![Qtech QSW-2800v2 Руководство пользователя онлайн [137/230] 481607](/img/pdf.png)
Qtech QSW-2800v2 Руководство пользователя онлайн [137/230] 481607
![Qtech QSW-2800v2 Руководство пользователя онлайн [137/230] 481607](/views2/1596593/page137/bg89.png)
Chapter7 Security Configuration
6-10
Objective
Step
controllable preview
template
2. Use command of igmp-control preview-profile NAME time-total
time to configure preview template of total time mode;
3. Use command of igmp-control preview-profile NAME time-
sharing count count duration duration-time interval interval-time to
configure preview template of sharing time mode;
4. Done.
Configure
controllable
program package
1. Use command of configure to enter the Global Configuration View;
2. Use command of igmp-control package NAME channel channel-
name { deny | watch } to add channel into the program package with
forbiddance or viewing permission authority;
3. Use command of igmp-control package NAME channel channel-
name preview preview-profile-name to add channel into the program
package with preview mode;
4. Done.
Configure
controllable
multicast user
1. Use command of configure to enter the Global Configuration View;
2. Use command of interface fastethernet interface-number to enter
the Interface Configuration View;
3. Use command of igmp-snooping ctrlmode { enable | disable } to
enable controllable function of interface;
4. Use command of igmp-control auth package packet-name to
create controllable user based on interface and authenticate the binding
program package;
5. Use command of igmp-control no-auth to create super user
based on interface who can view all channels;
6. Use command of igmp-control vlan vlan-Id auth package
package-name to create controllable user based on interface and VLAN
and authenticate the binding program package;
7. Use command of igmp-control vlan vlan-Id no-auth to create
super user based on interface and VLAN who can view all channels in
VLAN;
8. Done.
(Optional)
Configure the
maximum channel
number of
controllable
multicast user
1. Use command of configure to enter the Global Configuration View;
2. Use command of interface fastethernet interface-number to enter
the Interface Configuration View;
3. Use command of igmp-control max-channel channel-number to
configure the maximum viewing channel number of user based on
interface;
4. Use command of igmp-control vlan vlan-Id max-channel
channel-number to configure the maximum viewing channel number of
controllable multicast user;
Содержание
- Layer 2 ethernet switch p.1
- Qsw 2800 p.1
- Ethernet switch telecommunication level hereinafter referred to as the qsw 2800 p.2
- Preface p.2
- Of various functional modules and service operation guidelines based on cli p.2
- Network engineers p.2
- Network administrators p.2
- Method of qsw 2800 and understand its application scenarios more specialized p.2
- Manual instruction p.2
- Management and network management etc the above operation are introduced p.2
- Ip service qos configuration multicasting security reliability device p.2
- Intended audience p.2
- Including the basic configuration the two layers configuration operation of the qsw p.2
- From the simple principle function configuration step and configuration example in p.2
- Three ways the configuration operation helps user to master the configuration p.2
- Customers who are familiar with network fundamentals p.2
- This manual introduces the qsw 2800 series carrier class layer 2 full giga p.2
- Content introduction p.2
- The manual is intended for the following readers p.2
- Professional to use maintenance and management of qsw 2800 p.2
- Symbol convention p.3
- Release update instruction p.3
- Manual convention p.3
- Keyboard operation convention p.3
- Introduce general format symbol convention keyboard mouse operation and safety p.3
- General format p.3
- Mouse operation convention p.4
- Legal disclaimer p.4
- During operation installation or maintenance p.4
- Contents however does not take any legal responsibility of any loss or damage p.4
- Caused by possible pretermission inaccuracy or error in this manual p.4
- Brackets p.4
- This manual utilizes general 3 safety signs to emphasis significances p.4
- Safety signs p.4
- Qtech co commits itself to ensure accuracy fidelity and reliability to the manual p.4
- Table of contents p.5
- Figure p.10
- Summary p.12
- Management interface p.12
- Interface introduction p.12
- Chapter1 p.12
- Basic configuration p.12
- Physical interface p.13
- Login through console port p.13
- Login switch p.13
- Property setting of qsw 2800 switch p.15
- Please set the parameters according to table shown in table 1 1 p.15
- Parameter description when logging qsw 2800 switch through serial p.15
- To confirm p.15
- Serial port setting please perform the settings according to serial port p.15
- Result p.15
- Login through telnet p.16
- Admin and password is 12345 p.16
- Login through ssh p.17
- Select generation method by choosing dsa or rsa from the drop down p.23
- Menu of the dialog and click next for confirmation referring to figure p.23
- Generate ssh private public key 2 p.23
- The generation of private public key will be displayed in the pop up dialog p.25
- Generate ssh private public key 5 p.25
- Click next button if the generation is finished referring to figure p.25
- Category taking the admin user category as the example p.27
- From the pop up dialog input the passphrase that has been defined p.29
- During the creation of public key dialog i e value in step 4 and click p.29
- Button ok referring to figure ssh login parameters input 2 p.29
- Result p.29
- Keygen sshd auth ssh login metho p.29
- Ftp configuration p.30
- Device file upload and download p.30
- This section introduces how to download file through ftp p.32
- Purpose p.32
- Process p.32
- Ftp download file p.32
- Following table p.32
- Appended list p.32
- According to the different purposes execute corresponding step please refer to the p.32
- Following table p.33
- Appended list p.33
- According to the different purposes execute corresponding step please refer to the p.33
- Appended list p.34
- According to the different purposes execute corresponding step please refer to the p.34
- This section introduces how to delete file through ftp p.34
- Purpose p.34
- Process p.34
- Ftp delete file p.34
- Following table p.34
- Username and password configuration through command adduser p.36
- Upload switch application switch z to switch flash root and download configuration p.36
- Upgrade operation to the switch after the upload is finished p.36
- Start ftp client program at pc and establish ftp connection with the switch p.36
- Notice p.36
- Installed by the user p.36
- File config from the switch the ftp client application shall be purchased and p.36
- Fetch switch config file p.36
- Boot up and reboot the switch that the switch is able to implement auto upgrade to its p.37
- Backup and software upgrade p.37
- Able to log into remote qsw 2800 switch via telnet and download switch application p.37
- Topology p.37
- This section introduces the example of switch as ftp client implementing config file p.37
- The user is able to use command upgrade os as auto start application for next switch p.37
- Switch p.37
- Remote pc as ftp server and the switch as ftp client with configuration p.37
- Purpose p.37
- Network requirement p.37
- Ftp with username 123 and password 123 pc ip address is 10 8 the user is p.37
- Ftp client example p.37
- From the ftp server to switch flash so that to implement remote upgrade to the p.37
- Tftp configuration p.38
- Between client and server is available p.39
- Before tftp configuration the network administrator needs to configure ip p.39
- Addresses of tftp client side and server side and make sure that the routing p.39
- Address ipv4 and ipv6 p.39
- According to the different purposes execute corresponding step please refer to the p.39
- This section introduces how to open or close tftp server of the switch p.39
- The qsw 2800 switch supports tftp functionality under two types of network p.39
- Purpose p.39
- Process p.39
- Following table p.39
- Configure tftp server on off p.39
- When the switch needs to upload file to tftp server the switch as client side sends p.40
- Tftp upload file p.40
- Request packet towards tftp server and sends data to the server along with p.40
- Purpose p.40
- Process p.40
- Parameter description p.40
- Notice p.40
- Following table p.40
- Confirmation from it the following commands can be applied for file upload p.40
- According to the different purposes execute corresponding step please refer to the p.40
- When file download is required the client side sends request packet to the tftp p.41
- The command is applied for file downloading to the device p.41
- Tftp download file p.41
- Server and receives data from the server along with configuration towards it in p.41
- Purpose p.41
- Process p.41
- Practical device operation and maintenance it is usually required that the config file or p.41
- Os is downloaded from the host to the device for config modification or os upgrade p.41
- Notice p.41
- Following table p.41
- According to the different purposes execute corresponding step please refer to the p.41
- Parameter description p.42
- Network requirement p.42
- Connecting with switch and pc is belonging to particular vlan pc ip address is p.42
- Backup and software upgrade p.42
- Application program switch z is saved in the pc the switch downloads p.42
- Working category configured inband switch ip address is 1 and the port p.42
- This section introduces the example of switch as tftp client implementing config file p.42
- The switch as tftp client and pc as tftp server the tftp server has been tftp p.42
- Tftp client example p.42
- Switch z from tftp server through the tftp and uploads switch config file to p.42
- Purpose p.42
- Zmodem configuration p.43
- To implement file download through device serial port with operation introduced in this p.45
- Section p.45
- Process p.45
- Following table p.45
- Appended list p.45
- According to the different purposes execute corresponding step please refer to the p.45
- Layer 2 ethernet configuration p.46
- Ethernet interface configuration p.46
- Chapter2 p.46
- Summary p.46
- Procedure p.47
- Open shutdown ethernet interface p.47
- It needs to enter the ethernet interface configuration view first and then configure the p.47
- Following table p.47
- Ethernet interface basic attribute configuration p.47
- Ethernet interface p.47
- Enter the ethernet interface view p.47
- Background p.47
- According to the different purposes execute corresponding step please refer to the p.47
- Following table p.48
- Configure ethernet interface duplex state p.48
- Can be provisioned as full duplex mode if port receiving and sending data packet is p.48
- Before using the command the command negotiation auto must be used to p.48
- Background p.48
- According to the different purposes execute corresponding step please refer to the p.48
- The port is configured as auto negotiation the duplex mode can be automatically p.48
- Required to be separated then it can be provisioned as half duplex mode similarly if p.48
- Procedure p.48
- Precondition p.48
- Negotiated by both the local port and peer port p.48
- Mode that it can be configured as port duplex mode otherwise there will be prompt p.48
- Implement that only when the fast ethernet port is working under non auto negotiation p.48
- If it is required that the port is able to receive data packet while sending then the port p.48
- From the device as info please configure negotiation auto disable first p.48
- Following table p.49
- Congestion happens to local switch on the other side the peer switch will stop p.49
- Configure ethernet interface rate p.49
- Configure ethernet interface flow control p.49
- Background p.49
- And determined by both the local port and peer port p.49
- According to the different purposes execute corresponding step please refer to the p.49
- When local and peer switches both start function of flow control the local switch p.49
- To enable or disable local ethernet port flow control once disabled the port will no p.49
- The mechanism is able to avoid message loss the following command can be used p.49
- The following command can be used to set the ethernet port rate when the port to be p.49
- Sends message to peer switch to inform peer switch to stop sending message if p.49
- Rate provisioned is working under auto negotiation mode its rate is auto negotiated p.49
- Procedure p.49
- Message sending to local switch once it receives the inform message and vice versa p.49
- Longer send flow control frame to peer p.49
- The command p.50
- Purpose p.50
- Procedure p.50
- In order to prevent port congestion caused by flush of broadcast multicast message p.50
- Following table p.50
- Configure ethernet interface broadcast multicast message suppression function p.50
- According to the different purposes execute corresponding step please refer to the p.50
- User is allowed to restrain broadcast multicast message by configuring bandwidth via p.50
- The switch provides storm suppression function to broadcast multicast message the p.50
- There are particular situations that port rate is required to be controlled so that to p.51
- Provides such ability the particular input output bandwidth control granularity may be p.51
- Provide different bandwidth for different users the function of rate suppression p.51
- Procedure p.51
- Following table p.51
- Different due to different interface type p.51
- Configure ethernet interface rate suppression function p.51
- Background p.51
- According to the different purposes execute corresponding step please refer to the p.51
- Configure ethernet interface mtu p.52
- Command to configure the frame size p.52
- By configuring the priority of different interfaces it assures that the most important p.52
- Background p.52
- According to the different purposes execute corresponding step please refer to the p.52
- When exchanging data in high throughput such as file transmission it may encounter p.52
- The mtu of ethernet interface only influences the ip packaging on ethernet interface p.52
- The long frame more than the standard ethernet frame length use the following p.52
- Service cannot be influenced by delay or discard and guarantees the network efficient p.52
- Running at the same time p.52
- Procedure p.52
- Or packet disassembly the mtu of using ethernet _ii form is 1500 the mtu of using p.52
- Following table p.52
- Ethernet _snap form is 1492 p.52
- Configure ethernet interface priority p.52
- Procedure p.53
- Interface when there is a large amount of information to be cleared p.53
- Following table p.53
- Configure cable type adaptation p.53
- Clear current ethernet interface statistics information p.53
- According to the different purposes execute corresponding step please refer to the p.53
- When the connection cable type of interface needs to match with the real used cable p.53
- Use this section operation to clear the statistics information of current ethernet p.53
- Type it needs to configure the connected cable adaption method interface does not p.53
- Support cross cable type default p.53
- Purpose p.53
- Use the following command to configure interface description character string to p.54
- Purpose p.54
- Procedure p.54
- Following table p.54
- Ethernet interface senior attribution configuration p.54
- Distinguish each port p.54
- Descript ethernet interface p.54
- Configure interface loopback detection p.54
- According to the different purposes execute corresponding step please refer to the p.54
- And configure the interval of timing monitoring outside loopback situation so as to p.55
- According to the different purposes execute corresponding step please refer to the p.55
- Use the following configuration task to enable interface loopback monitoring function p.55
- Timing monitor each interface whether to be outer loop if finding one interface to be p.55
- Procedure p.55
- Loop switch will make this interface be in controllable working state p.55
- Following table p.55
- Display ethernet interface state p.55
- Manually in the mac address table is learned by switch the method of switch learning p.56
- Mac table configuration p.56
- Mac address table includes the mac address of device connected with switch and the p.56
- Mac address is as the following if one port supposed to be porta receives a data frame p.56
- Interface number of switch connected with the device the dynamic item not configured p.56
- In order to quickly forward message switch needs to maintain mac address table the p.56
- Following table p.56
- After configuring the attributes of the current interface this section operation can be p.56
- Address table switch will update the corresponding table if mac source has not been p.56
- Used to configure attributes of other interfaces p.56
- According to the different purposes execute corresponding step please refer to the p.56
- Switch will analyze the source mac address of this data frame supposed to be mac p.56
- Switch to different ethernet interface configuration view p.56
- Source can be forwarded by porta if mac source has been existed in the mac p.56
- Source and consider that the message with the destination mac address of mac p.56
- Purpose p.56
- Procedure p.56
- Configure mac address table p.57
- Influence the running performance of switch if user configures the aging time too long p.58
- Hole list will not be aged and lost p.58
- Following table p.58
- Configure system mac address aging time p.58
- Broadcast many data messages which cannot find destination mac address and it will p.58
- Background p.58
- According to the different purposes execute corresponding step please refer to the p.58
- According to the changes in the network if user configures the aging time too short p.58
- The longer or shorter aging time configured by user may result in that switch will p.58
- The appropriate aging time can realize the mac address aging function effectively p.58
- Table resources and cause that the switch cannot update mac address table p.58
- Switch may save many old mac address items and this will exhaust mac address p.58
- Switch may delete effective mac address item p.58
- Procedure p.58
- Once the system is reset dynamic list will be lost but the stored static list and black p.58
- Notice p.58
- During the working time of device p.59
- Display layer 2 mac address table p.59
- Can check add and delete arp mapping item in arp table by related manually p.59
- By arp mapping table aging time and at the same time also cannot dynamically p.59
- Arp mapping table can dynamically be maintained or manually maintained usually p.59
- Arp configuration p.59
- Update this mapping relationship static arp mapping table continues to be effective p.59
- Add delete static arp mapping item manually p.59
- This section introduces how to quickly locate the relevant information of the specified p.59
- According to the different purposes execute corresponding step please refer to the p.59
- This section introduces how to add delete static arp mapping table manually p.59
- Static arp mapping table can only be configured manually and will not be influenced p.59
- Purpose p.59
- Procedure p.59
- Map the ip address manually configured to mac address it is called static arp user p.59
- Maintained commands p.59
- Mac table item for user to query for specific information conveniently p.59
- Following table p.59
- Following table p.60
- Execute this command to cancel the mapping relationship of ip address and mac p.60
- Clear dynamic arp table p.60
- Check arp information p.60
- Address and may result in that user cannot access some nodes so user needs to use p.60
- According to the different purposes execute corresponding step please refer to the p.60
- This section introduces how to clear dynamic arp mapping table p.60
- This section helps user to delete device all dynamic arp mapping table items p.60
- This command carefully p.60
- Purpose p.60
- Procedure p.60
- Manually when necessary p.60
- The dynamic arp table is not updated in time p.61
- The aging time of arp mapping item can reduce the address parse error problem that p.61
- Purpose p.61
- Procedure p.61
- Following table p.61
- Each corresponding record keeps a period of time in cache and then gives up p.61
- Debug arp p.61
- Corresponding relationship between network address and local hardware address p.61
- Configure dynamic arp mapping item aging time p.61
- According to the different purposes execute corresponding step please refer to the p.61
- To check arp mapping table in lan and detect fault of lan arp established p.61
- This section introduces how to debug arp p.61
- This section introduces how to configure the aging time of dynamic arp mapping p.61
- This section introduces how to check arp related information this section helps user p.61
- Link aggregation is to aggregate multiple ports into one single aggregation trunk p.62
- Link aggregation configuration p.62
- Interface aggregation introduction p.62
- Group to implement egress load sharing of each member ports as well as provide high p.62
- Group shall have a same port type i e if one of the ports is electric optical port all the p.62
- Following table p.62
- Dynamic aggregation and static lacp aggregation pots in a same aggregation trunk p.62
- Connecting reliability link aggregation can be divided into manual aggregation p.62
- Configure aggregation group p.62
- Background p.62
- Aggregation only p.62
- According to the different purposes execute corresponding step please refer to the p.62
- The qsw 2800 is currently supporting manual aggregation and static lacp p.62
- Purpose p.62
- Others must be the same p.62
- Procedure p.63
- Operations in this section can be used to provision trunk group with its basic p.63
- Functions as well as add member ports for enhancement of bandwidth and reliability p.63
- Following table p.63
- According to the different purposes execute corresponding step please refer to the p.63
- System priority p.64
- Port priority p.64
- Appendix list p.64
- Purpose p.65
- Procedure p.65
- Maintenance and debug p.65
- Following table p.65
- According to the different purposes execute corresponding step please refer to the p.65
- When lacp function is abnormal it needs to check and debug p.65
- The transmission no break p.66
- The links is failed the backup link can be used to replace the fault link and keep p.66
- The link between two devices has the ability of redundant backup when part of p.66
- Network requirement p.66
- Example p.66
- Configure link aggregation group on two directly connected switches to increase the p.66
- Bandwidth and reliability between the two devices and the detailed requirements are p.66
- As the following p.66
- Appendix list p.66
- Note the configuration of two peers is the same and this only display p.67
- Network topology p.67
- Configuration step p.67
- Configuration of one peer p.67
- Active link has the ability of load sharing p.67
- Divide lan local area network into multiple subclasses in logic and each subclass p.68
- Vlan meaning p.68
- Vlan introduction p.68
- Vlan function p.68
- Vlan configuration p.68
- Segments logically but not physically to realize the isolated broadcast domains in a p.68
- Lan technologically p.68
- Isolate broadcast domain and reduce broadcast storm and enhance the security p.68
- In the large scale of network it can restrict the network fault in vlan and p.68
- Has its own broadcast domain that is vlan virtual local area network p.68
- Generally speaking vlan divides the devices in the lan into multiple network p.68
- Enhance the network robust p.68
- Following table p.69
- Create vlan p.69
- Configure vlan based on interface p.69
- Appendix list p.69
- According to the different purposes execute corresponding step please refer to the p.69
- Vlan function configuration p.69
- This section introduces how to create vlan and it is the basic precondition for other p.69
- Purpose p.69
- Procedure p.69
- This section introduces how to configure vlan based on interface p.70
- Procedure p.70
- Following table p.70
- According to the different purposes execute corresponding step please refer to the p.70
- This section introduces how to configure divided vlan based on mac address p.71
- Purpose p.71
- Procedure p.71
- Following table p.71
- Configure vlan based on mac address p.71
- Appendix list p.71
- According to the different purposes execute corresponding step please refer to the p.71
- According to the different purposes execute corresponding step please refer to the p.72
- This section introduces how to configure vlan divided based on ip sub network p.72
- Purpose p.72
- Procedure p.72
- Following table p.72
- Configure vlan based on ip sub network p.72
- Appendix list p.72
- This section introduces how to configure vlan divided based on protocol p.73
- Purpose p.73
- Procedure p.73
- Following table p.73
- Configure vlan based on protocol p.73
- Appendix list p.73
- According to the different purposes execute corresponding step please refer to the p.73
- Appendix list p.74
- Configure vlan other parameters p.75
- According to the different purposes execute corresponding step please refer to the p.75
- User can choose to use this section operation to configure other vlan related p.75
- Purpose p.75
- Procedure p.75
- Parameters according to real situation p.75
- Following table p.75
- When vlan function is abnormal it needs to check and debug p.77
- Purpose p.77
- Procedure p.77
- Maintenance and debug p.77
- Following table p.77
- Appendix list p.77
- According to the different purposes execute corresponding step please refer to the p.77
- Departments cannot communicate with each other p.79
- Appendix list p.79
- And switchb to connect it requires that the staff of development department can p.79
- Access server1 and the staff of market department can access server2 and the two p.79
- The development department and market department of enterprise user use switcha p.79
- Network requirement p.79
- Example p.79
- Vlan translation configuration p.82
- Bind vlan translation item with interface p.82
- This section introduces how to configure or delete vlan translation item p.83
- Purpose p.83
- Procedure p.83
- Following table p.83
- Configure or delete vlan translation item p.83
- Appendix list p.83
- According to the different purposes execute corresponding step please refer to the p.83
- Appendix list p.89
- Following table p.90
- Check vlan translation item related information p.90
- According to the different purposes execute corresponding step please refer to the p.90
- Translation item including vlan translation item index information ingress binding of p.90
- This section introduces how to configure the related information of vlan translation p.90
- This operation helps user to check the device interface whether to bind vlan p.90
- The same time p.90
- Purpose p.90
- Procedure p.90
- Interface or egress binding of interface or ingress and egress binding of interface at p.90
- Vlan101 p.91
- To be tagged vlan100 of carrier operator and the internet online business data with p.91
- Tagged vlan11 through the gateway internet online business data of user2 is tagged p.91
- Network requirement p.91
- Internet online business data with vlan12 of user2 is transmitted to be tagged p.91
- In the access network family user connects with switcha through family gateway and p.91
- Example p.91
- After passing the swticha the voice service data with vlan10 of user1 is transmitted p.91
- Access to the carrier network at last p.91
- Voice service data of user1 is tagged vlan10 and internet online business data is p.91
- Vlan12 through the gateway p.91
- Vlan11 of user1 is transmitted to be tagged vlan101 of carrier operator the p.91
- Summary p.95
- Ip service configuration p.95
- Dhcp introduction p.95
- Dhcp configuration p.95
- Chapter3 p.95
- Dhcp server p.99
- Dhcp relay p.100
- Configure dhcp server p.103
- Procedure p.104
- Following table p.104
- According to the different purposes execute corresponding step please refer to the p.104
- Configure dhcp server supported option p.105
- Appendix list p.105
- Precondition p.105
- Dchp server has been configured already p.105
- Procedure p.106
- Following table p.106
- Appendix list p.106
- According to the different purposes execute corresponding step please refer to the p.106
- Procedure p.107
- Precondition p.107
- Following table p.107
- Dchp server has been configured already p.107
- Configure dhcp server security function p.107
- Appendix list p.107
- According to the different purposes execute corresponding step please refer to the p.107
- Configure dhcp relay to realize ip address assigned to user of dhcp server p.108
- Configure dhcp relay p.108
- According to the different purposes execute corresponding step please refer to the p.108
- Purpose p.108
- Procedure p.108
- Following table p.108
- Crossing network p.108
- Appendix list p.109
- When dhcp function is abnormal it can use this section operation to check and p.110
- Purpose p.110
- Procedure p.110
- Maintenance and debug p.110
- Following table p.110
- According to the different purposes execute corresponding step please refer to the p.110
- The detailed requirements are as follows p.113
- Network requirement p.113
- Example p.113
- Dhcp server assigns ip address dynamically for clients of different network segment p.113
- Appendix list p.113
- The network segments of user are 10 24 and 10 24 p.113
- Summary p.116
- Static routing introduction p.116
- Static routing configuration p.116
- Configure static routing p.116
- Chapter4 routing configuration p.116
- The operation in this section is for situation when static route works abnormal and p.118
- Requires function check debug and defection orientation p.118
- Purpose p.118
- Process p.118
- Maintenance and debug p.118
- Following table p.118
- Appended list p.118
- According to the different purposes execute corresponding step please refer to the p.118
- Appended list p.119
- Chapter5 p.120
- Summary p.120
- Queue scheduling and congestion control introduction p.120
- Queue scheduling and congestion control configuration p.120
- Qos configuration p.120
- Process p.123
- Prerequisite p.123
- Interface queue priority for data to pass p.123
- Guarantee that the long message can be scheduled but at the next time of round p.123
- Following table p.123
- Filter rule of acl please refer to command of 7 to configure acl action to specify p.123
- Configure queue scheduling and congestion control p.123
- Capability of queue scheduling drr scheduling allows negative weight to p.123
- Can be dealt fairly p.123
- Wrr is a scheduling in accordance with the message number drr is a p.123
- Before configuring queue scheduling and congestion control it needs to configure p.123
- Will deal with message according to the configured scheduling policy so as to p.123
- Balance delay and delay jitter of all kinds of packets in this way message of key p.123
- Using the operation in this section when there is congestion in the network qsw p.123
- According to different destination please execute corresponding steps refer to the p.123
- Service can be processed with high priority and non key service with same priority p.123
- Scheduling in accordance with message length if message length exceeds the p.123
- Robin this queue will not be scheduled until its weight is positive p.123
- Purpose p.123
- Attached list p.124
- Maintenance and debug p.125
- Interface 1 0 1 of host2 require to use sp algorithm p.125
- Following table p.125
- Flow is from interface 1 0 1 1 0 2 1 0 3 of host1 to host2 there is congestion on p.125
- Example p.125
- Configure sp scheduling p.125
- Attached list p.125
- According to different destination please execute corresponding steps refer to the p.125
- When queue scheduling and congestion of qos function is abnormal user can use p.125
- This operation to check or debug p.125
- Purpose p.125
- Process p.125
- Network requirements p.125
- Network diagram p.125
- Summary p.128
- Igmp snooping configuration p.128
- Igmp configuration p.128
- Chapter6 p.128
- Configure static layer 2 multicast p.130
- Appendix list p.131
- Procedure p.132
- Following table p.132
- Configure multicast vlan copy p.132
- According to the different purposes execute corresponding step please refer to the p.132
- Transmit the multicast data message to realize the multicast of layer 2 p.133
- Procedure p.133
- Maintain the igmp message forwarding table so it can manage and control to p.133
- Listening the igmp snooping message sent between upper router and host to p.133
- Igmp snooping based on vlan runs on the switch between router and user host by p.133
- Following table p.133
- Configure igmp snooping p.133
- Background p.133
- Appendix list p.133
- According to the different purposes execute corresponding step please refer to the p.133
- Appendix list p.135
- Number and guarantee the service quality of most users p.136
- It is usually used in the multicast of layer 2 scenarios to control iptv program p.136
- Following table p.136
- Configure controllable multicast p.136
- According to the different purposes execute corresponding step please refer to the p.136
- Purpose p.136
- Procedure p.136
- When igmp snooping is abnormal and it needs to check debug or locate problem p.138
- User can use operation of this section p.138
- Purpose p.138
- Procedure p.138
- Maintenance and debug p.138
- Following table p.138
- According to the different purposes execute corresponding step please refer to the p.138
- Example p.141
- Summary p.155
- Security configuration p.155
- Chapter7 p.155
- Acl introduction p.155
- Acl configuration p.155
- Protocol type rate limitation template time range template and etc to classify the p.156
- According to different destination please execute corresponding steps refer to the p.156
- Process p.156
- One acl is composed of some rules and actions p.156
- Mixed acl mainly based on source mac destination mac source ip p.156
- Layer3 acl6 mainly based on source ipv6 destination ipv6 source port number p.156
- Layer3 acl mainly based on source ip destination ip source port number p.156
- Layer2 acl mainly based on source mac destination mac vlan priority p.156
- Following table p.156
- Flow flag rate limitation template time range template and etc to classify the p.156
- Destination port number protocol type priority fragment lifetime rate limitation p.156
- Destination port number protocol type hop limitation the next head traffic class p.156
- Destination ip source port number destination port number protocol type priority p.156
- Configure layer2 acl p.156
- Before configuring layer2 acl rules first need to create one layer2 acl and specify p.156
- Vlan rate limitation template time range template and etc to classify the data p.156
- Background information p.156
- Template time range template and etc to classify the data p.156
- Acl type number to be from 1 to 1000 p.156
- Process p.159
- One acl is composed of some rules and actions p.159
- Configure layer3 acl p.159
- Before configuring layer3 acl rules first need to create one layer3 acl and specify p.159
- Background information p.159
- Attached list p.159
- Acl type number to be from 1001 to 2000 p.159
- Following table p.160
- According to different destination please execute corresponding steps refer to the p.160
- Attached list p.163
- Before configuring mixed acl rules first need to create one mixed acl and specify p.164
- Background information p.164
- Acl type number to be from 2001 to 3000 p.164
- According to different destination please execute corresponding steps refer to the p.164
- Process p.164
- One acl is composed of some rules and actions p.164
- Following table p.164
- Configure mixed acl p.164
- Specify acl type number to be from 3001 to 4000 p.166
- Process p.166
- One acl is composed of some rules and actions p.166
- Following table p.166
- Configure layer3 acl6 p.166
- Before configuring layer3 acl6 rules first need to create one layer3 acl6 and p.166
- Background information p.166
- Attached list p.166
- According to different destination please execute corresponding steps refer to the p.166
- Attached list p.169
- Configure acl optional function p.170
- Attached list p.172
- When acl function is abnormal user can use this operation to check or debug p.173
- Purpose p.173
- Process p.173
- Maintenance and debug p.173
- Following table p.173
- According to different destination please execute corresponding steps refer to the p.173
- Attached list p.175
- Example p.176
- Summary p.183
- Reliability configuration p.183
- Mstp configuration p.183
- Chapter8 p.183
- Rstp introduction p.184
- Mstp introduction p.186
- The mstp role of all bridges is computed according to the carrying information in p.187
- Assumptions p.187
- The message the most important information carried in the message is the p.187
- A cist priority vector calculation p.187
- The information carried in the message which is received by pb port of p.187
- Root inner root path cost designated bridge id designated port id and the id of p.187
- Priority vector of the spanning tree we will introduce the cist priority vector and p.187
- Priority vector calculation p.187
- Port receiving bpdu message p.187
- Pb port of the bridge b is as follow the total root is rb the outer root path p.187
- Msti priority vector calculation method as follow p.187
- Is pb the id of port receiving bpdu message is pb p.187
- In the initial condition the information carried in the message sent out by the p.187
- In order to facilitate the subsequent description we make the following p.187
- In cist priority vector is composed of the total root outer root path cost domain p.187
- Designated bridge id is b the designated port is b the designated port id p.187
- Cost is ercb the domain root is rrb the inner root path cost is ircb the p.187
- Bridge b from the pd port of bridge d is as follow the total root is rd the p.187
- Will send out the message priority vector which makes it to be the root bridge p.190
- Vector in initial state p.190
- The port priority vector of all ports of device keep the same as the message priority p.190
- The message priority vector carried in the message sent out by the device in initial p.190
- The cist instance calculation process will be introduced briefly as follow with the p.190
- Switcha and switchb belong to the same domain and switchc belongs to p.190
- State of the figure 8 1 is shown in the table 8 2 p.190
- Role selection process p.190
- In initial state the port of every device will be calculated to be the designated port and p.190
- Figure 8 1 supposing that the bridge priority of switcha is better than switch b p.190
- Another domain alone p.190
- And the switchb is better than switchc the link path costs are 4 5 and 10 p.190
- A switch a role selection process p.190
- Background information p.193
- As long as the same configuration the two switches belong to the same domain p.193
- According to different destination please execute corresponding steps refer to the p.193
- This section introduces how to configure switch to join mst domain p.193
- Purpose p.193
- Process p.193
- Physical attribute of interface and interface vlan characteristic p.193
- Msti and vlan mapping relationship p.193
- Mst domain revision level p.193
- Mst domain name p.193
- Following table p.193
- Configure device to join designated mst domain p.193
- Before configuring switch to join designated mst domain it needs to configure p.193
- Attached list p.194
- Configure interface to join in vlan p.195
- Configure interface physical attribute p.195
- Before modifying mstp parameters please first finish the following tasks p.195
- Background information p.195
- According to different destination please execute corresponding steps refer to the p.195
- The best result p.195
- Purpose p.195
- Process p.195
- Introduce how to modify mstp parameters in this section p.195
- In some specific network environment user can modify mstp parameters to achieve p.195
- Following table p.195
- Configure switch to join in designated mst domain p.195
- Configure mstp parameter p.195
- Default to configure p.196
- Attached list p.197
- Configured the as edge interface to realize interface fast switching under normal p.198
- Configure mstp protection function p.198
- Circumstances the edge interface will not receive bpdu message of stp but if p.198
- Bpdu protection p.198
- Background information p.198
- Anyone forges configuration message and attacks switch maliciously when the p.198
- This will results in network topology concussion bpdu protection function can p.198
- Terminal such as pc or file server at this time the access interface can be p.198
- Prevent this network attack p.198
- Interfaces to be non edge interface automatically and will calculate stp again p.198
- For the access layer device the access interface usually connects with user p.198
- Edge interface receives the configuration message system will configure these p.198
- Specified by threshold for other bpdu messages of tc type beyond the p.200
- Purpose p.200
- Protect the switch p.200
- Process p.200
- Mstp processes bpdu message of tc type can be configured per unit time if p.200
- It can avoid frequent deletion of mac table item and arp table item so as to p.200
- Following table p.200
- Deletion operation will cause great burden to the device and bring great hidden p.200
- After enabling tc bpdu message attack function the number of times which p.200
- According to different destination please execute corresponding steps refer to the p.200
- When need to configure mstp protection user can use this section operation p.200
- Trouble to the network stability p.200
- Threshold after the timer expires mstp process only deals with once in this way p.200
- The number of bpdu messages of tc type received by mstp process exceeds p.200
- The configured threshold the mstp process only deals with the designated times p.200
- When mstp function is abnormal user can use this operation to check or debug p.201
- Purpose p.201
- Process p.201
- Maintenance and debug p.201
- Following table p.201
- Attached list p.201
- According to different destination please execute corresponding steps refer to the p.201
- Network requirements p.203
- Example p.203
- Basic function as following p.203
- Attached list p.203
- Switchc and switchd switcha and switchb are the qsw 2800 series switch p.203
- Switchc and switchd are other series switch produced by qtech configure mstp p.203
- Now there are four switches to support mstp protocol they are switcha switchb p.203
- Rlink introduction p.208
- Rlink configuration p.208
- Configure resilient link group function p.209
- Using the operation in this section to configure resilient link group and its basic p.210
- Purpose p.210
- Process p.210
- Network environment p.210
- Function to realize redundancy link backup and fast switching under double uplinks p.210
- Following table p.210
- According to different destination please execute corresponding steps refer to the p.210
- Background information p.211
- Attached list p.211
- According to different destination please execute corresponding steps refer to the p.211
- To use the operation in this section to configure monitor link group and its basic p.211
- Purpose p.211
- Process p.211
- Function to realize interface linkage function p.211
- Following table p.211
- Configure monitor link group function p.211
- When there is fault in the main link of rlink group it will switch to standby link after p.212
- User can use the following two methods p.212
- Use manual main standby switching of rlink group to enforce link switching p.212
- The original main link fault recovers in order to keep flow stability the main link p.212
- The main link p.212
- Keeps blocked state and do not preempt if needing to recover it to be the main link p.212
- Enable rlink returning function after returning timer terminating it will switch to p.212
- Configure rlink other related parameter p.212
- Background information p.212
- Attached list p.212
- Use the operation in this section to configure other related parameters of rlink user p.213
- Purpose p.213
- Process p.213
- Group should be configured p.213
- Following table p.213
- Can choose which step to use according to your need but first rlink group or mlink p.213
- According to different destination please execute corresponding steps refer to the p.213
- When rlink function is abnormal user can use this operation to check or debug p.214
- Purpose p.214
- Process p.214
- Maintenance and debug p.214
- Following table p.214
- Attached list p.214
- According to different destination please execute corresponding steps refer to the p.214
- Attached list p.216
- Configuration steps p.217
- Switch configure p.217
- Switch config rlink1 type single p.217
- Switch config rlink group 1 p.217
- Slave interfaces are on the same switch they are fe1 1 and fe1 2 p.217
- Optional default to be single mode p.217
- Network requirements p.217
- Network diagram p.217
- In single point uplink network environment configure rlink function the master and p.217
- Example p.217
- Create rlink group1 p.217
- Configure single point uplink p.217
- Configure protection vlan rlink group based on vlan p.217
- Poe function configuration p.224
- Poe configuration p.224
- Enable or disable poe power supply function p.224
- Chapter9 p.224
- Summary p.224
- When the device cannot supply electricity normally using non standard pd in half p.225
- Standard force high and half auto p.225
- Qsw 2800 pe pe supports four power supply modes they are auto force p.225
- Progress p.225
- If using one of the two modes user must enable the enhanced detection power supply p.225
- Generally it is recommended that user uses the default mode of half auto p.225
- Function p.225
- Following table p.225
- Configure power supply mode p.225
- Background information p.225
- Auto mode it is recommended that user uses the force standard or force high mode p.225
- According to the different purposes execute corresponding step please refer to the p.225
- Configure poe power supply parameter p.226
- View is used to protect the switch to avoid the influence of the unstable power supply p.226
- To detect the non standard pd pse can detect the non standard pd and supply p.226
- Background information p.226
- The pd device according with the 802 af protocol is the standard pd device usually p.226
- According to the interface number the interface number is greater the priority is p.226
- The command of configuring the threshold power of pse in the global configuration p.226
- Pse can only detect the standard pd and supply electricity for it after enabling pse p.226
- Progress p.226
- Power supply and power supply alarm function p.226
- Poe power supply port supports three priorities the port priority ensures that the p.226
- Is greater than the total power supplied by the pse when the pse power is p.226
- Insufficient if the priority of different ports is the same it will order the priority p.226
- Higher and the port with greater interface number will be powered first p.226
- Electricity for it p.226
- Currently qsw 2800 pe pe only supports power supply in signal line mode timing p.226
- Critical equipment can be first powered when the power consumption of pd equipment p.226
- Convenient for user to manage the downstream pd device p.226
- Configure the pd device description connected with the interface on the device it is p.226
- Following table p.227
- According to the different purposes execute corresponding step please refer to the p.227
- This operation is mainly used to check the configured poe function and its parameters p.228
- Right or wrong p.228
- Purpose p.228
- Progress p.228
- Following table p.228
- Check poe configuration information p.228
- According to the different purposes execute corresponding step please refer to the p.228
- Appendix a p.229
Похожие устройства
-
Qtech QSW-9000-01Руководство по управлению -
Qtech QSW-9000-01Руководство по настройке -
Qtech QSW-9000-01Руководство по настройке управления -
Qtech QSW-9000-01Руководство по командам -
Qtech QSW-9000-01Методика тестирования gpon -
Qtech QSW-9000-01Инструкция по настройке -
Qtech QSW-2100-AC-ACОтладка и диагностика -
Qtech QSW-2100-AC-ACОсновная конфигурация -
Qtech QSW-2100-AC-ACКонфигурация функций безопасности -
Qtech QSW-2100-AC-ACКонфигурация портов v1 -
Qtech QSW-2100-AC-ACКонфигурация vlan -
Qtech QSW-2100-AC-ACКонфигурация sntp и ntp