How it Works
ELTEX
Loading...
MES2000
Operation Manual
231 pgs4.36 Mb0

ELTEX MES1000, MES2000 Operation Manual

L2 Fast Ethernet and Gigabit Ethernet Managed Switches
MES1000, MES2000
Operation Manual,Firmware Version 1.1.42
Document version
Issue date
Revisions
Version 2.17
20/10/2015
Changes in chapters:
- 5.23.1 Copper-wire cable diagnostics
Version 2.16
31/08/2015
Added description of MES1124MB, MES1124M DC, MES2124M DC Changes in chapters:
- 2.2.8 Additional functions
- 2.3 Main specifications
- 2.4 Design
- 5.5 System management commands
- 5.10 Interface configuration
- 5.11 Selective Q-in-Q
- 5.12 Broadcast storm control
- 5.13 Link Agregation Group (LAG)
- 5.16.6 Flex-link function configuration
- 5.19.1 ААА mechanism
- 5.21 Port mirroring (monitoring)
- 5.33.1 QoS Configuration Added chapters:
- 5.24 IP Service Level Agreements (IP SLA)
Version 2.15
18/05/2015
Added description of MES1124M, MES2124M. Added chapters:
- 2.4.3 MES1124M, MES2124M series devices panels appearance and layout
- 5.28 DHCP protocol management and Option 82 Changes in chapters:
- 2.2.7 Switch control function
- 2.3 Main specifications
- 5.5 System management commands
- 5.8.1 Command parameters description
- 5.8.3 Configuration backup commands
- 5.10.1 Ethernet and Port-Channel interface parameters
- 5.10.2 VLAN interface configuration
- 5.16.4 Loopback detection mechanism
- 5.16.5 STP protocol family (STP, RSTP, MSTP)
- 5.16.6 Flex-link function configuration
- 5.16.11 CFM protocol configuration
- 5.19.2 RADIUS protocol
- 5.19.4 Simple network management protocol (SNMP)
- 5.26.2.2 Advanced authentication
- 5.26.3 DHCP protocol management and Options 82
- 5.27 DHCP Relay mediations features
Version 2.14
17/02/2015
Added chapters:
- 3.3 SFP transceiver installation and removal Changes in chapters:
- 5.10.2 VLAN interface configuration
- 5.12 Broadcast storm control
- 5.18.2 IGMP snooping function
- 5.19.4 Simple network management protocol (SNMP)
- 5.26.2.2 Advanced authentication
Version 2.13
14/01/2015
Changes in chapters:
- 5.8.3 Configuration backup commands Added chapters:
- 5.15.3 IPv6 ra guard function configuration
- 5.15.4 DHCPv6 guard function configuration
- 5.16.6 Flex-link function configuration
Version 2.12
21/10/2014
Synchronized with firmware version 1.1.30. Changes in chapters:
- 5.10.2 VLAN interface configuration
- 5.12 Broadcast storm control
Version 2.11
27/08/2014
Changes in chapters:
- 5.10 Interface configuration
- 5.16.6 EAPS protocol
- 5.27 DHCP Relay mediation features
MES1000, MES2000 Ethernet Switches 3
Version 2.10
28/07/2014
Changes in chapters:
- 5.19.7.1 Telnet, SSH, HTTP and FTP
Version 2.9
12/05/2014
Added description of devices MES2124P, MES2208P
Version 2.8
06/05/2014
Changes in chapters:
- 5.5 System management commands
- 5.19.2 IGMP Snooping function
Version 2.7
27/03/2014
Changes in chapters:
5.24.1 Copper-wire cable diagnostics
5.25.6 DHCP protocol management and Option 82
Version 2.6
09/01/2014
Changes in chapters:
- 5.18.2 IGMP Snooping function
- 5.18.4 Multicast traffic restriction functions Added chapters:
- 4.3 Configuration procedure
- 5.18.5 RADIUS Authorization of IGMP Queries
- Configuration of IGMP Query Authorization via RADIUS (appendix А)
Version 2.5
22/11/2013
Changes in chapters:
- 5.16.5 STP protocol family (STP, RSTP, MSTP)
- 5.9.1 Ethernet and Port-Channel interface parameters
- 5.16.6 EAPS protocol
- 5.19.2 Radius protocol Added chapters:
- 5.3 Filtering of command line messages
Version 2.4
15/08/2013
Changes in chapters:
- 5.26.1 IPv4 ACL Configuration
- 5.26.2 IPv6 ACL Configuration
- 5.26.3 MAC ACL Configuration
Version 2.3
05/07/2013
Added chapters:
- 6.27 Configuration of Protection from DoS Attacks Changes in chapters:
- Appendix А Samples of use and configuration of device
Version 2.2
18/06/2013
Added chapters:
- 5.14.9 OAM protocol configuration
- 5.14.10 CFM protocol configuration Changes in chapters:
- 4.1 Terminal configuration
- 5.9 Broadcast storm control
- 5.17.1 ААА mechanism
- 5.17.7.1Telnet, SSH, HTTP and FTP
- 5.17.7.2 Terminal configuration commands
Version 2.1
28/05/2013
Added chapters:
- 5.6.3 Configuration backup commands
- 5.15.7 G.8032v2 (ERPS) protocol configuration Changes in chapters:
- 5.18.2 RADIUS protocol
- 5.18.3 TACACS+ protocol
- 5.18.4 SNMP network management protocol
- 5.21.2 Optical transceiver diagnostics
Version 2.0
03/04/2013
Added description of the device MES1124
Version 1.6
20/03/2013
Added chapters:
- Multicast traffic restriction features Changes in chapters:
- IGMP snooping funcion
- ААА mechanism
- Access configuration
- DHCP protocol management and Option 82
- PPPoE Intermediate Agent configuration
Version 1.5
06/03/2013
Changes in chapters:
- 5.4 System management commands;
- 5.9 Selective Q-in-Q;
- 5.17.2 IGMP Snooping function Added chapters:
- Appendix B Typical buildings of networks on basis of EAPS protocol
Version 1.4
28/12/2012
Changes in chapters:
- 5.4 Added description of the CPU monitoring and protection feature configuration.
- 5.8.1. Added description of the interface load monitoring feature configuration.
- 5.8.2. Added description of MAC-based vlan, EtherType configuration for outgoing packets.
- 5.17.1. Added description of MAC address learning configuration in VLAN.
- 5.18.4. Added description of SNMP trap messages configuration on ports.
- 5.20. Added description of remote mirroring configuration.
- 5.23.3. Added description of DHCP Option 82 format configuration. Added chapters:
- 5.23.6 MAC Address Notification function configuration.
Version 1.3
10/09/2012
Changes in chapters:
5.22 Physical diagnostics functions
Version 1.2
21/08/2012
Added description of EAPS protocol configuration.
Version 1.1
12/05/2012
Added chapters:
- PPPoE Intermediate Agent configuration
Version 1.0
21/12/2011
First issue.
Firmware version
1.1.42
MES1000, MES2000 Ethernet Switches 5
CONTENTS
1 INTRODUCTION ........................................................................................................................................... 9
2 PRODUCT DESCRIPTION ............................................................................................................................ 10
2.1 Purpose .............................................................................................................................................. 10
2.2 Device Functions ............................................................................................................................... 10
2.2.1 Basic functions ......................................................................................................................... 10
2.2.2 MAC Address Processing Functions ......................................................................................... 11
2.2.3 Second-layer functions of OSI model ...................................................................................... 11
2.2.4 Third-layer functions of OSI model .......................................................................................... 13
2.2.5 QoS functions ........................................................................................................................... 13
2.2.6 Security functions .................................................................................................................... 13
2.2.7 Switch control functions .......................................................................................................... 14
2.2.8 Additional functions................................................................................................................. 15
2.3 Main specifications ............................................................................................................................ 16
2.4 Design ................................................................................................................................................ 19
2.4.1 MES1024, MES1124, MES2124 series devices front panel appearance and layout ............... 19
2.4.2 MES1124MB, MES2124MB series devices panels appearance and layout ............................. 20
2.4.3 MES1124M, MES2124M series devices panels appearance and layout ................................. 22
2.4.4 MES2208P series device panel appearance and layout .......................................................... 24
2.4.5 MES2124P series device panel appearance and layout .......................................................... 25
2.4.6 Side panels of the device ......................................................................................................... 26
2.4.7 Light Indication ........................................................................................................................ 26
2.5 Delivery Package ................................................................................................................................ 28
3 INSTALLATION AND CONNECTION ............................................................................................................ 29
3.1 Support brackets mounting ............................................................................................................... 29
3.2 Device rack installation ...................................................................................................................... 29
3.3 Battery connection to MES1124MB, MES2124MB ........................................................................... 31
3.4 SFP transceiver installation and removal .......................................................................................... 31
3.5 Connection to Power Supply ............................................................................................................. 32
4 DEVICE STARTUP, INITIAL CONFIGURATION ............................................................................................. 33
4.1 Configuring the Terminal ................................................................................................................... 33
4.2 Turning off the device ....................................................................................................................... 33
4.3 Configuration procedure ................................................................................................................... 35
4.3.1 Stackable Mode Selection........................................................................................................ 35
4.3.2 Initial Configuration ................................................................................................................. 36
4.3.3 Security system configuration ................................................................................................. 39
5 DEVICE MANAGEMENT COMMAND LINE INTERFACE .............................................................................. 42
5.1 Command Line Operation Principles ................................................................................................. 43
5.2 Basic commands ................................................................................................................................ 43
5.3 Filtering of command line messages ................................................................................................. 45
5.4 Macrocommand configuration .......................................................................................................... 45
5.5 System management commands ...................................................................................................... 46
5.6 Switch Stack Management ................................................................................................................ 50
5.7 Commands for configuration of password parameters .................................................................... 52
5.8 File operations ................................................................................................................................... 53
5.8.1 Command parameters description .......................................................................................... 53
5.8.2 File operation commands ........................................................................................................ 53
5.8.3 Configuration backup commands ............................................................................................ 55
5.8.4 Automatic update and configuration commands .................................................................... 56
5.9 System time configuration ................................................................................................................ 58
5.10 Interface configuration ...................................................................................................................... 61
5.10.1 Ethernet and Port-Channel interface parameters ................................................................ 62
5.10.2 VLAN interface configuration ............................................................................................... 69
5.11 Selective Q-in-Q ................................................................................................................................ 75
5.12 Broadcast storm control ................................................................................................................... 76
5.13 Link Aggregation Groups (LAG) ......................................................................................................... 77
5.13.1 Static link aggregation groups.............................................................................................. 78
5.13.2 LACP link aggregation protocol ............................................................................................ 79
5.14 IPv4 addressing configuration .......................................................................................................... 80
5.15 IPv6 addressing configuration .......................................................................................................... 81
5.15.1 IPv6 protocol ........................................................................................................................ 81
5.15.2 IPv6 protocol tunnelling (ISATAP) ........................................................................................ 84
5.15.3 IPv6 RA guard function configuration .................................................................................. 86
5.15.4 DHCPv6 guard function configuration ................................................................................. 87
5.16 Protocol configuration ...................................................................................................................... 88
5.16.1 DNS protocol configurationdomain name system ........................................................... 88
5.16.2 ARP protocol configuration .................................................................................................. 89
5.16.3 GVRP protocol configuration ............................................................................................... 90
5.16.4 Loopback detection mechanism (loopback-detection) ....................................................... 92
5.16.5 STP protocol family (STP, RSTP, MSTP) ................................................................................ 93
5.16.6 Flex-link function configuration ........................................................................................... 99
5.16.7 EAPS protocol ..................................................................................................................... 100
5.16.8 G.8032v2 (ERPS) protocol configuration ........................................................................... 101
5.16.9 LLDP protocol configuration .............................................................................................. 103
5.16.10OAM protocol configuration .............................................................................................. 108
5.16.11CFM protocol configuration ............................................................................................... 110
5.17 Voice VLAN ...................................................................................................................................... 113
5.18 Multicast addressing ....................................................................................................................... 115
5.18.1 Multicast addressing rules ................................................................................................. 115
5.18.2 IGMP snooping function .................................................................................................... 120
5.18.3 MLD snoopingmulticast traffic control protocol for IPv6 networks .............................. 124
5.18.4 Multicast traffic restriction functions ................................................................................ 126
5.18.5 RADIUS Authorization of IGMP Queries ............................................................................ 127
5.19 Control functions ............................................................................................................................ 129
5.19.1 AAA mechanism ................................................................................................................. 129
5.19.2 RADIUS protocol ................................................................................................................ 133
5.19.3 TACACS+ protocol .............................................................................................................. 135
5.19.4 Simple network management protocol (SNMP) ................................................................ 136
5.19.5 Remote network monitoring protocol (RMON) ................................................................ 140
5.19.6 ACL access lists for device management ........................................................................... 146
5.19.7 Access configuration .......................................................................................................... 147
5.20 Alarm log, SYSLOG protocol ............................................................................................................ 151
5.21 Port mirroring (monitoring) ............................................................................................................ 153
5.22 sFlow function................................................................................................................................. 155
5.23 Physical layer diagnostics functions ............................................................................................... 156
5.23.1 Copper-wire cable diagnostics ........................................................................................... 156
5.23.2 Optical transceiver diagnostics .......................................................................................... 158
5.24 IP Service Level Agreements (IP SLA) .............................................................................................. 160
5.24.1 ICMP Echo operation ......................................................................................................... 161
5.24.2 UDP Jitter operation .......................................................................................................... 163
5.25 Green Ethernet configuration......................................................................................................... 165
5.26 Power over Ethernet (PoE) ............................................................................................................. 167
5.27 Security functions ........................................................................................................................... 171
5.27.1 Port security functions ....................................................................................................... 171
5.27.2 Port-based client authentication (802.1x standard) .......................................................... 172
5.27.3 DHCP protocol management and Option 82 ..................................................................... 179
5.27.4 Client IP address protection (IP-source Guard) ................................................................. 183
MES1000, MES2000 Ethernet Switches 7
5.27.5 ARP management (ARP Inspection).................................................................................... 185
5.27.6 MAC Address Notification function configuration ............................................................. 187
5.28 DHCP Relay mediation features ...................................................................................................... 189
5.29 PPPoE Intermediate Agent Configuration ....................................................................................... 190
5.30 DHCP Server Configuration.............................................................................................................. 192
5.31 ACL Configuration (Access Control Lists) ......................................................................................... 195
5.31.1 IPv4 ACL Configuration ....................................................................................................... 197
5.31.2 IPv6 ACL Configuration ....................................................................................................... 201
5.31.3 MAC ACL Configuration ...................................................................................................... 204
5.31.4 Access List Time Range Configuration (time-range) ........................................................... 205
5.32 Configuration of Protection from DoS Attacks ................................................................................ 206
5.33 Quality of Services (QoS) ................................................................................................................. 207
5.33.1 QoS Configuration .............................................................................................................. 207
5.33.2 QoS Statistics ...................................................................................................................... 213
6 SERVICE MENU, CHANGE OF SOFTWARE ................................................................................................ 215
6.1 Startup Menu................................................................................................................................... 215
6.2 Update of software from TFTP server ............................................................................................. 217
6.2.1 System software update ........................................................................................................ 217
6.2.2 Update of loading file of the device (initial loader) ............................................................... 218
APPENDIX A SAMPLES OF USE AND CONFIGURATION OF DEVICE ............................................................... 220
Configuration of multiple spanning trees (MSTP) ................................................................................... 220
Configuration of selective-qinq ............................................................................................................... 222
Addition of SVLAN ........................................................................................................................... 222
Substitution of CVLAN .................................................................................................................... 222
Configuration of multicast-TV VLAN ....................................................................................................... 222
Configuration of IGMP Query Authorization via RADIUS ........................................................................ 224
APPENDIX B TYPICAL BUILDINGS OF NETWORKS ON BASIS OF EAPS PROTOCOL ....................................... 226
APPENDIX C DESCRIPTION OF SWITCH PROCESSES ..................................................................................... 228
SYMBOLS
Value
Description
[ ]
In the command line, optional parameters are shown in square brackets; when entered, they provide additional options.
{}
In the command line, mandatory parameters are shown in curly braces.
,
-
In the description of the command, these signs are used for defining ranges. |
In the description of the command, this sign means 'or'.
/
This character is used to divide the possible variable values from the default values.
Calibri italic
Variables and parameters, that should be replaced with the appropriate word or string, are written in Calibri Italic.
Semibold font
Notes and warnings are written in semibold font.
<Semibold italic>
Keyboard keys are written in semibold italic and enclosed in angle brackets.
Courier New
Examples of command entry are written in Courier New semibold.
Courier New
Results of command execution are written in Courier New font in a frame with the shadow border.
Notes and warnings
Notes contain important information, tips or recommendations on device operation and setup.
Warnings are used to inform the user about harmful situations for the device and the user alike, which could cause malfunction or data loss.
MES1000, MES2000 Ethernet Switches 9
1 INTRODUCTION
In the last few years, more and more large-scale projects are utilizing NGN concept for communication network development. One of the main tasks in implementation of large multiservice networks is the creation of reliable high-performance transport network, that will serve as a backbone in multilayer architecture of next-generation networks.
For delivering high transfer rates, Gigabit Ethernet (GE) data transfer technologies are widely used. High-speed data transmission, especially in large-scale networks, requires a network topology, that will allow flexible distribution of high-speed data flows.
MES1000, MES2000 series switches could be used in large enterprise networks, SMB networks and operator's networks. They provide high performance, flexibility, security and multi-tier QoS.
This operation manual describes intended use, specifications, first time setup recommendations, and the syntax of commands used for configuration, monitoring and firmware update of the switch.
2 PRODUCT DESCRIPTION
2.1 Purpose
MES1000 and MES2000 series devices are the managed stackable network switches that operate on
data-link and network layers of the OSI model.
MES1024 network switches are equipped with 24 Fast Ethernet ports with electric interfaces and 2
Gigabit Ethernet ports combined with slots for SFT transceiver installation (combo ports).
MES1124, MES1124M, MES1124MB network switches are equipped with 24 Fast Ethernet ports with electric interfaces and 4 Gigabit Ethernet ports combined with slots for SFT transceiver installation (combo ports). MES1124MB allows operation from 12V battery as a backup power source.
MES2124, MES2124M network switches are equipped with 24 Gigabit Ethernet ports with electric interfaces and 4 Gigabit Ethernet ports combined with slots for SFT transceiver installation (combo ports).
MES2124MB network switches are equipped with 24 Gigabit Ethernet ports with electric interfaces and 4 Gigabit Ethernet ports combined with slots for SFT transceiver installation (combo ports). Device allows operation from 12V battery as a backup power source.
MES2124P network switches are equipped with 24 Gigabit Ethernet ports with electric interfaces and PoE+ support and 4 Gigabit Ethernet ports combined with slots for SFT transceiver installation (combo ports).
MES2208P network switches are equipped with 4 electric ports Gigabit Ethernet with PoE+ support, 4 Gigabit Ethernet ports combined with slots for SFT transceiver installation (combo ports), 2 Gigabit Ethernet optical ports and 2 Gigabit Ethernet electric ports.
The combined ports may have only one active interface at the same time. In case of simultaneous connections, the interface with SFP transceiver will be active.
2.2 Device Functions
2.2.1 Basic functions
Table 2.1 lists the access switch basic functions.
Table 2.1 Basic device functions
HOL blocking protection
A blocking, that appears when device output ports are overloaded with traffic coming from highly active sources. It may lead to traffic loss from other low activity sources. The switch resource reservation methods are used to prevent such situations. Not supported in the current firmware version.
Backpressure routing
support
The backpressure routing method is utilized in half-duplex connections for management of data streams, coming from the opposite devices, by means of collisions. This method allows to avoid buffer overruns and the loss of data.
MDI/MDIX support
Automatic cable type detectioncrossed or straight.
MDI (Media-Dependent Interfacestraight)cable standard for
connection of terminal devices
MDIX (Media-Dependent Interface with Crossovercrossed)cable
standard for connection of hubs and switches
Jumbo frames
Enables jumbo frame transmission to minimize the amount of packets used in the data transfer. It allows to reduce service data volumes, processing time and interrupts.
MES1000, MES2000 Ethernet Switches 11
Flow control
(IEEE 802.3X)
Flow control allows to interconnect the low-speed and the high-speed devices. To avoid buffer overrun, the low-speed device gains the ability to send PAUSE packets, that will force the high-speed device to pause the packet transmission.
Operation in device
stack
You can combine multiple switches in a stack. In this case, switches are considered as a single device with shared settings. There are two stack topologiesring and chain. At that, all port parameters for all stacked devices could be configured from the 'master' switch. Device stacking allows to reduce network management efforts.
2.2.2 MAC Address Processing Functions
Table 2.2 lists MAC address processing functions.
Table 2.2 MAC address processing functions
MAC address
table
The switch creates a look-up table for MAC addresses and switch port nodes in its memory.
Learning mode
When learning is not available, the data, coming to any port, will be transmitted to other ports of the switch. In learning mode, the switch performs analysis of the frame, discovers sender's MAC address and adds it to the routing table. Afterwards, the inbound frame, dedicated to the host, which MAC address has been already added to the routing table, will be sent only to the port specified in the table.
MAC Multicast Support
This function allows to perform one-to-many or many-to-many data distribution. Thus, the frame addressed to the multicast group will be transmitted to each port of the group.
Automatic Aging for
MAC Addresses
If there are no packets from the device with the specific MAC address in the definite period of time, the record for this address expires and will be removed. It allows to keep the switch table up to date.
Static MAC Entries
Network switch allows you to define static records of MAC address matches, that will be saved to the routing table.
2.2.3 Second-layer functions of OSI model
Table 2.3 lists second-layer functions and special aspects (OSI Layer 2).
Table 2.3 Second-layer functions description (OSI Layer 2)
VLAN support
The switches support VLAN operation.
Function
IGMP Snooping
IGMP protocol implementation analyzes the contents of IGMP packets and allows to discover network devices participating in multicast groups and forward the traffic to the corresponding ports.
MLD Snooping
MLD Snooping function implementation allows the device to minimize multicast IPv6 traffic.
Function
Multicast-TV VLAN
Function that allows to redirect multicast traffic from the specified VLAN (multicast VLAN) to the user port using IGMP messages and to reduce the load to the uplink port of the switch. This function is used in III-play solutions.
Broadcast Storm Control
Broadcast storm is a multiplication of broadcast messages in each host causing their exponential growth, that can lead to a network meltdown. Devices has a function that restricts the transfer rate for multicast and broadcast frames
received and sent by the switch.
Port Mirroring
Port mirroring allows to duplicate the traffic for monitored ports, sending inbound and/or outbound packets to the controlling port. Switch users can define controlled and controlling ports and select the type of traffic (inbound or outbound), that will be sent to the controlling port.
Protected ports
This function allows to assign the uplink port to the switch port. This uplink port will receive all the traffic and provide isolation from other ports (in a single switch).
Private VLAN Edge
This function allows to isolate the group of ports (in a single switch), located in the same broadcast domain, from each other, allowing traffic exchange with other ports, located in the same broadcast domain, but not belonging to this group.
Private VLAN
Provides isolation of devices, located in the same broadcast domain, within L2 network. Only two port operation modes are implementedPromiscuous and Isolated (isolated ports cannot exchange traffic).
Spanning Tree Protocol
Spanning Tree Protocol is a network protocol that ensures loop-free network topology by converting networks with redundant links to the tree-like structure. Switches exchange configuration messages, using the special format frames, and selectively enable or disable device ports.
IEEE 802.1w Rapid
spanning tree protocol
Rapid STP (RSTP) is the enhanced version of STP protocol that enables faster network conversion to the tree-like topology and provides higher stability.
EAPS protocol
EAPS (Ethernet Automatic Protection Switching) is a protocol, that allows to avoid traffic loops in the ring topology networks and enables fast restoration of traffic flow after the failure in the specific network section. Restoration time provided by EAPS is far less than in case of spanning tree protocols.
Ethernet Ring Protection
Switching
The protocol allows to increase stability and robustness of data network with ring topology by decreasing the restoration time after the failure. Restoration time does not exceed 1 second, that is substantially lower than the network reconstruction in case of Spanning Tree family protocols.
GARP VLAN
GVRP VLAN registration protocol enables dynamic adding/removal of VLAN groups on the switch ports. If GVRP protocol is enabled, the switch identifies and then distributes the VLAN inherence data to all ports, that form the active topology.
Port-Based VLAN
Distribution to VLAN groups is performed by the inbound ports. This solution allows to use only one VLAN group on each port.
802.1Q support
IEEE 802.1Q is an open standard, that describes the traffic tagging procedure for transfer of VLAN inherence information. It allows to use multiple VLAN groups on one port.
Link aggregation (LAG
link groups)
Devices support link group creation functions. Link aggregation, trunking or IEEE
802.3ad is the technology, that enables aggregation of multiple physical links into one logical link. This technology allows to increase the bandwidth and reliability of the backbone 'switch-switch' or 'switch-server' channels. There are three types of balancing between channels: based on MAC addresses, IP addresses and the destination port.
LAG group contains similar speed ports, operating in full-duplex mode.
Dynamic link groups
(LACP protocol)
LACP protocol enables automatic aggregation of separate links between two devices (switch-switch or switch-server) in a single data communication channel.
Protocol constantly tries to find ways for link aggregation; in case of link failure in the aggregated channel, its traffic will be automatically redistributed to
MES1000, MES2000 Ethernet Switches 13
functioning components of the aggregated channel.
Auto Voice VLAN
support
Allows to identify voice traffic by OUI (Organizationally Unique Identifierfirst 24 bits of MAC address). If MAC address with VoIP gateway or IP phone OUI exists in the MAC table of the switch, this port will be automatically added to voice vlan (identification by SIP protocol or destination MAC address is not supported).
Selective Q-in-Q
This function allows to manipulate the SPVLAN (Service Provider's VLAN) external identifier based on the configured filtering rules by the external VLAN identifier (Customer VLAN). Selective Q-in-Q allows to add or change SPVLAN tag for the packet in the specific network section.
2.2.4 Third-layer functions of OSI model
Table 2.4 lists third-layer functions (OSI Layer 3).
Table 2.4 Third-layer functions description (OSI Layer 3)
BootP and DHCP clients
(Dynamic Host
Configuration Protocol)
Device can obtain IP address automatically via BootP/DHCP protocol.
ARP Protocol
(Address Resolution
Protocol)
ARP protocol establishes match between the IP address and the physical address of the device. The match is established on the basis of the network host response analysis; host address is requested with the broadcast packet.
2.2.5 QoS functions
Table 2.5 lists the basic quality of service functions.
Table 2.5 Basic quality of service functions
Priority queues support
The switch supports outbound traffic prioritization with queues for each port. Packet distribution to queues may be performed via packet classification by various fields in packet headers.
802.1p class of service support
802.1p standard specifies frame priority definition method and algorithm of priority usage for timely delivery of delay-critical traffic. 802.1p standard defines 8 priority levels. Switches can use 802.1p priority value for frame distribution between priority queues.
2.2.6 Security functions
Table 2.6 Security functions
DHCP snooping
Switch function designed for protection from DHCP protocol attacks. Enables filtering of DHCP messages coming from untrusted ports by building and maintaining DHCP snooping binding database. DHСP snooping performs firewall function between untrusted ports and DHCP servers.
DHCP Option 82
Option, that allows to inform DHCP server about DHCP relay and port of incoming request.
By default, the switch with DHCP snooping function enabled identifies and drops all DHCP requests with Option 82, if they were received via untrusted port.
UDP relay
Broadcast UDP traffic forwarding to the specified IP address.
IP Source address guard
Switch function is to restrict IP traffic and filter it according to the match table from DHCP snooping binding database and static configured IP addresses. This function allows to prevent IP address spoofing.
Dynamic ARP Inspection
(Protection)
Switch function designed for protection from ARP protocol attacks. The switch checks the message received from the untrusted portif the IP address in the body of received ARP packet matches the IP address of the sender.
If these addresses do not match, the switch drops this packet.
L2 – L3 – L4 ACL (Access
Control List)
Using information, contained in headers of level 2, 3 ,4, the administrator can configure rules for processing or dropping packets.
Time-Based ACL
Allows to configure the time frame for ACL operation.
Blocked ports support
Main blocking functionimprove the network security; access to the switch port will be granted only to those devices, whose MAC addresses have been assigned for this port.
Port-based
authentication (802.1x)
IEEE 802.1x authentication mechanism manages access to resources through the external server. Authorized users will gain access to the selected network resources.
PPPoE IA
This function allows to complement PPPoE Discovery packets with the access interface characterizing information. It is essential for the user interface identification at the access server (BRAS, Broadband Remote Access Server).
2.2.7 Switch control functions
Table 2.7 Switch control functions
Configuration file
download and upload
Device parameters are saved into the configuration file, that contains configuration data for the specific device ports as well as for the whole system.
Trivial File Transfer
Protocol
TFTP protocol is used for file read and write operations. Protocol is based on UDP transport protocol.
Devices are able to download and transfer configuration files and firmware images via this protocol.
SCP (Secure Copy
protocol)
SCP is used for file read and write operations. Protocol is based on SSH network protocol.
Devices are able to download and transfer configuration files and firmware images via this protocol.
Remote monitoring
(RMON)
Remote monitoring (RMON)means, that perform the monitoring of computer networks, extension of SNMP. Compatible devices gather diagnostics data using the network management station. RMON is the standard MIB database, that contains actual and historic MAC level statistics and control objects, providing real-time data.
SNMP protocol
SNMP protocol is used for monitoring and management of network devices. For system access control purposes, the community record list is defined, where each record contains access privileges.
Command Line Interface
Devices CLI management is performed locally via serial port RS-232, or remotely via telnet, ssh. Console command line interface (CLI) is the industrial standard. CLI interpreter contains the list of commands and keywords, that will help the user and reduce the amount of input data.
Syslog
Syslog is a protocol, designed for transmission of system event messages and error
notifications to remote servers.
MES1000, MES2000 Ethernet Switches 15
SNTP
(Simple Network Time
Protocol)
SNTP protocol is a network time synchronization protocol; it allows to perform
time synchronization of the network device with the server with accuracy up to 1ms.
Traceroute
Traceroute is a service function, that allows to display data transfer routes in IP
networks.
Controlled access
managementprivilege
levels
Administrator can define privilege levels for users of the device and settings for each privilege level (read-onlylevel 1, full accesslevel 15).
Management interface
blocking
The switch can block access to each management interface (SNMP, Telnet, SSH). Blocking can be set independently for each type of access:
Telnet(CLI over Telnet Session)
Secure Shell (CLI over SSH)
SNMP
Local authentication
For local authentication, passwords can be stored in the switch database.
IP address filtering for
SNMP
Access via SNMP is allowed only for specific IP addresses, that are the part of SNMP community.
RADIUS client
RADIUS protocol is used for authentication, authorization and accounting. RADIUS server operates with the user database, that contains authentication data for each user. Switches contain client part of the RADIUS protocol.
TACACS+
(Terminal Access
Controller Access Control
System)
Device supports client authentication with TACACS+ protocol. TACACS+ protocol provides centralized security system for authentication of users, gaining access to the device, and centralized management system, while ensuring compatibility with RADIUS and other authentication processes.
SSH server
SSH server functionality allows SSH client to establish secure connection to the device for management purposes.
Macrocommand
support
This function allows to create macrocommandscommand setsand apply them for the time-sensitive device management.
2.2.8 Additional functions
The table lists the additional device functions.
Table 2.8 Additional device functions
Virtual cable tester
(VCT)
Network switches are equipped with the hardware and software tools, that allow them to perform the following cable testing functionsVCT:
Determine the communication faults when the copper-wire cable is used
(break/short-circuit)
Test results reporting
Optical transceiver
diagnostics
The device allows to test the optical transceiver. During testing, the device monitors the current, power voltage and transceiver temperature, receiving and transmitting optical signal power. The diagnostics is available only for transceivers with the Digital Diagnostics Monitoring (DDM) support.
Green Ethernet
This mechanism allows to reduce the device power consumption by switching inactive electric ports to the economy mode.
IP SLA
Active monitoring technology used for measuring network performance and data transmission quality. Supported operations: ICMP Echo, UDP Jitter.
2.3 Main specifications
Table 2.9 lists main specifications of the switch.
Table 2.9 Main specifications
General parameters
Packet processor
Marvell 98DX1035 / 98DX3035
Interfaces
MES1024
24x 10/100Base-T 2x (10/100/1000Base-T / 1000Base-X Combo)
MES1124 MES1124M MES1124MB
24x 10/100Base-T 4x (10/100/1000Base-T / 1000Base-X Combo)
MES2124 MES2124M MES2124P MES2124MB
24x 10/100/1000Base-T (MES2124P with PoE+ support) 4x (10/100/1000Base-T / 1000Base-X Combo)
MES2208P
4x 10/100/1000Base-T (with PoE+ support) 4x (10/100/1000Base-T / 1000Base-X Combo) 2x 1000Base-X 2x 10/100/1000Base-T
Optical transceivers
SFP
Full-duplex/Half-duplex mode
Full-duplex/half-duplex mode for electric ports, full-duplex mode for optical ports
Switch performance
MES1024
8,8 Gbps
MES1124 MES1124M MES1124MB
12,8 Gbps
MES2124 MES2124M MES2124P MES2124MB
56 Gbps
MES2208P
24 Gbps
Buffer memory
8Mb
TCAM routing volume
512х24B
SQinQ rules qty
Ingress: 168 Egress: 96
ACL rules qty
246
Data transfer rate
electric interfaces 10/100/1000Mbps optical interfaces 1Gbps
Table of MAC addresses
16,000 records (some MAC addresses are reserved by the system)
VLAN support
up to 4K according to 802.1Q
Quality of Services (QoS)
Traffic priority, 4 tiers 4 output queues with different priorities for each port
Multicast
up to 1000 static multicast groups
MSTP instances qty
28
Jumbo frames
Max. packet size
LAG
8 groups, up to 8 ports per group
Stacking
Up to 3 devices
MES1000, MES2000 Ethernet Switches 17
Compliance
IEEE 802.3 10BASE-T Ethernet IEEE 802.3u 100BASE-T Fast Ethernet IEEE 802.3ab 1000BASE-T Gigabit Ethernet IEEE 802.3z Fiber Gigabit Ethernet ANSI/IEEE 802.3 Speed autodetection IEEE 802.3x Data flow control IEEE 802.3ad LACP link aggregation IEEE 802.1p Priority of traffic IEEE 802.1q VLAN virtual local networks IEEE 802.1v IEEE 802.3ac IEEE 802.1d STP spanning tree IEEE 802.1w RSTP rapid spanning tree IEEE 802.1s MSTP multiple spanning tree IEEE 802.1x User authentication IEEE 802.3af PoE, IEEE 802.3at PoE+ (only MES2124P, MES2208P)
Control
Local control
RS-232 Console
Remote control
TELNET, SSH, WEB
Physical specifications and ambient conditions
Power supply
MES1024 MES1124 MES2124
110-250VAC, 50Hz Power consumption:
- MES1024, MES1124, MES1124М: 25W max;
- MES2124: 30W max.
MES1124М MES2124М
110-250VAC, 50Hz, or 48VDC
Power consumption:
- MES1124М: 25W max;
- MES2124M: 30W max.
MES2124P AC
170-265VAC, 50Hz Power consumption: 400W max.
MES2124P DC, MES2208P
DC: 48+-10%V
Power consumption:
- MES2124P DC: 400W max;
- MES2208P: 140W max.
MES1124MB
110-250VAC, 50Hz, and a lead-acid battery Power consumption: 45W max. Charger specifications:
- charge current: 1.7A;
- circuit breaker tripping voltage: 10-10.5V;
- low battery indication threshold voltage: 11V.
MES2124MB
110-250VAC, 50Hz, and a lead-acid battery Power consumption: 50W max. Charger specifications:
- charge current: 1.7A;
- circuit breaker tripping voltage: 10-10.5V;
- low battery indication threshold voltage: 11V.
Weight
2.5kg max.
Dimensions
MES1024, MES1124, MES2124
430x44x138mm
MES1124M MES1124MB
430x44x160mm MES2124M
430x44x180mm
MES2124P
430x44x203mm
MES2208P
320x44x159mm
MES2124MB
430x44x190mm
Operating temperature range
from -10 to +45оС (from -20 to +65 оС for MES2208P)
Storage temperature range
from -40 to +70оС
Operation relative humidity (non­condensing)
up to 80%
Storage relative humidity (non­condensing)
from 10% to 95% Average lifetime
20 years
Power supply type is determined at the time of order.
MES1000, MES2000 Ethernet Switches 19
2.4 Design
This section describes the design of devices. Depicted front, back and side panels of the device,
connectors, LED indicators and controls.
Network switches are enclosed in metal cases available for 19” form-factor rack-mount 1U shelf
installation.
2.4.1 MES1024, MES1124, MES2124 series devices front panel appearance and layout
Front panel layout MES1024, MES1124, MES2124 is depicted in Fig. 1-3.
Fig. 1 MES1024, front panel
Fig. 2 MES1124, front panel
Fig. 3 MES2124, front panel
Table 2.10 lists sizes, LEDs and controls located on the front panel of the switch.
The combined ports may have only one active interface at the same time. In case of simultaneous connections, the interface with SFP transceiver will be active.
Table 2.10 Description of connectors, LEDs and controls located on the front panel MES1024, MES1124, MES2124
Front panel element
Description
1
Console
RS-232 console port for local control of the device.
2
[1 .. 24] MES1024
MES1124
24 ports 10/100 Base-T(RJ45)
MES2124
24 ports 10/100/1000 Base-T(RJ45)
3
25,26
MES1024
Combo ports: 10/100/1000 Base-T (RJ45) ports and slots for 1000Base-X (SFP) transceiver installations
25,26,27,28
MES1124 MES2124
4
Unit ID (1-4)
Indicator of device number in a stack
Power
Device power indicator
Status
Device status indicator
Master
Stacked device activity mode indicatormaster or slave
5
F
Functional key that reboots the device and resets it to factory settings:
- pressing the key for less than 10 seconds reboots the device.
- pressing the key for more than 10 seconds resets the terminal to factory settings.
6
~150-250VAC, 60/50Hz
Connector for AC power supply
7 The earthing bolt.
2.4.2 MES1124MB, MES2124MB series devices panels appearance and layout
Front panel layout MES1124MB, MES2124MB is depicted in Fig. 4-5.
Fig. 4 MES1124MB, front panel
Fig. 5 MES2124MB, front panel
MES1000, MES2000 Ethernet Switches 21
Table 2.11 lists sizes, LEDs and controls located on the front panel MES1124MB, MES2124MB.
Table 2.11 Description of connectors, LEDs and controls located on the front panel MES1124MB, MES2124MB
Front panel element
Description
1
~110­250VAC, 60/50Hz max 1A
MES1124MB
Connector for AC power supply
~110­250VAC, 60/50Hz max 2A
MES2124MB
2
12VDC max 3A
12V battery connection terminals
3
Unit ID (1-4)
Indicator of device number in a stack
Power
Device power indicator
Master
Stacked device activity mode indicatormaster or slave
Status
Device status indicator
Battery
Battery status light
4
Console
RS-232 console port for local control of the device
5
F
Functional key that reboots the device and resets it to factory settings:
- pressing the key for less than 10 seconds reboots the device.
- pressing the key for more than 10 seconds resets the terminal to factory settings
6
[1 .. 24] MES1124MB
24 ports 10/100/100 Base-T (RJ-45)
MES2124MB
24 ports 10/100/1000 Base-T (RJ-45)
7
Link/Speed
LED indication of optical interface status
8
25,26,27,28
Combo ports: 10/100/1000 Base-T (RJ45) ports and slots for 1000Base-X Combo transceiver installations
The rear panel layout of MES1124MB, MES2124MB series switches is depicted in Fig. 6.
Fig. 6 – MES1124MB, MES2124MB, rear panel
An earthing bolt is located on the rear panel of MES1124MB, MES2124MB series devices and marked with
(1) symbol.
2.4.3 MES1124M, MES2124M series devices panels appearance and layout
MES1124M front panel with 110-250VAC power supply connector is shown in Fig. 7, with 48VDC
connector in Fig. 8.
Fig. 7 – MES1124M AC, front panel
Fig. 8 – MES1124M DC, front panel
MES2124M front panel with 110-250VAC power supply connector is shown in Fig. 9, with 48VDC
connector in Fig. 10.
Fig. 9 – MES2124M AC, front panel
Fig. 10 – MES1124M DC, front panel
Table 2.12 lists sizes, LEDs and controls located on the front panel MES1124M, MES2124M.
MES1000, MES2000 Ethernet Switches 23
Table 2.12 Description of connectors, LEDs and controls located on the front panel MES1124M, MES2124M
Front panel element
Description
1
110-250VAC, 60/50Hz max 1A
Connector for AC power supply 36-72 VDC max 1A
Connector for DC power supply 48В
2
Power
Device power indicator
Status
Device status indicator
Master
Stacked device activity mode indicatormaster or slave
Unit ID (1-4)
Indicator of device number in a stack
3
Console
RS-232 console port for local control of the device
4
F
Functional key that reboots the device and resets it to factory settings:
- pressing the key for less than 10 seconds reboots the device.
- pressing the key for more than 10 seconds resets the terminal to factory settings
5
[1 .. 24] MES1124M
24 ports 10/100 Base-TX (RJ-45)
MES2124M
24 ports 10/100/1000 Base-T (RJ-45)
6
Link/Speed
LED indication of optical interface status
7
25,26,27,28
Combo ports: 10/100/1000 Base-T (RJ45) ports and slots for 1000Base-X Combo transceiver installations
The rear panel layout of MES1124M, MES2124M series switches is depicted in Fig. 11.
Fig. 11 – MES1124M, MES2124M, rear panel
An earthing bolt is located on the rear panel of MES1124M, MES2124M series devices and marked
with (1) symbol.
2.4.4 MES2208P series device panel appearance and layout
Front panel layout MES2208P is depicted in Fig. 12.
Fig. 12— MES2208P, front panel
Table 2.13 lists sizes, LEDs and controls located on the front panel MES2208P.
Table 2.13 Description of connectors, LEDs and controls located on the front panel MES2208P
Front panel element
Description
1
Console
RS-232 console port for local control of the device.
2
1,2,7,8
4 ports 10/100/1000 Base-T (RJ-45 with support for PoE+)
3
3,4,9,10
Combo ports: 10/100/1000 Base-T (RJ45) ports and slots for 1000Base-X (SFP) transceiver installations
4
5,11
2 ports 1000 Base-X
5
6,12
2 ports 10/100/1000Base-T
6
Unit ID (1-4)
Indicator of device number in a stack
Power
Device power indicator
Status
Device status indicator
Master
Stacked device activity mode indicatormaster or slave
Alarm
PoE power supply indicator
7
F
Functional key that reboots the device and resets it to factory settings:
- pressing the key for less than 10 seconds reboots the device.
- pressing the key for more than 10 seconds resets the terminal to factory settings.
8
36-72 VDC max 4A
Connector for DC power supply
9 The earthing bolt.
Ports 3, 4, 9, 10 are combo ports. The combined ports may have only one active interface at the same time.
MES1000, MES2000 Ethernet Switches 25
2.4.5 MES2124P series device panel appearance and layout
Front panel layout MES2124P is depicted in Fig. 13.
Fig. 13— MES2124P, front panel
Table 2.14 lists sizes, LEDs and controls located on the front panel of the switch.
Table 2.14 Description of connectors, LEDs and controls located on the front panel MES2124P
Front panel element
Description
1
Console
RS-232 console port for local control of the device.
2
1-24
24 ports 10/100/1000 Base-T (RJ-45 with support for PoE+)
3
25-28
Combo ports: 10/100/1000 Base-T (RJ45) ports and slots for 1000Base-X (SFP) transceiver installations
4
Unit ID (1-4)
Indicator of device number in a stack
Power
Device power indicator
Status
Device status indicator
Alarm
PoE power supply indicator
5
F
Functional key that reboots the device and resets it to factory settings:
- pressing the key for less than 10 seconds reboots the device.
- pressing the key for more than 10 seconds resets the terminal to factory settings.
6
~150-250VAC, 60/50Hz max 2A
Connector for AC power supply
The rear panel layout of MES2124P series switches is depicted in Fig. 14.
Fig. 14—Rear panel of MES2124P
Table 2.13 lists rear panel connectors of the switch.
Table 2.15 Description of rear panel connectors of the switch
Rear panel element
Description
1
Removable fans
Removable ventilation modules with hot-swapping.
2 Earth bonding point of the device.
2.4.6 Side panels of the device
Fig. 15—The right-side panel of Ethernet switches
Fig. 16—The left-side panel of Ethernet switches
Side panels of the device have air vents for heat removal. Do not block air vents. This may cause components overheating which may result in terminal malfunction. For recommendations on device installation, see section 'Installation and connection'.
2.4.7 Light Indication
Ethernet interface status is represented by two LEDsamber SPEED and green LINK/ACTlocated next to each interface connector. Location of LEDs is depicted on Fig. 17, 18.
Fig. 17RJ-45 socket appearance
LINK/ACT
SPEED
MES1000, MES2000 Ethernet Switches 27
Fig. 18—SFP transceiver socket appearance
Table 2.16 Ethernet interface status light indication
LINK/ACT indicator is lit
SPEED indicator is lit
Ethernet interface state
Off
Off
Port is disabled or connection is not established
Solid on
Off
10Mbps or 100Mbps connection is established
Solid on
Solid on
1000Mbps connection is established
Flashes
X
Data transfer is in progress
Unit ID (1-4) indicators are intended for identifying the number of device in a stack.
System indicators (Power, Master, Fan, RPS) are designed for displaying the operation status of
switches.
Table 2.17 LED indication of the system indicators
Indicator name
Indicator
function
LED State
Device State
Power
Power supply status
Off
Power is off
Green, solid
Power is on, normal device operation
Red
At least one of the secondary power supply units has failed.
Status
Device State
Green, solid
Normal device operation state
Red, solid
Managing or switching device system failure
Green, red, flashes
Device starts up No IP addresses assigned to interfaces
Master
Marker of the master device in a stack
Green, solid
The device is stack 'master'
Off
The device is not stack 'master' or stackable mode is not specified
LINK/ACT
SPEED
Alarm1
Device alarm level indicator Green, solid
Device is in normal operation state
Orange, solid
Non-urgent alarm
Red, solid
Critical failure
Battery
2
Battery status light
Green, solid
Battery is connected, power status OK
Green, flashes
Battery is charging
Orange, solid
Primary power supply is down, battery discharging
Orange, flashes
Low battery charge
Red, solid
Battery is disabled
Red, flashes
Battery current breaker failure
When the switch operates in standalone mode without stacking, Master and Unit ID indicators are off.
2.5 Delivery Package
The standard delivery package includes:
Ethernet switch Power cable Rack mounting set Documentation
DB-9F/RJ-45 or DB-9M/DB-9M console cable depending on the switch model:
for MES1124M, MES1124MB, MES2124M, MES2124MB, MES2124P, MES2208P, the DB-
9F/RJ-45 cable is provided
for MES1024, MES1124, MES2124, the DB-9M/DB-9M cable is provided
SFP transceivers may be included in the delivery package on the customer's request.
1
Used only in MES2208P, MES2124P series devices
2
Used only in MES1124MB, MES2124MB series devices
MES1000, MES2000 Ethernet Switches 29
3 INSTALLATION AND CONNECTION
This section describes installation of the equipment into a rack and connection to a power supply.
3.1 Support brackets mounting
The delivery package includes support brackets for rack installation and mounting screws to fix the
device case on the brackets. To install the support brackets:
Fig. 19—Support brackets mounting
1. Align three mounting holes in the support bracket with the corresponding holes in the side
panel of the device.
2. Use a screwdriver to screw the support bracket to the case.
3. Repeat steps 1 and 2 for the second support bracket.
3.2 Device rack installation
To install the device to the rack:
1. Attach the device to the vertical guides of the rack.
2. Align mounting holes in the support bracket with the corresponding holes in the rack
guides. Use the holes of the same level on both sides of the guides to ensure the device horizontal installation.
3. Use a screwdriver to screw the switch to the rack.
Fig. 20—Device rack installation
Fig. 21 shows the example of MES1000/2000 rack installation.
Fig. 21—MES1000/2000 switch rack installation
Minimum height spacing for switchesnot less than 1U.
When switches are installed next to equipment with excessive heat generation, the spacing should be increased.
Loading...
+ 201 hidden pages
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use