MicroNet SP6528 User manual

  • Hello! I am an AI chatbot trained to assist you with the MicroNet SP6528 User manual. I’ve already reviewed the document and can help you find the information you need or explain it in simple terms. Just ask your questions, and providing more details will help me assist you more effectively!
User Manual
SP6528
28-Port Gigabit Managed Switch
with 24 10/100/1000BASE-T (RJ-45) Ports
and 4 Gigabit SFP Ports
– 3 –
How to Use This Guide
This guide includes detailed information on the switch software, including how to
operate and use the management functions of the switch. To deploy this switch
effectively and ensure trouble-free operation, you should first read the relevant
sections in this guide so that you are familiar with all of its software features.
Who Should Read
this Guide?
This guide is for network administrators who are responsible for operating and
maintaining network equipment. The guide assumes a basic working knowledge of
LANs (Local Area Networks), the Internet Protocol (IP), and Simple Network
Management Protocol (SNMP).
How this Guide
is Organized
This guide provides detailed information about the switchs key features. It also
describes the switchs web browser interface and command line interface.
The guide includes these sections:
Section I “Getting Started” — Includes an introduction to switch management,
and the basic settings required to access the management interface.
Section II “Web Configuration — Includes all management options available
through the web browser interface.
Section III “Command Line Interface” — Includes all management options
available through the CLI.
Section IV “Appendices — Includes information on troubleshooting switch
management access.
Related
Documentation
For information on how to install the switch, see the following guide:
Installation Guide
For all safety information and regulatory statements, see the following documents:
Quick Start Guide
Safety and Regulatory Information
How to Use This Guide
– 4 –
Conventions
The following conventions are used throughout this guide to show information:
Note:
Emphasizes important information or calls your attention to related features
or instructions.
Caution:
Alerts you to a potential hazard that could cause loss of data, or damage
the system or equipment.
Revision History
This section summarizes the changes in each revision of this guide.
March 2017 Revision
This is the first version of this guide. This guide is valid for software release v1.1.2.0.
– 5 –
Contents
How to Use This Guide 3
Contents 5
Figures 35
Tables 45
Section I Getting Started 50
1 Introduction 51
Key Features 51
Description of Software Features 52
Address Resolution Protocol 56
System Defaults 57
2 Initial Switch Configuration 60
Connecting to the Switch 60
Configuration Options 60
Connecting to the Console Port 61
Logging Onto the Command Line Interface 62
Setting Passwords 62
Remote Connections 63
Configuring the Switch for Remote Management 63
Using the Network Interface 63
Setting an IP Address 64
Enabling SNMP Management Access 69
Managing System Files 71
Upgrading the Operation Code 72
Saving or Restoring Configuration Settings 73
Contents
– 6 –
Automatic Installation of Operation Code and Configuration Settings 74
Downloading Operation Code from a File Server 74
Specifying a DHCP Client Identifier 77
Downloading a Configuration File and Other Parameters From a DHCP Server 78
Setting the System Clock 80
Setting the Time Manually 80
Configuring SNTP 81
Configuring NTP 81
Section II Web Configuration 83
3 Using the Web Interface 84
Connecting to the Web Interface 84
Navigating the Web Browser Interface 85
Dashboard 85
Home Page 87
Configuration Options 87
Panel Display 88
Main Menu 89
4Basic Management Tasks 103
Displaying System Information 104
Displaying Hardware/Software Versions 105
Configuring Support for Jumbo Frames 106
Displaying Bridge Extension Capabilities 107
Managing System Files 108
Copying Files via FTP/ TFTP or HTTP 108
Saving the Running Configuration to a Local File 110
Setting the Start-up File 111
Showing System Files 112
Automatic Operation Code Upgrade 113
Setting the System Clock 117
Setting the Time Manually 117
Setting the SNTP Polling Interval 118
Configuring NTP 119
Contents
– 7 –
Configuring Time Servers 120
Setting the Time Zone 123
Configuring Summer Time 124
Configuring the Console Port 126
Configuring Telnet Settings 128
Displaying CPU Utilization 130
Configuring CPU Guard 131
Displaying Memory Utilization 132
Resetting the System 133
5 Interface Configuration 137
Port Configuration 138
Configuring by Port List 138
Configuring by Port Range 140
Displaying Connection Status 141
Showing Port or Trunk Statistics 142
Displaying Statistical History 146
Displaying Transceiver Data 150
Configuring Transceiver Thresholds 151
Trunk Configuration 153
Configuring a Static Trunk 155
Configuring a Dynamic Trunk 157
Displaying LACP Port Counters 163
Displaying LACP Settings and Status for the Local Side 164
Displaying LACP Settings and Status for the Remote Side 166
Configuring Load Balancing 167
Saving Power 169
Configuring Local Port Mirroring 171
Configuring Remote Port Mirroring 172
Traffic Segmentation 177
Enabling Traffic Segmentation 177
Configuring Uplink and Downlink Ports 178
6 VLAN Configuration 181
IEEE 802.1Q VLANs 181
Configuring VLAN Groups 184
Contents
– 8 –
Adding Static Members to VLANs 186
Protocol VLANs 190
Configuring Protocol VLAN Groups 191
Mapping Protocol Groups to Interfaces 192
Configuring MAC-based VLANs 194
7 Address Table Settings 197
Configuring MAC Address Learning 197
Setting Static Addresses 199
Changing the Aging Time 201
Displaying the Dynamic Address Table 201
Clearing the Dynamic Address Table 203
Issuing MAC Address Traps 204
8 Spanning Tree Algorithm 206
Overview 206
Configuring Loopback Detection 208
Configuring Global Settings for STA 210
Displaying Global Settings for STA 215
Configuring Interface Settings for STA 216
Displaying Interface Settings for STA 221
Configuring Multiple Spanning Trees 224
Configuring Interface Settings for MSTP 228
9 Congestion Control 230
Rate Limiting 230
Storm Control 231
10 Class of Service 233
Layer 2 Queue Settings 233
Setting the Default Priority for Interfaces 233
Selecting the Queue Mode 234
Layer 3/4 Priority Settings 237
Setting Priority Processing to DSCP or CoS 238
Mapping Ingress DSCP Values to Internal DSCP Values 239
Mapping CoS Priorities to Internal DSCP Values 241
Contents
– 9 –
11 Quality of Service 244
Overview 244
Configuring a Class Map 245
Creating QoS Policies 249
Attaching a Policy Map to a Port 253
12 VoIP Traffic Configuration 255
Overview 255
Configuring VoIP Traffic 256
Configuring Telephony OUI 257
Configuring VoIP Traffic Ports 258
13 Security Measures 261
AAA (Authentication, Authorization and Accounting) 262
Configuring Local/Remote Logon Authentication 263
Configuring Remote Logon Authentication Servers 264
Configuring AAA Accounting 269
Configuring AAA Authorization 275
Configuring User Accounts 279
Network Access (MAC Address Authentication) 281
Configuring Global Settings for Network Access 283
Configuring Network Access for Ports 284
Configuring a MAC Address Filter 286
Displaying Secure MAC Address Information 287
Configuring HTTPS 289
Configuring Global Settings for HTTPS 289
Replacing the Default Secure-site Certificate 290
Configuring the Secure Shell 292
Configuring the SSH Server 294
Generating the Host Key Pair 296
Importing User Public Keys 297
Access Control Lists 299
Showing TCAM Utilization 300
Setting the ACL Name and Type 302
Configuring a Standard IPv4 ACL 304
Configuring an Extended IPv4 ACL 305
Contents
– 10 –
Configuring a Standard IPv6 ACL 307
Configuring an Extended IPv6 ACL 309
Configuring a MAC ACL 311
Configuring an ARP ACL 313
Binding a Port to an Access Control List 315
Showing ACL Hardware Counters 316
ARP Inspection 317
Configuring Global Settings for ARP Inspection 318
Configuring VLAN Settings for ARP Inspection 320
Configuring Interface Settings for ARP Inspection 322
Displaying ARP Inspection Statistics 323
Displaying the ARP Inspection Log 324
Filtering IP Addresses for Management Access 325
Configuring Port Security 327
Configuring 802.1X Port Authentication 329
Configuring 802.1X Global Settings 331
Configuring Port Authenticator Settings for 802.1X 332
Displaying 802.1X Statistics 336
DHCP Snooping 337
DHCP Snooping Global Configuration 340
DHCP Snooping VLAN Configuration 341
Configuring Ports for DHCP Snooping 342
Displaying DHCP Snooping Binding Information 344
DoS Protection 345
IPv4 Source Guard 346
Configuring Ports for IPv4 Source Guard 346
Configuring Static Bindings for IPv4 Source Guard 349
Displaying Information for Dynamic IPv4 Source Guard Bindings 351
14 Basic Administration Protocols 353
Configuring Event Logging 354
System Log Configuration 354
Remote Log Configuration 356
Sending Simple Mail Transfer Protocol Alerts 357
Contents
– 11 –
Link Layer Discovery Protocol 359
Setting LLDP Timing Attributes 359
Configuring LLDP Interface Attributes 361
Configuring LLDP Interface Civic-Address 365
Displaying LLDP Local Device Information 367
Displaying LLDP Remote Device Information 371
Displaying Device Statistics 379
Simple Network Management Protocol 381
Configuring Global Settings for SNMP 383
Setting the Local Engine ID 384
Specifying a Remote Engine ID 385
Setting SNMPv3 Views 387
Configuring SNMPv3 Groups 389
Setting Community Access Strings 396
Configuring Local SNMPv3 Users 397
Configuring Remote SNMPv3 Users 399
Specifying Trap Managers 402
Creating SNMP Notification Logs 406
Showing SNMP Statistics 408
Remote Monitoring 410
Configuring RMON Alarms 411
Configuring RMON Events 413
Configuring RMON History Samples 415
Configuring RMON Statistical Samples 418
Setting a Time Range 421
LBD Configuration 423
Configuring Global Settings for LBD 424
Configuring Interface Settings for LBD 426
15 Multicast Filtering 427
Overview 427
Layer 2 IGMP (Snooping and Query for IPv4) 428
Configuring IGMP Snooping and Query Parameters 430
Specifying Static Interfaces for a Multicast Router 434
Assigning Interfaces to Multicast Services 436
Contents
– 12 –
Setting IGMP Snooping Status per Interface 438
Filtering IGMP Query Packets and Multicast Data 444
Displaying Multicast Groups Discovered by IGMP Snooping 445
Displaying IGMP Snooping Statistics 446
Filtering and Throttling IGMP Groups 450
Enabling IGMP Filtering and Throttling 450
Configuring IGMP Filter Profiles 451
Configuring IGMP Filtering and Throttling for Interfaces 453
MLD Snooping (Snooping and Query for IPv4) 455
Configuring MLD Snooping and Query Parameters 455
Setting Immediate Leave Status for MLD Snooping per Interface 457
Specifying Static Interfaces for an IPv6 Multicast Router 458
Assigning Interfaces to IPv6 Multicast Services 460
Showing MLD Snooping Groups and Source List 462
16 IP Tools 464
Using the Ping Function 464
Using the Trace Route Function 465
Address Resolution Protocol 467
Displaying Dynamic or Local ARP Entries 468
17 IP Services 469
Domain Name Service 469
Configuring General DNS Service Parameters 469
Configuring a List of Domain Names 470
Configuring a List of Name Servers 472
Configuring Static DNS Host to Address Entries 473
Displaying the DNS Cache 474
Dynamic Host Configuration Protocol 475
Specifying a DHCP Client Identifier 476
Configuring DHCP Relay Service 477
Enabling DHCP Dynamic Provision 481
18 IP Configuration 483
Setting the Switch’s IP Address (IP Version 4) 483
Configuring the IPv4 Default Gateway 483
Contents
– 13 –
Configuring IPv4 Interface Settings 484
Setting the Switch’s IP Address (IP Version 6) 487
Configuring the IPv6 Default Gateway 488
Configuring IPv6 Interface Settings 489
Configuring an IPv6 Address 493
Showing IPv6 Addresses 496
Showing the IPv6 Neighbor Cache 497
Showing IPv6 Statistics 498
Showing the MTU for Responding Destinations 504
Section III Command Line Interface 505
19 Using the Command Line Interface 507
Accessing the CLI 507
Console Connection 507
Telnet Connection 508
Entering Commands 509
Keywords and Arguments 509
Minimum Abbreviation 509
Command Completion 509
Getting Help on Commands 510
Partial Keyword Lookup 511
Negating the Effect of Commands 512
Using Command History 512
Understanding Command Modes 512
Exec Commands 512
Configuration Commands 513
Command Line Processing 515
Showing Status Information 515
CLI Command Groups 516
20 General Commands 518
prompt 518
reload (Global Configuration) 519
enable 520
Contents
– 14 –
quit 521
show history 521
configure 522
disable 523
reload (Privileged Exec) 523
show reload 524
end 524
exit 524
21 System Management Commands 526
Device Designation 526
hostname 527
System Status 527
show access-list tcam-utilization 528
show memory 529
show process cpu 530
show process cpu guard 530
show process cpu task 531
show running-config 533
show startup-config 534
show system 535
show tech-support 536
show users 537
show version 537
show watchdog 538
watchdog software 538
Frame Size 539
jumbo frame 539
File Management 540
General Commands 541
boot system 541
copy 542
delete 545
dir 546
whichboot 547
Contents
– 15 –
Automatic Code Upgrade Commands 547
upgrade opcode auto 547
upgrade opcode path 549
upgrade opcode reload 550
show upgrade 550
TFTP Configuration Commands 550
ip tftp retry 550
ip tftp timeout 551
show ip tftp 551
Line 552
line 553
databits 554
exec-timeout 554
login 555
parity 556
password 557
password-thresh 557
silent-time 558
speed 559
stopbits 559
timeout login response 560
disconnect 561
terminal 561
show line 562
Event Logging 563
logging command 563
logging facility 564
logging history 564
logging host 565
logging on 566
logging trap 567
clear log 567
show log 568
show logging 569
Contents
– 16 –
SMTP Alerts 570
logging sendmail 571
logging sendmail destination-email 571
logging sendmail host 572
logging sendmail level 572
logging sendmail source-email 573
show logging sendmail 574
Time 574
SNTP Commands 575
sntp client 575
sntp poll 576
sntp server 576
show sntp 577
NTP Commands 578
ntp authenticate 578
ntp authentication-key 578
ntp client 579
ntp server 580
show ntp 581
Manual Configuration Commands 581
clock summer-time (date) 581
clock summer-time (predefined) 583
clock summer-time (recurring) 584
clock timezone 585
calendar set 586
show calendar 587
Time Range 587
time-range 587
absolute 588
periodic 589
show time-range 590
22 SNMP Commands 591
General SNMP Commands 593
snmp-server 593
Contents
– 17 –
snmp-server community 593
snmp-server contact 594
snmp-server location 595
show snmp 595
SNMP Target Host Commands 596
snmp-server enable traps 596
snmp-server host 597
snmp-server enable port-traps link-up-down 599
snmp-server enable port-traps mac-notification 600
show snmp-server enable port-traps 600
SNMPv3 Commands 601
snmp-server engine-id 601
snmp-server group 602
snmp-server user 603
snmp-server view 605
show snmp engine-id 606
show snmp group 607
show snmp user 608
show snmp view 609
Notification Log Commands 609
nlm 609
snmp-server notify-filter 610
show nlm oper-status 612
show snmp notify-filter 612
Additional Trap Commands 612
memory 612
process cpu 613
process cpu guard 614
23 Remote Monitoring Commands 616
rmon alarm 617
rmon event 618
rmon collection history 619
rmon collection rmon1 620
show rmon alarms 621
Contents
– 18 –
show rmon events 621
show rmon history 622
show rmon statistics 622
24 Authentication Commands 623
User Accounts and Privilege Levels 624
enable password 624
username 625
privilege 627
show privilege 627
Authentication Sequence 628
authentication enable 628
authentication login 629
RADIUS Client 630
radius-server acct-port 630
radius-server auth-port 631
radius-server host 631
radius-server key 632
radius-server retransmit 633
radius-server timeout 633
show radius-server 634
TACACS+ Client 634
tacacs-server host 635
tacacs-server key 635
tacacs-server port 636
tacacs-server retransmit 636
tacacs-server timeout 637
show tacacs-server 637
AAA 638
aaa accounting commands 639
aaa accounting dot1x 640
aaa accounting exec 641
aaa accounting update 642
aaa authorization commands 642
aaa authorization exec 643
Contents
– 19 –
aaa group server 644
server 645
accounting dot1x 645
accounting commands 646
accounting exec 646
authorization commands 647
authorization exec 648
show accounting 648
show authorization 649
Web Server 650
ip http authentication 651
ip http port 651
ip http server 652
ip http secure-port 652
ip http secure-server 653
Telnet Server 654
ip telnet max-sessions 655
ip telnet port 655
ip telnet server 656
telnet (client) 656
show ip telnet 657
Secure Shell 657
ip ssh authentication-retries 660
ip ssh server 660
ip ssh server-key size 661
ip ssh timeout 662
delete public-key 662
ip ssh crypto host-key generate 663
ip ssh crypto zeroize 664
ip ssh save host-key 664
show ip ssh 665
show public-key 665
show ssh 666
Contents
– 20 –
802.1X Port Authentication 666
General Commands 667
dot1x default 667
dot1x system-auth-control 668
Authenticator Commands 668
dot1x intrusion-action 668
dot1x max-reauth-req 669
dot1x max-req 670
dot1x operation-mode 670
dot1x port-control 671
dot1x re-authentication 672
dot1x timeout quiet-period 672
dot1x timeout re-authperiod 673
dot1x timeout supp-timeout 673
dot1x timeout tx-period 674
dot1x re-authenticate 674
Supplicant Commands 675
dot1x identity profile 675
dot1x max-start 676
dot1x pae supplicant 676
dot1x timeout auth-period 677
dot1x timeout held-period 677
dot1x timeout start-period 678
Information Display Commands 678
show dot1x 678
Management IP Filter 681
management 681
show management 682
25 General Security Measures 684
Port Security 685
mac-learning 685
port security 686
show port security 688
/