EnGenius ESW-8228 User Manual

Download

Page 1

24-Port 10/100Mbps + 4 built-in

Combo 10/100/1000Mbps

Copper/SFP (mini-GBIC)

Gigabit Management Switch

ESW-8228

User's Guide

Page 2

The Switch User’s Guide

Trademarks ···························································································4 Copyright Statement···············································································4 Preface ·································································································4

FCC Warning·····················································································4 CE Mark Warning················································································4

About This Guide ···················································································4

Purpose····························································································4 Terms/Usage ·····················································································5 Notes, Notices, and Cautions ································································5

1 Introduction ······················································································6

1.1 Gigabit Ethernet Technology·····························································6

1.2 Fast Ethernet Technology································································6

1.3 Switching Technology ·····································································7

1.4 Key Features ················································································7

1.4.1 Hardware Interfac···································································8

1.4.2 Performance Features·····························································8

1.4.3 Layer 2 Switching Features······················································8

1.4.4 Traffic Classification and Prioritization·········································8

1.4.5 Management features ·····························································9

1.5 Panel ··························································································9

1.5.1 Front Panel Components·························································9

1.5.2 Rear Panel ········································································· 10

1.5.3 LED indicators information ·····················································10

1.6 TECHNICAL SPECIFICATIONS······················································ 11

2 Installation······················································································12

2.1 Installation method······································································· 12

2.2 Desktop or Shelf Installation··························································· 12

2.3 Rack Installation··········································································12

2.4 Power On the Switch···································································· 12

3 Connecting The Switch····································································· 13

3.1 PC to Switch··············································································· 13

3.2 Hub to Switch·············································································· 13

3.3 Switch to Switch (other devices)······················································ 13

3.4 Port Speed & Duplex Mode···························································· 13

4 Management ··················································································· 15

4.1 Web-based management·······························································15

4.2 Console Management···································································17

4.3 Telnet Management······································································ 20

5 Configuration··················································································23

5.1 System······················································································ 23

5.1.1 IP Address··········································································23

5.1.2 SNMP················································································ 23

5.1.3 Password ···········································································27

Page 3

The Switch User’s Guide

5.1.4 MAC Address ······································································27

5.1.5 CONSOLE·········································································· 27

5.1.6 Management Host Configuration ············································· 28

5.1.7 System Upgrade·································································· 28

5.1.8 Saving Parameters······························································· 29

5.1.9 Parameters Backup & Recovery·············································· 29

5.1.10 Load Default······································································30

5.1.11 Reboot ············································································· 30

5.2 Port Management ········································································ 31

5.2.1 Port Configuration ································································31

5.2.2 Port Statistics ······································································ 32

5.2.3 Port Band Restrict································································ 33

5.3 Redundancy ···············································································35

5.3.1 Spanning Tree····································································· 35

5.3.2 Spanning Tree Confurgration·················································· 41

5.3.3 Link Aggregation·································································· 42

5.4 Security ·····················································································43

5.4.1 VLAN ················································································43

5.4.2 MAC Address Bind ······························································· 57

5.4.3 MAC Address Filtering···························································58

5.4.4 MAC Address Learning··························································59

5.4.5 MAC Address Aging Time ····················································60

5.5 QOS ························································································· 61

5.5.1 Understand QOS ································································· 61

5.5.2 QOS Configuration······························································· 62

5.6 Multicast ····················································································68

5.6.1 IGMP Snooping ···································································68

5.6.2 Static Routing Port································································70

5.7 Port Analysis··············································································· 70

5.7.1 Port Analysis ·······································································70

5.7.2 Port Mirror ··········································································71

5.8 Storm Restricting········································································· 72

Page 4

The Switch User’s Guide

Trademarks

Copyright @ 2005 Corporation. Contents subject to change without prior notice. is a registered trademark of Corporation/ Systems, Inc. All other trademarks belong to their respective proprietors.

No part of this publication may be reproduced in any form or by any means or used to make any derivative such as translation, transformation, or adaptation without permission from Corporation/ Systems Inc., as stipulated by the United States Copyright Act of 1976.

Preface

FCC Warning

This device has been tested and found to comply with limits for a Class a digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment. This equipment generates, uses and can radiate radio frequency energy and, if not installed and used in accordance with the user’s manual, may cause interference in which case the user will be required to correct the interference at his own expense.

CE Mark Warning

This is a Class A product. In a domestic environment, this product may cause radio interference in which case the user may be required to take adequate measures.

About This Guide

Congratulations on your purchase of the Switch. This device integrates 1000Mbps Gigabit Ethernet, 100Mbps Fast Ethernet and 10Mbps Ethernet network capabilities in a highly flexible package.

Purpose

This User’s guide tells you how to install your Switch how to connect it to your Ethernet network, and how to set its configuration using the built-in Web-based management.

Page 5

The Switch User’s Guide

Terms/Usage

In this manual, the term “Switch” (first letter upper case) refers to the Switch, and “switch” (first letter lower case) refers to other Ethernet switches.

Notes, Notices, and Cautions

NOTE: A NOTE indicates important information that helps you make better use

of your device.

NOTICE: A NOTICE indicates either potential damage to hardware or loss of

data and tells you how to avoid the problem.

CAUTION: A CAUTION indicates a potential for property damage, personal

injury, or death.

Page 6

The Switch User’s Guide

1 Introduction

The Switch is equipped with 24 10/100BASE-TX Fast Ethernet ports and 4 combo 10/100/1000BASE-T/SFP (mini-GBIC) ports for flexible copper/fiber Gigabit connection. The Switch is an effective solution for the small and medium size business connections. This all-in-one solution economically integrates Gigabit technology to remove server bottlenecks, and speed up access to the network backbone.

Figure 1-1 Figure of the Switch

1.1 Gigabit Ethernet Technology

Gigabit Ethernet is an extension of IEEE 802.3 Ethernet utilizing the same packet structure, format, and support for CSMA/CD protocol, full duplex, flow control, and management objects, but with a tenfold increase in theoretical throughput over 100-Mbps Fast Ethernet and a hundredfold increase over10-Mbps Ethernet. Since it is compatible with all 10-Mbps and 100-Mbps Ethernet environments, Gigabit Ethernet provides a straightforward upgrade without wasting a company’s existing investment in hardware, software, and trained personnel. The increased speed and extra bandwidth offered by Gigabit Ethernet is essential to coping with the network bottlenecks that frequently develop as computers and their busses get faster and more users use applications that generate more traffic. Upgrading key components, such as your backbone and servers to Gigabit Ethernet can greatly improve network response times as well as significantly speed up the traffic between your subnets. Gigabit Ethernet enables fast optical fiber connections to support video conferencing, complex imaging, and similar data-intensive applications. Likewise, since data transfers occur 10 times faster than Fast Ethernet, servers outfitted with Gigabit Ethernet NIC’s are able to perform 10 times the number of operations in the same amount of time. In addition, the phenomenal bandwidth delivered by Gigabit Ethernet is the most cost-effective method to take advantage of today and tomorrow’s rapidly improving switching and routing internetworking technologies. And with expected advances in the coming years in silicon technology and digital signal processing that will enable Gigabit Ethernet to eventually operate over unshielded twisted-pair(UTP) cabling, outfitting your network with a powerful 1000-Mbpscapable backbone/server connection creates a flexible foundation for the next generation of network technology products.

1.2 Fast Ethernet Technology

Ethernet, along with its speedier counterpart Fast Ethernet, is the most popular networking standard in use today. 100Base-T Fast Ethernet is an extension of the

Page 7

The Switch User’s Guide

10Base-T Ethernet standard, designed to raise the data transmission capacity of 10Base-T from 10Mbits/sec to 100Mbits/sec. An important technology incorporated by 100Base-T is its use of the Carrier Sense Multiple Access with Collision Detection (CSMA/CD) protocol, which is the same protocol that 10Base-T uses, because of its ability to work with several different types of cable, including basic twisted-pair wiring. Both of these features play an important role in network considerations, and they make 100Base-T an attractive migration path for those networks based on 10Base-T. Since the 100Mbps Fast Ethernet is compatible with all other 10Mbps Ethernet environments, it provides a straightforward upgrade and takes advantage of the existing investment in hardware, software, and personnel training.

1.3 Switching Technology

Switching is a cost-effective way of increasing the total network capacity available to users on a LAN. If an Ethernet network begins to display symptoms of congestion, low throughput, slow response times, and high rates of collision, installing a switch to a network can preserve much or all of the existing network's cabling and workstation interface card infrastructure while still greatly enhancing the throughput for users. A switch is a viable solution even if demanding applications, such as multimedia production and video conferencing, are on the horizon. The most promising techniques, as well as the best return on investment, could well consist of installing the right mixture of Ethernet switches. A switch increases capacity and decreases network loading by dividing a local area network into different LAN segments. Dividing a LAN into multiple segments is one of the most common ways of increasing available bandwidth. If segmented correctly, most network traffic will remain within a single segment, enjoying the full-line speed bandwidth of that segment. Switches provide full-line speed and dedicated bandwidth for all connections. This is in contrast to hubs, which use the traditional shared networking topology, where the connected nodes contend for the same network bandwidth. When two switching nodes are communicating, they are connected with a dedicated channel between them, so there is no contention for network bandwidth with other nodes. As a result, the switch reduces considerably the likelihood of traffic congestion. For Fast Ethernet networks, a switch is an effective way of eliminating the problem of chaining hubs beyond the “two-repeater limit.” A switch can be used to split parts of the network into different collision domains, making it possible to expand your Fast Ethernet network beyond the 205-meter network diameter limit for 100BASE-TX networks. Switches supporting both traditional 10Mbps Ethernet and 100Mbps Fast Ethernet are also ideal for bridging between existing 10Mbps networks and new 100Mbps networks. Switching LAN technology is a marked improvement over the previous generation of network hubs and bridges, which were characterized by higher latencies. Routers have also been used to segment local area networks, but the cost of a router, and the setup and maintenance required make routers relatively impractical. Today switches are an ideal solution to most kinds of local area network congestion problems.

1.4 Key Features

The Switch was designed for easy installation and high performance in an

Page 8

The Switch User’s Guide

environment where traffic on the network and the number of users increase continuously.

1.4.1 Hardware Interface

z (24) 10/100BASE-TX Fast Ethernet ports + (4) 1000BASE-T Gigabit Ethernet

ports or (4) SFP(Mini GBIC) for 4 additional copper or fiber Gigabit connections

z 24×10/100Mbps Auto-negotiation Fast Ethernet RJ45 ports z 4×10/100/1000Mbps Auto-negotiation Gigabit RJ45 ports z 4×mini-GBIC ports z All RJ45 ports support auto MDI/MDIX, so there is no need to use cross-over

cables or an up-link port

z Full-/half- duplex transfer mode for 10/100Mbps Fast Ethernet transmission z Full-duplex transfer mode for Gigabit Ethernet transmission z Wire speed reception and transmission z Fully compliant with IEEE 802.3 10BASE-T, IEEE 802.3u 100BASE-TX, and

IEEE 802.3ab 1000BASE-T , IEEE 802.3z 1000Base-LX/SX

z IEEE 802.3x compliant Flow Control support for full duplex. z DB-9 Console port for console managed

1.4.2 Performance Features

z 12.8 Gbps switching fabric capacity z Support 8K MAC address. z 512KBytes packet buffer z Wire speed packet forwarding rate per system. z Store and forward switching scheme.

1.4.3 Layer 2 Switching Features

z Support Port-setting for Speed/Disable, Flow control z Broadcast, Multicast and Flooded storm control z Support Per-port bandwidth control z Supports Port-based VLAN (up to 49 groups) z Supports 802.1Q VLAN (up to 256 groups) z MAC address table managed z Support Port Mirroring. z Port Trunking support for Gigabit Ethernet port s(up to 12 groups/per-group up to

8 ports)

z Supports 802.1D STP for redundant back up bridge paths z Support IGMP snooping

1.4.4 Traffic Classification and Prioritization

z Based on MAC address. z Based on 802.1p priority bits. z Based on VLAN z Based on ports z 4 priority queues z Support Strict Priority/Weighted Round Robin

Page 9

The Switch User’s Guide

1.4.5 Management features

z Web-based management z Console management z Telnet management z SNMP provides V1 /V2

1.4.6 MIBS

z MIB-Ⅱ(RFC 1213) z Bridge MIB (RFC 1493) z RMON MIB (RFC1757) z 802.1Q VLAN MIB (RFC 2674) z IF (Interface)MIB (RFC 2233)

1.5 Panel

1.5.1 Front Panel Components

The front panel of the Switch consists of LED indicators, 24 10/100BASE-TX Fast Ethernet ports and 4 10/100/1000BASE-T/SFP (mini-GBIC) combo ports . The figure below shows the front panels of the Switch.

10/100/1000BASE-T Twisted

Pair Ports (Port 25~28)

10/100 Base-TX Twisted-Pair Ports

SFP(Mini GBIC) Ports (Port 25~28)

Figure 1-2 Front Panel view of the Switch

z 10/100BASE-TX Twisted-Pair Ports (Port1~24):These ports support network

speeds of either 10Mbps or 100Mbps, and can operate in half- and full- duplex transfer modes. These ports also support automatic MDI/MDI-X crossover detection, giving true “plug and play” capability. Just need to plug-in the network cable to the hub directly and don’t care if the end node is NIC(Network Interface Card) or switch and hub.

z 10/100/1000BASE-T Twisted Pair Ports (Port 25~28): The Switch is equipped

with four Gigabit twisted pair ports that are auto negotiable 10/100/1000Mbps and also support auto MDI/MDIX crossover detection. These four ports can operate in half- and full- duplex modes.

z SFP (Mini GBIC) Ports (Option Port 25~28): The Switch is equipped with four

SFP(Mini GBIC) ports, supported optional 1000BASE-X SFP(Mini GBIC)module.

z LED Indicator: Comprehensive LED indicators display the status of the switch

and the network (see the LED Indicators chapter below).

NOTE:

When the port is set to “Forced Mode”, the Auto MDI/MDIX will be disabled.

Page 10

The Switch User’s Guide

1.5.2 Rear Panel

Figure 1-3 Rear Panel view of the Switch

z AC Power Connector: This is a three-pronged connector that supports the power

cord. Plug

z In the female connector of the provided power cord into this connector, and the

male into a power outlet. Supported input voltages range from220V AC at 50Hz.

z Console: This indicator is lit green when the Switch is being managed via

out-of-band/local console management through the RS-232 console port using a straight-through serial cable.

z Radiator Fan: This is an equipped for taking from the temperature of the switch.

NOTICE:

When the Switch is working, Please don’t envelop Radiator Fan

1.5.3 LED indicators information

The front panel LEDs provides instant status feedback, and, helps monitor and troubleshoot when needed.

Figure 1-4 Front Panel view of the Switch

z POWER: Power Indicator

Status

LED Color

Solid Blinking Off

PWR Green When the Power LED

lights on, the Switch is receiving power

N/A The power cordism

properly connected.

z SYS: Management Indicator

Status

LED Color

Solid Blinking Off

SYS Green When the CPU is working, N/A The CPU is not working.

z Ports 1~24 10/100M Status LEDs

Page 11

The Switch User’s Guide

Status

LED Color

Solid Blinking Off

ACT Green The respective port

is successfully Connected to an Ethernet network.

N/A No link.

LINK Orange The respective port

is connected to The 100Mbps Ethernet network.

The port is transmitting or receiving data on the 100Mbps Ethernet network.

The respective port is connected to the 10Mbps Ethernet network.

z Ports 25~28 10/100M Status LEDs

Status

LED Color

Solid Blinking Off

ACT Green The respective port

is successfully connected to an Ethernet network.

N/A No link.

10/10 0M

Orange The respective port

is connected to The 100Mbps Ethernet network.

The port is transmitting or receiving data on the 100Mbps Ethernet network.

The respective port is connected to the 10Mbps Ethernet network.

1.6 TECHNICAL SPECIFICATIONS

z Standards: IEEE 802.3ab 1000BASE -T IEEE 802.3u 100BASE -TX IEEE 802.3 10BASE –T IEEE 802.3z 1000Base-LX/SX IEEE 802.3x Flow Control z Network Cables: Cables: Ethernet: Cables: 2-pair UTP Cat. 3, 4, 5, Twisted Pair (UTP) Cable Fast Ethernet: 2-pair UTP Cat. 5, Twisted Pair (UTP) Cable Gigabit Ethernet: 4-pair UTP Cat. 5, Twisted Pair (UTP) Cable z Physical and Environmental DC inputs: AC 100-240V 50-60Hz Temperature: 0 °C ~50°C Storage Temperature: -20°C ~ 70°C Humidity: 10% ~ 90% RH, non-condensing

Dimensions: 432mm×250mm×44mm (W x H x D)

Page 12

The Switch User’s Guide

2 Installation

The site where you place the Switch may greatly affect its performance. When installing, take the following into your consideration.

2.1 Installation method

z Follow the guidelines below to install the Switch. z Install the Switch in a fairly cool and dry place. See the Technical Specifications

for the acceptable temperature and humidity operating ranges.

z Install the Switch on a sturdy, level surface that can support its weight, (at least

4KG)

z Connect the power cord to the Switch and the power outlet. The distance is no

more than 182cm.

z Leave at least 10cm (about 4 inches) of space at the front and rear of the Switch

for ventilation.

2.2 Desktop or Shelf Installation

When installing the Switch on the desktop or shelf, please attach the rubber feet to the Switch. Peel off the protective paper on the pads and attach them on the bottom of the Switch (one at each corner).

2.3 Rack Installation

The Switch is rack-mountable and can be installed on an EIA-19 inch equipment rack. To do this, first install the mounting brackets on the Switch’s side panels (one on each side), secure them with the included screws, and then use the screws provided with the equipment rack to mount the Switch on the 19 inch rack.

2.4 Power on the Switch

The Switch has a universal power supply ranging from 100V to 220V AC,50 ~ 60Hz power source. The AC power connector is located at the rear of the unit adjacent to and the system fan. The switch’s power supply will adjust to the local power source automatically.

Page 13

The Switch User’s Guide

3 Connecting the switch

This chapter describes how to connect the Switch to your Fast Ethernet network.

3.1 PC to Switch

Figure 3-1 PC to Switch

A PC can be connected to the Switch via a two-pair Category 3,4, or5 UTP/STP straight-through cable. For 100Mbps operation Category 5 must be used. The PC (equipped with a RJ-45 10Mb Ethernet or 100Mb Fast Ethernet NIC) should be connected to any port of the Switch. The LED indicators for PC connection are dependent on the LAN card capabilities. If the LED indicators do not light after making a proper connection, check the PC LAN card, the cable, the Switch conditions and connections.

3.2 Hub to Switch

A hub (10 or 100BASE-TX) can be connected to the Switch via a two-pair Category 3, 4, or 5 UTP/STP straight cable. For 100Mbps operation a Category 5 cable must be used. The connection is accomplished from any port of the hub to any port of the Switch.

3.3 Switch to Switch (other devices)

The Switch can be connected to another switch or other devices (routers, bridges, etc.) via a two-pair Category 3, 4, 5 UTP/STP straight or crossover cable. A Category 5 cable must be used for 100Mbps operation. The connection can be done from any (MDI-X) port of the Switch (Switch A) to any of the 10Mbps, 100Mbps (MDI-X) port of the other switch (switch B) or other devices.

3.4 Port Speed & Duplex Mode

After plugging the selected cable to a specific port, the system uses auto-negotiation

Page 14

The Switch User’s Guide

to determine the transmission mode for any new twisted-pair connection: If the attached device does not support auto negotiation or has auto-negotiation disabled, an auto sensing process is initiated to select the speed and set the duplex mode to half-duplex.

Page 15

The Switch User’s Guide

4 Management

This chapter describes three management methods of the Switch.

z Web-based management z Console management z Telnet management z SNMP provides v1/v2

4.1 Web-based management

The Switch has a Web GUI interface for switch configuration. The Switch can be configured through the Web browser. A network administrator can manage, control, and monitor the Switch from the local LAN. This section indicates how to configure the Switch to enable its smart functions including:

Before you configure this device, note that when the Switch is configured through an Ethernet connection, the manager PC must be set on the same the IP network. For example, when the default network address of the default IP address of the Switch is

192.168.2.11, then the manager PC should be set at 192.168.2.x (where x is a number between 1 and 254 except 11), and the default subnet mask is

255.255.255.0. Open an Internet Explorer 5.0 or above Web browser. Enter the IP address http://192.168.2.11 (the factory-default IP address setting) in

the address location.

Figure 4-1 IP address

Page 16

The Switch User’s Guide

NOTE:

The factory-default IP Address : 192.168.2.11

Through the Web Management Utility, you do not need to remember the IP Address; select the device shown in the Monitor List of the Web Management Utility to settle the device on the Web browser.

When the following dialog page appears, enter the default user name and password and press Login to enter the main configuration window.

Figure 4-2 Login

NOTE:

The factory-default User name is “admin”. Pass word is “password”

After entering the password, the main page appears and the screen will display the device status.

Page 17

The Switch User’s Guide

Figure 4-2 the main page

4.2 Console Management

A local console is a terminal or a workstation running a terminal emulation program that is connected directly to the switch via the RS-232 console port on the rear of the switch. Local console management uses the terminal connection to operate the console program built-in to the Switch a network Administrator can manage, control and monitor the switch from the console program.

To start using the Console Management program, first connect an EIA-232 serial cable to a COM port on a PC or notebook computer and to the Console Port on the rear panel of the Switch. Note: do not use a null modem cable.

If you are using Microsoft Windows, boot up the computer, go to “Start” -“Programs”“Accessories”, -“Communications”, and open the “HyperTerminal”. After that follow the instructions below to setup a new terminal connection for the Switch. If you are using other communication software, please select the correct COM port and setup the connection properties according to step 3 below.

Page 18

The Switch User’s Guide

Figure 4-3

1. Type in a name for the connection, select an icon for the connection, and click “OK”.

Page 19

The Switch User’s Guide

Figure 4-4

2. Select the COM port that you are using for this connection and click “OK”.

Figure 4-5

Page 20

The Switch User’s Guide

3. Setup the COM port properties by using the information below and click “OK”.

Figure 4-6

NOTE: The console port is set at the factory for the following configuration: Baud rate: 9,600 Data width: 8 bits Parity: none Stop bits: 1 Flow Control: None

4. You should see some boot-up messages displayed within your “HyperTerminal” session.

5. At the “username” field type in “guest” or let it be empty and hit “Enter”.

6. At the “password” field type in “password” and hit “Enter”. You are now logged into the Switch’s configuration program.

NOTE:

The factory-default User name is empty. Pass word is “password”

4.3 Telnet Management

Page 21

The Switch User’s Guide

In addition to local terminal mode operation, the Switch supports remote management through Telnet, over the Ethernet LAN network or even over internet.

If you are using Microsoft Windows, boot up the computer, go to “Start”-“Run”. Enter ” Telnet 192.168.2.11”, Click “ ok”.

Figure 4-7 the main page

After connected successful please enter” username “and “password”

Figure 4-8

Page 22

The Switch User’s Guide

NOTICE:

The factory-default User name is “guest”. Pass word is “guest”

Page 23

The Switch User’s Guide

5 Configuration

5.1 System

5.1.1 IP Address

Each Switch must be assigned its own IP Address, which is used for communication with an SNMP network manager or other TCP/IP application (for example BOOTP, TFTP). The Switch’s the factory-default IP Address is 192.168.2.11. You can change the factory-default Switch IP address to meet the specification of your networking address scheme.

Click the IP Address menu button. The web manager will display the IP Address web below.

Figure 5-1

Enter the appropriate IP Address and Submask and Gateway.

NOTICE:

The Switch’s factory-default IP address is 192.168.2.11 with Submask of

255.255.255.0 and a default gateway of 192.168.2.1

5.1.2 SNMP

5.1.2.1 Theory

The Simple Network Management Protocol (SNMP) is an application layer protocol that facilitates the exchange of management information between network devices. It is part of the Transmission Control Protocol/Internet Protocol (TCP/IP) protocol suite. SNMP enables network administrators to manage network performance, find and solve network problems, and plan for network growth.

An SNMP-managed network consists of three key components: Network

Page 24

The Switch User’s Guide

management stations (NMSs), SNMP agents, Management information base (MIB) and network-management protocol： z Network management stations (NMSs)： Sometimes called consoles, these

devices execute management applications that monitor and control network elements. Physically, NMSs are usually engineering workstation-caliber computers with fast CPUs, megapixel color displays, substantial memory, and abundant disk space. At least one NMS must be present in each managed environment.

z Agents：Agents are software modules that reside in network elements. They

collect and store management information such as the number of error packets received by a network element.

z Management information base (MIB)：A MIB is a collection of managed objects

residing in a virtual information store. Collections of related managed objects are defined in specific MIB modules.

z network-management protocol：A management protocol is used to convey

management information between agents and NMSs. SNMP is the Internet community's de facto standard management protocol.

SNMP Operations

SNMP itself is a simple request/response protocol. NMSs can send multiple requests without receiving a response.

z Get -- Allows the NMS to retrieve an object instance from the agent. z Set -- Allows the NMS to set values for object instances within an agent. z Trap -- Used by the agent to asynchronously inform the NMS of some event.

The SNMPv2 trap message is designed to replace the SNMPv1 trap message.

SNMP community

An SNMP community is the group that devices and management stations running SNMP belong to. It helps define where information is sent. The community name is used to identify the group. A SNMP device or agent may belong to more than one SNMP community. It will not respond to requests from management stations that do not belong to one of its communities. SNMP default communities are:

z Write = private z Read = public

5.1.2.2 SNMP Configuration

1. SNMP Agent Status Configuration

First turn on SNMP Agent. Enabled / Disabled: To turn on or turn off the SNMP function on the Switch.

Figure 5-2

Page 25

The Switch User’s Guide

2. System Options

Used to define a logical name to the switch, the location of the switch, and contact person for administration of the switch. This information is used in Enterprise SNMP management, where the network can be very widespread, potentially even in other countries. To know where the unit is physically located, and who to contact in the event of a problem is critical. In “system options” table configuration consists of three key components:

z System Name: Enter a name to be used for the switch. z System Location: Enter the location of the switch. For example enter

“TONGMEI17F”

z Contact: Enter the name of the person or organization that maintains the switch.

For example enter “Test”

After complete hereinbefore three steps click “ok”.

Figure 5-3

3. Community Configuration

Use this table to create an SNMP community string to define the relationship between the SNMP manager and an agent. The community string acts like a password to permit access to the agent on the Switch. One or more of the following characteristics can be associated with the community string:

z Add Community: enter private or public z Chooses community strings for the Switch management access: read only or

read/write Read only: Enables requests accompanied by this string to display MIB-object information. Read/Write: Enables requests accompanied by this string to display MIB-object information and to set MIB objects.

After complete hereinbefore two steps click “ Add”.

Page 26

The Switch User’s Guide

Figure 5-4

z Current Communities: show the list in input field

Figure 5-5

4. Management Station Configuration

A trap manager is a management station (SNMP application) that receives trap s (the system alerts generated by the switch). If no trap manager is defined, no traps are issued. Create a trap manager by entering the IP address of the station and a community string.

z Enter Network management stations IP address: 192.168.2.11 z Trap Community: must be the same as “Add community”

Then click “Add”

Figure 5-6

IN “Current Management Stations” show list

Page 27

The Switch User’s Guide

Figure 5-7

5.1.3 Password

Password is the invaluable tool for the manager to secure the Web Management Switch. You can use this function to change the password. Enter “old password “, “new password”, “confirm password” and click “ok”.

Figure 5-8

5.1.4 MAC Address

Each Switch must be assigned its own MAC Address. You can use this function to modify the Switch MAC address.

Figure 5-9

5.1.5 CONSOLE

If you forget the parameter of Console Management .In this function you can look about all.

Page 28

The Switch User’s Guide

Figure 5-10

5.1.6 Management Host Configuration

This function is based upon the security of the Switch. If turn on this function then only one IP address of in “Enter Management Host IP “ input field can land the Web management .If turn off this function then all host of the same the network IP address as the Switch ‘IP address can do it.

Turn on: Choose “startup Management Host”. In ”Management Host IP” field input IP address.

Figure 5-11

5.1.7 System Upgrade

This function allows the administrator to perform a WEB firmware update. Click “Browse” to choose firmware. You must wait for some seconds. Upgrade successful will be show in “Update Status”

Page 29

The Switch User’s Guide

Figure 5-12

CAUTION:

In course of System Upgrade, Please don’t touch The Switch Power.

5.1.8 Saving Parameters

This operation will save all your parameters on the switch. After reboot the switch, all the parameters are still valid. If don’t do it the parameters will lose after reboot system.

Figure 5-13

5.1.9 Parameters Backup & Recovery

Backup: The backup tools help you to backup the current setting of the Switch. Once you need to backup the setting, press the “Backup the system's parameters” button to save the setting. Recovery: To restore a current setting file to the device, you must specify the backup file and press the “Browse” button to process the setting of the recorded file.

Page 30

The Switch User’s Guide

Figure 5-14

5.1.10 Load Default

This operation helps you to reset the device back to the default setting from the factory. Be aware that the entire configuration will be reset, the IP address will be retrieved .The default IP address of 192.168.2.11 will be used.

Figure 5-15

CAUTION: This operation will result in all the parameters losing. Except for urgency please cautioning!

5.1.11 Reboot

Reboot the system.

Page 31

The Switch User’s Guide

Figure 5-16

5.2 Port Management

5.2.1 Port Configuration

This page displays the current status of every port. It will display the user’s selection for each port followed by the actual discovered settings. z Management Status: Display port status: Enable or Disable, Disable indicates

port is off.

z Link Status: Down indicates “No Link”, up indicates “Link”. z Speed: Used to set the port speed to either 100Mbps or 10Mbps on

Port1~Port24.

z 1000Mbps, 100Mbps or 10Mbps speed on Port25 and Port26 (depending on

module card used).

z Duplex: Dis plays full-duplex or half-duplex mode. z Flow Control: Display Flow status of port: Enable or Disable, Disable indicates

Flow control is off.

z Auto: Display which mode the port is auto-negotiated z Config: (configured) Displays the state defined by the user. z Atual: (actual) Display s the negotiation result.

Page 32

The Switch User’s Guide

Figure 5-17

5.2.2 Port Statistics

The Port Statistics page provides a view of the current status of every port on the Switch. Pressing the “Reset” button will reset all port counters to zero.

Page 33

The Switch User’s Guide

Figure 5-18

5.2.3 Port Band Restrict

The function provides for the administrator In-Band Restrict and Out-Band Restrict of every port on the Switch. Input the range from 64Kbps to 8000Kbps.

Page 34

The Switch User’s Guide

Figure 5-19

Page 35

The Switch User’s Guide

5.3 Redundancy

5.3.1 Spanning Tree

1. Spanning Tree Protocol

The IEEE 802.1D Spanning Tree Protocol allows for the blocking of links between switches that form loops within the network. When multiple links between switches are detected, a primary link is established. Duplicated links are blocked from use and become standby links. The protocol allows for the duplicate links to be used in the event of a failure of the primary link. Once the Spanning Tree Protocol is configured and enabled, primary links are established and duplicated links are blocked automatically. The reactivation of the blocked links (at the time of a primary link failure) is also accomplished automatically without operator intervention.

This automatic network reconfiguration provides maximum uptime to network users. However, the concepts of the Spanning Tree Algorithm and protocol are a complicated and complex subject and must be fully researched and understood. It is possible to cause serious degradation of the performance of the network if the Spanning Tree is incorrectly configured. Please read the following before making any changes from the default values. The Switch STP performs the following functions: z Creates a single spanning tree from any combination of switching or bridging

elements.

z Creates multiple spanning trees – from any combination of ports contained

within a single switch, in user specified groups.

z Automatically reconfigures the spanning tree to compensate for the failure,

addition, or removal of any element in the tree.

z Reconfigures the spanning tree without operator intervention.

Bridge Protocol Data Units

For STP to arrive at a stable network topology, the following information is used:

z The unique switch identifier z The path cost to the root associated with each switch port z The port identifier

STP communicates between switches on the network using Bridge Protocol Data Units (BPDUs). Each BPDU contains the following information: z The unique identifier of the switch that the transmitting switch currently believes

is the root switch

z The path cost to the root from the transmitting port z The port identifier of the transmitting port

The switch sends BPDUs to communicate and construct the spanning-tree topology. All switches connected to the LAN on which the packet is transmitted will receive the BPDU. BPDUs are not directly forwarded by the switch, but the receiving switch uses the information in the frame to calculate a BPDU, and, if the topology changes, initiates a BPDU transmission. The communication between switches via BPDUs results in the following:

Page 36

The Switch User’s Guide

z One switch is elected as the root switch z The shortest distance to the root switch is calculated for each switch z A designated switch is selected. This is the switch closest to the root switch

through which packets will be forwarded to the root.

z A port for each switch is selected. This is the port providing the best path from

the switch to the root switch.

z Ports included in the STP are selected.

Creating a Stable STP Topology

To make the fastest link the root port. If all switches have STP enabled with default settings, the switch with the lowest MAC address in the network will become the root switch. By increasing the priority (lowering the priority number) of the best switch, STP can be forced to select the best switch as the root switch.

When STP is enabled using the default parameters, the path between source and destination stations in a switched network might not be ideal. For instance, connecting higher-speed links to a port that has a higher number than the current root port can cause a root-port change.

STP Port States

The BPDUs take some time to pass through a network. This propagation delay can result in topology changes where a port that transitioned directly from a Blocking state to a Forwarding state could create temporary data loops. Ports must wait for new network topology information to propagate throughout the network before starting to forward packets. They must also wait for the packet lifetime to expire for BPDU packets that were forwarded based on the old topology. The forward delay timer is used to allow the network topology to stabilize after a topology change. In addition, STP specifies a series of states a port must transition through to further ensure that a stable network topology is created after a topology change.

Each port on a switch using STP exists is in one of the following five states:

z Blocking – the port is blocked from forwarding or receiving packets z Listening – the port is waiting to receive BPDU packets that may tell the port to

go back to the blocking state

z Learning – the port is adding addresses to its forwarding database, but not

yet forwarding packets

z Forwarding – the port is forwarding packets z Disabled – the port only responds to network management messages and must

return to the blocking state first

A port transitions from one state to another as follows:

z From initialization (switch boot) to blocking z From blocking to listening or to disabled z From listening to learning or to disabled z From learning to forwarding or to disabled z From forwarding to disabled z From disabled to block ing

Page 37

The Switch User’s Guide

Blocking

Switch boot

Listening

Learning

Forwarding

Disabled

Figure 5-20 STP Port State Transitions

You can modify each port state by using management software. When you enable STP, every port on every switch in the network goes through the blocking state and then transitions through the states of listening and learning at power up. If properly configured, each port stabilizes to the forwarding or blocking state. No packets (except BPDUs) are forwarded from, or received by, STP enabled ports until the forwarding state is enabled for that port.

2. STP Parameters

The following are the user-configurable STP parameters for the switch level:

Parameter Description Default Value

Bridge Identifier(Not user configurable except by setting priority below)

A combination of the User-set priority and the switch’s MAC address. The Bridge Identifier consists of two parts: a 16-bit priority and a 48-bit Ethernet MAC address 32768 + MAC

32768 + MAC

Priority

A relative priority for each switch – lower numbers give a higher priority and a greater chance of a given switch being elected as the root bridge

32768

Hello Time The length of time between

broadcasts of the hello message by the switch

2 seconds

Maximum Age Timer Measures the age of a received 20 seconds

Page 38

The Switch User’s Guide

BPDU for a port and ensures that the BPDU is discarded when its age exceeds the value of the maximum age timer.

Forward Delay Timer

The amount time spent by a port in the learning and listening states waiting for a BPDU that may return the port to the blocking state.

15 seconds

The following are the user-configurable STP parameters for the port or port group level:

Variable Description Default Value

Port Priority

A relative priority for each port –lower numbers give a higher priority and a greater chance of a given port being elected as the root port

32768

Port Cost A value used by STP to evaluate

paths – STP calculates path costs and selects the path with the minimum cost as the active path

19-100Mbps Fast Ethernet ports 4-1000Mbps Gigabit Ethernet ports

Default Spanning-Tree Configuration

Feature Default Value

Enable state STP enabled for all

ports Port priority 128 Port cost 19 Bridge Priority 32,768

User-Changeable STA Parameters

The Switch’s factory default setting should cover the majority of installations. However, it is advisable to keep the default settings as set at the factory; unless, it is absolutely necessary. The user changeable parameters in the Switch are as follows:

Priority – A Priority for the switch can be set from 0 to 65535. 0 is equal to the highest Priority.

Hello Time – The Hello Time can be from 1 to 10 seconds. This is the interval between two transmissions of BPDU packets sent by the Root Bridge to tell all other Switches that it is indeed the Root Bridge. If you set a Hello Time for your Switch, and it is not the Root Bridge, the set Hello Time will be used if and when your Switch becomes the Root Bridge.

Page 39

The Switch User’s Guide

NOTICE:

The Hello Time cannot be longer than the Max. Age. Otherwise, a configuration error will occur.

Max. Age – The Max Age can be from 6 to 40 seconds. At the end of the Max Age, if a BPDU has still not been received from the Root Bridge, your Switch will start sending its own BPDU to all other Switches for permission to become the Root Bridge. If it turns out that your Switch has the lowest Bridge Identifier, it will become the Root Bridge.

Forward Delay Timer – The Forward Delay can be from 4 to 30 seconds. This is the time any port on the Switch spends in the listening state while moving from the blocking state to the forwarding state.

NOTICE:

Observe the following formulas when setting the above parameters: Max. Age _ 2 x (Forward Delay - 1 second) Max. Age _ 2 x (Hello Time + 1 second)

Port Priority – A Port Priority can be from 0 to 255. The lower the number, the greater the probability the port will be chosen as the Root Port.

Port Cost – A Port Cost can be set from 0 to 65535. The lower the number, the greater the probability the port will be chosen to forward packets.

3. Illustration of STP

A simple illustration of three switches connected in a loop is depicted in Figure 5-7. In this example, you can anticipate some major network problems if the STP assistance is not applied. If switch A broadcasts a packet to switch B, switch B will broadcast it to switch C, and switch C will broadcast it to back to switch A ... and so on. The broadcast packet will be passed indefinitely in a loop, potentially causing a network failure. In this example, STP breaks the loop by blocking the connection between switch B and C. The decision to block a particular connection is based on the STP calculation of the most current Bridge and Port settings. Now, if switch A broadcasts a packet to switch C, then switch C will drop the packet at port 2 and the broadcast will end there. Setting-up STP using values other than the defaults, can be complex. Therefore, you are advised to keep the default factory settings and STP will automatically assign root bridges/ports and block loop connections. Influencing STP to choose a particular switch as the root bridge using the Priority setting, or influencing STP to choose a particular port to block using the Port Priority and Port Cost settings is, however, relatively straight forward.

Page 40

The Switch User’s Guide

Figure 5-21 before Applying the STA Rules

In this example, only the default STP values are used.

Figure 5-21 After Applying the STA Rules

The switch with the lowest Bridge ID (switch C) was elected the root bridge, and the ports were selected to give a high port cost between switches B and C. The two

Page 41

The Switch User’s Guide

(optional) Gigabit ports (default port cost = 4) on switch A are connected to one (optional) Gigabit port on both switch B and C. The redundant link between switch B and C is deliberately chosen as a 100 Mbps Fast Ethernet link (default port cost =

19). Gigabit ports could be used, but the port cost should be increased from the default to ensure that the link between switch B and switch C is the blocked link.

5.3.2 Spanning Tree Configuration

The Spanning Tree Protocol (STP) operates on two levels: on the switch level, the settings are globally implemented. On the port level, the settings are implemented on a. per user-defined Group of ports.

1. Spanning Tree Configuration

Configure the following parameters and click the Apply button to implement them: Status: Default<Disabled>.This field can be toggled between Enabled and Disabled using the pulld own menu. This will enable or disable the Spanning Tree Protocol (STP), globally, for the Switch.

Max Age: (6 - 40 sec) the default setting is 20 Hello Time: (1 - 10sec) the default setting is 2 Forward Delay: (4 -30 sec) the default setting is 15 Bridge Priority: (0 - 61440) the default setting is 32768

Figure 5-22

2. Bridge Information

You can view Root Bridge spanning tree information from the follow table.

Figure 5-23

3. STP Port Configuration

The following fields can be set for STP port configuration: Port Priority: Defines if this port is more or less likely to become the root port. The range is from 0 to 255, the default setting is 128.The lower number has the highest

Page 42

The Switch User’s Guide

priority. Path Cost: Specifies the path cost of the port. The switch uses this parameter to help determine which port will become a forwarding port. Lower numbers will be used as forwarding ports first. The range is from 0 to 65535. The default values based on IEEE802.1D are: 10Mb/s = 50-600, 100Mb/s = 10-60, 1000Mb/s = 3-10

Figure 5-24

5.3.3 Link Aggregation

The Link Aggregation Control Protocol (LACP) provides a standardized means for exchanging information between Partner Systems that require high speed redundant links.

Port trunks can be used to increase the bandwidth of a network connection or to ensure fault recovery. Link aggregation lets you group up to 8 consecutive ports into a single dedicated connection between any two the Switch or other Layer 2 switches. However, before making any physical connections between devices, use the Trunk Configuration menu to specify the trunk on the devices at both ends. When using a

Page 43

The Switch User’s Guide

port trunk, note that: z The ports used in a trunk must all be of the same media type (RJ-45, 100 Mbps

fiber, or 1000 Mbps fiber).

z The ports that can be assigned to the same trunk have certain other restrictions

(see below).

z Ports can only be assigned to one trunk. z The ports at both ends of a connection must be configured as trunk ports. z None of the ports in a trunk can be configured as a mirror source port or a mirror

target port.

z All of the ports in a trunk have to be treated as a whole when moved from/to,

added or deleted from a VLAN.

z The Spanning Tree Protocol will treat all the ports in a trunk as a whole. z Enable the trunk prior to connecting any cable between the switches to avoid

creating a data loop.

z Disconnect all trunk port cables or disable the trunk ports before removing a port

trunk to avoid creating a data loop.

Allows a maximum of eight ports to be aggregated at the same time. The Switch support Gigabit Ethernet ports (up to 12 groups). If the group is defined as a local static trunking group, then the number of ports must be the same as the group member ports.

Figure 5-25

5.4 Security

5.4.1 VLANs

5.4.1.1 Theory

z Understanding IEEE 802.1p Priority Priority tagging is a function defined by the IEEE 802.1p standard designed to provide a means of managing traffic on a network where many different types of data may be transmitted simultaneously. It is intended to alleviate problems associated

Page 44

The Switch User’s Guide

with the delivery of time critical data over congested networks. The quality of applications that are dependent on such time critical data, such as video conferencing, can be severely and adversely affected by even very small delays in transmission.

Network devices that are in compliance with the IEEE 802.1p standard have the ability to recognize the priority level of data packets. These devices can also assign a priority label or tag to packets. Compliant devices can also strip priority tags from packets. This priority tag determines the packet's degree of expeditiousness and determines the queue to which it will be assigned.

Priority tags are given values from 0 to 7 with 0 being assigned to the lowest priority data and 7 assigned to the highest. The highest priority tag 7 is generally only used for data associated with video or audio applications, which are sensitive to even slight delays, or for data from specified end users whose data transmissions warrant special consideration.

The Switch allows you to further tailor how priority tagged data packets are handled on your network. Using queues to manage priority tagged data allows you to specify its relative priority to suit the needs of your network. There may be circumstances where it would be advantageous to group two or more differently tagged packets into the same queue. Generally, however, it is recommended that the highest priority queue, Queue 1, be reserved for data packets with a priority value of 7. Packets that have not been given any priority value are placed in Queue 0 and thus given the lowest priority for delivery.

A weighted round robin system is employed on the Switch to determine the rate at which the queues are emptied of packets. The ratio used for clearing the queues is 4:1. This means that the highest priority queue, Queue 1, will clear 4 packets for every 1 packet cleared from Queue 0.

Remember, the priority queue settings on the Switch are for all ports, and all devices connected to the Switch will be affected. This priority queuing system will be especially beneficial if your network employs switches with the capability of assigning priority tags.

z VLANs Description A V irtual Local Area Network (VLAN) is a network topology configured according to a

logical scheme rather than the physical layout. VLAN can be used to combine any collection of LAN segments into an autonomous user group that appears as a single LAN. VLAN also logically segment the network into different broadcast domains so that packets are forwarded only between ports within the VLAN. Typically, a VLAN corresponds to a particular subnet, although not necessarily.

VLAN can enhance performance by conserving bandwidth, and improve security by limiting traffic to specific domains.

A VLAN is a collection of end nodes grouped by logic instead of physical location. End nodes that frequently communicate with each other are assigned to the same

Page 45

The Switch User’s Guide

VLAN, regardless of where they are physically on the network. Logically, a VLAN can be equated to a broadcast domain, because broadcast packets are forwarded to only members of the VLAN on which the broadcast was initiated.

NOTICE:

1. No matter what basis is used to uniquely identify end nodes and assign these nodes VLAN membership, packets cannot cross VLAN without a network device performing a routing function between the VLAN.

2. The Switch supports Port-based VLAN and IEEE 802.1Q VLAN. The port untagging function can be used to remove the 802.1 tag from packet headers to maintain compatibility with devices that are tag-unaware.

3. The Switch's default is to assign all ports to a single 802.1Q VLAN named DEFAULT_VLAN. As new VLA N is created, the member ports assigned to the new VLAN will be removed from the DEFAULT_ VLAN port member list. The DEFAULT_VLAN has a VID = 1.

z Port-based VLANs Port-based VLAN limit traffic that flows into and out of switch ports. Thus, all devices connected to a port are members of the VLAN(s) the port belongs to, whether there is a single computer directly connected to a switch, or an entire department.

On port-based VLAN.NIC do not need to be able to identify 802.1Q tags in packet headers. NIC send and receive normal Ethernet packets. If the packet's destination lies on the same segment, communications take place using normal Ethernet protocols. Even though this is always the case, when the destination for a packet lies on another switch port, VLAN considerations come into play to decide if the packet is dropped by the Switch or delivered.

z IEEE 802.1Q VLANs IEEE 802.1Q (tagged) VLAN are implemented on the Switch. 802.1Q VLAN require

tagging, which enables them to span the entire network (assuming all switches on the network are IEEE 802.1Q-compliant).

VLAN allow a network to be segmented in order to reduce the size of broadcast domains. All packets entering a VLAN will only be forwarded to the stations (over IEEE 802.1Q enabled switches) that are members of that VLAN, and this includes broadcast, multicast and unicast packets from unknown sources.

VLAN can also provide a level of security to your network. IEEE 802.1Q VLAN will only deliver packets between stations that are members of the VLAN. Any port can be configured as either tagging or untagging. The untagging feature of IEEE 802.1Q VLAN allows VLAN to work with legacy switches that don't recognize VLAN tags in packet headers. The tagging feature allows VLAN to span multiple

802.1Q-compliant switches through a single physical connection and allows Spanning Tree to be enabled on all ports and work normally.

Any port can be configured as either tagging or untagging. The untagging feature of IEEE 802.1Q VLAN allow VLAN to work with legacy switches that don’t recognize

Page 46

The Switch User’s Guide

VLAN tags in packet headers. The tagging feature allows VLAN to span multiple

802.1Q-compliant switches through a single physical connection and allows Spanning Tree to be enabled on all ports and work normally.

Some relevant terms:

Tagging - The act of putting 802.1Q VLAN information into the header of a packet. Untagging - The act of stripping 802.1Q VLAN information out of the packet header.

802.1Q VLAN Tags

The figure below shows the 802.1Q VLAN tag. There are four additional octets inserted after the source MAC address. Their presence is indicated by a value of 0x8100 in the Ether Type field. When a packet's Ether Type field is equal to 0x8100, the packet carries the IEEE 802.1Q/802.1p tag. The tag is contained in the following two octets and consists of 3 bits of user priority, 1 bit of Canonical Format Identifier (CFI - used for encapsulating Token Ring packets so they can be carried across Ethernet backbones), and 12 bits of VLAN ID (VID). The 3 bits of user priority are used by 802.1p. The VID is the VLAN identifier and is used by the 802.1Q standard. Because the VID is 12 bits long, 4094 unique VLAN can be identified. The tag is inserted into the packet header making the entire packet longer by 4 octets. All of the information originally contained in the packet is retained.

Figure 5-26

The Ether Type and VLAN ID are inserted after the MAC source address, but before the original Ether Type/Length or Logical Link Control. Because the packet is now a bit longer than it was originally, the Cyclic Redundancy Check (CRC) must be recalculated.

Page 47

The Switch User’s Guide

Figure 5-27

Port VLAN ID

Packets that are tagged (are carrying the 802.1Q VID information) can be transmitted from one 802.1Q compliant network device to another with the VLAN information intact. This allows 802.1Q VLAN to span network devices (and indeed, the entire network – if all network devices are 802.1Q compliant).

Every physical port on a switch has a PVID. 802.1Q ports are also assigned a PVID, for use within the switch. If no VLAN are defined on the switch, all ports are then assigned to a default VLAN with a PVID equal to 1. Untagged packets are assigned the PVID of the port on which they were received. Forwarding decisions are based upon this PVID, in so far as VLAN are concerned. Tagged packets are forwarded according to the VID contained within the tag. Tagged packets are also assigned a PVID, but the PVID is not used to make packet forwarding decisions, the VID is.

Tag-aware switches must keep a table to relate PVID within the switch to VID on the network. The switch will compare the VID of a packet to be transmitted to the VID of the port that is to transmit the packet. If the two VID are different the switch will drop the packet. Because of the existence of the PVID for untagged packets and the VID for tagged packets, tag-aware and tag-unaware network devices can coexist on the same network.

A switch port can have only one PVID, but can have as many VID as the switch has memory in its VLAN table to store them.

Because some devices on a network may be tag-unaware, a decision must be made at each port on a tag-aware device before packets are transmitted – should the packet to be transmitted have a tag or not? If the transmitting port is connected to a tag-unaware device, the packet should be untagged. If the transmitting port is connected to a tag-aware device, the packet should be tagged.

Default VLANs

The Switch initially configures one VLAN, VID = 1, called "default." The factory default setting assigns all ports on the Switch to the "default." As new VLAN are configured in Port-based mode, their respective member ports are removed from the "default."

Page 48

The Switch User’s Guide

z VLANs and Trunk Groups In order to use VLAN segmentation in conjunction with port trunk groups, you can first set the port trunk group(s), and then you may configure VLAN settings. If you wish to change the port trunk grouping with VLAN already in place, you will not need to reconfigure the VLAN settings after changing the port trunk group settings. VLAN settings will automatically change in conjunction with the change of the port trunk group settings

5.4.1.2 VLAN Configuration

z Port-based VLANs Packets can only be broadcast among other members of the same VLAN group. Note all unselected ports are treated as belonging to the default system VLAN. If port-based VLAN are enabled, then VLAN-tagging is ignored.

1. First choose Port-based VLAN. Click “ok”

Figure 5-28

2. Click Add to create a new VLAN group.

Figure 5-29

3.Type the VLAN name, group ID and select the members for the new VLAN.

4. Click “Add”.

5. Then pitch on the port and click “Add” .The port will be the member for one VALN.

Page 49

The Switch User’s Guide

Page 50

The Switch User’s Guide

Figure 5-30

If you want to show or add or modify the VLAN.

Figure 5-31

z 802.1Q VLAN There are up to 256 configurable VLAN groups. By default when 802.1Q is enabled, all ports on the switch belong to default VLAN (VID 1). The default VLAN cannot be deleted.

Page 51

The Switch User’s Guide

Understand nomenclature of the Switch Tagging and Untagging

Every port on an 802.1Q compliant switch can be configured as tagging or untagging.

z Tagging: Ports with tagging enabled will put the VID number, priority and other

VLAN information into the header of all packets that flow into those ports. If a packet has previously been tagged, the port will not alter the packet, thus keeping the VLAN information intact. The VLAN information in the tag can then be used by other 802.1Q compliant devices on the network to make packet-forwarding decisions.

z Untagging: Ports with untagging enabled will strip the 802.1Q tag from all

packets that flow into those ports. If the packet doesn't have an 802.1Q VLAN tag, the port will not alter the packet. Thus, all packets received by and forwarded by an untagging port will have no 802.1Q VLAN information. (Remember that the PVID is only used internally within the Switch). Untagging is used to send packets from an 802.1Q-compliant network device to a

non-compliant network device. Here pay attention to explain of “Access” and “Trunk”. z Access: Ports will strip the 802.1Q tag from all packets that out of those ports. If

the packet doesn’t have an 802.1Q VLAN tag, the port will not alter the packet.

Thus, all packets received by and forwarded by an untagging port will have no

802.1Q VLAN information. Untagging is used to send packets from an

802.1Q-compliant network device to a non-compliant network device.

z Trunk: Ports with tagging enabled will put the VID number, priority and other

VLAN information into the header of all packets that out of those ports. If a

packet has previously been tagged, the port will not alter the packet, thus

keeping the VLAN information intact. The VLAN information in the tag can then

be used by other 802.1Q compliant devices on the network to make packet

forwarding decisions.

Port VID (PVID)

Set the port VLAN ID that will be assigned to untagged traffic on a given port. This feature is useful for accommodating devices that you want to participate in the VLAN but that don’t support tagging. The Switch allows each port to set one PVID, the range is 1~255, default PVID is 1. The PVID must be the same as the VLAN ID that the port was defined as belonging to in the VLAN group, or the untagged traffic will be dropped.

1. First choose 802.1Q VLAN. Click “ok”

Page 52

The Switch User’s Guide

Figure 5-32

Click “OK”. Next to view the following page: Then this page display VALN configuration information of all port

Page 53

The Switch User’s Guide

Figure 5-33

2. Choose “port2” to enter into VLAN configuration.

The default PVID is 1

Page 54

The Switch User’s Guide

Figure 5-34

Page 55

The Switch User’s Guide

Figure 5-35

3. Choose the type of link :Access or Trunking. Define PVID for port2

Figure 5-36

4. Trunk configuration: Port2 with tagging enabled will put the VID number, priority and other VLAN information into the header of all packets that out of it. Type a name for the new VLAN. Type a VID (between 2-4094). The default is 1.Clicd “Add”.

Figure 5-37

Then display in the VLAV table.

Page 56

The Switch User’s Guide

Figure 5-38

In the VLAN table choose VLAN which you want to tagging. Click “Add”

Figure 5-39

If you want to display one VLAN.

Figure 5-40

Page 57

The Switch User’s Guide

Figure 5-41

5.4.2 MAC Address Bind

This function is based upon for the switch security . When you add one MAC Address is bind with one port. it remains in the switch's address table, regardless of whether the device is physically connected to the switch. This saves the switch from having to re-learn a device's MAC address after it has been disconnected or powered-off from the network, and then reconnected at some time later. If the Network station connected with one port want to control the switch, The station’s MAC Address must be the same as one MAC Address In the MAC Address box, enter the MAC address that you want to bind and in the port box enter the corresponding port number. Click ”Add”. To Delete a MAC address Bind from the table, simply select it and click Delete.

Figure 5-42

Page 58

The Switch User’s Guide

Figure 5-43

5.4.3 MAC Address Filtering

MAC address filtering allows the switch to drop unwanted traffic. Traffic is filtered based on the destination addresses. In the MAC Address box, enter the MAC address that you want to filter out. Click ”Add”. To Delete a MAC address entry from the filtering table, simply select it and click Delete.

Figure 5-44

Page 59

The Switch User’s Guide

Figure 5-45

5.4.4 MAC Address Learning

For every port choose MAC Study’ status: Enable/Disable In the Port box enter the port number. Choose status. Click ”Ok”

Page 60

The Switch User’s Guide

Figure 5-46

5.4.5 MAC Address Aging Time

The Aging Time affects the learning process of the Switch. Dynamic forwarding table entries, which are made up of the source and destination MAC addresses and their associated port numbers, are deleted from the table if they are not accessed within the aging time. The aging time can be from 30 to 1,000 seconds with a default value of 300 seconds. A very long aging time can result in dynamic forwarding table entries that are out-of-date or no longer exist. This may cause incorrect packet forward indecisions

Page 61

The Switch User’s Guide

by the Switch. If the Aging Time is too short however, many entries may be aged out too soon. This will result in a high percentage of received packets whose source addresses cannot be found in the forwarding table, in which case the switch will broadcast the packet to all ports, negating many of the benefits of having a switch. Static forwarding entries are not affected by the aging time.

Type the number of seconds that an inactive MAC address remains in the switch’s address table. The valid range is 30~1,000 seconds. Default is 300 seconds.

Figure 5-47

5.5 QOS

5.5.1 Understand QOS

Quality of Service (QoS) is an advanced traffic prioritization feature that allows you to establish control over network traffic. QoS enables you to assign various grades of network service to different types of traffic,

QoS reduces bandwidth limitations, delay, loss, and jitter. It also provides increased reliability for delivery of your data and allows you to prioritize certain applications across your network.

You can use QoS on your system to:

z Classifying traffic based on MAC addres/ 802.1p priority bits/ VLAN/ ports. z Improve performance for specific types of traffic and preserve performance as

the amount of traffic grows.

z Reduce the need to constantly add bandwidth to the network. z Manage network congestion.

QoS Terminology Classifier － classifies the traffic on the network. Traffic classifications are

determined by protocol, application, source, destination, and so on. You can create and modify classifications. The Switch then groups classified traffic in order to schedule them with the appropriate service level.

DiffServ Code Point (DSCP) － is the traffic prioritization bits within an IP header that are encoded by certain applications and/or devices to indicate the level of

Page 62

The Switch User’s Guide

service required by the packet across a network. Service Level－defines the priority that will be given to a set of classified traffic. You

can create and modify service levels. Policy－comprises a set of “rules” that are applied to a network so that a network

meets the needs of the business. That is, traffic can be prioritized across a network according to its importance to that particular business type. QoS Profile－ consists of multiple sets of rules (classifier plus service level combinations). The QoS profile is assigned to a port(s).

Rules－comprises a service level and a classifier to define how theSwitch will treat certain types of traffic. Rules are associated with a QoS Profile (see above).

To implement QoS on your network, you need to carry out the following actions: 1: Define a service level to determine the priority that will be applied to traffic. 2: Apply a classifier to determine how the incoming traffic will be classified and thus treated by the Switch. 3: Create a QoS profile which associates a service level and a classifier. 4: Apply a QoS profile to a port(s).

5.5.2 QOS Configuration

QoS settings allow customization of packet priority in order to facilitate delivery of data traffic that might be affected by latency problems. The IEEE 802.1p Priority specification uses 8 priority levels to classify data packets. In 802.1p compliant devices, a tag inserted into the packet header is used to identify the priority level of data packets.

The Switch supports four kinds of Traffic classifiers: 802.1P/ Port/MAC/VLANs and four queues.

NOTE:

COS: priority classifiers of the Switch forward packet. COS range is from 0 to 7. Seven is the high class. Zero is the less class. The user may configure the mapping between COS and Traffic classifiers.

1. MAC-COS

QoS settings allow customization of MAC address to Traffic classifiers. In the field input MAC Address. Input you want to mapping COS number. To delete an entry from the table, simply select it and click Delete.

Page 63

The Switch User’s Guide

Figure 5-48

Figure 5-49

2. VLAN-COS

QoS settings allow customization of VLAN ID to Traffic classifiers In the field input VID. Input you want to mapping COS number. To delete an entry from the table, simply select it and click Delete.

Figure 5-50

Page 64

The Switch User’s Guide

Figure 5-51

3.802.1p-priority-CoS

In the field input the number of “802.1p Priority “(0-7). Input you want to mapping COS number.

Figure 5-52

Page 65

The Switch User’s Guide

Figure 5-53

4. Port-COS

QoS settings allow customization of VLAN ID to Traffic classifiers In the field input the port number. Input you want to mapping COS number.

Page 66

The Switch User’s Guide

Figure 5-54

5. COS-Queue mapping

In the field input COS. Input you want to mapping the Queue number.

Page 67

The Switch User’s Guide

Figure 5-55

6. Queue Management

The administrator can modify Queue Policy: WRR/Always High.

Figure 5-56

If choose WRR this page Show Queue Weight

Page 68

The Switch User’s Guide

Figure 5-57

5.6 Multicast

5.6.1 IGMP Snooping

z Theory Computers and network devices that want to receive multicast transmissions need to inform nearby routers that they will become members of a multicast group. The Internet Group Management Protocol (IGMP) is used to communicate this information. IGMP is also used to periodically check the multicast group for members that are no longer active. In the case where there is more than one multicast router on a sub network, one router is elected as the ‘queried’. This router then keeps track of the membership of the multicast groups that have active members. The information received from IGMP is then used to determine if multicast packets should be forwarded to a given sub network or not. The router can check, using IGMP, to see if there is at least one member of a multicast group on a given subnet work. If there are no members on a sub network, packets will not be forwarded to that sub network.

z IGMP Versions 1 and 2 Multicast groups allow members to join or leave at any time. IGMP provides the method for members and multicast routers to communicate when joining or leaving a multicast group. IGMP version 1 is defined in RFC 1112. It has a fixed packet size and no optional data. The format of an IGMP packet is shown below:

Figure 5-58

The IGMP Type codes are shown below: Type Meaning 0x11 Membership Query (if Group Address is 0.0.0.0) 0x11 Specific Group Membership Query (if Group Address is Present) 0x16 Membership Report (version 2) 0x17 Leave a Group (version 2) 0x12 Membership Report (version 1)

IGMP packets enable multicast routers to keep track of the membership of multicast groups, on their respective sub networks. The following outlines what is communicated between a multicast router and a multicast group member using IGMP. A host sends an IGMP “report” to join a group

Page 69

The Switch User’s Guide

A host will never send a report when it wants to leave a group (for version 1). A host will send a “leave” report when it wants to leave a group (for version 2). Multicast routers send IGMP queries (to the all-hosts group address: 224.0.0.1)

periodically to see whether any group members exist on their sub networks. If there is no response from a particular group, the router assumes that there are no group members on the network.

The Time-to-Live (TTL) field of query messages is set to 1 so that the queries will not be forwarded to other sub networks.

IGMP version 2 introduces some enhancements such as a method to elect a multicast queried for each LAN, an explicit leave message, and query messages that are specific to a given group.

The states a computer will go through to join or to leave a multicast group are shown below:

Figure 5-59

z IGMP Snooping Configuration The Switch support switch for control this function. The default is “Disable”

Page 70

The Switch User’s Guide

Figure 5-60

5.6.2 Static Routing Port

Access this function configuring the port become the member of IGMP Groups of one VLANs In the Port box enter the port number and enter the number of The VLAN (VLD ).

Figure 5-61

5.7 Port Analysis

5.7.1 Port Analysis

This function is an instrument of diagnosing the network malfunction for the administrator. Count kinds of data of every port.

The following view provides statistical information about “port6”.

Page 71

The Switch User’s Guide

Figure 5-62

If received the packet’ size less than 64 byte or overstep 1518 byte .The network has the malfunction.

5.7.2 Port Mirror

Port Mirroring is a method of monitoring network traffic that forwards a copy of each incoming and/or outgoing packet from one port of a network switch to another port where the packet can be studied. It enables the manager to keep close track of switch performance and alter it if necessary.

Configuring the port mirroring by assigning a source port from which to copy all packets and a sniffer port where those packets will be sent.

Choose the port of want to use t Ingress Port: duplicate the date transmitted from the source port and forward it to

Page 72

The Switch User’s Guide

the Capture port. Egress Port: duplicate the data sent to the source and forward it to the Capture port.

Figure 5-62

5.8 Storm Restricting

The administrator can use this function to limit the amount of Broadcast or Multicast or Flooded for every port. Input the range from 64Kbps to 80,000Kbps. In the Port box enter the port number. Choose limited type. Enter Flow range Click “Add”. To delete a list from the table, simply select it and click Delete.

Figure 5-63