From LLL
Jump to navigationJump to search

Connecting for the first time.[edit]

  • Start Knoppix with option failsafe at boot prompt to boot it on Portier's computer
  • When booted, start minicom -s in a terminal (konsole) or virtual console (Alt+F1)
  • In minicom , Serial port setup, configure the following items:
    • A - Serial Device /dev/ttyS0=
    • E - Bps/Par/Bits 9600 8N1=
    • F - Hardware Flow Control no=
  • Exit from config, the switches login screen should appear
  • Log in with username rw and password the same as on the server
  • Set IP address using the following command: set ip address address mask netmask

Example: set ip address mask

Connecting later on[edit]

  • telnet

Useful commands[edit]

  • Display mac address table (which address is behind which port?): show mac
  • Display VLAN config: show vlan n

VLAN philosophy[edit]

VLANs are relevant both for frames (packets) received from a port (sent by the computer(s) connected to that port), and for frames sent to that port (i.e. sent by computers connected to one of the other ports). VLANs are created using the following command:

set vlan n create

VLANs are named using the following command (names are only for comment purpose):

set vlan name n name

Frames sent to a port[edit]

Each VLAN has two egress lists tagged (default) and untagged. Frames belonging to that VLAN are output to all ports in the VLAN. Packets sent to a tagged port will receive a tag indicating to which VLAN the packet belongs (useful for the link connecting both switches between each other).

There is also a forbidden list; this however is only useful for automatic configuration (GVRP): a port in the forbidden list may not be registered to the VLAN by GVRP.

Add a port to VLAN egress list, and set it to be tagged:

set vlan egress 2 fe.1.47 tagged

Add a port to VLAN egress list, and set it to be untagged:

set vlan egress 2 ge.1.1 untagged

Remove a port from both tagged and untagged lists:

clear vlan egress 2 fe.1.1

Frames received by a port[edit]

Frames bearing no tag (the normal case) received on a port will be put into that port's default VLAN (usually 1). Default VLAN can be chosen by the following command:

set port vlan fe.1.47 2

Frames having a tag will be put into the VLAN corresponding to that tag. However, if ingress-filtering is enabled on that port, packets are only accepted if the frame's VLAN corresponds to one of the VLAN's on whose egress list the port is (i.e. port accepts packet only for VLAN for which it would also send packets to this port)

set port ingress-filter fe.1.47 enable

CAUTION: ingress-filter also applies to default VLAN of port (i.e. if port is not in its default VLAN's egress list, it may not receive any untagged packets whatsoever from computer(s) connected to this port!)