Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Meraki's MS switch allows you to configure anything from a single port to thousands of ports through our industry-first,
Virtual Stacking technology. Virtual Stacking provides centralized management for up to 10,000 switch ports and unlike
traditional stacking, virtually stacked switches do not require a physical connection, can be in different physical locations,
and can be of different switch models, thereby simplifying large scale, distributed deployments.
From the Configure > Switch Ports page, you can name your ports, turn ports on/off, enable spanning tree (RSTP),
define port types (access/trunk), and specify VLANs (data and voice).
Search terms
Enter any value in to the search omnibox for an instant search result
Use conditional operators to separate multiple search queries (AND, OR)
Use a wildcard to search for more general results ( * )
Enter specific search terms to find a particular port:
Search Type
Search Value
Result
Port
port:value
port:1-10
Name
name:value
name:"joe's desktop"
Switch
switch:value
switch:"1st floor"
Detected Uplink
is:uplink
return interface(s)
detected as uplink to
Meraki Cloud
Example
is:uplink
not:uplink
Search Type
Search Value
Result
Tags
tag:value
vlan:value
VLAN
vlan:native
vlan:voice
Example
tag:"blue 132"
vlan:"60"
vlan:"native 60"
vlan:"voice 20"
LLDP
lldp:value
lldp:"MR24"
Type
is:value
is:trunk
link:value
Link
link:"100 mbps"
link:"10 gbps"
is:aggregated
is:"aggregated"
Access Policy
ap:value
ap:*
Port Schedule
schedule:value
schedule:*
Group
group:value
Link Aggregate
group:1
Search Type
Search Value
Result
group (the virtual stack
automatically
categorizes the 3 most
common configuration
types into groups 1,2
and 3)
MAC Whitelist
mac_whitelist:*
Example
group:2
group:3
mac_whitelist:aa:bb:cc:dd:ee:ff
mac_whitelist:*
The search tool is also capable of intelligently combining multiple search queries. See a few examples below.
In order to make changes to a port or port group on your MS switch, select the port or ports you would like to change by
checking their prospective check box(es).
Choose "Edit selected items" and make the desired changes. See the screenshot below for all configurable items.
Once you are satisfied with the changes you've made, save them by selecting "Update ports". This will instantly push the
changes to your MS Switch.
If you would like untagged traffic to be tagged with a Native VLAN on egress, specify the Native VLAN by entering the
VLAN ID in the appropriate field.
In the VLAN field on the configuration window, enter the VLAN ID for the appropriate VLAN. Please note that making
changes to your uplink port is not recommended as you may lose connectivity to the Meraki Cloud Controller.
In the VLAN field on the configuration window, enter the VLAN ID for the appropriate VLAN. Please note that making
changes to your uplink port is not recommended as you may lose connectivity to the Meraki Cloud Controller.
If a voice VLAN is specified, the port will accept tagged traffic on the voice VLAN. In addition, the port will send out LLDP
and CDP advertisements recommending devices use that VLAN for voice traffic.
Please note that STP Portfast (immediate forwarding state) is enabled by default on ports configured as Access
ports
BPDU guard is a spanning tree enhancement that will instruct the switchport to go into a discarding state if a BPDU is
received on the interface. The interface will remain in discarding state for 15 seconds.
Root guard is typically enabled on switch to switch connections and when enabled, will keep the port in a designated
role. If a superior BPDU is received, the port will go into a discarding state. Once the port stops receiving superior
BPDUs it will automatically go back to learning/forwarding state
MS switches support whitelist based port-security which allows administrators to configure basic port-level protection
against unauthorized network access. By default the whitelist is empty and disabled, thus allowing the switch to add any
mac address to its forwarding table. However, by specifying one or more mac addresses, one can limit which devices
are permitted on a per-port basis.
Port Isolation
In certain deployments, it may be desired to enable Port Isolation. Enabling this feature prevents any isolated port from
communicating with other isolated ports. This feature has two options:
Enabled - Port has complete Layer 2 separation from all other isolated ports on the same VLANs. Port can only
receive/send traffic to non-isolated ports.
Disabled - Port can communicate with all interfaces on the same VLANs, including isolated ports.
A common use case for this feature is a hotel that wants to enable guest isolation between rooms for wired ports. For
further information on this feature, please reference our documentation.
In addition to MAC Whitelisting, you can optionally enable "Sticky MAC" learning with a maximum quantity of learned
addresses. This will instruct the configured switch port(s) to dynamically learn the MAC addresses of the connected
devices up to the maximum amount specified.
This feature is useful for secured environments where the connected devices do not and should not change (i.e. a point
of sale system in a retail environment with PCI compliance requirements).
Identifying ports
It can be very useful to name or tag individual ports for management and troubleshooting purposes. For example, you
may want to label the Uplink or stack interconnect port in the event you need to make a change to that port. You can
then search your entire virtual stack by port name to easily locate a particular port or range of ports (ie. all ports
containing the term "uplink"). See Searching for ports for more info.
Link Aggregation
The MS series supports Link Aggregation (LACP) groups of up to 8 ports. To configure an aggregate, simply choose the
ports you would like to aggregate by checking their respective boxes and then select the "Aggregate" option at the top of
the page (see video 1 below).
Doing this will create an LACP port group running mode:active.
A "Link Aggregate" is a combination of ports that act as one logical link. This is often referred to as Link
Bonding, Link Aggregation, or EtherChannel. A link aggregate will load balance across the different physical
links for additional performance, and will also give higher reliability because the link aggregate will continue to
function as long as at least one of the physical links is working.
By default the MS series runs an LACP Passive instance per port. This is to prevent loops when a bond is
connected to a switch running default configuration.
It is generally recommended that you first configure a link aggregate and then physically connect the aggregated
ports. Be sure to configure the aggregate (or have LACP enabled) on both ends of the link.
Aggregated ports allow you to use multiple physical ports on your switch in order to create one logical connection with
another switch or host. This assumes that the device you're connecting to is also configured to aggregate its connected
ports. This is useful for providing higher throughput as well as high availability as the link continues to function even if
part of the aggregate connection fails.
Port Mirroring
It may be necessary to configure a mirrored port or range of ports. This is often useful for network devices that require
monitoring of network traffic, such as a VoIP recording solution or an IDS (Intrusion Detection System).
Configuration
In order to enable and configure a mirrored port or range of ports, navigate to Switch >> Switch Ports. On this page
select the ports that are intended for mirroring and hit the mirror button.
After which enter the destination port for the mirror session. If the ports are in a switch stack then also select the desired
switch in the stack for the mirror destination.
Once the Mirror is configured it can be easily identified using the "Mirror" column in dashboard.
10