Manuals
/
Brands
/
Computer Equipment
/
Switch
/
3Com
/
Computer Equipment
/
Switch
3Com
WX3000 operation manual
1
1
715
715
Download
715 pages, 7.09 Mb
3Com WX3000 Series Unified Switches
Switching Engine
Operation Manual
Manual Version: 6W100
www.3com.com
3Com Corporation
350 Campus Drive, Marlborough,
MA, USA 01752 3064
Contents
Main
ENVIRONMENTAL STATEMENT
End of Life Statement
Regulated Materials Statement
Environmental Statement about the Documentation
About This Manual
Organization
Conventions
Command conventions
GUI conventions
Symbols
Related Documentation
Obtaining Documentation
Page
1
Introduction to the CLI
Command Hierarchy
Switching User Levels
Setting a user level switching password
Switching to a specific user level
Configuration example
Setting the Level of a Command in a Specific View
Setting the level of a command in a specific view
Configuration example
CLI Views
Page
Page
CLI Features
Online Help
Complete online help
Partial online help
Terminal Display
Command History
Error Prompts
Command Edit
Page
Page
Page
1
Logging In to the Switching Engine
Introduction to the User Interface
Supported User Interfaces
User Interface Index
Common User Interface Configuration
Page
2
OAP Overview
Logging In to the Switching Engine Through OAP
Configuring the Management IP Address of the OAP Software System
Configuring the Management IP Address of the OAP Software System on the Switching Engine
Configuring the Management IP Address of the OAP Software System of the Access Control Engine
Resetting the OAP Software System
3
Common Configuration
Telnet Configurations for Different Authentication Modes
Telnet Configuration with Authentication Mode Being None
Page
Telnet Configuration with Authentication Mode Being Password
Page
Telnet Configuration with Authentication Mode Being Scheme
Page
Page
Page
Telnetting to the Switching Engine
Telnetting to the Switching Engine from a Terminal
Page
Telnetting to the Switching Engine from the Access Control Engine
Page
4
Management System
Setting Up a Web Configuration Environment
Configuring the Login Banner
Page
Enabling/Disabling the WEB Server
5
Introduction
Connection Establishment Using NMS
6
Packets
Overview
Configuring Source IP Address for Telnet Service Packets
Configuration in user view
Displaying Source IP Address Configuration
7
Introduction
Controlling Telnet Users
Prerequisites
Controlling Telnet Users by Source IP Addresses
Controlling Telnet Users by Source and Destination IP Addresses
Controlling Telnet Users by Source MAC Addresses
Configuration Example
Controlling Network Management Users by Source IP Addresses
Prerequisites
Controlling Network Management Users by Source IP Addresses
Controlling Web Users by Source IP Address
Prerequisites
Controlling Web Users by Source IP Addresses
Disconnecting a Web User by Force
Configuration Example
Page
Page
1
Introduction to Configuration File
Types of configuration
Format of configuration file
Main/backup attribute of the configuration file
Management of Configuration File
Saving the Current Configuration
Modes in saving the configuration
Three attributes of the configuration file
Erasing the Startup Configuration File
Specifying a Configuration File for Next Startup
Assign main attribute to the startup configuration file
Assign backup attribute to the startup configuration file
Displaying and Maintaining Device Configuration
Page
1
VLAN Overview
Introduction to VLAN
Advantages of VLANs
How VLAN Works
VLAN tag
Type DataDA&SA
TPIDDA&SA TypePriority CFI VLAN ID
MAC address learning mechanism of VLANs
VLAN Interface
VLAN Classification
Port-Based VLAN
Protocol-Based VLAN
Introduction to Protocol-Based VLAN
Encapsulation Format of Ethernet Data
Ethernet II and 802.2/802.3 encapsulation
DA&SA(12) Type(2) Data
Extended encapsulation formats of 802.2/802.3 packets
DA&SA(12) Length(2) Data
Procedure for the Switch to Judge Packet Protocol
Figure 1-9 Procedure for the switch to judge packet protocol
Encapsulation Formats
Implementation of Protocol-Based VLAN
Page
2
VLAN Configuration
Configuration Task List
Basic VLAN Configuration
Basic VLAN Interface Configuration
Displaying and Maintaining VLAN
Configuring a Port-Based VLAN
Configuring a Port-Based VLAN
Protocol-Based VLAN Configuration Example
Page
Configuring a Protocol-Based VLAN
Configuration Task List
Configuring a Protocol Template for a Protocol-Based VLAN
Associating a Port with a Protocol-Based VLAN
Displaying and Maintaining Protocol-Based VLAN
Protocol-Based VLAN Configuration Example
Page
Page
Page
1
Introduction to the Auto Detect Function
Auto Detect Configuration
Auto Detect Basic Configuration
Auto Detect Implementation in Static Routing
Auto Detect Implementation in VLAN Interface Backup
Auto Detect Configuration Examples
Configuration Example for Auto Detect Implementation in Static Routing
Configuration Example for Auto Detect Implementation in VLAN Interface Backup
Page
1
Voice VLAN Overview
How an IP Phone Works
DHCP Server1
DHCP Server2 Call agent
How the Device Identifies Voice Traffic
Configuring Operation Mode for Voice VLAN
Processing mode of untagged packets sent by IP voice devices
Processing mode of tagged packets sent by IP voice devices
Support for Voice VLAN on Various Ports
Security Mode of Voice VLAN
Voice VLAN Configuration
Configuration Prerequisites
Configuring a Voice VLAN to Operate in Automatic Mode
Configuring a Voice VLAN to Operate in Manual Mode
Page
Displaying and Maintaining Voice VLAN
Voice VLAN Configuration Example
Voice VLAN Configuration Example (Automatic Mode)
Voice VLAN Configuration Example (Manual Mode)
Verification
Page
1
Introduction to GVRP
GARP
GARP messages and timers
Operating mechanism of GARP
GARP message format
Page
GVRP
Protocol Specifications
GVRP Configuration
Configuration Task List
Enabling GVRP
Configuration Prerequisite
Configuring GVRP Timers
Configuring GVRP Port Registration Mode
Displaying and Maintaining GVRP
GVRP Configuration Example
GVRP Configuration Example
Page
Page
Page
1
Ethernet Port Overview
Types and Numbers of Ethernet Ports
Combo Ports Mapping Relations
Link Types of Ethernet Ports
Configuring the Default VLAN ID for an Ethernet Port
Adding an Ethernet Port to Specified VLANs
Configuring Ethernet Ports
Making Basic Port Configuration
Configuring Port Auto-Negotiation Speed
Setting the Ethernet Port Broadcast Suppression Ratio
Enabling Flow Control on a Port
Configuring Access Port Attribute
Configuring Hybrid Port Attribute
Configuring Trunk Port Attribute
Disabling Up/Down Log Output on a Port
Configuration tasks
Configuration example
Copying Port Configuration to Other Ports
Configuring a Port Group
Setting Loopback Detection for an Ethernet Port
Configuring the Ethernet Port to Run Loopback Test
Enabling the System to Test Connected Cable
Configuring the Interval to Perform Statistical Analysis on Port Traffic
Displaying and Maintaining Ethernet Ports
Ethernet Port Configuration Example
Troubleshooting Ethernet Port Configuration
Page
1
Introduction to Link Aggregation
Introduction to LACP
Operation Key
Manual Aggregation Group
Introduction to manual aggregation group
Port status in manual aggregation group
Requirements on ports for manual aggregation
Static LACP Aggregation Group
Introduction to static LACP aggregation
Port status of static aggregation group
Dynamic LACP Aggregation Group
Introduction to dynamic LACP aggregation group
Port status of dynamic aggregation group
Configuring system priority
Configuring port priority
Aggregation Group Categories
Link Aggregation Configuration
Configuring a Manual Aggregation Group
Configuring a Static LACP Aggregation Group
Configuring a Dynamic LACP Aggregation Group
Displaying and Maintaining Link Aggregation
Link Aggregation Configuration Example
Switch A Link aggregation
Switch B
Page
Page
1
Port Isolation Overview
Introduction to Port Isolation
Port Isolation Configuration
Displaying and Maintaining Port Isolation
Port Isolation Configuration Example
Switch
1-3
# Display the information about the ports in the isolation group.
Page
1
Port Security Overview
Introduction
Port Security Features
Port Security Modes
Page
Port Security Configuration
Enabling Port Security
Setting the Maximum Number of MAC Addresses Allowed on a Port
Setting the Port Security Mode
Configuring Port Security Features
Configuring the NTK feature
Configuring intrusion protection
Configuring the Trap feature
Ignoring the Authorization Information from the RADIUS Server
Configuring Security MAC Addresses
Displaying and Maintaining Port Security Configuration
Port Security Configuration Example
Internet
2
Port Binding Overview
Introduction
Configuring Port Binding
Displaying and Maintaining Port Binding Configuration
Port Binding Configuration Example
Page
1
DLDP Overview
DLDP Fundamentals
DLDP status
DLDP timers
DLDP operating mode
DLDP implementation
Page
DLDP neighbor state
Precautions During DLDP Configuration
DLDP Configuration
DLDP Configuration Tasks
Resetting DLDP Status
DLDP Network Example
Page
Page
1
Introduction to MAC Address Table
Introduction to MAC Address Learning
Page
Managing MAC Address Table
Aging of MAC address table
Entries in a MAC address table
Configuring MAC Address Table Management
Configuring a MAC Address Entry
Adding a MAC address entry in system view
Adding a MAC address entry in Ethernet port view
Setting the Aging Time of MAC Address Entries
Setting the Maximum Number of MAC Addresses a Port Can Learn
Disabling MAC Address learning for a VLAN
Displaying and Maintaining MAC Address Table
Configuration Example
Adding a Static MAC Address Entry Manually
Page
Page
1
STP Overview
STP Overview
Functions of STP
Protocol packets of STP
Page
How STP works
Page
Page
Page
Page
Page
MSTP Overview
Background of MSTP
Disadvantages of STP and RSTP
Features of MSTP
Basic MSTP Terminologies
MST region
Page
Port state
Principle of MSTP
Calculate the CIST
Calculate an MSTI
Implement STP algorithm
MSTP Implementation on the Device
STP-related Standards
Configuring Root Bridge
Configuration Prerequisites
Configuring an MST Region
Configuration example
Specifying the Current Device as a Root Bridge/Secondary Root Bridge
Specify the current device as the root bridge of a spanning tree
Specify the current device as the secondary root bridge of a spanning tree
Configuring the Bridge Priority of the Current Device
Configuring the Mode a Port Recognizes and Sends MSTP Packets
Configuring the MSTP Operation Mode
Configuring the Maximum Hop Count of an MST Region
Configuring the Network Diameter of the Switched Network
Configuring the MSTP Time-related Parameters
Configuring the Timeout Time Factor
Configuration procedure
Configuration example
Configuring the Maximum Transmitting Speed on the Current Port
Configure the maximum transmitting speed for specified ports in system view
Configure the maximum transmitting speed in Ethernet port view
Configuration example
Configuring the Current Port as an Edge Port
Configure a port as an edge port in system view
Configure a port as an edge port in Ethernet port view
Configuration example
Specifying Whether the Link Connected to a Port Is Point-to-point Link
Specify whether the link connected to a port is point-to-point link in system view
Specify whether the link connected to a port is point-to-point link in Ethernet port view
Enabling MSTP
Configuring Leaf Nodes
Configuration Prerequisites
Configuring the MST Region
Configuring the Mode a Port Recognizes and Sends MSTP Packets
Configuring the Timeout Time Factor
Configuring the Maximum Transmitting Speed on the Current Port
Configuring the Path Cost for a Port
Standards for calculating path costs of ports
Configure the path cost for specific ports
Configuration example (A)
Configuration example (B)
Configuring Port Priority
Configure port priority in system view
Configure port priority in Ethernet port view
Configuration example
Specifying Whether the Link Connected to a Port Is a Point-to-point Link
Performing mCheck Operation
Configuration Prerequisites
Configuration Procedure
Perform the mCheck operation in system view
Perform the mCheck operation in Ethernet port view
Configuring Guard Functions
BPDU guard
Root guard
Loop guard
TC-BPDU attack guard
BPDU dropping
Configuration Prerequisites
Configuring BPDU Guard
Configuring Root Guard
Configuring Loop Guard
Configuring TC-BPDU Attack Guard
Configuring BPDU Dropping
Configuring Digest Snooping
Introduction
Configuring Digest Snooping
Configuring Rapid Transition
Page
Configuring Rapid Transition
Configuring VLAN-VPN Tunnel
Introduction
Configuring VLAN-VPN tunnel
STP Maintenance Configuration
Introduction
Enabling Log/Trap Output for Ports of MSTP Instance
Configuration Example
Enabling Trap Messages Conforming to 802.1d Standard
Displaying and Maintaining MSTP
MSTP Configuration Example
Page
VLAN-VPN tunnel Configuration Example
Page
Page
1
Introduction to 802.1x
Architecture of 802.1x Authentication
Port access entity
Controlled port and uncontrolled port
The valid direction of a controlled port
Port access control method
The Mechanism of an 802.1x Authentication System
Encapsulation of EAPoL Messages
The format of an EAPoL packet
The format of an EAP packet
Fields added for EAP authentication
802.1x Authentication Procedure
EAP relay mode
Page
EAP terminating mode
......
Timers Used in 802.1x
Additional 802.1x Features Implemented
Checking the supplicant system
Checking the client version
The Guest VLAN function
Enabling 802.1x re-authentication
Introduction to 802.1x Configuration
Basic 802.1x Configuration
Configuration Prerequisites
Configuring Basic 802.1x Functions
Page
Timer and Maximum User Number Configuration
Advanced 802.1x Configuration
Configuring Proxy Checking
Configuring Client Version Checking
Enabling DHCP-triggered Authentication
Configuring Guest VLAN
Configuring 802.1x Re-Authentication
Configuring the 802.1x Re-Authentication Timer
Displaying and Maintaining 802.1x
Configuration Example
802.1x Configuration Example
Page
Page
2
Introduction to Quick EAD Deployment
Quick EAD Deployment Overview
Operation of Quick EAD Deployment
Restricted access
Configuring a free IP range
Setting the ACL timeout period
Displaying and Maintaining Quick EAD Deployment
Quick EAD Deployment Configuration Example
Troubleshooting
3
System-Guard Overview
Configuring the System-Guard Feature
Configuring the System-Guard Feature
Displaying and Maintaining System-Guard
Page
Page
1
Introduction to AAA
Authentication
Authorization
Accounting
Introduction to AAA Services
Introduction to RADIUS
Basic message exchange procedure in RADIUS
RADIUS message format
Page
Introduction to HWTACACS
What is HWTACACS
Basic message exchange procedure in HWTACACS
Page
Page
2
AAA Configuration Task List
Configuration Introduction
Creating an ISP Domain and Configuring Its Attributes
Configuring an AAA Scheme for an ISP Domain
Configuring a combined AAA scheme
Configuring separate AAA schemes
Configuring Dynamic VLAN Assignment
Configuring the Attributes of a Local User
Page
Cutting Down User Connections Forcibly
RADIUS Configuration Task List
Page
Creating a RADIUS Scheme
Configuring RADIUS Authentication/Authorization Servers
Configuring RADIUS Accounting Servers
Configuring Shared Keys for RADIUS Messages
Configuring the Maximum Number of RADIUS Request Transmission Attempts
Configuring the Type of RADIUS Servers to be Supported
Configuring the Status of RADIUS Servers
Configuring the Attributes of Data to be Sent to RADIUS Servers
Configuring the Local RADIUS Authentication Server Function
Configuring Timers for RADIUS Servers
Enabling Sending Trap Message when a RADIUS Server Goes Down
Enabling the User Re-Authentication at Restart Function
HWTACACS Configuration Task List
Creating a HWTACACS Scheme
Configuring TACACS Authentication Servers
Configuring TACACS Authorization Servers
Configuring TACACS Accounting Servers
Configuring Shared Keys for HWTACACS Messages
Configuring the Attributes of Data to be Sent to TACACS Servers
Configuring the Timers Regarding TACACS Servers
Displaying and Maintaining AAA
Displaying and maintaining AAA information
Displaying and maintaining RADIUS protocol information
Displaying and maintaining HWTACACS protocol information
AAA Configuration Examples
Remote RADIUS Authentication of Telnet/SSH Users
Network requirements
Page
Local Authentication of FTP/Telnet Users
HWTACACS Authentication and Authorization of Telnet Users
Troubleshooting AAA
Troubleshooting RADIUS Configuration
Troubleshooting HWTACACS Configuration
3
Introduction to EAD
Typical Network Application of EAD
EAD Configuration
EAD Configuration Example
Page
Page
1
MAC Authentication Overview
Performing MAC Authentication on a RADIUS Server
Performing MAC Authentication Locally
Related Concepts
MAC Authentication Timers
Quiet MAC Address
Configuring Basic MAC Authentication Functions
Page
MAC Address Authentication Enhanced Function Configuration
MAC Address Authentication Enhanced Function Configuration Tasks
Configuring a Guest VLAN
Page
Configuring the Maximum Number of MAC Address Authentication Users Allowed to Access a Port
Displaying and Maintaining MAC Authentication
MAC Authentication Configuration Example
Page
Page
1
IP Addressing Overview
IP Address Classes
Special Case IP Addresses
Subnetting and Masking
Configuring IP Addresses
Displaying and Maintaining IP Addressing
IP Address Configuration Examples
IP Address Configuration Example I
IP Address Configuration Example II
Page
2
IP Performance Overview
Introduction to IP Performance Configuration
Introduction to FIB
Configuring IP Performance
Disabling Sending of ICMP Error Packets
Displaying and Maintaining IP Performance Configuration
Page
1
Introduction to DHCP
DHCP IP Address Assignment
IP Address Assignment Policy
Obtaining IP Addresses Dynamically
Updating IP Address Lease
DHCP Packet Format
Protocols and Standards
2
Introduction to DHCP Relay Agent
Usage of DHCP Relay Agent
DHCP Relay Agent Fundamentals
DHCP Relay Agent Support for Option 82
Introduction to Option 82
Padding content of Option 82
Mechanism of Option 82 supported on DHCP relay agent
Configuring the DHCP Relay Agent
DHCP Relay Agent Configuration Task List
Correlating a DHCP Server Group with a Relay Agent Interface
Configuring DHCP Relay Agent Security Functions
Configuring address checking
Configuring the dynamic client address entry updating function
Enabling unauthorized DHCP server detection
Configuring the DHCP Relay Agent to Support Option 82
Prerequisites
Configuring the DHCP relay agent to support Option 82
Displaying and Maintaining DHCP Relay Agent Configuration
DHCP Relay Agent Configuration Example
Configuration procedure
Troubleshooting DHCP Relay Agent Configuration
Symptom
Analysis
Solution
Page
3
DHCP Snooping Overview
Function of DHCP Snooping
Overview of DHCP Snooping Option 82
Introduction to Option 82
Padding content and frame format of Option 82
Mechanism of DHCP-snooping Option 82
Overview of IP Filtering
DHCP-snooping table
IP static binding table
IP filtering
DHCP Snooping Configuration
Configuring DHCP Snooping
Configuring DHCP Snooping to Support Option 82
DHCP-Snooping Option 82 Support Configuration Task List
Enable DHCP-snooping Option 82 support
Configure a handling policy for DHCP packets with Option 82
Configure the storage format of Option 82
Configure the circuit ID sub-option
Configure the remote ID sub-option
Configure the padding format for Option 82
Configuring IP Filtering
DHCP Snooping Configuration Example
DHCP-Snooping Option 82 Support Configuration Example
IP Filtering Configuration Example
Page
Displaying and Maintaining DHCP Snooping Configuration
4
Introduction to DHCP Client
Introduction to BOOTP Client
Configuring a DHCP/BOOTP Client
DHCP Client Configuration Example
Displaying and Maintaining DHCP/BOOTP Client Configuration
Page
1
ACL Overview
ACL Matching Order
Depth-first match order for rules of a basic ACL
Depth-first match order for rules of an advanced ACL
Ways to Apply an ACL on a Device
Being applied to the hardware directly
Being referenced by upper-level software
Types of ACLs Supported by Devices
ACL Configuration
Configuring Time Range
Page
Configuring Basic ACL
Configuring Advanced ACL
Configuring Layer 2 ACL
ACL Assignment
Assigning an ACL Globally
Configuration prerequisites
Configure procedure
Configuration example
Assigning an ACL to a VLAN
Assigning an ACL to a Port Group
Assigning an ACL to a Port
Displaying and Maintaining ACL
Examples for Upper-layer Software Referencing ACLs
Example for Controlling Telnet Login Users by Source IP
Internet
Example for Controlling Web Login Users by Source IP
Switch PC 10.110.100.46
Examples for Applying ACLs to Hardware
Basic ACL Configuration Example
Advanced ACL Configuration Example
Layer 2 ACL Configuration Example
Example for Applying an ACL to a VLAN
Page
Page
Page
1
Introduction to QoS
Traditional Packet Forwarding Service
New Applications and New Requirements
Major Traffic Control Techniques
QoS Supported by Devices
Traffic Classification
Precedence
IP precedence, ToS precedence, and DSCP precedence
802.1p priority
Priority Trust Mode
N Y
Trusting the 802.1p precedence
Trusting the DSCP precedence
Page
Protocol Priority
Priority Marking
Traffic Policing and Traffic Shaping
Token bucket
Evaluating the traffic with the token bucket
Traffic policing
Traffic shaping
Traffic Redirecting
VLAN Mapping
Queue Scheduling
Page
Page
Flow-based Traffic Accounting
Burst
Traffic mirroring
QoS Configuration
QoS Configuration Task List
Configuring Priority Trust Mode
Configuring Priority Mapping
Page
1-17
Setting the Priority of Protocol Packets
Marking Packet Priority
Configuring Traffic Policing
Page
Configuring Traffic Shaping
Configuration procedure
Configuration examples
Configuring Traffic Redirecting
Configuration prerequisites
Configuration procedure
Page
Configuring VLAN Mapping
Configuring Queue Scheduling
Page
Collecting/Clearing Traffic Statistics
Page
Enabling the Burst Function
Configuring Traffic Mirroring
Page
Page
Displaying and Maintaining QoS
QoS Configuration Example
Configuration Example of Traffic Policing
Switch
Page
2
Introduction to QoS Profile
QoS Profile Application Mode
Dynamic application mode
Manual application mode
QoS Profile Configuration
QoS Profile Configuration Task List
Configuring a QoS Profile
Applying a QoS Profile
Displaying and Maintaining QoS Profile
QoS Profile Configuration Example
Page
Page
1
Mirroring Overview
Local Port Mirroring
Remote Port Mirroring
MAC-Based Mirroring
VLAN-Based Mirroring
Mirroring Configuration
Configuring Local Port Mirroring
Configuring Remote Port Mirroring
Configuration on the device acting as a source switch
Configuration on the device acting as an intermediate switch
Configuration on the device acting as a destination switch
Configuring MAC-Based Mirroring
Configuring VLAN-Based Mirroring
Displaying and Maintaining Port Mirroring
Mirroring Configuration Example
Local Port Mirroring Configuration Example
Remote Port Mirroring Configuration Example
Page
Page
Page
Page
1
Introduction to ARP
ARP Function
ARP Message Format
Page
ARP Table
ARP Process
Introduction to ARP Attack Detection
Man-in-the-middle attack
ARP attack detection
Introduction to Gratuitous ARP
Configuring ARP
Configuring ARP Basic Functions
Configuring ARP Attack Detection
Configuring Gratuitous ARP
Displaying and Maintaining ARP
ARP Configuration Example
ARP Basic Configuration Example
ARP Attack Detection Configuration Example
Page
Page
1
SNMP Overview
SNMP Operation Mechanism
SNMP Versions
Supported MIBs
Configuring Basic SNMP Functions
Configuring basic SNMP functions for SNMPv1 or SNMPv2c
Configuring basic SNMP functions for SNMPv3
Configuring Trap Parameters
Configuring Basic Trap
Configuring Extended Trap
Enabling Logging for Network Management
Displaying and Maintaining SNMP
SNMP Configuration Examples
SNMP Configuration Examples
Network procedure
Configuring the NMS
2
Introduction to RMON
Working Mechanism of RMON
Commonly Used RMON Groups
Event group
Alarm group
Extended alarm group
History group
RMON Configuration
Displaying and Maintaining RMON
RMON Configuration Examples
Network requirements
Interne t
Configuration procedures
# Display the RMON extended alarm entry numbered 2.
Page
1
Multicast Overview
Information Transmission in the Unicast Mode
Information Transmission in the Broadcast Mode
Information Transmission in the Multicast Mode
Roles in Multicast
Advantages and Applications of Multicast
Advantages of multicast
Application of multicast
Multicast Models
ASM model
SFM model
SSM model
Multicast Architecture
IP multicast address
Ethernet multicast MAC address
Multicast Protocols
Layer 3 multicast protocols
Layer 2 multicast protocols
Multicast Packet Forwarding Mechanism
Implementation of the RPF Mechanism
RPF Check
Page
2
IGMP Snooping Overview
Principle of IGMP Snooping
Basic Concepts in IGMP Snooping
IGMP Snooping related ports
Work Mechanism of IGMP Snooping
When receiving a general query
When receiving a membership report
When receiving a leave message
IGMP Snooping Configuration
IGMP Snooping Configuration Task List
Enabling IGMP Snooping
Configuring the Version of IGMP Snooping
Configuring Timers
Configuring Fast Leave Processing
Enabling fast leave processing in system view
Enabling fast leave processing in Ethernet port view
Configuring a Multicast Group Filter
Configuring a multicast group filter in system view
Configuring a multicast group filter in Ethernet port view
Configuring the Maximum Number of Multicast Groups on a Port
Configuring IGMP Querier
Suppressing Flooding of Unknown Multicast Traffic in a VLAN
Configuring Static Member Port for a Multicast Group
In Ethernet port view
In VLAN interface view
Configuring a Static Router Port
In Ethernet port view
In VLAN view
Configuring a Port as a Simulated Group Member
Configuring a VLAN Tag for Query Messages
Configuring Multicast VLAN
Page
Displaying and Maintaining IGMP Snooping
IGMP Snooping Configuration Examples
Configuring IGMP Snooping
Page
Configuring Multicast VLAN
Page
Troubleshooting IGMP Snooping
3
Common Multicast Configuration
Configuring a Multicast MAC Address Entry
Configuring Dropping Unknown Multicast Packets
Displaying and Maintaining Common Multicast Configuration
Page
1
Introduction to NTP
Applications of NTP
Implementation Principle of NTP
NTP Implementation Modes
Server/client mode
Symmetric peer mode
Broadcast mode
Multicast mode
NTP Configuration Task List
Configuring NTP Implementation Modes
Configuring NTP Server/Client Mode
Configuring the NTP Symmetric Peer Mode
Configuring NTP Broadcast Mode
Configuring the device to work in the NTP broadcast server mode
Configuring the device to work in the NTP broadcast client mode
Configuring NTP Multicast Mode
Configuring the device to work in the multicast server mode
Configuring the device to work in the multicast client mode
Configuring Access Control Right
Configuring NTP Authentication
Configuring NTP authentication on the client
Configuring NTP authentication on the server
Configuring Optional NTP Parameters
Configuring an Interface on the Local Device to Send NTP Messages
Configuring the Number of Dynamic Sessions Allowed on the Local Device
Disabling an Interface from Receiving NTP messages
Displaying and Maintaining NTP Configuration
NTP Configuration Examples
Configuring NTP Server/Client Mode
Page
Configuring NTP Symmetric Peer Mode
Configuring NTP Broadcast Mode
Page
Configuring NTP Multicast Mode
Configuring NTP Server/Client Mode with Authentication
Page
Page
1
SSH Overview
Introduction to SSH
Algorithm and Key
Asymmetric Key Algorithm
SSH Operating Process
Version negotiation
Key negotiation
Authentication negotiation
Session request
Data exchange
Configuring the SSH Server
SSH Server Configuration Tasks
Configuring the Protocol Support for the User Interface
Generating/Destroying a RSA or DSA Key Pair
Exporting the RSA or DSA Public Key
Creating an SSH User and Specify an Authentication Type
Specifying a Service Type for an SSH User
Configuring SSH Management
Configuring the Client Public Key on the Server
Page
Assigning a Public Key to an SSH User
Specifying a Source IP Address/Interface for the SSH Server
Configuring the SSH Client
SSH Client Configuration Tasks
Configuring the SSH Client Using an SSH Client Software
Generate a client key
Page
Specify the IP address of the Server
Page
Open an SSH connection with publickey authentication
Page
Open an SSH connection with password authentication
Configuring the SSH Client on an SSH2-Capable Device
Configure whether first-time authentication is supported
Establish the connection between the SSH client and server
Specifying a Source IP address/Interface for the SSH client
Displaying and Maintaining SSH Configuration
SSH Configuration Examples
When the Device Acts as the SSH Server and the Authentication Type is Password
Page
When the Device Acts as an SSH Server and the Authentication Type is Publickey
Page
Page
Page
Page
Page
When the Switch Acts as an SSH Client and the Authentication Type is Password
When the Device Acts as an SSH Client and the Authentication Type is Publickey
Page
When the Device Acts as an SSH Client and First-time authentication is not Supported
Page
Page
Page
1
File System Configuration
Introduction to File System
File System Configuration Tasks
Directory Operations
File Operations
Flash Memory Operations
Prompt Mode Configuration
File System Configuration Example
File Attribute Configuration
Introduction to File Attributes
Configuring File Attributes
Page
1
Introduction to FTP and SFTP
Introduction to FTP
Introduction to SFTP
FTP Configuration
FTP Configuration: The Device Operating as an FTP Server
Creating an FTP user
Enabling an FTP server
Configuring connection idle time
Specifying the source interface and source IP address for an FTP server
Disconnecting a specified user
Configuring the banner for an FTP server
Displaying FTP server information
FTP Configuration: The Device Operating as an FTP Client
Basic configurations on an FTP client
Page
Specifying the source interface and source IP address for an FTP client
Configuration Example: The Device Operating as an FTP Server
Network requirements
Page
FTP Banner Display Configuration Example
FTP Configuration: The Device Operating as an FTP Client
Page
SFTP Configuration
SFTP Configuration: The Device Operating as an SFTP Server
Enabling an SFTP server
Configuring connection idle time
Supported SFTP client software
SFTP Configuration: The Device Operating as an SFTP Client
Basic configurations on an SFTP client
Page
Specifying the source interface or source IP address for an SFTP client
SFTP Configuration Example
Network requirements
Configuration procedure
Page
1-18
# Display the current directory of the server. Delete the file z and verify the result.
# Add a directory new1, and then check whether the new directory is successfully created.
# Rename the directory new1 as new2, and then verify the result.
1-19
# Download the file pubkey2 from the server and rename it as public.
# Upload the file pu to the server and rename it as puk, and then verify the result.
# Exit SFTP.
2
Introduction to TFTP
TFTP Configuration
TFTP Configuration: The Device Operating as a TFTP Client
Basic configurations on a TFTP client
Specifying the source interface or source IP address for an FTP client
TFTP Configuration Example
Page
Page
1
Information Center Overview
Introduction to Information Center
Classification of system information
Eight levels of system information
Ten channels and six output directions of system information
Outputting system information by source module
System Information Format
Priority
Timestamp
Sysname
Module
Level (Severity)
Information Center Configuration
Introduction to the Information Center Configuration Tasks
Configuring Synchronous Information Output
Configuring to Display the Time Stamp with the UTC Time Zone
Setting to Output System Information to the Console
Setting to output system information to the console
Enabling system information display on the console
Setting to Output System Information to a Monitor Terminal
Setting to output system information to a monitor terminal
Enabling system information display on a monitor terminal
Setting to Output System Information to a Log Host
Setting to Output System Information to the Trap Buffer
Setting to Output System Information to the Log Buffer
Setting to Output System Information to the SNMP NMS
Displaying and Maintaining Information Center
Information Center Configuration Examples
Log Output to a UNIX Log Host
Page
Log Output to a Linux Log Host
Log Output to the Console
Page
Page
1
Introduction to Loading Approaches
Remote Loading Using FTP
Loading procedure using FTP client
Loading procedure using FTP server
Page
1-4
Step 7: Use the put command to upload the file config.cfg to Switch.
Remote Loading Using TFTP
2
Basic System Configuration
Displaying the System Status
Debugging the System
Enabling/Disabling System Debugging
Displaying Debugging Status
Displaying Operating Information about Modules in System
3
Network Connectivity Test
ping
tracert
4
Introduction to Device Management
Device Management Configuration
Device Management Configuration Tasks
Rebooting the Device
Scheduling a Reboot on the Device
Configuring Real-time Monitoring of the Running Status of the System
Specifying the Main Configuration File to be Used at Next Reboot
Identifying and Diagnosing Pluggable Transceivers
Introduction to pluggable transceivers
Identifying pluggable transceivers
Diagnosing pluggable transceivers
Displaying and Maintaining the Device Management Configuration
Page
1
VLAN-VPN Overview
Introduction to VLAN-VPN
Implementation of VLAN-VPN
Adjusting the TPID Values of VLAN-VPN Packets
VLAN-VPN Configuration
Configuration Task List
Enabling the VLAN-VPN Feature for a Port
TPID Adjusting Configuration
Displaying and Maintaining VLAN-VPN
VLAN-VPN Configuration Example
Transmitting User Packets through a Tunnel in the Public Network by Using VLAN-VPN
Data transfer process
Page
2
Selective QinQ Overview
Selective QinQ Overview
Inner-to-Outer Tag Priority Mapping
Selective QinQ Configuration
Configuration Task List
Enabling the Selective QinQ Feature for a Port
Configuring the Inner-to-Outer Tag Priority Mapping Feature
Selective QinQ Configuration Example
Processing Private Network Packets by Their Types
Page
Page
Page
Page
1
HWPing Overview
Introduction to HWPing
Test Types Supported by HWPing
HWPing Test Parameters
Page
HWPing Configuration
Configuration on a HWPing Server
HWPing server configuration tasks
HWPing server configuration
HWPing Client Configuration
HWPing client configuration
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Configuring HWPing client to send Trap messages
Displaying and Maintaining HWPing
HWPing Configuration Example
ICMP Test
DHCP Test
Page
FTP Test
Page
HTTP Test
Jitter Test
Page
1-25
For detailed output description, see the corresponding command manual.
SNMP Test
Page
1-27
# Display test results
For detailed output description, see the corresponding command manual.
TCP Test (Tcpprivate Test) on the Specified Ports
Figure 1-8 Network diagram for the Tcpprivate test
IP network
Page
UDP Test (Udpprivate Test) on the Specified Ports
DNS Test
Page
1-32
Page
1
DNS Overview
Static Domain Name Resolution
Dynamic Domain Name Resolution
Resolution procedure
Configuring Domain Name Resolution
Configuring Static Domain Name Resolution
Configuring Dynamic Domain Name Resolution
DNS Configuration Example
Static Domain Name Resolution Configuration Example
Host
Switch
Dynamic Domain Name Resolution Configuration Example
IP network
Page
Displaying and Maintaining DNS
Troubleshooting DNS Configuration
Page
1
Smart Link Overview
Basic Concepts in Smart Link
Smart Link group
Master port
Slave port
Flush message
Control VLAN for sending flush messages
Control VLAN for receiving flush messages
Configuring Smart Link
Configuration Task List
Configuring a Smart Link Device
Configuring Associated Devices
Precautions
Displaying and Maintaining Smart Link
Smart Link Configuration Example
Implementing Link Redundancy Backup
Page
Page
2
Introduction to Monitor Link
How Monitor Link Works
Configuring Monitor Link
Configuration Task List
Creating a Monitor Link Group
Configuring the Uplink Port
Configuring a Downlink Port
Displaying and Maintaining Monitor Link
Monitor Link Configuration Example
Implementing Collaboration Between Smart Link and Monitor Link
Page
Page
Page
1
PoE Overview
Introduction to PoE
Advantages of PoE
PoE components
PoE Configuration
PoE Configuration Task List
Enabling the PoE Feature on a Port
Setting the Maximum Output Power on a Port
Setting PoE Management Mode and PoE Priority of a Port
Setting the PoE Mode on a Port
Configuring the PD Compatibility Detection Function
Upgrading the PSE Processing Software Online
Displaying and Maintaining PoE Configuration
PoE Configuration Example
PoE Configuration Example
Networking requirements
Page
2
Introduction to PoE Profile
PoE Profile Configuration
Configuring PoE Profile
Displaying and Maintaining PoE Profile Configuration
PoE Profile Configuration Example
PoE Profile Application Example
Page
Page
Page
1
Introduction to IP Route and Routing Table
IP Route
Routing Table
Function
Page
Routing Protocol Overview
Static Routing and Dynamic Routing
Classification of Dynamic Routing Protocols
Operational scope
Routing algorithm
Load Sharing and Route Backup
Load sharing
Route backup
Routing Information Sharing
Displaying and Maintaining a Routing Table
2
Introduction to Static Route
Static Route
Default Route
Static Route Configuration
Configuration Prerequisites
Configuring a Static Route
Displaying and Maintaining Static Routes
Static Route Configuration Example
Troubleshooting a Static Route
3
RIP Overview
Basic Concepts
RIP
RIP routing database
RIP Startup and Operation
RIP Configuration Task List
Basic RIP Configuration
Configuration Prerequisites
Configuring Basic RIP Functions
Enabling RIP on the interfaces attached to a specified network segment
RIP Route Control
Configuration Prerequisites
Configuring RIP Route Control
Setting the additional routing metrics of an interface
Configuring RIP route summarization
Disabling the router from receiving host routes
Configuring RIP to filter incoming/outgoing routes
Setting RIP preference
Configuring RIP to redistribute routes from another protocol
RIP Network Adjustment and Optimization
Configuration Prerequisites
Configuration Tasks
Configuring RIP timers
Configuring split horizon
Configuring RIP-1 packet zero field check
Setting RIP-2 packet authentication mode
Configuring RIP to unicast RIP packets
Displaying and Maintaining RIP Configuration
RIP Configuration Example
Troubleshooting RIP Configuration
Failed to Receive RIP Updates
4
IP Route Policy Overview
Introduction to IP Route Policy
Filters
ACL
IP Route Policy Configuration Task List
Route Policy Configuration
Defining a Route Policy
Defining if-match Clauses and apply Clauses
Displaying and Maintaining IP Route Policy
IP Route Policy Configuration Example
Controlling RIP Packet Cost to Implement Dynamic Route Backup
Configuration considerations
Configuration procedure
Page
4-7
# Create node 50 with the matching mode being permit, to allow all routing information to pass.
# Configure RIP and apply the route policy in to the incoming routing information.
Configuration verification
Precautions
Troubleshooting IP Route Policy
Symptom
Analysis
Solution
Page
1
Introduction to UDP Helper
Configuring UDP Helper
Displaying and Maintaining UDP Helper
UDP Helper Configuration Example
Cross-Network Computer Search Through UDP Helper
Page
Appendix A Acronyms