Q-tech Qsw-2800 series User manual

+7(495) 797-3311 www.qtech.ru

Москва, Новозаводская ул., 18, стр. 1

Content

CONTENT...........................................................................................................1

CHAPTER 1 SWITCH MANAGEMENT............................................................1-1

1.1 MANAGEMENT OPTIONS ...............................................................................................1-1

1.1.1 Out-Of-Band Management............................................................................1-1

1.1.2 In-band Management.....................................................................................1-4

1.2CLI INTERFACE............................................................................................................1-8

1.2.1 Configuration Modes.....................................................................................1-9

1.2.2 Configuration Syntax ..................................................................................1-11

1.2.3 Shortcut Key Support..................................................................................1-12

1.2.4 Help Function...............................................................................................1-12

1.2.5 Input Verification .........................................................................................1-13

1.2.6 Fuzzy Match Support...................................................................................1-13

CHAPTER 2 BASIC SWITCH CONFIGURATION..........................................2-15

2.1 BASIC CONFIGURATION ..............................................................................................2-15

2.2 TELNET MANAGEMENT ...............................................................................................2-16

2.2.1 Telnet............................................................................................................2-16

2.2.2 SSH...............................................................................................................2-18

2.3 CONFIGURE SWITCH IPADDRESSES............................................................................2-19

2.3.1 Switch IP Addresses Configuration Task List...........................................2-19

2.4 SNMP CONFIGURATION..............................................................................................2-21

2.4.1 Introduction to SNMP..................................................................................2-21

2.4.2 Introduction to MIB......................................................................................2-22

2.4.3 Introduction to RMON .................................................................................2-23

2.4.4 SNMP Configuration....................................................................................2-23

2.4.5 Typical SNMP Configuration Examples.....................................................2-26

2.4.6 SNMP Troubleshooting ...............................................................................2-27

2.5 SWITCH UPGRADE......................................................................................................2-28

2.5.1 Switch System Files....................................................................................2-28

2.5.2 BootROM Upgrade.......................................................................................2-28

2.5.3 FTP/TFTP Upgrade ......................................................................................2-31

CHAPTER 3 CLUSTER CONFIGURATION...................................................3-40

+7(495) 797-3311 www.qtech.ru

Москва, Новозаводская ул., 18, стр. 1

3.1 INTRODUCTION TO CLUSTER NETWORK MANAGEMENT ...................................................3-40

3.2 CLUSTER NETWORK MANAGEMENT CONFIGURATION SEQUENCE...................................3-40

3.3 EXAMPLES OF CLUSTER ADMINISTRATION....................................................................3-43

3.4 CLUSTER ADMINISTRATION TROUBLESHOOTING ...........................................................3-44

CHAPTER 4 PORT CONFIGURATION..........................................................4-45

4.1 INTRODUCTION TO PORT .............................................................................................4-45

4.2 NETWORK PORT CONFIGURATION TASK LIST ...............................................................4-45

4.3 PORT CONFIGURATION EXAMPLE ................................................................................4-47

4.4 PORT TROUBLESHOOTING ..........................................................................................4-48

CHAPTER 5 PORT ISOLATION FUNCTION CONFIGURATION...................5-49

5.1 INTRODUCTION TO PORT ISOLATION FUNCTION.............................................................5-49

5.2 TASK SEQUENCE OF PORT ISOLATION..........................................................................5-49

5.3 PORT ISOLATION FUNCTION TYPICAL EXAMPLES ..........................................................5-50

CHAPTER 6 PORT LOOPBACK DETECTION FUNCTION CONFIGURATION6-

6.1 INTRODUCTION TO PORT LOOPBACK DETECTION FUNCTION ..........................................6-51

6.2 PORT LOOPBACK DETECTION FUNCTION CONFIGURATION TASK LIST ............................6-52

6.3 PORT LOOPBACK DETECTION FUNCTION EXAMPLE.......................................................6-53

6.4 PORT LOOPBACK DETECTION TROUBLESHOOTING .......................................................6-54

CHAPTER 7 ULDP FUNCTION CONFIGURATION.......................................7-55

7.1 INTRODUCTION TO ULDP FUNCTION............................................................................7-55

7.2 ULDP CONFIGURATION TASK SEQUENCE ....................................................................7-56

7.3 ULDP FUNCTION TYPICAL EXAMPLES .........................................................................7-59

7.4 ULDP TROUBLESHOOTING .........................................................................................7-60

CHAPTER 8 LLDP FUNCTION OPERATION CONFIGURATION .................8-62

8.1 INTRODUCTION TO LLDP FUNCTION ............................................................................8-62

8.2 LLDP FUNCTION CONFIGURATION TASK SEQUENCE.....................................................8-63

8.3 LLDP FUNCTION TYPICAL EXAMPLE ...........................................................................8-66

8.4 LLDP FUNCTION TROUBLESHOOTING..........................................................................8-66

CHAPTER 9 PORT CHANNEL CONFIGURATION........................................9-67

9.1 INTRODUCTION TO PORT CHANNEL..............................................................................9-67

+7(495) 797-3311 www.qtech.ru

Москва, Новозаводская ул., 18, стр. 1

9.2 BRIEF INTRODUCTION TO LACP..................................................................................9-68

9.2.1 Static LACP Aggregation ............................................................................9-69

9.2.2 Dynamic LACP Aggregation.......................................................................9-69

9.3 PORT CHANNEL CONFIGURATION TASK LIST ................................................................9-69

9.4 PORT CHANNEL EXAMPLES ........................................................................................9-71

9.5 PORT CHANNEL TROUBLESHOOTING ...........................................................................9-73

CHAPTER 10 JUMBO CONFIGURATION...................................................10-74

10.1 INTRODUCTION TO JUMBO.......................................................................................10-74

10.2 JUMBO CONFIGURATION TASK SEQUENCE ...............................................................10-74

CHAPTER 11 EFM OAM CONFIGURATION...............................................11-75

11.1 INTRODUCTION TO EFM OAM.................................................................................11-75

11.2 EFM OAM CONFIGURATION ...................................................................................11-78

11.3 EFM OAM EXAMPLE .............................................................................................11-81

11.4 EFM OAM TROUBLESHOOTING ..............................................................................11-81

CHAPTER 12 PORT SECURITY..................................................................12-83

12.1 INTRODUCTION TO PORT SECURITY.....................................................................12-83

12.2 PORT SECURITY CONFIGURATION TASK LIST .......................................................12-83

12.3 EXAMPLE OF PORT SECURITY ............................................................................12-84

12.4 PORT SECURITY TROUBLESHOOTING ..................................................................12-85

CHAPTER 13 DDM CONFIGURATION........................................................13-86

13.1 INTRODUCTION TO DDM .........................................................................................13-86

13.1.1 Brief Introduction to DDM.......................................................................13-86

13.1.2 DDM Function ..........................................................................................13-87

13.2 DDM CONFIGURATION TASK LIST............................................................................13-88

13.3 EXAMPLES OF DDM...............................................................................................13-89

13.4 DDM TROUBLESHOOTING.......................................................................................13-93

CHAPTER 14 LLDP-MED............................................................................14-94

14.1 INTRODUCTION TO LLDP-MED...............................................................................14-94

14.2 LLDP-MED CONFIGURATION TASK SEQUENCE........................................................14-94

14.3 LLDP-MED EXAMPLE ...........................................................................................14-96

14.4 LLDP-MED TROUBLESHOOTING ............................................................................14-99

CHAPTER 15 BPDU-TUNNEL CONFIGURATION....................................15-100

+7(495) 797-3311 www.qtech.ru

Москва, Новозаводская ул., 18, стр. 1

15.1 INTRODUCTION TO BPDU-TUNNEL...........................................................................15-100

15.1.1 bpdu-tunnel function.............................................................................15-100

15.1.2 Background of bpdu-tunnel..................................................................15-100

15.2 BPDU-TUNNEL CONFIGURATION TASK LIST .............................................................15-101

15.3 EXAMPLES OF BPDU-TUNNEL.................................................................................15-101

15.4 BPDU-TUNNEL TROUBLESHOOTING ........................................................................15-102

CHAPTER 16 VLAN CONFIGURATION....................................................16-103

16.1 VLAN CONFIGURATION ........................................................................................16-103

16.1.1 Introduction to VLAN.............................................................................16-103

16.1.2 VLAN Configuration Task List..............................................................16-104

16.1.3 Typical VLAN Application .....................................................................16-107

16.1.4 Typical Application of Hybrid Port .......................................................16-108

16.2 DOT1Q-TUNNEL CONFIGURATION...........................................................................16-110

16.2.1 Introduction to Dot1q-tunnel ................................................................16-110

16.2.2 Dot1q-tunnel Configuration..................................................................16-112

16.2.3 Typical Applications of the Dot1q-tunnel ............................................16-112

16.2.4 Dot1q-tunnel Troubleshooting .............................................................16-113

16.3 SELECTIVE QINQCONFIGURATION ........................................................................16-113

16.3.1 Introduction to Selective QinQ.............................................................16-113

16.3.2 Selective QinQ Configuration...............................................................16-113

16.3.3 Typical Applications of Selective QinQ................................................16-114

16.3.4 Selective QinQ Troubleshooting ..........................................................16-116

16.4 VLAN-TRANSLATION CONFIGURATION...................................................................16-116

16.4.1 Introduction to VLAN-translation.........................................................16-116

16.4.2 VLAN-translation Configuration...........................................................16-116

16.4.3 Typical application of VLAN-translation..............................................16-117

16.4.4 VLAN-translation Troubleshooting ......................................................16-118

16.5 MULTI-TO-ONE VLAN TRANSLATION CONFIGURATION............................................16-119

16.5.1 Introduction to Multi-to-One VLAN Translation ..................................16-119

16.5.2 Multi-to-One VLAN Translation Configuration ....................................16-119

16.5.3 Typical application of Multi-to-One VLAN Translation .......................16-119

16.5.4 Multi-to-One VLAN Translation Troubleshooting................................16-121

16.6 DYNAMIC VLAN CONFIGURATION..........................................................................16-121

16.6.1 Introduction to Dynamic VLAN.............................................................16-121

16.6.2 Dynamic VLAN Configuration ..............................................................16-121

16.6.3 Typical Application of the Dynamic VLAN...........................................16-122

16.6.4 Dynamic VLAN Troubleshooting..........................................................16-123

16.7 GVRP CONFIGURATION........................................................................................16-124

16.7.1 Introduction to GVRP............................................................................16-124

+7(495) 797-3311 www.qtech.ru

Москва, Новозаводская ул., 18, стр. 1

16.7.2 GVRP Configuration Task List..............................................................16-125

16.7.3 Example of GVRP ..................................................................................16-126

16.7.4 GVRP Troubleshooting .........................................................................16-127

CHAPTER 17 MAC TABLE CONFIGURATION.........................................17-128

17.1 INTRODUCTION TO MAC TABLE.............................................................................17-128

17.1.1 Obtaining MAC Table.............................................................................17-128

17.1.2 Forward or Filter....................................................................................17-130

17.2 MAC ADDRESS TABLE CONFIGURATION TASK LIST .................................................17-131

17.3 TYPICAL CONFIGURATION EXAMPLES ....................................................................17-132

17.4 MAC TABLE TROUBLESHOOTING ..........................................................................17-132

17.5 MAC ADDRESS FUNCTION EXTENSION ..................................................................17-133

17.5.1 MAC Address Binding...........................................................................17-133

17.6 MAC NOTIFICATION CONFIGURATION ....................................................................17-135

17.6.1 Introduction to MAC Notification..........................................................17-135

17.6.2 MAC Notification Configuration ...........................................................17-135

17.6.3 MAC Notification Example....................................................................17-137

17.6.4 MAC Notification Troubleshooting.......................................................17-137

CHAPTER 18 MSTP CONFIGURATION....................................................18-138

18.1 INTRODUCTION TO MSTP......................................................................................18-138

18.1.1 MSTP Region .........................................................................................18-138

18.1.2 Port Roles...............................................................................................18-140

18.1.3 MSTP Load Balance ..............................................................................18-140

18.2 MSTP CONFIGURATION TASK LIST........................................................................18-140

18.3 MSTPEXAMPLE..................................................................................................18-144

18.4 MSTP TROUBLESHOOTING...................................................................................18-149

CHAPTER 19 QOS CONFIGURATION......................................................19-150

19.1 INTRODUCTION TO QOS........................................................................................19-150

19.1.1 QoS Terms..............................................................................................19-150

19.1.2 QoS Implementation..............................................................................19-151

19.1.3 Basic QoS Model ...................................................................................19-152

19.2 QOSCONFIGURATION TASK LIST ..........................................................................19-155

19.3 QOSEXAMPLE ....................................................................................................19-159

19.4 QOSTROUBLESHOOTING .....................................................................................19-161

CHAPTER 20 FLOW-BASED REDIRECTION...........................................20-162

+7(495) 797-3311 www.qtech.ru

Москва, Новозаводская ул., 18, стр. 1

20.1 INTRODUCTION TO FLOW-BASED REDIRECTION.......................................................20-162

20.2 FLOW-BASED REDIRECTION CONFIGURATION TASK SEQUENCE ...............................20-162

20.3 FLOW-BASED REDIRECTION EXAMPLES .................................................................20-163

20.4 FLOW-BASED REDIRECTION TROUBLESHOOTING HELP ...........................................20-163

CHAPTER 21 FLEXIBLE QINQ CONFIGURATION...................................21-164

21.1 INTRODUCTION TO FLEXIBLE QINQ........................................................................21-164

21.1.1 QinQ Technique.....................................................................................21-164

21.1.2 Basic QinQ .............................................................................................21-164

21.1.3 Flexible QinQ .........................................................................................21-164

21.2 FLEXIBLE QINQCONFIGURATION TASK LIST ..........................................................21-164

21.3 FLEXIBLE QINQEXAMPLE.....................................................................................21-166

21.4 FLEXIBLE QINQTROUBLESHOOTING......................................................................21-168

CHAPTER 22 LAYER 3 MANAGEMENT CONFIGURATION ....................22-169

22.1 LAYER 3MANAGEMENT INTERFACE .......................................................................22-169

22.1.1 Introduction to Layer 3 Management Interface...................................22-169

22.1.2 Layer 3 Interface Configuration Task List ...........................................22-169

22.2 IP CONFIGURATION ..............................................................................................22-170

22.2.1 Introduction to IPv4, IPv6......................................................................22-170

22.2.2 IP Configuration.....................................................................................22-172

22.2.3 IPv6 Troubleshooting ............................................................................22-174

22.3 ARP ...................................................................................................................22-174

22.3.1 Introduction to ARP...............................................................................22-174

22.3.2 ARP Configuration Task List.................................................................22-174

22.3.3 ARP Troubleshooting ............................................................................22-174

CHAPTER 23 ARP SCANNING PREVENTION FUNCTION CONFIGURATION

...................................................................................................................23-176

23.1 INTRODUCTION TO ARP SCANNING PREVENTION FUNCTION ....................................23-176

23.2 ARP SCANNING PREVENTION CONFIGURATION TASK SEQUENCE.............................23-176

23.3 ARP SCANNING PREVENTION TYPICAL EXAMPLES .................................................23-178

23.4 ARP SCANNING PREVENTION TROUBLESHOOTING HELP.........................................23-179

CHAPTER 24 PREVENT ARP SPOOFING CONFIGURATION.................24-180

24.1 OVERVIEW...........................................................................................................24-180

24.1.1 ARP (Address Resolution Protocol).....................................................24-180

24.1.2 ARP Spoofing.........................................................................................24-180

+7(495) 797-3311 www.qtech.ru

Москва, Новозаводская ул., 18, стр. 1

24.1.3 How to prevent void ARP Spoofing......................................................24-180

24.2 PREVENT ARP SPOOFING CONFIGURATION ............................................................24-181

24.3 PREVENT ARP SPOOFING EXAMPLE......................................................................24-182

CHAPTER 25 ARP GUARD CONFIGURATION ........................................25-184

25.1 INTRODUCTION TO ARP GUARD ..........................................................................25-184

25.2 ARP GUARD CONFIGURATION TASK LIST ............................................................25-185

CHAPTER 26 GRATUITOUS ARP CONFIGURATION ..............................26-186

26.1 INTRODUCTION TO GRATUITOUS ARP ....................................................................26-186

26.2 GRATUITOUS ARP CONFIGURATION TASK LIST.......................................................26-186

26.3 GRATUITOUS ARP CONFIGURATION EXAMPLE........................................................26-187

26.4 GRATUITOUS ARP TROUBLESHOOTING..................................................................26-188

CHAPTER 27 DHCP CONFIGURATION....................................................27-189

27.1 INTRODUCTION TO DHCP .....................................................................................27-189

27.2 DHCP SERVER CONFIGURATION...........................................................................27-190

27.3 DHCP RELAY CONFIGURATION .............................................................................27-192

27.4 DHCP CONFIGURATION EXAMPLES.......................................................................27-194

27.5 DHCP TROUBLESHOOTING...................................................................................27-197

CHAPTER 28 DHCPV6 CONFIGURATION ...............................................28-199

28.1 INTRODUCTION TO DHCPV6 .................................................................................28-199

28.2 DHCPV6SERVER CONFIGURATION.......................................................................28-200

28.3 DHCPV6RELAY DELEGATION CONFIGURATION......................................................28-202

28.4 DHCPV6PREFIX DELEGATION SERVER CONFIGURATION........................................28-202

28.5 DHCPV6PREFIX DELEGATION CLIENT CONFIGURATION .........................................28-204

28.6 DHCPV6CONFIGURATION EXAMPLES...................................................................28-205

28.7 DHCPV6TROUBLESHOOTING...............................................................................28-207

CHAPTER 29 DHCP OPTION 82 CONFIGURATION ................................29-208

29.1 INTRODUCTION TO DHCP OPTION 82.....................................................................29-208

29.2 DHCP OPTION 82 MESSAGE STRUCTURE ..............................................................29-208

29.2.1 Option 82 Working Mechanism ............................................................29-209

29.3 DHCP OPTION 82 CONFIGURATION TASK LIST .......................................................29-210

29.4 DHCP OPTION 82APPLICATION EXAMPLES ...........................................................29-213

29.5 DHCP OPTION 82 TROUBLESHOOTING ..................................................................29-215

+7(495) 797-3311 www.qtech.ru

Москва, Новозаводская ул., 18, стр. 1

CHAPTER 30 DHCP OPTION 60 AND OPTION 43...................................30-216

30.1 INTRODUCTION TO DHCP OPTION 60 AND OPTION 43..............................................30-216

30.2 DHCP OPTION 60AND OPTION 43 CONFIGURATION TASK LIST ................................30-216

30.3 DHCPV6OPTION 60 AND OPTION 43 EXAMPLE ......................................................30-217

30.4 DHCP OPTION 60AND OPTION 43 TROUBLESHOOTING ...........................................30-217

CHAPTER 31 DHCPV6 OPTION37, 38......................................................31-218

31.1 INTRODUCTION TO DHCPV6OPTION37, 38............................................................31-218

31.2 DHCPV6OPTION37, 38 CONFIGURATION TASK LIST ..............................................31-219

31.3 DHCPV6OPTION37, 38 EXAMPLES.......................................................................31-223

31.3.1 DHCPv6 Snooping option37, 38 Example ...........................................31-223

31.3.2 DHCPv6 Relay option37, 38 Example ..................................................31-225

31.4 DHCPV6OPTION37, 38 TROUBLESHOOTING .........................................................31-226

CHAPTER 32 DHCP SNOOPING CONFIGURATION................................32-227

32.1 INTRODUCTION TO DHCP SNOOPING.....................................................................32-227

32.2 DHCP SNOOPING CONFIGURATION TASK SEQUENCE .............................................32-228

32.3 DHCP SNOOPING TYPICAL APPLICATION...............................................................32-232

32.4 DHCP SNOOPING TROUBLESHOOTING HELP .........................................................32-233

32.4.1 Monitor and Debug Information ...........................................................32-233

32.4.2 DHCP Snooping Troubleshooting Help ...............................................32-233

CHAPTER 33 DHCP SNOOPING OPTION 82 CONFIGURATION ............33-234

33.1 INTRODUCTION TO DHCP SNOOPING OPTION 82 ....................................................33-234

33.1.1 DHCP option 82 Message Structure.....................................................33-234

33.1.2 DHCP Snooping option 82 Working Mechanism ................................33-235

33.2 DHCP SNOOPING OPTION 82 CONFIGURATION TASK LIST.......................................33-236

33.3 DHCP SNOOPING OPTION 82 APPLICATION EXAMPLES...........................................33-237

33.4 DHCP SNOOPING OPTION 82 TROUBLESHOOTING..................................................33-238

CHAPTER 34 IPV4 MULTICAST PROTOCOL ..........................................34-239

34.1 IPV4MULTICAST PROTOCOL OVERVIEW ................................................................34-239

34.1.1 Introduction to Multicast.......................................................................34-239

34.1.2 Multicast Address..................................................................................34-240

34.1.3 IP Multicast Packet Transmission........................................................34-241

34.1.4 IP Multicast Application ........................................................................34-241

34.2 DCSCM..............................................................................................................34-242

+7(495) 797-3311 www.qtech.ru

Москва, Новозаводская ул., 18, стр. 1

34.2.1 Introduction to DCSCM.........................................................................34-242

34.2.2 DCSCM Configuration Task List...........................................................34-242

34.2.3 DCSCM Configuration Examples .........................................................34-245

34.2.4 DCSCM Troubleshooting ......................................................................34-246

34.3 IGMP SNOOPING .................................................................................................34-246

34.3.1 Introduction to IGMP Snooping............................................................34-246

34.3.2 IGMP Snooping Configuration Task List .............................................34-247

34.3.3 IGMP Snooping Examples ....................................................................34-249

34.3.4 IGMP Snooping Troubleshooting.........................................................34-251

CHAPTER 35 IPV6 MULTICAST PROTOCOL ..........................................35-252

35.1 MLD SNOOPING...................................................................................................35-252

35.1.1 Introduction to MLD Snooping.............................................................35-252

35.1.2 MLD Snooping Configuration Task......................................................35-252

35.1.3 MLD Snooping Examples......................................................................35-254

35.1.4 MLD Snooping Troubleshooting ..........................................................35-257

CHAPTER 36 MULTICAST VLAN .............................................................36-258

36.1 INTRODUCTIONS TO MULTICAST VLAN ..................................................................36-258

36.2 MULTICAST VLAN CONFIGURATION TASK LIST ......................................................36-258

36.3 MULTICAST VLAN EXAMPLES...............................................................................36-259

CHAPTER 37 ACL CONFIGURATION.......................................................37-262

37.1 INTRODUCTION TO ACL ........................................................................................37-262

37.1.1 Access-list..............................................................................................37-262

37.1.2 Access-group.........................................................................................37-262

37.1.3 Access-list Action and Global Default Action .....................................37-262

37.2 ACL CONFIGURATION TASK LIST...........................................................................37-263

37.3 ACLEXAMPLE.....................................................................................................37-275

37.4 ACL TROUBLESHOOTING......................................................................................37-279

CHAPTER 38 802.1X CONFIGURATION ..................................................38-281

38.1 INTRODUCTION TO 802.1X.....................................................................................38-281

38.1.1 The Authentication Structure of 802.1x...............................................38-281

38.1.2 The Work Mechanism of 802.1x............................................................38-283

38.1.3 The Encapsulation of EAPOL Messages.............................................38-283

38.1.4 The Encapsulation of EAP Attributes ..................................................38-285

38.1.5 The Extension and Optimization of 802.1x..........................................38-290

+7(495) 797-3311 www.qtech.ru

Москва, Новозаводская ул., 18, стр. 1

38.1.6 The Features of VLAN Allocation.........................................................38-291

38.2 802.1X CONFIGURATION TASK LIST.......................................................................38-292

38.3 802.1X APPLICATION EXAMPLE.............................................................................38-295

38.3.1 Examples of Guest Vlan Applications .................................................38-295

38.3.2 Examples of IPv4 Radius Applications................................................38-298

38.3.3 Examples of IPv6 Radius Application..................................................38-299

38.4 802.1X TROUBLESHOOTING..................................................................................38-300

CHAPTER 39 THE NUMBER LIMITATION FUNCTION OF MAC IN PORT

CONFIGURATION......................................................................................39-301

39.1 INTRODUCTION TO THE NUMBER LIMITATION FUNCTION OF MAC IN PORT.................39-301

39.2 THE NUMBER LIMITATION FUNCTION OF MAC IN PORT CONFIGURATION TASK SEQUENCE

...................................................................................................................................39-302

39.3 THE NUMBER LIMITATION FUNCTION OF MAC IN PORT TYPICAL EXAMPLES..............39-303

39.4 THE NUMBER LIMITATION FUNCTION OF MAC IN PORT TROUBLESHOOTING HELP.....39-303

CHAPTER 40 OPERATIONAL CONFIGURATION OF AM FUNCTION.....40-305

40.1 INTRODUCTION TO AM FUNCTION ..........................................................................40-305

40.2 AM FUNCTION CONFIGURATION TASK LIST ............................................................40-305

40.3 AM FUNCTION EXAMPLE.......................................................................................40-307

40.4 AM FUNCTION TROUBLESHOOTING .......................................................................40-307

CHAPTER 41 SECURITY FEATURE CONFIGURATION ..........................41-308

41.1 INTRODUCTION TO SECURITY FEATURE ..................................................................41-308

41.2 SECURITY FEATURE CONFIGURATION.....................................................................41-308

41.2.1 Prevent IP Spoofing Function Configuration Task Sequence ...........41-308

41.2.2 Prevent TCP Unauthorized Label Attack Function Configuration Task

Sequence...........................................................................................................41-308

41.2.3 Anti Port Cheat Function Configuration Task Sequence ...................41-309

41.2.4 Prevent TCP Fragment Attack Function Configuration Task Sequence.41-

309

41.2.5 Prevent ICMP Fragment Attack Function Configuration Task Sequence41-

309

41.3 SECURITY FEATURE EXAMPLE...............................................................................41-310

CHAPTER 42 TACACS+ CONFIGURATION.............................................42-311

42.1 INTRODUCTION TO TACACS+...............................................................................42-311

42.2 TACACS+ CONFIGURATION TASK LIST .................................................................42-311

+7(495) 797-3311 www.qtech.ru

Москва, Новозаводская ул., 18, стр. 1

42.3 TACACS+ SCENARIOS TYPICAL EXAMPLES..........................................................42-312

42.4 TACACS+ TROUBLESHOOTING ............................................................................42-313

CHAPTER 43 RADIUS CONFIGURATION................................................43-314

43.1 INTRODUCTION TO RADIUS..................................................................................43-314

43.1.1 AAA and RADIUS Introduction.............................................................43-314

43.1.2 Message structure for RADIUS ............................................................43-314

43.2 RADIUS CONFIGURATION TASK LIST ....................................................................43-316

43.3 RADIUS TYPICAL EXAMPLES...............................................................................43-318

43.3.1 IPv4 Radius Example.............................................................................43-318

43.3.2 IPv6 RadiusExample..............................................................................43-319

43.4 RADIUS TROUBLESHOOTING ...............................................................................43-319

CHAPTER 44 SSL CONFIGURATION.......................................................44-321

44.1 INTRODUCTION TO SSL.........................................................................................44-321

44.1.1 Basic Element of SSL............................................................................44-321

44.2 SSL CONFIGURATION TASK LIST...........................................................................44-322

44.3 SSL TYPICAL EXAMPLE........................................................................................44-323

44.4 SSL TROUBLESHOOTING......................................................................................44-324

CHAPTER 45 IPV6 SECURITY RA CONFIGURATION.............................45-325

45.1 INTRODUCTION TO IPV6SECURITY RA...................................................................45-325

45.2 IPV6SECURITY RACONFIGURATION TASK SEQUENCE ...........................................45-325

45.3 IPV6SECURITY RATYPICAL EXAMPLES ................................................................45-326

45.4 IPV6SECURITY RATROUBLESHOOTING HELP .......................................................45-327

CHAPTER 46 MAB CONFIGURATION......................................................46-328

46.1 INTRODUCTION TO MAB .......................................................................................46-328

46.2 MAB CONFIGURATION TASK LIST..........................................................................46-328

46.3 MAB EXAMPLE....................................................................................................46-330

46.4 MAB TROUBLESHOOTING.....................................................................................46-332

CHAPTER 47 PPPOE INTERMEDIATE AGENT CONFIGURATION.........47-333

47.1 INTRODUCTION TO PPPOEINTERMEDIATE AGENT...................................................47-333

47.1.1 Brief Introduction to PPPoE .................................................................47-333

47.1.2 Introduction to PPPoE IA......................................................................47-333

47.2 PPPOEINTERMEDIATE AGENT CONFIGURATION TASK LIST.....................................47-337

47.3 PPPOEINTERMEDIATE AGENT TYPICAL APPLICATION ............................................47-339

+7(495) 797-3311 www.qtech.ru

Москва, Новозаводская ул., 18, стр. 1

47.4 PPPOEINTERMEDIATE AGENT TROUBLESHOOTING................................................47-340

CHAPTER 48 WEB PORTAL CONFIGURATION ......................................48-341

48.1 INTRODUCTION TO WEB PORTAL AUTHENTICATION .................................................48-341

48.2 WEB PORTAL AUTHENTICATION CONFIGURATION TASK LIST....................................48-341

48.3 WEB PORTAL AUTHENTICATION TYPICAL EXAMPLE ................................................48-343

48.4 WEB PORTAL AUTHENTICATION TROUBLESHOOTING...............................................48-344

CHAPTER 49 VLAN-ACL CONFIGURATION............................................49-345

49.1 INTRODUCTION TO VLAN-ACL.............................................................................49-345

49.2 VLAN-ACL CONFIGURATION TASK LIST................................................................49-345

49.3 VLAN-ACL CONFIGURATION EXAMPLE.................................................................49-347

49.4 VLAN-ACL TROUBLESHOOTING...........................................................................49-348

CHAPTER 50 SAVI CONFIGURATION......................................................50-349

50.1 INTRODUCTION TO SAVI .......................................................................................50-349

50.2 SAVI CONFIGURATION..........................................................................................50-349

50.3 SAVI TYPICAL APPLICATION .................................................................................50-353

50.4 SAVI TROUBLESHOOTING.....................................................................................50-354

CHAPTER 51 MRPP CONFIGURATION....................................................51-355

51.1 INTRODUCTION TO MRPP.....................................................................................51-355

51.1.1 Conception Introduction.......................................................................51-355

51.1.2 MRPP Protocol Packet Types ...............................................................51-357

51.1.3 MRPP Protocol Operation System.......................................................51-357

51.2 MRPP CONFIGURATION TASK LIST........................................................................51-358

51.3 MRPP TYPICAL SCENARIO...................................................................................51-360

51.4 MRPP TROUBLESHOOTING...................................................................................51-362

CHAPTER 52 ULPP CONFIGURATION ....................................................52-363

52.1 INTRODUCTION TO ULPP......................................................................................52-363

52.2 ULPP CONFIGURATION TASK LIST ........................................................................52-365

52.3 ULPP TYPICAL EXAMPLES ...................................................................................52-367

52.3.1 ULPP Typical Example1 ........................................................................52-367

52.3.2 ULPP Typical Example2 ........................................................................52-369

52.4 ULPP TROUBLESHOOTING ...................................................................................52-370

CHAPTER 53 ULSM CONFIGURATION....................................................53-371

+7(495) 797-3311 www.qtech.ru

Москва, Новозаводская ул., 18, стр. 1

53.1 INTRODUCTION TO ULSM .....................................................................................53-371

53.2 ULSM CONFIGURATION TASK LIST........................................................................53-372

53.3 ULSM TYPICAL EXAMPLE ....................................................................................53-373

53.4 ULSM TROUBLESHOOTING...................................................................................53-374

CHAPTER 54 MIRROR CONFIGURATION ...............................................54-375

54.1 INTRODUCTION TO MIRROR ...................................................................................54-375

54.2 MIRROR CONFIGURATION TASK LIST......................................................................54-375

54.3 MIRROR EXAMPLES..............................................................................................54-376

54.4 DEVICE MIRROR TROUBLESHOOTING.....................................................................54-377

CHAPTER 55 SFLOW CONFIGURATION.................................................55-378

55.1 INTRODUCTION TO SFLOW.....................................................................................55-378

55.2 SFLOW CONFIGURATION TASK LIST .......................................................................55-378

55.3 SFLOW EXAMPLES ...............................................................................................55-380

55.4 SFLOW TROUBLESHOOTING ..................................................................................55-381

CHAPTER 56 SNTP CONFIGURATION ....................................................56-382

56.1 INTRODUCTION TO SNTP......................................................................................56-382

56.2 TYPICAL EXAMPLES OF SNTP CONFIGURATION......................................................56-383

CHAPTER 57 NTP FUNCTION CONFIGURATION ...................................57-384

57.1 INTRODUCTION TO NTP FUNCTION.........................................................................57-384

57.2 NTP FUNCTION CONFIGURATION TASK LIST...........................................................57-384

57.3 TYPICAL EXAMPLES OF NTP FUNCTION.................................................................57-387

57.4 NTP FUNCTION TROUBLESHOOTING......................................................................57-388

CHAPTER 58 SUMMER TIME CONFIGURATION ....................................58-389

58.1 INTRODUCTION TO SUMMER TIME ..........................................................................58-389

58.2 SUMMER TIME CONFIGURATION TASK SEQUENCE...................................................58-389

58.3 EXAMPLES OF SUMMER TIME ................................................................................58-389

58.4 SUMMER TIME TROUBLESHOOTING........................................................................58-390

CHAPTER 59 MONITOR AND DEBUG .....................................................59-391

59.1 PING ...................................................................................................................59-391

59.2 PING6 .................................................................................................................59-391

59.3 TRACEROUTE.......................................................................................................59-391

59.4 TRACEROUTE6.....................................................................................................59-392

+7(495) 797-3311 www.qtech.ru

Москва, Новозаводская ул., 18, стр. 1

59.5 SHOW .................................................................................................................59-392

59.6 DEBUG................................................................................................................59-393

59.7 SYSTEM LOG........................................................................................................59-393

59.7.1 System Log Introduction ......................................................................59-393

59.7.2 System Log Configuration....................................................................59-395

59.7.3 System Log Configuration Example....................................................59-397

CHAPTER 60 RELOAD SWITCH AFTER SPECIFIED TIME.....................60-398

60.1 INTRODUCE TO RELOAD SWITCH AFTER SPECIFID TIME...........................................60-398

60.2 RELOAD SWITCH AFTER SPECIFID TIME TASK LIST .................................................60-398

CHAPTER 61 DEBUGGING AND DIAGNOSIS FOR PACKETS RECEIVED

AND SENT BY CPU...................................................................................61-399

61.1 INTRODUCTION TO DEBUGGING AND DIAGNOSIS FOR PACKETS RECEIVED AND SENT BY

CPU...........................................................................................................................61-399

61.2 DEBUGGING AND DIAGNOSIS FOR PACKETS RECEIVED AND SENT BY CPU TASK LIST61-399

CHAPTER 62 COMMANDS FOR BASIC SWITCH CONFIGURATION.....62-401

62.1 COMMANDS FOR BASIC CONFIGURATION ...............................................................62-401

62.1.1 authentication line.................................................................................62-401

+7(495) 797-3311 www.qtech.ru

Москва, Новозаводская ул., 18, стр. 1

Chapter 1 Switch Management

1.1 Management Options

After purchasing the switch, the user needs to configure the switch for network management.

Switch provides two management options: in-band management and out-of-band

management.

1.1.1 Out-Of-Band Management

Out-of-band management is the management through Console interface. Generally, the user

will use out-of-band management for the initial switch configuration, or when in-band

management is not available. For instance, the user must assign an IP address to the switch

via the Console interface to be able to access the switch through Telnet.

The procedures for managing the switch via Console interface are listed below:

Step 1: setting up the environment:

Out-of-band Management Configuration Environment

As shown in above, the serial port (RS-232) is connected to the switch with the serial cable

provided. The table below lists all the devices used in the connection.

Device Name

Description

PC ma

Has functional keyboard and RS-232, with terminal emulator installed,

such as HyperTerminal included in Windows 9x/NT/2000/XP.

Serial port cable

One end attach to the RS-232 serial port, the other end to the Console

port.

Switch

Functional Console port required.

Connected with cable

+7(495) 797-3311 www.qtech.ru

Москва, Новозаводская ул., 18, стр. 1

Step 2：Entering the HyperTerminal

Open the HyperTerminal included in Windows after the connection established. The example

below is based on the HyperTerminal included in Windows XP.

1) Click Start menu - All Programs -Accessories -Communication - HyperTerminal.

2) Type a name for opening HyperTerminal, such as “Switch”.

Opening HyperTerminal

3) In the “Connecting using” drop-list, select the RS-232 serial port used by the PC, e.g.

COM1, and click “OK”.

Opening HyperTerminal

4) COM1 property appears, select “9600” for “Baud rate”, “8” for “Data bits”, “none” for “Parity

checksum”, “1” for stop bit and “none” for traffic control; or, you can also click “Restore default”

and click “OK”.

+7(495) 797-3311 www.qtech.ru

Москва, Новозаводская ул., 18, стр. 1

Opening HyperTerminal

Step 3: Entering switch CLI interface

Power on the switch, the following appears in the HyperTerminal windows, that is the CLI

configuration mode for Switch.

Testing RAM...

0x077C0000 RAM OK

Loading MiniBootROM...

Attaching to file system ...

Loading nos.img ... done.

Booting......

Starting at 0x10000...

Attaching to file system ...

……

--- Performing Power-On Self Tests (POST) ---

DRAM Test....................PASS!

PCI Device 1 Test............PASS!

FLASH Test...................PASS!

FAN Test.....................PASS!

Done All Pass.

------------------ DONE ---------------------

Current time is SUN JAN 01 00:00:00 2006

……

Switch>

+7(495) 797-3311 www.qtech.ru

Москва, Новозаводская ул., 18, стр. 1

The user can now enter commands to manage the switch. For a detailed description for the

commands, please refer to the following chapters.

1.1.2 In-band Management

In-band management refers to the management by login to the switch using Telnet, or using

HTTP, or using SNMP management software to configure the switch. In-band management

enables management of the switch for some devices attached to the switch. In the case when

in-band management fails due to switch configuration changes, out-of-band management can

be used for configuring and managing the switch.

1.1.2.1 Management via Telnet

To manage the switch with Telnet, the following conditions should be met:

Switch has an IPv4/IPv6 address configured;

The host IP address (Telnet client) and the switch’s VLAN interface IPv4/IPv6 address is in the

same network segment;

If 2) is not met, Telnet client can connect to an IPv4/IPv6 address of the switch via other

devices, such as a router.

The switch is a Layer 3 switch that can be configured with several IPv4/IPv6 addresses, the

configuration method refers to the relative chapter. The following example assumes the

shipment status of the switch where only VLAN1 exists in the system.

The following describes the steps for a Telnet client to connect to the switch’s VLAN1 interface

by Telnet(IPV4 address example):

Manage the switch by Telnet

Step 1: Configure the IP addresses for the switch and start the Telnet Server function on the

switch.

Connected with cable

+7(495) 797-3311 www.qtech.ru

Москва, Новозаводская ул., 18, стр. 1

First is the configuration of host IP address. This should be within the same network segment

as the switch VLAN1 interface IP address. Suppose the switch VLAN1 interface IP address is

10.1.128.251/24. Then, a possible host IP address is 10.1.128.252/24. Run “ping

10.1.128.251” from the host and verify the result, check for reasons if ping failed.

The IP address configuration commands for VLAN1 interface are listed below. Before in-band

management, the switch must be configured with an IP address by out-of-band management

(i.e. Console mode), the configuration commands are as follows (All switch configuration

prompts are assumed to be “Switch” hereafter if not otherwise specified):

Switch>

Switch>enable

Switch#config

Switch(config)#interface vlan 1

Switch(Config-if-Vlan1)#ip address 10.1.128.251 255.255.255.0

Switch(Config-if-Vlan1)#no shutdown

To enable the Telnet Server function, users should type the CLI command telnet-server enable

in the global mode as below:

Switch>enable

Switch#config

Switch(config)# telnet-server enable

Step 2: Run Telnet Client program.

Run Telnet client program included in Windows with the specified Telnet target.

Run telnet client program included in Windows

Step 3: Login to the switch.

otherwise the switch will reject Telnet access. This is a method to protect the switch from

unauthorized access. As a result, when Telnet is enabled for configuring and managing the

switch, username and password for authorized Telnet users must be configured with the

following command: username <username> privilege <privilege> [password (0|7)

<password>]. To open the local authentication style with the following command:

+7(495) 797-3311 www.qtech.ru

Москва, Новозаводская ул., 18, стр. 1

authentication line vty login local. Privilege option must exist and just is 15. Assume an

authorized user in the switch has a username of “test”, and password of “test”, the

configuration procedure should like the following:

Switch>enable

Switch#config

Switch(config)#username test privilege 15 password 0 test

Switch(config)#authentication line vty login local

Enter valid login name and password in the Telnet configuration interface, Telnet user will be

able to enter the switch’s CLI configuration interface. The commands used in the Telnet CLI

interface after login is the same as that in the Console interface.

Telnet Configuration Interface

1.1.2.2 Management via HTTP

To manage the switch via HTTP, the following conditions should be met:

Switch has an IPv4/IPv6 address configured;

The host IPv4/IPv6 address (HTTP client) and the switch’s VLAN interface IPv4/IPv6 address

are in the same network segment;

If 2) is not met, HTTP client should connect to an IPv4/IPv6 address of the switch via other

devices, such as a router.

Similar to management the switch via Telnet, as soon as the host succeeds to ping/ping6 an

IPv4/IPv6 address of the switch and to type the right login password, it can access the switch

via HTTP. The configuration list is as below:

Table of contents

Other q-Tech Switch manuals

q-Tech

q-Tech QSW-6900-56LF Series Installation and operating manual

q-Tech

q-Tech QSW-4700 Series Installation and operating manual

q-Tech

q-Tech QSW-7600 Series Installation and operating manual

q-Tech

q-Tech QSW-6900-32H Series User manual

q-Tech

q-Tech QSW-6300 Series Installation and operating manual

q-Tech

q-Tech QSW-8200 series User manual

q-Tech

q-Tech QSW-6200-32T Installation and operating manual

q-Tech

q-Tech QSW-4600-12T-POE Installation and operating manual

q-Tech

q-Tech QSW-4600 Series Installation and operating manual

Popular Switch manuals by other brands

3Com

3Com Gigabit Switch 8 user guide

Cabletron Systems

Cabletron Systems TRMIM 24A TRMIM-24A user guide

IOGear

IOGear GCS942UW6-Q0580 quick start guide

ICS ELECTRONICS

ICS ELECTRONICS 9099 instruction manual

H3C

H3C S12502X-AF quick start guide

PCB Piezotronics

PCB Piezotronics IMI SENSORS 686B0X-0026 Installation and operating manual

MiLAN

MiLAN MIL-SM800 user guide

Aeon Labs

Aeon Labs Aeotec G2 installation instructions

ROLF HEUN

ROLF HEUN 720.0030 instruction manual

AVARRO

AVARRO 0E-HDMISW3X1 manual

ATEN

ATEN ALTUSEN KW1000 user manual

Amphenol Socapex

Amphenol Socapex RJSMLAC 8MG CAPS VAC Hardware user manual

TRENDnet

TRENDnet THA?101 user guide

Linkskey

Linkskey LKS-SG5P user guide

Rose electronics

Rose electronics QuadraVista Quick installation guide

D-Link

D-Link DKVM-4U Technical specifications

Inaxsys

Inaxsys IN-24POEGWM user manual

dji

dji MAVIC MINI user guide

q-Tech QSW-2800 series User manual

Popular Switch manuals by other brands