Home > GUI > Configuration > Switch Port Settings
|
Switch Port Settings
View, add, filter, sort, select, modify, and enable or disable switch port settings on this page, including options found under the Port Details, Port Settings, STP, Storm Control, and PSE tabs.
Navigate using the tab icons. Hover over an icon to see the name of the tab.
Configure > Network Policies > policy_name > Device Templates > Switch Templates > switch_template_name > Configuration > Port Configuration
or
Manage > Devices > switch_name > Configuration > Port Configuration
You can configure switch ports in bulk or on an individual basis. See both methods described below.
Configure Multiple Ports Simultaneously
To configure multiple ports of the same type, select the ports in the template. To clear a port, select it again. You can also use the Select All Ports or Deselect All Ports options.
Select Assign above the top right corner of the template. Select Choose Existing to select an existing port type or select Create New to create a new port type.
If you chose an existing port type, select Save to complete the operation.
Create a New Port Type
Create New: Configure a new port type in the New Port Type section.
Name: Enter a name for the new port type. The name can contain up to 64 characters, including spaces.
Note
This release supports applying a name to a VOSS switch port. Previous versions did not support this feature.Description: This field contains a description based on your Port Usage Settings selection. You can change the default description.
Port Status: Turn the port off or on.
In the Port Usage Settings section, select one of the following port types:
Access Port: Ports connected to individual hosts such as printers, servers, and end-user computers.
Phone with a data port: Ports connected to IP phones, and optionally, to computers cabled to the phones.
Trunk port: Ports connected to network forwarding devices such as switches and APs that support multiple VLANs on trunk ports.
Mirror port: Ports that serve as the destination to which you want to mirror data from one or more other ports for diagnostic purposes.
See the settings for each port type described below.
Access Port
Wired Connectivity: For access ports that support wired devices, configure the following settings:
User Authentication: Turn user authentication ON for wired devices, such as printers, servers, and end-user computers.
MAC Authentication: Turn MAC authentication ON for legacy devices that use MAC addresses as the user name and password to authenticate clients.
For either selection, configure the following:
Authenticate via RADIUS Server: Configure a RADIUS server for authentication. For more information about how to configure a RADIUS server and add a RADIUS server group, see Configuring a RADIUS Server Group.
Authentication Method Priority: Select the priority in which the authentication methods are used by moving them up or down using the arrows in the Order column in the table.
Phone with a Data Port
Wired Connectivity: For access ports that support wired devices, configure the following settings:
User Authentication: Turn user authentication ON for wired devices, such as printers, servers, and end-user computers.
MAC Authentication: Turn MAC authentication ON for legacy devices that use MAC addresses as the user name and password to authenticate clients.
For either selection, configure the following:
Authenticate via RADIUS Server: Configure a RADIUS server for authentication. For more information about how to configure a RADIUS server and add a RADIUS server group, see Configuring a RADIUS Server Group.
Trunk Port
A trunk port is a specific port-type on a network switch that allows multiple virtual local area network (VLAN) data to flow across a network.
Mirror Port
Port mirroring allows you to monitor the traffic on one or more ports by having the switch sends a copy of all traffic on a specified port (the source port) or VLAN to a second (mirror) port. This copy allows you to monitor traffic without installing additional monitoring equipment in the signal path.
Configure one of the following settings for a new mirror port type:
Ingress-and-Egress mirror: Route all traffic (default).
Anomaly mirror: Route all anomalous traffic.
Egress mirror: Route outbound traffic only.
Ingress mirror: Route inbound traffic only.
VLAN mirror: Route traffic from all ports belonging to that VLAN.
Use the switch specific CLI command set to configure the switch. See the switch manual for instructions for EXOS and VOSS products.
Configure Ports Individually
You can also configure port details in the pop-up window to port settings, STP, Storm Control, and PSE for individual ports. Described below are the settings for each:
Port Details Parameters
The Port Details tab includes the following parameters:
Interface: The interfaces available for the switch, such as Eth1/0/1-Eth1/0/52. You can edit specific interfaces by selecting the check box next to the interfaces you want to change.
Port State: You can turn the port on or off. You can also change the port state by selecting the port check box, and then selecting EDIT.
LACP: Activate to apply link aggregation control protocol to a link aggregation group member port. See "More about LAGs and LACP" for more information.
LACP: Activate to apply link aggregation control protocol to a member of a link aggregation port group . See "More about LAGs and LACP" for more information.
Port Usage & VLAN: This column displays the port type and VLAN assigned to the port. Change the VLAN number directly in the VLAN text box or select the check box for the port, and then select EDIT.
Changes to a port at this level override the device template settings in the network policy. To revert ports to the original template setting, select the revert icon ( 
) to the right of the VLAN field.
Port Description: Enter a brief description of the port. You can also change the port description by selecting the port check box, and then selecting EDIT.
Port Settings Parameters
The Port Settings tab includes the following parameters:
MTU Settings: Enter a maximum transmission unit value from 1500 bytes to 9600 bytes. The default is 1500 bytes.
Flow Control: Select how to manage the rate of transmission speed at which the port receives data. Choose between Enable, Disable (default), and Auto, which enables a feedback mechanism between a transmitting port and the receiving port on the switch.
Flow Control: Select how to manage the rate of transmission speed at which the port receives data. Choose between Enable, Disable (default), and Auto, enabling a feedback mechanism between a transmitting port and the receiving port on the switch.
Interface: The interfaces available for the switch, such as Eth1/0/1-Eth1/0/52. You can edit specific interfaces by selecting the check box next to the interfaces you want to change.
Transmission Type: (Not available for Dell EMC switches.) Select Auto, Half-Duplex, or Full-Duplex. When set to Auto, the default, the switch negotiates the best common duplex mode with the connected device. Setting the transmission type to Full-Duplex forces the switch to attempt to communicate with the connected device using full duplex communication and choosing Half-Duplex forces the switch to use half duplex communication.
Transmission Type: (Not available for Dell EMC switches.) Select Auto, Half-Duplex, or Full-Duplex. When you select Auto (default) causes the switch to negotiate the best possible duplex mode possible with the connected device. Full-Duplex mode forces the switch to communicate with the connected device using full-duplex communication and choosing Half-Duplex mode forces the switch to use half-duplex communication.
Speed: Choose the speed at which you want the switch port to communicate with the connected device. By default, the switch negotiates the best speed with the connected device, but you can choose 10, 100, or 1000 Mbps.
LLDP Receive: (SR2000 and SR2100 series switches only.) Select to enable the switch to receive LLDPDU frames.
CDP Receive: (SR2000 and SR2100 series switches only.) Select to enable the switch to receive and parse the information within Cisco CDP frames.
CDP Receive: (SR2000, SR2100 and EXOS series switches only.) Select to enable the switch to receive and parse the information within Cisco CDP frames.
Client Reporting: (SR2000 and SR2100 series switches only.) Select this check box to enable client reporting for the switch.
STP Parameters
The STP tab is where you configure spanning tree protocol on switches to activate links that have the lowest cost (highest bandwidth), establish backup links where possible, and prevent Layer 2 network loops. The latter case can result in duplicate unicast frames and broadcast storms.
The STP tab is where you configure spanning tree protocol on switches to activate links with the lowest cost (highest bandwidth), establish backup links where possible, and prevent Layer 2 network loops. The latter case can result in duplicate unicast frames and broadcast storms.
STP elects the root bridge based on MAC address and priority. If all ports have the same priority, then the switch port with the lowest MAC address is elected to be the root bridge.
STP elects the root bridge based on MAC address and priority. If all ports have the same priority, then the switch port with the lowest MAC address is the root bridge.
You can also configure port priorities in the device template. However, settings that you make there are overridden by any settings you make here.
Note
To configure spanning tree protocol for switch ports, you must first have enabled STP as described.The STP tab includes the following parameters:
Interface: The interfaces available for the switch, such as Eth1/0/1-Eth1/0/52. You can edit specific interfaces by selecting the check box next to the interfaces you want to change.
Port Type: Select the STP port type: Access Port, Access Port 99, Phone Data Port, or Trunk Port.
STP Status: Turn STP for the port on or off.
Edge Port: (Off by default). An edge port connects to a user terminal or server, instead of other switches or shared network segments. A port configured as an edge port will not cause a loop upon network topology changes.
BPDU Protection: (Disabled by default). Use the drop-down list to change BPDU protection to guard or filter status.
Priority: When this port is an STP edge port, select a port priority for STP from the drop-down list. The port priority can be any number between 0 and 61440. The default setting is 128. From this page, you can manually designate a port to act as aroot bridge by assigning port priorities.
Path Cost: Enter the path cost (bandwidth) for this port.
Storm Control Parameters
The Storm Control tab is where you configure the mitigation of traffic storms by tracking the source and type of frames to determine whether they are legitimately required. The switch discards frames that it determines to be the products of a traffic storm. You can apply storm control to broadcast, unknown unicast, and multicast traffic, and configure packet-based or byte-based rate limit thresholds for each interface. If your rate limit exceeds the limit set by the network policy, and icon appears below the Rate Limit Type field, which allows you to revert to the original value.
The Storm Control tab includes the following parameters:
Interface: The interfaces available for the switch, such as Eth1/0/1-Eth1/0/52. You can edit specific interfaces by selecting the check box next to the interfaces you want to change.
Port Type: Select the port type by selecting one of the following: Access Port, Access Port 99, Phone Data Port, or Trunk Port.
Broadcast: Select to include broadcast traffic; that is, traffic that is forwarded to all destinations simultaneously.
Unknown Unicast: Select to include unicast traffic whose destination address does not appear in the forwarding database.
Multicast: Select to include traffic whose destination is a multicast address.
TCP-SYN: (SR2000 and SR2100 series switches only.) Select to include TCP-SYN flood traffic.
Rate Limit Type: This is KBps (kilobytes per second) or Percentage if you selected Byte Based and PPS (packets per second) if you selected Packet Based.
Value: Enter the threshold value above which you want the switch to discard traffic of the selected types.
Note
For changes on this tab to take effect, save the configuration, and then push a complete update to the switch.PSE Parameters
The PSE tab is where you configure PSE (power sourcing equipment) settings. These settings define how ports manage the power that they supply to powered devices, such as APs.
The EDIT button allows you to configure PSE settings on a single interface or multiple interfaces simultaneously. Select the check box next to the interfaces you want to configure, and then select EDIT. In the dialog box, you can enable or disable PoE (turn it off or on) and select an existing PSE profile, or create a new PSE profile. Select Save to apply your changes to the selected interfaces.
The PSE tab includes the following parameters:
Interface: The interfaces available for the switch, such as Eth1/0/1-Eth1/0/52. You can edit specific interfaces by selecting the check box next to the interfaces you want to change.
Port Type: Select the STP port type by selecting one of the following: Access Port, Access Port 99, Phone Data Port, or Trunk Port.
PoE Status: The PoE feature for this interface can be turned on or off by selecting the Port State button. If you want to revert the PoE setting, select the icon, which appears when you change the Port State.
Power Mode: Select 802.3af or 802.3at.
Power Limit(mW): (Not available for Dell EMC switches.) Use this field to limit the available PoE power to a level lower than the maximum allowed by the power mode. Enter the power limit in milliwatts from 100 mW to the current power mode maximum (15400 mW for 802.3af, or 32000 mW for 802.3at).
Priority: Due to changes in PD (powered device) power requirements, the total power budget might exceed the total power available. The priority determines which ports remain powered (critical or high priority) and which do not (low priority). Select a priority from the drop-down list:
Low: If the total PD power consumption exceeds the PSE power budget, power output is modified to bring the total consumption back to within the PSE power budget.
High: When the total PD power consumption exceeds the PSE power budget, power output is modified only after ports with low priority PSE profiles are regulated.
Critical: When the total PD power consumption exceeds the PSE power budget, power output is shut down last.
Configure Aggregate LAG and LACP Ports
You can group individual ports into aggregate ports on 24- and 48-port switches by selecting two or more ports of the same type on the switch template. See "More about LAGs and LACP" for more information about aggregate ports.
Select the ports you want to aggregate on the switch template, and then select Assign > Advanced Actions > Aggregate. In the dialog box, enter an aggregate port channel number, and type of traffic balancing to use across all physical ports in the group. Select Save. The aggregate name that you chose is visible in the Applied to Ports column on the Port Type in Use table.
More about LAGs and LACP
A LAG (link aggregation group) combines physical ports and uses traffic load sharing among the member ports in the group to make a single high-bandwidth virtual connection. ExtremeCloud IQ supports LACP (link aggregation control protocol) for Extreme Networks SR22xx and 23xx switches and Dell EMC switches.
A LAG (link aggregation group) combines physical ports and uses traffic load sharing among the groups member ports to make a single high-bandwidth virtual connection. ExtremeCloud IQ supports LACP (link aggregation control protocol) for Extreme Networks SR22xx and 23xx switches and Dell EMC switches.
LACP is used to prevent communication failure over LAG. Consider the case where a LAG (without LACP enabled) is needed between Switches A and B. If the LAG ports on Switch A are not correctly paired with the LAG ports on Switch B or the ports have different speed configurations, the communication through the LAG will fail. LAGs without LACP enabled are prone to configuration errors.
Consider the case where the admin enables LACP on the LAG of Switch A and Switch B. The LACP protocol is transmitted over the LAG ports between the two switches to verify the proper configuration and port connections. Only the connected ports and that share similar physical configurations are enabled on the LAG between Switches A and B. If the admin forgot to connect a cable between the two switches and later connects it, LACP dynamically "activates" the new link member. Similarly, if a link is removed or fails, LACP dynamically deactivates the affected ports, that is, the affected port is not used for sending traffic. Note that LACP also addresses how the LAG links between switches may be "up", but one switch is not responding. For example, this may happen when cables are extended between switches using extender devices, which could prevent a switch from detecting that the link on the other side of the extender is cut. In this case, LACP communication fails, which declares the port as deactivated for LAG load-balancing. With LACP, the LAG active or inactive status of a port is independent of the port up or down status. A port may be "up" but inactive for LAG traffic because of an LACP decision.
LACP tries to activate the maximum number of compatible ports in a LAG, up to the maximum allowed by the hardware of each switch. If LACP cannot activate all the compatible ports, where one switch supports more ports on the LAG than the other, then ports that cannot be included in the LAG are put in “hot standby” and are used only if one of the other LAG ports fails.
When you change the setting for a switch template at the device level, the template name is changed to include the word "custom". To revert to the original template, select REVERT.
Copyright © 2020 Extreme Networks. All rights reserved. Published March 2020.