• Web-Based Network Management
    1. Introduction
    2. The Switch offers an embedded Web-based (hypertext) interface allowing users to manage the Switch from anywhere on the network through a standard browser such as Netscape Navigator/Communicator, 4.x or later, or Microsoft Internet Explorer, 4.x or later. The Web browser acts as a universal access tool and can communicate directly with the Switch using HTTP protocol. Your browser screen may vary with the screen shots (pictures) in this guide.

      Note: This Web-based Management Module does not accept Chinese language input (or other languages requiring two bytes per character).

       

    3. Getting Started
    4. The first step in getting started in using Web-based management for your Switch is to secure a browser. A Web browser is a program that allows a person to read hypertext, for example, Netscape Navigator, 4.x or later, or Microsoft Internet Explorer, 4.x or later. Follow the installation instructions for the browser.

      The second and last step is to configure the IP interface of the Switch. This can be done manually through a console (see the Configure IP Address section in the “Using The Console Interface” chapter).

    5. Management
    6. To begin managing your Switch simply run the browser you have installed on your computer and point it to the IP address you have defined for the device. The URL in the address bar should read something like: http://123.123.123.123, where the numbers 123 represent the IP address of the switch.

      In the page that opens, click on the Login to DES-3624 Manager button:

      This opens the main page in the management module.

      The top of each page contains an interactive view of the Switch’s front panel. If your Switch is part of a stack, there will also be an icon representing each Switch in the stack on the left side of this panel. Click on the desired Switch to view that Switch’s front panel. A colored border around the Switch icon

      indicates which Switch’s front panel is currently being displayed:

      Clicking on one of the ports opens a configuration window for that particular port.

      Each page contains the following list of buttons in the panel on the left side: Configuration, Management, Monitoring, and Maintenance. These are the main categories for Switch management. Clicking on one of the categories causes a list of options to appear below.

      The switch management features are explained below.

      1. Configuration
      2. This first category includes: IP Address, Switch (Advanced and Switch Unit), Port, Port Trunk, Port Mirroring, Spanning Tree Protocol (STP Parameter Setting and STP Custom Setting), Forwarding and Filtering (Static Forwarding Table, MAC Address Filtering Table, and Permanent Multicast Filtering), IGMP (IGMP Settings and 802.1Q IGMP), and VLANs & MAC-based Broadcast Domains (MAC-based Broadcast Domains and IEE 802.1Q VLANs), as well as a number of related windows.

        1. IP Address

    Figure 7-1. Configure IP Address window

    You can change the IP Address, Subnet Mask, and Default Gateway on the Switch. If your are not using BOOTP, enter the IP Address, Subnet Mask, and Default Gateway of the Switch. If you enable BOOTP Service, you do not need to configure any IP parameters because a BOOTP server automatically assigns IP configuration parameters to the Switch. Click Apply to activate the new settings.

    The information above is described as follows:

          1. Switch

    Figure 7-2. Configure Switch Stack window

    To set basic Switch settings, enter a System Name in the first field, the physical location of the Switch in the System Location field, and the name of the contact person responsible for the Switch in the System Contact field. Then click Apply.

    Two hyperlinks at the bottom of this window provide access to the Information Of Individual Switch Unit and Configure Switch Stack – Advanced windows, respectively. These windows are described in the two sections that immediately follow.

    The information in the window above is described as follows:

            1. Advanced

    Figure 7-3. Configure Switch Stack – Advanced window

    The first setting allows you to enable or disable port auto-partitioning by the Port’s Auto-Partition Capability on All Ports function. If you enable auto-partitioning on all ports, when more than 62 collisions occur while a port is transmitting data, the port automatically stops transmissions. The second setting allows you to enable or disable the Head of Line (HOL) Blocking Prevention function, which is designed to prevent forwarding a packet to a “blocking” port. Click Apply to let your changes take effect.

    The information above is described as follows:

            1. Switch Unit

    Figure 7-4. Information Of Individual Switch Unit window

    This window displays the Module, Type, and Hardware Revision of each individual Switch unit. Select the desired Switch in the field in the lower left-hand corner. A Refresh button is located in the lower right-hand corner.

    The information above is described as follows:

          1. Port

    Figure 7-5. Configure Port window

    Select the port you want to configure by clicking on the port in the Switch front panel display at the top of the screen or by using the Switch, Slot, and Port fields at the bottom of the screen. Then follow these steps:

    1. Enable or disable the port in the State field. If you choose Disable, devices connected to that port cannot use the Switch, and the Switch purges their addresses from its address table after the MAC address aging time elapses. The Switch won't purge addresses if you define them as permanent entries in the Static Forwarding Table.
    2. Configure the Speed/Duplex setting for the port. Select Auto for Auto-Negotiation. This allows the port to select the best transmission speed and duplex mode based on the capabilities of the device at the other end. Select 100/Full for port operation at 100 Mbps and full duplex. Select 100/Half for port operation at 100 Mbps and half duplex. Select 10/Full for port operation at 10 Mbps and full duplex. Select 10/Half for port operation at 10 Mbps and half duplex.
    3. Configure the Flow Control setting for the port. Selecting On in full-duplex mode will implement IEEE 802.3x flow control. Selecting On when the port is in half duplex mode will implement normal Ethernet collision-based backpressure flow control. Select Off for no flow control. Also, if the port is set for Auto (NWay) in the speed/duplex field above and flow control is enabled, flow control (whether full- or half-duplex) will only be implemented if the other device can auto-negotiate flow control. Note that you must reboot the Switch before a flow control change can take effect.
    4. Configure the Locked setting to prevent the port from learning the MAC addresses of new hosts. This will help keep intruders off your network since any packet coming from an unknown source address will be dropped by the Switch, that is, not added to your MAC Address Forwarding Table. Select Enabled or Disabled.
    5. Configure the Priority setting for packets passing through this port, using IEEE 802.1p/q tagging. Select Low, High or Default. If the network is congested, the Switch handles packets with a higher priority before those with lower priority.
    6. Configure the Rising Action setting under Broadcast Storm from three choices: Do Nothing, Blocking, or Blocking-Trap.
    7. Configure the Falling Action setting under Broadcast Storm from three choices: Do Nothing, Forwarding, or Forwarding-Trap.
    8. The Port Type, STP State, and Status are read-only fields indicating the current condition of the port you have selected.
    9. Click Apply to let your changes take effect.
          1. Port Trunk

    Figure 7-6. Port Trunk window

    The Switch supports up to three trunk groups. Trunks are groups of ports that are banded together to form a single, logical, high-bandwidth data pipe.

    Items in the above window are defined as follows:

          1. Port Mirroring
          2. Figure 7-7. Port Mirroring window

            The Switch allows you to copy frames transmitted and received on a port and redirect the copies to another port. You can attach a monitoring device to the mirrored port, such as a sniffer or an RMON probe, to view details about the packets passing through the first port.

            To configure a mirror port, select the Switch, Slot, and source Port from where you want to copy frames in the Source section. Next, select the Switch, Slot and target Port which will receive the copies from the source port in the Destination section. This is the port where you will connect a monitoring/troubleshooting device such as a sniffer or an RMON probe. To complete the port mirroring, select Enable in the Status field and click Apply.

            Note: You should not mirror a fast port onto a slower port. For example, if you try to mirror the traffic from a 100 Mbps port onto a 10 Mbps port, this can cause throughput problems. The port you are copying frames from should always support an equal or lower speed than the port to which you are sending the copies. Also, the target port for the mirroring cannot be a member of a trunk group.

          3. Spanning Tree Protocol
          4. The Switch supports 801.2d Spanning Tree Protocol, which allows you to create alternative paths (with multiple switches or other types of bridges) in your network. See the Spanning Tree Algorithm section of the “Switch Management Concepts” chapter for a detailed explanation.

            1. STP Parameters Setting

    Figure 7-8. STP Parameter Setting window

    To configure Spanning Tree Protocol functions for the Switch or individual ports, enter the desired information in the fields on this screen (see the descriptions below for assistance) and then click Apply.

    The information above is described as follows:

            1. STP Custom Setting

    Figure 7-9. Spanning Tree Custom Setting window

    Enter the desired Spanning Tree custom settings on this window and then click Apply.

    The information above is described as follows:

          1. Forwarding and Filtering

    When a packet hits the Switch, it looks in the filtering and forwarding tables to decide what to do with the packet; either to filter it off the network, or to forward it through the port on which its destination lies.

    Figure 7-10. Configure Forwarding Table And Filtering Table window

    This window allows you to stop or start address learning, use an address look-up mode, and select an age-out time of the MAC address in the selected address table. Click Apply to let your changes take effect.

    The following fields above can be set:

            1. Static Forwarding Table

    Figure 7-11. Static Forwarding Table window

    MAC forwarding allows the Switch to permanently forward outbound traffic to specific destination MAC addresses over a specified port. You can also use this feature to restrict inbound traffic based on source MAC addresses.

    Click New to access the Static Forwarding Table - Edit window:

    Figure 7-12. Static Forwarding Table---Edit window

    To use the MAC forwarding function, enter the MAC address of the device to which the specified port permanently forwards traffic in the Destination MAC Address field and enter the port number that permanently forwards traffic from the specified device in the Destination Port Number field. Then click Apply.

    The information above is described as follows:

            1. MAC Address Filtering Table

    Figure 7-13. Static MAC Address Filtering window

    The static filtering function allows the Switch to block inbound traffic from unknown or unwanted devices by mapping a port to a source MAC address.

    Click New to access the Static MAC Address Filtering - Edit window:

    Figure 7-14. Static MAC Address Filtering---Edit window

    To use the static filtering function, enter the MAC address of the device allowed to send traffic in the MAC Address field and then click Apply.

    The information above is described as follows:

            1. Permanent Multicast Filtering

    Figure 7-15. Static Permanent Multicast Filtering window

    Static multicast filtering blocks or forwards traffic over each port for one multicast group. You can configure each port on the Switch to forward traffic for the specified multicast group.

    Click New to access the Static Permanent Multicast Filtering - Edit window:

    Figure 7-16. Static Permanent Multicast Filtering--Edit window

    To edit or create a new filter, enter the MAC address in the MAC Address field, select the desired Switch and Port in the next two fields. Next, select Forward or Block for each port, deciding whether that port transmits or blocks traffic for the specified multicast group. Click Apply to activate the filter.

          1. IGMP
          2. Internet Group Management Protocol (IGMP) snooping allows the Switch to recognize IGMP queries and reports sent between network stations or devices and an IGMP router. IGMP is used for managing IP multicast groups. The Switch will send IGMP query messages and get the IGMP response from hosts to “learn” the source port members of that multicast address. When a multicast address is received and found on the IGMP address table, it will be multicast to those port members.

            1. IGMP Settings
            2. Figure 7-17. Configure IGMP window

              To configure the IGMP, enter a value between 30 and 999 seconds in the IP Multicast Filtering Age-out Timer field and then change the IP Multicast Filtering (IGMP Snooping) setting from Disabled to Enabled. Click the Apply button to let the changes take effect.

            3. 802.1Q IGMP

            Figure 7-18. Add/Remove IGMP Table window

            Click the X in the Delete column next to an entry to remove it from the table.

            Click the pointer icon on the far right to access the Add/Remove IGMP Table-Edit window:

            Figure 7-19. Add/Remove IGMP Table-Edit window

            To edit an 802.1Q IGMP entry, enter a value from 1 to 4094 in the VLAN ID field and then click Apply.

          3. VLANs & MAC-based Broadcast Domains
          4. IEEE 802.1Q VLANs allow you to construct a port group as well as to reduce traffic. All packets are limited to members of the VLAN. MAC-based Broadcast Domains limit broadcast, multicast and unknown packets to members of the broadcast domain(s) defined here. For more information on this section, please refer to “Switch Management Concepts” chapter.

            Figure 7-20. Configure VLAN window

            To use one of these two modes, select MAC-based Broadcast Domains or IEEE 802.1Q VLANs under Restart VLAN Mode--otherwise, leave the setting at Disabled. Then specify the VLAN ID number in the SNMP VLAN field and click Apply. The SNMP VLAN ID sets up a VLAN for management packets.

            1. MAC-Based Broadcast Domains

    To use MAC-based Broadcast Domains, you must first create a MAC-based Broadcast Domain using the add/remove function and then add members to the Broadcast Domain using the add/remove member function.

    Figure 7-21. Add/Remove MAC-based Broadcast Domains window

    Items in this window are defined as follows:

    Click the X in the Delete column next to an entry to remove it from the table.

    Click New to access the Add/Remove MAC-based Broadcast Domains --- Edit window:

    Figure 7-22. Add/Remove MAC-based Broadcast Domains --- Edit window

    To add a MAC-based broadcast domain, enter a Description in the field offered. Click Apply to let the change take effect.

    Figure 7-23. Add/Remove MAC-based Broadcast Domain Member window

    Items in this window are defined as follows:

    Click the X in the Delete column next to an entry to remove it from the table.

    Click New to access the Add/Remove MAC-based Broadcast Domain Member --- Edit window:

    Figure 7-24. Add/Remove MAC-based Broadcast Domain Member ---Edit window

    To add or edit a MAC-based broadcast domain member, enter the MAC Address in the first field and use the drop-down Description menu to select the desired broadcast domain. Click Apply to let the changes take effect.

    Items in this window are defined as follows:

            1. IEEE 802.1Q VLANs

    Figure 7-25. Default Port VLAN ID window

    Use this window to assign a default VLAN ID for each desired port. Click Apply to let the settings take effect.

    Figure 7-26. Port Ingress Filtering Check window

    Use this window to enable or disable the ingress filtering check for each desired port. Ingress filtering means that a receiving port will check to see if it is a member of the VLAN ID in the packet before forwarding the packet. Click Apply to let the settings take effect.

    Figure 7-27. 802.1Q Static VLAN Entry window (number one)

    Click the X in the Delete column next to an entry to remove it from the table.

    Click the pointer icon to access the second 802.1Q VLAN Entry screen:

    Figure 7-28. 802.1Q Static VLAN Entry window (number two)

    To configure an 802.1Q VLAN entry, enter a V-Id number and Description in the first two fields. Next, select the desired Switch. Finally, check Tag for each member port you wish to be a tagging port. None should be checked if you don’t want a port to belong to a VLAN. Otherwise, check Egress to statically set a port to belong to a VLAN. Click Apply to let the changes take effect.

        1. Management
        2. This second main category of the Switch Web-based management program includes: Community Strings and Trap Stations, User Account, and Console.

          1. Community Strings and Trap Stations

    Figure 7-29. Community Strings and Trap Stations window

    To use the functions on this window, enter the appropriate SNMP information in the Community Strings and Trap Receiving Stations sections--you may enter up to four entries in each section. A trap receiving station is a device that constantly runs a network management application to receive and store traps. Then click Apply to put the settings into effect.

    The SNMP Access Policy Setting information is described as follows:

    The SNMP Trap Manager Configuration information is described as follows:

          1. User Account
          2. Figure 7-30. User Accounts window

            Click the pointer icon on the right-hand side to access the User Account - Edit window:

            Figure 7-31. User Account-Edit window

            To add or change a User Account, fill in the appropriate information in the User Name, Old Password, New Password, and Confirm New Password fields. Then select the desired access, Normal User or Administrator in the Access Level control and click Apply.

            To delete a User Account, enter the requested information and click Delete.

          3. Console

    Figure 7-32. Configure Console window

    This window allows you to choose the refresh rate in the Console Timeout field (15 minutes, 30 minutes, 45 minutes, 60 minutes or Never). Select the protocol for communicating through the console port, Console or SLIP, in the Serial Port field. Use SLIP for out-of-band management. If SLIP is being used, you may also set the Baud Rate in the last field. Click Apply and then reboot the Switch for console port settings to take effect.

    The default serial port settings are:

        1. Monitoring
        2. This third main category of the Switch Web-based management program includes: Switch Overview, Port Utilization, Port Traffic Statistics, Port Error Packet Statistics, Port Packet Analysis Statistics, Browse Address Table, Browse IGMP Status, and Switch History.

          1. Switch Overview

    Figure 7-33. Switch Statistics window

    The information is described as follows:

          1. Port Utilization

    Figure 7-34. Port Utilization window

    The information is described as follows:

          1. Port Traffic Statistics

    Figure 7-35. Port Traffic Statistics window

    The port statistics shown by default are those for the port you last configured. Once in the individual window, you can click any port on the Switch graphic to show statistics for that port.

    The information is described as follows:

    Traffic in Bytes:

    Traffic in Frames:

          1. Port Error Packet Statistics

    Figure 7-36. Port Error Packet Statistics window

    The information is described as follows:

    Other errors:

          1. Port Packet Analysis Statistics

    Figure 7-37. Port Packet Analysis window

    The information is described as follows:

          1. Browse Address Table
          2. Figure 7-38. Browse Address Table window

            The Switch allows you to display a table containing Switch ports, MAC addresses, and respective learned statuses. If the table doesn’t display the information you want, fill in the requested information in the Find by MAC Address or Find by Port sections above and then click the button on the right side of the section used.

          3. Browse IGMP Status
          4. Figure 7-39. Browse IGMP Status window

            This window allows you to enter the Current VID at the top of the window and then display the Queries (Tx)/(Rx) for that VLAN ID. The bottom of the window displays Multicast Group, MAC Address, Reports, and Ports for IGMP Snooping in a table format.

          5. Switch History

    Figure 7-40. Switch History window

    This window allows you to view the Switch history. This works like a trap and event receiver except it only captures trap/events generated by the Switch itself. Click the Next button to view additional pages.

        1. Maintenance
        2. The fourth and last main category of the Switch Web-based management program includes: Firmware and Configuration Update, Save Settings To TFTP Server, Save Switch History To TFTP Server, Save Changes, Factory Reset, and Restart System.

          1. Firmware and Configuration Update

    Figure 7-41. Firmware and Configuration Update window

    To update firmware or change a configuration file, fill in the requested information above and then click the Apply button.

    The information is described as follows:

    Software Update Mode & TFTP Server Address:

    Update Management Module Firmware:

    Change Configuration File:

          1. Save Settings To TFTP Server

    Figure 7-42. Save Settings To TFTP Server window

    To upload a configuration file, enter the Server IP Address where the configuration file is located and the File Name and file path. Then click the Apply button.

    The information is described as follows:

          1. Save Switch History To TFTP Server

    Figure 7-43. Save Switch History To TFTP Server window

    To save a switch history file to your TFTP server, fill the fields in above and then click Apply.

    The information is described as follows:

     

          1. Save Changes
          2. Figure 7-44. Save Changes window

            To save all the changes made in the current session to the Switch’s flash memory, click the Save Configuration button.

          3. Factory Reset

    Figure 7-45. Factory Reset to Default Value window

    Doing a remote reset is equivalent to turning the Switch off and on again. All parameters are returned to the values stored in EEPROM. Click the Reset to Factory Default button to initiate the reset.

    Restart System

    Figure 7-46. Restart System window

    To perform a reboot of the Switch, which resets the system, click the Reset button.

     

     

    A