Manuals / Brands / Computer Equipment / Switch / SMC Networks / Computer Equipment / Switch

SMC Networks 10/100/1000 SMCGS8P-Smart 2-73, Forwarding Tagged/Untagged Frames

1 366

Download 366 pages, 7.99 Mb

VLAN C

ONFIGURATION

2-73

hosts, and core switches in the network, enable GVRP on the links

between these devices. You should also determine security

boundaries in the network and disable GVRP on ports to prevent

advertisements being propagated, or forbid ports from joining

restricted VLANs.

Note: If you have host devices that do not support GVRP, you

must configure static VLANs for the switch ports connected

to these devices. You also still need to enable GVRP on

these edge switches, as well as on the core switches in the

network.

Forwarding Tagged/Untagged Frames

If you want to create a small port-based VLAN for devices attached

directly to a single switch, you can assign ports to the same

untagged VLAN. However, to participate in a VLAN group that

crosses several switches, you need to create a VLAN for that group

and enable tagging on all ports.

Ports can be assigned to multiple tagged or untagged VLANs. Each

port on the switch is therefore capable of passing tagged or

untagged frames. When forwarding a frame from this switch along

a path that contains any VLAN-aware devices, the switch should

include VLAN tags. When forwarding a frame from this switch

along a path that does not contain any VLAN-aware devices

(including the destination host), the switch must first strip off the

VLAN tag before forwarding the frame. When the switch receives a

tagged frame, it will pass this frame onto the VLAN(s) indicated by

the frame tag. However, when this switch receives an untagged

frame from a VLAN-unaware device, it first decides where to

forward the frame, and then inserts a VLAN tag reflecting the

ingress port’s default VID.

b_mgmt.book Page 73 Tuesday, July 8, 2003 5:24 PM

Contents

Main TigerSwitch 10/100/1000 Gigabit Ethernet Switch Managemen t Guide Page Page Page L W IMITED v ARRANTY W IMITED ARRANTY vi vii ONTENTS 1 Switch Management 1-1 2 Configuring the Switch 2-1 viii ix 3 Command Line Interface 3-1 x xi xii xiii Page 1-1 1 S M WITCH ANAGEMENT Connecting to the Switch M 1-2 Page M 1-4 Remote Connections C 1-5 Basic Configuration Console Connection M 1-6 Setting Passwords C 1-7 Setting an IP Address M 1-8 C 1-9 M 1-10 Enabling SNMP Management Access C 1-11 M 1-12 Saving Configuration Settings S F Managing System Files M 1-14 System Defaults D 1-15 M 1-16 D 1-17 Page 2-1 2 S THE ONFIGURING Navigating the Web Browser Interface Page S 2-4 Panel Display M 2-5 Main Menu S 2-6 M 2-7 S 2-8 Basic Configuration Displaying System Information C 2-9 Page C 2-11 Setting the IP Address S 2-12 C 2-13 Manual Configuration Using DHCP/BOOTP Security Configuring the Logon Password 2-15 S 2-16 Configuring RADIUS/TACACS+ Logon Authentication 2-17 S 2-18 2-19 Page 2-21 Configuring HTTPS S 2-22 2-23 Replacing the Default Secure-site Certificate S 2-24 Configuring SSH ECURITY 2-25 CLI Enter the following commands to configure the SSH service. S 2-26 Managing Firmware Downloading System Software from a Server Page S 2-28 Saving or Restoring Configuration Settings F 2-29 Page F 2-31 Displaying Bridge Extension Capabilities Page F ANAGING IRMWARE 2-33 Web Click System, Bridge Extension. Page F ANAGING IRMWARE 2-35 Web Click System, Switch Information. Port Configuration C ORT ONFIGURATION 2-37 CLI This example shows the connection status for Port 13. S 2-38 Configuring Interface Connections C 2-39 Page C 2-41 Setting Broadcast Storm Thresholds Page Page S 2-44 Configuring Port Security C 2-45 Port Security Action S 2-46 Port Security Configuration Address Table Settings Page Page Page Spanning Tree Protocol Configuration S 2-52 T C P 2-53 STP Information S 2-54 Page S THE ONFIGURING WITCH T C P 2-57 STP Configuration S 2-58 T C P 2-59 Page T C P 2-61 STP Port and Trunk Information S 2-62 T C P 2-63 Page T C P 2-65 STP Port and Trunk Configuration S 2-66 T C P 2-67 S 2-68 Page S 2-70 VLAN Configuration 2-71 Assigning Ports to VLANs S 2-72 2-73 Forwarding Tagged/Untagged Frames S 2-74 Displaying Basic VLAN Information 2-75 Displaying Current VLANs Command Attributes for Web Interface Page 2-77 Creating VLANs S 2-78 2-79 Adding Interfaces Based on Membership Type S 2-80 2-81 Page 2-83 Configuring VLAN Behavior for Interfaces S 2-84 2-85 Page Class of Service Configuration Page Page Page C S 2-91 Page C S 2-93 Mapping Layer 3/4 Priorities to CoS Values Page Page Page C S 2-97 Mapping DSCP Priority Page Page S 2-100 Port Trunk Configuration T C 2-101 Page Page S 2-104 Statically Configuring a Trunk Page S 2-106 Configuring SNMP Page Page Page Page SNMP 2-111 Page C 2-113 Multicast Configuration Configuring IGMP Parameters S 2-114 C 2-115 S THE ONFIGURING WITCH Page S 2-118 Specifying Interfaces Attached to a Multicast Router C 2-119 Displaying Port Members of Multicast Services Command Attribute Page C 2-121 Adding Multicast Addresses to VLANs Command Attribute Showing Device Statistics D S 2-123 Statistical Values S 2-124 D S 2-125 S 2-126 Page Page 801.1X P A ORT UTHENTICATION 801.1X Port Authentication S 2-130 801.1X P A 2-131 802.1x Port Configuration S 2-132 Page S 2-134 802.1x Statistics The 802.1x protocol includes statistics for 802.1x protocol exchanges for any port. Page Page 3-1 3 I INE L OMMAND L I 3-2 Telnet Connection Page Entering Commands Page L I 3-6 The command show interfaces ? will display the following information: Partial Keyword Lookup Page L I 3-8 Exec Commands E C 3-9 Configuration Commands L I 3-10 Command Line Processing Page L I 3-12 Command Groups The system commands can be broken down into the functional groups shown be low G 3-13 L I 3-14 General Commands enable C 3-15 disable L I 3-16 configure C 3-17 show history Page C 3-19 exit quit L Flash/File Commands C 3-21 copy L I 3-22 C 3-23 delete L I 3-24 dir C 3-25 whichboot L I 3-26 boot system M System Management Commands L I 3-28 M C 3-29 hostname L I 3-30 username M C 3-31 enable password L I 3-32 jumbo frame M C 3-33 ip http port L I 3-34 ip http server M C 3-35 ip http secure-server L I 3-36 ip http secure-port M C 3-37 ip ssh L I 3-38 ip ssh server M C 3-39 disconnect ssh Page M C 3-41 logging on L I 3-42 logging history M C 3-43 Page Page L I 3-46 Messages sent include the selected level up through level 0. Default Setting Level 3 - 0 Command Mode Global Configuration Example M C 3-47 clear logging show logging L I 3-48 show startup-config M C 3-49 L I 3-50 Example Related Commands show running-config (3-51) M C 3-51 show running-config L I 3-52 show system M C 3-53 show users L I 3-54 show version C Authentication Commands L I 3-56 authentication login C 3-57 Page C 3-59 radius-server key L I 3-60 radius-server retransmit radius-server timeout C 3-61 show radius-server tacacs-server host L I 3-62 tacacs-server port Page L I 3-64 Example SNMP Commands 3-65 snmp-server community Page 3-67 snmp-server host L I 3-68 3-69 snmp-server enable traps L I 3-70 snmp ip filter 3-71 show snmp L I 3-72 3-73 IP Commands L I 3-74 ip address 3-75 ip dhcp restart L I 3-76 ip default-gateway 3-77 show ip interface Page 3-79 L I 3-80 Line Commands C 3-81 line L I 3-82 login C 3-83 password L I 3-84 exec-timeout C 3-85 password-thresh L I 3-86 silent-time C 3-87 databits L I 3-88 parity C 3-89 speed Page C 3-91 Interface Commands L I 3-92 interface C 3-93 description L I 3-94 speed-duplex C 3-95 negotiation L I 3-96 capabilities C 3-97 flowcontrol L I 3-98 C 3-99 shutdown L I 3-100 switchport broadcast C 3-101 port security L I 3-102 clear counters C 3-103 show interfaces status L I 3-104 show interfaces counters C 3-105 L I 3-106 show interfaces switchport T Address Table Commands L I 3-108 mac-address-table static T C 3-109 show mac-address-table L I 3-110 Page Page T C 3-113 Spanning Tree Commands L I 3-114 spanning-tree T C 3-115 spanning-tree mode L I 3-116 spanning-tree forward-time T C 3-117 spanning-tree hello-time L I 3-118 spanning-tree max-age T C 3-119 spanning-tree priority L I 3-120 spanning-tree pathcost method Page L I 3-122 spanning-tree cost T C 3-123 spanning-tree port-priority L I 3-124 spanning-tree portfast T C 3-125 spanning-tree edge-port L I 3-126 spanning-tree protocol-migration T C 3-127 spanning-tree link-type L I 3-128 show spanning-tree T C REE PANNING OMMANDS VLAN Commands 3-131 vlan database L I 3-132 vlan 3-133 interface vlan L I 3-134 switchport mode 3-135 switchport acceptable-frame-types L I 3-136 switchport ingress-filtering 3-137 switchport native vlan L I 3-138 switchport allowed vlan 3-139 switchport forbidden vlan L I 3-140 show vlan GVRP GVRP and Bridge Extension Commands L I 3-142 switchport gvrp Page L I 3-144 garp timer Page L I 3-146 bridge-ext gvrp Page L I 3-148 IGMP Snooping Commands C 3-149 ip igmp snooping L I 3-150 ip igmp snooping vlan static C 3-151 ip igmp snooping version L I 3-152 show ip igmp snooping show mac-address-table multicast C 3-153 ip igmp snooping querier L I 3-154 ip igmp snooping query-count C 3-155 ip igmp snooping query-interval L I 3-156 ip igmp snooping query-max-response-time C 3-157 ip igmp snooping router-port-expire-time L I 3-158 ip igmp snooping vlan mrouter C 3-159 show ip igmp snooping mrouter L I Priority Commands C 3-161 switchport priority default L I 3-162 queue bandwidth C 3-163 queue cos-map L I 3-164 C 3-165 show queue bandwidth L I 3-166 show queue cos-map map ip precedence (Global Configuration) C 3-167 map ip precedence (Interface Configuration) L I 3-168 C 3-169 map ip dscp (Global Configuration) L I 3-170 map ip dscp (Interface Configuration) C 3-171 show map ip precedence L I 3-172 show map ip dscp C 3-173 L I 3-174 Mirror Port Commands port monitor P C 3-175 show port monitor L I 3-176 T C Port Trunking Commands L I 3-178 channel-group T C 3-179 lacp L I 3-180 A PPENDIX A-1 A T ROUBLESHOOTING A-2 Page U P S F B-3 Page G Glossary-1 LOSSARY Glossary-2 Glossary-3 Glossary-4 Glossary-5 Glossary-6 Glossary-7 Page I NDEX Index-2 P R S T U