GE
Security
GE-DSH-73/DSH-82/DSH-82-PoE
User Manual
P/N 1069172 • REV 1.0 • ISS 22FEB10
Copyright
Disclaimer
Trademarks and patents
Intended use
FCC compliance
Regulatory information N4131
Manufacturer
© 2010 GE Security, Inc.
This document may not be copied in whole or in part or otherwise reproduced without prior
written consent from GE Security, Inc., except where specifically permitted under US and
international copyright law.
The information in this document is subject to change without notice. GE Security, Inc.
(“GE Security”) assumes no responsibility for inaccuracies or omissions and specifically disclaims
any liabilities, losses, or risks, personal or otherwise, incurred as a consequence, directly or
indirectly, of the use or application of any of the contents of this document. For the latest
documentation, contact your local supplier or visit us online at www.gesecurity.com.
This publication may contain examples of screen captures and reports used in daily operations.
Examples may include fictitious names of individuals and companies. Any similarity to names
and addresses of actual businesses or persons is entirely coincidental.
GE and the GE monogram are trademarks of General Electric Company.
Other trade names used in this document may be trademarks or registered trademarks of the
manufacturers or vendors of the respective products.
Use this product only for the purpose it was designed for; refer to the data sheet and user
documentation for details. For the latest product information, contact your local supplier or visit
us online at
This product is intended to be supplied by a UL Listed Direct Plug-In Power Unit marked "Class 2"
or "LPS" and output rated 48 VDC, 380 mA minimum.
This equipment has been tested and found to comply with the limits for a Class A digital device,
pursuant to part 15 of the FCC Rules. These limits are designed to provide reasonable protection
against harmful interference when the equipment is operated in a commercial environment.
This equipment generates, uses, and can radiate radio frequency energy and, if not installed
and used in accordance with the instruction manual, may cause harmful interference to radio
communications.
You are cautioned that any changes or modifications not expressly approved by the party
responsible for compliance could void the user's authority to operate the equipment.
GE Security, Inc.
HQ and regulatory responsibility:
GE Security, Inc., 8985 Town Center Parkway, Bradenton, FL 34202, USA
EU authorized manufacturing representative:
GE Security B.V., Kelvinstraat 7, 6003 DH Weert, The Netherlands
www.gesecurity.com.
European Union directives
2002/96/EC (WEEE directive): Products marked with this symbol cannot be disposed of as
unsorted municipal waste in the European Union. For proper recycling, return this product to
your local supplier upon the purchase of equivalent new equipment, or dispose of it at
Contact information
designated collection points. For more information see: www.recyclethis.info.
For contact information see our Web site: www.gesecurity.com.
For contact information see our Web site: www.gesecurity.eu.
Content
Chapter 1 Introduction 1
Package Contents 2
Chapter 2 Installation 11
Hardware Description 11
Installing the Switch 23
Chapter 3 Network Application 33
Chapter 4 Console Management 37
Chapter 5 Web-Based Management 43
About Web-based Management 43
Requirements 44
Logging on the Switch 44
System 46
Port Management 65
Protocol 76
Security 118
Digital Input/Output (GE-DSH-73) 129
Power Over Ethernet (GE-DSH-82-PoE) 131
Factory Default 135
Save Configuration 135
System Reboot 136
Chapter 6 Command Sets 137
System Commands Set 137
Port Commands Set
140
Trunk Commands Set 142
VLAN Commands Set 143
Spanning Tree Commands Set 145
QOS Commands Set 147
IGMP Commands Set 148
MAC / Filter Table Commands Set 149
SNMP Commands Set
150
Port Mirroring Commands Set 153
802.1x Commands Set 154
TFTP Commands Set 156
SystemLog, SMTP and Event Commands Set 157
GE-DSH-73/DSH-82 and DSH-82-PoE User Manual i
SNTP Commands Set 159
X-ring Commands Set 160
PoE Command Set 161
Chapter 7 Switch Operation
Address Table
163
163
Chapter 8 Power Over Ethernet Overview 165
What is PoE? 165
Appendix A RJ-45 Pin Assignment 171
Switch's RJ-45 Pin Assignments 171
10/100Mbps, 10/100Base-TX 172
Appendix B Troubleshooting 175
ii GE-DSH-73/DSH-82 and DSH-82-PoE User Manual
Chapter 1
Introduction
GE-DSH-82 GE-DSH-82-PoE GE-DSH-73
The GE Security Managed Industrial Ethernet Switch series - the GE-DSH-82, GE-DSH82-PoE and GE-DSH-73 are multiple 10/100Mbps ports Ethernet Switches with
Gigabit TP/SFP fiber optical combo connective ability and robust layer 2 features. The
description of these models is below:
GE-DSH-82 : 8-Port 10/100Base-TX + 2-Port Gigabit TP/SFP Combo Managed Industrial
Ethernet Switch
GE-DSH-82-PoE : 8-Port 10/100Base-TX + 2-Port Gigabit TP/SFP Combo Managed Industrial PoE
Switch
GE-DSH-73 : 7-Port 10/100Base-TX + 3-Port Gigabit TP/SFP Combo Managed Industrial
Ethernet Switch
GE-DSH-73/DSH-82 and DSH-82-PoE User Manual 1
Chapter 1: Introduction
Package Contents
What’s in the box
Open the Managed Industrial Switch box and carefully unpack it. The box should
contain the following items:
The Managed Industrial Switch
x1
User’s manual on CD
Installation Sheet
RJ-45 to RS-232 Cable
x1
x1
x1
If any of these are missing or damaged, please contact your dealer immediately, if
possible, retain the carton including the original packing material, and use them
again to repack the product in case there is a need to return it to us.
Product Description
Enhanced Reliability for Industrial Networks
The GE Security GE-DSH-82 series Managed Industrial Ethernet Switch with multiple
redundant ring technology is equipped with 8 10/100Mbps Fast Ethernet ports and 2
Gigabit TP/SFP combo interfaces and the GE-DSH-73 is equipped with 7 10/100Mbps
Fast Ethernet ports and 3 Gigabit TP/SFP combo interfaces. All of them are delivered
in a rugged high-strength case. It is an industrially (substation) hardened and fully
managed Ethernet Switch specifically designed to operate reliably in electrically
harsh and climatically demanding environments. The GE-DSH-82 / GE-DSH-73 series
is the most reliable choice for highly managed and Fiber Ethernet applications.
• Wide Range Operating Temperature
• Redundant Ethernet Network
• Manageable
• Power Redundant
• Gigabit / Fiber uplink capability
2 GE-DSH-73/DSH-82 and DSH-82-PoE User Manual
Chapter 1: Introduction
Fast Recovery to a Redundant Ethernet Network
The GE-DSH-82 / GE-DSH-73 series features strong and rapid self-recovery capability
to prevent interruptions and outside intrusions. It incorporates advanced redundant
data Ring technology; Rapid Spanning Protocol (IEEE 802.1w RSTP) and a redundant
power supply system into customers' industrial automation network to enhance
system reliability and uptime in the harsh factory environments. It also protects
customer's industrial network connectivity with switching recovery capability that is
used for implementing fault tolerant ring and mesh network architectures. If the
Industrial network was interrupted accidentally, the fault recovery times could be less
than 20ms to quickly bring the network back to normal operation.
Tough, Environmentally Hardened Design
With IP-30 aluminum industrial case protection, the GE-DSH-82 / GE-DSH-73 series
provides a high level of immunity against electromagnetic interference and heavy
electrical surges which are usually found on plant floors or in curb side traffic control
cabinets. The GE-DSH-82 / GE-DSH-73 series also provides a wide range of power
supply options suitable for multiple industries and for worldwide operation. The
feature of operating temperature range from -40 to 75 Degree C allows the Managed
Industrial Switch to be placed in almost any difficult environment.
Robust Layer 2 Features and Advanced Security
The GE-DSH-82 / GE-DSH-73 series supports robust advanced features including IEEE
802.1Q VLAN, GVRP, Port link aggregation, QoS, broadcast storm control, MAC
address filtering, IGMP snooping enhanced security and bandwidth utilization to fit a
variety of applications. Via aggregation of supporting port, the GE-DSH-82 / GE-DSH73 series allows the operation of high-speed trunk combining multiple ports.
Maximum up to 4 ports of the GE-DSH-82 / GE-DSH-73 series can be assigned for 4
trunk groups and support fail-over as well. Additionally, its standard-compliant
implementation ensures interoperability with equipments from other vendors.
Product Features
• Physical Port
o GE-DSH-82
8-Port 10/100Base-TX RJ-45
2-Port 10/100/1000Base-T TP combo interfaces
2 mini-GBIC / SFP slots shared with Gigabit copper ports and support
100/1000 Dual Mode
GE-DSH-73/DSH-82 and DSH-82-PoE User Manual 3
Chapter 1: Introduction
1 RJ-45 Console interface for Switch basic management and setup
o GE-DSH-82-PoE (Power Over Ethernet)
2-Port 10/100/1000Base-T TP combo interfaces
2 mini-GBIC / SFP slots shared with Gigabit copper ports and support
100/1000 Dual Mode
1 RJ-45 Console interface for Switch basic management and setupGE-
DSH-73
Supports 48VDC, 15.4 watts PoE power outputs to 9 IEEE 802.3af
compliant Powered Devices
Power feeding On/Off and priority configuration
Powered Device Auto detection
LED PoE Status Monitoring
Note: The GE-DSH-82-PoE, PoE requires the use of the recommended external power
source.
o GE-DSH-73
7-Port 10/100Base-TX RJ-45
3-Port 10/100/1000Base-T TP combo interfaces
3 mini-GBIC / SFP slots shared with Gigabit copper ports and support
100/1000 Dual Mode
1 RJ-45 Console interface for Switch basic management and setup
Industrial Conformance
• Wide range redundant power with polarity reverse protect function
• -40 to 75 Degree C operation temperature
• IP-30 metal case
• Relay alarm for port breakdown, power failure
• Supports 4000 VDC Ethernet ESD protection
• Free fall, Shock and Vibration Stability
Rapid Ring
• Rapid Ring, Dual Homing, Couple Ring Topology
• Provides redundant backup feature and the recovery time less than
20ms
4 GE-DSH-73/DSH-82 and DSH-82-PoE User Manual
Chapter 1: Introduction
• Layer 2 Features
o Complies with the IEEE 802.3, IEEE 802.3u, IEEE 802.3ab, IEEE 802.3z Gigabit
Ethernet standards
o Supports Auto-negotiation and half duplex/full duplex modes for all 10Base-
T/100Base-TX and 1000Base-T ports
o Auto-MDI/MDI-X detection on each RJ-45 port
o Prevents packet loss with back pressure (Half-Duplex) and IEEE 802.3x PAUSE
frame flow control (Full-Duplex)
o Supports VLANs
IEEE 802.1Q Tagged based VLAN
Port-Based VLAN
GVRP
Up to 255 VLANs groups, out of 4K VLAN IDs
o Supports Spanning Tree Protocol
STP, IEEE 802.1D Spanning Tree Protocol
RSTP, IEEE 802.1w Rapid Spanning Tree Protocol
o Supports Link Aggregation
Up to 4 Trunk groups
Up to 4 ports per trunk group with 800Mbps bandwidth (Full Duplex mode)
IEEE 802.3ad LACP (Link Aggregation Control Protocol)
Cisco ether-Channel (Static Trunk)
• Quality of Service
o 4 priority queues on all switch ports
o Traffic classification by:
Port-Based priority
IEEE 802.1p Class of Service
IP TOS (Type of Service) priority
o Supports strict priority and Weighted Round Robin (WRR) policies
o Ingress/Egress Bandwidth control on each port
• Multicast
o IGMP Snooping v1 and v2
o IGMP Query mode for Multicast Media application
GE-DSH-73/DSH-82 and DSH-82-PoE User Manual 5
Chapter 1: Introduction
• Security
o IEEE 802.1x Port-Based Authentication
o MAC address Filtering and MAC address Binding
o IP address security management to prevent unauthorized intruder
o Port Mirroring to monitor the incoming or outgoing traffic on a particular port
o Management
WEB-based, Telnet, Console Command Line management
Access through SNMP v1, v2c and v3 set and get requests
SNMP Trap / SMTP email for alarm notification of events
System Log Server / Client
Configuration backup / restore
E-mail event alert
TFTP firmware upgrade
Support LLDP to allow switch to advise its identification and capability on
the LAN
Product Specifications
Product GE-DSH-82 GE-DSH-82-PoE GE-DSH-73
Hardware Specification
10/100Mbps Copper Ports
1000Mbps Copper Ports
SFP/mini-GBIC Slots
8 10/ 100Base-TX RJ45 Auto-MDI/MDI-X
ports
2 10/100/1000Base-T
RJ-45 ports
2 SFP interfaces,
shared with Port-9
and Port-10
8 10/ 100Base-TX RJ-45
Auto-MDI/MDI-X ports
2 10/100/1000Base-T
RJ-45 ports
2 SFP interfaces, shared
with Port-9 and Port-10
7 10/ 100Base-TX RJ45 Auto-MDI/MDI-X
ports
3 10/100/1000Base-T
RJ-45 ports
3 SFP interfaces,
shared with Port-7,
Port-9 and Port-10
Switch Architecture Store-and-Forward
Switch Fabric
Switch Throughput 4.16Mpps @64Bytes 4.16Mpps @64Bytes 5.5Mpps@64bytes
Address Table 8K entries
6 GE-DSH-73/DSH-82 and DSH-82-PoE User Manual
5.6Gbps / nonblocking
5.6Gbps / non-blocking
7.4Gbps / nonblocking
Chapter 1: Introduction
Share Data Buffer 1Mbit
Maximum Frame Size 1522 Bytes packet
Flow Control
LED
Back pressure for Half-Duplex
IEEE 802.3x Pause Frame for Full-Duplex
Per unit:
Power (Green), Ring
Master (Green), Power
1 (Green), Power 2
(Green), Fault (Red)
8 port 10/100:
Link/Activity (Green),
Full duplex/Collision
(Yellow)
2 SFP port:
LNK/ACT(Green)
2 1000T:
LNK/ACT(Green),
1000M(Green)
Per unit:
Power (Green), Ring
Master (Green), Power 1
(Green), Power 2 (Green),
Fault (Red)
8 port 10/100:
Link/Activity (Green), Full
duplex/Collision (Yellow)
2 SFP port:
LNK/ACT(Green),
2 1000T:
LNK/ACT(Green),
1000M(Green)
PoE:
PoE In-use (Green)
2 Digital Input (DI):
Per unit:
Power (Green), Ring
Master (Green), Power
1 (Green), Power 2
(Green), Fault (Red)
7 port 10/100:
Link/Activity (Green),
Full duplex/Collision
(Yellow)
3 SFP port:
LNK/ACT(Green)
3 1000T:
LNK/ACT(Green),
1000M(Green)
Level 0: -30~2V
Level 1: 10~30V
DI/DO ---
Max. input current: 8mA
---
2 Digital Output(DO):
Open collector to 40VDC,
200mA
ESD Protection 4KV DC 6KV DC 6KV DC
EFT Protection 3KV DC 3KV DC 3KV DC
Console Interface One RJ-45-to –RS-232 male connector for switch management
Power Over Ethernet
PoE Standard ---
IEEE 802.3af PSE (Power
Sourcing Equipment)
---
Units can be Powered --- 8 ---
PoE Power Output ---
48V DC, Max. 15.4 watts,
350mA
---
Power Pin Assignment --- 1/2(+), 3/6(-) ---
GE-DSH-73/DSH-82 and DSH-82-PoE User Manual 7
Chapter 1: Introduction
Layer 2 function
Management Interface Console, Telnet, Web Browser, SNMP v1, v2c and v3
Port disable/enable.
Port Configuration
Port Status
VLAN
Spanning Tree
Link Aggregation
QoS
Auto-negotiation 10/100Mbps full and half duplex mode selection.
Flow Control disable / enable.
Bandwidth control on each port.
Display each port’s speed duplex mode, link status, Flow control status.
Auto negotiation status
Port-Based VLAN, up to 9 VLAN groups
IEEE 802.1q Tagged Based VLAN , 4K VLAN ID, up to 256 VLAN groups
IEEE 802.1d Spanning Tree
IEEE 802.1w Rapid Spanning Tree
Static Port Trunk
IEEE 802.3ad LACP (Link Aggregation Control Protocol)
Supports 4groups of 4-Port trunk
Traffic classification based on :
Port Number,
802.1Q Tag,
802.1p priority,
IP DSCP/TOS field in IP Packet
v1 and v2
IGMP Snooping
256 multicast groups and IGMP query
Per port bandwidth control
Bandwidth Control
Ingress: 500Kb~80Mbps
Egress: 64Kb~80Mbps
Port Mirror RX / TX / Both
Support 100 entries of MAC address for static MAC and another 100 for
MAC filter
Security
Support 10 IP addresses that have permission to access the switch
management and to prevent unauthorized intruder
8 GE-DSH-73/DSH-82 and DSH-82-PoE User Manual
Chapter 1: Introduction
RFC-1213 MIB-II
RFC-2863 Interface MIB
SNMP MIBs
RFC-1493 Bridge MIB
RFC-2819 RMON MIB (Group 1, 2, 3, 9)
RFC-2674 Extended Bridge MIB (Q-Bridge)
Private MIB
Standards Conformance
Regulation Compliance FCC Part 15 Class A, CE
IEEE 802.3 10Base-T
IEEE 802.3u 100Base-TX/100Base-FX
IEEE 802.3z Gigabit SX/LX
IEEE 802.3ab Gigabit 1000T
IEEE 802.3x Flow Control and Back pressure
IEEE 802.1d Spanning tree protocol
IEEE 802.1w Rapid spanning tree protocol
IEEE 802.1p Class of service
IEEE 802.1Q VLAN Tagging
Standards Compliance
IEEE 802.1x Port Authentication Network Control
IEEE 802.3af Power over Ethernet (GE-DSH-82-PoE)
RFC 768 UDP
RFC 793 TFTP
RFC 791 IP
RFC 792 ICMP
RFC 2068 HTTP
RFC 1112 IGMP version 1
RFC 2236 IGMP version 2
GE-DSH-73/DSH-82 and DSH-82-PoE User Manual 9
Chapter 1: Introduction
10 GE-DSH-73/DSH-82 and DSH-82-PoE User Manual
Chapter 2
Installation
Hardware Description
Physical Dimensions
GE-DSH-82
(W x D x H): 2.83” x 4.13” x 5.98” / 72mm x 105mm x 152mm.
Figure 2-1: GE-DSH-82 panel layout
GE-DSH-73/DSH-82 and DSH-82-PoE User Manual 11
Chapter 2: Installation
GE-DSH-82-PoE
(W x D x H): 2.83” x 4.13” x 5.98” / 72mm x 105mm x 152mm
Figure 2-2: GE-DSH-82-PoE panel layout
GE-DSH-73
(W x D x H): 2.83” x 4.13” x 5.98” / 72mm x 105mm x 152mm
Figure 2-3: GE-DSH-73 panel layout
12 GE-DSH-73/DSH-82 and DSH-82-PoE User Manual
Chapter 2: Installation
Front / Rear Panel
The Front Panel and Rear Panel of the GE-DSH-82 Managed Industrial Switch are
shown below:
Figure 2-4: Front and Rear Panel of GE-DSH-82
1. Model Name 9. 10/100/1000Base-T port
2. System Power: LED 10. 1000Base-SX/LX SFP slot
3. Ring Master: LED indicator 11. LED indicators for 1000Base-SX/LX ort
4. LED for power 1 input 12. 6-Pin Terminal Block
5. LED for power 2 input 13. Ground Screw
6. FAULT: LED indicator 14. Screw holes for Wall Mounting kit
7. RJ-45 type RS-232 Console 15. DIN-Rail Kit
8. 8 x 10/100Base-TX port
GE-DSH-73/DSH-82 and DSH-82-PoE User Manual 13
Chapter 2: Installation
The Front Panel and Rear Panel of the GE-DSH-82-PoE Managed Industrial Switch are
shown below:
Figure 2-5: Front and Rear Panel of GE-DSH-82-PoE
1. Model Name 9. 10/100/1000Base-T port
2. System Power: LED 10. 1000Base-SX/LX SFP slot
3. Ring Master: LED indicator 11. LED indicators for 1000Base-SX/LX ort
4. LED for power 1 input 12. LED indicators for PoE power output
5. LED for power 2 input 13. 6-Pin Terminal Block
6. FAULT: LED indicator 14. Ground Screw
7. RJ-45 type RS-232 Console 15. Screw holes for Wall Mounting kit
8. 8 x 10/100Base-TX port 16. DIN-Rail Kit
14 GE-DSH-73/DSH-82 and DSH-82-PoE User Manual
Chapter 2: Installation
The Front Panel and Rear Panel of the GE-DSH-73 Managed Industrial Switch are
shown below:
Figure 2-6: Front and Rear Panel of GE-DSH-73
1. Model Name 9. 1000Base-SX/LX SFP slot (Port-7)
2. System Power: LED 10. 1000Base-SX/LX SFP slots (Port-9 / Port-10)
3. Ring Master: LED indicator 11. 10/100/1000Base-T ports (Port-9 / Port-10)
4. LED for power 1 input 12. 6-Pin Terminal Block
5. LED for power 2 input 13. Ground Screw
6. FAULT: LED indicator 14. Screw holes for Wall Mounting kit
7. RJ-45 type RS-232 Console 15. DIN-Rail Kit
8. 8 x 10/100Base-TX port
GE-DSH-73/DSH-82 and DSH-82-PoE User Manual 15
Chapter 2: Installation
Top View
The top panel of the GE-DSH-82 Managed Industrial Switch has one terminal block
connector of two DC power inputs and one fault alarm.
Figure 2-7: Top Panel of GE-DSH-82
Figure 2-8: Top Panel of GE-DSH-82-PoE
16 GE-DSH-73/DSH-82 and DSH-82-PoE User Manual
Chapter 2: Installation
The top panel of the GE-DSH-73 Managed Industrial Switch has two terminal block
connectors:
• Power connector - consists of two DC power inputs and one fault alarm.
• DI/DO connector - comprises two digital inputs-DI0 and DI1and two digital
outputs-DO0 and DO1.
Figure 2-9: Top Panel of GE-DSH-73
GE-DSH-73/DSH-82 and DSH-82-PoE User Manual 17
Chapter 2: Installation
LED Indicators
The diagnostic LEDs that provide real-time information of system and optional status
are located on the front panel of the GE-DSH series. The following table provides the
description of the LED status and their meanings for the Managed Industrial Switch.
GE-DSH-82 LED Indicators
• System
LED Color Status Meaning
PWR Green
R.M. Green
PWR1 Green
PWR2 Green
FAULT Red
On The switch unit is power on.
Off No power.
On The industrial switch is the master of X-Ring group.
Off
On Power 1 is active.
Off Power 1 is inactive.
On Power 2 is active.
Off Power 2 is inactive.
On Power or port failure.
Off No failure.
The industrial switch is not a ring master in X-Ring
group.
• 10/100Base-TX Ports – Port-1 to Port-8
LED Color Status Meaning
On A network device is detected.
The port is transmitting or receiving packets from the
TX device.
The port is in half-duplex mode or no device is
attached.
Port-1 ~ Port-8
Green
Amber
Blinking
Off No device attached.
On The port is operating in full-duplex mode.
Blinking Collision of Packets occurs.
Off
18 GE-DSH-73/DSH-82 and DSH-82-PoE User Manual
Chapter 2: Installation
• 10/100Base-TX Ports – Port-9, Port-10
LED Color Status Meaning
On A network device is detected.
Port 9, Port 10
(RJ-45)
Green
Blinking
(Upper LED)
Off No device attached
The port is transmitting or receiving packets from
the TX device.
Green
(Lower LED)
Link/Active (P9,
P10 SFP)
Green
GE-DSH-73 LED Indicators
• System
LED Color Status Meaning
PWR Green
R.M. Green
On 1000M
Off 10/100M
On The SFP port is linking
Blinking
Off No device attached
On The switch unit is power on.
Off No power.
On The industrial switch is the master of X-Ring group.
Off
The port is transmitting or receiving packets from
the TX device.
The industrial switch is not a ring master in X-Ring
group.
PWR1 Green
PWR2 Green
FAULT Red
On Power 1 is active.
Off Power 1 is inactive.
On Power 2 is active.
Off Power 2 is inactive.
On Power or port failure.
Off No failure.
GE-DSH-73/DSH-82 and DSH-82-PoE User Manual 19
Chapter 2: Installation
• 10/100Base-TX Ports – Port-1 to Port-8
LED Color Status Meaning
On A network device is detected.
The port is transmitting or receiving packets from
the TX device.
The port is in half-duplex mode or no device is
attached.
Port-1 ~ 6 &
Port-8
Green
Amber
Blinking
Off No device attached.
On The port is operating in full-duplex mode.
Blinking Collision of Packets occurs.
Off
• 10/100Base-TX Ports – Port-7, Port-9 and Port-10
LED Color Status Meaning
On A network device is detected.
Port 7, Port 9,
Port 10 (RJ-45)
Green
(Upper LED)
Green
(Lower LED)
Blinking
Off No device attached
On 1000M
Off 10/100M
The port is transmitting or receiving packets from
the TX device.
Link/Active
(P7, P9, P10
SFP)
Green
On The SFP port is linking
Blinking
Off No device attached
The port is transmitting or receiving packets from
the TX device.
20 GE-DSH-73/DSH-82 and DSH-82-PoE User Manual
Chapter 2: Installation
GE-DSH-82-PoE LED Indicators
• System
LED Color Status Meaning
PWR Green
R.M. Green
PWR1 Green
PWR2 Green
FAULT Red
On The switch unit is power on.
Off No power.
On The industrial switch is the master of X-Ring group.
Off
On Power 1 is active.
Off Power 1 is inactive.
On Power 2 is active.
Off Power 2 is inactive.
On Power or port failure.
Off No failure.
The industrial switch is not a ring master in X-Ring
group.
• 10/100Base-TX Ports – Port-1 to Port-8
LED Color Status Meaning
On A network device is detected.
Port-1 ~ Port-8
Green
Amber
Blinking
Off No device attached.
On The port is operating in full-duplex mode.
Blinking Collision of Packets occurs.
Off
The port is transmitting or receiving packets from
the TX device.
The port is in half-duplex mode or no device is
attached.
GE-DSH-73/DSH-82 and DSH-82-PoE User Manual 21
Chapter 2: Installation
• PoE port link – Port-1 to Port-8
LED Color Status Meaning
(P1 to P8)
Green
On An IEEE 802.3af PoE power device is detected. FWD
Off No IEEE 802.3af PoE power device attached
• 10/100/1000Base-T / SFP combo interface - Port-9, Port-10
LED Color Status Meaning
On A network device is detected.
Port 9, Port 10
(RJ-45)
Link/Active (P9,
P10 SFP)
Green
(Upper LED)
Green
(Lower LED)
Green
Blinking
Off No device attached
On 1000M
Off 10/100M
On The SFP port is linking
Blinking
Off No device attached
The port is transmitting or receiving packets from
the TX device.
The port is transmitting or receiving packets from
the TX device.
22 GE-DSH-73/DSH-82 and DSH-82-PoE User Manual
Chapter 2: Installation
Installing the Switch
This section describes how to install your Managed Industrial Switch and make
connections to the Managed Industrial Switch. Please read the following topics and
perform the procedures in the order being presented. To install your switch on a
desktop or shelf, simply complete the following steps.
In this paragraph, we will describe how to install the 8 10/100TX w/ X-Ring Managed
Industrial Switch and the installation points attended to it.
Installation Steps
1. Unpack the Industrial switch
2. Check if the DIN-Rail is screwed on the Industrial switch or not. If the DIN-Rail is not
screwed on the Industrial switch, please refer to DIN-Rail Mounting section for DINRail installation. If users want to wall mount the Industrial switch, please refer to Wall
Mount Plate Mounting section for wall mount plate installation.
3. To hang the Industrial switch on the DIN-Rail track or wall.
4. Power on the Industrial switch. Refer to the Wiring the Power Inputs section for
knowing the information about how to wire the power. The power LED on the
Industrial switch will light up. Please refer to the LED Indicators section for indication
of LED lights.
5. Prepare the twisted-pair, straight through Category 5 cable for Ethernet
connection.
6. Insert one side of RJ-45 cable (category 5) into the Industrial switch Ethernet port
(RJ-45 port) and another side of RJ-45 cable (category 5) to the network device's
Ethernet port (RJ-45 port), ex: Switch PC or Server. The UTP port (RJ-45) LED on the
Industrial switch will light up when the cable is connected with the network device.
Please refer to the LED Indicators section for LED light indication.
NOTE: Make sure that the connected network devices support MDI/MDI-X. If it does
not support, use the crossover category-5 cable.
7. When all connections are set and LED lights all show in normal, the installation is
complete.
GE-DSH-73/DSH-82 and DSH-82-PoE User Manual 23
Chapter 2: Installation
DIN-Rail Mounting
The DIN-Rail is screwed on the Industrial Switch when out of factory. If the DIN-Rail is
not screwed on the Industrial Switch, please see the following pictures to screw the
DIN-Rail on the Switch. Follow the steps below to hang the Industrial Switch.
Figure 2-10: Rear Panel - DIN-Rail Kit
1. Insert the top of DIN-Rail into the track.
Figure 2-11: Rear Panel - DIN-Rail Kit
24 GE-DSH-73/DSH-82 and DSH-82-PoE User Manual
Chapter 2: Installation
2. Lightly push the DIN-Rail into the track.
Figure 2-12: DIN-Rail mounting
3. Check if the DIN-Rail is tightened on the track or not.
4. To remove the industrial switch from the track, reverse above steps.
Wall Mount Plate Mounting
Follow the steps below to mount the Industrial Switch with wall mount plate.
1. Remove the DIN-Rail from the Industrial Switch; loose the screws to remove the
DIN-Rail.
2. Place the wall mount plate on the rear panel of the Industrial Switch.
3. Use the screws to screw the wall mount plate on the Industrial Switch.
4. Use the hook holes at the corners of the wall mount plate to hang the Industrial
Switch on the wall.
5. To remove the wall mount plate, reverse the above steps.
GE-DSH-73/DSH-82 and DSH-82-PoE User Manual 25
Chapter 2: Installation
Figure 2-13: Wall mounting
Wiring the Power Inputs
The 6-contact terminal block connector on the top panel of GE-DSH-82-PoE is used
for two DC redundant power inputs.
NOTE: This product is intended to be supplied by a UL Listed Direct Plug-In Power Unit
marked "Class 2" or "LPS" and output rated 48 VDC, 380 mA minimum.
Please follow the steps below to insert the power wire.
1. Insert the positive / negative DC power wires into the contacts 1 and 2 for POWER
2, or 5 and 6 for POWER 1.
26 GE-DSH-73/DSH-82 and DSH-82-PoE User Manual
Chapter 2: Installation
Figure 2-14: Wiring the redundant power inputs
3. Tighten the wire-clamp screws to prevent the wires from coming loose.
Figure 2-15: Wiring the redundant power inputs
1 2 3 4 5 6
Power 2 Power 1
- + - +
NOTE: The wire gauge for the terminal block should be in the range between 12 ~ 24
AWG.
For the GE-DSH-82-PoE, A 48VDC, 3A power input is required for full PoE load on the
PoE. Please connect an external power source to the terminal block that can supply
steady power at 48VDC.
Wiring the Fault Alarm Contact
The fault alarm contacts are in the middle of the terminal block connector as the
picture shows below. Inserting the wires, the Industrial Switch will detect the fault
status of the power failure, or port link failure (available for managed model) and then
GE-DSH-73/DSH-82 and DSH-82-PoE User Manual 27
Chapter 2: Installation
forms an open circuit. The following illustration shows an application example for
wiring the fault alarm contacts.
Figure 2-16: 6-Pin Terminal Block Fault Alarm contact
NOTE: The wire gauge for the terminal block should be in the range between 12 ~ 24
AWG.
Figure 2-17: Power Fault Alarm trigger description
Wiring the Digital Inputs / Outputs (GE-DSH-73)
There is another terminal block comprising two sets of digital input/output contacts
on the topside of GE-DSH-73. Please refer to the Digital Input/Output section for how
to configure Digital Input/Output. The following illustration shows the pin assignment
of the DIDO connector. Please note do not connect DO0/DO1 to the external device
using power higher than 40V/200mA.
28 GE-DSH-73/DSH-82 and DSH-82-PoE User Manual
Chapter 2: Installation
Figure 2-18: DI/DO terminal block of GE-DSH-73
Installing the SFP transceiver
The section describes how to insert an SFP transceiver into an SFP slot.
The SFP transceivers are hot pluggable and hot swappable. You can plug-in and out
the transceiver to/from any SFP port without having to power down the Industrial
Switch. Shown in Figure 2-19.
Figure 2-19: Plug-in the SFP transceiver
GE-DSH-73/DSH-82 and DSH-82-PoE User Manual 29
Chapter 2: Installation
Approved GE Security SFP Transceivers
GE Security Industrial Switch supports both Single mode and Multi-mode SFP
transceiver. The following list of approved GE Security SFP transceivers is correct at
the time of publication:
o SFP1000SX-220 SFP (1000Base-SX SFP transceiver / Multi-mode / 850nm /
220m~550m)
o SFP1000LX-10Km SFP (1000Base-LX SFP transceiver / Single mode / 1310nm /
10km)
o SFP100FX1310-TSC-2Km SFP (100Base-FX SFP transceiver / Multi-mode /
1310nm / 2km)
o SFP100FX1310-TSC-20Km SFP (100Base-FX SFP transceiver / Single mode /
1310nm / 20km)
NOTE: We recommend using GE Security SFPs on the Managed Industrial Switch. If
you insert a SFP transceiver that is not supported, the Managed Industrial Switch will
not recognize it.
Before connecting the other switches, workstation or Media Converter:
1. Make sure both side of the SFP transceiver are with the same media type, for
example: 1000Base-SX to 1000Base-SX, 1000Bas-LX to 1000Base-LX.
2. Check the fiber-optic cable type match the SFP transceiver model.
o To connect to 1000Base-SX SFP transceiver, use the Multi-mode fiber cable-
with one side must be male duplex LC connector type.
o To connect to 1000Base-LX SFP transceiver, use the Single-mode fiber cable-
with one side must be male duplex LC connector type.
• Connect the fiber cable
1. Attach the duplex LC connector on the network cable into the SFP transceiver.
2. Connect the other end of the cable to a device - switches with SFP installed, fiber
NIC on a workstation or a Media Converter.
3. Check the LNK/ACT LED of the SFP slot on the front of the Managed Industrial
Switch. Ensure that the SFP transceiver is operating correctly.
4. Check the Link mode of the SFP port if the link failed. Co works with some fiber-NICs
or Media Converters, set the Link mode to "1000 Force" is needed.
30 GE-DSH-73/DSH-82 and DSH-82-PoE User Manual
Chapter 2: Installation
Figure 2-20: LC fiber optical cable connects to the transceiver
• Remove the transceiver module
1. Make sure there is no network activity by consulting or checking with the network
administrator or through the management interface of the switch/converter (if
available) to disable the port in advance.
2. Remove the Fiber Optic Cable gently.
Figure 2-21: Pull out the SFP transceiver
3. Turn the handle of the MGB module horizontally.
4. Pull out the module gently through the handle.
GE-DSH-73/DSH-82 and DSH-82-PoE User Manual 31
Chapter 2: Installation
Figure 2-22: Pull out from the transceiver
NOTE: Never pull out the module without pull the handle or the push bolts on the
module. Pulling out the module with too much force could damage the module and
SFP module slot of the Managed Industrial Switch.
32 GE-DSH-73/DSH-82 and DSH-82-PoE User Manual
Chapter 3
Network Application
This chapter discusses how the Switches function in various Network environments. A
couple sample applications of the industrial switch are shown below.
Factory Redundant Ring Application
GE-DSH-73/DSH-82 and DSH-82-PoE User Manual 33
Chapter 3: Network Application
Transportation Networking and Public Wireless Service
34 GE-DSH-73/DSH-82 and DSH-82-PoE User Manual
Chapter 3: Network Application
X-Ring Application
The industrial Switch supports the Rapid Ring (X-Ring) protocol that can help the
network system to recovery from network connection failure within 20ms or less, and
make the network system more reliable. The X-Ring algorithm is similar to spanning
tree protocol (STP) algorithm but its recovery time is faster than STP. The following
figure is a sample X-Ring application.
GE-DSH-73/DSH-82 and DSH-82-PoE User Manual 35
Chapter 3: Network Application
Coupling Ring Application
In the network, it may have more than one X-Ring group. By using the coupling ring
function, it can connect each X-Ring for the redundant backup. It can ensure the
transmissions between two ring groups not to fail. The following figure is a sample of
coupling ring application.
Dual Homing Application
Dual Homing function is to prevent the connection lose from between X-Ring group
and upper level/core switch. Assign two ports to be the Dual Homing port that is
backup port in the X-Ring group. The Dual Homing function only works when the XRing function is active. Each X-Ring group only has one Dual Homing port.
NOTE: In Dual Homing application architecture, the upper level switches need to
enable the Rapid Spanning Tree protocol.
36 GE-DSH-73/DSH-82 and DSH-82-PoE User Manual
Chapter 4
Console Management
Connecting to the Console Port
The supplied cable which one end is RS-232 connector and the other end is RJ-45
connector. Attach the end of RS-232 connector to PC or terminal and the other end of
RJ-45 connector to the console port of the switch. The connected terminal or PC must
support the terminal emulation program.
Figure 4-1: RS-232 to RJ-45 cable
DB9/ RJ-45 Connector Pinouts
DB9-PIN RJ-45 Connector
12345
1234
1 1 Orange/White
2 2 Orange
3 3 Green/White
4 4 Blue
5 5 Blue/White
6 6 Green
7 7 Brown/White
8 8 Brown
9
GE-DSH-73/DSH-82 and DSH-82-PoE User Manual 37
Chapter 4: Console Management
Login in the Console Interface
To configure the system, connect a serial cable to a COM port on a PC or notebook
computer and to RJ-45 type serial (console) port of the Managed Industrial Switch.
The console port of the Managed Industrial Switch is DCE already, so that you can
connect the console port directly through PC without the need of Null Modem.
Figure 4-2: Connecting the Switch to a PC
A terminal program is required to make the software connection to the GE-DSH series
Managed Industrial Switch. Windows' Hyper Terminal program is a good choice.
Hyper Terminal can be accessed from the Start menu.
1. Click START, then Programs/Accessories and then Hyper Terminal.
When the following screen appears, make sure that the COM port should be
configured as:
Baud Rate: 9600 bps
Data Bits: 8
Parity: none
Stop Bit: 1
Flow control: None
38 GE-DSH-73/DSH-82 and DSH-82-PoE User Manual
Chapter 4: Console Management
Figure 4-3: The COM1 properties window
2. Once the terminal has connected to the device, power on the GE-DSH series
Managed Industrial Switch, the terminal will display that it is running testing
procedures.
3. Then, the following message asks the login password. The factory default
password as following and the login screen in below figure appears.
User name: admin
Password: admin
Figure 4-4: The login screen
GE-DSH-73/DSH-82 and DSH-82-PoE User Manual 39
Chapter 4: Console Management
NOTE: For security reasons, please change and memorize the new password after
this first setup.
Only enter commands in lowercase letters when in the console interface.
CLI Management
The system supports the console management-CLI command. After you log in on to
the system, you will see a command prompt. To enter CLI management interface,
type in "enable" command.
Figure 4-5: The CLI command interface
40 GE-DSH-73/DSH-82 and DSH-82-PoE User Manual
Chapter 4: Console Management
CLI commands and descriptions
Modes Access Method Prompt Exit Method About This Model
The user commands
available at the user level
are a subset of those
available at the privileged
User EXEC
Privileged
EXEC
Begin a session
with your switch.
Enter the enable
command while in
User EXEC mode.
switch>
switch#
Enter logout or
quit.
Enter disable to
exit.
level.
Use this mode to:
• Perform basic tests.
• Display system
information.
The privileged command is
the advanced mode.
Use this mode to
• Display advanced
function status
Global
Configuration
VLAN
database
Interface
configuration
Enter the
configure
command while in
privileged EXEC
mode.
Enter the vlan
database
command while in
privileged EXEC
mode.
Enter the interface
of fast Ethernet
command (with a
specific interface)
while in global
configuration
mode.
switch
(config)#
switch
(vlan)#
switch
(config-if)#
To exit to
privileged EXEC
mode, enter exit
or end
To exit to user
EXEC mode,
enter exit.
To exit to global
configuration
mode, enter exit.
To exit to
privileged EXEC
mode, enter exit
or end.
• Save configuration
Use this mode to configure
those parameters that are
going to be applied to your
switch.
Use this mode to configure
VLAN-specific parameters.
Use this mode to configure
parameters for the switch
and Ethernet ports.
GE-DSH-73/DSH-82 and DSH-82-PoE User Manual 41
Chapter 4: Console Management
42 GE-DSH-73/DSH-82 and DSH-82-PoE User Manual
Chapter 5
Web-Based Management
About Web-based Management
The Managed Industrial Switch offers management features that allow users to
manage the Managed Industrial Switch from anywhere on the network through a
standard browser such as Microsoft Internet Explorer.
The Web-Based Management supports Internet Explorer 6.0. It is based on Java
Applets with an aim to reduce network bandwidth consumption, enhance access
speed and present an easy viewing screen.
NOTE: By default, IE 6.0 or later version does not allow Java Applets to open sockets.
The user has to explicitly modify the browser setting to enable Java Applets to use
network ports.
The Managed Industrial Switch can be configured through an Ethernet connection,
make sure the manager PC must be set on same the IP subnet address with the
Managed Industrial Switch.
For example, the default IP address of the Managed Industrial Switch is
192.168.0.100, then the manager PC should be set at 192.168.0.x (where x is a
number between 1 and 254, except 100), and the default subnet mask is
255.255.255.0.
If you have changed the default IP address of the Managed Industrial Switch to
192.168.1.1 with subnet mask 255.255.255.0 via console, then the manager PC
should be set at 192.168.1.x (where x is a number between 2 and 254) to do the
relative configuration on manager PC.
GE-DSH-73/DSH-82 and DSH-82-PoE User Manual 43
Chapter 5: Web-Based Management
Requirements
• Workstations of subscribers running Windows 98/ME, NT4.0, 2000/2003/XP, MAC
OS9 or later, Linux, UNIX or other platform compatible with TCP/IP protocols.
• Workstation installed with Ethernet NIC (Network Card)
• Ethernet Port connect
o Network cables - Use standard network (UTP) cables with RJ45 connectors.
o Above PC installed with WEB Browser and JAVA runtime environment Plug-in
NOTE: We recommend using Internet Explorer 6.0 or above to access GE-DSH series
Managed Industrial Switch.
Logging on the Switch
1. Use Internet Explorer 6.0 or above Web browser. Enter the factory-default IP
address to access the Web interface. The factory-default IP Address as following:
http://192.168.0.100
2. When the following login screen appears, please enter the default username
"admin" with password "admin" (or the username/password you have changed via
console) to login the main screen of Managed Industrial Switch. The login screen in
Figure 5-1 appears.
Default User name: admin
Default Password: admin
44 GE-DSH-73/DSH-82 and DSH-82-PoE User Manual
Chapter 5: Web-Based Management
Figure 5-1: Login screen
3. After entering the username and password, the main screen appears as shown in
Figure 5-2.
Figure 5-2: Default main page
4. The Switch Menu on the left of the Web page let you access all the commands and
statistics the Switch provides.
Now, you can use the Web management interface to continue the switch
management or manage the Managed Industrial Switch by Web interface. The
Switch Menu on the left of the web page let you access all the commands and
statistics the Managed Industrial Switch provides.
GE-DSH-73/DSH-82 and DSH-82-PoE User Manual 45
Chapter 5: Web-Based Management
NOTE:
1. We recommend using Internet Explorer 6.0 or above to access GE-DSH-82 series
Managed Industrial Switch.
2. The changed IP address take effect immediately after clicking on the Save button.
You need to use the new IP address to access the Web interface.
3. For security reasons, please change and memorize the new password after this
first setup.
4. Only enter commands in lowercase letters when using the web interface.
System
Use the System menu items to display and configure basic administrative details of
the Managed Industrial Switch. Under System the following topics are provided to
configure and view the system information: This section has the following items:
System Information Provides basic system description, including contact information
IP Configuration Sets the IP address for management access
DHCP Server Configure the Switch as a DHCP server for assigning dynamic IP
addresses to devices on a network.
TFTP Upgrade the firmware via TFTP server
Save/view the switch configuration to remote host
Upload the switch configuration from remote host
Fault Relay Alarm Provides relay output for port breakdown, power fail
SNTP Configuration Simple Network Time Protocol. Configures SNTP client settings, including
broadcast mode or a specified list of servers
IP Security Supports 10 IP addresses that have permission to access the switch
management and to prevent unauthorized intruder.
User Authentication Allows configuring the system user name and password required to
access the web pages or log in from CLI.
Factory Default Reset the configuration of the Managed Industrial Switch
System Reboot Restarts the switch
46 GE-DSH-73/DSH-82 and DSH-82-PoE User Manual
Chapter 5: Web-Based Management
System Information
The System Info page provides information for the current device information. The
System Information page helps a switch administrator to identify the hardware MAC
address, software version and system uptime. The screen in Figure 5-3 appears.
Figure 5-3: Switch settings interface
This page includes the following fields:
Object Description
System Name:
System Description: Describes the switch
System Location: Assign the switch physical location (The maximum length is 64 bytes).
System Contact: Enter the name of contact person or organization.
Firmware Version: Displays the switch’s firmware version
Kernel Version: Displays the kernel software version
MAC Address:
Assign the system name of the switch (The maximum length is 64
bytes)
Displays the unique hardware address assigned by manufacturer
(default)
GE-DSH-73/DSH-82 and DSH-82-PoE User Manual 47
Chapter 5: Web-Based Management
IP Configuration
The IP Configuration includes the IP Address, Subnet Mask and Gateway. The
Configured column is used to view or change the IP configuration. Fill up the IP
Address, Subnet Mask and Gateway for the device. The screen in Figure 5-4 appears.
Figure 5-4: IP configuration interface
This page includes the following fields:
Object Description
Enable or disable the DHCP client function. When DHCP client function is
enabled, the switch will be assigned an IP address from the network
DHCP Client:
IP Address:
Subnet Mask:
Gateway:
DHCP server. The default IP address will be replaced by the assigned IP
address on DHCP server. After the user clicks Apply, a popup dialog
shows up to inform the user that when the DHCP client is enabled, the
current IP will lose and user should find the new IP on the DHCP server.
Assign the IP address that the network is using. If DHCP client function is
enabled, this switch is configured as a DHCP client. The network DHCP
server will assign the IP address to the switch and display it in this
column.
The default IP is 192.168.0.100 or the user has to assign an IP address
manually when DHCP Client is disabled.
Assign the subnet mask to the IP address. If DHCP client function is
disabled, the user has to assign the subnet mask in this column field.
Assign the network gateway for the switch. If DHCP client function is
disabled, the user has to assign the gateway in this column field.
The default gateway is 192.168.0.1.
DNS1: Assign the primary DNS IP address.
DNS2: Assign the secondary DNS IP address.
48 GE-DSH-73/DSH-82 and DSH-82-PoE User Manual
Chapter 5: Web-Based Management
DHCP Server
DHCP is the abbreviation of Dynamic Host Configuration Protocol that is a protocol
for assigning dynamic IP addresses to devices on a network. With dynamic
addressing, a device can have a different IP address every time it connects to the
network. In some systems, the device's IP address can even change while it is still
connected. DHCP also supports a mix of static and dynamic IP addresses. Dynamic
addressing simplifies network administration because the software keeps track of IP
addresses rather than requiring an administrator to manage the task. This means
that a new computer can be added to a network without the hassle of manually
assigning it a unique IP address.
The system provides the DHCP server function. Having enabled the DHCP server
function, the switch system will be configured as a DHCP server.
System configuration
The Dynamic Host Configuration Protocol (DHCP) Server gives out IP addresses when
a device is booting up and request an IP to logged on to the network. It must be set
as a DHCP client to obtain the IP address automatically.
Figure 5-5: DHCP Server Configuration interface
GE-DSH-73/DSH-82 and DSH-82-PoE User Manual 49
Chapter 5: Web-Based Management
This page includes the following fields:
Object Description
DHCP Server:
Low IP Address:
High IP Address:
Subnet Mask: Type in the subnet mask of the IP configuration.
Gateway: Type in the IP address of the gateway in your network.
DNS: Type in the Domain Name Server IP Address in your network.
Lease Time (sec):
Enable or Disable the DHCP Server function. Enable—the switch will be
the DHCP server on your local network.
Type in an IP address. Low IP address is the beginning of the dynamic
IP range. For example, dynamic IP is in the range between
192.168.0.101 ~ 192.168.0.200. In contrast, 192.168.0.101 is the Low IP
address.
Type in an IP address. High IP address is the end of the dynamic IP
range. For example, dynamic IP is in the range between 192.168.0.101
~ 192.168.0.200. In contrast, 192.168.0.200 is the High IP address.
It is the time period that system will reset the dynamic IP assignment to
ensure the dynamic IP will not been occupied for a long time or the
server doesn’t know that the dynamic IP is idle.
Client Entries
When the DHCP server function is enabled, the system will collect the DHCP client
information including the assigned IP address, the MAC address of the client device,
the IP assigning type, status and lease time.
Figure 5-6: DHCP Client Entries interface
50 GE-DSH-73/DSH-82 and DSH-82-PoE User Manual
Chapter 5: Web-Based Management
This page includes the following fields:
Object Description
IP Addr Specifies the Client's IP Address.
Client ID Specifies the Client's Hardware Address.
Type Specifies the Type of Binding: Dynamic / Manual.
Lease Specifies the Lease time left in seconds.
Port and IP Bindings
Assign the dynamic IP address bound with the port to the connected client. The user
is allowed to fill each port column with one particular IP address. When the device is
connecting to the port and asks for IP assigning, the system will assign the IP address
bound with the port.
Figure 5-7: Port and IP Bindings interface
GE-DSH-73/DSH-82 and DSH-82-PoE User Manual 51
Chapter 5: Web-Based Management
TFTP
It provides the functions allowing the user to update the switch firmware via the
Trivial File Transfer Protocol (TFTP) server. Before updating, make sure the TFTP server
is ready and the firmware image is located on the TFTP server.
Update Firmware
Use this menu to download a file from specified TFTP server to the Managed
Industrial Switch.
Figure 5-8: Update Firmware interface
This page includes the following fields:
Object Description
TFTP Server IP Address: Type in your TFTP server IP.
Firmware File Name: Type in the name of the firmware image file to be updated.
Restore Configuration
You can restore a previous backup configuration from the TFTP server to recover the
settings. Before doing that, you must locate the image file on the TFTP server first and
the Managed Industrial Switch will download back the flash image.
52 GE-DSH-73/DSH-82 and DSH-82-PoE User Manual
Chapter 5: Web-Based Management
Figure 5-9: Restore Configuration interface
This page includes the following fields:
Object Description
TFTP Server IP Address: Type in the TFTP server IP.
Restore File Name: Type in the correct file name for restoring.
Backup Configuration
You can back up the current configuration from flash ROM to the TFTP server for the
purpose of recovering the configuration later. It helps you to avoid wasting time on
configuring the settings by backing up the configuration.
Figure 5-10: Backup Configuration interface
GE-DSH-73/DSH-82 and DSH-82-PoE User Manual 53
Chapter 5: Web-Based Management
This page includes the following fields:
Object Description
TFTP Server IP Address: Type in the TFTP server IP.
Backup File Name: Type in the file name.
System Event Log
This page allows the user to decide whether to send the system event log, and select
the mode which the system event log will be sent to client only, server only, or both
client and server. What kind of event log will be issued to the client/server depends on
the selection on the Event Configuration tab. There are five types of event available to
be issued as the event log.
• Device Cold Start
• Device Warm Start
• Authentication Failure
• X-Ring Topology Change
• Port Event
Syslog Configuration
The System Logs enable viewing device events in real time, and recording the events
for later usage. System Logs record and manage events and report errors or
informational messages.
54 GE-DSH-73/DSH-82 and DSH-82-PoE User Manual
Chapter 5: Web-Based Management
Figure 5-11: Syslog Configuration interface
This page includes the following fields:
Object Description
Select the system log mode—Client Only, Server Only, or Both.
Client Only: the system event log will only be sent to this interface of
the switch
Syslog Client Mode:
System Log Server IP
Address:
Server Only: the system log will only be sent to the remote system
log server with its IP assigned.
Both: the system event log will be sent to the remote server and this
interface.
When the ‘Syslog Mode’ item is set as Server Only/Both, the user
has to assign the system log server IP address to which the log will
be sent.
GE-DSH-73/DSH-82 and DSH-82-PoE User Manual 55
Chapter 5: Web-Based Management
System Event Log-SMTP Configuration
Simple Mail Transfer Protocol (SMTP) is the standard for email transmissions across
the network. You can configure the SMTP server IP, mail subject, sender, mail account,
password, and the recipient email addresses, which the e-mail alert will send to.
There are also five types of event-Device Cold Start, Device Warm Start,
Authentication Failure, X-Ring Topology Change, and Port Event-available to be
issued as the e-mail alert. Besides, this function provides the authentication
mechanism including an authentication step through which the client effectively logs
in to the SMTP server during the process of sending e-mail alert.
Figure 5-12: SMTP Configuration interface
This page includes the following fields:
Object Description
With this function being enabled, the user is allowed to configure the
Email Alert:
SMTP Server IP:
Sender:
56 GE-DSH-73/DSH-82 and DSH-82-PoE User Manual
detail settings for sending the e-mail alert to the SMTP server when
the events occur.
Assign the mail server IP address (when Email Alert is enabled, this
function will then be available).
Type in an alias of the switch in complete email address format, e.g.,
to identify where the e-mail alert comes from.
Chapter 5: Web-Based Management
Object Description
Having ticked this checkbox, the mail account, password and
Authentication:
confirm password column fields will then show up. Configure the
email account and password for authentication when this switch
logs in to the SMTP server.
Mail Account:
Password: Type in the password for the email account.
Confirm Password: Reconfirm the password.
Rcpt e-mail Address 1 ~ 6:
Set up the email account, e.g. jack, to receive the email alert. It must
be an existing email account on the mail server.
You can also fill each of the column fields with up to 6 e-mail
accounts to receive the email alert.
System Event Log-Event Configuration
Having ticked the Syslog/SMTP checkboxes, the event log/email alert will be sent to
the system log server and the SMTP server respectively. Also, Port event log/alert (link
up, link down, and both) can be sent to the system log server/SMTP server
respectively by setting the trigger condition.
Figure 5-13: Event Configuration interface
GE-DSH-73/DSH-82 and DSH-82-PoE User Manual 57
Chapter 5: Web-Based Management
This page includes the following fields:
Object Description
There are 4 event types—Device Cold Start, Device Warm Start,
Authentication Failure, and X-ring Topology Change. The
checkboxes are not available for ticking unless the Syslog Client
Mode on the Syslog Configuration tab and the E-mail Alert on the
SMTP Configuration tab are enabled first.
Device cold start: When the device executes cold start action, the
system will issue the event log/email alert to the system log/SMTP
server respectively.
System event selection:
Port event selection:
Device warm start: When the device executes warm start, the
system will issue the event log/email alert to the system log/SMTP
server respectively.
Authentication Failure: When the SNMP authentication fails, the
system will issue the event log/email alert to the system log/SMTP
server respectively.
X-ring topology change: When the X-ring topology has changed, the
system will issue the event log/email alert to the system log/SMTP
server respectively.
Also, before the drop-down menu items are available, the Syslog
Client Mode selection item on the Syslog Configuration tab and the
E-mail Alert selection item on the SMTP Configuration tab must be
enabled first. Those drop-down menu items have 3 selections—Link
UP, Link Down, and Link UP & Link Down. Disable means no event
will be sent to the system log/SMTP server.
Link UP: The system will only issue a log message when the link-up
event of the port occurs.
Link Down: The system will only issue a log message when the linkdown event of port occurs.
Link UP & Link Down: The system will issue a log message at the
time when port connection is link-up and link-down.
58 GE-DSH-73/DSH-82 and DSH-82-PoE User Manual
Chapter 5: Web-Based Management
Fault Relay Alarm
The Fault Relay Alarm function provides the Power Failure and Port Link Down/Broken
detection. With both power input 1 and power input 2 installed and the check boxes
of power 1/power 2 ticked, the FAULT LED indicator will then be possible to light up
when any one of the power failures occurs. As for the Port Link Down/Broken
detection, the FAULT LED indicator will light up when the port failure occurs; certainly
the check box beside the port must be ticked first. Please refer to the segment of
'Wiring the Fault Alarm Contact' for the failure detection.
Figure 5-14: Fault Relay Alarm interface
This page includes the following fields:
Object Description
Power Failure:
Port Link Down/Broken:
Tick the check box to enable the function of lighting up the FAULT
LED on the panel when power fails.
Tick the check box to enable the function of lighting up FAULT LED
on the panel when Ports’ states are link down or broken.
GE-DSH-73/DSH-82 and DSH-82-PoE User Manual 59
Chapter 5: Web-Based Management
SNTP Configuration
SNTP (Simple Network Time Protocol) is a simplified version of NTP, which is an
Internet protocol used to synchronize the clocks of computers to some time
reference. Because time usually just advances, the time on different node stations will
be different. With the communicating programs running on those devices, it would
cause time to jump forward and back, a non-desirable effect. Therefore, the switch
provides comprehensive mechanisms to access national time and frequency
dissemination services, organize the time-synchronization subnet and the local clock
in each participating subnet peer.
Daylight saving time (DST) is the convention of advancing clocks so that afternoons
have more daylight and mornings have less. Typically clocks are adjusted forward
one hour near the start of spring and are adjusted backward in autumn.
Figure 5-15: SNTP Configuration interface
This page includes the following fields:
Object Description
SNTP Client: Enable/disable SNTP function to get the time from the SNTP server.
This is used as a control switch to enable/disable daylight saving
period and daylight saving offset. Users can configure Daylight Saving
Daylight Saving Time:
60 GE-DSH-73/DSH-82 and DSH-82-PoE User Manual
Period and Daylight Saving Offset in a certain period time and offset
time while there is no need to enable daylight saving function.
Afterwards, users can just set this item as enable without assign
Daylight Saving Period and Daylight Saving Offset again.
Chapter 5: Web-Based Management
UTC Timezone:
SNTP Sever URL:
Switch Timer:
Daylight Saving Period:
Daylight Saving Offset
(mins):
Universal Time, Coordinated. Set the switch location time zone. The
following table lists the different location time zone for your reference.
Set the SNTP server IP address. You can assign a local network time
server IP address or an internet time server IP address.
When the switch has successfully connected to the SNTP server whose
IP address was assigned in the column field of SNTP Server URL, the
current coordinated time is displayed here.
Set up the Daylight Saving beginning date/time and Daylight Saving
ending date/time. Please key in the value in the format of ‘YYYYMMDD’
and ‘HH:MM’ (leave a space between ‘YYYYMMDD’ and ‘HH:MM’).
YYYYMMDD: an eight-digit year/month/day specification.
HH:MM: a five-digit (including a colon mark) hour/minute specification.
For example, key in ‘20070701 02:00’ and ‘20071104 02:04’ in the two
column fields respectively to represent that DST begins at 2:00 a.m. on
March 11, 2007 and ends at 2:00 a.m. on November 4, 2007.
For non-US and European countries, specify the amount of time for
day light savings. Please key in the valid figure in the range of minute
between 0 and 720, which means you can set the offset up to 12
hours.
GE-DSH-73/DSH-82 and DSH-82-PoE User Manual 61
Chapter 5: Web-Based Management
Local Time Zone Conversion from UTC Time at 12:00 UTC
November Time Zone - 1 hour 11am
Oscar Time Zone -2 hours 10 am
ADT - Atlantic Daylight -3 hours 9 am
AST - Atlantic Standard
-4 hours 8 am
EDT - Eastern Daylight
EST - Eastern Standard
-5 hours 7 am
CDT - Central Daylight
CST - Central Standard
-6 hours 6 am
MDT - Mountain Daylight
MST - Mountain Standard
-7 hours 5 am
PDT - Pacific Daylight
PST - Pacific Standard
-8 hours 4 am
ADT - Alaskan Daylight
ALA - Alaskan Standard -9 hours 3 am
HAW - Hawaiian Standard -10 hours 2 am
Nome, Alaska -11 hours 1 am
CET - Central European
FWT - French Winter
MET - Middle European
+1 hour 1 pm
MEWT - Middle European Winter
SWT - Swedish Winter
EET - Eastern European, USSR Zone 1 +2 hours 2 pm
BT - Baghdad, USSR Zone 2 +3 hours 3 pm
ZP4 - USSR Zone 3 +4 hours 4 pm
ZP5 - USSR Zone 4 +5 hours 5 pm
ZP6 - USSR Zone 5 +6 hours 6 pm
WAST - West Australian Standard +7 hours 7 pm
62 GE-DSH-73/DSH-82 and DSH-82-PoE User Manual
Chapter 5: Web-Based Management
Local Time Zone Conversion from UTC Time at 12:00 UTC
CCT - China Coast, USSR Zone 7 +8 hours 8 pm
JST - Japan Standard, USSR Zone 8 +9 hours 9 pm
EAST - East Australian Standard GST
Guam Standard, USSR Zone 9
IDLE - International Date Line
NZST - New Zealand Standard
NZT - New Zealand
+10 hours 10 pm
+12 hours Midnight
IP Security
IP security function allows the user to assign 10 specific IP addresses that have
permission to manage the switch through the http and telnet services for the
securing switch management. The purpose of giving the limited IP addresses
permission is to allow only the authorized personnel/device can do the management
task on the switch.
Figure 5-16: SNTP Configuration interface
GE-DSH-73/DSH-82 and DSH-82-PoE User Manual 63
Chapter 5: Web-Based Management
This page includes the following fields:
Object Description
Having set this selection item in the Enable mode, the Enable HTTP
IP Security Mode:
Enable HTTP Server:
Enable Telnet Server:
Security IP 1 ~ 10:
Server, Enable Telnet Server checkboxes and the ten security IP column
fields will then be available. If not, those items will appear in grey.
Having ticked this checkbox, the devices whose IP addresses match
any one of the ten IP addresses in the Security IP1 ~ IP10 table will be
given the permission to access this switch via HTTP service.
Having ticked this checkbox, the devices whose IP addresses match
any one of the ten IP addresses in the Security IP1 ~ IP10 table will be
given the permission to access this switch via telnet service.
The system allows the user to assign up to 10 specific IP addresses for
access security. Only these 10 IP addresses can access and manage
the switch through the HTTP/Telnet service once IP Security Mode is
enabled.
NOTE: Remember to execute the "Save Configuration" action, otherwise the new
configuration will be lost when the switch powers off.
User Authentication
Change web management login user name and password for the management
security issue.
Figure 5-17: User Authentication interface
64 GE-DSH-73/DSH-82 and DSH-82-PoE User Manual
Chapter 5: Web-Based Management
This page includes the following fields:
Object Description
User name:
Password:
Confirm password: Re-type the new password
Type in the new user name
The default user name is ‘admin’
Type in the new password
The default is ‘admin’
Port Management
Port Statistics
The following chart provides the current statistic information, which displays the realtime packet transfer status for each port. The user might use the information to plan
and implement the network, or check and find the problem when the collision or
heavy traffic occurs.
Figure 5-18: Port Statistics interface
GE-DSH-73/DSH-82 and DSH-82-PoE User Manual 65
Chapter 5: Web-Based Management
This page includes the following fields:
Object Description
Port: The port number.
Type: Displays the current speed of connection to the port.
Link: The status of linking—‘Up’ or ‘Down’.
State:
Tx Good Packet: The counts of transmitting good packets via this port.
Tx Bad Packet:
Rx Good Packet: The counts of receiving good packets via this port.
Rx Bad Packet:
Tx Abort Packet: The aborted packet while transmitting.
Packet Collision: The counts of collision packet.
Packet Dropped: The counts of dropped packet.
Rx Bcast Packet: The counts of broadcast packet.
Rx Mcast Packet: The counts of multicast packet.
It’s set by Port Control. When the state is disabled, the port will not
transmit or receive any packet.
The counts of transmitting bad packets (including undersize [less than
64 octets], oversize, CRC Align errors, fragments and jabbers packets)
via this port.
The counts of receiving good packets (including undersize [less than 64
octets], oversize, CRC error, fragments and jabbers) via this port.
Port Control
In Port control you can configure the settings of each port to control the connection
parameters, and the status of each port is listed beneath.
66 GE-DSH-73/DSH-82 and DSH-82-PoE User Manual
Chapter 5: Web-Based Management
Figure 5-19: Port Control interface
This page includes the following fields:
Object Description
Port:
State:
Negotiation:
Speed:
Duplex:
Flow Control:
Use the scroll bar and click on the port number to choose the port to be
configured.
Current port state. The port can be set to disable or enable mode. If the port
state is set as ‘Disable’, it will not receive or transmit any packet.
Auto and Force. Being set as Auto, the speed and duplex mode are negotiated
automatically. When you set it as Force, you have to set the speed and duplex
mode manually.
It is available for selecting when the Negotiation column is set as Force. When
the Negotiation column is set as Auto, this column is read-only.
It is available for selecting when the Negotiation column is set as Force. When
the Negotiation column is set as Auto, this column is read-only.
Whether or not the receiving node sends feedback to the sending node is
determined by this item. When enabled, once the device exceeds the input data
rate of another device, the receiving device will send a PAUSE frame which halts
the transmission of the sender for a specified period of time. When disabled, the
receiving device will drop the packet if too much to process.
When the Security selection is set as ‘On’, any access from the device which
Security:
connects to this port will be blocked unless the MAC address of the device is
included in the static MAC address table. See the segment of MAC Address
Table—Static MAC Addresses.
GE-DSH-73/DSH-82 and DSH-82-PoE User Manual 67
Chapter 5: Web-Based Management
Port Trunk
Port trunking is the combination of several ports or network cables to expand the
connection speed beyond the limits of any one single port or network cable. Link
Aggregation Control Protocol (LACP), which is a protocol running on layer 2, provides
a standardized means in accordance with IEEE 802.3ad to bundle several physical
ports together to form a single logical channel. All the ports within the logical channel
or so-called logical aggregator work at the same connection speed and LACP
operation requires full-duplex mode.
68 GE-DSH-73/DSH-82 and DSH-82-PoE User Manual
Chapter 5: Web-Based Management
Aggregator setting
This section provides Port Trunk-Aggregator Setting of each port from the Switch, the
screen in Figure 5-20 appears.
Figure 5-20: Port Trunk-Aggregator Setting interface (two ports are added to the left field with
LACP enabled)
This page includes the following fields:
Object Description
A value which is used to identify the active LACP. The Managed Industrial
System Priority:
Group ID:
LACP:
Switch with the lowest value has the highest priority and is selected as
the active LACP peer of the trunk group.
There are 13 trunk groups to be selected. Assign the "Group ID" to the
trunk group.
When enabled, the trunk group is using LACP. A port which joins an LACP
trunk group has to make an agreement with its member ports first.
Please notice that a trunk group, including member ports split between
two switches, has to enable the LACP function of the two switches. When
disabled, the trunk group is a static trunk group. The advantage of having
the LACP disabled is that a port joins the trunk group without any
handshaking with its member ports; but member ports won’t know that
they should be aggregated together to form a logic trunk group.
GE-DSH-73/DSH-82 and DSH-82-PoE User Manual 69
Chapter 5: Web-Based Management
Object Description
This column field allows the user to type in the total number of active port
up to four. With LACP static trunk group, e.g. you assign four ports to be
the members of a trunk group whose work ports column field is set as
Work ports:
two; the exceed ports are standby/redundant ports and can be
aggregated if working ports fail. If it is a static trunk group (non-LACP), the
number of work ports must equal the total number of group member
ports.
Aggregator Information
When you have setup the LACP aggregator, you will see relavent information in here.
• LACP disabled
Having set up the aggregator setting with LACP disabled, you will see the local static
trunk group information on the tab of Aggregator Information.
Figure 5-21: Assigning 2 ports to a trunk group with LACP disabled
70 GE-DSH-73/DSH-82 and DSH-82-PoE User Manual
Chapter 5: Web-Based Management
Figure 5-22: Static Trunking Group information
This page includes the following fields:
Object Description
Group Key: This is a read-only column field that displays the trunk group ID.
Port Member:
This is a read-only column field that displays the members of this
static trunk group.
• LACP enabled
Having set up the aggregator setting with LACP enabled, you will see the trunking
group information between two switches on the tab of Aggregator Information.
o Switch 1 configuration
1. Set System Priority of the trunk group. The default is 1.
2. Select a trunk group ID by pull down the drop-down menu bar.
3. Enable LACP.
4. Include the member ports by clicking the Add button after selecting the port
number and the column field of Work Ports changes automatically.
GE-DSH-73/DSH-82 and DSH-82-PoE User Manual 71
Chapter 5: Web-Based Management
Figure 5-23: Aggregation Information of Switch 1
5. Click on the tab of Aggregator Information to check the trunked group information
as the illustration shown above after the two switches configured.
o Switch 2 configuration
6. Set System Priority of the trunk group. For example: 32768.
7. Select a trunk group ID by pull down the drop-down menu bar.
8. Enable LACP.
9. Include the member ports by clicking the Add button after selecting the port
number and the column field of Work Ports changes automatically.
Figure 5-24: Switch 2 configuration interface
10. Click on the tab of Aggregator Information to check the trunked group
information as the illustration shown above after the two switches configured.
72 GE-DSH-73/DSH-82 and DSH-82-PoE User Manual
Chapter 5: Web-Based Management
Figure 5-25: Switch 1 Aggregator Information
State Activity
Having set up the LACP aggregator on the tab of Aggregator Setting, you can
configure the state activity for the members of the LACP trunk group. You can tick or
cancel the checkbox beside the state label. When you remove the tick mark of the
port and click APPLY, the port state activity will change to Passive.
Figure 5-26: State Activity of Switch 1
This page includes the following fields:
Object Description
Active: The port automatically sends LACP protocol packets.
The port does not automatically send LACP protocol packets, and
Passive:
responds only if it receives LACP protocol packets from the opposite
device.
GE-DSH-73/DSH-82 and DSH-82-PoE User Manual 73
Chapter 5: Web-Based Management
Figure 5-27: State Activity of Switch 2
NOTE: A link having two passive LACP nodes will not perform dynamic LACP trunk
because both ports are waiting for an LACP protocol packet from the opposite device.
Port Mirroring
The Port mirroring is a method for monitor traffic in switched networks. Traffic
through ports can be monitored by one specific port, which means traffic goes in or
out monitored (source) ports will be duplicated into mirror (destination) port.
Figure 5-28: Port Trunk - Port Mirroring interface
74 GE-DSH-73/DSH-82 and DSH-82-PoE User Manual
Chapter 5: Web-Based Management
This page includes the following fields:
Object Description
There is only one port can be selected to be destination (mirror) port for
monitoring both RX and TX traffic which come from source port. Or,
Destination Port:
Source Port:
use one of two ports for monitoring RX traffic only and the other one
for TX traffic only. User can connect mirror port to LAN analyzer or
Netxray.
The ports that user wants to monitor. All monitored port traffic will be
copied to mirror (destination) port. User can select multiple source
ports by checking the RX or TX check boxes to be monitored.
Rate Limiting
You can set up every port's bandwidth rate and frame limitation type.
• Ingress Limit Frame type: select the frame type that wants to filter. There are four
frame types for selecting:
o All
o Broadcast/Multicast/Flooded Unicast
o Broadcast/Multicast
o Broadcast only
Broadcast/Multicast/Flooded Unicast, Broadcast/Multicast and Broadcast only types
are only for ingress frames. The egress rate only supports All type.
GE-DSH-73/DSH-82 and DSH-82-PoE User Manual 75
Chapter 5: Web-Based Management
Figure 5-29: Rate Limiting interface
• All the ports support port ingress and egress rate control. For example, assume
port 1 is 10Mbps, users can set it's effective egress rate is 1Mbps, ingress rate is
500Kbps. The switch performs the ingress rate by packet counter to meet the
specified rate
o Ingress: Enter the port effective ingress rate (The default value is "0").
o Egress: Enter the port effective egress rate (The default value is "0").
• And then, click APPLY to apply the settings
Protocol
This section has the following items:
• VLAN
• Rapid Spanning Tree protocol
• SNMP
• QoS
• IGMP Snooping
76 GE-DSH-73/DSH-82 and DSH-82-PoE User Manual
Chapter 5: Web-Based Management
VLAN Configuration
VLAN Overview
A Virtual LAN (VLAN) is a logical network grouping that limits the broadcast domain. It
allows you to isolate network traffic so only members of the VLAN receive traffic from
the same VLAN members. Basically, creating a VLAN from a switch is logically
equivalent of reconnecting a group of network devices to another Layer 2 switch.
However, all the network devices are still plug into the same switch physically.
The Managed Industrial Switch supports IEEE 802.1Q (tagged-based) and Port-Base
VLAN setting in web management page. In the default configuration, VLAN support is
"Disable".
• Port-based VLAN
Port-based VLAN limit traffic that flows into and out of switch ports. Thus, all devices
connected to a port are members of the VLAN(s) the port belongs to, whether there is
a single computer directly connected to a switch, or an entire department.
On port-based VLAN.NIC do not need to be able to identify 802.1Q tags in packet
headers. NIC send and receive normal Ethernet packets. If the packet's destination
lies on the same segment, communications take place using normal Ethernet
protocols. Even though this is always the case, when the destination for a packet lies
on another switch port, VLAN considerations come into play to decide if the packet is
dropped by the Switch or delivered.
• IEEE 802.1Q VLANs
IEEE 802.1Q (tagged) VLAN are implemented on the Switch. 802.1Q VLAN require
tagging, which enables them to span the entire network (assuming all switches on
the network are IEEE 802.1Q-compliant).
VLAN allow a network to be segmented in order to reduce the size of broadcast
domains. All packets entering a VLAN will only be forwarded to the stations (over IEEE
802.1Q enabled switches) that are members of that VLAN, and this includes
broadcast, multicast and unicast packets from unknown sources.
VLAN can also provide a level of security to your network. IEEE 802.1Q VLAN will only
deliver packets between stations that are members of the VLAN. Any port can be
configured as either tagging or untagging:
o The untagging feature of IEEE 802.1Q VLAN allows VLAN to work with legacy
switches that don't recognize VLAN tags in packet headers.
o The tagging feature allows VLAN to span multiple 802.1Q-compliant switches
through a single physical connection and allows Spanning Tree to be enabled
on all ports and work normally.
Some relevant terms:
GE-DSH-73/DSH-82 and DSH-82-PoE User Manual 77
Chapter 5: Web-Based Management
Tagging - The act of putting 802.1Q VLAN information into the header of a packet.
Untagging - The act of stripping 802.1Q VLAN information out of the packet header.
• 802.1Q VLAN Tags
The figure below shows the 802.1Q VLAN tag. There are four additional octets
inserted after the source MAC address. Their presence is indicated by a value of
0x8100 in the Ether Type field. When a packet's Ether Type field is equal to 0x8100,
the packet carries the IEEE 802.1Q/802.1p tag. The tag is contained in the following
two octets and consists of 3 bits of user priority, 1 bit of Canonical Format Identifier
(CFI - used for encapsulating Token Ring packets so they can be carried across
Ethernet backbones), and 12 bits of VLAN ID (VID). The 3 bits of user priority are used
by 802.1p. The VID is the VLAN identifier and is used by the 802.1Q standard. Because
the VID is 12 bits long, 4094 unique VLAN can be identified.
The tag is inserted into the packet header making the entire packet longer by 4
octets. All of the information originally contained in the packet is retained.
802.1Q Tag
User Priority CFI VLAN ID (VID)
3 bits 1 bits 12 bits
TPID (Tag Protocol Identifier) TCI (Tag Control Information)
2 bytes 2 bytes
Preamble
Destination
Address
6 bytes 6 bytes 4 bytes 2 bytes 46-1517 bytes 4 bytes
Source
Address
VLAN TAG
Ethernet
Type
Data FCS
The Ether Type and VLAN ID are inserted after the MAC source address, but before
the original Ether Type/Length or Logical Link Control. Because the packet is now a bit
longer than it was originally, the Cyclic Redundancy Check (CRC) must be
recalculated.
Adding an IEEE802.1Q Tag
Dest. Addr. Src. Addr. Length/E. type Data Old CRC
Dest. Addr. Src. Addr. E. type Tag Length/E. type Data New CRC
Priority CFI VLAN ID
78 GE-DSH-73/DSH-82 and DSH-82-PoE User Manual
Original Ethernet
New Tagged Packet
Chapter 5: Web-Based Management
• Port VLAN ID
Packets that are tagged (are carrying the 802.1Q VID information) can be transmitted
from one 802.1Q compliant network device to another with the VLAN information
intact. This allows 802.1Q VLAN to span network devices (and indeed, the entire
network - if all network devices are 802.1Q compliant).
Every physical port on a switch has a PVID. 802.1Q ports are also assigned a PVID, for
use within the switch. If no VLAN are defined on the switch, all ports are then
assigned to a default VLAN with a PVID equal to 1. Untagged packets are assigned
the PVID of the port on which they were received. Forwarding decisions are based
upon this PVID, in so far as VLAN are concerned. Tagged packets are forwarded
according to the VID contained within the tag. Tagged packets are also assigned a
PVID, but the PVID is not used to make packet forwarding decisions, the VID is.
Tag-aware switches must keep a table to relate PVID within the switch to VID on the
network. The switch will compare the VID of a packet to be transmitted to the VID of
the port that is to transmit the packet. If the two VID are different the switch will drop
the packet. Because of the existence of the PVID for untagged packets and the VID
for tagged packets, tag-aware and tag-unaware network devices can coexist on the
same network.
A switch port can have only one PVID, but can have as many VID as the switch has
memory in its VLAN table to store them.
Because some devices on a network may be tag-unaware, a decision must be made
at each port on a tag-aware device before packets are transmitted - should the
packet to be transmitted have a tag or not? If the transmitting port is connected to a
tag-unaware device, the packet should be untagged. If the transmitting port is
connected to a tag-aware device, the packet should be tagged.
• Default VLANs
The Switch initially configures one VLAN, VID = 1, called "default." The factory default
setting assigns all ports on the Switch to the "default". As new VLAN are configured in
Port-based mode, their respective member ports are removed from the "default."
NOTE: No matter what basis is used to uniquely identify end nodes and assign these
nodes VLAN membership, packets cannot cross VLAN without a network device
performing a routing function between the VLAN.
The Switch supports Port-based VLAN and IEEE 802.1Q VLAN. The port untagging
function can be used to remove the 802.1 tag from packet headers to maintain
compatibility with devices that are tag-unaware.
GE-DSH-73/DSH-82 and DSH-82-PoE User Manual 79
Chapter 5: Web-Based Management
VLAN Configuration
A Virtual LAN (VLAN) is a logical network grouping that limits the broadcast domain. It
allows you to isolate network traffic so only members of the VLAN receive traffic from
the same VLAN members. Basically, creating a VLAN from a switch is logically
equivalent of reconnecting a group of network devices to another Layer 2 switch.
However, all the network devices are still plug into the same switch physically.
The Industrial Switch supports Port-based, 802.1Q (Tagged-based) and GVRP VLAN in
web management page. In the default configuration, VLAN support is "Disable".
Figure 5-30: VLAN Configuration interface
Port-based VLAN
A port-based VLAN basically consists of its members-ports, which means that the
VLAN is created by grouping the selected ports. This method provides the
convenience for users to configure a simple VLAN easily without complicated steps.
Packets can go among only members of the same VLAN group. Note all unselected
ports are treated as belonging to another single VLAN. If the port-based VLAN
enabled, the VLAN-tagging is ignored. The port-based VLAN function allows the user
to create separate VLANs to limit the unnecessary packet flooding; however, for the
purpose of sharing resource, a single port called a common port can belongs to
different VLANs, which all the member devices (ports) in different VLANs have the
permission to access the common port while they still cannot communicate with
each other in different VLANs.
80 GE-DSH-73/DSH-82 and DSH-82-PoE User Manual
Chapter 5: Web-Based Management
Figure 5-31: VLAN - Port Based interface
• Pull down the selection item and focus on Port Based then press to set the VLAN
Operation Mode in Port Based mode.
Click ADD to add a new VLAN group (The maximum VLAN groups are up to 64).
Figure 5-32: VLAN - Port Based Add interface
• Enter the group name and VLAN ID. Add the selected port number into the right
field to group these members to be a VLAN group, or remove any of them listed in
the right field from the VLAN.
• And then, click APPLY to have the configuration take effect.
• You will see the VLAN list displays.
GE-DSH-73/DSH-82 and DSH-82-PoE User Manual 81
Chapter 5: Web-Based Management
Figure 5-33: VLAN-Port Based Edit/Delete interface
• Use DELETE to delete the VLAN.
• Use EDIT to modify group name, VLAN ID, or add/remove the members of the
existing VLAN group.
NOTE: Remember to execute the "Save Configuration" action, otherwise the new
configuration will be lost when switch power off.
802.1Q VLAN
Virtual Local Area Network (VLAN) can be implemented on the Industrial Switch to
logically create different broadcast domain.
When the 802.1Q VLAN function is enabled, all ports on the switch belong to default
VLAN of VID 1, which means they logically are regarded as members of the same
broadcast domain. The valid VLAN ID is in the range of number between 1 and 4094.
The amount of VLAN groups is up to 256 including default VLAN that cannot be
deleted.
Each member port of 802.1Q is on either an Access Link (no VLAN-tagged) or a Trunk
Link (VLAN-tagged)[KK1]. All frames on an Access Link carry no VLAN identification.
Conversely, all frames on a Trunk Link are VLAN-tagged. Besides, there is the third
mode-Hybrid. A Hybrid Link can carry both VLAN-tagged frames and untagged
frames. A single port is supposed to belong to one VLAN group, except it is on a
Trunk/Hybrid Link.
The technique of 802.1Q tagging inserts a 4-byte tag, including VLAN ID of the
destination port-PVID, in the frame. With the combination of Access/Trunk/Hybrid
Links, the communication across switches also can make the packet sent through
tagged and untagged ports.
82 GE-DSH-73/DSH-82 and DSH-82-PoE User Manual
Chapter 5: Web-Based Management
• 802.1Q VLAN Port Configuration
This page is used for configuring the Industrial Switch port VLAN. The VLAN per Port
Configuration page contains fields for managing ports that are part of a VLAN. The
port default VLAN ID (PVID) is configured on the VLAN Port Configuration page. All
untagged packets arriving to the device are tagged by the ports PVID.
Understanding the nomenclature of the Switch
• IEEE 802.1Q Tagged and Untagged
Every port on an 802.1Q compliant switch can be configured as tagged or untagged.
Tagged
(Trunk Link)
Ports with tagging enabled will put the VID number, priority and other VLAN
information into the header of all packets that flow into those ports. If a packet has
previously been tagged, the port will not alter the packet, thus keeping the VLAN
information intact. The VLAN information in the tag can then be used by other
802.1Q compliant devices on the network to make packet-forwarding decisions.
Untagged
(Access Link)
Ports with untagging enabled will strip the 802.1Q tag from all packets that flow into
those ports. If the packet doesn't have an 802.1Q VLAN tag, the port will not alter the
packet. Thus, all packets received by and forwarded by an untagging port will have
no 802.1Q VLAN information. (Remember that the PVID is only used internally within
the Switch). Untagging is used to send packets from an 802.1Q-compliant network
device to a non-compliant network device.
Frame Income
Frame Leave
Leave port is tagged Frame remains tagged Tag is inserted
Leave port is untagged Tag is removed Frame remain untagged
Income Frame is tagged Income Frame is untagged
Here pay attention to the explaining of "Access", "Trunk" and "Hybrid".
• Access: Ports will strip the 802.1Q tag from all packets that out of those ports. If
the packet doesn't have an 802.1Q VLAN tag, the port will not alter the packet.
Thus, all packets received by and forwarded by an untagging port will have no
802.1Q VLAN information. Untagging is used to send packets from an 802.1Qcompliant network device to a non-compliant network device.
Ports with "Access" mode belong to a single untagged VLAN.
• Trunk: Ports with tagging enabled will put the VID number, priority and other VLAN
information into the header of all packets that out of those ports. If a packet has
previously been tagged, the port will not alter the packet, thus keeping the VLAN
information intact. The VLAN information in the tag can then be used by other
802.1Q compliant devices on the network to make packet forwarding decisions.
GE-DSH-73/DSH-82 and DSH-82-PoE User Manual 83
Chapter 5: Web-Based Management
• Hybrid: The port belongs to VLANs, and each VLAN is user-defined as tagged or
untagged (full 802.1Q mode). Ports will strip the 802.1Q tag from all packets that
out of those ports.
Port Mode VLAN Membership Frame Leave
Access Link Belongs to a single untagged VLAN
Trunk Link
Hybrid Link
Allowed to belongs to multiple Tagged
VLANs at the same time
Allowed to belongs to multiple untagged
VLANs at the same time
Untagged
( Tag=PVID be removed)
Tagged
(Tag=PVID or Original VID be remained)
Untagged by specify VID
The 802.1Q VLAN Port Configuration screen is shown below:
Figure 5-34: 802.1Q VLAN mode
84 GE-DSH-73/DSH-82 and DSH-82-PoE User Manual
Chapter 5: Web-Based Management
This page includes the following fields:
Object Description
GVRP (GARP VLAN Registration Protocol) is a protocol that facilitates
control of virtual local area networks (VLANs) within a larger network.
GVRP conforms to the IEEE 802.1Q specification, which defines a method
of tagging frames with VLAN configuration data. This allows network
devices to dynamically exchange VLAN configuration information with
Enable GVRP Protocol:
Management VLAN ID:
other devices. For example, having enabled GVRP on two switches, they
are able to automatically exchange the information of their VLAN
database. Therefore, the user doesn’t need to manually configure
whether the link is trunk or hybrid, the packets belonging to the same
VLAN can communicate across switches. Tick this checkbox to enable
GVRP protocol. This checkbox is available while the VLAN Operation
Mode is in 802.1Q mode.
Only when the VLAN members, whose Untagged VID (PVID) equals to the
value in this column, will have the permission to access the switch. The
default value is ‘0’ that means this limit is not enabled (all members in
different VLANs can access this switch).
Link Type:
There are 3 types of link type.
Access Link:
A segment which provides the link path for one or more stations to the
VLAN-aware device. An Access Port (untagged port), connected to the
access link, has an untagged VID (also called PVID). After an untagged
frame gets into the access port, the switch will insert a four-byte tag in
the frame. The contents of the last 12-bit of the tag is untagged VID.
When this frame is sent out through any of the access port of the same
PVID, the switch will remove the tag from the frame to recover it to what
it was. Those ports of the same untagged VID are regarded as the same
VLAN group members.
Trunk Link:
A segment which provides the link path for one or more VLAN-aware
devices (switches). A Trunk Port, connected to the trunk link, has an
understanding of tagged frame, which is used for the communication
among VLANs across switches. Which frames of the specified VIDs will
be forwarded depends on the values filled in the Tagged VID column
field. Please insert a comma between two VIDs.
Hybrid Link:
A segment which consists of Access and Trunk links. The hybrid port has
both the features of access and trunk ports. A hybrid port has a PVID
belonging to a particular VLAN, and it also forwards the specified
tagged-frames for the purpose of VLAN communication across
switches.
Untagged VID:
GE-DSH-73/DSH-82 and DSH-82-PoE User Manual 85
This column field is available when Link Type is set as Access Link and
Hybrid Link. Assign a number in the range between 1 an 4094.
Chapter 5: Web-Based Management
Object Description
Tagged VID:
This column field is available when Link Type is set as Trunk Link and
Hybrid Link. Assign a number in the range between 1 an 4094.
NOTE: Access Link:
Because the access port doesn't have an understanding of tagged frame, the column
field of Tagged VID is not available.
NOTE: Trunk Link
1. A trunk port doesn't insert tag into an untagged frame, and therefore the untagged
VID column field is not available.
2. It's not necessary to type '1' in the tagged VID. The trunk port will forward the
frames of VLAN 1.
3. The trunk port has to be connected to a trunk/hybrid port of the other switch. Both
the tagged VID of the two ports have to be the same.
NOTE: Hybrid Link
1. It's not necessary to type '1' in the tagged VID. The hybrid port will forward the
frames of VLAN 1.
2. The trunk port has to be connected to a trunk/hybrid port of the other switch. Both
the tagged VID of the two ports have to be the same.
• Pull down the selection item and focus on 802.1Q then press to set the VLAN
Operation Mode in 802.1Q mode
• You can see the link type, untagged VID, and tagged VID information of each port
in the table below on the screen.
86 GE-DSH-73/DSH-82 and DSH-82-PoE User Manual
Chapter 5: Web-Based Management
Figure 5-35: 802.1Q VLAN interface
• Group Configuration
Edit the existing VLAN Group.
• Select the VLAN group in the table list.
• Click EDIT.
Figure 5-36: Group Configuration interface
GE-DSH-73/DSH-82 and DSH-82-PoE User Manual 87
Chapter 5: Web-Based Management
• You can modify the VLAN group name and VLAN ID.
Figure 5-37: Group Configuration interface
• Click APPLY.
Rapid Spanning Tree Protocol
The Rapid Spanning Tree Protocol (RSTP) is an evolution of the Spanning Tree Protocol
and provides for faster spanning tree convergence after a topology change. The
system also supports STP and the system will auto-detect the connected device that
is running STP or RSTP protocol.
Theory
The Spanning Tree protocol can be used to detect and disable network loops, and to
provide backup links between switches, bridges or routers. This allows the switch to
interact with other bridging devices in your network to ensure that only one route
exists between any two stations on the network, and provide backup links, which
automatically take over when a primary link goes down. The spanning tree
algorithms supported by this switch include these versions:
• STP - Spanning Tree Protocol (IEEE 802.1D)
• RSTP - Rapid Spanning Tree Protocol (IEEE 802.1w)
The IEEE 802.1D Spanning Tree Protocol and IEEE 802.1W Rapid Spanning Tree
Protocol allow for the blocking of links between switches that form loops within the
network. When multiple links between switches are detected, a primary link is
established. Duplicated links are blocked from use and become standby links. The
88 GE-DSH-73/DSH-82 and DSH-82-PoE User Manual
Chapter 5: Web-Based Management
protocol allows for the duplicate links to be used in the event of a failure of the
primary link. Once the Spanning Tree Protocol is configured and enabled, primary
links are established and duplicated links are blocked automatically. The reactivation
of the blocked links (at the time of a primary link failure) is also accomplished
automatically without operator intervention.
This automatic network reconfiguration provides maximum uptime to network users.
However, the concepts of the Spanning Tree Algorithm and protocol are a
complicated and complex subject and must be fully researched and understood. It is
possible to cause serious degradation of the performance of the network if the
Spanning Tree is incorrectly configured. Please read the following before making any
changes from the default values.
The Switch STP performs the following functions:
• Creates a single spanning tree from any combination of switching or bridging
elements.
• Creates multiple spanning trees - from any combination of ports contained within
a single switch, in user specified groups.
• Automatically reconfigures the spanning tree to compensate for the failure,
addition, or removal of any element in the tree.
• Reconfigures the spanning tree without operator intervention.
Bridge Protocol Data Units
For STP to arrive at a stable network topology, the following information is used:
• The unique switch identifier
• The path cost to the root associated with each switch port
• The port identifier
STP communicates between switches on the network using Bridge Protocol Data
Units (BPDUs). Each BPDU contains the following information:
• The unique identifier of the switch that the transmitting switch currently believes
is the root switch.
• The path cost to the root from the transmitting port.
• The port identifier of the transmitting port.
The switch sends BPDUs to communicate and construct the spanning-tree topology.
All switches connected to the LAN on which the packet is transmitted will receive the
BPDU. BPDUs are not directly forwarded by the switch, but the receiving switch uses
the information in the frame to calculate a BPDU, and, if the topology changes,
initiates a BPDU transmission.
GE-DSH-73/DSH-82 and DSH-82-PoE User Manual 89
Chapter 5: Web-Based Management
The communication between switches via BPDUs results in the following:
• One switch is elected as the root switch.
• The shortest distance to the root switch is calculated for each switch.
• A designated switch is selected. This is the switch closest to the root switch
through which packets will be forwarded to the root.
• A port for each switch is selected. This is the port providing the best path from the
switch to the root switch.
• Ports included in the STP are selected.
Creating a Stable STP Topology
It is to make the root port a fastest link. If all switches have STP enabled with default
settings, the switch with the lowest MAC address in the network will become the root
switch. By increasing the priority (lowering the priority number) of the best switch, STP
can be forced to select the best switch as the root switch.
When STP is enabled using the default parameters, the path between source and
destination stations in a switched network might not be ideal. For instance,
connecting higher-speed links to a port that has a higher number than the current
root port can cause a root-port change.
STP Port States
The BPDUs take some time to pass through a network. This propagation delay can
result in topology changes where a port that transitioned directly from a Blocking
state to a Forwarding state could create temporary data loops. Ports must wait for
new network topology information to propagate throughout the network before
starting to forward packets. They must also wait for the packet lifetime to expire for
BPDU packets that were forwarded based on the old topology. The forward delay
timer is used to allow the network topology to stabilize after a topology change. In
addition, STP specifies a series of states a port must transition through to further
ensure that a stable network topology is created after a topology change.
Each port on a switch using STP exists is in one of the following five states:
• Blocking - the port is blocked from forwarding or receiving packets.
• Listening - the port is waiting to receive BPDU packets that may tell the port to go
back to the blocking state.
• Learning - the port is adding addresses to its forwarding database, but not yet
forwarding packets.
• Forwarding - the port is forwarding packets.
• Disabled - the port only responds to network management messages and must
return to the blocking state first.
90 GE-DSH-73/DSH-82 and DSH-82-PoE User Manual
Chapter 5: Web-Based Management
A port transitions from one state to another as follows:
• From initialization (switch boot) to blocking.
• From blocking to listening or to disabled.
• From listening to learning or to disabled.
• From learning to forwarding or to disabled.
• From forwarding to disabled.
• From disabled to blocking.
Figure 5-38: STP Port State Transitions
You can modify each port state by using management software. When you enable
STP, every port on every switch in the network goes through the blocking state and
then transitions through the states of listening and learning at power up. If properly
configured, each port stabilizes to the forwarding or blocking state. No packets
(except BPDUs) are forwarded from, or received by, STP enabled ports until the
forwarding state is enabled for that port.
GE-DSH-73/DSH-82 and DSH-82-PoE User Manual 91
Chapter 5: Web-Based Management
RSTP Parameters
RSTP Operation Levels
The Switch allows for two levels of operation: the switch level and the port level. The
switch level forms a spanning tree consisting of links between one or more switches.
The port level constructs a spanning tree consisting of groups of one or more ports.
The STP operates in much the same way for both levels.
NOTE: On the switch level, RSTP calculates the Bridge Identifier for each switch and
then sets the Root Bridge and the Designated Bridges.
On the port level, RSTP sets the Root Port and the Designated Ports.
The following are the user-configurable STP parameters for the switch level:
Parameter Description Default Value
Bridge Identifier (Not user
configurable except by
setting priority below)
Priority A relative priority for each switch – lower
Hello Time The length of time between broadcasts of
Maximum Age Timer Measures the age of a received BPDU for
Forward Delay Timer The amount time spent by a port in the
A combination of the User-set priority and
the switch’s MAC address.
The Bridge Identifier consists of two parts:
a 16-bit priority and a 48-bit Ethernet
MAC address 32768 + MAC
numbers give a higher priority and a
greater chance of a given switch being
elected as the root bridge
the hello message by the switch
a port and ensures that the BPDU is
discarded when its age exceeds the value
of the maximum age timer.
learning and listening states waiting for a
BPDU that may return the port to the
blocking state.
32768 + MAC
32768
2 seconds
20 seconds
15 seconds
92 GE-DSH-73/DSH-82 and DSH-82-PoE User Manual
Chapter 5: Web-Based Management
The following are the user-configurable STP parameters for the port or port group
level:
Variable Description Default Value
Port Priority A relative priority for each port –lower
numbers give a higher priority and a
greater chance of a given port being
elected as the root port
Port Cost A value used by STP to evaluate paths
– STP calculates path costs and selects
the path with the minimum cost as the
active path
Default Spanning-Tree Configuration
Feature Default Value
Enable state STP disabled for all ports
Port priority 128
Port cost 0
Bridge Priority 32,768
128
200,000-100Mbps Fast Ethernet
ports
20,000-1000Mbps Gigabit
Ethernet ports
0 - Auto
User-Changeable STA Parameters
The Switch’s factory default setting should cover the majority of installations.
However, it is advisable to keep the default settings as set at the factory; unless, it is
absolutely necessary. The user changeable parameters in the Switch are as follows:
Priority – A Priority for the switch can be set from 0 to 65535. 0 is equal to the highest
Priority.
Hello Time – The Hello Time can be from 1 to 10 seconds. This is the interval between
two transmissions of BPDU packets sent by the Root Bridge to tell all other Switches
that it is indeed the Root Bridge. If you set a Hello Time for your Switch, and it is not
the Root Bridge, the set Hello Time will be used if and when your Switch becomes the
Root Bridge.
GE-DSH-73/DSH-82 and DSH-82-PoE User Manual 93
Chapter 5: Web-Based Management
NOTE: The Hello Time cannot be longer than the Max. Age. Otherwise, a configuration
error will occur.
Max. Age – The Max Age can be from 6 to 40 seconds. At the end of the Max Age, if a
BPDU has still not been received from the Root Bridge, your Switch will start sending
its own BPDU to all other Switches for permission to become the Root Bridge. If it
turns out that your Switch has the lowest Bridge Identifier, it will become the Root
Bridge.
Forward Delay Timer – The Forward Delay can be from 4 to 30 seconds. This is the
time any port on the Switch spends in the listening state while moving from the
blocking state to the forwarding state.
NOTE: Observe the following formulas when setting the above parameters:
Max. Age _ 2 x (Forward Delay - 1 second)
Max. Age _ 2 x (Hello Time + 1 second)
Port Priority – A Port Priority can be from 0 to 240. The lower the number, the greater
the probability the port will be chosen as the Root Port.
Port Cost – A Port Cost can be set from 0 to 200000000. The lower the number, the
greater the probability the port will be chosen to forward packets.
Illustration of STP
A simple illustration of three switches connected in a loop is depicted in the below
diagram. In this example, you can anticipate some major network problems if the STP
assistance is not applied.
If switch A broadcasts a packet to switch B, switch B will broadcast it to switch C, and
switch C will broadcast it to back to switch A and so on. The broadcast packet will be
passed indefinitely in a loop, potentially causing a network failure. In this example,
STP breaks the loop by blocking the connection between switch B and C. The decision
to block a particular connection is based on the STP calculation of the most current
Bridge and Port settings.
Now, if switch A broadcasts a packet to switch C, then switch C will drop the packet
at port 2 and the broadcast will end there. Setting-up STP using values other than the
defaults, can be complex. Therefore, you are advised to keep the default factory
settings and STP will automatically assign root bridges/ports and block loop
connections. Influencing STP to choose a particular switch as the root bridge using
94 GE-DSH-73/DSH-82 and DSH-82-PoE User Manual
Chapter 5: Web-Based Management
the Priority setting, or influencing STP to choose a particular port to block using the
Port Priority and Port Cost settings is, however, relatively straight forward.
Figure 5-39: Before Applying the STA Rules
In this example, only the default STP values are used.
Figure 5-40: After Applying the STA Rules
GE-DSH-73/DSH-82 and DSH-82-PoE User Manual 95
Chapter 5: Web-Based Management
The switch with the lowest Bridge ID (switch C) was elected the root bridge, and the
ports were selected to give a high port cost between switches B and C. The two
(optional) Gigabit ports (default port cost = 4) on switch A are connected to one
(optional) Gigabit port on both switch B and C. The redundant link between switch B
and C is deliberately chosen as a 100 Mbps Fast Ethernet link (default port cost = 19).
Gigabit ports could be used, but the port cost should be increased from the default to
ensure that the link between switch B and switch C is the blocked link.
RSTP System Configuration
This section provides RSTP-System Configuration from the Switch, the screen in
Figure 5-41 appears.
• The user can view spanning tree information of Root Bridge.
• The user can modify RSTP state. After modification, click APPLY.
Figure 5-41: RSTP System Configuration interface
96 GE-DSH-73/DSH-82 and DSH-82-PoE User Manual
Loading...