Allied Telesis AT-GS950/10PS manuel d'utilisation

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386

Aller à la page of

Un bon manuel d’utilisation

Les règles imposent au revendeur l'obligation de fournir à l'acheteur, avec des marchandises, le manuel d’utilisation Allied Telesis AT-GS950/10PS. Le manque du manuel d’utilisation ou les informations incorrectes fournies au consommateur sont à la base d'une plainte pour non-conformité du dispositif avec le contrat. Conformément à la loi, l’inclusion du manuel d’utilisation sous une forme autre que le papier est autorisée, ce qui est souvent utilisé récemment, en incluant la forme graphique ou électronique du manuel Allied Telesis AT-GS950/10PS ou les vidéos d'instruction pour les utilisateurs. La condition est son caractère lisible et compréhensible.

Qu'est ce que le manuel d’utilisation?

Le mot vient du latin "Instructio", à savoir organiser. Ainsi, le manuel d’utilisation Allied Telesis AT-GS950/10PS décrit les étapes de la procédure. Le but du manuel d’utilisation est d’instruire, de faciliter le démarrage, l'utilisation de l'équipement ou l'exécution des actions spécifiques. Le manuel d’utilisation est une collection d'informations sur l'objet/service, une indice.

Malheureusement, peu d'utilisateurs prennent le temps de lire le manuel d’utilisation, et un bon manuel permet non seulement d’apprendre à connaître un certain nombre de fonctionnalités supplémentaires du dispositif acheté, mais aussi éviter la majorité des défaillances.

Donc, ce qui devrait contenir le manuel parfait?

Tout d'abord, le manuel d’utilisation Allied Telesis AT-GS950/10PS devrait contenir:
- informations sur les caractéristiques techniques du dispositif Allied Telesis AT-GS950/10PS
- nom du fabricant et année de fabrication Allied Telesis AT-GS950/10PS
- instructions d'utilisation, de réglage et d’entretien de l'équipement Allied Telesis AT-GS950/10PS
- signes de sécurité et attestations confirmant la conformité avec les normes pertinentes

Pourquoi nous ne lisons pas les manuels d’utilisation?

Habituellement, cela est dû au manque de temps et de certitude quant à la fonctionnalité spécifique de l'équipement acheté. Malheureusement, la connexion et le démarrage Allied Telesis AT-GS950/10PS ne suffisent pas. Le manuel d’utilisation contient un certain nombre de lignes directrices concernant les fonctionnalités spécifiques, la sécurité, les méthodes d'entretien (même les moyens qui doivent être utilisés), les défauts possibles Allied Telesis AT-GS950/10PS et les moyens de résoudre des problèmes communs lors de l'utilisation. Enfin, le manuel contient les coordonnées du service Allied Telesis en l'absence de l'efficacité des solutions proposées. Actuellement, les manuels d’utilisation sous la forme d'animations intéressantes et de vidéos pédagogiques qui sont meilleurs que la brochure, sont très populaires. Ce type de manuel permet à l'utilisateur de voir toute la vidéo d'instruction sans sauter les spécifications et les descriptions techniques compliquées Allied Telesis AT-GS950/10PS, comme c’est le cas pour la version papier.

Pourquoi lire le manuel d’utilisation?

Tout d'abord, il contient la réponse sur la structure, les possibilités du dispositif Allied Telesis AT-GS950/10PS, l'utilisation de divers accessoires et une gamme d'informations pour profiter pleinement de toutes les fonctionnalités et commodités.

Après un achat réussi de l’équipement/dispositif, prenez un moment pour vous familiariser avec toutes les parties du manuel d'utilisation Allied Telesis AT-GS950/10PS. À l'heure actuelle, ils sont soigneusement préparés et traduits pour qu'ils soient non seulement compréhensibles pour les utilisateurs, mais pour qu’ils remplissent leur fonction de base de l'information et d’aide.

Table des matières du manuel d’utilisation

  • Page 1

    613-001770 Rev A AT-GS950/10PS Gigabit Ethernet PoE+ Switch AT-GS950/10PS Switch Web Interface User’s Guide AT-S110 [1.00.013][...]

  • Page 2

    Copyright © 2013 Allied Telesis, Inc. All rights reserved. No part of this publicati on may be repr o duced without prior w ritten permission from Al lied Telesis, Inc. Allied Telesis and the Allied Telesis logo are trademarks of Allied Telesis, Incorp orated. All other product names, company names, logos or oth er designations ment ioned herein a[...]

  • Page 3

    3 Contents List of Figures ............... ............. ................. ............ ................. ............. ................ ............. ......................... ..... 9 List of Tables ................ ............. ................. ............ ................. ............. ................ ............. .......... ..............[...]

  • Page 4

    Contents 4 Forwarding Delay and Topology Changes .......... ............. ................. ............ ................. ............ ......... .6 5 Mixed STP and RSTP Networks ............. ................ ............. ................ ................ ................ .......... ...... 67 Spanning Tree and VLANs . ................ ...........[...]

  • Page 5

    AT-GS950/10PS Switch Web Interface User’s Guide 5 Ingress Rate Limiting .............. ................ ................ ............. ................ ................ ............. .. ............... 143 Egress Rate Limiting ........................ ............ ................. ................ ................ ............. ......... .......[...]

  • Page 6

    Contents 6 Overview .......... ............. ................ ................. ............ ................. ............. ................ ..... ................. ........... 202 SNMPv3 Authentication Protocols ...................... .......... ................ ............. ................ ............. ...... ..... 2 02 SNMPv3 Privacy Protoco[...]

  • Page 7

    AT-GS950/10PS Switch Web Interface User’s Guide 7 Overview ............. ............. ................ ............. ................ ............. ................ ................ ... ....................... .... 258 CoS with Voice VLAN ................ ................ ................ ............. ................ ............. ............[...]

  • Page 8

    Contents 8 Displaying System Information...... ................... ............. ................ ............. ................ ............. .. ......... 307 Setting Port States ........... ................ ................ ............. ................ ................ ............. ....... ................ . 3 07 Neighbors Information ........[...]

  • Page 9

    9 Figure 1. Entering a Switch’s IP Address in the URL Field............... .............. ........... .............. .............. . ..... ........... ........... 22 Figure 2. Management Login Dialog Box .................. ............................ ............ ...................... ......... .. ............ .............. ..... 22 Figure 3.[...]

  • Page 10

    Figures 10 Figure 51. Example of AT-GS950/10PS Tagged VLAN Page ................................................................ .......... .......... ..... 159 Figure 52. AT-GS950/10PS Modify V LAN Page............. .............. .............. .............. .............. .............. .. ............ ........... .. 159 Figure 53. AT-GS950/10P[...]

  • Page 11

    AT-GS950/10PS Switch Web Interface User’s Guide 11 Figure 111. Dial-In User Page Example ............... ... ..... .............. ........... .............. ............ ........... .... .... .............. ............ ... 277 Figure 112. Destination MAC Filter Page .................. .............. .............. .............. .............. .[...]

  • Page 12

    Figures 12[...]

  • Page 13

    13 List of T ables Table 1. Bridge Priority Value Increme nts ...................................................................... .............. .. 63 Table 2. Valid Port Priority Va lues .......................................................................................... ........ 65 Table 3. Default Mappings Prio rity Levels to Priority Q[...]

  • Page 14

    List of Tables 14[...]

  • Page 15

    15 Pr eface This guide contains instructions on ho w to use the AT-S110 Management Software to manage and monitor the AT-GS950/1 0PS Gigabit Ethernet PoE+ Switch. The AT-S110 Management software has a web browser in terface that you can access from any management work station on your network that has a web browser application. This preface contains[...]

  • Page 16

    Preface 16 Document Conventions This document uses the following conventions: Note Notes provide additional informatio n. Caution Cautions inform you t hat performing or omitting a spe cific action may result in equipment damage or loss of data. Warning Warnings inform you that performing or omitting a sp ecific action may result in bodily injury.[...]

  • Page 17

    AT-GS950/10PS Switch Web Interface User’s Guide 17 Allied Telesis Contact Information If you need assistance with this prod uct, you may contact Allied Telesis technical support by going to the Suppo rt & Services section of the Allied Telesis web site at www.alliedtelesis.com/support . You can find links for the following services on this pa[...]

  • Page 18

    Preface 18[...]

  • Page 19

    19 Section I Getting S tarted This section contains t he following chapters:  Chapter 1, “S tarting a Web Browser Session” on p age 21  Chapter 2, “System Configuration” on p age 27[...]

  • Page 20

    20[...]

  • Page 21

    21 Chapter 1 S tarting a W eb Br owser Session This chapter contains the procedures fo r starting, using, and quitting a web browser management session on the AT-GS950/10PS switch. This chapter includes the following sections:  “Establishing a Remote Connection to the Web Browser I nterface” on page 22  “Web Browser Tools” on page 25 [...]

  • Page 22

    Chapter 1: St arting a Web Browser Session 22 Establishing a Remote Connectio n to the Web Brow ser Interface The AT-GS950/10PS switch is shipped with a pre-assigned IP ad dress of 192.168.1.1. After your initial login, A llied Telesis suggests that you assign a new IP address to your switch. To manua lly assign an IP address to the switch, refer t[...]

  • Page 23

    AT-GS950/10PS Switch Web Interface Use r’s Guide 23 4. Press OK . The A T -GS950/10PS Switch Information page is displayed. See Figure 3. Note To change the user name and pa ssword, refer to “User Name and Password Configuration” on page 34. Figure 3. AT-GS950/10PS Switch Information Page The main menu appears on the left side and is common f[...]

  • Page 24

    Chapter 1: St arting a Web Browser Session 24  LLDP  Statistics Chart  Tools  Save Conf igurati on 5. To see the front p anel of the switch, select Front Panel from the main menu on the left side of th e page. The A T -S1 10 Management sof tware displays the front of the switch. Ports are green th at have a link to an end node. Port s w[...]

  • Page 25

    AT-GS950/10PS Switch Web Interface Use r’s Guide 25 Web Browser Tools You can use the web browser tools to move aro und the management pages. Selecting Back on your browser’s toolbar returns you to the previous display. You ca n also use the browser’s Bookmark feature to save the link to the switch.[...]

  • Page 26

    Chapter 1: St arting a Web Browser Session 26 Quitting a Web Browser Management Session To exit a web browser management session, clo se the web browser.[...]

  • Page 27

    27 Chapter 2 System Configuration This chapter provides pr ocedures to configuring basic system parameters for the AT-GS950/10PS switch and cont ains information for the following sections:  “System Management Information” on page 28  “Configuration of IP Address, Subn et Mask and Gateway Address” on page 30  “IP Access List Conf[...]

  • Page 28

    Chapter 2: System Configur ation 28 System Management Information This section explains how to assig n a name, location, and contact information for the AT-GS950/10PS switch. This informat ion helps in identifying each specific AT-GS950/10PS switch among other switches in the same local area network. Entering this information is optional. Note Alli[...]

  • Page 29

    AT-GS950/10PS Switch Web Interface Use r’s Guide 29 System Name - Specifies a name for the switch, for example, Sales. The name is optional and may contain up to 15 characters. System Location - Specifies the location of th e switch. The location is optional and may contain u p to 30 characters. System Contact - Specifies the name of the netwo rk[...]

  • Page 30

    Chapter 2: System Configur ation 30 Configuration of IP Address, Subnet Mask and Gateway Address This procedure explains how to c hange the IP add ress, subnet mask, and gateway address of the switch. Before performing the procedure, note the following:  A gateway address is only required if you want to remotely manage the device from a manageme[...]

  • Page 31

    AT-GS950/10PS Switch Web Interface Use r’s Guide 31 System Default Gateway - Displays the default gateway of the switch. To change the default g ateway, enter a new gateway. When DHCP is enabled, you can not change this parameter. DHCP Mode - For information about setting this parameter, refer to “DHCP Client Configuration” on page 45. 4. Cli[...]

  • Page 32

    Chapter 2: System Configur ation 32 IP Access List Configuration When the IP Access List feature is enabled, remo te access to the AT-S110 management software is restricted to the IP addresse s entered into the IP Access List. The procedures in this section describe how to enable or disable the IP Access List feature and how to add or remove IP add[...]

  • Page 33

    AT-GS950/10PS Switch Web Interface Use r’s Guide 33 5. From the IP Restriction Status field, select one of the following choices from the pull-down menu: Enable - This selection restricts the access to the AT-S110 management software to the IP addresses in the table listed under Accessible IP . Disable - This selection allows unrestricted access [...]

  • Page 34

    Chapter 2: System Configur ation 34 User Name and Password Configuration Password protection is always en abled for access to the AT-S110 Management software. This section explains how to create new users names and passwords and how to modify or delete existing users for the web interface. See the following sections:  “Add New User Name and Pa[...]

  • Page 35

    AT-GS950/10PS Switch Web Interface Use r’s Guide 35 4. To add a password that correspon ds to the user name entered in step 3, enter a password of up to 12 alp hanumeric characters in the box next to the Password field. The Password field is case sensitive. 5. To confirm the password entry, retype the password in the box next to the Confirm Passw[...]

  • Page 36

    Chapter 2: System Configur ation 36 Delete User Name and Password To delete a user name that you have p reviously added, perform the following procedure. 1. From the main menu on the left side of the page, click the System folder. The System folder expands. 2. From the System folder, select Administration . The Administration Page is shown in Figur[...]

  • Page 37

    AT-GS950/10PS Switch Web Interface Use r’s Guide 37 User Interface Configuration This procedure explains how to enabl e and disable the user interfaces on the switch. With this procedure you can enable or disable the AT-GS9 50/ 10PS SNMP Agent. For more information about SNMP, go to Chapter 20, “Simple Network Management Protocol SNMPv1 and v2c[...]

  • Page 38

    Chapter 2: System Configur ation 38 Note See Chapter 20, “Simple Network Management Protocol SNMPv1 and v2c” on page 263 and Chapter 21, “Simple Network Management Protocol SNMPv3” on page 273 to configure the remaining SNMP parameters. 4. Click Apply located under the Web Server Status Enable/Disable field. 5. From the main menu on the lef[...]

  • Page 39

    AT-GS950/10PS Switch Web Interface Use r’s Guide 39 System Time The procedures in this section describ e how to configure th e system time by manually entering the time or throu gh SNTP and how to configure the daylight savings time feature. See th e following sections:  “Manually Setting System Time” o n page 39  “Setting SNTP” on [...]

  • Page 40

    Chapter 2: System Configur ation 40 4. In the Local Time Settings section, set the Date Setting (YYYY:MM:DD) to the current date in the YYYY:MM:DD format. 5. In the Local Time Settings section, set the Tim e Settings (HH:MM:SS) to the current time in the HH:MM:SS format. 6. Click the Apply but ton at the bottom of the page. The time will take effec[...]

  • Page 41

    AT-GS950/10PS Switch Web Interface Use r’s Guide 41 Setting Daylight Savings Parameters If you want to configure the switch for d aylight savings time, perform the following procedure: 1. From the main menu on the left side of t he page, click the System folder. The System folder expands. 2. From the System folder, select System Time. The System [...]

  • Page 42

    Chapter 2: System Configur ation 42 SSL Settings The AT-GS950/10PS switch has a web browser server for remote management of the unit with a web browser application from management workstations on your network. By default, the server operate s in a non-secure HTTP mode and can be co nfigured to communicate in a secure HTTPS mode with SSL protocol. I[...]

  • Page 43

    AT-GS950/10PS Switch Web Interface Use r’s Guide 43 4. Click Apply . The SSL setting that yo u have selected is now active. 5. From the main menu on the left side of t he page, select Save Configuration to Flash to perman ently save your changes.[...]

  • Page 44

    Chapter 2: System Configur ation 44 DHCP and ATI Web Discovery Tool The AT-GS950/10PS Gigabit Ethernet Smart switch is manage d through a web browser interface only. The facto ry default IP address is 192.168 .1.1. The switch does not have a local console connector, which means tha t you cannot learn what the swit ch’s management IP address is on[...]

  • Page 45

    AT-GS950/10PS Switch Web Interface Use r’s Guide 45 DHCP Client Configuration This procedure explains how to activa te and deactivate the DHCP clie nt on the AT-GS950/10PS switch. When the client is activa ted, the switch obtains its IP configurat ion including an IP address a nd subnet mask from a DHCP server on your network. Be fore performing [...]

  • Page 46

    Chapter 2: System Configur ation 46 Note The ATI Web Discovery Tool is available for down load on the AT- GS950/10PS product page at alliedtelesis.c om . 6. Follow the procedure to log on with the new IP address provided by the DHCP Server as described in “Establishing a Remote Connection to the Web Bro wser Interface” on p age 20. 7. Save your[...]

  • Page 47

    AT-GS950/10PS Switch Web Interface Use r’s Guide 47 DHCP Auto Configuration If you need to automatically update the swit ch’s configuration files via a remote server, the DHCP Auto Configur ation feature is available for this purpose via the DHCP server. Note You must enable the DHCP client so that this feature can op erate with the DHCP server[...]

  • Page 48

    Chapter 2: System Configur ation 48 System Information Display The Switch Information page is initially displayed when you first log into the AT-GS950/10PS switch. It provides general info rmation about the switch. To view this information, perform th e following procedure: 1. From the main menu on the left side of the page, select Switch Info . Th[...]

  • Page 49

    AT-GS950/10PS Switch Web Interface Use r’s Guide 49 Administration Information Section: Switch Name - This paramet er displays the name assigned to the switch. To assign the switch a name, refer to “System Management Information” on page 28. Switch Location - This p arameter displays the location of the switch. To assign the location, refer t[...]

  • Page 50

    Chapter 2: System Configur ation 50 System Log Configuration The System log is designed to monitor the operation the AT-GS950/10PS switch by recording the event messages it genera tes during normal operation. These events may provide vital infor mation about system activity that can help in th e iden tification and solutions of system problems. To [...]

  • Page 51

    AT-GS950/10PS Switch Web Interface Use r’s Guide 51 3. From the Syslog Status field, select one of the following choices from the pull-down menu: Enable - The System log is active. Disable - The System log is inactive. 4. From the Time Stamp field, select one of the following choices from the pull-down menu: Enable - Each event messa ge recorded [...]

  • Page 52

    Chapter 2: System Configur ation 52[...]

  • Page 53

    53 Section II Bridge Configuration This section contains t he following chapters:  Chapter 3, “Port Configur ation” on page 55  Chapter 4, “STP and RSTP” on p age 61  Chapter 5, “Multiple S pann ing T ree Protocol” on page 79  Chapter 6, “S tatic Port T runking” on p age 93  Chapter 7, “LACP Port T runks” on page [...]

  • Page 54

    54[...]

  • Page 55

    55 Chapter 3 Port Configuration This chapter provides a description of the physical characteristics of the ports and a procedure that explains how to view and change the port settings. This chapter includes th e following sections:  “Overview” on page 56  “Displaying and Configuring Ports” on page 57 Note To permanently save your new [...]

  • Page 56

    Chapter 3: Port Confi guration 56 Overview This chapter describes how to disp lay and modify the physical characteristics of an AT-GS950/10PS switch. You can display and modify the settings of all the ports on one web page. The port characteristics that are displayed are:  Trunk Group Number  Port type  Link Status  Admin Status  Dup[...]

  • Page 57

    AT-GS950/10PS Switch Web Interface Use r’s Guide 57 Displaying and Configuring Ports This procedure explains how to configure the ports on the AT-GS950/10PS switch using the Port Configuration Page. This page allows you to view and configur e the pa rameter settings of individual or all the switch ports at one time. To configure the ports, perfor[...]

  • Page 58

    Chapter 3: Port Confi guration 58 for the SFP ports (9 and 10) for copper or fiber SFP type. Link Status - This parameter indicates the status of the link between the port and the end node conne cted to the port. The possible values are: Up -This parameter i Indicates a valid link exists between the port and the end node. Down -This parameter i Ind[...]

  • Page 59

    AT-GS950/10PS Switch Web Interface Use r’s Guide 59 settings for the port. You can use this paramet er to set the speed and duplex mode of a port. The possible se ttings are: Ignore -This parameter i Indicates that t he All setting does not apply to the Mode field. In other wo rds, each port is set individually. Auto -This parameter i Ind icates [...]

  • Page 60

    Chapter 3: Port Confi guration 60 notify the end node to stop transmitting for a specified period of time. The possible values are: Ignore - This paramete r indicates that the All setting does not apply to the Flow Control field. In other words, each port is set individually. Enabled - This parameter indica tes that the port is permitt ed to use fl[...]

  • Page 61

    61 Chapter 4 STP and RSTP This chapter provides background in formation about the Spanning Tree Protocol (STP) and the Rapid Spanning Tree Protocol (RSTP). In addition, there are procedures to configure STP and RSTP. The sectio ns in the chapter include:  “Overview” on page 62  “Basic STP and RSTP Configuration” on p age 70  “Con[...]

  • Page 62

    Chapter 4: STP and RSTP 62 Overview The performance of a Ethernet network can be negatively impacted by the formation of a data loop in the network topolog y. A data loop exists when two or more nodes on a network can tran smit data to each other over more than one data path. The pro blem that data loops pose is that data packets can become caught [...]

  • Page 63

    AT-GS950/10PS Switch Web Interface Use r’s Guide 63 Bridge Priority and the Root Bridge The first task that bridges perform wh en a spanning tree protocol is activated on a network is the selection of a root bridge . A root bridge distributes network topol ogy information to the other network brid ges and is used by the other bridges to dete rmin[...]

  • Page 64

    Chapter 4: STP and RSTP 64 Path Costs and Port Costs After the root bridge has been selected, t he bridges determine if the network contains redundant paths and, if one is found, select a preferred path while placing the redundant paths in a backup or blocking state. Where there is only one path between a bridge an d the root bridge, the bridge is [...]

  • Page 65

    AT-GS950/10PS Switch Web Interface Use r’s Guide 65 . Forwarding Delay and Topology Changes If there is a change in the networ k topology due to a failure, removal, or addition of any active components, th e active topology also changes. T his may trigger a change in the state of some blocked p orts. However, a change in a port state is not activ[...]

  • Page 66

    Chapter 4: STP and RSTP 66 The forwarding delay value is a djustable in the AT-S110 Management software. The appropriate value for this parame ter depends on a number of variables; the size of your network is a primary factor. For large networks, you should specify a value large enough to allow the root b ridge sufficient time to propagate a topol [...]

  • Page 67

    AT-GS950/10PS Switch Web Interface Use r’s Guide 67 Figure 17. Point-to-Point Ports A port operates as an edge port when it is connected to a network terminal device such as a workstation or a server. An edge port on a bridge should not have any STP or RSTP devices co nnected to it either direct ly or through another device connected to that port[...]

  • Page 68

    Chapter 4: STP and RSTP 68 Spanning Tree and VLANs The spanning tree implementation in the AT-S1 10 Management software can be a single-instance spanning tree as d escribed in this chapter. If you choose to define multiple spanning tre es on this switch, go to Chapter 5, “Multiple Spanning Tree Protocol” on page 79. The single spanning tree enc[...]

  • Page 69

    AT-GS950/10PS Switch Web Interface Use r’s Guide 69 Figure 20. STP and VLAN Compatibility with Tagged Ports Note For information about tagged and untagged ports, refer to Chapter 13, “VLAN Overview” on pag e 150. Ports blocked by STP Blocked Data Links T T T T T T VLAN 1-3 VLAN 1-3 VLAN 1-3 VLAN 1-3 VLAN 1-3 VLAN 1-3[...]

  • Page 70

    Chapter 4: STP and RSTP 70 Basic STP and RSTP Configuration To configure the basic STP and RSTP settings, perform the following procedure: 1. From the main menu on the left side of the page, select Bridge . The Bridge folder expands. 2. From the Bridge folder, select the Spanning Tree folder. The Spanning Tree folder expa nds. 3. From the Spanning [...]

  • Page 71

    AT-GS950/10PS Switch Web Interface Use r’s Guide 71 The RSTP Configuration p age allows you to configure basic STP (STP-Compatible) or RSTP protocols as we ll as to view current settings of the feature.  In the upper portion of the page, you ca n set the following parameters: Global RSTP Status - Set this field to activate or de-activate the R[...]

  • Page 72

    Chapter 4: STP and RSTP 72  The following parameters refer to the designate d root bridge. You cannot change these fields. Designated Root - This paramet er includes two fields: the root bridge priority and the MAC add ress of the root bridge. For example, 1000 00C08F1211BB shows the root bridge priority as 1000, and 00C08F1211BB a s the MAC add[...]

  • Page 73

    AT-GS950/10PS Switch Web Interface Use r’s Guide 73 Configure RSTP Port Settings This section contains the following topics:  “Configure the Basic RSTP Port Settings,” next  “Configure the Advanced RSTP Port Settings” on page 75 Configure the Basic RSTP Port Settings To configure the basic RSTP port settings, pe rform the following [...]

  • Page 74

    Chapter 4: STP and RSTP 74 sent or received on a the port except for BPDU data. A po rt with a higher path cost to the root bridge than an other on the switch will cause a switching loop and is placed in the blocking state by the Spanning Tree algorithm. The port’s st ate may change to the forwarding state if the other links in use fail and the S[...]

  • Page 75

    AT-GS950/10PS Switch Web Interface Use r’s Guide 75 Enable - The spanning tree protocol (both RSTP or STP- Compatible) is enabled on the po rt. Disabled - The spanning tree proto col (both RSTP or STP- Compatible) is disabled on th e port. Priority - Indicates the port priority. See “Port Priority” on p age 64 for more information. Path Cost [...]

  • Page 76

    Chapter 4: STP and RSTP 76 This page displays the follo wing information about the port s: Port - Indicates ports 1 through 10 on the AT-GS950/10PS switch. You can select the All ro w to apply the same setting to all ports of your switch for the AdminOperEdge , Admin/Ope rPtoP , and Migration fields. Trunk - Indicates th e trunk assignment of a por[...]

  • Page 77

    AT-GS950/10PS Switch Web Interface Use r’s Guide 77 this port receives root path cost information that is g reater than the root port's path cost and less than any other port's received information, then this port becomes the designate d port. Backup - Any operation al Bridge Port that is not a Root or Designated Port is a Backup Port i[...]

  • Page 78

    Chapter 4: STP and RSTP 78 Spanning Tree Topology To view the current spanning tree topolo gy, perform the following procedure: 1. From the main menu on the left side of the page, select Bridge . This folder expands. 2. From the Bridge folder, select the Spanning Tree folder. 3. From the Spanning Tree folder, select Topology In fo . The AT-GS950/10[...]

  • Page 79

    79 Chapter 5 Multiple Spanning T r ee Pr otocol This chapter provides the procedures for co nfiguring Multiple Spanning Tree Protocol (MSTP). You can find an overview and configuration guidelines for this feature in “MSTP Overview” on page 349 . When you configure MSTP, th e information should be entered in ord er on the following web pages: ?[...]

  • Page 80

    Chapter 5: Multiple Spanning Tree Protocol 80 Multiple Spanning Tree Configuration To configure the MSTP setting s, perform the following procedure: 1. From the main menu on the left side of the page, select Bridge . The Bridge folder expands. 2. From the Bridge folder, select the Spanning Tree folder. The Spanning Tree folder expa nds. 3. From the[...]

  • Page 81

    AT-GS950/10PS Switch Web Interface Use r’s Guide 81 following parameters: Global MSTP Status - Set this field to Enable or Disable the MSTP feature on the switch. The Global MSTP Statu s must be set to Enable before the other MSTP con figuration parameters can be set. Note Both RSTP and BPDU Passthrough must be disabled b efore you enable MSTP. C[...]

  • Page 82

    Chapter 5: Multiple Spanning Tree Protocol 82 Forward Delay - The Forward Delay defines the time that the bridge spends in the listening an d learning states. Its range is 4 - 30 seconds. Maximum Hop Count - The Maximum Hop Count is a parameter set in a BPDU packet when it originates. It is decremented b y 1 each time it is retransmitted by the nex[...]

  • Page 83

    AT-GS950/10PS Switch Web Interface Use r’s Guide 83 Port Configuration To configure the MSTP parameters for each of t he ports, perform the following procedure: 1. From the main menu on the left side of t he page, select Bridge . The Bridge folder expands. 2. From the Bridge folder, select the Spanning Tree folder. The Spanning Tree folder expand[...]

  • Page 84

    Chapter 5: Multiple Spanning Tree Protocol 84 ForcedTrue - The port is connected to a networ k device in the network t opology . ForcedFalse - The port is not connected to a network device in the network topology. Auto - The switch will automatically determine the port type. Edge Port - Indicates if a port is connected to an edge device in the netw[...]

  • Page 85

    AT-GS950/10PS Switch Web Interface Use r’s Guide 85 Restricted TCN - The Restricted TCN parameter does not allow Topology Change Notification (TCN) BPDUs to be processed on the port. True - The port cannot process receive/transmit TCN BPDUs. False - The port can process receive /transmit TCN BPDU packets. 5. Once you have configured the pa ramete[...]

  • Page 86

    Chapter 5: Multiple Spanning Tree Protocol 86 VLAN Mapping You can create, modify and dele te MSTP settings with the procedures in the following sections:  ”Open MSTP VLAN Mapping Page”  ”Create VLAN Mapping to MST Instance”.  “Modify MST Instance” on page 87.  “Delete MST Instance” on page 87. Open MSTP VLAN Mapping Pag[...]

  • Page 87

    AT-GS950/10PS Switch Web Interface Use r’s Guide 87 5. From the main menu on the left side of t he page, select Save Configuration to Flash to perman ently save your changes. Modify MST Instance If you wish to modify a MST Instance, you must first delete the instance and then redefine it. Refer to “Crea te VLAN Mapping to MST Instance” on pag[...]

  • Page 88

    Chapter 5: Multiple Spanning Tree Protocol 88 Port Settings To configure the MSTP port settings, perform the following procedure: 1. From the main menu on the left side of the page, select Bridge . The Bridge folder expands. 2. From the Bridge folder, select the Spanning Tree folder. The Spanning Tree folder expa nds. 3. From the Spanning Tree fold[...]

  • Page 89

    AT-GS950/10PS Switch Web Interface Use r’s Guide 89 6. If you choose to change the MSTP port settings for other ports, repeat steps 4 and 5. 7. From the main menu on the left side of t he page, select Save Configuration to Flash to perman ently save your changes.[...]

  • Page 90

    Chapter 5: Multiple Spanning Tree Protocol 90 Topology Information To configure the MSTP port settings, perform the following procedure: 1. From the main menu on the left side of the page, select Bridge . The Bridge folder expands. 2. From the Bridge folder, select the Spanning Tree folder. The Spanning Tree folder expa nds. 3. From the Spanning Tr[...]

  • Page 91

    AT-GS950/10PS Switch Web Interface Use r’s Guide 91 Regional Root - The root bridge of the MST instance. Regional Root Priority - The priority of the re gional root port. Regional Path Cost - The path cost from the regional root port to the regional root bridge. Type - This specifies the regional port typ e which can be either a point-to-point or[...]

  • Page 92

    Chapter 5: Multiple Spanning Tree Protocol 92[...]

  • Page 93

    93 Chapter 6 S tatic Port T runking This chapter contains a description of port trunkin g and the procedures for creating, modifying, and deleting a static por t trunk. The following topics are discussed:  “Overview” on page 94  “Create a Port Trunk” on page 97  “Modify a Port Trunk” on page 99  “Disable a Port Trunk” on[...]

  • Page 94

    Chapter 6: St atic Port Trunking 94 Overview A port trunk is an economical wa y for you to increase the bandwid th between the Ethernet switch and another ne tworking device, such as a network server, router, workstation, or another Ethernet switch. A port trunk is a group of ports that have been grouped together to function as one logical path. A [...]

  • Page 95

    AT-GS950/10PS Switch Web Interface Use r’s Guide 95 Network equipment vendors tend to employ different techniques to implement static trunks. Consequen tly, a static trunk on one device may be incompatible with the same fe ature on a device from a different manufacturer. For this reason static trunks are typically employed o nly between devices f[...]

  • Page 96

    Chapter 6: St atic Port Trunking 96  A port can belong to only one static t runk at a time.  The ports of a static trunk can be co nfigured to be members of more than one VLAN.  The ports of a static trunk can be either un tagged or untagged members of the same VLAN. The switch selects a port in the trunk to handle broadcast packets and pa[...]

  • Page 97

    AT-GS950/10PS Switch Web Interface Use r’s Guide 97 Create a Port Trunk This procedure explains how to create a static p ort trunk. Caution Do not connect the cables of a port trunk to the ports on the switch until you have configured the ports on both the switch and the end nodes. Connecting the ca bles prior to configuring the po rts can create[...]

  • Page 98

    Chapter 6: St atic Port Trunking 98 A check in a box indicates the port is a member of the trunk. No check means the port is not a member . A port trunk can contain up to eight ports. 5. Change the Trunk Status from Disab le to another setting. The choice in the status field are the following: Active - The specif ic aggregator will broadcast and re[...]

  • Page 99

    AT-GS950/10PS Switch Web Interface Use r’s Guide 99 Modify a Port Trunk This procedure explains how to change the status of a p ort trunk and add or remove ports from a port trunk. Caution Before you disable or modify a port trunk, disconnect all of the cables from the ports of the trunk. Leaving th e cables connected during the reconfiguration o[...]

  • Page 100

    Chapter 6: St atic Port Trunking 100 9. Configure the port trunk on the other switch with the same parameters. 10. Connect the Ethernet cable s between trunk ports on the AT-GS950/ 10PS switch and the trunk ports on the other switch.[...]

  • Page 101

    AT-GS950/10PS Switch Web Interface Use r’s Guide 101 Disable a Port Trunk This procedure explains how to disable a port trunk. Caution Before you disable or modify a port trunk, disconnect all of the cables from the ports of the trunk. Leaving th e cables connected during the reconfiguration of a trunk can create loops in your network topology. L[...]

  • Page 102

    Chapter 6: St atic Port Trunking 102[...]

  • Page 103

    AT-GS950/10PS Switch Web Interface Use r’s Guide 103 Chapter 7 LACP Port T runks This chapter contains ov erview information about LACP port tru nks and the procedures for setting this feature. This chapt er contains the following sections:  “Overview” on page 104  “System Priority” on page 105  “Port Priority Value” on page [...]

  • Page 104

    Chapter 7: LACP Port Trunks 104 Overview LACP (Link Aggregation Control Protocol) port t runks perform the same function as static trunks. They increase the bandwidth between network devices by distributing the traffic load over multiple physical links. Th e advantage of an LACP trunk over a static port trunk is its flexibility. While implementatio[...]

  • Page 105

    AT-GS950/10PS Switch Web Interface Use r’s Guide 105 System Priority It is possible for two devices interconnected by an aggregate trunk to encounter a conflict when they form the trunk. For example, the two devices might not support the same number of active ports in an aggregate trunk or might not agree on which p orts are active and which are [...]

  • Page 106

    Chapter 7: LACP Port Trunks 106 Port Priority Value The switch uses a port’s LACP priority to determine which ports are active and which are in the standby mode in situations where the number of ports in the aggregate trunk exce eds the highest allowed number of active ports. This parameter is a value in a range of 1 to 255, based on the port num[...]

  • Page 107

    AT-GS950/10PS Switch Web Interface Use r’s Guide 107 General Guidelines The following guidelines apply wh en creating aggregators:  LACP must be activated on both the AT-GS950/10PS switch and its partner device.  The other device must be 802.3ad-comp liant.  The AT-S110 Management software sup ports up to eight active ports in an aggrega[...]

  • Page 108

    Chapter 7: LACP Port Trunks 108 unknown destination.  Prior to creating an aggregate trunk b etween an Allied Telesis device and another vendor’s device, refer to the vendor’s documentation to determine the maximum number of active ports the device can support in a trunk. If the number is less than e ight, the maximum number for the AT-GS950[...]

  • Page 109

    AT-GS950/10PS Switch Web Interface Use r’s Guide 109 Group Status To display the LACP Group Status, perform the fo llowing procedure: 1. Select the Bridge folder. The Bridge folder expands. 2. From the Bridge folder , select the Trunk Config folder. The Trunk Config folder expa nds. 3. From the Trunk Config folder , select LACP Group Status . The[...]

  • Page 110

    Chapter 7: LACP Port Trunks 110 The System Priority is a preassigned value that you cannot alter . This value applies to the switch. Se e “System Priority” on pag e 105. The System ID is a MAC address value assigned to the individual switch. Y ou cannot change this value. Group 1 to 8 indicates the ID number of t he trunk (aggregation group). C[...]

  • Page 111

    AT-GS950/10PS Switch Web Interface Use r’s Guide 111 Figure 34. LACP Group Status Page with Thre e Cables Connected Y ou can now see that each port has been grouped under a single aggregator since the port s are now in a Link-Up status.[...]

  • Page 112

    Chapter 7: LACP Port Trunks 112 Port Priority Configuration To select a priority for an LACP port, perform the following procedure: 1. Select the Bridge folder. The Bridge folder expands. 2. From the Bridge folder , select the Trunk Config folder. The Trunk Config folder expands. 3. From the Trunk Config folder , select Port Priority . The AT-GS950[...]

  • Page 113

    113 Chapter 8 Port Mirr oring This chapter describes the Port Mirroring feature and the procedure for setting up port mirroring. Port mirroring allows yo u to unobtrusively monitor the ingress and egress traffic on a port by having the traffic copied to another port. This chapter cont ains the fo llowing sections:  “Overview” on page 114 [...]

  • Page 114

    Chapter 8: Po rt Mirroring 114 Overview The port mirroring feature allows you to unobtru sively monitor the traffic received and transmitted on one or more po rts by copying the traffic to another switch port. You can connect a data analyzer to the port where the traffic is copied and monitor the traffic on the other ports without impacting network[...]

  • Page 115

    AT-GS950/10PS Switch Web Interface Use r’s Guide 115 Port Mirroring Configuration To configure Port Mirroring, perform the following p rocedure: 1. Select the Bridge folder . The Bridge folder expands. 2. From the Bridge folder , select Mirroring . The Mirroring Page is displayed. See Figure 36 . Figure 36. AT-GS950/10PS Mirroring Page 3. Click t[...]

  • Page 116

    Chapter 8: Po rt Mirroring 116 7. From the main menu on the left side of the page, select Save Configuration to Flash to permanent ly save your changes.[...]

  • Page 117

    AT-GS950/10PS Switch Web Interface Use r’s Guide 117 Disable Port Mirroring To disable Port Mirroring , perform the following procedure: 1. Select the Bridge folder . The Bridge folder expands. 2. From the Bridge folder , select Mirroring . The Mirroring page is shown in Figure 36 on pag e 115. 3. From the Status field, select Disab le and click [...]

  • Page 118

    Chapter 8: Po rt Mirroring 118[...]

  • Page 119

    119 Chapter 9 Loopback Pr otection This chapter explains how to configure the Loopback Protection feature for specific ports on the AT-GS950/10PS switch. If th e Tx and Rx pairs on the same port are connected, then this feature detects this condition and disables the port for a pre-configure d amount of time. This chapter contains the following to [...]

  • Page 120

    Chapter 9: Loopbac k Protection 120 Configuration To configure the Loopback De tection feature, perform the following procedure: 1. From the main menu on the left side of the page, select Bridge . The Bridge folder exp ands. 2. From the Bridge folder, select Loopback Detection . A partial view of the AT-GS950/10PS Lo opback Detection Page is displa[...]

  • Page 121

    AT-GS950/10PS Switch Web Interface Use r’s Guide 121 4. Under the Loopback Detection Global Settings , configure the following parameters: Interval: This parameter sets the interval of time that the ports are tested. The range is 1 to 32767 seconds. Recover Time: This parameter sets the amount o f time that the port will take to recover once the [...]

  • Page 122

    Chapter 9: Loopbac k Protection 122 Status The status of the Loopback Detection is given in t he Loop Status column of the table at the bottom of the Loop back Detection page. See Fig ure 37 on page 120. The status is one of the follo wing states: Normal: This status indicates that the port does not have the Tx to Rx pairs connected . Disabled: Thi[...]

  • Page 123

    123 Chapter 10 MAC Addr ess T able This chapter provides a description of the static multicast MAC address feature and the procedure for configuring it. This chapter includes the following sections:  “Overview” on page 124  “Static Unicast MAC Address Configuration” on pag e 126  “Static Multicast Address Configuration” on page[...]

  • Page 124

    Chapter 10: MAC Address Table 124 Overview The AT-GS950/10PS switch has a MAC address table with a st orage capacity of up to 8,000 entries. The table stores the MAC addresses of the network nodes connected to its ports and the port number where each address is learned. There are two types of MAC addresses, dyn amic and static. Dynamic MAC addresse[...]

  • Page 125

    AT-GS950/10PS Switch Web Interface Use r’s Guide 125 predefined ports entered in the MAC table withou t any configuration delays or loss of data.[...]

  • Page 126

    Chapter 10: MAC Address Table 126 Static Unicast MAC Address Configuration This procedure explains how to set t he static multicast f eature for each port on the AT-GS950/10PS switch. Before beginning this procedure, you must create either an 802.1Q VLAN ID or a Port-Based VLAN Index. For information about defining these parameters, see:  “Tag[...]

  • Page 127

    AT-GS950/10PS Switch Web Interface Use r’s Guide 127 Note An error message is generated when you enter a VLAN ID or VLAN Index which is not been defined or when you enter a VLAN ID or VLAN Index without also clicking on the respective radio button. 4. In the Group MAC Address field, enter a unicast MAC address. 5. Assign the MAC address a Port M [...]

  • Page 128

    Chapter 10: MAC Address Table 128 Modify Static Unicast Address To modify the port assignment of a unicast MAC address in the MAC address table, perform the following pro cedure: 1. From the main menu on the left side of the page, select the Bridge folder. 2. From the Bridge folder, select Static Unicast . The Static Unicast Address Table Page is d[...]

  • Page 129

    AT-GS950/10PS Switch Web Interface Use r’s Guide 129 Delete Static Unicast Address To delete a unicast MAC address from the MAC addre ss table, perform the following procedure: 1. From the main menu on the left side of t he page, select the Bridge folder. 2. From the Bridge folder, select Static Unicast . The Static Unicast Address Table Page is [...]

  • Page 130

    Chapter 10: MAC Address Table 130 Static Multicast Address Configuration This procedure explains how to set t he static multicast f eature for each port on the AT-GS950/10PS switch. Before beginning this procedure, you must create an 802.1Q VLAN ID or a Port-Based VLAN Index . For information about defining these parameters, see:  “Tagged VLAN[...]

  • Page 131

    AT-GS950/10PS Switch Web Interface Use r’s Guide 131 Note An error message is generated when you enter a VLAN ID or VLAN Index which is not been defined or when you enter a VLAN ID or VLAN Index without also clicking on the respective radio button. 4. In the Group MAC Address field, enter a multicast MAC address. The range is from 01:00:5E:0 0:01[...]

  • Page 132

    Chapter 10: MAC Address Table 132 7. From the main menu on the left side of the page, select Save Configuration to Flash to permanent ly save your changes.[...]

  • Page 133

    AT-GS950/10PS Switch Web Interface Use r’s Guide 133 Modify Static Multicast Address To modify the port assignment of a mu lticast MAC address in the MAC address table, perform the following procedure: 1. From the main menu on the left side of t he page, select the Bridge folder. 2. From the Bridge folder, select Static Multicast . The Static Mul[...]

  • Page 134

    Chapter 10: MAC Address Table 134 Delete Static Multicast Address To delete a multicast MAC address from the MAC address table, perform the following procedure: 1. From the main menu on the left side of the page, select the Bri dge folder. 1. From the Bridge folder, select Static Multicast . The Static Multicast Address Table Page is displayed . Se[...]

  • Page 135

    135 Chapter 11 IGMP Snooping This chapter contains a description of th e IGMP Snooping procedure as well as procedures for working with IGMP Snooping in the web int erface. The following topics are discussed:  “Overview” on page 136  “IGMP Snooping Configuration ” on page 138 Note To permanently save your new settings or any changes t[...]

  • Page 136

    Chapter 11: IGMP Snoopin g 136 Overview IGMP enables IPv4 routers to create lists of no des that are members of multicast groups. (A group of end nodes that receive multicast packets from a multicast application is defined as a multicast group.) The router creates a multicast membership list b y periodically sending out queries to the local area ne[...]

  • Page 137

    AT-GS950/10PS Switch Web Interface Use r’s Guide 137 Without IGMP snooping, a switch floods multicast packets from all of its ports, except the port on which it received the packet. Su ch flooding of packets can negatively im pact network performance. The AT-GS950/10PS switch maintains a list of mu lticast groups through an adjustable time out va[...]

  • Page 138

    Chapter 11: IGMP Snoopin g 138 IGMP Snooping Configuration This procedure explains how to set IGMP snoo ping and IGMP Snooping Querier on the switch and set the IGMP Snooping (V1) a ge-out timer. To configure IGMP snooping, perform t he following procedure: 1. From the main menu on the left side of the page, select the Bridge folder. The Bridge fol[...]

  • Page 139

    AT-GS950/10PS Switch Web Interface Use r’s Guide 139 9. The IGMP Snooping Page is updated with active Multicast Group address. See Figure 45. Note The Multicast Group Address table conta ins MAC addresses of nodes that are active members o f multicast groups. To set a static Multicast Group Address, see “Static Multicast Address Configuration?[...]

  • Page 140

    Chapter 11: IGMP Snoopin g 140[...]

  • Page 141

    141 Chapter 12 S torm Contr ol This chapter contains a description and configuration proced ures for the Storm Control (bandwidth) feature. The following topics are discussed:  “Overview” on page 142  “Configuration” on page 144  “Ingress Rate Limiting” on page 146  “Egress Rate Limiting” on page 148 Note To permanently [...]

  • Page 142

    Chapter 12: Storm Co ntrol 142 Overview The features available in the AT-S110 Ma nagement Software allow you to limit Ethernet traffic within you r switch based on specific criteria. You can use Storm Control to limit the bandwi dth o f various types of Ethernet packets. With Ingress and Egress Rate Limiting, yo u can limit the traffic volume at th[...]

  • Page 143

    AT-GS950/10PS Switch Web Interface Use r’s Guide 143 Ingress Rate Limiting The Ingress Rate Limiting feature rest ricts the traffic to a pre-configured data rate that can flow into a port. This dat a rate limit can be configured in 64 Kbps increments within a ra nge from 64 Kbps to 1000 Mbps. The formula for calculating the band width limit is as[...]

  • Page 144

    Chapter 12: Storm Co ntrol 144 Configuration This procedure explains how to se t DLF, broadcast, mu lticast, and threshold levels for each port on the AT-GS950/10PS switch. To change the settings of the storm contro l feature, perform the following procedure: 1. From the main menu on the left side of the page, select the Bri dge folder. 2. From the[...]

  • Page 145

    AT-GS950/10PS Switch Web Interface Use r’s Guide 145 Note For more information, see the Broadc ast setting definition in“Overview” on page 142. 7. Click Apply . 8. To enable or disable ingress and egress Multicast packets, se lect Enable or Disable from the Multicast pull-down menu next to the port that you want to change. You can select the [...]

  • Page 146

    Chapter 12: Storm Co ntrol 146 Ingress Rate Limiting This procedure explains how to set Bandwidth levels and Status for Ingress Rate Limiting on each port of t he AT-GS950/10PS switch. To change the settings of the in gress rate limiting feature, perform t he following procedure: 1. From the main menu on the left side of the page, select the Bri dg[...]

  • Page 147

    AT-GS950/10PS Switch Web Interface Use r’s Guide 147 7. From the main menu on the left side of t he page, select Save Configuration to Flash to perman ently save your changes.[...]

  • Page 148

    Chapter 12: Storm Co ntrol 148 Egress Rate Limiting This procedure explains how to set Bandwidth levels and Status for Egress Rate Limiting on each port of the AT-GS950/10PS switch. To change the settings of the egr ess rate limiting feature, perform the following procedure: 1. From the main menu on the left side of the page, select the Bri dge fol[...]

  • Page 149

    149 Chapter 13 V irtual LANs This chapter contains a description of Virtual L ocal Area Networks (VLANs) and the procedures for creating, modifying , and deleting both port-based and tagged VLANs. This chapte r contains the following sections:  “VLAN Overview” on page 150  “Assign Ports to a VLAN Mode” on page 1 55  “Tagged VLAN [...]

  • Page 150

    Chapter 13: Virtual LANs 150 VLAN Overview A virtual LAN or VL AN is a group of ports on an Ethernet switch tha t form a logical Ethernet segmen t via the AT-S110 Management software. The ports of a VLAN form an independent traffic domain where th e traffic generated by the nodes of a VLAN remains within th e VLAN. With VLANs, you can segment your [...]

  • Page 151

    AT-GS950/10PS Switch Web Interface Use r’s Guide 151 With VLANS, you can reconfigure the LAN segment assignment of an end node connected to the A T -GS950/10PS switch’s management software. Also, you can change the VLAN membership s without moving the workst ations physicall y or change group membership s without moving cables from one port to [...]

  • Page 152

    Chapter 13: Virtual LANs 152 Each port of a port-based VL AN can belong to as many VLANs as needed. Therefore, traffic can be forwarded to the members of the groups to which the po rt is assigned. For example, port 1 and p ort 2 are members of group 1 and ports 1 and 3 are members of grou p 2. In this case, traffic from port 1 is forwarded to ports[...]

  • Page 153

    AT-GS950/10PS Switch Web Interface Use r’s Guide 153 VLAN Index You must assign a u nique number to e ach tagged VLAN in a n etwork. This number is called the tagged VLAN ID. Th is number uniquely identifies a tagged VLAN in the AT-GS950/10PS switch and across the network. VLAN Name To create a tagged VLAN, you must give it a unique name. This na[...]

  • Page 154

    Chapter 13: Virtual LANs 154 associates a received untagged packet to the VLAN ID that matches the PVID assigned to the port and the p ack et is only forwarded to those ports that are members. General Rules for Creating a Tagged VLAN Here is a summary of the rules to observe when you create a tagged VLAN:  Assign a unique name to each tagged VLA[...]

  • Page 155

    AT-GS950/10PS Switch Web Interface Use r’s Guide 155 Assign Ports to a VLAN Mode The procedure described in this sect ion allows you to assign ports to tagged or a port-based VLAN. In addition, it permits you to display the current VLAN assignment of ports. However, you can assign ports to a port-based VLAN only af ter you have created a port-bas[...]

  • Page 156

    Chapter 13: Virtual LANs 156 6. If you want to restore the port assig nment before saving the configuration, click Restore . Note Once the VLAN assignment has be en saved by clicking first on the Apply button and then saving the configuration, the Restore button will not be active for those port assignments. 7. From the main menu on the left side o[...]

  • Page 157

    AT-GS950/10PS Switch Web Interface Use r’s Guide 157 Tagged VLAN Configuration On a port, the tag information within a frame is examined when it is received to determine if the frame is qualifie d as a member of a specific tagged VLAN. If it is, it is eligible to be switched to other member port s of the same VLAN. If it is determined that the fr[...]

  • Page 158

    Chapter 13: Virtual LANs 158 4. To assign a VLAN ID, type a VLAN ID in the VLAN ID field. The range for this field is 2 to 4,000. You can create a maximum of 255 tagged VLANs. 5. To assign a name to the VLAN, type a uniqu e name in the VLAN Name field. Enter a value of up to 32 chara cters. For more information about this field, refer to “VLAN Na[...]

  • Page 159

    AT-GS950/10PS Switch Web Interface Use r’s Guide 159 2. From the Bridge folder, select VLAN . The VLAN folder expan ds. 3. From the VLAN fo lder, select Tagged VLAN . An example of a tagged VLAN (Index 2, Sa les VLAN) is shown in the table at the bottom of Fig ure 51 on page 159. Figure 51. Example of AT-GS950 /10PS Tagged VLAN Page 4. In the VLA[...]

  • Page 160

    Chapter 13: Virtual LANs 160 5. You cannot modify the VLAN ID on this web page. If you wa nt to delete the VLAN ID, go to “Delete a Tagged VLAN” on page 160 fo r more information. 6. To change the VLAN Name, type a new VLAN Name in t he VLAN Name field. For more information about this field, refer to “VLAN Name” on page 151. 7. To change th[...]

  • Page 161

    AT-GS950/10PS Switch Web Interface Use r’s Guide 161 3. From the VLAN fo lder, select Tagged VLAN . An example of the Tagged VLAN Page is sho wn in Figure 52 on page 159. 4. In the VLAN Action column, select Delete next to the VLAN that yo u want to delete. A confirmation prompt is displayed. 5. Click OK to delete the VLAN or Cancel to cancel the[...]

  • Page 162

    Chapter 13: Virtual LANs 162 Tagged VLAN Port Settings To configure a VLAN port that is a member of a Tagge d VLAN, perform the following procedure: 1. From the main menu on the left side of the page, select Bridge . The Bridge folder expands. 2. From the Bridge folder, select VLAN . The VLAN folder expands. From the VLAN folder, select Port Settin[...]

  • Page 163

    AT-GS950/10PS Switch Web Interface Use r’s Guide 163 Disable - This disables Ingress Filtering at the selected p ort. 6. Click Apply . The port configuration becomes effective. 7. If you need to configure other ports of the switch for the VLAN Por t Settings, repeat steps 4 through 7. 8. From the main menu on the left side of t he page, select Sa[...]

  • Page 164

    Chapter 13: Virtual LANs 164 Port-Based VLAN Configuration A port-based VLAN is a group of ports on the switch tha t form a logical Ethernet segment. This type of VLAN is ind ependent of the header information including VLAN ta gs in a frame. You can create and delete Port-Based VLANs by following the procedures in the following sections:  “Cr[...]

  • Page 165

    AT-GS950/10PS Switch Web Interface Use r’s Guide 165 6. To assign ports to the VLAN, click on the p ort numbers labeled Group Member. 7. Click Apply . 8. From the main menu on the left side of t he page, select Save Configuration to Flash to perman ently save your changes. Modify a Port- Based VLAN To modify the name or port assignmen ts of a por[...]

  • Page 166

    Chapter 13: Virtual LANs 166 3. From the VLAN folder, select Port-Based VLAN . The Port-Based VLAN Page is shown in Figure 54 on page 164 . 4. In the VLAN Action column, click Delete ne xt to the VLAN that you want to delete. A confirmation prompt is displayed. 5. Click OK to delete the VLAN or Cancel to cancel the d eletion. Note You cannot delete[...]

  • Page 167

    167 Chapter 14 GVRP This chapter contains the following sections:  “Overview and Guidelines” on page 168  “General Configuration” on page 169  “Port Settings” on page 170  “Time Settings” on page 172[...]

  • Page 168

    Chapter 14: GVRP 168 Overview and Guidelines The GARP VLAN Registration Protocol (GVRP) allows network devices to share VLAN information and to use the information to modif y existing VLANs or create new VLANs, automatically. This makes it easie r to manage VLANs that span more than one switch. Without GVRP, you have to manually configure your swit[...]

  • Page 169

    AT-GS950/10PS Switch Web Interface Use r’s Guide 169 General Configuration Perform the following procedure to enable or disab le GVRP: 1. From the main menu on the left side of t he page, select Bridge . The Bridge folder expands. 2. From the Bridge folder, select GVRP . The GVRP folder expands. 3. From the GVRP folder, select GVRP Gl obal Config[...]

  • Page 170

    Chapter 14: GVRP 170 Port Settings Perform the following procedure to co nfigure the GVRP port settings: 1. From the main menu on the left side of the page, select Bridge . The Bridge folder expands. 2. From the Bridge folder, select GVRP . The GVRP folder expands. 3. From the GVRP folder, select Port Setting . A partial view of the AT-GS950/10PS P[...]

  • Page 171

    AT-GS950/10PS Switch Web Interface Use r’s Guide 171 port row selected. Disable - The Restricted VLAN Reg istration is de-active for the port row selected. 5. Once you have configured the parameters, click Apply for the affected port. 6. If you want to configure GVRP for other p orts, repeat steps 4 and 5. 7. From the main menu on the left side o[...]

  • Page 172

    Chapter 14: GVRP 172 Time Settings Perform the following procedure to co nfigure the GVRP port settings: 1. From the main menu on the left side of the page, select Bridge . The Bridge folder expands. 2. From the Bridge folder, select GVRP . The GVRP folder expands. 3. From the GVRP folder, select Time Setting . A partial view of the AT-GS950 /10PS [...]

  • Page 173

    AT-GS950/10PS Switch Web Interface Use r’s Guide 173 GarpLeaveAllTime - This parameter is the GARP Leave Timer.Its range si 30 - 2147483630 milli-seconds. This timer must be set in relation to the GVRP Leave Timer according to the following equation: GARPLeaveAllTimer > (GARPLeaveTimer + 10) Note To ensure compatibility between network devices[...]

  • Page 174

    Chapter 14: GVRP 174[...]

  • Page 175

    175 Chapter 15 Quality of Service and Cost of Service This chapter provides descriptions of both the Quality of Service (QoS) and Cost of Service (CoS) features. The following to pics are covered:  “Overview” on page 176  “Associate Ports to CoS Priorities” on page 182  “Associate DSCP Classes to Egress Queues” on page 183  [...]

  • Page 176

    Chapter 15: Quali ty of Service and Cost of Service 176 Overview When a port on an Ethernet switch beco mes oversubscribed, its egress queues contain more packets than the po rt can handle in a timely manner. In this situation, the port may be forced to delay the transmission of some packets, resulting in the delay of pac kets reaching their destin[...]

  • Page 177

    AT-GS950/10PS Switch Web Interface Use r’s Guide 177 Egress Queue vs Packet Priority Mapping Each port has four egress queues, labeled Q0, Q1, Q2 , and Q3. Q0 is the lowest priority queue and Q3 is the highest. A packet in a high priority egress queue is typically transmitted s ooner than a packet in a low p riority queue.Table 3 lists the defa u[...]

  • Page 178

    Chapter 15: Quali ty of Service and Cost of Service 178 The procedure for changing the default mappings is found in “Associate Ports to CoS Priorities” on page 182. Note that because all ports must use the same priority-to-egress queue m appings, these mappings are applied at the switch level. They cannot be set o n a per-port basis. One last t[...]

  • Page 179

    AT-GS950/10PS Switch Web Interface Use r’s Guide 179 The problem with this meth od is that some low priority packets might never be transmitted from the switch because the algorithm migh t never have time to process the packets waiting in the lower p riority queues. Weighted Round Robin Priority Scheduling The weighted round robin (WRR) sche duli[...]

  • Page 180

    Chapter 15: Quali ty of Service and Cost of Service 180 Mapping CoS Priorities to Egress Queues Before mapping the CoS priorities and the egress queues, you must disable the Jumbo frame parameter on ea ch port. See the Jumbo parameter definition in “Displaying and Con figuring Ports” on page 57. Note When Jumbo frames are enabled, COS can not b[...]

  • Page 181

    AT-GS950/10PS Switch Web Interface Use r’s Guide 181 4. For each Traffic Class whose queue you want to change, click on the Queue (0, 1, 2, or 3) radio button tha t applies to your configuration. 5. After you have completed this mapping process, select Enable in the QoS Status field, 6. Click Apply . 7. From the main menu on the left side of t he[...]

  • Page 182

    Chapter 15: Quali ty of Service and Cost of Service 182 Associate Ports to CoS Priorities The Port Priority values is assigned to an untagged fra me at ingress for internal processing in the switch. This procedure explains how to change the default mappings of port priorities to the User Priority. This is set at the switch level. You cannot set thi[...]

  • Page 183

    AT-GS950/10PS Switch Web Interface Use r’s Guide 183 Associate DSCP Classe s to Egress Queues If you choose to use the DSCP tags in your Access Control policy configuration, each DSCP value (0-63) that is releva nt to your configuration needs to be mapped to one of the f our egress queues (0-3). The default queue for all DSCP values is 0 .To assi[...]

  • Page 184

    Chapter 15: Quali ty of Service and Cost of Service 184 5. After you have completed this mapping process, click Ap ply . 6. From the main menu on the left side of the page, select Save Configuration to Flash to permanent ly save your changes.[...]

  • Page 185

    AT-GS950/10PS Switch Web Interface Use r’s Guide 185 Queue Scheduling Algorithm To change the scheduling a lgorithm for the egress queues, perform the following procedure. 1. From the main menu on the left side of t he page, select Bridge . The Bridge folder expands. 2. From the Bridge folder, select QoS . The QoS folder expan ds. 3. From the QoS[...]

  • Page 186

    Chapter 15: Quali ty of Service and Cost of Service 186[...]

  • Page 187

    187 Section III Advanced Featur es This section contains t he following chapters:  Chapter 16, “SNMPv1 and v2c” on p age 189  Chapter 17, “SNMPv3” on pa ge 201  Chapter 18, “Access Control Configuration” o n page 217  Chapter 19, “RMON” on pa ge 245  Chapter 20, “V oice VLAN” o n page 257  Chapter 21, “Securi[...]

  • Page 188

    188[...]

  • Page 189

    189 Chapter 16 SNMPv1 and v2c This chapter contains a description of SNMPv1 and SNMPv2c and the procedures for configuring with these protocols. This chapter contains the following sections:  “SNMPv1 and SNMPv2c Overview” on page 190  “Trap Receiver Attributes” on page 1 91  “SNMPv1 and SNMPv2c User and Group Names” on page 193[...]

  • Page 190

    Chapter 16: SNMP v1 and v2c 190 SNMPv1 and SNMPv2c Overview You can manage a switch by viewi ng and configuring the management information base (MIB) objects on th e device with the Simple Network Management Program (SNMP). This chap ter describes how to configure SNMPv1 and SNMPv2c. A Group Name, IP address of the switch a nd at least one communit[...]

  • Page 191

    AT-GS950/10PS Switch Web Interface Use r’s Guide 191 Trap Receiver Attributes A trap is a message sent by the agent to one or more managers to indicate the occurrence of a particular event on the device. The re are numerous events that can trigger a trap. For instance, when the switch reboots or when the Spanning Tree Root Bridge c hanges. You us[...]

  • Page 192

    Chapter 16: SNMP v1 and v2c 192 Activate SNMP Interface The SNMP interface is activated b y default. If you want to de-activate it or re-activate it, go to “User Interface Configuration” on pa ge 37.[...]

  • Page 193

    AT-GS950/10PS Switch Web Interface Use r’s Guide 193 SNMPv1 and SNMPv2c Us er and Group Names SNMPv1 and SNMPv2c User Name and Group Name definitio ns is the basis for creating SNMP communities. Us e the following sections to create and delete User and Group Names:  “Create User and Group Names” on page 193  “Modify User and Group Nam[...]

  • Page 194

    Chapter 16: SNMP v1 and v2c 194 Note If you choose to use the default User a nd Group Names (ReadOnly and ReadWrite) that are already d isplayed in the table, p roceed to step 7 below. 3. Type a new User Name . Enter a name up to 3 1 characters in leng th. 4. Type a previously defined Group Name . Enter a name up to 3 1 characters in leng th. 5. Se[...]

  • Page 195

    AT-GS950/10PS Switch Web Interface Use r’s Guide 195 To create a new entry in this table, see “Creat e User and Group Names” on page 193. Delete User and Group Name s This procedure explains how to delete an entry on th e SNMP User/Group page. 1. From the main menu on the left side of t he page, select the SNMP folder. The SNMP folder expan d[...]

  • Page 196

    Chapter 16: SNMP v1 and v2c 196 SNMP Community Strings A community string has attributes fo r controlling who can use the string and what the string will allow a network management station to do on the switch. The AT-S110 Management Software does not provide any defau lt community strings. You mu st first define an SNMP User and Group Name on the S[...]

  • Page 197

    AT-GS950/10PS Switch Web Interface Use r’s Guide 197 5. Click Add . The values of the new Community Name and User Name are displayed. See Figure 66 for an example. Figure 66. SNMP Commu nity Table Page Example 6. From the main menu on the left side of t he page, select Save Configuration to Flash to perman ently save your changes. Modify SNMP Com[...]

  • Page 198

    Chapter 16: SNMP v1 and v2c 198 SNMP Traps A Host IP address is used to spec ify a management device that needs to receive SNMP traps sent by th e switch. This IP ad dress is associated with the SNMP Version and a valid Community Name in the Host table of the switch. Create Trap Host Table Entry Use the following procedure to creat e a trap Host ta[...]

  • Page 199

    AT-GS950/10PS Switch Web Interface Use r’s Guide 199 Note The Community Na me must correlate with one of the communities displayed on the SNMP Community Table pa ge. See “SNMP Community Strings” on page 196. If you enter a Community Name that has not been pre-defined, the Trap Host entry is displayed, but agent/manager communication fails. 7.[...]

  • Page 200

    Chapter 16: SNMP v1 and v2c 200 4. To delete an entry in the host table, click Delete next to the entry in the table that you want to remove. The Host table entry is removed from the table. No confirmation message is displayed. 5. From the main menu on the left side of the page, select Save Configuration to Flash to permanent ly save your changes.[...]

  • Page 201

    201 Chapter 17 SNMPv3 This chapter contains a description of SNMPv3 and the procedures for configuring this protocol. This chapter contains t he following sections:  “Overview” on page 202  “SNMPv3 User and Group Names” on page 206  “SNMPv3 View Names” on page 209  “SNMPv3 View Table” on page 212  “SNMPv3 Traps” o[...]

  • Page 202

    Chapter 17: SNMP v3 202 Overview The SNMPv3 protocol builds on the existing SNMPv1 and SNMPv2c protocol implementation wh ich is described in Chapter 16 on pag e 189. In SNMPv3, User-based Security Model (USM) authentication is implemented along with encryption , allowing you to configure a secure SNMP environment. The SNMPv3 protocol uses differen[...]

  • Page 203

    AT-GS950/10PS Switch Web Interface Use r’s Guide 203 this configuration for someone with super-user capabilities. SNMPv3 Privacy Protocol After you have configured an authentic ation protocol, you have the option of assigning a privacy protocol if yo u have the encrypted version of the AT-S110 Management software. In SNMP v3 protocol terminology,[...]

  • Page 204

    Chapter 17: SNMP v3 204 In addition, you can define a MIB view that th e user can access or a MIB view that the user cann ot access. When you want to permit a user to access a MIB view, you include a particular view. When you want to deny a user access to a MIB view, you exclude a particular view. After you specify a MIB subtree view you ha ve the [...]

  • Page 205

    AT-GS950/10PS Switch Web Interface Use r’s Guide 205 5. Finally, the traps can be defined on the Tr ap Management page based on the Community or User Name. See Figure 70 for an illustration of ho w the user configuration tables a re linked. Figure 70. SNMPv3 Table Relationships[...]

  • Page 206

    Chapter 17: SNMP v3 206 SNMPv3 User and Group Names An SNMPv3 User Name and Group Name definition is the basis for all the other SNMPv3 tables. You can create and delete View Names by following the procedures in the follo wing sections:  “Creating SNMPv3 User and Group Name s” on page 206  “Modifying SNMPv3 User and Group Names” on pa[...]

  • Page 207

    AT-GS950/10PS Switch Web Interface Use r’s Guide 207 8. Enter the password for the Auth-Protocol. 9. Select one of the following choice s for the Priv-Protocol field: DES : Specifies DES encryption scrambles the SNMP data so that outside observers are preve nted from seeing the data content. none : Specifies no encryption is applied to SNMP data [...]

  • Page 208

    Chapter 17: SNMP v3 208 folder. The SNMP folder exp ands. 2. From the SNMP folder , select SNMP User/Group . The SNMP User/Group Page is displayed. See Figure 63 on pa ge 193. 3. In the Action column of the table, click Delete for the User Name and Group Name that you want to remove. 4. From the main menu on the left side of the page, select Save C[...]

  • Page 209

    AT-GS950/10PS Switch Web Interface Use r’s Guide 209 SNMPv3 View Names The SNMPv3 View names are defined in the SNMP Group Access table and are based on the User an d Group Names.You can create and delete View Names with the following procedures:  “Creating SNMPv3 View Names” on page 209  “Modifying SNMPv3 View Names” on page 211 ?[...]

  • Page 210

    Chapter 17: SNMP v3 210 This name is an optional field. It ca n be up to 31 characters in length. 5. Enter the Write View Name . This name is an optional field. It ca n be up to 31 characters in length. 6. Enter the Notify View Name . This name is an optional field. It ca n be up to 31 characters in length. 7. From the Security Model pull-down menu[...]

  • Page 211

    AT-GS950/10PS Switch Web Interface Use r’s Guide 211 Modifying SNMPv3 View Names If you need to modify an entr y in the SNMP Group Access page, you must first delete the entry and then re-enter it. For information about how to delete an entry in this table, se e “Deleting SNMPv3 View Names” on page 211. For information about how to create a n[...]

  • Page 212

    Chapter 17: SNMP v3 212 SNMPv3 View Table The SNMPv3 View table specifies the MIB object access criteria for each View Name. If the View Name is not specified on this page, then it has access to all MIB objects. You can spec ify specific areas of the MIB that can be accessed or denied based on the entries in this table. You can create and delete en[...]

  • Page 213

    AT-GS950/10PS Switch Web Interface Use r’s Guide 213 Included: This selection allows the sp ecified MIB object to be included in the view. Excluded: This selection blocks the vie w of the specified MIB object. 7. Click the Add button. The updated view is displayed in the V iew T able. See Figure 75. Figure 75. SNMP View Table Page Example 8. From[...]

  • Page 214

    Chapter 17: SNMP v3 214 3. From the main menu on the left side of the page, select Save Configuration to Flash to permanent ly save your changes.[...]

  • Page 215

    AT-GS950/10PS Switch Web Interface Use r’s Guide 215 SNMPv3 Traps The creation, modification and deletion of traps fo r SNMPv3 is identical to the procedure for SNMPv1/v2. See “SNMP Traps” on p age 198.[...]

  • Page 216

    Chapter 17: SNMP v3 216[...]

  • Page 217

    217 Chapter 18 Access Contr ol Configuration This chapter contains a description of th e AT-GS950/10PS switch’s Access Control Configuration feature and the proced ures to create, modify, and delete a Access Control c onfiguratio n. This chapter contains the following sectio  “Overview” on page 218  “Classifier” on page 219  “P[...]

  • Page 218

    Chapter 18: Access Control Configuration 218 Overview Access Control configuration allows you to cont rol different aspects of the Ethernet traffic as it enters the switch p orts and is process through the switch. You can specify what traffic is permitted or d enied to flow through the switch by setting up specific filter criteria at an ingress por[...]

  • Page 219

    AT-GS950/10PS Switch Web Interface Use r’s Guide 219 Classifier The Create Classifier page allows yo u to specify p acket settings for filtering Ethernet traf fic. You can create, modify or delete a Cl assifie r by following the procedures in the following sections:  “Creating a Classifier,” next  “Modifying a Classifier” on page 22[...]

  • Page 220

    Chapter 18: Access Control Configuration 220 3. Enter a number in th e Classifier Index field. The Classifier Index must be a unique nu mber within the range of 1 - 65535 . Note The Classifier Index is a required parameter when you create a Policy. See “Create Policy” on page 238 for more information. 4. Enter data one or more of the remaining [...]

  • Page 221

    AT-GS950/10PS Switch Web Interface Use r’s Guide 221 5. Click ADD . The classifier entry is displayed in the t able at the bottom of the page. If you do not see you new entry, you may need to navigate to another page of the table with the First Page , Previous Page , Next Page , an d Last Page buttons located below the table. An examp le of a cla[...]

  • Page 222

    Chapter 18: Access Control Configuration 222 2. From the Access Control Config folder , select Classifier . An example of a classifier table entry on the Create Cla ssifier page is displayed in Figure 77. 3. From the Create Classifier page, iden tify which classifier that want to modify and click the Modify link in the Action column. The Modify Cla[...]

  • Page 223

    AT-GS950/10PS Switch Web Interface Use r’s Guide 223 2. From the Access Control Config folder , select Classifier . The Example of Create Classifier page is d isplayed in Figure 77 on page 221. 3. From the Create Classifier page, identify which classifier table entry that want to delete and click the Delete link in the Action column. You are prom[...]

  • Page 224

    Chapter 18: Access Control Configuration 224 Profile Action The Create Profile Action page defines the priority parameters for policing on DSCP (layer 3) and/or class of service (layer 2). Note You must enter a Profile Index on this page even if you do not define the Policed-DHCP and Policed-CoS parameters because the Profile Index is a required pa[...]

  • Page 225

    AT-GS950/10PS Switch Web Interface Use r’s Guide 225 3. Enter a number in the Profile Action Index field. The Index must be a unique numbe r ranging from 1 to 72. 4. Enter a number in the Policed DSCP field within the range of 0 to 6 3. This field indicates the DSCP level of in terest. This field is not mandatory and you may elect to leave it bla[...]

  • Page 226

    Chapter 18: Access Control Configuration 226 2. From the Access Control Config folder , select Profile Ac tion . An example of the Create Profile Action page with a Profile Actio n table entry is shown in Figure 79 on page 22 4. 3. Select the table entry that you want to modify a nd click the Modify link in the Action column. The Modify Profile Act[...]

  • Page 227

    AT-GS950/10PS Switch Web Interface Use r’s Guide 227 In-Profile Actio n The Create In-Profile Action p age allows you to specify a Profile Action’ s Permit or Deny privilege for p ackets in the ingress qu eue. Note A Profile Action Index is required to create a n In-Profile Action. See “Creating a Profile Action” on page 224 fo r more infor[...]

  • Page 228

    Chapter 18: Access Control Configuration 228 Note The In-Profile Action Index is a required parameter when you create a Policy. See “Create Policy” on page 238 for more information. 4. Enter a number in th e Profile Action ID field ranging from 0 to 72. This field is mandatory. Note This field must be pre-defined on the Create Prof ile page - s[...]

  • Page 229

    AT-GS950/10PS Switch Web Interface Use r’s Guide 229 7. From the main menu on the left side of t he page, select Save Configuration to Flash to perman ently save your changes. Modifying an In- Profile Action To modify a In-Profile action entry , perform the following procedure: Note You must first enter a In-Profile action before you can modify i[...]

  • Page 230

    Chapter 18: Access Control Configuration 230 Deleting an In- Profile Action To delete a In-Profile action entry , perform the following p rocedure: 1. From the main menu on the left side of the page, select the Access Control Config folder. The Access Control Config folder expands. 2. From the Access Control Config folder , select In-Profile Action[...]

  • Page 231

    AT-GS950/10PS Switch Web Interface Use r’s Guide 231 Out-Profile Action The Create Out-Profile Action p age allows you to specify a Profile Action’s Permit or Deny privilege and bandwid th restrictions for packets in the egress queue. You can create, modify or delete an Ou t-Pro file Action by following the procedures in the following sections:[...]

  • Page 232

    Chapter 18: Access Control Configuration 232 4. Enter a number in th e Profile Action ID field ranging from 0 to 72. This field is mandatory. Note This field must be pre-defined on the Create Prof ile page - see “Creating a Profile Action” on page 224 for more information. 5. In the Deny/Permit field, use t he pull down menu to select one of th[...]

  • Page 233

    AT-GS950/10PS Switch Web Interface Use r’s Guide 233 7. From the main menu on the left side of t he page, select Save Configuration to Flash to perman ently save your changes. Modify Out- Profile Action To modify a Out-Profile action en try, perform the following procedure : Note Before you can modify an entry, yo u must first enter a Out-Profile[...]

  • Page 234

    Chapter 18: Access Control Configuration 234 Delete Out- Profile Action To delete a Out-Profile action entry, pe rform the following procedure: 1. From the main menu on the left side of the page, select the Access Control Config folder. The Access Control Config folder expands. 2. From the Access Control Config folder , select Out-Profile Action . [...]

  • Page 235

    AT-GS950/10PS Switch Web Interface Use r’s Guide 235 Port List The Create Port List page allo ws you to specify a list of ports that will be used as part of the policy specification. You can create, modify or delete a Port List by following the procedures in the following sections:  “Create Port List,” next  “Modify Port List” on pa[...]

  • Page 236

    Chapter 18: Access Control Configuration 236 6. Click Add . The Out-Profile Action entry is added to the status table. If the Page field located below the table disp lays a page number and yo u do not see your new entry, then there are multiple pages of the table that you can navigate. This is done by clicking on the First Pag e , Previous Page , N[...]

  • Page 237

    AT-GS950/10PS Switch Web Interface Use r’s Guide 237 4. Change the parameters as required. Note See “Create Port List” on page 235 for the d efinitions of each parameters. 5. Click Apply . The modified Port List entry is displaye d in the table at the bottom of the page of the Create Port List page. 6. From the main menu on the left side of t[...]

  • Page 238

    Chapter 18: Access Control Configuration 238 Policy The Create Policy page allows you to specify th e filtering criteria for one policy. Before creating a policy, you must pre-define the following ind exes: Classifier Index : See “Creating a Classifier” on page 219 for more information. In-Profile Action Index : See “Creatin g an In-Profile A[...]

  • Page 239

    AT-GS950/10PS Switch Web Interface Use r’s Guide 239 3. Enter a number in the Policy Index field. The Policy Index is a unique number within the range of 1 - 6553 5 which identifies the policy. This field is mandatory. 4. Enter data in the remaining parameters. All parameters listed b elow must be entered to form the policy: Classifier Index - Cl[...]

  • Page 240

    Chapter 18: Access Control Configuration 240 Figure 92. Example of Policy Entry 6. From the main menu on the left side of the page, select Save Configuration to Flash to permanent ly save your changes. Modify Policy To modify a Policy entry, perform th e following procedure: Note Before you can modify an entry, y ou must first enter a Policy - see [...]

  • Page 241

    AT-GS950/10PS Switch Web Interface Use r’s Guide 241 Figure 93. Modify Policy Page 4. Change the parameters as required. Note See “Create Policy” on page 238 for the definitions o f each parameters. 5. Click Apply . The modified Policy entry is displayed in the table a t the bottom of the page of the Create Policy page. 6. From the main menu [...]

  • Page 242

    Chapter 18: Access Control Configuration 242 Control Config folder. The Access Control Config folder expands. 2. From the Access Control Config folder , select Policy . An example of the Create Policy page with a Policy table entry is shown in Figure 92 on page 240. 3. From the Create Policy page, identify which Policy table en try that want to del[...]

  • Page 243

    AT-GS950/10PS Switch Web Interface Use r’s Guide 243 Policy Sequence Status The Policy Sequence page displays the status of the order that policies are applied to each port. You can order the display by Policy Index or by Policy Sequence number. To display the policy sequence, perform the following procedure: 1. From the main menu on the left sid[...]

  • Page 244

    Chapter 18: Access Control Configuration 244[...]

  • Page 245

    245 Chapter 19 RMON This chapter contains the following sections:  “Overview” on page 246  “Enable and Disable RMON” on page 2 47  “Port Statistics” on page 248  “Histories” on page 250  “Events” on page 252  “Alarms” on page 254[...]

  • Page 246

    Chapter 19: RM ON 246 Overview The RMON (Remote MONitoring) MIB is used with SNMP applications to monitor the operations of network devices. The switch supports the four RMON MIB groups listed here:  Statistic group— This group is used t o view port statistics remotely with SNMP programs. For information about configuring a Statistics gro up, [...]

  • Page 247

    AT-GS950/10PS Switch Web Interface Use r’s Guide 247 Enable and Disable RMON You can use your SNMP Network Management System (NMS) software and the RMON section of the MIB tree to view the RMON statistics, history and alarms associated with sp ecific ports. Since RMON uses the SNMP agent for communicating with your NMS software, the SNMP Agent mu[...]

  • Page 248

    Chapter 19: RM ON 248 Port Statistics You can remotely view individual port st atistics wit h RMON by using your SNMP NMS software and the RMON portion of the MIB tree. Perform the following procedure to co nfigure RMON port statistics for a specific port: 1. From the main menu on the left side of the page, click the RMON folder. The RMON folder ex[...]

  • Page 249

    AT-GS950/10PS Switch Web Interface Use r’s Guide 249 Figure 98. Ethernet Statisti cs Configuration Example 5. If you want to configure RMON statistics for other ports, repeat steps 3 and 4. 6. From the main menu on the left side of t he page, select Save Configuration to Flash to perman ently save your changes.[...]

  • Page 250

    Chapter 19: RM ON 250 Histories RMON histories are snapshots of port statistics. They are taken by the switch at predefined intervals and can be used to identify trends o r patterns in the numbers or t ypes of ingress packets on the po rts on the switch. The snapshots can be viewed with your SNMP NMS software with the history group of the RMON port[...]

  • Page 251

    AT-GS950/10PS Switch Web Interface Use r’s Guide 251 snapshot of RMON statistics. Different ports can have different numbers of buckets. The range is 1 to 50 buckets. Interval: This parameter specifies how frequently the switch takes snapshots of the port’s statistics. The range is 1 to 3600 seconds (1 hour). For example, if you want the switch[...]

  • Page 252

    Chapter 19: RM ON 252 Events An event specifies the action of the switch when the ingress packet activity on a port crosses a statistical threshold defin ed in an alarm. The choices are to log a message in the event log of the switch, send an SNMP t rap to an SNMP workstation, or both. Since there are only three possible actions and since events ca[...]

  • Page 253

    AT-GS950/10PS Switch Web Interface Use r’s Guide 253 Owner: This parameter is used to identify the person who created an entry. It is primarily intended fo r switches that are managed by more than one person, and is a n optional field. 4. Once you have configured the pa rameters, click Add . Y our entry appears in the t able at the bottom of the [...]

  • Page 254

    Chapter 19: RM ON 254 Alarms RMON alarms are used to generate alert messages when p acket activity on designated ports rises above or falls below sp ecified threshold values. The alert messages can take the form of message s that are entered in the event log on the switch or traps that are send to your SNMP NMS software or both. RMON alarms consist[...]

  • Page 255

    AT-GS950/10PS Switch Web Interface Use r’s Guide 255 2. From the RMON folder, sele ct Alarm . The RMON Alarm Configuration Page is displa yed. See Figure 103 . Figure 103. RMON Alarm Configuration Pa ge 3. The following fields are listed: Index: This parameter specifie s the ID number of the new group. The range is 1 to 65535. Interval: This para[...]

  • Page 256

    Chapter 19: RM ON 256 Falling Threshold: This paramet er specifies a specific value or threshold level of the monitored st atistic. When the value of the monitored statistic becomes less t han this threshold level, an alarm event is triggered. The p arameter ’ s range is 1 to 214748364 7. Rising Event Index: This p arameter specifies the event in[...]

  • Page 257

    257 Chapter 20 V oice VLAN This chapter contains a description of th e AT-GS950/10PS switch’s Voice VLAN feature and the procedures to create, modify, and delete a voice VLAN configuration. This chapter conta ins the following sectio ns:  “Overview” on page 258  “General Guidelines” on page 261  “Configuration” on page 262 ?[...]

  • Page 258

    Chapter 20: Voice VLAN 258 Overview The AT-GS950/10PS Voice VLAN f eature is specifically designed to maintain high quality, uninterrupted voice traffic thro ugh the switch. When talking on a voice over IP phone, a user expects to have n o interruptions in the conversation and excellent voice quality. The Voice VLAN feature can be configured to mee[...]

  • Page 259

    AT-GS950/10PS Switch Web Interface Use r’s Guide 259 When you are configuring the voice VLAN parame ters, you must enter the complete MAC address of at least one of your IP p hones. An “OUI Mask” is automatically generated and appl ied by the AT-S110 management software to yield the manufacturer’s OUI. If the OUI of the remaining phones fro[...]

  • Page 260

    Chapter 20: Voice VLAN 260 One or more ports in your voice VLAN mu st be configured as Static tagged or untagged members. Static VLAN members are permane nt member ports of the voice VLAN and there is no depend ency on the configuration of the devices con nected to the ports. These ports might be connected to other voice VLAN network nodes such as [...]

  • Page 261

    AT-GS950/10PS Switch Web Interface Use r’s Guide 261 General Guidelines Here is a summary of the rules to observe when you create a voice VLAN:  One voice VLAN can be configured on the switch at any time.  A voice VLAN is based on a pre-defined tagged VL AN.  The voice VLAN Auto-Detection feature can on ly be enabled on ports that are in[...]

  • Page 262

    Chapter 20: Voice VLAN 262 Configuration Prior to configuring your voice VLAN, you must first configure a tag ged VLAN. This VLAN will be used as a basis for your voice VLAN. Note See “Create a Tagged VLAN” on page 15 7 for more information about configuring a tagged VLAN with Not Me mber and Static tagged ports. The procedure described in this[...]

  • Page 263

    AT-GS950/10PS Switch Web Interface Use r’s Guide 263 4. From the Voice VLAN field at the top of the page, select one of the following choices from the pull-down menu: Enable - The voice VLAN feature is active. The other pa rameter fields in the voice VLAN Global Settings sectio n become active and are eligible for data to be ente red. Disable - T[...]

  • Page 264

    Chapter 20: Voice VLAN 264 Note The voice VLAN Auto-Detection feature can only be enabled on “Not Member” ports of the voice VLAN. Member ports cannot have the voice VLAN Auto-Detection feature enabled. The Status co lumn displays Static for the member po rts. See “Dynam ic Auto-Detec tion vs Static Ports” on page 259 f or more information.[...]

  • Page 265

    AT-GS950/10PS Switch Web Interface Use r’s Guide 265 OUI Setting You can create and delete Voice VLAN OUI Settings by following the procedures in these sections:  “Create OUI Setting”  “Modify OUI Setting” on page 266 Create OUI Setting To create a Voice OUI configura tion, perform the following pro cedure: 1. From the main menu on [...]

  • Page 266

    Chapter 20: Voice VLAN 266 8. From the main menu on the left side of the page, select Save Configuration to Flash to permanent ly save your changes. Modify OUI Setting To modify or delete an OUI, it must be first be deleted and then re-entered by following the procedure in “Create OUI Setting” on page 265. Delete OUI Setting To delete an OUI, p[...]

  • Page 267

    267 Chapter 21 Security This chapter contains information about th e Port-based security features and the procedures for se tting this feature. This chapter includes the following sections:  “Port Access Control” on page 268  “RADIUS Client” on page 273  “Dial-in User— Local Authentication” on page 276  “Destination MAC [...]

  • Page 268

    Chapter 21: Security 268 Port Access Control This section contains information a nd configuration procedures for the Port-based Access Control. The fo llowing informatio n is provided:  “Overview” on page 268  “Port Access Control Configuration” on page 269 Note After configuring t he Port-based Network Access Control, you ca n choose[...]

  • Page 269

    AT-GS950/10PS Switch Web Interface Use r’s Guide 269 Port Access Control Configuration To configure port-based access contro l, perform the following procedure: 1. Select the Security folder from the ma in menu on the left side of the page. The Security folder expands. 2. From the Security folder, select Port Access Control . The Port Access Cont[...]

  • Page 270

    Chapter 21: Security 270 5. To set the advanced configuration pa rameters, click Settings . The Port Access Control Configure page is expanded. See Figure 108. Figure 108. Expanded Port Access Control Configuratio n Page 6. Set the following paramet ers as needed: Port: This parameter specifies the port being configured for authentication. Authenti[...]

  • Page 271

    AT-GS950/10PS Switch Web Interface Use r’s Guide 271 802.1x authenticator role, in the unauthorized state. Although the ports are in the authenticator role, the switch blocks all authentication on the ports, which means that no clients can log on and forward packets through them. Auto: Sets the port to the 802.1X port-based authenticator role. Po[...]

  • Page 272

    Chapter 21: Security 272 authentication. Enabled: The Piggyback Mode is Enabled. Disabled: The Piggyback Mode is Disabled. VLAN Assignment - This parameter e nables the VLAN assignment that you select with the Gu est VLAN ID parameter. Choose from the following: Enabled: The VLAN Assignme nt is Enabled. Disabled: The VLAN Assignment is Disabled . S[...]

  • Page 273

    AT-GS950/10PS Switch Web Interface Use r’s Guide 273 RADIUS Client You can use the RADIUS client with 802.1x port-ba sed access control to authenticate which packets are forwarded through the switch. This section explains how to configure the RADIUS client on the switch and contains the following sections:  “Overview” on page 273  “Ra[...]

  • Page 274

    Chapter 21: Security 274  You need to specify the use r name and password combination s when configuring the RADIUS server software on the authentication server. Note This manual does not explain ho w to configure RADIUS se rver software. Refer to the documentation that comes with the RADIUS server software for instructions.  You must activat[...]

  • Page 275

    AT-GS950/10PS Switch Web Interface Use r’s Guide 275 8. From the main menu on the left side of t he page, select Save Configuration to Flash to perman ently save your changes.[...]

  • Page 276

    Chapter 21: Security 276 Dial-in User— Local Authentication Dial-in User feature provides the local authentication server for port security when a remote (RADIUS) server is not available . This section includes the following:  “Overview” on page 276  “Dial-in User Configuration” on page 276 Note To permanently save your new settings[...]

  • Page 277

    AT-GS950/10PS Switch Web Interface Use r’s Guide 277 Figure 110. Dial-In User Page 3. In the User Name field, type a name fo r the user. 4. In the Password field, type a password for the user. 5. In the Dynamic VLAN field, enter the VID of the VLAN which yo u will allow the user to access. If you enter 0, this field will be ignored. 6. Click the [...]

  • Page 278

    Chapter 21: Security 278 The Dial-in User p age is displayed. See Figure 1 10 on page 277. 3. In the list of dial-in users, highlight the user you want t o modify. The user ’s information is displayed in fields above. 4. In the Password field, enter the n ew password. 5. In the Dynamic VLAN field, enter th e new VID of the VLAN which you want the[...]

  • Page 279

    AT-GS950/10PS Switch Web Interface Use r’s Guide 279 Destination MAC Filter This section contains a n explanation of the Destination MAC Filter f eature as well a procedure for configuring it. This section includes the following information:  “Overview” on page 279  “Destination MAC Filter Configuration” on p age 279  “Delete D[...]

  • Page 280

    Chapter 21: Security 280 Figure 112. Destination MAC Filter Page 3. To enter the MAC address that you want filtere d, enter the MAC address into the MAC Address field. 4. Click the Add butto n to save your entry. See Fig ure 113. Figure 113. Destination MAC Filter Page Example 5. After you have conf igured a dest ination MAC address, the Destinatio[...]

  • Page 281

    AT-GS950/10PS Switch Web Interface Use r’s Guide 281 3. Select the Delete button next to the MAC address t hat you want to delete. The MAC address is removed from the MAC address table. 4. From the main menu on the left side of t he page, select Save Configuration to Flash to perman ently save your changes.[...]

  • Page 282

    Chapter 21: Security 282[...]

  • Page 283

    283 Chapter 22 Power Over Ethernet (PoE) This chapter provides background information about PoE and includes procedures to configure the PoE feature on each port. The sections in this chapter include:  “Overview” on page 284  “PoE Configuration” on page 286 Note To permanently save your new settings or any changes to th e configuratio[...]

  • Page 284

    Chapter 22: Power Over Etherne t (PoE) 284 Overview The AT-GS950/10PS switch features Power over Ethernet (PoE) o n the 10/100Base-Tx ports on ports 1 - 8. PoE is used to supply power to network devices over the same twist ed pair cables that carry the network traffic. The main advantage of PoE is that it can make installing a network easier. The s[...]

  • Page 285

    AT-GS950/10PS Switch Web Interface Use r’s Guide 285 Port Prioritization As long as the total power requirements of th e PDs is less than the total available power of the switch, it can supply power to all of the PDs. However, when the PD power requirements exceed the total available power, the switch denies power to some ports based on a process[...]

  • Page 286

    Chapter 22: Power Over Etherne t (PoE) 286 PoE Configuration To configure the basic STP and RSTP settings, perform the following procedure: 1. From the main menu on the left side of the page, select Power Over Ethernet Configuration . The Power Over Ethernet Configuration page is displayed. See Figure 114. Figure 114. Power Over Ethernet Configu ra[...]

  • Page 287

    AT-GS950/10PS Switch Web Interface Use r’s Guide 287 Note See Table 6 on page 28 4 for a definition of the PD Po E classes. Priority - Indicates the port priority: Low, High, or Critical. For more details, see “Port Prioritization” on page 285. Power(mW) - Indicates the Power in milliwatts th at the port is supplying power to the PD. Voltage([...]

  • Page 288

    Chapter 22: Power Over Etherne t (PoE) 288[...]

  • Page 289

    289 Chapter 23[...]

  • Page 290

    Chapter 23: DHCP Snoopin g 290 Chapter 23 DHCP Snooping This chapter contains a description of the DHCP Snooping feature and the procedures for creating, modifying, and deleting the DHCP Snooping configuration. This chapter contains th e following sections:  “Overview” on page 291  “General Configuration” on pag e 294  “VLAN Sett[...]

  • Page 291

    AT-GS950/10PS Switch Web Interface Use r’s Guide 291 Overview The DHCP Snooping feature provides security by inspecting ingress packets for the correct IP and MAC address information. The DHCP Snooping feature defines th e AT-GS950/10PS ports as either trusted or untrusted. With DHCP Sn ooping enabled, two network security issues are addressed: ?[...]

  • Page 292

    Chapter 23: DHCP Snoopin g 292 A network device initially sends out a DHCPDISCOVER packet so that a DHCP server will respond. It waits for and the n accepts the first DHCPOFFER packet from the se rver that it receives. This packet contains the DHCP server’s IP address and mask. If the unauthorized DHCP server responds first, then th e network dev[...]

  • Page 293

    AT-GS950/10PS Switch Web Interface Use r’s Guide 293 General Guidelines Here is a summary of the rules to obse rve when you configure DHCP Snooping:  A trusted port is connected to one of t he following: – Directly to the legitimate trusted DHCP Server. – A network device relaying DHCP messages to and from a trusted server. – Another tru[...]

  • Page 294

    Chapter 23: DHCP Snoopin g 294 General Configuration The following procedure describes ho w to configure the DHCP Snooping feature on the AT-GS950/10PS switch: 1. From the main menu on the left side of the page, select DHCP Snooping . The DHCP Snooping folder expands. 2. From the DHCP Snooping folder, select General Settings . The General Settings [...]

  • Page 295

    AT-GS950/10PS Switch Web Interface Use r’s Guide 295 Disable - The MAC address of each in gress ARP packet is not validated against th e Binding Table. All ARP packets are forwarded through the switch without regard to t he IP and MAC Address information in the packet h eader. 6. From the Backup Database field, select one of the following choice [...]

  • Page 296

    Chapter 23: DHCP Snoopin g 296 VLAN Setting You can create and dele te DHCP Snooping VLAN settings by follo wing the procedures in these sections:  "Creating a VLAN"  “Modifying a VLAN” on page 297  “Deleting a VLAN” on page 297 Creating a VLAN To define a VLAN that will be a part of the DHCP Snooping feature, do the foll[...]

  • Page 297

    AT-GS950/10PS Switch Web Interface Use r’s Guide 297 Modifying a VLAN To modify or delete a VLAN ID, you must first d eleted it (using the procedure below) and then re-entered r e-enter it by following the procedure outline in “Creating a VLAN” o n page 296. Deleting a VLAN To delete a VLAN ID, do the following: 1. From the main menu on the l[...]

  • Page 298

    Chapter 23: DHCP Snoopin g 298 Trusted and Untrusted Port Configuration The following procedure describes ho w to configure the DHCP Snooping trusted interfaces on the AT-GS950/10PS switch: 1. From the main menu on the left side of the page, select DHCP Snooping . The DHCP Snooping folder expands. 2. From the DHCP Snooping folder, select Trusted In[...]

  • Page 299

    AT-GS950/10PS Switch Web Interface Use r’s Guide 299 Figure 118. Trusted Interfaces Page Exa mple 5. If you choose to configure other switch ports as trusted or untrusted, repeat steps 3 and 4. 6. From the main menu on the left side of t he page, select Save Configuration to Flash to perman ently save your changes.[...]

  • Page 300

    Chapter 23: DHCP Snoopin g 300 Binding Database The Binding Database displays learned and statically assigned MAC Address and IP Address information for each host on the local area network. Dynamically assi gned IP addresses from the DHCP server will automatically populate the table on the Binding Database page as they are assigned by the server. S[...]

  • Page 301

    AT-GS950/10PS Switch Web Interface Use r’s Guide 301 VLAN - Enter the host’s VLAN ID. Port - Enter the port number where the host is connected. Type - Because the IP Address being entered is static, you must select Static . Lease Time - Enter the time that IP addre ss assignment is valid. The range is 10 to 4294967295 seconds. 2. Click Add . Th[...]

  • Page 302

    Chapter 23: DHCP Snoopin g 302 Type: This parameter indicates the following: Learned: The host IP Address is dynam ically assigned by the DHCP server. Static: The host IP Address is statica lly assigned. See “Static IP Addresses” on page 300 for more information. Lease Time: This parameter is the time that IP address assignment by the DHCP serv[...]

  • Page 303

    303 Chapter 24 LLDP Link Layer Discovery Protocol (LLD P) allows Etherne t network devices, such as switches and routers, to receive and transmit device-related information to directly connect ed devices on the network and to store data that is learned about other device s. This chapter provides the following information:  “Overview” on page[...]

  • Page 304

    Chapter 24: LLDP 304 Overview The data sent and received by L LDP are useful for many reasons. The switch can discover other devices directly connecte d to it. Neighboring devices can use LLDP to advertise some parts of their La yer 2 configuration to each other, which ma y highlight incon sistencies in the neighboring device’s configuration whic[...]

  • Page 305

    AT-GS950/10PS Switch Web Interface Use r’s Guide 305 Global Configuration The LLDP Global Setting page has three sect ions:  On the top of the page contain s the enabling or disabling LLDP selections.  The middle of the page contains LLDP Syste m Information.  The LLDP port settings are on the bottom o f the page. 3. See Figure 121 for a[...]

  • Page 306

    Chapter 24: LLDP 306  “Setting Port States” on page 307 You must enable LLDP before changing the LLDP System Info rmation settings or the port settings. Enabling or Disabling LLDP To enable or disable the LLDP f eature, perform the following pro cedure: 1. From the main men u on the left sid e of the page, click th e LLDP folder. The LLDP fo[...]

  • Page 307

    AT-GS950/10PS Switch Web Interface Use r’s Guide 307 LLDP TX Delay: Sets the value of the tra nsmission delay timer, which is the minimum time interval between transmissions of LLDP advertisements due to a change in LLDP local information. Th e range is from 1 to 8192 seconds. 6. From the main menu on the left side of t he page, select Save Confi[...]

  • Page 308

    Chapter 24: LLDP 308 transmit LLDP data packets. T o change the settings of all the ports to the same st ate, select a state setting next to All In the Port colu mn. 3. In the Action column, click the Apply button that corresponds to the port to make the state change active.[...]

  • Page 309

    AT-GS950/10PS Switch Web Interface Use r’s Guide 309 Neighbors Information To view the information re ceived from the neighboring network de vices, perform the following procedure: 1. From the main menu on the left side of the page, click the LLDP fold er. The LLDP folder expands. 2. From the LLDP folder, select LLDP Neighbors Information . The L[...]

  • Page 310

    Chapter 24: LLDP 310[...]

  • Page 311

    311 Chapter 25 Network S tatistics The sections in th is chapter explain how to display traffic, error, and h istory statistics about the network traffic on the AT-GS950/10PS switch and its ports. This chapter includes th e following sections:  “Overview” on page 312  “Traffic Comparison Statistics” on page 313  “Error Group Stat[...]

  • Page 312

    Chapter 25: Network St atistics 312 Overview Statistics provide important info rmation for t roubleshooting switch problems at the port level. The AT-S110 Management Software provides a versatile set of statistics charts t hat you can customize for your n eeds, including (depending upon the chart) the po rts whose statistics you want to view and th[...]

  • Page 313

    AT-GS950/10PS Switch Web Interface Use r’s Guide 313 Traffic Comparison Statistics The T raffic Compariso n statistics char t allows you to di splay a specified traffic st atistic over all of the ports. Y ou can select 12 statistic types and 12 colors for each port. To display traffic comparison sta tistics, perform the following procedure: 1. Se[...]

  • Page 314

    Chapter 25: Network St atistics 314 4. To select the amount of time before the screen is refreshed, click Auto Refresh . Choose from the following options:  5 seconds  10 seconds  15 seconds  30 seconds Table 8 Traffic Comparison Options Option Definition Inbound Octets (Bytes/s) Measures the number of inbound octe t bits in bytes per s[...]

  • Page 315

    AT-GS950/10PS Switch Web Interface Use r’s Guide 315 5. To select the color of the traffic comparison graph, select Color . Choose one of the following colors:  Green  Blue  Red  Purple  Yellow  Orange  Gray  Light Red  Light Blue  Light Green  Light Yellow  Light Gray 6. To create the traffic comparison graph,[...]

  • Page 316

    Chapter 25: Network St atistics 316 Error Group Statistics The Error Group chart displays the di scard and error counts for a spe cified port. To display error group statistics for a port, per form the following procedure: 1. Select the Statistics Chart folder. The Statistics Chart folder expands. 2. From the Statistics Chart folder, select Error G[...]

  • Page 317

    AT-GS950/10PS Switch Web Interface Use r’s Guide 317 4. To select the amount of time before the screen is refreshed, click Auto Refresh . Choose from the followin g options:  5 seconds  10 seconds  15 seconds  30 seconds 5. To select the color of the traffic comparison graph, select Color . Choose one of the following colors:  Gree[...]

  • Page 318

    Chapter 25: Network St atistics 318 Historical Status Charts The Historical S tatus chart allows you to select from 12 st atistics to view for a selection of ports for ho wever long this chart is running on the management workst ation. To display histor ical status cha rts statistics for a port, perform the following procedure: 1. Select the Statis[...]

  • Page 319

    AT-GS950/10PS Switch Web Interface Use r’s Guide 319 Table 9 Historical Status Options Option Definition Inbound Octet Rate (Bytes) Measures the rate of inbo und octet bit s in bytes per second. Inbound Unicast Packet Rate (Pkt s) Measures the rate of inbo und unicast p ackets in packet s per second. Inbound Non -unicast Pa cket Rate (Pkts) Measu[...]

  • Page 320

    Chapter 25: Network St atistics 320 4. To select the amount of time before the screen is refreshed, click Auto Refresh . Choose from the following options:  5 seconds  10 seconds  15 seconds  30 seconds 5. To select the color of the traffic compar ison graph, select Col or . Choose one of the following colors:  Green  Blue  Red[...]

  • Page 321

    321 Section IV To o l s This section contains t he following chapters:  Chapter 26, “Software/ Configuration Up dates” on page 323  Chapter 27, “Cable Diagnostics” on p age 335  Chapter 28, “Rebooting the A T -GS950/10PS” on p age 337  Chapter 29, “Pinging a Remote System” on p age 347[...]

  • Page 322

    322[...]

  • Page 323

    323 Chapter 26 Softwar e/Configuration Updates This chapter explains the meth ods for upgrading the AT-S110 Management Software on the switch and saving configuration files. This chapter contains the following sections:  “Overview” on page 324  “Upgrade Firmware Image via HTTP” on page 325  “Upgrade Firmware Image via TFTP” on [...]

  • Page 324

    Chapter 26: Software/Co nfiguration Updates 324 Overview You can use the Management Software Upd ates features to upgrade the AT-S110 Management Software to a new version, save a configuration file or load a configuration file. in addition, you can:  Upload a configur ation file from the switch onto a PC  Download a configu ration file from a[...]

  • Page 325

    AT-GS950/10PS Switch Web Interface Use r’s Guide 325 Upgrade Firmware Image via HTTP This section describes how to upgrade an firmware image of the AT-S110 Management Software using HTT P on an Internet server. Before downloading a new version of the AT-S110 Manage ment Software onto the switch with HTTP, note the followin g:  The current conf[...]

  • Page 326

    Chapter 26: Software/Co nfiguration Updates 326 2. From the Firmware Upgrade folde r, sele ct via HTTP . The Firmware Upgrade via HTTP Page is displayed. See Figu re 126. Figure 126. Firmware Up grade via HTTP Pa ge 3. Change the following parameter as ne cessary: Firmware File : Enter the path and the firmware file name or click the Browse button [...]

  • Page 327

    AT-GS950/10PS Switch Web Interface Use r’s Guide 327 Upgrade Firmware Image via TFTP This section describes how to upgrade an firmware image of the AT-S110 Management software using TFTP on an T FTP server. Before downloading a new version of the AT-S110 Manage ment Software onto the switch, note the following:  The current configuration of a [...]

  • Page 328

    Chapter 26: Software/Co nfiguration Updates 328 Figure 127. Firmware Upgrade via TFTP Page The Image/Version Date shows the curren t version and date of software inst alled on the switch. 3. Change the following parameters as necessary: TFTP Server IP: The IP address of the TFTP server from which you are downloading the new software. Image File Nam[...]

  • Page 329

    AT-GS950/10PS Switch Web Interface Use r’s Guide 329 Upload or Download a Configuration File via HTTP This section describes how to upload or do wnload a configur ation file using HTTP on an Internet server. Before you upload or downloa d a configuration file via HTTP, note the follo wing:  You must be able to access the new AT-S110 configurat[...]

  • Page 330

    Chapter 26: Software/Co nfiguration Updates 330 2. Select the Upload button. The download process begins immediat ely. Caution If you are uploading a con figuration file, the file will be implemented immediately after download. A shor t interruption in network service will be experienced wh ile the new configuration file is loaded. Note If the IP a[...]

  • Page 331

    AT-GS950/10PS Switch Web Interface Use r’s Guide 331 Configuration File Download To download or save the AT-S110 configuration file from the switch to your PC, perform the following procedure: 1. Select the Download button . Select this button to download a configuration file from the switch to your PC. The following window shown in Figure 130 is[...]

  • Page 332

    Chapter 26: Software/Co nfiguration Updates 332 Download or Upload a Configuration File via TFTP This section describes how to upload or download a configuration file using TFTP on an TFTP server. Before you uplo ad or download a configuration file onto the switch using TFTP, note the following:  Your network must have a TFTP se rver.  You mu[...]

  • Page 333

    AT-GS950/10PS Switch Web Interface Use r’s Guide 333 Caution If you are uploading a configuration fi le, the file will be implemented immediately after down load. A short interru ption in network service will be experienced while the new configu ration file is loaded. Note If the IP address contained in the new configuration file is different tha[...]

  • Page 334

    Chapter 26: Software/Co nfiguration Updates 334[...]

  • Page 335

    335 Chapter 27 Cable Diagnostics This chapter provides pr ocedures to run cable diagno stics on the cables connected to the switch ports. If a po rt is select ed, a cable must be connected to it for meaningful test results to be displayed. Note To permanently save your new settings or any changes to th e configuration file, select Save Configuratio[...]

  • Page 336

    Chapter 27: Ca ble Diagnostics 336 Port: This parameter displays the port (cable ) selected. Test Results: Displays the diagnostic results fo r each pair in the cable. One of the following cable status parameters is displayed: OK: There is not problem detected with the cable. Open in Cable: There is an op en wire within the cable. Short in Cable: T[...]

  • Page 337

    337 Chapter 28 Rebooting the A T -GS950/10PS This chapter provides the procedures for rebo oting the AT-GS950/10PS switch by using the Normal reboot funct ion provided in the AT-S110 management software. Note Alternately, you can reboot the AT-GS950 /10PS switch by pressing the front panel eco-friendly switch between 5 to 9 seconds. In addition to [...]

  • Page 338

    Chapter 28: Reboo ting the AT-GS950/10PS 338 Switch Reboot The following procedure outlines how to reboot your AT-GS950/10PS switch. Caution This procedure reboots the switch and reloads the AT-S110 Management software configuratio n from flash memory. Insure that your current configuration is saved before rebooting the switch by selecting Save Con[...]

  • Page 339

    AT-GS950/10PS Switch Web Interface Use r’s Guide 339 4. In the Reboot Type field, select Normal from the pull-down menu. When the switch is rebooted with this selection, a ll configuration parameters that are saved in flash memory are loaded into the switch’s active memory. Note Two additional options are available in the Reboot Type field. The[...]

  • Page 340

    Chapter 28: Reboo ting the AT-GS950/10PS 340 Configure Factory Default Values The following procedure returns all AT-S110 Management software parameters to their factory default values and deletes all ta gged and port- based VLANs on the switch. Note The AT-S110 Management software factory default values are listed in “AT-GS950/8 Default Pa ramet[...]

  • Page 341

    AT-GS950/10PS Switch Web Interface Use r’s Guide 341 address, subnet mask, and gateway se ttings are managed by the DHCP server . 5. Click Apply . The switch begins the reboot process. You must wait approximately two minutes for the switch to complete th e reboot process before you can re-establish your management session and netwo rk traffic beg[...]

  • Page 342

    Chapter 28: Reboo ting the AT-GS950/10PS 342 Password Protection of Factory Reset If your switch is located in a controlled environment such as a lo cked switching closet or limited access eq uipment ro om, it may be desirable to have the ability to easily reset the switch to factory defaults at any time by using either the front panel ecofriendly [...]

  • Page 343

    AT-GS950/10PS Switch Web Interface Use r’s Guide 343 2. From the Tools folder, select Reboot . The Factory Default Reset/Reboot Page is displaye d. See Figure 133 on page 338. 3. Go to the Factory Default Reset section on the upper pa rt of the page. You will find a field called Factory Default Reset. This selection allows you to reset the switch[...]

  • Page 344

    Chapter 28: Reboo ting the AT-GS950/10PS 344 remain Enabled on both the switch mana gement software and the physical front panel ecoFriendly button. 8. Click Accept .on the message. The Factory Default Reset page changes and displays the Fa ctory Default Reset f eature as Disabled . See Figure 135. Figure 135. Factory Default Reset Disa bled Page 9[...]

  • Page 345

    AT-GS950/10PS Switch Web Interface Use r’s Guide 345 Figure 136. Factory Default Reset/Reboot Page with Passwo rd Entry 5. Enter the same passwo rd that you de fined when you previously set the Factory Default Reset field to Disable. 6. Click Apply . The initial Factory Default Reset/Reboot Page is displaye d with the Factory Default Reset field [...]

  • Page 346

    Chapter 28: Reboo ting the AT-GS950/10PS 346[...]

  • Page 347

    347 Chapter 29 Pinging a Remote System This chapter provides the procedur e for pinging a node on your network from the AT-GS950/10PS switch. Th is procedure is useful in determinin g whether an active link exists between the switch and another network device. Note The device you are pinging must be a member of the Default VLAN and within the same [...]

  • Page 348

    Chapter 29: Pinging a Remote System 348 switch waits for a response before assuming that a ping has failed. Number of Ping Requests - Specifies the nu mber of ping requests you want the switch to perform. 4. Click Start . 5. To view the ping results, click Show Ping Re sults . A sample Ping Test Results Page is displayed. See Figure 138. Figure 138[...]

  • Page 349

    349 Appendix A MSTP Overview This appendix provides background in formation about the Multiple Spanning Tree Protocol (MSTP) and include s the following sections:  “Overview” on page 350  “Multiple Spanning Tree Instance (MSTI)” on page 352  “General Guidelines” on page 355  “VLAN and MSTI Associations” on page 356  ?[...]

  • Page 350

    Appendix A: MSTP Overvi ew 350 Overview In the AT-GS950/10PS, STP and RSTP are ref erred to as single-instance spanning trees that search for physical loops across all VLANs in a bridged network. When lo ops are detected, the active pro tocol stops the loops by placing one or more bridge ports in a bl ocking state. Se e Chapter 4, “STP and RSTP?[...]

  • Page 351

    AT-GS950/10PS Switch Web Interface Use r’s Guide 351 Note Do not activate MSTP on the AT-GS950/10PS switch without first familiarizing yourself with the following concepts and guidelines. Like STP and RSTP, you must activate this MSTP protocol on a switch and then configure the p rotocol parameters. Note The implementation of MSTP in t he manage [...]

  • Page 352

    Appendix A: MSTP Overvi ew 352 Multiple Spanning Tree Instance (MSTI) The individual spanning trees in MSTP are referred to as Multiple Spanning Tree Instances (MSTIs). A MSTI ca n span any number of AT-GS950 switches. The switch can support up to 31 MSTI s at a time. Before creating a MSTI, you f irst enable MSTP. Then you must assign the MSTI a u[...]

  • Page 353

    AT-GS950/10PS Switch Web Interface Use r’s Guide 353 Figure 140. MSTP Example of Two Spanning Tree Inst ances Multiple VLANs Assigned to an MSTI A MSTI can contain more than one VLAN. This is illustrated in Figure 141 on page 354 where there are two AT-GS950/10PS switches with fo ur VLANs. There are two MSTIs, each containing two VLANs. MSTI 1 co[...]

  • Page 354

    Appendix A: MSTP Overvi ew 354 Figure 141. Multiple VLANs in a MSTI In this example, because an MSTI contains more than one VL AN, the links between the VLAN parts is made with tagged (not unta gged) ports so that they can carry traffic from more than on e virtual LAN. Referring again to Figure 141, the tagged link in MSTI 1 is carrying traffic for[...]

  • Page 355

    AT-GS950/10PS Switch Web Interface Use r’s Guide 355 General Guidelines Here are the guidelin es for MST Is:  The AT-GS950/10PS switch can support up to 31 spanning tree instances, including the CIST.  A MSTI can contain a ny number of VLANs.  A VLAN can belong to only one MSTI at a time.  A switch port can belong to more than one spa[...]

  • Page 356

    Appendix A: MSTP Overvi ew 356 VLAN and MSTI Associations Part of the task to configuring MSTP involves assigning VLANs to spanning tree instances. The mapping of VLANs to MSTIs is called associations . A VLAN, either port-based o r tagged, can belong to only one instance at a time, but an instance can contain any number of VLANs.[...]

  • Page 357

    AT-GS950/10PS Switch Web Interface Use r’s Guide 357 Ports in Multiple MSTIs A port can be a member of more than one MSTI at a time if it is a tagged member of one or more VLANs assigned to different MSTI’s. In th is circumstance, a port migh t be have to operate in different sp anning tree states simultaneously, depending on the requ irements [...]

  • Page 358

    Appendix A: MSTP Overvi ew 358 Multiple Spanning Tree Regions Another important concept of MSTP is regio ns . A MSTP region is defined as a group of bridges that sha re exactly the same MSTI char acteristics. Those characteristics are:  Region name  Region revision  VLANs  VLAN to MSTI ID associations A region name is a name assigned to[...]

  • Page 359

    AT-GS950/10PS Switch Web Interface Use r’s Guide 359 The AT-GS950/10PS switch determines re gional boundaries by examining the MSTP BPDUs received on the ports. A port that receives a MSTP BPDU from another bridge with regio nal information different from its own is conside red to be a boundary port and the b ridge connected to th e port as belon[...]

  • Page 360

    Appendix A: MSTP Overvi ew 360 Each MSTI functions as an indepen dent spanning tree within a region. Consequently, each MSTI must have a ro ot bridge to loca te physical loops within the spanning tree insta nce. An MSTI’s root bridge is ca lled a regional root . The MSTIs within a region may share the same regional root or they can have different[...]

  • Page 361

    AT-GS950/10PS Switch Web Interface Use r’s Guide 361  Each MSTI must have a regional root for lo cating loops in the instance. MSTIs can share the same region al root or have different roots. A regional root is determined by the MST I Bridge Priority value and a b ridge’s MAC address.  The regional root of a MSTI must be in the same regio[...]

  • Page 362

    Appendix A: MSTP Overvi ew 362 Common and Internal Spanning Tree (CIST) MSTP has a default spanning tree instance ca lled the Common and Internal Spanning Tree (CIST). This instance has an MSTI ID of 0. This instance has unique features and functi ons that make it different from the MSTIs that you create yourself. First, you cann ot delete this ins[...]

  • Page 363

    AT-GS950/10PS Switch Web Interface Use r’s Guide 363 Associating VLANs to MSTIs When you are using Multiple Span ning Tree, Allied Telesis recommends that you assign each VLANs to one of the ex isting MSTIs on a switch. You should not leave any VLAN unassigned including th e Default VLAN. This is to prevent the blocking of a port that should be i[...]

  • Page 364

    Appendix A: MSTP Overvi ew 364 Figure 143. CIST and VLAN Guid eline - Example 2 When port 3 on switch B receives a BPDU, the switch notes the port sending the packet belongs only t o CIST 0. Therefore, switch B uses CIST 0 in determining whether a loop exists. The result would be that the switch detects a loop because t he other port is also receiv[...]

  • Page 365

    AT-GS950/10PS Switch Web Interface Use r’s Guide 365 VLANs Across Different Regions Special consideration needs to be taken into account when you connect different MSTP regions or an MSTP region and a single-instance STP or RSTP region. Unless planned proper ly, VLAN fragmentation can occur between the VLANS of your network. As mentioned previous[...]

  • Page 366

    Appendix A: MSTP Overvi ew 366 Region 1 VLANs Region 2 VLANs Accounting Accounting Sales Sales Pre-Sales Pre-Sales Marketing Technical Support Product Management Software Engineering Project Management Hardware Engineering The two regions share three VLANs: Ac counting, Sales, and Presales. You can group these three VLANs into the same MSTI in each[...]

  • Page 367

    AT-GS950/10PS Switch Web Interface Use r’s Guide 367 Summary of Guidelines Careful planning is essential for the su ccessful implementation of MSTP. This section reviews all the rules and guidelines mentioned in earlier sections, and contains a few new ones:  The AT-GS950/10PS switch can support up to 32 multiple spanning tree instances, inclu[...]

  • Page 368

    Appendix A: MSTP Overvi ew 368[...]

  • Page 369

    369 Appendix B A T -GS950/10PS Default Parameters Table 12 lists the factory default setting s for the AT-S110 Manageme nt software on the AT-GS950/10PS switch. The Parameters reflect the fields found on each we b page. T able 12. A T -S1 10 Management Sof tware Default Settings Parameter A T -GS950/10PS Default Setting S pecifications System/Manag[...]

  • Page 370

    Appendix B: AT-GS950/10PS Default Parameters 370 IP address entries 10 entries 10 entries System/Administration User Name manager 1 - 12 characters Password friend 1 - 12 characters System/User Interface SNMP Agent Enabled Enabled/Disabled Web Server S t atus Enabled Enabled/Disabled Web Idle T imeout 10 Minutes 3 - 60 Minutes System/System Time Cl[...]

  • Page 371

    AT-GS950/10PS Switch Web Interface Use r’s Guide 371 To (Month:Day:HH:MM) January:01:00:00 - DST Offset 1 hr - System/SSL Setting s SSL Settings Disabled Enabled/Disabled System/DHCP Auto C onfiguration Settings Auto Configuration St a t e Disabled Enabled/Disabled System/System Log Configuration Syslog S tatus Disab led Enabled/Disabled Ti m e S[...]

  • Page 372

    Appendix B: AT-GS950/10PS Default Parameters 372 Trunk -- Type 1000TX - Link Status Down Up/Dow n Admin Status Enabled Enabled/Disabled Mode Auto Auto/10Half/10Full/100Half/10 0Full/1000Full Jumbo Enabled Enabled/Disabled Flow Control Disabled Enabled/Disabled EAP Pass Disabled Enabled/Disabled BPDU Enabled Enabled/Disabled Bridge/Sp anning T ree/R[...]

  • Page 373

    AT-GS950/10PS Switch Web Interface Use r’s Guide 373 Bridge Priority 32768 0 - 61440 Region Name MAC Address of AT-GS950/10PS switch - Region Revision 0 0 - 65535 Dynamic Path Cost Calculation True True/False Bridge Maximum Age 20 Seconds 6 - 40 Seconds Bridge Forward Delay 15 Seconds 4 - 30 Seconds Maximum Hop Count 20 6 - 40 T ransient Hold Cou[...]

  • Page 374

    Appendix B: AT-GS950/10PS Default Parameters 374 Restricted Role False True/False Restricted TCN False True/ False Port S tate Ignore Enable/Disable/Ignore Bridge/T runk Config/T runking T runk S tatus Disabled Active/Pa ssive/Manual/Disabled Bridge/T runk Config/LACP Group S t atus System Priority 32768 32768 System ID MAC Address of AT-GS950/10PS[...]

  • Page 375

    AT-GS950/10PS Switch Web Interface Use r’s Guide 375 Bridge/St atic Unicast 802.1Q VLAN - ID 1 - 4000 Port-Based VLAN Index - ID 1 - 52 MAC Address none xx:xx:xx:xx:xx:xx hex format Port Member - All, 1 - 10 Bridge/St atic Multicast 802.1Q VLAN - ID 1 - 4000 Port-Based V ALN Index - ID 1 - 52 Group MAC Address none 01:00:5E:00:01:00 - 01:00:5E:7F[...]

  • Page 376

    Appendix B: AT-GS950/10PS Default Parameters 376 S torm Control Threshold Low High (2500 pp s) Medium (1000 pp s) Low (500 pp s) @ Packet size = 1518 Bytes Ingress Rate Limiting Bandwid th 64Kbps X rate limit where rate limit (1 - 15625) Ingress Rate Limiting S tatus Disabled Enabled/Disabled Egress Rate Limiting Bandwid th 64Kbps X rate limit wher[...]

  • Page 377

    AT-GS950/10PS Switch Web Interface Use r’s Guide 377 Private VLAN Forwarding Ports All, 1 - 10 All, 1 - 10 Bridge/GVRP GVRP S tatus Disabled Enabled/Disabled Dynamic Vlan S tatus En abled Enabled/Disabled Restricted VLAN Registration Disabled Enabled/Disabled GarpJoinT ime 200 milli-seco nds 10 - 1073741810 milli-seconds GarpLeaveT ime 600 milli-[...]

  • Page 378

    Appendix B: AT-GS950/10PS Default Parameters 378 Security Model v1 v1/v2c/v3 Security Level NoAuthNoPriv NoAuthNoPriv/AuthNoPriv/AuthPriv SNMP User/Group User Name Enable d Enabled/Disabled Group Name 10 entries - SNMP V ersion v1 v1/v2c/v3 encrypted not checked not checked/checked Auth-Protocol MD5 MD5/SHA Password none - Priv-Protocol DES DES/non[...]

  • Page 379

    AT-GS950/10PS Switch Web Interface Use r’s Guide 379 Destination MAC Address none xx:xx:xx:xx:xx:xx hex format Destination MAC Mask Length none 1 - 48 VLAN ID none 0 - 4000 802.1p Priority none 0 - 7 Ether T ype none 0000 - FFFF (Hex) DSCP none 0 - 63 Proto col none 1 - 255 Source IP Address none IPv4 address in xxx.xxx.xxx.xxx hex format; Source[...]

  • Page 380

    Appendix B: AT-GS950/10PS Default Parameters 380 Out-Profile Action Burst Size 16K 16K/32K/64K Port List Index none 1 - 65535 Port List none Any combination of ports 1 - 10 Authentication Method RADIUS RADIUS/Local Port Number port 1 ports 1 - 10 NAS ID Nas1 1 - 16 characters Authentication Method RADIUS RADIUS/Local Port Number port 1 ports 1 - 10[...]

  • Page 381

    AT-GS950/10PS Switch Web Interface Use r’s Guide 381 Alarms Rising Threshold none 1 to 2147483647 seconds Alarms Falling Threshold none 1 to 2147483647 seconds Alarms Rising Event Index none 1 - 65535 Alarms Falling Event Index none 1 - 65535 Alarms Owne r none - Event Index Nas1 1 - 65535 Event Description none - Event T ype None None/Log/SNMP T[...]

  • Page 382

    Appendix B: AT-GS950/10PS Default Parameters 382 Port Access Control Authentication Method Local Local/Ra dius Dial-In User Name none 1 - 23 characters Dial-In User Password none 1 - 23 characters Dial-In User Dynamic VLAN none 1 - 4000 where 0 means ignore RADIUS Server IP 0.0.0.0 IPv4 address in xxx.xxx.xxx.xxx hex format; RADIUS Server Port 1812[...]

  • Page 383

    AT-GS950/10PS Switch Web Interface Use r’s Guide 383 General Setting Datab ase Update Interval 1200 600 - 86400 General Setting DHCP Option 82 Insertion Disabled Enabled/Disabled VLAN Settings VLAN ID none 1 - 4000 T rusted Interfaces - Tr u s t Disabled Enabled/Disabled Binding Database MAC Address none xx:xx:xx:xx:xx:xx hex format Binding Datab[...]

  • Page 384

    Appendix B: AT-GS950/10PS Default Parameters 384 T raffic Comparison St a t i s t i c s Inbound Octet Rate (Bytes/ s) 25 statistics T raffic Comparison Auto Refresh 5 seconds 5/10/15/30 seconds T raffic Comparison Color Green 12 colors Error Group Port 1 ports 1 - 10 Error Group Auto Refresh 5 seconds 5/10/15/30 seconds Error Group Color Green 12 c[...]

  • Page 385

    AT-GS950/10PS Switch Web Interface Use r’s Guide 385 Configuration File Upload/Down load via HTTP Select File none - Configuration File Upload/Down load via TFTP TFTP Server IP 0.0.0.0 IPv4 address in xxx.xxx.xxx.xxx hex format; except 127.0.0.1 Configuration File Upload/Down load via TFTP Config File Na me none 1 - 39 characters (special charact[...]

  • Page 386

    Appendix B: AT-GS950/10PS Default Parameters 386[...]