates the status of the link: up or down
Speed/Duplex Mode— Allows the manual selection of port speed and duplex mode and also indicates the current speed and mode of member ports
Flow Control— Allows automatic or manual selection of support for flow control and also indicates the type of flow control currently in use
Autonegotiation/Port Capabilities— Allows autonegotiation to be enabled/disabled for all ports in the trunk and also indicates the capabilities of the port members
To save any changes you make in this page, click Apply Changes. If you don't want to save the changes, click Refresh.
In the Broadcast Control page, you can enable and disable broadcast control for all ports on the switch.
The Broadcast Control page contains the following information:
Port Number
Port Type:
1000Base-TX — 10/100/1000Base-T RJ-45 port
1000Base-SFP — gigabit SFP transceiver port
The Broadcast Control page also contains the following editable fields:
Protect Status — Allows you to enable/disable broadcast storm control for ports on the switch. When enabled, the switch employs a broadcast-control mechanism if the packet-per-second threshold on a port is exceeded. (The default is enabled.)
Threshold (16,64,128,256) — The packet-per-second threshold for broadcast packets received on a port. Possible values are 16, 64, 128, or 256 packets per second. (The default is 256 packets per second.) If jumbo frames are enabled on the switch, the maximum threshold for broadcast storm control is limited to 64 pps.
NOTICE: You can enable/disable broadcast storm control on a per-port basis,
but the selected packet-per-second threshold applies to all ports on the switch.
To save any changes you make in this page, click Apply Changes. If you don't want to save the changes, click Refresh.
NOTE: Broadcast control
does not affect IP
multicast traffic.
From the Port Mirroring page, you can configure a port mirror session by setting a source and destination port pair. Port mirroring helps you debug a network.
NOTICE: You can configure only one port mirror session on the switch. The
source and destination port have to be either both in the port range of 1 to 12
or both in the port range of 13 to 24.
The following options are available:
Sessions Table— Displays the current port mirror session
Source Port — Specifies the port from which all traffic will be mirrored to the destination port
Type— Allows you to select which traffic to mirror to the destination port: Rx, Tx, or Both
Destination Port — Specifies the port that receives a copy of all traffic that the source port receives or transmits
NOTE: The source port
and destination port
speeds must match.
Otherwise traffic may be
dropped from the
destination port.
To add a new mirror session to the Sessions Table, first delete the current mirror session by selecting the session in the table and clicking Remove Mirror Session. Select the new source port, destination port, and traffic type, and then click Add Mirror Session.
NOTE: The source and
destination ports must
both either be in the range
of 1 to 12 or 13 to 24.
From the Static Addresses page, you can specify the Media Access Control (MAC) address and port number of systems that are to remain available to the switch for an indeterminate amount of time.
The following options are available:
Static Address Counts— Indicates the total number of static addresses configured on the switch
Current Static Address Table— Lists all static addresses
Interface — Allows you to select the port or trunk associated with the system you want to set as static
MAC Address — Allows you to enter the MAC address of a system you want to set as static
VLAN— Allows you to select the VLAN associated with the interface
To add a new address to the table, select the interface, MAC address, and VLAN, and then click Add Static Address. To delete an address from the table, select the table entry in the list box, and then click Remove Static Address.
The Dynamic Address lookup table allows you to view the MAC addresses that are currently in the address database. When addresses are in the database, the packets intended for those addresses are forwarded directly to those ports. You can sort the table by interface, VLAN, and MAC address by selecting the sort key from the drop-down menu.
The Dynamic Addresses page contains the following options for querying the dynamic MAC address table:
Interface — Check the option box and select a port or trunk from the drop-down menus.
MAC Address — Check the option box and type the address in the box provided.
VLAN — Check the option box and select the appropriate VLAN from the drop-down menu.
Address Table Sort Key— Select the key from the drop-down menu to sort the displayed table entries.
Query button — Click this button to execute the query once you have selected the criteria for the query.
In the Address Aging page, you can specify the length of time an address stays available to the switch if it is not configured as static.
The Aging Time option sets the time before an address is purged from the system. You can change this value to any number between 17 and 2184. (The default is 300 seconds.)
To save any changes you make in this page, click Apply Changes. If you don't want to save the changes, click Refresh.
The Bridge Settingspage contains the following information:
Bridge ID— Identifies a unique identifier for the switch in the Spanning Tree. The ID is calculated using the defined Spanning Tree priority of the switch and its MAC address. The lower the Bridge ID, the more likely the switch will act as the root.
Max Age— Specifies the maximum time (in seconds) that the switch waits before attempting to reconfigure (if it has not received a configuration message).
Hello Time — Specifies the time interval (in seconds) at which the root device transmits a configuration message.
Forward Delay— Specifies the maximum time (in seconds) the root device waits before changing states (from listening to learning to forwarding).
Designated Root— Identifies the priority and MAC address of the device in the Spanning Tree that the switch has accepted as the root device.
Root Port — Specifies the port number on the switch that is closest to the root. The switch communicates with the root device through this port. If there is no root port, the switch has been accepted as the root device of the Spanning Tree network.
Root Path Cost— Identifies the path cost from the root port on the switch to the root device.
Configuration Changes— Specifies the number of times the Spanning Tree has been reconfigured.
Last Topology Change— Identifies the time since the Spanning Tree was last reconfigured.
From the Bridge Settings page, under Attributes, you can also enable and configure the following Spanning Tree parameters:
Spanning Tree State— Enables or disables the Spanning Tree. If you enable the Spanning Tree, you must complete the other fields.
Priority — Sets the priority setting among other switches in the Spanning Tree. (The range is 0 to 65535.)
Hello Time — Sets the interval between configuration messages sent by the Spanning Tree Protocol. (The range is 1 to 10 seconds.)
Maximum Age— Sets the amount of time before the system discards a configuration message. (The range is 6 to 40 seconds.)
Forward Delay — Sets the amount of time the system spends in learning and listening states. (The range is 4 to 30 seconds.)
To save any changes you make in this page for the current session, click Apply Changes. If you don't want to save the changes, click Refresh.
In the Port Settings page, you can specify Spanning Tree parameters for each port. For each port number listed in the Port column, the following information is available:
Type — Specifies the type of port, indicates one of the following:
1000Base-TX — 10/100/1000Base-T RJ-45 port
1000Base-SFP — gigabit SFP transceiver port
State— Displays the current state of the port within the Spanning Tree:
No Link — No valid link on the port.
Disabled — Port has been disabled by the user or has failed diagnostics.
Blocking — Port receives Spanning Tree configuration messages, but does not forward packets.
Listening — Port leaves blocking state due to topology change, starts transmitting configuration messages, but does not forward packets.
Learning — Port has transmitted configuration messages for an interval set by the Forward Delay parameter without receiving contradictory information. The port address table is cleared, and the port begins learning addresses.
Forwarding — Port forwards packets and continues learning addresses.
Trunk— Indicates whether the port is configured as a trunk member
The Port Settings page also contains the following editable fields:
Priority — Indicates the priority assigned to the port for the Spanning Tree Protocol (0 to 255). A port with a higher priority is less likely to be blocked if the Spanning Tree Protocol detects network loops. Low numeric value indicates a high priority.
Path Cost — Specifies the cost assigned to this port for the Spanning Tree Protocol (1 to 65535). A port with a lower cost is less likely to be blocked if the Spanning Tree Protocol detects network loops.
NOTE: Use Fast Link if a
device is connected to a
port that requires network
access immediately when
the link comes up and
cannot wait for a
Spanning Tree resolution.
Fast Link— Immediately enables the port in forwarding state when a link comes up. The port is not part of the Spanning Tree at that time, but will participate in future Spanning Tree resolutions.
On the Trunk Settings page, you can specify Spanning Tree parameters for each trunk. For each port number listed in the Trunk column, the following fields are available:
Priority — Indicates the priority assigned to the trunk for the Spanning Tree Protocol (0 to 255). A trunk with a higher priority is less likely to be blocked if the Spanning Tree Protocol detects network loops. Low numeric value indicates a high priority.
Path Cost — Specifies the cost assigned to the trunk for the Spanning Tree Protocol (1 to 65535). A trunk with a lower cost is less likely to be blocked if the Spanning Tree Protocol detects network loops.
NOTE: Use Fast Link if a
device is connected to a
trunk that requires
network access
immediately when the link
comes up and cannot wait
for a Spanning Tree
resolution.
Fast Link — Immediately enables the trunk in forwarding state when a link comes up. The trunk is not part of the Spanning Tree at that time, but will participate in future Spanning Tree resolutions.
You can use virtual LANs (VLANs) to assign ports on the switch to any of up to 255 LAN groups. In conventional networks with routers, broadcast and multicast traffic is split up into separate domains. Switches do not inherently support broadcast domains, which can lead to broadcast storms in large networks. By using IEEE 802.1Q-compliant VLANs and GARP VLAN Registration Protocol (GVRP), you can organize any group of network nodes into separate broadcast domains, confining broadcast and multicast traffic to the originating group. This also provides a more secure and cleaner network environment. For more information on how to use VLANs, see "VLANs."
The VLAN page includes links to the following pages:
On the VLAN Membership page, you define VLAN groups. The following options are available:
Show VLAN — Select the VLAN for which you want to edit the membership setting.
Name — Specifies user-defined name of the VLAN.
VLAN ID — Specifies numeric ID of the VLAN (1 to 4094).
Remove VLAN — Check this box to remove an existing VLAN.
Status — Configures the VLAN as Active or Suspended.
Creation — Indicates whether the VLAN has been created as a permanent (static) VLAN or has been dynamically created through GVRP.
Port/Trunk toggle buttons — Allows you to select VLAN membership for each port or trunk by toggling the value of the Port/Trunk button:
'U': Port is a member of the VLAN. All packets transmitted by the port will be untagged, that is, not carry a tag and therefore not carry VLAN or CoS information.
'T': Port is a member of the VLAN. All packets transmitted by the port will be tagged, that is, carry a tag and, therefore, carry VLAN or CoS information.
'F': Port is forbidden from automatically joining the VLAN through GVRP. For more information, see "GVRP."
'BLANK': Port is not a member of the VLAN. Packets associated with this VLAN will not be transmitted by the port.
The VLAN tagging option is a standard set by the IEEE to facilitate the spanning of VLANs across multiple switches. For more information, see "VLANs" and the IEEE Std 802.1Q-1998 Virtual Bridged Local Area Networks.
To save any changes you make in this page, click Apply Changes. If you don't want to save the changes, click Refresh.
The parameter vlan-list is the list of VLAN identifiers being added. Separate nonconsecutive VLAN identifiers with a comma and no spaces; use a hyphen to designate a range of IDs.
On the Port Settings page, you can specify the default port VLAN ID (PVID) for each port on your switch. All untagged packets entering the switch are tagged by default with the ID specified by the port's PVID.
The Port Settings page is set up in a table format. For each port listed in the Port column, the following options are available:
PVID — Specifies the VLAN ID assigned to untagged frames received on the port. To assign a VLAN ID as the port's PVID, the port must be an untagged VLAN member.
Acceptable Frame Type— Allows you to set the switch port to accept all frame types, including VLAN tagged or VLAN untagged frames, or only tagged frames.
Ingress Filtering— Discards incoming frames for VLANS that do not include the ingress port in their member set, if enabled.
GVRP Status— Enables/disables GVRP (GARP VLAN Registration Protocol) for the port. GVRP defines a way for switches to exchange VLAN information to automatically register VLAN members on ports across the network. GVRP must be globally enabled for the switch before you can individually enable GVRP for a specific port. For more information, see "GVRP."
GARP Join Timer— Specifies the interval (in centiseconds) between transmitting requests/queries to participate in a VLAN group. (The range is 20 to 1000 centiseconds.)
GARP Leave Timer— Specifies the interval (in centiseconds) a port waits before leaving a VLAN group. This time should be set to more than twice the join time. This interval ensures that after a Leave or LeaveAll message has been issued, the applicants can rejoin before the port actually leaves the group. (The range is 60 to 3000 centiseconds.)
GARP LeaveAll Timer— Specifies the interval (in centiseconds) between sending out a LeaveAll query message for VLAN group participants and the port leaving the group. This interval should be considerably larger than the Leave Time to minimize the amount of traffic generated by nodes rejoining the group. (The range is 500 to 18000 centiseconds.)
To save any changes you make in this page, click Apply Changes. If you don't want to save the changes, click Refresh.
On the Trunk Settings page, you can specify the default port VLAN ID (PVID) for ports that are configured as trunk members. When an untagged packet enters the switch, it is, by default, tagged with the ID specified by the port's PVID.
For each trunk listed in the Trunk column, the following options are available:
PVID — Identifies the VLAN ID assigned to untagged frames that are received on each trunk port. To assign a VLAN ID as the port's PVID, the port must be an untagged VLAN member.
Acceptable Frame Type— Sets the switch trunk ports to accept either both tagged and untagged frames or only tagged frames.
Ingress Filtering— Discards incoming frames for VLANs that do not include the trunk in their member set at the ingress ports, if enabled.
GVRP Status— Enables/disables GARP VLAN Registration Protocol (GVRP) for the trunk. GVRP defines a way for switches to exchange VLAN information to automatically register VLAN members on ports across the network. GVRP must be globally enabled for the switch before you can individually enable GVRP for a specific trunk. For more information, see "GVRP."
GARP Join Timer— Specifies the interval (in centiseconds) between transmitting requests/queries to participate in a VLAN group. (The range is 20 to 1000 centiseconds.)
GARP Leave Timer— Specifies the interval (in centiseconds) that a trunk waits before leaving a VLAN group. GARP Leave Timer should be set to more than twice the join time. This interval ensures that after a Leave or LeaveAll message has been issued, the applicants can rejoin before the trunk actually leaves the group. (The range is 60 to 3000 centiseconds.)
GARP LeaveAll Timer—Specifies the interval (in centiseconds) between when a LeaveAll query message for VLAN group participants is sent and when the trunk leaves the group. This interval should be considerably larger than the Leave Time to minimize the amount of traffic generated by nodes rejoining the group. (The range is 500 to 18000 centiseconds.)
To save any changes you make in this page, click Apply Changes. If you don't want to save the changes, click Refresh.
The GVRP page allows you to globally enable GVRP (GARP VLAN Registration Protocol) for the switch. GVRP defines a way for switches to exchange VLAN information to register VLAN members on ports across the network. You can use GVRP to set up VLANs in the network without having to manually configure the VLANs on each switch. GVRP can reduce the possibility of errors and ensure consistency in VLAN configuration throughout the network.
If you enable GVRP on a port with a tagged or untagged static VLAN, GVRP sends advertisements (GVRP Bridge Protocol Data Units [BPDUs]) containing the VLAN's ID. Any connected GVRP-aware port receiving the advertisements can dynamically join the advertised VLAN. All GVRP dynamically-learned VLANs operate as tagged VLANs. A GVRP-enabled port only joins a VLAN when an advertisement for that VLAN is received on that specific port. A GVRP-enabled port forwards advertisements from other ports on the switch but does not join the advertised VLAN.
To implement GVRP in a network, you must first configure the static VLANs required on switches that are connected to computers, servers, and other devices, so that these VLANs can be propagated across the network. For other core switches in the network, enable GVRP on the links between these devices. You should also determine security boundaries in the network and configure GVRP settings to limit the VLAN propagation.
When GVRP is globally enabled for the switch, the default setting allows all the ports to transmit and receive VLAN advertisements, as well as automatically join VLANs. To control and limit the VLAN propagation in a network, you can disable GVRP on ports to prevent advertisements from being propagated, or to forbid ports from joining specific VLANs. The VLAN Membership page allows you to set ports as Forbidden, which prevents them from joining a VLAN through GVRP.
NOTICE: GVRP-learned VLANs on the switch do not have assigned IP
addresses. Therefore, the management VLAN must be statically configured on
all switches in the network before you implement GVRP.
For more information on VLANs and GVRP see "VLANs."
NOTICE: GVRP must be globally enabled for the switch before you can
individually enable GVRP for a specific port or trunk.
To save any changes you make in this page, click Apply Changes. If you don't want to save the changes, click Refresh.
Class of Service (CoS) allows you to assign priority to data packets when traffic in the switch is buffered due to congestion. This switch supports CoS by using four priority queues for each port. Data packets in a port's high-priority queue will be transmitted before packets in the lower-priority queues.
The Class of Servicepage allows you to set the default priority for each port or trunk, and to configure the mapping of frame priority tags to the switch's four priority queues. The page includes links to the following options:
Port Settings — Sets the default priority for each port
Trunk Settings — Sets the default priority for each trunk
Traffic Classes — Configures the mapping of IEEE 802.1p priority tags to the switch's four traffic class queues
Queue Scheduling — Configures Weighted Round Robin (WRR) queueing for the switch ports
Layer 3/4 Priority — Configures the mapping of IP Precedence/DSCP values or IP TCP/UDP port numbers to the switch's four priority queues
NOTICE: The IEEE 802.1p tags specify eight levels of priority, from the
lowest (0) to the highest (7). IP Precedence or IP DSCP values are mapped to
these priority tag levels, and the priority levels are mapped directly to the
switch's four traffic class queues.
In the Port Settings page, you can specify the default port priority for each port on the switch. All packets entering the switch that are untagged (do not already have a priority value) are tagged with the specified default port priority and then sorted into the appropriate priority queue at the output port.
For each port listed in the Port column, you can assign the default port priority (from 0 to 7) to untagged frames received on the port. The default setting for ports is 0.
On the Trunk Settings page, you can specify the default port priority for each port in a switch trunk. All packets entering the switch that are untagged (do not already have a priority value) are tagged with the specified default port priority and then sorted into the appropriate priority queue at the output port.
For each trunk listed in the Trunk column, you can assign the default port priority (from 0 to 7) to untagged frames received on any port in the trunk. The default setting is 0.
On the Traffic Classespage, you can configure the mapping of frame priority tags to each port's four CoS priority queues.
Each IEEE 802.1p priority level (from 0 to 7) listed in the Priority column can be mapped to one of the switch's four traffic class queues (from 0 to 3). The number 0 represents a low priority and higher values represent higher priorities.
In the Queue Schedulingpage, you can configure Weighted Round Robin (WRR) queueing for the switch ports.
The following options are available:
WRR Setting Table— Displays a list of weight values for each switch CoS queue
Weight Value— Sets a new weight value for a CoS
To change a table setting, select the entry in the WRR Setting Table, type the new weight in the Weight Value box, and then click Apply Changes. If you don't want to save the changes, click Refresh.
You can assign Layer 3/4 priority to traffic in the switch by considering the settings in the Type of Service (ToS) field in the IP header of a frame. The ToS field can contain an IP Precedence or the more recently released Differentiated Services Code Point (DSCP) value, depending on whether you have DSCP or IP Precedence-aware devices in your network. You can use the Layer 3/4 Prioritypage to identify IP traffic priorities and map the priorities to the CoS values in the priority tag of each frame.
The following figure shows the ToS field structure for IP Precedence and IP DSCP.
NOTE: The switch allows
you to choose between IP
Precedence or DSCP
priority. Select one of the
methods or disable this
feature.
From the IP Precedence section, you can map IP Precedence values to traffic class values. These settings apply to all ports on the switch.
The following options are available:
IP Precedence Priority Table— Displays a list of IP Precedence values with mapped CoS values.
Class of Service Value— Maps a CoS value to an IP Precedence value. The number 0 represents low priority and 7 represents high priority.
Click IP Precedence in the IP Precedence/DSCP Priority Status field to enable this feature.
Each IP Precedence value (from 0 to 7) is mapped to one CoS value (from 0 to 7). The number 0 represents the lowest priority and 7 represents the highest priority.
The following table shows the default priority mapping.
IP Precedence Value
CoS Value
0
0
1
1
2
2
3
3
4
4
5
5
6
6
7
7
To change a table setting, click the entry in the IP Precedence Priority Table, type the new CoS value in the Class of Service Value box, and then click Apply Changes. If you don't want to save the changes, click Refresh.
In the IP DSCP Prioritysection, you can map DSCP values to traffic class values. These settings apply to all ports on the switch.
The following options are available:
DSCP Priority Table— Displays a list of DSCP values mapped to CoS values.
Class of Service Value— Sets a new CoS for a DSCP value. The number 0 represents low priority and 7 represents high priority.
Click IP DSCP in the IP Precedence/DSCP Priority Status field to enable this feature.
Each IP DSCP value (from 0 to 63) is mapped to one CoS value (from 0 to 7). The number 0 represents the lowest priority and 7 represents the highest priority.
The following table shows the default priority mapping. All of the DSCP values that are not specified are mapped to CoS value 0.
IP DSCP Value
CoS Value
0
0
8
1
10, 12, 14, 16
2
18, 20, 22, 24
3
26, 28, 30, 32, 34, 36
4
38, 40, 42
5
48
6
46, 56
7
To change a table setting, select the entry in the DSCP Priority Table, type the new CoS value in the Class of Service Value box, and then click Apply Changes. If you don't want to save the changes, click Refresh.
From the Link Aggregationpage, you can create multiple links between switches that work as one virtual, aggregate link. You can create up to six trunks at a time, with each trunk containing up to four ports. A port trunk offers a dramatic increase in bandwidth for network segments where bottlenecks exist and provides a fault-tolerant link between two devices.
The switch supports two types of link aggregation—static and Link Aggregation Control Protocol (LACP).
LACP-configured ports automatically negotiate a trunked link with LACP-configured ports on another device. You can configure any number of ports on the switch as LACP, as long as they are not already configured as part of another trunk. If ports on another device are also configured as LACP, the switch and the other device negotiate a trunk link between them. If an LACP trunk consists of four ports, all other ports are placed in a standby mode. If one link in the trunk fails, one of the standby ports is automatically activated to replace it.
Use the following guidelines when you configure port trunks:
Finish configuring port trunks before you connect the corresponding network cables between switches.
You can configure up to six trunk groups, with up to four ports as a trunk group.
All ports in the same trunk must consist of the same media type (for example, twisted-pair or fiber).
The ports on both ends of the trunk must be configured for the same VLAN, speed, duplex mode, flow control, and CoS settings.
If the target switch has also enabled LACP on the connected ports, the trunk will automatically activate.
If more than four ports attached to the same target switch have LACP enabled, the additional ports enter standby mode and will only be enabled if one of the active links fails.
STP, VLAN, and IGMP settings can only be made for the entire trunk through the specified port-channel.
To add a port to a static trunk, click the Static toggle button below the port number until the correct trunk number appears. To make a port available for an LACP trunk, click the LACP toggle button below the port number until an L appears.
NOTICE: All ports on both ends of an LACP trunk must be configured for full
duplex, either by forced mode or auto-negotiation.
NOTICE: All ports participating in a trunk should have the same VLAN and
CoS settings.
NOTICE: In order for a port to join an existing trunk through LACP, the
port's Flow Control, Speed and Duplex Mode, and Autonegotiation settings
must match those of the existing trunk.
To save any changes you make in this page, click Apply Changes. If you don't want to save the changes, click Refresh.
On the Communities page, you can create different communities and customize access. The public string has read-only privileges by default.
The following options are available:
SNMP Community Capability— Indicates that the switch supports up to five community strings.
Community List— Displays a list of the community strings currently configured. Default strings are public (read-only access) and private (read/write access).
Community String — Allows you to name a new community. Community strings are case sensitive.
Access Mode— Sets the access rights for the new community that you are creating. Access rights are either read-only or read/write.
To add an SNMP community, type the new name in the Community String box, select the access rights from the Access Mode drop-down menu, and then click Add Community String. To delete a community, click the entry in the Community List, and then click Remove Community String.
The following table summarizes the equivalent CLI commands for items in the SNMP/Communities page.
Command
Usage
snmp-server community string [ro|rw]
Defines the community access string for the Simple Network Management Protocol. Read-only access is specified by ro, and read-write access is specified by rw.
On the Traps page, you can specify management stations that receive authentication failure messages and other trap messages from the switch.
NOTICE: The switch does not prevent IP addresses that are not in the Trap
Manager list from accessing the switch through SNMP. You only need a valid
community string for access.
The following options are available:
Trap Manager Capability— Indicates that the switch supports up to five trap managers
Trap Manager List— Displays a list of the trap managers currently configured
IP address— Specifies the IP address of a new management station to receive trap messages
Community String — Identifies the community string for the new trap manager you are creating
To add a trap manager, type the new IP address in the IP Address box, type the appropriate SNMP community in the Community String box, and then click Add Trap Manager. To delete a trap manager, click the entry in the Trap Manager List, and then click Remove Trap Manager.
Multicasting is used to support real-time programs such as video conferencing or streaming audio. A multicast server does not have to establish a separate connection with each client. Instead, it broadcasts its service to the network and to any hosts that are supposed to receive the multicast register with their local multicast routers/switches. This approach reduces the network overhead required by a multicast server. However, each time the broadcast traffic passes through a multicast router/switch, the traffic must be carefully queried to ensure that only hosts that subscribe to the service receive the broadcast.
The switch uses the Internet Group Management Protocol (IGMP) to determine if any attached hosts are supposed to receive a specific IP multicast service. IGMP runs between hosts and their adjacent multicast routers/switches. IGMP is a multicast host registration protocol that allows any host to inform its local router that the host is supposed to receive transmissions addressed to a specific multicast group.
IGMP requires one device to act as the querier on each LAN subnetwork. The querier is the IGMP-enabled device that periodically sends query messages to all hosts asking them if they want to receive multicast traffic. Hosts respond with report messages, indicating to multicast groups that they wish to join or to which group they already belong. The querier then propagates the service requests on to any adjacent multicast switch/router to ensure that it continues to receive the multicast services.
IGMP-enabled devices prune multicast traffic on the network by passively snooping on IGMP report messages passing through their ports. The devices monitor host report messages, pick out the multicast group registration information, and then configure filters accordingly so that multicast traffic for particular groups is not forwarded on to ports that do not require it. This capability significantly reduces the multicast traffic on the network.
The Multicast Support page contains links to the following pages:
With IGMP Snooping, you can configure the switch to forward multicast traffic intelligently. Based on the IGMP query and report messages, the switch forwards traffic only to the ports that request multicast traffic. This querying prevents the switch from broadcasting the traffic to all ports and possibly disrupting network performance.
NOTE: IGMP requires a
router that learns about
the presence of multicast
groups on its subnets and
keeps track of group
membership.
On the IGMP Setting page, the following options are available:
IGMP Status— Enables IGMP. When IGMP is enabled, the switch monitors network traffic to determine which hosts are supposed to receive multicast traffic.
Act as IGMP Querier— Enables the switch as Querier. When Querier is enabled, the switch can serve as the Querier, which is responsible for asking hosts if they are supposed to receive multicast traffic.
IGMP Query Count (2–10) — Sets the maximum number of queries issued for which there has been no response before the switch takes action to solicit reports. (The range is 2 to 10.)
IGMP Query Interval (60–125) — Sets the frequency at which the switch sends IGMP host-query messages. (The range is 60 to 125.)
IGMP Report Delay (5–30) — Sets the time (in seconds) between receiving an IGMP Report for an IP multicast address on a port before the switch sends an IGMP Query out of that port and removes the entry from its list. (The range is 5 to 30.)
IGMP Query Timeout (300–500) — Sets the time the switch waits after the previous querier has stopped querying before it takes over as the querier. (The range is 300 to 500.)
IGMP Version — Sets the protocol version for compatibility with other devices on the network (1 or 2).
To save any changes you make in this page, click Apply Changes. If you don't want to save the changes, click Refresh.
You can use the IGMP Member Port Table page to assign ports that are attached to hosts that are supposed to receive a specific multicast service.
The following options are available:
VLAN ID — Specifies the VLAN ID
Multicast IP Address— Allows you to select or add the IP address for a specific multicast service
New IP Address— Specifies the IP address of a new multicast service
Port/Trunk Toggle Buttons — Allows you to select ports or trunks to receive the specified multicast service by toggling the value of the port/trunk button:
'S' — Statically sets a port or trunk as a group member of the multicast service
'D' — Indicates that a port or trunk has been dynamically set as a group member of the multicast service
'BLANK' — Indicates that the port or trunk is not a group member of the multicast service
NOTICE: You must set at least one port or trunk as a static member before
you add a new multicast IP address. If you remove all static members from a
group, the IP address is also removed.
To save any changes you make in this page, click Apply Changes. If you don't want to save the changes, click Refresh.
You can use the Multicast Router Port Settings page to display or set ports on the switch that are attached to a neighboring multicast router/switch for each VLAN ID.
The following options are available:
VLAN ID — Specifies the VLAN ID
Port/Trunk Toggle Buttons — Allows you to select ports or trunks that are attached to a neighboring multicast router/switch by toggling the value of the port/trunk button:
'S' — Statically attaches a port or trunk to a multicast router/switch
'D' — Indicates that a port or trunk has been dynamically attached to a multicast router/switch
'BLANK' — Indicates that the port or trunk is not attached to a multicast router/switch
To save any changes you make in this page, click Apply Changes. If you don't want to save the changes, click Refresh.
From the Statistics page, you can chart a variety of system data. You can see the value of each bar or line in the chart by clicking the bar. For each chart, after you have set all the variables, click Draw.
NOTE: Rates are
displayed as counts per
second. Counters are
cumulative from the last
time the system was
booted.
The Statistics page contains links to the following pages:
The Table page lists, in table format, all statistics counters for a specific port or trunk. You must specify the port or trunk from the drop-down menus, and then click Query.
