Gebruiksaanwijzing /service van het product AT-GS950/10PS van de fabrikant Allied Telesis
Ga naar pagina of 386
613-001770 Rev A AT-GS950/10PS Gigabit Ethernet PoE+ Switch AT-GS950/10PS Switch Web Interface User’s Guide AT-S110 [1.00.013].
Copyright © 2013 Allied Telesis, Inc. All rights reserved. No part of this publicati on may be repr o duced without prior w ritten permission from Al lied Telesis, Inc. Allied Telesis and the Allied Telesis logo are trademarks of Allied Telesis, Incorp orated.
3 Contents List of Figures ............... ............. ................. ............ ................. ............. ................ ............. ......................... ..... 9 List of Tables ................ ............. ................. ..
Contents 4 Forwarding Delay and Topology Changes .......... ............. ................. ............ ................. ............ ......... .6 5 Mixed STP and RSTP Networks ............. ................ ............. ................ ..........
AT-GS950/10PS Switch Web Interface User’s Guide 5 Ingress Rate Limiting .............. ................ ................ ............. ................ ................ ............. .. ............... 143 Egress Rate Limiting ......................
Contents 6 Overview .......... ............. ................ ................. ............ ................. ............. ................ ..... ................. ........... 202 SNMPv3 Authentication Protocols ...................... .......... ...
AT-GS950/10PS Switch Web Interface User’s Guide 7 Overview ............. ............. ................ ............. ................ ............. ................ ................ ... ....................... .... 258 CoS with Voice VLAN .........
Contents 8 Displaying System Information...... ................... ............. ................ ............. ................ ............. .. ......... 307 Setting Port States ........... ................ ................ ............. ...........
9 Figure 1. Entering a Switch’s IP Address in the URL Field............... .............. ........... .............. .............. . ..... ........... ........... 22 Figure 2. Management Login Dialog Box .................. .........................
Figures 10 Figure 51. Example of AT-GS950/10PS Tagged VLAN Page ................................................................ .......... .......... ..... 159 Figure 52. AT-GS950/10PS Modify V LAN Page............. .............. .............. ....
AT-GS950/10PS Switch Web Interface User’s Guide 11 Figure 111. Dial-In User Page Example ............... ... ..... .............. ........... .............. ............ ........... .... .... .............. ............ ... 277 Figure 112. Destination MAC Filter Page .
Figures 12.
13 List of T ables Table 1. Bridge Priority Value Increme nts ...................................................................... .............. .. 63 Table 2. Valid Port Priority Va lues ............................................................
List of Tables 14.
15 Pr eface This guide contains instructions on ho w to use the AT-S110 Management Software to manage and monitor the AT-GS950/1 0PS Gigabit Ethernet PoE+ Switch. The AT-S110 Management software has a web browser in terface that you can access from any management work station on your network that has a web browser application.
Preface 16 Document Conventions This document uses the following conventions: Note Notes provide additional informatio n. Caution Cautions inform you t hat performing or omitting a spe cific action may result in equipment damage or loss of data. Warning Warnings inform you that performing or omitting a sp ecific action may result in bodily injury.
AT-GS950/10PS Switch Web Interface User’s Guide 17 Allied Telesis Contact Information If you need assistance with this prod uct, you may contact Allied Telesis technical support by going to the Suppo rt & Services section of the Allied Telesis web site at www.
Preface 18.
19 Section I Getting S tarted This section contains t he following chapters: Chapter 1, “S tarting a Web Browser Session” on p age 21 Chapter 2, “System Configuration” on p age 27.
20.
21 Chapter 1 S tarting a W eb Br owser Session This chapter contains the procedures fo r starting, using, and quitting a web browser management session on the AT-GS950/10PS switch.
Chapter 1: St arting a Web Browser Session 22 Establishing a Remote Connectio n to the Web Brow ser Interface The AT-GS950/10PS switch is shipped with a pre-assigned IP ad dress of 192.168.1.1. After your initial login, A llied Telesis suggests that you assign a new IP address to your switch.
AT-GS950/10PS Switch Web Interface Use r’s Guide 23 4. Press OK . The A T -GS950/10PS Switch Information page is displayed. See Figure 3. Note To change the user name and pa ssword, refer to “User Name and Password Configuration” on page 34. Figure 3.
Chapter 1: St arting a Web Browser Session 24 LLDP Statistics Chart Tools Save Conf igurati on 5. To see the front p anel of the switch, select Front Panel from the main menu on the left side of th e page. The A T -S1 10 Management sof tware displays the front of the switch.
AT-GS950/10PS Switch Web Interface Use r’s Guide 25 Web Browser Tools You can use the web browser tools to move aro und the management pages. Selecting Back on your browser’s toolbar returns you to the previous display. You ca n also use the browser’s Bookmark feature to save the link to the switch.
Chapter 1: St arting a Web Browser Session 26 Quitting a Web Browser Management Session To exit a web browser management session, clo se the web browser.
27 Chapter 2 System Configuration This chapter provides pr ocedures to configuring basic system parameters for the AT-GS950/10PS switch and cont ains information for the following sections: “Sys.
Chapter 2: System Configur ation 28 System Management Information This section explains how to assig n a name, location, and contact information for the AT-GS950/10PS switch. This informat ion helps in identifying each specific AT-GS950/10PS switch among other switches in the same local area network.
AT-GS950/10PS Switch Web Interface Use r’s Guide 29 System Name - Specifies a name for the switch, for example, Sales. The name is optional and may contain up to 15 characters. System Location - Specifies the location of th e switch. The location is optional and may contain u p to 30 characters.
Chapter 2: System Configur ation 30 Configuration of IP Address, Subnet Mask and Gateway Address This procedure explains how to c hange the IP add ress, subnet mask, and gateway address of the switch.
AT-GS950/10PS Switch Web Interface Use r’s Guide 31 System Default Gateway - Displays the default gateway of the switch. To change the default g ateway, enter a new gateway. When DHCP is enabled, you can not change this parameter. DHCP Mode - For information about setting this parameter, refer to “DHCP Client Configuration” on page 45.
Chapter 2: System Configur ation 32 IP Access List Configuration When the IP Access List feature is enabled, remo te access to the AT-S110 management software is restricted to the IP addresse s entered into the IP Access List.
AT-GS950/10PS Switch Web Interface Use r’s Guide 33 5. From the IP Restriction Status field, select one of the following choices from the pull-down menu: Enable - This selection restricts the access to the AT-S110 management software to the IP addresses in the table listed under Accessible IP .
Chapter 2: System Configur ation 34 User Name and Password Configuration Password protection is always en abled for access to the AT-S110 Management software. This section explains how to create new users names and passwords and how to modify or delete existing users for the web interface.
AT-GS950/10PS Switch Web Interface Use r’s Guide 35 4. To add a password that correspon ds to the user name entered in step 3, enter a password of up to 12 alp hanumeric characters in the box next to the Password field. The Password field is case sensitive.
Chapter 2: System Configur ation 36 Delete User Name and Password To delete a user name that you have p reviously added, perform the following procedure. 1. From the main menu on the left side of the page, click the System folder. The System folder expands.
AT-GS950/10PS Switch Web Interface Use r’s Guide 37 User Interface Configuration This procedure explains how to enabl e and disable the user interfaces on the switch.
Chapter 2: System Configur ation 38 Note See Chapter 20, “Simple Network Management Protocol SNMPv1 and v2c” on page 263 and Chapter 21, “Simple Network Management Protocol SNMPv3” on page 273 to configure the remaining SNMP parameters. 4. Click Apply located under the Web Server Status Enable/Disable field.
AT-GS950/10PS Switch Web Interface Use r’s Guide 39 System Time The procedures in this section describ e how to configure th e system time by manually entering the time or throu gh SNTP and how to configure the daylight savings time feature.
Chapter 2: System Configur ation 40 4. In the Local Time Settings section, set the Date Setting (YYYY:MM:DD) to the current date in the YYYY:MM:DD format. 5. In the Local Time Settings section, set the Tim e Settings (HH:MM:SS) to the current time in the HH:MM:SS format.
AT-GS950/10PS Switch Web Interface Use r’s Guide 41 Setting Daylight Savings Parameters If you want to configure the switch for d aylight savings time, perform the following procedure: 1. From the main menu on the left side of t he page, click the System folder.
Chapter 2: System Configur ation 42 SSL Settings The AT-GS950/10PS switch has a web browser server for remote management of the unit with a web browser application from management workstations on your network. By default, the server operate s in a non-secure HTTP mode and can be co nfigured to communicate in a secure HTTPS mode with SSL protocol.
AT-GS950/10PS Switch Web Interface Use r’s Guide 43 4. Click Apply . The SSL setting that yo u have selected is now active. 5. From the main menu on the left side of t he page, select Save Configuration to Flash to perman ently save your changes.
Chapter 2: System Configur ation 44 DHCP and ATI Web Discovery Tool The AT-GS950/10PS Gigabit Ethernet Smart switch is manage d through a web browser interface only.
AT-GS950/10PS Switch Web Interface Use r’s Guide 45 DHCP Client Configuration This procedure explains how to activa te and deactivate the DHCP clie nt on the AT-GS950/10PS switch. When the client is activa ted, the switch obtains its IP configurat ion including an IP address a nd subnet mask from a DHCP server on your network.
Chapter 2: System Configur ation 46 Note The ATI Web Discovery Tool is available for down load on the AT- GS950/10PS product page at alliedtelesis.c om . 6. Follow the procedure to log on with the new IP address provided by the DHCP Server as described in “Establishing a Remote Connection to the Web Bro wser Interface” on p age 20.
AT-GS950/10PS Switch Web Interface Use r’s Guide 47 DHCP Auto Configuration If you need to automatically update the swit ch’s configuration files via a remote server, the DHCP Auto Configur ation feature is available for this purpose via the DHCP server.
Chapter 2: System Configur ation 48 System Information Display The Switch Information page is initially displayed when you first log into the AT-GS950/10PS switch. It provides general info rmation about the switch. To view this information, perform th e following procedure: 1.
AT-GS950/10PS Switch Web Interface Use r’s Guide 49 Administration Information Section: Switch Name - This paramet er displays the name assigned to the switch. To assign the switch a name, refer to “System Management Information” on page 28. Switch Location - This p arameter displays the location of the switch.
Chapter 2: System Configur ation 50 System Log Configuration The System log is designed to monitor the operation the AT-GS950/10PS switch by recording the event messages it genera tes during normal operation. These events may provide vital infor mation about system activity that can help in th e iden tification and solutions of system problems.
AT-GS950/10PS Switch Web Interface Use r’s Guide 51 3. From the Syslog Status field, select one of the following choices from the pull-down menu: Enable - The System log is active.
Chapter 2: System Configur ation 52.
53 Section II Bridge Configuration This section contains t he following chapters: Chapter 3, “Port Configur ation” on page 55 Chapter 4, “STP and RSTP” on p age 61 Chapter 5, “Mu.
54.
55 Chapter 3 Port Configuration This chapter provides a description of the physical characteristics of the ports and a procedure that explains how to view and change the port settings.
Chapter 3: Port Confi guration 56 Overview This chapter describes how to disp lay and modify the physical characteristics of an AT-GS950/10PS switch. You can display and modify the settings of all the ports on one web page.
AT-GS950/10PS Switch Web Interface Use r’s Guide 57 Displaying and Configuring Ports This procedure explains how to configure the ports on the AT-GS950/10PS switch using the Port Configuration Page. This page allows you to view and configur e the pa rameter settings of individual or all the switch ports at one time.
Chapter 3: Port Confi guration 58 for the SFP ports (9 and 10) for copper or fiber SFP type. Link Status - This parameter indicates the status of the link between the port and the end node conne cted to the port. The possible values are: Up -This parameter i Indicates a valid link exists between the port and the end node.
AT-GS950/10PS Switch Web Interface Use r’s Guide 59 settings for the port. You can use this paramet er to set the speed and duplex mode of a port. The possible se ttings are: Ignore -This parameter i Indicates that t he All setting does not apply to the Mode field.
Chapter 3: Port Confi guration 60 notify the end node to stop transmitting for a specified period of time. The possible values are: Ignore - This paramete r indicates that the All setting does not apply to the Flow Control field. In other words, each port is set individually.
61 Chapter 4 STP and RSTP This chapter provides background in formation about the Spanning Tree Protocol (STP) and the Rapid Spanning Tree Protocol (RSTP).
Chapter 4: STP and RSTP 62 Overview The performance of a Ethernet network can be negatively impacted by the formation of a data loop in the network topolog y. A data loop exists when two or more nodes on a network can tran smit data to each other over more than one data path.
AT-GS950/10PS Switch Web Interface Use r’s Guide 63 Bridge Priority and the Root Bridge The first task that bridges perform wh en a spanning tree protocol is activated on a network is the selection of a root bridge .
Chapter 4: STP and RSTP 64 Path Costs and Port Costs After the root bridge has been selected, t he bridges determine if the network contains redundant paths and, if one is found, select a preferred path while placing the redundant paths in a backup or blocking state.
AT-GS950/10PS Switch Web Interface Use r’s Guide 65 . Forwarding Delay and Topology Changes If there is a change in the networ k topology due to a failure, removal, or addition of any active components, th e active topology also changes. T his may trigger a change in the state of some blocked p orts.
Chapter 4: STP and RSTP 66 The forwarding delay value is a djustable in the AT-S110 Management software. The appropriate value for this parame ter depends on a number of variables; the size of your network is a primary factor.
AT-GS950/10PS Switch Web Interface Use r’s Guide 67 Figure 17. Point-to-Point Ports A port operates as an edge port when it is connected to a network terminal device such as a workstation or a server.
Chapter 4: STP and RSTP 68 Spanning Tree and VLANs The spanning tree implementation in the AT-S1 10 Management software can be a single-instance spanning tree as d escribed in this chapter. If you choose to define multiple spanning tre es on this switch, go to Chapter 5, “Multiple Spanning Tree Protocol” on page 79.
AT-GS950/10PS Switch Web Interface Use r’s Guide 69 Figure 20. STP and VLAN Compatibility with Tagged Ports Note For information about tagged and untagged ports, refer to Chapter 13, “VLAN Overview” on pag e 150.
Chapter 4: STP and RSTP 70 Basic STP and RSTP Configuration To configure the basic STP and RSTP settings, perform the following procedure: 1. From the main menu on the left side of the page, select Bridge . The Bridge folder expands. 2. From the Bridge folder, select the Spanning Tree folder.
AT-GS950/10PS Switch Web Interface Use r’s Guide 71 The RSTP Configuration p age allows you to configure basic STP (STP-Compatible) or RSTP protocols as we ll as to view current settings of the feature.
Chapter 4: STP and RSTP 72 The following parameters refer to the designate d root bridge. You cannot change these fields. Designated Root - This paramet er includes two fields: the root bridge priority and the MAC add ress of the root bridge.
AT-GS950/10PS Switch Web Interface Use r’s Guide 73 Configure RSTP Port Settings This section contains the following topics: “Configure the Basic RSTP Port Settings,” next “Configure t.
Chapter 4: STP and RSTP 74 sent or received on a the port except for BPDU data. A po rt with a higher path cost to the root bridge than an other on the switch will cause a switching loop and is placed in the blocking state by the Spanning Tree algorithm.
AT-GS950/10PS Switch Web Interface Use r’s Guide 75 Enable - The spanning tree protocol (both RSTP or STP- Compatible) is enabled on the po rt. Disabled - The spanning tree proto col (both RSTP or STP- Compatible) is disabled on th e port. Priority - Indicates the port priority.
Chapter 4: STP and RSTP 76 This page displays the follo wing information about the port s: Port - Indicates ports 1 through 10 on the AT-GS950/10PS switch. You can select the All ro w to apply the same setting to all ports of your switch for the AdminOperEdge , Admin/Ope rPtoP , and Migration fields.
AT-GS950/10PS Switch Web Interface Use r’s Guide 77 this port receives root path cost information that is g reater than the root port's path cost and less than any other port's received information, then this port becomes the designate d port.
Chapter 4: STP and RSTP 78 Spanning Tree Topology To view the current spanning tree topolo gy, perform the following procedure: 1. From the main menu on the left side of the page, select Bridge . This folder expands. 2. From the Bridge folder, select the Spanning Tree folder.
79 Chapter 5 Multiple Spanning T r ee Pr otocol This chapter provides the procedures for co nfiguring Multiple Spanning Tree Protocol (MSTP). You can find an overview and configuration guidelines for this feature in “MSTP Overview” on page 349 .
Chapter 5: Multiple Spanning Tree Protocol 80 Multiple Spanning Tree Configuration To configure the MSTP setting s, perform the following procedure: 1. From the main menu on the left side of the page, select Bridge . The Bridge folder expands. 2. From the Bridge folder, select the Spanning Tree folder.
AT-GS950/10PS Switch Web Interface Use r’s Guide 81 following parameters: Global MSTP Status - Set this field to Enable or Disable the MSTP feature on the switch. The Global MSTP Statu s must be set to Enable before the other MSTP con figuration parameters can be set.
Chapter 5: Multiple Spanning Tree Protocol 82 Forward Delay - The Forward Delay defines the time that the bridge spends in the listening an d learning states. Its range is 4 - 30 seconds. Maximum Hop Count - The Maximum Hop Count is a parameter set in a BPDU packet when it originates.
AT-GS950/10PS Switch Web Interface Use r’s Guide 83 Port Configuration To configure the MSTP parameters for each of t he ports, perform the following procedure: 1. From the main menu on the left side of t he page, select Bridge . The Bridge folder expands.
Chapter 5: Multiple Spanning Tree Protocol 84 ForcedTrue - The port is connected to a networ k device in the network t opology . ForcedFalse - The port is not connected to a network device in the network topology. Auto - The switch will automatically determine the port type.
AT-GS950/10PS Switch Web Interface Use r’s Guide 85 Restricted TCN - The Restricted TCN parameter does not allow Topology Change Notification (TCN) BPDUs to be processed on the port. True - The port cannot process receive/transmit TCN BPDUs. False - The port can process receive /transmit TCN BPDU packets.
Chapter 5: Multiple Spanning Tree Protocol 86 VLAN Mapping You can create, modify and dele te MSTP settings with the procedures in the following sections: ”Open MSTP VLAN Mapping Page” ”Create VLAN Mapping to MST Instance”. “Modify MST Instance” on page 87.
AT-GS950/10PS Switch Web Interface Use r’s Guide 87 5. From the main menu on the left side of t he page, select Save Configuration to Flash to perman ently save your changes. Modify MST Instance If you wish to modify a MST Instance, you must first delete the instance and then redefine it.
Chapter 5: Multiple Spanning Tree Protocol 88 Port Settings To configure the MSTP port settings, perform the following procedure: 1. From the main menu on the left side of the page, select Bridge . The Bridge folder expands. 2. From the Bridge folder, select the Spanning Tree folder.
AT-GS950/10PS Switch Web Interface Use r’s Guide 89 6. If you choose to change the MSTP port settings for other ports, repeat steps 4 and 5. 7. From the main menu on the left side of t he page, select Save Configuration to Flash to perman ently save your changes.
Chapter 5: Multiple Spanning Tree Protocol 90 Topology Information To configure the MSTP port settings, perform the following procedure: 1. From the main menu on the left side of the page, select Bridge . The Bridge folder expands. 2. From the Bridge folder, select the Spanning Tree folder.
AT-GS950/10PS Switch Web Interface Use r’s Guide 91 Regional Root - The root bridge of the MST instance. Regional Root Priority - The priority of the re gional root port. Regional Path Cost - The path cost from the regional root port to the regional root bridge.
Chapter 5: Multiple Spanning Tree Protocol 92.
93 Chapter 6 S tatic Port T runking This chapter contains a description of port trunkin g and the procedures for creating, modifying, and deleting a static por t trunk.
Chapter 6: St atic Port Trunking 94 Overview A port trunk is an economical wa y for you to increase the bandwid th between the Ethernet switch and another ne tworking device, such as a network server, router, workstation, or another Ethernet switch. A port trunk is a group of ports that have been grouped together to function as one logical path.
AT-GS950/10PS Switch Web Interface Use r’s Guide 95 Network equipment vendors tend to employ different techniques to implement static trunks. Consequen tly, a static trunk on one device may be incompatible with the same fe ature on a device from a different manufacturer.
Chapter 6: St atic Port Trunking 96 A port can belong to only one static t runk at a time. The ports of a static trunk can be co nfigured to be members of more than one VLAN. The ports of a static trunk can be either un tagged or untagged members of the same VLAN.
AT-GS950/10PS Switch Web Interface Use r’s Guide 97 Create a Port Trunk This procedure explains how to create a static p ort trunk. Caution Do not connect the cables of a port trunk to the ports on the switch until you have configured the ports on both the switch and the end nodes.
Chapter 6: St atic Port Trunking 98 A check in a box indicates the port is a member of the trunk. No check means the port is not a member . A port trunk can contain up to eight ports.
AT-GS950/10PS Switch Web Interface Use r’s Guide 99 Modify a Port Trunk This procedure explains how to change the status of a p ort trunk and add or remove ports from a port trunk. Caution Before you disable or modify a port trunk, disconnect all of the cables from the ports of the trunk.
Chapter 6: St atic Port Trunking 100 9. Configure the port trunk on the other switch with the same parameters. 10. Connect the Ethernet cable s between trunk ports on the AT-GS950/ 10PS switch and the trunk ports on the other switch.
AT-GS950/10PS Switch Web Interface Use r’s Guide 101 Disable a Port Trunk This procedure explains how to disable a port trunk. Caution Before you disable or modify a port trunk, disconnect all of the cables from the ports of the trunk. Leaving th e cables connected during the reconfiguration of a trunk can create loops in your network topology.
Chapter 6: St atic Port Trunking 102.
AT-GS950/10PS Switch Web Interface Use r’s Guide 103 Chapter 7 LACP Port T runks This chapter contains ov erview information about LACP port tru nks and the procedures for setting this feature.
Chapter 7: LACP Port Trunks 104 Overview LACP (Link Aggregation Control Protocol) port t runks perform the same function as static trunks. They increase the bandwidth between network devices by distributing the traffic load over multiple physical links.
AT-GS950/10PS Switch Web Interface Use r’s Guide 105 System Priority It is possible for two devices interconnected by an aggregate trunk to encounter a conflict when they form the trunk.
Chapter 7: LACP Port Trunks 106 Port Priority Value The switch uses a port’s LACP priority to determine which ports are active and which are in the standby mode in situations where the number of ports in the aggregate trunk exce eds the highest allowed number of active ports.
AT-GS950/10PS Switch Web Interface Use r’s Guide 107 General Guidelines The following guidelines apply wh en creating aggregators: LACP must be activated on both the AT-GS950/10PS switch and its partner device. The other device must be 802.3ad-comp liant.
Chapter 7: LACP Port Trunks 108 unknown destination. Prior to creating an aggregate trunk b etween an Allied Telesis device and another vendor’s device, refer to the vendor’s documentation to determine the maximum number of active ports the device can support in a trunk.
AT-GS950/10PS Switch Web Interface Use r’s Guide 109 Group Status To display the LACP Group Status, perform the fo llowing procedure: 1. Select the Bridge folder. The Bridge folder expands. 2. From the Bridge folder , select the Trunk Config folder.
Chapter 7: LACP Port Trunks 110 The System Priority is a preassigned value that you cannot alter . This value applies to the switch. Se e “System Priority” on pag e 105. The System ID is a MAC address value assigned to the individual switch. Y ou cannot change this value.
AT-GS950/10PS Switch Web Interface Use r’s Guide 111 Figure 34. LACP Group Status Page with Thre e Cables Connected Y ou can now see that each port has been grouped under a single aggregator since the port s are now in a Link-Up status.
Chapter 7: LACP Port Trunks 112 Port Priority Configuration To select a priority for an LACP port, perform the following procedure: 1. Select the Bridge folder. The Bridge folder expands. 2. From the Bridge folder , select the Trunk Config folder. The Trunk Config folder expands.
113 Chapter 8 Port Mirr oring This chapter describes the Port Mirroring feature and the procedure for setting up port mirroring. Port mirroring allows yo u to unobtrusively monitor the ingress and egress traffic on a port by having the traffic copied to another port.
Chapter 8: Po rt Mirroring 114 Overview The port mirroring feature allows you to unobtru sively monitor the traffic received and transmitted on one or more po rts by copying the traffic to another switch port.
AT-GS950/10PS Switch Web Interface Use r’s Guide 115 Port Mirroring Configuration To configure Port Mirroring, perform the following p rocedure: 1. Select the Bridge folder . The Bridge folder expands. 2. From the Bridge folder , select Mirroring . The Mirroring Page is displayed.
Chapter 8: Po rt Mirroring 116 7. From the main menu on the left side of the page, select Save Configuration to Flash to permanent ly save your changes.
AT-GS950/10PS Switch Web Interface Use r’s Guide 117 Disable Port Mirroring To disable Port Mirroring , perform the following procedure: 1. Select the Bridge folder . The Bridge folder expands. 2. From the Bridge folder , select Mirroring . The Mirroring page is shown in Figure 36 on pag e 115.
Chapter 8: Po rt Mirroring 118.
119 Chapter 9 Loopback Pr otection This chapter explains how to configure the Loopback Protection feature for specific ports on the AT-GS950/10PS switch. If th e Tx and Rx pairs on the same port are connected, then this feature detects this condition and disables the port for a pre-configure d amount of time.
Chapter 9: Loopbac k Protection 120 Configuration To configure the Loopback De tection feature, perform the following procedure: 1. From the main menu on the left side of the page, select Bridge . The Bridge folder exp ands. 2. From the Bridge folder, select Loopback Detection .
AT-GS950/10PS Switch Web Interface Use r’s Guide 121 4. Under the Loopback Detection Global Settings , configure the following parameters: Interval: This parameter sets the interval of time that the ports are tested. The range is 1 to 32767 seconds.
Chapter 9: Loopbac k Protection 122 Status The status of the Loopback Detection is given in t he Loop Status column of the table at the bottom of the Loop back Detection page. See Fig ure 37 on page 120. The status is one of the follo wing states: Normal: This status indicates that the port does not have the Tx to Rx pairs connected .
123 Chapter 10 MAC Addr ess T able This chapter provides a description of the static multicast MAC address feature and the procedure for configuring it.
Chapter 10: MAC Address Table 124 Overview The AT-GS950/10PS switch has a MAC address table with a st orage capacity of up to 8,000 entries. The table stores the MAC addresses of the network nodes connected to its ports and the port number where each address is learned.
AT-GS950/10PS Switch Web Interface Use r’s Guide 125 predefined ports entered in the MAC table withou t any configuration delays or loss of data..
Chapter 10: MAC Address Table 126 Static Unicast MAC Address Configuration This procedure explains how to set t he static multicast f eature for each port on the AT-GS950/10PS switch. Before beginning this procedure, you must create either an 802.1Q VLAN ID or a Port-Based VLAN Index.
AT-GS950/10PS Switch Web Interface Use r’s Guide 127 Note An error message is generated when you enter a VLAN ID or VLAN Index which is not been defined or when you enter a VLAN ID or VLAN Index without also clicking on the respective radio button. 4.
Chapter 10: MAC Address Table 128 Modify Static Unicast Address To modify the port assignment of a unicast MAC address in the MAC address table, perform the following pro cedure: 1. From the main menu on the left side of the page, select the Bridge folder.
AT-GS950/10PS Switch Web Interface Use r’s Guide 129 Delete Static Unicast Address To delete a unicast MAC address from the MAC addre ss table, perform the following procedure: 1. From the main menu on the left side of t he page, select the Bridge folder.
Chapter 10: MAC Address Table 130 Static Multicast Address Configuration This procedure explains how to set t he static multicast f eature for each port on the AT-GS950/10PS switch. Before beginning this procedure, you must create an 802.1Q VLAN ID or a Port-Based VLAN Index .
AT-GS950/10PS Switch Web Interface Use r’s Guide 131 Note An error message is generated when you enter a VLAN ID or VLAN Index which is not been defined or when you enter a VLAN ID or VLAN Index without also clicking on the respective radio button. 4.
Chapter 10: MAC Address Table 132 7. From the main menu on the left side of the page, select Save Configuration to Flash to permanent ly save your changes.
AT-GS950/10PS Switch Web Interface Use r’s Guide 133 Modify Static Multicast Address To modify the port assignment of a mu lticast MAC address in the MAC address table, perform the following procedure: 1. From the main menu on the left side of t he page, select the Bridge folder.
Chapter 10: MAC Address Table 134 Delete Static Multicast Address To delete a multicast MAC address from the MAC address table, perform the following procedure: 1. From the main menu on the left side of the page, select the Bri dge folder. 1. From the Bridge folder, select Static Multicast .
135 Chapter 11 IGMP Snooping This chapter contains a description of th e IGMP Snooping procedure as well as procedures for working with IGMP Snooping in the web int erface.
Chapter 11: IGMP Snoopin g 136 Overview IGMP enables IPv4 routers to create lists of no des that are members of multicast groups. (A group of end nodes that receive multicast packets from a multicast application is defined as a multicast group.
AT-GS950/10PS Switch Web Interface Use r’s Guide 137 Without IGMP snooping, a switch floods multicast packets from all of its ports, except the port on which it received the packet. Su ch flooding of packets can negatively im pact network performance.
Chapter 11: IGMP Snoopin g 138 IGMP Snooping Configuration This procedure explains how to set IGMP snoo ping and IGMP Snooping Querier on the switch and set the IGMP Snooping (V1) a ge-out timer. To configure IGMP snooping, perform t he following procedure: 1.
AT-GS950/10PS Switch Web Interface Use r’s Guide 139 9. The IGMP Snooping Page is updated with active Multicast Group address. See Figure 45. Note The Multicast Group Address table conta ins MAC addresses of nodes that are active members o f multicast groups.
Chapter 11: IGMP Snoopin g 140.
141 Chapter 12 S torm Contr ol This chapter contains a description and configuration proced ures for the Storm Control (bandwidth) feature. The following topics are discussed: “Overview” on pa.
Chapter 12: Storm Co ntrol 142 Overview The features available in the AT-S110 Ma nagement Software allow you to limit Ethernet traffic within you r switch based on specific criteria. You can use Storm Control to limit the bandwi dth o f various types of Ethernet packets.
AT-GS950/10PS Switch Web Interface Use r’s Guide 143 Ingress Rate Limiting The Ingress Rate Limiting feature rest ricts the traffic to a pre-configured data rate that can flow into a port. This dat a rate limit can be configured in 64 Kbps increments within a ra nge from 64 Kbps to 1000 Mbps.
Chapter 12: Storm Co ntrol 144 Configuration This procedure explains how to se t DLF, broadcast, mu lticast, and threshold levels for each port on the AT-GS950/10PS switch. To change the settings of the storm contro l feature, perform the following procedure: 1.
AT-GS950/10PS Switch Web Interface Use r’s Guide 145 Note For more information, see the Broadc ast setting definition in“Overview” on page 142. 7. Click Apply . 8. To enable or disable ingress and egress Multicast packets, se lect Enable or Disable from the Multicast pull-down menu next to the port that you want to change.
Chapter 12: Storm Co ntrol 146 Ingress Rate Limiting This procedure explains how to set Bandwidth levels and Status for Ingress Rate Limiting on each port of t he AT-GS950/10PS switch. To change the settings of the in gress rate limiting feature, perform t he following procedure: 1.
AT-GS950/10PS Switch Web Interface Use r’s Guide 147 7. From the main menu on the left side of t he page, select Save Configuration to Flash to perman ently save your changes.
Chapter 12: Storm Co ntrol 148 Egress Rate Limiting This procedure explains how to set Bandwidth levels and Status for Egress Rate Limiting on each port of the AT-GS950/10PS switch. To change the settings of the egr ess rate limiting feature, perform the following procedure: 1.
149 Chapter 13 V irtual LANs This chapter contains a description of Virtual L ocal Area Networks (VLANs) and the procedures for creating, modifying , and deleting both port-based and tagged VLANs.
Chapter 13: Virtual LANs 150 VLAN Overview A virtual LAN or VL AN is a group of ports on an Ethernet switch tha t form a logical Ethernet segmen t via the AT-S110 Management software. The ports of a VLAN form an independent traffic domain where th e traffic generated by the nodes of a VLAN remains within th e VLAN.
AT-GS950/10PS Switch Web Interface Use r’s Guide 151 With VLANS, you can reconfigure the LAN segment assignment of an end node connected to the A T -GS950/10PS switch’s management software.
Chapter 13: Virtual LANs 152 Each port of a port-based VL AN can belong to as many VLANs as needed. Therefore, traffic can be forwarded to the members of the groups to which the po rt is assigned. For example, port 1 and p ort 2 are members of group 1 and ports 1 and 3 are members of grou p 2.
AT-GS950/10PS Switch Web Interface Use r’s Guide 153 VLAN Index You must assign a u nique number to e ach tagged VLAN in a n etwork. This number is called the tagged VLAN ID. Th is number uniquely identifies a tagged VLAN in the AT-GS950/10PS switch and across the network.
Chapter 13: Virtual LANs 154 associates a received untagged packet to the VLAN ID that matches the PVID assigned to the port and the p ack et is only forwarded to those ports that are members.
AT-GS950/10PS Switch Web Interface Use r’s Guide 155 Assign Ports to a VLAN Mode The procedure described in this sect ion allows you to assign ports to tagged or a port-based VLAN. In addition, it permits you to display the current VLAN assignment of ports.
Chapter 13: Virtual LANs 156 6. If you want to restore the port assig nment before saving the configuration, click Restore . Note Once the VLAN assignment has be en saved by clicking first on the Apply button and then saving the configuration, the Restore button will not be active for those port assignments.
AT-GS950/10PS Switch Web Interface Use r’s Guide 157 Tagged VLAN Configuration On a port, the tag information within a frame is examined when it is received to determine if the frame is qualifie d as a member of a specific tagged VLAN. If it is, it is eligible to be switched to other member port s of the same VLAN.
Chapter 13: Virtual LANs 158 4. To assign a VLAN ID, type a VLAN ID in the VLAN ID field. The range for this field is 2 to 4,000. You can create a maximum of 255 tagged VLANs. 5. To assign a name to the VLAN, type a uniqu e name in the VLAN Name field.
AT-GS950/10PS Switch Web Interface Use r’s Guide 159 2. From the Bridge folder, select VLAN . The VLAN folder expan ds. 3. From the VLAN fo lder, select Tagged VLAN . An example of a tagged VLAN (Index 2, Sa les VLAN) is shown in the table at the bottom of Fig ure 51 on page 159.
Chapter 13: Virtual LANs 160 5. You cannot modify the VLAN ID on this web page. If you wa nt to delete the VLAN ID, go to “Delete a Tagged VLAN” on page 160 fo r more information. 6. To change the VLAN Name, type a new VLAN Name in t he VLAN Name field.
AT-GS950/10PS Switch Web Interface Use r’s Guide 161 3. From the VLAN fo lder, select Tagged VLAN . An example of the Tagged VLAN Page is sho wn in Figure 52 on page 159. 4. In the VLAN Action column, select Delete next to the VLAN that yo u want to delete.
Chapter 13: Virtual LANs 162 Tagged VLAN Port Settings To configure a VLAN port that is a member of a Tagge d VLAN, perform the following procedure: 1. From the main menu on the left side of the page, select Bridge . The Bridge folder expands. 2. From the Bridge folder, select VLAN .
AT-GS950/10PS Switch Web Interface Use r’s Guide 163 Disable - This disables Ingress Filtering at the selected p ort. 6. Click Apply . The port configuration becomes effective. 7. If you need to configure other ports of the switch for the VLAN Por t Settings, repeat steps 4 through 7.
Chapter 13: Virtual LANs 164 Port-Based VLAN Configuration A port-based VLAN is a group of ports on the switch tha t form a logical Ethernet segment. This type of VLAN is ind ependent of the header information including VLAN ta gs in a frame.
AT-GS950/10PS Switch Web Interface Use r’s Guide 165 6. To assign ports to the VLAN, click on the p ort numbers labeled Group Member. 7. Click Apply . 8. From the main menu on the left side of t he page, select Save Configuration to Flash to perman ently save your changes.
Chapter 13: Virtual LANs 166 3. From the VLAN folder, select Port-Based VLAN . The Port-Based VLAN Page is shown in Figure 54 on page 164 . 4. In the VLAN Action column, click Delete ne xt to the VLAN that you want to delete. A confirmation prompt is displayed.
167 Chapter 14 GVRP This chapter contains the following sections: “Overview and Guidelines” on page 168 “General Configuration” on page 169 “Port Settings” on page 170 “T.
Chapter 14: GVRP 168 Overview and Guidelines The GARP VLAN Registration Protocol (GVRP) allows network devices to share VLAN information and to use the information to modif y existing VLANs or create new VLANs, automatically. This makes it easie r to manage VLANs that span more than one switch.
AT-GS950/10PS Switch Web Interface Use r’s Guide 169 General Configuration Perform the following procedure to enable or disab le GVRP: 1. From the main menu on the left side of t he page, select Bridge . The Bridge folder expands. 2. From the Bridge folder, select GVRP .
Chapter 14: GVRP 170 Port Settings Perform the following procedure to co nfigure the GVRP port settings: 1. From the main menu on the left side of the page, select Bridge . The Bridge folder expands. 2. From the Bridge folder, select GVRP . The GVRP folder expands.
AT-GS950/10PS Switch Web Interface Use r’s Guide 171 port row selected. Disable - The Restricted VLAN Reg istration is de-active for the port row selected. 5. Once you have configured the parameters, click Apply for the affected port. 6. If you want to configure GVRP for other p orts, repeat steps 4 and 5.
Chapter 14: GVRP 172 Time Settings Perform the following procedure to co nfigure the GVRP port settings: 1. From the main menu on the left side of the page, select Bridge . The Bridge folder expands. 2. From the Bridge folder, select GVRP . The GVRP folder expands.
AT-GS950/10PS Switch Web Interface Use r’s Guide 173 GarpLeaveAllTime - This parameter is the GARP Leave Timer.Its range si 30 - 2147483630 milli-seconds.
Chapter 14: GVRP 174.
175 Chapter 15 Quality of Service and Cost of Service This chapter provides descriptions of both the Quality of Service (QoS) and Cost of Service (CoS) features.
Chapter 15: Quali ty of Service and Cost of Service 176 Overview When a port on an Ethernet switch beco mes oversubscribed, its egress queues contain more packets than the po rt can handle in a timely manner.
AT-GS950/10PS Switch Web Interface Use r’s Guide 177 Egress Queue vs Packet Priority Mapping Each port has four egress queues, labeled Q0, Q1, Q2 , and Q3. Q0 is the lowest priority queue and Q3 is the highest. A packet in a high priority egress queue is typically transmitted s ooner than a packet in a low p riority queue.
Chapter 15: Quali ty of Service and Cost of Service 178 The procedure for changing the default mappings is found in “Associate Ports to CoS Priorities” on page 182. Note that because all ports must use the same priority-to-egress queue m appings, these mappings are applied at the switch level.
AT-GS950/10PS Switch Web Interface Use r’s Guide 179 The problem with this meth od is that some low priority packets might never be transmitted from the switch because the algorithm migh t never have time to process the packets waiting in the lower p riority queues.
Chapter 15: Quali ty of Service and Cost of Service 180 Mapping CoS Priorities to Egress Queues Before mapping the CoS priorities and the egress queues, you must disable the Jumbo frame parameter on ea ch port. See the Jumbo parameter definition in “Displaying and Con figuring Ports” on page 57.
AT-GS950/10PS Switch Web Interface Use r’s Guide 181 4. For each Traffic Class whose queue you want to change, click on the Queue (0, 1, 2, or 3) radio button tha t applies to your configuration. 5. After you have completed this mapping process, select Enable in the QoS Status field, 6.
Chapter 15: Quali ty of Service and Cost of Service 182 Associate Ports to CoS Priorities The Port Priority values is assigned to an untagged fra me at ingress for internal processing in the switch. This procedure explains how to change the default mappings of port priorities to the User Priority.
AT-GS950/10PS Switch Web Interface Use r’s Guide 183 Associate DSCP Classe s to Egress Queues If you choose to use the DSCP tags in your Access Control policy configuration, each DSCP value (0-63) that is releva nt to your configuration needs to be mapped to one of the f our egress queues (0-3).
Chapter 15: Quali ty of Service and Cost of Service 184 5. After you have completed this mapping process, click Ap ply . 6. From the main menu on the left side of the page, select Save Configuration to Flash to permanent ly save your changes.
AT-GS950/10PS Switch Web Interface Use r’s Guide 185 Queue Scheduling Algorithm To change the scheduling a lgorithm for the egress queues, perform the following procedure. 1. From the main menu on the left side of t he page, select Bridge . The Bridge folder expands.
Chapter 15: Quali ty of Service and Cost of Service 186.
187 Section III Advanced Featur es This section contains t he following chapters: Chapter 16, “SNMPv1 and v2c” on p age 189 Chapter 17, “SNMPv3” on pa ge 201 Chapter 18, “Access .
188.
189 Chapter 16 SNMPv1 and v2c This chapter contains a description of SNMPv1 and SNMPv2c and the procedures for configuring with these protocols. This chapter contains the following sections: “SN.
Chapter 16: SNMP v1 and v2c 190 SNMPv1 and SNMPv2c Overview You can manage a switch by viewi ng and configuring the management information base (MIB) objects on th e device with the Simple Network Management Program (SNMP). This chap ter describes how to configure SNMPv1 and SNMPv2c.
AT-GS950/10PS Switch Web Interface Use r’s Guide 191 Trap Receiver Attributes A trap is a message sent by the agent to one or more managers to indicate the occurrence of a particular event on the device. The re are numerous events that can trigger a trap.
Chapter 16: SNMP v1 and v2c 192 Activate SNMP Interface The SNMP interface is activated b y default. If you want to de-activate it or re-activate it, go to “User Interface Configuration” on pa ge 37.
AT-GS950/10PS Switch Web Interface Use r’s Guide 193 SNMPv1 and SNMPv2c Us er and Group Names SNMPv1 and SNMPv2c User Name and Group Name definitio ns is the basis for creating SNMP communities.
Chapter 16: SNMP v1 and v2c 194 Note If you choose to use the default User a nd Group Names (ReadOnly and ReadWrite) that are already d isplayed in the table, p roceed to step 7 below. 3. Type a new User Name . Enter a name up to 3 1 characters in leng th.
AT-GS950/10PS Switch Web Interface Use r’s Guide 195 To create a new entry in this table, see “Creat e User and Group Names” on page 193. Delete User and Group Name s This procedure explains how to delete an entry on th e SNMP User/Group page. 1.
Chapter 16: SNMP v1 and v2c 196 SNMP Community Strings A community string has attributes fo r controlling who can use the string and what the string will allow a network management station to do on the switch. The AT-S110 Management Software does not provide any defau lt community strings.
AT-GS950/10PS Switch Web Interface Use r’s Guide 197 5. Click Add . The values of the new Community Name and User Name are displayed. See Figure 66 for an example. Figure 66. SNMP Commu nity Table Page Example 6. From the main menu on the left side of t he page, select Save Configuration to Flash to perman ently save your changes.
Chapter 16: SNMP v1 and v2c 198 SNMP Traps A Host IP address is used to spec ify a management device that needs to receive SNMP traps sent by th e switch. This IP ad dress is associated with the SNMP Version and a valid Community Name in the Host table of the switch.
AT-GS950/10PS Switch Web Interface Use r’s Guide 199 Note The Community Na me must correlate with one of the communities displayed on the SNMP Community Table pa ge. See “SNMP Community Strings” on page 196. If you enter a Community Name that has not been pre-defined, the Trap Host entry is displayed, but agent/manager communication fails.
Chapter 16: SNMP v1 and v2c 200 4. To delete an entry in the host table, click Delete next to the entry in the table that you want to remove. The Host table entry is removed from the table. No confirmation message is displayed. 5. From the main menu on the left side of the page, select Save Configuration to Flash to permanent ly save your changes.
201 Chapter 17 SNMPv3 This chapter contains a description of SNMPv3 and the procedures for configuring this protocol. This chapter contains t he following sections: “Overview” on page 202 .
Chapter 17: SNMP v3 202 Overview The SNMPv3 protocol builds on the existing SNMPv1 and SNMPv2c protocol implementation wh ich is described in Chapter 16 on pag e 189. In SNMPv3, User-based Security Model (USM) authentication is implemented along with encryption , allowing you to configure a secure SNMP environment.
AT-GS950/10PS Switch Web Interface Use r’s Guide 203 this configuration for someone with super-user capabilities. SNMPv3 Privacy Protocol After you have configured an authentic ation protocol, you have the option of assigning a privacy protocol if yo u have the encrypted version of the AT-S110 Management software.
Chapter 17: SNMP v3 204 In addition, you can define a MIB view that th e user can access or a MIB view that the user cann ot access. When you want to permit a user to access a MIB view, you include a particular view. When you want to deny a user access to a MIB view, you exclude a particular view.
AT-GS950/10PS Switch Web Interface Use r’s Guide 205 5. Finally, the traps can be defined on the Tr ap Management page based on the Community or User Name. See Figure 70 for an illustration of ho w the user configuration tables a re linked. Figure 70.
Chapter 17: SNMP v3 206 SNMPv3 User and Group Names An SNMPv3 User Name and Group Name definition is the basis for all the other SNMPv3 tables. You can create and delete View Names by following the pr.
AT-GS950/10PS Switch Web Interface Use r’s Guide 207 8. Enter the password for the Auth-Protocol. 9. Select one of the following choice s for the Priv-Protocol field: DES : Specifies DES encryption scrambles the SNMP data so that outside observers are preve nted from seeing the data content.
Chapter 17: SNMP v3 208 folder. The SNMP folder exp ands. 2. From the SNMP folder , select SNMP User/Group . The SNMP User/Group Page is displayed. See Figure 63 on pa ge 193. 3. In the Action column of the table, click Delete for the User Name and Group Name that you want to remove.
AT-GS950/10PS Switch Web Interface Use r’s Guide 209 SNMPv3 View Names The SNMPv3 View names are defined in the SNMP Group Access table and are based on the User an d Group Names.
Chapter 17: SNMP v3 210 This name is an optional field. It ca n be up to 31 characters in length. 5. Enter the Write View Name . This name is an optional field. It ca n be up to 31 characters in length. 6. Enter the Notify View Name . This name is an optional field.
AT-GS950/10PS Switch Web Interface Use r’s Guide 211 Modifying SNMPv3 View Names If you need to modify an entr y in the SNMP Group Access page, you must first delete the entry and then re-enter it. For information about how to delete an entry in this table, se e “Deleting SNMPv3 View Names” on page 211.
Chapter 17: SNMP v3 212 SNMPv3 View Table The SNMPv3 View table specifies the MIB object access criteria for each View Name. If the View Name is not specified on this page, then it has access to all MIB objects. You can spec ify specific areas of the MIB that can be accessed or denied based on the entries in this table.
AT-GS950/10PS Switch Web Interface Use r’s Guide 213 Included: This selection allows the sp ecified MIB object to be included in the view. Excluded: This selection blocks the vie w of the specified MIB object. 7. Click the Add button. The updated view is displayed in the V iew T able.
Chapter 17: SNMP v3 214 3. From the main menu on the left side of the page, select Save Configuration to Flash to permanent ly save your changes..
AT-GS950/10PS Switch Web Interface Use r’s Guide 215 SNMPv3 Traps The creation, modification and deletion of traps fo r SNMPv3 is identical to the procedure for SNMPv1/v2.
Chapter 17: SNMP v3 216.
217 Chapter 18 Access Contr ol Configuration This chapter contains a description of th e AT-GS950/10PS switch’s Access Control Configuration feature and the proced ures to create, modify, and delete a Access Control c onfiguratio n.
Chapter 18: Access Control Configuration 218 Overview Access Control configuration allows you to cont rol different aspects of the Ethernet traffic as it enters the switch p orts and is process through the switch.
AT-GS950/10PS Switch Web Interface Use r’s Guide 219 Classifier The Create Classifier page allows yo u to specify p acket settings for filtering Ethernet traf fic.
Chapter 18: Access Control Configuration 220 3. Enter a number in th e Classifier Index field. The Classifier Index must be a unique nu mber within the range of 1 - 65535 . Note The Classifier Index is a required parameter when you create a Policy. See “Create Policy” on page 238 for more information.
AT-GS950/10PS Switch Web Interface Use r’s Guide 221 5. Click ADD . The classifier entry is displayed in the t able at the bottom of the page. If you do not see you new entry, you may need to navigate to another page of the table with the First Page , Previous Page , Next Page , an d Last Page buttons located below the table.
Chapter 18: Access Control Configuration 222 2. From the Access Control Config folder , select Classifier . An example of a classifier table entry on the Create Cla ssifier page is displayed in Figure 77. 3. From the Create Classifier page, iden tify which classifier that want to modify and click the Modify link in the Action column.
AT-GS950/10PS Switch Web Interface Use r’s Guide 223 2. From the Access Control Config folder , select Classifier . The Example of Create Classifier page is d isplayed in Figure 77 on page 221. 3. From the Create Classifier page, identify which classifier table entry that want to delete and click the Delete link in the Action column.
Chapter 18: Access Control Configuration 224 Profile Action The Create Profile Action page defines the priority parameters for policing on DSCP (layer 3) and/or class of service (layer 2).
AT-GS950/10PS Switch Web Interface Use r’s Guide 225 3. Enter a number in the Profile Action Index field. The Index must be a unique numbe r ranging from 1 to 72. 4. Enter a number in the Policed DSCP field within the range of 0 to 6 3. This field indicates the DSCP level of in terest.
Chapter 18: Access Control Configuration 226 2. From the Access Control Config folder , select Profile Ac tion . An example of the Create Profile Action page with a Profile Actio n table entry is shown in Figure 79 on page 22 4. 3. Select the table entry that you want to modify a nd click the Modify link in the Action column.
AT-GS950/10PS Switch Web Interface Use r’s Guide 227 In-Profile Actio n The Create In-Profile Action p age allows you to specify a Profile Action’ s Permit or Deny privilege for p ackets in the ingress qu eue. Note A Profile Action Index is required to create a n In-Profile Action.
Chapter 18: Access Control Configuration 228 Note The In-Profile Action Index is a required parameter when you create a Policy. See “Create Policy” on page 238 for more information. 4. Enter a number in th e Profile Action ID field ranging from 0 to 72.
AT-GS950/10PS Switch Web Interface Use r’s Guide 229 7. From the main menu on the left side of t he page, select Save Configuration to Flash to perman ently save your changes.
Chapter 18: Access Control Configuration 230 Deleting an In- Profile Action To delete a In-Profile action entry , perform the following p rocedure: 1. From the main menu on the left side of the page, select the Access Control Config folder. The Access Control Config folder expands.
AT-GS950/10PS Switch Web Interface Use r’s Guide 231 Out-Profile Action The Create Out-Profile Action p age allows you to specify a Profile Action’s Permit or Deny privilege and bandwid th restrictions for packets in the egress queue.
Chapter 18: Access Control Configuration 232 4. Enter a number in th e Profile Action ID field ranging from 0 to 72. This field is mandatory. Note This field must be pre-defined on the Create Prof ile page - see “Creating a Profile Action” on page 224 for more information.
AT-GS950/10PS Switch Web Interface Use r’s Guide 233 7. From the main menu on the left side of t he page, select Save Configuration to Flash to perman ently save your changes.
Chapter 18: Access Control Configuration 234 Delete Out- Profile Action To delete a Out-Profile action entry, pe rform the following procedure: 1. From the main menu on the left side of the page, select the Access Control Config folder. The Access Control Config folder expands.
AT-GS950/10PS Switch Web Interface Use r’s Guide 235 Port List The Create Port List page allo ws you to specify a list of ports that will be used as part of the policy specification.
Chapter 18: Access Control Configuration 236 6. Click Add . The Out-Profile Action entry is added to the status table. If the Page field located below the table disp lays a page number and yo u do not see your new entry, then there are multiple pages of the table that you can navigate.
AT-GS950/10PS Switch Web Interface Use r’s Guide 237 4. Change the parameters as required. Note See “Create Port List” on page 235 for the d efinitions of each parameters. 5. Click Apply . The modified Port List entry is displaye d in the table at the bottom of the page of the Create Port List page.
Chapter 18: Access Control Configuration 238 Policy The Create Policy page allows you to specify th e filtering criteria for one policy. Before creating a policy, you must pre-define the following ind exes: Classifier Index : See “Creating a Classifier” on page 219 for more information.
AT-GS950/10PS Switch Web Interface Use r’s Guide 239 3. Enter a number in the Policy Index field. The Policy Index is a unique number within the range of 1 - 6553 5 which identifies the policy. This field is mandatory. 4. Enter data in the remaining parameters.
Chapter 18: Access Control Configuration 240 Figure 92. Example of Policy Entry 6. From the main menu on the left side of the page, select Save Configuration to Flash to permanent ly save your changes.
AT-GS950/10PS Switch Web Interface Use r’s Guide 241 Figure 93. Modify Policy Page 4. Change the parameters as required. Note See “Create Policy” on page 238 for the definitions o f each parameters. 5. Click Apply . The modified Policy entry is displayed in the table a t the bottom of the page of the Create Policy page.
Chapter 18: Access Control Configuration 242 Control Config folder. The Access Control Config folder expands. 2. From the Access Control Config folder , select Policy . An example of the Create Policy page with a Policy table entry is shown in Figure 92 on page 240.
AT-GS950/10PS Switch Web Interface Use r’s Guide 243 Policy Sequence Status The Policy Sequence page displays the status of the order that policies are applied to each port. You can order the display by Policy Index or by Policy Sequence number. To display the policy sequence, perform the following procedure: 1.
Chapter 18: Access Control Configuration 244.
245 Chapter 19 RMON This chapter contains the following sections: “Overview” on page 246 “Enable and Disable RMON” on page 2 47 “Port Statistics” on page 248 “Histories.
Chapter 19: RM ON 246 Overview The RMON (Remote MONitoring) MIB is used with SNMP applications to monitor the operations of network devices. The switch supports the four RMON MIB groups listed here: Statistic group— This group is used t o view port statistics remotely with SNMP programs.
AT-GS950/10PS Switch Web Interface Use r’s Guide 247 Enable and Disable RMON You can use your SNMP Network Management System (NMS) software and the RMON section of the MIB tree to view the RMON statistics, history and alarms associated with sp ecific ports.
Chapter 19: RM ON 248 Port Statistics You can remotely view individual port st atistics wit h RMON by using your SNMP NMS software and the RMON portion of the MIB tree. Perform the following procedure to co nfigure RMON port statistics for a specific port: 1.
AT-GS950/10PS Switch Web Interface Use r’s Guide 249 Figure 98. Ethernet Statisti cs Configuration Example 5. If you want to configure RMON statistics for other ports, repeat steps 3 and 4. 6. From the main menu on the left side of t he page, select Save Configuration to Flash to perman ently save your changes.
Chapter 19: RM ON 250 Histories RMON histories are snapshots of port statistics. They are taken by the switch at predefined intervals and can be used to identify trends o r patterns in the numbers or t ypes of ingress packets on the po rts on the switch.
AT-GS950/10PS Switch Web Interface Use r’s Guide 251 snapshot of RMON statistics. Different ports can have different numbers of buckets. The range is 1 to 50 buckets. Interval: This parameter specifies how frequently the switch takes snapshots of the port’s statistics.
Chapter 19: RM ON 252 Events An event specifies the action of the switch when the ingress packet activity on a port crosses a statistical threshold defin ed in an alarm. The choices are to log a message in the event log of the switch, send an SNMP t rap to an SNMP workstation, or both.
AT-GS950/10PS Switch Web Interface Use r’s Guide 253 Owner: This parameter is used to identify the person who created an entry. It is primarily intended fo r switches that are managed by more than one person, and is a n optional field. 4. Once you have configured the pa rameters, click Add .
Chapter 19: RM ON 254 Alarms RMON alarms are used to generate alert messages when p acket activity on designated ports rises above or falls below sp ecified threshold values. The alert messages can take the form of message s that are entered in the event log on the switch or traps that are send to your SNMP NMS software or both.
AT-GS950/10PS Switch Web Interface Use r’s Guide 255 2. From the RMON folder, sele ct Alarm . The RMON Alarm Configuration Page is displa yed. See Figure 103 . Figure 103. RMON Alarm Configuration Pa ge 3. The following fields are listed: Index: This parameter specifie s the ID number of the new group.
Chapter 19: RM ON 256 Falling Threshold: This paramet er specifies a specific value or threshold level of the monitored st atistic. When the value of the monitored statistic becomes less t han this threshold level, an alarm event is triggered. The p arameter ’ s range is 1 to 214748364 7.
257 Chapter 20 V oice VLAN This chapter contains a description of th e AT-GS950/10PS switch’s Voice VLAN feature and the procedures to create, modify, and delete a voice VLAN configuration.
Chapter 20: Voice VLAN 258 Overview The AT-GS950/10PS Voice VLAN f eature is specifically designed to maintain high quality, uninterrupted voice traffic thro ugh the switch. When talking on a voice over IP phone, a user expects to have n o interruptions in the conversation and excellent voice quality.
AT-GS950/10PS Switch Web Interface Use r’s Guide 259 When you are configuring the voice VLAN parame ters, you must enter the complete MAC address of at least one of your IP p hones. An “OUI Mask” is automatically generated and appl ied by the AT-S110 management software to yield the manufacturer’s OUI.
Chapter 20: Voice VLAN 260 One or more ports in your voice VLAN mu st be configured as Static tagged or untagged members. Static VLAN members are permane nt member ports of the voice VLAN and there is no depend ency on the configuration of the devices con nected to the ports.
AT-GS950/10PS Switch Web Interface Use r’s Guide 261 General Guidelines Here is a summary of the rules to observe when you create a voice VLAN: One voice VLAN can be configured on the switch at any time. A voice VLAN is based on a pre-defined tagged VL AN.
Chapter 20: Voice VLAN 262 Configuration Prior to configuring your voice VLAN, you must first configure a tag ged VLAN. This VLAN will be used as a basis for your voice VLAN. Note See “Create a Tagged VLAN” on page 15 7 for more information about configuring a tagged VLAN with Not Me mber and Static tagged ports.
AT-GS950/10PS Switch Web Interface Use r’s Guide 263 4. From the Voice VLAN field at the top of the page, select one of the following choices from the pull-down menu: Enable - The voice VLAN feature is active. The other pa rameter fields in the voice VLAN Global Settings sectio n become active and are eligible for data to be ente red.
Chapter 20: Voice VLAN 264 Note The voice VLAN Auto-Detection feature can only be enabled on “Not Member” ports of the voice VLAN. Member ports cannot have the voice VLAN Auto-Detection feature enabled. The Status co lumn displays Static for the member po rts.
AT-GS950/10PS Switch Web Interface Use r’s Guide 265 OUI Setting You can create and delete Voice VLAN OUI Settings by following the procedures in these sections: “Create OUI Setting” “Modify OUI Setting” on page 266 Create OUI Setting To create a Voice OUI configura tion, perform the following pro cedure: 1.
Chapter 20: Voice VLAN 266 8. From the main menu on the left side of the page, select Save Configuration to Flash to permanent ly save your changes. Modify OUI Setting To modify or delete an OUI, it must be first be deleted and then re-entered by following the procedure in “Create OUI Setting” on page 265.
267 Chapter 21 Security This chapter contains information about th e Port-based security features and the procedures for se tting this feature. This chapter includes the following sections: “Por.
Chapter 21: Security 268 Port Access Control This section contains information a nd configuration procedures for the Port-based Access Control. The fo llowing informatio n is provided: “Overview.
AT-GS950/10PS Switch Web Interface Use r’s Guide 269 Port Access Control Configuration To configure port-based access contro l, perform the following procedure: 1. Select the Security folder from the ma in menu on the left side of the page. The Security folder expands.
Chapter 21: Security 270 5. To set the advanced configuration pa rameters, click Settings . The Port Access Control Configure page is expanded. See Figure 108. Figure 108. Expanded Port Access Control Configuratio n Page 6. Set the following paramet ers as needed: Port: This parameter specifies the port being configured for authentication.
AT-GS950/10PS Switch Web Interface Use r’s Guide 271 802.1x authenticator role, in the unauthorized state. Although the ports are in the authenticator role, the switch blocks all authentication on the ports, which means that no clients can log on and forward packets through them.
Chapter 21: Security 272 authentication. Enabled: The Piggyback Mode is Enabled. Disabled: The Piggyback Mode is Disabled. VLAN Assignment - This parameter e nables the VLAN assignment that you select with the Gu est VLAN ID parameter. Choose from the following: Enabled: The VLAN Assignme nt is Enabled.
AT-GS950/10PS Switch Web Interface Use r’s Guide 273 RADIUS Client You can use the RADIUS client with 802.1x port-ba sed access control to authenticate which packets are forwarded through the switch.
Chapter 21: Security 274 You need to specify the use r name and password combination s when configuring the RADIUS server software on the authentication server. Note This manual does not explain ho w to configure RADIUS se rver software. Refer to the documentation that comes with the RADIUS server software for instructions.
AT-GS950/10PS Switch Web Interface Use r’s Guide 275 8. From the main menu on the left side of t he page, select Save Configuration to Flash to perman ently save your changes.
Chapter 21: Security 276 Dial-in User— Local Authentication Dial-in User feature provides the local authentication server for port security when a remote (RADIUS) server is not available .
AT-GS950/10PS Switch Web Interface Use r’s Guide 277 Figure 110. Dial-In User Page 3. In the User Name field, type a name fo r the user. 4. In the Password field, type a password for the user. 5. In the Dynamic VLAN field, enter the VID of the VLAN which yo u will allow the user to access.
Chapter 21: Security 278 The Dial-in User p age is displayed. See Figure 1 10 on page 277. 3. In the list of dial-in users, highlight the user you want t o modify. The user ’s information is displayed in fields above. 4. In the Password field, enter the n ew password.
AT-GS950/10PS Switch Web Interface Use r’s Guide 279 Destination MAC Filter This section contains a n explanation of the Destination MAC Filter f eature as well a procedure for configuring it.
Chapter 21: Security 280 Figure 112. Destination MAC Filter Page 3. To enter the MAC address that you want filtere d, enter the MAC address into the MAC Address field. 4. Click the Add butto n to save your entry. See Fig ure 113. Figure 113. Destination MAC Filter Page Example 5.
AT-GS950/10PS Switch Web Interface Use r’s Guide 281 3. Select the Delete button next to the MAC address t hat you want to delete. The MAC address is removed from the MAC address table. 4. From the main menu on the left side of t he page, select Save Configuration to Flash to perman ently save your changes.
Chapter 21: Security 282.
283 Chapter 22 Power Over Ethernet (PoE) This chapter provides background information about PoE and includes procedures to configure the PoE feature on each port.
Chapter 22: Power Over Etherne t (PoE) 284 Overview The AT-GS950/10PS switch features Power over Ethernet (PoE) o n the 10/100Base-Tx ports on ports 1 - 8. PoE is used to supply power to network devices over the same twist ed pair cables that carry the network traffic.
AT-GS950/10PS Switch Web Interface Use r’s Guide 285 Port Prioritization As long as the total power requirements of th e PDs is less than the total available power of the switch, it can supply power to all of the PDs.
Chapter 22: Power Over Etherne t (PoE) 286 PoE Configuration To configure the basic STP and RSTP settings, perform the following procedure: 1. From the main menu on the left side of the page, select Power Over Ethernet Configuration . The Power Over Ethernet Configuration page is displayed.
AT-GS950/10PS Switch Web Interface Use r’s Guide 287 Note See Table 6 on page 28 4 for a definition of the PD Po E classes. Priority - Indicates the port priority: Low, High, or Critical. For more details, see “Port Prioritization” on page 285. Power(mW) - Indicates the Power in milliwatts th at the port is supplying power to the PD.
Chapter 22: Power Over Etherne t (PoE) 288.
289 Chapter 23.
Chapter 23: DHCP Snoopin g 290 Chapter 23 DHCP Snooping This chapter contains a description of the DHCP Snooping feature and the procedures for creating, modifying, and deleting the DHCP Snooping configuration.
AT-GS950/10PS Switch Web Interface Use r’s Guide 291 Overview The DHCP Snooping feature provides security by inspecting ingress packets for the correct IP and MAC address information. The DHCP Snooping feature defines th e AT-GS950/10PS ports as either trusted or untrusted.
Chapter 23: DHCP Snoopin g 292 A network device initially sends out a DHCPDISCOVER packet so that a DHCP server will respond. It waits for and the n accepts the first DHCPOFFER packet from the se rver that it receives. This packet contains the DHCP server’s IP address and mask.
AT-GS950/10PS Switch Web Interface Use r’s Guide 293 General Guidelines Here is a summary of the rules to obse rve when you configure DHCP Snooping: A trusted port is connected to one of t he following: – Directly to the legitimate trusted DHCP Server.
Chapter 23: DHCP Snoopin g 294 General Configuration The following procedure describes ho w to configure the DHCP Snooping feature on the AT-GS950/10PS switch: 1. From the main menu on the left side of the page, select DHCP Snooping . The DHCP Snooping folder expands.
AT-GS950/10PS Switch Web Interface Use r’s Guide 295 Disable - The MAC address of each in gress ARP packet is not validated against th e Binding Table. All ARP packets are forwarded through the switch without regard to t he IP and MAC Address information in the packet h eader.
Chapter 23: DHCP Snoopin g 296 VLAN Setting You can create and dele te DHCP Snooping VLAN settings by follo wing the procedures in these sections: "Creating a VLAN" “Modifying a VL.
AT-GS950/10PS Switch Web Interface Use r’s Guide 297 Modifying a VLAN To modify or delete a VLAN ID, you must first d eleted it (using the procedure below) and then re-entered r e-enter it by following the procedure outline in “Creating a VLAN” o n page 296.
Chapter 23: DHCP Snoopin g 298 Trusted and Untrusted Port Configuration The following procedure describes ho w to configure the DHCP Snooping trusted interfaces on the AT-GS950/10PS switch: 1. From the main menu on the left side of the page, select DHCP Snooping .
AT-GS950/10PS Switch Web Interface Use r’s Guide 299 Figure 118. Trusted Interfaces Page Exa mple 5. If you choose to configure other switch ports as trusted or untrusted, repeat steps 3 and 4. 6. From the main menu on the left side of t he page, select Save Configuration to Flash to perman ently save your changes.
Chapter 23: DHCP Snoopin g 300 Binding Database The Binding Database displays learned and statically assigned MAC Address and IP Address information for each host on the local area network. Dynamically assi gned IP addresses from the DHCP server will automatically populate the table on the Binding Database page as they are assigned by the server.
AT-GS950/10PS Switch Web Interface Use r’s Guide 301 VLAN - Enter the host’s VLAN ID. Port - Enter the port number where the host is connected. Type - Because the IP Address being entered is static, you must select Static . Lease Time - Enter the time that IP addre ss assignment is valid.
Chapter 23: DHCP Snoopin g 302 Type: This parameter indicates the following: Learned: The host IP Address is dynam ically assigned by the DHCP server. Static: The host IP Address is statica lly assigned. See “Static IP Addresses” on page 300 for more information.
303 Chapter 24 LLDP Link Layer Discovery Protocol (LLD P) allows Etherne t network devices, such as switches and routers, to receive and transmit device-related information to directly connect ed devices on the network and to store data that is learned about other device s.
Chapter 24: LLDP 304 Overview The data sent and received by L LDP are useful for many reasons. The switch can discover other devices directly connecte d to it.
AT-GS950/10PS Switch Web Interface Use r’s Guide 305 Global Configuration The LLDP Global Setting page has three sect ions: On the top of the page contain s the enabling or disabling LLDP selections. The middle of the page contains LLDP Syste m Information.
Chapter 24: LLDP 306 “Setting Port States” on page 307 You must enable LLDP before changing the LLDP System Info rmation settings or the port settings. Enabling or Disabling LLDP To enable or disable the LLDP f eature, perform the following pro cedure: 1.
AT-GS950/10PS Switch Web Interface Use r’s Guide 307 LLDP TX Delay: Sets the value of the tra nsmission delay timer, which is the minimum time interval between transmissions of LLDP advertisements due to a change in LLDP local information. Th e range is from 1 to 8192 seconds.
Chapter 24: LLDP 308 transmit LLDP data packets. T o change the settings of all the ports to the same st ate, select a state setting next to All In the Port colu mn. 3. In the Action column, click the Apply button that corresponds to the port to make the state change active.
AT-GS950/10PS Switch Web Interface Use r’s Guide 309 Neighbors Information To view the information re ceived from the neighboring network de vices, perform the following procedure: 1. From the main menu on the left side of the page, click the LLDP fold er.
Chapter 24: LLDP 310.
311 Chapter 25 Network S tatistics The sections in th is chapter explain how to display traffic, error, and h istory statistics about the network traffic on the AT-GS950/10PS switch and its ports.
Chapter 25: Network St atistics 312 Overview Statistics provide important info rmation for t roubleshooting switch problems at the port level. The AT-S110 Management Software provides a versatile set .
AT-GS950/10PS Switch Web Interface Use r’s Guide 313 Traffic Comparison Statistics The T raffic Compariso n statistics char t allows you to di splay a specified traffic st atistic over all of the ports. Y ou can select 12 statistic types and 12 colors for each port.
Chapter 25: Network St atistics 314 4. To select the amount of time before the screen is refreshed, click Auto Refresh . Choose from the following options: 5 seconds 10 seconds 15 seconds .
AT-GS950/10PS Switch Web Interface Use r’s Guide 315 5. To select the color of the traffic comparison graph, select Color . Choose one of the following colors: Green Blue Red Purple Yellow Orange Gray Light Red Light Blue Light Green Light Yellow Light Gray 6.
Chapter 25: Network St atistics 316 Error Group Statistics The Error Group chart displays the di scard and error counts for a spe cified port. To display error group statistics for a port, per form the following procedure: 1. Select the Statistics Chart folder.
AT-GS950/10PS Switch Web Interface Use r’s Guide 317 4. To select the amount of time before the screen is refreshed, click Auto Refresh . Choose from the followin g options: 5 seconds 10 seconds 15 seconds 30 seconds 5. To select the color of the traffic comparison graph, select Color .
Chapter 25: Network St atistics 318 Historical Status Charts The Historical S tatus chart allows you to select from 12 st atistics to view for a selection of ports for ho wever long this chart is running on the management workst ation. To display histor ical status cha rts statistics for a port, perform the following procedure: 1.
AT-GS950/10PS Switch Web Interface Use r’s Guide 319 Table 9 Historical Status Options Option Definition Inbound Octet Rate (Bytes) Measures the rate of inbo und octet bit s in bytes per second. Inbound Unicast Packet Rate (Pkt s) Measures the rate of inbo und unicast p ackets in packet s per second.
Chapter 25: Network St atistics 320 4. To select the amount of time before the screen is refreshed, click Auto Refresh . Choose from the following options: 5 seconds 10 seconds 15 seconds 30 seconds 5. To select the color of the traffic compar ison graph, select Col or .
321 Section IV To o l s This section contains t he following chapters: Chapter 26, “Software/ Configuration Up dates” on page 323 Chapter 27, “Cable Diagnostics” on p age 335 Chapt.
322.
323 Chapter 26 Softwar e/Configuration Updates This chapter explains the meth ods for upgrading the AT-S110 Management Software on the switch and saving configuration files.
Chapter 26: Software/Co nfiguration Updates 324 Overview You can use the Management Software Upd ates features to upgrade the AT-S110 Management Software to a new version, save a configuration file or load a configuration file.
AT-GS950/10PS Switch Web Interface Use r’s Guide 325 Upgrade Firmware Image via HTTP This section describes how to upgrade an firmware image of the AT-S110 Management Software using HTT P on an Internet server.
Chapter 26: Software/Co nfiguration Updates 326 2. From the Firmware Upgrade folde r, sele ct via HTTP . The Firmware Upgrade via HTTP Page is displayed.
AT-GS950/10PS Switch Web Interface Use r’s Guide 327 Upgrade Firmware Image via TFTP This section describes how to upgrade an firmware image of the AT-S110 Management software using TFTP on an T FTP server.
Chapter 26: Software/Co nfiguration Updates 328 Figure 127. Firmware Upgrade via TFTP Page The Image/Version Date shows the curren t version and date of software inst alled on the switch. 3. Change the following parameters as necessary: TFTP Server IP: The IP address of the TFTP server from which you are downloading the new software.
AT-GS950/10PS Switch Web Interface Use r’s Guide 329 Upload or Download a Configuration File via HTTP This section describes how to upload or do wnload a configur ation file using HTTP on an Internet server.
Chapter 26: Software/Co nfiguration Updates 330 2. Select the Upload button. The download process begins immediat ely. Caution If you are uploading a con figuration file, the file will be implemented immediately after download. A shor t interruption in network service will be experienced wh ile the new configuration file is loaded.
AT-GS950/10PS Switch Web Interface Use r’s Guide 331 Configuration File Download To download or save the AT-S110 configuration file from the switch to your PC, perform the following procedure: 1. Select the Download button . Select this button to download a configuration file from the switch to your PC.
Chapter 26: Software/Co nfiguration Updates 332 Download or Upload a Configuration File via TFTP This section describes how to upload or download a configuration file using TFTP on an TFTP server. Before you uplo ad or download a configuration file onto the switch using TFTP, note the following: Your network must have a TFTP se rver.
AT-GS950/10PS Switch Web Interface Use r’s Guide 333 Caution If you are uploading a configuration fi le, the file will be implemented immediately after down load. A short interru ption in network service will be experienced while the new configu ration file is loaded.
Chapter 26: Software/Co nfiguration Updates 334.
335 Chapter 27 Cable Diagnostics This chapter provides pr ocedures to run cable diagno stics on the cables connected to the switch ports. If a po rt is select ed, a cable must be connected to it for meaningful test results to be displayed.
Chapter 27: Ca ble Diagnostics 336 Port: This parameter displays the port (cable ) selected. Test Results: Displays the diagnostic results fo r each pair in the cable. One of the following cable status parameters is displayed: OK: There is not problem detected with the cable.
337 Chapter 28 Rebooting the A T -GS950/10PS This chapter provides the procedures for rebo oting the AT-GS950/10PS switch by using the Normal reboot funct ion provided in the AT-S110 management software. Note Alternately, you can reboot the AT-GS950 /10PS switch by pressing the front panel eco-friendly switch between 5 to 9 seconds.
Chapter 28: Reboo ting the AT-GS950/10PS 338 Switch Reboot The following procedure outlines how to reboot your AT-GS950/10PS switch. Caution This procedure reboots the switch and reloads the AT-S110 Management software configuratio n from flash memory.
AT-GS950/10PS Switch Web Interface Use r’s Guide 339 4. In the Reboot Type field, select Normal from the pull-down menu. When the switch is rebooted with this selection, a ll configuration parameters that are saved in flash memory are loaded into the switch’s active memory.
Chapter 28: Reboo ting the AT-GS950/10PS 340 Configure Factory Default Values The following procedure returns all AT-S110 Management software parameters to their factory default values and deletes all ta gged and port- based VLANs on the switch.
AT-GS950/10PS Switch Web Interface Use r’s Guide 341 address, subnet mask, and gateway se ttings are managed by the DHCP server . 5. Click Apply . The switch begins the reboot process.
Chapter 28: Reboo ting the AT-GS950/10PS 342 Password Protection of Factory Reset If your switch is located in a controlled environment such as a lo cked switching closet or limited access eq uipment .
AT-GS950/10PS Switch Web Interface Use r’s Guide 343 2. From the Tools folder, select Reboot . The Factory Default Reset/Reboot Page is displaye d. See Figure 133 on page 338. 3. Go to the Factory Default Reset section on the upper pa rt of the page.
Chapter 28: Reboo ting the AT-GS950/10PS 344 remain Enabled on both the switch mana gement software and the physical front panel ecoFriendly button. 8. Click Accept .on the message. The Factory Default Reset page changes and displays the Fa ctory Default Reset f eature as Disabled .
AT-GS950/10PS Switch Web Interface Use r’s Guide 345 Figure 136. Factory Default Reset/Reboot Page with Passwo rd Entry 5. Enter the same passwo rd that you de fined when you previously set the Factory Default Reset field to Disable. 6. Click Apply .
Chapter 28: Reboo ting the AT-GS950/10PS 346.
347 Chapter 29 Pinging a Remote System This chapter provides the procedur e for pinging a node on your network from the AT-GS950/10PS switch. Th is procedure is useful in determinin g whether an active link exists between the switch and another network device.
Chapter 29: Pinging a Remote System 348 switch waits for a response before assuming that a ping has failed. Number of Ping Requests - Specifies the nu mber of ping requests you want the switch to perform. 4. Click Start . 5. To view the ping results, click Show Ping Re sults .
349 Appendix A MSTP Overview This appendix provides background in formation about the Multiple Spanning Tree Protocol (MSTP) and include s the following sections: “Overview” on page 350 .
Appendix A: MSTP Overvi ew 350 Overview In the AT-GS950/10PS, STP and RSTP are ref erred to as single-instance spanning trees that search for physical loops across all VLANs in a bridged network. When lo ops are detected, the active pro tocol stops the loops by placing one or more bridge ports in a bl ocking state.
AT-GS950/10PS Switch Web Interface Use r’s Guide 351 Note Do not activate MSTP on the AT-GS950/10PS switch without first familiarizing yourself with the following concepts and guidelines. Like STP and RSTP, you must activate this MSTP protocol on a switch and then configure the p rotocol parameters.
Appendix A: MSTP Overvi ew 352 Multiple Spanning Tree Instance (MSTI) The individual spanning trees in MSTP are referred to as Multiple Spanning Tree Instances (MSTIs). A MSTI ca n span any number of AT-GS950 switches. The switch can support up to 31 MSTI s at a time.
AT-GS950/10PS Switch Web Interface Use r’s Guide 353 Figure 140. MSTP Example of Two Spanning Tree Inst ances Multiple VLANs Assigned to an MSTI A MSTI can contain more than one VLAN. This is illustrated in Figure 141 on page 354 where there are two AT-GS950/10PS switches with fo ur VLANs.
Appendix A: MSTP Overvi ew 354 Figure 141. Multiple VLANs in a MSTI In this example, because an MSTI contains more than one VL AN, the links between the VLAN parts is made with tagged (not unta gged) ports so that they can carry traffic from more than on e virtual LAN.
AT-GS950/10PS Switch Web Interface Use r’s Guide 355 General Guidelines Here are the guidelin es for MST Is: The AT-GS950/10PS switch can support up to 31 spanning tree instances, including the CIST. A MSTI can contain a ny number of VLANs. A VLAN can belong to only one MSTI at a time.
Appendix A: MSTP Overvi ew 356 VLAN and MSTI Associations Part of the task to configuring MSTP involves assigning VLANs to spanning tree instances. The mapping of VLANs to MSTIs is called associations . A VLAN, either port-based o r tagged, can belong to only one instance at a time, but an instance can contain any number of VLANs.
AT-GS950/10PS Switch Web Interface Use r’s Guide 357 Ports in Multiple MSTIs A port can be a member of more than one MSTI at a time if it is a tagged member of one or more VLANs assigned to different MSTI’s.
Appendix A: MSTP Overvi ew 358 Multiple Spanning Tree Regions Another important concept of MSTP is regio ns . A MSTP region is defined as a group of bridges that sha re exactly the same MSTI char acteristics.
AT-GS950/10PS Switch Web Interface Use r’s Guide 359 The AT-GS950/10PS switch determines re gional boundaries by examining the MSTP BPDUs received on the ports.
Appendix A: MSTP Overvi ew 360 Each MSTI functions as an indepen dent spanning tree within a region. Consequently, each MSTI must have a ro ot bridge to loca te physical loops within the spanning tree insta nce. An MSTI’s root bridge is ca lled a regional root .
AT-GS950/10PS Switch Web Interface Use r’s Guide 361 Each MSTI must have a regional root for lo cating loops in the instance. MSTIs can share the same region al root or have different roots. A regional root is determined by the MST I Bridge Priority value and a b ridge’s MAC address.
Appendix A: MSTP Overvi ew 362 Common and Internal Spanning Tree (CIST) MSTP has a default spanning tree instance ca lled the Common and Internal Spanning Tree (CIST). This instance has an MSTI ID of 0. This instance has unique features and functi ons that make it different from the MSTIs that you create yourself.
AT-GS950/10PS Switch Web Interface Use r’s Guide 363 Associating VLANs to MSTIs When you are using Multiple Span ning Tree, Allied Telesis recommends that you assign each VLANs to one of the ex isting MSTIs on a switch. You should not leave any VLAN unassigned including th e Default VLAN.
Appendix A: MSTP Overvi ew 364 Figure 143. CIST and VLAN Guid eline - Example 2 When port 3 on switch B receives a BPDU, the switch notes the port sending the packet belongs only t o CIST 0. Therefore, switch B uses CIST 0 in determining whether a loop exists.
AT-GS950/10PS Switch Web Interface Use r’s Guide 365 VLANs Across Different Regions Special consideration needs to be taken into account when you connect different MSTP regions or an MSTP region and a single-instance STP or RSTP region. Unless planned proper ly, VLAN fragmentation can occur between the VLANS of your network.
Appendix A: MSTP Overvi ew 366 Region 1 VLANs Region 2 VLANs Accounting Accounting Sales Sales Pre-Sales Pre-Sales Marketing Technical Support Product Management Software Engineering Project Management Hardware Engineering The two regions share three VLANs: Ac counting, Sales, and Presales.
AT-GS950/10PS Switch Web Interface Use r’s Guide 367 Summary of Guidelines Careful planning is essential for the su ccessful implementation of MSTP. This section reviews all the rules and guidelines.
Appendix A: MSTP Overvi ew 368.
369 Appendix B A T -GS950/10PS Default Parameters Table 12 lists the factory default setting s for the AT-S110 Manageme nt software on the AT-GS950/10PS switch.
Appendix B: AT-GS950/10PS Default Parameters 370 IP address entries 10 entries 10 entries System/Administration User Name manager 1 - 12 characters Password friend 1 - 12 characters System/User Interf.
AT-GS950/10PS Switch Web Interface Use r’s Guide 371 To (Month:Day:HH:MM) January:01:00:00 - DST Offset 1 hr - System/SSL Setting s SSL Settings Disabled Enabled/Disabled System/DHCP Auto C onfigura.
Appendix B: AT-GS950/10PS Default Parameters 372 Trunk -- Type 1000TX - Link Status Down Up/Dow n Admin Status Enabled Enabled/Disabled Mode Auto Auto/10Half/10Full/100Half/10 0Full/1000Full Jumbo Ena.
AT-GS950/10PS Switch Web Interface Use r’s Guide 373 Bridge Priority 32768 0 - 61440 Region Name MAC Address of AT-GS950/10PS switch - Region Revision 0 0 - 65535 Dynamic Path Cost Calculation True .
Appendix B: AT-GS950/10PS Default Parameters 374 Restricted Role False True/False Restricted TCN False True/ False Port S tate Ignore Enable/Disable/Ignore Bridge/T runk Config/T runking T runk S tatu.
AT-GS950/10PS Switch Web Interface Use r’s Guide 375 Bridge/St atic Unicast 802.1Q VLAN - ID 1 - 4000 Port-Based VLAN Index - ID 1 - 52 MAC Address none xx:xx:xx:xx:xx:xx hex format Port Member - All, 1 - 10 Bridge/St atic Multicast 802.
Appendix B: AT-GS950/10PS Default Parameters 376 S torm Control Threshold Low High (2500 pp s) Medium (1000 pp s) Low (500 pp s) @ Packet size = 1518 Bytes Ingress Rate Limiting Bandwid th 64Kbps X ra.
AT-GS950/10PS Switch Web Interface Use r’s Guide 377 Private VLAN Forwarding Ports All, 1 - 10 All, 1 - 10 Bridge/GVRP GVRP S tatus Disabled Enabled/Disabled Dynamic Vlan S tatus En abled Enabled/Di.
Appendix B: AT-GS950/10PS Default Parameters 378 Security Model v1 v1/v2c/v3 Security Level NoAuthNoPriv NoAuthNoPriv/AuthNoPriv/AuthPriv SNMP User/Group User Name Enable d Enabled/Disabled Group Name.
AT-GS950/10PS Switch Web Interface Use r’s Guide 379 Destination MAC Address none xx:xx:xx:xx:xx:xx hex format Destination MAC Mask Length none 1 - 48 VLAN ID none 0 - 4000 802.1p Priority none 0 - 7 Ether T ype none 0000 - FFFF (Hex) DSCP none 0 - 63 Proto col none 1 - 255 Source IP Address none IPv4 address in xxx.
Appendix B: AT-GS950/10PS Default Parameters 380 Out-Profile Action Burst Size 16K 16K/32K/64K Port List Index none 1 - 65535 Port List none Any combination of ports 1 - 10 Authentication Method RADIU.
AT-GS950/10PS Switch Web Interface Use r’s Guide 381 Alarms Rising Threshold none 1 to 2147483647 seconds Alarms Falling Threshold none 1 to 2147483647 seconds Alarms Rising Event Index none 1 - 655.
Appendix B: AT-GS950/10PS Default Parameters 382 Port Access Control Authentication Method Local Local/Ra dius Dial-In User Name none 1 - 23 characters Dial-In User Password none 1 - 23 characters Dial-In User Dynamic VLAN none 1 - 4000 where 0 means ignore RADIUS Server IP 0.
AT-GS950/10PS Switch Web Interface Use r’s Guide 383 General Setting Datab ase Update Interval 1200 600 - 86400 General Setting DHCP Option 82 Insertion Disabled Enabled/Disabled VLAN Settings VLAN .
Appendix B: AT-GS950/10PS Default Parameters 384 T raffic Comparison St a t i s t i c s Inbound Octet Rate (Bytes/ s) 25 statistics T raffic Comparison Auto Refresh 5 seconds 5/10/15/30 seconds T raff.
AT-GS950/10PS Switch Web Interface Use r’s Guide 385 Configuration File Upload/Down load via HTTP Select File none - Configuration File Upload/Down load via TFTP TFTP Server IP 0.
Appendix B: AT-GS950/10PS Default Parameters 386.
Een belangrijk punt na aankoop van elk apparaat Allied Telesis AT-GS950/10PS (of zelfs voordat je het koopt) is om de handleiding te lezen. Dit moeten wij doen vanwege een paar simpele redenen:
Als u nog geen Allied Telesis AT-GS950/10PS heb gekocht dan nu is een goed moment om kennis te maken met de basisgegevens van het product. Eerst kijk dan naar de eerste pagina\'s van de handleiding, die je hierboven vindt. Je moet daar de belangrijkste technische gegevens Allied Telesis AT-GS950/10PS vinden. Op dit manier kan je controleren of het apparaat aan jouw behoeften voldoet. Op de volgende pagina's van de handleiding Allied Telesis AT-GS950/10PS leer je over alle kenmerken van het product en krijg je informatie over de werking. De informatie die je over Allied Telesis AT-GS950/10PS krijgt, zal je zeker helpen om een besluit over de aankoop te nemen.
In een situatie waarin je al een beziter van Allied Telesis AT-GS950/10PS bent, maar toch heb je de instructies niet gelezen, moet je het doen voor de hierboven beschreven redenen. Je zult dan weten of je goed de alle beschikbare functies heb gebruikt, en of je fouten heb gemaakt die het leven van de Allied Telesis AT-GS950/10PS kunnen verkorten.
Maar de belangrijkste taak van de handleiding is om de gebruiker bij het oplossen van problemen te helpen met Allied Telesis AT-GS950/10PS . Bijna altijd, zal je daar het vinden Troubleshooting met de meest voorkomende storingen en defecten #MANUAl# samen met de instructies over hun opplosinge. Zelfs als je zelf niet kan om het probleem op te lossen, zal de instructie je de weg wijzen naar verdere andere procedure, bijv. door contact met de klantenservice of het dichtstbijzijnde servicecentrum.