Layer 2 Switching

35

discarded. If TRAP is specified, packets received from MAC addresses not on the port’s learn list will be discarded and an SNMP trap will be generated. If DISABLE is specified, the first time a packet is received from a MAC address not on the port’s learn list, it will be discarded, an SNMP trap will be generated and the port(s) will be disabled. To re-enable the port, disable the Port Security function on the port. The default value for this parameter is DISCARD.

If INTRUSIONACTION is set to TRAP or DISABLE, a list of MAC addresses for devices that are active on a port, but which are not allowed or learned for the port, can be displayed using the command:

SHOW SWITCH PORT={port-listALL} INTRUSION

Figure 8-1: Example output from the SHOW SWITCH PORT INTRUSION command.

Switch Port Information

----------------------------------------------------------------------------

Port 2 - 13 intrusion(s) detected

00-00-c0-1d-2c-f8 00-90-27-87-a5-22 00-00-cd-01-00-4a 00-d0-b7-4d-93-c0 08-00-5a-a1-02-3f 00-d0-b7-d5-5f-a9 00-b0-d0-20-d1-01 00-90-99-0a-00-49 00-10-83-05-72-83 00-00-cd-00-45-9e 00-00-c0-ad-a3-d0 00-a0-24-8e-65-3c 00-90-27-32-ad-61

----------------------------------------------------------------------------

A switch port can be manually locked before it reaches the learning limit, by using the command:

ACTIVATE SWITCH PORT={port-listALL} LOCK

Addresses can be manually added to a port locked list up to a total of 256 MAC addresses, and the learning limit can be extended to accommodate them, by using the command:

ADD SWITCH FILTER ACTION={FORWARDDISCARD} DESTADDRESS=macadd

PORT=port [ENTRY=entry] [LEARN] [VLAN={vlanname1..4094}]

Learned addresses on locked ports can be saved as part of the switch configuration, so that they will be part of the configuration after a power cycle, using the command:

CREATE CONFIG=filename

If the configuration is not saved when there is a locked list for a port, the learning process begins again after the router is restarted.

Virtual LANs

A Virtual LAN is a software-defined broadcast domain. The switch’s VLAN feature allows the network to be segmented by software management, improving network performance. Workstations, servers, and other network equipment connected to the switch can be grouped according to similar data and security requirements. Several VLANs can be connected to the same switch.

Devices that are members of a VLAN only exchange data with each other through the switching capabilities of the switch. Further flexibility can be gained by using VLAN tagging. To exchange data between devices in separate VLANs, the switch’s routing capabilities are used. VLAN status information,

Rapier Switch Software Release 2.2.1 C613-02013-00 Rev A

Page 34 Page 36
Page 35
Image 35
Allied Telesis C613-02013-00 manual Virtual LANs, Example output from the Show Switch Port Intrusion command
Page 34 Page 36

C613-02013-00 specifications

The Allied Telesis C613-02013-00 is a versatile and powerful network switch designed to meet the demands of modern networking environments. This device is part of Allied Telesis's extensive range of networking solutions, catering to both enterprise and industrial applications. It is engineered for high performance, reliability, and ease of management, making it a suitable choice for organizations that require robust connectivity solutions.

One of the main features of the C613-02013-00 is its support for advanced Layer 2 switching capabilities. This provides businesses with the necessary tools to manage and direct network traffic efficiently. The switch includes support for VLAN (Virtual Local Area Network) technology, which allows for the segmentation of network traffic, enhancing both security and performance. With VLANs, organizations can isolate critical workloads and improve network management while ensuring that sensitive information is protected from unauthorized access.

Another key characteristic of the C613-02013-00 is its extensive support for Power over Ethernet (PoE). This feature enables the switch to deliver electrical power along with data over standard Ethernet cabling. This is particularly beneficial for powering devices such as IP cameras, wireless access points, and VoIP phones, reducing the need for additional power supply infrastructure. With PoE capabilities, the switch simplifies installation and enhances flexibility in deploying network devices.

The C613-02013-00 also boasts advanced network management features, including support for SNMP (Simple Network Management Protocol) for efficient monitoring and troubleshooting. This ensures that network administrators can maintain optimal performance and quickly address any issues that arise. Additionally, the switch supports network redundancy features like Rapid Spanning Tree Protocol (RSTP), which helps to prevent network loops and minimizes downtime.

In terms of physical characteristics, the C613-02013-00 is designed for durability and ease of deployment in various environments. Its compact form factor allows for effective space utilization in data centers and network closets. Moreover, it features a fanless design, making it suitable for deployment in noise-sensitive environments such as offices and classrooms.

In summary, the Allied Telesis C613-02013-00 is a robust network switch offering advanced features such as Layer 2 switching, PoE support, and comprehensive network management capabilities. Its design and performance make it an excellent choice for businesses seeking to enhance their network infrastructure with reliable and secure connectivity solutions.
Top Page Image Contents