Atop EH7506, EH7508, EH7520, EHG7504, EH7512 User Manual

...

Download

Industrial Managed Ethernet Switch

User’s Manual

Series covered by this manual: EH7506, EH7508, EH7512, EH7520 EHG7504, EHG7506, EHG7508, EHG7512

Version 1.0

May 2015

TEL: +886-3-5508137 FAX: +886-3-5508131

http://www.atop.com.tw

Important Announcement

The information contained in this document is the property of Atop Technologies, Inc. and is

supplied for the sole purpose of operation and maintenance of Atop Technologies, Inc

products. No part of this publication is to be used for any other purposes, and it is not to be

reproduced, copied, disclosed, transmitted, stored in a retrieval system, or translated into

any human or computer language, in any form, by any means, in whole or in part, without

the prior explicit written consent of Atop Technologies, Inc.

Published by

Atop Technologies, Inc.

2F, No. 146, Sec. 1, Tung-Hsing Rd. Jubei, Hsinchu 30261 Taiwan, R.O.C. Tel: 886-3-5508137 Fax: 886-3-5508131

www.atop.com.tw

All other product names referenced herein are registered trademarks of their respective

companies.

iii

Table of Contents

1 Introduction .............................................................................................. 2

1.1 What is a Managed Industrial Switch ..................................................................... 2

1.2 Software Features .................................................................................................... 2

2 Configuring with a Web Browser ........................................................... 4

2.1 Web-based Management Basics ............................................................................ 4

2.1.1 Default Settings ................................................................................................ 4

2.1.2 Login Process and Main Window Interface ..................................................... 5

2.2 Basic Information ..................................................................................................... 6

2.2.1 Sys Info ............................................................................................................ 6

2.2.2 Info SettingS ..................................................................................................... 7

2.2.3 Console ............................................................................................................ 7

2.2.4 Protocol Status ................................................................................................. 8

2.2.5 Power Status .................................................................................................... 8

2.3 Administration .......................................................................................................... 9

2.3.1 Password ......................................................................................................... 9

2.3.2 IP Setting ........................................................................................................ 11

2.3.3 IPv6 Setting .................................................................................................... 12

2.3.4 Ping ................................................................................................................ 12

2.3.5 Ping6 .............................................................................................................. 13

2.3.6 Mirror Port ...................................................................................................... 14

2.3.7 System Time and SNTP ................................................................................ 15

2.3.8 Modbus Setting .............................................................................................. 16

2.3.9 PTP ................................................................................................................ 22

2.3.10 SSH ................................................................................................................ 23

2.4 QoS .......................................................................................................................... 25

2.4.1 QoS Setting .................................................................................................... 25

2.4.2 CoS Queue Mapping ..................................................................................... 28

2.4.3 DSCP Mapping .............................................................................................. 28

2.5 Port .......................................................................................................................... 30

2.5.1 Port Setting .................................................................................................... 30

2.5.2 Port Status ..................................................................................................... 32

2.5.3 Mini-GBIC Port Status .................................................................................... 32

2.5.4 Port Statistics ................................................................................................. 33

2.6 Power Over Ethernet .............................................................................................. 34

2.6.1 PoE Setting .................................................................................................... 34

2.6.2 PoE Status ..................................................................................................... 35

2.6.3 PoE Alarm Setting .......................................................................................... 35

2.7 Trunking .................................................................................................................. 37

2.7.1 Trunking Setting ............................................................................................. 38

2.7.2 LACP Status................................................................................................... 39

2.8 Unicast/Multicast MAC .......................................................................................... 41

2.8.1 Add Static MAC .............................................................................................. 42

2.8.2 MAC Filter ...................................................................................................... 42

2.8.3 MAC Age ........................................................................................................ 43

2.8.4 MAC Address Table ....................................................................................... 43

2.9 GARP/GVRP/GMRP ................................................................................................ 45

2.9.1 Multicast Group Table .................................................................................... 45

2.9.2 GARP Setting ................................................................................................. 46

2.9.1 GVRP Settings ............................................................................................... 47

2.9.2 GMRP Settings .............................................................................................. 49

2.10 IGMP/IP Multicast ................................................................................................... 50

2.10.1 IGMP Setting .................................................................................................. 50

2.10.2 IGMP Statistics .............................................................................................. 52

2.10.3 IGMP/IP Multicast Table ................................................................................ 53

2.10.4 Static IP Multicast .......................................................................................... 54

2.11 SNMP ....................................................................................................................... 56

2.11.1 SNMP ............................................................................................................. 56

2.11.2 Community Strings ......................................................................................... 57

2.11.3 Trap Receivers ............................................................................................... 57

2.11.4 SNMPv3 Users .............................................................................................. 58

2.12 Spanning Tree ......................................................................................................... 59

2.12.1 Spanning Tree Setting ................................................................................... 59

2.12.2 RSTP Main Setting ........................................................................................ 60

2.12.3 RSTP Bridge information ............................................................................... 61

2.12.4 RSTP Port Status ........................................................................................... 62

2.13 VLAN ........................................................................................................................ 63

2.13.1 VLAN Mode .................................................................................................... 63

2.13.2 802.1Q VLAN Table ....................................................................................... 65

2.13.3 802.1Q VLAN Setting ..................................................................................... 66

2.13.4 802.1Q VLAN PVID Setting ........................................................................... 67

2.13.5 Example of using 802.1Q VLAN .................................................................... 68

2.13.6 Port based VLAN Setting ............................................................................... 69

2.14 Security ................................................................................................................... 71

2.14.1 Background on 802.1X ..................................................................................... 71

2.14.2 Port Security Setting ...................................................................................... 72

2.14.3 Port Security Add Static MAC ........................................................................ 72

2.14.4 802.1x and Radius setting ............................................................................. 74

2.14.5 802.1.x Parameters Setting ........................................................................... 75

2.14.6 802.1x Port Setting ........................................................................................ 76

2.15 ERPS/Ring ............................................................................................................... 77

2.15.1 DIP Switch...................................................................................................... 77

2.15.2 ERPS/Ring ..................................................................................................... 77

UERPS Settings (optional) ......................................................................................... 82

2.15.3 iA-Ring Setting ............................................................................................... 83

2.15.4 Compatible-Ring Setting ................................................................................ 86

2.15.5 U-Ring ............................................................................................................ 87

2.16 LLDP ........................................................................................................................ 90

2.16.1 LLDP Setting .................................................................................................. 90

2.16.2 Neighbors ....................................................................................................... 91

2.17 System ..................................................................................................................... 93

2.17.1 Syslog ............................................................................................................ 93

2.17.2 Event Log ....................................................................................................... 94

2.17.3 Warning .......................................................................................................... 95

2.17.4 Warning Event Selection ................................................................................ 95

2.17.5 Alert Warning Events ..................................................................................... 97

2.17.6 SMTP Settings ............................................................................................... 98

2.17.7 Backup/Restore ............................................................................................. 99

2.17.8 Firmware Upgrade ....................................................................................... 101

2.17.9 TFTP ............................................................................................................ 101

2.17.10 Factory Default ............................................................................................. 103

2.17.11 Reboot .......................................................................................................... 103

3 Configuring with a Serial Console ................................ ..................... 105

3.1 Serial Console Setup ........................................................................................... 105

3.2 Command Line Interface Introduction ............................................................... 107

3.3 General Commands ............................................................................................. 108

3.4 Command Example .............................................................................................. 109

3.4.1 Administration Setup using Serial Console .................................................. 109

3.4.2 Spanning Tree Setup using Serial Console ................................................. 110

4 Configuring with a Telnet Console ..................................................... 112

4.1 Telnet ...................................................................................................................... 112

4.2 Telnet Log-in .......................................................................................................... 112

4.3 Command line interface for Telnet ...................................................................... 113

4.4 Commands in the privileged mode ..................................................................... 113

4.5 Commands in the configuration mode ............................................................... 114

Appendix A: Glossary .............................................................................. 116

Appendix B: Modbus Memory Map ......................................................... 118

Preface

This manual contains some advanced network management knowledge, instructions, examples,

guidelines, and general theories. The contents are designed to help users manage the switch and

use its software, a background in general theory is a must when reading it. Please refer to the

Glossary for technical terms and abbreviations.

Who Should Use This User Manual

This manual is to be used by qualified network personnel or support technicians who are familiar with

network operations, and might be useful for system programmers or network planners as well. This

manual also provides helpful and handy information for first time users. For any related problems,

please contact your local distributor. If they are unable to assist you, please redirect your inquiries to

www.atop.com.tw..

Warranty Period

Atop technology provides a limited 5-year warranty for managed Ethernet switches.

1 Introduction

1.1 What is a Managed Industrial Switch

Atop’s EH (Ethernet Switching Hub), EHG (Ethernet Switching Hub Full Gigabit) are product lines of

powerful managed industrial switch which are referred to as OSI Layer 2* bridging devices. Unlike an

“unmanaged” switch, which is normally found in homes or in SOHO environments and runs in “auto -

negotiation” mode, each port on a “managed switch” can be configured for its link bandwidth, priority,

security, and duplex settings. The managed switches can be managed by SNMP software, web

browsers, Telnet, or serial console. Since every single port can be configured to specific settings,

network administrators can better control the network and maximize network functionality.

Atop’s managed switch is an industrial switch (as opposed to a commercial switch); a commercial

switch simply works in a comfortable office environment. However, an industrial switch is designed to

perform in harsh industrial environments, i.e., extreme temperature, high humidity, dusty air, potential

high impact or the presence of potentially high static charges. Atop’s managed switch works fine even

in these environments.

The managed switch is designed to provide faster, secure, and more stable network. One advantage

that makes it a powerful switch is that it supports technologies such as ERPS, iA-Ring, RSTP, MSTP, and MRP. These technologies provide better network reliability and decrease recovery time down to

less than 20 ms.

The managed switch supports a wide range of IEEE standard protocols. This switch is excellent for keeping systems running smoothly, reliable for preventing system damage or losses, and friendly to all levels of users. The goal of this innovative product is to bring users a brand new networkmanagement experience.

*Note:

Throughout the manual, the symbol * indicates that more detailed information of the subject will be provided at the end of this book.

1.2 Software Features

 Three User Friendly Interfaces

- Web browser

- Telnet Console

- Serial Console

 DHCP Server/Relay/Client with Option 66/67/68  NTP Server/Client  SNTP  IEEE 1588 PTP V2 and Transparent Clock  Port Mirror  QoS Traffic Regulation  LACP  MAC Filter  GARP/GMRP/GVRP  IGMP  SNMP v1/v2/v3 (with MD5 Authentication and DES encryption)  SNMP Inform  STP/RSTP/MSTP/MRP  VLAN  IEEE 802.1x / EAP / RADIUS / TACACS+  Ring

- ERPS

- iA-Ring

- Compatible-Ring

- U-Ring

 LLDP  Profinet  Alarm System (with E-mail Notification or Relay Output)  Modbus/TCP  Ethernet/IP

2 Configuring with a Web Browser

Chapter 2 explains how to access the managed switch for the first time. There are three ways to

configure this Ethernet Switch:

1. Web browser

2. Telnet console

3. Serial console

The web browser and telnet console methods allow users to access the switch over the Internet or

the Ethernet LAN, while the serial console method requires a serial cable connection between the

console and the switch. There are only a few differences among these three methods. Users are

recommended to use the web browser method to configure the system because of its user-friendly interface.

2.1 Web-based Management Basics

Users can access the managed switch easily using their web browsers (Internet Explorer 8 or 11,

Firefox 37, Chrome 42 or later versions recommended). We will proceed to use a web browser to

introduce the managed switch’s functions.

2.1.1 Default Settings

Below is a list of default factory settings. This information will be used during the login process. Make

sure the computer accessing the switch has an IP address in the same subnet and the subnet mask

is the same.

IP Address: 10.0.50.1 Subnet Mask: 255.255.0.0 Default Gateway: 10.0.0.254 User Name: NULL (leave it blank) Password: NULL (leave it blank)

2.1.2 Login Process and Main Window Interface

Before users access the configuration, they have to log in; this can be done in two simple steps.

1. Launch a web browser.

2. Type in the switch IP address (e.g. http://10.0.50.1), (as shown in Figure 2.1).

*When the user name and password is left empty, the login prompt will not show.

Figure 2.1 IP address for Web-based setting

After the login process, the main interface will show up, which should look as Figure 2.2. The main

menu (left side of the screen) provides the links at the top level of the menu hierarchy and allows

them to be expanded to display lower level links. Note that in this case the Port 1 and 3 is highlighted

in green; indicating that the port is being connected. Detailed explanations of each sub-section will be addressed later as the need arises.

Figure 2.2 Default web interface

2.2 Basic Information

To help users become familiar with the device, the Basic section provides important details of the

switch. This is also the main welcome screen once the user has logged in. The details make it easier

to identify different devices connected to the network. They are divided into five sections.

Figure 2.3 Basic information dropdown menu

2.2.1 Sys Info

An introduction to the equipment is done in this section, Figure 2.4.

Figure 2.4 Basic information page

Table 2.1 Basic information descriptions

Label

Description

Model name

The device’s complete model name

Description

The model type of the device.

MAC address

MAC address of the device

Application Version

Current Application version of the device.

Kernel Version

Current Kernel Version of the device.

Memory

Shows current RAM’s availability and the size of cached and shared memory.

2.2.2 Info SettingS

Users can enter system’s details here; this information can help identify one specific switch among all

the devices in the network that supports SNMP, (Figure 2.5).

Figure 2.5 System settings page

Table 2.2 System settings descriptions

Label

Description

Factory Default

System Name

Specifies a particular role or application of different switches. The name entered here will also be shown

in Switch View and Device View applications. Max. 63 Characters.

(Model name)

System

Description

Detailed description of the unit. Max. 63 Characters.

Managed Switch

+ (Model name)

System

Location

Locations of the switch. Max. 63 Characters.

Switch Location

System Contact

Provides contact information for maintenance. Enter the name of whom to contact in case a problem

occurs. Max. 63 Characters.

www.atop.com.tw

2.2.3 Console

In this chapter, we use a web browser for configuring the switch. However, there is a specific section

for the serial console method. The Console option is only for serial console parameter configuration

information. It indicates the connection parameters related to the method.

Figure 2.6 Console setting page

2.2.4 Protocol Status

Protocol Status page reports an overall the status of each protocol, while users can view status all at

once here, detailed explanations of each protocol and methods will be provided in later sections,

Figure 2.7 shows the web interface for Protocol Status page.

Figure 2.7 Protocol status page

2.2.5 Power Status

Atop’s Managed Switch features dual VDC power. Figure 2.8 shows the status of each power input. A

“Fault” status means that the power is either not connected or the power the not supplied normally.

Figure 2.8 Power status page

2.3 Administration

Here users will be able to configure Password, IP Settings, Ping, Mirror Port, System Time,

Modbus, PTP and SSH settings.

Figure 2.9 Administration dropdown menu

2.3.1 Password

Although no password is set for the device when it is manufactured, users can set a password to

assure overall system security, see Figure 2.10. The local authentication introduced here and remote

authentication in later sections will apply to web management UI, SSH, and CLI.

Figure 2.10 Password setting page

Table 2.3 Password setting descriptions

Label

Description

Factory Default

Manager’s User name

User’s Name. Max. 15 characters.

NULL

Manager’s Password

Password to log-in Max. 15 characters.

NULL

Confirmed Password

Re-type the password. This has to be

exactly the same as the password entered

in the above field. Max.15 characters.

NULL

In addition to the local authentication, the switch can be configured to request for authentication

through a centralized RADIUS or TACACS+ server when the local authentication fails. For the

RADIUS and TACACS+ comparison, please refer to Table 2.5, you can choose the solution that best

meets your needs.

Table 2.4 Authentication server settings

Label

Description

Factory Default

Authentication Server

Enable / disable authentication through a

remote authentication server

Disabled

Server Type

Choose Authentication Server type, RADIUS or TACACS+. See notes below for

a detailed explanation.

RADIUS

Server IP/Name

IP address of the authentication server

NULL

Server Port

Communication port of the authentication

server

1812

Shared Key

The key used to authenticate with the

server. Max 15 characters.

12345678

Confirmed Shared Key

Re-type the shared key. Max 15 characters.

NULL

Authentication Type

Authentication mechanism. For RADIUS: MD5. For TACACS+: ASCII, PAP, CHAP,

MSCHAP.

RADIUS is MD5

TACACS+ is ASCII

Server Timeout (1~255

sec)

The time out period waiting for a response from the authentication server. This will affect the time that the next login prompt

shows up in case the server is not available.

*NOTE: RADIUS (Remote Authentication Dial In User Service):

RADIUS is an access server that uses AAA protocol. It is a system of distributed security that

secures remote access to networks and network services against unauthorized access. The RADIUS

specification is described in RFC 2865, which obsoletes RFC 2138.

TACACS+ (Terminal Access Controller Access-Control System Plus):

TACACS+ is a security application that provides centralized validation of users attempting to

gain access to a router or network access server, the TACACS+ specification is described in Cisco's

TACACS+ RFC draft.

Table 2.5 Authentication server settings

RADIUS

TACACS+

Transport

Protocol

UDP

TCP

Authentication

and Authorization

Separates AAA

Combines authentication and

authorization

Multiprotocol

Support

Yes, support ARA and NetBIOS

protocol

Confidentiality

Only password encrypted

Entire packet encrypted

2.3.2 IP Setting

In this section, users may modify IP address functions to reconfigure the switch’s network settings.

Users can choose to enable DHCP (Dynamic Host Configuration Protocol) here. This function is to

obtain an IP address automatically from a DHCP Server. It provides automatic configuration and

eliminates the need for administrator intervention. Users can also opt to set up the IP address and

related fields manually. After each update, a system reboot will be required before the new settings

are effective, see Figure 2.11.

Figure 2.11 IP address setting page

Table 2.6 IP setting descriptions

Label

Description

Factory Default

Enable DHCP Client

By checking this box, an IP address will be automatically assigned. Otherwise users

can set up the IP address manually.

Uncheck

Static IP address

Displays current IP address. Users can also

set a new static IP address for the device.

10.0.50.1

Subnet Mask

Displays current Subnet Mask or set a new

subnet mask.

255.255.0.0

Gateway

Shows current Gateway or set a new one.

10.0.0.254

Primary DNS

Sets the primary DNS IP address to be used

by your network.

NULL

Secondary DNS

Sets the secondary DNS IP address. The Ethernet switch will locate the secondary DNS server if the Primary DNS Server fails

to connect.

NULL

2.3.3 IPv6 Setting

Figure 2.12 IPv6 setting page

2.3.4 Ping

Ping is a command to test the network connectivity between the destination device and the managed

switch.

Figure 2.13 Ping page

Figure 2.14 Example of ping command

Users can assign an IP address or a domain name to verify network connectivity (see Figure 2.14 for

an example). After entering the IP address/name, please click “Ping” button to start the ping function.

Examples of ping results are shown in Figure 2.15 and Figure 2.16.

Figure 2.15 Example of successful ping command result

Users will have the following result for a failed ping.

Figure 2.16 Example of unsuccessful ping command result

*Note:

If users assign a domain name instead of an IP address, they should assign a DNS first. This can be

done through Administration > IP Settings as shown in Section 2.3.2.

2.3.5 Ping6

Ping6 is a command to test the network connectivity between the destination device and the

managed switch.

Figure 2.17 Ping6 page

Users can assign an IPv6 address to verify network connectivity (Figure 2.17). After entering the IP

address, please click “Ping6” button to start the ping function. Examples of ping results are shown in

Figure 2.18.

Figure 2.18 Example of successful ping6 result

2.3.6 Mirror Port

In order to help the network administrator keeps track of network activities, the managed switch

supports port mirroring, which allows incoming and/or outgoing traffic to be monitored by a single port

that is defined as a mirror port, (Figure 2.19).

Figure 2.19 Mirror port page

Table 2.7 Port mirroring descriptions

Label

Description

Factory Default

Monitored direction

Select the monitoring direction.

- Disable: to disable port monitoring.

- Input data stream: to monitor input data

stream of monitored ports only.

Disabled

- Output data stream: to monitor output data stream of monitored ports only.

- Input/Output data stream: to monitor

both input and output data stream of

monitored ports.

Monitored Port

Select the ports that will be monitored.

Unchecked all

Mirror port

Select the mirror port that will be used to

monitor the activity of the monitored ports.

Port1

2.3.7 System Time and SNTP

This option (see Figure 2.20) configures time and date and also supports Daylight Saving Time and

SNTP (See notes below for explanation).

Figure 2.20 System time and SNTP page

Table 2.8 System time descriptions

Label

Description

Factory Default

Current Date

Allows local date configuration in yyyy/mm/dd format

None

Current Time

Allows local time configuration in local 24-hour format.

None

Time Zone

User’s current local time.

(GMT+08:00)Beijing,

Chongqing, Hong Kong

System

Startup Time

Indicates how long the switch has been working.

Depend

Daylight

Saving Time

Enable or disable Daylight Saving Time function

Unchecked

Start Date

Defines the start date of daylight saving.

NULL

End Date

Defines the end date of daylight saving.

NULL

Offset

Decides how many hours to be shifted forward/backward when daylight saving time begins

and ends. See note below.

Enable SNTP

Enables SNTP function. See note below.

Unchecked

NTP Server 1

Sets the first IP or Domain address of NTP Server.

time.nist.gov

NTP Server 2

Sets the second IP or Domain address of NTP Server. Switch will locate the 2nd NTP Server if the

1st NTP Server fails to connect.

time-A.timefreq

.bldrdoc.gov

Time Server

This parameter determines how frequently the time is

259,200 seconds.

Query Period

updated from the NTP server.

Note:

- Daylight Saving Time: In certain regions (e.g. US), local time is adjusted during the summer

season in order to provide an extra hour of daylight in the afternoon, and the time shifted forward (or

backward) is usually an hour.

- SNTP: Simple Network Time Protocol. It is used to synchronize the computer systems’ clocks with a standard NTP server. Two of the NTP server examples would be time.nist.gov and time-A.timefreq

.bldrdoc.gov.

2.3.8 Modbus Setting

Modbus TCP/IP is an industrial protocol that can be used to read and write the switch’s status and

settings via Modbus, which is similar to MIB browser. The slave address below can to be configured

to match the settings inside the Modbus Master. A Modbus memory mapping table is provided in

Appendix B: Modbus Memory Map.

Figure 2.21 Modbus address page

Figure 2.21 shows where users can set up the Modbus ID address; in addition, users can use

Modbus TCP/IP compatible applications such as Modbus Poll to configure the switch. A tutorial of

Modbus read and write is illustrated below:

Note: The switch only supports Modbus function code 03, 04 (for Read) and 06 (for Write).

Read Registers (This sample is to the switch’s IP Address)

Figure 2.22 Modbus address mapping table

1. Make sure the supervising computer (Modbus Master) is connected to your target switch (Modbus Slave).

2. Launch Modbus Poll in the supervising computer.

3. Click connect button on the top toolbar to enter Connection Setup.

Figure 2.23 Modbus Poll entries Connection Setup

4. Select Modbus TCP/IP as the connection mode and enter the switch’s IP address inside the

Remote Server IP Address field. The Port number is 502.

Figure 2.24 Modbus Poll Connection Setup

5. Modbus Poll Slave ID should match Figure 2.21.

Figure 2.25 Modbus Poll’s Slave ID is 1

6. Select Function 03 or 04 (the switch support function code 03 and 04).

Figure 2.26 Modbus Poll Function Setting

7. Set Display mode to HEX.

Figure 2.27 Modbus Poll Display mode

8. Set start Address to 82 and Quantity to 2.

Figure 2.28 Setup Modbus Poll start address

9. Click OK.

Figure 2.29 the address 81 and 82 are EH7520’s IP Address

10. Modbus Poll will get the values 0x0A, 0x00, 0x32, 0x01, which means that the switch’s IP is

10.0.50.1.

Write Registers (This sample clears the switches Port Count)

Figure 2.30 Modbus address mapping table

1. Check the switch’s Port TX/RX count.

Figure 2.31 Port Count

2. Click function 06 on the toolbar.

Figure 2.32 Modbus Poll Function 06

3. Set Address to 256 and Value to 1 then click “Send” button.

Figure 2.33 Use Modbus Poll to clear switch’s Port Count

4. Check Port Count in the switch’s Web UI, the packet count is now cleared.

Figure 2.34 Port Statistics

2.3.9 PTP

The Precision Time Protocol (PTP) is a high-precision time protocol. It is for precise synchronization

of clocks on a local area network by measurement and control systems. Figure 2.35 shows where to

configure PTP and to see PTP status. The lower part of Figure 2.35 allows the user to enable or

disable the PTP function per port and see their current status.

Figure 2.35 PTP setting page

Table 2.9 PTP setting descriptions

Label

Description

Factory Default

State

Enabled/Disable the PTP function. This is the master option that needs to be enabled in order for the per port PTP function to work in Table 2.9.

Unchecked

Version

Set the PTP operation version, v1 and v2 are supported.

Clock Mode

PTP (Precision Time Protocol) clock type selection. The

switch has four modes: End-End Boundary Clock, EndEnd Transparent Clock, Peer-Peer Boundary Clock, and Peer-Peer Transparent Clock.

End-to-End

Transport

Ethernet (layer 2) multicast transport or layer 3 (UDP/IP) multicast transports for PTP (Precision Time Protocol)

messages’ selection.

IPV4

Sync Interval

Set the interval of the sync packet transmitted time

Clock

Stratum

To set the Clock Stratum. The lower values take precedence to be selected as the master clock in the

best master clock algorithm.

Clock Class

Clock’s accuracy level, it’s an attribute of an ordinary or boundary clock; denotes time traceability or frequency distributed by the grandmaster clock. Please refer to

IEEE 1588-2008, Table 5 for definitions, allowed values, and interpretation.

248

priority 1

To set the clock priority 1 (PTP version 2). The lower values take precedence to be selected as the master clock in the best master clock algorithm, 0 = highest

priority, 255 = lowest priority.

128

priority 2

To set the clock priority 2 (PTP version 2). The lower values take precedence to be selected as the master clock in the best master clock algorithm, 0 = highest

priority, 255 = lowest priority.

128

UTC Offset

UTC offset value

Offset To

Master

The offset time to the master clock

None

Grandmaster

UUID

The grand master UUID for PTP version 1

None

Parent UUID

The parent master UUID for PTP version 1

None

Clock

Identifier

The clock identifier for PTP version 1

None

Table 2.10 PTP port setting descriptions

Label

Description

Factory Default

Port

Port number

Enabled

The port mode information, it indicates the per port PTP function is enabled or disabled.

Enabled

Status

PTP port operation status. If the per port function is enabled, but the status is still disabled, enable PTP

master option in Table 2.9.

Disabled

Mode

Enabled/Disabled PTP per port function

Disabled

2.3.10 SSH

SSH was designed to replace Telnet and other insecure remote shell protocols that sends

data/command in plaintext. SSH uses encryption to secure the data/command over an unsecure

network.

In the beginning, Server will send a public key to Client and Client will compare if the public key is

correct or not. If it’s not correct, Server will refuse the connection. In this moment, please click

“Generate” button to change and regenerate the Server Key then obtain another public key from

Server. (Figure 2.36)

Figure 2.36 SSH setting page

Note:

1. The managed switch supports SSH1 and SSH2.

2. The managed switch will re-generate server key when it resets to factory default or a key is

non-existent.

SSH1 and SSH2 share the following features:

1. Client programs that perform remote logins, remote command execution, and secure file copying across a network.

2. Several selectable encryption algorithms and authentication mechanisms.

3. An SSH agent to cache keys for easy access.

SSH2 added a number of new features to provide a stronger, more comprehensive product. These

features include:

1. Encryption ciphers, such as 3DES and AES.

2. The use of sound cryptographic Message Authentication Code (MAC) algorithms for integrity checking.

3. Support for public key certificates.

2.4 QoS

The main objective of Quality of Service is to transfer certain data packets either particularly safe or

as quickly as possible. With this managed switch, users are able to prioritize traffic on the network to

ensure that high priority data can be transmitted as soon as possible.

Figure 2.37 QoS dropdown menu

2.4.1 QoS Setting

Network traffic is controlled by a set of rules. These rules help classify different types of traffic and define how each of them should be treated as they’re being transmitted. This managed switch can

also inspect both 802.1p CoS tags and DiffServ tags to provide consistent classification.

Table 2.11

Label

Description

Factory Default

Storm Filter

Enable or Disable the storm filter. When the storm filter is tuned on, the ingress traffic costumed by the storm packets can be constrained to Mode 1 (5Mbps), Mode 2 (10Mbps), Mode 3 (15Mbps), Mode 4 (20Mbps), and Mode 5 (25Mbps). Additional ingress storm traffic will be

dropped after the limit has reached.

Off

The type of storm packets that can be controlled are DLF, Multicast, and Broadcast. See notes below for a

detailed description and comparison.

DLF, Multicast,

and Broadcast are

all enabled

QoS Mode

DWRR&Strict or Strict.

See notes below for a detailed description and

comparison.

DWRR&Strict

Qos Type

802.1p CoS only: Switch only checks L2 802.1p CoS

Both 802.1p CoS

priority bits.

Both 802.1p CoS and DiffServ: Switch checks both

types. See notes below for a detailed description.

and DiffServ

Type of Storm Packets:

- DLF: Destination Lookup Failure. The switch will always look for a destination MAC address in

its MAC Table first. In case that a MAC address cannot be found in the Table, which means DLF

occurs, the switch will forward the packets to all ports that are in the same LAN.

- Multicast: This type of transmission sends messages from one host to multiple hosts. Only those hosts that belong to a specific multicast group will receive it. Network devices that support multicast send only one copy of the information across the network until the delivery path that reaches group members diverges. At these diverging points, multicast packets will be copied and forwarded; this method can manage high volumes of traffic with different destinations while using network bandwidth efficiently.

- Broadcast: Messages are sent to all devices in the network.

QoS Mode:

- DWRR: Deficit Weighted Round Robin. DWRR is the evolved version of WRR and should

provide a fairer priority queue than WRR since it takes the size of the packet into consideration

and add credits to the unprocessed queue for higher priority on the next round. This method

make sure all the traffic queues are serviced, but higher priority queues still retain their

advantage; this mode guarantees that in the event that high-priority traffic exceeds the link capacity, lower priority traffic will still proceed and not be blocked.

- Strict is Strict-Priority Scheduling. The QoS scheduler preempts the highest queue as long as

there are packets. When all the packets are exhausted from the highest queue, the QoS

scheduler reverts back to the weighed fair algorithm to process the remaining queues. This

mode guarantees that traffic in the highest queue always flows first.

By default, the QoS work under the DWRR+Strict mode, which means that for the packets has COS

Q4~Q7 follows strict priority and packets that has COS Q0~Q3 follows DWRR priority and has the

weight below.

- COS Q0 = 2 packets (DWRR)

- COS Q1 = 1 packet (DWRR)

- COS Q2 = 4 packets (DWRR)

- COS Q3 = 8 packets (DWRR)

- COS Q4~Q7 work in strict-priority

QoS Type:

- 802.1p CoS: IEEE standard of layer 2 marking scheme. It specifies a priority value between 0

and 7 that can be used by QoS to differentiate traffic. When this option is enabled, the switch

inspects the 802.1p CoS tag in the MAC frame to determine the priority of each frame.

- DiffServ/ToS: DiffServ stands for Differentiated Services. It’s a networking architecture that

specifies a simple but scalable mechanism for classifying network traffic and providing QoS

guarantees on networks. It uses the DiffServ Code Point (DSCP, which is the modern redefinition

of the ToS). DiffServ/ToS function allows users to use up to 64 values to define service levels

and set priority.

Figure 2.38 QoS setting page

2.4.2 CoS Queue Mapping

Figure 2.39 Mapping Table of CoS page

The switch can classify traffic based on a valid 802.1p (CoS – Class of Service) priority tag. These

options allow users to map Priority Code Point (PCP) within an Ethernet frame header to different

COS priority queues, Figure 2.39.

Table 2.12 Priority queue descriptions

Label

Description

Factory Default

PCP

Priority Code Point within the Ethernet

frame header.

PCP 0 -> Q0 PCP 1 -> Q0 PCP 2 -> Q1 PCP 3 -> Q1 PCP 4 -> Q2 PCP 5 -> Q2 PCP 6 -> Q3 PCP 7 -> Q3

CoS Priority

Queue

The priority queue that a specific Ethernet

frame needs to be assigned into.

2.4.3 DSCP Mapping

The switch can be configured the TOS (Type of Service) with the default queue weights as shown in

Figure 2.40. The TOS consists of DSCP (Differentiated Service Code Point (6 bits)) and ECN (Explicit

Congestion Notification (2 bits)). Users can assign TOS values to predefined queue types manually

using DSCP Mapping.

Figure 2.40 Mapping Table of DSCP,ECN page

2.5 Port

This function contains three options, which are

 Port Setting  Port Status  Mini-GBIC Port Status  Port Statistics

Figure 2.41 Port dropdown menu

2.5.1 Port Setting

Port settings are included to allow users to control each port on Port state (enabled or disabled), Port

Negotiation, Port Transmission Speed, Duplex function, Flow Control, and Rate Control as shown in Figure 2.42.

Figure 2.42 Port setting page

Table 2.13 Port setting descriptions

Label

Description

Factory Default

Port

Port number on the switch.

Enable

Check the box to allow data to be transmitted and

received through this port.

All ports are enabled

Mode

Copper / Fiber. When both Copper and Fiber are

listed, it means this is a Combo port.

Depend

Preferred

Select the medium to use when both media are

linked.

Fiber

Negotiation

Choose from Force or Auto. See notes below.

All ports Auto- Negotiation is

enabled.

Speed

Select either 10, 100, 1000Mbps

Highest Speed

Duplex

Select either Half or Full Duplex. See note below.

Full-Duplex

Flow

Control

Either on or off “Flow Control” to avoid packet

loss when congestion occurs.

Off

Rate

Control

Sets limits on its transmission rate for the

incoming and outgoing. Unit: Kbps

0 (Disabled)

*Note:

- Negotiation: “Force” specifies forcing the speed and/or duplex as configured by users. “Auto”

specifies using auto negotiation to determine the actual speed and duplex to use. The Gigabit SFP

Port of the EH Series switch is downward compatible with 125/155Mbps Transceivers, however, the

speed needs to be set to 100 manually. The Gigabit SFP Port of the EHG/EMG Series is not

downward compatible.

- Duplex: “Half duplex” allows one-way communication at a time, while “Full duplex” allows

simultaneous two-way communication.

- Rate Control: Outgoing and incoming values have to be set between 0 and 102,400 (for 100

Mbps) or 1,024,000 (for 1000 Mbps).

- 0 is to turn off rate control.

- The values have to be an integer multiples of 64 when rate is less than 1,792 Kbps. Ex: 64 Kbps, 128 Kbps, 512 Kbps…1,792 Kbps.

- The value has to be an integer multiple of 1,024 when rate is between 1,792 Kbps and

102,400 Kbps (for 100Mbps) or 106,496 Kbps (for 1000M).. Ex: 2,048Kbps, 3,072 Kbps…

102,400Kbps.

- The values have to be an integer multiples of 8,192 when rate is greater than 106,496 Kbps.

2.5.2 Port Status

Figure 2.43 Port status page

All ports status are shown,

 Mode (Copper or Fiber)  Enable (On or Off)  Link (Up or Down)  Negotiation (Auto or Force)  Speed (unit: Mbps)  Duplex (Full or Half)  Flow Control (On or Off)  Rate Control (On or Off)  Security (Either static security or 802.1x port security is turned on or off)

2.5.3 Mini-GBIC Port Status

The SFP is sometimes referred to as a Mini-GBIC (Giga Bitrate Interface Converter), All Mini-GBIC ports status, if supported, are shown,

Figure 2.44 Mini-GBIC port status page

2.5.4 Port Statistics

Figure 2.45 Port Statistics page

- Enable (On or Off): The port is enabled or disabled.

- Link (Up or Down): Actual link status of the port.

- Tx: Total number of packets transmitted.

- Tx Error: The number of outbound packets which were chosen to be discarded even though no

errors have been detected to prevent them from being transmitted.

- Tx Rate (Kbps): Speed of transmission.

- Rx: Total number of packets (not including faulty packets) received.

- Rx Error: Total number of faulty packets (including Oversize, Undersize, FCS, Alignment, Jabbers

and Fragments Errors packets) received.

- Rx Rate (Kbps): Receiving speed.

2.6 Power Over Ethernet

Power over Ethernet (PoE) is an optional function for the managed switches. To find out whether this

function is supported or not, look for the keyword “PoE” in the model name. If the switch has “PoE” in

the model name, it means that the switch is a Power Sourcing Equipment (PSE) that can provide

power output to a Powered Device (PD).

Figure 2.46 Power over Ethernet dropdown menu

2.6.1 PoE Setting

Enable or disable the PoE function in this page.

Figure 2.47 PoE Settings page

2.6.2 PoE Status

This page shows the status of each PoE port. For example, in Figure 2.1, Port8 was enabled and is

supplying power to a Class 2 Powered Device (PD). The PD device is rated at 49V and 33mA. The

total power consumption for this PD is 1.617W.

Figure 2.48 PoE Status page

2.6.3 PoE Alarm Setting

Alarm events can be set up to warm unintended interruption in the PoE function. For a list of alert

events, refer to Table 2.14. The events can be found in the Event Log or notified by Email.

Figure 2.49 PoE Alarm Setting

Table 2.14 PoE Alert Events

Label

Description

Factory Default

PoE Alarm function

Enable to trigger “PD Power On/Off”

event.

Disable

Detect Total Power

function

Enable to trigger an event when the total power consumption of all the PDs is over

the defined value.

Disable

Detect Total Power

Value

Set the trigger value of the detect

function above.

2.7 Trunking

The managed switch supports Link Trunking, which allows one or more links to be added together to

form one single but larger group of links. The advantage of this function is that it gives the users more

flexibility while setting up network connections. The bandwidth of a link can be doubled or tripled. In

addition, if one link is disconnected, the remaining trunked ports can share the traffic within the trunk

group. This function increases the redundancy for higher reliability.

Figure 2.50 Trunking dropdown menu

2.7.1 Trunking Setting

Figure 2.51 Trunking setting page

There are four steps to setup a trunking group: Step 1: Select Trkx from Group ID. Step 2: Choose whether to enable LACP (IEEE standard, Link Aggregation Control Protocol). Step 3: Select the Hash Type. Step 3: Select specific ports to be in this trunk group. Step 4: Select specific ports in this trunk group to be LACP active.

Table 2.15 Trunking setting descriptions

Label

Description

Group ID

Up to 8 trunk groups. Trk1~Trk8. Note that it is not possible to mix Fast Ethernet ports and Gigabit Ethernet ports into the same

trunk group.

LACP

Enable/Disable LACP (Link Aggregation Control Protocol).

Hash Type

The hash result determines which port to use for a specific frame. The available hash options are: Src MAC, Dst MAC,

Src/dst MAC, Src IP, Dst IP, Src/dst IP.

Ports

Specifies the member ports. Hold Control Key to select more

than one port at a time.

LACP Active

Specify which ports within the group should be LACP Active.

Ports not selected would be LACP Passive.

Apply

Click Apply to confirm changes.

Remove

Removes any existing trunk group.

2.7.2 LACP Status

This page shows the switch’s trunking information (Figure 2.52). Users can also specify the system

priority here.

Figure 2.52 LACP page

Table 2.16 LACP setting descriptions

Label

Description

Factory Default

System Priority

Indicates the system priority, in the range of 1 ~ 65535. System priority is used during the negotiation with other systems. System priority and switch’s MAC address is used to form the system ID. Note that a

32768

higher number means a lower priority.

Group ID

Shows which trunk group this port belongs to.

LACP

Disabled: LACP is disabled.

Passive: LACP will only passively respond to LACP

requests.

Active: LACP will be actively searching for LACP

Partner.

LACP Partner

Indicates whether a LACP Partner can be located or

not.

2.8 Unicast/Multicast MAC

Multicast filtering improves the performance of networks that carry multicast traffic. This section will

explain what Multicast and Unicast are as well as their benefits (see Figure 2.53).

- Unicast: This type of transmission sends messages to a single network destination identified by a unique MAC address. This method is simple with one source and one destination.

- Multicast: This type of transmission is more complicated. It sends messages from one source to multiple destinations. Only those hosts that belong to a specific multicast group will receive the multicast packets. In addition, networks that support multicast send only one copy of the information across the network until the delivery path that reaches group members diverges. At these diverging points, multicast packets will be copied and forwarded. This method can manage high volume traffic with different destinations while using network bandwidth efficiently.

Figure 2.53 Unicast vs. Multicast

Figure 2.54 Unicast/Multicast dropdown menu

Unicast

Multicast

2.8.1 Add Static MAC

Figure 2.55 Add static MAC page

The managed switch supports adding static MAC address manually (Figure 2.55). The steps are as

follows, Step 1: Enter MAC Address. Step 2: Specify VLAN ID. Step 3: Select the ports to apply this static MAC address. Use Ctrl-key to add more than one port.

Table 2.17 Add static MAC descriptions

Label

Description

MAC address

Enter MAC address manually.

VLAN

Specify VLAN ID that this static MAC belong to.

Type

Multicast or Unicast MAC address.

Port(s)

Define which ports to apply this static MAC address.

Add

Confirm and add the MAC address.

Remove

Remove existing MAC address.

2.8.2 MAC Filter

This function allows users to set MAC filter manually, see Figure 2.56.

Figure 2.56 MAC Filter setting page

Table 2.18 MAC filter descriptions

Label

Description

MAC address

Enter MAC address manually.

Remove

Remove this entry in MAC filter table.

Add

Add the MAC addresses to the MAC filter table

2.8.3 MAC Age

This function allows users to set MAC address age-out manually, see Figure 2.57. Users can specify the age-out period between 100 and 765 seconds (the default value is 300). In the switch, a MAC

address table is stored in the memory to map a MAC address and a port number to forward frames.

The aging time is the time to keep MAC addresses in the MAC address table. A shorter aging time will

allow the switch to free up the MAC Address in the table to learn new MAC addresses. In result, the

switch will be able to forward the frames to a specific port instead of forwarding to all the ports to

prevent frame flooding.

Figure 2.57 MAC Age page

2.8.4 MAC Address Table

Figure 2.58 MAC address table page

Information of current Unicast and Multicast MAC addresses is displayed, as shown in Figure 2.58.

Unicast MAC address would be shown first, followed by Multicast MAC address.

Table 2.19 MAC address table descriptions

Label

Description

Unicast/Multicast MAC

Displays MAC address.

VLAN

Displays VLAN ID.

Type

Displays whether the MAC address is dynamic or static.

Ports

Displays which port this MAC belongs to.

Clear Dynamic Entries

Clears all Dynamic MAC addresses.

Continue to the Next Page when there are more MACs available.

2.9 GARP/GVRP/GMRP

This page includes three options, GARP, GVRP, and GMRP settings.

GARP: Generic Attribute Registration Protocol, also known as Multiple Registration Protocol (MRP).

It operates at the data link layer of OSI model, and it defines an architecture, rules of operation, state

machines and variables for the registration and removing of attribute values. GVRP: GARP VLAN

Registration Protocol. GVRP provides a method to share VLAN information dynamically and configure

the needed VLANs. GVRP is similar to GARP, and the only difference is that GVRP works with VLAN.

GMRP: GARP Multicast Registration Protocol is similar to IGMP. The difference is that IGMP is IPbased while GMRP is MAC-based.

Figure 2.59 GARP/GVRP/GMRP dropdown menu

2.9.1 Multicast Group Table

Figure 2.60 Multicast Group Table

2.9.2 GARP Setting

Figure 2.61 GARP setting page

Figure 2.61 shows GARP timer setting and the descriptions of each timer is explained in Table 2.20.

Table 2.20 GARP timer setting descriptions

Label

Description

Factory Default

Join Timer

Indicates the GARP Join timer, in 0 ~ 65535 seconds.

20 seconds

Leave Timer

Indicates the GARP Leave timer, in 0 ~ 65535 seconds.

60 seconds

LeaveAll

Timer

Indicates the GARP Leave All timer, in 0 ~ 65535

seconds.

1000 seconds

2.9.1 GVRP Settings

Figure 2.62 GVRP setting page

Figure 2.62 indicates GVRP configurations and functions. When GVRP is enabled, the switch which

is an end node of a network needs to add static VLANs locally. Others switches dynamically learn the

rest of the VLANs configured elsewhere in the network via GVRP.

Table 2.21 GVRP setting descriptions

Label

Description

Factory Default

GVRP

Enables or disables GVRP protocol. Enables GVRP, the switch must be in 802.1q VLAN mode.

Disabled

Port

Enables or disables GVRP on each port. If users have already defined trunking group (e.g. Trk1), it can also be

selected to be enabled.

All ports are

disabled

Clear

Statistics

Clears all GVRP statistics counts

Clears the record

2.9.2 GMRP Settings

Figure 2.63 GMRP setting page

2.10 IGMP/IP Multicast

This function contains four options (Figure 2.68 (a)), which are:

 IGMP Setting  IGMP Statistics  IGMP/IP Multicast Table  Static IP Multicast

IGMP: Internet Group Management Protocol is used on IP networks to establish multicast group

memberships. It operates above the network layer of OSI model. One of the most important features

related to this protocol is IGMP snooping, which is supported by the managed switch and greatly

strengthens network functionality.

IGMP Snooping: It is a process of “listening” to IGMP network traffic. By listening to conversations

between different devices, it maintains a map of links and IP multicast streams. This means

multicasts may be filtered from the links which do not need them, and IGMP snooping allows the

switch to only forward multicast traffic to the links that have requested it.

2.10.1 IGMP Setting

Figure 2.64 IGMP setting page

Table 2.22 IGMP setting descriptions

Label

Description

Factory

Default

IGMP Snooping

Choose to enable IGMP snooping. To enable IGMP snooping.

Disabled

IGMP Proxy

Choose to enable IGMP proxy. See note below.

Disabled

IGMP Fast-leave

Choose to enable IGMP Fast-leave. See note below.

Disabled

Router's IP

Display the multicast router’s IP address.

Router's Port

Display the port that is connected to multicast router.

*NOTE:

IGMP Proxy works as an intermediate server, as shown in Figure 2.65. When it receives a query

message from the router, it sends a report message to the router port. When it receives a report

message from a computer in a new group, it sends a report message back to the router port. When it

receives a leave message from a computer which is the only one in the group, it sends a leave

message to the router port and removes the computer. Proxy is like a middle man that handles

information in between routers and computers.

Figure 2.65 Example of IGMP proxy

IGMP Fast-leave: When a leave message is received, the ports in the group will be immediately removed from the IP multicast entry.

2.10.2 IGMP Statistics

Figure 2.33 (a) IGMP statistics page

Figure 2.66 (b) Example of IGMP statistics

IGMP statistics are shown in Figure 2.66 (a), and its example is in Figure 2.66 (b). It shows the

statistical values of IGMP protocol.

2.10.3 IGMP/IP Multicast Table

Figure 2.34 (a) IP Multicast table page

Figure 2.67 (b) Example of IP Multicast Table

This option shows:

1. The IGMP membership group table.

2. Static and dynamic IP Multicast table. The dynamic join port is added by the switch’s IGMP

snooping function. The static join port is manually added by users.

2.10.4 Static IP Multicast

Figure 2.34 (a) Static IP Multicast setting page

Figure 2.68 (b) Example of Static IP Multicast setting

Figure 2.68 (a) and Figure 2.68 (b) display current IP multicast addresses, and users are allowed to

add more manually.

For example, an IP multicast group address is: 239.1.1.1 and joining ports are Port1, Port2 and Port5

with VLAN=1.

Users should key the IP in the IP Multicast Address column and click the corresponding port number

in the Join Port column. Click the “Ctrl” key on the keyboard to add more ports. Then click on the

button, the IP address is then added as it can be seen on Figure 2.68 (b). To remove

the static IP multicast address entry setting, click the button. These procedures are

similar as when we added Unicast/Multicast MAC address previously, the only difference is that the IP

multicast address has the form of 239.XX.XX.XX.

2.11 SNMP

This SNMP setting has four categories as shown in Figure 2.69, which are

 SNMP  Community Strings  Trap Receivers  SNMP V3 Users

2.11.1 SNMP

SNMP: Simple Network Management Protocol is a protocol for managing devices on IP networks. It

exposes management data in the form of variables on the managed systems, which describe the system configuration. These variables can then be queried/defined by users.

Figure 2.69 SNMP setting page

Table 2.23 SNMP setting description

Label

Description

Factory Default

2.11.2 Community Strings

The managed switch supports SNMP V1, V2c, and V3. SNMP V1 and V2c use a community string match for authentication. There are three levels of authentications which are read-sysinfo-only, readall-only, or read-write-all. For example, in our default setting, the SNMP agent can access all objects with read-all-only permissions using the string public. Another example is that the string private has permission of read-write-all.

This option allows users to use a community string match for authentication. Users can specify the

string names and the type of permissions on the String field as shown in Figure 2.69.

Table 2.24 Community string setting descriptions

Label

Description

Factory Default

Community

Strings

Define name of strings. Max. 15 Characters.

Public(read-all-only)

Private(read-write-all)

Type

Choose from read-sysinfo-only, read-all-only, and read-write-all. See notes below for a detailed explanation.

*NOTE:

Read-sysinfo-only: permission to read OID 1.3.6.1.2.1.1 Sub Tree.

Read-all-only: permission to read OID 1 Sub Tree. Read-write-all: permission to read/write OID 1 Sub Tree.

2.11.3 Trap Receivers

The managed switch provides a trap function that allows an SNMP agent to notify the network

management system in case of a significant event. This allows users to configure SNMP Trap setting,

Figure 2.70.

Figure 2.70 Example of Trap receiver setting

Table 2.25 Trap receiver setting descriptions

Label

Description

Factory Default

IP address

IP address of your Trap Server

NULL

Port

Trap Server service port.

162

SNMP

Choose to enable SNMP V1/V2c/V3.

Disabled

Community

String

Community string for authentication. Max. 15 characters.

NULL

2.11.4 SNMPv3 Users

SNMP V3 is a more secure protocol. Users will be able to set a password and an encryption key to enhance the data security.

When choosing this option, users can configure SNMP V3. MD5 (Message-Digest algorithm 5) is

used for authentication password, and DES (Data Encryption Standard) for data encryption algorithm

as shown in Figure 2.69.

Table 2.26 SNMP V3 setting descriptions

Label

Description

Factory Default

Name

Admin: Administration level. User: Normal user level.

Admin

Authentication

Password

Set password. If the field is left blank, there will be

no authentication. Authentication password is based on MD5. Max. 31 characters.

NULL

Confirm Password

Re-type the Authentication Password

NULL

Encryption Key

Set encryption key for more secure protection.

Encryption is based on DES. Max. 31 characters.

NULL

Confirm Key

Re-type the Encryption Key

NULL

2.12 Spanning Tree

IEEE Standard Spanning tree functionality is provided. The Spanning Tree Protocol (STP) provides a

function of preventing switching loops and ensuring broadcast radiation. A switching loop occurs in a

network when there are multiple connections between two network switches or two ports. The loop

creates a broadcast radiation, which is the accumulation of broadcast and multicast traffics on a

computer network. As broadcast and multicast messages are forwarded by bridges/switches to every

port, the bridges/switches will repeatedly rebroadcast the broadcast messages, and this can flood the

network. STP creates a spanning tree and disables those links of the network that are part of the

spanning tree, which leaves only a single active path between two nodes. This function avoids

flooding and increases network efficiency.

RSTP (Rapid Spanning Tree Protocol) is also supported. It is an evolution of the STP. It has a slightly

changed topology, which helps to provide a much faster spanning tree convergence.

2.12.1 Spanning Tree Setting

Figure 2.71 Network redundancy setting page

In this setting, users can set the network redundancy mode as shown in Figure 2.71. There are three

options, which are STP/RSTP/MSTP.

2.12.2 RSTP Main Setting

Figure 2.72 RSTP setting page

RSTP Main setting consists of three sub sections, which are RSTP setting, Bridge info and Port

status, as shown in Figure 2.72. RSTP Main setting is to enable or disable RSTP protocol.

Table 2.27 RSTP main setting descriptions

Label

Description

Factory Default

RSTP enabled

To enable RSTP functionality

Disabled

Priority

To set the device priority. The value is in between 0 and 61440. The lower number gives higher

priority.

32768

Maximum Age

Maximum expected arrival time for a hello

message. It should be longer than Hello Time.

Hello Time

Hello time interval in seconds. The value is in

between 1 to 10.

Forward delay

Time spent in the listening and learning states in

seconds. The value is in between 4 to 30.

RSTP Port setting is also supported. Users can specify Path Cost, Priority, Link type and Edge

function to each port.

2.12.3 RSTP Bridge information

Figure 2.73 Bridge information page

RSTP Bridge information shows the statistical value of RSTP protocol, as shown in Figure 2.73.

2.12.4 RSTP Port Status

Figure 2.74 RSTP status page

RSTP Port Status shows the statistical value of RSTP protocol for each port, as shown in Figure 2.74.

The statistical information for each port is state, rate, path cost, link type, edge, cost, path priority,

designated information, receiving count, and transmission count.

2.13 VLAN

A Virtual Local Area Network (VLAN) is a group of devices that can be located anywhere on a network, but all devices in the group are logically connected together. In other words, VLAN allows end stations to be grouped together even if they are not located on the same network switch. With a traditional network, users usually spend a lot of time on devices relocations, but a VLAN reconfiguration can be performed entirely through software. Also, VLAN provides extra security because devices within a VLAN group can only communicate with other devices in the same group. For the same reason, VLAN can help to control network traffic. Traditional network broadcasts data to all devices, no matter whether they need it or not. By allowing a member to receive data only from other members in the same VLAN group, VLAN avoids broadcasting and increases traffic efficiency (see Figure 2.75).

Figure 2.75 Example of VLAN configuration

There are two common approaches to assigning VLAN memberships, as follow

 Port-based VLAN  Tagging-based (802.1q) VLAN

2.13.1 VLAN Mode

Port-Based VLAN (or Static VLAN equivalently) assignments are created by assigning ports to a

VLAN. If a device is connected to a certain port, the device will be assigned a VLAN to that specific

port. If a user changes the connected port, a new port-VLAN assignment must be reconfigured for this new connection.

Steps to set up Port-Based VLAN:

1. On Port-Based VLAN Setting page.

2. Select specific ports to be included to certain group.

Figure 2.76 VLAN Setting

802.1Q VLAN (or tagging-based equivalently) Another VLAN mode that supported is 802.1Q. Tagged frames are frames with 802.1Q (VLAN) tags

that specify a valid VLAN identifier (VID). Untagged frames are frames without tags or frames that carry 802.1p (prioritization) tags and only having prioritization information and a VID of 0. When a switch receives a tagged frame, it extracts the VID and forwards the frame to other ports in the same VLAN.

Table 2.28 802.1Q VLAN descriptions

Label

Description

Factory

Default

Management VLAN ID

Configure the management VLAN ID that can be

accessed this switch. Range from 1 to 4095.

2.13.2 802.1Q VLAN Table

Figure 2.44 (a) VLAN table page

Figure 2.77 (b) Example of VLAN table page

Figure 2.77 (a) and Figure 2.77 (b) display the static and dynamic VLAN information of each VID.

Table 2.29 802.1Q VLAN Table descriptions

Label

Description

Factory

Default

VID

Indicates the VLAN ID number.

Dependant

Static Member Ports

Indicates the member ports to this VID. This entry is created by user.

All ports

Static Tagged Ports

Indicates the ports that outgoing packet is tagged or

untagged.

Displayed: The outgoing packet is tagged from this

port.

Undisplayed: The outgoing packet is untagged from

this port. This entry is created by user.

Dependant

Dynamic Member Ports

Indicates the member ports to this VID. This entry is created by GVRP.

Dependant

Dynamic Tagged Ports

Indicates the member ports that outgoing packet is

tagged or untagged.

Displayed: The outgoing packet is tagged from this

port.

Undisplayed: The outgoing packet is untagged from

Dependant

this port. This entry is created by GVRP.

2.13.3 802.1Q VLAN Setting

Figure 2.45 (a) 802.1Q VLAN setting page

Figure 2.78 (b) Example of 802.1Q VLAN setting

Figure 2.78 (a) and Figure 2.78 (a) display the VLAN entry configuration. Note that below there are

the corresponding VLAN entries.

Table 2.30 802.1Q VLAN setting descriptions

Label

Description

Factory Default

Name

The VLAN ID name that can be assigned by the user.

DEFAULT

VID

Configures the VLAN ID that will be added in static VLAN

table in switch. The VLAN ID is in the range 2~4094.

Dependant

Member

Ports

Configures the ports to this specific VID.

All Ports

Tagged Ports

Configures the ports that outgoing packet is tagged or

untagged.

Selected: The outgoing packet is tagged from this port. Unselected: The outgoing packet is untagged from this port.

Dependant

*NOTE:

- Default settings only have VLAN ID on 1. To configure settings for VLAN ID other than 1, users will have to assign ports to be in that VLAN group.

1. Go to VLAN Setting.

2. Fill in appropriate Name, VID, Member Ports, and Tagged Ports -> click on Add/Modify.

3. Go to VLAN PVID Setting.

4. Choose the same ports, and enter PVID (which is the same as VID), see Figure 2.79.

2.13.4 802.1Q VLAN PVID Setting

Each port is assigned a native VLAN number, the Port VLAN ID (PVID). When an untagged frame goes through a port, it is assigned to the port’s PVID.

Figure 2.79 802.1Q VLAN PVID setting page

Figure 2.79 displays the ports’ default PVID. The lower portion allows the user to configure the port’s

PVID.

Table 2.31 802.1Q VLAN PVID setting descriptions

Label

Description

Factory Default

Port

Select specific ports to be configured the PVID value.

PVID

Configures the default 802.1Q VID tag assigned to specific Port. The VLAN ID is in the range 1~4094.

2.13.5 Example of using 802.1Q VLAN

To configure 802.1Q VLAN, use the Static VLAN Setting page. For example, set Port 1, 2 and 3 into a

VLAN group name VLAN 2 with VID 2 and Port 3 are tagged, Figure 2.80.

Users should follow settings as shown in Table 2.32:

Table 2.32 Example of 802.1Q VLAN setting parameters

Label

Setting

Name

VLAN 2

VID 2 Member Ports

Choice Port 1, 2 and 3

Tagged Ports

Choice Port 2 and 3

Add/Modify

Click button after done

To select more than one port, user can simply click the “Ctrl” Key on keyboard

Figure 2.80 Example of VLAN Settings

2.13.6 Port based VLAN Setting

Figure 2.81 Port-based VLAN page

Users can manually specify each group member port to a group ID as shown in Figure 2.81.

2.14 Security

Two security features are provided, Port Security and 802.1X

2.14.1 Background on 802.1X

802.1X: is an IEEE standard for port-based Network-Access Control, and it provides an

authentication mechanism to devices wishing to attach to a LAN or WLAN. This protocol restricts

unauthorized clients from connecting to a LAN through ports that are open to the Internet. The

authentication basically involves three parties (Figure 2.82): a supplicant, an authenticator, and

an authentication server.

- Supplicant: A client device that requests access to the LAN.

- Authentication Server: The server performs the actual authentication. We use RADIUS (Remote

Authentication Dial-In User Service) as the authentication server.

- Authenticator: The Authenticator is a network device that acts as a proxy between the

supplicant and the authentication server. It passes around information, verifies information

with the server, and relays responses to the supplicant.

The authenticator acts like a security guard to a protected network. The supplicant is not allowed

access through the authenticator to the protected side of the network until the supplicant’s identity

has been validated and authorized. With 802.1X authentication, a supplicant and an authenticator exchange EAP (Extensible Authentication Protocol, an authentication framework widely used by IEEE). Then the authenticator forwards this information to the authentication server for verification. If the authentication server confirms the request, the supplicant (client device) will be allowed to access resources located on the protected side of the network.

RADIUS: The Radius is a networking protocol that provides authentication, authorization and accounting management for devices to connect and use a network service.

Figure 2.82 RADIUS authentication sequence

2.14.2 Port Security Setting

Figure 2.83 shows the port security states and security setting.

Figure 2.83 Port Security setting page

2.14.3 Port Security Add Static MAC

Figure 2.84 Add port security static MAC page

Table 2.33 Port Security Add Static MAC descriptions

Label

Description

MAC Address

Type the suitable MAC address.

Ports

Choose between ports.

Remove

Option to remove the corresponding MAC address

Add

Click to add a MAC address

VLAN

Specify the corresponding VLAN address to MAC address.

The procedure for adding a MAC address is simple, just type in it in the corresponding field, choose

the VLAN number, the Port, and proceed to click on Add. Please remember that a MAC address

cannot be assigned to two different ports, this will produce an error message.

2.14.4 802.1x and Radius setting

Figure 2.85 802.1x & RADIUS setting page

Configuration for 802.1x and Radius server information is shown on Figure 2.85.

Table 2.34 802.1X setting descriptions

Label

Description

Factory Default

802.1x

Choose whether to Enable 802.1X for all ports or

not.

Disabled

Radius Server IP

Set Radius server IP address.

0.0.0.0

Server Port

Set radius server port number. The range is 1024 ~ 65535.

1812

Accounting Port

Set radius accounting port number. The range is 1024 ~ 65535.

1813

NAS Identifier

Specifies 802.1X Network Access Server (NAS)

identifier string. Max. 30 characters.

Managed Switch

Shared Key

A key to be shared between the managed switch and the Radius Server. Both ends must be

configured to use the same key. Max. 30 characters.

NULL

Confirm Shared

Key

Re-type the Shared Key string.

Dependant

2.14.5 802.1.x Parameters Setting

Figure 2.86 802.1x setting page

802.1x parameter settings is shown in Figure 2.86 and the descriptions for each parameter are

explained in Table 2.35.

Table 2.35 802.1X parameter descriptions

Label

Description

Factory Default

Quiet Period

Waiting time between requests when the

authorization has failed. Range from 10 to 65535 seconds.

Tx Period

Waiting time for the supplicant’s EAP response packet before retransmitting another EAP request

packet. Range from 10 to 65535 seconds.

Supplicant Timeout

Waiting time for the supplicant response to the

authentication server’s EAP packet. Range from 10 to 300 seconds.

Server Timeout

Waiting time for the authentication server’s

response to the supplicant’s EAP packet. Range from 10 to 300 seconds.

Maximum

Requests

Maximum number of times to retransmit the authentication server’s EAP request packet to the supplicant before the authentication session times

out. Range from 2 to 10 seconds.

Reauth Period

Time between periodic re-authentication of the supplicant. Range from 30 to 65535 seconds.

3600

2.14.6 802.1x Port Setting

Figure 2.87 802.1x Port setting page

802.1x Port information is shown in Figure 2.87. Each port can be set a mode for authorization as

described in Table 2.36.

Table 2.36 802.1X Port setting descriptions

Label

Description

Factory Default

Port

Set specific ports to be configured.

Option

Mode

Choose from:

FU: specifies forced unauthorized FA: specifies forced authorized AU: specifies authorization NO: specifies disable authorization

2.15 ERPS/Ring

2.15.1 DIP Switch

Figure 2.88 DIP switch status page

This section allows users to set the DIP Switch control; the DIP switches are located on the housing.

This is another easy and convenient way to configure ERPS or iA-ring or Compatible-Ring via DIP

Switches (instead of modifying configuration on a web browser). Figure 2.88 shows the current DIP

Switch’s status. The bottom portion allows the user to modify settings.

2.15.2 ERPS/Ring

Ethernet Ring Protection Switching (ERPS) is a protocol for Ethernet layer network rings, and it

specifies the protection mechanism. The ring topology provides multipoint connectivity economically

by reducing the number of links. ERPS provides highly reliable and stable protection in the ring

topology, and it never forms loops, which can affect network operation.

Figure 2.89 Ring topology

Figure 2.89 shows each Ethernet Ring Node is connected to an adjacent Ethernet Ring Nodes

participating in the same Ethernet Ring using two independent links (i.e. two ways). In the Ethernet ring, loops can be avoided by guaranteeing that traffic may flow on all but one of the ring links at any time. This particular link is called Ring Protection Link (RPL). A control message called R-APS coordinates the activities of switching on/off the RPL. Under normal conditions, this link is blocked by the Owner Node. Thus, loops can be avoided by this mechanism. In case an Ethernet ring failure occurs, the RPL Owner node will be responsible for unblocking its end of the RPL to allow RPL to be used as a backup link. The RPL is the backup link when one link failure occurs.

Figure 2.90 ERPS Setting page

ERPS settings are shown on Figure 2.90. Users should disable the DIP Switch Control first in order to

set up ERPS parameters.

Table 2.37 ERP setting description

Label

Description

Factory Default

ERPS

Choose whether to enable ERPS or not.

Disabled

Log

Choose to enable log.

Enabled

UERPS

Choose whether to enable UERPS.

When UERPS is enabled, ring ports periodically sent a “heartbeat” packet to peer ring ports in order to determine whether the link path (etc. wireless

bridge) is failure or alive.

If peer ring port cannot receive “heartbeat” packets over 3 packets, the ring port will enter

protection state.

Note: This function affect the recovery time to

more than 20 ms.

Disabled

Heartbeat Interval

Set the Heartbeat Interval. Range from 50 to 10000 milliseconds.

50 ms

RAPS VLAN

Create the ring by specifying the R-APS VLAN ID of the ring. VLAN ID ranges from 1 to 4094.

NULL

After enabling the ERPS and adding a RAPS VLAN, users can click on for more

details and configurations, which are shown on Figure 2.91.

Figure 2.91 ERPS RAPS VLAN Setting page

Table 2.38 ERPS VLAN setting description

Label

Description

Factory Default

ERPS VLAN

Indicate current RAPS VLAN ID.

None

Status

Choose to enable ERPS with this particular VLAN.

Disabled

West Port

Choose the West Port of the RPL.

Port1

East Port

Choose the East Port of the RPL.

Port2

RPL Owner

Choose to enable Owner Function.

Disabled

RPL Port

Select the Owner Port.

None

WTR Timer

Set the wait-to-restore (WTR) time of the ring in minutes. Lower value has lower protection time. Range from 0 to 12 minutes.

Holdoff Timer

Set the holdoff time of the ring. Range from 0 to 10000 milliseconds.

Guard Timer

Set the guard time of the ring. Range from 0 to 2000 milliseconds.

500

MEL

Set the maintenance entity group level (MEL) of the

ring. Range from 0 to 7.

Propagate TC

Indicate the topology change propagation of the ring

ability.

Enabled

Figure 2.92 Example of Ring topology

Using the same example as above, configurations of four switches can be set up individually as

follows:

Table 2.39 Switch A and B configuration setting

EH7520

A EH7520

RAPS VLAN

8 RAPS VLAN

ERPS RAPS

Enabled

ERPS RAPS

Enabled

West Port

1 West Port

East Port

2 East Port

RPL Owner

Enabled

RPL Owner

Disabled

RPL Port

West

RPL Port

none

Table 2.40 Switch C and D configuration setting

EH7520

C EH7520

RAPS VLAN

8 RAPS VLAN

ERPS RAPS

Enabled

ERPS RAPS

Enabled

West Port

1 West Port

East Port

2 East Port

RPL Owner

Disabled

RPL Owner

Disabled

RPL Port

none

RPL Port

none

UERPS Settings (optional)

1. Prepare two managed switches (Switch A and Switch B). We will use Port 7 and Port 8 on both switches for redundancy.

2. Connect Switch A and Switch B to the network or PC so that you can access them. For simplicity you can use Port 1 for Web configuration on both switches.

3. Open SwitchView (Management Utility) and change the IP address of Switch B or both switches. The IP addresses won’t be conflicting.

4. Open Switch A and B’s WebUI and setup ERPS settings like the following. You just need to enable ERPS, Log, and UERPS. You need to press “Update” for the changes to take effect.

Figure 2.93 Example of Switch A’s ERPS settings

5. On Switch A, Click “Configure” on RAPS VLAN and setup as the below figure.

Figure 2.94 Example of Switch A’s RAPS VLAN settings

6. Open Switch B’s WebUI and setup ERPS settings like the following.

Figure 2.95 Example of Switch B’s RAPS VLAN setting

7. Connect Switch A’s Port 7 to Switch B’s Port 8. Connect Switch A’s Port 8 to Switch B’s Port 7 (like cross-over) for the redundancy port.

8. If everything is setup properly, you will find Switch A to have the following ERPS state. It will automatically block Port 8 to prevent a network loop.

Figure 2.96 Switch A’s ERPS state

9. Now you can add any other bridge that you want in between the two managed switches.

2.15.3 iA-Ring Setting

Atop’s managed switch is designed to be compatible with iA-Ring protocol for providing better network reliability and faster recovery time for redundant ring topologies. It is in the same category as R Rings, but with its own protocol. It has been a successful development that reduces recovery time to less than 20 ms. iA-Ring can be used for any single ring, which is shown in the diagram below (Figure

2.97).

Figure 2.97 iA-Ring Example Topology

Figure 2.98 iA-Ring Setting page

Figure 2.98 shows iA-Ring redundancy protocol. Users should disable DIP Switch Control and ERPS first in order to enable/configure iA-Ring parameters on a web browser.

Table 2.41 iA-Ring setting descriptions

Label

Description

Factory Default

iA-Ring

Enable iA-Ring or disable iA-Ring.

Disabled

Ring Master

Enabled: Master Mode. Disabled: Slave Mode.

Disabled

Ring Port

Select the primary port for the Ring.

Port1

2nd Ring Port

Select the backup port for the Ring.

Port2

2.15.4 Compatible-Ring Setting

Compatible-Ring is similar to iA-Ring. The only difference is that it can be used for MOXA rings as well. For more information about this redundant ring protocol, please contact Atop.

Figure 2.99 Compatible-Ring Setting page

Figure 2.99 shows how to set the Compatible-Ring redundancy protocol; users should disable DIP Switch Control and ERPS first in order to enable/configure Compatible-Ring parameters on the web browser.

Table 2.42 Compatible-Ring setting descriptions

Label

Description

Factory Default

Compatible-Ring

Enables Compatible-Ring or disable CompatibleRing.

Disabled

Ring Port

Selects the primary port for the Ring.

Port1

2nd Ring Port

Selects the backup port for the Ring.

Port2

2.15.5 U-Ring

U-Ring (Unicast Ring) Setup

Figure 2.68 (a) Example of a 2 wireless bridge U-ring

From Figure 2.100 (a), this configuration is for accessing between 2 points. In this example, each

point is connected to the Access Points by an Ethernet LAN line and these in turn are connected by

Wireless Bridges 1 and 2. In Figure 2.100 (b), the same protocol is used instead of wireless

connections between the Access Points. There are two physical lines between APs.

Figure 2.100 (b) Example of a 2 wired bridge U-ring

U-ring protocol could be used in the above environment. The APx could be:

 Dump-switch  Transceiver  XDSL bridge

Care should be taken that if a dump-switch is used as an AP (Access Point). The one on the other side must be a dump-switch as well. Again, care should be taken when connecting the cables to the ports. The main screen will look as follows (Figure 2.101).

Figure 2.101 U-Ring Setting page

Table 2.43 U-Ring setting descriptions

Label

Description

Factory Default

Operation Status

Shows whether the device’s state is normal or

protected.

Disabled

U-Ring

Shows whether the Unicast ring is working.

Disabled

Ring Master

Shows whether the device is a slave or master on

this ring. For Slave option leave it as disabled.

Disabled

Ring Port

Displays whether this Ethernet port is being used for

the corresponding ring’s port.

Port1

Ring Port

Displays whether this Ethernet port is being used for

the corresponding ring’s port.

Port2

Heartbeat Expire

Time interval between checking-packets.

1000

2.16 LLDP

Link Layer Discovery Protocol (LLDP) section consists of LLDP setting and LLDP Neighbors.

2.16.1 LLDP Setting

Link Layer Discovery Protocol (LLDP) is an IEEE standard OSI layer-2 protocol. It’s used by network

devices for displaying their identity, capabilities, and neighbors’ information on a local area network. It

allows each network device, e.g. an managed switch, to inform its neighbors about its information and

configurations periodically. As a result, all of the devices on the network would discover their

neighbors across connected network links using this standard mechanism.

Figure 2.102 LLDP Setting page

In Figure 2.102, LLDP setting page allows users to have options for enabling or disabling the LLDP,

as well as setting LLDP transmission parameters. This function should be enabled if users want to

use Device View to monitor the switches’ topology of the whole network. For more information about

using Device View, please refer to Chapter 5.

Table 2.44 LLDP setting descriptions

Label

Description

Factory Default

LLDP

Choose to either enable or disable LLDP.

Enabled

Tx Interval

Set the transmit interval of LLDP messages. Range from 5 to 65535 seconds.

TxTTL

Tx Time-To -Live.

Amount of time to keep neighbors’ information. The

recommend TTL value is 4 times of Tx Interval. Range from 5 to 65535 seconds.

120

2.16.2 Neighbors

Figure 2.71 (a) LLDP Neighbor page

Figure 2.103 (b) Example of LLDP Neighbor

Figure 2.103 (a) allows users to view the information of each neighbor close to this switch, and its

example is shown in Figure 2.103 (b).

Table 2.45 LLDP Neighbor descriptions

Label

Description

Port

Indicates particular port number of the switch.

Chassis ID

Indicates the identity of the neighbor of this particular port.

Port ID

Indicates the port number of this neighbor.

Port Description

Shows a textual description of the neighbor port.

System Name

Indicates the system name/ hostname of the neighbor.

System Description

Shows a more detailed description of the neighbor ’s system.

Management

Address

Indicates neighbor’s management IP address.

2.17 System

It is important for network administrators to know what’s happening in their networks, and know where

the events are happening. However, it is difficult to locate network devices that are at the endpoints of

systems. Thus Ethernet switches connected to these devices play an important role of providing first-

moment alarm messages to network administrators. This means network administrators can be

informed instantaneously when accidents happen.

Email alert and relays outputs is used to provide fast and reliable warning alerts for administrators.

2.17.1 Syslog

Figure 2.104 Syslog page

Figure 2.104 shows Syslog related settings configuration. The actual log event recorded will be

shown in Event Log on the next section.

Table 2.46 Syslog setting descriptions

Label

Description

Factory

Default

Enable Log Event to Flash

Checked: Saving log event into flash memory. The flash memory can keep the log event files

even if the switch is rebooted.

Unchecked: Saving log event into RAM memory. The RAM memory cannot keep the log

event files after each reboot.

Uncheck

Log Level

Set the log level to determine what events to be displayed on the next page (Event Log). Level

selected is inclusive.

For example, if 3 :(Log_ERR) is selected, all 0,

1 , 2 and 3 levels will be implied. Range from Log 0 to Log 7.

3: (LOG_ERR)

Enable Syslog Server

Checked: Enable Syslog Server. Uncheck: Disable Syslog Server.

If enabled, all log events recorded will be sent to

the remote Syslog server.

Uncheck

Syslog Server IP

Set the IP address of Syslog server

0.0.0.0

Syslog Server Service

Port

Set the service port number of Syslog server Range from Port 1 to Port 65535.

514

2.17.2 Event Log

Figure 2.105 Event Log page

Figure 2.105 shows an example of all of the event’s logs. They are sorted by date and time.

Table 2.47 Event Log descriptions

Label

Description

Index

Indicates the index of a particular log event.

Date

Indicates the system date of this event has occurred.

Time

Indicates the system time of this event has occurred.

Startup Time

Indicates how long the system has been up since this

event occurred.

Level

Indicates the level of this event.

Event

Details description of this event.

Displays events on the last page.

Atop EH7506, EH7508, EH7520, EHG7504, EH7512 User Manual

Specifications and Main Features

Frequently Asked Questions

User Manual