LG-Ericsson iPECS ES-4550G User manual
U
SER
G
UIDE
User Manual
ES-4550G / ES-4526G
Managed Layer 3 Stackable GE Switch
U
SER
M
ANUAL
ES-4500G Series
ES-4550G MANAGED 48-PORT L3 STACKABLE GE SWITCH
Layer 3 Stackable Gigabit Ethernet Switch
with 44 10/100/1000BASE-T (RJ-45) Ports,
4 Gigabit Combination Ports (RJ-45/SFP),
2 10-Gigabit Extender Module Slots,
and 2 Stacking Ports
ES-4526G MANAGED 24-PORT L3 STACKABLE GE SWITCH
Layer 3 Stackable Gigabit Ethernet Switch
with 20 10/100/1000BASE-T (RJ-45) Ports,
4 Gigabit Combination Ports (RJ-45/SFP),
2 10-Gigabit Extender Module Slots,
and 2 Stacking Ports
ES-4526G
ES-4550G
E042011/ST-R01
150200000149A
– 3 –
ES-4500G Series
ABOUT THIS GUIDE
PURPOSE This guide gives specific information on how to operate and use the
management functions of the switch.
AUDIENCE The guide is intended for use by network administrators who are
responsible for operating and maintaining network equipment;
consequently, it assumes a basic working knowledge of general switch
functions, the Internet Protocol (IP), and Simple Network Management
Protocol (SNMP).
CONVENTIONS The following conventions are used throughout this guide to show
information:
N
OTE
:
Emphasizes important information or calls your attention to related
features or instructions.
C
AUTION
:
Alerts you to a potential hazard that could cause loss of data, or
damage the system or equipment.
W
ARNING
:
Alerts you to a potential hazard that could cause personal injury.
NOTICE OF CHANGES LG-Ericsson reserves the right to change specifications at any time without
notice.
RELATED PUBLICATIONS The following publication details the hardware features of the switch,
including the physical and performance-related characteristics, and how to
install the switch:
The Installation Guide
Also, as part of the switch’s software, there is an online web-based help
that describes all management related features.
A
BOUT
T
HIS
G
UIDE
– 4 –
ES-4500G Series
REVISION HISTORY This section summarizes the changes in each revision of this guide.
APRIL 2011 REVISION
This is the first version of this guide. This guide is valid for software release
v1.2.2.0.
– 5 –
ES-4500G Series
CONTENTS
ABOUT THIS GUIDE 3
CONTENTS 5
FIGURES 39
TABLES 51
SECTION I GETTING STARTED 57
1INTRODUCTION 59
Key Features 59
Description of Software Features 61
System Defaults 67
2INITIAL SWITCH CONFIGURATION 71
Connecting to the Switch 71
Configuration Options 71
Required Connections 72
Remote Connections 73
Basic Configuration 73
Console Connection 73
Setting Passwords 74
Setting an IP Address 75
Enabling SNMP Management Access 80
Managing System Files 82
Saving or Restoring Configuration Settings 83
SECTION II WEB CONFIGURATION 85
3USING THE WEB INTERFACE 87
Connecting to the Web Interface 87
Navigating the Web Browser Interface 88
Home Page 88
C
ONTENTS
– 6 –
ES-4500G Series
Configuration Options 89
Panel Display 89
Main Menu 90
4BASIC MANAGEMENT TASKS 107
Displaying System Information 107
Displaying Switch Hardware/Software Versions 109
Configuring Support for Jumbo Frames 110
Displaying Bridge Extension Capabilities 111
Managing System Files 113
Copying Files via FTP/TFTP or HTTP 113
Saving the Running Configuration to a Local File 115
Setting The Start-Up File 116
Showing System Files 117
Setting the System Clock 117
Setting the Time Manually 118
Setting The SNTP Polling Interval 119
Specifying SNTP Time Servers 120
Setting the Time Zone 121
Console Port Settings 122
Telnet Settings 124
Displaying CPU Utilization 125
Displaying Memory Utilization 126
Renumbering the Stack 127
Resetting the System 128
5INTERFACE CONFIGURATION 131
Port Configuration 131
Configuring by Port List 131
Configuring by Port Range 134
Displaying Connection Status 135
Configuring Port Mirroring 136
Showing Port or Trunk Statistics 138
Performing Cable Diagnostics 142
Trunk Configuration 144
Configuring a Static Trunk 145
Configuring a Dynamic Trunk 147
Displaying LACP Port Counters 152
C
ONTENTS
– 7 –
ES-4500G Series
Displaying LACP Settings and Status for the Local Side 154
Displaying LACP Settings and Status for the Remote Side 155
Sampling Traffic Flows 156
Configuring sFlow Parameters 157
Traffic Segmentation 159
Enabling Traffic Segmentation 159
Configuring Uplink and Downlink Ports 160
VLAN Trunking 161
6 VLAN CONFIGURATION 163
IEEE 802.1Q VLANs 163
Configuring VLAN Groups 166
Adding Static Members to VLANs 168
Configuring Dynamic VLAN Registration 173
Private VLANs 176
Creating Private VLANs 176
Associating Private VLANs 178
Configuring Private VLAN Interfaces 179
IEEE 802.1Q Tunneling 181
Enabling QinQ Tunneling on the Switch 185
Adding an Interface to a QinQ Tunnel 186
Protocol VLANs 187
Configuring Protocol VLAN Groups 188
Mapping Protocol Groups to Interfaces 189
Configuring IP Subnet VLANs 192
Configuring MAC-based VLANs 194
7ADDRESS TABLE SETTINGS 197
Configuring MAC Address Learning 197
Setting Static Addresses 199
Changing the Aging Time 200
Displaying the Dynamic Address Table 201
Clearing the Dynamic Address Table 202
8SPANNING TREE ALGORITHM 205
Overview 205
Configuring Loopback Detection 208
Configuring Global Settings for STA 209
Displaying Global Settings for STA 214
C
ONTENTS
– 8 –
ES-4500G Series
Configuring Interface Settings for STA 215
Displaying Interface Settings for STA 219
Configuring Multiple Spanning Trees 222
Configuring Interface Settings for MSTP 226
9RATE LIMIT CONFIGURATION 229
10 STORM CONTROL CONFIGURATION 231
11 CLASS OF SERVICE 233
Layer 2 Queue Settings 233
Setting the Default Priority for Interfaces 233
Selecting the Queue Mode 234
Mapping CoS Values to Egress Queues 237
Layer 3/4 Priority Settings 239
Mapping DSCP Priority 239
Mapping IP Precedence 241
Mapping IP Port Priority 242
12 QUALITY OF SERVICE 245
Overview 245
Configuring a Class Map 246
Creating QoS Policies 249
Attaching a Policy Map to a Port 259
13 VOIP TRAFFIC CONFIGURATION 261
Overview 261
Configuring VoIP Traffic 261
Configuring Telephony OUI 263
Configuring VoIP Traffic Ports 264
14 SECURITY MEASURES 267
AAA Authorization and Accounting 268
Configuring Local/Remote Logon Authentication 269
Configuring Remote Logon Authentication Servers 270
Configuring AAA Accounting 275
Configuring AAA Authorization 280
Configuring User Accounts 283
Web Authentication 284
Configuring Global Settings for Web Authentication 285
Configuring Interface Settings for Web Authentication 286
C
ONTENTS
– 9 –
ES-4500G Series
Network Access (MAC Address Authentication) 287
Configuring Global Settings for Network Access 289
Configuring Network Access for Ports 290
Configuring Port Link Detection 292
Configuring a MAC Address Filter 293
Displaying Secure MAC Address Information 295
Configuring HTTPS 296
Configuring Global Settings for HTTPS 296
Replacing the Default Secure-site Certificate 298
Configuring the Secure Shell 300
Configuring the SSH Server 302
Generating the Host Key Pair 304
Importing User Public Keys 305
Access Control Lists 307
Setting A Time Range 308
Showing TCAM Utilization 311
Setting the ACL Name and Type 312
Configuring a Standard IPv4 ACL 313
Configuring an Extended IPv4 ACL 315
Configuring a Standard IPv6 ACL 317
Configuring an Extended IPv6 ACL 319
Configuring a MAC ACL 321
Configuring an ARP ACL 323
Binding a Port to an Access Control List 325
ARP Inspection 326
Configuring Global Settings for ARP Inspection 327
Configuring VLAN Settings for ARP Inspection 329
Configuring Interface Settings for ARP Inspection 331
Displaying ARP Inspection Statistics 332
Displaying the ARP Inspection Log 333
Filtering IP Addresses for Management Access 334
Configuring Port Security 336
Configuring 802.1X Port Authentication 338
Configuring 802.1X Global Settings 339
Configuring Port Settings for 802.1X 340
Displaying 802.1X Statistics 345
C
ONTENTS
– 10 –
ES-4500G Series
IP Source Guard 346
Configuring Ports for IP Source Guard 346
Configuring Static Bindings for IP Source Guard 348
Displaying Information for Dynamic IP Source Guard Bindings 350
DHCP Snooping 351
DHCP Snooping Configuration 354
DHCP Snooping VLAN Configuration 355
Configuring Ports for DHCP Snooping 356
Displaying DHCP Snooping Binding Information 357
15 BASIC ADMINISTRATION PROTOCOLS 359
Configuring Event Logging 359
System Log Configuration 359
Remote Log Configuration 362
Sending Simple Mail Transfer Protocol Alerts 363
Link Layer Discovery Protocol 364
Setting LLDP Timing Attributes 364
Configuring LLDP Interface Attributes 366
Displaying LLDP Local Device Information 369
Displaying LLDP Remote Port Information 371
Displaying Device Statistics 376
Simple Network Management Protocol 378
Configuring Global Settings for SNMP 380
Setting the Local Engine ID 381
Specifying a Remote Engine ID 382
Setting SNMPv3 Views 384
Configuring SNMPv3 Groups 387
Setting Community Access Strings 390
Configuring Local SNMPv3 Users 392
Configuring Remote SNMPv3 Users 394
Specifying Trap Managers 397
Remote Monitoring 401
Configuring RMON Alarms 402
Configuring RMON Events 405
Configuring RMON History Samples 407
Configuring RMON Statistical Samples 410
C
ONTENTS
– 11 –
ES-4500G Series
16 MULTICAST FILTERING 413
Overview 413
IGMP Protocol 414
Layer 2 IGMP (Snooping and Query) 415
Configuring IGMP Snooping and Query Parameters 417
Specifying Static Interfaces for a Multicast Router 421
Assigning Interfaces to Multicast Services 423
Setting IGMP Snooping Status per Interface 425
Filtering IGMP Query Packets and Multicast Data 430
Displaying Multicast Groups Discovered by IGMP Snooping 431
Filtering and Throttling IGMP Groups 432
Enabling IGMP Filtering and Throttling 432
Configuring IGMP Filter Profiles 433
Configuring IGMP Filtering and Throttling for Interfaces 436
Layer 3 IGMP (Query used with Multicast Routing) 437
Configuring IGMP Proxy Routing 438
Configuring IGMP Interface Parameters 440
Configuring Static IGMP Group Membership 443
Displaying Multicast Group Information 445
Multicast VLAN Registration 447
Configuring Global MVR Settings 449
Configuring the MVR Group Range 450
Configuring MVR Interface Status 451
Assigning Static Multicast Groups to Interfaces 454
Showing Multicast Groups Assigned to Interfaces 455
17 IP CONFIGURATION 457
Setting the Switch’s IP Address (IP Version 4) 457
Setting the Switch’s IP Address (IP Version 6) 461
Configuring the IPv6 Default Gateway 461
Configuring IPv6 Interface Settings 462
Configuring an IPv6 Address 465
Showing IPv6 Addresses 468
Showing the IPv6 Neighbor Cache 469
Showing IPv6 Statistics 471
Showing the MTU for Responding Destinations 476
C
ONTENTS
– 12 –
ES-4500G Series
18 GENERAL IP ROUTING 479
Overview 479
Initial Configuration 479
IP Routing and Switching 480
Routing Path Management 481
Routing Protocols 482
Configuring IP Routing Interfaces 482
Configuring Local and Remote Interfaces 482
Using the Ping Function 483
Using the Trace Route Function 484
Address Resolution Protocol 485
Basic ARP Configuration 486
Configuring Static ARP Addresses 488
Displaying Dynamic or Local ARP Entries 489
Displaying ARP Statistics 490
Configuring Static Routes 491
Displaying the Routing Table 493
Equal-cost Multipath Routing 494
19 CONFIGURING ROUTER REDUNDANCY 497
Configuring VRRP Groups 498
Displaying VRRP Global Statistics 504
Displaying VRRP Group Statistics 505
20 IP SERVICES 507
Domain Name Service 507
Configuring General DNS Service Parameters 507
Configuring a List of Domain Names 508
Configuring a List of Name Servers 510
Configuring Static DNS Host to Address Entries 511
Displaying the DNS Cache 512
Dynamic Host Configuration Protocol 513
Specifying A DHCP Client Identifier 513
Configuring DHCP Relay Service 515
Configuring the DHCP Server 516
Forwarding UDP Service Requests 523
Enabling the UDP Helper 523
Specifying UDP Destination Ports 524
C
ONTENTS
– 13 –
ES-4500G Series
Specifying The Target Server or Subnet 525
21 UNICAST ROUTING 529
Overview 529
Configuring the Routing Information Protocol 530
Configuring General Protocol Settings 531
Clearing Entries from the Routing Table 534
Specifying Network Interfaces 535
Specifying Passive Interfaces 537
Specifying Static Neighbors 538
Configuring Route Redistribution 539
Specifying an Administrative Distance 541
Configuring Network Interfaces for RIP 542
Displaying RIP Interface Settings 546
Displaying Peer Router Information 547
Resetting RIP Statistics 548
Configuring the Open Shortest Path First Protocol (Version 2) 548
Defining Network Areas Based on Addresses 550
Configuring General Protocol Settings 553
Displaying Administrative Settings and Statistics 556
Adding an NSSA or Stub 558
Configuring NSSA Settings 559
Configuring Stub Settings 562
Displaying Information on NSSA and Stub Areas 564
Configuring Area Ranges (Route Summarization for ABRs) 565
Redistributing External Routes 567
Configuring Summary Addresses (for External AS Routes) 569
Configuring OSPF Interfaces 571
Configuring Virtual Links 577
Displaying Link State Database Information 580
Displaying Information on Neighboring Routers 582
22 MULTICAST ROUTING 585
Overview 585
Configuring Global Settings for Multicast Routing 588
Enabling Multicast Routing Globally 588
Displaying the Multicast Routing Table 589
C
ONTENTS
– 14 –
ES-4500G Series
Configuring PIM for IPv4 592
Enabling PIM Globally 592
Configuring PIM Interface Settings 592
Displaying Neighbor Information 598
Configuring Global PIM-SM Settings 598
Configuring a BSR Candidate 600
Configuring a Static Rendezvous Point 601
Configuring an RP Candidate 603
Displaying the BSR Router 605
Displaying RP Mapping 607
Configuring PIMv6 for IPv6 608
Enabling PIM Globally 608
Configuring PIM Interface Settings 609
Displaying Neighbor Information 612
SECTION III COMMAND LINE INTERFACE 615
23 USING THE COMMAND LINE INTERFACE 617
Accessing the CLI 617
Console Connection 617
Telnet Connection 618
Entering Commands 619
Keywords and Arguments 619
Minimum Abbreviation 619
Command Completion 619
Getting Help on Commands 620
Partial Keyword Lookup 621
Negating the Effect of Commands 621
Using Command History 622
Understanding Command Modes 622
Exec Commands 622
Configuration Commands 623
Command Line Processing 625
CLI Command Groups 626
24 GENERAL COMMANDS 629
prompt 629
C
ONTENTS
– 15 –
ES-4500G Series
reload (Global Configuration) 630
enable 631
quit 632
show history 632
configure 633
disable 634
reload (Privileged Exec) 634
show reload 635
end 635
exit 635
25 SYSTEM MANAGEMENT COMMANDS 637
Device Designation 637
hostname 638
switch all renumber 638
System Status 639
show access-list tcam-utilization 639
show memory 640
show process cpu 640
show running-config 640
show startup-config 642
show system 643
show tech-support 644
show users 644
show version 645
Frame Size 646
jumbo frame 646
Fan Control 647
fan-speed force-full 647
File Management 647
boot system 648
copy 649
delete 652
dir 653
whichboot 654
Line 654
line 655
C
ONTENTS
– 16 –
ES-4500G Series
databits 656
exec-timeout 656
login 657
parity 658
password 659
password-thresh 660
silent-time 660
speed 661
stopbits 662
timeout login response 662
disconnect 663
show line 663
Event Logging 664
logging facility 665
logging history 665
logging host 666
logging on 667
logging trap 667
clear log 668
show log 669
show logging 669
SMTP Alerts 671
logging sendmail 671
logging sendmail host 671
logging sendmail level 672
logging sendmail destination-email 673
logging sendmail source-email 673
show logging sendmail 674
Time 674
sntp client 675
sntp poll 676
sntp server 676
show sntp 677
clock timezone 677
calendar set 678
show calendar 679
C
ONTENTS
– 17 –
ES-4500G Series
Time Range 679
time-range 679
absolute 680
periodic 681
show time-range 682
26 SNMP COMMANDS 683
snmp-server 684
snmp-server community 685
snmp-server contact 685
snmp-server location 686
show snmp 686
snmp-server enable traps 687
snmp-server host 688
snmp-server engine-id 691
snmp-server group 692
snmp-server user 693
snmp-server view 694
show snmp engine-id 695
show snmp group 696
show snmp user 697
show snmp view 698
nlm 698
snmp-server notify-filter 699
show nlm oper-status 700
show snmp notify-filter 701
27 REMOTE MONITORING COMMANDS 703
rmon alarm 704
rmon event 705
rmon collection history 706
rmon collection rmon1 707
show rmon alarms 708
show rmon events 708
show rmon history 708
show rmon statistics 709
28 FLOW SAMPLING COMMANDS 711
sflow destination 711
C
ONTENTS
– 18 –
ES-4500G Series
sflow max-datagram-size 712
sflow max-header-size 713
sflow owner 713
sflow sample 714
sflow source 714
sflow timeout 715
show sflow 715
29 AUTHENTICATION COMMANDS 717
User Accounts 717
enable password 718
username 719
Authentication Sequence 720
authentication enable 720
authentication login 721
RADIUS Client 722
radius-server acct-port 722
radius-server auth-port 723
radius-server host 723
radius-server key 724
radius-server retransmit 725
radius-server timeout 725
show radius-server 726
TACACS+ Client 726
tacacs-server 727
tacacs-server host 727
tacacs-server key 728
tacacs-server port 728
show tacacs-server 729
AAA 729
aaa accounting commands 730
aaa accounting dot1x 731
aaa accounting exec 732
aaa accounting update 733
aaa authorization exec 733
aaa group server 734
server 735
C
ONTENTS
– 19 –
ES-4500G Series
accounting dot1x 735
accounting exec 736
authorization exec 736
show accounting 737
Web Server 738
ip http port 738
ip http server 739
ip http secure-server 739
ip http secure-port 741
Telnet Server 741
ip telnet max-sessions 742
ip telnet port 742
ip telnet server 743
show ip telnet 743
Secure Shell 744
ip ssh authentication-retries 747
ip ssh server 747
ip ssh server-key size 748
ip ssh timeout 748
delete public-key 749
ip ssh crypto host-key generate 749
ip ssh crypto zeroize 750
ip ssh save host-key 751
show ip ssh 751
show public-key 752
show ssh 753
802.1X Port Authentication 753
dot1x default 754
dot1x eapol-pass-through 754
dot1x system-auth-control 755
dot1x intrusion-action 755
dot1x max-req 756
dot1x operation-mode 757
dot1x port-control 758
dot1x re-authentication 758
dot1x timeout quiet-period 759
C
ONTENTS
– 20 –
ES-4500G Series
dot1x timeout re-authperiod 759
dot1x timeout supp-timeout 760
dot1x timeout tx-period 760
dot1x re-authenticate 761
show dot1x 762
Management IP Filter 764
management 765
show management 766
30 GENERAL SECURITY MEASURES 767
Port Security 768
mac-learning 768
port security 769
Network Access (MAC Address Authentication) 771
network-access aging 772
network-access mac-filter 772
mac-authentication reauth-time 773
network-access dynamic-qos 774
network-access dynamic-vlan 775
network-access guest-vlan 776
network-access link-detection 776
network-access link-detection link-down 777
network-access link-detection link-up 777
network-access link-detection link-up-down 778
network-access max-mac-count 778
network-access mode mac-authentication 779
network-access port-mac-filter 780
mac-authentication intrusion-action 781
mac-authentication max-mac-count 781
show network-access 782
show network-access mac-address-table 783
show network-access mac-filter 784
Web Authentication 784
web-auth login-attempts 785
web-auth quiet-period 786
web-auth session-timeout 786
web-auth system-auth-control 787
Other manuals for iPECS ES-4550G
1
This manual suits for next models
1
Table of contents
Other LG-Ericsson Switch manuals
