Linksys SRW2008P Router Manual PDF (Setup & Configuration Guide)

Home

Manuals

Linksys

SRW2008P

Page 41 / 81 Scroll up to view Page 36 - 40

Chapter 5

Advanced Configuration

8-Port 10/100/1000 Gigabit Switch with Webview

to that port (either it was learned on a different port, or it

is unknown to the system), the protection mechanism is

invoked, and can provide various options. Unauthorized

packets arriving at a locked port are either:

Forwarded

•

Discarded with no trap

•

Discarded with a trap

•

Cause the port to be shut down.

•

Locked port security also enables storing a list of MAC

addresses in the configuration file. The MAC address list

can be restored after the device has been reset.

Disabled ports are activated from the Port Security page.

Interface

Displays the port or LAG name.

Lock Interface

Selecting this option locks the specified

interface.

Learning Mode

Defines the locked port type. The

Learning Mode field is enabled only if Locked is selected

in the Interface Status field.The possible field values are:

Classic Lock

•

Locks the port using the classic lock

mechanism. The port is immediately locked, regardless

of the number of addresses that have already been

learned.

Limited Dynamic Lock

•

Locks the port by deleting

the current dynamic MAC addresses associated with

the port. The port learns up to the maximum addresses

allowed on the port. Both relearning and aging MAC

addresses are enabled.

In order to change the Learning Mode, the Lock Interface

must be set to Unlocked. Once the mode is changed, the

Lock Interface can be reinstated.

Max Entries

Specifies the number of MAC addresses that

can be learned on the port. The Max Entries field is enabled

only if Locked is selected in the Interface Status field. In

addition, the Limited Dynamic Lock mode is selected. The

default is

Action on Violation

Indicates the action to be applied to

packets arriving on a locked port. The possible field values

are:

Discard

•

Discards packets from any unlearned source.

This is the default value.

Forward Normal

•

Forwards packets from an unknown

source without learning the MAC address.

Discard Disable

•

Discards packets from any unlearned

source and shuts down the port. The port remains shut

down until reactivated, or until the device is reset.

Enable Trap

Enables traps when a packet is received on

a locked port.

Trap Frequency

The amount of time (in seconds)

between traps. The default value is

seconds.

Security > Multiple Hosts

The

Multiple Hosts

screen allows network managers to

configure advanced port-based authentication settings

for specific ports and VLANs.

Security > HTTPS Settings

Port

Displays the port number for which advanced port-

based authentication is enabled.

Enable Multiple Hosts

When checked, indicates that

multiple hosts are enabled. Multiple hosts must be

enabled in order to either disable the ingress-filter, or to

use port-lock security on the selected port.

Action on Violation

Defines the action to be applied to

packets arriving in single-host mode, from a host whose

MAC address is not the supplicant MAC address. The

possible field values are:

Discard

•

Discards the packets. This is the default

value.

Forward

•

Forwards the packet.

Discard Disable

•

Discards the packets and shuts

down the port. The ports remains shut down until

reactivated, or until the device is reset.

Enable Traps

When checked, indicates that traps are

enabled for Multiple Hosts.

Trap Frequency

Defines the time period by which traps

are sent to the host. The Trap Frequency (1-1000000) field

can be defined only if multiple hosts are disabled. The

default is 10 seconds.

Status

Indicates the host status. If there is an asterisk (*),

the port is either not linked or is down.

Page 42 / 81

Chapter 5

Advanced Configuration

8-Port 10/100/1000 Gigabit Switch with Webview

Number of Violations

Indicates the number of packets

that arrived on the interface in single-host mode, from

a host whose MAC address is not the supplicant MAC

address.

Security > Storm Control

Port

Displays the port number for which storm control is

enabled.

Security > Storm Control

Broadcast Control

Indicates whether broadcast packet

types are forwarded on the specific interface.

Mode

Specifies the Broadcast mode currently enabled

on the device. The possible field values are:

Unknown Unicast, Multicast & Broadcast

•

Counts

Unicast, Multicast, and Broadcast traffic.

Multicast

Broadcast

•

Counts

Broadcast

and

Multicast traffic together.

Broadcast Only

•

Counts only Broadcast traffic.

Rate Threshold

The maximum rate (packets per second)

at which unknown packets are forwarded. The default

value is

3500

. The range is 70 -100000.

QoS

Network traffic is usually unpredictable, and the only

basic assurance that can be offered is best effort traffic

delivery. To overcome this challenge, Quality of Service

(QoS) is applied throughout the network. This ensures that

network traffic is prioritized according to specified criteria,

and that specific traffic receives preferential treatment.

QoS in the network optimizes network performance and

entails two basic facilities:

Classifying incoming traffic into handling classes, based

on an attribute, including:

The ingress interface

•

Packet content

•

A combination of these attributes

•

Providing

various

mechanisms

for

determining

the

allocation of network resources to different handling

classes, including:

The assignment of network traffic to a particular

•

hardware queue

The assignment of internal resources

•

Traffic shaping

•

The terms Class of Service (CoS) and QoS are used in the

following context:

CoS provides varying Layer 2 traffic services. CoS refers to

classification of traffic to traffic-classes, which are handled

as an aggregate whole, with no per-flow settings. CoS is

usually related to the 802.1p service that classifies flows

according to their Layer 2 priority, as set in the VLAN

header.

QoS refers to Layer 2 traffic and above. QoS handles per-

flow settings, even within a single traffic class.

QoS > CoS Settings

QOS > CoS Settings

The

CoS Settings

screen contains fields for enabling or

disabling CoS. In addition, the Trust mode can be selected.

The Trust mode relies on predefined fields within the

packet to determine the egress queue settings.

The

CoS Settings

screen has two areas, CoS Settings and

CoS to Queue.

CoS Mode

Indicates if QoS is enabled on the interface.

The possible values are:

Disable

•

Disables QoS on the interface.

Page 43 / 81

Chapter 5

Advanced Configuration

8-Port 10/100/1000 Gigabit Switch with Webview

Basic

•

Enables QoS on the interface.

Advanced

•

Enables Advanced mode QoS on the

interface.

Class of Service

Specifies the CoS priority tag values,

where zero is the lowest and 7 is the highest.

Queue

Defines the traffic forwarding queue to which the

CoS priority is mapped. Four traffic priority queues are

supported.

The

Restore Defaults

button restores the device factory

defaults for mapping CoS values to a forwarding queue.

CoS Default

Interface

Interface to which the CoS configuration

applies.

Default CoS

Determines the default CoS value for

incoming packets for which a VLAN tag is not defined. The

possible field values are 0-7. The default CoS is

Restore Defaults

Restores the device factory defaults for

mapping CoS values to a forwarding queue.

LAG

LAG to which the CoS configuration applies.

QoS > Queue Settings

The

Queue Setting

screen contains fields for defining the

QoS queue forwarding types.

Strict Priority

Indicates that traffic scheduling for the

selected queue is based strictly on the queue priority.

WRR

Indicates that traffic scheduling for the selected

queue is based strictly on the WRR.

Queue

Displays the queue for which the queue settings

are displayed. The possible field range is 1 - 4.

WRR Weight

Displays the WRR weights to queues.

% of WRR Bandwidth

Displays the amount of bandwidth

assigned to the queue. These values are fixed and are not

user defined.

QoS > DSCP Settings

The

DSCP Settings

screen enables mapping DSCP values to

specific queues.

The

DSCP Settings

screen contains the following fields:

DSCP

Indicates the Differentiated Services Code Point

value in the incoming packet.

Queue

Maps the DSCP value to the selected queue.

QoS > Bandwidth

The

Bandwidth

screen allows network managers to define

the bandwidth settings for a specified egress interface.

Page 44 / 81

Chapter 5

Advanced Configuration

8-Port 10/100/1000 Gigabit Switch with Webview

Modifying queue scheduling affects the queue settings

globally. The

Bandwidth

screen is not used with the Service

mode, as bandwidth settings are based on services.

Queue shaping can be based per queue and/or per

interface. Shaping is determined by the lower specified

value. The queue shaping type is selected in the Bandwidth

screen.

Interface

Indicates the interface for which the queue

shaping information is displayed. The possible field values

are:

Port

•

Indicates the port for which the bandwidth

settings are displayed.

LAG

•

Indicates the LAG for which the bandwidth

settings are displayed.

Ingress Rate Limit Status

Indicates if rate limiting is

defined on the interface.

Rate Limit (62-1000000 Kbps)

Defines the amount of

bandwidth assigned to the interface. The possible field

values are 62-1000000 Kbps.

Egress Shaping Rate on Selected Port

Indicates if rate

limiting is enabled on the interface.

Committed Information Rate (CIR)

Defines CIR as

the queue shaping type. The possible field value is 64 -

1,000,000 Kbps.

Committed Burst Size (CBS)

Defines CBS as the queue

shaping type. The possible field value is 4096-16,769,020

bits. Committed Burst Size cannot be configured on FE

ports.

The

Add to List

button adds the Bandwidth configuration

to the Bandwidth Table at the bottom of the screen.

QoS > Basic Mode

The

Basic Mode

screen contains the following fields:

Trust Mode

Displays the trust mode. If a packet’s CoS

tag and DSCP tag are mapped to different queues, the

Trust Mode determines the queue to which the packet is

assigned. Possible values are:

CoS

•

Sets trust mode to CoS on the device. The CoS

mapping determines the packet queue

DSCP

•

Sets trust mode to DSCP on the device. The

DSCP mapping determines the packet queue

QoS > Advanced Mode

Advanced QoS mode provides rules for specifying flow

classification and assigning rule actions that relate to

bandwidth management. The rules are based on the

Access Control Lists (see Access Control Tab).

MAC ACLs and IP ACLs can be grouped together in more

complex structures, called policies. Policies can be applied

to an interface. Policy ACLs are applied in the sequence

they appear within the policy. Only a single policy can be

attached to a port.

In advanced QoS mode, ACLs can be applied directly to

an interface in the Security - ACL Binding. However, a

policy and ACL cannot be simultaneously applied to an

interface.

After assigning packets to a specific queue, services such

as configuring output queues for the scheduling scheme,

or configuring output shaping for burst size, CIR, or CBS

per interface or per queue, can be applied.

Out of Profile DSCP Assignments

This button opens up

the

Out of Profile DSCP

screen.

Page 45 / 81

Chapter 5

Advanced Configuration

8-Port 10/100/1000 Gigabit Switch with Webview

Out of Profile DSCP

Advanced Mode > Out of Profile DSCP

DSCP In

Displays the DSCP In value.

DSCP Out

Displays the current DSCP out value. A new

value can be selected from the pull-down menu.

The

Policy Settings

button opens the

Policy Name

screen.

Policy Name

Advanced Mode > Policy Name

Policy Name

Defines a new Policy name.

Add to List

The Add to List button will add the policy to

the Policy Name table.

Select Policy

Selects an existing Policy by name. The

Policy can be comprised of:

Class Map

•

Action

•

Policer

•

New Policy Name

Defines a new Policy name.

Class Map

Selects an existing Class Map by name.

New Class Map

The

New Class Map

button opens the

New Class Map

screen.

New Class Map

Advanced Mode > New Class Map

Class Map Name

Defines a new Class Map name

Preferred ACL

Indicates if packets are first matched to

an IP based ACL or a MAC based ACL. The possible field

values are:

IP Based ACLs

•

Matches packets to IP based ACLs first,

then matches packets to MAC based ACLs.

MAC Based ACLs

•

Matches packets to MAC based

ACLs first, then matches packets to IP based ACLs.

IP ACL

Matches packets to IP based ACLs first, then

matches packets to MAC based ACLs.

Match

Criteria used to match IP addresses and /or MAC

addresses with an ACL’s address.The possible field values

are:

And

•

Both the MAC-based and the IP-based ACL must

match a packet.

•

Either the MAC-based or the IP-based ACL must

match a packet.

MAC ACL

Matches packets to MAC based ACLs first, then

matches packets to IP based ACLs.

Police

Enables Policer functionality.

Type

Policer type for the class. Possible values are:

Aggregate

Policer

Configures

the

class

use

configured aggregate policer selected from the drop-

down menu. An aggregate policer is defined if the

policer is shared with multiple classes. Traffic from two

different ports can be configured for policing purposes.

An aggregate policer can be applied to multiple classes in

the same policy map, but cannot be used across different

policy maps.

Single

Configures the class to use manually configured

information rates and exceed actions.

Aggregate Policer

User-defined aggregate policers.

Rate

Popular Linksys Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share