Allied Telesis C613-02013-00 manual Port security, ADD Switch L3FILTER Match

Page 34

34

Rapier Switch User Guide

Mirroring four or more ports may significantly reduce switch performance.

The MIRROR parameter specifies the role of these port(s) as a source of mirror traffic. If NONE is specified, no traffic received or sent on these port(s) will be mirrored. If RX is specified, all traffic received on these port(s) will be mirrored. If TX is specified, all traffic transmitted on these port(s) will be mirrored. If BOTH is specified, all traffic received and transmitted will be mirrored. Traffic will actually only be mirrored if there is a mirror port defined and if mirroring is enabled. The default is NONE.

To send packets that match particular criteria to the mirror port, first create a filter match using the command:

ADD SWITCH L3FILTER MATCH

Then create a filter entry with the ACTION parameter set to SENDMIRROR, using the command:

ADD SWITCH L3FILTER=filter-idENTRY ACTION=SENDMIRROR.

By default mirroring is disabled, no mirror port is set, and no source ports are set to be mirrored. Mirroring can only be enabled after the switch mirror port has been set to a valid port. If mirroring has been enabled but the switch mirror port is set to NONE, then mirroring will be disabled. Mirroring is enabled and disabled using the commands:

ENABLE SWITCH MIRROR

DISABLE SWITCH MIRROR

The SHOW SWITCH PORT and SHOW SWITCH commands display the switch and port mirroring settings.

Port security

The port security feature allows control over the stations connected to each switch port, by MAC address. If enabled on a port, the switch will learn MAC addresses up to a user-defined limit from 1 to 256, then lock out all other MAC addresses. One of the following options can be specified for the action taken when an unknown MAC address is detected on a locked port:

Discard the packet and take no further action,

Discard the packet and notify management with an SNMP trap,

Discard the packet, notify management with an SNMP trap and disable the port.

To enable port security on a port, set the limit for learned MAC addresses to a value greater than zero, and specify the action to take for unknown MAC addresses on a locked port. To disable port security on a port, set the limit for learned MAC addresses to zero or NONE. Port security can be enabled or disabled on a port using the command:

SET SWITCH PORT={port-listALL} LEARN={NONE01..256}

[INTRUSIONACTION={NONEDISCARDTRAPDISABLE}]

The INTRUSIONACTION parameter specifies the action taken when the port(s) receive packets from addresses which are not part of the learned list of addresses as specified by the LEARN parameter. If DISCARD is specified, packets received from MAC addresses not on the port’s learn list will be

Rapier Switch Software Release 2.2.1 C613-02013-00 Rev A

Page 33 Page 35
Image 34
Page 33 Page 35
Contents User Guide Page Contents Documentation Roadmap Why Read This User Guide? ChapterWhere To Find More Information Technical supportWhat Can the Rapier Switch Do? Switching FeaturesRouting Features Advanced Feature Licence AT-RPFL3Upgrade Optional Features Simple Switching Command Line InterfaceSET Password Giving the Switch an IP AddressEntering Commands LoggingEnable GUI Enable AT-RPFL3Upgrade Feature LicenceEnabling the GUI Graphical User Interface Starting the GUINavigating Monitoring File Subsystem User PrivilegesShow File Online CLI Help Show SystemDram Configuration ScriptsSaving Configuration Entered with the GUI NoneSaving Configuration Entered with the CLI EditorInstall Information Delete Install Show InstallReleases and Patches into the Switch Example Install Software Upgrade for Rapier Switch Load METHOD=HTTP DESTINATION=FLASHSnmp and MIBs Enable SnmpShow Load Enable Snmp Authenticatetrap Show SnmpSwitch Ports Enabling and Disabling Switch PortsOFF EnabledISO8802-3 Csmacd STPAutonegotiation of Port Speed and Duplex Mode Acceptable Frames TypesPort Trunking SELECT=MACSRCMACDESTMACBOTHIPSRCIPDESTIPBOTHShow VLAN=ALL Packet Storm Protection Port Mirroring INTRUSIONACTION=NONEDISCARDTRAPDISABLE ADD Switch L3FILTER MatchEnable Switch Mirror Disable Switch Mirror Port securityExample output from the Show Switch Port Intrusion command Virtual LANsRapier Switch User Guide Static and dynamic VLANs Creating VLANs Without Vlan TagsMarketing Vlan Switch Training Vlan Garp Trunk portsVlan Tagging Parameter MeaningFRAME=TAGGEDUNTAGGED Summary of Vlan Tagging Rules Tagged VLANsGeneric Vlan Registration Protocol Gvrp Layer 2 Switching ProcessIngress Rules Disable Switch Learning Learning ProcessSET Switch AGEINGTIMER=10..1000000 Enable Switch LearningEnable Switch Ageingtimer Disable Switch Ageingtimer Show SwitchExample output from the Show Switch Filter command Layer 2 FilteringEgress Rules FRAME=UNTAGGEDTAGGEDSET Switch QOS=P1,P2,P3,P4,P5,P6,P7,P8 Quality of ServiceShow Switch QOS Spanning Tree Protocol STP Spanning Tree Port StatesConfiguring STP SET STP=stpnameALL PRIORITY=0..65535 Example output from the Show STP command Parameters To display STP port information, use the command To show STP counters, use the command TCN BpduPurge STP Interfaces to Layer 3 ProtocolsIgmp Snooping INTERFACE=VLAN3SET IP Igmp TIMEOUT=1..65535 QUERYINTERVAL=1..65535 Enable IP Igmp Disable IP IgmpShow IP Igmp Triggers Group ListEvent Page Internet Protocol IP Show IP InterfaceIP Multicasting Routing Information Protocol RIPShow IPX Circuit Novell IPXUplink Resource Reservation Protocol Rsvp Enable RsvpAppleTalk ActiveShow Rsvp Interface RAW

C613-02013-00 specifications

The Allied Telesis C613-02013-00 is a versatile and powerful network switch designed to meet the demands of modern networking environments. This device is part of Allied Telesis's extensive range of networking solutions, catering to both enterprise and industrial applications. It is engineered for high performance, reliability, and ease of management, making it a suitable choice for organizations that require robust connectivity solutions.

One of the main features of the C613-02013-00 is its support for advanced Layer 2 switching capabilities. This provides businesses with the necessary tools to manage and direct network traffic efficiently. The switch includes support for VLAN (Virtual Local Area Network) technology, which allows for the segmentation of network traffic, enhancing both security and performance. With VLANs, organizations can isolate critical workloads and improve network management while ensuring that sensitive information is protected from unauthorized access.

Another key characteristic of the C613-02013-00 is its extensive support for Power over Ethernet (PoE). This feature enables the switch to deliver electrical power along with data over standard Ethernet cabling. This is particularly beneficial for powering devices such as IP cameras, wireless access points, and VoIP phones, reducing the need for additional power supply infrastructure. With PoE capabilities, the switch simplifies installation and enhances flexibility in deploying network devices.

The C613-02013-00 also boasts advanced network management features, including support for SNMP (Simple Network Management Protocol) for efficient monitoring and troubleshooting. This ensures that network administrators can maintain optimal performance and quickly address any issues that arise. Additionally, the switch supports network redundancy features like Rapid Spanning Tree Protocol (RSTP), which helps to prevent network loops and minimizes downtime.

In terms of physical characteristics, the C613-02013-00 is designed for durability and ease of deployment in various environments. Its compact form factor allows for effective space utilization in data centers and network closets. Moreover, it features a fanless design, making it suitable for deployment in noise-sensitive environments such as offices and classrooms.

In summary, the Allied Telesis C613-02013-00 is a robust network switch offering advanced features such as Layer 2 switching, PoE support, and comprehensive network management capabilities. Its design and performance make it an excellent choice for businesses seeking to enhance their network infrastructure with reliable and secure connectivity solutions.
Top Page Image Contents