Main
TigerSwitch 10/100/1000
Gigabit Ethernet Switch
Management Guide
Page
Page
Page
L
W
IMITED
ARRANTY
W
IMITED
ARRANTY
ii
iii
ONTENTS
1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1-1
2 Initial Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . 2-1
3 Configuring the Switch . . . . . . . . . . . . . . . . . . . . . . . . 3-1
iv
v
vi
4 Command Line Interface . . . . . . . . . . . . . . . . . . . . . . . 4-1
vii
viii
ix
x
xi
xii
xiii
xiv
xv
A Software Specifications . . . . . . . . . . . . . . . . . . . . . . . . A-1
B Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-1 Glossary Index
T
xvi
ABLES
xvii
F
xviii
IGURES
xix
xx
1-1
NTRODUCTION
Key Features
1-2
Description of Software Features
F
S
1-3
1-4
F
S
1-5
1-6
D
1-7
System Defaults
1-8
D
1-9
Page
NITIAL
2-1
ONFIGURATION
Connecting to the Switch
Configuration Options
C
2-2
Required Connections
S
2-3
C
2-4
Remote Connections
Basic Configuration
Console Connection
C
2-5
Setting Passwords
C
2-6
Setting an IP Address
Manual Configuration
C
2-7
Dynamic Configuration
C
2-8
C
2-9
Enabling SNMP Management Access
Community Strings
C
2-10
C
2-11
Trap Receivers
Saving Configuration Settings
C
Managing System Files
Page
Page
ONFIGURING
THE
3-1
WITCH
Using the Web Interface
Page
Navigating the Web Browser Interface
S
3-4
Configuration Options
Panel Display
I
B
W
3-5
S
3-6
I
B
W
3-7
S
3-8
I
B
W
3-9
S
3-10
I
B
W
3-11
Basic Configuration
C
3-13
S
3-14
Displaying Switch Hardware/Software Versions
C
ASIC
3-15
Web Click System, Switch Information.
Figure 3-4. Switch Information CLI Use the following command to display version information.
S
3-16
Displaying Bridge Extension Capabilities
C
3-17
Setting the Switchs IP Address
S
3-18
Page
Page
C
3-21
S
3-22
Managing Firmware
Downloading System Software from a Server
Page
S
3-24
Saving or Restoring Configuration Settings
C
3-25
Downloading Configuration Settings from a Server
S
3-26
Resetting the System
C
3-27
Setting the System Clock
Configuring SNTP
S
3-28
C
3-29
Setting the Time Zone
S
Simple Network Management Protocol
Setting Community Access Strings
Page
S
3-32
A
3-33
User Authentication
Configuring the Logon Password
S
3-34
Configuring Local/Remote Logon Authentication
A
3-35
S
3-36
A
3-37
S
3-38
Configuring HTTPS
A
3-39
S
3-40
Replacing the Default Secure-site Certificate
A
3-41
Configuring the Secure Shell
S
3-42
A
3-43
Generating the Host Key Pair
S
3-44
Page
S
3-46
Configuring the SSH Server
Page
S
3-48
Configuring Port Security
A
3-49
Page
A
3-51
Configuring 802.1x Port Authentication
S
3-52
Displaying 802.1x Global Settings
A
3-53
S
3-54
A
3-55
Configuring 802.1x Global Settings
S
3-56
Configuring Port Authorization Mode
A
3-57
S
Statistical Values
3-58
Displaying 802.1x Statistics
Page
S
3-60
Access Control Lists
Configuring Access Control Lists
C
L
3-61
Setting the ACL Name and Type
S
3-62
C
L
3-63
Configuring a Standard IP ACL
S
3-64
Configuring an Extended IP ACL
C
L
3-65
Page
C
L
3-67
Configuring a MAC ACL
Page
Page
Page
C
L
3-71
Configuring an IP ACL Mask
Page
Page
S
3-74
Configuring a MAC ACL Mask
Page
S
3-76
Binding a Port to an Access Control List
Page
S
3-78
Filtering Management Access
Page
S
3-80
Port Configuration
Displaying Connection Status
Field Attributes (Web)
C
3-81
Field Attributes (CLI) Basic information:
Configuration:
S
3-82
Current status:
C
ORT
3-83
CLI This example shows the connection status for Port 5.
S
3-84
Configuring Interface Connections
C
3-85
S
3-86
Creating Trunk Groups
C
3-87
}
S
3-88
Statically Configuring a Trunk
C
}
ORT
3-89
Enabling LACP on Selected Ports
}
Page
C
3-91
Configuring LACP Parameters Dynamically Creating a Port Channel
S
3-92
Page
S
Counter Information
3-94
Displaying LACP Port Counters
C
3-95
Figure 3-41. Displaying LACP Port Counters Information
Table 3-5. LACP Port Counter Information
S
Internal Configuration Information
3-96
CLI The following example displays LACP counters for port channel 1.
C
3-97
Table 3-6. LACP Settings
S
3-98
C
3-99
Displaying LACP Settings and Status for the Remote Side
Neighbor Configuration Information
Table 3-7. LACP Remote Side Settings
S
3-100
Page
S
3-102
C
3-103
Configuring Port Mirroring
Page
C
3-105
S
3-106
Showing Port Statistics
Statistical Values
C
3-107
S
3-108
C
3-109
S
3-110
Figure 3-47. Displaying Port Statistics
Page
S
3-112
Address Table Settings
Setting Static Addresses
Page
Page
Page
S
3-116
Spanning Tree Algorithm Configuration
Page
S
3-118
T
C
A
3-119
Page
T
C
A
3-121
Configuring Global Settings
S
3-122
T
C
A
3-123
S
3-124
Page
S
3-126
Displaying Interface Settings
T
C
A
3-127
x
S
x
3-128
T
C
A
3-129
S
3-130
Configuring Interface Settings
T
C
A
3-131
S
3-132
Page
S
3-134
Page
S
3-136
CLI This displays STA settings for instance 1, followed by settings for each port.
Page
S
3-138
T
C
A
3-139
Configuring Interface Settings for MSTP
S
3-140
3-141
VLAN Configuration
Overview
S
3-142
Assigning Ports to VLANs
3-143
S
3-144
3-145
Forwarding Tagged/Untagged Frames
Page
3-147
Displaying Current VLANs
Command Attributes (Web)
Page
3-149
Creating VLANs
S
3-150
3-151
Adding Static Members to VLANs (VLAN Index)
S
3-152
3-153
Adding Static Members to VLANs (Port Index)
Page
3-155
S
3-156
3-157
x
S
3-158
Configuring Private VLANs
Enabling Private VLANs
3-159
Configuring Uplink and Downlink Ports
Configuring Protocol-Based VLANs
S
3-160
Configuring Protocol Groups
3-161
Mapping Protocols to VLANs
S
3-162
C
Class of Service Configuration
Setting the Default Priority for Interfaces
S
3-164
C
S
3-165
Mapping CoS Values to Egress Queues
S
3-166
Page
Page
C
S
3-169
Mapping Layer 3/4 Priorities to CoS Values
Page
Page
S
3-172
C
S
3-173
Mapping DSCP Priority
S
3-174
Page
S
3-176
Page
Page
C
S
3-179
Page
F
3-181
Multicast Filtering
S
3-182
Layer 2 IGMP (Snooping and Query)
Configuring IGMP Snooping and Query Parameters
F
3-183
S
3-184
F
3-185
Displaying Interfaces Attached to a Multicast Router
S
3-186
Specifying Static Interfaces for a Multicast Router
F
3-187
Displaying Port Members of Multicast Services
S
3-188
Assigning Ports to Multicast Services
F
3-189
S
3-190
Configuring Domain Name Service
Configuring General DNS Server Parameters
D
S
N
3-191
Page
D
S
N
3-193
Configuring Static DNS Host to Address Entries
Page
Page
S
3-196
Web Select DNS, Cache.
Page
L
I
4-2
Telnet Connection
Page
Entering Commands
Page
L
I
4-6
Showing Commands
Page
L
I
4-8
Understanding Command Modes
Exec Commands
C
4-9
Configuration Commands
L
I
4-10
C
4-11
Command Line Processing
L
I
Command Groups
The system commands can be broken down into the functional groups shown below
Table 4-4. Command Group Index
Table 4-3.
G
4-13
Table 4-4. Command Group Index
L
I
Line Commands
C
4-15
line
L
I
4-16
login
C
4-17
password
L
I
4-18
exec-timeout
C
4-19
password-thresh
Page
C
4-21
databits
Page
C
4-23
speed
Page
C
4-25
show line
L
I
General Commands
enable
C
4-27
disable
Page
C
4-29
reload
L
I
4-30
end
Page
L
I
4-32
This example shows how to quit a CLI session:
System Management Commands
Table 4-7. System Mangement Commands
M
C
4-33
Device Designation Commands
prompt
L
I
4-34
hostname
User Access Commands
M
C
4-35
username
L
I
4-36
enable password
M
C
IP Filter Commands
4-37
L
I
4-38
management
M
C
4-39
show management
L
I
Web Server Commands
4-40
Table 4-11. Web Server Command
M
C
4-41
ip http port
ip http server
L
I
4-42
ip http secure-server
M
C
4-43
L
I
4-44
ip http secure-port
M
C
4-45
Secure Shell Commands
L
I
4-46
M
C
4-47
L
I
4-48
ip ssh server
M
C
4-49
ip ssh timeout
L
I
4-50
ip ssh authentication-retries
M
C
4-51
ip ssh server-key size
delete public-key
L
I
4-52
ip ssh crypto host-key generate
M
C
4-53
ip ssh crypto zeroize
L
I
4-54
ip ssh save host-key
show ip ssh
M
C
4-55
show ssh
Use this command to display the current SSH server connections. Command Mode
L
I
4-56
show public-key
Table 4-13. SSH Information
M
C
4-57
L
I
4-58
Event Logging Commands
logging on
M
C
4-59
logging history
L
I
4-60
logging host
M
C
4-61
logging facility
L
I
4-62
logging trap
clear logging
M
C
4-63
show logging
L
I
The following example displays settings for the trap function.
4-64
M
C
4-65
show logging sendmail (4-69)
SMTP Alert Commands
L
I
4-66
logging sendmail host
M
C
4-67
logging sendmail level
logging sendmail source-email
L
I
4-68
logging sendmail destination-email
M
C
4-69
logging sendmail
show logging sendmail
L
I
4-70
Time Commands
Table 4-16. Time Commands
M
C
4-71
sntp server
L
I
4-72
sntp poll
sntp client
M
C
4-73
L
I
4-74
sntp broadcast client
show sntp
M
C
4-75
clock timezone
L
I
4-76
calendar set
show calendar
M
C
4-77
Example
System Status Commands
Page
M
C
ANAGEMENT
YSTEM
4-79
L
I
4-80
show running-config
M
C
ANAGEMENT
YSTEM
4-81
L
I
4-82
show system
M
C
4-83
show users
show version
L
I
4-84
Frame Size Commands
jumbo frame
Flash/File Commands
L
I
4-86
copy
C
4-87
L
I
4-88
The following example shows how to copy the running configuration to a startup file.
The following example shows how to download a configuration file:
C
4-89
delete
L
I
4-90
dir
C
4-91
whichboot
L
I
4-92
boot system
C
Authentication Commands
Authentication Sequence
L
I
4-94
authentication login
C
4-95
RADIUS Client
radius-server host
L
I
4-96
radius-server port
C
4-97
radius-server key
radius-server retransmit
L
I
4-98
radius-server timeout
show radius-server
C
4-99
TACACS+ Client
tacacs-server host
L
I
4-100
tacacs-server port
C
4-101
tacacs-server key
show tacacs-server
L
I
4-102
Port Security Commands
port security
C
4-103
L
I
4-104
802.1x Port Authentication
C
4-105
authentication dot1x default
L
I
4-106
dot1x default
dot1x max-req
C
4-107
dot1x port-control
L
I
4-108
dot1x operation-mode
dot1x re-authenticate
C
4-109
dot1x re-authentication
dot1x timeout quiet-period
L
I
4-110
dot1x timeout re-authperiod
dot1x timeout tx-period
C
4-111
show dot1x
L
I
4-112
C
UTHENTICATION
4-113
L
I
Access Control List Commands
C
L
4-115
L
I
IP ACLs
4-116
C
L
4-117
Table 4-27. IP ACL Commands
L
I
4-118
access-list ip
C
L
4-119
permit, deny (Standard ACL)
L
I
4-120
permit, deny (Extended ACL)
C
L
4-121
L
I
4-122
C
L
4-123
show ip access-list
access-list ip mask-precedence
L
I
4-124
C
L
4-125
mask (IP ACL)
L
I
4-126
C
IST
L
ONTROL
CCESS
L
I
4-128
show access-list ip mask-precedence
C
L
4-129
ip access-group
L
I
4-130
show ip access-group
map access-list ip
Page
L
I
4-132
show map access-list ip
C
L
4-133
match access-list ip
L
I
4-134
show marking
C
L
4-135
MAC ACLs
Table 4-28. MAC ACL Commands
L
I
4-136
access-list mac
C
L
4-137
permit, deny (MAC ACL)
L
I
4-138
C
L
4-139
show mac access-list
access-list mac mask-precedence
L
I
4-140
mask (MAC ACL)
Page
L
I
4-142
C
L
4-143
show access-list mac mask-precedence
L
I
4-144
mac access-group
C
L
4-145
show mac access-group
map access-list mac
L
I
4-146
show map access-list mac
C
L
4-147
match access-list mac
L
I
4-148
ACL Information
show access-list
SNMP Commands
L
I
4-150
snmp community
4-151
snmp contact
snmp location
L
I
4-152
snmp host
4-153
L
I
4-154
snmp enable traps
Page
L
I
4-156
4-157
DNS Commands
L
I
4-158
ip host
4-159
clear host
ip domain-name
L
I
4-160
ip domain-list
4-161
L
I
4-162
ip name-server
4-163
ip domain-lookup
Page
4-165
show dns
show dns cache
Page
Page
L
I
4-167
Interface Commands
Table 4-32. Interface Commands
C
4-168
interface
description
L
I
4-169
speed-duplex
C
4-170
negotiation
Page
C
4-172
capabilities
L
I
4-173
flowcontrol
C
4-174
combo-forced-mode
L
I
4-175
shutdown
C
4-176
switchport broadcast packet-rate
L
I
4-177
clear counters
Page
L
I
4-179
show interfaces counters
C
4-180
L
I
4-181
show interfaces switchport
C
4-182
L
I
4-183
Mirror Port Commands
port monitor
P
C
4-184
show port monitor
L
Rate Limit Commands
Page
L
I
4-187
Link Aggregation Commands
A
C
4-188
Page
Page
L
I
4-191
A
C
4-192
lacp system-priority
L
I
4-193
lacp admin-key (Ethernet Interface)
A
C
4-194
lacp admin-key (Port Channel)
L
I
4-195
lacp port-priority
A
C
4-196
show lacp
L
I
4-197
A
C
4-198
L
I
4-199
T
C
Address Table Commands
Table 4-36. Adress Table Commands
L
I
4-201
mac-address-table static
Page
L
I
4-203
mac-address-table aging-time
Page
L
I
4-205
Spanning Tree Commands
Table 4-37. Spanning Tree Commands
T
C
4-206
spanning-tree
Table 4-37. Spanning Tree Commands
L
I
4-207
spanning-tree mode
T
C
4-208
L
I
4-209
spanning-tree forward-time
T
C
4-210
spanning-tree hello-time
spanning-tree max-age
L
I
4-211
spanning-tree priority
T
C
4-212
spanning-tree pathcost method
Page
T
C
4-214
mst vlan
L
I
4-215
mst priority
T
C
4-216
name
L
I
4-217
revision
T
C
4-218
max-hops
Page
T
C
4-220
spanning-tree port-priority
L
I
4-221
spanning-tree edge-port
T
C
4-222
spanning-tree portfast
L
I
4-223
spanning-tree link-type
T
C
4-224
spanning-tree mst cost
L
I
4-225
T
C
4-226
spanning-tree mst port-priority
Page
T
C
4-228
show spanning-tree
L
I
4-229
Page
L
I
Editing VLAN Groups
4-231
VLAN Commands
Table 4-38. VLAN Commands
Table 4-39. Editing VLAN Groups
4-232
vlan database
L
I
4-233
vlan
4-234
Configuring VLAN Interfaces
Table 4-40. Configuring VLAN Interfaces
L
I
4-235
interface vlan
4-236
switchport mode
L
I
4-237
switchport acceptable-frame-types
4-238
switchport ingress-filtering
L
I
4-239
switchport native vlan
4-240
switchport allowed vlan
L
I
4-241
switchport forbidden vlan
4-242
Displaying VLAN Information
show vlan
L
I
4-243
Configuring Protocol-based VLANs
4-244
protocol-vlan protocol-group (Configuring Groups)
L
I
4-245
protocol-vlan protocol-group (Configuring Interfaces)
4-246
show protocol-vlan protocol-group
L
I
4-247
show interfaces protocol-vlan protocol-group
4-248
Configuring Private VLANs
pvlan
L
I
4-249
show pvlan
GVRP
GVRP and Bridge Extension Commands
bridge-ext gvrp
L
I
4-251
show bridge-ext
GVRP
C
E
B
4-252
L
I
4-253
garp timer
GVRP
C
E
B
4-254
Priority Commands
C
4-256
Priority Commands (Layer 2)
switchport priority default
L
I
4-257
C
4-258
queue mode
L
I
4-259
queue bandwidth
C
4-260
queue cos-map
L
I
4-261
show queue mode
C
4-262
show queue bandwidth
show queue cos-map
L
I
4-263
Default Setting None Command Mode
Example
C
4-264
map ip port (Global Configuration)
map ip port (Interface Configuration)
L
I
4-265
map ip precedence (Global Configuration)
C
4-266
map ip precedence (Interface Configuration)
L
I
4-267
map ip dscp (Global Configuration)
C
4-268
map ip dscp (Interface Configuration)
L
I
4-269
show map ip port
C
4-270
show map ip precedence
L
I
4-271
show map ip dscp
F
Multicast Filtering Commands
IGMP Snooping Commands
L
I
4-273
ip igmp snooping
F
C
4-274
ip igmp snooping vlan static
L
I
4-275
ip igmp snooping version
F
C
4-276
show ip igmp snooping
show mac-address-table multicast
L
I
IGMP Query Commands (Layer 2)
4-277
F
C
4-278
ip igmp snooping querier
ip igmp snooping query-count
L
I
4-279
ip igmp snooping query-interval
F
C
4-280
ip igmp snooping query-max-response-time
L
I
4-281
ip igmp snooping router-port-expire-time
F
C
4-282
Static Multicast Routing Commands
ip igmp snooping vlan mrouter
L
I
4-283
show ip igmp snooping mrouter
C
IP Interface Commands
Basic IP Configuration
L
I
4-285
ip address
C
4-286
ip dhcp restart
L
I
4-287
ip default-gateway
C
4-288
show ip interface
show ip redirects
L
I
4-289
ping
C
4-290
Related Commands interface (4 -168)
Page
PPENDIX
OFTWARE
A-1
PECIFICATIONS
Software Features
S
A-2
S
A-3
Management Features
Standards
S
A-4
Management Information Bases
PPENDIX
B-1
B T
ROUBLESHOOTING
Table B-1. Troubleshooting Chart
Page
G
Glossary-1
LOSSARY
Glossary-2
Glossary-3
Glossary-4
Glossary-5
Glossary-6
Glossary-7
Glossary-8
NDEX
Numerics
A
B
C
E
F
G
H
I
P
Q
R
S
T
U
V
W