Allied Telesis 2.6.1 manual Layer 2 Filtering

Page 83

Layer 2 Switching

83

the switch floods the frame on all ports in the VLAN except the port on which the frame was received. If the destination address is found, the switch discards the frame if the port is not in the STP ‘Forwarding’ state, if the destination address is on the same port as the source address, or if there is a static filter entry for the destination address set to DISCARD (“Layer 2 Filtering” on page 83). Otherwise, the frame is forwarded on the indicated port.

This whole process can further be modified by the action of static switch filters. These are configurable filters which allow switched frames to be checked against a number of entries.

The Forwarding Process provides storage for queued frames to be transmitted over a particular port or ports. More than one transmission queue may be provided for a given port. Which transmission queue a frame is sent to is determined by the user priority tag in the Ethernet frame, and the Quality of Service mapping.

Layer 2 Filtering

The switch has a Forwarding Database, entries in which determine whether frames are forwarded or discarded over each port. Entries in this Forwarding Database are created dynamically by the Learning Process. A dynamic entry is automatically deleted from the Forwarding Database when its ageing timer expires. Filtering is specified in the IEEE 802.1D Standard “Media Access Control (MAC) Bridges”.

The user can configure static switch filter entries using the command line interface. Static switch filter entries associate a MAC address with a VLAN and a port in the VLAN. When the switch receives a frame with a destination address and VLAN Identifier that match those of a static filter entry, the frame can be either forwarded to the port specified in the static filter entry, or discarded.

The Forwarding Database supports queries by the Forwarding Process as to whether frames with given values of the destination MAC address field should be forwarded to a given port.

To add or delete static switch filter entries, use the commands:

ADD SWITCH FILTER DESTADDRESS=macadd ACTION={FORWARDDISCARD}

PORT[=port-list] [ENTRY=entry] [VLAN={vlanname1..4094}]

DELETE SWITCH FILTER ENTRY=entry-list

The switch automatically deletes static filter entries for a port if the port is deleted from the specified VLAN.

To display current static switch filter entries, use the command:

SHOW SWITCH FILTER [DESTADDRESS=macadd] [ENTRY=entry] [PORT=port-list] [VLAN={vlanname1..4094}]

Software Release 2.6.1 C613-02039-00 REV A

Page 82 Page 84
Image 83
Page 82 Page 84
Contents AT-8800 Series Switch Page Contents AT-8800 Series Switch User Guide Operating the switchMaintenance and Troubleshooting Page Chapter Introducing the AT-8800 Series SwitchWhy Read this User Guide? AT-8800 Series Switch Documentation Set Where To Find More InformationIntroduction Features of the AT-8800 Series SwitchOnline Technical Support Software Features Management FeaturesSpecial Feature Licences Do if You Clear Flash Memory Completely on This Chapter Getting Started with the Command Line Interface CLIParameters for terminal communication Value Connecting a Terminal or PCTerminal Communication Parameters Assigning an IP Address Enter the password at the password promptGetting Started with the Command Line Interface CLI LoggingTo change the IP address for an interface, enter the command Setting RoutesTo add a static route, enter the command Changing a PasswordChoosing a Password Not available Using the CommandsAliases Getting Command Line HelpTo display the current help file, enter the command Setting System Parameters Enabling Special Feature LicencesGetting Started with the Graphical User Interface GUI Getting Started with the Graphical User Interface GUISupported browsers and operating systems What is the GUI?Accessing the Switch via the GUI Browser and PC SetupHttp Proxy Servers See Option 2 Installing the Switch into the LAN on Establishing a Connection to the SwitchSee Option 3 Connecting to an Installed Switch on See Option 1 Configuring the Switch before Installation onSee Http Proxy Servers on page 23 for more information Option 1 Configuring the Switch before InstallationUse this procedure if Plug the switch into the LAN Option 2 Installing the Switch into the LANDefault username is manager At the login prompt, enter the user name and passwordAssign the vlan1 interface an IP address See Secure Access on page 29 for more informationIf necessary, bypass the Http proxy server Option 3 Connecting to an Installed SwitchFind out the IP address of the switch’s interface Select a PCCreate a Security Officer user account Secure AccessTo create an RSA key pair, use the command Then enter the password for CIPHER, sbr4y3To enable system security, use the command System Status System StatusQuality of Service and traffic filters Using the GUI Navigation and FeaturesConfiguration Menu Using Configuration PagesAn example of a configuration page with a selection table Editable Fields Monitoring Menu Management MenuContext Sensitive GUI Help Diagnostics MenuChanging the Password Configuring Multiple Devices Saving Configuration Entered with the GUICombining GUI and CLI Configuration Upgrading the GUI To upgrade the GUIThen delete the GUI resource file, using the command Load the new file onto the switchPoint your web browser at the switch’s IP address TroubleshootingInstall the new file as the preferred GUI Deleting Temporary Files Accessing the Switch via the GUITraffic Flow Time and NTP SolutionSolutions IP Addresses and DhcpLoading Software Page A Security Officer prompt looks like Using Scripts onUser Accounts and Privileges Snmp and MIBs onLogin Operating the switch Normal Mode and Security ModeTo display the current operating mode, enter the command Specific Parameters Storing Files in Flash Memory Remote ManagementExample output from the Show File command Using ScriptsStoring Multiple Scripts Saving the Switch’s ConfigurationFile extensions and file types Extension File type/function Loading and Uploading FilesFile Naming Conventions SPA Loading FilesDownload the patch file Setting Loader DefaultsExample Load a Patch File Using Http To load a patch file Configure the LoaderTo upload a log file Uploading Files From the SwitchExample Upload a Configuration File Using Tftp More informationUpgrading Switch Software Load the new release file onto the switch Example Upgrade to a New Software Release UsingTo upgrade to a new software release Test the release Enter the licence password for the software releaseMake the release the default permanent release Enter licence information for the releaseCheck that the file is successfully loaded Example Upgrade to a new patch fileTo upgrade to a new patch file Snmp and MIBs Using the Built-in EditorFor More About Operations and Facilities Where interface is the name of an interface, such as vlan11AT-8800 Series Switch User Guide Enabling and Disabling Switch Ports Switch PortsTo display information about switch ports, use the command To enable or disable a switch port, use the commandsSTP Autonegotiation of Port Speed and Duplex Mode Speed 10/100 Port TrunkingShow VLAN=ALL Packet Storm Protection Layer 2 SwitchingPort Mirroring Port security Virtual Local Area Networks VLANs Example output from the Show Switch Port Intrusion commandTpid Vlan TaggingFormat of user priority and Vlan data in an Ethernet frame Vlan Membership using Vlan Tags Member ports Vlan membership of example of a network using tagged portsVlan Membership of Untagged Packets Vlans with untagged ports Creating VLANsTo destroy a VLAN, use the command To add tagged ports to a VLAN, use the commandVlan Interaction with STPs and Trunk Groups Summary of Vlan tagging rulesProtected VLANs Ingress Rules Layer 2 Switching Process Generic Vlan Registration Protocol Gvrp Learning Process Forwarding Process Layer 2 Filtering Example output from the Show Switch Filter command Egress Rules Quality of ServiceSpanning Tree Modes Spanning Tree Protocol STPRapid Spanning Tree port states State Meaning Spanning Tree and Rapid Spanning Tree Port StatesSpanning tree port states State Meaning Configuring STP SET STP=stpnameALL PRIORITY=0..65535 Example output from the Show STP command Do not occur Parameter Meaning Switch Max AgeTo display STP port information, use the command Example output from the Show STP Port command 94AT-8800 Series Switch User GuideTo show STP counters, use the command Discarded 96AT-8800 Series Switch User GuideReceive TransmitIgmp Snooping Interfaces to Layer 3 ProtocolsDisable Igmpsnooping Group List Example output from the Show IP Igmp commandParameters TriggersEvent DescriptionLayer IP Multicasting Then use either of the following commandsDisplays the interfaces enabled for IP routing Figure Internet Protocol IPLayer 103 Routing Information Protocol RIPNovell IPX AppleTalk Example output from the Show IPX Circuit commandLayer 105 Resource Reservation Protocol RsvpPage Maintenance and Troubleshooting Switch startup messages How the Switch Starts UpSet system territory How to Avoid ProblemsWatch for software updates If you accidentally do this, you will need to What to Do if You Clear Flash Memory CompletelyGetting the Most Out of Technical Support What to Do if Passwords are LostWhat to Do if the PPP Link Disconnects Regularly Maintenance and Troubleshooting 113 Resetting Switch DefaultsChecking Connections Using Ping To get debugging output, enter the commandTelnet Fails Troubleshooting IP ConfigurationsTo set Ping defaults, enter the command Stop a Ping that is in progress, enter the commandMaintenance and Troubleshooting 115 Troubleshooting Dhcp IP AddressesYour switch is acting as a Dhcp client Your switch is acting as a Dhcp serverNo Routes are Visible to the Remote Router Troubleshooting IPX ConfigurationsTo check that the PPP link is active, enter the command Local Workstations Can Not Access Remote ServersCheck route tables Using Trace Route for IP TrafficTo halt a trace route that is in progress, enter the command
Top Page Image Contents