Download Print this page

NETGEAR S3300 User Manual

NETGEAR S3300 User Manual

Smart managed pro

Hide thumbs Also See for S3300:

Hardware installation manual (36 pages)

Table Of Contents

Table of Contents

Advertisement

Quick Links

S3300 Smart Managed Pro Switch

User Manual

F i r m w a r e V e r s i o n 6 . 6 . 4

September 2017

202-11377-03

350 East Plumeria Drive

San Jose, CA 95134

USA

Table of Contents

Advertisement

Table of Contents

Troubleshooting

Need help?

Need help?

Do you have a question about the S3300 and is the answer not in the manual?

Questions and answers

Summary of Contents for NETGEAR S3300

Page 1: User Manual
S3300 Smart Managed Pro Switch User Manual F i r m w a r e V e r s i o n 6 . 6 . 4 September 2017 202-11377-03 350 East Plumeria Drive San Jose, CA 95134...
Page 2: Revision History
Thank you for purchasing this NETGEAR product. You can visit www.netgear.com/support to register your product, get help, access the latest downloads and user manuals, and join our community. We recommend that you use only official NETGEAR support resources. Conformity For the current EU Declaration of Conformity, visit http://kb.netgear.com/app/answers/detail/a_id/11621.
Page 3: Table Of Contents
Chapter 1 Getting Started Getting Started with the NETGEAR Switch ......11 Switch Management Interface .
Page 4 S3300 Smart Managed Pro Switch Advanced Stack-Port Diagnostics ........86 Multiple Stack Links .
Page 5 S3300 Smart Managed Pro Switch Configure OUI-Based Auto-VoIP ........155 Display Auto-VoIP Status .
Page 6 S3300 Smart Managed Pro Switch VLAN Routing Configuration........215 Configure Router Discovery .
Page 7 S3300 Smart Managed Pro Switch Storm Control ........... 266 Port Security Configuration .
Page 8 VLAN Routing Interface Configuration Example ......354 Smart M4300/S3300 Firmware Upgrade Procedure ....356 Bringing Up M4300 and S3300 to Form Mixed Stacking .
Page 9: Chapter 1 Getting Started
The capabilities of the switches will match the S3300 capabilities. S3300 models can stack, up to six switches high. On S3300 models, any of the four 10G ports can be configured as stacking ports. Two M4300 24-port 10G switches offer mixed stacking, respecting the same rules for consistency: •...
Page 10 S3300 Smart Managed Pro Switch standard M4300 firmware image. For the procedure to upgrade the M4300/S3300 firmware, see Smart M4300/S3300 Firmware Upgrade Procedure on page 356. The information in this document applies to all switch models unless otherwise noted. Note: For information about issues and workarounds, see the release notes for the NETGEAR switch.
Page 11: Getting Started With The Netgear Switch
S3300 Smart Managed Pro Switch Getting Started with the NETGEAR Switch This chapter provides an overview of starting your NETGEAR switch and accessing the user interface. It also leads you through the steps to use the Smart Control Center (SCC) application, which can be downloaded to your computer.
Page 12: Switch Management Interface
You can configure all switch features, such as VLANs, QoS, and ACLs by using the web-based management interface. NETGEAR provides the Smart Control Center utility with this product. This program runs on a Windows-based computer and provides a front end that discovers the switches on your network segment (L2 broadcast domain).
Page 13: Connect The Switch To The Network
S3300 Smart Managed Pro Switch Connect the Switch to the Network To enable remote management of the switch through a web browser or SNMP, you must connect the switch to the network and configure it with network information (an IP address, subnet mask, and default gateway).
Page 14: Discover A Switch In A Network With A Dhcp Server
S3300 Smart Managed Pro Switch Discover a Switch in a Network with a DHCP Server This section describes how to set up your switch in a network that has a DHCP server. The DHCP client on the switch is enabled by default. When you connect it to your network, the DHCP server will automatically assign an IP address to your switch.
Page 15 S3300 Smart Managed Pro Switch Figure 2. Smart Control Center - Device List Select your switch by clicking the line that displays the switch, then click the Web Browser Access button. The Smart Control Center launches a browser that displays the login screen of the selected device.
Page 16: Discover A Switch In A Network Without A Dhcp Server
Install the Smart Control Center on your computer. Start the Smart Control Center. Click the Discover button for the Smart Control Center to find your S3300 switch. The utility broadcasts Layer 2 discovery packets within the broadcast domain to discover the switch.
Page 17: Configure The Network Settings On The Administrative System
S3300 Smart Managed Pro Switch Figure 3. Smart Control Center - Configure Device Type your password to continue with the configuration change. Tip: You must enter the current password every time you use the Smart Control Center to update the switch setting. The default password is password.
Page 18 S3300 Smart Managed Pro Switch The method to change the IP address on an administrative system varies depending on the operating system version. You need Windows Administrator privileges to change these settings. The following procedures show how to change the static IP address on a computer running a Microsoft Windows 7.
Page 19 S3300 Smart Managed Pro Switch Figure 5. Local Area Connection Properties Window Select the Internet Protocol Version 4 (TCP/IPv4) option, and then click the Properties button. The Internet Protocol Version 4 (TCP/IPv4) Properties window appears. Select the Use the following IP address option and set the IP address of the administrative system to an address in the 192.168.0.0 network, such as 192.168.0.200.
Page 20 S3300 Smart Managed Pro Switch WARNING: When you change the IP address of your administrative system, you lose your connection to the rest of the network. Be sure to write down your current network address settings before you change them.
Page 21: Access The Management Interface From A Web Browser
S3300 Smart Managed Pro Switch Access the Management Interface from a Web Browser To access the switch management interface, use one of the following methods: • From the Smart Control Center, select the switch and click the Web Browser Access button.
Page 22 S3300 Smart Managed Pro Switch • Microsoft Edge • Mozilla Firefox versions 40, 46.0.1 • Chrome version 45 • Safari on Windows OS 5.1, 6.0 • Safari on Mac OS 8.0  To log on to the web interface: Open a web browser and enter the IP address of the switch in the web browser address field.
Page 23 S3300 Smart Managed Pro Switch Navigation Tabs, Configuration Menus, and Screen Menu The navigation tabs along the top of the web interface give you quick access to the various switch functions. The tabs are always available and remain constant, regardless of which feature you configure.
Page 24: Device View
 The Device View is available by selecting System Device View. The following image shows the Device View of the S3300-28X. Figure 9. S3300-28X The following image shows the Device View of the S3300-28X-PoE+. Figure 10. S3300-28X-PoE+ The following image shows the Device View of the S3300-52X.
Page 25 S3300 Smart Managed Pro Switch Figure 12. S3300-52X-PoE+ In the S3300, the four uplink ports can work in either Stacking mode or in Ethernet mode. • By default those ports are in Stacking mode, and their color is gray. •...
Page 26 S3300 Smart Managed Pro Switch Figure 13. Device View S3300-52X Port Menu If you click the graphic but do not click a specific port, the main menu appears, as Figure 14, Device View Main Menu shows. This menu contains the same option as the navigation menu at the top of the screen.
Page 27 Stack Manager or Standalone (meaning that it is not connected in a Stack). PoE Max LED The PoE Max LED is for the S3300-28X-PoE+ and S3300-52X-PoE+ devices. • Off indicates the system has more than 7 watts (W) of PoE power available for another PD device.
Page 28 S3300 Smart Managed Pro Switch Table 2. Disallowed characters in user-defined fields Character Definition Backslash Forward slash Asterisk Question mark < Less than > Greater than Pipe Getting Started...
Page 29: Use Snmpv3
S3300 Smart Managed Pro Switch Use SNMPv3 The switch software supports the configuration of SNMP groups and users that can manage traps that the SNMP agent generates. The switch uses both standard public MIBs for standard functionality and private MIBs that support additional switch functionality.
Page 30: Interface Naming Convention
The dedicated 10GBaseT and SFP+ ports can be configured as Ethernet ports or as stacking links. Up to six S3300 switches can be stacked together to form a larger device which can be managed at a single IP address. This switch supports management via IPv4 and IPv6, supports 32 Static Routes, and provides Green Ethernet (EEE) capability.
Page 31 S3300 Smart Managed Pro Switch Table 3. Interface naming conventions Interface Description Example Link aggregation group (LAG) LAG interfaces are logical interfaces that are only used for l1, l2, l3 bridging functions. CPU management interface This is the internal switch interface responsible for the switch base MAC address.
Page 32: Configuring Interface Settings
S3300 Smart Managed Pro Switch Configuring Interface Settings For some features that allow you to configure interface settings, you can apply the same settings simultaneously to any of the following: • A single port • Multiple ports • All ports •...
Page 33 S3300 Smart Managed Pro Switch Configure the desired settings. Click the Apply button. The settings you configure in the heading row are applied to the selected interface.  To configure a single LAG by using the Go To Interface field: Click the LAGS link or the All link to display the LAGs.
Page 34 S3300 Smart Managed Pro Switch Figure 18. Select Multiple Ports Configure the desired settings. Click the Apply button. The settings you configure in the heading row are applied to all selected interfaces.  To configure multiple LAGs: Click the LAGS link or the All link to display the LAGs.
Page 35 S3300 Smart Managed Pro Switch Figure 19. Select All Ports Configure the desired settings. Click the Apply button. The settings you configure in the heading row are applied to all ports.  To configure all LAGs: Click the LAGS link to display only the LAG interfaces.
Page 36: Online Help
The Support screen displays. Click the Apply button to access the NETGEAR support site for the switch. User Guide The S3300 Smart Managed Pro Switch User Guide (the guide you are now reading) is available at the NETGEAR download center at downloadcenter.netgear.com. ...
Page 37: Registration
The first time that you connect to the switch while it is connected to the Internet, you have the option to register your product. At any time, you can register your product from the web management interface, or you can visit the NETGEAR website for registration at https://my.netgear.com/registration/login.aspx.
Page 38 Configure System Information Use the features you access from the System navigation tab to define the switch’s relationship to its environment. The System navigation tab provides access to the configuration menus described in the following sections: • Management on page 39 •...
Page 39: Management
S3300 Smart Managed Pro Switch Management This section describes how to display the switch status and specify some basic switch information, such as the management interface IP address, system clock settings, and DNS information. From the Management configuration menu, you can access screens described in the following sections: •...
Page 40: Temperature Sensors
S3300 Smart Managed Pro Switch Define the following fields: • System Name. Enter the name you want to use to identify this switch. You can use up to 255 alphanumeric characters. The factory default is blank. • System Location. Enter the location of this switch. You can use up to 255 alphanumeric characters.
Page 41 S3300 Smart Managed Pro Switch Figure 21. System Information - Temperature Sensors Status The following table describes the status information displayed in the Temperature Sensors section of the System Information screen. Table 5. System Information - Temperature Sensors Status Fields...
Page 42: Power Supplies
S3300 Smart Managed Pro Switch Table 6. System Information - Fans Status Fields (continued) Field Description Duty Level The duty level of the fan. State Specifies whether the fan is running or stopped. Power Supplies This screen shows the power supplies status.
Page 43: System Cpu Status
S3300 Smart Managed Pro Switch The following table describes the information displayed in the Versions section of the System Information screen. Table 8. System Information - Versions Information Fields Field Description Unit No. The unit number of the switch. Model Name The model name of the switch.
Page 44 S3300 Smart Managed Pro Switch Figure 25. System CPU Status - Unit CPU Utilization Table 9 describes the information that the System CPU Status screen displays. Table 9. System CPU Status > CPU Memory Status Field Description CPU Memory Status Total System Memory The total memory of the switch in KBytes.
Page 45: Usb Device Information
S3300 Smart Managed Pro Switch Figure 26. CPU Threshold The CPU Threshold screen allows you to configure thresholds that, when crossed, trigger a notification. The notification is done via SNMP trap and SYSLOG messages. Define the CPU Threshold fields listed in Table Table 10.
Page 46 Click Update to update the information on the page to the latest data on the switch. Note: The system only detects and manages the USB device installed in the master unit. The limitations for the USB Device supported on the S3300 are as follows: • The USB disk should comply for USB 2.0. •...
Page 47: Slot Information
S3300 Smart Managed Pro Switch Table 11. USB Device Information (continued) Field Description Bytes Used Displays the size of memory used on the USB flash device. Bytes Free Displays the size of memory free on the USB flash device. USB Directory Details File Name Displays the name of the file stored in the USB flash drive.
Page 48: Ip Configuration
S3300 Smart Managed Pro Switch Table 12. Slot Information (continued) Field Description Card Index Displays the index assigned to the selected card type. Card Type Displays the hardware type of this supported card. This is a 32-bit data field. Card Descriptor Displays a data field used to identify the supported card.
Page 49 S3300 Smart Managed Pro Switch • Static IP Address. Specifies that the IP address, subnet mask, and default gateway must be manually configured. Enter this information in the fields below this radio button. If you selected the Static IP Address option, configure the following network information: •...
Page 50: Ipv6 Network Configuration
S3300 Smart Managed Pro Switch IPv6 Network Configuration Use the IPv6 Network Configuration screen to configure the IPv6 network interface, which is the logical interface used for in-band connectivity with the switch through all of the switch’s front-panel ports. The configuration parameters associated with the switch’s network interface do not affect the configuration of the front panel ports through which traffic is switched or routed.
Page 51 S3300 Smart Managed Pro Switch features to acquire an IPv6 address. Auto configuration can be enabled only when DHCPv6 is not enabled on any of the management interfaces. • DHCPv6. Next to Current Network Configuration Protocol, select DHCPv6 to enable the DHCPv6 client on the interface.
Page 52: Ipv6 Network Neighbor
S3300 Smart Managed Pro Switch IPv6 Network Neighbor Use the IPv6 Network Neighbor screen to view information about the IPv6 neighbors the device has discovered through the network interface by using the Neighbor Discovery Protocol (NDP).  To display the IPv6 Network Neighbor screen: Select System >...
Page 53: Time
S3300 Smart Managed Pro Switch Time The switch supports the Simple Network Time Protocol (SNTP). You can also set the system time manually. SNTP assures accurate network device clock time synchronization up to the millisecond. Time synchronization is performed by a network SNTP server. The switch software operates only as an SNTP client and cannot provide time services to other systems.
Page 54 S3300 Smart Managed Pro Switch In the Date field, enter the date in the DD/MM/YYYY format. In the Time field, enter the time in HH:MM:SS format. Note: If you do not enter a date and time, the switch will calculate the date and time using the CPU’s clock cycle.
Page 55 S3300 Smart Managed Pro Switch If the SNTP client mode is Unicast, use the SNTP Server Configuration screen to add the IP address or DNS name of one or more SNTP servers for the switch to poll. For more information, see SNTP Server Configuration on page 57.
Page 56 S3300 Smart Managed Pro Switch Figure 33. Time > SNTP Global Status The following table describes the SNTP Global Status fields. Table 14. Time Configuration status fields Field Description Version Specifies the SNTP version the client supports. Supported Mode Specifies the SNTP modes the client supports. Multiple modes can be supported by a client.
Page 57: Sntp Server Configuration
S3300 Smart Managed Pro Switch Table 14. Time Configuration status fields (continued) Field Description Last Attempt Status Specifies the status of the last SNTP request or unsolicited message for both unicast and broadcast modes. If no message has been received from a server, a status of Other is displayed.
Page 58 S3300 Smart Managed Pro Switch Figure 34. SNTP Server Configuration From the Server Type list, select the type of SNTP address to enter in the Address field, which is either an IP address (IPv4) or hostname (DNS). In the Address field, specify the IP address or the host name of the SNTP server.
Page 59 S3300 Smart Managed Pro Switch Table 15. SNTP Server Status Fields (continued) Field Description Last Attempt Status Specifies the status of the last SNTP request or unsolicited message for both unicast and broadcast modes. If no message has been received from a server, a status of Other is displayed.
Page 60 S3300 Smart Managed Pro Switch Figure 35. Daylight Saving Configuration Next to Daylight Saving, select one of the following options: • Disable. Use this option to disable Daylight Saving Time (DST). • Recurring. Use this option to configure Recurring Daylight Saving. Summer time occurs at the same time every year.
Page 61: Denial Of Service
S3300 Smart Managed Pro Switch Day. Use this field to configure the end day. Month. Use this field to configure the end month. Hours. Use this field to configure the end hours. Minutes. Use this field to configure the end minutes.
Page 62 S3300 Smart Managed Pro Switch Configure Auto-DoS The Auto-DoS Configuration screen lets you automatically enable all the DoS features available on the switch, except for the L4 Port attack. For information about the types of DoS attacks the switch can monitor and block, see Configure Denial of Service on page 62.
Page 63 S3300 Smart Managed Pro Switch Figure 37. Denial of Service Configuration Select the types of DoS attacks for the switch to monitor and block and configure any associated values: • Denial of Service Min TCP Header Size. Specify the minimum TCP header size allowed.
Page 64: Dns
S3300 Smart Managed Pro Switch • Denial of Service Max ICMPv6 Packet Size. Specify the maximum IPv6 ICMP packet size allowed. If ICMPv6 DoS prevention is enabled, the switch will drop IPv6 ICMP ping packets that have a size greater than this configured maximum ICMPv6 packet size.
Page 65 When the system is performing a lookup on an unqualified hostname, this field is provided as the domain name (for example, if default domain name is netgear.com and the user enters test, then test is changed to test.netgear.com to resolve the name).
Page 66 S3300 Smart Managed Pro Switch The Dynamic Host Configuration table shows host name-to-IP address entries that the switch has learned. The following table describes the dynamic host fields: Table 16. Dynamically learned host name mapping information Field Description Host Lists the host name you assign to the specified IP address.
Page 67: Green Ethernet
S3300 Smart Managed Pro Switch  To change the host name or IP address in an entry: Select the check box next to the entry to update. Enter the new information in the appropriate field. Click the Apply button. Green Ethernet Use this screen to configure Green Ethernet features.
Page 68 S3300 Smart Managed Pro Switch Figure 41. Green Ethernet Interface Configuration Select one or more ports to configure. • To configure a single port, select the check box associated with it, or type the port number in the Go To Interface field and click the Go button.
Page 69 S3300 Smart Managed Pro Switch Figure 42. Green Ethernet Detail From the Interface list, select the interface to configure the Green Ethernet mode settings. Enable or disable the Energy Detect Admin Mode on the port. When energy detect mode enabled, and a port link is down, the PHY automatically goes down for a short period of time, and then wakes up to check link pulses.
Page 70 S3300 Smart Managed Pro Switch EEE Transmit Idle Time. Enter the time for which the condition to move to LPI state is satisfied, at the end of which MAC TX transitions to LPI state. The range is 600 to 4294967295. The default value is 600.
Page 71 S3300 Smart Managed Pro Switch Table 17. Green Ethernet Local Device Information (continued) Field Description Tw_sys_tx Echo (uSec) An integer that indicates the remote system's transmit Tw_sys that was used by the local system to compute the Tw_sys that it wants to request from the remote system.
Page 72 S3300 Smart Managed Pro Switch  To display Green Ethernet mode settings for a Remote Device Figure 43. Remote Device Information From the Interface list, select the interface. Table 18, Green Ethernet Local Device Information displays the following non-configurable information about the Green Ethernet status and statistics on the local device.
Page 73 S3300 Smart Managed Pro Switch Figure 44. Green Ethernet Summary Table 19, Green Ethernet statistics summary describes the information the Green Ethernet Statistics Summary table displays. Table 19. Green Ethernet statistics summary Field Description Current Power Consumption The estimated power consumption (in mWatts) by all the ports on the switch.
Page 74 S3300 Smart Managed Pro Switch Table 20, Green Ethernet feature summary describes the information in the Green Ethernet feature summary table. Table 20. Green Ethernet feature summary Field Description Unit The unit ID number, which is always 1. Green Features supported on this The Green Ethernet features the switch supports.
Page 75 S3300 Smart Managed Pro Switch Figure 45. Green Ethernet LPI History In the Sampling Interval field, specify the frequency, in seconds, at which EEE LPI history. In the Max Samples to keep field, specify the maximum number of LPI samples to keep in the history buffer.
Page 76: License
S3300 Smart Managed Pro Switch Device View For Device View information, see Device View on page 24. License Some switch features require a special license in order to be active. If a license is not active, the feature associated with the license is not available and cannot be configured.
Page 77: Switch Stack Configuration
S3300 Smart Managed Pro Switch Switch Stack Configuration Stacking Overview A stackable switch is a switch that is a fully functional operating standalone, but can also be set-up to operate together with up to six switches, with this group of switches showing the characteristics of a single switch while having the port capacity of the sum of the combined switches.
Page 78: Stack Features
Stack number information and automatic stacking set-up options Factory Defaults Reset Behavior The configurations applied on S3300 would be automatically saved to the flash. The stack manager automatically distributes the configuration to the stack members. If the stack manager becomes unavailable, a stack member can become the new stack manager and apply the configuration that was saved on the original stack manager.
Page 79: Smart M4300/S3300 Stacking Notes And Restrictions
12.0.0.x/12.0.2.x older than 12.0.2.17, the M4300 should be loaded with a new 12.0.2.x image (12.0.2.17 or newer) first. c. Once an S3300 unit is running with a 6.6.4 image, it can be brought back to the M4300 family by directly downloading and activating a 12.0.0.x/12.0.2.x image into...
Page 80: Basic Stack Configuration
S3300 Smart Managed Pro Switch b. All stacking functionalities of the S3300 extend to these two M4300 platforms. However, Non-Stop Forwarding (NSF) is not supported. c. Either S3300 or M4300 can be stack master or standby. d. CLI under the console port is not supported.
Page 81: Stack Configuration
S3300 Smart Managed Pro Switch Stack Sample Mode  To configure the stack sampling parameters: Select the Stack Sample Mode. The global status management mode which can be: • Cumulative. This tracks the sum of received time stamp offsets cumulatively.
Page 82 S3300 Smart Managed Pro Switch highest priority value will be chosen to become primary unit. If the value is set to 0, then that switch unit never participates in Manager Election. Select the Management Status. Indicates whether the selected switch is the management unit, or a normal stacking member, or on standby.
Page 83: Advanced Stack Configuration
S3300 Smart Managed Pro Switch Status Table 25. Basic Stack Table 26. Field Description Unit ID The Unit ID of the specific switch. Switch Description The description for the unit that can be configured by the user. Serial Number The unique box serial number for this switch.
Page 84 S3300 Smart Managed Pro Switch Figure 47. Advanced Stack Status The following table describes the non-configurable Advanced Stack Status data that is displayed. Click Refresh to update the page with the latest information on the switch. Table 27. Advanced Stack Status...
Page 85: Advanced Stack-Port Configuration
S3300 Smart Managed Pro Switch Advanced Stack-Port Configuration  To configure a Stack-port: Click System > Stacking > Advanced > Stack-port Configuration. Figure 48. Stack-Port Configuration Select either the Unit ID or All. • Select the Unit ID field to display information for the selected unit.
Page 86: Advanced Stack-Port Diagnostics
S3300 Smart Managed Pro Switch Table 28. Stack-port Configuration (continued) Field Description Link Speed (Gbps) Displays the maximum speed of the stack port. Transmit Data Rate (Mbps) Displays the approximate transmit rate on the stack port. Transmit Error Rate (Error/s) Displays the number of errors in transmit packets per second.
Page 87: Stack Firmware Synchronization
S3300 Smart Managed Pro Switch The following table describes the non-configurable Stack-port Diagnostics data that is displayed. Table 29. Stack-port Diagnostics Field Description Unit ID The Unit ID of the specific switch. Port Displays the stack port on the given unit.
Page 88: Multiple Stack Links
Click Update to update the page with the latest information on the switch. Multiple Stack Links The S3300 platforms contain two dedicated (non-combo) 10GBaseT copper links (ports) and 2 dedicated SFP+ fiber links. Any of these links can be configured for normal Ethernet operation or stacking operation.
Page 89 In a multi-unit stack of S3300-52X and/or S3300-52X-PoE+, the following apply: • One or both copper links between two adjacent S3300 units can be connected to form a Stack. • One or both fiber links between two adjacent S3300 units can be connected to form a stack.
Page 90: Poe
S3300 Smart Managed Pro Switch Use this screen to configure a few system-level PoE parameters per unit. In other words, the parameters are specific to the whole unit, not specific to any port(s). Select System > PoE > Basic > PoE Configuration.
Page 91: Advanced Poe Configuration
S3300 Smart Managed Pro Switch Table 31. PoE Configuration Non-configurable Data (continued) Field Description Power Source The power source currently being used to deliver power - Main AC or RPS. Threshold Power The system can power up one more port if consumed power is less than Threshold Power.
Page 92 S3300 Smart Managed Pro Switch supply power. When ports have the same priority, the lower numbered port will have a higher priority. Possible priority values are: • Low. Low priority. • Medium. Medium priority. • High. High priority. • Critical. Critical priority.
Page 93 S3300 Smart Managed Pro Switch • 4pt 802.3af + legacy. 4-Point Resistive Detection in 802.3af mode, followed by Legacy Detection, is done. • Legacy. Only Legacy Detection is done. The factory default is IEEE 802. Assign a Timer Schedule to the port. Select None to remove the timer schedule assignment.
Page 94 S3300 Smart Managed Pro Switch Table 32. PoE Port Configuration Non-Configurable Data (continued) Field Description Status Operational status of the port PD detection. Possible values are: • Disabled. Indicates that no power is being delivered. • Delivering Power. Indicates that power is being drawn by the device.
Page 95: Snmp
S3300 Smart Managed Pro Switch SNMP This section describes how to configure the Simple Network Management Protocol (SNMP) version 1 and SNMP version 2 information on the switch. For information about configuring the SNMPv3 administrative profile, see Use SNMPv3 on page 29.
Page 96: Trap Configuration
S3300 Smart Managed Pro Switch If you select Enable, the community name must be unique among all valid community names or the set request will be rejected. If you select Disable, the community name will become invalid. Click the Add button.
Page 97 S3300 Smart Managed Pro Switch Click the Apply button.  To delete an SNMP trap recipient: Select the check box next to the recipient to remove. Click the Delete button. Trap Flags Use the Trap Flags screen to enable or disable traps the switch can send to an SNMP manager.
Page 98: Lldp
S3300 Smart Managed Pro Switch SNMP Supported MIBS This screen displays a list of all MIBs supported by the switch. To view the supported MIBs, select System > SNMP > SNMP V1/V2 > Supported MIBs. The following table describes the fields on the screen.
Page 99: Lldp Configuration
S3300 Smart Managed Pro Switch • Inventory management, enabling network administrators to track their network devices and determine their characteristics (manufacturer, software and hardware versions, serial or asset number). LLDP Configuration Use the LLDP Configuration screen to specify the global LLDP and LLDP-MED parameters that are applied to the switch.
Page 100: Lldp Port Settings
S3300 Smart Managed Pro Switch LLDP Port Settings Use the LLDP Port Settings screen to specify per-interface LLDP settings.  To configure LLDP port settings: Select System > LLDP > Advanced > LLDP Port Settings. Figure 57. LLDP Port Settings Select one or more ports to configure.
Page 101: Lldp-Med Network Policy
S3300 Smart Managed Pro Switch information includes the system name, system description, system capabilities, and port description. For information about how to configure the system name, see Management on page 39. For information about how to configure the port description, Ports on page 136.
Page 102: Lldp-Med Port Settings
S3300 Smart Managed Pro Switch Table 34. LLDP-MED network policy information Field Description Network Policy Number The policy number. Application The media application type associated with the policy, which can be one of the following: • Unknown • Voice •...
Page 103: Lldp-Med Neighbors Information
S3300 Smart Managed Pro Switch Figure 59. LLDP-MED Port Settings From the Port list, select the port to configure. Use the lists to enable or disable the following LLDP-MED settings for the selected port: • LLDP-MED Status. The administrative status of LLDP-MED on the interface. When LLDP-MED is enabled, the transmit and receive function of LLDP is effectively enabled on the interface.
Page 104 S3300 Smart Managed Pro Switch Figure 60. LLDP-MED Neighbors Information In the LLDP-MED Interface Selection section of the window, the Interface field lists all the ports on which LLDP-MED is enabled. Select the interface from the Interface list to display information about that interface.
Page 105 S3300 Smart Managed Pro Switch Table 35. LLDP-MED Neighbors Information Field Description LLDP-MED Interface Selection Remote ID Specifies the remote client identifier assigned to the remote system. Capability Information This table specifies the supported and enabled capabilities received in MED TLV on this port.
Page 106: Local Information
S3300 Smart Managed Pro Switch Table 35. LLDP-MED Neighbors Information (continued) Field Description Extended PoE This table specifies if the remote device is a PoE device. Device Type Specifies the remote device’s PoE device type connected to this port. Extended PoE PSE This table specifies if the extended PSE TLV is received in an LLDP frame on this port.
Page 107 S3300 Smart Managed Pro Switch Figure 61. LLDP Local Device Information The following table describes the LLDP device information and port summary information. Table 36. LLDP local device information Field Description Chassis ID Subtype The type of information used to identify the switch in the Chassis ID field.
Page 108 S3300 Smart Managed Pro Switch Figure 62. LLDP-MED Local Port Information The following table describes the detailed local information that displays for the selected port. Table 37. Detailed LLDP local port information Field Description Managed Address Address SubType The type of address the management interface uses, such as an IPv4 address.
Page 109 S3300 Smart Managed Pro Switch Table 37. Detailed LLDP local port information (continued) Field Description Current Capabilities The TLVs advertised by the port. Device Class Network Connectivity indicates the device is a network connectivity device. Network Policies Application Type The media application type associated with the policy.
Page 110: Neighbors Information
S3300 Smart Managed Pro Switch Neighbors Information Use the LLDP Neighbors Information screen to view the data that a specified interface has received from other LLDP-enabled systems. To view LLDP information received from a neighbor device, select System > Advanced >...
Page 111 S3300 Smart Managed Pro Switch To view additional information about the remote device, click the link in the MSAP Entry field. A pop-up window displays information for the selected port. The following table describes the information transmitted by the neighbor.
Page 112 S3300 Smart Managed Pro Switch Table 39. LLDP neighbor details (continued) Field Description MED Details Capabilities Supported The supported capabilities that were received in MED TLV from the device. Current Capabilities The advertised capabilities that were received in MED TLV from the device.
Page 113: Services
S3300 Smart Managed Pro Switch Table 39. LLDP neighbor details (continued) Field Description Type The unknown TLV type field. Value The unknown TLV value field. Services This section describes how to configure the DHCP L2 Relay, DHCP snooping, DHCPv6 snooping, and Dynamic ARP Inspection (DAI) features on the switch. DHCP snooping and DAI are layer 2 security features that examine traffic to help prevent accidental and malicious attacks on the switch or network.
Page 114 S3300 Smart Managed Pro Switch Click the Cancel button to cancel the configuration on the screen, and reset the data displayed on the screen to the latest value of the switch. DHCP L2 Relay VLAN Configuration Use this screen to configure the DHCP L2 Relay VLAN.
Page 115: Dhcp L2 Relay Interface Configuration
S3300 Smart Managed Pro Switch DHCP L2 Relay Interface Configuration Use this screen to view and configure the DHCP L2 Relay Interface. Figure 65. DHCP L2 Relay Interface Configuration  To configure DHCP L2 Relay Interface settings: Select System> Services > DHCP L2 Relay > DHCP L2 Relay Interface Configuration.
Page 116: Dhcp Snooping
S3300 Smart Managed Pro Switch Figure 66. DHCP L2 Relay Interface Statistics Table 40 describes the non-configurable data that is displayed. Table 40. DHCP L2 Relay Interface Statistics Field Description Interface The interface from which the DHCP message is received.
Page 117: Global Configuration
S3300 Smart Managed Pro Switch trusted interface is an interface that is configured to receive only messages from within the network. DHCP snooping acts like a firewall between untrusted hosts and DHCP servers. It also provides way to differentiate between untrusted interfaces connected to the end user and trusted interfaces connected to the DHCP server or another switch.
Page 118: Interface Configuration
S3300 Smart Managed Pro Switch Interface Configuration Use the DHCP Snooping Interface Configuration screen to view and configure each port as a trusted or untrusted port. Any DHCP responses received on a trusted port are forwarded. If a port is configured as untrusted, any DHCP (or BootP) responses received on that port are discarded.
Page 119 S3300 Smart Managed Pro Switch If the incoming rate of DHCP packets exceeds the value of this object for consecutively burst interval seconds, the port will be shut down. If this value is N/A, then the burst interval has no meaning, and rate limiting is disabled.
Page 120 S3300 Smart Managed Pro Switch The DHCP Snooping Dynamic Binding Configuration table shows information about the DHCP bindings that have been learned on each interface on which DHCP snooping is enabled. Table 41 describes the dynamic bindings information. Table 41. DHCP Snooping Dynamic Binding Information...
Page 121: Dhcp Snooping Statistics
S3300 Smart Managed Pro Switch In the Write Delay field, specify the amount of time to wait between writing bindings information to persistent storage. The delay allows the device to collect as many entries as possible (new and removed) before writing them to the persistent file.
Page 122: Dhcpv6 Snooping
S3300 Smart Managed Pro Switch DHCPv6 Snooping DHCPv6 snooping is a useful feature that provides security by filtering untrusted DHCP messages and by building and maintaining a DHCP snooping binding table. An untrusted message is a message that is received from outside the network or firewall and that can cause traffic attacks within your network.
Page 123 S3300 Smart Managed Pro Switch Select one or more ports or LAGs to configure. For information about how to select and configure one or more ports and LAGs, see Configuring Interface Settings on page 32. From the Trust Mode list, select the desired trust mode. The factory default is Disabled.
Page 124 S3300 Smart Managed Pro Switch In the MAC Address field, specify the MAC address for the binding to be added. This is the key to the binding database. From the VLAN ID list, select the VLAN for the binding rule. The VLAN ID range is 1 to 4093.
Page 125: Dhcpv6 Snooping Statistics
S3300 Smart Managed Pro Switch a. Specify the Remote IP Address of the TFTP server on which the snooping database is stored when Remote is selected. b. Specify the Remote File Name of the DHCPv6 snooping bindings database in which the bindings are stored when Remote is selected.
Page 126: Dynamic Arp Inspection
S3300 Smart Managed Pro Switch Dynamic ARP Inspection Dynamic ARP Inspection (DAI) is a security feature that rejects invalid and malicious ARP packets. DAI prevents a class of man-in-the-middle attacks where an unfriendly station intercepts traffic for other stations by poisoning the ARP caches of its unsuspecting neighbors.
Page 127 S3300 Smart Managed Pro Switch a. Select System> Services > Dynamic ARP Inspection > DAI Interface Configuration. b. Click the LAGS link to view all LAG interfaces. c. Next to l1, select the check box. d. From the Trust Mode list, select Enable.
Page 128 S3300 Smart Managed Pro Switch d. Click the Apply button. Configure a DAI ACL DAI relies on the information in the DHCP snooping bindings database to validate ARP packets. For networks that use static IP addresses and do not use DHCP, DAI access control lists (ACLs) can be used to statically map an IP address to a MAC address on a VLAN.
Page 129 S3300 Smart Managed Pro Switch Click the Add button. Repeat Step 6 through Step 8 to add the second rule. You can add up to 20 static IP address-MAC address mappings to a DAI ACL. Figure 76. DAI Rule Table Select System>...
Page 130 S3300 Smart Managed Pro Switch since the target MAC address is unspecified in ARP requests. You can also enable IP address checking. When this option is enabled, DAI drops ARP packets with an invalid IP address. The following IP addresses are considered invalid: •...
Page 131 S3300 Smart Managed Pro Switch Figure 79. Dynamic ARP Inspection Statistics Click Clear to clear all DAI statistics. Click Refresh to refresh the data on the page with the latest information on the switch. Table 45, Dynamic ARP Inspection (DAI) statistics describes the Dynamic ARP Inspection (DAI) statistics.
Page 132: Timer Schedule
S3300 Smart Managed Pro Switch Timer Schedule The NETGEAR Smart Switch provides timer schedules for use with PoE/PoE+. To use Timer Schedules with PoE/PoE+, you first define a timer schedule on the System > Timer Schedule screen. Then you associate the timer schedule to a PoE/PoE+ port (or ports) on the System >...
Page 133: Configure Timer Schedule
S3300 Smart Managed Pro Switch The following table describes the non-configurable fields on the Timer Schedule Global Configuration page. Table 46. Timer Schedule Information Field Description Time Schedule Specifies if the current status of the timer schedule is active or inactive.
Page 134 S3300 Smart Managed Pro Switch Enter the Time End. This is the time of day in hh:mm format when the schedule operation is stopped. This field is required. Enter the Date Start. This is the schedule start date. This field is required.
Page 135 Configuring Switching Use the features you access from the Switching tab to define Layer 2 features. The Switching tab contains links to the features described in the following sections. • Ports on page 136 • Link Aggregation Groups on page 139 •...
Page 136: Ports
S3300 Smart Managed Pro Switch Ports The screens you access from the Ports menu allow you to view and monitor the physical port information for the ports available on the switch. The Ports menu contains links described in the following sections.
Page 137 S3300 Smart Managed Pro Switch and 1000 Mbps) will be advertised. Otherwise, your selection will determine the port’s duplex mode and transmission rate. The factory default is Auto. 10 — 10 Mbits/sec. 100 — 100 Mbits/sec. 10G — 10 Gbits/sec.
Page 138 S3300 Smart Managed Pro Switch elapses, or the utilization returns to a specified low threshold, the switch enables the port to again transmit frames. The factory default is Disabled. When flow control is disabled, the switch does not generate PAUSE frames. The switch also does not throttle packet transmission on receiving PAUSE frames from a partner.
Page 139: Link Aggregation Groups
S3300 Smart Managed Pro Switch Link Aggregation Groups Link aggregation groups (LAGs), which are also known as port channels, allow you to combine multiple full-duplex Ethernet links into a single logical link. Network devices treat the aggregation as if it were a single link, which increases fault tolerance and provides load sharing.
Page 140 S3300 Smart Managed Pro Switch • LAG Name. Specify the name you want assigned to the LAG. You can enter any string of up to 15 alphanumeric characters. A valid name has to be specified in order to create the LAG •...
Page 141 S3300 Smart Managed Pro Switch across the units. In such a scenario, when this feature is enabled, any known unicast traffic sent to the LAG uses only the LAG interface on the local unit. This ensures that the known unicast traffic, destined to the LAG, does not cross the external stack link when the LAG has a member or members on the local unit.
Page 142: Lag Membership
S3300 Smart Managed Pro Switch LAG Membership Use the LAG Membership screen to select two or more full-duplex Ethernet links to be aggregated together to form a link aggregation group (LAG), which is also known as a port channel. The switch can treat the port channel as if it were a single link.
Page 143: Lacp Configuration
S3300 Smart Managed Pro Switch LACP Configuration The LACP configuration screen is used to set the LACP system priority.  To configure LACP: Select Switching> LAG > Advanced > LACP Configuration. In the LACP System Priority field, specify the device’s link aggregation priority relative to the devices at the other ends of the links on which link aggregation is enabled.
Page 144: Vlans
S3300 Smart Managed Pro Switch VLANs Adding virtual LAN (VLAN) support to a Layer 2 switch offers some of the benefits of both bridging and routing. Like a bridge, a VLAN switch forwards traffic based on the Layer 2 header, which is fast, and like a router, it partitions the network into logical segments, which provides better administration, security, and management of multicast traffic.
Page 145: Basic Vlan Configuration
S3300 Smart Managed Pro Switch Basic VLAN Configuration Use the VLAN Configuration screen to define VLAN groups stored in the VLAN membership table. The switch supports up to 256 VLANs. The default VLAN (1), voice VLAN (2) and auto-video VLAN (3) are created by default, and all ports are untagged members.
Page 146: Vlan Membership Configuration
S3300 Smart Managed Pro Switch VLAN Membership Configuration Use this screen to configure VLAN port membership for a particular VLAN. You can select the Group operation through this screen.  To configure VLAN membership for individual ports and LAGs: Select Switching> VLAN > Advanced > VLAN Membership.
Page 147: Vlan Status
S3300 Smart Managed Pro Switch  To configure the same VLAN membership settings for all ports and LAGs: Select Switching> VLAN > Advanced > VLAN Membership. In the VLAN ID list, select the VLAN to which you want to add ports.
Page 148: Port Vlan Id Configuration
S3300 Smart Managed Pro Switch Port VLAN ID Configuration The Port PVID Configuration screen lets you assign a port VLAN ID (PVID) to an interface. There are certain requirements for a PVID: • All ports must have a defined PVID.
Page 149: Mac-Based Vlan
S3300 Smart Managed Pro Switch MAC-Based VLAN The MAC Based VLAN feature uses the source MAC address of incoming untagged packets to classify the traffic and to assign the packets to the appropriate VLAN. A MAC to VLAN mapping is defined by configuring an entry in the MAC to VLAN table. An entry is specified by a source MAC address and the desired VLAN ID.
Page 150: Protocol-Based Vlan Group Configuration
S3300 Smart Managed Pro Switch Protocol-Based VLAN Group Configuration Protocol-based VLAN can be used to define filtering criteria for untagged packets. By default, if you do not configure any port (IEEE 802.1Q) or protocol-based VLANs, untagged packets are assigned to VLAN 1. You can override this behavior by defining either port-based VLANs or protocol-based VLANs, or both.
Page 151: Protocol-Based Vlan Group Membership
S3300 Smart Managed Pro Switch Click the Delete button. Protocol-Based VLAN Group Membership The Protocol-Based VLAN Group Membership screen is used to define a protocol-based VLAN group.  To set up protocol-based VLAN group membership: Select Switching> VLAN > Advanced > Protocol-Based VLAN Group Membership.
Page 152: Garp Switch Configuration
S3300 Smart Managed Pro Switch If the interface mode is VLAN ID or Dot1p, specify the VLAN ID or 802.1p priority value in the Value field. This field is valid only when VLAN ID or dot1p is selected as the interface mode.
Page 153: Garp Port Configuration
S3300 Smart Managed Pro Switch GARP Port Configuration  To configure a GARP port: Select Switching> VLAN > Advanced > GARP Port Configuration. The GARP Port Configuration table is displayed. To navigate the page, select one of the following links. For more navigation information, see Configuring Interface Settings on page 32.
Page 154: Auto-Voip Configuration
S3300 Smart Managed Pro Switch Auto-VoIP Configuration Voice over Internet Protocol (VoIP) enables telephone calls over a data network. Because voice traffic is typically more time-sensitive than data traffic, the Auto VoIP feature helps provide a classification mechanism for voice packets so that they can be prioritized above data packets in order to provide better Quality of Service (QoS).
Page 155: Configure Oui-Based Auto-Voip
S3300 Smart Managed Pro Switch Configure OUI-Based Auto-VoIP With Organizationally Unique Identifier (OUI)-based Auto VoIP, voice prioritization is provided based on OUI bits. From the OUI-based link, you can access the following pages: • OUI-Based Properties on page 155 •...
Page 156: Display Auto-Voip Status
S3300 Smart Managed Pro Switch authority. The switch comes preconfigured with the following OUIs that identify the IP phone manufacturer: • 00:01:E3: SIEMENS • 00:03:6B: CISCO1 • 00:12:43: CISCO2 • 00:0F:E2: H3C • 00:60:B9: NITSUKO • 00:D0:1E: PINTEL • 00:E0:75: VERILINK •...
Page 157 S3300 Smart Managed Pro Switch Figure 86. Auto-VoIP Status The following table shows the non-configurable information displayed on the screen. Table 49. Auto-VoIP Status Field Description Auto-VoIP VLAN ID Displays the Auto-VoIP VLAN ID. Maximum Number of Voice Displays the maximum number of VoIP channels supported.
Page 158: Spanning Tree Protocol
S3300 Smart Managed Pro Switch Spanning Tree Protocol The Spanning Tree Protocol (STP) provides a tree topology for any arrangement of bridges. STP also provides one path between end stations on a network, eliminating loops. Spanning tree versions supported include Common STP, Multiple STP, and Rapid STP.
Page 159: Stp Configuration
S3300 Smart Managed Pro Switch STP Configuration The STP Configuration screen contains fields for enabling STP on the switch.  To configure STP settings on the switch: Select Switching > STP > Basic > STP Configuration. Next to Spanning Tree State, specify whether to enable or disable Spanning Tree operation on the switch.
Page 160: Cst Configuration
S3300 Smart Managed Pro Switch Table 50. STP status information (continued) Field Description Max Age (secs) Specifies the bridge maximum age for CST. The value must be less than or equal to (2 X Bridge Forward Delay) – 1 and greater than or equal to 2 X (Bridge Hello Time +1).
Page 161: Cst Port Configuration
S3300 Smart Managed Pro Switch The following MSTP status information is displayed on the Spanning Tree CST Configuration screen. Table 51. MSTP status information Field Description MST ID Table consisting of the MST instances (including the CST) and the corresponding VLAN IDs associated with each of them.
Page 162: Cst Port Status
S3300 Smart Managed Pro Switch • STP Status. Enable or disable the Spanning Tree Protocol Administrative Mode associated with the port or port channel. • Fast Link. Specifies if the specified port is an Edge Port with the CST. Possible values are Enable or Disable.
Page 163: Rapid Stp
S3300 Smart Managed Pro Switch Table 53. CST port status information Field Description Interface The port associated with the VLAN(s) associated with the CST. Port Role Each MST bridge port that is enabled is assigned a port role for each spanning tree.
Page 164 S3300 Smart Managed Pro Switch Table 54. Rapid STP status information (continued) Field Description Mode Specifies the spanning tree operation mode. Different modes are STP, RSTP, and MSTP. Fast Link Indicates whether the port is enabled as an edge port.
Page 165: Mst Configuration
S3300 Smart Managed Pro Switch MST Configuration Use the Spanning Tree MST Configuration screen to configure Multiple Spanning Tree (MST) on the switch.  To configure an MST instance: Select Switching > STP > Advanced > MST Configuration. Configure the MST values: •...
Page 166: Mst Port Configuration
S3300 Smart Managed Pro Switch MST Port Configuration Use the MST Port Configuration screen to configure and display Multiple Spanning Tree (MST) settings on a specific port on the switch. A port can become Diagnostically Disabled (D-Disable) when DOT1S experiences a severe error condition.
Page 167 S3300 Smart Managed Pro Switch Table 56. MST port status information (continued) Field Description Port Mode Spanning Tree Protocol Administrative Mode associated with the port or port channel. Possible values are Enable or Disable. Port Forwarding State Indicates the current STP state of a port. If enabled, the port state determines what forwarding action is taken on traffic.
Page 168: Stp Statistics
S3300 Smart Managed Pro Switch STP Statistics Use the Spanning Tree Statistics screen to view information about the number and type of bridge protocol data units (BPDUs) transmitted and received on each port. To display the Spanning Tree Statistics screen, select Switching > STP > Advanced > STP Statistics.
Page 169: Multicast
S3300 Smart Managed Pro Switch Multicast Multicast IP traffic is traffic that is destined to a host group. Host groups for IPv4 multicast are identified by class D addresses, which range from 224.0.0.0 to 239.255.255.255. Host groups for IPv6 multicast are identified by the prefix ff00::/8.
Page 170: Mfdb Statistics
S3300 Smart Managed Pro Switch Table 58. MFDB table information (continued) Field Description Description The text description of this multicast table entry. Possible values are Management Configured, Network Configured and Network Assisted. Interface The list of interfaces that are designated for forwarding (Fwd:) and filtering (Flt:) for the selected address.
Page 171: Auto-Video
S3300 Smart Managed Pro Switch Auto-Video Use this screen to configure the Auto-Video parameters.  To configure Auto-Video: Select Switching> Multicast > Auto-Video. Select one of the following radio buttons: • Select the Disable radio button to globally disable Auto-Video administrative mode for the switch.
Page 172: Igmp Snooping Interface Configuration
S3300 Smart Managed Pro Switch IGMP Snooping Configuration Use the IGMP Snooping Configuration screen to configure the parameters for IGMP snooping. These parameters are used to build forwarding lists for multicast traffic.  To configure IGMP snooping: Select Switching> Multicast > IGMP Snooping > IGMP Snooping Configuration.
Page 173: Igmp Snooping Table
S3300 Smart Managed Pro Switch Configure the IGMP snooping values for the selected ports or LAGs: • Admin Mode. Select the interface mode for the selected interface for IGMP snooping for the switch from the menu. The default is Disable.
Page 174: Igmp Snooping Vlan Configuration
S3300 Smart Managed Pro Switch Table 61. IGMP snooping table information (continued) Field Description Description The text description of this multicast table entry. Possible values are Management Configured, Network Configured, and Network Assisted. Interface The list of interfaces that are designated for forwarding (Fwd) and filtering (Flt) for the associated address.
Page 175 S3300 Smart Managed Pro Switch Multicast Router Configuration If a multicast router is attached to the switch, its existence can be learned dynamically. You can also statically configure an interface as a multicast router interface, which is an interface that faces a multicast router or IGMP querier and receives multicast traffic. Use this screen to manually configure an interface as a static multicast router interface.
Page 176: Igmp Snooping Querier
S3300 Smart Managed Pro Switch IGMP Snooping Querier IGMP snooping requires that one central switch or router periodically query all end-devices on the network to announce their multicast memberships. This central device is the IGMP querier. The IGMP query responses, known as IGMP reports, keep the switch updated with the current multicast group membership on a port-by-port basis.
Page 177: Igmp Snooping Querier Vlan Configuration
S3300 Smart Managed Pro Switch IGMP Snooping Querier VLAN Configuration  To create a new VLAN ID for IGMP snooping: Select Switching> Multicast > IGMP Snooping Querier > Querier VLAN Configuration. From the VLAN ID list, select New Entry and complete the following fields: •...
Page 178: Mld Snooping
S3300 Smart Managed Pro Switch Table 62. IGMP snooping querier VLAN status (continued) Field Description Last Querier Version The IGMP protocol version of the last querier from which a query was snooped on the VLAN. Operational Max The maximum response time to be used in the queries that are sent by the snooping Response Time querier.
Page 179 S3300 Smart Managed Pro Switch Table 63. MLD snooping status information (continued) Field Description Interfaces Enabled for MLD A list of all the interfaces currently enabled for MLD snooping. For information Snooping about how to enable an interface for MLD snooping, see...
Page 180: Mld Vlan Configuration
S3300 Smart Managed Pro Switch MLD VLAN Configuration MLD snooping can be enabled on a per VLAN basis. It is necessary to keep track of the interfaces that are participating in a VLAN in order to apply or remove configurations.
Page 181 S3300 Smart Managed Pro Switch Select each interface to configure. For information about how to select and configure one or more ports or LAGs, see Configuring Interface Settings on page 32. Use the Multicast Router field to enable or disable Multicast Router on the selected interface.
Page 182 S3300 Smart Managed Pro Switch In the Query Interval field, specify the time interval in seconds between periodic queries sent by the snooping querier. The Query Interval must be a value in the range of 1–1800 seconds. The default value is In the Querier Expiry Interval field, specify the time interval in seconds after which the last querier information is removed.
Page 183 S3300 Smart Managed Pro Switch The following table describes the MLD snooping querier status information on the screen. Table 64. Field Description Operational State Specifies the operational state of the IGMP snooping querier on a VLAN: • Querier. The snooping switch is the querier in the VLAN. The snooping switch will send out periodic queries with a time interval equal to the configured querier query interval.
Page 184: Mvr Configuration
S3300 Smart Managed Pro Switch MVR Configuration IGMP snooping helps limit multicast traffic when member ports are in the same VLAN; however, when ports belong to different VLANs, a copy of the multicast stream is sent to each VLAN that has member ports in the multicast group. MVR eliminates the need to duplicate the multicast traffic when multicast group member ports belong to different VLANs.
Page 185: Mvr Configuration
S3300 Smart Managed Pro Switch MVR Configuration Use the MVR Configuration screen to enable MVR and to configure global MVR settings on the switch.  To configure basic MVR settings: Select Switching > MVR > Basic > MVR Configuration Next to MVR Running select Enable.
Page 186: Mvr Group Configuration
S3300 Smart Managed Pro Switch MVR Group Configuration Use the MVR Group Configuration screen to create and manage MVR groups on the switch. In this example, five MVR groups are created. To create multiple MVR groups in the same step, the groups must have contiguous IP addresses, such as 239.1.1.1, 239.1.1.2, 239.1.1.3, and so on.
Page 187: Mvr Interface Configuration
S3300 Smart Managed Pro Switch MVR Interface Configuration Use the MVR Interface Configuration screen to configure the ports that belong to the MVR groups and their roles within the groups.  To configure the MVR interfaces: Select Switching > MVR > Advanced > MVR Interface Configuration.
Page 188: Mvr Statistics
S3300 Smart Managed Pro Switch MVR Statistics Use the MVR Statistics screen to view information about the IGMP messages and IGMP packages the switch has transmitted. To view MVR statistics, select Switching > MVR > Advanced > MVR Statistics. The following table describes the MVR statistics.
Page 189: Address Table
S3300 Smart Managed Pro Switch Address Table The address table maintains a list of MAC addresses after having received a packet from this MAC address. The transparent bridging function uses the forwarding database entries to determine how to forward a received frame.
Page 190: Dynamic Address Configuration
S3300 Smart Managed Pro Switch Table 68. Address Table (continued) Field Description Interface The port where this address was learned: that is, this field displays the port through which the MAC address can be reached. Status The status of this entry. The possible values are: •...
Page 191: Static Mac Address
S3300 Smart Managed Pro Switch Static MAC Address Use the Static MAC Address Configuration screen to configure and view static MAC addresses on an interface.  To add a static MAC address: Select Switching> Address Table > Advanced > Static MAC Address.
Page 192: Multiple Registration Protocol Configuration
Note: The Multiple Registration Protocol (MRP) feature is only supported on a standalone S3300 switch. Standalone here means that all four stack ports are running in Ethernet mode. Multiple Registration Protocol (MRP) is a base registration protocol that enables devices running an MRP application to register attributes to other devices in a network.
Page 193 S3300 Smart Managed Pro Switch With MRP, network attributes are declared, registered, withdrawn, and removed completely dynamically without any user intervention. This dynamic nature is especially useful in networks where: • Network attributes are likely to change frequently, requiring reconfiguration of the intermediate devices.
Page 194: Mrp Configuration
S3300 Smart Managed Pro Switch MRP Configuration Use the MRP Configuration screen to configure global MRP settings for the switch.  To configure global MRP settings: Select Switching > MRP > Basic > MRP Configuration. Next to MVRP Mode, select Enable to enable MVRP globally on the switch.
Page 195: Mrp Port Settings
S3300 Smart Managed Pro Switch MRP Port Settings Use the MRP Port Settings screen to configure the per-port MRP mode and timer settings. The timers control when and how often various messages are transmitted on each interface.  To configure the MRP port parameters: Select Switching>...
Page 196: Mmrp Statistics
S3300 Smart Managed Pro Switch MMRP Statistics The MMRP Statistics screen displays information regarding the MMRP frames transmitted and received by the switch and by each interface. To view the MMRP Statistics screen, select Switching > MRP > Advanced > MMRP Statistics.
Page 197: Mvrp Statistics
S3300 Smart Managed Pro Switch MVRP Statistics The MVRP Statistics screen displays information regarding the MVRP frames transmitted and received by the switch and by each interface. To view the MVRP Statistics screen, select Switching > MRP > Advanced > MVRP Statistics.
Page 198: Msrp Statistics
S3300 Smart Managed Pro Switch MSRP Statistics The MSRP Statistics screen displays information about the MSRP frames transmitted and received by the switch and by each interface. To view the MMRP Statistics screen, select Switching > MRP > Advanced > MSRP Statistics.
Page 199: Msrp Reservation Parameters
S3300 Smart Managed Pro Switch MSRP Reservation Parameters Use the MSRP Reservation Parameters screen to view information about the talker, listener, and intermediate device status for the devices involved in each MSRP stream flowing through the switch. To view the MSRP Reservation Parameters screen, select Switching > MRP > Advanced >...
Page 200: Qav Parameters
S3300 Smart Managed Pro Switch Qav Parameters Use the Qav Parameters screen to configure and view the per-port IEEE 802.1Qav settings. The IEEE 802.1Qav standard supports time-sensitive traffic streams by pacing all switch traffic, including legacy asynchronous Ethernet traffic, through queuing and forwarding. When a Talker declares a stream, it identifies whether the stream is Class A or Class B and specifies the stream’s bandwidth requirements.
Page 201 S3300 Smart Managed Pro Switch The following table describes the fields on the MSRP Stream Information screen. Table 74. MSRP Streams Information Field Description Stream ID A 16-bit unsigned integer value, Unique ID, used to distinguish among multiple streams sourced by the same system.
Page 202: 802.1As Configuration
S3300 Smart Managed Pro Switch 802.1AS Note: The 802.1AS feature is only supported on a standalone S3300 switch. Standalone here means that all four stack ports are running in Ethernet mode. The IEEE 802.1AS standard specifies the protocol and procedures used to ensure that the QoS requirements are guaranteed for time-sensitive applications, such as audio and video.
Page 203 S3300 Smart Managed Pro Switch The following table shows the non-configurable information on the 802.1AS Configuration screen. Table 75. 802.1AS Global Status Field Description GrandMaster Present Identifies whether Grand Master Clock is present. The default is False. Best Clock Identity The Best Clock Identity detected by this time-aware bridge.
Page 204 S3300 Smart Managed Pro Switch In a similar manner, if EAV is enabled, then the stack port pages are disabled. When stack ports are not configured (in other words, the 10G ports are configured as Ethernet) and EAV is enabled globally: Configure the Uplink ports in Ethernet mode and reload the switch, using the System >...
Page 205: 802.1As Port Settings
S3300 Smart Managed Pro Switch Figure 93. Stack Configuration is Unavailable 802.1AS Port Settings Use the 802.1AS Port Settings screen to configure and view per-port 802.1AS settings.  To configure the 802.1AS port settings: Select Switching > 802.1AS > Advanced > 802.1AS Port Settings.
Page 206 S3300 Smart Managed Pro Switch In the Announce Interval field, specify the desired transmission rate of ANNOUNCE messages. This value is the logarithm to the base 2 of the mean time interval between successive ANNOUNCE messages sent on this interface. The configured initial interval becomes the current interval only after the port is initialized or re-initialized for 802.1AS operation.
Page 207: 802.1As Statistics
S3300 Smart Managed Pro Switch The following table describes the non-configurable information on the 802.1AS Port Settings screen. Table 76. 802.1AS port settings Field Description Port Role The 802.1AS role of the interface. The possible roles are as follows: •...
Page 208 S3300 Smart Managed Pro Switch Table 77. 802.1AS statistics (continued) Field Description Followup Tx The total number of FOLLOWUP packets transmitted without error. Followup Rx The total number of FOLLOWUP packets received without error. Announce Tx The total number of ANNOUNCE packets transmitted without error.
Page 209: Chapter 4 Configuring Routing
Configuring Routing The switch supports IP routing. Use the menus under the Routing tab to manage routing on the system. When a packet enters the switch, the destination MAC address is checked to see if it matches any of the configured routing interfaces. If it does, then the switch searches the host table for a matching destination IP address.
Page 210: Configure Ip Settings
S3300 Smart Managed Pro Switch Configure IP Settings For information about how to configure and display IP routing data, see the following sections: • IP Configuration on page 210 • VLAN Routing Wizard on page 214 • IP Statistics on page 211 IP Configuration Use the IP Configuration screen to configure routing parameters for the switch.
Page 211: Ip Statistics
S3300 Smart Managed Pro Switch IP Statistics The statistics reported on the IP Statistics screen are as specified in RFC 1213. To display the IP statistics screen, select Routing > IP >Statistics. The following table describes the IP statistics information displayed on the screen.
Page 212 S3300 Smart Managed Pro Switch Table 79. IP routing statistics (continued) Field Description IpReasmTimeout The maximum number of seconds which received fragments are held while they are awaiting reassembly at this entity. IpReasmReqds The number of IP fragments received which needed to be reassembled at this entity.
Page 213 S3300 Smart Managed Pro Switch Table 79. IP routing statistics (continued) Field Description IcmpOutMsgs The total number of ICMP messages which this entity attempted to send. Note that this counter includes all those counted by icmpOutErrors. IcmpOutErrors The number of ICMP messages which this entity did not send due to problems discovered within ICMP such as a lack of buffers.
Page 214: Configure Vlan Routing
S3300 Smart Managed Pro Switch Configure VLAN Routing You can configure the switch software with some ports supporting VLANs and some supporting routing. You can also configure the software to allow traffic on a VLAN to be treated as if the VLAN were a router port.
Page 215: Vlan Routing Configuration
S3300 Smart Managed Pro Switch Click the box under each port or LAG to add to the VLAN as a VLAN member. Each port or LAG has three modes: • T(Tagged). Select the ports on which all frames transmitted for this VLAN will be tagged.
Page 216: Configure Router Discovery
S3300 Smart Managed Pro Switch Configure Router Discovery The Router Discovery protocol is used by hosts to identify operational routers on the subnet. Router discovery messages are of two types: router advertisements and router solicitations. The protocol mandates that every router periodically advertise the IP addresses it is associated with.
Page 217: Configure And View Routes
S3300 Smart Managed Pro Switch Configure and View Routes From the Route Configuration screen, you can configure static and default routes and view the routes that the switch has already learned.  To configure a static route: Select Routing > Route Configuration.
Page 218 S3300 Smart Managed Pro Switch The Route Status table provides information about the static routes configured on the switch and the dynamic routes the switch has learned. Table 81. Routing table information Field Description Route Type Indicates whether the learned route is a static or default route.
Page 219: Configure Arp
S3300 Smart Managed Pro Switch Configure ARP The address resolution protocol (ARP) associates a layer 2 MAC address with a layer 3 IPv4 address. Switch software features both dynamic and manual ARP configuration. With manual ARP configuration, you can statically add entries into the ARP table.
Page 220: Arp Cache
S3300 Smart Managed Pro Switch ARP Cache Use the ARP Cache screen to view entries in the ARP table, a table of the remote connections most recently seen by this switch. To display entries in the ARP table, select Routing > ARP > Basic > ARP Cache.
Page 221: Create A Static Arp Entry
S3300 Smart Managed Pro Switch Create a Static ARP Entry Use this screen to add a static entry to the ARP table.  To add an entry to the ARP table: Select Routing > ARP > Advanced > ARP Create.
Page 222: Remove An Arp Entry From The Arp Cache
S3300 Smart Managed Pro Switch Remove an ARP Entry From the ARP Cache Use this screen to remove certain entries from the ARP Table.  To remove entries from the ARP table: Select Routing > ARP > Advanced > ARP Entry Management.
Page 223: Chapter 5 Configuring Quality Of Service
Configuring Quality of Service In a typical switch, each physical port consists of one or more queues for transmitting packets on the attached network. Multiple queues per port are often provided to give preference to certain packets over others based on user-defined criteria. When a packet is queued for transmission in a port, the rate at which it is serviced depends on how the queue is configured and possibly the amount of traffic present in the other queues of the port.
Page 224: Class Of Service
S3300 Smart Managed Pro Switch Class of Service The Class of Service (CoS) queueing feature lets you directly configure certain aspects of switch queueing. This provides the desired QoS behavior for different types of network traffic when the complexities of DiffServ are not required. The priority of a packet arriving at an interface can be used to steer the packet to the appropriate outbound CoS queue through a mapping table.
Page 225 S3300 Smart Managed Pro Switch Global Trust Mode can be one of the following: • Untrusted. Do not trust any CoS packet marking at ingress. • 802.1p. The eight priority tags that are specified in IEEE 802.1p are p0 to p7. The QoS setting lets you map each of the eight priority levels to one of seven internal hardware priority queues.
Page 226: Cos Interface Configuration
S3300 Smart Managed Pro Switch CoS Interface Configuration Use the CoS Interface Configuration screen to configure the trust mode for one or more interfaces and to apply an interface shaping rate to all interfaces or to a specific interface. ...
Page 227: Interface Queue Configuration
S3300 Smart Managed Pro Switch Interface Queue Configuration Use the Interface Queue Configuration screen to define what a particular queue does by configuring switch egress queues. User-configurable parameters control the amount of bandwidth used by the queue, the queue depth during times of congestion, and the scheduling of packet transmission from the set of all queues on a port.
Page 228: 802.1P To Queue Mapping
S3300 Smart Managed Pro Switch 802.1p to Queue Mapping Use this screen to view or change which internal traffic classes are mapped to the 802.1p priority class values in Ethernet frames the device receives. The priority-to-traffic class mappings can be applied globally or per-interface. The mapping allows the switch to group various traffic types (for example, data or voice) based on their latency requirements and give preference to time-sensitive traffic.
Page 229: Differentiated Services
S3300 Smart Managed Pro Switch Differentiated Services The QoS feature contains Differentiated Services (DiffServ) support that allows traffic to be classified into streams and given certain QoS treatment in accordance with defined per-hop behaviors. Standard IP-based networks are designed to provide “best effort” data delivery service. “Best effort”...
Page 230: Diffserv Configuration
S3300 Smart Managed Pro Switch Diffserv Configuration Use the DiffServ Configuration screen to display DiffServ general status group information, which includes the current administrative mode setting as well as the current and maximum number of rows in each of the main DiffServ private MIB tables.
Page 231: Class Configuration
S3300 Smart Managed Pro Switch Class Configuration Use the Class Configuration screen to add a new DiffServ class name, or to rename or delete an existing class. The screen also allows you to define the criteria to associate with a DiffServ class.
Page 232 S3300 Smart Managed Pro Switch Figure 95. DiffServ Class Configuration Criteria Define the criteria to associate with a DiffServ class: • Match Every. This adds to the specified class definition a match condition whereby all packets are considered to belong to the class.
Page 233 S3300 Smart Managed Pro Switch • Destination MAC Mask. This is a bit mask in the same format as MAC Address indicating which part(s) of the destination MAC Address to use for matching against packet content. • Protocol Type. Requires a packet’s layer 4 protocol to match the protocol you select.
Page 234: Ipv6 Class Configuration
S3300 Smart Managed Pro Switch IPv6 Class Configuration The IPv6 Class Configuration feature extends the existing QoS ACL and DiffServ functionality by providing support for IPv6 packet classification. An Ethernet IPv6 packet is distinguished from an IPv4 packet by its unique EtherType value, so all IPv6 classifiers include the EtherType field.
Page 235: Policy Configuration
S3300 Smart Managed Pro Switch The same set of fields described for IPv6 ACL classification are also supported as match criteria for DiffServ classes. Prior to the introduction of IPv6 class rule fields, any layer 3 or layer 4 item was interpreted as a field in an IPv4 packet. To properly interpret the match criteria fields and create classifier entries, it is necessary for the configuration to specify what type of packet a class defines.
Page 236 S3300 Smart Managed Pro Switch The policy name is a hyperlink. The following figure shows the configuration fields for the policy. Figure 97. Policy Configuration Configure the policy attributes: • Assign Queue. Select this value from the drop-down list. This is an integer value in the range 0 to 6.
Page 237 S3300 Smart Managed Pro Switch One of the classes must be selected from this list. If you select the Simple Policy attribute, configure the following fields: • Color Mode. Color Aware mode requires the existence of one or more color classes that are valid for use with this policy instance;...
Page 238: Service Configuration
S3300 Smart Managed Pro Switch Service Configuration Use the Service Configuration screen to activate a policy on an interface.  To attach a DiffServ policy to an interface: Select QoS > DiffServ > Advanced > Service Configuration. Select the interfaces to attach to the policy.
Page 239 S3300 Smart Managed Pro Switch Table 85. Service statistics (continued) Field Description Discarded Packets The total number of packets discarded for all class instances in this service policy for any reason due to DiffServ treatment. This is the overall count per-interface, per-direction.
Page 240: Managing Device Security
Managing Device Security Use the features available from the Security navigation tab to configure management security settings for port, user, and server security. The Security tab contains links to the features described in the following sections. • Management Security Settings on page 241 •...
Page 241: Management Security Settings
S3300 Smart Managed Pro Switch Management Security Settings From the Management Security menu, you can configure the login password, Remote Authorization Dial-In User Service (RADIUS) settings, Terminal Access Controller Access Control System (TACACS+) settings, and authentication lists. The Management Security folder contains links described in the following sections.
Page 242 S3300 Smart Managed Pro Switch Note: In you have forgotten the password and are unable to log in to the switch management interface, press the Factory Defaults button on the front panel of the switch for more than 1 second. The device reboots, and all switch settings, including the password, are reset to the factory default values.
Page 243: Radius Configuration
S3300 Smart Managed Pro Switch RADIUS Configuration RADIUS servers provide additional security for networks. The RADIUS server maintains a user database, which contains per-user authentication information. The switch passes information to the configured RADIUS server, which can authenticate a user name and password before authorizing use of the network.
Page 244: Radius Server Configuration
S3300 Smart Managed Pro Switch RADIUS Server Configuration Use the RADIUS Server Configuration screen to view and configure various settings for the current RADIUS server configured on the system.  To add a primary RADIUS server with a shared secret: Select Security >...
Page 245 S3300 Smart Managed Pro Switch Table 86. RADIUS server statistics (continued) Field Description Access Challenges The number of RADIUS Access-Challenge packets, including both valid and invalid packets, that were received from this server. Malformed Access The number of malformed RADIUS Access-Response packets received from this Responses server.
Page 246 S3300 Smart Managed Pro Switch You must select Yes before you can configure the RADIUS secret. After you add the RADIUS accounting server, this field indicates whether the shared secret for this server has been configured. In the Secret field, type the shared secret to use with the specified accounting server.
Page 247: Configure Tacacs
S3300 Smart Managed Pro Switch Configure TACACS+ TACACS+ provides a centralized user management system, while still retaining consistency with RADIUS and other authentication processes. TACACS+ provides the following services: • Authentication. Provides authentication during login and through user names and user-defined passwords.
Page 248 S3300 Smart Managed Pro Switch The priority determines the order in which the TACACS+ servers are contacted when attempting to authenticate a user. A value of 0 is the highest priority. (Optionally) In the Port field, specify the authentication port value for TACAS+ server sessions.
Page 249: Authentication List Configuration
S3300 Smart Managed Pro Switch Authentication List Configuration Use the Authentication List screen to configure the default login list. A login list specifies one or more authentication methods to validate switch or port access for the admin user. Note: Admin is the only user on the system and is assigned to a preconfigured list named defaultList, which you cannot delete.
Page 250 S3300 Smart Managed Pro Switch Click the Apply button. HTTPS Authentication List Use the HTTPS Authentication List to configure the default login list for secure HTTP (HTTPS).  To configure the HTTPS authentication method for the defaultList: Select Security > Management Security > Authentication List > HTTPS Authentication List.
Page 251: Smart Control Center Utility
S3300 Smart Managed Pro Switch  To change the Dot1x authentication method for the defaultList: Select Security > Management Security > Authentication List > Dot1x Authentication List. Select the check box next to the dot1xList name. From the list in the 1 column, select the method that should appear first in the selected authentication login list.
Page 252: Configuring Management Access
S3300 Smart Managed Pro Switch Configuring Management Access From the Access menu, you can configure HTTP and secure HTTP access to the switch management interface. You can also configure access control profiles and access rules. The Access menu contains links to the features described in the following sections.
Page 253: Secure Http Configuration
S3300 Smart Managed Pro Switch Secure HTTP Configuration Secure HTTP enables the transmission of HTTP over an encrypted Secure Sockets Layer (SSL) or Transport Layer Security (TLS) connection. When you manage the switch by using the web management interface, secure HTTP can help ensure that communication between the management system and the switch is protected from eavesdroppers and man-in-the-middle attacks.
Page 254: Certificate Management
S3300 Smart Managed Pro Switch Certificate Management Use this screen to generate or delete certificates.  To generate an SSL certificate: Select Security > Access > HTTPS > Certificate Management. From the Certificate Present field, a Yes or No status displays.
Page 255 S3300 Smart Managed Pro Switch The default is IPv4. In the TFTP Server IP field, specify the address of the TFTP server. The address can be an IP address in standard x.x.x.x format or a hostname. The hostname must start with a letter of the alphabet. Make sure that the software image or other file to be downloaded is available on the TFTP server.
Page 256: Access Control
S3300 Smart Managed Pro Switch Access Control Access control allows you to configure a profile and set access rules. Access Profile Configuration Use the Access Profile Configuration screen to set up a security access profile.  To configure an access profile: Select Security >...
Page 257 S3300 Smart Managed Pro Switch From the Rule Type field, select the action to be performed when the rules selected are matched. A permit rule allows access by traffic that matches the rule criteria. A deny rule blocks traffic that matches the rule criteria.
Page 258: Port Authentication
S3300 Smart Managed Pro Switch Port Authentication In port-based authentication mode, when 802.1X is enabled globally and on the port, successful authentication of any one supplicant attached to the port results in all users being able to use the port without restrictions. At any given time, only one supplicant is allowed to attempt authentication on a port in this mode.
Page 259: Port Authentication
S3300 Smart Managed Pro Switch In the VLAN Assignment Mode field, select Enable. When enabled, this feature allows a port to be placed into a particular VLAN based on the result of the authentication or type of 802.1X authentication a client uses when it accesses the device.
Page 260 S3300 Smart Managed Pro Switch Unauthorized. The system denies the selected interface system access by moving the interface into unauthorized state. The switch cannot provide authentication services to the client through the interface. MAC based. This mode allows multiple supplicants connected to the same port to each authenticate individually.
Page 261 S3300 Smart Managed Pro Switch The following table describes the 802.1X status information available on the screen. Table 89. Port Authentication Status Information Field Description Control Direction The control direction for the specified port, which is always Both. The control direction dictates the degree to which protocol exchanges take place between Supplicant and Authenticator.The unauthorized controlled port exerts control...
Page 262: Port Summary
S3300 Smart Managed Pro Switch Click the Reauthenticate button. The selected port is forced to restart the authentication process.This button is available only if the control mode is auto. If the button is not selectable, it will be grayed out. When this button is pressed, the action is immediate.
Page 263: Client Summary
S3300 Smart Managed Pro Switch Client Summary This screen displays information about supplicant devices that are connected to the local authenticator ports. If there are no active 802.1X sessions, the table is empty. To access the Client Summary screen, select Security > Port Authentication > Advanced >...
Page 264: Traffic Control
S3300 Smart Managed Pro Switch Traffic Control From the Traffic Control menu, you can configure MAC Filters, Storm Control, Port Security, and Protected Port settings. The Traffic Control menu contains links to the features described in the following sections. •...
Page 265: Mac Filter Summary
S3300 Smart Managed Pro Switch If a packet with the MAC address and VLAN ID you specify is received on a port that is not in the list, it will be dropped. From the list of Destination Port Members, select the ports to include in the outbound filter.
Page 266: Storm Control
S3300 Smart Managed Pro Switch Storm Control A broadcast storm is the result of an excessive number of broadcast messages simultaneously transmitted across a network by a single port. Forwarded message responses can overload network resources and/or cause the network to time out.
Page 267: Port Security Configuration
S3300 Smart Managed Pro Switch Port Security Configuration Use the Port Security feature to lock one or more ports on the system. When a port is locked, only packets with an allowable source MAC addresses can be forwarded. All other packets are discarded.
Page 268: Security Mac Address
S3300 Smart Managed Pro Switch • Port Security. Enable or Disable the port security feature for the selected port. The default is Disable. • Max Allowed Dynamically Learned MAC. Specify the maximum number of dynamically learned MAC addresses on the selected interface.
Page 269: Protected Ports Membership
S3300 Smart Managed Pro Switch Protected Ports Membership If a port is configured as protected, it does not forward traffic to any other protected port on the switch, but it will forward traffic to unprotected ports. Use the Protected Ports Membership screen to configure the ports as protected or unprotected.
Page 270: Configure Access Control Lists
S3300 Smart Managed Pro Switch Configure Access Control Lists Access control lists (ACLs) ensure that only authorized users have access to specific resources while blocking off any unwarranted attempts to reach network resources. ACLs are used to provide traffic flow control, restrict contents of routing updates, decide which types of traffic are forwarded or blocked, and above all provide security for the network.
Page 271: Acl Wizard
S3300 Smart Managed Pro Switch ACL Wizard The ACL Wizard helps you to create a simple ACL and apply it to the selected ports easily and quickly. First, you can select an ACL type. Then, you can add an ACL rule to this ACL, and a rule can be applied this ACL on the selected ports.
Page 272 S3300 Smart Managed Pro Switch Specify the additional match criteria for the selected ACL type. The rest of the rule match criteria fields available for configuration depend on the selected ACL type. For information about the possible match criteria fields, see Table Table 95.
Page 273 S3300 Smart Managed Pro Switch Figure 99 on page 273, the ACL rule is configured to check for packet matches on ports 8, 9, 13, and LAG 1. Packets that have a source address in the 192.168.3.0/24 network are permitted to be forwarded by the interfaces. All other packets are dropped because every ACL has an implicit deny all rule as the last rule.
Page 274: Mac Acl
S3300 Smart Managed Pro Switch MAC ACL A MAC ACL consists of a set of rules which are matched sequentially against a packet. When a packet meets the match criteria of a rule, the specified rule action (Permit/Deny) is taken and the additional rules are not checked for a match.
Page 275 S3300 Smart Managed Pro Switch Note: To create a new MAC ACL, use the MAC ACL screen. See MAC ACL on page 274.  To add rules to a MAC ACL: Select Security > ACL > Basic > MAC Rules.
Page 276 S3300 Smart Managed Pro Switch • EtherType User Value. This field is configurable if you select User Value from the EtherType drop-down menu. The value you enter specifies a customized EtherType to compare against an Ethernet frame. The valid range of values is 0x0600–0xFFFF.
Page 277: Mac Binding Configuration
S3300 Smart Managed Pro Switch MAC Binding Configuration When an ACL is bound to an interface, all the rules that have been defined are applied to the selected interface. Use the MAC Binding Configuration screen to assign MAC ACL lists to ACL priorities and interfaces.
Page 278: Mac Binding Table
S3300 Smart Managed Pro Switch MAC Binding Table Use the MAC Binding Table screen to view or delete the MAC ACL bindings. The following table describes the information displayed in the MAC Binding Table. Table 96. MAC binding table information...
Page 279: Ip Acl
S3300 Smart Managed Pro Switch IP ACL IP ACLs allow network managers to define classification actions and rules for specific ingress ports. Packets can be filtered on ingress (inbound) ports only. If the filter rules match, then some actions can be taken, including dropping the packet or disabling the port. For example, a network administrator defines an ACL rule that says port number 20 can receive TCP packets.
Page 280: Ip Rules
S3300 Smart Managed Pro Switch IP Rules Use the IP Rules screen to define rules for IP-based standard ACLs. The access list definition includes rules that specify whether traffic matching the criteria is forwarded normally or discarded. Note: There is an implicit deny all rule at the end of an ACL list. This means that if an ACL is applied to a packet and if none of the explicit rules match, then the final implicit “deny all”...
Page 281 S3300 Smart Managed Pro Switch Figure 101. Standard ACL Rule Configuration In the Sequence Number field, specify a number in the range from 1 to 2147483647 to identify the IP ACL rule. Select or specify values for one or more of the following match criteria: •...
Page 282: Ip Extended Rules
S3300 Smart Managed Pro Switch subnet mask. A wildcard mask is in essence the inverse of a subnet mask. For example, to apply the rule to all hosts in the 192.168.1.0/24 subnet, enter 0.0.0.255 in the Source IP Mask field. This field is required when you configure a source IP address.
Page 283 S3300 Smart Managed Pro Switch Figure 102. Extended ACL Rule Configuration Next to Sequence Number, specify a number in the range of 1 to 2147483647 to identify the IP ACL rule. You can create up to 50 rules for each ACL.
Page 284 S3300 Smart Managed Pro Switch 0.0.0.255 in the Source IP Mask field. This field is required when you configure a source IP address. • Src L4 Port. Require a packet’s TCP/UDP source port to match the port listed here. Click Complete one of the following fields: Source L4 Keyword.
Page 285 S3300 Smart Managed Pro Switch example, to check for an IP TOS value having bits 7 and 5 set and bit 1 clear, where bit 7 is most significant, use a TOS Bits value of a0 and a TOS Mask of 00.
Page 286: Ipv6 Acl
S3300 Smart Managed Pro Switch IPv6 ACL An IPv6 ACL consists of a set of rules which are matched sequentially against a packet. When a packet meets the match criteria of a rule, the specified rule action (Permit/Deny) is taken and the additional rules are not checked for a match. On this menu, the interfaces to which an IP ACL applies must be specified, as well as whether it applies to inbound or outbound traffic.
Page 287: Ipv6 Rules
S3300 Smart Managed Pro Switch IPv6 Rules Use the IPv6 Rules screen to configure the rules for the IPv6 Access Control Lists. The IPv6 Access Control Lists are created using the IPv6 Access Control List Configuration screen. By default, no specific value is in effect for any of the IPv6 ACL rules.
Page 288 S3300 Smart Managed Pro Switch • Assign Queue ID. Specifies the hardware egress queue identifier used to handle all packets matching this IPv6 ACL rule. The valid range of Queue IDs is from 0 to 6. This field is visible for a Permit Action.
Page 289: Ip Binding Configuration
S3300 Smart Managed Pro Switch • Flow Label. Flow label is 20-bit number that is unique to an IPv6 packet, used by end stations to signify quality-of-service handling in routers. Flow label can be specified within the range (0 to 1048575).
Page 290: Ip Binding Table
S3300 Smart Managed Pro Switch • To remove the selected ACL from a port or LAG, click the box directly below the port or LAG number to clear the selection. A check mark in the box indicates that the ACL is applied to the interface.
Page 291 S3300 Smart Managed Pro Switch number. If the sequence number is not specified by the user (i.e., the value is 0), a sequence number that is one greater than the highest sequence number currently in use for this VLAN and direction will be used. Valid range is (1 to 4294967295).
Page 292 Maintenance Use the features available from the Maintenance tab to help you manage the switch. The Maintenance tab contains links to the features described in the following sections. • Reset on page 293 • Export (Upload) a File From the Switch on page 294 •...
Page 293: Chapter 7 Maintenance
S3300 Smart Managed Pro Switch Reset The Reset menu contains links to the features described in the following sections. • Device Reboot on page 293 • Factory Default on page 293 Device Reboot Use the Device Reboot screen to reboot the switch.
Page 294: Export (Upload) A File From The Switch
S3300 Smart Managed Pro Switch Export (Upload) a File From the Switch The switch supports system file exports (uploads) from the switch to a remote system by using either TFTP or HTTP. The Export menu contains links to the features described in the following sections.
Page 295: Http File Export
S3300 Smart Managed Pro Switch From the Server Address Type list, select the format to use for the address you type in the TFTP Server Address field. The default is IPv4. • IPv4. Indicates that the TFTP server address is an IP address in dotted-decimal format.
Page 296: Usb File Export
S3300 Smart Managed Pro Switch From the File Type list, specify what type of file you want to export from the switch. The factory default is Text Configuration. • Text Configuration. A text-based configuration file enables you to edit a configured text file (startup-config) offline as needed without having to translate the contents for the switch to understand.
Page 297: Download
S3300 Smart Managed Pro Switch In the File Path field, enter the path for the file to export. You may enter up to 139 characters. The factory default is blank. In the USB File field, specify a destination filename for the file to export.
Page 298 S3300 Smart Managed Pro Switch Figure 108. TFTP File Download From the File Type list, specify what type of file you want to download to the switch. The factory default is Software. • Software. The system software image (STK) that is saved in one of two flash sectors called images (image1 and image2).
Page 299 S3300 Smart Managed Pro Switch Note: To download SSH key files, SSH must be administratively disabled, and there can be no active SSH sessions. Note: To download SSL PEM files, SSL must be administratively disabled, and there can be no active SSH sessions.
Page 300: Http File Download
S3300 Smart Managed Pro Switch Click the Cancel button to cancel the configuration on the screen and reset the data on the screen to the latest value on the switch. HTTP File Download Use the HTTP File Download screen to download files of various types to the switch through an HTTP session by using your web browser.
Page 301: Usb File Download
S3300 Smart Managed Pro Switch Note: To download SSL PEM files, SSL must be administratively disabled, and there can be no active SSH sessions. The Image Name field is visible only when File Type - Software is selected. From the Image Name field, select one of the images from the list.
Page 302 S3300 Smart Managed Pro Switch Figure 110. USB File Download  To download a file to the switch from a USB device: From the File Type list, specify the type of file to download to the switch: • Software. The STK system software image, which is saved in one of two flash sectors called images (image1 and image2).
Page 303: File Management
S3300 Smart Managed Pro Switch File Management The system maintains two versions of the switch software in permanent storage. One image is the active image, and the second image is the backup image. The active image is loaded during subsequent switch restarts. This feature reduces switch down time when upgrading or downgrading the switch software.
Page 304 S3300 Smart Managed Pro Switch The Current-active field displays the name of the active image. From the Unit Number list, select the specific unit number or All units to configure. (Optionally) In the Image Description field, specify a name for the selected image.
Page 305: Troubleshooting Configuration Menu
S3300 Smart Managed Pro Switch Troubleshooting Configuration Menu The Maintenance main navigation tab gives access to the Troubleshooting configuration menu. From this menu, you can perform basic troubleshooting functions such as pinging an IPv4 or IPv6 address to check if the switch can communicate with a particular network host and tracing an IPv4 or IPv6 route to determine the packet’s path to a remote destination.
Page 306 S3300 Smart Managed Pro Switch Figure 111. Ping IPv4 In the IP Address/Host Name field, specify the IP address or Hostname of the station you want the switch to ping. The initial value is blank. The IP Address or Hostname you enter is not retained across a power cycle.
Page 307: Ping Ipv6
S3300 Smart Managed Pro Switch Click Apply to send the ping to the specified address. The switch sends the number of pings specified in the Count field, and the results are displayed below the configurable data in the Results area.
Page 308: Traceroute Ipv4
S3300 Smart Managed Pro Switch Use Count to enter the number of echo requests you want to send. The range is 1 to 15. The default value is 3. In the Interval field, specify the number of seconds between pings sent. The range is 1 to 60.
Page 309 S3300 Smart Managed Pro Switch Figure 113. Traceroute IPv4 Use IP Address/Hostname to enter the IP address or Hostname of the station you want the switch to discover a path. The default value is blank. The IP Address or Hostname you enter is not retained across a power cycle.
Page 310: Traceroute Ipv6
S3300 Smart Managed Pro Switch • IP Address — The source is an IP address that you specify using when sending the Echo request packets. This field is shown when IP Address is selected as the source option. • Interface — The interface to use when sending the Echo request packets. This field is shown when Interface is selected as the source option.
Page 311 S3300 Smart Managed Pro Switch Figure 114. Traceroute IPv6 Use IPv6 Address/Hostname to enter the IPv6 address or Hostname of the station to which the switch should find a path. The initial value is blank. The IPv6 Address or Hostname you enter is not retained across a power cycle.
Page 312 S3300 Smart Managed Pro Switch Interface. The probe packet is sent from a specified interface. If you select this option, the Interface field appears. Use the menu to select the interface from which to send the probe packet. Note: Values configured in the fields above are not saved to the switch. As a result, refreshing the page sets these fields to the default values.
Page 313: Troubleshooting Chart
S3300 Smart Managed Pro Switch Troubleshooting Chart The following table lists symptoms, causes, and solutions of possible problems. Table 99. Troubleshooting chart Symptom Cause Solution Power LED is off. No power is received. Check the power cord connections for the switch at the switch and the connected AC power source.
Page 314: Full Memory Dump
S3300 Smart Managed Pro Switch Click the Apply button. The updated configuration is sent to the switch. Configuration changes take effect immediately. Full Memory Dump Use this screen to tell the switch to do a full memory dump to help with troubleshooting.
Page 315: Chapter 8 Monitoring The System
Monitoring the System Use the features available from the Monitoring navigation tab to view a variety of information about the switch and its ports and to configure how the switch monitors events. The Monitoring tab contains configuration menus described in the following sections. •...
Page 316: Ports
S3300 Smart Managed Pro Switch Ports The screens available from the Ports menu contain a variety of information about the number and type of traffic transmitted from and received on the switch. From the Ports menu, you can access links to the features described following sections: •...
Page 317 S3300 Smart Managed Pro Switch Table 100. Switch statistics (continued) Field Description Unicast Packets Transmitted The total number of packets that higher level protocols requested be transmitted to a subnetwork-unicast address, including those that were discarded or not sent. Multicast Packets...
Page 318: Port Statistics
S3300 Smart Managed Pro Switch Port Statistics The Port Statistics screen displays a summary of per-port traffic statistics on the switch.  To access the port summary screen: Select Monitoring > Ports > Port Statistics. Select whether to display physical interfaces, link aggregation groups (LAGs), or both by clicking one of the following links above the table heading: 1 (or the unit ID of the switch).
Page 319: Port Detailed Statistics
S3300 Smart Managed Pro Switch You can also type the interface number (for example, g7) in the Go To Interface field at the top or bottom of the table and click the Go button. Click the Clear button. Port Detailed Statistics The Port Detailed Statistics screen displays a variety of per-port traffic statistics.
Page 320 S3300 Smart Managed Pro Switch Table 102. Detailed Interface Statistics (continued) Field Description STP State The port's current state Spanning Tree state. This state controls what action a port takes on receipt of a frame. If the bridge detects a malfunctioning port it will place that port into the broken state.
Page 321 S3300 Smart Managed Pro Switch Table 102. Detailed Interface Statistics (continued) Field Description Packets RX and TX The total number of packets (including bad packets) received or transmitted that 512-1023 Octets were between 512 and 1023 octets in length inclusive (excluding framing bits but including FCS octets).
Page 322 S3300 Smart Managed Pro Switch Table 102. Detailed Interface Statistics (continued) Field Description Unicast Packets Received The number of subnetwork-unicast packets delivered to a higher-layer protocol. Multicast Packets Received The total number of good packets received that were directed to a multicast address.
Page 323 S3300 Smart Managed Pro Switch Table 102. Detailed Interface Statistics (continued) Field Description Total Packets Transmitted The total number of octets of data (including those in bad packets) transmitted on (Octets) the network (excluding framing bits but including FCS octets). This object can be used as a reasonable estimate of Ethernet utilization.
Page 324 S3300 Smart Managed Pro Switch Table 102. Detailed Interface Statistics (continued) Field Description Total Transmit Packets The sum of single collision frames discarded, multiple collision frames discarded, Discarded and excessive frames discarded. Single Collision Frames A count of the number of successfully transmitted frames on a particular interface for which transmission is inhibited by exactly one collision.
Page 325: Eap Statistics
S3300 Smart Managed Pro Switch EAP Statistics Use the EAP Statistics screen to display information about EAP packets received on a specific port. To display the EAP statistics screen, select Monitoring > Ports > EAP Statistics. The following table describes the EAP statistics displayed on the screen.
Page 326: Cable Test
S3300 Smart Managed Pro Switch Cable Test Use the Cable Test screen to display information about the cables connected to switch ports.  To perform the cable test: Select Monitoring > Ports > Cable Test. Select the check box next to each port on which to run the cable test.
Page 327: Memory Logs
S3300 Smart Managed Pro Switch logging capability includes filtering of messages logged or forwarded based on severity and generating component. The Logs menu contains links to the features described in the following sections. • Memory Logs on page 327 •...
Page 328 S3300 Smart Managed Pro Switch • Critical (2): Critical conditions. • Error (3): Error conditions. • Warning (4): Warning conditions. • Notice (5): Normal but significant conditions. • Informational (6): Informational messages. • Debug (7): Debug-level messages. Click the Apply button.
Page 329 S3300 Smart Managed Pro Switch prior to the last reboot. Only the messages that meet the configured severity level are logged to FLASH memory. Use the FLASH Log screen to enable or disable persistent logging, set the severity filter of persistent log messages, and view log messages stored in FLASH for the current boot cycle or for the previous boot cycle.
Page 330: Server Log
S3300 Smart Managed Pro Switch during the previous boot cycle. The persistent log file from the previous boot cycle stores the following messages: Up to 32 startup messages, which are messages that occurred immediately after the previous boot cycle completed (system startup).
Page 331 S3300 Smart Managed Pro Switch IPv4 IPv6 • Host Address. Specify the hostname of the host configured for syslog. • Port. Specify the port on the host to which syslog messages are sent. The default port is 514. • Severity Filter. Use the menu to select the severity of the logs to send to the logging host.
Page 332: Trap Logs
S3300 Smart Managed Pro Switch Trap Logs Use the Trap Logs screen to view information about the SNMP traps generated on the switch. To view trap log information, select Monitoring > Logs > Trap Logs. The Trap Logs screen displays.
Page 333: Event Logs
S3300 Smart Managed Pro Switch Event Logs Use the Event Logs screen to display the event log, which is used to hold error messages for catastrophic events. After the event is logged and the updated log is saved in flash memory, the switch will be reset.
Page 334 S3300 Smart Managed Pro Switch Figure 117. Port Mirroring In the Global Configuration section of the screen, click the option to enable (True) or disable (False) the Admin Mode for the current session. When Admin Mode is enabled, any traffic entering or leaving the source ports of the current session is copied (mirrored) onto the corresponding destination port.
Page 335 S3300 Smart Managed Pro Switch • CPU. The CPU port is displayed. • All. Both physical interfaces and link aggregation groups are displayed. b. Select the check box next to each physical port or LAG to configure as the mirrored source.
Page 336: Configuration Examples
Virtual Local Area Network Configuration Example on page 337 • Differentiated Services on page 343 • 802.1X Configuration Example on page 347 • MSTP on page 349 • VLAN Routing Interface Configuration Example on page 354 • Smart M4300/S3300 Firmware Upgrade Procedure on page 356...
Page 337: Appendix A Configuration Examples
S3300 Smart Managed Pro Switch Virtual Local Area Network Configuration Example A local area network (LAN) can generally be defined as a broadcast domain. Hubs, bridges, or switches in the same physical segment or segments connect all end node devices. End nodes can communicate with each other without the need for a router.
Page 338 S3300 Smart Managed Pro Switch • Packets leaving the switch are either tagged or untagged, depending on the setting for that port’s VLAN membership properties. A U for a given port means that packets leaving the switch from that port are untagged. Inversely, a T for a given port means that packets leaving the switch from that port are tagged with the VLAN ID that is associated with the port.
Page 339 S3300 Smart Managed Pro Switch Figure 119. VLAN Membership For more information about how to perform this step, see VLAN Membership Configuration on page 146. In the Port PVID Configuration screen, specify the PVID for ports g1 and g4 so that packets entering these ports are tagged with the port VLAN ID: •...
Page 340: Access Control Lists
S3300 Smart Managed Pro Switch Access Control Lists Access Control Lists (ACLs) ensure that only authorized users have access to specific resources while blocking off any unwarranted attempts to reach network resources. ACLs are used to provide traffic flow control, restrict contents of routing updates, decide which types of traffic are forwarded or blocked, and provide security for the network.
Page 341 S3300 Smart Managed Pro Switch • CoS. 0 • Destination MAC. 01:02:1A:BC:DE:EF • Destination MAC Mask. 00:00:00:00:FF:FF • Source MAC. 02:02:1A:BC:DE:EF • Source MAC Mask. 00:00:00:00:FF:FF • VLAN ID. 2 Figure 120. MAC ACL For more information about how to perform this step, see MAC Rules on page 274.
Page 342: Standard Ip Acl Configuration Example
S3300 Smart Managed Pro Switch ports, you must add a new permit rule with the desired match criteria and bind the rule to interfaces 6, 7, and 8. Standard IP ACL Configuration Example The following example shows how to create an IP-based ACL that prevents any IP traffic from the Finance department from being allowed on the ports that are associated with other departments.
Page 343: Differentiated Services
S3300 Smart Managed Pro Switch Differentiated Services Standard IP-based networks are designed to provide best effort data delivery service. Best effort service implies that the network deliver the data in a timely fashion, although there is no guarantee that it will. During times of congestion, packets can be delayed, sent sporadically, or dropped.
Page 344: Diffserv Traffic Classes
S3300 Smart Managed Pro Switch • Layer 4 protocol (such as TCP or UDP) • Layer 4 source/destination ports • Source/destination IP address From a DiffServ point of view, there are two types of classes: • DiffServ traffic classes •...
Page 345: Diffserv Configuration Example
S3300 Smart Managed Pro Switch • Mark IP DSCP or IP Precedence. Marking/re-marking the DiffServ code point in a packet with the DSCP value representing the service level associated with a particular DiffServ traffic class. Alternatively, the IP Precedence value of the packet can be marked/re-marked.
Page 346 S3300 Smart Managed Pro Switch • Class Type. All For more information about this step, see Class Configuration on page 231. Click the Class1 hyperlink to view the DiffServ Class Configuration screen for this class. Configure the following settings for Class1: •...
Page 347: 802.1X Configuration Example
S3300 Smart Managed Pro Switch On this network, traffic from streaming applications uses UDP port 4567 as the source and 4568 as the destination. This real-time traffic is time sensitive, so it is assigned to a high-priority hardware queue. By default, data traffic uses hardware queue 0, which is designated as a best-effort queue.
Page 348 S3300 Smart Managed Pro Switch is connected can be desirable in order to restrict access to publicly accessible bridge ports or to restrict access to departmental LANs. Access control is achieved by enforcing authentication of supplicants that are attached to an authenticator’s controlled ports.
Page 349: Mstp
S3300 Smart Managed Pro Switch The Port Control setting for all other ports where authentication is not needed should Authorized. When the Port Control setting is Authorized, the port is unconditionally put in a force-Authorized state and does not require any authentication. When the Port Control setting is Auto, the authenticator PAE sets the controlled port mode.
Page 350 S3300 Smart Managed Pro Switch The difference between the RSTP and the traditional STP (IEEE 802.1D) is the ability to configure and recognize full duplex connectivity and ports that are connected to end stations, resulting in rapid transitioning of the port to the Forwarding state and the suppression of Topology Change Notification.
Page 351 S3300 Smart Managed Pro Switch As there are Multiple Instances of Spanning Tree, there is a MSTP state maintained on a per-port, per-instance basis (or on a per port per VLAN basis: as any VLAN can be in one and only one MSTI or CIST). For example, port A can be forwarding for instance 1 while discarding for instance 2.
Page 352: Mstp Configuration Example
S3300 Smart Managed Pro Switch MSTP Configuration Example This example shows how to create an MSTP instance on the switch. The example network has three different switches that serve different locations in the network. In this example, ports g1–g5 are connected to host stations, so those links are not subject to network loops.
Page 353 S3300 Smart Managed Pro Switch Note: Bridge priority values are multiples of 4096. If you do not specify a root bridge and all switches have the same Bridge Priority value, the switch with the lowest MAC address is elected as the root bridge (see Configuration on page 160).
Page 354: Vlan Routing Interface Configuration Example
S3300 Smart Managed Pro Switch VLAN Routing Interface Configuration Example VLANs divide broadcast domains in a LAN environment. Whenever hosts in one VLAN need to communicate with hosts in another VLAN, the traffic must be routed between them. This is known as inter-VLAN routing.
Page 355 S3300 Smart Managed Pro Switch Figure 124. VLAN Routing Wizard The following figure shows the VLAN Routing screen with the configured VLAN routing interface. Figure 125. VLAN Routing Configuration Configuration Examples...
Page 356: Smart M4300/S3300 Firmware Upgrade Procedure
M4300 labeled image 6.6.4.x (with typical filename m4300v6.6.4.x.stk) • S3300 labeled image 6.6.4.x (with typical filename S3300v6.6.4.x.stk) There are two separate images, one for S3300 and another for M4300, as part of the 6.6.4.x release. Note: M4300 and S3300 should have the exact same version number in order for them to mix stack successfully.
Page 357 Smart Control Center (SCC) can be used to discover the Smart M4300 and do some basic settings, same as that can be done on the S3300. M4300 has a default Management IP of 192.168.0.239 if it cannot get an IP address from an available DHCP server.
Page 358 Download a new S3300 6.6.4 image (such as, a 6.6.4.2 image when the stack is running with 6.6.4.1) through the Web UI. This will update the S3300 units in the mix stack with the new 6.6.4 image (for example, 6.6.4.2), but will not download this image into the M4300 units.
Page 359: Converting The M4300 Units Back Into Fully Managed M4300 Mode
Converting the M4300 Units Back Into Fully Managed M4300 Mode The two M4300 units that are part of mixed stacking with S3300 can be brought back to regular M4300 mode (in Fully Managed form with a 12.0.2 image). To do that, follow the...
Page 360: Appendix B Hardware Specifications And Default Values
Hardware Specifications and Default Values Switch Specifications The switch conforms to the TCP/IP, UDP, HTTP, ICMP, TFTP, DHCP, IEEE 802.1D, IEEE 802.1p, and IEEE 802.1Q standards. Table 108. S3300 Switch Specifications and Performance Feature Value S3300-28X 24 10/100/1000Mbps 2 10G/1G SFP+ ports...
Page 361: Switch Features And Defaults
A stackable, fully-managed L2+ Gigabit switch. 24-port 10GBaseT with 4 shared SFP+. These are the existing M4300 series switches that have been reconfigured to act as S3300 switches. The capabilities of the switches match the S3300 capabilities. Switch Features and Defaults The tables in this section provide information about the switch features and default values.
Page 362 S3300 Smart Managed Pro Switch Table 110. Feature Default Values and Default State (continued) Feature Name/Parameter Default Stack Firmware Synchronization Stack Firmware Auto Upgrade Disabled Traps Enabled Allow Downgrade Enabled Global System Usage Threshold Power Management Mode Dynamic Traps Enabled...
Page 363 S3300 Smart Managed Pro Switch Table 110. Feature Default Values and Default State (continued) Feature Name/Parameter Default Flow Control Admin Mode Disabled 802.1X Port Based Authentication State Disabled VLAN Assignment Mode Disabled Dynamic VLAN Creation Mode Disabled EAPOL Flood Mode...
Page 364 S3300 Smart Managed Pro Switch Table 110. Feature Default Values and Default State (continued) Feature Name/Parameter Default CST Spanning Tree Max Hops MST Default Instance ID MST Instance 0 Priority 32768 MST Instance 0 VLAN IDs 1,2,3 PV(R)STP UplinkFast Rate...
Page 365 S3300 Smart Managed Pro Switch Table 110. Feature Default Values and Default State (continued) Feature Name/Parameter Default LAG Type Static Local Link Discovery Protocol (LLDP) Global TLV Advertised Interval Hold Multiplier Reinitializing Delay Transmit Delay Fast Start Duration Interface Admin Status...
Page 366 S3300 Smart Managed Pro Switch Table 110. Feature Default Values and Default State (continued) Feature Name/Parameter Default Local Clock Priority 1 Local Clock Priority 2 Interface Admin Mode Enabled Pdelay Threshold (copper) 2500 Pdelay Threshold (fiber) 8000 Allowed Lost Responses Initial Sync Interval –3...
Page 367 S3300 Smart Managed Pro Switch Table 110. Feature Default Values and Default State (continued) Feature Name/Parameter Default Join Timer Leave Timer Leave All Timer 2000 MSRP SR Class PVID 802.1Qav Class A MSRP Delta Bandwidth (percent) 802.1Qav Class B MSRP Delta Bandwidth (percent)
Page 368 S3300 Smart Managed Pro Switch Table 110. Feature Default Values and Default State (continued) Feature Name/Parameter Default 802.1p to Queue Mapping (802.1p -> Queue) 0 -> 1 1 -> 0 2 -> 0 3 -> 1 4 -> 2 5 -> 2 6 ->...
Page 369 S3300 Smart Managed Pro Switch Table 110. Feature Default Values and Default State (continued) Feature Name/Parameter Default DSCP to Queue Mapping (DSCP -> Queue) Other: (Continued) (1) 000001 -> 1 (2) 000010 -> 1 (3) 000011 -> 1 (4) 000100 -> 1 (5) 000101 ->...
Page 370 S3300 Smart Managed Pro Switch Table 110. Feature Default Values and Default State (continued) Feature Name/Parameter Default Interface Shaping Rate 802.1p to Queue Mapping (802.1p –> Queue) 0 -> 1 1 -> 0 2 -> 0 3 -> 1 4 -> 2 5 ->...
Page 371 S3300 Smart Managed Pro Switch Table 112. Quality of service Feature Sets Supported Default Number of queues 802.1p Enabled DSCP Disabled Rate limiting All ports Disabled Table 113. Security Feature Sets Supported Default 802.1X All ports Disabled MAC ACL 100 (shared with IP and IPv6...
Page 372 S3300 Smart Managed Pro Switch Table 114. System setup and maintenance (continued) Feature Sets Supported Default Dual image support Enabled Factory reset Table 115. System management Feature Sets Supported Default Multi-session web connections Enabled SNMPv1/V2c Max 5 community entries Enabled (read, read-write...
Page 373 S3300 Smart Managed Pro Switch Table 116. Other features (continued) Feature Sets Supported Default MLD Snooping Protocol and MAC-based VLAN Dynamic ARP Inspection Disabled Multiple VLAN Registration (MVR) N/A Disabled Multiple Registration Protocol Disabled (MRP) 802.1AS Disabled Hardware Specifications and Default Values...

Save PDF