Comnet CNGE2FE8MSPOE User Manual

CNGE2FE8MSPOE
ENVIRONMENTALLY HARDENED MANAGED ETHERNET SWITCH WITH (8) 10/100TX + (2) 10/100/1000TX RJ45 OR 100/1000 FX SFP PORTS
V1.04 – March 2010
CNGE2FE8MSPOE Managed Ethernet Switch provides transmission of (8)
10/100 BASE-TX and (2) 10/100/1000TX or 100/1000FX combo ports. Unlike
most Ethernet switches, these environmentally hardened units are designed
for deployment in difficult operating environments, and are available for use
with either conventional CAT-5e copper or optical transmission media. The 8
electrical ports support the 10/100 Mbps Ethernet IEEE 802.3 protocol, and
auto-negotiating and auto-MDI/MDIX features are provided for simplicity and
ease of installation. All 8 ports support IEEE.802.3af based POE. 2 ports are
10/100/1000 configurable for copper or fiber media for use with multimode
or single mode optical fiber, selected by optional SFP modules. These
network managed layer 2 switches are optically (100/1000 BASE-FX) and
electrically compatible with any IEEE 802.3 compliant Ethernet devices. Plug-
and-play design ensures ease of installation, and no electrical or optical
adjustments are ever required. The CNGE2FE8MSPOE incorporates LED
indicators for monitoring the operating status of the managed switch and
network.
FCC Warning
This Equipment has been tested and found to comply with the limits for a
Class-A digital device, pursuant to Part 15 of the FCC rules. These limits are
designed to provide reasonable protection against harmful interference in a
residential installation. This equipment generates, uses, and can radiate radio
frequency energy. It may cause harmful interference to radio communications
if the equipment is not installed and used in accordance with the instructions.
However, there is no guarantee that interference will not occur in a particular
installation. If this equipment does cause harmful interference to radio or
television reception, which can be determined by turning the equipment off
and on, the user is encouraged to try to correct the interference by one or
more of the following measures:
Reorient or relocate the receiving antenna.
Increase the separation between the equipment and receiver.
Connect the equipment into an outlet on a circuit different from that to
which the receiver is connected.
Consult the dealer or an experienced radio/TV technician for help.
CE Mark Warning
This is a Class-A product. In a domestic environment this product may cause
radio interference in which case the user may be required to take adequate
measures.
Content
Chapter 1! Introduction .......................................... 1!
1.1! Hardware Features ........................................ 1!
1.2! Software Features.......................................... 5!
1.3! Package Contents.......................................... 8!
Chapter 2! Hardware Description .......................... 9!
2.1! Physical Dimension........................................ 9!
2.2! Front Panel..................................................... 9!
2.3! Top View ...................................................... 10!
2.4! LED Indicators.............................................. 11!
Chapter 3! Hardware Installation......................... 13!
3.1! Installation Steps.......................................... 13!
3.2! DIN-Rail Mounting........................................ 14!
3.3! Wall Mount Plate Mounting .......................... 17!
3.4! Wiring the Power Inputs ...............................18!
3.5! Wiring the Fault Alarm Contact .................... 19!
3.6! Cabling .........................................................20!
Chapter 4! Network Application ..........................24!
4.1! X-Ring Application ....................................... 26!
4.2! Coupling Ring Application ............................ 27!
4.3! Dual Homing Application.............................. 28!
Chapter 5! Console Management ........................ 29!
5.1! Connecting to the Console Port ................... 29!
5.2! Pin Assignment ............................................29!
5.3! Login in the Console Interface .....................30!
5.4! CLI Management ......................................... 32!
5.5! Commands Level ......................................... 32!
Chapter 6! Web-Based Management................... 34!
6.1! About Web-based Management ..................34!
6.2! Preparing for Web Management ..................34!
6.3! System Login ...............................................35!
6.4! System Information ...................................... 36!
6.5! IP Configuration ...........................................37!
6.6! DHCP Server ...............................................39!
6.6.1! System configuration..................................... 40!
6.6.2! Client Entries................................................. 41!
6.6.3! Port and IP Bindings ..................................... 42!
6.7! TFTP ............................................................ 43!
6.7.1! Update Firmware........................................... 43!
6.7.2! Restore Configuration ................................... 44!
6.7.3! Backup Configuration.................................... 45!
6.8! System Event Log ........................................ 46!
6.8.1! Syslog Configuration ..................................... 46!
6.8.2! System Event Log—SMTP Configuration ..... 48!
6.8.3! System Event Log—Event Configuration...... 50!
6.9! Fault Relay Alarm......................................... 52!
6.10! SNTP Configuration ................................... 53!
6.11! IP Security.................................................. 57!
6.12! User Authentication.................................... 59!
6.13! Port Statistics .............................................60!
6.14! Port Control ................................................62!
6.15! Port Trunk .................................................. 64!
6.15.1! Aggregator setting ....................................... 64!
6.15.2! Aggregator Information ............................... 66!
6.15.3! State Activity ............................................... 72!
6.16! Port Mirroring .............................................74!
6.17! Rate Limiting ..............................................75!
6.18! VLAN configuration .................................... 77!
6.18.1! Port-based VLAN ........................................ 78!
6.18.2! 802.1Q VLAN .............................................. 81!
6.19! Rapid Spanning Tree ................................. 86!
6.19.1! RSTP System Configuration ....................... 86!
6.19.2! Port Configuration ....................................... 88!
6.20! SNMP Configuration .................................. 90!
6.20.1! System Configuration.................................. 90!
6.20.2! Trap Configuration ...................................... 92!
6.20.3! SNMPV3 Configuration ............................... 93!
6.21! QoS Configuration ..................................... 96!
6.21.1! QoS Policy and Priority Type ...................... 96!
6.21.2! Port-based Priority ...................................... 98!
6.21.3! COS Configuration ...................................... 98!
6.21.4! TOS Configuration ...................................... 98!
6.22! IGMP Configuration ................................. 100!
6.23! X-Ring ......................................................102!
6.24! LLDP Configuration.................................. 104!
6.25! Security—802.1X/Radius Configuration .. 105!
6.25.1! System Configuration................................ 105!
6.25.2! Port Configuration ..................................... 107!
6.25.3! Misc Configuration .................................... 109!
6.26! MAC Address Table ................................. 110!
6.26.1! Static MAC Address .................................. 110!
6.26.2! MAC Filtering ............................................ 112!
6.26.3! All MAC Addresses ................................... 113!
6.26.4! MAC Address Table—Multicast Filtering .. 114!
6.27! Power over Ethernet ................................116!
6.28! Factory Default......................................... 118!
6.29! Save Configuration .................................. 119!
6.30! System Reboot ........................................ 120!
Troubles shooting.................................................. 121!
Appendix A—RJ45 Pin Assignment..................... 122!
RJ45 Pin Assignments .........................................122!
RJ45 Pin Assignment of PoE ...............................126!
Appendix B—Command Sets ...............................128!
System Commands Set........................................ 128!
Port Commands Set .............................................131!
Trunk Commands Set ..........................................134!
VLAN Commands Set ..........................................135!
Spanning Tree Commands Set ............................137!
QOS Commands Set............................................ 140!
IGMP Commands Set ..........................................140!
Multicast Filtering Commands Set........................ 141!
LLDP Commands Set........................................... 142!
Mac / Filter Table Commands Set........................ 142!
SNMP Commands Set .........................................143!
Port Mirroring Commands Set..............................145!
802.1x Commands Set......................................... 146!
TFTP Commands Set........................................... 148!
SystemLog, SMTP and Event Commands Set .... 149!
Fault Relay Alarm Commands Set ....................... 151!
SNTP Commands Set ..........................................152!
X-ring Commands Set ..........................................153!
PoE Commands Set.............................................154!
1
Chapter 1 Introduction
The 8 10/100TX + 2 10/100/1000T/Mini-GBIC Combo with 8 PoE Injectors Managed
Industrial Switch is a cost-effective solution and meets the high reliability requirements
demanded by industrial applications. Using fiber port can extend the connection distance
that increases the network elasticity and performance. Besides, the industrial switch
provides the PoE function for kinds of Powered Devices to receive power as well as data
over the RJ45 cable.
1.1 Hardware Features
Standard
IEEE 802.3 10Base-T Ethernet
IEEE 802.3u 100Base-TX/ FX
IEEE802.3ab 1000Base-T
IEEE802.3z Gigabit fiber
IEEE802.3x Flow Control and Back Pressure
IEEE802.3ad Port trunk with LACP
IEEE802.3af Power over Ethernet
IEEE802.1d Spanning Tree/ IEEE802.1w Rapid Spanning
Tree
IEEE802.1p Class of Service
IEEE802.1Q VLAN Tag
IEEE 802.1x User Authentication (Radius)
IEEE802.1ab LLDP
Switch
Architecture
Back-plane (Switching Fabric): 5.6Gbps
Packet throughput ability(Full-Duplex): 8.3Mpps @64bytes
Transfer Rate
14,880pps for Ethernet port
148,800pps for Fast Ethernet port
1,488,000pps for Gigabit Fiber Ethernet port
2
Packet Buffer
1Mbits
MAC Address
8K MAC address table
Flash ROM
4Mbytes
DRAM
32Mbytes
Connector
10/100TX: 8 x RJ45
10/100/1000T/ Mini-GBIC Combo: 2 x RJ45 + 2 x 100/1000
SFP sockets
RS-232 connector: RJ45 type
Network Cable
10Base-T: 2-pair UTP/STP Cat. 3, 4, 5/ 5E cable
EIA/TIA-568 100-ohm (100m)
100Base-TX: 2-pair UTP/STP Cat. 5/ 5E cable
EIA/TIA-568 100-ohm (100m)
1000Base-TX: 2-pair UTP/STP Cat. 5/ 5E cable
EIA/TIA-568 100-ohm (100m)
Optical Fiber
Distance:
Multi mode:
0 to 5 km, 1300 nm (50/125 µm, 800 MHz*km)
0 to 4 km, 1300 nm (62.5/125 µm, 500 MHz*km)
Single mode:
0 to 40 km, 1310 nm (9/125 µm, 3.5 PS/(nm*km))
0 to 80 km, 1550 nm (9/125 µm, 19 PS/(nm*km))
Min. TX Output:
Multi mode: -20 dBm
Single mode: 0 to 40 km, -5 dBm; 0 to 80 km, -5 dBm
Max. TX Output:
Multi mode: -14 dBm
Single mode: 0 to 40 km, 0 dBm; 0 to 80 km, 0 dBm
3
Sensitivity:
-36 to -32 dBm (Single mode); -34 to -30 dBm (Multi mode)
PoE pin
assignment
RJ45 port # 1~# 8 support IEEE 802.3af End-point,
Alternative A mode. Per port provides 15.4W ability.
Positive (VCC+): RJ45 pin 1,2.
Negative (VCC-): RJ45 pin 3,6.
Protocol
CSMA/CD
LED
Per unit: Power (Green), Power 1 (Green), Power 2
(Green), Fault (Red), Master (Green), FWD (Green)
8 port 10/100: Link/Activity (Green), Full duplex/Collision
(Amber)
SFP port: LNK/ACT(Green), 1000T: LNK/ACT(Green),
1000M(Green)
Power Supply
External Power Supply: DC 48V, Redundant power DC 48V
and connective removable terminal block for master and
slave power
Power
Consumption
116Watts (Full load)
Operating
Humidity
5% to 95% (Non-condensing)
Operating
Temperature
PIFE-802GBTMA: -10oC ~ 60oC
PIFE-802GBTMAE: -40oC ~ 75oC
Storage
Temperature
-40oC ~ 85oC
Case Dimension
IP-30, 72mm (W) x 105mm (D) x 152mm (H)
Installation
DIN rail and wall mount ear
EMI
FCC Class A, CE EN61000-4-2, CE EN61000-4-3, CE EN-
4
61000-4-4, CE EN61000-4-5,
CE EN61000-4-6, CE EN61000-4-8, CE EN61000-4-11, CE
EN61000-4-12, CE EN61000-6-2, CE EN61000-6-4
Safety
UL, cUL, CE/EN60950-1
Stability Testing
IEC60068-2-32 (Free fall), IEC60068-2-27 (Shock),
IEC60068-2-6 (Vibration)
5
1.2 Software Features
Management
SNMP v1 v2c, v3/ Web/Telnet/CLI
SNMP MIB
RFC 1215 Trap, RFC1213 MIBII, RFC 1157 SNMP MIB, RFC 1493
Bridge MIB, RFC 2674 VLAN MIB, RFC 1643 , RFC 1757, RSTP MIB, Private MIB, LLDP MIB
VLAN
Port Based VLAN
IEEE 802.1Q Tag VLAN (256 entries)/ VLAN ID (Up to 4K,
VLAN ID can be assigned from 1 to 4094.)
GVRP (256 Groups)
Port Trunk with
LACP
LACP Port Trunk: 4 Trunk groups/Maximum 4 trunk
members
LLDP
Supports LLDP allowing switch to advertise its identification
and capability on the LAN
Spanning tree
IEEE802.1d spanning tree
IEEE802.1w rapid spanning tree.
X-Ring
Supports X-ring, Dual Homing and Couple Ring Topology
Provides redundant backup feature and the recovery time
below 20ms
Quality of Service
The quality of service determined by port, Tag and IPv4
Type of service, IPv4 Different Service
Class of Service
Supports IEEE802.1p class of service, per port provides 4
priority queues
Port Security
Supports 100 entries of MAC address for static MAC and
another 100 for MAC filter
6
Port Mirror
Supports 3 mirroring types: “RX, TX and Both packet”.
IGMP
Supports IGMP snooping v1,v2
256 multicast groups and IGMP query
IP Security
Supports 10 IP addresses that have permission to access
the switch management and to prevent unauthorized
intruder.
Login Security
Supports IEEE802.1X Authentication/RADIUS
Bandwidth
Control
Support ingress packet filter and egress packet limit
The egress rate control supports all of packet type and the
limit rates are 100K~102400Kbps(10/100),
100K~256000Kbps(1000)
Ingress filter packet type combination rules are
Broadcast/Multicast/Unknown Unicast packet,
Broadcast/Multicast packet, Broadcast packet only and all
of packet. The packet filter rate can be set from
100K~102400Kbps(10/100), 100K~256000Kbps(1000)
Flow Control
Supports Flow Control for Full-duplex and Back Pressure
for Half-duplex
System Log
Supports System log record and remote system log server
SMTP
Supports SMTP Server and 6 e-mail accounts for receiving
event alert
Relay Alarm
Provides one relay output for port breakdown, power fail
Alarm Relay current carry ability: 1A @ DC24V
7
SNMP Trap
1. Cold start
2. Link up/down
3. X-Ring topology changed
4. Authorization fail
5. PD disconnect trap-PoE port event
DHCP
Provides DHCP Client/ DHCP Server/ Port and IP Binding
DNS
Provides DNS client feature and supports Primary and
Secondary DNS server
SNTP
Supports SNTP to synchronize system clock in Internet
Firmware Update
Supports TFTP firmware update, TFTP backup and restore.
Configuration
Upload/Download
Supports binary format configuration file for system quick
installation
ifAlias
Each port allows importing 128bits of alphabetic string of
word on SNMP and CLI interface
8
1.3 Package Contents
Please refer to the package content list below to verify them against the checklist.
8 10/100TX + 2 10/100/1000T/Mini-GBIC Combo with 8 PoE Injectors Managed
Industrial Switch x 1
User manual x 1
Pluggable Terminal Block x 1
Mounting plate x 2
RJ45 to DB9-Female cable x 1
Compare the contents of the industrial switch with the standard checklist above. If any item
is damaged or missing, please contact the local dealer for service.
9
Chapter 2 Hardware Description
In this paragraph, it will describe the Industrial switch’s hardware spec, port, cabling
information, and wiring installation.
2.1 Physical Dimension
8 10/100TX w/ X-Ring Managed Industrial Switch dimension (W x D x H) is 72mm x
105mm x 152mm
2.2 Front Panel
The Front Panel of the 8 10/100TX w/ X-Ring Managed Industrial Switch is shown as below:
Front Panel of the industrial switch
10
2.3 Top View
The top panel of the 8 10/100TX w/ X-Ring Managed Industrial Switch has one terminal
block connector of two DC power inputs and one fault alarm.
Top Panel of the industrial switch
11
2.4 LED Indicators
The diagnostic LEDs that provide real-time information of system and optional status are
located on the front panel of the industrial switch. The following table provides the
description of the LED status and their meanings for the switch.
LED
Color
Status
Meaning
On
The switch unit is power on
PWR
Green
Off
No power
On
The industrial switch is the master of X-Ring
group
R.M.
Green
Off
The industrial switch is not a ring master in
X-Ring group
On
Power 1 is active
PWR1
Green
Off
Power 1 is inactive
On
Power 2 is active
PWR2
Green
Off
Power 2 is inactive
On
Power or port failure
FAULT
Red
Off
No failure
On
A network device is detected.
Blinking
The port is transmitting or receiving packets
from the TX device.
Green
(Upper LED)
Off
No device attached
P9, P10
(RJ45)
Green
On
1000M
12
(Lower LED)
Off
10/100M
On
The SFP port is linking
Blinks
The port is transmitting or receiving packets
from the TX device.
Link/Active
(P9, P10
SFP)
Green
Off
No device attached
On
A network device is detected.
Blinking
The port is transmitting or receiving packets
from the TX device.
Green
Off
No device attached
On
The port is operating in full-duplex mode.
Blinking
Collision of Packets occurs.
P1 ~ P8
Amber
Off
The port is in half-duplex mode or no device
is attached.
Green
A powered device is connected utilizing
Power over Ethernet on the port
FWD (P1 ~
P8)
Green
Off
No device is connected or power forwarding
fails
13
Chapter 3 Hardware Installation
In this paragraph, we will describe how to install the 8 10/100TX w/ X-Ring Managed
Industrial Switch and the installation points attended to it.
3.1 Installation Steps
1. Unpack the Industrial switch
2. Check if the DIN-Rail is screwed on the Industrial switch or not. If the DIN-Rail is not
screwed on the Industrial switch, please refer to DIN-Rail Mounting section for DIN-Rail
installation. If users want to wall mount the Industrial switch, please refer to Wall Mount
Plate Mounting section for wall mount plate installation.
3. To hang the Industrial switch on the DIN-Rail track or wall.
4. Power on the Industrial switch. Please refer to the Wiring the Power Inputs section for
knowing the information about how to wire the power. The power LED on the Industrial
switch will light up. Please refer to the LED Indicators section for indication of LED
lights.
5. Prepare the twisted-pair, straight through Category 5 cable for Ethernet connection.
6. Insert one side of RJ45 cable (category 5) into the Industrial switch Ethernet port (RJ45
port) and another side of RJ45 cable (category 5) to the network device’s Ethernet port
(RJ45 port), ex: Switch PC or Server. The UTP port (RJ45) LED on the Industrial switch
will light up when the cable is connected with the network device. Please refer to the
LED Indicators section for LED light indication.
[NOTE]
Make sure that the connected network devices support MDI/MDI-X. If it does not
support, use the crossover category-5 cable.
7. When all connections are set and LED lights all show in normal, the installation is
complete.
14
3.2 DIN-Rail Mounting
The DIN-Rail is screwed on the industrial switch when out of factory. If the DIN-Rail is not
screwed on the industrial switch, please see the following pictures to screw the DIN-Rail on
the switch. Follow the steps below to hang the industrial switch.
Back Side
15
16
1. First, insert the top of DIN-Rail into the track.
2. Then, lightly push the DIN-Rail into the track.
3. Check if the DIN-Rail is tightened on the track or not.
4. To remove the industrial switch from the track, reverse above steps.
17
3.3 Wall Mount Plate Mounting
Follow the steps below to mount the industrial switch with wall mount plate.
1. Remove the DIN-Rail from the industrial switch; loose the screws to remove the DIN-
Rail.
2. Place the wall mount plate on the rear panel of the industrial switch.
3. Use the screws to screw the wall mount plate on the industrial switch.
4. Use the hook holes at the corners of the wall mount plate to hang the industrial switch
on the wall.
5. To remove the wall mount plate, reverse the above steps.
18
3.4 Wiring the Power Inputs
Please follow the steps below to insert the power wire.
1. Insert DC power wires into the contacts 1 and 2 for power 1, or 5 and 6 for power.
2. Tighten the wire-clamp screws for preventing the wires from loosing.
[NOTE]
The wire gauge for the terminal block should be in the range between 12 ~ 24
AWG.
19
3.5 Wiring the Fault Alarm Contact
The fault alarm contacts are in the middle of the terminal block connector as the picture
shows below. Inserting the wires, the switch will detect the fault status of the power failure,
or port link failure (available for managed model) and then forms an open circuit. The
following illustration shows an application example for wiring the fault alarm contacts.
[NOTE]
The wire gauge for the terminal block should be in the range between 12 ~ 24
AWG.
Insert the wires into the fault alarm contacts
20
3.6 Cabling
Use four twisted-pair, Category 5e or above cabling for RJ45 port connection. The
cable between the switch and the link partner (switch, hub, workstation, etc.) must be
less than 100 meters (328 ft.) long.
Fiber segment using single-mode connector type must use 9/125 µm single-mode
fiber cable. User can connect two devices in the distance up to 30km.
Fiber segment using multi-mode connector type must use 50 or 62.5/125 µm multi-
mode fiber cable. User can connect two devices up to 2km distances.
Gigabit Copper/SFP (mini-GBIC) combo port:
The Industrial switch has the auto-detected Giga port—Gigabit Copper/SFP combo ports.
The Gigabit Copper (10/100/1000T) ports should use Category 5e or above UTP/STP cable
for the connection up to 1000Mbps. The small form-factor pluggable (SFP) is a compact
optical transceiver used in optical communications for both telecommunication and data
communications. The SFP slots supporting dual mode can switch the connection speed
between 100 and 1000Mbps. They are used for connecting to the network segment with
single or multi-mode fiber. You can choose the appropriate SFP transceiver to plug into the
slots. Then use proper multi-mode or single-mode fiber according to the transceiver. With
fiber optic, it transmits at speed up to 1000 Mbps and you can prevent noise interference
from the system.
Note
The SFP/Copper Combo port can’t both work at the same time. The SFP port
has the higher priority than copper port; if you insert the 1000M SFP
transceiver (which has connected to the remote device via fiber cable) into the
SFP port, the connection of the accompanying copper port will link down.
If you insert the 100M SFP transceiver into the SFP port even without a fiber
connection to the remote, the connection of the accompanying copper port will
link down immediately.
21
To connect the transceiver and LC cable, please follow the steps shown below:
First, insert the transceiver into the SFP module. Notice that the triangle mark is the bottom
of the module.
Transceiver to the SFP module
Transceiver Inserted
Second, insert the fiber cable of LC connector into the transceiver.
22
LC connector to the transceiver
23
To remove the LC connector from the transceiver, please follow the steps shown below:
First, press the upper side of the LC connector to release from the transceiver and pull it out.
Remove LC connector
Second, push down the metal loop and pull the transceiver out by the plastic handle.
Pull out from the transceiver
24
Chapter 4 Network Application
This chapter provides some sample applications to help user to have more actual idea of
industrial switch function application. A sample application of the industrial switch is as
below:
25
The illustration below shows an example of power over Ethernet application.
26
4.1 X-Ring Application
The industrial switch supports the X-Ring protocol that can help the network system to
recovery from network connection failure within 20ms or less, and make the network system
more reliable. The X-Ring algorithm is similar to spanning tree protocol (STP) algorithm but
its recovery time is faster than STP. The following figure is a sample X-Ring application.
27
4.2 Coupling Ring Application
In the network, it may have more than one X-Ring group. By using the coupling ring function,
it can connect each X-Ring for the redundant backup. It can ensure the transmissions
between two ring groups not to fail. The following figure is a sample of coupling ring
application.
28
4.3 Dual Homing Application
Dual Homing function is to prevent the connection lose from between X-Ring group and
upper level/core switch. Assign two ports to be the Dual Homing port that is backup port in
the X-Ring group. The Dual Homing function only works when the X-Ring function is active.
Each X-Ring group only has one Dual Homing port.
[NOTE] In Dual Homing application architecture, the upper level switches need to enable
the Rapid Spanning Tree protocol.
29
Chapter 5 Console Management
5.1 Connecting to the Console Port
The supplied cable which one end is RS-232 connector and the other end is RJ45
connector. Attach the end of RS-232 connector to PC or terminal and the other end of RJ45
connector to the console port of the switch. The connected terminal or PC must support the
terminal emulation program.
5.2 Pin Assignment
DB9 Connector
RJ45 Connector
NC
1 Orange/White
2
2 Orange
3
3 Green/White
NC
4 Blue
5
5 Blue/White
NC
6 Green
30
NC
7 Brown/White
NC
8 Brown
5.3 Login in the Console Interface
When the connection between Switch and PC is ready, turn on the PC and run a terminal
emulation program or Hyper Terminal and configure its communication parameters to
match the following default characteristics of the console port:
Baud Rate: 9600 bps
Data Bits: 8
Parity: none
Stop Bit: 1
Flow control: None
The settings of communication parameters
31
Having finished the parameter settings, click ‘OK’. When the blank screen shows up, press
Enter key to have the login prompt appears. Key in ‘admin’ (default value) for both User
name and Password (use Enter key to switch), then press Enter and the Main Menu of
console management appears. Please see below figure for login screen.
Console login interface
32
5.4 CLI Management
The system supports the console management—CLI command. After you log in on to the
system, you will see a command prompt. To enter CLI management interface, type in
enable” command.
CLI command interface
The following table lists the CLI commands and description.
5.5 Commands Level
Modes
Access
Method
Prompt
Exit
Method
About This Mode1
User EXEC
Begin a
session with
your switch.
switch>
Enter
logout or
quit.
The user commands
available at the user
level are a subset of
those available at the
privileged level.
Use this mode to
• Perform basic tests.
• Display system
information.
Privileged
EXEC
Enter the
enable
command
while in User
switch#
Enter
disable to
exit.
The privileged
command is the
advanced mode.
Use this mode to
33
EXEC mode.
• Display advanced
function status
• Save configuration
Global
Configuration
Enter the
configure
command
while in
privileged
EXEC mode.
switch
(config)#
To exit to
privileged
EXEC
mode, enter
exit or end
Use this mode to
configure those
parameters that are
going to be applied to
your switch.
VLAN
database
Enter the
vlan
database
command
while in
privileged
EXEC mode.
switch
(vlan)#
To exit to
user EXEC
mode, enter
exit.
Use this mode to
configure VLAN-
specific parameters.
Interface
configuration
Enter the
interface of
fast Ethernet
command
(with a
specific
interface)
while in global
configuration
mode.
switch
(config-if)#
To exit to
global
configuratio
n mode,
enter exit.
To exit to
privileged
EXEC
mode, enter
exit or end.
Use this mode to
configure parameters
for the switch and
Ethernet ports.
34
Chapter 6 Web-Based Management
This section introduces the configuration and functions of the Web-Based management.
6.1 About Web-based Management
There is an embedded HTML web site residing in flash memory on CPU board of the switch,
which offers advanced management features and allows users to manage the switch from
anywhere on the network through a standard browser such as Microsoft Internet Explorer.
The Web-Based Management supports Internet Explorer 6.0 or later version. And, it is
applied for Java Applets for reducing network bandwidth consumption, enhance access
speed and present an easy viewing screen.
6.2 Preparing for Web Management
Before using the web management, install the industrial switch on the network and make
sure that any one of the PCs on the network can connect with the industrial switch through
the web browser. The industrial switch default value of IP, subnet mask, username and
password are listed as below:
IP Address: 192.168.10.1
Subnet Mask: 255.255.255.0
Default Gateway: 192.168.10.254
User Name: admin
Password: admin
35
6.3 System Login
1. Launch the Internet Explorer on the PC
2. Key in “http:// “+” the IP address of the switch”, and then Press “Enter”.
3. The login screen will appear right after
4. Key in the user name and password. The default user name and password are the
same as ‘admin’.
5. Press Enter or click the OK button, and then the home screen of the Web-based
management appears.
Login screen
36
6.4 System Information
User can assign the system name, description, location and contact personnel to identify
the switch. The version table below is a read-only field to show the basic information of the
switch.
System Name: Assign the system name of the switch (The maximum length is 64
bytes)
System Description: Describes the switch.
System Location: Assign the switch physical location (The maximum length is 64
bytes).
System Contact: Enter the name of contact person or organization.
Firmware Version: Displays the switch’s firmware version
Kernel Version: Displays the kernel software version
MAC Address: Displays the unique hardware address assigned by manufacturer
(default)
And then, click .
Switch settings interface
37
6.5 IP Configuration
The switch is a network device which needs to be assigned an IP address for being
identified on the network. Users have to decide a means of assigning IP address to the
switch.
DHCP Client: Enable or disable the DHCP client function. When DHCP client function
is enabled, the switch will be assigned an IP address from the network DHCP server.
The default IP address will be replaced by the assigned IP address on DHCP server.
After the user clicks Apply, a popup dialog shows up to inform the user that when the
DHCP client is enabled, the current IP will lose and user should find the new IP on the
DHCP server.
IP Address: Assign the IP address that the network is using. If DHCP client function is
enabled, this switch is configured as a DHCP client. The network DHCP server will
assign the IP address to the switch and display it in this column. The default IP is
192.168.10.1 or the user has to assign an IP address manually when DHCP Client is
disabled.
Subnet Mask: Assign the subnet mask to the IP address. If DHCP client function is
disabled, the user has to assign the subnet mask in this column field.
Gateway: Assign the network gateway for the switch. If DHCP client function is
disabled, the user has to assign the gateway in this column field. The default gateway
is 192.168.10.254.
DNS1: Assign the primary DNS IP address.
DNS2: Assign the secondary DNS IP address.
And then, click .
38
IP configuration interface
39
6.6 DHCP Server
DHCP is the abbreviation of Dynamic Host Configuration Protocol that is a protocol for
assigning dynamic IP addresses to devices on a network. With dynamic addressing, a
device can have a different IP address every time it connects to the network. In some
systems, the device's IP address can even change while it is still connected. DHCP also
supports a mix of static and dynamic IP addresses. Dynamic addressing simplifies
network administration because the software keeps track of IP addresses rather than
requiring an administrator to manage the task. This means that a new computer can be
added to a network without the hassle of manually assigning it a unique IP address.
The system provides the DHCP server function. Having enabled the DHCP server
function, the switch system will be configured as a DHCP server.
40
6.6.1 System configuration
DHCP Server: Enable or Disable the DHCP Server function. Enable—the switch will
be the DHCP server on your local network.
Low IP Address: Type in an IP address. Low IP address is the beginning of the
dynamic IP range. For example, dynamic IP is in the range between 192.168.10.100
~ 192.168.10.200. In contrast, 192.168.10.100 is the Low IP address.
High IP Address: Type in an IP address. High IP address is the end of the dynamic
IP range. For example, dynamic IP is in the range between 192.168.10.100 ~
192.168.10.200. In contrast, 192.168.10.200 is the High IP address.
Subnet Mask: Type in the subnet mask of the IP configuration.
Gateway: Type in the IP address of the gateway in your network.
DNS: Type in the Domain Name Server IP Address in your network.
Lease Time (sec): It is the time period that system will reset the dynamic IP
assignment to ensure the dynamic IP will not been occupied for a long time or the
server doesn’t know that the dynamic IP is idle.
And then, click .
DHCP Server Configuration interface
41
6.6.2 Client Entries
When the DHCP server function is enabled, the system will collect the DHCP client
information including the assigned IP address, the MAC address of the client device, the
IP assigning type, status and lease time.
DHCP Client Entries interface
42
6.6.3 Port and IP Bindings
Assign the dynamic IP address bound with the port to the connected client. The user is
allowed to fill each port column with one particular IP address. When the device is
connecting to the port and asks for IP assigning, the system will assign the IP address
bound with the port.
Port and IP Bindings interface
43
6.7 TFTP
It provides the functions allowing the user to update the switch firmware via the Trivial
File Transfer Protocol (TFTP) server. Before updating, make sure the TFTP server is
ready and the firmware image is located on the TFTP server.
6.7.1 Update Firmware
TFTP Server IP Address: Type in your TFTP server IP.
Firmware File Name: Type in the name of the firmware image file to be updated.
Click .
Update Firmware interface
44
6.7.2 Restore Configuration
You can restore a previous backup configuration from the TFTP server to recover the
settings. Before doing that, you must locate the image file on the TFTP server first and
the switch will download back the flash image.
TFTP Server IP Address: Type in the TFTP server IP.
Restore File Name: Type in the correct file name for restoring.
Click .
Restore Configuration interface
45
6.7.3 Backup Configuration
You can back up the current configuration from flash ROM to the TFTP server for the
purpose of recovering the configuration later. It helps you to avoid wasting time on
configuring the settings by backing up the configuration.
TFTP Server IP Address: Type in the TFTP server IP.
Backup File Name: Type in the file name.
Click .
Backup Configuration interface
46
6.8 System Event Log
This page allows the user to decide whether to send the system event log, and select the
mode which the system event log will be sent to client only, server only, or both client and
server. What kind of event log will be issued to the client/server depends on the selection on
the Event Configuration tab. There are four types of event—Device Cold Start,
Authentication Failure, X-Ring Topology Change, and Port Event—available to be issued as
the event log.
6.8.1 Syslog Configuration
Syslog Client Mode: Select the system log mode—Client Only, Server Only, or Both.
‘Client Only’ means the system event log will only be sent to this interface of the switch,
but on the other hand ‘Server Only’ means the system log will only be sent to the remote
system log server with its IP assigned. If the mode is set in ‘Both’, the system event log
will be sent to the remote server and this interface.
System Log Server IP Address: When the ‘Syslog Mode’ item is set as Server
Only/Both, the user has to assign the system log server IP address to which the log will
be sent.
Click to refresh the event log displaying area.
Click to clear all the current event logs.
Make sure the selected mode is correct, and click to have the setting take effect.
47
Syslog Configuration interface
48
6.8.2 System Event Log—SMTP Configuration
Simple Mail Transfer Protocol (SMTP) is the standard for email transmissions across the
network. You can configure the SMTP server IP, mail subject, sender, mail account,
password, and the recipient email addresses which the e-mail alert will send to. There
are also five types of event—Device Cold Start, Authentication Failure, X-Ring Topology
Change, and Port Event—available to be issued as the e-mail alert. Besides, this function
provides the authentication mechanism including an authentication step through which
the client effectively logs in to the SMTP server during the process of sending e-mail alert.
Email Alert: With this function being enabled, the user is allowed to configure the
detail settings for sending the e-mail alert to the SMTP server when the events occur.
SMTP Server IP: Assign the mail server IP address (when Email Alert is enabled,
this function will then be available).
Sender: Type in an alias of the switch in complete email address format, e.g.
switch101@123.com, to identify where the e-mail alert comes from.
Authentication: Having ticked this checkbox, the mail account, password and
confirm password column fields will then show up. Configure the email account and
password for authentication when this switch logs in to the SMTP server.
Mail Account: Set up the email account, e.g. johnadmin, to receive the email alert. It
must be an existing email account on the mail server.
Password: Type in the password for the email account.
Confirm Password: Reconfirm the password.
Rcpt e-mail Address 1 ~ 6: You can also fill each of the column fields with up to 6
e-mail accounts to receive the email alert.
Click to have the configuration take effect.
49
SMTP Configuration interface
50
6.8.3 System Event Log—Event Configuration
Having ticked the Syslog/SMTP checkboxes, the event log/email alert will be sent to the
system log server and the SMTP server respectively. Also, Port event log/alert (link up, link
down, and both) can be sent to the system log server/SMTP server respectively by setting
the trigger condition.
System event selection: There are 3 event types—Device Cold Start, Authentication
Failure, and X-ring Topology Change. The checkboxes are not available for ticking
unless the Syslog Client Mode on the Syslog Configuration tab and the E-mail Alert
on the SMTP Configuration tab are enabled first.
Device cold start: When the device executes cold start action, the system will
issue the event log/email alert to the system log/SMTP server respectively.
Authentication Failure: When the SNMP authentication fails, the system will
issue the event log/email alert to the system log/SMTP server respectively.
X-ring topology change: When the X-ring topology has changed, the system will
issue the event log/email alert to the system log/SMTP server respectively.
Port event selection: Also, before the drop-down menu items are available, the
Syslog Client Mode selection item on the Syslog Configuration tab and the E-mail
Alert selection item on the SMTP Configuration tab must be enabled first. Those drop-
down menu items have 3 selections—Link UP, Link Down, and Link UP & Link
Down. Disable means no event will be sent to the system log/SMTP server.
Link UP: The system will only issue a log message when the link-up event of the
port occurs.
Link Down: The system will only issue a log message when the link-down event
of port occurs.
Link UP & Link Down: The system will issue a log message at the time when port
connection is link-up and link-down.
51
Event Configuration interface
52
6.9 Fault Relay Alarm
The Fault Relay Alarm function provides the Power Failure and Port Link Down/Broken
detection. With both power input 1 and power input 2 installed and the check boxes of
power 1/power 2 ticked, the FAULT LED indicator will then be possible to light up when any
one of the power failures occurs. As for the Port Link Down/Broken detection, the FAULT
LED indicator will light up when the port failure occurs; certainly the check box beside the
port must be ticked first. Please refer to the segment of ‘Wiring the Fault Alarm Contact
for the failure detection.
Power Failure: Tick the check box to enable the function of lighting up the FAULT
LED on the panel when power fails.
Port Link Down/Broken: Tick the check box to enable the function of lighting up
FAULT LED on the panel when Ports’ states are link down or broken.
Fault Relay Alarm interface
53
6.10 SNTP Configuration
SNTP (Simple Network Time Protocol) is a simplified version of NTP which is an Internet
protocol used to synchronize the clocks of computers to some time reference. Because time
usually just advances, the time on different node stations will be different. With the
communicating programs running on those devices, it would cause time to jump forward
and back, a non-desirable effect. Therefore, the switch provides comprehensive
mechanisms to access national time and frequency dissemination services, organize the
time-synchronization subnet and the local clock in each participating subnet peer.
Daylight saving time (DST) is the convention of advancing clocks so that afternoons have
more daylight and mornings have less. Typically clocks are adjusted forward one hour near
the start of spring and are adjusted backward in autumn.
SNTP Client: Enable/disable SNTP function to get the time from the SNTP server.
Daylight Saving Time: This is used as a control switch to enable/disable daylight
saving period and daylight saving offset. Users can configure Daylight Saving Period
and Daylight Saving Offset in a certain period time and offset time while there is no
need to enable daylight saving function. Afterwards, users can just set this item as
enable without assign Daylight Saving Period and Daylight Saving Offset again.
UTC Timezone: Universal Time, Coordinated. Set the switch location time zone. The
following table lists the different location time zone for your reference.
Local Time Zone!
Conversion from UTC !
Time at 12:00 UTC!
November Time Zone
- 1 hour
11am
Oscar Time Zone
-2 hours
10 am
ADT - Atlantic Daylight!
-3 hours!
9 am!
AST - Atlantic Standard
-4 hours!
8 am!
54
EDT - Eastern Daylight!
EST - Eastern Standard
CDT - Central Daylight!
-5 hours!
7 am!
CST - Central Standard
MDT - Mountain Daylight!
-6 hours!
6 am!
MST - Mountain
Standard
PDT - Pacific Daylight!
-7 hours!
5 am!
PST - Pacific Standard
ADT - Alaskan Daylight!
-8 hours!
4 am!
ALA - Alaskan Standard!
-9 hours!
3 am!
HAW - Hawaiian
Standard!
-10 hours!
2 am!
Nome, Alaska!
-11 hours!
1 am!
CET - Central European
FWT - French Winter
MET - Middle European
MEWT - Middle
European Winter
SWT - Swedish Winter !
+1 hour!
1 pm!
EET - Eastern
European, USSR Zone 1!
+2 hours!
2 pm!
BT - Baghdad, USSR
Zone 2!
+3 hours!
3 pm!
ZP4 - USSR Zone 3!
+4 hours!
4 pm!
ZP5 - USSR Zone 4!
+5 hours!
5 pm!
55
ZP6 - USSR Zone 5!
+6 hours!
6 pm!
WAST - West Australian
Standard!
+7 hours!
7 pm!
CCT - China Coast,
USSR Zone 7!
+8 hours!
8 pm!
JST - Japan Standard,
USSR Zone 8!
+9 hours!
9 pm!
EAST - East Australian
Standard GST
Guam Standard, USSR
Zone 9 !
+10 hours!
10 pm!
IDLE - International Date
Line
NZST - New Zealand
Standard
NZT - New Zealand !
+12 hours!
Midnight!
SNTP Sever URL: Set the SNTP server IP address. You can assign a local network
time server IP address or an internet time server IP address.
Switch Timer: When the switch has successfully connected to the SNTP server whose
IP address was assigned in the column field of SNTP Server URL, the current
coordinated time is displayed here.
Daylight Saving Period: Set up the Daylight Saving beginning date/time and Daylight
Saving ending date/time. Please key in the value in the format of ‘YYYYMMDD’ and
‘HH:MM’ (leave a space between ‘YYYYMMDD’ and ‘HH:MM’).
YYYYMMDD: an eight-digit year/month/day specification.
HH:MM: a five-digit (including a colon mark) hour/minute specification.
For example, key in ‘20070701 02:00’ and ‘20071104 02:04’ in the two column fields
respectively to represent that DST begins at 2:00 a.m. on March 11, 2007 and ends at
2:00 a.m. on November 4, 2007.
56
Daylight Saving Offset (mins): For non-US and European countries, specify the
amount of time for day light savings. Please key in the valid figure in the range of
minute between 0 and 720, which means you can set the offset up to 12 hours.
Synchronization Interval (secs): The Synchronization Interval is used for sending
synchronizing packets periodically. User can assign range from 64s to 1024s. The
default setting of values is “0” means that you disable the auto synchronizes feature in
SNTP client mode. You can enable the feature when filling the interval range from
64s~1024s.
Click to have the configuration take effect.
SNTP Configuration interface
57
6.11 IP Security
IP security function allows the user to assign 10 specific IP addresses that have permission
to manage the switch through the http and telnet services for the securing switch
management. The purpose of giving the limited IP addresses permission is to allow only the
authorized personnel/device can do the management task on the switch.
IP Security Mode: Having set this selection item in the Enable mode, the Enable
HTTP Server, Enable Telnet Server checkboxes and the ten security IP column fields
will then be available. If not, those items will appear in grey.
Enable HTTP Server: Having ticked this checkbox, the devices whose IP addresses
match any one of the ten IP addresses in the Security IP1 ~ IP10 table will be given the
permission to access this switch via HTTP service.
Enable Telnet Server: Having ticked this checkbox, the devices whose IP addresses
match any one of the ten IP addresses in the Security IP1 ~ IP10 table will be given the
permission to access this switch via telnet service.
Security IP 1 ~ 10: The system allows the user to assign up to 10 specific IP
addresses for access security. Only these 10 IP addresses can access and manage
the switch through the HTTP/Telnet service once IP Security Mode is enabled.
And then, click to have the configuration take effect.
[NOTE]
Remember to execute the “Save Configuration” action, otherwise the new
configuration will lose when the switch powers off.
58
IP Security interface
59
6.12 User Authentication
Change web management login user name and password for the management security
issue.
User name: Type in the new user name (The default is ‘admin’)
Password: Type in the new password (The default is ‘admin’)
Confirm password: Re-type the new password
And then, click
User Authentication interface
60
6.13 Port Statistics
The following chart provides the current statistic information which displays the real-time
packet transfer status for each port. The user might use the information to plan and
implement the network, or check and find the problem when the collision or heavy traffic
occurs.
Port: The port number.
Type: Displays the current speed of connection to the port.
Link: The status of linking—‘Up’ or ‘Down’.
State: It’s set by Port Control. When the state is disabled, the port will not transmit or
receive any packet.
Tx Good Packet: The counts of transmitting good packets via this port.
Tx Bad Packet: The counts of transmitting bad packets (including undersize [less than
64 octets], oversize, CRC Align errors, fragments and jabbers packets) via this port.
Rx Good Packet: The counts of receiving good packets via this port.
Rx Bad Packet: The counts of receiving good packets (including undersize [less than
64 octets], oversize, CRC error, fragments and jabbers) via this port.
Tx Abort Packet: The aborted packet while transmitting.
Packet Collision: The counts of collision packet.
Packet Dropped: The counts of dropped packet.
Rx Bcast Packet: The counts of broadcast packet.
Rx Mcast Packet: The counts of multicast packet.
Click button to clean all counts.
61
Port Statistics interface
62
6.14 Port Control
In Port control you can configure the settings of each port to control the connection
parameters, and the status of each port is listed beneath.
Port: Use the scroll bar and click on the port number to choose the port to be
configured.
State: Current port state. The port can be set to disable or enable mode. If the port
state is set as ‘Disable’, it will not receive or transmit any packet.
Negotiation: Auto and Force. Being set as Auto, the speed and duplex mode are
negotiated automatically. When you set it as Force, you have to set the speed and
duplex mode manually.
Speed: It is available for selecting when the Negotiation column is set as Force. When
the Negotiation column is set as Auto, this column is read-only.
Duplex: It is available for selecting when the Negotiation column is set as Force. When
the Negotiation column is set as Auto, this column is read-only.
Flow Control: Whether or not the receiving node sends feedback to the sending node
is determined by this item. When enabled, once the device exceeds the input data rate
of another device, the receiving device will send a PAUSE frame which halts the
transmission of the sender for a specified period of time. When disabled, the receiving
device will drop the packet if too much to process.
Security: When the Security selection is set as ‘On’, any access from the device which
connects to this port will be blocked unless the MAC address of the device is included
in the static MAC address table. See the segment of MAC Address Table—Static
MAC Addresses.
Click to have the configuration take effect.
63
Port Control interface
64
6.15 Port Trunk
Port trunking is the combination of several ports or network cables to expand the
connection speed beyond the limits of any one single port or network cable. Link
Aggregation Control Protocol (LACP), which is a protocol running on layer 2, provides a
standardized means in accordance with IEEE 802.3ad to bundle several physical ports
together to form a single logical channel. All the ports within the logical channel or so-
called logical aggregator work at the same connection speed and LACP operation
requires full-duplex mode.
6.15.1 Aggregator setting
System Priority: A value which is used to identify the active LACP. The switch with
the lowest value has the highest priority and is selected as the active LACP peer of
the trunk group.
Group ID: There are 13 trunk groups to be selected. Assign the "Group ID" to the
trunk group.
LACP: When enabled, the trunk group is using LACP. A port which joins an LACP
trunk group has to make an agreement with its member ports first. Please notice that
a trunk group, including member ports split between two switches, has to enable the
LACP function of the two switches. When disabled, the trunk group is a static trunk
group. The advantage of having the LACP disabled is that a port joins the trunk
group without any handshaking with its member ports; but member ports won’t know
that they should be aggregated together to form a logic trunk group.
Work ports: This column field allows the user to type in the total number of active
port up to four. With LACP static trunk group, e.g. you assign four ports to be the
members of a trunk group whose work ports column field is set as two; the exceed
ports are standby/redundant ports and can be aggregated if working ports fail. If it is
a static trunk group (non-LACP), the number of work ports must equal the total
number of group member ports.
65
Select the ports to join the trunk group. The system allows a maximum of four ports
to be aggregated in a trunk group. Click and the ports focused in the
right side will be shifted to the left side. To remove unwanted ports, select the ports
and click .
When LACP enabled, you can configure LACP Active/Passive status for each port
on the State Activity tab.
Click .
Use to delete Trunk Group. Select the Group ID and click .
Port Trunk—Aggregator Setting interface (four ports are added to the left field with LACP enabled)
66
6.15.2 Aggregator Information
LACP disabled
Having set up the aggregator setting with LACP disabled, you will see the local static
trunk group information on the tab of Aggregator Information.
Assigning 2 ports to a trunk group with LACP disabled
67
Static Trunking Group information
Group Key: This is a read-only column field that displays the trunk group ID.
Port Member: This is a read-only column field that displays the members of this
static trunk group.
68
LACP enabled
Having set up the aggregator setting with LACP enabled, you will see the trunking group
information between two switches on the tab of Aggregator Information.
Switch 1 configuration
1. Set System Priority of the trunk group. The default is 1.
2. Select a trunk group ID by pull down the drop-down menu bar.
3. Enable LACP.
4. Include the member ports by clicking the button after selecting the port
number and the column field of Work Ports changes automatically.
69
Switch 1 configuration interface
Aggregation Information of Switch 1
5. Click on the tab of Aggregator Information to check the trunked group information
as the illustration shown above after the two switches configured.
70
Switch 2 configuration
Switch 2 configuration interface
1. Set System Priority of the trunk group. The default is 1.
2. Select a trunk group ID by pull down the drop-down menu bar.
3. Enable LACP.
4. Include the member ports by clicking the button after selecting the port
number and the column field of Work Ports changes automatically.
71
Aggregation Information of Switch 2
5. Click on the tab of Aggregator Information to check the trunked group information
as the illustration shown above after the two switches configured.
72
6.15.3 State Activity
Having set up the LACP aggregator on the tab of Aggregator Setting, you can configure the
state activity for the members of the LACP trunk group. You can tick or cancel the checkbox
beside the state label. When you remove the tick mark of the port and click , the
port state activity will change to Passive.
Active: The port automatically sends LACP protocol packets.
Passive: The port does not automatically send LACP protocol packets, and responds
only if it receives LACP protocol packets from the opposite device.
[NOTE]
A link having two passive LACP nodes will not perform dynamic LACP
trunk because both ports are waiting for an LACP protocol packet from
the opposite device.
State Activity of Switch 1
73
State Activity of Switch 2
74
6.16 Port Mirroring
The Port mirroring is a method for monitor traffic in switched networks. Traffic through ports
can be monitored by one specific port, which means traffic goes in or out monitored (source)
ports will be duplicated into mirror (destination) port.
Destination Port: There is only one port can be selected to be destination (mirror) port
for monitoring both RX and TX traffic which come from source port. Or, use one of two
ports for monitoring RX traffic only and the other one for TX traffic only. User can
connect mirror port to LAN analyzer or Netxray.
Source Port: The ports that user wants to monitor. All monitored port traffic will be
copied to mirror (destination) port. User can select multiple source ports by checking
the RX or TX check boxes to be monitored.
And then, click button.
Port Trunk – Port Mirroring interface
75
6.17 Rate Limiting
You can set up every port’s bandwidth rate and frame limitation type.
Ingress Limit Frame type: select the frame type that wants to filter. There are four
frame types for selecting:
All
Broadcast/Multicast/Flooded Unicast
Broadcast/Multicast
Broadcast only
Broadcast/Multicast/Flooded Unicast, Broadcast/Multicast and Bbroadcast only
types are only for ingress frames. The egress rate only supports All type.
Rate Limiting interface
All the ports support port ingress and egress rate control. For example, assume port 1
76
is 10Mbps, users can set it’s effective egress rate is 1Mbps, ingress rate is 500Kbps.
The switch performs the ingress rate by packet counter to meet the specified rate
Ingress: Enter the port effective ingress rate (The default value is “0”).
Egress: Enter the port effective egress rate (The default value is “0”).
And then, click to apply the settings
77
6.18 VLAN configuration
A Virtual LAN (VLAN) is a logical network grouping that limits the broadcast domain,
which would allow you to isolate network traffic, so only the members of the same VLAN
will receive traffic from the ones of the same VLAN. Basically, creating a VLAN on a
switch is logically equivalent of reconnecting a group of network devices to another Layer
2 switch. However, all the network devices are still plugged into the same switch
physically.
This switch supports Port-based and 802.1Q (tagged-based) VLAN. The default
configuration of VLAN operation mode is “Disable”.
VLAN Configuration interface
78
6.18.1 Port-based VLAN
A port-based VLAN basically consists of its members—ports, which means the VLAN is
created by grouping the selected ports. This method provides the convenience for users
to configure a simple VLAN easily without complicated steps. Packets can go among only
members of the same VLAN group. Note all unselected ports are treated as belonging to
another single VLAN. If the port-based VLAN enabled, the VLAN-tagging is ignored. The
port-based VLAN function allows the user to create separate VLANs to limit the
unnecessary packet flooding; however, for the purpose of sharing resource, a single port
called a common port can belongs to different VLANs, which all the member devices
(ports) in different VLANs have the permission to access the common port while they still
cannot communicate with each other in different VLANs.
VLAN – Port Based interface
79
Pull down the selection item and focus on Port Based then press to set the
VLAN Operation Mode in Port Based mode.
Click to add a new VLAN group (The maximum VLAN groups are up to 64).
VLAN—Port Based Add interface
Enter the group name and VLAN ID. Add the selected port number into the right field
to group these members to be a VLAN group, or remove any of them listed in the
right field from the VLAN.
And then, click to have the configuration take effect.
80
You will see the VLAN list displays.
VLAN—Port Based Edit/Delete interface
Use to delete the VLAN.
Use to modify group name, VLAN ID, or add/remove the members of the
existing VLAN group.
[NOTE]
Remember to execute the “Save Configuration” action, otherwise the new
configuration will lose when switch power off.
81
6.18.2 802.1Q VLAN
Virtual Local Area Network (VLAN) can be implemented on the switch to logically create
different broadcast domain.
When the 802.1Q VLAN function is enabled, all ports on the switch belong to default
VLAN of VID 1, which means they logically are regarded as members of the same
broadcast domain. The valid VLAN ID is in the range of number between 1 and 4094.
The amount of VLAN groups is up to 256 including default VLAN that cannot be deleted.
Each member port of 802.1Q is on either an Access Link (VLAN-tagged) or a Trunk Link
(no VLAN-tagged). All frames on an Access Link carry no VLAN identification.
Conversely, all frames on a Trunk Link are VLAN-tagged. Besides, there is the third
mode—Hybrid. A Hybrid Link can carry both VLAN-tagged frames and untagged frames.
A single port is supposed to belong to one VLAN group, except it is on a Trunk/Hybrid
Link.
The technique of 802.1Q tagging inserts a 4-byte tag, including VLAN ID of the
destination port—PVID, in the frame. With the combination of Access/Trunk/Hybrid Links,
the communication across switches also can make the packet sent through tagged and
untagged ports.
82
802.1Q Configuration
Pull down the selection item and focus on 802.1Q then press to set the VLAN
Operation Mode in 802.1Q mode.
Enable GVRP Protocol: GVRP (GARP VLAN Registration Protocol) is a protocol that
facilitates control of virtual local area networks (VLANs) within a larger network. GVRP
conforms to the IEEE 802.1Q specification, which defines a method of tagging frames
with VLAN configuration data. This allows network devices to dynamically exchange
VLAN configuration information with other devices. For example, having enabled
GVRP on two switches, they are able to automatically exchange the information of their
VLAN database. Therefore, the user doesn’t need to manually configure whether the
link is trunk or hybrid, the packets belonging to the same VLAN can communicate
across switches. Tick this checkbox to enable GVRP protocol. This checkbox is
available while the VLAN Operation Mode is in 802.1Q mode.
Management VLAN ID: Only when the VLAN members, whose Untagged VID (PVID)
equals to the value in this column, will have the permission to access the switch. The
default value is ‘0’ that means this limit is not enabled (all members in different VLANs
can access this switch).
Select the port you want to configure.
Link Type: There are 3 types of link type.
Access Link: A segment which provides the link path for one or more stations to
the VLAN-aware device. An Access Port (untagged port), connected to the access
link, has an untagged VID (also called PVID). After an untagged frame gets into
the access port, the switch will insert a four-byte tag in the frame. The contents of
the last 12-bit of the tag is untagged VID. When this frame is sent out through any
of the access port of the same PVID, the switch will remove the tag from the frame
to recover it to what it was. Those ports of the same untagged VID are regarded as
the same VLAN group members.
Note: Because the access port doesn’t have an understanding of tagged frame, the column
field of Tagged VID is not available.
83
Trunk Link: A segment which provides the link path for one or more VLAN-aware
devices (switches). A Trunk Port, connected to the trunk link, has an
understanding of tagged frame, which is used for the communication among
VLANs across switches. Which frames of the specified VIDs will be forwarded
depends on the values filled in the Tagged VID column field. Please insert a
comma between two VIDs.
Note:
1. A trunk port doesn’t insert tag into an untagged frame, and therefore the untagged VID
column field is not available.
2. It’s not necessary to type ‘1’ in the tagged VID. The trunk port will forward the frames of
VLAN 1.
3. The trunk port has to be connected to a trunk/hybrid port of the other switch. Both the
tagged VID of the two ports have to be the same.
Hybrid Link: A segment which consists of Access and Trunk links. The hybrid port
has both the features of access and trunk ports. A hybrid port has a PVID
belonging to a particular VLAN, and it also forwards the specified tagged-frames
for the purpose of VLAN communication across switches.
Note:
1. It’s not necessary to type ‘1’ in the tagged VID. The hybrid port will forward the frames
of VLAN 1.
2. The trunk port has to be connected to a trunk/hybrid port of the other switch. Both the
tagged VID of the two ports have to be the same.
Untagged VID: This column field is available when Link Type is set as Access Link
and Hybrid Link. Assign a number in the range between 1 an 4094.
Tagged VID: This column field is available when Link Type is set as Trunk Link and
Hybrid Link. Assign a number in the range between 1 an 4094.
Click to have the configuration take effect.
You can see the link type, untagged VID, and tagged VID information of each port in
the table below on the screen.
84
802.1Q VLAN interface
Group Configuration
Edit the existing VLAN Group.
Select the VLAN group in the table list.
Click .
85
Group Configuration interface
You can modify the VLAN group name and VLAN ID.
Group Configuration interface
Click .
86
6.19 Rapid Spanning Tree
The Rapid Spanning Tree Protocol (RSTP) is an evolution of the Spanning Tree Protocol
and provides for faster spanning tree convergence after a topology change. The system
also supports STP and the system will auto-detect the connected device that is running
STP or RSTP protocol.
6.19.1 RSTP System Configuration
The user can view spanning tree information of Root Bridge.
The user can modify RSTP state. After modification, click .
RSTP mode: The user must enable the RSTP function first before configuring the
related parameters.
Priority (0-61440): The switch with the lowest value has the highest priority and is
selected as the root. If the value is changed, the user must reboot the switch. The
value must be a multiple of 4096 according to the protocol standard rule.
Max Age (6-40): The number of seconds a switch waits without receiving
Spanning-tree Protocol configuration messages before attempting a
reconfiguration. Enter a value between 6 through 40.
Hello Time (1-10): The time that controls the switch to send out the BPDU packet
to check RSTP current status. Enter a value between 1 through 10.
Forward Delay Time (4-30): The number of seconds a port waits before changing
from its Rapid Spanning-Tree Protocol learning and listening states to the
forwarding state. Enter a value between 4 through 30.
[NOTE]
Follow the rule as below to configure the MAX Age, Hello Time, and Forward
Delay Time.
2 x (Forward Delay Time value –1) > = Max Age value >= 2 x (Hello Time
value +1)
87
RSTP System Configuration interface
88
6.19.2 Port Configuration
This web page provides the port configuration interface for RSTP. You can assign higher or
lower priority to each port. Rapid spanning tree will have the port with the higher priority in
forwarding state and block other ports to make certain that there is no loop in the LAN.
Select the port in the port column field.
Path Cost: The cost of the path to the other bridge from this transmitting bridge at the
specified port. Enter a number 1 through 200,000,000.
Priority: Decide which port should be blocked by setting its priority as the lowest. Enter
a number between 0 and 240. The value of priority must be the multiple of 16.
Admin P2P: The rapid state transitions possible within RSTP are dependent upon
whether the port concerned can only be connected to exactly another bridge (i.e. it is
served by a point-to-point LAN segment), or can be connected to two or more bridges
(i.e. it is served by a shared medium LAN segment). This function allows the P2P
status of the link to be manipulated administratively. True means the port is regarded
as a point-to-point link. False means the port is regarded as a shared link. Auto means
the link type is determined by the auto-negotiation between the two peers.
Admin Edge: The port directly connected to end stations won’t create bridging loop in
the network. To configure the port as an edge port, set the port to “True” status.
Admin Non Stp: The port includes the STP mathematic calculation. True is not
including STP mathematic calculation. False is including the STP mathematic
calculation.
Click .
89
RSTP Port Configuration interface
90
6.20 SNMP Configuration
Simple Network Management Protocol (SNMP) is the protocol developed to manage nodes
(servers, workstations, routers, switches and hubs etc.) on an IP network. SNMP enables
network administrators to manage network performance, find and solve network problems,
and plan for network growth. Network management systems learn of problems by receiving
traps or change notices from network devices implementing SNMP.
6.20.1 System Configuration
Community Strings
Here you can define the new community string set and remove the unwanted community
string.
String: Fill the name string.
RO: Read only. Enables requests accompanied by this community string to display
MIB-object information.
RW: Read/write. Enables requests accompanied by this community string to
display MIB-object information and to set MIB objects.
Click .
To remove the community string, select the community string that you defined
before and click . The strings of Public_RO and Private_RW are default
strings. You can remove them but after resetting the switch to default, the two
strings show up again.
Agent Mode: Select the SNMP version that you want to use it. And then click
to switch to the selected SNMP version mode.
91
SNMP System Configuration interface
92
6.20.2 Trap Configuration
A trap manager is a management station that receives the trap messages generated by the
switch. If no trap manager is defined, no traps will be issued. To define a management
station as a trap manager, assign an IP address, enter the SNMP community strings, and
select the SNMP trap version.
IP Address: Enter the IP address of the trap manager.
Community: Enter the community string for the trap station.
Trap Version: Select the SNMP trap version type—v1 or v2c.
Click .
To remove the community string, select the community string listed in the current
managers field and click .
Trap Managers interface
93
6.20.3 SNMPV3 Configuration
Configure the SNMP V3 function.
Context Table
Configure SNMP v3 context table. Assign the context name of context table. Click
to add context name.
User Table
Configure SNMP v3 user table..
User ID: set up the user name.
Authentication Password: set up the authentication password.
Privacy Password: set up the private password.
Click to add context name.
Click to remove unwanted context name.
Group Table
Configure SNMP v3 group table.
Security Name (User ID): assign the user name that you have set up in user table.
Group Name: set up the group name.
Click to add context name.
Click to remove unwanted context name.
Loading...