NETGEAR XS712T-100NES Bedienungsanleitung

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310

Zur Seite of

Richtige Gebrauchsanleitung

Die Vorschriften verpflichten den Verkäufer zur Übertragung der Gebrauchsanleitung NETGEAR XS712T-100NES an den Erwerber, zusammen mit der Ware. Eine fehlende Anleitung oder falsche Informationen, die dem Verbraucher übertragen werden, bilden eine Grundlage für eine Reklamation aufgrund Unstimmigkeit des Geräts mit dem Vertrag. Rechtsmäßig lässt man das Anfügen einer Gebrauchsanleitung in anderer Form als Papierform zu, was letztens sehr oft genutzt wird, indem man eine grafische oder elektronische Anleitung von NETGEAR XS712T-100NES, sowie Anleitungsvideos für Nutzer beifügt. Die Bedingung ist, dass ihre Form leserlich und verständlich ist.

Was ist eine Gebrauchsanleitung?

Das Wort kommt vom lateinischen „instructio”, d.h. ordnen. Demnach kann man in der Anleitung NETGEAR XS712T-100NES die Beschreibung der Etappen der Vorgehensweisen finden. Das Ziel der Anleitung ist die Belehrung, Vereinfachung des Starts, der Nutzung des Geräts oder auch der Ausführung bestimmter Tätigkeiten. Die Anleitung ist eine Sammlung von Informationen über ein Gegenstand/eine Dienstleistung, ein Hinweis.

Leider widmen nicht viele Nutzer ihre Zeit der Gebrauchsanleitung NETGEAR XS712T-100NES. Eine gute Gebrauchsanleitung erlaubt nicht nur eine Reihe zusätzlicher Funktionen des gekauften Geräts kennenzulernen, sondern hilft dabei viele Fehler zu vermeiden.

Was sollte also eine ideale Gebrauchsanleitung beinhalten?

Die Gebrauchsanleitung NETGEAR XS712T-100NES sollte vor allem folgendes enthalten:
- Informationen über technische Daten des Geräts NETGEAR XS712T-100NES
- Den Namen des Produzenten und das Produktionsjahr des Geräts NETGEAR XS712T-100NES
- Grundsätze der Bedienung, Regulierung und Wartung des Geräts NETGEAR XS712T-100NES
- Sicherheitszeichen und Zertifikate, die die Übereinstimmung mit entsprechenden Normen bestätigen

Warum lesen wir keine Gebrauchsanleitungen?

Der Grund dafür ist die fehlende Zeit und die Sicherheit, was die bestimmten Funktionen der gekauften Geräte angeht. Leider ist das Anschließen und Starten von NETGEAR XS712T-100NES zu wenig. Eine Anleitung beinhaltet eine Reihe von Hinweisen bezüglich bestimmter Funktionen, Sicherheitsgrundsätze, Wartungsarten (sogar das, welche Mittel man benutzen sollte), eventueller Fehler von NETGEAR XS712T-100NES und Lösungsarten für Probleme, die während der Nutzung auftreten könnten. Immerhin kann man in der Gebrauchsanleitung die Kontaktnummer zum Service NETGEAR finden, wenn die vorgeschlagenen Lösungen nicht wirksam sind. Aktuell erfreuen sich Anleitungen in Form von interessanten Animationen oder Videoanleitungen an Popularität, die den Nutzer besser ansprechen als eine Broschüre. Diese Art von Anleitung gibt garantiert, dass der Nutzer sich das ganze Video anschaut, ohne die spezifizierten und komplizierten technischen Beschreibungen von NETGEAR XS712T-100NES zu überspringen, wie es bei der Papierform passiert.

Warum sollte man Gebrauchsanleitungen lesen?

In der Gebrauchsanleitung finden wir vor allem die Antwort über den Bau sowie die Möglichkeiten des Geräts NETGEAR XS712T-100NES, über die Nutzung bestimmter Accessoires und eine Reihe von Informationen, die erlauben, jegliche Funktionen und Bequemlichkeiten zu nutzen.

Nach dem gelungenen Kauf des Geräts, sollte man einige Zeit für das Kennenlernen jedes Teils der Anleitung von NETGEAR XS712T-100NES widmen. Aktuell sind sie genau vorbereitet oder übersetzt, damit sie nicht nur verständlich für die Nutzer sind, aber auch ihre grundliegende Hilfs-Informations-Funktion erfüllen.

Inhaltsverzeichnis der Gebrauchsanleitungen

  • Seite 1

    350 East Plumeria Drive San Jose, CA 95134 USA March 2013 202-1 1254-02 v2.0 XS712T Smart S w it c h Sof t ware Ad mi ni st r a tion M anu al[...]

  • Seite 2

    2 XS712T Smart Switch ® NETGEAR, Inc. All rights reserved No part of this publication may be re produced, transmitted, tran scribed, stored in a retrie val system, or translated into any langu age in any form or by any me ans without the written permission of NETGEAR, Inc. Te c h n i c a l S u p p o r t Thank you for choosing NETGEAR. T o register[...]

  • Seite 3

    T able of Contents | 3 Content s Chapter 1 Getting Started Getting Started with the XS712T Smart Switch . . . . . . . . . . . . . . . . . . . . . . 7 Connect the Switch to the Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 Discover a Switch in a Networ k with a DHCP Server . . . . . . . . . . . . . . . . . 9 Discover a Swit[...]

  • Seite 4

    4 XS712T Smart Switch Protocol Based VLAN Group Configuration . . . . . . . . . . . . . . . . . . . . . . 90 Protocol Based VLAN Group Membe rship . . . . . . . . . . . . . . . . . . . . . . . 91 Auto-VoIP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93 Configure Protocol-Based Auto VoIP Settin gs . . [...]

  • Seite 5

    5 XS712T Smart Switch Chapter 6 Managing Device Security Management Security Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 171 Change Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 171 Authentication List Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18[...]

  • Seite 6

    6 XS712T Smart Switch Download . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 263 TFTP File Download . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 63 HTTP File Download . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 265 File Management [...]

  • Seite 7

    7 1 1. Gettin g S tarted This manual describes how to configure and op erate the XS712T Smart Switch by using the web-based graphical user interface (GUI). The manual describes the softwar e configuration procedures and explains the options available within those procedures. Note: For information about issues a nd workarounds, see the release notes[...]

  • Seite 8

    8 XS712T Smart Switch Switch Management Interface The NETGEAR XS712T Smart Switch cont ain an embedded web server and managemen t software for ma naging and monitoring switch functions. The XS712 T functions as a simple switch without the management sof tware. However , you can use the management sof tware to configure more advanced features that c[...]

  • Seite 9

    9 XS712T Smart Switch host (administrative system) in the 192.16 8.0.0/24 network and change the settings by using the web ma nagement interface on the switch. For information ab out how to set the IP address on the administ rative system so it is in the same subnet as the default IP address of the switch, see Configure the Network Settings on the [...]

  • Seite 10

    10 XS712T Smart Switch 6. Make a note of the displayed IP address assigned by the DHCP server . Y ou will need this value to access the switch directly fro m a web browser (without using the Smart Control Center). 7. Select your switch by clicking the line that displays the switch, then click the Web Browser Access butt on. The Smart Control Center[...]

  • Seite 11

    11 XS712T Smart Switch 6. Select the switch, then click Configure Device . The screen exp ands to display additional fields at the botto m. 7. Select the Disabled radio butt on to disa ble DHCP . 8. Ente r the static switch IP address, gateway IP address, and subnet mask for t he switch, and then type your password. Tip: Y ou must enter the current[...]

  • Seite 12

    12 XS712T Smart Switch Configure the Network Settings on the Administrative System If you choose not to use the Smart Control Center to con figure the network information on the switch, you can connect directly to the switch from a n administrative system, such as a computer or laptop. The I P address of the adm inistrative system must be in the sa[...]

  • Seite 13

    13 XS712T Smart Switch 3. In the Local Area Connection S tatus window , click Properties . The Local Area Connection Properties window displays. 4. Select the Internet Protocol V ers ion 4 (TCP/IPv4) option, and then click Properties . The Internet Protocol V ersion 4 (T CP/IPv4) Propert ies window displays.[...]

  • Seite 14

    14 XS712T Smart Switch 5. Select Use the foll owing IP address and set the IP address of t he administrative system to an address in the 192.168.0.0 network, such as 192.168.0. 200. The IP address must be dif ferent from that of the switch but within th e same subnet. W ARNING: When you change the IP address of your administrative system, you lose [...]

  • Seite 15

    15 XS712T Smart Switch Access the Management Interface from a W eb Browser Y ou must be able to pin g the IP address of the switch web man agement interface from your administrative system for web access to be avai lable . If you used the Smart Control Ce nter to set up the IP address and sub net mask, either with or wit hout a DHCP server , use th[...]

  • Seite 16

    16 XS712T Smart Switch  T o access the management interface form the Smart Control Center: 1. Open a web browser . 2. Enter th e IP address of the switch in the address field of the browser . Understand the User Interfaces The XS712T Smart Switch software inclu des a set of comprehensive management functions for configuring and monitoring the sy[...]

  • Seite 17

    Links Configuration st atus and op tions Help Navigation t ab Configuration me nus Logout button pa ge Help link 17 XS712T Smart Switch Figure 1. Smart Swit ch Web Int erface Navigation T abs, Configuration Menus, and Links The navigation t abs along the top of the web interf ace give you quick access to the various switch functions. The ta bs are [...]

  • Seite 18

    Link Submenu Links 18 XS712T Smart Switch Figure 2. Menu hiera rchy Configuration and Status Options The area directly under the configura tion menus and to the right of the links displays the configuration information or st atus for the screen you select. On screens that contain configuration options, you can input informatio n into fields or sele[...]

  • Seite 19

    19 XS712T Smart Switch Device View The Device Vie w is a Java applet that displa ys the ports on the switch. This graphic provides an alternate way to n avigate to configuration and monito ring options. The graphic also provides information about device port s, current configura tion and status, t able information, and feature component s. The Devi[...]

  • Seite 20

    20 XS712T Smart Switch Click the port you want to view or configure to see a menu that displays sta tistics and configuration options. Select the menu option to access the screen that cont ains the configuration or monitoring op tions. If you click the graphic, but do not click a specific port, the main menu displays, as the following figure shows.[...]

  • Seite 21

    21 XS712T Smart Switch User - Defined F ields User-defined fields can cont ain 1 to 159 charac ters, unless otherwise noted in the field label on the configuration screen. All alphanumeric and specia l characters can be used except fo r the following (unless specifically noted for that feature): T able 2. Disa llowed characte rs in user-defined fie[...]

  • Seite 22

    22 XS712T Smart Switch  T o configure authentication and encryption settings for the SNMPv3 admin pro file by using the web interface: 1. Select System  SNMP  SNMPv3  User Configuration . The User Configuration screen displays. The SNMPv3 Access Mode is a read-only field that shows the access privileges for th e user account. The admin [...]

  • Seite 23

    23 XS712T Smart Switch Interface Naming Convention The switch support s physical and logical interfac es. Interfaces are identified by their type and the interface number . All the physical port s are as follows: • Port s 1–10 . Copper port s that operate at 100MB, 1G , or 10G . • Port s 1 1–12 . Combo port s that can act as 100M/1G/10G cop[...]

  • Seite 24

    24 XS712T Smart Switch Online Help The Help main navigation ta b of the web management interface p rovides access to the menus that are described in the following sections: • Support • User Guide Support The Support screen provides access to the NETGEAR support websit e at support.netgear .com .  T o access the support website from the web m[...]

  • Seite 25

    25 XS712T Smart Switch Re gi s t ra t i on To qualify for product updates an d product warranty, NETGEAR encourages you to register your product. The first time that you connect to th e switch while it is con nected to the Internet, you have the option to register your product. At any time, you can register your product from the web management inte[...]

  • Seite 26

    26 2 2. Co nfigu r e S y st em In forma tio n Use the features you access from the S ys te m navi gation t ab to define the switch’ s relationship to its enviro nment. The S ys te m naviga tion tab provides access to th e configuration menus described in the following sectio ns: • Management • SNMP • LLDP • Services—DHCP Snooping Manage[...]

  • Seite 27

    27 XS712T Smart Switch System Information After a successful login, the Sy stem Informatio n screen displays. Use this screen to configure and view general device information.  T o define a system name, location, and cont act: 1. Select System  Manag ement  System Info rmation . The System Information screen displays. 2. Define the foll[...]

  • Seite 28

    28 XS712T Smart Switch The following t able describes the statu s informat ion the System Information screen d isplays. T able 4. System Information screen status fields Field Description Product Name The product name that describes the switch. Serial Number The serial number of the switch. System Object ID The base object ID for the switch's [...]

  • Seite 29

    29 XS712T Smart Switch IP Configuration Use the IP Configuration screen to confi gure network information for the management interface, which is the logical interface used for in-ban d connectivity with the switch through any of the switch's front-p anel port s. The configuration parameters asso ciated with the switch’s network in terface do[...]

  • Seite 30

    30 XS712T Smart Switch 4. S pecify the VLAN ID for the management VLAN. Note: Make sure that the VLAN to be configured as the manag ement VLAN exists. And ma ke sure that the PVID of at least one port that is a port of the VLAN is the sa me as the management VLAN ID. For information about creating VLANs and con figuring the PVID for a port, see VLA[...]

  • Seite 31

    31 XS712T Smart Switch IPv6 Network Configuration Use the IPv6 Network Configuration screen to c onfigure the IPv6 network interface, wh ich is the logical interface used for in-band co nnectivity with the switch through all of the switch's front-panel port s . The configuration p arameters associated with the switch's network interface d[...]

  • Seite 32

    32 XS712T Smart Switch information from a DHCPv6 server . Selecting None disables t he DHCPv6 client on the network interface. When DHCPv6 is enabled, the DHCPv6 Client DUID field displays the client identifier used by the DHCPv6 client (if enabled) when sending messages to the DHCPv6 server . 4. In the IPv6 Gateway field, specify the default gatew[...]

  • Seite 33

    33 XS712T Smart Switch Time The switch support s the Simple Network T ime Protocol (SNTP). Y ou can also set the system time manually SNTP assures accurate network device clock time synchroniza tion up to the millisecond. T ime synchronization is performed by a network SNTP server . The switch software operates only as an SNTP client and cannot p r[...]

  • Seite 34

    34 XS712T Smart Switch Time Configuration Use the T ime Configuration screen to view and adjust date and time settings.  T o manually configure the time: 1. Select System  Manag ement  Time  Time Configuration . The T ime Configuration screen displays. 2. Next to the Clock Source field, select Local. 3. In the Date field, enter the date[...]

  • Seite 35

    35 XS712T Smart Switch 3. Next to the Client Mode field, select Unicast or Broadcast: • Unic ast . SNTP operates in a point- to-point fashion. A unicast client sends a request to a designated server at its unicast addre ss and expects a reply from which it can determine the time and, optionally the rou nd-trip delay and local clock of fset relati[...]

  • Seite 36

    36 XS712T Smart Switch • Time Zone Nam e . The acronym that represent s the time zone. This field is no t validated against an of ficial list of time zone acro nyms. • Hours Offset . The number of hours the syst em clock is offset from UTC, which is also known as Greenwich Mean T ime (GMT). • Minutes Offset . The number of minutes the system [...]

  • Seite 37

    37 XS712T Smart Switch Click Refresh to refresh the screen with the most current dat a from the switch. SNTP Server Configuration Use the SNTP Server Configuration screen to view and modify information for adding and modifying Simple Network T ime Protocol SNTP servers.  T o configure a new SNTP server: 1. Select System  Manag ement  Time [...]

  • Seite 38

    38 XS712T Smart Switch 5. Under the Priority field, specify the order in which to query the servers. The SNTP client on the device continues sending SNTP request s to different servers until a successful response is received or all serv ers are exhausted. Th e request is sent to an SNTP server with a priority value of 1 first, t hen to a server wit[...]

  • Seite 39

    39 XS712T Smart Switch Click Refresh to refresh the screen with the most current dat a from the switch. Summer Time Configuration Use the Summer T ime Configuration screen to co nfigure set tings for summer time, which is also known as daylight saving time. Used in some countries around the world, summe r time is the practice of temporarily advanci[...]

  • Seite 40

    40 XS712T Smart Switch 2. Next to the Summer T ime field, select one of the following options: • Recurring . Summer time occurs at the same time every year . The start and end time s and dates for the time shift must be manually configured. • Recurring EU . The system clock uses the st andard recurring summer time settings used in countries in [...]

  • Seite 41

    41 XS712T Smart Switch 2. Next to the Auto-DoS Mode field, select Enable. When an att ack is detected, a warning message is logged to the buffe red log and is sent t o the Syslog server . At the same time, the port is shut down and ca n be enabled only manually by the admin user . 3. Click App ly . Configure Denial of Service The D en ial o f S e r[...]

  • Seite 42

    42 XS712T Smart Switch • Denial of Service Min TCP Header Size : S pecify the minimum TCP header size allowed. If DoS TCP Fragme nt is enabled, the switch will drop p acket s that have a TCP header smaller than the configured value. • Denial of Service ICMPv 4 : Enabling ICMPv4 DoS p revention causes the switch to drop ICMPv4 packet s that have[...]

  • Seite 43

    43 XS712T Smart Switch 3. Click Apply .[...]

  • Seite 44

    44 XS712T Smart Switch DNS Y ou can use these screens to configure inform atio n about DNS servers the network uses and how the switch operates as a DNS client. Configure DNS Use this screen to configure globa l DNS settings and DNS server information.  T o configure the global DNS settings: 1. Select System  Management  DNS  DNS Config[...]

  • Seite 45

    45 XS712T Smart Switch Configure and View Hostname -to -IP Address Information Use this screen to manually map host name s to IP addresses or to view dynamic DNS mappings.  T o add a sta tic entry to the local DNS t able: 1. Select Sy stem  Managemen t  DNS  Host Configuration . 2. The DNS Host Conf iguration screen displays. 3. Under t[...]

  • Seite 46

    46 XS712T Smart Switch Green Ethernet The Green Ethernet feature can help reduce the amount of power the switch uses. The switch supports Energy Efficient Ethernet (EEE).  T o configure the administrative mode of Energy Efficient Ethernet: 1. Select System  Management  Green Ethernet  Green Ethernet Configuration . The Green Ethernet Co[...]

  • Seite 47

    47 XS712T Smart Switch 2. Select the port(s) to co nfigure. • T o configure a single port, select the chec k box associated with it, or type the port number in the Go T o Interface field and click Go . • T o configure multiple ports with t he same settings, select the check box associated with each port to configure. • T o configure all ports[...]

  • Seite 48

    48 XS712T Smart Switch 2. From the Interface list, select the interface to configure. 3. Enable or disable the a dministrative mode of EEE on the port: When this mode is enabled and the send and receive sides of a link are lightly loaded, the port can tra nsition to low power mode. 4. Click Apply . The Local Device Information table displays info r[...]

  • Seite 49

    49 XS712T Smart Switch Green Ethernet Summary This screen summarizes the Green Ethernet Summary setting s currently in use. T o access this screen, select System  Management  Green Ethe rnet  Green Ethernet Summa ry . A screen similar to the following displays. Tx Low Power Idle Duration (uSec) The amount of time (in 10 micro second increm[...]

  • Seite 50

    50 XS712T Smart Switch Figure 4. Green Ether net summary scr een The following t able describes the informat ion t he power saving table displays. T able 10. Green Ethe rne t power saving information Field Description Current Power Consumption The power consumption (in mWatts) of the all the ports on the switch Estimated Percentage Power Savi ng Th[...]

  • Seite 51

    51 XS712T Smart Switch The following ta ble describes the information in the Green Ethernet fe ature support table. The following ta ble describes the information in the Green Ethernet interfa ce table. Click Refresh to refresh the screen with the most current dat a from the switch. View and Configure Green Ethernet LPI History Use this screen to c[...]

  • Seite 52

    52 XS712T Smart Switch This configuration is applied on all int erfaces on the switch. 4. Click Apply . T o view per-interface LPI history information, se lect the int erface with the information to view from the Interface list. The screen refreshes and displays the LPI history for the selected interface. The following t able describes the st atu s[...]

  • Seite 53

    53 XS712T Smart Switch SNMP This section describes how t o configure the Simple Network Management Protocol (SNMP) version 1 and SNMP version 2 information on t he switch. For information about configuring the SNMPv3 administrative profile, see Use SNMPv3 on p age 21 . SNMPV1/V2 The screens under the SNMPV1/V2 link allo w you to configure SNMPv1/v2[...]

  • Seite 54

    54 XS712T Smart Switch access from only one station, use a Management S tation IP Mask value of 255.255.255.255, and use that machin e’s IP address for Client Address. 4. Next to Community S tring, specify a community name. 5. From the Access Mode list, select the access level for this community , which is either Read/Write or Read Only . 6. From[...]

  • Seite 55

    55 XS712T Smart Switch T rap Configuration Use this screen to configure settings for each SNMPv1 or SNMPv2 management host that will receive notifications about trap s generated by the device. The SNMP management host is also known as the SNMP trap re ceiver .  T o add an SNMP trap receiver: 1. Select System  SNMP  SNMP V1/V2  T rap Con[...]

  • Seite 56

    56 XS712T Smart Switch T rap Flags Use the T rap Flags screen to enable or disable traps the switch ca n send to an SNMP manager . When the condition identified by an acti ve trap is encountered by the switch, a trap message is sent to any enable d SNMP T rap Receivers, and a message is written to the trap log.  T o configure the trap flags: 1. [...]

  • Seite 57

    57 XS712T Smart Switch LLDP The IEEE 802.1AB-defined standard, Link Layer Di scovery Protocol (LLDP), allows stations on an 802 LAN to advertise major capabilities and physical descriptions. This information is viewed by a network manager to iden tify sy stem topology and detect bad configurations on the LAN. From the LLDP configuratio n menu, you [...]

  • Seite 58

    58 XS712T Smart Switch LLDP Configuration Use the LLDP Configuration screen to specif y the global L LDP and LLDP-MED pa rameters that are applied to the switch.  T o configure global LLDP settings: 1. Select System > LL DP > Basic > LLDP Configuration . The LLDP Configuration screen displays. 2. Optionally , config ure non-default valu[...]

  • Seite 59

    59 XS712T Smart Switch LLDP P ort Settings Use the LLDP Port Settings screen to specify per-interface LLDP setting s.  T o configure LLDP port settings: 1. Select System  LLD P  Advanced  LLDP Port Settings . The LLDP Port Settings screen displays. 2. Select the port(s) to co nfigure. • T o configure a single port, select the chec k b[...]

  • Seite 60

    60 XS712T Smart Switch • Notification : When notifications are enabled, LLDP interact s with the T rap Manager to notify subscribers of remote data change statistics. The default is Disab led. • Optional TL V(s) : Enable or disable the tran smission of optional type-length value (TL V) information from the interface. The TL V information includ[...]

  • Seite 61

    T able 14. LLDP-MED ne t wo rk po l icy information Field Descrip tion Network Policy Number The policy number . Applic ation The media application type associated with the policy , which can be one of the following: • Unknown •V o i c e • Guest V oice • Guest V oi ce Signaling • Softphone V oice • Video Conferencing • S treaming Vide[...]

  • Seite 62

    62 XS712T Smart Switch 3. Use the lists to enable or disable the following LLDP-MED settings for the selected port: • LLDP-MED S t atus . The administrative status of LLDP-MED on th e interface. When LLDP-MED is enabled, the transmit and re ce ive function of LLDP is ef fectively enabled on the interface. • Notification . When enabled, the port[...]

  • Seite 63

    63 XS712T Smart Switch Note: The list includes only the interfaces on which LLDP is enable d. If no interfaces are enabled for LLDP , the Interface list does not display . The following tab le describes the LLDP devic e information and port summary information. Field Description Chassis ID Subtype The type of information used to iden tify the switc[...]

  • Seite 64

    64 XS712T Smart Switch 3. T o view additional details about a port, click the name of the port in the Interface column of the Port Information t able. A popup window displays in formation for the selected port. The following t able describes the detailed loca l information that displays for the selected port. Field Description Managed Address Addre[...]

  • Seite 65

    65 XS712T Smart Switch Neighbors Information Use the LLDP Neighbors Informa tion screen to view the dat a that a specified interface has received from other LLDP-en abled systems.  T o view LLDP information received from a neighbor device: 1. Select System  Advanced  LLDP  Neighbor Information . The Neighbors Information screen disp lay[...]

  • Seite 66

    66 XS712T Smart Switch The following t able describes the information t hat displays for all LL DP neighbors that have been discovered. Field Description MSAP Entry The Media Service Access Point (M SAP) entry number for the remote device. Local Port The interface on the local system that recei ved LLDP information from a remote system. Chassis ID [...]

  • Seite 67

    67 XS712T Smart Switch The following ta ble describes the information transmitted b y the neighbor . Field Descrip tion Port Det ails Local Port The interface on the local system that received LLDP information from a remote system. MSAP Entry The Media Service Access Poin t (MSAP) entry number for the remote device. Basic Details Chassis ID Subtype[...]

  • Seite 68

    68 XS712T Smart Switch MED Details Capabilities Supported The supported capabilities that were received in MED T L V from the device. Current Capabilities The advertised cap abilities that we re received in MED TL V from the device. Device Class Displays the LLDP-MED endpoint device class. The possible device classes are: • Endpoint Class 1 Indic[...]

  • Seite 69

    69 XS712T Smart Switch Services—DHCP Snooping DHCP Snooping is a useful feature that prov ides security by filtering untrusted DHCP messages and by building and maint a ining a DHCP snooping binding table. An untru sted message is a message that is received from out side the network or firewall and that can cause traffic att acks within your netw[...]

  • Seite 70

    70 XS712T Smart Switch Global Configuration Use this screen to view and co nfigure the global settings for DHCP Snooping.  T o configure DHCP snooping global settings: 1. Select System   Services  DHCP Snooping  Global Configuration . The DHCP Snooping Global Configuration screen displays. 2. Next to DHCP Snooping Mode field enable t[...]

  • Seite 71

    71 XS712T Smart Switch Interface Configuration Use the DHCP Snooping Interface Con figuration screen to view and conf igure each port as a trusted or untrusted port. Any DHCP responses received on a trusted port are forwarded. If a port is configured as untrusted, any DHCP (or BootP) responses received on that po rt are discarded.  T o configure[...]

  • Seite 72

    72 XS712T Smart Switch • T o configure a group of interfaces, select the check boxes for the individual interfaces that you want to configure. • T o configure all interfaces, select the check box at th e left in the t able heading. 4. From the T rust Mode list, select the desired trust mode. • Disabled . The interface is considered to be untr[...]

  • Seite 73

    73 XS712T Smart Switch Binding Configuration Use this screen to view , add, and remove st atic bindings in the DHCP snooping bindings database and t o view or clear the dyna mic bindings in the bind ings table.  T o configure st atic DHCP bindings: 1. Select System   Services  DHCP Snoopi ng  Binding Configuration . 2. The DHCP Snoop[...]

  • Seite 74

    74 XS712T Smart Switch P ersistent Configuration Use this screen to configure the persisten t location of the DHCP snooping bindings dat abase. The bindings database ca n be stored locally on the device or on a remote system somewhere else in the network. The device must be able to reach the IP address of the remote system to send bindings to a rem[...]

  • Seite 75

    75 XS712T Smart Switch Statistics Use this screen to view and clear per-interfa ce statistics about the DHCP messages filtered by the DHCP snooping feature on untrusted interfaces.  T o view and clear the DHCP snooping st atistics: 1. Select System   Servi ces  DHCP Snooping  S tatistics . The DHCP Snooping S tatistics screen display[...]

  • Seite 76

    76 XS712T Smart Switch Client Ifc Mismatch The number of packets that were dro pped by DHCP snooping because th e interface and VLAN on which the packet was received does no t match the client's interface and VLAN information stored in the bin ding dat abase. DHCP Server Msgs Received The number of DHCP server messages ((DHCPOFFER, DHCP ACK, D[...]

  • Seite 77

    77 3 3. Lay e r 2 S witch i ng Con f ig urat ion Use the features you access from the Switching t ab to define Layer 2 features. The Switching tab cont ains links to the features describ ed in the following sections. • Ports • Link Aggregation Group s • VLANs • Auto-V oIP Configuration • Spanning T ree Protocol • Multicast • Forwardin[...]

  • Seite 78

    78 XS712T Smart Switch 2. Select whether to configure physical interfaces, link aggregation groups (LAGs), or both by clicking one of the following links above the table heading: • 1 . Only physical interfa ces are displayed. This is the default setting . • LAGS . Only link a ggregation group s are displayed. • All . Both p hysical interfaces[...]

  • Seite 79

    79 XS712T Smart Switch port’ s maximum capability (full d uplex and 10 Gbps) will be advertised. Otherwise, your selection will determine the p ort’s duplex mod e and transmission rate. The factory default is Auto. • Phy sical S t atus . Indicates the physical port’ s speed and duplex mode • L ink S t atus . Indicates whether the Link is [...]

  • Seite 80

    80 XS712T Smart Switch Link Aggregation Groups Link aggregation group s (LAGs), which are also known as port channels, allow you to combine multiple full-duplex Ethernet links into a single log ical link. Network devices treat the aggregation as if it were a single link, which increases fault tolerance and provides loa d sharing. Y ou assign the LA[...]

  • Seite 81

    81 XS712T Smart Switch Note: Click current members in the list to see existing member ports in that LAG. • LA G Name . S pecify the name you want assigned to the LAG . Y ou can enter any string of up to 15 alphanume ric characters . A valid name has to be specified in order to create the LAG • Description . S pecify the Description string to be[...]

  • Seite 82

    82 XS712T Smart Switch 3. In the LAG Name field, enter the name you want assigned to the LAG . Y ou can enter any string of up to 15 alph anumeric cha racters. A valid name has to be specified to create the LAG . 4. Click th e unit name in the orange bar to display the ports. 5. Click the box below each port to include in the LAG . 6. Click Apply .[...]

  • Seite 83

    83 XS712T Smart Switch LA CP P ort Configuration The LACP port configuration screen is used to c o nf ig ur e th e LA C P pr io rit y va lue fo r t he selected port and the administrative LACP Timeout value.  T o configure LACP port priority settings: 1. Select Switch ing   LAG  Advanced  LACP Port Configuration . 2. Select the port([...]

  • Seite 84

    84 XS712T Smart Switch VLANs Adding Virt ual LAN (VLAN) support to a Layer 2 switch of fers some of the benefits of both bridging and routing. Like a bridge, a VLAN switch forwards traffic based on the Layer 2 header , which is fast, and like a router , it partit ions the network into logical segments, which provides better administration, securi t[...]

  • Seite 85

    85 XS712T Smart Switch Basic VLAN Configuration Use the VLAN Configuration scre en to define VLAN group s stored in the VLAN membership table. The XS712T support s up to 256 VLANs. VLAN 1, VLAN 2, and VLAN 3 are created by default, and all port s are unt agged members.  T o configure VLANs: 1. Select Switch ing   VLA N  Basic  VLAN C[...]

  • Seite 86

    86 XS712T Smart Switch VLAN Membership Configuration Use this screen to configure VLAN Port Membership fo r a particular VLAN. Y ou can select the Group operation through this screen.  T o configure VLAN membership for specific port s and LAGs: 1. Select Sw itching   VLAN  Advanced  VLAN Membership . 2. From the VLAN ID field, select[...]

  • Seite 87

    87 XS712T Smart Switch VLAN Status This VLAN S tatus screen displays the st atus of all currently configured VLANs.  T o view the current VLAN st atus: 1. Select Switch ing   VLA N  Advanced  VLAN St atus . 2. View the following VLAN status information: • VLAN ID . The VLAN Identifier (VID) of the VLAN. The range of the VLAN ID is [...]

  • Seite 88

    88 XS712T Smart Switch  T o configure PVID information: 1. Select Switching   VLAN  Advanced  Port PVID Configuration . 2. T o configure PVID settings for a physical port, en ter the interface and click Go to select that particular interface. 3. Select the interfaces for which you want to configure the PVID settings: • T o configur[...]

  • Seite 89

    89 XS712T Smart Switch • Enable . A tagged frame is discard ed if this interface is not a member of th e VLAN identified by the VLAN ID in the t ag. In an unt agged frame, the VLAN is the Port VLAN ID specified for the port that received this frame. • Dis able . all frames are forwarded in accord a nce with the 802.1Q VLAN bridge specification.[...]

  • Seite 90

    90 XS712T Smart Switch P rotocol Based VLAN Group Configuration Protocol-based VLAN can be used to define filter ing criteria for untagged p ackets. By default, if you do not configure any port- (IEEE 802.1Q) or protocol based VLANs, untagged p ackets will be assigned to VLAN 1. Y ou can override this behavior by defining either port-based VLANs or[...]

  • Seite 91

    91 XS712T Smart Switch  T o modify protocol based VLAN information: 1. Select the check box next to the protocol-b ased VLAN to update. 2. S pecify the desired value in the available fields. 3. Click App ly .  T o delete a protocol based VLAN group: 1. Select th e check box next to each protocol-based VLAN to remove. 2. Click Dele te . P roto[...]

  • Seite 92

    92 XS712T Smart Switch Vo i c e V L A N The V oice VLAN feature enables p orts to carry voice traf fic that has a defined priority . V oice over IP (V oIP) traf fic is inherently time-sensit ive. For a network to provide accept able service, the transmission rate is vit al. The priority level enables the sep aration of voice and data traf fic enter[...]

  • Seite 93

    93 XS712T Smart Switch 4. From the Interface Mode list, select one of the following options to determine how an IP phone connected to the selected port should send voice traffic: • VLAN ID . Forward voice traf fic in the specified voice VLAN. • Dot1p . T ag voice traffic with the specified 802.1p priority value. • None . Use the settings conf[...]

  • Seite 94

    94 XS712T Smart Switch 2. In the Prioritization T ype list, select method used to p rioritize V oIP traffic when a call-control protocol is detected, which is one of the following: • Remark . Remark the voice traf fic with the specified 802.1p priority value at the ingress interface. • T raffic Class . Assign V oIP traff ic to the specified tra[...]

  • Seite 95

    95 XS712T Smart Switch OUI Based P roperties The OUI based properties screen a llows you to configure the OUI based p roperties.  T o configure OUI based properties: 1. Select Switch ing   Auto-V oIP  OUI-based  Properties . 2. In the V oIP VLAN ID list, select the VLAN to use to segregate V oIP traffic from other non-voice traffic. [...]

  • Seite 96

    96 XS712T Smart Switch 2. Select the interface(s) to configure. 3. In the Auto V oIP Mode list, select Enable to enable Auto V oIP on the selecte d interfaces. The Operational S tatus field displays th e current operational st atus of the interface. 4. Click Apply . OUI T able Device hardware manufacturers can include an OUI in a network adapter to[...]

  • Seite 97

    97 XS712T Smart Switch Y ou can select an existing OUI or add a new OUI and description to identify the IP phones on the network.  T o configure OUI settings: 1. Select Switch ing   Auto-V oIP  OUI-based  OUI T able . 2. Under T elephony OUI(s), specify the VOIP OUI prefix. The OUI prefix must be in th e format AA:BB:CC. 3. Unde r De[...]

  • Seite 98

    98 XS712T Smart Switch Spanning T ree Protocol The S panning T ree Protocol (STP) provides a tree topology for a ny arrangement of bridges. STP also provides one p ath between end st ations on a network, eliminating loop s. S panning tree versions supported include Commo n STP , Multiple STP , and Rapid STP . Classic STP provides a single p ath bet[...]

  • Seite 99

    99 XS712T Smart Switch STP Configuration The STP Configuration screen cont ains fields for enabling STP on the switch.  T o configure STP settings on the switch: 1. Select Switch ing  STP  Basic  STP Configuration . 2. From the S panning T ree S tate field, specify whether to enable or disable S panning T ree operation on the switch. 3.[...]

  • Seite 100

    100 XS712T Smart Switch 6. Click Apply . 7. V iew the STP S tatus information displayed o n the screen. Field Description Configuration Digest Key This is used to identify the co nfigura tion currently bein g used. Bridge Identifier The bridge identifi er for the CST . It is made up using the bridg e priority and the base MAC address of the bridge.[...]

  • Seite 101

    101 XS712T Smart Switch CST Configuration Use the CST Configuration screen t o configure Common S panning T ree (CST) and Internal S panning T ree on the switch.  T o configure CST settings: 1. Select Switch ing  STP  Advanced  CST Configuration . 2. S pecify values fo r CST in the appropriate fields: • Bridge Priority . When sw[...]

  • Seite 102

    102 XS712T Smart Switch 3. Click Apply . 4. V iew the MSTP st atus information displayed on the S panning T ree CST Configuration screen. Field Description MST ID T able consisting of the MST instances (including the CST) and the correspo nding VLAN IDs associated with each of them. VID T able consisting of the VLAN IDs and the correspond ing FID a[...]

  • Seite 103

    103 XS712T Smart Switch 4. Select the check box next to the port or LAG to configure. Y ou can select multiple ports and LAGs to apply the same set ting to the selected interfaces. Select the check box in the heading row to apply the same settings to all interfaces. 5. Configure the CST values for the selected port(s) or LAG(s): • STP St atus . E[...]

  • Seite 104

    104 XS712T Smart Switch CST P ort Status Use the CST Port S tatus screen to disp lay Common S panning T ree (CST) and Internal S panning T ree on a specific port on the switch.  T o display the CST port st atus for a specific port: 1. Select Sw itching  STP  Advanced  CST Port St atus . The following t able describes the CST S tatus inf[...]

  • Seite 105

    105 XS712T Smart Switch Click Refresh to update the information on the scre en with the most current dat a. R apid STP Use the Rapid STP screen to view informa tion about Rapid S panning T ree (RSTP) port status.  T o display the RSTP port st atus for a specific port: 1. Select Switch ing  STP  Advanced  RSTP . T o pology Change Acknowl[...]

  • Seite 106

    106 XS712T Smart Switch The following t able describes t he Rapid STP S tatus information d isplayed on the screen. Field Description Interface The physical or port channel interfa c es associated with VLANs associated with the CST . Role Each MST Bridge Port that is ena bled is assigned a Port Role for each spanning tree. The port role will be one[...]

  • Seite 107

    Field Descrip tion Bridge Identifie r The bridge id entifier for the selected MST instance. It is made up using the b ridge priority and the base MAC address of th e bridge. T ime Since T o pology Change Displays the total amount of time si nce the topology of the se lected MST instance last changed. The time is displayed in hour/minute/second form[...]

  • Seite 108

    108 XS712T Smart Switch 3. Select the interfaces for which yo u want to configure the CoS settings: • T o configure MST settings for a Link Aggregation Group (LAG), click LAGS . • T o configure M ST settings for both physical ports and LAGs, click ALL . 4. Select the check box next to the port or LAG to configure. Y ou can select multiple port [...]

  • Seite 109

    109 XS712T Smart Switch 8. Click Refresh to u pdate the screen with the latest MST information. STP Statistics Use the STP S tatistics scree n to view information about the number and type of b ridge protocol data units (BPDUs) transmitted and received on each port.  T o display the STP St atistics for a specific port: 1. Select Switch ing  S[...]

  • Seite 110

    11 0 XS712T Smart Switch The following t able describes the informati on available on t he STP S tatistics screen. Field Description Interface Select a physical or port channel interface to view its statistics. STP BPDUs Received Number of STP BPDUs received at the selected port. STP BPDUs T ransmitted Number of STP BPDUs transmitted from the selec[...]

  • Seite 111

    111 XS712T Smart Switch Multicast Multicast IP traf fic is traffic th at is destined to a h ost group. Host group s for IPv4 multicast are identified by class D addresses, which range from 224.0.0.0 to 2 39.255.255.255. Host groups fo r IPv6 multicast are identifie d by the prefix f f00::/8. The Multicast menu cont ains links described in t he foll[...]

  • Seite 112

    11 2 XS712T Smart Switch responsibility for accepting or dropping the packet s belongs to the hosts. If a multicast packet is received and there a re ports registered to receive it, the packet is sent on ly to the registered port s. • Forwa rd All . All mu lticast packet s received from a VLAN are flood ed to all ports in t he VLAN, regardless of[...]

  • Seite 113

    11 3 XS712T Smart Switch • T ype . This displays the type of the entry . S tatic e ntries are those that are configure d by the end user . Dynamic entries are added to the table as a result of a learning process or protocol. • Description . Th e text description of this multicast t able entry . Possible values are Management Configured, Network[...]

  • Seite 114

    11 4 XS712T Smart Switch Auto - Video Use this screen to configure the Auto-V ideo parameters.  T o configure Auto-Video: 1. Select Sw itching   Multicast  Auto-Video . 2. Select one of the following radio buttons: • Select the Disab le radio button to g lobally disable Auto-V ideo administrative mode for the switch. • Select the En[...]

  • Seite 115

    11 5 XS712T Smart Switch problem of wa sting bandwid th is even worse when the LAN segment is not shared, for example in full-duplex links. Allowing switches to snoop IGMP packet s is a cre ative ef fort to solve this problem. The switch uses the information in th e IGMP pa cket s as they are being forwarded thro ughout the network to determine whi[...]

  • Seite 116

    11 6 XS712T Smart Switch The following t able displays information abo ut the globa l IGMP snooping status and statistics on the scre en. Field Description Multicast Control Frame Co unt Displays the number of multicast control frames that have been processed by the CPU . Interfaces Enabled for IGMP Sno oping Lists the interfaces cu rrently enabled[...]

  • Seite 117

    11 7 XS712T Smart Switch 3. Select the interfaces for which you want to configure the CoS settings: • T o configure IGMP Snooping settings f or a Link Aggregation Group (LAG), click LAGS . • T o co nf ig ur e IGMP Snooping se tt in gs for bo th ph ys ic al por ts and LAGs, click ALL . 4. Select th e check box next to the port or LAG to configur[...]

  • Seite 118

    11 8 XS712T Smart Switch 3. View the information associated with the IGMP snooping table entry . The following t able describes the information in the IGMP snoo ping table. Field Description MAC Address A multicast MAC address for whic h the switch has fo rwarding and/or filtering information. The fo rmat is 6 two-digit hexadecimal numbers that are[...]

  • Seite 119

    11 9 XS712T Smart Switch port but were still interested in receiving mu lticast t raffic directed to that group . Also, fast-leave processing is supported on ly with IGMP ve rsion 2 host s. • Host Time out . Sets the value fo r group membership interval of IGMP snooping for the specified VLAN ID. T he valid range is (Maximum Response T ime + 1) t[...]

  • Seite 120

    120 XS712T Smart Switch 2. Select each interface to configure. 3. Use the Multicast Router menu to enable or disable Multicast Router on the selected interfaces. 4. Click Apply . Multicast Router VLAN Configuration Use this screen to configure the interface to on ly forward the snooped IGMP p ackets that come from VLAN ID to the multicast router at[...]

  • Seite 121

    121 XS712T Smart Switch 2. Select the Interface for which you want Multicast Router to be enabled or to be disabled. 3. Ent er the VLAN ID for which the Multicast Router Mode is to be Enab led or Disabled. 4. Enable the VLAN ID for the multicast router . 5. Click App ly . IGMP Snooping Querier IGMP snooping requir es that one central switch or rout[...]

  • Seite 122

    122 XS712T Smart Switch 2. From the Querier Admin Mod e field, enable or disable the administrative mode for IGMP Snooping Querier . 3. S pecify the IP address to be used as sour ce address in periodic IGMP queries om the Snooping Querier Address field. This address is used when no address is conf igured o n the VLAN on which the query is being sen[...]

  • Seite 123

    123 XS712T Smart Switch 2. Select New Entry from the VLAN ID field and complete the following fields: • VLAN ID . S pecifies the VLAN ID for which the IGMP Sn ooping Querier is to be enabled. • Querier Elec tion Particip ate Mode . Enable or disa ble Querier Participate Mode . - Disable . Upon seein g anot her querier of the same version in the[...]

  • Seite 124

    T able 17. IGMP snoopin g querier VLAN st atus Field Description VLAN ID S pecifies the VLAN ID on whic h the IGMP Snooping Querier is administratively ena bled and for which VLAN exists in the VLAN database. Operational S tate S pecifie s the operatio n al state of the IGMP Snooping Querier on a VLAN: • Qu erier : The snooping switch is the quer[...]

  • Seite 125

    125 XS712T Smart Switch MLD Snooping Configuration In IPv4, Layer 2 switches can use IGMP Snoop ing to limit the flooding of multicast traf fic by dynamically configuring Layer 2 in terfaces so that multicast traf fic is forwarded to only those interfaces associated with IP multicast addres s. In IPv6, MLD snoop ing performs a similar function. Wit[...]

  • Seite 126

    126 XS712T Smart Switch 2. T o configure MLD settings for a physica l port, enter the interface and click Go to select that particular interface. 3. Select the interfaces for which yo u want to configure the CoS settings: • T o configure MLD settings for a Link Aggregation Group (LAG), click LAGS . • T o configure M LD settings for both physica[...]

  • Seite 127

    127 XS712T Smart Switch Enter a value greater or equal to 1 and less than the Group Membership Interva l in seconds. The default is 10 seconds. The co nfigured value must be less than the Group Membership Interval. 8. Use the Present Exp iration T ime field to specify the amount of time you want the switch to wait to receive a query on an interface[...]

  • Seite 128

    128 XS712T Smart Switch 8. Under Multicast Router Expiry T ime, specify t he number of seconds the VLAN should wait to receive a query before it is removed from the list of VLANs with multicast routers attached. 9. Click Add .  T o disable MLD snooping on a VLAN: 1. Select the check box next to each VLAN on which MLD snooping should be disabled.[...]

  • Seite 129

    129 XS712T Smart Switch • T o configure Multicast Router settings for a Link Aggregation Group (LAG), click LAGS . • T o configure M ul ti ca st Ro ut e r settings for both physica l ports and LAGs, click ALL . 4. Use the Multicast Router field to enable or disable Multicast Router on the selected interface. 5. Click App ly . Multicast Router V[...]

  • Seite 130

    130 XS712T Smart Switch 2. From the Querier Admin Mod e field, enable or disable the administrative mode for MLD Snooping Querier . 3. In the Querier Address field, specify the Snooping Querier Address to be used as source address in periodic MLD queries. This address is used when no a ddress is co nfigu red on the VLAN on which query is being sent[...]

  • Seite 131

    131 XS712T Smart Switch 2. Under VLAN ID, specify the VLAN ID for which the ML D Snooping Querier is to be enabled. 3. From the Querie r Election Participate Mode list, select the mode: • Dis abled . Upon seeing anothe r querier of the same version in the VLAN, the snooping querier moves to the n on-querier state. • Enabled . Th e snooping quer[...]

  • Seite 132

    132 XS712T Smart Switch  T o remove an MLD snooping querier configuration: 1. Select the check box next to each entry to remove. 2. Click Delete . Forwarding Database The forwarding dat abase maintains a list of MAC a ddresses after having rece ived a packet from this MAC address. The transp arent bridgi ng function uses the forwarding dat abase[...]

  • Seite 133

    133 XS712T Smart Switch • Interface . Select Interface from the me nu, enter the interface ID in g1, g2... fo rmat, then, click Go . If any entries learned o n that interface exist, they are displayed. 3. Click Clea r to clear Dynamic MAC Addresses in the t able. 4. Click Refresh to redisplay the screen to show the latest MAC Addresses. The follo[...]

  • Seite 134

    134 XS712T Smart Switch Note: IEEE 802.1D recommends a default of 30 0 seconds, which is the factory default. 3. Click Apply . Address T able The MAC Address T able cont ains information about unicast entries for wh ich the switch has forwarding and filtering information. This info rmatio n is used by the transp arent bridging function in determini[...]

  • Seite 135

    135 XS712T Smart Switch • Interface . Select Interface from the me nu, enter the interface ID in g1, g2... fo rmat, then, click Go . If any entries learned o n that interface exist, they are displayed. 3. Click Clea r to clear Dynamic MAC Addresses in the t able. 4. Click Refresh to redisplay the screen to show the latest MAC Addresses. The follo[...]

  • Seite 136

    136 XS712T Smart Switch  T o delete a stati c MAC address: 1. Select the check box next to each entry to remove. 2. Click Delete .[...]

  • Seite 137

    137 4 4. Con f igu r i ng R o uti ng The XS712T Smart Switch support s IP routing. Use the menus under the Routing t ab to manage routing on the system. When a packe t enters the switch, the destinati on MAC address is checked to see if it matches any of the configured rout ing interfaces. If it d oes, then the switch searches the host table for a [...]

  • Seite 138

    138 XS712T Smart Switch IP Configuration Use the IP Configuration screen to conf igure routing p arameters for the switch.  T o enable routing on the switch: 1. Select Routing  IP > IP Configuration . 2. Next to Routing Mode, select Enable . Y ou must enable routing for the switch before you can route through any of t he interfaces. Routin[...]

  • Seite 139

    139 XS712T Smart Switch Figure 5. IP st atistics screen The following ta ble describes the IP st atistics information displayed on the screen. T able 18. IP routing statistics Field Descrip tion IpInReceives The total number o f input datagrams received from interfaces, including th ose recei ved in error . IpInHdrErrors The number of input datagra[...]

  • Seite 140

    140 XS712T Smart Switch IpForwDat agram s The number of input datagrams for which this entity was not their final IP destination, as a result of which an attempt was made to find a route to forward them to that final destination. In entities which do not act as IP Gateways, this coun ter includes only those packets which were Source-Routed via this[...]

  • Seite 141

    141 XS712T Smart Switch IpFragFails The nu mber of IP dat agrams that have been discarded because they needed to b e fragmented at this enti ty but could not be, e.g., because their Don't Fragment flag was set. IpFragCreates T he number of IP dat agram frag ments that have be en generated as a result of fragment ation at this en tity . IpRouti[...]

  • Seite 142

    142 XS712T Smart Switch Configure VLAN R outing Y ou can configure XS712T Smart Switch soft ware with some ports supporting VLANs and some supporting routing. Y ou can also configure the sof tware to allow traffic on a VLAN to be treated as if the VLAN were a rou ter port. When a port is enabled for bridging (de fault) ra ther than routing, all nor[...]

  • Seite 143

    143 XS712T Smart Switch • Create a LAG , add selected port s to a LAG , then add LAG to the ne wly created VLAN. • Ena ble tag ging on selected port s if the port is in another VLAN. Disable t agging if a selected port does not exist in another VLAN. • Exclude po rts not selected from the VLAN. • Ena ble routing on the VLAN using the IP add[...]

  • Seite 144

    144 XS712T Smart Switch VLAN R outing Configuration Use the VLAN Routing Configuration screen to view information about the VLAN routin g interfaces configured on the system o r to assign an IP address and subnet mask to VLANs on the system.  T o configure V ALN routing: 1. Select Routing  VLAN > VLAN Routing . 2. In the VLAN list, select [...]

  • Seite 145

    145 XS712T Smart Switch Configure R outer Discovery The Router Discovery protocol is used by hosts t o identify operational route rs on the subnet. Router Discovery messages are of two types: Ro uter Advertisements and Router Solicitation s. The protocol mandates that every router periodically advertise the IP Addresses it is associated with. Hosts[...]

  • Seite 146

    146 XS712T Smart Switch 8. S pecify the preference leve l of the router as a default router relative to other ro uters on the same subnet. Higher numbered addresses are preferred. Y ou must enter an integer . The value must be in t he range of (-2147483648 to 2147483647). Default value is 0. 9. Click Apply . Configure and View R outes From the Rout[...]

  • Seite 147

    147 XS712T Smart Switch The preference is an integer value from 1 to 255. Y ou can specify the preference value (sometimes called administrative dist ance of an individual st atic route. For more information, see the Preference description in T able 19 . 7. Ente r a description for this route. This is the description of this route tha t id e ntifie[...]

  • Seite 148

    148 XS712T Smart Switch Configure ARP The address resolution protocol (ARP) associat es a layer 2 MAC address with a layer 3 IPv4 address. XS712T Smart Switch sof tware features both dynamic and manual ARP configuration. With manu al ARP configuration, you can statically ad d entries into the ARP table. ARP is a necessary part of the Internet proto[...]

  • Seite 149

    149 XS712T Smart Switch The following ta ble provides information included in the managemen t VLAN ARP section. T able 20. ARP cache info rm ation Field Descrip tion IP Address Displays the associated IP address of a device on a subnet attached to o ne of the switch's existing routing interfaces. Port Shows the associated inte rface of the con[...]

  • Seite 150

    150 XS712T Smart Switch  T o add an entry to the ARP t able: 1. Select Routing  ARP > Advanced  ARP Create . 2. Under IP Address, specify the IP address to add. It must be the IP address of a device on a subnet attached to one of the switch's existing routing in terfaces. 3. Under MAC Address, specify the unicast MAC address of the[...]

  • Seite 151

    151 XS712T Smart Switch Y ou must enter a valid integer , which represent s the number of seconds the switch will wait for a response to an ARP request. The range for this field is 1 to 10 second s. The default value for Response T ime is 10 second. 4. Enter an integer which specifies the maximum number of times an ARP request will be retried. The [...]

  • Seite 152

    152 XS712T Smart Switch R emove an ARP Entry F rom the ARP Cache Use this screen to remove cert ain entries from the ARP T able.  T o remove entries from the ARP t able: 1. sel ect Routing  ARP > Advanced  ARP Entry Management . 2. Select the type of ARP entry to be removed from the Remove From T able drop down menu. The choices listed [...]

  • Seite 153

    153 5 5. Co nf i gur ing Qu alit y o f Ser v ice Use the features you access from the QoS tab to configure Quality of Service (QoS) settings on the switch. The QoS tab cont ains links described in the following sections. • Class of Service • Differentiated Services In a typical switch, ea ch physical port consists of one or more queues for tran[...]

  • Seite 154

    154 XS712T Smart Switch From the Advanced link, the Class of service menu under the QoS t ab, you can access the following screens: • Basic CoS Configuration • CoS Interface Configuration • Interface Queue Configuration • 802.1p to Queue Mapping • DSCP to Queue Mappin g Basic CoS Configuration Use the T rust Mode Configuration screen to s[...]

  • Seite 155

    155 XS712T Smart Switch Global T rust Mode can be one of the following: • Untrusted . Do not trust any CoS p acket marking at ingress. • 8 02.1p . The eight priority t ags that are specified in IEEE 802.1p are p0 to p7. The QoS setting lets you map e ach of the eight priority levels to one of seven interna l hardware priority queues. • DSCP .[...]

  • Seite 156

    156 XS712T Smart Switch 2. T o configure CoS settings for a specific interface, enter the interface and click Go to sele ct that particular interface. 3. Alternatively , select th e check box associated with each interface for which you want to configure the CoS settings: • T o configure CoS set tings for a Link Aggregation Group (LAG), click LAG[...]

  • Seite 157

    157 XS712T Smart Switch  T o configure CoS queue settings for an interface: 1. Select Qo S  CoS > Advanced  Interface Queue Configuration . 2. T o configure CoS queue settings for a physical port, enter the interface and click Go to select that particular interface. 3. Select th e interfaces for which you want to configure the interface[...]

  • Seite 158

    158 XS712T Smart Switch - Weighted . Weighted round robin associates a weight to each queue. T his is the default. - St r ict . Services traf fic with the highest priority on a queue first. - Queu e Management T ype . Displays the type of packet management used for all packet s, which is T aildrop. All packet s on a queue are safe until congestion [...]

  • Seite 159

    159 XS712T Smart Switch The values in each drop-do wn menu represent the traf fic class. The traf fic class is the hardware queue for a port. Higher traffic class values indicate a h igher queue position. Before traf fic in a lower queue is sent, it must wait for traf fic in higher queue s to be sent. 4. Click App ly . DSCP to Queue Mapping Use the[...]

  • Seite 160

    160 XS712T Smart Switch Differentiated Services The QoS feature contains Dif ferentiated Services (Dif fServ) support that allows traf fic to be classified into streams and give n certain QoS treatment in accordance with de fined per-hop behaviors. S tandard IP-based n etworks are designed to prov ide “best ef fort” dat a delivery service. “B[...]

  • Seite 161

    161 XS712T Smart Switch Diffserv Configuration Use the DiffServ Config uration screen to displa y Dif fServ General S tatus Group information, which includes the current administrative mode setting as well as t he current and maximum number of rows in each of the main DiffServ private MIB t ables.  T o configure the global DiffServ mode: 1. Sele[...]

  • Seite 162

    162 XS712T Smart Switch Class Configuration Use the Class Configuration screen to add a new Dif fServ class name, or to rename or delete an existing class. The screen also allows you to define the criteria to associate with a Diff Serv class. As packet s are received, these Dif fServ classes are used to prioritize p ackets. Y ou can have multiple m[...]

  • Seite 163

    163 XS712T Smart Switch 2. Define the criteria to a s sociate with a Dif fServ class: • Match Ev ery . This adds to the specified class definition a match condition whe reby all packet s are considered to belong to the class. • Refe rence Class . Select s a class to st art referencing for criteria. A specified class can reference at most one ot[...]

  • Seite 164

    164 XS712T Smart Switch • Protocol T ype . Requires a packet’ s layer 4 protocol to match the protocol yo u select. If you select Other , enter a protocol number in the field that displays. The valid range is 0–255. • Source IP Address . Requires a p acket’s source port IP address to match the address listed here. In the IP Addre ss field[...]

  • Seite 165

    165 XS712T Smart Switch IPv6 Class Configuration The IPv6 Class Configuration feature ex tends the existing QoS ACL and Dif fServ functionality by providing support for I Pv6 packet classification. An Ethernet IPv6 p acket is distinguished from an IPv4 p acket by its u niq ue Ethertype value, so all I Pv6 classifiers include the Ethertype field. An[...]

  • Seite 166

    166 XS712T Smart Switch  T o delete a class: 1. Select the check box next to the class name. 2. Click Delete . The same set of fields described for IPv6 AC L classification are also su pported as match criteria for Dif fServ classes. Prior to the introdu ction of IPv6 class rule fie lds, any layer 3 or layer 4 item was interpreted as a field in [...]

  • Seite 167

    167 XS712T Smart Switch  T o configure the policy attributes: 1. Click the name of the policy . The policy name is a h yperlink. The following fi gure shows the configuration fields for the policy . 2. Configure the policy attributes: • Ass ign Queue . Select this value from the drop-do wn list. This is an integer value in the range 0 to 7. ?[...]

  • Seite 168

    168 XS712T Smart Switch • Mark IP DSCP . This lists the keywords for the known DSCP values from which one can be selected. • Simple Policy . This lists the keywords for the known DSCP values from which one can be selected. 3. Color Conform Class . This field is visible only if you select Color Aware Color Mode on the Policing Attributes screen,[...]

  • Seite 169

    169 XS712T Smart Switch - Mark IP Precedence . These p acket s are marked by Di ffServ with the specified IP Precedence value before being p resented to the system forwarding element. This selection requires that the Ma rk IP Precedence value field be set. - Ma rk IP DSCP . These packet s are marked by Dif fServ with the specified DSCP value before[...]

  • Seite 170

    170 XS712T Smart Switch Y ou can select multiple port s and LAGs to apply the same setting to the selecte d interfaces. Select the check box in th e heading row to apply the same settings t o all interfaces. 5. From the Policy In Name list, select the policy to attach to the interface. 6. Click Apply .  T o remove a policy from an interfa ce: 1.[...]

  • Seite 171

    171 6 6. Man a gi n g D e v i c e S ec ur ity Use the features available from the Security t a b to configure management security se ttings for port, user , and server security . The Security tab cont ains links described in th e following sections. • Management Security Settings • Configure Management Access • Port Authentication • T raffi[...]

  • Seite 172

    172 XS712T Smart Switch 2. S pecify the current password in the Old Password field. The entered pa ssword will be displayed in a sterisks (*). Passwords are 1–20 alphanumeric characters in length an d are case sensitive. 3. Enter th e new password. It will not display as it is typed, and only aste risks (*) will show on the screen. Passwords are [...]

  • Seite 173

    173 XS712T Smart Switch RADIUS Configuration RADIUS servers provide additional security for networks. The RADIUS server maint ains a user data base, which contains per-user auth entication information. The switch p asses information to the configured RADI US server , which can authenticate a user name and password before authorizing use of the netw[...]

  • Seite 174

    174 XS712T Smart Switch 3. In the T imeout Duration field, specify the timeout value, in seconds, for request retransmissions. Consideration to maximum delay time should be given when configuring RADIUS maximum re transmit and RADIUS timeout. If mult iple RA DIUS servers are configured, the maximum retransmit value on each will run out before the n[...]

  • Seite 175

    175 XS712T Smart Switch  T o modify settings for a RADIUS server that is already configured on the s witch: 1. Select the check box next to the server IP addre ss. 2. Upda te the desired fields for the selected server . 3. Click App ly .  T o delete a configured RADIUS server: 1. Select the check box next to the IP address of th e server to r[...]

  • Seite 176

    176 XS712T Smart Switch Use the buttons at the bottom of the screen to perform the following actions: • Click Clea r Counters to clear the aut hentication server and RADIUS statistics to their default values. • Click Refresh to refre sh the screen with the most curre nt data from the switch. Ac co un ti ng S e rv er Configura tion Use the RADIU[...]

  • Seite 177

    177 XS712T Smart Switch The following ta ble describes RADIUS accounting se rver statistics availa ble on the screen. T able 25. RADIUS accounting serv er st atistics Field Descrip tion Accountin g Server Address Displays the IP address of the s upp orted RADIUS accounting server . Round T rip Time (secs) Displays the time interval, in hund red ths[...]

  • Seite 178

    178 XS712T Smart Switch Configuring T A CA CS+ T ACACS+ provides a centralized user management system, while still retaining consistency with RADIUS and other authentication processes. T ACACS+ provides the following services: • Authentica tion . Provides authentication duri ng login and via user na mes and user-defined passwords. • Authorizat [...]

  • Seite 179

    179 XS712T Smart Switch T ACACS+ Server Configuration Use the T ACACS+ Server Configuration screen to configure up to five T ACACS+ servers with which the switch can communicate.  T o configure T ACACS+ server: 1. Select Security  Management Secur ity > T ACACS+  Se r v e r Co nfiguration . 2. In the T ACACS Server field, specify the IP[...]

  • Seite 180

    180 XS712T Smart Switch Authentication List Configuration Use the Authentication List screen to configure the default login list . A login list specifies one or more authentication methods to validate switch or port access for the admin user . Note: Admin is the only user on the system and is a ssigned to a preconfigured list named defaultList, wh [...]

  • Seite 181

    181 XS712T Smart Switch 4. Use the menu in the 2 column to select the authentication method, if any , that should appear second in the selected authentication login list. This is the method that will be used if the first method times out. If you select a method t hat does not time out as th e second method, the third meth od will not be tried. This[...]

  • Seite 182

    182 XS712T Smart Switch • T ACACS+ . The u ser's ID and password will b e authenticated using the T ACACS+ server . If you select RADIUS or T ACACS+ as the first method and an error occurs during the authentication, the switch attempt s user authentication Method 2. • None . Th e authentication method is un specified. This option is only a[...]

  • Seite 183

    183 XS712T Smart Switch 4. Click Apply . Configure Management Access From the Access menu, you can co nfigure HTTP and Secure HTTP access to the XS7 12T management interface. Y ou can also configure Access Control Profiles and Access Rules. The Access tab cont ains links des crib ed in the following sections. • HTTP Configuration • Secure HTTP [...]

  • Seite 184

    184 XS712T Smart Switch 5. In the Maximum Number of HTTP Se ssions field, specify the maximum number of HTTP sessions that can exist at the same time. The value must be in the range of (0–4). The default value is 4. 6. Click Apply . Secure HTTP Configuration Secure HTTP enables the transmission of HTTP over an e ncrypted Secure Socket s Layer (SS[...]

  • Seite 185

    185 XS712T Smart Switch After the session is inactive for the configured amount of time, the administrator is automatically logged out and must re-enter t he p assword to access the management interface. A value of zero corresponds to an infinite timeout. The valid range is 1—60 minutes. The default value is 5 minutes. 7. In the HT TPS Session Ha[...]

  • Seite 186

    186 XS712T Smart Switch Certificate Download For the Web server on the switch to accept HTTPS connections from a mana gement station, the Web serve r needs a public key certificate. Y ou can generate a certificate externally (for example, of f-line) and download it to the switch. Before you download a file to the switch, the followin g conditions m[...]

  • Seite 187

    187 XS712T Smart Switch Y ou can enter up to 32 characters. 7. Select the S tart File T ransfer check box. 8. Click Apply to start the transfer . A status message displays during the transfer and up on successful completion of the transfer .[...]

  • Seite 188

    188 XS712T Smart Switch Access Control Access control allows you to define a pr ofile configuration and set a ccess rules. A ccess P rofile C o nfiguration Use the Access Profile Configuration scr een to set up a security access profile .  T o configure an access profile: 1. Select Security > Access > Acces s Control  Access Profile Con[...]

  • Seite 189

    189 XS712T Smart Switch IP 10.10.10.10 is configured with priority 1 to permit, and Source IP 10.10.1 0.10 is configured with priority 2 to Deny , then access is permitted if the profile is active, a nd the second rule is ignore d. 4. Click App ly . Access Rule Configuration Use the Access Rule Configuration screen to add security access ru les. ?[...]

  • Seite 190

    190 XS712T Smart Switch P ort Authentication In port-based authentication mode, when 802. 1X is enabled globally and on the port, successful authentication o f any one supplicant att ached to the port result s in all users being able to use the port without restrictions. At a ny given time, only one supplicant is allowed to attempt authentication o[...]

  • Seite 191

    191 XS712T Smart Switch Note: If 802.1X is enabled, authentication is perfo rmed by a RADIUS server . This means the primary authentication method must be RADIUS. T o set the method, select Secu rity  Management Security  Authentication List and sele ct RADIUS as method 1 for defaultList. For more information, see Authen tication List Configu[...]

  • Seite 192

    192 XS712T Smart Switch 2. Select the check box next to the port to configure. Y ou can also select multiple check boxe s to apply the same settings to the select ports, o r select the check box in the heading row to ap ply the same settings to all ports . 3. Fo r one or more of the selected port, specify the following settings: • Port C ontrol .[...]

  • Seite 193

    193 XS712T Smart Switch - Auto . The system automatically detect s the mode of the interface. - Authorized . The system places the interface in to an authorized st ate without being authenticated. The interface sends and receives normal traf fic without client port-based authentication. - Unauthorized . The system denies the selected interface syst[...]

  • Seite 194

    194 XS712T Smart Switch • Max EAP Request s . This input field allows you to enter the maximum requests for the selected port. The maximum requests value is the maximum number of times the authenticator state machine on this port will retransmit an EAPOL EAP Request/Identity before timing out the supplicant. The maximum requ ests value must be in[...]

  • Seite 195

    195 XS712T Smart Switch P ort Summary Use the Port Summary screen to view inform ation about the port access control settings on a specific port.  T o access the port Summary screen: Select Security  Port Authentication  Advan ced  Port Summary . The Port Summary screen for the 802.1X feature displa ys. Authenticator P AE St ate The aut[...]

  • Seite 196

    196 XS712T Smart Switch The following t able describes the fi elds on the Port Summary screen. T able 27. IEEE 802.1X po rt summary information Field Description Port The port whose settings are displayed in the current table row . Control Mode Defines the port auth orization st ate. T he control mode is only set if the link status of the port is l[...]

  • Seite 197

    197 XS712T Smart Switch T raffic Control From the T raffic Control menu, you can configure MAC Filters, S torm Control, Port Security , and Protected Port settings. The T raffic Control f older contains li nks de scribed in the following sections. • MAC Filter: • MAC Filter Configuration • MAC Filter Summary • S torm Control • Port Securi[...]

  • Seite 198

    198 XS712T Smart Switch 2. Select Create Filter from the MAC Filter menu. If no filters have been config ured, this is the only option available. 3. From the VLAN ID menu, select the VLAN to use with the MAC address to fully identify packet s you want filtered. Y ou can change this field only when the Create Filter option is selected from the MAC F[...]

  • Seite 199

    199 XS712T Smart Switch MA C Filter Summary Use the MAC Filter Summary screen to view the MAC filters that are configured on the system.  T o display the MAC filter summary screen: Select Security  T raffic Control > MAC Filter  MAC Filter Summary . The MAC Filter Summary screen displays Figure 6. MAC filter summary screen The following[...]

  • Seite 200

    200 XS712T Smart Switch Storm Control A broadcast storm is the result of an excessive number o f broadcast messages simultaneously transmitt ed across a network by a single port. Forwarded messag e responses can overload network resources and/or cause the network to time out. The switch mea sures the incoming broadcast/mult icast/unknown unicast p [...]

  • Seite 201

    201 XS712T Smart Switch • Unknown Unicast . If the rate of unknown L2 unicast (destination lookup failure) traffic ing ressing on an interface increases beyond the configure d threshold, the traf fic will be dropped. • Multica st . If the rate of L2 multicast traf fic ingressing on an interface increa ses beyond the configured threshold, the tr[...]

  • Seite 202

    T able 29. Port se curity violation information Field Description Port Identifies the port where a violation occurred. Last Violation MAC Displays the source MAC address of th e last p acket that was discarded at a locked port. VLAN ID Displays the VLAN ID corresponding to the Last Violation MAC address. 202 XS712T Smart Switch The Port Security V [...]

  • Seite 203

    203 XS712T Smart Switch 2. T o configure port security settings for a Link Aggregation Group (LAG), click LAGS . 3. T o configure port security settings for both physical ports and LAGs, click ALL . 4. T o configure settings for a physical port, enter the port in unit/slot/ port format and click on the Go button. The entry corresponding to th e spe[...]

  • Seite 204

    204 XS712T Smart Switch Security MA C Address Use the Security MAC Address screen to c onve rt a dynamically learned MAC address to a statically locked address.  T o convert learned MAC addresses: 1. Select Security  T raffic Control > Port Security  Security MAC Address . 2. Select the Convert Dynamic Address to S tatic check box. 3. T[...]

  • Seite 205

    205 XS712T Smart Switch P rotected P orts Membership If a port is configured as p rotected, it does not forward traf fic to any other protected port on the switch, but it will forward traff ic to unprotected ports. Use the Protected Ports Membership screen to configure the port s as protected or unprotected.  T o configure protected port s: 1. S[...]

  • Seite 206

    206 XS712T Smart Switch 2. Use the Private VLAN T ype menu to select the type of private vlan. The fact ory default is Unconfigured. • Primary . A private VLAN that forwards the traffic from the promiscuous ports to isolated ports, community port s, and other promiscuous ports in the same private VLAN. Only one primary VLAN can be configured per [...]

  • Seite 207

    207 XS712T Smart Switch 4. Click Apply . T able 32. Private VLAN assoc ia tio n table information Field Description Isolated VLAN The VLAN ID of th e isolated VLAN associ ated with the primary VLAN. If the field is blank, no isolated VLAN has been asso ciated with the primar y VLAN. An isol ated VLAN is a secondary VLAN that carries tr affic from i[...]

  • Seite 208

    208 XS712T Smart Switch 3. Use the Port Vlan Mode menu to select the Switch Port Mode. The factory default is General. • Ge neral. The interface is in general mode and is not a member of a privat e VLAN. • Host. The interface belongs t o a secondary VLAN and, depending upo n the type of secondary VLAN, can either communicate with other ports in[...]

  • Seite 209

    209 XS712T Smart Switch • T o configure a single port, select the chec k box associated with it, or type the port number in the Go T o Interface field and click Go . • T o configure multiple ports with the same settings, select the check box associated with each port to configure. • T o configure all ports with the sa me settings, select the [...]

  • Seite 210

    210 XS712T Smart Switch P rivate VLAN P romiscuous Interface Configuration The private VLAN Promiscuous interface configur ation screen allows you to configure the primary and secondary Promiscuous VLAN IDs for the host association mode.  T o configure the private VLAN Promiscuous interface: 1. Select Security  T raffic Control  Private Vl[...]

  • Seite 211

    21 1 XS712T Smart Switch • Y ou can specify an individual VLAN ID. Example: 10. • Y o u can specify the VLAN range values separated by a '-'. Example, 10–13. • Y ou can specify a combination of both separated by ','. Example, 12,15,40–43,1000–1005,20 00. The range of the VLAN ID is 2–4093 . Note: The VLAN ID List g[...]

  • Seite 212

    212 XS712T Smart Switch Configuring Access Control Lists Access Control Lists (ACLs) ensure that on ly authorized users have access to spe cific resources while b locking of f any unwarranted a ttemp ts to reach network resource s. ACLs are used to provide traf fic flow control, restrict content s of routing upda tes, decide which types of traffic [...]

  • Seite 213

    213 XS712T Smart Switch AC L W i za r d ACL Wizard helps you to create a simple ACL and apply it to the selected ports easily and quickly . First, you can select an ACL type. Then, you can add an ACL rule to this ACL and a rule can be applied this ACL on the selected por t s. The ACL Wizard allows you only to create the ACL, but does not allow you [...]

  • Seite 214

    214 XS712T Smart Switch • ACL Based on Dest ination IPv6 L4 Port . Use this to create an ACL based on the destination IPv6 layer4 port number . • ACL Based on Source IPv6 L4 Port . Use this to create an ACL based on the source IPv6 layer4 port number . 3. In the Rule ID field, ente r a whole number in the range of (1 to 10) that will be used to[...]

  • Seite 215

    215 XS712T Smart Switch MA C A CL A MAC ACL consists of a set of rules wh ich are matched sequentially against a p acket. When a packet me ets the match criteria of a ru le, th e specified rule actio n (Permit/Deny) is taken and the additional rules are not checked for a match. There are multiple step s involved in defining a MAC ACL a nd applying [...]

  • Seite 216

    216 XS712T Smart Switch  T o delete a MAC ACL: 1. Select the check box next to the Name field. 2. Click Delete . MA C R ules Use the MAC Rules screen to define ru les for MAC-based ACLs. The access list definition includes rules that specify whether traf fic matching the criteria is forwarded normally or discarded. A default 'deny all'[...]

  • Seite 217

    217 XS712T Smart Switch • Destination MAC . Requires an Ethernet frame’ s destination port MAC address to match the address listed here. Enter a MAC address in this field. The valid format is xx:xx:xx:xx: xx:xx. • Destination MAC Mask . If desired, ente r the MAC Mask associated with the Destination MAC to match. The MAC address mask sp ecifi[...]

  • Seite 218

    218 XS712T Smart Switch MA C Binding Configuration When an ACL is bound to an interface, all the rules that have been defined are applied to the selected interface. Use the MAC Binding Configuration screen to assign MAC ACL lists to ACL Priorities and Interfaces.  T o configure MAC ACL interface bindings: 1. Select Security  ACL > Basic ?[...]

  • Seite 219

    219 XS712T Smart Switch The Interface Binding S tatus sect ion on the MA C Binding Configuration screen displays the following information: • Interface . Displays sel ected interface. • Direction . Displays selected packet filtering direction for ACL. • ACL T ype . Displays the type of ACL assigned to selected interface a nd direction. • AC[...]

  • Seite 220

    220 XS712T Smart Switch IP A CL IP ACLs allow network managers to define classi fication actions a nd rules for specific ingress ports. Pa ckets can be filtered on ingress (inbound) port s only . If the filter rules match, then some actions can be taken, including dropping t he p acket or disabling the port. For example, a network administra tor de[...]

  • Seite 221

    221 XS712T Smart Switch IP R ules Use the IP Rules screen to define rule s for IP-based st andard ACLs. The access list definition includes rules that specify whe ther traffic mat ching the criteria is forwarded normally or discarded. Note: There is an implicit deny a ll rule at the end of an ACL list. This means that if an ACL is applied to a pack[...]

  • Seite 222

    222 XS712T Smart Switch - Deny . Drops packe ts which meet the ACL crite ria. • Egress Queue . S pecifies the hardware egress queue iden tifier used to handle all packet s matching this ACL rule. • Logging . When set to Enable, lo gging is enabled for this ACL rule (subject to resource availability in the device). If the Access List T rap Flag [...]

  • Seite 223

    223 XS712T Smart Switch Note: There is an implicit “deny a ll” rule at the end of an ACL list. This means that if an ACL is applied to a packet and if no ne of the explicit rules match, then the final implicit “deny all” rule applies and the packet is dropped.  T o add rules to an IP ACL: 1. Select Security  ACL > Ad vanced  IP [...]

  • Seite 224

    224 XS712T Smart Switch 5. Select or specify values for one or more of the following match criteria: • Action . Select the ACL forwarding action, which is one of the following: - Permit . Forwards packet s which meet the ACL crite ria. - Deny . Drops packe ts which meet the ACL crite ria. • Egress Queue . S pecifies the hardware egress queue id[...]

  • Seite 225

    225 XS712T Smart Switch - Destination L4 Keyword . Select the desired L4 keyword from a list o f destination ports on which the rule ca n be based. - Destination L4 Port Number . If the destination L4 keyword is Other , enter a user-defined Port ID by which p ackets are matched to the ru le. • Service T ype . Select one of the Service T ype match[...]

  • Seite 226

    226 XS712T Smart Switch taken and th e additional rules are not checked for a match. On this me nu, the interfaces to which an IP ACL applies must be specified, as well as whether it ap plies to inbound or outbound traf fic. Rules for the IPv6 ACL are specified/crea ted using the IPv6 Rules screen.  T o add an IPv6 ACL: 1. Select Security  AC[...]

  • Seite 227

    227 XS712T Smart Switch 2. In the ACL Name list, select the name of the ACL to add a rule to. 3. Click Add . The screen displays the IPv6 ACL Rule Configuration fields. 4. N ex t to Ru le I D, specify a number from 1–10 to identify the IPv6 ACL rule. Y ou can create up to 10 rules for each ACL. 5. Select or specify values for one or more of the f[...]

  • Seite 228

    228 XS712T Smart Switch • Assign Queue ID . S pecifies the hardware egress queue identifier used to handle all packet s matching this IPv6 ACL rule. The valid range of Queu e IDs is from 0 to 6. This field is visible for a Permit Action. • Mirror Interface . S pecifies the specific egress interface where the matching traf fic stream is copied i[...]

  • Seite 229

    229 XS712T Smart Switch • Flow Label . Flow label is 20-bit n umber that is unique to an IPv6 packet, used by end stations to sign ify quality-of-service handling in routers. Flow label can be specified within the range (0 to 1048575). • IPv6 DSCP Service . S pecify the IP Dif fServ Code Point (DSCP) field. The DSCP is defined as the high-order[...]

  • Seite 230

    230 XS712T Smart Switch IP Binding Configuration When an ACL is bound to an interface, all the rules that have been defined are applied to the selected interface. Use the IP Binding Configuration screen to assign ACL list s to ACL Priorities and Interfaces.  T o add IP ACL interface bindings: 1. Select Security  ACL > Advanced  IP Bindi[...]

  • Seite 231

    231 XS712T Smart Switch IP Binding T able Use the IP Binding T able screen to vi ew or delete the I P ACL bindings.  T o delete an IP ACL binding: 1. Select Security  ACL > Advanced  Binding T able . 2. Select the check box associated with the ACL-to-interface binding to remove. 3. Click Dele te . The following ta ble describes the info[...]

  • Seite 232

    232 XS712T Smart Switch VLAN Binding T able Use the VLAN binding t able screen to associate an ACL with a VLAN. T o configure an ACL-to-VLAN binding: 1. Select Security  ACL > Advanced  Vlan Binding T able . 2. In the VLAN ID field, specify a VLAN ID for ACL mapping. 3. In the Direction field, specify the direction of packet traffic af fec[...]

  • Seite 233

    233 7 7. Mon i t o r in g t he S y s t e m Use the features available from the Monito ring tab to view a variety of information abou t the switch and its po rts and to configur e how the switch monitors event s. The Monitoring t ab contains configurati on menus described in the following sections. • Ports • Logs • Mirroring Po r t s The scree[...]

  • Seite 234

    234 XS712T Smart Switch Figure 7. Switch S tatistics scr een The following t able describes the switch statistics displayed on the screen. T able 37. Switch st atistics Field Description ifIndex This object indicates the ifIndex of the interface table entry associated with the processo r of this switch. Octets Receiv ed The total number of octets o[...]

  • Seite 235

    235 XS712T Smart Switch Use the buttons at the bottom of the scree n to perform the following actions: • Click Clear to clear all the statist ics counters, resetting all switch summary and det ailed statistics to default values. The d isc arded packet s count cannot be cleared. • Click Refresh to refresh the screen with the most current dat a f[...]

  • Seite 236

    236 XS712T Smart Switch Po r t S t a t i s t i c s The Port S tatistics screen displays a su mmary of per-port traf fic statistics on the switch.  T o access the port summary screen: 1. Select Moni toring  Port s > Port St atistics . 2. Select whether to display physical interfaces, link aggregation groups (LAGs), or both by clicking one o[...]

  • Seite 237

    237 XS712T Smart Switch  T o reset the counters for all interfaces on the switch: 1. Select the check box in the heading of the t able. 2. Click Clear .  T o reset the counters for a specific interface: 1. Select the check box next to the interf ace for which you want to clear the co unters. Y ou can also t ype the interface number (for examp[...]

  • Seite 238

    238 XS712T Smart Switch P ort Detailed Statistics The Port Deta iled S tatistics screen displays a va riety of per-port traf fic statistics.  T o access the port det ailed screen: 1. Select Moni toring  Port s > Port Detailed S t atistics . The Port Deta iled S tatistics figure shows some, but not a ll, of the fields on the screen . 2. Fro[...]

  • Seite 239

    239 XS712T Smart Switch The following ta ble describes the det ailed port information displayed on the screen. T able 39. De t ail ed interface statistics Field Descrip tion ifIndex This field indicates the ifIndex of the interfa c e table entry associated with this port on an adapt er . Port T ype For most ports this field i s blank. Otherwise the[...]

  • Seite 240

    240 XS712T Smart Switch LACP Mode Selects the Link Aggregation Cont rol Protocol admin istration st ate: • Enable. S pec ifies that the port is allow ed to participate in a port channel (LAG), which is the defa ult mode. • Disable. S pecifies that th e port cannot p art icipate in a port channel (LAG). Physical Mode Indicates the port speed and[...]

  • Seite 241

    241 XS712T Smart Switch Octets Received The total number of octets of data (including those in bad packets) received on the network (excluding framing bit s but including FCS octets). This object can be used as a reasonable e s timate of Ether net utilization. If grea ter precision is desired, the etherSt atsPkt s and etherS tatsOctets object s sho[...]

  • Seite 242

    242 XS712T Smart Switch Jabbers Received The total number of packets received that were longer than 1518 octets (excluding framing bits, but including FCS octets), and had either a ba d Frame Check Seque nce (FCS) with an integral nu mber of octets (FCS Error) or a bad FCS with a non-integra l number of octet s (Alignment Error). This definition of[...]

  • Seite 243

    243 XS712T Smart Switch Packets T r ansmitted 256-51 1 Octets The total number of packets (including bad packets) transmitted that were between 256 and 51 1 octe t s in length inclusive (excluding frami ng bit s but including FCS octets). Packets T r ansmitted 512-1023 Octets The total number of packets (including bad packets) transmitted that were[...]

  • Seite 244

    244 XS712T Smart Switch Use the buttons at the bottom of the screen to perform the following actions: • Click Clear to clear all the counters. This resets all statistics for this port to the default values. • Click Refresh to refresh the data on th e screen and display the most current st atistics. Dropped Transmit Frames Number of transmit fra[...]

  • Seite 245

    245 XS712T Smart Switch EAP Statistics Use the EAP S tatistics screen to display information about EAP packet s received on a specific port.  T o display the EAP st atistics screen: 1. Select Monitoring  Ports > EAP S t atistics . 2. Select whether to display physica l interfaces, link aggregation groups (LAGs), or both by clicking one of [...]

  • Seite 246

    246 XS712T Smart Switch Use the buttons at the bottom of the screen to perform the following actions: • T o clear all the EAP counters for all ports on the switch, select the check box in the row heading and click Clear . The button reset s all statistics for all port s to default values. • T o clear the counters for a specific port, select the[...]

  • Seite 247

    247 XS712T Smart Switch Cable T est Use the Cable T est screen to display information about the cables connected to switch ports.  T o display the cable test screen: 1. Select Monitoring  Ports > Cable T est . 2. Select whether to display physica l interfaces, link aggregation groups (LAGs), or both by clicking one of the following links a[...]

  • Seite 248

    248 XS712T Smart Switch The following t able describes the cable information displayed on the screen. Logs The switch can generate messages in response to events, fault s, or errors occurring on the platform as well as changes in configuration or othe r occurrences. These messages are stored locally and can be forwarded t o one or more centralized [...]

  • Seite 249

    249 XS712T Smart Switch Memory Log The Memory Log stores messages in memory ba sed upon the settings for message component and severity . Use the Memory Log screen to set the admin istrative status and behavior of logs in the system b uffer . Thes e log messages are cleared when the switch reboot s.  T o configure the memory log settings: 1. Sel[...]

  • Seite 250

    250 XS712T Smart Switch Priority = (facility val ue × 8) + severity level . The facility value is usually one, which means it is a user-level message. Th erefore, to determine the severity level of the message, subtract eight from the number in the angle brackets. The examp le log message has a severi ty level of 6 (informationa l). For more infor[...]

  • Seite 251

    251 XS712T Smart Switch 3. From the Severity Filter field, specify the type of log messages to record. A log records messages equal to or above a c onfigured se verity thre shold. For example, if you select Error , the logged messages include Error , Critical, Alert, and Emergency . The default severity level is Alert (1). The severit y can be one [...]

  • Seite 252

    252 XS712T Smart Switch Server Log Use the Server Log screen to allow th e switch to send log messag es to the remote logging hosts configur ed on the system.  T o configure local log server settings: 1. Select Moni toring  Logs > Server Log link. 2. Select the radio buttons in the Admin S tatus field to determine whether to send log messa[...]

  • Seite 253

    253 XS712T Smart Switch  T o add a remote syslog host (log server): 1. S pecify the following settings in the following list. • IP Address T ype . S pecify the IP Address T ype of Host. It can be one of the following: - IPv4 - IPv6 - DNS • Host Address . S pecify the hostname of the host configured for syslog. • Port . S pecify the port on[...]

  • Seite 254

    254 XS712T Smart Switch T rap Logs Use the T rap Logs screen to view information about the SNMP traps generated on the switch.  T o view trap log information: Select Monitoring  Logs > T rap Logs . The T rap Logs screen displays. Figure 8. T rap log sc reen The following t able describes the T rap Log information displayed on the screen. T[...]

  • Seite 255

    255 XS712T Smart Switch Event Logs Use the Event Log screen to display the eve nt log, which is used to hold error messa ges for catastrophic event s. After the event is logged and the updated log is saved in flash memory , the switch will be reset. The log can ho ld at least 2,000 entries and is erased whe n an attempt is made to add an e ntry aft[...]

  • Seite 256

    256 XS712T Smart Switch Mirroring The Port Mirroring screen allows you to view and configure port mirroring on the system. Port mirroring selects the network tr affic for analysis by a ne twork analyzer . This is done for spe cific port s of the switch. As su ch, many sw itch ports are config ured as source port s and one switch port is configured [...]

  • Seite 257

    257 XS712T Smart Switch 3. Select the mode for port mirroring on the selected port from the Session Mode: • Enable . Multiple Port Mirroring is active on the sele cted port. • Disable . Port mirroring is not active on the se lected port, but the mirroring information is retained. 4. Select the source port(s). Y ou can configure multiple ports a[...]

  • Seite 258

    258 XS712T Smart Switch[...]

  • Seite 259

    259 8 8. Mai n t en an ce Use the features available from the Mainte nance t ab to help you manage the switch. The Maintenance tab cont ains links des cribed in the following sections. • Reset • Upload • Download • File Management Re se t The Reset menu contains links descr ibed in the following sections. • Device Reboot • Factory Defau[...]

  • Seite 260

    260 XS712T Smart Switch Factory Default Use the Factory Default screen to reset the syst em configuration to the factory default values. Note: If you reset the switch to the default configuration, the IP addre ss is reset to 192.168.0.239, and th e DHCP client is enabled. If you loose network connectivity af ter you reset the switch to the f actory[...]

  • Seite 261

    261 XS712T Smart Switch TFTP File Upload Use the TFTP File Upload screen to upload c onfiguration (ASCII), log (ASCII ), and image (binary) files from the switch to a TFTP serve r on the network.  T o upload a file from the switch to the TFTP server: 1. Select Ma intenance  Upload  TFTP File Upload . 2. Use the File T ype menu to specify t[...]

  • Seite 262

    262 XS712T Smart Switch 8. Select the S tart File T ransfer check box to initiate the file upload. 9. Click Apply to begin the file tra nsfer . Note: The file transfer will not begin until you click Apply . The last row of the tab le displays information about the prog ress of the file transfer . The screen refreshes automatica lly until the file t[...]

  • Seite 263

    263 XS712T Smart Switch Download The switch supports system file do wnloads from a remote system to the switch by using either TFTP or HTTP . The Down load menu cont ains links descri bed in the following sections. • TFTP File Download • HTTP File Download TFTP File Download Use the Download File to switch screen to download device sof tware, t[...]

  • Seite 264

    264 XS712T Smart Switch • T ext Configuration . A text-based configuration file enables you to edit a config ured text file (startup-conf ig) offline as need ed without having to translate the conte nts for the switch to understand . The most common usage of text-ba sed configuration is to upload a working configuration from a device, edit it of [...]

  • Seite 265

    265 XS712T Smart Switch 9. Click Apply to begin the file transfer . The last row of the t able displays informati on abo ut the progress of the file transfer . The screen refreshes automatically until t he file transfe r completes or fails. T o activate a software image that you download to the switch, see File Management on pag e 266 . HTTP File D[...]

  • Seite 266

    266 XS712T Smart Switch Note: It is recommended that you do not overwrite the a ctive image. The system will display a warning that you are trying to overwrite the active image. 4. Next to the Select File field, click Browse to locate the file you want to download. 5. Click the Appl y button to init iate the file download. Note: After a file transf[...]

  • Seite 267

    267 XS712T Smart Switch Dual Image Configuration The system running a leg acy software versi on will ignore (not load) a configuration file created by the newer sof tware version. When a configuration file created by the newer software version is discovered by the system running an older version of the so ftware, the system will display an appropri[...]

  • Seite 268

    268 XS712T Smart Switch Dual Image Status The Dual Image S tatus screen shows th e following: • Image 1 V er . The version of the image1 code file. • Image 2 V er . The version of the image2 code file. • Curren t-active . The currently active image on this unit. • Next-acti ve . The image to be used on the ne xt restart of this u nit. • I[...]

  • Seite 269

    269 A A. Sm art Cont r o l Center Uti li ties The NETGEAR Smart Control Center (SCC) is a Wi ndows based application. Its main function is to discover NETGEAR Smart switches in your network and co nnect them to your network. For information about device discover y and net work connectivity , see Chapter 1, Getting S tarted . In addition to device d[...]

  • Seite 270

    270 XS712T Smart Switch • Configure Device . Allows you to modify network info rmation for the switch, including the IP address, DHCP client mode, system name , a nd location. For more information about this feature, see Configure the Device on p age 271 . • Change Password . Allows you to set a new password f or the device. For more informatio[...]

  • Seite 271

    271 XS712T Smart Switch Configure the Device Use the Configure Device button to define basic switch configuration informat ion.  T o modify switch information: 1. Sel ect the swit ch. 2. Click Con figure De vice . Additional fields appear on the screen. 3. T o assign or update a static IP address, defaul t gateway , or subnet mask, disable the D[...]

  • Seite 272

    272 XS712T Smart Switch Change the Switch P assword Use the Change Password button to change the administrative password you u se to log in to the switch management interface.  T o change the switch password: 1. Select the sw itch. 2. Click Chang e Password . Additional fields appear on the screen. 3. T ype the switch password in the Current Pas[...]

  • Seite 273

    273 XS712T Smart Switch Manage the Switch Configuration and Firmware The Maintenance ta b includes links to perform the following t asks: • Uplo ad and download the configuration . Upload the configuration file from the switch to an administrative syste m or other networ k location or downlo ad the configuration file from a remote device to the s[...]

  • Seite 274

    274 XS712T Smart Switch 4. Click OK . 5. Enter the switch password and click Apply . The file is uploaded to the administra tive computer as a *.cfg file. Y ou can open it and view the conten ts with a text editor .  T o restore the configuration to a previously saved vers ion: 1. Click the Maintenance t ab and select the device with the configu[...]

  • Seite 275

    275 XS712T Smart Switch Upgrade the Firmware The application sof tware for the XS712T Smart Switch is upgradeable, enabling your switch to take advant age of improvement s and additional features as they become availab le. Before you begin, download the firmwar e file from the NETGEAR Support web site for your switch t o a TFTP server on your netwo[...]

  • Seite 276

    276 XS712T Smart Switch 6. Download the firmware to primary or secondary storage. • Download the firmware as to primary s torage . By default, the firmware is downloaded to primary storage and will be become the active image after the download completes and the switch reboot s. • Download the firmware to seconda ry storage . Select the Secondar[...]

  • Seite 277

    277 XS712T Smart Switch View and Manage T asks From the T asks t ab, you can view informat ion about configurati on downloads and firmware upgrades that have already occurred, are in progress, or are scheduled to take place at a later time. Y ou can also delete or reschedule selected tasks. Figu re 11 shows the T asks screen. Figure 1 1 . T asks sc[...]

  • Seite 278

    278 XS712T Smart Switch[...]

  • Seite 279

    279 B B. Tr o u b l e s h o o t i n g This appendix covers th e following topics: • T roubleshooting Configuration Menu • T roubleshooting Chart T roubleshooting Configuration Menu The Maintenance main naviga tion tab gives access to the T roubleshooting configuration menu. This menu let s you perform basic troubleshooting functions su ch as pi[...]

  • Seite 280

    280 XS712T Smart Switch 2. In the IP Address/Host Name field, specify the IP address or the host name of the station you want the switch to ping. The initial value is blank. This information is not retained across a power cycle. 3. Configu re the following settings: • In the Count field, specify the number of pings to se nd. The valid range is 1?[...]

  • Seite 281

    281 XS712T Smart Switch Ping IPv6 Use the Ping IPv6 screen to send a Ping requ est to a specified host name or IPv6 address. Y ou can use this to check whether the switch c an communicate with a p articular IPv6 st ation. When you click the Apply button, the switch will send three pings and the result s will be displayed below the configurable dat [...]

  • Seite 282

    282 XS712T Smart Switch Tr a c e R o u t e Use the T raceroute utility to discover the paths t hat a packet t akes to a remote destination.  T o trace a route to an IPv4 address or host: 1. Select Main tenance  T roubleshooting  T raceRoute . 2. In the Hostname/IP Address field, specify the IP address or the hostname of the station you wan[...]

  • Seite 283

    283 XS712T Smart Switch T roubleshooting Chart The following ta ble lists sympto ms, caus es, and solutions of possible problems. T able 45. T roubleshooting chart Symptom Cause Solution Power LED is off. No power is received. Check the power cord conn ections for the switch at the sw itch and the connected AC power so urce. Link/ACT LED is off whe[...]

  • Seite 284

    284 XS712T Smart Switch[...]

  • Seite 285

    285 C C. Con f ig ur at ion Exam ple s This appendix cont ains inform ation about how to configure: • Virtual Local Area Networks (VLANs) • Access Control List s (ACLs) • Differentiated Services (DiffServ) • 802.1X • MSTP • VLAN Routing with a S tatic Route Virtual Local Area Networks (VLANs) A local area network (LAN) can generally be [...]

  • Seite 286

    286 XS712T Smart Switch • They are easy to manage. The addition of n odes, as we ll as moves and other changes, can be dealt with quickly and c onveniently from a manage ment interface rather than from the wiring closet. • They provide increased performance. VLANs free up bandwid th by limiting node-to-node and broadcast traf fic throughout the[...]

  • Seite 287

    287 XS712T Smart Switch • For the VLAN with VLAN ID 10, specify the following members: port 1 (U), po rt 2 (U), and port 3 (T). • For the VLAN with VLAN ID 20, specify th e following members: port 4 (U), port 5 (T), and port 6 (U). 3. In the Port PVID Conf iguration screen (see Port VLAN ID Configuration on page 87 ), specify the PVID for ports[...]

  • Seite 288

    288 XS712T Smart Switch criteria to a particular que ue or redirect the traf fic to a particular p ort. A default deny all rule is the last rule of every list. 2. Apply the access list to an interface in the inbound direction. The XS712T Smart Switch allows ACLs to be bound to physical port s and LAGs.The switch sof tware supp orts MAC ACLs and IP [...]

  • Seite 289

    289 XS712T Smart Switch Y ou can assign an optional sequence number to indicate the order of this access list relative to other access list s if any are al ready assign ed to this interface and direction. 4. The MAC Binding T able displays the interface and MAC ACL binding information (see MAC Binding T able on page 219 ). The ACL named Sales_ACL l[...]

  • Seite 290

    290 XS712T Smart Switch 8. Use the IP Binding T able screen to view the interfaces and IP ACL binding inf ormation (see IP Binding T able on page 231 ). The IP ACL in this example ma tches all packet s with the so urce IP address and subnet ma sk of the Finance department's network and deny it on the Ethernet inte rfaces 2, 3, and 4 of the swi[...]

  • Seite 291

    291 XS712T Smart Switch Class Y ou can classify incoming packet s at layers 2, 3, and 4 by inspecting the following information for a pa cket: • Source/destination MAC address • EtherT ype • Class of Service (802.1p priority) value (first/only VLAN tag) • VLAN ID range (first/only VLAN t ag) • IP Service T ype octet (also known as: T o S [...]

  • Seite 292

    292 XS712T Smart Switch Create P olicies Use DiffServ policies to associat e a collection of classes that you configure with one or more QoS policy st atement s. The result of this association is referred to as a po licy . From a DiffServ pe rspective, there are two types of policie s: • T raffic Conditioning Policy . a policy applied to a Dif fS[...]

  • Seite 293

    293 XS712T Smart Switch designating the incoming color value to be use d as the conforming color . The color of exceeding traf fic can be opti onally specified as well. • Count ing . Updating octet and packet st atistics to keep track of dat a handling along traf fic paths wit hin DiffServ . In this DiffServ feature, co unters are not explicitly [...]

  • Seite 294

    294 XS712T Smart Switch 8. Configure the Policy attributes as follows: • Assign Queu e. 3 • Policy Attribute . Simple Policy • Color Mode . Color Blind • Committed Rate . 1000000 Kbps • Committed Burst Size . 128 KB • Confirm Action . Send • Violate Action . Drop For additional information about this screen, see Policy Con figuration [...]

  • Seite 295

    295 XS712T Smart Switch The XS712T Smart Switch support s a guest VLAN , which allows unauthenticated u sers to have limited access to the network resource s. Note: Y ou can use QoS f eatures to provide rate limiting on the guest VLAN to limit the network resources th e guest VLAN provides. Another 802.1X feature is the ability to co nfigure a port[...]

  • Seite 296

    Supplicant Supplicant Authenticator Switch Authentication Server (RADIUS) 192.168.10.23 296 XS712T Smart Switch Sample 802.1X Configuration This example shows how to configu re the switch so that 802.1X-based authentication is required on the ports in a corporate conference room (g1–g8). These port s are available to visitors and need to be authe[...]

  • Seite 297

    297 XS712T Smart Switch For more information, see RADIUS Configuration on page 173 . 7. Click Add . 8. From the Authentication List screen, configure the default List to use RADIUS as the first authentication method (see Authentication List Configu ration on page 180 ). This example enables 802.1X-based port security on the XS712T switch a nd promp[...]

  • Seite 298

    298 XS712T Smart Switch All bridges, whether they use STP , RSTP or MSTP , send information in configuration messages via Bridge Protocol Dat a Units ( BPDUs) to assign port roles that determine each port’s particip ation in a fully and simply co nnected active topo logy based on one or more spanning t rees. The information communicated is known [...]

  • Seite 299

    299 XS712T Smart Switch Sample MSTP Configuration This example shows how to create an MSTP instance from the XS712T switch. The exa mple network has three dif ferent XS712T switches that serve different loca tions in the network. In this example, port s g1–g5 are connected to host stations, so those links are not subject to network loops. Ports g[...]

  • Seite 300

    300 XS712T Smart Switch If you do not specify a root bridge and all swit ches have the same Bridge Priority value, the switch with the lowest MAC address is elected as the root bridge (see CST Configuration on p age 101 ). 5. From the CST Port Config uration screen, se lect ports g1–g8 and select Enable from the STP S tatus menu (see CST Port Con[...]

  • Seite 301

    301 XS712T Smart Switch VLAN R outing with a Static R o ute Refer to the following sections to conf igure VLAN routing with a st atic route. VLAN Routing Overview VLANs divide broadcast domains in a LAN env ironment. Whene ver hosts in one VLAN need to communicate with host s in another VLAN, the traf fic must be routed between them. This is known [...]

  • Seite 302

    302 XS712T Smart Switch Note: Y ou can only use the VLAN Routing Wizard for creating VLANs, adding ports, and enabling it for routing by assigning the IP address and mask.[...]

  • Seite 303

    303 D D. H a rd wa re S p e c i fi c a t i o n s a n d D e fa u l t Va l u e s XS712T Smart Switch Specifications The XS712T Smart Switch conforms to the TCP/IP , UDP , HTTP , ICMP , TFTP , DHCP , IEEE 802.1D, IEEE 802.1p, and IE EE 802.1Q st andards. T a ble 46. Smart Switch specifications Feature Va l u e Interface s Port 1–10 are 100M/1G/ 10Gb[...]

  • Seite 304

    304 XS712T Smart Switch XS712T Switch Features and Defaults T able 47. Switch fea tures and default s Feature Sets Supported Default Auto negotiation/static speed/duplex All ports Auto negotiation Auto MDI/MDIX N/A Enabled 802.3x flow control/back pressure 1 (per system) D isabled Port mi rroring 1 Disabled Port trunking (aggregation) 8 Pre-confi g[...]

  • Seite 305

    305 XS712T Smart Switch Password control access 1 Idle timeout = 5 mins. Password = “password” Management security 1 profile wi th 20 rules for HTTP/HTTPS/SNMP access to allow/deny an IP address/subnet All IP addresses allowed Port MAC lock down All ports Disabled Boot code update 1 N/A DHCP/manual IP 1 DHCP enabled/192.168.0 .239 Default gatew[...]

  • Seite 306

    306 XS712T Smart Switch Number of rout ed VLANs 15 N/A Number of ARP Cache ent ries 1024 N/A Number of DHCP snoopin g bindings 8K N/A Number of DHCP static entri es 1 024 N/ A MLD Snooping N/A Disabled Protocol and MAC-based VLAN N/A N/A Private VLAN N/A N/ A T able 47. Switch fea tures and default s (Continued) Feature Sets Supported Default[...]

  • Seite 307

    307 E E. No tif i ca ti on of C omp li ance E NET GEAR W ir ed Pr oduc ts Certificate of the Manufacturer/Importer It is hereby certified that the ProSafe™ XS712T Smart Switch has been suppressed in a ccordance with the conditions set out in the BMPT -AmtsblVfg 243/1991 and Vfg 46/1992 . The operation of some equipment (for example, test transmit[...]

  • Seite 308

    XS712T Smart Switch 308 Europe – EU Declaration of Conformity Marking by the above symbol indicates compliance with th e Essential Requirements of the R&TTE Directive of the European Union (1999/5/EC). This equipment meets the following conformance standards: EN300 328, EN301 489-17, EN60 950 For the current EU Declaration of Conformity , vis[...]

  • Seite 309

    XS712T Smart Switch 309 FCC Requirements for Op erat ion in the United States FCC Inform ation to User This product does not cont ain any user serviceable comp onents and is to be used w ith approved antennas only . Any product changes o r modifications will invalidate al l applicable regulatory certifications and approvals FCC Guidelines for Human[...]

  • Seite 310

    XS712T Smart Switch 310 • This device mu st accept any interference received , including interference that may cause undesired operation. FCC Radio Frequency Interference W arnings & Instructions This equipment has been tested and found to comply with th e limit s for a Class B digital device, pursuant to Part 15 of the FCC Rules. These limit[...]