Q-NOTE QN-7000HX Guide de l'utilisateur télécharger pdf (Page 8)

New Software Supported

page 8 OmniSwitch 6600/7000/8800—Release 5.1.6.R02

In addition to 802.1s MSTP support, the 802.1D STP and 802.1W RSTP are also available in either the

flat or 1x1 mode. The flat mode applies a single spanning tree instance across all VLAN port connections

on a switch. However, if using 802.1D or 802.1W in the flat mode, the single spanning tree instance per

switch algorithm applies.

A new path cost mode command is available to control whether the switch uses a 16-bit port path cost

(PPC) or a 32-bit PPC. When a 32-bit PPC switch connects to a 16-bit PPC switch, the 32-bit switch will

have a higher PPC value that will advertise an inferior path cost to the 16-bit switch. In this case, it may be

desirable to set the 32-bit switch to use STP or RSTP with a 16-bit PPC value.

By default, the path cost mode is set to automatically use a 16-bit PPC value, which is used for all ports

that are associated with an STP (802.1D) instance or an RSTP (802.1w) instance, and a 32-bit value for all

ports associated with an MSTP (802.1s) value. It is also possible to configure the path cost mode to always

use a 32-bit PPC regardless of which protocol is active.

802.1x Multiple Client Support

Physical devices attached to a LAN port on a switch through a point-to-point LAN connection may be

authenticated through the switch via port-based network access control. This control is available through

the IEEE 802.1X standard, which uses the Extensible Authentication Protocol (EAP) and includes three

components: a supplicant device, an authenticator (the switch), and an authentication server. On the

OmniSwitch, only RADIUS servers are currently supported for 802.1X authentication.

This implementation of 802.1X supports the authentication of multiple clients (supplicants) per physical

802.1X port. After successful authentication, clients are eligible for assignment to one or more VLANs.

In addition, interoperability between Alcatel 802.1x and Sygate Management Server (SMS) and Sygate

Enforcer is also supported. The login identity field in Alcatel 802.1x authentication can be up to 63 bytes

(e.g., Sygate).

Note. On the OmniSwitch 6600 switches, only one VLAN can be assigned to a single physical port. Multi-

ple clients are supported on OmniSwitch 6600s, but all clients need to be assigned to the same VLAN.

802.1X Guest VLAN Support

An optional guest VLAN feature is now available for 802.1X ports. Clients that are connected to an

802.1x port that do not send EAP- Request/Identity frames within a configurable number of polling

attempts, are identified as non-802.1x clients. If a guest VLAN is configured for an 802.1X port, the MAC

address of the non-802.1x client is learned in the guest VLAN. If a guest VLAN is not configured for the

802.1X port, the client is blocked.

Note that on an OmniSwitch 6600 switch, guest VLAN access is only available when there is no other

802.1x client on the port. If a device is learned in the guest VLAN and an 802.1x client successfully

authenticates on the same port, the guest VLAN client is dropped. In addition, an 802.1x port may only

have an association with one VLAN at a time. Multiple VLAN membership is currently not supported on

this platform.

The number of times the switch polls a device for EAP frames is a user- defined value. The polling inter-

val time is set to 0.5 seconds between each retry. This interval is not configurable.

ARP Filtering

The extended proxy ARP process allows you to block specific IP addresses in order to block the switch

from providing ARP replies for the specified IP address(es). This is primarily to get answers on ARP

requests from local clients.

1 2 3 4 5 6 7 8 9 10 11 12 13 ... 114 115

Commentaires sur ces manuels

Pas de commentaire

Q-NOTE QN-7000HX Guide de l'utilisateur Page 8

Commentaires sur ces manuels

Produits connexes et manuels pour Tablettes Q-NOTE QN-7000HX