araknis AN-210-SW-F-16-POE, AN-210-SW-R-16-POE, AN-210-SW-F-24-POE, AN-210-SW-F-48-POE, AN-310-SW-F-8 Product Manual

...

Page 1

210/310 SERIES MANAGED NETWORK SWITCH

PRODUCT MANUAL

Models:

AN-210-SW-F/R-8-POE AN-210-SW-F/R-16-POE AN-210-SW-F/R-24-POE AN-210-SW-F-48-POE AN-310-SW-F/R-8 AN-310-SW-F/R-16 AN-310-SW-F/R-24 AN-310-SW-F-48 AN-310-SW-F/R-8-POE AN-310-SW-F/R-16-POE AN-310-SW-F/R-24-POE

Page 2

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

About this Manual

This manual was created to provide a reference for installers and end users of Araknis Networks™ products. It provides all known information regarding the installation, setup, use, and maintenance of the product. The symbols below are used to identify important information:

Pro Tip – Pro tips are included in sections of the manual to add information that provides extra value, utility, or ease-of-use for the installer or end user of the product. These items are not required, but have been added for your convenience.

Note – Notes emphasize information important to the installation, setup, or use of the product that is not essential to follow for safety of the equipment or user. These items contain essential information that, if missed, would cause the installer or end user extra work to overcome.

Caution – The caution symbol is used to indicate information vital to the safety of the equipment in use with the product, or the product itself. Not following a caution will almost always result in permanent damage to equipment that is not covered by warranty.

Warning – Warnings indicate information vital to the safety of the installer or end user of the product. Not following a warning may result in permanent damage to equipment and serious injury or death of the installer or end user.

Table of Contents

Page 3

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

Table of Contents

1 - Welcome to Araknis Networks™ 8

2 - Package Contents 8

3 - Series Overview 8

4 - Device Layout 9

Rear Facing Models 10 Front Facing Models 10

5 - Hardware Installation 11

Mounting 11 Rack Mount 11 Wall Mount 11 Shelf Mount 11 Rack Mounting Guidelines 12 Connections 13 Input Power Requirements 13 Network Cable Requirements 13 SFP Ports 13 Switch 13 PoE Budget Calculation Example 14

6 - OvrC Setup 15

7 - Interface Access 16

OvrC Web Connect Access 16 Direct Access Using LAN IP Address (DHCP) 17 Default IP Address Access 18

8 - Interface Overview 21

Page Layout 21 Applying or Canceling Changes 21

9 - Switch Status Pages 22

System Status Page 22

System Information 22 Port Status 22 Events Log 23

Port Status Page 24

10 - System Settings 25

System Information 25 IP Address Settings 26

IPv4 IP Settings 26

IPv6 IP Settings 26 Date and Time Settings 27 UPnP Setting 27

11 - Recommended Setup – System Settings 28

12 - Port Conﬁguration Settings 29

Jumbo Frame Setting 29 Basic Port Settings 29 Advanced Port Settings 30

Table of Contents

Page 4

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

13 - PoE Settings 31

PoE Setup and Troubleshooting 32 Checking Status of PoE Devices 32 Conﬁguring PoE Ports 32 Troubleshooting PoE Issues 32

14 - VLAN Settings (Basic Port-Based) 33

Access and Trunk Port Selection 33 Creating a New VLAN 34

15 - Link Aggregation Settings 35

Creating a New Link Aggregation Rule 36

16 - Access Management Settings 37

User Management 37 HTTP/Telnet/SSH 37

17 - Maintenance Menus 38

Ping Test 38

Running a Ping Test 38

Understanding Ping Test Results 39

Troubleshooting Using Ping Test Results 39 Trace Route Test 40

Running a Trace Route Test 40

Understanding Trace Route Test Results 41 File Management Settings 42

Conﬁguration File 42

Firmware 42 Dual Image 43 Firmware Update Instructions 43 Restart 44 Log Out 44

18 - Advanced Menus 45

19 - Advanced Port Statistics 46

20 - Neighbors – MAC Address Table 48

Static and Dynamic MAC Address 48

21 - Neighbors – LLDP 49

Information Table 49 Settings 50 Remote Device Table 50

22 - Multicast – IGMP Snooping 51

Settings 51 VLAN Settings 51 Querier Settings 52 Group List 53 Router Settings 53 URC Settings 53

Table of Contents

Page 5

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

23 - Multicast – MLD Snooping 54

Settings 54 VLAN Settings 54 Group List 54 Router Settings 55

24 - STP – Overview 56

STP – Global Settings 56

Settings 56

Root Bridge Information 57

Basic Setting 58

25 - STP (Spanning Tree Protocol) Overview 59

STP – CIST Settings 59

Port Settings 59 STP – MST Settings 61

Instance Settings 61

Port Settings 62

26 - Advanced VLANs – Overview 63

Advanced VLANs – 802.1Q VLANs 63

VLAN Settings 63

PVID Settings 63 Advanced VLANs – Private VLANs 64 Advanced VLANs – Voice VLANs 65

General Settings 65

OUI Settings 66

Port Settings 66

27 - Security – Port Mirroring 67

28 - Security – 802.1x 67

802.1x Global Setting 67 Port Settings 68 Authenticated Host 69

29 - Security – Radius Server 70

30 - Security – DOS 71

Global Settings 71 Global DOS Security Settings, Continued 72 Port Settings 72

31 - Security – Port Security 73

32 - Security – MAC Address Filter 73

33 - RMON Overview 74

RMON – Event List 74 RMON – Event Log Table 74 RMON – Alarm List 75 RMON – History List 76 RMON – History Log Table 76

Table of Contents

Page 6

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

34 - QoS – Overview 77

QoS – Global Settings 77 QoS – COS Mapping 77 QoS – DSCP Mapping 78 QoS – Port Settings 78 QoS – Bandwidth Control 78 QoS – Storm Control 79

35 - ACL – Overview 80

ACL – MAC ACL 80

MAC ACL List 80

MAC ACE List 80

MAC ACE List Editor 81 ACL – IPV4 ACL 82

IPv4 ACL List 82

IPv4 ACE List 82

IPv4 ACE List Editor 83 ACL – IPV6 ACL 84

IPv6 ACL List 84

IPv6 ACE List 84 IPv6 ACE List Editor 85 ACL – ACL Binding 86

36 - SNMP – Overview 87

SNMP – Global Settings 87

Settings 87

Trap Settings 88

Remote Engine ID List 88 SNMP – Lists 89

Group Lists 89

View List 89

SNMP Community List 90

User List 90

37 - Advanced LACP 91

Settings 91 LACP Timeout 91

38 - Advanced Log 92

Settings 92 Local Logging 92 Remote Logging 92

39 - AN-210-SW Hardware Speciﬁcations 96

40 - AN-310-SW (Non-PoE) Hardware Speciﬁcations 97

41 - AN-310-SW-POE Hardware Speciﬁcations 98

42 - General Speciﬁcations (All 210/310 Models) 99

Table of Contents

Page 7

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

43 - Appendix – Safety and Regulatory Information 101

FCC Warning 101 CE Warning 101 UL Statement 101

44 - Warranty 102

2 Year Limited Warranty 102 Contact Information 102

Table of Contents

Page 8

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

1 - Welcome to Araknis Networks™

Thank you for purchasing an Araknis 210/310 series network switch. This manual details the installation and setup of the hardware and the managed interface.

2 - Package Contents

Figure 1. Package Contents

Switch (1)

AC Power Cord

3 - Series Overview

Model Ethernet Ports SFP Ports PoE Budget (Watts)

AN-210-SW-F/R-8-POE 8 2 65W

AN-210-SW-F/R-16-POE 16 2 130W

AN-210-SW-F/R-24-POE 24 2 190W

AN-210-SW-F-48-POE 48 4 375W

AN-310-SW-F/R-8 8 2 -

AN-310-SW-F/R-16 16 2 -

AN-310-SW-F/R-24 24 2 -

AN-310-SW-F-48 48 4 -

AN-310-SW-F/R-8-POE 8 2 130W

AN-310-SW-F/R-16-POE 16 2 250W

AN-310-SW-F/R-24-POE 24 2 375W

Rubber Feet for Flat

Surfaces (4)

Rack-Mount Kit:

Ears (2), Screws (8)

Quick Start Guide

Table of Contents

Page 9

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

4 - Device Layout

AN-210-SW-R-8-POE

AN-210-SW-F-8-POE

AN-310-SW-R-8-POE

1 2 3 4 5 6 7 8 9F 10F

1 Gbps

Link/Act

1 Gbps

Link/Act

AN-210-SW-R-8-POE

AN-310-SW-R-8-POE

AN-310-SW-F-8-POE

1. Power LED – On: system is up. O: system is down.

2. 1Gbps LED – On: port connected at 1000Mbps speed. O: port is connected at 10/100Mbps speed.

3. Link/Act LED – On: port is connected to another device. Blinking: packets are running through the port. O: port is not connected to a device.

Note – The 1Gbps LED behavior may be conﬁgured to indicate other information. See instructions

in section “10 - System Settings” on page 23.

AN-310-SW-F-8-POE

Table of Contents

Page 10

Araknis Networks AN-210/310-SW-F/R Manual

1 Gbps/PoE

Product Manual

Factory Reset

Reboot or default the switch conﬁguration settings.

Rear Facing Models

1 3 5 7

Link/Act1 Gbps

Front Facing Models

48 Port Models

RESET

2 4 6 8

1 Gbps

Link/Act

9 SFP 10 SFP

AN-310-SW-F-8-POE

1. Reboot – Press and hold the RESET button on the back of the switch for 5 seconds, then release. The

switch will power cycle and the front status lights will ﬂash.

2. Factory Reset – Press and hold the RESET button for 10-15 seconds until the status LEDs ﬂash once. The

switch will power cycle and be reset to factory default settings.

Table of Contents

Page 11

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

5 - Hardware Installation

Mounting

Figure 2. Mounting Methods

A B C

Rack Mount Wall Mount Shelf Mount

Note – The switch must be wall mounted with the Ethernet ports facing either the ﬂoor or the

ceiling. Do not mount the switch with the ports facing to the side.

Note – Do not stack other equipment on top of the switch to avoid possible interference or damage.

Note – Mounting is the same for models with both front- and rear-facing ports.

Table of Contents

Page 12

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

Rack Mounting Guidelines

Elevated Operating Ambient – If installed in a closed or multi-unit rack assembly, the operating ambient

temperature of the rack environment may be greater than room ambient. Therefore, consideration should be given to installing the equipment in an environment compatible with the maximum ambient temperature of 104°F.

Reduced Air Flow – Installation of the equipment in a rack should be such that the amount of air ﬂow required for safe operation of the equipment is not compromised.

Mechanical Loading – Mounting of the equipment in the rack should be such that a hazardous condition is not achieved due to uneven mechanical loading.

Circuit Overloading – Consideration should be given to the connection of the equipment to the supply circuit and the eect that overloading of the circuits might have on overcurrent protection and supply wiring. Appropriate consideration of equipment nameplate ratings should be used when addressing this concern.

Reliable Earthing – Reliable earthing of rack-mounted equipment should be maintained. Particular attention should be given to supply connections other than direct connections to the branch circuit (e.g. use of power strips).

Table of Contents

Page 13

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

Connections

Figure 3. Connection Diagram

ENABLED

Router

1 3 5 7

Link/Act1 Gbps

IP Camera

RESET

2 4 6 8

1 Gbps

Link/Act

9 SFP 10 SFP

Switch

1 3 5 7

Link/Act1 Gbps

1 Gbps

RESET

Link/Act

2 4 6 8

120V AC

Wall Outlet

Switch

9 SFP 10 SFP

Computer

Note – AN-210-SW-R-8-POE shown. Connection is the same for models with both front- and rear-

facing ports.

Input Power Requirements

AC Input Voltage: 100-240V AC, 50-60 Hz.

Network Cable Requirements

568B termination is recommended (Figure 4. EIA/TIA 568B Termination Pattern) Connect a Cat5e/6 straight-through cable between the switch and other equipment.

Figure 4. EIA/TIA 568B Termination Pattern

Pin 1 White/Orange Pin 5 White/Blue

Pin 2 Orange Pin 6 Green

Pin 3 White/Green Pin 7 White/Brown

Pin 4 Blue Pin 8 Brown

(Gold pins facing up)

Note – Maximum cable length is 328 feet (100m). A repeater device is required for longer runs.

SFP Ports

The SFP (Small Form Factor Pluggable) ports guarantee a 1 Gbps connection and are typically used to connect switches together. Connect SFP ports using Araknis SFP adapters for RJ45 or multi-mode ﬁber cables. SFP adapters sold separately.

Table of Contents

Page 14

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

PoE Budgeting

The power budget for delivering Power over Ethernet limits the total number of watts available between all of the ports (limited to 30W total consumption on each port). Add the total number of watts consumed by all connected PoE devices to ensure that every thing can be powered, as illustrated in the example below.

Model PoE Budget

AN-210-SW-F/R-8-POE 65W

AN-210-SW-F/R-16-POE 130W

AN-210-SW-F/R-24-POE 190W

AN-210-SW-F-48-POE 375W

AN-310-SW-F/R-8-POE 130W

AN-310-SW-F/R-16-POE 250W

AN-310-SW-F/R-24-POE 375W

PoE Budget Calculation Example

Figure 5. PoE Calculation Example

1 3 5 7

Link/Act1 Gbps

RESET

2 4 6 8

AN-210-SW-R-8-POE

1 Gbps

Link/Act

9 SFP 10 SFP

8W + + +8W 12W 14W

Total PoE Budget Available = 65W

Total PoE Device

Consumption

= 42W

PoE Budget Left Available = 23W

Note – Port PoE settings may be modiﬁed using the PoE Settings menu. Click to see information and instructions.

Table of Contents

Page 15

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

6 - OvrC Setup

OvrC provides remote ﬁrmware upgrades, real-time notiﬁcations, and intuitive customer management, right from your computer or mobile device. Setup is plug-and-play, with no port forwarding or DDNS address required.

Figure 6. OvrC Operation Diagram

Web Browser

Access

1 2 3 4 5 6 7 8

1 Gbps

Link/Act

AN-110-SW-R-8

Mobile

Apps

ENABLED

To add this device to your OvrC account:

1. Connect the switch to the network (Internet access required).

2. Log Into OvrC (www.ovrc.com) or load the OvrC app.

3. Select or create a customer account.

4. Add the device (MAC address and Service Tag numbers needed for authentication).

5. Check for OvrC ﬁrmware updates and apply if available.

Table of Contents

Page 16

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

7 - Interface Access

OvrC Web Connect Access

1. Log into the Ovrc app and ﬁnd the switch. The OvrC web interface is easier to use than mobile for Web Connect access. Popup blockers must be disabled.

2. Click the More button and then click Web Connect. In the Web Connect menu, click the appropriate button to access the web interface.

3. OvrC will open a new tab in your web browser and load the login screen. Enter your username and password, then click Log In.

Default Login

Username araknis

Password araknis

4. If you were able to log in successfully, go to the System Settings menu to begin completing the recommended setup for all users. See section “11 - Recommended Setup – System Settings” on page

26.

5. If this access method does not work for your application, see the next section for instructions to access the interface using a DHCP IP address.

Table of Contents

Page 17

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

Direct Access Using LAN IP Address (DHCP)

1. Use one of these methods to ﬁnd the IP address of the switch:

• Check the client table on your router

• Use a network scanner (e.g. Fing) to sni the network. The manufacturer ﬁeld will display SnapAV.

• See the highlighted ﬁeld in the ﬁgure below for an example of an Araknis device being identiﬁed.

2. Enter the IP address in your web browser to load the login screen. Enter your username and password, then click Log In.

Default Login

Username araknis

Password araknis

3. If you were able to log in successfully, go to the System Settings menu to begin completing the recommended setup for all users. See section “11 - Recommended Setup – System Settings” on page

26.

4. If this access method does not work for your application, see the next section for instructions to access the interface using the switch’s default IP address.

Table of Contents

Page 18

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

Default IP Address Access

Access the interface using the default IP address, 192.168.20.254.

1. Connect your PC to the switch using a network patch cable.

Computer Switch

2. On your PC, open the Control Panel and left-click Network and Internet.

3. Left-click Network and Sharing Center.

4. In the left bar, left-click Change adapter settings.

Table of Contents

Page 19

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

5. Right-click the icon for the wired network connection and left-click Properties.

6. Left-click to highlight Internet Protocol Version 4 (TCP/IPv4), then left-click Properties.

7. In the General tab, left-click Use the following IP address: and enter the IP address and subnet mask.

• IP Address: 192.168.20.2

• Subnet Mask: 255.255.255.0

Table of Contents

Page 20

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

8. Left-click OK to close Internet Protocol Version 4 (TCP/IPv4) Properties, then left-click OK to close Network Connection Properties.

9. Open a web browser and navigate to http://192.168.20.254/ to load the login screen. Enter your username and password, then click Log In.

Default Login

Username araknis

Password araknis

10. If you were able to log in successfully, go to the System Settings menu to begin completing the recommended setup for all users. See section “11 - Recommended Setup – System Settings” on page

26.

Table of Contents

Page 21

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

8 - Interface Overview

Page Layout

Use this section to become familiar with the common parts of the interface.

Figure 7. Interface Layout

• A - Main Navigation Menu Use the submenus under the Status, Settings, Maintenance, and Advanced headings to conﬁgure and maintain the switch.

• B - Main Window The main window displays the currently selected submenu.

• C - Top Bar The top bar displays the current connection status to the OvrC server, the current internally-set system time, and the current system uptime in DAYS:HOURS:MINUTES.

• D - Search Search for menu functions by entering a term, then selecting the appropriate item from the drop down results. Do not press enter when searching.

Applying or Canceling Changes

After changes are made to a menu page, you must click the Apply button to save the new settings or Cancel to revert the changes. These buttons are always located at the bottom-right corner of the page.

Figure 8. Apply Button

Table of Contents

Page 22

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

9 - Switch Status Pages

System Status Page

Use the System Status page to review current system information and operating status.

Path – Status, System (Default Login Landing Page)

Figure 9. System Information and Port Status

System Information

• System Name – Name assigned to the system.

• Model Number – Product SKU.

• FW Version – Current operating ﬁrmware version.

• MAC Address – Media Access Control (MAC) address of the switch.

• IP Address – Device management IP address.

• Service Tag – Internal tracking number used to track every product sold by Araknis Networks.

• Gateway – Default gateway of the management VLAN.

Port Status

• Port – Port number. Corresponds to the physical location of the port on the switch.

• Name – Name assigned to the port.

• Link Speed – Current port speed. 1Gbps, 100Mbps, 10Mbps, or Not Connected.

• Duplex – Current duplex mode. Full or Half.

Table of Contents

Page 23

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

Events Log

Use the Events Log to review messages about the operating state of the switch. The log can be cleared or saved to your computer in a text ﬁle (.txt).

Figure 10. Events Log

• Search Bar – Enter terms to search for in the Message Field column.

• Time – Log entry recorded time.

• Category – Type of event.

• Severity – Level of entry severity.

• Message – Detailed entry information. Example: System reboot

• Navigation – Use the left drop down to select a page of entries to navigate to. Use the Previous and Next

buttons on the right side to toggle between screens.

• Export – Click to export a .txt ﬁle of the log to your computer.

• Clear – Click to erase all entries in the Events Log.

Table of Contents

Page 24

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

Port Status Page

This page provides in-depth details about the status of each physical port.

Path – Status, Ports

Figure 11. Port Status

• Port – The number of the physical switch port.

• Name – The assigned name of the port.

• Link Speed – The current speed of the port based o of the connected device in use. 1Gbps, 100Mbps,

10Mbps, or Not Connected.

• Duplex – The current duplex setting with the connected device. Full or Half.

• Aggregation Group – The aggregation group the port is member of. No ports are members of any

aggregation group by default.

• Bytes Sent – A live count of the number of bytes being transmitted on a speciﬁc port.

• Errors Sent – A live count of the number of outgoing errors sent on a speciﬁc port. Use this number to

determine whether there is a problem with the physical interface of the speciﬁc port.

• Bytes Received – A live count of the number of bytes being received on a speciﬁc port.

• Errors Received – A live count of the number of incoming errors received on a speciﬁc port. Use this

number to determine whether there is a problem with the physical interface of the port.

Table of Contents

Page 25

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

10 - System Settings

Conﬁgure system level settings.

System Information

Path – Settings, System, System

Figure 12. System Information Settings

• System Name – Assign a name for identifying the system.

• System Location – Describe the location of the switch.

• Admin Username – Enter a username for administrator access.

Default: araknis.

• Current Admin Password – Enter the current password when changing the system name.

Default: araknis.

• New Admin Password – Enter the new value when changing the administrator password.

• Conﬁrm New Admin Password – Re-enter the new value when changing the administrator password.

Must be the same as the above ﬁeld.

• Management VLAN ID – Select the VLAN to be used when accessing the switch interface. All ports are

set to VLAN 1 by default. Do not change this setting unless additional VLANs have been conﬁgured. Once the setting is changed, you will lose access to the interface unless your computer is connected to a port on the speciﬁed VLAN.

Default: 1

• LED – Select what information is represented by the front panel port status LEDs. Options:

• 1Gbps (default) – Left RJ45 LED and front status LED ON indicates 1 Gbps connection.

• PoE – Left RJ45 LED and front status LED ON indicates that a PoE-powered device is connected.

• Disabled – All port and status LEDs are disabled.

Table of Contents

Page 26

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

IP Address Settings

The switch may be addressed using either IPv4 or IPv6 addressing. Use the toggle at the top of the page to select the desired setting.

Path – Settings, System, IP Address Settings

Figure 13. IP Address Settings Menu

IPv4 IP Settings

• Auto Conﬁguration – Select the IP address mode. In DHCP mode, the switch will be issued IPv4 address

settings by the DHCP server (if enabled, usually in the router). Use Static mode to manually set an IP address.

• IPv4 Address – IP address issued to the switch. Used for accessing the interface. Default: 192.168.20.254

• Subnet Mask – Identiﬁes the subnet the IP address is part of. Default: 255.255.255.0

• Default Gateway – IP address of the Internet gateway device (usually the router).

• DNS Server 1 – IP address of the DNS Server. Usually the same as the Default Gateway.

• DNS Server 2 – (Optional) Enter a second DNS Server IP address.

IPv6 IP Settings

• IPv6 State – Auto Conﬁguration, DHCPv6 Client, or Static.

• IPv6 Address – Displays the assigned IPv6 address and subnet mask.

• Default Gateway – IPv6 address of the Internet gateway device (usually the router).

• Link Local Address – Local routing address associated with a speciﬁc broadcast domain (VLAN).

Table of Contents

Page 27

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

Figure 14. Date and Time Settings, UPnP

Date and Time Settings

Path – Settings, System, Date and Time Settings

• Manually Set Date and Time – Select to manually set date and time.

• Date – Enter the year, month and date (four digits for year; two digits for month, two digits for date)

• Time – Enter the hour and minutes for the correct current time. Use a mobile device or satellite clock

for accuracy.

• Synchronize with PC – Click this button to automatically sync the access point to a connected computer.

• Automatically Get Date and Time – Select to automatically get date and time from various web

resources.

• NTP Server – Select an NTP (Network Time Protocol) server for setting date and time.

Default: time.nist.gov.

• Time Zone – Select the appropriate time zone from the drop-down.

• Enable Daylight Saving – Select to enable. DST start/end can change from year to year. Be sure to

update this information.

• Start – Select the month, date, day and time Daylight Saving Time starts from the drop downs.

• End – Select the month, date, day and time Daylight Saving Time ends from the drop downs.

UPnP Setting

Path – Settings, System, UPnP Conﬁguration

• UPnP – Allow the switch to act as a UPnP client. Enabled or Disabled.

Note – This setting will not aect OvrC Web Connect or OvrC web monitoring. Contact technical

support if you need to disable OvrC functionality.

Table of Contents

Page 28

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

11 - Recommended Setup – System Settings

We recommend changing the following interface settings to provide the best security and performance. These are the minimum settings that should be changed on every install.

Path – Settings, System

Figure 15. Recommended System Settings

Default Setting

Username araknis

Password araknis

1. Change Default User Name and Password

Enter a user name and password for the administrator account (System menu at the top of the page). This will prevent unauthorized access to the interface. (Default login: araknis; araknis) Record the new settings so you can log in after applying the changes.

2. Conﬁgure System IP Address

Set an IP address for accessing the interface. We recommend a static IP so the address doesn’t change. Record the address so you can access the interface later.

3. Conﬁgure System Time and Date

We recommend using the Automatically Get Time and Date setting using the default server “time.nst. gov”. This will ensure that scheduling features conﬁgured in the switch operate on the correct schedule.

4. Conﬁgure other System Settings

Conﬁgure any other ﬁelds on the page as desired. See the previous section for all setting deﬁnitions.

5. Save the new settings

Click the Apply button at the bottom right of the screen to save the new system settings. Enter the new user name and password when the login screen appears.

Table of Contents

Page 29

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

12 - Port Conﬁguration Settings

Customize individual port settings and jumbo frame size.

Path – Settings, Ports

Figure 16. Jumbo Frame and Basic Port Settings

Jumbo Frame Setting

• Size – Sets the maximum frame size for trac going through the switch. Received packets that exceed

the maximum frame size are dropped. Range: 1518-9216 bytes.

Default: 9216

Basic Port Settings

• Port – The number of the physical switch port.

• Name – The assigned name of the port.

• Speed – The current speed of the port based on the connected device in use. Auto, 1Gbps, 100Mbps,

10Mbps, or Disabled.

Default: Auto

• Duplex – The current duplex setting with the connected device. Auto, Full or Half.

Default: Auto

Table of Contents

Page 30

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

Advanced Port Settings

Path – Settings, Ports, Advanced Port Settings

Figure 17. Advanced Port Settings

• Port – The number of the physical switch port.

• Link Status – Current operating status of the port. Link up or Link down.

• Flow Control – Flow control can eliminate frame loss by “blocking” trac from end devices or other

network devices connected directly to the switch when the buer is overloaded on a speciﬁc switch port. When enabled, back pressure is used for half-duplex operation and IEEE 802.3-2005 (formally IEEE

802.3x) for full-duplex operation.

Default: Disabled

• EEE Status – Energy Ecient Ethernet (EEE) is a standard deﬁned by IEEE 802.3az to reduce LAN

device power consumption during idle periods. With EEE enabled, compatible devices can go into LPI (Low Power Idle) mode during periods of low utilization and then turn back on when needed.

Default: Disabled

Note – EEE causes some network latency. If you experience latency problems with this mode enabled, try disabling the feature to determine if EEE is causing the issue.

Table of Contents

Page 31

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

13 - PoE Settings

The switch is designed to make PoE a plug-and-play aair for most applications. Use the PoE Settings menu to monitor, troubleshoot, and control each port.

Figure 18. PoE Settings Menu

• Enable – Check the box to enable PoE on the speciﬁed port.

Default: Enabled

• Port – The number of the physical switch port.

• Power Limit Type – Auto, 7W, 15.4W, or 30W.

Default: Auto

• Priority – Port priority is used when remote devices require more power than the power supply can

deliver. In this case, the ports with the lowest priority will be turned o starting from the port with the highest port number. Low, Medium, or High.

Default: Low

• Status –

• Detecting – The port is not providing PoE power and waiting for a connection that requires it. If a

device is connected and status is still Detecting, then the device is not powered via PoE.

• Delivering – The port is connected to a PoE device and power is being provided.

• Class – PoE Class of the connected device (1,2,3, or 4).

• Output Voltage (V) – PoE voltage being supplied to the port.

• Output Current (mA) – Current in milliamps being supplied to the port.

• Output Power (W) – Power in watts being supplied to the port.

• Power Cycle – Check the box and click Apply to power cycle PoE on one or more ports.

Table of Contents

Page 32

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

PoE Setup and Troubleshooting

Figure 19. PoE Settings Menu

Checking Status of PoE Devices

In the image above, a PoE-powered access point is connected to port 1 on the switch. The Status, Class and Output ﬁelds tell you that PoE is functioning correctly (Delivering), as well as how much power is being consumed. Update the page after changing port connections or settings on the page to refresh the table.

• Status – Options:

• Detecting – The port is not providing PoE power. If a device is connected and status is still

Detecting, see the PoE Troubleshooting section below.

• Delivering – The port is connected to a PoE device and power is being provided.

• Class – PoE Class of the device connection.

• Output Voltage (V) – Voltage being supplied to the port.

• Output Current (mA) – Current in milliamps being supplied to the port.

• Output Power (W) – Power in watts being supplied to the port.

Conﬁguring PoE Ports

Use these settings to customize PoE in situations where power is critical for certain equipment or if power must be disabled on a port.

• Enable – Check the box to enable PoE on the speciﬁed port.

• Power Limit Type – Auto, 7W, 15.4W, or 30W.

• Priority – Port priority is used when remote devices require more power than the power supply can

deliver. In this case, the ports with the lowest priority will be turned o starting from the port with the highest port number. Low, Medium, or High.

Troubleshooting PoE Issues

• Power Cycle – Check the box and click Apply to power cycle PoE on one or more ports.

• Overcurrent Condition – With default PoE settings, if the current drawn from PoE devices exceeds the

total budget for the switch, PoE will be disabled on ports beginning with the highest numbered port.

Table of Contents

Page 33

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

14 - VLAN Settings (Basic Port-Based)

Use this menu to conﬁgure port-based VLANs. See the Understanding and Using VLANs white paper for more information about this feature and detailed setup examples and instructions. By default, all ports are assigned to VLAN 1 as untagged ports.

Figure 20. VLAN Settings

• VID – VLAN ID.

• Name – Use this ﬁeld to enter a custom VLAN name for easy identiﬁcation.

• Access Port – Ports and LAGs assigned to the VLAN. The switch tags untagged packets from assigned

Access Ports with the speciﬁed VLAN ID. See the ﬁgure below for information about changing settings.

• Trunk Port – Trunk port/s assigned to the VLAN. Trunk Ports send tagged packets to other devices.

• Custom Port – Displays ports assigned to the VLAN that have customized settings. Customizations can

be made in the Advanced VLAN conﬁguration menus. See section “Advanced VLANs – 802.1Q VLANs” on page 61.

• Delete – Click the trash can icon then click Apply to delete a VLAN deﬁnition.

Access and Trunk Port Selection

Figure 21. Access and Trunk Port Selection

• Access Port – Ports and LAGs assigned to the VLAN. The switch tags untagged packets from assigned

Access Ports with the speciﬁed VLAN ID.

• Trunk Port – Trunk port(s) assigned to the VLAN. Trunk Ports send tagged packets to other devices.

• none – These ports are not included in the VLAN.

Table of Contents

Page 34

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

Creating a New VLAN

1. Click the Add button to create a new entry.

2. Enter a VLAN ID and name for the new entry.

3. Assign access and trunk ports by clicking either Port ﬁeld to open the assignment window, then selecting the function of each port as it relates to that VLAN. You may also assign Link Aggregation Groups to VLANs in the menu.

• Access Port – Ports and LAGs assigned to the VLAN. The switch tags untagged packets from

assigned Access Ports with the speciﬁed VLAN ID.

• Trunk Port – Trunk port/s assigned to the VLAN. Trunk Ports send tagged packets to other devices.

• none – These ports are not included in the VLAN.

4. Click Conﬁrm to close the window. The selections will appear in the Access and Trunk Port ﬁelds.

5. Click Apply to save the new settings.

Figure 22. Conﬁguring Ports in a VLAN

In this example, for VLAN 20, Ports 3-5 are conﬁgured as Access ports and Port 2 is assigned as a Trunk port. The remaining ports are

left set to none and remain on the default VLAN 1.

Table of Contents

Page 35

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

15 - Link Aggregation Settings

Link Aggregation is also known as Port Trunking. It allows using multiple ports in parallel to increase the link speed between two switches, increasing redundancy for higher availability.

The switch supports both static trunking and dynamic Link Aggregation Control Protocol (LACP). Static trunks must be manually conﬁgured at both ends of the link. You can conﬁgure any number of ports on the switch to use LACP as long as they are not already conﬁgured as part of a static trunk.

Figure 23. Link Aggregation Settings Menu

• Group – Number of the group conﬁgured in the rule.

• Name – Enter a custom name for the group being conﬁgured.

• Mode – Select whether the rule is disabled, static, or LACP.

Default: Disabled

• Active Ports – Displays ports being actively used for LAG.

• Member Ports – Click to select member ports for the group.

Table of Contents

Page 36

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

Creating a New Link Aggregation Rule

1. Change the name of the group as desired.

2. Select the operating mode for the group:

• Disabled – No Link Aggregation.

• Static – All trac is balanced evenly between the ports.

• Dynamic – Trac is sent based on LACP protocol.

3. Click the Member Ports ﬁeld to open the assignment window, then select the member ports to be used for LAG.

4. Click Conﬁrm to close the window. The selections will appear in the Member Port ﬁeld.

5. Click Apply to save the new settings.

In this example, for Group 1, both SFP ports are conﬁgured as Member ports using LACP.

Note – LACP must be conﬁgured in equipment on both sides of the link to operate correctly.

Table of Contents

Page 37

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

16 - Access Management Settings

Conﬁgure user account permissions and what access protocols may be used for access.

Figure 24. Access Management Menu Page

User Management

• User Name – Enter a user name for the account. 1-18 characters. Not case sensitive.

• Password – Enter a password for the account. 4-32 characters. Case sensitive.

• Privilege Type – Select whether the account has user or admin level account functionality. Options:

• Admin – Full access and control of the entire local interface.

• User – Limited to viewing current settings in all menus.

• Delete – Click the trash can icon then click Apply to delete an entry (must click Apply to save the setting). The default admin account cannot be removed.

• Add – Click to create a new entry. Remember to click Apply to save the new settings.

Note – The user name of the primary account must be changed in the System Settings menu. See section “10 - System Settings” on page 23.

HTTP/Telnet/SSH

• HTTP – Select whether the local interface may be accessed using HTTP. This is the most common access method.

Default: Enabled

• HTTPS – Select whether the interface can be accessed using HTTPS.

Default: Disabled

• Telnet – Select whether the switch will accept Telnet commands.

Default: Enabled

• SSH – Select whether the switch will accept SSH commands. Default: Disabled

Default: Disabled

Table of Contents

Page 38

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

17 - Maintenance Menus

Ping Test

Send ICMP echo request packets to another device on the network to determine if it can be reached. Use the Ping test to determine whether a device or host is communicating correctly.

Figure 25. Ping Test Page

• IP Address – Enter the IP address of a device or web page to be pinged.

• Count – Number of ping attempts (1-5).

Default: 4

• Interval – Number of seconds between pings (1-5).

Default: 1

• Ping Packet Size – Enter the packet size of each ping (8-5120 bytes). Change to test MTU issues.

Default: 56 Bytes

• Result – Displays results of the test in real time. Resize screen table using bottom right corner click-drag.

• Test – Click to start the ping test.

Running a Ping Test

1. Enter the target IP address into the IP Address ﬁeld.

2. Change other parameters if desired. The default settings are a great start for troubleshooting.

3. Click Test and wait for the results to appear. See the next page for help understanding results.

Table of Contents

Page 39

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

Understanding Ping Test Results

Figure 26. Successful Ping Test Result

Figure 27. Failed Ping Test Result

• The ﬁrst line shows the IP address pinged. If a URL was entered (example: google.com) then the IP address will be displayed also.

• If a ping is successful, the details of each packet are displayed one per line. Note how the successful ping above has four lines beginning with 64 bytes from... whereas the failed ping does not.

• Ping Statistics are displayed last. Describes the number of packets (pings) transmitted, the number of packets received from the target in response, percent packet loss, and, if successful, the minimum, average, and maximum round trip timing of the packets.

Troubleshooting Using Ping Test Results

• If no packets are received, check the connections between the switch and the target device ﬁrst. The target device may not be connected. If the connection is good, reset or power cycle the target device. It may have become unresponsive.

• If packets are still not received, check for a bad cable, port, or failing equipment. Try changing the connections to a known, working path.

• If everything checks out, but still no packets are received, there may be a trac issue due to network settings like VLAN or ACL misconﬁguration. Check settings related to the ports, IP addresses, and MAC addresses in use.

Table of Contents

Page 40

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

Trace Route Test

The Trace Route test uses a ping to tell you what path a packet takes to travel between the switch and the target device by counting the number of hops (hops happen when a packet is forwarded from one router to another). Trace route is primarily used to troubleshoot issues with connections over the WAN port because on the LAN there is rarely more than one router for the packet to pass through.

Figure 28. Trace Route Test Page

• IP Address – Enter the IP address of a device or web page to ping for the test.

• Max Hop – Enter the maximum number of hops to be recorded in the Ping test (2-55).

Default: 30

• Result – Displays the results of the test in real time. Resize screen table using bottom right corner clickdrag.

• Test – Click the button to start the Traceroute test.

Running a Trace Route Test

1. Enter the target IP address into the IP Address ﬁeld.

2. Click Tes t and wait for the results to appear. See the next page for help understanding results.

Table of Contents

Page 41

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

Understanding Trace Route Test Results

Figure 29. Trace Route Result

• The results window displays the parameters for the test, followed by information about each hop or hop attempt.

• Each line starting with a number indicates a hop in the path to the target IP address. Only hops between routers are shown, not between switches.

• Each hop is tested three times. In each hop entry, the send and receive IP address are shown, followed by the amount of time it took for the hop to occur on each of the three attempts.

Table of Contents

Page 42

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

File Management Settings

Save conﬁguration ﬁles (of current switch settings) and upgrade ﬁrmware.

Figure 30. File Management Menu

Conﬁguration File

Use the Conﬁguration File menu to back up or restore settings to the switch.

• Backup Current Conﬁguration – Save the current conﬁguration settings to a compressed archive on your computer. Click the To PC button and select a location to save the ﬁle.

• Upload New Conﬁguration File – Restore previously saved conﬁguration settings. Click Choose File and select a conﬁguration from the Open window. Then, click the From PC button to upload the conﬁguration ﬁle.

• Restore Factory Defaults – Click the Yes button to restore all factory default settings.

Firmware

• Current Firmware Version – Indicates the current ﬁrmware version on the selected partition.

• Partition – Select the partition to change ﬁrmware for:

• Partition 0 – Default partition.

• Partition 1 – Backup partition. (In the event of one partition failing, the switch will reboot and use the alternate ﬁrmware.)

• Upload New Firmware – Upload a new ﬁrmware version to the selected partition. Click Choose File to select a ﬁle from your computer. Click Upload to Partition to load the ﬁrmware.

Table of Contents

Page 43

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

Dual Image

Select which partition the switch runs on. In the event of one partition failing, the switch will reboot and use the alternate ﬁrmware.

Figure 31. Dual Image Menu

• Active – Select the desired partition and click Apply to reboot the switch from the ﬁrmware on the selected partition.

• Flash Partition – Name of the partition.

• Status – Current partition status:

• Active – The partition the switch is currently operating from.

• Backup – The partition the switch is NOT currently operating from.

• Image Name – Firmware version currently loaded on the partition.

• Image Size (Bytes) – File size of the ﬁrmware on the partition.

• Created Time – Time and date the ﬁrmware ﬁle was uploaded to the partition.

Firmware Update Instructions

1. Download the new ﬁrmware from the product support tab. Extract the ﬁrmware from the zip ﬁle to a know location on your computer.

2. Navigate to the Maintenance > File Management > Firmware menu.

3. Click the Choose File button for Upload New Firmware, then ﬁnd and select the new ﬁrmware and click Open.

4. Click Upload to Partition then follow the prompts to complete the update for the ﬁrst partition.

5. After the ﬁrst partition is updated, repeat the process, but before clicking Upload to Partition, select the alternate partition from the Partition drop down.

6. After the alternate partition uploads, the process is complete.

Table of Contents

Page 44

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

Restart

Figure 32. Restart Page

• Restart Switch – Click to restart the switch. No settings will be lost, but Ethernet will drop for connected devices until the restart is complete (~ 60 seconds). The login screen will reload once the restart is complete.

Log Out

Figure 33. Log Out Page

• Log Out – Click to log out from the current session. The login screen will reload once the logout is complete.

Table of Contents

Page 45

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

18 - Advanced Menus

The remaining menus are meant only for advanced users. Proper setup and use of these features requires advanced networking knowledge.

Table of Contents

Page 46

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

19 - Advanced Port Statistics

Use the Detailed Port Statistics page to display detailed statistics for each switch port. This information can be used to identify potential problems with the switch (like a faulty port or an unusual trac drop). All values displayed are accumulated in each respective counter since the last system reboot or the last time you cleared the counters. Statistics are refreshed every 1 second by default. Use the drop-down menu at the top-right of the page to select a switch port. Click the Clear button to reset the statistics for the selected port.

Figure 34. Detailed Port Statistics

• Receive/Transmit Total

• Packets – The number of all packets sent and received (good and bad).

• Octets – The number of all bytes sent and received (good and bad), including Frame Check Sequence, but excluding framing bits.

• Unicast – The number of unicast packets sent and received (good and bad).

• Multicast – The number of multicast packets sent and received (good and bad).

• Broadcast – The number of broadcast packets sent and received (good and bad).

• Pause – A count of the MAC Control frames sent or received on a switch port that have an operation code indicating a PAUSE operation.

• Receive Error Counters

• Rx Undersize – Total number of frames received that were less than 64 octets long excluding framing bits, but including FCS octets.

• Rx Oversize – Total number of frames received that were longer than the conﬁgured maximum frame size for the particular switch port excluding framing bits, but including FCS octets.

• Rx Fragments – Total number of frames received that were less than 64 octets in size excluding framing bits, but including FCS octets and had either an FCS or alignment error.

Continues on next page

Table of Contents

Page 47

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

Advanced Port Statistics, Continued

• Rx Jabber – Total number of received frames that were longer than the conﬁgured maximum frame size for the particular switch port excluding framing bits, but including FCS octets, and had either an FCS or alignment error.

• Rx Drops – The number of ingress packets that were dropped not due to errors in those packets. This might be a result of a congested link and switch port buer overload.

• Rx CRC/Alignment – The number of frames received with CRC or alignment errors.

• Receive Size Counters – The number of packets sent and received (good and bad) divided into categories based on packet frame sizes.

• Receive/Transmit Queue Counters – The number of packets sent and received divided into categories based on QoS output queue.

Table of Contents

Page 48

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

20 - Neighbors – MAC Address Table

See MAC addresses connected to ports on the switch and add static entries. Static entries are useful for:

• Speeding up recovery for critical devices after a reboot or power cycle (the switch is not required to poll the port for connected static MACs)

• Allowing virtual machines to be recognized on a port by MAC address

Figure 35. Neighbors MAC Address Table

Static and Dynamic MAC Address

• Index – Identiﬁer number for the MAC entry.

• Port – Physical port or trunk on the switch.

• VID – The VLAN ID associated with the entry.

• MAC Address – Physical address associated with this interface.

• Port Members – The ports associated with this entry.

• Add – Click to create a new entry. Remember to click Apply to save the new settings.

Table of Contents

Page 49

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

21 - Neighbors – LLDP

Link Layer Discovery Protocol (LLDP) is used to discover basic information about other devices in the same broadcast domain (i.e. VLAN). Advertised information is deﬁned in the IEEE 802.1AB standard, and can include device details such as their identity (eg. make/model), capabilities (eg. routing/switching), and conﬁguration settings.

Information Table

Araknis switch parameters shared using LLDP.

Figure 36. LLDP Information

• Chassis ID Subtype – Method used for device identiﬁcation.

• Chassis ID – MAC Address of the switch.

• System Name – System name of the switch (conﬁgured in the System Settings menu).

• System Description – System make and model.

• Capabilities Supported – Displays the capabilities of the switch; bridge only.

• Capabilities Enabled – Displays the currently enabled capabilities of the switch; bridge only.

• Port ID Subtype – Identiﬁer subtype for the switch. Always displays Local.

Table of Contents

Page 50

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

Settings

Customize settings for LLDP transmission.

Figure 37. LLDP Settings

• State– Select whether LLDP is enabled or disabled.

• Transmission Interval(s) – How often LLDP information is transmitted. Range: 5-32767 seconds.

Default: 30 seconds

• Holdtime Multiplier – Multiplied by the transmission interval value to generate the TTL time transmitted to neighbors. Range: 2-10.

Default: 4

• Reinitialization Delay(s) – Amount of time to wait before initializing LLDP on a port. Range: 1-10 seconds.

Default: 2

• Transmit Delay(s) – Minimum amount of time to wait before sending updated LLDP information after a conﬁguration change. Range: 1-8192 seconds.

Default: 2

Remote Device Table

This table displays LLDP information shared by connected equipment with LLDP features.

Figure 38. LLDP Remote Device Menu

• Port – Connected port for the device on the switch.

• Chassis ID Subtype – Type of information used for subtype. Typically MAC address.

• Chassis ID Port ID Subtype – Identiﬁcation value. Typically MAC address.

• Remote ID System Name – Displays the conﬁgured system name of the connected device.

• Time To Live – TTL value for the received LLDP information.

• Auto-Negotiation Supported/Enabled/Advertised Capabilities – Interface auto-negotiation capabilities of the connected port.

• Operational MAU Type – Current Medium Attachment Unit type of the connected port.

• 802.3 Maximum Frame Size – Maximum support Energy Ecient Ethernet frame size of the connected port.

• 802.3 Link Aggregation Capability/Status/Port ID – Link aggregation parameters of the connected port.

Table of Contents

Page 51

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

22 - Multicast – IGMP Snooping

Internet Group Management Protocol (IGMP) can be used to ﬁlter multicast trac on the switch. IGMP Snooping passively monitors exchanges between connected clients and an IGMP-enabled multicast server to discover and connect clients that want to join a multicast group.

Use the IGMP Snooping page to display IGMP snooping statistics and port status, conﬁgure global and port speciﬁc IGMP settings, and information on source-speciﬁc groups.

Settings

Conﬁgure global settings for IGMP Snooping.

Figure 39. IGMP Snooping Settings

• Status – Enable or disable IGMP Snooping. When enabled, the switch monitors network trac passing through it to determine which connected clients want to receive multicast trac.

Default: Disabled

• Version – Select IGMPv2 or v3.

• Report Repression – Enable to prevent the router from seeing the IGMP messaging that occurs at the client level. This alleviates load on the router, because the switch acts as a proxy for client level messages (like leave requests).

Default: Enabled

VLAN Settings

Conﬁgure IGMP Snooping settings for individual VLANs.

Figure 40. IGMP Snooping VLAN Settings

• VLAN ID – VLAN identiﬁer.

• IGMP Snooping Status – Enable or disable IGMP Snooping for the VLAN.

• Fast Leave – Enable to allow subscribed multicast clients to leave without a response message.

Table of Contents

Page 52

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

Querier Settings

IGMP Query can be used to ask connected clients if they want to receive a speciﬁc multicast service. Then the ports containing clients requesting to join the service are identiﬁed, and multicast data is sent to only those ports. It then broadcasts the service request to any neighboring multicast switch to ensure that it will continue to receive the multicast service from a server connected to that switch.

Figure 41. IGMP Snooping Querier Settings

• VLAN ID – VLAN identiﬁer.

• Querier State – Enable to make the switch the querier for the VLAN. Typically used when there is no multicast router acting as the querier.

Default: Disabled

• Querier Version – Select IGMPv2 or v3 IGMP Snooping support (regardless of what clients support).

• Querier Status – Displays whether the switch is currently acting as the querier for the VLAN.

• Querier IP – IP address of the switch acting as querier for the VLAN.

• Robustness – Variable for resending querier messages. A higher value means that packets will be resent more often, useful for congested networks.

Default: 2

• Interval – How often the switch sends IGMP host querier messages.

Default: 125 seconds

• Oper Interval – Current reported IGMP host querier message interval.

• Max Response Interval – Maximum response time advertised in IGMP queries. This value must be lower than the query interval.

Default: 10 seconds

• Oper Max Response Interval – Current reported maximum response time.

• Last Member Query Counter – Number of times the switch sends an IGMP query, separated by the last member query response interval, in response to a host leave message from the last known active host on the subnet. It is recommended to leave this setting at 2 in order to avoid multicast issues.

Default: 2

• Oper Last Member Query Counter – Current reported Last Member Query Counter value.

• Last Member Query Interval – Time to wait after receiving a host leave message from the last known active host on the subnet. If no reports are received in the interval, the group state is deleted. Use this value to tune how quickly the software stops transmitting on the subnet.

Default: 1 second

• Oper Last Member Query Interval – Current reported Last Member Query Interval.

Table of Contents

Page 53

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

Group List

See current group subscriptions by VLAN.

Figure 42. IGMP Snooping Group List Settings

• VLAN ID – VLAN identiﬁer.

• Group IP Address – IP address for the multicast.

• Member Ports – Switch ports that are part of the group.

Router Settings

Conﬁgure IGMP router ports on the switch.

Figure 43. IGMP Snooping Router Settings

• VLAN ID – VLAN identiﬁer.

• Router Ports Auto-Learned – Enable to allow auto learning of router port use.

Default: Enabled

• Dynamic Port List – Lists auto-learned ports if Router Ports Auto-Learned is enabled.

• Static Port List – Manually select ports that are connected to the multicast querier.

• Forbidden Port List – Manually select ports to be excluded from joining multicast groups on that VLAN.

URC Settings

Use this menu to conﬁgure multicasting devices for URC brand control systems. This feature was developed by Araknis to ease setup for these systems.

Figure 44. IGMP Snooping URC Settings

• Group – Enable or disable URC settings.

• Member Ports – Select which ports on the switch should connect to the URC multicast.

• VLAN – Select the VLAN the URC devices are on.

Table of Contents

Page 54

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

23 - Multicast – MLD Snooping

Conﬁgure settings for Multicast Listener Discovery. MLD is used by IPv6 multicast routers to detect multicast listeners.

Settings

Conﬁgure global settings for MLD Snooping.

Figure 45. MLD Snooping Menu

• Status – Enable or disable IGMP Snooping. When enabled, the switch monitors network trac passing through it to determine which connected clients want to receive multicast trac.

Default: Disabled

• Version – Select MLDv1 or v2.

Default: Enabled

VLAN Settings

Conﬁgure MLD Snooping settings for individual VLANs.

Figure 46. MLD Snooping VLAN Settings

• VLAN ID – VLAN identiﬁer.

• IGMP Snooping Status – Enable or disable MLD Snooping for the VLAN.

• Fast Leave – Enable to allow subscribed multicast clients to leave without a response message.

Group List

See current group subscriptions by VLAN.

Figure 47. MLD Snooping Group List

• VLAN ID – VLAN identiﬁer.

• IPv6 Address – IP address for the multicast.

• Member Ports – Switch ports that are part of the group.

Table of Contents

Page 55

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

Router Settings

Conﬁgure MLD router ports on the switch.

Figure 48. MLD Snooping Router Settings

• VLAN ID – VLAN identiﬁer.

• Router Ports Auto-Learned – Enable to allow auto learning of router port use.

Default: Enabled

• Dynamic Port List – Lists auto-learned ports if Router Ports Auto-Learned is enabled.

• Static Port List – Manually select ports that are connected to the multicast querier.

• Forbidden Port List – Manually select ports to be excluded from joining multicast groups on that VLAN.

Table of Contents

Page 56

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

24 - STP – Overview

The Spanning Tree Protocol (STP) is a Layer 2 protocol primarily used to detect and eliminate network loops on redundant connections. Proper STP conﬁguration ensures that only one route exists between any two end devices, with backup routes automatically taking over if a primary route goes down.

STP – Global Settings

Use this page to enable STP, select which protocol is used, and conﬁgure settings for the switch used to elect the root bridge device.

Figure 49. Global STP Settings Menu

Settings

• STP State – Select whether Spanning Tree Protocol is Enabled or Disabled.

• Force Version – Select the spanning tree protocol to enforce:

• STP – Spanning Tree Protocol (IEEE 802.1D). Uses a distributed algorithm to select a switch to serve as the root of the spanning tree network. It selects a root port on each switch (except for the root device), which has the lowest path cost forwarding a packet to the root device. All ports connected to designated bridging devices are assigned as designated ports. After determining the lowest cost path, STP enables all root ports and designated ports, and disables all other ports to prevent loops. Network packets are then only forwarded between root ports and designated ports.

Once the network is stable, all switches listen for Hello BPDUs (Bridge Protocol Data Units) sent by the Root Bridge. If a switch does not get a Hello BPDU after a certain period (Maximum Age), the switch assumes that the link to the Root Bridge is down. Then, the switch initiates negotiations with other switches in the network to recalculate the Spanning Tree Algorithm, determine the new root bridge device, and make the network stable again.

• RSTP – Rapid Spanning Tree Protocol (IEEE 802.1w). Enhancement to legacy STP. RSTP is also included in MSTP. RSTP performs faster reconﬁguration when topology change is detected (1 to 3 seconds for RSTP, compared to 30 seconds or more for STP). RSTP only supports one spanning tree instance on any link in a network. We recommend using RSTP over STP as long as the network equipment supports it.

• MSTP – Multiple Spanning Tree Protocol (IEEE 802.1s). Designed to maintain multiple spanning trees instances based on VLANs in the network. One or more VLANs can be grouped into a Multiple Spanning Tree Instance (MSTI). Use this mode when there multiple spanning tree regions with their own regional root bridge devices.

• Conﬁguration Name – (MSTP mode only) Name the MSTP conﬁguration.

Default: MAC address of the switch

• Conﬁguration Revision – (MSTP mode only) Set a conﬁguration revision for MSTP. The revision number must be the same for switches in the same region. Use a dierent revision for each region.

Table of Contents

Page 57

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

Root Bridge Information

Displays the STP parameters of the current elected root bridge device for the entire spanning tree.

Figure 50. Global STP Root Bridge Information

• Root Address – MAC address of the root bridge.

• Priority – Displays the value used to prioritize what switch is elected as the root bridge device. Smaller values indicate higher priority; larger values, lower priority. If all switches are left to default priority, the bridge device with the lowest numbered MAC address will be elected.

• Cost – Displays shortest path to the root bridge device.

• Port – Switch port linking to the root bridge device.

• Forward Delay – Amount of seconds before the root bridge port builds its bridge table after the Max Age limit has passed.

• Maximum Age – Amount of seconds after receiving a BPDU before the root bridge port returns to the listening state.

• Hello Time – Amount of seconds between BPDUs sent by the root bridge.

Table of Contents

Page 58

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

Basic Setting

Conﬁgure root bridge settings for the switch. This information will be used to decide if the switch should be the root bridge device.

Figure 51. Global STP Basic Settings

• Bridge Address – MAC address of the switch.

• Priority – Select the value used to prioritize whether the switch is elected as the root bridge. Smaller values indicate higher priority; larger values, lower priority. If all switches are left to default priority, the bridge device with the lowest numbered MAC address will be elected. If you want a particular switch to be guaranteed as the root bridge device, set its Priority value lower than other switches. Range: 0-61440 (multiples of 4096)

Default: 32768

• Maximum Hop – Maximum number of link hops a BPDU will travel from the root bridge, as long as the maximum age of the BPDU has not passed. Range: 1-40

Default: 20

• Forward Delay – Amount of seconds before the root bridge port rebuilds its bridge table after the Max Age limit has passed. Range: 4-30 seconds

Default: 15 seconds

• Maximum Age – Amount of seconds after receiving a BPDU before the root bridge port returns to the listening state. Range: 6-40 seconds

Default: 20 seconds

• TX Hold Count – Limit for the number of BPDUs can be sent during a Hello Time period. Range: 1-10

Default: 6

• Hello Time – Amount of seconds between BPDUs sent by the root bridge. Range: 1-10 seconds

Default: 2 seconds

Table of Contents

Page 59

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

25 - STP (Spanning Tree Protocol) Overview

Spanning Tree Protocol is used to prevent loops in networks where packets might have multiple possible routes. Backup routes between equipment can also be maintained and used only when the primary fails. The switch supports IEEE 802.1d STP, 802.1s RSTP (Rapid Spanning Tree Protocol), and 802.1w MSTP (Multiple Spanning Tree Protocol).

STP – CIST Settings

Use this menu to view and customize port-based Common and Internal Spanning Tree (CIST) settings.

Port Settings

Figure 52. STP CIST Port Settings Menu

• Port – Switch port identiﬁer.

• Priority – Set CIST priority for each port on the switch. Smaller values indicate higher priority; larger values, lower priority. If all ports have the same path cost, this value will be used to determine the best path to the root bridge. Range: 0-240 (multiples of 16)

Default: 128

• Path Cost Conf / Oper – (Conﬁgured/Operating) Enter a value larger than zero to modify the path cost. The currently calculated (Oper) path cost is displayed below. If the entered value is zero, the Oper path cost is based on the port speed, which in this case is 1 Gbps.

• Designated Root Bridge – Displays the designated root bridge device’s priority, forward delay, and MAC address.

• External Root Cost – Displays the cost to reach the root bridge across links connecting the boundary ports outside the MSTP region. When a BPDU is received on an internal port, this cost is not changed. When a BPDU is received on a boundary port, this cost is adjusted based on the receiving boundary port cost.

• Regional Root Bridge – Displays the regional root bridge device’s priority, forward delay, and MAC address.

• Internal Root Cost – Displays the cost to reach the regional root bridge inside the MSTP region. When a BPDU is received on an internal port, this cost is adjusted based on the receiving boundary port cost. This information is not shared or counted outside the region.

• Designated Bridge – Displays the designated bridge device’s priority, forward delay, and MAC address.

• Edge Port Conf / Oper – (Conﬁgured/Operating) Conﬁgure a switch port as an edge port for a region and see the current edge status of the port.

Continues on the next page

Table of Contents

Page 60

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

STP CIST Settings, Continued

• P2P MAC Conf / Oper – (Conﬁgured/Operating) Options:

• Auto (default) – Allow P2P ports into full duplex mode.

• Yes – Force P2P ports into full duplex mode.

• No – No P2P status.

• Port Role – Displays what role the port is currently playing. Options:

• Disabled – Port is not in use.

• Root – The port with the lowest cost that links the switch to the root bridge device.

• Non-Designated – (STP only) Port is blocking and not listening.

• Alternate – (RSTP) Port links between bridges but is not the designated port, so it is not used unless the designated port loses connection.

• Designated – Port is designated as the elected link between bridges in the spanning tree.

• Port State – Displays what state the port is currently in. Options:

• Disabled – Port is not in use.

• Blocking – Port is not forwarding frames or reading MAC addresses because it would cause a loop, but is listening for BPDUs. This state is reached once a dierent port is designated.

• Listening – A designated or root port moves into this state if it stops blocking due to a change in the spanning tree. BPDUs are received from the connected segment and analyzed to determine the ideal topology. No other frames are forwarded while a port is in this state.

• Learning – Once the listening process is complete, the port begins updated the MAC address table and gets ready to start forwarding frames as normal.

• Forwarding – The port is an active link in the spanning tree forwarding frames as normal.

• Migration Start – (RSTP Mode only) Click the box and click Apply to force the port to use the newest conﬁguration.

Table of Contents

Page 61

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

STP – MST Settings

Multiple Spanning Tree Protocol (MSTP) is used to map multiple VLANs to one spanning tree topology. Since there are rarely as many unique topologies as there are VLANs in a network, using MST saves switch CPU power by reducing the number of spanning tree instances required to handle all VLANs on the device. Each MST instance acts as its own RSTP node within the network’s CIST.

Instance Settings

Select which VLANs will be included in each MSTI.

Figure 53. STP MST Instance Settings Menu

• MST ID – MST instance identiﬁer.

• VLAN List – Enter the VLAN IDs to be associated with the topology. Enter individual or ranges of values, for example: “20, 30-32” entered would associate VLANs 20, 30, 31, and 32.

• Priority – Value used to prioritize what MST ID is elected as the path back to the root bridge device. If all switches are left to default priority, the root bridge with the lowest numbered MAC address will be elected. Smaller values indicate higher priority; larger values, lower priority. Range: 0-61440 (multiples of

4096)

Default: 32768

• Regional Root Bridge – Displays the MAC address and priority for the regional root bridge.

• Designated Bridge – Displays the MAC address and priority for the current designated bridge.

• Root Port – Switch port connecting the switch to that MST’s root bridge device.

Table of Contents

Page 62

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

Port Settings

Conﬁgure MSTP settings for each port.

Figure 54. STP MST Port Settings Menu

• MST ID – Select the MST ID to conﬁgure.

• Port – Switch port being conﬁgured.

• Priority – Value used to prioritize the port. If all ports are left to default priority, then priority is elected based on link speed of the port. Smaller values indicate higher priority; larger values, lower priority. Range: 0-240 (multiples of 16)

Default: 128

• Internal Path Cost Conf / Oper – (Conﬁgured/Operating) Set the conﬁgured internal path cost and see the current operational internal path cost.

• Regional Root Bridge – Displays the MAC address and priority for the regional root bridge.

• Designated Bridge – Displays the MAC address and priority for the designated bridge.

• Port Role – Displays what role the port is currently playing. Options:

• Root – The port links the switch to the root bridge device.

• Designated – Ports in use within the MSTP region.

• Disabled – Port is not in use.

• Port State – Displays what state the port is currently in. Options:

• Root – The port links the switch to the root bridge device.

• Disabled – Port is not in use.

Table of Contents

Page 63

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

26 - Advanced VLANs – Overview

The advanced VLAN pages contain settings for customizing VLANs beyond basic port-based settings.

Advanced VLANs – 802.1Q VLANs

VLAN Settings

Manually conﬁgure VLAN tagging for each port.

Figure 55. 802.1Q VLAN Settings Menu

• VID – VLAN ID.

• Name – Use this ﬁeld to enter a custom VLAN name for easy identiﬁcation.

• Tagged Port – Tagged ports and LAGs for the VLAN. Click the ﬁeld to conﬁgure.

• Untagged Port – Untagged ports and LAGs for the VLAN. Click the ﬁeld to conﬁgure.

Default: All ports untagged

• Delete – Click the trash can icon then click Apply to delete a VLAN entry.

• Add – Click to create a new entry. Remember to click Apply to save the new settings.

PVID Settings

Use Port VLAN ID to conﬁgure tagging on packets coming to a port.

Figure 56. 802.1Q PVID Settings Menu

• Port – Switch port identiﬁer.

• PVID – Enter the VLAN ID(s) to be associated with the port.

• Accept Type – Select which packets are tagged with the PVID. Options:

• Untagged Only – Only untagged packets are tagged.

• Tagged Only – Only tagged packets are stripped and retagged.

• ALL – All packets are tagged/stripped and retagged.

• Ingress Filtering – Enable or disable.

Table of Contents

Page 64

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

Advanced VLANs – Private VLANs

Private VLANs provide port-based security and isolation between ports within the assigned VLAN. Trac on ports assigned to a private VLAN can only be forwarded to and from uplink ports.

Note – The Private VLANs feature is only found in 310 series switches.

Figure 57. Private VLANs Menu

• Port – Switch port identiﬁer.

• Private – Check the box to set a port to private status.

Default: Not checked

Table of Contents

Page 65

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

Advanced VLANs – Voice VLANs

Coﬁgure VLANs for VOIP phone systems with built-in VLAN tagging abilities. The interface includes presets for quickly conﬁguring many popular brands. The switch will examine tagged packets from phones and place them in the correct VLAN automatically. QoS prioritization can also be applied to help ensure audio quality on VoIP calls.

General Settings

Note – In order to conﬁgure a new voice VLAN, you must ﬁrst create a new VLAN. The default

VLAN cannot be used. See:

• Section “14 - VLAN Settings (Basic Port-Based)” on page 31, or

• Section “Advanced VLANs – 802.1Q VLANs” on page 61

Figure 58. Voice VLANs Settings

• Voice VLAN State – Click to enable or disable the Voice VLAN feature.

Default: Disabled

• Voice VLAN ID – Select an existing VLAN ID for use as a Voice VLAN.

• 802.1p Remark – Enable or disable 802.1p Remarks in packets to prioritize voice packets.

Default: Disabled

• Remark CoS/802.1p – Select what priority level to give voice packets if remarking is enabled. Higher values receive higher priority. Range: 0-7

Default: 6

• Aging Time – Range: 30~65535 minutes

Default: 1440 minutes

Table of Contents

Page 66

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

OUI Settings

The Organizationally Unique Identiﬁer (OUI) is the ﬁrst half of a device MAC address, and is unique for every phone manufacturer. The OUI is used to automatically detect packets from the phone and send them to the Voice VLAN. The included values are very popular, and new values may be added.

Figure 59. Voice VLANS OUI Settings

• Index – Identiﬁer for the OUI.

• OUI Address – Portion of the MAC address used to identify dierent brands of IP phones.

• Description – Phone system name.

• Delete – Click the trash can icon then click Apply to delete an entry.

• Add – Click to create a new entry. Remember to click Apply to save the new settings.

Port Settings

Conﬁgure port-based Voice VLAN settings.

Figure 60. Voice VLANS Port Settings

• Port – Switch port identiﬁer.

• State – Enable or disable Voice VLAN tag examination on the port.

• CoS Mode – Select the Class of Service (CoS) mode. Options:

• Src – Only packets from the source MAC address are given QoS prioritization on the Voice VLAN.

• All – All packets on the Voice VLAN are given QoS prioritization.

• Operate Status – Displays the current operating status of the Voice VLAN feature on the port.

Table of Contents

Page 67

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

27 - Security – Port Mirroring

Port mirroring is used to send a copy of packets received on one switch port to a network monitoring device/software on another switch port. This is commonly used for network appliances that require monitoring of network trac. Network engineers or administrators use port mirroring to analyze and diagnose errors on a network.

Figure 61. Port Mirroring Page

• Session ID – Session identiﬁer.

• Enable – Check to enable a port mirroring session.

• Destination Port – Port that packets will be mirrored to.

• Source TX Port – Port that sent the original packets.

• Source RX Port – Port originally receiving the packets.

• Ingress State – Enable or disable.

28 - Security – 802.1x

802.1x allows port-based client authentication with the use of a RADIUS server.

802.1x Global Setting

Conﬁgure global 802.1x settings.

Figure 62. 802.1x Global Settings Menu

• State – Enable or disable the 802.1x feature.

• Guest VLAN – Enable or disable guest VLAN use for 802.1x. If enabled, all authorized clients will be connected to the VLAN.

• GUEST VLAN ID – Select a VLAN ID for use if Guest VLAN is Enabled.

Table of Contents

Page 68

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

Port Settings

Conﬁgure 802.1x settings for each switch port.

Figure 63. 802.1x Port Settings Menu

• Port – Switch port identiﬁer.

• Mode – Options:

• Disabled – 802.1x is disabled through the port.

• Auto – Port allows only packets used for authentication and network discovery until the client is authenticated, then allows uninterrupted trac.

• ForceUnAuthorized – The port will remain unauthorized state and ignore all attempts to authenticate a client.

• ForceAuthorized – The port always behaves as if an authenticated client is connected.

• Reauthentication – Enable or disable reauthentication by the switch. If enabled, a client that failed to authenticate will not be allowed to try again until the next period based on the Period Setting.

Default: Enabled

• Reauthentication period – Set the reauthentication period.

Default: 3600 seconds

• Quiet Period – Set the quiet period.

Default: 60

• Supplicant Period – Set the Supplicant period.

Default: 30

• Max Retry – Set the Max Retry value.

Default: 2

• Authorized Status – Displays the current authorization status of the port.

• Guest VLAN – Enable or disable guest VLAN use for the port.

Default: Enabled Default:

Table of Contents

Page 69

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

Authenticated Host

See currently connected authenticated hosts connected using 802.1x.

Figure 64. 802.1x Authenticated Host Table

• User Name – Name of the user conﬁgured in the RADIUS server.

• Port – Switch port the user is authenticated on.

• Session Time – Amount of time since the user was authenticated for the current session.

• Authenticate Method – Method used to authenticate the user.

• MAC Address – MAC address of the connected client port.

Table of Contents

Page 70

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

29 - Security – Radius Server

The Remote Authentication Dial-In User Service (RADIUS) protocol provides central management for users connecting to use network services. Use this menu to conﬁgure settings for the server.

Figure 65. Radius Server Menu

• Index – RADIUS Server entry identiﬁer.

• Server IP – IP address of the RADIUS server.

• Authorized Port – Port for clients communicating with the server.

• Key String – Enter the authentication key used between the switch and the server.

• Timeout Reply – How many seconds to wait for a reply from the server before trying again.

Default: 3 seconds.

• Retry – Number of times to attempt connection to the server.

Default: 3

• Server Priority – Enter the RADIUS server the priority for the switch. The server with the highest priority will be queried ﬁrst. Lower values give higher priority.

Default: 1

• Dead Timeout – Amount of time before the switch stops attempting to connect.

Default: 0

• Delete – Click the trash can icon then click Apply to delete an entry.

Table of Contents

Page 71

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

30 - Security – DOS

Use Denial of Service (DOS) settings to protect from DoS attacks. The switch will block trac that meets the conﬁgured conditions.

Global Settings

Figure 66. Global DOS Settings Menu

• DMAC = SMAC – Enable or Disable ﬁltering of this type of attack.

Default: Enabled

• Land – Enable or Disable ﬁltering of this type of attack.

Default: Enabled

• UDP Blat – Enable or Disable ﬁltering of this type of attack.

Default: Enabled

• TCP Blat – Enable or Disable ﬁltering of this type of attack.

Default: Enabled

• POD – Enable or Disable ﬁltering of this type of attack.

Default: Enabled

• IPv6 Min Fragment – Enable or Disable ﬁltering of this type of attack.

Default: Enabled

• Bytes – Specify the minimum IPv6 fragment size to ﬁlter. Range: 0-65535 Bytes

Default: 1240 Bytes

• ICMP Fragments – Enable or Disable ﬁltering of this type of attack.

Default: Enabled

• IPv4 Ping Max Size – Enable or Disable ﬁltering of this type of attack.

Default: Enabled

• IPv6 Ping Max Size – Enable or Disable ﬁltering of this type of attack.

Default: Enabled

Continues on next page

Table of Contents

Page 72

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

Global DOS Security Settings, Continued

• Ping Max Size Setting – Specify the maximum IPv6 fragment size to ﬁlter. Range: 0-65535 Bytes

Default: 512 Bytes

• Smurf Attack – Enable or Disable ﬁltering of this type of attack.

Default: Enabled

• Netmask Length – Specify the netmask length to ﬁlter. Range: 0-32

• TCP Min Hdr Size – Enable or Disable ﬁltering of this type of attack.

Default: Enabled

• TCP Min Hdr Bytes – Specify the minimum number of TCP Min Hdr Bytes to ﬁlter. Range: 0-31 Bytes

Default: 20 Bytes

• TCP-SYN(SPORT<1024) – Enable or Disable ﬁltering of this type of attack.

Default: Enabled

• Null Scan Attack – Enable or Disable ﬁltering of this type of attack.

Default: Enabled

• X-Mas Scan Attack – Enable or Disable ﬁltering of this type of attack.

Default: Enabled

• TCP SYN-FIN Attack – Enable or Disable ﬁltering of this type of attack.

Default: Enabled

• TCP SYN-RST Attack – Enable or Disable ﬁltering of this type of attack.

Default: Enabled

• TCP Fragment (Oset = 1) – Enable or Disable ﬁltering of this type of attack.

Default: Enabled

Port Settings

Conﬁgure port-based DOS security settings.

Figure 67. DOS Port Settings Table

• Port – Switch port identiﬁer.

• DoS Protection – Select Yes to enable DoS protection for the port, or No disable protection for the port. If enabled, the switch will block any types of trac that ﬁltering is enabled for in the DOS Global Settings menu.

Table of Contents

Page 73

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

31 - Security – Port Security

Limit the number of connected devices on a given port by limiting the total number of MAC addresses that may be identiﬁed on that port.

Figure 68. Port Security Table

• Port – Switch port identiﬁer.

• State – Enable or disable security for the port.

• Max MAC Address – Enter the total number of MAC addresses that may be identiﬁed on the port.

32 - Security – MAC Address Filter

Bind MAC addresses to VLANs regardless of which port they are connected on.

Figure 69. MAC Address Filter Table

• Index – MAC Filter rule identiﬁer.

• VID – Select the VLAN ID for the MAC address to be bound to.

• MAC Address – Enter the MAC address to be ﬁltered.

• Delete – Click the trash can icon then click Apply to delete an entry.

Table of Contents

Page 74

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

33 - RMON Overview

Remote Network Monitoring (RMON) allows the switch to monitor network trac and send alarms if speciﬁed limits are reached or passed. Conﬁgure what events to monitor and how to react. Events may be logged and/or sent to other network clients using SNMP.

RMON – Event List

Deﬁne event types to execute when RMON alarms are triggered.

Figure 70. Event List

• Index – Enter a value to identify the event entry. Range: 1-65535

• Event Type – Select the desired action from the drop down:

• Log – Add an entry to the event log when the alarm goes o.

• SNMP Trap – Send a message to the remote log server when the alarm goes o.

• Log and Trap – Log and send a message (above) when the alarm goes o.

• Community – If using SNMP Trap or Log and Trap event type, select whether the SNMP community is Public or Private.

• Description – Enter a description for the event type.

• Last Time Sent – Last occurrence of an event of the speciﬁed type being sent.

• Owner – Enter a name for the owner of the event.

• Delete – Click the trash can icon then click Apply to delete an entry.

RMON – Event Log Table

View RMON event logs.

Figure 71. Event Log Table

• Select Event Index – Select an Event identiﬁer from the drop down. There must be conﬁgured entries in the RMON Event List to use the drop down.

• Refresh – Click to refresh the list and see the newest events.

Table of Contents

Page 75

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

RMON – Alarm List

Conﬁgure alarms for RMON events.

Figure 72. Alarm List

• Index – Enter an identiﬁer for the Alarm List entry.

• Sample Port – Select the port to monitor from the drop down.

• Sample Variable – Select the event type to monitor for. Options: DropEvents, Octets, Pkts, BroadcastPkts, MulticastPkts, CRCAlignErrors, UnderSizePkts, OverSizePkts, Fragments, Jabbers, Collisions, PktsOctets, Pkts65-127Octets, Pkts128to255Octets, Pkts256to511Octets, Pkts512to1023Octets, Pkts1024to1518Octets.

• Sample Interval – Enter the alarm interval time.

• Sample Type – Select the sampling method:

• Absolute – Compares values of thresholds vs. captured at the end of each sample interval. Use this option if the monitored value can increase or decrease at any time.

• Delta – Detects change over time by subtracting the most recent sampled value from the current Use the option if the monitored value always increases over time.

• Rising Threshold – Upper threshold of the monitored value. Use this in conjunction with Falling Threshold to be alerted when the monitored value leaves the desired operating range.

• Falling Threshold – Lower threshold of the monitored value. Use this in conjunction with Rising Threshold to be alerted when the monitored value leaves the desired operating range.

• Rising Event – Select an event to execute from the drop down when the monitored value exceeds the Rising Threshold.

• Falling Event – Select an event to execute from the drop down when the monitored value exceeds the Falling Threshold.

• Owner – Enter a name to identify when the switch sends an alarm.

• Delete – Click the trash can icon then click Apply to delete an entry.

Table of Contents

Page 76

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

RMON – History List

Conﬁgure the events to record to the RMON history log on each port.

Figure 73. History List

• Index – History Log identiﬁer

• Sample Port – Select the port to monitor.

• Bucket Requested – Enter the number of samples to save in each entry.

• Interval – Enter the interval for recording samples on the port.

• Owner – Enter the name of the requester.

• Delete – Click the trash can icon then click Apply to delete an entry.

RMON – History Log Table

View selected history logs.

Figure 74. History Log Table

• Select History Index – Select a History Log type to monitor from the drop down. In order to view logs, you must ﬁrst conﬁgure an entry in the RMON History List.

• Refresh – Click to refresh the log and see the newest results.

Table of Contents

Page 77

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

34 - QoS – Overview

Quality of Service (QoS) is used to organize and prioritize packet ﬂow and bandwidth use on the LAN based on trac type, source, or destination in order to help guarantee network performance for critical services.

QoS – Global Settings

Figure 75. Global Settings

• State – Enabled or Disabled.

• Scheduling Method – Select the desired mode for scheduling trac from the drop down:

• Strict Priority – Trac is scheduled speciﬁcally based on queue priority.

• WRR – Use the Weighted Round Robin algorithm to prioritize trac queues.

• Trust Mode – Select the desired mode of operation from the drop down:

• 802.1p – Trac is prioritized based on its 802.1p priority tag.

• DSCP – Trac is prioritized based on its DSCP priority tag.

• 802.1p + DSCP – Trac is prioritized based on both 802.1p and DSCP priority tags.

QoS – COS Mapping

Assign trac of dierent CoS priority levels to the desired queue.

Figure 76. COS Mapping Table

• CoS – CoS Priority level identiﬁer.

• Queue – Select a queue from the drop down for the given priority level. The default values are standard for most applications.

Table of Contents

Page 78

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

QoS – DSCP Mapping

Assign trac of dierent Dierentiated Services Code Point (DSCP) priority levels to the desired queue.

Figure 77. DSCP Mapping Table

• DSCP – DSCP Priority level identiﬁer

• Queue – Select a queue from the drop down for the given priority level. The default values are standard for most applications.

QoS – Port Settings

Assign all trac from speciﬁed ports to be tagged with a certain CoS value.

Figure 78. QoS Port Settings Table

• Port – Switch Port identiﬁer.

• CoS Value – Select a CoS value from the drop down for all packets on the speciﬁed port.

• Trust – Enable or disable.

QoS – Bandwidth Control

Limit the total amount of trac allowed to come into or out of switch ports.

Figure 79. Bandwidth Control Table

• Port – Switch Port identiﬁer.

• Ingress – Enable or disable incoming bandwidth control for the port.

• Ingress Rate (kbps) – Enter the maximum data rate in kbps (multiples of 16) for incoming trac on the port.

• Egress – Enable or disable outgoing bandwidth control for the port.

• Egress Rate (kbps) – Enter the maximum data rate in kbps (multiples of 16) for outgoing trac on the port.

Table of Contents

Page 79

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

QoS – Storm Control

Use Storm Control to limit the amount of broadcast, unknown multicast, and unknown unicast packets coming into ports on the switch. Excessive frames are discarded when the speciﬁed limit is passed.

Figure 80. Storm Control Table

• Port – Switch Port identiﬁer.

• Status – Enable or Disable Storm Control for the speciﬁed port.

• Broadcast (kbps) – Check the box to enable Broadcast storm control, then enter the maximum allowed trac rate of that type in kbps.

• Unknown Multicast (kbps) – Check the box to enable Unknown Multicast storm control, then enter the maximum allowed trac rate of that type in kbps.

• Unknown Unicast (kbps) – Check the box to enable Unknown Unicast storm control, then enter the maximum allowed trac rate of that type in kbps.

Table of Contents

Page 80

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

35 - ACL – Overview

Access Control Lists (ACLs) are used for preventing access between or to devices on the network, primarily for many clients to one or vice versa. MAC-based ACLs can only control incoming trac and IPv4/IPv6

-based ACLs can control both incoming and outgoing trac.

Note – The ACL feature is only found in 310 series switches.

ACL – MAC ACL

Create MAC address-based rules for controlling incoming access to a device on any connected port.

Figure 81. MAC ACL List

MAC ACL List

Manage MAC ACLs.

• Index – List identiﬁer.

• Name – Enter a name to describe the members or reason for the ACL list.

• Delete – Click the trash can icon then click Apply to delete an entry.

MAC ACE List

Deﬁne Access Control Entries (ACEs) associated with each ACL list.

• Click any entry ﬁeld to open the MAC ACE List Editor (see next page).

• Delete – Click the trash can icon then click Apply to delete an entry.

• Add – Click to create a new entry. Remember to click Apply to save the new settings. You must create an ACL List entry before adding a new ACE List entry.

Table of Contents

Page 81

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

MAC ACE List Editor

Figure 82. MAC ACL ACE List Editor

• ACL Name – Select the ACL to associate the ACE with.

• Sequence – Enter a value for the sequence in relation to other ACLs. The smallest value is processed ﬁrst.

• Action – Select whether to Permit or Deny trac that meets the set criteria.

• Destination MAC Address – Destination MAC address to monitor for. Options: Any or User Deﬁned.

• Destination MAC Mask – Destination MAC mask to monitor for. Use this ﬁeld to ﬁlter multiple addresses within a range. Only visible when monitoring a User Deﬁned address.

• Source MAC Value – Source MAC address to monitor for. Options: Any or User Deﬁned.

• Source MAC Mask – Source MAC mask to monitor for. Use this ﬁeld to ﬁlter multiple addresses within a range. Only visible when monitoring a User Deﬁned address.

• VLAN ID – Enter the VLAN ID to monitor for.

• 802.1p Value – Enter the 802.1p value to monitor for.

• Ethertype – Leave blank. Entering a value will restrict trac using certain protocols.

• OK – Click to accept the new settings and return to the MAC ACL ACE List.

• Cancel – Click to reject the new settings and return to the MAC ACL ACE List.

Table of Contents

Page 82

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

ACL – IPV4 ACL

Create rules for controlling incoming and outgoing trac to any device on a connected port based on its IPv4 address.

Figure 83. IPv4 ACL Menu Page

IPv4 ACL List

• Index – List identiﬁer.

• Name – Enter a name to describe the members or reason for the ACL list.

• Delete – Click the trash can icon then click Apply to delete an entry.

• Add – Click to create a new entry. Remember to click Apply to save the new settings.

IPv4 ACE List

Deﬁne Access Control Entries (ACEs) associated with each ACL list.

• Click any entry ﬁeld to open the IPv4 ACE List Editor (see next page).

• Delete – Click the trash can icon then click Apply to delete an entry.

• Add – Click to create a new entry. Remember to click Apply to save the new settings. You must create an ACL List entry before adding a new ACE List entry.

Table of Contents

Page 83

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

IPv4 ACE List Editor

Figure 84. IPv4 ACL ACE Editor

• ACL Name – Select the ACL to associate the ACE with.

• Sequence – Enter a value for the sequence in relation to other ACLs. The smallest value is processed ﬁrst.

• Action – Select whether to Permit or Deny trac that meets the set criteria.

• Protocol – Select whether trac using a certain protocol is controlled. Options:

• Any – No Protocol monitoring.

• Select from list – Select the protocol to control from the drop down. Options: IPv4:ICMP, IPinIP, TCP, EGP, UDP, HMP, RDP, IPv6, IPv6:Rout, IPv6Frag, RSVP, IPv6:ICMP, OSPF, PIM, or L2TP.

• Protocol ID – Enter the identiﬁer for the protocol.

• Source/Destination IP Address – Select whether to monitor Any or a User Deﬁned address.

• Source/Destination IP Address Value – Enter the address to monitor. Only visible when monitoring a User Deﬁned address.

• Source/Destination IP Mask – Subnet mask to monitor. Use this ﬁeld to ﬁlter multiple addresses within a range. Only visible when monitoring a User Deﬁned address.

• Source/Destination Port/Port Range – Enter a port or ports to monitor.

• Type of Service – Select Any or DSCP to match (then enter range).

• ICMP Type – Select the IMCP type to monitor:

• Any – No ICMP monitoring.

• Select from list – Select the ICMP type to monitor. Options: EchoReply, Destination Unreachable, Source Quench, Echo Request, Router Advertisement, Router Solicitation, Time Exceeded, Timestamp, Timestamp Reply, or Traceroute.

• Protocol ID – Enter the identiﬁer for the protocol

• ICMP Code

• Any – No ICMP code monitoring.

• User Deﬁned – Enter the code value to be monitored.

• OK – Click to accept the new settings and return to the IPv4 ACL ACE List.

• Cancel – Click to reject the new settings and return to the IPv4 ACL ACE List.

Table of Contents

Page 84

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

ACL – IPV6 ACL

Create rules for controlling incoming and outgoing trac to any device on a connected port based on its IPv6 address.

Figure 85. IPv6 ACL Menu Page

IPv6 ACL List

• Index – List identiﬁer.

• Name – Enter a name to describe the members or reason for the ACL list.

• Delete – Click the trash can icon then click Apply to delete an entry.

• Add – Click to create a new entry. Remember to click Apply to save the new settings.

IPv6 ACE List

Deﬁne Access Control Entries (ACEs) associated with each ACL list.

• Click any entry ﬁeld to open the IPv4 ACE List Editor (see next page).

• Delete – Click the trash can icon then click Apply to delete an entry.

• Add – Click to create a new entry. Remember to click Apply to save the new settings. You must create an ACL List entry before adding a new ACE List entry.

Table of Contents

Page 85

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

IPv6 ACE List Editor

Figure 86. IPv4 ACL ACE Editor

• ACL Name – Select the ACL to associate the ACE with.

• Sequence – Enter a value for the sequence in relation to other ACLs. The smallest value is processed ﬁrst.

• Action – Select whether to Permit or Deny trac that meets the set criteria.

• Protocol – Select whether trac using a certain protocol is controlled. Options:

• Any – No speciﬁc protocol monitoring.

• Select from list – Select the protocol to control from the drop down. Options: TCP, UDP, IPv6:ICMP.

• Protocol ID – Enter the identiﬁer for the protocol.

• Source/Destination IP Address – Select whether to monitor Any or a User Deﬁned address.

• Source/Destination IP Address Value – Enter the address to monitor. Only visible when monitoring a User Deﬁned address.

• Source/Destination IP Preﬁx Length – Preﬁx to monitor. Use this ﬁeld to ﬁlter multiple addresses within a range. Only visible when monitoring a User Deﬁned address.

• Source/Destination Port/Port Range – Enter a port or ports to monitor.

• TCP Flags – Select options for monitoring TCP Flags when monitoring TCP Protocol.

• Type of Service – Select Any or DSCP to match (then enter range).

• OK – Click to accept the new settings and return to the IPv6 ACL ACE List.

• Cancel – Click to reject the new settings and return to the IPv6 ACL ACE List.

Table of Contents

Page 86

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

ACL – ACL Binding

Bind conﬁgured ACLs to switch ports to implement access control rules.

Figure 87. ACL Binding Menu Page

• Port – Switch Port identiﬁer.

• MAC/ IPv4/ IPv6 ACL – Select an ACL entry to enable on the port. You must conﬁgure a rule in the respective ACL menu before conﬁguring this setting.

Table of Contents

Page 87

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

36 - SNMP – Overview

The Simple Network Management Protocol (SNMP) is a Layer 7 protocol for managing and monitoring network equipment from a central SNMP manager.

Managed devices that support SNMP run their own agent software; the SNMP agent maintains a deﬁned set of variables that are used to manage the switch. These objects are deﬁned in a Management Information Base (MIB).

The Araknis switch includes an SNMP agent that supports SNMP versions 1, 2c, and 3. This agent continuously monitors the status of the switch hardware and the trac passing through its ports. SNMP client software can access the switch SNMP agent through SNMP community strings. These community strings are used for authentication.

SNMPv3 provides additional security features that cover message integrity, authentication, and encryption, as well as controlling user access to speciﬁc objects in the MIB.

SNMP – Global Settings

Conﬁgure global settings for SNMP.

Settings

Figure 88. SNMP Global Settings

• SNMP State – Enabled or disable SNMP for the switch.

• Engine ID – Enter a unique SNMP Engine identiﬁer. Check the box to use the default ID. The ID must be made from an even number of 10~64 hex letters. Enter this ID in other equipment when prompted to use the switch as the SNMP server.

Table of Contents

Page 88

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

Trap Settings

Conﬁgure trap servers for the switch to send SNMP trap messages to.

Figure 89. SNMP Trap Settings

• Server IP/Hostname – Enter the address of the SNMP trap server.

• SNMP Version – Select the SNMP version used by the server. Options: v1, v2c, or v3.

• Notify Type – Select whether notiﬁcations are sent as Traps or as Informs.

• Community Name – Select whether the name is Public or Private.

• User Name – Select the username for logging into the server.

• UDP – UDP port for logging into the server.

• Timeout – Number of seconds to wait before declaring a timeout of connection from the server.

• Retry – Number of retry attempts to make after a timeout.

• Delete – Click the trash can icon then click Apply to delete an entry.

• Add – Click to create a new entry. Remember to click Apply to save the new settings.

Remote Engine ID List

Conﬁgure the switch to recognize SNMPv3 inform notiﬁcations from other engines.

Figure 90. SNMP Remote Engine ID List Settings

• Server IP – Enter an IP address for a remote SNMP server.

• Remote Engine ID – Enter the ID found in the Engine.

• Delete – Click the trash can icon then click Apply to delete an entry.

• Add – Click to create a new entry. Remember to click Apply to save the new settings.

Table of Contents

Page 89

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

SNMP – Lists

Conﬁgure SNMP groups, events, community strings, and users.

Group Lists

Figure 91. SNMP Group List

• Group Name – Enter a name to describe the group.

• Security Mode – Select the SNMP version for the group. Options: v1, v2c, or v3

• Security Level – Select the security level for users in the group. Options:

• NoAuth – No authentication or privacy for group members.

• Auth – SNMP messages are authenticated.

• Priv – SNMP messages are encrypted.

• Read View – All; cannot be changed.

• Write View – Select None or All.

• Notify View – Select None or All.

• Delete – Click the trash can icon then click Apply to delete an entry.

• Add – Click to create a new entry. Remember to click Apply to save the new settings.

View List

Figure 92. SNMP View List

• View Name – Enter a name to identify the View.

• Subtree OID – Enter the Subtree Object Identiﬁer (OID) value (must begin with a “.”). This value identiﬁes an MIB tree that will be granted or denied access by the SNMP manager. Max level: 20

• Subtree Mask – Enter 0 (zero) for does not concern, or 1 for is concerned.

• View Type – Select Included or Excluded.

• Delete – Click the trash can icon then click Apply to delete an entry.

• Add – Click to create a new entry. Remember to click Apply to save the new settings.

Table of Contents

Page 90

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

SNMP Community List

Figure 93. SNMP Community List

• Community Name – Enter a name to describe the community.

• Community Mode – Select Basic or Advanced

• Group Name – Select the group that community belongs to. You must conﬁgure a group before conﬁguring this setting.

• View Name – Select All or a speciﬁc user. You must conﬁgure a user before conﬁguring this setting.

• Access Rights – Select Read Only or

• Delete – Click the trash can icon then click Apply to delete an entry.

• Add – Click to create a new entry. Remember to click Apply to save the new settings.

User List

Figure 94. SNMP User List

• User Name – Enter a name for the user.

• Group Name – Select which group the user is a part of. You must conﬁgure an SNMP group before conﬁguring this setting.

• Privilege Mode –

• NoAuth – No authentication or privacy for group members.

• Auth – SNMP messages are authenticated.

• Priv – SNMP messages are encrypted.

• Authentication Protocol – MD5 or SHA.

• Authentication Password – Enter the password for user authentication.

• Encryption Protocol – Select whether to use DES encryption with Priv privilege level messages.

• Encryption Key – Enter a key for DES encryption. Minimum 8 characters long.

• Delete – Click the trash can icon then click Apply to delete an entry.

• Add – Click to create a new entry. Remember to click Apply to save the new settings.

Table of Contents

Page 91

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

37 - Advanced LACP

Conﬁgure advanced parameters for LACP communication between switches connected by aggregated links.

Figure 95. Advanced LACP Settings

Settings

• System Priority – Enter a priority value for the switch. The device with the lowest value has priority. Range: 1-65535

Default: 32768

LACP Timeout

• Port – Switch Port identiﬁer.

• Timeout – Set the timeout speed for disabled ports to be removed from a trunk. Use the Low setting for busy trunked links.

Table of Contents

Page 92

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

38 - Advanced Log

Conﬁgure advanced system logging. These settings aect the log on the system status page.

Settings

Turn advanced logging on or o.

Figure 96. Log Settings

• Logging Service – Enabled or disable logging services.

Local Logging

Use this menu to conﬁgure whether log entries are submitted for the speciﬁed event severity. Values to the left indicate more severe events, and logs to the right indicate less severe events. Any NOTICE, INFO, or DEBUG events may be disregarded by the user.

Figure 97. Local Logging

• EMERG/ALERT/CRIT/ERROR/WARNING/NOTICE/INFO/DEBUG – Select Yes to enable local logging for the event severity level or No to disable logging for the event severity level.

Remote Logging

Figure 98. Remote Logging

• IP/Hostname – Enter the IP address of the remote log server.

• Server Port – Enter the port conﬁgured for server communication.

• EMERG/ALERT/CRIT/ERROR/WARNING/NOTICE/INFO/DEBUG – Select Yes to enable remote logging for the event severity level or No to disable logging for the event severity level.

• Facility – Select the facility value for the remote logging event. Options: local0-local7.

Default: local 0

• Delete – Click the trash can icon then click Apply to delete an entry.

• Add – Click to create a new entry. Remember to click Apply to save the new settings.

Table of Contents

Page 93

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

Table of Figures

Figure 1. Package Contents 8

Figure 2. Mounting Methods 11

Figure 3. Connection Diagram 13

Figure 4. EIA/TIA 568B Termination Pattern 13

Figure 5. PoE Calculation Example 14

Figure 6. OvrC Operation Diagram 15

Figure 7. Interface Layout 21

Figure 8. Apply Button 21

Figure 9. System Information and Port Status 22

Figure 10. Events Log 23

Figure 11. Port Status 24

Figure 12. System Information Settings 25

Figure 13. IP Address Settings Menu 26

Figure 14. Date and Time Settings, UPnP 27

Figure 15. Recommended System Settings 28

Figure 16. Jumbo Frame and Basic Port Settings 29

Figure 17. Advanced Port Settings 30

Figure 18. PoE Settings Menu 31

Figure 19. PoE Settings Menu 32

Figure 20. VLAN Settings 33

Figure 21. Access and Trunk Port Selection 33

Figure 22. Conﬁguring Ports in a VLAN 34

Figure 23. Link Aggregation Settings Menu 35

Figure 24. Access Management Menu Page 37

Figure 25. Ping Test Page 38

Figure 26. Successful Ping Test Result 39

Figure 27. Failed Ping Test Result 39

Figure 28. Trace Route Test Page 40

Figure 29. Trace Route Result 41

Figure 30. File Management Menu 42

Figure 31. Dual Image Menu 43

Figure 32. Restart Page 44

Figure 33. Log Out Page 44

Figure 34. Detailed Port Statistics 46

Figure 35. Neighbors MAC Address Table 48

Figure 36. LLDP Information 49

Figure 37. LLDP Settings 50

Figure 38. LLDP Remote Device Menu 50

Figure 39. IGMP Snooping Settings 51

Figure 40. IGMP Snooping VLAN Settings 51

Table of Contents

Page 94

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

Figure 41. IGMP Snooping Querier Settings 52

Figure 42. IGMP Snooping Group List Settings 53

Figure 43. IGMP Snooping Router Settings 53

Figure 44. IGMP Snooping URC Settings 53

Figure 45. MLD Snooping Menu 54

Figure 46. MLD Snooping VLAN Settings 54

Figure 47. MLD Snooping Group List 54

Figure 48. MLD Snooping Router Settings 55

Figure 49. Global STP Settings Menu 56

Figure 50. Global STP Root Bridge Information 57

Figure 51. Global STP Basic Settings 58

Figure 52. STP CIST Port Settings Menu 59

Figure 53. STP MST Instance Settings Menu 61

Figure 54. STP MST Port Settings Menu 62

Figure 55. 802.1Q VLAN Settings Menu 63

Figure 56. 802.1Q PVID Settings Menu 63

Figure 57. Private VLANs Menu 64

Figure 58. Voice VLANs Settings 65

Figure 59. Voice VLANS OUI Settings 66

Figure 60. Voice VLANS Port Settings 66

Figure 61. Port Mirroring Page 67

Figure 62. 802.1x Global Settings Menu 67

Figure 63. 802.1x Port Settings Menu 68

Figure 64. 802.1x Authenticated Host Table 69

Figure 65. Radius Server Menu 70

Figure 66. Global DOS Settings Menu 71

Figure 67. DOS Port Settings Table 72

Figure 68. Port Security Table 73

Figure 69. MAC Address Filter Table 73

Figure 70. Event List 74

Figure 71. Event Log Table 74

Figure 72. Alarm List 75

Figure 73. History List 76

Figure 74. History Log Table 76

Figure 75. Global Settings 77

Figure 76. COS Mapping Table 77

Figure 77. DSCP Mapping Table 78

Figure 78. QoS Port Settings Table 78

Figure 79. Bandwidth Control Table 78

Figure 80. Storm Control Table 79

Figure 81. MAC ACL List 80

Table of Contents

Page 95

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

Figure 82. MAC ACL ACE List Editor 81

Figure 83. IPv4 ACL Menu Page 82

Figure 84. IPv4 ACL ACE Editor 83

Figure 85. IPv6 ACL Menu Page 84

Figure 86. IPv4 ACL ACE Editor 85

Figure 87. ACL Binding Menu Page 86

Figure 88. SNMP Global Settings 87

Figure 89. SNMP Trap Settings 88

Figure 90. SNMP Remote Engine ID List Settings 88

Figure 91. SNMP Group List 89

Figure 92. SNMP View List 89

Figure 93. SNMP Community List 90

Figure 94. SNMP User List 90

Figure 95. Advanced LACP Settings 91

Figure 96. Log Settings 92

Figure 97. Local Logging 92

Figure 98. Remote Logging 92

Table of Contents

Page 96

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

39 - AN-210-SW Hardware Speciﬁcations

AN-210-SW-8 AN-210-SW-16 AN-210-SW-24 AN-210-SW-48

Ethernet Ports

10/100/1000BaseT RJ-45 PoE Ports 8 16 24 48

1000BaseT SFP Ports 2 2 2 4

Hardware Performance

Flash Memory 16MB 16MB 16MB 32MB

SDRAM 128MB 128MB 128MB 256MB

Packet Buer 524KB 524KB 524KB 1.5MB

MAC Address Table Size 8K 8K 8K 16K

Switching Capacity 20Gbps 36Gbps 52Gbps 104Gbps

Forwarding Rate 14.8Mpps 26.8Mpps 38.7Mpps 77.4Mpps

PoE Features (802.3af/at Compliant)

Max Power Output per Port 30W 30W 30W 30W

Total PoE Power Budget 65W 130W 190W 375W

Enable/Disable per port Yes

Priority Setting per port Yes

Overloading Protection per port Yes

Power level setting per port Yes

Environmental

Dimensions (W x H x D inches) 12.99x1.73x9.05 17.32x1.73x10.23 17.32x1.73x10.23 17.32x1.73x16.14

Power Supply 100-240V AC, 50/60 Hz

Max Watts Power Consumption 87W 168W 312W 482W

Operating Temperature 0-50°C/32-122°F

Humidity (non-condensing) 10 - 90%

Table of Contents

Page 97

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

40 - AN-310-SW (Non-PoE) Hardware Speciﬁcations

AN-310-SW-8 AN-310-SW-16 AN-310-SW-24 AN-310-SW-48

Ethernet Ports

10/100/1000BaseT RJ-45 PoE Ports 8 16 24 48

1000BaseT SFP Ports 2 2 2 4

Hardware Performance

Flash Memory 16MB 16MB 16MB 32MB

SDRAM 128MB 128MB 128MB 256MB

Packet Buer 524KB 524KB 524KB 1.5MB

MAC Address Table Size 8K 8K 8K 16K

Switching Capacity 20Gbps 36Gbps 52Gbps 104Gbps

Forwarding Rate 14.8Mpps 26.8Mpps 38.7Mpps 77.4Mpps

Environmental

Dimensions (W x H x D inches) 12.99x1.73x9.05 17.32x1.73x10.23 17.32x1.73x10.23 17.32x1.73x16.14

Power Supply 100-240V AC, 50/60 Hz

Max Watts Power Consumption 87W 168W 312W 482W

Operating Temperature 0-50°C/32-122°F

Humidity (non-condensing) 10 - 90%

Table of Contents

Page 98

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

41 - AN-310-SW-POE Hardware Speciﬁcations

AN-310-SW-8-POE AN-310-SW-16-POE AN-310-SW-24-POE

Ethernet Ports

10/100/1000BaseT RJ-45 PoE Ports 8 16 24

1000BaseT SFP Ports 2 2 2

Hardware Performance

Flash Memory 16MB 16MB 16MB

SDRAM 128MB 128MB 128MB

Packet Buer 524KB 524KB 524KB

MAC Address Table Size 8K 8K 8K

Switching Capacity 20Gbps 36Gbps 52Gbps

Forwarding Rate 14.8Mpps 26.8Mpps 38.7Mpps

PoE Features (802.3af/at Compliant)

Max Power Output per Port 30W 30W 30W

Total PoE Power Budget 130W 250W 375W

Enable/Disable per port Yes

Priority Setting per port Yes

Overloading Protection per port Yes

Power level setting per port Yes

Environmental

Dimensions (W x H x D inches) 12.99x1.73x9.05 17.32x1.73x10.23 17.32x1.73x16.14

Power Supply 100-240V AC, 50/60 Hz

Max Watts Power Consumption 167W 307W 456W

Operating Temperature 0-50°C/32-122°F

Humidity (non-condensing) 10 - 90%

Table of Contents

Page 99

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

42 - General Speciﬁcations (All 210/310 Models)

Feature

AN-210-SW AN-310-SW

Supported?

Layer 2 Features

HOL Blocking Head-of-line blocking Yes Yes

Flow Control 802.3x, Back Pressure Ye s Yes

Forwarding Mode Store-and-forward Yes Yes

Energy Ecient Ethernet IEEE 802.3az Ye s Yes

Spanning Tree

802.1D (STP) Yes Yes

802.1w (RSTP) Yes Yes

802.1s (MSTP) Yes Yes

VLAN

802.1Q Yes Yes

Port-based VLANs (Max groups: 4094) Ye s Ye s

Private VLANs No Yes

QinQ No No

Protocol-based VLAN No No

Voice VLAN Yes Yes

Link Aggregation

Static, 802.3ad LACP Yes Yes

Max ports per group 8 8

Max Group 8 8

Multicast Snooping

IGMP Snooping v1/v2/v3; MLD Snooping v1/v2 Yes Yes

IGMP Querier Yes Yes

IGMP Immediate Leave Yes Yes

Storm Control Broadcast/Unknown Multicast/Unknown Unicast Yes Yes

Jumbo Frame Support 9k 9k

QoS Features

Priority queues per port 8 8

Rate Limiting

Ingress 1Kbps/1pps 1Kbps/1pps

Egress 1Kbps/1pps 1Kbps/1pps

DiServ (RFC2474) Yes Yes

Scheduling

WRR Yes Yes

Strict Yes Yes

Hybrid No No

CoS

802.1p Yes Yes

IP ToS Precedence Yes Yes

Table of Contents

IP DSCP Yes Yes

Page 100

Araknis Networks AN-210/310-SW-F/R Manual

Product Manual

General Speciﬁcations, Continued

Feature

AN-210-SW AN-310-SW

Supported?

Security

MAC-based Port Security Yes Yes

802.1x Yes Yes

ACL

L2 No Yes

L3 No Yes

L4 No Ye s

IP Source Guard No No

RADIUS Ye s Yes

TACACS+ No No

HTTPS and SSL Yes Yes

SSH v2.0 Ye s Yes

MAC Filter Yes Yes

IP Filter No No

Management

Management CLI, Web, Telnet Yes Yes

Dual FW Images Yes Yes

FW Upgrade

TFTP upgrade Ye s Ye s

HTTP upgrade Yes Yes

Management Access Filtering SNMP/Web/Telnet Yes Yes

SNMP v1, v2c, v3 Yes Yes

SNTP Ye s Yes

RMON (1,2,3 and 9 groups) Ye s Yes

DHCP

Server No No

Client Yes Yes

Relay No No

Option82 No No

Snooping No No

Event log Local ﬂash, remote server Yes Yes

sFlow No No

Port Mirroring One to One, Many to One Yes Yes

Remote Ping Yes Yes

LLDP (IEEE802.1ab) Yes Yes

UPnP Ye s Yes

Table of Contents