![Qtech QSW-2910-09T-POE-AC/DC Руководство пользователя онлайн [93/212] 481587](/img/pdf.png)
Qtech QSW-2910-09T-POE-AC/DC Руководство пользователя онлайн [93/212] 481587
![Qtech QSW-2910-09T-POE-AC/DC Руководство пользователя онлайн [93/212] 481587](/views2/1596562/page93/bg5d.png)
+7(495) 797-3311 www.qtech.ru
Москва, Новозаводская ул., 18, стр. 1
93
200 to 299), at most 1000 layer 2 ACL with the name ID and totally 3000 sub-rules. It can
define 128 sub-rules for an ACL (this rule can suit both ACL with name ID and number ID).
Layer 2 ACL only classifies data packet according to the source MAC address, source VLAN
ID, layer protocol type, layer packet received and retransmission interface and destination
MAC address of layer 2 frame head of data packet and analyze the matching data packet.
1. Define layer 2 ACL based on number ID
Layer 2 ACL based on number ID is using number to be ID of layer 2 ACL. Use following
command to define layer 2 ACL based on number ID.
Configure it in global configuration mode.
(1) Define layer 2 ACL based on number ID
access-list access-list-number3 { permit | deny } [ protocol ] [ cos vlan-pri ] ingress
{ { [ source-vlan-id ] [ source-mac-addr source-mac-wildcard ] [ interface interface-num ] } |
any } egress { { [ dest-mac-addr dest-mac-wildcard ] [ interface interface-num | cpu ] } | any }
[ time-range time-range-name ]
(2) Define the matching order of ACL:
access-list access-list-number match-order { config | auto }
(3) Delete all the subitems or one subitem in one ACL with number ID or name ID or all
ACLs.
no access-list { all | { access-list-number | name access-list-name } [ subitem ] }
Use access-list command repeatedly to define more rules for the same ACL.
The number ID of layer 2 ACL is in the range of 200 to 299.
Interface parameter in above command specifies layer 2 interface, such as Ethernet interface.
Concrete parameter meaning refers to corresponded command line.
2. Define layer 2 ACL with name ID.
Layer 2 ACL with name ID is using name ID to identify layer 2 ACL.
Instruction:
Defining layer 2 ACL with name ID should enter specified configuration mode: use access-list
link in global configuration mode which can specify matching order of ACL. Use exit command
to be back from this mode.
Use following commands to define layer 2 ACL with name ID. Configure it in corresponded
mode.
(1) Enter layer 2 ACL with name ID configuration mode(global configuration mode)
Содержание
- Chapter 1 accessing switch 14 1
- Chapter 2 port configuration 26 1
- Content 1
- Content 1 1
- Chapter 3 vlan configuration 45 2
- Chapter 4 dhcp configuration 61 4
- Chapter 5 multicast protocol configuration 66 4
- Chapter 6 acl configuration 87 6
- Chapter 7 qos configuration 96 6
- Chapter 8 stp configuration command 114 7
- Chapter 10 sntp client configuration 133 8
- Chapter 11 syslog configiration 138 8
- Chapter 12 ssh configuration 145 8
- Chapter 9 802 x configuration command 125 8
- Chapter 13 switch manage and maintenance 148 9
- Chapter 14 lldp configuration 176 10
- Chapter 15 errp command configuration 179 10
- Chapter 16 cfm configuration 184 10
- Chapter 17 pppoe plus configuration 192 11
- Chapter 18 flex links configuration 195 11
- Chapter 19 efm configuration 198 11
- Chapter 20 poe function 207 12
- Chapter 21 mac authentication configuration 209 12
- 0 mac authentication max users 212 13
- Chapter 1 accessing switch 14
- Command line configuration mode 14
- Command line interface 14
- Command syntax comprehension 16
- History command 18
- Syntax help 18
- Command parameter categories 19
- Symbols in command 19
- Add user 20
- System default user name 20
- User management 20
- Modify password 21
- Modify privilege 21
- Remote authentication of administrator 22
- Remove user name 22
- View system user information 22
- Display authentication configuration 23
- Show tacacs 23
- Start radius tacacs remote authentication 23
- Tacacs remote server configuration 23
- Ways of managing switch 23
- Manage switch by hyper terminal 24
- Manage switch by telnet 25
- Chapter 2 port configuration 26
- Enter interface configuration mode 26
- Port configuration 26
- Port configuration introduction 26
- Port related configuration 26
- Configure interface duplex mode and speed rate 27
- Configure port control mode 27
- Enable disable specified interface 27
- Ingress egress bandwidth control configuration 28
- Interface description configuration 28
- Interface prioruty configuration 28
- Enable disable interface flow control 29
- Enable disable vlan filtration of receiving packet of interface 29
- Interface ingress acceptable frame configuration 29
- Port mode configuration 30
- The default vlan id of port configuration 30
- Add port to specified vlan 31
- Display interface information 31
- Brief introduction of interface mirror 32
- Display clear interface statistics information 32
- Interface mirror 32
- Interface mirror configuration 32
- Configure mirror interface 33
- Configure mirror source interface 33
- Display interface mirror 33
- Brief introduction of port convergence 34
- Delete all port and traffic mirror 34
- Port lacp convergent configuration 34
- Interface convergent configuration 36
- Brief introduction of interface car 38
- Interface car configuration 38
- Enable disable interface car on a port 39
- Enable disable interface globally 39
- Port car configuration command list 39
- Brief introduction of port alarm configuration 40
- Configure the port car rate 40
- Configure the reopen time of the port shutdown by port car 40
- Display port car information 40
- Port alarm configuration 40
- Configure the exceed threshold and normal threshold of port alarm 41
- Enable disable port alarm globally 41
- Enable disable port alarm on the port 41
- Port alarm configuration list 41
- Brief introduction of shutdown control 42
- Display port alarm 42
- Interface shutdown control configuration 42
- Configure shutdown control open time 43
- Interface shutdown control configuration list 43
- Shutdown control configuration 43
- Display shutdown control 44
- Recover shutdown control 44
- Brief introduction of vlan 45
- Chapter 3 vlan configuration 45
- Default vlan 45
- Vlan configuration 45
- Vlan configuration list 45
- Vlan interface type 45
- Add delete vlan interface 46
- Create delete vlan 46
- Specify restore vlan description 47
- Configure interface default vlan id 48
- Configure interface type 48
- Configure tag vlan 48
- Display vlan information 48
- Brief introduction of gvrp 49
- Gvrp configuration 49
- Gvrp configuration list 49
- Display gvrp 50
- Enable disable global gvrp 50
- Enable disable gvrp on a port 50
- Add delete vlan that can be dynamic learnt by gvrp 51
- Brief introduction of qinq 51
- Display vlan that can be learnt by gvrp 51
- Qinq configuration 51
- Qinq configuration list 51
- Configure global inner outer tpid 52
- Configure global qinq 52
- Configure qinq mode of interface 52
- Configure interface dynamic qinq 53
- Configure rewrite outer vlan 53
- Enable disable vlan swap 53
- Display dynamic qinq 54
- Display rewrite outer vlan 54
- Display vlan swap 54
- Configure mac based vlan table 55
- Configure protocol based vlan table 55
- Vlan extended properties 55
- N 1 vlan 56
- Vlan translate 56
- Brief introduction of l2 tunnel 57
- Configure qinq mode of interface 57
- Enable disable l2 tunnel 57
- L2 tunnel 57
- L2 tunnel configuration list 57
- Configure cancel l2 tunnel drop threshold 58
- Show l2 tunnel drop threshold 58
- Show port l2 tunnel status 58
- Brief introduction of vprb 59
- Configure delete vprb port backup 59
- Show vprb 59
- Vprb configuration list 59
- Example show vprb qtech config show vprb 60
- Brief introduction of dhcp 61
- Chapter 4 dhcp configuration 61
- Dhcp configuration 61
- Dhcp configuration list 61
- Enable dhcp relay 61
- Support relay option82 62
- Configure ip source guard 64
- Configure max host number 64
- Configure trust ports 64
- Dhcp snooping 64
- Enable dhcp snooping 64
- Ip source guard bind 64
- N 1 vlan 65
- Show dhcp snooping configuration of ports 65
- Show dhcp snooping configuration of vlans 65
- Show information of clients 65
- Brief introduction of gmrp 66
- Chapter 5 multicast protocol configuration 66
- Enable disable global gmrp 66
- Gmrp configuration 66
- Gmrp configuration list 66
- Add delete multicast that can be dynamic learnt by gmrp 67
- Display gmrp 67
- Enable disable gmrp on a port 67
- Brief introduction of igmp snooping 68
- Display multicast that can be learnt by gmrp 68
- Igmp snooping configuration 68
- Igmp snooping interface fast leave configuration 69
- Igmp snooping max response time configuration 69
- Igmp snooping multicast interface aging time configuration 69
- Configure the number of the multicast group allowed learning 70
- Igmp snooping permit deny group configuration 70
- Igmp snooping route port forward configuration 70
- Configure igmp snooping querier vlan 71
- Configure igmp snooping query interval 71
- Enable disable igmp snooping querier 71
- Configure igmp snooping query max response 72
- Configure igmp snooping query source ip 72
- Configure igmp snooping route port aging 72
- Add igmp snooping route port 73
- Configure igmp snooping multicast vlan 73
- Enable disable igmp snooping preview 73
- Igmp snooping multicast preview group configuration 74
- Igmp snooping preview parameter 74
- Display igmp snooping multicast preview 75
- Igmp snooping profile 75
- Igmp snooping profile configuration 75
- Igmp snooping profile refer configuration 76
- Igmp snooping drop query 77
- Igmp snooping record host 77
- Show igmp snooping profile 77
- Igmp snooping drop report 78
- Show igmp snooping record host 78
- Show multicast interface 78
- Mld snooping configuration 79
- Mld snooping protocol overview 79
- Mld snooping fast leave 80
- Mld snooping host aging time 80
- Mld snooping max learnt multicast number 80
- Mld snooping max response time 80
- Configure mld snooping route port forward 81
- Enable disable mld snooping querier 81
- Mld snooping permit deny group 81
- Configure mld snooping max response time 82
- Configure mld snooping querier sending interval 82
- Configure mld snooping router port aging 82
- Add mld snooping router port 83
- Display mld snooping group 83
- Mld snooping multicast vlan 83
- Add interfaces to multicast group 84
- Brief introduction of static multicast 84
- Create multicast group 84
- Static multicast configuration 84
- Static multicast configuration list 84
- Delete interface members from multicast group 85
- Display multicast group information 85
- Delete multicast group 86
- Brief introduction of acl 87
- Chapter 6 acl configuration 87
- Introduction of acl 87
- Matching order configuration 87
- Acl configuration 88
- Acl support 88
- Configuration list 88
- Configure time range 89
- Define acl 90
- Activate acl 94
- Ipv6 acl key mode 94
- Monitor and maintanence of acl 95
- Brief introduction of qos 96
- Chapter 7 qos configuration 96
- Flow monitor 99
- Qos configuration 99
- Qos configuration list 99
- Interface line rate 100
- Packet redirection configuration 100
- Priority configuration 101
- Queue scheduler configuration 101
- Configure the mapping relationship between dscp and 8 priority in ieee 802 p 102
- Flow mirror configuration 102
- The cos map relationship of hardware priority queue and priority of ieee802 p protocol 102
- Copy packet to cpu 103
- Flow statistic configuration 103
- Traffic insert vlan configuration 104
- Traffic rewrite vlan configuration 104
- Bandwidth ingress 105
- Monitor and maintenance of qos 105
- Configuration example of qacl 106
- Use qacl to realize user isolation 106
- Use qacl to realize bandwidth control 109
- Use qacl to realize deny all packet expect 110
- Brief introduction of port isolation 111
- Port isolation 111
- Use qacl to prevent virus 111
- Port isolation configuration 112
- Brief introduction of strom control 113
- Strom control 113
- Brief introduction of stp configuration 114
- Chapter 8 stp configuration command 114
- Stp configuration command 114
- Stp configuration list 114
- Configure stp mode 115
- Enable disable interface stp 115
- Enable disable stp 115
- Configure stp priority 116
- Configure switch forward delay 116
- Configure hello time features 117
- Configure max age 117
- Configure interface to force to send rstp packet 118
- Configure path cost of specified interfaces 118
- Configure stp priority od specified port 118
- Configure link type of specified interface 119
- Configure the current port as an edge port 119
- Configure the speed limit of sending bpdu of specified interface 120
- Enable disable stp remote loop detect 120
- Stp monitor and maintainenance 120
- Brief introduction of mstp 121
- Mstp configuration 121
- Mstp configuration list 121
- Configure mstp configuration mark 122
- Configure timer value of mstp 122
- Configure edge interface status of mstp interface 123
- Configure mstp interface link type 123
- Configure mstp interface path cost 123
- Configure mstp net bridge privilege 123
- Configure mstp interface privilege 124
- Display mstp configuration information 124
- Aaa configuration mode 125
- Brief introduction of 802 x configuration 125
- Chapter 9 802 x configuration command 125
- X configuration 125
- Radius server configuration 126
- Domain configuration 128
- Configure local user 129
- X configuration 130
- Brief introduction of sntp protocol 133
- Chapter 10 sntp client configuration 133
- Enable disable sntp client 133
- Sntp client configuration 133
- Sntp client broadcast delay configuration 134
- Sntp client unicast server configuration 134
- Sntp client working mode configuration 134
- Sntp client multicast ttl configuration 135
- Sntp client poll interval configuration 135
- Sntp client retransmit configuration 135
- Sntp client md5 authentication configuration 136
- Sntp client valid server configuration 136
- 0 summer time configuration for sntp client 137
- Brief introduction of syslog 138
- Chapter 11 syslog configiration 138
- Syslog configiration 138
- Enable disable syslog 139
- Syslog sequence number configuration 139
- Syslog time stamps configuration 139
- Syslog logging buffered outputting configuration 140
- Syslog terminal outputting configuration 140
- Syslog flash storage outputting configuration 141
- Syslog logging host outputting configuration 141
- Module debug configuration 143
- Syslog snmp agent outputting configuration 143
- Enable debug of module vlan 144
- Qtech config debug vlan 144
- Brief introduction of ssh 145
- Chapter 12 ssh configuration 145
- Enable disable ssh function of the device 145
- Ssh configuration 145
- Ssh key configuration 145
- Others 147
- Chapter 13 switch manage and maintenance 148
- Configuration files management 148
- Edit configuration files 148
- Erase configuration 148
- Modify and save current configuration 148
- Save minmum manageable configuration of network administration 148
- Display saved configuration 149
- Execute saved configuration 149
- Configure file executing mode shift 150
- Online loading upgrade program 150
- Upload and download files by tftp 150
- Upload and download files by ftp 151
- Brief introduction of mac address table management 152
- Download files by xmodem 152
- Facility management 152
- Mac address table management 152
- Configure system mac address aging time 153
- Mac address table management list 153
- Configure mac address item 154
- Enable disable mac address learning 155
- Configure the number of port mac address allowed learning 156
- Modify mac address learning mode 156
- Reboot 156
- Basic configuration and management 157
- System maintenance 157
- Use show command to check system information 157
- Network connecting test command 158
- Loopback test command 159
- Vct test command 159
- Administration ip address restriction 160
- The number of telnet user restriction 160
- Cpu car command 161
- Routing tracert command 161
- Brief introduction of snmp 162
- Configuration 162
- Monitor system by snmp 162
- Configure community 163
- Configure syscontact 163
- Configure trap destination host adress 164
- Configure notify 165
- Configure syslocation 165
- Configure sysname 165
- Configure engine id 166
- Configure trap sending source address 166
- Configure view 167
- 0 configure group 168
- 1 configure user 169
- Enable disable dlf forword packet 170
- Enable disable dropping bpdu packet 171
- Enable disable source dlf forward 171
- Telnet client 171
- Brief introduction of cpu alarm configuration 172
- Configure cpu busy or unbusy threshold 172
- Cpu alarm configuration 172
- Cpu alarm configuration list 172
- Enable disable cpu alarm 172
- Configure enable disable mailalarm 173
- Configure mailalarm server 173
- Display cpu alarm information 173
- Mail alarm configuration 173
- Configure enable disable mailalarm smtp authentication 174
- Configure mailalarm ccaddr 174
- Configure mailalarm logging level 174
- Configure mailalarm receiver 174
- Anti dos attack 175
- Enable disable global ttl 175
- Ip segment anti attack 175
- Brief introduction of lldp protocol 176
- Chapter 14 lldp configuration 176
- Enable disable global lldp 176
- Lldp configuration 176
- Lldp configuration list 176
- Configure lldp hello time 177
- Configure lldp hold time 177
- Interface lldp packet receiving sending mode configuration 177
- Display lldp information 178
- Brief introduction of errp 179
- Chapter 15 errp command configuration 179
- Errp configuration 179
- Errp configuration list 179
- Configure errp domain working mode 180
- Configure errp timer 180
- Enter errp configuration mode 180
- Configure control vlan of errp domain 181
- Create errp ring 181
- Display errp domain and ring information 182
- Enable disable errp ring 182
- 0 errp query solicitation 183
- Brief introduction of cfm 184
- Cfm configuration 184
- Cfm configuration list 184
- Chapter 16 cfm configuration 184
- Create delete md 184
- Configure md parameter 185
- Create delete ma 185
- Configure ma parameter 186
- Create delete mep 186
- Create delete rmep 187
- Create delete mip 188
- Loopback 188
- 0 linktrace 189
- 1 show md 189
- 2 show ma 189
- 3 show mp mep mip rmep 190
- 4 show clear ccm statistics 190
- 5 show clear ccm database 190
- 6 show cfm error 191
- Brief introduction of pppoe plus 192
- Chapter 17 pppoe plus configuration 192
- Enable disable pppoe plus 192
- Pppoe plus configuration 192
- Pppoe plus configuration list 192
- Configure pppoe plus type 193
- Configure pppoe port type 193
- Configure remote id 193
- Configure remote id format 193
- Self defined circuit id 193
- Configure pppoe plus vendor specific tag overwrite 194
- Brief introduction of flex links 195
- Chapter 18 flex links configuration 195
- Enable or disable flex links of interface or convergent interface 195
- Flex links configuration 195
- Flex links configuration list 195
- Configure flex links preemption mode 196
- Configure flex links preemption mode delay 196
- Disaply flex links information 196
- Configure macmoveupdate of flex links 197
- Chapter 19 efm configuration 198
- Efm configuration 198
- Efm configuration list 198
- Efm overview 198
- Enable disable efm 198
- Configure efm pdu timeout 199
- Configure efm working mode 199
- Configure link monitoring 200
- Configure link timeout 200
- Configure response timeout 200
- Enable disable link monitoring 202
- Enable disable remote failure indication 202
- 0 enable disable remote mib variable obtaining 203
- 1 enable disable remote loopback 203
- 2 enable stop remote loopback 203
- 3 configure handling remote loopback querying packet 204
- 4 show efm status 204
- 5 show efm info 204
- 6 show efm discovery 205
- 7 show clear efm statistics 205
- 8 show remote mib 206
- Chapter 20 poe function 207
- Configure global max power 207
- Enable disable port poe 207
- Poe configuration 207
- Poe configuration list 207
- Poe overview 207
- Configure interface max power 208
- Configure port poe priority 208
- Show poe configuration 208
- Aaa authentication domain configuration 209
- Chapter 21 mac authentication configuration 209
- Mac authentication configuration 209
- Mac authentication configuration list 209
- Mac authentication overview 209
- Mac authentication user name format 209
- Enable disable mac authentication 210
- Mac authentication timer offline detect 210
- Radius authentication configuration 210
- Guest vlan 211
- Mac authentication timer quiet 211
- Mac vlan 211
- 0 mac authentication max users 212
Похожие устройства
- Qtech QSW-2910-10T-AC/DC Инструкция по установке
- Qtech QSW-2910-10T-AC/DC Руководство пользователя
- Qtech QSW-2910-10T-POE-AC/DC Инструкция по установке
- Qtech QSW-2910-10T-POE-AC/DC Руководство пользователя
- Qtech QSW-2910-28T-AC Инструкция по установке
- Qtech QSW-2910-28T-AC Руководство пользователя
- Qtech QSW-2910-28T-POE-AC/DC Инструкция по установке
- Qtech QSW-2910-28T-POE-AC/DC Руководство пользователя
- Qtech QSW-2910-28F-AC Инструкция по установке
- Qtech QSW-2910-28F-AC Руководство пользователя
- Qtech QSW-2910-52T-AC Инструкция по установке
- Qtech QSW-2910-52T-AC Руководство пользователя
- Qtech QSW-2910-52T-POE-AC Инструкция по установке
- Qtech QSW-2910-52T-POE-AC Руководство пользователя
- Qtech QSW-2900-24T-AC Руководство пользователя
- Qtech QSW-2900-24F-AC Руководство пользователя
- Qtech QSW-2900-24T4-AC Руководство пользователя
- Qtech QSW-3410-10T-POE-AC Руководство пользователя
- Qtech QSW-3470-28T-POE-AC Руководство пользователя
- Qtech QSW-3470-28T-AC Руководство пользователя