Home » Linksys Manuals » Hubs & Switches » Linksys SGE2000 » Manual Viewer

Linksys SGE2000 Cisco Small Business SFE/SGE2xxx Series Managed Switches Admin - Page 172

Configuring VLANs

UPC - 745883572120

View all Linksys SGE2000 manuals

Add to My Manuals
Save this manual to your list of manuals

Page 172 highlights

Configuring VLANs 6 Configuring VLANs A VLAN is a logical group that allow devices connected to the VLAN to communicate to each other at the Ethernet MAC layer regardless of the physical LAN segment of the bridged network to which they are attached. A physical bridged network can support a maximum of 4094 VLANs. Each VLAN is configured a unique VID (VLAN ID) of value 1 to 4094. VLAN packets are distinguished with a 4 byte VLAN tag. Packets having the same VID (VLAN ID) in the VLAN tag belong to the same VLAN. A VLAN tag also contains priority information. The VLAN tag of a packet is either inserted by the source of the packet, or inserted by a VLAN bridge based on the PVID (Port VID) of the ingress port. On any given link, there can be at most one VLAN whose traffic is untagged on the link. When a VLAN-aware device receives an untagged packet, the VLAN of the packet is derived from the PVID (Port VID) configured at the ingress port. VLANs function at layer 2. All traffic (unicast/broadcast/multicast) of a VLAN stays within the VLAN. Devices attached to different VLANs cannot have direct connectivity at the Ethernet MAC layer to each other. Devices from different VLANs can have communication with each other only through layer 3 routers. An IP router, for example, is required to route IP traffic between VLANs if each VLAN represents an IP subnet. The IP router can be a traditional router where each of its interfaces connect to only one VLAN. Traffic to and from a traditional IP router must be VLAN untagged. The IP router can be a VLAN-aware router where each of its interfaces can connect to one or more VLANs. Traffic to and from a VLANaware IP router can be VLAN tagged or untagged. Adjacent VLAN aware devices exchange VLAN information to each other using Generic VLAN Registration Protocol (GVRP). As a result, VLAN information are propagated through a bridged network. The VLAN Management section contains the following topics: • Defining VLAN Properties • Defining VLAN Membership • Assigning Ports to Multiple VLANs • Defining VLAN Interface Settings Cisco Small Business SFE/SGE Managed Switches Administration Guide 163

Section	Page
Cisco Small Business	1
ADMINISTRATION GUIDE	1
Contents	3
Getting Started	10
Starting the Application	10
Understanding the Interface	12
Using the Cisco Management Buttons	14
Using Screen and Table Options	14
Adding Device Information	14
Modifying Device Information	15
Deleting Device Information	16
Logging Off of the Device	16
The About Page	16
Managing Device Information	18
Defining System Information	18
Managing Stacking	20
Understanding Switch Operating Modes	20
Stand-alone Mode	21
Stack Mode	21
Configuring a Stack	21
Stack Membership	23
Defining Stacking Unit ID	24
Master-enabled Units and Force Master	24
Stacking Member Unit IDs	24
Factory Default Units	25
Unit ID Validity Rules	25
Automatic Unit ID Assignment	25
Manual Unit ID Assignment	25
Unit ID Conflict Resolution	26
Master Election	28
Master Election Candidate Eligibility	28
Master Election Selection Rules	28
Master Election Backup Unit Selection Rules	29
Recommended Procedures for Building a Stack	29
Adding, Replacing and Removing Stacking Members - Examples	30
Managing Stacks	32
Viewing Device Health	34
Resetting the Device	35
Defining Bonjour	36
Disabling Bonjour	38
TCAM Utilization	39
Configuring System Time	42
Defining System Time	42
Defining SNTP Settings	45
Defining SNTP Authentication	48
Configuring Device Security	50
Passwords Management	50
Modifying the Local User Settings	52
Defining Authentication	53
Defining Profiles	53
Modifying an Authentication Profile	56
Mapping Authentication Profiles	57
Defining TACACS+	59
Modifying TACACS+ Settings	62
Defining RADIUS	64
Modifying RADIUS Server Settings	68
Defining Access Methods	69
Defining Access Profiles	70
Defining Profile Rules	74
Adding Profile Rules	76
Modifying Profile Rules	79
Defining Traffic Control	81
Defining Storm Control	82
Modifying Storm Control	83
Defining Port Security	85
Modifying Port Security	88
Defining 802.1X	89
Defining 802.1X Properties	90
Defining Port Authentication	91
Modifying 8021X Security	94
Defining Authentication	96
Modifying Authentication Settings	98
Defining Authenticated Hosts	100
Defining Access Control	101
Defining MAC Based ACL	101
Adding Rule to MAC Based ACL	105
Modifying MAC Based ACL	107
Defining IP Based ACL	109
Modifying IP Based ACL	115
Defining Rules Associated with IP-ACL	117
Defining IPv6 Based ACLs	121
Modifying IPv6 Based ACL	128
Defining ACL Binding	130
Modifying ACL Binding	131
Defining DoS Prevention	132
DoS Global Settings	132
Defining Martian Addresses	134
Defining DHCP Snooping	136
Defining DHCP Snooping Properties	137
Defining DHCP Snooping on VLANs	138
Defining Trusted Interfaces	139
Trusted Interface Table	140
Binding Addresses to the DHCP Snooping Database	141
Query By	142
Query Results	143
Defining IP Source Guard	144
Configuring IP Source Guard Properties	144
Defining IP Source Guard Interface Settings	145
Querying the IP Source Binding Database	147
TCAM Resources	148
Query By	148
Query Results	149
Defining Dynamic ARP Inspection	150
Defining ARP Inspection Properties	151
Defining ARP Inspection Trusted Interfaces	153
Defining ARP Inspection List	155
Static ARP Table	156
Assigning ARP Inspection VLAN Settings	157
Enabled VLAN Table	158
Configuring Ports	160
Configuring Ports Settings for Layer 2 Enabled Devices	160
Modifying Port Settings	162
Configuring Ports Settings for Layer 3 Enabled Devices	166
Modifying Port Settings	168
Configuring VLANs	172
Defining VLAN Properties	173
Modifying VLANs	175
Defining VLAN Membership	176
Modifying VLAN Membership	178
Assigning Ports to Multiple VLANs	179
Defining GVRP Settings	182
Modifying GVRP Settings	183
Defining VLAN Interface Settings	185
Modifying VLAN Interface Settings	187
Defining Customer VLANs Using QinQ	189
Defining Multicast TV VLAN	190
Defining CPE VLAN Mapping	192
Defining Protocol Groups	193
Modifying Protocol Groups	195
Defining a Protocol Port	196
Configuring IP Information	199
IP Addressing	199
Managing IPv6	199
Defining IPv6 Interface	200
Defining Default Gateway	203
Configuring ISATAP Tunnels	206
Viewing IPv6 Neighbors Information	208
Viewing IPv6 Routes Table	212
Layer 2 IP Addressing	213
Layer 3 IP Addressing	213
Defining IPv4 Interface (Layer 2)	214
Defining IPv4 Interface (Layer 3)	215
Modifying IP Interface Settings	217
Enabling ARP Proxy (Layer 3)	218
Defining UDP Relay (Layer 3)	219
Defining DHCP Relay (Layer 2)	221
Defining DHCP Relay Interfaces	223
Defining DHCP Relay (Layer 3)	225
ARP	227
ARP Table	228
Modifying ARP Settings	229
Defining IP Routing	230
Domain Name System	233
Defining DNS Servers	233
Default Parameters	234
DNS Server Details	234
Mapping DNS Hosts	235
Defining Address Tables	239
Defining Static Addresses	239
Defining Dynamic Addresses	242
Query By	243
Configuring Multicast Forwarding	244
IGMP Snooping	244
Modifying IGMP Snooping	246
Defining Multicast Group	247
Modifying a Multicast Group	249
Configuring IGMP Snooping Mapping	251
Defining Multicast TV Membership	252
Defining Multicast Forwarding	253
Modifying Multicast Forwarding	254
Defining Unregistered Multicast Settings	255
Configuring Spanning Tree	258
Defining Spanning Tree	258
Defining STP Properties	258
Global Settings	259
Defining Spanning Tree Interface Settings	261
Modifying Interface Settings	265
Defining Rapid Spanning Tree	267
Modifying RTSP	270
Defining Multiple Spanning Tree	272
Defining MSTP Properties	272
Defining MSTP Instance to VLAN	274
Defining MSTP Instance Settings	275
Defining MSTP Interface Settings	276
Configuring Quality of Service	282
Defining General Settings	283
Defining CoS	283
Modifying Interface Priorities	285
Defining QoS Queue	285
Mapping CoS to Queue	287
Mapping DSCP to Queue	288
Configuring Bandwidth	289
Configuring VLAN Rate Limit	291
Modifying the VLAN Rate Limit	293
Defining Advanced QoS Mode	294
Configuring DSCP Mapping	295
Defining Class Mapping	297
Defining Aggregate Policer	299
Modifying QoS Aggregate Policer	301
Configuring Policy Table	302
Modifying the QoS Policy Profile	304
Defining Policy Binding	306
Modifying QoS Policy Binding Settings	308
Defining QoS Basic Mode	308
Rewriting DSCP Values	309
Configuring SNMP	311
SNMP v1 and v2	311
SNMP v3	311
Configuring SNMP Security	312
Defining the SNMP Engine ID	312
Defining SNMP Views	314
Defining SNMP Users	316
Modifying SNMP Users	318
Defining SNMP Groups	319
Modifying SNMP Group Profile Settings	322
Defining SNMP Communities	323
Edit SNMP Communities	326
Defining Trap Management	328
Defining Trap Settings	328
Configuring Station Management	329
Modifying SNMP Notifications	334
Defining SNMP Filter Settings	336
Managing System Files	338
Firmware Upgrade	339
Save Configuration	340
Via TFTP	342
Via HTTP	342
Copy Files	342
Active Image	344
Managing Power-over-Ethernet Devices	345
Defining PoE Settings	345
Managing Device Diagnostics	349
Viewing Integrated Cable Tests	349
Performing Optical Tests	353
Configuring Port Mirroring	354
Modifying Port Mirroring	356
Viewing CPU Utilization	357
Managing System Logs	359
Enabling System Logs	359
Viewing the Device Memory Logs	361
Clearing Message Logs	362
Viewing the Flash Logs	362
Clearing Flash Logs	363
Viewing Remote Logs	364
Modifying Syslog Server Settings	367
Viewing Statistics	370
Viewing Ethernet Statistics	370
Defining Ethernet Interface	370
Resetting Interface Statistics Counters	372
Viewing Etherlike Statistics	372
Resetting Etherlike Statistics Counters	374
Viewing GVRP Statistics	374
Resetting GVRP Statistics Counters	376
Viewing EAP Statistics	376
Managing RMON Statistics	378
Viewing RMON Statistics	379
Resetting RMON Statistics Counters	381
Configuring RMON History	381
Defining RMON History Control	381
Modifying RMON History Settings	383
Viewing the RMON History Table	384
Defining RMON Events Control	386
Modifying RMON Event Log Settings	388
Viewing the RMON Events Logs	389
Defining RMON Alarms	390
Modifying RMON Alarm Settings	394
Managing QoS Statistics	396
Viewing Policer Statistics	396
Viewing Aggregated Policer Statistics	398
Resetting Aggregate Policer Statistics Counters	398
Viewing Queues Statistics	398
Resetting Queues Statistics Counters	401
Aggregating Ports	402
Defining LAG Management	403
Modifying LAG Membership	404
Defining LAG Settings	405
Configuring LACP	409

Match case Limit results 1 per page

Configuring VLANs

Cisco Small Business SFE/SGE Managed Switches Administration Guide

163

Configuring VLANs

A VLAN is a logical group that allow devices connected to the VLAN to

communicate to each other at the Ethernet MAC layer regardless of the physical

LAN segment of the bridged network to which they are attached. A physical

bridged network can support a maximum of 4094 VLANs. Each VLAN is

configured a unique VID (VLAN ID) of value 1 to 4094.

VLAN packets are distinguished with a 4 byte VLAN tag. Packets having the same

VID (VLAN ID) in the VLAN tag belong to the same VLAN. A VLAN tag also contains

priority information. The VLAN tag of a packet is either inserted by the source of

the packet, or inserted by a VLAN bridge based on the PVID (Port VID) of the

ingress port. On any given link, there can be at most one VLAN whose traffic is

untagged on the link. When a VLAN-aware device receives an untagged packet,

the VLAN of the packet is derived from the PVID (Port VID) configured at the

ingress port.

VLANs function at layer 2. All traffic (unicast/broadcast/multicast) of a VLAN stays

within the VLAN. Devices attached to different VLANs cannot have direct

connectivity at the Ethernet MAC layer to each other. Devices from different

VLANs can have communication with each other only through layer 3 routers.

An IP router, for example, is required to route IP traffic between VLANs if each

VLAN represents an IP subnet. The IP router can be a traditional router where each

of its interfaces connect to only one VLAN. Traffic to and from a traditional IP router

must be VLAN untagged. The IP router can be a VLAN-aware router where each of

its interfaces can connect to one or more VLANs. Traffic to and from a VLAN-

aware IP router can be VLAN tagged or untagged.

Adjacent VLAN aware devices exchange VLAN information to each other using

Generic VLAN Registration Protocol (GVRP). As a result, VLAN information are

propagated through a bridged network.

The VLAN Management section contains the following topics:

•

Defining VLAN Properties

•

Defining VLAN Membership

•

Assigning Ports to Multiple VLANs

•

Defining VLAN Interface Settings