Comnet CWGE24MS2 User Manual

INSTALLATION AND OPERATION MANUAL

CWGE24MS2

COMMERCIAL GRADE MANAGED LAYER 2+ ETHERNET SWITCH
WITH 20 × 100/1000BASE-FX + 4 × GIGABIT COMBO PORTS

v1.0 November 29, 2016

The ComNet CWGE24MS2 has twenty 100/1000Base-FX SFP ports and four Gigabit
combo ports that allow for TX or FX transmission. All SFP ports utilize ComNet SFP
modules for fiber, connector type and distance. The IEEE802.3-compliant unit offers
multiple Ethernet redundancy protocols (ERPS G.8032 and MSTP/RSTP/STP) which
protect your applications from network interruptions or temporary malfunctions by
redirecting transmission within the network. The CWGE24MS2 implements complete
Layer 2 to Layer 4 ACLs to restrict access to your sensitive network resources by filtering
specific packets based on TCP/UDP ports, source and destination IP addresses or
particular network devices. Furthermore, DHCP snooping, TACACS+, ARP, IEEE 802.1X
and Port Security provide additional tools to manage access and levels of use of the
network. These defence mechanisms of the CWGE24MS2 along with advanced DoS
auto prevention deliver robust network security and enables network administrators
to offer more stable services on a more secure network.

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Contents

Regulatory Compliance Statement 5

Warranty 5

Disclaimer 5

Safety Indications 5

Copyright 5

FCC Warning 6

CE 6

Overview 7

Introduction 7

Software Features 8

Hardware Features 10

Hardware Overview 11

Front Panel 11

Installation 13

Desktop Installation 13

Mounting on a Rack 13

Getting Connected 13

Powering On the Unit 13

Installing the SFP modules and Fiber Cable 14

Connecting a Copper Cable 14

Connecting to the Console 15

Connecting to Computer or a LAN 15

LED Indicators 16

GUI Login 22

System Information 23

Basic Settings 25

TECH SUPPORT: 1.888.678.9427

General Settings 25

MAC Management 38

CLI Configuration 45

INS_CWGE24MS2_REV–

10/05/16 PAGE 2

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Advanced Settings 53

Bandwidth Control 53

DHCPv6 70

IGMP Snooping 72

VLAN 94

DHCP Option 122

Dual Homing 133

ERPS 136

Link Aggregation 143

Link Layer Discovery Protocol (LLDP) 151

Loop Detection 155

PPPoE IA 159

Static Route 168

ST P 173

UDLD 195

Security 200

IP Source Guard 200

ACL 218

802 .1x 224

Port Security 233

TACACS+ 236

Monitor 241

Alarm 241

Hardware Information 242

Port Statistics 243

Port Utilization 244

TECH SUPPORT: 1.888.678.9427

RMON Statistics 245

SFP Information 247

Traffic Monitor 249

INS_CWGE24MS2_REV–

10/05/16 PAGE 3

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Management 252

SNMP 252

Auto Provision 263

Mail Alarm 266

Maintenance 270

System log 276

User Account 278

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 4

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Regulatory Compliance Statement

Product(s) associated with this publication complies/comply with all applicable regulations. Please
refer to the Technical Specifications section for more details.

Warranty

ComNet warrants that all ComNet products are free from defects in material and workmanship for
a specified warranty period from the invoice date. ComNet will repair or replace products found
by ComNet to be defective within this warranty period. This warranty does not cover product
modifications or repairs done by persons other than ComNet-approved personnel, and this
warranty does not apply to ComNet products that are misused, abused, improperly installed, or
damaged by accidents.

Please refer to the Technical Specifications section for the actual warranty period(s) of the
product(s) associated with this publication.

Disclaimer

Information in this publication is intended to be accurate. ComNet shall not be responsible for its
use or infringements on third-parties as a result of its use. There may occasionally be unintentional
errors on this publication. ComNet reserves the right to revise the contents of this publication
without notice.

Safety Indications

» The equipment can only be accessed by trained ComNet service personnel.

» This equipment should be installed in secured location.

Copyright

All rights reserved. No part of this publication may be reproduced, stored in a retrieval system,
or transmitted in any form or by any means, whether electronic, mechanical, photo copying,
recording or otherwise, without the prior written permission of the publisher.

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 5

INSTALLATION AND OPERATION MANUAL CWGE24MS2

FCC Warning

This equipment has been tested and found to comply with the limits for a class A device, pursuant
to part 15 of FCC rules. These limits are designed to provide reasonable protection against
harmful interference in a commercial installation. This equipment generates uses and can radiate
radio frequency energy and, if not installed and used in accordance with the instructions, may
cause harmful interference to radio communication. Operation of this equipment in a residential
area is likely to cause harmful interference, in which case, the user will be required to correct the
interference at the user’s own expense.

CE

This is a Class A product. In a domestic environment, this product may cause radio interference in
which case the user may be required to take adequate measures.

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 6

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Overview

Introduction

The ComNet CWGE24MS2 has twenty 100/1000Base-FX SFP ports and four Gigabit combo
ports that allow for TX or FX transmission. All SFP ports utilize ComNet SFP modules for fiber,
connector type and distance. The IEEE802.3-compliant unit offers multiple Ethernet redundancy
protocols (ERPS G.8032 and MSTP/RSTP/STP) which protect your applications from network
interruptions or temporary malfunctions by redirecting transmission within the network. The
CWGE24MS2 implements complete Layer 2 to Layer 4 ACLs to restrict access to your sensitive
network resources by filtering specific packets based on TCP/UDP ports, source and destination
IP addresses or particular network devices. Furthermore, DHCP snooping, TACACS+, ARP,
IEEE 802.1X and Port Security provide additional tools to manage access and levels of use of
the network. These defence mechanisms of the CWGE24MS2 along with advanced DoS auto
prevention deliver robust network security and enables network administrators to offer more
stable services on a more secure network.

In this guide, the term “Switch” (first letter upper case) refers to the CWGE24MS2 Switch, and
“switch” (first letter lower case) refers to other switches.

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 7

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Software Features

Network Functions

» Port-based Mirroring

» GARP/GVRP Support

» 4K Active VLAN

» IGMP Snooping v1/v2/v3

» IGMP Querier

» MVR

» DHCP Relay/Option 82

» Dual Homing

» Link Aggregation

» Link Layer Discovery Protocol

» Loop Detection, Auto Recovery Timer

» STP/RSTP/MSTP

» ERPS (G8032v2)

» SFP DDMI Support

» RMON Statistics

» Static Route

» Network Security

» Access Control List (L2/L3/L4)

» MAC Limitation

» Port Security

» 802.1x Port Authentication

» TACACS+

» Traffic management & QoS

» Port Priority

» Rate Limitation

» Storm Control

» Port Isolation

» 802.1Q Tag-based VLAN

» Auto MDI/MDI-X

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 8

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Network Management

» Command Line Interface, Telnet

» Web GUI

» SNMP v1/v2c/v3

» Management VLAN

» Auto Provisioning

» System log

» Firmware Upgradable

» Configuration Upload/Download

» LED, SNMP trap, and email alarm

Specifications

» IEEE 802.3 10Base-T

» IEEE 802.3u 100Base-TX/FX

» IEEE 802.3ab 1000Base-T

» IEEE 802.3z 1000Base-SX/LX

» IEEE 802.3x Flow Control

» IEEE 802.1d Spanning Tree Protocol

» IEEE 802.1w Rapid Spanning Tree Protocol

» IEEE 802.1s Multiple Spanning Tree Protocol

» IEEE 802.1q VLAN Tagging

» IEEE 802.1p Class of Service

» IEEE 802.1x Port Authentication

» IEEE 802.1ab Link Layer Discovery Protocol

» IEEE 802.3ad Port Trunk with LACP

» ITU-T G8032v2 Ethernet Ring Protection Switching

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 9

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Hardware Features

Performance

» Switching fabric 48 Gbps

» L2 forwarding 35.7 Mpps

» MAC Entries 16 K

» Jumbo frame 10 K

Ports

» 20-slot 100FX/Gigabit SFP

» 4 × Gigabit Combo (10/100/1000 RJ-45 or 100FX/GbE SFP)

» 1 × DB-9 console

Maximum Distances

» RJ-45 up to 100 m

» SC/SFP up to 120 km

» Console 15 m

Mechanical & Environmental

» Operating temperature 0°C to 50°C

» Storage temperature -20°C to 70°C

» Operating humidity 10% to 90% RH

» Storage humidity 5% to 95% RH

Power

» Front access AC power 100-240 V, 50~60Hz

» 12V DC battery back-up

» Power consumption Max. 25 W (System)

Dimensions & Weight

» Dimensions (WxHxD) 440 × 44 × 284mm, 19” rack-mountable

» Weight 3.7 kg

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 10

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Hardware Overview

Front Panel

The following table describes the labels that are affixed to the CWGE24MS.

Port Description

SFP ports 20 × 100BaseX

Giga Ethernet Port 4 × Gigabit Combo (10/100/1000 RJ-45 or 100FX/GbE SFP)

Console Use RS-232 with DB9 connecter to manage switch.

1 642 53

2

CWGE24MS Front Panel

1. Power Connector

2. LEDs for Post, Power, Alarm; Speed/Link/Activity for 24 SFP ports

3. 100/1000Base-X Fiber port on SFP

4. LED for Ethernet ports 1000Mbps Speed/Link/Activity status

5. 10/100/1000Base-T(X) Ethernet port and 100/1000Base-X SFP (combo port)

6. Console port (DB9)

Connectors

The Switch utilizes ports with copper and SFP fiber port connectors functioning under Fast
Ethernet/Gigabit Ethernet standards.

100FX/1000Base-SX/LX SFP Ports

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 11

INSTALLATION AND OPERATION MANUAL CWGE24MS2

The 100/1000Base-SX/LX (SFP) ports support network speeds of 100Mbps or 1000Mbps, and is
designed to house 100Mbps/Gigabit SFP modules.

Gigabit Combo

There are four Gigabit Combo ports on the CWGE24MS2. Combo ports have both an RJ-45
interface and an SFP slot, of which one can be in use at any one time. The RJ-45 ports operate at
10/100/1000 Mbps, while the SFP ports are capable of operating at 100Mbps or 1000 Mbps.

The Gigabit copper ports have the same number as its corresponding SFP slot. This means that
once an SFP slot is connected, the correspondingly numbered RJ-45 port (21, 22, 23 or 24) will not
function

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 12

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Installation

The location chosen for installing the Switch may affect its performance. When selecting a site, we
recommend considering the following rules:

Install the Switch in an appropriate place. See Technical Specifications for the acceptable
temperature and humidity ranges.

Install the Switch in a location that is not affected by strong electromagnetic field generators (such
as motors), vibration, dust, and direct sunlight.

Leave at least 10cm of space at the front and rear of the unit for ventilation.

Desktop Installation

Follow the instructions listed below to install the Switch in a desktop location.

Locate the Switch in a clean, flat and safe position that has convenient access to AC power.

Affix the four self-adhesive rubber pads to the underside of the Switch.

Apply AC power to the Switch (The green PWR LED on the front panel should light up).

Connect cables from the network partner devices to the ports on the front panel (The green LNK
LED on the upper right of the port should light).

Warning: Because invisible laser radiation may be emitted from the aperture of the port when no
cable is connected, avoid exposure to laser radiation and do not stare into open apertures.

Mounting on a Rack

Attach brackets to each side of the switch and place the brackets in the rack’s slots. Insert and
tighten screws to securely attach the bracket to the rack on each side.

Getting Connected

The Switch is capable of connecting up to 24 network devices in fiber connection at Fast Ethernet,
or Gigabit Ethernet speeds.

Powering On the Unit

INS_CWGE24MS2_REV–

TECH SUPPORT: 1.888.678.9427

10/05/16 PAGE 13

INSTALLATION AND OPERATION MANUAL CWGE24MS2

The Switch uses an AC power supply 100~240VAC, 50~60 Hz. The Switch’s power supply
automatically self-adjusts to the local power source and may be powered on without having any or
all LAN segment cables connected.

» Insert the power cable plug directly into the receptacle located at the front of the device.

» Plug the power adapter into an available socket.

Note: For international use, you may need to change the AC power adapter cord. You must use
a power cord set that has been approved for the receptacle type and electrical current in your
country.

» Check the front-panel LEDs as the device is powered on to verify that the Power LED is lit. If

not, check that the power cable is correctly and securely plugged in.

Installing the SFP modules and Fiber Cable

» Slide the selected SFP module into the selected SFP slot (Make sure the SFP module is aligned

correctly with the inside of the slot)

» Insert and slide the module into the SFP slot until it clicks into place

» Remove any rubber plugs that may be present in the SFP module’s mouth

» Align the fiber cable’s connector with the SFP module’s mouth and insert the connector

» Slide the connector in until a click is heard

» If you want to pull the connector out, first push down the release clip on top of the connector

to release the connector from the SFP module.

To properly connect fiber cabling: Check that the fiber terminators are clean. You can clean
the cable plugs by wiping them gently with a clean tissue or cotton ball moistened with a little
ethanol. Dirty fiber terminators on fiber optic cables will impair the quality of the light transmitted
through the cable and lead to degraded performance on the port.

Note: When inserting the cable, be sure the tab on the plug clicks into position to ensure that it is
properly seated.

Check the corresponding port LED on the Switch to be sure that the connection is valid. (Refer to
the LED chart).

Connecting a Copper Cable

INS_CWGE24MS2_REV–

TECH SUPPORT: 1.888.678.9427

10/05/16 PAGE 14

INSTALLATION AND OPERATION MANUAL CWGE24MS2

The RJ-45 Ethernet port fully supports auto-sensing and auto-negotiation.

» Insert one end of a Category 3/4/5/5e (see recommendation above) type twisted-pair cable

into an available RJ-45 port on the Switch and the other end into the port of the network node.

» Check the corresponding port LED on the Switch to ensure that the connection is valid. (Refer

to LED chart)

Connecting to the Console

The console port (DB-9) provides the out-of-band management facility. Use null modem cable to
connect the console port on the Switch and the other end into the COM port of the computer.

Connecting to Computer or a LAN

You can use Ethernet cable to connect computers directly to the switch ports. You can also
connect hubs/switches to the switch ports by Ethernet cables. You can use either the crossover or
straight-through Ethernet cable to connect computers, hubs, or switches.

Notice: Use a twisted-pair Cat5e Ethernet cable to connect the 1000BASE-T port otherwise the
link speed will not be able to reach 1Gbps.

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 15

INSTALLATION AND OPERATION MANUAL CWGE24MS2

LED Indicators

This Switch is equipped with Unit LEDs to enable you to determine the status of the Switch, as well
as Port LEDs to display what is happening in all your connections. They are as follows:

Unit LEDs

LED Condition Status

POWER
(Green)

POST
(Green)

ALARM
(Red)

LNK/ACT (Dual Color)
(for 1~20th Fiber ports)

LNK (Green)
(for 21~24th Fiber ports)

ACT (Green)
(for 21~24th Fiber ports)

LNK/ACT (Green)
(for 21~24th Copper ports)

Illuminated Power on

Off Power off or fail

Illuminated Switch is ready and running ok

Blinking Switch is booting

Off Switch is not ready or failed

Illuminated

Alarm for over threshold of system temperature, fan
speed or voltage

Off Switch is in normal condition

Green on 1000Mbps Ethernet link-up

Amber on 100Mbps Ethernet link-up

Blinking Receiving or transmitting data

Off Port disconnected or link failed

Illuminated Link-up

Off Port disconnected or link failed

Blinking Receiving or transmitting data

Illuminated Link-up

Blinking Receiving or transmitting data

Off Port disconnected or link failed

1000 (Green)
(for 21~24th copper ports)

TECH SUPPORT: 1.888.678.9427

Illuminated 1000Mbps

Off 10/100Mbp

INS_CWGE24MS2_REV–

10/05/16 PAGE 16

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Management Options

This system may be managed out-of-band through the console port on the front panel or in-band by
using Telnet. The user may also choose web-based management, accessible through a Web browser.

Web-based Management Interface

After you have successfully installed the Switch, you can configure the Switch, monitor the LED
panel, and display statistics graphically using a Web browser.

SNMP-based Management

You can manage the Switch with SNMP Manager Software. The SNMP agent decodes the
incoming SNMP messages and responds to requests with MIB objects stored in the database. The
SNMP agent updates the MIB objects to generate statistics and counters.

Configuring the Switch via Console Port

Prior to accessing the switch’s onboard agent via a network connection, you must first configure
by giving a valid IP address, subnet mask, and default gateway, using an out-of-band connection
or the BOOTP protocol.

After configuring the Switch’s IP parameters, you can access the onboard configuration program
from anywhere within the attached network or via internet. The onboard configuration program
can be accessed by using Telnet from any computer attached to the network. It can also be
managed with any computer using a Web browser.

Access the Switch via a terminal emulator (such as Putty, HyperTerminal, Tera Term…) attached
to the console port. The console port is set at the factory with the following default COM port
properties. Configure your own terminal to match the following:

Use terminal emulation software with the following settings:

Default Settings for the Console Port

Setting Default Value

Terminal Emulation VT100

Baud Rate 38400

Parity None

Number of Data Bits 8

Number of Stop Bits 1

Flow Control None

Press [ENTER] to open the login screen.

Setting Default Value

Default Username admin

Default Password admin

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 17

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Note: Ensure that the terminal or PC you are using to make this connection is configured to
match the above settings. Otherwise the connection will not work.

Then press [ENTER] to open the login screen with the “Default Value” for Username and Password
as “admin”.

Management by Telnet

Activate your workstation’s command prompt program and access your Switch via the Internet
by typing in the correct IP address (factory default IP address is 192.168.10.1 - connect directly via
console port to configure a unique IP address). Your command prompt program will allow use of
the Telnet protocol.

Connect your computer to one of the Ethernet ports.

Open a Telnet session to the Switch’s IP address. If this is your first login, use the default values.

Setting Default Value

IP Address 192.168.10.1

Subnet Mask 255.255.255.0

Default Gateway 0.0.0.0

Management VLAN 1

Default Username admin

Default Password admin

Make sure your computer IP address is in the same subnet, unless you are accessing the Switch
through one or more routers.

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 18

INSTALLATION AND OPERATION MANUAL CWGE24MS2

How to enter the CLI

Press [Enter] key to enter the login command prompt when below message is displayed on the
screen.

Please press Enter to activate this console

Input “admin” to enter the CLI mode when below message is displayed on the screen.

CWGE24MS2 login:

You can execute a few limited commands when CLI prompt is displayed as below.

CWGE24MS2>

If you want to execute more powerful commands, you must enter the privileged mode.

Input command “enable”

CWGE24MS2>enable

Input a valid username and password when below prompt are displayed.

user:admin

password:admin

CWGE24MS2#

CLI command concept

Node Command Description

enable show hostname This command displays the system’s network name.

configure reboot This command reboots the system.

eth0 ip address A.B.C.D/M This command configures a static IP and subnet

mask for the system.

interface show This command displays the current port

configurations.

acl show This command displays the current access control

profile.

vlan show This command displays the current VLAN

configurations.

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 19

INSTALLATION AND OPERATION MANUAL CWGE24MS2

The Node type:

» enable

» Its command prompt is “CWGE24MS2#”.

» It means these commands can be executed in this command prompt.

configure

Its command prompt is “CWGE24MS2(config)#”.

It means these commands can be executed in this command prompt.

In Enable code, executing command “configure terminal” enter the configure node.

CWGE24MS2# configure terminal

eth0

Its command prompt is “CWGE24MS2(config-if)#”.

It means these commands can be executed in this command prompt.

In Configure code, executing command “interface eth0” enter the eth0 interface node.

CWGE24MS2(config)#interface eth0

CWGE24MS2(config-if)#

interface

Its command prompt is “CWGE24MS2(config-if)#”.

It means these commands can be executed in this command prompt.

In Configure code, executing command “interface gigaethernet1/0/5” enter the interface port 5 node.

Or

In Configure code, executing command “interface fastethernet1/0/5” enter the interface port 5 node.

Note: dependent on your port speed, gigaethernet1/0/5 for gigabit Ethernet ports and

fastethernet1/0/5 for fast Ethernet ports.

CWGE24MS2(config)#interface gigaethernet1/0/5

CWGE24MS2(config-if)#

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 20

INSTALLATION AND OPERATION MANUAL CWGE24MS2

vlan

Its command prompt is “CWGE24MS2(config-vlan)#”.

It means these commands can be executed in this command prompt.

In Configure code, executing command “vlan 2” enter the vlan 2 node.

Note: where the “2” is the vlan ID.

CWGE24MS2(config)#vlan 2

CWGE24MS2(config-vlan)#

acl

Its command prompt is “CWGE24MS2(config-acl)#”.

It means these commands can be executed in this command prompt.

In Configure code, executing command “access-list test” enter the access-list test node.

Note: where the “test” is the profile name.

CWGE24MS2(config)#access-list test

CWGE24MS2(config-acl)#

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 21

INSTALLATION AND OPERATION MANUAL CWGE24MS2

GUI Login

Parameter Description

User ID Enter the user name.

Password Enter the password.

Default:

User name: admin,
Password: admin.

CLI Configuration

Node Command Description

enable show hostname This command displays the system’s network name.

enable show interface eth0 This command displays the current Eth0

configurations.

enable show model This command displays the system information.

enable show running-config This command displays the current operating

configurations.

enable show system-info This command displays the system’s CPU loading

and memory information.

enable show uptime This command displays the system up time.

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 22

INSTALLATION AND OPERATION MANUAL CWGE24MS2

System Information

Parameter Description

Model Name This field displays the model name of the Switch.

Host name This field displays the name of the Switch.

Boot Code Version This field displays the boot code version.

Firmware Version This field displays the firmware version.

Built Date This field displays the built date of the firmware.

DHCP Client This field displays whether the DHCP client is enabled on the Switch.

IP Address This field indicates the IP address of the Switch.

Subnet Mask This field indicates the subnet mask of the Switch.

Default Gateway This field indicates the default gateway of the Switch.

MAC Address This field displays the MAC (Media Access Control) address of the Switch.

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 23

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Parameter Description

Serial Number The serial number assigned by manufacture for identification of the unit.

Management VLAN This field displays the VLAN ID that is used for the Switch management purposes.

CPU Loading This field displays the percentage of your Switch’s system load.

Memory Information This field displays the total memory the Switch has and the memory which is currently

available (Free) and occupied (Usage).

Current Time This field displays current date (yyyy-mm-dd) and time (hh:mm:ss).

DHCPv6 Client This field displays whether the DHCPv6 client is enabled on the Switch.

IPv6 Link Local This field displays the Switch’s link local IP address for IPv6.

IPv6 Default

This field displays the default gateway for IPv6.

Gateway

IPv6 Global This field displays the Switch’s global IP address for IPv6.

Refresh Click this to update the information in this screen.

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 24

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Basic Settings

General Settings

System

Introduction

Management VLAN

To specify a VLAN group which can access the Switch.

» The valid VLAN range is from 1 to 4094.

» If you want to configure a management VLAN, the management VLAN should be created first

and the management VLAN should have at least one member port.

Host Name

The hostname is same as the SNMP system name. Its length is up to 64 characters.

The first 16 characters of the hostname will be configured as the CLI prompt.

Default Settings

› The default Hostname is CWGE24MS2

› The default DHCP client is disabled.

› The default Static IP is 192.168.10.1

› Subnet Mask is 255.255.255.0

› Default Gateway is 0.0.0.0

› Management VLAN is 1.

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 25

INSTALLATION AND OPERATION MANUAL CWGE24MS2

CLI Configuration

Node Command Description

enable ping IPADDR [–c COUNT] This command sends an echo request to the destination host. The

–c parameter allow user to specific the packet count. The default
count is 4.

enable ping IPADDR [–s SIZE] This command sends an echo request to the destination host. The

–s parameter allow user to specific the packet size. Valid range: 0 ~
1047 bytes.

enable ping IPADDR [–c COUNT –s

SIZE]

This command sends an echo request to the destination host. The
–c parameter allow user to specific the packet count. The default
count is 4. The –s parameter allow user to specific the packet size.
Valid range: 0 ~ 1047 bytes.

enable ping IPADDR [-s SIZE –c

COUNT]

This command sends an echo request to the destination host. The
–c parameter allow user to specific the packet count. The default
count is 4. The –s parameter allow user to specific the packet size.
Valid range: 0 ~ 1047 bytes.

configure reboot This command reboots the system.

configure hostname STRINGS This command sets the system’s network name.

configure interface eth0 This command enters the eth0 interface node to configure the

system IP.

configure configure terminal This command changes the mode to config mode.

configure interface eth0 This command changes the mode to eth0 mode.

eth0 show This command displays the eth0 configurations.

eth0 ip address A.B.C.D/M This command configures a static IP and subnet mask for the

system.

eth0 ip address default-gateway

This command configures the system default gateway.

A.B.C.D

eth0 ip dhcp client

(disable|enable|renew)

This command configures a DHCP client function for the system.
Disable: Use a static IP address on the switch.
Enable & Renew: Use DHCP client to get an IP address from DHCP
server.

eth0 management vlan VLANID This command configures the management vlan.

eth0 ip ipv6-address AAAA:BBB

B:CCCC:DDDD:EEEE:FFFF:

This command configures a global scope of IPv6 address and
subnet mask for the system.

GGGG:HHHH/M

eth0 ip ipv6-address default-

This command configures a default gateway for the system.
gateway AAAA:BBBB:CCC
C:DDDD:EEEE:FFFF:GGGG
:HHHH

eth0 ip ipv6-dhcp client

(disable|enable|renew)

This command configures a DHCPv6 client function for the system.

Disable: Use a static IP address on the switch.

Enable & Renew: Use DHCPv6 client to get an IP address from

DHCPv6 server.

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 26

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Example: The procedures to configure an IP address for the Switch.

To enter the configure node.

CWGE24MS2#configure terminal

CWGE24MS2(config)#

To enter the ETH0 interface node.

CWGE24MS2(config)#interface eth0

CWGE24MS2(config-if)#

To get an IP address from a DHCP server.

CWGE24MS2(config-if)#ip dhcp client enable

To configure a static IP address and a gateway for the Switch.

CWGE24MS2(config-if)#ip address 192.168.202.111/24

CWGE24MS2(config-if)#ip address default-gateway 192.168.202.1

To configure a static global IPv6 address and a gateway for the Switch.

Please set the static global IPv6 address first.

CWGE24MS2(config-if)#ip ipv6-address 3ffe::1235/64

And the set the IPv6 default gateway address.

CWGE24MS2(config-if)#ip ipv6-address default-gateway 3ffe::1234

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 27

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Web Configuration

Parameter Description

IP Address Configures a IPv4 address for your Switch in dotted decimal notation.

For example, 192.168.0.254.

Subnet Mask Enter the IP subnet mask of your Switch in dotted decimal notation for

example 255.255.255.0.

Default Gateway Enter the IP address of the default outgoing gateway in dotted

decimal notation, for example 192.168.1.1.

IPv6 Settings

DHCPv6 Client Select Enable to allow the Switch to automatically get an IP address

from a DHCPv6 server. Click Renew to have the Switch re-get an IP
address from the DHCP server.
Select Disable if you want to configure the Switch’s IP address
manually.

Global Address Configure a global IPv6 address for the Switch.

Default Gateway Set – Set an IPv6 default gateway for the Switch.

Unset – Unset the IPv6 default gateway for the Switch.

Apply Click this button to take effect the settings.

Refresh Click this button to reset the fields to the last setting.

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 28

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Jumbo Frame

Introduction

Jumbo frames are Ethernet frames with a payload greater than 1500 bytes. Jumbo frames can
enhance data transmission efficiency in a network. The bigger the frame size, the better the
performance.

Notice:

The jumbo frame settings will apply to all ports.

If the size of a packet exceeds the jumbo frame size, the packet will be dropped.

The available values are 1522, 1536, 1552, 9010, 9216, 10240.

Default Settings

The default jumbo frame is 10240 bytes.

CLI Configuration

Node Command Description

enable show jumboframe This command displays the current jumbo frame settings.

configure jumboframe (10240|1522|1536|

1552|9010|9216)

configure interface IFNAME This command enters the interface configure node.

interface jumboframe (10240|1522|1536|

1552|9010|9216)

configure interface range

gigabitethernet1/0/
PORTLISTS

if-range jumboframe (10240|1522|1536|

1552|9010|9216)

This command configures the maximum number of bytes of
frame size for all ports.

This command configures the maximum number of bytes of
frame size.

This command enters the interface configure node.

This command configures the maximum number of bytes of
frame size.

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 29

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Web Configuration

Parameter Description

Port This field specifies a port or a range of ports for configuration.

Frame Size This field configures the maximum number of bytes of frame size for

specified port(s).

Apply Click this button to take effect the settings.

Refresh Click this button to reset the fields to the last setting.

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 30

INSTALLATION AND OPERATION MANUAL CWGE24MS2

SNTP

Introduction

The Network Time Protocol (NTP) is a protocol for synchronizing the clocks of computer systems
over packet-switched, variable-latency data networks. A less complex implementation of NTP,
using the same protocol but without requiring the storage of state over extended periods of time
is known as the Simple Network Time Protocol (SNTP). NTP provides Coordinated Universal Time
(UTC). No information about time zones or daylight saving time is transmitted; this information is
outside its scope and must be obtained separately.

UDP Port: 123.

Daylight saving is a period from late spring to early fall when many countries set their clocks ahead
of normal local time by one hour to give more daytime light in the evening.

Note:

» The SNTP server always replies the UTC current time.

» When the Switch receives the SNTP reply time, the Switch will adjust the time with the time

zone configuration and then configure the time to the Switch.

» If the time server’s IP address is not configured, the Switch will not send any SNTP request

packets.

» If no SNTP reply packets, the Switch will retry every 10 seconds forever.

» If the Switch has received SNTP reply, the Switch will re-get the time from NTP server every 24

hours.

» If the time zone and time NTP server have been changed, the Switch will repeat the query

process.

» No default SNTP server.

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 31

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Default Settings

Current Time:

-----------------------------------------------

Time: 0:3:51 (UTC)

Date: 1970-1-1

Time Server Configuration:

-----------------------------------------------

Time Zone : +00:00

IP Address: 0.0.0.0

DayLight Saving Time Configuration:

-----------------------------------------------

State : disabled

Start Date: None.

End Date : None.

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 32

INSTALLATION AND OPERATION MANUAL CWGE24MS2

CLI Configuration

Node Command Description

enable show time This command displays current time and time configurations.

configure time

HOUR:MINUTE:SECOND

Sets the current time on the Switch.
hour: 0-23
min: 0-59
sec: 0-59
Note: If you configure Daylight Saving Time after you configure
the time, the Switch will apply Daylight Saving Time.

configure time date YEAR/MONTH/

DAY

Sets the current date on the Switch.
year: 1970 ­month: 1-12
day: 1-31

configure time daylight-saving-time This command enables the daylight saving time.

configure no time daylight-saving-time This command disables daylight saving on the Switch.

configure time daylight-saving-time

This command sets the start time of the Daylight Saving Time.
start-date (first | second |
third | fourth | last) (Sunday
| Monday | Tuesday |
Wednesday | Thursday |
Friday | Saturday) MONTH
HOUR

configure time daylight-saving-time

This command sets the end time of the Daylight Saving Time.
end-date (first | second |
third | fourth | last) (Sunday
| Monday | Tuesday |
Wednesday | Thursday |
Friday | Saturday) MONTH
HOUR

configure time ntp-server

This command disables / enables the NTP server state.
(disable|enable)

configure time ntp-server IP_ADDRESSThis command sets the IP address of your time server.

configure time ntp-ipv6-server IP_

This command sets the IPv6 address of your time server.
ADDRESS

configure time ntp-server domain-

This command sets a domain name of your time server.
name STRING

configure time timezone STRING Configures the time difference between UTC (formerly known as

GMT) and your time zone.

Valid Range: -1200 ~ +1200.

INS_CWGE24MS2_REV–

TECH SUPPORT: 1.888.678.9427

10/05/16 PAGE 33

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Example:

CWGE24MS2(config)#time ntp-server 192.5.41.41

CWGE24MS2(config)#time timezone +0800

CWGE24MS2(config)#time ntp-server enable

CWGE24MS2(config)#time daylight-saving-time start-date first Monday 6 0

CWGE24MS2(config)#time daylight-saving-time end-date last Saturday 10 0

Web Configuration

Parameter Description

Current Time and Date

Current Time This field displays the time you open / refresh this menu.

Current Date This field displays the date you open / refresh this menu.

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 34

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Parameter Description

Time and Date Setting

Manual Select this option if you want to enter the system date and time manually.

New Time Enter the new date in year, month and day format and time in hour, minute and

second format. The new date and time then appear in the Current Date and Current
Time fields after you click Apply.

Enable Network

Select this option to use Network Time Protocol (NTP) for the time service.

Time Protocol

NTP Server Select a pre-designated time server or type the IP address or type the domain name

of your time server. The Switch searches for the timeserver for up to 60 seconds.

Time Zone Select the time difference between UTC (Universal Time Coordinated, formerly known

as GMT, Greenwich Mean Time) and your time zone from the drop-down list box.

Daylight Saving Settings

State Select Enable if you want to use Daylight Saving Time. Otherwise, select Disable to

turn it off.

Start Date Configure the day and time when Daylight Saving Time starts if you enabled Daylight

Saving Time. The time is displayed in the 24 hour format. Here are a couple of examples:
Daylight Saving Time starts in most parts of the United States on the second Sunday of
March. Each time zone in the United States starts using Daylight Saving Time at 2 A.M.
local time. So in the United States you would select Second, Sunday, March and 2:00.
Daylight Saving Time starts in the European Union on the last Sunday of March. All of the
time zones in the European Union start using Daylight Saving Time at the same moment
(1 A.M. GMT or UTC). So in the European Union you would select Last, Sunday, March
and the last field depends on your time zone. In Germany for instance, you would select
2:00 because Germany’s time zone is one hour ahead of GMT or UTC (GMT+1).

End Date Configure the day and time when Daylight Saving Time ends if you enabled Daylight

Saving Time. The time field uses the 24 hour format.
Here are a couple of examples:
Daylight Saving Time ends in the United States on the last Sunday of October. Each
time zone in the United States stops using Daylight Saving Time at 2 A.M. local time.
So in the United States you would select First, Sunday, November and 2:00.
Daylight Saving Time ends in the European Union on the last Sunday of October.
All of the time zones in the European Union stop using Daylight Saving Time at the
same moment (1 A.M. GMT or UTC). So in the European Union you would select
Last, Sunday, October and the last field depends on your time zone. In Germany for
instance, you would select 2:00 because Germany’s time zone is one hour ahead of
GMT or UTC (GMT+1).

Apply Click Apply to take effect the settings.

Refresh Click Refresh to begin configuring this screen afresh.

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 35

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Management Host

Introduction

The feature limits the hosts which can manage the Switch. That is, any hosts can manage the
Switch via telnet or web browser. If the user has configured one or more management hosts,
the Switch can be managed by these hosts only. The feature allows the user to configure up to
3 management IP host entries.

Default Settings

The default is none, any host can manage the Switch via telnet or web browser.

CLI Configuration

Node Command Description

enable show interface eth0 The command displays the all of the interface eth0 configurations.

eth0 show The command displays the all of the interface eth0 configurations.

eth0 management host

A.B.C.D

eth0 no management host

A.B.C.D

The command adds a management host address.

The command deletes a management host address.

Example:

CWGE24MS2#configure terminal

CWGE24MS2(config)#interface eth0

CWGE24MS2(config-if)#management host 192.168.200.106

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 36

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Web Configuration

Parameter Description

Management Host This field configures the management host.

Apply Click this button to take effect the settings.

Refresh Click this button to begin configuring this screen afresh.

Management Host List

No. This field displays a sequential number for each management host.

Management Host This field displays the management host.

Action Click the Delete button to remove the specified entry.

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 37

INSTALLATION AND OPERATION MANUAL CWGE24MS2

MAC Management

Introduction

Dynamic Address:

The MAC addresses are learnt by the switch. When the switch receives frames, it will record the
source MAC, the received port and the VLAN in the address table with an age time. When the age
time is expired, the address entry will be removed from the address table.

Static Address:

The MAC addresses are configured by users. The static addresses will not be aged out by the
switch; it can be removed by user only. The maximum static address entry is up to 256.

The MAC Table (a MAC table is also known as a filtering database) shows how frames are
forwarded or filtered across the Switch’s ports. When a device (which may belong to a VLAN
group) sends a packet which is forwarded to a port on the Switch, the MAC address of the device
is shown on the Switch’s MAC Table. It also shows whether the MAC address is dynamic (learned
by the Switch) or static (manually entered).

» The Switch uses the MAC Table to determine how to forward frames. See the following figure.

» The Switch examines the received frame and learns the port from which this source MAC

address came.

› The Switch checks to see if the frame’s destination MAC address matches a source MAC

address already learnt in the MAC Table.

› If the Switch has already learnt the port for this MAC address, then it forwards the frame to

that port.

› If the Switch has not already learnt the port for this MAC address, then the frame is flooded to

all ports. If too much port flooding, it may lead to network congestion.

› If the Switch has already learnt the port for this MAC address, but the destination port is the

same as the port it came in on, then it filters the frame.

TECH SUPPORT: 1.888.678.9427

Figure MAC Table Flowchart

INS_CWGE24MS2_REV–

10/05/16 PAGE 38

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Default Settings

The default MAC address table age time is 300 seconds.

The Maximum static address entry is 256.

CLI Configuration

Node Command Description

enable show mac-address-table aging-

time

enable show mac-address-table

(static|dynamic)

enable show mac-address-table mac

MACADDR

enable show mac-address-table port

PORT_ID

configure mac-address-table static

MACADDR vlan VLANID port
PORT_ID

configure no mac-address-table static

MACADDR vlan VLANID

configure mac-address-table aging-time

VALUE

configure clear mac address-table

dynamic

Example:

This command displays the current MAC address table age
time.

This command displays the current static/dynamic unicast
address entries.

This command displays information of a specific MAC.

This command displays the current unicast address entries
learnt by the specific port.

This command configures a static unicast entry.

This command removes a static unicast entry from the address
table.

This command configures the mac table aging time.

This command clears the dynamic address entries.

CWGE24MS2(config)#mac-address-table static 00:11:22:33:44:55 vlan 1 port 1

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 39

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Web Configuration

Static MAC

A static Media Access Control (MAC) address is an address that has been manually entered in
the MAC address table, and do not age out. When you set up static MAC address rules, you are
setting static MAC addresses for a port, so this may reduce the need for broadcasting.

Parameter Description

Static MAC Settings

MAC Address Enter the MAC address of a computer or device that you want to add to the MAC

address table.
Valid format is hh:hh:hh:hh:hh:hh.

VLAN ID Enter the VLAN ID to apply to the computer or device.

Port Enter the port number to which the computer or device is connected.

Apply Click Apply to take effect the settings.

Refresh Click Refresh to begin configuring this screen afresh.

Static MAC Table

MAC Address This field displays the MAC address of a manually entered MAC address entry.

VLAN ID This field displays the VID of a manually entered MAC address entry.

Port This field displays the port number of a manually entered MAC address entry. The

MAC address with port CPU means the Switch’s MAC addresses itself.

Action Click Delete to remove this manually entered MAC address entry from the MAC

address table. You cannot delete the Switch’s MAC address from the static MAC
address table.

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 40

INSTALLATION AND OPERATION MANUAL CWGE24MS2

MAC Table

Parameter Description

Show Type
Apply

Select All, Static, Dynamic or Port and then click Apply to display the
corresponding MAC address entries on this screen.

Refresh Click this to update the information in the MAC table.

MAC Address This field displays a MAC address.

Type This field displays whether this entry was entered manually (Static) or

whether it was learned by the Switch (Dynamic).

VLAN ID This field displays the VLAN ID of the MAC address entry.

Port This field displays the port number the MAC address entry is

associated. It displays CPU if it is the entry for the Switch itself.
The CPU means that it is the Switch’s MAC.

Total Counts This field displays the total entries in the MAC table.

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 41

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Age Time Settings

Parameter Description

Age Time Configure the age time; the valid range is from 20 to 500 seconds.

The default value is 300 seconds.

Apply Click Apply to take effect the settings.

Refresh Click this to update the information in the MAC table.

Refusal (Black-hole MAC)

Introduction

These types of MAC address entries are configured manually. A switch discards the packets
destined for or originated from the MAC addresses contained in blackhole MAC address entries.
Blackhole entries are configured for filtering out frames with specific source or destination MAC
addresses

Notice: User can configure up to 20 entries.

CLI Configuration

Node Command Description

enable show mac-address-table

refusal

configure mac-address-table refusal

MACADDR vlan VLANID

configure mac-address-table refusal

MACADDR

This command displays the current refusal MAC address only.

This command configures a refusal MAC on a specific VLAN.

This command configures a refusal MAC.

Example: The procedures to configure a refusal MAC address

To enter the configure node.

CWGE24MS2#configure terminal

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 42

INSTALLATION AND OPERATION MANUAL CWGE24MS2

To configure a refusal MAC address for all ports and all vlans.

CWGE24MS2(config)#mac-address-table refusal 00:11:22:33:44:55

To configure a refusal MAC address for all ports on a specific vlan.

CWGE24MS2(config)#mac-address-table refusal 00:11:22:33:44:55 vlan 1.

Web Configuration

Parameter Description

MAC Address Enter the MAC address of a computer or device that you want to refuse.

Valid format is hh:hh:hh:hh:hh:hh.

VLAN ID Enter the VLAN ID to apply to the computer or device.

Apply Click Apply to take effect the settings.

Refresh Click Refresh to begin configuring this screen afresh.

MAC Address This field displays a MAC address.

VLAN ID This field displays the VLAN ID of the MAC address entry.

Action Click Delete to remove this manually entered MAC address entry from the refusal

MAC address table.

Total Counts This field displays the total entries in the refusal MAC table.

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 43

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Port Mirror

Introduction

Port-based Mirroring

The Port-Based Mirroring is used on a network switch to send a copy of network packets sent/
received on one or a range of switch ports to a network monitoring connection on another switch
port (Monitor to Port). This is commonly used for network appliances that require monitoring of
network traffic, such as an intrusion-detection system.

Port Mirroring, together with a network traffic analyzer, helps to monitor network traffic. Users can
monitor the selected ports (Source Ports) for egress and/or ingress packets.

Source Mode:

Ingress : The received packets will be copied to the monitor port.

Egress : The transmitted packets will be copied to the monitor port.

Both : The received and transmitted packets will be copied to the monitor port.

Note:

» The monitor port cannot be a trunk member port.

» The monitor port cannot be ingress or egress port.

» If the Port Mirror function is enabled, the Monitor-to Port can receive mirrored packets only.

» If a port has been configured as a source port and then user configures the port as a

destination port, the port will be removed from the source ports automatically.

Default Settings

Mirror Configurations:

State : Disable

Monitor port : 1

Ingress port(s) : None

Egress port(s) : None

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 44

INSTALLATION AND OPERATION MANUAL CWGE24MS2

CLI Configuration

Node Command Description

enable show mirror This command displays the current port mirroring

configurations.

configure mirror (disable|enable) This command disables / enables the port mirroring on

the switch.

configure mirror destination port PORT_ID This command specifies the monitor port for the port

mirroring.

configure mirror source ports PORT_LIST mode

(both|ingress|egress)

configure no mirror source ports PORT_LIST This command removes a port or a range of ports from

This command adds a port or a range of ports as the
source ports of the port mirroring.

the source ports of the port mirroring.

Example:

CWGE24MS2#configure terminal

CWGE24MS2(config)#mirror enable

CWGE24MS2(config)#mirror destination port 2

CWGE24MS2(config)#mirror source ports 3-11 mode both

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 45

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Web Configuration

Parameter Description

State Select Enable to turn on port mirroring or select Disable to turn it off.

Monitor to Port Select the port which connects to a network traffic analyzer.

All Ports Settings in this field apply to all ports.

Use this field only if you want to make some settings the same for all ports.
Use this field first to set the common settings and then make adjustments on
a port-by-port basis.

Source Port This field displays the number of a port.

Mirror Mode Select Ingress, Egress or Both to only copy the ingress (incoming), egress

(outgoing) or both (incoming and outgoing) traffic from the specified source
ports to the monitor port. Select Disable to not copy any traffic from the
specified source ports to the monitor port.

Apply Click Apply to take effect the settings.

Refresh Click Refresh to begin configuring this screen afresh.

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 46

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Port Settings

Introduction

Duplex mode

A duplex communication system is a system composed of two connected parties or devices that
can communicate with one another in both directions.

Half Duplex:

A half-duplex system provides for communication in both directions, but only one direction at
a time (not simultaneously). Typically, once a party begins receiving a signal, it must wait for the
transmitter to stop transmitting, before replying.

Full Duplex:

A full-duplex, or sometimes double-duplex system, allows communication in both directions, and,
unlike half-duplex, allows this to happen simultaneously. Land-line telephone networks are full­duplex, since they allow both callers to speak and be heard at the same time.

» Loopback Test
A loopback test is a test in which a signal in sent from a communications device and returned
(looped back) to it as a way to determine whether the device is working right or as a way to pin
down a failing node in a network. One type of loopback test is performed using a special plug,
called a wrap plug that is inserted in a port on a communications device. The effect of a wrap
plug is to cause transmitted (output) data to be returned as received (input) data, simulating a
complete communications circuit using a single computer.

» Auto MDI-MDIX
Auto-MDIX (automatic medium-dependent interface crossover) is a computer networking
technology that automatically detects the required cable connection type (straight-through
or crossover) and configures the connection appropriately, thereby removing the need for
crossover cables to interconnect switches or connecting PCs peer-to-peer. When it is enabled,
either type of cable can be used or the interface automatically corrects any incorrect cabling.

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 47

INSTALLATION AND OPERATION MANUAL CWGE24MS2

For Auto-MDIX to operate correctly, the speed on the interface and duplex setting must be set
to “auto”. Auto-MDIX was developed by HP engineers Dan Dove and Bruce Melvin.

» Auto Negotiation
Auto (auto-negotiation) allows one port to negotiate with a peer port automatically to obtain the
connection speed and duplex mode that both ends support. When auto-negotiation is turned
on, a port on the Switch negotiates with the peer automatically to determine the connection
speed and duplex mode.
If the peer port does not support auto-negotiation or turns off this feature, the Switch
determines the connection speed by detecting the signal on the cable and using half duplex
mode. When the Switch’s auto-negotiation is turned off, a port uses the pre-configured speed
and duplex mode when making a connection, thus requiring you to make sure that the settings
of the peer port are the same in order to connect.

» Flow Control
A concentration of traffic on a port decreases port bandwidth and overflows buffer memory
causing packet discards and frame losses.IEEE802.3x flow control is used in full duplex mode to
send a pause signal to the sending port, causing it to temporarily stop sending signals when the
receiving port memory buffers fill and resend later.
The Switch uses IEEE802.3x flow control in full duplex mode and backpressure flow control in
half duplex mode. IEEE802.3x flow control is used in full duplex mode to send a pause signal to
the sending port, causing it to temporarily stop sending signals when the receiving port memory
buffers fill. Back Pressure flow control is typically used in half duplex mode to send a “collision”
signal to the sending port (mimicking a state of packet collision) causing the sending port to
temporarily stop sending signals and resend later.

Note: 1000 Base-T doesn’t support force mode.

Default Settings

The default port Speed & Duplex is auto for all ports.

The default port Flow Control is Off for all ports.

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 48

INSTALLATION AND OPERATION MANUAL CWGE24MS2

CLI Configuration

Node Command Description

enable show interface IFNAME This command displays the current port configurations.

configure interface IFNAME This command enters the interface configure node.

interface show This command displays the current port configurations.

interface loopback (none | mac) This command tests the loopback mode of operation for

the specific port.

interface flowcontrol (off | on) This command disables / enables the flow control for the

port.

interface speed (auto|10-full||10-half|

100-full|100-half|1000-full)

This command configures the speed and duplex for the
port.

interface shutdown This command disables the specific port.

interface no shutdown This command enables the specific port.

interface description STRINGs This command configures a description for the specific

port.

interface no description This command configures the default port description.

configure interface range gigabitethernet1/0/

This command enters the interface configure node.

PORTLISTS

if-range description STRINGs This command configures a description for the specific

ports.

if-range no description This command configures the default port description for

the specific ports.

if-range shutdown This command disables the specific ports.

if-range no shutdown This command enables the specific ports.

if-range speed (auto|10-full||10-half|

100-full|100-half|1000-full)

This command configures the speed and duplex for the
port.

Example:

CWGE24MS2#configure terminal

CWGE24MS2(config)#interface gi1/0/1

CWGE24MS2(config-if)#speed auto

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 49

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Web Configuration

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 50

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Parameter Description

Port Select a port or a range ports you want to configure on this screen.

State Select Enable to activate the port or Disable to deactivate the port.

Speed/Duplex Select the speed and duplex mode of the port. The choices are:

• Auto

• 10 Mbps / Full Duplex

• 10 Mbps / Half Duplex

• 100 Mbps / Full Duplex

• 100 Mbps / Half Duplex

• 1000 Mbps / Full Duplex

Flow Control Select On to enable access to buffering resources for the port thus ensuring lossless

operation across network switches. Otherwise, select Off to disable it.

Apply Click Apply to take effect the settings.

Refresh Click Refresh to begin configuring this screen afresh.

Port This field displays the port number.

State This field displays whether the port is enabled or disabled.

Speed/Duplex This field displays the speed either 10M, 100M or 1000M and the duplex mode Full or Half.

Flow Control This field displays whether the port’s flow control is On or Off.

Link Status This field displays the link status of the port. If the port is up, it displays the port’s speed,

duplex and flow control setting. Otherwise, it displays Link Down if the port is disabled
or not connected to any device.

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 51

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Information:

Parameter Description

Port Select a port or a range ports you want to configure on this screen.

Description Configures a meaningful name for the port(s).

Port Status

Port This field displays the port number.

Description The meaningful name for the port.

Status The field displays the detail port status if the port is blocked by some protocol.

Uptime The sustained time from last link up.

Medium Mode The current working medium mode, copper or fiber, for the port.

INS_CWGE24MS2_REV–

TECH SUPPORT: 1.888.678.9427

10/05/16 PAGE 52

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Advanced Settings

Bandwidth Control

QoS

Introduction

Each egress port can support up to 8 transmit queues. Each egress transmit queue contains a
list specifying the packet transmission order. Every incoming frame is forwarded to one of the
8 egress transmit queues of the assigned egress port, based on its priority. The egress port
transmits packets from each of the 8 transmit queues according to a configurable scheduling
algorithm, which can be a combination of Strict Priority (SP) and/or Weighted Round Robin (WRR).

Typically, networks operate on a best-effort delivery basis, which means that all traffic has equal
priority and an equal chance of being delivered in a timely manner. When congestion occurs, all
traffic has an equal chance of being dropped.

When you configure the QoS feature, you can select specific network traffic, prioritize it according
to its relative importance, and use congestion-management and congestion-avoidance techniques
to give preferential treatment. Implementing QoS in your network makes network performance
more predictable and bandwidth utilization more effective.

The Switch supports 802.1p priority queuing. The Switch has 8 priority queues. These priority
queues are numbered from 7 (Class 7) — the highest priority queue — to 0 (Class 0) — the lowest
priority queue.

The eight priority tags specified in IEEE 802.1p (p0 to p7) are mapped to the Switch’s priority
queues as follows:

Priority : 0 1 2 3 4 5 6 7

Queue : 2 0 1 3 4 5 6 7

Priority scheduling is implemented by the priority queues stated above. The Switch will empty
the four hardware priority queues in order, beginning with the highest priority queue, 7, to the
lowest priority queue, 0. Each hardware queue will transmit all of the packets in its buffer before
permitting the next lower priority to transmit its packets. When the lowest hardware priority
queue has finished transmitting all of its packets, the highest hardware priority queue will begin
transmitting any packets it may have received.

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 53

INSTALLATION AND OPERATION MANUAL CWGE24MS2

QoS Enhancement

You can configure the Switch to prioritize traffic even if the incoming packets are not marked with
IEEE 802.1p priority tags or change the existing priority tags based on the criteria you select.
The Switch allows you to choose one of the following methods for assigning priority to incoming
packets on the Switch:

» 802.1p Tag Priority - Assign priority to packets based on the packet’s 802.1p tagged priority.

» Port Based QoS - Assign priority to packets based on the incoming port on the Switch.

» DSCP Based QoS - Assign priority to packets based on their Differentiated Services Code

Points (DSCPs).

Note: Advanced QoS methods only affect the internal priority queue mapping for the Switch. The

Switch does not modify the IEEE 802.1p value for the egress frames. You can choose one of
these ways to alter the way incoming packets are prioritized or you can choose not to use
any QoS enhancement setting on the Switch.

802.1p Priority

When using 802.1p priority mechanism, the packet is examined for the presence of a valid 802.1p
priority tag. If the tag is present, the packet is assigned to a programmable egress queue based
on the value of the tagged priority. The tagged priority can be designated to any of the available
queues.

Ethernet Packet:

6 6 2 42-1496 4

DA SA Type / Length Data FCS

6 6 4 2 42-1496 4

DA SA 802.1Q Tag Type / Length Data FCS

802 .1Q Tag :

2 bytes 2 bytes

Tag Protocol Identifier (TPID) Tag Control Information (TCI)

16 bits 3 bits 1 bit 12 bits

TPID (0x8100) Priority CFI VID

» Tag Protocol Identifier (TPID): a 16-bit field set to a value of 0x8100 in order to identify the
frame as an IEEE 802.1Q-tagged frame.

» Tag Control Information (TCI)

› Priority Code Point (PCP): a 3-bit field which refers to the IEEE 802.1p priority. It indicates the

frame priority level from 0 (lowest) to 7 (highest), which can be used to prioritize different

INS_CWGE24MS2_REV–

TECH SUPPORT: 1.888.678.9427

10/05/16 PAGE 54

INSTALLATION AND OPERATION MANUAL CWGE24MS2

classes of traffic (voice, video, data, etc.).

› Canonical Format Indicator (CFI): a 1-bit field. If the value of this field is 1, the MAC address is

in non-canonical format. If the value is 0, the MAC address is in canonical format. It is always
set to zero for Ethernet switches. CFI is used for compatibility between Ethernet and Token
Ring networks. If a frame received at an Ethernet port has a CFI set to 1, then that frame
should not be bridged to an untagged port.

› VLAN Identifier (VID): a 12-bit field specifying the VLAN to which the frame belongs. A value

of 0 means that the frame doesn’t belong to any VLAN; in this case the 802.1Q tag specifies
only a priority and is referred to as a priority tag. A value of hex 0xFFF is reserved for
implementation use. All other values may be used as VLAN identifiers, allowing up to 4094
VLANs. On bridges, VLAN 1 is often reserved for management.

Priority Levels

PCP: Priority Code Point.

PCP Network Priority Traffic Characteristics

1 0 (lowest) Background

0 1 Best Effort

2 2 Excellent Effort

3 3 Critical Applications

4 4 Video, <100ms latency

5 5 Video, < 10ms latency

6 6 Internetwork Control

7 7 (highest) Network Control

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 55

INSTALLATION AND OPERATION MANUAL CWGE24MS2

DiffServ (DSCP)

Differentiated Services or DiffServ is a computer networking architecture that specifies a simple,
scalable and coarse-grained mechanism for classifying, managing network traffic and providing
Quality of Service (QoS) guarantees on modern IP networks. DiffServ can, for example, be used to
provide low-latency, guaranteed service (GS) to critical network traffic such as voice or video while
providing simple best-effort traffic guarantees to non-critical services such as web traffic or file
transfers.

Differentiated Services Code Point (DSCP) is a 6-bit field in the header of IP packets for packet
classification purposes. DSCP replaces the outdated IP precedence, a 3-bit field in the Type of
Service byte of the IP header originally used to classify and prioritize types of traffic.

When using the DiffServ priority mechanism, the packet is classified based on the DSCP field in
the IP header. If the tag is present, the packet is assigned to a programmable egress queue based
on the value of the tagged priority. The tagged priority can be designated to any of the available
queues.

Version IHL Type of Service Total Length

Identification Flags Fragment Offset

Time to Live Protocol Header Checksum

Source Address

Destination Address

Options Padding

Example Internet Datagram Header

IP Header Type of Service: 8 bits

The Type of Service provides an indication of the abstract parameters of the quality of service
desired. These parameters are to be used to guide the selection of the actual service parameters
when transmitting a datagram through a particular network. Several networks offer service
precedence, which somehow treats high precedence traffic as more important than other traffic
(generally by accepting only traffic above certain precedence at time of high load). The major
choice is a three way tradeoff between low-delay, high-reliability, and high-throughput.

Bits 0-2: Precedence.

Bit 3: 0 = Normal Delay, 1 = Low Delay.

Bits 4: 0 = Normal Throughput, 1 = High Throughput.

Bits 5: 0 = Normal Reliability, 1 = High Reliability.

Bit 6-7: Reserved for Future Use.

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 56

INSTALLATION AND OPERATION MANUAL CWGE24MS2

0 1 2 3 4 5 6 7

+-----+-----+-----+-----+-----+-----+-----+-----+

| PRECEDENCE | D | T | R | 0 | 0 |

+-----+-----+-----+-----+-----+-----+-----+-----+

Precedence

111 - Network Control

110 - Internetwork Control

101 - CRITIC/ECP

100 - Flash Override

011 - Flash

010 - Immediate

001 - Priority

000 - Routine

The use of the Delay, Throughput, and Reliability indications may increase the cost (in some sense)
of the service. In many networks better performance for one of these parameters is coupled
with worse performance on another. Except for very unusual cases at most two of these three
indications should be set.

The type of service is used to specify the treatment of the datagram during its transmission
through the internet system. Example mappings of the internet type of service to the actual
service provided on networks such as AUTODIN II, ARPANET, SATNET, and PRNET is given in
“Service Mappings”.

The Network Control precedence designation is intended to be used within a network only.
The actual use and control of that designation is up to each network. The Internetwork Control
designation is intended for use by gateway control originators only.

If the actual use of these precedence designations is of concern to a particular network, it is the
responsibility of that network to control the access to, and use of, those precedence designations.

DSCP Priority DSCP Priority DSCP Priority
0 0 1 0 2 0
. . .
60 0 61 0 62 0
63 0

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 57

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Example:

IP Header

DSCP=50 => 45 C8 . . .

Queuing Algorithms

Queuing algorithms allow switches to maintain separate queues for packets from each individual
source or flow and prevent a source from monopolizing the bandwidth.

» Strict-Priority (SPQ)

The packets on the high priority queue are always service firstly.

» Weighted round robin (WRR)

Round Robin scheduling services queues on a rotating basis and is activated only when a port
has more traffic than it can handle. A queue is given an amount of bandwidth irrespective of
the incoming traffic on that port. This queue then moves to the back of the list. The next queue
is given an equal amount of bandwidth, and then moves to the end of the list; and so on,
depending on the number of queues being used. This works in a looping fashion until a queue
is empty.
Weighted Round Robin (WRR) scheduling uses the same algorithm as round robin scheduling,
but services queues based on their priority and queue weight (the number you configure in the
queue Weight field) rather than a fixed amount of bandwidth. WRR is activated only when a port
has more traffic than it can handle. Queues with larger weights get more service than queues
with smaller weights. This queuing mechanism is highly efficient in that it divides any available
bandwidth across the different traffic queues and returns to queues that have not yet emptied.

Default Settings

QoS mode : High First (SPQ)

The mappings of the Priority to Queue are:

PRIO 0 ==> COSQ 2
PRIO 1 ==> COSQ 0
PRIO 2 ==> COSQ 1
PRIO 3 ==> COSQ 3
PRIO 4 ==> COSQ 4
PRIO 5 ==> COSQ 5
PRIO 6 ==> COSQ 6
PRIO 7 ==> COSQ 7

The DiffServ is disabled on the switch.

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 58

INSTALLATION AND OPERATION MANUAL CWGE24MS2

DSCP Priority DSCP Priority DSCP Priority DSCP Priority

---- -------- ---- -------- ---- -------- ---- -------­ 00 0 01 0 02 0 03 0
04 0 05 0 06 0 07 0
08 0 09 0 10 0 11 0
12 0 13 0 14 0 15 0
16 0 17 0 18 0 19 0
20 0 21 0 22 0 23 0
24 0 25 0 26 0 27 0
28 0 29 0 30 0 31 0
32 0 33 0 34 0 35 0
36 0 37 0 38 0 39 0
40 0 41 0 42 0 43 0
44 0 45 0 46 0 47 0
48 0 49 0 50 0 51 0
52 0 53 0 54 0 55 0
56 0 57 0 58 0 59 0
60 0 61 0 62 0 63 0

Note: If the DiffServ is disabled, the 802.1p tag priority will be used.

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 59

INSTALLATION AND OPERATION MANUAL CWGE24MS2

CLI Configuration

Node Command Description

enable show queue cos-map This command displays the current 802.1p priority mapping to the

service queue.

enable show qos mode This command displays the current QoS scheduling mode of IEEE

802.1p.

configure queue cos-map

PRIORITY QUEUE_ID

This command configures the 802.1p priority mapping to the service
queue.

configure no queue cos-map This command configures the 802.1p priority mapping to the service

queue to default.

configure qos mode high-first This command configures the QoS scheduling mode to high_first,

each hardware queue will transmit all of the packets in its buffer before
permitting the next lower priority to transmit its packets.

configure qos mode wrr-queue

weights VALUE VALUE

This command configures the QoS scheduling mode to Weighted

Round Robin.
VALUE VALUE VALUE
VALUE VALUE VALUE

interface default-priority This command allows the user to specify a default priority handling of

untagged packets received by the Switch. The priority value entered

with this command will be used to determine which of the hardware

priority queues the packet is forwarded to. Default: 0.

interface no default-priority This command configures the default priority for the specific port to

default (0).

enable show diffserv This command displays DiffServ configurations.

configure diffserv

This command disables / enables the DiffServ function.
(disable|enable)

configure diffserv dscp VALUE

priority VALUE

TECH SUPPORT: 1.888.678.9427

This command sets the DSCP-to-IEEE 802.1q mappings.

INS_CWGE24MS2_REV–

10/05/16 PAGE 60

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Web Configuration

Port Priority

Parameter Description

All Ports 802.1p
priority

Use this field to set a priority for all ports.
The value indicates packet priority and is added to the priority tag field of incoming
packets. The values range from 0 (lowest priority) to 7 (highest priority).

Port This field displays the number of a port.

802.1p Priority Select a priority for packets received by the port. Only packets without 802.1p priority
tagged will be applied the priority you set here.

Apply Click Apply to take effect the settings.

Refresh Click Refresh to begin configuring this screen afresh.

INS_CWGE24MS2_REV–

TECH SUPPORT: 1.888.678.9427

10/05/16 PAGE 61

INSTALLATION AND OPERATION MANUAL CWGE24MS2

IP DiffServ (DSCP)

Parameter Description

Mode “Tag Over DSCP” or “DSCP Over Tag”. “Tag Over DSCP” means the 802.1p

Priority This field displays each priority level. The values range from 0 (lowest

Apply Click Apply to take effect the settings.

Refresh Click Refresh to begin configuring this screen afresh.

TECH SUPPORT: 1.888.678.9427

tag has higher priority than DSCP.

priority) to 7 (highest priority).

INS_CWGE24MS2_REV–

10/05/16 PAGE 62

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Priority/Queue Mapping

Parameter Description

Reset to Default Click this button to reset the priority to queue mappings to the

defaults.

Priority This field displays each priority level. The values range from 0 (lowest

priority) to 7 (highest priority).

Queue ID Select the number of a queue for packets with the priority level.

Apply Click Apply to take effect the settings.

Refresh Click Refresh to begin configuring this screen afresh.

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 63

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Schedule Mode

Parameter Description

Schedule Mode Select Strict Priority (SP) or Weighted Round Robin (WRR).

Note: Queue weights can only be changed when Weighted Round
Robin is selected.
Weighted Round Robin scheduling services queues on a rotating
basis based on their queue weight (the number you configure in the
queue Weight field). Queues with larger weights get more service
than queues with smaller weights.

Queue ID This field indicates which Queue (0 to 7) you are configuring. Queue 0

has the lowest priority and Queue 7 the highest priority.

Weight Value You can only configure the queue weights when Weighted Round

Robin is selected. Bandwidth is divided across the different traffic
queues according to their weights.

Apply Click Apply to take effect the settings.

Refresh Click Refresh to begin configuring this screen afresh.

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 64

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Rate Limitation

Storm Control

Introduction

A broadcast storm means that your network is overwhelmed with constant broadcast or multicast
traffic. Broadcast storms can eventually lead to a complete loss of network connectivity as the
packets proliferate.

Storm Control protects the Switch bandwidth from flooding packets, including broadcast packets,
multicast packets, and destination lookup failure (DLF). The Rate is a threshold that limits the total
number of the selected type of packets. For example, if the broadcast and multicast options are
selected, the total amount of packets per second for those two types will not exceed the limit value.

Broadcast storm control limits the number of broadcast, multicast and unknown unicast (also
referred to as Destination Lookup Failure or DLF) packets the Switch receives per second on
the ports. When the maximum number of allowable broadcast, multicast and unknown unicast
packets is reached per second, the subsequent packets are discarded. Enable this feature to
reduce broadcast, multicast and unknown unicast packets in your network.

Storm Control unit: 652pps.

Default Settings

Broadcast Storm Control : 652pps.

Multicast Storm Control : None.

DLF Storm Control : 652pps.

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 65

INSTALLATION AND OPERATION MANUAL CWGE24MS2

CLI Configuration

Node Command Description

enable show storm-control This command displays the current storm control

configurations.

configure storm-control rate RATE_LIMIT type (bcast

| mcast | DLF | bcast+mcast | bcast+DLF
| mcast+DLF | bcast+mcast+DLF) ports

This command enables the bandwidth limit for
broadcast or multicast or DLF packets and set the
limitation.

PORTLISTS

configure no storm-control type (bcast | mcast | DLF

| bcast+mcast | bcast+DLF | mcast+DLF |

This command disables the bandwidth limit for
broadcast or multicast or DLF packets.

bcast+mcast+DLF) ports PORTLISTS

Example:

CWGE24MS2#configure terminal

CWGE24MS2(config)#storm-control rate 1 type broadcast ports 1-6

CWGE24MS2(config)#storm-control rate 1 type multicast ports 1-6

CWGE24MS2(config)#storm-control rate 1 type DLF ports 1-6

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 66

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Web Configuration

Parameter Description

Port Select the port number for which you want to configure storm control

Rate Select the number of packets (of the type specified in the Type field) per

Type Select Broadcast - to specify a limit for the amount of broadcast packets

Apply Click Apply to take effect the settings.

Refresh Click Refresh to begin configuring this screen afresh.

TECH SUPPORT: 1.888.678.9427

settings.

second the Switch can receive per second.

received per second.
Multicast - to specify a limit for the amount of multicast packets received per
second.
DLF - to specify a limit for the amount of DLF packets received per second.

INS_CWGE24MS2_REV–

10/05/16 PAGE 67

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Bandwidth Limitation

Introduction

The rate limitation is used to control the rate of traffic sent or received on a network interface.

Rate Limitation unit: Mbs.

Default Settings

All ports’ Ingress and Egress rate limitation are disabled.

CLI Configuration

Node Command Description

enable show bandwidth-limit This command displays the current rate control

configurations.

configure bandwidth-limit egress RATE_

LIMIT ports PORTLISTS

configure no bandwidth-limit egress

ports PORTLISTS

configure bandwidth-limit ingress

RATE_LIMIT ports PORTLISTS

configure no bandwidth-limit ingress

ports PORTLISTS

This command enables the bandwidth limit for
outgoing packets and set the limitation.

This command disables the bandwidth limit for
outgoing packets.

This command enables the bandwidth limit for
incoming packets and set the limitation.

This command disables the bandwidth limit for
incoming packets.

Example:

CWGE24MS2#configure terminal

CWGE24MS2(config)#bandwidth-limit egress 1 ports 1-8

CWGE24MS2(config)#bandwidth-limit ingress 1 ports 1-8

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

INS_CWGE24MS2_REV–

10/05/16 PAGE 68

10/05/16 PAGE 68

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Web Configuration

Parameter Description

Port Selects a port that you want to configure.

Ingress Configures the rate limitation for the ingress packets.

Egress Configures the rate limitation for the egress packets.

Apply Click Apply to take effect the settings.

Refresh Click Refresh to begin configuring this screen afresh.

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 69

INSTALLATION AND OPERATION MANUAL CWGE24MS2

DHCPv6

DHCPv6 Options

CLI Configurations

Node Command Description

enable show ipv6 dhcp-

options

configure ipv6 dhcp-

options option_18
(disable|enable)

configure ipv6 dhcp-options

option_37

Web Configurations

Option 18

This command displays the IPv6 DHCP option configurations.

This command enables/disables the IPv6 DHCP option 18.

This command enables/disables the IPv6 DHCP option 37.

Parameter Description

Option 18 State The field enables / disables the option 18.

Option 37

Parameter Description

Option 37 State The field enables / disables the option 37.

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 70

INSTALLATION AND OPERATION MANUAL CWGE24MS2

DHCPv6 Relay

CLI Configurations

Node Command Description

enable show ipv6 dhcp relay This command displays the IPv6 DHCP Relay

configurations.

configure ipv6 dhcp relay

(enable|disable)

configure ipv6 dhcp relay hops_

count_limit <1-32>

configure ipv6 dhcp relay vlan

STRINGS

configure no ipv6 dhcp relay vlan

STRINGS

Web Configurations

This command enables/disables the IPv6 DHCP Relay.

This command configures hop count limitation for IPv6
DHCP Relay.

This command enables the IPv6 DHCP Relay in a vlan or
a range of vlan.

This command disables the IPv6 DHCP Relay in a vlan or
a range of vlan.

Parameter Description

State The field enables / disables the Ipv6 DHCP Relay.

Hops Count Limit The field configures the hops count limit for the IPv6 DHCP Relay.

VLAN State The field enables / disables the Ipv6 DHCP Relay in a vlan or a range

DHCPv6 Server IP The field configures the DHCPv6 server’s IP.

TECH SUPPORT: 1.888.678.9427

of vlans.

INS_CWGE24MS2_REV–

10/05/16 PAGE 71

INSTALLATION AND OPERATION MANUAL CWGE24MS2

IGMP Snooping

IGMP Snooping

Introduction

The IGMP snooping is for multicast traffic. The Switch can passively snoop on IGMP packets
transferred between IP multicast routers/switches and IP multicast hosts to learn the IP multicast group
membership. It checks IGMP packets passing through it, picks out the group registration information,
and configures multicasting accordingly. IGMP snooping allows the Switch to learn multicast groups
without you having to manually configure them.

The Switch can passively snoop on IGMP packets transferred between IP multicast routers/switches
and IP multicast hosts to learn the IP multicast group membership. It checks IGMP packets passing
through it, picks out the group registration information, and configures multicasting accordingly. IGMP
snooping allows the Switch to learn multicast groups without you having to manually configure them.

The Switch can perform IGMP snooping on up to 4094 VLANs. You can configure the Switch to
automatically learn multicast group membership of any VLANs. The Switch then performs IGMP
snooping on the first VLANs that send IGMP packets. Alternatively, you can specify the VLANs
that IGMP snooping should be performed on. This is referred to as fixed mode. In fixed mode
the Switch does not learn multicast group membership of any VLANs other than those explicitly
added as an IGMP snooping VLAN.

Immediate Leave

When you enable IGMP Immediate-Leave processing, the switch immediately removes a port
when it detects an IGMP version 2 leave message on that port. You should use the Immediate­Leave feature only when there is a single receiver present on every port in the VLAN. (Immediate
Leave is only supported on IGMP Version 2 hosts).

The switch uses IGMP snooping Immediate Leave to remove from the forwarding table an
interface that sends a leave message without the switch sending group-specific queries to the
interface. The VLAN interface is pruned from the multicast tree for the multicast group specified
in the original leave message. Immediate Leave ensures optimal bandwidth management for all
hosts on a switched network, even when multiple multicast groups are simultaneously in use.

Fast Leave

The switch allow user to configure a delay time. When the delay time is expired, the switch
removes the interface from the multicast group.

Last Member Query Interval

Last Member Query Interval: The Last Member Query Interval is the Max Response Time inserted
into Group-Specific Queries sent in response to Leave Group messages, and is also the amount of
time between Group-Specific Query messages.

Without Immediate Leave, when the switch receives an IGMP leave message from a subscriber
on a receiver port, it sends out an IGMP specific query on that port and waits for IGMP group
membership reports. If no reports are received in a configured time period, the receiver port is

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 72

INSTALLATION AND OPERATION MANUAL CWGE24MS2

removed from multicast group membership.

IGMP Querier

There is normally only one Querier per physical network. All multicast routers start up as a Querier
on each attached network. If a multicast router hears a Query message from a router with a lower
IP address, it MUST become a Non-Querier on that network. If a router has not heard a Query
message from another router for [Other Querier Present Interval], it resumes the role of Querier.
Routers periodically [Query Interval] send a General Query on each attached network for which
this router is the Querier, to solicit membership information. On startup, a router SHOULD send
[Startup Query Count] General Queries spaced closely together [Startup Query Interval] in order
to quickly and reliably determine membership information. A General Query is addressed to the
all-systems multicast group (224.0.0.1), has a Group Address field of 0, and has a Max Response
Time of [Query Response Interval].

Port IGMP Querier Mode

» Auto:

The Switch uses the port as an IGMP query port if the port receives IGMP query packets.

» Fixed:
The Switch always treats the port(s) as IGMP query port(s). This is for when connecting an IGMP
multicast server to the port(s). The Switch always forwards the client’s report/leave packets to the
port.
Normally, the port is connected to an IGMP server.

» Edge:
The Switch does not use the port as an IGMP query port. The IGMP query packets received by
this port will be dropped.
Normally, the port is connected to an IGMP client.

Note: The Switch will forward the IGMP join and leave packets to the query port.

Configurations:

Users can enable/disable the IGMP Snooping on the Switch. Users also can enable/disable the
IGMP Snooping on a specific VLAN. If the IGMP Snooping on the Switch is disabled, the IGMP
Snooping is disabled on all VLANs even some of the VLAN IGMP Snooping are enabled.

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 73

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Default Settings

If received packets are not received after 400 seconds, all multicast entries will be deleted.

The default global IGMP snooping state is disabled.

The default VLAN IGMP snooping state is disabled for all VLANs.

The unknown multicast packets will be dropped.

The default port Immediate Leave state is disabled for all ports.

The default port Querier Mode state is auto for all ports.

The IGMP snooping Report Suppression is disabled.

Notices:
There are a global state and per VLAN states. When the global state is disabled, the IGMP
snooping on the Switch is disabled even per VLAN states are enabled. When the global state is
enabled, user must enable per VLAN states to enable the IGMP Snooping on the specific VLAN.

CLI Configuration

Node Command Description

enable show igmp-snooping This command displays the current IGMP snooping configurations.

enable show igmp-snooping

counters

enable show igmp-snooping

querier

enable show multicast This command displays the multicast group in IP format.

configure clear igmp-snooping

counters

configure igmp-snooping

(disable | enable)

configure igmp-snooping vlan

VLANID

configure no igmp-snooping vlan

VLANID

configure igmp-snooping

unknown-multicast
(drop|flooding)

This command displays the current IGMP snooping counters.

This command displays the current IGMP Queriers.

This command clears all of the IGMP snooping counters.

This command disables / enables the IGMP snooping on the switch.

This command enables the IGMP snooping function on a VLAN or
range of VLANs.

This command disables the IGMP snooping function on a VLAN or
range of VLANs.

This command configures the process for unknown multicast packets
when the IGMP snooping function is enabled.
drop: Drop all of the unknown multicast packets.

configure igmp-snooping

report-suppression
(disable|enable)

TECH SUPPORT: 1.888.678.9427

This command disables / enables the IGMP snooping report
suppression function on the switch.

INS_CWGE24MS2_REV–

10/05/16 PAGE 74

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Node Command Description

configure clear igmp-counters This command clears the IGMP snooping counters.

configure clear igmp-counters

This command clears the IGMP snooping counters for port or vlan.

(por t|vlan)

interface igmp-querier-mode

(auto|fixed|edge)

This command specifies whether or not and under what conditions
the port(s) is (are) IGMP query port(s). The Switch forwards IGMP join
or leave packets to an IGMP query port, treating the port as being
connected to an IGMP multicast router (or server). You must enable
IGMP snooping as well. (Default:auto)

interface igmp-immediate-leave This command enables the IGMP Snooping immediate leave function

for the specific interface.

interface no igmp-immediate-

leave

interface igmp-snooping group-

limit VALUE

interface no igmp-snooping

group-limit

configure interface range

This command disables the IGMP Snooping immediate leave function
for the specific interface.

This command configures the maximum groups for the specific
interface.

This command removes the limitation of the maximum groups for the
specific interface.

This command enters the interface configure node.
gigabitethernet1/0/
PORTLISTS

if-range igmp-immediate-leave This command enables the IGMP Snooping immediate leave function

for the specific ports.

if-range no igmp-immediate-

leave

if-range igmp-snooping group-

This command disables the IGMP Snooping immediate leave function

for the specific ports.

This command configures the maximum groups for the specific ports.
limit VALUE

if-range no igmp-snooping

group-limit

if-range igmp-querier-mode

(auto|fixed|edge)

This command removes the limitation of the maximum groups for the

specific ports.

This command specifies whether or not and under what conditions

the ports is (are) IGMP query port(s). The Switch forwards IGMP join

or leave packets to an IGMP query port, treating the port as being

connected to an IGMP multicast router (or server). You must enable

IGMP snooping as well. (Default:auto)

Example:

CWGE24MS2(config)#igmp-snooping enable
CWGE24MS2(config)#igmp-snooping vlan 1
CWGE24MS2(config)#igmp-snooping querier enable
CWGE24MS2(config)#igmp-snooping querier vlan 1
CWGE24MS2(config)#interface 1/0/1
CWGE24MS2(config-if)#igmp-immediate-leave
CWGE24MS2(config-if)#igmp-querier-mode fixed

CWGE24MS2(config-if)#igmp-snooping group-limit 20

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 75

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Web Configuration

General Settings

Parameter Description

IGMP Snooping State Select Enable to activate IGMP Snooping to forward group multicast traffic

only to ports that are members of that group. Select Disable to deactivate
the feature.

Report Suppression
State

IGMP Snooping VLAN
State

Select Enable/Disable to activate/deactivate IGMP Snooping report
suppression function.

Select Add and enter VLANs upon which the Switch is to perform IGMP
snooping. The valid range of VLAN IDs is between 1 and 4094. Use a
comma (,) or hyphen (-) to specify more than one VLANs. Select Delete and
enter VLANs on which to have the Switch not perform IGMP snooping.

Unknown Multicast
Packets

Specify the action to perform when the Switch receives an unknown
multicast frame. Select Drop to discard the frame(s). Select Flooding to
send the frame(s) to all ports.

Apply Click Apply to configure the settings.

Refresh Click this to reset the fields to the last setting.

IGMP Snooping State This field displays whether IGMP snooping is globally enabled or disabled.

Report Suppression
State

This field displays whether IGMP snooping report suppression is enabled
or disabled.

IGMP Snooping VLAN
State

Unknown Multicast
Packets

TECH SUPPORT: 1.888.678.9427

This field displays VLANs on which the Switch is to perform IGMP snooping.
None displays if you have not enabled IGMP snooping on any port yet.

This field displays whether the Switch is set to discard or flood unknown
multicast packets.

INS_CWGE24MS2_REV–

10/05/16 PAGE 76

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Port Settings

Parameter Description

Querier Mode Select the desired setting, Auto, Fixed, or Edge. Auto means the Switch uses

the port as an IGMP query port if the port receives IGMP query packets.
Fixed means the Switch always treats the port(s) as IGMP query port(s). This is
for when connecting an IGMP multicast server to the port(s). Edge means the
Switch does not use the port as an IGMP query port. In this case, the Switch
does not keep a record of an IGMP router being connected to this port and
the Switch does not forward IGMP join or leave packets to this port.

Immediate

Select individual ports on which to enable immediate leave.

Leave

Group Limit Configures the maximum group for the port or a range of ports.

Apply Click Apply to apply the settings.

Refresh Click this to reset the fields.

Port The port ID.

Querier Mode The Querier mode setting for the specific port.

Immediate Leave The Immediate Leave setting for the specific port.

Group Counts The current joining group count and the maximum group count.

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 77

INSTALLATION AND OPERATION MANUAL CWGE24MS2

IGMP Snooping Querier

CLI Configurations

Node Command Description

configure igmp-snooping querier

(disable | enable)

configure igmp-snooping querier vlan

VLANIDs

configure no igmp-snooping querier

vlan VLANIDs

Web Configurations

This command disables / enables the IGMP snooping
querier on the Switch.

This command enables the IGMP snooping querier
function on a VLAN or range of VLANs.

This command disables the IGMP snooping querier
function on a VLAN or range of VLANs.

Parameter Description

Querier State This field configures the global Querier state.

Querier VLAN State This field enables the Querier state in a vlan or a range of vlan.

Apply Click Apply to apply the settings.

Refresh Click this to reset the fields to the last setting.

Querier State This filed indicates the current global Querier status.

Querier VLAN State This field indicates the Querier status in vlan.

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 78

INSTALLATION AND OPERATION MANUAL CWGE24MS2

IGMP Snooping Filtering

The IGMP Snooping Filter allows users to configure one or some of range or multicast address to
drop or to forward them.

CLI Configurations

Node Command Description

enable show igmp-snooping

filtering

configure igmp-snooping filtering

(enable|disable)

configure igmp-snooping filtering

profile

configure no igmp-snooping

filtering all

configure no igmp-snooping

filtering STRINGS

config-igmp Group GROUP_ID start-

address START-ADDR
end-address END-ADDR

This command displays the IGMP snooping filtering
configurations.

This command enables/disables the IGMP snooping filtering
profiles on the Switch.

This command enters the IGMP snooping filtering profiles
configuration node.

This command removes all of the IGMP snooping filtering
profiles from the Switch.

This command removes the IGMP snooping filtering profiles by
name from the Switch.

This command configures the group configurations, including
group index and start multicast address and end multicast
address.

config-igmp type (deny|permit) This command configures the type of deny or permit for the

group.

config-igmp no group GROUP-ID This command removes the group configurations.

config-igmp no group all This command removes all of the group configurations.

config-igmp type (deny|permit) This command configures the type of deny or permit for the

group.

interface igmp-snooping filtering

profile STRING

interface no igmp-snooping

filtering profile STRINGS

configure interface range

gigabitethernet1/0/
PORTLISTS

if-config igmp-snooping filtering

profile STRING

if-config no igmp-snooping

filtering profile STRINGS

TECH SUPPORT: 1.888.678.9427

This command enables the IGMP snooping filtering profiles on
the specific port.

This command disables the IGMP snooping filtering profiles on
the specific port.

This command enters the interface configure node.

This command enables the IGMP snooping filtering profiles on
the range of ports.

This command disables the IGMP snooping filtering profiles on
the range of ports.

INS_CWGE24MS2_REV–

10/05/16 PAGE 79

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Web Configurations

General Settings

Parameter Description

IGMP Filtering State This field configures the global IGMP Filtering state.

Profile This field creates the IGMP Filtering profile.

Type The field configures the type of action for the profile.

Apply Click Apply to apply the settings.

Refresh Click this to reset the fields to the last setting.

IGMP Filtering Status

Profile The profile name.

Type The type of action.

Ports The field indicates the ports that the IGMP Filtering profile is

activated.

Action Click the “Delete” button to delete the profile.

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 80

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Group Settings

Parameter Description

Profile This field selects the profile which you want to configure the group.

Group This field selects the group index.

Start Address The field configures the first multicast address of the group.

End Address The field configures the last multicast address of the group.

Apply Click Apply to apply the settings.

Refresh Click this to reset the fields to the last setting.

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 81

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Port Settings

Parameter Description

Profile This field selects the profile which you want to activate on the ports.

Activate IGMP
Filtering on Ports

Selects the ports which you want to activate the IGMP Filtering
profile.

Apply Click Apply to apply the settings.

Refresh Click this to reset the fields to the last setting.

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 82

INSTALLATION AND OPERATION MANUAL CWGE24MS2

MVR

Introduction

MVR refers to Multicast VLAN Registration that enables a media server to transmit multicast
stream in a single multicast VLAN while clients receiving multicast VLAN stream can reside in
different VLANs. Clients in different VLANs intend to join or leave the multicast group simply by
sending the IGMP Join/leave message to a receiver port. The receiver port belonging to one of
the multicast groups can receive multicast stream from media server. Without support of MVR, the
Multicast stream from media server and subscriber must reside in the same VLAN.

» Source ports : The Stream source ports.

» Receiver ports : The Client ports.

» Tagged ports : Configure the tagged ports for source ports or receiver ports.

MVR Mode

» Dynamic Mode:
If we select the dynamic mode in MVR setting, IGMP report message transmitted from the
receiver port will be forwarded to a multicast router through its source port. Multicast router
knows which multicast groups exist on which interface dynamically.

» Compatible mode:
If we select the dynamic mode in MVR setting, IGMP report message transmitted from the
receiver port will not be transmitted to a multicast router.

Operation Mode

» Join Operation:
A subscriber sends an IGMP report message to the switch to join the appropriate multicast.
The next depends on whether the IGMP report matches the switch configured multicast MAC
address. If it matches, the switch CPU modifies the hardware address table to include this
receiver port and VLAN as a forwarding destination of MVLAN.

» Leave Operation:
Subscriber sends an IGMP leave message to the switch to leave the multicast. The switch
CPU sends an IGMP group-specific query through the receiver port VLAN. If there is another
subscriber in the VLAN, subscriber must respond within the max response time. If there is no
subscriber, the switch would eliminate this receiver port.

» Immediate Leave Operation:
Subscriber sends an IGMP leave message to the switch to leave the multicast. Subscribers do not
need to wait for the switch CPU to send an IGMP group-specific query through the receiver port
VLAN. The switch will immediately eliminate this receiver port.

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 83

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Figure-1:

Figure-2:

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 84

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Default Settings

There is no MVR vlan.

Default configuration for a new MVR:

MVR VLAN Information

VLAN ID : 2
Name : MVR2
Active : Enabled
Mode : Dynamic
Source Port(s) : None
Receiver Port(s) : None
Tagged Port(s) : None

The Switch allows user to create up to 250 groups.

The Switch allows user to create up to 16 MVRs.

Notices

» IGMP snooping and MVR can be independently enabled.

» IGMP snooping and MVR use the same IGMP timers.

» MVR can recognize IGMPv3 reports.

» About the IGMPv3 report, switch doesn’t treat those group records with the following group

record types as membership reports. Those group record types are MODE_IS_INCLUDE,
CHANGE_TO_INCLUDE_MODE, ALLOW_NEW_SOURCES and BLOCK_OLD_SOURCES.

» Don’t use the group address X.0.0.1 for your multicast stream. It is because the system detects

and records the 224.0.0.1 for dynamic querier port. The group address X.0.0.1 may conflict with

224.0.0.1.

» Because the lower 23 bits of the 28-bit multicast IP address are mapped into the 23 bits of

available Ethernet address space. When you configure group address, the Switch compares
the lower 23 bits only.

» CLI command “group 1 start-address 224.1.1.1 6”, it creates 6 groups. That is, one IP, one group.

» The MVR name should be the combination of the digit or the alphabet.

» The group name should be the combination of the digit or the alphabet.

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 85

INSTALLATION AND OPERATION MANUAL CWGE24MS2

CLI Configuration

Node Command Description

enable show mvr This command displays the current MVR configurations.

enable show mvr vlan VLANID This command displays the current MVR configurations of the specific

VLAN.

enable show igmp-snooping This command displays the current IGMP snooping configurations.

configure mvr VLANID This command configures the MVR configurations for the specific

VLAN.

configure no mvr VLANID This command disables the MVR configurations for the specific VLAN.

MVR group NAME This command configures a group configuration for the MVR.

MVR no group NAME This command removes the group configurations from the MVR.

MVR inactive This command disables the MVR settings.

MVR no inactive This command enables the MVR settings.

MVR mode

(dynamic|compatible)

This command configures the mode for the MVR.
Dynamic : Sends IGMP report to all MVR source ports in the multicast
VLAN.
Compatible : Sets the Switch not to send IGMP report.

MVR name STRING This command configures the name for the MVR.

MVR no name This command configures the default name for the MVR.

MVR receiver-port PORTLIST This command sets the receiver port(s). Normally the source ports are

connected to the streaming client.

MVR no receiver-port

PORTLIST

This command removes a port or range of ports from the receiver
port(s).

MVR source-port PORTLIST This command sets the source port(s). Normally the source ports are

connected to the streaming server.

MVR no source-port PORTLISTThis command removes a port or range of ports from the source

port(s).

MVR tagged PORTLIST This command sets the tagged port(s). Same as the VLAN tagged

port.

MVR no tagged PORTLIST This command removes a port or range of ports from the tagged

port(s).

MVR priority-override

This command enables/disables the multicast priority override.

(disable|enable)

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 86

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Web Configuration

MVR Settings

Parameter Description

VLAN ID Configures a VLAN.

NAME Configures a name for the MVR.

Priority

Enable / Disable for the priority override.

Override

State Enables / Disables the MVR.

Mode Configures the mode for the MVR.

802.1p Priority The priority for these multicast group packets.

Source Ports Configures the source port(s) for the MVR. Normally the source ports are

connected to the streaming server.

Receive Ports Configures the receive port(s) for the MVR. Normally the source ports are

connected to the streaming client

Tagged Ports Configures the tagged port(s) for the MVR. Same as the VLAN tagged port.

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 87

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Group Settings

Parameter Description

MVR VLAN Select a MVR VLAN.

Group Name Configures the group name.

Start Address Configures the multicast start address.

Quantity Configures the quantity of the multicast address.

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 88

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Multicast Address

Introduction

A multicast address is associated with a group of interested receivers. According to RFC 3171,
addresses 224.0.0.0 to 239.255.255.255, the former Class D addresses, are designated as multicast
addresses in IPv4.

The IANA owns the OUI MAC address 01:00:5e, therefore multicast packets are delivered by using
the Ethernet MAC address range 01:00:5e:00:00:00 - 01:00:5e:7f:ff:ff. This is 23 bits of available
address space.

The first octet (01) includes the broadcast/multicast bit. The lower 23 bits of the 28-bit multicast
IP address are mapped into the 23 bits of available Ethernet address space. This means that there
is ambiguity in delivering packets. If two hosts on the same subnet each subscribe to a different
multicast group whose address differs only in the first 5 bits, Ethernet packets for both multicast
groups will be delivered to both hosts, requiring the network software in the hosts to discard the
unrequired packets.

Class Address Range Supports

Class A 1.0.0.1 to 126.255.255.254 Supports 16 million hosts on each of 127 networks.

Class B 128.1.0.1 to 191.255.255.254 Supports 65,000 hosts on each of 16,000 networks.

Class C 192.0.1.1 to 223.255.254.254 Supports 254 hosts on each of 2 million networks.

Class D 224.0.0.0 to 239.255.255.255 Reserved for multicast groups.

Class E 240.0.0.0 to 254.255.255.254 Reserved for future use, or Research and

Development Purposes.

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 89

INSTALLATION AND OPERATION MANUAL CWGE24MS2

IP multicast address Description

224.0.0.0 Base address (reserved)

224.0.0.1 The All Hosts multicast group that contains all systems on the same network
segment

224.0.0.2 The All Routers multicast group that contains all routers on the same network
segment

224.0.0.5 The Open Shortest Path First (OSPF) AllSPFRouters address. Used to send Hello
packets to all OSPF routers on a network segment

224.0.0.6 The OSPF AllDRouters address. Used to send OSPF routing information to
OSPF designated routers on a network segment

224.0.0.9 The RIP version 2 group address, used to send routing information using the
RIP protocol to all RIP v2-aware routers on a network segment

224.0.0.10 EIGRP group address. Used to send EIGRP routing information to all EIGRP
routers on a network segment

224.0.0.13 PIM Version 2 (Protocol Independent Multicast)

224.0.0.18 Virtual Router Redundancy Protocol

224.0.0.19 - 21 IS-IS over IP

224.0.0.22 IGMP Version 3 (Internet Group Management Protocol)

224.0.0.102 Hot Standby Router Protocol Version 2

224.0.0.251 Multicast DNS address

224.0.0.252 Link-local Multicast Name Resolution address

224.0.1.1 Network Time Protocol address

224.0.1.39 Cisco Auto-RP-Announce address

224.0.1.40 Cisco Auto-RP-Discovery address

224.0.1.41 H.323 Gatekeeper discovery address

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 90

INSTALLATION AND OPERATION MANUAL CWGE24MS2

CLI Configuration

Node Command Description

enable show mac-address-table multicast This command displays the current static/

dynamic multicast address entries.

enable show mac-address-table multicast

configure mac-address-table multicast

configure no mac-address-table multicast

Web Configuration

vlan VLANID

MACADDR vlan VLANID ports
PORTLIST

MACADDR

This command displays the current static/
dynamic multicast address entries with a
specific vlan.

This command configures a static multicast
entry.

This command removes a static multicast
entry from the address table.

Parameter Description

VLAN ID Configures the VLAN that you want to configure.

MAC
Address

Port Configures the member port for the multicast address.

Apply Click Apply to save your changes back to the Switch.

Refresh Click Refresh to begin configuring this screen afresh.

TECH SUPPORT: 1.888.678.9427

Configures the multicast MAC which will not be aged out.
Valid format is hh:hh:hh:hh:hh:hh.

INS_CWGE24MS2_REV–

10/05/16 PAGE 91

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Explicit Host Tracking

This capability enables the Switch to track each individual host that is joined to a particular group
or channel and to achieve minimal leave latencies when hosts leave a multicast group or channel.

Notice:

Before configuring the ip igmp explicit-tracking command, IGMP must be enabled.

When explicit host tracking is enabled, the router uses more memory than if explicit tracking is
disabled because the router must store the membership state of all hosts on the interface.

CLI Configurations

Node Command Description

enable show ip multicast This command shows the IGMP snooping

membership information.

enable show igmp-snooping membership This command shows the IGMP snooping host

membership information.

configure igmp-snooping explicit-tracking This command enables the IGMP snooping

explicit host tracking on the Switch.

configure no igmp-snooping explicit-tracking This command disables the IGMP snooping

explicit host tracking on the Switch.

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 92

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Web Configurations

Parameter Description

Explicit
Tracking state

The filed enables/disables the IGMP Snooping explicit host tracking state
on the Switch.

IGMP Snooping Membership Table

Index This field indicates the index of the entry.

Port This field indicates the port of the entry.

Multicast

This field indicates the multicast address of the entry.

Group

VID This field indicates the vlan of the entry.

Timeout This field indicates the remaining time in the table of the entry.

Host IP This field indicates the host IP which joins the multicast group.

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 93

INSTALLATION AND OPERATION MANUAL CWGE24MS2

VLAN

Port Isolation

Introduction

The port isolation is a port-based virtual LAN feature. It partitions the switching ports into virtual
private domains designated on a per port basis. Data switching outside of the port’s private
domain is not allowed. It will ignore the packets’ tag VLAN information.

This feature is a per port setting to configure the egress port(s) for the specific port to forward
its received packets. If the CPU port (port 0) is not an egress port for a specific port, the host
connected to the specific port cannot manage the Switch.

If you wish to allow two subscriber ports to talk to each other, you must define the egress port
for both ports. CPU refers to the Switch management port. By default it forms a VLAN with
all Ethernet ports. If it does not form a VLAN with a particular port then the Switch cannot be
managed from that port.

Example: If you want to allow port-1 and port-3 to talk to each other, you must configure as below:

CWGE24MS2(config)#interface 1/0/1
CWGE24MS2(config-if)#port-isolation ports 3
CWGE24MS2(config-if)#exit
; Allow the port-1 to send its ingress packets to port-3.

CWGE24MS2(config)#interface 1/0/3
CWGE24MS2(config-if)#port-isolation ports 1
CWGE24MS2(config-if)#exit
; Allow the port-3 to send its ingress packets to port-1

CLI Configuration

Node Command Description

enable show port-isolation This command displays the current port isolation configurations.

“V” indicates the port’s packets can be sent to that port.
“-” indicates the port’s packets cannot be sent to that port.

interface port-isolation ports

PORTLISTS

interface no port-isolation This command configures all ports to egress traffic from the specific

This command configures a port or a range of ports to egress traffic from
the specific port.

port.

Example:

CWGE24MS2(config)#interface 1/0/2
CWGE24MS2(config-if)#port-isolation ports 3-10

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 94

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Web Configuration

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 95

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Parameter Description

Port Select a port number to configure its port isolation settings.

Select All Ports to configure the port isolation settings for all ports on the Switch.

Egress Port An egress port is an outgoing port, that is, a port through which a data packet leaves.

Selecting a port as an outgoing port means it will communicate with the port
currently being configured.

Select All/
Deselect All

Apply Click Apply to configure the settings.

Refresh Click this to reset the fields to the last setting.

Port Isolation Status “V” indicates the port’s packets can be sent to that port.

Click Select All to mark all ports as egress ports and permit traffic.
Click Deselect All to unmark all ports and isolate them.
Deselecting all ports means the port being configured cannot communicate with any
other port.

“-” indicates the port’s packets cannot be sent to that port.

802 .1Q VL A N

Introduction

A virtual LAN, commonly known as a VLAN, is a group of hosts with a common set of
requirements that communicate as if they were attached to the Broadcast domain, regardless of
their physical location. A VLAN has the same attributes as a physical LAN, but it allows for end
stations to be grouped together even if they are not located on the same network switch. Network
reconfiguration can be done through software instead of physically relocating devices.

VID- VLAN ID is the identification of the VLAN, which is basically used by the standard 802.1Q. It
has 12 bits and allow the identification of 4096 (2^12) VLANs. Of the 4096 possible VIDs, a VID of
0 is used to identify priority frames and value 4095 (FFF) is reserved, so the maximum possible
VLAN configurations are 4,094.

A tagged VLAN uses an explicit tag (VLAN ID) in the MAC header to identify the VLAN
membership of a frame across bridges - they are not confined to the switch on which they were
created. The VLANs can be created statically by hand or dynamically through GVRP. The VLAN
ID associates a frame with a specific VLAN and provides the information that switches need to
process the frame across the network. A tagged frame is four bytes longer than an untagged
frame and contains two bytes of TPID (Tag Protocol Identifier, residing within the type/length
field of the Ethernet frame) and two bytes of TCI (Tag Control Information, starts after the source
address field of the Ethernet frame).

The CFI (Canonical Format Indicator) is a single-bit flag, always set to zero for Ethernet switches. If
a frame received at an Ethernet port has a CFI set to 1, then that frame should not be forwarded
as it is to an untagged port. The remaining twelve bits define the VLAN ID, giving a possible
maximum number of 4,096 VLANs. Note that user priority and VLAN ID are independent of each

INS_CWGE24MS2_REV–

TECH SUPPORT: 1.888.678.9427

10/05/16 PAGE 96

INSTALLATION AND OPERATION MANUAL CWGE24MS2

other. A frame with VID (VLAN Identifier) of null (0) is called a priority frame, meaning that only the
priority level is significant and the default VID of the ingress port is given as the VID of the frame.
Of the 4096 possible VIDs, a VID of 0 is used to identify priority frames and value 4095 (FFF) is
reserved, so the maximum possible VLAN configurations are 4,094.

TPID User Priority CFI VLAN ID

2 bytes 3 bits 1 bit 12 bit s

» Forwarding Tagged and Untagged Frames
Each port on the Switch is capable of passing tagged or untagged frames. To forward a frame
from an 802.1Q VLAN-aware switch to an 802.1Q VLAN-unaware switch, the Switch first decides
where to forward the frame and then strips off the VLAN tag. To forward a frame from an

802.1Q VLAN-unaware switch to an 802.1Q VLAN-aware switch, the Switch first decides where
to forward the frame, and then inserts a VLAN tag reflecting the ingress port’s default VID. The
default PVID is VLAN 1 for all ports, but this can be changed.
A broadcast frame (or a multicast frame for a multicast group that is known by the system)
is duplicated only on ports that are members of the VID (except the ingress port itself), thus
confining the broadcast to a specific domain.

» 802.1Q Port base VLAN
With port-based VLAN membership, the port is assigned to a specific VLAN independent
of the user or system attached to the port. This means all users attached to the port should
be members of the same VLAN. The network administrator typically performs the VLAN
assignment. The port configuration is static and cannot be automatically changed to another
VLAN without manual reconfiguration.

As with other VLAN approaches, the packets forwarded using this method do not leak into other
VLAN domains on the network. After a port has been assigned to a VLAN, the port cannot send
to or receive from devices in another VLAN without the intervention of a Layer 3 device.

The device that is attached to the port likely has no understanding that a VLAN exists. The device
simply knows that it is a member of a subnet and that the device should be able to talk to all
other members of the subnet by simply sending information to the cable segment. The switch
is responsible for identifying that the information came from a specific VLAN and for ensuring
that the information gets to all other members of the VLAN. The switch is further responsible for
ensuring that ports in a different VLAN do not receive the information.

This approach is quite simple, fast, and easy to manage in that there are no complex lookup tables
required for VLAN segmentation. If port-to-VLAN association is done with an application-specific
integrated circuit (ASIC), the performance is very good. An ASIC allows the port-to-VLAN mapping
to be done at the hardware level.

Default Settings

The default PVID is 1 for all ports.

The default Acceptable Frame is All for all ports.

All ports join in the VLAN 1.

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 97

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Notice: The maximum VLAN group is 4094.

CLI Configuration

Node Command Description

enable show vlan VLANID This command displays the VLAN configurations.

configure vlan <1~4094> This command enables a VLAN and enters the VLAN node.

configure no vlan <1~4094> This command deletes a VLAN.

vlan show This command displays the current VLAN configurations.

vlan name STRING This command assigns a name for the specific VLAN.

The VLAN name should be the combination of the digit or the
alphabet or hyphens (-) or underscores (_).
The maximum length of the name is 16 characters.

vlan no name This command configures the vlan name to default.

Note: The default vlan name is “VLAN”+vlan_ID, VLAN1, VLAN2,…

vlan add PORTLISTS This command adds a port or a range of ports to the vlan.

vlan fixed PORTLISTS This command assigns ports for permanent member of the vlan.

vlan no fixed PORTLISTS This command removes all fixed member from the vlan.

vlan tagged PORTLISTS This command assigns ports for tagged member of the VLAN group.

The ports should be one/some of the permanent members of the vlan.

vlan no tagged PORTLISTS This command removes all tagged member from the vlan.

vlan untagged PORTLISTS This command assigns ports for untagged member of the VLAN

group. The ports should be one/some of the permanent members of
the vlan.

vlan no untagged

This command removes all untagged member from the vlan.

PORTLISTS

interface acceptable frame type

(all|tagged|untagged)

This command configures the acceptable frame type.
all - acceptable all frame types.
tagged - acceptable tagged frame only.
untagged – acceptable untagged frame only.

interface pvid VLANID This command configures a VLAN ID for the port default VLAN ID.

interface no pvid This command configures 1 for the port default VLAN ID.

configure interface range

This command enters the interface configure node.
gigabitethernet1/0/
PORTLISTS

if-range pvid VLANID This command configures a VLAN ID for the port default VLAN ID.

if-range no pvid This command configures 1 for the port default VLAN ID.

configure vlan range STRINGS This command configures a range of vlans.

configure no vlan range STRINGS This command removes a range of vlans.

vlan-range add PORTLISTS This command adds a port or a range of ports to the vlans.

INS_CWGE24MS2_REV–

TECH SUPPORT: 1.888.678.9427

10/05/16 PAGE 98

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Node Command Description

vlan-range fixed PORTLISTS This command assigns ports for permanent member of the VLAN

group.

vlan-range no fixed PORTLISTS This command removes all fixed member from the vlans.

vlan-range tagged PORTLISTS This command assigns ports for tagged member of the VLAN group.

The ports should be one/some of the permanent members of the

vlans.

vlan-range no tagged PORTLISTS This command removes all tagged member from the vlans.

vlan-range untagged PORTLISTS This command assigns ports for untagged member of the VLAN

group. The ports should be one/some of the permanent members of

the vlans.

vlan-range no untagged

This command removes all untagged member from the vlans.
PORTLISTS

Example:

CWGE24MS2#configure terminal
CWGE24MS2(config)#vlan 2
CWGE24MS2(config-vlan)#fixed 1-6
CWGE24MS2(config-vlan)#untagged 1-3

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 99

INSTALLATION AND OPERATION MANUAL CWGE24MS2

Web Configuration

VLAN Settings

Parameter Description

VLAN ID Enter the VLAN ID for this entry; the valid range is between 1 and 4094.

VLAN Name Enter a descriptive name for the VLAN for identification purposes. The VLAN

name should be the combination of the digit or the alphabet or hyphens (-) or
underscores (_).
The maximum length of the name is 16 characters.

Member Port Enter the port numbers you want the Switch to assign to the VLAN as

members. You can designate multiple port numbers individually by using a
comma (,) and by range with a hyphen (-).

Apply Click Apply to save your changes back to the Switch.

Refresh Click Refresh to begin configuring this screen afresh.

VLAN List

VLAN ID This field displays the index number of the VLAN entry. Click the number to

modify the VLAN.

VLAN Name This field displays the name of the VLAN.

VLAN Status This field displays the status of the VLAN. Static or Dynamic (802.1Q VLAN).

Member Port This field displays which ports have been assigned as members of the VLAN.

This will display None if no ports have been assigned.

Action Click Delete to remove the VLAN. The VLAN 1 cannot be deleted.

TECH SUPPORT: 1.888.678.9427

INS_CWGE24MS2_REV–

10/05/16 PAGE 100