SNR S2940-8G-v2 User manual
SNR S2940-8G-v2 Switch Configuration Guide
CONTENTS
Contents
I Basic Management Configuration 11
1 Switch management 12
1.1 Managementoptions................................... 12
1.2 CLIInterface ....................................... 17
2 Basic Switch Configuration 23
2.1 BasicConfiguration ................................... 23
2.2 TelnetManagement ................................... 24
2.3 Configure Switch IP Addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
2.4 SNMPConfiguration................................... 28
2.5 SwitchUpgrade...................................... 35
II Port Configuration 46
3 Port Configuration 47
3.1 IntroductiontoPort.................................... 47
3.2 Network Port Configuration Task List . . . . . . . . . . . . . . . . . . . . . . . . . . 47
3.3 Port Configuration Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50
3.4 PortTroubleshooting................................... 51
4 Port Isolation Function Configuration 52
4.1 Introduction to Port Isolation Function . . . . . . . . . . . . . . . . . . . . . . . . . 52
4.2 Task Sequence of Port Isolation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
4.3 Port Isolation Function Typical Examples . . . . . . . . . . . . . . . . . . . . . . . 53
5 Port Loopback Detection Function Configuration 54
5.1 Introduction to Port Loopback Detection Function . . . . . . . . . . . . . . . . . . . 54
5.2 Port Loopback Detection Function Configuration Task List . . . . . . . . . . . . . . 55
5.3 Port Loopback Detection Function Example . . . . . . . . . . . . . . . . . . . . . . 56
5.4 Port Loopback Detection Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . 57
6 ULDP Function Configuration 58
6.1 Introduction to ULDP Function . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58
6.2 ULDP Configuration Task Sequence . . . . . . . . . . . . . . . . . . . . . . . . . . 59
6.3 ULDP Function Typical Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
6.4 ULDPTroubleshooting.................................. 63
1
SNR S2940-8G-v2 Switch Configuration Guide
CONTENTS
7 LLDP Function Operation Configuration 64
7.1 Introduction to LLDP Function . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64
7.2 LLDP Function Configuration Task Sequence . . . . . . . . . . . . . . . . . . . . . 65
7.3 LLDP Function Typical Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68
7.4 LLDP Function Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68
8 Port Channel Configuration 69
8.1 Introduction to Port Channel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69
8.2 Brief Introduction to LACP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70
8.3 Port Channel Configuration Task List . . . . . . . . . . . . . . . . . . . . . . . . . . 71
8.4 PortChannelExamples ................................. 73
8.5 Port Channel Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74
9 MTU Configuration 75
9.1 IntroductiontoMTU ................................... 75
9.2 MTU Configuration Task Sequence . . . . . . . . . . . . . . . . . . . . . . . . . . . 75
10 EFM OAM Configuration 76
10.1IntroductiontoEFMOAM ................................ 76
10.2EFMOAMConfiguration................................. 79
10.3EFMOAMExample ................................... 81
10.4 EFM OAM Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82
11 Port Security 83
11.1 Introduction to Port Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83
11.2 Port Security Configuration Task List . . . . . . . . . . . . . . . . . . . . . . . . . . 83
11.3ExampleofPortSecurity ................................ 84
11.4 Port Security Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85
12 DDM Configuration 86
12.1IntroductiontoDDM ................................... 86
12.2 DDM Configuration Task List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88
12.3ExamplesofDDM .................................... 89
12.4DDMTroubleshooting .................................. 92
13 LLDP-MED 94
13.1 Introduction to LLDP-MED . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94
13.2 LLDP-MED Configuration Task Sequence . . . . . . . . . . . . . . . . . . . . . . . 94
13.3LLDP-MEDExample................................... 96
13.4 LLDP-MED Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98
14 BPDU-Tunnel Configuration 99
14.1 Introduction to bpdu-tunnel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99
14.2 bpdu-tunnel Configuration Task List . . . . . . . . . . . . . . . . . . . . . . . . . . 100
14.3 Examples of bpdu-tunnel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100
14.4 bpdu-tunnel Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101
2
SNR S2940-8G-v2 Switch Configuration Guide
CONTENTS
15 CFM-OAM Configuration 102
15.1Overview ......................................... 102
15.2CFMOAMBasicConcept................................ 103
15.3 Introduction of CFM OAM Function . . . . . . . . . . . . . . . . . . . . . . . . . . . 105
15.4 CFM OAM Basic Function Configuration . . . . . . . . . . . . . . . . . . . . . . . . 108
15.5 CFM OAM Failure Confirmation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112
15.6 CFM OAM Failure Orientation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113
15.7 ULPP Linkage (Selectable) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115
15.8 Example of Configuration Application . . . . . . . . . . . . . . . . . . . . . . . . . . 117
15.9CFMTroubleshooting .................................. 120
III VLAN and MAC Table Configuration 123
16 VLAN Configuration 124
16.1IntroductiontoVLAN................................... 124
16.2 VLAN Configuration Task List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125
16.3 Typical VLAN Application . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128
16.4 Typical Application of Hybrid Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129
17 Dot1q-tunnel Configuration 131
17.1 Introduction to Dot1q-tunnel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131
17.2 Dot1q-tunnel Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132
17.3 Typical Applications of the Dot1q-tunnel . . . . . . . . . . . . . . . . . . . . . . . . 132
17.4 Dot1q-tunnel Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133
18 Selective QinQ Configuration 134
18.1 Introduction to Selective QinQ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134
18.2 Selective QinQ Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134
18.3 Typical Applications of Selective QinQ . . . . . . . . . . . . . . . . . . . . . . . . . 135
18.4 Selective QinQ Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 136
19 VLAN-translation Configuration 137
19.1 Introduction to VLAN-translation . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137
19.2 VLAN-translation Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137
19.3 Typical application of VLAN-translation . . . . . . . . . . . . . . . . . . . . . . . . . 138
19.4 VLAN-translation Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . 139
20 Multi-to-One VLAN Translation Configuration 140
20.1 Introduction to Multi-to-One VLAN Translation . . . . . . . . . . . . . . . . . . . . . 140
20.2 Multi-to-One VLAN Translation Configuration . . . . . . . . . . . . . . . . . . . . . 140
20.3 Typical application of Multi-to-One VLAN Translation . . . . . . . . . . . . . . . . . 141
20.4 Multi-to-One VLAN Translation Troubleshooting . . . . . . . . . . . . . . . . . . . . 141
21 Dynamic VLAN Configuration 143
21.1 Introduction to Dynamic VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143
21.2 Dynamic VLAN Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143
21.3 Typical Application of the Dynamic VLAN . . . . . . . . . . . . . . . . . . . . . . . 145
3
SNR S2940-8G-v2 Switch Configuration Guide
CONTENTS
21.4 Dynamic VLAN Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146
22 GVRP Configuration 147
22.1IntroductiontoGVRP .................................. 147
22.2 GVRP Configuration Task List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148
22.3ExampleofGVRP .................................... 149
22.4GVRPTroubleshooting ................................. 150
23 Voice VLAN Configuration 151
23.1 Introduction to Voice VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151
23.2 Voice VLAN Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151
23.3 Typical Applications of the Voice VLAN . . . . . . . . . . . . . . . . . . . . . . . . . 152
23.4 Voice VLAN Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153
24 MAC Table Configuration 154
24.1 Introduction to MAC Table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154
24.2 Mac Address Table Configuration Task List . . . . . . . . . . . . . . . . . . . . . . 156
24.3 Typical Configuration Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157
24.4 MAC Table Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158
24.5 MAC Address Function Extension . . . . . . . . . . . . . . . . . . . . . . . . . . . 158
24.6 MAC Notification Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161
IV MSTP Configuration 164
25 MSTP Configuration 165
25.1IntroductiontoMSTP................................... 165
25.2 MSTP Configuration Task List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167
25.3MSTPExample...................................... 171
25.4MSTPTroubleshooting.................................. 175
V QoS and Flow-based Redirection Configuration 176
26 QoS Configuration 177
26.1IntroductiontoQoS.................................... 177
26.2 QoS Configuration Task List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 183
26.3QoSExample....................................... 186
26.4QoSTroubleshooting................................... 188
27 Flow-based Redirection 193
27.1 Introduction to Flow-based Redirection . . . . . . . . . . . . . . . . . . . . . . . . . 193
27.2 Flow-based Redirection Configuration Task Sequence . . . . . . . . . . . . . . . . 193
27.3 Flow-based Redirection Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . 194
27.4 Flow-based Redirection Troubleshooting Help . . . . . . . . . . . . . . . . . . . . . 194
4
SNR S2940-8G-v2 Switch Configuration Guide
CONTENTS
28 Flexible QinQ Configuration 195
28.1 Introduction to Flexible QinQ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 195
28.2 Flexible QinQ Configuration Task List . . . . . . . . . . . . . . . . . . . . . . . . . 195
28.3 Flexible QinQ Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 197
VI L3 Forward and ARP Configuration 198
29 Layer 3 Management Configuration 199
29.1 Layer 3 Management Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 199
29.2IPConfiguration ..................................... 200
29.3StaticRoute........................................ 203
29.4ARP ............................................ 206
30 ARP Scanning Prevention Function Configuration 207
30.1 Introduction to ARP Scanning Prevention Function . . . . . . . . . . . . . . . . . . 207
30.2 ARP Scanning Prevention Configuration Task Sequence . . . . . . . . . . . . . . . 207
30.3 ARP Scanning Prevention Typical Examples . . . . . . . . . . . . . . . . . . . . . 209
30.4 ARP Scanning Prevention Troubleshooting Help . . . . . . . . . . . . . . . . . . . 210
31 Prevent ARP Spoofing Configuration 211
31.1Overview ......................................... 211
31.2 Prevent ARP Spoofing configuration . . . . . . . . . . . . . . . . . . . . . . . . . . 212
31.3 Prevent ARP Spoofing Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . 213
32 ARP Guard Configuration 214
32.1 Introduction to ARP Guard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 214
32.2 ARP Guard Configuration Task List . . . . . . . . . . . . . . . . . . . . . . . . . . . 215
33 Gratuitous ARP Configuration 216
33.1 Introduction to Gratuitous ARP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 216
33.2 Gratuitous ARP Configuration Task List . . . . . . . . . . . . . . . . . . . . . . . . 216
33.3 Gratuitous ARP Configuration Example . . . . . . . . . . . . . . . . . . . . . . . . 217
33.4 Gratuitous ARP Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . 217
VII DHCP Configuration 218
34 DHCP Configuration 219
34.1IntroductiontoDHCP .................................. 219
34.2 DHCP Server Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 220
34.3 DHCP Relay Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 222
34.4 DHCP Configuration Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 224
34.5DHCPTroubleshooting ................................. 226
35 DHCPv6 Configuration 227
35.1IntroductiontoDHCPv6 ................................. 227
35.2 DHCPv6 Server Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 228
35.3 DHCPv6 Relay Delegation Configuration . . . . . . . . . . . . . . . . . . . . . . . 230
5
SNR S2940-8G-v2 Switch Configuration Guide
CONTENTS
35.4 DHCPv6 Prefix Delegation Server Configuration . . . . . . . . . . . . . . . . . . . 230
35.5 DHCPv6 Prefix Delegation Client Configuration . . . . . . . . . . . . . . . . . . . . 232
35.6 DHCPv6 Configuration Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . 233
35.7 DHCPv6 Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 234
36 DHCP option 82 Configuration 235
36.1 Introduction to DHCP option 82 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 235
36.2 DHCP option 82 Configuration Task List . . . . . . . . . . . . . . . . . . . . . . . . 237
36.3 DHCP option 82 Application Examples . . . . . . . . . . . . . . . . . . . . . . . . . 239
36.4 DHCP option 82 Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . 241
37 DHCP option 60 and option 43 242
37.1 Introduction to DHCP option 60 and option 43 . . . . . . . . . . . . . . . . . . . . . 242
37.2 DHCP option 60 and option 43 Configuration Task List . . . . . . . . . . . . . . . . 242
37.3 DHCPv6 option 60 and option 43 Example . . . . . . . . . . . . . . . . . . . . . . 243
37.4 DHCP option 60 and option 43 Troubleshooting . . . . . . . . . . . . . . . . . . . . 243
38 DHCPv6 option37, 38 244
38.1 Introduction to DHCPv6 option37, 38 . . . . . . . . . . . . . . . . . . . . . . . . . . 244
38.2 DHCPv6 option37, 38 Configuration Task List . . . . . . . . . . . . . . . . . . . . . 245
38.3 DHCPv6 option37, 38 Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . 248
38.4 DHCPv6 option37, 38 Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . 250
39 DHCP Snooping Configuration 251
39.1 Introduction to DHCP Snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 251
39.2 DHCP Snooping Configuration Task Sequence . . . . . . . . . . . . . . . . . . . . 252
39.3 DHCP Snooping Typical Application . . . . . . . . . . . . . . . . . . . . . . . . . . 256
39.4 DHCP Snooping Troubleshooting Help . . . . . . . . . . . . . . . . . . . . . . . . . 256
VIII Multicast Protocol 257
40 IPv4 Multicast Protocol 258
40.1 IPv4 Multicast Protocol Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . 258
40.2DCSCM.......................................... 260
40.3IGMPSnooping...................................... 264
41 IPv6 Multicast Protocol 270
41.1IPv6DCSCM ....................................... 270
41.2MLDSnooping ...................................... 270
42 Multicast VLAN 275
42.1 Introductions to Multicast VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 275
42.2 Multicast VLAN Configuration Task List . . . . . . . . . . . . . . . . . . . . . . . . 275
42.3 Multicast VLAN Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 276
6
SNR S2940-8G-v2 Switch Configuration Guide
CONTENTS
IX Security Function Configuration 278
43 ACL Configuration 279
43.1IntroductiontoACL.................................... 279
43.2 ACL Configuration Task List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 280
43.3ACLExample....................................... 294
43.4ACLTroubleshooting................................... 297
44 Self-defined ACL Configuration 299
44.1 Introduction to Self-defined ACL . . . . . . . . . . . . . . . . . . . . . . . . . . . . 299
44.2 Self-defined ACL Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 300
44.3 Self-defined ACL Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 303
45 802.1x Configuration 305
45.1Introductionto802.1x .................................. 305
45.2 802.1x Configuration Task List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 316
45.3 802.1x Application Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 319
45.4802.1xTroubleshooting ................................. 323
46 The Number Limitation Function of MAC and IP in Port, VLAN Configuration 324
46.1 Introduction to the Number Limitation Function of MAC and IP in Port, VLAN . . . 324
46.2 The Number Limitation Function of MAC and IP in Port, VLAN Configuration Task
Sequence......................................... 325
46.3 The Number Limitation Function of MAC and IP in Port, VLAN Typical Examples . 327
46.4 The Number Limitation Function of MAC and IP in Port, VLAN Troubleshooting Help 328
47 Operational Configuration of AM Function 329
47.1 Introduction to AM Function . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 329
47.2 AM Function Configuration Task List . . . . . . . . . . . . . . . . . . . . . . . . . . 329
47.3AMFunctionExample .................................. 331
47.4 AM Function Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 331
48 Security Feature Configuration 332
48.1 Introduction to Security Feature . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 332
48.2 Security Feature Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 332
48.3 Security Feature Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 334
49 TACACS+ Configuration 335
49.1 Introduction to TACACS+ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 335
49.2 TACACS+ Configuration Task List . . . . . . . . . . . . . . . . . . . . . . . . . . . 335
49.3 TACACS+ Scenarios Typical Examples . . . . . . . . . . . . . . . . . . . . . . . . 336
49.4 TACACS+ Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 337
50 RADIUS Configuration 338
50.1IntroductiontoRADIUS ................................. 338
50.2 RADIUS Configuration Task List . . . . . . . . . . . . . . . . . . . . . . . . . . . . 340
50.3 RADIUS Typical Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 341
50.4 RADIUS Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 343
7
SNR S2940-8G-v2 Switch Configuration Guide
CONTENTS
51 SSL Configuration 344
51.1IntroductiontoSSL.................................... 344
51.2 SSL Configuration Task List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 345
51.3SSLTypicalExample .................................. 346
51.4SSLTroubleshooting................................... 346
52 IPv6 Security RA Configuration 348
52.1 Introduction to IPv6 Security RA . . . . . . . . . . . . . . . . . . . . . . . . . . . . 348
52.2 IPv6 Security RA Configuration Task Sequence . . . . . . . . . . . . . . . . . . . . 348
52.3 IPv6 Security RA Typical Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . 349
52.4 IPv6 Security RA Troubleshooting Help . . . . . . . . . . . . . . . . . . . . . . . . 349
53 MAB Configuration 350
53.1IntroductiontoMAB ................................... 350
53.2 MAB Configuration Task List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 350
53.3MABExample ...................................... 352
53.4MABTroubleshooting .................................. 354
54 PPPoE Intermediate Agent Configuration 355
54.1 Introduction to PPPoE Intermediate Agent . . . . . . . . . . . . . . . . . . . . . . . 355
54.2 PPPoE Intermediate Agent Configuration Task List . . . . . . . . . . . . . . . . . . 359
54.3 PPPoE Intermediate Agent Typical Application . . . . . . . . . . . . . . . . . . . . 360
54.4 PPPoE Intermediate Agent Troubleshooting . . . . . . . . . . . . . . . . . . . . . . 361
55 Web Portal Configuration 362
55.1 Introduction to Web Portal Authentication . . . . . . . . . . . . . . . . . . . . . . . 362
55.2 Web Portal Authentication Configuration Task List . . . . . . . . . . . . . . . . . . 362
55.3 Web Portal Authentication Typical Example . . . . . . . . . . . . . . . . . . . . . . 364
55.4 Web Portal Authentication Troubleshooting . . . . . . . . . . . . . . . . . . . . . . 365
56 VLAN-ACL Configuration 366
56.1 Introduction to VLAN-ACL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 366
56.2 VLAN-ACL Configuration Task List . . . . . . . . . . . . . . . . . . . . . . . . . . . 366
56.3 VLAN-ACL Configuration Example . . . . . . . . . . . . . . . . . . . . . . . . . . . 368
56.4 VLAN-ACL Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 369
57 SAVI Configuration 370
57.1IntroductiontoSAVI ................................... 370
57.2SAVIConfiguration.................................... 370
57.3 SAVI Typical Application . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 373
57.4SAVITroubleshooting .................................. 374
X Reliability Configuration 376
58 MRPP Configuration 377
58.1IntroductiontoMRPP .................................. 377
58.2 MRPP Configuration Task List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 379
58.3MRPPTypicalScenario ................................. 381
8
SNR S2940-8G-v2 Switch Configuration Guide
CONTENTS
58.4MRPPTroubleshooting ................................. 383
59 ULPP Configuration 384
59.1IntroductiontoULPP................................... 384
59.2 ULPP Configuration Task List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 386
59.3ULPPTypicalExamples................................. 387
59.4ULPPTroubleshooting.................................. 390
60 ULSM Configuration 391
60.1IntroductiontoULSM................................... 391
60.2 ULSM Configuration Task List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 392
60.3ULSMTypicalExample ................................. 392
60.4ULSMTroubleshooting.................................. 394
XI Flow Monitor Configuration 395
61 Mirror Configuration 396
61.1IntroductiontoMirror................................... 396
61.2 Mirror Configuration Task List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 396
61.3MirrorExamples ..................................... 397
61.4 Device Mirror Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 398
62 sFlow Configuration 399
62.1IntroductiontosFlow................................... 399
62.2 sFlow Configuration Task List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 399
62.3sFlowExamples ..................................... 401
62.4sFlowTroubleshooting.................................. 402
XII Network Time Management Configuration 403
63 SNTP Configuration 404
63.1IntroductiontoSNTP................................... 404
63.2 Typical Examples of SNTP Configuration . . . . . . . . . . . . . . . . . . . . . . . 404
64 NTP Function Configuration 405
64.1 Introduction to NTP Function . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 405
64.2 NTP Function Configuration Task List . . . . . . . . . . . . . . . . . . . . . . . . . 405
64.3 Typical Examples of NTP Function . . . . . . . . . . . . . . . . . . . . . . . . . . . 408
64.4 NTP Function Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 408
65 Summer Time Configuration 409
65.1 Introduction to Summer Time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 409
65.2 Summer Time Configuration Task Sequence . . . . . . . . . . . . . . . . . . . . . 409
65.3 Examples of Summer Time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 410
65.4 Summer Time Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 410
9
SNR S2940-8G-v2 Switch Configuration Guide
CONTENTS
XIII Debugging and Diagnosis 411
66 Monitor and Debug 412
66.1Ping ............................................ 412
66.2Ping6 ........................................... 412
66.3Traceroute ........................................ 412
66.4Traceroute6........................................ 413
66.5Show ........................................... 413
66.6Debug........................................... 414
66.7Systemlog ........................................ 414
67 Reload Switch after Specified Time 418
67.1 Introduce to Reload Switch after Specifid Time . . . . . . . . . . . . . . . . . . . . 418
67.2 Reload Switch after Specifid Time Task List . . . . . . . . . . . . . . . . . . . . . . 418
68 Debugging and Diagnosis for Packets Received and Sent by CPU 419
68.1 Introduction to Debugging and Diagnosis for Packets Received and Sent by CPU . 419
68.2 Debugging and Diagnosis for Packets Received and Sent by CPU Task List . . . . 419
10
SNR S2940-8G-v2 Switch Configuration Guide
Part I
Basic Management Configuration
11
SNR S2940-8G-v2 Switch Configuration Guide
Switch management
Chapter 1
Switch management
1.1 Management options
After purchasing the switch, the user needs to configure the switch for network management.
Switch provides two management options: in-band management and out-of-band management.
1.1.1 Out-of-Band management
Out-of-band management is the management through Console interface. Generally, the user will
use out-of-band management for the initial switch configuration, or when in-band management
is not available. For instance, the user must assign an IP address to the switch via the Console
interface to be able to access the switch through Telnet.
The procedures for managing the switch via Console interface are listed below:
Step 1: Setting up the environment.
Connect with serial port
Figure 1.1: Out-of-band Management Configuration Environment
As shown in above, the serial port (RS-232) is connected to the switch with the serial cable
provided. The table below lists all the devices used in the connection.
Device Name Description
PC machine Has functional keyboard and RS-232, with terminal emulator installed.
Serial port cable One end attach to the RS-232 serial port, the other end to the Console
port.
Switch Functional Console port required.
Step 2: Starting the Terminal Emulation Software
Before you power on the switch, start the terminal emulation session so that you can see the
output display from the power-on self-test(POST). The terminal-emulation software - frequently a
12
SNR S2940-8G-v2 Switch Configuration Guide
Switch management
PC application such as Hyperterminal or PuTTY - makes communication between the switch and
your PC or terminal possible.
1. Start the terminal-emulation program and open a session if you are using a PC or terminal.
2. Start a terminal-emulation session.
3. Configure the baud rate and character format of the PC or terminal to match the console port
default characteristics:
• 9600 baud
• 8 data bits
• 1 stop bit
• No parity
• None (flow control)
Step 3: Entering switch CLI interface
Power on the switch, the following appears in the terminal-emulation window, that is the CLI
configuration mode for Switch.
System is booting, please wait...
Testing RAM...
0x04000000 RAM OK.
Attaching to file system ... done.
Loading flash:/nos.img ...
Starting at 0x10000...
Attaching to file system ... done.
Current time is Sun Jan 01 00:00:00 2006
SNR-S2980G-24T Series Switch Operating System
Software Version 6.2.138.30
Compiled Sep 14 17:45:37 2011
Loading factory config ...
Switch>
The user can now enter commands to manage the switch. For a detailed description for the
commands, please refer to the following chapters.
13
SNR S2940-8G-v2 Switch Configuration Guide
Switch management
1.1.2 In-band Management
In-band management refers to the management by login to the switch using Telnet, or using HTTP,
or using SNMP management software to configure the switch. In-band management enables
management of the switch for some devices attached to the switch. In the case when in-band
management fails due to switch configuration changes, out-of-band management can be used for
configuring and managing the switch.
Management via Telnet
To manage the switch with Telnet, the following conditions should be met:
1. Switch has an IPv4/IPv6 address configured;
2. The host IP address (Telnet client) and the switch's VLAN interface IPv4/IPv6 address is in
the same network segment;
3. If 2) is not met, Telnet client can connect to an IPv4/IPv6 address of the switch via other
devices, such as a router.
The switch is a Layer 2 switch that can be configured with several IP addresses, the configu-
ration method refers to the relative chapter. The following example assumes the shipment status
of the switch where only VLAN1 exists in the system.
The following describes the steps for a Telnet client to connect to the switch's VLAN1 interface
by Telnet(IPV4 address example):
Step 1: Configure the IP addresses for the switch and start the Telnet Server function on the
switch.
First is the configuration of host IP address. This should be within the same network segment
as the switch VLAN1 interface IP address. Suppose the switch VLAN1 interface IP address is
10.1.128.251/24. Then, a possible host IP address is 10.1.128.252/24. Run ping 10.1.128.251
from the host and verify the result, check for reasons if ping failed.
The IP address configuration commands for VLAN1 interface are listed below. Before in-band
management, the switch must be configured with an IP address by out-of-band management (i.e.
Console mode), the configuration commands are as follows (All switch configuration prompts are
assumed to be Switch hereafter if not otherwise specified):
Switch>
Switch>enable
Switch#config
Switch(config)#interface vlan 1
Switch(Config-if-Vlan1)#ip address 10.1.128.251 255.255.255.0
Switch(Config-if-Vlan1)#no shutdown
To enable the Telnet Server function, users should type the CLI command telnet-server enable
in the global mode as below:
Switch>enable
Switch#config
Switch(config)# telnet-server enable
14
SNR S2940-8G-v2 Switch Configuration Guide
Switch management
Step 2: Run Telnet Client program.
Run Telnet client program with the specified Telnet target.
Step 3: Login to the switch.
Login to the Telnet configuration interface. Valid login name and password are required, other-
wise the switch will reject Telnet access. This is a method to protect the switch from unauthorized
access. As a result, when Telnet is enabled for configuring and managing the switch, username
and password for authorized Telnet users must be configured with the following command:
username <username> privilege <privilege> [password (0|7) <password>]
To open the local authentication style with the following command:
authentication line vty login local
Privilege option must exist and just is 15. Assume an authorized user in the switch has a
username of test, and password of test, the configuration procedure should like the following:
Switch>enable
Switch#config
Switch(config)#username test privilege 15 password 0 test
Switch(config)#authentication line vty login local
Enter valid login name and password in the Telnet configuration interface, Telnet user will be
able to enter the switch's CLI configuration interface. The commands used in the Telnet CLI inter-
face after login is the same as that in the Console interface.
Management via HTTP
To manage the switch via HTTP, the following conditions should be met:
1. Switch has an IPv4/IPv6 address configured;
2. The host IPv4/IPv6 address (HTTP client) and the switch's VLAN interface IPv4/IPv6 address
are in the same network segment;
3. If 2) is not met, HTTP client should connect to an IPv4/IPv6 address of the switch via other
devices, such as a router.
Similar to management the switch via Telnet, as soon as the host succeeds to ping/ping6 an
IPv4/IPv6 address of the switch and to type the right login password, it can access the switch via
HTTP. The configuration list is as below:
Step 1: Configure the IP addresses for the switch and start the HTTP server function on the
switch.
For configuring the IP address on the switch through out-of-band management, see the telnet
management chapter.
To enable the WEB configuration, users should type the CLI command IP http server in the
global mode as below:
Switch>enable
Switch#config
Switch(config)#ip http server
15
SNR S2940-8G-v2 Switch Configuration Guide
Switch management
Step 2: Run HTTP protocol on the host.
Open the Web browser on the host and type the IP address of the switch, or run directly the
HTTP protocol on the Windows. For example, the IP address of the switch is 10.1.128.251;
When accessing a switch with IPv6 address, it is recommended to use the Firefox browser with
1.5 or later version. For example, if the IPv6 address of the switch is 3ffe:506:1:2::3. Input the
IPv6 address of the switch is http://[3ffe:506:1:2::3] and the address should draw together with the
square brackets.
Step 3: Login to the switch.
Login to the Web configuration interface. Valid login name and password are required, other-
wise the switch will reject HTTP access. This is a method to protect the switch from unauthorized
access. As a result, when Telnet is enabled for configuring and managing the switch, username
and password for authorized Telnet users must be configured with the following command:
"username <username> privilege <privilege> [password (0|7) <password>]"
To open the local authentication style with the following command:
"authentication line web login local"
Privilege option must exist and just is 15. Assume an authorized user in the switch has a
username of admin, and password of admin, the configuration procedure should like the following:
Switch>enable
Switch#config
Switch(config)#username admin privilege 15 password 0 admin
Switch(config)#authentication line web login local
Notice: When configure the switch, the name of the switch is composed with English letters.
Manage the Switch via SNMP Network Management Software
The necessities required by SNMP network management software to manage switches:
1. IP addresses are configured on the switch;
2. The IP address of the client host and that of the VLAN interface on the switch it subordinates
to should be in the same segment;
3. If 2) is not met, the client should be able to reach an IP address of the switch through devices
like routers;
4. SNMP should be enabled.
The host with SNMP network management software should be able to ping the IP address of
the switch, so that, when running, SNMP network management software will be able to find it and
implement read/write operation on it. Details about how to manage switches via SNMP network
management software will not be covered in this manual.
16
SNR S2940-8G-v2 Switch Configuration Guide
Switch management
1.2 CLI Interface
The switch provides three management interface for users: CLI (Command Line Interface) inter-
face, Web interface, Snmp network management software. We will introduce the CLI interface
and Web configuration interface in details, Web interface is familiar with CLI interface function and
will not be covered.
CLI interface is familiar to most users. As aforementioned, out-of-band management and Telnet
login are all performed through CLI interface to manage the switch.
CLI Interface is supported by Shell program, which consists of a set of configuration com-
mands. Those commands are categorized according to their functions in switch configuration and
management. Each category represents a different configuration mode. The Shell for the switch
is described below:
• Configuration Modes
• Configuration Syntax
• Shortcut keys
• Help function
• Input verification
• Fuzzy match support
1.2.1 Configuration Modes
User Mode
On entering the CLI interface, entering user entry system first. If as common user, it is defaulted
to User Mode. The prompt shown is Switch>, the symbol >is the prompt for User Mode. When
exit command is run under Admin Mode, it will also return to the User Mode.
Under User Mode, no configuration to the switch is allowed, only clock time and version infor-
mation of the switch can be queries.
Admin Mode
To Admin Mode sees the following: In user entry system, if as Admin user, it is defaulted to Admin
Mode. Admin Mode prompt Switch# can be entered under the User Mode by running the enable
command and entering corresponding access levels admin user password, if a password has
been set. Or, when exit command is run under Global Mode, it will also return to the Admin Mode.
Switch also provides a shortcut key sequence Ctrl+z, this allows an easy way to exit to Admin
Mode from any configuration mode (except User Mode).
Under Admin Mode, the user can query the switch configuration information, connection status
and traffic statistics of all ports; and the user can further enter the Global Mode from Admin Mode
to modify all configurations of the switch. For this reason, a password must be set for entering
Admin mode to prevent unauthorized access and malicious modification to the switch.
17
SNR S2940-8G-v2 Switch Configuration Guide
Switch management
User Mode
Admin Mode
Global Mode
DHCP address pool configuration
mode
ACL configuration mode
Interface mode
Route configuration mode
VLAN Mode
Figure 1.2: Shell Configuration Modes
Global Mode
Type the config command under Admin Mode will enter the Global Mode prompt Switch(config)#.
Use the exit command under other configuration modes such as Port Mode, VLAN mode will return
to Global Mode.
The user can perform global configuration settings under Global Mode, such as MAC Table,
Port Mirroring, VLAN creation, IGMP Snooping start and STP, etc. And the user can go further to
Port Mode for configuration of all the interfaces.
Interface Mode
Use the interface command under Global Mode can enter the interface mode specified. Switch
provides three interface type: 1. VLAN interface; 2. Ethernet port; 3. port-channel, accordingly
the three interface configuration modes.
Interface
Type
Entry Operates Exit
VLAN In-
terface
Type interface vlan <Vlan-id>
command under Global Mode.
Configure switch IPs,
etc
Use the exit com-
mand to return to
Global Mode.
Ethernet
Port
Type interface ethernet
<interface-list> command
under Global Mode.
Configure supported
duplex mode, speed,
etc. of Ethernet Port.
Use the exit com-
mand to return to
Global Mode.
18
SNR S2940-8G-v2 Switch Configuration Guide
Switch management
port-
channel
Type interface port-channel
<port-channel-number> com-
mand under Global Mode.
Configure port-
channel related
settings such as
duplex mode, speed,
etc.
Use the exit com-
mand to return to
Global Mode.
VLAN Mode
Using the vlan <vlan-id> command under Global Mode can enter the corresponding VLAN Mode.
Under VLAN Mode the user can configure all member ports of the corresponding VLAN. Run the
exit command to exit the VLAN Mode to Global Mode.
DHCP Address Pool Mode
Type the ip dhcp pool <name> command under Global Mode will enter the DHCP Address Pool
Mode prompt Switch(Config-<name>-dhcp)#. DHCP address pool properties can be configured
under DHCP Address Pool Mode. Run the exit command to exit the DHCP Address Pool Mode
to Global Mode.
ACL Mode
ACL type Entry Operates Exit
Standard
IP ACL
Mode
Type ip access-list standard
command under Global Mode.
Configure parame-
ters for Standard IP
ACL Mode.
Use the exit com-
mand to return to
Global Mode.
Extended
IP ACL
Mode
Type ip access-list extended
command under Global Mode.
Configure parame-
ters for Extended IP
ACL Mode.
Use the exit com-
mand to return to
Global Mode.
1.2.2 Configuration Syntax
Switch provides various configuration commands. Although all the commands are different, they
all abide by the syntax for Switch configuration commands. The general commands format of
Switch is shown below:
cmdtxt <variable> {enum1 | ... | enumN } [option1 | ... | optionN]
Conventions:
cmdtxt indicates a command keyword;
<variable> indicates a variable parameter;
{ enum1 | ... | enumN } indicates a mandatory parameter that should be selected from the
parameter set enum1 enumN; and the square bracket ([ ]) in
textbf[option1 | … | optionN] indicate an optonal parameter. There may be combinations of < >,
{ } and [ ] in the command line, such as [<variable>], {enum1 <variable> | enum2}, [option1
[option2]], etc.
Here are examples for some actual configuration commands:
19
SNR S2940-8G-v2 Switch Configuration Guide
Switch management
•show version, no parameters required. This is a command with only a keyword and no
parameter, just type in the command to run.
•vlan <vlan-id>, parameter values are required after the keyword.
•firewall { enable | disable }, user can enter firewall enable or firewall disable for this com-
mand.
•snmp-server community { ro | rw } <string>, the followings are possible:
snmp-server community ro <string>
snmp-server community rw <string>
20
Table of contents
Other SNR Switch manuals
